"Fossies" - the Fresh Open Source Software Archive

Member "openssl-1.1.1b/test/ssl-tests/04-client_auth.conf" (26 Feb 2019, 31833 Bytes) of package /linux/misc/openssl-1.1.1b.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Generic config files source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "04-client_auth.conf": 1.1.0i_vs_1.1.1.

    1 # Generated with generate_ssl_tests.pl
    2 
    3 num_tests = 36
    4 
    5 test-0 = 0-server-auth-flex
    6 test-1 = 1-client-auth-flex-request
    7 test-2 = 2-client-auth-flex-require-fail
    8 test-3 = 3-client-auth-flex-require
    9 test-4 = 4-client-auth-flex-require-non-empty-names
   10 test-5 = 5-client-auth-flex-noroot
   11 test-6 = 6-server-auth-TLSv1
   12 test-7 = 7-client-auth-TLSv1-request
   13 test-8 = 8-client-auth-TLSv1-require-fail
   14 test-9 = 9-client-auth-TLSv1-require
   15 test-10 = 10-client-auth-TLSv1-require-non-empty-names
   16 test-11 = 11-client-auth-TLSv1-noroot
   17 test-12 = 12-server-auth-TLSv1.1
   18 test-13 = 13-client-auth-TLSv1.1-request
   19 test-14 = 14-client-auth-TLSv1.1-require-fail
   20 test-15 = 15-client-auth-TLSv1.1-require
   21 test-16 = 16-client-auth-TLSv1.1-require-non-empty-names
   22 test-17 = 17-client-auth-TLSv1.1-noroot
   23 test-18 = 18-server-auth-TLSv1.2
   24 test-19 = 19-client-auth-TLSv1.2-request
   25 test-20 = 20-client-auth-TLSv1.2-require-fail
   26 test-21 = 21-client-auth-TLSv1.2-require
   27 test-22 = 22-client-auth-TLSv1.2-require-non-empty-names
   28 test-23 = 23-client-auth-TLSv1.2-noroot
   29 test-24 = 24-server-auth-DTLSv1
   30 test-25 = 25-client-auth-DTLSv1-request
   31 test-26 = 26-client-auth-DTLSv1-require-fail
   32 test-27 = 27-client-auth-DTLSv1-require
   33 test-28 = 28-client-auth-DTLSv1-require-non-empty-names
   34 test-29 = 29-client-auth-DTLSv1-noroot
   35 test-30 = 30-server-auth-DTLSv1.2
   36 test-31 = 31-client-auth-DTLSv1.2-request
   37 test-32 = 32-client-auth-DTLSv1.2-require-fail
   38 test-33 = 33-client-auth-DTLSv1.2-require
   39 test-34 = 34-client-auth-DTLSv1.2-require-non-empty-names
   40 test-35 = 35-client-auth-DTLSv1.2-noroot
   41 # ===========================================================
   42 
   43 [0-server-auth-flex]
   44 ssl_conf = 0-server-auth-flex-ssl
   45 
   46 [0-server-auth-flex-ssl]
   47 server = 0-server-auth-flex-server
   48 client = 0-server-auth-flex-client
   49 
   50 [0-server-auth-flex-server]
   51 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
   52 CipherString = DEFAULT
   53 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
   54 
   55 [0-server-auth-flex-client]
   56 CipherString = DEFAULT
   57 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
   58 VerifyMode = Peer
   59 
   60 [test-0]
   61 ExpectedResult = Success
   62 
   63 
   64 # ===========================================================
   65 
   66 [1-client-auth-flex-request]
   67 ssl_conf = 1-client-auth-flex-request-ssl
   68 
   69 [1-client-auth-flex-request-ssl]
   70 server = 1-client-auth-flex-request-server
   71 client = 1-client-auth-flex-request-client
   72 
   73 [1-client-auth-flex-request-server]
   74 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
   75 CipherString = DEFAULT
   76 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
   77 VerifyMode = Request
   78 
   79 [1-client-auth-flex-request-client]
   80 CipherString = DEFAULT
   81 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
   82 VerifyMode = Peer
   83 
   84 [test-1]
   85 ExpectedResult = Success
   86 
   87 
   88 # ===========================================================
   89 
   90 [2-client-auth-flex-require-fail]
   91 ssl_conf = 2-client-auth-flex-require-fail-ssl
   92 
   93 [2-client-auth-flex-require-fail-ssl]
   94 server = 2-client-auth-flex-require-fail-server
   95 client = 2-client-auth-flex-require-fail-client
   96 
   97 [2-client-auth-flex-require-fail-server]
   98 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
   99 CipherString = DEFAULT
  100 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  101 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  102 VerifyMode = Require
  103 
  104 [2-client-auth-flex-require-fail-client]
  105 CipherString = DEFAULT
  106 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  107 VerifyMode = Peer
  108 
  109 [test-2]
  110 ExpectedResult = ServerFail
  111 ExpectedServerAlert = CertificateRequired
  112 
  113 
  114 # ===========================================================
  115 
  116 [3-client-auth-flex-require]
  117 ssl_conf = 3-client-auth-flex-require-ssl
  118 
  119 [3-client-auth-flex-require-ssl]
  120 server = 3-client-auth-flex-require-server
  121 client = 3-client-auth-flex-require-client
  122 
  123 [3-client-auth-flex-require-server]
  124 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  125 CipherString = DEFAULT
  126 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  127 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  128 VerifyMode = Request
  129 
  130 [3-client-auth-flex-require-client]
  131 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  132 CipherString = DEFAULT
  133 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  134 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  135 VerifyMode = Peer
  136 
  137 [test-3]
  138 ExpectedClientCANames = empty
  139 ExpectedClientCertType = RSA
  140 ExpectedResult = Success
  141 
  142 
  143 # ===========================================================
  144 
  145 [4-client-auth-flex-require-non-empty-names]
  146 ssl_conf = 4-client-auth-flex-require-non-empty-names-ssl
  147 
  148 [4-client-auth-flex-require-non-empty-names-ssl]
  149 server = 4-client-auth-flex-require-non-empty-names-server
  150 client = 4-client-auth-flex-require-non-empty-names-client
  151 
  152 [4-client-auth-flex-require-non-empty-names-server]
  153 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  154 CipherString = DEFAULT
  155 ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  156 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  157 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  158 VerifyMode = Request
  159 
  160 [4-client-auth-flex-require-non-empty-names-client]
  161 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  162 CipherString = DEFAULT
  163 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  164 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  165 VerifyMode = Peer
  166 
  167 [test-4]
  168 ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  169 ExpectedClientCertType = RSA
  170 ExpectedResult = Success
  171 
  172 
  173 # ===========================================================
  174 
  175 [5-client-auth-flex-noroot]
  176 ssl_conf = 5-client-auth-flex-noroot-ssl
  177 
  178 [5-client-auth-flex-noroot-ssl]
  179 server = 5-client-auth-flex-noroot-server
  180 client = 5-client-auth-flex-noroot-client
  181 
  182 [5-client-auth-flex-noroot-server]
  183 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  184 CipherString = DEFAULT
  185 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  186 VerifyMode = Require
  187 
  188 [5-client-auth-flex-noroot-client]
  189 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  190 CipherString = DEFAULT
  191 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  192 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  193 VerifyMode = Peer
  194 
  195 [test-5]
  196 ExpectedResult = ServerFail
  197 ExpectedServerAlert = UnknownCA
  198 
  199 
  200 # ===========================================================
  201 
  202 [6-server-auth-TLSv1]
  203 ssl_conf = 6-server-auth-TLSv1-ssl
  204 
  205 [6-server-auth-TLSv1-ssl]
  206 server = 6-server-auth-TLSv1-server
  207 client = 6-server-auth-TLSv1-client
  208 
  209 [6-server-auth-TLSv1-server]
  210 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  211 CipherString = DEFAULT
  212 MaxProtocol = TLSv1
  213 MinProtocol = TLSv1
  214 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  215 
  216 [6-server-auth-TLSv1-client]
  217 CipherString = DEFAULT
  218 MaxProtocol = TLSv1
  219 MinProtocol = TLSv1
  220 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  221 VerifyMode = Peer
  222 
  223 [test-6]
  224 ExpectedResult = Success
  225 
  226 
  227 # ===========================================================
  228 
  229 [7-client-auth-TLSv1-request]
  230 ssl_conf = 7-client-auth-TLSv1-request-ssl
  231 
  232 [7-client-auth-TLSv1-request-ssl]
  233 server = 7-client-auth-TLSv1-request-server
  234 client = 7-client-auth-TLSv1-request-client
  235 
  236 [7-client-auth-TLSv1-request-server]
  237 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  238 CipherString = DEFAULT
  239 MaxProtocol = TLSv1
  240 MinProtocol = TLSv1
  241 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  242 VerifyMode = Request
  243 
  244 [7-client-auth-TLSv1-request-client]
  245 CipherString = DEFAULT
  246 MaxProtocol = TLSv1
  247 MinProtocol = TLSv1
  248 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  249 VerifyMode = Peer
  250 
  251 [test-7]
  252 ExpectedResult = Success
  253 
  254 
  255 # ===========================================================
  256 
  257 [8-client-auth-TLSv1-require-fail]
  258 ssl_conf = 8-client-auth-TLSv1-require-fail-ssl
  259 
  260 [8-client-auth-TLSv1-require-fail-ssl]
  261 server = 8-client-auth-TLSv1-require-fail-server
  262 client = 8-client-auth-TLSv1-require-fail-client
  263 
  264 [8-client-auth-TLSv1-require-fail-server]
  265 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  266 CipherString = DEFAULT
  267 MaxProtocol = TLSv1
  268 MinProtocol = TLSv1
  269 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  270 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  271 VerifyMode = Require
  272 
  273 [8-client-auth-TLSv1-require-fail-client]
  274 CipherString = DEFAULT
  275 MaxProtocol = TLSv1
  276 MinProtocol = TLSv1
  277 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  278 VerifyMode = Peer
  279 
  280 [test-8]
  281 ExpectedResult = ServerFail
  282 ExpectedServerAlert = HandshakeFailure
  283 
  284 
  285 # ===========================================================
  286 
  287 [9-client-auth-TLSv1-require]
  288 ssl_conf = 9-client-auth-TLSv1-require-ssl
  289 
  290 [9-client-auth-TLSv1-require-ssl]
  291 server = 9-client-auth-TLSv1-require-server
  292 client = 9-client-auth-TLSv1-require-client
  293 
  294 [9-client-auth-TLSv1-require-server]
  295 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  296 CipherString = DEFAULT
  297 MaxProtocol = TLSv1
  298 MinProtocol = TLSv1
  299 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  300 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  301 VerifyMode = Request
  302 
  303 [9-client-auth-TLSv1-require-client]
  304 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  305 CipherString = DEFAULT
  306 MaxProtocol = TLSv1
  307 MinProtocol = TLSv1
  308 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  309 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  310 VerifyMode = Peer
  311 
  312 [test-9]
  313 ExpectedClientCANames = empty
  314 ExpectedClientCertType = RSA
  315 ExpectedResult = Success
  316 
  317 
  318 # ===========================================================
  319 
  320 [10-client-auth-TLSv1-require-non-empty-names]
  321 ssl_conf = 10-client-auth-TLSv1-require-non-empty-names-ssl
  322 
  323 [10-client-auth-TLSv1-require-non-empty-names-ssl]
  324 server = 10-client-auth-TLSv1-require-non-empty-names-server
  325 client = 10-client-auth-TLSv1-require-non-empty-names-client
  326 
  327 [10-client-auth-TLSv1-require-non-empty-names-server]
  328 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  329 CipherString = DEFAULT
  330 ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  331 MaxProtocol = TLSv1
  332 MinProtocol = TLSv1
  333 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  334 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  335 VerifyMode = Request
  336 
  337 [10-client-auth-TLSv1-require-non-empty-names-client]
  338 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  339 CipherString = DEFAULT
  340 MaxProtocol = TLSv1
  341 MinProtocol = TLSv1
  342 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  343 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  344 VerifyMode = Peer
  345 
  346 [test-10]
  347 ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  348 ExpectedClientCertType = RSA
  349 ExpectedResult = Success
  350 
  351 
  352 # ===========================================================
  353 
  354 [11-client-auth-TLSv1-noroot]
  355 ssl_conf = 11-client-auth-TLSv1-noroot-ssl
  356 
  357 [11-client-auth-TLSv1-noroot-ssl]
  358 server = 11-client-auth-TLSv1-noroot-server
  359 client = 11-client-auth-TLSv1-noroot-client
  360 
  361 [11-client-auth-TLSv1-noroot-server]
  362 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  363 CipherString = DEFAULT
  364 MaxProtocol = TLSv1
  365 MinProtocol = TLSv1
  366 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  367 VerifyMode = Require
  368 
  369 [11-client-auth-TLSv1-noroot-client]
  370 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  371 CipherString = DEFAULT
  372 MaxProtocol = TLSv1
  373 MinProtocol = TLSv1
  374 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  375 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  376 VerifyMode = Peer
  377 
  378 [test-11]
  379 ExpectedResult = ServerFail
  380 ExpectedServerAlert = UnknownCA
  381 
  382 
  383 # ===========================================================
  384 
  385 [12-server-auth-TLSv1.1]
  386 ssl_conf = 12-server-auth-TLSv1.1-ssl
  387 
  388 [12-server-auth-TLSv1.1-ssl]
  389 server = 12-server-auth-TLSv1.1-server
  390 client = 12-server-auth-TLSv1.1-client
  391 
  392 [12-server-auth-TLSv1.1-server]
  393 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  394 CipherString = DEFAULT
  395 MaxProtocol = TLSv1.1
  396 MinProtocol = TLSv1.1
  397 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  398 
  399 [12-server-auth-TLSv1.1-client]
  400 CipherString = DEFAULT
  401 MaxProtocol = TLSv1.1
  402 MinProtocol = TLSv1.1
  403 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  404 VerifyMode = Peer
  405 
  406 [test-12]
  407 ExpectedResult = Success
  408 
  409 
  410 # ===========================================================
  411 
  412 [13-client-auth-TLSv1.1-request]
  413 ssl_conf = 13-client-auth-TLSv1.1-request-ssl
  414 
  415 [13-client-auth-TLSv1.1-request-ssl]
  416 server = 13-client-auth-TLSv1.1-request-server
  417 client = 13-client-auth-TLSv1.1-request-client
  418 
  419 [13-client-auth-TLSv1.1-request-server]
  420 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  421 CipherString = DEFAULT
  422 MaxProtocol = TLSv1.1
  423 MinProtocol = TLSv1.1
  424 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  425 VerifyMode = Request
  426 
  427 [13-client-auth-TLSv1.1-request-client]
  428 CipherString = DEFAULT
  429 MaxProtocol = TLSv1.1
  430 MinProtocol = TLSv1.1
  431 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  432 VerifyMode = Peer
  433 
  434 [test-13]
  435 ExpectedResult = Success
  436 
  437 
  438 # ===========================================================
  439 
  440 [14-client-auth-TLSv1.1-require-fail]
  441 ssl_conf = 14-client-auth-TLSv1.1-require-fail-ssl
  442 
  443 [14-client-auth-TLSv1.1-require-fail-ssl]
  444 server = 14-client-auth-TLSv1.1-require-fail-server
  445 client = 14-client-auth-TLSv1.1-require-fail-client
  446 
  447 [14-client-auth-TLSv1.1-require-fail-server]
  448 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  449 CipherString = DEFAULT
  450 MaxProtocol = TLSv1.1
  451 MinProtocol = TLSv1.1
  452 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  453 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  454 VerifyMode = Require
  455 
  456 [14-client-auth-TLSv1.1-require-fail-client]
  457 CipherString = DEFAULT
  458 MaxProtocol = TLSv1.1
  459 MinProtocol = TLSv1.1
  460 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  461 VerifyMode = Peer
  462 
  463 [test-14]
  464 ExpectedResult = ServerFail
  465 ExpectedServerAlert = HandshakeFailure
  466 
  467 
  468 # ===========================================================
  469 
  470 [15-client-auth-TLSv1.1-require]
  471 ssl_conf = 15-client-auth-TLSv1.1-require-ssl
  472 
  473 [15-client-auth-TLSv1.1-require-ssl]
  474 server = 15-client-auth-TLSv1.1-require-server
  475 client = 15-client-auth-TLSv1.1-require-client
  476 
  477 [15-client-auth-TLSv1.1-require-server]
  478 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  479 CipherString = DEFAULT
  480 MaxProtocol = TLSv1.1
  481 MinProtocol = TLSv1.1
  482 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  483 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  484 VerifyMode = Request
  485 
  486 [15-client-auth-TLSv1.1-require-client]
  487 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  488 CipherString = DEFAULT
  489 MaxProtocol = TLSv1.1
  490 MinProtocol = TLSv1.1
  491 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  492 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  493 VerifyMode = Peer
  494 
  495 [test-15]
  496 ExpectedClientCANames = empty
  497 ExpectedClientCertType = RSA
  498 ExpectedResult = Success
  499 
  500 
  501 # ===========================================================
  502 
  503 [16-client-auth-TLSv1.1-require-non-empty-names]
  504 ssl_conf = 16-client-auth-TLSv1.1-require-non-empty-names-ssl
  505 
  506 [16-client-auth-TLSv1.1-require-non-empty-names-ssl]
  507 server = 16-client-auth-TLSv1.1-require-non-empty-names-server
  508 client = 16-client-auth-TLSv1.1-require-non-empty-names-client
  509 
  510 [16-client-auth-TLSv1.1-require-non-empty-names-server]
  511 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  512 CipherString = DEFAULT
  513 ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  514 MaxProtocol = TLSv1.1
  515 MinProtocol = TLSv1.1
  516 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  517 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  518 VerifyMode = Request
  519 
  520 [16-client-auth-TLSv1.1-require-non-empty-names-client]
  521 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  522 CipherString = DEFAULT
  523 MaxProtocol = TLSv1.1
  524 MinProtocol = TLSv1.1
  525 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  526 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  527 VerifyMode = Peer
  528 
  529 [test-16]
  530 ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  531 ExpectedClientCertType = RSA
  532 ExpectedResult = Success
  533 
  534 
  535 # ===========================================================
  536 
  537 [17-client-auth-TLSv1.1-noroot]
  538 ssl_conf = 17-client-auth-TLSv1.1-noroot-ssl
  539 
  540 [17-client-auth-TLSv1.1-noroot-ssl]
  541 server = 17-client-auth-TLSv1.1-noroot-server
  542 client = 17-client-auth-TLSv1.1-noroot-client
  543 
  544 [17-client-auth-TLSv1.1-noroot-server]
  545 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  546 CipherString = DEFAULT
  547 MaxProtocol = TLSv1.1
  548 MinProtocol = TLSv1.1
  549 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  550 VerifyMode = Require
  551 
  552 [17-client-auth-TLSv1.1-noroot-client]
  553 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  554 CipherString = DEFAULT
  555 MaxProtocol = TLSv1.1
  556 MinProtocol = TLSv1.1
  557 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  558 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  559 VerifyMode = Peer
  560 
  561 [test-17]
  562 ExpectedResult = ServerFail
  563 ExpectedServerAlert = UnknownCA
  564 
  565 
  566 # ===========================================================
  567 
  568 [18-server-auth-TLSv1.2]
  569 ssl_conf = 18-server-auth-TLSv1.2-ssl
  570 
  571 [18-server-auth-TLSv1.2-ssl]
  572 server = 18-server-auth-TLSv1.2-server
  573 client = 18-server-auth-TLSv1.2-client
  574 
  575 [18-server-auth-TLSv1.2-server]
  576 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  577 CipherString = DEFAULT
  578 MaxProtocol = TLSv1.2
  579 MinProtocol = TLSv1.2
  580 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  581 
  582 [18-server-auth-TLSv1.2-client]
  583 CipherString = DEFAULT
  584 MaxProtocol = TLSv1.2
  585 MinProtocol = TLSv1.2
  586 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  587 VerifyMode = Peer
  588 
  589 [test-18]
  590 ExpectedResult = Success
  591 
  592 
  593 # ===========================================================
  594 
  595 [19-client-auth-TLSv1.2-request]
  596 ssl_conf = 19-client-auth-TLSv1.2-request-ssl
  597 
  598 [19-client-auth-TLSv1.2-request-ssl]
  599 server = 19-client-auth-TLSv1.2-request-server
  600 client = 19-client-auth-TLSv1.2-request-client
  601 
  602 [19-client-auth-TLSv1.2-request-server]
  603 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  604 CipherString = DEFAULT
  605 MaxProtocol = TLSv1.2
  606 MinProtocol = TLSv1.2
  607 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  608 VerifyMode = Request
  609 
  610 [19-client-auth-TLSv1.2-request-client]
  611 CipherString = DEFAULT
  612 MaxProtocol = TLSv1.2
  613 MinProtocol = TLSv1.2
  614 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  615 VerifyMode = Peer
  616 
  617 [test-19]
  618 ExpectedResult = Success
  619 
  620 
  621 # ===========================================================
  622 
  623 [20-client-auth-TLSv1.2-require-fail]
  624 ssl_conf = 20-client-auth-TLSv1.2-require-fail-ssl
  625 
  626 [20-client-auth-TLSv1.2-require-fail-ssl]
  627 server = 20-client-auth-TLSv1.2-require-fail-server
  628 client = 20-client-auth-TLSv1.2-require-fail-client
  629 
  630 [20-client-auth-TLSv1.2-require-fail-server]
  631 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  632 CipherString = DEFAULT
  633 MaxProtocol = TLSv1.2
  634 MinProtocol = TLSv1.2
  635 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  636 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  637 VerifyMode = Require
  638 
  639 [20-client-auth-TLSv1.2-require-fail-client]
  640 CipherString = DEFAULT
  641 MaxProtocol = TLSv1.2
  642 MinProtocol = TLSv1.2
  643 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  644 VerifyMode = Peer
  645 
  646 [test-20]
  647 ExpectedResult = ServerFail
  648 ExpectedServerAlert = HandshakeFailure
  649 
  650 
  651 # ===========================================================
  652 
  653 [21-client-auth-TLSv1.2-require]
  654 ssl_conf = 21-client-auth-TLSv1.2-require-ssl
  655 
  656 [21-client-auth-TLSv1.2-require-ssl]
  657 server = 21-client-auth-TLSv1.2-require-server
  658 client = 21-client-auth-TLSv1.2-require-client
  659 
  660 [21-client-auth-TLSv1.2-require-server]
  661 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  662 CipherString = DEFAULT
  663 ClientSignatureAlgorithms = SHA256+RSA
  664 MaxProtocol = TLSv1.2
  665 MinProtocol = TLSv1.2
  666 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  667 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  668 VerifyMode = Request
  669 
  670 [21-client-auth-TLSv1.2-require-client]
  671 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  672 CipherString = DEFAULT
  673 MaxProtocol = TLSv1.2
  674 MinProtocol = TLSv1.2
  675 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  676 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  677 VerifyMode = Peer
  678 
  679 [test-21]
  680 ExpectedClientCANames = empty
  681 ExpectedClientCertType = RSA
  682 ExpectedClientSignHash = SHA256
  683 ExpectedClientSignType = RSA
  684 ExpectedResult = Success
  685 
  686 
  687 # ===========================================================
  688 
  689 [22-client-auth-TLSv1.2-require-non-empty-names]
  690 ssl_conf = 22-client-auth-TLSv1.2-require-non-empty-names-ssl
  691 
  692 [22-client-auth-TLSv1.2-require-non-empty-names-ssl]
  693 server = 22-client-auth-TLSv1.2-require-non-empty-names-server
  694 client = 22-client-auth-TLSv1.2-require-non-empty-names-client
  695 
  696 [22-client-auth-TLSv1.2-require-non-empty-names-server]
  697 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  698 CipherString = DEFAULT
  699 ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  700 ClientSignatureAlgorithms = SHA256+RSA
  701 MaxProtocol = TLSv1.2
  702 MinProtocol = TLSv1.2
  703 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  704 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  705 VerifyMode = Request
  706 
  707 [22-client-auth-TLSv1.2-require-non-empty-names-client]
  708 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  709 CipherString = DEFAULT
  710 MaxProtocol = TLSv1.2
  711 MinProtocol = TLSv1.2
  712 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  713 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  714 VerifyMode = Peer
  715 
  716 [test-22]
  717 ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  718 ExpectedClientCertType = RSA
  719 ExpectedClientSignHash = SHA256
  720 ExpectedClientSignType = RSA
  721 ExpectedResult = Success
  722 
  723 
  724 # ===========================================================
  725 
  726 [23-client-auth-TLSv1.2-noroot]
  727 ssl_conf = 23-client-auth-TLSv1.2-noroot-ssl
  728 
  729 [23-client-auth-TLSv1.2-noroot-ssl]
  730 server = 23-client-auth-TLSv1.2-noroot-server
  731 client = 23-client-auth-TLSv1.2-noroot-client
  732 
  733 [23-client-auth-TLSv1.2-noroot-server]
  734 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  735 CipherString = DEFAULT
  736 MaxProtocol = TLSv1.2
  737 MinProtocol = TLSv1.2
  738 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  739 VerifyMode = Require
  740 
  741 [23-client-auth-TLSv1.2-noroot-client]
  742 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  743 CipherString = DEFAULT
  744 MaxProtocol = TLSv1.2
  745 MinProtocol = TLSv1.2
  746 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  747 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  748 VerifyMode = Peer
  749 
  750 [test-23]
  751 ExpectedResult = ServerFail
  752 ExpectedServerAlert = UnknownCA
  753 
  754 
  755 # ===========================================================
  756 
  757 [24-server-auth-DTLSv1]
  758 ssl_conf = 24-server-auth-DTLSv1-ssl
  759 
  760 [24-server-auth-DTLSv1-ssl]
  761 server = 24-server-auth-DTLSv1-server
  762 client = 24-server-auth-DTLSv1-client
  763 
  764 [24-server-auth-DTLSv1-server]
  765 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  766 CipherString = DEFAULT
  767 MaxProtocol = DTLSv1
  768 MinProtocol = DTLSv1
  769 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  770 
  771 [24-server-auth-DTLSv1-client]
  772 CipherString = DEFAULT
  773 MaxProtocol = DTLSv1
  774 MinProtocol = DTLSv1
  775 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  776 VerifyMode = Peer
  777 
  778 [test-24]
  779 ExpectedResult = Success
  780 Method = DTLS
  781 
  782 
  783 # ===========================================================
  784 
  785 [25-client-auth-DTLSv1-request]
  786 ssl_conf = 25-client-auth-DTLSv1-request-ssl
  787 
  788 [25-client-auth-DTLSv1-request-ssl]
  789 server = 25-client-auth-DTLSv1-request-server
  790 client = 25-client-auth-DTLSv1-request-client
  791 
  792 [25-client-auth-DTLSv1-request-server]
  793 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  794 CipherString = DEFAULT
  795 MaxProtocol = DTLSv1
  796 MinProtocol = DTLSv1
  797 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  798 VerifyMode = Request
  799 
  800 [25-client-auth-DTLSv1-request-client]
  801 CipherString = DEFAULT
  802 MaxProtocol = DTLSv1
  803 MinProtocol = DTLSv1
  804 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  805 VerifyMode = Peer
  806 
  807 [test-25]
  808 ExpectedResult = Success
  809 Method = DTLS
  810 
  811 
  812 # ===========================================================
  813 
  814 [26-client-auth-DTLSv1-require-fail]
  815 ssl_conf = 26-client-auth-DTLSv1-require-fail-ssl
  816 
  817 [26-client-auth-DTLSv1-require-fail-ssl]
  818 server = 26-client-auth-DTLSv1-require-fail-server
  819 client = 26-client-auth-DTLSv1-require-fail-client
  820 
  821 [26-client-auth-DTLSv1-require-fail-server]
  822 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  823 CipherString = DEFAULT
  824 MaxProtocol = DTLSv1
  825 MinProtocol = DTLSv1
  826 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  827 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  828 VerifyMode = Require
  829 
  830 [26-client-auth-DTLSv1-require-fail-client]
  831 CipherString = DEFAULT
  832 MaxProtocol = DTLSv1
  833 MinProtocol = DTLSv1
  834 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  835 VerifyMode = Peer
  836 
  837 [test-26]
  838 ExpectedResult = ServerFail
  839 ExpectedServerAlert = HandshakeFailure
  840 Method = DTLS
  841 
  842 
  843 # ===========================================================
  844 
  845 [27-client-auth-DTLSv1-require]
  846 ssl_conf = 27-client-auth-DTLSv1-require-ssl
  847 
  848 [27-client-auth-DTLSv1-require-ssl]
  849 server = 27-client-auth-DTLSv1-require-server
  850 client = 27-client-auth-DTLSv1-require-client
  851 
  852 [27-client-auth-DTLSv1-require-server]
  853 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  854 CipherString = DEFAULT
  855 MaxProtocol = DTLSv1
  856 MinProtocol = DTLSv1
  857 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  858 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  859 VerifyMode = Request
  860 
  861 [27-client-auth-DTLSv1-require-client]
  862 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  863 CipherString = DEFAULT
  864 MaxProtocol = DTLSv1
  865 MinProtocol = DTLSv1
  866 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  867 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  868 VerifyMode = Peer
  869 
  870 [test-27]
  871 ExpectedClientCANames = empty
  872 ExpectedClientCertType = RSA
  873 ExpectedResult = Success
  874 Method = DTLS
  875 
  876 
  877 # ===========================================================
  878 
  879 [28-client-auth-DTLSv1-require-non-empty-names]
  880 ssl_conf = 28-client-auth-DTLSv1-require-non-empty-names-ssl
  881 
  882 [28-client-auth-DTLSv1-require-non-empty-names-ssl]
  883 server = 28-client-auth-DTLSv1-require-non-empty-names-server
  884 client = 28-client-auth-DTLSv1-require-non-empty-names-client
  885 
  886 [28-client-auth-DTLSv1-require-non-empty-names-server]
  887 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  888 CipherString = DEFAULT
  889 ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  890 MaxProtocol = DTLSv1
  891 MinProtocol = DTLSv1
  892 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  893 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  894 VerifyMode = Request
  895 
  896 [28-client-auth-DTLSv1-require-non-empty-names-client]
  897 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  898 CipherString = DEFAULT
  899 MaxProtocol = DTLSv1
  900 MinProtocol = DTLSv1
  901 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  902 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  903 VerifyMode = Peer
  904 
  905 [test-28]
  906 ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  907 ExpectedClientCertType = RSA
  908 ExpectedResult = Success
  909 Method = DTLS
  910 
  911 
  912 # ===========================================================
  913 
  914 [29-client-auth-DTLSv1-noroot]
  915 ssl_conf = 29-client-auth-DTLSv1-noroot-ssl
  916 
  917 [29-client-auth-DTLSv1-noroot-ssl]
  918 server = 29-client-auth-DTLSv1-noroot-server
  919 client = 29-client-auth-DTLSv1-noroot-client
  920 
  921 [29-client-auth-DTLSv1-noroot-server]
  922 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  923 CipherString = DEFAULT
  924 MaxProtocol = DTLSv1
  925 MinProtocol = DTLSv1
  926 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  927 VerifyMode = Require
  928 
  929 [29-client-auth-DTLSv1-noroot-client]
  930 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  931 CipherString = DEFAULT
  932 MaxProtocol = DTLSv1
  933 MinProtocol = DTLSv1
  934 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  935 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  936 VerifyMode = Peer
  937 
  938 [test-29]
  939 ExpectedResult = ServerFail
  940 ExpectedServerAlert = UnknownCA
  941 Method = DTLS
  942 
  943 
  944 # ===========================================================
  945 
  946 [30-server-auth-DTLSv1.2]
  947 ssl_conf = 30-server-auth-DTLSv1.2-ssl
  948 
  949 [30-server-auth-DTLSv1.2-ssl]
  950 server = 30-server-auth-DTLSv1.2-server
  951 client = 30-server-auth-DTLSv1.2-client
  952 
  953 [30-server-auth-DTLSv1.2-server]
  954 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  955 CipherString = DEFAULT
  956 MaxProtocol = DTLSv1.2
  957 MinProtocol = DTLSv1.2
  958 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  959 
  960 [30-server-auth-DTLSv1.2-client]
  961 CipherString = DEFAULT
  962 MaxProtocol = DTLSv1.2
  963 MinProtocol = DTLSv1.2
  964 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  965 VerifyMode = Peer
  966 
  967 [test-30]
  968 ExpectedResult = Success
  969 Method = DTLS
  970 
  971 
  972 # ===========================================================
  973 
  974 [31-client-auth-DTLSv1.2-request]
  975 ssl_conf = 31-client-auth-DTLSv1.2-request-ssl
  976 
  977 [31-client-auth-DTLSv1.2-request-ssl]
  978 server = 31-client-auth-DTLSv1.2-request-server
  979 client = 31-client-auth-DTLSv1.2-request-client
  980 
  981 [31-client-auth-DTLSv1.2-request-server]
  982 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  983 CipherString = DEFAULT
  984 MaxProtocol = DTLSv1.2
  985 MinProtocol = DTLSv1.2
  986 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  987 VerifyMode = Request
  988 
  989 [31-client-auth-DTLSv1.2-request-client]
  990 CipherString = DEFAULT
  991 MaxProtocol = DTLSv1.2
  992 MinProtocol = DTLSv1.2
  993 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  994 VerifyMode = Peer
  995 
  996 [test-31]
  997 ExpectedResult = Success
  998 Method = DTLS
  999 
 1000 
 1001 # ===========================================================
 1002 
 1003 [32-client-auth-DTLSv1.2-require-fail]
 1004 ssl_conf = 32-client-auth-DTLSv1.2-require-fail-ssl
 1005 
 1006 [32-client-auth-DTLSv1.2-require-fail-ssl]
 1007 server = 32-client-auth-DTLSv1.2-require-fail-server
 1008 client = 32-client-auth-DTLSv1.2-require-fail-client
 1009 
 1010 [32-client-auth-DTLSv1.2-require-fail-server]
 1011 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 1012 CipherString = DEFAULT
 1013 MaxProtocol = DTLSv1.2
 1014 MinProtocol = DTLSv1.2
 1015 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 1016 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 1017 VerifyMode = Require
 1018 
 1019 [32-client-auth-DTLSv1.2-require-fail-client]
 1020 CipherString = DEFAULT
 1021 MaxProtocol = DTLSv1.2
 1022 MinProtocol = DTLSv1.2
 1023 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 1024 VerifyMode = Peer
 1025 
 1026 [test-32]
 1027 ExpectedResult = ServerFail
 1028 ExpectedServerAlert = HandshakeFailure
 1029 Method = DTLS
 1030 
 1031 
 1032 # ===========================================================
 1033 
 1034 [33-client-auth-DTLSv1.2-require]
 1035 ssl_conf = 33-client-auth-DTLSv1.2-require-ssl
 1036 
 1037 [33-client-auth-DTLSv1.2-require-ssl]
 1038 server = 33-client-auth-DTLSv1.2-require-server
 1039 client = 33-client-auth-DTLSv1.2-require-client
 1040 
 1041 [33-client-auth-DTLSv1.2-require-server]
 1042 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 1043 CipherString = DEFAULT
 1044 MaxProtocol = DTLSv1.2
 1045 MinProtocol = DTLSv1.2
 1046 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 1047 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 1048 VerifyMode = Request
 1049 
 1050 [33-client-auth-DTLSv1.2-require-client]
 1051 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
 1052 CipherString = DEFAULT
 1053 MaxProtocol = DTLSv1.2
 1054 MinProtocol = DTLSv1.2
 1055 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
 1056 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 1057 VerifyMode = Peer
 1058 
 1059 [test-33]
 1060 ExpectedClientCANames = empty
 1061 ExpectedClientCertType = RSA
 1062 ExpectedResult = Success
 1063 Method = DTLS
 1064 
 1065 
 1066 # ===========================================================
 1067 
 1068 [34-client-auth-DTLSv1.2-require-non-empty-names]
 1069 ssl_conf = 34-client-auth-DTLSv1.2-require-non-empty-names-ssl
 1070 
 1071 [34-client-auth-DTLSv1.2-require-non-empty-names-ssl]
 1072 server = 34-client-auth-DTLSv1.2-require-non-empty-names-server
 1073 client = 34-client-auth-DTLSv1.2-require-non-empty-names-client
 1074 
 1075 [34-client-auth-DTLSv1.2-require-non-empty-names-server]
 1076 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 1077 CipherString = DEFAULT
 1078 ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 1079 MaxProtocol = DTLSv1.2
 1080 MinProtocol = DTLSv1.2
 1081 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 1082 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 1083 VerifyMode = Request
 1084 
 1085 [34-client-auth-DTLSv1.2-require-non-empty-names-client]
 1086 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
 1087 CipherString = DEFAULT
 1088 MaxProtocol = DTLSv1.2
 1089 MinProtocol = DTLSv1.2
 1090 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
 1091 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 1092 VerifyMode = Peer
 1093 
 1094 [test-34]
 1095 ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 1096 ExpectedClientCertType = RSA
 1097 ExpectedResult = Success
 1098 Method = DTLS
 1099 
 1100 
 1101 # ===========================================================
 1102 
 1103 [35-client-auth-DTLSv1.2-noroot]
 1104 ssl_conf = 35-client-auth-DTLSv1.2-noroot-ssl
 1105 
 1106 [35-client-auth-DTLSv1.2-noroot-ssl]
 1107 server = 35-client-auth-DTLSv1.2-noroot-server
 1108 client = 35-client-auth-DTLSv1.2-noroot-client
 1109 
 1110 [35-client-auth-DTLSv1.2-noroot-server]
 1111 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 1112 CipherString = DEFAULT
 1113 MaxProtocol = DTLSv1.2
 1114 MinProtocol = DTLSv1.2
 1115 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 1116 VerifyMode = Require
 1117 
 1118 [35-client-auth-DTLSv1.2-noroot-client]
 1119 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
 1120 CipherString = DEFAULT
 1121 MaxProtocol = DTLSv1.2
 1122 MinProtocol = DTLSv1.2
 1123 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
 1124 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 1125 VerifyMode = Peer
 1126 
 1127 [test-35]
 1128 ExpectedResult = ServerFail
 1129 ExpectedServerAlert = UnknownCA
 1130 Method = DTLS
 1131 
 1132