func TestNewCertificate(t *testing.T) {
_, sa, ra, _, cleanUp := initAuthorities(t)
defer cleanUp()
AuthzFinal.RegistrationID = Registration.ID
AuthzFinal, _ = sa.NewPendingAuthorization(AuthzFinal)
sa.UpdatePendingAuthorization(AuthzFinal)
sa.FinalizeAuthorization(AuthzFinal)
// Inject another final authorization to cover www.example.com
authzFinalWWW := AuthzFinal
authzFinalWWW.Identifier.Value = "www.not-example.com"
authzFinalWWW, _ = sa.NewPendingAuthorization(authzFinalWWW)
sa.FinalizeAuthorization(authzFinalWWW)
// Check that we fail if the CSR signature is invalid
ExampleCSR.Signature[0] += 1
certRequest := core.CertificateRequest{
CSR: ExampleCSR,
}
_, err := ra.NewCertificate(certRequest, Registration.ID)
ExampleCSR.Signature[0] -= 1
test.AssertError(t, err, "Failed to check CSR signature")
// Check that we don't fail on case mismatches
ExampleCSR.Subject.CommonName = "www.NOT-example.com"
certRequest = core.CertificateRequest{
CSR: ExampleCSR,
}
cert, err := ra.NewCertificate(certRequest, Registration.ID)
test.AssertNotError(t, err, "Failed to issue certificate")
if err != nil {
return
}
parsedCert, err := x509.ParseCertificate(cert.DER)
test.AssertNotError(t, err, "Failed to parse certificate")
if err != nil {
return
}
// Verify that cert shows up and is as expected
dbCert, err := sa.GetCertificate(core.SerialToString(parsedCert.SerialNumber))
test.AssertNotError(t, err, fmt.Sprintf("Could not fetch certificate %032x from database",
parsedCert.SerialNumber))
if err != nil {
return
}
test.Assert(t, bytes.Compare(cert.DER, dbCert.DER) == 0, "Certificates differ")
t.Log("DONE TestOnValidationUpdate")
}
func TestNewCertificate(t *testing.T) {
_, _, sa, ra := initAuthorities(t)
AuthzFinal.RegistrationID = 1
AuthzFinal, _ = sa.NewPendingAuthorization(AuthzFinal)
sa.UpdatePendingAuthorization(AuthzFinal)
sa.FinalizeAuthorization(AuthzFinal)
// Inject another final authorization to cover www.example.com
authzFinalWWW := AuthzFinal
authzFinalWWW.Identifier.Value = "www.not-example.com"
authzFinalWWW, _ = sa.NewPendingAuthorization(authzFinalWWW)
sa.FinalizeAuthorization(authzFinalWWW)
// Construct a cert request referencing the two authorizations
url1, _ := url.Parse("http://doesnt.matter/" + AuthzFinal.ID)
url2, _ := url.Parse("http://doesnt.matter/" + authzFinalWWW.ID)
certRequest := core.CertificateRequest{
CSR: ExampleCSR,
Authorizations: []core.AcmeURL{core.AcmeURL(*url1), core.AcmeURL(*url2)},
}
cert, err := ra.NewCertificate(certRequest, 1)
test.AssertNotError(t, err, "Failed to issue certificate")
if err != nil {
return
}
parsedCert, err := x509.ParseCertificate(cert.DER)
test.AssertNotError(t, err, "Failed to parse certificate")
if err != nil {
return
}
// Verify that cert shows up and is as expected
dbCert, err := sa.GetCertificate(core.SerialToString(parsedCert.SerialNumber))
test.AssertNotError(t, err, fmt.Sprintf("Could not fetch certificate %032x from database",
parsedCert.SerialNumber))
if err != nil {
return
}
test.Assert(t, bytes.Compare(cert.DER, dbCert.DER) == 0, "Certificates differ")
t.Log("DONE TestOnValidationUpdate")
}
func TestNewCertificate(t *testing.T) {
_, _, sa, ra, cleanUp := initAuthorities(t)
defer cleanUp()
AuthzFinal.RegistrationID = 1
AuthzFinal, _ = sa.NewPendingAuthorization(AuthzFinal)
sa.UpdatePendingAuthorization(AuthzFinal)
sa.FinalizeAuthorization(AuthzFinal)
// Inject another final authorization to cover www.example.com
authzFinalWWW := AuthzFinal
authzFinalWWW.Identifier.Value = "www.not-example.com"
authzFinalWWW, _ = sa.NewPendingAuthorization(authzFinalWWW)
sa.FinalizeAuthorization(authzFinalWWW)
certRequest := core.CertificateRequest{
CSR: ExampleCSR,
}
cert, err := ra.NewCertificate(certRequest, 1)
test.AssertNotError(t, err, "Failed to issue certificate")
if err != nil {
return
}
parsedCert, err := x509.ParseCertificate(cert.DER)
test.AssertNotError(t, err, "Failed to parse certificate")
if err != nil {
return
}
// Verify that cert shows up and is as expected
dbCert, err := sa.GetCertificate(core.SerialToString(parsedCert.SerialNumber))
test.AssertNotError(t, err, fmt.Sprintf("Could not fetch certificate %032x from database",
parsedCert.SerialNumber))
if err != nil {
return
}
test.Assert(t, bytes.Compare(cert.DER, dbCert.DER) == 0, "Certificates differ")
t.Log("DONE TestOnValidationUpdate")
}