Use openssl tools for testing difrent kind of errors

0 投票
最新提问 用户: (220 分)


I have some platform library (Windows/Linux/OS X/Android/iOS). On each platform network functionality is implemented using different API. This different implementation are hidden behind some common C++ interface.

Now using gtest I have set of test checking that each implementation behaves in same way. Currently I have some local lab to test some errors. For example to test client identity that is handled proeprly for valid identity or revoked, expired, invalid and so pm. I have different client certificates which are used on my server.


Problem is that this server is visible only in my local network. I wrote some python script which stars on local machine simple servers (to test that cipher suites, protocol version are properly configured). This is great since test can be run anywhere. I want to correct client identity certificate test to use same approach (start openssl server with proper parameters to achieve desired errors).

Problem is that I have no idea how to start openssl command line tool to cover all possible errors related with this functionality.

For example how to provide a server which will be able to report revoked client identity.

I need cover this cases:

  • bad identity
  • unsupported identity
  • unknown CA

other cases should not be a problem

  • proper identity
  • missing identity
  • expired identity
发表于 用户: (2.5k 分)
I'm not sure this is a good question for Stack Overflow. Asking how to run openssl from the command line is more suited for Super User or Unix & Linux Stack Exchange. Others seems to feel its better to ask on Serverfault (I would personally not recommend). It may accumulate downvotes.

登录 或者 注册 后回答这个问题。

欢迎来到 Security Q&A ,有什么不懂的可以尽管在这里提问,你将会收到社区其他成员的回答。