Test Case for x509->pkcs12 conversion

voxpupuli · Jan 10, 2025 · 07e2469 · 07e2469
1 parent a749147
commit 07e2469
Showing 1 changed file with 24 additions and 0 deletions.
diff --git a/spec/acceptance/x509_pkcs12.rb b/spec/acceptance/x509_pkcs12.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+require 'spec_helper_acceptance'
+
+# the openssl output changed and differs between EL9 vs older versions
+# https://github.com/mizzy/serverspec/commit/ac366dd40015f0b53e70a3ed881b931dfc83c603 might not be a correct fix
+# Ewoud is working on a fix in https://github.com/ekohl/serverspec/commit/64874e9c8cc70b097300c3a60281572a3528768e
+# in the meantime we won't use x509_certificate matcher
+describe 'x509 to pkcs12 to pem key' do
+  it_behaves_like 'the example', 'x509_pkcs12_pemkey.pp' do
+    it { expect(file('/tmp/sample_x509.crt')).to be_file.and(have_attributes(owner: 'root')) }
+    # it { expect(x509_certificate('/tmp/foo.example.com.crt')).to be_certificate.and(have_attributes(subject: 'C = CH, O = Example.com, CN = foo.example.com')) }
+
+    describe x509_certificate('/tmp/sample_x509.crt') do
+      it { is_expected.to be_certificate }
+      it { is_expected.to be_valid }
+      #      its(:subject) { is_expected.to match_without_whitespace(%r{C = CH, O = Example.com, CN = foo.example.com}) }
+      its(:keylength) { is_expected.to eq 1024 }
+    end
+
+    #    it { expect(file('/tmp/foo.example.com.key')).to be_file.and(have_attributes(owner: 'nobody', mode: '600')) }
+    #    it { expect(x509_private_key('/tmp/foo.example.com.key', passin: 'pass:mahje1Qu')).to have_matching_certificate('/tmp/foo.example.com.crt') }
+  end
+end