# HG changeset patch
# User Gregory Szorc <gregory.szorc@gmail.com>
# Date 1467254979 25200
# Node ID afbe1fe4c44e76572ca5dec8a3921ab6b053c570
# Parent  13edc11eb7b7c524354d112c113ce492bb3d56d9
tests: test case where default ca certs not available

I'm not a fan of TLS tests not testing both branches of a possible
configuration. While we have test coverage of the inability to validate
a cert later in this file, I insist that we add this branch so
our testing of security code is extra comprehensive.

diff -r 13edc11eb7b7 -r afbe1fe4c44e tests/test-https.t
--- a/tests/test-https.t	Wed Jun 29 19:38:24 2016 -0700
+++ b/tests/test-https.t	Wed Jun 29 19:49:39 2016 -0700
@@ -51,6 +51,11 @@
   $ hg clone https://localhost:$HGPORT/ copy-pull
   abort: error: *certificate verify failed* (glob)
   [255]
+#else
+  $ hg clone https://localhost:$HGPORT/ copy-pull
+  abort: localhost certificate error: no certificate received
+  (set hostsecurity.localhost:certfingerprints=sha256:62:09:97:2f:97:60:e3:65:8f:12:5d:78:9e:35:a1:36:7a:65:4b:0e:9f:ac:db:c3:bc:6e:b6:a3:c0:16:e0:30 config setting or use --insecure to connect insecurely)
+  [255]
 #endif
 
 Specifying a per-host certificate file that doesn't exist will abort