From 7ab3e27c79e45d6a853e22d0fe0068832a3a337b Mon Sep 17 00:00:00 2001
From: Kevin Glisson <kglisson@netflix.com>
Date: Fri, 26 Jun 2015 16:16:13 -0700
Subject: [PATCH] Starting add certificate tests

---
 lemur/tests/certs.py             | 183 ++++++++++++++
 lemur/tests/test_certificates.py | 416 +++++++++++++++++++++++++------
 2 files changed, 517 insertions(+), 82 deletions(-)
 create mode 100644 lemur/tests/certs.py

diff --git a/lemur/tests/certs.py b/lemur/tests/certs.py
new file mode 100644
index 00000000..29e62705
--- /dev/null
+++ b/lemur/tests/certs.py
@@ -0,0 +1,183 @@
+from cryptography import x509
+from cryptography.hazmat.backends import default_backend
+
+INTERNAL_VALID_LONG_STR = """
+-----BEGIN CERTIFICATE-----
+MIID1zCCAr+gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgMAkNBMRAwDgYDVQQHDAdBIHBsYWNlMRcwFQYDVQQDDA5sb25nLmxp
+dmVkLmNvbTEQMA4GA1UECgwHRXhhbXBsZTETMBEGA1UECwwKT3BlcmF0aW9uczEe
+MBwGCSqGSIb3DQEJARYPamltQGV4YW1wbGUuY29tMB4XDTE1MDYyNjIwMzA1MloX
+DTQwMDEwMTIwMzA1MlowgYwxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEQMA4G
+A1UEBwwHQSBwbGFjZTEXMBUGA1UEAwwObG9uZy5saXZlZC5jb20xEDAOBgNVBAoM
+B0V4YW1wbGUxEzARBgNVBAsMCk9wZXJhdGlvbnMxHjAcBgkqhkiG9w0BCQEWD2pp
+bUBleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKeg
+sqb0HI10i2eRSx3pLeA7JoGdUpud7hy3bGws/1HgOSpRMin9Y65DEpVq2Ia9oir7
+XOJLpSTEIulnBkgDHNOsdKVYHDR6k0gUisnIKSl2C3IgKHpCouwiOvvVPwd3PExg
+17+d7KLBIu8LpG28wkXKFU8vSz5i7H4i/XCEChnKJ4oGJuGAJJM4Zn022U156pco
+97aEAc9ZXR/1dm2njr4XxCXmrnKCYTElfRhLkmxtv+mCi6eV//5d12z7mY3dTBkQ
+EG2xpb5DQ+ITQ8BzsKcPX80rz8rTzgYFwaV3gUg38+bgka/JGJq8HgBuNnHv5CeT
+1T/EoZTRYW2oPfOgQK8CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B
+Af8EBAMCAQYwHQYDVR0OBBYEFIuDY73dQIhj2nnd4DG2SvseHVVaMA0GCSqGSIb3
+DQEBCwUAA4IBAQBk/WwfoWYdS0M8rz5tJda/cMdYFSugUbTn6JJdmHuw6RmiKzKG
+8NzfSqBR6m8MWdSTuAZ/chsUZH9YEIjS9tAH9/FfUFBrsUE7TXaUgpNBm4DBLLfl
+fj5xDmEyj17JPN/C36amQ9eU5BNesdCx9EkdWLyVJaM50HFRo71W0/FrpKZyKK68
+XPhd1z9w/xgfCfYhe7PjEmrmNPN5Tgk5TyXW+UUhOepDctAv2DBetptcx+gHrtW+
+Ygk1wptlt/tg7uUmstmXZA4vTPx83f4P3KSS3XHIYFIyGFWUDs23C20K6mmW1iXa
+h0S8LN4iv/+vNFPNiM1z9X/SZgfbwZXrLsSi
+-----END CERTIFICATE-----
+"""
+INTERNAL_VALID_LONG_CERT = x509.load_pem_x509_certificate(INTERNAL_VALID_LONG_STR, default_backend())
+
+
+INTERNAL_INVALID_STR = """
+-----BEGIN CERTIFICATE-----
+MIIEFTCCAv2gAwIBAgICA+gwDQYJKoZIhvcNAQELBQAwgYwxCzAJBgNVBAYTAlVT
+MQswCQYDVQQIDAJDQTEQMA4GA1UEBwwHQSBwbGFjZTEXMBUGA1UEAwwObG9uZy5s
+aXZlZC5jb20xEDAOBgNVBAoMB0V4YW1wbGUxEzARBgNVBAsMCk9wZXJhdGlvbnMx
+HjAcBgkqhkiG9w0BCQEWD2ppbUBleGFtcGxlLmNvbTAeFw0xNTA2MjYyMDM2NDha
+Fw0xNTA2MjcyMDM2NDhaMGkxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEQMA4G
+A1UEBxMHQSBwbGFjZTEQMA4GA1UEChMHRXhhbXBsZTETMBEGA1UECxMKT3BlcmF0
+aW9uczEUMBIGA1UEAxMLZXhwaXJlZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCcSMzRxB6+UONPqYMy1Ojw3Wi8DIpt9USnSR60I8LiEuRK2ayr
+0RMjLJ6sBEgy/hISEqpLgTsciDpxwaTC/WNrkT9vaMcwfiG3V0Red8zbKHQzC+Ty
+cLRg9wbC3v613kaIZCQCoE7Aouru9WbVPmuRoasfztrgksWmH9infQbL4TDcmcxo
+qGaMn4ajQTVAD63CKnut+CULZIMBREBVlSTLiOO7qZdTrd+vjtLWvdXVPcWLSBrd
+Vpu3YnhqqTte+DMzQHwY7A2s3fu4Cg4H4npzcR+0H1H/B5z64kxqZq9FWGIcZcz7
+0xXeHN9UUKPDSTgsjtIzKTaIOe9eML3jGSU7AgMBAAGjgaIwgZ8wDAYDVR0TAQH/
+BAIwADAOBgNVHQ8BAf8EBAMCBaAwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwHQYD
+VR0OBBYEFKwBYaxCLxK0csmV319rbRdqDllWMEgGA1UdHwRBMD8wPaA7oDmGN2h0
+dHA6Ly90ZXN0LmNsb3VkY2EuY3JsLm5ldGZsaXguY29tL2xvbmdsaXZlZENBL2Ny
+bC5wZW0wDQYJKoZIhvcNAQELBQADggEBADFngqsMsGnNBWknphLDvnoWu5MTrpsD
+AgN0bktv5ACKRWhi/qtCmkEf6TieecRMwpQNMpE50dko3LGGdWlZRCI8wdH/zrw2
+8MnOeCBxuS1nB4muUGjbf4LIbtuwoHSESrkfmuKjGGK9JTszLL6Hb9YnoFefeg8L
+T7W3s8mm5bVHhQM7J9tV6dz/sVDmpOSuzL8oZkqeKP+lWU6ytaohFFpbdzaxWipU
+3+GobVe4vRqoF1kwuhQ8YbMbXWDK6zlrT9pjFABcQ/b5nveiW93JDQUbjmVccx/u
+kP+oGWtHvhteUAe8Gloo5NchZJ0/BqlYRCD5aAHcmbXRsDid9mO4ADU=
+-----END CERTIFICATE-----
+"""
+INTERNAL_INVALID_CERT = x509.load_pem_x509_certificate(INTERNAL_INVALID_STR, default_backend())
+
+
+INTERNAL_VALID_SAN_STR = """
+-----BEGIN CERTIFICATE-----
+MIIESjCCAzKgAwIBAgICA+kwDQYJKoZIhvcNAQELBQAwgYwxCzAJBgNVBAYTAlVT
+MQswCQYDVQQIDAJDQTEQMA4GA1UEBwwHQSBwbGFjZTEXMBUGA1UEAwwObG9uZy5s
+aXZlZC5jb20xEDAOBgNVBAoMB0V4YW1wbGUxEzARBgNVBAsMCk9wZXJhdGlvbnMx
+HjAcBgkqhkiG9w0BCQEWD2ppbUBleGFtcGxlLmNvbTAeFw0xNTA2MjYyMDU5MDZa
+Fw0yMDAxMDEyMDU5MDZaMG0xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEQMA4G
+A1UEBxMHQSBwbGFjZTEQMA4GA1UEChMHRXhhbXBsZTETMBEGA1UECxMKT3BlcmF0
+aW9uczEYMBYGA1UEAxMPc2FuLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEA2Nq5zFh2WiqtNIPssdSwQ9/00j370VcKPlOATLqK24Q+
+dr2hWP1WlZJ0NOoPefhoIysccs2tRivosTpViRAzNJXigBHhxe8ger0QhVW6AXIp
+ov327N689TgY4GzRrwqavjz8cqussIcnEUr4NLLsU5AvXE7e3WxYkkskzO497UOI
+uCBtWdCXZ4cAGhtVkkA5uQHfPsLmgRVoUmdMDt5ZmA8HhLX4X6vkT3oGIhdGCw6T
+W+Cu7PfYlSaggSBbBniU0YKTFLfGLkYFZN/b6bxzvt6CTJLoVFAYXyLJwUvd3EAm
+u23HgUflIyZNG3xVPml/lah0OIX7RtSigXUSLm7lYwIDAQABo4HTMIHQMAwGA1Ud
+EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMB
+MC8GA1UdEQQoMCaCEWV4YW1wbGUyLmxvbmcuY29tghFleGFtcGxlMy5sb25nLmNv
+bTAdBgNVHQ4EFgQUiiIyclcBIfJ5PE3OCcTXwzJAM+0wSAYDVR0fBEEwPzA9oDug
+OYY3aHR0cDovL3Rlc3QuY2xvdWRjYS5jcmwubmV0ZmxpeC5jb20vbG9uZ2xpdmVk
+Q0EvY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOCAQEAgcTioq70B/aPWovNTy+84wLw
+VX1q6bCdH3FJwAv2rc28CHp5mCGdR6JqfT/H/CbfRwT1Yh/5i7T5kEVyz+Dp3+p+
+AJ2xauHrTvWn0QHQYbUWICwkuZ7VTI9nd0Fry1FQI1EeKiCmyrzNljiN2l+GZw6i
+NJUpVNtwRyWRzB+yIx2E9wyydqDFH+sROuQok7EgzlQileitPrF4RrkfIhQp2/ki
+YBrY/duF15YpoMKAlFhDBh6R9/nb5kI2n3pY6I5h6LEYfLStazXbIu61M8zu9TM/
++t5Oz6rmcjohL22+sEmmRz86dQZlrBBUxX0kCQj6OAFB4awtRd4fKtkCkZhvhQ==
+-----END CERTIFICATE-----
+"""
+INTERNAL_VALID_SAN_CERT = x509.load_pem_x509_certificate(INTERNAL_VALID_SAN_STR, default_backend())
+
+
+INTERNAL_VALID_WILDCARD_STR = """
+-----BEGIN CERTIFICATE-----
+MIIEHDCCAwSgAwIBAgICA+owDQYJKoZIhvcNAQELBQAwgYwxCzAJBgNVBAYTAlVT
+MQswCQYDVQQIDAJDQTEQMA4GA1UEBwwHQSBwbGFjZTEXMBUGA1UEAwwObG9uZy5s
+aXZlZC5jb20xEDAOBgNVBAoMB0V4YW1wbGUxEzARBgNVBAsMCk9wZXJhdGlvbnMx
+HjAcBgkqhkiG9w0BCQEWD2ppbUBleGFtcGxlLmNvbTAeFw0xNTA2MjYyMTEzMTBa
+Fw0yMDAxMDEyMTEzMTBaMHAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEQMA4G
+A1UEBxMHQSBwbGFjZTEQMA4GA1UEChMHRXhhbXBsZTETMBEGA1UECxMKT3BlcmF0
+aW9uczEbMBkGA1UEAxQSKi50ZXN0LmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA0T7OEY9FxMIdhe1CwLc+TbDeSfDN6KRHlp0I9MwK
+3Pre7A1+1vmRzLiS5qAdOh3Oexelmgdkn/fZUFI+IqEVJwmeUiq13Kib3BFnVtbB
+N1RdT7rZF24Bqwygf1DHAekEBYdvu4dGD/gYKsLYsSMD7g6glUuhTbgR871updcV
+USYJ801y640CcHjai8UCLxpqtkP/Alob+/KDczUHbhdxYgmH34aQgxC8zg+uzuq6
+bIqUAc6SctI+6ArXOqri7wSMgZUnogpF4R5QbCnlDfSzNcNxJFtGp8cy7CNWebMd
+IWgBYwee8i8S6Q90B2QUFD9EGG2pEZldpudTxWUpq0tWmwIDAQABo4GiMIGfMAwG
+A1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMBYGA1UdJQEB/wQMMAoGCCsGAQUF
+BwMBMB0GA1UdDgQWBBTH2KIECrqPHMbsVysGv7ggkYYZGDBIBgNVHR8EQTA/MD2g
+O6A5hjdodHRwOi8vdGVzdC5jbG91ZGNhLmNybC5uZXRmbGl4LmNvbS9sb25nbGl2
+ZWRDQS9jcmwucGVtMA0GCSqGSIb3DQEBCwUAA4IBAQBjjfur2B6BcdIQIouwhXGk
+IFE5gUYMK5S8Crf/lpMxwHdWK8QM1BpJu9gIo6VoM8uFVa8qlY8LN0SyNyWw+qU5
+Jc8X/qCeeJwXEyXY3dIYRT/1aj7FCc7EFn1j6pcHPD6/0M2z0Zmj+1rWNBJdcYor
+pCy27OgRoJKZ6YhEYekzwIPeFPL6irIN9xKPnfH0b2cnYa/g56DyGmyKH2Kkhz0A
+UGniiUh4bAUuppbtSIvUTsRsJuPYOqHC3h8791JZ/3Sr5uB7QbCdz9K14c9zi6Z1
+S0Xb3ZauZJQI7OdHeUPDRVq+8hcG77sopN9pEYrIH08oxvLX2US3GqrowjOxthRa
+-----END CERTIFICATE-----
+"""
+INTERNAL_VALID_WILDCARD_CERT = x509.load_pem_x509_certificate(INTERNAL_VALID_WILDCARD_STR, default_backend())
+
+
+EXTERNAL_VALID_STR = """
+-----BEGIN CERTIFICATE-----
+MIIFHzCCBAegAwIBAgIQGFWCciDWzbOej/TbAJN0WzANBgkqhkiG9w0BAQsFADCB
+pDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w
+HQYDVQQLExZGT1IgVEVTVCBQVVJQT1NFUyBPTkxZMR8wHQYDVQQLExZTeW1hbnRl
+YyBUcnVzdCBOZXR3b3JrMTQwMgYDVQQDEytTeW1hbnRlYyBDbGFzcyAzIFNlY3Vy
+ZSBTZXJ2ZXIgVEVTVCBDQSAtIEc0MB4XDTE1MDYyNDAwMDAwMFoXDTE1MDYyNTIz
+NTk1OVowgYMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDQUxJRk9STklBMRIwEAYD
+VQQHDAlMb3MgR2F0b3MxFjAUBgNVBAoMDU5ldGZsaXgsIEluYy4xEzARBgNVBAsM
+Ck9wZXJhdGlvbnMxHjAcBgNVBAMMFXR0dHQyLm5ldGZsaXh0ZXN0Lm5ldDCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALwMY/yod9YGLKLCzbbsSUBWm4ZC
+DfcgbUNL3JLtZaFCaOeUPLa4YNqty+9ACXBLYPNMm+dgsRHix8N2uwtZrGazHILK
+qey96eSTosPsvKFt0KLNpUl8GC/YxA69L128SJgFaaq5Dr2Mp3NP0rt0RIz5luPj
+Oae0hkGOS8uS0dySlAmfOw2OsJY3gCw5UHcmpcCHpO2f7uU+tWKmgfz4U/PpQ0kz
+WVJno+JhcaXIximtiLreCNF1LpraAjrcZJ+ySJwYaLaYMiJoFkdXUtKJcyqmkbA3
+Splt7N4Hb8c+5aXv225uQYCh0HXQeMyBotlaIrAddP5obrtjxhXBxB4ysEcCAwEA
+AaOCAWowggFmMCAGA1UdEQQZMBeCFXR0dHQyLm5ldGZsaXh0ZXN0Lm5ldDAJBgNV
+HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
+BQUHAwIwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggrBgEFBQcCARYXaHR0cHM6
+Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNi
+LmNvbS9ycGEwHwYDVR0jBBgwFoAUNI9UtT8KH1K6nLJl7bqLCGcZ4AQwKwYDVR0f
+BCQwIjAgoB6gHIYaaHR0cDovL3NzLnN5bWNiLmNvbS9zcy5jcmwwVwYIKwYBBQUH
+AQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc3Muc3ltY2QuY29tMCYGCCsGAQUF
+BzAChhpodHRwOi8vc3Muc3ltY2IuY29tL3NzLmNydDANBgkqhkiG9w0BAQsFAAOC
+AQEAQuIfyBltvCZ9orqNdS6PUo2PaeUgJzkmdDwbDVd7rTwbZIwGZXZjeKseqMSb
+L+r/jN6DWrScVylleiz0N/D0lSUhC609dQKuicGpy3yQaXwhfYZ6duxrW3Ii/+Vz
+pFv7DnG3JPZjIXCmVhQVIv/8oaV0bfUF/1mrWRFwZiBILxa7iaycRhjusJEVRtzN
+Ot/qkLluHO0wbEHnASV4P9Y5NuR/bliuFS/DeRczofNS78jJuZrGvl2AqS/19Hvm
+Bs63gULVCqWygt5KEbv990m/XGuRMaXuHzHCHB4v5LRM30FiFmqCzyD8d+btzW9B
+1hZ5s3rj+a6UwvpinKJoPfgkgg==
+-----END CERTIFICATE-----
+"""
+EXTERNAL_CERT = x509.load_pem_x509_certificate(EXTERNAL_VALID_STR, default_backend())
+
+
+PRIVATE_KEY_STR = """
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAnEjM0cQevlDjT6mDMtTo8N1ovAyKbfVEp0ketCPC4hLkStms
+q9ETIyyerARIMv4SEhKqS4E7HIg6ccGkwv1ja5E/b2jHMH4ht1dEXnfM2yh0Mwvk
+8nC0YPcGwt7+td5GiGQkAqBOwKLq7vVm1T5rkaGrH87a4JLFph/Yp30Gy+Ew3JnM
+aKhmjJ+Go0E1QA+twip7rfglC2SDAURAVZUky4jju6mXU63fr47S1r3V1T3Fi0ga
+3Vabt2J4aqk7XvgzM0B8GOwNrN37uAoOB+J6c3EftB9R/wec+uJMamavRVhiHGXM
++9MV3hzfVFCjw0k4LI7SMyk2iDnvXjC94xklOwIDAQABAoIBAGeykly5MeD70OgB
+xPEMfoebkav88jklnekVxk6mz9+rw1i6+CyFLJqRN7NRoApdtOXTBrXUyMEUzxq9
+7zIGaVptZNbqggh2GK8LM20vNnlQbVGVmdMX30fbgNv6lK1eEBTdxVsMvVRqhVIK
++LGTmlJmICKZ4XdTS9v/k4UGm2TZPCt2pvrNzIpT7TIm2QybCbZoOPY8SHx0U8c5
+lmtdqmIsy2JPNSOsOCiJgzQIvkR/fMGWFgNE4fEHsHAfubgpK97TGzwLiFRmlTb+
+QUDaz0YbwhF+5bQjHtaGUGATcg5bvV1UWBUvp+g4gRIfwzG+3PAGacYE/djouAdG
+PHbxuCkCgYEAz/LsgMgsaV3arlounviSwc8wG9WcI5gbYw5qwX0P57ZoxS7EBAGu
+yYtudurJrU9SfsSV44GL11UzBcAGOeS0btddrcMiNBhc7fY7P/1xaufQ3GjG06/v
+kH4gOjzsGSTJliZ709g4J6hnMCxz0O0PS31Qg5cBD8UG8xO7/AV0is0CgYEAwGWy
+A6YPinpZuenaxrivM5AcVDWmj7aeC29M63l/GY+O5LQH2PKVESH0vL5PvG3LkrCR
+SUbaMKdKR0wnZsJ89z21eZ54ydUgj41bZJczl8drxcY0GSajj6XZXGTUjtoVrWsB
+A0kJbjsrpd+8J316Y9iCgpopmbVd965pUHe4ACcCgYAamJlDB1cWytgzQHmB/4zV
+mOgwRyvHKacnDir9QD+OhTf1MDwFvylZwamJMBJHRkPozr/U7zaxfcYe0CZ7tRKW
+spjapoBzZUJNdRay4nllEO0Xo5b6cCAVvOvmRvBzbs8Rky53M8pK2DEKakUNzaQN
+JaPskJ2kJLD02etLGm+DaQKBgQCTI/NNmQ2foUzHw1J+0jWjoJ4ZxOI6XLZoFlnk
+aInMuZ7Vx92MjJF2hdqPEpkWiX28FO839EjgFsDW4CXuD+XUjEwi1BCagzWgs8Hm
+n0Bk3q3MlnW3mnZSYMtoPvDUw3L6qrAenBfrRrNt6zsRlIQqoiXFzjLsi+luh+Oh
+F74P1wKBgQCPQGKLUcfAvjIcZp4ECH0K8sBEmoEf8pceuALZ3H5vneYDzqMDIceo
+t5Gpocpt77LJnNiszXSerj/KjX2MflY5xUXeekWowLVTBOK5+CZ8+XBIgBt1hIG3
+XKxcRgm/Va4QMEAnec0qXfdTVJaJiAW0bdKwKRRrrbwcTdNRGibdng==
+-----END RSA PRIVATE KEY-----
+"""
\ No newline at end of file
diff --git a/lemur/tests/test_certificates.py b/lemur/tests/test_certificates.py
index e24251c5..3201287a 100644
--- a/lemur/tests/test_certificates.py
+++ b/lemur/tests/test_certificates.py
@@ -1,85 +1,337 @@
-import os
-import shutil
+import pytest
+from lemur.certificates.views import *
 
-import boto
-from moto import mock_iam, mock_sts, mock_s3
-
-from lemur.tests import LemurTestCase
+#def test_crud(session):
+#    role = create('role1')
+#    assert role.id > 0
+#
+#    role = update(role.id, 'role_new', None, [])
+#    assert role.name == 'role_new'
+#    delete(role.id)
+#    assert get(role.id) == None
 
 
-#class CertificateTestCase(LemurTestCase):
-#    def test_create_challenge(self):
-#        from lemur.certificates.service import create_challenge
-#        self.assertTrue(len(create_challenge()) >= 24)
-#
-#    def test_hash_domains(self):
-#        from lemur.certificates.service import hash_domains
-#        h = hash_domains(['netflix.com', 'www.netflix.com', 'movies.netflix.com'])
-#        self.assertEqual('c9c83253b46c7c1245c100ed3f7045eb', h)
-#
-#    def test_create_csr(self):
-#        from lemur.certificates.service import create_csr
-#        from lemur.tests.test_csr import TEST_CSR
-#        path = create_csr(['netflix.com'], TEST_CSR)
-#        files = len(os.listdir(path))
-#        self.assertEqual(files, 4)
-#        shutil.rmtree(path)
-#
-#    def test_create_san_csr(self):
-#        from lemur.certificates.service import create_csr
-#        from lemur.tests.test_csr import TEST_CSR
-#        path = create_csr(['netflix.com', 'www.netflix.com'], TEST_CSR)
-#        files = len(os.listdir(path))
-#        self.assertEqual(files, 4)
-#        shutil.rmtree(path)
-#
-#    def test_create_path(self):
-#        from lemur.certificates.service import create_path
-#        path = create_path("blah")
-#        self.assertIn('blah', path)
-#        shutil.rmtree(path)
-#
-#    @mock_s3
-#    @mock_sts
-#    @mock_iam
-#    def test_save_cert(self):
-#        from lemur.certificates.service import save_cert
-#        from lemur.common.services.aws.iam import get_all_server_certs
-#        conn = boto.connect_s3()
-#        bucket = conn.create_bucket(app.config.get('S3_BUCKET'))
-#        cert = save_cert(TEST_CERT, TEST_KEY, None, "blah", "blah", [1])
-#        count = 0
-#        for key in bucket.list():
-#            count += 1
-#
-#        self.assertEqual(count, 4)
-#        certs = get_all_server_certs('1111')
-#        self.assertEqual(len(certs), 1)
-#
-##    @mock_s3
-##    @mock_sts
-##    @mock_iam
-##    def test_upload_cert(self):
-##        from lemur.certificates.service import upload
-##        from lemur.common.services.aws.iam import get_all_server_certs
-##        conn = boto.connect_s3()
-##        bucket = conn.create_bucket(app.config.get('S3_BUCKET'))
-##
-##        cert_up = {"public_cert": TEST_CERT, "private_key": TEST_KEY, "owner": "test@example.com", "accounts_ids": ['1111']}
-##
-##        cert_name = upload(**cert_up)
-##        valid_name = 'AHB-dfdsflkj.net-NetflixInc-20140525-20150525'
-##        self.assertEqual(cert_name, valid_name)
-##
-##        app.logger.debug(cert_name)
-##        count = 0
-##
-##        for key in bucket.list():
-##            count += 1
-##
-##        self.assertEqual(count, 2)
-##        certs = get_all_server_certs('179727101194')
-##        self.assertEqual(len(certs), 1)
-##
-##
-##
+def test_valid_authority(session):
+    assert 1 == 2
+
+
+def test_pem_str():
+    from lemur.tests.certs import INTERNAL_VALID_LONG_STR
+    assert pem_str(INTERNAL_VALID_LONG_STR, 'test') == INTERNAL_VALID_LONG_STR
+
+    with pytest.raises(ValueError):
+        pem_str('sdfsdfds', 'test')
+
+
+def test_private_key_str():
+    from lemur.tests.certs import PRIVATE_KEY_STR
+    assert private_key_str(PRIVATE_KEY_STR, 'test') == PRIVATE_KEY_STR
+
+    with pytest.raises(ValueError):
+        private_key_str('dfsdfsdf', 'test')
+
+
+def test_create_csr():
+    assert 1 == 2
+
+
+def test_create_path():
+    assert 1 == 2
+
+
+def test_load_ssl_pack():
+    assert 1 == 2
+
+
+def test_delete_ssl_path():
+    assert 1 == 2
+
+
+def test_import_certificate(session):
+    assert 1 == 2
+
+
+def test_mint():
+    assert 1 == 2
+
+
+def test_disassociate_aws_account():
+    assert 1 == 2
+
+
+def test_cert_get_cn():
+    from lemur.tests.certs import INTERNAL_VALID_LONG_CERT
+    from lemur.certificates.models import cert_get_cn
+
+    assert cert_get_cn(INTERNAL_VALID_LONG_CERT) == 'long.lived.com'
+
+
+def test_cert_get_domains():
+    from lemur.tests.certs import INTERNAL_VALID_SAN_CERT, INTERNAL_VALID_LONG_CERT
+    from lemur.certificates.models import cert_get_domains
+
+    assert cert_get_domains(INTERNAL_VALID_LONG_CERT) == ['long.lived.com']
+    assert cert_get_domains(INTERNAL_VALID_SAN_CERT) == ['example2.long.com', 'example3.long.com', 'san.example.com']
+
+
+def test_cert_is_san():
+    from lemur.tests.certs import INTERNAL_VALID_SAN_CERT, INTERNAL_VALID_LONG_CERT
+    from lemur.certificates.models import cert_is_san
+
+    assert cert_is_san(INTERNAL_VALID_LONG_CERT) == False
+    assert cert_is_san(INTERNAL_VALID_SAN_CERT) == True
+
+
+def test_cert_is_wildcard():
+    from lemur.tests.certs import INTERNAL_VALID_WILDCARD_CERT, INTERNAL_VALID_LONG_CERT
+    from lemur.certificates.models import cert_is_wildcard
+    assert cert_is_wildcard(INTERNAL_VALID_WILDCARD_CERT) == True
+    assert cert_is_wildcard(INTERNAL_VALID_LONG_CERT) == False
+
+
+def test_cert_get_bitstrength():
+    from lemur.tests.certs import INTERNAL_VALID_LONG_CERT
+    from lemur.certificates.models import cert_get_bitstrength
+    assert cert_get_bitstrength(INTERNAL_VALID_LONG_CERT) == 2048
+
+def test_cert_get_issuer():
+    from lemur.tests.certs import INTERNAL_VALID_LONG_CERT
+    from lemur.certificates.models import cert_get_issuer
+    assert cert_get_issuer(INTERNAL_VALID_LONG_CERT) == 'Example'
+
+
+def test_get_name_from_arn():
+    from lemur.certificates.models import get_name_from_arn
+    arn = 'arn:aws:iam::11111111:server-certificate/mycertificate'
+    assert get_name_from_arn(arn) == 'mycertificate'
+
+
+def test_get_account_number():
+    from lemur.certificates.models import get_account_number
+    arn = 'arn:aws:iam::11111111:server-certificate/mycertificate'
+    assert get_account_number(arn) == '11111111'
+
+
+def test_create_name():
+    from lemur.certificates.models import create_name
+    from datetime import datetime
+    assert create_name(
+        'Example Inc,',
+        datetime(2015, 5, 7, 0, 0, 0),
+        datetime(2015, 5, 12, 0, 0, 0),
+        'example.com',
+        False
+    ) == 'example.com-ExampleInc-20150507-20150512'
+    assert create_name(
+        'Example Inc,',
+        datetime(2015, 5, 7, 0, 0, 0),
+        datetime(2015, 5, 12, 0, 0, 0),
+        'example.com',
+        True
+    ) == 'SAN-example.com-ExampleInc-20150507-20150512'
+
+def test_is_expired():
+    assert 1 == 2
+
+
+def test_certificate_get(client):
+    assert client.get(api.url_for(Certificates, certificate_id=1)).status_code == 401
+
+
+def test_certificate_post(client):
+    assert client.post(api.url_for(Certificates, certificate_id=1), {}).status_code == 405
+
+
+def test_certificate_put(client):
+    assert client.put(api.url_for(Certificates, certificate_id=1), {}).status_code == 401
+
+
+def test_certificate_delete(client):
+    assert client.delete(api.url_for(Certificates, certificate_id=1)).status_code == 405
+
+
+def test_certificate_patch(client):
+    assert client.patch(api.url_for(Certificates, certificate_id=1), {}).status_code == 405
+
+
+def test_certificates_get(client):
+    assert client.get(api.url_for(CertificatesList)).status_code == 401
+
+
+def test_certificates_post(client):
+    assert client.post(api.url_for(CertificatesList), {}).status_code == 401
+
+
+def test_certificates_put(client):
+    assert client.put(api.url_for(CertificatesList), {}).status_code == 405
+
+
+def test_certificates_delete(client):
+    assert client.delete(api.url_for(CertificatesList)).status_code == 405
+
+
+def test_certificates_patch(client):
+    assert client.patch(api.url_for(CertificatesList), {}).status_code == 405
+
+
+def test_certificate_credentials_get(client):
+    assert client.get(api.url_for(CertificatePrivateKey, certificate_id=1)).status_code == 401
+
+
+def test_certificate_credentials_post(client):
+    assert client.post(api.url_for(CertificatePrivateKey, certificate_id=1), {}).status_code == 405
+
+
+def test_certificate_credentials_put(client):
+    assert client.put(api.url_for(CertificatePrivateKey, certificate_id=1), {}).status_code == 405
+
+
+def test_certificate_credentials_delete(client):
+    assert client.delete(api.url_for(CertificatePrivateKey, certificate_id=1)).status_code == 405
+
+
+def test_certificate_credentials_patch(client):
+    assert client.patch(api.url_for(CertificatePrivateKey, certificate_id=1), {}).status_code == 405
+
+
+def test_certificates_upload_get(client):
+    assert client.get(api.url_for(CertificatesUpload)).status_code == 405
+
+
+def test_certificates_upload_post(client):
+    assert client.post(api.url_for(CertificatesUpload), {}).status_code == 401
+
+
+def test_certificates_upload_put(client):
+    assert client.put(api.url_for(CertificatesUpload), {}).status_code == 405
+
+
+def test_certificates_upload_delete(client):
+    assert client.delete(api.url_for(CertificatesUpload)).status_code == 405
+
+
+def test_certificates_upload_patch(client):
+    assert client.patch(api.url_for(CertificatesUpload), {}).status_code == 405
+
+
+VALID_USER_HEADER_TOKEN = {
+    'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyMzMzNjksInN1YiI6MSwiZXhwIjoxNTIxNTQ2OTY5fQ.1qCi0Ip7mzKbjNh0tVd3_eJOrae3rNa_9MCVdA4WtQI'}
+
+
+def test_auth_certificate_get(client):
+    assert client.get(api.url_for(Certificates, certificate_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 200
+
+
+def test_auth_certificate_post_(client):
+    assert client.post(api.url_for(Certificates, certificate_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_certificate_put(client):
+    assert client.put(api.url_for(Certificates, certificate_id=1), data={}, headers=VALID_USER_HEADER_TOKEN).status_code == 400
+
+
+def test_auth_certificate_delete(client):
+    assert client.delete(api.url_for(Certificates, certificate_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_certificate_patch(client):
+    assert client.patch(api.url_for(Certificates, certificate_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_certificates_get(client):
+    assert client.get(api.url_for(CertificatesList), headers=VALID_USER_HEADER_TOKEN).status_code == 200
+
+
+def test_auth_certificates_post(client):
+    assert client.post(api.url_for(CertificatesList), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 400
+
+
+def test_auth_certificate_credentials_get(client):
+    assert client.get(api.url_for(CertificatePrivateKey, certificate_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 404
+
+
+def test_auth_certificate_credentials_post(client):
+    assert client.post(api.url_for(CertificatePrivateKey, certificate_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_certificate_credentials_put(client):
+    assert client.put(api.url_for(CertificatePrivateKey, certificate_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_certificate_credentials_delete(client):
+    assert client.delete(api.url_for(CertificatePrivateKey, certificate_id=1), headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_certificate_credentials_patch(client):
+    assert client.patch(api.url_for(CertificatePrivateKey, certificate_id=1), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_certificates_upload_get(client):
+    assert client.get(api.url_for(CertificatesUpload), headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_certificates_upload_post(client):
+    assert client.post(api.url_for(CertificatesUpload), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 400
+
+
+def test_auth_certificates_upload_put(client):
+    assert client.put(api.url_for(CertificatesUpload), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_certificates_upload_delete(client):
+    assert client.delete(api.url_for(CertificatesUpload), headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+def test_auth_certificates_upload_patch(client):
+    assert client.patch(api.url_for(CertificatesUpload), {}, headers=VALID_USER_HEADER_TOKEN).status_code == 405
+
+
+VALID_ADMIN_HEADER_TOKEN = {
+    'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE0MzUyNTAyMTgsInN1YiI6MiwiZXhwIjoxNTIxNTYzODE4fQ.6mbq4-Ro6K5MmuNiTJBB153RDhlM5LGJBjI7GBKkfqA'}
+
+
+def test_admin_certificate_get(client):
+    assert client.get(api.url_for(Certificates, certificate_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 200
+
+
+def test_admin_certificate_post(client):
+    assert client.post(api.url_for(Certificates, certificate_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_certificate_put(client):
+    assert client.put(api.url_for(Certificates, certificate_id=1), data={}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 400
+
+
+def test_admin_certificate_delete(client):
+    assert client.delete(api.url_for(Certificates, certificate_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_certificate_patch(client):
+    assert client.patch(api.url_for(Certificates, certificate_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_certificates_get(client):
+    resp = client.get(api.url_for(CertificatesList), headers=VALID_ADMIN_HEADER_TOKEN)
+    assert resp.status_code == 200
+    assert resp.json['total'] == 0
+
+
+def test_admin_certificate_credentials_get(client):
+    assert client.get(api.url_for(CertificatePrivateKey, certificate_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 404
+
+
+def test_admin_certificate_credentials_post(client):
+    assert client.post(api.url_for(CertificatePrivateKey, certificate_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_certificate_credentials_put(client):
+    assert client.put(api.url_for(CertificatePrivateKey, certificate_id=1), data={}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_certificate_credentials_delete(client):
+    assert client.delete(api.url_for(CertificatePrivateKey, certificate_id=1), headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+
+
+def test_admin_certificate_credentials_patch(client):
+    assert client.patch(api.url_for(CertificatePrivateKey, certificate_id=1), {}, headers=VALID_ADMIN_HEADER_TOKEN).status_code == 405
+