summaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
authorRoshni Pattath <rpattath@redhat.com>2014-04-15 21:58:53 -0400
committerRoshni Pattath <rpattath@redhat.com>2014-04-15 22:01:23 -0400
commit95a0fe5b755e84f8cabe28928fbaa7a5116708b1 (patch)
tree9bfa7d9ddc9bbbc422d2c1c36f710463f3ca6bab /tests
parent19664d23cf0808a25e736b97fb12144b60b84aba (diff)
downloadpki-95a0fe5b755e84f8cabe28928fbaa7a5116708b1.tar.gz
pki-95a0fe5b755e84f8cabe28928fbaa7a5116708b1.tar.xz
pki-95a0fe5b755e84f8cabe28928fbaa7a5116708b1.zip
Created a generic function for generating certs
Created a generic function for generating certs installation of ntpdate and set the env variable for ntpdate server
Diffstat (limited to 'tests')
-rwxr-xr-xtests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-add-ca.sh236
-rwxr-xr-xtests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-find-ca.sh287
-rwxr-xr-xtests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-mod-ca.sh2
-rwxr-xr-xtests/dogtag/acceptance/quickinstall/rhcs-install.sh5
-rw-r--r--tests/dogtag/shared/env.sh1
-rwxr-xr-xtests/dogtag/shared/pki-cert-cli-lib.sh59
6 files changed, 273 insertions, 317 deletions
diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-add-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-add-ca.sh
index 47c190bef..b020908cb 100755
--- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-add-ca.sh
+++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-add-ca.sh
@@ -56,6 +56,8 @@ user1=testuser1
user2=testuser2
user1fullname="Test user1"
user2fullname="Test user2"
+testname="pki_user_cert_add"
+
##### pki_user_cli_user_cert_add_ca-configtest ####
rlPhaseStartTest "pki_user_cli_user_cert-add-configtest-001: pki user-cert-add configuration test"
rlRun "pki user-cert-add > $TmpDir/pki_user_cert_add_cfg.out" \
@@ -75,7 +77,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-002: Add one cert to a user shou
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$user2fullname\" $user2"
- rlRun "generate_cert_cert_add $cert_info $k $user2 \"$user2fullname\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"$user2\" \"$user2fullname\" $user2@example.org $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -84,12 +86,12 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-002: Add one cert to a user shou
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user2 --input $TmpDir/pki_user_cert_add_CA_validcert_002.pem"
+ user-cert-add $user2 --input $TmpDir/pki_user_cert_add-CA_validcert_002.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user2 --input $TmpDir/pki_user_cert_add_CA_validcert_002.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_002.out" \
+ user-cert-add $user2 --input $TmpDir/pki_user_cert_add-CA_validcert_002.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_002.out" \
0 \
"Cert is added to the user $user2"
rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2,E=$user2@example.org,CN=$user2fullname,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_002.out"
@@ -103,15 +105,15 @@ rlPhaseEnd
##### Add multiple certs to a user #####
rlPhaseStartTest "pki_user_cli_user_cert-add-CA-003: Add multiple certs to a user should succeed"
- i=1
+ i=0
k=3
rlRun "pki -d $CERTDB_DIR \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$user1fullname\" $user1"
- while [ $i -lt 5 ] ; do
+ while [ $i -lt 4 ] ; do
- rlRun "generate_cert_cert_add $cert_info $k $user1$i \"$user1fullname$i\" $i" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"$user1$(($i+1))\" \"$user1fullname$(($i+1))\" $user1$(($i+1))@example.org $testname $i" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -121,20 +123,20 @@ rlPhaseEnd
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user1 --input $TmpDir/pki_user_cert_add_CA_validcert_003$i.pem"
+ user-cert-add $user1 --input $TmpDir/pki_user_cert_add-CA_validcert_003$i.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user1 --input $TmpDir/pki_user_cert_add_CA_validcert_003$i.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_003_$i.out" \
+ user-cert-add $user1 --input $TmpDir/pki_user_cert_add-CA_validcert_003$i.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_003_$i.out" \
0 \
"Cert is added to the user $user1"
- rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$i,E=$user1$i@example.org,CN=$user1fullname$i,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_003_$i.out"
- rlAssertGrep "Cert ID: 2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$i,E=$user1$i@example.org,CN=$user1fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_add_CA_useraddcert_003_$i.out"
+ rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_003_$i.out"
+ rlAssertGrep "Cert ID: 2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_add_CA_useraddcert_003_$i.out"
rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_add_CA_useraddcert_003_$i.out"
rlAssertGrep "Serial Number: $cert_serialNumber" "$TmpDir/pki_user_cert_add_CA_useraddcert_003_$i.out"
rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_add_CA_useraddcert_003_$i.out"
- rlAssertGrep "Subject: UID=$user1$i,E=$user1$i@example.org,CN=$user1fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_add_CA_useraddcert_003_$i.out"
+ rlAssertGrep "Subject: UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_add_CA_useraddcert_003_$i.out"
let i=$i+1
done
rlPhaseEnd
@@ -185,24 +187,14 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-004: Adding expired cert to a us
rlAssertGrep "Certificate ID:" "$TmpDir/pki_user_cert_add_CA_certapprovedshow_004.out"
local certificate_serial_number=`cat $TmpDir/pki_user_cert_add_CA_certapprovedshow_004.out | grep "Certificate ID:" | awk '{print $3}'`
rlLog "Cerificate Serial Number=$certificate_serial_number"
- serialhexuser2[$l]=$certificate_serial_number
- serialdecuser2[$l]=`printf "%d" $certificate_serial_number`
#Verify the certificate is valid
rlRun "pki cert-show $certificate_serial_number --encoded > $TmpDir/pki_user_cert_add_CA_certificate_show_004.out" 0 "Executing pki cert-show $certificate_serial_number"
rlAssertGrep "Subject: UID=$user2,E=$user2@example.org,CN=$user2fullname,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_add_CA_certificate_show_004.out"
rlAssertGrep "Status: VALID" "$TmpDir/pki_user_cert_add_CA_certificate_show_004.out"
rlRun "sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' $TmpDir/pki_user_cert_add_CA_certificate_show_004.out > $TmpDir/pki_user_cert_add_CA_validcert_004.pem"
- local packagename="ntpdate"
- rpm -qa | grep $packagename
- if [ $? -eq 1 ] ; then
- rlLog "$packagename is not installed"
- yum -y install ntpdate
- else
- rlLog "$packagename is installed"
- fi
currdate=`date`
rlLog "$currdate"
- rlRun "ntpdate clock.util.phx2.redhat.com" 0
+ rlRun "ntpdate $NTPDATE_SERVER" 0
rlRun "date -s '$cert_end_date'"
rlRun "date -s 'next day'"
@@ -225,7 +217,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-004: Adding expired cert to a us
rlRun "date --set='$endDate ago'"
nowdate=`date`
rlLog "$nowdate"
- rlRun "ntpdate clock.util.phx2.redhat.com"
+ rlRun "ntpdate $NTPDATE_SERVER"
rlPhaseEnd
@@ -233,7 +225,7 @@ rlPhaseEnd
##### Add revoked cert to a user #####
rlPhaseStartTest "pki_user_cli_user_cert-add-CA-005: Add revoked cert to a user should succeed"
k=5
- rlRun "generate_cert_cert_add $cert_info $k revoke_$user2 \"Revoke $user2fullname\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"revoke_$user2\" \"Revoke $user2fullname\" revoke_$user2@example.org $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -242,17 +234,17 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-005: Add revoked cert to a user
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- cert-revoke $cert_serialNumber --force > $TmpDir/pki_user_cert_add_CA_revokecert_005.out"
+ cert-revoke $cert_serialNumber --force > $TmpDir/pki_user_cert_add-CA_revokecert_005.out"
rlLog "Executing pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user2 --input $TmpDir/pki_user_cert_add_CA_validcert_005.pem"
+ user-cert-add $user2 --input $TmpDir/pki_user_cert_add-CA_validcert_005.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user2 --input $TmpDir/pki_user_cert_add_CA_validcert_005.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_005.out" \
+ user-cert-add $user2 --input $TmpDir/pki_user_cert_add-CA_validcert_005.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_005.out" \
0 \
"Revoked cert cannot be added to a user"
rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=revoke_$user2,E=revoke_$user2@example.org,CN=Revoke $user2fullname,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_005.out"
@@ -269,17 +261,17 @@ rlPhaseEnd
rlPhaseStartTest "pki_user_cli_user_cert-add-CA-006: Add one cert to a user should fail when USER ID is missing"
k=6
- rlRun "generate_cert_cert_add $cert_info $k expired__$user2 \"Expired $user2fullname\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"expired__$user2\" \"Expired $user2fullname\" expired__$user2@example.org $testname" 0 "Generating temp cert"
rlLog "Executing pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add --input $TmpDir/pki_user_cert_add_CA_validcert_006.pem"
+ user-cert-add --input $TmpDir/pki_user_cert_add-CA_validcert_006.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add --input $TmpDir/pki_user_cert_add_CA_validcert_006.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_006.out 2>&1" \
+ user-cert-add --input $TmpDir/pki_user_cert_add-CA_validcert_006.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_006.out 2>&1" \
1 \
"UserID missing"
rlAssertGrep "usage: user-cert-add <User ID> \[OPTIONS...\]" "$TmpDir/pki_user_cert_add_CA_useraddcert_006.out"
@@ -333,20 +325,20 @@ rlPhaseEnd
rlPhaseStartTest "pki_user_cli_user_cert-add-CA-009: Add one cert to a user should fail when the cert is invalid"
k=9
- rlRun "generate_cert_cert_add $cert_info $k invalid_$user2 \"Inavlid $user2fullname\"" 0 "Generating temp cert"
- rlRun "sed -i -e 's/-----BEGIN CERTIFICATE-----/BEGIN CERTIFICATE-----/g' $TmpDir/pki_user_cert_add_CA_validcert_009.pem"
+ rlRun "generate_user_cert $cert_info $k \"invalid_$user2\" \"Inavlid $user2fullname\" invalid_$user2@example.org $testname" 0 "Generating temp cert"
+ rlRun "sed -i -e 's/-----BEGIN CERTIFICATE-----/BEGIN CERTIFICATE-----/g' $TmpDir/pki_user_cert_add-CA_validcert_009.pem"
rlLog "Executing pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user2 --input $TmpDir/pki_user_cert_add_CA_validcert_009.pem"
+ user-cert-add $user2 --input $TmpDir/pki_user_cert_add-CA_validcert_009.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user2 --input $TmpDir/pki_user_cert_add_CA_validcert_009.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_009.out 2>&1" \
+ user-cert-add $user2 --input $TmpDir/pki_user_cert_add-CA_validcert_009.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_009.out 2>&1" \
1 \
- "Invalid Certificate cnnot be added to a user"
+ "Invalid Certificate cannot be added to a user"
rlAssertGrep "PKIException: Certificate exception" "$TmpDir/pki_user_cert_add_CA_useraddcert_009.out"
rlPhaseEnd
@@ -373,7 +365,7 @@ rlPhaseEnd
rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0011: Add one cert to a user - Should be able to add certs with i18n characters in the Subject name of the cert"
k=11
- rlRun "generate_cert_cert_add $cert_info $k \"Örjan Äke\" \"Örjan Äke\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"Örjan Äke\" \"Örjan Äke\" "test@example.org" $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -383,12 +375,12 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0011: Add one cert to a user - S
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user2 --input $TmpDir/pki_user_cert_add_CA_validcert_0011.pem"
+ user-cert-add $user2 --input $TmpDir/pki_user_cert_add-CA_validcert_0011.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user2 --input $TmpDir/pki_user_cert_add_CA_validcert_0011.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0011.out" \
+ user-cert-add $user2 --input $TmpDir/pki_user_cert_add-CA_validcert_0011.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0011.out" \
0 \
"Subject name of the cert has i18n characters"
rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=Örjan Äke,E=test@example.org,CN=Örjan Äke,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_0011.out"
@@ -410,7 +402,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0012: Add cert to a user of type
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$userFullname\" --type=Auditors $userid"
- rlRun "generate_cert_cert_add $cert_info $k $userid \"$userFullname\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"$userid\" \"$userFullname\" $userid@example.org $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -419,12 +411,12 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0012: Add cert to a user of type
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0012.pem"
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0012.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0012.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0012.out" \
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0012.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0012.out" \
0 \
"Cert is added to the user $userid"
rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$userid,E=$userid@example.org,CN=$userFullname,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_0012.out"
@@ -445,7 +437,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0013: Add cert to a user of type
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$userFullname\" --type=\"Certificate Manager Agents\" $userid"
- rlRun "generate_cert_cert_add $cert_info $k $userid \"$userFullname\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"$userid\" \"$userFullname\" $userid@example.org $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -454,12 +446,12 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0013: Add cert to a user of type
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0013.pem"
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0013.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0013.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0013.out" \
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0013.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0013.out" \
0 \
"Cert is added to the user $userid"
rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$userid,E=$userid@example.org,CN=$userFullname,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_0013.out"
@@ -480,7 +472,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0014: Add cert to a user of type
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$userFullname\" --type=\"Registration Manager Agents\" $userid"
- rlRun "generate_cert_cert_add $cert_info $k $userid \"$userFullname\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"$userid\" \"$userFullname\" $userid@example.org $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -489,12 +481,12 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0014: Add cert to a user of type
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0014.pem"
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0014.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0014.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0014.out" \
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0014.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0014.out" \
0 \
"Cert is added to the user $userid"
rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$userid,E=$userid@example.org,CN=$userFullname,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_0014.out"
@@ -515,7 +507,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0015: Add cert to a user of type
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$userFullname\" --type=\"Subsystem Group\" $userid"
- rlRun "generate_cert_cert_add $cert_info $k $userid \"$userFullname\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"$userid\" \"$userFullname\" $userid@example.org $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -524,12 +516,12 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0015: Add cert to a user of type
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0015.pem"
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0015.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0015.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0015.out" \
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0015.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0015.out" \
0 \
"Cert is added to the user $userid"
rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$userid,E=$userid@example.org,CN=$userFullname,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_0015.out"
@@ -550,7 +542,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0016: Add cert to a user of type
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$userFullname\" --type=\"Security Domain Administrators\" $userid"
- rlRun "generate_cert_cert_add $cert_info $k $userid \"$userFullname\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"$userid\" \"$userFullname\" $userid@example.org $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -559,12 +551,12 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0016: Add cert to a user of type
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0016.pem"
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0016.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0016.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0016.out" \
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0016.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0016.out" \
0 \
"Cert is added to the user $userid"
rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$userid,E=$userid@example.org,CN=$userFullname,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_0016.out"
@@ -585,7 +577,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0017: Add cert to a user of type
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$userFullname\" --type=ClonedSubsystems $userid"
- rlRun "generate_cert_cert_add $cert_info $k $userid \"$userFullname\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"$userid\" \"$userFullname\" $userid@example.org $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -594,12 +586,12 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0017: Add cert to a user of type
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0017.pem"
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0017.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0017.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0017.out" \
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0017.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0017.out" \
0 \
"Cert is added to the user $userid"
rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$userid,E=$userid@example.org,CN=$userFullname,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_0017.out"
@@ -620,7 +612,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0018: Add cert to a user of type
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$userFullname\" --type=\"Trusted Managers\" $userid"
- rlRun "generate_cert_cert_add $cert_info $k $userid \"$userFullname\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"$userid\" \"$userFullname\" $userid@example.org $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -629,12 +621,12 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0018: Add cert to a user of type
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0018.pem"
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0018.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0018.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0018.out" \
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0018.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0018.out" \
0 \
"Cert is added to the user $userid"
rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$userid,E=$userid@example.org,CN=$userFullname,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_0018.out"
@@ -664,7 +656,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0019: Add an Admin user "admin_u
-t ca \
group-member-add Administrators admin_user > $TmpDir/pki-user-add-ca-group0019.out"
- rlRun "generate_cert_cert_add $cert_info $k admin_user \"Admin User\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"admin_user\" \"Admin User\" "admin_user@example.org" $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -673,12 +665,12 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0019: Add an Admin user "admin_u
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add admin_user --input $TmpDir/pki_user_cert_add_CA_validcert_0019.pem"
+ user-cert-add admin_user --input $TmpDir/pki_user_cert_add-CA_validcert_0019.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add admin_user --input $TmpDir/pki_user_cert_add_CA_validcert_0019.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0019.out" \
+ user-cert-add admin_user --input $TmpDir/pki_user_cert_add-CA_validcert_0019.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0019.out" \
0 \
"Cert is added to the user admin_user"
rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=admin_user,E=admin_user@example.org,CN=Admin User,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_0019.out"
@@ -717,7 +709,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0020: Add an Agent user agent_us
-t ca \
group-member-add \"Certificate Manager Agents\" agent_user > $TmpDir/pki-user-add-ca-group0020.out"
k=20
- rlRun "generate_cert_cert_add $cert_info $k agent_user \"Agent User\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"agent_user\" \"Agent User\" "agent_user@example.org" $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -726,12 +718,12 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0020: Add an Agent user agent_us
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add agent_user --input $TmpDir/pki_user_cert_add_CA_validcert_0020.pem"
+ user-cert-add agent_user --input $TmpDir/pki_user_cert_add-CA_validcert_0020.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add agent_user --input $TmpDir/pki_user_cert_add_CA_validcert_0020.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0020.out" \
+ user-cert-add agent_user --input $TmpDir/pki_user_cert_add-CA_validcert_0020.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0020.out" \
0 \
"Add cert to agent_user"
rlAssertGrep "Added certificate \"2;$decimal_valid_serialNumber_pkcs10;CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=agent_user,E=agent_user@example.org,CN=Agent User,OU=Engineering,O=Example,C=US\"" "$TmpDir/pki_user_cert_add_CA_useraddcert_0020.out"
@@ -776,7 +768,7 @@ rlPhaseEnd
##### Adding a cert as an CA_agentV #####
-rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0021: Adding a cert as CA_agentV"
+rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0021: Adding a cert as CA_agentV should fail"
k=21
local userid="new_user1"
local userFullname="New User1"
@@ -785,7 +777,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0021: Adding a cert as CA_agentV
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$userFullname\" $userid"
- rlRun "generate_cert_cert_add $cert_info $k $userid \"$userFullname\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"$userid\" \"$userFullname\" $userid@example.org $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -794,20 +786,21 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0021: Adding a cert as CA_agentV
-n CA_agentV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0021.pem"
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0021.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_agentV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0021.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0021.out 2>&1" \
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0021.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0021.out 2>&1" \
1 \
- "Cert is added to the user $userid"
+ "Adding cert to a user as CA_agentV"
+ rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki_user_cert_add_CA_useraddcert_0021.out"
rlPhaseEnd
##### Adding a cert as an CA_auditorV #####
-rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0022: Adding a cert as CA_auditorV"
+rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0022: Adding a cert as CA_auditorV should fail"
k=22
local userid="new_user2"
local userFullname="New User2"
@@ -816,7 +809,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0022: Adding a cert as CA_audito
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$userFullname\" $userid"
- rlRun "generate_cert_cert_add $cert_info $k $userid \"$userFullname\"" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"$userid\" \"$userFullname\" $userid@example.org $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -825,15 +818,55 @@ rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0022: Adding a cert as CA_audito
-n CA_auditorV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0022.pem"
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0022.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_auditorV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $userid --input $TmpDir/pki_user_cert_add_CA_validcert_0022.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0022.out 2>&1" \
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0022.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0022.out 2>&1" \
1 \
"Cert is added to the user $userid"
+ rlAssertGrep "ProcessingException: Unable to invoke request" "$TmpDir/pki_user_cert_add_CA_useraddcert_0022.out"
+ rlLog "FAIL: https://fedorahosted.org/pki/ticket/962"
+
+rlPhaseEnd
+
+
+ ##### Adding a cert as an CA_adminE #####
+
+rlPhaseStartTest "pki_user_cli_user_cert-add-CA-0023: Adding a cert as CA_adminE should fail"
+ k=23
+ local userid="new_user3"
+ local userFullname="New User3"
+ rlRun "pki -d $CERTDB_DIR \
+ -n CA_adminV \
+ -c $CERTDB_DIR_PASSWORD \
+ user-add --fullName=\"$userFullname\" $userid"
+
+ rlRun "generate_user_cert $cert_info $k \"$userid\" \"$userFullname\" $userid@example.org $testname" 0 "Generating temp cert"
+ local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
+ local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
+ local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
+ local decimal_valid_serialNumber_pkcs10=$(echo "ibase=16;$CONV_UPP_VAL_PKCS10"|bc)
+ rlRun "date --set='next day'" 0 "Set System date a day ahead"
+ rlRun "date --set='next day'" 0 "Set System date a day ahead"
+ rlRun "date"
+ rlLog "Executing pki -d $CERTDB_DIR/ \
+ -n CA_adminE \
+ -c $CERTDB_DIR_PASSWORD \
+ -t ca \
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0023.pem"
+ rlRun "pki -d $CERTDB_DIR/ \
+ -n CA_adminE \
+ -c $CERTDB_DIR_PASSWORD \
+ -t ca \
+ user-cert-add $userid --input $TmpDir/pki_user_cert_add-CA_validcert_0023.pem > $TmpDir/pki_user_cert_add_CA_useraddcert_0023.out 2>&1" \
+ 1 \
+ "Cert is added to the user $userid"
+ rlAssertGrep "ProcessingException: Unable to invoke request" "$TmpDir/pki_user_cert_add_CA_useraddcert_0023.out"
+ rlLog "FAIL: https://fedorahosted.org/pki/ticket/962"
+ rlRun "date --set='2 days ago'" 0 "Set System back to the present day"
rlPhaseEnd
@@ -858,59 +891,4 @@ rlPhaseStartTest "pki_user_cli_user_cleanup: Deleting role users"
}
-generate_cert_cert_add()
-{
-
- local reqstatus
- local requestid
- local requestdn
- local CERT_INFO="$1"
- local file_no="$2"
- local user_id="$3"
- local userfullname="$4"
- local ext=".out"
- local cert_ext=".pem"
- local num="$5"
- if [ "$user_id" = "Örjan Äke" ] ; then
- rlRun "create_cert_request $CERTDB_DIR redhat123 pkcs10 rsa 2048 \"Örjan Äke\" \"Örjan Äke\" "test@example.org" "Engineering" "Example" "US" "--" "reqstatus" "requestid" "requestdn""
- else
- rlRun "create_cert_request $CERTDB_DIR redhat123 pkcs10 rsa 2048 \"$userfullname\" "$user_id" "$user_id@example.org" "Engineering" "Example" "US" "--" "reqstatus" "requestid" "requestdn""
- fi
-
- rlRun "pki cert-request-show $requestid > $TmpDir/pki_user_cert_add_CA_certrequestshow_00$file_no$num$ext" 0 "Executing pki cert-request-show $requestid"
- rlAssertGrep "Request ID: $requestid" "$TmpDir/pki_user_cert_add_CA_certrequestshow_00$file_no$num$ext"
- rlAssertGrep "Type: enrollment" "$TmpDir/pki_user_cert_add_CA_certrequestshow_00$file_no$num$ext"
- rlAssertGrep "Status: pending" "$TmpDir/pki_user_cert_add_CA_certrequestshow_00$file_no$num$ext"
- rlAssertGrep "Operation Result: success" "$TmpDir/pki_user_cert_add_CA_certrequestshow_00$file_no$num$ext"
-
- #Agent Approve the certificate after reviewing the cert for the user
- rlLog "Executing: pki -d $CERTDB_DIR/ \
- -n CA_agentV \
- -c $CERTDB_DIR_PASSWORD \
- -t ca \
- cert-request-review --action=approve $requestid"
- rlRun "pki -d $CERTDB_DIR/ \
- -n CA_agentV \
- -c $CERTDB_DIR_PASSWORD \
- -t ca \
- cert-request-review --action=approve $requestid > $TmpDir/pki_user_cert_add_CA_certapprove_00$file_no$num$ext" \
- 0 \
- "CA agent approve the cert"
- rlAssertGrep "Approved certificate request $requestid" "$TmpDir/pki_user_cert_add_CA_certapprove_00$file_no$num$ext"
- rlRun "pki cert-request-show $requestid > $TmpDir/pki_user_cert_add_CA_certapprovedshow_00$file_no$num$ext" 0 "Executing pki cert-request-show $requestid"
- rlAssertGrep "Request ID: $requestid" "$TmpDir/pki_user_cert_add_CA_certapprovedshow_00$file_no$num$ext"
- rlAssertGrep "Type: enrollment" "$TmpDir/pki_user_cert_add_CA_certapprovedshow_00$file_no$num$ext"
- rlAssertGrep "Status: complete" "$TmpDir/pki_user_cert_add_CA_certapprovedshow_00$file_no$num$ext"
- rlAssertGrep "Certificate ID:" "$TmpDir/pki_user_cert_add_CA_certapprovedshow_00$file_no$num$ext"
- local certificate_serial_number=`cat $TmpDir/pki_user_cert_add_CA_certapprovedshow_00$file_no$num$ext | grep "Certificate ID:" | awk '{print $3}'`
- rlLog "Cerificate Serial Number=$certificate_serial_number"
- #Verify the certificate is valid
- rlRun "pki cert-show $certificate_serial_number --encoded > $TmpDir/pki_user_cert_add_CA_certificate_show_00$file_no$num$ext" 0 "Executing pki cert-show $certificate_serial_number"
-
- rlRun "sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' $TmpDir/pki_user_cert_add_CA_certificate_show_00$file_no$num$ext > $TmpDir/pki_user_cert_add_CA_validcert_00$file_no$num$cert_ext"
- rlRun "certutil -d $CERTDB_DIR -A -n \"$user_id\" -i $TmpDir/pki_user_cert_add_CA_validcert_00$file_no$num$cert_ext -t "u,u,u""
- echo cert_serialNumber-$certificate_serial_number > $CERT_INFO
- echo cert_requestdn-$requestdn >> $CERT_INFO
- return 0;
-}
diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-find-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-find-ca.sh
index 901475458..132b338d3 100755
--- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-find-ca.sh
+++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-cert-find-ca.sh
@@ -58,7 +58,7 @@ user2fullname="Test user2"
user3=testuser3
user3fullname="Test user3"
cert_info="$TmpDir/cert_info"
-
+testname="pki_user_cert_find"
##### pki_user_cli_user_cert_find_ca-configtest ####
rlPhaseStartTest "pki_user_cli_user_cert-find-configtest-001: pki user-cert-find configuration test"
@@ -74,14 +74,13 @@ cert_info="$TmpDir/cert_info"
rlPhaseStartTest "pki_user_cli_user_cert-find-CA-002: Find the certs of a user in CA --userid only - single page of certs"
i=0
-# l=0
k=2
rlRun "pki -d $CERTDB_DIR \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$user1fullname\" $user1"
while [ $i -lt 4 ] ; do
- rlRun "generate_cert_cert_find $cert_info $k $user1$(($i+1)) \"$user1fullname$(($i+1))\" $i" 0 "Generating temp cert"
+ rlRun "generate_user_cert $cert_info $k \"$user1$(($i+1))\" \"$user1fullname$(($i+1))\" $user1$(($i+1))@example.org $testname $i" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -92,16 +91,15 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-002: Find the certs of a user i
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user1 --input $TmpDir/pki_user_cert_find_CA_validcert_002$i.pem"
+ user-cert-add $user1 --input $TmpDir/pki_user_cert_find-CA_validcert_002$i.pem"
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user1 --input $TmpDir/pki_user_cert_find_CA_validcert_002$i.pem > $TmpDir/useraddcert__002_$i.out" \
+ user-cert-add $user1 --input $TmpDir/pki_user_cert_find-CA_validcert_002$i.pem > $TmpDir/useraddcert__002_$i.out" \
0 \
"Cert is added to the user $user1"
let i=$i+1
- #let l=$l+1
done
rlLog "Executing: pki -d $CERTDB_DIR/ \
-n CA_adminV \
@@ -115,48 +113,43 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-002: Find the certs of a user i
user-cert-find $user1 > $TmpDir/pki_user_cert_find_ca_002.out" \
0 \
"Finding certs assigned to $user1"
- #let i=$i-1
numcertsuser1=$i
rlAssertGrep "$i entries matched" "$TmpDir/pki_user_cert_find_ca_002.out"
rlAssertGrep "Number of entries returned $i" "$TmpDir/pki_user_cert_find_ca_002.out"
i=0
- #l=0
while [ $i -lt 4 ] ; do
- rlAssertGrep "Cert ID: 2;${serialdecuser1[$i]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$(($i+1)),E=$user1$(($i+1))i@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_002.out"
- rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_002.out"
- rlAssertGrep "Serial Number: ${serialhexuser1[$i]}" "$TmpDir/pki_user_cert_find_ca_002.out"
- rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_002.out"
- rlAssertGrep "Subject: UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_002.out"
- let i=$i+1
- #let l=$l+1
- done
- rlPhaseEnd
+ rlAssertGrep "Cert ID: 2;${serialdecuser1[$i]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_002.out"
+ rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_002.out"
+ rlAssertGrep "Serial Number: ${serialhexuser1[$i]}" "$TmpDir/pki_user_cert_find_ca_002.out"
+ rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_002.out"
+ rlAssertGrep "Subject: UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_002.out"
+ let i=$i+1
+ done
+rlPhaseEnd
rlPhaseStartTest "pki_user_cli_user_cert-find-CA-003: Find the certs of a user in CA --userid only - multiple pages of certs"
- i=1
- l=0
+ i=0
k=3
rlRun "pki -d $CERTDB_DIR \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
user-add --fullName=\"$user2fullname\" $user2"
- while [ $i -lt 25 ] ; do
- rlRun "generate_cert_cert_find $cert_info $k $user2$i \"$user2fullname$i\" $i" 0 "Generating temp cert"
+ while [ $i -lt 24 ] ; do
+ rlRun "generate_user_cert $cert_info $k \"$user2$(($i+1))\" \"$user2fullname$(($i+1))\" $user2$(($i+1))@example.org $testname $i" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
local decimal_valid_serialNumber_pkcs10=$(echo "ibase=16;$CONV_UPP_VAL_PKCS10"|bc)
- serialhexuser2[$l]=$cert_serialNumber
- serialdecuser2[$l]=$decimal_valid_serialNumber_pkcs10
+ serialhexuser2[$i]=$cert_serialNumber
+ serialdecuser2[$i]=$decimal_valid_serialNumber_pkcs10
rlRun "pki -d $CERTDB_DIR/ \
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user2 --input $TmpDir/pki_user_cert_find_CA_validcert_003$i.pem > $TmpDir/useraddcert__003_$i.out" \
+ user-cert-add $user2 --input $TmpDir/pki_user_cert_find-CA_validcert_003$i.pem > $TmpDir/useraddcert__003_$i.out" \
0 \
"Cert is added to the user $user2"
let i=$i+1
- let l=$l+1
done
rlLog "Executing: pki -d $CERTDB_DIR/ \
-n CA_adminV \
@@ -170,19 +163,16 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-003: Find the certs of a user i
user-cert-find $user2 > $TmpDir/pki_user_cert_find_ca_003.out" \
0 \
"Finding certs assigned to $user2"
- let i=$i-1
numcertsuser2=$i
rlAssertGrep "$i entries matched" "$TmpDir/pki_user_cert_find_ca_003.out"
- i=1
- l=0
- while [ $i -lt 21 ] ; do
- rlAssertGrep "Cert ID: 2;${serialdecuser2[$l]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_003.out"
+ i=0
+ while [ $i -lt 20 ] ; do
+ rlAssertGrep "Cert ID: 2;${serialdecuser2[$i]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$(($i+1)),E=$user2$(($i+1))@example.org,CN=$user2fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_003.out"
rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_003.out"
- rlAssertGrep "Serial Number: ${serialhexuser2[$l]}" "$TmpDir/pki_user_cert_find_ca_003.out"
+ rlAssertGrep "Serial Number: ${serialhexuser2[$i]}" "$TmpDir/pki_user_cert_find_ca_003.out"
rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_003.out"
- rlAssertGrep "Subject: UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_003.out"
+ rlAssertGrep "Subject: UID=$user2$(($i+1)),E=$user2$(($i+1))@example.org,CN=$user2fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_003.out"
let i=$i+1
- let l=$l+1
done
rlAssertGrep "Number of entries returned 20" "$TmpDir/pki_user_cert_find_ca_003.out"
rlPhaseEnd
@@ -246,16 +236,14 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-006: Find the certs of a user i
"Finding certs assigned to $user1 - --size=2"
rlAssertGrep "$numcertsuser1 entries matched" "$TmpDir/pki_user_cert_find_ca_006.out"
rlAssertGrep "Number of entries returned 2" "$TmpDir/pki_user_cert_find_ca_006.out"
- i=1
- l=0
- while [ $i -lt 3 ] ; do
- rlAssertGrep "Cert ID: 2;${serialdecuser1[$l]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$i,E=$user1$i@example.org,CN=$user1fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_006.out"
+ i=0
+ while [ $i -lt 2 ] ; do
+ rlAssertGrep "Cert ID: 2;${serialdecuser1[$i]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_006.out"
rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_006.out"
- rlAssertGrep "Serial Number: ${serialhexuser1[$l]}" "$TmpDir/pki_user_cert_find_ca_006.out"
+ rlAssertGrep "Serial Number: ${serialhexuser1[$i]}" "$TmpDir/pki_user_cert_find_ca_006.out"
rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_006.out"
- rlAssertGrep "Subject: UID=$user1$i,E=$user1$i@example.org,CN=$user1fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_006.out"
+ rlAssertGrep "Subject: UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_006.out"
let i=$i+1
- let l=$l+1
done
rlPhaseEnd
@@ -311,16 +299,14 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-009: Find the certs of a user i
"Finding certs assigned to $user1 - --size=50"
rlAssertGrep "$numcertsuser1 entries matched" "$TmpDir/pki_user_cert_find_ca_009.out"
rlAssertGrep "Number of entries returned $numcertsuser1" "$TmpDir/pki_user_cert_find_ca_009.out"
- i=1
- l=0
- while [ $i -lt 5 ] ; do
- rlAssertGrep "Cert ID: 2;${serialdecuser1[$l]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$i,E=$user1$i@example.org,CN=$user1fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_009.out"
+ i=0
+ while [ $i -lt 4 ] ; do
+ rlAssertGrep "Cert ID: 2;${serialdecuser1[$i]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_009.out"
rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_009.out"
- rlAssertGrep "Serial Number: ${serialhexuser1[$l]}" "$TmpDir/pki_user_cert_find_ca_009.out"
+ rlAssertGrep "Serial Number: ${serialhexuser1[$i]}" "$TmpDir/pki_user_cert_find_ca_009.out"
rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_009.out"
- rlAssertGrep "Subject: UID=$user1$i,E=$user1$i@example.org,CN=$user1fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_009.out"
+ rlAssertGrep "Subject: UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_009.out"
let i=$i+1
- let l=$l+1
done
rlPhaseEnd
@@ -343,16 +329,14 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-010: Find the certs of a user i
rlAssertGrep "$numcertsuser1 entries matched" "$TmpDir/pki_user_cert_find_ca_010.out"
let newnumcerts=$numcertsuser1-2
rlAssertGrep "Number of entries returned $newnumcerts" "$TmpDir/pki_user_cert_find_ca_010.out"
- i=3
- l=2
- while [ $i -lt 5 ] ; do
- rlAssertGrep "Cert ID: 2;${serialdecuser1[$l]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$i,E=$user1$i@example.org,CN=$user1fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_010.out"
+ i=2
+ while [ $i -lt 4 ] ; do
+ rlAssertGrep "Cert ID: 2;${serialdecuser1[$i]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_010.out"
rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_010.out"
- rlAssertGrep "Serial Number: ${serialhexuser1[$l]}" "$TmpDir/pki_user_cert_find_ca_010.out"
+ rlAssertGrep "Serial Number: ${serialhexuser1[$i]}" "$TmpDir/pki_user_cert_find_ca_010.out"
rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_010.out"
- rlAssertGrep "Subject: UID=$user1$i,E=$user1$i@example.org,CN=$user1fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_010.out"
+ rlAssertGrep "Subject: UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_010.out"
let i=$i+1
- let l=$l+1
done
rlPhaseEnd
@@ -372,16 +356,14 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-011: Find the certs of a user i
"Finding certs assigned to $user1 - --start=0"
rlAssertGrep "$numcertsuser1 entries matched" "$TmpDir/pki_user_cert_find_ca_011.out"
rlAssertGrep "Number of entries returned $numcertsuser1" "$TmpDir/pki_user_cert_find_ca_011.out"
- i=1
- l=0
- while [ $i -lt 5 ] ; do
- rlAssertGrep "Cert ID: 2;${serialdecuser1[$l]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$i,E=$user1$i@example.org,CN=$user1fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_009.out"
+ i=0
+ while [ $i -lt 4 ] ; do
+ rlAssertGrep "Cert ID: 2;${serialdecuser1[$i]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_009.out"
rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_009.out"
- rlAssertGrep "Serial Number: ${serialhexuser1[$l]}" "$TmpDir/pki_user_cert_find_ca_009.out"
+ rlAssertGrep "Serial Number: ${serialhexuser1[$i]}" "$TmpDir/pki_user_cert_find_ca_009.out"
rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_009.out"
- rlAssertGrep "Subject: UID=$user1$i,E=$user1$i@example.org,CN=$user1fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_009.out"
+ rlAssertGrep "Subject: UID=$user1$(($i+1)),E=$user1$(($i+1))@example.org,CN=$user1fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_009.out"
let i=$i+1
- let l=$l+1
done
rlPhaseEnd
@@ -401,16 +383,14 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-012: Find the certs of a user i
"Finding certs assigned to $user2 - --start=0"
rlAssertGrep "$numcertsuser2 entries matched" "$TmpDir/pki_user_cert_find_ca_012.out"
rlAssertGrep "Number of entries returned 20" "$TmpDir/pki_user_cert_find_ca_012.out"
- i=1
- l=0
- while [ $i -lt 21 ] ; do
- rlAssertGrep "Cert ID: 2;${serialdecuser2[$l]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_012.out"
+ i=0
+ while [ $i -lt 20 ] ; do
+ rlAssertGrep "Cert ID: 2;${serialdecuser2[$i]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$(($i+1)),E=$user2$(($i+1))@example.org,CN=$user2fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_012.out"
rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_012.out"
- rlAssertGrep "Serial Number: ${serialhexuser2[$l]}" "$TmpDir/pki_user_cert_find_ca_012.out"
+ rlAssertGrep "Serial Number: ${serialhexuser2[$i]}" "$TmpDir/pki_user_cert_find_ca_012.out"
rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_012.out"
- rlAssertGrep "Subject: UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_012.out"
+ rlAssertGrep "Subject: UID=$user2$(($i+1)),E=$user2$(($i+1))@example.org,CN=$user2fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_012.out"
let i=$i+1
- let l=$l+1
done
rlPhaseEnd
@@ -531,16 +511,14 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-018: Find the certs of a user i
rlAssertGrep "$numcertsuser2 entries matched" "$TmpDir/pki_user_cert_find_ca_018.out"
let newnumcert=$numcertsuser2-20
rlAssertGrep "Number of entries returned $newnumcert" "$TmpDir/pki_user_cert_find_ca_018.out"
- i=21
- l=20
- while [ $i -lt 25 ] ; do
- rlAssertGrep "Cert ID: 2;${serialdecuser2[$l]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_018.out"
+ i=20
+ while [ $i -lt 24 ] ; do
+ rlAssertGrep "Cert ID: 2;${serialdecuser2[$i]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$(($i+1)),E=$user2$(($i+1))@example.org,CN=$user2fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_018.out"
rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_018.out"
- rlAssertGrep "Serial Number: ${serialhexuser2[$l]}" "$TmpDir/pki_user_cert_find_ca_018.out"
+ rlAssertGrep "Serial Number: ${serialhexuser2[$i]}" "$TmpDir/pki_user_cert_find_ca_018.out"
rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_018.out"
- rlAssertGrep "Subject: UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_018.out"
+ rlAssertGrep "Subject: UID=$user2$(($i+1)),E=$user2$(($i+1))@example.org,CN=$user2fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_018.out"
let i=$i+1
- let l=$l+1
done
rlPhaseEnd
@@ -560,16 +538,14 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-019: Find the certs of a user i
"Finding certs assigned to $user2 - --start=0 --size=22"
rlAssertGrep "$numcertsuser2 entries matched" "$TmpDir/pki_user_cert_find_ca_019.out"
rlAssertGrep "Number of entries returned 22" "$TmpDir/pki_user_cert_find_ca_019.out"
- i=1
- l=0
- while [ $i -lt 23 ] ; do
- rlAssertGrep "Cert ID: 2;${serialdecuser2[$l]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_019.out"
+ i=0
+ while [ $i -lt 22 ] ; do
+ rlAssertGrep "Cert ID: 2;${serialdecuser2[$i]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$(($i+1)),E=$user2$(($i+1))@example.org,CN=$user2fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_019.out"
rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_019.out"
- rlAssertGrep "Serial Number: ${serialhexuser2[$l]}" "$TmpDir/pki_user_cert_find_ca_019.out"
+ rlAssertGrep "Serial Number: ${serialhexuser2[$i]}" "$TmpDir/pki_user_cert_find_ca_019.out"
rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_019.out"
- rlAssertGrep "Subject: UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_019.out"
+ rlAssertGrep "Subject: UID=$user2$(($i+1)),E=$user2$(($i+1))@example.org,CN=$user2fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_019.out"
let i=$i+1
- let l=$l+1
done
rlPhaseEnd
@@ -589,13 +565,12 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-020: Find the certs of a user i
"Finding certs assigned to $user2 - --start=22 --size=1"
rlAssertGrep "$numcertsuser2 entries matched" "$TmpDir/pki_user_cert_find_ca_020.out"
rlAssertGrep "Number of entries returned 1" "$TmpDir/pki_user_cert_find_ca_020.out"
- i=23
- l=22
- rlAssertGrep "Cert ID: 2;${serialdecuser2[$l]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_020.out"
+ i=22
+ rlAssertGrep "Cert ID: 2;${serialdecuser2[$i]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$(($i+1)),E=$user2$(($i+1))@example.org,CN=$user2fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_020.out"
rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_020.out"
- rlAssertGrep "Serial Number: ${serialhexuser2[$l]}" "$TmpDir/pki_user_cert_find_ca_020.out"
+ rlAssertGrep "Serial Number: ${serialhexuser2[$i]}" "$TmpDir/pki_user_cert_find_ca_020.out"
rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_020.out"
- rlAssertGrep "Subject: UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_020.out"
+ rlAssertGrep "Subject: UID=$user2$(($i+1)),E=$user2$(($i+1))@example.org,CN=$user2fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_020.out"
rlPhaseEnd
@@ -615,24 +590,22 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-021: Find the certs of a user i
"Finding certs assigned to $user2 - --start=22 --size=5"
rlAssertGrep "$numcertsuser2 entries matched" "$TmpDir/pki_user_cert_find_ca_021.out"
rlAssertGrep "Number of entries returned 2" "$TmpDir/pki_user_cert_find_ca_021.out"
- i=23
- l=22
- while [ $i -lt 25 ] ; do
- rlAssertGrep "Cert ID: 2;${serialdecuser2[$l]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_021.out"
+ i=22
+ while [ $i -lt 24 ] ; do
+ rlAssertGrep "Cert ID: 2;${serialdecuser2[$i]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$(($i+1)),E=$user2$(($i+1))@example.org,CN=$user2fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_021.out"
rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_021.out"
- rlAssertGrep "Serial Number: ${serialhexuser2[$l]}" "$TmpDir/pki_user_cert_find_ca_021.out"
+ rlAssertGrep "Serial Number: ${serialhexuser2[$i]}" "$TmpDir/pki_user_cert_find_ca_021.out"
rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_021.out"
- rlAssertGrep "Subject: UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_021.out"
+ rlAssertGrep "Subject: UID=$user2$(($i+1)),E=$user2$(($i+1))@example.org,CN=$user2fullname$(($i+1)),OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_021.out"
let i=$i+1
- let l=$l+1
done
rlPhaseEnd
##### Tests to find certs assigned to CA users - i18n characters ####
rlPhaseStartTest "pki_user_cli_user_cert-find-CA-022: Find certs assigned to user \"CN=Örjan Äke,UID=Örjan Äke\" i18n Characters"
- k=22
- rlRun "generate_cert_cert_find $cert_info $k \"Örjan Äke\" \"Örjan Äke\"" 0 "Generating temp cert"
+ k=22
+ rlRun "generate_user_cert $cert_info $k \"Örjan Äke\" \"Örjan Äke\" "test@example.org" $testname" 0 "Generating temp cert"
local cert_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
local STRIP_HEX_PKCS10=$(echo $cert_serialNumber | cut -dx -f2)
local CONV_UPP_VAL_PKCS10=${STRIP_HEX_PKCS10^^}
@@ -641,7 +614,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-022: Find certs assigned to use
-n CA_adminV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-add $user1 --input $TmpDir/pki_user_cert_find_CA_validcert_0022.pem > $TmpDir/useraddcer0t__003.out" \
+ user-cert-add $user1 --input $TmpDir/pki_user_cert_find-CA_validcert_0022.pem > $TmpDir/useraddcert__0022.out" \
0 \
"Cert is added to the user $user1"
rlLog "Executing: pki -d $CERTDB_DIR/ \
@@ -657,7 +630,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-022: Find certs assigned to use
0 \
"Finding certs assigned to $user1"
let numcertsuser1=$numcertsuser1+1
- i=5
+ i=4
rlAssertGrep "$numcertsuser1 entries matched" "$TmpDir/pki_user_cert_find_ca_022.out"
rlAssertGrep "Number of entries returned $numcertsuser1" "$TmpDir/pki_user_cert_find_ca_022.out"
@@ -669,7 +642,7 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-022: Find certs assigned to use
rlPhaseEnd
- rlPhaseStartTest "pki_user_cli_user_cert-find-CA-023: Find the certs of a user as CA_agentV"
+rlPhaseStartTest "pki_user_cli_user_cert-find-CA-023: Find the certs of a user as CA_agentV should fail"
rlLog "Executing: pki -d $CERTDB_DIR/ \
-n CA_agentV \
@@ -680,25 +653,14 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-022: Find certs assigned to use
-n CA_agentV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-find $user2 > $TmpDir/pki_user_cert_find_ca_023.out" \
- 0 \
+ user-cert-find $user2 > $TmpDir/pki_user_cert_find_ca_023.out 2>&1" \
+ 1 \
"Finding certs assigned to $user2 as CA_agentV"
- rlAssertGrep "$numcertsuser2 entries matched" "$TmpDir/pki_user_cert_find_ca_023.out"
- rlAssertGrep "Number of entries returned 20" "$TmpDir/pki_user_cert_find_ca_023.out"
- i=1
- l=0
- while [ $i -lt 25 ] ; do
- rlAssertGrep "Cert ID: 2;${serialdecuser2[$l]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_023.out"
- rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_023.out"
- rlAssertGrep "Serial Number: ${serialhexuser2[$l]}" "$TmpDir/pki_user_cert_find_ca_023.out"
- rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_023.out"
- rlAssertGrep "Subject: UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_023.out"
- let i=$i+1
- let l=$l+1
- done
+ rlAssertGrep "ForbiddenException: Authorization failed on resource: certServer.ca.users, operation: execute" "$TmpDir/pki_user_cert_find_ca_023.out"
rlPhaseEnd
-rlPhaseStartTest "pki_user_cli_user_cert-find-CA-024: Find the certs of a user as CA_auditorV"
+
+rlPhaseStartTest "pki_user_cli_user_cert-find-CA-024: Find the certs of a user as CA_auditorV should fail"
rlLog "Executing: pki -d $CERTDB_DIR/ \
-n CA_auditorV \
@@ -709,22 +671,32 @@ rlPhaseStartTest "pki_user_cli_user_cert-find-CA-024: Find the certs of a user a
-n CA_auditorV \
-c $CERTDB_DIR_PASSWORD \
-t ca \
- user-cert-find $user2 > $TmpDir/pki_user_cert_find_ca_024.out" \
- 0 \
+ user-cert-find $user2 > $TmpDir/pki_user_cert_find_ca_024.out 2>&1" \
+ 1 \
"Finding certs assigned to $user2 as CA_auditorV"
- rlAssertGrep "$numcertsuser2 entries matched" "$TmpDir/pki_user_cert_find_ca_024.out"
- rlAssertGrep "Number of entries returned 20" "$TmpDir/pki_user_cert_find_ca_024.out"
- i=1
- l=0
- while [ $i -lt 25 ] ; do
- rlAssertGrep "Cert ID: 2;${serialdecuser2[$l]};CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain;UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_024.out"
- rlAssertGrep "Version: 2" "$TmpDir/pki_user_cert_find_ca_024.out"
- rlAssertGrep "Serial Number: ${serialhexuser2[$l]}" "$TmpDir/pki_user_cert_find_ca_024.out"
- rlAssertGrep "Issuer: CN=CA Signing Certificate,O=$CA_DOMAIN Security Domain" "$TmpDir/pki_user_cert_find_ca_024.out"
- rlAssertGrep "Subject: UID=$user2$i,E=$user2$i@example.org,CN=$user2fullname$i,OU=Engineering,O=Example,C=US" "$TmpDir/pki_user_cert_find_ca_024.out"
- let i=$i+1
- let l=$l+1
- done
+ rlAssertGrep "ProcessingException: Unable to invoke request" "$TmpDir/pki_user_cert_find_ca_024.out"
+ rlLog "FAIL: https://fedorahosted.org/pki/ticket/962"
+rlPhaseEnd
+
+rlPhaseStartTest "pki_user_cli_user_cert-find-CA-025: Find the certs of a user as CA_adminE"
+ rlRun "date --set='next day'" 0 "Set System date a day ahead"
+ rlRun "date --set='next day'" 0 "Set System date a day ahead"
+ rlRun "date"
+ rlLog "Executing: pki -d $CERTDB_DIR/ \
+ -n CA_adminE \
+ -c $CERTDB_DIR_PASSWORD \
+ -t ca \
+ user-cert-find $user2"
+ rlRun "pki -d $CERTDB_DIR/ \
+ -n CA_adminE \
+ -c $CERTDB_DIR_PASSWORD \
+ -t ca \
+ user-cert-find $user2 > $TmpDir/pki_user_cert_find_ca_025.out 2>&1" \
+ 1 \
+ "Finding certs assigned to $user2 as CA_adminE"
+ rlAssertGrep "ProcessingException: Unable to invoke request" "$TmpDir/pki_user_cert_find_ca_025.out"
+ rlLog "FAIL: https://fedorahosted.org/pki/ticket/962"
+ rlRun "date --set='2 days ago'" 0 "Set System back to the present day"
rlPhaseEnd
@@ -747,59 +719,4 @@ rlPhaseStartTest "pki_user_cli_user_cleanup: Deleting role users"
}
-generate_cert_cert_find()
-{
-
- local reqstatus
- local requestid
- local requestdn
- local CERT_INFO="$1"
- local file_no="$2"
- local user_id="$3"
- local userfullname="$4"
- local ext=".out"
- local cert_ext=".pem"
- local num="$5"
- if [ "$user_id" = "Örjan Äke" ] ; then
- rlRun "create_cert_request $CERTDB_DIR redhat123 pkcs10 rsa 2048 \"Örjan Äke\" \"Örjan Äke\" "test@example.org" "Engineering" "Example" "US" "--" "reqstatus" "requestid" "requestdn""
- else
- rlRun "create_cert_request $CERTDB_DIR redhat123 pkcs10 rsa 2048 \"$userfullname\" "$user_id" "$user_id@example.org" "Engineering" "Example" "US" "--" "reqstatus" "requestid" "requestdn""
- fi
-
- rlRun "pki cert-request-show $requestid > $TmpDir/pki_user_cert_find_CA_certrequestshow_00$file_no$num$ext" 0 "Executing pki cert-request-show $requestid"
- rlAssertGrep "Request ID: $requestid" "$TmpDir/pki_user_cert_find_CA_certrequestshow_00$file_no$num$ext"
- rlAssertGrep "Type: enrollment" "$TmpDir/pki_user_cert_find_CA_certrequestshow_00$file_no$num$ext"
- rlAssertGrep "Status: pending" "$TmpDir/pki_user_cert_find_CA_certrequestshow_00$file_no$num$ext"
- rlAssertGrep "Operation Result: success" "$TmpDir/pki_user_cert_find_CA_certrequestshow_00$file_no$num$ext"
-
- #Agent Approve the certificate after reviewing the cert for the user
- rlLog "Executing: pki -d $CERTDB_DIR/ \
- -n CA_agentV \
- -c $CERTDB_DIR_PASSWORD \
- -t ca \
- cert-request-review --action=approve $requestid"
- rlRun "pki -d $CERTDB_DIR/ \
- -n CA_agentV \
- -c $CERTDB_DIR_PASSWORD \
- -t ca \
- cert-request-review --action=approve $requestid > $TmpDir/pki_user_cert_find_CA_certapprove_00$file_no$num$ext" \
- 0 \
- "CA agent approve the cert"
- rlAssertGrep "Approved certificate request $requestid" "$TmpDir/pki_user_cert_find_CA_certapprove_00$file_no$num$ext"
- rlRun "pki cert-request-show $requestid > $TmpDir/pki_user_cert_find_CA_certapprovedshow_00$file_no$num$ext" 0 "Executing pki cert-request-show $requestid"
- rlAssertGrep "Request ID: $requestid" "$TmpDir/pki_user_cert_find_CA_certapprovedshow_00$file_no$num$ext"
- rlAssertGrep "Type: enrollment" "$TmpDir/pki_user_cert_find_CA_certapprovedshow_00$file_no$num$ext"
- rlAssertGrep "Status: complete" "$TmpDir/pki_user_cert_find_CA_certapprovedshow_00$file_no$num$ext"
- rlAssertGrep "Certificate ID:" "$TmpDir/pki_user_cert_find_CA_certapprovedshow_00$file_no$num$ext"
- local certificate_serial_number=`cat $TmpDir/pki_user_cert_find_CA_certapprovedshow_00$file_no$num$ext | grep "Certificate ID:" | awk '{print $3}'`
- rlLog "Cerificate Serial Number=$certificate_serial_number"
- #Verify the certificate is valid
- rlRun "pki cert-show $certificate_serial_number --encoded > $TmpDir/pki_user_cert_find_CA_certificate_show_00$file_no$num$ext" 0 "Executing pki cert-show $certificate_serial_number"
-
- rlRun "sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' $TmpDir/pki_user_cert_find_CA_certificate_show_00$file_no$num$ext > $TmpDir/pki_user_cert_find_CA_validcert_00$file_no$num$cert_ext"
- rlRun "certutil -d $CERTDB_DIR -A -n \"$user_id\" -i $TmpDir/pki_user_cert_find_CA_validcert_00$file_no$num$cert_ext -t "u,u,u""
- echo cert_serialNumber-$certificate_serial_number > $CERT_INFO
- echo cert_requestdn-$requestdn >> $CERT_INFO
- return 0;
-}
diff --git a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-mod-ca.sh b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-mod-ca.sh
index ff367d515..45d3ee35a 100755
--- a/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-mod-ca.sh
+++ b/tests/dogtag/acceptance/cli-tests/pki-user-cli/ca/pki-user-cli-user-mod-ca.sh
@@ -71,7 +71,7 @@ run_pki-user-cli-user-mod-ca_tests(){
##### pki_user_cli_user_mod-configtest ####
rlPhaseStartTest "pki_user_cli_user_mod-configtest-001: pki user-mod configuration test"
rlRun "pki user-mod > $TmpDir/pki_user_mod_cfg.out" \
- 0 \
+ 1 \
"User modification configuration"
rlAssertGrep "usage: user-mod <User ID> \[OPTIONS...\]" "$TmpDir/pki_user_mod_cfg.out"
rlAssertGrep "\--email <email> Email" "$TmpDir/pki_user_mod_cfg.out"
diff --git a/tests/dogtag/acceptance/quickinstall/rhcs-install.sh b/tests/dogtag/acceptance/quickinstall/rhcs-install.sh
index e05b3be5a..86823d504 100755
--- a/tests/dogtag/acceptance/quickinstall/rhcs-install.sh
+++ b/tests/dogtag/acceptance/quickinstall/rhcs-install.sh
@@ -71,6 +71,7 @@ run_rhcs_install_subsystems() {
TPS_SERVER_PACKAGES="pki-tps"
RHELRHCS_PACKAGES="nuxwdog symkey mod-nss pki-native-tools redhat-pki-ca-ui redhat-pki-common-ui redhat-pki-console-ui redhat-pki-kra-ui redhat-pki-ocsp-ui redhat-pki-ra-ui redhat-pki-tks-ui redhat-pki-tps-ui"
DOGTAG_PACKAGES="pki-tools pki-symkey dogtag-pki dogtag-pki-console-theme dogtag-pki-server-theme"
+ NTPDATE_PACKAGE="ntpdate"
cat /etc/redhat-release | grep "Fedora"
@@ -98,6 +99,8 @@ run_rhcs_install_subsystems() {
yum -y install $COMMON_SERVER_PACKAGES
rlLog "yum -y install $CA_SERVER_PACKAGES"
yum -y install $CA_SERVER_PACKAGES
+ rlLog "yum -y install $NTPDATE_PACKAGE"
+ yum -y install $NTPDATE_PACKAGE
echo "export CA_SERVER_CERT_SUBJECT_NAME= CN=$HOSTNAME,O=redhat" >> /opt/rhqa_pki/env.sh
#codecoverage setup
CODE_COVERAGE_UPPERCASE=$(echo $CODE_COVERAGE | tr [a-z] [A-Z])
@@ -118,7 +121,7 @@ run_rhcs_install_subsystems() {
fi
if [ "$FLAVOR" == "Fedora" ] ; then
- ALL_PACKAGES="$COMMON_SERVER_PACKAGES $CA_SERVER_PACKAGES"
+ ALL_PACKAGES="$COMMON_SERVER_PACKAGES $CA_SERVER_PACKAGES $NTPDATE_PACKAGE"
for item in $ALL_PACKAGES ; do
rpm -qa | grep $item
if [ $? -eq 0 ] ; then
diff --git a/tests/dogtag/shared/env.sh b/tests/dogtag/shared/env.sh
index 6336154da..c5046e697 100644
--- a/tests/dogtag/shared/env.sh
+++ b/tests/dogtag/shared/env.sh
@@ -61,5 +61,6 @@ TKS_ADMIN_PASSWORD="Secret123"
TKS_ADMIN_USER="tksadmin"
TKS_BACKUP_PASSWORD=redhat123
TKS_CLIENT_PKCS12_PASSWORD=Secret123
+NTPDATE_SERVER="clock.util.phx2.redhat.com"
export LDAP_ROOTDN LDAP_ROOTDNPWD LDAP_BASEDN LDAP_ADMINPW CERTDB_DIR CERTDB_DIR_PASSWORD CA_LDAP_INSTANCE_NAME CA_ADMIN_USER CA_ADMIN_PASSWORD CA_KEY_TYPE CA_KEY_SIZE CA_INSTANCE_ID CA_DB_SUFFIX CA_LDAP_PORT CA_INSTANCE_ROOT CA_CLIENT_PKCS12_PASSWORD CA_SECURITY_DOMAIN_PASSWORD CA_AGENT_SECURE_PORT CA_EE_SECURE_PORT CA_EE_SECURE_CLIENT_AUTH_PORT CA_SECURE_PORT CA_UNSECURE_PORT CA_TOMCAT_SERVER_PORT CA_AGENT_CERT_NICKNAME CA_AGENT_CERT_SUBJECT_NAME CA_SIGNING_CERT_SUBJECT_NAME CA_SUBSYSTEM_CERT_SUBJECT_NAME CA_OCSP_SIGNING_CERT_SUBJECT_NAME CA_AUDIT_SIGNING_CERT_SUBJECT_NAME CA_SUBSYSTEM_NAME CA_AGENT_KEY_SIZE CA_AGENT_KEY_TYPE CA_BACKUP_PASSWORD CA_TOKEN_NAME CA_TOKEN_PASSWORD CA_KEY_ALGORITHM CA_SIGNING_ALGORITHM CA_SIGNING_SIGNING_ALGORITHM CA_OCSP_SIGNING_ALGORITHM CA_BACKUP_FILE_NAME KRA_ADMIN_PASSWORD KRA_BACKUP_PASSWORD KRA_CLIENT_PKCS12_PASSWORD OCSP_ADMIN_PASSWORD OCSP_BACKUP_PASSWORD OCSP_CLIENT_PKCS12_PASSWORD TKS_ADMIN_PASSWORD TKS_BACKUP_PASSWORD TKS_CLIENT_PKCS12_PASSWORD CA_TKS_SIGNING_CERT_SUBJECT_NAME CA_TKS_SIGNING_ALGORITHM
diff --git a/tests/dogtag/shared/pki-cert-cli-lib.sh b/tests/dogtag/shared/pki-cert-cli-lib.sh
index 29d90d183..b2200ccf7 100755
--- a/tests/dogtag/shared/pki-cert-cli-lib.sh
+++ b/tests/dogtag/shared/pki-cert-cli-lib.sh
@@ -1,6 +1,7 @@
#!/bin/sh
#Include below files
. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/env.sh
########################################################################
# PKI CERT SHARED LIBRARY
#######################################################################
@@ -292,7 +293,7 @@ create_new_cert_request()
rlRun "set_newjavapath \":./:/usr/lib/java/jss4.jar:/usr/share/java/pki/pki-nsutil.jar:/usr/share/java/pki/pki-cmsutil.jar:/usr/share/java/apache-commons-codec.jar:/usr/share/java/pki/pki-silent.jar:/opt/rhqa_pki/java/generateCRMFRequest.jar:\"" 0 "Setting Java CLASSPATH"
rlRun "source /opt/rhqa_pki/env.sh" 0 "Set Environment Variables"
rlLog "Execute generateCRMFRequest to generate CRMF Request"
- rlRun "java -cp $CLASSPATH generateCRMFRequest -client_certdb_dir $dir -client_certdb_pwd $password -debug false -request_subject \"$subject\" -request_keytype $algo -request_keysize $key_size -output_file $cert_request_file 1> $dir/crmf.out" 0 "Execute generateCRMFRequest to generate CRMF Request"
+ rlRun "java -cp $CLASSPATH generateCRMFRequest -client_certdb_dir $dir -client_certdb_pwd $password -debug false -request_subject \"$subject\" -request_keytype $algo -request_keysize $key_size -output_file $cert_request_file 1> $dir/crmf.out" 0 "Execute generateCRMFRequest to generata CRMF Request"
fi
if [ "$request_type" == "crmf" ] && [ "$archive" == "true" ];then
@@ -431,4 +432,60 @@ submit_new_request(){
return 0;
}
+
+generate_user_cert()
+{
+ local reqstatus
+ local requestid
+ local requestdn
+ local CERT_INFO="$1"
+ local file_no="$2"
+ local user_id="$3"
+ local userfullname="$4"
+ local ext=".out"
+ local cert_ext=".pem"
+ local req_email="$5"
+ local num="$7"
+ local file_name="$6"
+ rlRun "create_cert_request $CERTDB_DIR redhat123 pkcs10 rsa 2048 \"$userfullname\" \"$user_id\" "$req_email" "Engineering" "Example" "US" "--" "reqstatus" "requestid" "requestdn""
+
+ rlRun "pki cert-request-show $requestid > $TmpDir/$file_name-CA_certrequestshow_00$file_no$num$ext" 0 "Executing pki cert-request-show $requestid"
+ rlAssertGrep "Request ID: $requestid" "$TmpDir/$file_name-CA_certrequestshow_00$file_no$num$ext"
+ rlAssertGrep "Type: enrollment" "$TmpDir/$file_name-CA_certrequestshow_00$file_no$num$ext"
+ rlAssertGrep "Status: pending" "$TmpDir/$file_name-CA_certrequestshow_00$file_no$num$ext"
+ rlAssertGrep "Operation Result: success" "$TmpDir/$file_name-CA_certrequestshow_00$file_no$num$ext"
+
+ #Agent Approve the certificate after reviewing the cert for the user
+ rlLog "Executing: pki -d $CERTDB_DIR/ \
+ -n CA_agentV \
+ -c $CERTDB_DIR_PASSWORD \
+ -t ca \
+ cert-request-review --action=approve $requestid"
+ rlRun "pki -d $CERTDB_DIR/ \
+ -n CA_agentV \
+ -c $CERTDB_DIR_PASSWORD \
+ -t ca \
+ cert-request-review --action=approve $requestid > $TmpDir/$file_name-CA_certapprove_00$file_no$num$ext" \
+ 0 \
+ "CA agent approve the cert"
+ rlAssertGrep "Approved certificate request $requestid" "$TmpDir/$file_name-CA_certapprove_00$file_no$num$ext"
+ rlRun "pki cert-request-show $requestid > $TmpDir/$file_name-CA_certapprovedshow_00$file_no$num$ext" 0 "Executing pki cert-request-show $requestid"
+ rlAssertGrep "Request ID: $requestid" "$TmpDir/$file_name-CA_certapprovedshow_00$file_no$num$ext"
+ rlAssertGrep "Type: enrollment" "$TmpDir/$file_name-CA_certapprovedshow_00$file_no$num$ext"
+ rlAssertGrep "Status: complete" "$TmpDir/$file_name-CA_certapprovedshow_00$file_no$num$ext"
+ rlAssertGrep "Certificate ID:" "$TmpDir/$file_name-CA_certapprovedshow_00$file_no$num$ext"
+ local certificate_serial_number=`cat $TmpDir/$file_name-CA_certapprovedshow_00$file_no$num$ext | grep "Certificate ID:" | awk '{print $3}'`
+ rlLog "Cerificate Serial Number=$certificate_serial_number"
+ #Verify the certificate is valid
+ rlRun "pki cert-show $certificate_serial_number --encoded > $TmpDir/$file_name-CA_certificate_show_00$file_no$num$ext" 0 "Executing pki cert-show $certificate_serial_number"
+
+ rlRun "sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' $TmpDir/$file_name-CA_certificate_show_00$file_no$num$ext > $TmpDir/$file_name-CA_validcert_00$file_no$num$cert_ext"
+ rlRun "certutil -d $CERTDB_DIR -A -n \"$user_id\" -i $TmpDir/$file_name-CA_validcert_00$file_no$num$cert_ext -t "u,u,u""
+ echo cert_serialNumber-$certificate_serial_number > $CERT_INFO
+ echo cert_requestdn-$requestdn >> $CERT_INFO
+ return 0;
+
+}
+
+
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #
generated by cgit (git 2.34.1) at 2024-06-30 20:30:42 +0000