def test_context_verify_invalid_chain_length(self, mock_utcnow):
mock_utcnow.return_value = datetime.datetime(2017, 11, 1)
certs = self.load_certificates(
['grandparent_cert.pem', 'parent_cert.pem', 'child_cert.pem']
)
cert_tuples = [
('1', certs[0]),
('2', certs[1]),
('3', certs[2])
]
cert = self.load_certificate('grandchild_cert.pem')
context = certificate_utils.CertificateVerificationContext(
cert_tuples
)
context.update(cert)
self.assertRaisesRegex(
exception.SignatureVerificationError,
"Certificate validation failed. The signing certificate '1' is "
"not configured to support certificate chains of sufficient "
"length.",
context.verify
)
context = certificate_utils.CertificateVerificationContext(
cert_tuples,
enforce_path_length=False
)
context.update(cert)
context.verify()
评论列表
文章目录
