04-client_auth.cnf@ 107935

Last change on this file since 107935 was 104078, checked in by vboxsync, 11 months ago
openssl-3.1.5: Applied and adjusted our OpenSSL changes to 3.1.4. bugref:10638
File size: 31.9 KB

Line
1	# Generated with generate_ssl_tests.pl
2
3	num_tests = 36
4
5	test-0 = 0-server-auth-flex
6	test-1 = 1-client-auth-flex-request
7	test-2 = 2-client-auth-flex-require-fail
8	test-3 = 3-client-auth-flex-require
9	test-4 = 4-client-auth-flex-require-non-empty-names
10	test-5 = 5-client-auth-flex-noroot
11	test-6 = 6-server-auth-TLSv1
12	test-7 = 7-client-auth-TLSv1-request
13	test-8 = 8-client-auth-TLSv1-require-fail
14	test-9 = 9-client-auth-TLSv1-require
15	test-10 = 10-client-auth-TLSv1-require-non-empty-names
16	test-11 = 11-client-auth-TLSv1-noroot
17	test-12 = 12-server-auth-TLSv1.1
18	test-13 = 13-client-auth-TLSv1.1-request
19	test-14 = 14-client-auth-TLSv1.1-require-fail
20	test-15 = 15-client-auth-TLSv1.1-require
21	test-16 = 16-client-auth-TLSv1.1-require-non-empty-names
22	test-17 = 17-client-auth-TLSv1.1-noroot
23	test-18 = 18-server-auth-TLSv1.2
24	test-19 = 19-client-auth-TLSv1.2-request
25	test-20 = 20-client-auth-TLSv1.2-require-fail
26	test-21 = 21-client-auth-TLSv1.2-require
27	test-22 = 22-client-auth-TLSv1.2-require-non-empty-names
28	test-23 = 23-client-auth-TLSv1.2-noroot
29	test-24 = 24-server-auth-DTLSv1
30	test-25 = 25-client-auth-DTLSv1-request
31	test-26 = 26-client-auth-DTLSv1-require-fail
32	test-27 = 27-client-auth-DTLSv1-require
33	test-28 = 28-client-auth-DTLSv1-require-non-empty-names
34	test-29 = 29-client-auth-DTLSv1-noroot
35	test-30 = 30-server-auth-DTLSv1.2
36	test-31 = 31-client-auth-DTLSv1.2-request
37	test-32 = 32-client-auth-DTLSv1.2-require-fail
38	test-33 = 33-client-auth-DTLSv1.2-require
39	test-34 = 34-client-auth-DTLSv1.2-require-non-empty-names
40	test-35 = 35-client-auth-DTLSv1.2-noroot
41	# ===========================================================
42
43	[0-server-auth-flex]
44	ssl_conf = 0-server-auth-flex-ssl
45
46	[0-server-auth-flex-ssl]
47	server = 0-server-auth-flex-server
48	client = 0-server-auth-flex-client
49
50	[0-server-auth-flex-server]
51	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
52	CipherString = DEFAULT:@SECLEVEL=0
53	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
54
55	[0-server-auth-flex-client]
56	CipherString = DEFAULT:@SECLEVEL=0
57	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
58	VerifyMode = Peer
59
60	[test-0]
61	ExpectedResult = Success
62
63
64	# ===========================================================
65
66	[1-client-auth-flex-request]
67	ssl_conf = 1-client-auth-flex-request-ssl
68
69	[1-client-auth-flex-request-ssl]
70	server = 1-client-auth-flex-request-server
71	client = 1-client-auth-flex-request-client
72
73	[1-client-auth-flex-request-server]
74	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
75	CipherString = DEFAULT:@SECLEVEL=0
76	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
77	VerifyMode = Request
78
79	[1-client-auth-flex-request-client]
80	CipherString = DEFAULT:@SECLEVEL=0
81	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
82	VerifyMode = Peer
83
84	[test-1]
85	ExpectedResult = Success
86
87
88	# ===========================================================
89
90	[2-client-auth-flex-require-fail]
91	ssl_conf = 2-client-auth-flex-require-fail-ssl
92
93	[2-client-auth-flex-require-fail-ssl]
94	server = 2-client-auth-flex-require-fail-server
95	client = 2-client-auth-flex-require-fail-client
96
97	[2-client-auth-flex-require-fail-server]
98	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
99	CipherString = DEFAULT:@SECLEVEL=0
100	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
101	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
102	VerifyMode = Require
103
104	[2-client-auth-flex-require-fail-client]
105	CipherString = DEFAULT:@SECLEVEL=0
106	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
107	VerifyMode = Peer
108
109	[test-2]
110	ExpectedResult = ServerFail
111	ExpectedServerAlert = CertificateRequired
112
113
114	# ===========================================================
115
116	[3-client-auth-flex-require]
117	ssl_conf = 3-client-auth-flex-require-ssl
118
119	[3-client-auth-flex-require-ssl]
120	server = 3-client-auth-flex-require-server
121	client = 3-client-auth-flex-require-client
122
123	[3-client-auth-flex-require-server]
124	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
125	CipherString = DEFAULT:@SECLEVEL=0
126	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
127	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
128	VerifyMode = Request
129
130	[3-client-auth-flex-require-client]
131	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
132	CipherString = DEFAULT:@SECLEVEL=0
133	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
134	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
135	VerifyMode = Peer
136
137	[test-3]
138	ExpectedClientCANames = empty
139	ExpectedClientCertType = RSA
140	ExpectedResult = Success
141
142
143	# ===========================================================
144
145	[4-client-auth-flex-require-non-empty-names]
146	ssl_conf = 4-client-auth-flex-require-non-empty-names-ssl
147
148	[4-client-auth-flex-require-non-empty-names-ssl]
149	server = 4-client-auth-flex-require-non-empty-names-server
150	client = 4-client-auth-flex-require-non-empty-names-client
151
152	[4-client-auth-flex-require-non-empty-names-server]
153	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
154	CipherString = DEFAULT:@SECLEVEL=0
155	ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
156	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
157	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
158	VerifyMode = Request
159
160	[4-client-auth-flex-require-non-empty-names-client]
161	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
162	CipherString = DEFAULT:@SECLEVEL=0
163	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
164	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
165	VerifyMode = Peer
166
167	[test-4]
168	ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
169	ExpectedClientCertType = RSA
170	ExpectedResult = Success
171
172
173	# ===========================================================
174
175	[5-client-auth-flex-noroot]
176	ssl_conf = 5-client-auth-flex-noroot-ssl
177
178	[5-client-auth-flex-noroot-ssl]
179	server = 5-client-auth-flex-noroot-server
180	client = 5-client-auth-flex-noroot-client
181
182	[5-client-auth-flex-noroot-server]
183	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
184	CipherString = DEFAULT:@SECLEVEL=0
185	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
186	VerifyMode = Require
187
188	[5-client-auth-flex-noroot-client]
189	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
190	CipherString = DEFAULT:@SECLEVEL=0
191	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
192	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
193	VerifyMode = Peer
194
195	[test-5]
196	ExpectedResult = ServerFail
197	ExpectedServerAlert = UnknownCA
198
199
200	# ===========================================================
201
202	[6-server-auth-TLSv1]
203	ssl_conf = 6-server-auth-TLSv1-ssl
204
205	[6-server-auth-TLSv1-ssl]
206	server = 6-server-auth-TLSv1-server
207	client = 6-server-auth-TLSv1-client
208
209	[6-server-auth-TLSv1-server]
210	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
211	CipherString = DEFAULT:@SECLEVEL=0
212	MaxProtocol = TLSv1
213	MinProtocol = TLSv1
214	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
215
216	[6-server-auth-TLSv1-client]
217	CipherString = DEFAULT:@SECLEVEL=0
218	MaxProtocol = TLSv1
219	MinProtocol = TLSv1
220	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
221	VerifyMode = Peer
222
223	[test-6]
224	ExpectedResult = Success
225
226
227	# ===========================================================
228
229	[7-client-auth-TLSv1-request]
230	ssl_conf = 7-client-auth-TLSv1-request-ssl
231
232	[7-client-auth-TLSv1-request-ssl]
233	server = 7-client-auth-TLSv1-request-server
234	client = 7-client-auth-TLSv1-request-client
235
236	[7-client-auth-TLSv1-request-server]
237	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
238	CipherString = DEFAULT:@SECLEVEL=0
239	MaxProtocol = TLSv1
240	MinProtocol = TLSv1
241	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
242	VerifyMode = Request
243
244	[7-client-auth-TLSv1-request-client]
245	CipherString = DEFAULT:@SECLEVEL=0
246	MaxProtocol = TLSv1
247	MinProtocol = TLSv1
248	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
249	VerifyMode = Peer
250
251	[test-7]
252	ExpectedResult = Success
253
254
255	# ===========================================================
256
257	[8-client-auth-TLSv1-require-fail]
258	ssl_conf = 8-client-auth-TLSv1-require-fail-ssl
259
260	[8-client-auth-TLSv1-require-fail-ssl]
261	server = 8-client-auth-TLSv1-require-fail-server
262	client = 8-client-auth-TLSv1-require-fail-client
263
264	[8-client-auth-TLSv1-require-fail-server]
265	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
266	CipherString = DEFAULT:@SECLEVEL=0
267	MaxProtocol = TLSv1
268	MinProtocol = TLSv1
269	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
270	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
271	VerifyMode = Require
272
273	[8-client-auth-TLSv1-require-fail-client]
274	CipherString = DEFAULT:@SECLEVEL=0
275	MaxProtocol = TLSv1
276	MinProtocol = TLSv1
277	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
278	VerifyMode = Peer
279
280	[test-8]
281	ExpectedResult = ServerFail
282	ExpectedServerAlert = HandshakeFailure
283
284
285	# ===========================================================
286
287	[9-client-auth-TLSv1-require]
288	ssl_conf = 9-client-auth-TLSv1-require-ssl
289
290	[9-client-auth-TLSv1-require-ssl]
291	server = 9-client-auth-TLSv1-require-server
292	client = 9-client-auth-TLSv1-require-client
293
294	[9-client-auth-TLSv1-require-server]
295	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
296	CipherString = DEFAULT:@SECLEVEL=0
297	MaxProtocol = TLSv1
298	MinProtocol = TLSv1
299	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
300	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
301	VerifyMode = Request
302
303	[9-client-auth-TLSv1-require-client]
304	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
305	CipherString = DEFAULT:@SECLEVEL=0
306	MaxProtocol = TLSv1
307	MinProtocol = TLSv1
308	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
309	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
310	VerifyMode = Peer
311
312	[test-9]
313	ExpectedClientCANames = empty
314	ExpectedClientCertType = RSA
315	ExpectedResult = Success
316
317
318	# ===========================================================
319
320	[10-client-auth-TLSv1-require-non-empty-names]
321	ssl_conf = 10-client-auth-TLSv1-require-non-empty-names-ssl
322
323	[10-client-auth-TLSv1-require-non-empty-names-ssl]
324	server = 10-client-auth-TLSv1-require-non-empty-names-server
325	client = 10-client-auth-TLSv1-require-non-empty-names-client
326
327	[10-client-auth-TLSv1-require-non-empty-names-server]
328	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
329	CipherString = DEFAULT:@SECLEVEL=0
330	ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
331	MaxProtocol = TLSv1
332	MinProtocol = TLSv1
333	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
334	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
335	VerifyMode = Request
336
337	[10-client-auth-TLSv1-require-non-empty-names-client]
338	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
339	CipherString = DEFAULT:@SECLEVEL=0
340	MaxProtocol = TLSv1
341	MinProtocol = TLSv1
342	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
343	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
344	VerifyMode = Peer
345
346	[test-10]
347	ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
348	ExpectedClientCertType = RSA
349	ExpectedResult = Success
350
351
352	# ===========================================================
353
354	[11-client-auth-TLSv1-noroot]
355	ssl_conf = 11-client-auth-TLSv1-noroot-ssl
356
357	[11-client-auth-TLSv1-noroot-ssl]
358	server = 11-client-auth-TLSv1-noroot-server
359	client = 11-client-auth-TLSv1-noroot-client
360
361	[11-client-auth-TLSv1-noroot-server]
362	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
363	CipherString = DEFAULT:@SECLEVEL=0
364	MaxProtocol = TLSv1
365	MinProtocol = TLSv1
366	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
367	VerifyMode = Require
368
369	[11-client-auth-TLSv1-noroot-client]
370	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
371	CipherString = DEFAULT:@SECLEVEL=0
372	MaxProtocol = TLSv1
373	MinProtocol = TLSv1
374	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
375	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
376	VerifyMode = Peer
377
378	[test-11]
379	ExpectedResult = ServerFail
380	ExpectedServerAlert = UnknownCA
381
382
383	# ===========================================================
384
385	[12-server-auth-TLSv1.1]
386	ssl_conf = 12-server-auth-TLSv1.1-ssl
387
388	[12-server-auth-TLSv1.1-ssl]
389	server = 12-server-auth-TLSv1.1-server
390	client = 12-server-auth-TLSv1.1-client
391
392	[12-server-auth-TLSv1.1-server]
393	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
394	CipherString = DEFAULT:@SECLEVEL=0
395	MaxProtocol = TLSv1.1
396	MinProtocol = TLSv1.1
397	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
398
399	[12-server-auth-TLSv1.1-client]
400	CipherString = DEFAULT:@SECLEVEL=0
401	MaxProtocol = TLSv1.1
402	MinProtocol = TLSv1.1
403	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
404	VerifyMode = Peer
405
406	[test-12]
407	ExpectedResult = Success
408
409
410	# ===========================================================
411
412	[13-client-auth-TLSv1.1-request]
413	ssl_conf = 13-client-auth-TLSv1.1-request-ssl
414
415	[13-client-auth-TLSv1.1-request-ssl]
416	server = 13-client-auth-TLSv1.1-request-server
417	client = 13-client-auth-TLSv1.1-request-client
418
419	[13-client-auth-TLSv1.1-request-server]
420	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
421	CipherString = DEFAULT:@SECLEVEL=0
422	MaxProtocol = TLSv1.1
423	MinProtocol = TLSv1.1
424	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
425	VerifyMode = Request
426
427	[13-client-auth-TLSv1.1-request-client]
428	CipherString = DEFAULT:@SECLEVEL=0
429	MaxProtocol = TLSv1.1
430	MinProtocol = TLSv1.1
431	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
432	VerifyMode = Peer
433
434	[test-13]
435	ExpectedResult = Success
436
437
438	# ===========================================================
439
440	[14-client-auth-TLSv1.1-require-fail]
441	ssl_conf = 14-client-auth-TLSv1.1-require-fail-ssl
442
443	[14-client-auth-TLSv1.1-require-fail-ssl]
444	server = 14-client-auth-TLSv1.1-require-fail-server
445	client = 14-client-auth-TLSv1.1-require-fail-client
446
447	[14-client-auth-TLSv1.1-require-fail-server]
448	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
449	CipherString = DEFAULT:@SECLEVEL=0
450	MaxProtocol = TLSv1.1
451	MinProtocol = TLSv1.1
452	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
453	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
454	VerifyMode = Require
455
456	[14-client-auth-TLSv1.1-require-fail-client]
457	CipherString = DEFAULT:@SECLEVEL=0
458	MaxProtocol = TLSv1.1
459	MinProtocol = TLSv1.1
460	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
461	VerifyMode = Peer
462
463	[test-14]
464	ExpectedResult = ServerFail
465	ExpectedServerAlert = HandshakeFailure
466
467
468	# ===========================================================
469
470	[15-client-auth-TLSv1.1-require]
471	ssl_conf = 15-client-auth-TLSv1.1-require-ssl
472
473	[15-client-auth-TLSv1.1-require-ssl]
474	server = 15-client-auth-TLSv1.1-require-server
475	client = 15-client-auth-TLSv1.1-require-client
476
477	[15-client-auth-TLSv1.1-require-server]
478	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
479	CipherString = DEFAULT:@SECLEVEL=0
480	MaxProtocol = TLSv1.1
481	MinProtocol = TLSv1.1
482	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
483	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
484	VerifyMode = Request
485
486	[15-client-auth-TLSv1.1-require-client]
487	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
488	CipherString = DEFAULT:@SECLEVEL=0
489	MaxProtocol = TLSv1.1
490	MinProtocol = TLSv1.1
491	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
492	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
493	VerifyMode = Peer
494
495	[test-15]
496	ExpectedClientCANames = empty
497	ExpectedClientCertType = RSA
498	ExpectedResult = Success
499
500
501	# ===========================================================
502
503	[16-client-auth-TLSv1.1-require-non-empty-names]
504	ssl_conf = 16-client-auth-TLSv1.1-require-non-empty-names-ssl
505
506	[16-client-auth-TLSv1.1-require-non-empty-names-ssl]
507	server = 16-client-auth-TLSv1.1-require-non-empty-names-server
508	client = 16-client-auth-TLSv1.1-require-non-empty-names-client
509
510	[16-client-auth-TLSv1.1-require-non-empty-names-server]
511	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
512	CipherString = DEFAULT:@SECLEVEL=0
513	ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
514	MaxProtocol = TLSv1.1
515	MinProtocol = TLSv1.1
516	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
517	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
518	VerifyMode = Request
519
520	[16-client-auth-TLSv1.1-require-non-empty-names-client]
521	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
522	CipherString = DEFAULT:@SECLEVEL=0
523	MaxProtocol = TLSv1.1
524	MinProtocol = TLSv1.1
525	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
526	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
527	VerifyMode = Peer
528
529	[test-16]
530	ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
531	ExpectedClientCertType = RSA
532	ExpectedResult = Success
533
534
535	# ===========================================================
536
537	[17-client-auth-TLSv1.1-noroot]
538	ssl_conf = 17-client-auth-TLSv1.1-noroot-ssl
539
540	[17-client-auth-TLSv1.1-noroot-ssl]
541	server = 17-client-auth-TLSv1.1-noroot-server
542	client = 17-client-auth-TLSv1.1-noroot-client
543
544	[17-client-auth-TLSv1.1-noroot-server]
545	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
546	CipherString = DEFAULT:@SECLEVEL=0
547	MaxProtocol = TLSv1.1
548	MinProtocol = TLSv1.1
549	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
550	VerifyMode = Require
551
552	[17-client-auth-TLSv1.1-noroot-client]
553	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
554	CipherString = DEFAULT:@SECLEVEL=0
555	MaxProtocol = TLSv1.1
556	MinProtocol = TLSv1.1
557	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
558	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
559	VerifyMode = Peer
560
561	[test-17]
562	ExpectedResult = ServerFail
563	ExpectedServerAlert = UnknownCA
564
565
566	# ===========================================================
567
568	[18-server-auth-TLSv1.2]
569	ssl_conf = 18-server-auth-TLSv1.2-ssl
570
571	[18-server-auth-TLSv1.2-ssl]
572	server = 18-server-auth-TLSv1.2-server
573	client = 18-server-auth-TLSv1.2-client
574
575	[18-server-auth-TLSv1.2-server]
576	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
577	CipherString = DEFAULT:@SECLEVEL=0
578	MaxProtocol = TLSv1.2
579	MinProtocol = TLSv1.2
580	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
581
582	[18-server-auth-TLSv1.2-client]
583	CipherString = DEFAULT:@SECLEVEL=0
584	MaxProtocol = TLSv1.2
585	MinProtocol = TLSv1.2
586	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
587	VerifyMode = Peer
588
589	[test-18]
590	ExpectedResult = Success
591
592
593	# ===========================================================
594
595	[19-client-auth-TLSv1.2-request]
596	ssl_conf = 19-client-auth-TLSv1.2-request-ssl
597
598	[19-client-auth-TLSv1.2-request-ssl]
599	server = 19-client-auth-TLSv1.2-request-server
600	client = 19-client-auth-TLSv1.2-request-client
601
602	[19-client-auth-TLSv1.2-request-server]
603	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
604	CipherString = DEFAULT:@SECLEVEL=0
605	MaxProtocol = TLSv1.2
606	MinProtocol = TLSv1.2
607	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
608	VerifyMode = Request
609
610	[19-client-auth-TLSv1.2-request-client]
611	CipherString = DEFAULT:@SECLEVEL=0
612	MaxProtocol = TLSv1.2
613	MinProtocol = TLSv1.2
614	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
615	VerifyMode = Peer
616
617	[test-19]
618	ExpectedResult = Success
619
620
621	# ===========================================================
622
623	[20-client-auth-TLSv1.2-require-fail]
624	ssl_conf = 20-client-auth-TLSv1.2-require-fail-ssl
625
626	[20-client-auth-TLSv1.2-require-fail-ssl]
627	server = 20-client-auth-TLSv1.2-require-fail-server
628	client = 20-client-auth-TLSv1.2-require-fail-client
629
630	[20-client-auth-TLSv1.2-require-fail-server]
631	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
632	CipherString = DEFAULT:@SECLEVEL=0
633	MaxProtocol = TLSv1.2
634	MinProtocol = TLSv1.2
635	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
636	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
637	VerifyMode = Require
638
639	[20-client-auth-TLSv1.2-require-fail-client]
640	CipherString = DEFAULT:@SECLEVEL=0
641	MaxProtocol = TLSv1.2
642	MinProtocol = TLSv1.2
643	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
644	VerifyMode = Peer
645
646	[test-20]
647	ExpectedResult = ServerFail
648	ExpectedServerAlert = HandshakeFailure
649
650
651	# ===========================================================
652
653	[21-client-auth-TLSv1.2-require]
654	ssl_conf = 21-client-auth-TLSv1.2-require-ssl
655
656	[21-client-auth-TLSv1.2-require-ssl]
657	server = 21-client-auth-TLSv1.2-require-server
658	client = 21-client-auth-TLSv1.2-require-client
659
660	[21-client-auth-TLSv1.2-require-server]
661	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
662	CipherString = DEFAULT:@SECLEVEL=0
663	ClientSignatureAlgorithms = SHA256+RSA
664	MaxProtocol = TLSv1.2
665	MinProtocol = TLSv1.2
666	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
667	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
668	VerifyMode = Request
669
670	[21-client-auth-TLSv1.2-require-client]
671	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
672	CipherString = DEFAULT:@SECLEVEL=0
673	MaxProtocol = TLSv1.2
674	MinProtocol = TLSv1.2
675	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
676	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
677	VerifyMode = Peer
678
679	[test-21]
680	ExpectedClientCANames = empty
681	ExpectedClientCertType = RSA
682	ExpectedClientSignHash = SHA256
683	ExpectedClientSignType = RSA
684	ExpectedResult = Success
685
686
687	# ===========================================================
688
689	[22-client-auth-TLSv1.2-require-non-empty-names]
690	ssl_conf = 22-client-auth-TLSv1.2-require-non-empty-names-ssl
691
692	[22-client-auth-TLSv1.2-require-non-empty-names-ssl]
693	server = 22-client-auth-TLSv1.2-require-non-empty-names-server
694	client = 22-client-auth-TLSv1.2-require-non-empty-names-client
695
696	[22-client-auth-TLSv1.2-require-non-empty-names-server]
697	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
698	CipherString = DEFAULT:@SECLEVEL=0
699	ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
700	ClientSignatureAlgorithms = SHA256+RSA
701	MaxProtocol = TLSv1.2
702	MinProtocol = TLSv1.2
703	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
704	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
705	VerifyMode = Request
706
707	[22-client-auth-TLSv1.2-require-non-empty-names-client]
708	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
709	CipherString = DEFAULT:@SECLEVEL=0
710	MaxProtocol = TLSv1.2
711	MinProtocol = TLSv1.2
712	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
713	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
714	VerifyMode = Peer
715
716	[test-22]
717	ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
718	ExpectedClientCertType = RSA
719	ExpectedClientSignHash = SHA256
720	ExpectedClientSignType = RSA
721	ExpectedResult = Success
722
723
724	# ===========================================================
725
726	[23-client-auth-TLSv1.2-noroot]
727	ssl_conf = 23-client-auth-TLSv1.2-noroot-ssl
728
729	[23-client-auth-TLSv1.2-noroot-ssl]
730	server = 23-client-auth-TLSv1.2-noroot-server
731	client = 23-client-auth-TLSv1.2-noroot-client
732
733	[23-client-auth-TLSv1.2-noroot-server]
734	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
735	CipherString = DEFAULT:@SECLEVEL=0
736	MaxProtocol = TLSv1.2
737	MinProtocol = TLSv1.2
738	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
739	VerifyMode = Require
740
741	[23-client-auth-TLSv1.2-noroot-client]
742	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
743	CipherString = DEFAULT:@SECLEVEL=0
744	MaxProtocol = TLSv1.2
745	MinProtocol = TLSv1.2
746	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
747	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
748	VerifyMode = Peer
749
750	[test-23]
751	ExpectedResult = ServerFail
752	ExpectedServerAlert = UnknownCA
753
754
755	# ===========================================================
756
757	[24-server-auth-DTLSv1]
758	ssl_conf = 24-server-auth-DTLSv1-ssl
759
760	[24-server-auth-DTLSv1-ssl]
761	server = 24-server-auth-DTLSv1-server
762	client = 24-server-auth-DTLSv1-client
763
764	[24-server-auth-DTLSv1-server]
765	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
766	CipherString = DEFAULT:@SECLEVEL=0
767	MaxProtocol = DTLSv1
768	MinProtocol = DTLSv1
769	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
770
771	[24-server-auth-DTLSv1-client]
772	CipherString = DEFAULT:@SECLEVEL=0
773	MaxProtocol = DTLSv1
774	MinProtocol = DTLSv1
775	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
776	VerifyMode = Peer
777
778	[test-24]
779	ExpectedResult = Success
780	Method = DTLS
781
782
783	# ===========================================================
784
785	[25-client-auth-DTLSv1-request]
786	ssl_conf = 25-client-auth-DTLSv1-request-ssl
787
788	[25-client-auth-DTLSv1-request-ssl]
789	server = 25-client-auth-DTLSv1-request-server
790	client = 25-client-auth-DTLSv1-request-client
791
792	[25-client-auth-DTLSv1-request-server]
793	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
794	CipherString = DEFAULT:@SECLEVEL=0
795	MaxProtocol = DTLSv1
796	MinProtocol = DTLSv1
797	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
798	VerifyMode = Request
799
800	[25-client-auth-DTLSv1-request-client]
801	CipherString = DEFAULT:@SECLEVEL=0
802	MaxProtocol = DTLSv1
803	MinProtocol = DTLSv1
804	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
805	VerifyMode = Peer
806
807	[test-25]
808	ExpectedResult = Success
809	Method = DTLS
810
811
812	# ===========================================================
813
814	[26-client-auth-DTLSv1-require-fail]
815	ssl_conf = 26-client-auth-DTLSv1-require-fail-ssl
816
817	[26-client-auth-DTLSv1-require-fail-ssl]
818	server = 26-client-auth-DTLSv1-require-fail-server
819	client = 26-client-auth-DTLSv1-require-fail-client
820
821	[26-client-auth-DTLSv1-require-fail-server]
822	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
823	CipherString = DEFAULT:@SECLEVEL=0
824	MaxProtocol = DTLSv1
825	MinProtocol = DTLSv1
826	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
827	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
828	VerifyMode = Require
829
830	[26-client-auth-DTLSv1-require-fail-client]
831	CipherString = DEFAULT:@SECLEVEL=0
832	MaxProtocol = DTLSv1
833	MinProtocol = DTLSv1
834	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
835	VerifyMode = Peer
836
837	[test-26]
838	ExpectedResult = ServerFail
839	ExpectedServerAlert = HandshakeFailure
840	Method = DTLS
841
842
843	# ===========================================================
844
845	[27-client-auth-DTLSv1-require]
846	ssl_conf = 27-client-auth-DTLSv1-require-ssl
847
848	[27-client-auth-DTLSv1-require-ssl]
849	server = 27-client-auth-DTLSv1-require-server
850	client = 27-client-auth-DTLSv1-require-client
851
852	[27-client-auth-DTLSv1-require-server]
853	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
854	CipherString = DEFAULT:@SECLEVEL=0
855	MaxProtocol = DTLSv1
856	MinProtocol = DTLSv1
857	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
858	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
859	VerifyMode = Request
860
861	[27-client-auth-DTLSv1-require-client]
862	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
863	CipherString = DEFAULT:@SECLEVEL=0
864	MaxProtocol = DTLSv1
865	MinProtocol = DTLSv1
866	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
867	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
868	VerifyMode = Peer
869
870	[test-27]
871	ExpectedClientCANames = empty
872	ExpectedClientCertType = RSA
873	ExpectedResult = Success
874	Method = DTLS
875
876
877	# ===========================================================
878
879	[28-client-auth-DTLSv1-require-non-empty-names]
880	ssl_conf = 28-client-auth-DTLSv1-require-non-empty-names-ssl
881
882	[28-client-auth-DTLSv1-require-non-empty-names-ssl]
883	server = 28-client-auth-DTLSv1-require-non-empty-names-server
884	client = 28-client-auth-DTLSv1-require-non-empty-names-client
885
886	[28-client-auth-DTLSv1-require-non-empty-names-server]
887	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
888	CipherString = DEFAULT:@SECLEVEL=0
889	ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
890	MaxProtocol = DTLSv1
891	MinProtocol = DTLSv1
892	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
893	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
894	VerifyMode = Request
895
896	[28-client-auth-DTLSv1-require-non-empty-names-client]
897	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
898	CipherString = DEFAULT:@SECLEVEL=0
899	MaxProtocol = DTLSv1
900	MinProtocol = DTLSv1
901	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
902	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
903	VerifyMode = Peer
904
905	[test-28]
906	ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
907	ExpectedClientCertType = RSA
908	ExpectedResult = Success
909	Method = DTLS
910
911
912	# ===========================================================
913
914	[29-client-auth-DTLSv1-noroot]
915	ssl_conf = 29-client-auth-DTLSv1-noroot-ssl
916
917	[29-client-auth-DTLSv1-noroot-ssl]
918	server = 29-client-auth-DTLSv1-noroot-server
919	client = 29-client-auth-DTLSv1-noroot-client
920
921	[29-client-auth-DTLSv1-noroot-server]
922	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
923	CipherString = DEFAULT:@SECLEVEL=0
924	MaxProtocol = DTLSv1
925	MinProtocol = DTLSv1
926	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
927	VerifyMode = Require
928
929	[29-client-auth-DTLSv1-noroot-client]
930	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
931	CipherString = DEFAULT:@SECLEVEL=0
932	MaxProtocol = DTLSv1
933	MinProtocol = DTLSv1
934	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
935	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
936	VerifyMode = Peer
937
938	[test-29]
939	ExpectedResult = ServerFail
940	ExpectedServerAlert = UnknownCA
941	Method = DTLS
942
943
944	# ===========================================================
945
946	[30-server-auth-DTLSv1.2]
947	ssl_conf = 30-server-auth-DTLSv1.2-ssl
948
949	[30-server-auth-DTLSv1.2-ssl]
950	server = 30-server-auth-DTLSv1.2-server
951	client = 30-server-auth-DTLSv1.2-client
952
953	[30-server-auth-DTLSv1.2-server]
954	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
955	CipherString = DEFAULT:@SECLEVEL=0
956	MaxProtocol = DTLSv1.2
957	MinProtocol = DTLSv1.2
958	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
959
960	[30-server-auth-DTLSv1.2-client]
961	CipherString = DEFAULT:@SECLEVEL=0
962	MaxProtocol = DTLSv1.2
963	MinProtocol = DTLSv1.2
964	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
965	VerifyMode = Peer
966
967	[test-30]
968	ExpectedResult = Success
969	Method = DTLS
970
971
972	# ===========================================================
973
974	[31-client-auth-DTLSv1.2-request]
975	ssl_conf = 31-client-auth-DTLSv1.2-request-ssl
976
977	[31-client-auth-DTLSv1.2-request-ssl]
978	server = 31-client-auth-DTLSv1.2-request-server
979	client = 31-client-auth-DTLSv1.2-request-client
980
981	[31-client-auth-DTLSv1.2-request-server]
982	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
983	CipherString = DEFAULT:@SECLEVEL=0
984	MaxProtocol = DTLSv1.2
985	MinProtocol = DTLSv1.2
986	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
987	VerifyMode = Request
988
989	[31-client-auth-DTLSv1.2-request-client]
990	CipherString = DEFAULT:@SECLEVEL=0
991	MaxProtocol = DTLSv1.2
992	MinProtocol = DTLSv1.2
993	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
994	VerifyMode = Peer
995
996	[test-31]
997	ExpectedResult = Success
998	Method = DTLS
999
1000
1001	# ===========================================================
1002
1003	[32-client-auth-DTLSv1.2-require-fail]
1004	ssl_conf = 32-client-auth-DTLSv1.2-require-fail-ssl
1005
1006	[32-client-auth-DTLSv1.2-require-fail-ssl]
1007	server = 32-client-auth-DTLSv1.2-require-fail-server
1008	client = 32-client-auth-DTLSv1.2-require-fail-client
1009
1010	[32-client-auth-DTLSv1.2-require-fail-server]
1011	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1012	CipherString = DEFAULT:@SECLEVEL=0
1013	MaxProtocol = DTLSv1.2
1014	MinProtocol = DTLSv1.2
1015	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1016	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1017	VerifyMode = Require
1018
1019	[32-client-auth-DTLSv1.2-require-fail-client]
1020	CipherString = DEFAULT:@SECLEVEL=0
1021	MaxProtocol = DTLSv1.2
1022	MinProtocol = DTLSv1.2
1023	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1024	VerifyMode = Peer
1025
1026	[test-32]
1027	ExpectedResult = ServerFail
1028	ExpectedServerAlert = HandshakeFailure
1029	Method = DTLS
1030
1031
1032	# ===========================================================
1033
1034	[33-client-auth-DTLSv1.2-require]
1035	ssl_conf = 33-client-auth-DTLSv1.2-require-ssl
1036
1037	[33-client-auth-DTLSv1.2-require-ssl]
1038	server = 33-client-auth-DTLSv1.2-require-server
1039	client = 33-client-auth-DTLSv1.2-require-client
1040
1041	[33-client-auth-DTLSv1.2-require-server]
1042	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1043	CipherString = DEFAULT:@SECLEVEL=0
1044	MaxProtocol = DTLSv1.2
1045	MinProtocol = DTLSv1.2
1046	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1047	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1048	VerifyMode = Request
1049
1050	[33-client-auth-DTLSv1.2-require-client]
1051	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
1052	CipherString = DEFAULT:@SECLEVEL=0
1053	MaxProtocol = DTLSv1.2
1054	MinProtocol = DTLSv1.2
1055	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
1056	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1057	VerifyMode = Peer
1058
1059	[test-33]
1060	ExpectedClientCANames = empty
1061	ExpectedClientCertType = RSA
1062	ExpectedResult = Success
1063	Method = DTLS
1064
1065
1066	# ===========================================================
1067
1068	[34-client-auth-DTLSv1.2-require-non-empty-names]
1069	ssl_conf = 34-client-auth-DTLSv1.2-require-non-empty-names-ssl
1070
1071	[34-client-auth-DTLSv1.2-require-non-empty-names-ssl]
1072	server = 34-client-auth-DTLSv1.2-require-non-empty-names-server
1073	client = 34-client-auth-DTLSv1.2-require-non-empty-names-client
1074
1075	[34-client-auth-DTLSv1.2-require-non-empty-names-server]
1076	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1077	CipherString = DEFAULT:@SECLEVEL=0
1078	ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1079	MaxProtocol = DTLSv1.2
1080	MinProtocol = DTLSv1.2
1081	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1082	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1083	VerifyMode = Request
1084
1085	[34-client-auth-DTLSv1.2-require-non-empty-names-client]
1086	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
1087	CipherString = DEFAULT:@SECLEVEL=0
1088	MaxProtocol = DTLSv1.2
1089	MinProtocol = DTLSv1.2
1090	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
1091	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1092	VerifyMode = Peer
1093
1094	[test-34]
1095	ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1096	ExpectedClientCertType = RSA
1097	ExpectedResult = Success
1098	Method = DTLS
1099
1100
1101	# ===========================================================
1102
1103	[35-client-auth-DTLSv1.2-noroot]
1104	ssl_conf = 35-client-auth-DTLSv1.2-noroot-ssl
1105
1106	[35-client-auth-DTLSv1.2-noroot-ssl]
1107	server = 35-client-auth-DTLSv1.2-noroot-server
1108	client = 35-client-auth-DTLSv1.2-noroot-client
1109
1110	[35-client-auth-DTLSv1.2-noroot-server]
1111	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1112	CipherString = DEFAULT:@SECLEVEL=0
1113	MaxProtocol = DTLSv1.2
1114	MinProtocol = DTLSv1.2
1115	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1116	VerifyMode = Require
1117
1118	[35-client-auth-DTLSv1.2-noroot-client]
1119	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
1120	CipherString = DEFAULT:@SECLEVEL=0
1121	MaxProtocol = DTLSv1.2
1122	MinProtocol = DTLSv1.2
1123	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
1124	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1125	VerifyMode = Peer
1126
1127	[test-35]
1128	ExpectedResult = ServerFail
1129	ExpectedServerAlert = UnknownCA
1130	Method = DTLS
1131
1132

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format