ocsp-stapling-with-ca-as-responder.test 1.3 KB

123456789101112131415161718192021222324252627282930313233343536373839
  1. #!/bin/sh
  2. # ocsp-stapling.test
  3. trap 'for i in `jobs -p`; do pkill -TERM -P $i; done' EXIT
  4. server=login.live.com
  5. ca=certs/external/baltimore-cybertrust-root.pem
  6. [ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
  7. # is our desired server there? - login.live.com doesn't answers PING
  8. #./scripts/ping.test $server 2
  9. # client test against the server
  10. ./examples/client/client -X -C -h $server -p 443 -A $ca -g -W 1
  11. RESULT=$?
  12. [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
  13. # setup ocsp responder
  14. ./certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh &
  15. sleep 1
  16. [ $(jobs -r | wc -l) -ne 1 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0
  17. # client test against our own server - GOOD CERT
  18. ./examples/server/server -c certs/ocsp/server1-cert.pem -k certs/ocsp/server1-key.pem &
  19. sleep 1
  20. ./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1
  21. RESULT=$?
  22. [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
  23. # client test against our own server - REVOKED CERT
  24. ./examples/server/server -c certs/ocsp/server2-cert.pem -k certs/ocsp/server2-key.pem &
  25. sleep 1
  26. ./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1
  27. RESULT=$?
  28. [ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
  29. exit 0