dexter has uploaded this change for review. (
https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36621?usp=email )
Change subject: ipad: add an extra certificate+bundle for host "testsuite"
......................................................................
ipad: add an extra certificate+bundle for host "testsuite"
Change-Id: I2d4ba8b710b9cf518b90c7f7acc8982350705531
---
M ipad/example_ca/pki/.rnd
A ipad/example_ca/pki/certs_by_serial/1D1B580C1B235125A87BE06C70121913.pem
M ipad/example_ca/pki/extensions.temp
M ipad/example_ca/pki/index.txt
A ipad/example_ca/pki/index.txt.attr.old
M ipad/example_ca/pki/index.txt.old
A ipad/example_ca/pki/issued/testsuite.cabundle
A ipad/example_ca/pki/issued/testsuite.crt
A ipad/example_ca/pki/issued/testsuite.notes
M ipad/example_ca/pki/openssl-easyrsa.temp
A ipad/example_ca/pki/private/testsuite.key
A ipad/example_ca/pki/reqs/testsuite.req
M ipad/example_ca/pki/safessl-easyrsa.cnf
M ipad/example_ca/pki/serial
M ipad/example_ca/pki/serial.old
15 files changed, 298 insertions(+), 18 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-ttcn3-hacks
refs/changes/21/36621/1
diff --git a/ipad/example_ca/pki/.rnd b/ipad/example_ca/pki/.rnd
index 1334945..4bcee5a 100644
--- a/ipad/example_ca/pki/.rnd
+++ b/ipad/example_ca/pki/.rnd
Binary files differ
diff --git
a/ipad/example_ca/pki/certs_by_serial/1D1B580C1B235125A87BE06C70121913.pem
b/ipad/example_ca/pki/certs_by_serial/1D1B580C1B235125A87BE06C70121913.pem
new file mode 100644
index 0000000..2395451
--- /dev/null
+++ b/ipad/example_ca/pki/certs_by_serial/1D1B580C1B235125A87BE06C70121913.pem
@@ -0,0 +1,87 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 1d:1b:58:0c:1b:23:51:25:a8:7b:e0:6c:70:12:19:13
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Apr 3 12:54:27 2024 GMT
+ Not After : Mar 19 12:54:27 2027 GMT
+ Subject: CN=testsuite
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:cd:59:25:9d:ed:cf:96:f5:11:27:fe:53:28:be:
+ 9a:34:7d:52:8b:ba:67:17:d6:b9:01:c6:a5:a3:e3:
+ f9:13:76:4a:f6:98:0a:d7:75:49:8c:b5:aa:3e:d4:
+ 24:0f:8a:f4:4e:b2:63:b1:6e:04:20:79:27:94:6e:
+ 35:9b:94:26:d7:bf:25:f2:98:48:e8:8a:87:54:7c:
+ b9:c5:83:59:42:9d:11:aa:3b:a3:35:b2:e9:c6:9f:
+ ba:65:30:1d:ac:92:da:1a:63:b7:7c:73:84:1d:7a:
+ 73:d1:8e:c4:f3:84:9a:c3:2a:b3:00:e1:5e:b3:0c:
+ 6b:5d:c9:a2:db:15:53:31:bb:24:6a:e5:26:80:32:
+ 7e:9a:0f:5f:a6:10:ac:76:4f:9e:17:13:6c:92:51:
+ 39:08:ba:89:ec:ae:16:33:eb:48:48:a6:24:a7:4c:
+ 0e:ba:20:e9:b8:bb:ef:c8:f6:6f:25:f2:27:c1:25:
+ 34:cd:7a:52:bc:99:ce:e1:d3:f7:96:7e:ea:19:cc:
+ 0b:f6:03:11:c0:2e:63:61:90:88:81:2e:d1:f2:5c:
+ 3e:65:ff:1e:9a:57:16:d8:b3:97:35:18:0e:cc:37:
+ d4:52:cd:1c:81:ba:69:9a:15:85:13:99:7a:2d:36:
+ e5:77:62:2b:70:4a:78:57:ff:30:71:6d:41:27:cc:
+ 10:93
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 7E:68:CE:CF:F2:02:43:81:28:66:84:80:BC:16:F2:56:D6:9E:3D:AE
+ X509v3 Authority Key Identifier:
+
keyid:C3:81:B8:A8:1B:DE:BF:A6:69:00:20:FF:C5:CF:C5:08:37:9D:EE:76
+ DirName:/CN=Easy-RSA CA
+
serial:60:40:F9:60:0A:22:43:66:68:46:32:52:8B:73:FF:57:5B:78:F5:9E
+
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication
+ X509v3 Key Usage:
+ Digital Signature, Key Encipherment
+ X509v3 Subject Alternative Name:
+ DNS:testsuite
+ Signature Algorithm: sha256WithRSAEncryption
+ 2d:d4:04:33:c9:2b:c1:1e:ed:f3:b6:81:3d:24:03:9e:dc:fa:
+ 94:38:d3:ee:7c:50:7c:e8:c2:9c:f0:c9:f8:6b:36:c2:ca:73:
+ f7:f2:8d:61:92:3f:4d:a9:19:de:a4:46:13:ac:8f:ca:18:de:
+ 2d:2f:e2:d6:8a:f4:b9:2c:9a:89:33:1f:b8:52:9e:9f:e2:28:
+ ec:9b:c5:88:50:05:81:b3:68:eb:3a:19:d1:44:ab:31:32:ef:
+ a5:f0:aa:4c:c0:e6:08:77:40:b8:33:69:b1:f3:ab:a3:53:c1:
+ 7a:73:78:ab:88:18:01:6c:23:23:ed:f8:09:2d:f8:6b:c3:c2:
+ 66:7d:b5:fa:2e:a5:ed:9d:0d:8b:c3:7f:cc:7e:69:e7:ff:83:
+ ba:df:2c:ad:7e:d2:8c:a3:82:fd:4f:cb:25:9c:d2:56:6f:2d:
+ 72:09:ab:7b:f9:3e:86:58:41:0e:d6:b7:fa:49:ce:21:8a:85:
+ 96:d6:33:a6:7f:c1:68:b5:78:ac:e3:33:6d:ed:f7:40:57:8d:
+ d5:c1:20:21:b3:be:be:ea:7e:37:d5:27:92:a7:a4:8d:8d:e9:
+ 90:35:8d:36:77:b3:ee:c8:94:6d:07:f9:7c:2a:1b:45:5c:ca:
+ 59:45:07:79:4c:d6:28:c9:68:f9:05:5a:f5:fa:6f:83:12:58:
+ 29:3a:d4:52
+-----BEGIN CERTIFICATE-----
+MIIDbTCCAlWgAwIBAgIQHRtYDBsjUSWoe+BscBIZEzANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yNDA0MDMxMjU0MjdaFw0yNzAzMTkx
+MjU0MjdaMBQxEjAQBgNVBAMMCXRlc3RzdWl0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAM1ZJZ3tz5b1ESf+Uyi+mjR9Uou6ZxfWuQHGpaPj+RN2SvaY
+Ctd1SYy1qj7UJA+K9E6yY7FuBCB5J5RuNZuUJte/JfKYSOiKh1R8ucWDWUKdEao7
+ozWy6cafumUwHayS2hpjt3xzhB16c9GOxPOEmsMqswDhXrMMa13JotsVUzG7JGrl
+JoAyfpoPX6YQrHZPnhcTbJJROQi6ieyuFjPrSEimJKdMDrog6bi778j2byXyJ8El
+NM16UryZzuHT95Z+6hnMC/YDEcAuY2GQiIEu0fJcPmX/HppXFtizlzUYDsw31FLN
+HIG6aZoVhROZei025XdiK3BKeFf/MHFtQSfMEJMCAwEAAaOBuDCBtTAJBgNVHRME
+AjAAMB0GA1UdDgQWBBR+aM7P8gJDgShmhIC8FvJW1p49rjBRBgNVHSMESjBIgBTD
+gbioG96/pmkAIP/Fz8UIN53udqEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GC
+FGBA+WAKIkNmaEYyUotz/1dbePWeMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGA1Ud
+DwQEAwIFoDAUBgNVHREEDTALggl0ZXN0c3VpdGUwDQYJKoZIhvcNAQELBQADggEB
+AC3UBDPJK8Ee7fO2gT0kA57c+pQ40+58UHzowpzwyfhrNsLKc/fyjWGSP02pGd6k
+RhOsj8oY3i0v4taK9LksmokzH7hSnp/iKOybxYhQBYGzaOs6GdFEqzEy76XwqkzA
+5gh3QLgzabHzq6NTwXpzeKuIGAFsIyPt+Akt+GvDwmZ9tfoupe2dDYvDf8x+aef/
+g7rfLK1+0oyjgv1PyyWc0lZvLXIJq3v5PoZYQQ7Wt/pJziGKhZbWM6Z/wWi1eKzj
+M23t90BXjdXBICGzvr7qfjfVJ5KnpI2N6ZA1jTZ3s+7IlG0H+XwqG0VcyllFB3lM
+1ijJaPkFWvX6b4MSWCk61FI=
+-----END CERTIFICATE-----
diff --git a/ipad/example_ca/pki/extensions.temp
b/ipad/example_ca/pki/extensions.temp
index fba838c..b50d5af 100644
--- a/ipad/example_ca/pki/extensions.temp
+++ b/ipad/example_ca/pki/extensions.temp
@@ -14,4 +14,4 @@
keyUsage = digitalSignature,keyEncipherment
-subjectAltName = DNS:localhost,IP:127.0.0.1
+subjectAltName = DNS:testsuite
diff --git a/ipad/example_ca/pki/index.txt b/ipad/example_ca/pki/index.txt
index 3343ef2..42250af 100644
--- a/ipad/example_ca/pki/index.txt
+++ b/ipad/example_ca/pki/index.txt
@@ -1 +1,2 @@
V 270318133909Z 11192A13CF3A3BC43FE1594BA8567DF0 unknown
/CN=alttest
+V 270319125427Z 1D1B580C1B235125A87BE06C70121913 unknown
/CN=testsuite
diff --git a/ipad/example_ca/pki/index.txt.attr.old
b/ipad/example_ca/pki/index.txt.attr.old
new file mode 100644
index 0000000..3a7e39e
--- /dev/null
+++ b/ipad/example_ca/pki/index.txt.attr.old
@@ -0,0 +1 @@
+unique_subject = no
diff --git a/ipad/example_ca/pki/index.txt.old
b/ipad/example_ca/pki/index.txt.old
index e69de29..3343ef2 100644
--- a/ipad/example_ca/pki/index.txt.old
+++ b/ipad/example_ca/pki/index.txt.old
@@ -0,0 +1 @@
+V 270318133909Z 11192A13CF3A3BC43FE1594BA8567DF0 unknown
/CN=alttest
diff --git a/ipad/example_ca/pki/issued/testsuite.cabundle
b/ipad/example_ca/pki/issued/testsuite.cabundle
new file mode 100644
index 0000000..bc4e6ce
--- /dev/null
+++ b/ipad/example_ca/pki/issued/testsuite.cabundle
@@ -0,0 +1,42 @@
+-----BEGIN CERTIFICATE-----
+MIIDbTCCAlWgAwIBAgIQHRtYDBsjUSWoe+BscBIZEzANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yNDA0MDMxMjU0MjdaFw0yNzAzMTkx
+MjU0MjdaMBQxEjAQBgNVBAMMCXRlc3RzdWl0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAM1ZJZ3tz5b1ESf+Uyi+mjR9Uou6ZxfWuQHGpaPj+RN2SvaY
+Ctd1SYy1qj7UJA+K9E6yY7FuBCB5J5RuNZuUJte/JfKYSOiKh1R8ucWDWUKdEao7
+ozWy6cafumUwHayS2hpjt3xzhB16c9GOxPOEmsMqswDhXrMMa13JotsVUzG7JGrl
+JoAyfpoPX6YQrHZPnhcTbJJROQi6ieyuFjPrSEimJKdMDrog6bi778j2byXyJ8El
+NM16UryZzuHT95Z+6hnMC/YDEcAuY2GQiIEu0fJcPmX/HppXFtizlzUYDsw31FLN
+HIG6aZoVhROZei025XdiK3BKeFf/MHFtQSfMEJMCAwEAAaOBuDCBtTAJBgNVHRME
+AjAAMB0GA1UdDgQWBBR+aM7P8gJDgShmhIC8FvJW1p49rjBRBgNVHSMESjBIgBTD
+gbioG96/pmkAIP/Fz8UIN53udqEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GC
+FGBA+WAKIkNmaEYyUotz/1dbePWeMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGA1Ud
+DwQEAwIFoDAUBgNVHREEDTALggl0ZXN0c3VpdGUwDQYJKoZIhvcNAQELBQADggEB
+AC3UBDPJK8Ee7fO2gT0kA57c+pQ40+58UHzowpzwyfhrNsLKc/fyjWGSP02pGd6k
+RhOsj8oY3i0v4taK9LksmokzH7hSnp/iKOybxYhQBYGzaOs6GdFEqzEy76XwqkzA
+5gh3QLgzabHzq6NTwXpzeKuIGAFsIyPt+Akt+GvDwmZ9tfoupe2dDYvDf8x+aef/
+g7rfLK1+0oyjgv1PyyWc0lZvLXIJq3v5PoZYQQ7Wt/pJziGKhZbWM6Z/wWi1eKzj
+M23t90BXjdXBICGzvr7qfjfVJ5KnpI2N6ZA1jTZ3s+7IlG0H+XwqG0VcyllFB3lM
+1ijJaPkFWvX6b4MSWCk61FI=
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIIDSzCCAjOgAwIBAgIUYED5YAoiQ2ZoRjJSi3P/V1t49Z4wDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjQwNDAyMTMzODE5WhcNMzQw
+MzMxMTMzODE5WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKGJhlCT/JyJdNgCM5wgNhaXnQNa8m0tuIRBf0Fj
+si22T0NCIBORnJrHX2AuDkC0Rkg4j/sJPs6DjAIijQgjYNstwdODPP6cslNmqXM/
+4PRElAc/iR8Q4eCobdwSiAG26wG+rwspBEjIIi2oHkpl+n+c1sgqGhlOqlwAzXzX
+fhjHZpbpfi4/gOwgncG9PKylaIJqz2f8QS7zUB9q+Jm7rK9NKPF6qTcKMrh3VhSL
+Ja1klyX+TtTAqXsXwCeRQU/1FfihCYxciD9MPikWCUHMytdoCLBAo0N+qescZZYg
+8VVfcXocYTEivYsbx2BxQJlnVxcBB7sGpsIi3xNa5DJQ/a8CAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUw4G4qBvev6ZpACD/xc/FCDed7nYwUQYDVR0jBEowSIAUw4G4qBve
+v6ZpACD/xc/FCDed7nahGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghRgQPlg
+CiJDZmhGMlKLc/9XW3j1njAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAX0fvL7WYcYPWx5tQrTrcqU4vtcO9GCgjsDB8FrqlZBW1
+Z8JbqrQ0qjt9mdfJkDu6EgncsV4du8IMiEx6YvvTYGEVmCTwYU+y3RjAeE79uu51
+UjDKL8r7Q7tkBsCf5jnkw0lmcYiEIErWTnCPy2XBIR/YLnMzoYmfRoqB8HjgFL+M
+IQw1sWH387n/DOrwQrXDxtnO6Hb6G+2Ym6t2Gh0aGihCnDVrOpyZ5lsp9XYT+/Yt
+AjS1zUUT+RdjiD55aAQi5vJhaa6C9NOIEiO7zV2Z4f9Fyb3AnQw9OMxYjuGTVf3d
+P2stdjKvd2TythsmHnkRJ/gDkmqrPxoDHEYNkNqK1g==
+-----END CERTIFICATE-----
diff --git a/ipad/example_ca/pki/issued/testsuite.crt
b/ipad/example_ca/pki/issued/testsuite.crt
new file mode 100644
index 0000000..2395451
--- /dev/null
+++ b/ipad/example_ca/pki/issued/testsuite.crt
@@ -0,0 +1,87 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 1d:1b:58:0c:1b:23:51:25:a8:7b:e0:6c:70:12:19:13
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Apr 3 12:54:27 2024 GMT
+ Not After : Mar 19 12:54:27 2027 GMT
+ Subject: CN=testsuite
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:cd:59:25:9d:ed:cf:96:f5:11:27:fe:53:28:be:
+ 9a:34:7d:52:8b:ba:67:17:d6:b9:01:c6:a5:a3:e3:
+ f9:13:76:4a:f6:98:0a:d7:75:49:8c:b5:aa:3e:d4:
+ 24:0f:8a:f4:4e:b2:63:b1:6e:04:20:79:27:94:6e:
+ 35:9b:94:26:d7:bf:25:f2:98:48:e8:8a:87:54:7c:
+ b9:c5:83:59:42:9d:11:aa:3b:a3:35:b2:e9:c6:9f:
+ ba:65:30:1d:ac:92:da:1a:63:b7:7c:73:84:1d:7a:
+ 73:d1:8e:c4:f3:84:9a:c3:2a:b3:00:e1:5e:b3:0c:
+ 6b:5d:c9:a2:db:15:53:31:bb:24:6a:e5:26:80:32:
+ 7e:9a:0f:5f:a6:10:ac:76:4f:9e:17:13:6c:92:51:
+ 39:08:ba:89:ec:ae:16:33:eb:48:48:a6:24:a7:4c:
+ 0e:ba:20:e9:b8:bb:ef:c8:f6:6f:25:f2:27:c1:25:
+ 34:cd:7a:52:bc:99:ce:e1:d3:f7:96:7e:ea:19:cc:
+ 0b:f6:03:11:c0:2e:63:61:90:88:81:2e:d1:f2:5c:
+ 3e:65:ff:1e:9a:57:16:d8:b3:97:35:18:0e:cc:37:
+ d4:52:cd:1c:81:ba:69:9a:15:85:13:99:7a:2d:36:
+ e5:77:62:2b:70:4a:78:57:ff:30:71:6d:41:27:cc:
+ 10:93
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 7E:68:CE:CF:F2:02:43:81:28:66:84:80:BC:16:F2:56:D6:9E:3D:AE
+ X509v3 Authority Key Identifier:
+
keyid:C3:81:B8:A8:1B:DE:BF:A6:69:00:20:FF:C5:CF:C5:08:37:9D:EE:76
+ DirName:/CN=Easy-RSA CA
+
serial:60:40:F9:60:0A:22:43:66:68:46:32:52:8B:73:FF:57:5B:78:F5:9E
+
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication
+ X509v3 Key Usage:
+ Digital Signature, Key Encipherment
+ X509v3 Subject Alternative Name:
+ DNS:testsuite
+ Signature Algorithm: sha256WithRSAEncryption
+ 2d:d4:04:33:c9:2b:c1:1e:ed:f3:b6:81:3d:24:03:9e:dc:fa:
+ 94:38:d3:ee:7c:50:7c:e8:c2:9c:f0:c9:f8:6b:36:c2:ca:73:
+ f7:f2:8d:61:92:3f:4d:a9:19:de:a4:46:13:ac:8f:ca:18:de:
+ 2d:2f:e2:d6:8a:f4:b9:2c:9a:89:33:1f:b8:52:9e:9f:e2:28:
+ ec:9b:c5:88:50:05:81:b3:68:eb:3a:19:d1:44:ab:31:32:ef:
+ a5:f0:aa:4c:c0:e6:08:77:40:b8:33:69:b1:f3:ab:a3:53:c1:
+ 7a:73:78:ab:88:18:01:6c:23:23:ed:f8:09:2d:f8:6b:c3:c2:
+ 66:7d:b5:fa:2e:a5:ed:9d:0d:8b:c3:7f:cc:7e:69:e7:ff:83:
+ ba:df:2c:ad:7e:d2:8c:a3:82:fd:4f:cb:25:9c:d2:56:6f:2d:
+ 72:09:ab:7b:f9:3e:86:58:41:0e:d6:b7:fa:49:ce:21:8a:85:
+ 96:d6:33:a6:7f:c1:68:b5:78:ac:e3:33:6d:ed:f7:40:57:8d:
+ d5:c1:20:21:b3:be:be:ea:7e:37:d5:27:92:a7:a4:8d:8d:e9:
+ 90:35:8d:36:77:b3:ee:c8:94:6d:07:f9:7c:2a:1b:45:5c:ca:
+ 59:45:07:79:4c:d6:28:c9:68:f9:05:5a:f5:fa:6f:83:12:58:
+ 29:3a:d4:52
+-----BEGIN CERTIFICATE-----
+MIIDbTCCAlWgAwIBAgIQHRtYDBsjUSWoe+BscBIZEzANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yNDA0MDMxMjU0MjdaFw0yNzAzMTkx
+MjU0MjdaMBQxEjAQBgNVBAMMCXRlc3RzdWl0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAM1ZJZ3tz5b1ESf+Uyi+mjR9Uou6ZxfWuQHGpaPj+RN2SvaY
+Ctd1SYy1qj7UJA+K9E6yY7FuBCB5J5RuNZuUJte/JfKYSOiKh1R8ucWDWUKdEao7
+ozWy6cafumUwHayS2hpjt3xzhB16c9GOxPOEmsMqswDhXrMMa13JotsVUzG7JGrl
+JoAyfpoPX6YQrHZPnhcTbJJROQi6ieyuFjPrSEimJKdMDrog6bi778j2byXyJ8El
+NM16UryZzuHT95Z+6hnMC/YDEcAuY2GQiIEu0fJcPmX/HppXFtizlzUYDsw31FLN
+HIG6aZoVhROZei025XdiK3BKeFf/MHFtQSfMEJMCAwEAAaOBuDCBtTAJBgNVHRME
+AjAAMB0GA1UdDgQWBBR+aM7P8gJDgShmhIC8FvJW1p49rjBRBgNVHSMESjBIgBTD
+gbioG96/pmkAIP/Fz8UIN53udqEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GC
+FGBA+WAKIkNmaEYyUotz/1dbePWeMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGA1Ud
+DwQEAwIFoDAUBgNVHREEDTALggl0ZXN0c3VpdGUwDQYJKoZIhvcNAQELBQADggEB
+AC3UBDPJK8Ee7fO2gT0kA57c+pQ40+58UHzowpzwyfhrNsLKc/fyjWGSP02pGd6k
+RhOsj8oY3i0v4taK9LksmokzH7hSnp/iKOybxYhQBYGzaOs6GdFEqzEy76XwqkzA
+5gh3QLgzabHzq6NTwXpzeKuIGAFsIyPt+Akt+GvDwmZ9tfoupe2dDYvDf8x+aef/
+g7rfLK1+0oyjgv1PyyWc0lZvLXIJq3v5PoZYQQ7Wt/pJziGKhZbWM6Z/wWi1eKzj
+M23t90BXjdXBICGzvr7qfjfVJ5KnpI2N6ZA1jTZ3s+7IlG0H+XwqG0VcyllFB3lM
+1ijJaPkFWvX6b4MSWCk61FI=
+-----END CERTIFICATE-----
diff --git a/ipad/example_ca/pki/issued/testsuite.notes
b/ipad/example_ca/pki/issued/testsuite.notes
new file mode 100644
index 0000000..55594a6
--- /dev/null
+++ b/ipad/example_ca/pki/issued/testsuite.notes
@@ -0,0 +1,8 @@
+This certificate is suitable for tests where the testsuite runs on a separate
+machine or VM that has the hostname "testsuite"
+
+The testsuite.crt certificate has been created using the following commandline:
+./easyrsa --subject-alt-name="DNS:testsuite" build-server-full testsuite nopass
+
+The testsuite.cabundle file has been created manually (alttest certificate at
the
+top, ca certificate at the bottom).
diff --git a/ipad/example_ca/pki/openssl-easyrsa.temp
b/ipad/example_ca/pki/openssl-easyrsa.temp
index d27c05b..041a4df 100644
--- a/ipad/example_ca/pki/openssl-easyrsa.temp
+++ b/ipad/example_ca/pki/openssl-easyrsa.temp
@@ -66,7 +66,7 @@
req_extensions = req_extra
[ req_extra ]
-subjectAltName = DNS:localhost,IP:127.0.0.1
+subjectAltName = DNS:testsuite
####################################################################
# Easy-RSA DN (Subject) handling
diff --git a/ipad/example_ca/pki/private/testsuite.key
b/ipad/example_ca/pki/private/testsuite.key
new file mode 100644
index 0000000..91e655f
--- /dev/null
+++ b/ipad/example_ca/pki/private/testsuite.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDNWSWd7c+W9REn
+/lMovpo0fVKLumcX1rkBxqWj4/kTdkr2mArXdUmMtao+1CQPivROsmOxbgQgeSeU
+bjWblCbXvyXymEjoiodUfLnFg1lCnRGqO6M1sunGn7plMB2sktoaY7d8c4QdenPR
+jsTzhJrDKrMA4V6zDGtdyaLbFVMxuyRq5SaAMn6aD1+mEKx2T54XE2ySUTkIuons
+rhYz60hIpiSnTA66IOm4u+/I9m8l8ifBJTTNelK8mc7h0/eWfuoZzAv2AxHALmNh
+kIiBLtHyXD5l/x6aVxbYs5c1GA7MN9RSzRyBummaFYUTmXotNuV3YitwSnhX/zBx
+bUEnzBCTAgMBAAECggEAPvUvCE2KENFQEj/yRRKy+pbVwQtEYlWt4TKDRE0351Sk
+RRh2cnp+M0rbSGoIKE/E+X/N+u8tCru6e9KSUwHIKutq+gbgi5M1TJz04+6SZk77
+xIKGVodlD0WXg0COSIO5pM+fyOMtxU/uxHgOQE8Ol/m2afWu8BxFqrqQWLUgDaWz
+OjCEDiWiIrv4/AV0CAs3kJHGlLmBD0OXWW51fZf5Tq0JgoIDm2a1obJSBEm9S4tc
+wJFUw+r7E7cYGUSvWpT2GiQshlqr7ZwDVBbIFCyZccQ24CqFqmD5EC2Olc9Il2gL
+gg9/BhLfRii1NT+gYJVBpSNupmJX1oMtFH1qvC6MiQKBgQDnq0y0AZ5mfbmlAeao
+PYp2kLtWdeMaAQMSDDxtffmyYU5tgUzdn8D8poLAJUNjazz7glnor5MOKIzmIMRc
+kCAGZdNJLXpiq8KnX/hrpgiYpxhSE453/XNuH9sUjf/AkCpd1dxiCdwAnWUEJQ5b
+doRWrbHOgkcM2am8sf+s3nP1bQKBgQDi6i2p8k6Gq5cukclQQJO5qfnDv5mVKlZ3
+D6Ac4Vh0p58pyGWGKvJHWNVQoVhwWimh3mwHzDaAsW2td3+jzMQEUWsgSzNa//xE
+LZlvhMVmH8KO3R47p8zL6PwzQqlHDYCj7te3m2dx+00LbKQLsGU+c81wquHlaWAE
++J1uP2pd/wKBgQCzBuCGdn3HLD9LMXXi63PV/jCXNxCh5shNqSEFaAWPAL1PyEzz
+M2I6nB6Mh/9Uk+mTXv9F3nBgz5tat1WnRkVJTGUDtt5N4/fPyk06OxuHhBE6VByT
+w0vxfTKa5sUONRpYW00sgfv+iaMnmc9HhQXtydqPAIQRfR87T76KA3pO3QKBgB61
+PErEbNYSwJnfxtOieZtlolRYSIuEOEFSjwN5h4P57zMzWHHou/Ll1bBctWA3A21R
+cWM4wqN133bbNh3PpzNCZXHwW1nUTKpZVWtfF2uznpvA1seR9MgflonFWq0v6ZnF
+x9GkKUKmlI2YPTcLvxfNih7WMU3fjcv+bSevU1C3AoGBAKAwDpQxrfMiS0B444cL
+lejp+dCLzuZn+8TH4CF2zE1qWlgIWUM0N9Rkb1tWle2Mcu6quuwyInqf6XStCvYZ
+CiFOMgpXm7YHBlJl/onT65WhgHZDCn8GF4IHcTf57cDCeaZENOTKt5XS4lfMudbA
+ap7oEzSJkkgiXeVhn/cr59uN
+-----END PRIVATE KEY-----
diff --git a/ipad/example_ca/pki/reqs/testsuite.req
b/ipad/example_ca/pki/reqs/testsuite.req
new file mode 100644
index 0000000..1a822d3
--- /dev/null
+++ b/ipad/example_ca/pki/reqs/testsuite.req
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICgDCCAWgCAQAwFDESMBAGA1UEAwwJdGVzdHN1aXRlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAzVklne3PlvURJ/5TKL6aNH1Si7pnF9a5Acalo+P5
+E3ZK9pgK13VJjLWqPtQkD4r0TrJjsW4EIHknlG41m5Qm178l8phI6IqHVHy5xYNZ
+Qp0RqjujNbLpxp+6ZTAdrJLaGmO3fHOEHXpz0Y7E84SawyqzAOFeswxrXcmi2xVT
+MbskauUmgDJ+mg9fphCsdk+eFxNsklE5CLqJ7K4WM+tISKYkp0wOuiDpuLvvyPZv
+JfInwSU0zXpSvJnO4dP3ln7qGcwL9gMRwC5jYZCIgS7R8lw+Zf8emlcW2LOXNRgO
+zDfUUs0cgbppmhWFE5l6LTbld2IrcEp4V/8wcW1BJ8wQkwIDAQABoCcwJQYJKoZI
+hvcNAQkOMRgwFjAUBgNVHREEDTALggl0ZXN0c3VpdGUwDQYJKoZIhvcNAQELBQAD
+ggEBAF/j6GFuLC0qfyEuUTSFxNncOkwGefIzF7pftqGQ7ljnzYpKoAaoR3S1fDMQ
+DUdhh9C74OR8/LVpKub2lb29iCRSMYtcJh/TcD9z+gMBpTdcy4ZeeGmsHSzHbGkK
+LEvH7HeQyzehWP6byCbQ4UfgUvmVD0hSpDB5BjhSZrfKiSZja31XPpsXDbl5X8ro
+vUQyrxXR7a00XUutpPzNb+NCsTFGT1r1MYPjImwpZAUi4d0qyLzWnzOzjMAvSCqd
+6Lp43OYTAHiKi3hT2jAldI0yl78rt3zdTPPZuI/w5NkPYJ5AlnlM4q0DCoL1X6kb
+VeRHvyVDz7asUfOT5vzmbaDwgyc=
+-----END CERTIFICATE REQUEST-----
diff --git a/ipad/example_ca/pki/safessl-easyrsa.cnf
b/ipad/example_ca/pki/safessl-easyrsa.cnf
index f5c1ad8..b36fa6a 100644
--- a/ipad/example_ca/pki/safessl-easyrsa.cnf
+++ b/ipad/example_ca/pki/safessl-easyrsa.cnf
@@ -1,6 +1,6 @@
# For use with Easy-RSA 3.1 and OpenSSL or LibreSSL
-RANDFILE = /home/owner/example_ca/pki/.rnd
+RANDFILE =
/home/owner/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/.rnd
####################################################################
[ ca ]
@@ -9,17 +9,17 @@
####################################################################
[ CA_default ]
-dir = /home/owner/example_ca/pki # Where everything is kept
-certs = /home/owner/example_ca/pki # Where the
issued certs are kept
-crl_dir = /home/owner/example_ca/pki # Where
the issued crl are kept
-database = /home/owner/example_ca/pki/index.txt # database index file.
-new_certs_dir = /home/owner/example_ca/pki/certs_by_serial # default place
for new certs.
+dir =
/home/owner/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki # Where
everything is kept
+certs =
/home/owner/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki
# Where the issued certs are kept
+crl_dir =
/home/owner/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki
# Where the issued crl are kept
+database =
/home/owner/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/index.txt
# database index file.
+new_certs_dir =
/home/owner/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/certs_by_serial
# default place for new certs.
-certificate = /home/owner/example_ca/pki/ca.crt # The CA
certificate
-serial = /home/owner/example_ca/pki/serial # The current
serial number
-crl = /home/owner/example_ca/pki/crl.pem # The current
CRL
-private_key = /home/owner/example_ca/pki/private/ca.key # The private
key
-RANDFILE = /home/owner/example_ca/pki/.rand # private
random number file
+certificate =
/home/owner/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/ca.crt
# The CA certificate
+serial =
/home/owner/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/serial
# The current serial number
+crl =
/home/owner/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/crl.pem
# The current CRL
+private_key =
/home/owner/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/private/ca.key
# The private key
+RANDFILE =
/home/owner/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/.rand
# private random number file
x509_extensions = basic_exts # The extentions to add to the
cert
@@ -66,7 +66,7 @@
req_extensions = req_extra
[ req_extra ]
-subjectAltName = DNS:localhost,IP:127.0.0.1
+subjectAltName = DNS:testsuite
####################################################################
# Easy-RSA DN (Subject) handling
@@ -75,7 +75,7 @@
[ cn_only ]
commonName = Common Name (eg: your user, host, or server name)
commonName_max = 64
-commonName_default = alttest
+commonName_default = testsuite
# Easy-RSA DN for org support:
[ org ]
@@ -98,7 +98,7 @@
commonName = Common Name (eg: your user, host, or server
name)
commonName_max = 64
-commonName_default = alttest
+commonName_default = testsuite
emailAddress = Email Address
emailAddress_default = [email protected]
diff --git a/ipad/example_ca/pki/serial b/ipad/example_ca/pki/serial
index c8d540a..56f3961 100644
--- a/ipad/example_ca/pki/serial
+++ b/ipad/example_ca/pki/serial
@@ -1 +1 @@
-11192A13CF3A3BC43FE1594BA8567DF1
+1D1B580C1B235125A87BE06C70121914
diff --git a/ipad/example_ca/pki/serial.old b/ipad/example_ca/pki/serial.old
index 85d677f..0750e3b 100644
--- a/ipad/example_ca/pki/serial.old
+++ b/ipad/example_ca/pki/serial.old
@@ -1 +1 @@
-11192a13cf3a3bc43fe1594ba8567df0
+1d1b580c1b235125a87be06c70121913
--
To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36621?usp=email
To unsubscribe, or for help writing mail filters, visit
https://gerrit.osmocom.org/settings
Gerrit-Project: osmo-ttcn3-hacks
Gerrit-Branch: master
Gerrit-Change-Id: I2d4ba8b710b9cf518b90c7f7acc8982350705531
Gerrit-Change-Number: 36621
Gerrit-PatchSet: 1
Gerrit-Owner: dexter <[email protected]>
Gerrit-MessageType: newchange
