Loading...

XML

Word

Printable

Acceptance Criteria:
Hide

Given a system administrator is configuring a VPN using nmstate with the require-id-on-certificate option,

When they set this option to yes or no,

Then, the system should correctly enforce SAN validation based on the setting, with:

no disabling SAN validation (accepting certificates without SAN)

yes enabling SAN validation

Definition of Done:

The implementation meets the acceptance criteria

Integration tests are written and pass

The code is part of a downstream build attached to an errata
Show
Given a system administrator is configuring a VPN using nmstate with the require-id-on-certificate option, When they set this option to yes or no, Then, the system should correctly enforce SAN validation based on the setting, with: no disabling SAN validation (accepting certificates without SAN) yes enabling SAN validation Definition of Done: The implementation meets the acceptance criteria Integration tests are written and pass The code is part of a downstream build attached to an errata
Git Pull Request:
https://github.com/nmstate/nmstate/pull/2775
Preliminary Testing:
None
Errata Link:
https://errata.engineering.redhat.com/advisory/139365
Test Coverage:
None

A list of verification conditions, successful functional tests, or expected outcomes in order to declare this story/task successfully completed.

Verify that when set to `no` no SAN validation is performed (use a certificate with no SAN)
Verify that when set to `yes` SAN are validated (note: I believe there's a libreswan bug that blocks that)

links to

RHEA-2024:139365 Bug fixes and enhancements of nmstate