From 6d0b2928a18fe24c684da60150ab5ebbb42a30ef Mon Sep 17 00:00:00 2001 From: dduck Date: Wed, 22 Oct 2025 23:06:13 +0200 Subject: [PATCH] pushall --- ca/root-ca.crt | 82 ++++++ ca/root-ca.csr | 18 ++ ca/root-ca.pem | 22 ++ ...B970CE2EE021AE09EE067CDCAD8D7804EA638D.pem | 82 ++++++ ...6B0363F08FD5641984441B13BE6AA1480A786B.pem | 82 ++++++ ca/root-ca/db/root-ca.crl.srl | 1 + ca/root-ca/db/root-ca.crt.srl | 1 + ca/root-ca/db/root-ca.db | 2 + ca/root-ca/db/root-ca.db.attr | 1 + ca/root-ca/db/root-ca.db.attr.old | 1 + ca/root-ca/db/root-ca.db.old | 1 + ca/root-ca/private/root-ca.key | 30 +++ ca/signing-ca.crt | 82 ++++++ ca/signing-ca.csr | 18 ++ ...D8CD8B94BB3ACADF6D368E30A0AFAFDC9C1F46.pem | 87 ++++++ ca/signing-ca/db/signing-ca.crl.srl | 1 + ca/signing-ca/db/signing-ca.crt.srl | 1 + ca/signing-ca/db/signing-ca.db | 1 + ca/signing-ca/db/signing-ca.db.attr | 1 + ca/signing-ca/db/signing-ca.db.old | 0 ca/signing-ca/private/signing-ca.key | 30 +++ cert.pem | 23 ++ certs/simple-org.crt | 87 ++++++ certs/simple-org.csr | 19 ++ certs/simple-org.key | 28 ++ chaincert.crt | 251 ++++++++++++++++++ chaincert.pem | 23 ++ etc/email.conf | 31 +++ etc/root-ca.conf | 102 +++++++ etc/server.conf | 32 +++ etc/signing-ca.conf | 105 ++++++++ 31 files changed, 1245 insertions(+) create mode 100644 ca/root-ca.crt create mode 100644 ca/root-ca.csr create mode 100644 ca/root-ca.pem create mode 100644 ca/root-ca/34B970CE2EE021AE09EE067CDCAD8D7804EA638D.pem create mode 100644 ca/root-ca/3F6B0363F08FD5641984441B13BE6AA1480A786B.pem create mode 100644 ca/root-ca/db/root-ca.crl.srl create mode 100644 ca/root-ca/db/root-ca.crt.srl create mode 100644 ca/root-ca/db/root-ca.db create mode 100644 ca/root-ca/db/root-ca.db.attr create mode 100644 ca/root-ca/db/root-ca.db.attr.old create mode 100644 ca/root-ca/db/root-ca.db.old create mode 100644 ca/root-ca/private/root-ca.key create mode 100644 ca/signing-ca.crt create mode 100644 ca/signing-ca.csr create mode 100644 ca/signing-ca/3BD8CD8B94BB3ACADF6D368E30A0AFAFDC9C1F46.pem create mode 100644 ca/signing-ca/db/signing-ca.crl.srl create mode 100644 ca/signing-ca/db/signing-ca.crt.srl create mode 100644 ca/signing-ca/db/signing-ca.db create mode 100644 ca/signing-ca/db/signing-ca.db.attr create mode 100644 ca/signing-ca/db/signing-ca.db.old create mode 100644 ca/signing-ca/private/signing-ca.key create mode 100644 cert.pem create mode 100644 certs/simple-org.crt create mode 100644 certs/simple-org.csr create mode 100644 certs/simple-org.key create mode 100644 chaincert.crt create mode 100644 chaincert.pem create mode 100644 etc/email.conf create mode 100644 etc/root-ca.conf create mode 100644 etc/server.conf create mode 100644 etc/signing-ca.conf diff --git a/ca/root-ca.crt b/ca/root-ca.crt new file mode 100644 index 0000000..0002e1d --- /dev/null +++ b/ca/root-ca.crt @@ -0,0 +1,82 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 3f:6b:03:63:f0:8f:d5:64:19:84:44:1b:13:be:6a:a1:48:0a:78:6b + Signature Algorithm: sha256WithRSAEncryption + Issuer: DC=org, DC=simple, O=Simple Inc, CN=Simple Root CA + Validity + Not Before: Jul 10 12:21:51 2024 GMT + Not After : Jul 10 12:21:51 2034 GMT + Subject: DC=org, DC=simple, O=Simple Inc, CN=Simple Root CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:be:6b:34:7d:62:ba:ef:d1:a9:dd:75:34:72:ed: + d0:16:e6:73:7c:c3:11:07:32:82:95:aa:f5:5b:06: + de:cb:00:9f:2b:c0:20:1c:2d:52:a9:d0:ac:8f:ec: + 2f:ca:f7:3d:9f:11:58:ed:23:50:e6:72:75:ba:f8: + 8b:54:0c:c6:2a:f2:9f:7e:02:10:1b:3d:3e:5a:fe: + b0:cf:e6:f5:23:ce:39:ba:92:9c:04:55:a3:4a:b6: + 3e:12:1a:fc:e1:c4:af:9f:81:6b:f0:db:78:7d:d3: + 9d:73:10:71:ff:3c:92:2f:c5:37:f9:61:48:76:b2: + 60:32:1f:51:82:f9:06:20:0d:40:5b:4c:9b:0a:fa: + 42:d8:fd:b1:d4:9a:98:91:4e:01:46:69:56:f8:fc: + ed:7f:e8:e8:22:d9:37:e6:f9:f3:ea:60:7d:b5:d9: + f2:62:0b:33:ee:11:f1:2c:81:1d:a9:56:ae:7a:14: + 03:53:90:3c:ad:3d:04:77:32:fe:d0:98:10:31:10: + 0f:44:6f:96:eb:5f:46:b1:52:81:cb:f3:d1:22:36: + 30:56:7c:66:98:4f:fa:17:0b:4d:91:9d:6b:b0:fb: + d7:a2:69:1c:8a:fa:fd:31:cc:55:e8:e1:97:c7:7b: + 21:74:5d:a1:e4:bc:43:c8:04:80:0e:72:92:18:6c: + 6a:49 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 1D:A5:97:88:49:7C:75:9B:DE:6D:8D:9F:6E:27:7B:47:93:EE:55:65 + X509v3 Authority Key Identifier: + 1D:A5:97:88:49:7C:75:9B:DE:6D:8D:9F:6E:27:7B:47:93:EE:55:65 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 43:9a:99:69:ad:3f:27:a1:08:25:a7:b3:b0:a3:5f:f2:80:3c: + fb:3e:02:3b:5c:3b:ad:38:42:91:f9:7f:75:bf:d5:9b:02:2a: + 8f:01:92:8e:17:f4:ed:f4:d2:71:a7:2a:c0:97:fa:a8:3e:14: + c1:59:d4:b3:f9:2d:d7:77:75:0c:11:7c:a4:9a:7d:4d:fb:86: + 78:eb:ed:d8:4a:de:fa:46:de:5a:0d:71:e7:52:36:fe:e9:06: + e2:67:82:33:15:00:c9:de:94:46:d2:f4:78:cc:a4:54:35:f4: + 0a:ac:b9:be:4b:e8:02:f6:04:60:67:c8:e0:a3:7f:9c:c7:9e: + 39:68:bd:b3:6c:76:d2:ed:c1:ac:6b:5e:51:e4:9c:9c:3f:ea: + 98:d5:53:2d:1c:f9:3b:6e:a0:ca:23:27:c5:1b:f2:44:63:4d: + d9:cb:f1:24:38:61:ad:2d:57:11:f5:df:4e:8c:12:33:e2:b8: + 97:21:d0:1e:e0:76:bf:dd:7f:29:a3:6b:e9:78:f2:7c:74:be: + 33:c4:5f:2d:05:b0:18:20:f8:f5:9a:97:b5:80:ec:ac:d5:e3: + a6:d6:ad:18:e5:4a:7c:76:61:ca:b9:32:62:02:d6:09:71:15: + f8:23:37:6f:6b:c0:60:65:cf:37:00:6a:b2:e9:bb:b1:81:40: + 0f:f9:a9:04 +-----BEGIN CERTIFICATE----- +MIIDpzCCAo+gAwIBAgIUP2sDY/CP1WQZhEQbE75qoUgKeGswDQYJKoZIhvcNAQEL +BQAwWzETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkWBnNpbXBs +ZTETMBEGA1UECgwKU2ltcGxlIEluYzEXMBUGA1UEAwwOU2ltcGxlIFJvb3QgQ0Ew +HhcNMjQwNzEwMTIyMTUxWhcNMzQwNzEwMTIyMTUxWjBbMRMwEQYKCZImiZPyLGQB +GRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1wbGUg +SW5jMRcwFQYDVQQDDA5TaW1wbGUgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAL5rNH1iuu/Rqd11NHLt0Bbmc3zDEQcygpWq9VsG3ssAnyvA +IBwtUqnQrI/sL8r3PZ8RWO0jUOZydbr4i1QMxiryn34CEBs9Plr+sM/m9SPOObqS +nARVo0q2PhIa/OHEr5+Ba/DbeH3TnXMQcf88ki/FN/lhSHayYDIfUYL5BiANQFtM +mwr6Qtj9sdSamJFOAUZpVvj87X/o6CLZN+b58+pgfbXZ8mILM+4R8SyBHalWrnoU +A1OQPK09BHcy/tCYEDEQD0RvlutfRrFSgcvz0SI2MFZ8ZphP+hcLTZGda7D716Jp +HIr6/THMVejhl8d7IXRdoeS8Q8gEgA5ykhhsakkCAwEAAaNjMGEwDgYDVR0PAQH/ +BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFB2ll4hJfHWb3m2Nn24n +e0eT7lVlMB8GA1UdIwQYMBaAFB2ll4hJfHWb3m2Nn24ne0eT7lVlMA0GCSqGSIb3 +DQEBCwUAA4IBAQBDmplprT8noQglp7Owo1/ygDz7PgI7XDutOEKR+X91v9WbAiqP +AZKOF/Tt9NJxpyrAl/qoPhTBWdSz+S3Xd3UMEXykmn1N+4Z46+3YSt76Rt5aDXHn +Ujb+6QbiZ4IzFQDJ3pRG0vR4zKRUNfQKrLm+S+gC9gRgZ8jgo3+cx545aL2zbHbS +7cGsa15R5JycP+qY1VMtHPk7bqDKIyfFG/JEY03Zy/EkOGGtLVcR9d9OjBIz4riX +IdAe4Ha/3X8po2vpePJ8dL4zxF8tBbAYIPj1mpe1gOys1eOm1q0Y5Up8dmHKuTJi +AtYJcRX4Izdva8BgZc83AGqy6buxgUAP+akE +-----END CERTIFICATE----- diff --git a/ca/root-ca.csr b/ca/root-ca.csr new file mode 100644 index 0000000..006b075 --- /dev/null +++ b/ca/root-ca.csr @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIC8TCCAdkCAQAwWzETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixk +ARkWBnNpbXBsZTETMBEGA1UECgwKU2ltcGxlIEluYzEXMBUGA1UEAwwOU2ltcGxl +IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+azR9Yrrv +0anddTRy7dAW5nN8wxEHMoKVqvVbBt7LAJ8rwCAcLVKp0KyP7C/K9z2fEVjtI1Dm +cnW6+ItUDMYq8p9+AhAbPT5a/rDP5vUjzjm6kpwEVaNKtj4SGvzhxK+fgWvw23h9 +051zEHH/PJIvxTf5YUh2smAyH1GC+QYgDUBbTJsK+kLY/bHUmpiRTgFGaVb4/O1/ +6Ogi2Tfm+fPqYH212fJiCzPuEfEsgR2pVq56FANTkDytPQR3Mv7QmBAxEA9Eb5br +X0axUoHL89EiNjBWfGaYT/oXC02RnWuw+9eiaRyK+v0xzFXo4ZfHeyF0XaHkvEPI +BIAOcpIYbGpJAgMBAAGgUTBPBgkqhkiG9w0BCQ4xQjBAMA4GA1UdDwEB/wQEAwIB +BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQdpZeISXx1m95tjZ9uJ3tHk+5V +ZTANBgkqhkiG9w0BAQsFAAOCAQEAWZdjrVD3dawM/Db00L1m8WBv/80diwDuWoiS +KQZr2tQIEXPx1dZ0mj1qfHka7c8awIddi3zsGVpHCGuur7vkG0jjzNhfSzCyBCTP +w50U1jYs//HKmW5lzLN/wRNCWOANnbLYR3L/5S+mmEc/kDyv3qNJQgbyTO4CSVO+ +gjNtLysOo042EBhmxz+N4C9VfAfN9ULDBLPFv3SvCRidVc5AKq3fyM5E1HCJrYiG +QyN9JioDvHiJAV1ccGz5N8s9c8S51vGxEyzcisu25/nYQdXO7Mw8B8Kl2HNQrQfO +pFlS7rB6Tl9XiB+pqvRYwvUcazCaAApzYDaPZgKh7cVKV1Ggpw== +-----END CERTIFICATE REQUEST----- diff --git a/ca/root-ca.pem b/ca/root-ca.pem new file mode 100644 index 0000000..52f5c18 --- /dev/null +++ b/ca/root-ca.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDpzCCAo+gAwIBAgIUP2sDY/CP1WQZhEQbE75qoUgKeGswDQYJKoZIhvcNAQEL +BQAwWzETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkWBnNpbXBs +ZTETMBEGA1UECgwKU2ltcGxlIEluYzEXMBUGA1UEAwwOU2ltcGxlIFJvb3QgQ0Ew +HhcNMjQwNzEwMTIyMTUxWhcNMzQwNzEwMTIyMTUxWjBbMRMwEQYKCZImiZPyLGQB +GRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1wbGUg +SW5jMRcwFQYDVQQDDA5TaW1wbGUgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAL5rNH1iuu/Rqd11NHLt0Bbmc3zDEQcygpWq9VsG3ssAnyvA +IBwtUqnQrI/sL8r3PZ8RWO0jUOZydbr4i1QMxiryn34CEBs9Plr+sM/m9SPOObqS +nARVo0q2PhIa/OHEr5+Ba/DbeH3TnXMQcf88ki/FN/lhSHayYDIfUYL5BiANQFtM +mwr6Qtj9sdSamJFOAUZpVvj87X/o6CLZN+b58+pgfbXZ8mILM+4R8SyBHalWrnoU +A1OQPK09BHcy/tCYEDEQD0RvlutfRrFSgcvz0SI2MFZ8ZphP+hcLTZGda7D716Jp +HIr6/THMVejhl8d7IXRdoeS8Q8gEgA5ykhhsakkCAwEAAaNjMGEwDgYDVR0PAQH/ +BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFB2ll4hJfHWb3m2Nn24n +e0eT7lVlMB8GA1UdIwQYMBaAFB2ll4hJfHWb3m2Nn24ne0eT7lVlMA0GCSqGSIb3 +DQEBCwUAA4IBAQBDmplprT8noQglp7Owo1/ygDz7PgI7XDutOEKR+X91v9WbAiqP +AZKOF/Tt9NJxpyrAl/qoPhTBWdSz+S3Xd3UMEXykmn1N+4Z46+3YSt76Rt5aDXHn +Ujb+6QbiZ4IzFQDJ3pRG0vR4zKRUNfQKrLm+S+gC9gRgZ8jgo3+cx545aL2zbHbS +7cGsa15R5JycP+qY1VMtHPk7bqDKIyfFG/JEY03Zy/EkOGGtLVcR9d9OjBIz4riX +IdAe4Ha/3X8po2vpePJ8dL4zxF8tBbAYIPj1mpe1gOys1eOm1q0Y5Up8dmHKuTJi +AtYJcRX4Izdva8BgZc83AGqy6buxgUAP+akE +-----END CERTIFICATE----- diff --git a/ca/root-ca/34B970CE2EE021AE09EE067CDCAD8D7804EA638D.pem b/ca/root-ca/34B970CE2EE021AE09EE067CDCAD8D7804EA638D.pem new file mode 100644 index 0000000..42bd05c --- /dev/null +++ b/ca/root-ca/34B970CE2EE021AE09EE067CDCAD8D7804EA638D.pem @@ -0,0 +1,82 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 34:b9:70:ce:2e:e0:21:ae:09:ee:06:7c:dc:ad:8d:78:04:ea:63:8d + Signature Algorithm: sha256WithRSAEncryption + Issuer: DC=org, DC=simple, O=Simple Inc, CN=Simple Root CA + Validity + Not Before: Jul 10 12:24:33 2024 GMT + Not After : Jul 10 12:24:33 2034 GMT + Subject: DC=org, DC=simple, O=Simple Inc, CN=Simple Signing CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:dc:28:c2:18:ee:82:01:7a:fe:61:74:96:90:14: + 08:44:f4:a0:ee:06:60:fc:58:2f:18:2a:9a:d5:f6: + e5:85:93:c0:5c:ec:b4:2d:42:d2:77:47:2f:9b:fc: + a9:48:19:e5:76:37:06:b9:1f:0d:7a:30:9c:67:d1: + a5:70:ce:c4:46:17:ef:28:f8:6c:9d:46:48:2f:5f: + 6e:44:01:33:f3:a6:65:9c:45:16:aa:73:ff:3c:0a: + 25:fe:3c:4b:84:8b:d1:24:17:70:7a:b5:23:51:d7: + 45:fd:78:0a:cd:95:ce:4c:51:e8:f1:5c:ad:10:92: + 1c:f3:75:c6:01:f3:1e:a0:8e:b9:7a:36:29:41:45: + 31:ea:fe:1d:5f:01:f1:d0:42:79:0e:82:1f:f5:5b: + 4c:ca:f4:b2:77:6d:fc:ec:85:76:d5:2b:1d:52:d5: + 22:37:7d:05:b2:c8:5d:75:85:86:9a:9f:42:d4:bb: + 9f:10:ee:4c:b3:25:c4:89:ff:62:c9:5c:48:e0:61: + 8d:25:0d:79:a6:ca:42:27:5f:ca:43:62:62:82:16: + f1:cc:bf:89:e9:dd:c4:77:dc:36:c4:a1:38:e1:24: + 81:46:88:a4:bb:29:6c:81:d6:72:ec:f9:57:26:19: + a5:6f:34:df:8a:bc:8c:6c:9b:ff:00:c2:dc:48:2e: + 57:81 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE, pathlen:0 + X509v3 Subject Key Identifier: + 76:0C:11:65:99:C1:AC:3C:28:4F:69:80:76:F9:1C:33:9C:3F:6E:FC + X509v3 Authority Key Identifier: + 1D:A5:97:88:49:7C:75:9B:DE:6D:8D:9F:6E:27:7B:47:93:EE:55:65 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 0e:7b:17:8f:28:96:b6:bf:ea:e4:e1:6c:96:48:ac:d6:89:95: + 24:cd:47:3d:28:79:9a:9c:6a:22:07:85:53:d5:05:55:c1:d9: + ce:3f:6b:f6:ff:0a:04:bf:6e:95:b5:5b:c6:74:9e:a1:80:6a: + f5:db:af:f8:e0:ef:56:87:6f:45:96:75:20:1b:12:5c:75:35: + 7b:d7:0b:85:f3:23:14:2c:d7:e9:7e:49:c8:2a:6b:ce:0d:97: + 81:69:05:67:ef:00:51:b2:3f:00:8a:16:20:68:93:56:0d:9a: + e1:41:eb:b6:7e:f8:65:ee:10:7d:4c:5f:04:b0:57:27:be:3c: + 9f:50:3e:49:12:71:c5:f3:54:7b:55:54:6c:08:c0:7f:5e:2f: + 44:83:88:1e:21:60:e9:e7:22:43:e6:49:9f:ed:b6:5f:01:82: + 0a:bf:81:cd:9f:4a:b3:62:85:d5:c8:d4:5c:d1:48:d8:69:4a: + 63:6d:82:40:ef:b6:15:bc:fa:48:77:7c:3d:eb:21:a7:03:8e: + 69:e1:5d:c1:e6:f7:5a:72:04:fe:c4:42:c2:36:e3:35:91:1d: + 92:a3:33:cb:b0:33:05:23:87:4e:7f:32:41:24:f7:91:a9:92: + 5d:94:4b:81:b8:3e:07:e3:ab:f2:91:eb:88:30:e7:f9:66:47: + de:9b:6c:eb +-----BEGIN CERTIFICATE----- +MIIDrTCCApWgAwIBAgIUNLlwzi7gIa4J7gZ83K2NeATqY40wDQYJKoZIhvcNAQEL +BQAwWzETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkWBnNpbXBs +ZTETMBEGA1UECgwKU2ltcGxlIEluYzEXMBUGA1UEAwwOU2ltcGxlIFJvb3QgQ0Ew +HhcNMjQwNzEwMTIyNDMzWhcNMzQwNzEwMTIyNDMzWjBeMRMwEQYKCZImiZPyLGQB +GRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1wbGUg +SW5jMRowGAYDVQQDDBFTaW1wbGUgU2lnbmluZyBDQTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANwowhjuggF6/mF0lpAUCET0oO4GYPxYLxgqmtX25YWT +wFzstC1C0ndHL5v8qUgZ5XY3BrkfDXownGfRpXDOxEYX7yj4bJ1GSC9fbkQBM/Om +ZZxFFqpz/zwKJf48S4SL0SQXcHq1I1HXRf14Cs2VzkxR6PFcrRCSHPN1xgHzHqCO +uXo2KUFFMer+HV8B8dBCeQ6CH/VbTMr0sndt/OyFdtUrHVLVIjd9BbLIXXWFhpqf +QtS7nxDuTLMlxIn/YslcSOBhjSUNeabKQidfykNiYoIW8cy/iendxHfcNsShOOEk +gUaIpLspbIHWcuz5VyYZpW8034q8jGyb/wDC3EguV4ECAwEAAaNmMGQwDgYDVR0P +AQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHYMEWWZwaw8 +KE9pgHb5HDOcP278MB8GA1UdIwQYMBaAFB2ll4hJfHWb3m2Nn24ne0eT7lVlMA0G +CSqGSIb3DQEBCwUAA4IBAQAOexePKJa2v+rk4WyWSKzWiZUkzUc9KHmanGoiB4VT +1QVVwdnOP2v2/woEv26VtVvGdJ6hgGr126/44O9Wh29FlnUgGxJcdTV71wuF8yMU +LNfpfknIKmvODZeBaQVn7wBRsj8AihYgaJNWDZrhQeu2fvhl7hB9TF8EsFcnvjyf +UD5JEnHF81R7VVRsCMB/Xi9Eg4geIWDp5yJD5kmf7bZfAYIKv4HNn0qzYoXVyNRc +0UjYaUpjbYJA77YVvPpId3w96yGnA45p4V3B5vdacgT+xELCNuM1kR2SozPLsDMF +I4dOfzJBJPeRqZJdlEuBuD4H46vykeuIMOf5Zkfem2zr +-----END CERTIFICATE----- diff --git a/ca/root-ca/3F6B0363F08FD5641984441B13BE6AA1480A786B.pem b/ca/root-ca/3F6B0363F08FD5641984441B13BE6AA1480A786B.pem new file mode 100644 index 0000000..0002e1d --- /dev/null +++ b/ca/root-ca/3F6B0363F08FD5641984441B13BE6AA1480A786B.pem @@ -0,0 +1,82 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 3f:6b:03:63:f0:8f:d5:64:19:84:44:1b:13:be:6a:a1:48:0a:78:6b + Signature Algorithm: sha256WithRSAEncryption + Issuer: DC=org, DC=simple, O=Simple Inc, CN=Simple Root CA + Validity + Not Before: Jul 10 12:21:51 2024 GMT + Not After : Jul 10 12:21:51 2034 GMT + Subject: DC=org, DC=simple, O=Simple Inc, CN=Simple Root CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:be:6b:34:7d:62:ba:ef:d1:a9:dd:75:34:72:ed: + d0:16:e6:73:7c:c3:11:07:32:82:95:aa:f5:5b:06: + de:cb:00:9f:2b:c0:20:1c:2d:52:a9:d0:ac:8f:ec: + 2f:ca:f7:3d:9f:11:58:ed:23:50:e6:72:75:ba:f8: + 8b:54:0c:c6:2a:f2:9f:7e:02:10:1b:3d:3e:5a:fe: + b0:cf:e6:f5:23:ce:39:ba:92:9c:04:55:a3:4a:b6: + 3e:12:1a:fc:e1:c4:af:9f:81:6b:f0:db:78:7d:d3: + 9d:73:10:71:ff:3c:92:2f:c5:37:f9:61:48:76:b2: + 60:32:1f:51:82:f9:06:20:0d:40:5b:4c:9b:0a:fa: + 42:d8:fd:b1:d4:9a:98:91:4e:01:46:69:56:f8:fc: + ed:7f:e8:e8:22:d9:37:e6:f9:f3:ea:60:7d:b5:d9: + f2:62:0b:33:ee:11:f1:2c:81:1d:a9:56:ae:7a:14: + 03:53:90:3c:ad:3d:04:77:32:fe:d0:98:10:31:10: + 0f:44:6f:96:eb:5f:46:b1:52:81:cb:f3:d1:22:36: + 30:56:7c:66:98:4f:fa:17:0b:4d:91:9d:6b:b0:fb: + d7:a2:69:1c:8a:fa:fd:31:cc:55:e8:e1:97:c7:7b: + 21:74:5d:a1:e4:bc:43:c8:04:80:0e:72:92:18:6c: + 6a:49 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 1D:A5:97:88:49:7C:75:9B:DE:6D:8D:9F:6E:27:7B:47:93:EE:55:65 + X509v3 Authority Key Identifier: + 1D:A5:97:88:49:7C:75:9B:DE:6D:8D:9F:6E:27:7B:47:93:EE:55:65 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 43:9a:99:69:ad:3f:27:a1:08:25:a7:b3:b0:a3:5f:f2:80:3c: + fb:3e:02:3b:5c:3b:ad:38:42:91:f9:7f:75:bf:d5:9b:02:2a: + 8f:01:92:8e:17:f4:ed:f4:d2:71:a7:2a:c0:97:fa:a8:3e:14: + c1:59:d4:b3:f9:2d:d7:77:75:0c:11:7c:a4:9a:7d:4d:fb:86: + 78:eb:ed:d8:4a:de:fa:46:de:5a:0d:71:e7:52:36:fe:e9:06: + e2:67:82:33:15:00:c9:de:94:46:d2:f4:78:cc:a4:54:35:f4: + 0a:ac:b9:be:4b:e8:02:f6:04:60:67:c8:e0:a3:7f:9c:c7:9e: + 39:68:bd:b3:6c:76:d2:ed:c1:ac:6b:5e:51:e4:9c:9c:3f:ea: + 98:d5:53:2d:1c:f9:3b:6e:a0:ca:23:27:c5:1b:f2:44:63:4d: + d9:cb:f1:24:38:61:ad:2d:57:11:f5:df:4e:8c:12:33:e2:b8: + 97:21:d0:1e:e0:76:bf:dd:7f:29:a3:6b:e9:78:f2:7c:74:be: + 33:c4:5f:2d:05:b0:18:20:f8:f5:9a:97:b5:80:ec:ac:d5:e3: + a6:d6:ad:18:e5:4a:7c:76:61:ca:b9:32:62:02:d6:09:71:15: + f8:23:37:6f:6b:c0:60:65:cf:37:00:6a:b2:e9:bb:b1:81:40: + 0f:f9:a9:04 +-----BEGIN CERTIFICATE----- +MIIDpzCCAo+gAwIBAgIUP2sDY/CP1WQZhEQbE75qoUgKeGswDQYJKoZIhvcNAQEL +BQAwWzETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkWBnNpbXBs +ZTETMBEGA1UECgwKU2ltcGxlIEluYzEXMBUGA1UEAwwOU2ltcGxlIFJvb3QgQ0Ew +HhcNMjQwNzEwMTIyMTUxWhcNMzQwNzEwMTIyMTUxWjBbMRMwEQYKCZImiZPyLGQB +GRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1wbGUg +SW5jMRcwFQYDVQQDDA5TaW1wbGUgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAL5rNH1iuu/Rqd11NHLt0Bbmc3zDEQcygpWq9VsG3ssAnyvA +IBwtUqnQrI/sL8r3PZ8RWO0jUOZydbr4i1QMxiryn34CEBs9Plr+sM/m9SPOObqS +nARVo0q2PhIa/OHEr5+Ba/DbeH3TnXMQcf88ki/FN/lhSHayYDIfUYL5BiANQFtM +mwr6Qtj9sdSamJFOAUZpVvj87X/o6CLZN+b58+pgfbXZ8mILM+4R8SyBHalWrnoU +A1OQPK09BHcy/tCYEDEQD0RvlutfRrFSgcvz0SI2MFZ8ZphP+hcLTZGda7D716Jp +HIr6/THMVejhl8d7IXRdoeS8Q8gEgA5ykhhsakkCAwEAAaNjMGEwDgYDVR0PAQH/ +BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFB2ll4hJfHWb3m2Nn24n +e0eT7lVlMB8GA1UdIwQYMBaAFB2ll4hJfHWb3m2Nn24ne0eT7lVlMA0GCSqGSIb3 +DQEBCwUAA4IBAQBDmplprT8noQglp7Owo1/ygDz7PgI7XDutOEKR+X91v9WbAiqP +AZKOF/Tt9NJxpyrAl/qoPhTBWdSz+S3Xd3UMEXykmn1N+4Z46+3YSt76Rt5aDXHn +Ujb+6QbiZ4IzFQDJ3pRG0vR4zKRUNfQKrLm+S+gC9gRgZ8jgo3+cx545aL2zbHbS +7cGsa15R5JycP+qY1VMtHPk7bqDKIyfFG/JEY03Zy/EkOGGtLVcR9d9OjBIz4riX +IdAe4Ha/3X8po2vpePJ8dL4zxF8tBbAYIPj1mpe1gOys1eOm1q0Y5Up8dmHKuTJi +AtYJcRX4Izdva8BgZc83AGqy6buxgUAP+akE +-----END CERTIFICATE----- diff --git a/ca/root-ca/db/root-ca.crl.srl b/ca/root-ca/db/root-ca.crl.srl new file mode 100644 index 0000000..8a0f05e --- /dev/null +++ b/ca/root-ca/db/root-ca.crl.srl @@ -0,0 +1 @@ +01 diff --git a/ca/root-ca/db/root-ca.crt.srl b/ca/root-ca/db/root-ca.crt.srl new file mode 100644 index 0000000..8a0f05e --- /dev/null +++ b/ca/root-ca/db/root-ca.crt.srl @@ -0,0 +1 @@ +01 diff --git a/ca/root-ca/db/root-ca.db b/ca/root-ca/db/root-ca.db new file mode 100644 index 0000000..43f605b --- /dev/null +++ b/ca/root-ca/db/root-ca.db @@ -0,0 +1,2 @@ +V 340710122151Z 3F6B0363F08FD5641984441B13BE6AA1480A786B unknown /DC=org/DC=simple/O=Simple Inc/CN=Simple Root CA +V 340710122433Z 34B970CE2EE021AE09EE067CDCAD8D7804EA638D unknown /DC=org/DC=simple/O=Simple Inc/CN=Simple Signing CA diff --git a/ca/root-ca/db/root-ca.db.attr b/ca/root-ca/db/root-ca.db.attr new file mode 100644 index 0000000..3a7e39e --- /dev/null +++ b/ca/root-ca/db/root-ca.db.attr @@ -0,0 +1 @@ +unique_subject = no diff --git a/ca/root-ca/db/root-ca.db.attr.old b/ca/root-ca/db/root-ca.db.attr.old new file mode 100644 index 0000000..3a7e39e --- /dev/null +++ b/ca/root-ca/db/root-ca.db.attr.old @@ -0,0 +1 @@ +unique_subject = no diff --git a/ca/root-ca/db/root-ca.db.old b/ca/root-ca/db/root-ca.db.old new file mode 100644 index 0000000..884c417 --- /dev/null +++ b/ca/root-ca/db/root-ca.db.old @@ -0,0 +1 @@ +V 340710122151Z 3F6B0363F08FD5641984441B13BE6AA1480A786B unknown /DC=org/DC=simple/O=Simple Inc/CN=Simple Root CA diff --git a/ca/root-ca/private/root-ca.key b/ca/root-ca/private/root-ca.key new file mode 100644 index 0000000..7eeee99 --- /dev/null +++ b/ca/root-ca/private/root-ca.key @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFJDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQZQEGXtsI2rrgB5jO +iTmkhwICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQI0n9oXKiHgc4EggTI +F52kgZD0c7grl3HQaR4B3+HBd95oTp0wzNPoDzWafjOdDYNjia8ZTRpwSzczmbhi +o0dN4tMdIzgxMVZDb93n3YGJQK9xoNnAlLGtLw8paEuTp4I6ZNkSkTVJxDyhKQkM +OZq0oIVCZorPh0kQIb1WXtuntiHDJSKNWntFuEpMilPyJ5jLhtoTqEN8bb6GAcEF +QJAkCF/VBNn350ccx93AnWUUEyr3+K7wcuCN31LtcRhjBYx8jDx9MCOIsrmP++Cy +PzB9cYY5yaFM9EjmjWINoPRTE2Spn3Ty6RepE+vmg6vnnMeLaP+3tUdnttJExULZ +n3FdmSoclnQyV/tBsfYHSkcCTfXmJCmMEmD6pzZMBAfmEWqO/lwnBGGkIBKdVcRL +pw2xY6M55g5W2ObzMkASvDihEtOp47a8uCy2EBH1Sbg0Jz2kmQsZhwUwRBPZXWG5 +eAF1MBLALhsRMjPHo9HyG7FAg0u66g+Ezb0R6j8EC6BG67Fzlm+sS5nkGT17X8Wj +QTRp29BGXmaxlEBcCuj4r8X3JJNLzL8SGPS0aDStFumIt7vKe/CcTbNdIDkPTcpo +SC17iLC4hilaUdjGfV/rCnQ6t7onEbqnjq6tHeJT5KHrAYRezgMzG0upPFiPQR6j +mUHDCPjv0BHCkD2GY/q8jw6gdlcyWF3WRDkhKZpkJQzzKZXX2I+iKnihT/2Ft7WS +PWV6+KkPh47ONpC2GWlIH1XofeHo/6Mxd+1WCQ7pcQZIKQrGuHIKb4mzUW3gorvK +YufwRxuN75ho8EJYKKPcksALfmcaykZVW2o5DEEBtjL9BKkDTq82ECR2GkldeA4S +EldT82M3qcPjSrCzD8XgR4VsJYeZ2LUEi1pTpsml6vNylpNzV/c9eVqZXcivd8Rh +QkS+1SGHqhS0QzhF/rQqIVk96wdUOkX+xwqS4kuti4/47XDRaUZRi25e+qtzURS3 +g29c7Cqr8LZhuuZlJKY64K118gSGyD9E5hadJWqTn6rO1ZxNBtWN2DQ4VnxsZ6r2 +ERt7/yXBQ026lgPkw2TZ4BnrkxJnqRnWE/P5Z6ELlZViEnycTZt/YDV9LTggTj8n +Coy7mdZWpbjIaLTVPnOJHgqsobCI50MqKb3kr0gKe0uurud38SQJBx0ebTa1Hz8o +HrvlckjvSQJTD9X3NJ7eMxV1AMBBfFmePq+SMtwEfVUfs9J5fjMYk06pHDDIUy45 +RC8KcCrpFfUgKbriMLAlu97rPa0atYAEN2l5zerLng4ZO8HndDnZC1BX5ETHcKRi +GZExjNiBCgWX2+o8cbwO8CAg7KbV782RwKMnQefReUInLKht8EkWR3zp/c63Tb97 +63z5HOeVCmqVxjQd/r6cjbeIylDCQhoaD2PW88jklaQft/NJ69UkmLHX6c7U34/w +RXnO7SI6aZp08RN0wnVpP/6oFBZuIW8A/2rpEJ0O9EdV59E7D0UzpHSPza/OXDH9 +fVAQfq6EHqIoOWhnJnQcdcWu58ktagBq8L2Zu0eEYniBELYUJfsvDPwppf47nFgM +Hud7jA9GyKS+WFenkwimT5px0SxJh34u2oMW90ujlajR+mjjdv/ralUhJCktFKQU +tEjPUOq4zYeXKWzY6vCFwxvpDcJEA0Sz +-----END ENCRYPTED PRIVATE KEY----- diff --git a/ca/signing-ca.crt b/ca/signing-ca.crt new file mode 100644 index 0000000..42bd05c --- /dev/null +++ b/ca/signing-ca.crt @@ -0,0 +1,82 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 34:b9:70:ce:2e:e0:21:ae:09:ee:06:7c:dc:ad:8d:78:04:ea:63:8d + Signature Algorithm: sha256WithRSAEncryption + Issuer: DC=org, DC=simple, O=Simple Inc, CN=Simple Root CA + Validity + Not Before: Jul 10 12:24:33 2024 GMT + Not After : Jul 10 12:24:33 2034 GMT + Subject: DC=org, DC=simple, O=Simple Inc, CN=Simple Signing CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:dc:28:c2:18:ee:82:01:7a:fe:61:74:96:90:14: + 08:44:f4:a0:ee:06:60:fc:58:2f:18:2a:9a:d5:f6: + e5:85:93:c0:5c:ec:b4:2d:42:d2:77:47:2f:9b:fc: + a9:48:19:e5:76:37:06:b9:1f:0d:7a:30:9c:67:d1: + a5:70:ce:c4:46:17:ef:28:f8:6c:9d:46:48:2f:5f: + 6e:44:01:33:f3:a6:65:9c:45:16:aa:73:ff:3c:0a: + 25:fe:3c:4b:84:8b:d1:24:17:70:7a:b5:23:51:d7: + 45:fd:78:0a:cd:95:ce:4c:51:e8:f1:5c:ad:10:92: + 1c:f3:75:c6:01:f3:1e:a0:8e:b9:7a:36:29:41:45: + 31:ea:fe:1d:5f:01:f1:d0:42:79:0e:82:1f:f5:5b: + 4c:ca:f4:b2:77:6d:fc:ec:85:76:d5:2b:1d:52:d5: + 22:37:7d:05:b2:c8:5d:75:85:86:9a:9f:42:d4:bb: + 9f:10:ee:4c:b3:25:c4:89:ff:62:c9:5c:48:e0:61: + 8d:25:0d:79:a6:ca:42:27:5f:ca:43:62:62:82:16: + f1:cc:bf:89:e9:dd:c4:77:dc:36:c4:a1:38:e1:24: + 81:46:88:a4:bb:29:6c:81:d6:72:ec:f9:57:26:19: + a5:6f:34:df:8a:bc:8c:6c:9b:ff:00:c2:dc:48:2e: + 57:81 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE, pathlen:0 + X509v3 Subject Key Identifier: + 76:0C:11:65:99:C1:AC:3C:28:4F:69:80:76:F9:1C:33:9C:3F:6E:FC + X509v3 Authority Key Identifier: + 1D:A5:97:88:49:7C:75:9B:DE:6D:8D:9F:6E:27:7B:47:93:EE:55:65 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 0e:7b:17:8f:28:96:b6:bf:ea:e4:e1:6c:96:48:ac:d6:89:95: + 24:cd:47:3d:28:79:9a:9c:6a:22:07:85:53:d5:05:55:c1:d9: + ce:3f:6b:f6:ff:0a:04:bf:6e:95:b5:5b:c6:74:9e:a1:80:6a: + f5:db:af:f8:e0:ef:56:87:6f:45:96:75:20:1b:12:5c:75:35: + 7b:d7:0b:85:f3:23:14:2c:d7:e9:7e:49:c8:2a:6b:ce:0d:97: + 81:69:05:67:ef:00:51:b2:3f:00:8a:16:20:68:93:56:0d:9a: + e1:41:eb:b6:7e:f8:65:ee:10:7d:4c:5f:04:b0:57:27:be:3c: + 9f:50:3e:49:12:71:c5:f3:54:7b:55:54:6c:08:c0:7f:5e:2f: + 44:83:88:1e:21:60:e9:e7:22:43:e6:49:9f:ed:b6:5f:01:82: + 0a:bf:81:cd:9f:4a:b3:62:85:d5:c8:d4:5c:d1:48:d8:69:4a: + 63:6d:82:40:ef:b6:15:bc:fa:48:77:7c:3d:eb:21:a7:03:8e: + 69:e1:5d:c1:e6:f7:5a:72:04:fe:c4:42:c2:36:e3:35:91:1d: + 92:a3:33:cb:b0:33:05:23:87:4e:7f:32:41:24:f7:91:a9:92: + 5d:94:4b:81:b8:3e:07:e3:ab:f2:91:eb:88:30:e7:f9:66:47: + de:9b:6c:eb +-----BEGIN CERTIFICATE----- +MIIDrTCCApWgAwIBAgIUNLlwzi7gIa4J7gZ83K2NeATqY40wDQYJKoZIhvcNAQEL +BQAwWzETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkWBnNpbXBs +ZTETMBEGA1UECgwKU2ltcGxlIEluYzEXMBUGA1UEAwwOU2ltcGxlIFJvb3QgQ0Ew +HhcNMjQwNzEwMTIyNDMzWhcNMzQwNzEwMTIyNDMzWjBeMRMwEQYKCZImiZPyLGQB +GRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1wbGUg +SW5jMRowGAYDVQQDDBFTaW1wbGUgU2lnbmluZyBDQTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANwowhjuggF6/mF0lpAUCET0oO4GYPxYLxgqmtX25YWT +wFzstC1C0ndHL5v8qUgZ5XY3BrkfDXownGfRpXDOxEYX7yj4bJ1GSC9fbkQBM/Om +ZZxFFqpz/zwKJf48S4SL0SQXcHq1I1HXRf14Cs2VzkxR6PFcrRCSHPN1xgHzHqCO +uXo2KUFFMer+HV8B8dBCeQ6CH/VbTMr0sndt/OyFdtUrHVLVIjd9BbLIXXWFhpqf +QtS7nxDuTLMlxIn/YslcSOBhjSUNeabKQidfykNiYoIW8cy/iendxHfcNsShOOEk +gUaIpLspbIHWcuz5VyYZpW8034q8jGyb/wDC3EguV4ECAwEAAaNmMGQwDgYDVR0P +AQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHYMEWWZwaw8 +KE9pgHb5HDOcP278MB8GA1UdIwQYMBaAFB2ll4hJfHWb3m2Nn24ne0eT7lVlMA0G +CSqGSIb3DQEBCwUAA4IBAQAOexePKJa2v+rk4WyWSKzWiZUkzUc9KHmanGoiB4VT +1QVVwdnOP2v2/woEv26VtVvGdJ6hgGr126/44O9Wh29FlnUgGxJcdTV71wuF8yMU +LNfpfknIKmvODZeBaQVn7wBRsj8AihYgaJNWDZrhQeu2fvhl7hB9TF8EsFcnvjyf +UD5JEnHF81R7VVRsCMB/Xi9Eg4geIWDp5yJD5kmf7bZfAYIKv4HNn0qzYoXVyNRc +0UjYaUpjbYJA77YVvPpId3w96yGnA45p4V3B5vdacgT+xELCNuM1kR2SozPLsDMF +I4dOfzJBJPeRqZJdlEuBuD4H46vykeuIMOf5Zkfem2zr +-----END CERTIFICATE----- diff --git a/ca/signing-ca.csr b/ca/signing-ca.csr new file mode 100644 index 0000000..87942bc --- /dev/null +++ b/ca/signing-ca.csr @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIC9zCCAd8CAQAwXjETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixk +ARkWBnNpbXBsZTETMBEGA1UECgwKU2ltcGxlIEluYzEaMBgGA1UEAwwRU2ltcGxl +IFNpZ25pbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcKMIY +7oIBev5hdJaQFAhE9KDuBmD8WC8YKprV9uWFk8Bc7LQtQtJ3Ry+b/KlIGeV2Nwa5 +Hw16MJxn0aVwzsRGF+8o+GydRkgvX25EATPzpmWcRRaqc/88CiX+PEuEi9EkF3B6 +tSNR10X9eArNlc5MUejxXK0QkhzzdcYB8x6gjrl6NilBRTHq/h1fAfHQQnkOgh/1 +W0zK9LJ3bfzshXbVKx1S1SI3fQWyyF11hYaan0LUu58Q7kyzJcSJ/2LJXEjgYY0l +DXmmykInX8pDYmKCFvHMv4np3cR33DbEoTjhJIFGiKS7KWyB1nLs+VcmGaVvNN+K +vIxsm/8AwtxILleBAgMBAAGgVDBSBgkqhkiG9w0BCQ4xRTBDMA4GA1UdDwEB/wQE +AwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBR2DBFlmcGsPChPaYB2 ++RwznD9u/DANBgkqhkiG9w0BAQsFAAOCAQEAS5dal9hf5xLG/p/ubw8qYNJvuUeQ +PNoge3i8N0gGJsaZ8IFoV5j/hjusjUF4qAvjVF+3DrywCC6BV+UnZ/mb8VWjM/dX +5+y9KMoVMkaTmtDXJo+JS1C1YRrr7fh3+qIlPeTEE+aA+FoDO7zSkFsMnq8J5cna +jjxv7EWN8Wpcb/y5J6ycR3ANFrX9Az6BUD7rgcuqhhaOgSG8vyvS1CK3KdH95w/x +m22eGkr4Y+s9SQfxFy/o5d1sTaLGaiq5aPtu6cdPjRa4yiTIl4fwiu9jelD4GSCk +BCxFHq6wJdgWEBjo9B7E8oOhw2GyXXFt4EEHQLs7yV2mYXO8isbqNt6ekw== +-----END CERTIFICATE REQUEST----- diff --git a/ca/signing-ca/3BD8CD8B94BB3ACADF6D368E30A0AFAFDC9C1F46.pem b/ca/signing-ca/3BD8CD8B94BB3ACADF6D368E30A0AFAFDC9C1F46.pem new file mode 100644 index 0000000..8a4280b --- /dev/null +++ b/ca/signing-ca/3BD8CD8B94BB3ACADF6D368E30A0AFAFDC9C1F46.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 3b:d8:cd:8b:94:bb:3a:ca:df:6d:36:8e:30:a0:af:af:dc:9c:1f:46 + Signature Algorithm: sha256WithRSAEncryption + Issuer: DC=org, DC=simple, O=Simple Inc, CN=Simple Signing CA + Validity + Not Before: Jul 10 12:33:36 2024 GMT + Not After : Jul 10 12:33:36 2026 GMT + Subject: DC=org, DC=simple, O=Simple Inc, OU=DEMO, CN=simple + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:94:3a:db:2f:cd:cb:bf:2d:17:1c:c5:8b:b3:7a: + f7:69:00:69:58:93:31:81:2b:ce:cb:d9:f0:cb:2a: + 57:79:33:59:29:e0:37:a3:ff:e6:86:20:2a:4f:8f: + cd:0f:3f:49:17:44:68:f7:48:66:a1:56:ee:e2:d3: + 38:51:23:e1:9c:cc:3f:79:74:9e:d8:b1:70:f0:53: + 28:e5:8e:5d:50:8a:93:d8:98:38:d6:27:e3:23:32: + 14:26:73:12:27:1e:1f:c4:32:f1:b5:c1:8c:b3:06: + 8e:87:cd:23:ca:54:69:de:5e:d8:92:17:a8:c8:96: + 97:3b:9e:50:32:78:93:94:a1:fc:b2:6c:25:89:d9: + c4:c4:24:43:8c:9a:cc:59:10:f3:55:80:8d:48:fa: + 5d:b1:23:2f:68:22:ae:1e:dd:b7:8e:45:8e:79:7e: + 10:8e:49:e6:53:48:76:f9:1c:07:ff:73:d4:1b:86: + 71:2d:cf:68:51:32:c4:87:ff:9e:53:62:77:c8:f3: + 60:ac:9e:cb:3b:91:98:08:28:c3:ae:61:4e:ac:f0: + 03:2d:3c:6c:6a:3c:85:90:f1:97:5f:2d:4e:0a:da: + 4e:6c:c2:10:80:c4:93:dd:13:fc:11:e3:4d:e6:55: + b5:89:10:b7:c3:bd:34:e2:31:57:6a:64:61:1c:b4: + 7f:0b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Digital Signature, Key Encipherment + X509v3 Basic Constraints: + CA:FALSE + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Subject Key Identifier: + 87:A6:31:B6:EF:B3:8D:6E:77:34:16:6F:4A:C5:38:CC:C7:02:BD:AF + X509v3 Authority Key Identifier: + 76:0C:11:65:99:C1:AC:3C:28:4F:69:80:76:F9:1C:33:9C:3F:6E:FC + X509v3 Subject Alternative Name: + DNS:www.simple.org + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + bb:76:71:42:97:31:a7:06:4d:15:63:22:81:be:46:21:5a:89: + 94:63:89:89:92:3e:02:db:05:6c:dd:2f:a4:50:b4:34:14:e5: + d3:e7:6c:79:d2:1c:66:bc:54:26:4d:af:9a:b7:da:e4:e8:9a: + 97:68:d4:f2:16:f9:32:e3:23:4e:d1:93:8b:8d:3b:b3:47:a1: + 95:3e:34:42:00:ef:33:8c:3c:ab:9b:43:b1:60:6b:ad:62:ae: + 74:8f:66:6a:f3:0d:5c:dd:9f:05:69:a5:d1:bc:78:04:c0:d6: + 1e:19:d2:e2:b4:e3:6d:72:24:12:20:99:9d:36:1a:1b:b4:38: + 16:1d:c3:6c:e1:6f:af:de:43:e7:46:be:97:12:d0:c8:32:3b: + 48:44:0d:23:a9:dd:84:cc:f4:ac:f2:28:8f:88:43:f8:74:bd: + e8:0c:12:2b:b5:81:b0:18:ce:30:d9:c0:ac:e3:0a:f2:e7:bd: + 71:28:18:d7:9b:0a:d9:0b:a5:d0:6b:29:d7:49:8d:3e:a5:50: + 0d:89:b4:d7:95:04:c3:30:3b:19:22:85:0c:51:0c:01:dc:0f: + fd:f4:28:a8:fd:3d:ba:ee:fb:30:be:1e:07:11:76:84:09:96: + 05:e9:85:6c:47:06:34:1c:70:9f:25:66:54:23:8d:ca:f1:97: + 6c:63:b4:79 +-----BEGIN CERTIFICATE----- +MIID5zCCAs+gAwIBAgIUO9jNi5S7OsrfbTaOMKCvr9ycH0YwDQYJKoZIhvcNAQEL +BQAwXjETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkWBnNpbXBs +ZTETMBEGA1UECgwKU2ltcGxlIEluYzEaMBgGA1UEAwwRU2ltcGxlIFNpZ25pbmcg +Q0EwHhcNMjQwNzEwMTIzMzM2WhcNMjYwNzEwMTIzMzM2WjBiMRMwEQYKCZImiZPy +LGQBGRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1w +bGUgSW5jMQ0wCwYDVQQLDARERU1PMQ8wDQYDVQQDDAZzaW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUOtsvzcu/LRccxYuzevdpAGlYkzGBK87L +2fDLKld5M1kp4Dej/+aGICpPj80PP0kXRGj3SGahVu7i0zhRI+GczD95dJ7YsXDw +Uyjljl1QipPYmDjWJ+MjMhQmcxInHh/EMvG1wYyzBo6HzSPKVGneXtiSF6jIlpc7 +nlAyeJOUofyybCWJ2cTEJEOMmsxZEPNVgI1I+l2xIy9oIq4e3beORY55fhCOSeZT +SHb5HAf/c9QbhnEtz2hRMsSH/55TYnfI82Csnss7kZgIKMOuYU6s8AMtPGxqPIWQ +8ZdfLU4K2k5swhCAxJPdE/wR403mVbWJELfDvTTiMVdqZGEctH8LAgMBAAGjgZgw +gZUwDgYDVR0PAQH/BAQDAgWgMAkGA1UdEwQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH +AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSHpjG277ONbnc0Fm9KxTjMxwK9rzAfBgNV +HSMEGDAWgBR2DBFlmcGsPChPaYB2+RwznD9u/DAZBgNVHREEEjAQgg53d3cuc2lt +cGxlLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEAu3ZxQpcxpwZNFWMigb5GIVqJlGOJ +iZI+AtsFbN0vpFC0NBTl0+dsedIcZrxUJk2vmrfa5Oial2jU8hb5MuMjTtGTi407 +s0ehlT40QgDvM4w8q5tDsWBrrWKudI9mavMNXN2fBWml0bx4BMDWHhnS4rTjbXIk +EiCZnTYaG7Q4Fh3DbOFvr95D50a+lxLQyDI7SEQNI6ndhMz0rPIoj4hD+HS96AwS +K7WBsBjOMNnArOMK8ue9cSgY15sK2Qul0Gsp10mNPqVQDYm015UEwzA7GSKFDFEM +AdwP/fQoqP09uu77ML4eBxF2hAmWBemFbEcGNBxwnyVmVCONyvGXbGO0eQ== +-----END CERTIFICATE----- diff --git a/ca/signing-ca/db/signing-ca.crl.srl b/ca/signing-ca/db/signing-ca.crl.srl new file mode 100644 index 0000000..8a0f05e --- /dev/null +++ b/ca/signing-ca/db/signing-ca.crl.srl @@ -0,0 +1 @@ +01 diff --git a/ca/signing-ca/db/signing-ca.crt.srl b/ca/signing-ca/db/signing-ca.crt.srl new file mode 100644 index 0000000..8a0f05e --- /dev/null +++ b/ca/signing-ca/db/signing-ca.crt.srl @@ -0,0 +1 @@ +01 diff --git a/ca/signing-ca/db/signing-ca.db b/ca/signing-ca/db/signing-ca.db new file mode 100644 index 0000000..e644042 --- /dev/null +++ b/ca/signing-ca/db/signing-ca.db @@ -0,0 +1 @@ +V 260710123336Z 3BD8CD8B94BB3ACADF6D368E30A0AFAFDC9C1F46 unknown /DC=org/DC=simple/O=Simple Inc/OU=DEMO/CN=simple diff --git a/ca/signing-ca/db/signing-ca.db.attr b/ca/signing-ca/db/signing-ca.db.attr new file mode 100644 index 0000000..3a7e39e --- /dev/null +++ b/ca/signing-ca/db/signing-ca.db.attr @@ -0,0 +1 @@ +unique_subject = no diff --git a/ca/signing-ca/db/signing-ca.db.old b/ca/signing-ca/db/signing-ca.db.old new file mode 100644 index 0000000..e69de29 diff --git a/ca/signing-ca/private/signing-ca.key b/ca/signing-ca/private/signing-ca.key new file mode 100644 index 0000000..7079c1a --- /dev/null +++ b/ca/signing-ca/private/signing-ca.key @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFJDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQqeogVuQ6zc03SMkj +p1h2JQICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIGcxdL5e+RkMEggTI ++lIsaE2CcOXMDTL/CQISBhFw8M6PkgVNcF1dlwKf00wMtYF5e075k7loRlrfb/5y +6cJQcmYTvX8u0nq25kyNjriF0fUixEFquMXjD0gbEii4G36RK2NTCEPpB+7lOoFU +eeJwePduwezpm147b6rNTpSxTI3dT2CZ0/9GHAHtkQ1Q+9MVgZkA6Ufw6xPk00p7 +Wre7OEiWs59DaPppdwLB80vrh7FAoTlSdkQ9Bx6H0L2pHCDBSMysU5uvkNcCCxrC +uEA3x3m76ER6uxB3P4pZf+BnDfJoicprz0GSqH1sz9Wy0UvtsE+LPwEX+xL5xXX8 +9/MK9LHJzRzKvLfsEnZxlfjgFc/SK0787CwAzp++9CdcCnOmNvEH4ulZTmLORiZH +jay00Mwlgh4qKNUAenQzYvxeFjJw3ulyg5tu0aZX/8iJ/lRnL51zXMG0AWcNlhos +3/IjnSDVqsrwf3iVvb4z3Aft2TM2YAP+ZAjCaJ2o8gMGkIkUYSpF8aib7/BtySgO +Sxnnrh3FOITBuKRQI4AnFCHap1cjnypoVqQn2rlPhO1DC65Hwl+8xHOnM5PLZjk6 +LdW+KuvbzaXBtQhpiwGyFHCV+ii44/yBoqEmmkImAABoYCBw664JopKlwNHQcK8K +YBxOvG5gLsvhcWLuxbuNNEdJk2Qx/pm+ABZHem0J99wKd5+1sfZvh2GWt/2fFNtX +fqRVQ7IMZYhXS1HKK1D50l+4hD5FxtVrVphI5iR5ijzGfBzfCqvYxm46+4NfsarN +u4S3cee3cdO6dUUnrCsXHnnYnY4qCS9zQQdjQTms/JyEu2f8siHzdAaxInVMqbq1 +aeLwg3uulvZrzriDxhhAr1Ou/Txo/8uyK0WuvrveNqLg8sjpkVb2HXTYePPi27Uo +WEYCNjxHpKFT1aBip8ayT15SNI+DG+ccDSBgpZIzq5aLJVL3AB+hxPWBAJxZIXtt +oeDKWfRoOALp69ullSmGOc1z0xMxuyHCog2rB9S8qczc6IMnreOdR/Bqaj9TAhkl +np/fOslawOXUBtJ6uq6HSySGINRVo7o219+BNlXn47lDSTuGGNC0g67d+uyIj9yu +d2LW9W/B+FvyevSlj29/ms9Xf3zRMymJ80C14E1005v3EIwUhritVh2Vz07p80l1 +BSuuyrcK6e4k5C81TqaXGb1bkZPOzAnQMBf0RnyQO+a8/HAs6QXfpMF//hZeBNSl +FBHFfm3V+3p39ejCcQ70zntSvbu6AcXPhBC+YueiGDIDDeQzCDS+1DTnpqI091t+ +9tn8aWmaVL4YtTiWMwWUTN44AGUdL7jBrYD5VIrB5IXdG4fot0I9qDN/ieykFpbt +ya/A1QOyS3BuGYeZoU/b5SS0WBxBy3ncUN2jppZEk2yd81Jvbrk38MbpDlH+tTxm +M4/yehtHN1GFoQ/B+dobku2Ub/6CFu4UvTKaX42oSfgitQBJ/aWm+YGHTyGnJcdd +jeGHeQgNpQQgxQSnAhV9LjLcsDk8avavWu19zJgSmAbipamjJwyGgsWGi+OzuDLz +MDE2/rK3rHo7AsbiATPvp3HFm6i+2E7oxZ23HbS1o6bK0hNaSo1FG8AbafLaT1/y +D0mJZhK1WSLAdBcFVYLKjmO3Kmuj2JSQ +-----END ENCRYPTED PRIVATE KEY----- diff --git a/cert.pem b/cert.pem new file mode 100644 index 0000000..64843ec --- /dev/null +++ b/cert.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID5zCCAs+gAwIBAgIUO9jNi5S7OsrfbTaOMKCvr9ycH0YwDQYJKoZIhvcNAQEL +BQAwXjETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkWBnNpbXBs +ZTETMBEGA1UECgwKU2ltcGxlIEluYzEaMBgGA1UEAwwRU2ltcGxlIFNpZ25pbmcg +Q0EwHhcNMjQwNzEwMTIzMzM2WhcNMjYwNzEwMTIzMzM2WjBiMRMwEQYKCZImiZPy +LGQBGRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1w +bGUgSW5jMQ0wCwYDVQQLDARERU1PMQ8wDQYDVQQDDAZzaW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUOtsvzcu/LRccxYuzevdpAGlYkzGBK87L +2fDLKld5M1kp4Dej/+aGICpPj80PP0kXRGj3SGahVu7i0zhRI+GczD95dJ7YsXDw +Uyjljl1QipPYmDjWJ+MjMhQmcxInHh/EMvG1wYyzBo6HzSPKVGneXtiSF6jIlpc7 +nlAyeJOUofyybCWJ2cTEJEOMmsxZEPNVgI1I+l2xIy9oIq4e3beORY55fhCOSeZT +SHb5HAf/c9QbhnEtz2hRMsSH/55TYnfI82Csnss7kZgIKMOuYU6s8AMtPGxqPIWQ +8ZdfLU4K2k5swhCAxJPdE/wR403mVbWJELfDvTTiMVdqZGEctH8LAgMBAAGjgZgw +gZUwDgYDVR0PAQH/BAQDAgWgMAkGA1UdEwQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH +AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSHpjG277ONbnc0Fm9KxTjMxwK9rzAfBgNV +HSMEGDAWgBR2DBFlmcGsPChPaYB2+RwznD9u/DAZBgNVHREEEjAQgg53d3cuc2lt +cGxlLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEAu3ZxQpcxpwZNFWMigb5GIVqJlGOJ +iZI+AtsFbN0vpFC0NBTl0+dsedIcZrxUJk2vmrfa5Oial2jU8hb5MuMjTtGTi407 +s0ehlT40QgDvM4w8q5tDsWBrrWKudI9mavMNXN2fBWml0bx4BMDWHhnS4rTjbXIk +EiCZnTYaG7Q4Fh3DbOFvr95D50a+lxLQyDI7SEQNI6ndhMz0rPIoj4hD+HS96AwS +K7WBsBjOMNnArOMK8ue9cSgY15sK2Qul0Gsp10mNPqVQDYm015UEwzA7GSKFDFEM +AdwP/fQoqP09uu77ML4eBxF2hAmWBemFbEcGNBxwnyVmVCONyvGXbGO0eQ== +-----END CERTIFICATE----- diff --git a/certs/simple-org.crt b/certs/simple-org.crt new file mode 100644 index 0000000..8a4280b --- /dev/null +++ b/certs/simple-org.crt @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 3b:d8:cd:8b:94:bb:3a:ca:df:6d:36:8e:30:a0:af:af:dc:9c:1f:46 + Signature Algorithm: sha256WithRSAEncryption + Issuer: DC=org, DC=simple, O=Simple Inc, CN=Simple Signing CA + Validity + Not Before: Jul 10 12:33:36 2024 GMT + Not After : Jul 10 12:33:36 2026 GMT + Subject: DC=org, DC=simple, O=Simple Inc, OU=DEMO, CN=simple + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:94:3a:db:2f:cd:cb:bf:2d:17:1c:c5:8b:b3:7a: + f7:69:00:69:58:93:31:81:2b:ce:cb:d9:f0:cb:2a: + 57:79:33:59:29:e0:37:a3:ff:e6:86:20:2a:4f:8f: + cd:0f:3f:49:17:44:68:f7:48:66:a1:56:ee:e2:d3: + 38:51:23:e1:9c:cc:3f:79:74:9e:d8:b1:70:f0:53: + 28:e5:8e:5d:50:8a:93:d8:98:38:d6:27:e3:23:32: + 14:26:73:12:27:1e:1f:c4:32:f1:b5:c1:8c:b3:06: + 8e:87:cd:23:ca:54:69:de:5e:d8:92:17:a8:c8:96: + 97:3b:9e:50:32:78:93:94:a1:fc:b2:6c:25:89:d9: + c4:c4:24:43:8c:9a:cc:59:10:f3:55:80:8d:48:fa: + 5d:b1:23:2f:68:22:ae:1e:dd:b7:8e:45:8e:79:7e: + 10:8e:49:e6:53:48:76:f9:1c:07:ff:73:d4:1b:86: + 71:2d:cf:68:51:32:c4:87:ff:9e:53:62:77:c8:f3: + 60:ac:9e:cb:3b:91:98:08:28:c3:ae:61:4e:ac:f0: + 03:2d:3c:6c:6a:3c:85:90:f1:97:5f:2d:4e:0a:da: + 4e:6c:c2:10:80:c4:93:dd:13:fc:11:e3:4d:e6:55: + b5:89:10:b7:c3:bd:34:e2:31:57:6a:64:61:1c:b4: + 7f:0b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Digital Signature, Key Encipherment + X509v3 Basic Constraints: + CA:FALSE + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Subject Key Identifier: + 87:A6:31:B6:EF:B3:8D:6E:77:34:16:6F:4A:C5:38:CC:C7:02:BD:AF + X509v3 Authority Key Identifier: + 76:0C:11:65:99:C1:AC:3C:28:4F:69:80:76:F9:1C:33:9C:3F:6E:FC + X509v3 Subject Alternative Name: + DNS:www.simple.org + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + bb:76:71:42:97:31:a7:06:4d:15:63:22:81:be:46:21:5a:89: + 94:63:89:89:92:3e:02:db:05:6c:dd:2f:a4:50:b4:34:14:e5: + d3:e7:6c:79:d2:1c:66:bc:54:26:4d:af:9a:b7:da:e4:e8:9a: + 97:68:d4:f2:16:f9:32:e3:23:4e:d1:93:8b:8d:3b:b3:47:a1: + 95:3e:34:42:00:ef:33:8c:3c:ab:9b:43:b1:60:6b:ad:62:ae: + 74:8f:66:6a:f3:0d:5c:dd:9f:05:69:a5:d1:bc:78:04:c0:d6: + 1e:19:d2:e2:b4:e3:6d:72:24:12:20:99:9d:36:1a:1b:b4:38: + 16:1d:c3:6c:e1:6f:af:de:43:e7:46:be:97:12:d0:c8:32:3b: + 48:44:0d:23:a9:dd:84:cc:f4:ac:f2:28:8f:88:43:f8:74:bd: + e8:0c:12:2b:b5:81:b0:18:ce:30:d9:c0:ac:e3:0a:f2:e7:bd: + 71:28:18:d7:9b:0a:d9:0b:a5:d0:6b:29:d7:49:8d:3e:a5:50: + 0d:89:b4:d7:95:04:c3:30:3b:19:22:85:0c:51:0c:01:dc:0f: + fd:f4:28:a8:fd:3d:ba:ee:fb:30:be:1e:07:11:76:84:09:96: + 05:e9:85:6c:47:06:34:1c:70:9f:25:66:54:23:8d:ca:f1:97: + 6c:63:b4:79 +-----BEGIN CERTIFICATE----- +MIID5zCCAs+gAwIBAgIUO9jNi5S7OsrfbTaOMKCvr9ycH0YwDQYJKoZIhvcNAQEL +BQAwXjETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkWBnNpbXBs +ZTETMBEGA1UECgwKU2ltcGxlIEluYzEaMBgGA1UEAwwRU2ltcGxlIFNpZ25pbmcg +Q0EwHhcNMjQwNzEwMTIzMzM2WhcNMjYwNzEwMTIzMzM2WjBiMRMwEQYKCZImiZPy +LGQBGRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1w +bGUgSW5jMQ0wCwYDVQQLDARERU1PMQ8wDQYDVQQDDAZzaW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUOtsvzcu/LRccxYuzevdpAGlYkzGBK87L +2fDLKld5M1kp4Dej/+aGICpPj80PP0kXRGj3SGahVu7i0zhRI+GczD95dJ7YsXDw +Uyjljl1QipPYmDjWJ+MjMhQmcxInHh/EMvG1wYyzBo6HzSPKVGneXtiSF6jIlpc7 +nlAyeJOUofyybCWJ2cTEJEOMmsxZEPNVgI1I+l2xIy9oIq4e3beORY55fhCOSeZT +SHb5HAf/c9QbhnEtz2hRMsSH/55TYnfI82Csnss7kZgIKMOuYU6s8AMtPGxqPIWQ +8ZdfLU4K2k5swhCAxJPdE/wR403mVbWJELfDvTTiMVdqZGEctH8LAgMBAAGjgZgw +gZUwDgYDVR0PAQH/BAQDAgWgMAkGA1UdEwQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH +AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSHpjG277ONbnc0Fm9KxTjMxwK9rzAfBgNV +HSMEGDAWgBR2DBFlmcGsPChPaYB2+RwznD9u/DAZBgNVHREEEjAQgg53d3cuc2lt +cGxlLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEAu3ZxQpcxpwZNFWMigb5GIVqJlGOJ +iZI+AtsFbN0vpFC0NBTl0+dsedIcZrxUJk2vmrfa5Oial2jU8hb5MuMjTtGTi407 +s0ehlT40QgDvM4w8q5tDsWBrrWKudI9mavMNXN2fBWml0bx4BMDWHhnS4rTjbXIk +EiCZnTYaG7Q4Fh3DbOFvr95D50a+lxLQyDI7SEQNI6ndhMz0rPIoj4hD+HS96AwS +K7WBsBjOMNnArOMK8ue9cSgY15sK2Qul0Gsp10mNPqVQDYm015UEwzA7GSKFDFEM +AdwP/fQoqP09uu77ML4eBxF2hAmWBemFbEcGNBxwnyVmVCONyvGXbGO0eQ== +-----END CERTIFICATE----- diff --git a/certs/simple-org.csr b/certs/simple-org.csr new file mode 100644 index 0000000..71ce335 --- /dev/null +++ b/certs/simple-org.csr @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIDITCCAgkCAQAwYjETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixk +ARkWBnNpbXBsZTETMBEGA1UECgwKU2ltcGxlIEluYzENMAsGA1UECwwEREVNTzEP +MA0GA1UEAwwGc2ltcGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +lDrbL83Lvy0XHMWLs3r3aQBpWJMxgSvOy9nwyypXeTNZKeA3o//mhiAqT4/NDz9J +F0Ro90hmoVbu4tM4USPhnMw/eXSe2LFw8FMo5Y5dUIqT2Jg41ifjIzIUJnMSJx4f +xDLxtcGMswaOh80jylRp3l7YkheoyJaXO55QMniTlKH8smwlidnExCRDjJrMWRDz +VYCNSPpdsSMvaCKuHt23jkWOeX4QjknmU0h2+RwH/3PUG4ZxLc9oUTLEh/+eU2J3 +yPNgrJ7LO5GYCCjDrmFOrPADLTxsajyFkPGXXy1OCtpObMIQgMST3RP8EeNN5lW1 +iRC3w7004jFXamRhHLR/CwIDAQABoHoweAYJKoZIhvcNAQkOMWswaTAOBgNVHQ8B +Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW +BBSHpjG277ONbnc0Fm9KxTjMxwK9rzAZBgNVHREEEjAQgg53d3cuc2ltcGxlLm9y +ZzANBgkqhkiG9w0BAQsFAAOCAQEAXGbhW1NPfGtkXLD+1eeGOuXNiBlWpRkxuIZN +hqzXPs8mcG3smBLVE90gVDu83aYQCBZe2fXpXVu0r8RVuF+mCQJMz6oMWYjdYohh +c1nkVsFOWhrHtzBLNvP+jAthzHlElSfalLcDnY5OxNuHhNuMt8Ua/lHh4eLUhkSX +4QO+1T9eBOIP/uqtukTRe22URcXAkfpkEFgEMmgtEZatitokgsKO01ZqZZct9gmo +ofc2F9ByZ1f31w4zNkTL8ybFamymikhpZtgBYGNndtkLIMhdCr0YmdszQQCgkSSi +WKz65AUp8fG4olsHdoviHHTN0+Z0D0sfICc2tiBcVtGNeYBHhg== +-----END CERTIFICATE REQUEST----- diff --git a/certs/simple-org.key b/certs/simple-org.key new file mode 100644 index 0000000..aecb626 --- /dev/null +++ b/certs/simple-org.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCadHqDk3Rbc8Ke +XSUisado7cAauTWftl3Jv5JQ2WIQU8moxLQT4uhkOyWHn/CROVGa6kUhKc0mOdkZ +1g3ZVgrMOh3zId2Vq3M1H3x0NVUbcBFnEAjVz4yoyy1+piKSWiYhyJs4opXFlG02 +2DzeMQpoTcjkvb8fVux8JJcaKDmYG2lwhuGYAuEhzlO4/2Si51n09rsRETLyh8do +93jHRvx5LynNqM3MdRnK4f6Ea0GlMBrmys/7IZGze8shkTUkPULr6g0uUNLwRcFg ++jMNtNuy8StSou6ngkOMM1e8DGmCpyerX0eRQWOzaDaYBdzmr+9m4Wpdi2UYdOlX +khlCEaaHAgMBAAECggEAAeD9EzRzNnWVQe7MzS3L1vzQEcMmyRA/2kPdwwFZEbQ4 +jo3KdFTO2VaeaJaAteHCunslEiKJtRsAJzH4n5ncPG6lcRDuSQF5sWi9a9QGQcow +NOUUQuEiBB+h730+/b+o/RapvZuhJo9dVEzo38DXaTxLqhg5sYORvDakZpRHWqIz +Nz++gcNjgyC4MYnBu5jps7Q55hXNnJ5EV3fFeHMxKdJm5RQ542fKR5BrYwwj2vWR +e8P++VTA14whsxfZTR72lqphYAo2t4l1LseZns78LX3Bqn2k+FsPfKWL2JrnzO9u +1xGeKuBJ0Av2CIwXUnfqdo+EeJI9B3aj+Qt3PoccmQKBgQDUj3qP7dIzxzveedYc +paBsb6doukMNRppALWPtH3zMKGTFw3fA7u57nvsdk/kuhqQpvpO/L6/bKkZbiy/j +d0Ji4nFPcLxevx73AVgGhOkw4Fh6fn5MtonvRvfROGYKRv8uscTwud0QGtLxYv5I +Kho3fF+A4oeRTFrjcY20qKd3WwKBgQC6BRjinDOfGDSNtiHqZUDx0XkNKejBGUC+ +3uqNQuPAmUnAFL/itBklvyP6Q7HmmFzqxTGDCtO9gQLMfvDowI3umztuSkn2QJSP +JAwVtgVmqig23kiOddSX3rb/GQxSFTCpSM6RxJXOi/1SURHBg1mVuY++2c0wDZKN +ArSOfS9hRQKBgG6CCZ46bkYtFpsbjI1oLncxtT9lVubYBenHr2PgMumRNpL6hI/x +qFrs1HEUNUBTD5YEVpvXFv5ChEGjo0oG/qSaRX6fhc9cXaTdNf5tqy6V9Gn6yX7o +h922b7B+Oc6uCo0kLtdYSe3NhE2qwbiS6v5d0ukW3JRVtgr5RkreQ/JxAoGALyGt +fXUwSyYZ4rH8A+SlwN9fOWud8pcQZYwbh7Ej/Z+ZJRbcy3bwTDUSy40tXQzLthxC +gD5VCdXPPLsJFR/8ljE0rKwb803HlkD+4t1cnveL+uL1JUtLkzM10IqrKXz++FVf +KWXSwyOLCrlJs2sxXpNGjYenyn4V3K6LyvKC97UCgYBuxENiB1odOSw5VpMKCWtX +L9yMBruh3pH6WqwQBRBb90iItoL8jauo2C0l5+H/DskA1VeZAK2jRMYxuvoElS07 +aUjsC4J7Tv27YUU+ikoHSNdpZqAI1O6J0/GMIzqv1goA/BKTdmPZ3uybbGnJsIO6 +6JuzQNFONm/PDyRH9f7B5w== +-----END PRIVATE KEY----- diff --git a/chaincert.crt b/chaincert.crt new file mode 100644 index 0000000..800137f --- /dev/null +++ b/chaincert.crt @@ -0,0 +1,251 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 3b:d8:cd:8b:94:bb:3a:ca:df:6d:36:8e:30:a0:af:af:dc:9c:1f:46 + Signature Algorithm: sha256WithRSAEncryption + Issuer: DC=org, DC=simple, O=Simple Inc, CN=Simple Signing CA + Validity + Not Before: Jul 10 12:33:36 2024 GMT + Not After : Jul 10 12:33:36 2026 GMT + Subject: DC=org, DC=simple, O=Simple Inc, OU=DEMO, CN=simple + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:94:3a:db:2f:cd:cb:bf:2d:17:1c:c5:8b:b3:7a: + f7:69:00:69:58:93:31:81:2b:ce:cb:d9:f0:cb:2a: + 57:79:33:59:29:e0:37:a3:ff:e6:86:20:2a:4f:8f: + cd:0f:3f:49:17:44:68:f7:48:66:a1:56:ee:e2:d3: + 38:51:23:e1:9c:cc:3f:79:74:9e:d8:b1:70:f0:53: + 28:e5:8e:5d:50:8a:93:d8:98:38:d6:27:e3:23:32: + 14:26:73:12:27:1e:1f:c4:32:f1:b5:c1:8c:b3:06: + 8e:87:cd:23:ca:54:69:de:5e:d8:92:17:a8:c8:96: + 97:3b:9e:50:32:78:93:94:a1:fc:b2:6c:25:89:d9: + c4:c4:24:43:8c:9a:cc:59:10:f3:55:80:8d:48:fa: + 5d:b1:23:2f:68:22:ae:1e:dd:b7:8e:45:8e:79:7e: + 10:8e:49:e6:53:48:76:f9:1c:07:ff:73:d4:1b:86: + 71:2d:cf:68:51:32:c4:87:ff:9e:53:62:77:c8:f3: + 60:ac:9e:cb:3b:91:98:08:28:c3:ae:61:4e:ac:f0: + 03:2d:3c:6c:6a:3c:85:90:f1:97:5f:2d:4e:0a:da: + 4e:6c:c2:10:80:c4:93:dd:13:fc:11:e3:4d:e6:55: + b5:89:10:b7:c3:bd:34:e2:31:57:6a:64:61:1c:b4: + 7f:0b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Digital Signature, Key Encipherment + X509v3 Basic Constraints: + CA:FALSE + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Subject Key Identifier: + 87:A6:31:B6:EF:B3:8D:6E:77:34:16:6F:4A:C5:38:CC:C7:02:BD:AF + X509v3 Authority Key Identifier: + 76:0C:11:65:99:C1:AC:3C:28:4F:69:80:76:F9:1C:33:9C:3F:6E:FC + X509v3 Subject Alternative Name: + DNS:www.simple.org + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + bb:76:71:42:97:31:a7:06:4d:15:63:22:81:be:46:21:5a:89: + 94:63:89:89:92:3e:02:db:05:6c:dd:2f:a4:50:b4:34:14:e5: + d3:e7:6c:79:d2:1c:66:bc:54:26:4d:af:9a:b7:da:e4:e8:9a: + 97:68:d4:f2:16:f9:32:e3:23:4e:d1:93:8b:8d:3b:b3:47:a1: + 95:3e:34:42:00:ef:33:8c:3c:ab:9b:43:b1:60:6b:ad:62:ae: + 74:8f:66:6a:f3:0d:5c:dd:9f:05:69:a5:d1:bc:78:04:c0:d6: + 1e:19:d2:e2:b4:e3:6d:72:24:12:20:99:9d:36:1a:1b:b4:38: + 16:1d:c3:6c:e1:6f:af:de:43:e7:46:be:97:12:d0:c8:32:3b: + 48:44:0d:23:a9:dd:84:cc:f4:ac:f2:28:8f:88:43:f8:74:bd: + e8:0c:12:2b:b5:81:b0:18:ce:30:d9:c0:ac:e3:0a:f2:e7:bd: + 71:28:18:d7:9b:0a:d9:0b:a5:d0:6b:29:d7:49:8d:3e:a5:50: + 0d:89:b4:d7:95:04:c3:30:3b:19:22:85:0c:51:0c:01:dc:0f: + fd:f4:28:a8:fd:3d:ba:ee:fb:30:be:1e:07:11:76:84:09:96: + 05:e9:85:6c:47:06:34:1c:70:9f:25:66:54:23:8d:ca:f1:97: + 6c:63:b4:79 +-----BEGIN CERTIFICATE----- +MIID5zCCAs+gAwIBAgIUO9jNi5S7OsrfbTaOMKCvr9ycH0YwDQYJKoZIhvcNAQEL +BQAwXjETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkWBnNpbXBs +ZTETMBEGA1UECgwKU2ltcGxlIEluYzEaMBgGA1UEAwwRU2ltcGxlIFNpZ25pbmcg +Q0EwHhcNMjQwNzEwMTIzMzM2WhcNMjYwNzEwMTIzMzM2WjBiMRMwEQYKCZImiZPy +LGQBGRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1w +bGUgSW5jMQ0wCwYDVQQLDARERU1PMQ8wDQYDVQQDDAZzaW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUOtsvzcu/LRccxYuzevdpAGlYkzGBK87L +2fDLKld5M1kp4Dej/+aGICpPj80PP0kXRGj3SGahVu7i0zhRI+GczD95dJ7YsXDw +Uyjljl1QipPYmDjWJ+MjMhQmcxInHh/EMvG1wYyzBo6HzSPKVGneXtiSF6jIlpc7 +nlAyeJOUofyybCWJ2cTEJEOMmsxZEPNVgI1I+l2xIy9oIq4e3beORY55fhCOSeZT +SHb5HAf/c9QbhnEtz2hRMsSH/55TYnfI82Csnss7kZgIKMOuYU6s8AMtPGxqPIWQ +8ZdfLU4K2k5swhCAxJPdE/wR403mVbWJELfDvTTiMVdqZGEctH8LAgMBAAGjgZgw +gZUwDgYDVR0PAQH/BAQDAgWgMAkGA1UdEwQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH +AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSHpjG277ONbnc0Fm9KxTjMxwK9rzAfBgNV +HSMEGDAWgBR2DBFlmcGsPChPaYB2+RwznD9u/DAZBgNVHREEEjAQgg53d3cuc2lt +cGxlLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEAu3ZxQpcxpwZNFWMigb5GIVqJlGOJ +iZI+AtsFbN0vpFC0NBTl0+dsedIcZrxUJk2vmrfa5Oial2jU8hb5MuMjTtGTi407 +s0ehlT40QgDvM4w8q5tDsWBrrWKudI9mavMNXN2fBWml0bx4BMDWHhnS4rTjbXIk +EiCZnTYaG7Q4Fh3DbOFvr95D50a+lxLQyDI7SEQNI6ndhMz0rPIoj4hD+HS96AwS +K7WBsBjOMNnArOMK8ue9cSgY15sK2Qul0Gsp10mNPqVQDYm015UEwzA7GSKFDFEM +AdwP/fQoqP09uu77ML4eBxF2hAmWBemFbEcGNBxwnyVmVCONyvGXbGO0eQ== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 34:b9:70:ce:2e:e0:21:ae:09:ee:06:7c:dc:ad:8d:78:04:ea:63:8d + Signature Algorithm: sha256WithRSAEncryption + Issuer: DC=org, DC=simple, O=Simple Inc, CN=Simple Root CA + Validity + Not Before: Jul 10 12:24:33 2024 GMT + Not After : Jul 10 12:24:33 2034 GMT + Subject: DC=org, DC=simple, O=Simple Inc, CN=Simple Signing CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:dc:28:c2:18:ee:82:01:7a:fe:61:74:96:90:14: + 08:44:f4:a0:ee:06:60:fc:58:2f:18:2a:9a:d5:f6: + e5:85:93:c0:5c:ec:b4:2d:42:d2:77:47:2f:9b:fc: + a9:48:19:e5:76:37:06:b9:1f:0d:7a:30:9c:67:d1: + a5:70:ce:c4:46:17:ef:28:f8:6c:9d:46:48:2f:5f: + 6e:44:01:33:f3:a6:65:9c:45:16:aa:73:ff:3c:0a: + 25:fe:3c:4b:84:8b:d1:24:17:70:7a:b5:23:51:d7: + 45:fd:78:0a:cd:95:ce:4c:51:e8:f1:5c:ad:10:92: + 1c:f3:75:c6:01:f3:1e:a0:8e:b9:7a:36:29:41:45: + 31:ea:fe:1d:5f:01:f1:d0:42:79:0e:82:1f:f5:5b: + 4c:ca:f4:b2:77:6d:fc:ec:85:76:d5:2b:1d:52:d5: + 22:37:7d:05:b2:c8:5d:75:85:86:9a:9f:42:d4:bb: + 9f:10:ee:4c:b3:25:c4:89:ff:62:c9:5c:48:e0:61: + 8d:25:0d:79:a6:ca:42:27:5f:ca:43:62:62:82:16: + f1:cc:bf:89:e9:dd:c4:77:dc:36:c4:a1:38:e1:24: + 81:46:88:a4:bb:29:6c:81:d6:72:ec:f9:57:26:19: + a5:6f:34:df:8a:bc:8c:6c:9b:ff:00:c2:dc:48:2e: + 57:81 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE, pathlen:0 + X509v3 Subject Key Identifier: + 76:0C:11:65:99:C1:AC:3C:28:4F:69:80:76:F9:1C:33:9C:3F:6E:FC + X509v3 Authority Key Identifier: + 1D:A5:97:88:49:7C:75:9B:DE:6D:8D:9F:6E:27:7B:47:93:EE:55:65 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 0e:7b:17:8f:28:96:b6:bf:ea:e4:e1:6c:96:48:ac:d6:89:95: + 24:cd:47:3d:28:79:9a:9c:6a:22:07:85:53:d5:05:55:c1:d9: + ce:3f:6b:f6:ff:0a:04:bf:6e:95:b5:5b:c6:74:9e:a1:80:6a: + f5:db:af:f8:e0:ef:56:87:6f:45:96:75:20:1b:12:5c:75:35: + 7b:d7:0b:85:f3:23:14:2c:d7:e9:7e:49:c8:2a:6b:ce:0d:97: + 81:69:05:67:ef:00:51:b2:3f:00:8a:16:20:68:93:56:0d:9a: + e1:41:eb:b6:7e:f8:65:ee:10:7d:4c:5f:04:b0:57:27:be:3c: + 9f:50:3e:49:12:71:c5:f3:54:7b:55:54:6c:08:c0:7f:5e:2f: + 44:83:88:1e:21:60:e9:e7:22:43:e6:49:9f:ed:b6:5f:01:82: + 0a:bf:81:cd:9f:4a:b3:62:85:d5:c8:d4:5c:d1:48:d8:69:4a: + 63:6d:82:40:ef:b6:15:bc:fa:48:77:7c:3d:eb:21:a7:03:8e: + 69:e1:5d:c1:e6:f7:5a:72:04:fe:c4:42:c2:36:e3:35:91:1d: + 92:a3:33:cb:b0:33:05:23:87:4e:7f:32:41:24:f7:91:a9:92: + 5d:94:4b:81:b8:3e:07:e3:ab:f2:91:eb:88:30:e7:f9:66:47: + de:9b:6c:eb +-----BEGIN CERTIFICATE----- +MIIDrTCCApWgAwIBAgIUNLlwzi7gIa4J7gZ83K2NeATqY40wDQYJKoZIhvcNAQEL +BQAwWzETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkWBnNpbXBs +ZTETMBEGA1UECgwKU2ltcGxlIEluYzEXMBUGA1UEAwwOU2ltcGxlIFJvb3QgQ0Ew +HhcNMjQwNzEwMTIyNDMzWhcNMzQwNzEwMTIyNDMzWjBeMRMwEQYKCZImiZPyLGQB +GRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1wbGUg +SW5jMRowGAYDVQQDDBFTaW1wbGUgU2lnbmluZyBDQTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANwowhjuggF6/mF0lpAUCET0oO4GYPxYLxgqmtX25YWT +wFzstC1C0ndHL5v8qUgZ5XY3BrkfDXownGfRpXDOxEYX7yj4bJ1GSC9fbkQBM/Om +ZZxFFqpz/zwKJf48S4SL0SQXcHq1I1HXRf14Cs2VzkxR6PFcrRCSHPN1xgHzHqCO +uXo2KUFFMer+HV8B8dBCeQ6CH/VbTMr0sndt/OyFdtUrHVLVIjd9BbLIXXWFhpqf +QtS7nxDuTLMlxIn/YslcSOBhjSUNeabKQidfykNiYoIW8cy/iendxHfcNsShOOEk +gUaIpLspbIHWcuz5VyYZpW8034q8jGyb/wDC3EguV4ECAwEAAaNmMGQwDgYDVR0P +AQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHYMEWWZwaw8 +KE9pgHb5HDOcP278MB8GA1UdIwQYMBaAFB2ll4hJfHWb3m2Nn24ne0eT7lVlMA0G +CSqGSIb3DQEBCwUAA4IBAQAOexePKJa2v+rk4WyWSKzWiZUkzUc9KHmanGoiB4VT +1QVVwdnOP2v2/woEv26VtVvGdJ6hgGr126/44O9Wh29FlnUgGxJcdTV71wuF8yMU +LNfpfknIKmvODZeBaQVn7wBRsj8AihYgaJNWDZrhQeu2fvhl7hB9TF8EsFcnvjyf +UD5JEnHF81R7VVRsCMB/Xi9Eg4geIWDp5yJD5kmf7bZfAYIKv4HNn0qzYoXVyNRc +0UjYaUpjbYJA77YVvPpId3w96yGnA45p4V3B5vdacgT+xELCNuM1kR2SozPLsDMF +I4dOfzJBJPeRqZJdlEuBuD4H46vykeuIMOf5Zkfem2zr +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 3f:6b:03:63:f0:8f:d5:64:19:84:44:1b:13:be:6a:a1:48:0a:78:6b + Signature Algorithm: sha256WithRSAEncryption + Issuer: DC=org, DC=simple, O=Simple Inc, CN=Simple Root CA + Validity + Not Before: Jul 10 12:21:51 2024 GMT + Not After : Jul 10 12:21:51 2034 GMT + Subject: DC=org, DC=simple, O=Simple Inc, CN=Simple Root CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:be:6b:34:7d:62:ba:ef:d1:a9:dd:75:34:72:ed: + d0:16:e6:73:7c:c3:11:07:32:82:95:aa:f5:5b:06: + de:cb:00:9f:2b:c0:20:1c:2d:52:a9:d0:ac:8f:ec: + 2f:ca:f7:3d:9f:11:58:ed:23:50:e6:72:75:ba:f8: + 8b:54:0c:c6:2a:f2:9f:7e:02:10:1b:3d:3e:5a:fe: + b0:cf:e6:f5:23:ce:39:ba:92:9c:04:55:a3:4a:b6: + 3e:12:1a:fc:e1:c4:af:9f:81:6b:f0:db:78:7d:d3: + 9d:73:10:71:ff:3c:92:2f:c5:37:f9:61:48:76:b2: + 60:32:1f:51:82:f9:06:20:0d:40:5b:4c:9b:0a:fa: + 42:d8:fd:b1:d4:9a:98:91:4e:01:46:69:56:f8:fc: + ed:7f:e8:e8:22:d9:37:e6:f9:f3:ea:60:7d:b5:d9: + f2:62:0b:33:ee:11:f1:2c:81:1d:a9:56:ae:7a:14: + 03:53:90:3c:ad:3d:04:77:32:fe:d0:98:10:31:10: + 0f:44:6f:96:eb:5f:46:b1:52:81:cb:f3:d1:22:36: + 30:56:7c:66:98:4f:fa:17:0b:4d:91:9d:6b:b0:fb: + d7:a2:69:1c:8a:fa:fd:31:cc:55:e8:e1:97:c7:7b: + 21:74:5d:a1:e4:bc:43:c8:04:80:0e:72:92:18:6c: + 6a:49 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 1D:A5:97:88:49:7C:75:9B:DE:6D:8D:9F:6E:27:7B:47:93:EE:55:65 + X509v3 Authority Key Identifier: + 1D:A5:97:88:49:7C:75:9B:DE:6D:8D:9F:6E:27:7B:47:93:EE:55:65 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 43:9a:99:69:ad:3f:27:a1:08:25:a7:b3:b0:a3:5f:f2:80:3c: + fb:3e:02:3b:5c:3b:ad:38:42:91:f9:7f:75:bf:d5:9b:02:2a: + 8f:01:92:8e:17:f4:ed:f4:d2:71:a7:2a:c0:97:fa:a8:3e:14: + c1:59:d4:b3:f9:2d:d7:77:75:0c:11:7c:a4:9a:7d:4d:fb:86: + 78:eb:ed:d8:4a:de:fa:46:de:5a:0d:71:e7:52:36:fe:e9:06: + e2:67:82:33:15:00:c9:de:94:46:d2:f4:78:cc:a4:54:35:f4: + 0a:ac:b9:be:4b:e8:02:f6:04:60:67:c8:e0:a3:7f:9c:c7:9e: + 39:68:bd:b3:6c:76:d2:ed:c1:ac:6b:5e:51:e4:9c:9c:3f:ea: + 98:d5:53:2d:1c:f9:3b:6e:a0:ca:23:27:c5:1b:f2:44:63:4d: + d9:cb:f1:24:38:61:ad:2d:57:11:f5:df:4e:8c:12:33:e2:b8: + 97:21:d0:1e:e0:76:bf:dd:7f:29:a3:6b:e9:78:f2:7c:74:be: + 33:c4:5f:2d:05:b0:18:20:f8:f5:9a:97:b5:80:ec:ac:d5:e3: + a6:d6:ad:18:e5:4a:7c:76:61:ca:b9:32:62:02:d6:09:71:15: + f8:23:37:6f:6b:c0:60:65:cf:37:00:6a:b2:e9:bb:b1:81:40: + 0f:f9:a9:04 +-----BEGIN CERTIFICATE----- +MIIDpzCCAo+gAwIBAgIUP2sDY/CP1WQZhEQbE75qoUgKeGswDQYJKoZIhvcNAQEL +BQAwWzETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkWBnNpbXBs +ZTETMBEGA1UECgwKU2ltcGxlIEluYzEXMBUGA1UEAwwOU2ltcGxlIFJvb3QgQ0Ew +HhcNMjQwNzEwMTIyMTUxWhcNMzQwNzEwMTIyMTUxWjBbMRMwEQYKCZImiZPyLGQB +GRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1wbGUg +SW5jMRcwFQYDVQQDDA5TaW1wbGUgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAL5rNH1iuu/Rqd11NHLt0Bbmc3zDEQcygpWq9VsG3ssAnyvA +IBwtUqnQrI/sL8r3PZ8RWO0jUOZydbr4i1QMxiryn34CEBs9Plr+sM/m9SPOObqS +nARVo0q2PhIa/OHEr5+Ba/DbeH3TnXMQcf88ki/FN/lhSHayYDIfUYL5BiANQFtM +mwr6Qtj9sdSamJFOAUZpVvj87X/o6CLZN+b58+pgfbXZ8mILM+4R8SyBHalWrnoU +A1OQPK09BHcy/tCYEDEQD0RvlutfRrFSgcvz0SI2MFZ8ZphP+hcLTZGda7D716Jp +HIr6/THMVejhl8d7IXRdoeS8Q8gEgA5ykhhsakkCAwEAAaNjMGEwDgYDVR0PAQH/ +BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFB2ll4hJfHWb3m2Nn24n +e0eT7lVlMB8GA1UdIwQYMBaAFB2ll4hJfHWb3m2Nn24ne0eT7lVlMA0GCSqGSIb3 +DQEBCwUAA4IBAQBDmplprT8noQglp7Owo1/ygDz7PgI7XDutOEKR+X91v9WbAiqP +AZKOF/Tt9NJxpyrAl/qoPhTBWdSz+S3Xd3UMEXykmn1N+4Z46+3YSt76Rt5aDXHn +Ujb+6QbiZ4IzFQDJ3pRG0vR4zKRUNfQKrLm+S+gC9gRgZ8jgo3+cx545aL2zbHbS +7cGsa15R5JycP+qY1VMtHPk7bqDKIyfFG/JEY03Zy/EkOGGtLVcR9d9OjBIz4riX +IdAe4Ha/3X8po2vpePJ8dL4zxF8tBbAYIPj1mpe1gOys1eOm1q0Y5Up8dmHKuTJi +AtYJcRX4Izdva8BgZc83AGqy6buxgUAP+akE +-----END CERTIFICATE----- diff --git a/chaincert.pem b/chaincert.pem new file mode 100644 index 0000000..64843ec --- /dev/null +++ b/chaincert.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID5zCCAs+gAwIBAgIUO9jNi5S7OsrfbTaOMKCvr9ycH0YwDQYJKoZIhvcNAQEL +BQAwXjETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkWBnNpbXBs +ZTETMBEGA1UECgwKU2ltcGxlIEluYzEaMBgGA1UEAwwRU2ltcGxlIFNpZ25pbmcg +Q0EwHhcNMjQwNzEwMTIzMzM2WhcNMjYwNzEwMTIzMzM2WjBiMRMwEQYKCZImiZPy +LGQBGRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1w +bGUgSW5jMQ0wCwYDVQQLDARERU1PMQ8wDQYDVQQDDAZzaW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUOtsvzcu/LRccxYuzevdpAGlYkzGBK87L +2fDLKld5M1kp4Dej/+aGICpPj80PP0kXRGj3SGahVu7i0zhRI+GczD95dJ7YsXDw +Uyjljl1QipPYmDjWJ+MjMhQmcxInHh/EMvG1wYyzBo6HzSPKVGneXtiSF6jIlpc7 +nlAyeJOUofyybCWJ2cTEJEOMmsxZEPNVgI1I+l2xIy9oIq4e3beORY55fhCOSeZT +SHb5HAf/c9QbhnEtz2hRMsSH/55TYnfI82Csnss7kZgIKMOuYU6s8AMtPGxqPIWQ +8ZdfLU4K2k5swhCAxJPdE/wR403mVbWJELfDvTTiMVdqZGEctH8LAgMBAAGjgZgw +gZUwDgYDVR0PAQH/BAQDAgWgMAkGA1UdEwQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH +AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSHpjG277ONbnc0Fm9KxTjMxwK9rzAfBgNV +HSMEGDAWgBR2DBFlmcGsPChPaYB2+RwznD9u/DAZBgNVHREEEjAQgg53d3cuc2lt +cGxlLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEAu3ZxQpcxpwZNFWMigb5GIVqJlGOJ +iZI+AtsFbN0vpFC0NBTl0+dsedIcZrxUJk2vmrfa5Oial2jU8hb5MuMjTtGTi407 +s0ehlT40QgDvM4w8q5tDsWBrrWKudI9mavMNXN2fBWml0bx4BMDWHhnS4rTjbXIk +EiCZnTYaG7Q4Fh3DbOFvr95D50a+lxLQyDI7SEQNI6ndhMz0rPIoj4hD+HS96AwS +K7WBsBjOMNnArOMK8ue9cSgY15sK2Qul0Gsp10mNPqVQDYm015UEwzA7GSKFDFEM +AdwP/fQoqP09uu77ML4eBxF2hAmWBemFbEcGNBxwnyVmVCONyvGXbGO0eQ== +-----END CERTIFICATE----- diff --git a/etc/email.conf b/etc/email.conf new file mode 100644 index 0000000..6206353 --- /dev/null +++ b/etc/email.conf @@ -0,0 +1,31 @@ +# Email certificate request + +# This file is used by the openssl req command. Since we cannot know the DN in +# advance the user is prompted for DN information. + +[ req ] +default_bits = 2048 # RSA key size +encrypt_key = yes # Protect private key +default_md = sha256 # MD to use +utf8 = yes # Input is UTF-8 +string_mask = utf8only # Emit UTF-8 strings +prompt = yes # Prompt for DN +distinguished_name = email_dn # DN template +req_extensions = email_reqext # Desired extensions + +[ email_dn ] +0.domainComponent = "1. Domain Component (eg, com) " +1.domainComponent = "2. Domain Component (eg, company) " +2.domainComponent = "3. Domain Component (eg, pki) " +organizationName = "4. Organization Name (eg, company) " +organizationalUnitName = "5. Organizational Unit Name (eg, section) " +commonName = "6. Common Name (eg, full name)" +commonName_max = 64 +emailAddress = "7. Email Address (eg, name@fqdn)" +emailAddress_max = 40 + +[ email_reqext ] +keyUsage = critical,digitalSignature,keyEncipherment +extendedKeyUsage = emailProtection,clientAuth +subjectKeyIdentifier = hash +subjectAltName = email:copy diff --git a/etc/root-ca.conf b/etc/root-ca.conf new file mode 100644 index 0000000..ccb452c --- /dev/null +++ b/etc/root-ca.conf @@ -0,0 +1,102 @@ +# Simple Root CA + +# The [default] section contains global constants that can be referred to from +# the entire configuration file. It may also hold settings pertaining to more +# than one openssl command. + +[ default ] +ca = root-ca # CA name +dir = . # Top dir + +# The next part of the configuration file is used by the openssl req command. +# It defines the CA's key pair, its DN, and the desired extensions for the CA +# certificate. + +[ req ] +default_bits = 2048 # RSA key size +encrypt_key = yes # Protect private key +default_md = sha256 # MD to use +utf8 = yes # Input is UTF-8 +string_mask = utf8only # Emit UTF-8 strings +prompt = no # Don't prompt for DN +distinguished_name = ca_dn # DN section +req_extensions = ca_reqext # Desired extensions + +[ ca_dn ] +0.domainComponent = "org" +1.domainComponent = "simple" +organizationName = "Simple Inc" +commonName = "Simple Root CA" + +[ ca_reqext ] +keyUsage = critical,keyCertSign,cRLSign +basicConstraints = critical,CA:true +subjectKeyIdentifier = hash + +# The remainder of the configuration file is used by the openssl ca command. +# The CA section defines the locations of CA assets, as well as the policies +# applying to the CA. + +[ ca ] +default_ca = root_ca # The default CA section + +[ root_ca ] +certificate = $dir/ca/$ca.crt # The CA cert +private_key = $dir/ca/$ca/private/$ca.key # CA private key +new_certs_dir = $dir/ca/$ca # Certificate archive +serial = $dir/ca/$ca/db/$ca.crt.srl # Serial number file +crlnumber = $dir/ca/$ca/db/$ca.crl.srl # CRL number file +database = $dir/ca/$ca/db/$ca.db # Index file +rand_serial = yes # Use random serial numbers +unique_subject = no # Require unique subject +default_days = 3652 # How long to certify for +default_md = sha256 # MD to use +policy = match_pol # Default naming policy +email_in_dn = no # Add email to cert DN +preserve = no # Keep passed DN ordering +name_opt = multiline,-esc_msb,utf8 # Subject DN display options +cert_opt = ca_default # Certificate display options +copy_extensions = none # Copy extensions from CSR +x509_extensions = signing_ca_ext # Default cert extensions +default_crl_days = 365 # How long before next CRL +crl_extensions = crl_ext # CRL extensions + +# Naming policies control which parts of a DN end up in the certificate and +# under what circumstances certification should be denied. + +[ match_pol ] +domainComponent = match # Must match 'simple.org' +organizationName = match # Must match 'Simple Inc' +organizationalUnitName = optional # Included if present +commonName = supplied # Must be present + +[ any_pol ] +domainComponent = optional +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = optional +emailAddress = optional + +# Certificate extensions define what types of certificates the CA is able to +# create. + +[ root_ca_ext ] +keyUsage = critical,keyCertSign,cRLSign +basicConstraints = critical,CA:true +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always + +[ signing_ca_ext ] +keyUsage = critical,keyCertSign,cRLSign +basicConstraints = critical,CA:true,pathlen:0 +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always + +# CRL extensions exist solely to point to the CA certificate that has issued +# the CRL. + +[ crl_ext ] +authorityKeyIdentifier = keyid:always diff --git a/etc/server.conf b/etc/server.conf new file mode 100644 index 0000000..b35f588 --- /dev/null +++ b/etc/server.conf @@ -0,0 +1,32 @@ +# TLS server certificate request + +# This file is used by the openssl req command. The subjectAltName cannot be +# prompted for and must be specified in the SAN environment variable. + +[ default ] +SAN = DNS:www.example.com # Default SAN + +[ req ] +default_bits = 2048 # RSA key size +encrypt_key = no # Protect private key +default_md = sha256 # MD to use +utf8 = yes # Input is UTF-8 +string_mask = utf8only # Emit UTF-8 strings +prompt = yes # Prompt for DN +distinguished_name = server_dn # DN template +req_extensions = server_reqext # Desired extensions + +[ server_dn ] +0.domainComponent = "1. Domain Component (eg, com) " +1.domainComponent = "2. Domain Component (eg, company) " +2.domainComponent = "3. Domain Component (eg, pki) " +organizationName = "4. Organization Name (eg, company) " +organizationalUnitName = "5. Organizational Unit Name (eg, section) " +commonName = "6. Common Name (eg, FQDN) " +commonName_max = 64 + +[ server_reqext ] +keyUsage = critical,digitalSignature,keyEncipherment +extendedKeyUsage = serverAuth,clientAuth +subjectKeyIdentifier = hash +subjectAltName = $ENV::SAN diff --git a/etc/signing-ca.conf b/etc/signing-ca.conf new file mode 100644 index 0000000..36110b1 --- /dev/null +++ b/etc/signing-ca.conf @@ -0,0 +1,105 @@ +# Simple Signing CA + +# The [default] section contains global constants that can be referred to from +# the entire configuration file. It may also hold settings pertaining to more +# than one openssl command. + +[ default ] +ca = signing-ca # CA name +dir = . # Top dir + +# The next part of the configuration file is used by the openssl req command. +# It defines the CA's key pair, its DN, and the desired extensions for the CA +# certificate. + +[ req ] +default_bits = 2048 # RSA key size +encrypt_key = yes # Protect private key +default_md = sha256 # MD to use +utf8 = yes # Input is UTF-8 +string_mask = utf8only # Emit UTF-8 strings +prompt = no # Don't prompt for DN +distinguished_name = ca_dn # DN section +req_extensions = ca_reqext # Desired extensions + +[ ca_dn ] +0.domainComponent = "org" +1.domainComponent = "simple" +organizationName = "Simple Inc" +commonName = "Simple Signing CA" + +[ ca_reqext ] +keyUsage = critical,keyCertSign,cRLSign +basicConstraints = critical,CA:true,pathlen:0 +subjectKeyIdentifier = hash + +# The remainder of the configuration file is used by the openssl ca command. +# The CA section defines the locations of CA assets, as well as the policies +# applying to the CA. + +[ ca ] +default_ca = signing_ca # The default CA section + +[ signing_ca ] +certificate = $dir/ca/$ca.crt # The CA cert +private_key = $dir/ca/$ca/private/$ca.key # CA private key +new_certs_dir = $dir/ca/$ca # Certificate archive +serial = $dir/ca/$ca/db/$ca.crt.srl # Serial number file +crlnumber = $dir/ca/$ca/db/$ca.crl.srl # CRL number file +database = $dir/ca/$ca/db/$ca.db # Index file +rand_serial = yes # Use random serial numbers +unique_subject = no # Require unique subject +default_days = 730 # How long to certify for +default_md = sha256 # MD to use +policy = match_pol # Default naming policy +email_in_dn = yes # Add email to cert DN +preserve = no # Keep passed DN ordering +name_opt = multiline,-esc_msb,utf8 # Subject DN display options +cert_opt = ca_default # Certificate display options +copy_extensions = copy # Copy extensions from CSR +x509_extensions = email_ext # Default cert extensions +default_crl_days = 7 # How long before next CRL +crl_extensions = crl_ext # CRL extensions + +# Naming policies control which parts of a DN end up in the certificate and +# under what circumstances certification should be denied. + +[ match_pol ] +domainComponent = match # Must match 'simple.org' +organizationName = match # Must match 'Simple Inc' +organizationalUnitName = optional # Included if present +commonName = supplied # Must be present +emailAddress = optional # Included if present + +[ any_pol ] +domainComponent = optional +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = optional +emailAddress = optional + +# Certificate extensions define what types of certificates the CA is able to +# create. + +[ email_ext ] +keyUsage = critical,digitalSignature,keyEncipherment +basicConstraints = CA:false +extendedKeyUsage = emailProtection,clientAuth +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always + +[ server_ext ] +keyUsage = critical,digitalSignature,keyEncipherment +basicConstraints = CA:false +extendedKeyUsage = serverAuth,clientAuth +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always + +# CRL extensions exist solely to point to the CA certificate that has issued +# the CRL. + +[ crl_ext ] +authorityKeyIdentifier = keyid:always