Closed gapelbaum closed 5 years ago
Hi Gustavo, Please refer to the readme file for cert generation. All negative tests for TLS are mainly checking CBSD functionality to ensure in these -ve scenarios CBSD is able to take appropriate action.
Please provide Wireshark trace for us to take a look? -Awaiz
Hi Awaiz,
Attached wireshark file, 192.168.4.125 is the Ip of MockSAS
Regards Gustavo
Hi Gustavo, I tested again WINNF.FT.C.SCS.5 with the sample SAS corrupted certificate - and it is rejected properly as being corrupted. I tested both using Airspan Domain Proxy and CURL utility and got the correct result - both rejected the TLS session by sending a TLS Alert message and and identified "certificate signature cannot be verified" or "decrypt error". So your CBSD UUT failed to recognize this condition and wrongly continued to establish the TLS connection. I also noted that there are many TCP retrasnmissions from your SAS Harness machine - not sure why.
Hi Gustavo, Please close if you are ok with resolution.
Closed
Hi,
I tested WINNF.FT.C.SCS.5 using the file sasharnesscertnotvalid.pem available on folder "WINNF.FT.C.SCS.5_TLS failure certificate is corrupted" but TLS is established.
Someone tested it ? Any advice.
Regards Gustavo