Revision c6cdae34
Added by Dominic Cleal over 9 years ago
spec/classes/foreman_config_passenger_spec.rb | ||
---|---|---|
|
||
describe 'with vhost and ssl' do
|
||
let :params do {
|
||
:app_root => '/usr/share/foreman',
|
||
:use_vhost => true,
|
||
:servername => facts[:fqdn],
|
||
:ssl => true,
|
||
:ssl_cert => 'cert.pem',
|
||
:ssl_key => 'key.pem',
|
||
:ssl_ca => 'ca.pem',
|
||
:app_root => '/usr/share/foreman',
|
||
:use_vhost => true,
|
||
:servername => facts[:fqdn],
|
||
:ssl => true,
|
||
:ssl_cert => 'cert.pem',
|
||
:ssl_key => 'key.pem',
|
||
:ssl_ca => 'ca.pem',
|
||
:ssl_crl => 'crl.pem',
|
||
:prestart => true,
|
||
:min_instances => '1',
|
||
:start_timeout => '600',
|
||
... | ... | |
:ssl_key => params[:ssl_key],
|
||
:ssl_chain => params[:ssl_chain],
|
||
:ssl_ca => params[:ssl_ca],
|
||
:ssl_crl => params[:ssl_crl],
|
||
:ssl_verify_client => 'optional',
|
||
:ssl_options => '+StdEnvVars',
|
||
:ssl_verify_depth => '3',
|
||
:ssl_crl_check => 'chain',
|
||
:custom_fragment => %r{^<Directory #{params[:app_root]}/public>$},
|
||
})
|
||
end
|
||
end
|
||
|
||
describe 'with vhost and ssl, no CRL' do
|
||
let :params do {
|
||
:app_root => '/usr/share/foreman',
|
||
:use_vhost => true,
|
||
:servername => facts[:fqdn],
|
||
:ssl => true,
|
||
:ssl_cert => 'cert.pem',
|
||
:ssl_key => 'key.pem',
|
||
:ssl_ca => 'ca.pem',
|
||
:prestart => true,
|
||
:min_instances => '1',
|
||
:start_timeout => '600',
|
||
:ruby => '/usr/bin/ruby193-ruby'
|
||
} end
|
||
|
||
it do
|
||
should contain_apache__vhost('foreman-ssl').without_ssl_crl
|
||
should contain_apache__vhost('foreman-ssl').without_ssl_crl_chain
|
||
end
|
||
end
|
||
end
|
||
|
||
context 'on debian' do
|
Also available in: Unified diff
Add CRL checking to Foreman SSL vhost