From: Joni Hahkala Date: Fri, 25 Jun 2010 22:15:43 +0000 (+0000) Subject: - new CA with slash in the DN X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=820841b4e1e3e4abec6ec600d6255c4a9d8be934;p=glite-security-test-utils.git - new CA with slash in the DN - pkcs8 key for _client, _client.priv.pkcs8 - cleaning up leftover files - remove duplicate DNs, new openssl is more strict, name clashes failed --- diff --git a/bin/generate-ca-certificates-for-cvs.sh b/bin/generate-ca-certificates-for-cvs.sh index fa72f8c..6ab7edc 100755 --- a/bin/generate-ca-certificates-for-cvs.sh +++ b/bin/generate-ca-certificates-for-cvs.sh @@ -17,8 +17,8 @@ CONFIGDIR=$PWD/$(dirname $0)/../config BASEDIR=$PWD/$(dirname $0)/../test CONFIGFILES="index.txt serial.txt" PASSWORD='changeit' -CATYPES='trusted fake big expired nokeyusage root subca subsubca' -#CATYPES='trusted fake expired nokeyusage root subca subsubca' +CATYPES='trusted bad fake big expired nokeyusage root subca subsubca slash' +#CATYPES='slash' BIG_BITS=8192 SMALL_BITS=1024 @@ -52,10 +52,11 @@ function create_ca { export CN="the $catype CA" if [ "$catype" = "subca" ]; then generate_ca_cert "$catype" root "${DAYS}" false $BITS + rm ../root/*{.pem,.old,.attr} &>/dev/null else if [ "$catype" = "subsubca" ]; then generate_ca_cert "$catype" subca "${DAYS}" false $BITS - + rm ../subca/*{.pem,.old,.attr} &>/dev/null else generate_ca_cert "$catype" $catype "${DAYS}" true $BITS fi @@ -67,13 +68,13 @@ function create_ca { # Signing policy file for the $subject_name" access_id_CA X509 '${subject_name}' pos_rights globus CA:sign -cond_subjects globus '"$(echo "${subject_name}" | sed -e 's#/CN=.*$##')/*"' +cond_subjects globus '"$(echo "${subject_name}" | sed -e 's#/CN=.*$##' | sed 's/http:\/\/slash.slash.edu:7656\/testing/Utopia/')/*"' EOF cat < ${catype}.namespaces # Namespace for the $subject_name" TO Issuer "${subject_name}" \ - PERMIT Subject "$(echo "${subject_name}" | sed -e 's#/CN=.*$##')/*" + PERMIT Subject "$(echo "${subject_name}" | sed -e 's#/CN=.*$##' | sed 's/http:\/\/slash.slash.edu:7656\/testing/Utopia/')/*" EOF @@ -82,6 +83,7 @@ EOF else echo "${cadir}/serial.txt exists!" fi + rm *.pem *.old *.attr &>/dev/null } function generate_ca_cert { @@ -95,7 +97,11 @@ function generate_ca_cert { echo `pwd` - dn="/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the ${catype} CA" + if [ "$catype" = "slash" ]; then + dn="/C=UG/L=Tropic/O=http:\/\/slash.slash.edu:7656\/testing\/OU=Relaxation/CN=the ${catype} CA" + else + dn="/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the ${catype} CA" + fi echo $dn diff --git a/bin/generate-test-certificates.sh b/bin/generate-test-certificates.sh index 4b61c8a..0c3f2a0 100755 --- a/bin/generate-test-certificates.sh +++ b/bin/generate-test-certificates.sh @@ -95,7 +95,8 @@ function create_cert { echo $CA_DIR echo PDW=`pwd` CMD="openssl ca -in $filebase.req -out $filebase.cert -outdir $tmpdir \ - -md md5 -config $REQ_CONFIG_FILE -batch -preserveDN -extensions ca_$flags -passin pass:$PASSWORD -days $validity $castring" + -md md5 -config $REQ_CONFIG_FILE -batch -preserveDN \ + -extensions ca_$flags -passin pass:$PASSWORD -days $validity $castring" ;; *) echo "Unknown flags: $flags" @@ -462,6 +463,9 @@ function add_ca_grid_sec { if [ ! -d 'grid-security/certificates-subcawithpolicy' ]; then mkdir -p 'grid-security/certificates-subcawithpolicy' fi + if [ ! -d 'grid-security/certificates-withoutroot' ]; then + mkdir -p 'grid-security/certificates-withoutroot' + fi hash=$(openssl x509 -hash -noout -in $1-ca/$1.cert) cp $1-ca/$1.cert grid-security/certificates/${hash}.0 cp $1-ca/$1.crl grid-security/certificates/${hash}.r0 @@ -483,6 +487,8 @@ EOF cp grid-security/certificates/${hash}.* grid-security/certificates-rootwithpolicy cp grid-security/certificates/${hash}.* grid-security/certificates-rootallowsubsubdeny cp grid-security/certificates/${hash}.* grid-security/certificates-subcawithpolicy + cp grid-security/certificates/${hash}.* grid-security/certificates-subcawithpolicy + cp grid-security/certificates/${hash}.* grid-security/certificates-withoutroot #override root and sub namespaces if [ "$1" = 'root' ]; then @@ -546,6 +552,7 @@ pos_rights globus CA:sign cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=*"' EOF rm grid-security/certificates-subcawithpolicy/${hash}.{namespaces,signing_policy} + rm grid-security/certificates-withoutroot/${hash}.* fi if [ "$1" = 'subca' ]; then cat <grid-security/certificates/${hash}.namespaces @@ -663,6 +670,7 @@ function create_all { CTYPE="client" create_cert $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" ${TYPE} $DAYS + openssl pkcs8 -in $CERT_DIR/${catype}_${TYPE}.priv -topk8 -passin pass:${PASSWORD} -nocrypt >$CERT_DIR/${catype}_${TYPE}.priv.pkcs8 create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy "proxy" $PROXY_VALIDITY create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_dnerror "dnerror proxy" $PROXY_VALIDITY create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_dnerror2 "proxy" $PROXY_VALIDITY @@ -702,6 +710,7 @@ function create_all { create_cert_proxy_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_rfc "rfc proxy" $PROXY_VALIDITY proxy_rfc_plen proxy_rfc create_cert_proxy_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_rfc "rfc proxy" $PROXY_VALIDITY proxy_rfc_lim proxy_rfc create_cert_proxy_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_rfc "rfc proxy" $PROXY_VALIDITY proxy_rfc_plen proxy_rfc_plen + TYPE="clientbaddn" @@ -813,7 +822,7 @@ function create_all { create_cert $CERT_DIR/${catype}_${TYPE} "${CTYPE}" ${TYPE2} $DAYS TYPE="host_rev" - CTYPE="$HOSTNAME" + CTYPE="$HOSTNAME revoked" TYPE2="server" create_cert $CERT_DIR/${catype}_${TYPE} "${CTYPE}" ${TYPE2} $DAYS @@ -821,13 +830,13 @@ function create_all { TYPE="host_exp" - CTYPE="$HOSTNAME" + CTYPE="$HOSTNAME expired" TYPE2="server" create_cert $CERT_DIR/${catype}_${TYPE} "${CTYPE}" ${TYPE2} -1 TYPE="host_baddn" - CTYPE="$HOSTNAME" + CTYPE="$HOSTNAME baddn" TYPE2="hostbaddn" create_cert $CERT_DIR/${catype}_${TYPE} "${CTYPE}" ${TYPE2} $DAYS @@ -845,7 +854,7 @@ function create_all { TYPE="server" CTYPE="server2" - create_cert $CERT_DIR/${catype}_${TYPE}2 "xxx.foo.bar" ${TYPE} $DAYS + create_cert $CERT_DIR/${catype}_${TYPE}2 "xxx2.foo.bar" ${TYPE} $DAYS TYPE="clientserver" CTYPE="clientserver" @@ -1003,7 +1012,7 @@ while true; do case "$1" in -a|--all) ALL='yes' - CATYPES='trusted fake big expired nokeyusage subsubca' + CATYPES='trusted fake big expired nokeyusage subsubca slash' # CATYPES='subsubca' shift ;; @@ -1100,6 +1109,9 @@ for catype in $CATYPES; do else create_some fi + rm $CA_DIR/*.pem + rm $CA_DIR/*.old + rm $CA_DIR/*.attr done diff --git a/test/big-ca/big.cert b/test/big-ca/big.cert index dd94855..afdc51a 100644 --- a/test/big-ca/big.cert +++ b/test/big-ca/big.cert @@ -1,56 +1,56 @@ -----BEGIN CERTIFICATE----- -MIIKBDCCBeygAwIBAgIJAMAFlm8hDOq7MA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV +MIIKBDCCBeygAwIBAgIJALU1gOOYZI9dMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjETMBEGA1UEAxMKdGhlIGJpZyBDQTAeFw0wOTEyMDkxNjI3 -MDhaFw0zNzA0MjYxNjI3MDhaMFkxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9w +CxMKUmVsYXhhdGlvbjETMBEGA1UEAxMKdGhlIGJpZyBDQTAeFw0xMDA2MjUyMjEy +MjRaFw0zNzExMTAyMjEyMjRaMFkxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9w aWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjETMBEGA1UE -AxMKdGhlIGJpZyBDQTCCBCIwDQYJKoZIhvcNAQEBBQADggQPADCCBAoCggQBANkY -oZ/9Bi83Mn6PTnbxo4JgJRCXcfaefgScjIxKk40KhqBozEBOLBwz42GAWJ0rVz2+ -kF9ZGApAqCRmlann/dDEoOYQfSL29XUr+dr9h3GATtzU+9xfa/0BnykZAAcl6MFV -MYy4aJUY5wiOaeaanDAeNuoj+RVYCZAvv23IYlIrjU0QySx8ykdIs+IQ75W6+inA -PKb80Y8lj7TpArbicJoo29JLXCzHRMRBfBhNOAf6IVSWKcabyq9HmYFOwhPd7dLB -6gZLrh0FEBrAju0IMGf8RlgaDJAqpda63DU4xrH+8yZcR/GAxa0Ax92AM04b9Atn -e4xz1cIyrEcDj/EM+E9YPWTyag0dRMJDpC6BNajDWQibScy5D2UA1wL0MjHJYenS -e/Xk0gEMjsLK91Io8rH9LfNoIaASqZ2tN+cO/UuP+vZCE6NoGTLFWKH8oMpnQfk6 -ARgA32uy+MDmW8jWM2vTC9JOBs3oZYtuS66VuC9CSqtG/S/4nbK7O/14Ooi0YaZQ -cztDE9EP4nNKwTWKidTioUXAVJcF1FIzltxHsUClUyII6s3hHeIeRxZN9UBB+lBN -QktjZx3nRmeMDfN7uBWYplX406c5jSPH4ZlDHepTEHddDHyy0mhQwKa/hhE2hZjZ -63AYhc0DyaiJp0PsqLyk0FgBd3HdvNbT8hyjgtqKzinCsb64NREPCDzLcxC9fQUo -Oxe58VnfI8HtnylWL3CTNFEiijotDxbpIFGxXZJHS+GsnvsSd076rGBVCv2GX9W9 -EJ0zZgv/tq+fdTV88Y4CjIexuzTxE6q5DKKUF/BKVyn++jBWamoWoh/RzDbKcsJP -sE/rV7h5FVMaX2KfhdcYEaJ0kg/3RPzGuWryV4e83x7YvBPeMxSWEHW/ydHWc+PI -6a7zACIhT3YnJqPrOrXijr3G1tMG2L9tHVV87xOftVs5fu2O+feXBv5T12xj4fgJ -gEbGkS8AiuiY2c0EGH2dbgrzBAR7ubjlAndMOSWxxD874X7KLFw0n/zck7BME/hH -o+k6ZC7OI1cCywVgaI1bZCPOkyLiHTzKha6nc6KjB0BQnObZatDTcWVg/uS8WyN9 -gRgv+Ga8MRJ58te4GYHlV6kbSuoEfIujWL7VDFi8t3b+U4Uqb4eaPuCdcnEYje1g -8r9gFdUeg50YL1Mk5Roz20K0KKbz5yAyptDaGB8ld3v6zbvCw6qnZA3g7AXoFHNb -Y3HTU+r4USSIxonGIQJPMVa0xtfNOInxix5Hz5UthFeZ25KLzLOHkfTTr271dwcv -Cm1/ExkdUtSmtI5IKQofNJk9x237QLTOGZNBUwg/1ZAYa7T1d4ndmo+OTPXEIRUu -hAwmb1MJjmHavd9I7NMCAwEAAaOBzjCByzAMBgNVHRMEBTADAQH/MB0GA1UdDgQW -BBSyeeMzGfYa1Z+R0JX2b+biUseWujCBiwYDVR0jBIGDMIGAgBSyeeMzGfYa1Z+R -0JX2b+biUseWuqFdpFswWTELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEP +AxMKdGhlIGJpZyBDQTCCBCIwDQYJKoZIhvcNAQEBBQADggQPADCCBAoCggQBAK+b +mQGBcmQ7HH8vWeYF5tc1bW3odFGwxZ8zvPGxBzDvxpYWBdBWmVfq1vM2uiKJpXGM +5le6zD5q6uGJn0AX42xyGpo7xO3zivoVSY1KA0ONLTQF6KcezZmwYV9JjSK8dqeU +zgM2iyhF9/Po1E6K6XHeBNYMuA0Rjdeemoltdc2STNspxdzaW+1N5hB2/lUGjb7G +fDF0MocCH0KgiKvFrfYxu3sqAAKqAU7gEPUqnSxTWOycFor/UwVJIwJhI1Egt2o4 +5zxqTJB9LlQ93nNl53bPE9W5psT/v53bFRPVGbmL2LY/ovWrD4swIx/kfLB1ueuX +RRU5V6DAYRh5mIJ/ASWHH/Rbd3YJ1TZmGKviywlC2/37OhcY9n/do3QLxZgwqpHc +FcIW/O8B6GcRbVWZlSyZaoGgGQY9nFiL1gahHOci6wADeXiCyCN0yJVxC84D3c35 +6li5QOrVlvK0iKgL6xuIqYWVO4br5xgQMjdKTamzsNvNsR88gSm8cVPHZI/YGnG8 +udmlPk5XaUklUBb24ofnIIlgcLZbhC2bRTkLStm525Fsvr4j7OyXyZ8MDlo7SoNi +oN1Ilx3bjt3QpJidv03m6eiO958pQZs1+MzAAME8HBVXrwu+f6tTdhgHq42Ms7hP +lFfz4wMnDMvgjFXV1zFFxoFiSp2jUsH9IbxcLT/BlHPgzyLy464hFSzOLUPhOq/e +7odbF9MiQi93LvTYCBei6r8EQTrG2fQMIAAnIx/cTlv0WeDhC86crOHaLWFmhdlY +3RkzuBz1rK8vjXwR/1iai6vGy6h+hfYLjcmJsNVGH7mX6A3MS5jxCv8ozStOdVEX +1jOrbcl89S7ETxpMAMQcwZZ3oCd8PTTv/Yi8KP9E/w2Nb4xhS4NuO7lLDW5JaCMK +aePgDQayaNC7RG2ov4pJt+wSr0T9SgEOldkIe3rR22igSbLY5MYj3Tl9Cu6tFnvx +BssSkF8hcmsibyNBchDnsH8CC3DnRG0j1ZDNZiwGJXeu2+4z5pwXQQl72EUs1SfB +PWEC4ptztYvlZwClHfV4T9EOkV3kFiIL1yCWGaVutGXG+Klno+SdQgiu4EFn0von +u93kF7roo81/I9xeNkHHl4HbqiWNtqb5pXrZdCzeehXqZLlcNKTnN+jpiULJh10L +Ld1M8k0lJxhpWdhdttIueAkVcyS5cSzXPA/+R4IsxXZHWo0Ird5iIGsOXFJYY99Z +e22kXF6BZDIQdlleAu5xd0mtngI6Zy7Uo7kr2CeNp0CEQPLyRjBEEuUYGN6KlBIJ +Q53QgPfo/Jxn/lLQFiIHW+wuyjLiNa50vH33gzzxsVTINWGekMCrofmG1kVldQKI +HDEDnLASgRlaFmEd5NkCAwEAAaOBzjCByzAMBgNVHRMEBTADAQH/MB0GA1UdDgQW +BBRDocYpyA9CTEuZ12kNMzJH0sqcUDCBiwYDVR0jBIGDMIGAgBRDocYpyA9CTEuZ +12kNMzJH0sqcUKFdpFswWTELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEP MA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRMwEQYDVQQDEwp0 -aGUgYmlnIENBggkAwAWWbyEM6rswDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB -BQUAA4IEAQCUNIxuOf4Q2sTdTP6xUWPUnhGGes7LAEacOIw/QsFyEFbgaH0+lB7g -nc1I8gG2/ZuvOBPo73s2oRai2Yn0OMHonJjlF+21iYAHyd0+XjmVbMwOMwJyUyV0 -QRZJt3i0eel4Ti6ml0w5qYoNoRqMh/xgVSFlaXaXl1TaxYDT3ZJNkajCIw2PcRcP -HYdY41GpldLOUsyeqEAP4ktbwcHGjm5ThmFtl3PsDEoJpZ6/bhuy82GIImV9nOzl -WEhry8tJL7l0N4znrjze/Lu4UknqqU9Y/Blj3mR+MYQMt2/dwqeqPsy7vk83uC2C -OR+WUHjWSBn1hBScGUBUHWVMcGn2j5A5+k8LvRgSvrBDJGBzGVHDYtix5g1fDSM8 -Ocb+7shEsRgwu7FEt8p/E1QiQusO5sOkT9AN4430nZEn23SY9dejyRgsCMv2fgK9 -dY+FQjwubcY5SKvLcTEWwMkgeQkRs3Qot9h6rufPMsxjoI5D985ShpEQeJq5LXDT -yK8hvSUF8IXA61pGtQ6CfmXmdaESq/33y3CD6iDtnifrllkDXu9dZHmpoK0xm/Ng -CJAO/i+OLFARI92X6fMZ70dgOlOsnftunDkFstL9aSUwRItvJLEvgCO5ow9AcVBj -957BbAvyo/T77v+Sps2yWVy/ryGyOWfjiMGna6oL79s/TrMTiwCJq24++rXDteMe -x+dGQwkrXXx5ETIwbQeUhHyNwda9JxZRghEjpyIjfP4J0CO/KzOfHWFsnS35R22L -5a1johlMA/cNHj8Scn5uCQA9QZD2npSDSYDyzB11VC+yWNXuY9d9/y/VsWCEyKKg -IyEeqcMK1a/tOVSnLITxMrCWAdt20XDbLuqMeZTXFLTq5aP4gTZWbrY9bJDzDtaq -7+M/Mt+VPz+C3KGKyd38wx6dP8mb/5sEax9JgZvpnVQTCRFzi2AOGEX75LEQOkYI -Xf2IwkYCeW/o3DhfwqyzxyjboQlabD0GYsB7BrxyGEQ8XxspGb2PNa5Lyvy7WH5L -+8v4++gtDwqkDID/+hO0MDfuqGrCyThFMuKBwqvmo/z5xia2/s8/cUteQXjxQW2S -4to6ooB3Z+Llihgkd5wM0zVm9GnQbHr3oaeqOmd6CfvxVzkAPAfDm2tW1hamme84 -Dw7n0NFromRErcqE9HRZ8l3+BR4tJ96ZBCZNNlfaxAT8nvMXgrwsAUfTSifnSj1+ -XMPxYppbHsx0OYmZY1ApkQuIU3T+VaJBAS5owf136KgUO2v9EuTRslYjMeHvMxWg -UT+fvt1dbre29hVV998ZxOT+d2YvXh80NtN2sOv3MRn6DuHi2vdDo1X6msFEjELu -65zrURNK4nhfrN2nS/rV671gDOVI1mw/ +aGUgYmlnIENBggkAtTWA45hkj10wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB +BQUAA4IEAQB8mj7n9bfbuyA8rcB/xRcsVFAodPCsmP3fUc2eqYwJLPA2cXQ4eae6 +r5RRWTAjGZMn03sLvMklQOAv1MtVLlF+Z/45qgSz8hLjwMz+HdkSo2YcgWJvip6W +7ZHGmtrMpIO6qsziRKB6aMJPDMTlTrZeTTzcUTamMeJtgNCn8OIk+WSZVJ1KUvaW +hwszo5irY7zVuLLK4naGdZSypGH/VArFyPb8dntNcUTfuIIZqboW4hSq4rfzZ0IC +HiR9XyW7iUCGWmnZgOacywepEGlwi9xHv+0I0ux+9pfvlAWjzUQVN51Ddd05BeA8 +YCp3ZENDZyxyVZAn/XUycQGJKf24MqLawuioOV/rba5F3m48XFXimkOoe0Rxdyn7 +t7rGnYKuqqqLI1Hx4OJ5gEfF5hXvkAiyqmHobvqZ7jiyVnGM0b3mNupBKa5VGJAp +sO5atOEpTYS2mdN3Exvtkw2YQm6841CzRszQ2aH/y2xplQIaGriy/2t3Y8NKSf9L +NW0dllfiQX7/f2ocPzSEcjAWisNvXXQTaLa7K4TNESbO2mlmeugCVVacjgIxBiJH +Tg/bMJ2MP3zSbadzpHwWjPvGngxhXjWxERyRmtCzDMer6dvIlnZeOGMM0tk8wJah +Gc+YfLCOrFxC7NMSdjcHlMUs2GXIC2Y7a7CxI+ypWOPDDly4WzNU12Jt6Uy10enc +suksQRabAitWX2Cq56uSX4fSz3dZQ0Cud3KLRk2JbemHbgWNH02AneFq69iypoml +uwI+CpGdza7S6/FMZNmFXJenDk0C+w0hKZWjZW1CANhltR6BM66VEByq5ZG7pMNe +rSg6vFDJ4u2hi1hv4hh6pXZVtOjs0pTPN5vyx5SNnTOfyKgxxZi7qgcloo6KLYnu +XGe1wVveiWHodQ9fFMBik6R02C92sr/0NOsjUUmJRhQUko5C078dN8EEXsAgeOUR +nrECnf5kma+gRdfjw7uCIK94/gp+NpPNjPtrq2eiAAonu20/6p0DogZnZ00ApseF +o8ZBp/cMzIm1QgrddZR2SmppUQfBhfoZyu0p5U0E2MSd7JIpzaFXuICTcoMuUUpY +f1aCN9lHGr1212983wHVXIJsWall/3iRmV5J6pF+DpXXnphL0KeKYNR0fX3HUo9a +6RkRy+dj8eIaxu9XM2y4xFsNDV7xYfnLzrPn8cVJZQO923CCIGyEGUT++/XUPJwy +z9zRulRh95KWnyEhUUdwxj8nZj/ImK/hEilqwb1ZxYkD8lI5Ili06/FlIMPCTHdN +zx8KtKEfIvodxieuPBiDgPA32khWE57+/NPKimcqFdeoxKZ01iFBt2bApcd56kML +Y+kjh3AYChh+DuhotJgox/sl+gM8Lezu -----END CERTIFICATE----- diff --git a/test/big-ca/big.p12 b/test/big-ca/big.p12 index f76732a..0213330 100644 Binary files a/test/big-ca/big.p12 and b/test/big-ca/big.p12 differ diff --git a/test/big-ca/big.priv b/test/big-ca/big.priv index 5804b26..ed64bab 100644 --- a/test/big-ca/big.priv +++ b/test/big-ca/big.priv @@ -1,99 +1,99 @@ -----BEGIN RSA PRIVATE KEY----- -MIISKQIBAAKCBAEA2Rihn/0GLzcyfo9OdvGjgmAlEJdx9p5+BJyMjEqTjQqGoGjM -QE4sHDPjYYBYnStXPb6QX1kYCkCoJGaVqef90MSg5hB9Ivb1dSv52v2HcYBO3NT7 -3F9r/QGfKRkAByXowVUxjLholRjnCI5p5pqcMB426iP5FVgJkC+/bchiUiuNTRDJ -LHzKR0iz4hDvlbr6KcA8pvzRjyWPtOkCtuJwmijb0ktcLMdExEF8GE04B/ohVJYp -xpvKr0eZgU7CE93t0sHqBkuuHQUQGsCO7QgwZ/xGWBoMkCql1rrcNTjGsf7zJlxH -8YDFrQDH3YAzThv0C2d7jHPVwjKsRwOP8Qz4T1g9ZPJqDR1EwkOkLoE1qMNZCJtJ -zLkPZQDXAvQyMclh6dJ79eTSAQyOwsr3Uijysf0t82ghoBKpna035w79S4/69kIT -o2gZMsVYofygymdB+ToBGADfa7L4wOZbyNYza9ML0k4Gzehli25LrpW4L0JKq0b9 -L/idsrs7/Xg6iLRhplBzO0MT0Q/ic0rBNYqJ1OKhRcBUlwXUUjOW3EexQKVTIgjq -zeEd4h5HFk31QEH6UE1CS2NnHedGZ4wN83u4FZimVfjTpzmNI8fhmUMd6lMQd10M -fLLSaFDApr+GETaFmNnrcBiFzQPJqImnQ+yovKTQWAF3cd281tPyHKOC2orOKcKx -vrg1EQ8IPMtzEL19BSg7F7nxWd8jwe2fKVYvcJM0USKKOi0PFukgUbFdkkdL4aye -+xJ3TvqsYFUK/YZf1b0QnTNmC/+2r591NXzxjgKMh7G7NPETqrkMopQX8EpXKf76 -MFZqahaiH9HMNspywk+wT+tXuHkVUxpfYp+F1xgRonSSD/dE/Ma5avJXh7zfHti8 -E94zFJYQdb/J0dZz48jprvMAIiFPdicmo+s6teKOvcbW0wbYv20dVXzvE5+1Wzl+ -7Y7595cG/lPXbGPh+AmARsaRLwCK6JjZzQQYfZ1uCvMEBHu5uOUCd0w5JbHEPzvh -fsosXDSf/NyTsEwT+Eej6TpkLs4jVwLLBWBojVtkI86TIuIdPMqFrqdzoqMHQFCc -5tlq0NNxZWD+5LxbI32BGC/4ZrwxEnny17gZgeVXqRtK6gR8i6NYvtUMWLy3dv5T -hSpvh5o+4J1ycRiN7WDyv2AV1R6DnRgvUyTlGjPbQrQopvPnIDKm0NoYHyV3e/rN -u8LDqqdkDeDsBegUc1tjcdNT6vhRJIjGicYhAk8xVrTG1804ifGLHkfPlS2EV5nb -kovMs4eR9NOvbvV3By8KbX8TGR1S1Ka0jkgpCh80mT3HbftAtM4Zk0FTCD/VkBhr -tPV3id2aj45M9cQhFS6EDCZvUwmOYdq930js0wIDAQABAoIEAQC5aHroq2yzuF1s -jzGBDgAKIdil4eGXsWaIw7aZPjvj0eCGcNo39UtgzsPcCoQjvtckSXL9q5aHcw7m -/6HEWPiBatzLf7uPuACMEIG0EKCzQ9SWb2OmouwUSWVH8Sz/7dVqADtwJjJTW9A8 -k3xIUTUhNzzJHO3m16hbNxwzQ1cNPFrSPYrCbtVGqgXPBY3If8aVD7P9HaBPs9GW -vQXvcVafolOSt3/CUnEdd5vnGVPIJEyA9Do7f+RLbEfikoPX+craG3il5c6OxDsr -zdaDA2Jr/J2LMrwWCAZYbIATCClR7R52XYun6sVoamlHd+zZQbBcaQWwP2GJGEPf -5l/xi5UqFn9gjlQaXSvTCXfXq8xLFIMegZk2ubo3Fc+Lm0ifEpGH45awu7rK4JGw -NS2iQox7jHHJFt7Y2fd4TW6X7EpRVWcNGAOzo/0ZSkfXGG2uTx+eHXa/rEcjsNcX -z+UFkkKaTMUk2DSheF/5A7qpIP8LhX9F5jvn01nDQnsKj7rV89AN/VlcfH4ZJ4rL -0kVOV8I9SUxYyNi1nmnlxl+KQ8RTJJ7qS1lVeXRPIHKvzuas+WwxVrpOrldrx5Bu -cMOddcUS1KsCc583i0RKEbRPc23CKSy/9HzspsBiDM1r29hBLSJOF5cmxhrHq/t2 -8BElRqIZclzpPF9ppOlZQ+vbn53qy9twP55kpXmE1ablwyz1VnNaWwyMS1zFc/vq -Wpn/CTCzZmqo5pETxpc2aEVPIsSmjakYL2+xqoMxFso9uBFmxe92VjvzlbJtiq8I -I2COqm3Rj3+b8Y5U47e4mQXmcyRc/XSCANM9bo1/l/9YuOwvkGfEm/L5eSLAQxrZ -4LY9lJZa2GWpaulPqwUKVsE1MiUj6NNjU3eXlMyMfz9agL7AW2rsgX3yYHYpzL0V -dS+zg6UHmk1WL6I/b2DzKVUV809I5FjPFEEHoQFDUGYedunEHFsCiFYWVTKbPXyB -6RK62mEd+a9xTwI1MPXyMFK1460+58F4LTv+VbnNfZDF1PjWSYK444j4YrIT616w -gULc+ktrplbDs2Cz8ILJKhFHDIf4qXr8wRmM0lHNcAzQNvAUE7jJgpUxYtvN14gd -4DD5auFzkbmdbapVIJ7Q3bEXKpPRbofcurmSS9CMRr+S0q64iJ1jvAXqrM+YIpT6 -Hs3h9R5wKEkGAJ9bXaan/jhNcla4Q70j6286iMJ2TEQzdGG3BgeQGm3P6xkXhMvQ -BQrII8jNk4ngHDvb10A8hgxhox02paj9EwCUB/SQ/HRtuT9U1cOimsGqT9gj2zHZ -pqSK5WKT4qErnCbaJg2uHn0e9MhrZlldad7xFLhPl1xy50qHpgCL4Xi8r5yr4zhh -fg1R3c/BAoICAQD9MYjbfx4xqoiMKLEkoeTyEBN5s0d63ihomlqBTcHeC6BI2VLf -Rb8Uw/aE0Vd4rRj9VF6fp4tIwklEesO9Rhp+FbyTtHyjDikOOpBKhG+uhkqoac2M -1VUuzthkQzk2Hy+kaGwcKFRbqSH7HAldv1Gu8MMgaiDeio1hfgPoi5Ud988CiQcz -pLRbSjguLdzjZEw3zmrTwxMg3Vp1AKjAHsXYFNWLUTVFCyqxI/sXhgoQkN8RCfPz -8tHD6qKP9LcmDhdnpEG1KJxCvfJo26+Yh92zUZMuk1cvhGoV0zH8fcQ+7ac0L+qn -M8sGIOSpbgSkoa8YNjywiOXJSIDbGTLzJo+jcXlCU6XRSFm24fzoGR2vyTUWZ0wD -rvWrP546PD7insG6i/ulA8ax32vKq01rA/uErHkjXx3NNj0fAzuNRzdZ+p65Llmi -R5veDXbax8zBmjymJu0ohz11Q4CcCMEnJ0aqc5GldE9zBxCqXjbulO+3s6HQoW6V -pOaPC1NAZdFWvmdT+nGc/diQmjRzJ6z8LAvfJuS95h7q/SXHT7aU87hg7wfpRJNH -w4k59N63fBq7Z6ty1C34IN0wbRDzIsPuiw+gub8VbA11e26BhVBepP4z+hOHDYVD -HDU9RFaW79TmI071t+GsQe/SwpGa7U1DNq/HnIkidLv0/2/AhhEJpqgzoQKCAgEA -24CqpriNPOfKCUwUxM9F+0EMzVLnBpc57u7ZG5vsy3BXeXXIsoqJ35vE/C9c0Vhp -ZbgNtDzfgvvTw0BeqXVcSxL8VpKCMxXIJbdRZrx4/tNjV/ppYMUlo+Z/xMhiBvgb -G42v4LcFUIKzD1JN/csliwxrcfSjD1cDKmBJ57l8TYCWB3K94MdZRDA8jluwpnRc -HakVemJYfzeWASSnnUzNmxTeTwyTxd1HcUqCf56pkVCJT7vJcaWFzXRjVGV31A/U -abV/265MauMUtdngfHEw01I4bHa2SOgJSJ/dxWlsvLtp7pgCwLJlr6HVc1uDxCBQ -vGHYHdSOFVp65InFNpNgRd6ZWm06LzBJnDHFJa9+EJ/haUZnnm0Ng9w6h+qi3ALF -ai+gmpKgDfK33rV8SxvX04cIZaBoqIkk6FAI5KUGtfCPLUuugmOm3Tq7GBa/pXvR -OUcEdLsF4yBzWzzgUQlgzBahMfBQHUzy3zFjYJ5u/QNhOqh4+RKFt5fbjVoO0vTy -BHXrn1YfKNPs2Bnz5f4c/3gUSHCefgCSJ/d1h4uWFhfSv43BaQPLe9PgAyJCKP6E -eKiFATgmgVcmAoh4er3UY/g3b/n3yAji9v5/aXdkfNpX/dCYmnbhkkO2IjYn7Sy8 -o1yddJXqxn/rcOJnGpLctoMR0rgTaM5/zQXZ5DpoC/MCggIAO1tVfj+60GHuSQ1x -GelqRuVF643//+n9ByjIdu/Ht0p6dRmduAId3bxjGpgJLZ1G8nzJAhzBJnmFu6wc -H09D/rMR1n7FiWRUc6V/FjkeBYguEHVdXtrUcXjEehzYWLvO63gfgCpkPGjWMoxM -FdI4UA7Zb8vxkLpikqx8NhQjDTd/LFT7fzvpnE02Bn1x/00QITUfDi35WgcKoctZ -xFByiUm5FkQffOQ1Sfnpb4ZY7bFI2jG/Iz2Vt5xWJ/FyzlUXX5C+Zr3yhCMLpVF7 -RQL1EojZPF4GXnlodV1hppPFYgtM24swM6qMug8UDDRimkXdSovMhoZReHKq4rJx -o1cy7Vo41zfM89dGUP2B0Neygfdlnq7wvxxRM6hia7yb8XzOZfFTOUg9WI3MM2Md -by0r1dqpO4Wc8vL4OUEEwQYlD88VTsxy7vxiqhf1+SxF8E08Uqdlic7Ktabxi6Lx -xUAL7QHS7zrpNUo+ufIEZsI7wJE4KjTuO97AvmAlUD+OaAuTJbjc0bUhBCVijmyK -vUOGNPZlQa+lJ+nY5XTmlNzeKLtg22rcLELG9PNXEyThD3YqV20uqbDqqeOnyZgo -3s9zBncFOPxv207ohSy/vrBnd7/0vACLcUQ3pvlSY2guPRWh+TD2ku+STZKXl/5x -0oQLiXxFGfLL7Y/EnxnO/Lg5ToECggIAZWjubpQ4/HiCCQWTWtIAHPKSvZGdlpfr -dg33VCAXqG3AnCbkkEgdJqfKvFANa9KS7yG3gxvUj6lUzpJAqb3E5BJjboPFj2By -1an5+6L7q49yCEVyxfiPSUfGo92IHHwn2fT92q3z0JxxqZR239gpAjK8uSsy4nVq -yvstaddyLERKDCrguqafATff4k1OMbj0jed+OsqQ5EWEEgcjQTMokotzocXHx9RR -m2+3FsrwwGga6DF0AgNc6+znrygp0ll141itN4sxVviOqu18H0IUMq17z/CQiuJY -16q0RO5OBGv5pven3esNu7Ti7qbLG6NqaX4y4KVA93CT8l4MNQilo+IRq4tnJEIE -4BrGYIDRl1CmTYLvgGwVoGPwzraCg27sUgCrDH7NX2RRupzSTckRT3LFWF5hu+uQ -l5vSYAA2N3xqSZz7hNYRU4g8xAZOiF/J69J5pox5TdPCN9bKM+ZHSEL0OiQyfzb7 -xk4FAbBwyofzNax8J2Z9TLLmBkojKydrYNAyCa06PBydAcILwqhCMW0Cwez17HTL -EZfsPrEoqBBdl44gWyobqpvalNgRBOuBvFTvDf8pGvxuXSE7uElXhNA6nIs6BLrG -USKHLuywCla97E+hEUv3LyIFVYz7qUHP7RFu1Vwl2Ytj9QVEaSyMt+2aIGZW4Ub2 -GHypjB3H0C0CggIBAI7/LJMEBnU7U/KSpgzNsv9hrwfjbONqC8bAUkdxRdWxTXNB -baZeUgz7nFVrT7LSiL+9NKIlNzbXNMPCBoGkYML9Gm/KIzFa2xqV466ceRuK90jW -MkU1w4WFnWZfzhWc/U621eLTMg/mzUKjMcgEvLv5KM1PWzRp/Fs1xeTrsYt6WCUj -TPANfXUvvnz4YluYODhlKEr8BhR91S//i0QtaGqlV0GnemkoXcJN2QF3fvDAh8hI -vPsItXOusQKxSeJUJkgJGnAOx2Br72r12NSjd7+sOsrnwyqsq3kHah7ZhH2cSFaZ -FrbTDASGoXrO3+EGfTHnOWneu2mKVMcSq0amellnxo7kRkFkUI0Rdi4qzPqV4a9j -mdwIM/iOQrYsC3lMePTfUQFJwqB8lNKoRDqjilxU69bMzqCU5iFZncyASiACv+T7 -f3yHXbLQrEXuO2Xowj6ppnohI2vdqI+UDodIh/2E2weunnRJfhtJZTjN4HOH/HxX -ANK1J3CCJSoIx4nCcY4JFchXTgr2hgcuju9C+mK+CTIGNy8BtDxAC6AuW//YD+Pj -hO/j6sXVhU4qootkxGeswWGfsylk8zrOW9qkt2/ZFgQ0ClooyeVNGvTk5wNcLTX0 -LflBnWCq5gO2d8sOehskNSR8u3rEX32pA6ZX5hDJ1mKE3xVbTCw0sPsLd6y/ +MIISKgIBAAKCBAEAr5uZAYFyZDscfy9Z5gXm1zVtbeh0UbDFnzO88bEHMO/GlhYF +0FaZV+rW8za6IomlcYzmV7rMPmrq4YmfQBfjbHIamjvE7fOK+hVJjUoDQ40tNAXo +px7NmbBhX0mNIrx2p5TOAzaLKEX38+jUTorpcd4E1gy4DRGN156aiW11zZJM2ynF +3Npb7U3mEHb+VQaNvsZ8MXQyhwIfQqCIq8Wt9jG7eyoAAqoBTuAQ9SqdLFNY7JwW +iv9TBUkjAmEjUSC3ajjnPGpMkH0uVD3ec2Xnds8T1bmmxP+/ndsVE9UZuYvYtj+i +9asPizAjH+R8sHW565dFFTlXoMBhGHmYgn8BJYcf9Ft3dgnVNmYYq+LLCULb/fs6 +Fxj2f92jdAvFmDCqkdwVwhb87wHoZxFtVZmVLJlqgaAZBj2cWIvWBqEc5yLrAAN5 +eILII3TIlXELzgPdzfnqWLlA6tWW8rSIqAvrG4iphZU7huvnGBAyN0pNqbOw282x +HzyBKbxxU8dkj9gacby52aU+TldpSSVQFvbih+cgiWBwtluELZtFOQtK2bnbkWy+ +viPs7JfJnwwOWjtKg2Kg3UiXHduO3dCkmJ2/Tebp6I73nylBmzX4zMAAwTwcFVev +C75/q1N2GAerjYyzuE+UV/PjAycMy+CMVdXXMUXGgWJKnaNSwf0hvFwtP8GUc+DP +IvLjriEVLM4tQ+E6r97uh1sX0yJCL3cu9NgIF6LqvwRBOsbZ9AwgACcjH9xOW/RZ +4OELzpys4dotYWaF2VjdGTO4HPWsry+NfBH/WJqLq8bLqH6F9guNyYmw1UYfuZfo +DcxLmPEK/yjNK051URfWM6ttyXz1LsRPGkwAxBzBlnegJ3w9NO/9iLwo/0T/DY1v +jGFLg247uUsNbkloIwpp4+ANBrJo0LtEbai/ikm37BKvRP1KAQ6V2Qh7etHbaKBJ +stjkxiPdOX0K7q0We/EGyxKQXyFyayJvI0FyEOewfwILcOdEbSPVkM1mLAYld67b +7jPmnBdBCXvYRSzVJ8E9YQLim3O1i+VnAKUd9XhP0Q6RXeQWIgvXIJYZpW60Zcb4 +qWej5J1CCK7gQWfS+ie73eQXuuijzX8j3F42QceXgduqJY22pvmletl0LN56Fepk +uVw0pOc36OmJQsmHXQst3UzyTSUnGGlZ2F220i54CRVzJLlxLNc8D/5HgizFdkda +jQit3mIgaw5cUlhj31l7baRcXoFkMhB2WV4C7nF3Sa2eAjpnLtSjuSvYJ42nQIRA +8vJGMEQS5RgY3oqUEglDndCA9+j8nGf+UtAWIgdb7C7KMuI1rnS8ffeDPPGxVMg1 +YZ6QwKuh+YbWRWV1AogcMQOcsBKBGVoWYR3k2QIDAQABAoIEAEOEEk6m40EwDOPF +Y83xZPBHJVyFa/tgeIqeDL3r7zTca0CXFQMl2G0Z6Cy4VNYkj8xZfNIsCozQ9J9k +FytAQ/sU369+3VcTNNKzzoSY+SpGpCOFRg7C5A975eQJ1k6NoR0LNC2+EcCZLhzD +3qSX+esCjl9xom272woUe5vszscLwardo6om9gMF2TdpWJ1+GI9JpsQoxahso3It +YH6SUTD/q/JNkpVzoW8e7MYl7Sn2nZDS7kPgqJ22odQvXrG5X2til1z+DZPb3S0c +YGODwXtHYHvilgDVx2k8qxzl6K8S2m4vh0rmyuIbztVbNqltid7PWQsw8cTnUi1j +ysQZampwSlPbutFSNHxmwoOLfb6Ayy4aIhpxSYydvVNHl1/NDjdoI6FszzBhTmYa +KCwqEVWFYpKV6CkjFPJiSRZhaUhgf3OQ4mn39lTTeK8kOIKrr+KafIRCLXhcSF3m +FUhu1KTQZUTrvGhCWKZCy9vAIJ3nbU8FBV1aGNrgDb5FQh+f2YLzKY1JX+wk5WDv +DJzXrP7NWRAYWR1zkB0svm+RLOUK9SUzZx6Zl2TbcvRIYVhFxX9AM1MArsEXAhW8 +OxxGQiAEcNgt53x1EzlGhfLKuz+QCcgW30Enq9RGEXhpsoaImyx4xDMQnK5AnEXi +fnId9k+GYSyrir6S5aWZ2heeZPNGqUVGm4lT1SffE+WcagiA4voVvZ325TKK6ULd +bYQpxHL8if03Hbui7OJOyLLzMMGm+BGCRA7B4cStmC78XUzxMTxOD8LKm6BwjZYm +Lp/wAnA9aJKJmkeuPAXzXX2B494SLpOY2207I2r2r9cfc0k03J+J0KMYs2+CMrrU +Pqk150BPrAGs0I/B88LyGjbCzHVbgRrUrmnmDA+wX2yOLky44PtkbzWBnL7xYs9e +OZfbC25GacexwmeRxpypQbKZgzQgT3CeLr7g9x67QUsJDEB5HgELVFuO+uFbH4XD +Uu3CfKPOIY699j3sFzFA+nHTMkN5j+m9/9C5MlUUHJRhBVAieKb5pIqvd/yGVRZR +v1IEp8B7dpqY0Jyl58ucBBecB7KhKdQYn0dPXLLFxsLs86gIDfbgqiyAo+2/QvgK +vCTz7ve3YFkWd1qOaEOtHcH7cR8eyZBfrA96+nV18l2690fXcF/9kDEpXQtBlwqH +RlkdP40mOhlfpGiv5gjg/MMG3NUNQA9PmYVDkoveFHz8Cs6MObtIudLxetqZ/DNz +UWU4mueYIOcF4qekiJej9V0EhKRDJ+Xy7GAesPWubH5dGHQBDNmNMuUrTM5o8bGH +5Mjf7hjllEaF8w3Hze38KwmjkvPEG8nPYgUMh2GaT9GUP9IdWs0aCEuUgRP+He8f +I0C8B5ECggIBAOgXUAWTu7iOvKrYJhTtXGO3wDDLfuI15X3QdZqI1dgunk+f/MFT +A/JrgP6oCnpDfOcny65yvGIM52lOnbwIccAQxeMjXEPEMwFgSguNZrkidIYL27Jo +I9P6Ftiq22cM1heO82gxI0lCQiOznSHNSyEyOL3YqWUnco0e4/r8LSTuEdU+f+zt +uweq9ZAhGHgulQqAWOs5V/kU1AKeby/QVVSKzIVY3HKZTALnH7dCLcWTkk7tjChm +MuM0viaJmjyTDDNtIz2WhR2wq/Z0Semm5SsNPgdT1W9NzfXCM+Fl6XIWV3HZbJcC +FUSjESWp0F97Fvx5KCYU0Fjl3Bsg0ABfYqan4X6Dp309AQnhfOWJajC2pTrJL7nr +XUJwdqFXO8GZ2PxVQOfKCgnHi3pWocbjrH2S/onMcHWUAMk4ypLv20/Zt6uZjfBP +vOtSIjhJ8biyB1H7c62X9QllYY1fG0mxNJxhduxaXsgThejVxorB1SeUl6vIehVs +4s3wSWCxJatg8i2RI4tkf9L1+/mmE3o+qobE06HcF+w1GWusJwwR0YpjyPlQ+oN0 +QG9iZ+Uxp65EDUprEfzpGOjA+fkfD+cw+6R1+mIo6sJYgxnKONnmmBF+vGooDoL0 +ELcp/zT51oxyUSe3Dd2Tw1+wUn3X9D2AWRfSj6XGHQcmnp0+YkIk2jwNAoICAQDB +sraDWtuKjDu6JnyYBM2msIFq4eydt/orsJf5NnFFC590Lj9w1zRA6wwmuLQggYFE +4OzczBKNgaApxe27FdBy8ceifBdgZvuGIDbE3/tCeFoswuWyBgVVnkmW3WY66MGC +Dr/HVhNti5W/3cZO9LbBPpOA3yej8iKa5FS/ERRhD6uuQ0s+LWKF/IXUjMi2Fivp +eU3SpDWrqMi0IeIlYK1QyQaLok1u1ede8f/XMcCzgFWcKJo8cgQ4TUFdLR5PL2zI +DEGWcAccW/wU/r3+Pl58MImNKudawJ2TEE+QXCt8M42J2hr8sGOhbjSAoU4Uy+aF +LrSeEUyFOboEyuq3V/WOfG/b6zR0zUy/WVf/3jD2URw5AaiTQmI0vHdP+4/k0yhv +HREPa5tf1bOCvjcs9v9ViSZR3fkhcSHcHKiTUyVwhjahVsOtpzl77j4ZNT3RA2F8 +yOrrmuKP4LxmRuYqKeRoNbRroI+s5/XNiNkddTU19g4fszQXrqvJLQ9b8cM+tcQw +MnCuV9acbgvyqJFDMyy1K3w8yzvPl93by+iSzVCBcJEuHOGehEWTaqPSPWkuqoQw ++OVs5rxTumsWleNi7q2ucqK0CbffbABbUCa6BSD5xLt+lPOB+5TP1F20Pf0NhA43 ++L/CjNuFxq59kfira2+ToT7ThvbqJNOgvxvaNfO8/QKCAgEA3wZv9jwFuw8my8GT +rq59BrHvtLQIBNan5iPorwxo+imqJXfnCdt9Qnn95jiSgPTTVMnQF53X2xztTyul +tagjrt4vWtqC8ffaz6q43KsPmD483QcOIj2imDONur1MwpT6Mn9C9c+qSd6q8eXK +zE2bsZWyIvTNqw+iK2wQxgGIXCGN7230vjegb3jgKpUzD2IsBIBbcgaTvB5AsReQ +XtEC/o+2gzll9ZXMDkoNFyw4EdGCWeg5tCSpJ95qD1xRY34mzlBE+gzndCVuyhDr +aeTf+WPrRF1SD3gjv9LTyfgFwYUomJXHnMD6sQ9GDfxF6Uq+RvUiGJ4NrC+OOF9q +ocEHaoCO1uUqkNWLZvRQ8b3/1jndQ0VLYIyE/LBXvyi1mo/9jFVcXqCuzsD7Dh+r +rBTij3UutjpHoyULMFIrj9F/3RapQfP4CoKFV1iA27hq2QHyuNw6SAlrBZFvkctf +zIvFs7SQ9ATPadIg7yJmfLZQ340RxpiKgIY22JDb4le4jBxH/HOpRWzYzF9muHrX +4rPPaFxBxhtavbg06lvu1dFVm3fSC4q+gI240ZAtqHfz2yk34FhNW8yfDCNM0xD/ +Vjmix2I7rhIFraYirSi/Qt0tKjqwUg6WC07/tRNdU4n1mtbLl693WoKAzzX/v0BD +SspIUvUa5sEe6d05tH7bKxaAxA0CggIBAJK9ghlXDrUScfkfSQqdsPKUCydeyrPd +ee/5U9ifzwXgvUb19mfVESgRKV54VTW/BqCYybin/XIofp7G7MfrycQauQO2gLsu +qWQ+KV/S03XS2XXJnNvWRdpMFTHuvpDoXhjadZ1c71DxC1yUdbTBHWaesn5SEKTa +Pi8bxbwOA2NYzNYy8uDC3z3kRbr1gOS5PUEd/cATWPmX35zfgoSQjhyCfqvwJDtQ +X30FVq2/al5SXgj0lYwvUFUa6ebd1HVm10FiT5nZevmYEgwRxPvEYi4xUzOYCjct +bvLHy47w1Jy+LX7+ta0zL/dPFwVPrmiA5D2HWZvaPR880VjqJREK2OO+D7wKnu3R +zk+0Lr+Po4YngnsJb51IEEAlezojuSpAcgRjf9YvzkC3E8x7sC8nW96ADYC96gvU +ujMXnvolZlqtwttNcOawphLmNTNBq3gZ2JQBXj9pUjRvrCrLkXjlzbzI2ssik1YJ +UKUKBHmVnt8nbiHD0DYUxN2efmFIcYKjj2J4A/eAYfyWPgTygUHolfkWXYNs7/3f +7lqiSqpUUqYNEl9dz+sYB+GbS0pt7a5FzemP1bc/wfKoapJssRv0960N+YbtSdg/ +6LFEsmIAmq+9w9EspKGXZ3BfUTHIOFox7denYhbQQUpCb1R/7mRm+ttbr83uFEbj +6VOBFGemseU9AoICAQCsGiUySe9CIy+7vECDq41cjHaCpeejDKc2WBzAMujamUzG +o16boKtXWjMiLUKbriUf3X4GxcPme49yg870FG9Hm8lcMDk9g24TK6B4bEe7j+ua +0KCH8AC31+wZAtwYD8rSPPoxGJk2xq8gLoq7SlKwg3wINBYIvzTppErwPiW3s47u +TxyzFXzMt+Sewbd4ttLo2EYb/rM5Pi6fDzlIS7aJtqSfi7JMR8WuhvIVQU/oFNvc +fQPmomjp1GnW6Tc6nK3+c6J/vj4ODZl8mKFqytIpq5YMY5+bRLT2QJVRywtOE9Uc +8fifZvd+V5tuLA9XVSRJ4A9uWTA6rJYP0ckHJni7df9SRF+H1fs3kKsXhfBRuXc7 +VMGwIPpKaYOS3hvfx5SlWYgLsGihg82dQH7OdRilKk4Pw/DeHrRuNt5imYZ4mxOj +KuubJC19W8XKLx7lq4YM/OHrsbjakUNEeXiKdhNR1WqmUIh1YOZ8edphqzzDnBHD +jx3nEwBQi14Lj8t2UkALZByEDo93T+E2MG08vDC5eHHY6kIQ0HCaTCsy9NllZZ93 +9HPy4j6pvMCwZmtEunVGD8N3PclJperqHLCHPghNfCKIIIaUGjicEAGNfkPVGvR8 +Eofk3G6JJTDbpS+wL60vLidTK5FxrrHryHnoIXVJarpkHVZH/jrHPBvd3njWjw== -----END RSA PRIVATE KEY----- diff --git a/test/big-ca/req_conf.cnf b/test/big-ca/req_conf.cnf index 9be2294..f65f0d8 100644 --- a/test/big-ca/req_conf.cnf +++ b/test/big-ca/req_conf.cnf @@ -67,9 +67,9 @@ nsComment = "OpenSSL Generated Server Certificate" [ ca_altname ] # This is OK for an SSL server. -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com [ ca_client ] # For normal client use this is typical @@ -83,7 +83,8 @@ nsComment = "OpenSSL Generated Client Server Certificate" [ ca_fclient ] # This is typical in keyUsage for a client certificate. -keyUsage = nonRepudiation, digitalSignature, keyEncipherment +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Client Certificate with key usage" [ ca_none ] diff --git a/test/expired-ca/expired.cert b/test/expired-ca/expired.cert index 98c4e16..cb60e9a 100644 --- a/test/expired-ca/expired.cert +++ b/test/expired-ca/expired.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDCzCCAnSgAwIBAgIJAOT06wOW29j4MA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV +MIIDCzCCAnSgAwIBAgIJAM/ZHtth0ppjMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIGV4cGlyZWQgQ0EwHhcNMDkxMjA5 -MTYyNzA5WhcNMDkxMjA4MTYyNzA5WjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG +CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIGV4cGlyZWQgQ0EwHhcNMTAwNjI1 +MjIxMjI1WhcNMTAwNjI0MjIxMjI1WjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFzAV BgNVBAMTDnRoZSBleHBpcmVkIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB -gQC9AK5saP9/piHGc0T7yTCh3pf59wKFZ8AWVUciYgGmfk+PtUh3lWabYhK7cB+j -6es3o236GLMfesl/WQAwsXHuR/aCr/NAESYdF7zthGHpxB47wHmG9XihklryOqjf -ixCFV4SQ8RM/SJa6lHCdQvWR/u3XSegiyUlFxSkz5J/vWQIDAQABo4HSMIHPMAwG -A1UdEwQFMAMBAf8wHQYDVR0OBBYEFAbNZ7iK5Ae28C18F4T8XKlvXHSAMIGPBgNV -HSMEgYcwgYSAFAbNZ7iK5Ae28C18F4T8XKlvXHSAoWGkXzBdMQswCQYDVQQGEwJV +gQDll3pV7BxBBmt4EWJoSAbtntxu9HJFAFmeTKfe6KbwY2Et7xrDCUCa+eFsP0zj +TLFGZfYRt9eCUapvu4ADW23I+n3lJ8LGx50EN691hlik6Gbsou8AlIiOP+qml8Pg +P+O5q/95fQe5w81rU6J2uC0UlkV6MUDUwCLbVdyIKACCcwIDAQABo4HSMIHPMAwG +A1UdEwQFMAMBAf8wHQYDVR0OBBYEFBPFmrUjLs74syzms0fgjD6qoNktMIGPBgNV +HSMEgYcwgYSAFBPFmrUjLs74syzms0fgjD6qoNktoWGkXzBdMQswCQYDVQQGEwJV RzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJl -bGF4YXRpb24xFzAVBgNVBAMTDnRoZSBleHBpcmVkIENBggkA5PTrA5bb2PgwDgYD -VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAD3osvnJVrhT4YYWC+k5iMBP -91KDTwsO1wIKhM9cFsQRBI8YGjhcRk5ppTXlAoXkbRIoE96nYrSAYmaizn18D1tN -xn0AQ21tUTwxZzKi+scDHoyeC0DFEHJJpDqRwhctazp+gS8bjnKmLHwCyDBoeRb6 -t4+7FZ7HIwpPNQDEqBtu +bGF4YXRpb24xFzAVBgNVBAMTDnRoZSBleHBpcmVkIENBggkAz9ke22HSmmMwDgYD +VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAKhHJgffYkhXolcrquQpMWzi +I5mwU8Z627GMNAi0dD8IBrZxDOVcj2UTX5YCmPdOfqpvWu4v1AJgW+VyRIe2AF+Z +0/CqTLgxmCV0+PyjYzxmaPqnrGW+pRcgRIIF6MNTSjdT29NEazcO76A4WTNBtasf +2OHUxT+c17IlmEnJToRE -----END CERTIFICATE----- diff --git a/test/expired-ca/expired.p12 b/test/expired-ca/expired.p12 index 71e3739..31f504e 100644 Binary files a/test/expired-ca/expired.p12 and b/test/expired-ca/expired.p12 differ diff --git a/test/expired-ca/expired.priv b/test/expired-ca/expired.priv index a3cdbca..c977ba7 100644 --- a/test/expired-ca/expired.priv +++ b/test/expired-ca/expired.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQC9AK5saP9/piHGc0T7yTCh3pf59wKFZ8AWVUciYgGmfk+PtUh3 -lWabYhK7cB+j6es3o236GLMfesl/WQAwsXHuR/aCr/NAESYdF7zthGHpxB47wHmG -9XihklryOqjfixCFV4SQ8RM/SJa6lHCdQvWR/u3XSegiyUlFxSkz5J/vWQIDAQAB -AoGAZlgYG1w//j9Xyr5gfHdVflGquhCnrNWhjnZfLp8jhaSgMJFZzGd6SGmy+wyc -FYZ1eItm4ia92C4FLpBjKfrsVcu28cCAHgBeAQ6BmLk9oRGJMxwjs5QXz8YmVaGl -Rac6R/7oiBSWxL8SabFAq5i/OgVxRoDGLpTj3ymQHgKMggECQQD1jvRBjeMFXBBy -q7HD8L6VuufSZo87nfVZy2DTFZJJq2q4UyD0Ms89obkWmJmT5T86LPMAfNe7vsVQ -3nK1TWjdAkEAxQoVw61lWk2d+5zWroGZaaOyxCC0YVxgSi0HxGjGWwS8BvOFtRge -Kxt+HjOuFxgJVAXTiUUYEreZ+v3Uq+Y6rQJAdpiIV3DTiC8isn9B58RKB76xX+iw -nLZ5XNjg9pGgiXwEmulrLQWtGbMV1Vf2NHuvwcUbx8yD1OUaHyiQdgfg8QJAaj98 -6u32KBKQbNvum1zA58jgnYdxHMreFUFg3dUNmIjeBvWLlNIzelUx1YFSj5tjdE5L -+corJ/Se8EutQSA9ZQJAQnOKQsZ2wHJPUM52gyq+YETtAB1qsexeuhSJWs1v2dOk -tWuapfHTQ9AzrUZTGJ3W3h+uXcR4DXMy1I/urG/l3A== +MIICWwIBAAKBgQDll3pV7BxBBmt4EWJoSAbtntxu9HJFAFmeTKfe6KbwY2Et7xrD +CUCa+eFsP0zjTLFGZfYRt9eCUapvu4ADW23I+n3lJ8LGx50EN691hlik6Gbsou8A +lIiOP+qml8PgP+O5q/95fQe5w81rU6J2uC0UlkV6MUDUwCLbVdyIKACCcwIDAQAB +AoGAVgdtmraPW7o5GNOCyUp79hv5w0Wrb7mS2yMkH/2TWC4U4u5eW8iiwa9yTWpm +uCErqBJaowb9JOLO93ENpbRjrR5zgejIKj4DFPS4SjAf0WTbeBFy8I0Q3M+btRQ2 +4hsl2eXSjSYjT8OlEsaNpAmcyhUsGn/wjFQ7sOeXXVXRc+kCQQD+MY06BGR/1xbn +BJBMawbj5O39poQMyc87YuJPrNKFRae50dxCwXO/0L2TGslISk4QuHuznTXueJpd +pgWNYSXPAkEA5zkrLB0yUHlzmRs+X80Y3bACnkm/ck671/rmkcBmZBUOtRL9XiF5 +qP3E2MNdAfV7CWFBYBhP3UnVhNxLnJWmHQJAIl9U94lshZTyNd76HDtEvUBRpkEE +Di6j5SXj8F4wQXE/0vK71BMQsdlqKSAwI6RYlg48O/eAOXT5erxed9WxJQJAI42R +ytWub9tM4ATlYVuq8CNpM6eJTW03yuzkWRLpa4glW8hQtxGUoFxs0RuxCGUThwyy +PbFfTlpU/3nUEn6cLQJAcj6DrvRMlq7ooTTSeYz3FCV5XyfOOz4Chv8IEDntGSz2 +QYia78JPbX+mUgFMV40eAr2PcHa9aih1rXK7K8H1hA== -----END RSA PRIVATE KEY----- diff --git a/test/expired-ca/req_conf.cnf b/test/expired-ca/req_conf.cnf index 18be02c..e22a155 100644 --- a/test/expired-ca/req_conf.cnf +++ b/test/expired-ca/req_conf.cnf @@ -67,9 +67,9 @@ nsComment = "OpenSSL Generated Server Certificate" [ ca_altname ] # This is OK for an SSL server. -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com [ ca_client ] # For normal client use this is typical @@ -83,7 +83,8 @@ nsComment = "OpenSSL Generated Client Server Certificate" [ ca_fclient ] # This is typical in keyUsage for a client certificate. -keyUsage = nonRepudiation, digitalSignature, keyEncipherment +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Client Certificate with key usage" [ ca_none ] diff --git a/test/fake-ca/fake.cert b/test/fake-ca/fake.cert index 4a0ca5e..f2e9d3f 100644 --- a/test/fake-ca/fake.cert +++ b/test/fake-ca/fake.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDAjCCAmugAwIBAgIJAO0FFDQThQMjMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV +MIIDAjCCAmugAwIBAgIJAKVvazX2US7ZMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIGZha2UgQ0EwHhcNMDkxMjA5MTYy -NjEwWhcNMzcwNDI2MTYyNjEwWjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv +CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIGZha2UgQ0EwHhcNMTAwNjI1MjIx +MjExWhcNMzcxMTEwMjIxMjExWjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv cGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFDASBgNV -BAMTC3RoZSBmYWtlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcesdY -OZsBJPCJvQicfeyNM4uZT30FhKTO47/SrQiotN9nE36oUVzqQ096RBGrxxGDEYae -xqa8p3gHp9urqAteHb6MhimkASns68UwS9VwBjqkKTz9TV91MgPAgUcYkxuIOff+ -sYUYXDUQSExTWuzb4xlG5+wfrqryYEQkORWD+QIDAQABo4HPMIHMMAwGA1UdEwQF -MAMBAf8wHQYDVR0OBBYEFN07u5oRDwxZe3RIxhCNSOD9rXhuMIGMBgNVHSMEgYQw -gYGAFN07u5oRDwxZe3RIxhCNSOD9rXhuoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G +BAMTC3RoZSBmYWtlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfr8Pn +rTOlD5veGlkfyumuK4424yLtahHj7ApjdRZIcXO8yHmGeMPhBg+k+Apdi2m1j9o5 +SW9gQQ0ZVP4ECllFfJqsp9YWJrAojgy6n3jj/8RHJdMP8v6d5GKJOL5157vcl7xN +ThRJp9WdQK9+aR3/PnD+pB7uqag9E+CYU8JgMwIDAQABo4HPMIHMMAwGA1UdEwQF +MAMBAf8wHQYDVR0OBBYEFL+4vx9H6I88ZWKAuWkmtJMSVVveMIGMBgNVHSMEgYQw +gYGAFL+4vx9H6I88ZWKAuWkmtJMSVVveoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G A1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRp -b24xFDASBgNVBAMTC3RoZSBmYWtlIENBggkA7QUUNBOFAyMwDgYDVR0PAQH/BAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4GBAG26hxwZ/ov3Qz9q2Cc24SNxgSu8WkjFNJBD -yEcZx0JTRMkHCCuEqYhgOjcMCD5imXydDCCFYG5XWJcdJImZqYSRdyd8KZyXE6xi -gTYZhLuOmNIzekwMee9QhOeYuXbghpDp85ID4gbdVfVh7K6M+/Ro+5qrDQyz58Vi -WiUn4Ezn +b24xFDASBgNVBAMTC3RoZSBmYWtlIENBggkApW9rNfZRLtkwDgYDVR0PAQH/BAQD +AgEGMA0GCSqGSIb3DQEBBQUAA4GBAFMy1KPcvdJpKPFOaeYHPLzM5YA3m+3Qz5aP +F+yPWOa/yG3Uh+xMa6MqPBeOppNlzMzRoTuQlp6Dw951+fWv57P/d6HCGLyCVs7n +CVJGYr6Q7mPmq1fgcM/OrKIXnGd/oqmmYmkzKCFn+13lnKof6LGMAnEeNMa+ewQO +ffPHXdeZ -----END CERTIFICATE----- diff --git a/test/fake-ca/fake.p12 b/test/fake-ca/fake.p12 index 6e927e8..d9b5b91 100644 Binary files a/test/fake-ca/fake.p12 and b/test/fake-ca/fake.p12 differ diff --git a/test/fake-ca/fake.priv b/test/fake-ca/fake.priv index 876da90..ddcfe33 100644 --- a/test/fake-ca/fake.priv +++ b/test/fake-ca/fake.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDcesdYOZsBJPCJvQicfeyNM4uZT30FhKTO47/SrQiotN9nE36o -UVzqQ096RBGrxxGDEYaexqa8p3gHp9urqAteHb6MhimkASns68UwS9VwBjqkKTz9 -TV91MgPAgUcYkxuIOff+sYUYXDUQSExTWuzb4xlG5+wfrqryYEQkORWD+QIDAQAB -AoGBAJesy0hxUKYH4IYRCkSGCF7XD/knCs3qA2rkmMj5CpTs4SdK7P4kAvSR27Iz -86glqXFudBr0dC4iU1uI6YD8eNw+VqiYJDSICk01DV/lHfuvu8k8nEgTgZekjgfC -ax+xiQbvtGko4v4Fz0Wutz6foWzevJeHd21JDhvw73a2EnkBAkEA8QDOTRt1KrsB -erC8scTuMrWu4bKSjqOSHtihzE3ZKcQrIMSp9Xmt+tmskhLhOFKkAkyUZ3I5lExi -yJKhw+3FGQJBAOozCBXnLQN3vf3fUMwsyorb4S6jlZlvmxBGQQ01D5Msg3kV75fp -4AnlAiNpA/w01mZxpAcjxhwH5SafMCwdseECQQCVf9h5wISoIyVBxIzpAa55SnbX -jvyW+yTTebK0l74UyJmwVA7SNc8VAx6n5opLdAhFXNfaa+MH+XJ11W//qGlRAkBb -/Xt5jvpBWHFKHMNRz24nKMLEXQDP6eSQeefnViYt+tgRYapgkz6q5Eb4vbERCXgF -eTGilEymiftaNkDnsypBAkBdych3aA7N186aNQ+KPN+nfnWcMyYh9yQm3VzKsT1R -7Nh4rf3yB/Y4AI4E/qfeMr0vbWYoqft+hmE0rPNCskO+ +MIICXAIBAAKBgQCfr8PnrTOlD5veGlkfyumuK4424yLtahHj7ApjdRZIcXO8yHmG +eMPhBg+k+Apdi2m1j9o5SW9gQQ0ZVP4ECllFfJqsp9YWJrAojgy6n3jj/8RHJdMP +8v6d5GKJOL5157vcl7xNThRJp9WdQK9+aR3/PnD+pB7uqag9E+CYU8JgMwIDAQAB +AoGAXCvT5DHxEWFFEpoav2McJtA1MjFAw9DpqqlgBbBbwEzcBSeiHaAvT/9zoEEb +mosR5R63U0Gz69cgfHK2fBaNF8k5motVwvMncUci78vq/sXNjP2p4sxcmfdEtkjN +7ArWiQEJeH2mlTAT7lBixQ4CsJoGWraaIZwWTeYnunsk5IECQQDNGfLDoBZpgpWK ++6xVHWTxLoaonvky9i2ZtEs5rN1HT6rAuGp8KidCuF6sLcl7EDrmtPuwHuwcfMAD +uwwduEmRAkEAx1Cf3vUR5YzUjszK8sR0hXlIVMTGOqL3BPwOv8cl9BQHc4srx3+6 +/z4eQapbIj8LJxjNWSeOwixeTv3wrNOLgwJBAIG0SC7ofWPqHfIPqHMHLL/NQYE/ +T66nujy6pNvrcuBXBE/uEAFHkx6Bg/V02zbFE8q0Z3qAg6acSb3SOx5MXdECQGGY +DtADO+IklSffCzjYDR4WBt7LAy1PAplEOoyZHPJopEVlTeh/mLbGWdZZbgpUyEc6 +k8Il5ncZdoxDN4fIhbUCQCVVQ79lx2BPDbEMNEDQFfLf1knzGou9zkQvPBY9DLID +qg5DeB0o09IXskN6sUn1DwZNqpp/uJ3Yll8L6YscHfU= -----END RSA PRIVATE KEY----- diff --git a/test/fake-ca/req_conf.cnf b/test/fake-ca/req_conf.cnf index 41dcda6..66a588b 100644 --- a/test/fake-ca/req_conf.cnf +++ b/test/fake-ca/req_conf.cnf @@ -67,9 +67,9 @@ nsComment = "OpenSSL Generated Server Certificate" [ ca_altname ] # This is OK for an SSL server. -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com [ ca_client ] # For normal client use this is typical @@ -83,7 +83,8 @@ nsComment = "OpenSSL Generated Client Server Certificate" [ ca_fclient ] # This is typical in keyUsage for a client certificate. -keyUsage = nonRepudiation, digitalSignature, keyEncipherment +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Client Certificate with key usage" [ ca_none ] diff --git a/test/nokeyusage-ca/nokeyusage.cert b/test/nokeyusage-ca/nokeyusage.cert index 7469a86..de9454e 100644 --- a/test/nokeyusage-ca/nokeyusage.cert +++ b/test/nokeyusage-ca/nokeyusage.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDFDCCAn2gAwIBAgIJAMam5pwcE352MA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV +MIIDFDCCAn2gAwIBAgIJAP4ib3u5evgHMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjEaMBgGA1UEAxMRdGhlIG5va2V5dXNhZ2UgQ0EwHhcNMDkx -MjA5MTYyNzA5WhcNMzcwNDI2MTYyNzA5WjBgMQswCQYDVQQGEwJVRzEPMA0GA1UE +CxMKUmVsYXhhdGlvbjEaMBgGA1UEAxMRdGhlIG5va2V5dXNhZ2UgQ0EwHhcNMTAw +NjI1MjIxMjI1WhcNMzcxMTEwMjIxMjI1WjBgMQswCQYDVQQGEwJVRzEPMA0GA1UE BxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24x GjAYBgNVBAMTEXRoZSBub2tleXVzYWdlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GN -ADCBiQKBgQC1sDcjw5TH+LYj2sNRaR5CEo4zecP3nMyGWL1B84HEDBejvNXMZbpk -FV6aWc/aIsZjM1NVKDBx4OH+JimjX1y1TnURlq0k4S/4/cqPxIX6wY2Om0QF418l -6yVEcXPFkGvfM22MkNDdukpBxYIUYAlcoEflb0wVNXR0LD0cqaWtkQIDAQABo4HV -MIHSMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFHtqwoVzbfSCBoAchgVr0Kdlb+QN -MIGSBgNVHSMEgYowgYeAFHtqwoVzbfSCBoAchgVr0Kdlb+QNoWSkYjBgMQswCQYD +ADCBiQKBgQDEb+cTEwQ0wmoCatX+1Xnw06c6J6RCcw7/Q16mGnsRZR7nlNnyNbpQ +nTNzUJDPJMpT9LyVT+4FxpSQOadYYlAs2QnWCeWhf5cg1nJg1apziN5vdQRmRL1R +QXYeKATsDSflbEq1zRkl5KFKjoPXVvd8fhd/RiWosRgR8i7MFiAu+wIDAQABo4HV +MIHSMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFMNdOUrN7cyegclV4IzqyR979Xhy +MIGSBgNVHSMEgYowgYeAFMNdOUrN7cyegclV4IzqyR979XhyoWSkYjBgMQswCQYD VQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNV -BAsTClJlbGF4YXRpb24xGjAYBgNVBAMTEXRoZSBub2tleXVzYWdlIENBggkAxqbm -nBwTfnYwDgYDVR0PAQH/BAQDAgECMA0GCSqGSIb3DQEBBQUAA4GBADhep4H9Lnfm -uoKLUR4Xuyvnv8OvvVtqMO/Gk35nv645jqoFfLMX/hWnMke7vd0oUiMoWo5B9wlN -CWW2z14rRg75aX08SCT1XE5UAdrBQJIbKzFRGoEKzRyukfMCoX4K3mVdGwH7igoH -sF8HmwdlUOl0gaagKM1qWkQrcHGNLEeq +BAsTClJlbGF4YXRpb24xGjAYBgNVBAMTEXRoZSBub2tleXVzYWdlIENBggkA/iJv +e7l6+AcwDgYDVR0PAQH/BAQDAgECMA0GCSqGSIb3DQEBBQUAA4GBAJ2gRFh9wfmP +tUi95DckyNKzQnc4zML3N5sAtT29rfay0dfr1Gfqa5b4UPFhRP8NJ1rdZd4LNDWR +x1mje5wByodEd7M/YsnCj9wxYato3NBMc/G8+kK72ar+6PogbuvU1sNq12zBzVhx +aYk14tUj0dkgoJIqlqQs/wLi157Cvxu1 -----END CERTIFICATE----- diff --git a/test/nokeyusage-ca/nokeyusage.p12 b/test/nokeyusage-ca/nokeyusage.p12 index 42e628a..1fad09b 100644 Binary files a/test/nokeyusage-ca/nokeyusage.p12 and b/test/nokeyusage-ca/nokeyusage.p12 differ diff --git a/test/nokeyusage-ca/nokeyusage.priv b/test/nokeyusage-ca/nokeyusage.priv index cebee71..b3e507e 100644 --- a/test/nokeyusage-ca/nokeyusage.priv +++ b/test/nokeyusage-ca/nokeyusage.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQC1sDcjw5TH+LYj2sNRaR5CEo4zecP3nMyGWL1B84HEDBejvNXM -ZbpkFV6aWc/aIsZjM1NVKDBx4OH+JimjX1y1TnURlq0k4S/4/cqPxIX6wY2Om0QF -418l6yVEcXPFkGvfM22MkNDdukpBxYIUYAlcoEflb0wVNXR0LD0cqaWtkQIDAQAB -AoGAYPvCQzX4alIpr7PrxL4u56gN/g5GfBtX1XLy+4xnPWYTDFUVbvjyaNA7YnsE -h3U+nt9b4T4FthQLrmVinpGd40ZOzbRXmY7K9QyUmFobGlQNK+TT+wKdF0brajiJ -bMwk2j65vmNVflmRe4lyq6FV+1oyj+WzkXOKwOpmURZICxECQQDx2xE1IIij4T1Q -i135ujGsFQhvcSBRNJgtevHTblcoQULEvE1zV1wWg2eIZu1CqwLkrJOMxn8Q1Mv7 -jR/qIULFAkEAwFBayrnx75LdBSxdvsx8HRtiDsIePkf1InLpOAF8CS72W2rRniNE -mef+hWPiXRK80KkoPpHMgalDEFdFAeV8XQI/VBTU5qNo3ZBwwI+zHB6fJjQpupSZ -p6GhRi535Al4Q4Zsr/jG9FJqsWj9lW4zDfpmBxn4MfjQNAnG4K0vazYlAkEAnJZQ -9tRki/92+ylew2ZYgJK1SvMAERIiJQSPpMyApDGa4mCdgTeSOgbOFOp5e/Mvzm6N -mDS64bBiLMICLEMg+QJANy+y9S7o5eH+svlRYcj9DNdqD41JLsBE3q+60S/cv85W -eX5Oc3j+c0O/JPO8UxFoYAlDCfVQd2937kiNz19MHg== +MIICWwIBAAKBgQDEb+cTEwQ0wmoCatX+1Xnw06c6J6RCcw7/Q16mGnsRZR7nlNny +NbpQnTNzUJDPJMpT9LyVT+4FxpSQOadYYlAs2QnWCeWhf5cg1nJg1apziN5vdQRm +RL1RQXYeKATsDSflbEq1zRkl5KFKjoPXVvd8fhd/RiWosRgR8i7MFiAu+wIDAQAB +AoGAG39mo17oGdKVMF1wM0oC1dlq8VMXRU4B7W2q1CmkzJyRJO3LTIKE4EABMcU3 +YCfQQsxhka0srpZLuZy4dkDc5Att1WKjmkXMmzMANVLpt9F+RRYR+LY5R35lYocZ +NrlgqIThVZmfCxWDTw537TeMAt2512PEK4aPT1YMx+Rbp8ECQQDqUYLPDLsqJmxD +IARo7bBfR8+Pb7EpnwKK34rmc4EMS31g+uWI2Nda1v4UbvhcRmghfKHK2FKRBl8e +btiL9l2RAkEA1p0RMY4lFK0eoBAbCkJ2Y9n4kbmTcnYMa44fRQkUUGhE100QwZUP +9bcyJA0Q/+dQsxctsQDliU2kKsERs3mtywJAM5FCv3xmyGzyUIeAUPNWaHGuXTvQ +en9zGMr/j54F3YXTjv9Ieqh2JJjCDA8r+2rHSe9a0ABxk1caoeD1KUBL8QJAW9oT +bsMoiaXicp0SBZ0WcHvsz+m9+oIdpLbKGVDeed92fzNDlaaHkyGZ+yYAfZXxywSD +kLsSgmZRed7yBX9xawJAbXK1BIlZvO5DM0E64WTDgXA9MfNzRvpLO60dPZQ8T9o4 +NWL76ZFn3I/FUswg+iTzUOI2BNLC+kfxhFuAJ4sMQg== -----END RSA PRIVATE KEY----- diff --git a/test/nokeyusage-ca/req_conf.cnf b/test/nokeyusage-ca/req_conf.cnf index 6a51485..0a285b4 100644 --- a/test/nokeyusage-ca/req_conf.cnf +++ b/test/nokeyusage-ca/req_conf.cnf @@ -67,9 +67,9 @@ nsComment = "OpenSSL Generated Server Certificate" [ ca_altname ] # This is OK for an SSL server. -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com [ ca_client ] # For normal client use this is typical @@ -83,7 +83,8 @@ nsComment = "OpenSSL Generated Client Server Certificate" [ ca_fclient ] # This is typical in keyUsage for a client certificate. -keyUsage = nonRepudiation, digitalSignature, keyEncipherment +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Client Certificate with key usage" [ ca_none ] diff --git a/test/root-ca/req_conf.cnf b/test/root-ca/req_conf.cnf index 0b0b34e..335f034 100644 --- a/test/root-ca/req_conf.cnf +++ b/test/root-ca/req_conf.cnf @@ -67,9 +67,9 @@ nsComment = "OpenSSL Generated Server Certificate" [ ca_altname ] # This is OK for an SSL server. -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com [ ca_client ] # For normal client use this is typical @@ -83,7 +83,8 @@ nsComment = "OpenSSL Generated Client Server Certificate" [ ca_fclient ] # This is typical in keyUsage for a client certificate. -keyUsage = nonRepudiation, digitalSignature, keyEncipherment +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Client Certificate with key usage" [ ca_none ] diff --git a/test/root-ca/root.cert b/test/root-ca/root.cert index a70b8fa..6a01f12 100644 --- a/test/root-ca/root.cert +++ b/test/root-ca/root.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDAjCCAmugAwIBAgIJAN70gOiGeHNkMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV +MIIDAjCCAmugAwIBAgIJAKPwci2cZB+IMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIHJvb3QgQ0EwHhcNMDkxMjA5MTYy -NzA5WhcNMzcwNDI2MTYyNzA5WjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv +CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIHJvb3QgQ0EwHhcNMTAwNjI1MjIx +MjI1WhcNMzcxMTEwMjIxMjI1WjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv cGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFDASBgNV -BAMTC3RoZSByb290IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDsBAlZ -L671sIktcVJcoEYdHMqtLlf/RYJt0da0upIWRxXvpS28UDOGkiGXqqXNgayWTrf6 -ecBYAnfXjIDCG42RQiEzcnHQWTyGhVKclGgeXv49B1Fn1hH77wMhQrtyUbMhvSGI -sRHYv4EH45UOLVtQc4fGa9x7LgP6cJg9i1+DGQIDAQABo4HPMIHMMAwGA1UdEwQF -MAMBAf8wHQYDVR0OBBYEFL2h6oGN//VQZjdV1+QmQMKpOD7EMIGMBgNVHSMEgYQw -gYGAFL2h6oGN//VQZjdV1+QmQMKpOD7EoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G +BAMTC3RoZSByb290IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD3Xbxr +R7Xaui+bCPfxnADGQoD3ZR9KYu5gZx+zWpZ4gjPV5fvF7jLnSBSGnepxfgWNa+rE +EzLinQgmAxln2HZ1JtxqAxOQ8l7e8FagcCMs51DfqADwe6n1vjJsbqSRGPPQ+rA6 +WgjJKWVbj1wvMzArEWeKhwC2FrXmJZJcb+y64wIDAQABo4HPMIHMMAwGA1UdEwQF +MAMBAf8wHQYDVR0OBBYEFO+Ct/l3PXlQnwNVePRqDWw0i2MrMIGMBgNVHSMEgYQw +gYGAFO+Ct/l3PXlQnwNVePRqDWw0i2MroV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G A1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRp -b24xFDASBgNVBAMTC3RoZSByb290IENBggkA3vSA6IZ4c2QwDgYDVR0PAQH/BAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4GBAI0KSvSjFgzWR26b8N9jpU/20Nw6xH6uS2AF -czdqlJxBJZKzPCOkfPB2oh82CTcebzdDOWOOqa0Sft65s8wTqHeG7JS6BnceiNKL -w6dj4WBgvgWBgl4euue0wlTQLOd849cvKOlOfFZmtwOjqIV/Bc2+VXPXkLGe66z8 -wMLCxTdo +b24xFDASBgNVBAMTC3RoZSByb290IENBggkAo/ByLZxkH4gwDgYDVR0PAQH/BAQD +AgEGMA0GCSqGSIb3DQEBBQUAA4GBACA2exy3+TjDp+o2ZTL3KGpN/GzG/bHglZ1T +Bw7g6ssU4JzioruBBd1hl0kRGexSCcEq5IW0cnh1UKtzm22H6fH+fJQlLiLRMnhx +puA6h9hr/jyNU/y+70KhI5XJyecALVgDbovcgmtk8bKfGYadV+aimCNaRWGQPdR5 +gRSPFFas -----END CERTIFICATE----- diff --git a/test/root-ca/root.p12 b/test/root-ca/root.p12 index 67ecb02..171051a 100644 Binary files a/test/root-ca/root.p12 and b/test/root-ca/root.p12 differ diff --git a/test/root-ca/root.priv b/test/root-ca/root.priv index 5489a06..f5e66e1 100644 --- a/test/root-ca/root.priv +++ b/test/root-ca/root.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDsBAlZL671sIktcVJcoEYdHMqtLlf/RYJt0da0upIWRxXvpS28 -UDOGkiGXqqXNgayWTrf6ecBYAnfXjIDCG42RQiEzcnHQWTyGhVKclGgeXv49B1Fn -1hH77wMhQrtyUbMhvSGIsRHYv4EH45UOLVtQc4fGa9x7LgP6cJg9i1+DGQIDAQAB -AoGBAIqwKIonEgm/7iws7jgN2oWa+KJhnEYeI3HDIAbdp6C9ru8+wixpeI24a1MD -bSDg9Xjx0vy19MgC00dvge4OYNX86ec28N2PmERPNzilqFMj5sGNx2BWArnJT6fV -odkQ6UIh+USMiAk6xGpo68T+jBt6DyK81sCOL90PCCRQDoKNAkEA/DqnJOG7xU5Z -glsf226XE+U1UDyK/ePHnIOHIV1D/4x0aIAvFqeyER5+iTILnoWT0YepaDoM+tWY -9xzjvQ2qPwJBAO+LVLRpYdn2YSGMUxVvLt4RJKr7zQ+SwwC+wi+b3VmS+iCGXwWu -QX3eFbtRlmv35d9b5xcaA/eoOGMoiozljKcCQFC0y8qnWBe4DDgDxFvINRsumjKE -TM0UV0ijZVetqhZY8N6HNYoAOp/zq/VmSAV/JF9FE1XATWrtcbaQTeauOq0CQBM3 -8IHQ+qLMG5rfcUME+pOieHinXxpiwfZrV5UOQkIPgrXdUf5YrrR0fvXaY+EhsHWt -H+tAkRTrkCqUdBk9yX0CQQDh6J7uGU44tvMwxgc9jSqib5DqgflzF3hXJpLhZX8S -Y9GaWp6pfrZUH0E46f7aorAaTeZ/4GobazC9VLcK5wPK +MIICXAIBAAKBgQD3XbxrR7Xaui+bCPfxnADGQoD3ZR9KYu5gZx+zWpZ4gjPV5fvF +7jLnSBSGnepxfgWNa+rEEzLinQgmAxln2HZ1JtxqAxOQ8l7e8FagcCMs51DfqADw +e6n1vjJsbqSRGPPQ+rA6WgjJKWVbj1wvMzArEWeKhwC2FrXmJZJcb+y64wIDAQAB +AoGAKRW7hsH5VWPZJlHeBJYZltRS4UQ9Zzh5SS+3ly1zkn5lp6A0KhK/B6T0K8us +tb7toyiKbJiXugXE5bNcE+BjBAye91o2aH2SOjV0ougcAlBOD6G9QYuKK7VISoSO +R9gyJ8TPVfi6VYI7jgTULDDhG75PaMt7tt4tB3p7C7v/HsECQQD/l75TSv+OV4/K +esEWLtGrl+1VokETlZEtN0LheyC/cfobECJoYEu4LtDWM652U9z+9TbqmQ1buAPP +J64iQSdDAkEA98KjDRZf3G1Kf6gTc3lkI7N94sbXptV/jhac+/x8QyodpE8ZwN+W +qhRdCocwNXT5HO6qv/oB0k0UU3zzJC/T4QJAPOnqNymhnEfsAgKdb+76k12i94yy +27sCnXcVHm3c0SOVystel+eTRDMMHHC2vIaiHbVNQD33vAswBTfcvVcvxwJAJxE7 +4K5sgzeAjcyU9Jppne+JpB6ylo4HxQHv0xQnC/gyIFyQtQcMnNkFKsnSYjuFpHhF +2Gu1qdGZqOiE9mnMQQJBAMnRkXDEfejVfzNpMEl/lA9pGD2b4h1tRrim5EWgyg/w +/dbmw7Fz5TC5ve/cX4/Lft91NM6zTttxPOWfaslY0g8= -----END RSA PRIVATE KEY----- diff --git a/test/slash-ca/index.txt b/test/slash-ca/index.txt new file mode 100644 index 0000000..e69de29 diff --git a/test/slash-ca/req_conf.cnf b/test/slash-ca/req_conf.cnf new file mode 100644 index 0000000..2def6c9 --- /dev/null +++ b/test/slash-ca/req_conf.cnf @@ -0,0 +1,112 @@ +### req command + +oid_section = new_oids + +[ new_oids ] +limitedProxyOid = 1.3.6.1.4.1.3536.1.1.1.9 + +[ req ] +default_bits = 1024 +distinguished_name = req_distinguished_name + +[ req_distinguished_name ] + +[ ca_cert_req ] +basicConstraints = CA:true +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always,issuer:always +keyUsage = critical, cRLSign, keyCertSign + +[ ca_cert_req_nokeyusage ] +basicConstraints = CA:true +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always,issuer:always +keyUsage = critical, cRLSign + +[ proxy_cert_req ] + +[ proxy_proxy_cert_req ] + +#### ca command + +[ca] +default_ca = CA_default + +[CA_default] +dir = $ENV::CASROOT/slash-ca +database = $dir/index.txt +serial = $dir/serial.txt +default_md = sha1 + +certificate = $dir/slash.cert +private_key = $dir/slash.priv + +policy = policy_any + +[policy_any] +countryName = supplied +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional +userId = optional +serialNumber = optional + +[ ca_cert ] +basicConstraints = CA:TRUE + + +[ ca_server ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +# For an object signing certificate this would be used. +# nsCertType = objsign + +[ ca_altname ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com + +[ ca_client ] +# For normal client use this is typical +nsCertType = client, email +nsComment = "OpenSSL Generated Client Certificate" + +[ ca_clientserver ] +# For normal client use this is typical +nsCertType = server, client, email +nsComment = "OpenSSL Generated Client Server Certificate" + +[ ca_fclient ] +# This is typical in keyUsage for a client certificate. +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment +nsComment = "OpenSSL Generated Client Certificate with key usage" + +[ ca_none ] +nsComment = "OpenSSL Generated Client Certificate without Flags" + +[ proxy_none ] +keyUsage = critical,digitalSignature,keyEncipherment + +[ proxy_invalid_usage ] +keyUsage = critical,keyEncipherment + +[ proxy_rfc_pathLen1 ] +proxyCertInfo=critical,language:id-ppl-inheritAll,pathlen:1 + +[ proxy_rfc ] +proxyCertInfo=critical,language:id-ppl-inheritAll + +[ proxy_rfc_anypolicy ] +proxyCertInfo=critical,language:id-ppl-anyLanguage,policy:text:AB + +[ proxy_rfc_independent ] +proxyCertInfo=critical,language:id-ppl-independent,pathlen:1 + +[ proxy_rfc_limited ] +proxyCertInfo=critical,language:limitedProxyOid diff --git a/test/slash-ca/serial.txt b/test/slash-ca/serial.txt new file mode 100644 index 0000000..3dcc795 --- /dev/null +++ b/test/slash-ca/serial.txt @@ -0,0 +1 @@ +0176 diff --git a/test/slash-ca/slash.cert b/test/slash-ca/slash.cert new file mode 100644 index 0000000..1feff65 --- /dev/null +++ b/test/slash-ca/slash.cert @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDRzCCArCgAwIBAgIJAMTbGNNQrnREMA0GCSqGSIb3DQEBBQUAMHExCzAJBgNV +BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxOjA4BgNVBAoTMWh0dHA6Ly9zbGFzaC5z +bGFzaC5lZHU6NzY1Ni90ZXN0aW5nL09VPVJlbGF4YXRpb24xFTATBgNVBAMTDHRo +ZSBzbGFzaCBDQTAeFw0xMDA2MjUyMjEyMjVaFw0zNzExMTAyMjEyMjVaMHExCzAJ +BgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxOjA4BgNVBAoTMWh0dHA6Ly9zbGFz +aC5zbGFzaC5lZHU6NzY1Ni90ZXN0aW5nL09VPVJlbGF4YXRpb24xFTATBgNVBAMT +DHRoZSBzbGFzaCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAx3Ck+l7D +XRpo7jsSiS3CJ3Osjw3CPvycKlHRkeJcvtNZueOqYDXclAOO+VGzF/49mwRzCuoa +on+IRKv+OA71Br8dwgLsC/nUR+WH9JZ3bC4sbkBoD7T6CxhqSY2tm12Y7dv6WuAz +M+B5C1NggvBQRBVWl6jqH5Ib/Z3F2oZDilECAwEAAaOB5jCB4zAMBgNVHRMEBTAD +AQH/MB0GA1UdDgQWBBQZkkN1mCO6+lLipSePgV4pVbi9YTCBowYDVR0jBIGbMIGY +gBQZkkN1mCO6+lLipSePgV4pVbi9YaF1pHMwcTELMAkGA1UEBhMCVUcxDzANBgNV +BAcTBlRyb3BpYzE6MDgGA1UEChMxaHR0cDovL3NsYXNoLnNsYXNoLmVkdTo3NjU2 +L3Rlc3RpbmcvT1U9UmVsYXhhdGlvbjEVMBMGA1UEAxMMdGhlIHNsYXNoIENBggkA +xNsY01CudEQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAFu4FQsK +SZWMpCr2ENrTVVNxoIKFT8YRnVPl3VGtRWuD7pYo1wVc79l00ov/4GWt7G7TEced +GVT0dhKXpQq52SoBp7F0gN9JKSwZ7I/n8nKt1gJXFSONVhIGeO1CUNd4gQRPbD67 +iti16W3+hF964PudHuMdxZDLCAxG8dciCzsz +-----END CERTIFICATE----- diff --git a/test/slash-ca/slash.namespaces b/test/slash-ca/slash.namespaces new file mode 100644 index 0000000..5e83be5 --- /dev/null +++ b/test/slash-ca/slash.namespaces @@ -0,0 +1,3 @@ +# Namespace for the /C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA" +TO Issuer "/C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA" PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*" + diff --git a/test/slash-ca/slash.p12 b/test/slash-ca/slash.p12 new file mode 100644 index 0000000..d178607 Binary files /dev/null and b/test/slash-ca/slash.p12 differ diff --git a/test/slash-ca/slash.priv b/test/slash-ca/slash.priv new file mode 100644 index 0000000..4916d1a --- /dev/null +++ b/test/slash-ca/slash.priv @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQDHcKT6XsNdGmjuOxKJLcInc6yPDcI+/JwqUdGR4ly+01m546pg +NdyUA475UbMX/j2bBHMK6hqif4hEq/44DvUGvx3CAuwL+dRH5Yf0lndsLixuQGgP +tPoLGGpJja2bXZjt2/pa4DMz4HkLU2CC8FBEFVaXqOofkhv9ncXahkOKUQIDAQAB +AoGBAIM0xSR9sVMP69ZGgJREyUVBIVXffFoJwAdLWm76F3/m9VGIyG6RILMzgBzf +tc3kEc1o6PJWPv2GnzRmXlGs7V6+kNpsFZw6+WsaUslhzdHqBRV2+Bonunkyo/7+ +BzUtmnd3sSvHcFHHSzS48XgEqSiBtRtvp65lJveTjHQVYL1RAkEA/bX2Q7A5ZXZG +SXnhBQzcr4uks0BE5MQZPHuadRfD/TVkdL2mI+Icy7lnhzhTA5y4YJbTeLXUh+Wa +X99S1mCCVQJBAMk9UwGQAQ5Bq+tn5XoP++YFCPb43dgoTneiFEFDP3nNy7aqqu9Y +D0N1uPJE9ISgOs0N08ajijSFji96VkyNPA0CQQCV9Qcp2u8R2WaR50fpBEEsQQ2I +JWSTEpUX+rbAnttovjYyCiY471y1zVAzzEbEy8zuyjcUEeUcrckhAY6kx0ZBAkBY +PyceQUrlOJEuauIrk8TPypdyzhFij9JRDec580ZroH5bvR22VXRkDcSroOdlHWqL +ryuWKPMbMxH16fzcFvclAkEAyHkKHV9m84Q7Fpke74BmdSj6hT786CEA79DGLLv3 +WbxzeFPDfl+QiP9vdkSYGiJY4zWe68HcZwMu9ZFpzhZDHA== +-----END RSA PRIVATE KEY----- diff --git a/test/slash-ca/slash.signing_policy b/test/slash-ca/slash.signing_policy new file mode 100644 index 0000000..fa936da --- /dev/null +++ b/test/slash-ca/slash.signing_policy @@ -0,0 +1,4 @@ +# Signing policy file for the /C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA" +access_id_CA X509 '/C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA' +pos_rights globus CA:sign +cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"' diff --git a/test/subca-ca/index.txt b/test/subca-ca/index.txt index 50f9539..4ab0806 100644 --- a/test/subca-ca/index.txt +++ b/test/subca-ca/index.txt @@ -1 +1 @@ -V 370426162710Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA +V 371110221225Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA diff --git a/test/subca-ca/req_conf.cnf b/test/subca-ca/req_conf.cnf index ce2b1ab..b946ed0 100644 --- a/test/subca-ca/req_conf.cnf +++ b/test/subca-ca/req_conf.cnf @@ -67,9 +67,9 @@ nsComment = "OpenSSL Generated Server Certificate" [ ca_altname ] # This is OK for an SSL server. -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com [ ca_client ] # For normal client use this is typical @@ -83,7 +83,8 @@ nsComment = "OpenSSL Generated Client Server Certificate" [ ca_fclient ] # This is typical in keyUsage for a client certificate. -keyUsage = nonRepudiation, digitalSignature, keyEncipherment +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Client Certificate with key usage" [ ca_none ] diff --git a/test/subca-ca/subca.cert b/test/subca-ca/subca.cert index aaa165b..8a80c9f 100644 --- a/test/subca-ca/subca.cert +++ b/test/subca-ca/subca.cert @@ -5,59 +5,59 @@ Certificate: Signature Algorithm: md5WithRSAEncryption Issuer: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the root CA Validity - Not Before: Dec 9 16:27:10 2009 GMT - Not After : Apr 26 16:27:10 2037 GMT + Not Before: Jun 25 22:12:25 2010 GMT + Not After : Nov 10 22:12:25 2037 GMT Subject: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the subca CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): - 00:c6:2d:d0:cd:2c:7d:2d:5e:96:a6:3d:78:62:97: - bd:da:51:33:95:8a:24:0f:8d:fd:14:b1:fa:b3:ac: - eb:f8:e9:f3:31:3b:f7:f3:c1:f6:e0:5a:bf:9b:93: - 22:08:ec:f2:09:55:58:44:bd:c5:bb:07:c0:8c:bc: - 7d:9c:04:66:51:b3:26:d8:d9:37:76:6e:ca:88:ef: - b2:cd:43:cf:e9:3a:61:fc:2e:30:96:90:fa:8b:8b: - ce:7b:3a:64:a5:0f:a1:9d:c2:25:0a:21:ee:ed:be: - ce:d1:ea:0f:6e:20:36:7c:e8:f1:8a:ca:6c:4e:3c: - 41:46:c5:4d:40:aa:09:91:27 + 00:d5:1f:73:79:e9:87:d4:69:c7:e0:b5:df:34:57: + d4:d1:51:a0:62:32:e5:e0:63:26:d3:72:ef:f5:58: + 1e:69:89:8e:51:7f:21:62:4e:e8:3e:22:8d:fc:28: + a4:5c:9d:67:5d:b1:53:0a:22:30:c6:0b:0b:79:ca: + 96:cd:f3:b7:b5:a5:e3:a0:13:09:d1:cf:01:30:56: + 62:2f:0e:7e:4c:6a:86:98:be:2b:b0:92:af:30:64: + 23:30:cc:2e:97:fc:55:08:c1:57:15:ef:6a:06:36: + df:17:cd:98:88:3b:ad:e6:20:6f:ae:04:4f:f7:0f: + 90:22:8c:2a:17:17:1d:69:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:TRUE X509v3 Subject Key Identifier: - CE:3B:77:9F:05:35:41:E3:6C:26:B9:F7:CF:CA:01:F6:F5:15:89:02 + E6:FA:00:4B:A9:18:82:43:96:A8:FA:84:C6:35:6C:BB:96:9B:B3:0E X509v3 Authority Key Identifier: - keyid:BD:A1:EA:81:8D:FF:F5:50:66:37:55:D7:E4:26:40:C2:A9:38:3E:C4 + keyid:EF:82:B7:F9:77:3D:79:50:9F:03:55:78:F4:6A:0D:6C:34:8B:63:2B DirName:/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the root CA - serial:DE:F4:80:E8:86:78:73:64 + serial:A3:F0:72:2D:9C:64:1F:88 X509v3 Key Usage: critical Certificate Sign, CRL Sign Signature Algorithm: md5WithRSAEncryption - 98:0e:78:59:02:57:26:43:33:cc:70:82:69:e1:a9:bf:df:a1: - 9c:3a:4b:f5:c2:eb:f2:7a:97:88:87:7e:4b:c2:5d:2e:61:a5: - a2:5d:73:76:13:e5:d6:0d:07:de:2b:23:e2:11:b5:93:3a:9c: - cc:f2:ed:61:65:15:23:2e:73:2e:90:07:5b:fd:88:49:ba:b3: - 6a:d0:1d:38:e6:82:08:5d:35:eb:fb:da:cf:5e:a5:b3:31:11: - 04:30:18:78:76:c2:da:65:4a:c6:71:47:dd:14:56:2e:77:e3: - e8:31:6b:c7:0b:9a:48:30:90:13:d3:2e:b9:3d:75:54:d3:d8: - 7d:02 + 0b:ad:64:b5:1b:78:80:10:36:50:1f:a6:c8:cf:2f:0d:2e:dd: + 35:18:e3:ab:ae:18:ef:45:7f:3d:16:82:16:2f:6f:3f:50:63: + 8c:cd:f5:99:0c:7e:d1:ea:1e:d9:a8:c4:14:09:6f:a8:75:34: + 96:ea:d8:8f:c5:f1:53:d2:5c:37:83:5d:79:cf:fa:4f:64:5f: + 14:91:71:2d:f8:7b:a0:e5:2b:a5:da:b1:8e:63:32:a3:e9:a5: + e4:e9:79:e5:2f:98:0c:ce:81:24:7d:e2:44:61:9d:ae:36:f6: + 06:96:9e:dc:f7:8c:9a:94:bc:65:0c:6f:d1:5f:92:61:b7:06: + 76:3b -----BEGIN CERTIFICATE----- MIIC/DCCAmWgAwIBAgICAXYwDQYJKoZIhvcNAQEEBQAwWjELMAkGA1UEBhMCVUcx DzANBgNVBAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxh -eGF0aW9uMRQwEgYDVQQDEwt0aGUgcm9vdCBDQTAeFw0wOTEyMDkxNjI3MTBaFw0z -NzA0MjYxNjI3MTBaMFsxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzAN +eGF0aW9uMRQwEgYDVQQDEwt0aGUgcm9vdCBDQTAeFw0xMDA2MjUyMjEyMjVaFw0z +NzExMTAyMjEyMjVaMFsxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzAN BgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEVMBMGA1UEAxMMdGhl -IHN1YmNhIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGLdDNLH0tXpam -PXhil73aUTOViiQPjf0UsfqzrOv46fMxO/fzwfbgWr+bkyII7PIJVVhEvcW7B8CM -vH2cBGZRsybY2Td2bsqI77LNQ8/pOmH8LjCWkPqLi857OmSlD6GdwiUKIe7tvs7R -6g9uIDZ86PGKymxOPEFGxU1AqgmRJwIDAQABo4HPMIHMMAwGA1UdEwQFMAMBAf8w -HQYDVR0OBBYEFM47d58FNUHjbCa598/KAfb1FYkCMIGMBgNVHSMEgYQwgYGAFL2h -6oGN//VQZjdV1+QmQMKpOD7EoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG +IHN1YmNhIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVH3N56YfUacfg +td80V9TRUaBiMuXgYybTcu/1WB5piY5RfyFiTug+Io38KKRcnWddsVMKIjDGCwt5 +ypbN87e1peOgEwnRzwEwVmIvDn5MaoaYviuwkq8wZCMwzC6X/FUIwVcV72oGNt8X +zZiIO63mIG+uBE/3D5AijCoXFx1ptQIDAQABo4HPMIHMMAwGA1UdEwQFMAMBAf8w +HQYDVR0OBBYEFOb6AEupGIJDlqj6hMY1bLuWm7MOMIGMBgNVHSMEgYQwgYGAFO+C +t/l3PXlQnwNVePRqDWw0i2MroV6kXDBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFDAS -BgNVBAMTC3RoZSByb290IENBggkA3vSA6IZ4c2QwDgYDVR0PAQH/BAQDAgEGMA0G -CSqGSIb3DQEBBAUAA4GBAJgOeFkCVyZDM8xwgmnhqb/foZw6S/XC6/J6l4iHfkvC -XS5hpaJdc3YT5dYNB94rI+IRtZM6nMzy7WFlFSMucy6QB1v9iEm6s2rQHTjmgghd -Nev72s9epbMxEQQwGHh2wtplSsZxR90UVi534+gxa8cLmkgwkBPTLrk9dVTT2H0C +BgNVBAMTC3RoZSByb290IENBggkAo/ByLZxkH4gwDgYDVR0PAQH/BAQDAgEGMA0G +CSqGSIb3DQEBBAUAA4GBAAutZLUbeIAQNlAfpsjPLw0u3TUY46uuGO9Ffz0WghYv +bz9QY4zN9ZkMftHqHtmoxBQJb6h1NJbq2I/F8VPSXDeDXXnP+k9kXxSRcS34e6Dl +K6XasY5jMqPppeTpeeUvmAzOgSR94kRhna429gaWntz3jJqUvGUMb9FfkmG3BnY7 -----END CERTIFICATE----- diff --git a/test/subca-ca/subca.p12 b/test/subca-ca/subca.p12 index 1c31c28..960f007 100644 Binary files a/test/subca-ca/subca.p12 and b/test/subca-ca/subca.p12 differ diff --git a/test/subca-ca/subca.priv b/test/subca-ca/subca.priv index 3a707bf..7d012ea 100644 --- a/test/subca-ca/subca.priv +++ b/test/subca-ca/subca.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQDGLdDNLH0tXpamPXhil73aUTOViiQPjf0UsfqzrOv46fMxO/fz -wfbgWr+bkyII7PIJVVhEvcW7B8CMvH2cBGZRsybY2Td2bsqI77LNQ8/pOmH8LjCW -kPqLi857OmSlD6GdwiUKIe7tvs7R6g9uIDZ86PGKymxOPEFGxU1AqgmRJwIDAQAB -AoGARDzmVp9pAsQ9D0S/PQOOxauMHYORYyG68PNPpap3HiBAMsW5XN9+yEW3EDSb -VYNw27HdUN4fRYUn0c3dWmlRaVkfUAtHx1VhcsTfWRxp+FN4enl1HFvi2ji/5UYd -e8z2GumVgwthxK1mGS2Q3pRB/VobGrX1r8384r7qCqRVyUECQQDns994mE751SyD -Aa53ifeh85hbT4kJDN3wjOpQn++JuLu4qWoUHhRFXKD2DL6+TOewD0Y9iAkUAyTN -yuUpVLBRAkEA2vX9aMqv9qPQqBzwScbJQr+YMND363OKwrvQa2ed94O8oFwl/+vC -C83TV5eLxUinfFsT0zNMca3eIQVqBPqD9wJBANp4LcPlyMGkkN3N3hV0j3uy1fty -2QEhkrrYA6+VviSbfNU3WIAzhGWKW3LkvY1tsh+9pzspY3XtKOyp3L3FzqECQGiO -tL6YoyQ0n4vXncqtGSg9k3AkKW8OkoFg7CqNpTovdyBgQGkP7G50j+ow3LaNdiUE -3NeqlGNocjz0d+b+tYsCQAhOG1xXly1tBduUJTQ+V5Cs9fKG7nn9QftCe53CocPS -RHQFd6d4WYZjhxorAduJf5gVXWU2tdyhYqY239dVxhY= +MIICXAIBAAKBgQDVH3N56YfUacfgtd80V9TRUaBiMuXgYybTcu/1WB5piY5RfyFi +Tug+Io38KKRcnWddsVMKIjDGCwt5ypbN87e1peOgEwnRzwEwVmIvDn5MaoaYviuw +kq8wZCMwzC6X/FUIwVcV72oGNt8XzZiIO63mIG+uBE/3D5AijCoXFx1ptQIDAQAB +AoGAMFIYMXz0UgHF0roJqGl9lBPoxDr8CbsRU4HMzBi1lIIepXWokQyI9YWKIbDp +SyJZDFInHLYRzuU0LeHz/TAT546P7i3ev2y+GWyjbCEumUShH4zGmNozqvRk7yo4 +KuNoRR6Tj+i+JgLuiCNWmEN7tQubG3F7VATOMulOtFWacSUCQQDrfY5na97a5hu7 +T61cLplCNGHjMsl9W4EvU6Zng50f4VEldwHLdqaxrSSx/inH3zyJjGHSlu828oxw +hjS8fverAkEA568xFOKVL9zh3zs4yrYzzLW5Qq+eWPmGPE6b9rnzIgBPlcyRSKny +8bV0V4da/PKTNDv0isgLne5gT78CGdxEHwJAB7CF4eKn2EYDSc6EPqpW3s6PE7go +1CsUwNLecCrgCpZ06+BC8r3hG5QnypgeDSTA+UzYNOQw036AD3ySZEVRGQJBAMfw +Q24fn9mfR/mqlPczR/6YsNkgz4k/RR3URPomPPERzZyb3qETsQnwqwdCUz5JZMnG +F+KQgp33cnw/fWOt18cCQAdLfkgCNIpthWDNgtNl6poDdLO1O8tF/D072GBIaN+L +z4N0Yh4o5zqpZo1yLev0hUZtWqcoYnDJBdcy8suL/xM= -----END RSA PRIVATE KEY----- diff --git a/test/subca-ca/subca.req b/test/subca-ca/subca.req index 1e0646f..7fc9ef7 100644 --- a/test/subca-ca/subca.req +++ b/test/subca-ca/subca.req @@ -1,11 +1,11 @@ -----BEGIN CERTIFICATE REQUEST----- MIIBmzCCAQQCAQAwWzELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEPMA0G A1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRUwEwYDVQQDEwx0aGUg -c3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYt0M0sfS1elqY9 -eGKXvdpRM5WKJA+N/RSx+rOs6/jp8zE79/PB9uBav5uTIgjs8glVWES9xbsHwIy8 -fZwEZlGzJtjZN3Zuyojvss1Dz+k6YfwuMJaQ+ouLzns6ZKUPoZ3CJQoh7u2+ztHq -D24gNnzo8YrKbE48QUbFTUCqCZEnAgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQAr -HDqquBnfR1ZvErqw3A7u3m1wq+wWzGvc/AU66wX5pA0n8eGGRoB7AX/VIxowgbQk -415R37S9kUbVc2vW7a4Qr+cAhyiknVOWcakSjf7g5tzg/KYawA1kvvzxLV6dTZhZ -ACTnvCY3Q2DDcvkOJ+20PbACPRpbWbg9ekZYkHq3VQ== +c3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANUfc3nph9Rpx+C1 +3zRX1NFRoGIy5eBjJtNy7/VYHmmJjlF/IWJO6D4ijfwopFydZ12xUwoiMMYLC3nK +ls3zt7Wl46ATCdHPATBWYi8Ofkxqhpi+K7CSrzBkIzDMLpf8VQjBVxXvagY23xfN +mIg7reYgb64ET/cPkCKMKhcXHWm1AgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQCu +GI9vFDB0cw4Y4y+zlHDRMlX8ZxggdpwEo38wJt7U9VVYONTGwkZ7/iVsRkuaEA/g +JQpEeQX+NwPkUHDBw+SoG96lNKV9LfZXtVFWttUoTSA/3JsJbqmvhOMpQdPUxtxZ +dNagZllbIqYrI09dwM5Q4TZowD5pGNfuZr4pzZEIlw== -----END CERTIFICATE REQUEST----- diff --git a/test/subsubca-ca/index.txt b/test/subsubca-ca/index.txt index 16acbf6..3b916cb 100644 --- a/test/subsubca-ca/index.txt +++ b/test/subsubca-ca/index.txt @@ -1 +1 @@ -V 370426162710Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA +V 371110221225Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA diff --git a/test/subsubca-ca/req_conf.cnf b/test/subsubca-ca/req_conf.cnf index 40a418e..47a7368 100644 --- a/test/subsubca-ca/req_conf.cnf +++ b/test/subsubca-ca/req_conf.cnf @@ -67,9 +67,9 @@ nsComment = "OpenSSL Generated Server Certificate" [ ca_altname ] # This is OK for an SSL server. -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com [ ca_client ] # For normal client use this is typical @@ -83,7 +83,8 @@ nsComment = "OpenSSL Generated Client Server Certificate" [ ca_fclient ] # This is typical in keyUsage for a client certificate. -keyUsage = nonRepudiation, digitalSignature, keyEncipherment +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Client Certificate with key usage" [ ca_none ] diff --git a/test/subsubca-ca/subsubca.cert b/test/subsubca-ca/subsubca.cert index 648263f..bc1c7fb 100644 --- a/test/subsubca-ca/subsubca.cert +++ b/test/subsubca-ca/subsubca.cert @@ -5,59 +5,59 @@ Certificate: Signature Algorithm: md5WithRSAEncryption Issuer: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the subca CA Validity - Not Before: Dec 9 16:27:10 2009 GMT - Not After : Apr 26 16:27:10 2037 GMT + Not Before: Jun 25 22:12:25 2010 GMT + Not After : Nov 10 22:12:25 2037 GMT Subject: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the subsubca CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): - 00:bc:29:f6:02:17:f1:46:b2:28:0d:50:1d:f5:b3: - 90:1b:ea:43:ea:cf:58:eb:fe:91:21:64:59:78:d9: - ad:dd:cd:82:5c:1c:17:b6:75:74:fa:42:96:1c:b1: - 1f:a2:76:ab:06:e4:ff:28:65:49:08:ed:b1:92:c6: - 25:7d:ad:dc:2a:23:ab:b1:bf:06:71:27:70:2a:2d: - ed:3c:dc:1b:bb:ea:ba:11:20:9a:d7:9e:9c:62:18: - 27:bb:05:74:b5:50:44:33:72:f5:fb:37:a3:00:44: - 55:67:74:0e:84:ae:5c:72:68:30:01:6c:0f:c9:bc: - a5:c1:94:e4:2a:72:26:ee:e5 + 00:a3:62:4b:b9:26:fd:18:af:c6:4f:4d:58:28:af: + 15:55:ab:37:93:55:4b:a9:b8:b6:9b:1d:b9:3d:e1: + 59:76:cf:d1:40:08:c4:85:ce:f0:9e:71:d6:a1:7c: + 4b:b5:6f:c5:c3:90:ed:75:b3:50:1a:86:41:b3:1f: + af:d5:4f:df:9b:a7:df:9c:2f:2a:8b:86:e0:29:3a: + 54:7c:e5:93:f6:0a:df:56:3f:0b:b1:1f:fc:3b:8e: + d6:ce:fe:69:67:96:dd:05:a5:1b:c3:3a:cd:5a:1c: + 66:4e:61:68:02:8a:f1:72:cd:5e:48:9f:9d:c9:1d: + 34:94:2b:9c:0c:b8:f2:0e:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:TRUE X509v3 Subject Key Identifier: - 1B:F6:7F:35:4E:C6:B8:06:BC:67:63:FD:A4:93:D8:9E:1F:D1:C0:44 + B3:01:BD:FC:C1:F9:7E:2C:B2:50:EB:5D:48:E6:70:01:4A:EA:D9:A4 X509v3 Authority Key Identifier: - keyid:CE:3B:77:9F:05:35:41:E3:6C:26:B9:F7:CF:CA:01:F6:F5:15:89:02 + keyid:E6:FA:00:4B:A9:18:82:43:96:A8:FA:84:C6:35:6C:BB:96:9B:B3:0E DirName:/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the root CA serial:01:76 X509v3 Key Usage: critical Certificate Sign, CRL Sign Signature Algorithm: md5WithRSAEncryption - a3:f2:83:56:21:14:83:51:b5:65:0e:9f:58:dc:f3:67:13:a3: - c3:d5:96:35:8e:bb:8a:85:d2:c8:e7:c2:12:63:51:04:3b:c2: - bf:a8:6b:09:91:0b:ed:2d:24:d9:eb:2a:7f:73:ef:13:51:d3: - 30:44:d6:99:46:62:f3:fe:af:9b:71:e5:fb:96:6d:0e:f4:ee: - f2:9a:18:88:4e:2d:7c:7f:7e:73:16:52:82:e8:06:2b:49:60: - 40:0e:be:6b:c8:e4:f1:75:0f:9d:8d:52:f7:ea:c6:e9:70:4e: - 0d:d4:64:73:9e:fa:0c:e9:25:72:e9:40:14:77:aa:6e:e9:55: - 85:34 + 90:b5:c8:ff:be:44:41:4a:99:73:24:5e:63:59:a9:50:f2:22: + 85:84:95:db:47:34:ea:ca:45:10:a8:aa:49:4a:d5:20:5a:87: + 23:c2:d6:67:ff:6a:0c:36:e8:e3:7f:e4:4e:70:89:15:9a:8f: + 72:71:d5:2f:b4:18:fe:1d:b7:89:f4:4e:f8:d5:bf:93:b1:c2: + 9e:3c:9a:c8:d7:a8:86:54:33:d7:c4:fb:7f:80:a8:cf:d6:09: + ca:46:f7:ae:dd:70:12:68:24:2c:dd:49:21:9e:dc:60:78:2f: + 45:79:ae:7b:a1:9f:54:da:a3:ca:91:13:95:bd:c6:e8:be:4e: + 02:3a -----BEGIN CERTIFICATE----- MIIC9zCCAmCgAwIBAgICAXYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCVUcx DzANBgNVBAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxh -eGF0aW9uMRUwEwYDVQQDEwx0aGUgc3ViY2EgQ0EwHhcNMDkxMjA5MTYyNzEwWhcN -MzcwNDI2MTYyNzEwWjBeMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMQ8w +eGF0aW9uMRUwEwYDVQQDEwx0aGUgc3ViY2EgQ0EwHhcNMTAwNjI1MjIxMjI1WhcN +MzcxMTEwMjIxMjI1WjBeMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMQ8w DQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xGDAWBgNVBAMTD3Ro -ZSBzdWJzdWJjYSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvCn2Ahfx -RrIoDVAd9bOQG+pD6s9Y6/6RIWRZeNmt3c2CXBwXtnV0+kKWHLEfonarBuT/KGVJ -CO2xksYlfa3cKiOrsb8GcSdwKi3tPNwbu+q6ESCa156cYhgnuwV0tVBEM3L1+zej -AERVZ3QOhK5ccmgwAWwPybylwZTkKnIm7uUCAwEAAaOBxjCBwzAMBgNVHRMEBTAD -AQH/MB0GA1UdDgQWBBQb9n81Tsa4BrxnY/2kk9ieH9HARDCBgwYDVR0jBHwweoAU -zjt3nwU1QeNsJrn3z8oB9vUViQKhXqRcMFoxCzAJBgNVBAYTAlVHMQ8wDQYDVQQH +ZSBzdWJzdWJjYSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo2JLuSb9 +GK/GT01YKK8VVas3k1VLqbi2mx25PeFZds/RQAjEhc7wnnHWoXxLtW/Fw5DtdbNQ +GoZBsx+v1U/fm6ffnC8qi4bgKTpUfOWT9grfVj8LsR/8O47Wzv5pZ5bdBaUbwzrN +WhxmTmFoAorxcs1eSJ+dyR00lCucDLjyDo0CAwEAAaOBxjCBwzAMBgNVHRMEBTAD +AQH/MB0GA1UdDgQWBBSzAb38wfl+LLJQ611I5nABSurZpDCBgwYDVR0jBHwweoAU +5voAS6kYgkOWqPqExjVsu5absw6hXqRcMFoxCzAJBgNVBAYTAlVHMQ8wDQYDVQQH EwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEU MBIGA1UEAxMLdGhlIHJvb3QgQ0GCAgF2MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG -9w0BAQQFAAOBgQCj8oNWIRSDUbVlDp9Y3PNnE6PD1ZY1jruKhdLI58ISY1EEO8K/ -qGsJkQvtLSTZ6yp/c+8TUdMwRNaZRmLz/q+bceX7lm0O9O7ymhiITi18f35zFlKC -6AYrSWBADr5ryOTxdQ+djVL36sbpcE4N1GRznvoM6SVy6UAUd6pu6VWFNA== +9w0BAQQFAAOBgQCQtcj/vkRBSplzJF5jWalQ8iKFhJXbRzTqykUQqKpJStUgWocj +wtZn/2oMNujjf+ROcIkVmo9ycdUvtBj+HbeJ9E741b+TscKePJrI16iGVDPXxPt/ +gKjP1gnKRveu3XASaCQs3UkhntxgeC9Fea57oZ9U2qPKkROVvcbovk4COg== -----END CERTIFICATE----- diff --git a/test/subsubca-ca/subsubca.p12 b/test/subsubca-ca/subsubca.p12 index dc32138..2d21189 100644 Binary files a/test/subsubca-ca/subsubca.p12 and b/test/subsubca-ca/subsubca.p12 differ diff --git a/test/subsubca-ca/subsubca.priv b/test/subsubca-ca/subsubca.priv index 3076cc1..479abc4 100644 --- a/test/subsubca-ca/subsubca.priv +++ b/test/subsubca-ca/subsubca.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQC8KfYCF/FGsigNUB31s5Ab6kPqz1jr/pEhZFl42a3dzYJcHBe2 -dXT6QpYcsR+idqsG5P8oZUkI7bGSxiV9rdwqI6uxvwZxJ3AqLe083Bu76roRIJrX -npxiGCe7BXS1UEQzcvX7N6MARFVndA6ErlxyaDABbA/JvKXBlOQqcibu5QIDAQAB -AoGBALH1wa0DNffWAZltv5gk5tPwAaIvzvsMPfjl7tUkk5MmjfdNvoObnTIgDdc/ -EhtWvrR7mnN7L9MY84xMiSLPb1xwS3uAGYDTtMpydOdWZZYwcoZMM36YjXYFgqvl -QW4Kcfi60/gWW7TMp9329M8ibDyAomDfd1e0Vg//g8zjnRg1AkEA3RoZkhT9/8rn -z3Sqg8l4ys6VUuYBylPPSjPLbTKG6oX5PWKyQw3GrJrN/2NpOE21/QPfvmIBsJlC -35oG479s3wJBANnc9VmEERy139BjQse/1lHJ5N83Cy64smE2Bm9TxkbIhvxZWO31 -f5sSU2FFGq36fHJyM6uJ3FX0dtq1sNsSmLsCQDPKJEkyf5iF96yBYFuEOrYOk62a -ULsKzJhN742Bc1bF0O7PCoBoXqwZir0SlRfqJAHDAYq/vDOYgrCLjKeWNDMCQQDV -onew7PF+ztYHWZ6dk39NOoZFYIuFqDW7X6fVuTegJ3k+sTqkNW2JGeJLauEro4ov -C8+hMZGvdAaslygy2ryLAkAJEow6EQXqtve6enOWk6SYeTJ82hKBc2L8cQeUA2jR -fVDfECxJoC3IezBZzhuMkmX0BL7n6GxhyFOmdg2uqJ2h +MIICXQIBAAKBgQCjYku5Jv0Yr8ZPTVgorxVVqzeTVUupuLabHbk94Vl2z9FACMSF +zvCecdahfEu1b8XDkO11s1AahkGzH6/VT9+bp9+cLyqLhuApOlR85ZP2Ct9WPwux +H/w7jtbO/mlnlt0FpRvDOs1aHGZOYWgCivFyzV5In53JHTSUK5wMuPIOjQIDAQAB +AoGABUUscCKD04IIAZLbHyTWqVbGiigcMrNUoJhK22YjfqOhelFOFYrhVBsT802R +G58pX++S2VMZaGGgSOjiwRy8d7m1/8KNgvKl62w827pLz9qVTHqBBZaXevk5frvq +6r+9pt68aDkfwjPCfWxR4JtzfFjb41uQ97Ko98MgV77vaTkCQQDRKkLoyJN5d2so +IhEnXiJ7aJh8BVbi0FkqYERC4Dc9x2BIUwDAPttrj+ELV+aM8uJNngVIgKr7FaZd +WjgQq4JzAkEAx/fGMiBlBU/JrWjrPWsXU76LaL8i0rfs9rEoePl8j0mk1MIascd+ +BcOihWAp4Ot0mtku0d3+c2rtT1WVxirq/wJBAKTK+SBSNu6ySXi7Lmyn298DD3BW +/JeCs12RrvZJlPxVguQ4kRTl8RYTq6i2Pmy6R9YDNAJlbVCZRBO0qwtnNUUCQEtP +a5txS9qGRCRFAWNuM6jceFCIu6q0jlASRHXbMCgeyi8+syMFSNcO6ORmZR9KTe4L +oXB0tOHvAVUBnJi3jS0CQQDFIV6RTqWkmpksKhD/PRaqk+zu3abnUvdKdPHDOvmq +xAKyG93OYhxifcMiSQ/Ca/ty/OWKdpW2841Ss7EQkJ+r -----END RSA PRIVATE KEY----- diff --git a/test/subsubca-ca/subsubca.req b/test/subsubca-ca/subsubca.req index 82b5437..72fd5f2 100644 --- a/test/subsubca-ca/subsubca.req +++ b/test/subsubca-ca/subsubca.req @@ -1,11 +1,11 @@ -----BEGIN CERTIFICATE REQUEST----- MIIBnjCCAQcCAQAwXjELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEPMA0G A1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRgwFgYDVQQDEw90aGUg -c3Vic3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALwp9gIX8Uay -KA1QHfWzkBvqQ+rPWOv+kSFkWXjZrd3NglwcF7Z1dPpClhyxH6J2qwbk/yhlSQjt -sZLGJX2t3Cojq7G/BnEncCot7TzcG7vquhEgmteenGIYJ7sFdLVQRDNy9fs3owBE -VWd0DoSuXHJoMAFsD8m8pcGU5CpyJu7lAgMBAAGgADANBgkqhkiG9w0BAQUFAAOB -gQBeHdKgFoI8OGM2Xc2j00eBVGYsxfIXjYsagPuyLxG2+WbQjsQfSlehDvJcf5E/ -g/iHI++poo36TcWnLh+YGcEP0taOp2O9wBNXGDWX3KGKdQ5XLpkPiGHG5Zvhkx7a -Y4KTlUw4GnfWYciHbzjK3ZGL//jwgvHJNJ6/Iw5bDpNGfg== +c3Vic3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKNiS7km/Riv +xk9NWCivFVWrN5NVS6m4tpsduT3hWXbP0UAIxIXO8J5x1qF8S7VvxcOQ7XWzUBqG +QbMfr9VP35un35wvKouG4Ck6VHzlk/YK31Y/C7Ef/DuO1s7+aWeW3QWlG8M6zVoc +Zk5haAKK8XLNXkifnckdNJQrnAy48g6NAgMBAAGgADANBgkqhkiG9w0BAQUFAAOB +gQB4zVl0voUx8pxl4EwEdCf91itnFjDHMo+nvbClc8EMBLuTabxkRDWzQxTTQeL7 +LfBfyqkpfTHAOGa9bCzjKXq06dtzyqu0QrvlyGxJtmJIu2Ijr0jgg2ZTkSeKXCy3 +EUqfA8XMNwhgo9AAUlb4QRdQDCNhI8NFzq3iDpFJiEpYJg== -----END CERTIFICATE REQUEST----- diff --git a/test/trusted-ca/req_conf.cnf b/test/trusted-ca/req_conf.cnf index 187be7c..d68702e 100644 --- a/test/trusted-ca/req_conf.cnf +++ b/test/trusted-ca/req_conf.cnf @@ -67,9 +67,9 @@ nsComment = "OpenSSL Generated Server Certificate" [ ca_altname ] # This is OK for an SSL server. -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com [ ca_client ] # For normal client use this is typical @@ -83,7 +83,8 @@ nsComment = "OpenSSL Generated Client Server Certificate" [ ca_fclient ] # This is typical in keyUsage for a client certificate. -keyUsage = nonRepudiation, digitalSignature, keyEncipherment +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Client Certificate with key usage" [ ca_none ] diff --git a/test/trusted-ca/trusted.cert b/test/trusted-ca/trusted.cert index eb5fe75..c2b0e34 100644 --- a/test/trusted-ca/trusted.cert +++ b/test/trusted-ca/trusted.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDCzCCAnSgAwIBAgIJALIbmjlwx6A+MA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV +MIIDCzCCAnSgAwIBAgIJAO6OyF6m5/UeMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIHRydXN0ZWQgQ0EwHhcNMDkxMjA5 -MTYyNjEwWhcNMzcwNDI2MTYyNjEwWjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG +CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIHRydXN0ZWQgQ0EwHhcNMTAwNjI1 +MjIxMjExWhcNMzcxMTEwMjIxMjExWjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFzAV BgNVBAMTDnRoZSB0cnVzdGVkIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB -gQCX3cRHcag8RiQV4LztIAx7B7i381yF+zf39ZZq84Ycc8ZI+LFBzrRQsjaEPsbi -6f1dbDh1IwLFptttwG+AJBKwjHjPSdbPqtOYshBIjG+phanVTLg9chPEIirYf5ng -idfDOCMw9mNdFcPnrBA7CXDNCoY7hsPSf3U986B2csZfgQIDAQABo4HSMIHPMAwG -A1UdEwQFMAMBAf8wHQYDVR0OBBYEFMQRFAPFkx4YXYvN7xawfJOsXtilMIGPBgNV -HSMEgYcwgYSAFMQRFAPFkx4YXYvN7xawfJOsXtiloWGkXzBdMQswCQYDVQQGEwJV +gQC8GsugGEqOxRx5s9DJAilgxQXE9xQn3mHTePv93EvzQbyviRIUNb4RgCowQdY1 +4CZx6V62JT54+TVkJsvrGJd51uomhYksEhd11vj0dhHwRMJAwRTJK0bDRwnX7tD+ +95ZvhSX07Q2UIxQ0xeC1lTJ8syObDHj4zJNwBaBUHa+RdwIDAQABo4HSMIHPMAwG +A1UdEwQFMAMBAf8wHQYDVR0OBBYEFNF+Edjrqcy8L6Xg2V9pAoqR4GCAMIGPBgNV +HSMEgYcwgYSAFNF+Edjrqcy8L6Xg2V9pAoqR4GCAoWGkXzBdMQswCQYDVQQGEwJV RzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJl -bGF4YXRpb24xFzAVBgNVBAMTDnRoZSB0cnVzdGVkIENBggkAshuaOXDHoD4wDgYD -VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBABLlJ29AZEJqgwGp27/paP0f -brMWEmlBQrObohg+K8oflMUVPNotwkChR58hwyNfNCKR+r/8bIJOWI+lFTkh5EQq -Yqz2q5bLhy/Odgkyk5QSNm2YsMpvfWyA1A9ROtpvIXquBXMG6fx0/xYG1/NQkbK/ -BE0sTheSsSSJLTDB7PwE +bGF4YXRpb24xFzAVBgNVBAMTDnRoZSB0cnVzdGVkIENBggkA7o7IXqbn9R4wDgYD +VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAC9EnIv/wN6R6LVpYEsRiaHj +dw7lf+e583BXm6eKedPxSxbPoJd7l+b2Ku4R4q2xmBs1GAnOcRp5fPgc/kGXwUZv +ubtTowKC9PF5OTHCy/4ynEiZVGZFEbZIcKCFMaturi4IE5MLhaJb+lJvg+Z17fAX +W2JamgpFmVme0XUTTdZd -----END CERTIFICATE----- diff --git a/test/trusted-ca/trusted.p12 b/test/trusted-ca/trusted.p12 index 5ea7f66..a7ea3a3 100644 Binary files a/test/trusted-ca/trusted.p12 and b/test/trusted-ca/trusted.p12 differ diff --git a/test/trusted-ca/trusted.priv b/test/trusted-ca/trusted.priv index e1e1831..889a1b7 100644 --- a/test/trusted-ca/trusted.priv +++ b/test/trusted-ca/trusted.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQCX3cRHcag8RiQV4LztIAx7B7i381yF+zf39ZZq84Ycc8ZI+LFB -zrRQsjaEPsbi6f1dbDh1IwLFptttwG+AJBKwjHjPSdbPqtOYshBIjG+phanVTLg9 -chPEIirYf5ngidfDOCMw9mNdFcPnrBA7CXDNCoY7hsPSf3U986B2csZfgQIDAQAB -AoGAZ6OzkKIzErc3ZyrRI+5MNiYF3JubV+AiyPhz55c7ve0Qs7nsliFvkuacJ9ID -vtW6z+fL+7yh5qtBcnvyW/vCOGb1SZR8TaeK4eYPYn7+f34cMY+EYqVB9jws8Er8 -VByq7rx7Gmwr1ykiGiT04HdeFKw1uhYpqtdKwpNG+5L2g+UCQQDFqlkOxNWdx1Iy -RK9Z1JWBh5BaywBexiBxObA98AA/pYpi6Bd01HSA28R0nQXkKSRJl1Y0Fv8UKl2v -ovsNguIbAkEAxK9JXNYDQX4gVqf/nk/UVaqbpt60ahRRWkDHgCueVW6PipwV3TgA -SkKkS5M1E1aTSw8tPP6XXshK31amN1Q+kwJADRrbJrCEHR7O40hMe98tPlY3it10 -m9P06KzTc3fK/G1EPIR4saU4SCbJ4pVag6L6pepjq7ZumO6qIW/jxySLSwJAXh/Q -iPf2GOqGCVJeduGXKOP7lzDuv/E3OWzUzFaTcCj30op9wB8jrGYWAADTnoyI8pux -t4XS5M4PXrA13TaYtwJAB5jWQUN+Hk8pqMC5R8ft10Z9pUB5WCAEeOqJBRmpbg5m -TYOzpXPGwNglpzaXG7EQp1pC71I3k3gsI0jXjmnwkQ== +MIICXQIBAAKBgQC8GsugGEqOxRx5s9DJAilgxQXE9xQn3mHTePv93EvzQbyviRIU +Nb4RgCowQdY14CZx6V62JT54+TVkJsvrGJd51uomhYksEhd11vj0dhHwRMJAwRTJ +K0bDRwnX7tD+95ZvhSX07Q2UIxQ0xeC1lTJ8syObDHj4zJNwBaBUHa+RdwIDAQAB +AoGBALv0llTxEMbZ5FsjNtMzSr87/0jRjh1MUzmooTsHfgiiPfS0JRF2peX8x6sS +jgWlZSTbiFy+mE7uzM+3CHlwSCGq6MQnyJhC9Tfwmf4XtTTchGYUK3pbdcwsvmyj +4eq6gBF76TUdGpT6v4JiOjGC0foedGZT4SwWgltBP+GmNlV5AkEA3w/Yd4kt5wgk +T+llAIYkYY+e846BjzdYuC6UkDrmSprZdsgJsHTxW8ThmrvmxvSR/A+IwgAHWL4l +cFJs7PI8UwJBANfhgGx8ENc6IykA49eoCvIJU/pzrGAyVeEyEUdM5nuQ8dOriKym +Q2j7Cz8UM8JXDsjVFvYfo7GpKgc2dZ8FUc0CQQCRO1HnUkuutqBd30pBsxUQ6F/H +mCtGwfRjxwA3gAHc5UFdkxSr7RgQdfmls12ogChkgwC5vycJYpQhs6j0BSu9AkAH +m/Uw3baiP3RZz6Q4R74LBfUl0Mn0ohGQ3HjrcHR3SoablWI946Zgnuiokoe4g+UL +gydKCZd1fabzliHTNxbJAkAwxasZQPce5a/7khm1WkwNNPjD4arNFZAkp1du56Mr +ED3bMEE378uJBd4hamXcMj0aaNutTFryLldKYUjkGwdW -----END RSA PRIVATE KEY-----