blob: 71ff3e90bcabfe9e53e8ca2724319b0762fff800 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
|
- name: Install pip packages
pip:
name: paho-mqtt>=1.4.0
state: present
- name: MQTT non-TLS endpoint
mqtt:
topic: /node/s/bar/blurb
payload: foo
qos: 1
client_id: me001
register: result
- assert:
that:
- result is success
- name: Send a test message to TLS1.1 endpoint, no client version specified
mqtt:
topic: /node/s/bar/blurb
payload: foo-tls
qos: 1
client_id: me001
ca_certs: /tls/ca_certificate.pem
certfile: /tls/client_certificate.pem
keyfile: /tls/client_key.pem
port: 8883
register: result
- assert:
that:
- result is success
- name: Send a test message to TLS1.2 endpoint, no client version specified
mqtt:
topic: /node/s/bar/blurb
payload: foo-tls
qos: 1
client_id: me001
ca_certs: /tls/ca_certificate.pem
certfile: /tls/client_certificate.pem
keyfile: /tls/client_key.pem
port: 8884
register: result
- assert:
that:
- result is success
# TODO(Uncomment when TLS1.3 is supported in moquitto and ubuntu version)
#
# - name: Send a test message to TLS1.3 endpoint
# mqtt:
# topic: /node/s/bar/blurb
# payload: foo-tls
# qos: 1
# client_id: me001
# ca_certs: /tls/ca_certificate.pem
# certfile: /tls/client_certificate.pem
# keyfile: /tls/client_key.pem
# port: 8885
# register: result
#- assert:
# that:
# - result is success
- name: Send a message, client TLS1.1, server (required) TLS1.2 - Expected failure
mqtt:
topic: /node/s/bar/blurb
payload: foo-tls
qos: 1
client_id: me001
ca_certs: /tls/ca_certificate.pem
certfile: /tls/client_certificate.pem
keyfile: /tls/client_key.pem
tls_version: tlsv1.1
port: 8884
register: result
failed_when: result is success
- assert:
that:
- result is success
# TODO(Uncomment when TLS1.3 is supported in moquitto and ubuntu version)
#
# - name: Send a message, client TLS1.1, server (required) TLS1.3 - Expected failure
# mqtt:
# topic: /node/s/bar/blurb
# payload: foo-tls
# qos: 1
# client_id: me001
# ca_certs: /tls/ca_certificate.pem
# certfile: /tls/client_certificate.pem
# keyfile: /tls/client_key.pem
# tls_version: tlsv1.1
# port: 8885
# register: result
# failed_when: result is success
# - assert:
# that:
# - result is success
- name: Send a message, client TLS1.2, server (required) TLS1.1 - Expected failure
mqtt:
topic: /node/s/bar/blurb
payload: foo-tls
qos: 1
client_id: me001
ca_certs: /tls/ca_certificate.pem
certfile: /tls/client_certificate.pem
keyfile: /tls/client_key.pem
tls_version: tlsv1.2
port: 8883
register: result
failed_when: result is success
- assert:
that:
- result is success
# TODO(Uncomment when TLS1.3 is supported in moquitto and ubuntu version)
#
# - name: Send a message, client TLS1.2, server (required) TLS1.3 - Expected failure
# mqtt:
# topic: /node/s/bar/blurb
# payload: foo-tls
# qos: 1
# client_id: me001
# ca_certs: /tls/ca_certificate.pem
# certfile: /tls/client_certificate.pem
# keyfile: /tls/client_key.pem
# tls_version: tlsv1.2
# port: 8885
# register: result
# failed_when: result is success
# - assert:
# that:
# - result is success
|
