We're updating the issue view to help you get more done. 

Improve (unit) tests for PKIX mechanisms

Description

Openfire's certificate handling routines have various unit tests, that verify basic functionality. Learnings from the Spark project indicate that more things should be checked (and possibly, fixed).

At the very least, Openfire should have additional tests for the 'revocation' mechanism, including both CRL as well as OCSP.

Note that Openfire's CRL makes use of a local file that acts as the CRL store. That functionality should be tested, although the functionality should probably be expanded to include using CRLs as provided by third parties ().

Note that these tests should cover various types of connectivity (eg: client-to-server, server-to-server)

Environment

None

Acceptance Test - Entry

None

Assignee

Guus der Kinderen

Reporter

Guus der Kinderen

Labels

None

Expected Effort

None

Ignite Forum URL

None

Components

Priority

Major
Configure