github.com/Venafi/vcert/v5@v5.10.2/aruba/features/renew/renew-by-id.feature (about) 1 Feature: renew by -id 2 3 As a user 4 I want to renew certificates that were enrolled by the app 5 6 Renew action requires a reference to some issued certificate: 7 -id 8 - for TPP -id is CertificateDN (like in `revoke` command) 9 - for Condor -id points to some RequestID, which is used to find ManagedCertificateId then 10 -thumbprint 11 - for TPP & Condor -thumbprint is used to find CertificateDN / ManagedCertificateId respectively 12 13 Background: 14 And the default aruba exit timeout is 180 seconds 15 16 Scenario Outline: TPP - renew by CertificateDN using -id 17 Given I enroll random certificate using <endpoint> with -no-prompt -key-file k.pem -cert-file c.pem 18 And it should write private key to the file "k.pem" 19 And it should write certificate to the file "c.pem" 20 And it should output Pickup ID 21 And I decode certificate from file "c.pem" 22 Then I renew the certificate in <endpoint> using the same Pickup ID with flags -no-prompt -cert-file c1.pem -key-file k1.pem 23 And it should retrieve certificate 24 And it should write private key to the file "k1.pem" 25 And it should write certificate to the file "c1.pem" 26 Then private key in "k1.pem" and certificate in "c1.pem" should have the same modulus 27 And certificate in "c.pem" and certificate in "c1.pem" should not have the same modulus 28 And certificate in "c.pem" and certificate in "c1.pem" should not have the same serial 29 30 @TPP 31 Examples: 32 | endpoint | 33 | TPP | 34 35 @VAAS 36 Examples: 37 | endpoint | 38 | Cloud | 39 40 41 Scenario Outline: TPP - renew by CertificateDN using -id file:pickup_id.txt 42 Given I enroll random certificate using <endpoint> with -no-prompt -pickup-id-file p.txt -cert-file c.pem -key-file k.pem 43 And it should retrieve certificate 44 And it should write private key to the file "k.pem" 45 And it should write certificate to the file "c.pem" 46 Then I renew the certificate in <endpoint> with flags -id file:p.txt -no-prompt -cert-file c1.pem -key-file k1.pem -pickup-id-file p1.txt 47 And it should retrieve certificate 48 And it should write private key to the file "k1.pem" 49 And it should write certificate to the file "c1.pem" 50 And it should write Pickup ID to the file "p1.txt" 51 Then private key in "k1.pem" and certificate in "c1.pem" should have the same modulus 52 And certificate in "c.pem" and certificate in "c1.pem" should not have the same modulus 53 And certificate in "c.pem" and certificate in "c1.pem" should not have the same serial 54 55 @TPP 56 Examples: 57 | endpoint | 58 | TPP | 59 60 @VAAS 61 Examples: 62 | endpoint | 63 | Cloud | 64 65 Scenario Outline: TPP renew by CertificateDN with -omit-sans 66 Given I enroll a random certificate using <endpoint> with -no-prompt -key-file k.pem -cert-file c.pem -san-dns www1.example.com -san-dns www2.example.com 67 And it should write private key to the file "k.pem" 68 And it should write certificate to the file "c.pem" 69 And it should output Pickup ID 70 And certificate in "c.pem" should have 3 DNS SANs 71 Then I renew the certificate in <endpoint> using the same Pickup ID with flags -no-prompt -cert-file c1.pem -key-file k1.pem -omit-sans 72 And it should retrieve certificate 73 And it should write private key to the file "k1.pem" 74 And it should write certificate to the file "c1.pem" 75 And certificate in "c.pem" and certificate in "c1.pem" should not have the same serial 76 And certificate in "c1.pem" should have 1 DNS SANs 77 78 @TPP 79 Examples: 80 | endpoint | 81 | TPPdeprecated |