caba47dd3f
* Add support for GSSAPI/Kerberos to urls.py * Test out changes with the latest test container * Get remote hosts working * Fix up httptester_krb5_password reader * Fix tests for opensuse and macOS * Hopefully last lot of testing changes * Dont do CBT on macOS * Fixes from review
32 lines
977 B
YAML
32 lines
977 B
YAML
- name: get peercert for HTTP connection
|
|
test_peercert:
|
|
url: http://{{ httpbin_host }}/get
|
|
register: cert_http
|
|
|
|
- name: assert get peercert for HTTP connection
|
|
assert:
|
|
that:
|
|
- cert_http.raw_cert == None
|
|
|
|
- name: get peercert for HTTPS connection
|
|
test_peercert:
|
|
url: https://{{ httpbin_host }}/get
|
|
register: cert_https
|
|
|
|
# Alpine does not have openssl, just make sure the text was actually set instead
|
|
- name: check if openssl is installed
|
|
command: which openssl
|
|
ignore_errors: yes
|
|
register: openssl
|
|
|
|
- name: get actual certificate from endpoint
|
|
shell: echo | openssl s_client -connect {{ httpbin_host }}:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
|
|
register: cert_https_actual
|
|
changed_when: no
|
|
when: openssl is successful
|
|
|
|
- name: assert get peercert for HTTPS connection
|
|
assert:
|
|
that:
|
|
- cert_https.raw_cert != None
|
|
- openssl is failed or cert_https.raw_cert == cert_https_actual.stdout_lines[1:-1] | join("")
|