Test Case for FEA135 – Enabling HTTPS
Test Case for FEA096 – Enabling HTTPS
Test Case description: Verify that HTTPS is enabled and enforced, ensuring secure communication between users and the server.
Test Case ID: TC_FEA096_001
Author/Designer: AF0833
Date of creation: 11/03/2025
Class: Functional
Test description / objective
This test case verifies that the website enforces HTTPS, redirects all HTTP requests to HTTPS, and ensures proper SSL/TLS certificate installation.
Links to requirements or other sources
Test pre-state
- The website is deployed and accessible via HTTP (
http://). - An SSL/TLS certificate is installed on the server.
- The web server is configured for HTTPS redirection.
Test steps
| Step | Action | Expected Result |
|---|---|---|
| 1 | Open a web browser and navigate to http://vm3181.kaj.pouta.csc.fi. |
The request should be redirected to https://vm3181.kaj.pouta.csc.fi. |
| 2 | Verify the SSL/TLS certificate using the browser security panel. | The certificate should be valid and issued by a trusted CA (e.g., Let's Encrypt, commercial SSL). |
| 3 | Open the developer console and check for mixed-content warnings. | No mixed-content errors should appear; all resources should load via HTTPS. |
| 4 | Access a specific page of the website (e.g., http://vm3181.kaj.pouta.csc.fi/login). |
The page should load over HTTPS with no security warnings. |
Test end-state
- The website successfully enforces HTTPS for all connections.
- All HTTP requests are automatically redirected to HTTPS.
- No security warnings or mixed-content issues appear.
To be taken into account during test
- Test across multiple browsers and devices.
Test result (Pass/Fail Criteria)
Edited by AE9947