Apache2-Kurs/2024-10
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Kapitel 10: CA für SSL-VHosts

Browse source
This commit is contained in:
Sven Velt 2024-10-17 09:16:17 +02:00
parent 5a8bea9cda
commit 398da6546d
25 changed files with 1494 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
CA/cacert.pem Normal file
View file

@ -0,0 +1,35 @@
-----BEGIN CERTIFICATE-----
MIIGHzCCBAegAwIBAgIUIWY8g4E1+znFesEFVN7wEHaTKGQwDQYJKoZIhvcNAQEL
BQAwgZ4xCzAJBgNVBAYTAkRFMRAwDgYDVQQIDAdGcmFua2VuMRIwEAYDVQQHDAlT
Y2h3YWJhY2gxETAPBgNVBAoMCHZlbHQuYml6MSowKAYDVQQLDCFPcGVuLVNvdXJj
ZSBDb25zdWx0aW5nICYgVHJhaW5pbmcxGjAYBgkqhkiG9w0BCQEWC2NhQHZlbHQu
Yml6MQ4wDAYDVQQDDAVjYS5zdjAeFw0yNDEwMTcwNjUwMzNaFw0zNDEwMTUwNjUw
MzNaMIGeMQswCQYDVQQGEwJERTEQMA4GA1UECAwHRnJhbmtlbjESMBAGA1UEBwwJ
U2Nod2FiYWNoMREwDwYDVQQKDAh2ZWx0LmJpejEqMCgGA1UECwwhT3Blbi1Tb3Vy
Y2UgQ29uc3VsdGluZyAmIFRyYWluaW5nMRowGAYJKoZIhvcNAQkBFgtjYUB2ZWx0
LmJpejEOMAwGA1UEAwwFY2Euc3YwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
AoICAQCznYEpE/pcWzhtO8HkgPM6giFxQ6cnq7m+fjuowtZzD0UhBWP4GEAO7PY7
aHhh5u8UBpeunX39GWK3OBmpbhE7OIsiru9o3iEq7/6anrSIiCpLFTtQFTFDmPPt
2gBFKlNjMS647lgH7vkDTI3rTn70Cm4pCjD0yzXGOv726+3f0WuF+j31ozc+hDKM
t4YXIIADzskjF7a209UbOpB7u61vE6VSgnWuwjhitxgBT6aVdLsGinqy5tsDrDti
a+koyNGI3GycyRZcthw0quEtlNwz9+keRn6kaVm8WOOfWyvSIZselxrSSheVnELH
EQtZaDqjsfFqLGn6elElZK8V8/kclhdkQLzdSrLmYf7lSGV47NyzulehAFryY0XK
891Opfu6X0aqnZ77r5jvV5L+oNNvzthW43QWN0+RcFNcUVOfm3llGxnu+IO48GYy
Dw753wDvK0B9EZ/7ru+iKNYWY5w0hKzldUWKw6LstGiKZqUnTKSAK+glQnCUihWy
pWE+qpJZUD/YybcDReKeYGOcalSg79fDWJ/Cw2tHhT7Hv6n6L/iyp22O5oCbs0Nn
y9VpaFx8DMfVgELMNp+UlG4621/PKlTy7pPlyCyahJb/Do1R9Erqandpgd8yOOhb
RBcEITFX4txuor/fmH4rrpTHEe66tw8X76iH/d4sqZSAmw7YiQIDAQABo1MwUTAd
BgNVHQ4EFgQUmHM+loTAQxSml6So8ug8vCAgZ5QwHwYDVR0jBBgwFoAUmHM+loTA
QxSml6So8ug8vCAgZ5QwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC
AgEAsToJuGACdafaKSUEhCfB994zxws89f1McRFe+pxKmVjmlIVMsJOsMcwqOfdb
ZeGSzvkt+w2cuSLcTVN7Y83rbzAC4GLHNA5IMyzvi96MM1vUCIitrfEOJp8TKXCj
vuQ1jXpEqGJA4iIMRbEW1lnI1Mj4G1+8dbjkbJ1xEE+91IFi1Lk1X239wnPe8xZ4
URVQaNL3ToGMVXQhGwivm8+2jBP2BRN2emBKiN5FbCoPcV3uVT6iG+Sdu5IZozeS
IBujn505gLBvXdwG3VzigAYQ9UyXEfKHPIbpW+RoPG1YHjxk1JSvqOgVxgPifK6Z
kTr7V+NNdnbAi3LDw1ejZegSWJHzlepsEde5vOkA4tmXQwpmeCRx1tj95KpzHyur
DKlNhylyLYXGYzt/F+IWLosLjUfoKgMoASfn7d8N8+2m9KKIumjVqfzjfsuKHtwL
m5d2Zp+BAJWP5tSlnl/6PugmCwEFeorfaCBOLCUaV16JX8IfQcwa4MuZ0pkBHW46
JsiWYJdmVhX/O34aQwMi53WlA82JP3MEr3AB3za38dtpnTn6GBTKvsOdk2ECCEkT
ESJVOX+mO1Pxc9JUY5b+2h77JWQfC0VKtvlxXwex2NojQW3z7uJcsRF2jQKaTXTD
XY1FRAu+stJj8zUPuCxdPA4WdUeCsl+iSGt5UjBqbKHMbC0=
-----END CERTIFICATE-----

103
CA/certs/firma1.sv.crt Normal file
View file

@ -0,0 +1,103 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68 (0x44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv
Validity
Not Before: Oct 17 06:50:34 2024 GMT
Not After : Oct 17 06:50:34 2025 GMT
Subject: CN=firma1.sv
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:88:0a:4d:ae:43:f8:5e:e6:16:11:27:1e:e5:76:
b7:ee:30:69:ad:9c:c9:70:8c:c1:6c:d6:90:be:74:
2b:9f:8e:78:0d:be:05:e9:ca:f7:f2:99:63:5d:1a:
d7:8e:4c:31:11:07:29:1e:7a:cf:57:f7:fd:8d:d1:
19:85:d3:bc:ea:88:e3:ef:6a:e7:a8:25:64:d3:c5:
98:2c:bf:4b:61:97:b3:f3:60:cf:67:36:3f:a4:ae:
e6:5d:39:39:ef:4a:68:d2:81:85:d4:0e:ce:86:37:
dd:f6:26:bd:d6:b9:43:f7:86:81:8f:c5:21:df:07:
70:83:e6:c4:7e:b9:f5:0b:36:53:08:64:68:10:47:
3b:37:10:5d:67:5e:01:34:4c:40:0e:3d:52:1d:c4:
2d:a9:d9:99:da:a9:2a:4f:cc:50:d9:13:75:a6:6b:
61:ec:6c:41:8f:65:dd:1b:8c:10:5d:16:37:df:f5:
93:f5:eb:ef:78:ac:51:95:56:f3:14:54:ae:e4:2a:
4f:53:8a:48:4b:cb:fd:d6:87:1d:69:20:65:08:94:
41:07:3e:51:c2:91:72:c0:ba:1a:2d:7e:24:cc:8b:
1c:6d:6a:bb:9c:70:05:5c:60:55:c1:8d:8d:22:3c:
2a:29:48:0a:22:d0:33:e9:81:73:2e:03:0e:e2:4b:
5b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
F0:B6:FE:32:8A:B2:06:B0:F1:5F:FB:D3:AD:4F:B0:E3:FC:68:DC:60
X509v3 Authority Key Identifier:
98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94
X509v3 Subject Alternative Name:
DNS:firma1.sv, DNS:www.firma1.sv
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
6a:32:10:32:ca:f1:43:fa:b8:c7:3b:74:b3:98:5c:aa:67:0a:
da:4e:19:cf:1c:af:30:36:04:e3:a0:7f:7d:70:1a:00:a7:94:
09:3e:c1:f5:8a:bc:46:11:e8:a4:7b:bd:b5:d7:4b:e3:e8:8b:
fd:0d:fb:24:25:31:0b:fb:f5:0f:10:b6:d8:7c:81:ff:aa:21:
ed:59:b6:75:5e:07:d9:ea:8d:a6:b9:f7:86:1e:3f:e7:2e:38:
9c:72:1f:f3:7f:58:12:07:4b:79:a6:17:a4:f1:65:41:1a:eb:
80:9a:43:59:9b:ff:7f:2d:6e:17:40:c1:5d:07:38:c9:bc:a8:
e2:f0:dd:01:08:8f:e0:c2:16:09:09:2b:26:7c:e6:4d:ea:3c:
2f:31:a1:7a:68:f2:84:fb:a0:9c:8c:c7:f2:ee:50:9e:b1:ff:
43:b8:a7:23:ce:66:2b:40:c5:bf:59:1d:52:84:59:da:74:3d:
f0:3a:8f:63:ad:3e:f2:05:c9:3a:a0:c9:01:fe:3d:a0:60:6f:
eb:ab:4a:40:36:64:31:dd:f0:1f:af:e0:0f:ee:c9:49:14:77:
bb:cc:dc:68:19:12:23:e5:31:6b:80:f4:16:dd:97:15:15:53:
23:9e:3d:a1:19:60:b6:9f:7c:d1:4d:58:5f:60:3d:41:db:96:
33:63:eb:d7:a7:a8:41:e6:0d:a2:5a:92:f4:5a:4c:56:23:c0:
15:bc:31:6e:88:33:6e:ba:c5:57:5f:93:24:32:fe:37:7b:02:
f4:e3:80:c2:65:81:4c:f4:2f:40:d2:b2:12:35:e0:14:42:98:
c3:07:c6:c0:5e:7c:22:6f:d1:ee:f3:36:bb:4e:5f:3f:84:d7:
3a:ad:88:d8:e6:e0:2b:f6:5a:9a:aa:19:7c:f9:c6:09:3b:90:
14:f1:40:a2:1e:d3:ca:a2:f2:ae:e6:26:28:25:aa:93:7a:0f:
14:d3:5e:1c:bf:50:0b:71:ab:60:51:ff:af:2d:af:38:6f:33:
f0:85:6b:a7:83:93:c1:6a:c0:76:2f:b5:d6:1c:2e:72:8b:83:
6e:c3:23:20:cd:6d:ba:46:16:d2:b7:ba:3b:b2:94:40:ca:b6:
3d:58:fc:01:8d:ff:89:2a:cb:4f:07:73:68:3c:70:8f:65:ae:
04:e4:6e:b8:77:58:4b:bd:86:cd:7c:96:00:58:2c:8a:ca:db:
24:c7:72:4e:ca:55:3d:68:fb:16:fb:bc:8d:6b:bc:60:3d:ea:
b6:2a:0d:f6:78:88:a6:6e:d2:09:68:e6:c1:f1:fd:45:fe:8e:
20:e5:7b:ce:85:58:6a:23:1f:0e:c4:55:a4:5a:c6:a1:1d:c9:
76:7e:4c:3e:fa:94:ed:be
-----BEGIN CERTIFICATE-----
MIIErTCCApWgAwIBAgIBRDANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx
EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI
dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp
bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2
MB4XDTI0MTAxNzA2NTAzNFoXDTI1MTAxNzA2NTAzNFowFDESMBAGA1UEAwwJZmly
bWExLnN2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiApNrkP4XuYW
ESce5Xa37jBprZzJcIzBbNaQvnQrn454Db4F6cr38pljXRrXjkwxEQcpHnrPV/f9
jdEZhdO86ojj72rnqCVk08WYLL9LYZez82DPZzY/pK7mXTk570po0oGF1A7Ohjfd
9ia91rlD94aBj8Uh3wdwg+bEfrn1CzZTCGRoEEc7NxBdZ14BNExADj1SHcQtqdmZ
2qkqT8xQ2RN1pmth7GxBj2XdG4wQXRY33/WT9evveKxRlVbzFFSu5CpPU4pIS8v9
1ocdaSBlCJRBBz5RwpFywLoaLX4kzIscbWq7nHAFXGBVwY2NIjwqKUgKItAz6YFz
LgMO4ktbrQIDAQABo38wfTAJBgNVHRMEAjAAMB0GA1UdDgQWBBTwtv4yirIGsPFf
+9OtT7Dj/GjcYDAfBgNVHSMEGDAWgBSYcz6WhMBDFKaXpKjy6Dy8ICBnlDAjBgNV
HREEHDAagglmaXJtYTEuc3aCDXd3dy5maXJtYTEuc3YwCwYDVR0PBAQDAgXgMA0G
CSqGSIb3DQEBCwUAA4ICAQBqMhAyyvFD+rjHO3SzmFyqZwraThnPHK8wNgTjoH99
cBoAp5QJPsH1irxGEeike72110vj6Iv9DfskJTEL+/UPELbYfIH/qiHtWbZ1XgfZ
6o2mufeGHj/nLjicch/zf1gSB0t5phek8WVBGuuAmkNZm/9/LW4XQMFdBzjJvKji
8N0BCI/gwhYJCSsmfOZN6jwvMaF6aPKE+6CcjMfy7lCesf9DuKcjzmYrQMW/WR1S
hFnadD3wOo9jrT7yBck6oMkB/j2gYG/rq0pANmQx3fAfr+AP7slJFHe7zNxoGRIj
5TFrgPQW3ZcVFVMjnj2hGWC2n3zRTVhfYD1B25YzY+vXp6hB5g2iWpL0WkxWI8AV
vDFuiDNuusVXX5MkMv43ewL044DCZYFM9C9A0rISNeAUQpjDB8bAXnwib9Hu8za7
Tl8/hNc6rYjY5uAr9lqaqhl8+cYJO5AU8UCiHtPKovKu5iYoJaqTeg8U014cv1AL
catgUf+vLa84bzPwhWung5PBasB2L7XWHC5yi4NuwyMgzW26RhbSt7o7spRAyrY9
WPwBjf+JKstPB3NoPHCPZa4E5G64d1hLvYbNfJYAWCyKytskx3JOylU9aPsW+7yN
a7xgPeq2Kg32eIimbtIJaObB8f1F/o4g5XvOhVhqIx8OxFWkWsahHcl2fkw++pTt
vg==
-----END CERTIFICATE-----

103
CA/certs/firma2.sv.crt Normal file
View file

@ -0,0 +1,103 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69 (0x45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv
Validity
Not Before: Oct 17 06:50:35 2024 GMT
Not After : Oct 17 06:50:35 2025 GMT
Subject: CN=firma2.sv
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c4:52:f8:99:a8:d0:c2:c7:38:c7:07:13:48:4e:
90:1e:dd:77:9c:63:ed:4d:f9:ee:1a:3c:2a:32:fa:
67:3d:66:da:17:07:21:c2:94:2a:06:9e:da:7b:59:
ce:96:f5:48:e7:47:5f:4d:80:23:69:10:c7:5e:29:
3c:11:22:44:db:5f:bf:4d:04:37:08:2f:df:d6:1f:
5e:af:32:77:64:b1:52:4d:bf:96:30:cf:9c:db:ce:
c4:c4:f3:00:db:92:53:37:92:6e:bf:94:f5:97:e9:
cf:6c:07:76:4b:4d:97:58:c4:c4:9a:4a:36:80:bd:
dc:cd:7e:d4:3b:f0:fd:f0:89:e2:21:ef:d6:27:c0:
26:1c:1f:7f:21:7a:96:1f:0d:99:63:47:20:d4:b8:
f6:68:be:8c:24:cf:fe:f6:90:fb:f9:d1:d1:4b:b5:
4d:ec:04:96:d8:06:c8:e8:3c:f8:39:ee:94:7e:1f:
f8:74:2c:df:60:97:37:4c:cc:3a:98:9e:21:f0:9b:
9a:7a:7a:a4:19:d9:2b:07:7d:4c:95:ca:dd:4e:e7:
3b:a9:d6:af:a8:cf:35:ff:fe:32:d2:21:20:ab:95:
11:1a:20:b0:97:21:77:50:e7:25:7f:17:67:30:2c:
74:f3:ea:19:f4:94:73:3a:4a:07:f1:19:f4:18:59:
8f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
A4:7D:5A:AE:F2:08:5C:FD:C4:A1:63:F1:4E:A2:9E:4B:7B:F8:22:C3
X509v3 Authority Key Identifier:
98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94
X509v3 Subject Alternative Name:
DNS:firma2.sv, DNS:www.firma2.sv
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
70:73:cd:f4:ae:26:01:07:61:46:32:52:33:3b:69:04:09:4a:
bd:0d:9a:96:ee:a4:91:f9:67:6c:13:99:e2:c8:e4:19:b5:e6:
aa:fc:28:24:74:33:f1:d8:3f:4f:29:b9:ec:79:81:1a:22:b5:
5c:c1:bd:55:f2:2b:b5:e3:72:76:68:d6:09:41:4f:0a:0c:1d:
ff:09:67:33:16:b9:6e:f2:fb:40:f3:69:3c:cb:64:82:97:89:
a8:de:94:9a:1c:91:38:20:66:d3:43:4d:25:c1:29:b2:ea:ff:
4d:34:72:12:f0:a4:14:e3:6d:04:f6:a3:f7:22:5b:e8:13:e1:
75:0c:a1:82:87:69:75:4b:7d:5b:92:75:ff:00:ef:cd:ca:4d:
9e:4d:3a:a1:1a:18:5c:8b:15:a7:16:be:01:a7:56:f0:3d:72:
f1:97:09:83:82:f6:a2:e3:ee:ba:73:77:49:66:19:1b:1d:13:
fb:ef:b9:2f:87:5a:ad:32:27:cd:cf:9b:87:45:0a:95:fd:21:
2b:d3:14:9e:60:27:ec:f2:87:e1:92:6c:ef:f7:e1:30:b5:71:
66:d5:5a:4d:88:7e:fb:de:67:7c:e6:4d:e2:5e:fc:cb:62:8f:
13:3c:07:3b:b2:af:3b:80:31:62:9b:34:f4:cb:a5:a8:cb:d6:
07:83:72:d8:fd:5b:ef:c6:aa:74:a9:fa:6e:f7:ab:b7:b3:fa:
78:67:a7:63:3e:30:04:c1:fe:60:00:eb:3e:db:25:0a:7d:ed:
ba:e5:d2:60:6e:dc:1b:34:71:7d:e5:18:0d:ae:c6:83:09:72:
4d:7d:b4:58:d6:6e:5b:89:1b:f9:d1:18:9c:87:19:60:ed:f6:
b7:5b:1c:37:ea:91:94:0e:b3:31:c2:46:24:e7:4d:a6:73:32:
c0:c4:87:f2:b5:21:60:01:03:83:39:10:2b:e9:29:1b:3d:8b:
e8:c3:b5:99:8e:0d:37:94:e4:0f:b0:19:fd:04:e8:c1:a9:1c:
7e:b4:17:50:8a:b2:59:5b:ee:cf:40:4c:59:fc:2c:a7:a0:2c:
ac:22:f3:72:30:47:4e:1a:24:04:64:20:8b:49:5f:2d:78:45:
84:91:09:5b:e0:e4:b3:5b:ca:5f:8b:39:c5:00:38:95:71:7b:
da:09:4a:ed:49:76:b1:12:58:02:92:68:d6:2e:68:21:f5:5f:
40:3a:38:ed:d2:08:82:c0:60:3a:ae:22:6f:cd:5f:0c:a1:e9:
2c:e0:6b:f0:88:5f:c1:9e:eb:68:c8:95:77:93:21:f5:06:54:
5c:91:af:c8:b1:3a:1e:b2:8e:c4:69:74:66:bd:95:84:a2:bf:
d4:66:3e:34:3e:4e:03:91
-----BEGIN CERTIFICATE-----
MIIErTCCApWgAwIBAgIBRTANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx
EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI
dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp
bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2
MB4XDTI0MTAxNzA2NTAzNVoXDTI1MTAxNzA2NTAzNVowFDESMBAGA1UEAwwJZmly
bWEyLnN2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFL4majQwsc4
xwcTSE6QHt13nGPtTfnuGjwqMvpnPWbaFwchwpQqBp7ae1nOlvVI50dfTYAjaRDH
Xik8ESJE21+/TQQ3CC/f1h9erzJ3ZLFSTb+WMM+c287ExPMA25JTN5Juv5T1l+nP
bAd2S02XWMTEmko2gL3czX7UO/D98IniIe/WJ8AmHB9/IXqWHw2ZY0cg1Lj2aL6M
JM/+9pD7+dHRS7VN7ASW2AbI6Dz4Oe6Ufh/4dCzfYJc3TMw6mJ4h8JuaenqkGdkr
B31MlcrdTuc7qdavqM81//4y0iEgq5URGiCwlyF3UOclfxdnMCx08+oZ9JRzOkoH
8Rn0GFmPHwIDAQABo38wfTAJBgNVHRMEAjAAMB0GA1UdDgQWBBSkfVqu8ghc/cSh
Y/FOop5Le/giwzAfBgNVHSMEGDAWgBSYcz6WhMBDFKaXpKjy6Dy8ICBnlDAjBgNV
HREEHDAagglmaXJtYTIuc3aCDXd3dy5maXJtYTIuc3YwCwYDVR0PBAQDAgXgMA0G
CSqGSIb3DQEBCwUAA4ICAQBwc830riYBB2FGMlIzO2kECUq9DZqW7qSR+WdsE5ni
yOQZteaq/CgkdDPx2D9PKbnseYEaIrVcwb1V8iu143J2aNYJQU8KDB3/CWczFrlu
8vtA82k8y2SCl4mo3pSaHJE4IGbTQ00lwSmy6v9NNHIS8KQU420E9qP3IlvoE+F1
DKGCh2l1S31bknX/AO/Nyk2eTTqhGhhcixWnFr4Bp1bwPXLxlwmDgvai4+66c3dJ
ZhkbHRP777kvh1qtMifNz5uHRQqV/SEr0xSeYCfs8ofhkmzv9+EwtXFm1VpNiH77
3md85k3iXvzLYo8TPAc7sq87gDFimzT0y6Woy9YHg3LY/Vvvxqp0qfpu96u3s/p4
Z6djPjAEwf5gAOs+2yUKfe265dJgbtwbNHF95RgNrsaDCXJNfbRY1m5biRv50Ric
hxlg7fa3Wxw36pGUDrMxwkYk502mczLAxIfytSFgAQODORAr6SkbPYvow7WZjg03
lOQPsBn9BOjBqRx+tBdQirJZW+7PQExZ/CynoCysIvNyMEdOGiQEZCCLSV8teEWE
kQlb4OSzW8pfiznFADiVcXvaCUrtSXaxElgCkmjWLmgh9V9AOjjt0giCwGA6riJv
zV8Moeks4GvwiF/BnutoyJV3kyH1BlRcka/IsToeso7EaXRmvZWEor/UZj40Pk4D
kQ==
-----END CERTIFICATE-----

103
CA/certs/ipbased.sv.crt Normal file
View file

@ -0,0 +1,103 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67 (0x43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv
Validity
Not Before: Oct 17 06:50:34 2024 GMT
Not After : Oct 17 06:50:34 2025 GMT
Subject: CN=ipbased.sv
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c3:e1:da:71:92:5b:43:80:94:84:0e:ee:eb:8d:
d5:07:82:59:12:7a:21:c9:8b:89:fe:dc:70:1b:81:
f3:72:b2:b1:1e:40:98:1f:48:b9:bb:c6:11:ef:c6:
de:80:d2:88:f3:98:2b:b4:b2:62:b1:86:66:04:9f:
1a:63:05:9b:5f:1b:b6:2b:37:ce:07:16:54:ed:63:
72:8b:82:ad:59:b7:86:63:da:f2:2b:31:6a:f6:f5:
d4:fc:b3:bd:c4:e3:f7:ef:7a:cf:2a:a3:8e:54:9d:
d1:79:19:55:c2:f9:ce:9d:50:52:cd:70:fb:d5:9b:
1d:b9:8b:57:ca:26:ce:18:8b:a2:89:d1:0f:2c:4e:
f1:f8:b2:8a:2f:21:f5:8d:88:89:f2:46:ee:2f:d6:
d4:8b:4c:8b:15:5c:36:79:b8:ec:62:8a:97:51:61:
a8:ee:94:b2:3a:bc:35:d5:87:52:b2:70:c0:a4:86:
d4:2e:75:df:22:a7:f2:6d:25:55:4b:06:d7:c5:d8:
6f:a9:d0:5e:1f:60:a7:1a:e8:ec:b3:66:2c:73:9d:
33:33:56:e7:28:d3:b8:da:52:c2:4e:7b:d8:d8:3e:
12:e8:5d:29:0b:6f:09:ee:d8:f1:d3:0d:e1:15:c9:
8e:73:5d:f2:1e:2a:3c:15:16:20:db:0d:5b:03:f6:
7b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
AE:29:15:C3:1A:2E:A1:2D:8F:E1:43:72:EB:0E:47:EA:96:CE:D3:A0
X509v3 Authority Key Identifier:
98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94
X509v3 Subject Alternative Name:
DNS:ipbased.sv, DNS:www.ipbased.sv
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
92:4a:92:9d:12:0e:14:fb:36:0a:bd:4e:6b:a2:7f:41:81:d5:
b8:bb:e6:68:23:0d:47:24:de:a8:01:98:08:e3:d2:6d:09:8b:
e6:d5:c2:25:52:c6:6c:82:46:fe:66:9b:2c:6c:f2:b2:ca:93:
de:74:b9:42:95:3e:f8:60:86:32:49:29:d8:c9:11:46:e9:2a:
ef:3f:1c:05:63:6a:de:d9:53:32:c5:4b:34:05:5d:ad:27:6e:
d6:e3:d3:79:ab:6d:e5:28:f1:dd:2c:aa:c9:1c:04:7f:b1:f1:
d1:12:a3:0b:4c:b4:dc:5d:3f:bb:cb:df:60:0d:0f:22:20:d1:
43:80:3e:cc:e7:bc:01:c4:4c:08:3e:2c:9d:3e:0b:6b:b2:68:
8d:94:1f:ad:dd:9f:6a:6a:ef:b4:8b:56:21:07:f0:69:b4:31:
3d:80:dd:27:86:c2:57:21:54:6a:f0:c2:bf:88:04:d5:11:97:
6b:a8:c0:f8:9f:dc:0a:63:f9:22:55:e5:71:58:dc:88:25:e5:
7e:ed:43:44:37:f5:35:7e:e6:1d:49:f2:32:f0:6f:0b:f3:45:
61:11:52:47:e9:42:32:2f:2c:96:0d:98:6d:92:e6:dd:a9:17:
67:f9:8f:ad:45:c1:6c:33:31:c4:ff:ca:25:fe:50:64:44:3a:
e2:a0:ea:3c:de:1b:2f:8a:7f:05:fa:12:04:f3:1a:40:52:87:
b5:ed:99:b1:7c:c8:df:de:bf:0a:54:b4:f9:2d:89:47:85:10:
21:53:f6:00:2a:7d:1f:9d:1f:05:10:a6:72:3b:7f:e1:01:0c:
63:79:10:7b:b3:dc:84:31:3b:4a:58:7a:37:4f:ea:01:bd:8a:
ea:19:b6:88:2c:fb:1a:8b:6c:a4:66:2b:8c:fc:76:23:00:2c:
5c:ce:fd:19:91:d5:18:a7:0f:8b:e7:59:7c:b8:d0:13:e8:bd:
9d:ea:d8:a9:85:2f:b8:f7:60:5a:2f:56:ba:98:98:44:a6:6a:
46:97:4d:66:f9:b8:ec:62:8d:52:02:e4:e7:42:8c:1b:5e:36:
90:ed:95:ce:35:e6:c1:81:88:13:0a:ad:0f:e7:39:a2:be:ea:
56:b2:a4:9e:7d:e5:99:44:2f:10:e0:b3:df:dc:25:4a:c1:35:
c4:17:fa:36:c2:2c:0d:01:b3:61:33:65:71:25:a8:a4:50:e2:
1c:25:32:35:7d:9a:bf:de:b4:13:1b:70:bf:b6:94:7f:7f:31:
0a:85:ae:f3:a7:71:f7:8d:28:7a:5f:a1:64:8e:9d:8c:8e:02:
62:83:6a:c9:dd:66:0c:10:bb:88:cd:4f:d6:58:2f:2a:a5:13:
f3:06:c0:20:1e:fe:b9:63
-----BEGIN CERTIFICATE-----
MIIEsTCCApmgAwIBAgIBQzANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx
EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI
dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp
bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2
MB4XDTI0MTAxNzA2NTAzNFoXDTI1MTAxNzA2NTAzNFowFTETMBEGA1UEAwwKaXBi
YXNlZC5zdjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMPh2nGSW0OA
lIQO7uuN1QeCWRJ6IcmLif7ccBuB83KysR5AmB9IubvGEe/G3oDSiPOYK7SyYrGG
ZgSfGmMFm18btis3zgcWVO1jcouCrVm3hmPa8isxavb11PyzvcTj9+96zyqjjlSd
0XkZVcL5zp1QUs1w+9WbHbmLV8omzhiLoonRDyxO8fiyii8h9Y2IifJG7i/W1ItM
ixVcNnm47GKKl1FhqO6Usjq8NdWHUrJwwKSG1C513yKn8m0lVUsG18XYb6nQXh9g
pxro7LNmLHOdMzNW5yjTuNpSwk572Ng+EuhdKQtvCe7Y8dMN4RXJjnNd8h4qPBUW
INsNWwP2e50CAwEAAaOBgTB/MAkGA1UdEwQCMAAwHQYDVR0OBBYEFK4pFcMaLqEt
j+FDcusOR+qWztOgMB8GA1UdIwQYMBaAFJhzPpaEwEMUppekqPLoPLwgIGeUMCUG
A1UdEQQeMByCCmlwYmFzZWQuc3aCDnd3dy5pcGJhc2VkLnN2MAsGA1UdDwQEAwIF
4DANBgkqhkiG9w0BAQsFAAOCAgEAkkqSnRIOFPs2Cr1Oa6J/QYHVuLvmaCMNRyTe
qAGYCOPSbQmL5tXCJVLGbIJG/mabLGzyssqT3nS5QpU++GCGMkkp2MkRRukq7z8c
BWNq3tlTMsVLNAVdrSdu1uPTeatt5Sjx3SyqyRwEf7Hx0RKjC0y03F0/u8vfYA0P
IiDRQ4A+zOe8AcRMCD4snT4La7JojZQfrd2famrvtItWIQfwabQxPYDdJ4bCVyFU
avDCv4gE1RGXa6jA+J/cCmP5IlXlcVjciCXlfu1DRDf1NX7mHUnyMvBvC/NFYRFS
R+lCMi8slg2YbZLm3akXZ/mPrUXBbDMxxP/KJf5QZEQ64qDqPN4bL4p/BfoSBPMa
QFKHte2ZsXzI396/ClS0+S2JR4UQIVP2ACp9H50fBRCmcjt/4QEMY3kQe7PchDE7
Slh6N0/qAb2K6hm2iCz7GotspGYrjPx2IwAsXM79GZHVGKcPi+dZfLjQE+i9nerY
qYUvuPdgWi9WupiYRKZqRpdNZvm47GKNUgLk50KMG142kO2VzjXmwYGIEwqtD+c5
or7qVrKknn3lmUQvEOCz39wlSsE1xBf6NsIsDQGzYTNlcSWopFDiHCUyNX2av960
Extwv7aUf38xCoWu86dx940oel+hZI6djI4CYoNqyd1mDBC7iM1P1lgvKqUT8wbA
IB7+uWM=
-----END CERTIFICATE-----

103
CA/certs/localhost.crt Normal file
View file

@ -0,0 +1,103 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66 (0x42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv
Validity
Not Before: Oct 17 06:50:34 2024 GMT
Not After : Oct 17 06:50:34 2025 GMT
Subject: CN=localhost
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c6:27:4a:7c:cc:37:65:a8:1c:58:7f:07:b7:14:
a1:41:6e:72:21:1c:b9:7b:07:f1:a3:c4:61:3f:4a:
c4:56:92:42:ea:3e:f8:5c:ca:71:20:2e:23:44:00:
2e:f6:30:23:d3:3b:ef:f7:22:02:d3:28:21:49:45:
50:43:cf:b1:49:b2:25:63:5e:79:0c:c6:1f:2e:89:
95:6d:40:19:45:33:48:bc:4c:a8:e5:00:d0:63:66:
2c:66:ce:7b:7a:d9:70:f8:45:f6:60:ad:1b:5e:25:
15:78:a9:d2:a3:e3:bd:4f:73:7e:e0:09:ba:f0:f5:
f4:14:f8:39:82:8f:6d:30:d1:05:f6:6e:41:e5:50:
28:80:2f:69:72:3b:d1:dd:3b:6f:25:dd:b9:eb:02:
36:60:7e:56:04:a1:aa:25:61:7c:38:b9:3d:3d:93:
4b:0a:80:8a:52:ec:c8:76:7f:6a:19:44:84:cf:b9:
f0:4e:0f:9e:51:39:6f:fd:f2:46:4f:ab:3a:12:a5:
15:a7:2a:7e:4b:52:6f:f4:ad:c2:97:44:1e:c6:d8:
63:55:83:f7:23:4c:65:8c:c2:9a:1f:34:64:92:23:
49:7e:77:9f:b9:0d:7f:fe:08:71:ac:e9:12:d1:8a:
7b:58:68:91:f2:c2:0d:a7:91:20:74:1f:f8:c1:1d:
44:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
A4:6C:31:0A:60:12:EC:45:A8:D1:41:65:88:35:F7:E4:CD:C8:67:F9
X509v3 Authority Key Identifier:
98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94
X509v3 Subject Alternative Name:
DNS:localhost, DNS:www.localhost, DNS:127.0.0.1
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
85:46:99:83:09:a2:20:45:34:2d:d0:ca:21:20:ff:da:90:4e:
1a:b4:0a:1f:24:4e:a2:5b:5e:29:43:ee:03:ff:b0:41:ad:dc:
3a:53:1a:25:c0:08:ea:eb:ce:76:aa:c9:b3:7e:46:3c:dd:ff:
13:98:9a:53:fd:f7:60:8b:d8:4b:4d:8f:70:e1:5d:1f:de:7a:
62:70:2f:7b:c0:5d:1c:93:b7:9c:1e:d6:36:88:53:2a:f7:e5:
a1:71:21:e3:d8:e1:6b:14:ed:d7:3d:ea:78:b8:a6:7c:53:87:
b6:27:a2:50:d8:f3:21:0d:0b:48:e9:e0:cb:e1:21:16:52:de:
e7:ab:a5:31:e3:dc:82:b3:68:fc:9c:4a:7d:bd:1e:70:5c:81:
da:80:ac:65:e8:7f:5e:c5:86:2d:ed:3b:af:fa:5c:b2:cb:5a:
20:9a:50:ab:36:99:88:33:2a:9a:ad:4a:a4:be:e9:8a:05:2f:
80:6e:c2:d8:5d:35:38:d9:8a:2d:42:45:15:bc:35:4c:01:b1:
a8:27:7d:8d:14:f2:bc:56:c0:59:bf:2f:6a:db:fd:94:92:a2:
ff:3e:d1:d4:3c:c8:66:2b:2a:d8:97:1e:8b:ab:9b:50:71:05:
0f:84:b8:52:31:a2:bc:19:93:e0:d5:1f:e4:06:fb:24:ad:21:
2d:df:ee:85:cc:09:1d:4b:0d:69:93:9b:18:ae:bb:84:88:cb:
a6:0d:18:40:af:05:53:29:41:1d:5c:2e:2d:57:73:55:67:fe:
36:6c:7d:cf:20:c0:b3:16:60:49:6c:78:08:54:7f:87:15:24:
b2:9a:27:44:b9:cf:d7:41:33:3b:bd:c9:dd:d0:fb:5a:f2:1c:
c7:79:fe:5a:34:79:62:3d:4c:9f:bb:8c:45:52:34:c6:fa:2e:
f4:16:9a:49:6d:35:ea:65:6b:1e:08:ab:dd:b1:9d:d4:43:97:
74:c0:fb:00:51:ee:7e:49:31:d0:ea:cb:9e:f7:4e:fb:b8:fa:
4d:92:c4:cf:72:92:6c:49:7c:94:a6:a5:f8:a4:f4:95:2c:df:
e6:58:36:7c:22:2c:13:d8:c4:45:cd:68:69:9a:0c:a1:8e:04:
02:d1:fc:f0:bf:3c:1b:7e:b4:63:87:dc:ff:1b:08:84:01:b8:
75:00:fa:75:c3:92:4e:82:c4:88:1d:be:94:9e:a9:fd:6c:33:
31:22:3f:e8:fc:93:de:a7:c9:d4:ac:7f:99:a2:e1:44:c0:8b:
44:f4:1f:61:aa:a4:fb:03:b5:d4:fa:5f:ca:b0:96:8a:1f:65:
80:3d:ab:cd:b9:fd:3b:ce:27:b7:98:d5:22:ca:57:65:b1:40:
75:d4:72:6d:d9:cd:fa:dc
-----BEGIN CERTIFICATE-----
MIIEujCCAqKgAwIBAgIBQjANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx
EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI
dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp
bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2
MB4XDTI0MTAxNzA2NTAzNFoXDTI1MTAxNzA2NTAzNFowFDESMBAGA1UEAwwJbG9j
YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxidKfMw3Zagc
WH8HtxShQW5yIRy5ewfxo8RhP0rEVpJC6j74XMpxIC4jRAAu9jAj0zvv9yIC0ygh
SUVQQ8+xSbIlY155DMYfLomVbUAZRTNIvEyo5QDQY2YsZs57etlw+EX2YK0bXiUV
eKnSo+O9T3N+4Am68PX0FPg5go9tMNEF9m5B5VAogC9pcjvR3TtvJd256wI2YH5W
BKGqJWF8OLk9PZNLCoCKUuzIdn9qGUSEz7nwTg+eUTlv/fJGT6s6EqUVpyp+S1Jv
9K3Cl0QexthjVYP3I0xljMKaHzRkkiNJfnefuQ1//ghxrOkS0Yp7WGiR8sINp5Eg
dB/4wR1EKwIDAQABo4GLMIGIMAkGA1UdEwQCMAAwHQYDVR0OBBYEFKRsMQpgEuxF
qNFBZYg19+TNyGf5MB8GA1UdIwQYMBaAFJhzPpaEwEMUppekqPLoPLwgIGeUMC4G
A1UdEQQnMCWCCWxvY2FsaG9zdIINd3d3LmxvY2FsaG9zdIIJMTI3LjAuMC4xMAsG
A1UdDwQEAwIF4DANBgkqhkiG9w0BAQsFAAOCAgEAhUaZgwmiIEU0LdDKISD/2pBO
GrQKHyROolteKUPuA/+wQa3cOlMaJcAI6uvOdqrJs35GPN3/E5iaU/33YIvYS02P
cOFdH956YnAve8BdHJO3nB7WNohTKvfloXEh49jhaxTt1z3qeLimfFOHtieiUNjz
IQ0LSOngy+EhFlLe56ulMePcgrNo/JxKfb0ecFyB2oCsZeh/XsWGLe07r/pcssta
IJpQqzaZiDMqmq1KpL7pigUvgG7C2F01ONmKLUJFFbw1TAGxqCd9jRTyvFbAWb8v
atv9lJKi/z7R1DzIZisq2Jcei6ubUHEFD4S4UjGivBmT4NUf5Ab7JK0hLd/uhcwJ
HUsNaZObGK67hIjLpg0YQK8FUylBHVwuLVdzVWf+Nmx9zyDAsxZgSWx4CFR/hxUk
sponRLnP10EzO73J3dD7WvIcx3n+WjR5Yj1Mn7uMRVI0xvou9BaaSW016mVrHgir
3bGd1EOXdMD7AFHufkkx0OrLnvdO+7j6TZLEz3KSbEl8lKal+KT0lSzf5lg2fCIs
E9jERc1oaZoMoY4EAtH88L88G360Y4fc/xsIhAG4dQD6dcOSToLEiB2+lJ6p/Wwz
MSI/6PyT3qfJ1Kx/maLhRMCLRPQfYaqk+wO11PpfyrCWih9lgD2rzbn9O84nt5jV
IspXZbFAddRybdnN+tw=
-----END CERTIFICATE-----

17
CA/csrs/firma1.sv.csr Normal file
View file

@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICpzCCAY8CAQAwFDESMBAGA1UEAwwJZmlybWExLnN2MIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAiApNrkP4XuYWESce5Xa37jBprZzJcIzBbNaQvnQr
n454Db4F6cr38pljXRrXjkwxEQcpHnrPV/f9jdEZhdO86ojj72rnqCVk08WYLL9L
YZez82DPZzY/pK7mXTk570po0oGF1A7Ohjfd9ia91rlD94aBj8Uh3wdwg+bEfrn1
CzZTCGRoEEc7NxBdZ14BNExADj1SHcQtqdmZ2qkqT8xQ2RN1pmth7GxBj2XdG4wQ
XRY33/WT9evveKxRlVbzFFSu5CpPU4pIS8v91ocdaSBlCJRBBz5RwpFywLoaLX4k
zIscbWq7nHAFXGBVwY2NIjwqKUgKItAz6YFzLgMO4ktbrQIDAQABoE4wTAYJKoZI
hvcNAQkOMT8wPTAjBgNVHREEHDAagglmaXJtYTEuc3aCDXd3dy5maXJtYTEuc3Yw
CQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwDQYJKoZIhvcNAQELBQADggEBADUJAHJ+
qpBj5JLfb9H0jyGgn1p3MgAWEz21jXtE5/lQ1YrFQdDQC5rJX/gsiUmC5c3wymEO
yYTc0jQakCKDikLVjtAJ7KHiz3nhlt26v0O5by5qhd0PMn8pbcbqwQCjB4CtveAY
LlYpfukrDgs0udhqY41Qag766+4u7onwtasAMigQMXa4Z8j0c+Uf8I8GDhc6vKdg
DZKCbD2GvTk/2tlZt/2nAdgdrTAGaXIrGHdZTy1CRO0K0X5BtrHXbP3LdkkDct/F
HrapHsjXj3l05wynzvtyaOFLR427bXUxEs/9UO5OsRmx1nIhr/n4zSHlSHQpRFRC
aYB67GAdfLK97PE=
-----END CERTIFICATE REQUEST-----

17
CA/csrs/firma2.sv.csr Normal file
View file

@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICpzCCAY8CAQAwFDESMBAGA1UEAwwJZmlybWEyLnN2MIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAxFL4majQwsc4xwcTSE6QHt13nGPtTfnuGjwqMvpn
PWbaFwchwpQqBp7ae1nOlvVI50dfTYAjaRDHXik8ESJE21+/TQQ3CC/f1h9erzJ3
ZLFSTb+WMM+c287ExPMA25JTN5Juv5T1l+nPbAd2S02XWMTEmko2gL3czX7UO/D9
8IniIe/WJ8AmHB9/IXqWHw2ZY0cg1Lj2aL6MJM/+9pD7+dHRS7VN7ASW2AbI6Dz4
Oe6Ufh/4dCzfYJc3TMw6mJ4h8JuaenqkGdkrB31MlcrdTuc7qdavqM81//4y0iEg
q5URGiCwlyF3UOclfxdnMCx08+oZ9JRzOkoH8Rn0GFmPHwIDAQABoE4wTAYJKoZI
hvcNAQkOMT8wPTAjBgNVHREEHDAagglmaXJtYTIuc3aCDXd3dy5maXJtYTIuc3Yw
CQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwDQYJKoZIhvcNAQELBQADggEBAGQcRu7q
rspdZu/X63bEH9kwdzkjinIUbS17Dr4SvaLEIhvC9adT3fuzFt0cfZFK2pJO9W6P
SEJOqNU/jW+digYh6zZYHCr79FPzR8dEsRLCHITmJ/W/F2E+zG/+0zUuzMNIYkmv
20FJYsNGjBuDUi2uOd1t2kOqksHdsndVOqPGyCm/Nc7w/HkoBJGcrhOWPlsqek1K
fS7+jAFhhV3i/ZBYlersRWcjbW4ZXkQ88b/C0g0Kx+rqODU4iC9Qq8ixLXmskq3L
XuE1lBvas38EDGjO6+hyKw5Kc+G6bPWOT4dQxG+B7CH1JJKc/w/QjRGIph26hRYH
nX6Y/cNkB3AnAy4=
-----END CERTIFICATE REQUEST-----

17
CA/csrs/ipbased.sv.csr Normal file
View file

@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICqjCCAZICAQAwFTETMBEGA1UEAwwKaXBiYXNlZC5zdjCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMPh2nGSW0OAlIQO7uuN1QeCWRJ6IcmLif7ccBuB
83KysR5AmB9IubvGEe/G3oDSiPOYK7SyYrGGZgSfGmMFm18btis3zgcWVO1jcouC
rVm3hmPa8isxavb11PyzvcTj9+96zyqjjlSd0XkZVcL5zp1QUs1w+9WbHbmLV8om
zhiLoonRDyxO8fiyii8h9Y2IifJG7i/W1ItMixVcNnm47GKKl1FhqO6Usjq8NdWH
UrJwwKSG1C513yKn8m0lVUsG18XYb6nQXh9gpxro7LNmLHOdMzNW5yjTuNpSwk57
2Ng+EuhdKQtvCe7Y8dMN4RXJjnNd8h4qPBUWINsNWwP2e50CAwEAAaBQME4GCSqG
SIb3DQEJDjFBMD8wJQYDVR0RBB4wHIIKaXBiYXNlZC5zdoIOd3d3LmlwYmFzZWQu
c3YwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwDQYJKoZIhvcNAQELBQADggEBABe0
9BF30ciyv5Zf738iQvDDrvhDiqBpq4nf+cL3M4Uz3OJwpkaVnXkv9qbephiop8es
JAQ0Du4dSLDxLRMYgkGUelIKGq0LP2aZKA59ag4Ne7iaMwLTZIiyYYAr222l8Kpt
bBkYf7ofMX68qdN379Nim9q275D1EGKgK0rCeGQiN/sVhvJuEek/baR4lX8jYbaP
dV3yJYFludzCtiBfsXHZctxvCuXCmvHDcONZi5v0iQhi6XP6GtlqwV25Ve45Vs1I
96Vc8RI8dH1Ms49dHTrKBVCBiW/iD8POU8XSn/mRQSqISV/rUy3FJfXtcKb6FRr1
4IBF+1r3kN/GA0F0Ms0=
-----END CERTIFICATE REQUEST-----

17
CA/csrs/localhost.csr Normal file
View file

@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICsjCCAZoCAQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAxidKfMw3ZagcWH8HtxShQW5yIRy5ewfxo8RhP0rE
VpJC6j74XMpxIC4jRAAu9jAj0zvv9yIC0yghSUVQQ8+xSbIlY155DMYfLomVbUAZ
RTNIvEyo5QDQY2YsZs57etlw+EX2YK0bXiUVeKnSo+O9T3N+4Am68PX0FPg5go9t
MNEF9m5B5VAogC9pcjvR3TtvJd256wI2YH5WBKGqJWF8OLk9PZNLCoCKUuzIdn9q
GUSEz7nwTg+eUTlv/fJGT6s6EqUVpyp+S1Jv9K3Cl0QexthjVYP3I0xljMKaHzRk
kiNJfnefuQ1//ghxrOkS0Yp7WGiR8sINp5EgdB/4wR1EKwIDAQABoFkwVwYJKoZI
hvcNAQkOMUowSDAuBgNVHREEJzAlgglsb2NhbGhvc3SCDXd3dy5sb2NhbGhvc3SC
CTEyNy4wLjAuMTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQsF
AAOCAQEAf7Oi4jgkU3uBqXSCrJvTs+nv4tT14HL/ScKKh+RDrhGvaao2CKLGW+LE
sjo7YpesmmlxXwEPyfwH5yUKTEQqwb15vHlD25HZ3KUJbbAbj46KXrdQCOCVS7JA
IugiiVDgyRLmCy6dkyOmgZO4UjOK7wwbQ1arB/+5g99b7yeAgPtPWyaBXm3fqCoV
vbt6yCItFvdMb3JODqkIQJDoiFo1eGDlZZgUT93sdij+XwKgUHRjMslyV0vaP6Jm
rEsptYVj7CegAebTE3JYMeeWFYfrXcB61o2LgXUjl5/MdZYJ2NutTuesM1byLGQ+
6UDgkwO5+r8vf8HtsOBH2SHYslmEDA==
-----END CERTIFICATE REQUEST-----

4
CA/index.txt Normal file
View file

@ -0,0 +1,4 @@
V 251017065034Z 42 unknown /CN=localhost
V 251017065034Z 43 unknown /CN=ipbased.sv
V 251017065034Z 44 unknown /CN=firma1.sv
V 251017065035Z 45 unknown /CN=firma2.sv

1
CA/index.txt.attr Normal file
View file

@ -0,0 +1 @@
unique_subject = yes

1
CA/index.txt.attr.old Normal file
View file

@ -0,0 +1 @@
unique_subject = yes

3
CA/index.txt.old Normal file
View file

@ -0,0 +1,3 @@
V 251017065034Z 42 unknown /CN=localhost
V 251017065034Z 43 unknown /CN=ipbased.sv
V 251017065034Z 44 unknown /CN=firma1.sv

28
CA/keys/firma1.sv.key Normal file
View file

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCICk2uQ/he5hYR
Jx7ldrfuMGmtnMlwjMFs1pC+dCufjngNvgXpyvfymWNdGteOTDERBykees9X9/2N
0RmF07zqiOPvaueoJWTTxZgsv0thl7PzYM9nNj+kruZdOTnvSmjSgYXUDs6GN932
Jr3WuUP3hoGPxSHfB3CD5sR+ufULNlMIZGgQRzs3EF1nXgE0TEAOPVIdxC2p2Zna
qSpPzFDZE3Wma2HsbEGPZd0bjBBdFjff9ZP16+94rFGVVvMUVK7kKk9TikhLy/3W
hx1pIGUIlEEHPlHCkXLAuhotfiTMixxtaruccAVcYFXBjY0iPCopSAoi0DPpgXMu
Aw7iS1utAgMBAAECggEADK6VNkks1r/xT7ELbs3F8MT/nQkwODdO8tP/01lmFa5E
39cWmwhqW+nTuwK9FI1ix5kYyrgdKzC5qOZU0EaAZobTZObc6K5vu1RAzu8YWmU3
h9k/DHqgrTwGyqsCjR2tLu6XKMEmnJmJriBHc0R7IxCddGcmtLFvWkSBjeTNBLnt
bS8GBXNAvAt/4a8EaXTyY45n+Nz9aeKaK19eQ5QuLH4qzquJQOSn98vyjxYlNOh1
E7o27VmaQirQcEgvx4hOLYc7kjHWo5FPlM7Cxy5LfSv3YLOXWM17fICH4COFbIJ6
2nSwVqBQcQX9hpGB0m0ePN0w8YrIvrBWDvR44MlLuwKBgQDAYSVxGSi8ibtaDtft
26K8VjhdfcxDEC1UBRcwRqSG8v7r7Ml6cd5K6cmPhEutv6JpB7gg22Vx/PSC6cUg
TgSkQxla9ZbRkfbSg0LtvMxkMJyG17o5meduF48gEhpDJeBgdueDSaSjQSEfwhyt
AIirZaOT4oBtrb2NHW8YCVgSjwKBgQC1B3nUD+SEBy5XNHNMq1c0YJl50eVtETfz
X0zlRotLk/rhpGpohM2pBoiICunNsXmB3PEZCFwPVSpHbXc2iLaWdoS/F3nJl0lg
yYUxikz6RDPKqsA+GwLhUTGqXEeYUkJs0BYzIqSJiwCWHlI/8Xl5nGzYWtjS2Nou
H7lpH8ycAwKBgARiso3PewRBR4oYCIgdl6ofdQ18jqmAtufRbePl2F5TL8iFD1rB
OcYPak7hPzBoy/UE/geRuNBOaeyKE7pWzPhJp0xRiOyiHTRTVbVBto8aJJdWV6J0
hbgWxWZ/wyWAuYq5azGs/hnSpESrEihHeNYfbQk0AqV9bnLHFv8/R0i1AoGAUN7H
GOoEnsqKdCCVRXHhoh9pUJdo04F2qj0vn9kUzy2LTRPjCVASg+jMQ2IEsoQPEOl/
tzwZzCuymHgZYn5Oewb1JFy7Zkg0Wo2L9+adnsurC2WePeBZOAjKlB1nSm+tBukq
katvL5auK2HeQnyAVMiBg2GKLR780NARRxoSkLsCgYEAi8j9qcguUQgCkvQscvbs
kXcT6s2dZVeZF2kYCAGdJYJDPXRo7zRN3pcaoppORzhP1uvS2s8yUHo+wExNpwxo
49tzD68ig0I8QWhY7Ck9SOiokAg1V4+1EXtxtb3fY3HZqV7+mtceYtiZ2ocJGulA
RZ6uuFXyhl+CQFgApObMiRE=
-----END PRIVATE KEY-----

28
CA/keys/firma2.sv.key Normal file
View file

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDEUviZqNDCxzjH
BxNITpAe3XecY+1N+e4aPCoy+mc9ZtoXByHClCoGntp7Wc6W9UjnR19NgCNpEMde
KTwRIkTbX79NBDcIL9/WH16vMndksVJNv5Ywz5zbzsTE8wDbklM3km6/lPWX6c9s
B3ZLTZdYxMSaSjaAvdzNftQ78P3wieIh79YnwCYcH38hepYfDZljRyDUuPZovowk
z/72kPv50dFLtU3sBJbYBsjoPPg57pR+H/h0LN9glzdMzDqYniHwm5p6eqQZ2SsH
fUyVyt1O5zup1q+ozzX//jLSISCrlREaILCXIXdQ5yV/F2cwLHTz6hn0lHM6Sgfx
GfQYWY8fAgMBAAECggEAYYgOtNenDnzGeinLrIpLEupXN7x08d4OKb5mAHlhvKFS
C0qhvPa6ght80vbkqR4mH6/XarsT3GhXgzHdA24Q4yMH+Iz1gf22p7th4IujwMRO
7Q0W4hziAlkQa/+FF4/0A5Gdr1OjRtsDDtoOLI7Zd2IZgcUImqC4BubRLQ4mOc6H
ZoXN7B7H5BXEajBo3FKlXPIZi6OPeHAQtkflunU8ruWKf9sm5EblVjlOxMwoQi+d
BWExZ8uh9NfZQ/NwDTqR1pm8wzl9IS2W/b7i3GWKosFhPRu5XVt02XjDE/hDPuG2
7q2mQ5r7jlyDs3+M/6piijNetbhrvQ1m3oNChldWgQKBgQDhZaSTeVxjiV88hBK5
WPm3Z8fl5faz9uDj3NfXpBzDEr3rLnPI1aDddw3JoyoDy2gNFK05GLFqGg0vdqgR
FcoK89DSqNzXmeUZ++E4x/r2azstKVpm53qGDTmDr868g+xTnaWAR1HWl398mCVm
i+YAMA2Dq3V9+bwG6IY1567XvwKBgQDe+s9qnAxC/7e3mWus7h6QIgeFjbTSLa64
+qwej146iX3pP5qRsDSArbWat+V7t8r9UOYK8YOHAq8YbcOC8DZN/K90QpqqpxbV
v6e1rND2kMwPBFq0uEw5ptTgmgQVP+qd7+9xJ69NXfV9d6jrv5B1xFWK6EXOEVI7
IA4AspQgoQKBgDCQvxJLnv2PdubKKmKnaj77bJX7o9mJA1H1nshHAy+BFUzcWHRY
m228nkrpDj99D3FqGBzqViffbyHf9jygLkWH3WHWoqcN8NBVdmTOqiN4XWrQszri
+4JwzQiz097Iqh4mJKfsNhT/1adZ/Q0IbclykSbixdEcA0iVx31L619vAoGBAKl1
FtjAixkH2gkwEYK03IlRM0IuNXNdwGFYMCJxdn0qLIRtD/0UWnJIkbFpfH+PaDcn
mgxLC1g5k/QOxvzlrX+LP5QtYfm7TkFXjA8nrQ8Vb98hwgWB4nwV68ZdhijYEGfD
BseKD1HOzFhz7e5sAU9ezFvqtdIrm8DPVZT2IljBAoGAFtnVPVoOpLp/2uGgVMOx
l+XEOC9uPXWowBAUTsfL+KKp8vvQzmWx2SvYf4wO7940F6kGjyaCujNBq0X0XHlV
0TO5nwjcgkQldrp7+ZFVz9D1KUJni1lhlo8jxnrSWS8RL5cB1s0AUtv95bACLN5e
UhKecT1lHRq2d3kcYMVE3KE=
-----END PRIVATE KEY-----

28
CA/keys/ipbased.sv.key Normal file
View file

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDD4dpxkltDgJSE
Du7rjdUHglkSeiHJi4n+3HAbgfNysrEeQJgfSLm7xhHvxt6A0ojzmCu0smKxhmYE
nxpjBZtfG7YrN84HFlTtY3KLgq1Zt4Zj2vIrMWr29dT8s73E4/fves8qo45UndF5
GVXC+c6dUFLNcPvVmx25i1fKJs4Yi6KJ0Q8sTvH4soovIfWNiInyRu4v1tSLTIsV
XDZ5uOxiipdRYajulLI6vDXVh1KycMCkhtQudd8ip/JtJVVLBtfF2G+p0F4fYKca
6OyzZixznTMzVuco07jaUsJOe9jYPhLoXSkLbwnu2PHTDeEVyY5zXfIeKjwVFiDb
DVsD9nudAgMBAAECggEABHgYcwtnDCb4nHu3vUWW5O03KYoCT9Ygb6FpaGNCYe1M
R7erENmorS1TdvBHXtKO39nqs1x3jnvVw4i6wiQcW6Lm+Nz01SoQBXuFn0O7v0aF
6SzTZiNiQKCyu5JBQ+b8nujjJaKmKm2QXC41C/YFnga5YOkRQdogZz2T4u+YN6yb
sItUQfijUi/bcMSRsPQJaSPzmveecCGkGvpOZROEMQ1q3WJwy2G2BCrt3d504id8
O2ipdde/wQxYddhJRP6eRXRpauKwoWRPOkWkgh0THBtfniQh/WVkxJ00W8Tl9ttG
AamUSy24vfasSsfK2IrUhxsITscM79lPPUxwZDF0UQKBgQDhXsSsmb9dKi2nR8Ee
tBZR+Sv9s+WZIbJbSvFiTAfZ8a35nl9Aoe848osr1lNGe+y+xJpxzgkOnNYyNesR
o2P87/+ozgG5JToZqChWrSXmrY4LLYip7icu8uNOdMlXjQy4UURto84TyfJ1vXvE
XRy89h7nioYlFsn7o15G0J/tsQKBgQDegR7S62+kwlUu0ENw7vq8+NRGD0Wch9mU
OiVs6riwEdJ8btva02ME92PszCuodv+N0DC4ENzaqKStvEHoApE3tCFOO+E3xlPR
GsXuXfs8thjKikdC6r1J/8BwY04i/+fizD4FMcfs0wjEr01DvhSv8XybERNhs07/
fYGtEUBLrQKBgQCgzmfy5/k9Vp0goPhRGhpa/zm+WqBWtU54CW9Wvf1UKzgBxlkc
2u7AaX+YFeNxhXcVX178GREpVgsX5JUIDteHYQ/AuM1N+BwOtoeh4QYMJIYXv7Ol
3IIk47YBAx+u0rviwEndGWYvhIb2L++h2vZodgzzFUpGKI6SeK0KRk324QKBgQCo
P1KjgsvE9f2bjHeyqcKHqlA5OcsVddQctWsfVM2atZ9H4Dv21+kEFF1G7YwFsxXC
ki6EwJt/7A26IaRkX6yXRmn40maW2iz+7RPGDuKvIbLVVIJWI1JG5lEJqs2mwYMC
iBZNrzrR5TG4KCZwlwblk+D5EIxrUD7oCmtIBsdrcQKBgBGt6SiH9TFEaFjofmuf
VpEMuKE0n+pxzbt8JUK89I18tGEPLY+S0pMaMmYsbucPIgpp7DdG62Rmd4yq59JI
wQy3wYdTG2+n5L/zeWx/l0aixZSFh1sp5+LbAiBYLdbLp5GbtWlGNvw1cer0vJlc
+3VHcBpFxo2ZBEuIQPfwJit+
-----END PRIVATE KEY-----

28
CA/keys/localhost.key Normal file
View file

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDGJ0p8zDdlqBxY
fwe3FKFBbnIhHLl7B/GjxGE/SsRWkkLqPvhcynEgLiNEAC72MCPTO+/3IgLTKCFJ
RVBDz7FJsiVjXnkMxh8uiZVtQBlFM0i8TKjlANBjZixmznt62XD4RfZgrRteJRV4
qdKj471Pc37gCbrw9fQU+DmCj20w0QX2bkHlUCiAL2lyO9HdO28l3bnrAjZgflYE
oaolYXw4uT09k0sKgIpS7Mh2f2oZRITPufBOD55ROW/98kZPqzoSpRWnKn5LUm/0
rcKXRB7G2GNVg/cjTGWMwpofNGSSI0l+d5+5DX/+CHGs6RLRintYaJHywg2nkSB0
H/jBHUQrAgMBAAECgf8viUTOA1RcyVMK0fJNXDQ9QAOHjvJ7LqOLUftEN21e4lFB
KfAL+tyds3shawca6xnKVNTZuh9+VVkUnYiRl3E9XaeTMsKrjACImua2uOC2Koxw
rnb6pPktKH36vhkxyZHQZBzfOP/JJK6fONx+/6N1sXY+fBcXSaCf6t3+U1t7xC5n
XGTOmB62Rnzjr6LcYw4fmzfTOoCkYAg5MnCn518wCiqaj6xRE9hBZVEerai7j7Cp
r5Bbwpgzj2pi8S4PiJY2UxMJ1LlzSghmg2yT7unCb9A0BPzqfQyLITC4SHrzjhjc
g0KBtn1zpTr5ouHRFD2sj138PVOztTpC7riPoZUCgYEA7ZA4DBpmIobS72KR2QWv
qDkpwo10BzLG3FYM0MxEJMIQxlYYomkuuQ1dOTBsvt0oQ+kR3wsV7bh686y/0Ylj
rIWCLSszBR0tuLwPC/evzYlIkfT9o6Bz2dUotHA9c7arlI+jbHe9a/VPAOuk46nH
yM8qhdJyMDUwL1P3GX1qDr0CgYEA1YgZCqJpWF0QuzxBar3X/fa/pLMrwROMh3GZ
4luNTAGYwaKlCOSyRLfncylFbr82D/hxaMribHReqRTueO5rNBjZqNy2ELDL0fE1
B/Gi8cEimYhJJaFBI+jgno33W2y8/3qbuCV/nJuaMT/yTeZb+Uv2egr3NJJy+yNs
LQ/aoQcCgYEA3TGEThiicpFwg74WqKh3tr2K2YBVwYIQ0QU6J4uaA1PCxLlTdJ1V
CK6d12r0Rf6ryBeSMUgkIdS8fnihnds7uF4TKDVp6uARO0m3BOCZi1nA/U3MgHcc
h33GycMcJMq4FbpsYslW0Nd2uRevzt69i4cBQ9r/wU000Uxv7gbtIk0CgYEAknO+
4RlVcWKbOB/yqhg9DRVwibDNgKY8yySyK5spRQkPUTeRQ5E/Z3xOxSB4W6XPmZKH
jh0gwMvrpMITcWPsqRWmK3f9c2Me2AY8ng8v9+nEJlNf/+widlOhw32ROuZQllTs
epdVd/8M+VxnfuBREqH0Ee51cFxFelPoPNvT0n8CgYBO7lgqqC7RRkyVUqkandaR
WXPLIJSKl9943ih1WSL5UijUUCpdJWw2o0ayaOCV3ArLoQZ8OcAEGhQtYrI7PUy1
wlsFyQwRISP54H50BeD3O6uaDDIs0zLK9//IdcPteUPn0k9kU6JfepXnog1YJ8ox
Hk7W1EPi4aSITYnhX0Y6yw==
-----END PRIVATE KEY-----

103
CA/newcerts/42.pem Normal file
View file

@ -0,0 +1,103 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66 (0x42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv
Validity
Not Before: Oct 17 06:50:34 2024 GMT
Not After : Oct 17 06:50:34 2025 GMT
Subject: CN=localhost
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c6:27:4a:7c:cc:37:65:a8:1c:58:7f:07:b7:14:
a1:41:6e:72:21:1c:b9:7b:07:f1:a3:c4:61:3f:4a:
c4:56:92:42:ea:3e:f8:5c:ca:71:20:2e:23:44:00:
2e:f6:30:23:d3:3b:ef:f7:22:02:d3:28:21:49:45:
50:43:cf:b1:49:b2:25:63:5e:79:0c:c6:1f:2e:89:
95:6d:40:19:45:33:48:bc:4c:a8:e5:00:d0:63:66:
2c:66:ce:7b:7a:d9:70:f8:45:f6:60:ad:1b:5e:25:
15:78:a9:d2:a3:e3:bd:4f:73:7e:e0:09:ba:f0:f5:
f4:14:f8:39:82:8f:6d:30:d1:05:f6:6e:41:e5:50:
28:80:2f:69:72:3b:d1:dd:3b:6f:25:dd:b9:eb:02:
36:60:7e:56:04:a1:aa:25:61:7c:38:b9:3d:3d:93:
4b:0a:80:8a:52:ec:c8:76:7f:6a:19:44:84:cf:b9:
f0:4e:0f:9e:51:39:6f:fd:f2:46:4f:ab:3a:12:a5:
15:a7:2a:7e:4b:52:6f:f4:ad:c2:97:44:1e:c6:d8:
63:55:83:f7:23:4c:65:8c:c2:9a:1f:34:64:92:23:
49:7e:77:9f:b9:0d:7f:fe:08:71:ac:e9:12:d1:8a:
7b:58:68:91:f2:c2:0d:a7:91:20:74:1f:f8:c1:1d:
44:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
A4:6C:31:0A:60:12:EC:45:A8:D1:41:65:88:35:F7:E4:CD:C8:67:F9
X509v3 Authority Key Identifier:
98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94
X509v3 Subject Alternative Name:
DNS:localhost, DNS:www.localhost, DNS:127.0.0.1
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
85:46:99:83:09:a2:20:45:34:2d:d0:ca:21:20:ff:da:90:4e:
1a:b4:0a:1f:24:4e:a2:5b:5e:29:43:ee:03:ff:b0:41:ad:dc:
3a:53:1a:25:c0:08:ea:eb:ce:76:aa:c9:b3:7e:46:3c:dd:ff:
13:98:9a:53:fd:f7:60:8b:d8:4b:4d:8f:70:e1:5d:1f:de:7a:
62:70:2f:7b:c0:5d:1c:93:b7:9c:1e:d6:36:88:53:2a:f7:e5:
a1:71:21:e3:d8:e1:6b:14:ed:d7:3d:ea:78:b8:a6:7c:53:87:
b6:27:a2:50:d8:f3:21:0d:0b:48:e9:e0:cb:e1:21:16:52:de:
e7:ab:a5:31:e3:dc:82:b3:68:fc:9c:4a:7d:bd:1e:70:5c:81:
da:80:ac:65:e8:7f:5e:c5:86:2d:ed:3b:af:fa:5c:b2:cb:5a:
20:9a:50:ab:36:99:88:33:2a:9a:ad:4a:a4:be:e9:8a:05:2f:
80:6e:c2:d8:5d:35:38:d9:8a:2d:42:45:15:bc:35:4c:01:b1:
a8:27:7d:8d:14:f2:bc:56:c0:59:bf:2f:6a:db:fd:94:92:a2:
ff:3e:d1:d4:3c:c8:66:2b:2a:d8:97:1e:8b:ab:9b:50:71:05:
0f:84:b8:52:31:a2:bc:19:93:e0:d5:1f:e4:06:fb:24:ad:21:
2d:df:ee:85:cc:09:1d:4b:0d:69:93:9b:18:ae:bb:84:88:cb:
a6:0d:18:40:af:05:53:29:41:1d:5c:2e:2d:57:73:55:67:fe:
36:6c:7d:cf:20:c0:b3:16:60:49:6c:78:08:54:7f:87:15:24:
b2:9a:27:44:b9:cf:d7:41:33:3b:bd:c9:dd:d0:fb:5a:f2:1c:
c7:79:fe:5a:34:79:62:3d:4c:9f:bb:8c:45:52:34:c6:fa:2e:
f4:16:9a:49:6d:35:ea:65:6b:1e:08:ab:dd:b1:9d:d4:43:97:
74:c0:fb:00:51:ee:7e:49:31:d0:ea:cb:9e:f7:4e:fb:b8:fa:
4d:92:c4:cf:72:92:6c:49:7c:94:a6:a5:f8:a4:f4:95:2c:df:
e6:58:36:7c:22:2c:13:d8:c4:45:cd:68:69:9a:0c:a1:8e:04:
02:d1:fc:f0:bf:3c:1b:7e:b4:63:87:dc:ff:1b:08:84:01:b8:
75:00:fa:75:c3:92:4e:82:c4:88:1d:be:94:9e:a9:fd:6c:33:
31:22:3f:e8:fc:93:de:a7:c9:d4:ac:7f:99:a2:e1:44:c0:8b:
44:f4:1f:61:aa:a4:fb:03:b5:d4:fa:5f:ca:b0:96:8a:1f:65:
80:3d:ab:cd:b9:fd:3b:ce:27:b7:98:d5:22:ca:57:65:b1:40:
75:d4:72:6d:d9:cd:fa:dc
-----BEGIN CERTIFICATE-----
MIIEujCCAqKgAwIBAgIBQjANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx
EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI
dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp
bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2
MB4XDTI0MTAxNzA2NTAzNFoXDTI1MTAxNzA2NTAzNFowFDESMBAGA1UEAwwJbG9j
YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxidKfMw3Zagc
WH8HtxShQW5yIRy5ewfxo8RhP0rEVpJC6j74XMpxIC4jRAAu9jAj0zvv9yIC0ygh
SUVQQ8+xSbIlY155DMYfLomVbUAZRTNIvEyo5QDQY2YsZs57etlw+EX2YK0bXiUV
eKnSo+O9T3N+4Am68PX0FPg5go9tMNEF9m5B5VAogC9pcjvR3TtvJd256wI2YH5W
BKGqJWF8OLk9PZNLCoCKUuzIdn9qGUSEz7nwTg+eUTlv/fJGT6s6EqUVpyp+S1Jv
9K3Cl0QexthjVYP3I0xljMKaHzRkkiNJfnefuQ1//ghxrOkS0Yp7WGiR8sINp5Eg
dB/4wR1EKwIDAQABo4GLMIGIMAkGA1UdEwQCMAAwHQYDVR0OBBYEFKRsMQpgEuxF
qNFBZYg19+TNyGf5MB8GA1UdIwQYMBaAFJhzPpaEwEMUppekqPLoPLwgIGeUMC4G
A1UdEQQnMCWCCWxvY2FsaG9zdIINd3d3LmxvY2FsaG9zdIIJMTI3LjAuMC4xMAsG
A1UdDwQEAwIF4DANBgkqhkiG9w0BAQsFAAOCAgEAhUaZgwmiIEU0LdDKISD/2pBO
GrQKHyROolteKUPuA/+wQa3cOlMaJcAI6uvOdqrJs35GPN3/E5iaU/33YIvYS02P
cOFdH956YnAve8BdHJO3nB7WNohTKvfloXEh49jhaxTt1z3qeLimfFOHtieiUNjz
IQ0LSOngy+EhFlLe56ulMePcgrNo/JxKfb0ecFyB2oCsZeh/XsWGLe07r/pcssta
IJpQqzaZiDMqmq1KpL7pigUvgG7C2F01ONmKLUJFFbw1TAGxqCd9jRTyvFbAWb8v
atv9lJKi/z7R1DzIZisq2Jcei6ubUHEFD4S4UjGivBmT4NUf5Ab7JK0hLd/uhcwJ
HUsNaZObGK67hIjLpg0YQK8FUylBHVwuLVdzVWf+Nmx9zyDAsxZgSWx4CFR/hxUk
sponRLnP10EzO73J3dD7WvIcx3n+WjR5Yj1Mn7uMRVI0xvou9BaaSW016mVrHgir
3bGd1EOXdMD7AFHufkkx0OrLnvdO+7j6TZLEz3KSbEl8lKal+KT0lSzf5lg2fCIs
E9jERc1oaZoMoY4EAtH88L88G360Y4fc/xsIhAG4dQD6dcOSToLEiB2+lJ6p/Wwz
MSI/6PyT3qfJ1Kx/maLhRMCLRPQfYaqk+wO11PpfyrCWih9lgD2rzbn9O84nt5jV
IspXZbFAddRybdnN+tw=
-----END CERTIFICATE-----

103
CA/newcerts/43.pem Normal file
View file

@ -0,0 +1,103 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67 (0x43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv
Validity
Not Before: Oct 17 06:50:34 2024 GMT
Not After : Oct 17 06:50:34 2025 GMT
Subject: CN=ipbased.sv
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c3:e1:da:71:92:5b:43:80:94:84:0e:ee:eb:8d:
d5:07:82:59:12:7a:21:c9:8b:89:fe:dc:70:1b:81:
f3:72:b2:b1:1e:40:98:1f:48:b9:bb:c6:11:ef:c6:
de:80:d2:88:f3:98:2b:b4:b2:62:b1:86:66:04:9f:
1a:63:05:9b:5f:1b:b6:2b:37:ce:07:16:54:ed:63:
72:8b:82:ad:59:b7:86:63:da:f2:2b:31:6a:f6:f5:
d4:fc:b3:bd:c4:e3:f7:ef:7a:cf:2a:a3:8e:54:9d:
d1:79:19:55:c2:f9:ce:9d:50:52:cd:70:fb:d5:9b:
1d:b9:8b:57:ca:26:ce:18:8b:a2:89:d1:0f:2c:4e:
f1:f8:b2:8a:2f:21:f5:8d:88:89:f2:46:ee:2f:d6:
d4:8b:4c:8b:15:5c:36:79:b8:ec:62:8a:97:51:61:
a8:ee:94:b2:3a:bc:35:d5:87:52:b2:70:c0:a4:86:
d4:2e:75:df:22:a7:f2:6d:25:55:4b:06:d7:c5:d8:
6f:a9:d0:5e:1f:60:a7:1a:e8:ec:b3:66:2c:73:9d:
33:33:56:e7:28:d3:b8:da:52:c2:4e:7b:d8:d8:3e:
12:e8:5d:29:0b:6f:09:ee:d8:f1:d3:0d:e1:15:c9:
8e:73:5d:f2:1e:2a:3c:15:16:20:db:0d:5b:03:f6:
7b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
AE:29:15:C3:1A:2E:A1:2D:8F:E1:43:72:EB:0E:47:EA:96:CE:D3:A0
X509v3 Authority Key Identifier:
98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94
X509v3 Subject Alternative Name:
DNS:ipbased.sv, DNS:www.ipbased.sv
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
92:4a:92:9d:12:0e:14:fb:36:0a:bd:4e:6b:a2:7f:41:81:d5:
b8:bb:e6:68:23:0d:47:24:de:a8:01:98:08:e3:d2:6d:09:8b:
e6:d5:c2:25:52:c6:6c:82:46:fe:66:9b:2c:6c:f2:b2:ca:93:
de:74:b9:42:95:3e:f8:60:86:32:49:29:d8:c9:11:46:e9:2a:
ef:3f:1c:05:63:6a:de:d9:53:32:c5:4b:34:05:5d:ad:27:6e:
d6:e3:d3:79:ab:6d:e5:28:f1:dd:2c:aa:c9:1c:04:7f:b1:f1:
d1:12:a3:0b:4c:b4:dc:5d:3f:bb:cb:df:60:0d:0f:22:20:d1:
43:80:3e:cc:e7:bc:01:c4:4c:08:3e:2c:9d:3e:0b:6b:b2:68:
8d:94:1f:ad:dd:9f:6a:6a:ef:b4:8b:56:21:07:f0:69:b4:31:
3d:80:dd:27:86:c2:57:21:54:6a:f0:c2:bf:88:04:d5:11:97:
6b:a8:c0:f8:9f:dc:0a:63:f9:22:55:e5:71:58:dc:88:25:e5:
7e:ed:43:44:37:f5:35:7e:e6:1d:49:f2:32:f0:6f:0b:f3:45:
61:11:52:47:e9:42:32:2f:2c:96:0d:98:6d:92:e6:dd:a9:17:
67:f9:8f:ad:45:c1:6c:33:31:c4:ff:ca:25:fe:50:64:44:3a:
e2:a0:ea:3c:de:1b:2f:8a:7f:05:fa:12:04:f3:1a:40:52:87:
b5:ed:99:b1:7c:c8:df:de:bf:0a:54:b4:f9:2d:89:47:85:10:
21:53:f6:00:2a:7d:1f:9d:1f:05:10:a6:72:3b:7f:e1:01:0c:
63:79:10:7b:b3:dc:84:31:3b:4a:58:7a:37:4f:ea:01:bd:8a:
ea:19:b6:88:2c:fb:1a:8b:6c:a4:66:2b:8c:fc:76:23:00:2c:
5c:ce:fd:19:91:d5:18:a7:0f:8b:e7:59:7c:b8:d0:13:e8:bd:
9d:ea:d8:a9:85:2f:b8:f7:60:5a:2f:56:ba:98:98:44:a6:6a:
46:97:4d:66:f9:b8:ec:62:8d:52:02:e4:e7:42:8c:1b:5e:36:
90:ed:95:ce:35:e6:c1:81:88:13:0a:ad:0f:e7:39:a2:be:ea:
56:b2:a4:9e:7d:e5:99:44:2f:10:e0:b3:df:dc:25:4a:c1:35:
c4:17:fa:36:c2:2c:0d:01:b3:61:33:65:71:25:a8:a4:50:e2:
1c:25:32:35:7d:9a:bf:de:b4:13:1b:70:bf:b6:94:7f:7f:31:
0a:85:ae:f3:a7:71:f7:8d:28:7a:5f:a1:64:8e:9d:8c:8e:02:
62:83:6a:c9:dd:66:0c:10:bb:88:cd:4f:d6:58:2f:2a:a5:13:
f3:06:c0:20:1e:fe:b9:63
-----BEGIN CERTIFICATE-----
MIIEsTCCApmgAwIBAgIBQzANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx
EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI
dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp
bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2
MB4XDTI0MTAxNzA2NTAzNFoXDTI1MTAxNzA2NTAzNFowFTETMBEGA1UEAwwKaXBi
YXNlZC5zdjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMPh2nGSW0OA
lIQO7uuN1QeCWRJ6IcmLif7ccBuB83KysR5AmB9IubvGEe/G3oDSiPOYK7SyYrGG
ZgSfGmMFm18btis3zgcWVO1jcouCrVm3hmPa8isxavb11PyzvcTj9+96zyqjjlSd
0XkZVcL5zp1QUs1w+9WbHbmLV8omzhiLoonRDyxO8fiyii8h9Y2IifJG7i/W1ItM
ixVcNnm47GKKl1FhqO6Usjq8NdWHUrJwwKSG1C513yKn8m0lVUsG18XYb6nQXh9g
pxro7LNmLHOdMzNW5yjTuNpSwk572Ng+EuhdKQtvCe7Y8dMN4RXJjnNd8h4qPBUW
INsNWwP2e50CAwEAAaOBgTB/MAkGA1UdEwQCMAAwHQYDVR0OBBYEFK4pFcMaLqEt
j+FDcusOR+qWztOgMB8GA1UdIwQYMBaAFJhzPpaEwEMUppekqPLoPLwgIGeUMCUG
A1UdEQQeMByCCmlwYmFzZWQuc3aCDnd3dy5pcGJhc2VkLnN2MAsGA1UdDwQEAwIF
4DANBgkqhkiG9w0BAQsFAAOCAgEAkkqSnRIOFPs2Cr1Oa6J/QYHVuLvmaCMNRyTe
qAGYCOPSbQmL5tXCJVLGbIJG/mabLGzyssqT3nS5QpU++GCGMkkp2MkRRukq7z8c
BWNq3tlTMsVLNAVdrSdu1uPTeatt5Sjx3SyqyRwEf7Hx0RKjC0y03F0/u8vfYA0P
IiDRQ4A+zOe8AcRMCD4snT4La7JojZQfrd2famrvtItWIQfwabQxPYDdJ4bCVyFU
avDCv4gE1RGXa6jA+J/cCmP5IlXlcVjciCXlfu1DRDf1NX7mHUnyMvBvC/NFYRFS
R+lCMi8slg2YbZLm3akXZ/mPrUXBbDMxxP/KJf5QZEQ64qDqPN4bL4p/BfoSBPMa
QFKHte2ZsXzI396/ClS0+S2JR4UQIVP2ACp9H50fBRCmcjt/4QEMY3kQe7PchDE7
Slh6N0/qAb2K6hm2iCz7GotspGYrjPx2IwAsXM79GZHVGKcPi+dZfLjQE+i9nerY
qYUvuPdgWi9WupiYRKZqRpdNZvm47GKNUgLk50KMG142kO2VzjXmwYGIEwqtD+c5
or7qVrKknn3lmUQvEOCz39wlSsE1xBf6NsIsDQGzYTNlcSWopFDiHCUyNX2av960
Extwv7aUf38xCoWu86dx940oel+hZI6djI4CYoNqyd1mDBC7iM1P1lgvKqUT8wbA
IB7+uWM=
-----END CERTIFICATE-----

103
CA/newcerts/44.pem Normal file
View file

@ -0,0 +1,103 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68 (0x44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv
Validity
Not Before: Oct 17 06:50:34 2024 GMT
Not After : Oct 17 06:50:34 2025 GMT
Subject: CN=firma1.sv
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:88:0a:4d:ae:43:f8:5e:e6:16:11:27:1e:e5:76:
b7:ee:30:69:ad:9c:c9:70:8c:c1:6c:d6:90:be:74:
2b:9f:8e:78:0d:be:05:e9:ca:f7:f2:99:63:5d:1a:
d7:8e:4c:31:11:07:29:1e:7a:cf:57:f7:fd:8d:d1:
19:85:d3:bc:ea:88:e3:ef:6a:e7:a8:25:64:d3:c5:
98:2c:bf:4b:61:97:b3:f3:60:cf:67:36:3f:a4:ae:
e6:5d:39:39:ef:4a:68:d2:81:85:d4:0e:ce:86:37:
dd:f6:26:bd:d6:b9:43:f7:86:81:8f:c5:21:df:07:
70:83:e6:c4:7e:b9:f5:0b:36:53:08:64:68:10:47:
3b:37:10:5d:67:5e:01:34:4c:40:0e:3d:52:1d:c4:
2d:a9:d9:99:da:a9:2a:4f:cc:50:d9:13:75:a6:6b:
61:ec:6c:41:8f:65:dd:1b:8c:10:5d:16:37:df:f5:
93:f5:eb:ef:78:ac:51:95:56:f3:14:54:ae:e4:2a:
4f:53:8a:48:4b:cb:fd:d6:87:1d:69:20:65:08:94:
41:07:3e:51:c2:91:72:c0:ba:1a:2d:7e:24:cc:8b:
1c:6d:6a:bb:9c:70:05:5c:60:55:c1:8d:8d:22:3c:
2a:29:48:0a:22:d0:33:e9:81:73:2e:03:0e:e2:4b:
5b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
F0:B6:FE:32:8A:B2:06:B0:F1:5F:FB:D3:AD:4F:B0:E3:FC:68:DC:60
X509v3 Authority Key Identifier:
98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94
X509v3 Subject Alternative Name:
DNS:firma1.sv, DNS:www.firma1.sv
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
6a:32:10:32:ca:f1:43:fa:b8:c7:3b:74:b3:98:5c:aa:67:0a:
da:4e:19:cf:1c:af:30:36:04:e3:a0:7f:7d:70:1a:00:a7:94:
09:3e:c1:f5:8a:bc:46:11:e8:a4:7b:bd:b5:d7:4b:e3:e8:8b:
fd:0d:fb:24:25:31:0b:fb:f5:0f:10:b6:d8:7c:81:ff:aa:21:
ed:59:b6:75:5e:07:d9:ea:8d:a6:b9:f7:86:1e:3f:e7:2e:38:
9c:72:1f:f3:7f:58:12:07:4b:79:a6:17:a4:f1:65:41:1a:eb:
80:9a:43:59:9b:ff:7f:2d:6e:17:40:c1:5d:07:38:c9:bc:a8:
e2:f0:dd:01:08:8f:e0:c2:16:09:09:2b:26:7c:e6:4d:ea:3c:
2f:31:a1:7a:68:f2:84:fb:a0:9c:8c:c7:f2:ee:50:9e:b1:ff:
43:b8:a7:23:ce:66:2b:40:c5:bf:59:1d:52:84:59:da:74:3d:
f0:3a:8f:63:ad:3e:f2:05:c9:3a:a0:c9:01:fe:3d:a0:60:6f:
eb:ab:4a:40:36:64:31:dd:f0:1f:af:e0:0f:ee:c9:49:14:77:
bb:cc:dc:68:19:12:23:e5:31:6b:80:f4:16:dd:97:15:15:53:
23:9e:3d:a1:19:60:b6:9f:7c:d1:4d:58:5f:60:3d:41:db:96:
33:63:eb:d7:a7:a8:41:e6:0d:a2:5a:92:f4:5a:4c:56:23:c0:
15:bc:31:6e:88:33:6e:ba:c5:57:5f:93:24:32:fe:37:7b:02:
f4:e3:80:c2:65:81:4c:f4:2f:40:d2:b2:12:35:e0:14:42:98:
c3:07:c6:c0:5e:7c:22:6f:d1:ee:f3:36:bb:4e:5f:3f:84:d7:
3a:ad:88:d8:e6:e0:2b:f6:5a:9a:aa:19:7c:f9:c6:09:3b:90:
14:f1:40:a2:1e:d3:ca:a2:f2:ae:e6:26:28:25:aa:93:7a:0f:
14:d3:5e:1c:bf:50:0b:71:ab:60:51:ff:af:2d:af:38:6f:33:
f0:85:6b:a7:83:93:c1:6a:c0:76:2f:b5:d6:1c:2e:72:8b:83:
6e:c3:23:20:cd:6d:ba:46:16:d2:b7:ba:3b:b2:94:40:ca:b6:
3d:58:fc:01:8d:ff:89:2a:cb:4f:07:73:68:3c:70:8f:65:ae:
04:e4:6e:b8:77:58:4b:bd:86:cd:7c:96:00:58:2c:8a:ca:db:
24:c7:72:4e:ca:55:3d:68:fb:16:fb:bc:8d:6b:bc:60:3d:ea:
b6:2a:0d:f6:78:88:a6:6e:d2:09:68:e6:c1:f1:fd:45:fe:8e:
20:e5:7b:ce:85:58:6a:23:1f:0e:c4:55:a4:5a:c6:a1:1d:c9:
76:7e:4c:3e:fa:94:ed:be
-----BEGIN CERTIFICATE-----
MIIErTCCApWgAwIBAgIBRDANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx
EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI
dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp
bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2
MB4XDTI0MTAxNzA2NTAzNFoXDTI1MTAxNzA2NTAzNFowFDESMBAGA1UEAwwJZmly
bWExLnN2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiApNrkP4XuYW
ESce5Xa37jBprZzJcIzBbNaQvnQrn454Db4F6cr38pljXRrXjkwxEQcpHnrPV/f9
jdEZhdO86ojj72rnqCVk08WYLL9LYZez82DPZzY/pK7mXTk570po0oGF1A7Ohjfd
9ia91rlD94aBj8Uh3wdwg+bEfrn1CzZTCGRoEEc7NxBdZ14BNExADj1SHcQtqdmZ
2qkqT8xQ2RN1pmth7GxBj2XdG4wQXRY33/WT9evveKxRlVbzFFSu5CpPU4pIS8v9
1ocdaSBlCJRBBz5RwpFywLoaLX4kzIscbWq7nHAFXGBVwY2NIjwqKUgKItAz6YFz
LgMO4ktbrQIDAQABo38wfTAJBgNVHRMEAjAAMB0GA1UdDgQWBBTwtv4yirIGsPFf
+9OtT7Dj/GjcYDAfBgNVHSMEGDAWgBSYcz6WhMBDFKaXpKjy6Dy8ICBnlDAjBgNV
HREEHDAagglmaXJtYTEuc3aCDXd3dy5maXJtYTEuc3YwCwYDVR0PBAQDAgXgMA0G
CSqGSIb3DQEBCwUAA4ICAQBqMhAyyvFD+rjHO3SzmFyqZwraThnPHK8wNgTjoH99
cBoAp5QJPsH1irxGEeike72110vj6Iv9DfskJTEL+/UPELbYfIH/qiHtWbZ1XgfZ
6o2mufeGHj/nLjicch/zf1gSB0t5phek8WVBGuuAmkNZm/9/LW4XQMFdBzjJvKji
8N0BCI/gwhYJCSsmfOZN6jwvMaF6aPKE+6CcjMfy7lCesf9DuKcjzmYrQMW/WR1S
hFnadD3wOo9jrT7yBck6oMkB/j2gYG/rq0pANmQx3fAfr+AP7slJFHe7zNxoGRIj
5TFrgPQW3ZcVFVMjnj2hGWC2n3zRTVhfYD1B25YzY+vXp6hB5g2iWpL0WkxWI8AV
vDFuiDNuusVXX5MkMv43ewL044DCZYFM9C9A0rISNeAUQpjDB8bAXnwib9Hu8za7
Tl8/hNc6rYjY5uAr9lqaqhl8+cYJO5AU8UCiHtPKovKu5iYoJaqTeg8U014cv1AL
catgUf+vLa84bzPwhWung5PBasB2L7XWHC5yi4NuwyMgzW26RhbSt7o7spRAyrY9
WPwBjf+JKstPB3NoPHCPZa4E5G64d1hLvYbNfJYAWCyKytskx3JOylU9aPsW+7yN
a7xgPeq2Kg32eIimbtIJaObB8f1F/o4g5XvOhVhqIx8OxFWkWsahHcl2fkw++pTt
vg==
-----END CERTIFICATE-----

103
CA/newcerts/45.pem Normal file
View file

@ -0,0 +1,103 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69 (0x45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv
Validity
Not Before: Oct 17 06:50:35 2024 GMT
Not After : Oct 17 06:50:35 2025 GMT
Subject: CN=firma2.sv
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c4:52:f8:99:a8:d0:c2:c7:38:c7:07:13:48:4e:
90:1e:dd:77:9c:63:ed:4d:f9:ee:1a:3c:2a:32:fa:
67:3d:66:da:17:07:21:c2:94:2a:06:9e:da:7b:59:
ce:96:f5:48:e7:47:5f:4d:80:23:69:10:c7:5e:29:
3c:11:22:44:db:5f:bf:4d:04:37:08:2f:df:d6:1f:
5e:af:32:77:64:b1:52:4d:bf:96:30:cf:9c:db:ce:
c4:c4:f3:00:db:92:53:37:92:6e:bf:94:f5:97:e9:
cf:6c:07:76:4b:4d:97:58:c4:c4:9a:4a:36:80:bd:
dc:cd:7e:d4:3b:f0:fd:f0:89:e2:21:ef:d6:27:c0:
26:1c:1f:7f:21:7a:96:1f:0d:99:63:47:20:d4:b8:
f6:68:be:8c:24:cf:fe:f6:90:fb:f9:d1:d1:4b:b5:
4d:ec:04:96:d8:06:c8:e8:3c:f8:39:ee:94:7e:1f:
f8:74:2c:df:60:97:37:4c:cc:3a:98:9e:21:f0:9b:
9a:7a:7a:a4:19:d9:2b:07:7d:4c:95:ca:dd:4e:e7:
3b:a9:d6:af:a8:cf:35:ff:fe:32:d2:21:20:ab:95:
11:1a:20:b0:97:21:77:50:e7:25:7f:17:67:30:2c:
74:f3:ea:19:f4:94:73:3a:4a:07:f1:19:f4:18:59:
8f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
A4:7D:5A:AE:F2:08:5C:FD:C4:A1:63:F1:4E:A2:9E:4B:7B:F8:22:C3
X509v3 Authority Key Identifier:
98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94
X509v3 Subject Alternative Name:
DNS:firma2.sv, DNS:www.firma2.sv
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
70:73:cd:f4:ae:26:01:07:61:46:32:52:33:3b:69:04:09:4a:
bd:0d:9a:96:ee:a4:91:f9:67:6c:13:99:e2:c8:e4:19:b5:e6:
aa:fc:28:24:74:33:f1:d8:3f:4f:29:b9:ec:79:81:1a:22:b5:
5c:c1:bd:55:f2:2b:b5:e3:72:76:68:d6:09:41:4f:0a:0c:1d:
ff:09:67:33:16:b9:6e:f2:fb:40:f3:69:3c:cb:64:82:97:89:
a8:de:94:9a:1c:91:38:20:66:d3:43:4d:25:c1:29:b2:ea:ff:
4d:34:72:12:f0:a4:14:e3:6d:04:f6:a3:f7:22:5b:e8:13:e1:
75:0c:a1:82:87:69:75:4b:7d:5b:92:75:ff:00:ef:cd:ca:4d:
9e:4d:3a:a1:1a:18:5c:8b:15:a7:16:be:01:a7:56:f0:3d:72:
f1:97:09:83:82:f6:a2:e3:ee:ba:73:77:49:66:19:1b:1d:13:
fb:ef:b9:2f:87:5a:ad:32:27:cd:cf:9b:87:45:0a:95:fd:21:
2b:d3:14:9e:60:27:ec:f2:87:e1:92:6c:ef:f7:e1:30:b5:71:
66:d5:5a:4d:88:7e:fb:de:67:7c:e6:4d:e2:5e:fc:cb:62:8f:
13:3c:07:3b:b2:af:3b:80:31:62:9b:34:f4:cb:a5:a8:cb:d6:
07:83:72:d8:fd:5b:ef:c6:aa:74:a9:fa:6e:f7:ab:b7:b3:fa:
78:67:a7:63:3e:30:04:c1:fe:60:00:eb:3e:db:25:0a:7d:ed:
ba:e5:d2:60:6e:dc:1b:34:71:7d:e5:18:0d:ae:c6:83:09:72:
4d:7d:b4:58:d6:6e:5b:89:1b:f9:d1:18:9c:87:19:60:ed:f6:
b7:5b:1c:37:ea:91:94:0e:b3:31:c2:46:24:e7:4d:a6:73:32:
c0:c4:87:f2:b5:21:60:01:03:83:39:10:2b:e9:29:1b:3d:8b:
e8:c3:b5:99:8e:0d:37:94:e4:0f:b0:19:fd:04:e8:c1:a9:1c:
7e:b4:17:50:8a:b2:59:5b:ee:cf:40:4c:59:fc:2c:a7:a0:2c:
ac:22:f3:72:30:47:4e:1a:24:04:64:20:8b:49:5f:2d:78:45:
84:91:09:5b:e0:e4:b3:5b:ca:5f:8b:39:c5:00:38:95:71:7b:
da:09:4a:ed:49:76:b1:12:58:02:92:68:d6:2e:68:21:f5:5f:
40:3a:38:ed:d2:08:82:c0:60:3a:ae:22:6f:cd:5f:0c:a1:e9:
2c:e0:6b:f0:88:5f:c1:9e:eb:68:c8:95:77:93:21:f5:06:54:
5c:91:af:c8:b1:3a:1e:b2:8e:c4:69:74:66:bd:95:84:a2:bf:
d4:66:3e:34:3e:4e:03:91
-----BEGIN CERTIFICATE-----
MIIErTCCApWgAwIBAgIBRTANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx
EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI
dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp
bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2
MB4XDTI0MTAxNzA2NTAzNVoXDTI1MTAxNzA2NTAzNVowFDESMBAGA1UEAwwJZmly
bWEyLnN2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFL4majQwsc4
xwcTSE6QHt13nGPtTfnuGjwqMvpnPWbaFwchwpQqBp7ae1nOlvVI50dfTYAjaRDH
Xik8ESJE21+/TQQ3CC/f1h9erzJ3ZLFSTb+WMM+c287ExPMA25JTN5Juv5T1l+nP
bAd2S02XWMTEmko2gL3czX7UO/D98IniIe/WJ8AmHB9/IXqWHw2ZY0cg1Lj2aL6M
JM/+9pD7+dHRS7VN7ASW2AbI6Dz4Oe6Ufh/4dCzfYJc3TMw6mJ4h8JuaenqkGdkr
B31MlcrdTuc7qdavqM81//4y0iEgq5URGiCwlyF3UOclfxdnMCx08+oZ9JRzOkoH
8Rn0GFmPHwIDAQABo38wfTAJBgNVHRMEAjAAMB0GA1UdDgQWBBSkfVqu8ghc/cSh
Y/FOop5Le/giwzAfBgNVHSMEGDAWgBSYcz6WhMBDFKaXpKjy6Dy8ICBnlDAjBgNV
HREEHDAagglmaXJtYTIuc3aCDXd3dy5maXJtYTIuc3YwCwYDVR0PBAQDAgXgMA0G
CSqGSIb3DQEBCwUAA4ICAQBwc830riYBB2FGMlIzO2kECUq9DZqW7qSR+WdsE5ni
yOQZteaq/CgkdDPx2D9PKbnseYEaIrVcwb1V8iu143J2aNYJQU8KDB3/CWczFrlu
8vtA82k8y2SCl4mo3pSaHJE4IGbTQ00lwSmy6v9NNHIS8KQU420E9qP3IlvoE+F1
DKGCh2l1S31bknX/AO/Nyk2eTTqhGhhcixWnFr4Bp1bwPXLxlwmDgvai4+66c3dJ
ZhkbHRP777kvh1qtMifNz5uHRQqV/SEr0xSeYCfs8ofhkmzv9+EwtXFm1VpNiH77
3md85k3iXvzLYo8TPAc7sq87gDFimzT0y6Woy9YHg3LY/Vvvxqp0qfpu96u3s/p4
Z6djPjAEwf5gAOs+2yUKfe265dJgbtwbNHF95RgNrsaDCXJNfbRY1m5biRv50Ric
hxlg7fa3Wxw36pGUDrMxwkYk502mczLAxIfytSFgAQODORAr6SkbPYvow7WZjg03
lOQPsBn9BOjBqRx+tBdQirJZW+7PQExZ/CynoCysIvNyMEdOGiQEZCCLSV8teEWE
kQlb4OSzW8pfiznFADiVcXvaCUrtSXaxElgCkmjWLmgh9V9AOjjt0giCwGA6riJv
zV8Moeks4GvwiF/BnutoyJV3kyH1BlRcka/IsToeso7EaXRmvZWEor/UZj40Pk4D
kQ==
-----END CERTIFICATE-----

392
CA/openssl.cnf Normal file
View file

@ -0,0 +1,392 @@
#
# OpenSSL example configuration file.
# See doc/man5/config.pod for more info.
#
# This is mostly being used for generation of certificate requests,
# but may be used for auto loading of providers
# Note that you can include other files from the main configuration
# file using the .include directive.
#.include filename
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
# Use this in order to automatically load providers.
openssl_conf = openssl_init
# Comment out the next line to ignore configuration errors
config_diagnostics = 1
# Extra OBJECT IDENTIFIER info:
# oid_file = $ENV::HOME/.oid
oid_section = new_oids
# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:
# extensions =
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)
[ new_oids ]
# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
# Add a simple OID like this:
# testoid1=1.2.3.4
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6
# Policies used by the TSA examples.
tsa_policy1 = 1.2.3.4.1
tsa_policy2 = 1.2.3.4.5.6
tsa_policy3 = 1.2.3.4.5.7
# For FIPS
# Optionally include a file that is generated by the OpenSSL fipsinstall
# application. This file contains configuration data required by the OpenSSL
# fips provider. It contains a named section e.g. [fips_sect] which is
# referenced from the [provider_sect] below.
# Refer to the OpenSSL security policy for more information.
# .include fipsmodule.cnf
[openssl_init]
# providers = provider_sect
# List of providers to load
# [provider_sect]
# default = default_sect
# The fips section name should match the section name inside the
# included fipsmodule.cnf.
# fips = fips_sect
# If no providers are activated explicitly, the default one is activated implicitly.
# See man 7 OSSL_PROVIDER-default for more details.
#
# If you add a section explicitly activating any other provider(s), you most
# probably need to explicitly activate the default provider, otherwise it
# becomes unavailable in openssl. As a consequence applications depending on
# OpenSSL may not work correctly which could lead to significant system
# problems including inability to remotely access the system.
# [default_sect]
# activate = 1
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = /usr/local/apache2/CA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several certs with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crlnumber = $dir/crlnumber # the current crl number
# must be commented out to leave a V1 CRL
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
x509_extensions = usr_cert # The extensions to add to the cert
# Comment out the following two lines for the "traditional"
# (and highly broken) format.
name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options
# Extension copying option: use with caution.
# copy_extensions = copy
copy_extensions = copy
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crlnumber must also be commented out to leave a V1 CRL.
# crl_extensions = crl_ext
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = default # use public key default MD
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_anything
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
default_bits = 2048
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extensions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret
# output_password = secret
# This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
# utf8only: only UTF8Strings (PKIX recommendation after 2004).
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
# MASK:XXXX a literal mask value.
# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
string_mask = utf8only
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Some-State
localityName = Locality Name (eg, city)
0.organizationName = Organization Name (eg, company)
0.organizationName_default = Internet Widgits Pty Ltd
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
#organizationalUnitName_default =
commonName = Common Name (e.g. server FQDN or YOUR name)
commonName_max = 64
emailAddress = Email Address
emailAddress_max = 64
# SET-ex3 = SET extension number 3
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
challengePassword_max = 20
unstructuredName = An optional company name
[ usr_cert ]
# These extensions are added when 'ca' signs a request.
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# An alternative to produce certificates that aren't
# deprecated according to PKIX.
# subjectAltName=email:move
# Copy subject details
# issuerAltName=issuer:copy
# This is required for TSA certificates.
# extendedKeyUsage = critical,timeStamping
[ v3_req ]
subjectAltName = $ENV::SUBJALTNAME
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer
basicConstraints = critical,CA:true
# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
# keyUsage = cRLSign, keyCertSign
# Include email address in subject alt name: another PKIX recommendation
# subjectAltName=email:copy
# Copy issuer details
# issuerAltName=issuer:copy
# DER hex encoding of an extension: beware experts only!
# obj=DER:02:03
# Where 'obj' is a standard or added object
# You can even override a supported extension:
# basicConstraints= critical, DER:30:03:01:01:FF
[ crl_ext ]
# CRL extensions.
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always
[ proxy_cert_ext ]
# These extensions should be added when creating a proxy certificate
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# An alternative to produce certificates that aren't
# deprecated according to PKIX.
# subjectAltName=email:move
# Copy subject details
# issuerAltName=issuer:copy
# This really needs to be in place for it to be a proxy certificate.
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
####################################################################
[ tsa ]
default_tsa = tsa_config1 # the default TSA section
[ tsa_config1 ]
# These are used by the TSA reply generation only.
dir = /usr/local/apache2/CA # TSA root directory
serial = $dir/tsaserial # The current serial number (mandatory)
crypto_device = builtin # OpenSSL engine to use for signing
signer_cert = $dir/tsacert.pem # The TSA signing certificate
# (optional)
certs = $dir/cacert.pem # Certificate chain to include in reply
# (optional)
signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
signer_digest = sha256 # Signing digest to use. (Optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory)
accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
clock_precision_digits = 0 # number of digits after dot. (optional)
ordering = yes # Is ordering defined for timestamps?
# (optional, default: no)
tsa_name = yes # Must the TSA name be included in the reply?
# (optional, default: no)
ess_cert_id_chain = no # Must the ESS cert id chain be included?
# (optional, default: no)
ess_cert_id_alg = sha1 # algorithm to compute certificate
# identifier (optional, default: sha1)
[insta] # CMP using Insta Demo CA
# Message transfer
server = pki.certificate.fi:8700
# proxy = # set this as far as needed, e.g., http://192.168.1.1:8080
# tls_use = 0
path = pkix/
# Server authentication
recipient = "/C=FI/O=Insta Demo/CN=Insta Demo CA" # or set srvcert or issuer
ignore_keyusage = 1 # potentially needed quirk
unprotected_errors = 1 # potentially needed quirk
extracertsout = insta.extracerts.pem
# Client authentication
ref = 3078 # user identification
secret = pass:insta # can be used for both client and server side
# Generic message options
cmd = ir # default operation, can be overridden on cmd line with, e.g., kur
# Certificate enrollment
subject = "/CN=openssl-cmp-test"
newkey = insta.priv.pem
out_trusted = apps/insta.ca.crt # does not include keyUsage digitalSignature
certout = insta.cert.pem
[pbm] # Password-based protection for Insta CA
# Server and client authentication
ref = $insta::ref # 3078
secret = $insta::secret # pass:insta
[signature] # Signature-based protection for Insta CA
# Server authentication
trusted = $insta::out_trusted # apps/insta.ca.crt
# Client authentication
secret = # disable PBM
key = $insta::newkey # insta.priv.pem
cert = $insta::certout # insta.cert.pem
[ir]
cmd = ir
[cr]
cmd = cr
[kur]
# Certificate update
cmd = kur
oldcert = $insta::certout # insta.cert.pem
[rr]
# Certificate revocation
cmd = rr
oldcert = $insta::certout # insta.cert.pem

52
CA/private/cakey.pem Normal file
View file

@ -0,0 +1,52 @@
-----BEGIN PRIVATE KEY-----
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCznYEpE/pcWzht
O8HkgPM6giFxQ6cnq7m+fjuowtZzD0UhBWP4GEAO7PY7aHhh5u8UBpeunX39GWK3
OBmpbhE7OIsiru9o3iEq7/6anrSIiCpLFTtQFTFDmPPt2gBFKlNjMS647lgH7vkD
TI3rTn70Cm4pCjD0yzXGOv726+3f0WuF+j31ozc+hDKMt4YXIIADzskjF7a209Ub
OpB7u61vE6VSgnWuwjhitxgBT6aVdLsGinqy5tsDrDtia+koyNGI3GycyRZcthw0
quEtlNwz9+keRn6kaVm8WOOfWyvSIZselxrSSheVnELHEQtZaDqjsfFqLGn6elEl
ZK8V8/kclhdkQLzdSrLmYf7lSGV47NyzulehAFryY0XK891Opfu6X0aqnZ77r5jv
V5L+oNNvzthW43QWN0+RcFNcUVOfm3llGxnu+IO48GYyDw753wDvK0B9EZ/7ru+i
KNYWY5w0hKzldUWKw6LstGiKZqUnTKSAK+glQnCUihWypWE+qpJZUD/YybcDReKe
YGOcalSg79fDWJ/Cw2tHhT7Hv6n6L/iyp22O5oCbs0Nny9VpaFx8DMfVgELMNp+U
lG4621/PKlTy7pPlyCyahJb/Do1R9Erqandpgd8yOOhbRBcEITFX4txuor/fmH4r
rpTHEe66tw8X76iH/d4sqZSAmw7YiQIDAQABAoICACemkAJE9kJYIts+U13Bt7AF
VSOfVzGzP6RVUo89P8ETsGOLQJfeppmE5xCTTevy4nlNwUNbYhoy9e9Tc5rLAQPN
Ri3IZ3KDgtfrNg3lFh6DzK5ZiAf0PbVZ+RNbSi76moDttQ4/E3Dg6Ni5GCVHZVAz
U0E9DjSj/YF+uZVB3PfJT866QN5Ogx4KaexVgUTuuEPe7NkR3ZR7q/JAWe/urOk1
8YuG4DrNhkwIdkSn1DLvG3BktpRy0Qt9BHkEMGr/9f2cB2APJiAeVZis1lvNHlVc
l3pG/qMF3Lju+ITPyBsxrwAwREwC7jTpU3aFhTdeAn/rgss49cZFJU+3a81RV/8A
GftS42ocmTZQjfXsAG+dtzjKrbww41TfPHaD+4OBW8Gx0sqrc3Ko3w3mnUxc0kew
HkEdVU0ev1nJC2SzmXT6dlGW4+Y3yTh9MNCN4ni7BWAagGdEK+eYy0PQOFgsI8oz
Cnf7YA/xU4O01C3IM74aZNH3iA/YLtTLq3rOVVpievp343SwgvuO2OEuWUxb9NfP
8LU8J3j7B3oXJQOuaOaSFrvaaKSldtRZRNq6KY5q8tXTgPGE/ZuT9DvEbY1CaKUy
5JFxjqG5tIfM9prmW438mfq2lGcgMscn5h+wDr3EAF1p6NNzhMN74+hLpA7ndnJv
GMRhrBDSYF7KltmUhQu5AoIBAQDmY0U3pdersh9c9rp6wEeYft3JtSRQ0z4ijZjb
IdOs47Wh1cnsvj6eKj4ofU1FaBAnV/ZTjrGLGnav0Nt87xjsdOqOfz0pn4XWanKr
fU8ip9RhP3aWByaDQ/3Sj6+Mjl5CCrkDUBzmucvflhUpYdHKhX5N9YkTNjsUUkzc
B/aFQVajJP19s3+SQuEwfDjrAkPI2aRdX1oDKnmb8oxKUQLVPpXe9B+xLO9UQRH/
qMxshegbXZMoMAMz3hJNtqo1++BSGDGkxU2ycWniyvZUI61lCfwx4TXfJOqNre75
E4y2x14il1Dev/agVRBNVugyxj6OheIr3A5JkmzUQlLZJB9NAoIBAQDHlUWIbTRj
aPLNAVQc0IHviRBliP/87UkZvZ+g64xwqXpbLEQfbJ0/RF6/4wqv9ns+CpHZeQEe
5aLsp7zXgREF9vM5a8rg41zzi3p5DxX798xt/+WfRo5KWM9+tri5IfxBC/0CEIy5
hZFUOhg6gI/EH8wTyuVvz5sSiyDi2mEkhclEhVxGb9LD4vqXzuv/6BD2UpoWO4go
xvtt21Vdbnc+doTqKBKVMqh3uadYCb5/Z1Wf6rAWq8hIwEr6Houu8DvBLR2eI6Xs
1XwA1m6mrMVarI3GORQ5vLBkgYBq7Wv9R12yCgJXZNCVSujefQFFJRtrf56rc5ps
TRLQXSxPDrgtAoIBABWCuUi71Eo0pFcCtmCVqVmkpsKZhh2By7BgNiBnpSLkU+Yb
VvIixSfxW8JeCKPtVmzF+rrMfOk2/FPoFUYx8MrLE8dgO+6x9UYSxEgcuBHNR7gY
u9LAMilZZM6PGd3uwQA7jhCwHzKvsEhc8/bcKkFVe3h972F608NO99wnZi4E7rjm
0EA3TTbzxaDISGww1vFe2MjbCUV4ZshXuh+KNtCAOnAJrRfW0TW1qZ+MPCH50rUT
ZJUA/puOJXlaD8Rgkw43MhNnVJzPmApT1vH+LsdbSk/B7ky6XqgB0GkzGRVLwg9K
v4M8uyM3LgF6ls1+0wJtn7NmpXLbGAwtcRzTEZUCggEAZO0KVXwL0v1+UscKNuwF
2RCx1vaZpNiFb9vhPin/QfWiJzrSVCXDuvujAlwYynTVS8FikdvMAkjTw+Lq7vuY
lTCVPINS+7heB9aPn2pOjrV3jmSqRIoUaGpSu1xBO3WBL4+VaRbfYu21WSdrmyHq
EZ6Wv6eJsKoGXDE49x7Bowt4hQr/Z6sipOZCHMSJuUYsVbPdscJ3D0/YU2xn1bCH
4nFis1qCUypj4O9kPXPn/ltOBGlUlJJX3NpI0ATkVBmtzfk3kgGq5YHrjCzjlaum
vTynEQdKQAw4Ewsd2nSneFQ/gEnpdzJG/Ef+TIxgOQwTup+1qDP0cjHjgrSrNGtY
HQKCAQEA4VyroQbfhNnv372UPQ+nRRO8W39N01R5inlh3Ox+w9tWLb0tir9uZDTW
RxSlqtjRgXH3XufaOeIEIka7JRffk68HUEfHs9BA0COCkZn4G7Xhq9Y8/qTrAwF5
2U/Bk2kuCq+AFpvMo/7vK48JoDM5t1k4YoSP7J9O0T/DY+uKjhfUyQVH5lUrKWfO
76Atj4vjVbEzVkdyqlJC5OD9oXP6G5TNzjVMQ32fPJoqgT6T1W+C+sG0ZgZzcGkG
MBTDApejftpxuGIeZdpamSrrBNCo+I66INUJmANVRMxHyCgb4CJKvjJVqQYAMHHG
hIxmWrSyVbTLjBGt+q5cKsODGRXgYA==
-----END PRIVATE KEY-----

1
CA/serial Normal file
View file

@ -0,0 +1 @@
46

1
CA/serial.old Normal file
View file

@ -0,0 +1 @@
45