Imported Upstream version 1.5.1

tests/.project

@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>xtreemfs-tests</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.python.pydev.PyDevBuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.python.pydev.pythonNature</nature>
+	</natures>
+</projectDescription>

tests/.pydevproject

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?eclipse-pydev version="1.0"?>
+
+<pydev_project>
+<pydev_property name="org.python.pydev.PYTHON_PROJECT_VERSION">python 2.6</pydev_property>
+<pydev_property name="org.python.pydev.PYTHON_PROJECT_INTERPRETER">Default</pydev_property>
+</pydev_project>

tests/certs/Client.key

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDQa6CzhXSUtTjoKMytOjWU+krFNRwAYJgDRt8icIMp9k9EIzR2
+P10YD5/S7d4CtgrIeH1e3Hv6G+YphyX6qt8pJLbpQEWNz1LksUPvxgJ6QsmBAwom
+b/WCiaV6J0+f5awYHLrzJg1HejTXRnsUdBxRVGGmvbx88MqsFADuz0l0mwIDAQAB
+AoGBAJL1wRu0l46f9h9lXWUsLUn97qj9mN//PFDbMU00bpgxEJVoCX7zkO39XmG5
+zhi1SgcvRp+T8mtaLsHLhREqWS2Aqam+7P2l4o+445UIMmefRliMS5WdwgMW7pFT
+zuYYbowrvOYu07UYKoZV0DnQ2C6vFJW2LOdnLLaUEprd4R8BAkEA8LhI56BvD0mt
+ga+r6ABOMYgimhWaCJkvanAK29lleq//ygZUt5PkYcD/SqgGalb3vq7EoHN1Oivf
+U9Y7bG4bGwJBAN2meYUhkCrTYFmDiQtEKzolE/ZnBJlamkfx4BgfiUq2OUAGYZ33
+sIgZLSrcHU40Qm1KOIllj/3+md5kFoHaJIECQGCpz/Tbct2Tu43hSknOnZe8UBDJ
+7eHYCbdXKLUh9mMu+6tXoXtacxJiGuIS2QioxbGXorO/yWpDpdmXpKMlD9MCQQCg
+QzB2XFA7Rt7RmlPKu51ty0Vl0hL3NxV6k57ukk7YoG1Ap9yJNYCEx39rEAB4fTzS
+fOnoHnFAu4hRzpifhzUBAkBpWnOfkeG8cEvFQfOcfFdR3rSxYZ08g5PiDjekzHDx
+HukVDwDo5ibCP2dTEyjXFTnJojXzMUYtU3n7ynLRB48Q
+-----END RSA PRIVATE KEY-----

tests/certs/Client.pem

@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICiDCCAfECAQMwDQYJKoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAkRFMQ8wDQYD
+VQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEVMBMGA1UEChMMeHRyZWVtZnMu
+b3JnMQ4wDAYDVQQLEwV0ZXN0czESMBAGA1UEAxMJdGVzdHJvYm90MSAwHgYJKoZI
+hvcNAQkBFhF0ZXN0QHh0cmVlbWZzLmNvbTAeFw0xMDA0MDYxMjAxNThaFw0yMDA0
+MDMxMjAxNThaMIGLMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYD
+VQQHEwZCZXJsaW4xFTATBgNVBAoTDHh0cmVlbWZzLm9yZzENMAsGA1UECxMEdGVz
+dDESMBAGA1UEAxMJdGVzdHJvYm90MSAwHgYJKoZIhvcNAQkBFhF0ZXN0QHh0cmVl
+bWZzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0Gugs4V0lLU46CjM
+rTo1lPpKxTUcAGCYA0bfInCDKfZPRCM0dj9dGA+f0u3eArYKyHh9Xtx7+hvmKYcl
++qrfKSS26UBFjc9S5LFD78YCekLJgQMKJm/1gomleidPn+WsGBy68yYNR3o010Z7
+FHQcUVRhpr28fPDKrBQA7s9JdJsCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBRNxXE
+mNHHhAuaGx/WkpjSriXKMjDdBugIW+MGirYPDRT7B/PQFil8+amwFqCV7n2Z7SCF
+6PSkavS0QpN1tkYOhw5m8kYPzEK8GjFIeWF29qj8hXy1Kn2RvuYb9CG9Pg1m2tvP
+uk22jIpD7l5kU8/NTTJYunzMzPpqAXr0B6yiVQ==
+-----END CERTIFICATE-----

tests/certs/Client.req

@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBzDCCATUCAQAwgYsxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
+BgNVBAcTBkJlcmxpbjEVMBMGA1UEChMMeHRyZWVtZnMub3JnMQ0wCwYDVQQLEwR0
+ZXN0MRIwEAYDVQQDEwl0ZXN0cm9ib3QxIDAeBgkqhkiG9w0BCQEWEXRlc3RAeHRy
+ZWVtZnMuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQa6CzhXSUtTjo
+KMytOjWU+krFNRwAYJgDRt8icIMp9k9EIzR2P10YD5/S7d4CtgrIeH1e3Hv6G+Yp
+hyX6qt8pJLbpQEWNz1LksUPvxgJ6QsmBAwomb/WCiaV6J0+f5awYHLrzJg1HejTX
+RnsUdBxRVGGmvbx88MqsFADuz0l0mwIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEA
+tMl8RbahSOZpNYblG4TJeiH75WuiDtZfHGbd9PcZNwI5s/ApCz2iEWJsbeVL/jXr
+tPWxuICFs+v4kbtsXdKzebFRPjL52Iw/+wNLyosg+Q/bFGYs/S0ls1ApwjMTOA8R
+yJg2CxrY6M6SdKcp6qdsziHfiJDIzxTJzspCQNjdSOQ=
+-----END CERTIFICATE REQUEST-----

tests/certs/DIR.key

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQDh9thmhDzG3hF+D/q28KISy5qBC5zda7OMG21k6NbuwisVr5tr
+966m4QWpS8W5Gp3gWmk0GD1fT4Zs/mkq9my/rdbY/+1GVujbZ8U9t2UOyGaByi/Z
+2kOoEe0zlxa66DcECZBL7kUO2iS69kQK4gCyXnYuzWB2jjqUe4od8Y3E/wIDAQAB
+AoGABuKrs2wCIhkwNUQtYpewiJwVqCr/a6vVe8Z2LeX+bqYSBAYm2UJh2wnuTztU
+2hAakXSP0huO+zGEKhwSflGl/J6aAcZEldxAJEVDmHcgz0Jm3L6g/o19dzj/nJPR
+uxiPdRvaTizjr74L0FRqLSwlk5aKTFmQQvT9qltwwyuTTmkCQQDx8S1Xu/8DcueN
+2sRRUSRFaBnWooh+Rdbmegorj7kwmCm0RjeByaeQoRbeuKKwhaSFU50HeB2PTp5q
+Teu9akjlAkEA7xgAfC0o9yl7rtxHkT5MS5lfK9ylQ2BOOdQhKRWRQVs1scqGXJqZ
+9Renpu1FSJZknpDUMcRjFzLOkg2VgmcsEwJAeIPfRzWQ+KHS79lKMwtNGvmY7U42
+2VdmjZW63SoRYEBbfb4ARjkxq5xibPzhpTZc1kDpFmBhsRHDXUaFJ+v6dQJAegad
++MJzrfGWFmCGhjJtbggQ8qniDskQI6OIaReA0wJiHSNn/8tH2DcCcceXHLzlDaiN
+I/k/OY/Mre4Q6EUP0QJAcgSpFvbbW45PSQUMCb2L14TiPIqAgJFbIck+3S1kvEaL
+wh9ttFavY1Eo5tdvsxnWvp4jHQ6z+eqjnMbgCq+1kQ==
+-----END RSA PRIVATE KEY-----

tests/certs/DIR.pem

@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICiDCCAfECAQQwDQYJKoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAkRFMQ8wDQYD
+VQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEVMBMGA1UEChMMeHRyZWVtZnMu
+b3JnMQ4wDAYDVQQLEwV0ZXN0czESMBAGA1UEAxMJdGVzdHJvYm90MSAwHgYJKoZI
+hvcNAQkBFhF0ZXN0QHh0cmVlbWZzLmNvbTAeFw0xMDA0MDYxMjAzMjNaFw0yMDA0
+MDMxMjAzMjNaMIGLMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYD
+VQQHEwZCZXJsaW4xFTATBgNVBAoTDHh0cmVlbWZzLm9yZzENMAsGA1UECxMEdGVz
+dDESMBAGA1UEAxMJdGVzdHJvYm90MSAwHgYJKoZIhvcNAQkBFhF0ZXN0QHh0cmVl
+bWZzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4fbYZoQ8xt4Rfg/6
+tvCiEsuagQuc3WuzjBttZOjW7sIrFa+ba/eupuEFqUvFuRqd4FppNBg9X0+GbP5p
+KvZsv63W2P/tRlbo22fFPbdlDshmgcov2dpDqBHtM5cWuug3BAmQS+5FDtokuvZE
+CuIAsl52Ls1gdo46lHuKHfGNxP8CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCLJPKR
+FX8HPZwgWzxo3b4cVMiT0Zt01msbbrre8u/7jq4/FC0cerFOXod7+MbUcYDFb7lW
+cYe1CXyMImeAb2mwodWU9ypYCU9iHyykQPG4JTMfmsSUzSeGK97PFT7aZ0mbqtL7
+9CpSo1t0vLdchBKRY15AA39MgcIGAkqNHgL40g==
+-----END CERTIFICATE-----

tests/certs/DIR.req

@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBzDCCATUCAQAwgYsxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
+BgNVBAcTBkJlcmxpbjEVMBMGA1UEChMMeHRyZWVtZnMub3JnMQ0wCwYDVQQLEwR0
+ZXN0MRIwEAYDVQQDEwl0ZXN0cm9ib3QxIDAeBgkqhkiG9w0BCQEWEXRlc3RAeHRy
+ZWVtZnMuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDh9thmhDzG3hF+
+D/q28KISy5qBC5zda7OMG21k6NbuwisVr5tr966m4QWpS8W5Gp3gWmk0GD1fT4Zs
+/mkq9my/rdbY/+1GVujbZ8U9t2UOyGaByi/Z2kOoEe0zlxa66DcECZBL7kUO2iS6
+9kQK4gCyXnYuzWB2jjqUe4od8Y3E/wIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEA
+F6t1nQxHZoppEnAiirhAe8m8XQYV7/OqYjb8zL1ryGxQ/S9INcCyK15asGhzX0Jn
+pXkNvKrjSeUOMtXPYM7va2XZOAYqyJsHGDqJih4VYXHt7b/VVvMRlZ4hJedGeVBZ
+5j+MXsJgT+OD5FrFxyHNVg9fuR9cnv0pmurIkQrpYpY=
+-----END CERTIFICATE REQUEST-----

tests/certs/MRC.key

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQDh9thmhDzG3hF+D/q28KISy5qBC5zda7OMG21k6NbuwisVr5tr
+966m4QWpS8W5Gp3gWmk0GD1fT4Zs/mkq9my/rdbY/+1GVujbZ8U9t2UOyGaByi/Z
+2kOoEe0zlxa66DcECZBL7kUO2iS69kQK4gCyXnYuzWB2jjqUe4od8Y3E/wIDAQAB
+AoGABuKrs2wCIhkwNUQtYpewiJwVqCr/a6vVe8Z2LeX+bqYSBAYm2UJh2wnuTztU
+2hAakXSP0huO+zGEKhwSflGl/J6aAcZEldxAJEVDmHcgz0Jm3L6g/o19dzj/nJPR
+uxiPdRvaTizjr74L0FRqLSwlk5aKTFmQQvT9qltwwyuTTmkCQQDx8S1Xu/8DcueN
+2sRRUSRFaBnWooh+Rdbmegorj7kwmCm0RjeByaeQoRbeuKKwhaSFU50HeB2PTp5q
+Teu9akjlAkEA7xgAfC0o9yl7rtxHkT5MS5lfK9ylQ2BOOdQhKRWRQVs1scqGXJqZ
+9Renpu1FSJZknpDUMcRjFzLOkg2VgmcsEwJAeIPfRzWQ+KHS79lKMwtNGvmY7U42
+2VdmjZW63SoRYEBbfb4ARjkxq5xibPzhpTZc1kDpFmBhsRHDXUaFJ+v6dQJAegad
++MJzrfGWFmCGhjJtbggQ8qniDskQI6OIaReA0wJiHSNn/8tH2DcCcceXHLzlDaiN
+I/k/OY/Mre4Q6EUP0QJAcgSpFvbbW45PSQUMCb2L14TiPIqAgJFbIck+3S1kvEaL
+wh9ttFavY1Eo5tdvsxnWvp4jHQ6z+eqjnMbgCq+1kQ==
+-----END RSA PRIVATE KEY-----

tests/certs/MRC.pem

@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICiDCCAfECAQQwDQYJKoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAkRFMQ8wDQYD
+VQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEVMBMGA1UEChMMeHRyZWVtZnMu
+b3JnMQ4wDAYDVQQLEwV0ZXN0czESMBAGA1UEAxMJdGVzdHJvYm90MSAwHgYJKoZI
+hvcNAQkBFhF0ZXN0QHh0cmVlbWZzLmNvbTAeFw0xMDA0MDYxMjAzMjNaFw0yMDA0
+MDMxMjAzMjNaMIGLMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYD
+VQQHEwZCZXJsaW4xFTATBgNVBAoTDHh0cmVlbWZzLm9yZzENMAsGA1UECxMEdGVz
+dDESMBAGA1UEAxMJdGVzdHJvYm90MSAwHgYJKoZIhvcNAQkBFhF0ZXN0QHh0cmVl
+bWZzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4fbYZoQ8xt4Rfg/6
+tvCiEsuagQuc3WuzjBttZOjW7sIrFa+ba/eupuEFqUvFuRqd4FppNBg9X0+GbP5p
+KvZsv63W2P/tRlbo22fFPbdlDshmgcov2dpDqBHtM5cWuug3BAmQS+5FDtokuvZE
+CuIAsl52Ls1gdo46lHuKHfGNxP8CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCLJPKR
+FX8HPZwgWzxo3b4cVMiT0Zt01msbbrre8u/7jq4/FC0cerFOXod7+MbUcYDFb7lW
+cYe1CXyMImeAb2mwodWU9ypYCU9iHyykQPG4JTMfmsSUzSeGK97PFT7aZ0mbqtL7
+9CpSo1t0vLdchBKRY15AA39MgcIGAkqNHgL40g==
+-----END CERTIFICATE-----

tests/certs/MRC.req

@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBzDCCATUCAQAwgYsxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
+BgNVBAcTBkJlcmxpbjEVMBMGA1UEChMMeHRyZWVtZnMub3JnMQ0wCwYDVQQLEwR0
+ZXN0MRIwEAYDVQQDEwl0ZXN0cm9ib3QxIDAeBgkqhkiG9w0BCQEWEXRlc3RAeHRy
+ZWVtZnMuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDh9thmhDzG3hF+
+D/q28KISy5qBC5zda7OMG21k6NbuwisVr5tr966m4QWpS8W5Gp3gWmk0GD1fT4Zs
+/mkq9my/rdbY/+1GVujbZ8U9t2UOyGaByi/Z2kOoEe0zlxa66DcECZBL7kUO2iS6
+9kQK4gCyXnYuzWB2jjqUe4od8Y3E/wIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEA
+F6t1nQxHZoppEnAiirhAe8m8XQYV7/OqYjb8zL1ryGxQ/S9INcCyK15asGhzX0Jn
+pXkNvKrjSeUOMtXPYM7va2XZOAYqyJsHGDqJih4VYXHt7b/VVvMRlZ4hJedGeVBZ
+5j+MXsJgT+OD5FrFxyHNVg9fuR9cnv0pmurIkQrpYpY=
+-----END CERTIFICATE REQUEST-----

tests/certs/OSD.key

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQDh9thmhDzG3hF+D/q28KISy5qBC5zda7OMG21k6NbuwisVr5tr
+966m4QWpS8W5Gp3gWmk0GD1fT4Zs/mkq9my/rdbY/+1GVujbZ8U9t2UOyGaByi/Z
+2kOoEe0zlxa66DcECZBL7kUO2iS69kQK4gCyXnYuzWB2jjqUe4od8Y3E/wIDAQAB
+AoGABuKrs2wCIhkwNUQtYpewiJwVqCr/a6vVe8Z2LeX+bqYSBAYm2UJh2wnuTztU
+2hAakXSP0huO+zGEKhwSflGl/J6aAcZEldxAJEVDmHcgz0Jm3L6g/o19dzj/nJPR
+uxiPdRvaTizjr74L0FRqLSwlk5aKTFmQQvT9qltwwyuTTmkCQQDx8S1Xu/8DcueN
+2sRRUSRFaBnWooh+Rdbmegorj7kwmCm0RjeByaeQoRbeuKKwhaSFU50HeB2PTp5q
+Teu9akjlAkEA7xgAfC0o9yl7rtxHkT5MS5lfK9ylQ2BOOdQhKRWRQVs1scqGXJqZ
+9Renpu1FSJZknpDUMcRjFzLOkg2VgmcsEwJAeIPfRzWQ+KHS79lKMwtNGvmY7U42
+2VdmjZW63SoRYEBbfb4ARjkxq5xibPzhpTZc1kDpFmBhsRHDXUaFJ+v6dQJAegad
++MJzrfGWFmCGhjJtbggQ8qniDskQI6OIaReA0wJiHSNn/8tH2DcCcceXHLzlDaiN
+I/k/OY/Mre4Q6EUP0QJAcgSpFvbbW45PSQUMCb2L14TiPIqAgJFbIck+3S1kvEaL
+wh9ttFavY1Eo5tdvsxnWvp4jHQ6z+eqjnMbgCq+1kQ==
+-----END RSA PRIVATE KEY-----

tests/certs/OSD.pem

@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICiDCCAfECAQQwDQYJKoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAkRFMQ8wDQYD
+VQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEVMBMGA1UEChMMeHRyZWVtZnMu
+b3JnMQ4wDAYDVQQLEwV0ZXN0czESMBAGA1UEAxMJdGVzdHJvYm90MSAwHgYJKoZI
+hvcNAQkBFhF0ZXN0QHh0cmVlbWZzLmNvbTAeFw0xMDA0MDYxMjAzMjNaFw0yMDA0
+MDMxMjAzMjNaMIGLMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYD
+VQQHEwZCZXJsaW4xFTATBgNVBAoTDHh0cmVlbWZzLm9yZzENMAsGA1UECxMEdGVz
+dDESMBAGA1UEAxMJdGVzdHJvYm90MSAwHgYJKoZIhvcNAQkBFhF0ZXN0QHh0cmVl
+bWZzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4fbYZoQ8xt4Rfg/6
+tvCiEsuagQuc3WuzjBttZOjW7sIrFa+ba/eupuEFqUvFuRqd4FppNBg9X0+GbP5p
+KvZsv63W2P/tRlbo22fFPbdlDshmgcov2dpDqBHtM5cWuug3BAmQS+5FDtokuvZE
+CuIAsl52Ls1gdo46lHuKHfGNxP8CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCLJPKR
+FX8HPZwgWzxo3b4cVMiT0Zt01msbbrre8u/7jq4/FC0cerFOXod7+MbUcYDFb7lW
+cYe1CXyMImeAb2mwodWU9ypYCU9iHyykQPG4JTMfmsSUzSeGK97PFT7aZ0mbqtL7
+9CpSo1t0vLdchBKRY15AA39MgcIGAkqNHgL40g==
+-----END CERTIFICATE-----

tests/certs/OSD.req

@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBzDCCATUCAQAwgYsxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
+BgNVBAcTBkJlcmxpbjEVMBMGA1UEChMMeHRyZWVtZnMub3JnMQ0wCwYDVQQLEwR0
+ZXN0MRIwEAYDVQQDEwl0ZXN0cm9ib3QxIDAeBgkqhkiG9w0BCQEWEXRlc3RAeHRy
+ZWVtZnMuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDh9thmhDzG3hF+
+D/q28KISy5qBC5zda7OMG21k6NbuwisVr5tr966m4QWpS8W5Gp3gWmk0GD1fT4Zs
+/mkq9my/rdbY/+1GVujbZ8U9t2UOyGaByi/Z2kOoEe0zlxa66DcECZBL7kUO2iS6
+9kQK4gCyXnYuzWB2jjqUe4od8Y3E/wIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEA
+F6t1nQxHZoppEnAiirhAe8m8XQYV7/OqYjb8zL1ryGxQ/S9INcCyK15asGhzX0Jn
+pXkNvKrjSeUOMtXPYM7va2XZOAYqyJsHGDqJih4VYXHt7b/VVvMRlZ4hJedGeVBZ
+5j+MXsJgT+OD5FrFxyHNVg9fuR9cnv0pmurIkQrpYpY=
+-----END CERTIFICATE REQUEST-----

tests/certs/client_ssl_test/CA_Chain.pem

@@ -0,0 +1,42 @@
+-----BEGIN CERTIFICATE-----
+MIICFzCCAYACAQUwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UEBhMCREUxDzANBgNV
+BAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxGDAWBgNV
+BAMMD0ludGVybWVkaWF0ZSBDQTAgFw0xNDExMjAxNTQwNThaGA8yMDk5MTIzMTE1
+NDA1OFowTzELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0GA1UEBwwG
+QmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNVBAMMB0xlYWYgQ0EwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBALyKn2JUrZw1mGT0hh0vmE7sB3MTCrdsqDjuY8kp
+p9OMibmGGg4Zgwkfa4coargyLIEnBrxZPPj9Myj1zzckKo4MjnkmgzjrqO0w7771
+0USbLX/52mPT8e272N4hcV184SF36Gaky81hh3z7t4yRSR3XTq4qTY5SH1dXfs9s
+S7x7AgMBAAEwDQYJKoZIhvcNAQELBQADgYEAEpsRUQexdKRr0si36n2d6KQ7A84u
+Rkt70zRzFJHglI9axCo8Abd+rLz9NWOCaIaEz0C+Ivw1HYT0BO7QLLmDO9AdorUP
+UQyu1wig7L8haSh/Phb4fKzAd8htj80t4cF77wLby8HhIv1z4piIsPIDsDNBZpC2
+oF6bcvVSdy5xypE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICFzCCAYACAQMwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCREUxDzANBgNV
+BAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNV
+BAMMB1Jvb3QgQ0EwIBcNMTQxMTIwMTUzOTIwWhgPMjA5OTEyMzExNTM5MjBaMFcx
+CzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEM
+MAoGA1UECgwDWklCMRgwFgYDVQQDDA9JbnRlcm1lZGlhdGUgQ0EwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBANHFsF4az051Ivf7agDcbV0fcduWBn26sPDImAQE
+fMiGuufwZURAW4tZHj1uYT4VghhYREhdeKwupc8rYaKvCvV1jKwq70Swe/hsls1j
+6po5IwSHM3roY+wUWUSt+W6mWutl3znE4sPuk84kqlflTHYhc/YhAT8Q0jtSS96r
+TfjrAgMBAAEwDQYJKoZIhvcNAQELBQADgYEA6Pg4r17t3tH+ZK1BCODG/iC6yzCQ
+j5hgtRM/sDcEIjxY+XKcyLvfklG0B/w0HuWtt/Qe1BvYtAnsQ2VFDBRzDKGmdEJ8
+5hQ3LwMz4iYTOj/QxDm6GQOHV3zvbB80E8A1ooW/WORbxKHSumuwjBHfKUgltSSb
+FWvIu6Ojr4jNal4=
+-----END CERTIFICATE-----
+-----BEGIN TRUSTED CERTIFICATE-----
+MIICFzCCAYACCQCd5pB/OgPk1zANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJE
+RTEPMA0GA1UECAwGQmVybGluMQ8wDQYDVQQHDAZCZXJsaW4xDDAKBgNVBAoMA1pJ
+QjEQMA4GA1UEAwwHUm9vdCBDQTAgFw0xNDExMjAxNTM0MzNaGA8yMDk5MTIzMTE1
+MzQzM1owTzELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0GA1UEBwwG
+QmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNVBAMMB1Jvb3QgQ0EwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAPkvCy+jSvlJ1Plsa+SIHADmTl2D0OKjTu+E+uaO
+53G0BZp4Dr6u+gYtkFdBYX63yv3Mro2W1Vu5fNLTb4Qj/ZlDMmsfw27qWMMILvJy
+mg7gwIAFC7+UCfWbm8EheBVsJ+VOM+LHzxLrv1SHY3vFV1jZ248wAepmdmWiG+gh
+m97xAgMBAAEwDQYJKoZIhvcNAQELBQADgYEAqfd15im8YC/AaZQMK+0WBhBXkgtV
+77EozQeRfycV19hCicg5ZHNkciJyXgrM4sktAxdlSvCq41eNbnozDpGL+1ZSbdpt
+LM77JWMM++sd9/OXolB7ysvFOo6Y3npw3hf8igWxsMT2guPo4d4wmkK/+PTFzODp
+ebyOXATz3GfwJ0U=
+-----END TRUSTED CERTIFICATE-----

tests/certs/client_ssl_test/CA_Intermediate.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANHFsF4az051Ivf7
+agDcbV0fcduWBn26sPDImAQEfMiGuufwZURAW4tZHj1uYT4VghhYREhdeKwupc8r
+YaKvCvV1jKwq70Swe/hsls1j6po5IwSHM3roY+wUWUSt+W6mWutl3znE4sPuk84k
+qlflTHYhc/YhAT8Q0jtSS96rTfjrAgMBAAECgYALO09/KmZRKBpwNqjtVOASLV3W
+SQkd8EILEmJ5TJg10GjvhEKXze5Y3rOszF0uis5FaWx2h3KvnWvJVORMZpzqgLkK
+XSOdYl82zkSUNYculMMtPSw7uybxcx/GAP7ZBhhUJJpG4kCd9K9TI9MRceCrXKAT
+5+1dy2l/t0ekrM8HMQJBAPi155I9CRiOJicZo0ZgBWq8bI6we4RALdp0flpFTSjR
+QFHbBJW1ZhR9MO1dtU5Vx/Wzj2sT5S7Q4MCX9pKuCTkCQQDX66B4c5lXie7DBFDY
+yfivoZ1FX0Gt69DAetWXaryGREU81ztYzFIoM/R1qTIYvh9gP036fDfBhM9QTwNG
+iQdDAkASlIRYSHcFfpkbEq8/8qx07N6vSj/wAVtrlohZ9hNtmTRU6SfOh1646SFe
+mkGROJdXo7JzLWlRtgkUWkXxb08BAkEA0zL/O9KW4zFgAhFuox6ryd9jXj/WlrBa
++GsuEXWuAgc1UlWVDz6L/hcTvyNIhTsypYpGVAS85OVrgzpGEfBm0QJBANzadZtz
+6XPgoY83dpkiRpAUhVxG+uMZmC4KZWpwyAZYt45n/EMAUa6CPm5hcmEDC1j4WOnR
+cYYy2VXu8JeHQ7o=
+-----END PRIVATE KEY-----

tests/certs/client_ssl_test/CA_Intermediate.pem

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICFzCCAYACAQMwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCREUxDzANBgNV
+BAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNV
+BAMMB1Jvb3QgQ0EwIBcNMTQxMTIwMTUzOTIwWhgPMjA5OTEyMzExNTM5MjBaMFcx
+CzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEM
+MAoGA1UECgwDWklCMRgwFgYDVQQDDA9JbnRlcm1lZGlhdGUgQ0EwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBANHFsF4az051Ivf7agDcbV0fcduWBn26sPDImAQE
+fMiGuufwZURAW4tZHj1uYT4VghhYREhdeKwupc8rYaKvCvV1jKwq70Swe/hsls1j
+6po5IwSHM3roY+wUWUSt+W6mWutl3znE4sPuk84kqlflTHYhc/YhAT8Q0jtSS96r
+TfjrAgMBAAEwDQYJKoZIhvcNAQELBQADgYEA6Pg4r17t3tH+ZK1BCODG/iC6yzCQ
+j5hgtRM/sDcEIjxY+XKcyLvfklG0B/w0HuWtt/Qe1BvYtAnsQ2VFDBRzDKGmdEJ8
+5hQ3LwMz4iYTOj/QxDm6GQOHV3zvbB80E8A1ooW/WORbxKHSumuwjBHfKUgltSSb
+FWvIu6Ojr4jNal4=
+-----END CERTIFICATE-----

tests/certs/client_ssl_test/CA_Intermediate.req

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBlzCCAQACAQAwVzELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0G
+A1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxGDAWBgNVBAMMD0ludGVybWVkaWF0
+ZSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0cWwXhrPTnUi9/tqANxt
+XR9x25YGfbqw8MiYBAR8yIa65/BlREBbi1kePW5hPhWCGFhESF14rC6lzythoq8K
+9XWMrCrvRLB7+GyWzWPqmjkjBIczeuhj7BRZRK35bqZa62XfOcTiw+6TziSqV+VM
+diFz9iEBPxDSO1JL3qtN+OsCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBAKy3xjEC
+M0gIuIyXMxFOtBnVu9vlFy/bb1zWz4WNgpJ6Mkv7TRsW3I51eBxKOKM0XNvV/JdQ
+ZRxY+OfT0yyPdUUSIFzES9qHPCZE5Y1DZginrm4YYb/UH6jQ48ajA4OcRdkTRiog
+L0+j0fuu9SNVLRl5XmYiB4/dl3AnnrEqRh/j
+-----END CERTIFICATE REQUEST-----

tests/certs/client_ssl_test/CA_Intermediate.srl

@@ -0,0 +1 @@
+05

tests/certs/client_ssl_test/CA_Leaf.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBALyKn2JUrZw1mGT0
+hh0vmE7sB3MTCrdsqDjuY8kpp9OMibmGGg4Zgwkfa4coargyLIEnBrxZPPj9Myj1
+zzckKo4MjnkmgzjrqO0w77710USbLX/52mPT8e272N4hcV184SF36Gaky81hh3z7
+t4yRSR3XTq4qTY5SH1dXfs9sS7x7AgMBAAECgYBhIQDPBVSS3sFtcNMOghByyAFm
+dO7WY7Gd8qGRZlZBE2t4Ge+eR+JLdtZMQLQJxD9NIa/EpCxXEQmkFk3z2DvbI4qV
+w7VGXmYqINPD/QczMb7kZ5wH007ClVhUq8X6exr6JhO/GgCycrlfBcSSqPlV+ZIi
+01hy9u0PQpEZeNb5cQJBAOE3Xkr+n0/6W1l2NgJR0PSg9G9h1kfbmnF0IHFQzPa+
+MYO2kFXbtkKotoePywiY/R1/zI7zJDvVLU69HTllRiUCQQDWT/PKUCDtfjB9fI/Q
+nAF3Xr7moAv7j36ONFGuproopgON4JrFxauit0W5icOVq1QZDvsK3eR1QKtk8Rn9
+B+YfAkEAhpDEoF6e5fSa3EtLXftwtJnvMxXsKKdIEn3mXI6AyPU/NInCl+pdblrM
+JRd/orV2l0ei+86/WZi4J5HLgl3GmQJBALJweZT+6Ju1kNw65WeVLWddnOdbZP68
+uGvgxg38Rk3oBFeSJmv7LPBbVpOoUBADSg9fOMkQfdLe2JZAZRoYBJMCQQCD3rTN
+KxmGKONJET0K7yKzpvpo5Iz6PSQOoDuxxZci+jd8nHiX4RzcfnaCarxKNjq9HYDP
+DRnERdGIfE7q8jmC
+-----END PRIVATE KEY-----

tests/certs/client_ssl_test/CA_Leaf.pem

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICFzCCAYACAQUwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UEBhMCREUxDzANBgNV
+BAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxGDAWBgNV
+BAMMD0ludGVybWVkaWF0ZSBDQTAgFw0xNDExMjAxNTQwNThaGA8yMDk5MTIzMTE1
+NDA1OFowTzELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0GA1UEBwwG
+QmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNVBAMMB0xlYWYgQ0EwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBALyKn2JUrZw1mGT0hh0vmE7sB3MTCrdsqDjuY8kp
+p9OMibmGGg4Zgwkfa4coargyLIEnBrxZPPj9Myj1zzckKo4MjnkmgzjrqO0w7771
+0USbLX/52mPT8e272N4hcV184SF36Gaky81hh3z7t4yRSR3XTq4qTY5SH1dXfs9s
+S7x7AgMBAAEwDQYJKoZIhvcNAQELBQADgYEAEpsRUQexdKRr0si36n2d6KQ7A84u
+Rkt70zRzFJHglI9axCo8Abd+rLz9NWOCaIaEz0C+Ivw1HYT0BO7QLLmDO9AdorUP
+UQyu1wig7L8haSh/Phb4fKzAd8htj80t4cF77wLby8HhIv1z4piIsPIDsDNBZpC2
+oF6bcvVSdy5xypE=
+-----END CERTIFICATE-----

tests/certs/client_ssl_test/CA_Leaf.req

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBjjCB+AIBADBPMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYD
+VQQHDAZCZXJsaW4xDDAKBgNVBAoMA1pJQjEQMA4GA1UEAwwHTGVhZiBDQTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvIqfYlStnDWYZPSGHS+YTuwHcxMKt2yo
+OO5jySmn04yJuYYaDhmDCR9rhyhquDIsgScGvFk8+P0zKPXPNyQqjgyOeSaDOOuo
+7TDvvvXRRJstf/naY9Px7bvY3iFxXXzhIXfoZqTLzWGHfPu3jJFJHddOripNjlIf
+V1d+z2xLvHsCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBAC+5svtnNsSkeXC81GTr
+N6QHFqmmSY1fDdLCh9XQV/NEm0XYZU8yOWEz839zcMtVscGqVxS4PVx2NMIuW1ur
+RiKRcgXbVOUH683If9vNwr+tX6yRHqbBsjH7x6KaI4Mx+WEGWpz4og9M77Tahctd
+NCUjOHGtGjhaazNVbr0gacs7
+-----END CERTIFICATE REQUEST-----

tests/certs/client_ssl_test/CA_Leaf.srl

@@ -0,0 +1 @@
+0A

tests/certs/client_ssl_test/CA_Root.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAPkvCy+jSvlJ1Pls
+a+SIHADmTl2D0OKjTu+E+uaO53G0BZp4Dr6u+gYtkFdBYX63yv3Mro2W1Vu5fNLT
+b4Qj/ZlDMmsfw27qWMMILvJymg7gwIAFC7+UCfWbm8EheBVsJ+VOM+LHzxLrv1SH
+Y3vFV1jZ248wAepmdmWiG+ghm97xAgMBAAECgYEAkJT1PpzWwbJPOrHoIF/BL9xx
+l90F9JqhEGTuV5yPOfAkWC5VD9rjA3aoi5hKA4aM55o9pbXg8im7/W/lAp0HZSL3
+AxZMJ7IbeoUrZ/B8kkEeyrTU7kcgW29xv9pV7UGN+tw9DVpSpWnDlA2NJE9bewtn
+vD9aAoetZAF6BE2ZrokCQQD+puKqfFP+ztHoyYBx7AhsUcmOskDZNEp2/01KrPD9
+nT/fZOh6uGCBtei2nkRBRImNEKdM5pTIxABNlh+0RQpzAkEA+oC/ZdbPvwRzbWxi
+sbvxRvubLB9Voshm+UZFabgljYdKcD/yiU1Bui8i6Uf4pZ1pC3igc2defb8HErHT
+odLkCwJARzsvVDkK1c/Mb61NvJAlmwcVtlCuSxORcM/hMu5FSuvdngN/9DP26tGT
+kuGafhdJ0qfB5ITrQW1yGEHSBH77eQJAPNrkJGhgBaaeJ/oJq+XdgoIDO1/NXQNU
+SMBygnFS5iP0yHowgHx9OC7VS1jJpeosp7XBPOfiw6eRn1AF+q0R6wJAckdmqQLD
+09pkYy94DiVXYD6D1oRYh9UhOvI9SS7ldZQ6BjWnpHGXVzXk7MgG45QO3u3Oi97P
+sNMqTmk/lQdFkg==
+-----END PRIVATE KEY-----

tests/certs/client_ssl_test/CA_Root.pem

@@ -0,0 +1,14 @@
+-----BEGIN TRUSTED CERTIFICATE-----
+MIICFzCCAYACCQCd5pB/OgPk1zANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJE
+RTEPMA0GA1UECAwGQmVybGluMQ8wDQYDVQQHDAZCZXJsaW4xDDAKBgNVBAoMA1pJ
+QjEQMA4GA1UEAwwHUm9vdCBDQTAgFw0xNDExMjAxNTM0MzNaGA8yMDk5MTIzMTE1
+MzQzM1owTzELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0GA1UEBwwG
+QmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNVBAMMB1Jvb3QgQ0EwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAPkvCy+jSvlJ1Plsa+SIHADmTl2D0OKjTu+E+uaO
+53G0BZp4Dr6u+gYtkFdBYX63yv3Mro2W1Vu5fNLTb4Qj/ZlDMmsfw27qWMMILvJy
+mg7gwIAFC7+UCfWbm8EheBVsJ+VOM+LHzxLrv1SHY3vFV1jZ248wAepmdmWiG+gh
+m97xAgMBAAEwDQYJKoZIhvcNAQELBQADgYEAqfd15im8YC/AaZQMK+0WBhBXkgtV
+77EozQeRfycV19hCicg5ZHNkciJyXgrM4sktAxdlSvCq41eNbnozDpGL+1ZSbdpt
+LM77JWMM++sd9/OXolB7ysvFOo6Y3npw3hf8igWxsMT2guPo4d4wmkK/+PTFzODp
+ebyOXATz3GfwJ0U=
+-----END TRUSTED CERTIFICATE-----

tests/certs/client_ssl_test/CA_Root.req

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBjjCB+AIBADBPMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYD
+VQQHDAZCZXJsaW4xDDAKBgNVBAoMA1pJQjEQMA4GA1UEAwwHUm9vdCBDQTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA+S8LL6NK+UnU+Wxr5IgcAOZOXYPQ4qNO
+74T65o7ncbQFmngOvq76Bi2QV0FhfrfK/cyujZbVW7l80tNvhCP9mUMyax/DbupY
+wwgu8nKaDuDAgAULv5QJ9ZubwSF4FWwn5U4z4sfPEuu/VIdje8VXWNnbjzAB6mZ2
+ZaIb6CGb3vECAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBABuAhOpm4ehZdrRflb2j
+NMchict9NZhp2OvoXnL1svTtIVwCSiCe8l0jSlnKwb2FkIjj6PZN7jMM4+ednLh7
+SXhXnMwOhFfT4XoB9INGOqXxo75fEnrVBf1HQVS0DepmruFJLNXvtsxre+8WzLFz
+CDxxx6ibXKrRybxRUMaqDSve
+-----END CERTIFICATE REQUEST-----

tests/certs/client_ssl_test/CA_Root.srl

@@ -0,0 +1 @@
+07

tests/certs/client_ssl_test/Client_Leaf.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJtmpBbGnG1YEIIW
+U7PiYYExiWUC01/4Bv43eCTJWnMVkSUkqQkQ5k9cv7+QV1c+afdtoVix0lNxBjD7
+dKFUI3m7lIAfzwXzoj0v3SVqvETTJlVbMiwXDLZkvaKdoPQ+lLemzbTVtZ3VEwM4
+ttpPV0MIXJX9qJGwQrnfXJJnMgTpAgMBAAECgYBvrRZ0y6w0pBnQ8qyaVDCQAIJl
+Vd+DUyHrZP9xKEZY+AHDuJHFUyC/nb6qstchelf6mQ1fSQMGNe4mGz7YhTesMCWC
+2RyYTvxXFkIaPDz5YSeCW2mbx7MpDyMviONXvWOe65DpES86zbQxwiJXHBFkvq6w
+tHsJVLcT62R+zTxKtQJBAMe0SNOmlzLAgaXR2SiTh8Y1/AwUzUCUQ6XOGeQ6NL2T
+afgy7vNk7oFOuBwVO8a2y6Rec2UmkNpLwLgclUmwgI8CQQDHNTIwqY2EBtzZyICu
+z1z3BIoPr9/4K+ZuDYH5CrshNjNwIPrN738f8DzWEOJtbKT74eq47VXggItqxMNJ
+l+8HAkB5COM6o7TvpYzuGwkqdn/LudxQ1iqwASweyZMXp89fNoD7VKNOENYcuMEN
+BDF+djtmG3iEzaLtKwxaibhRORAxAkBce8vzX6Q9uVnrGfT0M307iTX3lnVqqCbw
+zQCceGjsQFedJRKLbTcdwtDbqTcWCiyGbBonBLir48HWLcdkcU8dAkEAt1IyDQ6Q
+C5vt7VvaQDYAKOQTXIZ2VLDjutRrhSl8hAvksEss58Alt3dEwMIUuL6gZv/uzxF1
+V+LEenjcJJB7GA==
+-----END PRIVATE KEY-----

tests/certs/client_ssl_test/Client_Leaf.pem

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICFTCCAX4CAQowDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCREUxDzANBgNV
+BAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNV
+BAMMB0xlYWYgQ0EwIBcNMTQxMTIwMTU1MjI3WhgPMjA5OTEyMzExNTUyMjdaMFUx
+CzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEM
+MAoGA1UECgwDWklCMRYwFAYDVQQDDA1DbGllbnQgKExlYWYpMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQCbZqQWxpxtWBCCFlOz4mGBMYllAtNf+Ab+N3gkyVpz
+FZElJKkJEOZPXL+/kFdXPmn3baFYsdJTcQYw+3ShVCN5u5SAH88F86I9L90larxE
+0yZVWzIsFwy2ZL2inaD0PpS3ps201bWd1RMDOLbaT1dDCFyV/aiRsEK531ySZzIE
+6QIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAKw0s0HWwyHeaTrl7hQs++DiMb8ghvMR
+WYTPwR/1ViaQlzUahVMC3maIdH/OHVBrgAEAJtv87YkIyt5wmqiHTcJI7vS19Au0
+g1QvDIaVWJwif1/I/J7YXfGZf1VWPwwIuM1epoizN+Q/Ih3ZWIqMXNcLtio4+kqa
+S52vnn890wBa
+-----END CERTIFICATE-----

tests/certs/client_ssl_test/Client_Leaf.req

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBlDCB/gIBADBVMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYD
+VQQHDAZCZXJsaW4xDDAKBgNVBAoMA1pJQjEWMBQGA1UEAwwNQ2xpZW50IChMZWFm
+KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAm2akFsacbVgQghZTs+JhgTGJ
+ZQLTX/gG/jd4JMlacxWRJSSpCRDmT1y/v5BXVz5p922hWLHSU3EGMPt0oVQjebuU
+gB/PBfOiPS/dJWq8RNMmVVsyLBcMtmS9op2g9D6Ut6bNtNW1ndUTAzi22k9XQwhc
+lf2okbBCud9ckmcyBOkCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBAC8wTpFwxb72
+P/qCDmTw/O3xp1H1Txp9VH7RETGbxRqRcRMAEWBBYPGTteMLciuYY9qURRJKkPWv
+GuuLladEuOYODiXBQkTozEMn3P0gx0JhS3hFEwt7vKX5pYCk3k0H/VXwqnVdIFTH
+TO74Yvy1VOHn4CpJTxs8cBTBWbWeWvn5
+-----END CERTIFICATE REQUEST-----

tests/certs/client_ssl_test/Client_Root.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAM+qNWIFWk6S/yD6
+3U3N5yhP0f3pwXpnzEn5ZcUb1SiSX5wvK6AN+LCUFmrbP5mEpVaYWAdesbb2De4K
+W8c+B7iN+utgUsRPqqSIZUkQCqzI+md1z8aztqWWfft/smvKb9c1uJxSWBDkGWfS
+eYEFwvJ2nCqOpb0uHIVCU1RLIUFrAgMBAAECgYAcI0P4dCE4ZFKNdXBnCm831xjs
+/q9olofnvhM8Eflf9fVehEW0+i+oPWiMMgj8FC0S/rFuzjXmRJC+oEivRohlCqhc
+0YOlodg1xtB8gSz2XXTj0m6BpUmorqnAXX2IO7lErhCRi1LSKjbKJB7gcLbwOAcc
+GLL3X8pcXY6QN2WGgQJBAPniVKGwkiTtOA+O8JDhgwthi+i1yDMzZ1wbNV/BIf0p
+Fi+YEFa615BCrVYFq/vvCUwlAxBECpc8ikq6WOj1PUUCQQDUv1mSzOMiCcX8Hb7Z
+S4pOG9GnU4jFYD7pIjmxTOoNz0aUC1cOZmgAF6QH9GSAnta+x8GPea5byJEcLvTB
+BrbvAkBW8eRGmhxPkuaFq1OS5ZRmGlvG7bEp94HIL4NjvNxprKkWiE9vDfXBMSIE
+o1aTAzn1747gUvxoYN0xYSNcczANAkEAheZpWhvaWPINykBufhUtVzvrGIVa799D
+uTfxV8YxCcALi+IXSNjrXCOE+fy3xLw0LJ9NFCBhvSLfMf3bziGLwQJBAKMm6lpk
+e5f9xi3WMR4Nxi0yXh1bZQ0pVFxXr4A4sLAfvnq3xovEDklMoErarv0DLXIp4HBr
+Dhveh0nysPpbn3k=
+-----END PRIVATE KEY-----

tests/certs/client_ssl_test/Client_Root.pem

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICFTCCAX4CAQcwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCREUxDzANBgNV
+BAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNV
+BAMMB1Jvb3QgQ0EwIBcNMTQxMTIwMTU1MjI2WhgPMjA5OTEyMzExNTUyMjZaMFUx
+CzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEM
+MAoGA1UECgwDWklCMRYwFAYDVQQDDA1DbGllbnQgKFJvb3QpMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDPqjViBVpOkv8g+t1NzecoT9H96cF6Z8xJ+WXFG9Uo
+kl+cLyugDfiwlBZq2z+ZhKVWmFgHXrG29g3uClvHPge4jfrrYFLET6qkiGVJEAqs
+yPpndc/Gs7alln37f7Jrym/XNbicUlgQ5Bln0nmBBcLydpwqjqW9LhyFQlNUSyFB
+awIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAPYhIUtVrfrUwCa7kbbGWNWrO+1Qcy3v
+g3WrC4QYjj/m/wu8ayd5t2HFjrr1Pe6S/77uF1ZFKvg+9OvlU9OmslV/GK2xHvEN
+xXttTxiOFV8Ecp06CqAEsnHaBiGhCQfPX3uv5KqP5+LFiMWYI4m2xYcNdlvO4t6k
+nl15aCU5Lxhl
+-----END CERTIFICATE-----

tests/certs/client_ssl_test/Client_Root.req

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBlDCB/gIBADBVMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYD
+VQQHDAZCZXJsaW4xDDAKBgNVBAoMA1pJQjEWMBQGA1UEAwwNQ2xpZW50IChSb290
+KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAz6o1YgVaTpL/IPrdTc3nKE/R
+/enBemfMSfllxRvVKJJfnC8roA34sJQWats/mYSlVphYB16xtvYN7gpbxz4HuI36
+62BSxE+qpIhlSRAKrMj6Z3XPxrO2pZZ9+3+ya8pv1zW4nFJYEOQZZ9J5gQXC8nac
+Ko6lvS4chUJTVEshQWsCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBAE+s3/S0m02X
+zFhmuZe/8ZCBb699nX8qv9IQgivy/xnFg1lJ78q30n59Ym5/H8DWu3m2C+VQbCkR
+ZAMf0AA/boFr/5gPtbZv7v0vRo+0Cxhj3wrXADfCqiX/yYxaMhFodtXfps80WJoJ
+WYrS2bEVSzvwSIqVsCAqT3lAOk/r7Ps7
+-----END CERTIFICATE REQUEST-----

tests/certs/client_ssl_test/DIR_Leaf.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBANpKup4tyOonhA1c
+ZY5u5e7UG4eL4I4QiHA9MouPnD9i6h58WZbCRt4kpzC6/rb7LvEmo6B4m6/FHi4t
+HtI0J1EEE+bdRTTKmWl/QtileRF2ss0kOdZcRJ4R0Fyz+22zXe/tVEkMKgwBaQhn
+k1/ndi/wk9YwAxBW9qNtiGqTkxxhAgMBAAECgYEAqAvnZmYwybHqAq8ir2fIMveu
+ycZw9Gzd3CoAg1fnHRT0zstD3L9q9xCYdPc/p3XvSU5JoPu4PrQs67dohsIHkPbT
+5xagqajst8ilXDA3i17b++LoRQuLmB6V5FlAiY0cHQBqnm24T2dzMjQdICbBazJK
+Qv8k5vzyQPJZEdjjtAECQQDyDlQKB5oWBgnSVeyG8bA83VOTDQ65uQ8CJejKGyr2
+OsXc+AFc11zZA1kZwaN+mkMCR3F2d/8ICyPiCsRZOW/xAkEA5t3x6/u9m3okPYhJ
+uAMwznf0cqXuE9ZK1WJioBLI6SbtwqBxDCU23I5kJkPH4LO6ftfDXD2a8yxgaC9Y
+KFbjcQJBAOpc0SW84oX8ZroOk6q8i+UCbo7sj5tnAI8V4WT+FQS/NyCRx8/6fV1p
+DnYPtJs6BTNJtSP9XyKMlrufrSiuoiECQQCdIw3p4EPzElSeaSg8DjfnIHCKpHQC
+noX67WdRqteDElMceNXZPW80+doizVm7kLlsYnF/VBMmVtsbrrXjZxiRAkBKfKw7
+pFd+cZQxEMxSbK96nyrljGU9mf+2rqCQhCaMkArQ5RCDZA7TLP+yC8XEkUt2xe6T
+rhIYa/VuMK0i9JYx
+-----END PRIVATE KEY-----

tests/certs/client_ssl_test/DIR_Leaf.pem

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICEjCCAXsCAQcwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCREUxDzANBgNV
+BAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNV
+BAMMB0xlYWYgQ0EwIBcNMTQxMTIwMTU0OTQyWhgPMjA5OTEyMzExNTQ5NDJaMFIx
+CzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEM
+MAoGA1UECgwDWklCMRMwEQYDVQQDDApESVIgKExlYWYpMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDaSrqeLcjqJ4QNXGWObuXu1BuHi+COEIhwPTKLj5w/Yuoe
+fFmWwkbeJKcwuv62+y7xJqOgeJuvxR4uLR7SNCdRBBPm3UU0yplpf0LYpXkRdrLN
+JDnWXESeEdBcs/tts13v7VRJDCoMAWkIZ5Nf53Yv8JPWMAMQVvajbYhqk5McYQID
+AQABMA0GCSqGSIb3DQEBCwUAA4GBALNdBBnOAaGWrbr/e5shFDRHeUZecIjirYvQ
+HUxsxpWb5E9psoR56caavNxKLoMvDni/v/sVYOqGTH9S0DRfiFgb+lk7O6kzuJBc
+E8ik/QprEkdGRWUc0guQFZe5sCrq/3rE+gtnLI5BuVFSlt1b+DpdrvPAZpv4Pbdp
+9+SJC1rE
+-----END CERTIFICATE-----

tests/certs/client_ssl_test/DIR_Leaf.req

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBkTCB+wIBADBSMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYD
+VQQHDAZCZXJsaW4xDDAKBgNVBAoMA1pJQjETMBEGA1UEAwwKRElSIChMZWFmKTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2kq6ni3I6ieEDVxljm7l7tQbh4vg
+jhCIcD0yi4+cP2LqHnxZlsJG3iSnMLr+tvsu8SajoHibr8UeLi0e0jQnUQQT5t1F
+NMqZaX9C2KV5EXayzSQ51lxEnhHQXLP7bbNd7+1USQwqDAFpCGeTX+d2L/CT1jAD
+EFb2o22IapOTHGECAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBAKNDhzsb+1PcOL+X
+NWcDoV90ttrRIQ5hquQhbMtw6a9g/5HM+2qj978gvuf3xZ1+Bsalab7PZoLXD1kF
+OIdkwoXnysGbYT4dNpxjhEqlqI8oEK6PJCN2z9jbSJMv/fbMUOwy2enDq+2qBSOy
+0EuQKOle08Pe20Zsof6yKUdwltuy
+-----END CERTIFICATE REQUEST-----

tests/certs/client_ssl_test/DIR_Root.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMGJa4Q9zbh9xN8K
+JXP3PUrDQoPepSyben46AnsjkaJn6qjt4auG44gUqeC1lk3+G1sEbM2/ciWSXFis
+GFRAGJc9KkVGVulL49xAYan6irY5XrDDBsC/5jhQfUqW1HVfFPlV0zS3tz5FbrZw
+BHFLHJRJe22GLIU75u1HA+tAXGXbAgMBAAECgYEAkHHQ5fz+mlB76/91noyLmU4M
+ScGVQ6qzDJydF2yfmDe4wuXwRQXCseDCPS0qBgG+RvsRfaoCNpp7A89FxTOlZYYP
+QSQlpBRAU1kdgQwRgUj9sbWVBPUwSrgrTtygI/GxxI3l/eExAnrnQCmP2teiuZCh
+f6yhLhuCcoiVghMj0MkCQQDwMlJK232RiYwWpklEEZOIxYsFpIeBBYyA9PYOvGNP
+fbpA0uMDjOWbSVC6tT8O7i2iREpF1moMWJIcOslWPpUNAkEAzkUy38/vS5qUsnRu
+2fntNAYbGnEXCAK096Y7Cx8reMaQUTvm1Y66DijrVpE9PTmcVucUhdTOlfO+ppSC
+Mm/8hwJBAIps5cIgVnBubZ6L/INPAdB70A/TbwgrM3sKMVfyt+US1ykOoCfmplhk
+2zKOy6WGHCR86LTwybMNxD6inm+mp20CQAy3J1O0tcOrW89EbjDxvzWdyr3uisTr
+pcw+axVcbombc/oN/0Ta740/6IIFogjMLF8PD6zQWYvU4sPSE9SYIrECQQC6lAUT
+mFiPfVzW0+EX//u5JODdU2KpOFr9bFthyd+fbN7X4HpHDhXRQB3sEtMPVW+8jqjo
+9LKddPg8AvKofFaT
+-----END PRIVATE KEY-----

tests/certs/client_ssl_test/DIR_Root.pem

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICEjCCAXsCAQQwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCREUxDzANBgNV
+BAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNV
+BAMMB1Jvb3QgQ0EwIBcNMTQxMTIwMTU0OTI3WhgPMjA5OTEyMzExNTQ5MjdaMFIx
+CzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEM
+MAoGA1UECgwDWklCMRMwEQYDVQQDDApESVIgKFJvb3QpMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDBiWuEPc24fcTfCiVz9z1Kw0KD3qUsm3p+OgJ7I5GiZ+qo
+7eGrhuOIFKngtZZN/htbBGzNv3IlklxYrBhUQBiXPSpFRlbpS+PcQGGp+oq2OV6w
+wwbAv+Y4UH1KltR1XxT5VdM0t7c+RW62cARxSxyUSXtthiyFO+btRwPrQFxl2wID
+AQABMA0GCSqGSIb3DQEBCwUAA4GBADa1pwW9PzFZr6k3gOnrdzvnKemalH8wPyGl
+JOqw+/SwGSoNemJfZW1gyeOrjL1aG4w0u3NQVthFVEcNTc+jSIjVtl+IawrROvLb
+u4UDbDkjZC8GMKwOGNKwY54jV5Ly5KhbB3T9D/Y2I0hDVHFjpQ7u18c7nmSywEHR
+JXZp84Ax
+-----END CERTIFICATE-----

tests/certs/client_ssl_test/DIR_Root.req

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBkTCB+wIBADBSMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYD
+VQQHDAZCZXJsaW4xDDAKBgNVBAoMA1pJQjETMBEGA1UEAwwKRElSIChSb290KTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwYlrhD3NuH3E3wolc/c9SsNCg96l
+LJt6fjoCeyORomfqqO3hq4bjiBSp4LWWTf4bWwRszb9yJZJcWKwYVEAYlz0qRUZW
+6Uvj3EBhqfqKtjlesMMGwL/mOFB9SpbUdV8U+VXTNLe3PkVutnAEcUsclEl7bYYs
+hTvm7UcD60BcZdsCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBAGuQrvQZFyuIpRRh
+6rZsgBIuOg2IoWM2I0VQIBF8rxHY2c9H6yyJZAU3gebrMDP7AgigzvFfOqEBtQ3W
+YuMwNomxp5NtFCbI47OBjcNTPrIvKDEbxS0eubSq9Er7/j2apPVHKx6NMiE1CxSk
+3ufshMq2Xhuq9kSpUPiJrT1nC6yn
+-----END CERTIFICATE REQUEST-----

tests/certs/client_ssl_test/MRC_Leaf.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMnUaHW5MnHdG4co
+ADIyMRDWgq7SmJirZCjwUt6tsY7vazuxem80asNVtLX33VE+oPZ7Eag/XmTgyzFz
+hK/7RvwEgKdNagfAexjTNsa5mqNCKgqQUVHfdUhu3DgdQgcW763HcV60RYRxIjg8
+n8g+5iDXNsWlHRX/8gudiVGjAK5zAgMBAAECgYAOg6jzdlsLVzRIlvbUpUlkBZkm
+S1zP9dthGk9LVkBjoBIdG9lLMADRhVNWlrmiwxc+QoF1kQEPzh6usrkDEtX63tCy
+rPV2cX2naJnnMw0+/fLoS38FGHRnmOfJoh1qXTDnONR5VaV9LEf2vmdRDn01jCby
+UUCs7oJ/MJb90hXquQJBAP1/N2xUjiyiYqbqksumXzde0kysjuF6UxBRjU/c6sAM
+UvpPJhKEXntwXbYAIGfdOqa8EshCE9n7x83XsFQl9WcCQQDL0pagYkItBH9MVAkT
+Pw8gQT09U1yF2zvpTYfFya5r5QQf4FMh5l2l5PchpLyLrnU+MeMj9TvgysXKCPNu
+susVAkAE83chpoUgWguTNwGm+Jjje/afiL9BqCH3L6CS7r2nApacTO9xbSRrRMaP
+x3DalneOyh2Ty7aXi1Nbsdq/yf4BAkEAs8Q2yZogF6hhxiZQIsN5Sc+AfbgqYHzu
+KGUTHOU2iz7gFmU5rSqK6ig5t1ieWuwxx/skBLDkcO0m6XxfiAERyQJBANY0ED8b
+J92ng7yeEDG5zKmIZQymr2L/wScy8PeQlYIe/wT2BWiX7G93OklwaabHd8gjrVew
+2X2CbqezB4+k4gE=
+-----END PRIVATE KEY-----

tests/certs/client_ssl_test/MRC_Leaf.pem

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICEjCCAXsCAQgwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCREUxDzANBgNV
+BAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNV
+BAMMB0xlYWYgQ0EwIBcNMTQxMTIwMTU1MjA2WhgPMjA5OTEyMzExNTUyMDZaMFIx
+CzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEM
+MAoGA1UECgwDWklCMRMwEQYDVQQDDApNUkMgKExlYWYpMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDJ1Gh1uTJx3RuHKAAyMjEQ1oKu0piYq2Qo8FLerbGO72s7
+sXpvNGrDVbS1991RPqD2exGoP15k4Msxc4Sv+0b8BICnTWoHwHsY0zbGuZqjQioK
+kFFR33VIbtw4HUIHFu+tx3FetEWEcSI4PJ/IPuYg1zbFpR0V//ILnYlRowCucwID
+AQABMA0GCSqGSIb3DQEBCwUAA4GBACoEeMrGojDeFZcKH876SwEC9Jj9pko4TqzY
+LjavhqeC9b/944ikPO7ZbYBqvZkDCkeqO9eE+wX1pbUq6z5NQVdkdVwkfTL5qHr8
+xboB/o5Rb/BYGCZg68YcJfT1NSvzyjvh2tTAeJ/1nX7gOF89zyHZ2fmPB5IG3CYe
+iSf7rE2O
+-----END CERTIFICATE-----

tests/certs/client_ssl_test/MRC_Leaf.req

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBkTCB+wIBADBSMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYD
+VQQHDAZCZXJsaW4xDDAKBgNVBAoMA1pJQjETMBEGA1UEAwwKTVJDIChMZWFmKTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAydRodbkycd0bhygAMjIxENaCrtKY
+mKtkKPBS3q2xju9rO7F6bzRqw1W0tffdUT6g9nsRqD9eZODLMXOEr/tG/ASAp01q
+B8B7GNM2xrmao0IqCpBRUd91SG7cOB1CBxbvrcdxXrRFhHEiODyfyD7mINc2xaUd
+Ff/yC52JUaMArnMCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBAIWTka2wIugq3iDA
+vRrhf30rU8aMFL22U/lDUPCr9AwvhIvFhTMJ4twEe3pd+7ntXY/EZoLJATCNwYMs
+kC7UEgHHu8Bf9VeVEsZPauiynQhCgI4eKPjeKVmehkH9WBrl+N7QAWHpCdBbwncM
+0Nb5cvo8ZsswALRgbi8Sfre4H+Sk
+-----END CERTIFICATE REQUEST-----

tests/certs/client_ssl_test/MRC_Root.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAPTr32GgIzEqr7oc
+5nmzVy8GtEISCMlX7Yu6i+s9xtCG6XldAcn93Hsiougo9BlIS7+nMu1H0WU6lR/c
+Tpsyl2yqGdvJAmZE0ch8SZ8L0D4n6OAEOsqElG4cl9XcJWavMfJdAS0B7mXeogwU
+wWvVmmeFaLq+i0EXE93htc+G7jabAgMBAAECgYB/3sX5iknVWZv1ZzFNSLyz6KQj
++pZryGRVF0gFwXMTW9x5aH2On+OExkiXPQp0SLKDlR+Zkm1YlIVW5QaFMJytMYC/
+vzVRydkP2lYRQYLFVMTbn+4i1LZ6Qh8dPzFTc19hdwpYq5GmOC/ZbTQb5+7kWT1k
+mf14ZuCTVtGeowiLwQJBAP7Qfjw0SPEVTyRAaLcdbEY/LCeVH0nJWKobi7BBqdZW
+wk7VhdQlx95kO5OvhCWUtZrViWN2UEJa1L3MFnq2yBUCQQD2D5iRQaCYbbEpyJoN
+cN5GYe72fcjlfXWhONZ7/H915QcRA9oC6PxCRqkzk3uedrqnduXDdBek839bx83X
+q3/vAkEAuuOqInfqo7+QSzNeWiefWSpONT3fM9wURrdrTbvrWARMAUwEGuQW4pq7
+Q4dwsauPQt+pI6UMGo7KB+ae+iQDPQJBAJwYQroLPvzTwWr3VjsmmeteX0DBhPuI
+vmGbc/1NrfI1a2kw31GvSbAlsVsFuYtKWJi6BYIbmJBM5ENuGjgyFMMCQQDHi+Ba
+joprhoTd0GmeBwexo6Ns07oQFh1af6QQI2zsHE6GImeFSqbF0KCTU2tZqJyVrgNU
+JMxz5fdTc+XvBwjY
+-----END PRIVATE KEY-----

tests/certs/client_ssl_test/MRC_Root.pem

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICEjCCAXsCAQUwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCREUxDzANBgNV
+BAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNV
+BAMMB1Jvb3QgQ0EwIBcNMTQxMTIwMTU1MjA1WhgPMjA5OTEyMzExNTUyMDVaMFIx
+CzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEM
+MAoGA1UECgwDWklCMRMwEQYDVQQDDApNUkMgKFJvb3QpMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQD0699hoCMxKq+6HOZ5s1cvBrRCEgjJV+2LuovrPcbQhul5
+XQHJ/dx7IqLoKPQZSEu/pzLtR9FlOpUf3E6bMpdsqhnbyQJmRNHIfEmfC9A+J+jg
+BDrKhJRuHJfV3CVmrzHyXQEtAe5l3qIMFMFr1ZpnhWi6votBFxPd4bXPhu42mwID
+AQABMA0GCSqGSIb3DQEBCwUAA4GBAGHl0qw/+RLNAlGkbL8xI89Ky2W4AVxte4X4
+cWknzXNbnkoOeM+uOBZzHeWjOa0VHwg7gYHk+E2Ts6tTT768SWM5+cTJN1gxtDNz
+7RAkra9oF/YArC+3Qzo04ofshxqvbSNZk9I5hafHcmkjKvhCPY6NZ0JpDvIZXR0N
+blnaDVcV
+-----END CERTIFICATE-----

tests/certs/client_ssl_test/MRC_Root.req

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBkTCB+wIBADBSMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYD
+VQQHDAZCZXJsaW4xDDAKBgNVBAoMA1pJQjETMBEGA1UEAwwKTVJDIChSb290KTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA9OvfYaAjMSqvuhzmebNXLwa0QhII
+yVfti7qL6z3G0IbpeV0Byf3ceyKi6Cj0GUhLv6cy7UfRZTqVH9xOmzKXbKoZ28kC
+ZkTRyHxJnwvQPifo4AQ6yoSUbhyX1dwlZq8x8l0BLQHuZd6iDBTBa9WaZ4Vour6L
+QRcT3eG1z4buNpsCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBAGXH9pKeOdb7LpO7
+J90i3eY/in4eu/Wg+bDpwXq0H6jpofI5g5HnGCrNN1Dtx7qGL6qoMgakeE/JvueK
+fYHiQZYmA/Kzy746ST5Lxv7GfgY4hTUg0vGA3v8aak/lKN/M3OuuDfZKHaHxWNH4
+jYnUfvtflppyY5B5oDf5puUqlXbp
+-----END CERTIFICATE REQUEST-----

tests/certs/client_ssl_test/OSD_Leaf.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAL381PjOugAJCw7V
+TOn7PKeo21ik0+Yee4UM4qF4IsUfV9x5fp5iY7zOzRS5kKJZWK8iJIFXuMdNmGjp
+YrzyUEEL+mIRL4xZ9G83LeVPhAOIZPkF+FAJ6InUwgsitimwC2qFPmXCsHU05DGS
+OCKmQV8b90BRd+zfpX3vPSre4+TNAgMBAAECgYAq2uAza3Y7Uc7jvquFz/0jmIw5
+15xQuSmFnp10bMPzERnhiqpMEceLrF5IQX9lj5/YiWwQnPf6RP+PEq4KDuKZFTu6
+/qq8WMfY7oeiYjiwvn0rm/zqQAhZSMf/FRsuzC+yN0EZbqm6zVIPXTfBm01z+MQC
+TgqcHtGB9LRnkNhtJQJBAPvAvyYGxuSexZIgu8yjAbykmzElYwyAWyHc5AUGyltC
+gzT7lU4wLw/GmLz3fU9laH1pA+Q0hbtbVo/XZsruG28CQQDBMVZnhMb9maep/oxG
+D0d1uJtSappV+VjP3KcE2Py88GoYAmHoAQB+j7Aniq4Mf4lp0zn79Vn9l5mlJRlP
+EFWDAkEAiD0UtHVyaQJrFNtWBjYomHfT7FK5OWi06KxrUTUNiTmDW8bSU8/LiBQH
+UCv2ymKsm0Gbc4Hg5TVWsNz2qdcVTQJAMsMH9QNKVfA9wckEipQRLrlm9mzUSKrP
+zy4nJHrvTaXN+qkFmLRKsPaITpt9yALq1EeQAMgi8SMYV/A7ii68iQJBAMb0aZ6W
+buUYcRIATdJ79zNqra7eomXolMXw98KIK0453UEB9T3HdI5qiwYvgHPD4fzqNOnb
+JSxwvROOh+9Qwqs=
+-----END PRIVATE KEY-----

tests/certs/client_ssl_test/OSD_Leaf.pem

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICEjCCAXsCAQkwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCREUxDzANBgNV
+BAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNV
+BAMMB0xlYWYgQ0EwIBcNMTQxMTIwMTU1MjE3WhgPMjA5OTEyMzExNTUyMTdaMFIx
+CzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEM
+MAoGA1UECgwDWklCMRMwEQYDVQQDDApPU0QgKExlYWYpMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQC9/NT4zroACQsO1Uzp+zynqNtYpNPmHnuFDOKheCLFH1fc
+eX6eYmO8zs0UuZCiWVivIiSBV7jHTZho6WK88lBBC/piES+MWfRvNy3lT4QDiGT5
+BfhQCeiJ1MILIrYpsAtqhT5lwrB1NOQxkjgipkFfG/dAUXfs36V97z0q3uPkzQID
+AQABMA0GCSqGSIb3DQEBCwUAA4GBABc58hS7E0GMJy7BorqPGCOAi7+CyWVYXTKv
+9fP1d1oTxbZP5hGN9gtwERdblIfIiiXB6oXneIh+EiltF9uiAAK/7vvXDRfVG7tl
+iYOk8bNFfx9x5vzaHjsf4BSOUwCj0m+XBr8/JzTqW5dac4xvXkzepdobrQcZnnPE
+P2a1TaMF
+-----END CERTIFICATE-----

tests/certs/client_ssl_test/OSD_Leaf.req

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBkTCB+wIBADBSMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYD
+VQQHDAZCZXJsaW4xDDAKBgNVBAoMA1pJQjETMBEGA1UEAwwKT1NEIChMZWFmKTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvfzU+M66AAkLDtVM6fs8p6jbWKTT
+5h57hQzioXgixR9X3Hl+nmJjvM7NFLmQollYryIkgVe4x02YaOlivPJQQQv6YhEv
+jFn0bzct5U+EA4hk+QX4UAnoidTCCyK2KbALaoU+ZcKwdTTkMZI4IqZBXxv3QFF3
+7N+lfe89Kt7j5M0CAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBAG9odQlLPwYCjIbp
+wNWr41/6Xaqmd3adf1OLdr6uTKk4hjSHSK27OAmPUKaGPlmd2hpBCI3vRqTk7ZEj
+5T6QhxMuI2IQB7KaDUVlT6toftv8iChU/urQ38nn0Wh8BAqJrx6WEfXyFmnmBbnW
+2N5lLVVxdZfZVz3yNdihU8SgCO+5
+-----END CERTIFICATE REQUEST-----

tests/certs/client_ssl_test/OSD_Root.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAKPq8iVcuxUyKd2J
+paXzybVd0I02ROMoFRrP+IX361T9ejNTNhimx4Nj4nZwT/2kKmoJOJXRiLBzRPIy
+SNo1Mdhb/otXDnnkZHDNIUxizUO1maI1OcgwuKbYOHr/PE33nJkzRq8vrlEn1AHv
+G01aqrKcVCMJkSUgMKelAt4ZcjrRAgMBAAECgYBQv0Ahn5iZTGjLNS9gnMNUkK5X
+odA1hl0/JAvtEr/e0i8McYVIh3/o/Z9lcNY2wFQUgA5b3yhSo7XnCVZSB7pRbMcs
+5CoJYJDdIK1MKDsHdYmn4a5xsxlb64aJ6p0B8Ar0W60R09hXJ0xKejPXw8o+11tQ
+t6ohQ92JNJa7F2sSQQJBANAEkOYrPD7mIOlD8brtrOMzOXlXecf9l9mWn4rUb2XM
+ALKcpga/z1RQ1PZiCRfPMlQTv58wYtvhGzy1KGZWrS0CQQDJukY4wSGWL/Q2H4tE
+ofZqvDJHTNJoxRbis1KcqkB57HkctThx5hP0yh2p2mWZp68WBicQNh8vq+d8cf+O
+EzK1AkAKKp72UNih7ldfby2qSCFx/Tfq4UaXaqJ4RO9JNra3D/BcymEm5Ur5wPWX
+kRUGr96y00BDRHcgbfEJ14TA862FAkAXVbnbxNN6yQ9J13pHtSiJDj4Oq19HiUzt
+amrq/nK459bWsEvYORIj5eFqjX3lOVVyicGpCWmwHQWJCrLSH3xlAkA6h83j2t2K
+b4A6b+++hrzxhm7Ehn4O9RBrSESQoPayAqMVUSgkjuW5cNR1ir8xHq4KEVZWcK+L
+TaHuNwujw4cM
+-----END PRIVATE KEY-----

tests/certs/client_ssl_test/OSD_Root.pem

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICEjCCAXsCAQYwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCREUxDzANBgNV
+BAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGluMQwwCgYDVQQKDANaSUIxEDAOBgNV
+BAMMB1Jvb3QgQ0EwIBcNMTQxMTIwMTU1MjE2WhgPMjA5OTEyMzExNTUyMTZaMFIx
+CzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEM
+MAoGA1UECgwDWklCMRMwEQYDVQQDDApPU0QgKFJvb3QpMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQCj6vIlXLsVMindiaWl88m1XdCNNkTjKBUaz/iF9+tU/Xoz
+UzYYpseDY+J2cE/9pCpqCTiV0Yiwc0TyMkjaNTHYW/6LVw555GRwzSFMYs1DtZmi
+NTnIMLim2Dh6/zxN95yZM0avL65RJ9QB7xtNWqqynFQjCZElIDCnpQLeGXI60QID
+AQABMA0GCSqGSIb3DQEBCwUAA4GBACNwpIsgUYmNpKDr4E1kz0VcAa1kigm/bmUE
+IAbIl+/d3LBd+6h6Z6V88yRAZfpXUzjo3WstLSPt/82Xsm4N6iO+wBiCysv6tS30
+XhbY7LSYBAs/y3VmaL7KfL7+yUKhGdnXnjL7BzU583J4sPQ/dQwGDtPPrSrXWR93
+6Qt+CMn0
+-----END CERTIFICATE-----

tests/certs/client_ssl_test/OSD_Root.req

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBkTCB+wIBADBSMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYD
+VQQHDAZCZXJsaW4xDDAKBgNVBAoMA1pJQjETMBEGA1UEAwwKT1NEIChSb290KTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo+ryJVy7FTIp3YmlpfPJtV3QjTZE
+4ygVGs/4hffrVP16M1M2GKbHg2PidnBP/aQqagk4ldGIsHNE8jJI2jUx2Fv+i1cO
+eeRkcM0hTGLNQ7WZojU5yDC4ptg4ev88TfecmTNGry+uUSfUAe8bTVqqspxUIwmR
+JSAwp6UC3hlyOtECAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBADanhdBP96PKTvMh
+BCU0lEG49ASeRL7U6Tm89FHuWkz2bvv78gYMdxSXjPqrKzdt0C49IUAb0/xBQtLJ
+AeXyNwx20g+QrtJxKjwuOZcOKMKriP8K9qSO+bdRx4/iEwXPlrG08Ejmp0GZ4ZDc
+cos12mydlXs6/n6TjeaUq/75oAqk
+-----END CERTIFICATE REQUEST-----

tests/certs/client_ssl_test/README

@@ -0,0 +1,60 @@
+# As of today (20/11/2014), the certificates expire on 31/12/2099.
+
+# Root CA, self signed
+openssl req -new -newkey rsa:1024 -nodes -out CA_Root.req -keyout CA_Root.key -subj "/C=DE/ST=Berlin/L=Berlin/O=ZIB/CN=Root CA"
+openssl x509 -trustout -signkey CA_Root.key -days 31087 -req -in CA_Root.req -out CA_Root.pem
+echo "02" > CA_Root.srl
+
+# Intermediate CA, signed by root
+openssl req -new -newkey rsa:1024 -nodes -out CA_Intermediate.req -keyout CA_Intermediate.key -subj "/C=DE/ST=Berlin/L=Berlin/O=ZIB/CN=Intermediate CA"
+openssl x509 -CA CA_Root.pem -CAkey CA_Root.key -CAserial CA_Root.srl -req -in CA_Intermediate.req -out CA_Intermediate.pem -days 31087
+echo "42" > CA_Intermediate.srl
+
+# Leaf CA, signed by intermediate
+openssl req -new -newkey rsa:1024 -nodes -out CA_Leaf.req -keyout CA_Leaf.key -subj "/C=DE/ST=Berlin/L=Berlin/O=ZIB/CN=Leaf CA"
+openssl x509 -CA CA_Intermediate.pem -CAkey CA_Intermediate.key -CAserial CA_Intermediate.srl -req -in CA_Leaf.req -out CA_Leaf.pem -days 31087
+echo "82" > CA_Leaf.srl
+
+# Sign each service twice, once with the root CA and once with the leaf CA
+openssl req -new -newkey rsa:1024 -nodes -out DIR_Root.req -keyout DIR_Root.key -subj "/C=DE/ST=Berlin/L=Berlin/O=ZIB/CN=DIR (Root)"
+openssl x509 -CA CA_Root.pem -CAkey CA_Root.key -CAserial CA_Root.srl -req -in DIR_Root.req -out DIR_Root.pem -days 31087
+openssl req -new -newkey rsa:1024 -nodes -out DIR_Leaf.req -keyout DIR_Leaf.key -subj "/C=DE/ST=Berlin/L=Berlin/O=ZIB/CN=DIR (Leaf)"
+openssl x509 -CA CA_Leaf.pem -CAkey CA_Leaf.key -CAserial CA_Leaf.srl -req -in DIR_Leaf.req -out DIR_Leaf.pem -days 31087
+
+openssl req -new -newkey rsa:1024 -nodes -out MRC_Root.req -keyout MRC_Root.key -subj "/C=DE/ST=Berlin/L=Berlin/O=ZIB/CN=MRC (Root)"
+openssl x509 -CA CA_Root.pem -CAkey CA_Root.key -CAserial CA_Root.srl -req -in MRC_Root.req -out MRC_Root.pem -days 31087
+openssl req -new -newkey rsa:1024 -nodes -out MRC_Leaf.req -keyout MRC_Leaf.key -subj "/C=DE/ST=Berlin/L=Berlin/O=ZIB/CN=MRC (Leaf)"
+openssl x509 -CA CA_Leaf.pem -CAkey CA_Leaf.key -CAserial CA_Leaf.srl -req -in MRC_Leaf.req -out MRC_Leaf.pem -days 31087
+
+openssl req -new -newkey rsa:1024 -nodes -out OSD_Root.req -keyout OSD_Root.key -subj "/C=DE/ST=Berlin/L=Berlin/O=ZIB/CN=OSD (Root)"
+openssl x509 -CA CA_Root.pem -CAkey CA_Root.key -CAserial CA_Root.srl -req -in OSD_Root.req -out OSD_Root.pem -days 31087
+openssl req -new -newkey rsa:1024 -nodes -out OSD_Leaf.req -keyout OSD_Leaf.key -subj "/C=DE/ST=Berlin/L=Berlin/O=ZIB/CN=OSD (Leaf)"
+openssl x509 -CA CA_Leaf.pem -CAkey CA_Leaf.key -CAserial CA_Leaf.srl -req -in OSD_Leaf.req -out OSD_Leaf.pem -days 31087
+
+openssl req -new -newkey rsa:1024 -nodes -out Client_Root.req -keyout Client_Root.key -subj "/C=DE/ST=Berlin/L=Berlin/O=ZIB/CN=Client (Root)"
+openssl x509 -CA CA_Root.pem -CAkey CA_Root.key -CAserial CA_Root.srl -req -in Client_Root.req -out Client_Root.pem -days 31087
+openssl req -new -newkey rsa:1024 -nodes -out Client_Leaf.req -keyout Client_Leaf.key -subj "/C=DE/ST=Berlin/L=Berlin/O=ZIB/CN=Client (Leaf)"
+openssl x509 -CA CA_Leaf.pem -CAkey CA_Leaf.key -CAserial CA_Leaf.srl -req -in Client_Leaf.req -out Client_Leaf.pem -days 31087
+
+# PCKS#12 export
+openssl pkcs12 -export -in DIR_Root.pem -inkey DIR_Root.key -out DIR_Root.p12 -name "DIR (Root signed)" -passout "pass:dir_root"
+openssl pkcs12 -export -in DIR_Leaf.pem -inkey DIR_Leaf.key -out DIR_Leaf.p12 -name "DIR (Leaf signed)" -passout "pass:dir_leaf"
+openssl pkcs12 -export -in MRC_Root.pem -inkey MRC_Root.key -out MRC_Root.p12 -name "MRC (Root signed)" -passout "pass:mrc_root"
+openssl pkcs12 -export -in MRC_Leaf.pem -inkey MRC_Leaf.key -out MRC_Leaf.p12 -name "MRC (Leaf signed)" -passout "pass:mrc_leaf"
+openssl pkcs12 -export -in OSD_Root.pem -inkey OSD_Root.key -out OSD_Root.p12 -name "OSD (Root signed)" -passout "pass:osd_root"
+openssl pkcs12 -export -in OSD_Leaf.pem -inkey OSD_Leaf.key -out OSD_Leaf.p12 -name "OSD (Leaf signed)" -passout "pass:osd_leaf"
+
+# Boatloads of client exports.
+cat CA_Leaf.pem CA_Intermediate.pem CA_Root.pem > CA_Chain.pem
+openssl pkcs12 -export -in Client_Root.pem -inkey Client_Root.key -out Client_Root.p12 -name "Client (Root signed)" -passout "pass:"
+openssl pkcs12 -export -in Client_Root.pem -inkey Client_Root.key -out Client_Root_Chain.p12 -name "Client (Root signed, full chain)" -passout "pass:" -certfile CA_Chain.pem
+openssl pkcs12 -export -in Client_Root.pem -inkey Client_Root.key -out Client_Root_Root.p12 -name "Client (Root signed, root CA)" -passout "pass:" -certfile CA_Root.pem
+openssl pkcs12 -export -in Client_Root.pem -inkey Client_Root.key -out Client_Root_Leaf.p12 -name "Client (Root signed, leaf CA)" -passout "pass:" -certfile CA_Leaf.pem
+openssl pkcs12 -export -in Client_Leaf.pem -inkey Client_Leaf.key -out Client_Leaf.p12 -name "Client (Leaf signed)" -passout "pass:"
+openssl pkcs12 -export -in Client_Leaf.pem -inkey Client_Leaf.key -out Client_Leaf_Chain.p12 -name "Client (Leaf signed, full chain)" -passout "pass:" -certfile CA_Chain.pem
+openssl pkcs12 -export -in Client_Leaf.pem -inkey Client_Leaf.key -out Client_Leaf_Root.p12 -name "Client (Leaf signed, root CA)" -passout "pass:" -certfile CA_Root.pem
+openssl pkcs12 -export -in Client_Leaf.pem -inkey Client_Leaf.key -out Client_Leaf_Leaf.p12 -name "Client (Leaf signed, leaf CA)" -passout "pass:" -certfile CA_Leaf.pem
+
+# Two keystores, passwords just like their names without the .jks extension
+keytool -import -alias CA_Root -keystore trusted_root.jks -trustcacerts -file CA_Root.pem
+keytool -import -alias CA_Leaf -keystore trusted_leaf.jks -trustcacerts -file CA_Leaf.pem

tests/config_parser.py

@@ -0,0 +1,155 @@
+# Copyright (c) 2009-2011 by Bjoern Kolbeck, Zuse Institute Berlin
+# Licensed under the BSD License, see LICENSE file for details.
+
+import types
+
+MANUAL_TEST_SET_NAME = 'manual'
+
+class TestConfig:
+    def __init__(self, filename, testSetName, volume):
+        self.__tests = list()
+        self.__system_tests = list()
+        self.__volumeConfigs = dict()
+        self.__testSets = dict()
+        self.__filename = filename
+        self.__testSetName = testSetName
+        self.__selectedVolume = volume
+        self.__curren_test_set = dict()
+        self.parseConfig()
+        self.applyTestSet()
+
+    def getTestSet(self):
+        return self.__testSets[self.__testSetName]
+
+    def getVolumeConfigs(self):
+        return self.__volumeConfigs
+
+    def getVolumeTests(self):
+        return self.__tests
+
+    def getSystemTests(self):
+        return self.__system_tests
+
+    def parseConfig(self):
+        cfgVars = dict()
+        execfile(self.__filename, cfgVars)
+        if not cfgVars.has_key('TestSets'):
+            raise Exception('TestSets is not defined!')
+        if not isinstance(cfgVars['TestSets'], types.DictType):
+            raise Exception('TestSets must be a dictionary!')
+        for k,v in cfgVars['TestSets'].items():
+            if not isinstance(v, types.DictType):
+                raise Exception('Item '+str(k)+' in TestSet is not a dictionary!')
+            if not v.has_key('ssl'):
+                raise Exception('TestSet '+str(k)+' is missing a field: ssl')
+            if not v.has_key('mrc_repl'):
+                raise Exception('TestSet '+str(k)+' is missing a field: mrc_repl')
+            if not v.has_key('dir_repl'):
+                raise Exception('TestSet '+str(k)+' is missing a field: dir_repl')
+
+        if not cfgVars.has_key('VolumeConfigs'):
+            raise Exception('VolumeConfigs is not defined!')
+
+        if not isinstance(cfgVars['VolumeConfigs'], types.DictType):
+            raise Exception('VolumeConfigs must be a dictionary!')
+
+        for k, v in cfgVars['VolumeConfigs'].items():
+            if not isinstance(v, types.DictType):
+                raise Exception('Item '+str(k)+' in VolumeConfig is not a dictionary!')
+            if not v.has_key('stripe_size'):
+                raise Exception('VolumeConfig '+str(k)+' is missing a field: stripe_size')
+            if not v.has_key('stripe_width'):
+                raise Exception('VolumeConfig '+str(k)+' is missing a field: stripe_width')
+            if not v.has_key('mount_options'):
+                raise Exception('VolumeConfig '+str(k)+' is missing a field: mount_options')
+            if not v.has_key('rwr_factor'):
+                raise Exception('VolumeConfig '+str(k)+' is missing a field: rwr_factor')
+            if not v.has_key('ronly_factor'):
+                raise Exception('VolumeConfig '+str(k)+' is missing a field: ronly_factor')
+
+        if self.__selectedVolume is not None:
+            if self.__selectedVolume not in cfgVars['VolumeConfigs']:
+                raise Exception('There exists no volume config for the selected volume: ' + self.__selectedVolume)
+
+        if not cfgVars.has_key('Tests'):
+            raise Exception('Tests is not defined!')
+
+        if not isinstance(cfgVars['Tests'], types.ListType):
+            raise Exception('Tests must be a list!')
+
+        for test in cfgVars['Tests']:
+            if not isinstance(test, types.DictType):
+                raise Exception('Item '+str(test)+' in Tests is not a dictionary!')
+            if not test.has_key('file'):
+                raise Exception('Test '+str(test)+' is missing a field: file')
+            if not test.has_key('VolumeConfigs'):
+                raise Exception('Test '+str(test)+' is missing a field: VolumeConfigs')
+            if not test.has_key('TestSets'):
+                raise Exception('Test '+str(test)+' is missing a field: TestSets')
+
+        self.__testSets = cfgVars['TestSets']
+        self.__tests = cfgVars['Tests']
+        if self.__selectedVolume is not None:
+          self.__volumeConfigs[self.__selectedVolume] = cfgVars['VolumeConfigs'][self.__selectedVolume]
+        else:
+          self.__volumeConfigs = cfgVars['VolumeConfigs']
+
+    def getTestSetConfig(self):
+        return self.__curren_test_set
+
+    # Removes tests and volume configs which aren't necessary for the selected
+    # test set.
+    def applyTestSet(self):
+        activeVolumeConfigs = dict()
+        activeTests = list()
+
+        self.__curren_test_set = self.__testSets[self.__testSetName]
+
+        if self.__testSetName.startswith(MANUAL_TEST_SET_NAME):
+            #skip this for manual set-ups.
+            return
+
+        for test in self.__tests:
+            validTestSets = test['TestSets']
+            if self.__testSetName in validTestSets:
+                if not test['VolumeConfigs']:
+                    self.__system_tests.append(test)
+                else:
+                    anyVolumeConfigFound = False
+                    for volConf in list(test['VolumeConfigs']):
+                        if volConf in self.__volumeConfigs:
+                            activeVolumeConfigs[volConf] = self.__volumeConfigs[volConf]
+                            anyVolumeConfigFound = True
+                        else:
+                            if self.__selectedVolume is None:
+                                raise Exception("Unknown VolumeConfig '+str(volConf)+' in test '+test['name']")
+                            else:
+                                test['VolumeConfigs'].remove(volConf)
+                    if anyVolumeConfigFound:
+                        activeTests.append(test)
+
+        self.__tests = activeTests
+        self.__volumeConfigs = activeVolumeConfigs
+
+    def printConfig(self):
+        if not self.__testSetName.startswith(MANUAL_TEST_SET_NAME):
+            print 'Active System Tests:'
+            for test in self.__system_tests:
+                print '  "'+test['name']+'"'
+
+            print 'Active Volume Tests:'
+            for test in self.__tests:
+                print '  "'+test['name']+'" running on:'
+                for volconf in test['VolumeConfigs']:
+                    print '    "'+volconf+'"'
+
+            print ''
+        
+        print 'Active VolumeConfig:'
+        for k,v in self.__volumeConfigs.items():
+            print '  "'+k+'"'
+
+
+if __name__ == "__main__":
+    config = TestConfig('test_config.py','short')
+    config.printConfig()

tests/configs/dirconfig_no_ssl.test

@@ -0,0 +1,110 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48638
+
+# port for the status page (HTTP server)
+http_port = 46638
+
+# optional address for network device ("any" if not specified)
+# listen.address = 127.0.0.1
+
+# specify whether SSL is required
+ssl.enabled = false
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+# If you want to monitor your XtreemFS installation through SNMP 
+# uncomment the following lines. You have to set snmp.enabled = true
+# and provide a listen port and optional a address. Also optional 
+# is a path to an aclfile which controls which hosts can access the
+# monitoring information via SNMP.
+#snmp.enabled = true
+#snmp.address = localhost
+#snmp.port = 34638
+#snmp.aclfile = etc/xos/xtreemfs/snmp.acl
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 6
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/dir_no_ssl/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/dir_no_ssl/db-log
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = FDATASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 200
+
+# replication configuration
+#babudb.plugin.0 = contrib/server-repl-plugin/config/dir-test1.properties
+
+uuid = test-localhost-DIR

tests/configs/dirconfig_ssl_ignore_errors.test

@@ -0,0 +1,115 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48638
+
+# port for the status page (HTTP server)
+http_port = 46638
+
+# optional address for network device ("any" if not specified)
+# listen.address = 127.0.0.1
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/DIR_Leaf.p12
+ssl.service_creds.pw = dir_leaf
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_leaf.jks
+ssl.trusted_certs.pw = trusted_leaf
+ssl.trusted_certs.container = jks
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+uuid = test-localhost-DIR 
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/dir_ssl_ignore_errors/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/dir_ssl_ignore_errors/database
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = FDATASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 200

tests/configs/dirconfig_ssl_long_chain.test

@@ -0,0 +1,115 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48638
+
+# port for the status page (HTTP server)
+http_port = 46638
+
+# optional address for network device ("any" if not specified)
+# listen.address = 127.0.0.1
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/DIR_Leaf.p12
+ssl.service_creds.pw = dir_leaf
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_leaf.jks
+ssl.trusted_certs.pw = trusted_leaf
+ssl.trusted_certs.container = jks
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+uuid = test-localhost-DIR 
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/dir_ssl_long_chain/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/dir_ssl_long_chain/database
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = FDATASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 200

tests/configs/dirconfig_ssl_no_verification.test

@@ -0,0 +1,115 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48638
+
+# port for the status page (HTTP server)
+http_port = 46638
+
+# optional address for network device ("any" if not specified)
+# listen.address = 127.0.0.1
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/DIR_Leaf.p12
+ssl.service_creds.pw = dir_leaf
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_leaf.jks
+ssl.trusted_certs.pw = trusted_leaf
+ssl.trusted_certs.container = jks
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+uuid = test-localhost-DIR 
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/dir_ssl_no_verification/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/dir_ssl_no_verification/database
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = FDATASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 200

tests/configs/dirconfig_ssl_short_chain.test

@@ -0,0 +1,115 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48638
+
+# port for the status page (HTTP server)
+http_port = 46638
+
+# optional address for network device ("any" if not specified)
+# listen.address = 127.0.0.1
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/DIR_Root.p12
+ssl.service_creds.pw = dir_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+uuid = test-localhost-DIR 
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/dir_ssl_short_chain/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/dir_ssl_short_chain/database
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = FDATASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 200

tests/configs/dirconfig_ssl_version.test

@@ -0,0 +1,115 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48638
+
+# port for the status page (HTTP server)
+http_port = 46638
+
+# optional address for network device ("any" if not specified)
+# listen.address = 127.0.0.1
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/DIR_Root.p12
+ssl.service_creds.pw = dir_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+uuid = test-localhost-DIR 
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/dir_ssl_version/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/dir_ssl_version/database
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = FDATASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 200

tests/configs/dirconfig_ssl_version_sslv3.test

@@ -0,0 +1,115 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48638
+
+# port for the status page (HTTP server)
+http_port = 46638
+
+# optional address for network device ("any" if not specified)
+# listen.address = 127.0.0.1
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=sslv3
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/DIR_Root.p12
+ssl.service_creds.pw = dir_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+uuid = test-localhost-DIR 
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/dir_ssl_version/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/dir_ssl_version/database
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = FDATASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 200

tests/configs/dirconfig_ssl_version_tlsv1.test

@@ -0,0 +1,115 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48638
+
+# port for the status page (HTTP server)
+http_port = 46638
+
+# optional address for network device ("any" if not specified)
+# listen.address = 127.0.0.1
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=tlsv1
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/DIR_Root.p12
+ssl.service_creds.pw = dir_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+uuid = test-localhost-DIR 
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/dir_ssl_version/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/dir_ssl_version/database
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = FDATASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 200

tests/configs/dirconfig_ssl_version_tlsv11.test

@@ -0,0 +1,115 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48638
+
+# port for the status page (HTTP server)
+http_port = 46638
+
+# optional address for network device ("any" if not specified)
+# listen.address = 127.0.0.1
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=tlsv11
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/DIR_Root.p12
+ssl.service_creds.pw = dir_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+uuid = test-localhost-DIR 
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/dir_ssl_version/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/dir_ssl_version/database
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = FDATASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 200

tests/configs/dirconfig_ssl_version_tlsv12.test

@@ -0,0 +1,115 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48638
+
+# port for the status page (HTTP server)
+http_port = 46638
+
+# optional address for network device ("any" if not specified)
+# listen.address = 127.0.0.1
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=tlsv12
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/DIR_Root.p12
+ssl.service_creds.pw = dir_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+uuid = test-localhost-DIR 
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/dir_ssl_version/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/dir_ssl_version/database
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = FDATASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 200

tests/configs/mrcconfig_no_ssl.test

@@ -0,0 +1,173 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48636
+
+http_port = 46636
+
+# optional address for network device, "any" if not specified
+# listen.address = 127.0.0.1
+
+# optinal host name that is used to register the service at the DIR
+# hostname = foo.bar.com
+
+# interval for querying the Directory Service for new OSDs
+osd_check_interval = 10
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+#dir_service1.host = localhost
+#dir_service1.port = 32639
+
+# specify whether access time stamps are updated
+no_atime = true
+no_fsync = true
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = false
+
+# time span between two database checkpoint attempts (in ms)
+database.checkpoint.interval = 1800000
+
+# time span for which no requests must have been received to create a checkpoint (in ms)
+database.checkpoint.idle_interval = 1000
+
+# minimum size in bytes the log file must have to create a checkpoint
+database.checkpoint.logfile_size = 16384
+
+# Authentication providers are used to retrieve the user identities
+# from the client or from certificate.
+# The default provider is org.xtreemfs.mrc.auth.NullAuthProvider, which just
+# takes the information provided by the client. The name of a pluggable
+# provider can be used here.
+authentication_provider = org.xtreemfs.common.auth.NullAuthProvider
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't. So far, pluggable
+# policies have to inherit from either org.xtreemfs.mrc.ac.FileAccessPolicy,
+# org.xtreemfs.mrc.osdstatus.OSDSelectionPolicy,
+# org.xtreemfs.common.auth.AuthenticationProvider, or javax.ssl.TrustManager.
+# Policies identified by policy IDs (OSDSelectionPolicy and FileAccessPolicy)
+# require a public static long field called POLICY_ID that assigns the policy
+# a unique number.
+policy_dir = /etc/xos/xtreemfs/policies
+
+geographic_coordinates = 52.455483,13.297405
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# If you want to monitor your XtreemFS installation through SNMP 
+# uncomment the following lines. You have to set snmp.enabled = true
+# and provide a listen port and optional a address. Also optional 
+# is a path to an aclfile which controls which hosts can access the
+# monitoring information via SNMP.
+#snmp.enabled = true
+#snmp.address = localhost
+#snmp.port = 34636
+#snmp.aclfile = etc/xos/xtreemfs/snmp.acl
+
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 7
+
+# optional debug category
+#babudb.debug.category = all
+
+# name for the database configuration file
+#babudb.cfgFile = config.db
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/mrc_no_ssl/database
+#babudb.baseDir = /home/stender/tmp/mrc
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/mrc_no_ssl/db-log
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+#babudb.sync = ASYNC
+babudb.sync = FDATASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 0
+
+# flag that determines whether the indices shall be compressed or not.
+#babudb.compression = false
+
+#TOGGLE COMMENT OF THE FOLLOWING LINES TO ENABLE THE REPLICATION
+#CHECK THE REFERENCE FOR FURTHER INFORMATIONS
+
+# replication configuration
+#babudb.plugin.0 = contrib/server-repl-plugin/config/mrc-test1.properties
+
+# UUID for the MRC
+uuid = test-localhost-MRC

tests/configs/mrcconfig_ssl_ignore_errors.test

@@ -0,0 +1,167 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48636
+
+http_port = 46636
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# interval for querying the Directory Service for new OSDs
+osd_check_interval = 10
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# specify whether access time stamps are updated
+no_atime = true
+no_fsync = true
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/MRC_Leaf.p12
+ssl.service_creds.pw = mrc_leaf
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_leaf.jks
+ssl.trusted_certs.pw = trusted_leaf
+ssl.trusted_certs.container = jks
+
+# time span between two database checkpoint attempts (in ms)
+database.checkpoint.interval = 1800000
+
+# time span for which no requests must have been received to create a checkpoint (in ms)
+database.checkpoint.idle_interval = 1000
+
+# minimum size in bytes the log file must have to create a checkpoint
+database.checkpoint.logfile_size = 16384
+
+# Authentication providers are used to retrieve the user identities
+# from the client or from certificate.
+# The default provider is org.xtreemfs.mrc.auth.NullAuthProvider, which just
+# takes the information provided by the client. The name of a pluggable
+# provider can be used here.
+authentication_provider = org.xtreemfs.common.auth.NullAuthProvider
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't. So far, pluggable
+# policies have to inherit from either org.xtreemfs.mrc.ac.FileAccessPolicy,
+# org.xtreemfs.mrc.osdstatus.OSDSelectionPolicy,
+# org.xtreemfs.common.auth.AuthenticationProvider, or javax.ssl.TrustManager.
+# Policies identified by policy IDs (OSDSelectionPolicy and FileAccessPolicy)
+# require a public static long field called POLICY_ID that assigns the policy
+# a unique number.
+policy_dir = /etc/xos/xtreemfs/policies
+
+geographic_coordinates = 52.455483,13.297405
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# optional debug category
+#babudb.debug.category = all
+
+# name for the database configuration file
+#babudb.cfgFile = config.db
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/mrc_ssl_ignore_errors/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/mrc_ssl_ignore_errors/log
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = ASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 0
+
+# flag that determines whether the indices shall be compressed or not.
+#babudb.compression = false
+
+# UUID for the MRC
+uuid = test-localhost-MRC

tests/configs/mrcconfig_ssl_long_chain.test

@@ -0,0 +1,167 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48636
+
+http_port = 46636
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# interval for querying the Directory Service for new OSDs
+osd_check_interval = 10
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# specify whether access time stamps are updated
+no_atime = true
+no_fsync = true
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/MRC_Leaf.p12
+ssl.service_creds.pw = mrc_leaf
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_leaf.jks
+ssl.trusted_certs.pw = trusted_leaf
+ssl.trusted_certs.container = jks
+
+# time span between two database checkpoint attempts (in ms)
+database.checkpoint.interval = 1800000
+
+# time span for which no requests must have been received to create a checkpoint (in ms)
+database.checkpoint.idle_interval = 1000
+
+# minimum size in bytes the log file must have to create a checkpoint
+database.checkpoint.logfile_size = 16384
+
+# Authentication providers are used to retrieve the user identities
+# from the client or from certificate.
+# The default provider is org.xtreemfs.mrc.auth.NullAuthProvider, which just
+# takes the information provided by the client. The name of a pluggable
+# provider can be used here.
+authentication_provider = org.xtreemfs.common.auth.NullAuthProvider
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't. So far, pluggable
+# policies have to inherit from either org.xtreemfs.mrc.ac.FileAccessPolicy,
+# org.xtreemfs.mrc.osdstatus.OSDSelectionPolicy,
+# org.xtreemfs.common.auth.AuthenticationProvider, or javax.ssl.TrustManager.
+# Policies identified by policy IDs (OSDSelectionPolicy and FileAccessPolicy)
+# require a public static long field called POLICY_ID that assigns the policy
+# a unique number.
+policy_dir = /etc/xos/xtreemfs/policies
+
+geographic_coordinates = 52.455483,13.297405
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# optional debug category
+#babudb.debug.category = all
+
+# name for the database configuration file
+#babudb.cfgFile = config.db
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/mrc_ssl_long_chain/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/mrc_ssl_long_chain/log
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = ASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 0
+
+# flag that determines whether the indices shall be compressed or not.
+#babudb.compression = false
+
+# UUID for the MRC
+uuid = test-localhost-MRC

tests/configs/mrcconfig_ssl_no_verification.test

@@ -0,0 +1,167 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48636
+
+http_port = 46636
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# interval for querying the Directory Service for new OSDs
+osd_check_interval = 10
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# specify whether access time stamps are updated
+no_atime = true
+no_fsync = true
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/MRC_Leaf.p12
+ssl.service_creds.pw = mrc_leaf
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_leaf.jks
+ssl.trusted_certs.pw = trusted_leaf
+ssl.trusted_certs.container = jks
+
+# time span between two database checkpoint attempts (in ms)
+database.checkpoint.interval = 1800000
+
+# time span for which no requests must have been received to create a checkpoint (in ms)
+database.checkpoint.idle_interval = 1000
+
+# minimum size in bytes the log file must have to create a checkpoint
+database.checkpoint.logfile_size = 16384
+
+# Authentication providers are used to retrieve the user identities
+# from the client or from certificate.
+# The default provider is org.xtreemfs.mrc.auth.NullAuthProvider, which just
+# takes the information provided by the client. The name of a pluggable
+# provider can be used here.
+authentication_provider = org.xtreemfs.common.auth.NullAuthProvider
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't. So far, pluggable
+# policies have to inherit from either org.xtreemfs.mrc.ac.FileAccessPolicy,
+# org.xtreemfs.mrc.osdstatus.OSDSelectionPolicy,
+# org.xtreemfs.common.auth.AuthenticationProvider, or javax.ssl.TrustManager.
+# Policies identified by policy IDs (OSDSelectionPolicy and FileAccessPolicy)
+# require a public static long field called POLICY_ID that assigns the policy
+# a unique number.
+policy_dir = /etc/xos/xtreemfs/policies
+
+geographic_coordinates = 52.455483,13.297405
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# optional debug category
+#babudb.debug.category = all
+
+# name for the database configuration file
+#babudb.cfgFile = config.db
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/mrc_ssl_no_verification/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/mrc_ssl_no_verification/log
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = ASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 0
+
+# flag that determines whether the indices shall be compressed or not.
+#babudb.compression = false
+
+# UUID for the MRC
+uuid = test-localhost-MRC

tests/configs/mrcconfig_ssl_short_chain.test

@@ -0,0 +1,167 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48636
+
+http_port = 46636
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# interval for querying the Directory Service for new OSDs
+osd_check_interval = 10
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# specify whether access time stamps are updated
+no_atime = true
+no_fsync = true
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/MRC_Root.p12
+ssl.service_creds.pw = mrc_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+# time span between two database checkpoint attempts (in ms)
+database.checkpoint.interval = 1800000
+
+# time span for which no requests must have been received to create a checkpoint (in ms)
+database.checkpoint.idle_interval = 1000
+
+# minimum size in bytes the log file must have to create a checkpoint
+database.checkpoint.logfile_size = 16384
+
+# Authentication providers are used to retrieve the user identities
+# from the client or from certificate.
+# The default provider is org.xtreemfs.mrc.auth.NullAuthProvider, which just
+# takes the information provided by the client. The name of a pluggable
+# provider can be used here.
+authentication_provider = org.xtreemfs.common.auth.NullAuthProvider
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't. So far, pluggable
+# policies have to inherit from either org.xtreemfs.mrc.ac.FileAccessPolicy,
+# org.xtreemfs.mrc.osdstatus.OSDSelectionPolicy,
+# org.xtreemfs.common.auth.AuthenticationProvider, or javax.ssl.TrustManager.
+# Policies identified by policy IDs (OSDSelectionPolicy and FileAccessPolicy)
+# require a public static long field called POLICY_ID that assigns the policy
+# a unique number.
+policy_dir = /etc/xos/xtreemfs/policies
+
+geographic_coordinates = 52.455483,13.297405
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# optional debug category
+#babudb.debug.category = all
+
+# name for the database configuration file
+#babudb.cfgFile = config.db
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/mrc_ssl_short_chain/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/mrc_ssl_short_chain/log
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = ASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 0
+
+# flag that determines whether the indices shall be compressed or not.
+#babudb.compression = false
+
+# UUID for the MRC
+uuid = test-localhost-MRC

tests/configs/mrcconfig_ssl_version.test

@@ -0,0 +1,167 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48636
+
+http_port = 46636
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# interval for querying the Directory Service for new OSDs
+osd_check_interval = 10
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# specify whether access time stamps are updated
+no_atime = true
+no_fsync = true
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/MRC_Root.p12
+ssl.service_creds.pw = mrc_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+# time span between two database checkpoint attempts (in ms)
+database.checkpoint.interval = 1800000
+
+# time span for which no requests must have been received to create a checkpoint (in ms)
+database.checkpoint.idle_interval = 1000
+
+# minimum size in bytes the log file must have to create a checkpoint
+database.checkpoint.logfile_size = 16384
+
+# Authentication providers are used to retrieve the user identities
+# from the client or from certificate.
+# The default provider is org.xtreemfs.mrc.auth.NullAuthProvider, which just
+# takes the information provided by the client. The name of a pluggable
+# provider can be used here.
+authentication_provider = org.xtreemfs.common.auth.NullAuthProvider
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't. So far, pluggable
+# policies have to inherit from either org.xtreemfs.mrc.ac.FileAccessPolicy,
+# org.xtreemfs.mrc.osdstatus.OSDSelectionPolicy,
+# org.xtreemfs.common.auth.AuthenticationProvider, or javax.ssl.TrustManager.
+# Policies identified by policy IDs (OSDSelectionPolicy and FileAccessPolicy)
+# require a public static long field called POLICY_ID that assigns the policy
+# a unique number.
+policy_dir = /etc/xos/xtreemfs/policies
+
+geographic_coordinates = 52.455483,13.297405
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# optional debug category
+#babudb.debug.category = all
+
+# name for the database configuration file
+#babudb.cfgFile = config.db
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/mrc_ssl_version/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/mrc_ssl_version/log
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = ASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 0
+
+# flag that determines whether the indices shall be compressed or not.
+#babudb.compression = false
+
+# UUID for the MRC
+uuid = test-localhost-MRC

tests/configs/mrcconfig_ssl_version_sslv3.test

@@ -0,0 +1,167 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48636
+
+http_port = 46636
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# interval for querying the Directory Service for new OSDs
+osd_check_interval = 10
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# specify whether access time stamps are updated
+no_atime = true
+no_fsync = true
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=sslv3
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/MRC_Root.p12
+ssl.service_creds.pw = mrc_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+# time span between two database checkpoint attempts (in ms)
+database.checkpoint.interval = 1800000
+
+# time span for which no requests must have been received to create a checkpoint (in ms)
+database.checkpoint.idle_interval = 1000
+
+# minimum size in bytes the log file must have to create a checkpoint
+database.checkpoint.logfile_size = 16384
+
+# Authentication providers are used to retrieve the user identities
+# from the client or from certificate.
+# The default provider is org.xtreemfs.mrc.auth.NullAuthProvider, which just
+# takes the information provided by the client. The name of a pluggable
+# provider can be used here.
+authentication_provider = org.xtreemfs.common.auth.NullAuthProvider
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't. So far, pluggable
+# policies have to inherit from either org.xtreemfs.mrc.ac.FileAccessPolicy,
+# org.xtreemfs.mrc.osdstatus.OSDSelectionPolicy,
+# org.xtreemfs.common.auth.AuthenticationProvider, or javax.ssl.TrustManager.
+# Policies identified by policy IDs (OSDSelectionPolicy and FileAccessPolicy)
+# require a public static long field called POLICY_ID that assigns the policy
+# a unique number.
+policy_dir = /etc/xos/xtreemfs/policies
+
+geographic_coordinates = 52.455483,13.297405
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# optional debug category
+#babudb.debug.category = all
+
+# name for the database configuration file
+#babudb.cfgFile = config.db
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/mrc_ssl_version/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/mrc_ssl_version/log
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = ASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 0
+
+# flag that determines whether the indices shall be compressed or not.
+#babudb.compression = false
+
+# UUID for the MRC
+uuid = test-localhost-MRC

tests/configs/mrcconfig_ssl_version_tlsv1.test

@@ -0,0 +1,167 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48636
+
+http_port = 46636
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# interval for querying the Directory Service for new OSDs
+osd_check_interval = 10
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# specify whether access time stamps are updated
+no_atime = true
+no_fsync = true
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=tlsv1
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/MRC_Root.p12
+ssl.service_creds.pw = mrc_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+# time span between two database checkpoint attempts (in ms)
+database.checkpoint.interval = 1800000
+
+# time span for which no requests must have been received to create a checkpoint (in ms)
+database.checkpoint.idle_interval = 1000
+
+# minimum size in bytes the log file must have to create a checkpoint
+database.checkpoint.logfile_size = 16384
+
+# Authentication providers are used to retrieve the user identities
+# from the client or from certificate.
+# The default provider is org.xtreemfs.mrc.auth.NullAuthProvider, which just
+# takes the information provided by the client. The name of a pluggable
+# provider can be used here.
+authentication_provider = org.xtreemfs.common.auth.NullAuthProvider
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't. So far, pluggable
+# policies have to inherit from either org.xtreemfs.mrc.ac.FileAccessPolicy,
+# org.xtreemfs.mrc.osdstatus.OSDSelectionPolicy,
+# org.xtreemfs.common.auth.AuthenticationProvider, or javax.ssl.TrustManager.
+# Policies identified by policy IDs (OSDSelectionPolicy and FileAccessPolicy)
+# require a public static long field called POLICY_ID that assigns the policy
+# a unique number.
+policy_dir = /etc/xos/xtreemfs/policies
+
+geographic_coordinates = 52.455483,13.297405
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# optional debug category
+#babudb.debug.category = all
+
+# name for the database configuration file
+#babudb.cfgFile = config.db
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/mrc_ssl_version/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/mrc_ssl_version/log
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = ASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 0
+
+# flag that determines whether the indices shall be compressed or not.
+#babudb.compression = false
+
+# UUID for the MRC
+uuid = test-localhost-MRC

tests/configs/mrcconfig_ssl_version_tlsv11.test

@@ -0,0 +1,167 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48636
+
+http_port = 46636
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# interval for querying the Directory Service for new OSDs
+osd_check_interval = 10
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# specify whether access time stamps are updated
+no_atime = true
+no_fsync = true
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=tlsv11
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/MRC_Root.p12
+ssl.service_creds.pw = mrc_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+# time span between two database checkpoint attempts (in ms)
+database.checkpoint.interval = 1800000
+
+# time span for which no requests must have been received to create a checkpoint (in ms)
+database.checkpoint.idle_interval = 1000
+
+# minimum size in bytes the log file must have to create a checkpoint
+database.checkpoint.logfile_size = 16384
+
+# Authentication providers are used to retrieve the user identities
+# from the client or from certificate.
+# The default provider is org.xtreemfs.mrc.auth.NullAuthProvider, which just
+# takes the information provided by the client. The name of a pluggable
+# provider can be used here.
+authentication_provider = org.xtreemfs.common.auth.NullAuthProvider
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't. So far, pluggable
+# policies have to inherit from either org.xtreemfs.mrc.ac.FileAccessPolicy,
+# org.xtreemfs.mrc.osdstatus.OSDSelectionPolicy,
+# org.xtreemfs.common.auth.AuthenticationProvider, or javax.ssl.TrustManager.
+# Policies identified by policy IDs (OSDSelectionPolicy and FileAccessPolicy)
+# require a public static long field called POLICY_ID that assigns the policy
+# a unique number.
+policy_dir = /etc/xos/xtreemfs/policies
+
+geographic_coordinates = 52.455483,13.297405
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# optional debug category
+#babudb.debug.category = all
+
+# name for the database configuration file
+#babudb.cfgFile = config.db
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/mrc_ssl_version/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/mrc_ssl_version/log
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = ASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 0
+
+# flag that determines whether the indices shall be compressed or not.
+#babudb.compression = false
+
+# UUID for the MRC
+uuid = test-localhost-MRC

tests/configs/mrcconfig_ssl_version_tlsv12.test

@@ -0,0 +1,167 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48636
+
+http_port = 46636
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# interval for querying the Directory Service for new OSDs
+osd_check_interval = 10
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# specify whether access time stamps are updated
+no_atime = true
+no_fsync = true
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=tlsv12
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/MRC_Root.p12
+ssl.service_creds.pw = mrc_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+# time span between two database checkpoint attempts (in ms)
+database.checkpoint.interval = 1800000
+
+# time span for which no requests must have been received to create a checkpoint (in ms)
+database.checkpoint.idle_interval = 1000
+
+# minimum size in bytes the log file must have to create a checkpoint
+database.checkpoint.logfile_size = 16384
+
+# Authentication providers are used to retrieve the user identities
+# from the client or from certificate.
+# The default provider is org.xtreemfs.mrc.auth.NullAuthProvider, which just
+# takes the information provided by the client. The name of a pluggable
+# provider can be used here.
+authentication_provider = org.xtreemfs.common.auth.NullAuthProvider
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't. So far, pluggable
+# policies have to inherit from either org.xtreemfs.mrc.ac.FileAccessPolicy,
+# org.xtreemfs.mrc.osdstatus.OSDSelectionPolicy,
+# org.xtreemfs.common.auth.AuthenticationProvider, or javax.ssl.TrustManager.
+# Policies identified by policy IDs (OSDSelectionPolicy and FileAccessPolicy)
+# require a public static long field called POLICY_ID that assigns the policy
+# a unique number.
+policy_dir = /etc/xos/xtreemfs/policies
+
+geographic_coordinates = 52.455483,13.297405
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+#####################################################################
+# BabuDB configuration                                              #
+#####################################################################
+
+# optional debug level (
+# 0 = emergency, 
+# 1 = alert, 
+# 2 = critical, 
+# 3 = error, 
+# 4 = warning, 
+# 5 = notice, 
+# 6 = info, 
+# 7 = debug)
+babudb.debug.level = 4
+
+# optional debug category
+#babudb.debug.category = all
+
+# name for the database configuration file
+#babudb.cfgFile = config.db
+
+# base directory to store database index snapshots in
+babudb.baseDir = /tmp/xtreemfs-test/mrc_ssl_version/database
+
+# directory in which the database logs are stored
+babudb.logDir = /tmp/xtreemfs-test/mrc_ssl_version/log
+
+# SyncMode the synchronization mode to use for the logFile
+# ASYNC - asynchronously write log entries (data is lost when system crashes).
+# FSYNC - executes an fsync on the logfile before acknowledging the operation.
+# FDATASYNC
+# SYNC_WRITE - synchronously writes the log entry to disk before ack. Does not
+#              update the metadata.
+# SYNC_WRITE_METADATA - synchronously writes the log entry to disk and updates
+#                       the metadata before ack.
+babudb.sync = ASYNC
+
+# max queue length: if > 0, the queue for each worker is limited to maxQ
+babudb.worker.maxQueueLength = 250
+
+# number of worker threads to use
+babudb.worker.numThreads = 0
+
+# a checkpoint is generated, if maxLogfileSize is exceeded
+babudb.maxLogfileSize = 16777216
+
+# interval between two checks in seconds, 0 disables auto checkPointing
+babudb.checkInterval = 300
+
+# if set to a value > 0, operations are acknowledged immediately before
+# they are written to the disk log. The disk logger will do batch writes
+# and call fSync... every pseudoSyncWait seconds. This can be used to
+# increase performance and emulate PostgreSQL behavior.
+babudb.pseudoSyncWait = 0
+
+# flag that determines whether the indices shall be compressed or not.
+#babudb.compression = false
+
+# UUID for the MRC
+uuid = test-localhost-MRC

tests/configs/osdconfig_no_ssl.test

@@ -0,0 +1,99 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48640
+
+http_port = 46640
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# optinal host name that is used to register the service at the DIR
+# hostname = foo.bar.com
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# directory containing XtreemFS file content
+object_dir = /tmp/xtreemfs-test/osd_no_ssl/
+
+# Number of storage threads. Increase it to improve concurrency in case of multiple open files.
+# Set it to a value >1 only if the underlying device can cope with concurrency, e.g. an SSD.
+#storage_threads = 1
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = false
+
+# send and receive buffer sizes of sockets 
+#socket.send_buffer_size = 262144
+#socket.recv_buffer_size = 262144
+
+report_free_space = true
+
+# specify whether internal OSD checksums are required
+# if the flag is set to true, the OSD will calculate checksums for
+# newly created objects, which will be checked when the object is read
+checksums.enabled = false
+
+# algorithm used for checksum calculation
+# by default, Adler32, CRC32, MD5 and SHA-1 are supported
+checksums.algorithm = Adler32
+
+checksums.enabled = false
+
+geographic_coordinates = 41.388417,2.114632
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+# If you want to monitor your XtreemFS installation through SNMP 
+# uncomment the following lines. You have to set snmp.enabled = true
+# and provide a listen port and optional a address. Also optional 
+# is a path to an aclfile which controls which hosts can access the
+# monitoring information via SNMP.
+#snmp.enabled = true
+#snmp.address = localhost
+#snmp.port = 34640
+#snmp.aclfile = etc/xos/xtreemfs/snmp.acl
+
+# UUID for the OSD
+uuid = test-localhost-OSD

tests/configs/osdconfig_ssl_ignore_errors.test

@@ -0,0 +1,100 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48640
+
+http_port = 46640
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# directory containing XtreemFS file content
+object_dir = /tmp/xtreemfs-test/osd_ssl_ignore_errors/
+
+# Number of storage threads. Increase it to improve concurrency in case of multiple open files.
+# Set it to a value >1 only if the underlying device can cope with concurrency, e.g. an SSD.
+#storage_threads = 1
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/OSD_Leaf.p12
+ssl.service_creds.pw = osd_leaf
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_leaf.jks
+ssl.trusted_certs.pw = trusted_leaf
+ssl.trusted_certs.container = jks
+
+report_free_space = true
+
+# specify whether internal OSD checksums are required
+# if the flag is set to true, the OSD will calculate checksums for
+# newly created objects, which will be checked when the object is read
+checksums.enabled = false
+
+# algorithm used for checksum calculation
+# by default, Adler32, CRC32, MD5 and SHA-1 are supported
+checksums.algorithm = Adler32
+
+checksums.enabled = false
+
+geographic_coordinates = 41.388417,2.114632
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+# UUID for the OSD
+uuid = test-localhost-OSD

tests/configs/osdconfig_ssl_long_chain.test

@@ -0,0 +1,100 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48640
+
+http_port = 46640
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# directory containing XtreemFS file content
+object_dir = /tmp/xtreemfs-test/osd_ssl_long_chain/
+
+# Number of storage threads. Increase it to improve concurrency in case of multiple open files.
+# Set it to a value >1 only if the underlying device can cope with concurrency, e.g. an SSD.
+#storage_threads = 1
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/OSD_Leaf.p12
+ssl.service_creds.pw = osd_leaf
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_leaf.jks
+ssl.trusted_certs.pw = trusted_leaf
+ssl.trusted_certs.container = jks
+
+report_free_space = true
+
+# specify whether internal OSD checksums are required
+# if the flag is set to true, the OSD will calculate checksums for
+# newly created objects, which will be checked when the object is read
+checksums.enabled = false
+
+# algorithm used for checksum calculation
+# by default, Adler32, CRC32, MD5 and SHA-1 are supported
+checksums.algorithm = Adler32
+
+checksums.enabled = false
+
+geographic_coordinates = 41.388417,2.114632
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+# UUID for the OSD
+uuid = test-localhost-OSD

tests/configs/osdconfig_ssl_no_verification.test

@@ -0,0 +1,100 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48640
+
+http_port = 46640
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# directory containing XtreemFS file content
+object_dir = /tmp/xtreemfs-test/osd_ssl_no_verification/
+
+# Number of storage threads. Increase it to improve concurrency in case of multiple open files.
+# Set it to a value >1 only if the underlying device can cope with concurrency, e.g. an SSD.
+#storage_threads = 1
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/OSD_Leaf.p12
+ssl.service_creds.pw = osd_leaf
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_leaf.jks
+ssl.trusted_certs.pw = trusted_leaf
+ssl.trusted_certs.container = jks
+
+report_free_space = true
+
+# specify whether internal OSD checksums are required
+# if the flag is set to true, the OSD will calculate checksums for
+# newly created objects, which will be checked when the object is read
+checksums.enabled = false
+
+# algorithm used for checksum calculation
+# by default, Adler32, CRC32, MD5 and SHA-1 are supported
+checksums.algorithm = Adler32
+
+checksums.enabled = false
+
+geographic_coordinates = 41.388417,2.114632
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+# UUID for the OSD
+uuid = test-localhost-OSD

tests/configs/osdconfig_ssl_short_chain.test

@@ -0,0 +1,100 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48640
+
+http_port = 46640
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# directory containing XtreemFS file content
+object_dir = /tmp/xtreemfs-test/osd_ssl_short_chain/
+
+# Number of storage threads. Increase it to improve concurrency in case of multiple open files.
+# Set it to a value >1 only if the underlying device can cope with concurrency, e.g. an SSD.
+#storage_threads = 1
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/OSD_Root.p12
+ssl.service_creds.pw = osd_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+report_free_space = true
+
+# specify whether internal OSD checksums are required
+# if the flag is set to true, the OSD will calculate checksums for
+# newly created objects, which will be checked when the object is read
+checksums.enabled = false
+
+# algorithm used for checksum calculation
+# by default, Adler32, CRC32, MD5 and SHA-1 are supported
+checksums.algorithm = Adler32
+
+checksums.enabled = false
+
+geographic_coordinates = 41.388417,2.114632
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+# UUID for the OSD
+uuid = test-localhost-OSD

tests/configs/osdconfig_ssl_version.test

@@ -0,0 +1,100 @@
+# optional debug level
+# 0: emergency
+# 1: alert
+# 2: critical
+# 3: error
+# 4: warning
+# 5: notice
+# 6: info (default)
+# 7: debug
+debug.level = 6
+
+# optional debug categories - a space or comma-separated list of log message categories
+# all (default) - enable logging for all categories
+# lifecycle     - log messaages pertaining to service lifecycles (threads)
+# buffer        - logs messages pertaining to buffers
+# net           - network-related log messages
+# auth          - authorization-related log messages
+# stage         - log messages pertaining to the request flow through the stages
+# proc          - log messages pertaining to any kind of request processing
+# db            - log messages pertaining storage on OSD or database access on MRC/DIR
+# replication   - logs messages pertaining to replication 
+# misc          - any other log messages
+#debug.categories = all
+
+# port for the service to listen on
+listen.port = 48640
+
+http_port = 46640
+
+# optional address for network device, "any" if not specified
+#listen.address = 127.0.0.1
+
+# Directory Service endpoint
+dir_service.host = localhost
+dir_service.port = 48638
+
+# directory containing XtreemFS file content
+object_dir = /tmp/xtreemfs-test/osd_ssl_version/
+
+# Number of storage threads. Increase it to improve concurrency in case of multiple open files.
+# Set it to a value >1 only if the underlying device can cope with concurrency, e.g. an SSD.
+#storage_threads = 1
+
+# granularity of the local clock (in ms) (0 disables it to always use the current system time)
+local_clock_renewal = 0
+
+# interval between two remote clock syncs (in ms)
+remote_time_sync = 60000
+
+# specify whether SSL is required
+ssl.enabled = true
+
+# SSL/TLS version to use
+# in JDK 6: sslv3, ssltls, tlsv1
+# in JDK 7 additionally: tlsv12
+# tlsv11 comes with JDK 6 or 7, depending on the vendor
+# 'ssltls' (default) accepts all versions,
+# the others accept only the exact version they name.
+ssl.protocol=ssltls
+
+# server credentials for SSL handshakes
+ssl.service_creds = ../../tests/certs/client_ssl_test/OSD_Root.p12
+ssl.service_creds.pw = osd_root
+ssl.service_creds.container = pkcs12
+
+# trusted certificates for SSL handshakes
+ssl.trusted_certs = ../../tests/certs/client_ssl_test/trusted_root.jks
+ssl.trusted_certs.pw = trusted_root
+ssl.trusted_certs.container = jks
+
+report_free_space = true
+
+# specify whether internal OSD checksums are required
+# if the flag is set to true, the OSD will calculate checksums for
+# newly created objects, which will be checked when the object is read
+checksums.enabled = false
+
+# algorithm used for checksum calculation
+# by default, Adler32, CRC32, MD5 and SHA-1 are supported
+checksums.algorithm = Adler32
+
+checksums.enabled = false
+
+geographic_coordinates = 41.388417,2.114632
+
+capability_secret = Yagga
+
+# administrator password for privileged operations
+#admin_password = blub
+
+# Optional directory containing deployable policy implementations.
+# Policies can be directly deployed as .java or .class files in this directory
+# or one of its subdirectories. They will be compiled at startup time and
+# loaded at runtime. Policies may have external dependencies that can be
+# deployed either as .java, .class or .jar files. While Java and Class files
+# may be located in subdirectories, JAR files mustn't.
+policy_dir = /etc/xos/xtreemfs/policies
+
+# UUID for the OSD
+uuid = test-localhost-OSD