diff --git a/CA/cacert.pem b/CA/cacert.pem new file mode 100644 index 0000000..e929437 --- /dev/null +++ b/CA/cacert.pem @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGHzCCBAegAwIBAgIUIWY8g4E1+znFesEFVN7wEHaTKGQwDQYJKoZIhvcNAQEL +BQAwgZ4xCzAJBgNVBAYTAkRFMRAwDgYDVQQIDAdGcmFua2VuMRIwEAYDVQQHDAlT +Y2h3YWJhY2gxETAPBgNVBAoMCHZlbHQuYml6MSowKAYDVQQLDCFPcGVuLVNvdXJj +ZSBDb25zdWx0aW5nICYgVHJhaW5pbmcxGjAYBgkqhkiG9w0BCQEWC2NhQHZlbHQu +Yml6MQ4wDAYDVQQDDAVjYS5zdjAeFw0yNDEwMTcwNjUwMzNaFw0zNDEwMTUwNjUw +MzNaMIGeMQswCQYDVQQGEwJERTEQMA4GA1UECAwHRnJhbmtlbjESMBAGA1UEBwwJ +U2Nod2FiYWNoMREwDwYDVQQKDAh2ZWx0LmJpejEqMCgGA1UECwwhT3Blbi1Tb3Vy +Y2UgQ29uc3VsdGluZyAmIFRyYWluaW5nMRowGAYJKoZIhvcNAQkBFgtjYUB2ZWx0 +LmJpejEOMAwGA1UEAwwFY2Euc3YwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCznYEpE/pcWzhtO8HkgPM6giFxQ6cnq7m+fjuowtZzD0UhBWP4GEAO7PY7 +aHhh5u8UBpeunX39GWK3OBmpbhE7OIsiru9o3iEq7/6anrSIiCpLFTtQFTFDmPPt +2gBFKlNjMS647lgH7vkDTI3rTn70Cm4pCjD0yzXGOv726+3f0WuF+j31ozc+hDKM +t4YXIIADzskjF7a209UbOpB7u61vE6VSgnWuwjhitxgBT6aVdLsGinqy5tsDrDti +a+koyNGI3GycyRZcthw0quEtlNwz9+keRn6kaVm8WOOfWyvSIZselxrSSheVnELH +EQtZaDqjsfFqLGn6elElZK8V8/kclhdkQLzdSrLmYf7lSGV47NyzulehAFryY0XK +891Opfu6X0aqnZ77r5jvV5L+oNNvzthW43QWN0+RcFNcUVOfm3llGxnu+IO48GYy +Dw753wDvK0B9EZ/7ru+iKNYWY5w0hKzldUWKw6LstGiKZqUnTKSAK+glQnCUihWy +pWE+qpJZUD/YybcDReKeYGOcalSg79fDWJ/Cw2tHhT7Hv6n6L/iyp22O5oCbs0Nn +y9VpaFx8DMfVgELMNp+UlG4621/PKlTy7pPlyCyahJb/Do1R9Erqandpgd8yOOhb +RBcEITFX4txuor/fmH4rrpTHEe66tw8X76iH/d4sqZSAmw7YiQIDAQABo1MwUTAd +BgNVHQ4EFgQUmHM+loTAQxSml6So8ug8vCAgZ5QwHwYDVR0jBBgwFoAUmHM+loTA +QxSml6So8ug8vCAgZ5QwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC +AgEAsToJuGACdafaKSUEhCfB994zxws89f1McRFe+pxKmVjmlIVMsJOsMcwqOfdb +ZeGSzvkt+w2cuSLcTVN7Y83rbzAC4GLHNA5IMyzvi96MM1vUCIitrfEOJp8TKXCj +vuQ1jXpEqGJA4iIMRbEW1lnI1Mj4G1+8dbjkbJ1xEE+91IFi1Lk1X239wnPe8xZ4 +URVQaNL3ToGMVXQhGwivm8+2jBP2BRN2emBKiN5FbCoPcV3uVT6iG+Sdu5IZozeS +IBujn505gLBvXdwG3VzigAYQ9UyXEfKHPIbpW+RoPG1YHjxk1JSvqOgVxgPifK6Z +kTr7V+NNdnbAi3LDw1ejZegSWJHzlepsEde5vOkA4tmXQwpmeCRx1tj95KpzHyur +DKlNhylyLYXGYzt/F+IWLosLjUfoKgMoASfn7d8N8+2m9KKIumjVqfzjfsuKHtwL +m5d2Zp+BAJWP5tSlnl/6PugmCwEFeorfaCBOLCUaV16JX8IfQcwa4MuZ0pkBHW46 +JsiWYJdmVhX/O34aQwMi53WlA82JP3MEr3AB3za38dtpnTn6GBTKvsOdk2ECCEkT +ESJVOX+mO1Pxc9JUY5b+2h77JWQfC0VKtvlxXwex2NojQW3z7uJcsRF2jQKaTXTD +XY1FRAu+stJj8zUPuCxdPA4WdUeCsl+iSGt5UjBqbKHMbC0= +-----END CERTIFICATE----- diff --git a/CA/certs/firma1.sv.crt b/CA/certs/firma1.sv.crt new file mode 100644 index 0000000..4e41bf0 --- /dev/null +++ b/CA/certs/firma1.sv.crt @@ -0,0 +1,103 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 68 (0x44) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv + Validity + Not Before: Oct 17 06:50:34 2024 GMT + Not After : Oct 17 06:50:34 2025 GMT + Subject: CN=firma1.sv + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:88:0a:4d:ae:43:f8:5e:e6:16:11:27:1e:e5:76: + b7:ee:30:69:ad:9c:c9:70:8c:c1:6c:d6:90:be:74: + 2b:9f:8e:78:0d:be:05:e9:ca:f7:f2:99:63:5d:1a: + d7:8e:4c:31:11:07:29:1e:7a:cf:57:f7:fd:8d:d1: + 19:85:d3:bc:ea:88:e3:ef:6a:e7:a8:25:64:d3:c5: + 98:2c:bf:4b:61:97:b3:f3:60:cf:67:36:3f:a4:ae: + e6:5d:39:39:ef:4a:68:d2:81:85:d4:0e:ce:86:37: + dd:f6:26:bd:d6:b9:43:f7:86:81:8f:c5:21:df:07: + 70:83:e6:c4:7e:b9:f5:0b:36:53:08:64:68:10:47: + 3b:37:10:5d:67:5e:01:34:4c:40:0e:3d:52:1d:c4: + 2d:a9:d9:99:da:a9:2a:4f:cc:50:d9:13:75:a6:6b: + 61:ec:6c:41:8f:65:dd:1b:8c:10:5d:16:37:df:f5: + 93:f5:eb:ef:78:ac:51:95:56:f3:14:54:ae:e4:2a: + 4f:53:8a:48:4b:cb:fd:d6:87:1d:69:20:65:08:94: + 41:07:3e:51:c2:91:72:c0:ba:1a:2d:7e:24:cc:8b: + 1c:6d:6a:bb:9c:70:05:5c:60:55:c1:8d:8d:22:3c: + 2a:29:48:0a:22:d0:33:e9:81:73:2e:03:0e:e2:4b: + 5b:ad + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + F0:B6:FE:32:8A:B2:06:B0:F1:5F:FB:D3:AD:4F:B0:E3:FC:68:DC:60 + X509v3 Authority Key Identifier: + 98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94 + X509v3 Subject Alternative Name: + DNS:firma1.sv, DNS:www.firma1.sv + X509v3 Key Usage: + Digital Signature, Non Repudiation, Key Encipherment + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 6a:32:10:32:ca:f1:43:fa:b8:c7:3b:74:b3:98:5c:aa:67:0a: + da:4e:19:cf:1c:af:30:36:04:e3:a0:7f:7d:70:1a:00:a7:94: + 09:3e:c1:f5:8a:bc:46:11:e8:a4:7b:bd:b5:d7:4b:e3:e8:8b: + fd:0d:fb:24:25:31:0b:fb:f5:0f:10:b6:d8:7c:81:ff:aa:21: + ed:59:b6:75:5e:07:d9:ea:8d:a6:b9:f7:86:1e:3f:e7:2e:38: + 9c:72:1f:f3:7f:58:12:07:4b:79:a6:17:a4:f1:65:41:1a:eb: + 80:9a:43:59:9b:ff:7f:2d:6e:17:40:c1:5d:07:38:c9:bc:a8: + e2:f0:dd:01:08:8f:e0:c2:16:09:09:2b:26:7c:e6:4d:ea:3c: + 2f:31:a1:7a:68:f2:84:fb:a0:9c:8c:c7:f2:ee:50:9e:b1:ff: + 43:b8:a7:23:ce:66:2b:40:c5:bf:59:1d:52:84:59:da:74:3d: + f0:3a:8f:63:ad:3e:f2:05:c9:3a:a0:c9:01:fe:3d:a0:60:6f: + eb:ab:4a:40:36:64:31:dd:f0:1f:af:e0:0f:ee:c9:49:14:77: + bb:cc:dc:68:19:12:23:e5:31:6b:80:f4:16:dd:97:15:15:53: + 23:9e:3d:a1:19:60:b6:9f:7c:d1:4d:58:5f:60:3d:41:db:96: + 33:63:eb:d7:a7:a8:41:e6:0d:a2:5a:92:f4:5a:4c:56:23:c0: + 15:bc:31:6e:88:33:6e:ba:c5:57:5f:93:24:32:fe:37:7b:02: + f4:e3:80:c2:65:81:4c:f4:2f:40:d2:b2:12:35:e0:14:42:98: + c3:07:c6:c0:5e:7c:22:6f:d1:ee:f3:36:bb:4e:5f:3f:84:d7: + 3a:ad:88:d8:e6:e0:2b:f6:5a:9a:aa:19:7c:f9:c6:09:3b:90: + 14:f1:40:a2:1e:d3:ca:a2:f2:ae:e6:26:28:25:aa:93:7a:0f: + 14:d3:5e:1c:bf:50:0b:71:ab:60:51:ff:af:2d:af:38:6f:33: + f0:85:6b:a7:83:93:c1:6a:c0:76:2f:b5:d6:1c:2e:72:8b:83: + 6e:c3:23:20:cd:6d:ba:46:16:d2:b7:ba:3b:b2:94:40:ca:b6: + 3d:58:fc:01:8d:ff:89:2a:cb:4f:07:73:68:3c:70:8f:65:ae: + 04:e4:6e:b8:77:58:4b:bd:86:cd:7c:96:00:58:2c:8a:ca:db: + 24:c7:72:4e:ca:55:3d:68:fb:16:fb:bc:8d:6b:bc:60:3d:ea: + b6:2a:0d:f6:78:88:a6:6e:d2:09:68:e6:c1:f1:fd:45:fe:8e: + 20:e5:7b:ce:85:58:6a:23:1f:0e:c4:55:a4:5a:c6:a1:1d:c9: + 76:7e:4c:3e:fa:94:ed:be +-----BEGIN CERTIFICATE----- +MIIErTCCApWgAwIBAgIBRDANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx +EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI +dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp +bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2 +MB4XDTI0MTAxNzA2NTAzNFoXDTI1MTAxNzA2NTAzNFowFDESMBAGA1UEAwwJZmly +bWExLnN2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiApNrkP4XuYW +ESce5Xa37jBprZzJcIzBbNaQvnQrn454Db4F6cr38pljXRrXjkwxEQcpHnrPV/f9 +jdEZhdO86ojj72rnqCVk08WYLL9LYZez82DPZzY/pK7mXTk570po0oGF1A7Ohjfd +9ia91rlD94aBj8Uh3wdwg+bEfrn1CzZTCGRoEEc7NxBdZ14BNExADj1SHcQtqdmZ +2qkqT8xQ2RN1pmth7GxBj2XdG4wQXRY33/WT9evveKxRlVbzFFSu5CpPU4pIS8v9 +1ocdaSBlCJRBBz5RwpFywLoaLX4kzIscbWq7nHAFXGBVwY2NIjwqKUgKItAz6YFz +LgMO4ktbrQIDAQABo38wfTAJBgNVHRMEAjAAMB0GA1UdDgQWBBTwtv4yirIGsPFf ++9OtT7Dj/GjcYDAfBgNVHSMEGDAWgBSYcz6WhMBDFKaXpKjy6Dy8ICBnlDAjBgNV +HREEHDAagglmaXJtYTEuc3aCDXd3dy5maXJtYTEuc3YwCwYDVR0PBAQDAgXgMA0G +CSqGSIb3DQEBCwUAA4ICAQBqMhAyyvFD+rjHO3SzmFyqZwraThnPHK8wNgTjoH99 +cBoAp5QJPsH1irxGEeike72110vj6Iv9DfskJTEL+/UPELbYfIH/qiHtWbZ1XgfZ +6o2mufeGHj/nLjicch/zf1gSB0t5phek8WVBGuuAmkNZm/9/LW4XQMFdBzjJvKji +8N0BCI/gwhYJCSsmfOZN6jwvMaF6aPKE+6CcjMfy7lCesf9DuKcjzmYrQMW/WR1S +hFnadD3wOo9jrT7yBck6oMkB/j2gYG/rq0pANmQx3fAfr+AP7slJFHe7zNxoGRIj +5TFrgPQW3ZcVFVMjnj2hGWC2n3zRTVhfYD1B25YzY+vXp6hB5g2iWpL0WkxWI8AV +vDFuiDNuusVXX5MkMv43ewL044DCZYFM9C9A0rISNeAUQpjDB8bAXnwib9Hu8za7 +Tl8/hNc6rYjY5uAr9lqaqhl8+cYJO5AU8UCiHtPKovKu5iYoJaqTeg8U014cv1AL +catgUf+vLa84bzPwhWung5PBasB2L7XWHC5yi4NuwyMgzW26RhbSt7o7spRAyrY9 +WPwBjf+JKstPB3NoPHCPZa4E5G64d1hLvYbNfJYAWCyKytskx3JOylU9aPsW+7yN +a7xgPeq2Kg32eIimbtIJaObB8f1F/o4g5XvOhVhqIx8OxFWkWsahHcl2fkw++pTt +vg== +-----END CERTIFICATE----- diff --git a/CA/certs/firma2.sv.crt b/CA/certs/firma2.sv.crt new file mode 100644 index 0000000..07a3c8e --- /dev/null +++ b/CA/certs/firma2.sv.crt @@ -0,0 +1,103 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 69 (0x45) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv + Validity + Not Before: Oct 17 06:50:35 2024 GMT + Not After : Oct 17 06:50:35 2025 GMT + Subject: CN=firma2.sv + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c4:52:f8:99:a8:d0:c2:c7:38:c7:07:13:48:4e: + 90:1e:dd:77:9c:63:ed:4d:f9:ee:1a:3c:2a:32:fa: + 67:3d:66:da:17:07:21:c2:94:2a:06:9e:da:7b:59: + ce:96:f5:48:e7:47:5f:4d:80:23:69:10:c7:5e:29: + 3c:11:22:44:db:5f:bf:4d:04:37:08:2f:df:d6:1f: + 5e:af:32:77:64:b1:52:4d:bf:96:30:cf:9c:db:ce: + c4:c4:f3:00:db:92:53:37:92:6e:bf:94:f5:97:e9: + cf:6c:07:76:4b:4d:97:58:c4:c4:9a:4a:36:80:bd: + dc:cd:7e:d4:3b:f0:fd:f0:89:e2:21:ef:d6:27:c0: + 26:1c:1f:7f:21:7a:96:1f:0d:99:63:47:20:d4:b8: + f6:68:be:8c:24:cf:fe:f6:90:fb:f9:d1:d1:4b:b5: + 4d:ec:04:96:d8:06:c8:e8:3c:f8:39:ee:94:7e:1f: + f8:74:2c:df:60:97:37:4c:cc:3a:98:9e:21:f0:9b: + 9a:7a:7a:a4:19:d9:2b:07:7d:4c:95:ca:dd:4e:e7: + 3b:a9:d6:af:a8:cf:35:ff:fe:32:d2:21:20:ab:95: + 11:1a:20:b0:97:21:77:50:e7:25:7f:17:67:30:2c: + 74:f3:ea:19:f4:94:73:3a:4a:07:f1:19:f4:18:59: + 8f:1f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + A4:7D:5A:AE:F2:08:5C:FD:C4:A1:63:F1:4E:A2:9E:4B:7B:F8:22:C3 + X509v3 Authority Key Identifier: + 98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94 + X509v3 Subject Alternative Name: + DNS:firma2.sv, DNS:www.firma2.sv + X509v3 Key Usage: + Digital Signature, Non Repudiation, Key Encipherment + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 70:73:cd:f4:ae:26:01:07:61:46:32:52:33:3b:69:04:09:4a: + bd:0d:9a:96:ee:a4:91:f9:67:6c:13:99:e2:c8:e4:19:b5:e6: + aa:fc:28:24:74:33:f1:d8:3f:4f:29:b9:ec:79:81:1a:22:b5: + 5c:c1:bd:55:f2:2b:b5:e3:72:76:68:d6:09:41:4f:0a:0c:1d: + ff:09:67:33:16:b9:6e:f2:fb:40:f3:69:3c:cb:64:82:97:89: + a8:de:94:9a:1c:91:38:20:66:d3:43:4d:25:c1:29:b2:ea:ff: + 4d:34:72:12:f0:a4:14:e3:6d:04:f6:a3:f7:22:5b:e8:13:e1: + 75:0c:a1:82:87:69:75:4b:7d:5b:92:75:ff:00:ef:cd:ca:4d: + 9e:4d:3a:a1:1a:18:5c:8b:15:a7:16:be:01:a7:56:f0:3d:72: + f1:97:09:83:82:f6:a2:e3:ee:ba:73:77:49:66:19:1b:1d:13: + fb:ef:b9:2f:87:5a:ad:32:27:cd:cf:9b:87:45:0a:95:fd:21: + 2b:d3:14:9e:60:27:ec:f2:87:e1:92:6c:ef:f7:e1:30:b5:71: + 66:d5:5a:4d:88:7e:fb:de:67:7c:e6:4d:e2:5e:fc:cb:62:8f: + 13:3c:07:3b:b2:af:3b:80:31:62:9b:34:f4:cb:a5:a8:cb:d6: + 07:83:72:d8:fd:5b:ef:c6:aa:74:a9:fa:6e:f7:ab:b7:b3:fa: + 78:67:a7:63:3e:30:04:c1:fe:60:00:eb:3e:db:25:0a:7d:ed: + ba:e5:d2:60:6e:dc:1b:34:71:7d:e5:18:0d:ae:c6:83:09:72: + 4d:7d:b4:58:d6:6e:5b:89:1b:f9:d1:18:9c:87:19:60:ed:f6: + b7:5b:1c:37:ea:91:94:0e:b3:31:c2:46:24:e7:4d:a6:73:32: + c0:c4:87:f2:b5:21:60:01:03:83:39:10:2b:e9:29:1b:3d:8b: + e8:c3:b5:99:8e:0d:37:94:e4:0f:b0:19:fd:04:e8:c1:a9:1c: + 7e:b4:17:50:8a:b2:59:5b:ee:cf:40:4c:59:fc:2c:a7:a0:2c: + ac:22:f3:72:30:47:4e:1a:24:04:64:20:8b:49:5f:2d:78:45: + 84:91:09:5b:e0:e4:b3:5b:ca:5f:8b:39:c5:00:38:95:71:7b: + da:09:4a:ed:49:76:b1:12:58:02:92:68:d6:2e:68:21:f5:5f: + 40:3a:38:ed:d2:08:82:c0:60:3a:ae:22:6f:cd:5f:0c:a1:e9: + 2c:e0:6b:f0:88:5f:c1:9e:eb:68:c8:95:77:93:21:f5:06:54: + 5c:91:af:c8:b1:3a:1e:b2:8e:c4:69:74:66:bd:95:84:a2:bf: + d4:66:3e:34:3e:4e:03:91 +-----BEGIN CERTIFICATE----- +MIIErTCCApWgAwIBAgIBRTANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx +EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI +dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp +bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2 +MB4XDTI0MTAxNzA2NTAzNVoXDTI1MTAxNzA2NTAzNVowFDESMBAGA1UEAwwJZmly +bWEyLnN2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFL4majQwsc4 +xwcTSE6QHt13nGPtTfnuGjwqMvpnPWbaFwchwpQqBp7ae1nOlvVI50dfTYAjaRDH +Xik8ESJE21+/TQQ3CC/f1h9erzJ3ZLFSTb+WMM+c287ExPMA25JTN5Juv5T1l+nP +bAd2S02XWMTEmko2gL3czX7UO/D98IniIe/WJ8AmHB9/IXqWHw2ZY0cg1Lj2aL6M +JM/+9pD7+dHRS7VN7ASW2AbI6Dz4Oe6Ufh/4dCzfYJc3TMw6mJ4h8JuaenqkGdkr +B31MlcrdTuc7qdavqM81//4y0iEgq5URGiCwlyF3UOclfxdnMCx08+oZ9JRzOkoH +8Rn0GFmPHwIDAQABo38wfTAJBgNVHRMEAjAAMB0GA1UdDgQWBBSkfVqu8ghc/cSh +Y/FOop5Le/giwzAfBgNVHSMEGDAWgBSYcz6WhMBDFKaXpKjy6Dy8ICBnlDAjBgNV +HREEHDAagglmaXJtYTIuc3aCDXd3dy5maXJtYTIuc3YwCwYDVR0PBAQDAgXgMA0G +CSqGSIb3DQEBCwUAA4ICAQBwc830riYBB2FGMlIzO2kECUq9DZqW7qSR+WdsE5ni +yOQZteaq/CgkdDPx2D9PKbnseYEaIrVcwb1V8iu143J2aNYJQU8KDB3/CWczFrlu +8vtA82k8y2SCl4mo3pSaHJE4IGbTQ00lwSmy6v9NNHIS8KQU420E9qP3IlvoE+F1 +DKGCh2l1S31bknX/AO/Nyk2eTTqhGhhcixWnFr4Bp1bwPXLxlwmDgvai4+66c3dJ +ZhkbHRP777kvh1qtMifNz5uHRQqV/SEr0xSeYCfs8ofhkmzv9+EwtXFm1VpNiH77 +3md85k3iXvzLYo8TPAc7sq87gDFimzT0y6Woy9YHg3LY/Vvvxqp0qfpu96u3s/p4 +Z6djPjAEwf5gAOs+2yUKfe265dJgbtwbNHF95RgNrsaDCXJNfbRY1m5biRv50Ric +hxlg7fa3Wxw36pGUDrMxwkYk502mczLAxIfytSFgAQODORAr6SkbPYvow7WZjg03 +lOQPsBn9BOjBqRx+tBdQirJZW+7PQExZ/CynoCysIvNyMEdOGiQEZCCLSV8teEWE +kQlb4OSzW8pfiznFADiVcXvaCUrtSXaxElgCkmjWLmgh9V9AOjjt0giCwGA6riJv +zV8Moeks4GvwiF/BnutoyJV3kyH1BlRcka/IsToeso7EaXRmvZWEor/UZj40Pk4D +kQ== +-----END CERTIFICATE----- diff --git a/CA/certs/ipbased.sv.crt b/CA/certs/ipbased.sv.crt new file mode 100644 index 0000000..828a00a --- /dev/null +++ b/CA/certs/ipbased.sv.crt @@ -0,0 +1,103 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 67 (0x43) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv + Validity + Not Before: Oct 17 06:50:34 2024 GMT + Not After : Oct 17 06:50:34 2025 GMT + Subject: CN=ipbased.sv + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c3:e1:da:71:92:5b:43:80:94:84:0e:ee:eb:8d: + d5:07:82:59:12:7a:21:c9:8b:89:fe:dc:70:1b:81: + f3:72:b2:b1:1e:40:98:1f:48:b9:bb:c6:11:ef:c6: + de:80:d2:88:f3:98:2b:b4:b2:62:b1:86:66:04:9f: + 1a:63:05:9b:5f:1b:b6:2b:37:ce:07:16:54:ed:63: + 72:8b:82:ad:59:b7:86:63:da:f2:2b:31:6a:f6:f5: + d4:fc:b3:bd:c4:e3:f7:ef:7a:cf:2a:a3:8e:54:9d: + d1:79:19:55:c2:f9:ce:9d:50:52:cd:70:fb:d5:9b: + 1d:b9:8b:57:ca:26:ce:18:8b:a2:89:d1:0f:2c:4e: + f1:f8:b2:8a:2f:21:f5:8d:88:89:f2:46:ee:2f:d6: + d4:8b:4c:8b:15:5c:36:79:b8:ec:62:8a:97:51:61: + a8:ee:94:b2:3a:bc:35:d5:87:52:b2:70:c0:a4:86: + d4:2e:75:df:22:a7:f2:6d:25:55:4b:06:d7:c5:d8: + 6f:a9:d0:5e:1f:60:a7:1a:e8:ec:b3:66:2c:73:9d: + 33:33:56:e7:28:d3:b8:da:52:c2:4e:7b:d8:d8:3e: + 12:e8:5d:29:0b:6f:09:ee:d8:f1:d3:0d:e1:15:c9: + 8e:73:5d:f2:1e:2a:3c:15:16:20:db:0d:5b:03:f6: + 7b:9d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + AE:29:15:C3:1A:2E:A1:2D:8F:E1:43:72:EB:0E:47:EA:96:CE:D3:A0 + X509v3 Authority Key Identifier: + 98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94 + X509v3 Subject Alternative Name: + DNS:ipbased.sv, DNS:www.ipbased.sv + X509v3 Key Usage: + Digital Signature, Non Repudiation, Key Encipherment + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 92:4a:92:9d:12:0e:14:fb:36:0a:bd:4e:6b:a2:7f:41:81:d5: + b8:bb:e6:68:23:0d:47:24:de:a8:01:98:08:e3:d2:6d:09:8b: + e6:d5:c2:25:52:c6:6c:82:46:fe:66:9b:2c:6c:f2:b2:ca:93: + de:74:b9:42:95:3e:f8:60:86:32:49:29:d8:c9:11:46:e9:2a: + ef:3f:1c:05:63:6a:de:d9:53:32:c5:4b:34:05:5d:ad:27:6e: + d6:e3:d3:79:ab:6d:e5:28:f1:dd:2c:aa:c9:1c:04:7f:b1:f1: + d1:12:a3:0b:4c:b4:dc:5d:3f:bb:cb:df:60:0d:0f:22:20:d1: + 43:80:3e:cc:e7:bc:01:c4:4c:08:3e:2c:9d:3e:0b:6b:b2:68: + 8d:94:1f:ad:dd:9f:6a:6a:ef:b4:8b:56:21:07:f0:69:b4:31: + 3d:80:dd:27:86:c2:57:21:54:6a:f0:c2:bf:88:04:d5:11:97: + 6b:a8:c0:f8:9f:dc:0a:63:f9:22:55:e5:71:58:dc:88:25:e5: + 7e:ed:43:44:37:f5:35:7e:e6:1d:49:f2:32:f0:6f:0b:f3:45: + 61:11:52:47:e9:42:32:2f:2c:96:0d:98:6d:92:e6:dd:a9:17: + 67:f9:8f:ad:45:c1:6c:33:31:c4:ff:ca:25:fe:50:64:44:3a: + e2:a0:ea:3c:de:1b:2f:8a:7f:05:fa:12:04:f3:1a:40:52:87: + b5:ed:99:b1:7c:c8:df:de:bf:0a:54:b4:f9:2d:89:47:85:10: + 21:53:f6:00:2a:7d:1f:9d:1f:05:10:a6:72:3b:7f:e1:01:0c: + 63:79:10:7b:b3:dc:84:31:3b:4a:58:7a:37:4f:ea:01:bd:8a: + ea:19:b6:88:2c:fb:1a:8b:6c:a4:66:2b:8c:fc:76:23:00:2c: + 5c:ce:fd:19:91:d5:18:a7:0f:8b:e7:59:7c:b8:d0:13:e8:bd: + 9d:ea:d8:a9:85:2f:b8:f7:60:5a:2f:56:ba:98:98:44:a6:6a: + 46:97:4d:66:f9:b8:ec:62:8d:52:02:e4:e7:42:8c:1b:5e:36: + 90:ed:95:ce:35:e6:c1:81:88:13:0a:ad:0f:e7:39:a2:be:ea: + 56:b2:a4:9e:7d:e5:99:44:2f:10:e0:b3:df:dc:25:4a:c1:35: + c4:17:fa:36:c2:2c:0d:01:b3:61:33:65:71:25:a8:a4:50:e2: + 1c:25:32:35:7d:9a:bf:de:b4:13:1b:70:bf:b6:94:7f:7f:31: + 0a:85:ae:f3:a7:71:f7:8d:28:7a:5f:a1:64:8e:9d:8c:8e:02: + 62:83:6a:c9:dd:66:0c:10:bb:88:cd:4f:d6:58:2f:2a:a5:13: + f3:06:c0:20:1e:fe:b9:63 +-----BEGIN CERTIFICATE----- +MIIEsTCCApmgAwIBAgIBQzANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx +EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI +dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp +bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2 +MB4XDTI0MTAxNzA2NTAzNFoXDTI1MTAxNzA2NTAzNFowFTETMBEGA1UEAwwKaXBi +YXNlZC5zdjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMPh2nGSW0OA +lIQO7uuN1QeCWRJ6IcmLif7ccBuB83KysR5AmB9IubvGEe/G3oDSiPOYK7SyYrGG +ZgSfGmMFm18btis3zgcWVO1jcouCrVm3hmPa8isxavb11PyzvcTj9+96zyqjjlSd +0XkZVcL5zp1QUs1w+9WbHbmLV8omzhiLoonRDyxO8fiyii8h9Y2IifJG7i/W1ItM +ixVcNnm47GKKl1FhqO6Usjq8NdWHUrJwwKSG1C513yKn8m0lVUsG18XYb6nQXh9g +pxro7LNmLHOdMzNW5yjTuNpSwk572Ng+EuhdKQtvCe7Y8dMN4RXJjnNd8h4qPBUW +INsNWwP2e50CAwEAAaOBgTB/MAkGA1UdEwQCMAAwHQYDVR0OBBYEFK4pFcMaLqEt +j+FDcusOR+qWztOgMB8GA1UdIwQYMBaAFJhzPpaEwEMUppekqPLoPLwgIGeUMCUG +A1UdEQQeMByCCmlwYmFzZWQuc3aCDnd3dy5pcGJhc2VkLnN2MAsGA1UdDwQEAwIF +4DANBgkqhkiG9w0BAQsFAAOCAgEAkkqSnRIOFPs2Cr1Oa6J/QYHVuLvmaCMNRyTe +qAGYCOPSbQmL5tXCJVLGbIJG/mabLGzyssqT3nS5QpU++GCGMkkp2MkRRukq7z8c +BWNq3tlTMsVLNAVdrSdu1uPTeatt5Sjx3SyqyRwEf7Hx0RKjC0y03F0/u8vfYA0P +IiDRQ4A+zOe8AcRMCD4snT4La7JojZQfrd2famrvtItWIQfwabQxPYDdJ4bCVyFU +avDCv4gE1RGXa6jA+J/cCmP5IlXlcVjciCXlfu1DRDf1NX7mHUnyMvBvC/NFYRFS +R+lCMi8slg2YbZLm3akXZ/mPrUXBbDMxxP/KJf5QZEQ64qDqPN4bL4p/BfoSBPMa +QFKHte2ZsXzI396/ClS0+S2JR4UQIVP2ACp9H50fBRCmcjt/4QEMY3kQe7PchDE7 +Slh6N0/qAb2K6hm2iCz7GotspGYrjPx2IwAsXM79GZHVGKcPi+dZfLjQE+i9nerY +qYUvuPdgWi9WupiYRKZqRpdNZvm47GKNUgLk50KMG142kO2VzjXmwYGIEwqtD+c5 +or7qVrKknn3lmUQvEOCz39wlSsE1xBf6NsIsDQGzYTNlcSWopFDiHCUyNX2av960 +Extwv7aUf38xCoWu86dx940oel+hZI6djI4CYoNqyd1mDBC7iM1P1lgvKqUT8wbA +IB7+uWM= +-----END CERTIFICATE----- diff --git a/CA/certs/localhost.crt b/CA/certs/localhost.crt new file mode 100644 index 0000000..4c4b451 --- /dev/null +++ b/CA/certs/localhost.crt @@ -0,0 +1,103 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 66 (0x42) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv + Validity + Not Before: Oct 17 06:50:34 2024 GMT + Not After : Oct 17 06:50:34 2025 GMT + Subject: CN=localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c6:27:4a:7c:cc:37:65:a8:1c:58:7f:07:b7:14: + a1:41:6e:72:21:1c:b9:7b:07:f1:a3:c4:61:3f:4a: + c4:56:92:42:ea:3e:f8:5c:ca:71:20:2e:23:44:00: + 2e:f6:30:23:d3:3b:ef:f7:22:02:d3:28:21:49:45: + 50:43:cf:b1:49:b2:25:63:5e:79:0c:c6:1f:2e:89: + 95:6d:40:19:45:33:48:bc:4c:a8:e5:00:d0:63:66: + 2c:66:ce:7b:7a:d9:70:f8:45:f6:60:ad:1b:5e:25: + 15:78:a9:d2:a3:e3:bd:4f:73:7e:e0:09:ba:f0:f5: + f4:14:f8:39:82:8f:6d:30:d1:05:f6:6e:41:e5:50: + 28:80:2f:69:72:3b:d1:dd:3b:6f:25:dd:b9:eb:02: + 36:60:7e:56:04:a1:aa:25:61:7c:38:b9:3d:3d:93: + 4b:0a:80:8a:52:ec:c8:76:7f:6a:19:44:84:cf:b9: + f0:4e:0f:9e:51:39:6f:fd:f2:46:4f:ab:3a:12:a5: + 15:a7:2a:7e:4b:52:6f:f4:ad:c2:97:44:1e:c6:d8: + 63:55:83:f7:23:4c:65:8c:c2:9a:1f:34:64:92:23: + 49:7e:77:9f:b9:0d:7f:fe:08:71:ac:e9:12:d1:8a: + 7b:58:68:91:f2:c2:0d:a7:91:20:74:1f:f8:c1:1d: + 44:2b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + A4:6C:31:0A:60:12:EC:45:A8:D1:41:65:88:35:F7:E4:CD:C8:67:F9 + X509v3 Authority Key Identifier: + 98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94 + X509v3 Subject Alternative Name: + DNS:localhost, DNS:www.localhost, DNS:127.0.0.1 + X509v3 Key Usage: + Digital Signature, Non Repudiation, Key Encipherment + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 85:46:99:83:09:a2:20:45:34:2d:d0:ca:21:20:ff:da:90:4e: + 1a:b4:0a:1f:24:4e:a2:5b:5e:29:43:ee:03:ff:b0:41:ad:dc: + 3a:53:1a:25:c0:08:ea:eb:ce:76:aa:c9:b3:7e:46:3c:dd:ff: + 13:98:9a:53:fd:f7:60:8b:d8:4b:4d:8f:70:e1:5d:1f:de:7a: + 62:70:2f:7b:c0:5d:1c:93:b7:9c:1e:d6:36:88:53:2a:f7:e5: + a1:71:21:e3:d8:e1:6b:14:ed:d7:3d:ea:78:b8:a6:7c:53:87: + b6:27:a2:50:d8:f3:21:0d:0b:48:e9:e0:cb:e1:21:16:52:de: + e7:ab:a5:31:e3:dc:82:b3:68:fc:9c:4a:7d:bd:1e:70:5c:81: + da:80:ac:65:e8:7f:5e:c5:86:2d:ed:3b:af:fa:5c:b2:cb:5a: + 20:9a:50:ab:36:99:88:33:2a:9a:ad:4a:a4:be:e9:8a:05:2f: + 80:6e:c2:d8:5d:35:38:d9:8a:2d:42:45:15:bc:35:4c:01:b1: + a8:27:7d:8d:14:f2:bc:56:c0:59:bf:2f:6a:db:fd:94:92:a2: + ff:3e:d1:d4:3c:c8:66:2b:2a:d8:97:1e:8b:ab:9b:50:71:05: + 0f:84:b8:52:31:a2:bc:19:93:e0:d5:1f:e4:06:fb:24:ad:21: + 2d:df:ee:85:cc:09:1d:4b:0d:69:93:9b:18:ae:bb:84:88:cb: + a6:0d:18:40:af:05:53:29:41:1d:5c:2e:2d:57:73:55:67:fe: + 36:6c:7d:cf:20:c0:b3:16:60:49:6c:78:08:54:7f:87:15:24: + b2:9a:27:44:b9:cf:d7:41:33:3b:bd:c9:dd:d0:fb:5a:f2:1c: + c7:79:fe:5a:34:79:62:3d:4c:9f:bb:8c:45:52:34:c6:fa:2e: + f4:16:9a:49:6d:35:ea:65:6b:1e:08:ab:dd:b1:9d:d4:43:97: + 74:c0:fb:00:51:ee:7e:49:31:d0:ea:cb:9e:f7:4e:fb:b8:fa: + 4d:92:c4:cf:72:92:6c:49:7c:94:a6:a5:f8:a4:f4:95:2c:df: + e6:58:36:7c:22:2c:13:d8:c4:45:cd:68:69:9a:0c:a1:8e:04: + 02:d1:fc:f0:bf:3c:1b:7e:b4:63:87:dc:ff:1b:08:84:01:b8: + 75:00:fa:75:c3:92:4e:82:c4:88:1d:be:94:9e:a9:fd:6c:33: + 31:22:3f:e8:fc:93:de:a7:c9:d4:ac:7f:99:a2:e1:44:c0:8b: + 44:f4:1f:61:aa:a4:fb:03:b5:d4:fa:5f:ca:b0:96:8a:1f:65: + 80:3d:ab:cd:b9:fd:3b:ce:27:b7:98:d5:22:ca:57:65:b1:40: + 75:d4:72:6d:d9:cd:fa:dc +-----BEGIN CERTIFICATE----- +MIIEujCCAqKgAwIBAgIBQjANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx +EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI +dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp +bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2 +MB4XDTI0MTAxNzA2NTAzNFoXDTI1MTAxNzA2NTAzNFowFDESMBAGA1UEAwwJbG9j +YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxidKfMw3Zagc +WH8HtxShQW5yIRy5ewfxo8RhP0rEVpJC6j74XMpxIC4jRAAu9jAj0zvv9yIC0ygh +SUVQQ8+xSbIlY155DMYfLomVbUAZRTNIvEyo5QDQY2YsZs57etlw+EX2YK0bXiUV +eKnSo+O9T3N+4Am68PX0FPg5go9tMNEF9m5B5VAogC9pcjvR3TtvJd256wI2YH5W +BKGqJWF8OLk9PZNLCoCKUuzIdn9qGUSEz7nwTg+eUTlv/fJGT6s6EqUVpyp+S1Jv +9K3Cl0QexthjVYP3I0xljMKaHzRkkiNJfnefuQ1//ghxrOkS0Yp7WGiR8sINp5Eg +dB/4wR1EKwIDAQABo4GLMIGIMAkGA1UdEwQCMAAwHQYDVR0OBBYEFKRsMQpgEuxF +qNFBZYg19+TNyGf5MB8GA1UdIwQYMBaAFJhzPpaEwEMUppekqPLoPLwgIGeUMC4G +A1UdEQQnMCWCCWxvY2FsaG9zdIINd3d3LmxvY2FsaG9zdIIJMTI3LjAuMC4xMAsG +A1UdDwQEAwIF4DANBgkqhkiG9w0BAQsFAAOCAgEAhUaZgwmiIEU0LdDKISD/2pBO +GrQKHyROolteKUPuA/+wQa3cOlMaJcAI6uvOdqrJs35GPN3/E5iaU/33YIvYS02P +cOFdH956YnAve8BdHJO3nB7WNohTKvfloXEh49jhaxTt1z3qeLimfFOHtieiUNjz +IQ0LSOngy+EhFlLe56ulMePcgrNo/JxKfb0ecFyB2oCsZeh/XsWGLe07r/pcssta +IJpQqzaZiDMqmq1KpL7pigUvgG7C2F01ONmKLUJFFbw1TAGxqCd9jRTyvFbAWb8v +atv9lJKi/z7R1DzIZisq2Jcei6ubUHEFD4S4UjGivBmT4NUf5Ab7JK0hLd/uhcwJ +HUsNaZObGK67hIjLpg0YQK8FUylBHVwuLVdzVWf+Nmx9zyDAsxZgSWx4CFR/hxUk +sponRLnP10EzO73J3dD7WvIcx3n+WjR5Yj1Mn7uMRVI0xvou9BaaSW016mVrHgir +3bGd1EOXdMD7AFHufkkx0OrLnvdO+7j6TZLEz3KSbEl8lKal+KT0lSzf5lg2fCIs +E9jERc1oaZoMoY4EAtH88L88G360Y4fc/xsIhAG4dQD6dcOSToLEiB2+lJ6p/Wwz +MSI/6PyT3qfJ1Kx/maLhRMCLRPQfYaqk+wO11PpfyrCWih9lgD2rzbn9O84nt5jV +IspXZbFAddRybdnN+tw= +-----END CERTIFICATE----- diff --git a/CA/csrs/firma1.sv.csr b/CA/csrs/firma1.sv.csr new file mode 100644 index 0000000..399e68b --- /dev/null +++ b/CA/csrs/firma1.sv.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICpzCCAY8CAQAwFDESMBAGA1UEAwwJZmlybWExLnN2MIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAiApNrkP4XuYWESce5Xa37jBprZzJcIzBbNaQvnQr +n454Db4F6cr38pljXRrXjkwxEQcpHnrPV/f9jdEZhdO86ojj72rnqCVk08WYLL9L +YZez82DPZzY/pK7mXTk570po0oGF1A7Ohjfd9ia91rlD94aBj8Uh3wdwg+bEfrn1 +CzZTCGRoEEc7NxBdZ14BNExADj1SHcQtqdmZ2qkqT8xQ2RN1pmth7GxBj2XdG4wQ +XRY33/WT9evveKxRlVbzFFSu5CpPU4pIS8v91ocdaSBlCJRBBz5RwpFywLoaLX4k +zIscbWq7nHAFXGBVwY2NIjwqKUgKItAz6YFzLgMO4ktbrQIDAQABoE4wTAYJKoZI +hvcNAQkOMT8wPTAjBgNVHREEHDAagglmaXJtYTEuc3aCDXd3dy5maXJtYTEuc3Yw +CQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwDQYJKoZIhvcNAQELBQADggEBADUJAHJ+ +qpBj5JLfb9H0jyGgn1p3MgAWEz21jXtE5/lQ1YrFQdDQC5rJX/gsiUmC5c3wymEO +yYTc0jQakCKDikLVjtAJ7KHiz3nhlt26v0O5by5qhd0PMn8pbcbqwQCjB4CtveAY +LlYpfukrDgs0udhqY41Qag766+4u7onwtasAMigQMXa4Z8j0c+Uf8I8GDhc6vKdg +DZKCbD2GvTk/2tlZt/2nAdgdrTAGaXIrGHdZTy1CRO0K0X5BtrHXbP3LdkkDct/F +HrapHsjXj3l05wynzvtyaOFLR427bXUxEs/9UO5OsRmx1nIhr/n4zSHlSHQpRFRC +aYB67GAdfLK97PE= +-----END CERTIFICATE REQUEST----- diff --git a/CA/csrs/firma2.sv.csr b/CA/csrs/firma2.sv.csr new file mode 100644 index 0000000..a53f742 --- /dev/null +++ b/CA/csrs/firma2.sv.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICpzCCAY8CAQAwFDESMBAGA1UEAwwJZmlybWEyLnN2MIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAxFL4majQwsc4xwcTSE6QHt13nGPtTfnuGjwqMvpn +PWbaFwchwpQqBp7ae1nOlvVI50dfTYAjaRDHXik8ESJE21+/TQQ3CC/f1h9erzJ3 +ZLFSTb+WMM+c287ExPMA25JTN5Juv5T1l+nPbAd2S02XWMTEmko2gL3czX7UO/D9 +8IniIe/WJ8AmHB9/IXqWHw2ZY0cg1Lj2aL6MJM/+9pD7+dHRS7VN7ASW2AbI6Dz4 +Oe6Ufh/4dCzfYJc3TMw6mJ4h8JuaenqkGdkrB31MlcrdTuc7qdavqM81//4y0iEg +q5URGiCwlyF3UOclfxdnMCx08+oZ9JRzOkoH8Rn0GFmPHwIDAQABoE4wTAYJKoZI +hvcNAQkOMT8wPTAjBgNVHREEHDAagglmaXJtYTIuc3aCDXd3dy5maXJtYTIuc3Yw +CQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwDQYJKoZIhvcNAQELBQADggEBAGQcRu7q +rspdZu/X63bEH9kwdzkjinIUbS17Dr4SvaLEIhvC9adT3fuzFt0cfZFK2pJO9W6P +SEJOqNU/jW+digYh6zZYHCr79FPzR8dEsRLCHITmJ/W/F2E+zG/+0zUuzMNIYkmv +20FJYsNGjBuDUi2uOd1t2kOqksHdsndVOqPGyCm/Nc7w/HkoBJGcrhOWPlsqek1K +fS7+jAFhhV3i/ZBYlersRWcjbW4ZXkQ88b/C0g0Kx+rqODU4iC9Qq8ixLXmskq3L +XuE1lBvas38EDGjO6+hyKw5Kc+G6bPWOT4dQxG+B7CH1JJKc/w/QjRGIph26hRYH +nX6Y/cNkB3AnAy4= +-----END CERTIFICATE REQUEST----- diff --git a/CA/csrs/ipbased.sv.csr b/CA/csrs/ipbased.sv.csr new file mode 100644 index 0000000..3ce4063 --- /dev/null +++ b/CA/csrs/ipbased.sv.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICqjCCAZICAQAwFTETMBEGA1UEAwwKaXBiYXNlZC5zdjCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAMPh2nGSW0OAlIQO7uuN1QeCWRJ6IcmLif7ccBuB +83KysR5AmB9IubvGEe/G3oDSiPOYK7SyYrGGZgSfGmMFm18btis3zgcWVO1jcouC +rVm3hmPa8isxavb11PyzvcTj9+96zyqjjlSd0XkZVcL5zp1QUs1w+9WbHbmLV8om +zhiLoonRDyxO8fiyii8h9Y2IifJG7i/W1ItMixVcNnm47GKKl1FhqO6Usjq8NdWH +UrJwwKSG1C513yKn8m0lVUsG18XYb6nQXh9gpxro7LNmLHOdMzNW5yjTuNpSwk57 +2Ng+EuhdKQtvCe7Y8dMN4RXJjnNd8h4qPBUWINsNWwP2e50CAwEAAaBQME4GCSqG +SIb3DQEJDjFBMD8wJQYDVR0RBB4wHIIKaXBiYXNlZC5zdoIOd3d3LmlwYmFzZWQu +c3YwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwDQYJKoZIhvcNAQELBQADggEBABe0 +9BF30ciyv5Zf738iQvDDrvhDiqBpq4nf+cL3M4Uz3OJwpkaVnXkv9qbephiop8es +JAQ0Du4dSLDxLRMYgkGUelIKGq0LP2aZKA59ag4Ne7iaMwLTZIiyYYAr222l8Kpt +bBkYf7ofMX68qdN379Nim9q275D1EGKgK0rCeGQiN/sVhvJuEek/baR4lX8jYbaP +dV3yJYFludzCtiBfsXHZctxvCuXCmvHDcONZi5v0iQhi6XP6GtlqwV25Ve45Vs1I +96Vc8RI8dH1Ms49dHTrKBVCBiW/iD8POU8XSn/mRQSqISV/rUy3FJfXtcKb6FRr1 +4IBF+1r3kN/GA0F0Ms0= +-----END CERTIFICATE REQUEST----- diff --git a/CA/csrs/localhost.csr b/CA/csrs/localhost.csr new file mode 100644 index 0000000..8199669 --- /dev/null +++ b/CA/csrs/localhost.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICsjCCAZoCAQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAxidKfMw3ZagcWH8HtxShQW5yIRy5ewfxo8RhP0rE +VpJC6j74XMpxIC4jRAAu9jAj0zvv9yIC0yghSUVQQ8+xSbIlY155DMYfLomVbUAZ +RTNIvEyo5QDQY2YsZs57etlw+EX2YK0bXiUVeKnSo+O9T3N+4Am68PX0FPg5go9t +MNEF9m5B5VAogC9pcjvR3TtvJd256wI2YH5WBKGqJWF8OLk9PZNLCoCKUuzIdn9q +GUSEz7nwTg+eUTlv/fJGT6s6EqUVpyp+S1Jv9K3Cl0QexthjVYP3I0xljMKaHzRk +kiNJfnefuQ1//ghxrOkS0Yp7WGiR8sINp5EgdB/4wR1EKwIDAQABoFkwVwYJKoZI +hvcNAQkOMUowSDAuBgNVHREEJzAlgglsb2NhbGhvc3SCDXd3dy5sb2NhbGhvc3SC +CTEyNy4wLjAuMTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQsF +AAOCAQEAf7Oi4jgkU3uBqXSCrJvTs+nv4tT14HL/ScKKh+RDrhGvaao2CKLGW+LE +sjo7YpesmmlxXwEPyfwH5yUKTEQqwb15vHlD25HZ3KUJbbAbj46KXrdQCOCVS7JA +IugiiVDgyRLmCy6dkyOmgZO4UjOK7wwbQ1arB/+5g99b7yeAgPtPWyaBXm3fqCoV +vbt6yCItFvdMb3JODqkIQJDoiFo1eGDlZZgUT93sdij+XwKgUHRjMslyV0vaP6Jm +rEsptYVj7CegAebTE3JYMeeWFYfrXcB61o2LgXUjl5/MdZYJ2NutTuesM1byLGQ+ +6UDgkwO5+r8vf8HtsOBH2SHYslmEDA== +-----END CERTIFICATE REQUEST----- diff --git a/CA/index.txt b/CA/index.txt new file mode 100644 index 0000000..d5223da --- /dev/null +++ b/CA/index.txt @@ -0,0 +1,4 @@ +V 251017065034Z 42 unknown /CN=localhost +V 251017065034Z 43 unknown /CN=ipbased.sv +V 251017065034Z 44 unknown /CN=firma1.sv +V 251017065035Z 45 unknown /CN=firma2.sv diff --git a/CA/index.txt.attr b/CA/index.txt.attr new file mode 100644 index 0000000..8f7e63a --- /dev/null +++ b/CA/index.txt.attr @@ -0,0 +1 @@ +unique_subject = yes diff --git a/CA/index.txt.attr.old b/CA/index.txt.attr.old new file mode 100644 index 0000000..8f7e63a --- /dev/null +++ b/CA/index.txt.attr.old @@ -0,0 +1 @@ +unique_subject = yes diff --git a/CA/index.txt.old b/CA/index.txt.old new file mode 100644 index 0000000..7a8048f --- /dev/null +++ b/CA/index.txt.old @@ -0,0 +1,3 @@ +V 251017065034Z 42 unknown /CN=localhost +V 251017065034Z 43 unknown /CN=ipbased.sv +V 251017065034Z 44 unknown /CN=firma1.sv diff --git a/CA/keys/firma1.sv.key b/CA/keys/firma1.sv.key new file mode 100644 index 0000000..dbee997 --- /dev/null +++ b/CA/keys/firma1.sv.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCICk2uQ/he5hYR +Jx7ldrfuMGmtnMlwjMFs1pC+dCufjngNvgXpyvfymWNdGteOTDERBykees9X9/2N +0RmF07zqiOPvaueoJWTTxZgsv0thl7PzYM9nNj+kruZdOTnvSmjSgYXUDs6GN932 +Jr3WuUP3hoGPxSHfB3CD5sR+ufULNlMIZGgQRzs3EF1nXgE0TEAOPVIdxC2p2Zna +qSpPzFDZE3Wma2HsbEGPZd0bjBBdFjff9ZP16+94rFGVVvMUVK7kKk9TikhLy/3W +hx1pIGUIlEEHPlHCkXLAuhotfiTMixxtaruccAVcYFXBjY0iPCopSAoi0DPpgXMu +Aw7iS1utAgMBAAECggEADK6VNkks1r/xT7ELbs3F8MT/nQkwODdO8tP/01lmFa5E +39cWmwhqW+nTuwK9FI1ix5kYyrgdKzC5qOZU0EaAZobTZObc6K5vu1RAzu8YWmU3 +h9k/DHqgrTwGyqsCjR2tLu6XKMEmnJmJriBHc0R7IxCddGcmtLFvWkSBjeTNBLnt +bS8GBXNAvAt/4a8EaXTyY45n+Nz9aeKaK19eQ5QuLH4qzquJQOSn98vyjxYlNOh1 +E7o27VmaQirQcEgvx4hOLYc7kjHWo5FPlM7Cxy5LfSv3YLOXWM17fICH4COFbIJ6 +2nSwVqBQcQX9hpGB0m0ePN0w8YrIvrBWDvR44MlLuwKBgQDAYSVxGSi8ibtaDtft +26K8VjhdfcxDEC1UBRcwRqSG8v7r7Ml6cd5K6cmPhEutv6JpB7gg22Vx/PSC6cUg +TgSkQxla9ZbRkfbSg0LtvMxkMJyG17o5meduF48gEhpDJeBgdueDSaSjQSEfwhyt +AIirZaOT4oBtrb2NHW8YCVgSjwKBgQC1B3nUD+SEBy5XNHNMq1c0YJl50eVtETfz +X0zlRotLk/rhpGpohM2pBoiICunNsXmB3PEZCFwPVSpHbXc2iLaWdoS/F3nJl0lg +yYUxikz6RDPKqsA+GwLhUTGqXEeYUkJs0BYzIqSJiwCWHlI/8Xl5nGzYWtjS2Nou +H7lpH8ycAwKBgARiso3PewRBR4oYCIgdl6ofdQ18jqmAtufRbePl2F5TL8iFD1rB +OcYPak7hPzBoy/UE/geRuNBOaeyKE7pWzPhJp0xRiOyiHTRTVbVBto8aJJdWV6J0 +hbgWxWZ/wyWAuYq5azGs/hnSpESrEihHeNYfbQk0AqV9bnLHFv8/R0i1AoGAUN7H +GOoEnsqKdCCVRXHhoh9pUJdo04F2qj0vn9kUzy2LTRPjCVASg+jMQ2IEsoQPEOl/ +tzwZzCuymHgZYn5Oewb1JFy7Zkg0Wo2L9+adnsurC2WePeBZOAjKlB1nSm+tBukq +katvL5auK2HeQnyAVMiBg2GKLR780NARRxoSkLsCgYEAi8j9qcguUQgCkvQscvbs +kXcT6s2dZVeZF2kYCAGdJYJDPXRo7zRN3pcaoppORzhP1uvS2s8yUHo+wExNpwxo +49tzD68ig0I8QWhY7Ck9SOiokAg1V4+1EXtxtb3fY3HZqV7+mtceYtiZ2ocJGulA +RZ6uuFXyhl+CQFgApObMiRE= +-----END PRIVATE KEY----- diff --git a/CA/keys/firma2.sv.key b/CA/keys/firma2.sv.key new file mode 100644 index 0000000..641c6a4 --- /dev/null +++ b/CA/keys/firma2.sv.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDEUviZqNDCxzjH +BxNITpAe3XecY+1N+e4aPCoy+mc9ZtoXByHClCoGntp7Wc6W9UjnR19NgCNpEMde +KTwRIkTbX79NBDcIL9/WH16vMndksVJNv5Ywz5zbzsTE8wDbklM3km6/lPWX6c9s +B3ZLTZdYxMSaSjaAvdzNftQ78P3wieIh79YnwCYcH38hepYfDZljRyDUuPZovowk +z/72kPv50dFLtU3sBJbYBsjoPPg57pR+H/h0LN9glzdMzDqYniHwm5p6eqQZ2SsH +fUyVyt1O5zup1q+ozzX//jLSISCrlREaILCXIXdQ5yV/F2cwLHTz6hn0lHM6Sgfx +GfQYWY8fAgMBAAECggEAYYgOtNenDnzGeinLrIpLEupXN7x08d4OKb5mAHlhvKFS +C0qhvPa6ght80vbkqR4mH6/XarsT3GhXgzHdA24Q4yMH+Iz1gf22p7th4IujwMRO +7Q0W4hziAlkQa/+FF4/0A5Gdr1OjRtsDDtoOLI7Zd2IZgcUImqC4BubRLQ4mOc6H +ZoXN7B7H5BXEajBo3FKlXPIZi6OPeHAQtkflunU8ruWKf9sm5EblVjlOxMwoQi+d +BWExZ8uh9NfZQ/NwDTqR1pm8wzl9IS2W/b7i3GWKosFhPRu5XVt02XjDE/hDPuG2 +7q2mQ5r7jlyDs3+M/6piijNetbhrvQ1m3oNChldWgQKBgQDhZaSTeVxjiV88hBK5 +WPm3Z8fl5faz9uDj3NfXpBzDEr3rLnPI1aDddw3JoyoDy2gNFK05GLFqGg0vdqgR +FcoK89DSqNzXmeUZ++E4x/r2azstKVpm53qGDTmDr868g+xTnaWAR1HWl398mCVm +i+YAMA2Dq3V9+bwG6IY1567XvwKBgQDe+s9qnAxC/7e3mWus7h6QIgeFjbTSLa64 ++qwej146iX3pP5qRsDSArbWat+V7t8r9UOYK8YOHAq8YbcOC8DZN/K90QpqqpxbV +v6e1rND2kMwPBFq0uEw5ptTgmgQVP+qd7+9xJ69NXfV9d6jrv5B1xFWK6EXOEVI7 +IA4AspQgoQKBgDCQvxJLnv2PdubKKmKnaj77bJX7o9mJA1H1nshHAy+BFUzcWHRY +m228nkrpDj99D3FqGBzqViffbyHf9jygLkWH3WHWoqcN8NBVdmTOqiN4XWrQszri ++4JwzQiz097Iqh4mJKfsNhT/1adZ/Q0IbclykSbixdEcA0iVx31L619vAoGBAKl1 +FtjAixkH2gkwEYK03IlRM0IuNXNdwGFYMCJxdn0qLIRtD/0UWnJIkbFpfH+PaDcn +mgxLC1g5k/QOxvzlrX+LP5QtYfm7TkFXjA8nrQ8Vb98hwgWB4nwV68ZdhijYEGfD +BseKD1HOzFhz7e5sAU9ezFvqtdIrm8DPVZT2IljBAoGAFtnVPVoOpLp/2uGgVMOx +l+XEOC9uPXWowBAUTsfL+KKp8vvQzmWx2SvYf4wO7940F6kGjyaCujNBq0X0XHlV +0TO5nwjcgkQldrp7+ZFVz9D1KUJni1lhlo8jxnrSWS8RL5cB1s0AUtv95bACLN5e +UhKecT1lHRq2d3kcYMVE3KE= +-----END PRIVATE KEY----- diff --git a/CA/keys/ipbased.sv.key b/CA/keys/ipbased.sv.key new file mode 100644 index 0000000..3f90f4b --- /dev/null +++ b/CA/keys/ipbased.sv.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDD4dpxkltDgJSE +Du7rjdUHglkSeiHJi4n+3HAbgfNysrEeQJgfSLm7xhHvxt6A0ojzmCu0smKxhmYE +nxpjBZtfG7YrN84HFlTtY3KLgq1Zt4Zj2vIrMWr29dT8s73E4/fves8qo45UndF5 +GVXC+c6dUFLNcPvVmx25i1fKJs4Yi6KJ0Q8sTvH4soovIfWNiInyRu4v1tSLTIsV +XDZ5uOxiipdRYajulLI6vDXVh1KycMCkhtQudd8ip/JtJVVLBtfF2G+p0F4fYKca +6OyzZixznTMzVuco07jaUsJOe9jYPhLoXSkLbwnu2PHTDeEVyY5zXfIeKjwVFiDb +DVsD9nudAgMBAAECggEABHgYcwtnDCb4nHu3vUWW5O03KYoCT9Ygb6FpaGNCYe1M +R7erENmorS1TdvBHXtKO39nqs1x3jnvVw4i6wiQcW6Lm+Nz01SoQBXuFn0O7v0aF +6SzTZiNiQKCyu5JBQ+b8nujjJaKmKm2QXC41C/YFnga5YOkRQdogZz2T4u+YN6yb +sItUQfijUi/bcMSRsPQJaSPzmveecCGkGvpOZROEMQ1q3WJwy2G2BCrt3d504id8 +O2ipdde/wQxYddhJRP6eRXRpauKwoWRPOkWkgh0THBtfniQh/WVkxJ00W8Tl9ttG +AamUSy24vfasSsfK2IrUhxsITscM79lPPUxwZDF0UQKBgQDhXsSsmb9dKi2nR8Ee +tBZR+Sv9s+WZIbJbSvFiTAfZ8a35nl9Aoe848osr1lNGe+y+xJpxzgkOnNYyNesR +o2P87/+ozgG5JToZqChWrSXmrY4LLYip7icu8uNOdMlXjQy4UURto84TyfJ1vXvE +XRy89h7nioYlFsn7o15G0J/tsQKBgQDegR7S62+kwlUu0ENw7vq8+NRGD0Wch9mU +OiVs6riwEdJ8btva02ME92PszCuodv+N0DC4ENzaqKStvEHoApE3tCFOO+E3xlPR +GsXuXfs8thjKikdC6r1J/8BwY04i/+fizD4FMcfs0wjEr01DvhSv8XybERNhs07/ +fYGtEUBLrQKBgQCgzmfy5/k9Vp0goPhRGhpa/zm+WqBWtU54CW9Wvf1UKzgBxlkc +2u7AaX+YFeNxhXcVX178GREpVgsX5JUIDteHYQ/AuM1N+BwOtoeh4QYMJIYXv7Ol +3IIk47YBAx+u0rviwEndGWYvhIb2L++h2vZodgzzFUpGKI6SeK0KRk324QKBgQCo +P1KjgsvE9f2bjHeyqcKHqlA5OcsVddQctWsfVM2atZ9H4Dv21+kEFF1G7YwFsxXC +ki6EwJt/7A26IaRkX6yXRmn40maW2iz+7RPGDuKvIbLVVIJWI1JG5lEJqs2mwYMC +iBZNrzrR5TG4KCZwlwblk+D5EIxrUD7oCmtIBsdrcQKBgBGt6SiH9TFEaFjofmuf +VpEMuKE0n+pxzbt8JUK89I18tGEPLY+S0pMaMmYsbucPIgpp7DdG62Rmd4yq59JI +wQy3wYdTG2+n5L/zeWx/l0aixZSFh1sp5+LbAiBYLdbLp5GbtWlGNvw1cer0vJlc ++3VHcBpFxo2ZBEuIQPfwJit+ +-----END PRIVATE KEY----- diff --git a/CA/keys/localhost.key b/CA/keys/localhost.key new file mode 100644 index 0000000..01635fe --- /dev/null +++ b/CA/keys/localhost.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDGJ0p8zDdlqBxY +fwe3FKFBbnIhHLl7B/GjxGE/SsRWkkLqPvhcynEgLiNEAC72MCPTO+/3IgLTKCFJ +RVBDz7FJsiVjXnkMxh8uiZVtQBlFM0i8TKjlANBjZixmznt62XD4RfZgrRteJRV4 +qdKj471Pc37gCbrw9fQU+DmCj20w0QX2bkHlUCiAL2lyO9HdO28l3bnrAjZgflYE +oaolYXw4uT09k0sKgIpS7Mh2f2oZRITPufBOD55ROW/98kZPqzoSpRWnKn5LUm/0 +rcKXRB7G2GNVg/cjTGWMwpofNGSSI0l+d5+5DX/+CHGs6RLRintYaJHywg2nkSB0 +H/jBHUQrAgMBAAECgf8viUTOA1RcyVMK0fJNXDQ9QAOHjvJ7LqOLUftEN21e4lFB +KfAL+tyds3shawca6xnKVNTZuh9+VVkUnYiRl3E9XaeTMsKrjACImua2uOC2Koxw +rnb6pPktKH36vhkxyZHQZBzfOP/JJK6fONx+/6N1sXY+fBcXSaCf6t3+U1t7xC5n +XGTOmB62Rnzjr6LcYw4fmzfTOoCkYAg5MnCn518wCiqaj6xRE9hBZVEerai7j7Cp +r5Bbwpgzj2pi8S4PiJY2UxMJ1LlzSghmg2yT7unCb9A0BPzqfQyLITC4SHrzjhjc +g0KBtn1zpTr5ouHRFD2sj138PVOztTpC7riPoZUCgYEA7ZA4DBpmIobS72KR2QWv +qDkpwo10BzLG3FYM0MxEJMIQxlYYomkuuQ1dOTBsvt0oQ+kR3wsV7bh686y/0Ylj +rIWCLSszBR0tuLwPC/evzYlIkfT9o6Bz2dUotHA9c7arlI+jbHe9a/VPAOuk46nH +yM8qhdJyMDUwL1P3GX1qDr0CgYEA1YgZCqJpWF0QuzxBar3X/fa/pLMrwROMh3GZ +4luNTAGYwaKlCOSyRLfncylFbr82D/hxaMribHReqRTueO5rNBjZqNy2ELDL0fE1 +B/Gi8cEimYhJJaFBI+jgno33W2y8/3qbuCV/nJuaMT/yTeZb+Uv2egr3NJJy+yNs +LQ/aoQcCgYEA3TGEThiicpFwg74WqKh3tr2K2YBVwYIQ0QU6J4uaA1PCxLlTdJ1V +CK6d12r0Rf6ryBeSMUgkIdS8fnihnds7uF4TKDVp6uARO0m3BOCZi1nA/U3MgHcc +h33GycMcJMq4FbpsYslW0Nd2uRevzt69i4cBQ9r/wU000Uxv7gbtIk0CgYEAknO+ +4RlVcWKbOB/yqhg9DRVwibDNgKY8yySyK5spRQkPUTeRQ5E/Z3xOxSB4W6XPmZKH +jh0gwMvrpMITcWPsqRWmK3f9c2Me2AY8ng8v9+nEJlNf/+widlOhw32ROuZQllTs +epdVd/8M+VxnfuBREqH0Ee51cFxFelPoPNvT0n8CgYBO7lgqqC7RRkyVUqkandaR +WXPLIJSKl9943ih1WSL5UijUUCpdJWw2o0ayaOCV3ArLoQZ8OcAEGhQtYrI7PUy1 +wlsFyQwRISP54H50BeD3O6uaDDIs0zLK9//IdcPteUPn0k9kU6JfepXnog1YJ8ox +Hk7W1EPi4aSITYnhX0Y6yw== +-----END PRIVATE KEY----- diff --git a/CA/newcerts/42.pem b/CA/newcerts/42.pem new file mode 100644 index 0000000..4c4b451 --- /dev/null +++ b/CA/newcerts/42.pem @@ -0,0 +1,103 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 66 (0x42) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv + Validity + Not Before: Oct 17 06:50:34 2024 GMT + Not After : Oct 17 06:50:34 2025 GMT + Subject: CN=localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c6:27:4a:7c:cc:37:65:a8:1c:58:7f:07:b7:14: + a1:41:6e:72:21:1c:b9:7b:07:f1:a3:c4:61:3f:4a: + c4:56:92:42:ea:3e:f8:5c:ca:71:20:2e:23:44:00: + 2e:f6:30:23:d3:3b:ef:f7:22:02:d3:28:21:49:45: + 50:43:cf:b1:49:b2:25:63:5e:79:0c:c6:1f:2e:89: + 95:6d:40:19:45:33:48:bc:4c:a8:e5:00:d0:63:66: + 2c:66:ce:7b:7a:d9:70:f8:45:f6:60:ad:1b:5e:25: + 15:78:a9:d2:a3:e3:bd:4f:73:7e:e0:09:ba:f0:f5: + f4:14:f8:39:82:8f:6d:30:d1:05:f6:6e:41:e5:50: + 28:80:2f:69:72:3b:d1:dd:3b:6f:25:dd:b9:eb:02: + 36:60:7e:56:04:a1:aa:25:61:7c:38:b9:3d:3d:93: + 4b:0a:80:8a:52:ec:c8:76:7f:6a:19:44:84:cf:b9: + f0:4e:0f:9e:51:39:6f:fd:f2:46:4f:ab:3a:12:a5: + 15:a7:2a:7e:4b:52:6f:f4:ad:c2:97:44:1e:c6:d8: + 63:55:83:f7:23:4c:65:8c:c2:9a:1f:34:64:92:23: + 49:7e:77:9f:b9:0d:7f:fe:08:71:ac:e9:12:d1:8a: + 7b:58:68:91:f2:c2:0d:a7:91:20:74:1f:f8:c1:1d: + 44:2b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + A4:6C:31:0A:60:12:EC:45:A8:D1:41:65:88:35:F7:E4:CD:C8:67:F9 + X509v3 Authority Key Identifier: + 98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94 + X509v3 Subject Alternative Name: + DNS:localhost, DNS:www.localhost, DNS:127.0.0.1 + X509v3 Key Usage: + Digital Signature, Non Repudiation, Key Encipherment + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 85:46:99:83:09:a2:20:45:34:2d:d0:ca:21:20:ff:da:90:4e: + 1a:b4:0a:1f:24:4e:a2:5b:5e:29:43:ee:03:ff:b0:41:ad:dc: + 3a:53:1a:25:c0:08:ea:eb:ce:76:aa:c9:b3:7e:46:3c:dd:ff: + 13:98:9a:53:fd:f7:60:8b:d8:4b:4d:8f:70:e1:5d:1f:de:7a: + 62:70:2f:7b:c0:5d:1c:93:b7:9c:1e:d6:36:88:53:2a:f7:e5: + a1:71:21:e3:d8:e1:6b:14:ed:d7:3d:ea:78:b8:a6:7c:53:87: + b6:27:a2:50:d8:f3:21:0d:0b:48:e9:e0:cb:e1:21:16:52:de: + e7:ab:a5:31:e3:dc:82:b3:68:fc:9c:4a:7d:bd:1e:70:5c:81: + da:80:ac:65:e8:7f:5e:c5:86:2d:ed:3b:af:fa:5c:b2:cb:5a: + 20:9a:50:ab:36:99:88:33:2a:9a:ad:4a:a4:be:e9:8a:05:2f: + 80:6e:c2:d8:5d:35:38:d9:8a:2d:42:45:15:bc:35:4c:01:b1: + a8:27:7d:8d:14:f2:bc:56:c0:59:bf:2f:6a:db:fd:94:92:a2: + ff:3e:d1:d4:3c:c8:66:2b:2a:d8:97:1e:8b:ab:9b:50:71:05: + 0f:84:b8:52:31:a2:bc:19:93:e0:d5:1f:e4:06:fb:24:ad:21: + 2d:df:ee:85:cc:09:1d:4b:0d:69:93:9b:18:ae:bb:84:88:cb: + a6:0d:18:40:af:05:53:29:41:1d:5c:2e:2d:57:73:55:67:fe: + 36:6c:7d:cf:20:c0:b3:16:60:49:6c:78:08:54:7f:87:15:24: + b2:9a:27:44:b9:cf:d7:41:33:3b:bd:c9:dd:d0:fb:5a:f2:1c: + c7:79:fe:5a:34:79:62:3d:4c:9f:bb:8c:45:52:34:c6:fa:2e: + f4:16:9a:49:6d:35:ea:65:6b:1e:08:ab:dd:b1:9d:d4:43:97: + 74:c0:fb:00:51:ee:7e:49:31:d0:ea:cb:9e:f7:4e:fb:b8:fa: + 4d:92:c4:cf:72:92:6c:49:7c:94:a6:a5:f8:a4:f4:95:2c:df: + e6:58:36:7c:22:2c:13:d8:c4:45:cd:68:69:9a:0c:a1:8e:04: + 02:d1:fc:f0:bf:3c:1b:7e:b4:63:87:dc:ff:1b:08:84:01:b8: + 75:00:fa:75:c3:92:4e:82:c4:88:1d:be:94:9e:a9:fd:6c:33: + 31:22:3f:e8:fc:93:de:a7:c9:d4:ac:7f:99:a2:e1:44:c0:8b: + 44:f4:1f:61:aa:a4:fb:03:b5:d4:fa:5f:ca:b0:96:8a:1f:65: + 80:3d:ab:cd:b9:fd:3b:ce:27:b7:98:d5:22:ca:57:65:b1:40: + 75:d4:72:6d:d9:cd:fa:dc +-----BEGIN CERTIFICATE----- +MIIEujCCAqKgAwIBAgIBQjANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx +EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI +dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp +bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2 +MB4XDTI0MTAxNzA2NTAzNFoXDTI1MTAxNzA2NTAzNFowFDESMBAGA1UEAwwJbG9j +YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxidKfMw3Zagc +WH8HtxShQW5yIRy5ewfxo8RhP0rEVpJC6j74XMpxIC4jRAAu9jAj0zvv9yIC0ygh +SUVQQ8+xSbIlY155DMYfLomVbUAZRTNIvEyo5QDQY2YsZs57etlw+EX2YK0bXiUV +eKnSo+O9T3N+4Am68PX0FPg5go9tMNEF9m5B5VAogC9pcjvR3TtvJd256wI2YH5W +BKGqJWF8OLk9PZNLCoCKUuzIdn9qGUSEz7nwTg+eUTlv/fJGT6s6EqUVpyp+S1Jv +9K3Cl0QexthjVYP3I0xljMKaHzRkkiNJfnefuQ1//ghxrOkS0Yp7WGiR8sINp5Eg +dB/4wR1EKwIDAQABo4GLMIGIMAkGA1UdEwQCMAAwHQYDVR0OBBYEFKRsMQpgEuxF +qNFBZYg19+TNyGf5MB8GA1UdIwQYMBaAFJhzPpaEwEMUppekqPLoPLwgIGeUMC4G +A1UdEQQnMCWCCWxvY2FsaG9zdIINd3d3LmxvY2FsaG9zdIIJMTI3LjAuMC4xMAsG +A1UdDwQEAwIF4DANBgkqhkiG9w0BAQsFAAOCAgEAhUaZgwmiIEU0LdDKISD/2pBO +GrQKHyROolteKUPuA/+wQa3cOlMaJcAI6uvOdqrJs35GPN3/E5iaU/33YIvYS02P +cOFdH956YnAve8BdHJO3nB7WNohTKvfloXEh49jhaxTt1z3qeLimfFOHtieiUNjz +IQ0LSOngy+EhFlLe56ulMePcgrNo/JxKfb0ecFyB2oCsZeh/XsWGLe07r/pcssta +IJpQqzaZiDMqmq1KpL7pigUvgG7C2F01ONmKLUJFFbw1TAGxqCd9jRTyvFbAWb8v +atv9lJKi/z7R1DzIZisq2Jcei6ubUHEFD4S4UjGivBmT4NUf5Ab7JK0hLd/uhcwJ +HUsNaZObGK67hIjLpg0YQK8FUylBHVwuLVdzVWf+Nmx9zyDAsxZgSWx4CFR/hxUk +sponRLnP10EzO73J3dD7WvIcx3n+WjR5Yj1Mn7uMRVI0xvou9BaaSW016mVrHgir +3bGd1EOXdMD7AFHufkkx0OrLnvdO+7j6TZLEz3KSbEl8lKal+KT0lSzf5lg2fCIs +E9jERc1oaZoMoY4EAtH88L88G360Y4fc/xsIhAG4dQD6dcOSToLEiB2+lJ6p/Wwz +MSI/6PyT3qfJ1Kx/maLhRMCLRPQfYaqk+wO11PpfyrCWih9lgD2rzbn9O84nt5jV +IspXZbFAddRybdnN+tw= +-----END CERTIFICATE----- diff --git a/CA/newcerts/43.pem b/CA/newcerts/43.pem new file mode 100644 index 0000000..828a00a --- /dev/null +++ b/CA/newcerts/43.pem @@ -0,0 +1,103 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 67 (0x43) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv + Validity + Not Before: Oct 17 06:50:34 2024 GMT + Not After : Oct 17 06:50:34 2025 GMT + Subject: CN=ipbased.sv + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c3:e1:da:71:92:5b:43:80:94:84:0e:ee:eb:8d: + d5:07:82:59:12:7a:21:c9:8b:89:fe:dc:70:1b:81: + f3:72:b2:b1:1e:40:98:1f:48:b9:bb:c6:11:ef:c6: + de:80:d2:88:f3:98:2b:b4:b2:62:b1:86:66:04:9f: + 1a:63:05:9b:5f:1b:b6:2b:37:ce:07:16:54:ed:63: + 72:8b:82:ad:59:b7:86:63:da:f2:2b:31:6a:f6:f5: + d4:fc:b3:bd:c4:e3:f7:ef:7a:cf:2a:a3:8e:54:9d: + d1:79:19:55:c2:f9:ce:9d:50:52:cd:70:fb:d5:9b: + 1d:b9:8b:57:ca:26:ce:18:8b:a2:89:d1:0f:2c:4e: + f1:f8:b2:8a:2f:21:f5:8d:88:89:f2:46:ee:2f:d6: + d4:8b:4c:8b:15:5c:36:79:b8:ec:62:8a:97:51:61: + a8:ee:94:b2:3a:bc:35:d5:87:52:b2:70:c0:a4:86: + d4:2e:75:df:22:a7:f2:6d:25:55:4b:06:d7:c5:d8: + 6f:a9:d0:5e:1f:60:a7:1a:e8:ec:b3:66:2c:73:9d: + 33:33:56:e7:28:d3:b8:da:52:c2:4e:7b:d8:d8:3e: + 12:e8:5d:29:0b:6f:09:ee:d8:f1:d3:0d:e1:15:c9: + 8e:73:5d:f2:1e:2a:3c:15:16:20:db:0d:5b:03:f6: + 7b:9d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + AE:29:15:C3:1A:2E:A1:2D:8F:E1:43:72:EB:0E:47:EA:96:CE:D3:A0 + X509v3 Authority Key Identifier: + 98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94 + X509v3 Subject Alternative Name: + DNS:ipbased.sv, DNS:www.ipbased.sv + X509v3 Key Usage: + Digital Signature, Non Repudiation, Key Encipherment + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 92:4a:92:9d:12:0e:14:fb:36:0a:bd:4e:6b:a2:7f:41:81:d5: + b8:bb:e6:68:23:0d:47:24:de:a8:01:98:08:e3:d2:6d:09:8b: + e6:d5:c2:25:52:c6:6c:82:46:fe:66:9b:2c:6c:f2:b2:ca:93: + de:74:b9:42:95:3e:f8:60:86:32:49:29:d8:c9:11:46:e9:2a: + ef:3f:1c:05:63:6a:de:d9:53:32:c5:4b:34:05:5d:ad:27:6e: + d6:e3:d3:79:ab:6d:e5:28:f1:dd:2c:aa:c9:1c:04:7f:b1:f1: + d1:12:a3:0b:4c:b4:dc:5d:3f:bb:cb:df:60:0d:0f:22:20:d1: + 43:80:3e:cc:e7:bc:01:c4:4c:08:3e:2c:9d:3e:0b:6b:b2:68: + 8d:94:1f:ad:dd:9f:6a:6a:ef:b4:8b:56:21:07:f0:69:b4:31: + 3d:80:dd:27:86:c2:57:21:54:6a:f0:c2:bf:88:04:d5:11:97: + 6b:a8:c0:f8:9f:dc:0a:63:f9:22:55:e5:71:58:dc:88:25:e5: + 7e:ed:43:44:37:f5:35:7e:e6:1d:49:f2:32:f0:6f:0b:f3:45: + 61:11:52:47:e9:42:32:2f:2c:96:0d:98:6d:92:e6:dd:a9:17: + 67:f9:8f:ad:45:c1:6c:33:31:c4:ff:ca:25:fe:50:64:44:3a: + e2:a0:ea:3c:de:1b:2f:8a:7f:05:fa:12:04:f3:1a:40:52:87: + b5:ed:99:b1:7c:c8:df:de:bf:0a:54:b4:f9:2d:89:47:85:10: + 21:53:f6:00:2a:7d:1f:9d:1f:05:10:a6:72:3b:7f:e1:01:0c: + 63:79:10:7b:b3:dc:84:31:3b:4a:58:7a:37:4f:ea:01:bd:8a: + ea:19:b6:88:2c:fb:1a:8b:6c:a4:66:2b:8c:fc:76:23:00:2c: + 5c:ce:fd:19:91:d5:18:a7:0f:8b:e7:59:7c:b8:d0:13:e8:bd: + 9d:ea:d8:a9:85:2f:b8:f7:60:5a:2f:56:ba:98:98:44:a6:6a: + 46:97:4d:66:f9:b8:ec:62:8d:52:02:e4:e7:42:8c:1b:5e:36: + 90:ed:95:ce:35:e6:c1:81:88:13:0a:ad:0f:e7:39:a2:be:ea: + 56:b2:a4:9e:7d:e5:99:44:2f:10:e0:b3:df:dc:25:4a:c1:35: + c4:17:fa:36:c2:2c:0d:01:b3:61:33:65:71:25:a8:a4:50:e2: + 1c:25:32:35:7d:9a:bf:de:b4:13:1b:70:bf:b6:94:7f:7f:31: + 0a:85:ae:f3:a7:71:f7:8d:28:7a:5f:a1:64:8e:9d:8c:8e:02: + 62:83:6a:c9:dd:66:0c:10:bb:88:cd:4f:d6:58:2f:2a:a5:13: + f3:06:c0:20:1e:fe:b9:63 +-----BEGIN CERTIFICATE----- +MIIEsTCCApmgAwIBAgIBQzANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx +EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI +dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp +bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2 +MB4XDTI0MTAxNzA2NTAzNFoXDTI1MTAxNzA2NTAzNFowFTETMBEGA1UEAwwKaXBi +YXNlZC5zdjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMPh2nGSW0OA +lIQO7uuN1QeCWRJ6IcmLif7ccBuB83KysR5AmB9IubvGEe/G3oDSiPOYK7SyYrGG +ZgSfGmMFm18btis3zgcWVO1jcouCrVm3hmPa8isxavb11PyzvcTj9+96zyqjjlSd +0XkZVcL5zp1QUs1w+9WbHbmLV8omzhiLoonRDyxO8fiyii8h9Y2IifJG7i/W1ItM +ixVcNnm47GKKl1FhqO6Usjq8NdWHUrJwwKSG1C513yKn8m0lVUsG18XYb6nQXh9g +pxro7LNmLHOdMzNW5yjTuNpSwk572Ng+EuhdKQtvCe7Y8dMN4RXJjnNd8h4qPBUW +INsNWwP2e50CAwEAAaOBgTB/MAkGA1UdEwQCMAAwHQYDVR0OBBYEFK4pFcMaLqEt +j+FDcusOR+qWztOgMB8GA1UdIwQYMBaAFJhzPpaEwEMUppekqPLoPLwgIGeUMCUG +A1UdEQQeMByCCmlwYmFzZWQuc3aCDnd3dy5pcGJhc2VkLnN2MAsGA1UdDwQEAwIF +4DANBgkqhkiG9w0BAQsFAAOCAgEAkkqSnRIOFPs2Cr1Oa6J/QYHVuLvmaCMNRyTe +qAGYCOPSbQmL5tXCJVLGbIJG/mabLGzyssqT3nS5QpU++GCGMkkp2MkRRukq7z8c +BWNq3tlTMsVLNAVdrSdu1uPTeatt5Sjx3SyqyRwEf7Hx0RKjC0y03F0/u8vfYA0P +IiDRQ4A+zOe8AcRMCD4snT4La7JojZQfrd2famrvtItWIQfwabQxPYDdJ4bCVyFU +avDCv4gE1RGXa6jA+J/cCmP5IlXlcVjciCXlfu1DRDf1NX7mHUnyMvBvC/NFYRFS +R+lCMi8slg2YbZLm3akXZ/mPrUXBbDMxxP/KJf5QZEQ64qDqPN4bL4p/BfoSBPMa +QFKHte2ZsXzI396/ClS0+S2JR4UQIVP2ACp9H50fBRCmcjt/4QEMY3kQe7PchDE7 +Slh6N0/qAb2K6hm2iCz7GotspGYrjPx2IwAsXM79GZHVGKcPi+dZfLjQE+i9nerY +qYUvuPdgWi9WupiYRKZqRpdNZvm47GKNUgLk50KMG142kO2VzjXmwYGIEwqtD+c5 +or7qVrKknn3lmUQvEOCz39wlSsE1xBf6NsIsDQGzYTNlcSWopFDiHCUyNX2av960 +Extwv7aUf38xCoWu86dx940oel+hZI6djI4CYoNqyd1mDBC7iM1P1lgvKqUT8wbA +IB7+uWM= +-----END CERTIFICATE----- diff --git a/CA/newcerts/44.pem b/CA/newcerts/44.pem new file mode 100644 index 0000000..4e41bf0 --- /dev/null +++ b/CA/newcerts/44.pem @@ -0,0 +1,103 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 68 (0x44) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv + Validity + Not Before: Oct 17 06:50:34 2024 GMT + Not After : Oct 17 06:50:34 2025 GMT + Subject: CN=firma1.sv + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:88:0a:4d:ae:43:f8:5e:e6:16:11:27:1e:e5:76: + b7:ee:30:69:ad:9c:c9:70:8c:c1:6c:d6:90:be:74: + 2b:9f:8e:78:0d:be:05:e9:ca:f7:f2:99:63:5d:1a: + d7:8e:4c:31:11:07:29:1e:7a:cf:57:f7:fd:8d:d1: + 19:85:d3:bc:ea:88:e3:ef:6a:e7:a8:25:64:d3:c5: + 98:2c:bf:4b:61:97:b3:f3:60:cf:67:36:3f:a4:ae: + e6:5d:39:39:ef:4a:68:d2:81:85:d4:0e:ce:86:37: + dd:f6:26:bd:d6:b9:43:f7:86:81:8f:c5:21:df:07: + 70:83:e6:c4:7e:b9:f5:0b:36:53:08:64:68:10:47: + 3b:37:10:5d:67:5e:01:34:4c:40:0e:3d:52:1d:c4: + 2d:a9:d9:99:da:a9:2a:4f:cc:50:d9:13:75:a6:6b: + 61:ec:6c:41:8f:65:dd:1b:8c:10:5d:16:37:df:f5: + 93:f5:eb:ef:78:ac:51:95:56:f3:14:54:ae:e4:2a: + 4f:53:8a:48:4b:cb:fd:d6:87:1d:69:20:65:08:94: + 41:07:3e:51:c2:91:72:c0:ba:1a:2d:7e:24:cc:8b: + 1c:6d:6a:bb:9c:70:05:5c:60:55:c1:8d:8d:22:3c: + 2a:29:48:0a:22:d0:33:e9:81:73:2e:03:0e:e2:4b: + 5b:ad + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + F0:B6:FE:32:8A:B2:06:B0:F1:5F:FB:D3:AD:4F:B0:E3:FC:68:DC:60 + X509v3 Authority Key Identifier: + 98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94 + X509v3 Subject Alternative Name: + DNS:firma1.sv, DNS:www.firma1.sv + X509v3 Key Usage: + Digital Signature, Non Repudiation, Key Encipherment + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 6a:32:10:32:ca:f1:43:fa:b8:c7:3b:74:b3:98:5c:aa:67:0a: + da:4e:19:cf:1c:af:30:36:04:e3:a0:7f:7d:70:1a:00:a7:94: + 09:3e:c1:f5:8a:bc:46:11:e8:a4:7b:bd:b5:d7:4b:e3:e8:8b: + fd:0d:fb:24:25:31:0b:fb:f5:0f:10:b6:d8:7c:81:ff:aa:21: + ed:59:b6:75:5e:07:d9:ea:8d:a6:b9:f7:86:1e:3f:e7:2e:38: + 9c:72:1f:f3:7f:58:12:07:4b:79:a6:17:a4:f1:65:41:1a:eb: + 80:9a:43:59:9b:ff:7f:2d:6e:17:40:c1:5d:07:38:c9:bc:a8: + e2:f0:dd:01:08:8f:e0:c2:16:09:09:2b:26:7c:e6:4d:ea:3c: + 2f:31:a1:7a:68:f2:84:fb:a0:9c:8c:c7:f2:ee:50:9e:b1:ff: + 43:b8:a7:23:ce:66:2b:40:c5:bf:59:1d:52:84:59:da:74:3d: + f0:3a:8f:63:ad:3e:f2:05:c9:3a:a0:c9:01:fe:3d:a0:60:6f: + eb:ab:4a:40:36:64:31:dd:f0:1f:af:e0:0f:ee:c9:49:14:77: + bb:cc:dc:68:19:12:23:e5:31:6b:80:f4:16:dd:97:15:15:53: + 23:9e:3d:a1:19:60:b6:9f:7c:d1:4d:58:5f:60:3d:41:db:96: + 33:63:eb:d7:a7:a8:41:e6:0d:a2:5a:92:f4:5a:4c:56:23:c0: + 15:bc:31:6e:88:33:6e:ba:c5:57:5f:93:24:32:fe:37:7b:02: + f4:e3:80:c2:65:81:4c:f4:2f:40:d2:b2:12:35:e0:14:42:98: + c3:07:c6:c0:5e:7c:22:6f:d1:ee:f3:36:bb:4e:5f:3f:84:d7: + 3a:ad:88:d8:e6:e0:2b:f6:5a:9a:aa:19:7c:f9:c6:09:3b:90: + 14:f1:40:a2:1e:d3:ca:a2:f2:ae:e6:26:28:25:aa:93:7a:0f: + 14:d3:5e:1c:bf:50:0b:71:ab:60:51:ff:af:2d:af:38:6f:33: + f0:85:6b:a7:83:93:c1:6a:c0:76:2f:b5:d6:1c:2e:72:8b:83: + 6e:c3:23:20:cd:6d:ba:46:16:d2:b7:ba:3b:b2:94:40:ca:b6: + 3d:58:fc:01:8d:ff:89:2a:cb:4f:07:73:68:3c:70:8f:65:ae: + 04:e4:6e:b8:77:58:4b:bd:86:cd:7c:96:00:58:2c:8a:ca:db: + 24:c7:72:4e:ca:55:3d:68:fb:16:fb:bc:8d:6b:bc:60:3d:ea: + b6:2a:0d:f6:78:88:a6:6e:d2:09:68:e6:c1:f1:fd:45:fe:8e: + 20:e5:7b:ce:85:58:6a:23:1f:0e:c4:55:a4:5a:c6:a1:1d:c9: + 76:7e:4c:3e:fa:94:ed:be +-----BEGIN CERTIFICATE----- +MIIErTCCApWgAwIBAgIBRDANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx +EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI +dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp +bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2 +MB4XDTI0MTAxNzA2NTAzNFoXDTI1MTAxNzA2NTAzNFowFDESMBAGA1UEAwwJZmly +bWExLnN2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiApNrkP4XuYW +ESce5Xa37jBprZzJcIzBbNaQvnQrn454Db4F6cr38pljXRrXjkwxEQcpHnrPV/f9 +jdEZhdO86ojj72rnqCVk08WYLL9LYZez82DPZzY/pK7mXTk570po0oGF1A7Ohjfd +9ia91rlD94aBj8Uh3wdwg+bEfrn1CzZTCGRoEEc7NxBdZ14BNExADj1SHcQtqdmZ +2qkqT8xQ2RN1pmth7GxBj2XdG4wQXRY33/WT9evveKxRlVbzFFSu5CpPU4pIS8v9 +1ocdaSBlCJRBBz5RwpFywLoaLX4kzIscbWq7nHAFXGBVwY2NIjwqKUgKItAz6YFz +LgMO4ktbrQIDAQABo38wfTAJBgNVHRMEAjAAMB0GA1UdDgQWBBTwtv4yirIGsPFf ++9OtT7Dj/GjcYDAfBgNVHSMEGDAWgBSYcz6WhMBDFKaXpKjy6Dy8ICBnlDAjBgNV +HREEHDAagglmaXJtYTEuc3aCDXd3dy5maXJtYTEuc3YwCwYDVR0PBAQDAgXgMA0G +CSqGSIb3DQEBCwUAA4ICAQBqMhAyyvFD+rjHO3SzmFyqZwraThnPHK8wNgTjoH99 +cBoAp5QJPsH1irxGEeike72110vj6Iv9DfskJTEL+/UPELbYfIH/qiHtWbZ1XgfZ +6o2mufeGHj/nLjicch/zf1gSB0t5phek8WVBGuuAmkNZm/9/LW4XQMFdBzjJvKji +8N0BCI/gwhYJCSsmfOZN6jwvMaF6aPKE+6CcjMfy7lCesf9DuKcjzmYrQMW/WR1S +hFnadD3wOo9jrT7yBck6oMkB/j2gYG/rq0pANmQx3fAfr+AP7slJFHe7zNxoGRIj +5TFrgPQW3ZcVFVMjnj2hGWC2n3zRTVhfYD1B25YzY+vXp6hB5g2iWpL0WkxWI8AV +vDFuiDNuusVXX5MkMv43ewL044DCZYFM9C9A0rISNeAUQpjDB8bAXnwib9Hu8za7 +Tl8/hNc6rYjY5uAr9lqaqhl8+cYJO5AU8UCiHtPKovKu5iYoJaqTeg8U014cv1AL +catgUf+vLa84bzPwhWung5PBasB2L7XWHC5yi4NuwyMgzW26RhbSt7o7spRAyrY9 +WPwBjf+JKstPB3NoPHCPZa4E5G64d1hLvYbNfJYAWCyKytskx3JOylU9aPsW+7yN +a7xgPeq2Kg32eIimbtIJaObB8f1F/o4g5XvOhVhqIx8OxFWkWsahHcl2fkw++pTt +vg== +-----END CERTIFICATE----- diff --git a/CA/newcerts/45.pem b/CA/newcerts/45.pem new file mode 100644 index 0000000..07a3c8e --- /dev/null +++ b/CA/newcerts/45.pem @@ -0,0 +1,103 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 69 (0x45) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Franken, L=Schwabach, O=velt.biz, OU=Open-Source Consulting & Training/emailAddress=ca@velt.biz, CN=ca.sv + Validity + Not Before: Oct 17 06:50:35 2024 GMT + Not After : Oct 17 06:50:35 2025 GMT + Subject: CN=firma2.sv + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c4:52:f8:99:a8:d0:c2:c7:38:c7:07:13:48:4e: + 90:1e:dd:77:9c:63:ed:4d:f9:ee:1a:3c:2a:32:fa: + 67:3d:66:da:17:07:21:c2:94:2a:06:9e:da:7b:59: + ce:96:f5:48:e7:47:5f:4d:80:23:69:10:c7:5e:29: + 3c:11:22:44:db:5f:bf:4d:04:37:08:2f:df:d6:1f: + 5e:af:32:77:64:b1:52:4d:bf:96:30:cf:9c:db:ce: + c4:c4:f3:00:db:92:53:37:92:6e:bf:94:f5:97:e9: + cf:6c:07:76:4b:4d:97:58:c4:c4:9a:4a:36:80:bd: + dc:cd:7e:d4:3b:f0:fd:f0:89:e2:21:ef:d6:27:c0: + 26:1c:1f:7f:21:7a:96:1f:0d:99:63:47:20:d4:b8: + f6:68:be:8c:24:cf:fe:f6:90:fb:f9:d1:d1:4b:b5: + 4d:ec:04:96:d8:06:c8:e8:3c:f8:39:ee:94:7e:1f: + f8:74:2c:df:60:97:37:4c:cc:3a:98:9e:21:f0:9b: + 9a:7a:7a:a4:19:d9:2b:07:7d:4c:95:ca:dd:4e:e7: + 3b:a9:d6:af:a8:cf:35:ff:fe:32:d2:21:20:ab:95: + 11:1a:20:b0:97:21:77:50:e7:25:7f:17:67:30:2c: + 74:f3:ea:19:f4:94:73:3a:4a:07:f1:19:f4:18:59: + 8f:1f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + A4:7D:5A:AE:F2:08:5C:FD:C4:A1:63:F1:4E:A2:9E:4B:7B:F8:22:C3 + X509v3 Authority Key Identifier: + 98:73:3E:96:84:C0:43:14:A6:97:A4:A8:F2:E8:3C:BC:20:20:67:94 + X509v3 Subject Alternative Name: + DNS:firma2.sv, DNS:www.firma2.sv + X509v3 Key Usage: + Digital Signature, Non Repudiation, Key Encipherment + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 70:73:cd:f4:ae:26:01:07:61:46:32:52:33:3b:69:04:09:4a: + bd:0d:9a:96:ee:a4:91:f9:67:6c:13:99:e2:c8:e4:19:b5:e6: + aa:fc:28:24:74:33:f1:d8:3f:4f:29:b9:ec:79:81:1a:22:b5: + 5c:c1:bd:55:f2:2b:b5:e3:72:76:68:d6:09:41:4f:0a:0c:1d: + ff:09:67:33:16:b9:6e:f2:fb:40:f3:69:3c:cb:64:82:97:89: + a8:de:94:9a:1c:91:38:20:66:d3:43:4d:25:c1:29:b2:ea:ff: + 4d:34:72:12:f0:a4:14:e3:6d:04:f6:a3:f7:22:5b:e8:13:e1: + 75:0c:a1:82:87:69:75:4b:7d:5b:92:75:ff:00:ef:cd:ca:4d: + 9e:4d:3a:a1:1a:18:5c:8b:15:a7:16:be:01:a7:56:f0:3d:72: + f1:97:09:83:82:f6:a2:e3:ee:ba:73:77:49:66:19:1b:1d:13: + fb:ef:b9:2f:87:5a:ad:32:27:cd:cf:9b:87:45:0a:95:fd:21: + 2b:d3:14:9e:60:27:ec:f2:87:e1:92:6c:ef:f7:e1:30:b5:71: + 66:d5:5a:4d:88:7e:fb:de:67:7c:e6:4d:e2:5e:fc:cb:62:8f: + 13:3c:07:3b:b2:af:3b:80:31:62:9b:34:f4:cb:a5:a8:cb:d6: + 07:83:72:d8:fd:5b:ef:c6:aa:74:a9:fa:6e:f7:ab:b7:b3:fa: + 78:67:a7:63:3e:30:04:c1:fe:60:00:eb:3e:db:25:0a:7d:ed: + ba:e5:d2:60:6e:dc:1b:34:71:7d:e5:18:0d:ae:c6:83:09:72: + 4d:7d:b4:58:d6:6e:5b:89:1b:f9:d1:18:9c:87:19:60:ed:f6: + b7:5b:1c:37:ea:91:94:0e:b3:31:c2:46:24:e7:4d:a6:73:32: + c0:c4:87:f2:b5:21:60:01:03:83:39:10:2b:e9:29:1b:3d:8b: + e8:c3:b5:99:8e:0d:37:94:e4:0f:b0:19:fd:04:e8:c1:a9:1c: + 7e:b4:17:50:8a:b2:59:5b:ee:cf:40:4c:59:fc:2c:a7:a0:2c: + ac:22:f3:72:30:47:4e:1a:24:04:64:20:8b:49:5f:2d:78:45: + 84:91:09:5b:e0:e4:b3:5b:ca:5f:8b:39:c5:00:38:95:71:7b: + da:09:4a:ed:49:76:b1:12:58:02:92:68:d6:2e:68:21:f5:5f: + 40:3a:38:ed:d2:08:82:c0:60:3a:ae:22:6f:cd:5f:0c:a1:e9: + 2c:e0:6b:f0:88:5f:c1:9e:eb:68:c8:95:77:93:21:f5:06:54: + 5c:91:af:c8:b1:3a:1e:b2:8e:c4:69:74:66:bd:95:84:a2:bf: + d4:66:3e:34:3e:4e:03:91 +-----BEGIN CERTIFICATE----- +MIIErTCCApWgAwIBAgIBRTANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx +EDAOBgNVBAgMB0ZyYW5rZW4xEjAQBgNVBAcMCVNjaHdhYmFjaDERMA8GA1UECgwI +dmVsdC5iaXoxKjAoBgNVBAsMIU9wZW4tU291cmNlIENvbnN1bHRpbmcgJiBUcmFp +bmluZzEaMBgGCSqGSIb3DQEJARYLY2FAdmVsdC5iaXoxDjAMBgNVBAMMBWNhLnN2 +MB4XDTI0MTAxNzA2NTAzNVoXDTI1MTAxNzA2NTAzNVowFDESMBAGA1UEAwwJZmly +bWEyLnN2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFL4majQwsc4 +xwcTSE6QHt13nGPtTfnuGjwqMvpnPWbaFwchwpQqBp7ae1nOlvVI50dfTYAjaRDH +Xik8ESJE21+/TQQ3CC/f1h9erzJ3ZLFSTb+WMM+c287ExPMA25JTN5Juv5T1l+nP +bAd2S02XWMTEmko2gL3czX7UO/D98IniIe/WJ8AmHB9/IXqWHw2ZY0cg1Lj2aL6M +JM/+9pD7+dHRS7VN7ASW2AbI6Dz4Oe6Ufh/4dCzfYJc3TMw6mJ4h8JuaenqkGdkr +B31MlcrdTuc7qdavqM81//4y0iEgq5URGiCwlyF3UOclfxdnMCx08+oZ9JRzOkoH +8Rn0GFmPHwIDAQABo38wfTAJBgNVHRMEAjAAMB0GA1UdDgQWBBSkfVqu8ghc/cSh +Y/FOop5Le/giwzAfBgNVHSMEGDAWgBSYcz6WhMBDFKaXpKjy6Dy8ICBnlDAjBgNV +HREEHDAagglmaXJtYTIuc3aCDXd3dy5maXJtYTIuc3YwCwYDVR0PBAQDAgXgMA0G +CSqGSIb3DQEBCwUAA4ICAQBwc830riYBB2FGMlIzO2kECUq9DZqW7qSR+WdsE5ni +yOQZteaq/CgkdDPx2D9PKbnseYEaIrVcwb1V8iu143J2aNYJQU8KDB3/CWczFrlu +8vtA82k8y2SCl4mo3pSaHJE4IGbTQ00lwSmy6v9NNHIS8KQU420E9qP3IlvoE+F1 +DKGCh2l1S31bknX/AO/Nyk2eTTqhGhhcixWnFr4Bp1bwPXLxlwmDgvai4+66c3dJ +ZhkbHRP777kvh1qtMifNz5uHRQqV/SEr0xSeYCfs8ofhkmzv9+EwtXFm1VpNiH77 +3md85k3iXvzLYo8TPAc7sq87gDFimzT0y6Woy9YHg3LY/Vvvxqp0qfpu96u3s/p4 +Z6djPjAEwf5gAOs+2yUKfe265dJgbtwbNHF95RgNrsaDCXJNfbRY1m5biRv50Ric +hxlg7fa3Wxw36pGUDrMxwkYk502mczLAxIfytSFgAQODORAr6SkbPYvow7WZjg03 +lOQPsBn9BOjBqRx+tBdQirJZW+7PQExZ/CynoCysIvNyMEdOGiQEZCCLSV8teEWE +kQlb4OSzW8pfiznFADiVcXvaCUrtSXaxElgCkmjWLmgh9V9AOjjt0giCwGA6riJv +zV8Moeks4GvwiF/BnutoyJV3kyH1BlRcka/IsToeso7EaXRmvZWEor/UZj40Pk4D +kQ== +-----END CERTIFICATE----- diff --git a/CA/openssl.cnf b/CA/openssl.cnf new file mode 100644 index 0000000..5cd26c4 --- /dev/null +++ b/CA/openssl.cnf @@ -0,0 +1,392 @@ +# +# OpenSSL example configuration file. +# See doc/man5/config.pod for more info. +# +# This is mostly being used for generation of certificate requests, +# but may be used for auto loading of providers + +# Note that you can include other files from the main configuration +# file using the .include directive. +#.include filename + +# This definition stops the following lines choking if HOME isn't +# defined. +HOME = . + + # Use this in order to automatically load providers. +openssl_conf = openssl_init + +# Comment out the next line to ignore configuration errors +config_diagnostics = 1 + +# Extra OBJECT IDENTIFIER info: +# oid_file = $ENV::HOME/.oid +oid_section = new_oids + +# To use this configuration file with the "-extfile" option of the +# "openssl x509" utility, name here the section containing the +# X.509v3 extensions to use: +# extensions = +# (Alternatively, use a configuration file that has only +# X.509v3 extensions in its main [= default] section.) + +[ new_oids ] +# We can add new OIDs in here for use by 'ca', 'req' and 'ts'. +# Add a simple OID like this: +# testoid1=1.2.3.4 +# Or use config file substitution like this: +# testoid2=${testoid1}.5.6 + +# Policies used by the TSA examples. +tsa_policy1 = 1.2.3.4.1 +tsa_policy2 = 1.2.3.4.5.6 +tsa_policy3 = 1.2.3.4.5.7 + +# For FIPS +# Optionally include a file that is generated by the OpenSSL fipsinstall +# application. This file contains configuration data required by the OpenSSL +# fips provider. It contains a named section e.g. [fips_sect] which is +# referenced from the [provider_sect] below. +# Refer to the OpenSSL security policy for more information. +# .include fipsmodule.cnf + +[openssl_init] +# providers = provider_sect + +# List of providers to load +# [provider_sect] +# default = default_sect +# The fips section name should match the section name inside the +# included fipsmodule.cnf. +# fips = fips_sect + +# If no providers are activated explicitly, the default one is activated implicitly. +# See man 7 OSSL_PROVIDER-default for more details. +# +# If you add a section explicitly activating any other provider(s), you most +# probably need to explicitly activate the default provider, otherwise it +# becomes unavailable in openssl. As a consequence applications depending on +# OpenSSL may not work correctly which could lead to significant system +# problems including inability to remotely access the system. +# [default_sect] +# activate = 1 + + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = /usr/local/apache2/CA # Where everything is kept +certs = $dir/certs # Where the issued certs are kept +crl_dir = $dir/crl # Where the issued crl are kept +database = $dir/index.txt # database index file. +#unique_subject = no # Set to 'no' to allow creation of + # several certs with same subject. +new_certs_dir = $dir/newcerts # default place for new certs. + +certificate = $dir/cacert.pem # The CA certificate +serial = $dir/serial # The current serial number +crlnumber = $dir/crlnumber # the current crl number + # must be commented out to leave a V1 CRL +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/cakey.pem# The private key + +x509_extensions = usr_cert # The extensions to add to the cert + +# Comment out the following two lines for the "traditional" +# (and highly broken) format. +name_opt = ca_default # Subject Name options +cert_opt = ca_default # Certificate field options + +# Extension copying option: use with caution. +# copy_extensions = copy +copy_extensions = copy + +# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs +# so this is commented out by default to leave a V1 CRL. +# crlnumber must also be commented out to leave a V1 CRL. +# crl_extensions = crl_ext + +default_days = 365 # how long to certify for +default_crl_days= 30 # how long before next CRL +default_md = default # use public key default MD +preserve = no # keep passed DN ordering + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_anything + +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +# For the 'anything' policy +# At this point in time, you must list all acceptable 'object' +# types. +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +#################################################################### +[ req ] +default_bits = 2048 +default_keyfile = privkey.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca # The extensions to add to the self signed cert + +# Passwords for private keys if not present they will be prompted for +# input_password = secret +# output_password = secret + +# This sets a mask for permitted string types. There are several options. +# default: PrintableString, T61String, BMPString. +# pkix : PrintableString, BMPString (PKIX recommendation before 2004) +# utf8only: only UTF8Strings (PKIX recommendation after 2004). +# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). +# MASK:XXXX a literal mask value. +# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings. +string_mask = utf8only + +# req_extensions = v3_req # The extensions to add to a certificate request + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = AU +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = Some-State + +localityName = Locality Name (eg, city) + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Internet Widgits Pty Ltd + +# we can do this but it is not needed normally :-) +#1.organizationName = Second Organization Name (eg, company) +#1.organizationName_default = World Wide Web Pty Ltd + +organizationalUnitName = Organizational Unit Name (eg, section) +#organizationalUnitName_default = + +commonName = Common Name (e.g. server FQDN or YOUR name) +commonName_max = 64 + +emailAddress = Email Address +emailAddress_max = 64 + +# SET-ex3 = SET extension number 3 + +[ req_attributes ] +challengePassword = A challenge password +challengePassword_min = 4 +challengePassword_max = 20 + +unstructuredName = An optional company name + +[ usr_cert ] + +# These extensions are added when 'ca' signs a request. + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +# This is required for TSA certificates. +# extendedKeyUsage = critical,timeStamping + +[ v3_req ] +subjectAltName = $ENV::SUBJALTNAME + +# Extensions to add to a certificate request + +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +[ v3_ca ] + + +# Extensions for a typical CA + + +# PKIX recommendation. + +subjectKeyIdentifier=hash + +authorityKeyIdentifier=keyid:always,issuer + +basicConstraints = critical,CA:true + +# Key usage: this is typical for a CA certificate. However since it will +# prevent it being used as an test self-signed certificate it is best +# left out by default. +# keyUsage = cRLSign, keyCertSign + +# Include email address in subject alt name: another PKIX recommendation +# subjectAltName=email:copy +# Copy issuer details +# issuerAltName=issuer:copy + +# DER hex encoding of an extension: beware experts only! +# obj=DER:02:03 +# Where 'obj' is a standard or added object +# You can even override a supported extension: +# basicConstraints= critical, DER:30:03:01:01:FF + +[ crl_ext ] + +# CRL extensions. +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always + +[ proxy_cert_ext ] +# These extensions should be added when creating a proxy certificate + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +# This really needs to be in place for it to be a proxy certificate. +proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo + +#################################################################### +[ tsa ] + +default_tsa = tsa_config1 # the default TSA section + +[ tsa_config1 ] + +# These are used by the TSA reply generation only. +dir = /usr/local/apache2/CA # TSA root directory +serial = $dir/tsaserial # The current serial number (mandatory) +crypto_device = builtin # OpenSSL engine to use for signing +signer_cert = $dir/tsacert.pem # The TSA signing certificate + # (optional) +certs = $dir/cacert.pem # Certificate chain to include in reply + # (optional) +signer_key = $dir/private/tsakey.pem # The TSA private key (optional) +signer_digest = sha256 # Signing digest to use. (Optional) +default_policy = tsa_policy1 # Policy if request did not specify it + # (optional) +other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional) +digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory) +accuracy = secs:1, millisecs:500, microsecs:100 # (optional) +clock_precision_digits = 0 # number of digits after dot. (optional) +ordering = yes # Is ordering defined for timestamps? + # (optional, default: no) +tsa_name = yes # Must the TSA name be included in the reply? + # (optional, default: no) +ess_cert_id_chain = no # Must the ESS cert id chain be included? + # (optional, default: no) +ess_cert_id_alg = sha1 # algorithm to compute certificate + # identifier (optional, default: sha1) + +[insta] # CMP using Insta Demo CA +# Message transfer +server = pki.certificate.fi:8700 +# proxy = # set this as far as needed, e.g., http://192.168.1.1:8080 +# tls_use = 0 +path = pkix/ + +# Server authentication +recipient = "/C=FI/O=Insta Demo/CN=Insta Demo CA" # or set srvcert or issuer +ignore_keyusage = 1 # potentially needed quirk +unprotected_errors = 1 # potentially needed quirk +extracertsout = insta.extracerts.pem + +# Client authentication +ref = 3078 # user identification +secret = pass:insta # can be used for both client and server side + +# Generic message options +cmd = ir # default operation, can be overridden on cmd line with, e.g., kur + +# Certificate enrollment +subject = "/CN=openssl-cmp-test" +newkey = insta.priv.pem +out_trusted = apps/insta.ca.crt # does not include keyUsage digitalSignature +certout = insta.cert.pem + +[pbm] # Password-based protection for Insta CA +# Server and client authentication +ref = $insta::ref # 3078 +secret = $insta::secret # pass:insta + +[signature] # Signature-based protection for Insta CA +# Server authentication +trusted = $insta::out_trusted # apps/insta.ca.crt + +# Client authentication +secret = # disable PBM +key = $insta::newkey # insta.priv.pem +cert = $insta::certout # insta.cert.pem + +[ir] +cmd = ir + +[cr] +cmd = cr + +[kur] +# Certificate update +cmd = kur +oldcert = $insta::certout # insta.cert.pem + +[rr] +# Certificate revocation +cmd = rr +oldcert = $insta::certout # insta.cert.pem diff --git a/CA/private/cakey.pem b/CA/private/cakey.pem new file mode 100644 index 0000000..0e24dd3 --- /dev/null +++ b/CA/private/cakey.pem @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCznYEpE/pcWzht +O8HkgPM6giFxQ6cnq7m+fjuowtZzD0UhBWP4GEAO7PY7aHhh5u8UBpeunX39GWK3 +OBmpbhE7OIsiru9o3iEq7/6anrSIiCpLFTtQFTFDmPPt2gBFKlNjMS647lgH7vkD +TI3rTn70Cm4pCjD0yzXGOv726+3f0WuF+j31ozc+hDKMt4YXIIADzskjF7a209Ub +OpB7u61vE6VSgnWuwjhitxgBT6aVdLsGinqy5tsDrDtia+koyNGI3GycyRZcthw0 +quEtlNwz9+keRn6kaVm8WOOfWyvSIZselxrSSheVnELHEQtZaDqjsfFqLGn6elEl +ZK8V8/kclhdkQLzdSrLmYf7lSGV47NyzulehAFryY0XK891Opfu6X0aqnZ77r5jv +V5L+oNNvzthW43QWN0+RcFNcUVOfm3llGxnu+IO48GYyDw753wDvK0B9EZ/7ru+i +KNYWY5w0hKzldUWKw6LstGiKZqUnTKSAK+glQnCUihWypWE+qpJZUD/YybcDReKe +YGOcalSg79fDWJ/Cw2tHhT7Hv6n6L/iyp22O5oCbs0Nny9VpaFx8DMfVgELMNp+U +lG4621/PKlTy7pPlyCyahJb/Do1R9Erqandpgd8yOOhbRBcEITFX4txuor/fmH4r +rpTHEe66tw8X76iH/d4sqZSAmw7YiQIDAQABAoICACemkAJE9kJYIts+U13Bt7AF +VSOfVzGzP6RVUo89P8ETsGOLQJfeppmE5xCTTevy4nlNwUNbYhoy9e9Tc5rLAQPN +Ri3IZ3KDgtfrNg3lFh6DzK5ZiAf0PbVZ+RNbSi76moDttQ4/E3Dg6Ni5GCVHZVAz +U0E9DjSj/YF+uZVB3PfJT866QN5Ogx4KaexVgUTuuEPe7NkR3ZR7q/JAWe/urOk1 +8YuG4DrNhkwIdkSn1DLvG3BktpRy0Qt9BHkEMGr/9f2cB2APJiAeVZis1lvNHlVc +l3pG/qMF3Lju+ITPyBsxrwAwREwC7jTpU3aFhTdeAn/rgss49cZFJU+3a81RV/8A +GftS42ocmTZQjfXsAG+dtzjKrbww41TfPHaD+4OBW8Gx0sqrc3Ko3w3mnUxc0kew +HkEdVU0ev1nJC2SzmXT6dlGW4+Y3yTh9MNCN4ni7BWAagGdEK+eYy0PQOFgsI8oz +Cnf7YA/xU4O01C3IM74aZNH3iA/YLtTLq3rOVVpievp343SwgvuO2OEuWUxb9NfP +8LU8J3j7B3oXJQOuaOaSFrvaaKSldtRZRNq6KY5q8tXTgPGE/ZuT9DvEbY1CaKUy +5JFxjqG5tIfM9prmW438mfq2lGcgMscn5h+wDr3EAF1p6NNzhMN74+hLpA7ndnJv +GMRhrBDSYF7KltmUhQu5AoIBAQDmY0U3pdersh9c9rp6wEeYft3JtSRQ0z4ijZjb +IdOs47Wh1cnsvj6eKj4ofU1FaBAnV/ZTjrGLGnav0Nt87xjsdOqOfz0pn4XWanKr +fU8ip9RhP3aWByaDQ/3Sj6+Mjl5CCrkDUBzmucvflhUpYdHKhX5N9YkTNjsUUkzc +B/aFQVajJP19s3+SQuEwfDjrAkPI2aRdX1oDKnmb8oxKUQLVPpXe9B+xLO9UQRH/ +qMxshegbXZMoMAMz3hJNtqo1++BSGDGkxU2ycWniyvZUI61lCfwx4TXfJOqNre75 +E4y2x14il1Dev/agVRBNVugyxj6OheIr3A5JkmzUQlLZJB9NAoIBAQDHlUWIbTRj +aPLNAVQc0IHviRBliP/87UkZvZ+g64xwqXpbLEQfbJ0/RF6/4wqv9ns+CpHZeQEe +5aLsp7zXgREF9vM5a8rg41zzi3p5DxX798xt/+WfRo5KWM9+tri5IfxBC/0CEIy5 +hZFUOhg6gI/EH8wTyuVvz5sSiyDi2mEkhclEhVxGb9LD4vqXzuv/6BD2UpoWO4go +xvtt21Vdbnc+doTqKBKVMqh3uadYCb5/Z1Wf6rAWq8hIwEr6Houu8DvBLR2eI6Xs +1XwA1m6mrMVarI3GORQ5vLBkgYBq7Wv9R12yCgJXZNCVSujefQFFJRtrf56rc5ps +TRLQXSxPDrgtAoIBABWCuUi71Eo0pFcCtmCVqVmkpsKZhh2By7BgNiBnpSLkU+Yb +VvIixSfxW8JeCKPtVmzF+rrMfOk2/FPoFUYx8MrLE8dgO+6x9UYSxEgcuBHNR7gY +u9LAMilZZM6PGd3uwQA7jhCwHzKvsEhc8/bcKkFVe3h972F608NO99wnZi4E7rjm +0EA3TTbzxaDISGww1vFe2MjbCUV4ZshXuh+KNtCAOnAJrRfW0TW1qZ+MPCH50rUT +ZJUA/puOJXlaD8Rgkw43MhNnVJzPmApT1vH+LsdbSk/B7ky6XqgB0GkzGRVLwg9K +v4M8uyM3LgF6ls1+0wJtn7NmpXLbGAwtcRzTEZUCggEAZO0KVXwL0v1+UscKNuwF +2RCx1vaZpNiFb9vhPin/QfWiJzrSVCXDuvujAlwYynTVS8FikdvMAkjTw+Lq7vuY +lTCVPINS+7heB9aPn2pOjrV3jmSqRIoUaGpSu1xBO3WBL4+VaRbfYu21WSdrmyHq +EZ6Wv6eJsKoGXDE49x7Bowt4hQr/Z6sipOZCHMSJuUYsVbPdscJ3D0/YU2xn1bCH +4nFis1qCUypj4O9kPXPn/ltOBGlUlJJX3NpI0ATkVBmtzfk3kgGq5YHrjCzjlaum +vTynEQdKQAw4Ewsd2nSneFQ/gEnpdzJG/Ef+TIxgOQwTup+1qDP0cjHjgrSrNGtY +HQKCAQEA4VyroQbfhNnv372UPQ+nRRO8W39N01R5inlh3Ox+w9tWLb0tir9uZDTW +RxSlqtjRgXH3XufaOeIEIka7JRffk68HUEfHs9BA0COCkZn4G7Xhq9Y8/qTrAwF5 +2U/Bk2kuCq+AFpvMo/7vK48JoDM5t1k4YoSP7J9O0T/DY+uKjhfUyQVH5lUrKWfO +76Atj4vjVbEzVkdyqlJC5OD9oXP6G5TNzjVMQ32fPJoqgT6T1W+C+sG0ZgZzcGkG +MBTDApejftpxuGIeZdpamSrrBNCo+I66INUJmANVRMxHyCgb4CJKvjJVqQYAMHHG +hIxmWrSyVbTLjBGt+q5cKsODGRXgYA== +-----END PRIVATE KEY----- diff --git a/CA/serial b/CA/serial new file mode 100644 index 0000000..9e5feb5 --- /dev/null +++ b/CA/serial @@ -0,0 +1 @@ +46 diff --git a/CA/serial.old b/CA/serial.old new file mode 100644 index 0000000..ea90ee3 --- /dev/null +++ b/CA/serial.old @@ -0,0 +1 @@ +45