Skip to content

Commit 18215dd

Browse files
vuvovavuvova
committed
MDEV-7859 SSL hostname verification fails for long subject names
Don't use a fixed buffer for X509_NAME_oneline() in the client. Do as the server does - allocate it dynamically. For a test - regenerate certificates to have the server cert with a long subject.
1 parent 9fd65db commit 18215dd

File tree

11 files changed

+439
-537
lines changed

11 files changed

+439
-537
lines changed

mysql-test/lib/generate-ssl-certs.sh

Lines changed: 5 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -10,22 +10,21 @@ touch demoCA/index.txt
1010
echo 01 > demoCA/serial
1111

1212
# CA certificate, self-signed
13-
openssl req -x509 -newkey rsa:2048 -keyout demoCA/private/cakey.pem -out cacert.pem -days 7300 -nodes -subj '/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB' -text
13+
openssl req -x509 -newkey rsa:2048 -keyout demoCA/private/cakey.pem -out cacert.pem -days 7300 -nodes -subj '/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB' -text
1414

15-
# server certificate signing request and private key
16-
openssl req -newkey rsa:1024 -keyout server-key.pem -out demoCA/server-req.pem -days 7300 -nodes -subj '/C=SE/ST=Uppsala/O=MySQL AB/CN=localhost'
15+
# server certificate signing request and private key. Note the very long subject (for MDEV-7859)
16+
openssl req -newkey rsa:1024 -keyout server-key.pem -out demoCA/server-req.pem -days 7300 -nodes -subj '/CN=localhost/C=FI/ST=state or province within country, in other certificates in this file it is the same as L/L=location, usually an address but often ambiguously used/OU=organizational unit name, a division name within an organization/O=organization name, typically a company name'
1717
# convert the key to yassl compatible format
1818
openssl rsa -in server-key.pem -out server-key.pem
1919
# sign the server certificate with CA certificate
2020
openssl ca -days 7300 -batch -cert cacert.pem -policy policy_anything -out server-cert.pem -infiles demoCA/server-req.pem
2121

22-
openssl req -newkey rsa:8192 -keyout server8k-key.pem -out demoCA/server8k-req.pem -days 7300 -nodes -subj '/C=SE/ST=Uppsala/O=MySQL AB/CN=server'
22+
openssl req -newkey rsa:8192 -keyout server8k-key.pem -out demoCA/server8k-req.pem -days 7300 -nodes -subj '/CN=server8k/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB'
2323
openssl rsa -in server8k-key.pem -out server8k-key.pem
2424
openssl ca -days 7300 -batch -cert cacert.pem -policy policy_anything -out server8k-cert.pem -infiles demoCA/server8k-req.pem
2525

26-
openssl req -newkey rsa:1024 -keyout client-key.pem -out demoCA/client-req.pem -days 7300 -nodes -subj '/C=SE/ST=Uppsala/O=MySQL AB'
26+
openssl req -newkey rsa:1024 -keyout client-key.pem -out demoCA/client-req.pem -days 7300 -nodes -subj '/CN=client/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB'
2727
openssl rsa -in client-key.pem -out client-key.pem
28-
# if the folloing will require a common name - that's defined in /etc/ssl/openssl.cnf, under policy_anything
2928
openssl ca -days 7300 -batch -cert cacert.pem -policy policy_anything -out client-cert.pem -infiles demoCA/client-req.pem
3029

3130
rm -rf demoCA

mysql-test/r/openssl_1.result

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,8 +3,8 @@ create table t1(f1 int);
33
insert into t1 values (5);
44
grant select on test.* to ssl_user1@localhost require SSL;
55
grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA";
6-
grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client";
7-
grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=Client" ISSUER "/C=SE/ST=Stockholm/L=Stockholm/O=Oracle/OU=MySQL/CN=CA";
6+
grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client";
7+
grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client" ISSUER "/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB";
88
grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
99
flush privileges;
1010
connect(localhost,ssl_user2,,test,MASTER_PORT,MASTER_SOCKET);

mysql-test/std_data/cacert.pem

Lines changed: 61 additions & 62 deletions
Original file line numberDiff line numberDiff line change
@@ -1,79 +1,78 @@
11
Certificate:
22
Data:
33
Version: 3 (0x2)
4-
Serial Number: 16263805969935345171 (0xe1b4a55c3ddfa613)
5-
Signature Algorithm: sha256WithRSAEncryption
6-
Issuer: C=SE, ST=Stockholm, L=Stockholm, O=Oracle, OU=MySQL, CN=CA
4+
Serial Number: 11580370790696127632 (0xa0b5bde0f2c08c90)
5+
Signature Algorithm: sha1WithRSAEncryption
6+
Issuer: CN=cacert, C=FI, ST=Helsinki, L=Helsinki, O=MariaDB
77
Validity
8-
Not Before: Dec 5 04:48:11 2014 GMT
9-
Not After : Dec 1 04:48:11 2030 GMT
10-
Subject: C=SE, ST=Stockholm, L=Stockholm, O=Oracle, OU=MySQL, CN=CA
8+
Not Before: Apr 25 14:55:05 2015 GMT
9+
Not After : Apr 20 14:55:05 2035 GMT
10+
Subject: CN=cacert, C=FI, ST=Helsinki, L=Helsinki, O=MariaDB
1111
Subject Public Key Info:
1212
Public Key Algorithm: rsaEncryption
1313
Public-Key: (2048 bit)
1414
Modulus:
15-
00:b4:95:bd:24:92:73:06:22:01:13:28:0e:09:a3:
16-
94:05:96:54:9d:dc:8f:83:39:f3:64:7a:31:70:f6:
17-
d9:c4:14:19:75:87:a6:b1:ea:52:ed:40:54:5a:f6:
18-
9c:13:8e:d8:76:8f:5a:65:a5:20:19:19:bd:51:9d:
19-
ba:35:ce:9a:a9:58:0a:fc:11:6e:1d:cb:a8:f1:92:
20-
79:ee:aa:fc:e3:32:5e:aa:0d:0b:23:34:95:e9:d3:
21-
8e:3f:72:93:90:bc:2c:b0:04:75:4f:a4:4a:a0:32:
22-
db:ac:89:ac:34:9b:d0:07:e3:81:e9:ca:5b:26:f0:
23-
f5:de:fe:d5:5e:a0:54:26:dd:ec:58:07:6e:b9:e5:
24-
97:f6:20:6d:d8:4a:c0:50:cc:81:e6:d2:3f:c7:47:
25-
70:8b:15:89:65:71:2e:47:c3:42:76:b5:ee:16:0e:
26-
26:97:6a:a3:1c:ad:90:53:50:b0:b1:6d:1d:b0:b8:
27-
6d:df:3c:ee:bd:3b:87:e8:db:4d:3a:72:78:dd:db:
28-
40:3d:c9:20:46:b8:4e:33:bb:76:b7:4f:b2:79:da:
29-
03:cc:f9:75:c0:1d:4c:51:0a:b9:9b:25:34:50:11:
30-
97:df:82:46:02:a9:bc:98:51:3e:c3:df:57:ad:b7:
31-
28:be:de:65:ce:2b:f3:2c:22:f5:af:31:28:1c:ef:
32-
10:09
15+
00:c0:1f:90:7c:2b:c2:ea:01:93:ce:e0:c5:72:e8:
16+
1c:06:bd:63:4e:b6:d2:c6:00:32:13:27:42:9e:c9:
17+
3c:91:33:4d:15:90:67:7d:9d:d8:be:9b:12:e2:f6:
18+
1b:46:81:4a:8b:10:c5:b8:14:53:ab:6a:2c:c3:7f:
19+
66:87:6c:0e:18:51:4e:9c:93:7a:6d:a1:d4:06:47:
20+
58:61:a6:04:21:2c:bd:74:7a:e4:68:45:fe:91:fe:
21+
fb:a6:29:47:ec:c5:c3:88:c8:c9:e7:d7:c6:1a:0d:
22+
b8:f5:c5:02:57:25:01:cc:d5:8c:37:46:58:c6:71:
23+
30:ee:63:38:99:84:5e:9e:3c:af:40:d4:f0:f2:12:
24+
44:6e:2f:4d:cd:f9:da:4d:0e:1f:a6:fe:35:c3:9d:
25+
40:08:82:5e:6f:7d:4d:09:16:7d:a1:78:d6:9f:9f:
26+
44:d6:b1:ad:e7:50:25:1a:f3:4e:16:92:4a:17:5e:
27+
0b:e1:c8:9f:62:22:c4:e2:01:96:63:ed:37:a2:e5:
28+
70:b9:dc:c8:8e:c4:fe:00:21:f5:b9:48:c0:43:55:
29+
4a:d8:0c:9d:ce:d6:60:30:bb:81:31:c8:e9:0e:aa:
30+
1c:18:3d:e4:10:47:42:17:c0:4d:fb:f5:d9:c2:e4:
31+
07:33:f7:15:94:63:6d:11:ad:4f:d4:1d:11:41:c1:
32+
e2:dd
3333
Exponent: 65537 (0x10001)
3434
X509v3 extensions:
3535
X509v3 Subject Key Identifier:
36-
94:65:A1:A3:87:CF:BF:C1:74:BB:D8:84:97:B6:6B:EE:B2:90:73:B2
36+
C7:2C:01:95:1A:F5:3E:CD:04:A6:24:35:35:04:D9:A7:16:01:2A:79
3737
X509v3 Authority Key Identifier:
38-
keyid:94:65:A1:A3:87:CF:BF:C1:74:BB:D8:84:97:B6:6B:EE:B2:90:73:B2
38+
keyid:C7:2C:01:95:1A:F5:3E:CD:04:A6:24:35:35:04:D9:A7:16:01:2A:79
3939

4040
X509v3 Basic Constraints:
4141
CA:TRUE
42-
Signature Algorithm: sha256WithRSAEncryption
43-
32:97:4c:af:bf:ca:e0:10:66:b7:cc:8b:0d:05:d1:d2:ca:b8:
44-
0c:c2:78:57:1f:f6:55:9c:74:fc:bd:31:58:05:18:bc:6d:b5:
45-
79:9a:22:8c:1f:da:33:ea:ef:db:e3:cb:46:bc:36:91:8b:d8:
46-
36:8d:06:40:c2:e9:fe:79:1b:4a:c5:70:74:6d:9d:92:2c:90:
47-
be:3c:a7:88:03:e4:b7:ef:f4:b0:00:34:ec:8f:d1:c3:23:2b:
48-
ef:bc:ff:ab:a2:0e:bc:ba:11:a5:8e:44:80:fa:d6:f4:26:66:
49-
84:64:2c:e3:23:62:0c:e2:ba:01:ab:5f:24:d6:9d:7e:9c:7b:
50-
f4:5d:0e:ba:64:35:6e:a5:fa:98:0c:57:f3:72:e8:3e:2e:ce:
51-
b3:f9:e3:fa:ee:aa:79:f9:06:01:19:b2:b3:28:ff:f4:d6:bb:
52-
17:bb:a6:a0:e0:45:23:f3:61:40:31:5c:a3:ee:88:1c:00:31:
53-
54:96:f9:71:37:b5:7f:66:6a:af:04:94:09:39:99:b3:88:86:
54-
9e:bb:d6:36:24:24:f4:37:2c:a6:6c:0b:35:2e:bb:40:af:a7:
55-
64:8a:7f:f2:74:e3:94:0c:32:bd:31:3d:d9:79:68:0f:1e:4b:
56-
17:c0:4e:df:85:3c:f0:84:df:58:f1:d2:4d:2f:ad:ff:1b:d7:
57-
c8:9b:fe:dc
42+
Signature Algorithm: sha1WithRSAEncryption
43+
40:6f:6a:54:f3:29:30:48:46:bd:da:46:71:64:52:14:a7:c2:
44+
34:b7:5e:1e:42:3d:e7:47:92:cd:87:e7:9d:5d:1a:82:77:82:
45+
62:32:d4:9d:b6:44:11:dc:88:78:38:a5:d3:1f:1e:be:c2:d6:
46+
14:b0:58:35:cd:66:22:43:97:ba:bb:e3:44:4f:9d:75:14:9f:
47+
6f:37:d3:50:07:09:36:bc:58:92:e8:fe:c0:a8:ba:29:55:65:
48+
e2:6f:8f:ab:a5:1d:4f:56:37:de:c7:b4:39:20:4c:a8:4c:db:
49+
56:51:12:7e:e7:7f:83:9d:c4:c7:72:8f:6f:83:f0:af:e3:37:
50+
1c:40:fe:5e:38:26:2f:05:46:a7:0c:a5:81:79:d6:9c:9c:d7:
51+
56:eb:96:fe:c7:ae:8e:4f:5e:4a:6c:3a:fa:68:be:65:60:a2:
52+
d3:3f:07:76:45:b3:95:3e:11:ef:3a:0e:6f:73:47:4c:90:dd:
53+
0b:36:b4:22:df:62:8d:58:d2:a6:34:5b:f0:06:5d:cd:bf:52:
54+
fa:ee:9b:4f:e8:79:18:6e:1c:6e:5f:96:10:6d:2f:02:1b:dd:
55+
bf:14:c9:32:3c:83:a5:6e:56:56:78:9d:ce:84:50:a4:df:cc:
56+
b5:a9:b1:ec:09:07:74:02:27:7a:9d:d2:96:a9:80:95:9a:f2:
57+
8c:e9:ef:99
5858
-----BEGIN CERTIFICATE-----
59-
MIIDmTCCAoGgAwIBAgIJAOG0pVw936YTMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNV
60-
BAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEP
61-
MA0GA1UECgwGT3JhY2xlMQ4wDAYDVQQLDAVNeVNRTDELMAkGA1UEAwwCQ0EwHhcN
62-
MTQxMjA1MDQ0ODExWhcNMzAxMjAxMDQ0ODExWjBjMQswCQYDVQQGEwJTRTESMBAG
63-
A1UECAwJU3RvY2tob2xtMRIwEAYDVQQHDAlTdG9ja2hvbG0xDzANBgNVBAoMBk9y
64-
YWNsZTEOMAwGA1UECwwFTXlTUUwxCzAJBgNVBAMMAkNBMIIBIjANBgkqhkiG9w0B
65-
AQEFAAOCAQ8AMIIBCgKCAQEAtJW9JJJzBiIBEygOCaOUBZZUndyPgznzZHoxcPbZ
66-
xBQZdYemsepS7UBUWvacE47Ydo9aZaUgGRm9UZ26Nc6aqVgK/BFuHcuo8ZJ57qr8
67-
4zJeqg0LIzSV6dOOP3KTkLwssAR1T6RKoDLbrImsNJvQB+OB6cpbJvD13v7VXqBU
68-
Jt3sWAduueWX9iBt2ErAUMyB5tI/x0dwixWJZXEuR8NCdrXuFg4ml2qjHK2QU1Cw
69-
sW0dsLht3zzuvTuH6NtNOnJ43dtAPckgRrhOM7t2t0+yedoDzPl1wB1MUQq5myU0
70-
UBGX34JGAqm8mFE+w99Xrbcovt5lzivzLCL1rzEoHO8QCQIDAQABo1AwTjAdBgNV
71-
HQ4EFgQUlGWho4fPv8F0u9iEl7Zr7rKQc7IwHwYDVR0jBBgwFoAUlGWho4fPv8F0
72-
u9iEl7Zr7rKQc7IwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAMpdM
73-
r7/K4BBmt8yLDQXR0sq4DMJ4Vx/2VZx0/L0xWAUYvG21eZoijB/aM+rv2+PLRrw2
74-
kYvYNo0GQMLp/nkbSsVwdG2dkiyQvjyniAPkt+/0sAA07I/RwyMr77z/q6IOvLoR
75-
pY5EgPrW9CZmhGQs4yNiDOK6AatfJNadfpx79F0OumQ1bqX6mAxX83LoPi7Os/nj
76-
+u6qefkGARmysyj/9Na7F7umoOBFI/NhQDFco+6IHAAxVJb5cTe1f2ZqrwSUCTmZ
77-
s4iGnrvWNiQk9DcspmwLNS67QK+nZIp/8nTjlAwyvTE92XloDx5LF8BO34U88ITf
78-
WPHSTS+t/xvXyJv+3A==
59+
MIIDfzCCAmegAwIBAgIJAKC1veDywIyQMA0GCSqGSIb3DQEBBQUAMFYxDzANBgNV
60+
BAMMBmNhY2VydDELMAkGA1UEBhMCRkkxETAPBgNVBAgMCEhlbHNpbmtpMREwDwYD
61+
VQQHDAhIZWxzaW5raTEQMA4GA1UECgwHTWFyaWFEQjAeFw0xNTA0MjUxNDU1MDVa
62+
Fw0zNTA0MjAxNDU1MDVaMFYxDzANBgNVBAMMBmNhY2VydDELMAkGA1UEBhMCRkkx
63+
ETAPBgNVBAgMCEhlbHNpbmtpMREwDwYDVQQHDAhIZWxzaW5raTEQMA4GA1UECgwH
64+
TWFyaWFEQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMAfkHwrwuoB
65+
k87gxXLoHAa9Y0620sYAMhMnQp7JPJEzTRWQZ32d2L6bEuL2G0aBSosQxbgUU6tq
66+
LMN/ZodsDhhRTpyTem2h1AZHWGGmBCEsvXR65GhF/pH++6YpR+zFw4jIyefXxhoN
67+
uPXFAlclAczVjDdGWMZxMO5jOJmEXp48r0DU8PISRG4vTc352k0OH6b+NcOdQAiC
68+
Xm99TQkWfaF41p+fRNaxredQJRrzThaSShdeC+HIn2IixOIBlmPtN6LlcLncyI7E
69+
/gAh9blIwENVStgMnc7WYDC7gTHI6Q6qHBg95BBHQhfATfv12cLkBzP3FZRjbRGt
70+
T9QdEUHB4t0CAwEAAaNQME4wHQYDVR0OBBYEFMcsAZUa9T7NBKYkNTUE2acWASp5
71+
MB8GA1UdIwQYMBaAFMcsAZUa9T7NBKYkNTUE2acWASp5MAwGA1UdEwQFMAMBAf8w
72+
DQYJKoZIhvcNAQEFBQADggEBAEBvalTzKTBIRr3aRnFkUhSnwjS3Xh5CPedHks2H
73+
551dGoJ3gmIy1J22RBHciHg4pdMfHr7C1hSwWDXNZiJDl7q740RPnXUUn28301AH
74+
CTa8WJLo/sCouilVZeJvj6ulHU9WN97HtDkgTKhM21ZREn7nf4OdxMdyj2+D8K/j
75+
NxxA/l44Ji8FRqcMpYF51pyc11brlv7Hro5PXkpsOvpovmVgotM/B3ZFs5U+Ee86
76+
Dm9zR0yQ3Qs2tCLfYo1Y0qY0W/AGXc2/Uvrum0/oeRhuHG5flhBtLwIb3b8UyTI8
77+
g6VuVlZ4nc6EUKTfzLWpsewJB3QCJ3qd0papgJWa8ozp75k=
7978
-----END CERTIFICATE-----

mysql-test/std_data/client-cert.pem

Lines changed: 51 additions & 64 deletions
Original file line numberDiff line numberDiff line change
@@ -1,82 +1,69 @@
11
Certificate:
22
Data:
33
Version: 3 (0x2)
4-
Serial Number: 16263805969935345173 (0xe1b4a55c3ddfa615)
5-
Signature Algorithm: sha256WithRSAEncryption
6-
Issuer: C=SE, ST=Stockholm, L=Stockholm, O=Oracle, OU=MySQL, CN=CA
4+
Serial Number: 3 (0x3)
5+
Signature Algorithm: sha1WithRSAEncryption
6+
Issuer: CN=cacert, C=FI, ST=Helsinki, L=Helsinki, O=MariaDB
77
Validity
8-
Not Before: Dec 5 04:49:23 2014 GMT
9-
Not After : Dec 1 04:49:23 2029 GMT
10-
Subject: C=SE, ST=Stockholm, L=Stockholm, O=Oracle, OU=MySQL, CN=Client
8+
Not Before: Apr 25 14:55:16 2015 GMT
9+
Not After : Apr 20 14:55:16 2035 GMT
10+
Subject: C=FI, ST=Helsinki, L=Helsinki, O=MariaDB, CN=client
1111
Subject Public Key Info:
1212
Public Key Algorithm: rsaEncryption
13-
Public-Key: (2048 bit)
13+
Public-Key: (1024 bit)
1414
Modulus:
15-
00:c8:d1:a1:fe:a4:8c:f3:1b:17:71:1b:74:35:11:
16-
e0:0e:6c:40:0a:fb:c0:f7:f0:eb:bb:c9:1d:a1:c7:
17-
d7:b0:8a:f6:f1:cf:fa:6b:d0:79:64:eb:bb:69:a5:
18-
0d:80:06:df:52:14:d2:85:32:cf:bf:ce:2a:47:28:
19-
5b:cd:0b:28:ab:bb:07:33:d5:8b:d3:b4:72:c4:a6:
20-
b5:cc:37:b9:03:a8:78:56:25:58:1f:17:30:7c:d1:
21-
0a:bb:ec:3c:a3:03:90:97:99:92:49:ae:b3:57:96:
22-
5c:1a:e9:e8:02:23:ae:c8:c9:05:50:63:e5:77:a1:
23-
9a:73:06:74:0e:46:50:28:d8:c9:4f:c4:1c:37:b8:
24-
52:18:0b:af:19:2b:d4:e5:66:74:a4:f3:f0:da:09:
25-
30:f7:bc:0c:c9:9b:ce:57:06:04:27:e5:a1:2f:2b:
26-
a0:ba:b7:99:69:9d:46:fc:21:b6:45:81:9d:b2:3d:
27-
2f:76:15:78:b5:33:62:ac:1e:6b:66:dd:27:61:0a:
28-
47:02:20:2b:57:bb:32:20:dd:06:4c:76:a4:9b:72:
29-
42:4c:9c:2c:76:72:12:1f:4b:df:1e:11:1f:a9:06:
30-
54:dc:88:12:b0:49:d5:40:83:ef:7e:48:43:86:7a:
31-
37:a6:c1:d7:9b:fe:08:34:98:e0:54:3c:30:4f:79:
32-
15:29
15+
00:ce:a0:3d:3c:a4:bb:4f:a1:4f:91:0d:05:ac:5b:
16+
8a:15:7f:d7:aa:0c:a3:a7:9f:b2:c7:26:9d:65:28:
17+
b1:84:d3:a0:ef:9e:b1:45:0f:33:df:98:6e:71:ff:
18+
2b:66:9c:9c:c1:25:13:27:42:b6:20:46:e7:e7:47:
19+
a1:88:47:c2:9e:e2:45:25:99:9f:f9:28:1a:9a:13:
20+
67:5d:3e:b3:b8:fe:40:25:ac:26:49:46:2c:03:43:
21+
83:67:d8:0f:41:ae:2e:f4:d8:71:60:3c:8e:e7:91:
22+
d0:bb:2c:ca:12:da:71:1a:7b:e3:fa:8c:8f:c3:bb:
23+
62:55:89:b3:bf:85:45:01:61
3324
Exponent: 65537 (0x10001)
3425
X509v3 extensions:
3526
X509v3 Basic Constraints:
3627
CA:FALSE
3728
Netscape Comment:
3829
OpenSSL Generated Certificate
3930
X509v3 Subject Key Identifier:
40-
26:0C:90:BC:97:12:9E:43:BB:5E:FE:EB:A9:66:B3:C3:EE:B2:18:CB
31+
5A:73:74:8E:14:29:C3:FB:B4:19:0F:97:8F:AA:6F:E1:E1:A8:F7:5B
4132
X509v3 Authority Key Identifier:
42-
keyid:94:65:A1:A3:87:CF:BF:C1:74:BB:D8:84:97:B6:6B:EE:B2:90:73:B2
33+
keyid:C7:2C:01:95:1A:F5:3E:CD:04:A6:24:35:35:04:D9:A7:16:01:2A:79
4334

44-
Signature Algorithm: sha256WithRSAEncryption
45-
3e:3c:1f:6c:5b:83:d1:71:15:f5:45:52:fc:7f:67:bc:af:c5:
46-
92:f5:74:78:13:43:3c:fe:b5:61:bf:00:47:43:45:a0:b9:dd:
47-
a1:10:0c:29:69:2a:6f:7d:67:3d:1e:09:b5:15:74:bf:73:11:
48-
e6:e9:09:b6:6b:b5:cc:1e:06:fd:bd:3a:11:d3:44:bd:ca:7a:
49-
a1:f1:09:43:fc:bf:83:89:3a:b1:18:40:f3:cf:6d:12:ef:6e:
50-
0c:b7:a4:99:03:8a:4f:0c:3c:2c:23:78:35:2a:99:ea:de:9c:
51-
1b:e8:8d:19:fb:44:80:13:89:81:c5:05:4b:a7:66:6b:c0:31:
52-
41:f0:6c:60:aa:ec:d3:4c:ff:c1:3b:d5:bb:0d:42:7d:37:5e:
53-
80:e7:9c:7e:60:90:0f:a4:4e:70:20:9c:b1:e4:1b:70:65:b0:
54-
ef:bb:41:16:ed:ad:46:ce:34:d3:02:3d:dd:e2:50:fa:3c:5d:
55-
f0:e2:71:f8:9a:ef:a3:32:25:c5:8e:64:f4:46:e1:f4:c0:69:
56-
d2:34:56:8d:d9:c2:6e:b6:55:3b:6a:4d:b6:d2:84:ab:85:7b:
57-
cb:fd:b4:73:40:ba:5d:49:e2:0d:39:77:17:01:49:bb:72:8b:
58-
3a:c9:b1:e2:cd:13:d2:9c:ce:7d:6c:a8:f0:32:c9:a4:af:56:
59-
6f:8a:e6:88
35+
Signature Algorithm: sha1WithRSAEncryption
36+
32:42:4b:36:44:a5:6c:fb:70:d8:08:2b:cb:16:34:15:db:39:
37+
60:7b:7e:b4:4a:bc:fb:e5:16:04:97:0d:eb:f5:68:95:da:2f:
38+
23:57:4c:c9:29:2b:d1:1b:1b:9f:bd:f4:79:75:df:62:7f:63:
39+
b4:84:7a:95:5c:c4:ee:f3:77:16:e4:0b:8a:5e:c9:64:bd:7c:
40+
04:50:ac:ff:9a:41:6b:b1:6a:9f:cd:45:10:72:83:10:8a:26:
41+
1d:7f:6c:84:34:5a:41:79:72:91:ee:87:5d:1d:3a:55:ff:91:
42+
7e:52:85:ff:42:41:eb:76:56:23:e5:bc:bc:79:b1:aa:4e:4c:
43+
bf:7b:df:63:8b:1a:3c:4b:01:72:89:35:bb:0d:92:97:16:6e:
44+
ae:50:cb:89:ee:c6:7a:d0:d3:32:22:0f:19:33:1e:ee:ff:41:
45+
a5:a1:25:c5:4c:ce:8f:98:4c:b5:2c:1f:ec:cc:f1:21:e2:3a:
46+
ff:7d:6a:87:fe:89:fd:2c:20:3e:fb:9b:b8:c0:f9:09:99:ce:
47+
45:63:82:09:1c:bb:79:d8:a8:40:21:46:c7:ae:3e:dd:89:9d:
48+
56:46:4a:f4:ed:7d:5b:a6:1e:a6:1b:26:f9:ec:26:b4:51:3a:
49+
87:b6:50:13:84:33:22:1a:8a:20:c5:44:64:b8:bb:de:32:ec:
50+
6b:58:db:17
6051
-----BEGIN CERTIFICATE-----
61-
MIIDyDCCArCgAwIBAgIJAOG0pVw936YVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNV
62-
BAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEP
63-
MA0GA1UECgwGT3JhY2xlMQ4wDAYDVQQLDAVNeVNRTDELMAkGA1UEAwwCQ0EwHhcN
64-
MTQxMjA1MDQ0OTIzWhcNMjkxMjAxMDQ0OTIzWjBnMQswCQYDVQQGEwJTRTESMBAG
65-
A1UECAwJU3RvY2tob2xtMRIwEAYDVQQHDAlTdG9ja2hvbG0xDzANBgNVBAoMBk9y
66-
YWNsZTEOMAwGA1UECwwFTXlTUUwxDzANBgNVBAMMBkNsaWVudDCCASIwDQYJKoZI
67-
hvcNAQEBBQADggEPADCCAQoCggEBAMjRof6kjPMbF3EbdDUR4A5sQAr7wPfw67vJ
68-
HaHH17CK9vHP+mvQeWTru2mlDYAG31IU0oUyz7/OKkcoW80LKKu7BzPVi9O0csSm
69-
tcw3uQOoeFYlWB8XMHzRCrvsPKMDkJeZkkmus1eWXBrp6AIjrsjJBVBj5XehmnMG
70-
dA5GUCjYyU/EHDe4UhgLrxkr1OVmdKTz8NoJMPe8DMmbzlcGBCfloS8roLq3mWmd
71-
RvwhtkWBnbI9L3YVeLUzYqwea2bdJ2EKRwIgK1e7MiDdBkx2pJtyQkycLHZyEh9L
72-
3x4RH6kGVNyIErBJ1UCD735IQ4Z6N6bB15v+CDSY4FQ8ME95FSkCAwEAAaN7MHkw
73-
CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2Vy
74-
dGlmaWNhdGUwHQYDVR0OBBYEFCYMkLyXEp5Du17+66lms8PushjLMB8GA1UdIwQY
75-
MBaAFJRloaOHz7/BdLvYhJe2a+6ykHOyMA0GCSqGSIb3DQEBCwUAA4IBAQA+PB9s
76-
W4PRcRX1RVL8f2e8r8WS9XR4E0M8/rVhvwBHQ0Wgud2hEAwpaSpvfWc9Hgm1FXS/
77-
cxHm6Qm2a7XMHgb9vToR00S9ynqh8QlD/L+DiTqxGEDzz20S724Mt6SZA4pPDDws
78-
I3g1Kpnq3pwb6I0Z+0SAE4mBxQVLp2ZrwDFB8GxgquzTTP/BO9W7DUJ9N16A55x+
79-
YJAPpE5wIJyx5BtwZbDvu0EW7a1GzjTTAj3d4lD6PF3w4nH4mu+jMiXFjmT0RuH0
80-
wGnSNFaN2cJutlU7ak220oSrhXvL/bRzQLpdSeINOXcXAUm7cos6ybHizRPSnM59
81-
bKjwMsmkr1ZviuaI
52+
MIIDHjCCAgagAwIBAgIBAzANBgkqhkiG9w0BAQUFADBWMQ8wDQYDVQQDDAZjYWNl
53+
cnQxCzAJBgNVBAYTAkZJMREwDwYDVQQIDAhIZWxzaW5raTERMA8GA1UEBwwISGVs
54+
c2lua2kxEDAOBgNVBAoMB01hcmlhREIwHhcNMTUwNDI1MTQ1NTE2WhcNMzUwNDIw
55+
MTQ1NTE2WjBWMQswCQYDVQQGEwJGSTERMA8GA1UECAwISGVsc2lua2kxETAPBgNV
56+
BAcMCEhlbHNpbmtpMRAwDgYDVQQKDAdNYXJpYURCMQ8wDQYDVQQDDAZjbGllbnQw
57+
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM6gPTyku0+hT5ENBaxbihV/16oM
58+
o6efsscmnWUosYTToO+esUUPM9+YbnH/K2acnMElEydCtiBG5+dHoYhHwp7iRSWZ
59+
n/koGpoTZ10+s7j+QCWsJklGLANDg2fYD0GuLvTYcWA8jueR0LssyhLacRp74/qM
60+
j8O7YlWJs7+FRQFhAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8W
61+
HU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRac3SOFCnD
62+
+7QZD5ePqm/h4aj3WzAfBgNVHSMEGDAWgBTHLAGVGvU+zQSmJDU1BNmnFgEqeTAN
63+
BgkqhkiG9w0BAQUFAAOCAQEAMkJLNkSlbPtw2AgryxY0Fds5YHt+tEq8++UWBJcN
64+
6/VoldovI1dMySkr0Rsbn730eXXfYn9jtIR6lVzE7vN3FuQLil7JZL18BFCs/5pB
65+
a7Fqn81FEHKDEIomHX9shDRaQXlyke6HXR06Vf+RflKF/0JB63ZWI+W8vHmxqk5M
66+
v3vfY4saPEsBcok1uw2SlxZurlDLie7GetDTMiIPGTMe7v9BpaElxUzOj5hMtSwf
67+
7MzxIeI6/31qh/6J/SwgPvubuMD5CZnORWOCCRy7edioQCFGx64+3YmdVkZK9O19
68+
W6Yephsm+ewmtFE6h7ZQE4QzIhqKIMVEZLi73jLsa1jbFw==
8269
-----END CERTIFICATE-----

0 commit comments

Comments
 (0)