Github user alopresto commented on a diff in the pull request:
https://github.com/apache/nifi/pull/2919#discussion_r205831217
--- Diff:
nifi-toolkit/nifi-toolkit-admin/src/test/groovy/org/apache/nifi/toolkit/admin/client/NiFiClientFactorySpec.groovy
---
@@ -121,21 +122,86 @@ class NiFiClientFactorySpec extends Specification {
}
+ def "should verify wildcard in CN in certificate based on subjectDN"(){
+
+ given:
+ final String EXPECTED_DN =
"CN=*.nifi.apache.org,OU=Security,O=Apache,ST=CA,C=US"
+ Certificate[] certificateChain =
generateCertificateChain(EXPECTED_DN,ISSUER_DN)
+ def mockSession = Mock(SSLSession)
+ DefaultHostnameVerifier verifier = new DefaultHostnameVerifier()
+ mockSession.getPeerCertificates() >> certificateChain
+
+ when:
+ def verified =
verifier.verify("client.nifi.apache.org",mockSession)
--- End diff --
Please rename these variables (and in following tests) to be more
descriptive, i.e. `def validSubdomainIsVerified`, `def
validSubdomainIsVerified2`, `def invalidSubdomainIsNotVerified`.
---
