rspec-ssltls
Rspec-ssltls is an rspec plugin for easy SSL/TLS testing with Ruby standard OpenSSL library.
Usage
RSpec-ssltls is best described by example. First, require rspec_ssltls
in your spec_helper.rb
:
# spec/spec_helper.rb
require 'rspec_ssltls'
Then, create a spec like this:
require 'spec_helper'
describe 'www.example.com:443' do
it { is_expected.to have_certificate.subject(CN: '*.example.com') }
it { is_expected.to have_certificate.issuer(CN: 'ca.example.org') }
it { is_expected.to have_certificate.chain(0).subject(CN: '*.example.com') }
it do
is_expected.to have_certificate
.subject(CN: '*.example.com').valid_at('2020/09/12 19:00:05 JST')
end
it do
is_expected.to have_certificate
.subject(CN: '*.example.com')
.valid_in('2014/09/12 19:00:05 UTC', '2015/10/01 00:00:00 UTC')
end
it do
is_expected.to have_certificate
.subject(CN: '*.example.com').signature_algorithm('sha1WithRSAEncryption')
end
it { is_expected.to support_protocol('TLSv1_2') }
it { is_expected.to support_cipher('AES256-SHA').protocol('TLSv1') }
it { is_expected.to support_cipher('DES-CBC3-SHA').protocol('SSLv3') }
end
You can use followings for support_protocol
and support_cipher.protocol
:
OpenSSL::SSL::SSLContext::METHODS
:TLSv1, :TLSv1_server, :TLSv1_client,
:TLSv1_2, :TLSv1_2_server, :TLSv1_2_client,
:TLSv1_1, :TLSv1_1_server, :TLSv1_1_client,
:SSLv2, :SSLv2_server, :SSLv2_client,
:SSLv3, :SSLv3_server, :SSLv3_client,
:SSLv23, :SSLv23_server, :SSLv23_client
You can use ciphers for support_cipher
.
You can use signature algorithm for signature_algorithm
.
Installation
Add this line to your application's Gemfile:
gem 'rspec-ssltls'
And then execute:
$ bundle
Or install it yourself as:
$ gem install rspec-ssltls
Contributing
- Fork it ( https://github.com/otahi/rspec-ssltls/fork )
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create a new Pull Request