6 files changed, 560 insertions, 179 deletions

diff --git a/src/testcurl/https/Makefile.am b/src/testcurl/https/Makefile.am
index be5ae633..f9d3f80a 100644
--- a/src/testcurl/https/Makefile.am
+++ b/src/testcurl/https/Makefile.am
@@ -7,12 +7,19 @@ AM_CPPFLAGS = \
 
 
 check_PROGRAMS = \
-  mhds_get_test \
-  mhds_session_info_test \
-  mhds_multi_daemon_test
+   tls_authentication_test \
+   mhds_get_test \
+   mhds_session_info_test \
+   mhds_multi_daemon_test 
 
 TESTS = $(check_PROGRAMS)
 
+tls_authentication_test_SOURCES = \
+  tls_authentication_test.c
+tls_authentication_test_LDADD  = \
+  $(top_builddir)/src/daemon/libmicrohttpd.la \
+  @LIBCURL@
+
 mhds_get_test_SOURCES = \
   mhds_get_test.c
 mhds_get_test_LDADD  = \
diff --git a/src/testcurl/https/mhds_get_test.c b/src/testcurl/https/mhds_get_test.c
index ee1ba633..fcbb8706 100644
--- a/src/testcurl/https/mhds_get_test.c
+++ b/src/testcurl/https/mhds_get_test.c
@@ -46,53 +46,7 @@
 #define MHD_E_CERT_FILE_CREAT "Error: failed to setup test certificate\n"
 #define MHD_E_KEY_FILE_CREAT "Error: failed to setup test certificate\n"
 
-/* Test Certificate */
-const char cert_pem[] =
-  "-----BEGIN CERTIFICATE-----\n"
-  "MIICpjCCAZCgAwIBAgIESEPtjjALBgkqhkiG9w0BAQUwADAeFw0wODA2MDIxMjU0\n"
-  "MzhaFw0wOTA2MDIxMjU0NDZaMAAwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC\n"
-  "AQC03TyUvK5HmUAirRp067taIEO4bibh5nqolUoUdo/LeblMQV+qnrv/RNAMTx5X\n"
-  "fNLZ45/kbM9geF8qY0vsPyQvP4jumzK0LOJYuIwmHaUm9vbXnYieILiwCuTgjaud\n"
-  "3VkZDoQ9fteIo+6we9UTpVqZpxpbLulBMh/VsvX0cPJ1VFC7rT59o9hAUlFf9jX/\n"
-  "GmKdYI79MtgVx0OPBjmmSD6kicBBfmfgkO7bIGwlRtsIyMznxbHu6VuoX/eVxrTv\n"
-  "rmCwgEXLWRZ6ru8MQl5YfqeGXXRVwMeXU961KefbuvmEPccgCxm8FZ1C1cnDHFXh\n"
-  "siSgAzMBjC/b6KVhNQ4KnUdZAgMBAAGjLzAtMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n"
-  "BBYEFJcUvpjvE5fF/yzUshkWDpdYiQh/MAsGCSqGSIb3DQEBBQOCAQEARP7eKSB2\n"
-  "RNd6XjEjK0SrxtoTnxS3nw9sfcS7/qD1+XHdObtDFqGNSjGYFB3Gpx8fpQhCXdoN\n"
-  "8QUs3/5ZVa5yjZMQewWBgz8kNbnbH40F2y81MHITxxCe1Y+qqHWwVaYLsiOTqj2/\n"
-  "0S3QjEJ9tvklmg7JX09HC4m5QRYfWBeQLD1u8ZjA1Sf1xJriomFVyRLI2VPO2bNe\n"
-  "JDMXWuP+8kMC7gEvUnJ7A92Y2yrhu3QI3bjPk8uSpHea19Q77tul1UVBJ5g+zpH3\n"
-  "OsF5p0MyaVf09GTzcLds5nE/osTdXGUyHJapWReVmPm3Zn6gqYlnzD99z+DPIgIV\n"
-  "RhZvQx74NQnS6g==\n" "-----END CERTIFICATE-----\n";
-
-const char key_pem[] =
-  "-----BEGIN RSA PRIVATE KEY-----\n"
-  "MIIEowIBAAKCAQEAtN08lLyuR5lAIq0adOu7WiBDuG4m4eZ6qJVKFHaPy3m5TEFf\n"
-  "qp67/0TQDE8eV3zS2eOf5GzPYHhfKmNL7D8kLz+I7psytCziWLiMJh2lJvb2152I\n"
-  "niC4sArk4I2rnd1ZGQ6EPX7XiKPusHvVE6VamacaWy7pQTIf1bL19HDydVRQu60+\n"
-  "faPYQFJRX/Y1/xpinWCO/TLYFcdDjwY5pkg+pInAQX5n4JDu2yBsJUbbCMjM58Wx\n"
-  "7ulbqF/3lca0765gsIBFy1kWeq7vDEJeWH6nhl10VcDHl1PetSnn27r5hD3HIAsZ\n"
-  "vBWdQtXJwxxV4bIkoAMzAYwv2+ilYTUOCp1HWQIDAQABAoIBAArOQv3R7gmqDspj\n"
-  "lDaTFOz0C4e70QfjGMX0sWnakYnDGn6DU19iv3GnX1S072ejtgc9kcJ4e8VUO79R\n"
-  "EmqpdRR7k8dJr3RTUCyjzf/C+qiCzcmhCFYGN3KRHA6MeEnkvRuBogX4i5EG1k5l\n"
-  "/5t+YBTZBnqXKWlzQLKoUAiMLPg0eRWh+6q7H4N7kdWWBmTpako7TEqpIwuEnPGx\n"
-  "u3EPuTR+LN6lF55WBePbCHccUHUQaXuav18NuDkcJmCiMArK9SKb+h0RqLD6oMI/\n"
-  "dKD6n8cZXeMBkK+C8U/K0sN2hFHACsu30b9XfdnljgP9v+BP8GhnB0nCB6tNBCPo\n"
-  "32srOwECgYEAxWh3iBT4lWqL6bZavVbnhmvtif4nHv2t2/hOs/CAq8iLAw0oWGZc\n"
-  "+JEZTUDMvFRlulr0kcaWra+4fN3OmJnjeuFXZq52lfMgXBIKBmoSaZpIh2aDY1Rd\n"
-  "RbEse7nQl9hTEPmYspiXLGtnAXW7HuWqVfFFP3ya8rUS3t4d07Hig8ECgYEA6ou6\n"
-  "OHiBRTbtDqLIv8NghARc/AqwNWgEc9PelCPe5bdCOLBEyFjqKiT2MttnSSUc2Zob\n"
-  "XhYkHC6zN1Mlq30N0e3Q61YK9LxMdU1vsluXxNq2rfK1Scb1oOlOOtlbV3zA3VRF\n"
-  "hV3t1nOA9tFmUrwZi0CUMWJE/zbPAyhwWotKyZkCgYEAh0kFicPdbABdrCglXVae\n"
-  "SnfSjVwYkVuGd5Ze0WADvjYsVkYBHTvhgRNnRJMg+/vWz3Sf4Ps4rgUbqK8Vc20b\n"
-  "AU5G6H6tlCvPRGm0ZxrwTWDHTcuKRVs+pJE8C/qWoklE/AAhjluWVoGwUMbPGuiH\n"
-  "6Gf1bgHF6oj/Sq7rv/VLZ8ECgYBeq7ml05YyLuJutuwa4yzQ/MXfghzv4aVyb0F3\n"
-  "QCdXR6o2IYgR6jnSewrZKlA9aPqFJrwHNR6sNXlnSmt5Fcf/RWO/qgJQGLUv3+rG\n"
-  "7kuLTNDR05azSdiZc7J89ID3Bkb+z2YkV+6JUiPq/Ei1+nDBEXb/m+/HqALU/nyj\n"
-  "P3gXeQKBgBusb8Rbd+KgxSA0hwY6aoRTPRt8LNvXdsB9vRcKKHUFQvxUWiUSS+L9\n"
-  "/Qu1sJbrUquKOHqksV5wCnWnAKyJNJlhHuBToqQTgKXjuNmVdYSe631saiI7PHyC\n"
-  "eRJ6DxULPxABytJrYCRrNqmXi5TCiqR2mtfalEMOPxz8rUU8dYyx\n"
-  "-----END RSA PRIVATE KEY-----\n";
+#include "tls_test_keys.h"
 
 const char *test_file_name = "https_test_file";
 const char test_file_data[] = "Hello World\n";
@@ -280,8 +234,8 @@ test_secure_get (FILE * test_fd, char *cipher_suite, int proto_version)
   d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
                         MHD_USE_DEBUG, 42433,
                         NULL, NULL, &http_ahc, NULL,
-                        MHD_OPTION_HTTPS_MEM_KEY, key_pem,
-                        MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END);
+                        MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
+                        MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, MHD_OPTION_END);
 
   if (d == NULL)
     {
@@ -317,8 +271,8 @@ test_file_certificates (FILE * test_fd, char *cipher_suite, int proto_version)
       return -1;
     }
 
-  fwrite (key_pem, strlen (key_pem), sizeof (char), key_fd);
-  fwrite (cert_pem, strlen (cert_pem), sizeof (char), cert_fd);
+  fwrite (srv_key_pem, strlen (srv_key_pem), sizeof (char), key_fd);
+  fwrite (srv_self_signed_cert_pem, strlen (srv_self_signed_cert_pem), sizeof (char), cert_fd);
   fclose (key_fd);
   fclose (cert_fd);
 
@@ -353,8 +307,8 @@ test_cipher_option (FILE * test_fd, char *cipher_suite, int proto_version)
   d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
                         MHD_USE_DEBUG, 42433,
                         NULL, NULL, &http_ahc, NULL,
-                        MHD_OPTION_HTTPS_MEM_KEY, key_pem,
-                        MHD_OPTION_HTTPS_MEM_CERT, cert_pem,
+                        MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
+                        MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
                         MHD_OPTION_CIPHER_ALGORITHM, ciper, MHD_OPTION_END);
 
   if (d == NULL)
@@ -380,8 +334,8 @@ test_kx_option (FILE * test_fd, char *cipher_suite, int proto_version)
   d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
                         MHD_USE_DEBUG, 42433,
                         NULL, NULL, &http_ahc, NULL,
-                        MHD_OPTION_HTTPS_MEM_KEY, key_pem,
-                        MHD_OPTION_HTTPS_MEM_CERT, cert_pem,
+                        MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
+                        MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
                         MHD_OPTION_KX_PRIORITY, kx, MHD_OPTION_END);
 
   if (d == NULL)
@@ -407,8 +361,8 @@ test_mac_option (FILE * test_fd, char *cipher_suite, int proto_version)
   d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
                         MHD_USE_DEBUG, 42433,
                         NULL, NULL, &http_ahc, NULL,
-                        MHD_OPTION_HTTPS_MEM_KEY, key_pem,
-                        MHD_OPTION_HTTPS_MEM_CERT, cert_pem,
+                        MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
+                        MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
                         MHD_OPTION_MAC_ALGO, mac, MHD_OPTION_END);
 
   if (d == NULL)
@@ -470,28 +424,19 @@ main (int argc, char *const *argv)
       return -1;
     }
 
-  //gnutls_global_set_log_level(11);
-//  errorCount +=
-//    test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1);
-//
-//  errorCount +=
-//    test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1);
-//
-//  sleep(1);
-
   errorCount +=
     test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1);
 
-//  errorCount +=
-//    test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_SSLv3);
-//  errorCount +=
-//    test_file_certificates (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1);
-//
-//  /* TODO resolve cipher setting issue when compiling against GNU TLS */
-//  errorCount +=
-//    test_cipher_option (test_fd, "DES-CBC3-SHA", CURL_SSLVERSION_SSLv3);
-//  errorCount +=
-//    test_kx_option (test_fd, "EDH-RSA-DES-CBC3-SHA", CURL_SSLVERSION_SSLv3);
+  errorCount +=
+    test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_SSLv3);
+  errorCount +=
+    test_file_certificates (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1);
+
+  /* TODO resolve cipher setting issue when compiling against GNU TLS */
+  errorCount +=
+    test_cipher_option (test_fd, "DES-CBC3-SHA", CURL_SSLVERSION_SSLv3);
+  errorCount +=
+    test_kx_option (test_fd, "EDH-RSA-DES-CBC3-SHA", CURL_SSLVERSION_SSLv3);
 
 
   if (errorCount != 0)
diff --git a/src/testcurl/https/mhds_multi_daemon_test.c b/src/testcurl/https/mhds_multi_daemon_test.c
index 116b82f6..c808405c 100644
--- a/src/testcurl/https/mhds_multi_daemon_test.c
+++ b/src/testcurl/https/mhds_multi_daemon_test.c
@@ -43,53 +43,7 @@
 #define MHD_E_SERVER_INIT "Error: failed to start server\n"
 #define MHD_E_TEST_FILE_CREAT "Error: failed to setup test file\n"
 
-/* Test Certificate */
-const char cert_pem[] =
-  "-----BEGIN CERTIFICATE-----\n"
-  "MIICpjCCAZCgAwIBAgIESEPtjjALBgkqhkiG9w0BAQUwADAeFw0wODA2MDIxMjU0\n"
-  "MzhaFw0wOTA2MDIxMjU0NDZaMAAwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC\n"
-  "AQC03TyUvK5HmUAirRp067taIEO4bibh5nqolUoUdo/LeblMQV+qnrv/RNAMTx5X\n"
-  "fNLZ45/kbM9geF8qY0vsPyQvP4jumzK0LOJYuIwmHaUm9vbXnYieILiwCuTgjaud\n"
-  "3VkZDoQ9fteIo+6we9UTpVqZpxpbLulBMh/VsvX0cPJ1VFC7rT59o9hAUlFf9jX/\n"
-  "GmKdYI79MtgVx0OPBjmmSD6kicBBfmfgkO7bIGwlRtsIyMznxbHu6VuoX/eVxrTv\n"
-  "rmCwgEXLWRZ6ru8MQl5YfqeGXXRVwMeXU961KefbuvmEPccgCxm8FZ1C1cnDHFXh\n"
-  "siSgAzMBjC/b6KVhNQ4KnUdZAgMBAAGjLzAtMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n"
-  "BBYEFJcUvpjvE5fF/yzUshkWDpdYiQh/MAsGCSqGSIb3DQEBBQOCAQEARP7eKSB2\n"
-  "RNd6XjEjK0SrxtoTnxS3nw9sfcS7/qD1+XHdObtDFqGNSjGYFB3Gpx8fpQhCXdoN\n"
-  "8QUs3/5ZVa5yjZMQewWBgz8kNbnbH40F2y81MHITxxCe1Y+qqHWwVaYLsiOTqj2/\n"
-  "0S3QjEJ9tvklmg7JX09HC4m5QRYfWBeQLD1u8ZjA1Sf1xJriomFVyRLI2VPO2bNe\n"
-  "JDMXWuP+8kMC7gEvUnJ7A92Y2yrhu3QI3bjPk8uSpHea19Q77tul1UVBJ5g+zpH3\n"
-  "OsF5p0MyaVf09GTzcLds5nE/osTdXGUyHJapWReVmPm3Zn6gqYlnzD99z+DPIgIV\n"
-  "RhZvQx74NQnS6g==\n" "-----END CERTIFICATE-----\n";
-
-const char key_pem[] =
-  "-----BEGIN RSA PRIVATE KEY-----\n"
-  "MIIEowIBAAKCAQEAtN08lLyuR5lAIq0adOu7WiBDuG4m4eZ6qJVKFHaPy3m5TEFf\n"
-  "qp67/0TQDE8eV3zS2eOf5GzPYHhfKmNL7D8kLz+I7psytCziWLiMJh2lJvb2152I\n"
-  "niC4sArk4I2rnd1ZGQ6EPX7XiKPusHvVE6VamacaWy7pQTIf1bL19HDydVRQu60+\n"
-  "faPYQFJRX/Y1/xpinWCO/TLYFcdDjwY5pkg+pInAQX5n4JDu2yBsJUbbCMjM58Wx\n"
-  "7ulbqF/3lca0765gsIBFy1kWeq7vDEJeWH6nhl10VcDHl1PetSnn27r5hD3HIAsZ\n"
-  "vBWdQtXJwxxV4bIkoAMzAYwv2+ilYTUOCp1HWQIDAQABAoIBAArOQv3R7gmqDspj\n"
-  "lDaTFOz0C4e70QfjGMX0sWnakYnDGn6DU19iv3GnX1S072ejtgc9kcJ4e8VUO79R\n"
-  "EmqpdRR7k8dJr3RTUCyjzf/C+qiCzcmhCFYGN3KRHA6MeEnkvRuBogX4i5EG1k5l\n"
-  "/5t+YBTZBnqXKWlzQLKoUAiMLPg0eRWh+6q7H4N7kdWWBmTpako7TEqpIwuEnPGx\n"
-  "u3EPuTR+LN6lF55WBePbCHccUHUQaXuav18NuDkcJmCiMArK9SKb+h0RqLD6oMI/\n"
-  "dKD6n8cZXeMBkK+C8U/K0sN2hFHACsu30b9XfdnljgP9v+BP8GhnB0nCB6tNBCPo\n"
-  "32srOwECgYEAxWh3iBT4lWqL6bZavVbnhmvtif4nHv2t2/hOs/CAq8iLAw0oWGZc\n"
-  "+JEZTUDMvFRlulr0kcaWra+4fN3OmJnjeuFXZq52lfMgXBIKBmoSaZpIh2aDY1Rd\n"
-  "RbEse7nQl9hTEPmYspiXLGtnAXW7HuWqVfFFP3ya8rUS3t4d07Hig8ECgYEA6ou6\n"
-  "OHiBRTbtDqLIv8NghARc/AqwNWgEc9PelCPe5bdCOLBEyFjqKiT2MttnSSUc2Zob\n"
-  "XhYkHC6zN1Mlq30N0e3Q61YK9LxMdU1vsluXxNq2rfK1Scb1oOlOOtlbV3zA3VRF\n"
-  "hV3t1nOA9tFmUrwZi0CUMWJE/zbPAyhwWotKyZkCgYEAh0kFicPdbABdrCglXVae\n"
-  "SnfSjVwYkVuGd5Ze0WADvjYsVkYBHTvhgRNnRJMg+/vWz3Sf4Ps4rgUbqK8Vc20b\n"
-  "AU5G6H6tlCvPRGm0ZxrwTWDHTcuKRVs+pJE8C/qWoklE/AAhjluWVoGwUMbPGuiH\n"
-  "6Gf1bgHF6oj/Sq7rv/VLZ8ECgYBeq7ml05YyLuJutuwa4yzQ/MXfghzv4aVyb0F3\n"
-  "QCdXR6o2IYgR6jnSewrZKlA9aPqFJrwHNR6sNXlnSmt5Fcf/RWO/qgJQGLUv3+rG\n"
-  "7kuLTNDR05azSdiZc7J89ID3Bkb+z2YkV+6JUiPq/Ei1+nDBEXb/m+/HqALU/nyj\n"
-  "P3gXeQKBgBusb8Rbd+KgxSA0hwY6aoRTPRt8LNvXdsB9vRcKKHUFQvxUWiUSS+L9\n"
-  "/Qu1sJbrUquKOHqksV5wCnWnAKyJNJlhHuBToqQTgKXjuNmVdYSe631saiI7PHyC\n"
-  "eRJ6DxULPxABytJrYCRrNqmXi5TCiqR2mtfalEMOPxz8rUU8dYyx\n"
-  "-----END RSA PRIVATE KEY-----\n";
+#include "tls_test_keys.h"
 
 const char *test_file_name = "https_test_file";
 const char test_file_data[] = "Hello World\n";
@@ -281,8 +235,8 @@ test_concurent_daemon_pair (FILE * test_fd, char *cipher_suite,
   d1 = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
                          MHD_USE_DEBUG, 42433,
                          NULL, NULL, &http_ahc, NULL,
-                         MHD_OPTION_HTTPS_MEM_KEY, key_pem,
-                         MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END);
+                         MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
+                         MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, MHD_OPTION_END);
 
   if (d1 == NULL)
     {
@@ -293,8 +247,8 @@ test_concurent_daemon_pair (FILE * test_fd, char *cipher_suite,
   d2 = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
                          MHD_USE_DEBUG, 42434,
                          NULL, NULL, &http_ahc, NULL,
-                         MHD_OPTION_HTTPS_MEM_KEY, key_pem,
-                         MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END);
+                         MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
+                         MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, MHD_OPTION_END);
 
   if (d2 == NULL)
     {
diff --git a/src/testcurl/https/mhds_session_info_test.c b/src/testcurl/https/mhds_session_info_test.c
index b707203d..209c5288 100644
--- a/src/testcurl/https/mhds_session_info_test.c
+++ b/src/testcurl/https/mhds_session_info_test.c
@@ -38,53 +38,7 @@
 
 #define EMPTY_PAGE "<html><head><title>Empty page</title></head><body>Empty page</body></html>"
 
-/* Test Certificate */
-const char cert_pem[] =
-  "-----BEGIN CERTIFICATE-----\n"
-  "MIICpjCCAZCgAwIBAgIESEPtjjALBgkqhkiG9w0BAQUwADAeFw0wODA2MDIxMjU0\n"
-  "MzhaFw0wOTA2MDIxMjU0NDZaMAAwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC\n"
-  "AQC03TyUvK5HmUAirRp067taIEO4bibh5nqolUoUdo/LeblMQV+qnrv/RNAMTx5X\n"
-  "fNLZ45/kbM9geF8qY0vsPyQvP4jumzK0LOJYuIwmHaUm9vbXnYieILiwCuTgjaud\n"
-  "3VkZDoQ9fteIo+6we9UTpVqZpxpbLulBMh/VsvX0cPJ1VFC7rT59o9hAUlFf9jX/\n"
-  "GmKdYI79MtgVx0OPBjmmSD6kicBBfmfgkO7bIGwlRtsIyMznxbHu6VuoX/eVxrTv\n"
-  "rmCwgEXLWRZ6ru8MQl5YfqeGXXRVwMeXU961KefbuvmEPccgCxm8FZ1C1cnDHFXh\n"
-  "siSgAzMBjC/b6KVhNQ4KnUdZAgMBAAGjLzAtMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n"
-  "BBYEFJcUvpjvE5fF/yzUshkWDpdYiQh/MAsGCSqGSIb3DQEBBQOCAQEARP7eKSB2\n"
-  "RNd6XjEjK0SrxtoTnxS3nw9sfcS7/qD1+XHdObtDFqGNSjGYFB3Gpx8fpQhCXdoN\n"
-  "8QUs3/5ZVa5yjZMQewWBgz8kNbnbH40F2y81MHITxxCe1Y+qqHWwVaYLsiOTqj2/\n"
-  "0S3QjEJ9tvklmg7JX09HC4m5QRYfWBeQLD1u8ZjA1Sf1xJriomFVyRLI2VPO2bNe\n"
-  "JDMXWuP+8kMC7gEvUnJ7A92Y2yrhu3QI3bjPk8uSpHea19Q77tul1UVBJ5g+zpH3\n"
-  "OsF5p0MyaVf09GTzcLds5nE/osTdXGUyHJapWReVmPm3Zn6gqYlnzD99z+DPIgIV\n"
-  "RhZvQx74NQnS6g==\n" "-----END CERTIFICATE-----\n";
-
-const char key_pem[] =
-  "-----BEGIN RSA PRIVATE KEY-----\n"
-  "MIIEowIBAAKCAQEAtN08lLyuR5lAIq0adOu7WiBDuG4m4eZ6qJVKFHaPy3m5TEFf\n"
-  "qp67/0TQDE8eV3zS2eOf5GzPYHhfKmNL7D8kLz+I7psytCziWLiMJh2lJvb2152I\n"
-  "niC4sArk4I2rnd1ZGQ6EPX7XiKPusHvVE6VamacaWy7pQTIf1bL19HDydVRQu60+\n"
-  "faPYQFJRX/Y1/xpinWCO/TLYFcdDjwY5pkg+pInAQX5n4JDu2yBsJUbbCMjM58Wx\n"
-  "7ulbqF/3lca0765gsIBFy1kWeq7vDEJeWH6nhl10VcDHl1PetSnn27r5hD3HIAsZ\n"
-  "vBWdQtXJwxxV4bIkoAMzAYwv2+ilYTUOCp1HWQIDAQABAoIBAArOQv3R7gmqDspj\n"
-  "lDaTFOz0C4e70QfjGMX0sWnakYnDGn6DU19iv3GnX1S072ejtgc9kcJ4e8VUO79R\n"
-  "EmqpdRR7k8dJr3RTUCyjzf/C+qiCzcmhCFYGN3KRHA6MeEnkvRuBogX4i5EG1k5l\n"
-  "/5t+YBTZBnqXKWlzQLKoUAiMLPg0eRWh+6q7H4N7kdWWBmTpako7TEqpIwuEnPGx\n"
-  "u3EPuTR+LN6lF55WBePbCHccUHUQaXuav18NuDkcJmCiMArK9SKb+h0RqLD6oMI/\n"
-  "dKD6n8cZXeMBkK+C8U/K0sN2hFHACsu30b9XfdnljgP9v+BP8GhnB0nCB6tNBCPo\n"
-  "32srOwECgYEAxWh3iBT4lWqL6bZavVbnhmvtif4nHv2t2/hOs/CAq8iLAw0oWGZc\n"
-  "+JEZTUDMvFRlulr0kcaWra+4fN3OmJnjeuFXZq52lfMgXBIKBmoSaZpIh2aDY1Rd\n"
-  "RbEse7nQl9hTEPmYspiXLGtnAXW7HuWqVfFFP3ya8rUS3t4d07Hig8ECgYEA6ou6\n"
-  "OHiBRTbtDqLIv8NghARc/AqwNWgEc9PelCPe5bdCOLBEyFjqKiT2MttnSSUc2Zob\n"
-  "XhYkHC6zN1Mlq30N0e3Q61YK9LxMdU1vsluXxNq2rfK1Scb1oOlOOtlbV3zA3VRF\n"
-  "hV3t1nOA9tFmUrwZi0CUMWJE/zbPAyhwWotKyZkCgYEAh0kFicPdbABdrCglXVae\n"
-  "SnfSjVwYkVuGd5Ze0WADvjYsVkYBHTvhgRNnRJMg+/vWz3Sf4Ps4rgUbqK8Vc20b\n"
-  "AU5G6H6tlCvPRGm0ZxrwTWDHTcuKRVs+pJE8C/qWoklE/AAhjluWVoGwUMbPGuiH\n"
-  "6Gf1bgHF6oj/Sq7rv/VLZ8ECgYBeq7ml05YyLuJutuwa4yzQ/MXfghzv4aVyb0F3\n"
-  "QCdXR6o2IYgR6jnSewrZKlA9aPqFJrwHNR6sNXlnSmt5Fcf/RWO/qgJQGLUv3+rG\n"
-  "7kuLTNDR05azSdiZc7J89ID3Bkb+z2YkV+6JUiPq/Ei1+nDBEXb/m+/HqALU/nyj\n"
-  "P3gXeQKBgBusb8Rbd+KgxSA0hwY6aoRTPRt8LNvXdsB9vRcKKHUFQvxUWiUSS+L9\n"
-  "/Qu1sJbrUquKOHqksV5wCnWnAKyJNJlhHuBToqQTgKXjuNmVdYSe631saiI7PHyC\n"
-  "eRJ6DxULPxABytJrYCRrNqmXi5TCiqR2mtfalEMOPxz8rUU8dYyx\n"
-  "-----END RSA PRIVATE KEY-----\n";
+#include "tls_test_keys.h"
 
 struct MHD_Daemon *d;
 
@@ -176,8 +130,8 @@ test_query_session ()
   d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
                         MHD_USE_DEBUG, 42433,
                         NULL, NULL, &query_session_ahc, NULL,
-                        MHD_OPTION_HTTPS_MEM_KEY, key_pem,
-                        MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END);
+                        MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
+                        MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, MHD_OPTION_END);
 
   if (d == NULL)
     return 2;
diff --git a/src/testcurl/https/tls_authentication_test.c b/src/testcurl/https/tls_authentication_test.c
new file mode 100644
index 00000000..5c790b26
--- /dev/null
+++ b/src/testcurl/https/tls_authentication_test.c
@@ -0,0 +1,345 @@
+/*
+ This file is part of libmicrohttpd
+ (C) 2007 Christian Grothoff
+
+ libmicrohttpd is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 2, or (at your
+ option) any later version.
+
+ libmicrohttpd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with libmicrohttpd; see the file COPYING.  If not, write to the
+ Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+ */
+
+/**
+ * @file mhds_get_test.c
+ * @brief  Testcase for libmicrohttpd HTTPS GET operations
+ * @author Sagie Amir
+ */
+
+#include "config.h"
+#include "plibc.h"
+#include "microhttpsd.h"
+#include <errno.h>
+
+#include <curl/curl.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <sys/stat.h>
+
+#define PAGE_NOT_FOUND "<html><head><title>File not found</title></head><body>File not found</body></html>"
+
+#define MHD_E_MEM "Error: memory error\n"
+#define MHD_E_SERVER_INIT "Error: failed to start server\n"
+#define MHD_E_TEST_FILE_CREAT "Error: failed to setup test file\n"
+
+#include "tls_test_keys.h"
+
+const char *ca_cert_file_name = "ca_cert_pem";
+const char *test_file_name = "https_test_file";
+const char test_file_data[] = "Hello World\n";
+
+struct CBC
+{
+  char *buf;
+  size_t pos;
+  size_t size;
+};
+
+static size_t
+copyBuffer (void *ptr, size_t size, size_t nmemb, void *ctx)
+{
+  struct CBC *cbc = ctx;
+
+  if (cbc->pos + size * nmemb > cbc->size)
+    return 0;                   /* overflow */
+  memcpy (&cbc->buf[cbc->pos], ptr, size * nmemb);
+  cbc->pos += size * nmemb;
+  return size * nmemb;
+}
+
+static int
+file_reader (void *cls, size_t pos, char *buf, int max)
+{
+  FILE *file = cls;
+  fseek (file, pos, SEEK_SET);
+  return fread (buf, 1, max, file);
+}
+
+/* HTTP access handler call back */
+static int
+http_ahc (void *cls, struct MHD_Connection *connection,
+          const char *url, const char *method, const char *upload_data,
+          const char *version, unsigned int *upload_data_size, void **ptr)
+{
+  static int aptr;
+  struct MHD_Response *response;
+  int ret;
+  FILE *file;
+  struct stat buf;
+
+  // TODO never respond on first call
+  if (0 != strcmp (method, MHD_HTTP_METHOD_GET))
+    return MHD_NO;              /* unexpected method */
+  if (&aptr != *ptr)
+    {
+      /* do never respond on first call */
+      *ptr = &aptr;
+      return MHD_YES;
+    }
+  *ptr = NULL;                  /* reset when done */
+
+  file = fopen (url, "r");
+  if (file == NULL)
+    {
+      response = MHD_create_response_from_data (strlen (PAGE_NOT_FOUND),
+                                                (void *) PAGE_NOT_FOUND,
+                                                MHD_NO, MHD_NO);
+      ret = MHD_queue_response (connection, MHD_HTTP_NOT_FOUND, response);
+      MHD_destroy_response (response);
+    }
+  else
+    {
+      stat (url, &buf);
+      response = MHD_create_response_from_callback (buf.st_size, 32 * 1024,     /* 32k PAGE_NOT_FOUND size */
+                                                    &file_reader, file,
+                                                    (MHD_ContentReaderFreeCallback)
+                                                    & fclose);
+      ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
+      MHD_destroy_response (response);
+    }
+  return ret;
+}
+
+/*
+ * test HTTPS transfer
+ * @param test_fd: file to attempt transfering
+ */
+static int
+test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version)
+{
+  CURL *c;
+  struct CBC cbc;
+  CURLcode errornum;
+  char *doc_path;
+  char url[255];
+  struct stat statb;
+
+  stat (test_file_name, &statb);
+
+  int len = statb.st_size;
+
+  /* used to memcmp local copy & deamon supplied copy */
+  unsigned char *mem_test_file_local;
+
+  /* setup test file path, url */
+  doc_path = get_current_dir_name ();
+
+  if (NULL == (mem_test_file_local = malloc (len)))
+    {
+      fclose (test_fd);
+      fprintf (stderr, MHD_E_MEM);
+      return -1;
+    }
+
+  fseek (test_fd, 0, SEEK_SET);
+  if (fread (mem_test_file_local, sizeof (char), len, test_fd) != len)
+    {
+      fclose (test_fd);
+      fprintf (stderr, "Error: failed to read test file. %s\n",
+               strerror (errno));
+      return -1;
+    }
+
+  if (NULL == (cbc.buf = malloc (sizeof (char) * len)))
+    {
+      fclose (test_fd);
+      fprintf (stderr, MHD_E_MEM);
+      return -1;
+    }
+  cbc.size = len;
+  cbc.pos = 0;
+
+  /* construct url - this might use doc_path */
+  sprintf (url, "%s%s/%s", "https://localhost:42433",
+           doc_path, test_file_name);
+
+  c = curl_easy_init ();
+#ifdef DEBUG
+  curl_easy_setopt (c, CURLOPT_VERBOSE, 1);
+#endif
+  curl_easy_setopt (c, CURLOPT_URL, url);
+  curl_easy_setopt (c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
+  curl_easy_setopt (c, CURLOPT_TIMEOUT, 10L);
+  curl_easy_setopt (c, CURLOPT_CONNECTTIMEOUT, 10L);
+  curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, &copyBuffer);
+  curl_easy_setopt (c, CURLOPT_FILE, &cbc);
+
+  /* TLS options */
+  curl_easy_setopt (c, CURLOPT_SSLVERSION, proto_version);
+  //curl_easy_setopt (c, CURLOPT_SSL_CIPHER_LIST, cipher_suite);
+
+  /* currently skip any peer authentication */
+  curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 1);
+  curl_easy_setopt (c, CURLOPT_CAINFO, ca_cert_file_name);
+
+  curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0);
+
+  curl_easy_setopt (c, CURLOPT_FAILONERROR, 1);
+
+  /* NOTE: use of CONNECTTIMEOUT without also
+     setting NOSIGNAL results in really weird
+     crashes on my system! */
+  curl_easy_setopt (c, CURLOPT_NOSIGNAL, 1);
+  if (CURLE_OK != (errornum = curl_easy_perform (c)))
+    {
+      fprintf (stderr, "curl_easy_perform failed: `%s'\n",
+               curl_easy_strerror (errornum));
+      curl_easy_cleanup (c);
+      return errornum;
+    }
+
+  curl_easy_cleanup (c);
+
+  if (memcmp (cbc.buf, mem_test_file_local, len) != 0)
+    {
+      fprintf (stderr, "Error: local file & received file differ.\n");
+      free (cbc.buf);
+      free (mem_test_file_local);
+      return -1;
+    }
+
+  free (mem_test_file_local);
+  free (cbc.buf);
+  free (doc_path);
+  return 0;
+}
+
+/* perform a HTTP GET request via SSL/TLS */
+int
+test_secure_get (FILE * test_fd, char *cipher_suite, int proto_version)
+{
+  int ret;
+  struct MHD_Daemon *d;
+
+  int kx[] = { GNUTLS_KX_DHE_RSA, 0 };
+
+  d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
+                        MHD_USE_DEBUG, 42433,
+                        NULL, NULL, &http_ahc, NULL,
+                        MHD_OPTION_HTTPS_MEM_KEY, srv_signed_key_pem,
+                        MHD_OPTION_HTTPS_MEM_CERT, srv_signed_cert_pem,
+                        MHD_OPTION_KX_PRIORITY, kx, MHD_OPTION_END);
+
+  if (d == NULL)
+    {
+      fprintf (stderr, MHD_E_SERVER_INIT);
+      return -1;
+    }
+
+  ret = test_daemon_get (test_fd, cipher_suite, proto_version);
+  MHD_stop_daemon (d);
+  return ret;
+}
+
+/* setup a temporary transfer test file */
+FILE *
+setupTestFile ()
+{
+  FILE *test_fd;
+
+  if (NULL == (test_fd = fopen (test_file_name, "w+")))
+    {
+      fprintf (stderr, "Error: failed to open `%s': %s\n",
+               test_file_name, strerror (errno));
+      return NULL;
+    }
+  if (fwrite (test_file_data, sizeof (char), strlen (test_file_data), test_fd)
+      != strlen (test_file_data))
+    {
+      fprintf (stderr, "Error: failed to write `%s. %s'\n",
+               test_file_name, strerror (errno));
+      return NULL;
+    }
+  if (fflush (test_fd))
+    {
+      fprintf (stderr, "Error: failed to flush test file stream. %s\n",
+               strerror (errno));
+      return NULL;
+    }
+
+  return test_fd;
+}
+
+FILE *
+setup_ca_cert ()
+{
+  FILE *fd;
+
+  if (NULL == (fd = fopen (ca_cert_file_name, "w+")))
+    {
+      fprintf (stderr, "Error: failed to open `%s': %s\n",
+               ca_cert_file_name, strerror (errno));
+      return NULL;
+    }
+  if (fwrite (ca_cert_pem, sizeof (char), strlen (ca_cert_pem), fd)
+      != strlen (ca_cert_pem))
+    {
+      fprintf (stderr, "Error: failed to write `%s. %s'\n",
+               ca_cert_file_name, strerror (errno));
+      return NULL;
+    }
+  if (fflush (fd))
+    {
+      fprintf (stderr, "Error: failed to flush ca cert file stream. %s\n",
+               strerror (errno));
+      return NULL;
+    }
+
+  return fd;
+}
+
+int
+main (int argc, char *const *argv)
+{
+  FILE *test_fd;
+  unsigned int errorCount = 0;
+
+  if ((test_fd = setupTestFile ()) == NULL)
+    {
+      fprintf (stderr, MHD_E_TEST_FILE_CREAT);
+      return -1;
+    }
+
+  setup_ca_cert ();
+
+  if (0 != curl_global_init (CURL_GLOBAL_ALL))
+    {
+      fprintf (stderr, "Error (code: %u)\n", errorCount);
+      return -1;
+    }
+
+  errorCount +=
+    test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1);
+
+  if (errorCount != 0)
+    fprintf (stderr, "Error (code: %u)\n", errorCount);
+
+  curl_global_cleanup ();
+  fclose (test_fd);
+
+  remove (test_file_name);
+  remove (ca_cert_file_name);
+  return errorCount != 0;
+}
diff --git a/src/testcurl/https/tls_test_keys.h b/src/testcurl/https/tls_test_keys.h
new file mode 100644
index 00000000..aca0639c
--- /dev/null
+++ b/src/testcurl/https/tls_test_keys.h
@@ -0,0 +1,176 @@
+/*
+     This file is part of libmicrohttpd
+     (C) 2006, 2007, 2008 Christian Grothoff (and other contributing authors)
+
+     This library is free software; you can redistribute it and/or
+     modify it under the terms of the GNU Lesser General Public
+     License as published by the Free Software Foundation; either
+     version 2.1 of the License, or (at your option) any later version.
+
+     This library is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Lesser General Public License for more details.
+
+     You should have received a copy of the GNU Lesser General Public
+     License along with this library; if not, write to the Free Software
+     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+
+#ifndef MHD_TLS_TEST_KEYS_H
+#define MHD_TLS_TEST_KEYS_H
+
+/* Test Certificates */
+
+/* Certificate Authority key */
+const char ca_key_pem[] =
+  "-----BEGIN RSA PRIVATE KEY-----\n"
+  "MIIEpAIBAAKCAQEA3vzPUd2yRjeHy9Yi22uX1vGnUPmB5zS+77/B9LubTqnNJ9eB\n"
+  "jiMegQJsJWFQT/CW8FurYiSMXIuTBirZX7NO6/rlcqifdfKLotSUuXLu5DBvMLCv\n"
+  "nQ73wCIdCJoVyJbRN0ExHsyGwCDCxaHuY8FlkIsfYo17SNmJNaMSUqdoAZoelmbq\n"
+  "r9oVciRCQGgrmwEJdPj7EAofWSudV77y85j5rV/t51eNy5liS2qXnoFEmeqTuBo1\n"
+  "1cSmRbv5dkCHbx+youLyZG39KxB0MZ124Na3qbUY41BPNj1XBljyAoHyY0J1iDqS\n"
+  "0Zo+njEW6vRbmSMkrA1kH45+alN50X11mSgfoQIDAQABAoIBAAmLu+4Ushpdi5Sd\n"
+  "P1cidjDFXfDaao5I2LTroghpnNyfaiT+zbj1jctu7K1luuX+Lh7+ZKIGH6RhVP8g\n"
+  "R9eYBeyWHDsWJwPqCQJkrHR7LCkEfgkRAkaUZsSgzTqCWqUAeFa/xaQcdDcOu/nR\n"
+  "DKMUexYmz4ZU+VJxPhWHzGuxhxM85uJOPK3rCaYCJoo1vMpF7MeFFvVljhSdyht5\n"
+  "KD0w6qP0Y+vDe4cD/4W3wq82qXCFPA5oImjSJveEIJumPIjOyLFF+9p9V6hzg8Em\n"
+  "48cpXcV3SsbaqTr6mSQl6b15zVwWq4CCt4mkeu6vK9PGzdnBiUmWaSXfprDwHaB3\n"
+  "t1N0GRECgYEA5gP0gmZQDDJTlaGK9Z6pWiwpMBUoYcnqvCn8MQ5uPQn+KZir19AJ\n"
+  "PkVLfWT9Dcaf3+2d0kBBgGYFWL+wK8DgrqALiLJfM6gP3Ts7G6Bis4GFdWY9aUnT\n"
+  "6ZhRYdzetVArhTZBRKh8ERQNPy4TmzWDtjVUAfezUcvXqOjl9H5Q01ECgYEA+C2b\n"
+  "i05t/RYcU0eFVYK8Yfl3jZJiopMdYwXCSCO21Ag2i0fjKC89rCmLlliffSSuDtNk\n"
+  "xFsaSjns8Vyl7sjMcAOfsGokiUIcFnK/LyVoc3ie2NCiLVzw6zKK8lJ4bhn4afnv\n"
+  "N9RKXP76emb8MaZroKlKkhMR8f2BvzXbv2NyU1ECgYEAtJeAXu1zhc/xnjaiQqxa\n"
+  "rMilYfIKrZR571hLgDyjQttYqVIMAbp9t11yorYqlKlRFuCaG9yFUQlIw2BlMkUS\n"
+  "YyiXRbE+W/Fk2z7I7qzjMarMnNsz9jmX3vzPULW4ScTzFnj9j6l1F3eV2vgTPrYq\n"
+  "fmGqXo0bRmp0HVMWUPrn/LECgYEA3qHTQkHGS16VZGPpiY8xPVbUV8z07NC6cQVO\n"
+  "hvZ64XTIsWN4tKjEU3glf2bbFCFef3BFmhv71pBmLRMmy7GYK/gkPdbKFdOXbM/d\n"
+  "EAcnz0ZqgSeQBM+2U9dQbBdtb5+eiDsszNGFMC2QN1PBcyzOqh6UBbxTwdjfls9S\n"
+  "5Trp6TECgYAzCZmmJuBW6WDK5ttOF/do6r0aurHr2mOr8oYxmBkhI3wphyUMNuaH\n"
+  "rUk+R8LAmC1U4MbvvqoZH27xe+xd25mn6whitgZBH3DIetN7myDJep8wEG6aW4R5\n"
+  "S82zk+LQJ7LTa1nPVPMS10qUXSH9cjShhszfeRIQM+lWbPoaEuo3yQ==\n"
+  "-----END RSA PRIVATE KEY-----\n";
+
+/* Certificate Authority cert */
+const char ca_cert_pem[] =
+  "-----BEGIN CERTIFICATE-----\n"
+  "MIIC6DCCAdKgAwIBAgIESHv2uDALBgkqhkiG9w0BAQUwFzEVMBMGA1UEAxMMdGVz\n"
+  "dF9jYV9jZXJ0MB4XDTA4MDcxNTAxMDA0MFoXDTA5MDcxNTAxMDA0MFowFzEVMBMG\n"
+  "A1UEAxMMdGVzdF9jYV9jZXJ0MIIBHzALBgkqhkiG9w0BAQEDggEOADCCAQkCggEA\n"
+  "3vzPUd2yRjeHy9Yi22uX1vGnUPmB5zS+77/B9LubTqnNJ9eBjiMegQJsJWFQT/CW\n"
+  "8FurYiSMXIuTBirZX7NO6/rlcqifdfKLotSUuXLu5DBvMLCvnQ73wCIdCJoVyJbR\n"
+  "N0ExHsyGwCDCxaHuY8FlkIsfYo17SNmJNaMSUqdoAZoelmbqr9oVciRCQGgrmwEJ\n"
+  "dPj7EAofWSudV77y85j5rV/t51eNy5liS2qXnoFEmeqTuBo11cSmRbv5dkCHbx+y\n"
+  "ouLyZG39KxB0MZ124Na3qbUY41BPNj1XBljyAoHyY0J1iDqS0Zo+njEW6vRbmSMk\n"
+  "rA1kH45+alN50X11mSgfoQIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1Ud\n"
+  "DwEB/wQFAwMHBAAwHQYDVR0OBBYEFB3x03+3Qa2SDwRF6RkNcjg9zRHJMAsGCSqG\n"
+  "SIb3DQEBBQOCAQEAjPoKMve8aqtL8fFXfSkYwLJUwuTG4E4mX804O5dsdvOEWR2/\n"
+  "UQm5IDiAZ3fnHE8zh0C1Kg+dWnCv0i1Q5CYZJ5sSY3tKikG5UBPVJGV1tT0vDfmJ\n"
+  "X7b52y35eN8qe5DsdyDAcF2GNRBU8opkLkyXb8U095AQiCHzTPpiesZd5phJlMPm\n"
+  "AJaB4VtHAykDMeKd7HJAeelRi/1dP8xsYNc1z67cSrkt2f+B0WAyuAUBBr1NdYmS\n"
+  "duegptXCh8OeGEL/v6mbIWoszDbOjk/0zwsgW8BD/eXaZgPPEUtmHizYPIRPdeW1\n"
+  "MSCwccjl/XjDkIoN8kKss4Ftt+Wyajjjxeh6YA==\n" "-----END CERTIFICATE-----\n";
+
+/* test server CA signed certificates */
+const char srv_signed_cert_pem[] =
+  "-----BEGIN CERTIFICATE-----\n"
+  "MIIDHzCCAgmgAwIBAgIESHv6kTALBgkqhkiG9w0BAQUwFzEVMBMGA1UEAxMMdGVz\n"
+  "dF9jYV9jZXJ0MB4XDTA4MDcxNTAxMTcwNVoXDTA5MDcxNTAxMTcwNVowGzEZMBcG\n"
+  "A1UEAxMQdGVzdF9zZXJ2ZXJfY2VydDCCAR8wCwYJKoZIhvcNAQEBA4IBDgAwggEJ\n"
+  "AoIBAJIY2+Wn+TRHIJ92tpNvCIE6FOsGclRxOFJwK0T6k3SK68LwQ9PkQTTB/DJu\n"
+  "+hU2u6w6lt1+Q8PHTDMLtnkEeXnxPn1uQZnnMEBcHAGY1U99iJh0At68AyoG7nkb\n"
+  "AzgzxxjMom+dEhGEFHOg9JKmJp138RzIWcMN2l4pKIryiBUh5AWt/7uqtA+9fQMq\n"
+  "nOeO8OU5FM3eKevl3VSZ6usptbePbUDNs5uEmG+PTR0bc2rYgGeC4+wExWcJ+CAq\n"
+  "voNVPno//MoMeJjWgXqF4wTBFdfsewngkflwRDPuZuLsxVrKnIx6jsBKIMuhVuxT\n"
+  "66vnEmuR34TUIzLlVPcJ5wmby2UCAwEAAaN2MHQwDAYDVR0TAQH/BAIwADATBgNV\n"
+  "HSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDByAAMB0GA1UdDgQWBBSHX75y\n"
+  "gpEjstognUu4If50qWXQaDAfBgNVHSMEGDAWgBQd8dN/t0Gtkg8ERekZDXI4Pc0R\n"
+  "yTALBgkqhkiG9w0BAQUDggEBAF56YMCdp0C88ZF9yaXJZ4PMuTpW83Mhg5Ar0a9H\n"
+  "DasF58p8eeRLhsTJPi+NpFSMTujEabGS3+8l6Iu5F5stFgvbvnjLHdYu2Pjakos8\n"
+  "NjZCCkuEmIO4PLd6h5ToOZf3ZXNHmFjRTtKHQKNrYizlHlgnEDcUbU4gB5KOg3jU\n"
+  "rv/Mtar+5LRK7KvByswp26nRH1ijGV23sy9StK7tV/cJPe/UkxyUfSQwUmQzzWe6\n"
+  "QGAQtppUjGabWXjuLuOUyiG5LReYC5ri7XZuVekCAfUHbOdPYTHPczvpKBnUyKIv\n"
+  "BRKOarmNfNc3w5G7Ast3jNOE2JfiJ8+x9+rMWI01PlWVYvQ=\n"
+  "-----END CERTIFICATE-----\n";
+
+/* test server key */
+const char srv_signed_key_pem[] =
+  "-----BEGIN RSA PRIVATE KEY-----\n"
+  "MIIEpAIBAAKCAQEAkhjb5af5NEcgn3a2k28IgToU6wZyVHE4UnArRPqTdIrrwvBD\n"
+  "0+RBNMH8Mm76FTa7rDqW3X5Dw8dMMwu2eQR5efE+fW5BmecwQFwcAZjVT32ImHQC\n"
+  "3rwDKgbueRsDODPHGMyib50SEYQUc6D0kqYmnXfxHMhZww3aXikoivKIFSHkBa3/\n"
+  "u6q0D719Ayqc547w5TkUzd4p6+XdVJnq6ym1t49tQM2zm4SYb49NHRtzatiAZ4Lj\n"
+  "7ATFZwn4ICq+g1U+ej/8ygx4mNaBeoXjBMEV1+x7CeCR+XBEM+5m4uzFWsqcjHqO\n"
+  "wEogy6FW7FPrq+cSa5HfhNQjMuVU9wnnCZvLZQIDAQABAoIBABISPh0FrocfZzMi\n"
+  "YYoSGWi2sQCzTvAQAyn7UvbY0eWAC5KU2qb6nHA0sIfif0+hcgxnQOML68DrRYso\n"
+  "3zzP52DEjPjB6x5o4OiNHC+8YmJPQlatPu+jLPcFXXkgdMD+cpmoMk2BDcuZ3VfC\n"
+  "KI59O9iNjgcD50p/y6uLBsdNIbUPSMe8ONWT7f5DN/DqEL+3tVZaRAOL+C8iKYf4\n"
+  "EPI5z6gOyL0aEpulbMKc0YoZZ2kDmu5IyMLgkF3DJV440Y/6IGan88ZSjk6i/d7f\n"
+  "ciKVtzIIbr5ubbuGe3htphTpRP0aA5WuVTzHrKk83/u3hG1RFv1q/cRD28tVUIII\n"
+  "0pcwLmECgYEAwMdaR5Y2NqBk/fOvU/oCDAQ6w8jmIa4zMxskvq9Pr753jhT13j+T\n"
+  "eQ1A590PF4PPvGFTqJ2vl3kj6JT5dzu7mGKoJLFsnttpw+0NYUgp0waPPZx010pp\n"
+  "QGeyQ/cPsZEZkCehh9c5CsfO1YpjKLV/wdpBQ2xAnkV5dfFmzlzLOTECgYEAwgJf\n"
+  "gxlR9Jgv7Qg/6Prs+SarqT4xDsJKKbD7wH2jveGFXVnkYTPVstwLCAus4LaLFKZ9\n"
+  "1POQDUgO24E1GzuL7mqSuvymdl5gZICfpkHstOAfpqep96pUv4aI9BY/g5l4Lvep\n"
+  "9c52tgQGwz0qgBUJBi6AvzxqRkBsxrXjX2m7KHUCgYEAtjx94ohkTXWIouy2xFrl\n"
+  "jnh9GNGUgyhK7Dfvn3bYjJkwKZc06dkNzvQxdD5r4t3PBhS3YgFWmYmB4X7a6NUF\n"
+  "vMMekjlLJkziib1Q1bLDHuLni+WYKmEEaEbepRMrub8h/D0KnQBewwspQoJkxHn3\n"
+  "AMkSwurVlwi0DkOa3N+pmTECgYBXyCUZN1qqtjVxJXttWiPg88tWD2q5B9XwmUC/\n"
+  "rtlor+LdAzBffsmhXQiswkOdhVrWpCJpOS8jo0f9r6+su7ury5LKgkh7ZGZu8vfJ\n"
+  "jSiiCoqnqFMyWWJxKllLP8nLLKSBc9P2AU4bOyUoL8PMIjhsEJx2asqXMM1G98OC\n"
+  "R1/EhQKBgQCmSkabsj8u5iEScicyJU87/sVkRIRE0GhjU8uuvcTe+dRiHuj2CENx\n"
+  "hh967E0nUCiJzx3is0/nYByDles9W4BLEA8JSuM5r6E7UifHR4XwIi2tQcNhCWIu\n"
+  "vGbfvxwqcm7Uj3XHb1GbYK5nnaRNailoJ7iyqHWxB1Q3iFIiMipcfg==\n"
+  "-----END RSA PRIVATE KEY-----\n";
+
+/* test server self signed certificates */
+const char srv_self_signed_cert_pem[] =
+  "-----BEGIN CERTIFICATE-----\n"
+  "MIICpjCCAZCgAwIBAgIESEPtjjALBgkqhkiG9w0BAQUwADAeFw0wODA2MDIxMjU0\n"
+  "MzhaFw0wOTA2MDIxMjU0NDZaMAAwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC\n"
+  "AQC03TyUvK5HmUAirRp067taIEO4bibh5nqolUoUdo/LeblMQV+qnrv/RNAMTx5X\n"
+  "fNLZ45/kbM9geF8qY0vsPyQvP4jumzK0LOJYuIwmHaUm9vbXnYieILiwCuTgjaud\n"
+  "3VkZDoQ9fteIo+6we9UTpVqZpxpbLulBMh/VsvX0cPJ1VFC7rT59o9hAUlFf9jX/\n"
+  "GmKdYI79MtgVx0OPBjmmSD6kicBBfmfgkO7bIGwlRtsIyMznxbHu6VuoX/eVxrTv\n"
+  "rmCwgEXLWRZ6ru8MQl5YfqeGXXRVwMeXU961KefbuvmEPccgCxm8FZ1C1cnDHFXh\n"
+  "siSgAzMBjC/b6KVhNQ4KnUdZAgMBAAGjLzAtMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n"
+  "BBYEFJcUvpjvE5fF/yzUshkWDpdYiQh/MAsGCSqGSIb3DQEBBQOCAQEARP7eKSB2\n"
+  "RNd6XjEjK0SrxtoTnxS3nw9sfcS7/qD1+XHdObtDFqGNSjGYFB3Gpx8fpQhCXdoN\n"
+  "8QUs3/5ZVa5yjZMQewWBgz8kNbnbH40F2y81MHITxxCe1Y+qqHWwVaYLsiOTqj2/\n"
+  "0S3QjEJ9tvklmg7JX09HC4m5QRYfWBeQLD1u8ZjA1Sf1xJriomFVyRLI2VPO2bNe\n"
+  "JDMXWuP+8kMC7gEvUnJ7A92Y2yrhu3QI3bjPk8uSpHea19Q77tul1UVBJ5g+zpH3\n"
+  "OsF5p0MyaVf09GTzcLds5nE/osTdXGUyHJapWReVmPm3Zn6gqYlnzD99z+DPIgIV\n"
+  "RhZvQx74NQnS6g==\n" "-----END CERTIFICATE-----\n";
+
+/* test server key */
+const char srv_key_pem[] =
+  "-----BEGIN RSA PRIVATE KEY-----\n"
+  "MIIEowIBAAKCAQEAtN08lLyuR5lAIq0adOu7WiBDuG4m4eZ6qJVKFHaPy3m5TEFf\n"
+  "qp67/0TQDE8eV3zS2eOf5GzPYHhfKmNL7D8kLz+I7psytCziWLiMJh2lJvb2152I\n"
+  "niC4sArk4I2rnd1ZGQ6EPX7XiKPusHvVE6VamacaWy7pQTIf1bL19HDydVRQu60+\n"
+  "faPYQFJRX/Y1/xpinWCO/TLYFcdDjwY5pkg+pInAQX5n4JDu2yBsJUbbCMjM58Wx\n"
+  "7ulbqF/3lca0765gsIBFy1kWeq7vDEJeWH6nhl10VcDHl1PetSnn27r5hD3HIAsZ\n"
+  "vBWdQtXJwxxV4bIkoAMzAYwv2+ilYTUOCp1HWQIDAQABAoIBAArOQv3R7gmqDspj\n"
+  "lDaTFOz0C4e70QfjGMX0sWnakYnDGn6DU19iv3GnX1S072ejtgc9kcJ4e8VUO79R\n"
+  "EmqpdRR7k8dJr3RTUCyjzf/C+qiCzcmhCFYGN3KRHA6MeEnkvRuBogX4i5EG1k5l\n"
+  "/5t+YBTZBnqXKWlzQLKoUAiMLPg0eRWh+6q7H4N7kdWWBmTpako7TEqpIwuEnPGx\n"
+  "u3EPuTR+LN6lF55WBePbCHccUHUQaXuav18NuDkcJmCiMArK9SKb+h0RqLD6oMI/\n"
+  "dKD6n8cZXeMBkK+C8U/K0sN2hFHACsu30b9XfdnljgP9v+BP8GhnB0nCB6tNBCPo\n"
+  "32srOwECgYEAxWh3iBT4lWqL6bZavVbnhmvtif4nHv2t2/hOs/CAq8iLAw0oWGZc\n"
+  "+JEZTUDMvFRlulr0kcaWra+4fN3OmJnjeuFXZq52lfMgXBIKBmoSaZpIh2aDY1Rd\n"
+  "RbEse7nQl9hTEPmYspiXLGtnAXW7HuWqVfFFP3ya8rUS3t4d07Hig8ECgYEA6ou6\n"
+  "OHiBRTbtDqLIv8NghARc/AqwNWgEc9PelCPe5bdCOLBEyFjqKiT2MttnSSUc2Zob\n"
+  "XhYkHC6zN1Mlq30N0e3Q61YK9LxMdU1vsluXxNq2rfK1Scb1oOlOOtlbV3zA3VRF\n"
+  "hV3t1nOA9tFmUrwZi0CUMWJE/zbPAyhwWotKyZkCgYEAh0kFicPdbABdrCglXVae\n"
+  "SnfSjVwYkVuGd5Ze0WADvjYsVkYBHTvhgRNnRJMg+/vWz3Sf4Ps4rgUbqK8Vc20b\n"
+  "AU5G6H6tlCvPRGm0ZxrwTWDHTcuKRVs+pJE8C/qWoklE/AAhjluWVoGwUMbPGuiH\n"
+  "6Gf1bgHF6oj/Sq7rv/VLZ8ECgYBeq7ml05YyLuJutuwa4yzQ/MXfghzv4aVyb0F3\n"
+  "QCdXR6o2IYgR6jnSewrZKlA9aPqFJrwHNR6sNXlnSmt5Fcf/RWO/qgJQGLUv3+rG\n"
+  "7kuLTNDR05azSdiZc7J89ID3Bkb+z2YkV+6JUiPq/Ei1+nDBEXb/m+/HqALU/nyj\n"
+  "P3gXeQKBgBusb8Rbd+KgxSA0hwY6aoRTPRt8LNvXdsB9vRcKKHUFQvxUWiUSS+L9\n"
+  "/Qu1sJbrUquKOHqksV5wCnWnAKyJNJlhHuBToqQTgKXjuNmVdYSe631saiI7PHyC\n"
+  "eRJ6DxULPxABytJrYCRrNqmXi5TCiqR2mtfalEMOPxz8rUU8dYyx\n"
+  "-----END RSA PRIVATE KEY-----\n";
+
+#endif