diff options
| author | lutter <lutter@980ebf18-57e1-0310-9a29-db15c13687c0> | 2006-08-23 02:23:25 +0000 |
|---|---|---|
| committer | lutter <lutter@980ebf18-57e1-0310-9a29-db15c13687c0> | 2006-08-23 02:23:25 +0000 |
| commit | 9576d1dda88bd14490b91f7aee0dbaee28969f79 (patch) | |
| tree | d4098b1438093658920e777d290d0e658f0458d5 /test/executables | |
| parent | 4151fd59ef6490c875140a874c0a13c5d3f311aa (diff) | |
| download | puppet-9576d1dda88bd14490b91f7aee0dbaee28969f79.tar.gz puppet-9576d1dda88bd14490b91f7aee0dbaee28969f79.tar.xz puppet-9576d1dda88bd14490b91f7aee0dbaee28969f79.zip | |
Certificate revocation through puppetca. Keep a simple text inventory of all certificates ever issued.
git-svn-id: https://reductivelabs.com/svn/puppet/trunk@1485 980ebf18-57e1-0310-9a29-db15c13687c0
Diffstat (limited to 'test/executables')
| -rwxr-xr-x | test/executables/puppetca.rb | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/test/executables/puppetca.rb b/test/executables/puppetca.rb index b722c963f..71764ebd2 100755 --- a/test/executables/puppetca.rb +++ b/test/executables/puppetca.rb @@ -84,6 +84,29 @@ class TestPuppetCA < Test::Unit::TestCase assert_equal($?,0) assert_equal(["No certificates to sign"], output) end + + def test_revocation + ca = Puppet::SSLCertificates::CA.new() + host1 = gen_cert(ca, "host1.example.com") + host2 = gen_cert(ca, "host2.example.com") + host3 = gen_cert(ca, "host3.example.com") + runca("-r host1.example.com") + runca("-r #{host2.serial}") + runca("-r 0x#{host3.serial.to_s(16)}") + runca("-r 0xff") + + # Recreate CA to force reading of CRL + ca = Puppet::SSLCertificates::CA.new() + crl = ca.crl + revoked = crl.revoked.collect { |r| r.serial } + exp = [host1.serial, host2.serial, host3.serial, 255] + assert_equal(exp, revoked) + end + + def gen_cert(ca, host) + runca("-g #{host}") + ca.getclientcert(host)[0] + end end # $Id$ |