cert_test.go

Documentation: github.com/ory/x/tlsx

     1  package tlsx
     2  
     3  import (
     4  	"io/ioutil"
     5  	"os"
     6  	"testing"
     7  
     8  	"github.com/stretchr/testify/require"
     9  
    10  	"github.com/stretchr/testify/assert"
    11  )
    12  
    13  func TestHTTPSCertificate(t *testing.T) {
    14  	certFixture := `LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVFRENDQXZpZ0F3SUJBZ0lKQU5mK0lUMU1HaHhCTUEwR0NTcUdTSWI` +
    15  		`zRFFFQkN3VUFNSUdaTVFzd0NRWUQKVlFRR0V3SlZVekVMTUFrR0ExVUVDQXdDUTBFeEVqQVFCZ05WQkFjTUNWQmhiRzhnUVd4MGJ6RWlNQ0FHQ` +
    16  		`TFVRQpDZ3daVDI1bFEyOXVZMlZ5YmlCYmRHVnpkQ0J3ZFhKd2IzTmxYVEVjTUJvR0ExVUVBd3dUYjI1bFkyOXVZMlZ5CmJpMTBaWE4wTG1OdmJ` +
    17  		`URW5NQ1VHQ1NxR1NJYjNEUUVKQVJZWVpuSmxaR1Z5YVdOQVkyOXVaV052Ym1ObGNtNHUKWTI5dE1CNFhEVEU0TURnd016RTJNakUwT0ZvWERUR` +
    18  		`TVNVEl4TmpFMk1qRTBPRm93Z1lReEN6QUpCZ05WQkFZVApBbFZUTVFzd0NRWURWUVFJREFKRFFURVNNQkFHQTFVRUJ3d0pVR0ZzYnlCQmJIUnZ` +
    19  		`NU0l3SUFZRFZRUUxEQmxQCmJtVkRiMjVqWlhKdUlGdDBaWE4wSUhCMWNuQnZjMlZkTVRBd0xnWURWUVFERENkaGNHa3RjMlZ5ZG1salpTMXcKY` +
    20  		`205NGFXVmtMbTl1WldOdmJtTmxjbTR0ZEdWemRDNWpiMjB3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQgpEd0F3Z2dFS0FvSUJBUURXVzF` +
    21  		`KQnZweC9vZkYwei80QnkrYmdBcCtoYnlxblVsQ2FnYmlneE9QTHY3aUg4TSt1CjNENkRlSVkzQzdkV0thTjRnYXZHd1MvN3I0UWxXSWdvK09NR` +
    22  		`HQ1M25OZDVvakwvNWY5R1E0ZGRObW53b25EeEYKVThrd1lMWURMTkJIQzJqMzFBNVNueHo0S1NkVE03Rmc0OFBJeTNBaWFGMkhEcURZVlJpWkV` +
    23  		`ackl4U3JTSmFKZgp1WGVCSUVBcFBpUG1IOURObGw2VVo3ODZvZitJWWVLV2VuY0MvbGpPaGlJSnJWL3NEZTc2QVFjdXY5T29XaUdiCklGVFMyW` +
    24  		`ExSRGF0YzByQXhWdlFiTnMzeWlFYjh3UzBaR0F4cTBuZk9pMGZkYVBIODdFc25MdkpqWk5PcXIvTVMKSW5BYmN2ZmlwckxxaEdLQTVIN2hKVGZ` +
    25  		`EcFJ6WWxBcm5maTJMQWdNQkFBR2piakJzTUFrR0ExVWRFd1FDTUFBdwpDd1lEVlIwUEJBUURBZ1hnTUZJR0ExVWRFUVJMTUVtQ0htOWhkR2hyW` +
    26  		`ldWd1pYSXViMjVsWTI5dVkyVnliaTEwClpYTjBMbU52YllJbllYQnBMWE5sY25acFkyVXRjSEp2ZUdsbFpDNXZibVZqYjI1alpYSnVMWFJsYzN` +
    27  		`RdVkyOXQKTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCMVBibCtSbW50RW9jbHlqWXpzeWtLb2lYczNwYTgzQ2dEWjZwQwpncnY0TFF4U29FZ` +
    28  		`kowNGY4YkQ0SUlZRkdDWmZWTkcwVnBFWHJObGs2VWJzVmRUQUJ0cUNndUpUV3dER1VBaDZYCjNiRmhyWm5QZXhzLy9Rd2dEQWRxSWYwRWd3Y0R` +
    29  		`VRzc2R0lkZms3MGUxWnV4Y2h4ZDhVQkNwQUlkZVUwOHZWa3kKNFBXdjJLNGFENEZqQ2hLeENONWtoTjUwRk1QY2FJK3hWZ2Q0N3RQaFZOOWxRa` +
    30  		`W9HRENoc1Q1dkFSazdiYS9jZQowUTlOV2RpTWZMRWdMZGNCb2JaS0Z0RnJsS3R5ek9nRGpMdlh2TFFzL3MybWVyU0k5Zmt3b09CRVArN2o3Wm5` +
    31  		`zCkFqeTlNZmh3cWJUcFc3S3BDU0ZhMFZULzJ1OTVaUmNQdnJYbGRLUnlnQjRXdUFScgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==`
    32  	keyFixture := `LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBMWx0U1FiNmNmNkh4ZE0vK0Fjdm00QUtm` +
    33  		`b1c4cXAxSlFtb0c0b01Uank3KzRoL0RQCnJ0dytnM2lHTnd1M1ZpbWplSUdyeHNFdis2K0VKVmlJS1BqakE3ZWQ1elhlYUl5LytYL1JrT0hYVF` +
    34  		`pwOEtKdzgKUlZQSk1HQzJBeXpRUnd0bzk5UU9VcDhjK0NrblV6T3hZT1BEeU10d0ltaGRodzZnMkZVWW1SR2F5TVVxMGlXaQpYN2wzZ1NCQUtU` +
    35  		`NGo1aC9RelpaZWxHZS9PcUgvaUdIaWxucDNBdjVZem9ZaUNhMWY3QTN1K2dFSExyL1RxRm9oCm15QlUwdGx5MFEyclhOS3dNVmIwR3piTjhvaE` +
    36  		`cvTUV0R1JnTWF0SjN6b3RIM1dqeC9PeExKeTd5WTJUVHFxL3oKRWlKd0czTDM0cWF5Nm9SaWdPUis0U1UzdzZVYzJKUUs1MzR0aXdJREFRQUJB` +
    37  		`b0lCQVFET2xyRE9RQ0NnT2JsMQo5VWMrLy84QkFrWksxZExyODc5UFNacGhCNkRycTFqeld6a3RzNEprUHZKTGR2VTVDMlJMTGQ0WjdmS0t4UH` +
    38  		`U4CjZuZy8xSzhsMC85UTZHL3puME1kK1B4R2dBSjYvbHFPNFJTTlZGVGdWVFRXRm9pZEQvZ1ljYjFrRDRsaCtuZTIKRG1uemtWQU40MU90Tlp4` +
    39  		`K0g3RVJEZUpwRTdoenFSOEhodnhxZU82Z25CMXJkZ3JRSE9MV1lSdmM1cGd2QS9BTwpYcTBRVXIrQWlUcTR0UW5oYjhDbDhJK2lLRmF5ZzZvY0` +
    40  		`FnQXVCZkZBMnVBd29CL25LajZXTHlJVHV0NWE1VDBQCmxpbVJaYllGUTFyeHBJaVpUMmFja0NxUjN1Yk9qdVBGOCtJZHVWSmNXN05WcTFRSlls` +
    41  		`RkFrSnVhTnpaRDlNMGkKUCs3WTgvTGhBb0dCQVBEYTg2cU9pazZpamNaajJtKzFub3dycnJINjdCRzhqRzdIYzJCZzU1M2VXWHZnQ3Z6RQppMk` +
    42  		`xYU3J6VVV6SGN2aHFQRVZqV2RPbk1rVHkxK2VoZDRnV3FTZW9iUlFqcHAxYU40clA5dVcvOStZaHVoTlZWCnJ2QUh3ZHBTaTRlelovNEVERmxl` +
    43  		`YUd5dXNWSkcvU1lJM096bnVQU051NW1lcysxN05Hb2pBZWtaQW9HQkFPUFYKMG5oRy9rNitQLzdlRXlqL2tjU3lPeUE5MzYvV05yVUU3bDF4b2` +
    44  		`YyK3laSVVhUitOcE1manpmcVJqaitRWmZIZwpJS0kvYmJGWGtlWm9nWG5seHk0T1YvSmtKZy9oTHo2alJUQjhYTW9kbEhwVnFOaEZYcWJhV1Bj` +
    45  		`a0h3WkhaVFU0CkNsQWg0QWZrZ2hpVWVrS2lhcTFNMWNyOE5CTWlyeTR2WWhKVXVReERBb0dCQUpyTG5aOFlUVHVNcmFHN3V6L2cKY2kyVVJZcU` +
    46  		`53ZnNFT3gxWGdvZUd3RlZ0K2dUclVTUnpEVUpSSysrQVpwZTlUMUN5Y211dUtTVzZHLzN3MXRUSQp3ZUx5TnQ4Rzk2OXF1K21jOXY3SEtzOFhZ` +
    47  		`N0NUbHp1ay9mRzJpcGhPUk83S0Z5UGlaaTFweDZOU0F4VG1HdnkrCjVYNDh6MW9kWFZ5MTZ0M09PVG1kbGpUQkFvR0FTYk5SY2pjRTdOUCtQNl` +
    48  		`AyN3J3OW16Tk1qUkYyMnBxZzk4MncKamVuRVRTRDZjNWJHcXI1WEg1SkJmMXkyZHpsdXdOK1BydXgxdjNoa2FmUkViZm8yaEY5L2M1bVI5bkVS` +
    49  		`cDJHSgpjRFhLamxjalFLK1UvdUR4eldlMGY3M2ZpMWh0Rk5vYisrLzVXSlJDd1ZER2UrZXVPb0V3WjRsT0R5S1pLSWVMCllnS21HYUVDZ1lBMF` +
    50  		`prd3k5ejFXczRBTmpHK1lsYVV4cEtMY0pGZHlDSEtkRnI2NVdZc21HcU5rSmZHU0dlQjYKUkhNWk5Nb0RUUmhtaFFoajhNN04rRk10WkFVT01k` +
    51  		`ZFovMWN2UkV0Rlc3KzY2dytYWnZqOUNRL3VlY3RwL3FiKwo2ZG5PYnJkbUxpWitVL056R0xLbUZnSlRjOVg3ZndtMTFQU2xpWkswV3JkblhLbn` +
    52  		`praDlPaFE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=`
    53  
    54  	certFileContent := `-----BEGIN CERTIFICATE-----
    55  MIIEEDCCAvigAwIBAgIJANf+IT1MGhxBMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD
    56  VQQGEwJVUzELMAkGA1UECAwCQ0ExEjAQBgNVBAcMCVBhbG8gQWx0bzEiMCAGA1UE
    57  CgwZT25lQ29uY2VybiBbdGVzdCBwdXJwb3NlXTEcMBoGA1UEAwwTb25lY29uY2Vy
    58  bi10ZXN0LmNvbTEnMCUGCSqGSIb3DQEJARYYZnJlZGVyaWNAY29uZWNvbmNlcm4u
    59  Y29tMB4XDTE4MDgwMzE2MjE0OFoXDTE5MTIxNjE2MjE0OFowgYQxCzAJBgNVBAYT
    60  AlVTMQswCQYDVQQIDAJDQTESMBAGA1UEBwwJUGFsbyBBbHRvMSIwIAYDVQQLDBlP
    61  bmVDb25jZXJuIFt0ZXN0IHB1cnBvc2VdMTAwLgYDVQQDDCdhcGktc2VydmljZS1w
    62  cm94aWVkLm9uZWNvbmNlcm4tdGVzdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
    63  DwAwggEKAoIBAQDWW1JBvpx/ofF0z/4By+bgAp+hbyqnUlCagbigxOPLv7iH8M+u
    64  3D6DeIY3C7dWKaN4gavGwS/7r4QlWIgo+OMDt53nNd5ojL/5f9GQ4ddNmnwonDxF
    65  U8kwYLYDLNBHC2j31A5Snxz4KSdTM7Fg48PIy3AiaF2HDqDYVRiZEZrIxSrSJaJf
    66  uXeBIEApPiPmH9DNll6UZ786of+IYeKWencC/ljOhiIJrV/sDe76AQcuv9OoWiGb
    67  IFTS2XLRDatc0rAxVvQbNs3yiEb8wS0ZGAxq0nfOi0fdaPH87EsnLvJjZNOqr/MS
    68  InAbcvfiprLqhGKA5H7hJTfDpRzYlArnfi2LAgMBAAGjbjBsMAkGA1UdEwQCMAAw
    69  CwYDVR0PBAQDAgXgMFIGA1UdEQRLMEmCHm9hdGhrZWVwZXIub25lY29uY2Vybi10
    70  ZXN0LmNvbYInYXBpLXNlcnZpY2UtcHJveGllZC5vbmVjb25jZXJuLXRlc3QuY29t
    71  MA0GCSqGSIb3DQEBCwUAA4IBAQB1Pbl+RmntEoclyjYzsykKoiXs3pa83CgDZ6pC
    72  grv4LQxSoEfJ04f8bD4IIYFGCZfVNG0VpEXrNlk6UbsVdTABtqCguJTWwDGUAh6X
    73  3bFhrZnPexs//QwgDAdqIf0EgwcDUG76GIdfk70e1Zuxchxd8UBCpAIdeU08vVky
    74  4PWv2K4aD4FjChKxCN5khN50FMPcaI+xVgd47tPhVN9lQioGDChsT5vARk7ba/ce
    75  0Q9NWdiMfLEgLdcBobZKFtFrlKtyzOgDjLvXvLQs/s2merSI9fkwoOBEP+7j7Zns
    76  Ajy9MfhwqbTpW7KpCSFa0VT/2u95ZRcPvrXldKRygB4WuARr
    77  -----END CERTIFICATE-----`
    78  	keyFileContent := `-----BEGIN RSA PRIVATE KEY-----
    79  MIIEpAIBAAKCAQEA1ltSQb6cf6HxdM/+Acvm4AKfoW8qp1JQmoG4oMTjy7+4h/DP
    80  rtw+g3iGNwu3VimjeIGrxsEv+6+EJViIKPjjA7ed5zXeaIy/+X/RkOHXTZp8KJw8
    81  RVPJMGC2AyzQRwto99QOUp8c+CknUzOxYOPDyMtwImhdhw6g2FUYmRGayMUq0iWi
    82  X7l3gSBAKT4j5h/QzZZelGe/OqH/iGHilnp3Av5YzoYiCa1f7A3u+gEHLr/TqFoh
    83  myBU0tly0Q2rXNKwMVb0GzbN8ohG/MEtGRgMatJ3zotH3Wjx/OxLJy7yY2TTqq/z
    84  EiJwG3L34qay6oRigOR+4SU3w6Uc2JQK534tiwIDAQABAoIBAQDOlrDOQCCgObl1
    85  9Uc+//8BAkZK1dLr879PSZphB6Drq1jzWzkts4JkPvJLdvU5C2RLLd4Z7fKKxPu8
    86  6ng/1K8l0/9Q6G/zn0Md+PxGgAJ6/lqO4RSNVFTgVTTWFoidD/gYcb1kD4lh+ne2
    87  DmnzkVAN41OtNZx+H7ERDeJpE7hzqR8HhvxqeO6gnB1rdgrQHOLWYRvc5pgvA/AO
    88  Xq0QUr+AiTq4tQnhb8Cl8I+iKFayg6ocAgAuBfFA2uAwoB/nKj6WLyITut5a5T0P
    89  limRZbYFQ1rxpIiZT2ackCqR3ubOjuPF8+IduVJcW7NVq1QJYlFAkJuaNzZD9M0i
    90  P+7Y8/LhAoGBAPDa86qOik6ijcZj2m+1nowrrrH67BG8jG7Hc2Bg553eWXvgCvzE
    91  i2LXSrzUUzHcvhqPEVjWdOnMkTy1+ehd4gWqSeobRQjpp1aN4rP9uW/9+YhuhNVV
    92  rvAHwdpSi4ezZ/4EDFleaGyusVJG/SYI3OznuPSNu5mes+17NGojAekZAoGBAOPV
    93  0nhG/k6+P/7eEyj/kcSyOyA936/WNrUE7l1xof2+yZIUaR+NpMfjzfqRjj+QZfHg
    94  IKI/bbFXkeZogXnlxy4OV/JkJg/hLz6jRTB8XModlHpVqNhFXqbaWPckHwZHZTU4
    95  ClAh4AfkghiUekKiaq1M1cr8NBMiry4vYhJUuQxDAoGBAJrLnZ8YTTuMraG7uz/g
    96  ci2URYqNwfsEOx1XgoeGwFVt+gTrUSRzDUJRK++AZpe9T1CycmuuKSW6G/3w1tTI
    97  weLyNt8G969qu+mc9v7HKs8XY7CTlzuk/fG2iphORO7KFyPiZi1px6NSAxTmGvy+
    98  5X48z1odXVy16t3OOTmdljTBAoGASbNRcjcE7NP+P6P27rw9mzNMjRF22pqg982w
    99  jenETSD6c5bGqr5XH5JBf1y2dzluwN+Prux1v3hkafREbfo2hF9/c5mR9nERp2GJ
   100  cDXKjlcjQK+U/uDxzWe0f73fi1htFNob++/5WJRCwVDGe+euOoEwZ4lODyKZKIeL
   101  YgKmGaECgYA0Zkwy9z1Ws4ANjG+YlaUxpKLcJFdyCHKdFr65WYsmGqNkJfGSGeB6
   102  RHMZNMoDTRhmhQhj8M7N+FMtZAUOMddZ/1cvREtFW7+66w+XZvj9CQ/uectp/qb+
   103  6dnObrdmLiZ+U/NzGLKmFgJTc9X7fwm11PSliZK0WrdnXKnzkh9OhQ==
   104  -----END RSA PRIVATE KEY-----`
   105  	tmpCertFile, _ := ioutil.TempFile("", "test-cert")
   106  	tmpCert := tmpCertFile.Name()
   107  	tmpKeyFile, _ := ioutil.TempFile("", "test-key")
   108  	tmpKey := tmpKeyFile.Name()
   109  	defer func() {
   110  		_ = os.Remove(tmpCert)
   111  		_ = os.Remove(tmpKey)
   112  		os.Setenv("HTTPS_TLS_KEY_PATH", "")
   113  		os.Setenv("HTTPS_TLS_CERT_PATH", "")
   114  		os.Setenv("HTTPS_TLS_KEY", "")
   115  		os.Setenv("HTTPS_TLS_CERT", "")
   116  	}()
   117  	_ = ioutil.WriteFile(tmpCert, []byte(certFileContent), 0600)
   118  	_ = ioutil.WriteFile(tmpKey, []byte(keyFileContent), 0600)
   119  
   120  	// 1. no TLS
   121  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY_PATH", ""))
   122  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT_PATH", ""))
   123  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY", ""))
   124  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT", ""))
   125  	cert, err := HTTPSCertificate()
   126  	assert.Nil(t, cert)
   127  	assert.EqualError(t, err, ErrNoCertificatesConfigured.Error())
   128  
   129  	// 2. inconsistent TLS (i): warning only
   130  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY_PATH", "x"))
   131  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT_PATH", ""))
   132  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY", ""))
   133  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT", ""))
   134  	cert, err = HTTPSCertificate()
   135  	assert.Nil(t, cert)
   136  	assert.EqualError(t, err, ErrInvalidCertificateConfiguration.Error())
   137  
   138  	// 2. inconsistent TLS (ii): warning only
   139  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY_PATH", ""))
   140  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT_PATH", ""))
   141  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY", ""))
   142  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT", "x"))
   143  	cert, err = HTTPSCertificate()
   144  	assert.Nil(t, cert)
   145  	assert.EqualError(t, err, ErrInvalidCertificateConfiguration.Error())
   146  
   147  	// 3. invalid TLS file
   148  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY_PATH", "x"))
   149  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT_PATH", tmpCert))
   150  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY", ""))
   151  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT", ""))
   152  	cert, err = HTTPSCertificate()
   153  	assert.Nil(t, cert)
   154  	assert.Error(t, err)
   155  
   156  	// 4. invalid TLS string (i)
   157  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY_PATH", ""))
   158  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT_PATH", ""))
   159  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY", "{}"))
   160  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT", certFixture))
   161  	cert, err = HTTPSCertificate()
   162  	assert.Nil(t, cert)
   163  	assert.Error(t, err)
   164  
   165  	// 4. invalid TLS string (ii)
   166  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY_PATH", ""))
   167  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT_PATH", ""))
   168  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY", keyFixture))
   169  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT", "{}"))
   170  	cert, err = HTTPSCertificate()
   171  	assert.Nil(t, cert)
   172  	assert.Error(t, err)
   173  
   174  	// 5. valid TLS files
   175  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY_PATH", tmpKey))
   176  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT_PATH", tmpCert))
   177  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY", ""))
   178  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT", ""))
   179  	cert, err = HTTPSCertificate()
   180  	assert.NotNil(t, cert)
   181  	assert.NoError(t, err)
   182  
   183  	// 6. valid TLS strings
   184  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY_PATH", ""))
   185  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT_PATH", ""))
   186  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY", keyFixture))
   187  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT", certFixture))
   188  	cert, err = HTTPSCertificate()
   189  	assert.NotNil(t, cert)
   190  	assert.NoError(t, err)
   191  
   192  	// 7. invalid TLS file content
   193  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY_PATH", keyFixture))
   194  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT_PATH", certFixture))
   195  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY", ""))
   196  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT", ""))
   197  	cert, err = HTTPSCertificate()
   198  	assert.Nil(t, cert)
   199  	assert.Error(t, err)
   200  
   201  	// 8. invalid TLS string content
   202  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY_PATH", ""))
   203  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT_PATH", ""))
   204  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY", keyFileContent))
   205  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT", certFileContent))
   206  	cert, err = HTTPSCertificate()
   207  	assert.Nil(t, cert)
   208  	assert.Error(t, err)
   209  
   210  	// 9. mismatched TLS file content
   211  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY_PATH", certFileContent))
   212  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT_PATH", keyFileContent))
   213  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY", ""))
   214  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT", ""))
   215  	cert, err = HTTPSCertificate()
   216  	assert.Nil(t, cert)
   217  	assert.Error(t, err)
   218  
   219  	// 10. mismatched TLS string content
   220  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY_PATH", ""))
   221  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT_PATH", ""))
   222  	require.NoError(t, os.Setenv("HTTPS_TLS_KEY", certFixture))
   223  	require.NoError(t, os.Setenv("HTTPS_TLS_CERT", keyFixture))
   224  	cert, err = HTTPSCertificate()
   225  	assert.Nil(t, cert)
   226  	assert.Error(t, err)
   227  }
   228
View as plain text