From 227f32bb30c6e1942137c284b07a78442b8b6df3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Florent=20Thi=C3=A9ry?= <florent.thiery@ubicast.eu>
Date: Thu, 23 Feb 2017 11:39:37 +0100
Subject: [PATCH] add ssl certificate test, fixes #20586

---
 tests/test_ssl.py | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100755 tests/test_ssl.py

diff --git a/tests/test_ssl.py b/tests/test_ssl.py
new file mode 100755
index 00000000..790dd7fd
--- /dev/null
+++ b/tests/test_ssl.py
@@ -0,0 +1,37 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright 2017, Florent Thiery
+'''
+Criticality: Normal
+Checks that SSL certificates are valid; if invalid, the user will have to add an exception in his browser
+'''
+import os
+import sys
+import requests
+import imp
+
+os.chdir(os.path.dirname(__file__))
+if not os.path.isfile('../utils.py'):
+    print('conf.sh not found')
+    sys.exit(1)
+
+es_utils = imp.load_source('es_utils', '../utils.py')
+conf = es_utils.load_conf()
+
+all_ok = True
+
+conf_servers = (
+    'MS_SERVER_NAME',
+    'MONITOR_SERVER_NAME',
+    'CM_SERVER_NAME',
+)
+
+for s in conf_servers:
+    v = conf.get(s)
+    try:
+        url = "https://%s" % s
+        requests.get(url)
+        sys.exit(0)
+    except requests.exceptions.SSLError as e:
+        print('Error: SSL certificate for %s is not valid' % (url, e))
+        sys.exit(1)
-- 
GitLab