oscrypto
oscrypto copied to clipboard
wbond
Some tests failed due to expired certificates and other errors
Some test errors are as follows:
======================================================================
ERROR: test_tls_connect_dh1024 (tests.test_tls.TLSTests.test_tls_connect_dh1024)
----------------------------------------------------------------------
oscrypto.errors.TLSVerificationError: Server certificate verification failed - certificate expired 2024-01-01 00:00:00Z
======================================================================
ERROR: test_tls_error_client_cert_required (tests.test_tls.TLSTests.test_tls_error_client_cert_required)
----------------------------------------------------------------------
oscrypto.errors.TLSVerificationError: Server certificate verification failed - certificate expired 2024-01-01 00:00:00Z
======================================================================
ERROR: test_tls_error_domain_mismatch (tests.test_tls.TLSTests.test_tls_error_domain_mismatch)
----------------------------------------------------------------------
oscrypto.errors.TLSVerificationError: Server certificate verification failed - certificate expired 2024-01-01 00:00:00Z
======================================================================
ERROR: test_tls_error_http (tests.test_tls.TLSTests.test_tls_error_http)
----------------------------------------------------------------------
oscrypto.errors.TLSError: error:0A0000C6:SSL routines::packet length too long
======================================================================
ERROR: test_tls_error_san_mismatch (tests.test_tls.TLSTests.test_tls_error_san_mismatch)
----------------------------------------------------------------------
oscrypto.errors.TLSVerificationError: Server certificate verification failed - certificate expired 2024-01-01 00:00:00Z
======================================================================
ERROR: test_tls_error_weak_dh_params (tests.test_tls.TLSTests.test_tls_error_weak_dh_params)
----------------------------------------------------------------------
oscrypto.errors.TLSError: error:030000A8:digital envelope routines::unknown security bits
======================================================================
ERROR: test_tls_error_wildcard_mismatch (tests.test_tls.TLSTests.test_tls_error_wildcard_mismatch)
----------------------------------------------------------------------
oscrypto.errors.TLSVerificationError: Server certificate verification failed - certificate expired 2024-01-01 00:00:00Z
======================================================================
ERROR: test_tls_extra_trust_roots (tests.test_tls.TLSTests.test_tls_extra_trust_roots)
----------------------------------------------------------------------
oscrypto.errors.TLSVerificationError: Server certificate verification failed - certificate expired 2024-01-01 00:00:00Z
======================================================================
ERROR: test_tls_wildcard_success (tests.test_tls.TLSTests.test_tls_wildcard_success)
----------------------------------------------------------------------
oscrypto.errors.TLSVerificationError: Server certificate verification failed - certificate expired 2024-01-01 00:00:00Z
The test suite uses badtls.io and it seems that the service is no longer functional. For example, according to the badtls README, domain-match.badtls.io:10000 should be a "good" configuration. However, connecting to that port via TLS fails with an expired certificate error:
$ openssl s_client domain-match.badtls.io:10000
SSL handshake has read 1704 bytes and written 423 bytes
Verification error: certificate has expired
That is why the test suite presently fails.
