func initializeBBSClient(logger lager.Logger, bbsClientHTTPTimeout time.Duration) bbs.InternalClient {
bbsURL, err := url.Parse(bbsAddress)
if err != nil {
logger.Fatal("Invalid BBS URL", err)
}
if bbsURL.Scheme != "https" {
return bbs.NewClient(bbsAddress)
}
cfhttp.Initialize(bbsClientHTTPTimeout)
bbsClient, err := bbs.NewSecureSkipVerifyClient(bbsAddress, bbsClientCert, bbsClientKey, 1, 25000)
if err != nil {
logger.Fatal("Failed to configure secure BBS client", err)
}
return bbsClient
}
JustBeforeEach(func() {
client = bbs.NewClient(bbsURL.String())
bbsRunner = testrunner.New(bbsBinPath, bbsArgs)
bbsProcess = ginkgomon.Invoke(bbsRunner)
})
BeforeEach(func() {
bbsArgs.RequireSSL = true
bbsArgs.CertFile = path.Join(basePath, "green-certs", "server.crt")
bbsArgs.KeyFile = path.Join(basePath, "green-certs", "server.key")
})
It("succeeds for a client configured with the right certificate", func() {
certFile := path.Join(basePath, "green-certs", "client.crt")
keyFile := path.Join(basePath, "green-certs", "client.key")
client, err = bbs.NewSecureSkipVerifyClient(bbsURL.String(), certFile, keyFile, 0, 0)
Expect(err).NotTo(HaveOccurred())
})
It("fails for a client configured with the wrong certificates", func() {
certFile := path.Join(basePath, "blue-certs", "client.crt")
keyFile := path.Join(basePath, "blue-certs", "client.key")
client, err = bbs.NewSecureSkipVerifyClient(bbsURL.String(), certFile, keyFile, 0, 0)
Expect(err).NotTo(HaveOccurred())
Expect(client.Ping(logger)).To(BeFalse())
})
})
Context("when configuring the auctioneer client with mutual SSL", func() {
BeforeEach(func() {
bbsArgs.AuctioneerCACert = path.Join(basePath, "green-certs", "server-ca.crt")