40 lines
1.3 KiB
Plaintext
40 lines
1.3 KiB
Plaintext
|
#!/bin/sh
|
||
|
|
||
|
# ocsp-stapling.test
|
||
|
|
||
|
trap 'for i in `jobs -p`; do pkill -TERM -P $i; kill $i; done' EXIT
|
||
|
|
||
|
server=login.live.com
|
||
|
ca=certs/external/baltimore-cybertrust-root.pem
|
||
|
|
||
|
[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
|
||
|
|
||
|
# is our desired server there? - login.live.com doesn't answers PING
|
||
|
#./scripts/ping.test $server 2
|
||
|
|
||
|
# client test against the server
|
||
|
./examples/client/client -X -C -h $server -p 443 -A $ca -g -W 1
|
||
|
RESULT=$?
|
||
|
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
|
||
|
|
||
|
# setup ocsp responder
|
||
|
./certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh &
|
||
|
sleep 1
|
||
|
[ $(jobs -r | wc -l) -ne 1 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0
|
||
|
|
||
|
# client test against our own server - GOOD CERT
|
||
|
./examples/server/server -c certs/ocsp/server1-cert.pem -k certs/ocsp/server1-key.pem &
|
||
|
sleep 1
|
||
|
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1
|
||
|
RESULT=$?
|
||
|
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
|
||
|
|
||
|
# client test against our own server - REVOKED CERT
|
||
|
./examples/server/server -c certs/ocsp/server2-cert.pem -k certs/ocsp/server2-key.pem &
|
||
|
sleep 1
|
||
|
./examples/client/client -C -A certs/ocsp/root-ca-cert.pem -W 1
|
||
|
RESULT=$?
|
||
|
[ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
|
||
|
|
||
|
exit 0
|