Commit 1f9a0437 authored by Sergei Golubchik's avatar Sergei Golubchik

new C/C and --ssl-verify-server-cert tests

tests for --ssl-verify-server-cert with system CA
and with incorrect hostname
parent 8eec2d61
Subproject commit a1283d0b10a3b675bede48d9fe2d082865a24a6c Subproject commit 8e9c3116105d9a998a60991b7f4ba910d454d4b1
ERROR 2026 (HY000): SSL connection error: Validation of SSL server certificate failed
*************************** 1. row ***************************
have_ssl: 1
[good]
#
# hostname on the certificate is localhost
#
[bad]
#
# hostname on the certificate is server8k
#
loose-ssl-key=$MYSQL_TEST_DIR/std_data/server8k-key.pem
loose-ssl-cert=$MYSQL_TEST_DIR/std_data/server8k-cert.pem
#
# Tests here don't use --ssl-ca but expect the certificate to be
# signed by a CA in a system CA store
#
# They only work for openssl, because the following line works only there:
let SSL_CERT_DIR=$MYSQL_TMP_DIR;
if (`select @@version_ssl_library not like 'OpenSSL%'`) {
skip Needs OpenSSL;
}
# See `openssl x509 -in cacert.pem -noout -issuer_hash`
copy_file $MYSQL_TEST_DIR/std_data/cacert.pem $MYSQL_TMP_DIR/ed1f42db.0;
#
# test --ssl-verify-server-cert
#
disable_abort_on_error;
exec $MYSQL --ssl-verify-server-cert -Ee "select (variable_value <> '') as have_ssl from information_schema.session_status where variable_name='ssl_cipher'" 2>&1;
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment