Why should systems and infrastructure not be treated in the same way as other software components, especially when it comes to implementing security concerns. With today’s POODLE announcement of another SSL vulnerability it makes sense to add infrastructure tests to your regression tests

ServerSpec is a solid way of testing for this, and can be done as follows:

describe command 'openssl s_client -connect localhost:443 -ssl3 < /dev/null' do
its(:exit_status) { should eq 1 }
its(:stdout) { should match /no peer certificate available/ }
end

Use of the < /dev/null is to force the openssl client to terminate instead of waiting for input from the shell as we are only interested in the key exchange.

Join our team

If you like the sound of what you've read and would like to join our team, we're hiring!

Find out more about working with Capgemini

Comments