def test_710_003(self):
domain = "a-" + self.test_domain
domainb = "b-" + self.test_domain
# use ACMEv1 initially
TestEnv.set_acme('acmev1')
ca_url = TestEnv.ACME_URL
domains = [ domain, "www." + domain ]
conf = HttpdConf()
conf.clear()
conf.add_admin( "*****@*****.**" )
conf.add_line( "MDCertificateAgreement accepted" )
conf.add_line( "MDMembers auto" )
conf.start_md2( [ domain ] )
conf.add_line( "MDCertificateAuthority %s" % (ca_url) )
conf.end_md2()
conf.add_vhost(domains)
conf.install()
assert TestEnv.apache_restart() == 0
TestEnv.check_md( domains )
assert TestEnv.await_completion( [ domain ] )
assert (0, 0) == TestEnv.httpd_error_log_count()
TestEnv.check_md(domains, ca=ca_url)
# use ACMEv2 now, same MD, no CA url
TestEnv.set_acme('acmev2')
# this changes the default CA url
assert TestEnv.ACME_URL_DEFAULT != ca_url
conf = HttpdConf()
conf.clear()
conf.add_admin( "*****@*****.**" )
conf.add_line( "MDCertificateAgreement accepted" )
conf.add_line( "MDMembers auto" )
conf.start_md( [ domain ] )
conf.end_md()
conf.start_md2( [ domainb ] )
# this willg get the reald Let's Encrypt URL assigned, turn off
# auto renewal, so we will not talk to them
conf.add_line( "MDRenewMode manual" )
conf.end_md2()
conf.add_vhost(domains)
conf.add_vhost(domainb)
conf.install()
assert TestEnv.apache_restart() == 0
assert (0, 0) == TestEnv.httpd_error_log_count()
# the existing MD was migrated to new CA url
TestEnv.check_md(domains, ca=TestEnv.ACME_URL_DEFAULT)
# the new MD got the new default anyway
TestEnv.check_md([ domainb ], ca=TestEnv.ACME_URL_DEFAULT)
def test_300_015(self):
HttpdConf(text="""
MDPrivateKeys Default
MDPrivateKeys RSA
MDPrivateKeys RSA 2048
MDPrivateKeys RSA 3072
MDPrivateKeys RSA 4096
""").install()
assert TestEnv.apache_restart() == 0
assert (0, 0) == TestEnv.httpd_error_log_count()
def test_300_014(self):
HttpdConf(text="""
MDomain %s www.example2.org
<VirtualHost *:12346>
ServerName www.example2.org
</VirtualHost>
""" % (TestEnv.HOSTNAME)).install()
assert TestEnv.apache_restart() == 0
assert (0, 0) == TestEnv.httpd_error_log_count()
def test_300_012(self):
HttpdConf(text="""
MDomain example3.org www.example3.org
<VirtualHost *:12346>
ServerName not-forbidden.org
ServerAlias test3.not-forbidden.org
</VirtualHost>
""").install()
assert TestEnv.apache_restart() == 0
assert (0, 1) == TestEnv.httpd_error_log_count()
def test_300_021(self):
HttpdConf(text="""
MDomain secret.com
<VirtualHost *:12344>
ServerName not.secret.com
ServerAlias secret.com
SSLEngine on
</VirtualHost>
""").install()
assert TestEnv.apache_fail() == 0, "Server did start for {}".format(line)
assert (1, 0) == TestEnv.httpd_error_log_count()
assert TestEnv.httpd_error_log_scan( re.compile(".*Virtual Host not.secret.com:0 matches Managed Domain 'secret.com', but the name/alias not.secret.com itself is not managed. A requested MD certificate will not match ServerName.*") )
def test_300_013(self):
HttpdConf(text="""
MDomain example2.org test-a.example2.org test-b.example2.org
<VirtualHost *:12346>
ServerName test-a.example2.org
</VirtualHost>
<VirtualHost *:12346>
ServerName test-b.example2.org
</VirtualHost>
""").install()
assert TestEnv.apache_restart() == 0
assert (0, 0) == TestEnv.httpd_error_log_count()
def test_300_011(self):
HttpdConf(text="""
MDomain not-forbidden.org manual www.not-forbidden.org mail.not-forbidden.org test3.not-forbidden.org
<VirtualHost *:12346>
ServerName not-forbidden.org
ServerAlias test3.not-forbidden.org
ServerAlias test4.not-forbidden.org
</VirtualHost>
""").install()
assert TestEnv.apache_fail() == 0
assert (1, 0) == TestEnv.httpd_error_log_count()
def test_300_011b(self):
assert TestEnv.apache_stop() == 0
HttpdConf(text="""
MDomain not-forbidden.org auto mail.not-forbidden.org
<VirtualHost *:12346>
ServerName not-forbidden.org
ServerAlias test3.not-forbidden.org
ServerAlias test4.not-forbidden.org
</VirtualHost>
""").install()
assert TestEnv.apache_restart() == 0
assert (0, 0) == TestEnv.httpd_error_log_count()
