Add test cases for call-home (devices connected with TLS transport)

[integration/test.git] / csit / variables / netconf / callhome / configuration-files / tls / ietf-netconf-server.xml

diff --git a/csit/variables/netconf/callhome/configuration-files/tls/ietf-netconf-server.xml b/csit/variables/netconf/callhome/configuration-files/tls/ietf-netconf-server.xml
new file mode 100644 (file)
index 0000000..e103ebc
--- /dev/null
+++ b/csit/variables/netconf/callhome/configuration-files/tls/ietf-netconf-server.xml
@@ -0,0 +1,80 @@
+<netconf-server xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-server">
+    <listen>
+        <endpoint>
+            <name>default-ssh</name>
+            <ssh>
+                <tcp-server-parameters>
+                    <local-address>0.0.0.0</local-address>
+                    <keepalives>
+                        <idle-time>1</idle-time>
+                        <max-probes>10</max-probes>
+                        <probe-interval>5</probe-interval>
+                    </keepalives>
+                </tcp-server-parameters>
+                <ssh-server-parameters>
+                    <server-identity>
+                        <host-key>
+                            <name>default-key</name>
+                            <public-key>
+                                <keystore-reference>genkey</keystore-reference>
+                            </public-key>
+                        </host-key>
+                    </server-identity>
+                    <client-authentication>
+                        <supported-authentication-methods>
+                            <publickey/>
+                            <passsword/>
+                            <other>interactive</other>
+                        </supported-authentication-methods>
+                        <users/>
+                    </client-authentication>
+                </ssh-server-parameters>
+            </ssh>
+        </endpoint>
+    </listen>
+    <call-home>
+        <netconf-client>
+            <name>default-client</name>
+            <endpoints>
+                <endpoint>
+                    <name>default-tls</name>
+                    <tls>
+                        <tcp-client-parameters>
+                            <remote-address>$CALL_HOME_SERVER_IP</remote-address>
+                            <remote-port>$CALL_HOME_TLS_PORT</remote-port>
+                            <keepalives>
+                                <idle-time>1</idle-time>
+                                <max-probes>10</max-probes>
+                                <probe-interval>5</probe-interval>
+                            </keepalives>
+                        </tcp-client-parameters>
+                        <tls-server-parameters>
+                            <server-identity>
+                                <keystore-reference>
+                                    <asymmetric-key>serverkey</asymmetric-key>
+                                    <certificate>servercert</certificate>
+                                </keystore-reference>
+                            </server-identity>
+                            <client-authentication>
+                                <required/>
+                                <ca-certs>cacerts</ca-certs>
+                                <client-certs>clientcerts</client-certs>
+                                <cert-maps>
+                                    <cert-to-name>
+                                        <id>1</id>
+                                        <fingerprint>02:$NP_CLIENT_CERT_FINGERPRINT</fingerprint>
+                                        <map-type xmlns:x509c2n="urn:ietf:params:xml:ns:yang:ietf-x509-cert-to-name">x509c2n:specified</map-type>
+                                        <name>tls-test</name>
+                                    </cert-to-name>
+                                </cert-maps>
+                            </client-authentication>
+                        </tls-server-parameters>
+                    </tls>
+                </endpoint>
+            </endpoints>
+            <connection-type>
+                <persistent/>
+            </connection-type>
+        </netconf-client>
+    </call-home>
+</netconf-server>