1 require 'spec_helper_acceptance'
2 require_relative './version.rb'
6 vhostd = '/etc/httpd/conf.d'
8 vhostd = '/etc/apache2/sites-available'
11 describe 'apache ssl', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
13 describe 'ssl parameters' do
14 it 'runs without error' do
17 service_ensure => stopped,
18 default_ssl_vhost => true,
19 default_ssl_cert => '/tmp/ssl_cert',
20 default_ssl_key => '/tmp/ssl_key',
21 default_ssl_chain => '/tmp/ssl_chain',
22 default_ssl_ca => '/tmp/ssl_ca',
23 default_ssl_crl_path => '/tmp/ssl_crl_path',
24 default_ssl_crl => '/tmp/ssl_crl',
25 default_ssl_crl_check => 'chain',
28 apply_manifest(pp, :catch_failures => true)
31 describe file("#{vhostd}/15-default-ssl.conf") do
32 it { is_expected.to be_file }
33 it { is_expected.to contain 'SSLCertificateFile "/tmp/ssl_cert"' }
34 it { is_expected.to contain 'SSLCertificateKeyFile "/tmp/ssl_key"' }
35 it { is_expected.to contain 'SSLCertificateChainFile "/tmp/ssl_chain"' }
36 it { is_expected.to contain 'SSLCACertificateFile "/tmp/ssl_ca"' }
37 it { is_expected.to contain 'SSLCARevocationPath "/tmp/ssl_crl_path"' }
38 it { is_expected.to contain 'SSLCARevocationFile "/tmp/ssl_crl"' }
39 if $apache_version == '2.4'
40 it { is_expected.to contain 'SSLCARevocationCheck "chain"' }
42 it { is_expected.not_to contain 'SSLCARevocationCheck' }
47 describe 'vhost ssl parameters' do
48 it 'runs without error' do
51 service_ensure => stopped,
54 apache::vhost { 'test_ssl':
55 docroot => '/tmp/test',
57 ssl_cert => '/tmp/ssl_cert',
58 ssl_key => '/tmp/ssl_key',
59 ssl_chain => '/tmp/ssl_chain',
60 ssl_ca => '/tmp/ssl_ca',
61 ssl_crl_path => '/tmp/ssl_crl_path',
62 ssl_crl => '/tmp/ssl_crl',
63 ssl_crl_check => 'chain',
64 ssl_certs_dir => '/tmp',
65 ssl_protocol => 'test',
67 ssl_honorcipherorder => 'test',
68 ssl_verify_client => 'test',
69 ssl_verify_depth => 'test',
70 ssl_options => ['test', 'test1'],
71 ssl_proxyengine => true,
74 apply_manifest(pp, :catch_failures => true)
77 describe file("#{vhostd}/25-test_ssl.conf") do
78 it { is_expected.to be_file }
79 it { is_expected.to contain 'SSLCertificateFile "/tmp/ssl_cert"' }
80 it { is_expected.to contain 'SSLCertificateKeyFile "/tmp/ssl_key"' }
81 it { is_expected.to contain 'SSLCertificateChainFile "/tmp/ssl_chain"' }
82 it { is_expected.to contain 'SSLCACertificateFile "/tmp/ssl_ca"' }
83 it { is_expected.to contain 'SSLCARevocationPath "/tmp/ssl_crl_path"' }
84 it { is_expected.to contain 'SSLCARevocationFile "/tmp/ssl_crl"' }
85 it { is_expected.to contain 'SSLProxyEngine On' }
86 it { is_expected.to contain 'SSLProtocol test' }
87 it { is_expected.to contain 'SSLCipherSuite test' }
88 it { is_expected.to contain 'SSLHonorCipherOrder test' }
89 it { is_expected.to contain 'SSLVerifyClient test' }
90 it { is_expected.to contain 'SSLVerifyDepth test' }
91 it { is_expected.to contain 'SSLOptions test test1' }
92 if $apache_version == '2.4'
93 it { is_expected.to contain 'SSLCARevocationCheck "chain"' }
95 it { is_expected.not_to contain 'SSLCARevocationCheck' }