Added testcase to verify client certificate install
Change-Id: I5951d501a99265ffaf6a46e4b65ab7c1d3ca5b60
Signed-off-by: Rahul Maheshwari <rahulmaheshwari@in.ibm.com>
diff --git a/data/variables.py b/data/variables.py
index effd22e..86cad33 100755
--- a/data/variables.py
+++ b/data/variables.py
@@ -149,6 +149,8 @@
REDFISH_NW_PROTOCOL_URI = REDFISH_BASE_URI + REDFISH_NW_PROTOCOL
REDFISH_ACCOUNTS = 'AccountService/Accounts/'
REDFISH_ACCOUNTS_URI = REDFISH_BASE_URI + REDFISH_ACCOUNTS
+REDFISH_LDAP_CERTIFICATE = 'AccountService/LDAP/Certificates'
+REDFISH_LDAP_CERTIFICATE_URI = REDFISH_BASE_URI + REDFISH_LDAP_CERTIFICATE
# Boot options and URI variables.
POWER_ON = 'On'
diff --git a/redfish/managers/test_certificate.robot b/redfish/managers/test_certificate.robot
index 758bc05..8b4b48a 100644
--- a/redfish/managers/test_certificate.robot
+++ b/redfish/managers/test_certificate.robot
@@ -38,6 +38,18 @@
Client Expired Certificate error
+Verify Client Certificate Install
+ [Documentation] Verify client certificate install.
+ [Tags] Verify_Client_Certificate_Install
+ [Template] Test Client Certificate Install Via Redfish
+
+ # cert_format expected_status
+ Valid Certificate Valid Privatekey ok
+ Empty Certificate Valid Privatekey error
+ Valid Certificate Empty Privatekey error
+ Empty Certificate Empty Privatekey error
+
+
Verify Server Certificate View Via Openssl
[Documentation] Verify server certificate via openssl command.
[Tags] Verify_Server_Certificate_View_Via_Openssl
@@ -60,6 +72,66 @@
*** Keywords ***
+Test Client Certificate Install Via Redfish
+ [Documentation] Test client certificate install in the BMC via Redfish.
+ [Arguments] ${cert_format} ${expected_status}
+
+ # Description of argument(s):
+ # cert_format Certificate file format
+ # (e.g. "Valid_Certificate_Valid_Privatekey").
+ # expected_status Expected status of certificate replace Redfish
+ # request (i.e. "ok" or "error").
+
+ OpenBMC Delete Request ${CLIENT_CERTIFICATE_URI}
+ # Adding delay after certificate deletion.
+ Sleep 15s
+
+ redfish.Login
+ ${time}= Set Variable If '${cert_format}' == 'Expired Certificate' -10 365
+ ${cert_file_path}= Generate Certificate File Via Openssl ${cert_format} ${time}
+ ${file_data}= OperatingSystem.Get Binary File ${cert_file_path}
+
+ Install Client Certificate File On BMC ${REDFISH_LDAP_CERTIFICATE_URI}
+ ... ${expected_status} data=${file_data}
+
+ # Adding delay after certificate installation.
+ Sleep 15s
+
+ ${cert_file_content}= OperatingSystem.Get File ${cert_file_path}
+ ${bmc_cert_content}= Run Keyword If '${expected_status}' == 'ok' redfish_utils.Get Attribute
+ ... ${REDFISH_LDAP_CERTIFICATE_URI}/1 CertificateString
+
+ Run Keyword If '${expected_status}' == 'ok' Should Contain ${cert_file_content} ${bmc_cert_content}
+
+
+Install Client Certificate File On BMC
+ [Documentation] Install certificate file in BMC using POST operation.
+ [Arguments] ${uri} ${status}=ok &{kwargs}
+
+ # Description of argument(s):
+ # uri URI for installing certificate file via REST
+ # e.g. "/xyz/openbmc_project/certs/server/https".
+ # status Expected status of certificate installation via REST
+ # e.g. error, ok.
+ # kwargs A dictionary of keys/values to be passed directly to
+ # POST Request.
+
+ Initialize OpenBMC quiet=${quiet}
+
+ ${headers}= Create Dictionary Content-Type=application/octet-stream
+ ... X-Auth-Token=${XAUTH_TOKEN}
+ Set To Dictionary ${kwargs} headers ${headers}
+
+ ${ret}= Post Request openbmc ${uri} &{kwargs}
+
+ Run Keyword If '${status}' == 'ok'
+ ... Should Be Equal As Strings ${ret.status_code} ${HTTP_OK}
+ ... ELSE IF '${status}' == 'error'
+ ... Should Be Equal As Strings ${ret.status_code} ${HTTP_INTERNAL_SERVER_ERROR}
+
+ Delete All Sessions
+
+
Replace Certificate Via Redfish
[Documentation] Test 'replace certificate' operation in the BMC via Redfish.
[Arguments] ${cert_type} ${cert_format} ${expected_status}