mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2026-03-28 15:11:06 +01:00
843f5bb06c
ssl_client2 and ssl_server2 either allow loading specific CRTs and CAs from files, or to leave them unspecified, in which case they're automatically picked from the test certificates. The test certificates should be chosen in a way that when not specifying any CRT or CA parameters, the automatically chosen ones match - but if one of them is specified but not the other, one should not expect tests to succeed. With the recent switch to Secp256r1-based test certificates, the default test certificates have changed, which breaks some ssl-opt.sh tests which specify the server CRT explicitly but not the client trusted CAs. This commit fixes this by specifying the client's trusted CA explicitly in accordance with the explicitly specified server CRT.