From 820841b4e1e3e4abec6ec600d6255c4a9d8be934 Mon Sep 17 00:00:00 2001 From: Joni Hahkala Date: Fri, 25 Jun 2010 22:15:43 +0000 Subject: [PATCH] - new CA with slash in the DN - pkcs8 key for _client, _client.priv.pkcs8 - cleaning up leftover files - remove duplicate DNs, new openssl is more strict, name clashes failed --- bin/generate-ca-certificates-for-cvs.sh | 18 ++- bin/generate-test-certificates.sh | 24 +++- test/big-ca/big.cert | 102 ++++++++--------- test/big-ca/big.p12 | Bin 7629 -> 7637 bytes test/big-ca/big.priv | 194 ++++++++++++++++---------------- test/big-ca/req_conf.cnf | 9 +- test/expired-ca/expired.cert | 26 ++--- test/expired-ca/expired.p12 | Bin 1797 -> 1797 bytes test/expired-ca/expired.priv | 26 ++--- test/expired-ca/req_conf.cnf | 9 +- test/fake-ca/fake.cert | 28 ++--- test/fake-ca/fake.p12 | Bin 1789 -> 1789 bytes test/fake-ca/fake.priv | 26 ++--- test/fake-ca/req_conf.cnf | 9 +- test/nokeyusage-ca/nokeyusage.cert | 26 ++--- test/nokeyusage-ca/nokeyusage.p12 | Bin 1813 -> 1813 bytes test/nokeyusage-ca/nokeyusage.priv | 26 ++--- test/nokeyusage-ca/req_conf.cnf | 9 +- test/root-ca/req_conf.cnf | 9 +- test/root-ca/root.cert | 28 ++--- test/root-ca/root.p12 | Bin 1789 -> 1789 bytes test/root-ca/root.priv | 26 ++--- test/slash-ca/index.txt | 0 test/slash-ca/req_conf.cnf | 112 ++++++++++++++++++ test/slash-ca/serial.txt | 1 + test/slash-ca/slash.cert | 20 ++++ test/slash-ca/slash.namespaces | 3 + test/slash-ca/slash.p12 | Bin 0 -> 1861 bytes test/slash-ca/slash.priv | 15 +++ test/slash-ca/slash.signing_policy | 4 + test/subca-ca/index.txt | 2 +- test/subca-ca/req_conf.cnf | 9 +- test/subca-ca/subca.cert | 68 +++++------ test/subca-ca/subca.p12 | Bin 1789 -> 1789 bytes test/subca-ca/subca.priv | 26 ++--- test/subca-ca/subca.req | 14 +-- test/subsubca-ca/index.txt | 2 +- test/subsubca-ca/req_conf.cnf | 9 +- test/subsubca-ca/subsubca.cert | 64 +++++------ test/subsubca-ca/subsubca.p12 | Bin 1781 -> 1781 bytes test/subsubca-ca/subsubca.priv | 26 ++--- test/subsubca-ca/subsubca.req | 14 +-- test/trusted-ca/req_conf.cnf | 9 +- test/trusted-ca/trusted.cert | 26 ++--- test/trusted-ca/trusted.p12 | Bin 1797 -> 1797 bytes test/trusted-ca/trusted.priv | 26 ++--- 46 files changed, 613 insertions(+), 432 deletions(-) create mode 100644 test/slash-ca/index.txt create mode 100644 test/slash-ca/req_conf.cnf create mode 100644 test/slash-ca/serial.txt create mode 100644 test/slash-ca/slash.cert create mode 100644 test/slash-ca/slash.namespaces create mode 100644 test/slash-ca/slash.p12 create mode 100644 test/slash-ca/slash.priv create mode 100644 test/slash-ca/slash.signing_policy diff --git a/bin/generate-ca-certificates-for-cvs.sh b/bin/generate-ca-certificates-for-cvs.sh index fa72f8c..6ab7edc 100755 --- a/bin/generate-ca-certificates-for-cvs.sh +++ b/bin/generate-ca-certificates-for-cvs.sh @@ -17,8 +17,8 @@ CONFIGDIR=$PWD/$(dirname $0)/../config BASEDIR=$PWD/$(dirname $0)/../test CONFIGFILES="index.txt serial.txt" PASSWORD='changeit' -CATYPES='trusted fake big expired nokeyusage root subca subsubca' -#CATYPES='trusted fake expired nokeyusage root subca subsubca' +CATYPES='trusted bad fake big expired nokeyusage root subca subsubca slash' +#CATYPES='slash' BIG_BITS=8192 SMALL_BITS=1024 @@ -52,10 +52,11 @@ function create_ca { export CN="the $catype CA" if [ "$catype" = "subca" ]; then generate_ca_cert "$catype" root "${DAYS}" false $BITS + rm ../root/*{.pem,.old,.attr} &>/dev/null else if [ "$catype" = "subsubca" ]; then generate_ca_cert "$catype" subca "${DAYS}" false $BITS - + rm ../subca/*{.pem,.old,.attr} &>/dev/null else generate_ca_cert "$catype" $catype "${DAYS}" true $BITS fi @@ -67,13 +68,13 @@ function create_ca { # Signing policy file for the $subject_name" access_id_CA X509 '${subject_name}' pos_rights globus CA:sign -cond_subjects globus '"$(echo "${subject_name}" | sed -e 's#/CN=.*$##')/*"' +cond_subjects globus '"$(echo "${subject_name}" | sed -e 's#/CN=.*$##' | sed 's/http:\/\/slash.slash.edu:7656\/testing/Utopia/')/*"' EOF cat < ${catype}.namespaces # Namespace for the $subject_name" TO Issuer "${subject_name}" \ - PERMIT Subject "$(echo "${subject_name}" | sed -e 's#/CN=.*$##')/*" + PERMIT Subject "$(echo "${subject_name}" | sed -e 's#/CN=.*$##' | sed 's/http:\/\/slash.slash.edu:7656\/testing/Utopia/')/*" EOF @@ -82,6 +83,7 @@ EOF else echo "${cadir}/serial.txt exists!" fi + rm *.pem *.old *.attr &>/dev/null } function generate_ca_cert { @@ -95,7 +97,11 @@ function generate_ca_cert { echo `pwd` - dn="/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the ${catype} CA" + if [ "$catype" = "slash" ]; then + dn="/C=UG/L=Tropic/O=http:\/\/slash.slash.edu:7656\/testing\/OU=Relaxation/CN=the ${catype} CA" + else + dn="/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the ${catype} CA" + fi echo $dn diff --git a/bin/generate-test-certificates.sh b/bin/generate-test-certificates.sh index 4b61c8a..0c3f2a0 100755 --- a/bin/generate-test-certificates.sh +++ b/bin/generate-test-certificates.sh @@ -95,7 +95,8 @@ function create_cert { echo $CA_DIR echo PDW=`pwd` CMD="openssl ca -in $filebase.req -out $filebase.cert -outdir $tmpdir \ - -md md5 -config $REQ_CONFIG_FILE -batch -preserveDN -extensions ca_$flags -passin pass:$PASSWORD -days $validity $castring" + -md md5 -config $REQ_CONFIG_FILE -batch -preserveDN \ + -extensions ca_$flags -passin pass:$PASSWORD -days $validity $castring" ;; *) echo "Unknown flags: $flags" @@ -462,6 +463,9 @@ function add_ca_grid_sec { if [ ! -d 'grid-security/certificates-subcawithpolicy' ]; then mkdir -p 'grid-security/certificates-subcawithpolicy' fi + if [ ! -d 'grid-security/certificates-withoutroot' ]; then + mkdir -p 'grid-security/certificates-withoutroot' + fi hash=$(openssl x509 -hash -noout -in $1-ca/$1.cert) cp $1-ca/$1.cert grid-security/certificates/${hash}.0 cp $1-ca/$1.crl grid-security/certificates/${hash}.r0 @@ -483,6 +487,8 @@ EOF cp grid-security/certificates/${hash}.* grid-security/certificates-rootwithpolicy cp grid-security/certificates/${hash}.* grid-security/certificates-rootallowsubsubdeny cp grid-security/certificates/${hash}.* grid-security/certificates-subcawithpolicy + cp grid-security/certificates/${hash}.* grid-security/certificates-subcawithpolicy + cp grid-security/certificates/${hash}.* grid-security/certificates-withoutroot #override root and sub namespaces if [ "$1" = 'root' ]; then @@ -546,6 +552,7 @@ pos_rights globus CA:sign cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=*"' EOF rm grid-security/certificates-subcawithpolicy/${hash}.{namespaces,signing_policy} + rm grid-security/certificates-withoutroot/${hash}.* fi if [ "$1" = 'subca' ]; then cat <grid-security/certificates/${hash}.namespaces @@ -663,6 +670,7 @@ function create_all { CTYPE="client" create_cert $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" ${TYPE} $DAYS + openssl pkcs8 -in $CERT_DIR/${catype}_${TYPE}.priv -topk8 -passin pass:${PASSWORD} -nocrypt >$CERT_DIR/${catype}_${TYPE}.priv.pkcs8 create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy "proxy" $PROXY_VALIDITY create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_dnerror "dnerror proxy" $PROXY_VALIDITY create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_dnerror2 "proxy" $PROXY_VALIDITY @@ -702,6 +710,7 @@ function create_all { create_cert_proxy_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_rfc "rfc proxy" $PROXY_VALIDITY proxy_rfc_plen proxy_rfc create_cert_proxy_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_rfc "rfc proxy" $PROXY_VALIDITY proxy_rfc_lim proxy_rfc create_cert_proxy_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_rfc "rfc proxy" $PROXY_VALIDITY proxy_rfc_plen proxy_rfc_plen + TYPE="clientbaddn" @@ -813,7 +822,7 @@ function create_all { create_cert $CERT_DIR/${catype}_${TYPE} "${CTYPE}" ${TYPE2} $DAYS TYPE="host_rev" - CTYPE="$HOSTNAME" + CTYPE="$HOSTNAME revoked" TYPE2="server" create_cert $CERT_DIR/${catype}_${TYPE} "${CTYPE}" ${TYPE2} $DAYS @@ -821,13 +830,13 @@ function create_all { TYPE="host_exp" - CTYPE="$HOSTNAME" + CTYPE="$HOSTNAME expired" TYPE2="server" create_cert $CERT_DIR/${catype}_${TYPE} "${CTYPE}" ${TYPE2} -1 TYPE="host_baddn" - CTYPE="$HOSTNAME" + CTYPE="$HOSTNAME baddn" TYPE2="hostbaddn" create_cert $CERT_DIR/${catype}_${TYPE} "${CTYPE}" ${TYPE2} $DAYS @@ -845,7 +854,7 @@ function create_all { TYPE="server" CTYPE="server2" - create_cert $CERT_DIR/${catype}_${TYPE}2 "xxx.foo.bar" ${TYPE} $DAYS + create_cert $CERT_DIR/${catype}_${TYPE}2 "xxx2.foo.bar" ${TYPE} $DAYS TYPE="clientserver" CTYPE="clientserver" @@ -1003,7 +1012,7 @@ while true; do case "$1" in -a|--all) ALL='yes' - CATYPES='trusted fake big expired nokeyusage subsubca' + CATYPES='trusted fake big expired nokeyusage subsubca slash' # CATYPES='subsubca' shift ;; @@ -1100,6 +1109,9 @@ for catype in $CATYPES; do else create_some fi + rm $CA_DIR/*.pem + rm $CA_DIR/*.old + rm $CA_DIR/*.attr done diff --git a/test/big-ca/big.cert b/test/big-ca/big.cert index dd94855..afdc51a 100644 --- a/test/big-ca/big.cert +++ b/test/big-ca/big.cert @@ -1,56 +1,56 @@ -----BEGIN CERTIFICATE----- -MIIKBDCCBeygAwIBAgIJAMAFlm8hDOq7MA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV +MIIKBDCCBeygAwIBAgIJALU1gOOYZI9dMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjETMBEGA1UEAxMKdGhlIGJpZyBDQTAeFw0wOTEyMDkxNjI3 -MDhaFw0zNzA0MjYxNjI3MDhaMFkxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9w +CxMKUmVsYXhhdGlvbjETMBEGA1UEAxMKdGhlIGJpZyBDQTAeFw0xMDA2MjUyMjEy +MjRaFw0zNzExMTAyMjEyMjRaMFkxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9w aWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjETMBEGA1UE -AxMKdGhlIGJpZyBDQTCCBCIwDQYJKoZIhvcNAQEBBQADggQPADCCBAoCggQBANkY -oZ/9Bi83Mn6PTnbxo4JgJRCXcfaefgScjIxKk40KhqBozEBOLBwz42GAWJ0rVz2+ -kF9ZGApAqCRmlann/dDEoOYQfSL29XUr+dr9h3GATtzU+9xfa/0BnykZAAcl6MFV -MYy4aJUY5wiOaeaanDAeNuoj+RVYCZAvv23IYlIrjU0QySx8ykdIs+IQ75W6+inA -PKb80Y8lj7TpArbicJoo29JLXCzHRMRBfBhNOAf6IVSWKcabyq9HmYFOwhPd7dLB -6gZLrh0FEBrAju0IMGf8RlgaDJAqpda63DU4xrH+8yZcR/GAxa0Ax92AM04b9Atn -e4xz1cIyrEcDj/EM+E9YPWTyag0dRMJDpC6BNajDWQibScy5D2UA1wL0MjHJYenS -e/Xk0gEMjsLK91Io8rH9LfNoIaASqZ2tN+cO/UuP+vZCE6NoGTLFWKH8oMpnQfk6 -ARgA32uy+MDmW8jWM2vTC9JOBs3oZYtuS66VuC9CSqtG/S/4nbK7O/14Ooi0YaZQ -cztDE9EP4nNKwTWKidTioUXAVJcF1FIzltxHsUClUyII6s3hHeIeRxZN9UBB+lBN -QktjZx3nRmeMDfN7uBWYplX406c5jSPH4ZlDHepTEHddDHyy0mhQwKa/hhE2hZjZ -63AYhc0DyaiJp0PsqLyk0FgBd3HdvNbT8hyjgtqKzinCsb64NREPCDzLcxC9fQUo -Oxe58VnfI8HtnylWL3CTNFEiijotDxbpIFGxXZJHS+GsnvsSd076rGBVCv2GX9W9 -EJ0zZgv/tq+fdTV88Y4CjIexuzTxE6q5DKKUF/BKVyn++jBWamoWoh/RzDbKcsJP -sE/rV7h5FVMaX2KfhdcYEaJ0kg/3RPzGuWryV4e83x7YvBPeMxSWEHW/ydHWc+PI -6a7zACIhT3YnJqPrOrXijr3G1tMG2L9tHVV87xOftVs5fu2O+feXBv5T12xj4fgJ -gEbGkS8AiuiY2c0EGH2dbgrzBAR7ubjlAndMOSWxxD874X7KLFw0n/zck7BME/hH -o+k6ZC7OI1cCywVgaI1bZCPOkyLiHTzKha6nc6KjB0BQnObZatDTcWVg/uS8WyN9 -gRgv+Ga8MRJ58te4GYHlV6kbSuoEfIujWL7VDFi8t3b+U4Uqb4eaPuCdcnEYje1g -8r9gFdUeg50YL1Mk5Roz20K0KKbz5yAyptDaGB8ld3v6zbvCw6qnZA3g7AXoFHNb -Y3HTU+r4USSIxonGIQJPMVa0xtfNOInxix5Hz5UthFeZ25KLzLOHkfTTr271dwcv -Cm1/ExkdUtSmtI5IKQofNJk9x237QLTOGZNBUwg/1ZAYa7T1d4ndmo+OTPXEIRUu -hAwmb1MJjmHavd9I7NMCAwEAAaOBzjCByzAMBgNVHRMEBTADAQH/MB0GA1UdDgQW -BBSyeeMzGfYa1Z+R0JX2b+biUseWujCBiwYDVR0jBIGDMIGAgBSyeeMzGfYa1Z+R -0JX2b+biUseWuqFdpFswWTELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEP +AxMKdGhlIGJpZyBDQTCCBCIwDQYJKoZIhvcNAQEBBQADggQPADCCBAoCggQBAK+b +mQGBcmQ7HH8vWeYF5tc1bW3odFGwxZ8zvPGxBzDvxpYWBdBWmVfq1vM2uiKJpXGM +5le6zD5q6uGJn0AX42xyGpo7xO3zivoVSY1KA0ONLTQF6KcezZmwYV9JjSK8dqeU +zgM2iyhF9/Po1E6K6XHeBNYMuA0Rjdeemoltdc2STNspxdzaW+1N5hB2/lUGjb7G +fDF0MocCH0KgiKvFrfYxu3sqAAKqAU7gEPUqnSxTWOycFor/UwVJIwJhI1Egt2o4 +5zxqTJB9LlQ93nNl53bPE9W5psT/v53bFRPVGbmL2LY/ovWrD4swIx/kfLB1ueuX +RRU5V6DAYRh5mIJ/ASWHH/Rbd3YJ1TZmGKviywlC2/37OhcY9n/do3QLxZgwqpHc +FcIW/O8B6GcRbVWZlSyZaoGgGQY9nFiL1gahHOci6wADeXiCyCN0yJVxC84D3c35 +6li5QOrVlvK0iKgL6xuIqYWVO4br5xgQMjdKTamzsNvNsR88gSm8cVPHZI/YGnG8 +udmlPk5XaUklUBb24ofnIIlgcLZbhC2bRTkLStm525Fsvr4j7OyXyZ8MDlo7SoNi +oN1Ilx3bjt3QpJidv03m6eiO958pQZs1+MzAAME8HBVXrwu+f6tTdhgHq42Ms7hP +lFfz4wMnDMvgjFXV1zFFxoFiSp2jUsH9IbxcLT/BlHPgzyLy464hFSzOLUPhOq/e +7odbF9MiQi93LvTYCBei6r8EQTrG2fQMIAAnIx/cTlv0WeDhC86crOHaLWFmhdlY +3RkzuBz1rK8vjXwR/1iai6vGy6h+hfYLjcmJsNVGH7mX6A3MS5jxCv8ozStOdVEX +1jOrbcl89S7ETxpMAMQcwZZ3oCd8PTTv/Yi8KP9E/w2Nb4xhS4NuO7lLDW5JaCMK +aePgDQayaNC7RG2ov4pJt+wSr0T9SgEOldkIe3rR22igSbLY5MYj3Tl9Cu6tFnvx +BssSkF8hcmsibyNBchDnsH8CC3DnRG0j1ZDNZiwGJXeu2+4z5pwXQQl72EUs1SfB +PWEC4ptztYvlZwClHfV4T9EOkV3kFiIL1yCWGaVutGXG+Klno+SdQgiu4EFn0von +u93kF7roo81/I9xeNkHHl4HbqiWNtqb5pXrZdCzeehXqZLlcNKTnN+jpiULJh10L +Ld1M8k0lJxhpWdhdttIueAkVcyS5cSzXPA/+R4IsxXZHWo0Ird5iIGsOXFJYY99Z +e22kXF6BZDIQdlleAu5xd0mtngI6Zy7Uo7kr2CeNp0CEQPLyRjBEEuUYGN6KlBIJ +Q53QgPfo/Jxn/lLQFiIHW+wuyjLiNa50vH33gzzxsVTINWGekMCrofmG1kVldQKI +HDEDnLASgRlaFmEd5NkCAwEAAaOBzjCByzAMBgNVHRMEBTADAQH/MB0GA1UdDgQW +BBRDocYpyA9CTEuZ12kNMzJH0sqcUDCBiwYDVR0jBIGDMIGAgBRDocYpyA9CTEuZ +12kNMzJH0sqcUKFdpFswWTELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEP MA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRMwEQYDVQQDEwp0 -aGUgYmlnIENBggkAwAWWbyEM6rswDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB -BQUAA4IEAQCUNIxuOf4Q2sTdTP6xUWPUnhGGes7LAEacOIw/QsFyEFbgaH0+lB7g -nc1I8gG2/ZuvOBPo73s2oRai2Yn0OMHonJjlF+21iYAHyd0+XjmVbMwOMwJyUyV0 -QRZJt3i0eel4Ti6ml0w5qYoNoRqMh/xgVSFlaXaXl1TaxYDT3ZJNkajCIw2PcRcP -HYdY41GpldLOUsyeqEAP4ktbwcHGjm5ThmFtl3PsDEoJpZ6/bhuy82GIImV9nOzl -WEhry8tJL7l0N4znrjze/Lu4UknqqU9Y/Blj3mR+MYQMt2/dwqeqPsy7vk83uC2C -OR+WUHjWSBn1hBScGUBUHWVMcGn2j5A5+k8LvRgSvrBDJGBzGVHDYtix5g1fDSM8 -Ocb+7shEsRgwu7FEt8p/E1QiQusO5sOkT9AN4430nZEn23SY9dejyRgsCMv2fgK9 -dY+FQjwubcY5SKvLcTEWwMkgeQkRs3Qot9h6rufPMsxjoI5D985ShpEQeJq5LXDT -yK8hvSUF8IXA61pGtQ6CfmXmdaESq/33y3CD6iDtnifrllkDXu9dZHmpoK0xm/Ng -CJAO/i+OLFARI92X6fMZ70dgOlOsnftunDkFstL9aSUwRItvJLEvgCO5ow9AcVBj -957BbAvyo/T77v+Sps2yWVy/ryGyOWfjiMGna6oL79s/TrMTiwCJq24++rXDteMe -x+dGQwkrXXx5ETIwbQeUhHyNwda9JxZRghEjpyIjfP4J0CO/KzOfHWFsnS35R22L -5a1johlMA/cNHj8Scn5uCQA9QZD2npSDSYDyzB11VC+yWNXuY9d9/y/VsWCEyKKg -IyEeqcMK1a/tOVSnLITxMrCWAdt20XDbLuqMeZTXFLTq5aP4gTZWbrY9bJDzDtaq -7+M/Mt+VPz+C3KGKyd38wx6dP8mb/5sEax9JgZvpnVQTCRFzi2AOGEX75LEQOkYI -Xf2IwkYCeW/o3DhfwqyzxyjboQlabD0GYsB7BrxyGEQ8XxspGb2PNa5Lyvy7WH5L -+8v4++gtDwqkDID/+hO0MDfuqGrCyThFMuKBwqvmo/z5xia2/s8/cUteQXjxQW2S -4to6ooB3Z+Llihgkd5wM0zVm9GnQbHr3oaeqOmd6CfvxVzkAPAfDm2tW1hamme84 -Dw7n0NFromRErcqE9HRZ8l3+BR4tJ96ZBCZNNlfaxAT8nvMXgrwsAUfTSifnSj1+ -XMPxYppbHsx0OYmZY1ApkQuIU3T+VaJBAS5owf136KgUO2v9EuTRslYjMeHvMxWg -UT+fvt1dbre29hVV998ZxOT+d2YvXh80NtN2sOv3MRn6DuHi2vdDo1X6msFEjELu -65zrURNK4nhfrN2nS/rV671gDOVI1mw/ +aGUgYmlnIENBggkAtTWA45hkj10wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB +BQUAA4IEAQB8mj7n9bfbuyA8rcB/xRcsVFAodPCsmP3fUc2eqYwJLPA2cXQ4eae6 +r5RRWTAjGZMn03sLvMklQOAv1MtVLlF+Z/45qgSz8hLjwMz+HdkSo2YcgWJvip6W +7ZHGmtrMpIO6qsziRKB6aMJPDMTlTrZeTTzcUTamMeJtgNCn8OIk+WSZVJ1KUvaW +hwszo5irY7zVuLLK4naGdZSypGH/VArFyPb8dntNcUTfuIIZqboW4hSq4rfzZ0IC +HiR9XyW7iUCGWmnZgOacywepEGlwi9xHv+0I0ux+9pfvlAWjzUQVN51Ddd05BeA8 +YCp3ZENDZyxyVZAn/XUycQGJKf24MqLawuioOV/rba5F3m48XFXimkOoe0Rxdyn7 +t7rGnYKuqqqLI1Hx4OJ5gEfF5hXvkAiyqmHobvqZ7jiyVnGM0b3mNupBKa5VGJAp +sO5atOEpTYS2mdN3Exvtkw2YQm6841CzRszQ2aH/y2xplQIaGriy/2t3Y8NKSf9L +NW0dllfiQX7/f2ocPzSEcjAWisNvXXQTaLa7K4TNESbO2mlmeugCVVacjgIxBiJH +Tg/bMJ2MP3zSbadzpHwWjPvGngxhXjWxERyRmtCzDMer6dvIlnZeOGMM0tk8wJah +Gc+YfLCOrFxC7NMSdjcHlMUs2GXIC2Y7a7CxI+ypWOPDDly4WzNU12Jt6Uy10enc +suksQRabAitWX2Cq56uSX4fSz3dZQ0Cud3KLRk2JbemHbgWNH02AneFq69iypoml +uwI+CpGdza7S6/FMZNmFXJenDk0C+w0hKZWjZW1CANhltR6BM66VEByq5ZG7pMNe +rSg6vFDJ4u2hi1hv4hh6pXZVtOjs0pTPN5vyx5SNnTOfyKgxxZi7qgcloo6KLYnu +XGe1wVveiWHodQ9fFMBik6R02C92sr/0NOsjUUmJRhQUko5C078dN8EEXsAgeOUR +nrECnf5kma+gRdfjw7uCIK94/gp+NpPNjPtrq2eiAAonu20/6p0DogZnZ00ApseF +o8ZBp/cMzIm1QgrddZR2SmppUQfBhfoZyu0p5U0E2MSd7JIpzaFXuICTcoMuUUpY +f1aCN9lHGr1212983wHVXIJsWall/3iRmV5J6pF+DpXXnphL0KeKYNR0fX3HUo9a +6RkRy+dj8eIaxu9XM2y4xFsNDV7xYfnLzrPn8cVJZQO923CCIGyEGUT++/XUPJwy +z9zRulRh95KWnyEhUUdwxj8nZj/ImK/hEilqwb1ZxYkD8lI5Ili06/FlIMPCTHdN +zx8KtKEfIvodxieuPBiDgPA32khWE57+/NPKimcqFdeoxKZ01iFBt2bApcd56kML +Y+kjh3AYChh+DuhotJgox/sl+gM8Lezu -----END CERTIFICATE----- diff --git a/test/big-ca/big.p12 b/test/big-ca/big.p12 index f76732a3ac64f38bed822aea840d69d387075b11..0213330de35ca18dc5ec6e3473c59fd4f2e7a848 100644 GIT binary patch literal 7637 zcmY+IWl$V|vZZk!+}(o9-~!F{k07~CZ|L4vys?(Xgm;pJAn-Mjmv ztERQ zfKyJ}W5D*3H_+(%kbIa+*RR;zS1?Y0NN}YjKP-P#RdxtAc%<(~YBotuH)fTgAILMP zm>dXuUS&&JMHY9-=)tEN%Cfg&sLO@NRp%?HCkQ~!Jz7>(KI8i3ScC}vln|7x5358_ zc?!>+TDNJjE3CGEEu_DOPM!V5t_~C8JKqZvWPT%`_ymqvzg&|0OG{LHv)H+d5zOj%mx&^D#gXs}v^Al!(n`R#wN0&MlO^~Z1+Z>f8z1#8(})`UJT>i>iUHTmLYfI zU0XmK1!N;hhOVVG#jo?{uD-$~yebq{6{WQdB$TV(jexh@IfBesFX$h6r%Et)MellU ziho+Cj>Yuh`%@gJ@pR0!^6H6SVa#X~XENw0xPODrBTPBU#-?WyqY5+>2u3+?5xN=- z{kG?vR^Xbl1OGms@r)2GE`%C5)4`Q-zj$?;#^Y1IgZKnMT@(Z#=mOAvN@3En_vAxs z?Fc3+aB#!H$6z|)6D616V9}W1R=w;Ip zc__qBVVnwjqdm}Dj9nX~0Fy*z2(-FKa=|1VQO!uvd1X~m5-BEz;cRH4Dx*7TdWZWk z@BKaTvo`b0Hry$bB+-451gT<07mOE&Xq`<5ckvB8H`x2@2T0qHSsU%e)uix6dTn+odZ zJS+-=UR`{Dtpx55@+>1ML!r~ERvUwJapz5y* zPEMhG_R2#gYwajou}pl>450>oPNYfCTI!WiD4mBX?Q_+A+pN{jJeXlw7Mm(J7NaUL zl7t&41XDH6FTmXZX8;*!;iRaZ{lT7wFtYEak`R?WeAeFFN(ye2F(eogV>p3k8#@Y& zcILNkHC};d44Q1-<+E^R5|Oo!x?Ca{Ph5NC>_OoUP~oVZ(wK`<`RX2JI81X@0fbAU zDcC}brIuNqUtjsnsX9`nh+`Juf_idTv`^-Z&Uo8`IaijS-CW28-LFRs&!SD^>oc>v zRJLFGau>l+OUGF|&2in{s4S$kctrpmy!J#;Xs+-gHd~y{j=h66*^38)@aB5Rx7(WC zlXRQjeKKJMm$k*J3ORM|e7o_zg(&!XIJKK?h>AyE^7rp#l}vWuM`;6rZuuYrR7kc5 zGGdIYj@fp*^)7m3h;0YuONH9xkEQ!>Nq>EfEuv$1uGf@Qtx2UGDVN%?PVHP_j=EXt zCJ&bCl9loBC@)|4uOy%AkV3rc$_`@)+&*5hrMzyfFE#?)Kj*Z-NVUlUX)y>Scbksl z#KZPiSsC-K4t)I0OS3g0xHkQ2Iwd(xgNxsekwyApyGjFf9ryM+g4L_G+JpAbH)U5M zEYS~E8!RVe({zPiu&Iq2%>Z8P!tEB#^ zu6A+(kHpA{*5jj@VS?UoX7`m9jpz)J7^Ho2aIf;o8ijt|4vl#nOLv7OF**`o7(}aU zJ(i3R_~HE|@M|!LN)i37Q&`*r;HX7&w%a3d==W9Vkn$Dz<^3}bTB%JD zj99-s@y{PCjTD1unPrZy1yZ=jzFt!R@>)G=kw~CJn~ceOoG&F%H3od<^Fbgi$%|oT z4spA&aMi>HH*FKIpE}AStVj|8bodF*FQPDip7GQq+_+))#AuBnzo-Kd3pH^H&EA*F zDrRqc2vs5XabZraE!n_ll%JbBC{}3E+%#!&1Uf6rVa;Lefcx$4XGtIXj9~7~FL-gO0TEV;>U`Y{|A`NZUzn^)eF3h?a8O zi}??j#_6dC#Ur(`1BjmMA4aw^oqt%0NhBTJaz;wTTs2+ndhJq#1}%L~@E6vprP-OS z(-Jm+w`5WC2J@S@8B0_}qinS97SvG-Bje&XEx%9X`J35YOKW z_c(M%eHukYqs1Z;y(^Q*IQgJo=jmmL<|@sH7$s0&@vHT4RNp<|O@^~RT4(u(eZxGm znI!h*W<<2F0|_GI3P`|N@I~Kk>VZ2M-~MmVC1{#xPC*B8QwZ9zA+$xxuMO}}Szh@q z;4;c%ss-?4tXWHWB0{auO4aGq&~-z#HS}c&W0W;+X0Wf!upm%lrbtjw?KUWU!geMo z9#2}aRo!jM=Brp?sEz+{Ut3Bwok|+wv`bxNpWRK$8tX^+yEiyma8GTPqn7sro;d5C z9bUe2h#oc>x3o({S}S$FXx+Z1rN#hdD{} z=WeofXb@43Lr<=BZEvnjFTC=5`N8F6fCaWc?(B+IR)9(JBPkW1QM7vHxkTHGB*m2B zOCnB8`ewm4V4IxmCsjs&zwDTRSGY~uslk4mEPRWkLoBCbcsd%a7+F&YcnWyRJVLQb zn`ZX+z-luT68egl!k;^Lw`m3o?m$Z|6)6_MwNR;wsUyJeK|+|iiwooM8DSWpu2G*I`@;8GQAgw#v_}a3s;lKM87*%i zvYD3|*OF}{Wz|z1c1N^N5wjJvS(RaM|F0>!638Yw#P)qIC zU0-V^dIbcqZ|!KEZul0{q`k7w-=P3)+cv#2#@PC2em!;7P%?lqn0q|8P-&TPYzZ(t zf%#g~Z}3qH`)zq>PgR`zJSa=|dOl8TxiLZ6_7|G*8yPEpZJ8uaV#J<17Pmww8gg^! zx6K$WooC#taY46XCAzkJ06nT)B&~A-yuw!e!kl~-K{inWpJ8MqyZM>FrPzy1q6;z@ zE2^it`k2D%f8)w+wW>6DPFs{%_)%*Ip)bd5WuFTjhTyImTn!%rz7s7hp$d7Ggjo`^ zOdN@W}zXtlwooA;{naPN*h6p7~iWA=s2q441~(cacL20~SQ(_9Zd zr*!h{Crr6ZBN{rF35P}1Q^(^?&_}yt->K~cWOT5A9U6I_dKOfl2!5D9@6Yq4Cu>@` zmm0uSe5`%PT9nDpT)U8F%)NH_4tXkHOH}Xp@fWNPy15P7+sHsRfm{wlKU@y-cda>8 zrEz({bmqXfq`~AH8wq{{;RaG{e$gyjOj2JzF5f!Qwes@nZfSebu5CQVM`q_>OUV)! zj^%Zw&EvNPkq%G4$XR5xHWc=2qB9!^U10je*IfRsqQu_{EgF}Zf&r`6M1n4en;DKrCl|vs;y8 zT1sWN5*#E}QF67weDSwS8F-!ck#e9qJNT~YAWi+W9QD4S?4!2CEq3@MjX)m1&JlIj=T+*pcpJvSy9bEN``gbW8@EA2;0zZ zEq|rl+WU|5BR=G0962J^1usePgKn@7XO3%U*m&+%RxdpD9u#T$_By`sK>M=BqpSmA zA3-|~lJA{6Z(@BlAddhqhePD214j}efF}mz5=W#DV$l$?b@vO5EV!Zh(=1g`{qBJ~wNU=16?OdQ zKgGWU&<*?~4WDSS>@drGa~>llDDsSxh!bBOOPet=($n-%rXC?2oDDqy_`;!f02f|P zeoBKxT8Y6Jd3Vp((JSF8D20P#s}wJ0JfomHU$&k*3qE8rOEOD`)b24$FTa}aQz&bQ z2ojD+4FPC@7OzWb0CRDu*Gx0OZUMrHz<=-bwNyQ8FulHco`xI{J5J&m)c-!f+? z`e#1V{ATnb_y;!)hdGxewh4Z!iD8_jB>fxxP$nHvKu%gaXYEPew6(r>X}cOP1(wfH zB*Knw65GOij=K-{l9A4s=vJHiqAz^J9v|t7G4?}cOpv)@MC`2v2Zik}2XdtmN0*+` zsMz&Kl)TV3+!dD;89ZnDL&g!>$}puSJJV`3D5U=Pte1j>l;K~Qep7$d%r?&2>4W>X z+s@z$igoeTP!nr%e1#~J>3j7ghuMmIn^GZDnhksQn+J|QZTs(~FE)f1HwigP?dTZT zgRGEbojIY`C87C6kalWK zJkj&0y_9TF9*3N{GX=uOlIq4ZT;^H4jP^d4(xkFY#4h0B_tWw^b*@2UfsiHo?1A4k zS=F}B8=IF=`Yk)bZ!d7da!!*$5FRqUB0=u?u%yje2 z{B|`KLxSIDImfOolvGZ3~vll}xLZ_<&Wu!{Hhy~9(FGxo$G zO9&U5=XCBgjHFH^Nvio$sMvDZznI1<^s#wtI`)i;p|7gz~r>c6?>P~YZzu+!F4-bp@jkCx#I$zi+ymYUPN-RY2|m8uNH8E5_B!+M`WbRjRMAs`nIZv^w{$%e5PZZuvlc zN46vX)s8x><`6@%A#{Gn)8E4h<<#b^D$0Y$>(*#hbkk5(KkTxZ>w02n{7L~H+w6{y zrQn0(kE*f-3O~)riwRK~Q&z$)5lVkA1gQLTo~#94LfoCz zK=CNYxh%O%*@zbRiT(h4csM6qf9S zGl)csPdABQj=-ZAU#$-)SF0O{M`g=?9kW$|m|GrfXVZiC`yqxIabu$?Ms{q3bSJd= z^09gD_*FQx)F}B>BLUhK8n(#XG!~A+jn!g#HzzN>aT$jB9ftPN+TxmyE)9J0^v7aB z{rp)lxe#$46mX(a3MqPzUsh>Aqn4h(Nldk@zB;rKUhGISj)K-E%uVhtVon zM{34t{UIF*Y`(#o8>wP-mD8mON$(&}YB%-Q9tHLfy_Re|WsT0VnplR026dyg^bT_0 za*ak=UWYR!X9JGBVRyt*#-!;CPv;7LN@*_r25xDJ&8V<++1P78_^%iVeEPwgdC#0Fa#6-J4>p$9zweZ z18Z@Jc<2~i8`+>OZl1wfQQOJsNNT@6FcPxS2%0d($)Zbh^ssH6Ao_Z+X(S|F-cQ4O z#g3oW5W`iA!h<|iHT(G9@Q|8#3)?zl`vI4I1>6ylMYz}`-X^sX95j7Gux(Dws|>4S zY$EdJShR&^oJ+6U{>uv0IyTXnzH#;NJlMQM*OG~}Fn^wnYuacXI@t{~R zd^{uar%GQ#3kT)vhI3bQ-9Ws|-aiqKv@P;84fZNq&&QEz-aTLgSBCU!OMtsmZTUUy zv`*qhY^@)updO0{hfI4!UoZU+ErA?a+McYWIk092s%3(pANTG;EcKRTUwDs6hTcZB ze*+@-JVY9~qHe3;kty-HV~x~#yc*m`rog{jZne~EK9}^1DAIJ)Zc07~ev1ETAD85n zLLhh2j63;<8f-6QvN(-#C>MKLJWRE}Y~b$JL_8Dg_EDBU5+QRj4^8nzAN`Pn)z)bh zvmrLs1ZMC+-tiU&0sA=38$)aN!qyKh7CWpnL15(v>c^_;gUPd6_2ZhHl1Wi#Glu_Y$PLt9=qQY7B*%{GUQ_;Qb;jEF zU~asiGLEk$&x`ky{Lvs$U%u&;y1+jqkf0{!wJ&mAf3jp2@(g;xJOws9+o1@hr-kR=syXBr$O3z=G;c`+wm|qhZEUZ; zoEZgEW~hagI)W zt$D6;%^MvF2x)}ka3v|_I0l*yIL9br%d|KLYnLlmEr}oU`hReEl=@O5r zCiyf`-L9~}adM0=nAc5tg5&CfE4SDtYtSX*r)PbVso>;w>_$}DaVGW8@K&6>#%I;t zS2DBFMQ*n}^KTDFf6xJy1l)>)yR zIJ!0lo%~lyCvuPj;i2nU9Ech5JiWx&C9Q*(-x+$ko-FOR~f@?tRS$5?%1Wbe`rBkr!&U& z^VHv8RN@*r9YF z+4=9*p2d6}6p>f>-cMv6B#I_``Z&9hE`T*Imh}CmT;Ne)Wa1cZjefS7h$~su?0g<5 zAk#X?cbBCnvA{!(fNZ5q%GY`Dc!4q1tUEZbbySllS!t;p=V+C$QS}8L1;zi1H030I zfl1>FjD?$}jQz{OAD*TH9@# zKUj@_YV4-oIYclM?5UA12+j5Sa?9aZ=lpel^Kf**(c0bpd48`rS@`Pw=j<@2*c%d7 z9h_NC+F`Qg=dq-K)=5mSyzTgr5kx1>5~Bjs zz0Y*KL*K$PC*D(RdFXpKg?f+*!gf)S@jZr{oQg{Vy;x_IVom|W@u1c>)P1S0@9z7K zZ_oL2E$%}}7VZN#@Xd&hRFwJlNdngVP^1jubA^qMP!J*wl^2IhZUS#J&f<`~3G0|Lnm$80W zkQ+Bf3OQ)eT({%cMhVaE3g|HMVnQa7(YqCxruY+$3L-f z7OW+Lglqm#GJ2`TBX$9RN>rBPCD|$WLJwH&t6zj5_TZYKs`AAy!ZP{DJTyByImgI} z(9S05ric7!vkkgn;xi=P7ZRy?WJOSHt#NCnQtLN*)q!v0*%tnN3d*~-!?z(yqTKL~ z#`B;lG%tJ{f5A(zbvUR`W=Y*5%ik^0;heT1aUFZlt*xVvhh(2m*jV(ldL3#i_T+cl zPF8JAfDy-BPapx4+M`WvpX_C`gpb4D>pwlKf~>in@lBc$0eO{SF|QPuZzV}>Rp0lx zF;M_&6dR+alXW^HTpxgR|F@+=CEy}Nz^7L!Ix<>mWx&b&IjXh!i&~zw$_K~=qyeHL wA+ln^!;vDwAm9tvrYUjAp@niVJ5&ZPBD~=(P{JXggq2&HxVf_?{HLw@ANp*=3;+NC literal 7629 zcmY+IV{9b=*R6YM+tYSx+qP}HQ`@$UDW^L1sclVdThmT$o8P?2ckg@ekDZ;YmA(J1 zI2z>2-Eofi}Jn)~C0}cTD zx6=OW0GJ7&;s5soA^@5h84^~CE^YxU{ulxr92P7n1m5a$do|3-)ICN7swApZM?)tH zES5F4Fg*L11OFjzeDY`d)dAij0;ecHQS{lHBZ3V~16Hxv z>oBD|xi_6zxSgBYcFTU`!V3luu^z|z&dws316QQU;S9CpM;kVC_WYmp6NqQuXan`; z&`D*#s*FZmg#3Fe;U4)MRwZCkNsHo?b&ihaZ+?XFYW6;bPJR5}D7BA2ZX!EhQ9y!gQ5+uU0pILaF9eVV%@3pO`|{I-Z0MS)t+eFuzX-;_dx8`syTYFYm&QMW;~< z+I4y9?De@Hvjwt@kL28n!@IQZhd`WByf!8m_^+5f)riQm9d8WC5a{7U zn~of{xT)L{0al&521h&X#F!|i=z;9`{7dc|@d$~*A-YjtdLZzP@)y>if?uf>h%OJZ zQ`Vl8F>J8bBqyTlxUB&%5eW{mQ(E}eNeDMD_X+Z`Ju(e(r>4rpOk&ah$a;9Waz(p5PE#(#%r&r=2m1CS3JIeWLSJZUjGWzRdR^~E)MiOy?1V-K& zB3)jfETierRO}CJKi1gvdUK-1LQ84-6vPtaA8f(x)gncGoiUeA%x>Jp5BPjLs2&uC z9s}zIr_DNTlSB7!=Gf^{yE5A&s~bej=Cj`2)Zedhzn+u67gKX6*l}yB&|jrk0vkgN zVFYd+Uab(g=*Fcm$|+*`uaASiJ=@ydZ02IAZmzET8ZBGedEA8qR7Noe$JdCiSq%@` zz);m7X+nQL@h2`kke3)L3Y;I>;HZALyhP$st_mRALrFx7UnOP%3J&rNg;IqCiK4Ob z;n~;K*f`p%0{|!1CAz1Sw|uZUSOlYo)N3>z3-ew4{?Zgunh7%z3XX zH;9RWf%g7+P`%Qtp8mftlfos^Q+qSgS7YFLQnL|Lc1NOgg@srBj-G7?M;2rUD5>AL zEI@|rzrUFvc=tgoBWnj+h^7qD#^{X*q{_CPcKFS9^-{1A6Y5ESL(F9HJ;zqsT0Fjz zlagL_)Y-qAiIxi2ucOJQF&}FEI1BXJrW@QrTGQ*S)me}Q^W@whM?T!>y$TQREdu2U z-M`CxB`J~>nk+(!m33A+n4#1m^$BdXeJ?3tskKbkKx%F{;~3UPz4B^JT{SDU*`d=O zu@NONIO5=h6<3HdQJi%xuNg)3@;lwXWZzGXXR}Ql6X%hIUUpIu+N&{{pRj6hx>ejO z4OT5mprG-(6oMGtr&07>-4NEB5QFA{uYxsxWBmdj$-cV88Kzb%;03V2r@ zw|d-!0Id$rPd=m<7YA0 zdo5{FKEsC6aG}k{U3+B$74rs;ptlW?b=mHCoS%l!U5*HqdjSW_6@n%E^}B+2Nuk^b zi4ycO!BS(CBo5yNaJwvU?_2%UuqDmlNf(slnpw{*03!(pl~XO2AO1uO0q;x)uxOG} z{=H_BF(S|0FPU~Z>Vo{~-Ak#VXCjPwvxYk0rlmMUn3D(w6$|KipXPyuo;=-ZM($B? zd4!Ep7?EduOr?#1cuAZo)hos#8R_p<3zJruqaM(4(Yz#&0>?!*AM4zBF~x&yw{* zdGTmvP7#G{RIIt!SVf>Cphg-sWTnyZr&Ta#ll;Dmk3GT7J{QHzTGy(ozDxGxAewP# ze)s!bjhGd>QC*mwR!XPe+GP>nhU4!@1afW~l(_CI`^Z)Z$3P~Aog)l#q1iubindS{ zR*0O{HJ`6KPWSib=jwcdP&#n_;IA#ItjfQqOdCm)GXlJlEx4lvSD{1My>eVl2aAT>cuGEA(iFud#TOkZ993YzbyVF3>yb!(jtS7}b3DCpxiLUYrdnwjALsr9Qj(dh$ef5BTI z1(&B4sOr)JK`ep|OV?*#%muTd7{%#8HLdp1E&fq=0l;DU57ATZhGJuI8Wg2LC1>Nn58a zEh6_OfkA@J6C@+O~2NP+ElW7S8?sq69=Z@rQixOFMs=R1zre#KOCqXSU$oVUvz)lBtIGVf88+4z;uZCA6 z$tCoUsy;C%#Tk7x`HOvVzN6>T7OAqFu2;)gX=OD&p3klZQXTTTdtZ@fi)6FkZwG)U zBkgHCXGW6v8DP2OXToVgqll;4_J`=VYqV6eCrtlBF_H1~;K~`ot~CmY+oB~pXIkd2 zncOQ5QigPHlXy}kjbW&i9}-MAmW>37@H@td%x9oN@BIKeki zr8LHpQM0w+hN-t*g<~n}3Z+}Syp^syEhb!3ARJ*WgCIz{3s_=KN4BYtj!>fD+Uf$Pi-yk;MQs>uM8jEb5LaQ z8HK+yoHu{sK(mh;`N$K8VKZ6>9n04caS6?uYJ`EZ2yOB?FV5ao__vNeU$0>p1lb=v zJ!p)%^~>2Vaih#}Z$};)o``y{=0}L&mP21Bnh|%_-h8Rg$S%tV;2i7 zUAe@Rt&Y!91v6eJ;D88T)!j9OQG_mj&_RK!8w3~Qh8@a-WUcV6A?R`kwb4E$S5H^T zn)A>y)xqA4e03YcL+)XEWUTqc02_=JSeJp+s63AltGNsK}k>G zjo^K;f|3EXV$elN6P!(Vy=AP)!K7}_cF@Fni2N1afb`y2sr(f#uILIr9DacP<%6mW zkSvz53S`=Xc}9Y`{;C)o)<2!2nHwv>#$O~bt$N#{v2$1M@#iFS$0rL?gA&|pqRCEK z9Z&4_4~oBiK218hg}Y{-UQJSneg}pvm5WooX?zlKFkyoHp|7?$e9@BNr|F zPfufMAy{bZ@R#Nrx5z5EuUQ`Qur$|Sp2&L)Nvqu=%vmqm&zO)IlSu48@m2cVx)`(w zAQUhaE;>jk2M=L}t+i*6n>0*yaoCCt!8ps6il@*Wbb5eZB-9PiEZ~P--#TL#FvEiN zg{^d%n#8e*Mat@T(?Z7v*RmqLF<65u<8~PkGZ=JVyKUi|y;v_YyvAbz)A-}GP`#f% zCrF%+N@tH98L8q4rAu%P?%b^@!f_kn!0A(-GBbTYzqTw;KioJaTelh?5{1tSxaa&a z7+^9q=?p-1*u@;OHtQg>0Z(HPQVrbV8_Lg~Dr<}n+*cIokd9<4dGu?@6VauQ77`d6 zaTH4oHg0jTh})9rC4H++c-d;R7BPgXK9!ACz$qZ5t&!9`UD)M`RK)qqy>~mhWGz|t z2(v-6oV@AVgx2&g@BDI|g0!kJ8ud*KNVs3Cgf!(QcG|w{ycm*4bU)_m?s`&Ig&e^7 zIw{ci$dPtQt5!t^amWb?Io>tOzGdy#ITT7F+r^1`(>}It%33El4JTIC`sSRK!~Xoc zi^dT*0qsZz=rC1)FrXl1qnm0z@-f_0`2}#rBbESb;O+3roiUiQWu1SIa0vcv<+`9| zo8}4gUy5nc{zVy7YeH}*la$jY!k%<}H=q2j@Pk$WA1-ATrs)`O_a5V>#GrAEAdWzZ$*R7UzHcvG8%*wX6p>2U{%6%;aw zp^2IAvkzTm;~(yIu@2C0dI?#3GyRfMfo#co<3F``fDX^1_mXvDaajKx(iy zjGJ!|erj*uPL(9c-yI*P=_PdEHegP=$phl~qPY>*0&AKG{MrG-YWU>n>NYPR2dR7$ zK|i;!WSgScK-4;-h4l02=sD$vT*FAWWCyJr)hR;E>nuI;h%)2BUaU}zyF&!11k6w4 zka($v3Mivn*psIxq+_qh66=8O+ds8@fY5kM z!r4Xs@UM|=3hh?RB@XBI9&DP&0XJf#O#zhVt=X_kpOwofvo=+dewIextr2=s)=-4Nqd9;Ix*&BE;Qi2iM$+F5#q+v#_LL3nWz6qZY`Z zV!o_YMTbD$>0fSyOam#9!6GZplYDM$#0o!gWGHRvAe$7lFE3sOSn(UOu!+o78V5au z-bW~ta&U2-$oj~Q{jD0qwhGI!5-LUNChB|_nl>KBiwdb`lYKKm*jgAPOo=N~(Ax#+ z$E}B(SAQqE`loID5j|K0;p9-rT906ayOkjbv0S;n@SJRR9@IW_)6?KmMc>w)0cf&C z;r{*ju9T%SF2mnJa`FcKNipjIR8rp(q9B!)M~KWtF6%`AI`({IM2k3TgpdMWFS;Lu zryY=URNY_a>3D2}?qDQoQu99*4B0q%C51#$7XzrWB}UM^BH&7e2*-`j(Wo^met7&w zazA`OcijzgjlvO-_=eGnyY%vo$y!gYpOoeQ%7RF?ogX6%e#h1mc#;WYUY zWm1YB>D8+eZh;rv19?bZCCb41T17nSs`~KL!Sn~8;-0ui&ubO05hj^iXGL=>erA_Y z4IT=3ugG&u7L{dYxpv<&nPw{KMK^6cw1CtaCDb>7Z4rTT}!zN0=nvk z(Xi9q6g959k~X+}p))2`r`N!b@!fJ?VgB-qk7|Dso`bM~{0svc(bN(@GsrNF$6%TA zus2hCIPDYP-3L##r{_>gxelFX?YfBhxbx(J@5`*DqxPdZ$0s{-nwkOH9_k5DIHqcO zfxdSpb7oea5jsh>n{RD;ks0Ha%=-1vRFM~EL6rF%$-uH>{$7@Bn~p{J~z565Pd^R zc{mq5IMJH)2J+1>FXA9XAnL)f0AhHBeQVm_Rp3LKc zhvcr&rBe)T{Ig<_Rg}v+^?r^T8AWg9yi()7MAu(7R`{ELo6D@NU?8yp)NRqzk^lC- z_F1ZevwF)ieagGo--N|+D+E*)#4ZxHDJLzGK>Kp>6zbW|Uc4E8+&vi~bcJ9q;aGg~ z20UE97kq#=B~Ey8QY5Wq%g#Q}<`LO=O|}sN(lIC%2jQs7rZf@?I-Q^-?eJF_{F4=t~LnMDG10v4ZQNKEvaUd7^X3af4S zeoo*IRe)$l{jy*o0ReSTvb8ABLm;_=Cai*m)h-7b<}zdDFR!Hq$99{Hbd%fnM$aBR zG|BCd(S5NtDBhlBKqjX>18kjO(wN9d5onF0Jbn*MgW*)4IY_~~51^jB8r&(mK#Q$q zwLLpHd^>dNxaP5f$%`!&%Y<*O^Bv!JMIDs3dBm-iJ!@X!4U!eHq#t}b6DQ0T=YU)w z5JS&XxGn2TWHTx|tqnV_>0X(boc2HZEElGVRqaDz-#<9@F`Qahlr@SUjjqA+-eD)M zksj(t_ItBM(!Y!IdmSuh3AnMBD4@(SX&E!2zv_DH39lB(Uih!+c{7rF|GpsmhW@!QJLX&4AcJ~PBOq6LPg8k9z zxju2m^Hz|X`Xr)#ciH&+gcAPQ)3>tH>VdCo`u!d*gH4*FTDm}xJ=)C^y=viT|ESQn zzdI?AUwd9?DTgnhLgsiPGM0Ys!OWp{4X{pU)%ShvU@^Xi5w+yZvS5Rhda+rVn)d77 z(;5*!YXb{AkKcv-Gr_jRxuU(yyS=X%?DqaaGc?%(oK-5mWAib`bj`@2W+TiAy|ewj zD`^W6^ZA7N9&}mP9DxLQ{nDXU&|$36l07s+h|J5nxr_$-dBih@b7NKfGDD{TX&;*= ziNZTe+v1A(y$Gw!&S+D`yZx>F1HLKL=w!^92e zvqJQCGtNvpV>@&%6S8`U-}W=@=DzYJ=L!{f)*g-|wOEN|7G5~=4BR0~^rx3Z_?JZO zTA#a*8N>#U2Xmb6uG2b*rD*df#Y$cm+=!s2L7|3uQ{9H*u<$p>WrU(bkq|0_A}f)t z!aPoD85Hgw&8a&+ToqYXHsvN4QrolSNy8A*;jKC{AosYsQEv;MPjICr& z*bHhvFw&SD{S?UB+xpZ%=vI&M{jFL%JmEQ2{m2Q5a|{(Pj%B zuV>5+dH>g6+pMaM(9Ru1Bo~b30$J=74vA1$ndKQR&inF@cA{LID+MRi7$EnFm4O9} zGS%rh$s8qsn0sZ=%}(6kA6ep@(6WY=PH==sPcGwLD>bY!90qpgWxexAO1et}!)k1? zP5`W#Tm_oHhfuGckN8#wb7KsCH*$s@`m0}a8U4jBE$uI=%tCTe!hL?@tx1<-#?RJi z&e`#lu9H+JrG&7SnfRO)KeuXQx#%tAHfDQ6thsRR0xU$+3;b)_Rf!Y^hmp6x z=Tc2c7=O#S;{^9qz*nW3jg>e2g`MNId*GbKdQ2mVK3=bQr%KM_6RCdBu2Yj*VBse4j62B_eD#u%eAiT%;=o~&2;9r;{{-GtPm&&+}p7zMH zAQC=VR`s?MV9I?L00yue*fyrk{{Tvzm?Q^j3tmV2PbtSq)m{Kesr}SyYmO&^brG}f zRuv~$K@8@?2K>B*j(u+H58Dc%n$K~$H0{WXK68#flf#D&XEc$`<5DMNEK7MY`z8_O zYaB0oGdTkEcfyG%@-W$H8euc1`a{JErU`2ZQa8vNvYCcY>Bwpt-D>yGtD@%g3t_V_ z*8}G&Ua=48pked54OoYVFsJdBdJ0YxGksCHe=#BqIRajeI?n!P1zNM6-0yb7ptFUJozjB1j zH46nZ+5c^);ILS*Au%&wgly;*j|$zLM0GL!*1h%b>mQj}m`Rx7prPoHA;9sWz#uU* lgoh26??XS?B4uuYoU4J>1crjRfPRarT2mpYB1885_cnG&FsYMxvYwSyx27e_7^+uMG za2*erF^gzDX;GeY(pz2_`&!xgzO@7gtSNC0yNN+JZ_tX}G3akn6>tLL_)_h;rFq}5 z$h#3@*_`ALLcrYob0fewY&#~jH>SQbAN2DGt|78|7!No24tST zIRct2i0`-SCZa}tzEHcx=d5+y3M1r@*4G7;Wt|eINt~txtWe3YD?UT&Fo+?pGuJwG z5H_)yJ2YJ_wAVda-+zQ=0N|%U)zVu7M8QwiKWePuvGHU9-9_jXVDj4ReUa(Ww%<0F znnrS&{mPOfhJVq(3F8+PK{DYz-Oa>@Qa~#Hd%%)W6O!nNJ2j`~M{$)qL_FFRj`KXx zm7MXn?$0smllOmVMghmb{=g6g?CFpcJN31;Nhs)qSOY-dt5Ysbw@f>FRbU~FfPZ&O zR5iwH=NLktr{?>mhSG@~v?@2BNfzJi>c~RMS%=u`m45)Ktbz1CZKoM6zW-wn$GK}X z5>gYvkc2ec01a!sBFYxqSOC#-tzRrzUFliN0pWq=L7)7YzC0&W?Y*{b5qiA1h4?4@ z&+xnHb#W7A?_Gr7b9Hs0=KNC>9Myc<89tr;&nLwP?(3<-bVnSk7zUw$kl_!aKr&7Ktm(T=yf&gNm+bKnf?;6ie{1)3+P#N4o8A_wb1;9vt+vEur1D96Z7BM1G`;q_Ao4WbMP!aQSptq@DSt zhUhB*Xgh9Tf8S?pJA}7a{QPaIY~`MZ*6K(Jo_`;wyfi4d1FjDQ^9CXuV*rBT;i*(N zLM~5Pwkso6?x`Rn6WcVbc}1wYYIV13i3Utb-tQ&x#e$CBQG@4f3ys&fnVGr4{87{& z$ff2}EDgEJnx4&{DKcxQD^>bQcw(={z-}QP49WW7xZ?ig@y8nlMVCd<<}d3EXpw=nm#JC#4pz1PhN8v^?%>M& zA0{iK`2uEYooHt<_xKO7P2|S$9bv&g_jeW8D6WRvNTCGZPL>UbRGIw8_4jzer7Z|z zbOw0&F<%)e3;PmWF3QUL-22ml0v0)T)@24xEu z-)k-7RUgmLD(p21muBp@u0BD?Nf!vB^YHy{!<+MLD)2U({Id>~`=*SN#7jj%5SaLl zf9T>_|Dy~OAzpL8dN2r_AZcAIWU-_CTzVSaEWd6ZuI4hd1#R%u4toSVO&q}~np1Ot zJb&r`E{A3wnS6^>#vlYisO;J`ond)pWO!;O^Xh}^VZx65ORo}~!@_=Mi|LFpQ{2 zJqmyeBl(n&cw`N3wG+7vbSEJns;WFa=6`pT3b_h5_3P!ONTu44YrT%J$tH5OmF_ly z;5-%V&07d-s+8mBVRO`7Ls6ZgfPTe@NLLA8JZy_r?++P<&Cv4gq(e-dqh-@cND1K) zZukabV)7^ioBQEzdjLJ{NJ#uiHi6Shp^D}97Srr5B0|+0Frsi;8CM%zaBX1D{meO?x zkKKt{-0fG3^mEJnX0STeE{trU&GBg9Mu2nu^m#fETOIsyU+ E064xi>i_@% delta 1658 zcmV-=28H>B4uuYoU4O(J9h>QyNC5%@2mpYB18Dh&nu>#?In7#VYJok!^KYW;Q|5l6 zLPa!;db9DB^K3Njxg2mV>HgSvxx_lVg$%Q+T3lsw*J?5uF*kj*`s|dD#i$_0tSkY{ zr1AqSz~;`jWNyjqrYm_&u1G+Eb_^U^3(~Y%7ScZ4Vt;T+J0fL&yY12AG`A%+ z?>P)q>B*$Og2Nlq^k@0LNBO+*-bb$|W@YREH3pV4bm&zQH4^g3t82(<7aG`B%%ARe1K;Yuc!m} zW{mDZn2NRI3eqwTYV5iL7B#;?!&(Gc9CqINs^=!d!bXry_RW6+1es;u_}4Mo*xt?9 z`JTLe1lRn|GGLOHK*#5dC>IG-4X$9yLLJPFVZX> z`Yv-!=6|oM<-EL18B%xr)Y?!qxZK;^eLA~KQSC;o70pBiC1=^R=m1sCq7>!uPL|-L z7OIK7Yve9rNrQW#cwJrQBSd13M^Unu!|Xliw7>f#pNMVH$W&*-&R_?4$vh3xePn=j zu(SDHKBx6p09K|yAcoX)!()J~lE3geB7dPJkGK4W8b&~=n4_v3?!!S} zz160X8P~7<%BH(~2Be4tjoX$e2BE~Jsol#^#rh>w7Y{6YE(Uf7=B>S=9gxjDJ(Vq; z6@Sy@@a*5Bb8F^7S~+L^#1jy8@gHsHvD!as6Yz6=jmo%y@H9CwF@yzjZHh4qk(zWf zyT-)CR6Z3RB!y(R3em|_Wj<~7D^Bw~RCxQ~_B;b@3xgm6=+34~8j~|>2ml0v0)R%wOWicR zZ+)p}H<0bh-%XKPAzivLuw@X9zG(<<=FdT?&E6{aYRZ&bo64wcJJmDhLPD>tJ?p?VN}^82nv z>!=lQ9ulOtON_e;7SP3?WV8)eiH(hUxmENV1*FbpzD3X5`xfI|&;M!!H~SFlk4?Q2vp2DFBEp0SqXiu;j_c>TA%)0I=N&>BSamS=E`z<<8@ zx<_nLRq${00;E$gVfIkB09ndy=at0%^WtxFBd;}EyE4@+$(WrxNGm(STyDyzj^&1> z_+g!k-`}&O)0uF2R#c)ZAYPo1hJ!peK$%QJ^g02+!9P&M;9|gOglXpPuRM82gPe+q zPT~~cA6GWXJ5DEWwYXG%oFK4N*nfh0BOwkHl6>V*Z=`c2k*l^_rY~FF-PZefy#){^ z^wp=zp*MjSXu?=q3_QknSV4pLT)ra()Vmf~aDV{ma6(%$`uU=IdB&duv! z=pmArC{XY~;{1#TZ$sBv=Nq$Tjj&J6LFO`F_ypsC{m^e#vZB_MKW$lS9d92*>ST&@a;!<^lo; E0LLse9{>OV diff --git a/test/expired-ca/expired.priv b/test/expired-ca/expired.priv index a3cdbca..c977ba7 100644 --- a/test/expired-ca/expired.priv +++ b/test/expired-ca/expired.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQC9AK5saP9/piHGc0T7yTCh3pf59wKFZ8AWVUciYgGmfk+PtUh3 -lWabYhK7cB+j6es3o236GLMfesl/WQAwsXHuR/aCr/NAESYdF7zthGHpxB47wHmG -9XihklryOqjfixCFV4SQ8RM/SJa6lHCdQvWR/u3XSegiyUlFxSkz5J/vWQIDAQAB -AoGAZlgYG1w//j9Xyr5gfHdVflGquhCnrNWhjnZfLp8jhaSgMJFZzGd6SGmy+wyc -FYZ1eItm4ia92C4FLpBjKfrsVcu28cCAHgBeAQ6BmLk9oRGJMxwjs5QXz8YmVaGl -Rac6R/7oiBSWxL8SabFAq5i/OgVxRoDGLpTj3ymQHgKMggECQQD1jvRBjeMFXBBy -q7HD8L6VuufSZo87nfVZy2DTFZJJq2q4UyD0Ms89obkWmJmT5T86LPMAfNe7vsVQ -3nK1TWjdAkEAxQoVw61lWk2d+5zWroGZaaOyxCC0YVxgSi0HxGjGWwS8BvOFtRge -Kxt+HjOuFxgJVAXTiUUYEreZ+v3Uq+Y6rQJAdpiIV3DTiC8isn9B58RKB76xX+iw -nLZ5XNjg9pGgiXwEmulrLQWtGbMV1Vf2NHuvwcUbx8yD1OUaHyiQdgfg8QJAaj98 -6u32KBKQbNvum1zA58jgnYdxHMreFUFg3dUNmIjeBvWLlNIzelUx1YFSj5tjdE5L -+corJ/Se8EutQSA9ZQJAQnOKQsZ2wHJPUM52gyq+YETtAB1qsexeuhSJWs1v2dOk -tWuapfHTQ9AzrUZTGJ3W3h+uXcR4DXMy1I/urG/l3A== +MIICWwIBAAKBgQDll3pV7BxBBmt4EWJoSAbtntxu9HJFAFmeTKfe6KbwY2Et7xrD +CUCa+eFsP0zjTLFGZfYRt9eCUapvu4ADW23I+n3lJ8LGx50EN691hlik6Gbsou8A +lIiOP+qml8PgP+O5q/95fQe5w81rU6J2uC0UlkV6MUDUwCLbVdyIKACCcwIDAQAB +AoGAVgdtmraPW7o5GNOCyUp79hv5w0Wrb7mS2yMkH/2TWC4U4u5eW8iiwa9yTWpm +uCErqBJaowb9JOLO93ENpbRjrR5zgejIKj4DFPS4SjAf0WTbeBFy8I0Q3M+btRQ2 +4hsl2eXSjSYjT8OlEsaNpAmcyhUsGn/wjFQ7sOeXXVXRc+kCQQD+MY06BGR/1xbn +BJBMawbj5O39poQMyc87YuJPrNKFRae50dxCwXO/0L2TGslISk4QuHuznTXueJpd +pgWNYSXPAkEA5zkrLB0yUHlzmRs+X80Y3bACnkm/ck671/rmkcBmZBUOtRL9XiF5 +qP3E2MNdAfV7CWFBYBhP3UnVhNxLnJWmHQJAIl9U94lshZTyNd76HDtEvUBRpkEE +Di6j5SXj8F4wQXE/0vK71BMQsdlqKSAwI6RYlg48O/eAOXT5erxed9WxJQJAI42R +ytWub9tM4ATlYVuq8CNpM6eJTW03yuzkWRLpa4glW8hQtxGUoFxs0RuxCGUThwyy +PbFfTlpU/3nUEn6cLQJAcj6DrvRMlq7ooTTSeYz3FCV5XyfOOz4Chv8IEDntGSz2 +QYia78JPbX+mUgFMV40eAr2PcHa9aih1rXK7K8H1hA== -----END RSA PRIVATE KEY----- diff --git a/test/expired-ca/req_conf.cnf b/test/expired-ca/req_conf.cnf index 18be02c..e22a155 100644 --- a/test/expired-ca/req_conf.cnf +++ b/test/expired-ca/req_conf.cnf @@ -67,9 +67,9 @@ nsComment = "OpenSSL Generated Server Certificate" [ ca_altname ] # This is OK for an SSL server. -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com [ ca_client ] # For normal client use this is typical @@ -83,7 +83,8 @@ nsComment = "OpenSSL Generated Client Server Certificate" [ ca_fclient ] # This is typical in keyUsage for a client certificate. -keyUsage = nonRepudiation, digitalSignature, keyEncipherment +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Client Certificate with key usage" [ ca_none ] diff --git a/test/fake-ca/fake.cert b/test/fake-ca/fake.cert index 4a0ca5e..f2e9d3f 100644 --- a/test/fake-ca/fake.cert +++ b/test/fake-ca/fake.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDAjCCAmugAwIBAgIJAO0FFDQThQMjMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV +MIIDAjCCAmugAwIBAgIJAKVvazX2US7ZMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIGZha2UgQ0EwHhcNMDkxMjA5MTYy -NjEwWhcNMzcwNDI2MTYyNjEwWjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv +CxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIGZha2UgQ0EwHhcNMTAwNjI1MjIx +MjExWhcNMzcxMTEwMjIxMjExWjBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJv cGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFDASBgNV -BAMTC3RoZSBmYWtlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcesdY -OZsBJPCJvQicfeyNM4uZT30FhKTO47/SrQiotN9nE36oUVzqQ096RBGrxxGDEYae -xqa8p3gHp9urqAteHb6MhimkASns68UwS9VwBjqkKTz9TV91MgPAgUcYkxuIOff+ -sYUYXDUQSExTWuzb4xlG5+wfrqryYEQkORWD+QIDAQABo4HPMIHMMAwGA1UdEwQF -MAMBAf8wHQYDVR0OBBYEFN07u5oRDwxZe3RIxhCNSOD9rXhuMIGMBgNVHSMEgYQw -gYGAFN07u5oRDwxZe3RIxhCNSOD9rXhuoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G +BAMTC3RoZSBmYWtlIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfr8Pn +rTOlD5veGlkfyumuK4424yLtahHj7ApjdRZIcXO8yHmGeMPhBg+k+Apdi2m1j9o5 +SW9gQQ0ZVP4ECllFfJqsp9YWJrAojgy6n3jj/8RHJdMP8v6d5GKJOL5157vcl7xN +ThRJp9WdQK9+aR3/PnD+pB7uqag9E+CYU8JgMwIDAQABo4HPMIHMMAwGA1UdEwQF +MAMBAf8wHQYDVR0OBBYEFL+4vx9H6I88ZWKAuWkmtJMSVVveMIGMBgNVHSMEgYQw +gYGAFL+4vx9H6I88ZWKAuWkmtJMSVVveoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0G A1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRp -b24xFDASBgNVBAMTC3RoZSBmYWtlIENBggkA7QUUNBOFAyMwDgYDVR0PAQH/BAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4GBAG26hxwZ/ov3Qz9q2Cc24SNxgSu8WkjFNJBD -yEcZx0JTRMkHCCuEqYhgOjcMCD5imXydDCCFYG5XWJcdJImZqYSRdyd8KZyXE6xi -gTYZhLuOmNIzekwMee9QhOeYuXbghpDp85ID4gbdVfVh7K6M+/Ro+5qrDQyz58Vi -WiUn4Ezn +b24xFDASBgNVBAMTC3RoZSBmYWtlIENBggkApW9rNfZRLtkwDgYDVR0PAQH/BAQD +AgEGMA0GCSqGSIb3DQEBBQUAA4GBAFMy1KPcvdJpKPFOaeYHPLzM5YA3m+3Qz5aP +F+yPWOa/yG3Uh+xMa6MqPBeOppNlzMzRoTuQlp6Dw951+fWv57P/d6HCGLyCVs7n +CVJGYr6Q7mPmq1fgcM/OrKIXnGd/oqmmYmkzKCFn+13lnKof6LGMAnEeNMa+ewQO +ffPHXdeZ -----END CERTIFICATE----- diff --git a/test/fake-ca/fake.p12 b/test/fake-ca/fake.p12 index 6e927e8c1e7b2f76b9cb8633c90460b876720d95..d9b5b914f209a8778093b04f0ee35c457f4f11ff 100644 GIT binary patch delta 1658 zcmV-=28H?k4gC#}U4N_*kUyAajH&_x2mpYB17M#9E$PVjyQGm4V5x$^1~d0mh(qyR z4i0h(jGK%vk?)yx$7=6yd^G(Gt`ld>}u zum=M|Z6gIF;^BYeLZA?W3jW1k?7bZPvWgkfEV1VBXTsFi5r0C(0^?#iK^2w58~wVP!TlWJpl0p+Fwj)@JIzsY?E^K_%J*ko9l!@5&= zp2{_@k73WluzwD#&}Yz|ManWZGBB$;MznjjFZKGB?yqGrYI=LMeJy*gCSa;2g>XfNY z(D1&;Fn=@0ZF2B=5Z$fFECw95gY&V`(3Eyh?0mBTxz><^*o#dEN#_dNKl-x?C`zdt zx3IRDP#!13<kPS2H?~nFmSp&xeQ`?KtWhhLGYpoaomZF2xBB%1Ii7h>B|qxxT3oJ~scy zrhgI#!FUh71iY_1fuRrd_+$>#fw|?5gI}V5o$X35EWlUZJiy zV%uO-0>aG|RQ5cJcMR#LFoFX41_>&LNR!qBJ%7}>bE@rcKi&cY2ml0v0)WZg{Jr{1 zLHCRbVZ5k+wsEdy>DCfTMDq2_D}8u+wq(@t zp)N^`^=_VWnH2_MoGE^|5SvTIr~v_>ws!IY1{UX8i{FB1V>~f+{hczMmq201gr1yK zg?~Ei@F$~?#glgq*%WU+{lLBjW%kRemL1R&S9zndXRW$!mG~u@$t|`+?dak5KirO> z>A`opDw>srM};>2E3N?E>xX*p_HiLt0D*Sb0xDu=%l5+fUHf2ok{YI{enRTvV|Dus zKg-aPB_~`9&rOpC;LbmmMxd1sVSXhJWq(*{b4CY*%9IqP;xn6|QEx4)l3@eP@dxi#GWAImgGZ!62A zRu+h=zv0-E*Z8U7Y6mFN%c&z_>A_Gy1w3r$taq@NO`0%r5A7CM>YC*iw`L_IwBOm`-m++lh-^Mb0lcVH8+A>3#_oFG*Uw!Tds$alP z#GS4EXL*I6i$R2RE*PLQzHx~&o1aMPeo{OD_N|#%RBI96vYJ|soM^D~yl;7Ipa16; z%O$^5&xi`h>*?Ws>)@_2B`_lf2`Yw2hW8Bt2^BFG1Qet#ODGNIqCd9YoRN4%RvC_} zdz3ISFd;Ar1_dh)0|FWa00b0dgAYUeya4kIZ`?RlMHfU+=N4oH2v$tz3U3ScIsyU+ E0N14{R{#J2 delta 1658 zcmV-=28H?k4gC#}U4O!YuUUQ}p+^D&2mpYB17MaBVfmwr&f}w#{e}o$kPBn2{GGYM zYAoq0*v9W-B^_LD?|A$35$lC}ME@wc99+%q@}Ze!%o4CvZ}y(RfMMiaCl&uCUR#|L zuKN-I-^nXFG(YhGPNICLv&S*fqMkm_v^WYeI?1__^k8(|B7dBx@n2AyTzVrr)ZhC= zZZt{!_J>#Nx4U^miT?V-c*(M9cSXax|MQsC*ILNpOWd)dzxci|;jsvw6k#8mV7Zuc zRnqam5D!LzHTD|gr>T0C!j9nb1CAZ?-s9&2^8z|4S_UMUfE`_vZE;hkv*GzoceIQ# zD8%0cM0+9y4S!+7!dqqj*b2GUeZr1AU7<|ZY6WkxCYBCxFaU!A`!I4~S+~!LiTQY2>w_5liFO9$6Xun&Ab%jVNHcnidpiIcXrbYw#xl#v z_^nQ-XR~zWD_uKZAbXK$8l?=TREPT29!1&t$ITsEM0O&;XTp@3E_sZTfkNp={CT(g zCFF#b#=X2FOTETew`%n#st74HaWyjMJyBjgG=yABdOaKQ3QgMFeH-irt7|nvOHFj? zH$r_WOn(BR$7H%_S4{UU=xH;zP^*0fZ?KIncG|0m_~+WoHt!L{2TYNH4?US?Mk}5U z^QoHXqn3vpG?+-Y`E+XBgqUv?b{foLrzSh-nB~daF8JOMD80$ju79bR84Qrg$Sq14 z2XL%OYxevCDyLflV)w^T48O3r0y1+Z4d)MlWPerKz7x7O99T^v($cjQ**=l9W@Y?m zU2s-6L~4=Ejq`xPk04^ZmWMAoJ7LCxtbKH)Q{aHN^ulH1lqsYH;ah4~0cEpT6AQS< z`R9}2oV>feGMLp7!sQ{vNuMHbxm%NurX&u}>Ir1<{N0zxb8&z->@`)x#CUgY% zuaHyq8W>OoJ@3<8aMN?+B;lc8wT5#5Cy~1mdq{N4J=vSMAtOs^+Mv#;+lK;e1uX%3 zKqkPvh0A97P0W=n(T%SdFoFX41_>&LNR!qBJ%1FrV`u@rm*)Zk2ml0v0)R8Xf=Yq> zL~v+lSpIzR-_qp?PYS*k{o!-s_HoXdYK9v?wx4TD(lC`|vWsoSX~OMPqrsw`1u5%} z1t*LY@5vd+VY|)GUv%xQf7;#;^Sh_xc0+lppjeoDp*?W%i6!Sish_S)VZKgvfZhUDAUPg%yd9s^ zVp!C4B=AoE-~iX5IyN;$<-k0qfd-vqH8hN%Q;@V-mJ+H?!xlbVcH(b0;lhhq%hq%q z(FXLCLc>RF7S9rRKiSnc>HEF8-8R+*M1N6a3g?@zalyqg(aCwD_nlm%qsq{?yx0i3 zYsjRrUE@U!3cGy}?+s|Jj_7JLH(>tJubZW|fI>HA7} zYfJA^kG#Ir{TvNU#Jfd_O>xDx!|_PdTJ>D3Ia~+jK@#??7CzmltD`}ymFWEDaDQmJ z?RO4@MoUt^u4%Ptrpa@NlDyJf)yLvf2XFKVir1B^<2};Y!sZYo5&m^rt%PU_n1`U6 zuUAGT-*t5$;D1EaoVGBLji%h1>+`E8boe$$Z)N_eG0f923nE4&mqXs6`mGO0Fi?wU zA)tSS2=6se=yhW7uIT6osrNWrrhhM!k9LyT8XHD-@r z0&{%S);nXW+HHk@!wF&9`axj6#=WX_KzeWz_3i2sz;LgN#qtcY$gu)aes4g2vq`}9 zKoRiklI^yMrvYkTgZ_FkB`_lf2`Yw2hW8Bt2^BFG1QbmfBs4tO#}9i`C}S*^6cCRT z^uRDNFd;Ar1_dh)0|FWa00b0Tur>xaix|$JUC=(OeB3{}ft=;7$d&muK}3hs?W&0}TOaw0S9$!vz&|8Gay!?s3^5u@zpI%kFGnYNU>| z5q$aN(Cr7z89^fao;n#EQ}L)7O-NOjV?7w9N(;U=FftP8k=$P26&jB7t4+!>Z0*P3 z)GnU9el(5QUfE!_)B$`;D*dGd85o^X)GA=bry{*|)PMTuSNFwUBEy4BTj66dXM2yB zKb@j#faSj>wuY$;!E+VKQ~yj}Z52uf(S!MPgbR|Zv-c~na}V|LEzNDl*9%stL8P=} zZVDG|Ro+FPoE+yoWFp`MN7XDrn3<2kX_V106+DU32RmvH6*P$h{m;oia!zI@Fi~st zV%|@{0)Ipi!Kgxyk|0t?xD9qSertN5}5?;A3G@3QFxASTw)Jk17U3UAp0nJSfmT@Ha-p(;{4u zbjkL88Kp3GT_j>v#hImt#L5OX1y;STEcEr z$u*oYNs>SAf_Y9gx~B2|!y}hFSzpH5$?T+jfKkTkQ!eVm$4hlKzH~-7QHBgW{$@n5 zYH=gFUxS?twDmFVKOo@r;N7MfFF@*;Lb9zINr|t=dNP$Qu~u^wX!+-L-_-tV!ok8W zEPp%A(ZPz)i)pK!k*uggW8ouC8~BIr{2}Vn1Rjyw8b0U3To%1EsW*u{(p!G|L1+$1 z>L@uk*1TogMUT#uqi!~nEz*@>HM_|=r5?vo9_cTPTWa?zW9iqpT%Avd>pVkfSPqg6 z3vwII#Yl;hj%11b$67L2TWDwAXAzRr*bf|+NTHsQg*d4_{z1fskCWvCMt^bd_Kms4 zvlapZ2ml0v0)W*qn9Fbuc;POgvxQAs*8`lGCr`JbZA@}8{=GvPTEc-+sV928H_<>{ zNHht>6$b~(?MkNM|Dq76o9Lbd_b1ZREIhq?skI_2sA&_tk_}Jkc!n?RBzo~_V6eMY zgenIrgaG03P*Jqjn5TYbP=BqluI{odje;bpBkz;B@7qokiX8JQMG8s9r-fou#QSw$x=YJqraaKa(Tk}#Bs8>74 z7In)@1W?1mBS#VDB-`Kj0Q#;HUW2qz;WKj${7$r6;3rW%A&ugpu%bg0rcUx+6!!ozB`_lf2`Yw2hW8Bt2^BFG1QerT z1Ca>Q863_#y49Jct;~vH=`JuaFd;Ar1_dh)0|FWa00a~)+G(7;XZK;eJ^01I6t8UO$Q delta 1674 zcmV;526g$B4wVj&U4Ns>v4_sWw9^6t2mpYB19+<(s?=_&n<-_io*T8wLrjToA8=n~kvrMU3=%mf;`PRG)X_ zuWHSLSk5xqjn}qioc?MgSbWdH48r@PA)f4pxT_Mbh;v66I)Cy+JV--BF}X~|uyK!ydKb$ELkKuP92t z7^T-rXmo0fLY}>z4il<&lQ>odUgY(CbtH!pM==(te{%Gh=S-u5Zgp{_Q4e|+g8H3( zD!nQ!(XH(U0laNIzA+!M%v>E#fC{glP;;2lAs|kz^nXza75Dd%qwbKH$e!jM1PQFl z7msRYMA=KNUtR_(^@Nc8ex5p&G4yZy;IS+K2d;Lhv8*PrQ*aMN$}s=Ro6bkdWitxo z+xBk3YBwBdU2yemp2b+~Y&iD_P6x6cpzVNFrB;QPPouH&%F(5)R6N4>(a#XhMoiA}*I{pKAfMh-dT z@cil&mE@{n_Gz6$Je@>vl{R47t5nkn-w#GXG4K(m39z|7C5a$EIg{lBMt>H;apO9> zHr@gP2ml0v0)TsCV7r@iPT%?0)e*frbJwWsE@s2PbYE_;+`xwE*S7_h1v{qUNE(*i z$&4G_RbglS6UqFaj;F!4Q`_7ny^`+(L-YpkVMXPjk4_GIu{0EUd=rJwnA~*i~Fw&?Fv9n5kfw z@#qZ3ky5f9FqK$G6n|r&T-9b0MVDQeE)U8UZnuGf`Y$mMTfVGlCVdPtJ835Lo+N9$ z(vpGqVk@QyYMEP5&K4+#`*PFvUY00yejx5_h1Iq+O*;B!KptNeeE?h zicQZ6Y?Zd+EMficG9cD`HRjLaCvsaSHwP$nd9U6Dnv1L>4u5|b+_IR%Yeplm=bVk` z)HAgPQu~NxzUa7&n&N#CBrrCNo}oRx8_SK}rZ@?r5ai`f|HfvEEnps&Boi<;hCkzxMT@~UQJ z?#R!_-i|h29!eP%oa_`*?x*}9?9S`bkJGW{t zEa!(M*-8`D!MBR%o(x>*os*ERmS1fZ{gnx6YV$>o)r{yk z^fytf*}e6^QFbgajrdY$cYcbGsqR5KO^#CQIXQa!#F4^#WoHvd!lmm#-fk!XtjjWH zhujVCyR^@^a(s)0Wm1-*VvVZf46&=h$ty;?Gs&;njDIak{*l^=5>XB=M_{~%Z)F_J87IPgg0IeO689z1Uu*Yedy z9LS8_?su6qH2J0613?hV?XVR94RNeqjMr5K_q%HcoLU(y(+59B=Ity3|Ci29tO>DJ z#YxfRy8rqrq2t7+#FE6rDQR*b0+LIS=I7e`4u5gEJ9nuCjwL#3Mdv5g#rf}x&Y@$O zbkWR#5RI_Nf0weu%)LLJ2r3>(@o&29F9Ay~O*^yAZeeDGHr)(*JHI+CSoL8fR zGJm`k*(QtT?X71oNj_66O}C`RAMfE!tTRyPX#;LG#NV;o`-6|EE;v?;#n&P^Q32oU zN91%K(;jRM@bW3xhmg&LNR!qBJ%78sEK#WPP0s=X2ml0v0)Qayc01$b zSido%8`UKN+W!pTdKi?M12CDe1KEh9Z7B)o0MFr3s>9oTKjlwxY5YX<2d2~Vne3=; z*T|x^X1P%Lk3cc*&5wt|>bNp^J3xF8F_0it>3${O+kkyM^W5wM>EXynuJTYPO13ox zM1Q2OrMsNM$sAHOS$snSycBg967&^$aj3S2 zW)R%&OjMDoRmcUEQ16vkD?r;(t*Cxv;G+;@MZw`A(Qui9)5k`~vGz-mYa=&LWsv@j zXM>MgfzW>V6bJLsJQJoTrT@s1^J+cBQhx^Dv6~h)7Quc65#_R!$8rRDn^picgHm|7 z0m3c=XR;`SZ@J%wqb9?CFXJ)*i^-~+KGl?c*x1Ic>}Uw$k8{k9>v+5CeiFM=D|`2a zvNDoyS8J>$wEN5FBbl0j7WN~kUsAqHOCEi%*?J+M==74~~FB(*R0^vFIl%TJTJ;pFI?Q3%f)j=Lnh+?5)*s()A0b zPRrrI#rm_mT*gks(x>diQ04rdY-ipZvB_3|*{i4#b)O3njLBMgK`OE7I>4^#CY`G} zsx)YXha0(DWcS*(}2fGoU{JB(|ch%>>L=SwQC zjV2>&8(~rGb3zi;{VxKnWS`MH>sNiyU}|$Eu6WCAQHXhLh<>PEMkS8epChhJRjFsP z+;mfl637$h41WHe1Tc&yVdg0~C5wmJiy|Jc>P-a&(kGz9`6zCK+y#R%Y;Ph-&3h~g znV=9dLGC?s7u=KTqZ?E)B`_lf2`Yw2hW8Bt2^BFG1Qd?x41J;)tRQ*^SQ7L`>S-t= zot`i;Fd;Ar1_dh)0|FWa00b10;;U^ANWRJBUJ|{L(wwNEk!}bC2=f(&m1*_|76JkY E030tUegFUf delta 1658 zcmV-=28H?k4gC#}U4KN}$$tI)5zzty2mpYB17MA=jnC@3BU;Pfz-LtQTgR{qNxB;p zpaM~RC_&vUaA-A~Xe|QTA4Uno*ocrgZkkmsDoZdUJwW~z@ zv8~{bwFV%i)BBSb<_=j|M&u$LKh)ud5&WPipeLnAe%?WVgDk6>i* zivlWCL4zUzj4Od{iv6Y3M@e$>BhurG3^dQw>yr|Jd3UL(pl^np^TZk^YPS}BUN@LZFT0PjCH(06TGmmv| zyDhb;{p-(ddw)#r{6h*+E7yX+`H6@d5fgz&)h>+3x5nY{z1p^0Zn{gy&=wl@O>%^c z^%Ji*o(w(2e~?cb+8@98RKnqGC;(7_bIF%Bcmw0wIA#Bx6JPj~^cp&#!O%2fQh?ijwNsxaCosI^pz&DE zssX$65_s_pg&Xe}K}nL(zUs2n7udYrB_JfQPDwCIW?R!}6`cN(50=K&!i&TUG{@kl zx0m)>lb(TIla2%*=Sn%^n!oRZRy2JAp}T-iA8L})RWW`a%nj8VS#8e`DelxO4wG?!MVu(K9FbqM` zr)-)wF=9sP9Et{n-!jF;5a;o!bd_kQaErZ#It^zJ1&EYd)}H%pUYjNTbD^~cXB6u4 zF5f!AH0BMWeL?ztN4n>6s573J^n}cOWa9CWPk)O?EGF7`pvS8qr8*sJne}gPXlkK_ z$KhO~Vu6D9Sy1O4k|Mv27G+E}l#Ki5CAmp;`iZPJdaDv@!^V%a3r`jiLMo}rfcgrU zDH)?uKQ0A~8+{rg6m0cK{J2dt4#ofxj4u_5={S17-P-`s z=6?c0t4!#*Wo>EwnV-{pV{zltD^ov2T^kqyXv->uRhIGwIxQ-`t#4|J%%e@Ky&LNR!qBJ%3F!6G>XDG1CG92ml0v0)W8khkYde z6^wt`Iug{V(vU9n?2Q$j+q^vaU9S)~4;a44<4#LGUV>>DCE z-coWK=<6%9C@TfF%3i(H%qywCERKAt)5{3;L5}X0B!8o1D%X-G9c#WoQ535QTXj8K zV1J$5ESB;1tJa6{;6%X7AQ9&6lEW9j(<&NtqtEpHr<7MfX5ixc3%0cU6x26!$GCza zV9_7Xy%_cO_acbVe*F5Oa28<;FR7x1-ZZ8BB@fxK>3Zc*5cd)lS4{3KQd0AiC5MRO*-WC(BPGt2u z8@6PQvkcqG2t(fmfo;YqP%=6qp&ZI=#tCD1k)~OMPUrmaR#n?)k?0YN`%!X0h!F?C>-)X+HwiG7GB`SJ=n8)aF9Y`bvx=&y zG8F4+$3WrT)%{ant-2g1Y}awa9e+Y(_>=Av`D;1C)&Hf2+Kyy*8s2H@#w9OX&NXTO zDDs=Czo~Qx7V&_11E#E&B9JG({_1FhKZ)smI4}D5foY#Zx(22BO;$cSqudET8NrVX zjZ~LZv;&B$6U??uusrays|_o<{KO~%ZuVeU4f!e^Y=s$$8-F>l!!hH9NN?&B6dE$% zc161rJqwXvebfClqU*9TB`_lf2`Yw2hW8Bt2^BFG1QZT-lTisZo7x7(f-`yq|ECl| z@ZK;nFd;Ar1_dh)0|FWa00b0=t^0G9ub%V1@4fer=RD_pKj(S=`hHLVOa~02MgcGw6fTu$lt@8>U?402 zJ)i-gyC?vHhnH9t1@((9q^FT0%o+v)+Kg zv{V>?x^!*RGRkS=Arh9_O2yYCX+u72xk-C2AqQ#cNLN~->4a~# zAe9%l*rIOeZoNcQXI3`X4U)Cq+8sWx>fL!8I|_hHmyQjR)Tx>eM1C zlf~NVThSQ(tY+gs&d)T>us+Br8KaPVFLb4tXwhYM_k%S#Ah}TQ+*kj)DAkg;wf$eB zhr9jGTJ9V=R$|Ujj`yXT{0Kq-rBRjK=&!e%Whv!6*g=h zyDgeU(63uof*rg{Yx=FTS3gI-dDJ{>njGp!q{RKGFEO&$?0;aDTDq34yDJ+!Pq_LV z$GrIl_8ccyW{W<8&lUaNdlw{qXEg80WHm=)#bJhST!^*au-d!&9cM?WSQm`Ipa#rxyC^ z^9I|x<347K>;m;k!;UiqQWqJaTEfdw{(SI6qen9j%69YZ&gf{1W_xQ9p>e`2;gko; zEfc^Yh2G0b==&mVD3GHeJ~hB3jMvd^t2M%LGbUFJ9SN~oMfS~~WZd0~)&%tQ0}bVP za>EWYZ!vT?OP*ych4fc5mk}AftWaHh0VAY>Ey!|1n6%-%cBUCSpNN!q;1+y2uF!>9 zsD8L-ys{EGDSIoWP?U7yO+^b#%m?O7hFjXk&lHxbs*qsc5Ad z?Lyl+;)z;w2FFO*O3o4R%9giCxNG1nt68R?m@115pKMK=XupJuDBgn&-Y#DE==NZ0 z;80Wzy1wCDEEs+)#*m2_%VUlwe^@vc;l8y_?fo7pjip&w76$Bc)stjrRFi(2kQ^8> zkyBXbOL~xEw&al1=f`9xvaZlGc8lM{h2rP*mawgv8+$3tRA>_?)~>6P{?XC1G``o? zSclRK0WUI8a>E$`ZKa_*6nP|;SqrGz_W5y!h5N2`x=(-ocp5(&y~Nq{f?QBHK{>8_ z4Dq{fL~rzjlV3e&+2WG3@)noXV#>)BMN-;Kf*_TL4+2GPj!Sln30;|3C_R zH2vP=or0m>;~s(cNyE_grRrK1i-INDouIv@8}ZByIJIqImns9*-x{*~2*;sHls+28 z&c3m6l@waOYib-h5=hXQH2)ZqcePR1F^pJsKWHZ>MF;I};B;1U98%uFl7VfHb<^yL zJ{4s}0pP=bh>Zont26+3=^~!Lm@iPo|1_rqfiGb3MOg4J`>B80pIdfzWxL#`>!?AJ~To?gkT_-i6$Y*3Y?$L(*qSKaItL$aYRBbsWfdw20k4Xv?TBoWO?0uBr$@Y#imQl9;f%@2Y*U%H z%p6|443=b9Yov;6lHrbY?`IK7wX$w(E7(wZUZv$f+C15Ub|PENm^}MFTRUQoA4kw( z_cD}vXfq*Ygj;MWz2BJc!jdw(7Lrd6EsamCyb=3K4n3z>J+QYxM2GM;v9Xn$(OGK#oiI5sagu7bjaq=u*QzGmOQ3=y7=%s@m1il6<^I0`W(HsOOmb>3K7 zcg|5>>-sY)U)Njfq?i5)S`;Pn|5n4<(Cjp<$$R!r{Y-Pk0fvL9U%P&|+-Qx{N1;(d xC^!@%%|H$2hEUP4cJC8Es9R@4!ddoL?K>d-I?OW!8d`=G*5T6ci|#+${U32mY`Xve literal 0 HcmV?d00001 diff --git a/test/slash-ca/slash.priv b/test/slash-ca/slash.priv new file mode 100644 index 0000000..4916d1a --- /dev/null +++ b/test/slash-ca/slash.priv @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQDHcKT6XsNdGmjuOxKJLcInc6yPDcI+/JwqUdGR4ly+01m546pg +NdyUA475UbMX/j2bBHMK6hqif4hEq/44DvUGvx3CAuwL+dRH5Yf0lndsLixuQGgP +tPoLGGpJja2bXZjt2/pa4DMz4HkLU2CC8FBEFVaXqOofkhv9ncXahkOKUQIDAQAB +AoGBAIM0xSR9sVMP69ZGgJREyUVBIVXffFoJwAdLWm76F3/m9VGIyG6RILMzgBzf +tc3kEc1o6PJWPv2GnzRmXlGs7V6+kNpsFZw6+WsaUslhzdHqBRV2+Bonunkyo/7+ +BzUtmnd3sSvHcFHHSzS48XgEqSiBtRtvp65lJveTjHQVYL1RAkEA/bX2Q7A5ZXZG +SXnhBQzcr4uks0BE5MQZPHuadRfD/TVkdL2mI+Icy7lnhzhTA5y4YJbTeLXUh+Wa +X99S1mCCVQJBAMk9UwGQAQ5Bq+tn5XoP++YFCPb43dgoTneiFEFDP3nNy7aqqu9Y +D0N1uPJE9ISgOs0N08ajijSFji96VkyNPA0CQQCV9Qcp2u8R2WaR50fpBEEsQQ2I +JWSTEpUX+rbAnttovjYyCiY471y1zVAzzEbEy8zuyjcUEeUcrckhAY6kx0ZBAkBY +PyceQUrlOJEuauIrk8TPypdyzhFij9JRDec580ZroH5bvR22VXRkDcSroOdlHWqL +ryuWKPMbMxH16fzcFvclAkEAyHkKHV9m84Q7Fpke74BmdSj6hT786CEA79DGLLv3 +WbxzeFPDfl+QiP9vdkSYGiJY4zWe68HcZwMu9ZFpzhZDHA== +-----END RSA PRIVATE KEY----- diff --git a/test/slash-ca/slash.signing_policy b/test/slash-ca/slash.signing_policy new file mode 100644 index 0000000..fa936da --- /dev/null +++ b/test/slash-ca/slash.signing_policy @@ -0,0 +1,4 @@ +# Signing policy file for the /C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA" +access_id_CA X509 '/C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA' +pos_rights globus CA:sign +cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"' diff --git a/test/subca-ca/index.txt b/test/subca-ca/index.txt index 50f9539..4ab0806 100644 --- a/test/subca-ca/index.txt +++ b/test/subca-ca/index.txt @@ -1 +1 @@ -V 370426162710Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA +V 371110221225Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA diff --git a/test/subca-ca/req_conf.cnf b/test/subca-ca/req_conf.cnf index ce2b1ab..b946ed0 100644 --- a/test/subca-ca/req_conf.cnf +++ b/test/subca-ca/req_conf.cnf @@ -67,9 +67,9 @@ nsComment = "OpenSSL Generated Server Certificate" [ ca_altname ] # This is OK for an SSL server. -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com [ ca_client ] # For normal client use this is typical @@ -83,7 +83,8 @@ nsComment = "OpenSSL Generated Client Server Certificate" [ ca_fclient ] # This is typical in keyUsage for a client certificate. -keyUsage = nonRepudiation, digitalSignature, keyEncipherment +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Client Certificate with key usage" [ ca_none ] diff --git a/test/subca-ca/subca.cert b/test/subca-ca/subca.cert index aaa165b..8a80c9f 100644 --- a/test/subca-ca/subca.cert +++ b/test/subca-ca/subca.cert @@ -5,59 +5,59 @@ Certificate: Signature Algorithm: md5WithRSAEncryption Issuer: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the root CA Validity - Not Before: Dec 9 16:27:10 2009 GMT - Not After : Apr 26 16:27:10 2037 GMT + Not Before: Jun 25 22:12:25 2010 GMT + Not After : Nov 10 22:12:25 2037 GMT Subject: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the subca CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): - 00:c6:2d:d0:cd:2c:7d:2d:5e:96:a6:3d:78:62:97: - bd:da:51:33:95:8a:24:0f:8d:fd:14:b1:fa:b3:ac: - eb:f8:e9:f3:31:3b:f7:f3:c1:f6:e0:5a:bf:9b:93: - 22:08:ec:f2:09:55:58:44:bd:c5:bb:07:c0:8c:bc: - 7d:9c:04:66:51:b3:26:d8:d9:37:76:6e:ca:88:ef: - b2:cd:43:cf:e9:3a:61:fc:2e:30:96:90:fa:8b:8b: - ce:7b:3a:64:a5:0f:a1:9d:c2:25:0a:21:ee:ed:be: - ce:d1:ea:0f:6e:20:36:7c:e8:f1:8a:ca:6c:4e:3c: - 41:46:c5:4d:40:aa:09:91:27 + 00:d5:1f:73:79:e9:87:d4:69:c7:e0:b5:df:34:57: + d4:d1:51:a0:62:32:e5:e0:63:26:d3:72:ef:f5:58: + 1e:69:89:8e:51:7f:21:62:4e:e8:3e:22:8d:fc:28: + a4:5c:9d:67:5d:b1:53:0a:22:30:c6:0b:0b:79:ca: + 96:cd:f3:b7:b5:a5:e3:a0:13:09:d1:cf:01:30:56: + 62:2f:0e:7e:4c:6a:86:98:be:2b:b0:92:af:30:64: + 23:30:cc:2e:97:fc:55:08:c1:57:15:ef:6a:06:36: + df:17:cd:98:88:3b:ad:e6:20:6f:ae:04:4f:f7:0f: + 90:22:8c:2a:17:17:1d:69:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:TRUE X509v3 Subject Key Identifier: - CE:3B:77:9F:05:35:41:E3:6C:26:B9:F7:CF:CA:01:F6:F5:15:89:02 + E6:FA:00:4B:A9:18:82:43:96:A8:FA:84:C6:35:6C:BB:96:9B:B3:0E X509v3 Authority Key Identifier: - keyid:BD:A1:EA:81:8D:FF:F5:50:66:37:55:D7:E4:26:40:C2:A9:38:3E:C4 + keyid:EF:82:B7:F9:77:3D:79:50:9F:03:55:78:F4:6A:0D:6C:34:8B:63:2B DirName:/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the root CA - serial:DE:F4:80:E8:86:78:73:64 + serial:A3:F0:72:2D:9C:64:1F:88 X509v3 Key Usage: critical Certificate Sign, CRL Sign Signature Algorithm: md5WithRSAEncryption - 98:0e:78:59:02:57:26:43:33:cc:70:82:69:e1:a9:bf:df:a1: - 9c:3a:4b:f5:c2:eb:f2:7a:97:88:87:7e:4b:c2:5d:2e:61:a5: - a2:5d:73:76:13:e5:d6:0d:07:de:2b:23:e2:11:b5:93:3a:9c: - cc:f2:ed:61:65:15:23:2e:73:2e:90:07:5b:fd:88:49:ba:b3: - 6a:d0:1d:38:e6:82:08:5d:35:eb:fb:da:cf:5e:a5:b3:31:11: - 04:30:18:78:76:c2:da:65:4a:c6:71:47:dd:14:56:2e:77:e3: - e8:31:6b:c7:0b:9a:48:30:90:13:d3:2e:b9:3d:75:54:d3:d8: - 7d:02 + 0b:ad:64:b5:1b:78:80:10:36:50:1f:a6:c8:cf:2f:0d:2e:dd: + 35:18:e3:ab:ae:18:ef:45:7f:3d:16:82:16:2f:6f:3f:50:63: + 8c:cd:f5:99:0c:7e:d1:ea:1e:d9:a8:c4:14:09:6f:a8:75:34: + 96:ea:d8:8f:c5:f1:53:d2:5c:37:83:5d:79:cf:fa:4f:64:5f: + 14:91:71:2d:f8:7b:a0:e5:2b:a5:da:b1:8e:63:32:a3:e9:a5: + e4:e9:79:e5:2f:98:0c:ce:81:24:7d:e2:44:61:9d:ae:36:f6: + 06:96:9e:dc:f7:8c:9a:94:bc:65:0c:6f:d1:5f:92:61:b7:06: + 76:3b -----BEGIN CERTIFICATE----- MIIC/DCCAmWgAwIBAgICAXYwDQYJKoZIhvcNAQEEBQAwWjELMAkGA1UEBhMCVUcx DzANBgNVBAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxh -eGF0aW9uMRQwEgYDVQQDEwt0aGUgcm9vdCBDQTAeFw0wOTEyMDkxNjI3MTBaFw0z -NzA0MjYxNjI3MTBaMFsxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzAN +eGF0aW9uMRQwEgYDVQQDEwt0aGUgcm9vdCBDQTAeFw0xMDA2MjUyMjEyMjVaFw0z +NzExMTAyMjEyMjVaMFsxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzAN BgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEVMBMGA1UEAxMMdGhl -IHN1YmNhIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGLdDNLH0tXpam -PXhil73aUTOViiQPjf0UsfqzrOv46fMxO/fzwfbgWr+bkyII7PIJVVhEvcW7B8CM -vH2cBGZRsybY2Td2bsqI77LNQ8/pOmH8LjCWkPqLi857OmSlD6GdwiUKIe7tvs7R -6g9uIDZ86PGKymxOPEFGxU1AqgmRJwIDAQABo4HPMIHMMAwGA1UdEwQFMAMBAf8w -HQYDVR0OBBYEFM47d58FNUHjbCa598/KAfb1FYkCMIGMBgNVHSMEgYQwgYGAFL2h -6oGN//VQZjdV1+QmQMKpOD7EoV6kXDBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG +IHN1YmNhIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVH3N56YfUacfg +td80V9TRUaBiMuXgYybTcu/1WB5piY5RfyFiTug+Io38KKRcnWddsVMKIjDGCwt5 +ypbN87e1peOgEwnRzwEwVmIvDn5MaoaYviuwkq8wZCMwzC6X/FUIwVcV72oGNt8X +zZiIO63mIG+uBE/3D5AijCoXFx1ptQIDAQABo4HPMIHMMAwGA1UdEwQFMAMBAf8w +HQYDVR0OBBYEFOb6AEupGIJDlqj6hMY1bLuWm7MOMIGMBgNVHSMEgYQwgYGAFO+C +t/l3PXlQnwNVePRqDWw0i2MroV6kXDBaMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFDAS -BgNVBAMTC3RoZSByb290IENBggkA3vSA6IZ4c2QwDgYDVR0PAQH/BAQDAgEGMA0G -CSqGSIb3DQEBBAUAA4GBAJgOeFkCVyZDM8xwgmnhqb/foZw6S/XC6/J6l4iHfkvC -XS5hpaJdc3YT5dYNB94rI+IRtZM6nMzy7WFlFSMucy6QB1v9iEm6s2rQHTjmgghd -Nev72s9epbMxEQQwGHh2wtplSsZxR90UVi534+gxa8cLmkgwkBPTLrk9dVTT2H0C +BgNVBAMTC3RoZSByb290IENBggkAo/ByLZxkH4gwDgYDVR0PAQH/BAQDAgEGMA0G +CSqGSIb3DQEBBAUAA4GBAAutZLUbeIAQNlAfpsjPLw0u3TUY46uuGO9Ffz0WghYv +bz9QY4zN9ZkMftHqHtmoxBQJb6h1NJbq2I/F8VPSXDeDXXnP+k9kXxSRcS34e6Dl +K6XasY5jMqPppeTpeeUvmAzOgSR94kRhna429gaWntz3jJqUvGUMb9FfkmG3BnY7 -----END CERTIFICATE----- diff --git a/test/subca-ca/subca.p12 b/test/subca-ca/subca.p12 index 1c31c2804b7eceafdda96f0b87aeabc899e79982..960f007cd07c8dc84af9eb9492f5fd741d9892fb 100644 GIT binary patch delta 1658 zcmV-=28H?k4gC#}U4P-%+uz_g*bf2%2mpYB17K~AQq{afzF5u}dNE2(d1@{8YzdVo zEB!OTozK?&bjmGNY^)zmLj@o35q*lg2Q0Ywe4Jk6teCXZ_~|>X_<9rMWatK+gJ{xo zxN{gai+kaaw1nt}9fAtmuaQFcb;ZhtE+AXG8*!|=u@E84ml zi65DSr~1L`joW2DOhKsMU*)JsXjRH5AL#3qije7cJr{`ABqR)1X3Ud6T~5iGC)Twt z$_Pl8K}U)eYEwH3-!C1LQmo6xIt2<1qiitbNEvE@VIV3reT4yFy^&M4AgeJ_} zZcq*WhN+-@<9~S-AC-`<^iu>u1|azU2NhIGWQ#x*-Hivcea`&8g<)*121}#x9aN`_ z^0giNisIn`8RFSEH<3@aza8B;w^B3D&bRphl4Mt=u&?URZdSlHr{TfQqS6EijfLgU zK5g5{BXWg@2;-q7h{s)eJiptwE9E+Fr@UdD_wu!s0)J{Ij7@SCKc%7%`?X`z-@@*M z;8F#eLvny2VI-ICBqaObs@-yu>PJy1in(A85MYrNe@&voDRY*ZSU3W@A9^}}^#51< z!vM914M{}8Sx|0=X+{+ZMG{;QqlhQ*8Z{Mg`cYA=Qr+ZcCIiPv@91$SyA6g13TzX( zpA0Q#@qaYq*riVb;=kSn%LpGjp;C?;9YsFl^!-`^ZM2qur;p@y#=0#Ex=+vrl=NuO z>gku1g0t)`6N?AGTzC$-u>Z9H`dczCaKij7a^pMRg_}RDc6LUlD#<^}#2**UT8t*Q z>L|4#)X5PxqKLzW*9==+laIX^L_?T|(fdV;uYc7i`;CyFW$G}jk9refCG%>C`cRL- zm0*}ALhAf0^W+)BjSKX;x)A22hJ!GyYu)c6J4EES*;3GAAMKkyvNfT@tQdi4shdbz z0G@T8LKsC-w{K^+js))5&C5PCvKfR3GW#+29>f_>XLG?u7j~>cSEL>@$Qf{$GA9U* z)PFEy7xhWPmx@t2cuT-!ouE_b`x5Pov>#&shJD&xi%*yaeHHI^&Dj?Fp700|gVtG1 zt zxi&Ys(fd221$t>ZQWnu!FoFX41_>&LNR!qBJ%1Jr0(0_xgSP?#2ml0v0)RxkgEf@I znBMZXHC>4#l0qXFNd~@&JM=rWNAT38#fS{n9tw1abc`e)7(@?z$5f>^BQc|PVz@-~ zp)#4oroue-%rwJUPl77^F&;<7uq=k7jt$$lCT+yPhgyCaM?16Ur`-Eov3DOO3+T~f zXMe+K_ME#jbmQZG-?*EU*_6U^=-?Zo!PTA0EbzOQ{`ar-84L?Mzg~u!C3hw0s!$mY zFC-*KI%X;YQAg?aUD0>BE_HV{QM`&?whV0er!@J`RGCg{ZlLWTqx1G{->e|nVp z4$yDsy6Oc5&TFL?)Dj>uQ*j!F6p_DF9e*L88Z5qvp^A+u49?gKQV0gvrf{;?bF6k+oGMR^*DrX{Rp(r^j#?jAl*|Q48r`s>RBp!d=#CnS zw<~5_EC~YW%z(C*&uLv&7=D_C~x0BUH=A@hnrkUPas1VTKb2x5B>RL;k1Xhu- z2>~FfskXu(Q(a4!mF?tTv-Q^F5r01v%#rXyP!FA*liku`avfUVpT406t<-6~M?#z! z?`z%W;mym~i6Gn3N&D~^kK!PAngVXW@!L`aohaGKD%=NxR&$5IbexG{4Thnp%w=PF zu!#0YHrm{=vc$P?wG^kDDuf~!`5t?9I>NX-$xqCe$**=z(?H_L?(3x!Yj5F4G$SBv zGFcWDtFqznIwUhO`e}hNB`_lf2`Yw2hW8Bt2^BFG1Qa8NM$3_U>0^1_>zh#%z~y2W zfX^^7Fd;Ar1_dh)0|FWa00b0A}4CsoXrJT)HYn5ucnL+q_*M2iE!6|Mj!B_!O~q}}vxnoFG`ZQo(! z6PqAV!B82aBW9vis}$z2@;Xerx|KkO$JtN}CD4H$Cy;!sPK7ReI-AX3*!C&=?q#yZ z#fEJFK9vfj*nc(_ny({MW2Fqk;!>Oh@1{tVqvD-J9%R-w%osHQ$3Yy`Px`Se| ziZ6xoifSnOEapIjjm!q_VkU)?4HEOwlJ3-X*hL)vDdSE-px$R|m;Vkw8wB4!xH#8V z0iX%Sz&!;H7AE)EwW2T^3DF^#rsv^f1K8Yga3 z?td%G>b5pgm>->VR6JTw7cfyn5Tp!{Qj}euy?{|;wz^2w59Pd_KNQLgC1FAFUi3$U zpxqwvU<>(C`+mN3%f|Do*tVz%m+OK4En0QEGw73fmF~GjmY`bN$eXc03$S0UX1D@s z>QtR3fLv^Ead`e&LNR!qBJ%4Of2}EpbyG8;62ml0v0)W=PUA<(I z*607+4Dlb0N|f)S8nx_snwn>~vt_;jh#Zb?)_qNfXFDBfl4x4x-YN#^VEdSEq$P#> zHOzfHXKM=WLmm_t<&!Oba#dMJ#&vE<6u+1u{5;rFX$Ozzsw-07I^m#aQtS-YUesrA zV}CInee6#hqICowDPmWRl32r0jxYEaKzw8usZ>Y46<1w93v=mG6DyGj(AW8@W)^0@ zBtY%g-hO^LV9}aj*#ZoXNs81;VEaB;7m!$6>Rh*NXI$^KTeGV+sSiL%cd0f9OUqJjQ(dbH&vk1u|g_Rs+-o2;}$C6ebT4vH}7K E0LhCJy8r+H diff --git a/test/subca-ca/subca.priv b/test/subca-ca/subca.priv index 3a707bf..7d012ea 100644 --- a/test/subca-ca/subca.priv +++ b/test/subca-ca/subca.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQDGLdDNLH0tXpamPXhil73aUTOViiQPjf0UsfqzrOv46fMxO/fz -wfbgWr+bkyII7PIJVVhEvcW7B8CMvH2cBGZRsybY2Td2bsqI77LNQ8/pOmH8LjCW -kPqLi857OmSlD6GdwiUKIe7tvs7R6g9uIDZ86PGKymxOPEFGxU1AqgmRJwIDAQAB -AoGARDzmVp9pAsQ9D0S/PQOOxauMHYORYyG68PNPpap3HiBAMsW5XN9+yEW3EDSb -VYNw27HdUN4fRYUn0c3dWmlRaVkfUAtHx1VhcsTfWRxp+FN4enl1HFvi2ji/5UYd -e8z2GumVgwthxK1mGS2Q3pRB/VobGrX1r8384r7qCqRVyUECQQDns994mE751SyD -Aa53ifeh85hbT4kJDN3wjOpQn++JuLu4qWoUHhRFXKD2DL6+TOewD0Y9iAkUAyTN -yuUpVLBRAkEA2vX9aMqv9qPQqBzwScbJQr+YMND363OKwrvQa2ed94O8oFwl/+vC -C83TV5eLxUinfFsT0zNMca3eIQVqBPqD9wJBANp4LcPlyMGkkN3N3hV0j3uy1fty -2QEhkrrYA6+VviSbfNU3WIAzhGWKW3LkvY1tsh+9pzspY3XtKOyp3L3FzqECQGiO -tL6YoyQ0n4vXncqtGSg9k3AkKW8OkoFg7CqNpTovdyBgQGkP7G50j+ow3LaNdiUE -3NeqlGNocjz0d+b+tYsCQAhOG1xXly1tBduUJTQ+V5Cs9fKG7nn9QftCe53CocPS -RHQFd6d4WYZjhxorAduJf5gVXWU2tdyhYqY239dVxhY= +MIICXAIBAAKBgQDVH3N56YfUacfgtd80V9TRUaBiMuXgYybTcu/1WB5piY5RfyFi +Tug+Io38KKRcnWddsVMKIjDGCwt5ypbN87e1peOgEwnRzwEwVmIvDn5MaoaYviuw +kq8wZCMwzC6X/FUIwVcV72oGNt8XzZiIO63mIG+uBE/3D5AijCoXFx1ptQIDAQAB +AoGAMFIYMXz0UgHF0roJqGl9lBPoxDr8CbsRU4HMzBi1lIIepXWokQyI9YWKIbDp +SyJZDFInHLYRzuU0LeHz/TAT546P7i3ev2y+GWyjbCEumUShH4zGmNozqvRk7yo4 +KuNoRR6Tj+i+JgLuiCNWmEN7tQubG3F7VATOMulOtFWacSUCQQDrfY5na97a5hu7 +T61cLplCNGHjMsl9W4EvU6Zng50f4VEldwHLdqaxrSSx/inH3zyJjGHSlu828oxw +hjS8fverAkEA568xFOKVL9zh3zs4yrYzzLW5Qq+eWPmGPE6b9rnzIgBPlcyRSKny +8bV0V4da/PKTNDv0isgLne5gT78CGdxEHwJAB7CF4eKn2EYDSc6EPqpW3s6PE7go +1CsUwNLecCrgCpZ06+BC8r3hG5QnypgeDSTA+UzYNOQw036AD3ySZEVRGQJBAMfw +Q24fn9mfR/mqlPczR/6YsNkgz4k/RR3URPomPPERzZyb3qETsQnwqwdCUz5JZMnG +F+KQgp33cnw/fWOt18cCQAdLfkgCNIpthWDNgtNl6poDdLO1O8tF/D072GBIaN+L +z4N0Yh4o5zqpZo1yLev0hUZtWqcoYnDJBdcy8suL/xM= -----END RSA PRIVATE KEY----- diff --git a/test/subca-ca/subca.req b/test/subca-ca/subca.req index 1e0646f..7fc9ef7 100644 --- a/test/subca-ca/subca.req +++ b/test/subca-ca/subca.req @@ -1,11 +1,11 @@ -----BEGIN CERTIFICATE REQUEST----- MIIBmzCCAQQCAQAwWzELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEPMA0G A1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRUwEwYDVQQDEwx0aGUg -c3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYt0M0sfS1elqY9 -eGKXvdpRM5WKJA+N/RSx+rOs6/jp8zE79/PB9uBav5uTIgjs8glVWES9xbsHwIy8 -fZwEZlGzJtjZN3Zuyojvss1Dz+k6YfwuMJaQ+ouLzns6ZKUPoZ3CJQoh7u2+ztHq -D24gNnzo8YrKbE48QUbFTUCqCZEnAgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQAr -HDqquBnfR1ZvErqw3A7u3m1wq+wWzGvc/AU66wX5pA0n8eGGRoB7AX/VIxowgbQk -415R37S9kUbVc2vW7a4Qr+cAhyiknVOWcakSjf7g5tzg/KYawA1kvvzxLV6dTZhZ -ACTnvCY3Q2DDcvkOJ+20PbACPRpbWbg9ekZYkHq3VQ== +c3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANUfc3nph9Rpx+C1 +3zRX1NFRoGIy5eBjJtNy7/VYHmmJjlF/IWJO6D4ijfwopFydZ12xUwoiMMYLC3nK +ls3zt7Wl46ATCdHPATBWYi8Ofkxqhpi+K7CSrzBkIzDMLpf8VQjBVxXvagY23xfN +mIg7reYgb64ET/cPkCKMKhcXHWm1AgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQCu +GI9vFDB0cw4Y4y+zlHDRMlX8ZxggdpwEo38wJt7U9VVYONTGwkZ7/iVsRkuaEA/g +JQpEeQX+NwPkUHDBw+SoG96lNKV9LfZXtVFWttUoTSA/3JsJbqmvhOMpQdPUxtxZ +dNagZllbIqYrI09dwM5Q4TZowD5pGNfuZr4pzZEIlw== -----END CERTIFICATE REQUEST----- diff --git a/test/subsubca-ca/index.txt b/test/subsubca-ca/index.txt index 16acbf6..3b916cb 100644 --- a/test/subsubca-ca/index.txt +++ b/test/subsubca-ca/index.txt @@ -1 +1 @@ -V 370426162710Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA +V 371110221225Z 0176 unknown /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA diff --git a/test/subsubca-ca/req_conf.cnf b/test/subsubca-ca/req_conf.cnf index 40a418e..47a7368 100644 --- a/test/subsubca-ca/req_conf.cnf +++ b/test/subsubca-ca/req_conf.cnf @@ -67,9 +67,9 @@ nsComment = "OpenSSL Generated Server Certificate" [ ca_altname ] # This is OK for an SSL server. -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com [ ca_client ] # For normal client use this is typical @@ -83,7 +83,8 @@ nsComment = "OpenSSL Generated Client Server Certificate" [ ca_fclient ] # This is typical in keyUsage for a client certificate. -keyUsage = nonRepudiation, digitalSignature, keyEncipherment +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Client Certificate with key usage" [ ca_none ] diff --git a/test/subsubca-ca/subsubca.cert b/test/subsubca-ca/subsubca.cert index 648263f..bc1c7fb 100644 --- a/test/subsubca-ca/subsubca.cert +++ b/test/subsubca-ca/subsubca.cert @@ -5,59 +5,59 @@ Certificate: Signature Algorithm: md5WithRSAEncryption Issuer: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the subca CA Validity - Not Before: Dec 9 16:27:10 2009 GMT - Not After : Apr 26 16:27:10 2037 GMT + Not Before: Jun 25 22:12:25 2010 GMT + Not After : Nov 10 22:12:25 2037 GMT Subject: C=UG, L=Tropic, O=Utopia, OU=Relaxation, CN=the subsubca CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): - 00:bc:29:f6:02:17:f1:46:b2:28:0d:50:1d:f5:b3: - 90:1b:ea:43:ea:cf:58:eb:fe:91:21:64:59:78:d9: - ad:dd:cd:82:5c:1c:17:b6:75:74:fa:42:96:1c:b1: - 1f:a2:76:ab:06:e4:ff:28:65:49:08:ed:b1:92:c6: - 25:7d:ad:dc:2a:23:ab:b1:bf:06:71:27:70:2a:2d: - ed:3c:dc:1b:bb:ea:ba:11:20:9a:d7:9e:9c:62:18: - 27:bb:05:74:b5:50:44:33:72:f5:fb:37:a3:00:44: - 55:67:74:0e:84:ae:5c:72:68:30:01:6c:0f:c9:bc: - a5:c1:94:e4:2a:72:26:ee:e5 + 00:a3:62:4b:b9:26:fd:18:af:c6:4f:4d:58:28:af: + 15:55:ab:37:93:55:4b:a9:b8:b6:9b:1d:b9:3d:e1: + 59:76:cf:d1:40:08:c4:85:ce:f0:9e:71:d6:a1:7c: + 4b:b5:6f:c5:c3:90:ed:75:b3:50:1a:86:41:b3:1f: + af:d5:4f:df:9b:a7:df:9c:2f:2a:8b:86:e0:29:3a: + 54:7c:e5:93:f6:0a:df:56:3f:0b:b1:1f:fc:3b:8e: + d6:ce:fe:69:67:96:dd:05:a5:1b:c3:3a:cd:5a:1c: + 66:4e:61:68:02:8a:f1:72:cd:5e:48:9f:9d:c9:1d: + 34:94:2b:9c:0c:b8:f2:0e:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:TRUE X509v3 Subject Key Identifier: - 1B:F6:7F:35:4E:C6:B8:06:BC:67:63:FD:A4:93:D8:9E:1F:D1:C0:44 + B3:01:BD:FC:C1:F9:7E:2C:B2:50:EB:5D:48:E6:70:01:4A:EA:D9:A4 X509v3 Authority Key Identifier: - keyid:CE:3B:77:9F:05:35:41:E3:6C:26:B9:F7:CF:CA:01:F6:F5:15:89:02 + keyid:E6:FA:00:4B:A9:18:82:43:96:A8:FA:84:C6:35:6C:BB:96:9B:B3:0E DirName:/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the root CA serial:01:76 X509v3 Key Usage: critical Certificate Sign, CRL Sign Signature Algorithm: md5WithRSAEncryption - a3:f2:83:56:21:14:83:51:b5:65:0e:9f:58:dc:f3:67:13:a3: - c3:d5:96:35:8e:bb:8a:85:d2:c8:e7:c2:12:63:51:04:3b:c2: - bf:a8:6b:09:91:0b:ed:2d:24:d9:eb:2a:7f:73:ef:13:51:d3: - 30:44:d6:99:46:62:f3:fe:af:9b:71:e5:fb:96:6d:0e:f4:ee: - f2:9a:18:88:4e:2d:7c:7f:7e:73:16:52:82:e8:06:2b:49:60: - 40:0e:be:6b:c8:e4:f1:75:0f:9d:8d:52:f7:ea:c6:e9:70:4e: - 0d:d4:64:73:9e:fa:0c:e9:25:72:e9:40:14:77:aa:6e:e9:55: - 85:34 + 90:b5:c8:ff:be:44:41:4a:99:73:24:5e:63:59:a9:50:f2:22: + 85:84:95:db:47:34:ea:ca:45:10:a8:aa:49:4a:d5:20:5a:87: + 23:c2:d6:67:ff:6a:0c:36:e8:e3:7f:e4:4e:70:89:15:9a:8f: + 72:71:d5:2f:b4:18:fe:1d:b7:89:f4:4e:f8:d5:bf:93:b1:c2: + 9e:3c:9a:c8:d7:a8:86:54:33:d7:c4:fb:7f:80:a8:cf:d6:09: + ca:46:f7:ae:dd:70:12:68:24:2c:dd:49:21:9e:dc:60:78:2f: + 45:79:ae:7b:a1:9f:54:da:a3:ca:91:13:95:bd:c6:e8:be:4e: + 02:3a -----BEGIN CERTIFICATE----- MIIC9zCCAmCgAwIBAgICAXYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCVUcx DzANBgNVBAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxh -eGF0aW9uMRUwEwYDVQQDEwx0aGUgc3ViY2EgQ0EwHhcNMDkxMjA5MTYyNzEwWhcN -MzcwNDI2MTYyNzEwWjBeMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMQ8w +eGF0aW9uMRUwEwYDVQQDEwx0aGUgc3ViY2EgQ0EwHhcNMTAwNjI1MjIxMjI1WhcN +MzcxMTEwMjIxMjI1WjBeMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMGVHJvcGljMQ8w DQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xGDAWBgNVBAMTD3Ro -ZSBzdWJzdWJjYSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvCn2Ahfx -RrIoDVAd9bOQG+pD6s9Y6/6RIWRZeNmt3c2CXBwXtnV0+kKWHLEfonarBuT/KGVJ -CO2xksYlfa3cKiOrsb8GcSdwKi3tPNwbu+q6ESCa156cYhgnuwV0tVBEM3L1+zej -AERVZ3QOhK5ccmgwAWwPybylwZTkKnIm7uUCAwEAAaOBxjCBwzAMBgNVHRMEBTAD -AQH/MB0GA1UdDgQWBBQb9n81Tsa4BrxnY/2kk9ieH9HARDCBgwYDVR0jBHwweoAU -zjt3nwU1QeNsJrn3z8oB9vUViQKhXqRcMFoxCzAJBgNVBAYTAlVHMQ8wDQYDVQQH +ZSBzdWJzdWJjYSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo2JLuSb9 +GK/GT01YKK8VVas3k1VLqbi2mx25PeFZds/RQAjEhc7wnnHWoXxLtW/Fw5DtdbNQ +GoZBsx+v1U/fm6ffnC8qi4bgKTpUfOWT9grfVj8LsR/8O47Wzv5pZ5bdBaUbwzrN +WhxmTmFoAorxcs1eSJ+dyR00lCucDLjyDo0CAwEAAaOBxjCBwzAMBgNVHRMEBTAD +AQH/MB0GA1UdDgQWBBSzAb38wfl+LLJQ611I5nABSurZpDCBgwYDVR0jBHwweoAU +5voAS6kYgkOWqPqExjVsu5absw6hXqRcMFoxCzAJBgNVBAYTAlVHMQ8wDQYDVQQH EwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEU MBIGA1UEAxMLdGhlIHJvb3QgQ0GCAgF2MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG -9w0BAQQFAAOBgQCj8oNWIRSDUbVlDp9Y3PNnE6PD1ZY1jruKhdLI58ISY1EEO8K/ -qGsJkQvtLSTZ6yp/c+8TUdMwRNaZRmLz/q+bceX7lm0O9O7ymhiITi18f35zFlKC -6AYrSWBADr5ryOTxdQ+djVL36sbpcE4N1GRznvoM6SVy6UAUd6pu6VWFNA== +9w0BAQQFAAOBgQCQtcj/vkRBSplzJF5jWalQ8iKFhJXbRzTqykUQqKpJStUgWocj +wtZn/2oMNujjf+ROcIkVmo9ycdUvtBj+HbeJ9E741b+TscKePJrI16iGVDPXxPt/ +gKjP1gnKRveu3XASaCQs3UkhntxgeC9Fea57oZ9U2qPKkROVvcbovk4COg== -----END CERTIFICATE----- diff --git a/test/subsubca-ca/subsubca.p12 b/test/subsubca-ca/subsubca.p12 index dc32138e74147560519ed4dcf5862016cdea2dec..2d21189c1fbf1f5d57651c71caad1fb8e3be9d20 100644 GIT binary patch delta 1658 zcmV-=28H?c4fPF>U4K;|bEhkjpcDcE2mpYB16WG4gegLpR!;e-ZN`okYqG12iV9D!i`ZlunwJ%~JE!SmW#hngbzC*s)Xl zJGn(J97|p7aW@KHgTIoOpC6=!#pmM)pznRC>1+2#KgcZ2h<_YgOJ!EGO0K3_u&>qO zf>2Vd6^L@W;a6U|)0iJXX=NMNna2=dFis+W(eVUCLZju$P)Bj9!3P zit5N~>Iw&%Bj^9kJ-6Z9vMRl;xP-LBOTV!3jwCdO3EbVq*k+TEwSD_IHLgEA!+Kvp z7g#lEAb*ogGFmCUQTMEYv55>Cjt#GPV7lItRcj3I=y+zQq*dyn_*UjonSmq0g!`l+ z^x}iOxG;fL_uu~nB|ex_-edikDOtx}bS?Lfv+z9%eYkgE8IO-#CX^iwaVcq}@|917 z!fYh<1$9Tjjg~-Z${Jy0Xq)IM!?a)gH+RrPlYhPPlR(qZKxOoZ!j3^*OM^BIqEEmc zF2jso9iG}2I+%N?_n2__EPvW4Jw&yI0XKx{x zv3~}=lA7PG*tpoQVZ4A~rY!p&JGC#sW;-(t#%~4@<5HoD6ZL{YQ`OWZ4 ziE|aGD5l4M`j?v8x1=(|7*~O*a})x2-~j32;Jlr|ZY=yzO`(BBu=g=>)WR5$Y$pSF z;L9Wc{(O&FFoFX41_>&LNQU-S);>D1wj%)5I<(1j=*J!_U zEPu(4oLa<1J*zV&8}kBIRZj7>i%1mVs%vJqkp=sLF`NbvIfEU%PENTf9xT+1j#f#2 ziwlADlRVyJuAlhG`Bm`?uo=9bz0}!wp$5N$YnK;kth8j>YlLtNC!zDfJzn`@!i`+5llk!zjn%K!4u6Yj90DSizu?UA280aS`6z<)Loq@hH$Y^x z4!s$T<@ z1A}u25?{m|iXkO!&TP-$X;dLkvFDMpm>)I9&rNa^_5WYR>AGCBMnv2z<|fd7IJD zjIp-y&SjiF*;W9qBW~Izv}WrhZQ1b%Xc=h(tir(^AxYhVCsKf1h{_jFajmA;^K&s_ zu*{T6Og0)+5pvZB-wV|47HauIUVn1{?NtsAc%PJeyxSISX5}MQu~HZahuy<$21m-a z)xVdNP%dVK<#C|ardabI!n-1Gx1+)y(Bvt~@qz*8n}mPBi1E5ZTgjzwR|a&k0b9Sj z0Y?Qi>MzBY@FfxEm~^u#d(g6HT0TXY<^JcadnB`_lf2`Yw2hW8Bt2^BFG1QZH=d|~^wG4m@mgsZQ=YBzzK z4lOV-Fd;Ar1_dh)0|FWa00b0y!>G+fn`0LyHg*RMFK)H6tkv@b2wvx)9~H^b2?7EL E0GPKNU4Kdv;|Q#IHR1vS2mpYB16T+Nu@yWbzR8a~*EBfgz>EfptQg6D1^|;ftlxX4+N-1RkIJ;k5gR2JJ6u=oW zaRwC@DU9hJ&2>IwM`!ep8pTVfuGtOEQHZi%MLLNv)B-hNt$!qg>vD>e_`r0}X3G_! z3g~yyIf?e(LNZ(weGOB4F@NaiN0~P1ma2|WVyvme5;%yG6~tw4ZkIO{CZ)9d^bVrO zQ~X{uc-?ATm>MltXiAYnf6665eBc!>qDtTim|T?gu>C9$7$+VX0D!NtA9&I=}0`pLyM@TuEG!Mi$+wt zE-E1_0i#2l`^E?fhRME*4snU{P)^LC{=Ve|p_tB~a^KVLKE8#%V&!|Lg3mCel5c>< zT2LQuJIDv=*1^z8-;LUt)~;+xeR$)o4G%mGt@fY8B~g_ZS@ z=6^=Ni0V{mr1d{gF+Y3vQfFlY8{FN?5BgISK?+8E62-KoW8R==ia~610T91xB;t3< zS7>1Ihe8}0Bd=IR$pqmUL?zr;hy=RbXxShzNb3MW`qxAbX@w4tJ+C(qrOJ7_Ft$+X zXYh3Kh{tGSFoFX41_>&LNQU+Fgg+*~?s;<-Bo_+IB6O&}Y(}7)z2MC@wl)&wVOTP%2FNs&?Ku<^E zu78W{p*Sf{GH^aA5{Me^C%eaNFKpA#cefbck}(qFx2i(Y9AbOw9pz%CK=bVb7NhU1 zh)8JSG**3pYMGNnX0jtF|RYCN;m6dV4_hlHGH4E-+ z3|}}QJ&`jdFYPe%T@N5`%lIyZ7O9XCs((z;bJ~srTX=2J8fl0&<4kowxluwCW5^gt zaKk_y@FLMFz&N>C!qY_tSBe_eVuS|VQZjeRm}VAFE$NR%l;V!?vH|Vs*u{KR)eyQv z%>TfhG8GU=*>10i*&iu%^X zNj;KmvRPv^X5e4Jqzbj+L=;Japn3~#JfsI{33!+OzKlAh;uIgAG8er**WM>2xuk-~ zLIc$V4Ue#eJxZ%Q&KzSYuA-zgn2$GEPVmu)3gv7?nc&Vvg7@}YDea;^m2V4seyLfR z?((jl;^$apV(Dv1&t8u)B`_lf2`Yw2hW8Bt2^BFG1Qf{4)@dZ@@9;&!&aMKMo!@)i zi;^%gFd;Ar1_dh)0|FWa00b0-#@uviSFxm8rd25x_UwM^pQb(p2(LEt!cA4GC;|cq E01$K@kpKVy diff --git a/test/subsubca-ca/subsubca.priv b/test/subsubca-ca/subsubca.priv index 3076cc1..479abc4 100644 --- a/test/subsubca-ca/subsubca.priv +++ b/test/subsubca-ca/subsubca.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQC8KfYCF/FGsigNUB31s5Ab6kPqz1jr/pEhZFl42a3dzYJcHBe2 -dXT6QpYcsR+idqsG5P8oZUkI7bGSxiV9rdwqI6uxvwZxJ3AqLe083Bu76roRIJrX -npxiGCe7BXS1UEQzcvX7N6MARFVndA6ErlxyaDABbA/JvKXBlOQqcibu5QIDAQAB -AoGBALH1wa0DNffWAZltv5gk5tPwAaIvzvsMPfjl7tUkk5MmjfdNvoObnTIgDdc/ -EhtWvrR7mnN7L9MY84xMiSLPb1xwS3uAGYDTtMpydOdWZZYwcoZMM36YjXYFgqvl -QW4Kcfi60/gWW7TMp9329M8ibDyAomDfd1e0Vg//g8zjnRg1AkEA3RoZkhT9/8rn -z3Sqg8l4ys6VUuYBylPPSjPLbTKG6oX5PWKyQw3GrJrN/2NpOE21/QPfvmIBsJlC -35oG479s3wJBANnc9VmEERy139BjQse/1lHJ5N83Cy64smE2Bm9TxkbIhvxZWO31 -f5sSU2FFGq36fHJyM6uJ3FX0dtq1sNsSmLsCQDPKJEkyf5iF96yBYFuEOrYOk62a -ULsKzJhN742Bc1bF0O7PCoBoXqwZir0SlRfqJAHDAYq/vDOYgrCLjKeWNDMCQQDV -onew7PF+ztYHWZ6dk39NOoZFYIuFqDW7X6fVuTegJ3k+sTqkNW2JGeJLauEro4ov -C8+hMZGvdAaslygy2ryLAkAJEow6EQXqtve6enOWk6SYeTJ82hKBc2L8cQeUA2jR -fVDfECxJoC3IezBZzhuMkmX0BL7n6GxhyFOmdg2uqJ2h +MIICXQIBAAKBgQCjYku5Jv0Yr8ZPTVgorxVVqzeTVUupuLabHbk94Vl2z9FACMSF +zvCecdahfEu1b8XDkO11s1AahkGzH6/VT9+bp9+cLyqLhuApOlR85ZP2Ct9WPwux +H/w7jtbO/mlnlt0FpRvDOs1aHGZOYWgCivFyzV5In53JHTSUK5wMuPIOjQIDAQAB +AoGABUUscCKD04IIAZLbHyTWqVbGiigcMrNUoJhK22YjfqOhelFOFYrhVBsT802R +G58pX++S2VMZaGGgSOjiwRy8d7m1/8KNgvKl62w827pLz9qVTHqBBZaXevk5frvq +6r+9pt68aDkfwjPCfWxR4JtzfFjb41uQ97Ko98MgV77vaTkCQQDRKkLoyJN5d2so +IhEnXiJ7aJh8BVbi0FkqYERC4Dc9x2BIUwDAPttrj+ELV+aM8uJNngVIgKr7FaZd +WjgQq4JzAkEAx/fGMiBlBU/JrWjrPWsXU76LaL8i0rfs9rEoePl8j0mk1MIascd+ +BcOihWAp4Ot0mtku0d3+c2rtT1WVxirq/wJBAKTK+SBSNu6ySXi7Lmyn298DD3BW +/JeCs12RrvZJlPxVguQ4kRTl8RYTq6i2Pmy6R9YDNAJlbVCZRBO0qwtnNUUCQEtP +a5txS9qGRCRFAWNuM6jceFCIu6q0jlASRHXbMCgeyi8+syMFSNcO6ORmZR9KTe4L +oXB0tOHvAVUBnJi3jS0CQQDFIV6RTqWkmpksKhD/PRaqk+zu3abnUvdKdPHDOvmq +xAKyG93OYhxifcMiSQ/Ca/ty/OWKdpW2841Ss7EQkJ+r -----END RSA PRIVATE KEY----- diff --git a/test/subsubca-ca/subsubca.req b/test/subsubca-ca/subsubca.req index 82b5437..72fd5f2 100644 --- a/test/subsubca-ca/subsubca.req +++ b/test/subsubca-ca/subsubca.req @@ -1,11 +1,11 @@ -----BEGIN CERTIFICATE REQUEST----- MIIBnjCCAQcCAQAwXjELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEPMA0G A1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRgwFgYDVQQDEw90aGUg -c3Vic3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALwp9gIX8Uay -KA1QHfWzkBvqQ+rPWOv+kSFkWXjZrd3NglwcF7Z1dPpClhyxH6J2qwbk/yhlSQjt -sZLGJX2t3Cojq7G/BnEncCot7TzcG7vquhEgmteenGIYJ7sFdLVQRDNy9fs3owBE -VWd0DoSuXHJoMAFsD8m8pcGU5CpyJu7lAgMBAAGgADANBgkqhkiG9w0BAQUFAAOB -gQBeHdKgFoI8OGM2Xc2j00eBVGYsxfIXjYsagPuyLxG2+WbQjsQfSlehDvJcf5E/ -g/iHI++poo36TcWnLh+YGcEP0taOp2O9wBNXGDWX3KGKdQ5XLpkPiGHG5Zvhkx7a -Y4KTlUw4GnfWYciHbzjK3ZGL//jwgvHJNJ6/Iw5bDpNGfg== +c3Vic3ViY2EgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKNiS7km/Riv +xk9NWCivFVWrN5NVS6m4tpsduT3hWXbP0UAIxIXO8J5x1qF8S7VvxcOQ7XWzUBqG +QbMfr9VP35un35wvKouG4Ck6VHzlk/YK31Y/C7Ef/DuO1s7+aWeW3QWlG8M6zVoc +Zk5haAKK8XLNXkifnckdNJQrnAy48g6NAgMBAAGgADANBgkqhkiG9w0BAQUFAAOB +gQB4zVl0voUx8pxl4EwEdCf91itnFjDHMo+nvbClc8EMBLuTabxkRDWzQxTTQeL7 +LfBfyqkpfTHAOGa9bCzjKXq06dtzyqu0QrvlyGxJtmJIu2Ijr0jgg2ZTkSeKXCy3 +EUqfA8XMNwhgo9AAUlb4QRdQDCNhI8NFzq3iDpFJiEpYJg== -----END CERTIFICATE REQUEST----- diff --git a/test/trusted-ca/req_conf.cnf b/test/trusted-ca/req_conf.cnf index 187be7c..d68702e 100644 --- a/test/trusted-ca/req_conf.cnf +++ b/test/trusted-ca/req_conf.cnf @@ -67,9 +67,9 @@ nsComment = "OpenSSL Generated Server Certificate" [ ca_altname ] # This is OK for an SSL server. -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" +subjectAltName = DNS:*.hoo.org,DNS:joo.haa.org,IP:123.124.220.1,DNS:g*a.e*.com [ ca_client ] # For normal client use this is typical @@ -83,7 +83,8 @@ nsComment = "OpenSSL Generated Client Server Certificate" [ ca_fclient ] # This is typical in keyUsage for a client certificate. -keyUsage = nonRepudiation, digitalSignature, keyEncipherment +basicConstraints = CA:false +keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment nsComment = "OpenSSL Generated Client Certificate with key usage" [ ca_none ] diff --git a/test/trusted-ca/trusted.cert b/test/trusted-ca/trusted.cert index eb5fe75..c2b0e34 100644 --- a/test/trusted-ca/trusted.cert +++ b/test/trusted-ca/trusted.cert @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDCzCCAnSgAwIBAgIJALIbmjlwx6A+MA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV +MIIDCzCCAnSgAwIBAgIJAO6OyF6m5/UeMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV BAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoTBlV0b3BpYTETMBEGA1UE -CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIHRydXN0ZWQgQ0EwHhcNMDkxMjA5 -MTYyNjEwWhcNMzcwNDI2MTYyNjEwWjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG +CxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIHRydXN0ZWQgQ0EwHhcNMTAwNjI1 +MjIxMjExWhcNMzcxMTEwMjIxMjExWjBdMQswCQYDVQQGEwJVRzEPMA0GA1UEBxMG VHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJlbGF4YXRpb24xFzAV BgNVBAMTDnRoZSB0cnVzdGVkIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB -gQCX3cRHcag8RiQV4LztIAx7B7i381yF+zf39ZZq84Ycc8ZI+LFBzrRQsjaEPsbi -6f1dbDh1IwLFptttwG+AJBKwjHjPSdbPqtOYshBIjG+phanVTLg9chPEIirYf5ng -idfDOCMw9mNdFcPnrBA7CXDNCoY7hsPSf3U986B2csZfgQIDAQABo4HSMIHPMAwG -A1UdEwQFMAMBAf8wHQYDVR0OBBYEFMQRFAPFkx4YXYvN7xawfJOsXtilMIGPBgNV -HSMEgYcwgYSAFMQRFAPFkx4YXYvN7xawfJOsXtiloWGkXzBdMQswCQYDVQQGEwJV +gQC8GsugGEqOxRx5s9DJAilgxQXE9xQn3mHTePv93EvzQbyviRIUNb4RgCowQdY1 +4CZx6V62JT54+TVkJsvrGJd51uomhYksEhd11vj0dhHwRMJAwRTJK0bDRwnX7tD+ +95ZvhSX07Q2UIxQ0xeC1lTJ8syObDHj4zJNwBaBUHa+RdwIDAQABo4HSMIHPMAwG +A1UdEwQFMAMBAf8wHQYDVR0OBBYEFNF+Edjrqcy8L6Xg2V9pAoqR4GCAMIGPBgNV +HSMEgYcwgYSAFNF+Edjrqcy8L6Xg2V9pAoqR4GCAoWGkXzBdMQswCQYDVQQGEwJV RzEPMA0GA1UEBxMGVHJvcGljMQ8wDQYDVQQKEwZVdG9waWExEzARBgNVBAsTClJl -bGF4YXRpb24xFzAVBgNVBAMTDnRoZSB0cnVzdGVkIENBggkAshuaOXDHoD4wDgYD -VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBABLlJ29AZEJqgwGp27/paP0f -brMWEmlBQrObohg+K8oflMUVPNotwkChR58hwyNfNCKR+r/8bIJOWI+lFTkh5EQq -Yqz2q5bLhy/Odgkyk5QSNm2YsMpvfWyA1A9ROtpvIXquBXMG6fx0/xYG1/NQkbK/ -BE0sTheSsSSJLTDB7PwE +bGF4YXRpb24xFzAVBgNVBAMTDnRoZSB0cnVzdGVkIENBggkA7o7IXqbn9R4wDgYD +VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4GBAC9EnIv/wN6R6LVpYEsRiaHj +dw7lf+e583BXm6eKedPxSxbPoJd7l+b2Ku4R4q2xmBs1GAnOcRp5fPgc/kGXwUZv +ubtTowKC9PF5OTHCy/4ynEiZVGZFEbZIcKCFMaturi4IE5MLhaJb+lJvg+Z17fAX +W2JamgpFmVme0XUTTdZd -----END CERTIFICATE----- diff --git a/test/trusted-ca/trusted.p12 b/test/trusted-ca/trusted.p12 index 5ea7f66f300d029dea2c753c7359bf0f9fe47806..a7ea3a3fa7e68b9a1b0a366b3afd94bb975f2712 100644 GIT binary patch delta 1658 zcmV-=28H>B4uuYoU4NKxA-}cA*mnW~2mpYB188Wsa7c6+v8_bqeYQP@zLc7tZ%`$? z^O=JuXt+HnFjC*Tqmo6g>z*-l8FT+T|Jg};@^AAv5&Lv#;Rvw{F@GgT7e&!swUpY=;+qk> zW3p%Ir2I)33UNjpmE9Shm_cZWn=mz{)^59iuNYNp@KuPbQIWnP!bJ&3XQPF-#j7`77qMmQ zmVG<&NrLqzR5l;^uuxN|L)rxy3!qBWEfO#>@qZ@YKWV1K75c22QB+#HRifv$ z`P!tS7yS@!Fk=?FW+-t7wym=|D9}R3A1IEgE?bAn8bEFo>u}?c`=$5J$N;oWhMg>vm|>QM(?E#2{AdYv#SbEpz96c6 zv1SlJszS}cFIlwu8>dbVU>O6h^?GHrye1oYa(|(gx8QFcHY|IV3n#T)cCwe?`UL%Z zo?C10iyT#&d_>rL0=u6ocSThgrXg>#$x&a3_ujki*q;9pBAFW^o#^iu>;m{TlQ=M#rRiExq+@_G@=;SGT(o||qwkVYhZOp#mYnyedJ{+s$T z#t-V?fnL?}8n|;A-fiMMfihLn{xxkatc27falDO!0T?mxZ4#0j28QO28oT5P?BDl8 zUarC?Q!S)oCWa4aa!o)l?mBg%%;B?LFq75;MSo{RKN~o2y6^%52ml0v0)Wo^PU&SG zTk~!_7itY~@mTPz8ja1Hn^Rfupv?f^tB~5=O%U5NAMK;eanShuw7?R-6EMntX}$c2 zes%dPxsAm1T?P0iAVhz0yZ%XY5!Us~G*o*a4L6`!MUQTHbYUaa87Nv{MCw}0$h}?P zq<^@NrQN^baACr({dw=a)4tVlaDUZwXJ+QoKPv1C#!87vUtRWWikku)HUu+- zNS^wBga3V^nrC=v@>_xK3d5GNz>=+qWu8d~Tb&$MTzbGQxL!|176l0)$xa>n~fn{l4A=S3%l*di~Cyt}tXg*zzL%=>Nm5UKP1a+TS^6k?|4&Z_rz;cEbuwmVd=S9RBf!j^F@;;LMJsjXs93P$-2w+-#M*#>|F@rq>$(jNLg6<@O;hHmNP^?IM1tkbw{I(To*|#S zi6!(B5IWS8J*M**2JB`_lf2`Yw2hW8Bt2^BFG1Qh=vyxPJeQNUfRL9E<`u`NKR zI(RTKFd;Ar1_dh)0|FWa00a~q|7Rg!TBV7zMu||@Z1evv*_YM?2-Do#6}b}~2Lb{J E06TUk!~g&Q delta 1658 zcmV-=28H>B4uuYoU4QbDzR?K%(=Y-82mpYB18B(UaXx!y^DX-JNX0?kPy_+&)^)%Qr*` z%9pj@@ud)v)K~4^O}3PU>ptot_OP4G3p`?pc3c?trkQd60Ou}`w6#<;w)Hh}Oru1Niw z4YiLrlX5odJFl}h;%j8EV?IE?R@OD$-HA_DQZBvi0)MJf1uwv0pAbh&wNqtS1@?`` z040MoQSF2Gw&!&b%^Apjg4t!~6C=p(atMxgUnIpkW3zOSY&Hl7)AXSIV@t^7SaRK* z1E1GjA|HhF6aV| zmnndHUVm=(%_E59QUC+-G=X>HKIfeW4tB0JChAG%QBt&Igd&A$G*~dM1RdnT-dShA=SP9&h^Nz2~jeb)sxOZ zclN-!C>Mz;DN%Juu)-eKae++Xk`AinX^vgA)NDEbNvA|8twG$TRAv6Nq?hrbCj6Nd zHMn~qIoe!1Z~EjP3f|I9vC=q#Ns14o_$%n9Pt2jI0zZdLxQUOwX~J9glZjD49AJQYReP-KJaMe9SvFoDq#fQ>( zB2x8`@;rY}=wkC$|K2ok?7+u6w`6hx*I3)VJvF6M@Xnbn=woLU=FIs0earQ(HJLY) zPk(Q*z^wzqO;A_nm@svaqnVx;OI*rDphqS^Qg$# z&bmr@RA`>F`HLj(r1&1GMD)q|Hy#M(`hNwkD>kjKV``Q>9+9Dv@c5{qLCvTk0Sm z@AV}phv_5}{GMZ@s}c5?F&SW>1%DQD8h{k%PfqLXHcTT(>Bm?bbGz&XGpd`Rj80b> z$AWzI-pBo`9BXSgxACZK9yicnYikB57pdX+hiv_O%I);y$c#j~9_0l;^fpL<FgUxynM zDaLV|piFNIC7$$BzoL+9@{ct&5IN@j_l`#qcl2s%?m@-C(SmI49@ E0HB34;{X5v diff --git a/test/trusted-ca/trusted.priv b/test/trusted-ca/trusted.priv index e1e1831..889a1b7 100644 --- a/test/trusted-ca/trusted.priv +++ b/test/trusted-ca/trusted.priv @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQCX3cRHcag8RiQV4LztIAx7B7i381yF+zf39ZZq84Ycc8ZI+LFB -zrRQsjaEPsbi6f1dbDh1IwLFptttwG+AJBKwjHjPSdbPqtOYshBIjG+phanVTLg9 -chPEIirYf5ngidfDOCMw9mNdFcPnrBA7CXDNCoY7hsPSf3U986B2csZfgQIDAQAB -AoGAZ6OzkKIzErc3ZyrRI+5MNiYF3JubV+AiyPhz55c7ve0Qs7nsliFvkuacJ9ID -vtW6z+fL+7yh5qtBcnvyW/vCOGb1SZR8TaeK4eYPYn7+f34cMY+EYqVB9jws8Er8 -VByq7rx7Gmwr1ykiGiT04HdeFKw1uhYpqtdKwpNG+5L2g+UCQQDFqlkOxNWdx1Iy -RK9Z1JWBh5BaywBexiBxObA98AA/pYpi6Bd01HSA28R0nQXkKSRJl1Y0Fv8UKl2v -ovsNguIbAkEAxK9JXNYDQX4gVqf/nk/UVaqbpt60ahRRWkDHgCueVW6PipwV3TgA -SkKkS5M1E1aTSw8tPP6XXshK31amN1Q+kwJADRrbJrCEHR7O40hMe98tPlY3it10 -m9P06KzTc3fK/G1EPIR4saU4SCbJ4pVag6L6pepjq7ZumO6qIW/jxySLSwJAXh/Q -iPf2GOqGCVJeduGXKOP7lzDuv/E3OWzUzFaTcCj30op9wB8jrGYWAADTnoyI8pux -t4XS5M4PXrA13TaYtwJAB5jWQUN+Hk8pqMC5R8ft10Z9pUB5WCAEeOqJBRmpbg5m -TYOzpXPGwNglpzaXG7EQp1pC71I3k3gsI0jXjmnwkQ== +MIICXQIBAAKBgQC8GsugGEqOxRx5s9DJAilgxQXE9xQn3mHTePv93EvzQbyviRIU +Nb4RgCowQdY14CZx6V62JT54+TVkJsvrGJd51uomhYksEhd11vj0dhHwRMJAwRTJ +K0bDRwnX7tD+95ZvhSX07Q2UIxQ0xeC1lTJ8syObDHj4zJNwBaBUHa+RdwIDAQAB +AoGBALv0llTxEMbZ5FsjNtMzSr87/0jRjh1MUzmooTsHfgiiPfS0JRF2peX8x6sS +jgWlZSTbiFy+mE7uzM+3CHlwSCGq6MQnyJhC9Tfwmf4XtTTchGYUK3pbdcwsvmyj +4eq6gBF76TUdGpT6v4JiOjGC0foedGZT4SwWgltBP+GmNlV5AkEA3w/Yd4kt5wgk +T+llAIYkYY+e846BjzdYuC6UkDrmSprZdsgJsHTxW8ThmrvmxvSR/A+IwgAHWL4l +cFJs7PI8UwJBANfhgGx8ENc6IykA49eoCvIJU/pzrGAyVeEyEUdM5nuQ8dOriKym +Q2j7Cz8UM8JXDsjVFvYfo7GpKgc2dZ8FUc0CQQCRO1HnUkuutqBd30pBsxUQ6F/H +mCtGwfRjxwA3gAHc5UFdkxSr7RgQdfmls12ogChkgwC5vycJYpQhs6j0BSu9AkAH +m/Uw3baiP3RZz6Q4R74LBfUl0Mn0ohGQ3HjrcHR3SoablWI946Zgnuiokoe4g+UL +gydKCZd1fabzliHTNxbJAkAwxasZQPce5a/7khm1WkwNNPjD4arNFZAkp1du56Mr +ED3bMEE378uJBd4hamXcMj0aaNutTFryLldKYUjkGwdW -----END RSA PRIVATE KEY----- -- 1.8.2.3