def test_creating_cert_from_root_ca():
with root_certificate_authority('root_ca_test') as root_ca:
cert = call('certificate.create', {
'name': 'cert_test',
'signedby': root_ca['id'],
'create_type': 'CERTIFICATE_CREATE_INTERNAL',
**get_cert_params(),
},
job=True)
try:
assert cert['cert_type_internal'] is True, cert
finally:
call('certificate.delete', cert['id'], job=True)
def test_importing_ca():
with root_certificate_authority('root_ca_test') as root_ca:
imported_ca = call(
'certificateauthority.create', {
'certificate': root_ca['certificate'],
'privatekey': root_ca['privatekey'],
'name': 'test_imported_ca',
'create_type': 'CA_CREATE_IMPORTED',
})
try:
assert imported_ca['CA_type_existing'] is True, imported_ca
finally:
call('certificateauthority.delete', imported_ca['id'])
def test_ca_imported_issuer_reported_correctly():
with root_certificate_authority('root_ca_test') as root_ca:
imported_ca = call(
'certificateauthority.create', {
'certificate': root_ca['certificate'],
'privatekey': root_ca['privatekey'],
'name': 'test_imported_ca',
'create_type': 'CA_CREATE_IMPORTED',
})
try:
assert imported_ca['issuer'] == 'external', imported_ca
finally:
call('certificateauthority.delete', imported_ca['id'])
def test_ca_intermediate_issuer_reported_correctly():
with root_certificate_authority('root_ca_test') as root_ca:
intermediate_ca = call(
'certificateauthority.create', {
**get_cert_params(),
'signedby': root_ca['id'],
'name': 'test_intermediate_ca',
'create_type': 'CA_CREATE_INTERMEDIATE',
})
root_ca = call('certificateauthority.get_instance', root_ca['id'])
try:
assert intermediate_ca['issuer'] == root_ca, intermediate_ca
finally:
call('certificateauthority.delete', intermediate_ca['id'])
def test_creating_intermediate_ca():
with root_certificate_authority('root_ca_test') as root_ca:
intermediate_ca = call(
'certificateauthority.create', {
**get_cert_params(),
'signedby': root_ca['id'],
'name': 'test_intermediate_ca',
'create_type': 'CA_CREATE_INTERMEDIATE',
})
try:
assert intermediate_ca[
'CA_type_intermediate'] is True, intermediate_ca
finally:
call('certificateauthority.delete', intermediate_ca['id'])
def test_cert_chain_of_intermediate_ca_reported_correctly():
with root_certificate_authority('root_ca_test') as root_ca:
intermediate_ca = call(
'certificateauthority.create', {
**get_cert_params(),
'signedby': root_ca['id'],
'name': 'test_intermediate_ca',
'create_type': 'CA_CREATE_INTERMEDIATE',
})
try:
assert intermediate_ca['chain_list'] == [
intermediate_ca['certificate'], root_ca['certificate']
], intermediate_ca
finally:
call('certificateauthority.delete', intermediate_ca['id'])
def test_cert_chain_of_root_ca_reported_correctly():
with root_certificate_authority('root_ca_test') as root_ca:
cert = call('certificate.create', {
'name': 'cert_test',
'signedby': root_ca['id'],
'create_type': 'CERTIFICATE_CREATE_INTERNAL',
**get_cert_params(),
},
job=True)
try:
assert cert['chain_list'] == [
cert['certificate'], root_ca['certificate']
], cert
finally:
call('certificate.delete', cert['id'], job=True)
def test_signing_csr():
with root_certificate_authority('root_ca') as root_ca:
with certificate_signing_request('csr_test') as csr:
cert = call(
'certificateauthority.ca_sign_csr', {
'ca_id': root_ca['id'],
'csr_cert_id': csr['id'],
'name': 'signed_cert',
})
root_ca = call('certificateauthority.get_instance', root_ca['id'])
try:
assert isinstance(cert['signedby'], dict), cert
assert cert['signedby']['id'] == root_ca['id'], cert
assert cert['chain_list'] == [
cert['certificate'], root_ca['certificate']
]
assert cert['issuer'] == root_ca, cert
finally:
call('certificate.delete', cert['id'], job=True)
def test_root_ca_issuer_reported_correctly():
with root_certificate_authority('root_ca_test') as root_ca:
assert root_ca['issuer'] == 'self-signed', root_ca