From Fedora Project Wiki

Revision as of 18:07, 12 August 2023 by Sumantrom (talk | contribs) (Created page with "{{QA/Test_Case |description=This test case ensures that the `apr-util-openssl` module properly provides OpenSSL support within the APR. |setup= # Install the `apr-util-openssl` module using the package manager: `sudo dnf install apr-util-openssl`. # Optionally, install the Apache HTTP server with SSL support: `sudo dnf install httpd mod_ssl` for additional verification. # Ensure you have SSL certificates ready for testing or use tools like `openssl` to generate self-sign...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Description

This test case ensures that the apr-util-openssl module properly provides OpenSSL support within the APR.

Setup

  1. Install the apr-util-openssl module using the package manager: sudo dnf install apr-util-openssl.
  2. Optionally, install the Apache HTTP server with SSL support: sudo dnf install httpd mod_ssl for additional verification.
  3. Ensure you have SSL certificates ready for testing or use tools like openssl to generate self-signed certificates.

How to test

  1. Open a terminal.
  2. If using self-signed certificates, generate them using openssl (you can find many guides online on how to do this).
  3. Modify the Apache configuration to use the generated SSL certificates.
  4. Restart the Apache HTTP server to apply changes: sudo systemctl restart httpd.
  5. Check the status to ensure it's running without errors: sudo systemctl status httpd.
  6. Access the Apache server over HTTPS (you may use a web browser or command line tools like curl or wget with the -k flag if using self-signed certificates).
  7. Check the server logs for any errors related to SSL or the apr-util-openssl module.

Expected Results

  1. The Apache HTTP server should restart without errors related to SSL or the apr-util-openssl module.
  2. Accessing the server over HTTPS should be successful, with encryption being handled properly.
  3. Server logs (/var/log/httpd/error_log or system journal) should not contain errors related to SSL or the apr-util-openssl module.

Optional

For further testing depth:

  1. Perform stress tests on the server using tools like Apache's ab tool but targeting HTTPS endpoints to ensure stability under load.
  2. Test different SSL configurations and ciphers to validate broader compatibility and support.
  3. Monitor system logs during high traffic scenarios for any warnings or errors related to SSL handling.