URL: https://github.com/freeipa/freeipa/pull/4998 Author: mrizwan93 Title: #4998: ipatests: Test certmonger rekey command works fine Action: opened
PR body: """ Certmonger's rekey command was throwing an error as unrecognized command. Test is to check if it is working fine. related: https://bugzilla.redhat.com/show_bug.cgi?id=1249165 Signed-off-by: Mohammad Rizwan <myu...@redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/4998/head:pr4998 git checkout pr4998
From 7a3cba77bdad8ad7cf628b8df8e99b2c8f449702 Mon Sep 17 00:00:00 2001 From: Mohammad Rizwan <myu...@redhat.com> Date: Thu, 6 Aug 2020 14:16:31 +0530 Subject: [PATCH] ipatests: Test certmonger rekey command works fine Certmonger's rekey command was throwing an error as unrecognized command. Test is to check if it is working fine. related: https://bugzilla.redhat.com/show_bug.cgi?id=1249165 Signed-off-by: Mohammad Rizwan <myu...@redhat.com> --- ipatests/test_integration/test_cert.py | 40 ++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/ipatests/test_integration/test_cert.py b/ipatests/test_integration/test_cert.py index 865578941c..747c16ec3c 100644 --- a/ipatests/test_integration/test_cert.py +++ b/ipatests/test_integration/test_cert.py @@ -9,6 +9,7 @@ import ipaddress import pytest import re +import time from ipaplatform.paths import paths from cryptography import x509 @@ -216,6 +217,45 @@ def test_getcert_list_profile_using_subca(self, test_subca_certs): raise AssertionError("certmonger request is " "in state {}". format(status)) + def test_certmonger_rekey_option(self): + """Test certmonger rekey command works fine + + Certmonger's rekey command was throwing an error as + unrecognized command. Test is to check if it is working fine. + + related: https://bugzilla.redhat.com/show_bug.cgi?id=1249165 + """ + result = self.master.run_command([ + 'ipa-getcert', 'request', + '-f', '/etc/pki/tls/certs/test.pem', + '-k', '/etc/pki/tls/private/test.key', + '-K', 'test/{}'.format(self.master.hostname)]) + request_id = get_certmonger_fs_id(result.stdout_text) + certdata = self.master.get_file_contents( + '/etc/pki/tls/certs/test.pem' + ) + cert = x509.load_pem_x509_certificate( + certdata, default_backend() + ) + assert cert.public_key().key_size == 2048 + + # rekey with key size 3072 + self.master.run_command(['getcert', 'rekey', + '-i', request_id, + '-g', '3072']) + time.sleep(60) + certdata = self.master.get_file_contents( + '/etc/pki/tls/certs/test.pem' + ) + cert = x509.load_pem_x509_certificate( + certdata, default_backend() + ) + # check if rekey command updated the key size + assert cert.public_key().key_size == 3072 + + self.master.run_command(['getcert', 'stop-tracking' + '-i', request_id]) + class TestCertmongerInterruption(IntegrationTest): num_replicas = 1
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org
