diff options
| author | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-06-29 14:16:51 +0000 |
|---|---|---|
| committer | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-06-29 14:16:51 +0000 |
| commit | 77f1f9d67768544886499a7db394987111009072 (patch) | |
| tree | c2a59c5114febc24810eea28296334a409c83e41 /net/data | |
| parent | 1c95c21a98fb96e5e7ca8662a8bfe61e7d5063a8 (diff) | |
| download | chromium_src-77f1f9d67768544886499a7db394987111009072.zip chromium_src-77f1f9d67768544886499a7db394987111009072.tar.gz chromium_src-77f1f9d67768544886499a7db394987111009072.tar.bz2 | |
Re-enable some tests disabled because of expired certs
Includes script to generate suitable test certs for
http://crbug.com/111742
BUG=111742,252971
R=wtc
Review URL: https://chromiumcodereview.appspot.com/18054012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@209315 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/data')
| -rw-r--r-- | net/data/ssl/certificates/README | 9 | ||||
| -rw-r--r-- | net/data/ssl/certificates/comodo.chain.pem | 197 | ||||
| -rw-r--r-- | net/data/ssl/certificates/cross-signed-leaf.pem | 82 | ||||
| -rw-r--r-- | net/data/ssl/certificates/cross-signed-root-md5.pem | 74 | ||||
| -rw-r--r-- | net/data/ssl/certificates/cross-signed-root-sha1.pem | 74 | ||||
| -rw-r--r-- | net/data/ssl/certificates/globalsign_orgv1_ca.pem | 97 | ||||
| -rw-r--r-- | net/data/ssl/certificates/globalsign_root_ca_md5.pem | 78 | ||||
| -rw-r--r-- | net/data/ssl/certificates/images_etrade_wallst_com.pem | 94 | ||||
| -rwxr-xr-x | net/data/ssl/scripts/generate-cross-signed-certs.sh | 86 |
9 files changed, 422 insertions, 369 deletions
diff --git a/net/data/ssl/certificates/README b/net/data/ssl/certificates/README index d462306..84844ea 100644 --- a/net/data/ssl/certificates/README +++ b/net/data/ssl/certificates/README @@ -81,10 +81,11 @@ unit tests. net/data/ssl/scripts/generate-weak-test-chains.sh and used in the RejectWeakKeys test in net/base/x509_certificate_unittest.cc. -- images_etrade_wallst_com.pem -- globalsign_orgv1_ca.pem -- globalsign_root_ca_md5.pem : A certificate chain for the regression test - of http://crbug.com/108514 +- cross-signed-leaf.pem +- cross-signed-root-md5.pem +- cross-signed-root-sha1.pem + A certificate chain for regression testing http://crbug.com/108514, + generated via scripts/generate-cross-signed-certs.sh - redundant-validated-chain.pem - redundant-server-chain.pem diff --git a/net/data/ssl/certificates/comodo.chain.pem b/net/data/ssl/certificates/comodo.chain.pem index 0f542f9..88699ac 100644 --- a/net/data/ssl/certificates/comodo.chain.pem +++ b/net/data/ssl/certificates/comodo.chain.pem @@ -2,17 +2,17 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 12:a3:c4:cb:1d:17:a7:52:27:67:cd:7a:30:c9:dd:49 - Signature Algorithm: sha1WithRSAEncryption + f7:8b:13:b9:46:fc:96:35:d8:ab:49:de:9d:21:48:21 + Signature Algorithm: sha1WithRSAEncryption Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Extended Validation Secure Server CA Validity - Not Before: Jun 22 00:00:00 2011 GMT - Not After : Jun 21 23:59:59 2013 GMT - Subject: serialNumber=04058690/1.3.6.1.4.1.311.60.2.1.3=GB/2.5.4.15=Private Organization, C=GB/postalCode=M5 3EQ, ST=Greater Manchester, L=Salford,/streetAddress=Exchange Quay, Trafford Road/streetAddress=26 Office Village,/streetAddress=3rd Floor,, O=Comodo CA Ltd, OU=Comodo EV SGC SSL, OU=Hosted by Comodo Group Inc., OU=Comodo EV SGC SSL, CN=www.comodo.com + Not Before: May 29 00:00:00 2013 GMT + Not After : Jun 20 23:59:59 2015 GMT + Subject: serialNumber=-na/1.3.6.1.4.1.311.60.2.1.3=GB/businessCategory=Private Organization, C=GB/postalCode=M5 3EQ, ST=Greater Manchester, L=Salford,/street=Exchange Quay, Trafford Road/street=26 Office Village,/street=3rd Floor,, O=Comodo CA Ltd, OU=Comodo EV SGC SSL, OU=COMODO EV SGC SSL, CN=www.comodo.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): + Public-Key: (2048 bit) + Modulus: 00:a7:ad:ff:5f:d0:7d:1d:97:78:f7:da:f8:77:da: 86:d2:11:ec:83:b1:4b:fd:8d:75:f2:44:9c:18:db: d5:fa:ca:3e:17:8c:a3:23:36:e9:03:7d:04:6f:2f: @@ -49,7 +49,9 @@ Certificate: CPS: https://secure.comodo.com/CPS X509v3 CRL Distribution Points: - URI:http://crl.comodoca.com/COMODOExtendedValidationSecureServerCA.crl + + Full Name: + URI:http://crl.comodoca.com/COMODOExtendedValidationSecureServerCA.crl Authority Information Access: CA Issuers - URI:http://crt.comodoca.com/COMODOExtendedValidationSecureServerCA.crt @@ -58,64 +60,63 @@ Certificate: X509v3 Subject Alternative Name: DNS:www.comodo.com, DNS:comodo.com Signature Algorithm: sha1WithRSAEncryption - c6:35:d6:98:61:9a:91:cf:d6:02:1e:83:92:0a:ac:eb:a7:38: - 57:ee:69:f1:3a:35:d5:fe:8e:02:b8:6f:ee:f9:19:47:46:85: - 57:7f:0c:bc:4b:ea:fb:b3:7b:10:87:e7:57:7a:8a:f1:72:9a: - f6:dd:e5:6d:91:e2:92:12:c4:1f:76:13:2b:7d:4e:b8:a3:ad: - 67:0a:e8:35:00:ab:76:a8:48:cb:9d:02:62:ba:01:2c:4c:c9: - 8d:7b:65:c8:72:d3:c3:c1:1d:6d:50:72:f4:b8:98:58:9a:13: - 71:38:65:b0:62:f2:30:dc:e7:bd:10:7a:95:ad:e2:43:30:f0: - 0e:83:d5:1b:12:71:33:0f:f2:05:e4:35:18:78:bc:1b:e2:95: - 11:c9:40:48:35:c4:8f:e1:3b:43:1a:b8:39:9b:72:b3:d8:dc: - 0c:39:f5:8b:1a:e7:90:12:34:ce:9c:0f:63:46:26:42:3d:c8: - 90:e7:90:8e:c3:db:0a:eb:59:51:21:7e:3d:af:40:a6:e3:d9: - 4c:ad:bb:6b:b9:bf:f2:c9:08:ec:91:c9:f2:c5:13:a1:e4:1a: - a5:53:6e:6d:72:61:f5:7b:94:b8:3e:bc:11:83:ca:51:88:92: - aa:5f:85:1c:ca:80:86:01:34:8e:df:4b:f0:0c:a3:64:20:12: - 19:34:4c:95 + a4:c4:55:e9:b6:8f:09:b4:34:ea:22:6c:32:71:97:fb:c4:93: + ce:d3:f3:28:f0:16:f6:3f:6e:6f:ff:3f:03:f6:d4:51:d5:a5: + 1a:4f:b1:91:e4:49:7e:e1:d0:5b:30:1c:e9:3b:36:5e:48:97: + 1a:5c:f5:2f:3a:b3:51:cb:b7:db:fa:f2:a2:e7:45:ab:1a:23: + 70:ce:15:8e:9c:2c:6e:21:c9:03:ad:94:92:f3:20:d3:dd:43: + 13:91:58:20:b9:a1:e1:83:86:bd:e8:46:e3:74:2a:c8:26:c2: + 3a:16:98:cd:d4:b1:82:75:4f:3e:02:87:56:5f:af:5e:b4:e1: + 2d:05:c2:f0:2b:bc:5a:1f:dc:3c:05:03:0a:c5:29:b5:1d:94: + 69:dd:af:d5:46:c3:69:bc:b8:1c:40:08:39:8f:76:29:5d:a2: + 4b:fa:1f:2f:68:a3:88:64:80:e8:7a:1d:74:2e:29:02:e2:57: + 94:57:dd:c8:1d:03:67:46:84:c1:2a:be:ef:05:f7:47:da:02: + 01:1e:10:f2:14:02:7f:66:d2:a9:a6:e4:28:59:fd:fc:ea:25: + f5:7f:eb:f6:7a:4e:ed:74:66:54:62:db:db:30:9b:cd:c4:c6: + 74:89:69:13:ed:32:8d:92:c7:a2:48:e4:2b:42:89:1f:31:6e: + f3:44:9f:f8 -----BEGIN CERTIFICATE----- -MIIGfjCCBWagAwIBAgIQEqPEyx0Xp1InZ816MMndSTANBgkqhkiG9w0BAQUFADCB -jjELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNDAyBgNV -BAMTK0NPTU9ETyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0Ew -HhcNMTEwNjIyMDAwMDAwWhcNMTMwNjIxMjM1OTU5WjCCAX4xETAPBgNVBAUTCDA0 -MDU4NjkwMRMwEQYLKwYBBAGCNzwCAQMTAkdCMR0wGwYDVQQPExRQcml2YXRlIE9y -Z2FuaXphdGlvbjELMAkGA1UEBhMCR0IxDzANBgNVBBETBk01IDNFUTEbMBkGA1UE -CBMSR3JlYXRlciBNYW5jaGVzdGVyMREwDwYDVQQHEwhTYWxmb3JkLDEmMCQGA1UE -CRMdRXhjaGFuZ2UgUXVheSwgIFRyYWZmb3JkIFJvYWQxGzAZBgNVBAkTEjI2IE9m -ZmljZSBWaWxsYWdlLDETMBEGA1UECRMKM3JkIEZsb29yLDEWMBQGA1UEChMNQ29t -b2RvIENBIEx0ZDEaMBgGA1UECxMRQ29tb2RvIEVWIFNHQyBTU0wxJDAiBgNVBAsT -G0hvc3RlZCBieSBDb21vZG8gR3JvdXAgSW5jLjEaMBgGA1UECxMRQ29tb2RvIEVW -IFNHQyBTU0wxFzAVBgNVBAMTDnd3dy5jb21vZG8uY29tMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEAp63/X9B9HZd499r4d9qG0hHsg7FL/Y118kScGNvV -+so+F4yjIzbpA30Eby/iwPh0I7b2R6WwkbR4SWSREHEZY0ydGZAdHriSz5OfX/ZT -22i1BymigpI6zcCkAiqHwzg25YZt5te9c5dkuKcenaBYEUJzXn4eXpaiDRu5Vla9 -Ks5St7Ki6BvXdfcygFi0BJaut771tXvfRpQo8TaA0fJ4ZVXYbfqL9h1pWqO6QEHy -F6Bcm4FqVuQCfwxjQIyyJtgW81X4oQDbcWCVs332sRypHXaQQXIeESqDFpjgo2Fp -qDlKpx4U3rQHn1lT42+IYSsdIsSSv7plI+7odvMyQLDwxwIDAQABo4IB4zCCAd8w -HwYDVR0jBBgwFoAUiERR/1AqaV4tiPQhutkM8s7L6nwwHQYDVR0OBBYEFLLg60rn -xhwnClRPxACq4WosFJHDMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMDQG -A1UdJQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJYIZIAYb4 -QgQBMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQUBMCswKQYIKwYBBQUHAgEWHWh0 -dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMFMGA1UdHwRMMEowSKBGoESGQmh0 -dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET0V4dGVuZGVkVmFsaWRhdGlvblNl -Y3VyZVNlcnZlckNBLmNybDCBhAYIKwYBBQUHAQEEeDB2ME4GCCsGAQUFBzAChkJo -dHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9FeHRlbmRlZFZhbGlkYXRpb25T -ZWN1cmVTZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9k -b2NhLmNvbTAlBgNVHREEHjAcgg53d3cuY29tb2RvLmNvbYIKY29tb2RvLmNvbTAN -BgkqhkiG9w0BAQUFAAOCAQEAxjXWmGGakc/WAh6Dkgqs66c4V+5p8To11f6OArhv -7vkZR0aFV38MvEvq+7N7EIfnV3qK8XKa9t3lbZHikhLEH3YTK31OuKOtZwroNQCr -dqhIy50CYroBLEzJjXtlyHLTw8EdbVBy9LiYWJoTcThlsGLyMNznvRB6la3iQzDw -DoPVGxJxMw/yBeQ1GHi8G+KVEclASDXEj+E7Qxq4OZtys9jcDDn1ixrnkBI0zpwP -Y0YmQj3IkOeQjsPbCutZUSF+Pa9ApuPZTK27a7m/8skI7JHJ8sUToeQapVNubXJh -9XuUuD68EYPKUYiSql+FHMqAhgE0jt9L8AyjZCASGTRMlQ== +MIIGVDCCBTygAwIBAgIRAPeLE7lG/JY12KtJ3p0hSCEwDQYJKoZIhvcNAQEFBQAw +gY4xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO +BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTQwMgYD +VQQDEytDT01PRE8gRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB +MB4XDTEzMDUyOTAwMDAwMFoXDTE1MDYyMDIzNTk1OVowggFTMQwwCgYDVQQFEwMt +bmExEzARBgsrBgEEAYI3PAIBAxMCR0IxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5p +emF0aW9uMQswCQYDVQQGEwJHQjEPMA0GA1UEERMGTTUgM0VRMRswGQYDVQQIExJH +cmVhdGVyIE1hbmNoZXN0ZXIxETAPBgNVBAcTCFNhbGZvcmQsMSYwJAYDVQQJEx1F +eGNoYW5nZSBRdWF5LCAgVHJhZmZvcmQgUm9hZDEbMBkGA1UECRMSMjYgT2ZmaWNl +IFZpbGxhZ2UsMRMwEQYDVQQJEwozcmQgRmxvb3IsMRYwFAYDVQQKEw1Db21vZG8g +Q0EgTHRkMRowGAYDVQQLExFDb21vZG8gRVYgU0dDIFNTTDEaMBgGA1UECxMRQ09N +T0RPIEVWIFNHQyBTU0wxFzAVBgNVBAMTDnd3dy5jb21vZG8uY29tMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp63/X9B9HZd499r4d9qG0hHsg7FL/Y11 +8kScGNvV+so+F4yjIzbpA30Eby/iwPh0I7b2R6WwkbR4SWSREHEZY0ydGZAdHriS +z5OfX/ZT22i1BymigpI6zcCkAiqHwzg25YZt5te9c5dkuKcenaBYEUJzXn4eXpai +DRu5Vla9Ks5St7Ki6BvXdfcygFi0BJaut771tXvfRpQo8TaA0fJ4ZVXYbfqL9h1p +WqO6QEHyF6Bcm4FqVuQCfwxjQIyyJtgW81X4oQDbcWCVs332sRypHXaQQXIeESqD +Fpjgo2FpqDlKpx4U3rQHn1lT42+IYSsdIsSSv7plI+7odvMyQLDwxwIDAQABo4IB +4zCCAd8wHwYDVR0jBBgwFoAUiERR/1AqaV4tiPQhutkM8s7L6nwwHQYDVR0OBBYE +FLLg60rnxhwnClRPxACq4WosFJHDMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E +AjAAMDQGA1UdJQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJ +YIZIAYb4QgQBMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQUBMCswKQYIKwYBBQUH +AgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMFMGA1UdHwRMMEowSKBG +oESGQmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET0V4dGVuZGVkVmFsaWRh +dGlvblNlY3VyZVNlcnZlckNBLmNybDCBhAYIKwYBBQUHAQEEeDB2ME4GCCsGAQUF +BzAChkJodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9FeHRlbmRlZFZhbGlk +YXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw +LmNvbW9kb2NhLmNvbTAlBgNVHREEHjAcgg53d3cuY29tb2RvLmNvbYIKY29tb2Rv +LmNvbTANBgkqhkiG9w0BAQUFAAOCAQEApMRV6baPCbQ06iJsMnGX+8STztPzKPAW +9j9ub/8/A/bUUdWlGk+xkeRJfuHQWzAc6Ts2XkiXGlz1LzqzUcu32/ryoudFqxoj +cM4VjpwsbiHJA62UkvMg091DE5FYILmh4YOGvehG43QqyCbCOhaYzdSxgnVPPgKH +Vl+vXrThLQXC8Cu8Wh/cPAUDCsUptR2Uad2v1UbDaby4HEAIOY92KV2iS/ofL2ij +iGSA6HoddC4pAuJXlFfdyB0DZ0aEwSq+7wX3R9oCAR4Q8hQCf2bSqabkKFn9/Ool +9X/r9npO7XRmVGLb2zCbzcTGdIlpE+0yjZLHokjkK0KJHzFu80Sf+A== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 11:a3:b4:d0:ec:8d:b7:7f:9d:a0:cd:5d:2d:51:2f:42 - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha1WithRSAEncryption Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority Validity Not Before: May 24 00:00:00 2010 GMT @@ -123,8 +124,8 @@ Certificate: Subject: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Extended Validation Secure Server CA Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): + Public-Key: (2048 bit) + Modulus: 00:cc:4a:96:33:cd:25:8d:67:ee:28:96:37:87:46: f0:f6:04:a2:84:7f:53:aa:96:e6:1f:b1:02:1c:6e: ed:7d:21:d4:d7:3c:1e:a2:d8:69:2f:a8:b7:f5:a2: @@ -159,28 +160,30 @@ Certificate: CPS: https://secure.comodo.com/CPS X509v3 CRL Distribution Points: - URI:http://crl.comodoca.com/COMODOCertificationAuthority.crl + + Full Name: + URI:http://crl.comodoca.com/COMODOCertificationAuthority.crl Authority Information Access: CA Issuers - URI:http://crt.comodoca.com/COMODOAddTrustServerCA.crt OCSP - URI:http://ocsp.comodoca.com Signature Algorithm: sha1WithRSAEncryption - 9a:43:bf:af:a4:72:5e:cd:7d:6f:7f:f4:fc:3d:8c:bb:70:e6: - 1e:dd:04:fd:3f:dc:9d:9f:bf:89:76:9b:f2:86:31:fc:7f:b3: - ed:2a:91:53:2c:e2:aa:b0:e3:c8:2c:71:f7:15:8a:23:1c:f1: - 69:2e:81:fb:b1:bc:62:0b:ab:1a:54:1c:d9:22:5e:34:4c:a5: - f6:23:0f:5d:7a:3d:db:43:cd:69:7e:17:37:52:cd:53:a1:c2: - 11:d4:53:78:27:64:d5:89:41:4d:16:55:bb:90:cb:f0:d8:e4: - dd:dd:d3:09:64:48:28:ff:32:23:84:2f:8c:7b:55:2f:cf:29: - 88:37:34:78:0f:33:aa:ff:b7:f2:96:a4:9b:44:80:b5:be:6c: - 56:54:ab:a4:81:9e:25:18:28:54:3a:7f:2c:63:cf:59:20:8c: - 18:6b:38:2c:b4:dd:ed:e3:40:de:0c:36:25:57:9a:c0:d1:60: - 9e:5e:03:68:97:ae:1a:3b:ea:45:d7:51:99:49:ee:44:59:56: - 0b:5e:b1:8f:68:ea:8a:9e:ca:d2:c9:a0:03:7e:70:25:f4:32: - c9:4e:50:83:87:a2:34:48:3d:4f:35:77:fc:d8:88:ea:f6:7d: - 1e:ce:43:b6:d5:c2:6a:7e:38:66:63:4d:e7:ee:32:ef:0f:24: - e8:2a:67:fa + 9a:43:bf:af:a4:72:5e:cd:7d:6f:7f:f4:fc:3d:8c:bb:70:e6: + 1e:dd:04:fd:3f:dc:9d:9f:bf:89:76:9b:f2:86:31:fc:7f:b3: + ed:2a:91:53:2c:e2:aa:b0:e3:c8:2c:71:f7:15:8a:23:1c:f1: + 69:2e:81:fb:b1:bc:62:0b:ab:1a:54:1c:d9:22:5e:34:4c:a5: + f6:23:0f:5d:7a:3d:db:43:cd:69:7e:17:37:52:cd:53:a1:c2: + 11:d4:53:78:27:64:d5:89:41:4d:16:55:bb:90:cb:f0:d8:e4: + dd:dd:d3:09:64:48:28:ff:32:23:84:2f:8c:7b:55:2f:cf:29: + 88:37:34:78:0f:33:aa:ff:b7:f2:96:a4:9b:44:80:b5:be:6c: + 56:54:ab:a4:81:9e:25:18:28:54:3a:7f:2c:63:cf:59:20:8c: + 18:6b:38:2c:b4:dd:ed:e3:40:de:0c:36:25:57:9a:c0:d1:60: + 9e:5e:03:68:97:ae:1a:3b:ea:45:d7:51:99:49:ee:44:59:56: + 0b:5e:b1:8f:68:ea:8a:9e:ca:d2:c9:a0:03:7e:70:25:f4:32: + c9:4e:50:83:87:a2:34:48:3d:4f:35:77:fc:d8:88:ea:f6:7d: + 1e:ce:43:b6:d5:c2:6a:7e:38:66:63:4d:e7:ee:32:ef:0f:24: + e8:2a:67:fa -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIQEaO00OyNt3+doM1dLVEvQjANBgkqhkiG9w0BAQUFADCB gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G @@ -215,7 +218,7 @@ Certificate: Version: 3 (0x2) Serial Number: 6f:25:dc:15:af:df:5e:a3:08:56:0c:3b:7a:4f:c7:f8 - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha1WithRSAEncryption Issuer: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root Validity Not Before: May 30 10:48:38 2000 GMT @@ -223,8 +226,8 @@ Certificate: Subject: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): + Public-Key: (2048 bit) + Modulus: 00:d0:40:8b:8b:72:e3:91:1b:f7:51:c1:1b:54:04: 98:d3:a9:bf:c1:e6:8a:5d:3b:87:fb:bb:88:ce:0d: e3:2f:3f:06:96:f0:a2:29:50:99:ae:db:3b:a1:57: @@ -258,7 +261,9 @@ Certificate: Policy: X509v3 Any Policy X509v3 CRL Distribution Points: - URI:http://crl.usertrust.com/AddTrustExternalCARoot.crl + + Full Name: + URI:http://crl.usertrust.com/AddTrustExternalCARoot.crl Authority Information Access: CA Issuers - URI:http://crt.usertrust.com/AddTrustExternalCARoot.p7c @@ -266,21 +271,21 @@ Certificate: OCSP - URI:http://ocsp.usertrust.com Signature Algorithm: sha1WithRSAEncryption - 07:60:93:99:aa:ce:d0:d3:47:d0:37:33:de:3f:64:b7:e5:2e: - a3:25:0c:d5:33:1d:0d:8d:ab:f6:7e:46:7b:59:06:92:e3:82: - c4:e7:f5:f6:f3:d9:05:cf:49:34:2d:37:5f:f4:25:c7:f0:fb: - 6b:23:77:f1:f1:40:d7:4c:bb:49:45:31:dd:00:28:67:b7:29: - 4c:75:a8:1f:79:31:c9:36:37:0f:ca:35:4f:8c:f1:7e:de:fc: - 46:ab:bf:68:9b:70:23:30:2e:b7:c5:5c:7b:8a:fb:18:13:79: - 4b:92:42:8c:dc:2c:ab:6c:22:b7:28:53:b3:1a:4a:ce:1b:fb: - 28:0e:b7:3a:a4:da:0d:f7:40:32:4f:df:6f:bb:01:50:fc:87: - d3:76:d9:fc:fb:b6:84:03:ca:c9:36:18:f7:dd:6c:db:bb:ba: - 81:1c:a6:ad:fe:28:f9:cf:b9:a2:71:5d:19:05:ea:4a:46:dc: - 73:41:ef:89:94:42:b1:43:88:6f:35:17:af:1e:60:83:ac:7a: - 8c:10:7b:9f:c9:f6:83:6d:9e:fa:88:ee:3e:dd:ee:9e:b0:bf: - e0:6a:b9:d0:9f:07:b2:09:13:9a:f5:a4:e5:c8:5b:79:a7:47: - 35:33:68:e5:55:9e:aa:5b:cb:30:0b:9d:c7:0f:bf:68:44:81: - 97:8b:51:4a + 07:60:93:99:aa:ce:d0:d3:47:d0:37:33:de:3f:64:b7:e5:2e: + a3:25:0c:d5:33:1d:0d:8d:ab:f6:7e:46:7b:59:06:92:e3:82: + c4:e7:f5:f6:f3:d9:05:cf:49:34:2d:37:5f:f4:25:c7:f0:fb: + 6b:23:77:f1:f1:40:d7:4c:bb:49:45:31:dd:00:28:67:b7:29: + 4c:75:a8:1f:79:31:c9:36:37:0f:ca:35:4f:8c:f1:7e:de:fc: + 46:ab:bf:68:9b:70:23:30:2e:b7:c5:5c:7b:8a:fb:18:13:79: + 4b:92:42:8c:dc:2c:ab:6c:22:b7:28:53:b3:1a:4a:ce:1b:fb: + 28:0e:b7:3a:a4:da:0d:f7:40:32:4f:df:6f:bb:01:50:fc:87: + d3:76:d9:fc:fb:b6:84:03:ca:c9:36:18:f7:dd:6c:db:bb:ba: + 81:1c:a6:ad:fe:28:f9:cf:b9:a2:71:5d:19:05:ea:4a:46:dc: + 73:41:ef:89:94:42:b1:43:88:6f:35:17:af:1e:60:83:ac:7a: + 8c:10:7b:9f:c9:f6:83:6d:9e:fa:88:ee:3e:dd:ee:9e:b0:bf: + e0:6a:b9:d0:9f:07:b2:09:13:9a:f5:a4:e5:c8:5b:79:a7:47: + 35:33:68:e5:55:9e:aa:5b:cb:30:0b:9d:c7:0f:bf:68:44:81: + 97:8b:51:4a -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIQbyXcFa/fXqMIVgw7ek/H+DANBgkqhkiG9w0BAQUFADBv MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk diff --git a/net/data/ssl/certificates/cross-signed-leaf.pem b/net/data/ssl/certificates/cross-signed-leaf.pem new file mode 100644 index 0000000..5d708f8 --- /dev/null +++ b/net/data/ssl/certificates/cross-signed-leaf.pem @@ -0,0 +1,82 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 236 (0xec) + Signature Algorithm: sha1WithRSAEncryption + Issuer: CN=Test Root CA + Validity + Not Before: Jun 28 00:12:46 2013 GMT + Not After : Jun 26 00:12:46 2023 GMT + Subject: C=US, ST=California, L=Mountain View, O=Test CA, CN=127.0.0.1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:cc:2a:6b:e1:75:e1:1b:b3:30:24:17:d2:bb:6e: + 5e:d9:68:ff:b6:35:e5:6d:6e:46:77:0b:91:5a:89: + 96:1e:dc:f6:95:a7:fb:37:c2:10:ee:92:71:23:35: + 65:e5:a3:77:44:5f:f6:43:6f:80:ff:b9:fd:25:c6: + f4:61:9f:42:f3:0a:0a:6a:bf:79:16:69:64:db:7a: + d9:7d:07:ca:7d:31:97:5e:0a:e9:62:ce:3b:91:91: + 3d:c0:95:f2:8e:56:94:f0:12:fe:11:f5:e2:e4:40: + 90:cd:55:21:53:1f:bb:90:3c:fb:24:8e:b9:50:5c: + 17:53:34:23:e5:0f:e6:ac:e1:44:7e:4d:54:4b:bb: + 03:94:da:6e:9f:50:51:2a:d6:75:50:75:d1:50:01: + 45:e9:24:74:3a:59:01:a0:64:a5:7d:91:99:7b:ea: + 94:27:05:21:6b:1f:86:44:60:be:e4:66:5a:75:8f: + dd:ac:f1:16:a8:56:ea:fc:64:4a:17:61:f4:6c:92: + bc:b0:ff:a4:6c:67:19:ce:02:60:ef:ee:95:60:bc: + c6:47:25:a0:3a:ad:07:91:d4:74:35:f4:8f:ef:f9: + b5:00:6b:26:48:0e:ab:25:f9:e8:09:ce:55:31:b5: + 5f:bb:3b:15:43:a2:4e:65:19:bd:44:3a:5f:dc:8b: + a5:8b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Subject Key Identifier: + E2:4A:5F:2A:EF:4C:76:8B:E7:E8:68:C8:0D:2B:D1:62:64:B6:1E:4F + X509v3 Authority Key Identifier: + keyid:48:D7:06:DC:B7:D3:0C:D6:3A:F3:A3:7F:12:D4:44:4D:BC:0B:9A:E7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Subject Alternative Name: + IP Address:127.0.0.1 + Signature Algorithm: sha1WithRSAEncryption + 97:67:c6:3d:c4:9f:97:4e:b6:06:a4:e0:d5:56:16:f0:41:c9: + a1:38:6c:c6:9d:ae:09:0a:ab:5b:63:3b:24:cd:4c:94:8d:69: + 2e:f2:98:64:05:a4:e8:60:12:31:d8:db:d1:7e:83:c6:11:9d: + a4:7b:08:ba:3b:b9:34:9b:46:93:2c:01:7b:a3:5d:2d:ef:a6: + 32:29:9b:15:a0:f5:19:91:1b:21:b3:f6:4d:f2:1d:36:85:59: + 99:50:70:92:4f:e6:df:ea:dd:d1:f1:c6:fe:ad:81:82:ce:c4: + d0:25:b7:60:14:4c:6b:4d:0c:69:c6:e2:7a:cb:92:a1:59:69: + 37:47:81:e8:d2:02:fa:0b:22:4d:18:0f:32:7c:68:07:b4:67: + f9:36:db:f6:a0:77:da:68:a8:0b:7e:65:22:d7:0b:fd:65:11: + b4:8f:a9:b7:20:50:81:b0:d7:71:cc:76:11:5b:28:9d:7d:98: + 21:c7:1f:d5:a1:d6:a6:12:ce:c7:90:5d:a0:22:03:3e:e3:aa: + 17:a5:cd:bb:f4:2e:d9:e5:61:de:24:f6:3d:8f:9f:4e:97:02: + 61:91:0e:28:a2:02:ff:a9:7b:52:c2:33:26:a3:26:7d:c2:43: + e3:91:36:c9:55:e1:b8:12:c2:39:fe:5e:28:69:ea:13:f9:be: + 2a:72:0d:70 +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgICAOwwDQYJKoZIhvcNAQEFBQAwFzEVMBMGA1UEAwwMVGVz +dCBSb290IENBMB4XDTEzMDYyODAwMTI0NloXDTIzMDYyNjAwMTI0NlowYDELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWlu +IFZpZXcxEDAOBgNVBAoMB1Rlc3QgQ0ExEjAQBgNVBAMMCTEyNy4wLjAuMTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwqa+F14RuzMCQX0rtuXtlo/7Y1 +5W1uRncLkVqJlh7c9pWn+zfCEO6ScSM1ZeWjd0Rf9kNvgP+5/SXG9GGfQvMKCmq/ +eRZpZNt62X0Hyn0xl14K6WLOO5GRPcCV8o5WlPAS/hH14uRAkM1VIVMfu5A8+ySO +uVBcF1M0I+UP5qzhRH5NVEu7A5Tabp9QUSrWdVB10VABRekkdDpZAaBkpX2RmXvq +lCcFIWsfhkRgvuRmWnWP3azxFqhW6vxkShdh9GySvLD/pGxnGc4CYO/ulWC8xkcl +oDqtB5HUdDX0j+/5tQBrJkgOqyX56AnOVTG1X7s7FUOiTmUZvUQ6X9yLpYsCAwEA +AaOBgDB+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOJKXyrvTHaL5+hoyA0r0WJk +th5PMB8GA1UdIwQYMBaAFEjXBty30wzWOvOjfxLURE28C5rnMB0GA1UdJQQWMBQG +CCsGAQUFBwMBBggrBgEFBQcDAjAPBgNVHREECDAGhwR/AAABMA0GCSqGSIb3DQEB +BQUAA4IBAQCXZ8Y9xJ+XTrYGpODVVhbwQcmhOGzGna4JCqtbYzskzUyUjWku8phk +BaToYBIx2NvRfoPGEZ2kewi6O7k0m0aTLAF7o10t76YyKZsVoPUZkRshs/ZN8h02 +hVmZUHCST+bf6t3R8cb+rYGCzsTQJbdgFExrTQxpxuJ6y5KhWWk3R4Ho0gL6CyJN +GA8yfGgHtGf5Ntv2oHfaaKgLfmUi1wv9ZRG0j6m3IFCBsNdxzHYRWyidfZghxx/V +odamEs7HkF2gIgM+46oXpc279C7Z5WHeJPY9j59OlwJhkQ4oogL/qXtSwjMmoyZ9 +wkPjkTbJVeG4EsI5/l4oaeoT+b4qcg1w +-----END CERTIFICATE----- diff --git a/net/data/ssl/certificates/cross-signed-root-md5.pem b/net/data/ssl/certificates/cross-signed-root-md5.pem new file mode 100644 index 0000000..f66f0e7 --- /dev/null +++ b/net/data/ssl/certificates/cross-signed-root-md5.pem @@ -0,0 +1,74 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 13629438167319141160 (0xbd257dcd23355b28) + Signature Algorithm: md5WithRSAEncryption + Issuer: CN=Test Root CA + Validity + Not Before: Jun 28 00:12:46 2013 GMT + Not After : Jun 26 00:12:46 2023 GMT + Subject: CN=Test Root CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:cf:54:79:c5:64:b3:a9:90:4f:9f:65:9a:8b:4e: + f1:70:be:71:04:da:98:e0:c6:0e:93:fe:d5:5d:31: + 66:2f:13:61:65:0e:67:b0:6e:e9:ce:71:d5:03:57: + b4:a3:34:0c:7d:c1:50:1d:34:54:9b:92:61:94:4e: + bc:9e:ad:a7:af:ff:c3:30:42:00:f8:a8:aa:23:28: + b5:23:e2:58:7c:af:98:ed:22:bb:c2:38:fb:6f:bf: + de:da:41:49:23:e0:ed:7f:04:4b:35:ba:4f:99:bf: + b4:c1:9d:dc:91:f6:77:b3:b5:01:ea:a3:1e:bf:24: + 15:27:c3:35:70:10:bf:ca:7f:a0:69:9b:3f:11:a9: + 2c:70:b7:f0:e1:bb:77:c1:7b:92:b9:44:08:fd:0d: + 31:58:4f:33:dc:03:6d:41:32:4f:bb:a1:cb:55:bc: + c3:f9:70:0a:f8:b8:c8:86:52:86:ca:5d:c1:8f:71: + 7b:b6:e2:c8:18:a3:4e:ed:33:21:4d:89:ce:e3:e6: + 4c:28:19:4f:53:84:f4:2b:a7:01:6c:bb:57:fb:6b: + f6:bf:08:2a:fe:e4:a6:36:12:c6:78:c7:b2:56:0d: + 03:27:e5:4c:86:cc:43:dd:49:01:78:35:f8:1d:e4: + f1:2e:5c:14:51:51:8b:2c:b4:8a:7a:67:57:8d:2d: + 3f:f5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 48:D7:06:DC:B7:D3:0C:D6:3A:F3:A3:7F:12:D4:44:4D:BC:0B:9A:E7 + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + Signature Algorithm: md5WithRSAEncryption + 3e:87:a1:f1:b2:e3:70:2b:6c:9d:6b:a7:18:34:4c:69:29:cc: + 63:b1:c7:5c:4a:d1:4f:0c:97:db:e6:1b:92:16:d2:ac:f4:ae: + 7a:68:50:5f:06:c2:18:70:62:a5:7d:ee:35:d8:2c:8c:42:8d: + d9:64:32:6d:88:d7:f9:62:56:b7:c6:d9:ae:ed:e1:a9:8f:e4: + 4f:97:fc:d8:21:fb:9b:86:eb:79:5b:93:c5:c1:51:ba:2c:48: + 36:83:e0:96:ab:10:9e:8c:1b:23:84:a5:2d:81:28:c0:8e:31: + 91:99:9a:3a:31:8d:c0:c4:3b:92:60:0c:ea:b1:a2:37:62:88: + 70:fc:9a:7b:2e:3c:a5:58:f7:d1:43:f4:e3:57:ea:1d:5e:1d: + 98:69:62:d9:1e:25:45:08:92:05:15:51:5b:85:97:23:66:06: + 45:2a:81:6b:7a:c9:d8:c6:46:14:cf:6e:85:c6:32:55:e5:4b: + b3:f2:e9:ca:a1:c7:1d:e0:c4:a3:d2:c2:39:2a:a8:88:d2:d1: + 46:5c:78:10:c2:c4:fb:84:d9:0b:cd:17:54:fb:64:74:91:b7: + ca:51:ce:f7:5b:f4:3d:e5:75:60:5b:ed:6a:6f:69:f1:fb:b0: + e6:1e:08:09:51:0b:7b:8b:ab:20:ba:33:b7:c1:d8:f2:c7:2c: + 8f:2b:05:55 +-----BEGIN CERTIFICATE----- +MIIC8zCCAdugAwIBAgIJAL0lfc0jNVsoMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNV +BAMMDFRlc3QgUm9vdCBDQTAeFw0xMzA2MjgwMDEyNDZaFw0yMzA2MjYwMDEyNDZa +MBcxFTATBgNVBAMMDFRlc3QgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAM9UecVks6mQT59lmotO8XC+cQTamODGDpP+1V0xZi8TYWUOZ7Bu +6c5x1QNXtKM0DH3BUB00VJuSYZROvJ6tp6//wzBCAPioqiMotSPiWHyvmO0iu8I4 ++2+/3tpBSSPg7X8ESzW6T5m/tMGd3JH2d7O1AeqjHr8kFSfDNXAQv8p/oGmbPxGp +LHC38OG7d8F7krlECP0NMVhPM9wDbUEyT7uhy1W8w/lwCvi4yIZShspdwY9xe7bi +yBijTu0zIU2JzuPmTCgZT1OE9CunAWy7V/tr9r8IKv7kpjYSxnjHslYNAyflTIbM +Q91JAXg1+B3k8S5cFFFRiyy0inpnV40tP/UCAwEAAaNCMEAwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUSNcG3LfTDNY686N/EtRETbwLmucwDgYDVR0PAQH/BAQD +AgEGMA0GCSqGSIb3DQEBBAUAA4IBAQA+h6HxsuNwK2yda6cYNExpKcxjscdcStFP +DJfb5huSFtKs9K56aFBfBsIYcGKlfe412CyMQo3ZZDJtiNf5Yla3xtmu7eGpj+RP +l/zYIfubhut5W5PFwVG6LEg2g+CWqxCejBsjhKUtgSjAjjGRmZo6MY3AxDuSYAzq +saI3Yohw/Jp7LjylWPfRQ/TjV+odXh2YaWLZHiVFCJIFFVFbhZcjZgZFKoFresnY +xkYUz26FxjJV5Uuz8unKoccd4MSj0sI5KqiI0tFGXHgQwsT7hNkLzRdU+2R0kbfK +Uc73W/Q95XVgW+1qb2nx+7DmHggJUQt7i6sgujO3wdjyxyyPKwVV +-----END CERTIFICATE----- diff --git a/net/data/ssl/certificates/cross-signed-root-sha1.pem b/net/data/ssl/certificates/cross-signed-root-sha1.pem new file mode 100644 index 0000000..7c7cce1 --- /dev/null +++ b/net/data/ssl/certificates/cross-signed-root-sha1.pem @@ -0,0 +1,74 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 18221780775539835148 (0xfce0c5127d18010c) + Signature Algorithm: sha1WithRSAEncryption + Issuer: CN=Test Root CA + Validity + Not Before: Jun 28 00:12:46 2013 GMT + Not After : Jun 26 00:12:46 2023 GMT + Subject: CN=Test Root CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:cf:54:79:c5:64:b3:a9:90:4f:9f:65:9a:8b:4e: + f1:70:be:71:04:da:98:e0:c6:0e:93:fe:d5:5d:31: + 66:2f:13:61:65:0e:67:b0:6e:e9:ce:71:d5:03:57: + b4:a3:34:0c:7d:c1:50:1d:34:54:9b:92:61:94:4e: + bc:9e:ad:a7:af:ff:c3:30:42:00:f8:a8:aa:23:28: + b5:23:e2:58:7c:af:98:ed:22:bb:c2:38:fb:6f:bf: + de:da:41:49:23:e0:ed:7f:04:4b:35:ba:4f:99:bf: + b4:c1:9d:dc:91:f6:77:b3:b5:01:ea:a3:1e:bf:24: + 15:27:c3:35:70:10:bf:ca:7f:a0:69:9b:3f:11:a9: + 2c:70:b7:f0:e1:bb:77:c1:7b:92:b9:44:08:fd:0d: + 31:58:4f:33:dc:03:6d:41:32:4f:bb:a1:cb:55:bc: + c3:f9:70:0a:f8:b8:c8:86:52:86:ca:5d:c1:8f:71: + 7b:b6:e2:c8:18:a3:4e:ed:33:21:4d:89:ce:e3:e6: + 4c:28:19:4f:53:84:f4:2b:a7:01:6c:bb:57:fb:6b: + f6:bf:08:2a:fe:e4:a6:36:12:c6:78:c7:b2:56:0d: + 03:27:e5:4c:86:cc:43:dd:49:01:78:35:f8:1d:e4: + f1:2e:5c:14:51:51:8b:2c:b4:8a:7a:67:57:8d:2d: + 3f:f5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 48:D7:06:DC:B7:D3:0C:D6:3A:F3:A3:7F:12:D4:44:4D:BC:0B:9A:E7 + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 0d:83:79:c0:6b:7d:9e:fb:6a:a5:02:0b:53:3c:3c:38:ed:1f: + bf:94:69:fc:66:56:19:86:a3:f7:72:5a:86:12:e6:d5:29:d9: + 75:5c:fe:a6:bf:15:05:cb:e1:3c:a1:2a:5c:b4:65:70:ed:1d: + 80:6d:50:8f:a5:d8:e9:22:c2:f5:53:71:6a:c1:15:87:03:11: + 5f:59:29:54:11:e7:c9:17:97:1e:56:46:ba:6e:c8:16:ae:3f: + fd:af:a4:87:39:a2:14:1a:c8:94:bc:c5:b8:40:2e:41:e3:a5: + bb:02:eb:d5:c1:74:b2:94:5c:b6:48:8c:83:57:54:56:aa:e6: + cf:fb:23:4e:48:14:a9:b6:0c:c0:de:8e:67:83:d4:77:51:ee: + 75:4f:6e:d1:7c:5a:5b:3b:61:e0:73:47:0a:da:6f:52:62:34: + db:37:8e:b0:66:1f:69:7e:e9:74:17:97:6d:3a:67:9d:0b:a3: + 24:8b:24:ce:0d:6d:29:30:08:ed:58:43:37:1f:ae:05:3b:e3: + f1:d4:f4:95:ba:3b:d9:07:07:7f:26:6c:70:93:d9:8e:2c:04: + b0:fe:a1:71:6c:0e:dd:a6:d0:73:59:a8:e0:a0:60:a6:02:cd: + fc:ca:ca:da:7e:67:c1:4a:93:a6:57:3b:a5:2c:e0:f2:d8:58: + a7:5d:ab:4b +-----BEGIN CERTIFICATE----- +MIIC8zCCAdugAwIBAgIJAPzgxRJ9GAEMMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV +BAMMDFRlc3QgUm9vdCBDQTAeFw0xMzA2MjgwMDEyNDZaFw0yMzA2MjYwMDEyNDZa +MBcxFTATBgNVBAMMDFRlc3QgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAM9UecVks6mQT59lmotO8XC+cQTamODGDpP+1V0xZi8TYWUOZ7Bu +6c5x1QNXtKM0DH3BUB00VJuSYZROvJ6tp6//wzBCAPioqiMotSPiWHyvmO0iu8I4 ++2+/3tpBSSPg7X8ESzW6T5m/tMGd3JH2d7O1AeqjHr8kFSfDNXAQv8p/oGmbPxGp +LHC38OG7d8F7krlECP0NMVhPM9wDbUEyT7uhy1W8w/lwCvi4yIZShspdwY9xe7bi +yBijTu0zIU2JzuPmTCgZT1OE9CunAWy7V/tr9r8IKv7kpjYSxnjHslYNAyflTIbM +Q91JAXg1+B3k8S5cFFFRiyy0inpnV40tP/UCAwEAAaNCMEAwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUSNcG3LfTDNY686N/EtRETbwLmucwDgYDVR0PAQH/BAQD +AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQANg3nAa32e+2qlAgtTPDw47R+/lGn8ZlYZ +hqP3clqGEubVKdl1XP6mvxUFy+E8oSpctGVw7R2AbVCPpdjpIsL1U3FqwRWHAxFf +WSlUEefJF5ceVka6bsgWrj/9r6SHOaIUGsiUvMW4QC5B46W7AuvVwXSylFy2SIyD +V1RWqubP+yNOSBSptgzA3o5ng9R3Ue51T27RfFpbO2Hgc0cK2m9SYjTbN46wZh9p +ful0F5dtOmedC6MkiyTODW0pMAjtWEM3H64FO+Px1PSVujvZBwd/Jmxwk9mOLASw +/qFxbA7dptBzWajgoGCmAs38ysrafmfBSpOmVzulLODy2FinXatL +-----END CERTIFICATE----- diff --git a/net/data/ssl/certificates/globalsign_orgv1_ca.pem b/net/data/ssl/certificates/globalsign_orgv1_ca.pem deleted file mode 100644 index 71b9cd0..0000000 --- a/net/data/ssl/certificates/globalsign_orgv1_ca.pem +++ /dev/null @@ -1,97 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 04:00:00:00:00:01:11:df:e8:6c:66 - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA - Validity - Not Before: Apr 11 12:00:00 2007 GMT - Not After : Jan 27 11:00:00 2014 GMT - Subject: OU=Organization Validation CA, O=GlobalSign, CN=GlobalSign Organization Validation CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:a1:2f:c4:bc:ce:87:03:e9:67:c1:89:c8:e5:93: - fc:7d:b4:ad:9e:f6:63:4e:6a:e8:9c:2c:73:89:a2: - 01:f4:8f:21:f8:fd:25:9d:58:16:6d:86:f6:ee:49: - 57:75:7e:75:ea:22:11:7e:3d:fb:c7:42:41:dc:fc: - c5:0c:91:55:80:7b:eb:64:33:1d:9b:f9:ca:38:e9: - ab:c6:25:43:51:25:40:f4:e4:7e:18:55:6a:a9:8f: - 10:3a:40:1e:d6:57:83:ef:7f:2f:34:2f:2d:d2:f6: - 53:c2:19:0d:b7:ed:c9:81:f5:46:2c:b4:23:42:5e: - 9d:13:03:75:ec:ea:6a:fc:57:7c:c9:36:97:3b:98: - dc:13:13:ec:ec:41:fa:5d:34:ea:b9:93:e7:10:16: - 65:cc:9c:92:fd:f5:c5:9d:3e:4a:b9:09:fc:e4:5f: - 1e:69:5f:4d:f4:56:72:44:b1:1d:23:03:c8:36:f6: - 65:88:c8:bf:39:16:45:8e:1e:26:6c:51:16:c5:2a: - 00:38:c5:a4:13:69:95:7d:ab:01:3b:a8:c4:14:b4: - 80:da:ac:1a:44:20:d5:fe:a9:06:7b:14:27:af:e0: - 30:21:dd:90:f4:a9:d5:23:19:2e:1e:03:e6:c1:df: - 95:29:e4:c1:94:43:dd:3e:90:aa:cb:4b:c9:be:8a: - d3:39 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:0 - X509v3 Subject Key Identifier: - 7D:6D:2A:EC:66:AB:A7:51:36:AB:02:69:F1:70:8F:C4:59:0B:9A:1F - X509v3 Certificate Policies: - Policy: 1.3.6.1.4.1.4146.1.20 - CPS: http://www.globalsign.net/repository/ - - X509v3 CRL Distribution Points: - URI:http://crl.globalsign.net/root.crl - - Netscape Cert Type: - SSL CA - X509v3 Extended Key Usage: - Microsoft Server Gated Crypto, Netscape Server Gated Crypto - X509v3 Authority Key Identifier: - keyid:60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B - - Signature Algorithm: sha1WithRSAEncryption - 37:a8:8f:36:79:00:3c:18:e8:1a:c5:f2:7b:22:28:6b:bf:19: - 8f:17:9a:ed:a6:c4:d6:a1:d6:63:2d:7b:fb:04:5b:28:da:cc: - f9:b6:ee:02:54:19:de:6c:91:f2:61:0d:fd:7f:28:20:cc:8f: - 36:d1:61:87:a0:59:49:aa:07:96:de:f9:b3:2c:f9:b5:ee:15: - 29:33:cd:b4:13:9d:c7:90:ce:4d:7c:f2:5a:11:87:7b:fa:d4: - 8d:d1:2f:55:99:1a:5f:ef:16:08:b1:3d:d2:3d:1e:cb:b5:f0: - 57:97:52:3a:12:63:62:b6:f2:bc:cd:e2:a6:9c:17:ce:28:e0: - c6:0f:5a:ec:bf:70:bd:5a:e7:54:be:f1:cf:c6:3d:9f:5f:7a: - da:b7:2e:65:ea:c2:d3:e9:c7:ba:be:4d:cb:da:33:ae:55:9d: - ae:14:f6:32:08:62:e1:89:e4:34:2a:75:3c:2a:05:a9:2b:50: - 38:bb:59:86:a6:84:5a:84:c3:bd:43:ba:9f:1f:15:05:ce:b5: - 77:0d:d4:dd:2f:49:c8:fe:58:95:4b:bc:4e:96:13:00:1e:9c: - b8:27:77:71:1d:c4:61:cb:f4:1e:8c:33:b3:00:67:0d:b7:b2: - ac:8c:3d:3a:dc:38:2f:64:2d:00:81:89:35:d8:e2:b9:31:17: - fe:3a:5f:d1 ------BEGIN CERTIFICATE----- -MIIEZzCCA0+gAwIBAgILBAAAAAABEd/obGYwDQYJKoZIhvcNAQEFBQAwVzELMAkG -A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv -b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0wNzA0MTExMjAw -MDBaFw0xNDAxMjcxMTAwMDBaMGoxIzAhBgNVBAsTGk9yZ2FuaXphdGlvbiBWYWxp -ZGF0aW9uIENBMRMwEQYDVQQKEwpHbG9iYWxTaWduMS4wLAYDVQQDEyVHbG9iYWxT -aWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBMIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEAoS/EvM6HA+lnwYnI5ZP8fbStnvZjTmronCxziaIB9I8h -+P0lnVgWbYb27klXdX516iIRfj37x0JB3PzFDJFVgHvrZDMdm/nKOOmrxiVDUSVA -9OR+GFVqqY8QOkAe1leD738vNC8t0vZTwhkNt+3JgfVGLLQjQl6dEwN17Opq/Fd8 -yTaXO5jcExPs7EH6XTTquZPnEBZlzJyS/fXFnT5KuQn85F8eaV9N9FZyRLEdIwPI -NvZliMi/ORZFjh4mbFEWxSoAOMWkE2mVfasBO6jEFLSA2qwaRCDV/qkGexQnr+Aw -Id2Q9KnVIxkuHgPmwd+VKeTBlEPdPpCqy0vJvorTOQIDAQABo4IBHzCCARswDgYD -VR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFH1tKuxm -q6dRNqsCafFwj8RZC5ofMEsGA1UdIAREMEIwQAYJKwYBBAGgMgEUMDMwMQYIKwYB -BQUHAgEWJWh0dHA6Ly93d3cuZ2xvYmFsc2lnbi5uZXQvcmVwb3NpdG9yeS8wMwYD -VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nbG9iYWxzaWduLm5ldC9yb290LmNy -bDARBglghkgBhvhCAQEEBAMCAgQwIAYDVR0lBBkwFwYKKwYBBAGCNwoDAwYJYIZI -AYb4QgQBMB8GA1UdIwQYMBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMA0GCSqGSIb3 -DQEBBQUAA4IBAQA3qI82eQA8GOgaxfJ7IihrvxmPF5rtpsTWodZjLXv7BFso2sz5 -tu4CVBnebJHyYQ39fyggzI820WGHoFlJqgeW3vmzLPm17hUpM820E53HkM5NfPJa -EYd7+tSN0S9VmRpf7xYIsT3SPR7LtfBXl1I6EmNitvK8zeKmnBfOKODGD1rsv3C9 -WudUvvHPxj2fX3raty5l6sLT6ce6vk3L2jOuVZ2uFPYyCGLhieQ0KnU8KgWpK1A4 -u1mGpoRahMO9Q7qfHxUFzrV3DdTdL0nI/liVS7xOlhMAHpy4J3dxHcRhy/QejDOz -AGcNt7KsjD063DgvZC0AgYk12OK5MRf+Ol/R ------END CERTIFICATE----- diff --git a/net/data/ssl/certificates/globalsign_root_ca_md5.pem b/net/data/ssl/certificates/globalsign_root_ca_md5.pem deleted file mode 100644 index c9e2380..0000000 --- a/net/data/ssl/certificates/globalsign_root_ca_md5.pem +++ /dev/null @@ -1,78 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 02:00:00:00:00:00:d6:78:b7:94:05 - Signature Algorithm: md5WithRSAEncryption - Issuer: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA - Validity - Not Before: Sep 1 12:00:00 1998 GMT - Not After : Jan 28 12:00:00 2014 GMT - Subject: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:da:0e:e6:99:8d:ce:a3:e3:4f:8a:7e:fb:f1:8b: - 83:25:6b:ea:48:1f:f1:2a:b0:b9:95:11:04:bd:f0: - 63:d1:e2:67:66:cf:1c:dd:cf:1b:48:2b:ee:8d:89: - 8e:9a:af:29:80:65:ab:e9:c7:2d:12:cb:ab:1c:4c: - 70:07:a1:3d:0a:30:cd:15:8d:4f:f8:dd:d4:8c:50: - 15:1c:ef:50:ee:c4:2e:f7:fc:e9:52:f2:91:7d:e0: - 6d:d5:35:30:8e:5e:43:73:f2:41:e9:d5:6a:e3:b2: - 89:3a:56:39:38:6f:06:3c:88:69:5b:2a:4d:c5:a7: - 54:b8:6c:89:cc:9b:f9:3c:ca:e5:fd:89:f5:12:3c: - 92:78:96:d6:dc:74:6e:93:44:61:d1:8d:c7:46:b2: - 75:0e:86:e8:19:8a:d5:6d:6c:d5:78:16:95:a2:e9: - c8:0a:38:eb:f2:24:13:4f:73:54:93:13:85:3a:1b: - bc:1e:34:b5:8b:05:8c:b9:77:8b:b1:db:1f:20:91: - ab:09:53:6e:90:ce:7b:37:74:b9:70:47:91:22:51: - 63:16:79:ae:b1:ae:41:26:08:c8:19:2b:d1:46:aa: - 48:d6:64:2a:d7:83:34:ff:2c:2a:c1:6c:19:43:4a: - 07:85:e7:d3:7c:f6:21:68:ef:ea:f2:52:9f:7f:93: - 90:cf - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B - X509v3 Basic Constraints: critical - CA:TRUE - Signature Algorithm: md5WithRSAEncryption - ae:aa:9f:fc:b7:d2:cb:1f:5f:39:29:28:18:9e:34:c9:6c:4f: - 6f:1a:f0:64:a2:70:4a:4f:13:86:9b:60:28:9e:e8:81:49:98: - 7d:0a:bb:e5:b0:9d:3d:36:db:8f:05:51:ff:09:31:2a:1f:dd: - 89:77:9e:0f:2e:6c:95:04:ed:86:cb:b4:00:3f:84:02:4d:80: - 6a:2a:2d:78:0b:ae:6f:2b:a2:83:44:83:1f:cd:50:82:4c:24: - af:bd:f7:a5:b4:c8:5a:0f:f4:e7:47:5e:49:8e:37:96:fe:9a: - 88:05:3a:d9:c0:db:29:87:e6:19:96:47:a7:3a:a6:8c:8b:3c: - 77:fe:46:63:a7:53:da:21:d1:ac:7e:49:a2:4b:e6:c3:67:59: - 2f:b3:8a:0e:bb:2c:bd:a9:aa:42:7c:35:c1:d8:7f:d5:a7:31: - 3a:4e:63:43:39:af:08:b0:61:34:8c:d3:98:a9:43:34:f6:0f: - 87:29:3b:9d:c2:56:58:98:77:c3:f7:1b:ac:f6:9d:f8:3e:aa: - a7:54:45:f0:f5:f9:d5:31:65:fe:6b:58:9c:71:b3:1e:d7:52: - ea:32:17:fc:40:60:1d:c9:79:24:b2:f6:6c:fd:a8:66:0e:82: - dd:98:cb:da:c2:44:4f:2e:a0:7b:f2:f7:6b:2c:76:11:84:46: - 8a:78:a3:e3 ------BEGIN CERTIFICATE----- -MIIDdTCCAl2gAwIBAgILAgAAAAAA1ni3lAUwDQYJKoZIhvcNAQEEBQAwVzELMAkG -A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv -b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw -MDBaFw0xNDAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i -YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT -aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ -jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp -xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp -1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG -snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ -U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 -9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIABjAdBgNVHQ4EFgQU -YHtmGkUNl8qJUC99BM00qP/8/UswDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B -AQQFAAOCAQEArqqf/LfSyx9fOSkoGJ40yWxPbxrwZKJwSk8ThptgKJ7ogUmYfQq7 -5bCdPTbbjwVR/wkxKh/diXeeDy5slQTthsu0AD+EAk2AaioteAuubyuig0SDH81Q -gkwkr733pbTIWg/050deSY43lv6aiAU62cDbKYfmGZZHpzqmjIs8d/5GY6dT2iHR -rH5Jokvmw2dZL7OKDrssvamqQnw1wdh/1acxOk5jQzmvCLBhNIzTmKlDNPYPhyk7 -ncJWWJh3w/cbrPad+D6qp1RF8PX51TFl/mtYnHGzHtdS6jIX/EBgHcl5JLL2bP2o -Zg6C3ZjL2sJETy6ge/L3ayx2EYRGinij4w== ------END CERTIFICATE----- diff --git a/net/data/ssl/certificates/images_etrade_wallst_com.pem b/net/data/ssl/certificates/images_etrade_wallst_com.pem deleted file mode 100644 index c3de704..0000000 --- a/net/data/ssl/certificates/images_etrade_wallst_com.pem +++ /dev/null @@ -1,94 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 01:00:00:00:00:01:29:f1:78:64:fa - Signature Algorithm: sha1WithRSAEncryption - Issuer: OU=Organization Validation CA, O=GlobalSign, CN=GlobalSign Organization Validation CA - Validity - Not Before: Jul 20 19:40:43 2010 GMT - Not After : Jul 20 19:40:39 2012 GMT - Subject: C=US, ST=Colorado, L=Boulder, OU=P3, O=Wall Street On Demand, Inc., CN=images.etrade.wallst.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:f4:4d:15:13:29:29:5f:01:56:18:aa:5e:ff:fc: - ab:ca:6d:36:f1:44:05:5c:b1:86:28:f6:ac:b2:54: - fa:93:94:d1:7a:c2:92:e2:8a:67:08:0e:fb:74:9d: - 0d:5b:ec:86:a4:dc:2b:75:37:c1:77:18:e4:aa:c7: - 9f:a1:76:77:21:ed:ed:5a:d1:07:45:63:35:35:9f: - 50:1c:ea:80:75:9f:d8:a6:ff:07:8d:a7:79:b4:89: - f7:24:ec:2b:d6:d2:37:d1:14:07:4a:79:d4:8e:75: - 95:08:bc:bb:f3:aa:49:b1:71:c0:e5:d8:6b:2e:9c: - c6:75:d4:cb:1b:05:8e:a8:f1 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Authority Key Identifier: - keyid:7D:6D:2A:EC:66:AB:A7:51:36:AB:02:69:F1:70:8F:C4:59:0B:9A:1F - - Authority Information Access: - CA Issuers - URI:http://secure.globalsign.net/cacert/orgv1.crt - - X509v3 CRL Distribution Points: - URI:http://crl.globalsign.net/OrganizationVal1.crl - - X509v3 Subject Key Identifier: - 62:F0:08:B5:F9:A6:F6:0A:8E:59:38:57:17:C5:79:04:B9:C6:B6:7B - X509v3 Basic Constraints: - CA:FALSE - X509v3 Key Usage: critical - Digital Signature, Key Encipherment - X509v3 Extended Key Usage: - TLS Web Server Authentication, TLS Web Client Authentication, Microsoft Server Gated Crypto - X509v3 Certificate Policies: - Policy: 1.3.6.1.4.1.4146.1.20 - CPS: http://www.globalsign.net/repository/ - - Netscape Cert Type: - SSL Client, SSL Server - X509v3 Subject Alternative Name: - DNS:images.etrade.wallst.com - Signature Algorithm: sha1WithRSAEncryption - 03:0b:00:f3:45:94:bf:1a:e1:87:10:c9:a3:47:9f:af:2b:25: - 8c:19:03:1b:45:89:05:1c:3a:d5:ae:06:ac:c4:45:9a:30:90: - ea:85:36:3b:51:b9:c6:ff:65:9f:ce:60:27:44:be:57:56:f5: - 9c:ae:03:e2:f8:a2:65:58:76:15:bb:83:3e:d5:56:99:c8:3c: - 8f:e0:76:15:9d:a4:4b:10:9d:69:7a:a2:cd:98:1f:a9:41:97: - 0c:01:15:c1:dc:69:0c:20:fc:c1:dc:80:51:2e:dc:44:dd:af: - 6d:54:11:78:66:67:b3:2e:e1:4a:0c:ce:76:50:4e:4a:5c:64: - 9c:05:b2:67:9f:c7:ef:06:58:69:95:32:af:8d:d9:ed:8d:81: - 9e:84:15:10:7d:33:69:fe:ff:ec:99:3f:31:c7:5a:06:28:c9: - 26:a6:5e:a8:7e:70:6e:30:11:d6:dc:6a:0c:76:fb:3a:cd:5a: - 86:a8:57:c9:7b:4b:43:c4:90:d9:20:8c:84:5a:cf:fc:d5:0b: - a7:a0:54:49:f3:a9:55:cb:ec:cb:13:ad:d4:29:91:f8:47:df: - b6:63:87:19:c1:5b:0b:70:46:c7:32:a8:b9:0f:4c:a2:3f:39: - 4e:70:c0:f0:42:e5:e3:a1:98:ac:d2:8d:98:89:ac:5e:a1:b9: - df:39:d7:89 ------BEGIN CERTIFICATE----- -MIIEkTCCA3mgAwIBAgILAQAAAAABKfF4ZPowDQYJKoZIhvcNAQEFBQAwajEjMCEG -A1UECxMaT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gQ0ExEzARBgNVBAoTCkdsb2Jh -bFNpZ24xLjAsBgNVBAMTJUdsb2JhbFNpZ24gT3JnYW5pemF0aW9uIFZhbGlkYXRp -b24gQ0EwHhcNMTAwNzIwMTk0MDQzWhcNMTIwNzIwMTk0MDM5WjCBiDELMAkGA1UE -BhMCVVMxETAPBgNVBAgTCENvbG9yYWRvMRAwDgYDVQQHEwdCb3VsZGVyMQswCQYD -VQQLEwJQMzEkMCIGA1UEChMbV2FsbCBTdHJlZXQgT24gRGVtYW5kLCBJbmMuMSEw -HwYDVQQDExhpbWFnZXMuZXRyYWRlLndhbGxzdC5jb20wgZ8wDQYJKoZIhvcNAQEB -BQADgY0AMIGJAoGBAPRNFRMpKV8BVhiqXv/8q8ptNvFEBVyxhij2rLJU+pOU0XrC -kuKKZwgO+3SdDVvshqTcK3U3wXcY5KrHn6F2dyHt7VrRB0VjNTWfUBzqgHWf2Kb/ -B42nebSJ9yTsK9bSN9EUB0p51I51lQi8u/OqSbFxwOXYay6cxnXUyxsFjqjxAgMB -AAGjggGbMIIBlzAfBgNVHSMEGDAWgBR9bSrsZqunUTarAmnxcI/EWQuaHzBJBggr -BgEFBQcBAQQ9MDswOQYIKwYBBQUHMAKGLWh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2ln -bi5uZXQvY2FjZXJ0L29yZ3YxLmNydDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8v -Y3JsLmdsb2JhbHNpZ24ubmV0L09yZ2FuaXphdGlvblZhbDEuY3JsMB0GA1UdDgQW -BBRi8Ai1+ab2Co5ZOFcXxXkEuca2ezAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIF -oDApBgNVHSUEIjAgBggrBgEFBQcDAQYIKwYBBQUHAwIGCisGAQQBgjcKAwMwSwYD -VR0gBEQwQjBABgkrBgEEAaAyARQwMzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5n -bG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5LzARBglghkgBhvhCAQEEBAMCBsAwIwYD -VR0RBBwwGoIYaW1hZ2VzLmV0cmFkZS53YWxsc3QuY29tMA0GCSqGSIb3DQEBBQUA -A4IBAQADCwDzRZS/GuGHEMmjR5+vKyWMGQMbRYkFHDrVrgasxEWaMJDqhTY7UbnG -/2WfzmAnRL5XVvWcrgPi+KJlWHYVu4M+1VaZyDyP4HYVnaRLEJ1peqLNmB+pQZcM -ARXB3GkMIPzB3IBRLtxE3a9tVBF4ZmezLuFKDM52UE5KXGScBbJnn8fvBlhplTKv -jdntjYGehBUQfTNp/v/smT8xx1oGKMkmpl6ofnBuMBHW3GoMdvs6zVqGqFfJe0tD -xJDZIIyEWs/81QunoFRJ86lVy+zLE63UKZH4R9+2Y4cZwVsLcEbHMqi5D0yiPzlO -cMDwQuXjoZis0o2YiaxeobnfOdeJ ------END CERTIFICATE----- diff --git a/net/data/ssl/scripts/generate-cross-signed-certs.sh b/net/data/ssl/scripts/generate-cross-signed-certs.sh new file mode 100755 index 0000000..299092d --- /dev/null +++ b/net/data/ssl/scripts/generate-cross-signed-certs.sh @@ -0,0 +1,86 @@ +#!/bin/sh + +# Copyright 2013 The Chromium Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +# This script generates a two roots - one legacy one signed with MD5, and +# another (newer) one signed with SHA1 - and has a leaf certificate signed +# by these without any distinguishers. +# +# The "cross-signed" comes from the fact that both the MD5 and SHA1 roots share +# the same Authority Key ID, Subject Key ID, Subject, and Subject Public Key +# Info. When the chain building algorithm is evaluating paths, if it prefers +# untrusted over trusted, then it will see the MD5 certificate as a self-signed +# cert that is "cross-signed" by the trusted SHA1 root. +# +# The SHA1 root should be (temporarily) trusted, and the resulting chain +# should be leaf -> SHA1root, not leaf -> MD5root, leaf -> SHA1root -> MD5root, +# or leaf -> MD5root -> SHA1root + +try() { + echo "$@" + $@ || exit 1 +} + +try rm -rf out +try mkdir out + +try echo 1 > out/2048-sha1-root-serial +try echo 2 > out/2048-md5-root-serial +touch out/2048-sha1-root-index.txt +touch out/2048-md5-root-index.txt + +# Generate the key +try openssl genrsa -out out/2048-sha1-root.key 2048 + +# Generate the root certificate +CA_COMMON_NAME="Test Root CA" \ + try openssl req \ + -new \ + -key out/2048-sha1-root.key \ + -out out/2048-sha1-root.req \ + -config ca.cnf + +CA_COMMON_NAME="Test Root CA" \ + try openssl x509 \ + -req -days 3650 \ + -sha1 \ + -in out/2048-sha1-root.req \ + -out out/2048-sha1-root.pem \ + -text \ + -signkey out/2048-sha1-root.key \ + -extfile ca.cnf \ + -extensions ca_cert + +CA_COMMON_NAME="Test Root CA" \ + try openssl x509 \ + -req -days 3650 \ + -md5 \ + -in out/2048-sha1-root.req \ + -out out/2048-md5-root.pem \ + -text \ + -signkey out/2048-sha1-root.key \ + -extfile ca.cnf \ + -extensions ca_cert + +# Generate the leaf certificate request +try openssl req \ + -new \ + -keyout out/ok_cert.key \ + -out out/ok_cert.req \ + -config ee.cnf + +# Generate the leaf certificates +CA_COMMON_NAME="Test Root CA" \ + try openssl ca \ + -batch \ + -extensions user_cert \ + -days 3650 \ + -in out/ok_cert.req \ + -out out/ok_cert.pem \ + -config ca.cnf + +cp out/2048-md5-root.pem ../certificates/cross-signed-root-md5.pem +cp out/2048-sha1-root.pem ../certificates/cross-signed-root-sha1.pem +cp out/ok_cert.pem ../certificates/cross-signed-leaf.pem |