internal void VerifyFlow_ReplaceCn(ServerCertificateCommonNames currentCert, ServerCertificateCommonNames targetCert, List <CertificateClusterUpgradeStep> steps) { Assert.AreEqual(3, steps.Count); CertificateClusterUpgradeStep step = steps[0]; Assert.AreEqual(2, step.CommonNameWhiteList.Count); Assert.IsTrue(step.CommonNameWhiteList.Keys.Contains(currentCert.CommonNames[0].CertificateCommonName) && step.CommonNameWhiteList.Keys.Contains(targetCert.CommonNames[0].CertificateCommonName)); Assert.IsFalse(step.CommonNameWhiteList.Values.Any(p => string.IsNullOrWhiteSpace(p))); Assert.IsTrue(step.CommonNameWhiteList.Values.Contains(currentCert.CommonNames[0].CertificateIssuerThumbprint) && step.CommonNameWhiteList.Values.Contains(targetCert.CommonNames[0].CertificateIssuerThumbprint)); Assert.AreEqual(currentCert.CommonNames[0].CertificateCommonName, step.CommonNameLoadList.CommonNames[0].CertificateCommonName); Assert.AreEqual(1, step.CommonNameLoadList.CommonNames.Count); Assert.AreEqual(currentCert.CommonNames[0].CertificateCommonName, step.CommonNameFileStoreSvcList.CommonNames[0].CertificateCommonName); Assert.AreEqual(1, step.CommonNameFileStoreSvcList.CommonNames.Count); step = steps[1]; Assert.AreEqual(2, step.CommonNameWhiteList.Count); Assert.IsTrue(step.CommonNameWhiteList.Keys.Contains(currentCert.CommonNames[0].CertificateCommonName) && step.CommonNameWhiteList.Keys.Contains(targetCert.CommonNames[0].CertificateCommonName)); Assert.IsFalse(step.CommonNameWhiteList.Values.Any(p => string.IsNullOrWhiteSpace(p))); Assert.IsTrue(step.CommonNameWhiteList.Values.Contains(currentCert.CommonNames[0].CertificateIssuerThumbprint) && step.CommonNameWhiteList.Values.Contains(targetCert.CommonNames[0].CertificateIssuerThumbprint)); Assert.AreEqual(targetCert.CommonNames[0].CertificateCommonName, step.CommonNameLoadList.CommonNames[0].CertificateCommonName); Assert.AreEqual(1, step.CommonNameLoadList.CommonNames.Count); Assert.AreEqual(currentCert.CommonNames[0].CertificateCommonName, step.CommonNameFileStoreSvcList.CommonNames[0].CertificateCommonName); Assert.AreEqual(targetCert.CommonNames[0].CertificateCommonName, step.CommonNameFileStoreSvcList.CommonNames[1].CertificateCommonName); step = steps[2]; Assert.AreEqual(1, step.CommonNameWhiteList.Count); Assert.AreEqual(targetCert.CommonNames[0].CertificateCommonName, step.CommonNameWhiteList.First().Key); Assert.IsFalse(step.CommonNameWhiteList.Values.Any(p => string.IsNullOrWhiteSpace(p))); Assert.IsTrue(step.CommonNameWhiteList.Values.Contains(targetCert.CommonNames[0].CertificateIssuerThumbprint)); Assert.AreEqual(targetCert.CommonNames[0].CertificateCommonName, step.CommonNameLoadList.CommonNames[0].CertificateCommonName); Assert.AreEqual(1, step.CommonNameLoadList.CommonNames.Count); Assert.AreEqual(targetCert.CommonNames[0].CertificateCommonName, step.CommonNameFileStoreSvcList.CommonNames[0].CertificateCommonName); Assert.AreEqual(1, step.CommonNameFileStoreSvcList.CommonNames.Count); }
internal void VerifyFlow_ReplaceThumbprint(CertificateDescription currentCert, CertificateDescription targetCert, List <CertificateClusterUpgradeStep> steps) { Assert.AreEqual(3, steps.Count); CertificateClusterUpgradeStep step = steps[0]; Assert.AreEqual(2, step.ThumbprintWhiteList.Count); Assert.IsTrue(step.ThumbprintWhiteList.Contains(currentCert.Thumbprint) && step.ThumbprintWhiteList.Contains(targetCert.Thumbprint)); Assert.AreEqual(currentCert.Thumbprint, step.ThumbprintLoadList.Thumbprint); Assert.IsNull(step.ThumbprintLoadList.ThumbprintSecondary); Assert.AreEqual(currentCert.Thumbprint, step.ThumbprintFileStoreSvcList.Thumbprint); Assert.IsNull(step.ThumbprintFileStoreSvcList.ThumbprintSecondary); step = steps[1]; Assert.AreEqual(2, step.ThumbprintWhiteList.Count); Assert.IsTrue(step.ThumbprintWhiteList.Contains(currentCert.Thumbprint) && step.ThumbprintWhiteList.Contains(targetCert.Thumbprint)); Assert.AreEqual(targetCert.Thumbprint, step.ThumbprintLoadList.Thumbprint); Assert.IsNull(step.ThumbprintLoadList.ThumbprintSecondary); Assert.AreEqual(currentCert.Thumbprint, step.ThumbprintFileStoreSvcList.Thumbprint); Assert.AreEqual(targetCert.Thumbprint, step.ThumbprintFileStoreSvcList.ThumbprintSecondary); step = steps[2]; Assert.AreEqual(1, step.ThumbprintWhiteList.Count); Assert.AreEqual(targetCert.Thumbprint, step.ThumbprintWhiteList[0]); Assert.AreEqual(targetCert.Thumbprint, step.ThumbprintLoadList.Thumbprint); Assert.IsNull(step.ThumbprintLoadList.ThumbprintSecondary); Assert.AreEqual(targetCert.Thumbprint, step.ThumbprintFileStoreSvcList.Thumbprint); Assert.IsNull(step.ThumbprintFileStoreSvcList.ThumbprintSecondary); }
internal void VerifyFlow_TypeChange(X509 currentCert, X509 targetCert, List <CertificateClusterUpgradeStep> steps) { Assert.AreEqual(3, steps.Count); int srcThumbprintCount = currentCert.ClusterCertificate == null ? 0 : (currentCert.ClusterCertificate.ThumbprintSecondary != null ? 2 : 1); int srcCnCount = currentCert.ClusterCertificateCommonNames == null ? 0 : (currentCert.ClusterCertificateCommonNames.CommonNames.Count > 1 ? 2: 1); int targetThumbprintCount = targetCert.ClusterCertificate == null ? 0 : (targetCert.ClusterCertificate.ThumbprintSecondary != null ? 2 : 1); int targetCnCount = targetCert.ClusterCertificateCommonNames == null ? 0 : (targetCert.ClusterCertificateCommonNames.CommonNames.Count > 1 ? 2 : 1); int totalThumbprintCount = srcThumbprintCount + targetThumbprintCount; int totalCnCount = srcCnCount + targetCnCount; int totalCount = totalThumbprintCount + totalCnCount; List <string> srcThumbprints = srcThumbprintCount == 0 ? new List <string>() : currentCert.ClusterCertificate.ToThumbprintList(); List <string> srcCns = srcCnCount == 0 ? new List <string>() : currentCert.ClusterCertificateCommonNames.CommonNames.Select(p => p.CertificateCommonName).ToList(); List <string> targetThumbprints = targetThumbprintCount == 0 ? new List <string>() : targetCert.ClusterCertificate.ToThumbprintList(); Dictionary <string, string> targetCns = targetCnCount == 0 ? new Dictionary <string, string>() : targetCert.ClusterCertificateCommonNames.CommonNames.ToDictionary(p => p.CertificateCommonName, p => p.CertificateIssuerThumbprint); List <string> allThumbprints = srcThumbprints.Concat(targetThumbprints).ToList(); List <string> allCns = srcCns.Concat(targetCns.Keys).ToList(); CertificateClusterUpgradeStep step = steps[0]; Assert.AreEqual(totalCount, step.ThumbprintWhiteList.Count + step.CommonNameWhiteList.Count); Assert.AreEqual(totalThumbprintCount, step.ThumbprintWhiteList.Count); Assert.IsTrue(allThumbprints.All(p => step.ThumbprintWhiteList.Contains(p))); Assert.AreEqual(totalCnCount, step.CommonNameWhiteList.Count); Assert.IsTrue(allCns.All(p => step.CommonNameWhiteList.Keys.Contains(p))); Assert.IsFalse(step.CommonNameWhiteList.Values.Any(p => p == null)); Assert.AreSame(currentCert.ClusterCertificate, step.ThumbprintLoadList); Assert.AreSame(currentCert.ClusterCertificateCommonNames, step.CommonNameLoadList); Assert.AreSame(currentCert.ClusterCertificate, step.ThumbprintFileStoreSvcList); Assert.AreSame(currentCert.ClusterCertificateCommonNames, step.CommonNameFileStoreSvcList); step = steps[1]; Assert.AreEqual(totalCount, step.ThumbprintWhiteList.Count + step.CommonNameWhiteList.Count); Assert.AreEqual(totalThumbprintCount, step.ThumbprintWhiteList.Count); Assert.IsTrue(allThumbprints.All(p => step.ThumbprintWhiteList.Contains(p))); Assert.AreEqual(totalCnCount, step.CommonNameWhiteList.Count); Assert.IsTrue(allCns.All(p => step.CommonNameWhiteList.Keys.Contains(p))); Assert.IsFalse(step.CommonNameWhiteList.Values.Any(p => p == null)); Assert.AreSame(targetCert.ClusterCertificate, step.ThumbprintLoadList); Assert.AreSame(targetCert.ClusterCertificateCommonNames, step.CommonNameLoadList); Assert.AreEqual(totalThumbprintCount, step.ThumbprintFileStoreSvcList.ToThumbprintList().Count); Assert.IsTrue(allThumbprints.All(p => step.ThumbprintFileStoreSvcList.ToThumbprintList().Contains(p))); Assert.AreEqual(totalCnCount, step.CommonNameFileStoreSvcList.CommonNames.Count); Assert.IsTrue(allCns.All(p => step.CommonNameFileStoreSvcList.CommonNames.Select(q => q.CertificateCommonName).Contains(p))); step = steps[2]; List <string> finalThumbprintWhiteList = step.ThumbprintWhiteList == null ? new List <string>() : step.ThumbprintWhiteList; Dictionary <string, string> finalCnWhiteList = step.CommonNameWhiteList == null ? new Dictionary <string, string>() : step.CommonNameWhiteList; Assert.AreEqual(targetThumbprintCount + targetCnCount, finalThumbprintWhiteList.Count + finalCnWhiteList.Count); Assert.AreEqual(targetThumbprintCount, finalThumbprintWhiteList.Count); Assert.IsTrue(targetThumbprints.All(p => finalThumbprintWhiteList.Contains(p))); Assert.AreEqual(targetCnCount, finalCnWhiteList.Count); Assert.IsTrue(targetCns.Keys.All(p => finalCnWhiteList.Keys.Contains(p))); Assert.IsTrue(targetCns.Values.All(p => finalCnWhiteList.Values.Contains(p))); Assert.IsFalse(targetCns.Values.Any(p => p == null)); Assert.AreSame(targetCert.ClusterCertificate, step.ThumbprintLoadList); Assert.AreSame(targetCert.ClusterCertificateCommonNames, step.CommonNameLoadList); Assert.AreSame(targetCert.ClusterCertificate, step.ThumbprintFileStoreSvcList); Assert.AreSame(targetCert.ClusterCertificateCommonNames, step.CommonNameFileStoreSvcList); }