def test_700_002(self):
domain = "test700-002-" + TestAuto.dns_uniq
domainA = "a-" + domain
domainB = "b-" + domain
# generate config with two MDs
dnsListA = [ domainA, "www." + domainA ]
dnsListB = [ domainB, "www." + domainB ]
conf = HttpdConf( TestAuto.TMP_CONF )
conf.add_admin( "*****@*****.**" )
conf.add_drive_mode( "auto" )
conf.add_md( dnsListA )
conf.add_md( dnsListB )
conf.add_vhost( TestEnv.HTTPS_PORT, domainA, aliasList=[ dnsListA[1] ], withSSL=True )
conf.add_vhost( TestEnv.HTTPS_PORT, domainB, aliasList=[ dnsListB[1] ], withSSL=True )
conf.install()
# restart, check that md is in store
assert TestEnv.apache_restart() == 0
self._check_md_names( domainA, dnsListA )
self._check_md_names( domainB, dnsListB )
# await drive completion
assert TestEnv.await_completion( [ domainA, domainB ] )
self._check_md_cert(dnsListA)
self._check_md_cert(dnsListB)
# check: SSL is running OK
certA = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domainA)
assert dnsListA == certA.get_san_list()
certB = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domainB)
assert dnsListB == certB.get_san_list()
# should have a single account now
assert 1 == len(TestEnv.list_accounts())
def test_700_002(self):
# generate config with two MDs
domain = self.test_domain
domainA = "a-" + domain
domainB = "b-" + domain
domainsA = [domainA, "www." + domainA]
domainsB = [domainB, "www." + domainB]
conf = HttpdConf()
conf.add_admin("*****@*****.**")
conf.add_drive_mode("auto")
conf.add_md(domainsA)
conf.add_md(domainsB)
conf.add_vhost(domainsA)
conf.add_vhost(domainsB)
conf.install()
#
# restart, check that md is in store
assert TestEnv.apache_restart() == 0
TestEnv.check_md(domainsA)
TestEnv.check_md(domainsB)
# await drive completion
assert TestEnv.await_completion([domainA, domainB])
TestEnv.check_md_complete(domainA)
TestEnv.check_md_complete(domainB)
#
# check: SSL is running OK
certA = TestEnv.get_cert(domainA)
assert domainsA == certA.get_san_list()
certB = TestEnv.get_cert(domainB)
assert domainsB == certB.get_san_list()
#
# should have a single account now
assert 1 == len(TestEnv.list_accounts())
def test_710_001(self):
domain = "test710-001-" + TestAuto.dns_uniq
# use ACMEv1 initially
TestEnv.set_acme('acmev1')
# generate config with one MD, restart, gets cert
dns_list = [ domain, "www." + domain ]
conf = HttpdConf( TestAuto.TMP_CONF )
conf.add_admin( "admin@" + domain )
conf.add_md( dns_list )
conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=[ dns_list[1] ], withSSL=True)
conf.install()
assert TestEnv.apache_restart() == 0
assert TestEnv.await_completion([ domain ] )
self._check_md_cert( dns_list )
cert1 = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domain)
assert domain in cert1.get_san_list()
# use ACMEv2 now for everything
TestEnv.set_acme('acmev2')
conf = HttpdConf( TestAuto.TMP_CONF )
conf.add_admin( "admin@" + domain )
conf.add_md( dns_list )
conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=[ dns_list[1] ], withSSL=True)
conf.install()
# restart, gets cert
assert TestEnv.apache_restart() == 0
assert TestEnv.await_completion([ domain ] )
self._check_md_cert( dns_list )
cert2 = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domain)
# should still be the same cert as it remains valid
assert cert1.get_serial() == cert2.get_serial()
# change the MD so that we need a new cert
dns_list = [ domain, "www." + domain, "another." + domain ]
conf = HttpdConf( TestAuto.TMP_CONF )
conf.add_admin( "admin@" + domain )
conf.add_md( dns_list )
conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=[ dns_list[1] ], withSSL=True)
conf.install()
assert TestEnv.apache_restart() == 0
assert TestEnv.await_completion([ domain ] )
self._check_md_cert( dns_list )
cert3 = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domain)
# should no longer the same cert
assert cert1.get_serial() != cert3.get_serial()
# should have a 2 accounts now
assert 2 == len(TestEnv.list_accounts())
def test_710_001(self):
domain = self.test_domain
# use ACMEv1 initially
TestEnv.set_acme('acmev1')
# generate config with one MD, restart, gets cert
dns_list = [domain, "www." + domain]
conf = HttpdConf()
conf.add_admin("admin@" + domain)
conf.add_md(dns_list)
conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=[dns_list[1]])
conf.install()
assert TestEnv.apache_restart() == 0
assert TestEnv.await_completion([domain])
TestEnv.check_md_complete(domain)
cert1 = CertUtil.load_server_cert(TestEnv.HTTPD_HOST,
TestEnv.HTTPS_PORT, domain)
assert domain in cert1.get_san_list()
# use ACMEv2 now for everything
TestEnv.set_acme('acmev2')
conf = HttpdConf()
conf.add_admin("admin@" + domain)
conf.add_md(dns_list)
conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=[dns_list[1]])
conf.install()
# restart, gets cert, should still be the same cert as it remains valid
assert TestEnv.apache_restart() == 0
status = TestEnv.get_certificate_status(domain)
assert status['serial'] == cert1.get_serial()
# change the MD so that we need a new cert
dns_list = [domain, "www." + domain, "another." + domain]
conf = HttpdConf()
conf.add_admin("admin@" + domain)
conf.add_md(dns_list)
conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=[dns_list[1]])
conf.install()
assert TestEnv.apache_restart() == 0
assert TestEnv.await_completion([domain])
# should no longer the same cert
status = TestEnv.get_certificate_status(domain)
assert status['serial'] != cert1.get_serial()
TestEnv.check_md_complete(domain)
# should have a 2 accounts now
assert 2 == len(TestEnv.list_accounts())
def test_710_002(self):
domain = "test710-002-" + TestAuto.dns_uniq
# use ACMEv1 initially
TestEnv.set_acme('acmev1')
domainA = "a-" + domain
domainB = "b-" + domain
# generate config with two MDs
dnsListA = [ domainA, "www." + domainA ]
dnsListB = [ domainB, "www." + domainB ]
conf = HttpdConf( TestAuto.TMP_CONF )
conf.add_admin( "*****@*****.**" )
conf.add_line( "MDMembers auto" )
conf.add_md( [ domainA ] )
conf.add_md( [ domainB ] )
conf.add_vhost( TestEnv.HTTPS_PORT, domainA, aliasList=dnsListA[1:], withSSL=True )
conf.add_vhost( TestEnv.HTTPS_PORT, domainB, aliasList=dnsListB[1:], withSSL=True )
conf.install()
# restart, check that md is in store
assert TestEnv.apache_restart() == 0
self._check_md_names( domainA, dnsListA )
self._check_md_names( domainB, dnsListB )
# await drive completion
assert TestEnv.await_completion( [ domainA, domainB ] )
self._check_md_cert(dnsListA)
self._check_md_cert(dnsListB)
self._check_md_cert( dnsListA )
cert1 = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domainA)
# should have a single account now
assert 1 == len(TestEnv.list_accounts())
# use ACMEv2 now for everything
TestEnv.set_acme('acmev2')
# change the MDs so that we need a new cert
dnsListA = [ domainA, "www." + domainA, "another." + domainA ]
dnsListB = [ domainB, "www." + domainB, "another." + domainB ]
conf = HttpdConf( TestAuto.TMP_CONF )
conf.add_admin( "*****@*****.**" )
conf.add_line( "MDMembers auto" )
conf.add_md( [ domainA ] )
conf.add_md( [ domainB ] )
conf.add_vhost( TestEnv.HTTPS_PORT, domainA, aliasList=dnsListA[1:], withSSL=True )
conf.add_vhost( TestEnv.HTTPS_PORT, domainB, aliasList=dnsListB[1:], withSSL=True )
conf.install()
# restart, gets cert
assert TestEnv.apache_restart() == 0
assert TestEnv.await_completion([ domainA, domainB ] )
self._check_md_names( domainA, dnsListA )
self._check_md_names( domainB, dnsListB )
self._check_md_cert( dnsListA )
cert2 = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domainA)
# should no longer the same cert
assert cert1.get_serial() != cert2.get_serial()
# should have a 2 accounts now
assert 2 == len(TestEnv.list_accounts())
def test_710_002(self):
domain = self.test_domain
# use ACMEv1 initially
TestEnv.set_acme('acmev1')
domainA = "a-" + domain
domainB = "b-" + domain
# generate config with two MDs
domainsA = [ domainA, "www." + domainA ]
domainsB = [ domainB, "www." + domainB ]
conf = HttpdConf()
conf.add_admin( "*****@*****.**" )
conf.add_line( "MDMembers auto" )
conf.add_md( [ domainA ] )
conf.add_md( [ domainB ] )
conf.add_vhost(domainsA)
conf.add_vhost(domainsB)
conf.install()
# restart, check that md is in store
assert TestEnv.apache_restart() == 0
TestEnv.check_md( domainsA )
TestEnv.check_md( domainsB )
# await drive completion
assert TestEnv.await_completion( [ domainA, domainB ] )
TestEnv.check_md_complete(domainsA[0])
TestEnv.check_md_complete(domainsB[0])
cert1 = TestEnv.get_cert(domainA)
# should have a single account now
assert 1 == len(TestEnv.list_accounts())
# use ACMEv2 now for everything
TestEnv.set_acme('acmev2')
# change the MDs so that we need a new cert
domainsA = [ domainA, "www." + domainA, "another." + domainA ]
domainsB = [ domainB, "www." + domainB, "another." + domainB ]
conf = HttpdConf()
conf.add_admin( "*****@*****.**" )
conf.add_line( "MDMembers auto" )
conf.add_md( [ domainA ] )
conf.add_md( [ domainB ] )
conf.add_vhost(domainsA)
conf.add_vhost(domainsB)
conf.install()
# restart, gets cert
assert TestEnv.apache_restart() == 0
assert TestEnv.await_completion([ domainA, domainB ] )
TestEnv.check_md( domainsA )
TestEnv.check_md( domainsB )
TestEnv.check_md_complete(domainsA[0])
cert2 = TestEnv.get_cert(domainA)
# should no longer the same cert
assert cert1.get_serial() != cert2.get_serial()
# should have a 2 accounts now
assert 2 == len(TestEnv.list_accounts())
