haproxy/reg-tests/ssl
William Lallemand 61b6a4da6c REGTESTS: ssl: skip generate-certificates test w/ wolfSSL
WolfSSL does not seem to work correctly with the generate-certificates
features. This patch disables it temporarly.

    ssl-max-ver TLSv1.2 seems to be a problem in the reg-test and
    wolfSSL but without it it's not able to generate correctly the cert:

    ***  h1    debug|00000004:clear-lst.accept(0007)=0028 from [127.0.0.1:35956] ALPN=<none>
    ***  h1    debug|00000004:clear-lst.clireq[0028:ffffffff]: GET / HTTP/1.1
    ***  h1    debug|00000004:clear-lst.clihdr[0028:ffffffff]: x-sni: unknown-sni.com
    ***  h1    debug|00000004:clear-lst.clihdr[0028:ffffffff]: host: 127.0.0.1
    ***  h1    debug|fd[0x29] OpenSSL error[0x13d] : need the private key
    ***  h1    debug|<134>Sep 20 15:42:58 haproxy[165743]: unix:1 [20/Sep/2023:15:42:58.042] ssl-lst/1: SSL handshake failure (need the private key)
    **** dT    1.072
    ***  h1    debug|fd[0x2a] OpenSSL error[0x13d] : need the private key
    ***  h1    debug|<134>Sep 20 15:42:59 haproxy[165743]: unix:1 [20/Sep/2023:15:42:59.044] ssl-lst/1: SSL handshake failure (need the private key)
    **** dT    2.075
    ***  h1    debug|fd[0x29] OpenSSL error[0x13d] : need the private key
    ***  h1    debug|<134>Sep 20 15:43:00 haproxy[165743]: unix:1 [20/Sep/2023:15:43:00.046] ssl-lst/1: SSL handshake failure (need the private key)
    **** dT    3.079
    ***  h1    debug|fd[0x29] OpenSSL error[0x13d] : need the private key
    ***  h1    debug|<134>Sep 20 15:43:01 haproxy[165743]: unix:1 [20/Sep/2023:15:43:01.050] ssl-lst/1: SSL handshake failure (need the private key)
    **** dT    3.080
    ***  h1    debug|00000004:default_backend.clicls[0028:0023]
    ***  h1    debug|00000004:default_backend.closed[0028:0023]
    ***  h1    debug|<134>Sep 20 15:43:01 haproxy[165743]: 127.0.0.1:35956 [20/Sep/2023:15:42:58.042] clear-lst default_backend/s1 0/0/-1/-1/+3009 503 +217 - - SC-- 3/1/0/0/3 0/0 "GET / HTTP/1.1" 0/-/-/-/0 -/-/-
    **** c3    rxhdr|HTTP/1.1 503 Service Unavailable\r
    **** c3    rxhdr|content-length: 107\r
    **** c3    rxhdr|cache-control: no-cache\r
    **** c3    rxhdr|content-type: text/html\r
    **** c3    rxhdr|\r
2023-09-20 16:02:16 +02:00
..
generate_certificates REGTESTS: ssl: Add test for "generate-certificates" SSL option 2022-02-09 12:10:32 +01:00
ocsp_update REGTESTS: ssl: Fix ocsp update crt-lists 2023-03-02 15:37:23 +01:00
add_ssl_crt-list.vtc BUG/MEDIUM: ssl/cli: crash when crt inserted into a crt-list 2022-06-20 17:27:49 +02:00
bug-2265.crt BUG/MINOR: ssl/cli: can't find ".crt" files when replacing a certificate 2023-08-28 18:20:39 +02:00
ca-auth.crt REGTEST: ssl: test the client certificate authentication 2020-04-28 22:04:13 +02:00
cert1-example.com.pem.ecdsa REGTESTS: ssl: "set ssl cert" and multi-certificates bundle 2021-04-02 15:47:17 +02:00
cert1-example.com.pem.rsa REGTESTS: ssl: "set ssl cert" and multi-certificates bundle 2021-04-02 15:47:17 +02:00
cert2-example.com.pem.ecdsa REGTESTS: ssl: "set ssl cert" and multi-certificates bundle 2021-04-02 15:47:17 +02:00
cert2-example.com.pem.rsa REGTESTS: ssl: "set ssl cert" and multi-certificates bundle 2021-04-02 15:47:17 +02:00
client1.pem MINOR: ssl: add ssl_{c,s}_chain_der fetch methods 2020-08-07 15:38:40 +02:00
client2_expired.pem REGTEST: ssl: test the client certificate authentication 2020-04-28 22:04:13 +02:00
client3_revoked.pem REGTEST: ssl: test the client certificate authentication 2020-04-28 22:04:13 +02:00
client.ecdsa.pem REGTESTS: ssl: Add test for "curves" and "ecdhe" SSL options 2022-02-09 11:15:44 +01:00
common.4096.dh REGTESTS: ssl: Add tests for DH related options 2022-02-14 10:07:14 +01:00
common.crt REGTEST: ssl: test "set ssl cert" with separate key / crt 2020-10-23 18:41:08 +02:00
common.key REGTEST: ssl: test "set ssl cert" with separate key / crt 2020-10-23 18:41:08 +02:00
common.pem MINOR: ssl: add ssl_{c,s}_chain_der fetch methods 2020-08-07 15:38:40 +02:00
crl-auth.pem REGTEST: ssl: test the client certificate authentication 2020-04-28 22:04:13 +02:00
del_ssl_crt-list.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
dynamic_server_ssl.vtc MEDIUM: server: remove experimental-mode for dynamic servers 2022-03-11 14:28:28 +01:00
ecdsa.crt REGTEST: ssl: test "set ssl cert" with separate key / crt 2020-10-23 18:41:08 +02:00
ecdsa.key REGTEST: ssl: test "set ssl cert" with separate key / crt 2020-10-23 18:41:08 +02:00
ecdsa.pem REGTEST: ssl: test the "set ssl cert" CLI command 2019-12-19 13:51:38 +01:00
filters.crt-list REGTEST: ssl: test wildcard and multi-type + exclusions 2020-11-06 14:59:36 +01:00
interCA1_crl_empty.pem REGTESTS: ssl: Add "set/commit ssl crl-file" test 2021-05-17 10:50:24 +02:00
interCA1_crl.pem REGTESTS: ssl: Add "set/commit ssl crl-file" test 2021-05-17 10:50:24 +02:00
interCA2_crl_empty.pem REGTESTS: ssl: Add "set/commit ssl crl-file" test 2021-05-17 10:50:24 +02:00
interCA2_crl.pem REGTESTS: ssl: Add "set/commit ssl crl-file" test 2021-05-17 10:50:24 +02:00
localhost.crt-list REGTEST: ssl: pollute the crt-list file 2020-04-01 20:10:53 +02:00
log_forward_ssl.vtc REGTESTS: ssl/log: test the log-forward with SSL 2022-09-13 17:03:30 +02:00
new_del_ssl_cafile.vtc MINOR: ssl/cli: implement "add ssl ca-file" 2022-08-19 19:58:53 +02:00
new_del_ssl_crlfile.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
ocsp_auto_update.vtc MINOR: ssl: Use ocsp update task for "update ssl ocsp-response" command 2023-03-14 11:07:32 +01:00
README
rootCA_crl.pem REGTESTS: ssl: Add "set/commit ssl crl-file" test 2021-05-17 10:50:24 +02:00
set_cafile_client.pem REGTESTS: ssl: Add new ca-file update tests 2021-05-17 10:50:24 +02:00
set_cafile_interCA1.crt REGTESTS: ssl: Add new ca-file update tests 2021-05-17 10:50:24 +02:00
set_cafile_interCA2.crt REGTESTS: ssl: Add new ca-file update tests 2021-05-17 10:50:24 +02:00
set_cafile_rootCA.crt REGTESTS: ssl: Add new ca-file update tests 2021-05-17 10:50:24 +02:00
set_cafile_server.pem REGTESTS: ssl: Add new ca-file update tests 2021-05-17 10:50:24 +02:00
set_default_cert.crt-list BUG/MINOR: ssl: Fix update of default certificate 2021-03-26 13:06:29 +01:00
set_default_cert.pem BUG/MINOR: ssl: Fix update of default certificate 2021-03-26 13:06:29 +01:00
set_ssl_bug_2265.vtc BUG/MINOR: ssl/cli: can't find ".crt" files when replacing a certificate 2023-08-28 18:20:39 +02:00
set_ssl_cafile.vtc MINOR: ssl/cli: implement "add ssl ca-file" 2022-08-19 19:58:53 +02:00
set_ssl_cert_bundle.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
set_ssl_cert_noext.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
set_ssl_cert.vtc REGTESTS: ssl: add the same cert for client/server 2022-06-20 18:06:43 +02:00
set_ssl_crlfile.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
set_ssl_server_cert.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
show_ocsp_server.pem REGTESTS: ssl: Add "show ssl ocsp-response" test 2021-06-10 16:44:11 +02:00
show_ocsp_server.pem.issuer REGTESTS: ssl: Add "show ssl ocsp-response" test 2021-06-10 16:44:11 +02:00
show_ocsp_server.pem.ocsp REGTESTS: ssl: Add "show ssl ocsp-response" test 2021-06-10 16:44:11 +02:00
show_ocsp_server.pem.ocsp.revoked REGTESTS: ssl: Add "show ssl ocsp-response" test 2021-06-10 16:44:11 +02:00
show_ssl_ocspresponse.vtc REGTESTS: ssl: skip OCSP test w/ WolfSSL 2023-09-20 15:23:32 +02:00
simple.crt-list BUG/MEDIUM: ssl/crt-list: correctly insert crt-list line if crt already loaded 2020-11-06 16:39:39 +01:00
ssl_alpn.vtc MEDIUM: config: set useful ALPN defaults for HTTPS and QUIC 2023-04-19 09:52:20 +02:00
ssl_client_auth.vtc REGTESTS: ssl: simplify X509_V code check in ssl_client_auth.vtc 2023-05-03 15:54:49 +02:00
ssl_client_samples.vtc BUILD: ssl: ssl_c_r_dn fetches uses functiosn only available since 1.1.1 2023-05-15 12:07:52 +02:00
ssl_crt-list_filters.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
ssl_curve_name.vtc MEDIUM: ssl: new sample fetch method to get curve name 2023-07-17 15:45:41 +02:00
ssl_curves.vtc MINOR: ssl: add support for 'curves' keyword on server lines 2023-09-07 23:29:10 +02:00
ssl_default_server.vtc REGTESTS: ssl: fix ssl_default_server.vtc 2021-12-29 18:20:19 +01:00
ssl_dh.vtc REGTESTS: ssl: skip ssl_dh test with AWS-LC 2023-09-04 18:21:01 +02:00
ssl_errors.vtc REGTESTS: Fix ssl_errors.vtc script to wait for connections close 2023-02-21 11:44:55 +01:00
ssl_frontend_samples.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
ssl_generate_certificate.vtc REGTESTS: ssl: skip generate-certificates test w/ wolfSSL 2023-09-20 16:02:16 +02:00
ssl_reuse.vtc REGTESTS: ssl: enable the ssl_reuse.vtc test for WolfSSL 2022-12-20 15:28:37 +01:00
ssl_server_samples.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
ssl_simple_crt-list.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
wrong_ctx_storage.vtc MEDIUM: config: Deprecate tune.ssl.capture-cipherlist-size 2021-08-26 19:52:04 +02:00

File list:
 - common.pem: PEM file which may be used by most of the VTC files.