View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0009598CTT UA Scripts3 - Feature Requestpublic2024-06-12 16:352024-07-04 14:45
ReporterRandy Armstrong Assigned ToAlexander Allmendinger  
PrioritynormalSeverityminorReproducibilityalways
Status assignedResolutionopen 
Summary0009598: Need a Test to Verify that serverSignature is only produced for valid Certificates.
Description

The serverSignature returned includes the ClientCertificate. Need to verify that:

1) The ClientCertificate that does not match the SecureChannel are rejected.
2) With HTTPS, the ClientCertificate is validated and invalid Certificates result in an error and are not used to produce a Signature.

Should apply to 1.03 and 1.04.

TagsNo tags attached.
Files Affected

Activities

Paul Hunkar

2024-07-04 14:37

administrator   ~0021412

Two test case

  • one in which two valid trusted certificate for the same client are used - one for secure channel other for session.
  • one in which a non-trusted client certificate is passed for the session

Paul Hunkar

2024-07-04 14:41

administrator   ~0021413

Note: test 053 in certificate validation appears to be what we are looking for, but session base has a somewhat different test - with a different expected result - need to review and check what is going on - Probably this is is a no change required.

Paul Hunkar

2024-07-04 14:45

administrator   ~0021414

The test cases exist - but the CTT need to implement these test cases in scripts - moved issue to scripts

Issue History

Date Modified Username Field Change
2024-06-12 16:35 Randy Armstrong New Issue
2024-06-12 16:40 Randy Armstrong Description Updated
2024-07-04 14:36 Paul Hunkar Assigned To => Alexander Allmendinger
2024-07-04 14:36 Paul Hunkar Status new => assigned
2024-07-04 14:37 Paul Hunkar Note Added: 0021412
2024-07-04 14:41 Paul Hunkar Note Added: 0021413
2024-07-04 14:43 Paul Hunkar Project CTT UA Test Case => CTT UA Scripts
2024-07-04 14:45 Paul Hunkar Note Added: 0021414