diff options
| author | Thomas Vanbesien <tvanbesi@proton.me> | 2026-02-18 23:09:43 +0100 |
|---|---|---|
| committer | Thomas Vanbesien <tvanbesi@proton.me> | 2026-02-18 23:09:43 +0100 |
| commit | 8bfd0dc6b44438ba6c5d2844ce21fbc2adfe3f1a (patch) | |
| tree | 8dc81d68d88652f2e4c7643c5cbfd17f24809366 /CMakeLists.txt | |
| parent | 74f18c6264618187386a5dc8b1152faa8727bf53 (diff) | |
| download | BobinkCOpcUa-8bfd0dc6b44438ba6c5d2844ce21fbc2adfe3f1a.tar.gz BobinkCOpcUa-8bfd0dc6b44438ba6c5d2844ce21fbc2adfe3f1a.zip | |
Add TOFU certificate bootstrap integration test
Make download-cert always use an unsecure client so it can connect to
a server's None discovery endpoint without the server certificate in
the trust store. Add a cert_bootstrap test that verifies the full
Trust On First Use workflow: find-servers succeeds, get-endpoints fails
(untrusted cert), download-cert retrieves the certificate via None,
then get-endpoints and read-time both succeed.
Diffstat (limited to 'CMakeLists.txt')
| -rw-r--r-- | CMakeLists.txt | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 5b117b6..77d4ffb 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -84,3 +84,10 @@ add_test(NAME "download_cert" "tests/secure_anonymous") set_tests_properties( "download_cert" PROPERTIES WORKING_DIRECTORY "${CMAKE_SOURCE_DIR}" TIMEOUT 30) + +add_test(NAME "cert_bootstrap" + COMMAND bash "${CMAKE_SOURCE_DIR}/tests/run_cert_bootstrap_test.sh" + "tests/cert_bootstrap") +set_tests_properties( + "cert_bootstrap" PROPERTIES WORKING_DIRECTORY "${CMAKE_SOURCE_DIR}" TIMEOUT + 30) |