diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2007-04-12 20:41:31 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2007-04-12 20:41:31 +0000 |
| commit | 774a362e87feab25f1be16fbca08269ddc7121a4 (patch) | |
| tree | cf71f4e7466468ac3edc2127125f333224a9acfb /testing/tests/ikev2/ocsp-local-cert/hosts | |
| parent | c54a140a445bfe7aa66721f68bb0781f26add91c (diff) | |
| download | vyos-strongswan-774a362e87feab25f1be16fbca08269ddc7121a4.tar.gz vyos-strongswan-774a362e87feab25f1be16fbca08269ddc7121a4.zip | |
Major new upstream release, just ran svn-upgrade for now (and wrote some
debian/changelong entries).
Diffstat (limited to 'testing/tests/ikev2/ocsp-local-cert/hosts')
5 files changed, 118 insertions, 0 deletions
diff --git a/testing/tests/ikev2/ocsp-local-cert/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/ocsp-local-cert/hosts/carol/etc/ipsec.conf new file mode 100755 index 000000000..0209111ba --- /dev/null +++ b/testing/tests/ikev2/ocsp-local-cert/hosts/carol/etc/ipsec.conf @@ -0,0 +1,28 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + crlcheckinterval=180 + strictcrlpolicy=yes + plutostart=no + +ca strongswan + cacert=strongswanCert.pem + ocspuri=http://ocsp.strongswan.org:8880 + auto=add + +conn %default + keyexchange=ikev2 + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + +conn home + left=PH_IP_CAROL + leftnexthop=%direct + leftcert=carolCert.pem + leftid=carol@strongswan.org + right=PH_IP_MOON + rightsubnet=10.1.0.0/16 + rightid=@moon.strongswan.org + auto=add diff --git a/testing/tests/ikev2/ocsp-local-cert/hosts/carol/etc/ipsec.d/ocspcerts/ocspCert-self.pem b/testing/tests/ikev2/ocsp-local-cert/hosts/carol/etc/ipsec.d/ocspcerts/ocspCert-self.pem new file mode 100644 index 000000000..77f5bde52 --- /dev/null +++ b/testing/tests/ikev2/ocsp-local-cert/hosts/carol/etc/ipsec.d/ocspcerts/ocspCert-self.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEbjCCA1agAwIBAgIJALN2wqyLTIzfMA0GCSqGSIb3DQEBBQUAMGsxCzAJBgNV +BAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMSMwIQYDVQQLExpPQ1NQ +IFNlbGYtU2lnbmVkIEF1dGhvcml0eTEcMBoGA1UEAxMTb2NzcC5zdHJvbmdzd2Fu +Lm9yZzAeFw0wNzAzMTQxMjM0MDNaFw0xMjAzMTIxMjM0MDNaMGsxCzAJBgNVBAYT +AkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMSMwIQYDVQQLExpPQ1NQIFNl +bGYtU2lnbmVkIEF1dGhvcml0eTEcMBoGA1UEAxMTb2NzcC5zdHJvbmdzd2FuLm9y +ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMgSOFeDdWxYKGPUSUhM +BFAELGmHKfg2R25aWlE8ju//I0ByaoIsm8BPapSiiiwTdho/JPP44/nvHcDQu828 +P3uY5XbSPZpiiBgFoo8BC2/Y/rxY/skjEzqoHEXjg/vO1bA0tqjVn5a0jpkai7pD +mUyBrmn1ArOjhR/HAupCHsIb7sAL+IEXByMcZQK6bvNL9PMTYI1T72+t/9cZAAEJ +DfEhyJZMxQKgmT1SNzLwyszy1M1HF95D59gBok4PaRWWsLdwzplfTKh61CeGCYqb +UP3qpMKrJ8Y7uv+e1vVzuYbJg5DR+bF1IGIc9QRyJlTkhZco+zTCQYxpvsNO18yr +4qcCAwEAAaOCARMwggEPMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgECMB0GA1UdDgQW +BBQHqEiJbwUSQJDtrfhopkda0nXrLTCBnQYDVR0jBIGVMIGSgBQHqEiJbwUSQJDt +rfhopkda0nXrLaFvpG0wazELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0 +cm9uZ1N3YW4xIzAhBgNVBAsTGk9DU1AgU2VsZi1TaWduZWQgQXV0aG9yaXR5MRww +GgYDVQQDExNvY3NwLnN0cm9uZ3N3YW4ub3JnggkAs3bCrItMjN8wHgYDVR0RBBcw +FYITb2NzcC5zdHJvbmdzd2FuLm9yZzAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCTAN +BgkqhkiG9w0BAQUFAAOCAQEAi//I0DOlUXNHxzLuuxyr6k5gO55zMCmHUcVfjVFZ +9e+UpLLFZY+qbxOfzVLpKyDch6dKDIA/H+SzX1GZ+uW4FFQ1wYlHcK1Sio9hOgqI +zeWdY5uHF6iERVYgOU/xp0+0LS5l4ezCvOKVkYJEFWe2eyn9rd4PGLW4/lTQiK1V +14YzPyAhB7n8Sln5LBxAeY7U7Y8jEMLXZ+VF21mjH2sxZzWV/qWZdNWVUNaLZTYL +lTqyzqsk40v5BTrjSvAWHN+c1WzydMvatFDzghlPnvR8dufRN2bnlj10J8sizn+v +1iDtM6uYi8+Yn26yMGjCP+RYW+bwKQ927Gr43UkqqGsbCg== +-----END CERTIFICATE----- diff --git a/testing/tests/ikev2/ocsp-local-cert/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/ocsp-local-cert/hosts/moon/etc/ipsec.conf new file mode 100755 index 000000000..21b48ef0c --- /dev/null +++ b/testing/tests/ikev2/ocsp-local-cert/hosts/moon/etc/ipsec.conf @@ -0,0 +1,27 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + crlcheckinterval=180 + strictcrlpolicy=yes + plutostart=no + +ca strongswan-ca + cacert=strongswanCert.pem + ocspuri=http://ocsp.strongswan.org:8880 + auto=add + +conn %default + keyexchange=ikev2 + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + +conn rw + left=PH_IP_MOON + leftnexthop=%direct + leftcert=moonCert.pem + leftid=@moon.strongswan.org + leftsubnet=10.1.0.0/16 + right=%any + auto=add diff --git a/testing/tests/ikev2/ocsp-local-cert/hosts/moon/etc/ipsec.d/ocspcerts/ocspCert-self.pem b/testing/tests/ikev2/ocsp-local-cert/hosts/moon/etc/ipsec.d/ocspcerts/ocspCert-self.pem new file mode 100644 index 000000000..77f5bde52 --- /dev/null +++ b/testing/tests/ikev2/ocsp-local-cert/hosts/moon/etc/ipsec.d/ocspcerts/ocspCert-self.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEbjCCA1agAwIBAgIJALN2wqyLTIzfMA0GCSqGSIb3DQEBBQUAMGsxCzAJBgNV +BAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMSMwIQYDVQQLExpPQ1NQ +IFNlbGYtU2lnbmVkIEF1dGhvcml0eTEcMBoGA1UEAxMTb2NzcC5zdHJvbmdzd2Fu +Lm9yZzAeFw0wNzAzMTQxMjM0MDNaFw0xMjAzMTIxMjM0MDNaMGsxCzAJBgNVBAYT +AkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMSMwIQYDVQQLExpPQ1NQIFNl +bGYtU2lnbmVkIEF1dGhvcml0eTEcMBoGA1UEAxMTb2NzcC5zdHJvbmdzd2FuLm9y +ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMgSOFeDdWxYKGPUSUhM +BFAELGmHKfg2R25aWlE8ju//I0ByaoIsm8BPapSiiiwTdho/JPP44/nvHcDQu828 +P3uY5XbSPZpiiBgFoo8BC2/Y/rxY/skjEzqoHEXjg/vO1bA0tqjVn5a0jpkai7pD +mUyBrmn1ArOjhR/HAupCHsIb7sAL+IEXByMcZQK6bvNL9PMTYI1T72+t/9cZAAEJ +DfEhyJZMxQKgmT1SNzLwyszy1M1HF95D59gBok4PaRWWsLdwzplfTKh61CeGCYqb +UP3qpMKrJ8Y7uv+e1vVzuYbJg5DR+bF1IGIc9QRyJlTkhZco+zTCQYxpvsNO18yr +4qcCAwEAAaOCARMwggEPMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgECMB0GA1UdDgQW +BBQHqEiJbwUSQJDtrfhopkda0nXrLTCBnQYDVR0jBIGVMIGSgBQHqEiJbwUSQJDt +rfhopkda0nXrLaFvpG0wazELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0 +cm9uZ1N3YW4xIzAhBgNVBAsTGk9DU1AgU2VsZi1TaWduZWQgQXV0aG9yaXR5MRww +GgYDVQQDExNvY3NwLnN0cm9uZ3N3YW4ub3JnggkAs3bCrItMjN8wHgYDVR0RBBcw +FYITb2NzcC5zdHJvbmdzd2FuLm9yZzAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCTAN +BgkqhkiG9w0BAQUFAAOCAQEAi//I0DOlUXNHxzLuuxyr6k5gO55zMCmHUcVfjVFZ +9e+UpLLFZY+qbxOfzVLpKyDch6dKDIA/H+SzX1GZ+uW4FFQ1wYlHcK1Sio9hOgqI +zeWdY5uHF6iERVYgOU/xp0+0LS5l4ezCvOKVkYJEFWe2eyn9rd4PGLW4/lTQiK1V +14YzPyAhB7n8Sln5LBxAeY7U7Y8jEMLXZ+VF21mjH2sxZzWV/qWZdNWVUNaLZTYL +lTqyzqsk40v5BTrjSvAWHN+c1WzydMvatFDzghlPnvR8dufRN2bnlj10J8sizn+v +1iDtM6uYi8+Yn26yMGjCP+RYW+bwKQ927Gr43UkqqGsbCg== +-----END CERTIFICATE----- diff --git a/testing/tests/ikev2/ocsp-local-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi b/testing/tests/ikev2/ocsp-local-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi new file mode 100755 index 000000000..dda793f44 --- /dev/null +++ b/testing/tests/ikev2/ocsp-local-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi @@ -0,0 +1,11 @@ +#!/bin/bash + +cd /etc/openssl + +echo "Content-type: application/ocsp-response" +echo "" + +/usr/bin/openssl ocsp -index index.txt -CA strongswanCert.pem \ + -rkey ocspKey-self.pem -rsigner ocspCert-self.pem \ + -resp_no_certs -nmin 5 \ + -reqin /dev/stdin -respout /dev/stdout |