def setupSSL_test():
ssl_args = {
'dirsrv': conn,
'secport': 22636,
'sourcedir': None,
'secargs': {
'nsSSLPersonalitySSL': 'localhost'
},
}
cert_dir = conn.getDseAttr('nsslapd-certdir')
assert cert_dir, "Cannot retrieve cert dir"
log.info("Initialize the cert store with an empty password: %r", cert_dir)
fd_null = open('/dev/null', 'w')
open('%s/pin.txt' % cert_dir, 'w').close()
cmd_initialize = 'certutil -d %s -N -f %s/pin.txt' % (cert_dir, cert_dir)
Popen(cmd_initialize.split(), stderr=fd_null)
log.info("Creating a self-signed cert for the server in %r" % cert_dir)
cmd_mkcert = ('certutil -d %s -S -n localhost -t CTu,Cu,Cu '
'-s cn=localhost -x' % cert_dir)
Popen(cmd_mkcert.split(), stdin=open("/dev/urandom"), stderr=fd_null)
log.info("Testing ssl configuration")
ssl_args.update({'dirsrv': conn})
DirSrvTools.setupSSL(**ssl_args)
def setupSSL_test():
ssl_args = {
'dirsrv': conn,
'secport': 22636,
'sourcedir': None,
'secargs': {'nsSSLPersonalitySSL': 'localhost'},
}
cert_dir = conn.getDseAttr('nsslapd-certdir')
assert cert_dir, "Cannot retrieve cert dir"
log.info("Initialize the cert store with an empty password: %r", cert_dir)
fd_null = open('/dev/null', 'w')
open('%s/pin.txt' % cert_dir, 'w').close()
cmd_initialize = 'certutil -d %s -N -f %s/pin.txt' % (cert_dir, cert_dir)
Popen(cmd_initialize.split(), stderr=fd_null)
log.info("Creating a self-signed cert for the server in %r" % cert_dir)
cmd_mkcert = 'certutil -d %s -S -n localhost -t CTu,Cu,Cu -s cn=localhost -x' % cert_dir
Popen(cmd_mkcert.split(), stdin=open("/dev/urandom"), stderr=fd_null)
log.info("Testing ssl configuration")
ssl_args.update({'dirsrv': conn})
DirSrvTools.setupSSL(**ssl_args)
