From: Joni Hahkala Date: Thu, 16 Dec 2010 17:28:44 +0000 (+0000) Subject: Add test certs with hostname of the host generating the certs in altname and altname... X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=146e87ece9ab49abe63a74e6e0f20f2ac0d6d27e;p=glite-security-test-utils.git Add test certs with hostname of the host generating the certs in altname and altname with just emailaddress. --- diff --git a/bin/generate-ca-certificates-for-cvs.sh b/bin/generate-ca-certificates-for-cvs.sh index 0817536..751f8b0 100755 --- a/bin/generate-ca-certificates-for-cvs.sh +++ b/bin/generate-ca-certificates-for-cvs.sh @@ -21,6 +21,7 @@ CATYPES='trusted bad fake big expired nokeyusage root subca subsubca slash' #CATYPES='slash' BIG_BITS=8192 SMALL_BITS=1024 +export DNS_HOSTNAME=DNS:$HOSTNAME function create_ca { catype=$1 @@ -112,7 +113,6 @@ function generate_ca_cert { bits=$5 # number of bits for the CA cert export CASROOT=../ - echo `pwd` if [ "$catype" = "slash" ]; then diff --git a/bin/generate-test-certificates.sh b/bin/generate-test-certificates.sh index cfee168..0fb17e2 100755 --- a/bin/generate-test-certificates.sh +++ b/bin/generate-test-certificates.sh @@ -100,7 +100,7 @@ function create_cert { fi case $flags in - client|server|clientserver|fclient|none|altname) + client|server|clientserver|fclient|none|altname|altname2|altname3) echo "Generating a $flags certificate" echo $CA_DIR echo PDW=`pwd` @@ -700,6 +700,13 @@ function create_all { PROXY_VALIDITY=10000 + echo $DNS_HOSTNAME + + TYPE="altname2" + CTYPE="altname" + + create_cert $CERT_DIR/${catype}_${TYPE} "$catype hostname only in altname" ${TYPE} $DAYS + TYPE="client" CTYPE="client" @@ -894,9 +901,31 @@ function create_all { create_cert $CERT_DIR/${catype}_${TYPE} "$catype\/xxx.foo.bar" ${TYPE} $DAYS TYPE="altname" - CTYPE="altname2" + CTYPE="altname" - create_cert $CERT_DIR/${catype}_${TYPE}2 "xxx.foo.bar" ${TYPE} $DAYS + create_cert $CERT_DIR/${catype}_${TYPE}_2 "$catype altname/CN=xxx.foo.bar" ${TYPE} $DAYS + + echo $DNS_HOSTNAME + + TYPE="altname2" + CTYPE="altname" + + create_cert $CERT_DIR/${catype}_${TYPE} "$catype hostname only in altname" ${TYPE} $DAYS + + TYPE="altname2" + CTYPE="altname" + + create_cert $CERT_DIR/${catype}_${TYPE}_2 "$catype altname cont hostname/CN=$HOSTNAME" ${TYPE} $DAYS + + TYPE="altname3" + CTYPE="altname" + + create_cert $CERT_DIR/${catype}_${TYPE} "$catype altname but no hostname anywhere" ${TYPE} $DAYS + + TYPE="altname3" + CTYPE="altname" + + create_cert $CERT_DIR/${catype}_${TYPE}_2 "$catype altname without hosname/CN=$HOSTNAME" ${TYPE} $DAYS TYPE="server" CTYPE="server2" @@ -1071,6 +1100,8 @@ VOMS='no' # if we only show environmental settings ONLYENV='no' +export DNS_HOSTNAME=DNS:$HOSTNAME + while true; do case "$1" in -a|--all) diff --git a/config/req_conf.cnf b/config/req_conf.cnf index 68b12c6..21270d8 100644 --- a/config/req_conf.cnf +++ b/config/req_conf.cnf @@ -71,6 +71,18 @@ nsCertType = server nsComment = "OpenSSL Generated Server Certificate" subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +[ ca_altname2 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = $ENV::DNS_HOSTNAME + +[ ca_altname3 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = email:john.doe@foo.bar + [ ca_client ] # For normal client use this is typical nsCertType = client, email diff --git a/doc/README b/doc/README index 42e6d21..3b34532 100644 --- a/doc/README +++ b/doc/README @@ -66,3 +66,10 @@ This command will also put the CA cert and signing policy for EACH CA except for certificates/ .0 .signing_policy + +trusted_altname.cert - hostname xxx.foo.bar in CN with trusted/ prefix emulating service prefix. altname has DNS:*.hoo.org, DNS:joo.haa.org, IP Address:123.124.220.1, DNS:g*a.e*.com. Should work for corresponding hosts. +trusted_altname.cert - hostname xxx.foo.bar in CN. altname has DNS:*.hoo.org, DNS:joo.haa.org, IP Address:123.124.220.1, DNS:g*a.e*.com. Should work for corresponding hosts. +trusted_altname2.cert - hostname of machine where generated only in the altname. Should work. +trusted_altname2_2.cert - hostname of machine where generated both in CN and altname. Should work. +trusted_altname3.cert - altname with email address and no hostname anywhere. should fail as a host certificate. +trusted_altname3_2.cert - altname with email address, but hostname in CN. Should work. \ No newline at end of file diff --git a/test/bad-ca/bad.cert b/test/bad-ca/bad.cert index cd9f2c1..51504c4 100644 --- a/test/bad-ca/bad.cert +++ b/test/bad-ca/bad.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIC/zCCAmigAwIBAgIJAPe3/MmuJUjsMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV +MIIC/zCCAmigAwIBAgIJAPyX1GUEW7U4MA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjETMBEGA1UEAxMKdGhlIGJhZCBDQTAeFw0xMDEwMjAxNjUy -MTZaFw0zODAzMDcxNjUyMTZaMFkxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9w +CxMKUmVsYXhhdGlvbjETMBEGA1UEAxMKdGhlIGJhZCBDQTAeFw0xMDEyMTYxNzIz +MDlaFw0zODA1MDMxNzIzMDlaMFkxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9w aWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjETMBEGA1UE -AxMKdGhlIGJhZCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApkPGi7SK -Yqfmuu+uGMgL6nvBmaYGa3nzrnhBjSn8U9BoUbZE8xPEDUOSR7hmaSB/H4I2vdie -0axwzrbqi7CQfnW9lqq7Wbb582pZLWMsX8z9rjL0eNVso+6QonddPGdis7OVeaxk -OpxqIwXv9nyF60wwKvSre3pLQ4+n4q5XFTMCAwEAAaOBzjCByzAMBgNVHRMEBTAD -AQH/MB0GA1UdDgQWBBRfaPHxjoe71DDa0e3Bua0GUCcUSDCBiwYDVR0jBIGDMIGA -gBRfaPHxjoe71DDa0e3Bua0GUCcUSKFdpFswWTELMAkGA1UEBhMCVUcxDzANBgNV +AxMKdGhlIGJhZCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyFjAIRIE +hy7WExZv2wzxQhCjS83hm7MFHhTsL5n+mkWWkpVQaLmGWXrnyn3IUbD2lu5KysL6 +Y3lYqlYBy+z47C0cGLfhLN3K5b5FLSgG+lGGwVdjWIlh3OrLIF/JPvkiqvUyj4vM +cnHKFLrhCJwH9QfkJaoQPTu2MxWQFt8XEnMCAwEAAaOBzjCByzAMBgNVHRMEBTAD +AQH/MB0GA1UdDgQWBBQuDrF3Ok8SCnxrWpbzpcVrOGfXdjCBiwYDVR0jBIGDMIGA +gBQuDrF3Ok8SCnxrWpbzpcVrOGfXdqFdpFswWTELMAkGA1UEBhMCVUcxDzANBgNV BAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9u -MRMwEQYDVQQDEwp0aGUgYmFkIENBggkA97f8ya4lSOwwDgYDVR0PAQH/BAQDAgEG -MA0GCSqGSIb3DQEBBQUAA4GBABFHTqKL33d9OCX3hEyxZx696elbJuqfiXzLzWOB -y7AQXkHnOI7xv3ooxbzMJnrAG67f+JnyneGoLB4FnFeMoOWIt2B05ebmlvaJzAHX -+Fdqp2ZE2nADgMJ1+YREPOIlmpOttOAKjYMU9Og4rExdlM2Vp9+zCPhBBfiHGkY1 -wTZ2 +MRMwEQYDVQQDEwp0aGUgYmFkIENBggkA/JfUZQRbtTgwDgYDVR0PAQH/BAQDAgEG +MA0GCSqGSIb3DQEBBQUAA4GBAMT1HF5n25PgC9dybe2AQzGV9iFIU7KDITtNmGwJ +iOQ6eg+p5d037jxHNSF0EJjAAfCJDGUOn4bZhEDv8zDzVUuuY63yngZ5arVDZaZT +EUF00J6JI389GNqg1ZxpYgSu5gkiSEydr0g5NL6Gu0JsCp5ZVNP1k/thUGqavxMw +feKY -----END CERTIFICATE----- diff --git a/test/bad-ca/bad.p12 b/test/bad-ca/bad.p12 index c020d92..9673666 100644 Binary files a/test/bad-ca/bad.p12 and b/test/bad-ca/bad.p12 differ diff --git a/test/bad-ca/bad.priv b/test/bad-ca/bad.priv index 5a56659..0faee27 100644 --- a/test/bad-ca/bad.priv +++ b/test/bad-ca/bad.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCmQ8aLtIpip+a6764YyAvqe8GZpgZrefOueEGNKfxT0GhRtkTz -E8QNQ5JHuGZpIH8fgja92J7RrHDOtuqLsJB+db2WqrtZtvnzalktYyxfzP2uMvR4 -1Wyj7pCid108Z2Kzs5V5rGQ6nGojBe/2fIXrTDAq9Kt7ektDj6firlcVMwIDAQAB -AoGAbd49llYQWE8RNhhqGDAhR6rN7SV7+ouUzobi8lB7UDtYpB5pA6PdGtK7GC+v -ZOq3dm/KkrtRf8aOqNrQtMxRPl6oeszQ2BH9tuUzXyx2UnoXwHodGRPO6kJB2iTH -JklwCjerjZCjJzTQiO+ZS1lWBICmmVnE+RQov17yjcxk1pkCQQDZ0/q9iK4XZRtw -VX1XcDeW8kIhhBC3p3TTUSfIRdL97d+XM7qRL2G5sBxBg3z+hpgerC7n/cbqfjOQ -rMRZ+ny9AkEAw2abPTWS0hIrYqYCZBmPx8Ah9YpTmUldqCMJpQdZtUXG2oOEK229 -A55bcJIftTZmu/oXjvedcSDemmafYpAQrwJBAJUOd3AnDWo457PQ7DpfMcr678Hb -i00BK/JGgICNNzpIAk6HOU2MLMVR+6PhBDFvjLzAekCJ6gogXczMTHh97ckCQCbB -BO0A4Ru06tHn5vV/dFrDqniOdMIkIOUl/dWzPYGMU0Inb2FFpIVBNRWAhbVlEr8Z -fO6oAZvcTwoEbHwZ4pUCQGzf1po97EbwqQhSEcLC4KQa7J2ZH3WTueOm6V/fkWqe -sR4ezWgPMbMmZ4N2mnRrHEIJGsclVeL3x0vrfzLNn6E= +MIICXAIBAAKBgQDIWMAhEgSHLtYTFm/bDPFCEKNLzeGbswUeFOwvmf6aRZaSlVBo +uYZZeufKfchRsPaW7krKwvpjeViqVgHL7PjsLRwYt+Es3crlvkUtKAb6UYbBV2NY +iWHc6ssgX8k++SKq9TKPi8xyccoUuuEInAf1B+QlqhA9O7YzFZAW3xcScwIDAQAB +AoGAKoBhaeKXoVH3Sh9VZWPufnRnH/qyJMSqjkIkBMkncPTYR4pzf3P0I2FmcNeU +OnhPJ5+vsCoC0j146NHMGcXQ3HFyOJkH0JdQVw4+DtV361mmQ82rLI8wPnACw4oN +CLG2NyZFBhisxsk8n2H7MdblAFcEwNUDkePF2L9pdbspXWkCQQDkF87ohjcbf35r +yI3oJqcu10GkD6HGblnGOMakrloBDbXDg8CqcNHOYhCDWxZnvwZdVTvnIUM8Ky6R +2vIpu7D3AkEA4NvjhP6t9pI23bnc/31R33c4Lzr/w3htImB1ckBjeRr/+a9RJDgL +ZfjYEbESxpTYkeaxKc0ZDhzgzmzGygiHZQJBAJkvXChRq0TudQsSICvfebw9mLoE +PZO0nNpBWzdSWOQIPyBVpdlR97XxqkFttThr1GxuR9LMRglsvtP6BVT91rUCQHYW +xOwpnE7sBuh3HfsHY6IKSHV1dLDBY/8zzTpNWnBVn60PR3vP+xx4jXDtH8EulnY5 +Qz2Cuu/QdreyJMwhookCQGnQXNNfYJdaJ7poQVgw/6h4LEazL/GUgrBPSKefxJe/ +ns+w5YzdpYOWdydBhB/9J+haE3e/Z8qK0E/z+GSrSNE= -----END RSA PRIVATE KEY----- diff --git a/test/bad-ca/req_conf.cnf b/test/bad-ca/req_conf.cnf index f83fdc4..772b36e 100644 --- a/test/bad-ca/req_conf.cnf +++ b/test/bad-ca/req_conf.cnf @@ -71,6 +71,18 @@ nsCertType = server nsComment = "OpenSSL Generated Server Certificate" subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +[ ca_altname2 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = $ENV::DNS_HOSTNAME + +[ ca_altname3 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = email:john.doe@foo.bar + [ ca_client ] # For normal client use this is typical nsCertType = client, email diff --git a/test/big-ca/big.cert b/test/big-ca/big.cert index f04ad8a..f57f5a9 100644 --- a/test/big-ca/big.cert +++ b/test/big-ca/big.cert @@ -1,56 +1,56 @@ -----BEGIN CERTIFICATE----- -MIIKBDCCBeygAwIBAgIJAKVV51wHtbBLMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV +MIIKBDCCBeygAwIBAgIJAO61iS86gZAOMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjETMBEGA1UEAxMKdGhlIGJpZyBDQTAeFw0xMDEwMjAxNjUy -NDRaFw0zODAzMDcxNjUyNDRaMFkxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9w +CxMKUmVsYXhhdGlvbjETMBEGA1UEAxMKdGhlIGJpZyBDQTAeFw0xMDEyMTYxNzIz +MTNaFw0zODA1MDMxNzIzMTNaMFkxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9w aWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjETMBEGA1UE -AxMKdGhlIGJpZyBDQTCCBCIwDQYJKoZIhvcNAQEBBQADggQPADCCBAoCggQBAMMG -ecG2/hBOsk7TgOZBSS6DENtu10pQ+PjREjCdzuGM4X5SDbJQwUb6AScGwy54FKgo -mk0vgCUA8HLV7OeDXnePWH6ZuNzOukseejOQV7ykUToR05AuDJRzLeSbaOvYDI0N -dGdswdnlU6MwXA3KkGx6pw1k0/MO8p1Jf+hewSHQazUNl8QfJohhBDjFaIpX44LN -/sRyzGYb4uQ49VYyrZ/SW6EgdSxneW8ScFYHDCCEmL/A3vugx6q/Dm3ZvgAT9qhb -aKwwnbJbid4uq/NTpLh0xz3H3wPIMY47AsNe01oDzBYb7gEg0jwen1ztDnpSe7pI -WU8OARqVL0zJLyPHw+cDnBmJyIOoK4xZhkJ5a0WReF1V6ShQRuHGzf8hYN3kHIH1 -J9lHy4ET7AbKvQX+xTvdXdtqMluMhN1jkDwqv8Jr3zgYgxpAIttlsMTAFQMzctEC -sMol5BP6w2pJB7SFKgfE1sGoyX8I9UnftDnG22sfRfOB0NBajn1bfO3gzpgEm4gq -uzMfhIkPgiiuP+wBRI4homnlYjn06QoUn7yXKL4FFio4OlXVyvY1b6Ntb+cyb4Y/ -lgA4wp12OMIBB71NTuIgz3erDdTw9IWToIUPXH7ldyMWvFrj6oVHv6i0Jx9moYZ3 -1/Faz0prq3Hk3qN5p+rp+wsF2Xbq8I6T7Jpk+EvmerXrRxd8tY1Y4L24W1qE0IJk -OPPwfhPx3WXRUXr4lty0KGcdnbXJWQyhvl5T2Ta0+GPJIlgQoM6DFG2T8fYHn3aC -ItIgLBNj6JnSRC6Q9LW/i9WKtw8sDIoOpz7D2tzLb4iB6tcrFF2AVba/RvezY/Y7 -leTzZKPiNy9ojPPVxH+sMzBF453RRceYbkcuPIMyYQFwxhK402XUCboN7MCKh9C0 -aZ8tckCavbw27slr69kwB+YrTBe7zj3B13dJ14Y7j2NY7pnUPYMKRlISbkFcAUwL -/HDpNxqcSehNK95N3JsmXFcL03Fxx2CSCv4321q9xpxL9uaFs5X7P+2RwNHPgXrC -SSKF34Z29izgjYKKKjbs2wyBqS7yN90R3J4fKxqfZlZTpnicaIvzHEQqENirvSdx -anYCN5TYoo2b0/NNYqOeHfjSwhsgVO0PGLDWsLVmnXA4kUInHGkBwzJKuRuGyLnT -oPFG0alOTb8+AzCbcR11FC77MIR5XFOYhmNC3yeV29kQAbe4pfAb7Ba2oOhJjH+3 -6qiYMXHkvTz1lTVq/ccSQ0I7inKUKKYl2Dq97GC64brbqQRtiaQwWjlf/4sFa1fe -xpV3KhjG8oswj8y8OH+OeMzXwMk2diqFwhZFlOsqeNj9spX2o5IkYE7jiYpzbGDr -AFttYu6AFyv5J85ByXkCAwEAAaOBzjCByzAMBgNVHRMEBTADAQH/MB0GA1UdDgQW -BBQMcEL2C349KJCO5EIYkZNzfsfImjCBiwYDVR0jBIGDMIGAgBQMcEL2C349KJCO -5EIYkZNzfsfImqFdpFswWTELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEP +AxMKdGhlIGJpZyBDQTCCBCIwDQYJKoZIhvcNAQEBBQADggQPADCCBAoCggQBANL4 +TJ9SW2xUysd24EPw09DwTieiFxpUmEJBZy2K651XmuqZRFnIkGw7PsYyHaWbYOvT +E4eyJE0EHZRq76DEudwmeln9q63SVvYak2XYmnlLs6unxf/F580uyLoS8PX0Krey +Jex1RDEipVCM4/eUDn/rfDXE92rQ5lS3RTr/qqc2KvXMZowe8UB231ZNxSvuzx3+ +UcMjxFBeEIC6bh+32uY6RSDKO/pKqO0dSVwKU4UwNplzYLPM1gMaKXhxf1qcdKQa +8Th0eXpXqK0JBNR0OqoAeBWxLSlhZpXvKMiUXvgg2TLiKVozmFGT15eC2QsSq7ij +WD9kbc0d364lGs57upw1aVubzFeaCqDMd5sPyW0MAw93+uZXuRmAwevngVGZzGbI +ArpZhj7+KT8VzATNRkQiZ+/f0koFhY3eAPh1DxExJy0adFSQ7Sf5XBDZNeLVVVjT +WEu3mEZrr7Jo+AvTY9IGA2ETs+JL9QVbmOjyyhVeb6CF+g4VA1gDycH6/yDGENdj +iBvr10Af57Mzxl1wtaE6NM20nvrMPALcBw3Y3EIK9LFDq+EkN63CkczSjKQDsdjf +uGDLELk1l7P6dpqAUbHJaD2JYAARX2IjfLtV/wNZJRWwnLJ9iSb6smaz98vuw5OM +DK2/iUNJxPCe56YYQUqwKSnaUVG3bLRP0+idGb2sUyiytNC95gL76VGnlWeUt4Xo +gj6DPJ/QABcdZ7AhJ/hW8s8yXmjkJyP6pNBr25BY0+LGjP5kuE6YrRQFYcFMrnRS +3FAhd4SkoK3qM0xuTwbzvCbzmcFZDLexG/u6hjm76l0vw4+K0F3bk/ttKZFxvSKm +SDZzQyPrD0a69hKuVD7jt/fD2vU5SkItGpmnnVbuZYssEfE6o450QSbMU4Rcbvw3 +okw5fQYBI7oLdpdLQgMZEtPKGz/76Wqw8eaeAT3rhHZF+wS6/w8NUZtUmem/ESLf +aKDqAmZ4/i8OeCTfn5fbtqyfrni3qR29qlCDlNNcrmM89Vz+p1mSg8hdeAS115Sf +bsbGYtpygeSG0WEAQvG095Gpq4xFmQrbdZ62wTihbQh2rOl8hd2pAO622P8GVj1T +OcK1i4ZtA+TwP789dhr6MgBPn87MlwxDsgNNpcqJyo+CNPJwJ1HgppxJORz/snVC +4dpDcYqsxyOAiKcR2b9jsld9GjxM02cYioxk8L263zbGZ/js7JZvx9Ovu96szdtt +40+bbfQmzbja/fP+rPol/DxQnOhT1/+ub75L4VUx01AWwyFhsK0ozknZ5QgtZxsk +fCuuONW93WQK3uJZdh1MH4q2JOCdl4bvNjJyYFKyma4ZRPCPoI+3VOFqhXV1z7Re +zjsvIuU23dHcepMsinkCAwEAAaOBzjCByzAMBgNVHRMEBTADAQH/MB0GA1UdDgQW +BBSxUNHUrHgUBI5ufRE3C4Uzx2611jCBiwYDVR0jBIGDMIGAgBSxUNHUrHgUBI5u +fRE3C4Uzx2611qFdpFswWTELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEP MA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRMwEQYDVQQDEwp0 -aGUgYmlnIENBggkApVXnXAe1sEswDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB -BQUAA4IEAQB+cFTCquPGQwN+CGEfH2S4ILi7x9q+AqDBPXaqhvP8VQ05ZKm/7YpE -hjHmJBjUETZNYq88duXrehf/6msrrwwFMFzJ9b1tY8iAL+xVQjAPpjJNneY5tlBY -trzoh8yxYuhFYtDm2UqwyVX3UK2FlnZRjT2CCNvwIfAwgHMwtTnpbs2h61ciEvKC -t+GFiIloIX9YaSi2Hma1ouKJqaRsIW2AeXj80Vk5x/xNVBS1CiN5hsJ2EKAp20hX -TiUytCU+rMN9ZI5+0Q2czshWqnMDiywx3zDtKyr50KKO7CU0gGKTGTizYlhZhytz -dl2UWGvkftvyvAUHSu0GQl9/L9lGgYjaPX7aNoxTX/NUMh/Ds/NSgqOFyAZYXh2N -Gm3HMkd53xYhslfF7/1Kj8Yi3voICsB72FpV3i14N2ascUbIMBEoAcIk/MtAAXJH -N2FtyAYZ8FVquMD0WphNT8Ursb72Ih8DumnFN4ax70Jy4juOHmg94qZ3aBH7rAV8 -RqnK9hhdaPtHQpcXrftcKoz6MsOBRR7QW3YjhZhvmvkk3x9XtbeUjsF6IVsnXxqI -4OnXsvcSnmh9j4hTt0ZA1QEs4iFKRk7kMXXcxiK+6TVWSWKj4Z+fLBsIm9DkRQoD -LTHWB2pTNRnDA1LTNy6XTx+9iiUkS9Yhz7tqgBLfxZw1QcQ22Rpj6pUuuZn/ryBs -+R83ZMY+zK33tEZezHmoGhiFYvg0+655z+qd6lizgk7pZ815brqFDJgzH+mQJLoW -had8MeOH65mHHD7XtiaOhiz68N2j2l3Bi7MnKJuSwvyxPXh69/1mfAjjy5n1ZbKB -QtP8+vDaCjxqOpI42nQvzddj42AQZpYIAoxKVjsdOlN6QzO+hT3dqw79TGpG8s1A -p2EYIzw58qTVi/QM/ZxQDvtDTamJUgI3kzNy7dkupZVI9w9A3r0FTCLQmsR2Pa5H -L++rQls8Frioi+sDdkFoqHEQxw3VJx6aISZro0S56zMaiSFaDU61tsWuZNNhqMKZ -Ja80C7q3yW+yQBAw6BGg+vUqlxxg5qaXH8SNXO3nxnj+9rOU5a2e9fhOzwIz52db -JISqEF8c0xDNyxtz8Obdqn7/uGMAvx129GYmzuY6rG9iUFzPxGE+DIm91Fj8WRNH -beDF4RPLXMdXT4jzHgJe/BLq3X7nEbdpFsjkomMX5dSR7JQZ6p+jG1HbTSohk70k -hM2Ue80jLE4F3g9O2Eres95Hv9nxeckGGa9RBlC9LgVxhe+NcIEhEU+wzGnC9hQ+ -ywtcudcuM7RXXRjCQNmR1LeUCuQpzRPOvL7t2kFAkF6jxfr4DT7gAX4WfuMq0XLw -wqIVPAoga2hF4W5At6miafcSGudGnVzC +aGUgYmlnIENBggkA7rWJLzqBkA4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB +BQUAA4IEAQBSE5/nS0jdN4v0rc9V0msXE5rBI3D9zg6ZKvUQW8nYky4pQkY2Mm/v +h60Mu3BpeCUEPTsreJZqiYGJpAeblsjlHzIZXeGpD+VW1/nok3qwrLz/CPYMNzy7 +Qn60Mpd47mvNM5yTygZF/XNO3qT9OTnqa/jmKO6bXJozll8Krb66f/7jSnLRUaVc +kqyuPSNRpINOeOfrtzvzGmyda85S3eipyuHAwANYCbr/RLHIRM1FInJuQJ1utd9S +STzNCfZVO0xMP4jZS3Brno5aQkAPIfysCPvWGWSGAgH92KdL9LqoIHaTGZijtY6A +Fkm4P1MdtGg1X5IaMizFqeDAy/ZAXsrivnnQtucqtNcoP/+kyjrEhgXgHL7xFvQ/ +FVmQ1fZJjp0Wu51bWJFuDXye5p3+x6y9IZk/KY/25m+RQL3Ai95J88maRYz+F1uw +cY1hv1LYKcyOw3K1eCPVpLhBtA7LfZVhZNYuQzEnjrGT2o+y8Y3/9a/JiNUJ57BH +FmlQFsoaGVS08AGuzgLwAX7m1sbltqSLG12dNthso807boKdlqYSPeUctxHBPELQ +Z6KShu3SsanaQaqRMOlhzCktAhMqQ9onM6aAjIE+lXZHOE/vEkIPJ6/uW1+fe6nY +o2jx83RfNTCBMH2TKfu9qnOpCjIW3QAryK6eTacxQsoiFZudQajYKSdXYHejfp1M +WD9eG33z7WVBuf+o7EE6/lhR3vY5E4auB6wqyM3PZJQsAhVqjiaujQee0yiMGja8 +5HVsmv0Pxqi1YnByP6vf2x4KPXzjGrzYqD9VuJuEYl7R9XsRsOOCRKVO+C18iKfe +mcMOt6lYkwEaDiSw9CBfq7I10Ro1Nj/OIoowPV10kyDS1z1gUk/bddl/z4aNkC9K +YeWb9gIf/L3IT6tMklqo46K1pCJAChtreTAHR3Xa6xEC5nkotBQcmlKDHkYzKYeM +u0FW50rohUJ7kz6Djw9IgxEpz6dPJI+C0Hx2I2jbIporD6aK0RiD15/UYu2q8vVp +fJsICJQrLfIzWG++iLlvwApcszWve3CrnWvw6hxzKJ07FX8HMxx3KGPEi3lkUnaR +0lXLLncS4cQSd1k8jRw6ZS68gAMao3wudgijtQlDPSopb4/LUCVCJG38KZ8t+KTZ +fKYcm1TvJFBgK2TIxZIy2g6Y+Es+MpIt2Sb2iV2bf0S0NrJKiNY6Kbl4VktkagTU +LcfHBwp61dJsJwrfoeCFoi50JBMZO2d7Urv70A6RbvhUI43cEj4f4L2ENm/OWMPE +RHAeGUVAQZlmhxqELEAaZK9VGbnvPa9r3m8whn+OkOabWVSZQzMrCizbs5T4EaH1 +m2YchzTLlINAbvI9awVaTdxmWPtWniyb -----END CERTIFICATE----- diff --git a/test/big-ca/big.p12 b/test/big-ca/big.p12 index 8a23797..e892636 100644 Binary files a/test/big-ca/big.p12 and b/test/big-ca/big.p12 differ diff --git a/test/big-ca/big.priv b/test/big-ca/big.priv index e17c2d4..cf331c1 100644 --- a/test/big-ca/big.priv +++ b/test/big-ca/big.priv @@ -1,99 +1,99 @@ -----BEGIN RSA PRIVATE KEY----- -MIISKQIBAAKCBAEAwwZ5wbb+EE6yTtOA5kFJLoMQ227XSlD4+NESMJ3O4YzhflIN -slDBRvoBJwbDLngUqCiaTS+AJQDwctXs54Ned49Yfpm43M66Sx56M5BXvKRROhHT -kC4MlHMt5Jto69gMjQ10Z2zB2eVTozBcDcqQbHqnDWTT8w7ynUl/6F7BIdBrNQ2X -xB8miGEEOMVoilfjgs3+xHLMZhvi5Dj1VjKtn9JboSB1LGd5bxJwVgcMIISYv8De -+6DHqr8Obdm+ABP2qFtorDCdsluJ3i6r81OkuHTHPcffA8gxjjsCw17TWgPMFhvu -ASDSPB6fXO0OelJ7ukhZTw4BGpUvTMkvI8fD5wOcGYnIg6grjFmGQnlrRZF4XVXp -KFBG4cbN/yFg3eQcgfUn2UfLgRPsBsq9Bf7FO91d22oyW4yE3WOQPCq/wmvfOBiD -GkAi22WwxMAVAzNy0QKwyiXkE/rDakkHtIUqB8TWwajJfwj1Sd+0Ocbbax9F84HQ -0FqOfVt87eDOmASbiCq7Mx+EiQ+CKK4/7AFEjiGiaeViOfTpChSfvJcovgUWKjg6 -VdXK9jVvo21v5zJvhj+WADjCnXY4wgEHvU1O4iDPd6sN1PD0hZOghQ9cfuV3Ixa8 -WuPqhUe/qLQnH2ahhnfX8VrPSmurceTeo3mn6un7CwXZdurwjpPsmmT4S+Z6tetH -F3y1jVjgvbhbWoTQgmQ48/B+E/HdZdFReviW3LQoZx2dtclZDKG+XlPZNrT4Y8ki -WBCgzoMUbZPx9gefdoIi0iAsE2PomdJELpD0tb+L1Yq3DywMig6nPsPa3MtviIHq -1ysUXYBVtr9G97Nj9juV5PNko+I3L2iM89XEf6wzMEXjndFFx5huRy48gzJhAXDG -ErjTZdQJug3swIqH0LRpny1yQJq9vDbuyWvr2TAH5itMF7vOPcHXd0nXhjuPY1ju -mdQ9gwpGUhJuQVwBTAv8cOk3GpxJ6E0r3k3cmyZcVwvTcXHHYJIK/jfbWr3GnEv2 -5oWzlfs/7ZHA0c+BesJJIoXfhnb2LOCNgooqNuzbDIGpLvI33RHcnh8rGp9mVlOm -eJxoi/McRCoQ2Ku9J3FqdgI3lNiijZvT801io54d+NLCGyBU7Q8YsNawtWadcDiR -QiccaQHDMkq5G4bIudOg8UbRqU5Nvz4DMJtxHXUULvswhHlcU5iGY0LfJ5Xb2RAB -t7il8BvsFrag6EmMf7fqqJgxceS9PPWVNWr9xxJDQjuKcpQopiXYOr3sYLrhutup -BG2JpDBaOV//iwVrV97GlXcqGMbyizCPzLw4f454zNfAyTZ2KoXCFkWU6yp42P2y -lfajkiRgTuOJinNsYOsAW21i7oAXK/knzkHJeQIDAQABAoIEAQDBpDxgy4GYT4tc -GUVzWn9/X0PtnTDG6X9MDssw2oAAFBIRiwdudiByiOl8BormKPTZwvbyjKeAFl6o -pyCC/z1dGUeU7K1RETKIQ8qySC/VbpH4Rpr6Hb7/5x06T9Tt16cepq1dw+72m21g -KzQ7vVWJYH9eHS8Vt1HOOpx17R92o6rPEqAOa5+m6i128QvL0VhlGIROKm4pNKck -VCnFXKxodEXmxoORg2xfjL9dq8Gux/mi6657yjh2oR2ClSDCkw/mOlzEG8F4xsst -gMna4MI9JDZwcXROHQiXYKBtvEm+puaNTU4UcLJOX1l8uyQU8LFJVWzXwd/2tQoy -A9B6hm9NgZgNA3HEx8X1pS5Z8pVAjiAlDJhlHtBCfVMsb8fuigCESRc39sFpeI5y -b/sfaMgNmM8IfXlizTNfXuxn0Up1kQYifLQv7F6v2VibAt3aP8tRHIrNLLI55FMD -xV+RLmd9L0TNJPps2Eg1AZnBhGF5C6Q5FDxxpHi2n5B74StAZdLIcSVOrYy7SlrC -acGuY9PeDCdnXgsZ4MNC7xdr+erKQeKwKQRDFfRgYs5mRtNFjB6P/bLCpZkXH7tb -Zgp5O7mHbWySNZWWSWmA+AP6GjaNCOoyPPDojkTd8U+sArSVySG4kmYnjzMjgaTJ -gaZOSw0fgxNw7m3uVXhlGRtkcbzYHlGBHCuXncTUvhhHloIcnU1Hs9/DfPwySo63 -0xOvP0lTGZP1wURgIY7PBLKSzBEEWZrH1Yi8BwuZ9hCpZ/hgygzHTTNoHsOUsCRw -mbXEqGm73A03LmPQuLR+YQmZGcgdPBQEp+o4Jsbdwy55wfLGZEwSUVjivAICy4Gx -uEzyIRnP4IKgStMQNuypdNoqMFmQeKBZHGgosDorZVQWo7Ojwh1r78Lwlq8nf8Eg -n1Kux2eByVxQ/Rh5v4gMtEQytcc9FOt/vYKeyH8iQmSil0PESrPz2wfWaChH9CYk -4NSNCI7/9xV99NIjXAvGRZ/B6aNDw+mK6s8UvpNQs4tMeK1dZ1tzvDCxN3ISqe1l -ODSl1r44h2Q44yQllTZl/UYiUwUnlUuZ00h8dV3Pvhrm5qGVtrVmrc112+40tM3N -LYcDChBztYUDVDoE64s9C4FXp1UAEInKT+O8KM9LIY0RT4zKhHa8hAfvLy6YZoLP -icevE6/aEcxPFbwBq9BuJ37fRnMU+ELa/nSlINmc6IMs11VaOZQbauUHfxfq0UQO -ao5ImskIPKlW5ro+l3tVo2GSi5fAUX0ZB+O6wpgYYLnQBNXGYd1XCRUtF8ymdKEd -LsmLj1Q6avI0XqU3rPdiVKtqpUMhcZ+HGmqbZoIx67Lrw5iMcDzy2vdaskQELwtJ -9RAKz18BAoICAQD94VFeIjjwhvXk+3VQitqvjV5RwEBFdb3TY5u35TD96RdjCp+C -n2u7k1jwuv02qHbo5mv6XtuReOBtxBXXamG+jafhvPx5+fkAkcOYTC12cZDrzCri -IbCXXzOL6n5KLEBzE3JkV7jfF6A1E+hlHrcFlJVA+IAz7YpJdlYF0OpD2J567IA8 -ysC2QUPj3FOkXVQu7plorkaTI+3ShjqmEZyWsDOKWIbtBfzJtG9R4WXwKWRrqOhw -dpOxd66IGKQ5GwtZq+NYEIblfpSnARIhgo7dhEXeNBPbgIql7xap78BcZKq8Iu5/ -xDU5X4qam4pFCbkWE3DH1nwSsCVBPYZoe7hYAV3tDK95+Pl4oo1ERc/D4s9Kp4XK -QWw7N/6NTQQZ4VOr9peMOuYayS5hI1jJxHW1z2P7r4cvAddm8HAzKoExsKyHqvU1 -X8PLnJ9oDsMezIchNW8EYiQf2HCKz/oAxWTSxrnaJ4otkF2BVdfRkUGMjuoogzMY -Y2nbnh7r/6bnAVgnho1R/+pXtwqdQx5kEMFCZ+lCgRLUxX1REjnIZC90cNfznhOl -GkEomkAXClJPo6+MFJNSg4S13gSp1rTc4vyWxaAscQjknarqaMugLOe9cKia4LH2 -bGt0AfpqrVbUWrTOG/yHkBsmXyA+YXTTAFlu0klTn8ib8BvOe1ffgGSP3QKCAgEA -xKdaONI66IQ0GcL1hJlIJXgygJJO+KsEgtrcfI7YDjXBwVXc3LPlNEoPtI5iA11K -t0wTgeqq7VcDe4vfydCQXFc4UNxqtx8RbLfPEj2Khp8NiwADQiRSVWo4bH08buxT -Jf+euy7fK8ATkaK2OiCnMYnBmyepnp6/pThvYMLve+2DGoUOh49b2x73rn0xUZUl -stqEhfjm8OZw8yyOT2dGUB6gSVaJsTwx55DPh/PxgEbsqgvwDBIc1oqLF5KJsduP -ukMJkGHaulvyqxFQ+Jq9TtdDNUUkbDgTmW0RhXcX3vm3ZxePQhUqvpbFcr9sSsq6 -HAzmKPVruqU6CADp8fZ1GuPds5cIbPDFb+JtXqV84sZnGOwphKEiK78/EoNM5AzQ -qB+I2wttTzA/Pon+YFWkVCXfRvqwRP/jk1o28RnN8KCWWDR2RC64Dwo5sF5wTVUu -QSTYGTJLlLBZ/BIixvaTgoDf+ZKRiC7DPqJg4MPw1zidhwR2yatygg3yB6LZROXt -y6mPJqvTGClSpSq7qt1j+fGKS82+hNtTSMrvjewTHnF1+jW/t1+unCm9IFb0Sit6 -QUbWWyau+AzzJ7o7MfiTK5cQ6yELKBeWXkzB0T5rDCwrv/aHwlfwBjCNziDLUpJk -an/YX17rzSuIrVKfmtfeJ7f0qO8Yad8onRCOzM4mVE0CggIAXz8H8sPuDrbjS4vX -QGdHkfL8frkco7J/i+3jvsMadTfckUir/SpoFZA7Ht1YIAhlzAyeV+j8gQATWrrk -4tNDZmTopfTr16sjcsY81kdGCxiiIQSQ1hODl9aclRJdXOBrMYELOn/6mJ/Zd/BH -EKDMUyiiMiTInDKy3cqqjTYKnXeIRV+y4JvEXtvvZ24CZzioW48iOLahPZSOJZw8 -Jo+W6qWiQHXj8Mp9QwMRfGuOfeJZjVZqFb82u67F6MMt4Uq3IGYvPZu9sB2kEV+C -eNXtWUfFmo55ILGB0qz3GLwcs80EjN6iEYb/3M1uR4CxCCOUr6aNejuKgsxYvbgi -U9KOn12r6kIHF0CD/3EkhIeYYcoWsNBWjkGrJDBmrIZHUppJdMtnobF7IHN3lfPX -3KJ68sGipgr9MXKEaFcuENQSchzxLVjC88pAv4O7/iMDqutaiufsBX34RYZC+qD6 -Dw3/PGBX23NYEK4Hln0pIbNYHy6CxL4sDitFzKHuweVArYvAkduV6zySo2PFdKh4 -n1v11T78sPmRogeRczfeO8LyVsH7EqesgRVvepccEkjKBpzHQEt71coHoN9xanJl -mjUCRGJSLDof9vz74UN9mVMfgd/hMXG48lVMntIbK6hqWfLJwEWZoRY8SVII275e -QMbxxnTYE6pvbalQFVAK8IvPrnUCggIAF0Rdrl9hTOVnbKzec6PXH2fLQd8NrOo/ -DGRstegItBW0KPXJvesi8T7aANjfy9ob3vgHTtW/B3nGFbYE8lHU4rgHF7ocfjIU -07Ijs9rIKwlihtGnkQnPHAAHUP64Sb94TwSheTAgg4KkThTcTqBSZ9AOshbNQNEz -h47XzrEBuL3vRxH7GBrkGVbeoyx4y1hEL5cfGuLKIDKDpqHc7JQhg5U8DbFJdUjT -9rvxcfpw1maN1ci3zBXQh6m4rz9NP1fk93q7BPQu9uGuIoNX+zIDt/JMJ19Y4dz4 -pKx86DehAWa2RmJJNt5eQlKAZgU0AN1fi7YS/UGcT2cBKLVC+LfaPyY6subpvkn2 -cjhuDEa0Mfibdh1rBCA0dMyZ38zdKhZCEcI5ZQFDG51vviyBhlBbswEQG8vJU0Cb -YnHIElqlPRUi9KiwXXzRliX1kWJ7EwtC/74mO0TyIFOFMgfLSZMe/M/WsCahRWWT -ADQiFjXYpv4x1Sm4DEBWugCAZFrmLfquWexj3YVy4mbxOk2GCr9K9uWXIUTkh7+T -aQdptHb8BBwUg1gcqMuPUza1A8CGAsiGHHcPIZXAGeUeV9L28gChGQU0oT01nra7 -uciHHgSukbAgNQQsJ9hTs8fG316N7+UWMGuT5CTM7Wd7MlaWP7HOvRBMyDgRwWT/ -3yV4X878RfkCggIBALuyVgyrf/8RCm7JN1+NfUVmpzuvPoKFsWIVz7nXp5PACMvA -+e4ayiEoGcI5aY95+/dJNt8JDj069+SLaWmRizn+4vxcVXArts3ox3VyqsDWVyNt -lL8xg4ufCkTylcOItxcEfZzIZt/w7m2bEgCBHh4mB2wUrZoSh4byRXhom1h/EVHt -CotMjQp4NTtT5/7lP6bc+jIjaeJKonz2CmC1wt9QHHpEgfNTrBnmFhQpZOXVF891 -QxtIFjWa04fPtDLK7FlZacWd+sFWOmYA+BAW2fNbl4Q8U3AKNGJ/OkPnaBGg6Dwu -VrKI/cWdotca5AN1VVHT0riyuAxs5x2HFUTmf2UF9Pl1e6zNQKLabac2CtiYcKef -cG7liL0/qdE8V1vn16QOHoQcWGJ5hELOmM0OOQbHemj8+nxw+pm3LJ1X3VApHuAA -xe1d5eFxYUuUtqJpw2G+YqONfhCKDDYhnUG+RLD/ytw7lA3QhXlEzIzfGwHbns54 -JqGStgeGBTXcQv7+zH4fJRB5zbGt5G5SnwYrb/nAiHpwiT4KXoftQLY9ex3A16AI -a0F5v9Oij/Gz1TjneK0EMaxD9VYxr3yj8lpRmxP9fPCALcTfDVlyWj3Vj7nSSPmB -wX8QSlzgaVEHdkS0OPZ33c1lrQy8BouQNPyF/DNQFeeDnxXSEBB1FCL6s7jT +MIISKQIBAAKCBAEA0vhMn1JbbFTKx3bgQ/DT0PBOJ6IXGlSYQkFnLYrrnVea6plE +WciQbDs+xjIdpZtg69MTh7IkTQQdlGrvoMS53CZ6Wf2rrdJW9hqTZdiaeUuzq6fF +/8XnzS7IuhLw9fQqt7Il7HVEMSKlUIzj95QOf+t8NcT3atDmVLdFOv+qpzYq9cxm +jB7xQHbfVk3FK+7PHf5RwyPEUF4QgLpuH7fa5jpFIMo7+kqo7R1JXApThTA2mXNg +s8zWAxopeHF/Wpx0pBrxOHR5eleorQkE1HQ6qgB4FbEtKWFmle8oyJRe+CDZMuIp +WjOYUZPXl4LZCxKruKNYP2RtzR3friUaznu6nDVpW5vMV5oKoMx3mw/JbQwDD3f6 +5le5GYDB6+eBUZnMZsgCulmGPv4pPxXMBM1GRCJn79/SSgWFjd4A+HUPETEnLRp0 +VJDtJ/lcENk14tVVWNNYS7eYRmuvsmj4C9Nj0gYDYROz4kv1BVuY6PLKFV5voIX6 +DhUDWAPJwfr/IMYQ12OIG+vXQB/nszPGXXC1oTo0zbSe+sw8AtwHDdjcQgr0sUOr +4SQ3rcKRzNKMpAOx2N+4YMsQuTWXs/p2moBRscloPYlgABFfYiN8u1X/A1klFbCc +sn2JJvqyZrP3y+7Dk4wMrb+JQ0nE8J7nphhBSrApKdpRUbdstE/T6J0ZvaxTKLK0 +0L3mAvvpUaeVZ5S3heiCPoM8n9AAFx1nsCEn+FbyzzJeaOQnI/qk0GvbkFjT4saM +/mS4TpitFAVhwUyudFLcUCF3hKSgreozTG5PBvO8JvOZwVkMt7Eb+7qGObvqXS/D +j4rQXduT+20pkXG9IqZINnNDI+sPRrr2Eq5UPuO398Pa9TlKQi0amaedVu5liywR +8TqjjnRBJsxThFxu/DeiTDl9BgEjugt2l0tCAxkS08obP/vparDx5p4BPeuEdkX7 +BLr/Dw1Rm1SZ6b8RIt9ooOoCZnj+Lw54JN+fl9u2rJ+ueLepHb2qUIOU01yuYzz1 +XP6nWZKDyF14BLXXlJ9uxsZi2nKB5IbRYQBC8bT3kamrjEWZCtt1nrbBOKFtCHas +6XyF3akA7rbY/wZWPVM5wrWLhm0D5PA/vz12GvoyAE+fzsyXDEOyA02lyonKj4I0 +8nAnUeCmnEk5HP+ydULh2kNxiqzHI4CIpxHZv2OyV30aPEzTZxiKjGTwvbrfNsZn ++Ozslm/H06+73qzN223jT5tt9CbNuNr98/6s+iX8PFCc6FPX/65vvkvhVTHTUBbD +IWGwrSjOSdnlCC1nGyR8K6441b3dZAre4ll2HUwfirYk4J2Xhu82MnJgUrKZrhlE +8I+gj7dU4WqFdXXPtF7OOy8i5Tbd0dx6kyyKeQIDAQABAoIEAEoLsAjzRPc+w3VC +ue/epNlenm+2qlkpe881WVtYuN2ek9bnOGAyzs3N9XhmupUXdesPSHmGAsutOByR +c81/fqRQNP1E1W7Kto7mQPmsDnuoIEWNOydMdNFFLFpyr3QD4MJcmoblmauNN2yQ +JqsMohIvuoa8vQIWk+ED+h59AY5yqp1ewldHvPEdR8Hoxd1nkfY6/sN42DxE55Hm +3SPwybmolf6uPGLatXOTpd3SGgJTK7asEjLJIAwysH9/hm1tIFtAwY1JBCH2hlNF +KRbQPI7SX1NtviYZ84GIUU4lFTgNf24mhtEL7tgjBbY9zKPgR7kkS6LkQs2NQKbE +iyYRsyuEa5gllJDilfxeB1S7M708TA6v07Xo8CSNVoLP3Emhq2YfqSVyqnWNiziD +E/pTeegME2LTseEdEwT5+Gk73K/yCogAEvhjbXlsQe3/7rPQoIXul7zrkVyWCzKZ +OQYdiZl7VtBJtAcnFbZtsbuBC4B4hsFWhK9QnL3Vhoi46ba9DcgrPOhf3Eq7Z/0z +nNnK51TRMxtH28y2xhFS3H71sEjVw5A76iW5KnmoIrg65fXi/hbaXsJKQ3Jd5wLa +U6pig0ndIOMIRlN/xXSSdALkaf7o2OVF+ZmEChFOSDNX0w8WnDo7G3AYG7ssNx0l +CLT5KmFmduwjngsKT/LxWbT4/sHdCCNDYh75yL3Hd+dUmV8mmJ9G0YXtpPBFtCxk +KUhiLeWX1ZrRSL8mRIy4xfjypmZqnvEPvkngJ1QGb5qynQJmf6pfl3qirr2zL8lh +yykouI5gy7flrgINzhddVK3UzlYJClKks6vu2cnSGt7Co63wIMBRxPXrV0FRz6rD +PFbLdtjkvJgWmfu0fUQqXno124ovEaffHtno8zHqF+qYSk07JE6gt8UbrkETQ28/ +c1kQcCmNmlt+5sfZ5aLEKL/N48voaQ8ZXH0IUo+YPVC3keobgpQ3Snx4S5LEWieF +d+Tbe7RLkUSSkBLFdN3yITsLTOThOouMlb/y/BXlvzt63z041apZO8xVJoq8FRHt +0vyY6oqakBBqm64UsgGwJwinGKERzNV3AP971n1OSETkElMqjnfoL2OwP+czFzDU +NJoc/no1fqX+hOVg6fH05uPgwXq9N1l/g/yUzH4s8/t3ggvIscKBmA+4dw52Ydwu +ptGYyBpAvPxy+FDT9dCD9gKySu60ToP0tGHDUwNJzn330WURea+rjYrLWnGew7PZ +AtmiSYYv6c6eo5CS5GVoSZRiDrsZEbUQIt1F7cvrP1WiwKzxvBWRSzT7Q+x6KcJc +I1GG8juNDSX6H7Z9wKPg/3TPHdBEJlKdNrziQWfvg3EXUW41GXw83wiWFFDDrOIC +vRbhFiECggIBAPu3UNt6SvrixYF+1femlNskteaNAL4JfuO2Ws1yeW7KFxPNctJy +JnPDYmgXtuceQWcknM+UqoswGGPtR/SeDB62Q3YZziZt5xe1xtq/JKFxRU1I9SS3 +9Z7sWOmF4g+d1+5c4aHcM/L4enmsADFsTGO7KDpGtHKSVPEnHe9nH9aJqwJHeqoJ +Y0eOUMgSFNKfsI/ONWrlMqfrZdSeLj+ANxocKgu6ULTwwWVf3bOaucrtdm12nNKm +jtB8uWHNTQtUtdNmHMtftAsEApP2kko6xyGy1vNY//dw78oFVvefX4ur1KlYllWv +qM0tiTbgTFg+88Op2V6aQlGyoa6cMw7JOAIyAsDMKo6/gpftTxgyte/0XqEfPALN +OWQQzGLEGUqWWoTw4Q4nnuFX8W8xv0HlLCNMC8Y1+MicGT/fdsYirUWzpF/SXRxq +rdGpVCxP3hMCcikJdIg5MBi8WhnDPAKqPuTx5jMxyDu/5A/tn+2zRKAnqBN7LfiI +uWnRpAVIi11cThjzg9MK1qBiGi3zcV8qf3vXD93K96/Z3zSzrrJhNa5kh6dnd1ER +oQEhG8BDUJ2sP8yumGUR8ViL7ZR0tjStXUc3IkgvLqCM5haxBRvPgEHA59e+vfi/ +nT1KgVd0N4VbRxHalV6dR3mKfolt+wRoTxELyiDYU0ZMPQPiOUoaUR6NAoICAQDW +j3WZeQpTrk+sSHlUWMLfuE2Zb9rraXruMIsovIl+G6Tea7xB2+hf2c1W20pRz14J +ic1qxRKvxu/lay8KB5b+AOPF/WhWDF5W26xuwXbM0vH3Mgc0u8u7jdPHOeK+vaRd +RriXtdlIdDoqCaY8lbvVj0NpAFMuAR0yN4gc1va2G6lpk33mQuhdBaTeQ8Ta4BR1 +FFI3vajhaALlTY/vDKepqXwqhutkmXM+vHEtZpy27Fj9/KA5xDj5ALvNlBbkN6Xd +rO0GWZUl3AtgTR2h9MG0dFpL4cgTP/h8+Syc4DCsiB2EJRgkTmTwPr7du+PmXm44 +jhUzZA9tQk9alDPoWiQqKAQ5/hIO6iN9dAkrdBht4jxgV2BTMpE/Y8PJMLBeho9Q +5Tbb1JOFTXXMgsz+0Ffxm3xkFMm4e2ZerWcSv97SxOl/3yNAGn1hCJPC8uZmEawv +o5TWMOIcwI7q9DaTQO3tPbLigb6wyOBDFE4hXwy19tBOvMp7bfJiWCgT2TQ33O0K +BBkQqYhpHKn8tUfI5QaU2Q9SnoRMl/CvI4a5ucUnLfFQD+WUxIe8ON6wUZsurd3q +yI9OqegyW6v0FePB/LhLywTMeq3WvvhWnqgfS85d+sWiHLA8JgP9iB0T2uSeB0TQ +07iBOWI2445dcMc+NowMcEixgpZyxOpL1qrKJuuGnQKCAgB8Py8lNscd8aOl2NKK +zGn7hbJX28+6/frpMZC+ijvQaOZdOvLrV7cNOysu0E3S5QdJfzP77pkD3Tic0nnL +D9xRqIvCFti/9U21UV+Xh/Pv0HZxwIpolnkh+e2lTxWXucTk/mnNOGFYFDh4KGNs +AdXvAGnJ4i6dwwc0hadsDU4U2p1Toa61ka60mlXbe7lVgcdoJFQPsJSBeFsqSO3x +IDuSosZKRawitBfyDxDi34PH29CyFXMxM0+ZL4dd9DWMW0Lo1yVtaY74RQF0wafS +BhNW2ezp70thexiRcnNMBRnnWmi9MmH6Z5t9s3VgZfSpNmGiegs2fBQyOWc/RhCZ +ws7nnoHnYp+7GGLA1T1OZ3GQwOGYzE8V3vDuKLCKK9uECpUhu7iLARmWh48/4KFU +SGeyAI5rRybG9u4rrgT1phY7KoH/XlnhdfLYY6mNudqXLYTmJqmjt/66pvYec1UC +x8AFyDVlnbQFciGDjzp63RsJpql6/DljzTEgP3+jr/xCmBZgkIrIODhasDHV7q1O +WS7WFQDa7J236mYXoH2hxQP3Ud33zsWBeZ8sbIhDLbb0LRrM0H2ene2wVFlwBvAN +Lmm1hkxgrxFn5ESKfNRVtuXLDwohXyBsUUCvCUCwx0fEhpqdAHTsX9vw7WCqO2RE +96vXcSdTcRQhxe30Jc07e6QA3QKCAgEAwsrtvk8YpA5OASCvHneTPJ9LvDDD9RQH +ajYiMPKydQ5N6Sywdq5a0qKffOqMF6gHPOuh1fxjUbhv1b4wr49icuqF4BuHXQ/P +mlXHv6ne3GfrCzydNDAG8Bj8GxSfmgH8Nj7dmcacJN54a+/kv35FUMbHMY389nhG +dG/cICq9Q2nrrZEdLS6zXLiiDLREBV6I1B6F4ltK9pGCh4GaWjIICc14j/d7wBJc +gal9qvVM8/mxda2kHa3a953F4wc+nSU0bgPwEOLFuOCEZ4K7k2zta5Jy5A9woKFk +TLm/2hDjv8+31GAFAfk2RLMCf7Z0WpKCyM+dydFe/BfGiXqhgaJM0QURiUD0Thwd +6mitZoj5INHTdLf/GKmBGqbNelu806SgepYO7xeYct53QxvBVtn57bz2+rmwxc8q +imwtduVBO+NQBiqkCy/BgpXR6Jyzthj3VSzTFH6+2dGsLv1WiuvY1pk8Tc3zPPay +O9Q0drGfjZgtWD6oKdUQyF42zIZWlRz7CyvbQbhYwu0mGurN6EKdbgd+lMibXhpX +hfnf98ADkOVx/vjfuueOP8D10+fS1lc9cUlyab1xtD5r56bz5ws0moMPsUDzkFJC +jgluozMkgUgJo3seOQ1edA/eLkd9ZUc+H8UH7jIVy7Vea9DW4tGM5kIOjTH8uuex +uvaCihM5ozUCggIBAODv3U1NeNbEBIGqGTl+/mRq9HQnp0rI5/k1dz79sZDtyCWM +u3SGpKU9V/a60shcgEv8QDQ9clJHoJ/dP29OM0JdcMhntGh9Or5qDEJVK8/NtkuS +eqb52cnsEMr9cBOEmdtHTLvOCYjXIailV0BsHDuuAkBlETbUZ9caxob5X38gBemc ++B5P+rE7BhsZGW5rRh7QVE7g1xzhiOhxUhdT02onphLQc1I9cr+O1QxHmYjAIPJ/ +U49KcZ71rZY2225WihkjYVXw2CmO/HWWIl2QLobs2QGP3RE6p/6qTPDbv5Fq8FIY +upqjNCcKVg6FBqp4hH/GEMBM0N3hHbQrW0eBAV9IH5AXZO1CR353cca710UEZ2Hg +E9Yu8HK5KWmNSXEmmLC/0pEjap+VM8mxUZ7bmpnGuB3uBiC2DE6ROu64Fdy/j6Km +bUFo0Y7AMxFk1nVaXpCtYJeLcpsRsq28raRGgI68049DEgpgEC7u9HTmmUlEJNRO +i6Pf5o9B5Gttc6u5+6fzo0AIJlkoJ8a5lTvcQotTpcWm1lol3YvWEawBlP3T7zvS +AUN6+Pp9DNoL6yVgT5rN+4NOd+zxV5y3xGZ3Si358uz7LnL5kN4pVnJiK9gPhwNb +KOB2UONFc1YhzARjozk7UHDJwBHOtudQsfWrmDrZPbnlyFm2fmJww4Kf/d+f -----END RSA PRIVATE KEY----- diff --git a/test/big-ca/req_conf.cnf b/test/big-ca/req_conf.cnf index e77f3e2..9524ec5 100644 --- a/test/big-ca/req_conf.cnf +++ b/test/big-ca/req_conf.cnf @@ -71,6 +71,18 @@ nsCertType = server nsComment = "OpenSSL Generated Server Certificate" subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +[ ca_altname2 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = $ENV::DNS_HOSTNAME + +[ ca_altname3 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = email:john.doe@foo.bar + [ ca_client ] # For normal client use this is typical nsCertType = client, email diff --git a/test/expired-ca/expired.cert b/test/expired-ca/expired.cert index 440f926..6385c4d 100644 --- a/test/expired-ca/expired.cert +++ b/test/expired-ca/expired.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDCzCCAnSgAwIBAgIJAN23QK+AMmhTMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV +MIIDCzCCAnSgAwIBAgIJANbLTjynlDJIMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIGV4cGlyZWQgQ0EwHhcNMTAxMDIw -MTY1MjQ0WhcNMTAxMDE5MTY1MjQ0WjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG +CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIGV4cGlyZWQgQ0EwHhcNMTAxMjE2 +MTcyMzEzWhcNMTAxMjE1MTcyMzEzWjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFzAV BgNVBAMTDnRoZSBleHBpcmVkIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB -gQDnMgpTkbybjlpmrG+hH7ZBvvrVwJ5TNg9c9FXph2ZUbIfMcH0XUyk7Ca6lDz8F -tDZO12sDNwG6UP0BvPfmhua8nMuHvOdIjJqF64YVY6NSIov6ClOp5UQgO8ktxdxw -SC5EI1VT9LmZgwdm1Ha3Set4XHmiGF8lxpYZ+TkhA+c57wIDAQABo4HSMIHPMAwG -A1UdEwQFMAMBAf8wHQYDVR0OBBYEFEJ5gcaXFSZGfbec5yrTGWZ2Gr1iMIGPBgNV -HSMEgYcwgYSAFEJ5gcaXFSZGfbec5yrTGWZ2Gr1ioWGkXzBdMQswCQYDVQQGEwJV +gQCyL1xmtX8CGM5PfEou8uW23mlgQecVzCkWSL5q8oa3v0AUTI6oMJzLKOgCt6ej +0HNSnGsoOwQrvG1sjR8GNPcSN7MK4to/1xPR4+wlIr+R5w1s8fCBzQsuVEdIthFp +Hp8U/xB13FDFouFRT7Iztb0Hww1qFQfnKji1f7G7m1VZLwIDAQABo4HSMIHPMAwG +A1UdEwQFMAMBAf8wHQYDVR0OBBYEFFqbGmHdV/NQQlNSwzcfKNJpdmSqMIGPBgNV +HSMEgYcwgYSAFFqbGmHdV/NQQlNSwzcfKNJpdmSqoWGkXzBdMQswCQYDVQQGEwJV RzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJl -bGF4YXRpb24xFzAVBgNVBAMTDnRoZSBleHBpcmVkIENBggkA3bdAr4AyaFMwDgYD -VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAHpHwTKopaRPmqC4DMScBbdY -F8tF0gls/xcW9mXpCfDH4+3bSOMS/5P3nxkIuJcsz6+fw0Ae1QSRv96HHKx1Dp03 -nU/kV4iu5dAd1uMX8SwO6qbfZyoST6i4KodUSwDkW901ptK3QmYT3WqP+IusdAAo -PHTcUpG4frcj7Z69K2BK +bGF4YXRpb24xFzAVBgNVBAMTDnRoZSBleHBpcmVkIENBggkA1stOPKeUMkgwDgYD +VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAJHrEyQ6gk50iaWb5CmDwXmk +mJ60QSeogrjZaOXnEE9ibTOU62DHBnRupPl5F5LunBEkj43ZAxemKN66oDjdRRpT +nO1kDuUFCVO223f6o7iYr468k/JfINqs7/6Rli6kHkOrbiWedu/EA4bCuvz8vtdT +cZAQwVROG3O8UCWr54h5 -----END CERTIFICATE----- diff --git a/test/expired-ca/expired.p12 b/test/expired-ca/expired.p12 index 9eebe86..a606eb6 100644 Binary files a/test/expired-ca/expired.p12 and b/test/expired-ca/expired.p12 differ diff --git a/test/expired-ca/expired.priv b/test/expired-ca/expired.priv index ff95185..834337e 100644 --- a/test/expired-ca/expired.priv +++ b/test/expired-ca/expired.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDnMgpTkbybjlpmrG+hH7ZBvvrVwJ5TNg9c9FXph2ZUbIfMcH0X -Uyk7Ca6lDz8FtDZO12sDNwG6UP0BvPfmhua8nMuHvOdIjJqF64YVY6NSIov6ClOp -5UQgO8ktxdxwSC5EI1VT9LmZgwdm1Ha3Set4XHmiGF8lxpYZ+TkhA+c57wIDAQAB -AoGAC2w3gmWC8hSYdtYyNb3BXYI4FnOL3wSewbL4w68C6UzrcLhmFc7wDJCv5kvY -i0maHU8bZG9FUJVLytgxT1x+7d6oEpZhZM63DQHNOYq/50e5lyheJLYpHfz4zlIn -gbdWTVmwwP+jYXH+UXGouV9N3Wb+bPMld4RL/32CF4xnCaECQQD/Kl2cME9BgmF7 -1drjZ3Ifly7Kjx6YnuqDEWm8tNApWz+/C0vXL9hd478wf6JnfwD+cmWBOx2azGEa -RFSCjVfpAkEA5/ObJkAhSigieK7beLAXszGZ6xHH1hEyE+RBCNon4Xisyub+H2fU -pMM+pipjyQa834tF9BVupylnKSYMqfE0FwJBAMLpDLp7GH905ZwffmVIpp9E76Qg -8QEqGv7ldTyFbaC5qBb5vQPx8ze8+VVFmbuvAwZaQfkWPAX76oyS928GIskCQQC7 -cECQSIKeSpCQtbzlame8hvi63UN/2aV+LZXgcWqI6du4m7H/7wgHnT+jR94bNTar -7wA4npksvGiA+B6DtkdBAkEA7UFEpZxfPRkDXAJosKg6wR/dTQNj4YmwQyLjn+jo -DiuJGAOpflk/ITn1UhLp7GL7Jvz1WYwZpjrYI4nXxK7ZwA== +MIICXAIBAAKBgQCyL1xmtX8CGM5PfEou8uW23mlgQecVzCkWSL5q8oa3v0AUTI6o +MJzLKOgCt6ej0HNSnGsoOwQrvG1sjR8GNPcSN7MK4to/1xPR4+wlIr+R5w1s8fCB +zQsuVEdIthFpHp8U/xB13FDFouFRT7Iztb0Hww1qFQfnKji1f7G7m1VZLwIDAQAB +AoGAMB2L5QxDlKxgIaSdX5oln8DlUaHaJc+wlJzmFnkRGdMiGZkmuJIP9OhB5mHz +ec/TJE6qvP1avfiuz64333Qz9xrrZKihCsdgDLsXWGa3Hpg/yt61Ba797XOq3zRp +WN6yTCuckQUHIMOH50j5g5GYMCPRE/MAM3R/Cy/CnGDhWbkCQQDf8dhm0W1UNrsZ +EMsHFVQ7G2gkpJxPQ8nENov/PQwetZXUKGlmYs4NY/DH5QoW25hOS/VmSYV7UH7y +Kj2eOllLAkEAy7C2XkSwp8SnpnIMf6FPofzD26mZi8mOZ0vYkjG//O4DEUMz21FV +0ZIb741ymUHH7avrcfEqBgMyPrGoYXGVLQJBAJ+u6HqwPL/+4ryFz+92EwCukz0F +r3uJv7ZMmtjeI+VF39dPFZDvRTQhHlC7Dc2sudairRJJvIdop4xv+E36Fy8CQE5/ +A0jA3/NHbfRO71IgMDgU2MXGTk34ltBoAkYUthAbCUOVyl4ysgfZbrqaoBc/qnSF +VG7MqY03nh1bCbDDvOECQBGiBBk5Bntn4BsFBrd02TaypGF7htMhzpfMtK4x0ix2 +16GXhgRvAEROLFry5mJaM/Fg8X3ipxbWCyBEzxWnC00= -----END RSA PRIVATE KEY----- diff --git a/test/expired-ca/req_conf.cnf b/test/expired-ca/req_conf.cnf index f24098f..23b0504 100644 --- a/test/expired-ca/req_conf.cnf +++ b/test/expired-ca/req_conf.cnf @@ -71,6 +71,18 @@ nsCertType = server nsComment = "OpenSSL Generated Server Certificate" subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +[ ca_altname2 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = $ENV::DNS_HOSTNAME + +[ ca_altname3 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = email:john.doe@foo.bar + [ ca_client ] # For normal client use this is typical nsCertType = client, email diff --git a/test/fake-ca/fake.cert b/test/fake-ca/fake.cert index bfbdd1e..f779733 100644 --- a/test/fake-ca/fake.cert +++ b/test/fake-ca/fake.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDAjCCAmugAwIBAgIJAMRgtGNnWt5xMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV +MIIDAjCCAmugAwIBAgIJAJ47rLNvvXxtMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIGZha2UgQ0EwHhcNMTAxMDIwMTY1 -MjE2WhcNMzgwMzA3MTY1MjE2WjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv +CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIGZha2UgQ0EwHhcNMTAxMjE2MTcy +MzA5WhcNMzgwNTAzMTcyMzA5WjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv cGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFDASBgNV -BAMTC3RoZSBmYWtlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPQZuO -DFEXZX1tjiMPefDs+x50ks7f9YxAXWttg4PDLF5OHhaxpDkEIvTjZhfKtHKWbIb3 -AwtWqVWikRWBfn+zy3GHVgw8f5ckC2GPZdJLuyZa6cCrcebecNFtiNo2g+xo+cPG -Rzb55mZGkfRu1qc8oSVdHxROg3J2n2dA9datcQIDAQABo4HPMIHMMAwGA1UdEwQF -MAMBAf8wHQYDVR0OBBYEFCrRoQXb27zNDbFi3agF4fFAddkDMIGMBgNVHSMEgYQw -gYGAFCrRoQXb27zNDbFi3agF4fFAddkDoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G +BAMTC3RoZSBmYWtlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDp5shV +W7TJt1k69urRkk1MBD5CEOhgJvCh0PNKQVkF8KjnAqkRDUywUukU0+SIQz/NNYFX +ATC8t3AFUH2sbvEogcpCPTm1D+SQznEYw5G6TO0cPGG085yOWTSdpXI1z3sGBhTs +WMVNYF14gmgNik6vgKAth/tSS3MSLAon086i7wIDAQABo4HPMIHMMAwGA1UdEwQF +MAMBAf8wHQYDVR0OBBYEFJMbyYcSo6yXJUmr8dlyMAkpkY2nMIGMBgNVHSMEgYQw +gYGAFJMbyYcSo6yXJUmr8dlyMAkpkY2noV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G A1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRp -b24xFDASBgNVBAMTC3RoZSBmYWtlIENBggkAxGC0Y2da3nEwDgYDVR0PAQH/BAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4GBADtAdfT4zNLReqjPASKT1Zpgec63KJS48CrA -dWkx+oEozW4J4Hok+824GpclVPVYnrVpxPbCafyOOfnULzjASeKmk+w7aJq1UiDr -KWMWtsUyToS+ExJ7wH7MP5gYPMpSiGOi0DNNH1Uzce70h0AvbSSsXJE8Xuks7KA+ -DqOuvWLL +b24xFDASBgNVBAMTC3RoZSBmYWtlIENBggkAnjuss2+9fG0wDgYDVR0PAQH/BAQD +AgEGMA0GCSqGSIb3DQEBBQUAA4GBAHUG2f9J6MkrzC801Zw6OpasF40i9mSQmEqi +lRU0HeV1Aq21giZ0OSdxgfl1abd2jg/FPZmtakowBWdBbs0woRkBlpGr0HRIDSwk +ajiISVBmWL9KAejQc1e/8QrNOZwTd0NqWLknjw0ecQg6w2YiwzmupcnDOQIDfD02 +A2hHpJQV -----END CERTIFICATE----- diff --git a/test/fake-ca/fake.p12 b/test/fake-ca/fake.p12 index b8bf09e..d6a3c3e 100644 Binary files a/test/fake-ca/fake.p12 and b/test/fake-ca/fake.p12 differ diff --git a/test/fake-ca/fake.priv b/test/fake-ca/fake.priv index 18885f0..0adf012 100644 --- a/test/fake-ca/fake.priv +++ b/test/fake-ca/fake.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQDPQZuODFEXZX1tjiMPefDs+x50ks7f9YxAXWttg4PDLF5OHhax -pDkEIvTjZhfKtHKWbIb3AwtWqVWikRWBfn+zy3GHVgw8f5ckC2GPZdJLuyZa6cCr -cebecNFtiNo2g+xo+cPGRzb55mZGkfRu1qc8oSVdHxROg3J2n2dA9datcQIDAQAB -AoGAO2gBz3CGWd90WU+xiwEX5sWAEEf4VkeKwPRGE6jrvqjcCyYiuR5qXV4rtXaR -AUBBzA4ljW3o9Rkqe6N8d5arwXgTL2aniAAMihkCck//LJCEsLBteIbfuoBuLekX -lbQL1Ws2EtaFvex0P28bPmvigOAU3oAbOGHTO3Q8qZIO+nUCQQD1OSpK2DaFYQ0T -mJDwwNMjQQL5qLAnXbGVURhnsiLu1Vv9m4pNUJ1DhkHSsj2rlNpU8uEPwiKKXbRh -4zYoMcFDAkEA2F1NXDjTOB2OuO0FkKT8QbIq/dCV75DwIR3vOuSUj9KF+QsVYzHX -N2qykOobl/IyunNKe13ilg1sUtsBIZyhOwJAXKsTnmECiXjZdjRLYY+cuk/RDgN/ -PgEcIK8ap+UbamHad4YVx43VQDU2HqcYwwRnVX7LKidU4jDy/6LbTmku/QJAFaMv -C1v7c48xKLk7Zz24pHFG718ev3iFKyqtM/yMBt4M290J5IOlfDtFZEylOcrU2+SP -vEqlUFBDVv3j3RKm5QJABdr8oyfdf0VL1R9L+7MmAuEpgZYMzEhMPa43OdMyeiF4 -NWSdFqn6eJ6PJAj3g/xNch9Apx8xvm6jX/vvf6Diyw== +MIICXAIBAAKBgQDp5shVW7TJt1k69urRkk1MBD5CEOhgJvCh0PNKQVkF8KjnAqkR +DUywUukU0+SIQz/NNYFXATC8t3AFUH2sbvEogcpCPTm1D+SQznEYw5G6TO0cPGG0 +85yOWTSdpXI1z3sGBhTsWMVNYF14gmgNik6vgKAth/tSS3MSLAon086i7wIDAQAB +AoGAdFXIxku6e6mpw94TpPCzaV+i55EpQsmbXaBjoUcnVAECwQNdu5F11y0lqKpL +PErWbOZz0iZRa0uBd+M03pK/dobLuKM4uPx+6XqKyGjzP3TFWj8n8S3v3Vf7YLPn +RI00IkZklPmA6Zwq86woDCouHIQq+4uq1z+eX2UNQJ8iLyECQQD2C4JcfhwN22Y0 +IqmwXCXsy/WkGjCKpaW0V5UPlKe7wz7jyWdp4xmdZd3KyNrl/6nwGwnuQAfsXdO6 +Zs0Posm1AkEA811+UsIZVAeMeuu8i9heT3EcAQfmQK6xCnQaNv4g8B6STkDf5PER +gsg7YUvB4FMdrFuMSRosCWbeGVNj98OQkwJBAIfrm7xUvlK5XSB39Z3Dif/iPHTH +MwGkuIGD0Iim6nJDTb6wSDyqhD/7QicABk0Ai3Rku3uuS7I7svdKSwXUO/ECQAbo +LGGk6Jsd67rBXgSKC4MtrqHI25wSWSv2x5ev9rdZ5sUZykDxJpITpLvKLqJzOXBe +2MhqWb2akcseNsQdZMkCQHQHid1TRCxukOIyrrM+iXrHkDolt2A2xnJMCFuzqHSI +o0MEcNJEuQ/wT41tMYQrXjlkdHeL2coXhn1sh7qwCvU= -----END RSA PRIVATE KEY----- diff --git a/test/fake-ca/req_conf.cnf b/test/fake-ca/req_conf.cnf index a4e1106..597cd4f 100644 --- a/test/fake-ca/req_conf.cnf +++ b/test/fake-ca/req_conf.cnf @@ -71,6 +71,18 @@ nsCertType = server nsComment = "OpenSSL Generated Server Certificate" subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +[ ca_altname2 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = $ENV::DNS_HOSTNAME + +[ ca_altname3 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = email:john.doe@foo.bar + [ ca_client ] # For normal client use this is typical nsCertType = client, email diff --git a/test/nokeyusage-ca/nokeyusage.cert b/test/nokeyusage-ca/nokeyusage.cert index 7120ce0..aefceff 100644 --- a/test/nokeyusage-ca/nokeyusage.cert +++ b/test/nokeyusage-ca/nokeyusage.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDFDCCAn2gAwIBAgIJAJWmCb2bQ//CMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV +MIIDFDCCAn2gAwIBAgIJAPZ7YDhrX55SMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE CxMKUmVsYXhhdGlvbjEaMBgGA1UEAxMRdGhlIG5va2V5dXNhZ2UgQ0EwHhcNMTAx -MDIwMTY1MjQ0WhcNMzgwMzA3MTY1MjQ0WjBgMQswCQYDVQQGEwJVRzEPMA0GA1UE +MjE2MTcyMzEzWhcNMzgwNTAzMTcyMzEzWjBgMQswCQYDVQQGEwJVRzEPMA0GA1UE BxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24x GjAYBgNVBAMTEXRoZSBub2tleXVzYWdlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GN -ADCBiQKBgQDIgqo89ltJt3WWn1M6V+yamW139XrDqZ874kc9+vaJimtUrhJhRb2v -vSTyQA+DeqqGczO1dONK6D3wv/Pbwt3H7riwRP2FNTUImFf5miy7OPavVEzkk8qL -7HBjgOw+bq0iFDiZTuAlgJl2zmmUZ1jv8lIVDM5k/y5ywaZ6vVum3wIDAQABo4HV -MIHSMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFB9jM7treX65Nu59NlropGozGvQJ -MIGSBgNVHSMEgYowgYeAFB9jM7treX65Nu59NlropGozGvQJoWSkYjBgMQswCQYD +ADCBiQKBgQDx5Sz93RLCLWRTfRtPmqCzRFvFVp3c+c85paLf4t2Bei/qpu60ptzl +oizAlcKfExOKJ059FTIMIewVEWwcv7JShiB+v2ckFcLTmX2uB+T3ntEJP2T2sTBQ +SvGOopjfbOCn1RjskvSofCW5yu47F+pdCWA+XBeUwsE3QFmzRUejLwIDAQABo4HV +MIHSMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFBBaxa2WNA6NT+7Yh/JWOHWbuDO9 +MIGSBgNVHSMEgYowgYeAFBBaxa2WNA6NT+7Yh/JWOHWbuDO9oWSkYjBgMQswCQYD VQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNV -BAsTClJlbGF4YXRpb24xGjAYBgNVBAMTEXRoZSBub2tleXVzYWdlIENBggkAlaYJ -vZtD/8IwDgYDVR0PAQH/BAQDAgECMA0GCSqGSIb3DQEBBQUAA4GBABaaGF4XDMMf -l41dMk0ypykGW3fT8ri94+bR+VVPQuhDs22ApWAJ+awWLOkIbVC8027hX/zomDEZ -j+3UfUxDagSFw0Eun1VNnIf1JvIkL3W6diQrOIX+HjUKWd9DIkXDJGi2q2kYwvLk -0z0M/dDu+lMBuq8RGUnQpmdbOE7kbwGq +BAsTClJlbGF4YXRpb24xGjAYBgNVBAMTEXRoZSBub2tleXVzYWdlIENBggkA9ntg +OGtfnlIwDgYDVR0PAQH/BAQDAgECMA0GCSqGSIb3DQEBBQUAA4GBAMvhCDIdYcDW +WgWc/S/k7+sEzbA3eASrPR524l/tUwby+VFtDNhzo52jBAB4BXCOeyu3QdckQ5Y4 +AmiJTJ74HUBDVpFsKwVNEgClgJyC8so4FDblPqmuI2vVuH87zUKd467kR8jXU46G +yo/qd5Pjqh+Zm7qQWdTlElovq5qlAB1d -----END CERTIFICATE----- diff --git a/test/nokeyusage-ca/nokeyusage.p12 b/test/nokeyusage-ca/nokeyusage.p12 index 4531178..9e0bf16 100644 Binary files a/test/nokeyusage-ca/nokeyusage.p12 and b/test/nokeyusage-ca/nokeyusage.p12 differ diff --git a/test/nokeyusage-ca/nokeyusage.priv b/test/nokeyusage-ca/nokeyusage.priv index 290b664..359f435 100644 --- a/test/nokeyusage-ca/nokeyusage.priv +++ b/test/nokeyusage-ca/nokeyusage.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDIgqo89ltJt3WWn1M6V+yamW139XrDqZ874kc9+vaJimtUrhJh -Rb2vvSTyQA+DeqqGczO1dONK6D3wv/Pbwt3H7riwRP2FNTUImFf5miy7OPavVEzk -k8qL7HBjgOw+bq0iFDiZTuAlgJl2zmmUZ1jv8lIVDM5k/y5ywaZ6vVum3wIDAQAB -AoGAP8vzRnpMCWRp8Ya4AHRBP99ZSTW93ct2cqNIb5wOHS0BgWvxRSnfdK8Ftl5T -kU3SO/0jkrSiLQ8/xf4NJPsXfRkTmXpbJQi8qzS0irIayQNGN8XEGpZJN5ZzYWNQ -xJwtKy4v1Mhp14viEwcimeD94NxnG6yS+ibHRGelE2iOi8ECQQDz0HOQCtycLpJC -/Sj576N+lnuNhNRDik+/QgonYAdKh3Tc0sDw6ySTRnD7UjF2En1OnipRvzfXmtbm -HdSl5gZnAkEA0ogmiP0TtCk7PVgSfxKTdHSYAZC29OmV5qAiXWaZfjB9ABC0Xiuc -ub2y3cbi0yA4EyEVQxrhNkqk9LVAH5ZgyQJBANMsOduJvNg9cgs5cBNCXu5Wcj75 -zEuPcVDrZxYBk28W8b4NgHVqhOxWd6cF4rcsfoHodikFoN1KTFVVgwgJuoMCQQCj -s4g7NoXurazJe0UOl9QeVlanyO3qLAMKC/QMqi2p6GwZ8+M74i+AYdfGCNLwlXnk -rfHJdwotXAc92/2bUiO5AkEAvaz4iWY16kl+7E2ccFHqM6w2Tc9BQMITEdl1Ydvr -0gn8CNdr5hZvrNn29v7LGAsMqvuZPjCmEgUxskrECB/iig== +MIICXgIBAAKBgQDx5Sz93RLCLWRTfRtPmqCzRFvFVp3c+c85paLf4t2Bei/qpu60 +ptzloizAlcKfExOKJ059FTIMIewVEWwcv7JShiB+v2ckFcLTmX2uB+T3ntEJP2T2 +sTBQSvGOopjfbOCn1RjskvSofCW5yu47F+pdCWA+XBeUwsE3QFmzRUejLwIDAQAB +AoGBANNoZPr2BJf6Te19sKnQzVP/kWkVu2BOX6LVNVUQlGC9pjUhcgwmrXZwV0Z1 +XKPkazZaBgnhxVy/JPKAyIkTrMcp9lY8ydLsttB0m30pA/Vp+T1zmv+CCKApRMgB +fho0avEmQz5vsa9hppB3E1Ikj47TynaJxBbtk8NON5aqv1cRAkEA/JOeXu0Nddmj +p8p0bPFjetQwDuVnGEpE+u8bvUPjSu6Y9EsJsZfs2VZDifIdan3NvEfo0h2ak5oz +2TCC1WLsOQJBAPUsfr+0NzIuYQR3wl61/vG5o3Usu0OjPxwx35/TgAjNzIcClCC8 +HvAg76JGCBut4UCjIht5WcZpLi9oomdP2qcCQQCpWbkoYL1TtXe7u01Q9pEC/F60 +vi/f43xY3BW3U1uFFHHN6ro3L2yJVQO37HS4wF0/zt9Wcq8AJLZ6+8HdnZRRAkA6 +zvl4MlorB0TuNWvCHBWTFdxHdvtUNgwlTzE8vRaxBexRViUB1R32q2/PlMzNFuA5 +COhdfrYyCXiyln6eGWFxAkEA3A6CojzW5WTf5AruK/yNR0c2gvNwBjhaJjS/oK4k +DwrWW06vqIwrptUYREc08Ysl9miysH7lRLXbH8JfddU6aw== -----END RSA PRIVATE KEY----- diff --git a/test/nokeyusage-ca/req_conf.cnf b/test/nokeyusage-ca/req_conf.cnf index 89c0379..ca5bb3d 100644 --- a/test/nokeyusage-ca/req_conf.cnf +++ b/test/nokeyusage-ca/req_conf.cnf @@ -71,6 +71,18 @@ nsCertType = server nsComment = "OpenSSL Generated Server Certificate" subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +[ ca_altname2 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = $ENV::DNS_HOSTNAME + +[ ca_altname3 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = email:john.doe@foo.bar + [ ca_client ] # For normal client use this is typical nsCertType = client, email diff --git a/test/root-ca/req_conf.cnf b/test/root-ca/req_conf.cnf index cb1a7cf..91b892c 100644 --- a/test/root-ca/req_conf.cnf +++ b/test/root-ca/req_conf.cnf @@ -71,6 +71,18 @@ nsCertType = server nsComment = "OpenSSL Generated Server Certificate" subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +[ ca_altname2 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = $ENV::DNS_HOSTNAME + +[ ca_altname3 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = email:john.doe@foo.bar + [ ca_client ] # For normal client use this is typical nsCertType = client, email diff --git a/test/root-ca/root.cert b/test/root-ca/root.cert index 8968fd0..7c47b28 100644 --- a/test/root-ca/root.cert +++ b/test/root-ca/root.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDAjCCAmugAwIBAgIJALymCxFFOtFhMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV +MIIDAjCCAmugAwIBAgIJAKNRwvjdf7maMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIHJvb3QgQ0EwHhcNMTAxMDIwMTY1 -MjQ0WhcNMzgwMzA3MTY1MjQ0WjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv +CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIHJvb3QgQ0EwHhcNMTAxMjE2MTcy +MzEzWhcNMzgwNTAzMTcyMzEzWjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv cGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFDASBgNV -BAMTC3RoZSByb290IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC05doZ -RddZ/07J2iOvZS5PKdrW96qvLTkZlaqOxSK76JV1WsmryI8x7x0KByIkoc20L8B2 -03BqRxz8DWlf1MZhSp1sgRz3OrVDvmBE+xLTNxBQd6ywihtTSXwjkWic+i/kbtX0 -cY3hOUehvp3Eu0RtC+Lm6Pfa1GoOt3H0lqV2rwIDAQABo4HPMIHMMAwGA1UdEwQF -MAMBAf8wHQYDVR0OBBYEFFgU2I1O7TwDeiboLxYkHEekcWGFMIGMBgNVHSMEgYQw -gYGAFFgU2I1O7TwDeiboLxYkHEekcWGFoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G +BAMTC3RoZSByb290IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwtt6B +km6plmUmXk1okHED/Mratlz01+wDjjEH1/DMs0TYCvjdCrijG3Mcu9czj4x4HDv/ +/swoNwT805BgYP00vxDwh3oraTsaipjaxIeYks8hXH54JZuuLOiM5GuTDLkvXdOy +VnaNVU9tFtjJX+kYMvozlDVcH9NJwzyQosaUJQIDAQABo4HPMIHMMAwGA1UdEwQF +MAMBAf8wHQYDVR0OBBYEFNLhBH6Nc1RTScVTrR6E2YoAC2pvMIGMBgNVHSMEgYQw +gYGAFNLhBH6Nc1RTScVTrR6E2YoAC2pvoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G A1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRp -b24xFDASBgNVBAMTC3RoZSByb290IENBggkAvKYLEUU60WEwDgYDVR0PAQH/BAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4GBAImQUVtrgcgeP/KW0uv/8vKHxn8f4ogYqwpM -z/h7Th6y7Kq9x+XZRtQ6Q8c/L0AqRD8lClT1QsXHjA1eh6jlpfMsPIx49km8a8LL -Ci7Nn/fTAP9lBuNsuYYmXMW70JGEtanPV+YSANMSb81nv0vxTANfZPNlLyxKg6fA -naOpkjnp +b24xFDASBgNVBAMTC3RoZSByb290IENBggkAo1HC+N1/uZowDgYDVR0PAQH/BAQD +AgEGMA0GCSqGSIb3DQEBBQUAA4GBAK2QXF62pXErsW9eZZasxSOxNyna/4dNsznP +GhA1Ua6hWLUFEiMuzagnuALzTceSS9CJPUBgpIxOIR6bcOlY7MvtmI9rIds97VoI +iCFRCb/eBtqaFgLHwaUFi14z/qxfAscRH53Ub0NNQPrLhOhnMwwvRXJ/wr3zOf8k +RQtwJL57 -----END CERTIFICATE----- diff --git a/test/root-ca/root.p12 b/test/root-ca/root.p12 index f5ca2e7..55f38fc 100644 Binary files a/test/root-ca/root.p12 and b/test/root-ca/root.p12 differ diff --git a/test/root-ca/root.priv b/test/root-ca/root.priv index 09e435b..10a31ac 100644 --- a/test/root-ca/root.priv +++ b/test/root-ca/root.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQC05doZRddZ/07J2iOvZS5PKdrW96qvLTkZlaqOxSK76JV1Wsmr -yI8x7x0KByIkoc20L8B203BqRxz8DWlf1MZhSp1sgRz3OrVDvmBE+xLTNxBQd6yw -ihtTSXwjkWic+i/kbtX0cY3hOUehvp3Eu0RtC+Lm6Pfa1GoOt3H0lqV2rwIDAQAB -AoGAb6QDK+G8fCBigZSMvWxWXijYlB6ZSi9AtBd4AVCMlSd/RcPX/ppyNUD6zPuG -CNGK4A8wWqU3FX/51Vx5kdkA7HPUB4fiXJmFLKyCQJhrf3YyJpH2aZiyBWpWJ97r -JXLraGMkoiEz3GhZPvyzrI1YSXo9jxA+JKbkXS65E7O11LECQQDp2k6o2mCusq+T -gyLvLFjAWPfqfaMJ7BKOfJym2PkAS0dC+6CnV92U6uPOWiSEjh3Ob6XwEBOu3Nzs -WXZnivJTAkEAxgerF8HyG/FS0w5ec0WcQ8rFu7/fcNgvPw7bBwy7pdUzKZ5Q987p -C2HZAOTKWT18/F1OyMtKMn7AEm06hHcWtQJAYAWR0ueIV3NrgKiSCZ8t+h0N/y0D -aymSHQuxzxi8dZBzfF+SAeSkSWeBjtOYtw0b1A4oFsCjNGPgGvRJGA8HnQJARauS -/SPF2yDXA9wNTL7T0GH5mSlTIi9cx/GhC2Tma9yLSHwjflu0T8XYA+F6c1UXsO3e -9vPWoddIGfOF3+7J9QJABjMCbdOPnPX++E/pkqpnkdEMjk/n8iXx8YCVbEgwl8hP -/CRsI7kJWgzCvzCrH81YCO+DeQljX2XDUiOkM6DRYg== +MIICWwIBAAKBgQCwtt6Bkm6plmUmXk1okHED/Mratlz01+wDjjEH1/DMs0TYCvjd +CrijG3Mcu9czj4x4HDv//swoNwT805BgYP00vxDwh3oraTsaipjaxIeYks8hXH54 +JZuuLOiM5GuTDLkvXdOyVnaNVU9tFtjJX+kYMvozlDVcH9NJwzyQosaUJQIDAQAB +AoGAd71BobyOHX1ZxpjJjNuqqJAHCBHfhMw2EOatVGo+sQWb1WQB4w0btPGpm0Ow +ezB+dvhys3B795foWkQkpRmzF4Rb7w3t9DQ1tShqwyXCPTURSl9RxS8nQcGUX2/Y +/8Ei8jGEHWn/8IyryJmnetCulibNFOTVZrB+aAxBPWhopEECQQDmoC6ks//tS7My +9iXx48xyM4Pd2UYzM/eRvjuYsaAbYDF95w5Ai6esdLCVNJgAUe259TtO0cdJgJup +EJwBlVkxAkEAxCg3PeeoOppBLxvtLszlLf8r+DmteI57hGwVPHtIElX7BLg9ItoT +7joP/ZRfE4VZApuf4/kFUOCkb7/U9aWtNQJAO/FibjjCymCkoRhNYIO+/efZ3G2+ +y0w0itMRFm0Emlj0RC8sCybBXBewVfenkl25Fl5hHel0jOw6iUTh559z4QJASek1 +V3gQZXR2F0AYkMfXmwtJEBD7ki9tzynCnrV9JJuNJ+wb7SPq2pq6J7xeTsayEU9+ +YbIVFLJwg0LvBVhV+QJASxW/aJQukNB9fZC3SFBz/6ed17lpK/F8958lnbNJAx1S +Nvcv/KvKiND0dFbAvu/GzL69wjqTq0P6qIQ5U3pYUw== -----END RSA PRIVATE KEY----- diff --git a/test/slash-ca/req_conf.cnf b/test/slash-ca/req_conf.cnf index 41e981b..157af63 100644 --- a/test/slash-ca/req_conf.cnf +++ b/test/slash-ca/req_conf.cnf @@ -71,6 +71,18 @@ nsCertType = server nsComment = "OpenSSL Generated Server Certificate" subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +[ ca_altname2 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = $ENV::DNS_HOSTNAME + +[ ca_altname3 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = email:john.doe@foo.bar + [ ca_client ] # For normal client use this is typical nsCertType = client, email diff --git a/test/slash-ca/slash.cert b/test/slash-ca/slash.cert index 5902073..c591946 100644 --- a/test/slash-ca/slash.cert +++ b/test/slash-ca/slash.cert @@ -1,20 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDXDCCAsWgAwIBAgIJAI9If1GAVZjzMA0GCSqGSIb3DQEBBQUAMHgxCzAJBgNV +MIIDXDCCAsWgAwIBAgIJAIg5QkW7J8/JMA0GCSqGSIb3DQEBBQUAMHgxCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxLDAqBgNVBAoTI2h0dHA6Ly9zbGFzaC5z bGFzaC5lZHU6NzY1Ni90ZXN0aW5nMRMwEQYDVQQLEwpSZWxheGF0aW9uMRUwEwYD -VQQDEwx0aGUgc2xhc2ggQ0EwHhcNMTAxMDIwMTY1MjQ1WhcNMzgwMzA3MTY1MjQ1 +VQQDEwx0aGUgc2xhc2ggQ0EwHhcNMTAxMjE2MTcyMzE0WhcNMzgwNTAzMTcyMzE0 WjB4MQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMSwwKgYDVQQKEyNodHRw Oi8vc2xhc2guc2xhc2guZWR1Ojc2NTYvdGVzdGluZzETMBEGA1UECxMKUmVsYXhh dGlvbjEVMBMGA1UEAxMMdGhlIHNsYXNoIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GN -ADCBiQKBgQDGvUstaalxpzmvku/qAqFNopTCrHwRu88r0Mzq1GrIIY3moADQKqDf -LxEbv6qbqinyrBWBkjuiNWD5dwrDMT44ifFlYsHTXPk1VmRGcWmCgpDbxkL+mQPn -U2aBrdik4tLlSyVJYMjm2N7lJAOEaObCOC7AayJ09igehHXaISI/RQIDAQABo4Ht -MIHqMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFCJpKy919GUf+8BpVr4QGhV1bc9S -MIGqBgNVHSMEgaIwgZ+AFCJpKy919GUf+8BpVr4QGhV1bc9SoXykejB4MQswCQYD +ADCBiQKBgQDluI75hMEoE1TGyj7XTjElxLx9LKCj3QmkuNco7/nSVu3jXkEWSUSp +tfNLQ+nnWZ4MlPtL0x21BqFZA5YGV/P8T/Q/oX8fTyFnLc2FTWAmujrbpQHPknUa +EO9CRiJjK7DuoWwsEjRClbRuB297zrTdQH9RFzJ8UbBt4bi0ckNp1QIDAQABo4Ht +MIHqMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFBryqVaj4vDBMxXwlXHGXyWzH1L6 +MIGqBgNVHSMEgaIwgZ+AFBryqVaj4vDBMxXwlXHGXyWzH1L6oXykejB4MQswCQYD VQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMSwwKgYDVQQKEyNodHRwOi8vc2xhc2gu c2xhc2guZWR1Ojc2NTYvdGVzdGluZzETMBEGA1UECxMKUmVsYXhhdGlvbjEVMBMG -A1UEAxMMdGhlIHNsYXNoIENBggkAj0h/UYBVmPMwDgYDVR0PAQH/BAQDAgEGMA0G -CSqGSIb3DQEBBQUAA4GBAAYYKZtd0ius8+Roc/o9n3r0GLhWmoWxfXL3THKMQ2o4 -w2FLcOyMr/y8bBUT+aIho4JdDmho4wedMX8ApQLUsyiKk6R5vZ8L2yX457/dYVq5 -lvbl9FNpdVDpDbAJfrT61OLVMD7p+nfNiNoSr8BnrGpgo1FYRruJajB9+FvS1M3u +A1UEAxMMdGhlIHNsYXNoIENBggkAiDlCRbsnz8kwDgYDVR0PAQH/BAQDAgEGMA0G +CSqGSIb3DQEBBQUAA4GBAI9+LLLaK1ANc8da9g9w2d8i5jN8ln6pUKcemE0ScT+3 +F0Qyc1jdqpmulEtrHD8/XJDydSoiKhhaWqYbW+KZYIumoWG8fUJ1FJLQfvUqCLaS +dnIvE5h7BaEBERgE450YP1uidOoJXCCqUgpr3SywrSUwEfykwF2veljqn9poYSOM -----END CERTIFICATE----- diff --git a/test/slash-ca/slash.p12 b/test/slash-ca/slash.p12 index 16c06a1..ff9fb63 100644 Binary files a/test/slash-ca/slash.p12 and b/test/slash-ca/slash.p12 differ diff --git a/test/slash-ca/slash.priv b/test/slash-ca/slash.priv index 91cf27a..deb68cd 100644 --- a/test/slash-ca/slash.priv +++ b/test/slash-ca/slash.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDGvUstaalxpzmvku/qAqFNopTCrHwRu88r0Mzq1GrIIY3moADQ -KqDfLxEbv6qbqinyrBWBkjuiNWD5dwrDMT44ifFlYsHTXPk1VmRGcWmCgpDbxkL+ -mQPnU2aBrdik4tLlSyVJYMjm2N7lJAOEaObCOC7AayJ09igehHXaISI/RQIDAQAB -AoGBAL6LsW+KFhbNAYbv96zC9srLrZt06sPJ8NkOqdog7XySh03ubLkplfJGWz3i -p332SZ/NFBWWEiz0xtSIKT56kS7MetNnhTD7kR0JTC2K2kJVR5MPHfvCjsS/Qwof -e+7nB998CIdjJnk35be1gIdawTsBlU+B0MySyJFNPSYKiP1BAkEA8y3gMIeHtNZn -aBV6kSDm7JbktfAVWjXRrJ0/qDhbg/bKe2s3w9S9dn0m0B3RhgAu2y6wstxq3rMx -TjNI8uXN1QJBANE3oFIQm022rozN13aAvJrQFdyS3R5QxCO92ULKkh1nu3n2KkFD -6nxiJPNurkw0A6PKphWchSQkowGFsR6Hs7ECQGbrfpvrcHMH3yH9HS+5JiLxxgB+ -iPryFjihIOT4XTsfwxizCxn1uu4gD8I7LIczIqGfRCefBBgW7QI00GYE/rUCQDVj -kJHgkwEd4SUlUhp3d6m5+Bo1kB+wVJ0aUVrt/qNqWTkiTF4jSq87DFrin6/qhhNC -H2fcbU1v2/kDeNNlpcECQQCTAy/EmVqcZB1n2M1vZXc4OvVRoojd+g8vp+nAryK4 -vqXWE/Y6zI/vLXH/gYzNFvuCgdS1s7q7ixGn9OhuR19Y +MIICXgIBAAKBgQDluI75hMEoE1TGyj7XTjElxLx9LKCj3QmkuNco7/nSVu3jXkEW +SUSptfNLQ+nnWZ4MlPtL0x21BqFZA5YGV/P8T/Q/oX8fTyFnLc2FTWAmujrbpQHP +knUaEO9CRiJjK7DuoWwsEjRClbRuB297zrTdQH9RFzJ8UbBt4bi0ckNp1QIDAQAB +AoGBAN9xbxBhAoh6lSFvI0TFd6SnAjg3KmF45KJmcFIPac4gY++ehGyrA7CXnHh/ +LIqtbsAKQYx1YxXrxxEQHeM5tcTEGyyQl3BN1hAnNviY0IQ95B2yrk3O7nkPpIuT ++id1QCouCQFto/gG3/Z8Yw4CQAkl/CvTDwL5U59+GgvH/bsBAkEA95k+EQ+GVFvS +I7xW0kSKjvPopyFwG8G6viBhNvGHhWTrXCnGsPSEcbKOkMH6G0c6NJ+FOHR3dgqc +JciB8vIddQJBAO2EBa98tcTLzpMWHzaRP6oPErTVpfyTKiC9LhU7XbAlQNN3jZnW +Ay/zZN0WBhvyZ/72MKQfTQoDa2KRxmVqruECQQDVgYZc7dc27Uri1+jCPqqApOEt +JY9n0AG5K3DJETN8ms691aRpOSDwbjmzqCGE3kHZ2OjnCr9swa9ugV1VYuR1AkBI +aCX/kIotO2B3UJglX3REGKJARJ18eTSvlFyXFmkCSOkRTnH5gten55BJIeys2mI/ +xLehYPVwZwh2nTAZPMOhAkEA1w0VCC4WP58r8V79BXXmAPwL9HgeOFmNYn89XO4+ +tyv3MA3BTaS4nYeAL1/QcRHURvuRV3Pl4TmFDeCwdov9Gg== -----END RSA PRIVATE KEY----- diff --git a/test/subca-ca/index.txt b/test/subca-ca/index.txt index 747fea2..e07f2f0 100644 --- a/test/subca-ca/index.txt +++ b/test/subca-ca/index.txt @@ -1 +1 @@ -V 380307165244Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA +V 380503172313Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA diff --git a/test/subca-ca/req_conf.cnf b/test/subca-ca/req_conf.cnf index 938048d..2e7632f 100644 --- a/test/subca-ca/req_conf.cnf +++ b/test/subca-ca/req_conf.cnf @@ -71,6 +71,18 @@ nsCertType = server nsComment = "OpenSSL Generated Server Certificate" subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +[ ca_altname2 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = $ENV::DNS_HOSTNAME + +[ ca_altname3 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = email:john.doe@foo.bar + [ ca_client ] # For normal client use this is typical nsCertType = client, email diff --git a/test/subca-ca/subca.cert b/test/subca-ca/subca.cert index 6ce651e..253a090 100644 --- a/test/subca-ca/subca.cert +++ b/test/subca-ca/subca.cert @@ -5,59 +5,59 @@ Certificate: Signature Algorithm: md5WithRSAEncryption Issuer: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the root CA Validity - Not Before: Oct 20 16:52:44 2010 GMT - Not After : Mar 7 16:52:44 2038 GMT + Not Before: Dec 16 17:23:13 2010 GMT + Not After : May 3 17:23:13 2038 GMT Subject: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the subca CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): - 00:ae:7b:19:ab:bc:2a:0d:07:8d:9e:70:5b:8c:b4: - 05:6d:7e:15:88:78:77:7c:5d:a2:10:7d:73:9c:84: - 79:70:97:8c:44:1f:e1:be:49:37:45:b2:58:21:aa: - 75:5b:89:0f:4f:a4:56:39:ec:1a:18:8f:96:20:50: - 0b:db:4f:a3:24:2e:00:c7:1c:0e:b4:c4:16:6f:3c: - ea:33:1d:0d:67:19:2a:20:f6:3e:b7:3d:71:f8:3b: - e7:5e:82:fb:14:2c:a6:d0:79:bc:e0:60:11:8f:0c: - 2f:6d:bc:1c:59:31:c7:91:6b:29:d4:2f:76:17:68: - 08:b2:5e:cb:bb:9f:f1:68:79 + 00:a6:02:9e:e7:e5:25:2f:a0:b7:60:7c:a6:99:2d: + 32:34:6e:c7:bd:11:c5:ca:ac:fd:65:08:de:d8:4e: + 58:b7:19:d6:d7:53:67:9f:3c:76:ab:65:a1:db:5f: + 4f:83:cc:5e:b3:14:73:c0:58:06:4e:10:96:c2:71: + 20:f0:c3:43:d5:82:ea:f4:bc:ce:d3:a1:17:7f:b1: + 2e:a5:2a:cd:67:36:a1:00:28:39:fe:29:95:c8:b9: + d2:60:35:0f:96:ec:6b:00:d4:1d:ae:73:8f:e5:47: + 42:95:16:f1:9f:0a:f6:a0:f5:5a:cb:85:81:15:b2: + 3c:21:ab:4d:cc:b1:52:52:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:TRUE X509v3 Subject Key Identifier: - DA:89:2A:7E:DC:67:B9:4C:A1:87:95:1A:4F:00:2A:C3:AC:0D:C2:4D + 72:E2:1C:DF:FA:13:48:67:BA:80:EF:59:BC:ED:EC:15:77:61:AF:CC X509v3 Authority Key Identifier: - keyid:58:14:D8:8D:4E:ED:3C:03:7A:26:E8:2F:16:24:1C:47:A4:71:61:85 + keyid:D2:E1:04:7E:8D:73:54:53:49:C5:53:AD:1E:84:D9:8A:00:0B:6A:6F DirName:/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the root CA - serial:BC:A6:0B:11:45:3A:D1:61 + serial:A3:51:C2:F8:DD:7F:B9:9A X509v3 Key Usage: critical Certificate Sign, CRL Sign Signature Algorithm: md5WithRSAEncryption - 9f:56:45:e3:34:63:ad:30:8a:69:f2:b1:5c:76:42:32:78:b8: - f0:d3:fb:66:be:fd:2d:69:ab:ec:e2:92:29:00:c7:51:98:7c: - a4:4b:27:d3:07:97:76:f1:f4:15:44:4f:a3:ae:94:00:d9:c3: - 5a:0d:4e:3b:ee:92:90:a0:e6:c1:d7:a4:7b:d0:52:83:18:cd: - b1:3c:cc:02:a3:76:54:1b:b7:5f:81:7c:a9:4c:84:8f:db:c8: - 5a:4b:23:39:26:30:0f:9d:ec:e0:5f:cb:3f:79:92:4f:83:67: - 2a:fe:a7:c1:8b:e0:bb:1a:cd:d1:10:aa:f5:f2:68:65:44:cb: - f5:fd + 77:fb:7d:ed:41:72:9a:44:a3:aa:c1:fd:45:09:67:2a:46:a9: + d9:72:5d:9a:d8:e3:0d:fe:2b:c7:62:4c:14:04:45:0f:34:a8: + 39:a0:e0:b9:70:74:74:e1:99:da:6a:e7:e8:cc:07:56:b9:a6: + 38:24:46:74:e1:a9:55:02:c0:5a:cf:78:9b:d7:95:76:2f:68: + 36:87:1b:8a:97:80:77:24:5b:6f:db:ec:a3:fc:88:50:3d:be: + f0:e1:ac:6d:1f:02:61:63:d4:8d:88:98:ca:de:0a:da:0e:36: + 19:ea:a6:1c:c1:fa:7c:d1:30:bc:d2:ee:6e:10:15:17:44:fb: + 53:52 -----BEGIN CERTIFICATE----- MIIC/DCCAmWgAwIBAgICAXYwDQYJKoZIhvcNAQEEBQAwWjELMAkGA1UEBhMCVUcx DzANBgNVBAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxh -eGF0aW9uMRQwEgYDVQQDEwt0aGUgcm9vdCBDQTAeFw0xMDEwMjAxNjUyNDRaFw0z -ODAzMDcxNjUyNDRaMFsxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzAN +eGF0aW9uMRQwEgYDVQQDEwt0aGUgcm9vdCBDQTAeFw0xMDEyMTYxNzIzMTNaFw0z +ODA1MDMxNzIzMTNaMFsxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzAN BgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEVMBMGA1UEAxMMdGhl -IHN1YmNhIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuexmrvCoNB42e -cFuMtAVtfhWIeHd8XaIQfXOchHlwl4xEH+G+STdFslghqnVbiQ9PpFY57BoYj5Yg -UAvbT6MkLgDHHA60xBZvPOozHQ1nGSog9j63PXH4O+degvsULKbQebzgYBGPDC9t -vBxZMceRaynUL3YXaAiyXsu7n/FoeQIDAQABo4HPMIHMMAwGA1UdEwQFMAMBAf8w -HQYDVR0OBBYEFNqJKn7cZ7lMoYeVGk8AKsOsDcJNMIGMBgNVHSMEgYQwgYGAFFgU -2I1O7TwDeiboLxYkHEekcWGFoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG +IHN1YmNhIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCmAp7n5SUvoLdg +fKaZLTI0bse9EcXKrP1lCN7YTli3GdbXU2efPHarZaHbX0+DzF6zFHPAWAZOEJbC +cSDww0PVgur0vM7ToRd/sS6lKs1nNqEAKDn+KZXIudJgNQ+W7GsA1B2uc4/lR0KV +FvGfCvag9VrLhYEVsjwhq03MsVJS3QIDAQABo4HPMIHMMAwGA1UdEwQFMAMBAf8w +HQYDVR0OBBYEFHLiHN/6E0hnuoDvWbzt7BV3Ya/MMIGMBgNVHSMEgYQwgYGAFNLh +BH6Nc1RTScVTrR6E2YoAC2pvoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFDAS -BgNVBAMTC3RoZSByb290IENBggkAvKYLEUU60WEwDgYDVR0PAQH/BAQDAgEGMA0G -CSqGSIb3DQEBBAUAA4GBAJ9WReM0Y60wimnysVx2QjJ4uPDT+2a+/S1pq+zikikA -x1GYfKRLJ9MHl3bx9BVET6OulADZw1oNTjvukpCg5sHXpHvQUoMYzbE8zAKjdlQb -t1+BfKlMhI/byFpLIzkmMA+d7OBfyz95kk+DZyr+p8GL4LsazdEQqvXyaGVEy/X9 +BgNVBAMTC3RoZSByb290IENBggkAo1HC+N1/uZowDgYDVR0PAQH/BAQDAgEGMA0G +CSqGSIb3DQEBBAUAA4GBAHf7fe1BcppEo6rB/UUJZypGqdlyXZrY4w3+K8diTBQE +RQ80qDmg4LlwdHThmdpq5+jMB1a5pjgkRnThqVUCwFrPeJvXlXYvaDaHG4qXgHck +W2/b7KP8iFA9vvDhrG0fAmFj1I2ImMreCtoONhnqphzB+nzRMLzS7m4QFRdE+1NS -----END CERTIFICATE----- diff --git a/test/subca-ca/subca.p12 b/test/subca-ca/subca.p12 index 279f7fd..9b7b347 100644 Binary files a/test/subca-ca/subca.p12 and b/test/subca-ca/subca.p12 differ diff --git a/test/subca-ca/subca.priv b/test/subca-ca/subca.priv index 6093ed8..858f6e4 100644 --- a/test/subca-ca/subca.priv +++ b/test/subca-ca/subca.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQCuexmrvCoNB42ecFuMtAVtfhWIeHd8XaIQfXOchHlwl4xEH+G+ -STdFslghqnVbiQ9PpFY57BoYj5YgUAvbT6MkLgDHHA60xBZvPOozHQ1nGSog9j63 -PXH4O+degvsULKbQebzgYBGPDC9tvBxZMceRaynUL3YXaAiyXsu7n/FoeQIDAQAB -AoGBAJ6/G4UXpr7CD4SGv5TNuV58Z8UJrdS2MByGt2hBU2gwSgs1YqNJZAOClxLS -TwJgOlEAuP7sJHYSNcnialc4JrnklxnAV9Zw34FhVnYjGEMRexDXOl0HALUVpZyM -m13ld3y0nqr7U3Hxf5N99z95VmP1oCuR6EcSrIrwBX1L6od9AkEA1Hs8ehgK71DR -98MUHeO6+IcypZ8+raJlp5Eqtx0E686vPZkizzucC9jCOgH26sfUpH1zPlbLNxIm -B4/s6KUktwJBANI3bleCiIdgNVzr6MuFRCKIleM/sHj62oEo2/3yDBtjKkfTFB/J -GABwejSMib95tvZ5m+Bf4N26uwQFsVFRjE8CQGL7reaqwJ1PpyCmbf6mkfko8j0Z -fBdjKbvv8lgvWpWHSTeG2SJ1AHK8XW6sb5xbzwF5t2/4+t4CxFiNga23EO0CQF22 -mFoqtvKi0Sc7g+w23MkIWsmT+vfz3LT3ohrzbLJI4vBiCPaijzCi89e5Ty8s84Ot -cu/zzisKs5R3dTTrRcECQQCTquffaPTmJzcPr6LSHeuU+1QkbFCZfPDLZT3L5NSh -fBFwtnbdrZoMaeNtizvHjk/kfN69gguKKF808N3F/7hj +MIICXAIBAAKBgQCmAp7n5SUvoLdgfKaZLTI0bse9EcXKrP1lCN7YTli3GdbXU2ef +PHarZaHbX0+DzF6zFHPAWAZOEJbCcSDww0PVgur0vM7ToRd/sS6lKs1nNqEAKDn+ +KZXIudJgNQ+W7GsA1B2uc4/lR0KVFvGfCvag9VrLhYEVsjwhq03MsVJS3QIDAQAB +AoGAGFHv96cBMJ4J30/DlFMjtLy59D/jSxLWuHN5OhUYOBLH/5mPZ6uS8v8bnCi1 +XGiXQwLvBjGfEtapT2kFW2Av0p4zsAnJ9D1emH5aFD67YXI5vW4PR0R/Lu58SI6a +p5y3aNsxCMmORAsXTfj2C3r/ntCuwUXITP2mUbL8pa2ofz0CQQDZWD9DNRdfDb4W +xQGparH30jxhlkUMxhjnddMnt0pAKxFjWXQQ80EI1mZRDk9gpb14okaEq+dRtkdR +3piJ/a2DAkEAw4kafeTETUSbbACRKmr+5skDuKYWY4nei7JNCP45HkpmIdFSEtvY +ftwkhuhJGtW7q4AuEIyU2QI7DRYg67twHwJAVy4+sgapyUcJ6Lg9YmeZ235JGhvc +trL/alioylWLQxIDd4Z6OBJbE+BsSjcjP/E7fxgYkT8jGnOzR/Ox3CgVYQJBAJoB +yI3TuxEoskl0gOGp+C6JsJakqgmoM1JQEwC8SvyimKKWHVChO3lfpp1jIwExymif +wqhiMXJioWQDQ9angP0CQB+PR9qES3nqqfRn8iCqcxNnmxALGqS2cxmDFxeQqEAL +0mGmZtNxswQr/9BipCHbf5KehNeDuVvMANk1ip00pyc= -----END RSA PRIVATE KEY----- diff --git a/test/subca-ca/subca.req b/test/subca-ca/subca.req index b0538b2..e6c16a7 100644 --- a/test/subca-ca/subca.req +++ b/test/subca-ca/subca.req @@ -1,11 +1,11 @@ -----BEGIN CERTIFICATE REQUEST----- MIIBmzCCAQQCAQAwWzELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEPMA0G A1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRUwEwYDVQQDEwx0aGUg -c3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK57Gau8Kg0HjZ5w -W4y0BW1+FYh4d3xdohB9c5yEeXCXjEQf4b5JN0WyWCGqdVuJD0+kVjnsGhiPliBQ -C9tPoyQuAMccDrTEFm886jMdDWcZKiD2Prc9cfg7516C+xQsptB5vOBgEY8ML228 -HFkxx5FrKdQvdhdoCLJey7uf8Wh5AgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQB7 -uInwZesojatHXyJ+42q7jh9YPCV7rHtUYFT4nUcKUcw+nPdBWAu2e8mUFDgLuO85 -sEGycf4ldlLI0EZUDPpsB5eR1jl8b4Z5qa4TZi46sQl1TW10lts61k12OjHw5DHm -uSioZ9ZnH9njsZ+XjkYjW8a+hwA4k2J2w7Bgtx2RTA== +c3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKYCnuflJS+gt2B8 +ppktMjRux70Rxcqs/WUI3thOWLcZ1tdTZ588dqtlodtfT4PMXrMUc8BYBk4QlsJx +IPDDQ9WC6vS8ztOhF3+xLqUqzWc2oQAoOf4plci50mA1D5bsawDUHa5zj+VHQpUW +8Z8K9qD1WsuFgRWyPCGrTcyxUlLdAgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQCk +MpGCwnIPP/A4U7v6GjNIeaD7SS1yTz8v7Sak7ZqQAgHQubQoOVeMrlWzrIqVbQiZ +g4JM7fjRObd0XSOwaUpMXmlB/O3+WLBsFELudfWslyEaHv0Wkgom+aZP9DRb/lVz +Kg6OaBIApp/5bwATPZxk+9Zo4W6d7LF6tHayHsgJhw== -----END CERTIFICATE REQUEST----- diff --git a/test/subsubca-ca/index.txt b/test/subsubca-ca/index.txt index a033096..c3bfea0 100644 --- a/test/subsubca-ca/index.txt +++ b/test/subsubca-ca/index.txt @@ -1 +1 @@ -V 380307165245Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA +V 380503172313Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA diff --git a/test/subsubca-ca/req_conf.cnf b/test/subsubca-ca/req_conf.cnf index 03be195..62ee717 100644 --- a/test/subsubca-ca/req_conf.cnf +++ b/test/subsubca-ca/req_conf.cnf @@ -71,6 +71,18 @@ nsCertType = server nsComment = "OpenSSL Generated Server Certificate" subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +[ ca_altname2 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = $ENV::DNS_HOSTNAME + +[ ca_altname3 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = email:john.doe@foo.bar + [ ca_client ] # For normal client use this is typical nsCertType = client, email diff --git a/test/subsubca-ca/subsubca.cert b/test/subsubca-ca/subsubca.cert index 0ed0875..fcd5892 100644 --- a/test/subsubca-ca/subsubca.cert +++ b/test/subsubca-ca/subsubca.cert @@ -5,59 +5,59 @@ Certificate: Signature Algorithm: md5WithRSAEncryption Issuer: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the subca CA Validity - Not Before: Oct 20 16:52:45 2010 GMT - Not After : Mar 7 16:52:45 2038 GMT + Not Before: Dec 16 17:23:13 2010 GMT + Not After : May 3 17:23:13 2038 GMT Subject: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the subsubca CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): - 00:c6:85:92:7f:9b:9b:65:2a:af:65:26:41:5f:c5: - 66:a2:05:39:4e:dd:25:19:92:ea:e1:25:bb:e2:a1: - ec:6c:78:bb:c3:df:e4:14:35:6d:3b:f5:fe:5c:c4: - 55:c6:13:c4:0c:c5:5d:da:7b:58:f0:51:2d:f4:1c: - 0d:5e:de:1e:14:7e:28:b3:3b:ae:20:24:c2:5c:c9: - b6:61:10:2b:05:8e:59:a3:4d:9a:86:1d:dc:e7:60: - 05:7a:e8:49:8c:92:65:f2:31:eb:22:37:c1:ca:4a: - c4:37:4e:20:f7:d5:ea:fe:0b:8f:f5:9a:22:ad:8c: - 3b:b0:22:03:4a:ea:93:4a:53 + 00:b9:e2:be:89:f7:d4:ea:b1:90:2a:13:c3:18:59: + fa:05:cd:52:73:09:18:7d:a8:a1:85:2c:c2:4b:58: + f8:c2:fd:2d:20:97:d0:df:39:be:15:7b:26:72:a1: + 4b:cc:62:03:0c:2b:9b:7d:d1:f0:a4:66:36:d4:48: + 8b:ca:61:73:61:b3:c3:9e:0a:5a:54:d5:43:ad:88: + 2a:0f:85:41:f0:d6:09:8d:d4:9a:f2:10:4e:41:d8: + d2:88:cd:07:78:ea:60:67:28:e1:4f:9e:3d:24:8b: + 64:31:fd:d3:d3:4c:bb:c8:42:49:15:69:f6:06:14: + 00:6d:b7:df:1d:c2:44:88:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:TRUE X509v3 Subject Key Identifier: - F9:3E:18:68:E7:2C:A1:13:40:69:1C:16:06:BB:12:BA:F1:24:5A:84 + 43:B2:E1:9F:EB:C5:ED:9C:C6:76:EF:EC:B4:D1:D3:95:AF:67:45:AD X509v3 Authority Key Identifier: - keyid:DA:89:2A:7E:DC:67:B9:4C:A1:87:95:1A:4F:00:2A:C3:AC:0D:C2:4D + keyid:72:E2:1C:DF:FA:13:48:67:BA:80:EF:59:BC:ED:EC:15:77:61:AF:CC DirName:/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the root CA serial:01:76 X509v3 Key Usage: critical Certificate Sign, CRL Sign Signature Algorithm: md5WithRSAEncryption - 75:59:34:61:36:36:c7:72:b9:c3:5d:10:e9:8a:59:18:1b:96: - d7:9e:8b:d5:1e:62:08:da:c2:25:5a:31:36:f7:8c:f9:a6:62: - dd:a5:4a:08:da:00:53:f7:a9:aa:35:46:82:f0:ba:66:38:22: - 84:45:4e:3e:f3:e1:3c:40:2b:29:94:87:01:ff:69:bf:56:24: - 6d:00:cb:13:33:8b:d6:34:c6:76:a6:4e:0d:46:82:74:51:16: - d1:32:18:cc:78:65:13:03:f3:36:5b:b9:78:8e:a9:b4:6e:8f: - 49:58:22:16:95:8a:93:ca:14:5e:33:fa:67:02:ea:d9:a6:0d: - 57:1b + 32:3b:67:ad:10:b0:a0:6c:82:39:c9:30:fb:c3:63:20:ff:66: + 11:38:13:58:3a:36:b4:ec:f8:55:9f:c4:05:34:04:9d:f1:5e: + 6a:95:71:79:9f:4d:42:6c:a7:ba:f2:e0:fe:cc:42:7e:85:49: + 56:94:5c:2f:e5:5b:27:ff:52:16:1b:a6:f5:4f:9e:88:67:96: + 6d:b0:71:07:73:d2:08:35:a0:8b:f5:5f:a6:9d:8f:ee:20:49: + 4f:01:39:17:e6:76:4a:43:9c:cd:9c:87:33:c2:5b:ac:8b:f9: + 24:4b:6b:1f:08:ef:99:e3:1a:16:1f:0f:1a:f4:1a:96:91:5c: + 69:d0 -----BEGIN CERTIFICATE----- MIIC9zCCAmCgAwIBAgICAXYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCVUcx DzANBgNVBAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxh -eGF0aW9uMRUwEwYDVQQDEwx0aGUgc3ViY2EgQ0EwHhcNMTAxMDIwMTY1MjQ1WhcN -MzgwMzA3MTY1MjQ1WjBeMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMQ8w +eGF0aW9uMRUwEwYDVQQDEwx0aGUgc3ViY2EgQ0EwHhcNMTAxMjE2MTcyMzEzWhcN +MzgwNTAzMTcyMzEzWjBeMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMQ8w DQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xGDAWBgNVBAMTD3Ro -ZSBzdWJzdWJjYSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxoWSf5ub -ZSqvZSZBX8VmogU5Tt0lGZLq4SW74qHsbHi7w9/kFDVtO/X+XMRVxhPEDMVd2ntY -8FEt9BwNXt4eFH4oszuuICTCXMm2YRArBY5Zo02ahh3c52AFeuhJjJJl8jHrIjfB -ykrEN04g99Xq/guP9ZoirYw7sCIDSuqTSlMCAwEAAaOBxjCBwzAMBgNVHRMEBTAD -AQH/MB0GA1UdDgQWBBT5Phho5yyhE0BpHBYGuxK68SRahDCBgwYDVR0jBHwweoAU -2okqftxnuUyhh5UaTwAqw6wNwk2hXqRcMFoxCzAJBgNVBAYTAlVHMQ8wDQYDVQQH +ZSBzdWJzdWJjYSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAueK+iffU +6rGQKhPDGFn6Bc1ScwkYfaihhSzCS1j4wv0tIJfQ3zm+FXsmcqFLzGIDDCubfdHw +pGY21EiLymFzYbPDngpaVNVDrYgqD4VB8NYJjdSa8hBOQdjSiM0HeOpgZyjhT549 +JItkMf3T00y7yEJJFWn2BhQAbbffHcJEiH0CAwEAAaOBxjCBwzAMBgNVHRMEBTAD +AQH/MB0GA1UdDgQWBBRDsuGf68XtnMZ27+y00dOVr2dFrTCBgwYDVR0jBHwweoAU +cuIc3/oTSGe6gO9ZvO3sFXdhr8yhXqRcMFoxCzAJBgNVBAYTAlVHMQ8wDQYDVQQH EwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEU MBIGA1UEAxMLdGhlIHJvb3QgQ0GCAgF2MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG -9w0BAQQFAAOBgQB1WTRhNjbHcrnDXRDpilkYG5bXnovVHmII2sIlWjE294z5pmLd -pUoI2gBT96mqNUaC8LpmOCKERU4+8+E8QCsplIcB/2m/ViRtAMsTM4vWNMZ2pk4N -RoJ0URbRMhjMeGUTA/M2W7l4jqm0bo9JWCIWlYqTyhReM/pnAurZpg1XGw== +9w0BAQQFAAOBgQAyO2etELCgbII5yTD7w2Mg/2YROBNYOja07PhVn8QFNASd8V5q +lXF5n01CbKe68uD+zEJ+hUlWlFwv5Vsn/1IWG6b1T56IZ5ZtsHEHc9IINaCL9V+m +nY/uIElPATkX5nZKQ5zNnIczwlusi/kkS2sfCO+Z4xoWHw8a9BqWkVxp0A== -----END CERTIFICATE----- diff --git a/test/subsubca-ca/subsubca.p12 b/test/subsubca-ca/subsubca.p12 index 2299906..becb15b 100644 Binary files a/test/subsubca-ca/subsubca.p12 and b/test/subsubca-ca/subsubca.p12 differ diff --git a/test/subsubca-ca/subsubca.priv b/test/subsubca-ca/subsubca.priv index a8e65fd..352bd04 100644 --- a/test/subsubca-ca/subsubca.priv +++ b/test/subsubca-ca/subsubca.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDGhZJ/m5tlKq9lJkFfxWaiBTlO3SUZkurhJbvioexseLvD3+QU -NW079f5cxFXGE8QMxV3ae1jwUS30HA1e3h4UfiizO64gJMJcybZhECsFjlmjTZqG -HdznYAV66EmMkmXyMesiN8HKSsQ3TiD31er+C4/1miKtjDuwIgNK6pNKUwIDAQAB -AoGAYw/+RZ0hkv8U3PWVA7RefZT7vuXNgJB2knkg43uHna01jQ2pI4hxhM1A64ux -fZEZcIIATmjkva7Uro5dAaz29sI9rfBo64Eo/oH8GowEMYPcB6b8wF3QApNmNLpV -FamjU7H452fDYiCeRLzvJFm6uy3Tl5SC6G7dFuuAOKlSpkkCQQD+vaK0X5Iye10s -YlRhTLgY8dibU/ud5RJ3E1q7w49H0PoTg29mJFdEHMWdtDH7hI/a9YfklTfkmlr/ -SX4Q56u1AkEAx4DLM+x+Ui6z8PFJd36z2UttRMwjopqq0sFLH0Gglg9RlTzYTVCw -Q7+tSEggrMcZdnZclKXGHPHcdkPwrMYy5wJBAIdrGg5W6+oIKIzKrN6YoRkpn6Na -7tyOBNXmJQrBt+5OilJLQbIDyZw8y1S9kQCLBMo6UgZSyMauw4cIc4rbDS0CQC5Y -zFw2r6317ZWm6FNbWvq7HBpkdk7bMZ4ei44qV90kl+ZcqT9k5F4I1H+7SeP5qP+t -RZq+3ERzJ61N4UayELcCQQCRX3rm4CqFo3pV+soJP70ZK2VkuJu+sS9+KHARjA7U -jNmU2OppG47b1U4Hvzp5wgHFoB9bs2pu8Ae0taKT7AAB +MIICXQIBAAKBgQC54r6J99TqsZAqE8MYWfoFzVJzCRh9qKGFLMJLWPjC/S0gl9Df +Ob4VeyZyoUvMYgMMK5t90fCkZjbUSIvKYXNhs8OeClpU1UOtiCoPhUHw1gmN1Jry +EE5B2NKIzQd46mBnKOFPnj0ki2Qx/dPTTLvIQkkVafYGFABtt98dwkSIfQIDAQAB +AoGACLRqkdFuQhNQmffU8gX8pFrqGoL5h6Dm93KSIq8m7xKmE1moqVtt4FmlAkc1 +YnvQgrhkDq9PIpO6y5QeH7sSiRNAWO8iMSuGlsGCv5BqWz6T7qcSSM0k7r7VVdtC +J0xvuTeJJx5zuAHPlBb5gW+B7m9BMBXhkwCZk99EbTBOhmECQQDsDznUQbljz0Ny +klbzbtWppG6JLXmUr6VssRcvMgFVJHrch1+L/zMPS1w+ZERu0orTAGaswiJ5zCgj ++7Luj8BlAkEAyZaDc6VNeVDbL74rQFXDF8bdeuVZKqVgd3fjLY6EoT50U36AlCHg +rJh3xs9eEW5KmUXmyb5Ir8KfGD4icffKOQJBAJMWma4Mlfv/NcO6M7vToAbokoef +claXa7hiUFP0EKiA5p1rLLoK9kHdb0jhKVL0ldQMN+4FuX2zHH/vYfsMT5ECQDgV +aOLutVwwE5r3xF60vX9K82lyj1kfA3SZZRnSkbGuh3yHMEyGFFTQYlpsbNZaoeR8 +nxW3m89STSLYforIjnkCQQDh36p1GeYIVQJ4j6xveOPIG/wb4bj0FqymhsDldtxi +zl6IPPGlzlKyNYp+PLFjJ87FXoPWXa/xYWNZlE8yF2nD -----END RSA PRIVATE KEY----- diff --git a/test/subsubca-ca/subsubca.req b/test/subsubca-ca/subsubca.req index ee46f1b..6d02083 100644 --- a/test/subsubca-ca/subsubca.req +++ b/test/subsubca-ca/subsubca.req @@ -1,11 +1,11 @@ -----BEGIN CERTIFICATE REQUEST----- MIIBnjCCAQcCAQAwXjELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEPMA0G A1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRgwFgYDVQQDEw90aGUg -c3Vic3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMaFkn+bm2Uq -r2UmQV/FZqIFOU7dJRmS6uElu+Kh7Gx4u8Pf5BQ1bTv1/lzEVcYTxAzFXdp7WPBR -LfQcDV7eHhR+KLM7riAkwlzJtmEQKwWOWaNNmoYd3OdgBXroSYySZfIx6yI3wcpK -xDdOIPfV6v4Lj/WaIq2MO7AiA0rqk0pTAgMBAAGgADANBgkqhkiG9w0BAQUFAAOB -gQA6ra/yc+Dm0XuZbiQvknjBAnfDN18eB8am/g9p1xUeqJUHtecPShfl7Yzm9hEb -aQRv3fVO9D+bAemYOiuZdAqSfOoSQ1f7xA/8eBypnkv9a4ZPPzNuKgjeWSiuJFQe -d/JddnqkQW/LKC8cPw6yWOk0IdetRskwuQSQFD3rqPpkPw== +c3Vic3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALnivon31Oqx +kCoTwxhZ+gXNUnMJGH2ooYUswktY+ML9LSCX0N85vhV7JnKhS8xiAwwrm33R8KRm +NtRIi8phc2Gzw54KWlTVQ62IKg+FQfDWCY3UmvIQTkHY0ojNB3jqYGco4U+ePSSL +ZDH909NMu8hCSRVp9gYUAG233x3CRIh9AgMBAAGgADANBgkqhkiG9w0BAQUFAAOB +gQBN3GWZgt/lPxp6arW8azlqgMwrFqay++JhWLzJZHSCIbJYQweYlf3hD69ykfYP +xxqG5+K9T81dJqHSEWgvXysK8yJAIcFUigV2Fdd6ggwUKvRLzBe6rS7b0imV32mP +BF/IVWQXScyQWCpp15ktKXdUY6QkygYeeMnf4Scf2tTlgg== -----END CERTIFICATE REQUEST----- diff --git a/test/trusted-ca/req_conf.cnf b/test/trusted-ca/req_conf.cnf index 259c701..8e7c6f7 100644 --- a/test/trusted-ca/req_conf.cnf +++ b/test/trusted-ca/req_conf.cnf @@ -71,6 +71,18 @@ nsCertType = server nsComment = "OpenSSL Generated Server Certificate" subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +[ ca_altname2 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = $ENV::DNS_HOSTNAME + +[ ca_altname3 ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = email:john.doe@foo.bar + [ ca_client ] # For normal client use this is typical nsCertType = client, email diff --git a/test/trusted-ca/trusted.cert b/test/trusted-ca/trusted.cert index 9633019..91b88d0 100644 --- a/test/trusted-ca/trusted.cert +++ b/test/trusted-ca/trusted.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDCzCCAnSgAwIBAgIJAOouQ4VpKHjTMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV +MIIDCzCCAnSgAwIBAgIJAJuFJ8UKay74MA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIHRydXN0ZWQgQ0EwHhcNMTAxMDIw -MTY1MjE2WhcNMzgwMzA3MTY1MjE2WjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG +CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIHRydXN0ZWQgQ0EwHhcNMTAxMjE2 +MTcyMzA5WhcNMzgwNTAzMTcyMzA5WjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFzAV BgNVBAMTDnRoZSB0cnVzdGVkIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB -gQC+Jzh/JpR5dKWz48VxkhZJ2vs93BX3VvRjUbxx4MjTtlSL6nu782cudl7w8MPY -jhuwA2T6jbWLH0zxk8mcjFIRIHQXzcCUqo4Mkq5BtH3+2a89ETwvLNgKX0Gf2F9S -yOh0d6vhlbEOdNFbTKQLVMsjWEKMCj5L+VZeadxn9LJiNQIDAQABo4HSMIHPMAwG -A1UdEwQFMAMBAf8wHQYDVR0OBBYEFOA+Gh96ypaxx45JD1tHvDvXSfBJMIGPBgNV -HSMEgYcwgYSAFOA+Gh96ypaxx45JD1tHvDvXSfBJoWGkXzBdMQswCQYDVQQGEwJV +gQDZdPzKqIcYF1MYCcE/VZ63Pz8xJB8NcsLDK/VkWKGVGx6PTnanJ7I9k46ruTkb +i362cmIj70qDNZzVlkaPJJ9ncwedhDvxcxofSVzqetI38RsHYBeLFm011W7wsVl3 +FeMbRRBUkcHSULSNU09lxvzSj3sbTqN8BiQWwKsfmCFH8QIDAQABo4HSMIHPMAwG +A1UdEwQFMAMBAf8wHQYDVR0OBBYEFJO6Gw2Fwc+luvR2I+eCL4VngvNpMIGPBgNV +HSMEgYcwgYSAFJO6Gw2Fwc+luvR2I+eCL4VngvNpoWGkXzBdMQswCQYDVQQGEwJV RzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJl -bGF4YXRpb24xFzAVBgNVBAMTDnRoZSB0cnVzdGVkIENBggkA6i5DhWkoeNMwDgYD -VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAHkb4skFvgFfR03v7V7sKWll -l292pFON7Zpqa/nwOX7yrIJzz+nFzz9QU3wsUuFdLNMP42usPFWUt8cwV4QMkxdj -p+iV2sEMJxNcQwZJdC5EeW0J+RIXnkNarDAev4Hlx0Af/4e5mUkJCAj4YG/frJbK -TF+PsdS5cfC86kEH3mB1 +bGF4YXRpb24xFzAVBgNVBAMTDnRoZSB0cnVzdGVkIENBggkAm4UnxQprLvgwDgYD +VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBANBi+lIoIhlKOLs1Wbxfu+Mv +0vxde/ZIWjJ6KTTfXpvhshimKPwVfv+kppJA6wdVtVe7Zx5Jwc9Wt/p6lWD6htoI +8p6k9GCk2sT5DcVlErxi1hIwps+RbkuJVPpwQZFpCdpKyOTcfJvhXlbO27ZI6Qyw +dfTq0+pVfIgUoBVG9Rw/ -----END CERTIFICATE----- diff --git a/test/trusted-ca/trusted.p12 b/test/trusted-ca/trusted.p12 index 6f67354..62a90c3 100644 Binary files a/test/trusted-ca/trusted.p12 and b/test/trusted-ca/trusted.p12 differ diff --git a/test/trusted-ca/trusted.priv b/test/trusted-ca/trusted.priv index 09a3643..02ced14 100644 --- a/test/trusted-ca/trusted.priv +++ b/test/trusted-ca/trusted.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQC+Jzh/JpR5dKWz48VxkhZJ2vs93BX3VvRjUbxx4MjTtlSL6nu7 -82cudl7w8MPYjhuwA2T6jbWLH0zxk8mcjFIRIHQXzcCUqo4Mkq5BtH3+2a89ETwv -LNgKX0Gf2F9SyOh0d6vhlbEOdNFbTKQLVMsjWEKMCj5L+VZeadxn9LJiNQIDAQAB -AoGAe9ZdI+nDPkoqdDo9ZxZl75lukD3aDGgT5u7fVCa5g6+15h1CkggVxZuPf0i9 -szXxcDL1u3s4pS8wVBAUeCCmfKLxbUw37FVr8REi962cCqIWLf5O0v+wjevwf37y -7KF5qwppm3hgyOLbY42aKDljWXPlVL985Ird4fMUl3O2ASECQQDrfzz5X+Dfvcq/ -PVd1hzecMB/SpW9GetC6ZawlDcLioTKD91+bSmd3RfuU4kpnx6iSF9yItl7Runqa -UlAW/yy5AkEAzrVb0wt8UiBbd4QIHlMak1Eb9T8hE31b1FxXmzEzEoL+lQXlJJVS -L+JFLsnhxgXzo1Ts7rPTURzJpdBvNPS7XQJBAKoP7ZlsirkoluR5yNHfvuH0wtZc -j7oG8Prad3EeufDtVcyE9K7xETzJ9f8zV2YQggRWZPT5Ngogr28IKDwjNEkCQGfW -nywjhu5SpuAhCVsCcEU055CJh/ocbTb+tFuXmYphF7aQ4Y1BHapERnC8pZgugTe5 -f9RhrXP/vCR50oONtVkCQBVYV3aJO3oz63kGCGnRJoxu+CGu/PauCKCXjbHSksNy -xojBtyuLuR51Mg3n7iIZpJrE7+Yk/POwSpbC+ZGTtUQ= +MIICXAIBAAKBgQDZdPzKqIcYF1MYCcE/VZ63Pz8xJB8NcsLDK/VkWKGVGx6PTnan +J7I9k46ruTkbi362cmIj70qDNZzVlkaPJJ9ncwedhDvxcxofSVzqetI38RsHYBeL +Fm011W7wsVl3FeMbRRBUkcHSULSNU09lxvzSj3sbTqN8BiQWwKsfmCFH8QIDAQAB +AoGBAMDwj6qwRM0XRN67KP8s1Jn6P/M1/WdNP4kz45KZISTO3xp/n79H9Vm1Jo0u +1oCeEFuIuZLwqcgpNXI813YCJHteXrTx12B5iMroBQ2hmm2plgkcok2dS3NQDnGc +3LeiWaljgLJV+MFA/5cRdP39jFo84gJvsf2XbSkbDPzeTmsRAkEA7S+VjWG8Xxol +65B1nozOaXMoKW1hVFxKHb5bF9p2cmkRLXv9ILnhQohwvPx0XQUuejuNicrB9Mzm +M6XYQk5z1wJBAOq0x0eKgsU9yLktqGBUfWTpfk9tYVr4mS43b6uSUZjRGwcs1o7d +5Ew+oyj204kpkSECxCjRabS73XJ9ihBEKXcCQB+NKunJzJMiGVVCvELBHFwus3L/ +V+ku9bULM3by2rrRezV/vuZxk6OUHtslAh21qL8d2PAxhqeX8i+Aqkn3wbUCQHAv +5SlfHc7mD3HkTx1shVuc+FFC+UwglCexO+GI2RPwr7ioSA6WJbAEKL1F7iscAVEE +H3tbTemj+t/k/f90dVUCQH+ns8UJYRLIhuEW0vF5D1LYNFEtAMly96iCRUChciAF +lV8ve1NcgfvujhQPLC5Sj8pNj/omVwUCFNZNaiQf/9o= -----END RSA PRIVATE KEY-----