diff options
author | Niranjan Mallapadi <mrniranjan@redhat.com> | 2014-12-01 16:42:52 +0530 |
---|---|---|
committer | Niranjan Mallapadi <mrniranjan@redhat.com> | 2014-12-01 16:45:05 +0530 |
commit | 85d77cfea7d52baecac73d09940cd8aee1c9e224 (patch) | |
tree | b8bbff9e4d09e3f8109ec579747f8c22a440e404 /tests/dogtag | |
parent | 4c27c392f634a86f25909c53e48f1dfb9e34a9e1 (diff) | |
download | pki-85d77cfea7d52baecac73d09940cd8aee1c9e224.tar.gz pki-85d77cfea7d52baecac73d09940cd8aee1c9e224.tar.xz pki-85d77cfea7d52baecac73d09940cd8aee1c9e224.zip |
Add minor fixes to cert-release-hold and revoke
In pki cert-revoke, comment the SUBCA test, because
when jobs are ran in parallel, this can go for a very
big loop.
Diffstat (limited to 'tests/dogtag')
-rwxr-xr-x | tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-release-hold.sh | 10 | ||||
-rwxr-xr-x | tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-revoke.sh | 104 |
2 files changed, 57 insertions, 57 deletions
diff --git a/tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-release-hold.sh b/tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-release-hold.sh index 0a2d8fa8c..e6827a008 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-release-hold.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-release-hold.sh @@ -512,7 +512,7 @@ run_pki-cert-release-hold-ca_tests() rlPhaseStartTest "pki_cert_release_hold_0021: Hold and release a agent cert and verify released agent cert is usable" rlLog "Get the serial number of Agent Cert" - local agent_cert_sno=$(certutil -L -d $CERTDB_DIR -n "CA_agentV" | grep "Serial Number:" | tr -d '()' | awk -F " " '{print $4}') + local agent_cert_sno=$(certutil -L -d $CERTDB_DIR -n "$CA_agentV_user" | grep "Serial Number:" | tr -d '()' | awk -F " " '{print $4}') rlRun "pki -d $CERTDB_DIR \ -c $CERTDB_DIR_PASSWORD \ -n \"caadmincert\" \ @@ -521,7 +521,7 @@ run_pki-cert-release-hold-ca_tests() cert-hold \ --force $agent_cert_sno 1> $TmpDir/cert-hold.out" 0 "Hold Agent cert" rlAssertGrep "Placed certificate \"$agent_cert_sno\" on-hold" "$TmpDir/cert-hold.out" - rlAssertGrep "Serial Number: 0x10" "$TmpDir/cert-hold.out" + rlAssertGrep "Serial Number: $agent_cert_sno" "$TmpDir/cert-hold.out" rlAssertGrep "Issuer: CN=PKI $CA_INST Signing Cert,O=redhat" "$TmpDir/cert-hold.out" rlAssertGrep "Status: REVOKED" "$TmpDir/cert-hold.out" rlRun "pki -d $CERTDB_DIR \ @@ -531,7 +531,7 @@ run_pki-cert-release-hold-ca_tests() -p $target_port \ cert-release-hold --force $agent_cert_sno 1> $TmpDir/cert-release-hold.out" 0 "Hold Agent cert" rlAssertGrep "Placed certificate \"$agent_cert_sno\" off-hold" "$TmpDir/cert-release-hold.out" - rlAssertGrep "Serial Number: 0x10" "$TmpDir/cert-release-hold.out" + rlAssertGrep "Serial Number: $agent_cert_sno" "$TmpDir/cert-release-hold.out" rlAssertGrep "Issuer: CN=PKI $CA_INST Signing Cert,O=redhat" "$TmpDir/cert-release-hold.out" rlAssertGrep "Status: VALID" "$TmpDir/cert-release-hold.out" rlLog "With released Agent Cert hold a user cert" @@ -581,7 +581,7 @@ run_pki-cert-release-hold-ca_tests() --force --reason Certificate_Hold 1> $certout" 0 "Put certificate on hold" rlAssertGrep "Status: REVOKED" "$certout" local cur_date=$(date) - local end_date=$(certutil -L -d $CERTDB_DIR -n CA_adminE | grep "Not After" | awk -F ": " '{print $2}') + local end_date=$(certutil -L -d $CERTDB_DIR -n "$CA_adminE_user" | grep "Not After" | awk -F ": " '{print $2}') rlLog "Date & Time before Modifying system date: $cur_date" rlRun "chronyc -a 'manual on' 1> $TmpDir/chrony.out" 0 "Set chrony to manual mode" rlAssertGrep "200 OK" "$TmpDir/chrony.out" @@ -617,7 +617,7 @@ run_pki-cert-release-hold-ca_tests() --force --reason Certificate_Hold 1> $certout" 0 "Put Certificate on Hold" rlAssertGrep "Status: REVOKED" "$certout" local cur_date=$(date) # Save current date - local end_date=$(certutil -L -d $CERTDB_DIR -n CA_agentE | grep "Not After" | awk -F ": " '{print $2}') + local end_date=$(certutil -L -d $CERTDB_DIR -n $CA_agentE_user | grep "Not After" | awk -F ": " '{print $2}') rlLog "Date & Time before Modifying system date: $cur_date" rlRun "chronyc -a 'manual on' 1> $TmpDir/chrony.out" 0 "Set chrony to manual mode" rlAssertGrep "200 OK" "$TmpDir/chrony.out" diff --git a/tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-revoke.sh b/tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-revoke.sh index 6c7019781..63d0e94f2 100755 --- a/tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-revoke.sh +++ b/tests/dogtag/acceptance/cli-tests/pki-cert-cli/pki-cert-revoke.sh @@ -83,28 +83,28 @@ run_pki-cert-revoke-ca_tests() local tmp_ca_host=$(eval echo \$${cs_Role}) local target_host=$(eval echo \$${cs_Role}) - # Setup SubCA for pki cert-revoke tests - rlPhaseStartSetup "Setup a Subordinate CA for pki cert-revoke" - local install_info=$TmpDir/install_info - rlLog "Setting up a Subordinate CA instance $subca_instance_name" - rlRun "rhcs_install_subca-BZ-501088 $subca_instance_name \ - $sub_ca_ldap_port \ - $sub_ca_http_port \ - $sub_ca_https_port \ - $sub_ca_ajp_port \ - $sub_ca_tomcat_port \ - $TmpDir $TmpDir/nssdb $install_info \ - $CA_INST \ - $target_host \ - $target_port \ - $target_https_port" - rlLog "Add CA Cert to $TEMP_NSS_DB" - rlRun "install_and_trust_CA_cert $SUBCA_SERVER_ROOT \"$TEMP_NSS_DB\"" - local subca_serialNumber=$(pki -h $target_host -p $target_port cert-find --name "SubCA-$subca_instance_name" --matchExactly | grep "Serial Number" | awk -F": " '{print $2}') - local STRIP_HEX_PKCS10=$(echo $subca_serialNumber | cut -dx -f2) - local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^} - local subca_decimal_serialNumber=$(echo "ibase=16;$CONV_UPP_VAL_PKCS10"|bc) - rlPhaseEnd +## # Setup SubCA for pki cert-revoke tests +# rlPhaseStartSetup "Setup a Subordinate CA for pki cert-revoke" +# local install_info=$TmpDir/install_info +# rlLog "Setting up a Subordinate CA instance $subca_instance_name" +# rlRun "rhcs_install_subca-BZ-501088 $subca_instance_name \ +# $sub_ca_ldap_port \ +# $sub_ca_http_port \ +# $sub_ca_https_port \ +# $sub_ca_ajp_port \ +# $sub_ca_tomcat_port \ +# $TmpDir $TmpDir/nssdb $install_info \ +# $CA_INST \ +# $target_host \ +# $target_port \ +# $target_https_port" +# rlLog "Add CA Cert to $TEMP_NSS_DB" +# rlRun "install_and_trust_CA_cert $SUBCA_SERVER_ROOT \"$TEMP_NSS_DB\"" +# local subca_serialNumber=$(pki -h $target_host -p $target_port cert-find --name "SubCA-$subca_instance_name" --matchExactly | grep "Serial Number" | awk -F": " '{print $2}') +# local STRIP_HEX_PKCS10=$(echo $subca_serialNumber | cut -dx -f2) +# local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^} +# local subca_decimal_serialNumber=$(echo "ibase=16;$CONV_UPP_VAL_PKCS10"|bc) +# rlPhaseEnd # pki cert cli config test rlPhaseStartTest "pki_cert_cli-configtest: pki cert-revoke --help configuration test" @@ -126,29 +126,29 @@ run_pki-cert-revoke-ca_tests() rlLog "FAIL :: https://engineering.redhat.com/trac/pki-tests/ticket/490" rlPhaseEnd - rlPhaseStartTest "pki_cert_revoke_001: Revoke a cert using Agent with same serial as Subordinate CA(BZ-501088)" - local i=1 - local upperlimit - let upperlimit=$subca_decimal_serialNumber-3 - while [ $i -ne $upperlimit ] ; do - rlRun "generate_new_cert tmp_nss_db:$TEMP_NSS_DB tmp_nss_db_pwd:$TEMP_NSS_DB_PWD myreq_type:pkcs10 \ - algo:rsa key_size:1024 subject_cn:\"Foo User$i\" subject_uid:FooUser$i subject_email:FooUser$i@example.org \ - subject_ou: subject_o: subject_c: archive:false req_profile: target_host:$target_host protocol: port:$sub_ca_http_port \ - cert_db_dir:$TEMP_NSS_DB cert_db_pwd:$TEMP_NSS_DB_PWD certdb_nick:\"$admin_cert_nickname\" cert_info:$cert_info" - let i=$i+1 - done - local revoked_cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2) - rlLog "Certificate that would be revoked is $revoked_cert_serialNumber" - rlRun "pki -d $TEMP_NSS_DB \ - -p $sub_ca_http_port \ - -h $target_host \ - -c $TEMP_NSS_DB_PWD \ - -n \"$admin_cert_nickname\" \ - cert-revoke $revoked_cert_serialNumber --force --reason Certificate_Hold 1> $expout" - rlAssertGrep "Placed certificate \"$revoked_cert_serialNumber\" on-hold" "$expout" - rlAssertGrep "Serial Number: $revoked_cert_serialNumber" "$expout" - rlAssertGrep "Status: REVOKED" "$expout" - rlPhaseEnd +# rlPhaseStartTest "pki_cert_revoke_001: Revoke a cert using Agent with same serial as Subordinate CA(BZ-501088)" +# local i=1 +# local upperlimit +# let upperlimit=$subca_decimal_serialNumber-3 +# while [ $i -ne $upperlimit ] ; do +# rlRun "generate_new_cert tmp_nss_db:$TEMP_NSS_DB tmp_nss_db_pwd:$TEMP_NSS_DB_PWD myreq_type:pkcs10 \ +# algo:rsa key_size:1024 subject_cn:\"Foo User$i\" subject_uid:FooUser$i subject_email:FooUser$i@example.org \ +# subject_ou: subject_o: subject_c: archive:false req_profile: target_host:$target_host protocol: port:$sub_ca_http_port \ +# cert_db_dir:$TEMP_NSS_DB cert_db_pwd:$TEMP_NSS_DB_PWD certdb_nick:\"$admin_cert_nickname\" cert_info:$cert_info" +# let i=$i+1 +# done +# local revoked_cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2) +# rlLog "Certificate that would be revoked is $revoked_cert_serialNumber" +# rlRun "pki -d $TEMP_NSS_DB \ +# -p $sub_ca_http_port \ +# -h $target_host \ +# -c $TEMP_NSS_DB_PWD \ +# -n \"$admin_cert_nickname\" \ +# cert-revoke $revoked_cert_serialNumber --force --reason Certificate_Hold 1> $expout" +# rlAssertGrep "Placed certificate \"$revoked_cert_serialNumber\" on-hold" "$expout" +# rlAssertGrep "Serial Number: $revoked_cert_serialNumber" "$expout" +# rlAssertGrep "Status: REVOKED" "$expout" +# rlPhaseEnd rlPhaseStartTest "pki_cert_revoke_002: pki cert-revoke <serialNumber>" rlLog "Generating temporary certificate" @@ -821,13 +821,13 @@ run_pki-cert-revoke-ca_tests() rlLog "Date after running chrony: $(date)" rlPhaseEnd - rlPhaseStartCleanup "Destroy SubCA & DS instance" - rlRun "pkidestroy -s CA -i $subca_instance_name > $TmpDir/$subca_instance_name-ca-clean.out" - rlAssertGrep "Uninstalling CA from /var/lib/pki/$subca_instance_name" "$TmpDir/$subca_instance_name-ca-clean.out" - rlAssertGrep "Uninstallation complete" "$TmpDir/$subca_instance_name-ca-clean.out" - rlRun "remove-ds.pl -i slapd-$subca_instance_name > $TmpDir/subca_instance_name-ds-clean.out" - rlAssertGrep "Instance slapd-$subca_instance_name removed" "$TmpDir/subca_instance_name-ds-clean.out" - rlPhaseEnd +# rlPhaseStartCleanup "Destroy SubCA & DS instance" +# rlRun "pkidestroy -s CA -i $subca_instance_name > $TmpDir/$subca_instance_name-ca-clean.out" +# rlAssertGrep "Uninstalling CA from /var/lib/pki/$subca_instance_name" "$TmpDir/$subca_instance_name-ca-clean.out" +# rlAssertGrep "Uninstallation complete" "$TmpDir/$subca_instance_name-ca-clean.out" +# rlRun "remove-ds.pl -i slapd-$subca_instance_name > $TmpDir/subca_instance_name-ds-clean.out" +# rlAssertGrep "Instance slapd-$subca_instance_name removed" "$TmpDir/subca_instance_name-ds-clean.out" +# rlPhaseEnd rlPhaseStartCleanup "pki cert-revoke cleanup: Delete temp dir" rlRun "popd" |