def test_get_chain_with_cafile(opt_adcs, opt_username, opt_password, opt_cafile): if not opt_cafile: pytest.skip("No CA bundle configured") os.environ['SSL_CERT_FILE'] = './fakepath' pem_chain = certsrv.get_chain(opt_adcs, opt_username, opt_password, 'b64', cafile=opt_cafile) # pyOpenSSL does not have an option to parse PKCS#7, # so we just check that it is the right encoding assert '-----BEGIN CERTIFICATE-----' in pem_chain
def test_get_chain_with_ntlm(opt_adcs, opt_username, opt_password): pem_chain = certsrv.get_chain(opt_adcs, opt_username, opt_password, 'b64', auth_method='ntlm') # pyOpenSSL does not have an option to parse PKCS#7, # so we just check that it is the right encoding assert b'-----BEGIN CERTIFICATE-----' in pem_chain
def test_get_chain_with_wrong_cafile(opt_adcs): dir_path = os.path.dirname(os.path.realpath(__file__)) ca_bundle = '%s/test_dummy-ca-cert.pem' % dir_path with pytest.raises(URLError) as excinfo: certsrv.get_chain(opt_adcs, 'username', 'password', cafile=ca_bundle) assert excinfo.value.reason.reason == 'CERTIFICATE_VERIFY_FAILED'
def test_get_chain_der(opt_adcs, opt_username, opt_password): der_chain = certsrv.get_chain(opt_adcs, opt_username, opt_password) # pyOpenSSL does not have an option to parse PKCS#7, # so we just check that it is the right encoding assert '-----BEGIN CERTIFICATE-----' not in der_chain
def test_get_chain_with_wrong_cafile(opt_adcs): dir_path = os.path.dirname(os.path.realpath(__file__)) ca_bundle = '%s/test_dummy-ca-cert.pem' % dir_path with pytest.raises(SSLError) as excinfo: certsrv.get_chain(opt_adcs, 'username', 'password', cafile=ca_bundle)