diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl index 96d3536090..9cc6fed51f 100644 --- a/src/test/ssl/t/001_ssltests.pl +++ b/src/test/ssl/t/001_ssltests.pl @@ -231,10 +231,10 @@ $node->connect_fails( # Test with an IP address in the Common Name. This is a strange corner case that # nevertheless is supported, as long as the address string matches exactly. -switch_server_cert($node, 'server-ip-cn-only'); +switch_server_cert($node, certfile => 'server-ip-cn-only'); $common_connstr = - "user=ssltestuser dbname=trustdb sslcert=invalid sslrootcert=ssl/root+server_ca.crt hostaddr=$SERVERHOSTADDR sslmode=verify-full"; + "$default_ssl_connstr user=ssltestuser dbname=trustdb sslrootcert=ssl/root+server_ca.crt hostaddr=$SERVERHOSTADDR sslmode=verify-full"; $node->connect_ok("$common_connstr host=192.0.2.1", "IP address in the Common Name"); @@ -248,7 +248,7 @@ $node->connect_fails( # Similarly, we'll also match an IP address in a dNSName SAN. (This is # long-standing behavior.) -switch_server_cert($node, 'server-ip-in-dnsname'); +switch_server_cert($node, certfile => 'server-ip-in-dnsname'); $node->connect_ok("$common_connstr host=192.0.2.1", "IP address in a dNSName"); @@ -306,7 +306,7 @@ $node->connect_fails( ); # Test certificate with IP addresses in the SANs. -switch_server_cert($node, 'server-ip-alt-names'); +switch_server_cert($node, certfile => 'server-ip-alt-names'); $node->connect_ok( "$common_connstr host=192.0.2.1", @@ -371,7 +371,7 @@ $node->connect_fails( ); # But we will fall back to check the CN if the SANs contain only IP addresses. -switch_server_cert($node, 'server-cn-and-ip-alt-names'); +switch_server_cert($node, certfile => 'server-cn-and-ip-alt-names'); $node->connect_ok("$common_connstr host=common-name.pg-ssltest.test", "certificate with both a CN and IP SANs matches CN"); @@ -381,7 +381,7 @@ $node->connect_ok("$common_connstr host=2001:db8::1", "certificate with both a CN and IP SANs matches SAN 2"); # And now the same tests, but with IP addresses and DNS names swapped. -switch_server_cert($node, 'server-ip-cn-and-alt-names'); +switch_server_cert($node, certfile => 'server-ip-cn-and-alt-names'); $node->connect_ok("$common_connstr host=192.0.2.2", "certificate with both an IP CN and IP SANs 1"); @@ -394,7 +394,7 @@ $node->connect_fails( qr/\Qserver certificate for "192.0.2.2" (and 1 other name) does not match host name "192.0.2.1"\E/ ); -switch_server_cert($node, 'server-ip-cn-and-dns-alt-names'); +switch_server_cert($node, certfile => 'server-ip-cn-and-dns-alt-names'); $node->connect_ok("$common_connstr host=192.0.2.1", "certificate with both an IP CN and DNS SANs matches CN");