fa0b4cd2d5
1. Modify all the test configuration files to disable the DHE prime test. 2. Add a test configuration that tests three cipher suites with the DHE prime test enabled.
68 lines
1.5 KiB
Plaintext
68 lines
1.5 KiB
Plaintext
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-v 3
|
|
-l ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-c ./certs/ed25519/server-ed25519.pem
|
|
-k ./certs/ed25519/server-ed25519-key.pem
|
|
-2
|
|
|
|
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-v 3
|
|
-l ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-A ./certs/ed25519/root-ed25519.pem
|
|
-C
|
|
-2
|
|
|
|
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-v 3
|
|
-l ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-c ./certs/ed25519/server-ed25519.pem
|
|
-k ./certs/ed25519/server-ed25519-key.pem
|
|
-A ./certs/ed25519/client-ed25519.pem
|
|
-V
|
|
# Remove -V when CRL for ED25519 certificates available.
|
|
-2
|
|
|
|
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-v 3
|
|
-l ECDHE-ECDSA-AES128-GCM-SHA256
|
|
-c ./certs/ed25519/client-ed25519.pem
|
|
-k ./certs/ed25519/client-ed25519-key.pem
|
|
-A ./certs/ed25519/root-ed25519.pem
|
|
-C
|
|
-2
|
|
|
|
# server TLSv1.3 TLS13-AES128-GCM-SHA256
|
|
-v 4
|
|
-l TLS13-AES128-GCM-SHA256
|
|
-c ./certs/ed25519/server-ed25519.pem
|
|
-k ./certs/ed25519/server-ed25519-key.pem
|
|
-2
|
|
|
|
# client TLSv1.3 TLS13-AES128-GCM-SHA256
|
|
-v 4
|
|
-l TLS13-AES128-GCM-SHA256
|
|
-A ./certs/ed25519/root-ed25519.pem
|
|
-C
|
|
-2
|
|
|
|
# Enable when CRL for ED25519 certificates available.
|
|
# server TLSv1.3 TLS13-AES128-GCM-SHA256
|
|
-v 4
|
|
-l TLS13-AES128-GCM-SHA256
|
|
-c ./certs/ed25519/server-ed25519.pem
|
|
-k ./certs/ed25519/server-ed25519-key.pem
|
|
-A ./certs/ed25519/client-ed25519.pem
|
|
-V
|
|
# Remove -V when CRL for ED25519 certificates available.
|
|
-2
|
|
|
|
# client TLSv1.3 TLS13-AES128-GCM-SHA256
|
|
-v 4
|
|
-l TLS13-AES128-GCM-SHA256
|
|
-c ./certs/ed25519/client-ed25519.pem
|
|
-k ./certs/ed25519/client-ed25519-key.pem
|
|
-A ./certs/ed25519/root-ed25519.pem
|
|
-C
|
|
-2
|
|
|