URL: https://github.com/freeipa/freeipa/pull/5002 Author: mrizwan93 Title: #5002: ipatests: Test certmonger rekey command works fine Action: opened
PR body: """ Certmonger's rekey command was throwing an error as unrecognized command. Test is to check if it is working fine. related: https://bugzilla.redhat.com/show_bug.cgi?id=1249165 Signed-off-by: Mohammad Rizwan <myu...@redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5002/head:pr5002 git checkout pr5002
From 2534890332571cb77f8177c6a5195d45d51ef60b Mon Sep 17 00:00:00 2001 From: Mohammad Rizwan <myu...@redhat.com> Date: Thu, 6 Aug 2020 17:06:21 +0530 Subject: [PATCH] ipatests: Test certmonger rekey command works fine Certmonger's rekey command was throwing an error as unrecognized command. Test is to check if it is working fine. related: https://bugzilla.redhat.com/show_bug.cgi?id=1249165 Signed-off-by: Mohammad Rizwan <myu...@redhat.com> --- ipatests/test_integration/test_cert.py | 46 ++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/ipatests/test_integration/test_cert.py b/ipatests/test_integration/test_cert.py index 865578941c..fd478116ab 100644 --- a/ipatests/test_integration/test_cert.py +++ b/ipatests/test_integration/test_cert.py @@ -216,6 +216,52 @@ def test_getcert_list_profile_using_subca(self, test_subca_certs): raise AssertionError("certmonger request is " "in state {}". format(status)) + def test_certmonger_rekey_option(self): + """Test certmonger rekey command works fine + + Certmonger's rekey command was throwing an error as + unrecognized command. Test is to check if it is working fine. + + related: https://bugzilla.redhat.com/show_bug.cgi?id=1249165 + """ + result = self.master.run_command([ + 'ipa-getcert', 'request', + '-f', '/etc/pki/tls/certs/test_rekey.pem', + '-k', '/etc/pki/tls/private/test.key', + '-K', 'test/{}'.format(self.master.hostname)]) + request_id = re.findall(r'\d+', result.stdout_text) + + status = tasks.wait_for_request(self.master, request_id[0], 50) + assert status == "MONITORING" + + certdata = self.master.get_file_contents( + '/etc/pki/tls/certs/test_rekey.pem' + ) + cert = x509.load_pem_x509_certificate( + certdata, default_backend() + ) + assert cert.public_key().key_size == 2048 + + # rekey with key size 3072 + self.master.run_command(['getcert', 'rekey', + '-i', request_id[0], + '-g', '3072']) + + status = tasks.wait_for_request(self.master, request_id[0], 50) + assert status == "MONITORING" + + certdata = self.master.get_file_contents( + '/etc/pki/tls/certs/test_rekey.pem' + ) + cert = x509.load_pem_x509_certificate( + certdata, default_backend() + ) + # check if rekey command updated the key size + assert cert.public_key().key_size == 3072 + + self.master.run_command(['getcert', 'stop-tracking' + '-i', request_id[0]]) + class TestCertmongerInterruption(IntegrationTest): num_replicas = 1
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org
