[Question] Testing of custom certificates

[aepfli]

We're supporting custom certificates for connection, which is a great feature. But testing whether it works is not as trivial.

For example, I am trying to implement custom certs in Python. I want to test this and ensure this feature works as expected with a custom cert. However, I can't do so, as we don't have the appropriate test setup.

I opened this issue to discuss approaches and what we can think of doing to ensure this feature works as intended. My proposal (not sure if it is feasible) would be:

• creating an own root CA
• setting up an additional flagd-testbed image with just this one root.ca
• Provide a certificate within the test-harness and use this in e2e tests for proper testing of the custom SSL certificate behavior.
• We do not not even need to provide another gherkin file for this feature, we could simply create it with the existing ones

Question:

• do you think my approach is feasible?
• do you think we should provide such a docker image?
• is it worth to put the effort into such a testing setup?

[aepfli]

@beeme1mr @toddbaert @guidobrei @warber @chrfwow @alexandraoberaigner wdyt?