-----BEGIN CERTIFICATE-----
-MIIFJjCCAw4CAQAwDQYJKoZIhvcNAQEEBQAwWTELMAkGA1UEBhMCVUcxDzANBgNV
-BAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9u
-MRMwEQYDVQQDEwp0aGUgYmlnIENBMB4XDTA0MTAyODAyNDkzM1oXDTMyMDMxNTAy
-NDkzM1owWTELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEPMA0GA1UEChMG
-VXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRMwEQYDVQQDEwp0aGUgYmlnIENB
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0at2yBttsEeI260DTGQb
-89KzAUaCBTlPTqlR586cDb7QwgSrKbf/1h43/c2DJv2YQ15dbnOEhom6ejWKNhBv
-GHZArbj5Cq/x6U7VzJ9Pgzd8QbaZn0Q5evx78jzy2z5GpoG4/JMe1AN9aWqMh0hZ
-lkrHYF94lauf2hshLz4XHzvn72VZxJAzUntQy+XI8tcEZp1A2j7+J7hhzaBncc7y
-wu+vbN+7xhMdiina3IRuMBd5hoJJAnV9z8wh1oCtWcMFPSSHL0yMv6cNlt/Af7f4
-rSEHHvUDAUXhuVsVLFg1rOBoeiEhpECtXtS1jralkefPXdjPg1XP/TgFXeAlcANn
-TdHVLLiFNh9Vw1RfU4OHEyvsIBAGltSAD5IEUZc7yr+M8CwX3jGDIGYgAhKZJ9qS
-FaQV+S8qbf+mSvzyi9CeEKxFKyc3iS2rZ0UuuzhD6jo/Ql0wJ16abKJuYewhPYNG
-/A43u719D9a1l2zNE+yLq+5OJgAOHauZQf57AFq0wImUi3l/tHhpLWZJk0pgthHg
-6SpSyMYJ+tI3lk/NTy9BaSndTt334FtWIo9obLk8SNfzOxnkw2ehSixUSH1RpN9C
-5VhpaWrxaoT2FUwsGWL94RWXpHQFfDaYEkYOFS+PYAOWsmEPFCdcqoUiGUAVnGNu
-MpcZqGUKxTyiX7WjPU5woEkCAwEAATANBgkqhkiG9w0BAQQFAAOCAgEAD94Cf9Pi
-HTCY/S+UBcNZCS4KYxhpnjPzSpG2E5HVysCOqJ+iEqQ3gW7avcvsya1tm9jTkBNN
-RqpadY0WxIDV0ga+6768y17a34UnX9XGtq+Md5SkGiDA131pljO6dM1yECK/sngb
-ilpWGrTFfWIzW8zme3y2zZtQHpXWdKc7qZrr4MTIPygScs87brOYMJT7lmGWnPPC
-Pcqxwew3RijmYsIO/i2vzOs9xNMEBEpLbC46IE5F9xcG9IK/m+0MCXawZLVm/weh
-G9o0QYcJFKZuCqgDhwncuq1fM1PGDB0Jkrz/uaQuVJMc2PCCdmi96svLtME2nbQZ
-Rsal0AQ0EwJ5vj8rJOFeWnwOQ4MhIj+OODFoWA/oUh3po61MJeSyrRtgDCv1LMUR
-VgD+uGsbLnWbtOMakSMzTRT4aH+KiV77vu/rYX3WClng7KdJzoygG9IXQWhSBV82
-RMAOjdWv2IYB0jVic8bT1FCIsoozEfsUu6bo9TH82sKOjkxGK3on/L32sRwyiFS9
-K33s76FbeNi54Rky1W935xTQD/PmkcmiKPQ4Sfz8rsd9SfxBPcWbyTbD72Uf7dU3
-VceUhLaE5SYdgHlVHUDWvF85Fe6MNXksLS2HWamcZX0I/nrTT2WFosKXbD7DCx53
-/owoCRg1v6ejCn2amEw3rKBywrOk7QRyTiY=
+MIIKATCCBemgAwIBAgIJAJ8B/7ukFzCMMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV
+BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE
+CxMKUmVsYXhhdGlvbjETMBEGA1UEAxMKdGhlIGJpZyBDQTAeFw0wOTExMTgyMDA5
+NTdaFw0zNzA0MDUyMDA5NTdaMFkxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9w
+aWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjETMBEGA1UE
+AxMKdGhlIGJpZyBDQTCCBCIwDQYJKoZIhvcNAQEBBQADggQPADCCBAoCggQBAMMP
+gBs+EVHOOA2uzaKfom1nc2JmCSjYTBcJV3PlZtLO+1a3B2Rfp1uJ9YnLZoJHkmiI
+du2aUvSndEQ2rD0k9EB9yHCPI8qaq2CWM1uJgPt2olWnVSIHVEdU27D3ADSWTY+6
+VixPcDqNjk8uMjNuNYJGr1azL6z79ig8RAQyHhMzUEdgMBKgSE6HdAGYJNjqm1+S
+WliBXi83bKcmB07cBl5rKW0zD2WATlCJh1wkURvrCpsVKBmVcK8itwsl5Jebnwmw
+QCN0gXfjnRfTEM4Rp3PQfY9IydgwP72To/Jou8Lm73nGg251XLvvYFFnPX/sjZ3p
+RPFZkZoF4nEQc61/ziWtlWc3DvtwbxoLMNqy/jtrfq7+AB/p19vfFZ3+vBfgqjPa
+h75MC7gRRaR5ia8tDlaKGvq8O7iKo4d6QBgX2hX4FP4WbPu1hH91OhvUklYTvDc+
+zAQngEtf80WOve38TVTINbimhlxo3xSBEyd0Zdpgq0WKXfpmaHoUpqvyrQLTaASh
+yhHqMzh5i+m3JKpovU2G3jO7Iav0uEcRWOKLSZjDaP/TTYimzi71PxkFNu/a/sOr
+16VchTOr+SAwgseM9PMZTsFKHwgfeIRPz1kAhWMz6rnQdfBg3Q/wEc3NqsgF1GMt
+6ttDFlGMrq7wWo59aE01R/+uR9OiP3N6GxEVw6cY2e2tWRZwJOMJM6M27bfkXG+R
+nuctC5fUBOXaFyuUHLars2Yo0Eygu0MOgYz2WPbjIe5WbKYC/sZjcJAmD7lFGo3e
+6ChHjxq9XKCLD3+t42Sh2n+c7D5R0F2Q0QEwwbCca6ulZ5bJTGBVP8Dr1BiJRICg
+BcmoHhHVg+/zvERAqHU9fk5jvpb5BFQPS3/ReRYH+dFiiqzNhLjfSPuWYKFW70Xg
+3QHQBu0IqNdJq1Og8SIcDxJ/kiNbW6GYYb1e5ZDWjszhtsPvKT8n9q8sqN6JzcX2
+2n9e1UAjz0tJn2z1IY3FJIalKmyo+DgvThAE8tPecW3370/LI64Slb1WoEYTwt1j
+s2hSXqODMdC4xAJWuIQJIIxNFEtb5PE9ahpV8/Ff7vuka8EG8jLOjifNCrSpkOYf
+8EbHgbv+j9JQ68d9MDXdk3YgznXkQnEHVb8lw2NdjheM1GrTHfRz4VlbSChSM4l/
+pZC4CNLB7gItngJC5sSuc+L3hLFqqbiloFQpU6HUKnPFxBjVlaaf7HZcVsBWVehh
+/6jPDuutR4Q79QZrcxBUeuhH+X7ofvAvb9QWaqdlCM47/uZdD3PuOk0rN3UamB4G
+0VypiUpKI4R//69nG8kTCB8qLjjZWxPQvmtPhj+JnNt+9TB0xAhOhIrtfz5EYWmL
+cQf0D1r5JUfeeJkFyd8CAwEAAaOByzCByDAMBgNVHRMEBTADAQH/MB0GA1UdDgQW
+BBQgseI4jmaCF37DPSVAkJU0EhRpjTCBiwYDVR0jBIGDMIGAgBQgseI4jmaCF37D
+PSVAkJU0EhRpjaFdpFswWTELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEP
+MA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRMwEQYDVQQDEwp0
+aGUgYmlnIENBggkAnwH/u6QXMIwwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA
+A4IEAQBi7pMGytwry4CalH6FjQSlGV/gF3HMMzDZ7Byf2m6jGs+8f6R/s0ruATwx
+VbER9ro36xCEJmrDVKeW3PSkcyJAFoxribSmgLaWa8E9O4GGTv0IlLDyDRaQs2IY
+icskfNCEEq6p9rnkA5MXq7hVsojafc1CShH4Bw5QOPxK/uX09DGcutO78TBdPMja
+jDoZi2toOUv6AwAeobbwKdRezRBoQVA97DPpb4ex+/AqZF9/nJsuaO9P87RtvJCA
+DRK+K/xYWeo9G+QrqSDxCqL48aDE6WAaaJkf3BzVj8xm+kNjWkpNHAt6Tr6IdUUt
+PuWyr329CqwiEDQcYt9y3fvi4LKkJRmKZrRoUWdD1ChWe6JbCWoa1mop6Wff1JU5
+WtY3N1COrqfGc/0xUG4pysSbzlk03UrHyRkCHOSt9AukxvWtU33tGN/TqKBLwntI
+y8Nq4ZdSwyni2INV+eIogZMt0CSejLb4dsrBMXCRfWeg0T6tL1B0upGb85vD2fn6
+m9xF1SDx+IjDfieLHjECE09fSi+G2oBebhqfWEArRyW8aaKjwFaPBL7kGMASJ83Y
+9HLg/tgNqSc4MI0+3Mnt9bPi83Lr2piIto3axB/GM2XP9gM+nxy1i63JqcfSWhF9
+eFOObROXiMSRKvJx2jhN4lwEB1TvfgtL3szDXuIuob8hsRZHzvlXMDxbZoFuwnLo
+kU62uqq5XR86B7TElwEBZkPIFTyNvp051e/hm/6uPuJXSDFAiqiNX/dzKObpEzOh
+1Mv+xQUVOuN8dRu/2rBKGp+vuZKEwVayjKF0NEmeygNMFal0GJ1NcZcydxnO8U0g
+GeBlUhDbM+eHmTCO4zzbTHydSP6x+eBbdJq9figqqhS4OD7SWPYyHEEeDLfs5Vgr
+ulzkexF0JxGcaQwKD1gFFZrUWB4J1dY7YIMPiQ8kaGsl1sGQgD7axnGRt7WPc0Yb
+HqaGGvV/ZBh88HkZPzYZqYwtHjVjvOkbCS8QSHvzWZSUKkyH/hKAHRcQ/g1tY/vF
+nSJYydt5qKhyxa+A/hbgqDNQpQscWTQ/lRBZakOfkpB8ZGd/EFbtV1tt+sHpToRp
+R/feABVYl3fa4jWT5om/I97PrKC2Jm4/qEx8P3LybUwUbw91iBRgVoQt9pU6PvfT
+YBnVz2N8diBGj8yZ7wyTxNiO3WjJUldrY4Q2FADUm09fOBw2pcF5gnor54NBKXT2
+7K2B3GoaNa3+Tk0bE5WhS2+hyolmt1qeu/5lGfbIUb5UlAxBYFOLpGuoDFutR86P
+MMyFqDMRWpEtqSLa2MA1WRSrS4v8r6wawpy6ZfX0B45TSDt4RemgqKVreVg7Oe13
+tOEKBYEvhpvq0ZQgcaUWPVE7eP3I
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIIJKgIBAAKCAgEA0at2yBttsEeI260DTGQb89KzAUaCBTlPTqlR586cDb7QwgSr
-Kbf/1h43/c2DJv2YQ15dbnOEhom6ejWKNhBvGHZArbj5Cq/x6U7VzJ9Pgzd8QbaZ
-n0Q5evx78jzy2z5GpoG4/JMe1AN9aWqMh0hZlkrHYF94lauf2hshLz4XHzvn72VZ
-xJAzUntQy+XI8tcEZp1A2j7+J7hhzaBncc7ywu+vbN+7xhMdiina3IRuMBd5hoJJ
-AnV9z8wh1oCtWcMFPSSHL0yMv6cNlt/Af7f4rSEHHvUDAUXhuVsVLFg1rOBoeiEh
-pECtXtS1jralkefPXdjPg1XP/TgFXeAlcANnTdHVLLiFNh9Vw1RfU4OHEyvsIBAG
-ltSAD5IEUZc7yr+M8CwX3jGDIGYgAhKZJ9qSFaQV+S8qbf+mSvzyi9CeEKxFKyc3
-iS2rZ0UuuzhD6jo/Ql0wJ16abKJuYewhPYNG/A43u719D9a1l2zNE+yLq+5OJgAO
-HauZQf57AFq0wImUi3l/tHhpLWZJk0pgthHg6SpSyMYJ+tI3lk/NTy9BaSndTt33
-4FtWIo9obLk8SNfzOxnkw2ehSixUSH1RpN9C5VhpaWrxaoT2FUwsGWL94RWXpHQF
-fDaYEkYOFS+PYAOWsmEPFCdcqoUiGUAVnGNuMpcZqGUKxTyiX7WjPU5woEkCAwEA
-AQKCAgB7Y5S7nqimnPKFlQPj6OYqT0zY602JFXj+qdZxvL1JuYnRJD42hvogYBhD
-XLZaM9NvkhEZ9xF+u37qfKehuXonwy+9DKZDC9gpnSNlEDwS1Ixjf7pYaCYLopqu
-q/+f1r5tLtpWiZ4S1xru9q1Mz98o+0jqBkVIj3+7M0wMKVYiI3cTA2oYq2QInlmm
-JMxlXPRSDykjRv77ER89i7BU4Z0r6zIpuGEg6A7ySD9sluLhmm8CIZolwE8SAufG
-/GMH+CUVHnIP+9S41O7CY1s9zl6iRFWUekwSa7WzB08mkaLE4iuZ8/WAXC+rJzLR
-kdtOSkVWzUkR2WZVdqpx3H8rtFUN/gcX/Eb/rWosaKJxZBEWQUbfkG36m3faYMB3
-IsioZUtCgTuz60hx7ko2tRPiNLOJv4uiyP/uNJVrIG5eAMs/tZTK8Vgy8anUXqwu
-VwiUGFG0OrnWNz5g4Mqxnz8v1PuI/WjlB87ZZjMqaBbHsGRGVOHhyv7imdcfokHp
-Zfg9uwYyuzXzHJfMNVr3avkE0xwNRrJFGEtBPL8iyhKLqsw5CNi64kbAgA81Zjy0
-w9gpqNCrknn+M1Hmd3CtQdOmOjXiVmDGaKTuLsfIbgKWq0NxfrXqVmycEoJxF0so
-92UcSaB/w2BbZK2/nxlQiFXyM2qATSm8lGplFLL0Rhk7WLdVIQKCAQEA8cc89d4T
-2y4/34QEjK2VYohQpMUHgiezSTIxRWN/qi+UgyInfIsTkKrLRny+OL8SI+SQjZA0
-smxfjtHbOSk3D/RpHb0t654ym1crQVo1aV03saaGWbbZayicxvrBghvt+AskICev
-rzNpARx9gc+t9MQUCERNGwuLPhZp2RYyfQx1Y3haTOFpOrgS/GurgsGTlBAHIbF0
-XjFpDvBCEBFgr+IR5cEmOJpsubBtlgd+YnHJOyf/LHFKVZ34ewu6YsVY5/TVFWMB
-14/p77QJ3A3BzTwd9x3nEtjBh6xzI2GqBego3l6610aHcbCvQc0stJVpLpnucBo+
-5nFYs0HGmyVzjwKCAQEA3gC6Q+hQznhfzpriK4/78GKVVMHwHX5J9elHbv+sUzP+
-YoG09hhNCpWgJ4ijIvsdf/HiagpuepqDJ3C5MxZTrzCFrGyTKTjC+Ii6KJHNqUjD
-D3yPVEwu6eFyPdZBP0YmZo5+i9ZnLumQosz/gmQeTjvqDoLVqFTVOOwGO01/h9vy
-mu+gkKsgUcDjgsowqH+1yapiajKnbc8PnW+tnFjy1KqNjpXCbWUsKS33l/FQ53+B
-CTv9+EeQehwTdQS1IkwwA+Vwv0IcSx9kFnY5Yoy9FaZkDLWLeylVkHlQd6rzpkyA
-4eXvm79yls8ImFbPTxMRJl/oReznaU7B6vrPUCLipwKCAQEAi94/1NiRUhXSW6LK
-4vs0VVkYlglpi5Ed9bU0rbiezTxTRP1ILJNkUSeNCwz1GmzmuJ7sRQjsg1+QdFXQ
-5aODOBajjNG5M/pDunvWCSt/hKGpq3rzdAkEhCptb+r2cSdpJjqDvppW1xr9nuf1
-b1hOgS/BivrARGoMNnHO8AgYUyEW8+FXE+y+7Ho6eY5sHOuRTXFsPsCi2i7pYPv6
-q8Lx1S4KPojbbJlhVpbK/qT9J0Q+Lpu30eUEJL2LVtt1Ctix0xZfAs1Q7nxR0Bqu
-LYBD4k/p4eCJoeyFINDRluFT87DXm7Tfj9Q8XLfi20UvnJRm0c+5EV8NjlB6CNF/
-bJdg3wKCAQEAjM5LVczgi8Q/iAwmjVi6g+ITMvn68Mnr4SP/ocBaLT+aBiKcg0Yw
-fxkdxlVcm1BIiqEBaR6KqgqcSwStAmET3NbawdzvjcKprvcRk6++kLNMvOLVCbN0
-QfUy/1OIeLhmnL+eNdVcBp4vlYKOQMZ9jkNkFaYYG7cKshrJbQ2faK0xd+GqpndT
-fWbpJkhVilnOFEWUPCU6mmQtVD7ED5k/E3HFbP1Bnx7/XnMASgfNt7bgQdoiIDpL
-wZdTI/JDbKiD/8SjuTsWNPOJCNIdXYtEVpn9dS4kdI5n7cV0KyJrfTuitySez9si
-s9JGclEFFfNS+lL0QH2c3OcOCZrgqMQnmwKCAQEAuH+JNOzs30ymqUCNG8BdHW8I
-sJYglt1SSNQrp3nFtqfBgk4LaoIwA95WwTD2mbs3o16eFCJ3w6wX38oPt8TdP7ZH
-pZRBKFNG7eRjuqhUJG904RI7wk5MLKAH4YEkL7tpsGQZIiYbaadI5S9GzDgyrl7O
-lrqMJNx+4Y9vgN5BPBxATIQDVgs78pbUANab91xnm8l0JpUlFsx5mrJQfqc0dipn
-U5vwBg4jzg5UuP3CemS8F0KfKrjDqbiYuTeazqWhnTemjeXyzqTmUaY6r4QJJvk9
-DGT6qHCkkPQ+V13YXDZKUkq7yVSblVvOnG+W/R2DJsuECpYQaHdiZEjeuf1EZQ==
+MIISJwIBAAKCBAEAww+AGz4RUc44Da7Nop+ibWdzYmYJKNhMFwlXc+Vm0s77VrcH
+ZF+nW4n1ictmgkeSaIh27ZpS9Kd0RDasPST0QH3IcI8jypqrYJYzW4mA+3aiVadV
+IgdUR1TbsPcANJZNj7pWLE9wOo2OTy4yM241gkavVrMvrPv2KDxEBDIeEzNQR2Aw
+EqBITod0AZgk2OqbX5JaWIFeLzdspyYHTtwGXmspbTMPZYBOUImHXCRRG+sKmxUo
+GZVwryK3CyXkl5ufCbBAI3SBd+OdF9MQzhGnc9B9j0jJ2DA/vZOj8mi7wubvecaD
+bnVcu+9gUWc9f+yNnelE8VmRmgXicRBzrX/OJa2VZzcO+3BvGgsw2rL+O2t+rv4A
+H+nX298Vnf68F+CqM9qHvkwLuBFFpHmJry0OVooa+rw7uIqjh3pAGBfaFfgU/hZs
++7WEf3U6G9SSVhO8Nz7MBCeAS1/zRY697fxNVMg1uKaGXGjfFIETJ3Rl2mCrRYpd
++mZoehSmq/KtAtNoBKHKEeozOHmL6bckqmi9TYbeM7shq/S4RxFY4otJmMNo/9NN
+iKbOLvU/GQU279r+w6vXpVyFM6v5IDCCx4z08xlOwUofCB94hE/PWQCFYzPqudB1
+8GDdD/ARzc2qyAXUYy3q20MWUYyurvBajn1oTTVH/65H06I/c3obERXDpxjZ7a1Z
+FnAk4wkzozbtt+Rcb5Ge5y0Ll9QE5doXK5QctquzZijQTKC7Qw6BjPZY9uMh7lZs
+pgL+xmNwkCYPuUUajd7oKEePGr1coIsPf63jZKHaf5zsPlHQXZDRATDBsJxrq6Vn
+lslMYFU/wOvUGIlEgKAFyageEdWD7/O8RECodT1+TmO+lvkEVA9Lf9F5Fgf50WKK
+rM2EuN9I+5ZgoVbvReDdAdAG7Qio10mrU6DxIhwPEn+SI1tboZhhvV7lkNaOzOG2
+w+8pPyf2ryyo3onNxfbaf17VQCPPS0mfbPUhjcUkhqUqbKj4OC9OEATy095xbffv
+T8sjrhKVvVagRhPC3WOzaFJeo4Mx0LjEAla4hAkgjE0US1vk8T1qGlXz8V/u+6Rr
+wQbyMs6OJ80KtKmQ5h/wRseBu/6P0lDrx30wNd2TdiDOdeRCcQdVvyXDY12OF4zU
+atMd9HPhWVtIKFIziX+lkLgI0sHuAi2eAkLmxK5z4veEsWqpuKWgVClTodQqc8XE
+GNWVpp/sdlxWwFZV6GH/qM8O661HhDv1BmtzEFR66Ef5fuh+8C9v1BZqp2UIzjv+
+5l0Pc+46TSs3dRqYHgbRXKmJSkojhH//r2cbyRMIHyouONlbE9C+a0+GP4mc2371
+MHTECE6Eiu1/PkRhaYtxB/QPWvklR954mQXJ3wIDAQABAoIEAERYgweImOL0Abnx
+nMW1b2EsFUbN/7mbCBYuRMEsCPomYfSBTwrBZU9yqGDuru1JDKip4Bnir9xfbCKW
+kYUfFKIgMIIX9W+BADloh3g0VshFSh3+8ppovQP9XLjF4wGKBIUuwhDmiKlLfiiK
+RDa3D/Kkt70GLddLtXVloGNj+Bu8KA3KSy3LkWpKlcAVQhvrICO9kQBf29NpdR2f
++oGMIIMmwy4q7OMgsNARUCdd5jmFAoNSR2mnbgM/g6lZTp48fd4ULnT91nteemWl
+o8bAcs7mp4fz9h1U0pCnUZOXVOq2pgQiJV0nrCWBe1sqdGcFSJ2i5XA3dQfltfDt
+1cpd9KpJBwdSSGKbg6I5d5W5j9DcGlhQUVTdR7AXm2hvoBIxuxFOKa/oz1ZgXumB
+WFfTzqlN3KQsHjTMBv5qPFj0yopWEWzyCJ+te055kbG8qsWURqeIzk1KVe6TIRcn
+K69ebu4c9I3Nc1ifukJh84cohqOcqYZFNCaPiV31LG0lK6/IyTKOSdI7IFVSaU6r
+yCIZbvLiJas0j1jD92mXT3CZY2EuXvT8YbdW0vmrHr+yjww9zHRdGsMrBtUTFchM
+lxY6cn1XSbv6L6NV+5FIsZs6zoHy5/TRcPGXzv1Nnb9hp8xMFp3lsdu/xusuAury
+9pfkow4idCbHNw2VVOwuRZuX56T9OIfCZkdmLsrHN78liuWoZq02jEWFs8i/ZCQ6
+xTFd52D9yxKVbWJ44kca6rUtEk4uNyvq8a8/rZoZE4P9gzN4tHDRDmP7vqO9Q9G3
+pGuYsyk25I6usdHpUGcP7gfXttIDens+d2uKuVFwJuHmijhrOduQ/8iGsNLg3xKq
+SdGoommvzJGUGbe3h9ghYW2XDfRniRl/c+wisUHb/t1yhGRcqowh22KbOucdYkuZ
+W96BVm3Bt2O/sQcVPeSxykvhlwoJljED52HgDqUT7grZMVtYDJuI4KF6RgK5ubsT
+7zbF7Pe42P95XzUp2mEPW4unU8H3MA6tJ/md7QEfM2ZwlNDcYDhYuFoF6lGOc6Ug
+8LMzyfuqeBCuYBHr9TM17oys6IkmY5BrUi5JKIobGMM0apVIzAv1anLxgE4yY6K5
+/NTvI/KKdYSawiH8XcUcMW0nhAWPBFU/VPcoLzYX7DN4iUQaSL3ArPiif3mWQXfH
+fQiagCxkOZdIlsVn32asoIlKnWM9/u/7Ww3G8dDDOoWY0vgZ0rmW9GpU6W9hvxS1
+Amx1nkeLX7JWxdJI6teQRJFBckhmc5NS3gOiFUwggwO2FYornwdlAn3z/XcfqCBY
+jnkdG7k/hcojyduQ5bY0yxFxGmkMKdsj2IeU16F08ZIIb4DGknjwldXQnkMdmk4c
+HSv4SEECggIBAONthGamE/BLTPVCvyDgbFCFrkVBgz4u3xZp/ag1hEzBDNjoN8lp
+KGh1eRLobWIx0BbQnor+WL/TIOiRF5DWgqRoNampf3uZAgHuAX8XwS7nbdeX8qf/
+dciPR5Iw+Px+/GeagLUOtl6TizG3oSuw44tEDqh58N20IpnxfAJUnUKn8Ax2q+HO
+rMsZAT5Ax3qSyABr8VXh5GbZ+2q9UL/9swEKX/gXz235XqT90Q3Gh3GJtoa9pGBV
+6kYaZuQgcQO7CNomQTcaujXf1wjzw/ktu8eIBKuLTvD6yc8OSo19QBj+gHi5G/T1
+9hZvpCGnR2MWiUjJmVA1yOkQkYmT3RP/BOs/+tkYENxw6yMYMEul4rzNstGXhDEA
+PsC6EUAmElnKuLLzbMsJNPPgYPnQULIPMs80HQ+oAkGEc+0ldq6bniNGgnSvMQ3o
+ziRiVf+xb9aQjpBekb7RZMbdECS+YKmkubzUCs2DaQ+hWaFLOyIqTw1/Pj091VYA
+me3ovLn1lqJk4szSA9wD2qz/YPRGQgtiPHnNpRYmllNDsQoayTxYbxOxJOiuVONQ
+Ce9sqYsJKH+PSaem68Nen69iR7zDCAokcKnVGxk/4Qx7NHGJyZaewPny8pKgEQ15
+MfOjkUReP3u3tlXtzv9mNrEyuSMDvMPCj9FeL0mI8yFXMeVzme3F5oyhAoICAQDb
+kP6pLI/R/F8dkChP0lZdE/tY42RgyVJBfNfV6jLmKw2AFevxkBafNs+eHIcB8uZH
+Xx0DQ982pa6V5chv6egiASq9w7uSahZUdFuWMHXMmpyp49PHCugW6zZhnCWL5O6e
+FbQf+ZifKFWeIN2gHGbr9sfXucxlX0vnVbBBGXkZlo/JKeKoYD9L3Qbr9SGRIYSQ
+gxReeyBDZqynQSqSe21zFCJT9TMYChSOMJafIsDE7+YG6n/4TT5e1E9kBR+G2Klk
+k5tVIeTpJdQnnes7PW0AK7aJrMIXyZuMWmjU1d0agy97LmZoPQ+eg9yJ5jSkzoYn
+1GqtQFw2MFZD8PmeGVBnp6fVUmeQt/ydEWEKUGKUHdVkRSuy2bZaJkJLyzjJL3Bj
+QRNEKy4JTNjFwlRnbrLo1wp8ug/xMIV/d6VBdAYaxg7PGVeaJdjQtGcJlUDPPCB0
+FPVldfdk5q5ODcP5CvbNjeAELHw5MeDvgLMhMfVg50wMYDwOoMbelsYowkVtM37y
+smvGHIQ0nEOrwbJRgtwIaiPjuwqMRbi4X5SwZCN5CJbTH80oehcgQkJd2NTLiOuW
+MzQrF4qeFcFM9rL6HnMiZGPSY7nbMJNsevpiUBOiHeLXbXGfqzubfTJc/A86nJ8r
+sIq3k80D/hRCoASIxFYLRdJGFTB84lLVV9jm0fJGfwKCAgAr8mW7UCxaKrLcUeGN
+ANDtXmemilpKEdSaCDEz5+OA0W0iHP1qth9Q0CJtPOymJOoI/pckVLHhn3KkfiUH
+n+vuyRRVjKNNxutUZCF15ak23xGir4H8ZKjl8Inr/fqfEArGGlz0n7st22TyXoGO
+Z8gQiT4r4CRjMwPcq4VDDga1cq44OlZMdBt/w30yAmKJlQOA0Vr5NYVlOooSvjJ0
+ZxnIAbE5x6AVqDJZv5I+DzbtAad7sfmpg/CZS1DGlF5CUkoLnYjMlSWWc4KiADjG
+VcgLboU4gNroRg3pLOHLJYDVU5iPu3VjiIPdIgWdWy24QAqXPh2aGkqQftsgsqnt
+y0GwE9TtTnEzp75IMcxjUdLWmQkM5zJsJZf6tfnPY4v4Pewi6FcFhOnullUm8NIn
+FjjDQVa8R8Ln1ihwkuS0KO4N8voSgigAgBQVg8sKdccetyBVVXDkZqIKq30LHJ6h
+KWuayX6s58/NbWhceqUanQJZoVTtkJ1A2SzlhCuz43kQOF57JboJMdV3yIF7snfg
+q0L0ZoCYHyy9Oj9jrHlmZ9BPBdQUAlv08Op6kYzRiRuCSrX455B3WDmTMnKaTzWm
+gBQlPUDXSDi8qLIhnnaN3G993SxymOuyptC4O8s+YtfxmDZrtGBjieTXqO2NjpNT
+YK1Zz9FjbEtPDgJeTFBaWfuLAQKCAgBPG0JlOUTn5wFt6U5c0++BwX1BXUwBAwe7
+yHsK+0IzYzeN+lfzxHIiEuFimeyaayVEeaQ+VOnLCo6IOy2oBKI5/imkDS07ZzV8
+YB/PUM5gVSQ0oXzfrbJI7528NUHh0S2Xj0JCcu7mCOYv/q9azGDYiyUdODfIHjl+
+s4S5L7BN480SMSEUgPjNIGkqAjuByo20c0WXdMz++7Mg332zIP0iBRMJJMKv2pHl
+WOQrmZ3SVoyN2VcZ4tqh1+RyqNXfA5ikP/orBfcveQ2i6GakBVGMSjOODswvPdfp
+DXnPlO4Aa1tkCiejTryd4+xFUseMyUvUddepbBLNA0VRXTTSHVS2w9TYKsRdg6xj
++qr3yFZ7/vOvGKzR11a3zCj+nc1rzsezOvLyEIyZlTJUrdszGNMkyLVikrbDszOl
+5TmJB4BbjRgwzXSeeRxQtW6aKUgcYhFfQV3YnFPx6prKTHNa+vRIwuD/H/fxs2LT
+Z48iWpmJvEvN+a4ppwt/jtr+PGA/I9qNHnNuAUAwpExNSZAxhfA4p+UeW3lFaKlQ
+5D7x/mI5bTrJ/h8wgixq1vSKU2D3o/EdQH1/ORAcPMJUNF3vd6ELtxev6XZA3pN+
+9h/X4/nu4s2jyC6z1EG5l7XZgocKGvvOBeE0mu+2jIhIKNb5X6OQlCtaTLAXjoNB
+klD3eJTNiQKCAgBK7hoDqYRUQP29WKGaJSk91TsPO3zEErB8Z0R9KiX31TC4Ln9U
+eh4dYvQvyQi0agtP5/+eQBiOALqRRwbzoA0fI2s7z4KTTGlDwnFZxIiY2ylYgBFV
+KPb/lK2UurnwxJQ9j4GLsVOBhD3KXZDEY8Jl+Gr82+azDeMlUSrqXzj4txk/RkZh
+BNZXlBQHx5ouWUp/f8dB2jqVnsn6r6EqKwiLfFEd6z9IAlWQtENBwGq5kRG0BZ/6
+f00dCh5U1VE+Kx8eKlyXVqscYndLZG3bJbQBYwXKGh4fku8zEiBw+yEE6/LZIIWQ
+KYrfIGu3r74pQEG/ZYdxdCasjidrdgZRrbjeo1A6R4uywI7L8bOzLBzu8HWIwGU3
+DTDcBRR9EU/wkKsXUhi0RkDRGfamDfz4DIxGOdHNe6UXSW8MKciOxI4gmO44VkgN
+wxadNnt27+puetDXQZdxRXZgBN/LZeu9AzFwclI3WtjiHCeS0Lp+GjpYB8wS2rOk
+3zqQnIx0He0rVuVEMAOdvMrtFw2fuU1EomrUuFHjOkq2ulZ4wC/MvXgEo2c6puKb
+YameI61Q3PdY9IwWoy1QOt47cjxT8MyZYnWHuOUbeHUFwOqfAyFMRvF1+G0l2gm0
+eWbX7BKTYYLG5NSca3N40zspX4fXjzi7wekoRmFWrEe1jU3KzboL6iRLeg==
-----END RSA PRIVATE KEY-----
-V 370320130914Z 123456 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big client
-V 370320130915Z 12345A unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big client serial/serialNumber=12341324
-V 370320130915Z 12345E unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big client email/emailAddress=test@home.org
-V 370320130916Z 123462 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big client UID/UID=testuserid
-V 370320130916Z 123466 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big flag client
-V 370320130918Z 12346A unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big bigclient
-V 370320130919Z 12346E unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big server
-V 370320130919Z 123472 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=xxx.foo.bar
-V 370320130919Z 123473 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big clientserver
-V 370320130920Z 123477 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big none
-V 091101130920Z 12347B unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big client expired
-V 091101130920Z 12347D unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big flag client expired
-V 091101130921Z 12347F unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big flag server expired
-V 091101130921Z 123481 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big clientserver expired
-V 091101130921Z 123483 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big none expired
-R 370320130922Z 091102130922Z 123485 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big client revoked
-R 370320130922Z 091102130922Z 123487 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big flag client revoked
-R 370320130922Z 091102130922Z 123489 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big server revoked
-R 370320130922Z 091102130923Z 12348B unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big clientserver revoked
-R 370320130923Z 091102130923Z 12348D unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=big none revoked
+### req command\r
+\r
[ req ]\r
-default_bits = $ENV::BITS\r
-default_keyfile = keyfile.pem\r
-distinguished_name = req_distinguished_name\r
-attributes = req_attributes\r
-prompt = no\r
-output_password = $ENV::PASSWORD\r
-ca_cert = CA_cert\r
+default_bits = 1024\r
+distinguished_name = req_distinguished_name\r
\r
[ req_distinguished_name ]\r
-countryName = UG\r
\r
-#stateOrProvinceName = South area\r
+[ ca_cert_req ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier = hash\r
+authorityKeyIdentifier = keyid:always,issuer:always\r
+keyUsage = cRLSign, keyCertSign\r
+\r
+#[ serial_cert_req ]\r
+#serialNumber = 12341324\r
+\r
+#[ email_cert_req ]\r
+#emailAddress = test@home.org\r
+\r
+#[ uid_cert_req ]\r
+#userId = testuserid\r
+\r
+[ proxy_cert_req ]\r
+\r
+[ proxy_proxy_cert_req ]\r
+\r
+#### ca command\r
\r
-localityName = Tropic\r
+[ca]\r
+default_ca = CA_default\r
\r
-organizationName = Utopia\r
+[CA_default]\r
+dir = $ENV::CASROOT/$ENV::CATYPE-ca\r
+database = $dir/index.txt\r
+serial = $dir/serial.txt\r
+default_md = sha1\r
\r
-organizationalUnitName = Relaxation\r
+certificate = $dir/$ENV::CATYPE.cert\r
+private_key = $dir/$ENV::CATYPE.priv\r
\r
-commonName = $ENV::CN\r
+policy = policy_any\r
\r
-#emailAddress = Email Address\r
+[policy_any]\r
+countryName = supplied\r
+stateOrProvinceName = optional\r
+localityName = optional\r
+organizationName = optional\r
+organizationalUnitName = optional\r
+commonName = supplied\r
+emailAddress = optional\r
+userId = optional\r
+serialNumber = optional\r
\r
-[ req_attributes ]\r
-#challengePassword = $ENV::PASSWORD\r
+[ ca_cert ]\r
+basicConstraints = CA:TRUE\r
\r
-[ CA_cert ]\r
-basicConstraints = CA:true\r
-subjectKeyIdentifier=hash\r
-authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ ca_server ]\r
+# This is OK for an SSL server.\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+# For an object signing certificate this would be used.\r
+# nsCertType = objsign\r
+\r
+[ ca_altname ]\r
+# This is OK for an SSL server.\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+\r
+[ ca_client ]\r
+# For normal client use this is typical\r
+nsCertType = client, email\r
+nsComment = "OpenSSL Generated Client Certificate"\r
+\r
+[ ca_clientserver ]\r
+# For normal client use this is typical\r
+nsCertType = server, client, email\r
+nsComment = "OpenSSL Generated Client Server Certificate"\r
+\r
+[ ca_fclient ]\r
+# This is typical in keyUsage for a client certificate.\r
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+nsComment = "OpenSSL Generated Client Certificate with key usage"\r
+\r
+[ ca_none ]\r
+nsComment = "OpenSSL Generated Client Certificate without Flags"\r
\r
[ proxy_none ]\r
+keyUsage = critical,digitalSignature,keyEncipherment\r
+\r
-----BEGIN CERTIFICATE-----
-MIICKTCCAZICAQAwDQYJKoZIhvcNAQEEBQAwXTELMAkGA1UEBhMCVUcxDzANBgNV
-BAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9u
-MRcwFQYDVQQDEw50aGUgZXhwaXJlZCBDQTAeFw0wNDEwMjgwMjQ5MzNaFw0wNDEw
-MjcwMjQ5MzNaMF0xCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNV
-BAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIGV4
-cGlyZWQgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKDalz1sD+Ds5CR1
-AvST5CUKoOUoKBfnaqbYhGivGv9QK34ynYYONoBZcZGjIh/9D7n5l/lxq8NZ+4HV
-GU6fDOT7mBALiiM3tyKztpD7rBxLCZ3PxsNeHxP3J5obXz44XaSBxgk3FEfX0DJJ
-D4Fv7Res5FTRWUTmK+RZ8jSTflnzAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAOaoU
-J+ZWcteYj09ntn58OnjbL4jRW5TYE4+vfrja9cUuKiOdjqWfHdi8fY5C58tUqFnk
-iFKPzqEienR4apchZjoqWPVA2coaRAm6wwAvkePrv0hk+cuTNCVAFGo2i3PGbRo/
-BfpZaDcEgwpYn5PzLNwTEB2bK2QRbsNKX1JtR5M=
+MIIDCDCCAnGgAwIBAgIJAJO9tXDLWAPpMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV
+BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE
+CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIGV4cGlyZWQgQ0EwHhcNMDkxMTE4
+MjAwOTU3WhcNMDkxMTE3MjAwOTU3WjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG
+VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFzAV
+BgNVBAMTDnRoZSBleHBpcmVkIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQC1CZ0a6cakhd8Ql58VXnzy23ToUOp77bRTmR1M1iwiy8+h4faW+B2Gm4oGJrhD
+oYp7cEVpnrlQuWQdYs+sT01GZmdzCfQ4fznc0VTMsGtpavWVOo5cZYUVfz48zu0B
+bgB7W08EL88uGMBubaFDLB5Rb/yHkP+5fmis+ugKpdiffQIDAQABo4HPMIHMMAwG
+A1UdEwQFMAMBAf8wHQYDVR0OBBYEFBTlEzymeVaSezNLUZA1dHU0E8wcMIGPBgNV
+HSMEgYcwgYSAFBTlEzymeVaSezNLUZA1dHU0E8wcoWGkXzBdMQswCQYDVQQGEwJV
+RzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJl
+bGF4YXRpb24xFzAVBgNVBAMTDnRoZSBleHBpcmVkIENBggkAk721cMtYA+kwCwYD
+VR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBABnlqhW3QU6WZcLsBMHjRn23ruQ8
+8CKYxN/LAl+7QraMQ1bE8rlqQLzKdnaFHq6R3P6adhnLgnyaAhYt3GozRBwsSJ1d
+K0EAmbl0Lk2rdRC+53lHOC++byK1pSZM4KkwVZt33z9WkR4gpb6wyQb527g7vSZK
+BLXE+M5wgxtjUXV2
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCg2pc9bA/g7OQkdQL0k+QlCqDlKCgX52qm2IRorxr/UCt+Mp2G
-DjaAWXGRoyIf/Q+5+Zf5cavDWfuB1RlOnwzk+5gQC4ojN7cis7aQ+6wcSwmdz8bD
-Xh8T9yeaG18+OF2kgcYJNxRH19AySQ+Bb+0XrORU0VlE5ivkWfI0k35Z8wIDAQAB
-AoGABANQEJ04jDD8xBgTOczSvUXVm8Hzthz04TK3ovDzaHk0jJJwsZ57J5qTpcF/
-IXMryET80KFQWrBNAQEy/24iYS3uN5n7GBZUxkL+115t/Ol5d0CUXE9EM4rCmW6c
-O/K1NaUxvmwQto/zN0iZdzj1qMVUUyvopYAKkexiir5K8bkCQQDVm8fT/RtRiuR/
-sWOoGYrbHEmwLNjY+rvpGJg+v4X9fGAoFAF6a8RWrttvsLKreW+kYieDUtFkU6tg
-m6tw+VZ/AkEAwMamcbAXzZy6Px70coS8bERFPeF8+d3qTUryA9HkjL5zurYBMNDP
-zyOmuzDNcrz5xGIoQf9XX2McK9bAHldKjQJBAMCHvp8GHV9r7vRhMM/M5ekEIC7Y
-3UMFC+XXMzIrclu9hPXawlJTXA49YK/U9dW0iLoDdlXZib4B5BAZf3c+ZYUCQANH
-ne9TOqRx5S1LvobwQTBqXO83leO+Zc0Y2FM+T/AhEWD81bpZ4x84EQ8gPm6UTn+L
-1/l/eaIS0pjgV3Zsr8UCQQCas5CoE4zmN4qbdpi4QS8nrmNUZC1LdAH1TDqT7tPG
-QAnIxtPostO3tFOTcV7k6WDknahhff3CtN1GENRxXeCy
+MIICXAIBAAKBgQC1CZ0a6cakhd8Ql58VXnzy23ToUOp77bRTmR1M1iwiy8+h4faW
++B2Gm4oGJrhDoYp7cEVpnrlQuWQdYs+sT01GZmdzCfQ4fznc0VTMsGtpavWVOo5c
+ZYUVfz48zu0BbgB7W08EL88uGMBubaFDLB5Rb/yHkP+5fmis+ugKpdiffQIDAQAB
+AoGAbYlMkm0iMIeDaQGkUoSiKzsXaD0VMzim4/H/pW7ss30HuxYCYmPrUXeosoIY
++WqzZG6QwRA1Zh9V8OXJa6NryAkFjwIzrBpNKRXNFBnOGtJIRzmQtr97WeNTDv2o
+bPFDcdRMLhd3/VPC/8SEziy6TrOmmYM7HDBnpys3QfuZlU0CQQDhIWAJqHEUnTo+
+NRPQQW4b/ECh8rkbSBvQlInrft4zRmScvwv4CpO0Iump0fuXEb7BEFCIKh8F4hsW
+39i+peE3AkEAzdx5H7GRoAvohPIKRGsApSXn6Qfj3+aSfDCvdKR5VCXt6xOUR/jX
+B4l2fMBNvOEqnoQcX07+MynRtzYvrT0u6wJBAKOhcH5UkaxcAwNH7NjHVdK9a/TJ
+yMUNijn2XLBwC+zU0zgim/5zIZwibBdkaisJWM5Wn1H424eZKftcQ9t+Ec0CQCtA
+6co4+woPtnlIidO6T9ZjUojp+X0v6xNg/1yYuk1t8sFzybIdnMCep2Cq3yqSfOv1
+giicZljFrqS6I+ZYdqUCQHpcJQdZO4iRcmtJEA5zqVOjtx/l6+BBnd95ZuZ38Ph8
+mWzzAMCUZ2Fw8ZYsJIi3MmnKqEagzH6AnpgW0z/3ntk=
-----END RSA PRIVATE KEY-----
-V 370320130923Z 123456 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired client
-V 370320130923Z 12345A unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired client serial/serialNumber=12341324
-V 370320130924Z 12345E unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired client email/emailAddress=test@home.org
-V 370320130924Z 123462 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired client UID/UID=testuserid
-V 370320130925Z 123466 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired flag client
-V 370320130928Z 12346A unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired bigclient
-V 370320130928Z 12346E unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired server
-V 370320130929Z 123472 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=xxx.foo.bar
-V 370320130929Z 123473 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired clientserver
-V 370320130930Z 123477 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired none
-V 091101130930Z 12347B unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired client expired
-V 091101130930Z 12347D unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired flag client expired
-V 091101130931Z 12347F unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired flag server expired
-V 091101130931Z 123481 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired clientserver expired
-V 091101130931Z 123483 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired none expired
-R 370320130931Z 091102130931Z 123485 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired client revoked
-R 370320130932Z 091102130932Z 123487 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired flag client revoked
-R 370320130932Z 091102130932Z 123489 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired server revoked
-R 370320130932Z 091102130932Z 12348B unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired clientserver revoked
-R 370320130932Z 091102130933Z 12348D unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=expired none revoked
+### req command\r
+\r
[ req ]\r
-default_bits = $ENV::BITS\r
-default_keyfile = keyfile.pem\r
-distinguished_name = req_distinguished_name\r
-attributes = req_attributes\r
-prompt = no\r
-output_password = $ENV::PASSWORD\r
-ca_cert = CA_cert\r
+default_bits = 1024\r
+distinguished_name = req_distinguished_name\r
\r
[ req_distinguished_name ]\r
-countryName = UG\r
\r
-#stateOrProvinceName = South area\r
+[ ca_cert_req ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier = hash\r
+authorityKeyIdentifier = keyid:always,issuer:always\r
+keyUsage = cRLSign, keyCertSign\r
+\r
+#[ serial_cert_req ]\r
+#serialNumber = 12341324\r
+\r
+#[ email_cert_req ]\r
+#emailAddress = test@home.org\r
+\r
+#[ uid_cert_req ]\r
+#userId = testuserid\r
+\r
+[ proxy_cert_req ]\r
+\r
+[ proxy_proxy_cert_req ]\r
+\r
+#### ca command\r
\r
-localityName = Tropic\r
+[ca]\r
+default_ca = CA_default\r
\r
-organizationName = Utopia\r
+[CA_default]\r
+dir = $ENV::CASROOT/$ENV::CATYPE-ca\r
+database = $dir/index.txt\r
+serial = $dir/serial.txt\r
+default_md = sha1\r
\r
-organizationalUnitName = Relaxation\r
+certificate = $dir/$ENV::CATYPE.cert\r
+private_key = $dir/$ENV::CATYPE.priv\r
\r
-commonName = $ENV::CN\r
+policy = policy_any\r
\r
-#emailAddress = Email Address\r
+[policy_any]\r
+countryName = supplied\r
+stateOrProvinceName = optional\r
+localityName = optional\r
+organizationName = optional\r
+organizationalUnitName = optional\r
+commonName = supplied\r
+emailAddress = optional\r
+userId = optional\r
+serialNumber = optional\r
\r
-[ req_attributes ]\r
-#challengePassword = $ENV::PASSWORD\r
+[ ca_cert ]\r
+basicConstraints = CA:TRUE\r
\r
-[ CA_cert ]\r
-basicConstraints = CA:true\r
-subjectKeyIdentifier=hash\r
-authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ ca_server ]\r
+# This is OK for an SSL server.\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+# For an object signing certificate this would be used.\r
+# nsCertType = objsign\r
+\r
+[ ca_altname ]\r
+# This is OK for an SSL server.\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+\r
+[ ca_client ]\r
+# For normal client use this is typical\r
+nsCertType = client, email\r
+nsComment = "OpenSSL Generated Client Certificate"\r
+\r
+[ ca_clientserver ]\r
+# For normal client use this is typical\r
+nsCertType = server, client, email\r
+nsComment = "OpenSSL Generated Client Server Certificate"\r
+\r
+[ ca_fclient ]\r
+# This is typical in keyUsage for a client certificate.\r
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+nsComment = "OpenSSL Generated Client Certificate with key usage"\r
+\r
+[ ca_none ]\r
+nsComment = "OpenSSL Generated Client Certificate without Flags"\r
\r
[ proxy_none ]\r
+keyUsage = critical,digitalSignature,keyEncipherment\r
+\r
-----BEGIN CERTIFICATE-----
-MIICIzCCAYwCAQAwDQYJKoZIhvcNAQEEBQAwWjELMAkGA1UEBhMCVUcxDzANBgNV
-BAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9u
-MRQwEgYDVQQDEwt0aGUgZmFrZSBDQTAeFw0wNDEwMjgwMjQ5MjNaFw0zMjAzMTUw
-MjQ5MjNaMFoxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoT
-BlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIGZha2Ug
-Q0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN2cPdeBM7VJMfI9Gm6wCK6Z
-VTVU2MgLkx+SVAt0Q7j4+m/iO2VAFNa4IAVAX/DG71D/yqCmvjzmQkXrbnZ48VFJ
-GHQyIEq9uxGVSKefH1AP03+UOcO53KoyfXoRU9BVxV2Py9hHevVJ9+X352E4TXlm
-O5EQCF5dljjU4hH1O3TVAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAr9q34tLFrY4Z
-DD5JxlwuEzTnlC6x2Or7FL52Mup2uo8M8gXJXEReZmfjJi326ASQUEdsZD4adcCJ
-aUB85qWHaQy94uO1KR0uNPGZkyTWffoYf8Jv91mENSQ+TjQA18JKUFsuWsdOebk5
-CY48OtNkkt5rDVFqutHqphwOGGbC02w=
+MIIC/zCCAmigAwIBAgIJAJOODvhASivmMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
+BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE
+CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIGZha2UgQ0EwHhcNMDkxMTE4MjAw
+OTMwWhcNMzcwNDA1MjAwOTMwWjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv
+cGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFDASBgNV
+BAMTC3RoZSBmYWtlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzJg2Y
+4PEy7IHjJtnAUoHsJTFiwH3upubJ21J1xIwbuwCCvUrBpj/OzEzaPdxU6fzjPXD2
+wVDzE2vqLF6hvxyzUlLKXmuB10lOfly8vkMHO7T/P1pO4vrZIpzo3pGFgx3fw4E4
+ZCdlsbjV/yHjVpO6+pnWdpka+S7rOIKMJfjfMwIDAQABo4HMMIHJMAwGA1UdEwQF
+MAMBAf8wHQYDVR0OBBYEFGASma3GAhhYIPGOPve5MAxg7ce2MIGMBgNVHSMEgYQw
+gYGAFGASma3GAhhYIPGOPve5MAxg7ce2oV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G
+A1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRp
+b24xFDASBgNVBAMTC3RoZSBmYWtlIENBggkAk44O+EBKK+YwCwYDVR0PBAQDAgEG
+MA0GCSqGSIb3DQEBBQUAA4GBABt1ebIzQl2S2vu8nuGgssYpBHdUyTCiZNg6RFBx
+GRmxPvd7/F6Ag60/xbz3rKtpQqeDoZg/FtpBHlAbIuOc3+kGDl3UatNV1VVozC6q
+gocDvafELWoH0Xqmiv/WRoi7vzqsB7k387QkKCnYeahmQPS75pwE99A0HwhhaM/A
+T9ia
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXwIBAAKBgQDdnD3XgTO1STHyPRpusAiumVU1VNjIC5MfklQLdEO4+Ppv4jtl
-QBTWuCAFQF/wxu9Q/8qgpr485kJF6252ePFRSRh0MiBKvbsRlUinnx9QD9N/lDnD
-udyqMn16EVPQVcVdj8vYR3r1Sffl9+dhOE15ZjuREAheXZY41OIR9Tt01QIDAQAB
-AoGBAM/1mqLs/9UTRueHJ5LPZpZSFX/iizvOgNWTv4KwLA0cuAbeSdaN+AA28PV8
-n4uXY2SjZUa0srj7ax2p/RL4E5rw0bwDImfZh1Sbf7jTNviU/sKwqW6MGuCAQhHS
-j+wA3oCBda7p1v+FMQccbsM5CDTVYrPbhEouUi1Pg8SW23aBAkEA88Y/Ojj7bCf3
-RYAYgRCkhSV4eljrJDOwnzxX7WIuGf6A30UJ1epXWU2NQA3AmLq+X6gAKFqsyP2/
-/6buGgeXSQJBAOi5b5uEXFbsPXtwfmNfsRpkZqS+AAGhy8pKO4NTqR+cTEObb0nc
-xS8vdx2gUXOVzZnVpXWBi9+BGKt3oWw19S0CQQCF8roNWQA2FuPVSaStTqLIEqXX
-vIJAWzLC3JqH8rnYSLMxe7MC2whyJp3lw2i/w2UWFK85fVGSA3R7mpMctG0ZAkEA
-rAI7Oo/nDBwKCU2JLPvSU7Z3ozYHnS0wCfE58YQJUaLdP28IH2i8mXaUrOIMsci8
-MQKXC7XXYzfwuvNt7SQodQJBANQChuUPRyft5ygT0sXDCujl1YtHKWtCysUetn7J
-JPRzuTr82WyF29EKK7V0Z0X2pCCq7vXtjbj8b8WeBEBw7rw=
+MIICXAIBAAKBgQCzJg2Y4PEy7IHjJtnAUoHsJTFiwH3upubJ21J1xIwbuwCCvUrB
+pj/OzEzaPdxU6fzjPXD2wVDzE2vqLF6hvxyzUlLKXmuB10lOfly8vkMHO7T/P1pO
+4vrZIpzo3pGFgx3fw4E4ZCdlsbjV/yHjVpO6+pnWdpka+S7rOIKMJfjfMwIDAQAB
+AoGAEw7tS2JCxqQafUvYxnkAkVqzkkngG89tpfPLJfQu45RVTZNNrKQ/DYT2eBE0
+q2PpH1Od/OI79mAOju8BcjueldeO7bWM7ujW3o8zt/k/enq+Y/qcP6tWx8ulm4Ij
+ALno9t5Zcp8B1Zq2LV/mqRvC25BbFsX7K6nLKVnnUkobfiECQQDYOaR6Ml5jrnXZ
+a/EgAbx0wYnpOFO1ZU1i/wk2ffK6P8vWpuvL5Ad5QF1dBxWo/mtifTzNimuk6BYG
+rwJPsU+nAkEA1BpsX3/qGx8ze5XpQEa8hbUVidLhMldNrcskQXd9KSd8YJPDsTcC
+HG0DDu+7hhNaWEV2hLVTWeapiMAk4fbFlQJAL6ekpHnta7LLrnunzRIU4va02n3b
+lSMahzMGaMghcwMUfd6UIX/EVejlqtcg4voP2MkZWYOkbdfo4tg3fjDqCQJBAKV2
+r5CYw1LBNnJ08m/YPv231MOeJVwWS10HGpOP2a4fRaI54/H9zcHLMRWX45ymwFYY
+amsA4bNChINQEfXNgzkCQE0lhV6MD0R9geM32+pCQlImfVIhsLYQJs+D2lsjlvSW
+S4nS6t2M8CFVJlOvOpdZL3x7eHuan2dhHHP1sz3jCx4=
-----END RSA PRIVATE KEY-----
-V 370320130903Z 123456 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake client
-V 370320130903Z 12345A unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake client serial/serialNumber=12341324
-V 370320130904Z 12345E unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake client email/emailAddress=test@home.org
-V 370320130904Z 123462 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake client UID/UID=testuserid
-V 370320130904Z 123466 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake flag client
-V 370320130909Z 12346A unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake bigclient
-V 370320130910Z 12346E unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake server
-V 370320130910Z 123472 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=xxx.foo.bar
-V 370320130911Z 123473 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake clientserver
-V 370320130911Z 123477 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake none
-V 091101130911Z 12347B unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake client expired
-V 091101130912Z 12347D unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake flag client expired
-V 091101130912Z 12347F unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake flag server expired
-V 091101130912Z 123481 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake clientserver expired
-V 091101130913Z 123483 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake none expired
-R 370320130913Z 091102130913Z 123485 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake client revoked
-R 370320130913Z 091102130913Z 123487 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake flag client revoked
-R 370320130913Z 091102130914Z 123489 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake server revoked
-R 370320130914Z 091102130914Z 12348B unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake clientserver revoked
-R 370320130914Z 091102130914Z 12348D unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=fake none revoked
+### req command\r
+\r
[ req ]\r
-default_bits = $ENV::BITS\r
-default_keyfile = keyfile.pem\r
-distinguished_name = req_distinguished_name\r
-attributes = req_attributes\r
-prompt = no\r
-output_password = $ENV::PASSWORD\r
-ca_cert = CA_cert\r
+default_bits = 1024\r
+distinguished_name = req_distinguished_name\r
\r
[ req_distinguished_name ]\r
-countryName = UG\r
\r
-#stateOrProvinceName = South area\r
+[ ca_cert_req ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier = hash\r
+authorityKeyIdentifier = keyid:always,issuer:always\r
+keyUsage = cRLSign, keyCertSign\r
+\r
+#[ serial_cert_req ]\r
+#serialNumber = 12341324\r
+\r
+#[ email_cert_req ]\r
+#emailAddress = test@home.org\r
+\r
+#[ uid_cert_req ]\r
+#userId = testuserid\r
+\r
+[ proxy_cert_req ]\r
+\r
+[ proxy_proxy_cert_req ]\r
+\r
+#### ca command\r
\r
-localityName = Tropic\r
+[ca]\r
+default_ca = CA_default\r
\r
-organizationName = Utopia\r
+[CA_default]\r
+dir = $ENV::CASROOT/$ENV::CATYPE-ca\r
+database = $dir/index.txt\r
+serial = $dir/serial.txt\r
+default_md = sha1\r
\r
-organizationalUnitName = Relaxation\r
+certificate = $dir/$ENV::CATYPE.cert\r
+private_key = $dir/$ENV::CATYPE.priv\r
\r
-commonName = $ENV::CN\r
+policy = policy_any\r
\r
-#emailAddress = Email Address\r
+[policy_any]\r
+countryName = supplied\r
+stateOrProvinceName = optional\r
+localityName = optional\r
+organizationName = optional\r
+organizationalUnitName = optional\r
+commonName = supplied\r
+emailAddress = optional\r
+userId = optional\r
+serialNumber = optional\r
\r
-[ req_attributes ]\r
-#challengePassword = $ENV::PASSWORD\r
+[ ca_cert ]\r
+basicConstraints = CA:TRUE\r
\r
-[ CA_cert ]\r
-basicConstraints = CA:true\r
-subjectKeyIdentifier=hash\r
-authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ ca_server ]\r
+# This is OK for an SSL server.\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+# For an object signing certificate this would be used.\r
+# nsCertType = objsign\r
+\r
+[ ca_altname ]\r
+# This is OK for an SSL server.\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+\r
+[ ca_client ]\r
+# For normal client use this is typical\r
+nsCertType = client, email\r
+nsComment = "OpenSSL Generated Client Certificate"\r
+\r
+[ ca_clientserver ]\r
+# For normal client use this is typical\r
+nsCertType = server, client, email\r
+nsComment = "OpenSSL Generated Client Server Certificate"\r
+\r
+[ ca_fclient ]\r
+# This is typical in keyUsage for a client certificate.\r
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+nsComment = "OpenSSL Generated Client Certificate with key usage"\r
+\r
+[ ca_none ]\r
+nsComment = "OpenSSL Generated Client Certificate without Flags"\r
\r
[ proxy_none ]\r
+keyUsage = critical,digitalSignature,keyEncipherment\r
+\r
-V 370320130851Z 123456 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=hahkala
-V 370320130851Z 123457 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=pchip10
-V 370320130851Z 123458 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted client
-V 370320130852Z 12345C unknown /C=UK/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted client serial/serialNumber=12341324
-V 370320130852Z 123460 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted client email/emailAddress=test@home.org
-V 370320130853Z 123464 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted client UID/UID=testuserid
-V 370320130853Z 123468 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted flag client
-V 370320130858Z 12346C unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted bigclient
-V 370320130858Z 123470 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted server
-V 370320130859Z 123474 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted/xxx.foo.bar
-V 370320130859Z 123475 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=xxx.foo.bar
-V 370320130859Z 123476 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=xxx.foo.bar
-V 370320130859Z 123477 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted clientserver
-V 370320130859Z 12347B unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted none
-V 091101130900Z 12347F unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted client expired
-V 091101130900Z 123481 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted flag client expired
-V 091101130900Z 123483 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted flag server expired
-V 091101130901Z 123485 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted clientserver expired
-V 091101130901Z 123487 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted none expired
-R 370320130901Z 091102130901Z 123489 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted client revoked
-R 370320130901Z 091102130902Z 12348B unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted flag client revoked
-R 370320130902Z 091102130902Z 12348D unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted server revoked
-R 370320130902Z 091102130902Z 12348F unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted clientserver revoked
-R 370320130902Z 091102130903Z 123491 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=trusted none revoked
+### req command\r
+\r
[ req ]\r
-default_bits = $ENV::BITS\r
-default_keyfile = keyfile.pem\r
-distinguished_name = req_distinguished_name\r
-attributes = req_attributes\r
-prompt = no\r
-output_password = $ENV::PASSWORD\r
-ca_cert = CA_cert\r
+default_bits = 1024\r
+distinguished_name = req_distinguished_name\r
\r
[ req_distinguished_name ]\r
-countryName = UG\r
\r
-#stateOrProvinceName = South area\r
+[ ca_cert_req ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier = hash\r
+authorityKeyIdentifier = keyid:always,issuer:always\r
+keyUsage = cRLSign, keyCertSign\r
+\r
+#[ serial_cert_req ]\r
+#serialNumber = 12341324\r
+\r
+#[ email_cert_req ]\r
+#emailAddress = test@home.org\r
+\r
+#[ uid_cert_req ]\r
+#userId = testuserid\r
+\r
+[ proxy_cert_req ]\r
+\r
+[ proxy_proxy_cert_req ]\r
+\r
+#### ca command\r
\r
-localityName = Tropic\r
+[ca]\r
+default_ca = CA_default\r
\r
-organizationName = Utopia\r
+[CA_default]\r
+dir = $ENV::CASROOT/$ENV::CATYPE-ca\r
+database = $dir/index.txt\r
+serial = $dir/serial.txt\r
+default_md = sha1\r
\r
-organizationalUnitName = Relaxation\r
+certificate = $dir/$ENV::CATYPE.cert\r
+private_key = $dir/$ENV::CATYPE.priv\r
\r
-commonName = $ENV::CN\r
+policy = policy_any\r
\r
-#emailAddress = Email Address\r
+[policy_any]\r
+countryName = supplied\r
+stateOrProvinceName = optional\r
+localityName = optional\r
+organizationName = optional\r
+organizationalUnitName = optional\r
+commonName = supplied\r
+emailAddress = optional\r
+userId = optional\r
+serialNumber = optional\r
\r
-[ req_attributes ]\r
-#challengePassword = $ENV::PASSWORD\r
+[ ca_cert ]\r
+basicConstraints = CA:TRUE\r
\r
-[ CA_cert ]\r
-basicConstraints = CA:true\r
-subjectKeyIdentifier=hash\r
-authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ ca_server ]\r
+# This is OK for an SSL server.\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+# For an object signing certificate this would be used.\r
+# nsCertType = objsign\r
+\r
+[ ca_altname ]\r
+# This is OK for an SSL server.\r
+nsCertType = server\r
+nsComment = "OpenSSL Generated Server Certificate"\r
+subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com\r
+\r
+[ ca_client ]\r
+# For normal client use this is typical\r
+nsCertType = client, email\r
+nsComment = "OpenSSL Generated Client Certificate"\r
+\r
+[ ca_clientserver ]\r
+# For normal client use this is typical\r
+nsCertType = server, client, email\r
+nsComment = "OpenSSL Generated Client Server Certificate"\r
+\r
+[ ca_fclient ]\r
+# This is typical in keyUsage for a client certificate.\r
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
+nsComment = "OpenSSL Generated Client Certificate with key usage"\r
+\r
+[ ca_none ]\r
+nsComment = "OpenSSL Generated Client Certificate without Flags"\r
\r
[ proxy_none ]\r
+keyUsage = critical,digitalSignature,keyEncipherment\r
+\r
-----BEGIN CERTIFICATE-----
-MIICKTCCAZICAQAwDQYJKoZIhvcNAQEEBQAwXTELMAkGA1UEBhMCVUcxDzANBgNV
-BAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9u
-MRcwFQYDVQQDEw50aGUgdHJ1c3RlZCBDQTAeFw0wNDEwMjgwMjQ5MjJaFw0zMjAz
-MTUwMjQ5MjJaMF0xCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNV
-BAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIHRy
-dXN0ZWQgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALgEMG9x0czvTKUS
-28+4YZhuSnVTCf8+OyfoD+7rLOdK1YzXlbtt2A8wSwbGsRlYv7J/NvogSTIU9tj3
-EL9pVfcIaiYWL12VgJpeAkQ4gqA7WikXLlnD1tShtR1tGGANpr3ZvpKaq/ge/k9E
-dhbdyQqikif36o7+c+Msqz0XfmfNAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAWkKu
-hUC4D3SWfg3JBZceMU4TNE7K0Nt6gdFypJA2ikR0lMLy+ai9vtwU+QF1Ch4zDM9a
-lWXHw8RmFgUDdvndWQV8JcwhaUSqxrKvNvfzoZAxGZxUOuwETy8MhpNiwD+gBeae
-aL4peenUEfIa6mPRbGOoD8kOxjyACwr0r0+DUAY=
+MIIDCDCCAnGgAwIBAgIJANziUWMgmUwRMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV
+BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE
+CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIHRydXN0ZWQgQ0EwHhcNMDkxMTE4
+MjAwOTMwWhcNMzcwNDA1MjAwOTMwWjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG
+VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFzAV
+BgNVBAMTDnRoZSB0cnVzdGVkIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDTgxhpXPFdUAZ6vdOUeDhNNq7O+CCeYnOv/sMIoauTNxRSlMOIGwIB8d4VlgsK
+U/JKNhmV2Bx1jCAB4nBsoY3mIryPWvt86emR+5lWcfJfG9Q2HHMed0oNwUf7i3g9
+DX22x/B69Kq4KR5C24QlZEwloPi97ltg+ILWp5WULD2v+wIDAQABo4HPMIHMMAwG
+A1UdEwQFMAMBAf8wHQYDVR0OBBYEFFLVqrGqen8FRIdghQ2W5M5+VLFfMIGPBgNV
+HSMEgYcwgYSAFFLVqrGqen8FRIdghQ2W5M5+VLFfoWGkXzBdMQswCQYDVQQGEwJV
+RzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJl
+bGF4YXRpb24xFzAVBgNVBAMTDnRoZSB0cnVzdGVkIENBggkA3OJRYyCZTBEwCwYD
+VR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAJz6xkG3SctVcVOlRrgdGSpqlE2v
+Fw1j8tasKRYrhHWZYQT32oiP34ov6ZFTxZ0lBtgjNfRhI0VxXDvr5tamt819hTUL
+F5F8yPoabSvBbpWjeDJa4ma74N4jn3Rmdp8K7i1Xno+Eslbx60QYy+Zk8GlFtEsX
+CR53OZzZdYBWFa5W
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQC4BDBvcdHM70ylEtvPuGGYbkp1Uwn/Pjsn6A/u6yznStWM15W7
-bdgPMEsGxrEZWL+yfzb6IEkyFPbY9xC/aVX3CGomFi9dlYCaXgJEOIKgO1opFy5Z
-w9bUobUdbRhgDaa92b6Smqv4Hv5PRHYW3ckKopIn9+qO/nPjLKs9F35nzQIDAQAB
-AoGAPRb+8XCK4wsqmb66BKrEk7NButN3hSomv2fWKk4e2SZJ4PkNN20PBnPU5In/
-71c8RMjg+obPZfX5wSu8fp88rzZ7u4kPZp5r2c4nlhV7GqmdlJNj7GUFgGtxVLBC
-+qBh9H1v5MwEhEj1ae+uQEwJYrA+JAA+AJTRQymFDx0l4u0CQQDuIuZmoOcxK+Nd
-QJvOnrJbUwq+/kgRJXObGERUFF9ZsOI9/smZxoykmUkcciWo8noTo3a3kNbUg3PO
-gDQp//tPAkEAxdH8Pl17p0+kEiR6/qxg8PrwKXg2BXVdlDYsa31frTAaSHNoPP6w
-uqdyOpqfQCM2ug7YziV9oOMIjmVLVZ00IwJBAMy3zAJmSNoItMkyBb+2xfWkihRv
-XV0AKUYnsnXlnaLpYVWSd5VvDvFhpWyC5MU8zp2bZS+hoE3JRAE+TZndqhkCQHZU
-T1B21tqT9w6rJ69jKXG8iSAlOhs1w04+wX9itXKBTZd9ASNLLifYtal8iDnzVm8h
-JmrZXjZ418tlqBSEPoUCQBW/tY26rUVhjbyUk+hhayuOS3PcEU5TrZogAtD1OWbz
-7pDJo48aupE/Svc59smwXQjaZjwlNA76X75ioaSSaSI=
+MIICXQIBAAKBgQDTgxhpXPFdUAZ6vdOUeDhNNq7O+CCeYnOv/sMIoauTNxRSlMOI
+GwIB8d4VlgsKU/JKNhmV2Bx1jCAB4nBsoY3mIryPWvt86emR+5lWcfJfG9Q2HHMe
+d0oNwUf7i3g9DX22x/B69Kq4KR5C24QlZEwloPi97ltg+ILWp5WULD2v+wIDAQAB
+AoGAI0CnUfBOvjm3Sr/WwtkisSPbEN3kOeG43G1+vjKL8TZt6bGnwUiXFhHk7P4c
+CvWg3WOU8heZ7rGTKB1Alap7hsEeVC6kVZHz4PmvjkJbIyBKlFfeUm3UY7kq+eyD
+148CGk9gSCtRs/vOHygpJwEvIac6toKE64gCh3xn9NZo/UkCQQD6dr93AX3hh7qb
+Ht3ep2TD5nKdiRfNtW5uieXGm2wG4jinKziQHOeURJ8kFjzbmIo58zGLjbeUD42C
+eAjkr3D1AkEA2C/wQeYp6lNh7AIx2GAPSTGlKHa1x016j69pVUMXyPQBht7o66WG
+lGEC4v22axMFogbj8Ln5Pj84k6IGyGRHLwJAeR4rgJUMFp/YMWM/z4gLRmCOVHgT
+Nrrh6DpvDxfhqYKD+vL/q1EO+7gjbQQD8f1V+qgL8XxaphLPT6RUSKI+cQJBAM9I
+t78X5xyssnlOaWikQkPV/BveJtFgMqHOeNqtqAKgI06kMQSxA2cF1XS7+8qSxJXk
+sW3Bg3/xslerxYEi1TUCQQDYo/EVIhFigU3ONRguQxZ4rHCF5zwl3rdw2wXcIdS0
+4nREE6He1zwNrTlS3bRU+asmD4dtYxuUgSTqvvyArsCe
-----END RSA PRIVATE KEY-----
git://scientific.zcu.cz / glite-security-test-utils.git / commitdiff