SecurityTests/clxutils/certcrl/testSubjects/gipCps/gipCps.scr

   1 # test verification of the odd cert from GIP_CPS - it's an intermediate
   2 # cert in which subjectName == issuerName. This specifically verifies
   3 # Radar 3374978.
   4 #
   5 # This is suppoedly a CRL signing cert, and ideally we'd actually use
   6 # it to verify a CRL but I haven't found any CRLs associated with this
   7 # organization. FOr now we just make sure that the TPO can verify the cert
   8 # with the associated root in system anchors.
   9 #
  10 globals
  11 allowUnverified = true
  12 crlNetFetchEnable = false
  13 certNetFetchEnable = false
  14 useSystemAnchors = true
  15 end
  16 #
  17 test = test1
  18 echo Verify the GIP-CPS CRL signing cert
  19 cert = gipCps0.cer
  20 leafCertIsCA = true
  21 verifyTime = 20061201000000
  22 # verify leaf does NOT appear as a root (even though its subject and issuer
  23 # names are the same.... IS_IN_INPUT_CERTS only.
  24 certstatus = 0:0x04
  25 # ensure 2 certs come back and the second one is an anchor/root
  26 # IS_IN_ANCHORS  IS_ROOT
  27 certstatus = 1:0x18
  28 end