Permalink
Browse files

- Peter Sylvester made the HTTPS test server use specific certificate…

…s for

  each test, so that the test suite can now be used to actually test the
  verification of cert names etc. This made an error show up in the OpenSSL-
  specific code where it would attempt to match the CN field even if a
  subjectAltName exists that doesn't match. This is now fixed and verified
  in test 311.
  • Loading branch information...
1 parent a9caeb1 commit e73fe837a8877c0197721b91e0d5ec40cb7a2cd0 @bagder bagder committed Aug 11, 2009
Showing with 1,339 additions and 6 deletions.
  1. +7 −0 CHANGES
  2. +2 −0 RELEASE-NOTES
  3. +6 −0 lib/ssluse.c
  4. +1 −1 tests/Makefile.am
  5. +85 −0 tests/certs/EdelCurlRoot-ca.cacert
  6. +85 −0 tests/certs/EdelCurlRoot-ca.crt
  7. +17 −0 tests/certs/EdelCurlRoot-ca.csr
  8. BIN tests/certs/EdelCurlRoot-ca.der
  9. +30 −0 tests/certs/EdelCurlRoot-ca.key
  10. +18 −0 tests/certs/EdelCurlRoot-ca.prm
  11. +81 −0 tests/certs/Server-localhost-sv.crt
  12. +11 −0 tests/certs/Server-localhost-sv.csr
  13. BIN tests/certs/Server-localhost-sv.der
  14. 0 tests/certs/Server-localhost-sv.dhp
  15. +15 −0 tests/certs/Server-localhost-sv.key
  16. BIN tests/certs/Server-localhost-sv.p12
  17. +121 −0 tests/certs/Server-localhost-sv.pem
  18. +25 −0 tests/certs/Server-localhost-sv.prm
  19. +81 −0 tests/certs/Server-localhost.nn-sv.crt
  20. +11 −0 tests/certs/Server-localhost.nn-sv.csr
  21. BIN tests/certs/Server-localhost.nn-sv.der
  22. 0 tests/certs/Server-localhost.nn-sv.dhp
  23. +15 −0 tests/certs/Server-localhost.nn-sv.key
  24. +121 −0 tests/certs/Server-localhost.nn-sv.pem
  25. +25 −0 tests/certs/Server-localhost.nn-sv.prm
  26. +81 −0 tests/certs/Server-localhost0h-sv.crt
  27. +11 −0 tests/certs/Server-localhost0h-sv.csr
  28. BIN tests/certs/Server-localhost0h-sv.der
  29. 0 tests/certs/Server-localhost0h-sv.dhp
  30. +15 −0 tests/certs/Server-localhost0h-sv.key
  31. BIN tests/certs/Server-localhost0h-sv.p12
  32. +122 −0 tests/certs/Server-localhost0h-sv.pem
  33. +26 −0 tests/certs/Server-localhost0h-sv.prm
  34. +63 −0 tests/certs/scripts/genroot.sh
  35. +106 −0 tests/certs/scripts/genserv.sh
  36. +52 −0 tests/data/test310
  37. +38 −0 tests/data/test311
  38. +38 −0 tests/data/test312
  39. +22 −1 tests/httpsserver.pl
  40. +8 −4 tests/runtests.pl
View
@@ -7,6 +7,13 @@
Changelog
Daniel Stenberg (11 Aug 2009)
+- Peter Sylvester made the HTTPS test server use specific certificates for
+ each test, so that the test suite can now be used to actually test the
+ verification of cert names etc. This made an error show up in the OpenSSL-
+ specific code where it would attempt to match the CN field even if a
+ subjectAltName exists that doesn't match. This is now fixed and verified
+ in test 311.
+
- Benbuck Nason posted the bug report #2835196
(http://curl.haxx.se/bug/view.cgi?id=2835196), fixing a few compiler
warnings when mixing ints and bools.
View
@@ -42,6 +42,8 @@ This release includes the following bugfixes:
o rand seeding on libcurl on windows built with OpenSSL was not thread-safe
o fixed the zero byte inserted in cert name flaw in libcurl+OpenSSL
o don't try SNI with SSLv2 or SSLv3 (OpenSSL and GnuTLS builds)
+ o libcurl+OpenSSL would wrongly acknowledge a cert if CN matched but
+ subjectAltName didn't
This release includes the following known bugs:
View
@@ -1137,6 +1137,12 @@ static CURLcode verifyhost(struct connectdata *conn,
if(matched)
/* an alternative name matched the server hostname */
infof(data, "\t subjectAltName: %s matched\n", conn->host.dispname);
+ else if(altnames) {
+ /* an alternative name field existed, but didn't match and then
+ we MUST fail */
+ infof(data, "\t subjectAltName does not match %s\n", conn->host.dispname);
+ res = CURLE_PEER_FAILED_VERIFICATION;
+ }
else {
/* we have to look to the last occurence of a commonName in the
distinguished one to get the most significant one. */
View
@@ -27,7 +27,7 @@ PDFPAGES = testcurl.pdf runtests.pdf
EXTRA_DIST = ftpserver.pl httpserver.pl httpsserver.pl runtests.pl getpart.pm \
FILEFORMAT README stunnel.pem memanalyze.pl testcurl.pl valgrind.pm ftp.pm \
sshserver.pl sshhelp.pm testcurl.1 runtests.1 $(HTMLPAGES) $(PDFPAGES) \
- CMakeLists.txt
+ CMakeLists.txt certs/scripts/*.sh certs/Server* certs/EdelCurlRoot*
SUBDIRS = data server libtest
@@ -0,0 +1,85 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 0b:5c:fb:79:f2:09
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer:
+ countryName = NN
+ organizationName = Edel Curl Arctic Illudium Research Cloud
+ commonName = Nothern Nowhere Trust Anchor
+ Validity
+ Not Before: Aug 4 15:06:44 2009 GMT
+ Not After : Jan 7 15:06:44 2026 GMT
+ Subject:
+ countryName = NN
+ organizationName = Edel Curl Arctic Illudium Research Cloud
+ commonName = Nothern Nowhere Trust Anchor
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:bd:b7:e7:70:4c:17:0d:0f:e6:a4:ed:81:0b:26:
+ a9:d2:16:f6:2a:9c:87:6d:8e:7e:e2:71:98:89:41:
+ 97:d7:62:0b:c7:92:35:e5:09:0a:b4:67:06:59:c5:
+ 3b:2f:ae:6c:ff:68:6c:af:46:a3:1f:7e:32:5a:08:
+ c4:6e:65:5c:c2:9f:99:11:4e:28:dc:37:98:d0:ab:
+ 66:13:35:c6:bd:3c:6f:65:e2:5d:c2:59:21:80:68:
+ c0:85:eb:7e:a2:58:99:04:45:c3:f7:4c:39:83:fa:
+ 5c:6e:6a:a0:ff:45:b7:2f:7a:bb:bb:7f:3d:2b:cb:
+ 57:5f:09:24:c5:77:96:5d:1b:56:56:9a:48:51:0a:
+ f5:67:0f:67:8d:0d:82:c7:84:bf:b5:c5:f8:cd:71:
+ 2f:92:cb:e8:94:96:28:04:3a:c2:2c:38:e4:9e:3c:
+ 1b:89:9f:70:b6:02:b6:97:5e:2e:c1:5a:a7:af:86:
+ c2:b7:65:dc:83:8d:e7:85:72:a7:d1:f0:ba:ea:11:
+ dc:bd:7c:b5:68:89:82:15:2b:b5:91:f0:70:f5:fa:
+ e4:8c:21:fe:e7:8f:a3:16:5d:ee:a8:ff:a8:0e:22:
+ 1f:3e:27:25:f5:f1:a0:55:16:f7:c2:02:79:fb:c9:
+ ac:fd:d1:ca:6e:65:3e:97:cf:f0:df:c9:b9:c4:0a:
+ 87:c1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ X509v3 Subject Key Identifier:
+ 12:6B:24:D2:4A:68:B7:A1:B0:1C:CD:BF:D6:4C:CC:40:5B:7F:E0:40
+ Signature Algorithm: sha1WithRSAEncryption
+ 66:1e:56:86:7d:87:99:f9:9a:d9:fb:fe:9c:bf:9e:d9:90:07:
+ da:9a:33:0f:72:6b:44:00:df:85:f0:ff:ed:c5:06:1c:1c:ff:
+ 4e:94:7d:6f:6c:7e:82:1a:82:bc:fe:ac:02:c5:1d:d0:1f:a8:
+ e3:2d:a2:8d:43:8e:73:8a:b0:a4:da:0b:1d:7e:1c:e9:35:93:
+ 29:6d:05:9f:6d:6c:0e:09:ee:9c:1a:15:fe:8a:5e:19:d8:da:
+ a0:6b:2a:d5:1d:fa:0c:af:63:55:41:42:ec:dd:3c:b0:6e:1f:
+ 66:67:c5:28:fd:23:1b:a6:42:98:49:f5:33:58:7b:5a:91:c7:
+ 9c:66:1f:53:cc:8b:79:11:a9:fa:a3:b8:5e:e1:d1:12:97:ec:
+ 5e:4d:c9:77:4c:03:0c:e8:80:33:57:da:d4:ce:af:c5:1b:f5:
+ 96:47:d4:68:da:83:3c:45:ee:84:b4:82:94:cd:65:2c:41:f1:
+ 45:3d:19:9b:da:7a:54:04:e4:39:b1:b5:2a:15:29:b8:99:6d:
+ 30:73:12:bc:7d:e3:79:f2:12:aa:e1:d7:d1:83:c4:bb:0c:bb:
+ a1:36:37:84:38:de:7c:3a:d7:c8:4f:6b:d9:cb:80:2b:29:27:
+ bd:c3:de:a5:2a:11:6d:b6:09:59:e6:d7:49:ae:52:89:28:3b:
+ af:f0:bd:86
+-----BEGIN CERTIFICATE-----
+MIIDkDCCAnigAwIBAgIGC1z7efIJMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT
+Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo
+IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X
+DTA5MDgwNDE1MDY0NFoXDTI2MDEwNzE1MDY0NFowZzELMAkGA1UEBhMCTk4xMTAv
+BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx
+JTAjBgNVBAMMHE5vdGhlcm4gTm93aGVyZSBUcnVzdCBBbmNob3IwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9t+dwTBcND+ak7YELJqnSFvYqnIdtjn7i
+cZiJQZfXYgvHkjXlCQq0ZwZZxTsvrmz/aGyvRqMffjJaCMRuZVzCn5kRTijcN5jQ
+q2YTNca9PG9l4l3CWSGAaMCF636iWJkERcP3TDmD+lxuaqD/Rbcveru7fz0ry1df
+CSTFd5ZdG1ZWmkhRCvVnD2eNDYLHhL+1xfjNcS+Sy+iUligEOsIsOOSePBuJn3C2
+AraXXi7BWqevhsK3ZdyDjeeFcqfR8LrqEdy9fLVoiYIVK7WR8HD1+uSMIf7nj6MW
+Xe6o/6gOIh8+JyX18aBVFvfCAnn7yaz90cpuZT6Xz/DfybnECofBAgMBAAGjQjBA
+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQSayTS
+Smi3obAczb/WTMxAW3/gQDANBgkqhkiG9w0BAQUFAAOCAQEAZh5Whn2Hmfma2fv+
+nL+e2ZAH2pozD3JrRADfhfD/7cUGHBz/TpR9b2x+ghqCvP6sAsUd0B+o4y2ijUOO
+c4qwpNoLHX4c6TWTKW0Fn21sDgnunBoV/opeGdjaoGsq1R36DK9jVUFC7N08sG4f
+ZmfFKP0jG6ZCmEn1M1h7WpHHnGYfU8yLeRGp+qO4XuHREpfsXk3Jd0wDDOiAM1fa
+1M6vxRv1lkfUaNqDPEXuhLSClM1lLEHxRT0Zm9p6VATkObG1KhUpuJltMHMSvH3j
+efISquHX0YPEuwy7oTY3hDjefDrXyE9r2cuAKyknvcPepSoRbbYJWebXSa5SiSg7
+r/C9hg==
+-----END CERTIFICATE-----
@@ -0,0 +1,85 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 0b:5c:fb:79:f2:09
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer:
+ countryName = NN
+ organizationName = Edel Curl Arctic Illudium Research Cloud
+ commonName = Nothern Nowhere Trust Anchor
+ Validity
+ Not Before: Aug 4 15:06:44 2009 GMT
+ Not After : Jan 7 15:06:44 2026 GMT
+ Subject:
+ countryName = NN
+ organizationName = Edel Curl Arctic Illudium Research Cloud
+ commonName = Nothern Nowhere Trust Anchor
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:bd:b7:e7:70:4c:17:0d:0f:e6:a4:ed:81:0b:26:
+ a9:d2:16:f6:2a:9c:87:6d:8e:7e:e2:71:98:89:41:
+ 97:d7:62:0b:c7:92:35:e5:09:0a:b4:67:06:59:c5:
+ 3b:2f:ae:6c:ff:68:6c:af:46:a3:1f:7e:32:5a:08:
+ c4:6e:65:5c:c2:9f:99:11:4e:28:dc:37:98:d0:ab:
+ 66:13:35:c6:bd:3c:6f:65:e2:5d:c2:59:21:80:68:
+ c0:85:eb:7e:a2:58:99:04:45:c3:f7:4c:39:83:fa:
+ 5c:6e:6a:a0:ff:45:b7:2f:7a:bb:bb:7f:3d:2b:cb:
+ 57:5f:09:24:c5:77:96:5d:1b:56:56:9a:48:51:0a:
+ f5:67:0f:67:8d:0d:82:c7:84:bf:b5:c5:f8:cd:71:
+ 2f:92:cb:e8:94:96:28:04:3a:c2:2c:38:e4:9e:3c:
+ 1b:89:9f:70:b6:02:b6:97:5e:2e:c1:5a:a7:af:86:
+ c2:b7:65:dc:83:8d:e7:85:72:a7:d1:f0:ba:ea:11:
+ dc:bd:7c:b5:68:89:82:15:2b:b5:91:f0:70:f5:fa:
+ e4:8c:21:fe:e7:8f:a3:16:5d:ee:a8:ff:a8:0e:22:
+ 1f:3e:27:25:f5:f1:a0:55:16:f7:c2:02:79:fb:c9:
+ ac:fd:d1:ca:6e:65:3e:97:cf:f0:df:c9:b9:c4:0a:
+ 87:c1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ X509v3 Subject Key Identifier:
+ 12:6B:24:D2:4A:68:B7:A1:B0:1C:CD:BF:D6:4C:CC:40:5B:7F:E0:40
+ Signature Algorithm: sha1WithRSAEncryption
+ 66:1e:56:86:7d:87:99:f9:9a:d9:fb:fe:9c:bf:9e:d9:90:07:
+ da:9a:33:0f:72:6b:44:00:df:85:f0:ff:ed:c5:06:1c:1c:ff:
+ 4e:94:7d:6f:6c:7e:82:1a:82:bc:fe:ac:02:c5:1d:d0:1f:a8:
+ e3:2d:a2:8d:43:8e:73:8a:b0:a4:da:0b:1d:7e:1c:e9:35:93:
+ 29:6d:05:9f:6d:6c:0e:09:ee:9c:1a:15:fe:8a:5e:19:d8:da:
+ a0:6b:2a:d5:1d:fa:0c:af:63:55:41:42:ec:dd:3c:b0:6e:1f:
+ 66:67:c5:28:fd:23:1b:a6:42:98:49:f5:33:58:7b:5a:91:c7:
+ 9c:66:1f:53:cc:8b:79:11:a9:fa:a3:b8:5e:e1:d1:12:97:ec:
+ 5e:4d:c9:77:4c:03:0c:e8:80:33:57:da:d4:ce:af:c5:1b:f5:
+ 96:47:d4:68:da:83:3c:45:ee:84:b4:82:94:cd:65:2c:41:f1:
+ 45:3d:19:9b:da:7a:54:04:e4:39:b1:b5:2a:15:29:b8:99:6d:
+ 30:73:12:bc:7d:e3:79:f2:12:aa:e1:d7:d1:83:c4:bb:0c:bb:
+ a1:36:37:84:38:de:7c:3a:d7:c8:4f:6b:d9:cb:80:2b:29:27:
+ bd:c3:de:a5:2a:11:6d:b6:09:59:e6:d7:49:ae:52:89:28:3b:
+ af:f0:bd:86
+-----BEGIN CERTIFICATE-----
+MIIDkDCCAnigAwIBAgIGC1z7efIJMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT
+Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo
+IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X
+DTA5MDgwNDE1MDY0NFoXDTI2MDEwNzE1MDY0NFowZzELMAkGA1UEBhMCTk4xMTAv
+BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx
+JTAjBgNVBAMMHE5vdGhlcm4gTm93aGVyZSBUcnVzdCBBbmNob3IwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9t+dwTBcND+ak7YELJqnSFvYqnIdtjn7i
+cZiJQZfXYgvHkjXlCQq0ZwZZxTsvrmz/aGyvRqMffjJaCMRuZVzCn5kRTijcN5jQ
+q2YTNca9PG9l4l3CWSGAaMCF636iWJkERcP3TDmD+lxuaqD/Rbcveru7fz0ry1df
+CSTFd5ZdG1ZWmkhRCvVnD2eNDYLHhL+1xfjNcS+Sy+iUligEOsIsOOSePBuJn3C2
+AraXXi7BWqevhsK3ZdyDjeeFcqfR8LrqEdy9fLVoiYIVK7WR8HD1+uSMIf7nj6MW
+Xe6o/6gOIh8+JyX18aBVFvfCAnn7yaz90cpuZT6Xz/DfybnECofBAgMBAAGjQjBA
+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQSayTS
+Smi3obAczb/WTMxAW3/gQDANBgkqhkiG9w0BAQUFAAOCAQEAZh5Whn2Hmfma2fv+
+nL+e2ZAH2pozD3JrRADfhfD/7cUGHBz/TpR9b2x+ghqCvP6sAsUd0B+o4y2ijUOO
+c4qwpNoLHX4c6TWTKW0Fn21sDgnunBoV/opeGdjaoGsq1R36DK9jVUFC7N08sG4f
+ZmfFKP0jG6ZCmEn1M1h7WpHHnGYfU8yLeRGp+qO4XuHREpfsXk3Jd0wDDOiAM1fa
+1M6vxRv1lkfUaNqDPEXuhLSClM1lLEHxRT0Zm9p6VATkObG1KhUpuJltMHMSvH3j
+efISquHX0YPEuwy7oTY3hDjefDrXyE9r2cuAKyknvcPepSoRbbYJWebXSa5SiSg7
+r/C9hg==
+-----END CERTIFICATE-----
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICrDCCAZQCAQAwZzELMAkGA1UEBhMCTk4xMTAvBgNVBAoMKEVkZWwgQ3VybCBB
+cmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQxJTAjBgNVBAMMHE5vdGhlcm4g
+Tm93aGVyZSBUcnVzdCBBbmNob3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQC9t+dwTBcND+ak7YELJqnSFvYqnIdtjn7icZiJQZfXYgvHkjXlCQq0ZwZZ
+xTsvrmz/aGyvRqMffjJaCMRuZVzCn5kRTijcN5jQq2YTNca9PG9l4l3CWSGAaMCF
+636iWJkERcP3TDmD+lxuaqD/Rbcveru7fz0ry1dfCSTFd5ZdG1ZWmkhRCvVnD2eN
+DYLHhL+1xfjNcS+Sy+iUligEOsIsOOSePBuJn3C2AraXXi7BWqevhsK3ZdyDjeeF
+cqfR8LrqEdy9fLVoiYIVK7WR8HD1+uSMIf7nj6MWXe6o/6gOIh8+JyX18aBVFvfC
+Ann7yaz90cpuZT6Xz/DfybnECofBAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEA
+IFe5QoGVnUvCDOvZPMFmnclBgPVpTYB/twQEK3VoKnTbWj78LL6IGJLoqS7l+wnW
+5PLYGjNwR7atIw1pnq6i+GglV5USXRMCNfB0NYLEZdfIUKwIQia2sidmv1gHDXbW
+oCh33kwizd8K0pCivtS60p7PfrjyKuj0qcdwFLuW6sa9ks4mswsykPJFFWseln6U
+YlFNOX2OWSNnoadLVgTxhIuSr7rXHVza01sNvH/tXKO0J4gfK7TctZpNsl4tnWx8
+6wjXe55aQqokjdfe92mPKClMuiXJTLPkM4tPN1Wau3qYw+BAb038z+j8FL8n7CEU
+n3WlmMJ7tmkd3NShPejqZQ==
+-----END CERTIFICATE REQUEST-----
Binary file not shown.
@@ -0,0 +1,30 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIUbvkhX/UejoCAggA
+MBQGCCqGSIb3DQMHBAhyTjz68mGb9gSCBMjeTO0EBH03MKmIHaDTPzJyJO4jyqQS
+WJw6j+nYXHLQ3/PDh431GIQatN6Hpp14e+y/PZEl68jB8cxVCpiGO+JLT7ov4zlU
+nLsCwSn7lmFeylrlZYOnP//3JVfEwcO3E22y6Ay3RKm5UYKTYoCXwkIC7xockF4+
+E3xq2bRYD4OGrb77srqU2puPie0otfm3dpkZk5FKY/9knygufqO0HoC6y1swPT0q
+ykOst064UGFG36IiISVImoYeOQ2kY0fo3bBtC7QGhCiid0cOXZOUZD7I+Vz7UPJo
+XUtM0s9V1uer/DrDREFrCG/GfwNDhrhqXM4AsJQwPi8FV4KK+rHOFCg0FOPAlGff
+UMArHp81ZmM9T6SWmWFGdmJPNz0jp7HPmzYt3rXQc88qk0iig+A42SMqj6otMPuJ
+st/0Sm+GzRHjbgV0Jh2zPpTwzznLj8NjHCtmSWijFZZbylEvr3klzLdnva5c75pw
+Qhqbe3ZkNaRkJvxWlIvd8qrE4rix34M5ZN1gm4+y5kE8gYjMF8KdBwxfsSkobL48
+i2NpaROvFhewE9IaoJ8bAVJA9KpHZBftWaZFJ7S7h0Vdhw0KRVFZYQiz6xqma4Xp
+yp4EopNdffuEXxQOQiAsHyhnBsPGoMTUpCQAfL1v90+SIs0FG6faClk3L6EyATXW
+pLQURbocUJYr6hyxY62Y1pc3TVlspIv/kukKtwq7iuvD5mFgmGumSI/pq2jfKo02
+aFSPTNVEidFvJJVr0HVIwPVmuMRs0Lr0t8Txih4NIzTITR4tPwaIwhi0Qi3VanNG
+TY9oevkclxiNbP9OQfIP6CMHNnAzLhOm+vbwlkCAqcFo0KjzGJb4NhyAxYpUZ7U3
+NGoNVQ7haF/Frz5PxAGl5l57qLI4pHsknrZsKxiTKpSy5l3melj3Zk0R2jXN9uJX
+Z3FYG6R7Zbnt8gbXw1dqteLo07ObS7OwULqAJlboqporOtvWKhqPTPeNFP7HCdHJ
+uFBVQJwWGD8QBcZ1k591JcFY7vPWHdQF7ku+EEs7dEeNBUS28Baw5qoiXRBWsD7B
+Y3D4QaAZF64rqvtIlhDZBzmrUZ1KqJDX1B9I2pf7D6bbxL0wYiVTRQeoDV7eGZXF
+0+tMbHgZ/CmAsOx0sdcR0BkigQMGh9HHtDs4gRJsf/RjzkKJQD28FfJxqvRYDYFd
+8PSL7/DPipTUxvALuKWX/cRR/kVDEvt3AXJqAJsb3Xf/NloicieQ5QCy2LXwU4rQ
+pBur7YFHw2VfT/HU8Jdd3yoXJPRBy9bAGFXojtBT6cuCcyBrUwrFo/nfiirK1WAd
+krIL1/kUNKy34b/Yp2/BNuo+QrDP7tJNWVO7pVs1eNFs45en0GNR1tsaIxN95MwX
+vw4g4vMNMkpEPdLCPkjCYuW6mqkxT7ED3LAEsOBljcjkaId4QVS2TZv9V+izeHx8
+OGYmyJB5d2N/v1gwBSq7h+xx7bG/hByJ+7hGR3J9+3HEN/TYFPqjIofA8sBZ6Emt
+oICblaS4xlmWwb8iSdo38yDWVaemmuW3zpCLfCR3RFT8aV9u1eahYWuU0/kgn2QB
+GvaavsdlahZl+f0uqf67TDWxTDkeQuiiRwy3UCnooxDLclq3YM9yWP4wbq9xNn4d
+G+0=
+-----END ENCRYPTED PRIVATE KEY-----
@@ -0,0 +1,18 @@
+extensions = x509v3
+[ req ]
+default_bits = 2048
+distinguished_name = req_DN
+default_md = sha256
+string_mask = utf8only
+[ req_DN ]
+countryName = "Country Name"
+countryName_value = NN
+organizationName = "Organization Name"
+organizationName_value = Edel Curl Arctic Illudium Research Cloud
+commonName = "Common Name"
+commonName_value = Nothern Nowhere Trust Anchor
+[ x509v3 ]
+basicConstraints = critical,CA:true
+keyUsage = critical,keyCertSign,cRLSign
+subjectKeyIdentifier = hash
+
@@ -0,0 +1,81 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 0b:5d:0a:89:a5:41
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer:
+ countryName = NN
+ organizationName = Edel Curl Arctic Illudium Research Cloud
+ commonName = Nothern Nowhere Trust Anchor
+ Validity
+ Not Before: Aug 4 22:07:52 2009 GMT
+ Not After : Oct 21 22:07:52 2017 GMT
+ Subject:
+ countryName = NN
+ organizationName = Edel Curl Arctic Illudium Research Cloud
+ commonName = localhost
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:d3:6f:53:ed:32:a1:69:20:22:6e:5c:69:34:3d:
+ 8f:14:65:61:c8:f7:99:15:ec:a9:51:43:87:7a:b0:
+ 4b:65:c5:c2:7c:e4:4a:f0:c7:25:42:19:ec:ec:84:
+ 5a:62:a0:4e:de:f9:2d:86:aa:e5:b2:b9:f7:e8:1f:
+ 5d:c6:8d:07:b1:83:54:92:a8:65:5d:2c:e6:3b:e0:
+ f3:0e:ae:b2:72:05:4c:dd:85:90:16:bc:1f:03:59:
+ 23:76:be:e0:38:ee:21:05:37:d0:01:31:7d:1f:3c:
+ f5:fd:78:56:cd:cb:86:bb:d1:e8:07:73:a6:90:f9:
+ 3b:7e:9d:85:bc:3c:2a:78:49
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Alternative Name:
+ DNS:localhost
+ X509v3 Key Usage:
+ Key Encipherment
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication
+ X509v3 Subject Key Identifier:
+ 53:59:CB:8D:67:CD:E7:63:E2:E5:DD:F0:F8:E1:82:ED:A8:10:38:A3
+ X509v3 Authority Key Identifier:
+ keyid:12:6B:24:D2:4A:68:B7:A1:B0:1C:CD:BF:D6:4C:CC:40:5B:7F:E0:40
+
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ Signature Algorithm: sha1WithRSAEncryption
+ 06:3f:b8:df:8e:20:9d:cd:cd:bc:a9:88:eb:2d:f8:e6:f0:15:
+ fa:14:9c:5f:55:bc:8f:68:40:aa:d2:51:03:ab:09:ee:ee:a6:
+ d7:8f:32:9a:75:0b:41:35:71:bf:d9:35:03:dd:fd:e5:7d:45:
+ db:e5:9a:16:14:14:c7:98:a5:c5:b9:4d:81:3a:0c:f9:e0:97:
+ 71:d0:f3:a0:5d:84:ba:83:a8:d8:a0:98:bf:12:48:42:f0:1b:
+ 8a:58:80:16:62:69:bb:96:5a:ce:ac:02:fa:cb:cd:20:30:d0:
+ fb:23:3a:d3:7b:75:03:c8:c1:20:9e:24:90:d2:61:00:85:63:
+ e2:f9:a7:52:50:e2:0d:3b:61:f9:b1:d5:5f:64:dd:cb:38:7b:
+ 05:8d:b7:f9:08:8e:bf:d3:02:13:e7:34:fa:3d:bb:af:d7:aa:
+ de:79:28:f4:ae:87:f5:49:85:42:c7:af:8b:a0:94:ed:21:de:
+ 36:e6:38:a3:0f:75:cf:68:10:48:1d:7d:9b:a2:88:86:bd:b5:
+ fe:95:4a:c8:fe:77:6b:0a:47:79:ab:d6:35:ea:53:4f:8f:3a:
+ ba:e1:4c:00:57:b8:99:f9:21:5d:d2:ad:d9:c7:fa:bf:71:73:
+ 49:5d:0b:2c:fd:02:37:94:3c:3e:d7:ef:72:c5:e3:f3:14:9f:
+ 58:27:2a:aa
+-----BEGIN CERTIFICATE-----
+MIIDQTCCAimgAwIBAgIGC10KiaVBMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT
+Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo
+IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X
+DTA5MDgwNDIyMDc1MloXDTE3MTAyMTIyMDc1MlowVDELMAkGA1UEBhMCTk4xMTAv
+BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx
+EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+029T7TKhaSAiblxpND2PFGVhyPeZFeypUUOHerBLZcXCfORK8MclQhns7IRaYqBO
+3vkthqrlsrn36B9dxo0HsYNUkqhlXSzmO+DzDq6ycgVM3YWQFrwfA1kjdr7gOO4h
+BTfQATF9Hzz1/XhWzcuGu9HoB3OmkPk7fp2FvDwqeEkCAwEAAaOBiTCBhjAUBgNV
+HREEDTALgglsb2NhbGhvc3QwCwYDVR0PBAQDAgUgMBMGA1UdJQQMMAoGCCsGAQUF
+BwMBMB0GA1UdDgQWBBRTWcuNZ83nY+Ll3fD44YLtqBA4ozAfBgNVHSMEGDAWgBQS
+ayTSSmi3obAczb/WTMxAW3/gQDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBQUA
+A4IBAQAGP7jfjiCdzc28qYjrLfjm8BX6FJxfVbyPaECq0lEDqwnu7qbXjzKadQtB
+NXG/2TUD3f3lfUXb5ZoWFBTHmKXFuU2BOgz54Jdx0POgXYS6g6jYoJi/EkhC8BuK
+WIAWYmm7llrOrAL6y80gMND7IzrTe3UDyMEgniSQ0mEAhWPi+adSUOINO2H5sdVf
+ZN3LOHsFjbf5CI6/0wIT5zT6Pbuv16reeSj0rof1SYVCx6+LoJTtId425jijD3XP
+aBBIHX2booiGvbX+lUrI/ndrCkd5q9Y16lNPjzq64UwAV7iZ+SFd0q3Zx/q/cXNJ
+XQss/QI3lDw+1+9yxePzFJ9YJyqq
+-----END CERTIFICATE-----
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBkzCB/QIBADBUMQswCQYDVQQGEwJOTjExMC8GA1UECgwoRWRlbCBDdXJsIEFy
+Y3RpYyBJbGx1ZGl1bSBSZXNlYXJjaCBDbG91ZDESMBAGA1UEAwwJbG9jYWxob3N0
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTb1PtMqFpICJuXGk0PY8UZWHI
+95kV7KlRQ4d6sEtlxcJ85ErwxyVCGezshFpioE7e+S2GquWyuffoH13GjQexg1SS
+qGVdLOY74PMOrrJyBUzdhZAWvB8DWSN2vuA47iEFN9ABMX0fPPX9eFbNy4a70egH
+c6aQ+Tt+nYW8PCp4SQIDAQABoAAwDQYJKoZIhvcNAQELBQADgYEAxfegbegW/e09
+TV4TVuyt7S7wwCJFepfi7hNDoPf/CiuW3KeSySP68iD9QUNhy2wADFP6eHPaooUZ
+h5PIvZ8IKpBzIbtG2mcOV4tKEBIshoBv/VFOTUqGKJf4r9dK0AjbovyPNpt9lCcO
+xcnrH3WuQUVdmXVvlUXHz/mhzs2TFx4=
+-----END CERTIFICATE REQUEST-----
Binary file not shown.
No changes.
Oops, something went wrong.

0 comments on commit e73fe83

Please sign in to comment.