--- ./api/api_test.go 2017-09-08 18:43:36.000000000 +0200 +++ /tmp/api_test.go 2017-09-13 16:20:25.950467396 +0200 @@ -253,115 +253,6 @@ } } -func TestAPI_ClientTLSOptions(t *testing.T) { - t.Parallel() - // Start a server that verifies incoming HTTPS connections - _, srvVerify := makeClientWithConfig(t, nil, func(conf *testutil.TestServerConfig) { - conf.CAFile = "../test/client_certs/rootca.crt" - conf.CertFile = "../test/client_certs/server.crt" - conf.KeyFile = "../test/client_certs/server.key" - conf.VerifyIncomingHTTPS = true - }) - defer srvVerify.Stop() - - // Start a server without VerifyIncomingHTTPS - _, srvNoVerify := makeClientWithConfig(t, nil, func(conf *testutil.TestServerConfig) { - conf.CAFile = "../test/client_certs/rootca.crt" - conf.CertFile = "../test/client_certs/server.crt" - conf.KeyFile = "../test/client_certs/server.key" - conf.VerifyIncomingHTTPS = false - }) - defer srvNoVerify.Stop() - - // Client without a cert - t.Run("client without cert, validation", func(t *testing.T) { - client, err := NewClient(&Config{ - Address: srvVerify.HTTPSAddr, - Scheme: "https", - TLSConfig: TLSConfig{ - Address: "consul.test", - CAFile: "../test/client_certs/rootca.crt", - }, - }) - if err != nil { - t.Fatal(err) - } - - // Should fail - _, err = client.Agent().Self() - if err == nil || !strings.Contains(err.Error(), "bad certificate") { - t.Fatal(err) - } - }) - - // Client with a valid cert - t.Run("client with cert, validation", func(t *testing.T) { - client, err := NewClient(&Config{ - Address: srvVerify.HTTPSAddr, - Scheme: "https", - TLSConfig: TLSConfig{ - Address: "consul.test", - CAFile: "../test/client_certs/rootca.crt", - CertFile: "../test/client_certs/client.crt", - KeyFile: "../test/client_certs/client.key", - }, - }) - if err != nil { - t.Fatal(err) - } - - // Should succeed - _, err = client.Agent().Self() - if err != nil { - t.Fatal(err) - } - }) - - // Client without a cert - t.Run("client without cert, no validation", func(t *testing.T) { - client, err := NewClient(&Config{ - Address: srvNoVerify.HTTPSAddr, - Scheme: "https", - TLSConfig: TLSConfig{ - Address: "consul.test", - CAFile: "../test/client_certs/rootca.crt", - }, - }) - if err != nil { - t.Fatal(err) - } - - // Should succeed - _, err = client.Agent().Self() - if err != nil { - t.Fatal(err) - } - }) - - // Client with a valid cert - t.Run("client with cert, no validation", func(t *testing.T) { - client, err := NewClient(&Config{ - Address: srvNoVerify.HTTPSAddr, - Scheme: "https", - TLSConfig: TLSConfig{ - Address: "consul.test", - CAFile: "../test/client_certs/rootca.crt", - CertFile: "../test/client_certs/client.crt", - KeyFile: "../test/client_certs/client.key", - }, - }) - if err != nil { - t.Fatal(err) - } - - // Should succeed - _, err = client.Agent().Self() - if err != nil { - t.Fatal(err) - } - }) -} - func TestAPI_SetQueryOptions(t *testing.T) { t.Parallel() c, s := makeClient(t)