security/nss/tests/chains/scenarios/ocspd.cfg@6474c204b198
security/nss/tests/chains/scenarios/ocspd.cfg
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
1 # This Source Code Form is subject to the terms of the Mozilla Public
2 # License, v. 2.0. If a copy of the MPL was not distributed with this
3 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
5 scenario OCSPD
7 #root CA
8 entity OCSPRoot
9 type Root
10 export_key
12 #CA - OK
13 entity OCSPCA1
14 type Intermediate
15 issuer OCSPRoot
16 serial 1
17 ocsp online
18 export_key
20 #CA - revoked
21 entity OCSPCA2
22 type Intermediate
23 issuer OCSPRoot
24 serial 2
25 ocsp online
26 export_key
28 #CA - unknown status
29 entity OCSPCA3
30 type Intermediate
31 issuer OCSPRoot
32 serial 3
33 ocsp offline
34 export_key
36 #EE - OK
37 entity OCSPEE11
38 type EE
39 issuer OCSPCA1
40 serial 1
41 ocsp online
43 #EE - revoked on OCSP
44 entity OCSPEE12
45 type EE
46 issuer OCSPCA1
47 serial 2
48 ocsp online
50 #EE - revoked on CRL
51 entity OCSPEE13
52 type EE
53 issuer OCSPCA1
54 serial 3
55 ocsp online
57 #EE - revoked on OCSP and CRL
58 entity OCSPEE14
59 type EE
60 issuer OCSPCA1
61 serial 4
62 ocsp online
64 #EE - unknown status
65 entity OCSPEE15
66 type EE
67 issuer OCSPCA1
68 serial 5
69 ocsp offline
71 #EE - valid EE, revoked CA
72 entity OCSPEE21
73 type EE
74 issuer OCSPCA2
75 serial 1
76 ocsp online
78 #EE - revoked EE, revoked CA
79 entity OCSPEE22
80 type EE
81 issuer OCSPCA2
82 serial 2
83 ocsp online
85 #EE - revoked EE, CA pointing to invalid OCSP
86 entity OCSPEE23
87 type EE
88 issuer OCSPCA2
89 serial 3
90 ocsp offline
92 #EE - valid EE, CA pointing to invalid OCSP
93 entity OCSPEE31
94 type EE
95 issuer OCSPCA3
96 serial 1
97 ocsp online
99 #EE - revoked EE, CA pointing to invalid OCSP
100 entity OCSPEE32
101 type EE
102 issuer OCSPCA3
103 serial 2
104 ocsp online
106 #EE - EE pointing to invalid OCSP, CA pointing to invalid OCSP
107 entity OCSPEE33
108 type EE
109 issuer OCSPCA3
110 serial 3
111 ocsp offline
113 crl OCSPRoot
115 revoke OCSPRoot
116 serial 2
118 crl OCSPCA1
120 revoke OCSPCA1
121 serial 2
123 revoke OCSPCA1
124 serial 4
126 crl OCSPCA2
128 revoke OCSPCA2
129 serial 2
131 revoke OCSPCA2
132 serial 3
134 crl OCSPCA3
136 revoke OCSPCA3
137 serial 2
139 revoke OCSPCA3
140 serial 3
142 # Used for running a single OCSP server (httpserv) instance that can
143 # handle multiple CAs, e.g.:
144 # httpserv -p 8641 -d . -f dbpasswd \
145 # -A OCSPRoot -C OCSPRoot.crl -A OCSPCA1 -C OCSPCA1.crl \
146 # -A OCSPCA2 -C OCSPCA2.crl -A OCSPCA3 -C OCSPCA3.crl
147 db Server
148 import OCSPRoot::CT,C,C
149 import_key OCSPRoot
150 import_key OCSPCA1
151 import_key OCSPCA2
152 import_key OCSPCA3
154 # A DB containing all certs, but no keys.
155 # Useful for manual OCSP client testing, e.g.:
156 # ocspclnt -d . -S OCSPEE12OCSPCA1 -u s
157 db Client
158 import OCSPRoot::CT,C,C
159 import OCSPCA1OCSPRoot::
160 import OCSPCA2OCSPRoot::
161 import OCSPCA3OCSPRoot::
162 import OCSPEE11OCSPCA1::
163 import OCSPEE12OCSPCA1::
164 import OCSPEE13OCSPCA1::
165 import OCSPEE14OCSPCA1::
166 import OCSPEE15OCSPCA1::
167 import OCSPEE21OCSPCA2::
168 import OCSPEE22OCSPCA2::
169 import OCSPEE23OCSPCA2::
170 import OCSPEE31OCSPCA3::
171 import OCSPEE32OCSPCA3::
172 import OCSPEE33OCSPCA3::
