BASEDIR=$PWD/$(dirname $0)/../test
CONFIGFILES="index.txt serial.txt"
PASSWORD='changeit'
-CATYPES='trusted fake big expired nokeyusage root subca subsubca'
-#CATYPES='trusted fake expired nokeyusage root subca subsubca'
+CATYPES='trusted bad fake big expired nokeyusage root subca subsubca slash'
+#CATYPES='slash'
BIG_BITS=8192
SMALL_BITS=1024
export CN="the $catype CA"
if [ "$catype" = "subca" ]; then
generate_ca_cert "$catype" root "${DAYS}" false $BITS
+ rm ../root/*{.pem,.old,.attr} &>/dev/null
else
if [ "$catype" = "subsubca" ]; then
generate_ca_cert "$catype" subca "${DAYS}" false $BITS
-
+ rm ../subca/*{.pem,.old,.attr} &>/dev/null
else
generate_ca_cert "$catype" $catype "${DAYS}" true $BITS
fi
# Signing policy file for the $subject_name"
access_id_CA X509 '${subject_name}'
pos_rights globus CA:sign
-cond_subjects globus '"$(echo "${subject_name}" | sed -e 's#/CN=.*$##')/*"'
+cond_subjects globus '"$(echo "${subject_name}" | sed -e 's#/CN=.*$##' | sed 's/http:\/\/slash.slash.edu:7656\/testing/Utopia/')/*"'
EOF
cat <<EOF > ${catype}.namespaces
# Namespace for the $subject_name"
TO Issuer "${subject_name}" \
- PERMIT Subject "$(echo "${subject_name}" | sed -e 's#/CN=.*$##')/*"
+ PERMIT Subject "$(echo "${subject_name}" | sed -e 's#/CN=.*$##' | sed 's/http:\/\/slash.slash.edu:7656\/testing/Utopia/')/*"
EOF
else
echo "${cadir}/serial.txt exists!"
fi
+ rm *.pem *.old *.attr &>/dev/null
}
function generate_ca_cert {
echo `pwd`
- dn="/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the ${catype} CA"
+ if [ "$catype" = "slash" ]; then
+ dn="/C=UG/L=Tropic/O=http:\/\/slash.slash.edu:7656\/testing\/OU=Relaxation/CN=the ${catype} CA"
+ else
+ dn="/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the ${catype} CA"
+ fi
echo $dn
echo $CA_DIR
echo PDW=`pwd`
CMD="openssl ca -in $filebase.req -out $filebase.cert -outdir $tmpdir \
- -md md5 -config $REQ_CONFIG_FILE -batch -preserveDN -extensions ca_$flags -passin pass:$PASSWORD -days $validity $castring"
+ -md md5 -config $REQ_CONFIG_FILE -batch -preserveDN \
+ -extensions ca_$flags -passin pass:$PASSWORD -days $validity $castring"
;;
*)
echo "Unknown flags: $flags"
if [ ! -d 'grid-security/certificates-subcawithpolicy' ]; then
mkdir -p 'grid-security/certificates-subcawithpolicy'
fi
+ if [ ! -d 'grid-security/certificates-withoutroot' ]; then
+ mkdir -p 'grid-security/certificates-withoutroot'
+ fi
hash=$(openssl x509 -hash -noout -in $1-ca/$1.cert)
cp $1-ca/$1.cert grid-security/certificates/${hash}.0
cp $1-ca/$1.crl grid-security/certificates/${hash}.r0
cp grid-security/certificates/${hash}.* grid-security/certificates-rootwithpolicy
cp grid-security/certificates/${hash}.* grid-security/certificates-rootallowsubsubdeny
cp grid-security/certificates/${hash}.* grid-security/certificates-subcawithpolicy
+ cp grid-security/certificates/${hash}.* grid-security/certificates-subcawithpolicy
+ cp grid-security/certificates/${hash}.* grid-security/certificates-withoutroot
#override root and sub namespaces
if [ "$1" = 'root' ]; then
cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=*"'
EOF
rm grid-security/certificates-subcawithpolicy/${hash}.{namespaces,signing_policy}
+ rm grid-security/certificates-withoutroot/${hash}.*
fi
if [ "$1" = 'subca' ]; then
cat <<EOF >grid-security/certificates/${hash}.namespaces
CTYPE="client"
create_cert $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" ${TYPE} $DAYS
+ openssl pkcs8 -in $CERT_DIR/${catype}_${TYPE}.priv -topk8 -passin pass:${PASSWORD} -nocrypt >$CERT_DIR/${catype}_${TYPE}.priv.pkcs8
create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy "proxy" $PROXY_VALIDITY
create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_dnerror "dnerror proxy" $PROXY_VALIDITY
create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_dnerror2 "proxy" $PROXY_VALIDITY
create_cert_proxy_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_rfc "rfc proxy" $PROXY_VALIDITY proxy_rfc_plen proxy_rfc
create_cert_proxy_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_rfc "rfc proxy" $PROXY_VALIDITY proxy_rfc_lim proxy_rfc
create_cert_proxy_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_rfc "rfc proxy" $PROXY_VALIDITY proxy_rfc_plen proxy_rfc_plen
+
TYPE="clientbaddn"
create_cert $CERT_DIR/${catype}_${TYPE} "${CTYPE}" ${TYPE2} $DAYS
TYPE="host_rev"
- CTYPE="$HOSTNAME"
+ CTYPE="$HOSTNAME revoked"
TYPE2="server"
create_cert $CERT_DIR/${catype}_${TYPE} "${CTYPE}" ${TYPE2} $DAYS
TYPE="host_exp"
- CTYPE="$HOSTNAME"
+ CTYPE="$HOSTNAME expired"
TYPE2="server"
create_cert $CERT_DIR/${catype}_${TYPE} "${CTYPE}" ${TYPE2} -1
TYPE="host_baddn"
- CTYPE="$HOSTNAME"
+ CTYPE="$HOSTNAME baddn"
TYPE2="hostbaddn"
create_cert $CERT_DIR/${catype}_${TYPE} "${CTYPE}" ${TYPE2} $DAYS
TYPE="server"
CTYPE="server2"
- create_cert $CERT_DIR/${catype}_${TYPE}2 "xxx.foo.bar" ${TYPE} $DAYS
+ create_cert $CERT_DIR/${catype}_${TYPE}2 "xxx2.foo.bar" ${TYPE} $DAYS
TYPE="clientserver"
CTYPE="clientserver"
case "$1" in
-a|--all)
ALL='yes'
- CATYPES='trusted fake big expired nokeyusage subsubca'
+ CATYPES='trusted fake big expired nokeyusage subsubca slash'
# CATYPES='subsubca'
shift
;;
else
create_some
fi
+ rm $CA_DIR/*.pem
+ rm $CA_DIR/*.old
+ rm $CA_DIR/*.attr
done
-----BEGIN CERTIFICATE-----
-MIIKBDCCBeygAwIBAgIJAMAFlm8hDOq7MA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV
+MIIKBDCCBeygAwIBAgIJALU1gOOYZI9dMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV
BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE
-CxMKUmVsYXhhdGlvbjETMBEGA1UEAxMKdGhlIGJpZyBDQTAeFw0wOTEyMDkxNjI3
-MDhaFw0zNzA0MjYxNjI3MDhaMFkxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9w
+CxMKUmVsYXhhdGlvbjETMBEGA1UEAxMKdGhlIGJpZyBDQTAeFw0xMDA2MjUyMjEy
+MjRaFw0zNzExMTAyMjEyMjRaMFkxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9w
aWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjETMBEGA1UE
-AxMKdGhlIGJpZyBDQTCCBCIwDQYJKoZIhvcNAQEBBQADggQPADCCBAoCggQBANkY
-oZ/9Bi83Mn6PTnbxo4JgJRCXcfaefgScjIxKk40KhqBozEBOLBwz42GAWJ0rVz2+
-kF9ZGApAqCRmlann/dDEoOYQfSL29XUr+dr9h3GATtzU+9xfa/0BnykZAAcl6MFV
-MYy4aJUY5wiOaeaanDAeNuoj+RVYCZAvv23IYlIrjU0QySx8ykdIs+IQ75W6+inA
-PKb80Y8lj7TpArbicJoo29JLXCzHRMRBfBhNOAf6IVSWKcabyq9HmYFOwhPd7dLB
-6gZLrh0FEBrAju0IMGf8RlgaDJAqpda63DU4xrH+8yZcR/GAxa0Ax92AM04b9Atn
-e4xz1cIyrEcDj/EM+E9YPWTyag0dRMJDpC6BNajDWQibScy5D2UA1wL0MjHJYenS
-e/Xk0gEMjsLK91Io8rH9LfNoIaASqZ2tN+cO/UuP+vZCE6NoGTLFWKH8oMpnQfk6
-ARgA32uy+MDmW8jWM2vTC9JOBs3oZYtuS66VuC9CSqtG/S/4nbK7O/14Ooi0YaZQ
-cztDE9EP4nNKwTWKidTioUXAVJcF1FIzltxHsUClUyII6s3hHeIeRxZN9UBB+lBN
-QktjZx3nRmeMDfN7uBWYplX406c5jSPH4ZlDHepTEHddDHyy0mhQwKa/hhE2hZjZ
-63AYhc0DyaiJp0PsqLyk0FgBd3HdvNbT8hyjgtqKzinCsb64NREPCDzLcxC9fQUo
-Oxe58VnfI8HtnylWL3CTNFEiijotDxbpIFGxXZJHS+GsnvsSd076rGBVCv2GX9W9
-EJ0zZgv/tq+fdTV88Y4CjIexuzTxE6q5DKKUF/BKVyn++jBWamoWoh/RzDbKcsJP
-sE/rV7h5FVMaX2KfhdcYEaJ0kg/3RPzGuWryV4e83x7YvBPeMxSWEHW/ydHWc+PI
-6a7zACIhT3YnJqPrOrXijr3G1tMG2L9tHVV87xOftVs5fu2O+feXBv5T12xj4fgJ
-gEbGkS8AiuiY2c0EGH2dbgrzBAR7ubjlAndMOSWxxD874X7KLFw0n/zck7BME/hH
-o+k6ZC7OI1cCywVgaI1bZCPOkyLiHTzKha6nc6KjB0BQnObZatDTcWVg/uS8WyN9
-gRgv+Ga8MRJ58te4GYHlV6kbSuoEfIujWL7VDFi8t3b+U4Uqb4eaPuCdcnEYje1g
-8r9gFdUeg50YL1Mk5Roz20K0KKbz5yAyptDaGB8ld3v6zbvCw6qnZA3g7AXoFHNb
-Y3HTU+r4USSIxonGIQJPMVa0xtfNOInxix5Hz5UthFeZ25KLzLOHkfTTr271dwcv
-Cm1/ExkdUtSmtI5IKQofNJk9x237QLTOGZNBUwg/1ZAYa7T1d4ndmo+OTPXEIRUu
-hAwmb1MJjmHavd9I7NMCAwEAAaOBzjCByzAMBgNVHRMEBTADAQH/MB0GA1UdDgQW
-BBSyeeMzGfYa1Z+R0JX2b+biUseWujCBiwYDVR0jBIGDMIGAgBSyeeMzGfYa1Z+R
-0JX2b+biUseWuqFdpFswWTELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEP
+AxMKdGhlIGJpZyBDQTCCBCIwDQYJKoZIhvcNAQEBBQADggQPADCCBAoCggQBAK+b
+mQGBcmQ7HH8vWeYF5tc1bW3odFGwxZ8zvPGxBzDvxpYWBdBWmVfq1vM2uiKJpXGM
+5le6zD5q6uGJn0AX42xyGpo7xO3zivoVSY1KA0ONLTQF6KcezZmwYV9JjSK8dqeU
+zgM2iyhF9/Po1E6K6XHeBNYMuA0Rjdeemoltdc2STNspxdzaW+1N5hB2/lUGjb7G
+fDF0MocCH0KgiKvFrfYxu3sqAAKqAU7gEPUqnSxTWOycFor/UwVJIwJhI1Egt2o4
+5zxqTJB9LlQ93nNl53bPE9W5psT/v53bFRPVGbmL2LY/ovWrD4swIx/kfLB1ueuX
+RRU5V6DAYRh5mIJ/ASWHH/Rbd3YJ1TZmGKviywlC2/37OhcY9n/do3QLxZgwqpHc
+FcIW/O8B6GcRbVWZlSyZaoGgGQY9nFiL1gahHOci6wADeXiCyCN0yJVxC84D3c35
+6li5QOrVlvK0iKgL6xuIqYWVO4br5xgQMjdKTamzsNvNsR88gSm8cVPHZI/YGnG8
+udmlPk5XaUklUBb24ofnIIlgcLZbhC2bRTkLStm525Fsvr4j7OyXyZ8MDlo7SoNi
+oN1Ilx3bjt3QpJidv03m6eiO958pQZs1+MzAAME8HBVXrwu+f6tTdhgHq42Ms7hP
+lFfz4wMnDMvgjFXV1zFFxoFiSp2jUsH9IbxcLT/BlHPgzyLy464hFSzOLUPhOq/e
+7odbF9MiQi93LvTYCBei6r8EQTrG2fQMIAAnIx/cTlv0WeDhC86crOHaLWFmhdlY
+3RkzuBz1rK8vjXwR/1iai6vGy6h+hfYLjcmJsNVGH7mX6A3MS5jxCv8ozStOdVEX
+1jOrbcl89S7ETxpMAMQcwZZ3oCd8PTTv/Yi8KP9E/w2Nb4xhS4NuO7lLDW5JaCMK
+aePgDQayaNC7RG2ov4pJt+wSr0T9SgEOldkIe3rR22igSbLY5MYj3Tl9Cu6tFnvx
+BssSkF8hcmsibyNBchDnsH8CC3DnRG0j1ZDNZiwGJXeu2+4z5pwXQQl72EUs1SfB
+PWEC4ptztYvlZwClHfV4T9EOkV3kFiIL1yCWGaVutGXG+Klno+SdQgiu4EFn0von
+u93kF7roo81/I9xeNkHHl4HbqiWNtqb5pXrZdCzeehXqZLlcNKTnN+jpiULJh10L
+Ld1M8k0lJxhpWdhdttIueAkVcyS5cSzXPA/+R4IsxXZHWo0Ird5iIGsOXFJYY99Z
+e22kXF6BZDIQdlleAu5xd0mtngI6Zy7Uo7kr2CeNp0CEQPLyRjBEEuUYGN6KlBIJ
+Q53QgPfo/Jxn/lLQFiIHW+wuyjLiNa50vH33gzzxsVTINWGekMCrofmG1kVldQKI
+HDEDnLASgRlaFmEd5NkCAwEAAaOBzjCByzAMBgNVHRMEBTADAQH/MB0GA1UdDgQW
+BBRDocYpyA9CTEuZ12kNMzJH0sqcUDCBiwYDVR0jBIGDMIGAgBRDocYpyA9CTEuZ
+12kNMzJH0sqcUKFdpFswWTELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEP
MA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRMwEQYDVQQDEwp0
-aGUgYmlnIENBggkAwAWWbyEM6rswDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB
-BQUAA4IEAQCUNIxuOf4Q2sTdTP6xUWPUnhGGes7LAEacOIw/QsFyEFbgaH0+lB7g
-nc1I8gG2/ZuvOBPo73s2oRai2Yn0OMHonJjlF+21iYAHyd0+XjmVbMwOMwJyUyV0
-QRZJt3i0eel4Ti6ml0w5qYoNoRqMh/xgVSFlaXaXl1TaxYDT3ZJNkajCIw2PcRcP
-HYdY41GpldLOUsyeqEAP4ktbwcHGjm5ThmFtl3PsDEoJpZ6/bhuy82GIImV9nOzl
-WEhry8tJL7l0N4znrjze/Lu4UknqqU9Y/Blj3mR+MYQMt2/dwqeqPsy7vk83uC2C
-OR+WUHjWSBn1hBScGUBUHWVMcGn2j5A5+k8LvRgSvrBDJGBzGVHDYtix5g1fDSM8
-Ocb+7shEsRgwu7FEt8p/E1QiQusO5sOkT9AN4430nZEn23SY9dejyRgsCMv2fgK9
-dY+FQjwubcY5SKvLcTEWwMkgeQkRs3Qot9h6rufPMsxjoI5D985ShpEQeJq5LXDT
-yK8hvSUF8IXA61pGtQ6CfmXmdaESq/33y3CD6iDtnifrllkDXu9dZHmpoK0xm/Ng
-CJAO/i+OLFARI92X6fMZ70dgOlOsnftunDkFstL9aSUwRItvJLEvgCO5ow9AcVBj
-957BbAvyo/T77v+Sps2yWVy/ryGyOWfjiMGna6oL79s/TrMTiwCJq24++rXDteMe
-x+dGQwkrXXx5ETIwbQeUhHyNwda9JxZRghEjpyIjfP4J0CO/KzOfHWFsnS35R22L
-5a1johlMA/cNHj8Scn5uCQA9QZD2npSDSYDyzB11VC+yWNXuY9d9/y/VsWCEyKKg
-IyEeqcMK1a/tOVSnLITxMrCWAdt20XDbLuqMeZTXFLTq5aP4gTZWbrY9bJDzDtaq
-7+M/Mt+VPz+C3KGKyd38wx6dP8mb/5sEax9JgZvpnVQTCRFzi2AOGEX75LEQOkYI
-Xf2IwkYCeW/o3DhfwqyzxyjboQlabD0GYsB7BrxyGEQ8XxspGb2PNa5Lyvy7WH5L
-+8v4++gtDwqkDID/+hO0MDfuqGrCyThFMuKBwqvmo/z5xia2/s8/cUteQXjxQW2S
-4to6ooB3Z+Llihgkd5wM0zVm9GnQbHr3oaeqOmd6CfvxVzkAPAfDm2tW1hamme84
-Dw7n0NFromRErcqE9HRZ8l3+BR4tJ96ZBCZNNlfaxAT8nvMXgrwsAUfTSifnSj1+
-XMPxYppbHsx0OYmZY1ApkQuIU3T+VaJBAS5owf136KgUO2v9EuTRslYjMeHvMxWg
-UT+fvt1dbre29hVV998ZxOT+d2YvXh80NtN2sOv3MRn6DuHi2vdDo1X6msFEjELu
-65zrURNK4nhfrN2nS/rV671gDOVI1mw/
+aGUgYmlnIENBggkAtTWA45hkj10wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB
+BQUAA4IEAQB8mj7n9bfbuyA8rcB/xRcsVFAodPCsmP3fUc2eqYwJLPA2cXQ4eae6
+r5RRWTAjGZMn03sLvMklQOAv1MtVLlF+Z/45qgSz8hLjwMz+HdkSo2YcgWJvip6W
+7ZHGmtrMpIO6qsziRKB6aMJPDMTlTrZeTTzcUTamMeJtgNCn8OIk+WSZVJ1KUvaW
+hwszo5irY7zVuLLK4naGdZSypGH/VArFyPb8dntNcUTfuIIZqboW4hSq4rfzZ0IC
+HiR9XyW7iUCGWmnZgOacywepEGlwi9xHv+0I0ux+9pfvlAWjzUQVN51Ddd05BeA8
+YCp3ZENDZyxyVZAn/XUycQGJKf24MqLawuioOV/rba5F3m48XFXimkOoe0Rxdyn7
+t7rGnYKuqqqLI1Hx4OJ5gEfF5hXvkAiyqmHobvqZ7jiyVnGM0b3mNupBKa5VGJAp
+sO5atOEpTYS2mdN3Exvtkw2YQm6841CzRszQ2aH/y2xplQIaGriy/2t3Y8NKSf9L
+NW0dllfiQX7/f2ocPzSEcjAWisNvXXQTaLa7K4TNESbO2mlmeugCVVacjgIxBiJH
+Tg/bMJ2MP3zSbadzpHwWjPvGngxhXjWxERyRmtCzDMer6dvIlnZeOGMM0tk8wJah
+Gc+YfLCOrFxC7NMSdjcHlMUs2GXIC2Y7a7CxI+ypWOPDDly4WzNU12Jt6Uy10enc
+suksQRabAitWX2Cq56uSX4fSz3dZQ0Cud3KLRk2JbemHbgWNH02AneFq69iypoml
+uwI+CpGdza7S6/FMZNmFXJenDk0C+w0hKZWjZW1CANhltR6BM66VEByq5ZG7pMNe
+rSg6vFDJ4u2hi1hv4hh6pXZVtOjs0pTPN5vyx5SNnTOfyKgxxZi7qgcloo6KLYnu
+XGe1wVveiWHodQ9fFMBik6R02C92sr/0NOsjUUmJRhQUko5C078dN8EEXsAgeOUR
+nrECnf5kma+gRdfjw7uCIK94/gp+NpPNjPtrq2eiAAonu20/6p0DogZnZ00ApseF
+o8ZBp/cMzIm1QgrddZR2SmppUQfBhfoZyu0p5U0E2MSd7JIpzaFXuICTcoMuUUpY
+f1aCN9lHGr1212983wHVXIJsWall/3iRmV5J6pF+DpXXnphL0KeKYNR0fX3HUo9a
+6RkRy+dj8eIaxu9XM2y4xFsNDV7xYfnLzrPn8cVJZQO923CCIGyEGUT++/XUPJwy
+z9zRulRh95KWnyEhUUdwxj8nZj/ImK/hEilqwb1ZxYkD8lI5Ili06/FlIMPCTHdN
+zx8KtKEfIvodxieuPBiDgPA32khWE57+/NPKimcqFdeoxKZ01iFBt2bApcd56kML
+Y+kjh3AYChh+DuhotJgox/sl+gM8Lezu
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIISKQIBAAKCBAEA2Rihn/0GLzcyfo9OdvGjgmAlEJdx9p5+BJyMjEqTjQqGoGjM
-QE4sHDPjYYBYnStXPb6QX1kYCkCoJGaVqef90MSg5hB9Ivb1dSv52v2HcYBO3NT7
-3F9r/QGfKRkAByXowVUxjLholRjnCI5p5pqcMB426iP5FVgJkC+/bchiUiuNTRDJ
-LHzKR0iz4hDvlbr6KcA8pvzRjyWPtOkCtuJwmijb0ktcLMdExEF8GE04B/ohVJYp
-xpvKr0eZgU7CE93t0sHqBkuuHQUQGsCO7QgwZ/xGWBoMkCql1rrcNTjGsf7zJlxH
-8YDFrQDH3YAzThv0C2d7jHPVwjKsRwOP8Qz4T1g9ZPJqDR1EwkOkLoE1qMNZCJtJ
-zLkPZQDXAvQyMclh6dJ79eTSAQyOwsr3Uijysf0t82ghoBKpna035w79S4/69kIT
-o2gZMsVYofygymdB+ToBGADfa7L4wOZbyNYza9ML0k4Gzehli25LrpW4L0JKq0b9
-L/idsrs7/Xg6iLRhplBzO0MT0Q/ic0rBNYqJ1OKhRcBUlwXUUjOW3EexQKVTIgjq
-zeEd4h5HFk31QEH6UE1CS2NnHedGZ4wN83u4FZimVfjTpzmNI8fhmUMd6lMQd10M
-fLLSaFDApr+GETaFmNnrcBiFzQPJqImnQ+yovKTQWAF3cd281tPyHKOC2orOKcKx
-vrg1EQ8IPMtzEL19BSg7F7nxWd8jwe2fKVYvcJM0USKKOi0PFukgUbFdkkdL4aye
-+xJ3TvqsYFUK/YZf1b0QnTNmC/+2r591NXzxjgKMh7G7NPETqrkMopQX8EpXKf76
-MFZqahaiH9HMNspywk+wT+tXuHkVUxpfYp+F1xgRonSSD/dE/Ma5avJXh7zfHti8
-E94zFJYQdb/J0dZz48jprvMAIiFPdicmo+s6teKOvcbW0wbYv20dVXzvE5+1Wzl+
-7Y7595cG/lPXbGPh+AmARsaRLwCK6JjZzQQYfZ1uCvMEBHu5uOUCd0w5JbHEPzvh
-fsosXDSf/NyTsEwT+Eej6TpkLs4jVwLLBWBojVtkI86TIuIdPMqFrqdzoqMHQFCc
-5tlq0NNxZWD+5LxbI32BGC/4ZrwxEnny17gZgeVXqRtK6gR8i6NYvtUMWLy3dv5T
-hSpvh5o+4J1ycRiN7WDyv2AV1R6DnRgvUyTlGjPbQrQopvPnIDKm0NoYHyV3e/rN
-u8LDqqdkDeDsBegUc1tjcdNT6vhRJIjGicYhAk8xVrTG1804ifGLHkfPlS2EV5nb
-kovMs4eR9NOvbvV3By8KbX8TGR1S1Ka0jkgpCh80mT3HbftAtM4Zk0FTCD/VkBhr
-tPV3id2aj45M9cQhFS6EDCZvUwmOYdq930js0wIDAQABAoIEAQC5aHroq2yzuF1s
-jzGBDgAKIdil4eGXsWaIw7aZPjvj0eCGcNo39UtgzsPcCoQjvtckSXL9q5aHcw7m
-/6HEWPiBatzLf7uPuACMEIG0EKCzQ9SWb2OmouwUSWVH8Sz/7dVqADtwJjJTW9A8
-k3xIUTUhNzzJHO3m16hbNxwzQ1cNPFrSPYrCbtVGqgXPBY3If8aVD7P9HaBPs9GW
-vQXvcVafolOSt3/CUnEdd5vnGVPIJEyA9Do7f+RLbEfikoPX+craG3il5c6OxDsr
-zdaDA2Jr/J2LMrwWCAZYbIATCClR7R52XYun6sVoamlHd+zZQbBcaQWwP2GJGEPf
-5l/xi5UqFn9gjlQaXSvTCXfXq8xLFIMegZk2ubo3Fc+Lm0ifEpGH45awu7rK4JGw
-NS2iQox7jHHJFt7Y2fd4TW6X7EpRVWcNGAOzo/0ZSkfXGG2uTx+eHXa/rEcjsNcX
-z+UFkkKaTMUk2DSheF/5A7qpIP8LhX9F5jvn01nDQnsKj7rV89AN/VlcfH4ZJ4rL
-0kVOV8I9SUxYyNi1nmnlxl+KQ8RTJJ7qS1lVeXRPIHKvzuas+WwxVrpOrldrx5Bu
-cMOddcUS1KsCc583i0RKEbRPc23CKSy/9HzspsBiDM1r29hBLSJOF5cmxhrHq/t2
-8BElRqIZclzpPF9ppOlZQ+vbn53qy9twP55kpXmE1ablwyz1VnNaWwyMS1zFc/vq
-Wpn/CTCzZmqo5pETxpc2aEVPIsSmjakYL2+xqoMxFso9uBFmxe92VjvzlbJtiq8I
-I2COqm3Rj3+b8Y5U47e4mQXmcyRc/XSCANM9bo1/l/9YuOwvkGfEm/L5eSLAQxrZ
-4LY9lJZa2GWpaulPqwUKVsE1MiUj6NNjU3eXlMyMfz9agL7AW2rsgX3yYHYpzL0V
-dS+zg6UHmk1WL6I/b2DzKVUV809I5FjPFEEHoQFDUGYedunEHFsCiFYWVTKbPXyB
-6RK62mEd+a9xTwI1MPXyMFK1460+58F4LTv+VbnNfZDF1PjWSYK444j4YrIT616w
-gULc+ktrplbDs2Cz8ILJKhFHDIf4qXr8wRmM0lHNcAzQNvAUE7jJgpUxYtvN14gd
-4DD5auFzkbmdbapVIJ7Q3bEXKpPRbofcurmSS9CMRr+S0q64iJ1jvAXqrM+YIpT6
-Hs3h9R5wKEkGAJ9bXaan/jhNcla4Q70j6286iMJ2TEQzdGG3BgeQGm3P6xkXhMvQ
-BQrII8jNk4ngHDvb10A8hgxhox02paj9EwCUB/SQ/HRtuT9U1cOimsGqT9gj2zHZ
-pqSK5WKT4qErnCbaJg2uHn0e9MhrZlldad7xFLhPl1xy50qHpgCL4Xi8r5yr4zhh
-fg1R3c/BAoICAQD9MYjbfx4xqoiMKLEkoeTyEBN5s0d63ihomlqBTcHeC6BI2VLf
-Rb8Uw/aE0Vd4rRj9VF6fp4tIwklEesO9Rhp+FbyTtHyjDikOOpBKhG+uhkqoac2M
-1VUuzthkQzk2Hy+kaGwcKFRbqSH7HAldv1Gu8MMgaiDeio1hfgPoi5Ud988CiQcz
-pLRbSjguLdzjZEw3zmrTwxMg3Vp1AKjAHsXYFNWLUTVFCyqxI/sXhgoQkN8RCfPz
-8tHD6qKP9LcmDhdnpEG1KJxCvfJo26+Yh92zUZMuk1cvhGoV0zH8fcQ+7ac0L+qn
-M8sGIOSpbgSkoa8YNjywiOXJSIDbGTLzJo+jcXlCU6XRSFm24fzoGR2vyTUWZ0wD
-rvWrP546PD7insG6i/ulA8ax32vKq01rA/uErHkjXx3NNj0fAzuNRzdZ+p65Llmi
-R5veDXbax8zBmjymJu0ohz11Q4CcCMEnJ0aqc5GldE9zBxCqXjbulO+3s6HQoW6V
-pOaPC1NAZdFWvmdT+nGc/diQmjRzJ6z8LAvfJuS95h7q/SXHT7aU87hg7wfpRJNH
-w4k59N63fBq7Z6ty1C34IN0wbRDzIsPuiw+gub8VbA11e26BhVBepP4z+hOHDYVD
-HDU9RFaW79TmI071t+GsQe/SwpGa7U1DNq/HnIkidLv0/2/AhhEJpqgzoQKCAgEA
-24CqpriNPOfKCUwUxM9F+0EMzVLnBpc57u7ZG5vsy3BXeXXIsoqJ35vE/C9c0Vhp
-ZbgNtDzfgvvTw0BeqXVcSxL8VpKCMxXIJbdRZrx4/tNjV/ppYMUlo+Z/xMhiBvgb
-G42v4LcFUIKzD1JN/csliwxrcfSjD1cDKmBJ57l8TYCWB3K94MdZRDA8jluwpnRc
-HakVemJYfzeWASSnnUzNmxTeTwyTxd1HcUqCf56pkVCJT7vJcaWFzXRjVGV31A/U
-abV/265MauMUtdngfHEw01I4bHa2SOgJSJ/dxWlsvLtp7pgCwLJlr6HVc1uDxCBQ
-vGHYHdSOFVp65InFNpNgRd6ZWm06LzBJnDHFJa9+EJ/haUZnnm0Ng9w6h+qi3ALF
-ai+gmpKgDfK33rV8SxvX04cIZaBoqIkk6FAI5KUGtfCPLUuugmOm3Tq7GBa/pXvR
-OUcEdLsF4yBzWzzgUQlgzBahMfBQHUzy3zFjYJ5u/QNhOqh4+RKFt5fbjVoO0vTy
-BHXrn1YfKNPs2Bnz5f4c/3gUSHCefgCSJ/d1h4uWFhfSv43BaQPLe9PgAyJCKP6E
-eKiFATgmgVcmAoh4er3UY/g3b/n3yAji9v5/aXdkfNpX/dCYmnbhkkO2IjYn7Sy8
-o1yddJXqxn/rcOJnGpLctoMR0rgTaM5/zQXZ5DpoC/MCggIAO1tVfj+60GHuSQ1x
-GelqRuVF643//+n9ByjIdu/Ht0p6dRmduAId3bxjGpgJLZ1G8nzJAhzBJnmFu6wc
-H09D/rMR1n7FiWRUc6V/FjkeBYguEHVdXtrUcXjEehzYWLvO63gfgCpkPGjWMoxM
-FdI4UA7Zb8vxkLpikqx8NhQjDTd/LFT7fzvpnE02Bn1x/00QITUfDi35WgcKoctZ
-xFByiUm5FkQffOQ1Sfnpb4ZY7bFI2jG/Iz2Vt5xWJ/FyzlUXX5C+Zr3yhCMLpVF7
-RQL1EojZPF4GXnlodV1hppPFYgtM24swM6qMug8UDDRimkXdSovMhoZReHKq4rJx
-o1cy7Vo41zfM89dGUP2B0Neygfdlnq7wvxxRM6hia7yb8XzOZfFTOUg9WI3MM2Md
-by0r1dqpO4Wc8vL4OUEEwQYlD88VTsxy7vxiqhf1+SxF8E08Uqdlic7Ktabxi6Lx
-xUAL7QHS7zrpNUo+ufIEZsI7wJE4KjTuO97AvmAlUD+OaAuTJbjc0bUhBCVijmyK
-vUOGNPZlQa+lJ+nY5XTmlNzeKLtg22rcLELG9PNXEyThD3YqV20uqbDqqeOnyZgo
-3s9zBncFOPxv207ohSy/vrBnd7/0vACLcUQ3pvlSY2guPRWh+TD2ku+STZKXl/5x
-0oQLiXxFGfLL7Y/EnxnO/Lg5ToECggIAZWjubpQ4/HiCCQWTWtIAHPKSvZGdlpfr
-dg33VCAXqG3AnCbkkEgdJqfKvFANa9KS7yG3gxvUj6lUzpJAqb3E5BJjboPFj2By
-1an5+6L7q49yCEVyxfiPSUfGo92IHHwn2fT92q3z0JxxqZR239gpAjK8uSsy4nVq
-yvstaddyLERKDCrguqafATff4k1OMbj0jed+OsqQ5EWEEgcjQTMokotzocXHx9RR
-m2+3FsrwwGga6DF0AgNc6+znrygp0ll141itN4sxVviOqu18H0IUMq17z/CQiuJY
-16q0RO5OBGv5pven3esNu7Ti7qbLG6NqaX4y4KVA93CT8l4MNQilo+IRq4tnJEIE
-4BrGYIDRl1CmTYLvgGwVoGPwzraCg27sUgCrDH7NX2RRupzSTckRT3LFWF5hu+uQ
-l5vSYAA2N3xqSZz7hNYRU4g8xAZOiF/J69J5pox5TdPCN9bKM+ZHSEL0OiQyfzb7
-xk4FAbBwyofzNax8J2Z9TLLmBkojKydrYNAyCa06PBydAcILwqhCMW0Cwez17HTL
-EZfsPrEoqBBdl44gWyobqpvalNgRBOuBvFTvDf8pGvxuXSE7uElXhNA6nIs6BLrG
-USKHLuywCla97E+hEUv3LyIFVYz7qUHP7RFu1Vwl2Ytj9QVEaSyMt+2aIGZW4Ub2
-GHypjB3H0C0CggIBAI7/LJMEBnU7U/KSpgzNsv9hrwfjbONqC8bAUkdxRdWxTXNB
-baZeUgz7nFVrT7LSiL+9NKIlNzbXNMPCBoGkYML9Gm/KIzFa2xqV466ceRuK90jW
-MkU1w4WFnWZfzhWc/U621eLTMg/mzUKjMcgEvLv5KM1PWzRp/Fs1xeTrsYt6WCUj
-TPANfXUvvnz4YluYODhlKEr8BhR91S//i0QtaGqlV0GnemkoXcJN2QF3fvDAh8hI
-vPsItXOusQKxSeJUJkgJGnAOx2Br72r12NSjd7+sOsrnwyqsq3kHah7ZhH2cSFaZ
-FrbTDASGoXrO3+EGfTHnOWneu2mKVMcSq0amellnxo7kRkFkUI0Rdi4qzPqV4a9j
-mdwIM/iOQrYsC3lMePTfUQFJwqB8lNKoRDqjilxU69bMzqCU5iFZncyASiACv+T7
-f3yHXbLQrEXuO2Xowj6ppnohI2vdqI+UDodIh/2E2weunnRJfhtJZTjN4HOH/HxX
-ANK1J3CCJSoIx4nCcY4JFchXTgr2hgcuju9C+mK+CTIGNy8BtDxAC6AuW//YD+Pj
-hO/j6sXVhU4qootkxGeswWGfsylk8zrOW9qkt2/ZFgQ0ClooyeVNGvTk5wNcLTX0
-LflBnWCq5gO2d8sOehskNSR8u3rEX32pA6ZX5hDJ1mKE3xVbTCw0sPsLd6y/
+MIISKgIBAAKCBAEAr5uZAYFyZDscfy9Z5gXm1zVtbeh0UbDFnzO88bEHMO/GlhYF
+0FaZV+rW8za6IomlcYzmV7rMPmrq4YmfQBfjbHIamjvE7fOK+hVJjUoDQ40tNAXo
+px7NmbBhX0mNIrx2p5TOAzaLKEX38+jUTorpcd4E1gy4DRGN156aiW11zZJM2ynF
+3Npb7U3mEHb+VQaNvsZ8MXQyhwIfQqCIq8Wt9jG7eyoAAqoBTuAQ9SqdLFNY7JwW
+iv9TBUkjAmEjUSC3ajjnPGpMkH0uVD3ec2Xnds8T1bmmxP+/ndsVE9UZuYvYtj+i
+9asPizAjH+R8sHW565dFFTlXoMBhGHmYgn8BJYcf9Ft3dgnVNmYYq+LLCULb/fs6
+Fxj2f92jdAvFmDCqkdwVwhb87wHoZxFtVZmVLJlqgaAZBj2cWIvWBqEc5yLrAAN5
+eILII3TIlXELzgPdzfnqWLlA6tWW8rSIqAvrG4iphZU7huvnGBAyN0pNqbOw282x
+HzyBKbxxU8dkj9gacby52aU+TldpSSVQFvbih+cgiWBwtluELZtFOQtK2bnbkWy+
+viPs7JfJnwwOWjtKg2Kg3UiXHduO3dCkmJ2/Tebp6I73nylBmzX4zMAAwTwcFVev
+C75/q1N2GAerjYyzuE+UV/PjAycMy+CMVdXXMUXGgWJKnaNSwf0hvFwtP8GUc+DP
+IvLjriEVLM4tQ+E6r97uh1sX0yJCL3cu9NgIF6LqvwRBOsbZ9AwgACcjH9xOW/RZ
+4OELzpys4dotYWaF2VjdGTO4HPWsry+NfBH/WJqLq8bLqH6F9guNyYmw1UYfuZfo
+DcxLmPEK/yjNK051URfWM6ttyXz1LsRPGkwAxBzBlnegJ3w9NO/9iLwo/0T/DY1v
+jGFLg247uUsNbkloIwpp4+ANBrJo0LtEbai/ikm37BKvRP1KAQ6V2Qh7etHbaKBJ
+stjkxiPdOX0K7q0We/EGyxKQXyFyayJvI0FyEOewfwILcOdEbSPVkM1mLAYld67b
+7jPmnBdBCXvYRSzVJ8E9YQLim3O1i+VnAKUd9XhP0Q6RXeQWIgvXIJYZpW60Zcb4
+qWej5J1CCK7gQWfS+ie73eQXuuijzX8j3F42QceXgduqJY22pvmletl0LN56Fepk
+uVw0pOc36OmJQsmHXQst3UzyTSUnGGlZ2F220i54CRVzJLlxLNc8D/5HgizFdkda
+jQit3mIgaw5cUlhj31l7baRcXoFkMhB2WV4C7nF3Sa2eAjpnLtSjuSvYJ42nQIRA
+8vJGMEQS5RgY3oqUEglDndCA9+j8nGf+UtAWIgdb7C7KMuI1rnS8ffeDPPGxVMg1
+YZ6QwKuh+YbWRWV1AogcMQOcsBKBGVoWYR3k2QIDAQABAoIEAEOEEk6m40EwDOPF
+Y83xZPBHJVyFa/tgeIqeDL3r7zTca0CXFQMl2G0Z6Cy4VNYkj8xZfNIsCozQ9J9k
+FytAQ/sU369+3VcTNNKzzoSY+SpGpCOFRg7C5A975eQJ1k6NoR0LNC2+EcCZLhzD
+3qSX+esCjl9xom272woUe5vszscLwardo6om9gMF2TdpWJ1+GI9JpsQoxahso3It
+YH6SUTD/q/JNkpVzoW8e7MYl7Sn2nZDS7kPgqJ22odQvXrG5X2til1z+DZPb3S0c
+YGODwXtHYHvilgDVx2k8qxzl6K8S2m4vh0rmyuIbztVbNqltid7PWQsw8cTnUi1j
+ysQZampwSlPbutFSNHxmwoOLfb6Ayy4aIhpxSYydvVNHl1/NDjdoI6FszzBhTmYa
+KCwqEVWFYpKV6CkjFPJiSRZhaUhgf3OQ4mn39lTTeK8kOIKrr+KafIRCLXhcSF3m
+FUhu1KTQZUTrvGhCWKZCy9vAIJ3nbU8FBV1aGNrgDb5FQh+f2YLzKY1JX+wk5WDv
+DJzXrP7NWRAYWR1zkB0svm+RLOUK9SUzZx6Zl2TbcvRIYVhFxX9AM1MArsEXAhW8
+OxxGQiAEcNgt53x1EzlGhfLKuz+QCcgW30Enq9RGEXhpsoaImyx4xDMQnK5AnEXi
+fnId9k+GYSyrir6S5aWZ2heeZPNGqUVGm4lT1SffE+WcagiA4voVvZ325TKK6ULd
+bYQpxHL8if03Hbui7OJOyLLzMMGm+BGCRA7B4cStmC78XUzxMTxOD8LKm6BwjZYm
+Lp/wAnA9aJKJmkeuPAXzXX2B494SLpOY2207I2r2r9cfc0k03J+J0KMYs2+CMrrU
+Pqk150BPrAGs0I/B88LyGjbCzHVbgRrUrmnmDA+wX2yOLky44PtkbzWBnL7xYs9e
+OZfbC25GacexwmeRxpypQbKZgzQgT3CeLr7g9x67QUsJDEB5HgELVFuO+uFbH4XD
+Uu3CfKPOIY699j3sFzFA+nHTMkN5j+m9/9C5MlUUHJRhBVAieKb5pIqvd/yGVRZR
+v1IEp8B7dpqY0Jyl58ucBBecB7KhKdQYn0dPXLLFxsLs86gIDfbgqiyAo+2/QvgK
+vCTz7ve3YFkWd1qOaEOtHcH7cR8eyZBfrA96+nV18l2690fXcF/9kDEpXQtBlwqH
+RlkdP40mOhlfpGiv5gjg/MMG3NUNQA9PmYVDkoveFHz8Cs6MObtIudLxetqZ/DNz
+UWU4mueYIOcF4qekiJej9V0EhKRDJ+Xy7GAesPWubH5dGHQBDNmNMuUrTM5o8bGH
+5Mjf7hjllEaF8w3Hze38KwmjkvPEG8nPYgUMh2GaT9GUP9IdWs0aCEuUgRP+He8f
+I0C8B5ECggIBAOgXUAWTu7iOvKrYJhTtXGO3wDDLfuI15X3QdZqI1dgunk+f/MFT
+A/JrgP6oCnpDfOcny65yvGIM52lOnbwIccAQxeMjXEPEMwFgSguNZrkidIYL27Jo
+I9P6Ftiq22cM1heO82gxI0lCQiOznSHNSyEyOL3YqWUnco0e4/r8LSTuEdU+f+zt
+uweq9ZAhGHgulQqAWOs5V/kU1AKeby/QVVSKzIVY3HKZTALnH7dCLcWTkk7tjChm
+MuM0viaJmjyTDDNtIz2WhR2wq/Z0Semm5SsNPgdT1W9NzfXCM+Fl6XIWV3HZbJcC
+FUSjESWp0F97Fvx5KCYU0Fjl3Bsg0ABfYqan4X6Dp309AQnhfOWJajC2pTrJL7nr
+XUJwdqFXO8GZ2PxVQOfKCgnHi3pWocbjrH2S/onMcHWUAMk4ypLv20/Zt6uZjfBP
+vOtSIjhJ8biyB1H7c62X9QllYY1fG0mxNJxhduxaXsgThejVxorB1SeUl6vIehVs
+4s3wSWCxJatg8i2RI4tkf9L1+/mmE3o+qobE06HcF+w1GWusJwwR0YpjyPlQ+oN0
+QG9iZ+Uxp65EDUprEfzpGOjA+fkfD+cw+6R1+mIo6sJYgxnKONnmmBF+vGooDoL0
+ELcp/zT51oxyUSe3Dd2Tw1+wUn3X9D2AWRfSj6XGHQcmnp0+YkIk2jwNAoICAQDB
+sraDWtuKjDu6JnyYBM2msIFq4eydt/orsJf5NnFFC590Lj9w1zRA6wwmuLQggYFE
+4OzczBKNgaApxe27FdBy8ceifBdgZvuGIDbE3/tCeFoswuWyBgVVnkmW3WY66MGC
+Dr/HVhNti5W/3cZO9LbBPpOA3yej8iKa5FS/ERRhD6uuQ0s+LWKF/IXUjMi2Fivp
+eU3SpDWrqMi0IeIlYK1QyQaLok1u1ede8f/XMcCzgFWcKJo8cgQ4TUFdLR5PL2zI
+DEGWcAccW/wU/r3+Pl58MImNKudawJ2TEE+QXCt8M42J2hr8sGOhbjSAoU4Uy+aF
+LrSeEUyFOboEyuq3V/WOfG/b6zR0zUy/WVf/3jD2URw5AaiTQmI0vHdP+4/k0yhv
+HREPa5tf1bOCvjcs9v9ViSZR3fkhcSHcHKiTUyVwhjahVsOtpzl77j4ZNT3RA2F8
+yOrrmuKP4LxmRuYqKeRoNbRroI+s5/XNiNkddTU19g4fszQXrqvJLQ9b8cM+tcQw
+MnCuV9acbgvyqJFDMyy1K3w8yzvPl93by+iSzVCBcJEuHOGehEWTaqPSPWkuqoQw
++OVs5rxTumsWleNi7q2ucqK0CbffbABbUCa6BSD5xLt+lPOB+5TP1F20Pf0NhA43
++L/CjNuFxq59kfira2+ToT7ThvbqJNOgvxvaNfO8/QKCAgEA3wZv9jwFuw8my8GT
+rq59BrHvtLQIBNan5iPorwxo+imqJXfnCdt9Qnn95jiSgPTTVMnQF53X2xztTyul
+tagjrt4vWtqC8ffaz6q43KsPmD483QcOIj2imDONur1MwpT6Mn9C9c+qSd6q8eXK
+zE2bsZWyIvTNqw+iK2wQxgGIXCGN7230vjegb3jgKpUzD2IsBIBbcgaTvB5AsReQ
+XtEC/o+2gzll9ZXMDkoNFyw4EdGCWeg5tCSpJ95qD1xRY34mzlBE+gzndCVuyhDr
+aeTf+WPrRF1SD3gjv9LTyfgFwYUomJXHnMD6sQ9GDfxF6Uq+RvUiGJ4NrC+OOF9q
+ocEHaoCO1uUqkNWLZvRQ8b3/1jndQ0VLYIyE/LBXvyi1mo/9jFVcXqCuzsD7Dh+r
+rBTij3UutjpHoyULMFIrj9F/3RapQfP4CoKFV1iA27hq2QHyuNw6SAlrBZFvkctf
+zIvFs7SQ9ATPadIg7yJmfLZQ340RxpiKgIY22JDb4le4jBxH/HOpRWzYzF9muHrX
+4rPPaFxBxhtavbg06lvu1dFVm3fSC4q+gI240ZAtqHfz2yk34FhNW8yfDCNM0xD/
+Vjmix2I7rhIFraYirSi/Qt0tKjqwUg6WC07/tRNdU4n1mtbLl693WoKAzzX/v0BD
+SspIUvUa5sEe6d05tH7bKxaAxA0CggIBAJK9ghlXDrUScfkfSQqdsPKUCydeyrPd
+ee/5U9ifzwXgvUb19mfVESgRKV54VTW/BqCYybin/XIofp7G7MfrycQauQO2gLsu
+qWQ+KV/S03XS2XXJnNvWRdpMFTHuvpDoXhjadZ1c71DxC1yUdbTBHWaesn5SEKTa
+Pi8bxbwOA2NYzNYy8uDC3z3kRbr1gOS5PUEd/cATWPmX35zfgoSQjhyCfqvwJDtQ
+X30FVq2/al5SXgj0lYwvUFUa6ebd1HVm10FiT5nZevmYEgwRxPvEYi4xUzOYCjct
+bvLHy47w1Jy+LX7+ta0zL/dPFwVPrmiA5D2HWZvaPR880VjqJREK2OO+D7wKnu3R
+zk+0Lr+Po4YngnsJb51IEEAlezojuSpAcgRjf9YvzkC3E8x7sC8nW96ADYC96gvU
+ujMXnvolZlqtwttNcOawphLmNTNBq3gZ2JQBXj9pUjRvrCrLkXjlzbzI2ssik1YJ
+UKUKBHmVnt8nbiHD0DYUxN2efmFIcYKjj2J4A/eAYfyWPgTygUHolfkWXYNs7/3f
+7lqiSqpUUqYNEl9dz+sYB+GbS0pt7a5FzemP1bc/wfKoapJssRv0960N+YbtSdg/
+6LFEsmIAmq+9w9EspKGXZ3BfUTHIOFox7denYhbQQUpCb1R/7mRm+ttbr83uFEbj
+6VOBFGemseU9AoICAQCsGiUySe9CIy+7vECDq41cjHaCpeejDKc2WBzAMujamUzG
+o16boKtXWjMiLUKbriUf3X4GxcPme49yg870FG9Hm8lcMDk9g24TK6B4bEe7j+ua
+0KCH8AC31+wZAtwYD8rSPPoxGJk2xq8gLoq7SlKwg3wINBYIvzTppErwPiW3s47u
+TxyzFXzMt+Sewbd4ttLo2EYb/rM5Pi6fDzlIS7aJtqSfi7JMR8WuhvIVQU/oFNvc
+fQPmomjp1GnW6Tc6nK3+c6J/vj4ODZl8mKFqytIpq5YMY5+bRLT2QJVRywtOE9Uc
+8fifZvd+V5tuLA9XVSRJ4A9uWTA6rJYP0ckHJni7df9SRF+H1fs3kKsXhfBRuXc7
+VMGwIPpKaYOS3hvfx5SlWYgLsGihg82dQH7OdRilKk4Pw/DeHrRuNt5imYZ4mxOj
+KuubJC19W8XKLx7lq4YM/OHrsbjakUNEeXiKdhNR1WqmUIh1YOZ8edphqzzDnBHD
+jx3nEwBQi14Lj8t2UkALZByEDo93T+E2MG08vDC5eHHY6kIQ0HCaTCsy9NllZZ93
+9HPy4j6pvMCwZmtEunVGD8N3PclJperqHLCHPghNfCKIIIaUGjicEAGNfkPVGvR8
+Eofk3G6JJTDbpS+wL60vLidTK5FxrrHryHnoIXVJarpkHVZH/jrHPBvd3njWjw==
-----END RSA PRIVATE KEY-----
\r
[ ca_altname ]\r
# This is OK for an SSL server.\r
-nsCertType = server\r
-nsComment = "OpenSSL Generated Server Certificate"\r
-subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
\r
[ ca_client ]\r
# For normal client use this is typical\r
\r
[ ca_fclient ]\r
# This is typical in keyUsage for a client certificate.\r
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+basicConstraints = CA:false\r
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment\r
nsComment = "OpenSSL Generated Client Certificate with key usage"\r
\r
[ ca_none ]\r
-----BEGIN CERTIFICATE-----
-MIIDCzCCAnSgAwIBAgIJAOT06wOW29j4MA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV
+MIIDCzCCAnSgAwIBAgIJAM/ZHtth0ppjMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV
BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE
-CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIGV4cGlyZWQgQ0EwHhcNMDkxMjA5
-MTYyNzA5WhcNMDkxMjA4MTYyNzA5WjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG
+CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIGV4cGlyZWQgQ0EwHhcNMTAwNjI1
+MjIxMjI1WhcNMTAwNjI0MjIxMjI1WjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG
VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFzAV
BgNVBAMTDnRoZSBleHBpcmVkIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQC9AK5saP9/piHGc0T7yTCh3pf59wKFZ8AWVUciYgGmfk+PtUh3lWabYhK7cB+j
-6es3o236GLMfesl/WQAwsXHuR/aCr/NAESYdF7zthGHpxB47wHmG9XihklryOqjf
-ixCFV4SQ8RM/SJa6lHCdQvWR/u3XSegiyUlFxSkz5J/vWQIDAQABo4HSMIHPMAwG
-A1UdEwQFMAMBAf8wHQYDVR0OBBYEFAbNZ7iK5Ae28C18F4T8XKlvXHSAMIGPBgNV
-HSMEgYcwgYSAFAbNZ7iK5Ae28C18F4T8XKlvXHSAoWGkXzBdMQswCQYDVQQGEwJV
+gQDll3pV7BxBBmt4EWJoSAbtntxu9HJFAFmeTKfe6KbwY2Et7xrDCUCa+eFsP0zj
+TLFGZfYRt9eCUapvu4ADW23I+n3lJ8LGx50EN691hlik6Gbsou8AlIiOP+qml8Pg
+P+O5q/95fQe5w81rU6J2uC0UlkV6MUDUwCLbVdyIKACCcwIDAQABo4HSMIHPMAwG
+A1UdEwQFMAMBAf8wHQYDVR0OBBYEFBPFmrUjLs74syzms0fgjD6qoNktMIGPBgNV
+HSMEgYcwgYSAFBPFmrUjLs74syzms0fgjD6qoNktoWGkXzBdMQswCQYDVQQGEwJV
RzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJl
-bGF4YXRpb24xFzAVBgNVBAMTDnRoZSBleHBpcmVkIENBggkA5PTrA5bb2PgwDgYD
-VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAD3osvnJVrhT4YYWC+k5iMBP
-91KDTwsO1wIKhM9cFsQRBI8YGjhcRk5ppTXlAoXkbRIoE96nYrSAYmaizn18D1tN
-xn0AQ21tUTwxZzKi+scDHoyeC0DFEHJJpDqRwhctazp+gS8bjnKmLHwCyDBoeRb6
-t4+7FZ7HIwpPNQDEqBtu
+bGF4YXRpb24xFzAVBgNVBAMTDnRoZSBleHBpcmVkIENBggkAz9ke22HSmmMwDgYD
+VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAKhHJgffYkhXolcrquQpMWzi
+I5mwU8Z627GMNAi0dD8IBrZxDOVcj2UTX5YCmPdOfqpvWu4v1AJgW+VyRIe2AF+Z
+0/CqTLgxmCV0+PyjYzxmaPqnrGW+pRcgRIIF6MNTSjdT29NEazcO76A4WTNBtasf
+2OHUxT+c17IlmEnJToRE
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQC9AK5saP9/piHGc0T7yTCh3pf59wKFZ8AWVUciYgGmfk+PtUh3
-lWabYhK7cB+j6es3o236GLMfesl/WQAwsXHuR/aCr/NAESYdF7zthGHpxB47wHmG
-9XihklryOqjfixCFV4SQ8RM/SJa6lHCdQvWR/u3XSegiyUlFxSkz5J/vWQIDAQAB
-AoGAZlgYG1w//j9Xyr5gfHdVflGquhCnrNWhjnZfLp8jhaSgMJFZzGd6SGmy+wyc
-FYZ1eItm4ia92C4FLpBjKfrsVcu28cCAHgBeAQ6BmLk9oRGJMxwjs5QXz8YmVaGl
-Rac6R/7oiBSWxL8SabFAq5i/OgVxRoDGLpTj3ymQHgKMggECQQD1jvRBjeMFXBBy
-q7HD8L6VuufSZo87nfVZy2DTFZJJq2q4UyD0Ms89obkWmJmT5T86LPMAfNe7vsVQ
-3nK1TWjdAkEAxQoVw61lWk2d+5zWroGZaaOyxCC0YVxgSi0HxGjGWwS8BvOFtRge
-Kxt+HjOuFxgJVAXTiUUYEreZ+v3Uq+Y6rQJAdpiIV3DTiC8isn9B58RKB76xX+iw
-nLZ5XNjg9pGgiXwEmulrLQWtGbMV1Vf2NHuvwcUbx8yD1OUaHyiQdgfg8QJAaj98
-6u32KBKQbNvum1zA58jgnYdxHMreFUFg3dUNmIjeBvWLlNIzelUx1YFSj5tjdE5L
-+corJ/Se8EutQSA9ZQJAQnOKQsZ2wHJPUM52gyq+YETtAB1qsexeuhSJWs1v2dOk
-tWuapfHTQ9AzrUZTGJ3W3h+uXcR4DXMy1I/urG/l3A==
+MIICWwIBAAKBgQDll3pV7BxBBmt4EWJoSAbtntxu9HJFAFmeTKfe6KbwY2Et7xrD
+CUCa+eFsP0zjTLFGZfYRt9eCUapvu4ADW23I+n3lJ8LGx50EN691hlik6Gbsou8A
+lIiOP+qml8PgP+O5q/95fQe5w81rU6J2uC0UlkV6MUDUwCLbVdyIKACCcwIDAQAB
+AoGAVgdtmraPW7o5GNOCyUp79hv5w0Wrb7mS2yMkH/2TWC4U4u5eW8iiwa9yTWpm
+uCErqBJaowb9JOLO93ENpbRjrR5zgejIKj4DFPS4SjAf0WTbeBFy8I0Q3M+btRQ2
+4hsl2eXSjSYjT8OlEsaNpAmcyhUsGn/wjFQ7sOeXXVXRc+kCQQD+MY06BGR/1xbn
+BJBMawbj5O39poQMyc87YuJPrNKFRae50dxCwXO/0L2TGslISk4QuHuznTXueJpd
+pgWNYSXPAkEA5zkrLB0yUHlzmRs+X80Y3bACnkm/ck671/rmkcBmZBUOtRL9XiF5
+qP3E2MNdAfV7CWFBYBhP3UnVhNxLnJWmHQJAIl9U94lshZTyNd76HDtEvUBRpkEE
+Di6j5SXj8F4wQXE/0vK71BMQsdlqKSAwI6RYlg48O/eAOXT5erxed9WxJQJAI42R
+ytWub9tM4ATlYVuq8CNpM6eJTW03yuzkWRLpa4glW8hQtxGUoFxs0RuxCGUThwyy
+PbFfTlpU/3nUEn6cLQJAcj6DrvRMlq7ooTTSeYz3FCV5XyfOOz4Chv8IEDntGSz2
+QYia78JPbX+mUgFMV40eAr2PcHa9aih1rXK7K8H1hA==
-----END RSA PRIVATE KEY-----
\r
[ ca_altname ]\r
# This is OK for an SSL server.\r
-nsCertType = server\r
-nsComment = "OpenSSL Generated Server Certificate"\r
-subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
\r
[ ca_client ]\r
# For normal client use this is typical\r
\r
[ ca_fclient ]\r
# This is typical in keyUsage for a client certificate.\r
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+basicConstraints = CA:false\r
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment\r
nsComment = "OpenSSL Generated Client Certificate with key usage"\r
\r
[ ca_none ]\r
-----BEGIN CERTIFICATE-----
-MIIDAjCCAmugAwIBAgIJAO0FFDQThQMjMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
+MIIDAjCCAmugAwIBAgIJAKVvazX2US7ZMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE
-CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIGZha2UgQ0EwHhcNMDkxMjA5MTYy
-NjEwWhcNMzcwNDI2MTYyNjEwWjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv
+CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIGZha2UgQ0EwHhcNMTAwNjI1MjIx
+MjExWhcNMzcxMTEwMjIxMjExWjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv
cGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFDASBgNV
-BAMTC3RoZSBmYWtlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcesdY
-OZsBJPCJvQicfeyNM4uZT30FhKTO47/SrQiotN9nE36oUVzqQ096RBGrxxGDEYae
-xqa8p3gHp9urqAteHb6MhimkASns68UwS9VwBjqkKTz9TV91MgPAgUcYkxuIOff+
-sYUYXDUQSExTWuzb4xlG5+wfrqryYEQkORWD+QIDAQABo4HPMIHMMAwGA1UdEwQF
-MAMBAf8wHQYDVR0OBBYEFN07u5oRDwxZe3RIxhCNSOD9rXhuMIGMBgNVHSMEgYQw
-gYGAFN07u5oRDwxZe3RIxhCNSOD9rXhuoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G
+BAMTC3RoZSBmYWtlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfr8Pn
+rTOlD5veGlkfyumuK4424yLtahHj7ApjdRZIcXO8yHmGeMPhBg+k+Apdi2m1j9o5
+SW9gQQ0ZVP4ECllFfJqsp9YWJrAojgy6n3jj/8RHJdMP8v6d5GKJOL5157vcl7xN
+ThRJp9WdQK9+aR3/PnD+pB7uqag9E+CYU8JgMwIDAQABo4HPMIHMMAwGA1UdEwQF
+MAMBAf8wHQYDVR0OBBYEFL+4vx9H6I88ZWKAuWkmtJMSVVveMIGMBgNVHSMEgYQw
+gYGAFL+4vx9H6I88ZWKAuWkmtJMSVVveoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G
A1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRp
-b24xFDASBgNVBAMTC3RoZSBmYWtlIENBggkA7QUUNBOFAyMwDgYDVR0PAQH/BAQD
-AgEGMA0GCSqGSIb3DQEBBQUAA4GBAG26hxwZ/ov3Qz9q2Cc24SNxgSu8WkjFNJBD
-yEcZx0JTRMkHCCuEqYhgOjcMCD5imXydDCCFYG5XWJcdJImZqYSRdyd8KZyXE6xi
-gTYZhLuOmNIzekwMee9QhOeYuXbghpDp85ID4gbdVfVh7K6M+/Ro+5qrDQyz58Vi
-WiUn4Ezn
+b24xFDASBgNVBAMTC3RoZSBmYWtlIENBggkApW9rNfZRLtkwDgYDVR0PAQH/BAQD
+AgEGMA0GCSqGSIb3DQEBBQUAA4GBAFMy1KPcvdJpKPFOaeYHPLzM5YA3m+3Qz5aP
+F+yPWOa/yG3Uh+xMa6MqPBeOppNlzMzRoTuQlp6Dw951+fWv57P/d6HCGLyCVs7n
+CVJGYr6Q7mPmq1fgcM/OrKIXnGd/oqmmYmkzKCFn+13lnKof6LGMAnEeNMa+ewQO
+ffPHXdeZ
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDcesdYOZsBJPCJvQicfeyNM4uZT30FhKTO47/SrQiotN9nE36o
-UVzqQ096RBGrxxGDEYaexqa8p3gHp9urqAteHb6MhimkASns68UwS9VwBjqkKTz9
-TV91MgPAgUcYkxuIOff+sYUYXDUQSExTWuzb4xlG5+wfrqryYEQkORWD+QIDAQAB
-AoGBAJesy0hxUKYH4IYRCkSGCF7XD/knCs3qA2rkmMj5CpTs4SdK7P4kAvSR27Iz
-86glqXFudBr0dC4iU1uI6YD8eNw+VqiYJDSICk01DV/lHfuvu8k8nEgTgZekjgfC
-ax+xiQbvtGko4v4Fz0Wutz6foWzevJeHd21JDhvw73a2EnkBAkEA8QDOTRt1KrsB
-erC8scTuMrWu4bKSjqOSHtihzE3ZKcQrIMSp9Xmt+tmskhLhOFKkAkyUZ3I5lExi
-yJKhw+3FGQJBAOozCBXnLQN3vf3fUMwsyorb4S6jlZlvmxBGQQ01D5Msg3kV75fp
-4AnlAiNpA/w01mZxpAcjxhwH5SafMCwdseECQQCVf9h5wISoIyVBxIzpAa55SnbX
-jvyW+yTTebK0l74UyJmwVA7SNc8VAx6n5opLdAhFXNfaa+MH+XJ11W//qGlRAkBb
-/Xt5jvpBWHFKHMNRz24nKMLEXQDP6eSQeefnViYt+tgRYapgkz6q5Eb4vbERCXgF
-eTGilEymiftaNkDnsypBAkBdych3aA7N186aNQ+KPN+nfnWcMyYh9yQm3VzKsT1R
-7Nh4rf3yB/Y4AI4E/qfeMr0vbWYoqft+hmE0rPNCskO+
+MIICXAIBAAKBgQCfr8PnrTOlD5veGlkfyumuK4424yLtahHj7ApjdRZIcXO8yHmG
+eMPhBg+k+Apdi2m1j9o5SW9gQQ0ZVP4ECllFfJqsp9YWJrAojgy6n3jj/8RHJdMP
+8v6d5GKJOL5157vcl7xNThRJp9WdQK9+aR3/PnD+pB7uqag9E+CYU8JgMwIDAQAB
+AoGAXCvT5DHxEWFFEpoav2McJtA1MjFAw9DpqqlgBbBbwEzcBSeiHaAvT/9zoEEb
+mosR5R63U0Gz69cgfHK2fBaNF8k5motVwvMncUci78vq/sXNjP2p4sxcmfdEtkjN
+7ArWiQEJeH2mlTAT7lBixQ4CsJoGWraaIZwWTeYnunsk5IECQQDNGfLDoBZpgpWK
++6xVHWTxLoaonvky9i2ZtEs5rN1HT6rAuGp8KidCuF6sLcl7EDrmtPuwHuwcfMAD
+uwwduEmRAkEAx1Cf3vUR5YzUjszK8sR0hXlIVMTGOqL3BPwOv8cl9BQHc4srx3+6
+/z4eQapbIj8LJxjNWSeOwixeTv3wrNOLgwJBAIG0SC7ofWPqHfIPqHMHLL/NQYE/
+T66nujy6pNvrcuBXBE/uEAFHkx6Bg/V02zbFE8q0Z3qAg6acSb3SOx5MXdECQGGY
+DtADO+IklSffCzjYDR4WBt7LAy1PAplEOoyZHPJopEVlTeh/mLbGWdZZbgpUyEc6
+k8Il5ncZdoxDN4fIhbUCQCVVQ79lx2BPDbEMNEDQFfLf1knzGou9zkQvPBY9DLID
+qg5DeB0o09IXskN6sUn1DwZNqpp/uJ3Yll8L6YscHfU=
-----END RSA PRIVATE KEY-----
\r
[ ca_altname ]\r
# This is OK for an SSL server.\r
-nsCertType = server\r
-nsComment = "OpenSSL Generated Server Certificate"\r
-subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
\r
[ ca_client ]\r
# For normal client use this is typical\r
\r
[ ca_fclient ]\r
# This is typical in keyUsage for a client certificate.\r
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+basicConstraints = CA:false\r
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment\r
nsComment = "OpenSSL Generated Client Certificate with key usage"\r
\r
[ ca_none ]\r
-----BEGIN CERTIFICATE-----
-MIIDFDCCAn2gAwIBAgIJAMam5pwcE352MA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
+MIIDFDCCAn2gAwIBAgIJAP4ib3u5evgHMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE
-CxMKUmVsYXhhdGlvbjEaMBgGA1UEAxMRdGhlIG5va2V5dXNhZ2UgQ0EwHhcNMDkx
-MjA5MTYyNzA5WhcNMzcwNDI2MTYyNzA5WjBgMQswCQYDVQQGEwJVRzEPMA0GA1UE
+CxMKUmVsYXhhdGlvbjEaMBgGA1UEAxMRdGhlIG5va2V5dXNhZ2UgQ0EwHhcNMTAw
+NjI1MjIxMjI1WhcNMzcxMTEwMjIxMjI1WjBgMQswCQYDVQQGEwJVRzEPMA0GA1UE
BxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24x
GjAYBgNVBAMTEXRoZSBub2tleXVzYWdlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GN
-ADCBiQKBgQC1sDcjw5TH+LYj2sNRaR5CEo4zecP3nMyGWL1B84HEDBejvNXMZbpk
-FV6aWc/aIsZjM1NVKDBx4OH+JimjX1y1TnURlq0k4S/4/cqPxIX6wY2Om0QF418l
-6yVEcXPFkGvfM22MkNDdukpBxYIUYAlcoEflb0wVNXR0LD0cqaWtkQIDAQABo4HV
-MIHSMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFHtqwoVzbfSCBoAchgVr0Kdlb+QN
-MIGSBgNVHSMEgYowgYeAFHtqwoVzbfSCBoAchgVr0Kdlb+QNoWSkYjBgMQswCQYD
+ADCBiQKBgQDEb+cTEwQ0wmoCatX+1Xnw06c6J6RCcw7/Q16mGnsRZR7nlNnyNbpQ
+nTNzUJDPJMpT9LyVT+4FxpSQOadYYlAs2QnWCeWhf5cg1nJg1apziN5vdQRmRL1R
+QXYeKATsDSflbEq1zRkl5KFKjoPXVvd8fhd/RiWosRgR8i7MFiAu+wIDAQABo4HV
+MIHSMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFMNdOUrN7cyegclV4IzqyR979Xhy
+MIGSBgNVHSMEgYowgYeAFMNdOUrN7cyegclV4IzqyR979XhyoWSkYjBgMQswCQYD
VQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNV
-BAsTClJlbGF4YXRpb24xGjAYBgNVBAMTEXRoZSBub2tleXVzYWdlIENBggkAxqbm
-nBwTfnYwDgYDVR0PAQH/BAQDAgECMA0GCSqGSIb3DQEBBQUAA4GBADhep4H9Lnfm
-uoKLUR4Xuyvnv8OvvVtqMO/Gk35nv645jqoFfLMX/hWnMke7vd0oUiMoWo5B9wlN
-CWW2z14rRg75aX08SCT1XE5UAdrBQJIbKzFRGoEKzRyukfMCoX4K3mVdGwH7igoH
-sF8HmwdlUOl0gaagKM1qWkQrcHGNLEeq
+BAsTClJlbGF4YXRpb24xGjAYBgNVBAMTEXRoZSBub2tleXVzYWdlIENBggkA/iJv
+e7l6+AcwDgYDVR0PAQH/BAQDAgECMA0GCSqGSIb3DQEBBQUAA4GBAJ2gRFh9wfmP
+tUi95DckyNKzQnc4zML3N5sAtT29rfay0dfr1Gfqa5b4UPFhRP8NJ1rdZd4LNDWR
+x1mje5wByodEd7M/YsnCj9wxYato3NBMc/G8+kK72ar+6PogbuvU1sNq12zBzVhx
+aYk14tUj0dkgoJIqlqQs/wLi157Cvxu1
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQC1sDcjw5TH+LYj2sNRaR5CEo4zecP3nMyGWL1B84HEDBejvNXM
-ZbpkFV6aWc/aIsZjM1NVKDBx4OH+JimjX1y1TnURlq0k4S/4/cqPxIX6wY2Om0QF
-418l6yVEcXPFkGvfM22MkNDdukpBxYIUYAlcoEflb0wVNXR0LD0cqaWtkQIDAQAB
-AoGAYPvCQzX4alIpr7PrxL4u56gN/g5GfBtX1XLy+4xnPWYTDFUVbvjyaNA7YnsE
-h3U+nt9b4T4FthQLrmVinpGd40ZOzbRXmY7K9QyUmFobGlQNK+TT+wKdF0brajiJ
-bMwk2j65vmNVflmRe4lyq6FV+1oyj+WzkXOKwOpmURZICxECQQDx2xE1IIij4T1Q
-i135ujGsFQhvcSBRNJgtevHTblcoQULEvE1zV1wWg2eIZu1CqwLkrJOMxn8Q1Mv7
-jR/qIULFAkEAwFBayrnx75LdBSxdvsx8HRtiDsIePkf1InLpOAF8CS72W2rRniNE
-mef+hWPiXRK80KkoPpHMgalDEFdFAeV8XQI/VBTU5qNo3ZBwwI+zHB6fJjQpupSZ
-p6GhRi535Al4Q4Zsr/jG9FJqsWj9lW4zDfpmBxn4MfjQNAnG4K0vazYlAkEAnJZQ
-9tRki/92+ylew2ZYgJK1SvMAERIiJQSPpMyApDGa4mCdgTeSOgbOFOp5e/Mvzm6N
-mDS64bBiLMICLEMg+QJANy+y9S7o5eH+svlRYcj9DNdqD41JLsBE3q+60S/cv85W
-eX5Oc3j+c0O/JPO8UxFoYAlDCfVQd2937kiNz19MHg==
+MIICWwIBAAKBgQDEb+cTEwQ0wmoCatX+1Xnw06c6J6RCcw7/Q16mGnsRZR7nlNny
+NbpQnTNzUJDPJMpT9LyVT+4FxpSQOadYYlAs2QnWCeWhf5cg1nJg1apziN5vdQRm
+RL1RQXYeKATsDSflbEq1zRkl5KFKjoPXVvd8fhd/RiWosRgR8i7MFiAu+wIDAQAB
+AoGAG39mo17oGdKVMF1wM0oC1dlq8VMXRU4B7W2q1CmkzJyRJO3LTIKE4EABMcU3
+YCfQQsxhka0srpZLuZy4dkDc5Att1WKjmkXMmzMANVLpt9F+RRYR+LY5R35lYocZ
+NrlgqIThVZmfCxWDTw537TeMAt2512PEK4aPT1YMx+Rbp8ECQQDqUYLPDLsqJmxD
+IARo7bBfR8+Pb7EpnwKK34rmc4EMS31g+uWI2Nda1v4UbvhcRmghfKHK2FKRBl8e
+btiL9l2RAkEA1p0RMY4lFK0eoBAbCkJ2Y9n4kbmTcnYMa44fRQkUUGhE100QwZUP
+9bcyJA0Q/+dQsxctsQDliU2kKsERs3mtywJAM5FCv3xmyGzyUIeAUPNWaHGuXTvQ
+en9zGMr/j54F3YXTjv9Ieqh2JJjCDA8r+2rHSe9a0ABxk1caoeD1KUBL8QJAW9oT
+bsMoiaXicp0SBZ0WcHvsz+m9+oIdpLbKGVDeed92fzNDlaaHkyGZ+yYAfZXxywSD
+kLsSgmZRed7yBX9xawJAbXK1BIlZvO5DM0E64WTDgXA9MfNzRvpLO60dPZQ8T9o4
+NWL76ZFn3I/FUswg+iTzUOI2BNLC+kfxhFuAJ4sMQg==
-----END RSA PRIVATE KEY-----
\r
[ ca_altname ]\r
# This is OK for an SSL server.\r
-nsCertType = server\r
-nsComment = "OpenSSL Generated Server Certificate"\r
-subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
\r
[ ca_client ]\r
# For normal client use this is typical\r
\r
[ ca_fclient ]\r
# This is typical in keyUsage for a client certificate.\r
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+basicConstraints = CA:false\r
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment\r
nsComment = "OpenSSL Generated Client Certificate with key usage"\r
\r
[ ca_none ]\r
\r
[ ca_altname ]\r
# This is OK for an SSL server.\r
-nsCertType = server\r
-nsComment = "OpenSSL Generated Server Certificate"\r
-subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
\r
[ ca_client ]\r
# For normal client use this is typical\r
\r
[ ca_fclient ]\r
# This is typical in keyUsage for a client certificate.\r
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+basicConstraints = CA:false\r
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment\r
nsComment = "OpenSSL Generated Client Certificate with key usage"\r
\r
[ ca_none ]\r
-----BEGIN CERTIFICATE-----
-MIIDAjCCAmugAwIBAgIJAN70gOiGeHNkMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
+MIIDAjCCAmugAwIBAgIJAKPwci2cZB+IMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE
-CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIHJvb3QgQ0EwHhcNMDkxMjA5MTYy
-NzA5WhcNMzcwNDI2MTYyNzA5WjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv
+CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIHJvb3QgQ0EwHhcNMTAwNjI1MjIx
+MjI1WhcNMzcxMTEwMjIxMjI1WjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv
cGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFDASBgNV
-BAMTC3RoZSByb290IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDsBAlZ
-L671sIktcVJcoEYdHMqtLlf/RYJt0da0upIWRxXvpS28UDOGkiGXqqXNgayWTrf6
-ecBYAnfXjIDCG42RQiEzcnHQWTyGhVKclGgeXv49B1Fn1hH77wMhQrtyUbMhvSGI
-sRHYv4EH45UOLVtQc4fGa9x7LgP6cJg9i1+DGQIDAQABo4HPMIHMMAwGA1UdEwQF
-MAMBAf8wHQYDVR0OBBYEFL2h6oGN//VQZjdV1+QmQMKpOD7EMIGMBgNVHSMEgYQw
-gYGAFL2h6oGN//VQZjdV1+QmQMKpOD7EoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G
+BAMTC3RoZSByb290IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD3Xbxr
+R7Xaui+bCPfxnADGQoD3ZR9KYu5gZx+zWpZ4gjPV5fvF7jLnSBSGnepxfgWNa+rE
+EzLinQgmAxln2HZ1JtxqAxOQ8l7e8FagcCMs51DfqADwe6n1vjJsbqSRGPPQ+rA6
+WgjJKWVbj1wvMzArEWeKhwC2FrXmJZJcb+y64wIDAQABo4HPMIHMMAwGA1UdEwQF
+MAMBAf8wHQYDVR0OBBYEFO+Ct/l3PXlQnwNVePRqDWw0i2MrMIGMBgNVHSMEgYQw
+gYGAFO+Ct/l3PXlQnwNVePRqDWw0i2MroV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G
A1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRp
-b24xFDASBgNVBAMTC3RoZSByb290IENBggkA3vSA6IZ4c2QwDgYDVR0PAQH/BAQD
-AgEGMA0GCSqGSIb3DQEBBQUAA4GBAI0KSvSjFgzWR26b8N9jpU/20Nw6xH6uS2AF
-czdqlJxBJZKzPCOkfPB2oh82CTcebzdDOWOOqa0Sft65s8wTqHeG7JS6BnceiNKL
-w6dj4WBgvgWBgl4euue0wlTQLOd849cvKOlOfFZmtwOjqIV/Bc2+VXPXkLGe66z8
-wMLCxTdo
+b24xFDASBgNVBAMTC3RoZSByb290IENBggkAo/ByLZxkH4gwDgYDVR0PAQH/BAQD
+AgEGMA0GCSqGSIb3DQEBBQUAA4GBACA2exy3+TjDp+o2ZTL3KGpN/GzG/bHglZ1T
+Bw7g6ssU4JzioruBBd1hl0kRGexSCcEq5IW0cnh1UKtzm22H6fH+fJQlLiLRMnhx
+puA6h9hr/jyNU/y+70KhI5XJyecALVgDbovcgmtk8bKfGYadV+aimCNaRWGQPdR5
+gRSPFFas
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDsBAlZL671sIktcVJcoEYdHMqtLlf/RYJt0da0upIWRxXvpS28
-UDOGkiGXqqXNgayWTrf6ecBYAnfXjIDCG42RQiEzcnHQWTyGhVKclGgeXv49B1Fn
-1hH77wMhQrtyUbMhvSGIsRHYv4EH45UOLVtQc4fGa9x7LgP6cJg9i1+DGQIDAQAB
-AoGBAIqwKIonEgm/7iws7jgN2oWa+KJhnEYeI3HDIAbdp6C9ru8+wixpeI24a1MD
-bSDg9Xjx0vy19MgC00dvge4OYNX86ec28N2PmERPNzilqFMj5sGNx2BWArnJT6fV
-odkQ6UIh+USMiAk6xGpo68T+jBt6DyK81sCOL90PCCRQDoKNAkEA/DqnJOG7xU5Z
-glsf226XE+U1UDyK/ePHnIOHIV1D/4x0aIAvFqeyER5+iTILnoWT0YepaDoM+tWY
-9xzjvQ2qPwJBAO+LVLRpYdn2YSGMUxVvLt4RJKr7zQ+SwwC+wi+b3VmS+iCGXwWu
-QX3eFbtRlmv35d9b5xcaA/eoOGMoiozljKcCQFC0y8qnWBe4DDgDxFvINRsumjKE
-TM0UV0ijZVetqhZY8N6HNYoAOp/zq/VmSAV/JF9FE1XATWrtcbaQTeauOq0CQBM3
-8IHQ+qLMG5rfcUME+pOieHinXxpiwfZrV5UOQkIPgrXdUf5YrrR0fvXaY+EhsHWt
-H+tAkRTrkCqUdBk9yX0CQQDh6J7uGU44tvMwxgc9jSqib5DqgflzF3hXJpLhZX8S
-Y9GaWp6pfrZUH0E46f7aorAaTeZ/4GobazC9VLcK5wPK
+MIICXAIBAAKBgQD3XbxrR7Xaui+bCPfxnADGQoD3ZR9KYu5gZx+zWpZ4gjPV5fvF
+7jLnSBSGnepxfgWNa+rEEzLinQgmAxln2HZ1JtxqAxOQ8l7e8FagcCMs51DfqADw
+e6n1vjJsbqSRGPPQ+rA6WgjJKWVbj1wvMzArEWeKhwC2FrXmJZJcb+y64wIDAQAB
+AoGAKRW7hsH5VWPZJlHeBJYZltRS4UQ9Zzh5SS+3ly1zkn5lp6A0KhK/B6T0K8us
+tb7toyiKbJiXugXE5bNcE+BjBAye91o2aH2SOjV0ougcAlBOD6G9QYuKK7VISoSO
+R9gyJ8TPVfi6VYI7jgTULDDhG75PaMt7tt4tB3p7C7v/HsECQQD/l75TSv+OV4/K
+esEWLtGrl+1VokETlZEtN0LheyC/cfobECJoYEu4LtDWM652U9z+9TbqmQ1buAPP
+J64iQSdDAkEA98KjDRZf3G1Kf6gTc3lkI7N94sbXptV/jhac+/x8QyodpE8ZwN+W
+qhRdCocwNXT5HO6qv/oB0k0UU3zzJC/T4QJAPOnqNymhnEfsAgKdb+76k12i94yy
+27sCnXcVHm3c0SOVystel+eTRDMMHHC2vIaiHbVNQD33vAswBTfcvVcvxwJAJxE7
+4K5sgzeAjcyU9Jppne+JpB6ylo4HxQHv0xQnC/gyIFyQtQcMnNkFKsnSYjuFpHhF
+2Gu1qdGZqOiE9mnMQQJBAMnRkXDEfejVfzNpMEl/lA9pGD2b4h1tRrim5EWgyg/w
+/dbmw7Fz5TC5ve/cX4/Lft91NM6zTttxPOWfaslY0g8=
-----END RSA PRIVATE KEY-----
--- /dev/null
+### req command\r
+\r
+oid_section = new_oids\r
+\r
+[ new_oids ]\r
+limitedProxyOid = 1.3.6.1.4.1.3536.1.1.1.9\r
+\r
+[ req ]\r
+default_bits = 1024\r
+distinguished_name = req_distinguished_name\r
+\r
+[ req_distinguished_name ]\r
+\r
+[ ca_cert_req ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier = hash\r
+authorityKeyIdentifier = keyid:always,issuer:always\r
+keyUsage = critical, cRLSign, keyCertSign\r
+\r
+[ ca_cert_req_nokeyusage ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier = hash\r
+authorityKeyIdentifier = keyid:always,issuer:always\r
+keyUsage = critical, cRLSign\r
+\r
+[ proxy_cert_req ]\r
+\r
+[ proxy_proxy_cert_req ]\r
+\r
+#### ca command\r
+\r
+[ca]\r
+default_ca = CA_default\r
+\r
+[CA_default]\r
+dir = $ENV::CASROOT/slash-ca\r
+database = $dir/index.txt\r
+serial = $dir/serial.txt\r
+default_md = sha1\r
+\r
+certificate = $dir/slash.cert\r
+private_key = $dir/slash.priv\r
+\r
+policy = policy_any\r
+\r
+[policy_any]\r
+countryName = supplied\r
+stateOrProvinceName = optional\r
+localityName = optional\r
+organizationName = optional\r
+organizationalUnitName = optional\r
+commonName = supplied\r
+emailAddress = optional\r
+userId = optional\r
+serialNumber = optional\r
+\r
+[ ca_cert ]\r
+basicConstraints = CA:TRUE\r
+\r
+\r
+[ ca_server ]\r
+# This is OK for an SSL server.\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+# For an object signing certificate this would be used.\r
+# nsCertType = objsign\r
+\r
+[ ca_altname ]\r
+# This is OK for an SSL server.\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+\r
+[ ca_client ]\r
+# For normal client use this is typical\r
+nsCertType = client, email\r
+nsComment = "OpenSSL Generated Client Certificate"\r
+\r
+[ ca_clientserver ]\r
+# For normal client use this is typical\r
+nsCertType = server, client, email\r
+nsComment = "OpenSSL Generated Client Server Certificate"\r
+\r
+[ ca_fclient ]\r
+# This is typical in keyUsage for a client certificate.\r
+basicConstraints = CA:false\r
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment\r
+nsComment = "OpenSSL Generated Client Certificate with key usage"\r
+\r
+[ ca_none ]\r
+nsComment = "OpenSSL Generated Client Certificate without Flags"\r
+\r
+[ proxy_none ]\r
+keyUsage = critical,digitalSignature,keyEncipherment\r
+\r
+[ proxy_invalid_usage ]\r
+keyUsage = critical,keyEncipherment\r
+\r
+[ proxy_rfc_pathLen1 ]\r
+proxyCertInfo=critical,language:id-ppl-inheritAll,pathlen:1\r
+\r
+[ proxy_rfc ]\r
+proxyCertInfo=critical,language:id-ppl-inheritAll\r
+\r
+[ proxy_rfc_anypolicy ]\r
+proxyCertInfo=critical,language:id-ppl-anyLanguage,policy:text:AB\r
+\r
+[ proxy_rfc_independent ]\r
+proxyCertInfo=critical,language:id-ppl-independent,pathlen:1\r
+\r
+[ proxy_rfc_limited ]\r
+proxyCertInfo=critical,language:limitedProxyOid\r
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDRzCCArCgAwIBAgIJAMTbGNNQrnREMA0GCSqGSIb3DQEBBQUAMHExCzAJBgNV
+BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxOjA4BgNVBAoTMWh0dHA6Ly9zbGFzaC5z
+bGFzaC5lZHU6NzY1Ni90ZXN0aW5nL09VPVJlbGF4YXRpb24xFTATBgNVBAMTDHRo
+ZSBzbGFzaCBDQTAeFw0xMDA2MjUyMjEyMjVaFw0zNzExMTAyMjEyMjVaMHExCzAJ
+BgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxOjA4BgNVBAoTMWh0dHA6Ly9zbGFz
+aC5zbGFzaC5lZHU6NzY1Ni90ZXN0aW5nL09VPVJlbGF4YXRpb24xFTATBgNVBAMT
+DHRoZSBzbGFzaCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAx3Ck+l7D
+XRpo7jsSiS3CJ3Osjw3CPvycKlHRkeJcvtNZueOqYDXclAOO+VGzF/49mwRzCuoa
+on+IRKv+OA71Br8dwgLsC/nUR+WH9JZ3bC4sbkBoD7T6CxhqSY2tm12Y7dv6WuAz
+M+B5C1NggvBQRBVWl6jqH5Ib/Z3F2oZDilECAwEAAaOB5jCB4zAMBgNVHRMEBTAD
+AQH/MB0GA1UdDgQWBBQZkkN1mCO6+lLipSePgV4pVbi9YTCBowYDVR0jBIGbMIGY
+gBQZkkN1mCO6+lLipSePgV4pVbi9YaF1pHMwcTELMAkGA1UEBhMCVUcxDzANBgNV
+BAcTBlRyb3BpYzE6MDgGA1UEChMxaHR0cDovL3NsYXNoLnNsYXNoLmVkdTo3NjU2
+L3Rlc3RpbmcvT1U9UmVsYXhhdGlvbjEVMBMGA1UEAxMMdGhlIHNsYXNoIENBggkA
+xNsY01CudEQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAFu4FQsK
+SZWMpCr2ENrTVVNxoIKFT8YRnVPl3VGtRWuD7pYo1wVc79l00ov/4GWt7G7TEced
+GVT0dhKXpQq52SoBp7F0gN9JKSwZ7I/n8nKt1gJXFSONVhIGeO1CUNd4gQRPbD67
+iti16W3+hF964PudHuMdxZDLCAxG8dciCzsz
+-----END CERTIFICATE-----
--- /dev/null
+# Namespace for the /C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA"
+TO Issuer "/C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA" PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"
+
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQDHcKT6XsNdGmjuOxKJLcInc6yPDcI+/JwqUdGR4ly+01m546pg
+NdyUA475UbMX/j2bBHMK6hqif4hEq/44DvUGvx3CAuwL+dRH5Yf0lndsLixuQGgP
+tPoLGGpJja2bXZjt2/pa4DMz4HkLU2CC8FBEFVaXqOofkhv9ncXahkOKUQIDAQAB
+AoGBAIM0xSR9sVMP69ZGgJREyUVBIVXffFoJwAdLWm76F3/m9VGIyG6RILMzgBzf
+tc3kEc1o6PJWPv2GnzRmXlGs7V6+kNpsFZw6+WsaUslhzdHqBRV2+Bonunkyo/7+
+BzUtmnd3sSvHcFHHSzS48XgEqSiBtRtvp65lJveTjHQVYL1RAkEA/bX2Q7A5ZXZG
+SXnhBQzcr4uks0BE5MQZPHuadRfD/TVkdL2mI+Icy7lnhzhTA5y4YJbTeLXUh+Wa
+X99S1mCCVQJBAMk9UwGQAQ5Bq+tn5XoP++YFCPb43dgoTneiFEFDP3nNy7aqqu9Y
+D0N1uPJE9ISgOs0N08ajijSFji96VkyNPA0CQQCV9Qcp2u8R2WaR50fpBEEsQQ2I
+JWSTEpUX+rbAnttovjYyCiY471y1zVAzzEbEy8zuyjcUEeUcrckhAY6kx0ZBAkBY
+PyceQUrlOJEuauIrk8TPypdyzhFij9JRDec580ZroH5bvR22VXRkDcSroOdlHWqL
+ryuWKPMbMxH16fzcFvclAkEAyHkKHV9m84Q7Fpke74BmdSj6hT786CEA79DGLLv3
+WbxzeFPDfl+QiP9vdkSYGiJY4zWe68HcZwMu9ZFpzhZDHA==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+# Signing policy file for the /C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA"
+access_id_CA X509 '/C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA'
+pos_rights globus CA:sign
+cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"'
-V 370426162710Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA
+V 371110221225Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA
\r
[ ca_altname ]\r
# This is OK for an SSL server.\r
-nsCertType = server\r
-nsComment = "OpenSSL Generated Server Certificate"\r
-subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
\r
[ ca_client ]\r
# For normal client use this is typical\r
\r
[ ca_fclient ]\r
# This is typical in keyUsage for a client certificate.\r
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+basicConstraints = CA:false\r
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment\r
nsComment = "OpenSSL Generated Client Certificate with key usage"\r
\r
[ ca_none ]\r
Signature Algorithm: md5WithRSAEncryption
Issuer: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the root CA
Validity
- Not Before: Dec 9 16:27:10 2009 GMT
- Not After : Apr 26 16:27:10 2037 GMT
+ Not Before: Jun 25 22:12:25 2010 GMT
+ Not After : Nov 10 22:12:25 2037 GMT
Subject: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the subca CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:c6:2d:d0:cd:2c:7d:2d:5e:96:a6:3d:78:62:97:
- bd:da:51:33:95:8a:24:0f:8d:fd:14:b1:fa:b3:ac:
- eb:f8:e9:f3:31:3b:f7:f3:c1:f6:e0:5a:bf:9b:93:
- 22:08:ec:f2:09:55:58:44:bd:c5:bb:07:c0:8c:bc:
- 7d:9c:04:66:51:b3:26:d8:d9:37:76:6e:ca:88:ef:
- b2:cd:43:cf:e9:3a:61:fc:2e:30:96:90:fa:8b:8b:
- ce:7b:3a:64:a5:0f:a1:9d:c2:25:0a:21:ee:ed:be:
- ce:d1:ea:0f:6e:20:36:7c:e8:f1:8a:ca:6c:4e:3c:
- 41:46:c5:4d:40:aa:09:91:27
+ 00:d5:1f:73:79:e9:87:d4:69:c7:e0:b5:df:34:57:
+ d4:d1:51:a0:62:32:e5:e0:63:26:d3:72:ef:f5:58:
+ 1e:69:89:8e:51:7f:21:62:4e:e8:3e:22:8d:fc:28:
+ a4:5c:9d:67:5d:b1:53:0a:22:30:c6:0b:0b:79:ca:
+ 96:cd:f3:b7:b5:a5:e3:a0:13:09:d1:cf:01:30:56:
+ 62:2f:0e:7e:4c:6a:86:98:be:2b:b0:92:af:30:64:
+ 23:30:cc:2e:97:fc:55:08:c1:57:15:ef:6a:06:36:
+ df:17:cd:98:88:3b:ad:e6:20:6f:ae:04:4f:f7:0f:
+ 90:22:8c:2a:17:17:1d:69:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
- CE:3B:77:9F:05:35:41:E3:6C:26:B9:F7:CF:CA:01:F6:F5:15:89:02
+ E6:FA:00:4B:A9:18:82:43:96:A8:FA:84:C6:35:6C:BB:96:9B:B3:0E
X509v3 Authority Key Identifier:
- keyid:BD:A1:EA:81:8D:FF:F5:50:66:37:55:D7:E4:26:40:C2:A9:38:3E:C4
+ keyid:EF:82:B7:F9:77:3D:79:50:9F:03:55:78:F4:6A:0D:6C:34:8B:63:2B
DirName:/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the root CA
- serial:DE:F4:80:E8:86:78:73:64
+ serial:A3:F0:72:2D:9C:64:1F:88
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Signature Algorithm: md5WithRSAEncryption
- 98:0e:78:59:02:57:26:43:33:cc:70:82:69:e1:a9:bf:df:a1:
- 9c:3a:4b:f5:c2:eb:f2:7a:97:88:87:7e:4b:c2:5d:2e:61:a5:
- a2:5d:73:76:13:e5:d6:0d:07:de:2b:23:e2:11:b5:93:3a:9c:
- cc:f2:ed:61:65:15:23:2e:73:2e:90:07:5b:fd:88:49:ba:b3:
- 6a:d0:1d:38:e6:82:08:5d:35:eb:fb:da:cf:5e:a5:b3:31:11:
- 04:30:18:78:76:c2:da:65:4a:c6:71:47:dd:14:56:2e:77:e3:
- e8:31:6b:c7:0b:9a:48:30:90:13:d3:2e:b9:3d:75:54:d3:d8:
- 7d:02
+ 0b:ad:64:b5:1b:78:80:10:36:50:1f:a6:c8:cf:2f:0d:2e:dd:
+ 35:18:e3:ab:ae:18:ef:45:7f:3d:16:82:16:2f:6f:3f:50:63:
+ 8c:cd:f5:99:0c:7e:d1:ea:1e:d9:a8:c4:14:09:6f:a8:75:34:
+ 96:ea:d8:8f:c5:f1:53:d2:5c:37:83:5d:79:cf:fa:4f:64:5f:
+ 14:91:71:2d:f8:7b:a0:e5:2b:a5:da:b1:8e:63:32:a3:e9:a5:
+ e4:e9:79:e5:2f:98:0c:ce:81:24:7d:e2:44:61:9d:ae:36:f6:
+ 06:96:9e:dc:f7:8c:9a:94:bc:65:0c:6f:d1:5f:92:61:b7:06:
+ 76:3b
-----BEGIN CERTIFICATE-----
MIIC/DCCAmWgAwIBAgICAXYwDQYJKoZIhvcNAQEEBQAwWjELMAkGA1UEBhMCVUcx
DzANBgNVBAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxh
-eGF0aW9uMRQwEgYDVQQDEwt0aGUgcm9vdCBDQTAeFw0wOTEyMDkxNjI3MTBaFw0z
-NzA0MjYxNjI3MTBaMFsxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzAN
+eGF0aW9uMRQwEgYDVQQDEwt0aGUgcm9vdCBDQTAeFw0xMDA2MjUyMjEyMjVaFw0z
+NzExMTAyMjEyMjVaMFsxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzAN
BgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEVMBMGA1UEAxMMdGhl
-IHN1YmNhIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGLdDNLH0tXpam
-PXhil73aUTOViiQPjf0UsfqzrOv46fMxO/fzwfbgWr+bkyII7PIJVVhEvcW7B8CM
-vH2cBGZRsybY2Td2bsqI77LNQ8/pOmH8LjCWkPqLi857OmSlD6GdwiUKIe7tvs7R
-6g9uIDZ86PGKymxOPEFGxU1AqgmRJwIDAQABo4HPMIHMMAwGA1UdEwQFMAMBAf8w
-HQYDVR0OBBYEFM47d58FNUHjbCa598/KAfb1FYkCMIGMBgNVHSMEgYQwgYGAFL2h
-6oGN//VQZjdV1+QmQMKpOD7EoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG
+IHN1YmNhIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVH3N56YfUacfg
+td80V9TRUaBiMuXgYybTcu/1WB5piY5RfyFiTug+Io38KKRcnWddsVMKIjDGCwt5
+ypbN87e1peOgEwnRzwEwVmIvDn5MaoaYviuwkq8wZCMwzC6X/FUIwVcV72oGNt8X
+zZiIO63mIG+uBE/3D5AijCoXFx1ptQIDAQABo4HPMIHMMAwGA1UdEwQFMAMBAf8w
+HQYDVR0OBBYEFOb6AEupGIJDlqj6hMY1bLuWm7MOMIGMBgNVHSMEgYQwgYGAFO+C
+t/l3PXlQnwNVePRqDWw0i2MroV6kXDBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG
VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFDAS
-BgNVBAMTC3RoZSByb290IENBggkA3vSA6IZ4c2QwDgYDVR0PAQH/BAQDAgEGMA0G
-CSqGSIb3DQEBBAUAA4GBAJgOeFkCVyZDM8xwgmnhqb/foZw6S/XC6/J6l4iHfkvC
-XS5hpaJdc3YT5dYNB94rI+IRtZM6nMzy7WFlFSMucy6QB1v9iEm6s2rQHTjmgghd
-Nev72s9epbMxEQQwGHh2wtplSsZxR90UVi534+gxa8cLmkgwkBPTLrk9dVTT2H0C
+BgNVBAMTC3RoZSByb290IENBggkAo/ByLZxkH4gwDgYDVR0PAQH/BAQDAgEGMA0G
+CSqGSIb3DQEBBAUAA4GBAAutZLUbeIAQNlAfpsjPLw0u3TUY46uuGO9Ffz0WghYv
+bz9QY4zN9ZkMftHqHtmoxBQJb6h1NJbq2I/F8VPSXDeDXXnP+k9kXxSRcS34e6Dl
+K6XasY5jMqPppeTpeeUvmAzOgSR94kRhna429gaWntz3jJqUvGUMb9FfkmG3BnY7
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDGLdDNLH0tXpamPXhil73aUTOViiQPjf0UsfqzrOv46fMxO/fz
-wfbgWr+bkyII7PIJVVhEvcW7B8CMvH2cBGZRsybY2Td2bsqI77LNQ8/pOmH8LjCW
-kPqLi857OmSlD6GdwiUKIe7tvs7R6g9uIDZ86PGKymxOPEFGxU1AqgmRJwIDAQAB
-AoGARDzmVp9pAsQ9D0S/PQOOxauMHYORYyG68PNPpap3HiBAMsW5XN9+yEW3EDSb
-VYNw27HdUN4fRYUn0c3dWmlRaVkfUAtHx1VhcsTfWRxp+FN4enl1HFvi2ji/5UYd
-e8z2GumVgwthxK1mGS2Q3pRB/VobGrX1r8384r7qCqRVyUECQQDns994mE751SyD
-Aa53ifeh85hbT4kJDN3wjOpQn++JuLu4qWoUHhRFXKD2DL6+TOewD0Y9iAkUAyTN
-yuUpVLBRAkEA2vX9aMqv9qPQqBzwScbJQr+YMND363OKwrvQa2ed94O8oFwl/+vC
-C83TV5eLxUinfFsT0zNMca3eIQVqBPqD9wJBANp4LcPlyMGkkN3N3hV0j3uy1fty
-2QEhkrrYA6+VviSbfNU3WIAzhGWKW3LkvY1tsh+9pzspY3XtKOyp3L3FzqECQGiO
-tL6YoyQ0n4vXncqtGSg9k3AkKW8OkoFg7CqNpTovdyBgQGkP7G50j+ow3LaNdiUE
-3NeqlGNocjz0d+b+tYsCQAhOG1xXly1tBduUJTQ+V5Cs9fKG7nn9QftCe53CocPS
-RHQFd6d4WYZjhxorAduJf5gVXWU2tdyhYqY239dVxhY=
+MIICXAIBAAKBgQDVH3N56YfUacfgtd80V9TRUaBiMuXgYybTcu/1WB5piY5RfyFi
+Tug+Io38KKRcnWddsVMKIjDGCwt5ypbN87e1peOgEwnRzwEwVmIvDn5MaoaYviuw
+kq8wZCMwzC6X/FUIwVcV72oGNt8XzZiIO63mIG+uBE/3D5AijCoXFx1ptQIDAQAB
+AoGAMFIYMXz0UgHF0roJqGl9lBPoxDr8CbsRU4HMzBi1lIIepXWokQyI9YWKIbDp
+SyJZDFInHLYRzuU0LeHz/TAT546P7i3ev2y+GWyjbCEumUShH4zGmNozqvRk7yo4
+KuNoRR6Tj+i+JgLuiCNWmEN7tQubG3F7VATOMulOtFWacSUCQQDrfY5na97a5hu7
+T61cLplCNGHjMsl9W4EvU6Zng50f4VEldwHLdqaxrSSx/inH3zyJjGHSlu828oxw
+hjS8fverAkEA568xFOKVL9zh3zs4yrYzzLW5Qq+eWPmGPE6b9rnzIgBPlcyRSKny
+8bV0V4da/PKTNDv0isgLne5gT78CGdxEHwJAB7CF4eKn2EYDSc6EPqpW3s6PE7go
+1CsUwNLecCrgCpZ06+BC8r3hG5QnypgeDSTA+UzYNOQw036AD3ySZEVRGQJBAMfw
+Q24fn9mfR/mqlPczR/6YsNkgz4k/RR3URPomPPERzZyb3qETsQnwqwdCUz5JZMnG
+F+KQgp33cnw/fWOt18cCQAdLfkgCNIpthWDNgtNl6poDdLO1O8tF/D072GBIaN+L
+z4N0Yh4o5zqpZo1yLev0hUZtWqcoYnDJBdcy8suL/xM=
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE REQUEST-----
MIIBmzCCAQQCAQAwWzELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEPMA0G
A1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRUwEwYDVQQDEwx0aGUg
-c3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYt0M0sfS1elqY9
-eGKXvdpRM5WKJA+N/RSx+rOs6/jp8zE79/PB9uBav5uTIgjs8glVWES9xbsHwIy8
-fZwEZlGzJtjZN3Zuyojvss1Dz+k6YfwuMJaQ+ouLzns6ZKUPoZ3CJQoh7u2+ztHq
-D24gNnzo8YrKbE48QUbFTUCqCZEnAgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQAr
-HDqquBnfR1ZvErqw3A7u3m1wq+wWzGvc/AU66wX5pA0n8eGGRoB7AX/VIxowgbQk
-415R37S9kUbVc2vW7a4Qr+cAhyiknVOWcakSjf7g5tzg/KYawA1kvvzxLV6dTZhZ
-ACTnvCY3Q2DDcvkOJ+20PbACPRpbWbg9ekZYkHq3VQ==
+c3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANUfc3nph9Rpx+C1
+3zRX1NFRoGIy5eBjJtNy7/VYHmmJjlF/IWJO6D4ijfwopFydZ12xUwoiMMYLC3nK
+ls3zt7Wl46ATCdHPATBWYi8Ofkxqhpi+K7CSrzBkIzDMLpf8VQjBVxXvagY23xfN
+mIg7reYgb64ET/cPkCKMKhcXHWm1AgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQCu
+GI9vFDB0cw4Y4y+zlHDRMlX8ZxggdpwEo38wJt7U9VVYONTGwkZ7/iVsRkuaEA/g
+JQpEeQX+NwPkUHDBw+SoG96lNKV9LfZXtVFWttUoTSA/3JsJbqmvhOMpQdPUxtxZ
+dNagZllbIqYrI09dwM5Q4TZowD5pGNfuZr4pzZEIlw==
-----END CERTIFICATE REQUEST-----
-V 370426162710Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA
+V 371110221225Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA
\r
[ ca_altname ]\r
# This is OK for an SSL server.\r
-nsCertType = server\r
-nsComment = "OpenSSL Generated Server Certificate"\r
-subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
\r
[ ca_client ]\r
# For normal client use this is typical\r
\r
[ ca_fclient ]\r
# This is typical in keyUsage for a client certificate.\r
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+basicConstraints = CA:false\r
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment\r
nsComment = "OpenSSL Generated Client Certificate with key usage"\r
\r
[ ca_none ]\r
Signature Algorithm: md5WithRSAEncryption
Issuer: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the subca CA
Validity
- Not Before: Dec 9 16:27:10 2009 GMT
- Not After : Apr 26 16:27:10 2037 GMT
+ Not Before: Jun 25 22:12:25 2010 GMT
+ Not After : Nov 10 22:12:25 2037 GMT
Subject: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the subsubca CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:bc:29:f6:02:17:f1:46:b2:28:0d:50:1d:f5:b3:
- 90:1b:ea:43:ea:cf:58:eb:fe:91:21:64:59:78:d9:
- ad:dd:cd:82:5c:1c:17:b6:75:74:fa:42:96:1c:b1:
- 1f:a2:76:ab:06:e4:ff:28:65:49:08:ed:b1:92:c6:
- 25:7d:ad:dc:2a:23:ab:b1:bf:06:71:27:70:2a:2d:
- ed:3c:dc:1b:bb:ea:ba:11:20:9a:d7:9e:9c:62:18:
- 27:bb:05:74:b5:50:44:33:72:f5:fb:37:a3:00:44:
- 55:67:74:0e:84:ae:5c:72:68:30:01:6c:0f:c9:bc:
- a5:c1:94:e4:2a:72:26:ee:e5
+ 00:a3:62:4b:b9:26:fd:18:af:c6:4f:4d:58:28:af:
+ 15:55:ab:37:93:55:4b:a9:b8:b6:9b:1d:b9:3d:e1:
+ 59:76:cf:d1:40:08:c4:85:ce:f0:9e:71:d6:a1:7c:
+ 4b:b5:6f:c5:c3:90:ed:75:b3:50:1a:86:41:b3:1f:
+ af:d5:4f:df:9b:a7:df:9c:2f:2a:8b:86:e0:29:3a:
+ 54:7c:e5:93:f6:0a:df:56:3f:0b:b1:1f:fc:3b:8e:
+ d6:ce:fe:69:67:96:dd:05:a5:1b:c3:3a:cd:5a:1c:
+ 66:4e:61:68:02:8a:f1:72:cd:5e:48:9f:9d:c9:1d:
+ 34:94:2b:9c:0c:b8:f2:0e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
- 1B:F6:7F:35:4E:C6:B8:06:BC:67:63:FD:A4:93:D8:9E:1F:D1:C0:44
+ B3:01:BD:FC:C1:F9:7E:2C:B2:50:EB:5D:48:E6:70:01:4A:EA:D9:A4
X509v3 Authority Key Identifier:
- keyid:CE:3B:77:9F:05:35:41:E3:6C:26:B9:F7:CF:CA:01:F6:F5:15:89:02
+ keyid:E6:FA:00:4B:A9:18:82:43:96:A8:FA:84:C6:35:6C:BB:96:9B:B3:0E
DirName:/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the root CA
serial:01:76
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Signature Algorithm: md5WithRSAEncryption
- a3:f2:83:56:21:14:83:51:b5:65:0e:9f:58:dc:f3:67:13:a3:
- c3:d5:96:35:8e:bb:8a:85:d2:c8:e7:c2:12:63:51:04:3b:c2:
- bf:a8:6b:09:91:0b:ed:2d:24:d9:eb:2a:7f:73:ef:13:51:d3:
- 30:44:d6:99:46:62:f3:fe:af:9b:71:e5:fb:96:6d:0e:f4:ee:
- f2:9a:18:88:4e:2d:7c:7f:7e:73:16:52:82:e8:06:2b:49:60:
- 40:0e:be:6b:c8:e4:f1:75:0f:9d:8d:52:f7:ea:c6:e9:70:4e:
- 0d:d4:64:73:9e:fa:0c:e9:25:72:e9:40:14:77:aa:6e:e9:55:
- 85:34
+ 90:b5:c8:ff:be:44:41:4a:99:73:24:5e:63:59:a9:50:f2:22:
+ 85:84:95:db:47:34:ea:ca:45:10:a8:aa:49:4a:d5:20:5a:87:
+ 23:c2:d6:67:ff:6a:0c:36:e8:e3:7f:e4:4e:70:89:15:9a:8f:
+ 72:71:d5:2f:b4:18:fe:1d:b7:89:f4:4e:f8:d5:bf:93:b1:c2:
+ 9e:3c:9a:c8:d7:a8:86:54:33:d7:c4:fb:7f:80:a8:cf:d6:09:
+ ca:46:f7:ae:dd:70:12:68:24:2c:dd:49:21:9e:dc:60:78:2f:
+ 45:79:ae:7b:a1:9f:54:da:a3:ca:91:13:95:bd:c6:e8:be:4e:
+ 02:3a
-----BEGIN CERTIFICATE-----
MIIC9zCCAmCgAwIBAgICAXYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCVUcx
DzANBgNVBAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxh
-eGF0aW9uMRUwEwYDVQQDEwx0aGUgc3ViY2EgQ0EwHhcNMDkxMjA5MTYyNzEwWhcN
-MzcwNDI2MTYyNzEwWjBeMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMQ8w
+eGF0aW9uMRUwEwYDVQQDEwx0aGUgc3ViY2EgQ0EwHhcNMTAwNjI1MjIxMjI1WhcN
+MzcxMTEwMjIxMjI1WjBeMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMQ8w
DQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xGDAWBgNVBAMTD3Ro
-ZSBzdWJzdWJjYSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvCn2Ahfx
-RrIoDVAd9bOQG+pD6s9Y6/6RIWRZeNmt3c2CXBwXtnV0+kKWHLEfonarBuT/KGVJ
-CO2xksYlfa3cKiOrsb8GcSdwKi3tPNwbu+q6ESCa156cYhgnuwV0tVBEM3L1+zej
-AERVZ3QOhK5ccmgwAWwPybylwZTkKnIm7uUCAwEAAaOBxjCBwzAMBgNVHRMEBTAD
-AQH/MB0GA1UdDgQWBBQb9n81Tsa4BrxnY/2kk9ieH9HARDCBgwYDVR0jBHwweoAU
-zjt3nwU1QeNsJrn3z8oB9vUViQKhXqRcMFoxCzAJBgNVBAYTAlVHMQ8wDQYDVQQH
+ZSBzdWJzdWJjYSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo2JLuSb9
+GK/GT01YKK8VVas3k1VLqbi2mx25PeFZds/RQAjEhc7wnnHWoXxLtW/Fw5DtdbNQ
+GoZBsx+v1U/fm6ffnC8qi4bgKTpUfOWT9grfVj8LsR/8O47Wzv5pZ5bdBaUbwzrN
+WhxmTmFoAorxcs1eSJ+dyR00lCucDLjyDo0CAwEAAaOBxjCBwzAMBgNVHRMEBTAD
+AQH/MB0GA1UdDgQWBBSzAb38wfl+LLJQ611I5nABSurZpDCBgwYDVR0jBHwweoAU
+5voAS6kYgkOWqPqExjVsu5absw6hXqRcMFoxCzAJBgNVBAYTAlVHMQ8wDQYDVQQH
EwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEU
MBIGA1UEAxMLdGhlIHJvb3QgQ0GCAgF2MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG
-9w0BAQQFAAOBgQCj8oNWIRSDUbVlDp9Y3PNnE6PD1ZY1jruKhdLI58ISY1EEO8K/
-qGsJkQvtLSTZ6yp/c+8TUdMwRNaZRmLz/q+bceX7lm0O9O7ymhiITi18f35zFlKC
-6AYrSWBADr5ryOTxdQ+djVL36sbpcE4N1GRznvoM6SVy6UAUd6pu6VWFNA==
+9w0BAQQFAAOBgQCQtcj/vkRBSplzJF5jWalQ8iKFhJXbRzTqykUQqKpJStUgWocj
+wtZn/2oMNujjf+ROcIkVmo9ycdUvtBj+HbeJ9E741b+TscKePJrI16iGVDPXxPt/
+gKjP1gnKRveu3XASaCQs3UkhntxgeC9Fea57oZ9U2qPKkROVvcbovk4COg==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQC8KfYCF/FGsigNUB31s5Ab6kPqz1jr/pEhZFl42a3dzYJcHBe2
-dXT6QpYcsR+idqsG5P8oZUkI7bGSxiV9rdwqI6uxvwZxJ3AqLe083Bu76roRIJrX
-npxiGCe7BXS1UEQzcvX7N6MARFVndA6ErlxyaDABbA/JvKXBlOQqcibu5QIDAQAB
-AoGBALH1wa0DNffWAZltv5gk5tPwAaIvzvsMPfjl7tUkk5MmjfdNvoObnTIgDdc/
-EhtWvrR7mnN7L9MY84xMiSLPb1xwS3uAGYDTtMpydOdWZZYwcoZMM36YjXYFgqvl
-QW4Kcfi60/gWW7TMp9329M8ibDyAomDfd1e0Vg//g8zjnRg1AkEA3RoZkhT9/8rn
-z3Sqg8l4ys6VUuYBylPPSjPLbTKG6oX5PWKyQw3GrJrN/2NpOE21/QPfvmIBsJlC
-35oG479s3wJBANnc9VmEERy139BjQse/1lHJ5N83Cy64smE2Bm9TxkbIhvxZWO31
-f5sSU2FFGq36fHJyM6uJ3FX0dtq1sNsSmLsCQDPKJEkyf5iF96yBYFuEOrYOk62a
-ULsKzJhN742Bc1bF0O7PCoBoXqwZir0SlRfqJAHDAYq/vDOYgrCLjKeWNDMCQQDV
-onew7PF+ztYHWZ6dk39NOoZFYIuFqDW7X6fVuTegJ3k+sTqkNW2JGeJLauEro4ov
-C8+hMZGvdAaslygy2ryLAkAJEow6EQXqtve6enOWk6SYeTJ82hKBc2L8cQeUA2jR
-fVDfECxJoC3IezBZzhuMkmX0BL7n6GxhyFOmdg2uqJ2h
+MIICXQIBAAKBgQCjYku5Jv0Yr8ZPTVgorxVVqzeTVUupuLabHbk94Vl2z9FACMSF
+zvCecdahfEu1b8XDkO11s1AahkGzH6/VT9+bp9+cLyqLhuApOlR85ZP2Ct9WPwux
+H/w7jtbO/mlnlt0FpRvDOs1aHGZOYWgCivFyzV5In53JHTSUK5wMuPIOjQIDAQAB
+AoGABUUscCKD04IIAZLbHyTWqVbGiigcMrNUoJhK22YjfqOhelFOFYrhVBsT802R
+G58pX++S2VMZaGGgSOjiwRy8d7m1/8KNgvKl62w827pLz9qVTHqBBZaXevk5frvq
+6r+9pt68aDkfwjPCfWxR4JtzfFjb41uQ97Ko98MgV77vaTkCQQDRKkLoyJN5d2so
+IhEnXiJ7aJh8BVbi0FkqYERC4Dc9x2BIUwDAPttrj+ELV+aM8uJNngVIgKr7FaZd
+WjgQq4JzAkEAx/fGMiBlBU/JrWjrPWsXU76LaL8i0rfs9rEoePl8j0mk1MIascd+
+BcOihWAp4Ot0mtku0d3+c2rtT1WVxirq/wJBAKTK+SBSNu6ySXi7Lmyn298DD3BW
+/JeCs12RrvZJlPxVguQ4kRTl8RYTq6i2Pmy6R9YDNAJlbVCZRBO0qwtnNUUCQEtP
+a5txS9qGRCRFAWNuM6jceFCIu6q0jlASRHXbMCgeyi8+syMFSNcO6ORmZR9KTe4L
+oXB0tOHvAVUBnJi3jS0CQQDFIV6RTqWkmpksKhD/PRaqk+zu3abnUvdKdPHDOvmq
+xAKyG93OYhxifcMiSQ/Ca/ty/OWKdpW2841Ss7EQkJ+r
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE REQUEST-----
MIIBnjCCAQcCAQAwXjELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEPMA0G
A1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRgwFgYDVQQDEw90aGUg
-c3Vic3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALwp9gIX8Uay
-KA1QHfWzkBvqQ+rPWOv+kSFkWXjZrd3NglwcF7Z1dPpClhyxH6J2qwbk/yhlSQjt
-sZLGJX2t3Cojq7G/BnEncCot7TzcG7vquhEgmteenGIYJ7sFdLVQRDNy9fs3owBE
-VWd0DoSuXHJoMAFsD8m8pcGU5CpyJu7lAgMBAAGgADANBgkqhkiG9w0BAQUFAAOB
-gQBeHdKgFoI8OGM2Xc2j00eBVGYsxfIXjYsagPuyLxG2+WbQjsQfSlehDvJcf5E/
-g/iHI++poo36TcWnLh+YGcEP0taOp2O9wBNXGDWX3KGKdQ5XLpkPiGHG5Zvhkx7a
-Y4KTlUw4GnfWYciHbzjK3ZGL//jwgvHJNJ6/Iw5bDpNGfg==
+c3Vic3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKNiS7km/Riv
+xk9NWCivFVWrN5NVS6m4tpsduT3hWXbP0UAIxIXO8J5x1qF8S7VvxcOQ7XWzUBqG
+QbMfr9VP35un35wvKouG4Ck6VHzlk/YK31Y/C7Ef/DuO1s7+aWeW3QWlG8M6zVoc
+Zk5haAKK8XLNXkifnckdNJQrnAy48g6NAgMBAAGgADANBgkqhkiG9w0BAQUFAAOB
+gQB4zVl0voUx8pxl4EwEdCf91itnFjDHMo+nvbClc8EMBLuTabxkRDWzQxTTQeL7
+LfBfyqkpfTHAOGa9bCzjKXq06dtzyqu0QrvlyGxJtmJIu2Ijr0jgg2ZTkSeKXCy3
+EUqfA8XMNwhgo9AAUlb4QRdQDCNhI8NFzq3iDpFJiEpYJg==
-----END CERTIFICATE REQUEST-----
\r
[ ca_altname ]\r
# This is OK for an SSL server.\r
-nsCertType = server\r
-nsComment = "OpenSSL Generated Server Certificate"\r
-subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
\r
[ ca_client ]\r
# For normal client use this is typical\r
\r
[ ca_fclient ]\r
# This is typical in keyUsage for a client certificate.\r
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+basicConstraints = CA:false\r
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment\r
nsComment = "OpenSSL Generated Client Certificate with key usage"\r
\r
[ ca_none ]\r
-----BEGIN CERTIFICATE-----
-MIIDCzCCAnSgAwIBAgIJALIbmjlwx6A+MA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV
+MIIDCzCCAnSgAwIBAgIJAO6OyF6m5/UeMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV
BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE
-CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIHRydXN0ZWQgQ0EwHhcNMDkxMjA5
-MTYyNjEwWhcNMzcwNDI2MTYyNjEwWjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG
+CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIHRydXN0ZWQgQ0EwHhcNMTAwNjI1
+MjIxMjExWhcNMzcxMTEwMjIxMjExWjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG
VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFzAV
BgNVBAMTDnRoZSB0cnVzdGVkIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQCX3cRHcag8RiQV4LztIAx7B7i381yF+zf39ZZq84Ycc8ZI+LFBzrRQsjaEPsbi
-6f1dbDh1IwLFptttwG+AJBKwjHjPSdbPqtOYshBIjG+phanVTLg9chPEIirYf5ng
-idfDOCMw9mNdFcPnrBA7CXDNCoY7hsPSf3U986B2csZfgQIDAQABo4HSMIHPMAwG
-A1UdEwQFMAMBAf8wHQYDVR0OBBYEFMQRFAPFkx4YXYvN7xawfJOsXtilMIGPBgNV
-HSMEgYcwgYSAFMQRFAPFkx4YXYvN7xawfJOsXtiloWGkXzBdMQswCQYDVQQGEwJV
+gQC8GsugGEqOxRx5s9DJAilgxQXE9xQn3mHTePv93EvzQbyviRIUNb4RgCowQdY1
+4CZx6V62JT54+TVkJsvrGJd51uomhYksEhd11vj0dhHwRMJAwRTJK0bDRwnX7tD+
+95ZvhSX07Q2UIxQ0xeC1lTJ8syObDHj4zJNwBaBUHa+RdwIDAQABo4HSMIHPMAwG
+A1UdEwQFMAMBAf8wHQYDVR0OBBYEFNF+Edjrqcy8L6Xg2V9pAoqR4GCAMIGPBgNV
+HSMEgYcwgYSAFNF+Edjrqcy8L6Xg2V9pAoqR4GCAoWGkXzBdMQswCQYDVQQGEwJV
RzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJl
-bGF4YXRpb24xFzAVBgNVBAMTDnRoZSB0cnVzdGVkIENBggkAshuaOXDHoD4wDgYD
-VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBABLlJ29AZEJqgwGp27/paP0f
-brMWEmlBQrObohg+K8oflMUVPNotwkChR58hwyNfNCKR+r/8bIJOWI+lFTkh5EQq
-Yqz2q5bLhy/Odgkyk5QSNm2YsMpvfWyA1A9ROtpvIXquBXMG6fx0/xYG1/NQkbK/
-BE0sTheSsSSJLTDB7PwE
+bGF4YXRpb24xFzAVBgNVBAMTDnRoZSB0cnVzdGVkIENBggkA7o7IXqbn9R4wDgYD
+VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAC9EnIv/wN6R6LVpYEsRiaHj
+dw7lf+e583BXm6eKedPxSxbPoJd7l+b2Ku4R4q2xmBs1GAnOcRp5fPgc/kGXwUZv
+ubtTowKC9PF5OTHCy/4ynEiZVGZFEbZIcKCFMaturi4IE5MLhaJb+lJvg+Z17fAX
+W2JamgpFmVme0XUTTdZd
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQCX3cRHcag8RiQV4LztIAx7B7i381yF+zf39ZZq84Ycc8ZI+LFB
-zrRQsjaEPsbi6f1dbDh1IwLFptttwG+AJBKwjHjPSdbPqtOYshBIjG+phanVTLg9
-chPEIirYf5ngidfDOCMw9mNdFcPnrBA7CXDNCoY7hsPSf3U986B2csZfgQIDAQAB
-AoGAZ6OzkKIzErc3ZyrRI+5MNiYF3JubV+AiyPhz55c7ve0Qs7nsliFvkuacJ9ID
-vtW6z+fL+7yh5qtBcnvyW/vCOGb1SZR8TaeK4eYPYn7+f34cMY+EYqVB9jws8Er8
-VByq7rx7Gmwr1ykiGiT04HdeFKw1uhYpqtdKwpNG+5L2g+UCQQDFqlkOxNWdx1Iy
-RK9Z1JWBh5BaywBexiBxObA98AA/pYpi6Bd01HSA28R0nQXkKSRJl1Y0Fv8UKl2v
-ovsNguIbAkEAxK9JXNYDQX4gVqf/nk/UVaqbpt60ahRRWkDHgCueVW6PipwV3TgA
-SkKkS5M1E1aTSw8tPP6XXshK31amN1Q+kwJADRrbJrCEHR7O40hMe98tPlY3it10
-m9P06KzTc3fK/G1EPIR4saU4SCbJ4pVag6L6pepjq7ZumO6qIW/jxySLSwJAXh/Q
-iPf2GOqGCVJeduGXKOP7lzDuv/E3OWzUzFaTcCj30op9wB8jrGYWAADTnoyI8pux
-t4XS5M4PXrA13TaYtwJAB5jWQUN+Hk8pqMC5R8ft10Z9pUB5WCAEeOqJBRmpbg5m
-TYOzpXPGwNglpzaXG7EQp1pC71I3k3gsI0jXjmnwkQ==
+MIICXQIBAAKBgQC8GsugGEqOxRx5s9DJAilgxQXE9xQn3mHTePv93EvzQbyviRIU
+Nb4RgCowQdY14CZx6V62JT54+TVkJsvrGJd51uomhYksEhd11vj0dhHwRMJAwRTJ
+K0bDRwnX7tD+95ZvhSX07Q2UIxQ0xeC1lTJ8syObDHj4zJNwBaBUHa+RdwIDAQAB
+AoGBALv0llTxEMbZ5FsjNtMzSr87/0jRjh1MUzmooTsHfgiiPfS0JRF2peX8x6sS
+jgWlZSTbiFy+mE7uzM+3CHlwSCGq6MQnyJhC9Tfwmf4XtTTchGYUK3pbdcwsvmyj
+4eq6gBF76TUdGpT6v4JiOjGC0foedGZT4SwWgltBP+GmNlV5AkEA3w/Yd4kt5wgk
+T+llAIYkYY+e846BjzdYuC6UkDrmSprZdsgJsHTxW8ThmrvmxvSR/A+IwgAHWL4l
+cFJs7PI8UwJBANfhgGx8ENc6IykA49eoCvIJU/pzrGAyVeEyEUdM5nuQ8dOriKym
+Q2j7Cz8UM8JXDsjVFvYfo7GpKgc2dZ8FUc0CQQCRO1HnUkuutqBd30pBsxUQ6F/H
+mCtGwfRjxwA3gAHc5UFdkxSr7RgQdfmls12ogChkgwC5vycJYpQhs6j0BSu9AkAH
+m/Uw3baiP3RZz6Q4R74LBfUl0Mn0ohGQ3HjrcHR3SoablWI946Zgnuiokoe4g+UL
+gydKCZd1fabzliHTNxbJAkAwxasZQPce5a/7khm1WkwNNPjD4arNFZAkp1du56Mr
+ED3bMEE378uJBd4hamXcMj0aaNutTFryLldKYUjkGwdW
-----END RSA PRIVATE KEY-----
git://scientific.zcu.cz / glite-security-test-utils.git / commitdiff