Docs: add dmarc_tld_file link
[users/heiko/exim.git] / test / scripts / 5655-OCSP-GnuTLS-1.3 / 5655
1 # OCSP stapling, server, multiple chain-element OCSP
2 #
3 #
4 #
5 mkdir -p DIR/tmp/ocsp
6 sudo chown -R EXIMUSER:EXIMGROUP tmp
7 sudo chmod -R a+rwx DIR/tmp/ocsp
8 perl
9 chdir 'aux-fixed/exim-ca/example.com';
10 system 'cat server1.example.com/server1.example.com.ocsp.signernocert.good.resp.pem CA/Signer.ocsp.signernocert.good.resp.pem CA/CA.ocsp.signernocert.good.resp.pem > DIR/tmp/ocsp/triple.ocsp.pem';
11 system 'cat server1.example.com/server1.example.com.ocsp.signernocert.good.resp.pem CA/Signer.ocsp.signernocert.revoked.resp.pem > DIR/tmp/ocsp/double_r.ocsp.pem';
12 ****
13 #
14 #
15 exim -z '1: TLS1.2 Server sends good leaf-staple on request, to client requiring RSA auth'
16 ****
17 #
18 exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.2
19 ****
20 #
21 exim -odf -DOPT=rsa -DLIMIT=TLS1.2 rsa.auth@test.ex
22 Subject: test
23
24 .
25 ****
26 killdaemon
27 #
28 #
29 exim -z '2: TLS1.3 Server sends good 3-element staple on request, to client requiring RSA auth'
30 ****
31 #
32 exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.3
33 ****
34 exim -odf -DOPT=rsa rsa.auth@test.ex
35 Subject: test
36
37 .
38 ****
39 killdaemon
40 #
41 #
42 #
43 exim -z '3: TLS1.3 Server sends bad nonleaf staple, client detects it'
44 ****
45 #
46 EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK=y exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.3 -DCONTROL=bad
47 ****
48 exim -odf -DOPT=rsa rsa.auth@test.ex
49 Subject: test
50
51 .
52 ****
53 killdaemon
54 #
55 #
56 #
57 #
58 sudo rm -fr tmp/
59 no_msglog_check