def test_710_003(self):
domain = "a-" + self.test_domain
domainb = "b-" + self.test_domain
# use ACMEv1 initially
TestEnv.set_acme('acmev1')
ca_url = TestEnv.ACME_URL
domains = [domain, "www." + domain]
conf = HttpdConf(local_CA=False,
text="""
ServerAdmin [email protected]
MDCertificateAuthority %s
MDCertificateAgreement accepted
MDMembers auto
""" % (ca_url))
conf.add_md([domain])
conf.add_vhost(domains)
conf.install()
assert TestEnv.apache_restart() == 0
TestEnv.check_md(domains)
assert TestEnv.await_completion([domain])
assert (0, 0) == TestEnv.httpd_error_log_count()
TestEnv.check_md(domains, ca=ca_url)
# use ACMEv2 now, same MD, no CA url
TestEnv.set_acme('acmev2')
# this changes the default CA url
assert TestEnv.ACME_URL_DEFAULT != ca_url
conf = HttpdConf(local_CA=False,
text="""
ServerAdmin [email protected]
MDCertificateAgreement accepted
MDMembers auto
""")
conf.start_md([domain])
conf.end_md()
conf.start_md2([domainb])
# this willg get the reald Let's Encrypt URL assigned, turn off
# auto renewal, so we will not talk to them
conf.add_line("MDRenewMode manual")
conf.end_md2()
conf.add_vhost(domains)
conf.add_vhost(domainb)
conf.install()
assert TestEnv.apache_restart() == 0
assert (0, 0) == TestEnv.httpd_error_log_count()
# the existing MD was migrated to new CA url
TestEnv.check_md(domains, ca=TestEnv.ACME_URL_DEFAULT)
# the new MD got the new default anyway
TestEnv.check_md([domainb], ca=TestEnv.ACME_URL_DEFAULT)
def test_300_015(self):
HttpdConf(text="""
MDPrivateKeys Default
MDPrivateKeys RSA
MDPrivateKeys RSA 2048
MDPrivateKeys RSA 3072
MDPrivateKeys RSA 4096
""").install()
assert TestEnv.apache_restart() == 0
assert (0, 0) == TestEnv.httpd_error_log_count()
def test_300_014(self):
HttpdConf(text="""
MDomain %s www.example2.org
<VirtualHost *:12346>
ServerName www.example2.org
</VirtualHost>
""" % (TestEnv.HOSTNAME)).install()
assert TestEnv.apache_restart() == 0
assert (0, 0) == TestEnv.httpd_error_log_count()
def test_300_012(self):
HttpdConf(text="""
MDomain example012.org www.example012.org
<VirtualHost *:12346>
ServerName not-forbidden.org
ServerAlias test3.not-forbidden.org
</VirtualHost>
""").install()
assert TestEnv.apache_restart() == 0
assert (0, 1) == TestEnv.httpd_error_log_count()
def test_300_013(self):
HttpdConf(text="""
MDomain example2.org test-a.example2.org test-b.example2.org
<VirtualHost *:12346>
ServerName test-a.example2.org
</VirtualHost>
<VirtualHost *:12346>
ServerName test-b.example2.org
</VirtualHost>
""").install()
assert TestEnv.apache_restart() == 0
assert (0, 0) == TestEnv.httpd_error_log_count()
def test_300_011(self):
HttpdConf(text="""
MDomain not-forbidden.org manual www.not-forbidden.org mail.not-forbidden.org test3.not-forbidden.org
<VirtualHost *:%s>
ServerName not-forbidden.org
ServerAlias test3.not-forbidden.org
ServerAlias test4.not-forbidden.org
SSLEngine on
</VirtualHost>
""" % (TestEnv.HTTPS_PORT)).install()
assert TestEnv.apache_fail() == 0
assert (1, 0) == TestEnv.httpd_error_log_count()
def test_300_011b(self):
assert TestEnv.apache_stop() == 0
HttpdConf(text="""
MDomain not-forbidden.org auto mail.not-forbidden.org
<VirtualHost *:%s>
ServerName not-forbidden.org
ServerAlias test3.not-forbidden.org
ServerAlias test4.not-forbidden.org
SSLEngine on
</VirtualHost>
""" % TestEnv.HTTPS_PORT).install()
assert TestEnv.apache_restart() == 0
assert (0, 0) == TestEnv.httpd_error_log_count()
def test_300_021(self):
HttpdConf(text="""
MDMembers manual
MDomain secret.com
<VirtualHost *:12344>
ServerName not.secret.com
ServerAlias secret.com
SSLEngine on
</VirtualHost>
""").install()
assert TestEnv.apache_fail() == 0
assert (1, 0) == TestEnv.httpd_error_log_count()
assert TestEnv.httpd_error_log_scan(
re.compile(
".*Virtual Host not.secret.com:0 matches Managed Domain 'secret.com', but the name/alias not.secret.com itself is not managed. A requested MD certificate will not match ServerName.*"
))
