1# 2# test Apple certs. Requires the root to be trusted somehow (it's not explicitly passed to 3# the verifier here). . 4# 5globals 6allowUnverified = true 7crlNetFetchEnable = false 8certNetFetchEnable = false 9useSystemAnchors = true 10useTrustSettings = true 11end 12# 13test = Development 14cert = AppleDevelopment.pem 15cert = AppleSWUPDATE.pem 16policy = swuSign 17error = CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT 18certerror=0:CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT 19end 20# 21# 22test = "Software Update" 23cert = AppleSoftUpdate.pem 24cert = AppleSWUPDATE.pem 25policy = swuSign 26end 27# 28test = "test the intermediate CA, wrong cert chain length" 29cert = AppleSWUPDATE.pem 30policy = swuSign 31error = CSSMERR_APPLETP_CS_BAD_CERT_CHAIN_LENGTH 32end 33# 34 35