# 
# test Apple certs. Requires the root to be trusted somehow (it's not explicitly passed to 
# the verifier here). . 
#
globals
allowUnverified = true
crlNetFetchEnable = false
certNetFetchEnable = false
useSystemAnchors = true
useTrustSettings = true
end
#
test = Development
cert = AppleDevelopment.pem
cert = AppleSWUPDATE.pem
policy = swuSign
error = CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT
certerror=0:CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT
end
#
#
test = "Software Update"
cert = AppleSoftUpdate.pem
cert = AppleSWUPDATE.pem
policy = swuSign
end
#
test = "test the intermediate CA, wrong cert chain length"
cert = AppleSWUPDATE.pem
policy = swuSign
error = CSSMERR_APPLETP_CS_BAD_CERT_CHAIN_LENGTH
end
#