test-fails.conf 3.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179
  1. # server bad certificate common name has null
  2. # DG: Have not found a way to properly encode null in common name
  3. -v 3
  4. -l ECDHE-RSA-AES128-GCM-SHA256
  5. -k ./certs/server-key.pem
  6. -c ./certs/test/server-badcnnull.pem
  7. -d
  8. # client bad certificate common name has null
  9. -v 3
  10. -l ECDHE-RSA-AES128-GCM-SHA256
  11. -h localhost
  12. -A ./certs/test/server-badcnnull.pem
  13. -m
  14. -x
  15. # server bad certificate alternate name has null
  16. -v 3
  17. -l ECDHE-RSA-AES128-GCM-SHA256
  18. -k ./certs/server-key.pem
  19. -c ./certs/test/server-badaltnull.pem
  20. -d
  21. # client bad certificate alternate name has null
  22. -v 3
  23. -l ECDHE-RSA-AES128-GCM-SHA256
  24. -h localhost
  25. -A ./certs/test/server-badaltnull.pem
  26. -m
  27. -x
  28. # server nomatch common name
  29. -v 3
  30. -l ECDHE-RSA-AES128-GCM-SHA256
  31. -k ./certs/server-key.pem
  32. -c ./certs/test/server-badcn.pem
  33. -d
  34. # client nomatch common name
  35. -v 3
  36. -l ECDHE-RSA-AES128-GCM-SHA256
  37. -h localhost
  38. -A ./certs/test/server-badcn.pem
  39. -m
  40. -x
  41. # server nomatch alternate name
  42. -v 3
  43. -l ECDHE-RSA-AES128-GCM-SHA256
  44. -k ./certs/server-key.pem
  45. -c ./certs/test/server-badaltname.pem
  46. -d
  47. # client nomatch alternate name
  48. -v 3
  49. -l ECDHE-RSA-AES128-GCM-SHA256
  50. -h localhost
  51. -A ./certs/test/server-badaltname.pem
  52. -m
  53. -x
  54. # server RSA no signer error
  55. -v 3
  56. -l ECDHE-RSA-AES128-GCM-SHA256
  57. # client RSA no signer error
  58. -v 3
  59. -l ECDHE-RSA-AES128-GCM-SHA256
  60. -A ./certs/client-cert.pem
  61. # server ECC no signer error
  62. #-v 3
  63. -l ECDHE-ECDSA-AES128-GCM-SHA256
  64. -c ./certs/server-ecc.pem
  65. -k ./certs/ecc-key.pem
  66. # client ECC no signer error
  67. -v 3
  68. -l ECDHE-ECDSA-AES128-GCM-SHA256
  69. -A ./certs/client-ecc-cert.pem
  70. # server RSA bad sig error
  71. -v 3
  72. -l ECDHE-RSA-AES128-GCM-SHA256
  73. -c ./certs/test/server-cert-rsa-badsig.pem
  74. # client RSA bad sig error
  75. -v 3
  76. -l ECDHE-RSA-AES128-GCM-SHA256
  77. # server ECC bad sig error
  78. -v 3
  79. -l ECDHE-ECDSA-AES128-GCM-SHA256
  80. -c ./certs/test/server-cert-ecc-badsig.pem
  81. # client ECC bad sig error
  82. -v 3
  83. -l ECDHE-ECDSA-AES128-GCM-SHA256
  84. # server missing CN from alternate names list
  85. -v 3
  86. -l ECDHE-RSA-AES128-GCM-SHA256
  87. -c ./certs/test/server-garbage.pem
  88. # client missing CN from alternate names list
  89. -v 3
  90. -l ECDHE-RSA-AES128-GCM-SHA256
  91. -h localhost
  92. -A ./certs/test/server-garbage.pem
  93. -m
  94. # Verify Callback Failure Tests
  95. # no error going into callback, return error
  96. # server
  97. -v 3
  98. -l ECDHE-RSA-AES128-GCM-SHA256
  99. # client verify should fail
  100. -v 3
  101. -l ECDHE-RSA-AES128-GCM-SHA256
  102. -H verifyFail
  103. # server verify should fail
  104. -v 3
  105. -l ECDHE-RSA-AES128-GCM-SHA256
  106. -H verifyFail
  107. # client
  108. -v 3
  109. -l ECDHE-RSA-AES128-GCM-SHA256
  110. # server
  111. -v 3
  112. -l ECDHE-ECDSA-AES128-GCM-SHA256
  113. # client verify should fail
  114. -v 3
  115. -l ECDHE-ECDSA-AES128-GCM-SHA256
  116. -H verifyFail
  117. # server verify should fail
  118. -v 3
  119. -l ECDHE-ECDSA-AES128-GCM-SHA256
  120. -H verifyFail
  121. # client
  122. -v 3
  123. -l ECDHE-ECDSA-AES128-GCM-SHA256
  124. # error going into callback, return error
  125. # server
  126. -v 3
  127. -l ECDHE-RSA-AES128-GCM-SHA256
  128. -c ./certs/test/server-cert-rsa-badsig.pem
  129. -k ./certs/server-key.pem
  130. # client verify should fail
  131. -v 3
  132. -l ECDHE-RSA-AES128-GCM-SHA256
  133. -H verifyFail
  134. # server
  135. -v 3
  136. -l ECDHE-ECDSA-AES128-GCM-SHA256
  137. -c ./certs/test/server-cert-ecc-badsig.pem
  138. -k ./certs/ecc-key.pem
  139. # client verify should fail
  140. -v 3
  141. -l ECDHE-ECDSA-AES128-GCM-SHA256
  142. -H verifyFail
  143. # server send alert on no mutual authentication
  144. -v 3
  145. -F
  146. # client send alert on no mutual authentication
  147. -v 3
  148. -x