Hi,

Old certificates of the services are no longer removed and revoked
after new ones have been issued.

Check that both old and new certificates are present.

Tomas
From d1445c61bab5d9ee5efc4fe68d7fc8caf7758f75 Mon Sep 17 00:00:00 2001
From: Tomas Babej <tba...@redhat.com>
Date: Tue, 21 Jul 2015 17:39:47 +0200
Subject: [PATCH] tests: test_cert: Services can have multiple certificates

Old certificates of the services are no longer removed and revoked
after new ones have been issued.

Check that both old and new certificates are present.
---
 ipatests/test_xmlrpc/test_cert_plugin.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ipatests/test_xmlrpc/test_cert_plugin.py b/ipatests/test_xmlrpc/test_cert_plugin.py
index c878504b2a831970ab421ef286b145d276402164..01fadfdb5a13f1f516a27c81dd7d77438a679c36 100644
--- a/ipatests/test_xmlrpc/test_cert_plugin.py
+++ b/ipatests/test_xmlrpc/test_cert_plugin.py
@@ -183,10 +183,10 @@ class test_cert(XMLRPC_test):
         global cert, newcert
 
         res = api.Command['service_show'](self.service_princ)['result']
-        # It should no longer match our old cert
-        assert base64.b64encode(res['usercertificate'][0]) != cert
-        # And it should match the new one
-        assert base64.b64encode(res['usercertificate'][0]) == newcert
+
+        # Both the old and the new certs should be listed as certificates now
+        certs_encoded = (base64.b64encode(cert) for cert in res['usercertificate'])
+        assert set(certs_encoded) == set([cert, newcert])
 
     def test_0007_cleanup(self):
         """
-- 
2.1.0

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to