Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tests with CA-chain server certificates #2038

Open
andy-maier opened this issue Dec 20, 2019 · 4 comments
Open

Tests with CA-chain server certificates #2038

andy-maier opened this issue Dec 20, 2019 · 4 comments
Assignees
@KSchopmeyer
Labels
area: test type: enhancement
Milestone
1.8.0

Comments

@andy-maier
Copy link
Contributor

andy-maier commented Dec 20, 2019
edited by KSchopmeyer

This test should be done with the new requests based communication (see PR #2023).

Test cases:

  • Verification of CA-chain server certificate with specified path to PEM file
  • Verification of CA-chain server certificate with specified path to directory
  • Verification of CA-chain server certificate with certifi-provided root certificates

Client side environments:

  • Python 2 on Linux
  • Python 3 on Linux
  • Python 2 on native Windows
  • Python 3 on native Windows

We want to set this up so the certificates exist and then to automate it as part of the end-end tests.
@andy-maier andy-maier added this to the 1.0.0 milestone Dec 20, 2019
@andy-maier andy-maier mentioned this issue Dec 24, 2019
Merged
@andy-maier
Copy link
Contributor Author

There are some places where CA certificates can be created without cost, e.g. "lets encrypt".

@andy-maier
Copy link
Contributor Author

When this test is done, issue #2036 can also be worked as part of that (i.e. triggering failures and reporting the exceptions.)

@andy-maier andy-maier mentioned this issue Feb 3, 2020
Open
@andy-maier andy-maier modified the milestones: 1.0.0, 1.1.0 Mar 25, 2020
@andy-maier andy-maier mentioned this issue Jul 17, 2020
Closed
@andy-maier andy-maier removed this from the 1.1.0 milestone Aug 19, 2020
@andy-maier andy-maier mentioned this issue Oct 3, 2020
Closed
@andy-maier andy-maier added this to the 1.2.0 milestone Oct 10, 2020
@andy-maier andy-maier removed this from the 1.2.0 milestone Jan 13, 2021
@KSchopmeyer
Copy link
Collaborator

We can do this against a containerized OpenPegasus in an end2end test. However, today OpenPegasus container only presents a single self signed cert so the container needs to be updated to define a chain. That is part of the upcoming OpenPegasus release.
Lets move this to next Pywbem version.

@andy-maier andy-maier added this to the 1.3.0 milestone Mar 6, 2021
@andy-maier andy-maier removed this from the 1.3.0 milestone Jun 11, 2021
@andy-maier andy-maier added this to the 1.5.0 milestone Mar 1, 2022
@andy-maier
Copy link
Contributor Author

The new OpenPegasus container will contain CA-chained certificates that verify against a self-signed root certificate in its own trust store. That should be good enough for this test.

@andy-maier andy-maier modified the milestones: 1.5.0, 1.6.0 Aug 2, 2022
@andy-maier andy-maier modified the milestones: 1.6.0, 1.7.0 Nov 29, 2022
@KSchopmeyer KSchopmeyer modified the milestones: 1.7.0, 1.8.0 Oct 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@KSchopmeyer KSchopmeyer

Labels
area: test type: enhancement
Projects
None yet
Milestone
1.8.0
Development

No branches or pull requests
2 participants
@KSchopmeyer @andy-maier