def test_702_031(self): domain = self.test_domain nameX = "test-x." + domain nameA = "test-a." + domain nameB = "test-b." + domain nameC = "test-c." + domain domains = [nameX, nameA, nameB] # # generate 1 MD and 2 vhosts conf = HttpdConf() conf.add_admin("admin@" + domain) conf.add_md(domains) conf.add_vhost(nameA) conf.add_vhost(nameB) conf.install() # # restart (-> drive), check that MD was synched and completes assert TestEnv.apache_restart() == 0 TestEnv.check_md(domains) assert TestEnv.await_completion([nameX]) TestEnv.check_md_complete(nameX) # # check: SSL is running OK certA = TestEnv.get_cert(nameA) assert nameA in certA.get_san_list() certB = TestEnv.get_cert(nameB) assert nameB in certB.get_san_list() assert certA.get_serial() == certB.get_serial() # # change MD by removing 1st name and adding another new_list = [nameA, nameB, nameC] conf = HttpdConf() conf.add_admin("admin@" + domain) conf.add_md(new_list) conf.add_vhost(nameA) conf.add_vhost(nameB) conf.install() # restart, check that host still works and have new cert assert TestEnv.apache_restart() == 0 TestEnv.check_md(new_list, md=nameX) assert TestEnv.await_completion([nameA]) # certA2 = TestEnv.get_cert(nameA) assert nameA in certA2.get_san_list() assert certA.get_serial() != certA2.get_serial()
def test_700_009(self): domain = "test700-009-" + TestAuto.dns_uniq dns_list = [domain] # prepare md conf = HttpdConf(TestAuto.TMP_CONF) conf.add_admin("admin@" + domain) conf.add_drive_mode("auto") conf.add_renew_window("10d") conf.add_md(dns_list) conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=[], withSSL=True) conf.install() # restart (-> drive), check that md+cert is in store, TLS is up assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain]) self._check_md_cert(dns_list) cert1 = CertUtil(TestEnv.path_domain_pubcert(domain)) # fetch cert from server cert2 = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domain) assert cert1.get_serial() == cert2.get_serial() # create self-signed cert, with critical remaining valid duration -> drive again CertUtil.create_self_signed_cert([domain], { "notBefore": -120, "notAfter": 2 }, serial=7009) cert3 = CertUtil(TestEnv.path_domain_pubcert(domain)) assert cert3.get_serial() == 7009 time.sleep(1) assert TestEnv.a2md(["list", domain])['jout']['output'][0]['renew'] == True assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain]) time.sleep(5) # restart -> new ACME cert becomes active assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain]) cert5 = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domain) assert cert5.get_serial() != cert3.get_serial()
def setup_class(cls): print("setup_class:%s" % cls.__name__) TestEnv.init() TestEnv.clear_store() TestEnv.check_acme() cls.domain = TestEnv.get_class_domain(cls) cls.configure_httpd(cls.domain) assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([cls.domain])
def test_700_032(self): domain = self.test_domain name1 = "server1." + domain name2 = "server2.b" + domain # need a separate TLD to avoid rate limites # generate 2 MDs and 2 vhosts conf = HttpdConf() conf.add_admin( "admin@" + domain ) conf._add_line( "MDMembers auto" ) conf.add_md( [ name1 ] ) conf.add_md( [ name2 ] ) conf.add_vhost( TestEnv.HTTPS_PORT, name1, aliasList=[], docRoot="htdocs/a") conf.add_vhost( TestEnv.HTTPS_PORT, name2, aliasList=[], docRoot="htdocs/b") conf.install() # restart (-> drive), check that MD was synched and completes assert TestEnv.apache_restart() == 0 TestEnv.check_md( name1, [ name1 ] ) TestEnv.check_md( name2, [ name2 ] ) assert TestEnv.await_completion( [ name1, name2 ] ) TestEnv.check_md_complete(name2) # check: SSL is running OK cert1 = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, name1) assert name1 in cert1.get_san_list() cert2 = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, name2) assert name2 in cert2.get_san_list() # remove second md and vhost, add name2 to vhost1 conf = HttpdConf() conf.add_admin( "admin@" + domain ) conf._add_line( "MDMembers auto" ) conf.add_md( [ name1 ] ) conf.add_vhost( TestEnv.HTTPS_PORT, name1, aliasList=[ name2 ], docRoot="htdocs/a") conf.install() assert TestEnv.apache_restart() == 0 TestEnv.check_md( name1, [ name1, name2 ] ) assert TestEnv.await_completion( [ name1 ] ) cert1b = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, name1) assert name1 in cert1b.get_san_list() assert name2 in cert1b.get_san_list() assert cert1.get_serial() != cert1b.get_serial()
def test_702_032(self): domain = self.test_domain name1 = "server1." + domain name2 = "server2.b" + domain # need a separate TLD to avoid rate limites # # generate 2 MDs and 2 vhosts conf = HttpdConf() conf.add_admin("admin@" + domain) conf._add_line("MDMembers auto") conf.add_md([name1]) conf.add_md([name2]) conf.add_vhost(name1) conf.add_vhost(name2) conf.install() # # restart (-> drive), check that MD was synched and completes assert TestEnv.apache_restart() == 0 TestEnv.check_md([name1]) TestEnv.check_md([name2]) assert TestEnv.await_completion([name1, name2]) TestEnv.check_md_complete(name2) # # check: SSL is running OK cert1 = TestEnv.get_cert(name1) assert name1 in cert1.get_san_list() cert2 = TestEnv.get_cert(name2) assert name2 in cert2.get_san_list() # # remove second md and vhost, add name2 to vhost1 conf = HttpdConf() conf.add_admin("admin@" + domain) conf._add_line("MDMembers auto") conf.add_md([name1]) conf.add_vhost([name1, name2]) conf.install() assert TestEnv.apache_restart() == 0 TestEnv.check_md([name1, name2]) assert TestEnv.await_completion([name1]) # cert1b = TestEnv.get_cert(name1) assert name1 in cert1b.get_san_list() assert name2 in cert1b.get_san_list() assert cert1.get_serial() != cert1b.get_serial()
def test_702_030(self): domain = self.test_domain nameX = "test-x." + domain nameA = "test-a." + domain nameB = "test-b." + domain dns_list = [nameX, nameA, nameB] # generate 1 MD and 2 vhosts conf = HttpdConf() conf.add_admin("admin@" + domain) conf.add_md(dns_list) conf.add_vhost(TestEnv.HTTPS_PORT, nameA, aliasList=[], docRoot="htdocs/a") conf.add_vhost(TestEnv.HTTPS_PORT, nameB, aliasList=[], docRoot="htdocs/b") conf.install() # restart (-> drive), check that MD was synched and completes assert TestEnv.apache_restart() == 0 TestEnv.check_md(nameX, dns_list) assert TestEnv.await_completion([nameX]) TestEnv.check_md_complete(nameX) # check: SSL is running OK certA = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, nameA) assert nameA in certA.get_san_list() certB = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, nameB) assert nameB in certB.get_san_list() assert certA.get_serial() == certB.get_serial() # change MD by removing 1st name new_list = [nameA, nameB] conf = HttpdConf() conf.add_admin("admin@" + domain) conf.add_md(new_list) conf.add_vhost(TestEnv.HTTPS_PORT, nameA, aliasList=[], docRoot="htdocs/a") conf.add_vhost(TestEnv.HTTPS_PORT, nameB, aliasList=[], docRoot="htdocs/b") conf.install() # restart, check that host still works and kept the cert assert TestEnv.apache_restart() == 0 TestEnv.check_md(nameX, new_list) status = TestEnv.get_certificate_status(nameA) assert status['serial'] == certA.get_serial()
def test_702_050(self): domain = self.test_domain conf = HttpdConf() conf.add_line(""" MDBaseServer on ServerAdmin admin@%s ServerName %s """ % (domain, domain)) conf.add_md([domain]) conf.install() assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain])
def test_710_003(self): domain = "a-" + self.test_domain domainb = "b-" + self.test_domain # use ACMEv1 initially TestEnv.set_acme('acmev1') ca_url = TestEnv.ACME_URL dnsList = [domain, "www." + domain] conf = HttpdConf() conf.clear() conf.add_admin("*****@*****.**") conf.add_line("MDCertificateAgreement accepted") conf.add_line("MDMembers auto") conf.start_md([domain]) conf.add_line("MDCertificateAuthority %s" % (ca_url)) conf.end_md() conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=dnsList[1:]) conf.install() assert TestEnv.apache_restart() == 0 TestEnv.check_md(domain, dnsList) assert TestEnv.await_completion([domain]) assert (0, 0) == TestEnv.apache_err_count() TestEnv.check_md(domain, dnsList, ca=ca_url) # use ACMEv2 now, same MD, no CA url TestEnv.set_acme('acmev2') # this changes the default CA url assert TestEnv.ACME_URL_DEFAULT != ca_url conf = HttpdConf() conf.clear() conf.add_admin("*****@*****.**") conf.add_line("MDCertificateAgreement accepted") conf.add_line("MDMembers auto") conf.start_md([domain]) conf.end_md() conf.start_md([domainb]) # this willg get the reald Let's Encrypt URL assigned, turn off # auto renewal, so we will not talk to them conf.add_line("MDDriveMode manual") conf.end_md() conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=dnsList[1:]) conf.add_vhost(TestEnv.HTTPS_PORT, domainb, aliasList=[]) conf.install() assert TestEnv.apache_restart() == 0 assert (0, 0) == TestEnv.apache_err_count() # the existing MD was migrated to new CA url TestEnv.check_md(domain, dnsList, ca=TestEnv.ACME_URL_DEFAULT) # the new MD got the new default anyway TestEnv.check_md(domainb, [domainb], ca=TestEnv.ACME_URL_DEFAULT)
def test_900_002(self): domain = TestNotify.domain command = "%s/notifail.py" % (TestEnv.TESTROOT) args = "" TestNotify.configure_httpd( domain, """ MDNotifyCmd %s %s """ % (command, args)) assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain], restart=False) stat = TestEnv.get_md_status(domain) assert stat["renewal"]["last"][ "problem"] == "urn:org:apache:httpd:log:AH10108:"
def setup_class(cls): print("setup_class:%s" % cls.__name__) TestEnv.init() TestEnv.clear_store() TestEnv.check_acme() cls.domain = TestEnv.get_class_domain(cls) cls.mdA = "a-" + cls.domain cls.mdB = "b-" + cls.domain cls.configure_httpd([cls.mdA, cls.mdB]).install() assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([cls.mdA, cls.mdB]) TestEnv.check_md_complete(cls.mdA) TestEnv.check_md_complete(cls.mdB)
def test_702_009(self): domain = self.test_domain domains = [domain] # # prepare md conf = HttpdConf() conf.add_admin("admin@" + domain) conf.add_drive_mode("auto") conf.add_renew_window("10d") conf.add_md(domains) conf.add_vhost(domain) conf.install() # # restart (-> drive), check that md+cert is in store, TLS is up assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain]) TestEnv.check_md_complete(domain) cert1 = CertUtil(TestEnv.store_domain_file(domain, 'pubcert.pem')) # compare with what md reports as status stat = TestEnv.get_certificate_status(domain) assert stat['serial'] == cert1.get_serial() # # create self-signed cert, with critical remaining valid duration -> drive again CertUtil.create_self_signed_cert([domain], { "notBefore": -120, "notAfter": 2 }, serial=7029) cert3 = CertUtil(TestEnv.store_domain_file(domain, 'pubcert.pem')) assert cert3.get_serial() == '1B75' assert TestEnv.apache_restart() == 0 stat = TestEnv.get_certificate_status(domain) assert stat['serial'] == cert3.get_serial() # # cert should renew and be different afterwards assert TestEnv.await_completion([domain], must_renew=True) stat = TestEnv.get_certificate_status(domain) assert stat['serial'] != cert3.get_serial()
def test_920_003(self): # test if switching it off works domain = self.test_domain domains = [domain] conf = HttpdConf() conf.add_admin("*****@*****.**") conf.add_md(domains) conf.add_line("MDCertificateStatus off") conf.add_vhost(domain) conf.install() assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain], restart=False) status = TestEnv.get_certificate_status(domain) assert not status
def test_700_003(self): domain = "test700-003-" + TestAuto.dns_uniq nameA = "test-a." + domain nameB = "test-b." + domain dns_list = [domain, nameA, nameB] # generate 1 MD and 2 vhosts conf = HttpdConf(TestAuto.TMP_CONF) conf.add_admin("admin@" + domain) conf.add_md(dns_list) conf.add_vhost(TestEnv.HTTPS_PORT, nameA, aliasList=[], docRoot="htdocs/a", withSSL=True, certPath=TestEnv.path_domain_pubcert(domain), keyPath=TestEnv.path_domain_privkey(domain)) conf.add_vhost(TestEnv.HTTPS_PORT, nameB, aliasList=[], docRoot="htdocs/b", withSSL=True, certPath=TestEnv.path_domain_pubcert(domain), keyPath=TestEnv.path_domain_privkey(domain)) conf.install() # create docRoot folder self._write_res_file(os.path.join(TestEnv.APACHE_HTDOCS_DIR, "a"), "name.txt", nameA) self._write_res_file(os.path.join(TestEnv.APACHE_HTDOCS_DIR, "b"), "name.txt", nameB) # restart (-> drive), check that MD was synched and completes assert TestEnv.apache_restart() == 0 self._check_md_names(domain, dns_list) assert TestEnv.await_completion([domain]) self._check_md_cert(dns_list) # check: SSL is running OK certA = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, nameA) assert nameA in certA.get_san_list() certB = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, nameB) assert nameB in certB.get_san_list() assert certA.get_serial() == certB.get_serial() assert TestEnv.get_content(nameA, "/name.txt") == nameA assert TestEnv.get_content(nameB, "/name.txt") == nameB
def test_700_008a(self): domain = self.test_domain domains = [domain] conf = HttpdConf() conf.add_admin("admin@" + domain) conf.add_drive_mode("always") conf.add_http_proxy("http://localhost:%s" % TestEnv.HTTP_PROXY_PORT) conf.add_md(domains) conf.install() # # - restart (-> drive), check that md is in store assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain]) assert TestEnv.apache_restart() == 0 TestEnv.check_md_complete(domain)
def test_700_008a(self): domain = "test700-008a-" + TestAuto.dns_uniq dns_list = [ domain ] conf = HttpdConf( TestAuto.TMP_CONF ) conf.add_admin( "admin@" + domain ) conf.add_drive_mode( "always" ) conf.add_http_proxy( "http://localhost:%s" % TestEnv.HTTP_PROXY_PORT) conf.add_md( dns_list ) conf.install() # - restart (-> drive), check that md is in store assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion( [ domain ] ) assert TestEnv.apache_restart() == 0 self._check_md_cert( dns_list )
def test_900_011(self): domain = TestNotify.domain command = TestNotify.notify_cmd args = TestNotify.notify_log extra_arg = "test_900_011_extra" TestNotify.configure_httpd( domain, """ MDNotifyCmd %s %s %s """ % (command, args, extra_arg)) assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain], restart=False) stat = TestEnv.get_md_status(domain) assert stat["renewal"]["last"]["status"] == 0 nlines = open(TestNotify.notify_log).readlines() assert ("['%s', '%s', '%s', '%s']" % (command, args, extra_arg, domain)) == nlines[0].strip()
def test_702_052(self): domain = self.test_domain conf = HttpdConf() conf.add_line(""" MDBaseServer on MDPortMap http:- Protocols h2 http/1.1 acme-tls/1 ServerAdmin admin@%s ServerName %s """ % (domain, domain)) conf.add_md([domain]) conf.install() assert TestEnv.apache_restart() == 0 stat = TestEnv.get_md_status(domain) assert stat["proto"]["acme-tls/1"] == [domain] assert TestEnv.await_completion([domain])
def test_901_001(self): domain = self.test_domain domains = [domain, "www." + domain] conf = HttpdConf() conf.add_admin("*****@*****.**") conf.add_message_cmd("blablabla") conf.add_drive_mode("auto") conf.add_md(domains) conf.add_vhost(domains) conf.install() assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain], restart=False) stat = TestEnv.get_md_status(domain) # this command should have failed and logged an error assert stat["renewal"]["last"][ "problem"] == "urn:org:apache:httpd:log:AH10109:"
def test_8001(self): domain = self.test_domain dns_list = [domain] conf = HttpdConf(TestAuto.TMP_CONF) conf.add_admin("admin@" + domain) conf.add_md(dns_list) conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=[], withSSL=True) conf.install() # - restart (-> drive), check that md is in store assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain]) assert TestEnv.apache_restart() == 0 self._check_md_cert(dns_list) cert1 = CertUtil(TestEnv.path_domain_pubcert(domain)) assert not cert1.get_must_staple()
def test_8001(self): domain = self.test_domain dns_list = [domain] conf = HttpdConf() conf.add_admin("admin@" + domain) conf.add_md(dns_list) conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=[]) conf.install() # - restart (-> drive), check that md is in store assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain]) assert TestEnv.apache_restart() == 0 TestEnv.check_md_complete(domain) cert1 = CertUtil(TestEnv.store_domain_file(domain, 'pubcert.pem')) assert not cert1.get_must_staple()
def test_7007(self): domain = self.test_domain dns_list = [ domain ] conf = HttpdConf( TestAuto.TMP_CONF ) conf.add_admin( "admin@" + domain ) conf.add_drive_mode( "always" ) conf.add_must_staple( "on" ) conf.add_md( dns_list ) conf.install() # - restart (-> drive), check that md is in store assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion( [ domain ], 30 ) assert TestEnv.apache_restart() == 0 self._check_md_cert( dns_list ) cert1 = CertUtil( TestEnv.path_domain_pubcert(domain) ) assert cert1.get_must_staple()
def test_9001(self): domain = ("%s-" % self.test_n) + TestAuto.dns_uniq # generate config with two MDs dnsList = [ domain, "www." + domain ] conf = HttpdConf( TestAuto.TMP_CONF ) conf.add_admin( "*****@*****.**" ) conf.add_notify_cmd( "blablabla" ) conf.add_drive_mode( "auto" ) conf.add_md( dnsList ) conf.add_vhost( TestEnv.HTTPS_PORT, domain, aliasList=[ dnsList[1] ], withSSL=True ) conf.install() # restart, and retrieve cert assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion( [ domain ] ) # this command should have failed and logged an error assert (1, 0) == TestEnv.apache_err_total()
def test_700_002(self): domain = "test700-002-" + TestAuto.dns_uniq domainA = "a-" + domain domainB = "b-" + domain # generate config with two MDs dnsListA = [domainA, "www." + domainA] dnsListB = [domainB, "www." + domainB] conf = HttpdConf(TestAuto.TMP_CONF) conf.add_admin("*****@*****.**") conf.add_drive_mode("auto") conf.add_md(dnsListA) conf.add_md(dnsListB) conf.add_vhost(TestEnv.HTTPS_PORT, domainA, aliasList=[dnsListA[1]], withSSL=True) conf.add_vhost(TestEnv.HTTPS_PORT, domainB, aliasList=[dnsListB[1]], withSSL=True) conf.install() # restart, check that md is in store assert TestEnv.apache_restart() == 0 self._check_md_names(domainA, dnsListA) self._check_md_names(domainB, dnsListB) # await drive completion assert TestEnv.await_completion([domainA, domainB]) self._check_md_cert(dnsListA) self._check_md_cert(dnsListB) # check: SSL is running OK certA = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domainA) assert dnsListA == certA.get_san_list() certB = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domainB) assert dnsListB == certB.get_san_list() # should have a single account now assert 1 == len(TestEnv.list_accounts())
def test_700_001(self): domain = "test700-001-" + TestAuto.dns_uniq # generate config with one MD dns_list = [domain, "www." + domain] conf = HttpdConf(TestAuto.TMP_CONF) conf.add_admin("admin@" + domain) conf.add_drive_mode("auto") conf.add_md(dns_list) conf.install() # restart, check that MD is synched to store assert TestEnv.apache_restart() == 0 self._check_md_names(domain, dns_list) time.sleep(2) # assert drive did not start md = TestEnv.a2md(["-j", "list", domain])['jout']['output'][0] assert md['state'] == TestEnv.MD_S_INCOMPLETE assert 'account' not in md['ca'] assert TestEnv.apache_err_scan( re.compile('.*\[md:debug\].*no mds to auto drive')) # add vhost for MD, restart should drive it conf.add_vhost(TestEnv.HTTPS_PORT, domain, aliasList=[dns_list[1]], withSSL=True) conf.install() assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain]) self._check_md_cert(dns_list) cert = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domain) assert domain in cert.get_san_list() # challenges should have been removed TestEnv.check_dir_empty(TestEnv.path_challenges()) # file system needs to have correct permissions TestEnv.check_file_permissions(domain)
def test_700_030(self): domain = self.test_domain nameX = "x." + domain nameA = "a." + domain nameB = "b." + domain domains = [nameX, nameA, nameB] # # generate 1 MD and 2 vhosts conf = HttpdConf() conf.add_admin("admin@" + domain) conf.add_md(domains) conf.add_vhost(nameA) conf.add_vhost(nameB) conf.install() # # restart (-> drive), check that MD was synched and completes assert TestEnv.apache_restart() == 0 TestEnv.check_md(domains) assert TestEnv.await_completion([nameX]) TestEnv.check_md_complete(nameX) # # check: SSL is running OK certA = TestEnv.get_cert(nameA) assert nameA in certA.get_san_list() certB = TestEnv.get_cert(nameB) assert nameB in certB.get_san_list() assert certA.get_serial() == certB.get_serial() # # change MD by removing 1st name new_list = [nameA, nameB] conf = HttpdConf() conf.add_admin("admin@" + domain) conf.add_md(new_list) conf.add_vhost(nameA) conf.add_vhost(nameB) conf.install() # restart, check that host still works and have same cert assert TestEnv.apache_restart() == 0 TestEnv.check_md(new_list, md=nameX) status = TestEnv.get_certificate_status(nameA) assert status['serial'] == certA.get_serial()
def test_7020(self): domain = ("%s-" % self.test_n) + TestAuto.dns_uniq # generate config with two MDs dnsList = [ domain, "www." + domain ] conf = HttpdConf( TestAuto.TMP_CONF ) conf.add_admin( "*****@*****.**" ) conf._add_line( "MDNotifyCmd blablabla" ) conf.add_drive_mode( "auto" ) conf.add_md( dnsList ) conf.add_vhost( TestEnv.HTTPS_PORT, domain, aliasList=[ dnsList[1] ], withSSL=True ) conf.install() # restart, check that md is in store assert TestEnv.apache_restart() == 0 self._check_md_names( domain, dnsList ) # await drive completion assert TestEnv.await_completion( [ domain ], 30 ) self._check_md_cert(dnsList) # this command should have failed and logged an error assert (1, 0) == TestEnv.apache_err_total()
def test_901_020(self): domain = self.test_domain domains = [domain] conf = HttpdConf() conf.add_admin("*****@*****.**") conf.add_message_cmd("%s %s" % (self.mcmd, self.mlog)) conf.add_drive_mode("auto") conf.add_md(domains) conf.add_line("MDStapling on") conf.add_vhost(domains) conf.install() assert TestEnv.apache_restart() == 0 assert TestEnv.await_completion([domain]) stat = TestEnv.await_ocsp_status(domain) assert os.path.isfile(self.mlog) nlines = open(self.mlog).readlines() assert 2 == len(nlines) assert ("['%s', '%s', 'renewed', '%s']" % (self.mcmd, self.mlog, domain)) == nlines[0].strip() assert ("['%s', '%s', 'ocsp-renewed', '%s']" % (self.mcmd, self.mlog, domain)) == nlines[1].strip()
def test_700_004(self, challengeType): domain = "test700-004-" + TestAuto.dns_uniq dns_list = [ domain, "www." + domain ] # generate 1 MD and 1 vhost conf = HttpdConf( TestAuto.TMP_CONF ) conf.add_admin( "admin@" + domain ) conf.add_drive_mode( "auto" ) conf.add_ca_challenges( [ challengeType ] ) conf.add_md( dns_list ) conf.add_vhost( TestEnv.HTTPS_PORT, domain, aliasList=[ dns_list[1] ], withSSL=True ) conf.install() # restart (-> drive), check that MD was synched and completes assert TestEnv.apache_restart() == 0 self._check_md_names(domain, dns_list) assert TestEnv.await_completion( [ domain ] ) self._check_md_cert(dns_list) # check SSL running OK cert = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domain) assert domain in cert.get_san_list()
def test_700_004(self, challengeType): # generate 1 MD and 1 vhost domain = self.test_domain domains = [domain, "www." + domain] conf = HttpdConf() conf.add_admin("admin@" + domain) conf.add_line("Protocols http/1.1 acme-tls/1") conf.add_drive_mode("auto") conf.add_ca_challenges([challengeType]) conf.add_md(domains) conf.add_vhost(domains) conf.install() # # restart (-> drive), check that MD was synched and completes assert TestEnv.apache_restart() == 0 TestEnv.check_md(domains) assert TestEnv.await_completion([domain]) TestEnv.check_md_complete(domain) # # check SSL running OK cert = TestEnv.get_cert(domain) assert domain in cert.get_san_list()
def test_700_004(self, challengeType): # generate 1 MD and 1 vhost domain = self.test_domain dns_list = [ domain, "www." + domain ] conf = HttpdConf() conf.add_admin( "admin@" + domain ) conf.add_line( "Protocols http/1.1 acme-tls/1" ) conf.add_drive_mode( "auto" ) conf.add_ca_challenges( [ challengeType ] ) conf.add_md( dns_list ) conf.add_vhost( TestEnv.HTTPS_PORT, domain, aliasList=[ dns_list[1] ]) conf.install() # restart (-> drive), check that MD was synched and completes assert TestEnv.apache_restart() == 0 TestEnv.check_md(domain, dns_list) assert TestEnv.await_completion( [ domain ] ) TestEnv.check_md_complete(domain) # check SSL running OK cert = CertUtil.load_server_cert(TestEnv.HTTPD_HOST, TestEnv.HTTPS_PORT, domain) assert domain in cert.get_san_list()