def test_validate_certificate_not_yet_valid(ca: CertificateAuthority) -> None:
with on_time(time() + 24 * 3600, "UTC"):
cert, _priv_key = ca._certificate_from_root("abc123")
with pytest.raises(
CertificateValidationError,
match="Client certificate not yet valid",
):
_validate_certificate(cert)
def test_validate_certificate_expired(ca: CertificateAuthority) -> None:
ca._days_valid = 1
with on_time(1638174087, "UTC"):
cert, _priv_key = ca._certificate_from_root("abc123")
with pytest.raises(
CertificateValidationError,
match="Client certificate expired",
):
_validate_certificate(cert)
def fixture_untrusted_cert(tmp_path: Path) -> Certificate:
ca2 = CertificateAuthority(tmp_path / "ca-2", "test-ca-2")
ca2.initialize()
cert, _priv_key = ca2._certificate_from_root("abc123")
return cert
def fixture_trusted_cert(ca: CertificateAuthority) -> Certificate:
cert, _priv_key = ca._certificate_from_root("abc123")
return cert