🥒 CCC.ObjStor Test: finos-ccc-integration-container-main

Test Parameters

PortNumber	443
HostName	finoscccintegrationmain.blob.core.windows.net
Protocol	https
ServiceType	object-storage
ProviderServiceType	Microsoft.Storage/storageAccounts
CatalogTypes	CCC.ObjStor
TagFilter	@object-storage, @PerPort, @tls, ~@ftp, ~@telnet, ~@ssh, ~@smtp, ~@dns, ~@ldap, @Behavioural
UID	/subscriptions/c1cedd8e-bf91-4d7d-a4cc-45700402a2a1/resourceGroups/finos-ccc-integration-rg/providers/Microsoft.Storage/storageAccounts/finoscccintegrationmain
ResourceName	finos-ccc-integration-container-main
ReportFile	finos-ccc-integration-container-main-port
ReportTitle	finoscccintegrationmain.blob.core.windows.net:443
Config	{}
azure-log-analytics-workspace-id	ed1b3630-9d61-4d00-bb4f-c02e360147d8
azure-resource-group	finos-ccc-integration-rg
azure-storage-account	finoscccintegrationmain
azure-subscription-id	c1cedd8e-bf91-4d7d-a4cc-45700402a2a1
azure-tenant-id	fa193ac0-9c06-4111-bf55-341e4db193d3
catalog-versions	{ "CCC.Core": "v2025.10", "CCC.ObjStor": "DEV" }
default-container	finos-ccc-integration-container-main
object-storage-retention-period-days	2
permitted-regions	[ "westus2", "westus" ]
provider	azure
region	westus2
replication-locations	[ "westus2", "westus" ]
resource	finos-ccc-integration-container-main
service	object-storage
service-type	object-storage
tags	@Behavioural

Summary

Generated: 2026-06-16 15:51:52

Total Run Time: 651ms

Features: 4

Scenarios: 11 (✅ 5 | ❌ 6)

Steps: 45 (✅ 31 | ❌ 6 | ⏭️ 8 | ❓ 0)

Filter by Tag:

Feature: CCC.Core.CN01.AR01

Scenario: Service accepts TLS 1.3 encrypted traffic @CCC.Core @CCC.Core.CN01 @tlp-amber @tlp-green @tlp-red @Behavioural @PerPort @tls @object-storage @virtual-machines

Given a cloud api for "{config}" in "api"42µs

Given an openssl s_client request using "tls1_3" to "{port-number}" on "{host-name}" protocol "{protocol}"605µs

And I refer to "{result}" as "connection"23µs

And "{connection}" state is open41µs

And "{connection.State}" is "open"27µs

And I close connection "{connection}"35µs

Then "{connection}" state is closed31µs

Scenario: Service rejects TLS 1.2 traffic @CCC.Core @CCC.Core.CN01 @tlp-amber @tlp-green @tlp-red @Behavioural @PerPort @tls @object-storage @virtual-machines

Given a cloud api for "{config}" in "api"30µs

Given an openssl s_client request using "tls1_2" to "{port-number}" on "{host-name}" protocol "{protocol}"498µs

And I refer to "{result}" as "connection"22µs

And we wait for a period of "40" ms41ms

Then "{connection.State}" is "closed"32µs

Scenario: Service rejects TLS 1.1 traffic @CCC.Core @CCC.Core.CN01 @tlp-amber @tlp-green @tlp-red @Behavioural @PerPort @tls @object-storage @virtual-machines

Given a cloud api for "{config}" in "api"42µs

Given an openssl s_client request using "tls1_1" to "{port-number}" on "{host-name}" protocol "{protocol}"654µs

And I refer to "{result}" as "connection"24µs

And we wait for a period of "40" ms41ms

Then "{connection.State}" is "closed"32µs

Scenario: Service rejects TLS 1.0 traffic @CCC.Core @CCC.Core.CN01 @tlp-amber @tlp-green @tlp-red @Behavioural @PerPort @tls @object-storage @virtual-machines

Given a cloud api for "{config}" in "api"43µs

Given an openssl s_client request using "tls1" to "{port-number}" on "{host-name}" protocol "{protocol}"628µs

And I refer to "{result}" as "connection"22µs

And we wait for a period of "40" ms41ms

Then "{connection.State}" is "closed"31µs

Scenario: Verify SSL/TLS protocol support @CCC.Core @CCC.Core.CN01 @tlp-amber @tlp-green @tlp-red @Behavioural @PerPort @tls @object-storage @virtual-machines

Given a cloud api for "{config}" in "api"32µs

Given "report" contains details of SSL Support type "protocols" for "{host-name}" on port "{port-number}"2ms

failed to read testssl.sh output: open /tmp/testssl_protocols_finoscccintegrationmain.blob.core.windows.net_443.json: no such file or directory

Then "{report}" is an array of objects which doesn't contain any of15µs

id	finding
SSLv2	offered
SSLv3	offered
TLS1	offered
TLS1_1	offered
TLS1_2	offered

And "{report}" is an array of objects with at least the following contents15µs

id	finding
TLS1_3	offered with final

Scenario: Verify no known SSL/TLS vulnerabilities @CCC.Core @CCC.Core.CN01 @tlp-amber @tlp-green @tlp-red @Behavioural @PerPort @tls @object-storage @virtual-machines

Given a cloud api for "{config}" in "api"28µs

Given "report" contains details of SSL Support type "vulnerable" for "{host-name}" on port "{port-number}"2ms

failed to read testssl.sh output: open /tmp/testssl_vulnerable_finoscccintegrationmain.blob.core.windows.net_443.json: no such file or directory

Then "{report}" is an array of objects with at least the following contents35µs

id	severity
heartbleed	OK
CCS	OK
ticketbleed	OK
ROBOT	OK
secure_renego	OK

Scenario: Verify TLS 1.3 only certificate validity @CCC.Core @CCC.Core.CN01 @tlp-amber @tlp-green @tlp-red @Behavioural @PerPort @tls @object-storage @virtual-machines

Given a cloud api for "{config}" in "api"32µs

Given "report" contains details of SSL Support type "server-defaults" for "{host-name}" on port "{port-number}"2ms

failed to read testssl.sh output: open /tmp/testssl_server-defaults_finoscccintegrationmain.blob.core.windows.net_443.json: no such file or directory

Then "{report}" is an array of objects with at least the following contents19µs

id	severity
cert_expirationStatus	OK
cert_chain_of_trust	OK

Feature: CCC.Core.CN01.AR03

Scenario: HTTP redirects to HTTPS @CCC.Core @CCC.Core.CN01 @tlp-amber @tlp-green @tlp-red @PerPort @Behavioural @http @tls @object-storage @virtual-machines

Given a client connects to "{host-name}" with protocol "http" on port "80"2ms

And I refer to "{result}" as "connection"18µs

And "{connection}" is not an error23µs

And I transmit "GET / HTTP/1.1\r\nHost: {host-name}\r\n\r\n" to "{connection}"501ms

And I attach "{connection}" to the test output as "HTTP response"92µs

And "{connection.Output}" contains "301"39µs

expected {connection.Output} to contain '301', but got 'HTTP/1.1 400 The account being accessed does not support http. Content-Length: 288 Content-Type: application/xml Server: Microsoft-HTTPAPI/2.0 x-ms-request-id: ff4f266a-601e-0070-7ea8-fd146c000000 Date: Tue, 16 Jun 2026 15:51:51 GMT AccountRequiresHttpsThe account being accessed does not support http. RequestId:ff4f266a-601e-0070-7ea8-fd146c000000 Time:2026-06-16T15:51:52.7478485Zfinoscccintegrationmain'

And I call "{connection}" with "Close"23µs

Then "{connection.State}" is "closed"25µs

📎 Attachments:

HTTP response

View JSON (678 bytes)

{"State":"open","Input":{},"Output":"HTTP/1.1 400 The account being accessed does not support http.\r\nContent-Length: 288\r\nContent-Type: application/xml\r\nServer: Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: ff4f266a-601e-0070-7ea8-fd146c000000\r\nDate: Tue, 16 Jun 2026 15:51:51 GMT\r\n\r\n\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\u003cError\u003e\u003cCode\u003eAccountRequiresHttps\u003c/Code\u003e\u003cMessage\u003eThe account being accessed does not support http.\nRequestId:ff4f266a-601e-0070-7ea8-fd146c000000\nTime:2026-06-16T15:51:52.7478485Z\u003c/Message\u003e\u003cAccountName\u003efinoscccintegrationmain\u003c/AccountName\u003e\u003c/Error\u003e"}

Scenario: Only secure protocols are exposed @CCC.Core @CCC.Core.CN01 @tlp-amber @tlp-green @tlp-red @PerPort @Behavioural @tls @object-storage @virtual-machines

Given "report" contains details of SSL Support type "protocols" for "{host-name}" on port "{port-number}"2ms

failed to read testssl.sh output: open /tmp/testssl_protocols_finoscccintegrationmain.blob.core.windows.net_443.json: no such file or directory

Then "{report}" is an array of objects with at least the following contents26µs

id	severity
TLS1_2	OK
TLS1_3	OK

Feature: CCC.Core.CN01.AR07

Scenario: Verify HTTPS uses IANA-assigned port 443 @CCC.Core @CCC.Core.CN01 @tlp-amber @tlp-clear @tlp-green @tlp-red @Behavioural @PerPort @http @tls @object-storage @virtual-machines

Then "{port-number}" is "443"21µs

Feature: CCC.Core.CN01.AR08

Scenario: Verify mTLS requires client certificate authentication @CCC.Core @CCC.Core.CN01 @tlp-amber @tlp-red @tls @Behavioural @PerPort @tls @object-storage @virtual-machines

Given "report" contains details of SSL Support type "server-defaults" for "{host-name}" on port "{port-number}"2ms

failed to read testssl.sh output: open /tmp/testssl_server-defaults_finoscccintegrationmain.blob.core.windows.net_443.json: no such file or directory

Then "{report}" is an array of objects with at least the following contents15µs

id	finding
clientAuth	required