1 # Generated with generate_ssl_tests.pl
5 test-0 = 0-server-auth-flex
6 test-1 = 1-client-auth-flex-request
7 test-2 = 2-client-auth-flex-require-fail
8 test-3 = 3-client-auth-flex-require
9 test-4 = 4-client-auth-flex-noroot
10 test-5 = 5-server-auth-TLSv1
11 test-6 = 6-client-auth-TLSv1-request
12 test-7 = 7-client-auth-TLSv1-require-fail
13 test-8 = 8-client-auth-TLSv1-require
14 test-9 = 9-client-auth-TLSv1-noroot
15 test-10 = 10-server-auth-TLSv1.1
16 test-11 = 11-client-auth-TLSv1.1-request
17 test-12 = 12-client-auth-TLSv1.1-require-fail
18 test-13 = 13-client-auth-TLSv1.1-require
19 test-14 = 14-client-auth-TLSv1.1-noroot
20 test-15 = 15-server-auth-TLSv1.2
21 test-16 = 16-client-auth-TLSv1.2-request
22 test-17 = 17-client-auth-TLSv1.2-require-fail
23 test-18 = 18-client-auth-TLSv1.2-require
24 test-19 = 19-client-auth-TLSv1.2-noroot
25 # ===========================================================
28 ssl_conf = 0-server-auth-flex-ssl
30 [0-server-auth-flex-ssl]
31 server = 0-server-auth-flex-server
32 client = 0-server-auth-flex-client
34 [0-server-auth-flex-server]
35 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
36 CipherString = DEFAULT
37 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
39 [0-server-auth-flex-client]
40 CipherString = DEFAULT
41 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
45 ExpectedResult = Success
48 # ===========================================================
50 [1-client-auth-flex-request]
51 ssl_conf = 1-client-auth-flex-request-ssl
53 [1-client-auth-flex-request-ssl]
54 server = 1-client-auth-flex-request-server
55 client = 1-client-auth-flex-request-client
57 [1-client-auth-flex-request-server]
58 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
59 CipherString = DEFAULT
60 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
63 [1-client-auth-flex-request-client]
64 CipherString = DEFAULT
65 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
69 ExpectedResult = Success
72 # ===========================================================
74 [2-client-auth-flex-require-fail]
75 ssl_conf = 2-client-auth-flex-require-fail-ssl
77 [2-client-auth-flex-require-fail-ssl]
78 server = 2-client-auth-flex-require-fail-server
79 client = 2-client-auth-flex-require-fail-client
81 [2-client-auth-flex-require-fail-server]
82 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
83 CipherString = DEFAULT
84 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
85 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
88 [2-client-auth-flex-require-fail-client]
89 CipherString = DEFAULT
90 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
94 ExpectedResult = ServerFail
95 ExpectedServerAlert = HandshakeFailure
98 # ===========================================================
100 [3-client-auth-flex-require]
101 ssl_conf = 3-client-auth-flex-require-ssl
103 [3-client-auth-flex-require-ssl]
104 server = 3-client-auth-flex-require-server
105 client = 3-client-auth-flex-require-client
107 [3-client-auth-flex-require-server]
108 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
109 CipherString = DEFAULT
110 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
111 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
114 [3-client-auth-flex-require-client]
115 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
116 CipherString = DEFAULT
117 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
118 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
122 ExpectedClientCertType = RSA
123 ExpectedResult = Success
126 # ===========================================================
128 [4-client-auth-flex-noroot]
129 ssl_conf = 4-client-auth-flex-noroot-ssl
131 [4-client-auth-flex-noroot-ssl]
132 server = 4-client-auth-flex-noroot-server
133 client = 4-client-auth-flex-noroot-client
135 [4-client-auth-flex-noroot-server]
136 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
137 CipherString = DEFAULT
138 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
141 [4-client-auth-flex-noroot-client]
142 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
143 CipherString = DEFAULT
144 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
145 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
149 ExpectedResult = ServerFail
150 ExpectedServerAlert = UnknownCA
153 # ===========================================================
155 [5-server-auth-TLSv1]
156 ssl_conf = 5-server-auth-TLSv1-ssl
158 [5-server-auth-TLSv1-ssl]
159 server = 5-server-auth-TLSv1-server
160 client = 5-server-auth-TLSv1-client
162 [5-server-auth-TLSv1-server]
163 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
164 CipherString = DEFAULT
167 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
169 [5-server-auth-TLSv1-client]
170 CipherString = DEFAULT
173 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
177 ExpectedResult = Success
180 # ===========================================================
182 [6-client-auth-TLSv1-request]
183 ssl_conf = 6-client-auth-TLSv1-request-ssl
185 [6-client-auth-TLSv1-request-ssl]
186 server = 6-client-auth-TLSv1-request-server
187 client = 6-client-auth-TLSv1-request-client
189 [6-client-auth-TLSv1-request-server]
190 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
191 CipherString = DEFAULT
194 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
197 [6-client-auth-TLSv1-request-client]
198 CipherString = DEFAULT
201 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
205 ExpectedResult = Success
208 # ===========================================================
210 [7-client-auth-TLSv1-require-fail]
211 ssl_conf = 7-client-auth-TLSv1-require-fail-ssl
213 [7-client-auth-TLSv1-require-fail-ssl]
214 server = 7-client-auth-TLSv1-require-fail-server
215 client = 7-client-auth-TLSv1-require-fail-client
217 [7-client-auth-TLSv1-require-fail-server]
218 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
219 CipherString = DEFAULT
222 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
223 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
226 [7-client-auth-TLSv1-require-fail-client]
227 CipherString = DEFAULT
230 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
234 ExpectedResult = ServerFail
235 ExpectedServerAlert = HandshakeFailure
238 # ===========================================================
240 [8-client-auth-TLSv1-require]
241 ssl_conf = 8-client-auth-TLSv1-require-ssl
243 [8-client-auth-TLSv1-require-ssl]
244 server = 8-client-auth-TLSv1-require-server
245 client = 8-client-auth-TLSv1-require-client
247 [8-client-auth-TLSv1-require-server]
248 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
249 CipherString = DEFAULT
252 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
253 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
256 [8-client-auth-TLSv1-require-client]
257 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
258 CipherString = DEFAULT
261 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
262 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
266 ExpectedClientCertType = RSA
267 ExpectedResult = Success
270 # ===========================================================
272 [9-client-auth-TLSv1-noroot]
273 ssl_conf = 9-client-auth-TLSv1-noroot-ssl
275 [9-client-auth-TLSv1-noroot-ssl]
276 server = 9-client-auth-TLSv1-noroot-server
277 client = 9-client-auth-TLSv1-noroot-client
279 [9-client-auth-TLSv1-noroot-server]
280 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
281 CipherString = DEFAULT
284 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
287 [9-client-auth-TLSv1-noroot-client]
288 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
289 CipherString = DEFAULT
292 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
293 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
297 ExpectedResult = ServerFail
298 ExpectedServerAlert = UnknownCA
301 # ===========================================================
303 [10-server-auth-TLSv1.1]
304 ssl_conf = 10-server-auth-TLSv1.1-ssl
306 [10-server-auth-TLSv1.1-ssl]
307 server = 10-server-auth-TLSv1.1-server
308 client = 10-server-auth-TLSv1.1-client
310 [10-server-auth-TLSv1.1-server]
311 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
312 CipherString = DEFAULT
313 MaxProtocol = TLSv1.1
314 MinProtocol = TLSv1.1
315 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
317 [10-server-auth-TLSv1.1-client]
318 CipherString = DEFAULT
319 MaxProtocol = TLSv1.1
320 MinProtocol = TLSv1.1
321 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
325 ExpectedResult = Success
328 # ===========================================================
330 [11-client-auth-TLSv1.1-request]
331 ssl_conf = 11-client-auth-TLSv1.1-request-ssl
333 [11-client-auth-TLSv1.1-request-ssl]
334 server = 11-client-auth-TLSv1.1-request-server
335 client = 11-client-auth-TLSv1.1-request-client
337 [11-client-auth-TLSv1.1-request-server]
338 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
339 CipherString = DEFAULT
340 MaxProtocol = TLSv1.1
341 MinProtocol = TLSv1.1
342 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
345 [11-client-auth-TLSv1.1-request-client]
346 CipherString = DEFAULT
347 MaxProtocol = TLSv1.1
348 MinProtocol = TLSv1.1
349 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
353 ExpectedResult = Success
356 # ===========================================================
358 [12-client-auth-TLSv1.1-require-fail]
359 ssl_conf = 12-client-auth-TLSv1.1-require-fail-ssl
361 [12-client-auth-TLSv1.1-require-fail-ssl]
362 server = 12-client-auth-TLSv1.1-require-fail-server
363 client = 12-client-auth-TLSv1.1-require-fail-client
365 [12-client-auth-TLSv1.1-require-fail-server]
366 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
367 CipherString = DEFAULT
368 MaxProtocol = TLSv1.1
369 MinProtocol = TLSv1.1
370 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
371 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
374 [12-client-auth-TLSv1.1-require-fail-client]
375 CipherString = DEFAULT
376 MaxProtocol = TLSv1.1
377 MinProtocol = TLSv1.1
378 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
382 ExpectedResult = ServerFail
383 ExpectedServerAlert = HandshakeFailure
386 # ===========================================================
388 [13-client-auth-TLSv1.1-require]
389 ssl_conf = 13-client-auth-TLSv1.1-require-ssl
391 [13-client-auth-TLSv1.1-require-ssl]
392 server = 13-client-auth-TLSv1.1-require-server
393 client = 13-client-auth-TLSv1.1-require-client
395 [13-client-auth-TLSv1.1-require-server]
396 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
397 CipherString = DEFAULT
398 MaxProtocol = TLSv1.1
399 MinProtocol = TLSv1.1
400 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
401 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
404 [13-client-auth-TLSv1.1-require-client]
405 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
406 CipherString = DEFAULT
407 MaxProtocol = TLSv1.1
408 MinProtocol = TLSv1.1
409 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
410 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
414 ExpectedClientCertType = RSA
415 ExpectedResult = Success
418 # ===========================================================
420 [14-client-auth-TLSv1.1-noroot]
421 ssl_conf = 14-client-auth-TLSv1.1-noroot-ssl
423 [14-client-auth-TLSv1.1-noroot-ssl]
424 server = 14-client-auth-TLSv1.1-noroot-server
425 client = 14-client-auth-TLSv1.1-noroot-client
427 [14-client-auth-TLSv1.1-noroot-server]
428 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
429 CipherString = DEFAULT
430 MaxProtocol = TLSv1.1
431 MinProtocol = TLSv1.1
432 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
435 [14-client-auth-TLSv1.1-noroot-client]
436 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
437 CipherString = DEFAULT
438 MaxProtocol = TLSv1.1
439 MinProtocol = TLSv1.1
440 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
441 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
445 ExpectedResult = ServerFail
446 ExpectedServerAlert = UnknownCA
449 # ===========================================================
451 [15-server-auth-TLSv1.2]
452 ssl_conf = 15-server-auth-TLSv1.2-ssl
454 [15-server-auth-TLSv1.2-ssl]
455 server = 15-server-auth-TLSv1.2-server
456 client = 15-server-auth-TLSv1.2-client
458 [15-server-auth-TLSv1.2-server]
459 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
460 CipherString = DEFAULT
461 MaxProtocol = TLSv1.2
462 MinProtocol = TLSv1.2
463 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
465 [15-server-auth-TLSv1.2-client]
466 CipherString = DEFAULT
467 MaxProtocol = TLSv1.2
468 MinProtocol = TLSv1.2
469 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
473 ExpectedResult = Success
476 # ===========================================================
478 [16-client-auth-TLSv1.2-request]
479 ssl_conf = 16-client-auth-TLSv1.2-request-ssl
481 [16-client-auth-TLSv1.2-request-ssl]
482 server = 16-client-auth-TLSv1.2-request-server
483 client = 16-client-auth-TLSv1.2-request-client
485 [16-client-auth-TLSv1.2-request-server]
486 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
487 CipherString = DEFAULT
488 MaxProtocol = TLSv1.2
489 MinProtocol = TLSv1.2
490 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
493 [16-client-auth-TLSv1.2-request-client]
494 CipherString = DEFAULT
495 MaxProtocol = TLSv1.2
496 MinProtocol = TLSv1.2
497 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
501 ExpectedResult = Success
504 # ===========================================================
506 [17-client-auth-TLSv1.2-require-fail]
507 ssl_conf = 17-client-auth-TLSv1.2-require-fail-ssl
509 [17-client-auth-TLSv1.2-require-fail-ssl]
510 server = 17-client-auth-TLSv1.2-require-fail-server
511 client = 17-client-auth-TLSv1.2-require-fail-client
513 [17-client-auth-TLSv1.2-require-fail-server]
514 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
515 CipherString = DEFAULT
516 MaxProtocol = TLSv1.2
517 MinProtocol = TLSv1.2
518 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
519 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
522 [17-client-auth-TLSv1.2-require-fail-client]
523 CipherString = DEFAULT
524 MaxProtocol = TLSv1.2
525 MinProtocol = TLSv1.2
526 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
530 ExpectedResult = ServerFail
531 ExpectedServerAlert = HandshakeFailure
534 # ===========================================================
536 [18-client-auth-TLSv1.2-require]
537 ssl_conf = 18-client-auth-TLSv1.2-require-ssl
539 [18-client-auth-TLSv1.2-require-ssl]
540 server = 18-client-auth-TLSv1.2-require-server
541 client = 18-client-auth-TLSv1.2-require-client
543 [18-client-auth-TLSv1.2-require-server]
544 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
545 CipherString = DEFAULT
546 ClientSignatureAlgorithms = SHA256+RSA
547 MaxProtocol = TLSv1.2
548 MinProtocol = TLSv1.2
549 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
550 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
553 [18-client-auth-TLSv1.2-require-client]
554 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
555 CipherString = DEFAULT
556 MaxProtocol = TLSv1.2
557 MinProtocol = TLSv1.2
558 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
559 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
563 ExpectedClientCertType = RSA
564 ExpectedClientSignHash = SHA256
565 ExpectedClientSignType = RSA
566 ExpectedResult = Success
569 # ===========================================================
571 [19-client-auth-TLSv1.2-noroot]
572 ssl_conf = 19-client-auth-TLSv1.2-noroot-ssl
574 [19-client-auth-TLSv1.2-noroot-ssl]
575 server = 19-client-auth-TLSv1.2-noroot-server
576 client = 19-client-auth-TLSv1.2-noroot-client
578 [19-client-auth-TLSv1.2-noroot-server]
579 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
580 CipherString = DEFAULT
581 MaxProtocol = TLSv1.2
582 MinProtocol = TLSv1.2
583 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
586 [19-client-auth-TLSv1.2-noroot-client]
587 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
588 CipherString = DEFAULT
589 MaxProtocol = TLSv1.2
590 MinProtocol = TLSv1.2
591 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
592 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
596 ExpectedResult = ServerFail
597 ExpectedServerAlert = UnknownCA