App-CamelPKI
3 results

 view release on metacpan or  search on metacpan

lib/App/CamelPKI/SysV/Apache.pm  view on Meta::CPAN 

        (SSL_use_cert => 1,
         SSL_cert_file => $admincertfile, SSL_key_file => $adminkeyfile);
    my $ua = new LWP::UserAgent;
    my $port = $webserver->https_port;
    my $response = $ua->get("https://localhost:$port/no/such/uri");
    is($response->code, 404, "500 would be bad") or
        diag $response->content;
    unlike($webserver->tail_error_logfile,
           qr/certificate signature failure/, <<"EXPLANATION");
``certificate signature failure'' is the message one gets when mod_ssl
attempts to validate a certificate whose hash algorithm it doesn't
know about.
EXPLANATION
}

my $sha256directory = fresh_directory;
END { App::CamelPKI::SysV::Apache->load($sha256directory)->stop()
    if defined $sha256directory; }

test "witness experiment: authenticating with hand-made".
    " sha1 client certificates" => sub {

t/acceptance-revoke-certificatesJSON.t  view on Meta::CPAN 

        (plaintextcall_remote("https://localhost:$port/ca/current_crl"))
            unless defined $crl;

    return $crl->is_member(shift);
}

=head2 revoke($shortname, $revokereq)

Sends revocation $revokereq (e.g. C<< { dns => "foo.example.com" } >>)
to the revocation controller named $shortname (e.g. C<BB>).
Invalidates the CRL cache of L</cert_is_revoked>.

=cut

sub revoke {
    my ($shortname, $revokereq) = @_;
    $shortname = lc($shortname);
    jsoncall_remote
        ("https://localhost:$port/ca/template/$shortname/revokeJSON", $revokereq,
         -certificate => $cert, -key => $key);
    undef $crl;

t/lib/App/CamelPKI/Test.pm  view on Meta::CPAN 

    my $retval = is($?, 0, $testname);
    diag($out) if ! $retval;
    return $retval;
}

=item I<certificate_looks_ok($pem_certificate)>

=item I<certificate_looks_ok($pem_certificate, $test_name)>

Checks that a certificate passed as a PEM string looks OK to OpenSSL,
meaning that the signature validates OK and OpenSSL is able to parse
it.

=cut

sub certificate_looks_ok {
    my ($pem_certificate, $test_name) = @_;

    $test_name ||= "certificate_looks_ok";
    test $test_name => sub {
        my ($out, $err);

t/lib/App/CamelPKI/Test.pm  view on Meta::CPAN 

SCHEMA

=item I<x509_decoder($name)>

Returns the same as L<Convert::ASN1/find> would when called upon an
object that would previously have L</x509_schema> fed to him.  The
difference is that I<x509_decoder> checks for errors and will
therefore never return undef.

The returned object has a C<< ->decode >> object that serves to
validate the various pieces of DER produced by OpenSSL from within the
tests.

=cut

use Convert::ASN1;
sub x509_decoder {
    my ($name) = @_;
    my $asn = Convert::ASN1->new;
    $asn->prepare(x509_schema());
    die $asn->error if $asn->error;



( run in 0.529 second using v1.01-cache-2.11-cpan-4d50c553e7e )