OpenSSL: fix configuration of older TLS protocol versions
[exim.git] / test / scripts / 5600-OCSP-OpenSSL / 5610
1 # OCSP stapling, server, LE variation
2 #
3 #
4 #
5 # '1: Server sends good staple on request'
6 #
7 exim -bd -oX PORT_D -DSERVER=server \
8  -DRETURN=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.signernocert.good.resp
9 ****
10 client-ssl \
11  -ocsp aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem \
12  HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
13 ??? 220
14 ehlo rhu.barb
15 ??? 250-
16 ??? 250-
17 ??? 250-
18 ??? 250-
19 ??? 250-
20 ??? 250
21 starttls
22 ??? 220
23 helo test
24 ??? 250
25 mail from:<userx@test.ex>
26 ??? 250
27 rcpt to:<userx@test.ex>
28 ??? 250
29 quit
30 ??? 221
31 ****
32 killdaemon
33 #
34 #
35 #
36 # '2: Server does not staple an outdated response'
37 #
38 exim -bd -oX PORT_D -DSERVER=server \
39  -DRETURN=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.signernocert.dated.resp
40 ****
41 # XXX test sequence might not be quite right; this is for a server refusal
42 # and we're expecting a client refusal.
43 client-ssl -ocsp aux-fixed/exim-ca/expired1.example.com/CA.pem HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
44 ??? 220
45 ehlo rhu.barb
46 ??? 250-
47 ??? 250-
48 ??? 250-
49 ??? 250-
50 ??? 250-
51 ??? 250
52 starttls
53 ??? 220
54 ****
55 killdaemon
56 #
57 #
58 #
59 #
60 #
61 # '3: Server does not staple a response for a revoked cert'
62 #
63 exim -bd -oX PORT_D -DSERVER=server \
64  -DRETURN=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.signernocert.revoked.resp
65 ****
66 client-ssl \
67  -ocsp aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem \
68  HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
69 ??? 220
70 ehlo rhu.barb
71 ??? 250-
72 ??? 250-
73 ??? 250-
74 ??? 250-
75 ??? 250-
76 ??? 250
77 starttls
78 ??? 220
79 ****
80 killdaemon
81 #
82 #
83 #
84 #
85 #
86 # '4: Connection functions when server is prepared to staple but client does not request it'
87 #
88 exim -bd -oX PORT_D -DSERVER=server \
89  -DRETURN=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.signernocert.good.resp
90 ****
91 #
92 client-ssl \
93  HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
94 ??? 220
95 ehlo rhu.barb
96 ??? 250-
97 ??? 250-
98 ??? 250-
99 ??? 250-
100 ??? 250-
101 ??? 250
102 starttls
103 ??? 220
104 ehlo rhu.barb.tls
105 ??? 250-
106 ??? 250-
107 ??? 250-
108 ??? 250-
109 ??? 250
110 quit
111 ****
112 killdaemon
113 #
114 #
115 #
116 #
117 #