# Generated with generate_ssl_tests.pl num_tests = 20 test-0 = 0-server-auth-flex test-1 = 1-client-auth-flex-request test-2 = 2-client-auth-flex-require-fail test-3 = 3-client-auth-flex-require test-4 = 4-client-auth-flex-noroot test-5 = 5-server-auth-TLSv1 test-6 = 6-client-auth-TLSv1-request test-7 = 7-client-auth-TLSv1-require-fail test-8 = 8-client-auth-TLSv1-require test-9 = 9-client-auth-TLSv1-noroot test-10 = 10-server-auth-TLSv1.1 test-11 = 11-client-auth-TLSv1.1-request test-12 = 12-client-auth-TLSv1.1-require-fail test-13 = 13-client-auth-TLSv1.1-require test-14 = 14-client-auth-TLSv1.1-noroot test-15 = 15-server-auth-TLSv1.2 test-16 = 16-client-auth-TLSv1.2-request test-17 = 17-client-auth-TLSv1.2-require-fail test-18 = 18-client-auth-TLSv1.2-require test-19 = 19-client-auth-TLSv1.2-noroot # =========================================================== [0-server-auth-flex] ssl_conf = 0-server-auth-flex-ssl [0-server-auth-flex-ssl] server = 0-server-auth-flex-server client = 0-server-auth-flex-client [0-server-auth-flex-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-server-auth-flex-client] CipherString = DEFAULT VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-0] ExpectedResult = Success # =========================================================== [1-client-auth-flex-request] ssl_conf = 1-client-auth-flex-request-ssl [1-client-auth-flex-request-ssl] server = 1-client-auth-flex-request-server client = 1-client-auth-flex-request-client [1-client-auth-flex-request-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Request [1-client-auth-flex-request-client] CipherString = DEFAULT VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-1] ExpectedResult = Success # =========================================================== [2-client-auth-flex-require-fail] ssl_conf = 2-client-auth-flex-require-fail-ssl [2-client-auth-flex-require-fail-ssl] server = 2-client-auth-flex-require-fail-server client = 2-client-auth-flex-require-fail-client [2-client-auth-flex-require-fail-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Require [2-client-auth-flex-require-fail-client] CipherString = DEFAULT VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-2] ExpectedResult = ServerFail ExpectedServerAlert = HandshakeFailure # =========================================================== [3-client-auth-flex-require] ssl_conf = 3-client-auth-flex-require-ssl [3-client-auth-flex-require-ssl] server = 3-client-auth-flex-require-server client = 3-client-auth-flex-require-client [3-client-auth-flex-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Request [3-client-auth-flex-require-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-3] ExpectedClientCertType = RSA ExpectedResult = Success # =========================================================== [4-client-auth-flex-noroot] ssl_conf = 4-client-auth-flex-noroot-ssl [4-client-auth-flex-noroot-ssl] server = 4-client-auth-flex-noroot-server client = 4-client-auth-flex-noroot-client [4-client-auth-flex-noroot-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Require [4-client-auth-flex-noroot-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-4] ExpectedResult = ServerFail ExpectedServerAlert = UnknownCA # =========================================================== [5-server-auth-TLSv1] ssl_conf = 5-server-auth-TLSv1-ssl [5-server-auth-TLSv1-ssl] server = 5-server-auth-TLSv1-server client = 5-server-auth-TLSv1-client [5-server-auth-TLSv1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-server-auth-TLSv1-client] CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-5] ExpectedResult = Success # =========================================================== [6-client-auth-TLSv1-request] ssl_conf = 6-client-auth-TLSv1-request-ssl [6-client-auth-TLSv1-request-ssl] server = 6-client-auth-TLSv1-request-server client = 6-client-auth-TLSv1-request-client [6-client-auth-TLSv1-request-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Request [6-client-auth-TLSv1-request-client] CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-6] ExpectedResult = Success # =========================================================== [7-client-auth-TLSv1-require-fail] ssl_conf = 7-client-auth-TLSv1-require-fail-ssl [7-client-auth-TLSv1-require-fail-ssl] server = 7-client-auth-TLSv1-require-fail-server client = 7-client-auth-TLSv1-require-fail-client [7-client-auth-TLSv1-require-fail-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Require [7-client-auth-TLSv1-require-fail-client] CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-7] ExpectedResult = ServerFail ExpectedServerAlert = HandshakeFailure # =========================================================== [8-client-auth-TLSv1-require] ssl_conf = 8-client-auth-TLSv1-require-ssl [8-client-auth-TLSv1-require-ssl] server = 8-client-auth-TLSv1-require-server client = 8-client-auth-TLSv1-require-client [8-client-auth-TLSv1-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Request [8-client-auth-TLSv1-require-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-8] ExpectedClientCertType = RSA ExpectedResult = Success # =========================================================== [9-client-auth-TLSv1-noroot] ssl_conf = 9-client-auth-TLSv1-noroot-ssl [9-client-auth-TLSv1-noroot-ssl] server = 9-client-auth-TLSv1-noroot-server client = 9-client-auth-TLSv1-noroot-client [9-client-auth-TLSv1-noroot-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Require [9-client-auth-TLSv1-noroot-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-9] ExpectedResult = ServerFail ExpectedServerAlert = UnknownCA # =========================================================== [10-server-auth-TLSv1.1] ssl_conf = 10-server-auth-TLSv1.1-ssl [10-server-auth-TLSv1.1-ssl] server = 10-server-auth-TLSv1.1-server client = 10-server-auth-TLSv1.1-client [10-server-auth-TLSv1.1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-server-auth-TLSv1.1-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-10] ExpectedResult = Success # =========================================================== [11-client-auth-TLSv1.1-request] ssl_conf = 11-client-auth-TLSv1.1-request-ssl [11-client-auth-TLSv1.1-request-ssl] server = 11-client-auth-TLSv1.1-request-server client = 11-client-auth-TLSv1.1-request-client [11-client-auth-TLSv1.1-request-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Request [11-client-auth-TLSv1.1-request-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-11] ExpectedResult = Success # =========================================================== [12-client-auth-TLSv1.1-require-fail] ssl_conf = 12-client-auth-TLSv1.1-require-fail-ssl [12-client-auth-TLSv1.1-require-fail-ssl] server = 12-client-auth-TLSv1.1-require-fail-server client = 12-client-auth-TLSv1.1-require-fail-client [12-client-auth-TLSv1.1-require-fail-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Require [12-client-auth-TLSv1.1-require-fail-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-12] ExpectedResult = ServerFail ExpectedServerAlert = HandshakeFailure # =========================================================== [13-client-auth-TLSv1.1-require] ssl_conf = 13-client-auth-TLSv1.1-require-ssl [13-client-auth-TLSv1.1-require-ssl] server = 13-client-auth-TLSv1.1-require-server client = 13-client-auth-TLSv1.1-require-client [13-client-auth-TLSv1.1-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Request [13-client-auth-TLSv1.1-require-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-13] ExpectedClientCertType = RSA ExpectedResult = Success # =========================================================== [14-client-auth-TLSv1.1-noroot] ssl_conf = 14-client-auth-TLSv1.1-noroot-ssl [14-client-auth-TLSv1.1-noroot-ssl] server = 14-client-auth-TLSv1.1-noroot-server client = 14-client-auth-TLSv1.1-noroot-client [14-client-auth-TLSv1.1-noroot-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Require [14-client-auth-TLSv1.1-noroot-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-14] ExpectedResult = ServerFail ExpectedServerAlert = UnknownCA # =========================================================== [15-server-auth-TLSv1.2] ssl_conf = 15-server-auth-TLSv1.2-ssl [15-server-auth-TLSv1.2-ssl] server = 15-server-auth-TLSv1.2-server client = 15-server-auth-TLSv1.2-client [15-server-auth-TLSv1.2-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-server-auth-TLSv1.2-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-15] ExpectedResult = Success # =========================================================== [16-client-auth-TLSv1.2-request] ssl_conf = 16-client-auth-TLSv1.2-request-ssl [16-client-auth-TLSv1.2-request-ssl] server = 16-client-auth-TLSv1.2-request-server client = 16-client-auth-TLSv1.2-request-client [16-client-auth-TLSv1.2-request-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Request [16-client-auth-TLSv1.2-request-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-16] ExpectedResult = Success # =========================================================== [17-client-auth-TLSv1.2-require-fail] ssl_conf = 17-client-auth-TLSv1.2-require-fail-ssl [17-client-auth-TLSv1.2-require-fail-ssl] server = 17-client-auth-TLSv1.2-require-fail-server client = 17-client-auth-TLSv1.2-require-fail-client [17-client-auth-TLSv1.2-require-fail-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Require [17-client-auth-TLSv1.2-require-fail-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-17] ExpectedResult = ServerFail ExpectedServerAlert = HandshakeFailure # =========================================================== [18-client-auth-TLSv1.2-require] ssl_conf = 18-client-auth-TLSv1.2-require-ssl [18-client-auth-TLSv1.2-require-ssl] server = 18-client-auth-TLSv1.2-require-server client = 18-client-auth-TLSv1.2-require-client [18-client-auth-TLSv1.2-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ClientSignatureAlgorithms = SHA256+RSA MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Request [18-client-auth-TLSv1.2-require-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-18] ExpectedClientCertType = RSA ExpectedClientSignHash = SHA256 ExpectedClientSignType = RSA ExpectedResult = Success # =========================================================== [19-client-auth-TLSv1.2-noroot] ssl_conf = 19-client-auth-TLSv1.2-noroot-ssl [19-client-auth-TLSv1.2-noroot-ssl] server = 19-client-auth-TLSv1.2-noroot-server client = 19-client-auth-TLSv1.2-noroot-client [19-client-auth-TLSv1.2-noroot-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Require [19-client-auth-TLSv1.2-noroot-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-19] ExpectedResult = ServerFail ExpectedServerAlert = UnknownCA