aboutsummaryrefslogtreecommitdiffstats
path: root/tests/tls-pin-fingerprint
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2020-12-09 14:57:11 +0100
committerGuilhem Moulin <guilhem@fripost.org>2020-12-09 14:57:11 +0100
commitb13c9fa6f442f555af65f869b954935dae40fcc4 (patch)
tree18134835502271153c51fa7d0fb60e1c454016e7 /tests/tls-pin-fingerprint
parent1630f2387c52a0ac460922eda6535165fdb279d1 (diff)
test suite: use a RSA certificate rather than ECDSA.
It's arguably the most common use-case. Generated with $ openssl genpkey -algorithm RSA -out tests/snippets/dovecot/dovecot.rsa.key $ openssl req -x509 -days 3650 -subj "/CN=InterIMAP test suite" \ -key tests/snippets/dovecot/dovecot.rsa.key \ -out tests/snippets/dovecot/dovecot.rsa.crt
Diffstat (limited to 'tests/tls-pin-fingerprint')
-rw-r--r--tests/tls-pin-fingerprint/t6
1 files changed, 5 insertions, 1 deletions
diff --git a/tests/tls-pin-fingerprint/t b/tests/tls-pin-fingerprint/t
index 1b84390..612bc44 100644
--- a/tests/tls-pin-fingerprint/t
+++ b/tests/tls-pin-fingerprint/t
@@ -1,3 +1,7 @@
+PKEY_SHA256="$(doveconf -c "$HOME_remote/.dovecot/config" -hx ssl_cert \
+ | openssl x509 -pubkey | openssl pkey -pubin -outform DER \
+ | openssl dgst -sha256 | sed -rn "/^.*=\\s*/ {s///p;q}")"
+
# backup config
install -m0600 "$XDG_CONFIG_HOME/interimap/config" "$XDG_CONFIG_HOME/interimap/config~"
with_remote_config() {
@@ -7,7 +11,7 @@ with_remote_config() {
# pinned valid fingerprint
with_remote_config <<-EOF
- SSL_fingerprint = sha256\$e8fc8d03ffe75e03897136a2f1c5647bf8c36be7136a6883a732a8c4961c1614
+ SSL_fingerprint = sha256\$$PKEY_SHA256
EOF
for ((i = 0; i < 32; i++)); do