From ab70e6f11d1ee57c10ddb8fd58c4a28f375fe87c Mon Sep 17 00:00:00 2001
From: pemontto <pemontto@gmail.com>
Date: Fri, 18 Oct 2019 17:56:55 +0100
Subject: [PATCH] Add tests for SSL and and trial versions

---
 .kitchen.yml                                  |   8 +
 files/certs/keystore-password.p12             | Bin 0 -> 3451 bytes
 files/certs/shared-store-no-password.p12      | Bin 0 -> 3451 bytes
 files/certs/truststore-password.p12           | Bin 0 -> 3451 bytes
 .../helpers/serverspec/spec_helper.rb         |   1 +
 .../helpers/serverspec/xpack_upgrade_spec.rb  |  14 +-
 test/integration/issue-test-trial             |   1 +
 test/integration/issue-test-trial.yml         |  46 +++++
 test/integration/xpack-upgrade-trial          |   1 +
 test/integration/xpack-upgrade-trial.yml      | 177 ++++++++++++++++++
 test/integration/xpack-upgrade.yml            |  18 +-
 11 files changed, 257 insertions(+), 9 deletions(-)
 create mode 100644 files/certs/keystore-password.p12
 create mode 100644 files/certs/shared-store-no-password.p12
 create mode 100644 files/certs/truststore-password.p12
 create mode 120000 test/integration/issue-test-trial
 create mode 100644 test/integration/issue-test-trial.yml
 create mode 120000 test/integration/xpack-upgrade-trial
 create mode 100644 test/integration/xpack-upgrade-trial.yml

diff --git a/.kitchen.yml b/.kitchen.yml
index 953523e..66eb2f0 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -132,3 +132,11 @@ suites:
     provisioner:
       playbook: test/integration/issue-test.yml
       idempotency_test: false
+  - name: xpack-upgrade-trial
+    provisioner:
+      playbook: test/integration/xpack-upgrade-trial.yml
+      idempotency_test: false
+  - name: issue-test-trial
+    provisioner:
+      playbook: test/integration/issue-test-trial.yml
+      idempotency_test: false
\ No newline at end of file
diff --git a/files/certs/keystore-password.p12 b/files/certs/keystore-password.p12
new file mode 100644
index 0000000000000000000000000000000000000000..6a58eaac87a8d63f92f9a7fc59343acd46712949
GIT binary patch
literal 3451
zcmY+EcQhN08io^MM4MI>6)UI}<CoYwW~x@rnoaCY>>8yAL2Iw78da2ZP<usV)x36V
zlqjlNt7cLA_TF>v@1Fa|cfNC;_x-*<A0!?UOa-Jy;vq;{ut?nPxI+k#4p@YT@PhCV
zu0I%x#M5~HUqpii;c2Y@VDmp?LVM{ySC<)pR7H5u2@(%FM8atq{)_)S=KwLgq*ZfB
zzkAkwCFm9XvsB@?s<FI^RMdbjBM=_c*W6cdYEHw_<JV9eiZ!P~qxqGfFL{)G@!iWf
z#m498F5mCmMP&vA(^~>HnzHSpxTE>*xRdLl^mW<Ztb<DT9sI2G<KObQx(!#?!hPHC
zrD7ZnubtJ_rfQU1k@jf&AJ{Y5mdWKKzE0^OoC92MLo;w$g|Eq8><XsiLCAoB-Fd}^
z4(*zXHq(>09&pcP^yG0K$LHv*v9pNJ984wnQxu9>i*;BeDVy$h<-24IK@bBQ00nK!
zCw@W@wDW7WV}!ZOuRd2?VHgify>WLR=Y1H?;fGffdip%H*FkamO>h2O;^@h{{$F`d
zHr`zGOuKx$z++$JL<4N=apmR*5|&Huls5E3Je-efQZ}98rw<TTQf*>Kcj>;mrMsz4
z>c}(&N_KZzSD+)^`^zl*<hA|b*S!MD53*=9!kp(6IkbA{eDk^kSVqSzqR!@mP&ky9
zrpbT$J9Oe#)|BTmr$$Uo#m<yaR!dsrT<g6R@iAZzYzF0~<vwyFdK<(%&HI7dTO!mZ
z^MVlh)t<B<u|Zy${d8}pj(tR5m$F|&7wgJf8bOGnp5?EvG5fqN&Tzdci?U=SmiHDf
z3wb{&Ygv%>&N1QO%zg8L-+sYWPeDCSmI2m*oEcb8S(dqxt%Yf!U-v|QmFW@+r4sLz
zA~}2oadjv}I+pJ`rv=+xD&7b{L>M<apR$pW+owPSmP{7I-OX}2AE;DMavh`4^I>*<
zh0Gn(sI`FP{gvO>@5k5X(v6F5wm<M~whk^%ATLDd<kq7D)>B*(r1sU7e0I1ziX*<e
zMZqst<9pAmLj7OjGFf>UU=zPgv4^q=Qau)#ncS0AR%V8=B5^i9sD4s|$Z^^R(HgT;
z8m(p;s7QaNGSaYbi{d#47Yx5&GmYt}SU2b$yuJ~}jX)B8_`EOMsv>rnY!h`qU=vms
zh%LcZSvZZ3<$14(t_FcpTT{oM4&@r#x4xsrnHPE2w7bt|z-`Ue5orNVDMVJ12*_LM
zMp1w7&$f<I?EV}P+gL0XS@-Kp!)wbJ)?BlV`JnO*<qJiA6=NC{LgkE!=4^K^XWGld
zYZ+ytxm~7)tK3aDN5k&G>*>+U%t34X6DAq$$t$ey2b(#`bw`jIkuyz1aqA2FSZ^-k
zBRvr(8|YEnds7|oLuf0<fl$$g&{;D?Szbvy!k`?XjSHB@XJ*&Q!`hjWq6$nhrp>Iv
zZ8R;ma}*sG&XVJ0R-UV^%~G^i_?E;ek9KBtG8mwBfOffFjgcFi2f!|37bl}LWnnoA
zN5>x^>9DN&Jw9u53znbL#4xg3D#R9{YyHf2;hoUx31!Ab#`-p&|M+|){OKDxDS!u0
zZm78z6TM7;=n^u`mR4BI$$qmSTSnFmk!?ve40+zZTu$>ON&S1xme%=ITov^mO!wu_
zQF2A+i&K$9t>~#Km0Pw;>xVa9#IgS7Z3n-GX!_6?q{mW3rmTdLhoa1GmE_VxI+*{m
zh3V1cIGRAw1`>Kemj#EQyI-{QIYmSo3<F~nViy&)p`_)XlpgoJRSe0?o+tR+Oby2T
zs(~k{vhGC;<eJQ+gNseYvNWW*#nQ*3R>}R>b!+Dqkcay0V~)<t)8;zAQ8PxNgD?p#
zB<ychf|(_lxETTN0309y5D2jUvmF7>NZ$VySR|N1OlI!h&O8z_auU)=d1-lRNoh$W
zp04!o5*=+3o-X?jN~Zz>{;bFUOMw4pS=xVDR`6&+bjw@uVD#Amlbu?m56Ffs{NI+1
z!qXYmoGVHk2m+p7(^#*uzW3giF+;+vGAj7!(d(KLQ}zjvM`<C<$|3ys2`bo<nBLV`
zCMnv_fJ+F-Ii0-gIu6#n<fkKT#8*9nwfMm;qe2&Z`%de}(V<-i^CUh&N8u~m742}g
z4P@~maAmL5cu1S5XFHo4@R;WP5o;-7s_S5t-r~0UKU_$iaqL9lL_ANizJR`iHTfO>
zCA^%u5lijD?qu~v3@evOY+jdFnpRMhEB97tmP`04nhtRsEhv96{eB@ySd&oeI03a=
z))5fyV9zVkO6h?Y7#`Kq>w<6wgul)nBfHZYXCocYAC!dn{?4t}Om1V390qI#C}*sF
zgojLaP51^{@b#py8P#TD-3^N|9=_P~r0lx`!#aSyB37qg*>_0=Gw5+*<ONkk9qL;t
z%gwLu-@0@Kj}iTc`*r*e;1)~dTA%B=?JS1$H3)!7ivo2bq~gt6?ZsV+_2n$8aJFqV
zZkn9eN#8!%*`+o#EiJ!##`!U^vm)d`?S^=ZQupSDvG|*n!9rRj$-fNK8&u|z#kNH!
zP?k(YXAT;~qz!LPk|%$shZ?N^DsVQGSPM|LS1ki;jS;39q6CXZ_>#s`P8eQuby`l&
z1{~ji(iKu6Ua5@G`+8wb8H)iQ3U@R3R9|U#C6&v~YczZx%V=Kzb-Bgk#JGQEnO>~V
zQeqWwbfN*}_-+p&aWkbbH*|(1n<nZ~?)?fSzoj;x+FzPer5{nhh5lU1Ah~(FCAseC
z)|$szglytMBsRoo{7Lh12H0oQ0v@uCp=0rAl);b&v)xQ!RVoK3QdZf$s;{1-<&2VN
z?yyQ&vaeYBv#`YBpi`{RUJO+T-L^-Dp}l5HAc@?5g~h5aPVt0QMk=<5N>-`iX3V_H
zS-d<4)kpNGas59czyItq6Q4<K&)7IlK#ygkw1N)FY^?V4L>tMVtTDT0<8CyuBv<uK
zpNK2#zDK(bVBTWBK&rp$RRbYR?W>wZFXzOyE`1?Pzc~|>^FG)OuSxn`lyNbJZk=y`
zT=+(3Z;<&F687a<Nyy%MTi~Vi6rWM9dVwzwCcDbCl*PqnHdUd4<~|nMr_+A<;eK-u
z!17ZntOQ}vt}8vM`U1lMQRO+ttSxcRs3(_?$*SJLy5llSZUZ4KxQo-rW|y@>C*~Gj
z3QR+P<jB30h<NCjW7_;Bf)c0AD>d8^EG{~Gn%@y51lxBTkw}mxNu`*2pXGATLY_92
zR4b2p8H=48BZcZ?ADzjD77<<$UoD-vdw(cDY2xd)35APYbDW~xcyG0#Xq!?>H>d1%
z-rdQ_*f4zGXj4nlZLALf;{R6eshZk=SRLON2pdgRJuE#_CsU3HmYI@7-KF^$Z(WVI
z<K;UAl+T2O-Fv)}C|BBC@sjLSS$p6<@G)^HCi&wiqw=UnLPbkk5M@zkxa{VWJPhXA
zjjHeqwYXq;ImJfHOS-N-J1<1y-}UW=G__aF25S2g1>JDBG8Z>W<|#X~YNEn(<1>u|
z8+(B}`lML%M2>3dWkwunTiama@G!dG-?a~VS3%{-;9YAH>sU5;^|_xQ&$D$@zr?az
zWb5I;8@Mvfl`)sz@;D`!?MwBe^=Tipe@9WC%;YHtiXKj~+E!etGrpkeG!SB=A1Xa-
ze!?%vFLUhK8Sn_$vF|bn+Voz$8qASBp1GXBAKUL-Qx$jH(x$Y|YiTXFc<I=<5MAY<
zYAMlMq|jojP&%qM10d_|jW7@I5$EH_!jfY)l1xs6jq}1Bm6u9nwb&mEp)q);^Fjjh
zKy=`tFhV$b>a<LJaCl3RN3JJ6Z=$GWZ(pkI6M#lv#Mcvhnn|O()-bC%+VH4;g9vRK
zX;;i~y%Wd67J9Q<s5$<5P&nd=d9eZWT>YJuu5>moyApMmDHbJV04-zN=B1{f*nTn0
z93s4IrXZ`1Wf-DdlQU07&+w_5eo|_xTpRGvzFdgoanv`VeV7l+l~l{wzGQ|dGl9g!
z8Y04m{7^&oZla|3^|d=&x~b82kR)!ZDBpYRsu9Ob)!?hGZg0u74tkZUE2a5Lt|GmQ
zmFXvh@Dc3N%nz;Z));|^RIi+QtZZoFfZK2nPZO6_f_+*DLUd|{(XNzeUz_D)mUkVZ
zM`HJSDRe1&H`(K1+{p;`>Lhsu^WZK!s(QeX%R+T4%)%fNW5W#RXnfy|HSoL?e|2=u
z?zqy)T0If4sr88C+}r-Nbpn%t7pgbkspxsSC-wD*$tYcwmp^AWq*f*037Spk6bL8a
z4^n{+BUEj!e0=gBWcb9B+gdLc8;pU8m>Y4SzTe4K57R#n%#>RL6=KCOUgWU;Qjfr?
zZ2n@1=?|6TN|^!v2P~7Qo->drr2qr;x(OZaPVh`D@sWw!5+~0H`nhZawmRXit@4mc
zT*Q}eedf}M$>5$s{jF%{rd{|XQ)7XBU(>op<O|K0ceos}uXo*~dIXYxXxoa{<*|X0
zC?qcuOiLqrg_??;1^{Ai6MgboQE!NI@xsdc%x;LWwYjPW#Qb@vy#;)CK&H4^=Gf0)
PYVZ?P4=oinFs|sIx!G&d

literal 0
HcmV?d00001

diff --git a/files/certs/shared-store-no-password.p12 b/files/certs/shared-store-no-password.p12
new file mode 100644
index 0000000000000000000000000000000000000000..c675ae21bd400b93441913e7d74840265fae3aef
GIT binary patch
literal 3451
zcmY+Ec{CIZ+lOZ}!Z5ZW*`@3Z#-256_BH!sElOhI2{X1aMzW8{nkgbw(qfCTWZ!uZ
znI>YaF(IZh<?Z{<_r33V|G3Y6&h`7<_n#LM$9WqB1S4^rNGO{;!IHq>1hN82I8I3j
zj#Kmx7DD1!Zv0oo;tRpCc>cj|f5r*Q@qbq^b|8p^gB&Aq5C&2X%KrcO&vRi2KQp_h
z?Cg0?GU_<j;Gva>+gftp4-gpe&H;jh3^FMuQ%VL@;RlZgCi!5?O?9H$!dawkqro>f
z>h%bSe5csI-45$AOE_gKvb*>qROjXuS(F=T2N4upR*!y`RuaYooXtsYW9hPeOD7SO
zn3~$^T=$k)z%yw1=gYqftM3dJ23e)TqOtm>Oml9|2$X`NQ$y2wUBt%G+1o|5W_j51
z3h`y6`c<e+*2}~#0dIXqQkq3rj7OWzWph)II*4YI^WA5-FMNFiq|j88X*TcuH(u)Q
zJIZ3w@vitnv|0nlM^z_DcNU(j>z{NNt5>^=DjmiN+qvc9Z&Z!OR^_TTHcrJDVMJeA
zZDtJYtxSwBFZOg4U{@`v4O0CkisQ9=_~xqAS8w2<jj?ZDe0UwkdZj^X%B{w{WS&Y+
zW<h8o+QDB>&OcdTtNkt_LVK8d2vC)Z@NH{8p3a}KT90JMuDtvu$I_MKR7@#ikrMdF
zgU#QSPQ_k2HwnXMfqDvCg7M0q&s}bOX1B!Wo9j+vdtX&%xxE9ckev_NCoN<wHxHHJ
z*;I~G;E!`koC|KaZ+V1YllVyONZW~<d*(O15Gw2xEZ{Xfl&3-rI7<Fjjz$n*r472h
zV(f1k71Gn38K$LQg4D}4R8qaW&#Xu_Wy_40%^vU`)js&!uZpVAWxml*aWwdddp#oW
zD|ji;nljn3<DH!HZ4EC_8ksxbP-B!|(W1DEH84&Ly?$Hq)@8%~@rgv)u^2;lfmGL(
zJG*DY4Sqg$hOQ>--rXwBjwz!?N?Y!=Dh@WkSPeK-G)di?9Ns${hu~W-Uzt>j|8;`1
z6Jq4mcZDbBWV&Ln4L%8R-$;O`G>Z|7ASG6OHe<8f7sZIuDVvAM%cyfEnI6(pJKZjt
zfmec!lx2$cP|s!1ysiq00@l;dB=m^Ii{3wYDRIYNCNv!7-e=b5%VX_Fwh^!sy&NU-
zsWUD<MKZUGc2x|8^O@28l-+yKH({QP5%Zq(EE4dfU~||^#<G}(;EPUpL4-q=9!Acr
zsjS~b@A5@&8wAz0%9$Cw`i##Kyqg;yppn~gA59lfEqf{~hu#uXwH>l>BdaZ(SGw4P
z4_m8a1baCDk{gUt+6BmqEIvKvbw>zH-xCZvl7qMZ(h88eZl1lOM-(~!m3~Efk$wA;
z!-E-$vv8?{!Q{yAP$^v32M*;|-2vj3nW03(X(YsvL!zjmm73xl5N7Tcb<Ib-Kk0pA
z3*~5Jv!lFEyn3%z0rs>AE{(@E1&)^Qdy4y2Q~99xG$DDn(L)q}J(6>t7L6m_`}mL-
zr>i?bU2P_-EtLWxCf3h@{70Qy6bV?p=B+uKGp8oBAkeiwgE-vVUM|jn77ciXZfD{%
zIU?1q3K;LfQnqj{;wUb6t3SPGuu^JL0GF>a_a#>NNzKQb?&T5m!50lJWX7!o!ERoF
zP+@*nkW9d@ADy3;%38@aK*`4{9HsrcNg-g41mdF})@$#SJ7k3|xlt5{B3i0RLge-C
zxaS1BI!&gqG9e8JV+Pjbz4R4v0FwSuw{HB9S(K`~Pr!0P#Vy=LA*Xe;oFwUb-i}pF
zU7o6K*)+at4h8=zItXSW_G&AkCogV2R{Jy|C;Se*|A=fHJS~+omOnV=u2$#Ud8lfN
z6#us>+4xm?#kc{XfN;PqKor3L&kh6xBPIV+K&bLVcwIto1WTxDXsM!*+9(}WZIm_=
z$6EF85-XI1V=efD@<2eqpLO>?3Glxx3;iF<I@c<rwa?d>-Cr3<F%PgMpZ!#+{lAt?
z!m&E++sH#YrXt<wU)PQiR+CCC^FO@_eQ!Pgih1ITeik~D05a9Ib8j5DIh%0wGc|Yr
z0BdNhQ8ob-l3XzjHR;-!BhWT3WQ}sYmWo&W0&d~fR&-o`Csr*=HNA!<WH}@=F5>)x
zVVLNLVFW{DwTEYbO0vUsp;U6&OFb!0<fvx*=G(Grk*ijb!UH=6$l`NwT90Hy>>USL
zzr|Sf=5ztzt<>PDxTDoZlu>?^td0ApI);o<`?@{x)CX{^{j@S@MBQML>dzOC0Q5|y
z=Nq4cuts6F0@Y_;%&d(QWw{uMv#GqS{%)V{X_a+KVA7))AxUkD1=-;(&TV(*VndEi
zyzo0ckxniw0T@R{@J3FWm%cNgMbKfQPH8}W$L<waLE9Fna#u|>6QEog)q{N5*X~P>
zxjZ3mOd_qc{+P?NiJ;{Q0GX$!lFc0SL`!Ta{O<?Kcfp4tVS_IY?R0YZ)#7%xhC7Yz
zn;uLVp4VD2HHp;zPE0etfzFo^PD+@ExL0CEa)zE*wI3j=Rz`(%8c3Mur@lRv<{k6g
z+ol$#EK73RT0W;wU}g!Q1s%gJjPIkJ_TL4Uuid(Wc-<HLMHL<u-is{~rTa|B{f2Dy
zT3sGe_$Q~$vf8Ne7#`M^pXaF-Yp<y?*-ZWHx4B3Z*<{#Pw%C1g;N=WpFNQsbO-gwx
zJT8iCGp=;PCbEwDS$ty><Tae?6^g@lPSe|&Uo&~Dt%gez)w6ySo*ZUm#9O|obn^n=
zD0y|)EM!F4wve?%ZmC@ZuqD#(l%jW&7XoDypwwt<^tR=`rr<~4B)S?%nT}hao+wue
zAUZqt+g%nb>BeibYlmN}vHlfMvM4(JFU_^h^Yh=jDxku7u{PUD>~V4fZ#nAQ01^lC
zoRUvF?q}S#^)=EF<c>DlU)5FQYki7`XI=iDXfH(n6;NLf&wsX*Rdou@^PM=v67`Jd
zuU69mb^p}4!!!o=5g436#R%h-=}R*|TKEo1zd{cjEk>EE5uw-ff^vU;6QCC`X!MnC
zD1eWik9ariBo5~q=|aIW%KUzdJ@25|^}y8;3uA>`^KNO9VV4?@N)R<Asx}sM$Q|v8
zYvWu%Krd?PJ*r;lCfxf?9}uNv*QVCERNU5Xb>3BS+5VuGHTz-Mn-*8w;s~R?kF#9+
zic8W-pLdlNI%X*@5cmj{cCdv$@s-Z|Ermfu`5nogBFRwGDooKB#|vQTb}sdj9iF`O
zvFqg24oeM<t2$j^Lka#)gwS(-OL9t=aSVs5*V-ebG$q6EtM$plw^uv8SL0IJPteO(
z7ChN6GuxWQR&N?`R_?{821L=hSLN&-y@(zatpkf5p{z4Lys4G79NT5y($*kQ3JVD<
zcZKjlSK+$Y7xl=kElwY3UWnJbW#Cp^h7WgNCLVt0tK(z@BaNtEbg5D9!B^+PR}Yf;
zgHVs4m;xByIM$_iVB0~jHMaRNvaMGafAO<+hP<<GTOl)MhoiZ!>Df2#vFIZYxx4ph
zZs8+h_>{QUaNMPPro;-x1Z9->sV}8{=oP%A{%>A^`?ESM6}#Wv`-CU%^5~Yu2&T=2
zeY6Ofj)QAK)HB9E({6d7O`QGsxXr3!cs2xgx$NXQ(z#oDO`*4=o5W0Pi0)@Hw)HU%
zLA}El8xqb)XeGH`69S~XT`?EEe^@t9`jFzMCBp673a8y=P2I>3iTliubX|h}^$#=n
zk$hCr1@_6SfKi3lsQ~4$(I)=DY0!Sv$6$ATZ<rEK<?|v<onl$);ZIAm4mHCCXr#Z$
z(@f(QE%cxPWxizp{zC1&z9Bgn`p8GjT3b9DwZOpxdcd624IP$ebI1B*&XQ8@>3`))
zCtw-c)`22kx(lqjwVCN1M^%aEQlzjYW44Xv*@ppauVZhpCUKWq_uJA?<s0Ku1%CRm
zm$#W18Zvlc)CHWS<PqUQDI8qZD&1@-*kVg(#8i7ViaXT8H#4JsOC?vkUQn&!DxH4o
z$8-E0_fOpTi-905_?dd-n4%dXd*`yh5ny57g1mwXZ+TggToq#V){$N8rq!C&=Ay8@
zSt;vv&Oiip@bqb#9ip{i_H$3MxE)8>p^r*<{<qy|HSXvrbMns*IqRNa1MhXqy|A;%
zTVP$O6p;~l++sJkZxF~P=?Q-fpH$fq78CPu{lqe2rbfqQ(JbvG`tQ<N-DJ*lBkHfb
zMyGj#hPp3$J@syMZ36}EOj#NQxVs3Y#$Wgu;;Uu#NSJV4ZwlH~&t=2PR<`Z~L#vvp
zijH_J$D=u4bNSlir^J5TB8}O{kYxoinmzsFuhPm>)ThFQUqoEsH?H`F&a?Rb*u*(4
zXD7}$?CAxb8Sfs`wb<Eir4j7|IlKEyfjcEF2aj$2`7&Wlo|ox&U_$m%m-N#HHKSTr
z{FQRagF21d5(gdY>Hzi|##X#1y<Wru3x;X-33c2RL;tc?-yG9)XLt<zJ_xJGcH?iP
z0a6ml24zv;0)x)503iHi)>XNXc&-chPb8x$400&9;ie3PKmG*gz?}KW|9!IQUCr6q
OpWi^W6(BH>K>8P*ZdvgF

literal 0
HcmV?d00001

diff --git a/files/certs/truststore-password.p12 b/files/certs/truststore-password.p12
new file mode 100644
index 0000000000000000000000000000000000000000..25d9aa4c6796acba288307fe2748178817819722
GIT binary patch
literal 3451
zcmY+EXEYlQ+r|@;*wn5)N{tkWy?0A%)7oPHODM65+OewC47K-)RkNts2DK>~MXg#j
zN@}*|)Av2^`#k6QaG&d(Yuq1yFf^4v5s(;$rh-Apgk!X0&ZvMSz(O<?4+u@g@z-X7
zp~27oD*_`xXt3p9+w|`lLn!`lMM(}MDnx@WU}(@8Ob9~$|MuVKY#;_GF#O$@E{lD)
z)_gm*@@l~oCs+^>F#u->LW2gkcP0AnzSi^duOl1xx%Bv>Kw1!~=)#XApI=C*M+Q-n
z{h;hKqm-USE56Lx(s_Z2P?IRGQsw0imJV8q7GSfcl`>oDCs5iP5-M<77oOJokw;s(
z{Px;AIX%yYGDVw)T;|X3Pf~V-FNcVpfQ~S*P`8<WW)*2@qXNzJ4c|G#zBVtPQxk{F
zT!`%}k<PnV)6I9{KM2-P(*PV<6+>QeTW8<3CH|uZAFYEqyDZbLzb>qwY@J*MrVj5I
zTMQ>y2<1nG-oZK{I?-jBc)Dwj3)FXa)oxT>XCR7|T??w;{c_@a@&syLa=LN?PEdIx
z(`+W9Jg;VBlH~X{@%u1hMWNEQbZnkS%|gs^9PH}pb!v6bT#BRtkX04EcJ8;hyS8sw
zuXZ|oP{V|LmHrE7KxJB1S|PMzj(ns*7Mx_)IXL{dHyJ4r%Ok6&i%e`|1(uWrDnCjO
zV6%jW-HF80=h?k%sF{f8z4r9(at%?<gAdr+lQMqudT~`!96)=EJ-$YuQY;HOeRgDd
zB0fH~+bI9ih9g)0r2LEMY!2CIDpgV}9KHMd>(0+?mX7lWdv?c7vD5gNcj}G@d*a<a
zwJQ@RqqV_>FUJpf6I#TC_vliK){l#qWApYT-Eq_^72qVjzGcz0@;sMb8YFG$Dk@$T
z9DdR06vP?n(Ny_;^68(1-i1z!QXwmHp@HJet$E@&Z#3ckRs_d_{wW3j?(PMhK$P3!
z7fqMNgPmAV*6Ztro4PgO@8*hMd0&6+${v41!AD<`w(}Dobo*lU&CcdkV3XPMA>oVC
zN!X3j2N#F86k$A#a{1q0LIA5=%{QIlsr$H}J3q(3GuFm0fZ?C^>?vqPva-xp4!Lwi
zZ=&!NE_BIN)2N(}j#Tdz8@XE{=I}>_RqtcLy_4(pf#91W^hNdQt3YplAvd&T5_zQ8
z@OC@1;eNcbPe)DD8WYS@h1Q!%ir-Tc=Zs(BlsfJRqP*yRZ5>5xwQnW+nvQ7DDJqTO
z&QChPW#&NL=r-Xsmcxgavn5glK~-76>26B{dWEm=M)#eyuS6ZEJ(IZoME6kO-ACrS
zXy!)a73hU*e3hzg5oA_ujVW08Lx!Zy3(F8gh1Fjva=wekk`$pd|8Uf>j>lIiFMTCS
zUDW0V0`glVr+6dM6N{D#k9&r0;zYT_yBns|&`@WR?JesJ>nC?~%P@44yN^T$zZSh}
zJ>J7aKg25^#AS25-MB7-Zf0J^Qagt&%W9*Pj3O>5Eg<)08yDodZy=KkNxi#7p~RBx
zX4=%a+U%RqU8f)0Xwu6;qArr{A=_x0yXpfq<{u+4URL$Xadqq?Y&7@Wh>t+=?!PYi
zGd+N(I?p@CqtUrT*QBtBQS9RxiGf>3X1f_Oijh?4f%PzaDUEvqMuEosw-Ww$xw_t)
zhXeXS^QgH%a=f1P{i1FI5Bv;9M}yhwQYlK1J#scyYgDbINkbd1N$!1+{j2h8wU?&q
zg6MCoQAj;yH8Wp({dzh(bS*sPIq#Y^@~%qAP~PFDT7yU)VL(cTP>}x<@Z)%1(|fX?
zW>RbHQeknBbG<n_&-d;%&xX%lHBu29#4T^2YNnmKeb0^nT_eYjjHx-e-sHkHVO;-4
zB^d*pj`J4472pBz0r&#!|EeRv8OHOU0wbIOMEBVBnKL(BN(L?ola-W}krRi*&?Ke*
zE|EYA(In}AtrQ|4;IF*;PXhce%0m8!vItF=<VUAvs%p+IchK-X$%zO?tN*2JIGV(8
zhj}`QoacP*>S4~B&^UW^F~TaCvm&{Yl=I_IY)e-iqlv-HEs@qAAJ;97))bY{ZazC6
z61A8;TE=J&yS~j0#yhu*@Xa-J(s@lwd>%}pJ=k!0XLjgyVE?(PjLKtj`;ZDq2y;1~
zulKgQpoH;-$k+TW5uzl0+le|1&A0+T=xH)PGd+5}H6ujJ#hV(+O{w7^@O~_mk;mQe
zT@5{11MW2AJbuHl^ap9lu1*DZX?9OO&l$+Vtb?lbl?t)Cl+W4K$5<N9D-fZwg&6uQ
z68%=N6glLv6)B%G-`nY&9<yyQpo+y0Z>GxmzTr*gZ5pi)>3K;y>w~)sn)PagiZ5wu
zQ{MRc52vXYE-|-RTJ^oz{Z<|mf7rEVJd(tbuSfsKRk2B;!b>)BuHF5@zE%aXP+G@a
zmHCa7(wp>vtt8o#1<)mt+qwl`AM}JJu-MaH^TAN0ZG+A4TB>SPT>~s_Nm6GRu>sK$
zHGOXEov{Mooa1*!VFe4;k)l3cJ<6(^Px9DGl_n&+oL!+#J^`BmGjU|eHp?Mlcqeo0
zEy7QzPcZKM(rqK@S3u6nT76(UzEl0+vy9eIVmDE9q~7A7KPps!-20KXFrM5m<{yiO
ze2I=bI(=+rnln2SNgc@*fUI-(lzts?L;KkG42fb<GIwPiYgOc~3gTyN1jb(|O`#fR
zZn;qGny2)g_2;Q%y2cFJSqM{e^mJ+6ssBCt4z>+*3ZML_x1(B;JmQj&Ys(>Y*rZH5
z_Gfm965|x-k&oeWOgoD*Kici>N9+g4$`k}$kvuScvgy!|ECfzwS{J}_C-5=SVcRpO
z{F|OtvspCHpjBt2JJDk`5f2FyO=pl~{%-?3FHD3p<aAj<rXxENktGoaVhvYJ?Ph|d
z^wyfIDg;2H8=59DcF<e?%VypeD{qWr;QV^UbnW<wZLO5{afAQ{JoS0#L5n1f$Y7jU
z;LsFrf{CYk8!@_sg*Vyn`n#TAf+Zwmwtl8I$1+8D*mwl6N+PGEG}ZRz_i!tOrFLqQ
zKe<z2g~$AS|HySqMB<zMD_P+I>dP*NjmpxI=NE7Dy(xuSP4upe{*Viv7*`<Z3tt8u
zG3jl>gL6|KrdoxR62BR(O^QD#cw;@@vlmI$S4Gt{B<lJilCIiE)WFo)b+AWe=}a{~
z**25?CSv?oYC_v4qR2OW)XDICYkjz%)_Qfqy=<Jp%HSD3t<Apnk@u9eJ@rGi6mXup
z2Ys1s`F+UZT+j#`@*eB@{9^hE+hpa)?-LQwFm_BsfAvpB<|nIlC5n+?o0piHK7yn5
z2w=}|fIJ#AEpPL)v^x7IJ0USBJ~_H!NQ5TPRs(F(&}ip>KCq{vX2#x`kc4xph!%5)
z8b;G`Q6ZiNwBP6Y#3yHkti?ZvniC4!p-1CL=Cfltu)?W)ZnnEP)0wz<^EpmPrPT~h
z7XK>t*r8ja@WW@Pxd(kuS{M|wNrhONX=h0t8_B^>=Y%;_CNE5dg15~H6w7pMfw5T+
z%N~<fyG((^NL`hUH1ng3IapVFy^I(UPtp&NpPoZ-5~zK@+t~E+$Z_OlM)lCPYN)t+
zE7w1QBsA1#VhJf%qm7}GsUFY(;`aWGGuNhe|G=(JFStK)hr;}}U<}QMG^s=L>GRE!
zKp}lvH@9a;U$f>qzWj55$6~&L6*)qM>QKC!q8{eVZp8W`>+N)wsK4trYyxxEVNS=W
zj}Wf!aA)0t<s{yJLbm`!UDb43=6vqbQ@)QO-Yp|Z(^bz}r}6HC*ir>w)L_Gsz$f-A
zDrtep%o=A*nK>k{OybU=b*;F^Peil-I(`10qi?uzfff!bxb`R9(?`XdTCW~-n)P&7
zckgZu83psRlZ7xYHR^!F>HDzSi64aJ4ApVBJo2X^15#}Ew~!xoix2{p-N}6YM{WlS
zj8h+T*}H+^CTW^{avz4Z_{5E>8W>_(x#ynwu+{^=*E!v4tc6IEumKLY7ELNw8f<9I
z)cku|vTeq=^&MPpsM!pUvsCSH*_)RE79Ae$J1D!PKi9Zf`lasGH7&%G-omq^@(*4o
zSj0w^m43gE@_MEJvGl=+#-_@wsd#}_;gzYVv<0fGEZPbZ+NDfi{>u|+qk|5R!p?nQ
z#I2$(q_G7?PFg2Bac`Rp5)Hoie{s3sd2nbHyoXf-wm});76!vozEzcNtQtLb$`rQ#
zfQVi-{j{Di6JO}}0Qz@WS<K1%R(=JK;^ZwW3X@;U3;zD>2A$Bp7(#J_c<v}&SVTEc
z%!AZ6Jh%A9Cq(?f*ixam33pS}66wzJnRU%#U4xm+>(&XA)6nW?=MS%oE&S*&PuWGZ
zzHdonPKzU4uIC-wrvUDGL8G&L&KI>_#pSYD<^%}1&QCNwyea&-`e$#wmd|g!H%v|{
zi{Fm*dsnIxT~=SroG3NEuv|`wOLbP@&{}cCEjaZfAOZKeT+@72jyIjBjBRBHC1A=h
z9vB$}45cO}Vg&<046*l)dTnJV8K<d(FZHfTj_n7V<3S8Sj&78jsgZofm^9%Y3n#cq
MoD4-o42&uK7b_EmR{#J2

literal 0
HcmV?d00001

diff --git a/test/integration/helpers/serverspec/spec_helper.rb b/test/integration/helpers/serverspec/spec_helper.rb
index 7417197..2f18ef3 100644
--- a/test/integration/helpers/serverspec/spec_helper.rb
+++ b/test/integration/helpers/serverspec/spec_helper.rb
@@ -22,6 +22,7 @@ def curl_json(uri, username=nil, password=nil)
   res = Net::HTTP.start(
     uri.hostname,
     uri.port,
+    :use_ssl => uri.scheme == 'https',
     :verify_mode => OpenSSL::SSL::VERIFY_NONE
   ) {|http|
     http.request(req)
diff --git a/test/integration/helpers/serverspec/xpack_upgrade_spec.rb b/test/integration/helpers/serverspec/xpack_upgrade_spec.rb
index 00fb0fc..abd2ff4 100644
--- a/test/integration/helpers/serverspec/xpack_upgrade_spec.rb
+++ b/test/integration/helpers/serverspec/xpack_upgrade_spec.rb
@@ -5,7 +5,11 @@ vars = JSON.parse(File.read('/tmp/vars.json'))
 es_api_url = "#{vars['es_api_scheme']}://localhost:#{vars['es_api_port']}"
 username = vars['es_api_basic_auth_username']
 password = vars['es_api_basic_auth_password']
-es_security_api = "#{vars['es_security_api']}"
+if vars['es_major_version'] == '7.x'
+  es_security_api = "_security"
+else
+  es_security_api = "_xpack/security"
+end
 
 shared_examples 'xpack_upgrade::init' do |vars|
   #Test users file, users_roles and roles.yml
@@ -52,9 +56,7 @@ shared_examples 'xpack_upgrade::init' do |vars|
   #check accounts are correct i.e. we can auth and they have the correct roles
   describe 'kibana4_server access check' do
     it 'should be reported as version '+vars['es_version'] do
-      command = command('curl -s localhost:9200/ -u kibana4_server:changeMe | grep number')
-      expect(command.stdout).to match(vars['es_version'])
-      expect(command.exit_status).to eq(0)
+      expect(curl_json(es_api_url, username='kibana4_server', password='changeMe')['version']['number']).to eq(vars['es_version'])
     end
   end
 
@@ -84,9 +86,7 @@ shared_examples 'xpack_upgrade::init' do |vars|
 
   describe 'logstash_system access check' do
     it 'should be reported as version '+vars['es_version'] do
-      command = command('curl -s localhost:9200/ -u logstash_system:aNewLogstashPassword | grep number')
-      expect(command.stdout).to match(vars['es_version'])
-      expect(command.exit_status).to eq(0)
+      expect(curl_json(es_api_url, username='logstash_system', password='aNewLogstashPassword')['version']['number']).to eq(vars['es_version'])
     end
   end
 end
diff --git a/test/integration/issue-test-trial b/test/integration/issue-test-trial
new file mode 120000
index 0000000..0746a3c
--- /dev/null
+++ b/test/integration/issue-test-trial
@@ -0,0 +1 @@
+issue-test
\ No newline at end of file
diff --git a/test/integration/issue-test-trial.yml b/test/integration/issue-test-trial.yml
new file mode 100644
index 0000000..efd726c
--- /dev/null
+++ b/test/integration/issue-test-trial.yml
@@ -0,0 +1,46 @@
+#This file is for users to test issues and reproduce them using the test framework.
+#Modify the playbook  below and test with kitchen i.e. `kitchen test issue-test`
+#To add custom tests modify the serverspec file ./helpers/serverspec/issue_test_spec.rb
+#Idempot test is enabled for this test
+
+- name: Simple Example
+  hosts: localhost
+  post_tasks:
+    - include: elasticsearch/test/integration/debug.yml
+  roles:
+    - elasticsearch
+  vars:
+    es_xpack_license: ""
+    es_xpack_trial: true
+    es_config:
+      xpack.security.authc.realms.file.file1.order: 1
+      xpack.security.authc.realms.native.native1.type: "native"
+    es_heap_size: "1g"
+    es_plugins:
+      - plugin: ingest-attachment
+    es_xpack_features:
+      - security
+      - alerting
+    es_api_basic_auth_username: elastic
+    es_api_basic_auth_password: changeme
+    es_users:
+      file:
+        test_user:
+          password: changeme
+          roles:
+            - kibana_system
+      native:
+        kibana:
+          password: changeme
+          roles:
+            - kibana_system
+        elastic:
+          password: aNewPassWord
+    es_roles:
+      native:
+        logstash:
+          cluster:
+            - manage_index_templates
+        logstash_system:
+          cluster:
+            - manage_index_templates
diff --git a/test/integration/xpack-upgrade-trial b/test/integration/xpack-upgrade-trial
new file mode 120000
index 0000000..3021ce0
--- /dev/null
+++ b/test/integration/xpack-upgrade-trial
@@ -0,0 +1 @@
+xpack-upgrade
\ No newline at end of file
diff --git a/test/integration/xpack-upgrade-trial.yml b/test/integration/xpack-upgrade-trial.yml
new file mode 100644
index 0000000..a7196c1
--- /dev/null
+++ b/test/integration/xpack-upgrade-trial.yml
@@ -0,0 +1,177 @@
+---
+- name: Elasticsearch Xpack HTTP different keystore and truststore with password
+  hosts: localhost
+  post_tasks:
+    - include: elasticsearch/test/integration/debug.yml
+  roles:
+    - elasticsearch
+  vars:
+    es_config_6x:
+      xpack.security.authc.realms.file1.order: 0
+      xpack.security.authc.realms.file1.type: file
+      xpack.security.authc.realms.native1.order: 1
+      xpack.security.authc.realms.native1.type: native
+    es_config_7x:
+      xpack.security.authc.realms.file.file1.order: 0
+      xpack.security.authc.realms.native.native1.order: 1
+    es_config: "{{ es_config_7x if es_major_version == '7.x' else es_config_6x }}"
+    es_heap_size: "1g"
+    es_templates: true
+    es_major_version: "7.x"
+    es_version: "{{ '7.0.0' if es_major_version == '7.x' else '6.7.1' }}" # This is set to an older version than the current default to force an upgrade
+    es_xpack_license: ""
+    es_xpack_trial: true
+    es_plugins:
+      - plugin: ingest-attachment
+    es_xpack_features:
+      - security
+      - alerting
+    es_api_basic_auth_username: elastic
+    es_api_basic_auth_password: changeme
+    es_enable_http_ssl: false
+    es_enable_transport_ssl: true
+    es_ssl_keystore: "files/certs/keystore-password.p12"
+    es_ssl_truststore: "files/certs/truststore-password.p12"
+    es_ssl_keystore_password: password1
+    es_ssl_truststore_password: password2
+    es_validate_certs: no
+    es_role_mapping:
+      power_user:
+        - "cn=admins,dc=example,dc=com"
+      user:
+        - "cn=users,dc=example,dc=com"
+        - "cn=admins,dc=example,dc=com"
+    es_users:
+      native:
+        kibana4_server:
+          password: changeMe
+          roles:
+            - kibana4_server
+        logstash_system:
+          #this should be successfully modified
+          password: aNewLogstashPassword
+          #this will be ignored
+          roles:
+            - kibana4_server
+        elastic:
+          password: elasticChanged
+      file:
+        es_admin:
+          password: changeMe
+          roles:
+            - admin
+        testUser:
+          password: changeMeAlso!
+          roles:
+            - power_user
+            - user
+    es_roles:
+      file:
+        admin:
+          cluster:
+            - all
+          indices:
+            - names: '*'
+              privileges:
+                - all
+        power_user:
+          cluster:
+            - monitor
+          indices:
+            - names: '*'
+              privileges:
+                - all
+        user:
+          indices:
+            - names: '*'
+              privileges:
+                - read
+        kibana4_server:
+          cluster:
+              - monitor
+          indices:
+            - names: '.kibana'
+              privileges:
+                - all
+      native:
+        logstash:
+          cluster:
+            - manage_index_templates
+          indices:
+            - names: 'logstash-*'
+              privileges:
+                - write
+                - delete
+                - create_index
+        #this will be ignored - its reserved
+        logstash_system:
+          cluster:
+            - manage_index_templates
+          indices:
+            - names: 'logstash-*'
+              privileges:
+                - write
+                - delete
+                - create_index
+
+#modifies the installation. Changes es_admin password and upgrades ES. Tests confirm the correct version is installed.
+- name: Elasticsearch Xpack HTTP SSL and shared keystore without password
+  hosts: localhost
+  post_tasks:
+    - include: elasticsearch/test/integration/debug.yml
+  roles:
+    - elasticsearch
+  vars:
+    es_config_6x:
+      xpack.security.authc.realms.file1.order: 0
+      xpack.security.authc.realms.file1.type: file
+      xpack.security.authc.realms.native1.order: 1
+      xpack.security.authc.realms.native1.type: native
+    es_config_7x:
+      xpack.security.authc.realms.file.file1.order: 0
+      xpack.security.authc.realms.native.native1.order: 1
+    es_config: "{{ es_config_7x if es_major_version == '7.x' else es_config_6x }}"
+    es_heap_size: "1g"
+    es_templates: true
+    es_xpack_license: ""
+    es_xpack_trial: false
+    es_plugins:
+      - plugin: ingest-attachment
+    es_xpack_features:
+      - security
+      - alerting
+    es_api_basic_auth_username: elastic
+    es_api_basic_auth_password: elasticChanged
+    es_enable_http_ssl: true
+    es_enable_transport_ssl: true
+    es_ssl_keystore: "files/certs/shared-store-no-password.p12"
+    es_ssl_truststore: "files/certs/shared-store-no-password.p12"
+    es_ssl_keystore_password: ""
+    es_ssl_truststore_password: ""
+    es_validate_certs: no
+    es_role_mapping:
+      power_user:
+        - "cn=admins,dc=example,dc=com"
+      user:
+        - "cn=users,dc=example,dc=com"
+        - "cn=admins,dc=example,dc=com"
+    es_users:
+      native:
+        kibana4_server:
+          password: changeMe
+          roles:
+            - kibana4_server
+        logstash_system:
+          #this will be ignored
+          roles:
+            - kibana4_server
+      file:
+        es_admin:
+          password: changeMeAgain
+          roles:
+            - admin
+        testUser:
+          password: changeMeAlso!
+          roles:
+            - power_user
+            - user
diff --git a/test/integration/xpack-upgrade.yml b/test/integration/xpack-upgrade.yml
index 1270007..a493633 100644
--- a/test/integration/xpack-upgrade.yml
+++ b/test/integration/xpack-upgrade.yml
@@ -1,5 +1,5 @@
 ---
-- name: Elasticsearch Xpack tests initial
+- name: Elasticsearch Xpack HTTP different keystore and truststore with password
   hosts: localhost
   post_tasks:
     - include: elasticsearch/test/integration/debug.yml
@@ -27,6 +27,13 @@
       - alerting
     es_api_basic_auth_username: elastic
     es_api_basic_auth_password: changeme
+    es_enable_http_ssl: false
+    es_enable_transport_ssl: true
+    es_ssl_keystore: "files/certs/keystore-password.p12"
+    es_ssl_truststore: "files/certs/truststore-password.p12"
+    es_ssl_keystore_password: password1
+    es_ssl_truststore_password: password2
+    es_validate_certs: no
     es_role_mapping:
       power_user:
         - "cn=admins,dc=example,dc=com"
@@ -107,7 +114,7 @@
                 - create_index
 
 #modifies the installation. Changes es_admin password and upgrades ES. Tests confirm the correct version is installed.
-- name: Elasticsearch Xpack modify
+- name: Elasticsearch Xpack HTTP SSL and shared keystore without password
   hosts: localhost
   post_tasks:
     - include: elasticsearch/test/integration/debug.yml
@@ -133,6 +140,13 @@
       - alerting
     es_api_basic_auth_username: elastic
     es_api_basic_auth_password: elasticChanged
+    es_enable_http_ssl: true
+    es_enable_transport_ssl: true
+    es_ssl_keystore: "files/certs/shared-store-no-password.p12"
+    es_ssl_truststore: "files/certs/shared-store-no-password.p12"
+    es_ssl_keystore_password: ""
+    es_ssl_truststore_password: ""
+    es_validate_certs: no
     es_role_mapping:
       power_user:
         - "cn=admins,dc=example,dc=com"