Mercurial > hg > nginx-tests
comparison ssl_engine_keys.t @ 1446:44973a23b031
Tests: loading "engine:..." keys with certificate variable.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 28 Feb 2019 17:02:24 +0300 |
parents | a682c219af45 |
children | dbce8fb5f5f8 |
comparison
equal
deleted
inserted
replaced
1445:889283abadf8 | 1446:44973a23b031 |
---|---|
26 | 26 |
27 plan(skip_all => 'may not work, leaves coredump') | 27 plan(skip_all => 'may not work, leaves coredump') |
28 unless $ENV{TEST_NGINX_UNSAFE}; | 28 unless $ENV{TEST_NGINX_UNSAFE}; |
29 | 29 |
30 my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl') | 30 my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl') |
31 ->has_daemon('softhsm')->has_daemon('pkcs11-tool')->plan(1); | 31 ->has_daemon('softhsm')->has_daemon('pkcs11-tool'); |
32 | 32 |
33 $t->write_file_expand('nginx.conf', <<'EOF'); | 33 $t->write_file_expand('nginx.conf', <<'EOF'); |
34 | 34 |
35 %%TEST_GLOBALS%% | 35 %%TEST_GLOBALS%% |
36 | 36 |
51 ssl_certificate_key engine:pkcs11:slot_0-id_00; | 51 ssl_certificate_key engine:pkcs11:slot_0-id_00; |
52 | 52 |
53 location / { | 53 location / { |
54 # index index.html by default | 54 # index index.html by default |
55 } | 55 } |
56 | |
56 location /proxy { | 57 location /proxy { |
57 proxy_pass https://127.0.0.1:8081/; | 58 proxy_pass https://127.0.0.1:8081/; |
59 } | |
60 | |
61 location /var { | |
62 proxy_pass https://127.0.0.1:8082/; | |
63 proxy_ssl_name localhost; | |
64 proxy_ssl_server_name on; | |
65 } | |
66 } | |
67 | |
68 server { | |
69 listen 127.0.0.1:8082 ssl; | |
70 server_name localhost; | |
71 | |
72 ssl_certificate $ssl_server_name.crt; | |
73 ssl_certificate_key engine:pkcs11:slot_0-id_00; | |
74 | |
75 location / { | |
76 # index index.html by default | |
58 } | 77 } |
59 } | 78 } |
60 } | 79 } |
61 | 80 |
62 EOF | 81 EOF |
116 . "-out $d/$name.crt -keyform engine -text -key id_00 " | 135 . "-out $d/$name.crt -keyform engine -text -key id_00 " |
117 . ">>$d/openssl.out 2>&1") == 0 | 136 . ">>$d/openssl.out 2>&1") == 0 |
118 or die "Can't create certificate for $name: $!\n"; | 137 or die "Can't create certificate for $name: $!\n"; |
119 } | 138 } |
120 | 139 |
121 $t->run(); | 140 $t->try_run('no ssl_certificate variables')->plan(2); |
122 | 141 |
123 $t->write_file('index.html', ''); | 142 $t->write_file('index.html', ''); |
124 | 143 |
125 ############################################################################### | 144 ############################################################################### |
126 | 145 |
127 like(http_get('/proxy'), qr/200 OK/, 'ssl engine keys'); | 146 like(http_get('/proxy'), qr/200 OK/, 'ssl engine keys'); |
147 like(http_get('/var'), qr/200 OK/, 'ssl_certificate with variable'); | |
128 | 148 |
129 ############################################################################### | 149 ############################################################################### |