Files
@ 17cf34f73ca6
Branch filter:
Location: majic-ansible-roles/testsite/tls/gnutls_server_certificate.cfg.j2 - annotation
17cf34f73ca6
828 B
text/plain
MAR-28: Implemented additional tests for mail_server role:
- Deploy a number of tools on clients in order to test SMTP, IMAP, and Sieve
services.
- Added one more user to LDAP directory for testing group restrictions.
- Deploy CA certificate on all testing machines for TLS validation purposes.
- Use different custom-configured cipher for mail server ciphers.
- Fixed invalid postmaster address for parameters-optional host.
- Deploy configuration files for use with Imap-CLI on client test machines.
- Updated testing of SMTP server to include checks for users that do not belong
to mail group.
- Extended some SMTP-related tests to cover both test servers.
- Some small fixes in SMTP-related tests for expected output from commands.
- Implemented tests covering Dovecot (IMAP + Sieve) functionality.
- Implemented tests for running/enabled services.
- Implemented tests for ClamAV.
- Implemented tests for firewall and connectivity.
- Implemented tests for Postfix TLS configuration.
- TODO: Tests for Sieve TLS configuration have not been written yet due to
limitation of available tools.
- Deploy a number of tools on clients in order to test SMTP, IMAP, and Sieve
services.
- Added one more user to LDAP directory for testing group restrictions.
- Deploy CA certificate on all testing machines for TLS validation purposes.
- Use different custom-configured cipher for mail server ciphers.
- Fixed invalid postmaster address for parameters-optional host.
- Deploy configuration files for use with Imap-CLI on client test machines.
- Updated testing of SMTP server to include checks for users that do not belong
to mail group.
- Extended some SMTP-related tests to cover both test servers.
- Some small fixes in SMTP-related tests for expected output from commands.
- Implemented tests covering Dovecot (IMAP + Sieve) functionality.
- Implemented tests for running/enabled services.
- Implemented tests for ClamAV.
- Implemented tests for firewall and connectivity.
- Implemented tests for Postfix TLS configuration.
- TODO: Tests for Sieve TLS configuration have not been written yet due to
limitation of available tools.
052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 70733167cdf8 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 70733167cdf8 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 052eefc4fab0 884beb9a0e1d 884beb9a0e1d 884beb9a0e1d 884beb9a0e1d 884beb9a0e1d | # X.509 Certificate options
#
# DN options
# The organization of the subject.
organization = "Example Inc."
# The country of the subject. Two letter code.
country = SE
# The common name of the certificate owner.
cn = "Exampe Inc. {{ item.name }} Server"
# In how many days, counting from today, this certificate will expire.
expiration_days = 365
# X.509 v3 extensions
# A dnsname in case of a WWW server.
dns_name = "{{ item.hostname }}.{{ testsite_domain }}"
# Whether this certificate will be used for a TLS server
tls_www_server
# Whether this certificate will be used to sign data (needed
# in TLS DHE ciphersuites).
signing_key
# Whether this certificate will be used to encrypt data (needed
# in TLS RSA ciphersuites). Note that it is preferred to use different
# keys for encryption and signing.
encryption_key
|