Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 1 | *** Settings *** |
| 2 | Documentation Test certificate in OpenBMC. |
| 3 | |
| 4 | Resource ../../lib/resource.robot |
| 5 | Resource ../../lib/bmc_redfish_resource.robot |
| 6 | Resource ../../lib/openbmc_ffdc.robot |
| 7 | Resource ../../lib/certificate_utils.robot |
George Keishing | bf17fab | 2019-06-13 09:22:22 -0500 | [diff] [blame] | 8 | Library String |
Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 9 | |
Rahul Maheshwari | e48fd3e | 2019-07-22 02:28:58 -0500 | [diff] [blame] | 10 | Force Tags Certificate_Test |
| 11 | |
Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 12 | Suite Setup Suite Setup Execution |
| 13 | Test Teardown Test Teardown Execution |
| 14 | |
| 15 | |
Rahul Maheshwari | 1e0f6a8 | 2019-08-29 01:33:23 -0500 | [diff] [blame] | 16 | *** Variables *** |
| 17 | |
| 18 | ${invalid_value} abc |
Zbigniew Kurzynski | 84ae0d3 | 2019-10-11 15:51:59 +0200 | [diff] [blame] | 19 | ${ROOT_CA_FILE_PATH} /etc/ssl/certs/authority/* |
Rahul Maheshwari | 1e0f6a8 | 2019-08-29 01:33:23 -0500 | [diff] [blame] | 20 | |
| 21 | |
Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 22 | ** Test Cases ** |
| 23 | |
| 24 | Verify Server Certificate Replace |
| 25 | [Documentation] Verify server certificate replace. |
| 26 | [Tags] Verify_Server_Certificate_Replace |
| 27 | [Template] Replace Certificate Via Redfish |
| 28 | |
Rahul Maheshwari | 3ecd1a6 | 2019-06-03 01:44:34 -0500 | [diff] [blame] | 29 | # cert_type cert_format expected_status |
| 30 | Server Valid Certificate Valid Privatekey ok |
| 31 | Server Empty Certificate Valid Privatekey error |
| 32 | Server Valid Certificate Empty Privatekey error |
| 33 | Server Empty Certificate Empty Privatekey error |
Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 34 | |
| 35 | |
| 36 | Verify Client Certificate Replace |
| 37 | [Documentation] Verify client certificate replace. |
| 38 | [Tags] Verify_Client_Certificate_Replace |
| 39 | [Template] Replace Certificate Via Redfish |
| 40 | |
Rahul Maheshwari | 3ecd1a6 | 2019-06-03 01:44:34 -0500 | [diff] [blame] | 41 | # cert_type cert_format expected_status |
| 42 | Client Valid Certificate Valid Privatekey ok |
| 43 | Client Empty Certificate Valid Privatekey error |
| 44 | Client Valid Certificate Empty Privatekey error |
| 45 | Client Empty Certificate Empty Privatekey error |
Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 46 | |
| 47 | |
Rahul Maheshwari | c1f43ed | 2019-06-03 01:00:16 -0500 | [diff] [blame] | 48 | Verify CA Certificate Replace |
| 49 | [Documentation] Verify CA certificate replace. |
| 50 | [Tags] Verify_CA_Certificate_Replace |
| 51 | [Template] Replace Certificate Via Redfish |
| 52 | |
| 53 | # cert_type cert_format expected_status |
| 54 | CA Valid Certificate ok |
| 55 | CA Empty Certificate error |
| 56 | |
| 57 | |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 58 | Verify Client Certificate Install |
| 59 | [Documentation] Verify client certificate install. |
| 60 | [Tags] Verify_Client_Certificate_Install |
Rahul Maheshwari | 3ecd1a6 | 2019-06-03 01:44:34 -0500 | [diff] [blame] | 61 | [Template] Install And Verify Certificate Via Redfish |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 62 | |
Rahul Maheshwari | 3ecd1a6 | 2019-06-03 01:44:34 -0500 | [diff] [blame] | 63 | # cert_type cert_format expected_status |
| 64 | Client Valid Certificate Valid Privatekey ok |
| 65 | Client Empty Certificate Valid Privatekey error |
| 66 | Client Valid Certificate Empty Privatekey error |
| 67 | Client Empty Certificate Empty Privatekey error |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 68 | |
| 69 | |
Rahul Maheshwari | 479c9c5 | 2019-06-03 01:23:12 -0500 | [diff] [blame] | 70 | Verify CA Certificate Install |
| 71 | [Documentation] Verify CA certificate install. |
| 72 | [Tags] Verify_CA_Certificate_Install |
| 73 | [Template] Install And Verify Certificate Via Redfish |
| 74 | |
| 75 | # cert_type cert_format expected_status |
| 76 | CA Valid Certificate ok |
| 77 | CA Empty Certificate error |
| 78 | |
| 79 | |
Rahul Maheshwari | fa95b09 | 2019-05-22 05:10:59 -0500 | [diff] [blame] | 80 | Verify Server Certificate View Via Openssl |
| 81 | [Documentation] Verify server certificate via openssl command. |
| 82 | [Tags] Verify_Server_Certificate_View_Via_Openssl |
| 83 | |
| 84 | redfish.Login |
| 85 | |
| 86 | ${cert_file_path}= Generate Certificate File Via Openssl Valid Certificate Valid Privatekey |
George Keishing | bf17fab | 2019-06-13 09:22:22 -0500 | [diff] [blame] | 87 | ${bytes}= OperatingSystem.Get Binary File ${cert_file_path} |
| 88 | ${file_data}= Decode Bytes To String ${bytes} UTF-8 |
Rahul Maheshwari | fa95b09 | 2019-05-22 05:10:59 -0500 | [diff] [blame] | 89 | |
| 90 | ${certificate_dict}= Create Dictionary |
| 91 | ... @odata.id=/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1 |
| 92 | ${payload}= Create Dictionary CertificateString=${file_data} |
| 93 | ... CertificateType=PEM CertificateUri=${certificate_dict} |
| 94 | |
| 95 | ${resp}= redfish.Post /redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate |
| 96 | ... body=${payload} |
| 97 | |
| 98 | Wait Until Keyword Succeeds 2 mins 15 secs Verify Certificate Visible Via OpenSSL ${cert_file_path} |
| 99 | |
| 100 | |
Rahul Maheshwari | 1e0f6a8 | 2019-08-29 01:33:23 -0500 | [diff] [blame] | 101 | Verify CSR Generation For Server Certificate |
| 102 | [Documentation] Verify CSR generation for server certificate. |
| 103 | [Tags] Verify_CSR_Generation_For_Server_Certificate |
| 104 | [Template] Generate CSR Via Redfish |
| 105 | |
| 106 | # csr_type key_pair_algorithm key_bit_length key_curv_id expected_status |
| 107 | Server RSA ${2048} ${EMPTY} ok |
| 108 | Server EC ${EMPTY} prime256v1 ok |
| 109 | Server EC ${EMPTY} secp521r1 ok |
| 110 | Server EC ${EMPTY} secp384r1 ok |
| 111 | |
| 112 | |
| 113 | Verify CSR Generation For Client Certificate |
| 114 | [Documentation] Verify CSR generation for client certificate. |
| 115 | [Tags] Verify_CSR_Generation_For_Client_Certificate |
| 116 | [Template] Generate CSR Via Redfish |
| 117 | |
| 118 | # csr_type key_pair_algorithm key_bit_length key_curv_id expected_status |
| 119 | Client RSA ${2048} ${EMPTY} ok |
| 120 | Client EC ${EMPTY} prime256v1 ok |
| 121 | Client EC ${EMPTY} secp521r1 ok |
| 122 | Client EC ${EMPTY} secp384r1 ok |
| 123 | |
| 124 | |
| 125 | Verify CSR Generation For Server Certificate With Invalid Value |
| 126 | [Documentation] Verify error while generating CSR for server certificate with invalid value. |
| 127 | [Tags] Verify_CSR_Generation_For_Server_Certificate_With_Invalid_Value |
| 128 | [Template] Generate CSR Via Redfish |
| 129 | |
| 130 | # csr_type key_pair_algorithm key_bit_length key_curv_id expected_status |
| 131 | Server ${invalid_value} ${2048} prime256v1 error |
| 132 | Server RAS ${invalid_value} ${EMPTY} error |
| 133 | Server EC ${EMPTY} ${invalid_value} error |
| 134 | |
| 135 | |
| 136 | Verify CSR Generation For Client Certificate With Invalid Value |
| 137 | [Documentation] Verify error while generating CSR for client certificate with invalid value. |
| 138 | [Tags] Verify_CSR_Generation_For_Client_Certificate_With_Invalid_Value |
| 139 | [Template] Generate CSR Via Redfish |
| 140 | |
| 141 | Client ${invalid_value} ${2048} prime256v1 error |
| 142 | Client RSA ${invalid_value} ${EMPTY} error |
| 143 | Client EC ${EMPTY} ${invalid_value} error |
| 144 | |
| 145 | |
Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 146 | *** Keywords *** |
| 147 | |
Rahul Maheshwari | 3ecd1a6 | 2019-06-03 01:44:34 -0500 | [diff] [blame] | 148 | Install And Verify Certificate Via Redfish |
| 149 | [Documentation] Install and verify certificate using Redfish. |
| 150 | [Arguments] ${cert_type} ${cert_format} ${expected_status} |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 151 | |
| 152 | # Description of argument(s): |
Rahul Maheshwari | 3ecd1a6 | 2019-06-03 01:44:34 -0500 | [diff] [blame] | 153 | # cert_type Certificate type (e.g. "Client" or "CA"). |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 154 | # cert_format Certificate file format |
| 155 | # (e.g. "Valid_Certificate_Valid_Privatekey"). |
| 156 | # expected_status Expected status of certificate replace Redfish |
| 157 | # request (i.e. "ok" or "error"). |
| 158 | |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 159 | redfish.Login |
Rahul Maheshwari | 382c4dc | 2020-02-09 23:50:54 -0600 | [diff] [blame^] | 160 | Run Keyword If '${cert_type}' == 'CA' Delete All CA Certificate Via Redfish |
| 161 | ... ELSE IF '${cert_type}' == 'Client' Delete Certificate Via BMC CLI ${cert_type} |
Rahul Maheshwari | 3ecd1a6 | 2019-06-03 01:44:34 -0500 | [diff] [blame] | 162 | |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 163 | ${time}= Set Variable If '${cert_format}' == 'Expired Certificate' -10 365 |
| 164 | ${cert_file_path}= Generate Certificate File Via Openssl ${cert_format} ${time} |
George Keishing | bf17fab | 2019-06-13 09:22:22 -0500 | [diff] [blame] | 165 | ${bytes}= OperatingSystem.Get Binary File ${cert_file_path} |
| 166 | ${file_data}= Decode Bytes To String ${bytes} UTF-8 |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 167 | |
Rahul Maheshwari | 479c9c5 | 2019-06-03 01:23:12 -0500 | [diff] [blame] | 168 | ${certificate_uri}= Set Variable If |
| 169 | ... '${cert_type}' == 'Client' ${REDFISH_LDAP_CERTIFICATE_URI} |
| 170 | ... '${cert_type}' == 'CA' ${REDFISH_CA_CERTIFICATE_URI} |
| 171 | |
Zbigniew Kurzynski | 84ae0d3 | 2019-10-11 15:51:59 +0200 | [diff] [blame] | 172 | ${cert_id}= Install Certificate File On BMC ${certificate_uri} ${expected_status} data=${file_data} |
| 173 | Logging Installed certificate id: ${cert_id} |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 174 | |
| 175 | # Adding delay after certificate installation. |
Rahul Maheshwari | c1f43ed | 2019-06-03 01:00:16 -0500 | [diff] [blame] | 176 | Sleep 30s |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 177 | |
| 178 | ${cert_file_content}= OperatingSystem.Get File ${cert_file_path} |
| 179 | ${bmc_cert_content}= Run Keyword If '${expected_status}' == 'ok' redfish_utils.Get Attribute |
Zbigniew Kurzynski | 84ae0d3 | 2019-10-11 15:51:59 +0200 | [diff] [blame] | 180 | ... ${certificate_uri}/${cert_id} CertificateString |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 181 | |
| 182 | Run Keyword If '${expected_status}' == 'ok' Should Contain ${cert_file_content} ${bmc_cert_content} |
| 183 | |
| 184 | |
Rahul Maheshwari | 479c9c5 | 2019-06-03 01:23:12 -0500 | [diff] [blame] | 185 | Install Certificate File On BMC |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 186 | [Documentation] Install certificate file in BMC using POST operation. |
| 187 | [Arguments] ${uri} ${status}=ok &{kwargs} |
| 188 | |
| 189 | # Description of argument(s): |
| 190 | # uri URI for installing certificate file via REST |
| 191 | # e.g. "/xyz/openbmc_project/certs/server/https". |
| 192 | # status Expected status of certificate installation via REST |
| 193 | # e.g. error, ok. |
| 194 | # kwargs A dictionary of keys/values to be passed directly to |
| 195 | # POST Request. |
| 196 | |
| 197 | Initialize OpenBMC quiet=${quiet} |
| 198 | |
| 199 | ${headers}= Create Dictionary Content-Type=application/octet-stream |
| 200 | ... X-Auth-Token=${XAUTH_TOKEN} |
| 201 | Set To Dictionary ${kwargs} headers ${headers} |
| 202 | |
| 203 | ${ret}= Post Request openbmc ${uri} &{kwargs} |
Zbigniew Kurzynski | 84ae0d3 | 2019-10-11 15:51:59 +0200 | [diff] [blame] | 204 | ${content_json}= To JSON ${ret.content} |
| 205 | ${cert_id}= Set Variable If '${ret.status_code}' == '${HTTP_OK}' ${content_json["Id"]} -1 |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 206 | |
| 207 | Run Keyword If '${status}' == 'ok' |
| 208 | ... Should Be Equal As Strings ${ret.status_code} ${HTTP_OK} |
| 209 | ... ELSE IF '${status}' == 'error' |
| 210 | ... Should Be Equal As Strings ${ret.status_code} ${HTTP_INTERNAL_SERVER_ERROR} |
| 211 | |
| 212 | Delete All Sessions |
| 213 | |
Zbigniew Kurzynski | 84ae0d3 | 2019-10-11 15:51:59 +0200 | [diff] [blame] | 214 | [Return] ${cert_id} |
Rahul Maheshwari | 037a343 | 2019-05-23 00:55:40 -0500 | [diff] [blame] | 215 | |
Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 216 | Replace Certificate Via Redfish |
| 217 | [Documentation] Test 'replace certificate' operation in the BMC via Redfish. |
| 218 | [Arguments] ${cert_type} ${cert_format} ${expected_status} |
| 219 | |
| 220 | # Description of argument(s): |
| 221 | # cert_type Certificate type (e.g. "Server" or "Client"). |
| 222 | # cert_format Certificate file format |
| 223 | # (e.g. Valid_Certificate_Valid_Privatekey). |
| 224 | # expected_status Expected status of certificate replace Redfish |
| 225 | # request (i.e. "ok" or "error"). |
| 226 | |
Rahul Maheshwari | c1f43ed | 2019-06-03 01:00:16 -0500 | [diff] [blame] | 227 | # Install certificate before replacing client or CA certificate. |
| 228 | Run Keyword If '${cert_type}' == 'Client' |
| 229 | ... Install And Verify Certificate Via Redfish ${cert_type} Valid Certificate Valid Privatekey ok |
| 230 | ... ELSE IF '${cert_type}' == 'CA' |
| 231 | ... Install And Verify Certificate Via Redfish ${cert_type} Valid Certificate ok |
Rahul Maheshwari | 9862eb5 | 2019-05-31 04:04:42 -0500 | [diff] [blame] | 232 | |
Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 233 | redfish.Login |
| 234 | |
| 235 | ${time}= Set Variable If '${cert_format}' == 'Expired Certificate' -10 365 |
| 236 | ${cert_file_path}= Generate Certificate File Via Openssl ${cert_format} ${time} |
| 237 | |
George Keishing | bf17fab | 2019-06-13 09:22:22 -0500 | [diff] [blame] | 238 | ${bytes}= OperatingSystem.Get Binary File ${cert_file_path} |
| 239 | ${file_data}= Decode Bytes To String ${bytes} UTF-8 |
Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 240 | |
Rahul Maheshwari | c1f43ed | 2019-06-03 01:00:16 -0500 | [diff] [blame] | 241 | ${certificate_uri}= Set Variable If |
Rahul Maheshwari | c142c09 | 2019-06-13 00:42:35 -0500 | [diff] [blame] | 242 | ... '${cert_type}' == 'Server' ${REDFISH_HTTPS_CERTIFICATE_URI}/1 |
Rahul Maheshwari | c1f43ed | 2019-06-03 01:00:16 -0500 | [diff] [blame] | 243 | ... '${cert_type}' == 'Client' ${REDFISH_LDAP_CERTIFICATE_URI}/1 |
| 244 | ... '${cert_type}' == 'CA' ${REDFISH_CA_CERTIFICATE_URI}/1 |
Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 245 | |
| 246 | ${certificate_dict}= Create Dictionary @odata.id=${certificate_uri} |
| 247 | ${payload}= Create Dictionary CertificateString=${file_data} |
| 248 | ... CertificateType=PEM CertificateUri=${certificate_dict} |
Rahul Maheshwari | 19e6e44 | 2019-06-03 00:22:45 -0500 | [diff] [blame] | 249 | |
| 250 | ${expected_resp}= Set Variable If '${expected_status}' == 'ok' ${HTTP_OK} |
George Keishing | d225180 | 2020-01-24 00:23:12 -0600 | [diff] [blame] | 251 | ... '${expected_status}' == 'error' ${HTTP_NOT_FOUND}, ${HTTP_INTERNAL_SERVER_ERROR} |
Rahul Maheshwari | 9862eb5 | 2019-05-31 04:04:42 -0500 | [diff] [blame] | 252 | ${resp}= redfish.Post /redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate |
Rahul Maheshwari | 19e6e44 | 2019-06-03 00:22:45 -0500 | [diff] [blame] | 253 | ... body=${payload} valid_status_codes=[${expected_resp}] |
Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 254 | |
| 255 | ${cert_file_content}= OperatingSystem.Get File ${cert_file_path} |
| 256 | ${bmc_cert_content}= redfish_utils.Get Attribute ${certificate_uri} CertificateString |
| 257 | |
| 258 | Run Keyword If '${expected_status}' == 'ok' |
| 259 | ... Should Contain ${cert_file_content} ${bmc_cert_content} |
| 260 | ... ELSE |
| 261 | ... Should Not Contain ${cert_file_content} ${bmc_cert_content} |
| 262 | |
| 263 | |
Rahul Maheshwari | 1e0f6a8 | 2019-08-29 01:33:23 -0500 | [diff] [blame] | 264 | Generate CSR Via Redfish |
| 265 | [Documentation] Generate CSR using Redfish. |
| 266 | [Arguments] ${cert_type} ${key_pair_algorithm} ${key_bit_length} ${key_curv_id} ${expected_status} |
| 267 | |
| 268 | # Description of argument(s): |
| 269 | # cert_type Certificate type ("Server" or "Client"). |
| 270 | # key_pair_algorithm CSR key pair algorithm ("EC" or "RSA") |
| 271 | # key_bit_length CSR key bit length ("2048"). |
| 272 | # key_curv_id CSR key curv id ("prime256v1" or "secp521r1" or "secp384r1"). |
| 273 | # expected_status Expected status of certificate replace Redfish |
| 274 | # request ("ok" or "error"). |
| 275 | |
| 276 | redfish.Login |
| 277 | |
| 278 | ${certificate_uri}= Set Variable If |
| 279 | ... '${cert_type}' == 'Server' ${REDFISH_HTTPS_CERTIFICATE_URI}/ |
| 280 | ... '${cert_type}' == 'Client' ${REDFISH_LDAP_CERTIFICATE_URI}/ |
| 281 | |
| 282 | ${certificate_dict}= Create Dictionary @odata.id=${certificate_uri} |
| 283 | ${payload}= Create Dictionary City=Austin CertificateCollection=${certificate_dict} |
| 284 | ... CommonName=${OPENBMC_HOST} Country=US Organization=IBM |
| 285 | ... OrganizationalUnit=ISL State=AU KeyBitLength=${key_bit_length} |
| 286 | ... KeyPairAlgorithm=${key_pair_algorithm} KeyCurveId=${key_curv_id} |
| 287 | |
| 288 | # Remove not applicable field for CSR generation. |
| 289 | Run Keyword If '${key_pair_algorithm}' == 'EC' Remove From Dictionary ${payload} KeyBitLength |
| 290 | ... ELSE IF '${key_pair_algorithm}' == 'RSA' Remove From Dictionary ${payload} KeyCurveId |
| 291 | |
| 292 | ${expected_resp}= Set Variable If '${expected_status}' == 'ok' ${HTTP_OK} |
| 293 | ... '${expected_status}' == 'error' ${HTTP_INTERNAL_SERVER_ERROR}, ${HTTP_BAD_REQUEST} |
| 294 | ${resp}= redfish.Post /redfish/v1/CertificateService/Actions/CertificateService.GenerateCSR |
| 295 | ... body=${payload} valid_status_codes=[${expected_resp}] |
| 296 | |
| 297 | # Delay added between two CSR generation request. |
| 298 | Sleep 5s |
| 299 | |
| 300 | |
Rahul Maheshwari | 3ecd1a6 | 2019-06-03 01:44:34 -0500 | [diff] [blame] | 301 | Delete Certificate Via BMC CLI |
| 302 | [Documentation] Delete certificate via BMC CLI. |
| 303 | [Arguments] ${cert_type} |
| 304 | |
| 305 | # Description of argument(s): |
| 306 | # cert_type Certificate type (e.g. "Client" or "CA"). |
| 307 | |
| 308 | ${certificate_file_path} ${certificate_service} ${certificate_uri}= |
| 309 | ... Run Keyword If '${cert_type}' == 'Client' |
| 310 | ... Set Variable /etc/nslcd/certs/cert.pem phosphor-certificate-manager@nslcd.service |
| 311 | ... ${REDFISH_LDAP_CERTIFICATE_URI} |
| 312 | ... ELSE IF '${cert_type}' == 'CA' |
Zbigniew Kurzynski | 84ae0d3 | 2019-10-11 15:51:59 +0200 | [diff] [blame] | 313 | ... Set Variable ${ROOT_CA_FILE_PATH} phosphor-certificate-manager@authority.service |
Rahul Maheshwari | 3ecd1a6 | 2019-06-03 01:44:34 -0500 | [diff] [blame] | 314 | ... ${REDFISH_CA_CERTIFICATE_URI} |
Rahul Maheshwari | a5b1767 | 2019-05-30 11:08:30 -0500 | [diff] [blame] | 315 | |
| 316 | ${file_status} ${stderr} ${rc}= BMC Execute Command |
Rahul Maheshwari | 3ecd1a6 | 2019-06-03 01:44:34 -0500 | [diff] [blame] | 317 | ... [ -f ${certificate_file_path} ] && echo "Found" || echo "Not Found" |
Rahul Maheshwari | a5b1767 | 2019-05-30 11:08:30 -0500 | [diff] [blame] | 318 | |
Rahul Maheshwari | 3ecd1a6 | 2019-06-03 01:44:34 -0500 | [diff] [blame] | 319 | Return From Keyword If "${file_status}" != "Found" |
| 320 | BMC Execute Command rm ${certificate_file_path} |
| 321 | BMC Execute Command systemctl restart ${certificate_service} |
Zbigniew Kurzynski | 84ae0d3 | 2019-10-11 15:51:59 +0200 | [diff] [blame] | 322 | BMC Execute Command systemctl daemon-reload |
George Keishing | 2d0804e | 2019-12-12 22:27:05 -0600 | [diff] [blame] | 323 | Wait Until Keyword Succeeds 1 min 10 sec Redfish.Get ${certificate_uri}/1 |
| 324 | ... valid_status_codes=[${HTTP_NOT_FOUND}, ${HTTP_INTERNAL_SERVER_ERROR}] |
Rahul Maheshwari | a5b1767 | 2019-05-30 11:08:30 -0500 | [diff] [blame] | 325 | |
| 326 | |
Rahul Maheshwari | 382c4dc | 2020-02-09 23:50:54 -0600 | [diff] [blame^] | 327 | Delete All CA Certificate Via Redfish |
| 328 | [Documentation] Delete all CA certificate via Redfish. |
| 329 | |
| 330 | ${cert_list}= Redfish_Utils.Get Member List /redfish/v1/Managers/bmc/Truststore/Certificates |
| 331 | FOR ${cert} IN @{cert_list} |
| 332 | Redfish.Delete ${cert} valid_status_codes=[${HTTP_NO_CONTENT}] |
| 333 | END |
| 334 | |
| 335 | |
Rahul Maheshwari | b4b8bb6 | 2019-03-04 23:56:10 -0600 | [diff] [blame] | 336 | Suite Setup Execution |
| 337 | [Documentation] Do suite setup tasks. |
| 338 | |
| 339 | # Create certificate sub-directory in current working directory. |
| 340 | Create Directory certificate_dir |
| 341 | |
| 342 | |
| 343 | Test Teardown Execution |
| 344 | [Documentation] Do the post test teardown. |
| 345 | |
| 346 | FFDC On Test Case Fail |
| 347 | redfish.Logout |