*** Settings *** Force Tags tsg-ui Policies Security Library Selenium2Library Resource ../../../02-Keyword/tsg_ui/objects/NewObjectPages.robot Resource ../../../02-Keyword/tsg_ui/objects/NewObject.robot Resource ../../../02-Keyword/tsg_ui/Menu.robot Resource ../../../03-Variable/PolicyObjectDefault.txt Resource ../../../02-Keyword/tsg_ui/policy/UIPolicy.robot *** Test Cases *** ################################################################################################################################ SecurityInterceptSSL001 [Tags] Intercept SSL SNI #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN keywordtext=$www.facebook.com ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${sniname} create list ${TEST NAME}${tag}_FQDN ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} PoliciesDelete SecurityInterceptSSL002 [Tags] Intercept SSL SNI #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN keywordtext=*youtube.com ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${sniname} create list ${TEST NAME}${tag}_FQDN ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} PoliciesDelete SecurityInterceptSSL003 [Tags] Intercept SSL SNI #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=$twitter.com #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN2 keywordtext=*.com ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${TEST NAME}${tag}_FQDN2 ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} PoliciesDelete SecurityInterceptSSL005 [Tags] Intercept SSL Category ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${sniname} create list chat ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} Hosttype=Category ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} SecurityInterceptSSL006 [Tags] Intercept SSL FQDN #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN keywordtext=$mail.ru ${sniname} create list ${TEST NAME}${tag}_FQDN ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 UIPolicies ${policyInfo} FilterInfo=${filterInfo} PoliciesDelete ################################################################################################################################ #DecryptionProfile 按钮用例 SecurityInterceptSSL007 [Tags] Intercept SSL 证书验证开关全部开启Fail-close #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*wrong.host.badssl.com #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN2 keywordtext=*untrusted-root.badssl.com #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN3 keywordtext=*self-signed.badssl.com #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN4 keywordtext=*expired.badssl.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${TEST NAME}${tag}_FQDN2 ${TEST NAME}${tag}_FQDN3 ${TEST NAME}${tag}_FQDN4 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=1 Issuer=1 Self-signed=1 Expiry Date=1 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_按钮开启Fail-close Dict1=${dict} Fail1=Fail-close UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL008 [Tags] Intercept SSL 证书验证开关全部关闭 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*wrong.host.badssl.com #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN2 keywordtext=*untrusted-root.badssl.com #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN3 keywordtext=*self-signed.badssl.com #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN4 keywordtext=*expired.badssl.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${TEST NAME}${tag}_FQDN2 ${TEST NAME}${tag}_FQDN3 ${TEST NAME}${tag}_FQDN4 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_证书验证关闭1 Dict1=${dict} UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL009 [Tags] Intercept SSL 证书验证开关failclose-Common Name打开 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*wrong.host.badssl.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=1 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_证书验证开关failclose-Common Name打开 Dict1=${dict} Fail1=Fail-close UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL010 [Tags] Intercept SSL 证书验证开关failclose-Issuer打开 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*untrusted-root.badssl.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=1 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_证书验证开关failclose-Issuer打开 Dict1=${dict} Fail1=Fail-close UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL011 [Tags] Intercept SSL 证书验证开关failclose-Self-signed打开 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*self-signed.badssl.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=1 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_证书验证开关failclose-Self-signed打开 Dict1=${dict} Fail1=Fail-close UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL012 [Tags] Intercept SSL 证书验证开关failclose-Expiry-Date打开 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*expired.badssl.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=1 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_failclose-Expiry-Date打开 Dict1=${dict} Fail1=Fail-close UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL013 [Tags] Intercept SSL 证书验证开关全部开启Pass-through #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*wrong.host.badssl.com #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN2 keywordtext=*untrusted-root.badssl.com #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN3 keywordtext=*self-signed.badssl.com #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN4 keywordtext=*expired.badssl.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${TEST NAME}${tag}_FQDN2 ${TEST NAME}${tag}_FQDN3 ${TEST NAME}${tag}_FQDN4 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=1 Issuer=1 Self-signed=1 Expiry Date=1 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_按钮开启Fail-close Dict1=${dict} Fail1=Pass-through UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL014 [Tags] Intercept SSL 证书验证开关pass-through-Common打开 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*wrong.host.badssl.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=1 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_pass-through-Common打开 Dict1=${dict} Fail1=Pass-through UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL015 [Tags] Intercept SSL 证书验证开关pass-through-Issuer打开 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*untrusted-root.badssl.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=1 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_pass-through-Issuer打开 Dict1=${dict} Fail1=Pass-through UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL016 [Tags] Intercept SSL 证书验证开关pass-through-Self-signed打开 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*self-signed.badssl.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=1 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_pass-through-Self-signed打开 Dict1=${dict} Fail1=Pass-through UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL017 [Tags] Intercept SSL 证书验证开关pass-through-Expiry Date打开 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*expired.badssl.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=1 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_pass-through-Expiry Date打开 Dict1=${dict} Fail1=Pass-through UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL018 [Tags] Intercept SSL 证书验证开关EV开启 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=$www.myssl.cn #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN2 keywordtext=$pbsz.ebank.cmbchina.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${TEST NAME}${tag}_FQDN2 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=1 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_EV开启 Dict1=${dict} UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL019 [Tags] Intercept SSL 证书验证开关CT开启 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=$www.jd.com #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN2 keywordtext=$mail.ru #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN3 keywordtext=$www.vip.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${TEST NAME}${tag}_FQDN2 ${TEST NAME}${tag}_FQDN3 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=1 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_CT开启 Dict1=${dict} UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL020 [Tags] Intercept SSL 证书验证开关MA开启 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*client.badssl.com ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=1 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_MA开启 Dict1=${dict} UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL021 [Tags] Intercept SSL 证书验证开关开启Certificate Pinning ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=1 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_开启Certificate Pinning Dict1=${dict} UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL022 [Tags] Intercept SSL 证书验证开关关闭Certificate Pinning ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_关闭Certificate Pinning Dict1=${dict} UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL023 [Tags] Intercept SSL 证书验证开关关闭Certificate Not Installed ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_关闭Certificate Not Installed Dict1=${dict} UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL024 [Tags] Intercept SSL 证书验证开关开启Certificate Not Installed ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=1 Mirror Client Versions=1 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_开启Certificate Not Installed Dict1=${dict} UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL025 [Tags] Intercept SSL 证书验证开关IP-协议版本SSL3.0 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_IP-协议版本SSL3.0 Dict1=${dict} min1=SSLv3.0 max1=SSLv3.0 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL026 [Tags] Intercept SSL 证书验证开关IP-协议版本TSL1.0 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_IP-协议版本TSL1.0 Dict1=${dict} min1=TLSv1.0 max1=TLSv1.0 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL027 [Tags] Intercept SSL 证书验证开关IP-协议版本TSL1.1 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_IP-协议版本TSL1.1 Dict1=${dict} min1=TLSv1.1 max1=TLSv1.1 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL028 [Tags] Intercept SSL 证书验证开关IP-协议版本TSL1.2 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_IP-协议版本TSL1.2 Dict1=${dict} min1=TLSv1.2 max1=TLSv1.2 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete SecurityInterceptSSL029 [Tags] Intercept SSL 证书验证开关IP-协议版本TSL1.3 ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${dict} Create Dictionary Common Name=0 Issuer=0 Self-signed=0 Expiry Date=0 EV Certificat=0 ... Certificate Transparency=0 Mutual Authentication=0 On Protocol Errors=0 Certificate Pinning=0 Certificate Not Installed=0 Mirror Client Versions=0 ... Allow HTTP/2=1 ${DecryptionProfile} Create Dictionary DecryptionProfileSearchorCreate=Create DecryptionProfilename=${TEST NAME}${tag}_IP-协议版本TSL1.3 Dict1=${dict} min1=TLSv1.3 max1=TLSv1.3 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} DecryptionProfile=${DecryptionProfile} PoliciesDelete ################################################################################################################################ #解密流量转发 SecurityInterceptSSL030 [Tags] Intercept SSL 解密流量mac #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*twitter.com ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${MirrorDecryptedTrafficInfo} Create Dictionary MirrorDecryptedTraffic=open MirrorDecryptedTrafficSearchorCreate=Create MirrorDecryptedTrafficname=${TEST NAME}${tag}_解密流量mac Type=mac Shuru=11:11:11:11:11:11 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} MirrorDecryptedTrafficInfo=${MirrorDecryptedTrafficInfo} PoliciesDelete SecurityInterceptSSL031 [Tags] Intercept SSL 解密流量vlan #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*twitter.com ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${MirrorDecryptedTrafficInfo} Create Dictionary MirrorDecryptedTraffic=open MirrorDecryptedTrafficSearchorCreate=Create MirrorDecryptedTrafficname=${TEST NAME}${tag}_解密流量vlan Type=vlan Shuru=111 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} MirrorDecryptedTrafficInfo=${MirrorDecryptedTrafficInfo} PoliciesDelete ################################################################################################################################ #证书验证 SecurityInterceptSSL032 [Tags] Intercept SSL 根证书 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*facebook.com ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${Keyring} Create Dictionary KeySearchorCreate=Create Keyname=${TEST NAME}${tag}_根证书1 File=${path}keyrings//root//ca-cer.pem File1=${path}keyrings//root//ca.key ExpiryHours1or2=2 Type=certificateType_select0 ... Type1=keyringsadd_publicKeyAlgoSelet1 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} Keyring=${Keyring} PoliciesDelete SecurityInterceptSSL033 [Tags] Intercept SSL 中间证书 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*google.com ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${Keyring} Create Dictionary KeySearchorCreate=Create Keyname=${TEST NAME}${tag}_中间证书1 File=${path}keyrings//Intermediate//camiddle.chain.pem File1=${path}keyrings//Intermediate//camiddle.key ExpiryHours1or2=2 ... Type=certificateType_select1 Type1=keyringsadd_publicKeyAlgoSelet2 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} Keyring=${Keyring} PoliciesDelete SecurityInterceptSSL034 [Tags] Intercept SSL 实体证书 #新建对象fqdn Comment 新建对象fqdn CreatePage FQDN single ${TEST NAME}${tag}_FQDN1 keywordtext=*twitter.com ${sip1} Create Dictionary Sordtype=Source Type1=Ip CreateOrSearch=Create Add=Address Name=${TEST NAME}${tag}_IP1 Ipclienttext1=192.168.50.17 Port=1-65535 ${sourceAddIpList} Create List ${sip1} ${sourceInfo} Create Dictionary sourceAddIpList=${sourceAddIpList} ${sniname} create list ${TEST NAME}${tag}_FQDN1 ${filter} create list SNI ${filterInfo} Create Dictionary Filter=${filter} SSLSNIname=${sniname} ${policyInfo} Create Dictionary PolicyType=Security Policy CreateorEdit=Create PolicyName=${TEST NAME}${tag} PolicyAction=Intercept ApplicationSearch=SSL PolicyLogSession=1 PolicyEnabled=1 ${Keyring} Create Dictionary KeySearchorCreate=Create Keyname=${TEST NAME}${tag}_实体证书1 File=${path}keyrings//end-entity//caentity.chain.pem File1=${path}keyrings//end-entity//caentity.key ExpiryHours1or2=2 ... Type=certificateType_select2 Type1=keyringsadd_publicKeyAlgoSelet3 UIPolicies ${policyInfo} SourceInfo=${sourceInfo} FilterInfo=${filterInfo} Keyring=${Keyring} PoliciesDelete ################################################################################################################################