This is an automated email from the ASF dual-hosted git repository.
absurdfarce pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/cassandra-gocql-driver.git
The following commit(s) were added to refs/heads/trunk by this push:
new f9b495b Regenerate testdata/pki and include script for regenerating
f9b495b is described below
commit f9b495bceaff82f2d0a05e6cb88f2b454ac8e0a4
Author: Andy Tolbert <[email protected]>
AuthorDate: Sun Aug 25 19:53:09 2024 -0500
Regenerate testdata/pki and include script for regenerating
The existing certificates in testdata/pki expire on September 16 2024.
This commit includes a 'generate_certs.sh' script for regenerating
private keys and certificates as needed.
As I couldn't find the original steps used to generate these, it's
possible these certificates are generated differently, but they are
done in a nominal way.
One slight derivation with the original certificates is that I have
opted to use PKCS12 format instead of the propertiary java JKS format
for the .truststore and .keystore file. The cassandra and gocql
certificates also embed a spiffe in the SAN so they can eventually
be used for mTLS authentication testing.
patch by Andy Tolbert; reviewed by Bret McGuire for CASSANDRA-19862
---
testdata/pki/.keystore | Bin 2178 -> 3905 bytes
testdata/pki/.truststore | Bin 882 -> 1317 bytes
testdata/pki/ca.cnf | 12 +++
testdata/pki/ca.crt | 134 ++++++++++++++++++++++++++-----
testdata/pki/ca.key | 82 ++++++++++++-------
testdata/pki/cassandra.cnf | 16 ++++
testdata/pki/cassandra.crt | 174 +++++++++++++++++++++++++----------------
testdata/pki/cassandra.key | 79 ++++++++++++-------
testdata/pki/generate_certs.sh | 98 +++++++++++++++++++++++
testdata/pki/gocql.cnf | 16 ++++
testdata/pki/gocql.crt | 173 ++++++++++++++++++++++++----------------
testdata/pki/gocql.key | 79 ++++++++++++-------
12 files changed, 629 insertions(+), 234 deletions(-)
diff --git a/testdata/pki/.keystore b/testdata/pki/.keystore
index 7608b94..ca78872 100644
Binary files a/testdata/pki/.keystore and b/testdata/pki/.keystore differ
diff --git a/testdata/pki/.truststore b/testdata/pki/.truststore
index fdf9b27..571940f 100644
Binary files a/testdata/pki/.truststore and b/testdata/pki/.truststore differ
diff --git a/testdata/pki/ca.cnf b/testdata/pki/ca.cnf
new file mode 100644
index 0000000..7e271dc
--- /dev/null
+++ b/testdata/pki/ca.cnf
@@ -0,0 +1,12 @@
+[req]
+default_bits = 2048
+prompt = no
+default_md = sha256
+distinguished_name = dn
+
+[req_ext]
+basicConstraints = CA:TRUE
+keyUsage = digitalSignature, keyCertSign
+
+[dn]
+CN = ca
diff --git a/testdata/pki/ca.crt b/testdata/pki/ca.crt
index fc3ba63..7ec81ba 100644
--- a/testdata/pki/ca.crt
+++ b/testdata/pki/ca.crt
@@ -1,20 +1,118 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 72:78:2c:ae:ac:90:8c:ff:2f:29:b8:1d:03:0c:db:69:f8:00:ac:a4
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=ca
+ Validity
+ Not Before: Aug 29 15:51:04 2024 GMT
+ Not After : Aug 5 15:51:04 2124 GMT
+ Subject: CN=ca
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (4096 bit)
+ Modulus:
+ 00:d6:bd:ab:fa:89:83:bd:d2:62:0c:e8:f6:ce:84:
+ c3:44:f4:a1:73:40:b6:57:0a:f6:e9:0b:4c:65:99:
+ 67:79:fd:ea:7a:8e:03:b2:1e:6b:87:ca:a6:ed:86:
+ 05:5d:f4:50:f1:e6:cd:d2:48:4a:df:42:d5:cf:e0:
+ b2:86:30:9d:7d:df:b1:08:9f:9f:a3:9a:98:87:b8:
+ 56:62:3a:ed:c7:02:d8:0e:03:62:99:bd:48:05:0d:
+ c6:b9:db:fc:e9:57:6e:07:fc:da:04:df:6c:4e:8b:
+ 4e:65:83:cb:fb:44:b2:54:42:80:33:69:56:37:12:
+ af:e7:a3:02:ef:34:dc:52:03:87:02:7c:1e:ab:ac:
+ 9d:bc:e9:61:98:44:a5:bd:a8:82:65:ca:c8:70:1c:
+ ab:2a:3f:6c:2f:10:76:07:83:ba:c8:ce:44:7e:da:
+ 7a:e5:47:03:9d:01:14:ed:79:a9:fc:c3:98:9c:06:
+ 9c:5d:f8:ff:4c:ca:b5:e1:04:62:ee:21:49:c4:9d:
+ f5:c6:49:18:7b:56:b5:32:be:4f:cd:33:f6:08:f9:
+ 57:1d:79:34:be:3f:88:54:5a:47:18:3a:5e:cb:e5:
+ 25:4b:3a:b3:c4:e9:47:dd:59:e0:46:cb:e6:d6:83:
+ d6:d6:59:c8:92:69:46:1c:88:a9:d2:2d:48:2f:bb:
+ e6:36:51:a1:2c:60:d0:9d:c2:6b:e9:5a:74:69:af:
+ 40:be:94:bb:41:b3:43:68:2b:5b:21:88:64:93:2d:
+ 62:91:d8:80:5f:fa:c6:a3:4d:1c:95:e4:ab:cc:44:
+ 3f:1f:f2:9d:9a:62:29:b5:56:1a:c3:fa:b4:23:87:
+ f9:b9:70:64:7e:57:90:54:05:e3:ca:26:97:19:c5:
+ 14:99:aa:89:20:6f:e8:30:f7:c1:34:27:46:49:48:
+ c4:1b:a9:f0:41:95:25:52:a6:9f:4f:83:a8:ab:a6:
+ ca:2d:28:95:56:66:f7:81:b8:7a:4e:d2:4e:f0:1f:
+ 6e:af:c0:02:7d:7b:be:a4:e3:9b:ff:6e:81:b6:f4:
+ a7:71:b1:73:11:d1:aa:25:30:0a:50:7a:5f:01:37:
+ 2d:a1:94:24:a6:64:7c:9c:e8:d6:ea:3d:4f:df:a4:
+ 04:95:2f:6a:03:b1:02:dc:f2:f0:06:7f:61:b5:2d:
+ 6d:17:2a:50:9f:fd:d2:bc:73:7f:00:a7:4c:df:02:
+ 0d:cf:12:0a:f2:de:2c:24:dd:c7:a1:01:d8:ee:d7:
+ 9e:f2:71:04:a6:14:da:f9:c3:80:8a:64:67:db:8e:
+ 1b:84:54:3f:3b:65:fe:29:1f:10:5a:6e:1d:38:64:
+ 10:9e:ab:a9:a6:2e:81:82:33:c7:f8:70:7b:8d:38:
+ ca:ac:41
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ X509v3 Key Usage:
+ Digital Signature, Certificate Sign
+ X509v3 Subject Key Identifier:
+ 91:E4:CD:B1:83:17:E9:5C:10:99:1C:81:83:5A:93:72:1F:36:73:5B
+ Signature Algorithm: sha256WithRSAEncryption
+ Signature Value:
+ b9:89:18:b6:94:bf:82:7c:12:c5:e6:90:af:c5:87:18:4b:be:
+ 52:84:b9:df:6f:99:bf:24:99:7b:d7:02:28:ba:23:a4:85:1f:
+ 27:0a:01:2b:18:94:8f:14:cc:4f:85:58:80:49:c5:48:71:36:
+ d9:fa:b8:3a:bb:3b:45:cb:75:f6:10:1f:e3:f4:95:a0:36:7a:
+ 62:9e:fb:dc:ea:ff:9e:00:ac:84:df:41:96:f1:6d:57:94:db:
+ 36:72:09:99:2f:35:7c:4c:4a:d9:61:77:29:92:03:d3:28:09:
+ 2d:d9:32:e0:10:82:44:59:5f:44:b0:95:57:2f:31:24:9b:da:
+ 2d:06:61:40:3b:6a:e8:8b:30:53:ae:fb:76:84:a2:db:fd:36:
+ 4c:19:11:a6:03:f3:03:58:f1:11:73:b5:f1:27:61:26:29:bd:
+ 07:77:81:0d:32:db:ae:ba:2c:b0:82:32:8b:79:22:36:14:00:
+ c6:db:e2:38:73:ac:ac:79:bd:d8:4b:ee:2e:54:9b:dc:e1:f4:
+ e1:f7:5c:54:da:47:2f:60:a9:ea:77:4a:c9:0b:82:df:0f:11:
+ 2e:a5:4f:73:b0:0c:52:49:e9:fe:90:6d:bc:b2:a9:7d:9f:58:
+ 51:e8:fd:cc:03:45:99:3e:eb:c0:61:15:c7:93:f8:ca:99:eb:
+ c9:52:bd:0f:46:cf:fa:e1:15:f5:18:e6:1b:bc:03:c3:41:4f:
+ 24:87:06:0b:53:ae:70:df:c4:40:b4:76:0d:f6:78:cf:a1:58:
+ d6:0c:79:d7:8a:e6:36:5a:d5:77:fb:a6:70:30:cf:ed:3f:08:
+ ec:f6:b7:c5:70:47:b8:49:30:3b:b2:3b:4a:3e:41:e1:72:a3:
+ e2:d8:0d:23:7f:f6:94:72:8c:d3:6f:cd:e0:c5:22:79:30:a9:
+ 2d:31:54:46:70:9b:94:6d:c2:ec:91:c2:ef:ad:73:91:30:17:
+ ed:1b:ae:2d:59:42:ba:bb:31:8f:cb:39:80:ce:ff:b2:15:72:
+ 40:13:3a:5d:7d:ed:69:b8:91:f1:65:48:56:53:81:a4:55:cc:
+ d8:d9:ee:a7:86:ff:fa:d7:75:f8:6d:2b:a0:35:51:1c:94:ad:
+ 88:68:72:12:72:c2:f9:3d:64:a3:ba:1c:bd:a4:37:4c:8c:ba:
+ 1c:b4:99:cd:4d:2c:a4:00:e7:10:9f:d5:39:24:3d:bd:56:e0:
+ 44:77:1b:a2:cc:a3:3c:56:7e:4c:ea:bd:60:89:10:96:d3:16:
+ 95:37:7f:b1:69:60:df:62:6e:33:87:74:9c:b0:b0:9e:b5:f4:
+ 6d:5b:52:c0:cb:e8:c9:d9:56:fd:3b:69:0c:19:df:ad:6a:a1:
+ dc:58:07:ea:df:d6:f8:2c
-----BEGIN CERTIFICATE-----
-MIIDLzCCAhegAwIBAgIJAIKbAXgemwsjMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
-BAMTCWNhc3NhbmRyYTAeFw0xNDA5MTkyMTE4MTNaFw0yNDA5MTYyMTE4MTNaMBQx
-EjAQBgNVBAMTCWNhc3NhbmRyYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAL5fX0l1WDNa+mO1krxw7k8lfUQn+Ec4L3Mqv6IstGoNdCPq4YRA+SXRD5YC
-k/UXrFBWh9Hbs849GiuTYMPdj9HDLYz40RaQjM9GbieS23iy3UStQ0tKhxaaG6FN
-6XBypXFKCTsanu0TkEoDGhAkSzAMcCAC3gkFBzMrZ5qt4HEzjY9rasZ2gthN+xop
-nq3t4dDkE8HGaiFJcFvqTor7xmrnAaPjrPzUpvOF/ObIC09omwg/KXdPRx4DKPon
-gCMKEE3ckebKnJvbsRX3WO8H5nTHBYZ6v1JxLZz5pqmV+P0NGxldCARM0gCQUBz5
-wjMJkD/3e1ETC+q6uwfnAG0hlD8CAwEAAaOBgzCBgDAdBgNVHQ4EFgQUjHzn0nYF
-iXEaI1vUWbRR4lwKXOgwRAYDVR0jBD0wO4AUjHzn0nYFiXEaI1vUWbRR4lwKXOih
-GKQWMBQxEjAQBgNVBAMTCWNhc3NhbmRyYYIJAIKbAXgemwsjMAwGA1UdEwQFMAMB
-Af8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBCYDdIhtf/Y12Et947
-am1B8TzSX+/iQ1V1J3JtvgD5F4fvNjfArat/I3D277WREUTAc76o16BCp2OBGqzO
-zf9MvZPkjkAUoyU0TtPUEHyqxq4gZxbWKugIZGYkmQ1hCvSIgA5UnjRL3dylMmZb
-Y33JJA2QY63FZwnhmWsM8FYZwh+8MzVCQx3mgXC/k/jS6OuYyIT/KjxQHHjyr5ZS
-zAAQln1IcZycLfh1w5MtCFahCIethFcVDnWUWYPcPGDGgMJW7WBpNZdHbLxYY8cI
-eCc3Hcrbdc/CG5CaLJeqUidBayjnlUIO/NNgglkJ1KhQzkM6bd+37e0AX1hLIqx7
-gIZR
+MIIE5jCCAs6gAwIBAgIUcngsrqyQjP8vKbgdAwzbafgArKQwDQYJKoZIhvcNAQEL
+BQAwDTELMAkGA1UEAwwCY2EwIBcNMjQwODI5MTU1MTA0WhgPMjEyNDA4MDUxNTUx
+MDRaMA0xCzAJBgNVBAMMAmNhMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEA1r2r+omDvdJiDOj2zoTDRPShc0C2Vwr26QtMZZlnef3qeo4Dsh5rh8qm7YYF
+XfRQ8ebN0khK30LVz+CyhjCdfd+xCJ+fo5qYh7hWYjrtxwLYDgNimb1IBQ3Gudv8
+6VduB/zaBN9sTotOZYPL+0SyVEKAM2lWNxKv56MC7zTcUgOHAnweq6ydvOlhmESl
+vaiCZcrIcByrKj9sLxB2B4O6yM5Eftp65UcDnQEU7Xmp/MOYnAacXfj/TMq14QRi
+7iFJxJ31xkkYe1a1Mr5PzTP2CPlXHXk0vj+IVFpHGDpey+UlSzqzxOlH3VngRsvm
+1oPW1lnIkmlGHIip0i1IL7vmNlGhLGDQncJr6Vp0aa9AvpS7QbNDaCtbIYhkky1i
+kdiAX/rGo00cleSrzEQ/H/KdmmIptVYaw/q0I4f5uXBkfleQVAXjyiaXGcUUmaqJ
+IG/oMPfBNCdGSUjEG6nwQZUlUqafT4Ooq6bKLSiVVmb3gbh6TtJO8B9ur8ACfXu+
+pOOb/26BtvSncbFzEdGqJTAKUHpfATctoZQkpmR8nOjW6j1P36QElS9qA7EC3PLw
+Bn9htS1tFypQn/3SvHN/AKdM3wINzxIK8t4sJN3HoQHY7tee8nEEphTa+cOAimRn
+244bhFQ/O2X+KR8QWm4dOGQQnquppi6BgjPH+HB7jTjKrEECAwEAAaM8MDowDAYD
+VR0TBAUwAwEB/zALBgNVHQ8EBAMCAoQwHQYDVR0OBBYEFJHkzbGDF+lcEJkcgYNa
+k3IfNnNbMA0GCSqGSIb3DQEBCwUAA4ICAQC5iRi2lL+CfBLF5pCvxYcYS75ShLnf
+b5m/JJl71wIouiOkhR8nCgErGJSPFMxPhViAScVIcTbZ+rg6uztFy3X2EB/j9JWg
+Nnpinvvc6v+eAKyE30GW8W1XlNs2cgmZLzV8TErZYXcpkgPTKAkt2TLgEIJEWV9E
+sJVXLzEkm9otBmFAO2roizBTrvt2hKLb/TZMGRGmA/MDWPERc7XxJ2EmKb0Hd4EN
+MtuuuiywgjKLeSI2FADG2+I4c6yseb3YS+4uVJvc4fTh91xU2kcvYKnqd0rJC4Lf
+DxEupU9zsAxSSen+kG28sql9n1hR6P3MA0WZPuvAYRXHk/jKmevJUr0PRs/64RX1
+GOYbvAPDQU8khwYLU65w38RAtHYN9njPoVjWDHnXiuY2WtV3+6ZwMM/tPwjs9rfF
+cEe4STA7sjtKPkHhcqPi2A0jf/aUcozTb83gxSJ5MKktMVRGcJuUbcLskcLvrXOR
+MBftG64tWUK6uzGPyzmAzv+yFXJAEzpdfe1puJHxZUhWU4GkVczY2e6nhv/613X4
+bSugNVEclK2IaHIScsL5PWSjuhy9pDdMjLoctJnNTSykAOcQn9U5JD29VuBEdxui
+zKM8Vn5M6r1giRCW0xaVN3+xaWDfYm4zh3ScsLCetfRtW1LAy+jJ2Vb9O2kMGd+t
+aqHcWAfq39b4LA==
-----END CERTIFICATE-----
diff --git a/testdata/pki/ca.key b/testdata/pki/ca.key
index 4360c17..8120e96 100644
--- a/testdata/pki/ca.key
+++ b/testdata/pki/ca.key
@@ -1,30 +1,52 @@
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,54C8072C0FF3B3A3
-
-27eijmHdgB+s3beNPmU0+iz+muxMD0BVvWkDzyec/uawMv/Cn4c3mYXOcsFxS3BL
-+qLT9MEttOmjqhHSaVrDYOPKoJIMpn+bVeKiR08V89icO36shEPy1feGqanagKtw
-ecgzFDBTA8ZbqjAhftXlhTwxADebvNms/2aDh5Aw04vIcbo8nQ/8z1Wz8O7Firsn
-kaseSTMTC6lxc+pa2V1X6mN0/2UpDi55bZbx1Z/mQ3+1CsdHOx0p7m/KY2m3ysov
-XluaC0sqmzHkcwNgDhUs3Jh+apE33vXzLGU+W4BDOwrYJiL6KpspZW/mJj3OEx8B
-8xdAZU3a/ei8NUA/lDStGmcYX+dOysExwJ6GMrCBm9iufZiefDQCQ8yRqWnr6Zop
-lsFd+CqHNWYxfWDI1pSUBw3bsgIjevI0f0B7PxkFEF0DmIhCgB324/uqToRzGsOF
-4MSVg6cSK7Sjo/u3r8r75A3aUAcY8NbR3peiZfAPMsTiUcfp4DoU+MJTqkX5PyQq
-FNxHOJoARZqjjQ2IhZiUQWfIINHvZ8F9G2K7VaES8A0EATyUghqaRyeLbyI3IYdW
-pGZBzrpGtdFlk9AVetHDDlY+gQiurtYhxOsxvlxJJuTj8FV+A5NWSElfPele0OiR
-iprE3xkFSk3whHu5L1vnzamvdSlnBWOAE7pQD7kQA6NmcEw/tqnXK0dVdAw8RIFh
-4BKgv0sNrXzBgnzE8+bKLUf1a2Byc/YKuBrI7EpSZ9/VHYvOcgmOxNxMmRS6NYd1
-Ly+agQn0AyvsDmSlBZBp8GCzVp6JYBMDKSXyPVN8+wjK9OQM0PZdEdXouMwPCOVN
-oNSjhmMtfjOsnG2SZ9tRas3p0qFdfh/N/E6Q7QHG3WD3cUIEweFV9ji1FTSRUrIa
-shuKug8MUfNjvDJNMsdGyf6Hi/7Iik++42Rq3ZdTy0ZVkj5snv5yBN77pr2M/J4b
-M+dsXjyXPO4SDW3kP/e3RnLRlWmUv1PNdOmNDdjBBUTKgVZ3ur+4HmSY1iDvhlUF
-/hz2tz3/XUKQwYuv3KJVlBhLrniXeES36GK+JQadIszrjwb5N4q4p6xrIdIR7XgR
-TJCSL1NGPLeQyjK6byWLNPRcCGrvnxWs0k0ev6trMRJL1EjsIFDCJam9szhcXkZP
-iYl1d7ZMKPS3cAqCjdaFRSe65cZ+qI/cqxiv122orq/jkDY7ZSA9rWywY4YnYQ7A
-BqvcPzC/6K0bteXqmMQkIy/84aSnEts6ecb/4s5e5xXLhHe0dchG0HkasC/Gb+v/
-m9NOqACTerWvSD+Ecv9OvnBjP+GTlA1g7xTiRANLXsTJuiJomtxewXcV6kGZEMmZ
-QWerGtPJGGUx36WRWrMiPeBfWZoIbjYGPmOO5mYNXMTjABGGWcFnKAqWUKsFihi9
-pC0OpZ7A0dtc9uSm0ZmsHUc3XENMHTeeEN+qgWxVKcMzRKEcnapu/0OcHrOUHDZf
-qPoG4EkNnG9kPMq3HzvFPx3qbQ017yl87vAkWy/Edo+ojfHoNghRBVGCw1zt/BMN
-eJbFFHop+rQ87omz8WIL4K+zVf91rJ0REVAJssQVDo16O5wrMo+f+c8v2GANQks5
------END RSA PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
+MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDWvav6iYO90mIM
+6PbOhMNE9KFzQLZXCvbpC0xlmWd5/ep6jgOyHmuHyqbthgVd9FDx5s3SSErfQtXP
+4LKGMJ1937EIn5+jmpiHuFZiOu3HAtgOA2KZvUgFDca52/zpV24H/NoE32xOi05l
+g8v7RLJUQoAzaVY3Eq/nowLvNNxSA4cCfB6rrJ286WGYRKW9qIJlyshwHKsqP2wv
+EHYHg7rIzkR+2nrlRwOdARTtean8w5icBpxd+P9MyrXhBGLuIUnEnfXGSRh7VrUy
+vk/NM/YI+VcdeTS+P4hUWkcYOl7L5SVLOrPE6UfdWeBGy+bWg9bWWciSaUYciKnS
+LUgvu+Y2UaEsYNCdwmvpWnRpr0C+lLtBs0NoK1shiGSTLWKR2IBf+sajTRyV5KvM
+RD8f8p2aYim1VhrD+rQjh/m5cGR+V5BUBePKJpcZxRSZqokgb+gw98E0J0ZJSMQb
+qfBBlSVSpp9Pg6irpsotKJVWZveBuHpO0k7wH26vwAJ9e76k45v/boG29KdxsXMR
+0aolMApQel8BNy2hlCSmZHyc6NbqPU/fpASVL2oDsQLc8vAGf2G1LW0XKlCf/dK8
+c38Ap0zfAg3PEgry3iwk3cehAdju157ycQSmFNr5w4CKZGfbjhuEVD87Zf4pHxBa
+bh04ZBCeq6mmLoGCM8f4cHuNOMqsQQIDAQABAoICAA4KANgnucnLZ+08i2r9bQXx
+RF9HlMqXnremE6ZbMCB4N3MwHUSKdP2mUK5PFVy+IBvTut/YXOTAKg0lvVlejLCL
+bLe9AwlsJ83mGrR5vv/d/lTampo+4+cVe0kjyiLrPCtThMfN+Sogm2bk0sCO2v9j
+omptPl2DxqV+ZJVRv5gXcouScWLh4L7wA+YAXu5jIBtNjzfp9+eSlYN1Y3IJH6+i
+V87Y5v33jy0djzCAKsF2r1+yYvJJDByi7ni5xuOXBr6bx4ZHuYA4YmJHfoO46O+C
+daD2QqEWTQoB8ouLJvvUWerTX9tfMPtjG9fx24A2YFflLy+IDs7HJ7fkJy42ITSM
+DVe7BzfEr6NasKIz468EdgJ7L+GTea13RzHF+++NolEEyuQoDr/NDuBPvA53lVr6
+I/lKrtRZA+2wy1egbkTp63OYi/Xx7Pkw+pxwwZN+Ba4YLbgEc81wkSiAifhPEqWC
+WxM0n/3lKMOsVOFiH9AnzdNqcGxlRbIDaMBh0y1yjksQ8gok2LLvhh7pyaU3Eje1
+PO6d2AMt9oqxAMK6AuE5Sg7aob8uKfTscd747Il2qUs8TX/uC+5go3fpqTJWzMQ9
+OtmeXhQPRNazCA/f5CJJb19lr/elkhpNSRtOlVGL53DQITREhyseMaKnv303RSV5
+fnHkpWxGlB6wKwycitYNAoIBAQDukpEPLj+khKSHpv3mUF1x+gCfyOXQ+9Ix/rWm
+m/ikTXNIzDoZHexd36sc3A0woV2SKqu0q+kkyoPluxJs/Bdm1XotATdjCMEmuiSi
+8Az5YSBVJ0/9aRAbOFsBEEoLU3MvuE2rJ/qm3C3Le8634J/0g7ac81e9PuncoNyj
+S0koAJqjyN1P5iyAxzjyxkF1pUVylRIAAPVzS1P4+E0QymCJygq7yoT388T1Y7az
+DeUyJD9vqWud6QXX8KnivFOPb6Av8vSPFtJZrZ1S3gGmaqCXOkj2id4hAhHFd9zk
+mURSfv5uvM1IVk+q3iLAqfsdIJWKTSLxOexuTz3FVKesXog/AoIBAQDmbXDvTXoG
+eDF7Jsy//tIBMsTANvu0oDBRiu4ym2RN1sbYAfpreKRaE6OGdhjituIn4LgYCgtx
+0RWYN4dxkSqF4Iic3Sqg3ueQig1Lr9BE/1gsyZthEifE15Tq7c1LGR5YEql7rVEO
+09Zn8/Ds4cKowTa34gEU7QdFaE8J7NLN6uf8c2F7w8HD4I4tmAhAaNIJ47sRcoR0
+31p0GwnhM7413bOlQp5gYbXJ1I1K8TkwfdDMena+4HwPbT4ULXKHEAF1dwTuo6G4
+vqdic/VsFp6aietjygMSXro2o7Pc9DZ8c5+4xL1VvujlLx6bn9mbQes3tlcCAHbz
+666YEmduXat/AoIBAQDGRlN+vV4xWffvsa7EcjgnWLKaGXo+pHs+B8VqkagkzSWp
+8+m5JDBkmFZ65rujlgjRSNtpjZJ3fEQAcuhOYXkFgxhGPQOOMCFvETcPn9f4jmsz
+ujd1kZLMPJsNmD8hiJprp44NWG2trcH1opDcKzhlG+5yJJ/f7WCpd5vHrvM+5rme
+s3qTQ+XqpShERNb0coX0Q8Yw8JsN1iYU/i/2a2uuOJeRGTBHbnZbxyJ5T2wTryJ1
+p+WD2L19iUt34DLGO+xyzUXJghsSYwMkctQGPgn3hX5MP6q33iNs7UBNUMACm/7T
+g+BMZUdS58kUPHEx9PmzdoY623wO9ZaN4Nx1mh87AoIBAA0z2hOsAcDbJCKlP3gE
+tq2g5gsJW3Sm9P3HEwzNQHsBQlVgD6QWvnv2whjTLWvYBK86PfIKqUs1KqKVE+qa
+4a/YBJvQREABZY0vi8F5alp5suimCIQQUT0DCSJIy8lwv/9V2mYesRVDZ/Z+0KAR
+82BN6b+xcFRtnEwKxPSRoCZyPiaFyeEYf0Kk3CCapGZkWxx78tz2DcbQgVNDtVY0
+68IUWNWwMnjdQFg3GH1hwuAXZV5B6gnXvOP5Y2QuknBQp3S+hAbUU1DNg7OtZzNx
+PFcobddC3Ngxm0PEL2sKhxCsY0tn4l1GWfu/rmZGS2aM6VhA101jD228ZD2MWGbH
+cSsCggEBAKdBHzVQMD5Ag/varENm08w2SCYajw6m5+sw7AkrPhkrtdFrTUtRLP1G
+d20UL2yTl8p56hppZzhW7rwfcWbzGH8kIyxd6zsFFN0XB4HBKC7XpDkk1gOEDDt4
+f/2TyXyxs+P3UMkc9wHiOk5M57KU/u+Rpum3TKjN/1Nwtg7QPyKvnqHoKToLnKem
+59NApfXxRPmsHQ69aabqews6khIj/ZrP3GlmBneojyX3vCFu6rLAjULOeRE9zVzu
+F+JVoNFFHvLJP+RWXhqqXqQLok4CXHsM5LnZFYNzCr8+aiMmNCsuTlYmyZvvn0eu
+FzJ4MqRODsXmPy21SwDKxAUMouXddvQ=
+-----END PRIVATE KEY-----
diff --git a/testdata/pki/cassandra.cnf b/testdata/pki/cassandra.cnf
new file mode 100644
index 0000000..ec898ad
--- /dev/null
+++ b/testdata/pki/cassandra.cnf
@@ -0,0 +1,16 @@
+[req]
+default_bits = 2048
+prompt = no
+default_md = sha256
+distinguished_name = dn
+
+[dn]
+CN = cassandra
+
+[req_ext]
+basicConstraints = CA:FALSE
+keyUsage = digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+URI =
spiffe://test.cassandra.apache.org/cassandra-gocql-driver/integrationTest/cassandra
diff --git a/testdata/pki/cassandra.crt b/testdata/pki/cassandra.crt
index 9d2facf..1d6686d 100644
--- a/testdata/pki/cassandra.crt
+++ b/testdata/pki/cassandra.crt
@@ -1,83 +1,125 @@
Certificate:
Data:
Version: 3 (0x2)
- Serial Number: 2 (0x2)
+ Serial Number:
+ 18:bb:4e:1c:bf:b9:44:cc:58:c7:36:a5:5d:e6:b7:bd:8e:90:95:ea
Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=cassandra
+ Issuer: CN=ca
Validity
- Not Before: Sep 19 21:18:48 2014 GMT
- Not After : Sep 16 21:18:48 2024 GMT
+ Not Before: Aug 29 15:51:06 2024 GMT
+ Not After : Aug 5 15:51:06 2124 GMT
Subject: CN=cassandra
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:e5:9c:20:9e:de:98:73:44:41:0d:37:4c:62:c3:
- 9f:87:5f:9b:4f:aa:cf:f6:90:6e:a5:e0:89:88:7a:
- 00:c6:bb:d7:80:87:69:2e:fa:f0:35:59:80:6e:82:
- 25:c8:b3:6c:f6:a4:97:97:93:93:ea:f0:70:70:a4:
- e1:b7:aa:da:c1:99:66:9b:93:04:3a:ce:0b:83:07:
- 06:22:3d:a6:db:7f:68:0f:49:80:bd:86:a8:bb:54:
- 6d:38:5f:0f:b0:fa:1b:97:24:ae:cc:9d:37:98:7e:
- 76:cc:e3:1b:45:1b:21:25:17:02:c0:1a:c5:fb:76:
- c3:8b:93:d7:c5:85:14:0a:5c:a4:12:e7:18:69:98:
- f5:76:cd:78:cd:99:5a:29:65:f1:68:20:97:d3:be:
- 09:b3:68:1b:f2:a3:a2:9a:73:58:53:7e:ed:86:32:
- a3:5a:d5:46:03:f9:b3:b4:ec:63:71:ba:bb:fb:6f:
- f9:82:63:e4:55:47:7a:7a:e4:7b:17:6b:d7:e6:cf:
- 3b:c9:ab:0c:30:15:c9:ed:c7:d6:fc:b6:72:b2:14:
- 7d:c7:f3:7f:8a:f4:63:70:64:8e:0f:db:e8:3a:45:
- 47:cd:b9:7b:ae:c8:31:c1:52:d1:3e:34:12:b7:73:
- e7:ba:89:86:9a:36:ed:a0:5a:69:d0:d4:e3:b6:16:
- 85:af
+ Public-Key: (4096 bit)
+ Modulus:
+ 00:e4:5d:6d:9e:1c:a2:1f:00:cd:9e:67:25:05:f9:
+ cc:38:8a:a8:fe:52:e4:82:38:d0:f0:58:0e:f5:c1:
+ 7d:8f:33:5c:b3:3c:7c:97:10:7a:bd:dd:3b:59:1a:
+ c4:40:70:91:46:41:f9:4e:d0:90:f5:bb:b7:9f:16:
+ e1:6f:db:33:74:39:f6:4f:15:3f:fb:aa:e1:df:27:
+ 65:e2:13:e1:c9:7e:c1:07:83:0a:63:c2:92:e5:c9:
+ dd:54:ad:70:d8:5d:0e:6e:dc:e4:55:66:dc:00:b4:
+ 0e:68:b2:92:8a:d9:55:33:34:ee:5d:3f:54:d3:c7:
+ af:70:14:8b:85:0c:db:71:5e:d5:ea:04:81:e0:69:
+ e3:94:3b:70:dc:4d:89:1f:fc:58:ac:61:e0:6a:09:
+ 84:85:87:85:fa:a4:de:de:4b:72:5e:fe:6a:9c:74:
+ 0f:e5:b5:49:6d:fe:8d:59:01:45:da:92:e0:e9:a7:
+ b6:27:be:71:c3:a9:90:6c:cb:c8:43:dc:77:6b:a6:
+ 32:1d:27:51:f6:6e:c1:e2:54:f1:d1:0b:30:d4:2c:
+ 1f:5a:06:98:07:41:50:53:de:80:fd:4b:f6:12:2a:
+ e9:f8:6f:c5:5d:b4:d3:b6:bd:7f:8c:ab:5e:c2:14:
+ 6b:d2:af:1e:e2:35:5a:be:11:4a:0b:41:e6:fc:fc:
+ 12:aa:d7:ec:37:3b:36:8a:0a:ff:69:9b:52:4c:be:
+ d8:2c:62:44:fc:9d:40:7d:40:d2:40:44:5a:6e:c0:
+ 90:62:9a:99:1b:81:3b:2b:69:5b:05:e8:52:1a:a0:
+ dc:4f:70:3b:64:4d:79:62:91:ab:00:c6:ee:81:89:
+ 98:84:66:45:49:e1:43:94:23:47:08:4b:18:ee:69:
+ a0:00:17:23:3c:d0:cb:fa:da:2e:4c:82:bc:73:00:
+ 7e:51:b2:0f:dc:e5:d8:cc:7a:93:05:e7:87:de:35:
+ 07:57:f5:20:b9:99:72:29:61:05:5b:b2:6b:31:ad:
+ 3a:06:48:40:39:ef:0e:b5:bc:99:3e:24:a0:b1:e0:
+ ec:ce:1c:a2:94:c1:7d:7a:46:f9:ca:25:60:11:14:
+ d9:d8:fb:50:0e:a9:ab:20:39:af:cb:48:3e:56:b3:
+ 21:3a:fc:80:97:09:cf:7f:36:91:66:2c:9c:72:8f:
+ d7:a4:58:4a:d8:6d:d9:67:82:bb:65:7d:6a:de:36:
+ 6e:8e:85:7d:1b:6f:6c:c7:28:d7:2f:16:ef:32:a7:
+ d2:91:23:84:04:41:78:86:fe:bb:aa:59:f8:16:9f:
+ 84:3a:b8:28:7b:d3:b8:79:67:0e:06:c6:ad:9e:8e:
+ ff:cf:3a:4c:bf:a9:e5:71:cd:50:38:df:08:36:5d:
+ d9:e6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
- X509v3 Subject Key Identifier:
- 4A:D3:EC:63:07:E0:8F:1A:4E:F5:09:43:90:9F:7A:C5:31:D1:8F:D8
- X509v3 Authority Key Identifier:
-
keyid:8C:7C:E7:D2:76:05:89:71:1A:23:5B:D4:59:B4:51:E2:5C:0A:5C:E8
- DirName:/CN=cassandra
- serial:82:9B:01:78:1E:9B:0B:23
-
- X509v3 Extended Key Usage:
- TLS Web Server Authentication
X509v3 Key Usage:
Digital Signature, Key Encipherment
+ X509v3 Subject Alternative Name:
+
URI:spiffe://test.cassandra.apache.org/cassandra-gocql-driver/integrationTest/cassandra
+ X509v3 Subject Key Identifier:
+ 76:65:DA:FD:55:6B:1D:CE:A4:18:14:E7:78:91:76:49:9B:4B:85:F3
+ X509v3 Authority Key Identifier:
+ 91:E4:CD:B1:83:17:E9:5C:10:99:1C:81:83:5A:93:72:1F:36:73:5B
Signature Algorithm: sha256WithRSAEncryption
- ac:bc:80:82:2d:6d:f1:a0:46:eb:00:05:d2:25:9a:83:66:57:
- 40:51:6e:ff:db:e3:28:04:7b:16:63:74:ec:55:a0:c0:5b:47:
- 13:e1:5a:a5:6d:22:d0:e5:fe:c1:51:e8:f6:c6:9c:f9:be:b7:
- be:82:14:e4:a0:b2:0b:9f:ee:68:bc:ac:17:0d:13:50:c6:9e:
- 52:91:8c:a0:98:db:4e:2d:f6:3d:6e:85:0a:bb:b9:dd:01:bf:
- ad:52:dd:6e:e4:41:01:a5:93:58:dd:3f:cf:bf:15:e6:25:aa:
- a0:4f:98:0d:75:8a:3f:5b:ba:67:37:f6:b1:0b:3f:21:34:97:
- 50:9a:85:97:2b:b6:05:41:9a:f3:cf:c4:92:23:06:ab:3e:87:
- 98:30:eb:cb:d3:83:ab:04:7d:5c:b9:f0:12:d1:43:b3:c5:7d:
- 33:9a:2e:2b:80:3a:66:be:f1:8c:08:37:7a:93:9c:9b:60:60:
- 53:71:16:70:86:df:ca:5f:a9:0b:e2:8b:3d:af:02:62:3b:61:
- 30:da:53:89:e3:d8:0b:88:04:9a:93:6a:f6:28:f8:dd:0d:8f:
- 0c:82:5b:c0:e5:f8:0d:ad:06:76:a7:3b:4b:ae:54:37:25:15:
- f5:0c:67:0f:77:c5:c4:97:68:09:c3:02:a7:a0:46:10:1c:d1:
- 95:3a:4c:94
+ Signature Value:
+ 5e:65:66:57:68:d5:59:a5:06:7d:d6:39:58:2f:f1:e1:94:45:
+ ed:b0:35:ee:22:21:8d:69:53:8d:1b:1e:f4:5b:65:61:27:3a:
+ 51:c6:e8:64:46:93:4d:24:e1:7d:31:78:85:39:b9:3e:04:06:
+ 31:13:23:4c:43:43:d0:f1:d6:d9:49:5b:23:2e:1e:75:7f:ba:
+ 91:51:4f:cc:5a:65:9a:b9:f7:7c:0a:81:68:90:ad:56:7f:81:
+ 90:75:d9:7b:3a:4c:34:12:59:cf:30:30:1d:9f:91:e5:d9:c0:
+ 2c:8b:7d:30:8e:43:25:94:e2:92:3b:d1:9f:53:e4:7f:b8:3e:
+ 14:6f:f8:06:d7:e3:ba:27:ec:be:ee:e8:57:50:2f:e9:4a:d2:
+ 07:e7:90:93:43:94:c3:da:38:a0:03:90:91:eb:ea:93:16:c8:
+ 8c:4e:7a:41:0c:f1:1e:08:25:f1:95:d7:e1:63:47:71:29:b8:
+ 1f:2c:1c:24:bc:03:67:87:9c:25:5c:ae:56:6c:97:00:7f:9d:
+ ad:da:52:3f:ca:86:a0:95:7e:a2:34:97:72:e0:48:b6:96:1e:
+ a5:49:7a:25:ae:ff:ee:13:46:c4:9d:ec:8c:40:e6:90:65:7e:
+ 4b:fa:dd:86:d3:c9:09:3f:0c:e9:9b:d4:85:95:8a:e9:de:fe:
+ 88:63:37:12:11:ef:01:f6:cd:72:37:60:26:d5:99:78:ff:84:
+ 89:49:20:d9:a6:a1:c5:8f:c2:6f:ac:de:1c:af:e2:c8:c9:54:
+ b3:2f:ab:41:d2:e8:8a:35:a1:57:3f:65:f9:23:65:20:68:90:
+ e6:29:e9:48:bd:c0:f4:25:2d:c9:e9:0a:47:6a:5a:7b:26:64:
+ 8d:72:f9:2d:b1:be:e2:6c:bf:67:45:de:c9:3f:b7:bc:52:e6:
+ 0b:c3:04:57:0c:a2:d3:55:9d:e2:70:12:09:8d:37:8b:f7:3e:
+ 73:ac:01:41:f1:ab:1e:5e:bb:a1:37:12:90:a7:d6:ba:86:24:
+ 03:10:18:fc:e8:c2:46:9f:06:22:b8:b6:87:2c:0a:c8:bf:b2:
+ c9:c9:13:df:ca:66:66:3e:d5:31:a4:0e:4e:9d:de:54:75:16:
+ 75:64:e5:fa:af:e3:04:81:5b:51:9a:9c:9c:1d:99:6e:69:6f:
+ 7e:9d:cf:1c:a5:ed:47:38:26:89:8a:79:63:11:b7:1c:10:c2:
+ 89:34:26:9a:6c:9a:a2:66:c6:71:29:ab:dd:f3:05:d5:41:ca:
+ 48:8b:d5:c9:7c:b6:e9:80:15:29:c7:7b:bc:78:4a:52:01:a2:
+ ce:ab:c4:ea:bb:9b:de:d7:c9:7a:7f:e7:7c:57:1c:e0:74:d6:
+ 54:c4:e8:9b:cf:55:39:2e
-----BEGIN CERTIFICATE-----
-MIIDOTCCAiGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwljYXNz
-YW5kcmEwHhcNMTQwOTE5MjExODQ4WhcNMjQwOTE2MjExODQ4WjAUMRIwEAYDVQQD
-EwljYXNzYW5kcmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlnCCe
-3phzREENN0xiw5+HX5tPqs/2kG6l4ImIegDGu9eAh2ku+vA1WYBugiXIs2z2pJeX
-k5Pq8HBwpOG3qtrBmWabkwQ6zguDBwYiPabbf2gPSYC9hqi7VG04Xw+w+huXJK7M
-nTeYfnbM4xtFGyElFwLAGsX7dsOLk9fFhRQKXKQS5xhpmPV2zXjNmVopZfFoIJfT
-vgmzaBvyo6Kac1hTfu2GMqNa1UYD+bO07GNxurv7b/mCY+RVR3p65HsXa9fmzzvJ
-qwwwFcntx9b8tnKyFH3H83+K9GNwZI4P2+g6RUfNuXuuyDHBUtE+NBK3c+e6iYaa
-Nu2gWmnQ1OO2FoWvAgMBAAGjgZUwgZIwCQYDVR0TBAIwADAdBgNVHQ4EFgQUStPs
-YwfgjxpO9QlDkJ96xTHRj9gwRAYDVR0jBD0wO4AUjHzn0nYFiXEaI1vUWbRR4lwK
-XOihGKQWMBQxEjAQBgNVBAMTCWNhc3NhbmRyYYIJAIKbAXgemwsjMBMGA1UdJQQM
-MAoGCCsGAQUFBwMBMAsGA1UdDwQEAwIFoDANBgkqhkiG9w0BAQsFAAOCAQEArLyA
-gi1t8aBG6wAF0iWag2ZXQFFu/9vjKAR7FmN07FWgwFtHE+FapW0i0OX+wVHo9sac
-+b63voIU5KCyC5/uaLysFw0TUMaeUpGMoJjbTi32PW6FCru53QG/rVLdbuRBAaWT
-WN0/z78V5iWqoE+YDXWKP1u6Zzf2sQs/ITSXUJqFlyu2BUGa88/EkiMGqz6HmDDr
-y9ODqwR9XLnwEtFDs8V9M5ouK4A6Zr7xjAg3epOcm2BgU3EWcIbfyl+pC+KLPa8C
-YjthMNpTiePYC4gEmpNq9ij43Q2PDIJbwOX4Da0Gdqc7S65UNyUV9QxnD3fFxJdo
-CcMCp6BGEBzRlTpMlA==
+MIIFbTCCA1WgAwIBAgIUGLtOHL+5RMxYxzalXea3vY6QleowDQYJKoZIhvcNAQEL
+BQAwDTELMAkGA1UEAwwCY2EwIBcNMjQwODI5MTU1MTA2WhgPMjEyNDA4MDUxNTUx
+MDZaMBQxEjAQBgNVBAMMCWNhc3NhbmRyYTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAORdbZ4coh8AzZ5nJQX5zDiKqP5S5II40PBYDvXBfY8zXLM8fJcQ
+er3dO1kaxEBwkUZB+U7QkPW7t58W4W/bM3Q59k8VP/uq4d8nZeIT4cl+wQeDCmPC
+kuXJ3VStcNhdDm7c5FVm3AC0DmiykorZVTM07l0/VNPHr3AUi4UM23Fe1eoEgeBp
+45Q7cNxNiR/8WKxh4GoJhIWHhfqk3t5Lcl7+apx0D+W1SW3+jVkBRdqS4Omntie+
+ccOpkGzLyEPcd2umMh0nUfZuweJU8dELMNQsH1oGmAdBUFPegP1L9hIq6fhvxV20
+07a9f4yrXsIUa9KvHuI1Wr4RSgtB5vz8EqrX7Dc7NooK/2mbUky+2CxiRPydQH1A
+0kBEWm7AkGKamRuBOytpWwXoUhqg3E9wO2RNeWKRqwDG7oGJmIRmRUnhQ5QjRwhL
+GO5poAAXIzzQy/raLkyCvHMAflGyD9zl2Mx6kwXnh941B1f1ILmZcilhBVuyazGt
+OgZIQDnvDrW8mT4koLHg7M4copTBfXpG+colYBEU2dj7UA6pqyA5r8tIPlazITr8
+gJcJz382kWYsnHKP16RYStht2WeCu2V9at42bo6FfRtvbMco1y8W7zKn0pEjhARB
+eIb+u6pZ+BafhDq4KHvTuHlnDgbGrZ6O/886TL+p5XHNUDjfCDZd2eZHAgMBAAGj
+gbswgbgwCQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwXgYDVR0RBFcwVYZTc3BpZmZl
+Oi8vdGVzdC5jYXNzYW5kcmEuYXBhY2hlLm9yZy9jYXNzYW5kcmEtZ29jcWwtZHJp
+dmVyL2ludGVncmF0aW9uVGVzdC9jYXNzYW5kcmEwHQYDVR0OBBYEFHZl2v1Vax3O
+pBgU53iRdkmbS4XzMB8GA1UdIwQYMBaAFJHkzbGDF+lcEJkcgYNak3IfNnNbMA0G
+CSqGSIb3DQEBCwUAA4ICAQBeZWZXaNVZpQZ91jlYL/HhlEXtsDXuIiGNaVONGx70
+W2VhJzpRxuhkRpNNJOF9MXiFObk+BAYxEyNMQ0PQ8dbZSVsjLh51f7qRUU/MWmWa
+ufd8CoFokK1Wf4GQddl7Okw0ElnPMDAdn5Hl2cAsi30wjkMllOKSO9GfU+R/uD4U
+b/gG1+O6J+y+7uhXUC/pStIH55CTQ5TD2jigA5CR6+qTFsiMTnpBDPEeCCXxldfh
+Y0dxKbgfLBwkvANnh5wlXK5WbJcAf52t2lI/yoaglX6iNJdy4Ei2lh6lSXolrv/u
+E0bEneyMQOaQZX5L+t2G08kJPwzpm9SFlYrp3v6IYzcSEe8B9s1yN2Am1Zl4/4SJ
+SSDZpqHFj8JvrN4cr+LIyVSzL6tB0uiKNaFXP2X5I2UgaJDmKelIvcD0JS3J6QpH
+alp7JmSNcvktsb7ibL9nRd7JP7e8UuYLwwRXDKLTVZ3icBIJjTeL9z5zrAFB8ase
+XruhNxKQp9a6hiQDEBj86MJGnwYiuLaHLArIv7LJyRPfymZmPtUxpA5Ond5UdRZ1
+ZOX6r+MEgVtRmpycHZluaW9+nc8cpe1HOCaJinljEbccEMKJNCaabJqiZsZxKavd
+8wXVQcpIi9XJfLbpgBUpx3u8eEpSAaLOq8Tqu5ve18l6f+d8VxzgdNZUxOibz1U5
+Lg==
-----END CERTIFICATE-----
diff --git a/testdata/pki/cassandra.key b/testdata/pki/cassandra.key
index 6878e82..d1691ad 100644
--- a/testdata/pki/cassandra.key
+++ b/testdata/pki/cassandra.key
@@ -1,27 +1,52 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA5Zwgnt6Yc0RBDTdMYsOfh1+bT6rP9pBupeCJiHoAxrvXgIdp
-LvrwNVmAboIlyLNs9qSXl5OT6vBwcKTht6rawZlmm5MEOs4LgwcGIj2m239oD0mA
-vYaou1RtOF8PsPoblySuzJ03mH52zOMbRRshJRcCwBrF+3bDi5PXxYUUClykEucY
-aZj1ds14zZlaKWXxaCCX074Js2gb8qOimnNYU37thjKjWtVGA/mztOxjcbq7+2/5
-gmPkVUd6euR7F2vX5s87yasMMBXJ7cfW/LZyshR9x/N/ivRjcGSOD9voOkVHzbl7
-rsgxwVLRPjQSt3PnuomGmjbtoFpp0NTjthaFrwIDAQABAoIBAQChjdjl73kUoVGk
-GuSEGWCFv59nzqfEtJsl23bpr+4b5s8agCxiAe5Bm1fiaXBsZtKkN+rxm8TX6ZUz
-rM+ki3KgBW9Mx4SSW6d96dNHBFoC1wJAv1b2A2l1ZVHz9+7ydwgysHzNO1GC2nh8
-cM8fMJeBoU8uG6hx5n5wFvYa5CfVoUQh8+Oq0b+mVxEFKHmRPnWp9/jPzL5eBIdr
-ulbDt9S3dKJtouHgHBUNdkq/7Ex3QeHrUOahX6Y4eX1rzLnfLYY+0J4EA2PCKvgQ
-bfKCxVnnzL6ywviH8eS3ql6OvTfnbK9kCRw7WxX9CC50qKj3EmwC/51MPhWohWlq
-jw3qf38BAoGBAPPNyb3vUiyUqoErZxxIPFc2ob3vCjj06cvi7uKpOgrkdgC3iBhz
-aCFQ28r7LrxLAHaKvNvwp71Lc7WYo8WWkLI1DVn0dx+GiQYW3DbNcwZOS40ZQz5L
-zsjEcG4+cnZmuqGZBMNvQ+xUjkuucxvxPWKpEKM18GfDjgEkKbmDr+uNAoGBAPEY
-kVSfSZGtP0MoXIfRkrxBlhvCj9m+p60P37pyHrJBrlrwvxB7x3Oz8S70D6kV8s2g
-vVHgOS3VPj17VaQG8a3jBLKjzp5JLe34G8D1Ny8GqDc2wzOBtZySpJbifXuSUSPk
-cqF7yiu1cD/wRPlwyWxBX9ZbaxvxnIUwLLd3ygkrAoGBAKQaw42uVkCdvPr/DQOT
-d9I4erxO9zGJYQmU8bjtsZz9VJR89QWIQPIT7C3/zuB9F42zKxZcMXwQGo2EddAc
-3b6mSRtgmwJEW10W7BmTRrZa4y3RcFqxSjoHR6pdLEyYL01woy0taqnb7H/yp5aK
-VghfxkwllXEyxxXrko5FnpdNAoGBANeJLBunz2BxrnW+doJhZDnytFya4nk6TbKU
-12FaNoEL4PCh+12kGtogSwS74eg6m/citT2mI9gKpHrYcOaT4qmeo4uEj+nH6Eyv
-Gzi0wCHFZMr/pSC92/teyc+uKZo4Y1ugFq6w+Tt8GB7BERiisR+bji8XSTkRFemn
-+MIIUFFDAoGAM8Va2Q5aTUkfg2mYlNLqT2tUAXVEhbmzjPA6laSo25PQEYWmX7vj
-hiU0DPCDJQ/PlPI23xYtDDLNk83Zbx+Oj29GO5pawJY9NvFI8n60EFXfLbP1nEdG
-j077QZNZOKfcgJirWi3+RrHSAK4tFftCe7rkV8ZmlMRBY3SDxzKOGcc=
------END RSA PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDkXW2eHKIfAM2e
+ZyUF+cw4iqj+UuSCONDwWA71wX2PM1yzPHyXEHq93TtZGsRAcJFGQflO0JD1u7ef
+FuFv2zN0OfZPFT/7quHfJ2XiE+HJfsEHgwpjwpLlyd1UrXDYXQ5u3ORVZtwAtA5o
+spKK2VUzNO5dP1TTx69wFIuFDNtxXtXqBIHgaeOUO3DcTYkf/FisYeBqCYSFh4X6
+pN7eS3Je/mqcdA/ltUlt/o1ZAUXakuDpp7YnvnHDqZBsy8hD3HdrpjIdJ1H2bsHi
+VPHRCzDULB9aBpgHQVBT3oD9S/YSKun4b8VdtNO2vX+Mq17CFGvSrx7iNVq+EUoL
+Qeb8/BKq1+w3OzaKCv9pm1JMvtgsYkT8nUB9QNJARFpuwJBimpkbgTsraVsF6FIa
+oNxPcDtkTXlikasAxu6BiZiEZkVJ4UOUI0cISxjuaaAAFyM80Mv62i5MgrxzAH5R
+sg/c5djMepMF54feNQdX9SC5mXIpYQVbsmsxrToGSEA57w61vJk+JKCx4OzOHKKU
+wX16RvnKJWARFNnY+1AOqasgOa/LSD5WsyE6/ICXCc9/NpFmLJxyj9ekWErYbdln
+grtlfWreNm6OhX0bb2zHKNcvFu8yp9KRI4QEQXiG/ruqWfgWn4Q6uCh707h5Zw4G
+xq2ejv/POky/qeVxzVA43wg2XdnmRwIDAQABAoICAHH/4dToXlYzxHGq8+SDytr+
+/VXYc5I+Yq9Yhj9QlCmEbmZbb6bJ5zwY0KOupQG2MA9up9IcdAD38LZOacO5HXqL
+5NWdug8cQx1vQYEWg8RermXdmLYsT8C+gOrgmlCoQ6g8RRANBQ6k0/yYCGegDtQ9
+PDD4iJQgPwgoeW21+WYi/Y6RKXSp5537/l87pZR+GJYVVj4Y+jreaJey7j7yUunw
+/6+SkM0PLtTmGhGwfPqcEAMUYe59N7WBVEO7hwG5cTQgByxekKAAsnEWDpFYkMua
+Kxx55jLY/AyiKqpH3VM8cQhAY7pfpsC24JGMiwU/xIOsQDKUh/QSFXCBOZpZC8ej
+5/0LGgqMPu+L/1TVfWtWIXnDhTgD7b7gr6uXsEF0kZY7pcbNAh6NNgZN9Y/1Q690
+BhV3xs8eKc5p2fP6DMG5yw1T7crOsuVzXwYotwfrkmro1neEPKPVUVyj4mYwFPi2
+Gx0L5yVmEKbgBgHIfPedh7BgaaP32/25K65Mx5RUZhwqgduwpfCs6+0NMryVzAHh
+2d9/BFiWRveU1uabBlF6BMvNKRYVHfaid2Ify+Rkx1ZLKvW6Km8PJZNWC+BZNbKm
+hJow4eEqkes1XcB0GJJP8lfv4F5+w/j1P6QUN3gZONxjc4DHc4q57yFRy87wjIsW
+beja0CHde26On+DjXzuBAoIBAQD6/aeGTOcKys6Kwnbn8j1mSQFApvWvpSWUKxrr
+KFkdKXL/Xhz4UBbmBA9fwC1CLSMJSaDru+dXIbMJQU3Ceo5hb1cX10Bs1by2z5x7
+ibRd75RonrlxkgPtL7DI6MPTDHiaAV9Zwm8bYfei049AJ5CqKx+SmAqhYo2JX5j+
+yiyhQK0I6bJBgFDYgCrcBDtYPIvNTq1qcUhvd8CynoM9DemZxyEzkVaD4CQ6N3xH
+lIUifwUW3ewnWw38n6IZYMZA6MtUB7XaG3JvEbHSSFlzq9qnUfTVk9x08wF6iLfC
+2+gt2+P/m8/9FPik2kW5xRktvXB16fE66ApYXUdsA5XkxW83AoIBAQDo7CzWkSO/
+74dqtrP3fqtha5DnW+95F8xrhlaf0pJ7cMNaTPcB8/aOte5tbmfErCf6fr7BCY5l
+XrigI2Xu/9GDrD6OFp4sV4GmworsF9p+/KaVG0MbRjo56+zlh4wckfqWI8ObiqSc
+9p9ymIVZRRZE3VGQVNL2rvUfFOc754EYImH3VCsUEJ1LbCvqC4bK3XwVbs7sM5vT
+Li0iGSMvTJ4KT/nrcfHRpIT2G584Ho5XLUXD1Z+8wESvueR+vOJdm212xJ1YT8Wj
+FwYhz3xDQkrCFfEz/QBGMgQlMygFGcTVXu2tQExZ8DOP45n7LxCRFtXOzQsGKNe/
+VpHYEM5lPClxAoIBAHml/1AkbcbZTQoL/r2ktwWgVK8VPPcIwBH0YnOfdrGfqVEE
+OF5R0wdg6GKsLkNoxRZ3TTt0M0gT2UafFCUyaVfoMvonJd6aKYEhVuK5d2Yf/HpI
+k/DrqGOJPdHinybnYHykNaa3ikpnTTLp/wBFLOSNShwu/NgDgD4Yy3qSWtc9FaDA
+Q9lja8vDMwK4Olsl3UyA2aRBi64bCJaKJWmuGI6j6P+pbZk1RdnBksbOwUha8AiJ
+PzBD/Z93b4WFVhGXwxTTN9yiePBETz9wOYrKvItkOZpas/sq3IibQxV6qCmx7eux
+hTlQtMKR2EGVugJlUuCTpou6c2korLk5c6kR2DkCggEBAL+ILhrGwNH84qry0CxN
+Yho6/K3zIIm/8x3cGvFTk5akFE/2CAv4FCAoJIaiCfxk4H8QqEVOWWSsLj+ovBJ7
+FEslYU8v9CNcVcXOJbScrNRNZ6InB9iuuASXJ3dbLfD0bU323MvThyd3eYgfOVA+
+CmDYaVC5H70wA2rqonbVGIfDBjH+aWoXe3Dg43+SuOWqmXV6Z/c9PP678useJpun
+cjHisA1W5lXQ5nEGJ7hbEAtJtBukV7U7mX+y6dz5716wB6Rpa0WKW2eP8D/vQSyB
+n73Xkz9/5TDTwirg1SDUntIiPGmB/QbcCVph+2Xcvs/AKlLisxT+kuLJCibVMxN2
+FFECggEAfbOg87nLfqqIVf1bmCwP/DO4QAF4Lsh9nAf+QKmgYGWOGyf53Vj000OZ
+cclGDuES+DjtZ53/8st3pyWjFUfflKPHFZePTlbl0ZaLHroT//dvr2ZVrKR5fyXn
+4D3iiCHNTGyHQMdEgpndN+t3WkkqDVf1NMcCkCOgPVyjeij2ssUppppQbRH+yiGZ
+8KKVsJIBpg/dXpyokaU+giRwKiH/eoEGsRA1UUc1OUVMvtlYcfivx0gqRzVNDbG5
+OWRV24QWXzRWNwlRiuLlRy3I16+GDAjj8WvvgmZPJnTAb8o4GdZsQIilfULjKuO3
+hXMGqXxc01tMXzm4vMCgW5HUpyQ8qQ==
+-----END PRIVATE KEY-----
diff --git a/testdata/pki/generate_certs.sh b/testdata/pki/generate_certs.sh
new file mode 100644
index 0000000..ba06bb9
--- /dev/null
+++ b/testdata/pki/generate_certs.sh
@@ -0,0 +1,98 @@
+#! /bin/bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# This script generates the various certificates used for integration
+# tests. All certificates are created with a validity of 3650 days,
+# or 10 years. Therefore, this only needs to be used sparingly,
+# although could eventually be repurposed to regenerate certificates
+# as part of setting up the integration test harness.
+
+set -eux
+
+# How long certificates should be considered valid, 100 years
+VALIDITY=36500
+
+# Generate 4096-bit unencrypted RSA private key using aes256
+function generatePrivateKey() {
+ base=$1
+ rm -fv ${base}.key
+ echo "Generating private key ${base}.key"
+ # Generate Private Key
+ openssl genrsa -aes256 -out ${base}.key -passout pass:cassandra 4096
+ echo "Decrypting ${base}.key"
+ # Decrypt Private Key
+ openssl rsa -in ${base}.key -out ${base}.key -passin pass:cassandra
+}
+
+# Generate a X509 Certificate signed by the generated CA
+function generateCASignedCert() {
+ base=$1
+ rm -fv ${base}.csr ${base}.crt
+ # Generate Certificate Signing Request
+ echo "Generating certificate signing request ${base}.csr"
+ openssl req -new -key ${base}.key -out ${base}.csr -config ${base}.cnf
+ # Generate Certificate using CA
+ echo "Generating certificate ${base}.crt"
+ openssl x509 -req -in ${base}.csr -CA ca.crt -CAkey ca.key \
+ -CAcreateserial -out ${base}.crt -days $VALIDITY \
+ -extensions req_ext -extfile ${base}.cnf -text
+ rm -fv ${base}.csr
+}
+
+# CA
+# Generate CA that signs both gocql and cassandra certs
+generatePrivateKey ca
+# Generate CA Certificate
+echo "Generating CA certificate ca.crt"
+rm -fv ca.crt
+openssl req -x509 -new -nodes -key ca.key -days $VALIDITY \
+ -out ca.crt -config ca.cnf -text
+
+# Import CA certificate into JKS truststore so it can be used by Cassandra.
+echo "Generating truststore .truststore for Cassandra"
+rm -fv .truststore
+keytool -import -keystore .truststore -trustcacerts \
+ -file ca.crt -alias ca -storetype JKS \
+ -storepass cassandra -noprompt
+
+# GoCQL
+# Generate CA-signed certificate for GoCQL client for integration tests
+generatePrivateKey gocql
+generateCASignedCert gocql
+
+# Cassandra
+# Generate CA-signed certificate for Cassandra
+generatePrivateKey cassandra
+generateCASignedCert cassandra
+
+# Import cassandra private key and certificate into a PKCS12 keystore
+# and to a JKS keystore so it can be used by cassandra.
+echo "Generating cassandra.p12 and .keystore for Cassandra"
+rm -fv cassandra.p12
+openssl pkcs12 -export -in cassandra.crt -inkey cassandra.key \
+ -out cassandra.p12 -name cassandra \
+ -CAfile ca.crt -caname ca \
+ -password pass:cassandra \
+ -noiter -nomaciter
+
+rm -fv .keystore
+keytool -importkeystore -srckeystore cassandra.p12 -srcstoretype PKCS12 \
+ -srcstorepass cassandra -srcalias cassandra \
+ -destkeystore .keystore -deststoretype JKS \
+ -deststorepass cassandra -destalias cassandra
diff --git a/testdata/pki/gocql.cnf b/testdata/pki/gocql.cnf
new file mode 100644
index 0000000..76ccbe5
--- /dev/null
+++ b/testdata/pki/gocql.cnf
@@ -0,0 +1,16 @@
+[req]
+default_bits = 2048
+prompt = no
+default_md = sha256
+distinguished_name = dn
+
+[dn]
+CN = gocql
+
+[req_ext]
+basicConstraints = CA:FALSE
+keyUsage = digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+URI =
spiffe://test.cassandra.apache.org/cassandra-gocql-driver/integrationTest/gocql
diff --git a/testdata/pki/gocql.crt b/testdata/pki/gocql.crt
index 22bf19f..8e43ad0 100644
--- a/testdata/pki/gocql.crt
+++ b/testdata/pki/gocql.crt
@@ -1,83 +1,124 @@
Certificate:
Data:
Version: 3 (0x2)
- Serial Number: 1 (0x1)
+ Serial Number:
+ 18:bb:4e:1c:bf:b9:44:cc:58:c7:36:a5:5d:e6:b7:bd:8e:90:95:e9
Signature Algorithm: sha256WithRSAEncryption
- Issuer: CN=cassandra
+ Issuer: CN=ca
Validity
- Not Before: Sep 19 21:18:33 2014 GMT
- Not After : Sep 16 21:18:33 2024 GMT
+ Not Before: Aug 29 15:51:06 2024 GMT
+ Not After : Aug 5 15:51:06 2124 GMT
Subject: CN=gocql
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (2048 bit)
- Modulus (2048 bit):
- 00:ae:e9:fa:9e:fd:e2:69:85:1d:08:0f:35:68:bc:
- 63:7b:92:50:7f:73:50:fc:42:43:35:06:b3:5c:9e:
- 27:1e:16:05:69:ec:88:d5:9c:4f:ef:e8:13:69:7a:
- b5:b3:7f:66:6d:14:00:2e:d6:af:5b:ff:2c:90:91:
- a6:11:07:72:5e:b0:37:c0:6d:ff:7b:76:2b:fe:de:
- 4c:d2:8d:ce:43:3b:1a:c4:1d:de:b6:d8:26:08:25:
- 89:59:a1:4b:94:a3:57:9e:19:46:28:6e:97:11:7c:
- e6:b7:41:96:8f:42:dd:66:da:86:d2:53:dd:d8:f5:
- 20:cd:24:8b:0f:ab:df:c4:10:b2:64:20:1d:e0:0f:
- f4:2d:f6:ca:94:be:83:ac:3e:a8:4a:77:b6:08:97:
- 3a:7e:7b:e0:3e:ab:68:cf:ee:f6:a1:8e:bf:ec:be:
- 06:d1:ad:6c:ed:4f:35:d1:04:97:08:33:b1:65:5b:
- 61:32:8d:4b:f0:30:35:4b:8b:6b:06:f2:1a:72:8c:
- 69:bd:f3:b2:c4:a4:a4:70:45:e3:67:a2:7a:9f:2e:
- cb:28:2d:9f:68:03:f1:c7:d9:4f:83:c9:3d:8c:34:
- 04:0a:3b:13:87:92:e1:f7:e3:79:7e:ab:c0:25:b1:
- e5:38:09:44:3e:31:df:12:d4:dc:7b:0e:35:bf:ee:
- 25:5f
+ Public-Key: (4096 bit)
+ Modulus:
+ 00:b1:23:d0:d4:e6:23:b1:9e:6c:15:29:50:10:6e:
+ af:7e:06:c8:63:26:b9:bc:7a:48:a4:81:06:2d:b0:
+ 5c:0d:33:66:de:1f:6f:9b:3c:98:48:96:32:36:25:
+ c6:08:a6:11:1b:97:5a:5b:7a:ee:ee:8c:cf:2b:11:
+ 2d:ac:17:99:52:7d:90:d4:da:e5:24:c2:a8:64:c0:
+ 79:0d:70:3a:da:6c:be:24:a6:96:1c:aa:5a:3b:7a:
+ c3:a6:1a:92:dd:a4:95:9c:45:05:10:d5:42:89:c6:
+ 94:0b:d5:9f:53:de:32:5f:41:e0:1f:87:3a:90:f1:
+ e0:bd:5a:e3:09:82:97:d8:75:86:6f:18:15:06:48:
+ 33:fa:f1:7a:82:cf:13:97:8c:a1:72:98:5a:81:73:
+ 54:e1:df:72:7f:49:82:e0:ab:29:27:2a:02:be:23:
+ 0a:f7:13:84:2f:97:68:7e:10:7e:8a:fc:1e:c0:3e:
+ a9:20:2f:02:f1:6f:6e:cd:1f:31:d9:c1:55:fe:1a:
+ 8c:23:b4:53:91:05:c8:bf:6e:c2:9a:c2:be:c8:d5:
+ cc:2c:36:c6:80:b0:fd:0b:88:c7:e4:db:7d:17:ff:
+ 71:b0:f0:b2:04:57:ab:e5:04:9c:86:8e:e6:e6:7f:
+ 07:41:44:91:4d:bb:d2:d7:1a:65:11:4f:68:99:11:
+ b9:58:98:99:0e:82:94:a4:32:99:f6:ad:43:83:dc:
+ 89:74:14:42:b5:0d:db:8e:17:93:01:c0:cc:c4:cd:
+ f1:cf:59:3c:05:89:7b:04:e9:5f:88:90:ad:52:01:
+ 04:4e:b4:ed:76:f4:0c:00:bd:62:ed:75:95:a9:d1:
+ 42:e4:aa:97:cd:4b:3c:5d:69:78:a0:f4:0f:37:68:
+ 52:56:9f:bc:d5:33:a7:52:e3:db:70:15:d6:06:8c:
+ 60:99:c5:44:16:91:25:33:8f:96:e1:dd:81:1c:63:
+ 12:e0:35:54:42:03:d9:be:89:2b:97:5d:75:9f:7d:
+ 13:ef:c8:86:fb:d6:52:7d:86:04:df:89:48:f7:0b:
+ 3a:0b:4a:d4:c0:4b:52:56:94:81:74:47:32:83:27:
+ d2:a6:ac:fa:f9:46:d5:a1:81:25:45:88:6e:72:44:
+ eb:69:a1:f0:60:11:f3:90:63:cb:c4:ce:76:da:a3:
+ c1:00:51:2f:2f:70:c3:c6:e2:8d:6d:ea:a9:75:56:
+ 8b:ba:c5:34:7a:94:a1:2d:d9:fb:17:3f:82:d4:b8:
+ bc:6c:6a:5f:ab:76:b1:eb:32:b2:fa:16:f3:14:a7:
+ bb:4c:b9:be:80:8b:c3:92:a7:b1:5f:a0:f3:5b:8d:
+ f7:b9:54:df:04:66:5a:43:eb:0e:1e:3b:a7:f1:95:
+ df:3b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
+ X509v3 Key Usage:
+ Digital Signature, Key Encipherment
+ X509v3 Subject Alternative Name:
+
URI:spiffe://test.cassandra.apache.org/cassandra-gocql-driver/integrationTest/gocql
X509v3 Subject Key Identifier:
- 9F:F1:B2:C4:82:34:D0:2F:FF:E9:7F:19:F1:3B:51:57:BF:E8:95:BB
+ C1:76:E6:E4:22:F4:9C:8A:26:8C:28:62:F9:18:25:2A:53:92:57:45
X509v3 Authority Key Identifier:
-
keyid:8C:7C:E7:D2:76:05:89:71:1A:23:5B:D4:59:B4:51:E2:5C:0A:5C:E8
- DirName:/CN=cassandra
- serial:82:9B:01:78:1E:9B:0B:23
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
+ 91:E4:CD:B1:83:17:E9:5C:10:99:1C:81:83:5A:93:72:1F:36:73:5B
Signature Algorithm: sha256WithRSAEncryption
- 12:aa:1b:a6:58:27:52:32:c9:46:19:32:d3:69:ae:95:ad:23:
- 55:ad:12:65:da:2c:4c:72:f3:29:bd:2b:5a:97:3b:b7:68:8b:
- 68:80:77:55:e6:32:81:f1:f5:20:54:ba:0e:2b:86:90:d8:44:
- cf:f2:9f:ec:4d:39:67:4e:36:6c:9b:49:4a:80:e6:c1:ed:a4:
- 41:39:19:16:d2:88:df:17:0c:46:5a:b9:88:53:f5:67:19:f0:
- 1f:9a:51:40:1b:40:12:bc:57:db:de:dd:d3:f5:a8:93:68:30:
- ac:ba:4e:ee:6b:af:f8:13:3d:11:1a:fa:90:93:d0:68:ce:77:
- 5f:85:8b:a4:95:2a:4c:25:7b:53:9c:44:43:b1:d9:fe:0c:83:
- b8:19:2a:88:cc:d8:d1:d9:b3:04:eb:45:9b:30:5e:cb:61:e0:
- e1:88:23:9c:b0:34:79:62:82:0d:f8:10:ed:96:bb:a0:fd:0d:
- 02:cb:c5:d3:47:1f:35:a7:e3:39:31:56:d5:b3:eb:2f:93:8f:
- 18:b4:b7:3c:00:03:a7:b4:1c:17:72:91:7e:b6:f6:36:17:3d:
- f6:54:3b:87:84:d1:9b:43:d1:88:42:64:20:7a:e3:cc:f7:05:
- 98:0e:1c:51:da:20:b7:9b:49:88:e8:c6:e1:de:0d:f5:56:4f:
- 79:41:d0:7f
+ Signature Value:
+ 4b:37:dc:28:e6:bd:58:6c:a0:99:8a:26:c9:07:c1:89:b8:57:
+ 38:cc:32:e8:c4:61:84:97:f5:5e:7e:46:ed:91:13:ca:ae:18:
+ d0:74:ff:ee:a3:d2:81:b7:65:6f:d4:65:fa:cd:ba:96:dc:6f:
+ e9:a8:0f:8f:62:65:2c:d1:14:3b:10:57:43:a2:ad:4d:28:0f:
+ f3:1b:cb:57:ba:e5:1f:bf:6c:f8:f4:41:8c:b0:d4:e1:89:e2:
+ 3a:f1:e8:b3:6b:67:07:82:d2:5a:de:fd:af:69:03:b2:c5:e9:
+ c0:c8:fa:39:ff:6e:ca:5e:37:17:8c:32:0f:03:11:7b:2e:be:
+ c8:90:1a:48:bf:d2:8f:1a:f4:2f:03:2f:4d:5d:5b:58:20:df:
+ 0e:93:44:95:10:6a:0a:c5:d5:6a:6d:9c:b8:ee:a4:d2:3c:2f:
+ 79:d3:3e:d7:74:e1:c4:0b:74:5e:fb:00:b1:34:75:3d:da:ec:
+ f2:9e:88:b9:77:30:1c:2d:17:a5:36:0e:7b:75:d0:80:c6:bd:
+ 8b:fb:05:b6:ed:7c:1a:2e:06:a1:e2:e6:bd:a4:da:79:ec:3f:
+ fc:17:43:6b:30:96:e7:a5:c9:c8:fd:6a:eb:89:af:e6:37:40:
+ 17:10:dc:7c:09:b0:53:88:34:f0:22:49:8e:47:43:0d:25:2d:
+ 3a:b6:98:bd:f7:dc:3c:0b:fa:38:93:6f:84:f9:bf:04:cd:93:
+ 6b:b9:30:32:22:cc:43:3f:6a:96:ff:73:2f:c7:62:d9:48:5f:
+ 08:22:e4:97:ed:fc:53:6a:7d:b1:d5:e6:3c:70:ea:5d:e3:70:
+ fc:71:9f:8a:9f:78:86:6a:f5:bf:dd:41:fb:08:16:af:6e:0e:
+ 9a:1d:c3:62:2f:2f:33:5a:a9:92:60:0b:05:26:c6:87:3a:7c:
+ fe:88:e8:92:9f:46:d3:ee:fe:23:7c:b0:9e:e6:97:0d:a9:95:
+ ff:34:a4:b6:7b:00:8b:e4:47:9c:8f:04:a3:9d:e4:4f:86:7b:
+ d3:c9:2e:b8:02:04:16:99:e1:2e:0e:91:f3:c7:da:d9:dc:1c:
+ 4b:15:6c:7d:c6:2a:00:6e:0b:4f:14:37:9f:bb:ad:ef:cd:b8:
+ 1c:60:25:06:58:40:b2:60:0f:5e:50:c1:cb:03:93:b5:66:d4:
+ 3b:77:38:2b:b5:53:a0:ad:e9:e9:a6:25:18:69:f2:23:a0:74:
+ e7:d3:db:81:28:e7:26:50:a6:be:ee:67:29:3e:79:4d:f4:71:
+ f0:c0:c5:d3:e6:cb:c5:1d:26:45:b9:9f:6a:b3:30:dd:ec:7e:
+ 00:d3:ac:a1:2d:81:95:2f:29:46:b7:20:17:01:c6:b4:d2:0e:
+ 1d:9a:fc:b2:46:94:f8:6d
-----BEGIN CERTIFICATE-----
-MIIDNTCCAh2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwljYXNz
-YW5kcmEwHhcNMTQwOTE5MjExODMzWhcNMjQwOTE2MjExODMzWjAQMQ4wDAYDVQQD
-EwVnb2NxbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK7p+p794mmF
-HQgPNWi8Y3uSUH9zUPxCQzUGs1yeJx4WBWnsiNWcT+/oE2l6tbN/Zm0UAC7Wr1v/
-LJCRphEHcl6wN8Bt/3t2K/7eTNKNzkM7GsQd3rbYJggliVmhS5SjV54ZRihulxF8
-5rdBlo9C3WbahtJT3dj1IM0kiw+r38QQsmQgHeAP9C32ypS+g6w+qEp3tgiXOn57
-4D6raM/u9qGOv+y+BtGtbO1PNdEElwgzsWVbYTKNS/AwNUuLawbyGnKMab3zssSk
-pHBF42eiep8uyygtn2gD8cfZT4PJPYw0BAo7E4eS4ffjeX6rwCWx5TgJRD4x3xLU
-3HsONb/uJV8CAwEAAaOBlTCBkjAJBgNVHRMEAjAAMB0GA1UdDgQWBBSf8bLEgjTQ
-L//pfxnxO1FXv+iVuzBEBgNVHSMEPTA7gBSMfOfSdgWJcRojW9RZtFHiXApc6KEY
-pBYwFDESMBAGA1UEAxMJY2Fzc2FuZHJhggkAgpsBeB6bCyMwEwYDVR0lBAwwCgYI
-KwYBBQUHAwIwCwYDVR0PBAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQASqhumWCdS
-MslGGTLTaa6VrSNVrRJl2ixMcvMpvStalzu3aItogHdV5jKB8fUgVLoOK4aQ2ETP
-8p/sTTlnTjZsm0lKgObB7aRBORkW0ojfFwxGWrmIU/VnGfAfmlFAG0ASvFfb3t3T
-9aiTaDCsuk7ua6/4Ez0RGvqQk9BozndfhYuklSpMJXtTnERDsdn+DIO4GSqIzNjR
-2bME60WbMF7LYeDhiCOcsDR5YoIN+BDtlrug/Q0Cy8XTRx81p+M5MVbVs+svk48Y
-tLc8AAOntBwXcpF+tvY2Fz32VDuHhNGbQ9GIQmQgeuPM9wWYDhxR2iC3m0mI6Mbh
-3g31Vk95QdB/
+MIIFZTCCA02gAwIBAgIUGLtOHL+5RMxYxzalXea3vY6QlekwDQYJKoZIhvcNAQEL
+BQAwDTELMAkGA1UEAwwCY2EwIBcNMjQwODI5MTU1MTA2WhgPMjEyNDA4MDUxNTUx
+MDZaMBAxDjAMBgNVBAMMBWdvY3FsMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAsSPQ1OYjsZ5sFSlQEG6vfgbIYya5vHpIpIEGLbBcDTNm3h9vmzyYSJYy
+NiXGCKYRG5daW3ru7ozPKxEtrBeZUn2Q1NrlJMKoZMB5DXA62my+JKaWHKpaO3rD
+phqS3aSVnEUFENVCicaUC9WfU94yX0HgH4c6kPHgvVrjCYKX2HWGbxgVBkgz+vF6
+gs8Tl4yhcphagXNU4d9yf0mC4KspJyoCviMK9xOEL5dofhB+ivwewD6pIC8C8W9u
+zR8x2cFV/hqMI7RTkQXIv27CmsK+yNXMLDbGgLD9C4jH5Nt9F/9xsPCyBFer5QSc
+ho7m5n8HQUSRTbvS1xplEU9omRG5WJiZDoKUpDKZ9q1Dg9yJdBRCtQ3bjheTAcDM
+xM3xz1k8BYl7BOlfiJCtUgEETrTtdvQMAL1i7XWVqdFC5KqXzUs8XWl4oPQPN2hS
+Vp+81TOnUuPbcBXWBoxgmcVEFpElM4+W4d2BHGMS4DVUQgPZvokrl111n30T78iG
++9ZSfYYE34lI9ws6C0rUwEtSVpSBdEcygyfSpqz6+UbVoYElRYhuckTraaHwYBHz
+kGPLxM522qPBAFEvL3DDxuKNbeqpdVaLusU0epShLdn7Fz+C1Li8bGpfq3ax6zKy
++hbzFKe7TLm+gIvDkqexX6DzW433uVTfBGZaQ+sOHjun8ZXfO/ECAwEAAaOBtzCB
+tDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBaBgNVHREEUzBRhk9zcGlmZmU6Ly90
+ZXN0LmNhc3NhbmRyYS5hcGFjaGUub3JnL2Nhc3NhbmRyYS1nb2NxbC1kcml2ZXIv
+aW50ZWdyYXRpb25UZXN0L2dvY3FsMB0GA1UdDgQWBBTBdubkIvSciiaMKGL5GCUq
+U5JXRTAfBgNVHSMEGDAWgBSR5M2xgxfpXBCZHIGDWpNyHzZzWzANBgkqhkiG9w0B
+AQsFAAOCAgEASzfcKOa9WGygmYomyQfBibhXOMwy6MRhhJf1Xn5G7ZETyq4Y0HT/
+7qPSgbdlb9Rl+s26ltxv6agPj2JlLNEUOxBXQ6KtTSgP8xvLV7rlH79s+PRBjLDU
+4YniOvHos2tnB4LSWt79r2kDssXpwMj6Of9uyl43F4wyDwMRey6+yJAaSL/Sjxr0
+LwMvTV1bWCDfDpNElRBqCsXVam2cuO6k0jwvedM+13ThxAt0XvsAsTR1Pdrs8p6I
+uXcwHC0XpTYOe3XQgMa9i/sFtu18Gi4GoeLmvaTaeew//BdDazCW56XJyP1q64mv
+5jdAFxDcfAmwU4g08CJJjkdDDSUtOraYvffcPAv6OJNvhPm/BM2Ta7kwMiLMQz9q
+lv9zL8di2UhfCCLkl+38U2p9sdXmPHDqXeNw/HGfip94hmr1v91B+wgWr24Omh3D
+Yi8vM1qpkmALBSbGhzp8/ojokp9G0+7+I3ywnuaXDamV/zSktnsAi+RHnI8Eo53k
+T4Z708kuuAIEFpnhLg6R88fa2dwcSxVsfcYqAG4LTxQ3n7ut7824HGAlBlhAsmAP
+XlDBywOTtWbUO3c4K7VToK3p6aYlGGnyI6B059PbgSjnJlCmvu5nKT55TfRx8MDF
+0+bLxR0mRbmfarMw3ex+ANOsoS2BlS8pRrcgFwHGtNIOHZr8skaU+G0=
-----END CERTIFICATE-----
diff --git a/testdata/pki/gocql.key b/testdata/pki/gocql.key
index 0d701f4..6dc8237 100644
--- a/testdata/pki/gocql.key
+++ b/testdata/pki/gocql.key
@@ -1,27 +1,52 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEArun6nv3iaYUdCA81aLxje5JQf3NQ/EJDNQazXJ4nHhYFaeyI
-1ZxP7+gTaXq1s39mbRQALtavW/8skJGmEQdyXrA3wG3/e3Yr/t5M0o3OQzsaxB3e
-ttgmCCWJWaFLlKNXnhlGKG6XEXzmt0GWj0LdZtqG0lPd2PUgzSSLD6vfxBCyZCAd
-4A/0LfbKlL6DrD6oSne2CJc6fnvgPqtoz+72oY6/7L4G0a1s7U810QSXCDOxZVth
-Mo1L8DA1S4trBvIacoxpvfOyxKSkcEXjZ6J6ny7LKC2faAPxx9lPg8k9jDQECjsT
-h5Lh9+N5fqvAJbHlOAlEPjHfEtTcew41v+4lXwIDAQABAoIBAQCCP9XSwzfwX6Fo
-uPqKjY5/HEs5PQPXdPha6ixyEYsLilZptCuI9adI/MZHy4q2qW36V+Ry/IcEuJXU
-6cCB+cue2xYJA2A17Z+BYMRQHiy0P7UEyUFpYrefZWRMDCIeAyxhnGxz+zYfXaTo
-Xbzh3WbFCoFO6gjPYGoWmNm8x74PXyunNaMa/gWFECX5MMBXoOk5xSFGbHzI2Cds
-iT7sdCQJVbBs7yidYwNqPWQuOwrskFinPIFSc7bZ0Sx9wO3XTIrQFCE94v/AN6yR
-9Q37ida54g5tgtoeg/5EGsUM++i4wqJVoT3tWUHv1jBozO4Lm65uWR/1HcrusVnr
-x0TM9SaBAoGBAOMeaZdUrCJXnIiSoqCGDvZmylTAeOo6n2RAiviOYxVB4GP/SSjh
-8VeddFhYT1GCmZ+YjIXnRWK+dSqVukzCuf5xW5mWY7PDNGZe2P6O78lXnY4cb8Nc
-Uo9/S2aPnNmNHL2TYVBYUiZj+t2azIQEFvRth4Vu/AHRUG41/USxpwm/AoGBAMUo
-GX0xgSFAVpHnTLdzWrHNRrzHgYN8ywPKFgNOASvdgW0BFoqXEvVGc1Ak6uW82m1/
-L9ChOzWjCY7CoT+LPmdUVyGT9/UAPtWeLfo8Owl4tG91jQjePmJFvLoXErryCFRt
-SOOvCsTTTq2gN3PREHxY3dj2kJqaCBLCEzx3cYxhAoGBAIUxdrc6/t/9BV3KsPj2
-5Zt3WL0vSzoCOyut9lIiHtV+lrvOIPeK2eCKBIsy7wFcV/+SlQaKRNTN4SSiPml5
-4V3o2NFPsxTfK8HFafiPluw7J7kJ0Dl/0SM6gduZ6WBkMzCyV+WohjTheWOwvrPF
-OjkKaunD1qKyQDsCCo/Yp589AoGAdKgnfNZf68bf8nEECcBtt6sY4fbCgYTDszhO
-EiKDuurT/CWaquJ9SzgmXxOZEdrO+9838aCVIkWYECrFso23nPhgnfOp0gQVKdzw
-o5Ij9JTBXvoVO1wVWZyd8RZZ9Nflad9IM8CNBK1rbnzQkuzvbkQ+8HPkWDYv9Ll1
-HGAohcECgYBQeirIumumj1B17WD/KmNe0U0qCHHp+oSW4W2r7pjlEVZzeQmggX4O
-anbEngyQaZKeUiUOj9snBDmzLv7S+j5p7Us4d1fbp70sCKuK6tcAnROU8gK8IGiI
-I01ypD8Z1Mb556qek56eRWlr71sy6wI1lbQa856cUBvePajUOKsKsw==
------END RSA PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
+MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCxI9DU5iOxnmwV
+KVAQbq9+BshjJrm8ekikgQYtsFwNM2beH2+bPJhIljI2JcYIphEbl1pbeu7ujM8r
+ES2sF5lSfZDU2uUkwqhkwHkNcDrabL4kppYcqlo7esOmGpLdpJWcRQUQ1UKJxpQL
+1Z9T3jJfQeAfhzqQ8eC9WuMJgpfYdYZvGBUGSDP68XqCzxOXjKFymFqBc1Th33J/
+SYLgqyknKgK+Iwr3E4Qvl2h+EH6K/B7APqkgLwLxb27NHzHZwVX+GowjtFORBci/
+bsKawr7I1cwsNsaAsP0LiMfk230X/3Gw8LIEV6vlBJyGjubmfwdBRJFNu9LXGmUR
+T2iZEblYmJkOgpSkMpn2rUOD3Il0FEK1DduOF5MBwMzEzfHPWTwFiXsE6V+IkK1S
+AQROtO129AwAvWLtdZWp0ULkqpfNSzxdaXig9A83aFJWn7zVM6dS49twFdYGjGCZ
+xUQWkSUzj5bh3YEcYxLgNVRCA9m+iSuXXXWffRPvyIb71lJ9hgTfiUj3CzoLStTA
+S1JWlIF0RzKDJ9KmrPr5RtWhgSVFiG5yROtpofBgEfOQY8vEznbao8EAUS8vcMPG
+4o1t6ql1Vou6xTR6lKEt2fsXP4LUuLxsal+rdrHrMrL6FvMUp7tMub6Ai8OSp7Ff
+oPNbjfe5VN8EZlpD6w4eO6fxld878QIDAQABAoICACGpGiZSoya94XD1/EJbHhr3
+I/3/Xl0L6aDk6a0l7aAOi/YaiCU6Ev/8FoeGjwaWs/qHvMJUbnHDLRzUc1bX1yk/
+NhXUkKV3HfOjRX2BvZVDA7DIPQ8uad4SmnoGY7EddNaQoQFNXQr8QqarDc8skmra
+hEHJex4O8HNbAXiNqdgWoRicPWaHsuT1HSAdRG5QaV9yxwQBS/ht8v5wFCAoNjY8
+e+/wjcVcnopCnbcS4FD9zsQeRBobBNanI6lzy4/C9tnF5qpkOlr8++QwomcxKXrV
+capXMEpFF5ipAb8h3DgCsPJ8En/TvxTSVwIUxpi3O8QxyOC6F7sLR3hOHCS2Iv97
+dU3v+3e4tpwCeuEQm6jU42TPkRYD8yELAGBIbwRf1RucLlCGJED8RfGb4FRTeJgy
+L6ofp/C9w97+c7FAEjq9f/RmGK1u3aZ7olA3vq9OIZjLzb6KOR7R85xLicLfKOj+
+3mMapNTAnsHesJvNjnMsmi/epmBzK3Y4FNBwgIzobT4BmUMu7hvZSKeG8SJ/Komf
+OHA3Hhic6vljxddIYH7UowJ9NB52XI+5wdTnDbYusFwz6dS3VOUJOjSfuICAwwBm
+scCSr7ScEDWncy/PjB/ICgdJo9QaOMz6EVIg/+hQShZ3bgiytDqVw3pBXXLA6iMY
+/QIzfUdWeua3Rv2ZgsjnAoIBAQDU9EFt9UnBkjOLDE/kw0H8kndZO1BZits1TqB7
+IK0CRznRypsN8sSO72k3zVShsd4NZQsK679IZ+LlB/YssmtT23N2mpMSz1odnjoh
+H8KIPG/znOMEUDXt2n2f9RryU6KV2XXB55eftwtUuM+l7oSMrYkBNbxniQe5njUW
+Yb3Zx6YUBslIQApiX9h3lDjV4jgO6N0u6/Q3ncfU/LGta1Cml0NxDYO3FFQuaKXy
+4zvGX7zHfodRCGSIzE692ZMhp8Zz8O8kCwNbWnb/TKx9s0QKKf4Kxx6tJXQ6lMtS
+KPkLeuoPvOkQdVjkhdFnWjaTwYr0g074SLa+gMaw/AgXKeJvAoIBAQDU8kfT3x2C
+KEcqgI7Ootb8Owtk+MQT/vuHHaoeg93G0y1FyYohtkXhzGyzWAxNc0qlootFCsnI
+5Erowzok+rwE/kP0Q3/yZFBsOZ5MFnfXkIbg22PNUCQePh25vECudM/0cFNomGPf
+r3H4k5WD2cJQ1AN4AYmHaB3vlJ4k7J5kcU4+cGzN6rlvdhImoh6aD8am8SIsXj+w
+/x7TZLWbTa5utQFU7alZIl5LDbacOo+fOxpcM9LRmWCIvoAHPhegfVuYu1n0GgLu
+JWNEsb3nNvJ52TsvMXwv2Zao4xwQ5ik29iaWYpMT4zFDLyxRWNdjyrtz76OzNe3/
+/bW6TpFUBnefAoIBACP5SyBHInmHuBtSLiDn9zqyh2TUh0NJGLTNnoCOSYur+pF9
+F2poy1mWCgE6N4TFJky+9/mVT4/stMCZ8rUkQss8tCmh/RxdWMzOEOXNlrAq/YJ6
+y0LMRf/zO+uMnUu4YyvLO4BRHiUF5+0c9z8BpvSY0B8bM8ONu3dYyYEJa+fhOSYC
+63fAEcECje/NYziGaY/jOJIXm/7VMY/CTEWObmZmASeU7946menpFbeNOWjOfXZ5
+4mQG9ezCDr81hQxXakfluJAvKBcDljyUeEMXyHOrGlY5wu3e+N54ikxLzZ5p2iZk
+dD6qhCS+klxSOgwF0vJxSCLbLbvKx0XYnYlEMxMCggEBALhogA9Y3kMDAm4qGoGT
+vz17HGj6jUMLw2LFK7d1Vq+B3WjcGYUMRgQ+dbvx+eVwfCpoUtcdepVALibYOhgg
+Eob4cnyrn7eXa5XtZ8pYgrvo6wT6uLjqN/0AqdlYz2LEwfna9EBWB9eEJdywYgBm
+qcI5eC+KlUDvx0zclP9A8gHlpW6pCXBhXujJhPpz1rBwDQYxN/jYPavXoyhJxIOT
+iAVTNq4HimooOyQf4g31IL8x/afvMRhWDKUe49xhxzAynwnq5QFhLTxyoD6y9dOv
+X9hpaLl7zyHY+oGS+5Ee4H46ODxvbRMB4n1d8rEXkJ9Yx3ClDEx73Xmciq2msG/l
+kd0CggEBAK+xZjYnDei8Gk44cFt/pWQgQV0E0WwnJ6VaCfHiJ8LqmITvsLy24w2+
+niD6wmCU9ubM2pgGAbXq4TykZki+5rSWimK4f2unORzP9bya7ouMnfK9MqPrgFmu
+bCjhis68dPUkl2bOgQ2RwmYVr3vmlrHjELJUG2XJkIP1A8ed1VJdvGnVvdj9wQA4
+TIDofvgx/Q09sql913sxklB2dJReKR2LSkDbWaaZ/thiQFSYkkqKz/hduuwLl/Yh
+eh7K2nH9fQfK3tJ58FdkpUiY9HctBORbk2zoo/6/Or8WT4xH7uknk7h2ojb1BSGk
+/lzgSK73/zQ6JbksZybsgsFbVJD+wUE=
+-----END PRIVATE KEY-----
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
