diff --git a/examples/ssl/certs/ca.pem b/examples/ssl/certs/ca.pem index 07ae29a0a2..37a452165e 100644 --- a/examples/ssl/certs/ca.pem +++ b/examples/ssl/certs/ca.pem @@ -1,22 +1,18 @@ -----BEGIN CERTIFICATE----- -MIIDmTCCAwKgAwIBAgIJALMGu1g0q5GjMA0GCSqGSIb3DQEBBQUAMIGQMQswCQYD -VQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVJvc2V2aWxsZTESMBAGA1UE -ChMJT3BlbnN0YWNrMREwDwYDVQQLEwhLZXlzdG9uZTESMBAGA1UEAxMJbG9jYWxo -b3N0MSUwIwYJKoZIhvcNAQkBFhZrZXlzdG9uZUBvcGVuc3RhY2sub3JnMB4XDTEx -MTAyMDE2MDQ0MloXDTIxMTAxNzE2MDQ0MlowgZAxCzAJBgNVBAYTAlVTMQswCQYD -VQQIEwJDQTESMBAGA1UEBxMJUm9zZXZpbGxlMRIwEAYDVQQKEwlPcGVuc3RhY2sx -ETAPBgNVBAsTCEtleXN0b25lMRIwEAYDVQQDEwlsb2NhbGhvc3QxJTAjBgkqhkiG -9w0BCQEWFmtleXN0b25lQG9wZW5zdGFjay5vcmcwgZ8wDQYJKoZIhvcNAQEBBQAD -gY0AMIGJAoGBAMfYcS0Fs7DRqdGSMVyrLk91vdzs+K6a6NOgppxhETqrOMAjW5yL -ajE2Ly48qfO/BRZR0kgTGSpnv7oiFzWLCvPf63nUnCalkE+uBpksY7BpphnTCJ8F -IsZ6aggAGKto9mmADpiKxt1uSQ6DDpPm8quXbMdSZTFOOVQNPYhwPMYvAgMBAAGj -gfgwgfUwHQYDVR0OBBYEFGA/MhYYUnjIdH9FWFVVo/YODkZBMIHFBgNVHSMEgb0w -gbqAFGA/MhYYUnjIdH9FWFVVo/YODkZBoYGWpIGTMIGQMQswCQYDVQQGEwJVUzEL -MAkGA1UECBMCQ0ExEjAQBgNVBAcTCVJvc2V2aWxsZTESMBAGA1UEChMJT3BlbnN0 -YWNrMREwDwYDVQQLEwhLZXlzdG9uZTESMBAGA1UEAxMJbG9jYWxob3N0MSUwIwYJ -KoZIhvcNAQkBFhZrZXlzdG9uZUBvcGVuc3RhY2sub3JnggkAswa7WDSrkaMwDAYD -VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBoeuR/pRznAtStj4Axe8Xq1ivL -jXFt2G9Pj+MwLs2wokcUBYz6/rJdSTjW21s4/FQCHiw9K7HA63c4mbjkRRgtJlXo -F5PiQqv4F1KqZmWeIDGxOGStQbgc77unsYYXILI27pSqQLKc9xlli77LekY+BzTK -tr5JYtKMaby4lJTg3A== +MIIC0TCCAjqgAwIBAgIJAMyVAS1JB/DRMA0GCSqGSIb3DQEBBQUAMIGeMQowCAYD +VQQFEwE1MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVN1bm55 +dmFsZTESMBAGA1UEChMJT3BlblN0YWNrMREwDwYDVQQLEwhLZXlzdG9uZTElMCMG +CSqGSIb3DQEJARYWa2V5c3RvbmVAb3BlbnN0YWNrLm9yZzEUMBIGA1UEAxMLU2Vs +ZiBTaWduZWQwIBcNMTIxMDIyMTk0OTA0WhgPMjA3MTA0MTYxOTQ5MDRaMIGeMQow +CAYDVQQFEwE1MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVN1 +bm55dmFsZTESMBAGA1UEChMJT3BlblN0YWNrMREwDwYDVQQLEwhLZXlzdG9uZTEl +MCMGCSqGSIb3DQEJARYWa2V5c3RvbmVAb3BlbnN0YWNrLm9yZzEUMBIGA1UEAxML +U2VsZiBTaWduZWQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANKsTxsxbBGA +GzglqerOOnNw76g/U/ltb6RugEnfD3nBOBGT3zXW+8i0XVzCPdYsIjaltDIGZ66N +86QXSLOgxccYN+uHo2/ADvcc5HzH6Wi8mkzlYA+ZEx4JZZQPlaoN52/Tib487nn4 +3oldwbI9cvfpp0kzDHWx3HVil1fT6WwDAgMBAAGjEzARMA8GA1UdEwEB/wQFMAMB +Af8wDQYJKoZIhvcNAQEFBQADgYEAK9reLm4pW0AKGhXFvn0D1fRl/5Wxp/cZ3MM2 +IHSAelTx7bp67VeBGw+SrVdVUM9K6pqmJemA+IWGXHcRE6WPEQYUI0Bs9R6MdwOt +ws665r9WWExDztdXELsqacg/olcDiyHi0CAXPxWh/KRYSBfO3wNjOvvGTuedpnIU +MQOy2UI= -----END CERTIFICATE----- diff --git a/examples/ssl/certs/keystone.pem b/examples/ssl/certs/keystone.pem index 6460d32a75..321bd545a9 100644 --- a/examples/ssl/certs/keystone.pem +++ b/examples/ssl/certs/keystone.pem @@ -1,62 +1,17 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=CA, L=Roseville, O=Openstack, OU=Keystone, CN=localhost/emailAddress=keystone@openstack.org - Validity - Not Before: Oct 20 16:34:17 2011 GMT - Not After : Oct 19 16:34:17 2012 GMT - Subject: C=US, ST=CA, L=Roseville, O=Openstack, OU=Keystone, CN=localhost/emailAddress=keystone@openstack.org - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:9e:5a:5c:be:dc:20:d4:af:36:5c:33:6d:72:44: - 94:59:c6:a9:24:ed:fa:8b:2c:53:ab:24:7d:79:46: - cc:a6:45:05:b0:57:b4:0d:d6:8f:f4:d9:a5:11:64: - e4:78:b1:26:30:de:fb:4a:72:c8:97:e7:31:4f:55: - bb:5b:16:d7:22:1b:13:ca:fc:6b:04:bd:15:9c:09: - 51:d6:f9:14:51:67:a3:42:4a:81:ce:98:0f:6e:5c: - ac:7f:36:be:0f:79:ad:07:81:75:a2:21:a8:5f:e5: - 9c:22:71:4c:db:63:b6:44:29:65:22:76:6e:07:98: - de:be:58:3f:b2:fe:cd:27:f7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - Netscape Comment: - OpenSSL Generated Certificate - X509v3 Subject Key Identifier: - C1:E3:A1:36:45:3F:B5:3B:11:A1:23:A4:7E:3A:A0:F9:BC:F6:93:A3 - X509v3 Authority Key Identifier: - keyid:60:3F:32:16:18:52:78:C8:74:7F:45:58:55:55:A3:F6:0E:0E:46:41 - - Signature Algorithm: sha1WithRSAEncryption - 06:86:d7:5d:93:11:94:ce:23:ae:74:b2:16:09:99:32:63:3d: - d9:be:8f:99:87:43:7c:0d:27:25:5c:08:c2:d6:18:37:3c:4e: - b9:06:51:53:a9:d7:93:da:14:a1:25:96:2b:eb:8d:81:9d:68: - 8d:ec:b8:1f:9e:09:80:25:fb:be:f8:20:5b:fc:ca:6c:3d:38: - c7:09:36:aa:dd:f8:0c:01:35:3e:c5:c5:3b:60:24:8c:5f:c5: - 44:e7:7f:9b:ce:b6:d5:85:b7:93:e4:8a:a5:a9:90:ff:2d:09: - 56:8c:e6:17:1f:07:33:0a:46:73:b1:65:13:d8:6f:39:76:3a: - 93:87 -----BEGIN CERTIFICATE----- -MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMCVVMx -CzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlSb3NldmlsbGUxEjAQBgNVBAoTCU9wZW5z -dGFjazERMA8GA1UECxMIS2V5c3RvbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDElMCMG -CSqGSIb3DQEJARYWa2V5c3RvbmVAb3BlbnN0YWNrLm9yZzAeFw0xMTEwMjAxNjM0 -MTdaFw0xMjEwMTkxNjM0MTdaMIGQMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex -EjAQBgNVBAcTCVJvc2V2aWxsZTESMBAGA1UEChMJT3BlbnN0YWNrMREwDwYDVQQL -EwhLZXlzdG9uZTESMBAGA1UEAxMJbG9jYWxob3N0MSUwIwYJKoZIhvcNAQkBFhZr -ZXlzdG9uZUBvcGVuc3RhY2sub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB -gQCeWly+3CDUrzZcM21yRJRZxqkk7fqLLFOrJH15RsymRQWwV7QN1o/02aURZOR4 -sSYw3vtKcsiX5zFPVbtbFtciGxPK/GsEvRWcCVHW+RRRZ6NCSoHOmA9uXKx/Nr4P -ea0HgXWiIahf5ZwicUzbY7ZEKWUidm4HmN6+WD+y/s0n9wIDAQABo3sweTAJBgNV -HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp -Y2F0ZTAdBgNVHQ4EFgQUweOhNkU/tTsRoSOkfjqg+bz2k6MwHwYDVR0jBBgwFoAU -YD8yFhhSeMh0f0VYVVWj9g4ORkEwDQYJKoZIhvcNAQEFBQADgYEABobXXZMRlM4j -rnSyFgmZMmM92b6PmYdDfA0nJVwIwtYYNzxOuQZRU6nXk9oUoSWWK+uNgZ1ojey4 -H54JgCX7vvggW/zKbD04xwk2qt34DAE1PsXFO2AkjF/FROd/m8621YW3k+SKpamQ -/y0JVozmFx8HMwpGc7FlE9hvOXY6k4c= +MIICuzCCAiSgAwIBAgIBEDANBgkqhkiG9w0BAQUFADCBnjEKMAgGA1UEBRMBNTEL +MAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlTdW5ueXZhbGUxEjAQ +BgNVBAoTCU9wZW5TdGFjazERMA8GA1UECxMIS2V5c3RvbmUxJTAjBgkqhkiG9w0B +CQEWFmtleXN0b25lQG9wZW5zdGFjay5vcmcxFDASBgNVBAMTC1NlbGYgU2lnbmVk +MCAXDTEyMTAyMjE5NDkwNFoYDzIwNzEwNDE2MTk0OTA0WjCBkDELMAkGA1UEBhMC +VVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlTdW5ueXZhbGUxEjAQBgNVBAoTCU9w +ZW5TdGFjazERMA8GA1UECxMIS2V5c3RvbmUxJTAjBgkqhkiG9w0BCQEWFmtleXN0 +b25lQG9wZW5zdGFjay5vcmcxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG +9w0BAQEFAAOBjQAwgYkCgYEA0g+31KD6C4nVJKjl5jm5RS2UyZBqGvCFxvyKkTAs +VK9RnVl2R9J/1p3eUP7zwdait/g+FQTlsRQQoH6Ybf9oPZpJFeotvZXH/D5a7I+t +U8m1qLrJqd61wNad3JaubcqAa6r+wj1A7y1ZLvnzZBhZwQBXYYy3cLqTP6cTqS2u +ezECAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAD +pZbC4E22H6C8phw9qryctY+jIG50QHJz0iJHf27IbIOELYK4VKtCkbaiOcQwMKtA +L0SGotIM5Z6VN+72pUJUGM8EhaGYmZpfyF/+E3JSo1r41mneqdjfYy6wpnnhMlk9 +I6COsjgq6xvnlqMdS5LR24wDIK/Ftd0dx5CrmmuYog== -----END CERTIFICATE----- diff --git a/examples/ssl/certs/middleware.pem b/examples/ssl/certs/middleware.pem index 780de11086..c18e307c83 100644 --- a/examples/ssl/certs/middleware.pem +++ b/examples/ssl/certs/middleware.pem @@ -1,77 +1,33 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=CA, L=Roseville, O=Openstack, OU=Keystone, CN=localhost/emailAddress=keystone@openstack.org - Validity - Not Before: Oct 20 17:22:02 2011 GMT - Not After : Oct 19 17:22:02 2012 GMT - Subject: C=US, ST=CA, O=Openstack, OU=Middleware, CN=localhost/emailAddress=middleware@openstack.org - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:cb:8d:ff:0a:f8:1f:da:0b:65:d9:15:86:e7:4a: - 89:07:81:26:7a:2e:ef:67:30:bb:5b:88:3e:73:31: - 0e:c9:d9:eb:84:55:7c:57:1b:07:8a:29:7f:41:ed: - 1a:47:b2:c4:74:3c:dc:52:81:81:ba:6c:43:b8:44: - bd:83:20:28:4a:82:03:34:f2:1e:88:89:1c:f3:d6: - ef:02:27:9f:7b:4b:dc:ed:50:91:7a:13:a0:8f:5f: - 44:10:a6:17:01:6f:7d:7a:3a:a2:1a:28:4e:6e:c5: - b6:06:0b:ba:5c:c9:e9:15:39:95:54:63:bb:40:90: - 5d:5d:76:f6:ae:ed:ee:ed:85 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - Netscape Comment: - OpenSSL Generated Certificate - X509v3 Subject Key Identifier: - 5A:34:DE:19:11:FF:77:19:2E:E5:6C:36:FA:42:17:6B:46:AF:6A:61 - X509v3 Authority Key Identifier: - keyid:60:3F:32:16:18:52:78:C8:74:7F:45:58:55:55:A3:F6:0E:0E:46:41 - - Signature Algorithm: sha1WithRSAEncryption - a2:1b:e0:d3:e5:c5:35:ad:18:cb:79:a4:fc:f3:d6:7b:53:1e: - dd:28:95:e0:6c:b0:db:fe:aa:30:04:19:c8:99:7a:eb:cb:ed: - dd:74:29:ad:f8:89:6a:ed:d0:10:35:b3:62:36:a2:b0:cc:9f: - 86:e8:96:fd:d7:1b:5e:2c:64:b5:5d:f3:bf:1a:1a:07:8b:01: - 1f:5f:09:c3:e1:62:cd:30:35:1a:08:e1:cd:71:be:8c:87:de: - f6:7d:40:1b:c6:5f:f0:80:a0:68:55:01:00:74:86:08:52:7e: - c7:fd:62:f9:e3:d0:f8:0b:b0:64:d9:20:70:80:ec:95:11:74: - fb:0b -----BEGIN CERTIFICATE----- -MIIDAzCCAmygAwIBAgIBATANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMCVVMx -CzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlSb3NldmlsbGUxEjAQBgNVBAoTCU9wZW5z -dGFjazERMA8GA1UECxMIS2V5c3RvbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDElMCMG -CSqGSIb3DQEJARYWa2V5c3RvbmVAb3BlbnN0YWNrLm9yZzAeFw0xMTEwMjAxNzIy -MDJaFw0xMjEwMTkxNzIyMDJaMIGAMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex -EjAQBgNVBAoTCU9wZW5zdGFjazETMBEGA1UECxMKTWlkZGxld2FyZTESMBAGA1UE -AxMJbG9jYWxob3N0MScwJQYJKoZIhvcNAQkBFhhtaWRkbGV3YXJlQG9wZW5zdGFj -ay5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMuN/wr4H9oLZdkVhudK -iQeBJnou72cwu1uIPnMxDsnZ64RVfFcbB4opf0HtGkeyxHQ83FKBgbpsQ7hEvYMg -KEqCAzTyHoiJHPPW7wInn3tL3O1QkXoToI9fRBCmFwFvfXo6ohooTm7FtgYLulzJ -6RU5lVRju0CQXV129q7t7u2FAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4 -QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRa -NN4ZEf93GS7lbDb6QhdrRq9qYTAfBgNVHSMEGDAWgBRgPzIWGFJ4yHR/RVhVVaP2 -Dg5GQTANBgkqhkiG9w0BAQUFAAOBgQCiG+DT5cU1rRjLeaT889Z7Ux7dKJXgbLDb -/qowBBnImXrry+3ddCmt+Ilq7dAQNbNiNqKwzJ+G6Jb91xteLGS1XfO/GhoHiwEf -XwnD4WLNMDUaCOHNcb6Mh972fUAbxl/wgKBoVQEAdIYIUn7H/WL549D4C7Bk2SBw -gOyVEXT7Cw== +MIICuzCCAiSgAwIBAgIBEDANBgkqhkiG9w0BAQUFADCBnjEKMAgGA1UEBRMBNTEL +MAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlTdW5ueXZhbGUxEjAQ +BgNVBAoTCU9wZW5TdGFjazERMA8GA1UECxMIS2V5c3RvbmUxJTAjBgkqhkiG9w0B +CQEWFmtleXN0b25lQG9wZW5zdGFjay5vcmcxFDASBgNVBAMTC1NlbGYgU2lnbmVk +MCAXDTEyMTAyMjE5NDkwNFoYDzIwNzEwNDE2MTk0OTA0WjCBkDELMAkGA1UEBhMC +VVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlTdW5ueXZhbGUxEjAQBgNVBAoTCU9w +ZW5TdGFjazERMA8GA1UECxMIS2V5c3RvbmUxJTAjBgkqhkiG9w0BCQEWFmtleXN0 +b25lQG9wZW5zdGFjay5vcmcxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG +9w0BAQEFAAOBjQAwgYkCgYEA0g+31KD6C4nVJKjl5jm5RS2UyZBqGvCFxvyKkTAs +VK9RnVl2R9J/1p3eUP7zwdait/g+FQTlsRQQoH6Ybf9oPZpJFeotvZXH/D5a7I+t +U8m1qLrJqd61wNad3JaubcqAa6r+wj1A7y1ZLvnzZBhZwQBXYYy3cLqTP6cTqS2u +ezECAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAD +pZbC4E22H6C8phw9qryctY+jIG50QHJz0iJHf27IbIOELYK4VKtCkbaiOcQwMKtA +L0SGotIM5Z6VN+72pUJUGM8EhaGYmZpfyF/+E3JSo1r41mneqdjfYy6wpnnhMlk9 +I6COsjgq6xvnlqMdS5LR24wDIK/Ftd0dx5CrmmuYog== -----END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQDLjf8K+B/aC2XZFYbnSokHgSZ6Lu9nMLtbiD5zMQ7J2euEVXxX -GweKKX9B7RpHssR0PNxSgYG6bEO4RL2DIChKggM08h6IiRzz1u8CJ597S9ztUJF6 -E6CPX0QQphcBb316OqIaKE5uxbYGC7pcyekVOZVUY7tAkF1ddvau7e7thQIDAQAB -AoGAITSpzV1KvOQtGiuz1RlIn0vHPhlX/opplfX00g/HrM/65pyXaxJCuZwpYVTP -e7DC8X9YJbFwuzucFHxKOhDN4YbnW145bgfHbI9KLXtZiDvXvHg2MGKjpL/S3Lp3 -zzWBo8gknmFGLK41WbYCCWKcvikEb3/KowcooznY5X5BjWECQQD6NC9Bi2EUUyPR -B2ZT3C3h2Hj53yqLkJzP0PaxTC+j7rsycy5r7UiOK8+8aC1T9EsaJrmEKlYBmlbd -lVdhohpNAkEA0EUphaVGURlNmXZgYdSZ1rrpJTvKbFtXmUCowi7Ml2h/oTuHDFHf -i4P8//79YB1uJ4Ll9edjJsZqtAErUTnMGQJBAJcKp7hutqU5Z3bJe8mGMqCTOLzH -LvzfyPpfkH0Jm/zfolxbUhvPO6yv4BFB5pM295uK4xVZJWCEVoofnIeQ/0UCQHuK -ex3esv5KTyCX+oYtkW+xgbjnZaSu7iBnHXPKROwPPZ4LbIlfS4Y7rejAfdX0vzHK -0NP0BHmsuwC5rNNKwIkCQBZqTnLVcisz1FRM2g/OKfWMx+lhVf5fIng+jUEJCdNE -fGjCUu4BRs+nXq6EzoijLvtrmRmFL7VYAKdabSVeLRc= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBANIPt9Sg+guJ1SSo +5eY5uUUtlMmQahrwhcb8ipEwLFSvUZ1ZdkfSf9ad3lD+88HWorf4PhUE5bEUEKB+ +mG3/aD2aSRXqLb2Vx/w+WuyPrVPJtai6yanetcDWndyWrm3KgGuq/sI9QO8tWS75 +82QYWcEAV2GMt3C6kz+nE6ktrnsxAgMBAAECgYEAqcmioO7srN7ftR3/lTMbGVta +ZAGigdvfhZMivW/epSSAJ1rkS/FM+z/nLjik9gxywZiZNYwbzCGXvuIUevRyX8Ei +PVTggVqK449NpW+K0aFe1D9MTn1A6axznwa1/STgAr80Q/9v8L6Pqy37AfxEBdej +ly0wZ/OMB4r6LN5hGPECQQD04EncRtsqQ5E+1pfl625vXAowjcv84ZRewhN772Ub +/vwNiL/K5JHgKixnMfQyDbltRVk09i2tIBSywVVNI+TTAkEA25qP+llyxNgwLsZ6 +S3WwBJOL4BR7HNlhAM/rO1BiWBwkwAKbh7PWEb0pXM/H5c3TrCe1VPQ2fNXCl164 +M8BtawJBAOdYru8pEg4P370aSE+z6ZXTwty0WjADfoU3nejM9x1H/SFcPLaW0yqR +LXohO6++P5z4k5rxqZ2SXXu0I77JVnkCQAIcbEHl1jqaMWxhsA9FpFmG6ZNP3xcZ +59rQJNy/GxLpwliuLbySN/6XqOwhezR0VBKVlyKn7lYo3+QAnxiwQt0CQQCEQ3sJ +lAREj2ZkImKRAFZj2uxK4cz0+wkRx6pWHyy8hil19LkaWBKbC0U6kaoUyCsDgM1O +L70bXSvi52tgTzr6 +-----END PRIVATE KEY----- diff --git a/examples/ssl/gen_pki.sh b/examples/ssl/gen_pki.sh new file mode 100755 index 0000000000..16d1c00832 --- /dev/null +++ b/examples/ssl/gen_pki.sh @@ -0,0 +1,179 @@ +#!/bin/bash + +# Copyright 2012 OpenStack LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# This script generates the crypto necessary for the SSL tests. + +DIR=`dirname "$0"` +CURRENT_DIR=`cd "$DIR" && pwd` +CERTS_DIR=$CURRENT_DIR/certs +PRIVATE_DIR=$CURRENT_DIR/private + + +function rm_old { + rm -rf $CERTS_DIR/*.pem + rm -rf $PRIVATE_DIR/*.pem +} + +function cleanup { + rm -rf *.conf > /dev/null 2>&1 + rm -rf index* > /dev/null 2>&1 + rm -rf *.crt > /dev/null 2>&1 + rm -rf newcerts > /dev/null 2>&1 + rm -rf *.pem > /dev/null 2>&1 + rm -rf serial* > /dev/null 2>&1 +} + +function generate_ca_conf { + echo ' +[ req ] +default_bits = 1024 +default_keyfile = cakey.pem +default_md = sha1 + +prompt = no +distinguished_name = ca_distinguished_name + +x509_extensions = ca_extensions + +[ ca_distinguished_name ] +serialNumber = 5 +countryName = US +stateOrProvinceName = CA +localityName = Sunnyvale +organizationName = OpenStack +organizationalUnitName = Keystone +emailAddress = keystone@openstack.org +commonName = Self Signed + +[ ca_extensions ] +basicConstraints = critical,CA:true +' > ca.conf +} + +function generate_req_conf { + echo ' +[ req ] +default_bits = 1024 +default_keyfile = keystonekey.pem +default_md = sha1 + +prompt = no +distinguished_name = distinguished_name + +[ distinguished_name ] +countryName = US +stateOrProvinceName = CA +localityName = Sunnyvale +organizationName = OpenStack +organizationalUnitName = Keystone +commonName = localhost +emailAddress = keystone@openstack.org +' > req.conf +} + +function generate_signing_conf { + echo ' +[ ca ] +default_ca = signing_ca + +[ signing_ca ] +dir = . +database = $dir/index.txt +new_certs_dir = $dir/newcerts + +certificate = $dir/certs/ca.pem +serial = $dir/serial +private_key = $dir/private/cakey.pem + +default_days = 21360 +default_crl_days = 30 +default_md = sha1 + +policy = policy_any + +x509_extensions = ca_extensions + +[ policy_any ] +countryName = supplied +stateOrProvinceName = supplied +localityName = optional +organizationName = supplied +organizationalUnitName = supplied +emailAddress = supplied +commonName = supplied + +[ ca_extensions ] +basicConstraints = critical,CA:true +' > signing.conf +} + +function setup { + touch index.txt + echo '10' > serial + generate_ca_conf + mkdir newcerts +} + +function check_error { + if [ $1 != 0 ] ; then + echo "Failed! rc=${1}" + echo 'Bailing ...' + cleanup + exit $1 + else + echo 'Done' + fi +} + +function generate_ca { + echo 'Generating New CA Certificate ...' + openssl req -x509 -newkey rsa:1024 -days 21360 -out $CERTS_DIR/ca.pem -keyout $PRIVATE_DIR/cakey.pem -outform PEM -config ca.conf -nodes + check_error $? +} + +function cert_req { + echo 'Generating Certificate Request ...' + generate_req_conf + openssl req -newkey rsa:1024 -keyout $PRIVATE_DIR/keystonekey.pem -keyform PEM -out req.pem -outform PEM -config req.conf -nodes + check_error $? + #openssl req -in req.pem -text -noout +} + + +function issue_cert { + echo 'Issuing SSL Certificate ...' + generate_signing_conf + openssl ca -in req.pem -config signing.conf -batch + check_error $? + openssl x509 -in $CURRENT_DIR/newcerts/10.pem -out $CERTS_DIR/keystone.pem + check_error $? +} + +function create_middleware_cert { + cp $CERTS_DIR/keystone.pem $CERTS_DIR/middleware.pem + cat $PRIVATE_DIR/keystonekey.pem >> $CERTS_DIR/middleware.pem +} + + +echo $CURRENT_DIR +rm_old +cleanup +setup +generate_ca +cert_req +issue_cert +create_middleware_cert +cleanup diff --git a/examples/ssl/private/cakey.pem b/examples/ssl/private/cakey.pem index 36e38e090c..31dc9eced4 100644 --- a/examples/ssl/private/cakey.pem +++ b/examples/ssl/private/cakey.pem @@ -1,18 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,116D8984CC1AC50A - -PnDGqu3+5ITsGtOwCucdQBs7UmPpJKk3x+UuBdpJuygMEgGM70P+eN+RLTH/vaAl -GFWV9wvlL7j+azrEYlbiKhHn4+6SmDSWjjSVM5wGclzH/UYhyhVe/GZsJ8axW278 -6EdwzmrbvIjuPTN/dJjyXdeOlFFpoCST8TI03+qYo9T0L86560Y3SjTr/hHhlVyL -PgwfcN3wdarhPloJvFoV10kNH3MBpgGeclNQcNVRH7+Z2DwzHgV3bW28w1h4dOI7 -RrPpa1YaAi0lTltuiZYLUtTBI/+xEDf3kFkeSNSdl3sLp9faHUoosVObdFfLCmV1 -+66MdqgesPFipkfGPlTGuUX9CmYMooCn+hs7+tVZUqCl/fcErFWeW8iS5+nrat7f -HBiAsOTZ96AEvy/FksYPymrdaK085aODgPqSfR2pvMuF66iKS1xRZiTpMnDApTVN -A6BOZdJgTqGX4yny7ORxQ90xkv39oZYS9cc10Hqec1DG1LWy9dfvavEPk7/GejiT -Z5SMbIHHiNe5tNTomGqtgLIhjfoRXH14zbPGbJ5bI0REJ+sdUM3ItH75tTHYQUIb -S8UQBkHzU+ExK4q5E3BvKR7UH0KD5z6B6QhAyCB6mQp+63nsIP5cImXuAY9u0s1a -3tOmvUpXWDpqJLeAShb3DAPz5+FMx4mbT5oZq1Y8q5RDqMSSrB7XilAroCqasUIb -LoLNMri7WKcrCT1dKjN4y17ucwU8wLPo7Lpo+x5/XWqQA5qSB83YG9nh6nuzYNyo -aUsLH4cfAj3vCPU+KQux5jJfpcma9fyxVfCfa55dmakmGM8ww6ZXXQ== ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANKsTxsxbBGAGzgl +qerOOnNw76g/U/ltb6RugEnfD3nBOBGT3zXW+8i0XVzCPdYsIjaltDIGZ66N86QX +SLOgxccYN+uHo2/ADvcc5HzH6Wi8mkzlYA+ZEx4JZZQPlaoN52/Tib487nn43old +wbI9cvfpp0kzDHWx3HVil1fT6WwDAgMBAAECgYBY/FNFpzCAi93zb2VAOu/RhyiT +pnwv5Ru9Fre1fDSrNwQZ2J31veMIObcd0SYRav7gmklsv+vXfTomW3dn+EbRNwjb +HhhyX0fWoIBl95Z9pGgEAKCqm6ooJXcNSDAoJB573IO24dB0Trvp2BTvm8AdHN6d +AIrQkOZbUZKRYCP6oQJBAPtwzF3pYGS4L/phohJRJnWwKd9vMOgJztwu9TWlISMn +Mkld8ur4obRwpTpusDiIJMOLOS3b1UKk/Usy5TObbisCQQDWfkP19g5S1DeRRdnX +Fhx7WnB6QS+D2BgB2SLOpNQeRj4RHsKhqi1t6cn8KVb7gWjOvPVgLB85wV8fa6u8 +DeWJAkBk9+XJLGcd6uyxQbWAX3/vMH+QDql39EBSILUtBpNo91t1JLnga1kcCUQA +U+SFvv3sXCLo7GcV7QUdxmFNuPOjAkEAkt2+Fwo14I0ixzv23wlq0yOn5G4B5Nrw +BUPyS2AdReV+1iYjyqJFnP75qMl9n5SKeRR1Rzau4tL/GPqWiptRUQJBAKoh+W92 +IrMHKlMt8yUh7BgYzImrAo+gI+r5Mqewn8G75t2kRf/JcdM6i7fwAPSuTaV/sfA/ +FYJ+N9ZGfFSBAJM= +-----END PRIVATE KEY----- diff --git a/examples/ssl/private/keystonekey.pem b/examples/ssl/private/keystonekey.pem index 563c65f02f..fac3bf65ea 100644 --- a/examples/ssl/private/keystonekey.pem +++ b/examples/ssl/private/keystonekey.pem @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCeWly+3CDUrzZcM21yRJRZxqkk7fqLLFOrJH15RsymRQWwV7QN -1o/02aURZOR4sSYw3vtKcsiX5zFPVbtbFtciGxPK/GsEvRWcCVHW+RRRZ6NCSoHO -mA9uXKx/Nr4Pea0HgXWiIahf5ZwicUzbY7ZEKWUidm4HmN6+WD+y/s0n9wIDAQAB -AoGAf6eY3MPYM5yL1ggfUt62OSlNcdfnAgrZ6D2iaQIKOH+r9ly9aepuYpSR3VPY -WvN0NjGLopil3M8jkTEruGLRSgin8+v+qlcRFsoXamegc3NV4XtxJhSmSIocKIIK -14w5YxcDz1QGqoati4LxQ1D6V5eNhiO65YhdcUDarGnlcAECQQDK4vcBGLY7H91f -lGT/oFJ0crqF4V+bLxMO28NhtS0G+GoM0MKrPfIu+nZDlKQzzHUlEZMNXSLz1T+T -po92UVe3AkEAx87ZKDK4xZZRNz0dAe29a3gQ6PmVkav1+NIxr0MP7Ff4tH6K/uoz -96OZpZg+TxdaoxSeNltuUelt3/xPs9AxwQJBAI01t1FuD7fLD9ssf7djsMAX8jao -jFCITS10S+K/pR1K3RUaX8OsE9oavSGAXWEoFwi72KvefStU6zErJoLlTrUCQCG5 -wmHMne+L/c1rHVhT/qMDMyd/6UUbV3tWT1ib4zYraylcKq34bikgjjCrT+kdsgjQ -1BustyRQWGF0PyfEvoECQGhVOY2byAOEau+GeTC0c3LIDoErx6WaW3d9ty3Tmx3G -Y81XHlbO4Lw2q8fWZ8Ah2ptjv2IpKj0GAGRiJ5NnPTM= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBANIPt9Sg+guJ1SSo +5eY5uUUtlMmQahrwhcb8ipEwLFSvUZ1ZdkfSf9ad3lD+88HWorf4PhUE5bEUEKB+ +mG3/aD2aSRXqLb2Vx/w+WuyPrVPJtai6yanetcDWndyWrm3KgGuq/sI9QO8tWS75 +82QYWcEAV2GMt3C6kz+nE6ktrnsxAgMBAAECgYEAqcmioO7srN7ftR3/lTMbGVta +ZAGigdvfhZMivW/epSSAJ1rkS/FM+z/nLjik9gxywZiZNYwbzCGXvuIUevRyX8Ei +PVTggVqK449NpW+K0aFe1D9MTn1A6axznwa1/STgAr80Q/9v8L6Pqy37AfxEBdej +ly0wZ/OMB4r6LN5hGPECQQD04EncRtsqQ5E+1pfl625vXAowjcv84ZRewhN772Ub +/vwNiL/K5JHgKixnMfQyDbltRVk09i2tIBSywVVNI+TTAkEA25qP+llyxNgwLsZ6 +S3WwBJOL4BR7HNlhAM/rO1BiWBwkwAKbh7PWEb0pXM/H5c3TrCe1VPQ2fNXCl164 +M8BtawJBAOdYru8pEg4P370aSE+z6ZXTwty0WjADfoU3nejM9x1H/SFcPLaW0yqR +LXohO6++P5z4k5rxqZ2SXXu0I77JVnkCQAIcbEHl1jqaMWxhsA9FpFmG6ZNP3xcZ +59rQJNy/GxLpwliuLbySN/6XqOwhezR0VBKVlyKn7lYo3+QAnxiwQt0CQQCEQ3sJ +lAREj2ZkImKRAFZj2uxK4cz0+wkRx6pWHyy8hil19LkaWBKbC0U6kaoUyCsDgM1O +L70bXSvi52tgTzr6 +-----END PRIVATE KEY-----