Add test suite against Let's Encrypt's staging environment.

https://letsencrypt.org/docs/staging-environment/

1 files changed, 32 insertions, 0 deletions

diff --git a/tests/cert-revoke b/tests/cert-revoke
new file mode 100644
index 0000000..f3d585e
--- /dev/null
+++ b/tests/cert-revoke
@@ -0,0 +1,32 @@
+# Certification revocation, using either the account key or the
+# certificate key
+
+# also check issuance for ECDSA keys
+openssl genpkey -algorithm EC -out /etc/lacme/simpletest.ecdsa.key \
+           -pkeyopt ec_paramgen_curve:P-256 \
+           -pkeyopt ec_param_enc:named_curve
+
+sed "s/rsa/ecdsa/" /etc/lacme/lacme-certs.conf.d/simpletest-rsa.conf > \
+    /etc/lacme/lacme-certs.conf.d/simpletest-ecdsa.conf
+
+# issue both RSA and ECDSA certificates
+lacme newOrder 2>"$STDERR" || fail newOrder
+test /etc/lacme/simpletest.rsa.crt   -nt /etc/lacme/simpletest.rsa.key
+test /etc/lacme/simpletest.ecdsa.crt -nt /etc/lacme/simpletest.ecdsa.key
+
+# revoke the ECDSA certificate using the account key
+lacme revokeCert /etc/lacme/simpletest.ecdsa.crt
+! lacme revokeCert /etc/lacme/simpletest.ecdsa.crt 2>"$STDERR" || fail
+grepstderr -Fxq "Revoking /etc/lacme/simpletest.ecdsa.crt"
+grepstderr -Fxq "400 Bad Request (Certificate already revoked)"
+grepstderr -Fxq "Warning: Couldn't revoke /etc/lacme/simpletest.ecdsa.crt"
+
+# and the RSA certificate using the service key
+mv -vfT /etc/lacme/simpletest.rsa.key /etc/lacme/account.key
+lacme revokeCert /etc/lacme/simpletest.rsa.crt
+! lacme revokeCert /etc/lacme/simpletest.rsa.crt 2>"$STDERR" || fail
+grepstderr -Fxq "Revoking /etc/lacme/simpletest.rsa.crt"
+grepstderr -Fxq "400 Bad Request (Certificate already revoked)"
+grepstderr -Fxq "Warning: Couldn't revoke /etc/lacme/simpletest.rsa.crt"
+
+# vim: set filetype=sh :