Modified delete certificate for deleting CA certificate
Change-Id: Iea37d5aefe43b1ff2548a99912c77b27c7f05fc0
Signed-off-by: Rahul Maheshwari <rahulmaheshwari@in.ibm.com>
diff --git a/data/variables.py b/data/variables.py
index 86cad33..46fff55 100755
--- a/data/variables.py
+++ b/data/variables.py
@@ -151,6 +151,8 @@
REDFISH_ACCOUNTS_URI = REDFISH_BASE_URI + REDFISH_ACCOUNTS
REDFISH_LDAP_CERTIFICATE = 'AccountService/LDAP/Certificates'
REDFISH_LDAP_CERTIFICATE_URI = REDFISH_BASE_URI + REDFISH_LDAP_CERTIFICATE
+REDFISH_CA_CERTIFICATE = 'Managers/bmc/Truststore/Certificates'
+REDFISH_CA_CERTIFICATE_URI = REDFISH_BASE_URI + REDFISH_CA_CERTIFICATE
# Boot options and URI variables.
POWER_ON = 'On'
diff --git a/redfish/managers/test_certificate.robot b/redfish/managers/test_certificate.robot
index 54969cc..d6c0cec 100644
--- a/redfish/managers/test_certificate.robot
+++ b/redfish/managers/test_certificate.robot
@@ -17,11 +17,11 @@
[Tags] Verify_Server_Certificate_Replace
[Template] Replace Certificate Via Redfish
- # cert_type cert_format expected_status
- Server Valid Certificate Valid Privatekey ok
- Server Empty Certificate Valid Privatekey error
- Server Valid Certificate Empty Privatekey error
- Server Empty Certificate Empty Privatekey error
+ # cert_type cert_format expected_status
+ Server Valid Certificate Valid Privatekey ok
+ Server Empty Certificate Valid Privatekey error
+ Server Valid Certificate Empty Privatekey error
+ Server Empty Certificate Empty Privatekey error
Verify Client Certificate Replace
@@ -29,23 +29,23 @@
[Tags] Verify_Client_Certificate_Replace
[Template] Replace Certificate Via Redfish
- # cert_type cert_format expected_status
- Client Valid Certificate Valid Privatekey ok
- Client Empty Certificate Valid Privatekey error
- Client Valid Certificate Empty Privatekey error
- Client Empty Certificate Empty Privatekey error
+ # cert_type cert_format expected_status
+ Client Valid Certificate Valid Privatekey ok
+ Client Empty Certificate Valid Privatekey error
+ Client Valid Certificate Empty Privatekey error
+ Client Empty Certificate Empty Privatekey error
Verify Client Certificate Install
[Documentation] Verify client certificate install.
[Tags] Verify_Client_Certificate_Install
- [Template] Install And Verify Client Certificate Via Redfish
+ [Template] Install And Verify Certificate Via Redfish
- # cert_format expected_status
- Valid Certificate Valid Privatekey ok
- Empty Certificate Valid Privatekey error
- Valid Certificate Empty Privatekey error
- Empty Certificate Empty Privatekey error
+ # cert_type cert_format expected_status
+ Client Valid Certificate Valid Privatekey ok
+ Client Empty Certificate Valid Privatekey error
+ Client Valid Certificate Empty Privatekey error
+ Client Empty Certificate Empty Privatekey error
Verify Server Certificate View Via Openssl
@@ -70,21 +70,20 @@
*** Keywords ***
-Install And Verify Client Certificate Via Redfish
- [Documentation] Install and verify client certificate using Redfish.
- [Arguments] ${cert_format} ${expected_status}
+Install And Verify Certificate Via Redfish
+ [Documentation] Install and verify certificate using Redfish.
+ [Arguments] ${cert_type} ${cert_format} ${expected_status}
# Description of argument(s):
+ # cert_type Certificate type (e.g. "Client" or "CA").
# cert_format Certificate file format
# (e.g. "Valid_Certificate_Valid_Privatekey").
# expected_status Expected status of certificate replace Redfish
# request (i.e. "ok" or "error").
- Delete Client Certificate Via BMC CLI
- # Adding delay after certificate deletion.
- Sleep 15s
-
redfish.Login
+ Delete Certificate Via BMC CLI ${cert_type}
+
${time}= Set Variable If '${cert_format}' == 'Expired Certificate' -10 365
${cert_file_path}= Generate Certificate File Via Openssl ${cert_format} ${time}
${file_data}= OperatingSystem.Get Binary File ${cert_file_path}
@@ -142,8 +141,8 @@
# request (i.e. "ok" or "error").
# Install client certificate before replacing client certificate.
- Run Keyword If '${cert_type}' == 'Client' Install And Verify Client Certificate Via Redfish
- ... Valid Certificate Valid Privatekey ok
+ Run Keyword If '${cert_type}' == 'Client' Install And Verify Certificate Via Redfish
+ ... ${cert_type} Valid Certificate Valid Privatekey ok
redfish.Login
@@ -186,15 +185,29 @@
Should Contain ${cert_file_content} ${openssl_cert_content}
-Delete Client Certificate Via BMC CLI
- [Documentation] Delete client certificate via BMC CLI.
+Delete Certificate Via BMC CLI
+ [Documentation] Delete certificate via BMC CLI.
+ [Arguments] ${cert_type}
+
+ # Description of argument(s):
+ # cert_type Certificate type (e.g. "Client" or "CA").
+
+ ${certificate_file_path} ${certificate_service} ${certificate_uri}=
+ ... Run Keyword If '${cert_type}' == 'Client'
+ ... Set Variable /etc/nslcd/certs/cert.pem phosphor-certificate-manager@nslcd.service
+ ... ${REDFISH_LDAP_CERTIFICATE_URI}
+ ... ELSE IF '${cert_type}' == 'CA'
+ ... Set Variable /etc/ssl/certs/Root-CA.pem phosphor-certificate-manager@authority.service
+ ... ${REDFISH_CA_CERTIFICATE_URI}
${file_status} ${stderr} ${rc}= BMC Execute Command
- ... [ -f /etc/nslcd/certs/cert.pem ] && echo "Found" || echo "Not Found"
+ ... [ -f ${certificate_file_path} ] && echo "Found" || echo "Not Found"
- Run Keyword If "${file_status}" == "Found"
- ... Run Keywords BMC Execute Command rm /etc/nslcd/certs/cert.pem AND
- ... BMC Execute Command systemctl restart phosphor-certificate-manager@nslcd.service
+ Return From Keyword If "${file_status}" != "Found"
+ BMC Execute Command rm ${certificate_file_path}
+ BMC Execute Command systemctl restart ${certificate_service}
+ Wait Until Keyword Succeeds 1 min 10 sec
+ ... Redfish.Get ${certificate_uri}/1 valid_status_codes=[${HTTP_INTERNAL_SERVER_ERROR}]
Suite Setup Execution