mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2025-12-05 01:31:03 +01:00
9b67670254
ssl/ssl_client_auth.vtc was renamed to ssl/ssl_client_auth.vtci
to produce a common part runnable both for QUIC and TCP listeners.
Then ssl_client_auth.vtc files were created both under ssl and quic directories
to call this .vtci file with correct VTC_SOCK_TYPE environment values
("quic" for QUIC listeners and "stream" for TCP listeners);
22 lines
825 B
Plaintext
22 lines
825 B
Plaintext
#REGTEST_TYPE=devel
|
|
|
|
# This reg-test tests the client auth feature of HAProxy for both the backend
|
|
# and frontend section with a CRL list
|
|
#
|
|
# This reg-test uses 2 chained listeners because vtest does not handle the SSL.
|
|
# Test the frontend client auth and the backend side at the same time.
|
|
#
|
|
# The sends 3 requests one with a correct certificate, one with an expired one and one which was revoked.
|
|
# The client then check if we received the right one with the right error.
|
|
#
|
|
# Certificates, CA and CRL are expiring in 2050 so it should be fine for the CI.
|
|
#
|
|
# Detail about configuration is explained there:
|
|
# https://www.haproxy.com/blog/ssl-client-certificate-management-at-application-level/
|
|
|
|
varnishtest "Test the client auth"
|
|
#REQUIRE_OPTIONS=OPENSSL
|
|
|
|
setenv VTC_SOCK_TYPE stream
|
|
include ${testdir}/ssl_client_auth.vtci
|