Hi Hackers,
This is the third version patch for "Certificate status check using OCSP
Stapling" with ssl regression test cases added.
Here is how I run the ssl regression test:
./configure --enable-tap-tests --with-openssl
make -j
cd src/test/ssl
make sslfiles
make check PG_TEST_EXTRA=ssl
expected results:
# +++ tap check in src/test/ssl +++
t/001_ssltests.pl .. ok
t/002_scram.pl ..... ok
t/003_sslinfo.pl ... ok
All tests successful.
Files=3, Tests=279, 17 wallclock secs ( 0.05 usr 0.01 sys + 2.32
cusr 2.16 csys = 4.54 CPU)
Result: PASS
Notes, before executing the SSL regression tests with the command `make
check PG_TEST_EXTRA=ssl`, it is necessary to wait for 1 minute after
running `make sslfiles`. This delay is required because the newly
generated OCSP responses for the 'expired' test cases need 1 minute to
pass the nextUpdate period. Once the stapled OCSP response files for the
tests are committed as test input, there is no need to wait, similar to
certificate files.
Any comments or feedback would be greatly appreciated!
Thank you,
David
