summaryrefslogtreecommitdiff
path: root/testing/tests/ikev2/acert-fallback
diff options
context:
space:
mode:
Diffstat (limited to 'testing/tests/ikev2/acert-fallback')
-rw-r--r--testing/tests/ikev2/acert-fallback/hosts/carol/etc/ipsec.d/acerts/carol-finance-expired.pem18
-rw-r--r--testing/tests/ikev2/acert-fallback/hosts/carol/etc/ipsec.d/acerts/carol-sales.pem18
-rw-r--r--testing/tests/ikev2/acert-fallback/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev2/acert-fallback/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev2/acert-fallback/reissue.txt15
5 files changed, 35 insertions, 20 deletions
diff --git a/testing/tests/ikev2/acert-fallback/hosts/carol/etc/ipsec.d/acerts/carol-finance-expired.pem b/testing/tests/ikev2/acert-fallback/hosts/carol/etc/ipsec.d/acerts/carol-finance-expired.pem
index 3be000a3d..18fd32c2a 100644
--- a/testing/tests/ikev2/acert-fallback/hosts/carol/etc/ipsec.d/acerts/carol-finance-expired.pem
+++ b/testing/tests/ikev2/acert-fallback/hosts/carol/etc/ipsec.d/acerts/carol-finance-expired.pem
@@ -1,18 +1,18 @@
-----BEGIN ATTRIBUTE CERTIFICATE-----
MIIC8TCCAdkCAQEwgbCgTjBJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExp
-bnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQQIBHaFe
+bnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQQIBMKFe
pFwwWjELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAP
BgNVBAsTCFJlc2VhcmNoMR0wGwYDVQQDFBRjYXJvbEBzdHJvbmdzd2FuLm9yZ6BG
MESkQjBAMQswCQYDVQQGEwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEW
-MBQGA1UEAxMNc3Ryb25nU3dhbiBBQTANBgkqhkiG9w0BAQUFAAIISLuuiWM2O9Yw
-IhgPMjAxNDAyMDcwODQyMDVaGA8yMDE0MDIwNzA5NDIwNVowGzAZBggrBgEFBQcK
+MBQGA1UEAxMNc3Ryb25nU3dhbiBBQTANBgkqhkiG9w0BAQUFAAIIZ7+OxMinSysw
+IhgPMjAxMzAxMDEwNjAwMDBaGA8yMDEzMDExMTA2MDAwMFowGzAZBggrBgEFBQcK
BDENMAswCQwHZmluYW5jZTB/MHIGA1UdIwRrMGkLAerHOgJc+LbEweHarsJX9lKw
sKFJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4x
GzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIIFU5+Fa8cF2EwCQYDVR04BAIF
-ADANBgkqhkiG9w0BAQUFAAOCAQEAaDwqM5BY9pXhlSlT3cpCJYsNCfk6T1nG5s5J
-Dtgwojw0BVSoxKqcbpWdP09HOpBcwbPVk++I19wd5VsdHxtQ4/o2Hoevg4QWxUUx
-t3qsdMDjg7U2iH+JppYsEDmXmx9k1hvV1OiEzHJKTDlZqXkhiItLatKSptTG3c0A
-DdJVS05sdepzhkRGimE/QwO7nJ3v5ixFNIetgfbojbjhJPpNfXPIgMMHerK/hAlo
-ekSwcmh9ufFuEXg8C0NunQqf6Z6FbxiUXUF9j7dvlEp3n5YFsv3WSMUjE3Sb7r8T
-3e2A/LXb05ky0/SNebgS4fU9oi8acEgwN2Vqwu82hClwYAcHJg==
+ADANBgkqhkiG9w0BAQUFAAOCAQEAPmh8cxDsI22AZBPqNwfefJ11PNfEUkhhXLC3
+GjobCbTfBoMUs/HhSjHmTThDzHs/TQgeB97MWYUxWgCJjnvD10b6CxGq6OqaWz4O
+Zz1Q895qqFo7i87MRg0EDfYe3/3722Ive6jB/cFsP7c+//PJBwrY+jITX52DsmY8
+f9iDjh+uZlHKuYF1LULY9CHFzp+lStF1rSYSaEOPqKvSqbmOFKEG0Ft10Sx1jnb0
+tGllgWEYDcngictPK6IfSb52wLw/NlqCVU5Us4q4EXCPlgv+Jb8TzuCHjRunUYYU
+hMlF5qwKz2vYADQKZQuTWltd/wrKNI16vePw/l4JGia64eVHNg==
-----END ATTRIBUTE CERTIFICATE-----
diff --git a/testing/tests/ikev2/acert-fallback/hosts/carol/etc/ipsec.d/acerts/carol-sales.pem b/testing/tests/ikev2/acert-fallback/hosts/carol/etc/ipsec.d/acerts/carol-sales.pem
index a188a1d3d..978ab3de2 100644
--- a/testing/tests/ikev2/acert-fallback/hosts/carol/etc/ipsec.d/acerts/carol-sales.pem
+++ b/testing/tests/ikev2/acert-fallback/hosts/carol/etc/ipsec.d/acerts/carol-sales.pem
@@ -1,18 +1,18 @@
-----BEGIN ATTRIBUTE CERTIFICATE-----
MIIC7zCCAdcCAQEwgbCgTjBJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExp
-bnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQQIBHaFe
+bnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQQIBMKFe
pFwwWjELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAP
BgNVBAsTCFJlc2VhcmNoMR0wGwYDVQQDFBRjYXJvbEBzdHJvbmdzd2FuLm9yZ6BG
MESkQjBAMQswCQYDVQQGEwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEW
-MBQGA1UEAxMNc3Ryb25nU3dhbiBBQTANBgkqhkiG9w0BAQUFAAIIYO/yp98Yxu4w
-IhgPMjAxNDAyMDcxMDAxNTdaGA8yMDIyMDQyNjEwMDE1N1owGTAXBggrBgEFBQcK
+MBQGA1UEAxMNc3Ryb25nU3dhbiBBQTANBgkqhkiG9w0BAQUFAAIIc9h8nt+7954w
+IhgPMjAxNDEwMDMxMDI0MjBaGA8yMDI0MDkzMDEwMjQyMFowGTAXBggrBgEFBQcK
BDELMAkwBwwFc2FsZXMwfzByBgNVHSMEazBpCwHqxzoCXPi2xMHh2q7CV/ZSsLCh
SaRHMEUxCzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRsw
GQYDVQQDExJzdHJvbmdTd2FuIFJvb3QgQ0GCCBVOfhWvHBdhMAkGA1UdOAQCBQAw
-DQYJKoZIhvcNAQEFBQADggEBAJA/duSysWae5X9JTC0BLY6gK8ggj5V9H3d60rM4
-7A8HVQldWe5QwYIRZmLS0XhMVHWiIvXJHwue2Xgs8DyAqILSCKIKpCJRhqPIxHCh
-bek1nzw2YzVaU+E37He5V9PSkkRFO9tRvELhW3t4Wya7p4l6MVFW9ETOOtUqZYmt
-bxAq/XEFZl/aFb2FW2RoKjUZpwxbrccCaV1hKIxtNen2ro31dNd9YHXe+fE4Fc7r
-FTwbhOg3QLvZDXmiZt3LCXdMKAhayLbuSVsycuEtac44OVSvKhJ8GYykTRRn67nU
-qCFNDe266KTNDqUMilrHm3FYGkpFtREOBajH4EqdMAJSdXg=
+DQYJKoZIhvcNAQEFBQADggEBABdaDa/S5KBcETrE2Ttu7uVs3j4vRTCyf5J14G2M
+6a06O0dYXdRhKl/zs0JXvVl+0peyAcjHJAkDEGHwOnbUd6iZQfHlDc6//yyCjv56
+cjhDqtctSzI5iJNVJHlaxMGNDEmSZbr2IBIZ8W9dTswnrLVYP6aPLU5mCIf/jhcU
+uBAfpMLNpz6CCGToqkJi5GgO6MX9pr0fdDJeu/Pyhu1P4m8ShAYuwKRiADnAb2zb
+caC61tZh3BldeQGZlD9fIxRk7yL5zaU+HphvcY3b+tyKdbv5pfgOvPuBqUtZ+I/a
+ejeoAX09edN394xeIOV/2pPnOL3ybo4FHkparTX9UJYNxjE=
-----END ATTRIBUTE CERTIFICATE-----
diff --git a/testing/tests/ikev2/acert-fallback/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/acert-fallback/hosts/carol/etc/strongswan.conf
index dc937641c..f585edfca 100644
--- a/testing/tests/ikev2/acert-fallback/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/acert-fallback/hosts/carol/etc/strongswan.conf
@@ -1,5 +1,5 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
+ load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default updown
}
diff --git a/testing/tests/ikev2/acert-fallback/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/acert-fallback/hosts/moon/etc/strongswan.conf
index cd836a2b7..bae8628f3 100644
--- a/testing/tests/ikev2/acert-fallback/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/acert-fallback/hosts/moon/etc/strongswan.conf
@@ -1,5 +1,5 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation acert hmac xcbc stroke kernel-netlink socket-default updown
+ load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation acert hmac xcbc stroke kernel-netlink socket-default updown
}
diff --git a/testing/tests/ikev2/acert-fallback/reissue.txt b/testing/tests/ikev2/acert-fallback/reissue.txt
new file mode 100644
index 000000000..2e1cd6892
--- /dev/null
+++ b/testing/tests/ikev2/acert-fallback/reissue.txt
@@ -0,0 +1,15 @@
+# Carols expired acert for finance
+pki --acert \
+ --issuercert hosts/moon/etc/ipsec.d/aacerts/aa.pem \
+ --issuerkey hosts/moon/etc/ipsec.d/private/aa.pem \
+ --in ../../../hosts/carol/etc/ipsec.d/certs/carolCert.pem \
+ --group finance -F "01.01.13 08:00:00" -l 240 -f pem \
+ > ./hosts/carol/etc/ipsec.d/acerts/carol-finance-expired.pem
+
+# Carols valid acert for sales
+pki --acert \
+ --issuercert hosts/moon/etc/ipsec.d/aacerts/aa.pem \
+ --issuerkey hosts/moon/etc/ipsec.d/private/aa.pem \
+ --in ../../../hosts/carol/etc/ipsec.d/certs/carolCert.pem \
+ --group sales -l 87600 -f pem \
+ > hosts/carol/etc/ipsec.d/acerts/carol-sales.pem
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-06 21:42:14 +0000