diff --git a/src/main/java/io/vertx/core/net/KeyStoreOptionsBase.java b/src/main/java/io/vertx/core/net/KeyStoreOptionsBase.java index 16907ad8b07..cac345b20de 100644 --- a/src/main/java/io/vertx/core/net/KeyStoreOptionsBase.java +++ b/src/main/java/io/vertx/core/net/KeyStoreOptionsBase.java @@ -15,8 +15,10 @@ import io.vertx.core.buffer.Buffer; import io.vertx.core.impl.VertxInternal; import io.vertx.core.net.impl.KeyStoreHelper; +import io.vertx.core.net.impl.ReloadingKeyStore; import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.KeyStoreBuilderParameters; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509KeyManager; @@ -40,6 +42,8 @@ public abstract class KeyStoreOptionsBase implements KeyCertOptions, TrustOption private Buffer value; private String alias; private String aliasPassword; + private X509KeyManager km; + private KeyStore.Builder builder; /** * Default constructor @@ -189,6 +193,29 @@ KeyStoreHelper getHelper(Vertx vertx) throws Exception { return helper; } + X509KeyManager getKeyManager(Vertx vertx) throws Exception { + if (km == null) { + VertxInternal v = (VertxInternal) vertx; + + if (this.path != null) { + builder = ReloadingKeyStore.Builder.fromKeyStoreFile(v, type, provider, + v.resolveFile(path).getAbsolutePath(), password, alias, aliasPassword); + } else if (this.value != null) { + + KeyStore.ProtectionParameter protection = new KeyStore.PasswordProtection( + password != null ? password.toCharArray() : null); + + builder = KeyStore.Builder + .newInstance(KeyStoreHelper.loadKeyStore(type, provider, password, this::getValue, alias), protection); + } + + KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509"); + kmf.init(new KeyStoreBuilderParameters(builder)); + km = (X509KeyManager) kmf.getKeyManagers()[0]; + } + return km; + } + /** * Load and return a Java keystore. * @@ -196,20 +223,21 @@ KeyStoreHelper getHelper(Vertx vertx) throws Exception { * @return the {@code KeyStore} */ public KeyStore loadKeyStore(Vertx vertx) throws Exception { - KeyStoreHelper helper = getHelper(vertx); - return helper != null ? helper.store() : null; + // Ensure that KeyStore is constructed. + getKeyManager(vertx); + return builder.getKeyStore(); } @Override public KeyManagerFactory getKeyManagerFactory(Vertx vertx) throws Exception { - KeyStoreHelper helper = getHelper(vertx); - return helper != null ? helper.getKeyMgrFactory() : null; + return new KeyManagerFactoryWrapper(getKeyManager(vertx)); } @Override public Function keyManagerMapper(Vertx vertx) throws Exception { - KeyStoreHelper helper = getHelper(vertx); - return helper != null ? helper::getKeyMgr : null; + X509KeyManager km = getKeyManager(vertx); + // Key manager will do SNI lookup and mapping from SNI server name to certificate and key alias. + return serverName -> km; } @Override diff --git a/src/main/java/io/vertx/core/net/PemKeyCertOptions.java b/src/main/java/io/vertx/core/net/PemKeyCertOptions.java index 681010355a0..3665c7c717b 100644 --- a/src/main/java/io/vertx/core/net/PemKeyCertOptions.java +++ b/src/main/java/io/vertx/core/net/PemKeyCertOptions.java @@ -19,13 +19,16 @@ import io.vertx.core.impl.VertxInternal; import io.vertx.core.json.JsonObject; import io.vertx.core.net.impl.KeyStoreHelper; +import io.vertx.core.net.impl.ReloadingKeyStore; import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.KeyStoreBuilderParameters; import javax.net.ssl.X509KeyManager; import java.security.KeyStore; import java.util.ArrayList; import java.util.List; import java.util.function.Function; +import java.util.stream.Collectors; /** * Key store options configuring a list of private key and its certificate based on @@ -97,7 +100,9 @@ @DataObject(generateConverter = true, publicConverter = false) public class PemKeyCertOptions implements KeyCertOptions { - private KeyStoreHelper helper; + private X509KeyManager km; + private KeyStore.Builder builder; + private List keyPaths; private List keyValues; private List certPaths; @@ -390,21 +395,20 @@ public PemKeyCertOptions copy() { return new PemKeyCertOptions(this); } - KeyStoreHelper getHelper(Vertx vertx) throws Exception { - if (helper == null) { - List keys = new ArrayList<>(); - for (String keyPath : keyPaths) { - keys.add(vertx.fileSystem().readFileBlocking(((VertxInternal)vertx).resolveFile(keyPath).getAbsolutePath())); - } - keys.addAll(keyValues); - List certs = new ArrayList<>(); - for (String certPath : certPaths) { - certs.add(vertx.fileSystem().readFileBlocking(((VertxInternal)vertx).resolveFile(certPath).getAbsolutePath())); - } - certs.addAll(certValues); - helper = new KeyStoreHelper(KeyStoreHelper.loadKeyCert(keys, certs), KeyStoreHelper.DUMMY_PASSWORD, null); + X509KeyManager getKeyManager(Vertx vertx) throws Exception { + if (km == null) { + VertxInternal v = (VertxInternal) vertx; + builder = ReloadingKeyStore.Builder.fromPem(v, + certPaths.stream().map(p -> v.resolveFile(p).getAbsolutePath()).collect(Collectors.toList()), + keyPaths.stream().map(p -> v.resolveFile(p).getAbsolutePath()).collect(Collectors.toList()), + certValues, keyValues); + + KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509"); + kmf.init(new KeyStoreBuilderParameters(builder)); + km = (X509KeyManager) kmf.getKeyManagers()[0]; } - return helper; + + return km; } /** @@ -414,19 +418,20 @@ KeyStoreHelper getHelper(Vertx vertx) throws Exception { * @return the {@code KeyStore} */ public KeyStore loadKeyStore(Vertx vertx) throws Exception { - KeyStoreHelper helper = getHelper(vertx); - return helper != null ? helper.store() : null; + // Ensure that KeyStore is constructed. + getKeyManager(vertx); + return builder.getKeyStore(); } @Override public KeyManagerFactory getKeyManagerFactory(Vertx vertx) throws Exception { - KeyStoreHelper helper = getHelper(vertx); - return helper != null ? helper.getKeyMgrFactory() : null; + return new KeyManagerFactoryWrapper(getKeyManager(vertx)); } @Override public Function keyManagerMapper(Vertx vertx) throws Exception { - KeyStoreHelper helper = getHelper(vertx); - return helper != null ? helper::getKeyMgr : null; + X509KeyManager km = getKeyManager(vertx); + // KeyManager will do SNI lookup and mapping from SNI server name to certificate and key alias. + return serverName -> km; } } diff --git a/src/main/java/io/vertx/core/net/impl/DelegatingKeyStoreSpi.java b/src/main/java/io/vertx/core/net/impl/DelegatingKeyStoreSpi.java new file mode 100644 index 00000000000..57d56b33265 --- /dev/null +++ b/src/main/java/io/vertx/core/net/impl/DelegatingKeyStoreSpi.java @@ -0,0 +1,238 @@ +/* +* Copyright (c) 2011-2022 Contributors to the Eclipse Foundation +* +* This program and the accompanying materials are made available under the +* terms of the Eclipse Public License 2.0 which is available at +* http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 +* which is available at https://www.apache.org/licenses/LICENSE-2.0. +* +* SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 +*/ + +package io.vertx.core.net.impl; + +import io.vertx.core.impl.logging.Logger; +import io.vertx.core.impl.logging.LoggerFactory; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.security.Key; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.KeyStoreSpi; +import java.security.NoSuchAlgorithmException; +import java.security.UnrecoverableKeyException; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.time.Duration; +import java.time.Instant; +import java.time.temporal.ChronoUnit; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Date; +import java.util.Enumeration; +import java.util.List; +import java.util.concurrent.atomic.AtomicReference; + +public abstract class DelegatingKeyStoreSpi extends KeyStoreSpi { + + private static final Logger log = LoggerFactory.getLogger(DelegatingKeyStoreSpi.class); + + private AtomicReference delegate = new AtomicReference<>(); + + // Defines how often the delegate keystore should be checked for updates. + private final Duration cacheTtl = Duration.of(1, ChronoUnit.SECONDS); + + // Defines the next time when to check updates. + private Instant cacheExpiredTime = Instant.MIN; + + + /** + * Reloads the delegate KeyStore if the underlying files have changed on disk. + */ + abstract void refresh() throws Exception; + + + /** + * Calls {@link #refresh()} to refresh the cached KeyStore and if more than {@link #cacheTtl} has passed since last + * refresh. + */ + private void refreshCachedKeyStore() { + // Return if not enough time has passed for the delegate KeyStore to be refreshed. + if (Instant.now().isBefore(cacheExpiredTime)) { + return; + } + + // Set the time when refresh should be checked next. + cacheExpiredTime = Instant.now().plus(cacheTtl); + + try { + refresh(); + } catch (Exception e) { + log.debug("Failed to refresh: " + e); + } + } + + void setKeyStoreDelegate(KeyStore delegate) { + this.delegate.set(new Delegate(delegate)); + } + + @Override + public Key engineGetKey(String alias, char[] password) throws NoSuchAlgorithmException, UnrecoverableKeyException { + refreshCachedKeyStore(); + try { + return delegate.get().keyStore.getKey(alias, password); + } catch (KeyStoreException e) { + log.info("getKey: " + e); + return null; + } + } + + @Override + public Certificate[] engineGetCertificateChain(String alias) { + refreshCachedKeyStore(); + try { + return delegate.get().keyStore.getCertificateChain(alias); + } catch (KeyStoreException e) { + log.info("getCertificateChain: " + e); + return new Certificate[0]; + } + } + + @Override + public Certificate engineGetCertificate(String alias) { + refreshCachedKeyStore(); + try { + return delegate.get().keyStore.getCertificate(alias); + } catch (KeyStoreException e) { + log.info("getCertificate: " + e); + return null; + } + } + + @Override + public Date engineGetCreationDate(String alias) { + refreshCachedKeyStore(); + try { + return delegate.get().keyStore.getCreationDate(alias); + } catch (KeyStoreException e) { + log.info("getCreationDate: " + e); + return null; + } + } + + @Override + public Enumeration engineAliases() { + refreshCachedKeyStore(); + return Collections.enumeration(new ArrayList<>(delegate.get().sortedAliases)); + } + + @Override + public boolean engineContainsAlias(String alias) { + refreshCachedKeyStore(); + try { + return delegate.get().keyStore.containsAlias(alias); + } catch (KeyStoreException e) { + log.info("containsAlias: " + e); + return false; + } + } + + @Override + public int engineSize() { + refreshCachedKeyStore(); + try { + return delegate.get().keyStore.size(); + } catch (KeyStoreException e) { + log.info("size: " + e); + return 0; + } + } + + @Override + public boolean engineIsKeyEntry(String alias) { + refreshCachedKeyStore(); + try { + return delegate.get().keyStore.isKeyEntry(alias); + } catch (KeyStoreException e) { + log.info("isKeyEntry: " + e); + return false; + } + } + + @Override + public boolean engineIsCertificateEntry(String alias) { + refreshCachedKeyStore(); + try { + return delegate.get().keyStore.isCertificateEntry(alias); + } catch (KeyStoreException e) { + log.info("isCertificateEntry: " + e); + return false; + } + } + + @Override + public String engineGetCertificateAlias(Certificate cert) { + refreshCachedKeyStore(); + try { + return delegate.get().keyStore.getCertificateAlias(cert); + } catch (KeyStoreException e) { + log.info("getCertificateAlias: " + e); + return null; + } + } + + @Override + public void engineLoad(InputStream stream, char[] password) + throws IOException, NoSuchAlgorithmException, CertificateException { + // Nothing to do here since implementations of this class have their own means to load certificates and keys. + } + + private static final String IMMUTABLE_KEYSTORE_ERR = "Modifying keystore is not supported"; + + @Override + public void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain) throws KeyStoreException { + throw new UnsupportedOperationException(IMMUTABLE_KEYSTORE_ERR); + } + + @Override + public void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain) throws KeyStoreException { + throw new UnsupportedOperationException(IMMUTABLE_KEYSTORE_ERR); + } + + @Override + public void engineSetCertificateEntry(String alias, Certificate cert) throws KeyStoreException { + throw new UnsupportedOperationException(IMMUTABLE_KEYSTORE_ERR); + } + + @Override + public void engineDeleteEntry(String alias) throws KeyStoreException { + throw new UnsupportedOperationException(IMMUTABLE_KEYSTORE_ERR); + } + + @Override + public void engineStore(OutputStream stream, char[] password) + throws IOException, NoSuchAlgorithmException, CertificateException { + throw new UnsupportedOperationException(IMMUTABLE_KEYSTORE_ERR); + } + + class Delegate { + KeyStore keyStore; + List sortedAliases; + + Delegate(KeyStore ks) { + this.keyStore = ks; + + try { + sortedAliases = Collections.list(ks.aliases()); + Collections.sort(sortedAliases); + Collections.reverse(sortedAliases); + } catch (KeyStoreException e) { + // Ignore exception. + log.info("Failed getting aliases" + e); + } + } + } + +} diff --git a/src/main/java/io/vertx/core/net/impl/KeyStoreFileSpi.java b/src/main/java/io/vertx/core/net/impl/KeyStoreFileSpi.java new file mode 100644 index 00000000000..2593decbea7 --- /dev/null +++ b/src/main/java/io/vertx/core/net/impl/KeyStoreFileSpi.java @@ -0,0 +1,70 @@ +/* +* Copyright (c) 2011-2022 Contributors to the Eclipse Foundation +* +* This program and the accompanying materials are made available under the +* terms of the Eclipse Public License 2.0 which is available at +* http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 +* which is available at https://www.apache.org/licenses/LICENSE-2.0. +* +* SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 +*/ + +package io.vertx.core.net.impl; + +import io.vertx.core.impl.logging.Logger; +import io.vertx.core.impl.logging.LoggerFactory; + +import java.nio.file.Files; +import java.nio.file.Paths; +import java.nio.file.attribute.FileTime; +import java.util.function.Supplier; + +import io.vertx.core.VertxException; +import io.vertx.core.buffer.Buffer; +import io.vertx.core.impl.VertxInternal; + +public class KeyStoreFileSpi extends DelegatingKeyStoreSpi { + + private static final Logger log = LoggerFactory.getLogger(KeyStoreFileSpi.class); + + private final VertxInternal vertx; + private final String type; + private final String provider; + private final String path; + private final String password; + private final String alias; + private FileTime lastModified; + + public KeyStoreFileSpi(VertxInternal vertx, String type, String provider, String path, String password, String alias) throws Exception { + if (password == null) { + throw new VertxException("Password must not be null"); + } + + this.vertx = vertx; + this.type = type; + this.provider = provider; + this.path = path; + this.password = password; + this.alias = alias; + + refresh(); + } + + /** + * Reload keystore if it was modified on disk since it was last loaded. + */ + void refresh() throws Exception { + // If keystore has been previously loaded, check the modification timestamp to decide if reload is needed. + if ((lastModified != null) && (lastModified.compareTo(Files.getLastModifiedTime(Paths.get(path))) > 0)) { + // File was not modified since last reload: do nothing. + return; + } + + // Load keystore from disk. + Supplier value; + value = () -> vertx.fileSystem().readFileBlocking(path); + setKeyStoreDelegate(KeyStoreHelper.loadKeyStore(type, provider, password, value, alias)); + this.lastModified = Files.getLastModifiedTime(Paths.get(path)); + } + +} diff --git a/src/main/java/io/vertx/core/net/impl/KeyStoreHelper.java b/src/main/java/io/vertx/core/net/impl/KeyStoreHelper.java index 77c7d411ea9..3c44ea7e5cc 100644 --- a/src/main/java/io/vertx/core/net/impl/KeyStoreHelper.java +++ b/src/main/java/io/vertx/core/net/impl/KeyStoreHelper.java @@ -25,6 +25,7 @@ import java.io.InputStream; import java.net.Socket; import java.security.*; +import java.security.KeyStore.ProtectionParameter; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; diff --git a/src/main/java/io/vertx/core/net/impl/PemFileKeyStoreSpi.java b/src/main/java/io/vertx/core/net/impl/PemFileKeyStoreSpi.java new file mode 100644 index 00000000000..e26d2ea421e --- /dev/null +++ b/src/main/java/io/vertx/core/net/impl/PemFileKeyStoreSpi.java @@ -0,0 +1,130 @@ +/* +* Copyright (c) 2011-2022 Contributors to the Eclipse Foundation +* +* This program and the accompanying materials are made available under the +* terms of the Eclipse Public License 2.0 which is available at +* http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 +* which is available at https://www.apache.org/licenses/LICENSE-2.0. +* +* SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 +*/ + +package io.vertx.core.net.impl; + +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Paths; +import java.nio.file.attribute.FileTime; +import java.security.KeyStore; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import io.vertx.core.VertxException; +import io.vertx.core.buffer.Buffer; +import io.vertx.core.impl.VertxInternal; +import io.vertx.core.impl.logging.Logger; +import io.vertx.core.impl.logging.LoggerFactory; + +public class PemFileKeyStoreSpi extends DelegatingKeyStoreSpi { + + private static final Logger log = LoggerFactory.getLogger(PemFileKeyStoreSpi.class); + + private final VertxInternal vertx; + private final List fileCredentials = new ArrayList<>(); // Certificates and keys given as paths. + private final List certValues; + private final List keyValues; + + public PemFileKeyStoreSpi(VertxInternal vertx, List certPaths, List keyPaths, + List certValues, List keyValues) throws Exception { + + if ((keyPaths.size() < certPaths.size()) || (keyValues.size() < certValues.size())) { + throw new VertxException("Missing private key"); + } else if ((keyPaths.size() > certPaths.size()) || (keyValues.size() > certValues.size())) { + throw new VertxException("Missing X.509 certificate"); + } else if (keyPaths.isEmpty() && keyValues.isEmpty()) { + throw new VertxException("No credentials configured"); + } + + this.vertx = vertx; + this.certValues = certValues; + this.keyValues = keyValues; + + // Load credentials that were passed as file paths. + Iterator cpi = certPaths.iterator(); + Iterator kpi = keyPaths.iterator(); + while (cpi.hasNext() && kpi.hasNext()) { + fileCredentials.add(new FileCredential(cpi.next(), kpi.next())); + } + + setKeyStoreDelegate(createKeyStore()); + } + + /** + * Reload certificate and key PEM files if they were modified on disk since they were last loaded. + */ + void refresh() throws Exception { + boolean wasReloaded = false; + int i = 0; + for (FileCredential fc : fileCredentials) { + try { + if (fc.needsReload()) { + fileCredentials.set(i, new FileCredential(fc.certPath, fc.keyPath)); + wasReloaded = true; + } + } catch (Exception e) { + log.error("Failed to load: " + e); + } + i++; + } + + // Re-generate KeyStore. + if (wasReloaded) { + setKeyStoreDelegate(createKeyStore()); + } + } + + /** + * Create KeyStore that contains the certificates and keys that were passed by paths and by values. + */ + KeyStore createKeyStore() throws Exception { + List certs = new ArrayList<>(certValues); + List keys = new ArrayList<>(keyValues); + + fileCredentials.stream().forEach(fc -> { + certs.add(fc.certValue); + keys.add(fc.keyValue); + }); + + return KeyStoreHelper.loadKeyCert(keys, certs); + } + + /** + * Holds the content of certificate and key files and their modification timestamps. + */ + class FileCredential { + private final String certPath; + private final String keyPath; + private final FileTime certLastModified; + private final FileTime keyLastModified; + Buffer certValue; + Buffer keyValue; + + FileCredential(String certPath, String keyPath) throws Exception { + this.certPath = certPath; + this.keyPath = keyPath; + + certValue = vertx.fileSystem().readFileBlocking(certPath); + keyValue = vertx.fileSystem().readFileBlocking(keyPath); + + this.certLastModified = Files.getLastModifiedTime(Paths.get(certPath)); + this.keyLastModified = Files.getLastModifiedTime(Paths.get(keyPath)); + } + + boolean needsReload() throws IOException { + return (certLastModified.compareTo(Files.getLastModifiedTime(Paths.get(certPath))) < 0) || + (keyLastModified.compareTo(Files.getLastModifiedTime(Paths.get(keyPath))) < 0); + } + } + +} diff --git a/src/main/java/io/vertx/core/net/impl/ReloadingKeyStore.java b/src/main/java/io/vertx/core/net/impl/ReloadingKeyStore.java new file mode 100644 index 00000000000..e6c824fe4ac --- /dev/null +++ b/src/main/java/io/vertx/core/net/impl/ReloadingKeyStore.java @@ -0,0 +1,97 @@ +/* +* Copyright (c) 2011-2022 Contributors to the Eclipse Foundation +* +* This program and the accompanying materials are made available under the +* terms of the Eclipse Public License 2.0 which is available at +* http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 +* which is available at https://www.apache.org/licenses/LICENSE-2.0. +* +* SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 +*/ + +package io.vertx.core.net.impl; + +import java.io.IOException; +import java.security.KeyStore; +import java.security.KeyStoreSpi; +import java.security.NoSuchAlgorithmException; +import java.security.Provider; +import java.security.cert.CertificateException; +import java.util.List; +import java.util.Objects; + +import io.vertx.core.buffer.Buffer; +import io.vertx.core.impl.VertxInternal; + +/** + * KeyStore that can reload itself when the backing files are modified. + */ +public class ReloadingKeyStore extends KeyStore { + + protected ReloadingKeyStore(KeyStoreSpi keyStoreSpi, Provider provider, String type) + throws NoSuchAlgorithmException, CertificateException, IOException { + super(keyStoreSpi, provider, type); + + // Calling load(), even with null arguments, will initialize the KeyStore to expected state. + load(null, null); + } + + /** + * Builder implementation for reloading keystores. + */ + public static class Builder extends KeyStore.Builder { + + private final KeyStore keyStore; + private final ProtectionParameter protection; + + private final String alias; + private final ProtectionParameter aliasProtection; + + private Builder(KeyStore keyStore, String password, String alias, String keyAliasPassword) { + this.keyStore = keyStore; + this.protection = password != null ? new PasswordProtection(password.toCharArray()) : null; + this.alias = alias; + this.aliasProtection = keyAliasPassword != null ? new PasswordProtection(keyAliasPassword.toCharArray()) : null; + } + + @Override + public KeyStore getKeyStore() { + return keyStore; + } + + @Override + public ProtectionParameter getProtectionParameter(String newSunAlias) { + Objects.requireNonNull(newSunAlias); + + // Parse plain alias from NewSunS509 KeyManager prefixed alias. + // https://github.com/openjdk/jdk/blob/6e55a72f25f7273e3a8a19e0b9a97669b84808e9/src/java.base/share/classes/sun/security/ssl/X509KeyManagerImpl.java#L237-L265 + int firstDot = newSunAlias.indexOf('.'); + int secondDot = newSunAlias.indexOf('.', firstDot + 1); + if ((firstDot == -1) || (secondDot == firstDot)) { + // Invalid alias. + return protection; + } + String requestedAlias = newSunAlias.substring(secondDot + 1); + if (requestedAlias.equals(alias) && aliasProtection != null) { + return aliasProtection; + } + return protection; + } + + public static Builder fromKeyStoreFile(VertxInternal vertx, String type, String provider, String path, String password, + String alias, String aliasPassword) throws Exception { + return new Builder(new ReloadingKeyStore( + new KeyStoreFileSpi(vertx, type, provider, path, password, alias), null, "ReloadingKeyStore"), + password, alias, aliasPassword); + } + + public static Builder fromPem(VertxInternal vertx, List certPaths, List keyPaths, + List certValues, List keyValues) throws Exception { + return new Builder(new ReloadingKeyStore( + new PemFileKeyStoreSpi(vertx, certPaths, keyPaths, certValues, keyValues), null, "ReloadingKeyStore"), + KeyStoreHelper.DUMMY_PASSWORD, null, null); + } + + } + +} diff --git a/src/main/java/io/vertx/core/net/impl/SSLHelper.java b/src/main/java/io/vertx/core/net/impl/SSLHelper.java index bdb8f6cd433..7902ba4f2e2 100755 --- a/src/main/java/io/vertx/core/net/impl/SSLHelper.java +++ b/src/main/java/io/vertx/core/net/impl/SSLHelper.java @@ -471,34 +471,16 @@ public SslContext getContext(VertxInternal vertx, String serverName) { public SslContext getContext(VertxInternal vertx, String serverName, boolean useAlpn) { int idx = useAlpn ? 0 : 1; - if (serverName == null) { - if (sslContexts[idx] == null) { - TrustManagerFactory trustMgrFactory; - try { - trustMgrFactory = getTrustMgrFactory(vertx, null); - } catch (Exception e) { - throw new VertxException(e); - } - sslContexts[idx] = createContext(vertx, useAlpn, null, trustMgrFactory); - } - return sslContexts[idx]; - } else { - X509KeyManager mgr; - try { - mgr = keyCertOptions.keyManagerMapper(vertx).apply(serverName); - } catch (Exception e) { - throw new RuntimeException(e); - } - if (mgr == null) { - return sslContexts[idx]; - } + if (sslContexts[idx] == null) { + TrustManagerFactory trustMgrFactory; try { - TrustManagerFactory trustMgrFactory = getTrustMgrFactory(vertx, serverName); - return sslContextMaps[idx].computeIfAbsent(mgr.getCertificateChain(null)[0], s -> createContext(vertx, useAlpn, mgr, trustMgrFactory)); + trustMgrFactory = getTrustMgrFactory(vertx, serverName); } catch (Exception e) { throw new VertxException(e); } + sslContexts[idx] = createContext(vertx, useAlpn, null, trustMgrFactory); } + return sslContexts[idx]; } // This is called to validate some of the SSL params as that only happens when the context is created diff --git a/src/test/java/io/vertx/core/http/HttpTLSTest.java b/src/test/java/io/vertx/core/http/HttpTLSTest.java index 6e1f63e1cff..812d2d0cfd9 100755 --- a/src/test/java/io/vertx/core/http/HttpTLSTest.java +++ b/src/test/java/io/vertx/core/http/HttpTLSTest.java @@ -466,22 +466,30 @@ public void testSNITrustPEM() throws Exception { } @Test - // Client provides SNI but server ignores it and provides a different cerficate + // Client provides SNI when server option setSni(false). + // Server still processes SNI and returns correct certificate. + // NOTE: It is not possible to disable SNI support in NewSunX509 KeyManager. The impact is following: + // - CORRECT server certificate is returned according to requested SNI, even if server option setSni(false). + // - Previously, before switching to SNI handling in NewSunX509 KeyManager, INCORRECT certificate was returned. public void testSNIServerIgnoresExtension1() throws Exception { testTLS(Cert.NONE, Trust.SNI_JKS_HOST2, Cert.SNI_JKS, Trust.NONE) .requestOptions(new RequestOptions().setSsl(true).setPort(4043).setHost("host2.com")) - .fail(); + .pass(); } @Test - // Client provides SNI but server ignores it and provides a different cerficate - check we get a certificate + // Client provides SNI when server option setSni(false). + // Server still processes SNI and returns correct certificate. + // NOTE: It is not possible to disable SNI support in NewSunX509 KeyManager. The impact is following: + // - CORRECT server certificate is returned according to requested SNI, even if server option setSni(false). + // - Previously, before switching to SNI handling in NewSunX509 KeyManager, INCORRECT certificate was returned. public void testSNIServerIgnoresExtension2() throws Exception { - Certificate cert = testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SNI_JKS, Trust.NONE) + Certificate cert = testTLS(Cert.NONE, Trust.SNI_JKS_HOST2, Cert.SNI_JKS, Trust.NONE) .clientVerifyHost(false) .requestOptions(new RequestOptions().setSsl(true).setPort(4043).setHost("host2.com")) .pass() .clientPeerCert(); - assertEquals("localhost", TestUtils.cnOf(cert)); + assertEquals("host2.com", TestUtils.cnOf(cert)); } @Test @@ -655,25 +663,31 @@ public void testSNISubjectAltenativeNameCNMatch1PEM() throws Exception { } @Test + // Client sets SNI servername to host5.com. + // Server certificate has Subject CN=host5.com but SAN DNS *.host5.com. + // Default server certificate CN=localhost is returned because host5.com did not *.host5.com. public void testSNISubjectAltenativeNameCNMatch2() throws Exception { - Certificate cert = testTLS(Cert.NONE, Trust.SNI_JKS_HOST5, Cert.SNI_JKS, Trust.NONE) + Certificate cert = testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SNI_JKS, Trust.NONE) .serverSni() .clientVerifyHost(false) .requestOptions(new RequestOptions().setSsl(true).setPort(4043).setHost("host5.com")) .pass() .clientPeerCert(); - assertEquals("host5.com", TestUtils.cnOf(cert)); + assertEquals("localhost", TestUtils.cnOf(cert)); } @Test + // Client sets SNI servername to host5.com. + // Server certificate has Subject CN=host5.com but SAN DNS *.host5.com. + // Default server certificate CN=localhost is returned because host5.com did not *.host5.com. public void testSNISubjectAltenativeNameCNMatch2PKCS12() throws Exception { - Certificate cert = testTLS(Cert.NONE, Trust.SNI_JKS_HOST5, Cert.SNI_PKCS12, Trust.NONE) + Certificate cert = testTLS(Cert.NONE, Trust.SERVER_JKS, Cert.SNI_PKCS12, Trust.NONE) .serverSni() .clientVerifyHost(false) .requestOptions(new RequestOptions().setSsl(true).setPort(4043).setHost("host5.com")) .pass() .clientPeerCert(); - assertEquals("host5.com", TestUtils.cnOf(cert)); + assertEquals("localhost", TestUtils.cnOf(cert)); } @Test @@ -790,13 +804,15 @@ public void testSNIWithServerNameTrustFallbackFail() throws Exception { } @Test + // Server requires client certificate which is issued by either Root CA or Other CA. + // Client provides certificate issued by Root CA. public void testSNIWithServerNameTrustFail() throws Exception { testTLS(Cert.CLIENT_PEM_ROOT_CA, Trust.SNI_JKS_HOST2, Cert.SNI_JKS, Trust.SNI_SERVER_ROOT_CA_AND_OTHER_CA_2).serverSni() .requestOptions(new RequestOptions().setSsl(true) .setPort(4043) .setHost("host2.com")) .requiresClientAuth() - .fail(); + .pass(); } @Test @@ -1321,13 +1337,7 @@ public void testPKCS12InvalidPath() { @Test public void testPKCS12MissingPassword() { - String msg; - if (PlatformDependent.javaVersion() < 15) { - msg = "Get Key failed: null"; - } else { - msg = "Get Key failed: Cannot read the array length because \"password\" is null"; - } - testInvalidKeyStore(Cert.SERVER_PKCS12.get().setPassword(null), msg, null); + testInvalidKeyStore(Cert.SERVER_PKCS12.get().setPassword(null), "Password must not be null", null); } @Test diff --git a/src/test/java/io/vertx/core/net/KeyStoreHelperTest.java b/src/test/java/io/vertx/core/net/KeyStoreHelperTest.java index c7ac4612b83..e720f7c79a5 100644 --- a/src/test/java/io/vertx/core/net/KeyStoreHelperTest.java +++ b/src/test/java/io/vertx/core/net/KeyStoreHelperTest.java @@ -18,11 +18,14 @@ import java.security.KeyFactory; import java.security.KeyStore; import java.security.KeyStoreException; +import java.security.PrivateKey; import java.security.cert.X509Certificate; import java.security.interfaces.ECPrivateKey; import java.security.interfaces.RSAPrivateKey; import java.util.Enumeration; +import javax.net.ssl.X509KeyManager; + import io.vertx.core.net.impl.KeyStoreHelper; import io.vertx.test.core.VertxTestBase; import org.junit.Assume; @@ -49,8 +52,7 @@ public void testKeyStoreHelperSupportsRSAPrivateKeys() throws Exception { PemKeyCertOptions options = new PemKeyCertOptions() .addKeyPath("target/test-classes/tls/server-key.pem") .addCertPath("target/test-classes/tls/server-cert.pem"); - KeyStoreHelper helper = options.getHelper(vertx); - assertKeyType(helper.store(), RSAPrivateKey.class); + assertKeyType(options.loadKeyStore(vertx), RSAPrivateKey.class); } /** @@ -66,8 +68,7 @@ public void testKeyStoreHelperSupportsECPrivateKeys() throws Exception { PemKeyCertOptions options = new PemKeyCertOptions() .addKeyPath("target/test-classes/tls/server-key-ec.pem") .addCertPath("target/test-classes/tls/server-cert-ec.pem"); - KeyStoreHelper helper = options.getHelper(vertx); - assertKeyType(helper.store(), ECPrivateKey.class); + assertKeyType(options.loadKeyStore(vertx), ECPrivateKey.class); } private void assertKeyType(KeyStore store, Class expectedKeyType) throws KeyStoreException, GeneralSecurityException { diff --git a/src/test/java/io/vertx/core/net/KeyStoreTest.java b/src/test/java/io/vertx/core/net/KeyStoreTest.java index c8265143e0a..7f82629dc7b 100644 --- a/src/test/java/io/vertx/core/net/KeyStoreTest.java +++ b/src/test/java/io/vertx/core/net/KeyStoreTest.java @@ -23,7 +23,10 @@ import org.junit.Test; import javax.net.ssl.KeyManager; +import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.TrustManager; +import javax.net.ssl.X509KeyManager; + import java.security.KeyStore; import java.util.Arrays; import java.util.Collections; @@ -350,7 +353,7 @@ public void testCopyTrustOptions() throws Exception { @Test public void testJKSPath() throws Exception { - testKeyStore(Cert.SERVER_JKS.get().getHelper(vertx)); + testKeyStoreOptions(Cert.SERVER_JKS.get()); } @Test @@ -358,7 +361,7 @@ public void testJKSValue() throws Exception { JksOptions options = Cert.SERVER_JKS.get(); Buffer store = vertx.fileSystem().readFileBlocking(options.getPath()); options.setPath(null).setValue(store); - testKeyStore(options.getHelper(vertx)); + testKeyStoreOptions(options); } @Test @@ -373,12 +376,12 @@ public void testKeyStoreValue() throws Exception { .setPath(null) .setValue(store) .setPassword(jks.getPassword()); - testKeyStore(options.getHelper(vertx)); + testKeyStoreOptions(options); } @Test public void testPKCS12Path() throws Exception { - testKeyStore(Cert.SERVER_PKCS12.get().getHelper(vertx)); + testKeyStoreOptions(Cert.SERVER_PKCS12.get()); } @Test @@ -386,12 +389,12 @@ public void testPKCS12Value() throws Exception { PfxOptions options = Cert.SERVER_PKCS12.get(); Buffer store = vertx.fileSystem().readFileBlocking(options.getPath()); options.setPath(null).setValue(store); - testKeyStore(options.getHelper(vertx)); + testKeyStoreOptions(options); } @Test public void testKeyCertPath() throws Exception { - testKeyStore(Cert.SERVER_PEM.get().getHelper(vertx)); + testPemKeyCertOptions(Cert.SERVER_PEM.get()); } /** @@ -400,7 +403,7 @@ public void testKeyCertPath() throws Exception { */ @Test public void testRsaKeyCertPath() throws Exception { - testKeyStore(Cert.SERVER_PEM_RSA.get().getHelper(vertx)); + testPemKeyCertOptions(Cert.SERVER_PEM_RSA.get()); } @Test @@ -410,7 +413,7 @@ public void testKeyCertValue() throws Exception { options.setKeyValue(null).setKeyValue(key); Buffer cert = vertx.fileSystem().readFileBlocking(options.getCertPath()); options.setCertValue(null).setCertValue(cert); - testKeyStore(options.getHelper(vertx)); + testPemKeyCertOptions(options); } @Test @@ -455,6 +458,20 @@ private void testKeyStore(KeyStoreHelper helper) throws Exception { assertTrue(keyManagers.length > 0); } + private void testPemKeyCertOptions(PemKeyCertOptions options) throws Exception { + Enumeration aliases = options.loadKeyStore(vertx).aliases(); + assertTrue(aliases.hasMoreElements()); + KeyManager[] keyManagers = options.getKeyManagerFactory(vertx).getKeyManagers(); + assertTrue(keyManagers.length > 0); + } + + private void testKeyStoreOptions(KeyStoreOptionsBase options) throws Exception { + Enumeration aliases = options.loadKeyStore(vertx).aliases(); + assertTrue(aliases.hasMoreElements()); + KeyManager[] keyManagers = options.getKeyManagerFactory(vertx).getKeyManagers(); + assertTrue(keyManagers.length > 0); + } + private void testTrustStore(KeyStoreHelper helper) throws Exception { TrustManager[] keyManagers = helper.getTrustMgrs((VertxInternal) vertx); assertTrue(keyManagers.length > 0); diff --git a/src/test/java/io/vertx/core/net/NetTest.java b/src/test/java/io/vertx/core/net/NetTest.java index fda0976f20c..ab9a4c4b380 100755 --- a/src/test/java/io/vertx/core/net/NetTest.java +++ b/src/test/java/io/vertx/core/net/NetTest.java @@ -1569,6 +1569,8 @@ public void testSniWithServerNameTrustFallbackFail(){ } @Test + // Server requires client certificate which is issued by either Root CA or Other CA. + // Client provides certificate issued by Root CA. public void testSniWithServerNameTrustFail(){ TLSTest test = new TLSTest().clientTrust(Trust.SNI_JKS_HOST2) .clientCert(Cert.CLIENT_PEM_ROOT_CA) @@ -1577,7 +1579,7 @@ public void testSniWithServerNameTrustFail(){ .sni(true) .serverName("host2.com") .serverTrust(Trust.SNI_SERVER_ROOT_CA_AND_OTHER_CA_2); - test.run(false); + test.run(true); await(); } diff --git a/src/test/resources/tls/client-cert-other-ca-chain.pem b/src/test/resources/tls/client-cert-other-ca-chain.pem index 0470959fa02..9e42d2c20ab 100644 --- a/src/test/resources/tls/client-cert-other-ca-chain.pem +++ b/src/test/resources/tls/client-cert-other-ca-chain.pem @@ -1,34 +1,35 @@ -----BEGIN CERTIFICATE----- -MIICmDCCAYACAQIwDQYJKoZIhvcNAQELBQAwEzERMA8GA1UEAwwIT3RoZXIgQ0Ew -HhcNMTgwNTI2MTEzNjUyWhcNMjgwNTIzMTEzNjUyWjARMQ8wDQYDVQQDEwZjbGll -bnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVmCecLdUZU917hweV -z4JqvZ9vZEi1rH+BG98HYfRR/h3QaobxPImZu3hzKHZ+MPbm94HunLPAVA9yZhvZ -MToNfOuD4TUPBPloBuNzwBfZk2O4CaXeG4ailVWUfm5t/l+RD/55zYKuhw1/Vl9l -cOryF2XAmPQ2F1gwEKK7wt1Ak8zw8/yeYgBv1/F+ibCMvR6FVj9ABBEfTM+oOs4o -y51otUv0h63GqYgXMJyLX7q+AGWdC3srwwLQROtkzi7y00g/YryXUoIqdXEI7CrN -L35rZXcZ5LfGRwFX9evX11PpT3OShYlsJBcFE9KMatRoIWd6xUKlxTk0yLjoOUE2 -tsMJAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAFxse/X+Els3PWMTHrC5LXfFTCL3 -Hq2/ffnz9gXzp6476voCgpT8imOOnv/svesQPb2xfl0DWMh4D1jZU2vJIIqaZfkm -9K0eMT6lzFcB9601tcikXtzf7xKbZXGow3PyUDVtrYCmgkA9UT+8BMd3v0rvInuC -r1F1u9DCvUcN4fMUPLoFN2i9VsnqixWdBV75fnECA4HA7XjYXpbsI5uwIQtrr+kj -xIhzpfkHZLqzDq9770Za+WBkpxfkq4b1EQmCNqJfSI5kpkhvJHbXkwMrN2pUrWKZ -0xmt/ERlNaRCWEbRS6WcY2kyN/6TnvL7hjPOpIafmdPB0Izp65rM+0pYmPQ= +MIICmjCCAYICAQIwDQYJKoZIhvcNAQELBQAwEzERMA8GA1UEAwwIT3RoZXIgQ0Ew +IBcNMjIwNTI3MTcwNjExWhgPMjA1MjA1MTkxNzA2MTFaMBExDzANBgNVBAMTBmNs +aWVudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMhVf8Oz1GRt+Wju ++k0WkrVVf9noLaZRjLnt/WrwT2dzrr1AZN50wcJ8vJZtP41Jpswci/UwFec+o542 +yU2SLMTxAqbuPVuY55WvAPTRzo5SdIQaOqHdSwbkgagIkFOSD795xqkefFZ1m/R7 +aNwcTUxFGWFCDhYt98GRdstxGiNhVYO4JstlLY/9eDZx9MVfT5xShHNnre7dQMW0 +x4EXRR/r04KJgFr6qlcLzw+REj9Wz3Xlh8MQJqPe0JnKDd8o3z63rkOaBeEVCX4F +gAcvirDkKCg+1g8iLvXBD5tNn3F1JhQ+Nx8B8Hi01f8JUZMGOXOIL6qn9+Ct4Zev +Ko8zBV0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAnPaERwr1oqICKb+rGcbN5Vua +FsEFq/To4T1Jdn7K3Buyc56paR5K7MBNb90BXkoRiYxR6utgU5d27T1cgmgjc7u3 +41/xl9vXwhrgLP4SAD3bRRULqnpdQ/imiqXobo8eKou0thqx1zFKBWiYaxiEx8BV +HWbPa7+J/IeyoOHmm9CCMzStdgc6/6GLI/Jr7qDUycVy8kJW8u+PrHE9NTwf8s7B +aK5aTgJnTvbfmpPgcTmdR8gT7YabNYCtj1rMb9PcaI7jguIcyfVNsJBPdrbyZGE2 +QR/mS7NlF0sAjNkIJEHCOn0YW0SX+fEYMl8dObvqNq2fVzF4zahPpyUOPJSMEA== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIC/DCCAeSgAwIBAgIJAJDFe23gf0pwMA0GCSqGSIb3DQEBCwUAMBMxETAPBgNV -BAMMCE90aGVyIENBMB4XDTE4MDUyNjExMzY1MloXDTE4MDYyNTExMzY1MlowEzER -MA8GA1UEAwwIT3RoZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQDu83z3Z2yKLNbhrqG6Zjl8QHdDVH1bSXi9zl4mDhJP5Ha31WYMm0WtFUbrhArS -dy/ZAj7Zx1o3yDA6l0yELVtsqriHs9y6rq4cZB8aqZ423pzSfUrKUh1xijsVNBGZ -NVRUTkpRA28q+1q27+fuOuNuGXnTXWIC8VvARGqE39bPALWK94GEIudBFh+E50kr -MdBPaLdhR7hnkGqEpIm0MUqvBj0JC9pT8pnYZSzpWUTzHrts/e0oUYg/n2xdtF/v -JNciyPw3awiXUrSepj1pnEY/DJH8GVmtmaGnptDwnec41Er65tcRqD3I6P/kh5QM -zMVchTMRHGwAXldzKNAmiu2pAgMBAAGjUzBRMB0GA1UdDgQWBBT6372kBOogJIix -pBzyuAy6Baht5TAfBgNVHSMEGDAWgBT6372kBOogJIixpBzyuAy6Baht5TAPBgNV -HRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA+LsUAQq7BujladIOFZEjR -qEVXdqTXARU5p3Vzw6ydfgtruk4Zb/pyYK43X44O6KBHQoa2jJaSE7su6jrarrxi -ZhyySPjIvK9nyAPzEFlUXxcGMTVGE+lanXWEGsDe6ub+68EGzLpO3U9w0io4gKUE -U6N/VIctsO5es5qLYTu1O3COKnu+CUquqvX8m27Ko6EXg/+P14Gne5Dl839Psqh4 -ceHhegH3i/UgYqB02ZpohuIwClTo+W2aR1ENdBM+l2eOtcXCQ/ABjFRHcNOS50r/ -GJUB+J9fn/NT0m9EqkID1ccdjNT1QjBEv1aDlclioRozjjeMZPRlUPMC47sFZGS/ +MIIDCTCCAfGgAwIBAgIUXcKRK63PeoPunOPyPKq6xo3CxyEwDQYJKoZIhvcNAQEL +BQAwEzERMA8GA1UEAwwIT3RoZXIgQ0EwIBcNMjIwNTI3MTcwNjEwWhgPMjA1MjA1 +MTkxNzA2MTBaMBMxETAPBgNVBAMMCE90aGVyIENBMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAs29di8fcwaZkUSORRvuDOYUnqnfksEFP8gUzVVWTFxEo +YdeXkB4uUL81DOKD5Yti5F0gjMioapNfN/0cQc1GcI5tE04mTgdaDaJSbwkhW5ge +9FeYwlmQuYRf2Kl6oIPYv7/+4JCcXF9BioKVJw2nH2jWM5IhvKj2s8Z19T1QPK16 +gFR+E7JhFsPRC6TvcxunKkHHkYR/QEKGXRcv/hhJGfMuJXj9qO0XSIP+LyD6uJf1 +ylyhrYEyBJif0r7EWds4qvvOHy6D7ItQIQk3A3iU8QcG/k/vZ+xGNczhJprrRvcC +OdCqjCUX8XurJS6L96CVc8B6HNMgzeyUuH1fJJVclQIDAQABo1MwUTAdBgNVHQ4E +FgQU9W8gOHNTlHu9nYNsSjf8iMBF3pswHwYDVR0jBBgwFoAU9W8gOHNTlHu9nYNs +Sjf8iMBF3pswDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAnxEZ +5ib0otUZQgKHlSIucXPvzWG4tVCSiN1z8rUPuzkK5V9IRo//nsioD3R9Hhwuv+Ak ++ZDkV4m/FQMt0ZmepUnnBANTC4P3cS9v7Rvm4rBtMJ3HJ4SEHgs+x0dmKLJguVgk +ncMgJZ52qJmjBcZrDtV48GQpH2EbJCLCltJ1r0UsA9+QhnUHDh1ysJ8QgMUL6fRh +NU81T5/sm1l8h+K8ZoSdGMUvKqvJlW/cZ7+7Rs6Y+RqRJ/FEA30N8q8yr0jDMmak +V8DBhrSBaLFGvNRhCTj6PJYLmdUHt55mrteGMz+nWWHlTdjGlL1gvfw+7aMBM/b8 +ZpSG1toE9ADK8cV4Mg== -----END CERTIFICATE----- diff --git a/src/test/resources/tls/client-cert-other-ca.pem b/src/test/resources/tls/client-cert-other-ca.pem index 19229ac79e2..a39327dfb6f 100644 --- a/src/test/resources/tls/client-cert-other-ca.pem +++ b/src/test/resources/tls/client-cert-other-ca.pem @@ -1,16 +1,16 @@ -----BEGIN CERTIFICATE----- -MIICmDCCAYACAQIwDQYJKoZIhvcNAQELBQAwEzERMA8GA1UEAwwIT3RoZXIgQ0Ew -HhcNMTgwNTI2MTEzNjUyWhcNMjgwNTIzMTEzNjUyWjARMQ8wDQYDVQQDEwZjbGll -bnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVmCecLdUZU917hweV -z4JqvZ9vZEi1rH+BG98HYfRR/h3QaobxPImZu3hzKHZ+MPbm94HunLPAVA9yZhvZ -MToNfOuD4TUPBPloBuNzwBfZk2O4CaXeG4ailVWUfm5t/l+RD/55zYKuhw1/Vl9l -cOryF2XAmPQ2F1gwEKK7wt1Ak8zw8/yeYgBv1/F+ibCMvR6FVj9ABBEfTM+oOs4o -y51otUv0h63GqYgXMJyLX7q+AGWdC3srwwLQROtkzi7y00g/YryXUoIqdXEI7CrN -L35rZXcZ5LfGRwFX9evX11PpT3OShYlsJBcFE9KMatRoIWd6xUKlxTk0yLjoOUE2 -tsMJAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAFxse/X+Els3PWMTHrC5LXfFTCL3 -Hq2/ffnz9gXzp6476voCgpT8imOOnv/svesQPb2xfl0DWMh4D1jZU2vJIIqaZfkm -9K0eMT6lzFcB9601tcikXtzf7xKbZXGow3PyUDVtrYCmgkA9UT+8BMd3v0rvInuC -r1F1u9DCvUcN4fMUPLoFN2i9VsnqixWdBV75fnECA4HA7XjYXpbsI5uwIQtrr+kj -xIhzpfkHZLqzDq9770Za+WBkpxfkq4b1EQmCNqJfSI5kpkhvJHbXkwMrN2pUrWKZ -0xmt/ERlNaRCWEbRS6WcY2kyN/6TnvL7hjPOpIafmdPB0Izp65rM+0pYmPQ= +MIICmjCCAYICAQIwDQYJKoZIhvcNAQELBQAwEzERMA8GA1UEAwwIT3RoZXIgQ0Ew +IBcNMjIwNTI3MTcwNjExWhgPMjA1MjA1MTkxNzA2MTFaMBExDzANBgNVBAMTBmNs +aWVudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMhVf8Oz1GRt+Wju ++k0WkrVVf9noLaZRjLnt/WrwT2dzrr1AZN50wcJ8vJZtP41Jpswci/UwFec+o542 +yU2SLMTxAqbuPVuY55WvAPTRzo5SdIQaOqHdSwbkgagIkFOSD795xqkefFZ1m/R7 +aNwcTUxFGWFCDhYt98GRdstxGiNhVYO4JstlLY/9eDZx9MVfT5xShHNnre7dQMW0 +x4EXRR/r04KJgFr6qlcLzw+REj9Wz3Xlh8MQJqPe0JnKDd8o3z63rkOaBeEVCX4F +gAcvirDkKCg+1g8iLvXBD5tNn3F1JhQ+Nx8B8Hi01f8JUZMGOXOIL6qn9+Ct4Zev +Ko8zBV0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAnPaERwr1oqICKb+rGcbN5Vua +FsEFq/To4T1Jdn7K3Buyc56paR5K7MBNb90BXkoRiYxR6utgU5d27T1cgmgjc7u3 +41/xl9vXwhrgLP4SAD3bRRULqnpdQ/imiqXobo8eKou0thqx1zFKBWiYaxiEx8BV +HWbPa7+J/IeyoOHmm9CCMzStdgc6/6GLI/Jr7qDUycVy8kJW8u+PrHE9NTwf8s7B +aK5aTgJnTvbfmpPgcTmdR8gT7YabNYCtj1rMb9PcaI7jguIcyfVNsJBPdrbyZGE2 +QR/mS7NlF0sAjNkIJEHCOn0YW0SX+fEYMl8dObvqNq2fVzF4zahPpyUOPJSMEA== -----END CERTIFICATE----- diff --git a/src/test/resources/tls/client-cert-root-ca-chain.pem b/src/test/resources/tls/client-cert-root-ca-chain.pem index b9900c1a056..ba555dc317c 100644 --- a/src/test/resources/tls/client-cert-root-ca-chain.pem +++ b/src/test/resources/tls/client-cert-root-ca-chain.pem @@ -1,34 +1,35 @@ -----BEGIN CERTIFICATE----- -MIIClzCCAX8CAQMwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHUm9vdCBDQTAe -Fw0xODA1MjYxMTM2NTJaFw0yODA1MjMxMTM2NTJaMBExDzANBgNVBAMTBmNsaWVu -dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANWYJ5wt1RlT3XuHB5XP -gmq9n29kSLWsf4Eb3wdh9FH+HdBqhvE8iZm7eHModn4w9ub3ge6cs8BUD3JmG9kx -Og1864PhNQ8E+WgG43PAF9mTY7gJpd4bhqKVVZR+bm3+X5EP/nnNgq6HDX9WX2Vw -6vIXZcCY9DYXWDAQorvC3UCTzPDz/J5iAG/X8X6JsIy9HoVWP0AEER9Mz6g6zijL -nWi1S/SHrcapiBcwnItfur4AZZ0LeyvDAtBE62TOLvLTSD9ivJdSgip1cQjsKs0v -fmtldxnkt8ZHAVf169fXU+lPc5KFiWwkFwUT0oxq1GghZ3rFQqXFOTTIuOg5QTa2 -wwkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAPjmNIKpEVAAJAsL3WwZtMcxHgHV5 -vNf8wF/6iI5a/B6dELDAuykFV4kDht1/8cIudjHSvaG3cIgTOE+2HNwjinVyZ+gz -KTvncmmwD7j/6rBJBLHTsUp5i2LFlKeoepRmyiO59iQxKe2l2cQmDIOZEEh39WdF -9Unnl3S00DTYsGUwRVMzHvRJxN1D1ZiyHeFbLOtE5qtU6zg1Gf4+miusYA1mRgND -V59KOEzmu3opKxwOArEJai9WzcnTdtdUb9EyRu9Q9FapAf5mUnifGM2RaiCeFR+L -7famHrcgSyLyHe4G/G+HdsIu4Qw7MuC7jI5SzWT9qgH5wJrtqnTpWbXjzg== +MIICmTCCAYECAQMwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHUm9vdCBDQTAg +Fw0yMjA1MjcxNzA2MTBaGA8yMDUyMDUxOTE3MDYxMFowETEPMA0GA1UEAxMGY2xp +ZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFV/w7PUZG35aO76 +TRaStVV/2egtplGMue39avBPZ3OuvUBk3nTBwny8lm0/jUmmzByL9TAV5z6jnjbJ +TZIsxPECpu49W5jnla8A9NHOjlJ0hBo6od1LBuSBqAiQU5IPv3nGqR58VnWb9Hto +3BxNTEUZYUIOFi33wZF2y3EaI2FVg7gmy2Utj/14NnH0xV9PnFKEc2et7t1AxbTH +gRdFH+vTgomAWvqqVwvPD5ESP1bPdeWHwxAmo97QmcoN3yjfPreuQ5oF4RUJfgWA +By+KsOQoKD7WDyIu9cEPm02fcXUmFD43HwHweLTV/wlRkwY5c4gvqqf34K3hl68q +jzMFXQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBHdw9mxwSGWLmyqfkgF/NU24Gw +oOxc86aQH0eK0xlzWc8qmnu3yRD++5aTgWqVgw9onFJPNNcyg5PDwkwuEPlhWqeJ +fzdvm/gmfYWHiN4MiXAKmq6BtgjChgFtsY16gBfoKD2I6rt68sDLMoBe3QXCCFtV +sefjghLTA6SuTp2R7p1+o2NG2fGviaWcFa7MD93xikIqHyOTeCWvWrotiNUA+k6k +EEYUuKHtdAPFKXzYP25seQ1cy+k4CUv3qvLDxF5d60TXwOqDoxgyDD0uZ+yEZhWi +dfppIQdwdAC8V/cg+d8X9zSkZqnEvXVb0/OBDC2uUYg6yW5bD1u8GHEQlv+D -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIC+jCCAeKgAwIBAgIJAOxhhPR74/wHMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV -BAMMB1Jvb3QgQ0EwHhcNMTgwNTI2MTEzNjUwWhcNMTgwNjI1MTEzNjUwWjASMRAw -DgYDVQQDDAdSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -s5Oz+eujQUU38nQazQ4tkaeOQFTYW4qZOZwpqbX0l7x9WT4bdMAAo4ikGetYQVWt -EIMdHNztkAcJg0A/y6u3c4Dv/KJPgvOdUVcwR9WJl6UvVfePcRb58cnOCkSiYDKC -3fK+A7jsIwbW0/saYutJkwnECTw33Ye3KdCBB9CrJgL7rKTwjGt9M9eSS3EcTDSV -+hRYRjJz/2j0xOKEguEha//o+EjfffUiCvZydC70MjR4a2uBaMzXu1iogfJ7oNMf -KSF5ghdLK5yC4Jl+fKppr+5JOJkMU5Ru9kudDML9DfLS5mwnjZ7IIAib7NnSZCby -ksYMu1/IMZ5sjRnKbF5niQIDAQABo1MwUTAdBgNVHQ4EFgQUbfwfFcpF8j/FSy3c -mCq4ihUHc6EwHwYDVR0jBBgwFoAUbfwfFcpF8j/FSy3cmCq4ihUHc6EwDwYDVR0T -AQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAESk2UfrXhitiRK5fugH+od8F -JJfiiq8LeuxR7/fegSfVOhvOAROpYSQHNseDs3SEsin1DBrYQUHt1aJY5miCxo+v -uXZGgLgUozZc1lBqYXC09cLCf/en1saXFjlkoWgj/C00EKZyYG1B+cQPj5yZuK9e -qvymF81v8h40N/r9Ho/JZh5jg8BPjKMzkD69swTo96U83FzoQIP3yrayB+MCkSpU -j7bbO4qguPs4eFZJEaqrvDwNpAzdQXY2Aj0dwyCr8c6BLUyJL0R9aSPmQpfYS/it -ycsjAnoP9/YB2sTKoaeTE43GGjKpC/MkEiS85It/2ByeRVuy35KsLtGQJGsAAQ== +MIIDBzCCAe+gAwIBAgIUZgSDfKmpQRSFd3mrOI9dsmGVs+0wDQYJKoZIhvcNAQEL +BQAwEjEQMA4GA1UEAwwHUm9vdCBDQTAgFw0yMjA1MjcxNzA2MDZaGA8yMDUyMDUx +OTE3MDYwNlowEjEQMA4GA1UEAwwHUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBANS3bXUGArs/o3elaMg2fHHgfnYvBySbzj0lfD/N0TnE4JSx +au6cP77TVbBaODCIeqgkPocKVJvAr4IvU/M09Cl/dHLrXUplpZFGVg8czypRo3kX +viH/g5L/BDkOwxBDoD/467LFDQ9KPLfXeol2XC50Syqthsp2+4/P3RMr79HsXAHO +KXLYlghSfJ3R/I1eWX5nfwp5oJysxBS2CRjdlbVfklCIaMR9wVd4TwN2bi3lcTgW +ZufVJrF2oclXILFu3vFW+guth9tz/+fwv6G6g1Or0SdtzYy33hM2BmEb6oRcoCMU +jWaJqdEWXiD2k4x29dCiXJcOpP2skIk4+InCnM8CAwEAAaNTMFEwHQYDVR0OBBYE +FMrGK+4yRA+wMZCzJA7HrXH+/faSMB8GA1UdIwQYMBaAFMrGK+4yRA+wMZCzJA7H +rXH+/faSMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBABbQC80G +qwAX427hir2yU8GayN8mJ4NsNmVXF9eUvYmLRspiLU9FkFGsxqklH+ub5TDXUol2 +q8j0/+7r/SFXG/DHDSOYQD6ngsRps9eG2mAShkgs0M1wsGlvQpPiFUSouYxgPx7v +R/VVv+YZIHXfxSOhZxOcXiJfheLY3RdDtodDNu/scNVS5wgZuzM5qyiBHrFTmVlP +L6ctd7yzQ1ktcUboFJsL88JUgOGr3a+LXwayDxvh0WLDps8HAzPo/Jz8emUpKi4O +tuy4G4jW3eHqN9HHHWOv/bOHJVUSaAfBPyo1DtwpXqSr6HBHzMm0yFecPIRHXMUT +8RQtEBN3//e05KA= -----END CERTIFICATE----- diff --git a/src/test/resources/tls/client-cert-root-ca.pem b/src/test/resources/tls/client-cert-root-ca.pem index f4cd592185c..90f8f1ca5ee 100644 --- a/src/test/resources/tls/client-cert-root-ca.pem +++ b/src/test/resources/tls/client-cert-root-ca.pem @@ -1,16 +1,16 @@ -----BEGIN CERTIFICATE----- -MIIClzCCAX8CAQMwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHUm9vdCBDQTAe -Fw0xODA1MjYxMTM2NTJaFw0yODA1MjMxMTM2NTJaMBExDzANBgNVBAMTBmNsaWVu -dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANWYJ5wt1RlT3XuHB5XP -gmq9n29kSLWsf4Eb3wdh9FH+HdBqhvE8iZm7eHModn4w9ub3ge6cs8BUD3JmG9kx -Og1864PhNQ8E+WgG43PAF9mTY7gJpd4bhqKVVZR+bm3+X5EP/nnNgq6HDX9WX2Vw -6vIXZcCY9DYXWDAQorvC3UCTzPDz/J5iAG/X8X6JsIy9HoVWP0AEER9Mz6g6zijL -nWi1S/SHrcapiBcwnItfur4AZZ0LeyvDAtBE62TOLvLTSD9ivJdSgip1cQjsKs0v -fmtldxnkt8ZHAVf169fXU+lPc5KFiWwkFwUT0oxq1GghZ3rFQqXFOTTIuOg5QTa2 -wwkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAPjmNIKpEVAAJAsL3WwZtMcxHgHV5 -vNf8wF/6iI5a/B6dELDAuykFV4kDht1/8cIudjHSvaG3cIgTOE+2HNwjinVyZ+gz -KTvncmmwD7j/6rBJBLHTsUp5i2LFlKeoepRmyiO59iQxKe2l2cQmDIOZEEh39WdF -9Unnl3S00DTYsGUwRVMzHvRJxN1D1ZiyHeFbLOtE5qtU6zg1Gf4+miusYA1mRgND -V59KOEzmu3opKxwOArEJai9WzcnTdtdUb9EyRu9Q9FapAf5mUnifGM2RaiCeFR+L -7famHrcgSyLyHe4G/G+HdsIu4Qw7MuC7jI5SzWT9qgH5wJrtqnTpWbXjzg== +MIICmTCCAYECAQMwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHUm9vdCBDQTAg +Fw0yMjA1MjcxNzA2MTBaGA8yMDUyMDUxOTE3MDYxMFowETEPMA0GA1UEAxMGY2xp +ZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFV/w7PUZG35aO76 +TRaStVV/2egtplGMue39avBPZ3OuvUBk3nTBwny8lm0/jUmmzByL9TAV5z6jnjbJ +TZIsxPECpu49W5jnla8A9NHOjlJ0hBo6od1LBuSBqAiQU5IPv3nGqR58VnWb9Hto +3BxNTEUZYUIOFi33wZF2y3EaI2FVg7gmy2Utj/14NnH0xV9PnFKEc2et7t1AxbTH +gRdFH+vTgomAWvqqVwvPD5ESP1bPdeWHwxAmo97QmcoN3yjfPreuQ5oF4RUJfgWA +By+KsOQoKD7WDyIu9cEPm02fcXUmFD43HwHweLTV/wlRkwY5c4gvqqf34K3hl68q +jzMFXQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBHdw9mxwSGWLmyqfkgF/NU24Gw +oOxc86aQH0eK0xlzWc8qmnu3yRD++5aTgWqVgw9onFJPNNcyg5PDwkwuEPlhWqeJ +fzdvm/gmfYWHiN4MiXAKmq6BtgjChgFtsY16gBfoKD2I6rt68sDLMoBe3QXCCFtV +sefjghLTA6SuTp2R7p1+o2NG2fGviaWcFa7MD93xikIqHyOTeCWvWrotiNUA+k6k +EEYUuKHtdAPFKXzYP25seQ1cy+k4CUv3qvLDxF5d60TXwOqDoxgyDD0uZ+yEZhWi +dfppIQdwdAC8V/cg+d8X9zSkZqnEvXVb0/OBDC2uUYg6yW5bD1u8GHEQlv+D -----END CERTIFICATE----- diff --git a/src/test/resources/tls/client-cert.pem b/src/test/resources/tls/client-cert.pem index b23f18d2fce..57c30fd1cc3 100644 --- a/src/test/resources/tls/client-cert.pem +++ b/src/test/resources/tls/client-cert.pem @@ -1,22 +1,24 @@ Bag Attributes friendlyName: test-store - localKeyID: 54 69 6D 65 20 31 35 32 37 33 33 34 36 31 31 35 34 32 -subject=/CN=client -issuer=/CN=client + localKeyID: 54 69 6D 65 20 31 36 35 33 36 37 31 31 36 39 34 32 33 +subject=CN = client + +issuer=CN = client + -----BEGIN CERTIFICATE----- -MIICwTCCAamgAwIBAgIEBeVm4jANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZj -bGllbnQwHhcNMTgwNTI2MTEzNjUxWhcNMjEwNTI1MTEzNjUxWjARMQ8wDQYDVQQD -EwZjbGllbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVmCecLdUZ -U917hweVz4JqvZ9vZEi1rH+BG98HYfRR/h3QaobxPImZu3hzKHZ+MPbm94HunLPA -VA9yZhvZMToNfOuD4TUPBPloBuNzwBfZk2O4CaXeG4ailVWUfm5t/l+RD/55zYKu -hw1/Vl9lcOryF2XAmPQ2F1gwEKK7wt1Ak8zw8/yeYgBv1/F+ibCMvR6FVj9ABBEf -TM+oOs4oy51otUv0h63GqYgXMJyLX7q+AGWdC3srwwLQROtkzi7y00g/YryXUoIq -dXEI7CrNL35rZXcZ5LfGRwFX9evX11PpT3OShYlsJBcFE9KMatRoIWd6xUKlxTk0 -yLjoOUE2tsMJAgMBAAGjITAfMB0GA1UdDgQWBBQ6xJBQsJCJdj/u0iTLYYD2qQsB -DDANBgkqhkiG9w0BAQsFAAOCAQEAfoquV375+eAGmfnlLxB30v9VhsFckrxFVpYs -XXC6h2G8MtXLpIEpgJo+4SZ4YjNwf/8m9J5j/duU8RukYanyzJdgkFFqKDBYCX7U -SD1nQP7729KnQgxtbR/+i3zkNgo7FATdkLq+HOxklNOEE24Ldenya39bsG779B9n -Sskcbq++7rMM+onDYBv6PbUKCm6nfqPspq809CLxSaUJg9+9ykut6hiyke/i7GEP -XIZHrM+mEvG00ES/zBIdV6TE0AIBP7q2MN7ylT509Ko9sUBMOZdEzikYp5GaRdiv -zG9q6rqK5COK614BwJFOD1DKV1BoDFsgugvfvm/mrc3QfIUPDA== +MIICwzCCAaugAwIBAgIEfKqa5zANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZj +bGllbnQwIBcNMjIwNTI3MTcwNjA4WhgPMjA1MjA1MTkxNzA2MDhaMBExDzANBgNV +BAMTBmNsaWVudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMhVf8Oz +1GRt+Wju+k0WkrVVf9noLaZRjLnt/WrwT2dzrr1AZN50wcJ8vJZtP41Jpswci/Uw +Fec+o542yU2SLMTxAqbuPVuY55WvAPTRzo5SdIQaOqHdSwbkgagIkFOSD795xqke +fFZ1m/R7aNwcTUxFGWFCDhYt98GRdstxGiNhVYO4JstlLY/9eDZx9MVfT5xShHNn +re7dQMW0x4EXRR/r04KJgFr6qlcLzw+REj9Wz3Xlh8MQJqPe0JnKDd8o3z63rkOa +BeEVCX4FgAcvirDkKCg+1g8iLvXBD5tNn3F1JhQ+Nx8B8Hi01f8JUZMGOXOIL6qn +9+Ct4ZevKo8zBV0CAwEAAaMhMB8wHQYDVR0OBBYEFHWaqoMijJh75d030md6qPt2 +u+RkMA0GCSqGSIb3DQEBCwUAA4IBAQCleDwVyvRRE/S5cS9oaJmztLZlpiig8ePt +au3SfBE0d8l9kEw6AyZ3Tx4glbCtkmnCMGqMtsb2pIXjKp8JBPtPyDYpH6G4Ih24 +DB1u35bRbVCnuByYnsXmr/ITKTWki05LGsyDbErDANYXKbWVbDdkSwpcv4IrOFBQ +XNxkaTxuJfYgMzPW5dwvdxgJg88jnxVGN6zIHnCBrSXLsaiTrBihyqq2gA23gNii +0twiSci2RGwFYA9s9UpG4J/q+eJrEV/2kE25RRu6nxsjuqRsAKtEyMlZY0cjmVgh +jy8niPAr7eW7kk7NDUCU6kfD3TJiUkCsKeJqXRVe+fRNpZ6wsbVw -----END CERTIFICATE----- diff --git a/src/test/resources/tls/client-csr.pem b/src/test/resources/tls/client-csr.pem index 37d4d67ae77..c373ec011c4 100644 --- a/src/test/resources/tls/client-csr.pem +++ b/src/test/resources/tls/client-csr.pem @@ -1,16 +1,16 @@ -----BEGIN NEW CERTIFICATE REQUEST----- MIIChjCCAW4CAQAwETEPMA0GA1UEAxMGY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEA1ZgnnC3VGVPde4cHlc+Car2fb2RItax/gRvfB2H0Uf4d -0GqG8TyJmbt4cyh2fjD25veB7pyzwFQPcmYb2TE6DXzrg+E1DwT5aAbjc8AX2ZNj -uAml3huGopVVlH5ubf5fkQ/+ec2CrocNf1ZfZXDq8hdlwJj0NhdYMBCiu8LdQJPM -8PP8nmIAb9fxfomwjL0ehVY/QAQRH0zPqDrOKMudaLVL9IetxqmIFzCci1+6vgBl -nQt7K8MC0ETrZM4u8tNIP2K8l1KCKnVxCOwqzS9+a2V3GeS3xkcBV/Xr19dT6U9z -koWJbCQXBRPSjGrUaCFnesVCpcU5NMi46DlBNrbDCQIDAQABoDAwLgYJKoZIhvcN -AQkOMSEwHzAdBgNVHQ4EFgQUOsSQULCQiXY/7tIky2GA9qkLAQwwDQYJKoZIhvcN -AQELBQADggEBAHlLbcTh2779pkD4+t5fX434xfhOta2I3xUbW1ajCawa4cdEGJHH -cfkrvK8iSoclpmezkLdCc/Cvxgm+4uxuWAQnGuZtI9QMyn5/zbSBMddh0vmO5tQW -s7cIA+LK/U2S3OAwa9hzc7V0ydRyQ69WPvpIjagxWY5G1t1a4cqTz0ZuCkq223NS -g7cpvyPaiI9M5wKM+ssg9gzpNlaaTF560ibBjUARmETJsH6QZduVDm/heGhtekFs -9jrHEgQx+7U5F0hHEywhrEA7tOdseWAzBw2ubSxuQ1La7aXIK7c0kLhiCp1z1dQz -l7b9MlTsYOH1rTCwIudp6Jx5JjquPlVC9t0= +AAOCAQ8AMIIBCgKCAQEAyFV/w7PUZG35aO76TRaStVV/2egtplGMue39avBPZ3Ou +vUBk3nTBwny8lm0/jUmmzByL9TAV5z6jnjbJTZIsxPECpu49W5jnla8A9NHOjlJ0 +hBo6od1LBuSBqAiQU5IPv3nGqR58VnWb9Hto3BxNTEUZYUIOFi33wZF2y3EaI2FV +g7gmy2Utj/14NnH0xV9PnFKEc2et7t1AxbTHgRdFH+vTgomAWvqqVwvPD5ESP1bP +deWHwxAmo97QmcoN3yjfPreuQ5oF4RUJfgWABy+KsOQoKD7WDyIu9cEPm02fcXUm +FD43HwHweLTV/wlRkwY5c4gvqqf34K3hl68qjzMFXQIDAQABoDAwLgYJKoZIhvcN +AQkOMSEwHzAdBgNVHQ4EFgQUdZqqgyKMmHvl3TfSZ3qo+3a75GQwDQYJKoZIhvcN +AQELBQADggEBAByDhXki7r8BRJSbmSf6YVPa34fmHkfMpyKL1XkbNJTNTcxB4M+I +84Jm8ueoN2z6YlMvHgcs/wp+RkXXOCrPqZRJr+PCp3Fyu6Y+wy8wCgdnryjbV/2a +8cwgGzH6tNyImoPwnZzrLZF+BpXI8ZznzUpS2ORjTg5OMMbJdKfdJRsTuzaJmRFk +SnfswtQRgz26zSJAlR5Up0V7klGPdDHCN2h+kcWOspeJpAxzKr20At3qZ4GtpWMy +KqsX22eRleDV9ZHPWPhl4lOWjBDCv7e+6jkau9PKeSSPjCffTUrxW7UscTzSEz5G +/NJ/0WmnZrTN9r4YXtLM1YIXuZI71AoIHa0= -----END NEW CERTIFICATE REQUEST----- diff --git a/src/test/resources/tls/client-key.pem b/src/test/resources/tls/client-key.pem index 0401deb14f2..09bdf7aca41 100644 --- a/src/test/resources/tls/client-key.pem +++ b/src/test/resources/tls/client-key.pem @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDVmCecLdUZU917 -hweVz4JqvZ9vZEi1rH+BG98HYfRR/h3QaobxPImZu3hzKHZ+MPbm94HunLPAVA9y -ZhvZMToNfOuD4TUPBPloBuNzwBfZk2O4CaXeG4ailVWUfm5t/l+RD/55zYKuhw1/ -Vl9lcOryF2XAmPQ2F1gwEKK7wt1Ak8zw8/yeYgBv1/F+ibCMvR6FVj9ABBEfTM+o -Os4oy51otUv0h63GqYgXMJyLX7q+AGWdC3srwwLQROtkzi7y00g/YryXUoIqdXEI -7CrNL35rZXcZ5LfGRwFX9evX11PpT3OShYlsJBcFE9KMatRoIWd6xUKlxTk0yLjo -OUE2tsMJAgMBAAECggEAdewZAjqzidYpU0eLQoRcBj5GRaNiGRrxEgCnM1Y7IwFe -yG/nrEu11DASIdHXCXhS99Tx4SCWhLpkBM6m1VQ+LrAm/ppZRr+CSpJzBLaq9C5R -QYviDSu5Ow2jP+ZFZWiorlfcMLbrTRu2sfSnmkOrEpkkTh6jxTFCONcWYP8GU93D -YCA3hSH0li7CueS+GYJ1JB2Cd7buu+tOhl36AhBD96miExlgNn0YGpTJJ3I0Hb+O -lKIIQy+KK8f9TXrSeZC3OYlTtJaIr9ejspTXxIYN11EIit5MFEwnnkCglcsePjsx -qeOFRumJ5Nj5H8qyCNZ5MtzwbLkyktJzlumvnyr+AQKBgQDv/QfGKZJFeoCEWpoj -f+078JxSYyPVNXxbbr2NuN/V79hJBol87ukycz2CZkDCubIKfubc50eXDmhWCp4p -aJgl6BMhnovftYrIrGWJLwqXnwFwsKJSrJJqHlHDJDRGfUSQEWNclNeaB3Mr8W46 -Zcaadeikstvka9xKA1LOCG3oIQKBgQDj2FFOxZK27KhY/9Oz1dUsPtAYYbLOor/P -Rbne3jICQStH3dnUEmWKIKrdYV1u2saw5djn3ujwB0xEXydRvRgiSF0qxYjbm9CG -TJaiHhTsQDjWkYMZaxk3gc7Yfh8DHF0wlvWpu1wMXNsCJ6jxqW2e+jSRioZICPK6 -McWWmArd6QKBgDWjoHEyKXdOAhuTBJCarzOOe+IONpwY8EqfXc6nW6A9k2H/DAvY -elbEWyMiJ6deSeT+qCsHpoCkv707ck5fCmKulFgXT7wYn4Rqw+b9lKh+6Zt+X0mL -OM5vKGctWGHI7eIlgMfYnLfYom1X8QMsbE9puy3UrEFJulrwkzlpuOcBAoGAVRNV -sNsXIFSXu7uyueizU3UU0LXSRVQB2QxJDg3bkHnzBj+xcX15Cq2N/2G2uIjaPf1l -E5dpVQ70jGcXUG8SDuMEXs8pfg7dOvhoGpqu51RHpN7qm9ggr1g5+x6Ex+2UYmtL -yZfbFAasBE74x1ujQgRdEqct4sHsmFezVrro+9kCgYEAgl70mKk9yK/f7515OaO0 -Y39tgVzpAG6RN1NKnY6NR5VNNemZx5jhKfk5byaYxX4XBjygD0sQ5KTpaZmoQIIX -FxuwhLRRMn6vtsEf1HexJAtRd82aL5wKS62l0AXG/CVLAygn4aSSqLrgTyFFVUR3 -cASPpPIdZaKZG6q4Hmcpl58= +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDIVX/Ds9Rkbflo +7vpNFpK1VX/Z6C2mUYy57f1q8E9nc669QGTedMHCfLyWbT+NSabMHIv1MBXnPqOe +NslNkizE8QKm7j1bmOeVrwD00c6OUnSEGjqh3UsG5IGoCJBTkg+/ecapHnxWdZv0 +e2jcHE1MRRlhQg4WLffBkXbLcRojYVWDuCbLZS2P/Xg2cfTFX0+cUoRzZ63u3UDF +tMeBF0Uf69OCiYBa+qpXC88PkRI/Vs915YfDECaj3tCZyg3fKN8+t65DmgXhFQl+ +BYAHL4qw5CgoPtYPIi71wQ+bTZ9xdSYUPjcfAfB4tNX/CVGTBjlziC+qp/fgreGX +ryqPMwVdAgMBAAECggEBAKrie6SVHgQ45voCd9IQAj7Z2sAm0+G+SFtFTdjNef4V +6KUYa7JyR+E9g6SRNhewDq6nXx9b0CM8BFduBlK78KJhr1BzgjVC/bBp4lfzK82t +OiSBNyhhWqFbg9mwzGPtAK/lEXerQIaDte9a4bx4C9uWSarzrI5w0Zj1Gy84oAIy +fjdl2mAFYBWO9NTgvOKkKGXkWor0fxi/OrD/aMxXifv8EvUS7SpFVgok8ah1aKx8 +UrW7xUXnhm6h4WTHeYFlsrHFaxUrypJVJbPPO1E+3ACvoKiplpRZKL2XIVPduV3T +0OQ81+WCy73DlWZ84xlwPgBbc+meOPiyFlK3gi72JgUCgYEA9NXV9J9tOS+UU6WP +8pDZ8JasQiTSVlqzH0Mv07kwFxroK8KVYMYQyDdNdgJtk5+h/CkMIam9aaZT38TD +QbBZHzIdZH6RXhpo3aWA9MqM6E42s+8lPvPsM0+7ZWV+3W+vTCQE7xjiPX3XN+ib +xh86XDxcSmmlnKEONs4E2eOzT08CgYEA0Xgpq/OGRqwvaeOaEDiJcSpO8T3gr6OF +sqIhVXNbevR8snuwikHKlPpW4yPdn0QZ0Cm/B+TQBf+Y8b63bUMwUb+kNS2b0aKr +v/Ofj8Em6svgVpkLrCdATx4gKCgHMoh0ohC6sYa0W5blkjVbCELleEr2HUEuvv3x +ELBHMNPVFZMCgYAPPgDD6ejy1nN1gakkgMAQqlCvDXvKxHrCR3yCwdSsm5A4qTSD +gdEppce8wQnxVs7O0/9dWSPhn+k41RcSz9e8iXIq/3YtVZeRtOwCUVnUXIorSYgY +EzdxOlWASoFLZ9iR9OwZtoLfMSZk5KZN/0Oy2k8kks8soRoxb0H+Dp7rIQKBgQC4 +uxVdHP5Nc2q5Is1rAsFLePl3zY9KtpahTFTDbGHAFL+oFGdD9vO24PQhiy7XV5LA +PyDG0GcY8yoqAHz5sih5393sPBXQEnsPZMZSXBB7P2PQW1as80zGuZW4dFyslyTt +DH3pNBf5MiGyCLYImh6PMOTONf8I1yFzC1MtX5PrWwKBgHT2Zn7ScAfKb5g20WrP +SGcKQVjeWucvBrVGlRNkaOX+QxX+QymTjLpkBPUUozr52uz5dxf2iMQ6++QEFD7F +RZQgQ6MTXUkamyYrf0ziJjEOrTS6B89zmxEtLXQuDKNu0JwmpiWWb3ZAuYqvCLfw +vZXdUVOZ3QGOxwWTf9PnoJfR -----END PRIVATE KEY----- diff --git a/src/test/resources/tls/client-keystore-other-ca.jks b/src/test/resources/tls/client-keystore-other-ca.jks index 89547a57b05..72c6bdf2bb9 100644 Binary files a/src/test/resources/tls/client-keystore-other-ca.jks and b/src/test/resources/tls/client-keystore-other-ca.jks differ diff --git a/src/test/resources/tls/client-keystore-other-ca.p12 b/src/test/resources/tls/client-keystore-other-ca.p12 index 67af2b80adb..1044cd3f54d 100644 Binary files a/src/test/resources/tls/client-keystore-other-ca.p12 and b/src/test/resources/tls/client-keystore-other-ca.p12 differ diff --git a/src/test/resources/tls/client-keystore-root-ca.jks b/src/test/resources/tls/client-keystore-root-ca.jks index 3badd2933de..964dee429ac 100644 Binary files a/src/test/resources/tls/client-keystore-root-ca.jks and b/src/test/resources/tls/client-keystore-root-ca.jks differ diff --git a/src/test/resources/tls/client-keystore-root-ca.p12 b/src/test/resources/tls/client-keystore-root-ca.p12 index f930f27e9c2..962e5fb27fb 100644 Binary files a/src/test/resources/tls/client-keystore-root-ca.p12 and b/src/test/resources/tls/client-keystore-root-ca.p12 differ diff --git a/src/test/resources/tls/client-keystore.jks b/src/test/resources/tls/client-keystore.jks index 6be7d5cf5d0..4062b258579 100644 Binary files a/src/test/resources/tls/client-keystore.jks and b/src/test/resources/tls/client-keystore.jks differ diff --git a/src/test/resources/tls/client-keystore.p12 b/src/test/resources/tls/client-keystore.p12 index 87b29bffcbc..19dee07425b 100644 Binary files a/src/test/resources/tls/client-keystore.p12 and b/src/test/resources/tls/client-keystore.p12 differ diff --git a/src/test/resources/tls/client-self-signed.crt b/src/test/resources/tls/client-self-signed.crt index 631a62c7b0e..a3719212647 100644 Binary files a/src/test/resources/tls/client-self-signed.crt and b/src/test/resources/tls/client-self-signed.crt differ diff --git a/src/test/resources/tls/client-truststore-root-ca.jks b/src/test/resources/tls/client-truststore-root-ca.jks index 3be6ba07b43..85726c47597 100644 Binary files a/src/test/resources/tls/client-truststore-root-ca.jks and b/src/test/resources/tls/client-truststore-root-ca.jks differ diff --git a/src/test/resources/tls/client-truststore-root-ca.p12 b/src/test/resources/tls/client-truststore-root-ca.p12 index 34e0bc7cf78..de59302b293 100644 Binary files a/src/test/resources/tls/client-truststore-root-ca.p12 and b/src/test/resources/tls/client-truststore-root-ca.p12 differ diff --git a/src/test/resources/tls/client-truststore.jks b/src/test/resources/tls/client-truststore.jks index 28bead2f006..93ee79f8539 100644 Binary files a/src/test/resources/tls/client-truststore.jks and b/src/test/resources/tls/client-truststore.jks differ diff --git a/src/test/resources/tls/client-truststore.p12 b/src/test/resources/tls/client-truststore.p12 index 97bae6368ed..8abf4701f4c 100644 Binary files a/src/test/resources/tls/client-truststore.p12 and b/src/test/resources/tls/client-truststore.p12 differ diff --git a/src/test/resources/tls/host1-cert.pem b/src/test/resources/tls/host1-cert.pem index 125fb28bb23..2db831da42d 100644 --- a/src/test/resources/tls/host1-cert.pem +++ b/src/test/resources/tls/host1-cert.pem @@ -1,22 +1,24 @@ Bag Attributes friendlyName: test-host1 - localKeyID: 54 69 6D 65 20 31 35 32 37 33 33 34 36 31 35 39 38 37 -subject=/CN=host1 -issuer=/CN=host1 + localKeyID: 54 69 6D 65 20 31 36 35 33 36 37 31 31 38 33 32 32 33 +subject=CN = host1 + +issuer=CN = host1 + -----BEGIN CERTIFICATE----- -MIICvzCCAaegAwIBAgIEKjcjQzANBgkqhkiG9w0BAQsFADAQMQ4wDAYDVQQDEwVo -b3N0MTAeFw0xODA1MjYxMTM2NTJaFw0yMTA1MjUxMTM2NTJaMBAxDjAMBgNVBAMT -BWhvc3QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmWN65Qg6Nsi -QVpnDpRYSY4VQX/Jdk2mBJNnZJbYh394g2r/P1nbeyQqXMeADjPuVpua1eezvvpi -5agkrVeg706NRtR3ygslNNsE2jWDRsTKl0s4z3QUWv5ryNBLJoS8KvnFh3PQkzEB -ZO5lpOp03h7Z6T22ehT35BSu52RMBBfbJMMVsBwx6AE/gZx6hfr/0zbTXt46TLGh -Sca9cfOVb25oj2EERuz3IB15f5opKGeIbjuovLZUMEf6VUEuzjZ+B+Kkd77s+Ohu -yvDidX7MrD5D3Juu7uRcWHsd5612CKwzB1M+aDM6+JYFYjeC4GcVPXvYB3gsmS1m -J3MsD0Cl1wIDAQABoyEwHzAdBgNVHQ4EFgQUtBM0hKhu1m5PN635mCd4QLcp/rMw -DQYJKoZIhvcNAQELBQADggEBAADDh/3qHlFeA08uu1sudhTXk1YqXWyzkIfVhivY -R5Jc6q7RFhy0jrCycbPZYdZrzmNcK7xyAfDxeJtomlPAZnFrRxu0lc5JiOJUSD0M -qJbj1dikdk7esPQ59qZxqpa1ZyBh/nJUNVr2nh6spB4BK0euTkJklzqvgqRhhpcS -bek6F2f0+U2JR9pSmZ0XRsA/S5R2eKZvrEBtf0x86TvW/2iy2IQ0OvATFRcIeYaT -iClTNWVfnI7Ekz2kukcL420j6vyJHQK2ORGHiDgGR+8H7aPOxnOYbb8FWQPawbEy -+LWiykSjrPMzYHGmPmgK8riQCjiHBQix4tM51T2a/BNBcEQ= +MIICwDCCAaigAwIBAgIDU6f2MA0GCSqGSIb3DQEBCwUAMBAxDjAMBgNVBAMTBWhv +c3QxMCAXDTIyMDUyNzE3MDYxMloYDzIwNTIwNTE5MTcwNjEyWjAQMQ4wDAYDVQQD +EwVob3N0MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMA1EgUA2JSZ +k/kWh9LHYUAamSNK0EpT+uFrcktxMpV/OFEkPa3JlNHWQPxBLReQZmeJYOIwuNFg +uW83Npq9sksaxXJ77JQVxLls2LDPG22qbydUPr9IjiUlGQSwopjsdDcZhSFvTK/+ +fVHPr0t+kn5KDwZwfPZ8jWLIQxvUJIXkl9uXofoz2ScZkPSkTdN7WvusONMp28L0 +lRM6KmtlxqReMeEJ2zQut0TRLeJM+mbZ7r2A0zdGRqIXq+DVAAHJXsxPt/Rt4coA +JUZWA1Hc7zFfw63CLgoWgDsujwyTLA2Guqb7aDLYZ9bS/yEpkYoGzq/GIKBtYy4D +rFlm54JYeksCAwEAAaMhMB8wHQYDVR0OBBYEFCP8lFj66mJSuP+ooYoOcucgyIs4 +MA0GCSqGSIb3DQEBCwUAA4IBAQCEOQlR3SJprKg0++Ku+W/SZBIrSKruaZA+PbFH +D4B6Pb3k9HenD/1WlMNolXyXAyQGh2gtbJ0r94kcbq5gq6ruo5FUSQKgOkxH5Rok +aixTgoB+a3HO3EKuTwEvZ7nXMhiOdwlcZ7wt8PxQtrv8TuFCYgwahNWhNlNIKnUL +yEhcqKXkjqoN+LUeGLbWtyod93BXwpNmBprz8ccBDeYKW4MDfda6dIFzhPlc441k +HEYC8L6hY92BtZeWwnmhKAdkPodM53E6aZnl0c+Ta9OuBlB6FydCr51RcPps6UGt +lz7lypiVe+21Bh9CCk7I+KODXXH04U6FxYDE9QDJUoeIGQ2K -----END CERTIFICATE----- diff --git a/src/test/resources/tls/host1-key.pem b/src/test/resources/tls/host1-key.pem index 755dd3fadcd..5702af1aae6 100644 --- a/src/test/resources/tls/host1-key.pem +++ b/src/test/resources/tls/host1-key.pem @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCGZY3rlCDo2yJB -WmcOlFhJjhVBf8l2TaYEk2dkltiHf3iDav8/Wdt7JCpcx4AOM+5Wm5rV57O++mLl -qCStV6DvTo1G1HfKCyU02wTaNYNGxMqXSzjPdBRa/mvI0EsmhLwq+cWHc9CTMQFk -7mWk6nTeHtnpPbZ6FPfkFK7nZEwEF9skwxWwHDHoAT+BnHqF+v/TNtNe3jpMsaFJ -xr1x85VvbmiPYQRG7PcgHXl/mikoZ4huO6i8tlQwR/pVQS7ONn4H4qR3vuz46G7K -8OJ1fsysPkPcm67u5FxYex3nrXYIrDMHUz5oMzr4lgViN4LgZxU9e9gHeCyZLWYn -cywPQKXXAgMBAAECggEAQL4dXxYtwF8IInl9We2mllCG9tWrZH1Fc8Datv9f8e47 -TPu3WHpeG/UxHx7QFod30msFbPRAh8iw6bdVa9fh5EZwEmX6Cu/RjaPQs5nB0s6s -VbPb+zwNLkSQAd4txbF9wCowuO7W1IFwDYI2nvp/MB2mlhCvniIJxOsd0sRjRjjR -E5ReNo6eaMV8oXcMnsJG2sJYJBNu96mgoxK17y3AiDUs9ORgPFRNf92xfzkUIFnC -cme1y11qWBRtlDr9QZFiwc1C4c6b0bPCmbRiKpH8Lm4If+9s4vkvDXSjkIn8vrpo -1AeHAsYiTLyHhJKE0ewOAkN3jVL9slj3gE1E0qN7qQKBgQC8APhX44fk/Iv88B2R -Jov12nxhPZUqOrcJFJ74jBRUXcwlAxQ6IN++Eg3DCBgpvh5h2JnVkdI1vu9kgtE0 -TNrh67uJXhX141Trx0dYm76ypCl16/78xQwiWPQNx+lApko9LxBus/YZy0jL4jGr -MTIRINZaURuVuNff+1Bh2socQwKBgQC3ASwatZWZH0os2oZ+GJz2MbTiUZWVlE4p -FIoQFTBeMAUAk+MTTLe78b6Eb9DqvAfSDMWn15SdivBf+ZC//xgosGmG31zPrGbO -VyZO5pGsWY5KKE2lRoZJsQFf41Poo0BFsh1fhISTJ2yabkXGyEOWhSfdRnDee0cq -MXLvcNzA3QKBgQCdPMJ331ic74u1NK3F5FNSgDVerr6+3vSOp6x9e8rU9M30dqrI -Iw5+TWMtJuvunY+TjjC7KoaBZPubOL332/+EzD/BF+uOB1/TAoxtU3Ueu6XhdkuA -5NzNLVCQ5g3zgCC/I0m/DMxbrmVn//pCj5asNKaSSxujEUGblvkXnoFDOQKBgQCJ -O1bQfKS/G4irE//Q5TInKGUlZdqPPZRTF/TkVI9dwhKuOTgKC/in9oNQmu0GaZRP -voYl8/KdJUhWIDac03VRZeDsY+kcToMVbqLqfdp1bP7Xu1tmeflPn22Rc05D4M/c -s9F1BFHKa8D0GYc3pouQfy/CrgULwVQ/Xq96wJ65/QKBgHKLQl5JRftzPjhinel3 -bqfy+TAIqMf+cEXU7VuGvqfQbTATRcAHs9sDoXioFSZtVC0QcfAPtcVb22c0emPM -Efv+CEPrjdIB54TSoGVJ6qd9i5mdPtOmwyS51zDYQ+NAXaA0sRikqWUO4++/tkX4 -yjvLh6bL7ECKl2uB1Z1oAhXI +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDANRIFANiUmZP5 +FofSx2FAGpkjStBKU/rha3JLcTKVfzhRJD2tyZTR1kD8QS0XkGZniWDiMLjRYLlv +NzaavbJLGsVye+yUFcS5bNiwzxttqm8nVD6/SI4lJRkEsKKY7HQ3GYUhb0yv/n1R +z69LfpJ+Sg8GcHz2fI1iyEMb1CSF5Jfbl6H6M9knGZD0pE3Te1r7rDjTKdvC9JUT +OiprZcakXjHhCds0LrdE0S3iTPpm2e69gNM3RkaiF6vg1QAByV7MT7f0beHKACVG +VgNR3O8xX8Otwi4KFoA7Lo8MkywNhrqm+2gy2GfW0v8hKZGKBs6vxiCgbWMuA6xZ +ZueCWHpLAgMBAAECggEAfdLABxJ0tWKMIaWEKJFosmQ3F4lkLSQoueRyn7xslrz/ +iu6kid3KVEtjoz6vXBulTeX6zFeExVwCSDHmxwmja9MMqlNBnfdaHuCIQcZyeCn4 +NdDKesHue5Z7eDyBVIaF1YQZSLfphdSdCS9h25PyJkYo69g7lcgXbjEW7WLEvfiy +XUA2S4tzgb8HBbj5rlU5/d+TFHEWFniTN3DTc6jLF7jgfo2FHCo8Uvi1o7najOVx +kl9wFlGPBAXJ4+BJpU5zfO2xwP3qyCr0clrM6r+RAni38E/0OFt4UJT1W3Acz+/u +okCyA/fyX2xZfvIylvJJL7Abd+GJ8SSKYSSRU0pSkQKBgQDnH6H9w0KZprnzOU8t +FR3bxDNCTkgYv2OdsAtbbAKd62DBXSdmO/I7u7khjgmxHsG32zhVIfu7tnMGF3HZ +iDlQXVLPI12j81QgXLCAoTpnAiDfdjHaDdS+p76rN7vyEG2GiehRapiEX9vZkEUN +Y/0fA6dHyFcDTgVkZyGXdRUk1QKBgQDU5SQUfie1mExfqFtx1BqXjkvVi3sBX2VT +L11JcHlgQt2fKEccnGUOS3i8NmH3pbrsEdW4A1sx3sLpxxU8I0cuewKxhYKYnw9t +XV1ie3oo/EO13tiDxJkDzGEdpm6P80Kfqctf+4TdtEp0KB/U8rQnN5Zlj13QRFhK +nA14S3EynwKBgCkzj2owe9fuS+nbBo1P3WHHCShB0kJvI/ABaRTkHVdPlZEC7Toh +Z55Uab1cl8e2ZuxCrTkn9LtS3BBy733K9gSojlGUyWWnxBB81Y4or8ObMocDiAGK +Q6m1N51IMz4ExbGdNggFi6jVedjACj9H2uDDgved9D0HlJiAdhGM8rb9AoGAZ1jM +yP3svOSvvof1zC4Qsp2rBoDtN19dyqHlgS8OXMJY31goHSV2kRfmBkfICvXy5YJK +40cN0Am5SM8R6d2eQlwIlLChEwGz9X0rRhF23cqH/BOvu1eGiCeAxWnzpgGKyAMe +7PsmJpHMytJnkXI4Lgl4Atkzy1RCIAXdLBZDXzUCgYEAp+Hw5bdBCq1JIPH7pX8n +WjZpYEZJliJSVmee01eHJ0kwCvtflc7zlOa6e1Zb/3fYHwHeXpeEr/kVoRJZsvbm +WKmBWQ8v4CKGpqobZSlp7ivp89bMl2C5RDs/v+yyrt2nb5zNPIoYihG7LukdBGEw +1q+aRi4tpwG7d70m+5YYfsE= -----END PRIVATE KEY----- diff --git a/src/test/resources/tls/host1.crt b/src/test/resources/tls/host1.crt index b59a26f782f..71186872bb8 100644 Binary files a/src/test/resources/tls/host1.crt and b/src/test/resources/tls/host1.crt differ diff --git a/src/test/resources/tls/host2-cert.pem b/src/test/resources/tls/host2-cert.pem index 6f036024a1d..aabfd40802b 100644 --- a/src/test/resources/tls/host2-cert.pem +++ b/src/test/resources/tls/host2-cert.pem @@ -1,22 +1,24 @@ Bag Attributes friendlyName: test-host2 - localKeyID: 54 69 6D 65 20 31 35 32 37 33 33 34 36 31 36 31 39 31 -subject=/CN=host2.com -issuer=/CN=host2.com + localKeyID: 54 69 6D 65 20 31 36 35 33 36 37 31 31 38 33 36 38 33 +subject=CN = host2.com + +issuer=CN = host2.com + -----BEGIN CERTIFICATE----- -MIICxzCCAa+gAwIBAgIEamRCPDANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwlo -b3N0Mi5jb20wHhcNMTgwNTI2MTEzNjUzWhcNMjEwNTI1MTEzNjUzWjAUMRIwEAYD -VQQDEwlob3N0Mi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc -H/49Ex1L5E5/z4+QNVTw02gxNUS30bawigxleYlnnSnm96/HdJObKspHyC+kwUYS -P7/g33Gt3EFil4DpkqMkvm8Yp+tcBgx1GmT+286UHf6Axlm81pfXp/lRQY8z6PPC -R/H4yvsz4dcOXeclhf+pULq2C296rERAwxl1607/HabJg4W6HRICKUWYjwD9EGmA -J7nIOY7w7IVHfzcuiHji/LUzq/6iwIR2d+KMbf6wsHDGstGM+hC6gj246r6YyRMb -yVqaq6sk/XrOlMq3ierdF3FeRZKFe5ViRVMoPR+uQeZnqrF59RMD4jmpoPJk2Y79 -v5fTIaVG99EVQak3F2InAgMBAAGjITAfMB0GA1UdDgQWBBTVTadPDnnCR7tw5qxy -XA1prlqj+jANBgkqhkiG9w0BAQsFAAOCAQEASvJMmJGHskn6/bdvnv+ZEcxtRrL5 -qCnujw4Nbs0MoLpEdjxc7qS4ndl8Yt/krBYbnJygZtNUURPTIJeFmqQHTPoJvrU7 -Op5ABe73B1MMwGry0+HHK7r8HqCKHgLDdAXtNfB830uKmZDFqZydJE00EAqY8yOC -qg9mE0uqcROVd2G7XCA4kEBM1NohBJ9dVgJk2k9v39j1NmTrCwFu2PVZASVD3Mk7 -hjZfNRSaGj/KUYqa06wDJG/iJPN+YxXIhqZbWzv4azRejE2GhHf+ba65I81+bt5r -+jDaL4YW1m8eWU7QTtIeeQfnQf/gzskc5YL6J4nxChn6TbUc4Eqzz/83vA== +MIICyTCCAbGgAwIBAgIEOkClEjANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwlo +b3N0Mi5jb20wIBcNMjIwNTI3MTcwNjEzWhgPMjA1MjA1MTkxNzA2MTNaMBQxEjAQ +BgNVBAMTCWhvc3QyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AK/ZnaewPCkoxha1QStugqMlTw71uvcvCHqTZmvKxDscQc1ZQt1f5/lewiFq8Vov +/n9CZZRCygsQhS/8Y8yleGx5SnrngvSCuv7DHJYhhfSbsgOIERsxNSBqyNAIx56t +KLXgqsjwd0nTB0o3ckTnKkfYFFdbssdS73ZNw4XYnTZglvuurLjJXJd/D/3VWTR3 +yDo3YVcLLwK10uNbS/xTUmhNARTH0PnC5xaJbk808dUYcuxreh/He+t6imaAcFyB +h9PlL+jjzzExJseB5UNp4T8Zu65e6rZLF1PjvOND7p52eEudobLCtczAvOuzeQA9 +XGrOL6dbneecw3OfLlYtaFECAwEAAaMhMB8wHQYDVR0OBBYEFAh5j4jHI1CxY3GS +8MocRdT/LrasMA0GCSqGSIb3DQEBCwUAA4IBAQBOUrB/O9Cz+DxkzPkr0HP5S99e +tkGiU3Zn3hDtuOSnVEOrDYAP6gEuVqm65ZOpOVJ2hXT0giIGR5BNNtCjtCyJpYII +WMmvvW1au9t/kf2/TiqELUKVK1Ya9KczTpGmRk6C/A/OU/6sF94paRFBp4pRicOv +nrW15CrLDpDiQC6iyFIaDblVW6x9tgYacP890t//5agU1PD7Kain4cF9kCRCNODY +rRW7rSsj2/urrVkoIODZSf9S0YY8q7w4HmLjSC+8wolH0Umm32emRQT/tO1nAaIM +ifBuftnys7ktgYTFmN3GwLCyB2n1Ri5n3E4vGUJAFZeh22deX4ucPkZvnKC+ -----END CERTIFICATE----- diff --git a/src/test/resources/tls/host2-key.pem b/src/test/resources/tls/host2-key.pem index 8b5bc78599d..b5977477186 100644 --- a/src/test/resources/tls/host2-key.pem +++ b/src/test/resources/tls/host2-key.pem @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCcH/49Ex1L5E5/ -z4+QNVTw02gxNUS30bawigxleYlnnSnm96/HdJObKspHyC+kwUYSP7/g33Gt3EFi -l4DpkqMkvm8Yp+tcBgx1GmT+286UHf6Axlm81pfXp/lRQY8z6PPCR/H4yvsz4dcO -Xeclhf+pULq2C296rERAwxl1607/HabJg4W6HRICKUWYjwD9EGmAJ7nIOY7w7IVH -fzcuiHji/LUzq/6iwIR2d+KMbf6wsHDGstGM+hC6gj246r6YyRMbyVqaq6sk/XrO -lMq3ierdF3FeRZKFe5ViRVMoPR+uQeZnqrF59RMD4jmpoPJk2Y79v5fTIaVG99EV -Qak3F2InAgMBAAECggEAXMbCTUbrlOrCHz+Xv4mBxW7LrtpJ0LZlyvjuLusPVSxW -9zLfGTbUdFP0Sr3SWiSkYDnT62y84CVQEaeYarTCEBa+bDd1LIVHp9scgzrZwrkk -QSAduZMIPpZKGRhNYfqfyCb6yu7MYmNladsxfeHoMJSRr5aSE6MFGDsYCTPhCMaH -cVrNshMBFGDm6aNYBrERihJ38UHffGFzrVsh30Fu903yBwe9Vg1zmu83hTsW5MQL -Hvdl2/Gj41BsQUAID+CRl/NzlaPp7yirEwb634QTu0VD1ean6YghVbfxUdasoxIX -S/avsMf1s2tqv2j8pShsVmKPqjldjVTPU9N0c5PJYQKBgQDK/NtpaM1jYBmIviK6 -cuTEk1kLuxz/m1mhl5+m3JGFxG1/+yIgjaeAIz4JEIC5rshpUuZCZjNETnkz0qMe -sdyOfdPN24i0F8Gz6XNxOA+KIhnzmxICOl5lYkyQBBSsLd6f10Nw66lVaVdshWCr -K8eegpXlAz3UU2uAz6XvRBDTEQKBgQDE5gjsRF7JaRO4IUaQ+fM3hgGd6lbyP6v1 -ucEbmc9CGaSiiUSFyJ4waQE121QpaCR3J1IvEPTM0sMOB544XY5U53FPSqPWvIxH -jRRf2eUlw9aGCzqtYR1kZAKTePsZLbCin7FvWT6ViwWNKFQM8UTH+iycM3nvDYYQ -hOedN4ZxtwKBgA3PlHIgklDfmf0myqAa7xu81sMokPmHLVsEQPWObkxGqBicEp9a -Y/og67icKdX4YWRhIo+D+pr8J9zxyO1uto3vW7jW5f8y2pgOGy+p28zPMyrS8y+5 -nvCQ9pqZ3Ho2iL4hXFJThmrsRul4TbJ3wRY01lQFm3BV2Kuj9StJW0exAoGAZo1B -XH2HuPOHl8GNFXl52hNryCoDuwy6rbNgBtYngtAEVbuU+vEwoxotzTU9MovRYlYS -kf0M45lqimYhXE4uEb6x35CKoQ93KNUsJXhBx1em5g33M9J/EoicZt7+OXD4rNrr -+YjL9euAqrK0hEEth9KfZYPSIFY022m9kL8YwSUCgYB8kA6Vw10PV0bbh14Yf+qm -A6F9/dz4/4FSLuuGUTGuk3SuHeQnJF2HkGVrtoaChdQ6l8KSTSq4dhp2jnTeXJBJ -UD0jtSB5iZVN0RQP/AcukJKBCd01rngJOii3nmtJ/+z5MP3/bQ3gJxViFR/EIaUY -eaOSab6v88895W/frS2jMA== +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCv2Z2nsDwpKMYW +tUErboKjJU8O9br3Lwh6k2ZrysQ7HEHNWULdX+f5XsIhavFaL/5/QmWUQsoLEIUv +/GPMpXhseUp654L0grr+wxyWIYX0m7IDiBEbMTUgasjQCMeerSi14KrI8HdJ0wdK +N3JE5ypH2BRXW7LHUu92TcOF2J02YJb7rqy4yVyXfw/91Vk0d8g6N2FXCy8CtdLj +W0v8U1JoTQEUx9D5wucWiW5PNPHVGHLsa3ofx3vreopmgHBcgYfT5S/o488xMSbH +geVDaeE/GbuuXuq2SxdT47zjQ+6ednhLnaGywrXMwLzrs3kAPVxqzi+nW53nnMNz +ny5WLWhRAgMBAAECggEAGSZZeuskn4paUlMX//stKeIjHXOdis6qOsWsB0yXphCT +hKf4fSrDRZH818SwwgJNNqwrVPn8ZXq2YbeKGnGr+G+cbFmCDDBKSDdldj9TJjnC +SukB8U6nV3yOPdqTmikPwntgUZ66oM9SopWtfRdGn8HSnu/ZcNJ2twfGJ/Vj/quy +82qYYB+aOJHXna9esDCf8VPfuSf1wQNl5KMwrR4MbyjlmPgJRZHI7+ucDfEjRP64 +U50qJRiMoHFHc8fLtEExOyGoSvkceVVzD+Dyzz48k7peNtu/96KBgJKHyCR5iqRe +gR9k4oHDL8ZA3yIUtGnnon27denVXF3E7WpYy/NbMQKBgQDj+040PC+xi3PlMZZC +KVD9XRGnbRC7SlM6xruC3eacm8q4H/fsEAlE6M80Rykd+136Z2L1CqvPiuS54NzN +f3kGhxvGaDIatzy8btRRl6cPmzQIVVwJUF+Ud+0uZrWgmVSGMMiCcn0tsjzpGXV3 +bLsErYYy+IPonNijnDKH5lnttQKBgQDFdikkJ0bR6HQmvb5wHyK/Huu9i7RJ59Kh +8X7Wk1RjEEocHOO3a9AgCuqZCVoZcGlmBR2Om35xYe0UsUAfoCESs+v6Z9QpQKC/ +Fo3gJARDubiw8CHbivFaMFScc8EWWp+GSfoFY4qq/ojxzMDyWYIRexfPIqq3jbSa +VT7eXVvRrQKBgQDMaB4OJ4h7n5UiAfu/BlxfTnrtqpQ92L4XDOhCxcJm2ChCPieD +uD0XU8W0EbmD8ESqptfK7O5u/xFkt4BBn/FbMPhuRC3oVjJWoOgs39Qh4f4dGquS +jkWkUIKP//cJL3DhgAvHKe+icRS7yt/PW+WypAKW4MskXLzAtON5hcdLoQKBgBZp +GLY/tuvv4+7ZrhlvjzP9wGecyXNx2hgDHpAf3H35xU93f+i7Vb2tP37q7szgUzX+ +8qHSyAD6SjwE+fAc7mP/A5NB4XRlH1lQp/1+WPWOyIVcW5tdI5NG1POEt69fzaci +Ejw2VfCePtCimmtm+ToerE8X8iQu8wZpEl+OXPNpAoGACCHRXsbAVjdTsQ7L/Zqs +5Te27aC3dQLVO8bsC9SJhwjdui6qoZvmYYwU+3bNOM70TV9AkI14IVYJbFPDDq9Z +8xLKjSOUj6k82+Vdiv6pKuDg6VnHHnXzyz+qLUv4HZ/gai2a7ExMzQX80Gqk2dbW +N7PN0DcuOFozB+7JjPdVbM8= -----END PRIVATE KEY----- diff --git a/src/test/resources/tls/host2.crt b/src/test/resources/tls/host2.crt index 348466e746e..7803b66fb93 100644 Binary files a/src/test/resources/tls/host2.crt and b/src/test/resources/tls/host2.crt differ diff --git a/src/test/resources/tls/host3-cert.pem b/src/test/resources/tls/host3-cert.pem index f608a2586b3..c40b07b0d2b 100644 --- a/src/test/resources/tls/host3-cert.pem +++ b/src/test/resources/tls/host3-cert.pem @@ -1,22 +1,25 @@ Bag Attributes friendlyName: test-host3 - localKeyID: 54 69 6D 65 20 31 35 32 37 33 33 34 36 31 36 34 34 31 -subject=/CN=*.host3.com -issuer=/CN=*.host3.com + localKeyID: 54 69 6D 65 20 31 36 35 33 36 37 31 31 38 34 31 32 34 +subject=CN = *.host3.com + +issuer=CN = *.host3.com + -----BEGIN CERTIFICATE----- -MIICyzCCAbOgAwIBAgIEdkGOEDANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAsq -Lmhvc3QzLmNvbTAeFw0xODA1MjYxMTM2NTNaFw0yMTA1MjUxMTM2NTNaMBYxFDAS -BgNVBAMMCyouaG9zdDMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAo5L48OMLW97Tbir1D8QP/jqXC4CCrMCX9bg2F25u2rEpjCspbHu0EifdY3cP -tiZ6BYOZxe5RD2kRC0VByD1r1HnMcrYQciEOMVt5alz96AVu4bugBxpVTbytcpD3 -VAeZl5K5EzjyeNlWbY3JvxKCyTHlpz6mUNl7IhwyXqPDftv5qTdrqvvxHvAVHIAF -c8ElW+2TI5RC2rkNB7Gv3nlnPL6z6fvRanC54OechkYZCM9fPWwzkdbRU0yRBfm/ -tx4NI/GzfldlWcDtJLKuP9qRUr0VMCZkQ+nzwLXg63kt364RzbrAi003LECeQ4gl -FEWs/OUKPQQX/kt3QJBC1herzQIDAQABoyEwHzAdBgNVHQ4EFgQUm9TKnhE3spwH -C8lID3JNLk6+l80wDQYJKoZIhvcNAQELBQADggEBAEdnsCol3hZ4x3UJ8YI3H3H7 -O0Vym88+v/NszUpsvNQp34XilfWNTaFU7VJB1OMkUhWYK1J5770TsyPHpzYG936Z -XrBEOaIAYUVgjVitlUkUS//1RLfabEszwzSmDAD34VlkMT2tUw2MPsWPX10DrkCd -rNNKXDJosjRg3eRtBqNk4vqJt8T4QFjYgr2L54aRS4eYhXQXjygxPisd57f+GCwq -NpfqMQ/1RB5XsvZmybHmkyQC3VAohCMAAuV8cSn7VgBETwuZsxNaDn14hZn8k3U7 -dLAIH8j3m7Pf7nq6jZ3inNGk/AFs/9R6cPGzzvY1qs3RT/oM77jtqI4EglVEDJo= +MIICzTCCAbWgAwIBAgIET7xa3DANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAsq +Lmhvc3QzLmNvbTAgFw0yMjA1MjcxNzA2MTRaGA8yMDUyMDUxOTE3MDYxNFowFjEU +MBIGA1UEAwwLKi5ob3N0My5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQCGTFnvwV5eK+rLJNr10EjXTWbJSdGWmtu0OvHB/cXDITT4eb17rFtVvfaz +69WylciNu0zL1d7N0p0+Sdzanoy9eMUpM929AKeNlMcxqjItWZz3NVD2tpP3ZY63 +db73OZG/wRMz6Ez+h51LFQ7NfUMxM8hn07dqZCNshhNIiVDV2DUaZScjKq2Ib2r7 +2FTTh8mQIMwWtZ/CKryN6TdrZlD8fphnJxHhTXroS9zo4cdfKkfwyjnWkEo0YZ1T +znBfWZVGR/fT7gZpgJ7mRn/RJtzWsKSGSK6/fCKmLMMAG1NLZWHllhwRQUyRJx8N +aVXj9pSfu582RyFhE5hCO8LI2+kLAgMBAAGjITAfMB0GA1UdDgQWBBSBcYb98fDe +JEWmW+JrSEs0Qzl3xDANBgkqhkiG9w0BAQsFAAOCAQEAbtUKXpUTEPM/QUl8vg6w +kIyXOPmbneOIt5JJQEn0I48weRCyLdMxw0YN7B28RM0IztXt68EptPdD10Fj2aoh +tr92eO7IA3Q/EjhiTz4XVbptw6ItxvYrJhxNic/a2FCofmHIOKLESnTBhitCtpUa +kC+ttpAFCLSfB/BNHoDYt4v31eNPqXSXf7wHfN9Nrd8eOofbncVKy9rVB6aliVqo +UFGc4Rgz+crr4N1rza2zuLORfOOHHvlDuhh+dg6aef3KqkS/gTJwxm0FdwDAAm+o +lafWsxA3Us1j5R2YKLS/SkuQ1OpMJkQh1vl1gi/R8s8iIT3ZQM9rfJWpsQhdd9KA +EQ== -----END CERTIFICATE----- diff --git a/src/test/resources/tls/host3-key.pem b/src/test/resources/tls/host3-key.pem index bb1287c178b..14677726cbb 100644 --- a/src/test/resources/tls/host3-key.pem +++ b/src/test/resources/tls/host3-key.pem @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCjkvjw4wtb3tNu -KvUPxA/+OpcLgIKswJf1uDYXbm7asSmMKylse7QSJ91jdw+2JnoFg5nF7lEPaREL -RUHIPWvUecxythByIQ4xW3lqXP3oBW7hu6AHGlVNvK1ykPdUB5mXkrkTOPJ42VZt -jcm/EoLJMeWnPqZQ2XsiHDJeo8N+2/mpN2uq+/Ee8BUcgAVzwSVb7ZMjlELauQ0H -sa/eeWc8vrPp+9FqcLng55yGRhkIz189bDOR1tFTTJEF+b+3Hg0j8bN+V2VZwO0k -sq4/2pFSvRUwJmRD6fPAteDreS3frhHNusCLTTcsQJ5DiCUURaz85Qo9BBf+S3dA -kELWF6vNAgMBAAECggEAeVp3f9chvTXSLECIcPrnVphHKQxdZia4Vl8lGjse2PZo -uYnoAIjB7lpPABT7vgpLqr2YnuSQlNtA/tiR1injTs5R5KS4DMQDUJDpwgRdhv5I -5gWZ0ssxkCuzjnSIWXoN9AqxbdZo5UlwunRfwXbNOtDe7TYok4DVvlem8tmSFxGN -nEly9gYPoFRTq6/qu9VsuZrBrbCx0sxv553KaTkfkBQolZYHSMA9SR6OIMiMm96K -kjKC6lrNJcZfQBO4sSml+1QTZ+7zyp6+E2NdiZVoDFjyJcYj5naFANqCVOlrLM8a -4rodwX2osV/OpdBXPIJ3+99/PSLS3MIOv41rJBD64QKBgQDzvfsZFNqt9GoLMdX+ -gWIWpV3+mT6TOGRANXJWeAqIfib6NNxGvq2kyo3gf/g+ujhuwJ82vdE5UC2xC66J -smD427bd5Oc8CYqEliV39u2Jq9yQZ5ikV87S5JuoJKb0n0mUC0bbf9JrG6dDdDOG -T2Wjqk8Rd1xpm/ZOn5U6C89m9QKBgQCrzOGgwwltt68qUvBLYqVbDaZ2HD9lTW79 -po2UYuGrL7uq5H25/ZdcHlFQaDkXB0w9TvC2JLZ3K4XrmH4ZvADMtlM9c045J0HD -B0Eb6WONQ2QNOkfkfcVsi5bel4JgTsU3AFGoYZBSAwBqedQrdNRjHSAlbaWIcfcq -rH1O0fq6eQKBgFKTi41MxmVmx8JxKNmnhc68SaLm0g9YbIZgVRM8af0iGBxuai5B -jVymDvj/AeBmgJXtBkOqfUaYhlJT7dbSqw3EiiiU005AwT/4CkuhSYp5wijeIBWV -dgl2z9FgUXvQt0HDrEbTADuvS7SLmqUnIv0WxuDY+mMBJqouYIUg2Sw9AoGAMXwR -HVowVA8NgFZlaoFeeayj3u9h/07fgmY/75bPw5w7JQ0tfa4is+DzsQJkN1Ldzeb4 -BK7sc8TwjRzebZEudciqj0+wH1xEX+WuBlkiWKUpo3m/DXyAqjRG35SqdA0cVyxb -WPHJPSYqL4Ep8N508puID9/WR0f0VrFaYqKu4pkCgYB0UzlqB1Z2xbJQEzx/XmG1 -lEjMQ9KmUyJ+KpbNTy+QGhcuUeXQTecREPn/TShMIA7nvw1XkFEr/Uy61OpZcrgh -EtgyTprrLBRyM6z0FwUfMaNA7ESgC7U9uGWT8dhNNmUErtBLMJWv4EMMR7zl37Sd -CY3tfx5DKab/yGvWxiatsg== +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCGTFnvwV5eK+rL +JNr10EjXTWbJSdGWmtu0OvHB/cXDITT4eb17rFtVvfaz69WylciNu0zL1d7N0p0+ +Sdzanoy9eMUpM929AKeNlMcxqjItWZz3NVD2tpP3ZY63db73OZG/wRMz6Ez+h51L +FQ7NfUMxM8hn07dqZCNshhNIiVDV2DUaZScjKq2Ib2r72FTTh8mQIMwWtZ/CKryN +6TdrZlD8fphnJxHhTXroS9zo4cdfKkfwyjnWkEo0YZ1TznBfWZVGR/fT7gZpgJ7m +Rn/RJtzWsKSGSK6/fCKmLMMAG1NLZWHllhwRQUyRJx8NaVXj9pSfu582RyFhE5hC +O8LI2+kLAgMBAAECggEAUIG+vFpH7t4W33aViBw3PlIZFvuYl9b3c+COAsPVZLco +YPfh3hyhmBHLrWnn7imaU1R/ogXwjaP/PVLcAXZgWkjmsF92QpH834PbsWscr1D0 +JsGganVi2EDaQCJmux+YvsHIeCp+1WqIoXTbLdY0jG9FaPBjGHU1Qx5QuwAOJFKb +FT5EoTAqDQLugtoMeDLg4mcoHxw9iet0DaGfSOwKQ1pNfOrZ4XFt1nLDq9G+hKCl +6ChrIegvav4kWpb55Cy6lymffR/Yn2GGhX+xl7Sgb1HwAeyjBl6hN29nN4Gl1UFV +H6xoubirHKJAWpdnABd+obiETtX4fazgQuC26pfBKQKBgQDQdl/zz8x/0/e8yPP/ +3XV8hlrtvtxbAXX1kosMXSzBliIF+zz+XY98rRZCFpleiDwHLXzKDeesImwa8cJ+ +nkiHxUpUPD8jTA6hB7xWbh6WOF6sRe8Jqf10amyXe42tb64pN3pOmCSIeAGOGTgU +ATcmgutQu74Z2jY5jb4BRuo29QKBgQCk7GtB3DcD0WflGvRXCCAfA0UAcMBGX832 +XeaSQTssydOzhauldHWzepM1X8qX75YyXreR38uiFTulmsLWJpjj08iZjy1ptGJp +hb/NUUs/eHcnv5znpyVmJRIHNDDFXvnYuSZm3Mfk7LRIdMpMX5673/iv3DeRoeXZ +DcuUYZmf/wKBgQCReorr85CbhKnXLcZaQYrEJF9Am3ncaOCRSHuRXVTmpIeJ9RNT +0KdaMtDdvje6KQj7WVtFBv8uubcH9r/s7TlgxuZgcsr9Lw7mgieFicP+wcgQIZ33 ++JHQtJSkAq2U4+N/ECBiyPp14onzSNZB37dFQQhHhz3bfNVqxOhcq8i4IQKBgAwG +GIPCtFgY6kQvxOSbeQwJxvwTPFFlJrTxf5/mFZRcWozaD/uOFA6zvwvDIhgVpZOi +iCugb04v0htuvwmx4q+pfxSC9cKhHhOnZqZnaN8Fv1oshBn3e6iIx1mzGmMpW3nL +ddtF+WTdRP+LVDxhNEdqOs1Hdt2tOf6rHM6ClxqtAoGBALEw7DMDn+L+4fMJ6lHb +Fx5JTSaie3V2d1v9mhmh+iIGv1w9cVsWLSwNZ/aaRW+5b8Cj9R44dxwDF+2gjg9E +4Dqdr1xnsfv6iOaOPyp0fgJh/RcVVAZ2zw+VpkqUB10VHsvSWbKjbOVEMgGLRt9/ +0W/aWzn6JTWu2VyVxSp9mWxh -----END PRIVATE KEY----- diff --git a/src/test/resources/tls/host3.crt b/src/test/resources/tls/host3.crt index b277b5e3b70..1f4183bebf5 100644 Binary files a/src/test/resources/tls/host3.crt and b/src/test/resources/tls/host3.crt differ diff --git a/src/test/resources/tls/host4-cert.pem b/src/test/resources/tls/host4-cert.pem index 8c58d89f6ce..e59e1e0e69e 100644 --- a/src/test/resources/tls/host4-cert.pem +++ b/src/test/resources/tls/host4-cert.pem @@ -1,24 +1,26 @@ Bag Attributes friendlyName: test-host4 - localKeyID: 54 69 6D 65 20 31 35 32 37 33 33 34 36 31 36 36 34 39 -subject=/CN=host4.com certificate -issuer=/CN=host4.com certificate + localKeyID: 54 69 6D 65 20 31 36 35 33 36 37 31 31 38 34 35 38 30 +subject=CN = host4.com certificate + +issuer=CN = host4.com certificate + -----BEGIN CERTIFICATE----- -MIIDBDCCAeygAwIBAgIESZDnbzANBgkqhkiG9w0BAQsFADAgMR4wHAYDVQQDExVo -b3N0NC5jb20gY2VydGlmaWNhdGUwHhcNMTgwNTI2MTEzNjUzWhcNMjEwNTI1MTEz -NjUzWjAgMR4wHAYDVQQDExVob3N0NC5jb20gY2VydGlmaWNhdGUwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2eTWKttFVuZ2Ul8NeqRLp1jb0nv+87pbE -ws95IO1NTFISN7P2lPv1R6K5xAe+M8p0UzXHomnyDREra5Jgn1taP9AbsDYRNNnn -vA0qgjKt4gK1sFeceox9kQteRMNGP1QwWXoAb0Tyz8H2zZBQwXe/HjvlkfhsFOYS -Fg97y83TvttmlcABW66k/S29DpO0J1HOV+xZeBEbE0L5We4v6P8xhRqy7b4W5lzy -OSOSiPkRWJqMBicLxJzmHrjdbQonAD6QECSGp1qvCBrq2oa9qpQimvTOlAXncS7I -JW0Fi3BwJNu+xxKBsUmdSMfKtXH56zxMPVqGgAfYru+VX8k5u8HTAgMBAAGjRjBE -MCMGA1UdEQQcMBqCCWhvc3Q0LmNvbYINd3d3Lmhvc3Q0LmNvbTAdBgNVHQ4EFgQU -3Q4cR8JL/0H4gMr1I6de6ufBBr8wDQYJKoZIhvcNAQELBQADggEBACwN/FNmM052 -oazJTS6psSqd6I++vUOd2WJwtQdVBgzFe+9H6ExYCQjlwxGHc1CO6pk7xqqJgIGa -h8shAfGB8FVYj+WaEyPwKW7rdEKLMoNQOAmgkcfBklvTxqFLYNoIamxEQMhbRGMP -5xAdemn08I5fHXuRidDiyakkQud9jKAsZRqkreZ7Jrgavyj+CRnAijkCkr1xbMPU -7SW/Ac4qxBkn6gBWNKrbX9uKheUesxwjH6PHCsyGxhjzACOS/L7NN7kyJRjIDEAu -GBD+dOd3euTMqHFrQTeIe5vKnA/iEch4XIyU7XaOcgigq55UK6VuqJmA56K45u81 -MlJtaCAHPh4= +MIIDBjCCAe6gAwIBAgIEVtjh4DANBgkqhkiG9w0BAQsFADAgMR4wHAYDVQQDExVo +b3N0NC5jb20gY2VydGlmaWNhdGUwIBcNMjIwNTI3MTcwNjE0WhgPMjA1MjA1MTkx +NzA2MTRaMCAxHjAcBgNVBAMTFWhvc3Q0LmNvbSBjZXJ0aWZpY2F0ZTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ4WipqZGV1CAWeT7svIs/Dy/OH4EP+9 +oyDTNha5dyIkdpe4jjU0OJGhno9bjHDkerifjQumZKfEfOJFYH3WiOsTJNDZQ9Zd +CmKrk4z20+XLe7Gt0foEnjrg39CXn9MSIzz1dsZjwIjDoOj2Yw8URAh2q7SZsux3 +++2rlVDGYNbdvwyrNxg1wENNNZbCVTdUDTWnkGLhhKPK/xUOqNY9uW1jVYsStamE +z32J+XRwb9idGOuZvBMLKaykQSwmzgrsKcxoHDtRuPU6yyFtFL/7Ih5ytPbgtWSq +ZTZfHH95NYSBMbtk80e7L2R95nYN9m6KjsEtynaMo8YtqO6LiX9erdMCAwEAAaNG +MEQwHQYDVR0OBBYEFPH7JziBRUvF34NbFOCYHm/BRNuVMCMGA1UdEQQcMBqCCWhv +c3Q0LmNvbYINd3d3Lmhvc3Q0LmNvbTANBgkqhkiG9w0BAQsFAAOCAQEATVIx4epC +Sx1o0hDmshmJAgnna2jh8jS1NYiydgYIt0hsVMVtD8cgo7rd9skpFU5Y5i1CTZ48 +hVTvR2Q3vN6tg5Ru1kt0MPbwgzI8O9eL7S6S2WV5Rr0/3quqU9DJ0IM4/tlUH+Fh +Lc63CoxBItgHfHlcRVmEnOBFpFfEHiYgulp/fE/jHzDb5nde/Dii/5g0Wdj+b1m7 +bfCqlncMcQchMN0nMq3PTdn8jKMmY3Q2BkeAgk/fpx0BI7YUZiBHQ3NDngmNDgD+ +++q+4BRgIL2Uhbhvij+6PYdvFkbFJ3cBWB5Fu0xrQedMMnpedJrYBzf/lflpkjSx +smf0gZSv0O4LWg== -----END CERTIFICATE----- diff --git a/src/test/resources/tls/host4-key.pem b/src/test/resources/tls/host4-key.pem index 97114d72148..c1c40f6b177 100644 --- a/src/test/resources/tls/host4-key.pem +++ b/src/test/resources/tls/host4-key.pem @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC2eTWKttFVuZ2U -l8NeqRLp1jb0nv+87pbEws95IO1NTFISN7P2lPv1R6K5xAe+M8p0UzXHomnyDREr -a5Jgn1taP9AbsDYRNNnnvA0qgjKt4gK1sFeceox9kQteRMNGP1QwWXoAb0Tyz8H2 -zZBQwXe/HjvlkfhsFOYSFg97y83TvttmlcABW66k/S29DpO0J1HOV+xZeBEbE0L5 -We4v6P8xhRqy7b4W5lzyOSOSiPkRWJqMBicLxJzmHrjdbQonAD6QECSGp1qvCBrq -2oa9qpQimvTOlAXncS7IJW0Fi3BwJNu+xxKBsUmdSMfKtXH56zxMPVqGgAfYru+V -X8k5u8HTAgMBAAECggEAfWPfehnU0e7CLXj4ZRUUDSIKE6ErJb5iVoV0Is2QpBx9 -DU2/2gNY/J0kYjkmBPr79WG0xCGEYjO+h7LdHI6FLQhKzqwRC1PhJZAhEAP2JWz4 -5bdvDPVdk2/XewkPkzczeCIUZzYPEDfaFun9cLDxw6BYEpJzPnpB+02ziCNtpkIH -CtOTk9ymBSxu68jX3/B3U8W8EUn237o6CPhMlitfRolhrHmrbzmTVxID35wzMo5D -Hz3KFT0qnTVxqz1YFmVWyrkS0mi72gpe8SW0GpAxtt8Jf/llBWf+ZW2NzbSwjgAL -p3f7zLzFNde5YqHxJqXNdfxJkKormCe2Qi8yWMopYQKBgQDxjPIpM+PtTxxfUi3a -RegSHnJ0SzplNXnd1UkxE5eESABBNeQKF++RFVPr8AcSkxfaVj3azhOsOI3lv3fc -QV2mUGO3PeUHMrHSDVZIHvUFp90JxPjkdb+6jiv2//ztlaAgTmGPh7gODsHHOBzh -R7N7yPa9ZMC1PTenHGjp6/WtEQKBgQDBY5GxK5zXYvMpMnvK+WJDei74VMjzjSSD -LS5uY7LIyMLk8vovXdZ3LvFmQswxF4JeU41u7WzRfamR4kVPta8peaOJ+garQsZd -iWlFN9XwfCihaYgvMLbFJez1pdyOsjNpgvbMphQ2H+WInH2iKUMdWNe8MSjRuikL -oGaNT6WQowKBgDECSOvlNFykzXvln5oGzwRGGzDPRqTcScKhkL0dXYOgXDTe60rE -+n10V1eqlrTFFXTeRKSNZV5vBxNTWs1ckdS5wNGgBEUGmx+kRxpQ9aPVIDroNRud -bG48hF0UKUxHLHsBjDfj8IshoV17XBi1RIxcBPv+Yj8jkZQdZof3sRwRAoGAEq3F -UrF9sqgSCHah0lcIELBqfP3jcvK9BhaFF5B1okMR3/8//vc3Uces9U2aX1t/8hBr -5rzz98AFctvCChLoWj8vdpI5tqz6b+pnypG8DkBPxFdnGffAj4Y8PvXIOdgocxZ9 -NAMOjLPD/c/vqowFuX3tSHYPFUK/2Cmj/h4lRbUCgYBGvBMUqA7RBp0rFlmp1GwA -/z0go+7Fq+OC2lXQqBQdKs8iAnAOs3qJdIECzGO847KlbQqylK8PWIWgSJysRgDL -Y2qmuK9WiOulCMsKvkPmwstavN0gnTohgyxtdUhQWkF9RBpYCmcfl7gp7U1KfUZF -jXRht9wfYSYdFr0aAxmLfA== +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCeFoqamRldQgFn +k+7LyLPw8vzh+BD/vaMg0zYWuXciJHaXuI41NDiRoZ6PW4xw5Hq4n40LpmSnxHzi +RWB91ojrEyTQ2UPWXQpiq5OM9tPly3uxrdH6BJ464N/Ql5/TEiM89XbGY8CIw6Do +9mMPFEQIdqu0mbLsd/vtq5VQxmDW3b8MqzcYNcBDTTWWwlU3VA01p5Bi4YSjyv8V +DqjWPbltY1WLErWphM99ifl0cG/YnRjrmbwTCymspEEsJs4K7CnMaBw7Ubj1Ossh +bRS/+yIecrT24LVkqmU2Xxx/eTWEgTG7ZPNHuy9kfeZ2DfZuio7BLcp2jKPGLaju +i4l/Xq3TAgMBAAECggEBAIyqLgZFuAX9F1bckJyPJ118OHuwyR9l0+L/TJ+Hw3OD +0mpJ829v2e3rSzTwFtTU2EWy4kO9eM62zRBg/uy5mfbhf969k9kHzJfjZ1UEw6Mz +HgsJSU8YENr/AOeQIswi1WwGVftNAyIuP91KbvYZ6DdHsJzwLf6u/GGMTT4kZkKI +gdOpSig9exIMuOdonkj9gbA5/C0YXVkSaB6jdQtbNMv6ZW20/aAJfyYJ3ygrZSlG +gwh4crGRGEYRCNJDpvcmKnqBsc1FCQ3ziK9JZ7XYSAYDMziv72u7PhujbxRQAqzv +Y0xLTnqpE2Rqn0NHtLLvfdWeSrtED7GZ/qJ2Hw835hECgYEA2N76EweoHKhnKLpK +FA5NLOaoSNL9J3+cXYe8KpEC/2eq+Vu2nvJkEdUqE1GA5epfNBAGR+GaWNYI0UW3 +08Ajv0WHwS7ZEQtS6RPTdHKch/9UWTAmNAD1dLRE0SM2LzLdLdmS9EYEQvxpo3Me +XhMZveq4+fE3uWk0x21QMP2+pw0CgYEAupxyija/g0drNo6efjWuCWIB5yt/oNsH +H9b4nzxng1XA/lWlzxnIz+wZdcummNhRxUoDhrFQdkRX42Vh2Ju64QB/NjiPocNp +VVTky+8AZsQHaSqWeLvbCW5Qgg+tasIxIIzln/r28odKy8vc+QXTV5bPJGYLfhJM +mP9EIvxtcF8CgYBDxWpgiAQA8J9MGusLWWzEm0/7cfOqZDZ5A/HJW4eUSNElG4P2 +J8kdyX9cihu9vYACxP8xd07EdB5NR3wqr+B75T6HIBy1NtSyAYAS474GwcOaG3HU +znfmAG+A64ADP+Hech96Nmceh8J7UX4r58wjjTZA5SCE0Fut9nsY1DLAAQKBgFN5 +kDMLcnfDBs6M1ZEXahaAZOGHr7vAvlsbynNQje1N+trKbTVLD20S7ACpbIiKm2lp +RlKGFrwQrk/mFfLTFrF3i3AxtO5jf0bQhthCvSc7ISWGC3FOdxis5A6J/MT4wQkS +fdUmajjrFCY9t0cduABCUb6ydwmaHfGCnnQX/sx5AoGBAJ0/222I38DMHHNXQwkl +47LjmrOXRqDZrccxxe+DMQFTcAKskRaadnF58BB46ShU/SkQbnq6Aoy7xyZkIzHQ +6Dg82yKj3HeKDm3aF9XlhPadMtYHJ4g3gwM2pDhYVr44+4n0JhwKYT1KEgE6ygww +NY8OMQsgiM3ewbg2IZ0ZYcef -----END PRIVATE KEY----- diff --git a/src/test/resources/tls/host4.crt b/src/test/resources/tls/host4.crt index 7cda6434948..f4d7914ec30 100644 Binary files a/src/test/resources/tls/host4.crt and b/src/test/resources/tls/host4.crt differ diff --git a/src/test/resources/tls/host5-cert.pem b/src/test/resources/tls/host5-cert.pem index 342d42b5eda..4d594d88320 100644 --- a/src/test/resources/tls/host5-cert.pem +++ b/src/test/resources/tls/host5-cert.pem @@ -1,22 +1,25 @@ Bag Attributes friendlyName: test-host5 - localKeyID: 54 69 6D 65 20 31 35 32 37 33 33 34 36 31 36 38 36 35 -subject=/CN=host5.com -issuer=/CN=host5.com + localKeyID: 54 69 6D 65 20 31 36 35 33 36 37 31 31 38 35 30 34 32 +subject=CN = host5.com + +issuer=CN = host5.com + -----BEGIN CERTIFICATE----- -MIICxTCCAa2gAwIBAgIJAP5VEJRGZHFRMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV -BAMMCWhvc3Q1LmNvbTAeFw0xODA1MjYxMTM2NTNaFw0yMTA1MjUxMTM2NTNaMBQx -EjAQBgNVBAMMCWhvc3Q1LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAN3AaHFBt5X7WzoJklfDmCEnHsdrIRCL3COdb8d25gdF1Q7kTrfVsWj2W8eF -WI5bcH6wEFpo25EnjoOybRvJBV+qrnaO4+83WzlnXJhQikiOS17PBbMBoPba3t/b -yahVBfb1id9mgupYfuU9s7ppQQg2O6kqbaAu0ajPmMzpGIiinrg71QCrp+ar1Qfp -O9xmjnjmxuw4FyXSvmhxkduFnU4ZDr30BEzsWWRZrZYXreod1/H7dLgn4uPqL5V4 -N2P4a91TGmdpknOd2wFgYKVnzIcHQJavNtwel7TB2EnjMgE0RddirIl11rskbZrH -zj3IxQzK27Kf9eVdmHmJ4w+F4DUCAwEAAaMaMBgwFgYDVR0RBA8wDYILKi5ob3N0 -NS5jb20wDQYJKoZIhvcNAQELBQADggEBAFlgA7j47/1hAiQu1IRSQ1duv6CeeznB -UmIoL3KyVuljo3zfnfNeuxhWm4Q6zuzMoBahkvfKF/vd7FASDxnzygOk0iovrewS -oT7BRcnF8lfV5b/pknOGEjxak2qLYAzgWBTB3SQccBwwlo85NrrNyMBmOUVYs0Jc -jAXV1R1qglsBfdn55xOzxwG1m93Mp9x+FgXaqHl/HM+DGD9otwe4ePqFM5mU08wB -Ieb1Ib3h6+zvxbUk53LTBKeyvNjzmNks4A0IPMo224mf2shqI9AiVKt0nwi2BXjh -RJFYsaqsG432h9CQE3K6JC5oe5Oef1Sz6J68BUzktP+Pv0pQy/AaAN8= +MIIC0jCCAbqgAwIBAgIUZNBuv2KqDXUXCWowEpO9nGZUVqEwDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJaG9zdDUuY29tMCAXDTIyMDUyNzE3MDYxNFoYDzIwNTIw +NTE5MTcwNjE0WjAUMRIwEAYDVQQDDAlob3N0NS5jb20wggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQC9ZNWatmL8RCGxwkAoiHuR8/e6uAbDKWWrQwYbuj1r +pKuaEaJIuzrx7H/y/Gs32Srm3HNU9yDl7TisYtz/v6LR0j2UF3M9oZm6SWWdYMb2 +rkOflTDCvCl+Ga66PgD64m6SSf0iCKon4HgsWlELrX2eKQSAlcJkqmWKo+REdOca +nO5NWZoZ+whmuztTsYV+U4S4vEHunoc/qTa/Pibsykdl4owUdy4RbAXY9aHBoBva +jLVQZLFhF5ycpul5RjW1VVvc2SWNklPHNM8yvLf9zrZhM6gcDWW6uEN4vF/XVjbr +UQWjvm31HidIVyEcfrMgB+94IynmaHIXBuaoO7sDylBHAgMBAAGjGjAYMBYGA1Ud +EQQPMA2CCyouaG9zdDUuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAWWZBVIZ4PGG7x +mWPrYEzA1sYulN7BJVLYIqlnOIORy9Xorr0V8vEhl0oMXvVoPvRhocCo5t+MLdHI +gEqdmFHuIzz/GRFsl5Q/Brp8U3ik7D1kwvVDlTRBrnR369Pi868ZpfATpwuMOxcs +rV/ShKdiMUV7yV3w4aEBIazZIBNOdsOskKS+hjdnnqimCZPlIs2qezXh415xGnMt +a5e2pFXy2UZ/3I0BKwUXdE7pM3i3yR8Mxnigk8GXrB0rmjT4zfKz4JrQ6BLpopj9 +lKVbRS2+X+UTBUJvDBnRTuSXZS/2apVcYRasxlPtRffwRGFA0cmm1WriyPjOtr7c +Y94/BQXx -----END CERTIFICATE----- diff --git a/src/test/resources/tls/host5-key.pem b/src/test/resources/tls/host5-key.pem index 86884271651..f5571b49363 100644 --- a/src/test/resources/tls/host5-key.pem +++ b/src/test/resources/tls/host5-key.pem @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDdwGhxQbeV+1s6 -CZJXw5ghJx7HayEQi9wjnW/HduYHRdUO5E631bFo9lvHhViOW3B+sBBaaNuRJ46D -sm0byQVfqq52juPvN1s5Z1yYUIpIjktezwWzAaD22t7f28moVQX29YnfZoLqWH7l -PbO6aUEINjupKm2gLtGoz5jM6RiIop64O9UAq6fmq9UH6TvcZo545sbsOBcl0r5o -cZHbhZ1OGQ699ARM7FlkWa2WF63qHdfx+3S4J+Lj6i+VeDdj+GvdUxpnaZJzndsB -YGClZ8yHB0CWrzbcHpe0wdhJ4zIBNEXXYqyJdda7JG2ax849yMUMytuyn/XlXZh5 -ieMPheA1AgMBAAECggEBAIS8UIhCux6m18OUySmJpf1qSk06Pg+GeF5FNgyiiiye -S1tfpBL8cfaPSP7UPd7wsxTSVOeZTpzDndYNLqxsFrBeHZJQE/Y0H4Hr8gwmYa/u -pQT6TMIK3owFFVXQXRRK2IgsD7xOw1x9Xm/gED4sFMZSmEG5aOdyPwOaSC+X85yN -BY9HoYKkPKR51nWm8604AFjWL30YWsxkyqipEMJXiY9owjYL/Eidb+jt/aa0I9xl -gI1KG845uX5mNOHkghqDO9vnMLx+S7aLuha1zGYQsJV6i1wNwtBWtv+u7hpGVsDP -o5pBk2k+Ny1YLKMSYoXWh5tdEbsoZbwDGwPuW9R8ooECgYEA+J7tgeNM/iedJ3Eu -trR/axbcZ3sHQCPayC5jOE+AWUXRKmzYDHB46Dv8nlfjZJX0p5TKpGIiU+WCfi+K -4Krdxl4rrxe5w8xmx/g8GkCJDoNOXpUuhUCqhoY7MuZCnBc9X3EBxXo+fOTDOjsG -d0D6w/OSCu2oirFSId5wLG3zqRUCgYEA5FVShaljfy/g5MLXGCrp0rmvUq0G1zLW -Gw/XsZBnaghHW/Y62kNF5ShZ4lxSdT5oeEQ3/daQKwZDmNWesKXy3pBUW6vI8XZ2 -83y6JTsav8aAwxvhD5dHq4U9tXD2jlzUKRnDwDTC8PU3331w3dC3VlvM04I9T4Ss -AQLP8o704qECgYAoGSnhSxG95BG6rMyF9zKdyQAfSH5w39eHdcPW7yuaOmJz3z4x -M2qsuhASUcaBEJZ2+M5+GL3Enj2fsHdLqQM/3Sxafw8c/ziMhALdkQ8J4i+fnZv1 -LerS649ctDqGBlGFtSo9+WtepV6/Y4m1biuDsyMY1B/czqCaic+5uroTyQKBgBev -OgYfUfDJeJyCEWmyWdq/5A3BYOpFnavk8sy6W9/FyBEj82rce42Pp/Mw/GSo+pEv -ElfEP+QWnEBoODO+ovivI/D2WruhPCl5kJ14CghGgOi8JZZGbOq/wWzmsMyHmIJC -5+kyD96KsSb/jguUMNBGaXKvGcj7zBO2xPc2GPTBAoGANYUEdN+m4BB/oCw9eXzP -j/mXTw79Dx3aTpBP5ibJ4xq2Shzc0L6Rw+2wpfgVcCBsSqXLctH9b4Dsl7iw6s/G -32MT+E1IiIZUpcxd6l17eKVpOeH8/mEa4qehORcxougSg/bHWHWlK+c2r0hbs4Ag -eVngVt3kWHnxkyLbQXQkGvk= +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC9ZNWatmL8RCGx +wkAoiHuR8/e6uAbDKWWrQwYbuj1rpKuaEaJIuzrx7H/y/Gs32Srm3HNU9yDl7Tis +Ytz/v6LR0j2UF3M9oZm6SWWdYMb2rkOflTDCvCl+Ga66PgD64m6SSf0iCKon4Hgs +WlELrX2eKQSAlcJkqmWKo+REdOcanO5NWZoZ+whmuztTsYV+U4S4vEHunoc/qTa/ +Pibsykdl4owUdy4RbAXY9aHBoBvajLVQZLFhF5ycpul5RjW1VVvc2SWNklPHNM8y +vLf9zrZhM6gcDWW6uEN4vF/XVjbrUQWjvm31HidIVyEcfrMgB+94IynmaHIXBuao +O7sDylBHAgMBAAECggEBAJItvKxP73CTyYngyxI93VpWejNUjGufjQg1kAZgpb1q +eMROrfoDAMju6AaMititNm6/YgkHQQ4WHXL4T2jZ6XqXEc42l0zPaM6ejd59brPA +5xLJ3LvA7SmV+wVmi+0YTY19q/HTzDlBCJ/7CajAvD8Rm5b/f+2gkwUB4FJyBFnF +xnNHN2IK3cVk6DusS/F4ug2TAYj8+Z92+EpMhH4+KEEoUCd15NgR1o147PfJ68DO +w5Xz17OuIVx+P21jKDoG3a0FQAG8vT/tlZzeBEUQHOkiFTyNDN7M4SDUTg3rYU05 +BF9sPTJQCU4bKS0ynkuod4tN8s2XLRztCXSIscwjwDECgYEA9CxAe/ZVYGJZsHvV +fsn0Jjwr36R0DHx+JVZAVJXmqPikmrXIR4niDQmy1Fudimrg3wt50Re4Cq0pim3S +Dn1mrAEw3njh+9scM40nJvQ+qgaiDFh5GwDmyl6IFTcBsJpLyMOnJfka5gdAONyl +uzxx9n7BpfZyNMrbR4UVlalOex8CgYEAxpFSecMXoCvX2t/vI2/eYIO3AkSBUrE6 +pZ/4UPtT1rVZGoWbZiMtFFHP0cr45hztMAMY30RHGuNE+NW5KrMTbRlfFJerJAx+ +CuulODD4ffTg3JZES7fzt1BCLKTTwwpNOOfCo1kAjJiyqaxsBeGZGrJY8lMtd2mQ +WTtmh7bwrdkCgYBIt/0kbgKTR/cqJlc5AXBjCryOSG3/Yfw3pm5WQqaFYDe1k7no +BFp8Q40szXQnyxjZlJNdAFFhbJzYi0hp5FL1mw0w1JOI7IKDn+AvK8KV5I/SWW8H +6cbSMkEZAF7Sd8FmM07Oclfedf5ccOoyzxepr6qAgNsWeevAaxQ4lEm5RQKBgE2q +1dmuh3Us8Pc5k+4GebLCkjie1v6jN89ErPnv9DENKdcH32qp454JCgKDI6vOMLAQ +5g+eQzmvH3E9F3ouJTENNXV2hYhKIpre5Pb/oJKTz8g4NmpvfzJ6gAe6SOIHC4Fw +lV8TFvXnXCqluHLsdNhOXiAajLQiZEWiyE3ZLnaxAoGBAMiJfWM/a4GXTq+4KiAx +/VAI2L3M5gMMXEujKIOqTuZOnfMC8CgXCez/K+NMVdipkRz/DbAUCzvjbeY5uSRf +mSSdeB9Z6K7p/4TOC1YLYRQKrOo41YzI7/+IOPdLWMwjZY+/9SonayzIKTksdzfA +JgM3IfJ1wNV8t2GOXeKzRwhC -----END PRIVATE KEY----- diff --git a/src/test/resources/tls/host5.crt b/src/test/resources/tls/host5.crt index dc6b5fbc302..5181b362944 100644 Binary files a/src/test/resources/tls/host5.crt and b/src/test/resources/tls/host5.crt differ diff --git a/src/test/resources/tls/host5.p12 b/src/test/resources/tls/host5.p12 index 954b239774e..f7cc0f85676 100644 Binary files a/src/test/resources/tls/host5.p12 and b/src/test/resources/tls/host5.p12 differ diff --git a/src/test/resources/tls/host5.pem b/src/test/resources/tls/host5.pem index 2dedc219cc3..3e3c489b140 100644 --- a/src/test/resources/tls/host5.pem +++ b/src/test/resources/tls/host5.pem @@ -1,17 +1,18 @@ -----BEGIN CERTIFICATE----- -MIICxTCCAa2gAwIBAgIJAP5VEJRGZHFRMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV -BAMMCWhvc3Q1LmNvbTAeFw0xODA1MjYxMTM2NTNaFw0yMTA1MjUxMTM2NTNaMBQx -EjAQBgNVBAMMCWhvc3Q1LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAN3AaHFBt5X7WzoJklfDmCEnHsdrIRCL3COdb8d25gdF1Q7kTrfVsWj2W8eF -WI5bcH6wEFpo25EnjoOybRvJBV+qrnaO4+83WzlnXJhQikiOS17PBbMBoPba3t/b -yahVBfb1id9mgupYfuU9s7ppQQg2O6kqbaAu0ajPmMzpGIiinrg71QCrp+ar1Qfp -O9xmjnjmxuw4FyXSvmhxkduFnU4ZDr30BEzsWWRZrZYXreod1/H7dLgn4uPqL5V4 -N2P4a91TGmdpknOd2wFgYKVnzIcHQJavNtwel7TB2EnjMgE0RddirIl11rskbZrH -zj3IxQzK27Kf9eVdmHmJ4w+F4DUCAwEAAaMaMBgwFgYDVR0RBA8wDYILKi5ob3N0 -NS5jb20wDQYJKoZIhvcNAQELBQADggEBAFlgA7j47/1hAiQu1IRSQ1duv6CeeznB -UmIoL3KyVuljo3zfnfNeuxhWm4Q6zuzMoBahkvfKF/vd7FASDxnzygOk0iovrewS -oT7BRcnF8lfV5b/pknOGEjxak2qLYAzgWBTB3SQccBwwlo85NrrNyMBmOUVYs0Jc -jAXV1R1qglsBfdn55xOzxwG1m93Mp9x+FgXaqHl/HM+DGD9otwe4ePqFM5mU08wB -Ieb1Ib3h6+zvxbUk53LTBKeyvNjzmNks4A0IPMo224mf2shqI9AiVKt0nwi2BXjh -RJFYsaqsG432h9CQE3K6JC5oe5Oef1Sz6J68BUzktP+Pv0pQy/AaAN8= +MIIC0jCCAbqgAwIBAgIUZNBuv2KqDXUXCWowEpO9nGZUVqEwDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJaG9zdDUuY29tMCAXDTIyMDUyNzE3MDYxNFoYDzIwNTIw +NTE5MTcwNjE0WjAUMRIwEAYDVQQDDAlob3N0NS5jb20wggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQC9ZNWatmL8RCGxwkAoiHuR8/e6uAbDKWWrQwYbuj1r +pKuaEaJIuzrx7H/y/Gs32Srm3HNU9yDl7TisYtz/v6LR0j2UF3M9oZm6SWWdYMb2 +rkOflTDCvCl+Ga66PgD64m6SSf0iCKon4HgsWlELrX2eKQSAlcJkqmWKo+REdOca +nO5NWZoZ+whmuztTsYV+U4S4vEHunoc/qTa/Pibsykdl4owUdy4RbAXY9aHBoBva +jLVQZLFhF5ycpul5RjW1VVvc2SWNklPHNM8yvLf9zrZhM6gcDWW6uEN4vF/XVjbr +UQWjvm31HidIVyEcfrMgB+94IynmaHIXBuaoO7sDylBHAgMBAAGjGjAYMBYGA1Ud +EQQPMA2CCyouaG9zdDUuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAWWZBVIZ4PGG7x +mWPrYEzA1sYulN7BJVLYIqlnOIORy9Xorr0V8vEhl0oMXvVoPvRhocCo5t+MLdHI +gEqdmFHuIzz/GRFsl5Q/Brp8U3ik7D1kwvVDlTRBrnR369Pi868ZpfATpwuMOxcs +rV/ShKdiMUV7yV3w4aEBIazZIBNOdsOskKS+hjdnnqimCZPlIs2qezXh415xGnMt +a5e2pFXy2UZ/3I0BKwUXdE7pM3i3yR8Mxnigk8GXrB0rmjT4zfKz4JrQ6BLpopj9 +lKVbRS2+X+UTBUJvDBnRTuSXZS/2apVcYRasxlPtRffwRGFA0cmm1WriyPjOtr7c +Y94/BQXx -----END CERTIFICATE----- diff --git a/src/test/resources/tls/int-ca/01.pem b/src/test/resources/tls/int-ca/01.pem index 4447abe47d7..c9eb622f806 100644 --- a/src/test/resources/tls/int-ca/01.pem +++ b/src/test/resources/tls/int-ca/01.pem @@ -2,65 +2,65 @@ Certificate: Data: Version: 1 (0x0) Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: CN=Intermediate CA Validity - Not Before: May 26 11:36:51 2018 GMT - Not After : May 23 11:36:51 2028 GMT + Not Before: May 27 17:06:07 2022 GMT + Not After : May 19 17:06:07 2052 GMT Subject: CN=localhost Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: - 00:a7:14:34:bc:ee:03:63:09:64:7e:d2:8f:2e:77: - 1a:54:b1:9c:84:30:be:98:00:5b:1c:25:6c:a0:c9: - 1f:7d:01:19:dc:7c:e6:33:66:26:02:d9:50:3c:9d: - ca:a4:23:e5:14:4d:00:47:7c:8d:49:f8:46:4b:00: - 17:e9:93:2e:ad:2a:57:23:42:b4:eb:e5:a8:5d:63: - bf:cc:05:f5:62:fa:56:3a:29:30:88:18:af:e5:ad: - 6a:6a:4e:79:e7:30:9c:a1:0b:f9:33:64:ef:ab:c9: - 2b:0a:ae:88:bb:a3:0c:13:c1:38:c0:02:b3:62:e9: - d8:03:80:f2:b0:a7:05:8f:e9:59:a6:62:8b:d2:e8: - b9:0e:e6:e6:f8:ac:58:b0:0d:33:69:f3:ef:7b:71: - 52:30:6b:78:f4:53:30:58:90:83:f3:7d:79:6f:dd: - a2:6b:ab:93:ab:99:93:3c:ea:a5:7c:d3:86:1c:33: - 9e:bd:83:aa:fb:b0:38:3c:bf:cf:7a:e9:38:9c:84: - 09:9f:7d:a7:62:2c:01:72:5d:8c:ee:be:63:44:50: - 0e:45:6a:e2:19:e7:02:98:c1:29:c4:1b:43:d9:ea: - 7d:46:46:d5:fa:68:60:f9:ce:bf:37:64:e2:72:c8: - ca:a9:4c:e5:38:45:87:04:c5:c8:cc:94:09:42:0f: - 8e:7b + 00:dc:f4:80:a5:a5:59:e2:dd:b5:0f:d9:b9:ac:f7: + 6f:3d:22:c1:dc:05:78:3b:ff:f6:bb:8e:70:15:13: + b1:04:40:8c:0c:98:10:86:f5:08:72:54:92:b5:94: + d4:1d:c9:64:33:53:dc:b2:61:a3:c8:dd:94:07:f8: + 95:6e:f0:a6:16:c2:e5:5f:5b:aa:20:2d:a8:42:ff: + ba:84:e2:71:1e:e5:1b:5a:26:bb:28:db:7d:39:b5: + 71:ea:a7:ac:11:52:89:5f:b0:54:d5:25:0c:2f:c9: + 38:81:1e:0f:71:7d:d7:ed:b6:33:16:d4:85:40:3f: + 64:62:50:05:d1:3f:23:9e:15:4b:78:13:f8:ec:61: + e5:e9:43:0f:e8:83:d0:18:b8:b5:3f:04:d2:e7:7f: + d4:fd:47:e0:9e:6f:cd:9d:fc:c7:8c:51:44:1a:1f: + 3d:2d:9d:4f:67:67:35:d9:3e:a7:da:e8:dc:53:d8: + c7:4c:8c:dd:6c:1a:e8:da:38:dd:34:9d:94:bc:b2: + be:bc:c1:f5:84:9c:f4:7f:30:c7:c0:e6:30:34:17: + d2:b8:97:a1:d3:cc:ec:1c:29:ec:8b:3c:b6:9c:f1: + f5:6e:3a:b4:51:20:84:85:46:19:c5:54:26:b7:cc: + f7:18:b3:9c:6d:55:2f:79:30:01:74:5a:d0:15:d7: + 72:e7 Exponent: 65537 (0x10001) Signature Algorithm: sha256WithRSAEncryption - 76:ae:5e:28:23:e5:cc:b7:bc:ca:27:18:51:2b:97:14:4d:4d: - b3:79:00:4d:01:51:4b:0d:68:82:f8:cc:87:17:9a:bc:de:d7: - 05:e2:2a:4a:20:48:17:70:27:9c:16:45:b5:15:77:83:ef:d8: - 86:a9:bd:9f:80:ae:6f:e1:26:bf:ae:ea:50:6d:05:82:7a:30: - 8c:e7:3d:88:9c:fd:db:ee:78:71:7f:25:5d:ff:26:68:4d:55: - 48:fd:44:64:c5:62:52:52:2b:1f:09:3e:60:45:5e:f4:84:9a: - c8:6f:5c:76:57:64:15:b7:fc:71:35:2c:20:da:0e:8f:0a:e0: - b6:21:44:21:c4:95:f3:42:ff:88:3a:de:db:7b:b0:95:9d:e7: - 27:59:ad:67:d7:54:61:14:29:fc:ef:0c:f0:5d:7d:44:a3:99: - fe:7a:8a:45:a8:9c:01:b1:41:6c:08:55:b5:28:e9:d1:ef:d1: - e5:18:05:20:be:15:f0:f9:31:b6:75:f1:ad:2c:76:18:3e:06: - f3:a7:4b:93:13:54:cb:e7:1c:3e:94:7d:70:0a:5c:29:73:b1: - 3e:b3:e3:44:c8:ea:94:01:bb:e8:e9:99:f5:26:6f:88:f5:00: - 09:36:48:4e:84:72:1c:6b:76:86:78:ac:83:34:d1:57:c9:9b: - 22:10:63:d1 + a3:0f:ab:40:c3:7d:c5:ae:51:17:ef:79:2a:67:57:e3:30:b3: + 5c:b9:1d:32:16:99:e7:fc:de:64:03:ce:b5:b5:98:2a:84:b6: + 22:ee:ee:c7:92:22:ad:cb:d6:c3:d5:76:f0:c6:0d:1c:27:28: + 72:5f:8a:73:86:4e:9b:0c:a4:3b:bc:40:34:9a:f4:64:21:7b: + 4a:a6:6f:fe:64:25:ba:3d:2c:70:27:cc:ef:73:67:8a:b9:d1: + 2e:ba:42:46:4e:be:44:f7:4c:fa:66:d1:ed:d1:c2:c1:5c:78: + 30:3d:6e:08:da:3a:cd:85:2c:7e:43:14:66:f1:a2:3d:63:42: + 7f:88:21:ae:db:01:b5:8f:a0:04:bd:9d:0e:e5:de:d3:41:5e: + a4:36:ec:6f:e6:a8:1d:1d:78:9b:86:eb:90:aa:c4:fd:18:dd: + 43:49:d1:b6:b7:86:86:c0:8e:f1:7e:af:16:94:29:7a:36:e2: + c5:4c:ea:58:83:c1:5f:93:24:48:3e:fb:37:55:7d:2a:8f:78: + 7c:4c:ee:71:7f:24:19:fd:1a:97:54:20:00:25:9e:d2:68:77: + 5c:c8:33:02:ed:3b:4f:7d:48:3e:94:72:08:ac:a6:92:f0:0c: + d3:54:0b:52:63:33:2e:8b:06:05:3a:90:cc:b8:b3:c7:73:c2: + 74:1e:9e:e4 -----BEGIN CERTIFICATE----- -MIICojCCAYoCAQEwDQYJKoZIhvcNAQELBQAwGjEYMBYGA1UEAwwPSW50ZXJtZWRp -YXRlIENBMB4XDTE4MDUyNjExMzY1MVoXDTI4MDUyMzExMzY1MVowFDESMBAGA1UE -AxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxQ0 -vO4DYwlkftKPLncaVLGchDC+mABbHCVsoMkffQEZ3HzmM2YmAtlQPJ3KpCPlFE0A -R3yNSfhGSwAX6ZMurSpXI0K06+WoXWO/zAX1YvpWOikwiBiv5a1qak555zCcoQv5 -M2Tvq8krCq6Iu6MME8E4wAKzYunYA4DysKcFj+lZpmKL0ui5Dubm+KxYsA0zafPv -e3FSMGt49FMwWJCD8315b92ia6uTq5mTPOqlfNOGHDOevYOq+7A4PL/Peuk4nIQJ -n32nYiwBcl2M7r5jRFAORWriGecCmMEpxBtD2ep9RkbV+mhg+c6/N2TicsjKqUzl -OEWHBMXIzJQJQg+OewIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQB2rl4oI+XMt7zK -JxhRK5cUTU2zeQBNAVFLDWiC+MyHF5q83tcF4ipKIEgXcCecFkW1FXeD79iGqb2f -gK5v4Sa/rupQbQWCejCM5z2InP3b7nhxfyVd/yZoTVVI/URkxWJSUisfCT5gRV70 -hJrIb1x2V2QVt/xxNSwg2g6PCuC2IUQhxJXzQv+IOt7be7CVnecnWa1n11RhFCn8 -7wzwXX1Eo5n+eopFqJwBsUFsCFW1KOnR79HlGAUgvhXw+TG2dfGtLHYYPgbzp0uT -E1TL5xw+lH1wClwpc7E+s+NEyOqUAbvo6Zn1Jm+I9QAJNkhOhHIca3aGeKyDNNFX -yZsiEGPR +MIICpDCCAYwCAQEwDQYJKoZIhvcNAQELBQAwGjEYMBYGA1UEAwwPSW50ZXJtZWRp +YXRlIENBMCAXDTIyMDUyNzE3MDYwN1oYDzIwNTIwNTE5MTcwNjA3WjAUMRIwEAYD +VQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc +9IClpVni3bUP2bms9289IsHcBXg7//a7jnAVE7EEQIwMmBCG9QhyVJK1lNQdyWQz +U9yyYaPI3ZQH+JVu8KYWwuVfW6ogLahC/7qE4nEe5RtaJrso2305tXHqp6wRUolf +sFTVJQwvyTiBHg9xfdfttjMW1IVAP2RiUAXRPyOeFUt4E/jsYeXpQw/og9AYuLU/ +BNLnf9T9R+Ceb82d/MeMUUQaHz0tnU9nZzXZPqfa6NxT2MdMjN1sGujaON00nZS8 +sr68wfWEnPR/MMfA5jA0F9K4l6HTzOwcKeyLPLac8fVuOrRRIISFRhnFVCa3zPcY +s5xtVS95MAF0WtAV13LnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKMPq0DDfcWu +URfveSpnV+Mws1y5HTIWmef83mQDzrW1mCqEtiLu7seSIq3L1sPVdvDGDRwnKHJf +inOGTpsMpDu8QDSa9GQhe0qmb/5kJbo9LHAnzO9zZ4q50S66QkZOvkT3TPpm0e3R +wsFceDA9bgjaOs2FLH5DFGbxoj1jQn+IIa7bAbWPoAS9nQ7l3tNBXqQ27G/mqB0d +eJuG65CqxP0Y3UNJ0ba3hobAjvF+rxaUKXo24sVM6liDwV+TJEg++zdVfSqPeHxM +7nF/JBn9GpdUIAAlntJod1zIMwLtO099SD6UcgisppLwDNNUC1JjMy6LBgU6kMy4 +s8dzwnQenuQ= -----END CERTIFICATE----- diff --git a/src/test/resources/tls/int-ca/02.pem b/src/test/resources/tls/int-ca/02.pem index a87dc1fc093..adeedac6519 100644 --- a/src/test/resources/tls/int-ca/02.pem +++ b/src/test/resources/tls/int-ca/02.pem @@ -2,64 +2,64 @@ Certificate: Data: Version: 1 (0x0) Serial Number: 2 (0x2) - Signature Algorithm: sha256WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: CN=Other CA Validity - Not Before: May 26 11:36:52 2018 GMT - Not After : May 23 11:36:52 2028 GMT + Not Before: May 27 17:06:11 2022 GMT + Not After : May 19 17:06:11 2052 GMT Subject: CN=client Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: - 00:d5:98:27:9c:2d:d5:19:53:dd:7b:87:07:95:cf: - 82:6a:bd:9f:6f:64:48:b5:ac:7f:81:1b:df:07:61: - f4:51:fe:1d:d0:6a:86:f1:3c:89:99:bb:78:73:28: - 76:7e:30:f6:e6:f7:81:ee:9c:b3:c0:54:0f:72:66: - 1b:d9:31:3a:0d:7c:eb:83:e1:35:0f:04:f9:68:06: - e3:73:c0:17:d9:93:63:b8:09:a5:de:1b:86:a2:95: - 55:94:7e:6e:6d:fe:5f:91:0f:fe:79:cd:82:ae:87: - 0d:7f:56:5f:65:70:ea:f2:17:65:c0:98:f4:36:17: - 58:30:10:a2:bb:c2:dd:40:93:cc:f0:f3:fc:9e:62: - 00:6f:d7:f1:7e:89:b0:8c:bd:1e:85:56:3f:40:04: - 11:1f:4c:cf:a8:3a:ce:28:cb:9d:68:b5:4b:f4:87: - ad:c6:a9:88:17:30:9c:8b:5f:ba:be:00:65:9d:0b: - 7b:2b:c3:02:d0:44:eb:64:ce:2e:f2:d3:48:3f:62: - bc:97:52:82:2a:75:71:08:ec:2a:cd:2f:7e:6b:65: - 77:19:e4:b7:c6:47:01:57:f5:eb:d7:d7:53:e9:4f: - 73:92:85:89:6c:24:17:05:13:d2:8c:6a:d4:68:21: - 67:7a:c5:42:a5:c5:39:34:c8:b8:e8:39:41:36:b6: - c3:09 + 00:c8:55:7f:c3:b3:d4:64:6d:f9:68:ee:fa:4d:16: + 92:b5:55:7f:d9:e8:2d:a6:51:8c:b9:ed:fd:6a:f0: + 4f:67:73:ae:bd:40:64:de:74:c1:c2:7c:bc:96:6d: + 3f:8d:49:a6:cc:1c:8b:f5:30:15:e7:3e:a3:9e:36: + c9:4d:92:2c:c4:f1:02:a6:ee:3d:5b:98:e7:95:af: + 00:f4:d1:ce:8e:52:74:84:1a:3a:a1:dd:4b:06:e4: + 81:a8:08:90:53:92:0f:bf:79:c6:a9:1e:7c:56:75: + 9b:f4:7b:68:dc:1c:4d:4c:45:19:61:42:0e:16:2d: + f7:c1:91:76:cb:71:1a:23:61:55:83:b8:26:cb:65: + 2d:8f:fd:78:36:71:f4:c5:5f:4f:9c:52:84:73:67: + ad:ee:dd:40:c5:b4:c7:81:17:45:1f:eb:d3:82:89: + 80:5a:fa:aa:57:0b:cf:0f:91:12:3f:56:cf:75:e5: + 87:c3:10:26:a3:de:d0:99:ca:0d:df:28:df:3e:b7: + ae:43:9a:05:e1:15:09:7e:05:80:07:2f:8a:b0:e4: + 28:28:3e:d6:0f:22:2e:f5:c1:0f:9b:4d:9f:71:75: + 26:14:3e:37:1f:01:f0:78:b4:d5:ff:09:51:93:06: + 39:73:88:2f:aa:a7:f7:e0:ad:e1:97:af:2a:8f:33: + 05:5d Exponent: 65537 (0x10001) Signature Algorithm: sha256WithRSAEncryption - 5c:6c:7b:f5:fe:12:5b:37:3d:63:13:1e:b0:b9:2d:77:c5:4c: - 22:f7:1e:ad:bf:7d:f9:f3:f6:05:f3:a7:ae:3b:ea:fa:02:82: - 94:fc:8a:63:8e:9e:ff:ec:bd:eb:10:3d:bd:b1:7e:5d:03:58: - c8:78:0f:58:d9:53:6b:c9:20:8a:9a:65:f9:26:f4:ad:1e:31: - 3e:a5:cc:57:01:f7:ad:35:b5:c8:a4:5e:dc:df:ef:12:9b:65: - 71:a8:c3:73:f2:50:35:6d:ad:80:a6:82:40:3d:51:3f:bc:04: - c7:77:bf:4a:ef:22:7b:82:af:51:75:bb:d0:c2:bd:47:0d:e1: - f3:14:3c:ba:05:37:68:bd:56:c9:ea:8b:15:9d:05:5e:f9:7e: - 71:02:03:81:c0:ed:78:d8:5e:96:ec:23:9b:b0:21:0b:6b:af: - e9:23:c4:88:73:a5:f9:07:64:ba:b3:0e:af:7b:ef:46:5a:f9: - 60:64:a7:17:e4:ab:86:f5:11:09:82:36:a2:5f:48:8e:64:a6: - 48:6f:24:76:d7:93:03:2b:37:6a:54:ad:62:99:d3:19:ad:fc: - 44:65:35:a4:42:58:46:d1:4b:a5:9c:63:69:32:37:fe:93:9e: - f2:fb:86:33:ce:a4:86:9f:99:d3:c1:d0:8c:e9:eb:9a:cc:fb: - 4a:58:98:f4 + 9c:f6:84:47:0a:f5:a2:a2:02:29:bf:ab:19:c6:cd:e5:5b:9a: + 16:c1:05:ab:f4:e8:e1:3d:49:76:7e:ca:dc:1b:b2:73:9e:a9: + 69:1e:4a:ec:c0:4d:6f:dd:01:5e:4a:11:89:8c:51:ea:eb:60: + 53:97:76:ed:3d:5c:82:68:23:73:bb:b7:e3:5f:f1:97:db:d7: + c2:1a:e0:2c:fe:12:00:3d:db:45:15:0b:aa:7a:5d:43:f8:a6: + 8a:a5:e8:6e:8f:1e:2a:8b:b4:b6:1a:b1:d7:31:4a:05:68:98: + 6b:18:84:c7:c0:55:1d:66:cf:6b:bf:89:fc:87:b2:a0:e1:e6: + 9b:d0:82:33:34:ad:76:07:3a:ff:a1:8b:23:f2:6b:ee:a0:d4: + c9:c5:72:f2:42:56:f2:ef:8f:ac:71:3d:35:3c:1f:f2:ce:c1: + 68:ae:5a:4e:02:67:4e:f6:df:9a:93:e0:71:39:9d:47:c8:13: + ed:86:9b:35:80:ad:8f:5a:cc:6f:d3:dc:68:8e:e3:82:e2:1c: + c9:f5:4d:b0:90:4f:76:b6:f2:64:61:36:41:1f:e6:4b:b3:65: + 17:4b:00:8c:d9:08:24:41:c2:3a:7d:18:5b:44:97:f9:f1:18: + 32:5f:1d:39:bb:ea:36:ad:9f:57:31:78:cd:a8:4f:a7:25:0e: + 3c:94:8c:10 -----BEGIN CERTIFICATE----- -MIICmDCCAYACAQIwDQYJKoZIhvcNAQELBQAwEzERMA8GA1UEAwwIT3RoZXIgQ0Ew -HhcNMTgwNTI2MTEzNjUyWhcNMjgwNTIzMTEzNjUyWjARMQ8wDQYDVQQDEwZjbGll -bnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVmCecLdUZU917hweV -z4JqvZ9vZEi1rH+BG98HYfRR/h3QaobxPImZu3hzKHZ+MPbm94HunLPAVA9yZhvZ -MToNfOuD4TUPBPloBuNzwBfZk2O4CaXeG4ailVWUfm5t/l+RD/55zYKuhw1/Vl9l -cOryF2XAmPQ2F1gwEKK7wt1Ak8zw8/yeYgBv1/F+ibCMvR6FVj9ABBEfTM+oOs4o -y51otUv0h63GqYgXMJyLX7q+AGWdC3srwwLQROtkzi7y00g/YryXUoIqdXEI7CrN -L35rZXcZ5LfGRwFX9evX11PpT3OShYlsJBcFE9KMatRoIWd6xUKlxTk0yLjoOUE2 -tsMJAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAFxse/X+Els3PWMTHrC5LXfFTCL3 -Hq2/ffnz9gXzp6476voCgpT8imOOnv/svesQPb2xfl0DWMh4D1jZU2vJIIqaZfkm -9K0eMT6lzFcB9601tcikXtzf7xKbZXGow3PyUDVtrYCmgkA9UT+8BMd3v0rvInuC -r1F1u9DCvUcN4fMUPLoFN2i9VsnqixWdBV75fnECA4HA7XjYXpbsI5uwIQtrr+kj -xIhzpfkHZLqzDq9770Za+WBkpxfkq4b1EQmCNqJfSI5kpkhvJHbXkwMrN2pUrWKZ -0xmt/ERlNaRCWEbRS6WcY2kyN/6TnvL7hjPOpIafmdPB0Izp65rM+0pYmPQ= +MIICmjCCAYICAQIwDQYJKoZIhvcNAQELBQAwEzERMA8GA1UEAwwIT3RoZXIgQ0Ew +IBcNMjIwNTI3MTcwNjExWhgPMjA1MjA1MTkxNzA2MTFaMBExDzANBgNVBAMTBmNs +aWVudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMhVf8Oz1GRt+Wju ++k0WkrVVf9noLaZRjLnt/WrwT2dzrr1AZN50wcJ8vJZtP41Jpswci/UwFec+o542 +yU2SLMTxAqbuPVuY55WvAPTRzo5SdIQaOqHdSwbkgagIkFOSD795xqkefFZ1m/R7 +aNwcTUxFGWFCDhYt98GRdstxGiNhVYO4JstlLY/9eDZx9MVfT5xShHNnre7dQMW0 +x4EXRR/r04KJgFr6qlcLzw+REj9Wz3Xlh8MQJqPe0JnKDd8o3z63rkOaBeEVCX4F +gAcvirDkKCg+1g8iLvXBD5tNn3F1JhQ+Nx8B8Hi01f8JUZMGOXOIL6qn9+Ct4Zev +Ko8zBV0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAnPaERwr1oqICKb+rGcbN5Vua +FsEFq/To4T1Jdn7K3Buyc56paR5K7MBNb90BXkoRiYxR6utgU5d27T1cgmgjc7u3 +41/xl9vXwhrgLP4SAD3bRRULqnpdQ/imiqXobo8eKou0thqx1zFKBWiYaxiEx8BV +HWbPa7+J/IeyoOHmm9CCMzStdgc6/6GLI/Jr7qDUycVy8kJW8u+PrHE9NTwf8s7B +aK5aTgJnTvbfmpPgcTmdR8gT7YabNYCtj1rMb9PcaI7jguIcyfVNsJBPdrbyZGE2 +QR/mS7NlF0sAjNkIJEHCOn0YW0SX+fEYMl8dObvqNq2fVzF4zahPpyUOPJSMEA== -----END CERTIFICATE----- diff --git a/src/test/resources/tls/int-ca/ca-cert-root-ca.pem b/src/test/resources/tls/int-ca/ca-cert-root-ca.pem index 1d35961869a..793474e1e3e 100644 --- a/src/test/resources/tls/int-ca/ca-cert-root-ca.pem +++ b/src/test/resources/tls/int-ca/ca-cert-root-ca.pem @@ -1,17 +1,17 @@ -----BEGIN CERTIFICATE----- -MIICtzCCAZ+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 -IENBMB4XDTE4MDUyNjExMzY1MVoXDTI4MDUyMzExMzY1MVowGjEYMBYGA1UEAwwP -SW50ZXJtZWRpYXRlIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -tmvtTrjN+A5ge3xK/U2Yni4lJJlqd6Y5fVsIPUC15EjM9WNw/1UuHoFEgCUyFAp8 -Cl+ZKCi0KvfOWD5sd9e6O/qaE6BHrVFtnAW9BD9AuGzj+Nl2Jbr5Rz9igm/h3+K1 -C5hTgTH3FFsqszyH7O32yFFhmH0AEYRlnTZe4SeylwmAi4wisbF0027oQ3ygUaJl -ObbdCN4B/WISkRYnG3UF//r0FzsaxUHN+wGgzhXLbZTh6HwFBNTnUypoG4KxTJ31 -vZjB6FGkQvWUfZXG0cR5gA24qPtwh0ASj/IqCNRAVDcuMO5qu9Kv8X/sJVha1g/W -ND6toxuV/JdDoFuPsF7JGQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3 -DQEBCwUAA4IBAQANQeNCOw+0/XyyfD/Iqov8EhDzzZuhJYvupOYO9BWasSJvyRYb -jW1a4z4trdiZtXaQtEEUeGpf/6fkzPFJ/FrIuINVjEFbEQDFJH2XWIqwWa4WwLzO -4TAB7i7ezQbq7MmiSHaLssiwJMTrP0MvhvTakvTLa4jtVT9ZOP/oZ0mkW0iUd/3Q -zinV4r6McCczUhk1nlHlupXmmUxAQiARAuaGL6VhheIwg7a0CTZeAjlRzoV6YQP+ -tIMegomWQ0zf3nWDmC2ce6v6F8lImUzQzy5z5mm4ZprdIwgPDBi8xADYWEO1aQHf -EDlsESX7Knw9cQyNcYc+trIueyeVt09E/fMO +MIICuTCCAaGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTIyMDUyNzE3MDYwN1oYDzIwNTIwNTE5MTcwNjA3WjAaMRgwFgYDVQQD +DA9JbnRlcm1lZGlhdGUgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQDGph0kX8MT0YOepxDaIG1Pjus+C2pVvWb1OYqKqTWeOw5d4kcBRVI6I6LyRu9M +At4S/Y/VLd1fO591AFkfM1LHQ0WEN8iISnWvnbjpqwH1uY2P1saG+GykZ0I5w3o1 +zncBDwfk+9VhiiqjBa1de8Rn8arI+EgOQCAb2TC13ye5qSq8nCYriqM9YLFci1nN +zvmRi4O8YqVoDgIzqRdzHnQ1weTXefjhadrVeKNBw1M6tGeK/nzMA1lRpogVVsaD +qUJ4fErpf6uHsLMwhnqKb57wZXVWx9nlzaGfc87vsw9NWbBfkvoD7DXHYDxALcfZ +9qBYFjmYHnNrZIZkpfQV8gMzAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHNWyZOGUq2poYfoG8YOOQvJAreDiBFjtPWgBg8mfPlnz6bk +9uyDHGfFcCY85jZAjwggN/mX1G6Cc5naGBhdafQlDD6bT/aAIHyCLcl1IBb2mc89 +v99pY38bwAqf58JGBMtJNLQOhAm+VJQ/2qdaAZhyut4QZoD0Rog0cJJj1jGT8UKT +q9rIWcbZ75ZXkvCI1xMu/oeKY5jolVibdEg3iRqPX360IAoQfgRID1fJqcp8eh75 +xb1hDvdD2aaf9hrQmJMRUxS65QrsjijVTK2cvn5fcwidEXCDNAFkQ2x1LRNqJCne +YiQHnSIGqyTG8lwRNoGYf70RigUvFCFp12u0s5Q= -----END CERTIFICATE----- diff --git a/src/test/resources/tls/int-ca/ca-cert.pem b/src/test/resources/tls/int-ca/ca-cert.pem index eb2c17c8018..19dc33b0003 100644 --- a/src/test/resources/tls/int-ca/ca-cert.pem +++ b/src/test/resources/tls/int-ca/ca-cert.pem @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDCjCCAfKgAwIBAgIJAJNVhvS03hAlMA0GCSqGSIb3DQEBCwUAMBoxGDAWBgNV -BAMMD0ludGVybWVkaWF0ZSBDQTAeFw0xODA1MjYxMTM2NTFaFw0xODA2MjUxMTM2 -NTFaMBoxGDAWBgNVBAMMD0ludGVybWVkaWF0ZSBDQTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBALZr7U64zfgOYHt8Sv1NmJ4uJSSZanemOX1bCD1AteRI -zPVjcP9VLh6BRIAlMhQKfApfmSgotCr3zlg+bHfXujv6mhOgR61RbZwFvQQ/QLhs -4/jZdiW6+Uc/YoJv4d/itQuYU4Ex9xRbKrM8h+zt9shRYZh9ABGEZZ02XuEnspcJ -gIuMIrGxdNNu6EN8oFGiZTm23QjeAf1iEpEWJxt1Bf/69Bc7GsVBzfsBoM4Vy22U -4eh8BQTU51MqaBuCsUyd9b2YwehRpEL1lH2VxtHEeYANuKj7cIdAEo/yKgjUQFQ3 -LjDuarvSr/F/7CVYWtYP1jQ+raMblfyXQ6Bbj7BeyRkCAwEAAaNTMFEwHQYDVR0O -BBYEFDX/t85qo2GBF3ceYszqD3N287PqMB8GA1UdIwQYMBaAFDX/t85qo2GBF3ce -YszqD3N287PqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADKj -xY6GOTAOf08xxdROVsG2OWxXx9KS29lGJiFtOK2OZuREnfVFkhEXkvi1asm99TOT -LmXMixSymin8/YSADd2rfvqfZscZQAZYXDXx9diLE3mlcXBQYNzFmajiUAgmSu6b -pqJrgyLZAkNXcIgLThS/fH8kIFKCxmKkqmLUiZavjEeTSHQWVdgk3FWX5AfOaAz5 -mVHrgqsPFXLEqoBrH7EipsklrTQw5PTAQkoW+xRq54q63hEPqX6YWyn1Xflgyxei -H9QGpqYAyJbkgrfseuSyCqN3PUrnlPdNzgrxcstGzJeKSlJG6s9EOZeH8vB1VSVO -BNNUhH/5N4NaxskFvco= +MIIDFzCCAf+gAwIBAgIUdI2QMkOeTWyWl/wbUQ01vOsG73AwDQYJKoZIhvcNAQEL +BQAwGjEYMBYGA1UEAwwPSW50ZXJtZWRpYXRlIENBMCAXDTIyMDUyNzE3MDYwN1oY +DzIwNTIwNTE5MTcwNjA3WjAaMRgwFgYDVQQDDA9JbnRlcm1lZGlhdGUgQ0EwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGph0kX8MT0YOepxDaIG1Pjus+ +C2pVvWb1OYqKqTWeOw5d4kcBRVI6I6LyRu9MAt4S/Y/VLd1fO591AFkfM1LHQ0WE +N8iISnWvnbjpqwH1uY2P1saG+GykZ0I5w3o1zncBDwfk+9VhiiqjBa1de8Rn8arI ++EgOQCAb2TC13ye5qSq8nCYriqM9YLFci1nNzvmRi4O8YqVoDgIzqRdzHnQ1weTX +efjhadrVeKNBw1M6tGeK/nzMA1lRpogVVsaDqUJ4fErpf6uHsLMwhnqKb57wZXVW +x9nlzaGfc87vsw9NWbBfkvoD7DXHYDxALcfZ9qBYFjmYHnNrZIZkpfQV8gMzAgMB +AAGjUzBRMB0GA1UdDgQWBBSYoK54HHuYPXIz5pklpY8rjJ+kpTAfBgNVHSMEGDAW +gBSYoK54HHuYPXIz5pklpY8rjJ+kpTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 +DQEBCwUAA4IBAQBHjYhtyG7R7adjFBSFqJk+eiUbtXNPscsc0vdn8e/TZcSk/i+B +vpUC4EXeTQbRtrnEMxPhQ+iXVRu77gvXlE1Knlvconfa2xEDkH9JSItL2DJUVObp +GeVdGfrmJPoNKNZwgbUaV0WBLaAJJmVFiiS95PsEhgg+k37/nHmgBCiGa4OKxpl1 +nLSngAUaoMMxMDInETCGGQxuMOyA6hLHbZFPv1zeKm6thlh1VQSD5bEqaAUAmaD0 +mN4vm5rQElLtN8cv6bj8Q+Jc0TNxFGk8MGmSwhUA2gIrPUUWvy5bw981E1k0bsLk +cNyl3wu+m6iVDLu8ylE80xqPwqbC04b4idCl -----END CERTIFICATE----- diff --git a/src/test/resources/tls/int-ca/ca-csr.pem b/src/test/resources/tls/int-ca/ca-csr.pem index 71f5c123b75..048358d7c08 100644 --- a/src/test/resources/tls/int-ca/ca-csr.pem +++ b/src/test/resources/tls/int-ca/ca-csr.pem @@ -1,15 +1,15 @@ -----BEGIN CERTIFICATE REQUEST----- MIICXzCCAUcCAQAwGjEYMBYGA1UEAwwPSW50ZXJtZWRpYXRlIENBMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmvtTrjN+A5ge3xK/U2Yni4lJJlqd6Y5 -fVsIPUC15EjM9WNw/1UuHoFEgCUyFAp8Cl+ZKCi0KvfOWD5sd9e6O/qaE6BHrVFt -nAW9BD9AuGzj+Nl2Jbr5Rz9igm/h3+K1C5hTgTH3FFsqszyH7O32yFFhmH0AEYRl -nTZe4SeylwmAi4wisbF0027oQ3ygUaJlObbdCN4B/WISkRYnG3UF//r0FzsaxUHN -+wGgzhXLbZTh6HwFBNTnUypoG4KxTJ31vZjB6FGkQvWUfZXG0cR5gA24qPtwh0AS -j/IqCNRAVDcuMO5qu9Kv8X/sJVha1g/WND6toxuV/JdDoFuPsF7JGQIDAQABoAAw -DQYJKoZIhvcNAQELBQADggEBAHrOXokKwotwEiO6dRd4TxhnWQ0jCeHEAArXjzp5 -iOc6HUFzcBgW6dkBW/CcOFwtaexlCXfzf/7V1sXC4esY7p9HppFC/0afIpr5KjlY -EXuqA6RLIZucNgEwwp6nJy/uegsN/elcLYW1CyeJRIWjbTFRfdls8u7MGaPXoMKp -axXYerMoJZSi/xuGtD/cZTBnCdhCKClSghjzYjmTridZzPuNUzXK4wTS3C5OdeOt -HBdksgms8lwCTIBfiS1QoDYam9XR3UhZ0Ime1QaQAAhmolBhJs/v2cZJ8k4QGxpr -rJmidLswW+lGVMa/3mMJkmWkjG1ONCykQ5L2amsjjDzJoTo= +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqYdJF/DE9GDnqcQ2iBtT47rPgtqVb1m +9TmKiqk1njsOXeJHAUVSOiOi8kbvTALeEv2P1S3dXzufdQBZHzNSx0NFhDfIiEp1 +r5246asB9bmNj9bGhvhspGdCOcN6Nc53AQ8H5PvVYYoqowWtXXvEZ/GqyPhIDkAg +G9kwtd8nuakqvJwmK4qjPWCxXItZzc75kYuDvGKlaA4CM6kXcx50NcHk13n44Wna +1XijQcNTOrRniv58zANZUaaIFVbGg6lCeHxK6X+rh7CzMIZ6im+e8GV1VsfZ5c2h +n3PO77MPTVmwX5L6A+w1x2A8QC3H2fagWBY5mB5za2SGZKX0FfIDMwIDAQABoAAw +DQYJKoZIhvcNAQELBQADggEBAECMKW/OFlFjhy3ZhQ2vSTPnkyJ2lLBKUFCX9rvF +PGskZPZpaYiIYXrU+LIAb8llOPtTjiNmH6KW/iuG+EOZqalw7TLc2YJwLj/bXjkH +wXZ/PbztOjOuRX5JqlFBTKGfw2yoiGkJT3svPsGD3UVFNuzOk711XSP8oXs6X5Wc +h74gGtegL8TPKbeaMaFD9PrVGb4LgWSjJk3Sspoobq0k4A3mnGTr6pcDX1JOXM25 +qj8QeC+PWxNycAWkbp7Ys1zBO53XBlHSs26A4gy7fVX8EvAMgPrK9V98OdNKB37f +HOnpQ7TvbCPy6851IgVYUA1tS9i3HgrZ6Jq3gBFv0Dw0nYE= -----END CERTIFICATE REQUEST----- diff --git a/src/test/resources/tls/int-ca/ca-key.pem b/src/test/resources/tls/int-ca/ca-key.pem index bd1ff221097..94f829ac9c2 100644 --- a/src/test/resources/tls/int-ca/ca-key.pem +++ b/src/test/resources/tls/int-ca/ca-key.pem @@ -1,30 +1,30 @@ -----BEGIN ENCRYPTED PRIVATE KEY----- -MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIX5SI9WFzPfsCAggA -MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECKPKN420XYCFBIIEyMMOW6/nhafH -vvBkvy2qb9PvWjflGIkrnDc7WejJ/AFgfCD3DMuo+ZbVNFdmRvv/wAJF7f9tr/NQ -ksXezoCGH3RpDeuohdfEZwP5O28zG3h1V9jPS5Cl4pWNbYzvzBWd5R1oB5l55C/c -YhSljR6M3AcBnJVHcyTt/SjI9sTMuweI0htMrJWyHOJr/F/MrYKctOIfsDKtK5iU -/YLchuUAUrfgCqF20KVTrLIKBS1IKCcnCu2yeiVSafAnTbzOtpiwd8RW7eS53NWB -Px318YIs9mPAJEWv+xHqceR7SuMfw2wHHSYLC7yOGS5U3Uk+eX2PqPZIVX68x9TL -6623mfaZtQCXX9D8LihOlhIj+/biXHx2R1dpRWldL/gCS40V6oKAsZJqxnAzqynj -e+ZpNAYXT8W1TftWgW+IKHU5SHCEf5+CkDGo6FCxtrQGqPnRTVIzOHbH6id6x9/R -T5HJT/bOdw8QB2q8EdLH87kQEwtTKK2z0D+Jzl+q7B8PUFQPra1pHf+I3gyM/5Z0 -ZnzMvZPq8SARCOz8D4if7J3YC3KZcPWO0b3o9ONSq07YSGW4Qzegzu242rMvZXHX -JuSfw5TC108FfWlA70/EzCNqbKEkLJwje+OpvpFTG9xkvku2CmHKjXQIhpVrZc5r -2nOS4wGqy+3l2Wq3+Qmw9NrVBt32EmqG+yPN21R1YUhGnnwKkGbi+cXr6UjAOCM5 -VtT9AbtzhRGVkZFKgq+GC4qhbzbS/dKN621qB5q2wo7YqtTgCcwFWu1ReZhxtqeK -APQCsgqfEk85cHIek6wmr+Jbqc4ntblBUhjxljAQYvDYVZLqPwHfg9Mf9yl3tsGQ -VbPvMoa/o79HH/StQp3JOh03c48iG4S+GL85kIiWVSvKoCVcOz5a1qPYlB/Hsikj -1g3DELJO2kP2E0R47jtCCFhOxWMP6ZmFbMEijwMrKpsLAC/B7F4jUUVgWKYZEw63 -R0OUK+p3A+il8DSGpzLeuCjBWEBxKE1nMiLwyptlzDYJFtQ85gmV4ao2wTIBr9BW -lDdcK3Wun9Qt5Nl7xzrT7MKHKCVwFJ2hmP0WUKeHfKnoRm8+BT0jUZbzk3SNEcCQ -UsTuJ6/N3lels3ItW4BluRTlAHqJj2Ibx8F4Bnunb9OuqGqLU7yb9GXoxkt8uoqs -vs02fgmcSfnvaJbzhK1ETAYUk1fpLd9eyEEqGxncdSr3XZjzu5r0NqQiSG8gUDkN -d9LOOkWFYrtNcJyZTRe47YdrPu17EYRws2tXFM+eNN8fbRgON9qF3g1tGvobc0QX -uPI2IK9e+7xIm6WerXTWN42WP1KGNK//h86aWc/iANErzLGY617ku9q1RxbAbStJ -3tfkXAV3Ntelq23u6nDsgRZPOtTnvMTDhHsvRTw3ZUlc+K8OnuZHGgpcyesEMxUE -bI0KR4v98r4kUZ1rVxJ7vjfpLQVvVMZHMpsHF284ocKSWxNVZl7baS8mh1I3ZFVn -RCqEe2uvh5tqvBFeTcK3M8K/imvgtHZzRX/n/tODLpDWunNSjB9kcgnJzGXAhnRN -Q8BrVb14dzaxr5Vux/TdLQ3j9i4gkJFzYSg1+P5Vd+wg9ZVCzbIjVuZv7d3t5Y+g -0KlMmOjLhsFJ4AyseYrY7Q== +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIOoXgWGJsV54CAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECB7nlD5SGLG3BIIEyJJg/OZ8uYUy +qEJD1If6XRAsBRGcaKBIky1p5wMSdQv3/4mFmxupWIdtzmu5rGIXr5Yn+hj1miIu +Q853CtnKexZ3H9eY+TGYB0Cf/MiAEUgr5whtgJho8BC1BkOb8Ha6XWIjiaGmPs3A +zpV6+Od1klaQnTiFmKx2Ch3lyAKMw8wNgD+W2k791SDOQ4HoRnKgCDIS/xrvoJ8D +MMmmeXn12uDICo+CI8nY5mPrsjgjXW9UFXiYJka1mrAdPO+kncBEUa/o7wXbBKey +G31y4wbGwhNH7fvOwqoxctkCXQFy7boCF4iVdTAw7E/pbkMGE2xvLl/OPW8Ir9ek +Tx8hEpDxrizQBjhBOzcbEhZiL9qM6zx1fh2daA5nRLI1emdc3V6ApK3A9mVcdvSV +3DBMf4AJs/yR5KTA+0oRXj35V5gooVV3axmwbPnZiHjXYOXX1lfdEBxkDZYAN2am +/TB8Gvoc5QDrLdIa5GjgesskAKGIdWSoBIU/+UaZnOz4A+OZl0GotVurPZOwbpbZ +s2VMWMEaHDxRTYRfFBf52HPD1wi8IXCa61lxY0GOwsUvcAQGTiN3zXuWq8USrIIz +qAcF2lRTjntMavOj7X9brpgL5anGSnUm2I80ZvWjSIWtxenhmLF44G4lowuwoSw7 +EfyXPECBELuE+bopKAj5L9HkmZj9bPTM+ewtHYorSCIp+6ueVDcC0/wdDPK2D23L +3d7tg2jZxx40sBKDi2PD9cw3WajrQlt8ZuMx3VGTCI6z6x5ul4RLjKCBL3D9plAI +GAUpVjNwXIrDCKYvGDC+d335Ddaj2BtMUoLwZnCgFbI0jjnlRbaFgTN5v7MJTl2n +3rKmuhCnezMihxkvElQfWLlZQI+euwPwAbgS0CexXll51O9rdyUiejX8DHfiV8gl ++0sLcdvpfNXKDTifMdqHVP+ba32suVzR1LlA4xuC1/HyHZO/dmdLY1IndGy7/Dix +QJOUiSL4TOa7olGkEryHYGqEGqRqGFLd0/FKzjnHwDUwZ2EBc++Pf3DyiQr+/j4F +IPQAg8h/ntNu7SHW7zcMo9OnYZxjeBYR7HV93gQwweEznPGX++OyV9HnReLiPW2x +nCxLFKsQWZXAG/cDWODUjgenF1FNPGD//9XgPgUoo+hpnSyc7euQBaMGdG19jKVT +gFi7n41bk6twbN+Kn0GjCyTKS2I0EPWjdbza/cbOtaP/CyVKUqNNjZpFz6G5OvUH +OFJBldUv6Z0rr+dxr0wDKM96eTk8MuU/7n3JqLvnssGnxJGlum99nBlo7FX3aS/3 +3RZ7JcrfnEDzOKKQKeAH6HhRfibCeoOev7NYvy6Lg9NCzrPkNxw9iy/F5+rXkWQa +W2Oc46zmf5dFiWDL2LvC+rxnib/Wy4XMPyY1+TWTHcYNKRiC157/s57FHWHhAvrR +Cma/JqjJQJp1tODzz1eoCdtPVohP8rwoVJHKGpXTFIwzMd37m1ProogC7ultxWru +XtRAozvvqRNIUZdE6aJlAClxnsKrUDPHcg9C5ZITd0ruMi5I1Lw5vxjdZ+MY8uPu +v4Pae23oLa4DLoANHM4CRG7RqYw7Cnm3RKSbeERr2Ss85/RXC7D3YO46fsUBAAi4 +WQeAAT43vXR+jvdYc5W+Ig== -----END ENCRYPTED PRIVATE KEY----- diff --git a/src/test/resources/tls/int-ca/index.txt b/src/test/resources/tls/int-ca/index.txt index 384f9776d1a..4c9b2f87c79 100644 --- a/src/test/resources/tls/int-ca/index.txt +++ b/src/test/resources/tls/int-ca/index.txt @@ -1,2 +1,2 @@ -V 280523113651Z 01 unknown /CN=localhost -V 280523113652Z 02 unknown /CN=client +V 20520519170607Z 01 unknown /CN=localhost +V 20520519170611Z 02 unknown /CN=client diff --git a/src/test/resources/tls/int-ca/index.txt.old b/src/test/resources/tls/int-ca/index.txt.old index 771353b9b95..b85006a6ce5 100644 --- a/src/test/resources/tls/int-ca/index.txt.old +++ b/src/test/resources/tls/int-ca/index.txt.old @@ -1 +1 @@ -V 280523113651Z 01 unknown /CN=localhost +V 20520519170607Z 01 unknown /CN=localhost diff --git a/src/test/resources/tls/localhost.crt b/src/test/resources/tls/localhost.crt index 4e4126e618c..f37db3b8de2 100644 Binary files a/src/test/resources/tls/localhost.crt and b/src/test/resources/tls/localhost.crt differ diff --git a/src/test/resources/tls/mim-server-keystore.jks b/src/test/resources/tls/mim-server-keystore.jks index 2c36900b3b5..360814ae333 100644 Binary files a/src/test/resources/tls/mim-server-keystore.jks and b/src/test/resources/tls/mim-server-keystore.jks differ diff --git a/src/test/resources/tls/multiple-alias-password.jks b/src/test/resources/tls/multiple-alias-password.jks index 5bdb25e81f3..849c1d11314 100644 Binary files a/src/test/resources/tls/multiple-alias-password.jks and b/src/test/resources/tls/multiple-alias-password.jks differ diff --git a/src/test/resources/tls/multiple.jks b/src/test/resources/tls/multiple.jks index 62913e585ca..414c251a0ac 100644 Binary files a/src/test/resources/tls/multiple.jks and b/src/test/resources/tls/multiple.jks differ diff --git a/src/test/resources/tls/openssl.cnf b/src/test/resources/tls/openssl.cnf index 22eb5e8041c..899ef5984b4 100644 --- a/src/test/resources/tls/openssl.cnf +++ b/src/test/resources/tls/openssl.cnf @@ -7,9 +7,9 @@ database = root-ca/index.txt default_md = sha256 policy = policy_match serial = root-ca/serial -default_days = 3650 +default_days = 10950 crlnumber = root-ca/crlnumber -default_crl_days = 3650 +default_crl_days = 10950 [ CA_other ] new_certs_dir = other-ca @@ -17,9 +17,9 @@ database = other-ca/index.txt default_md = sha256 policy = policy_match serial = other-ca/serial -default_days = 3650 +default_days = 10950 crlnumber = other-ca/crlnumber -default_crl_days = 3650 +default_crl_days = 10950 [ CA_int ] new_certs_dir = int-ca @@ -27,9 +27,9 @@ database = int-ca/index.txt default_md = sha256 policy = policy_match serial = int-ca/serial -default_days = 3650 +default_days = 10950 crlnumber = int-ca/crlnumber -default_crl_days = 3650 +default_crl_days = 10950 [ policy_match ] countryName = optional diff --git a/src/test/resources/tls/other-ca/01.pem b/src/test/resources/tls/other-ca/01.pem index 3359a5f67ac..05dea2c831e 100644 --- a/src/test/resources/tls/other-ca/01.pem +++ b/src/test/resources/tls/other-ca/01.pem @@ -2,68 +2,68 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: CN=Other CA Validity - Not Before: May 26 11:36:52 2018 GMT - Not After : May 23 11:36:52 2028 GMT + Not Before: May 27 17:06:10 2022 GMT + Not After : May 19 17:06:10 2052 GMT Subject: CN=localhost Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: - 00:a7:14:34:bc:ee:03:63:09:64:7e:d2:8f:2e:77: - 1a:54:b1:9c:84:30:be:98:00:5b:1c:25:6c:a0:c9: - 1f:7d:01:19:dc:7c:e6:33:66:26:02:d9:50:3c:9d: - ca:a4:23:e5:14:4d:00:47:7c:8d:49:f8:46:4b:00: - 17:e9:93:2e:ad:2a:57:23:42:b4:eb:e5:a8:5d:63: - bf:cc:05:f5:62:fa:56:3a:29:30:88:18:af:e5:ad: - 6a:6a:4e:79:e7:30:9c:a1:0b:f9:33:64:ef:ab:c9: - 2b:0a:ae:88:bb:a3:0c:13:c1:38:c0:02:b3:62:e9: - d8:03:80:f2:b0:a7:05:8f:e9:59:a6:62:8b:d2:e8: - b9:0e:e6:e6:f8:ac:58:b0:0d:33:69:f3:ef:7b:71: - 52:30:6b:78:f4:53:30:58:90:83:f3:7d:79:6f:dd: - a2:6b:ab:93:ab:99:93:3c:ea:a5:7c:d3:86:1c:33: - 9e:bd:83:aa:fb:b0:38:3c:bf:cf:7a:e9:38:9c:84: - 09:9f:7d:a7:62:2c:01:72:5d:8c:ee:be:63:44:50: - 0e:45:6a:e2:19:e7:02:98:c1:29:c4:1b:43:d9:ea: - 7d:46:46:d5:fa:68:60:f9:ce:bf:37:64:e2:72:c8: - ca:a9:4c:e5:38:45:87:04:c5:c8:cc:94:09:42:0f: - 8e:7b + 00:dc:f4:80:a5:a5:59:e2:dd:b5:0f:d9:b9:ac:f7: + 6f:3d:22:c1:dc:05:78:3b:ff:f6:bb:8e:70:15:13: + b1:04:40:8c:0c:98:10:86:f5:08:72:54:92:b5:94: + d4:1d:c9:64:33:53:dc:b2:61:a3:c8:dd:94:07:f8: + 95:6e:f0:a6:16:c2:e5:5f:5b:aa:20:2d:a8:42:ff: + ba:84:e2:71:1e:e5:1b:5a:26:bb:28:db:7d:39:b5: + 71:ea:a7:ac:11:52:89:5f:b0:54:d5:25:0c:2f:c9: + 38:81:1e:0f:71:7d:d7:ed:b6:33:16:d4:85:40:3f: + 64:62:50:05:d1:3f:23:9e:15:4b:78:13:f8:ec:61: + e5:e9:43:0f:e8:83:d0:18:b8:b5:3f:04:d2:e7:7f: + d4:fd:47:e0:9e:6f:cd:9d:fc:c7:8c:51:44:1a:1f: + 3d:2d:9d:4f:67:67:35:d9:3e:a7:da:e8:dc:53:d8: + c7:4c:8c:dd:6c:1a:e8:da:38:dd:34:9d:94:bc:b2: + be:bc:c1:f5:84:9c:f4:7f:30:c7:c0:e6:30:34:17: + d2:b8:97:a1:d3:cc:ec:1c:29:ec:8b:3c:b6:9c:f1: + f5:6e:3a:b4:51:20:84:85:46:19:c5:54:26:b7:cc: + f7:18:b3:9c:6d:55:2f:79:30:01:74:5a:d0:15:d7: + 72:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Alternative Name: DNS:localhost Signature Algorithm: sha256WithRSAEncryption - 15:b3:f8:86:ba:02:76:79:38:da:a6:70:53:74:7c:25:8a:c9: - 28:f0:d3:40:3b:9e:1b:af:cb:ef:64:2d:6d:5e:4e:8a:57:99: - 89:c2:d9:d8:9f:bb:5b:56:3c:59:80:0e:56:b2:1f:45:71:e8: - 5a:a8:81:ec:6f:ea:ef:66:2e:b4:ee:e9:d7:4a:c9:ae:b9:2e: - ee:32:64:57:3b:b5:01:da:b5:a9:71:75:1b:82:9f:17:8e:62: - 1f:1c:80:e6:60:82:26:09:9b:21:b5:6a:24:8a:20:9e:01:6b: - a5:f4:c1:f4:ed:a0:12:ef:2f:cd:8b:26:9a:6c:f9:2e:e2:84: - 06:cb:ae:ec:c5:b1:fb:2c:f1:73:10:26:77:6f:e2:4b:29:21: - 0e:04:61:b6:47:9e:b8:a1:f9:09:4f:f8:e8:5a:3f:13:41:33: - c4:7c:2c:6e:c8:02:57:8d:dd:07:7a:6f:c1:ec:00:5c:f2:89: - bb:2b:8a:65:96:1f:11:e7:4b:58:fd:df:4a:08:a3:a9:72:a7: - 71:dd:91:61:d2:68:2c:a6:6f:16:bb:ee:bb:9e:0a:91:f7:09: - 52:ea:b8:08:97:d5:4f:73:62:1e:6d:5f:38:9d:00:34:19:ad: - 74:79:71:7c:91:99:59:b7:46:bf:0b:22:8c:31:98:7b:0f:43: - 88:eb:b0:9c + 4d:6b:33:63:1c:8e:56:45:dc:8c:06:45:01:b9:50:7f:d3:cf: + 40:cf:98:cf:9b:f1:e6:01:65:a1:f8:74:50:ae:f0:95:42:db: + 51:1f:83:6e:6c:9e:bf:98:b6:ca:06:74:2e:ec:b9:15:0f:d9: + 6a:38:53:c6:c4:30:50:6b:9d:25:d7:98:53:60:54:0f:22:b8: + 74:2c:b7:a9:19:d9:0f:51:27:f6:a1:2e:8e:69:d1:9a:21:d5: + 82:1e:80:57:b3:a6:da:27:11:15:7e:ce:4d:f5:18:59:05:45: + 7a:9d:15:a1:47:17:81:bb:da:ba:59:f2:6e:a7:af:b4:9a:f0: + a8:48:3f:85:f6:0e:47:a3:ed:b3:c9:04:f1:88:23:1c:8a:f0: + d2:c4:22:1d:34:e1:7f:7c:1a:4a:64:ad:0f:a3:e0:8a:0b:ad: + bb:08:05:40:cd:48:cc:50:33:43:57:d9:30:b0:c5:28:16:a1: + d7:47:34:5a:79:5e:ff:52:c8:1f:1f:af:c6:10:84:c8:13:14: + 74:fd:44:01:0a:b3:d2:ca:42:6f:0b:c9:6c:3f:b5:ba:1e:b6: + 2f:d9:cc:33:cf:1d:b4:54:30:3d:e4:0d:0e:c5:2b:95:bb:8d: + 20:0e:56:b2:db:98:5b:56:b1:41:99:52:e8:90:67:a8:5c:18: + 94:1f:48:bc -----BEGIN CERTIFICATE----- -MIICujCCAaKgAwIBAgIBATANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhPdGhl -ciBDQTAeFw0xODA1MjYxMTM2NTJaFw0yODA1MjMxMTM2NTJaMBQxEjAQBgNVBAMT -CWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKcUNLzu -A2MJZH7Sjy53GlSxnIQwvpgAWxwlbKDJH30BGdx85jNmJgLZUDydyqQj5RRNAEd8 -jUn4RksAF+mTLq0qVyNCtOvlqF1jv8wF9WL6VjopMIgYr+WtampOeecwnKEL+TNk -76vJKwquiLujDBPBOMACs2Lp2AOA8rCnBY/pWaZii9LouQ7m5visWLANM2nz73tx -UjBrePRTMFiQg/N9eW/domurk6uZkzzqpXzThhwznr2DqvuwODy/z3rpOJyECZ99 -p2IsAXJdjO6+Y0RQDkVq4hnnApjBKcQbQ9nqfUZG1fpoYPnOvzdk4nLIyqlM5ThF -hwTFyMyUCUIPjnsCAwEAAaMYMBYwFAYDVR0RBA0wC4IJbG9jYWxob3N0MA0GCSqG -SIb3DQEBCwUAA4IBAQAVs/iGugJ2eTjapnBTdHwlisko8NNAO54br8vvZC1tXk6K -V5mJwtnYn7tbVjxZgA5Wsh9FcehaqIHsb+rvZi607unXSsmuuS7uMmRXO7UB2rWp -cXUbgp8XjmIfHIDmYIImCZshtWokiiCeAWul9MH07aAS7y/NiyaabPku4oQGy67s -xbH7LPFzECZ3b+JLKSEOBGG2R564ofkJT/joWj8TQTPEfCxuyAJXjd0Hem/B7ABc -8om7K4pllh8R50tY/d9KCKOpcqdx3ZFh0mgspm8Wu+67ngqR9wlS6rgIl9VPc2Ie -bV84nQA0Ga10eXF8kZlZt0a/CyKMMZh7D0OI67Cc +MIICvDCCAaSgAwIBAgIBATANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhPdGhl +ciBDQTAgFw0yMjA1MjcxNzA2MTBaGA8yMDUyMDUxOTE3MDYxMFowFDESMBAGA1UE +AxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PSA +paVZ4t21D9m5rPdvPSLB3AV4O//2u45wFROxBECMDJgQhvUIclSStZTUHclkM1Pc +smGjyN2UB/iVbvCmFsLlX1uqIC2oQv+6hOJxHuUbWia7KNt9ObVx6qesEVKJX7BU +1SUML8k4gR4PcX3X7bYzFtSFQD9kYlAF0T8jnhVLeBP47GHl6UMP6IPQGLi1PwTS +53/U/Ufgnm/NnfzHjFFEGh89LZ1PZ2c12T6n2ujcU9jHTIzdbBro2jjdNJ2UvLK+ +vMH1hJz0fzDHwOYwNBfSuJeh08zsHCnsizy2nPH1bjq0USCEhUYZxVQmt8z3GLOc +bVUveTABdFrQFddy5wIDAQABoxgwFjAUBgNVHREEDTALgglsb2NhbGhvc3QwDQYJ +KoZIhvcNAQELBQADggEBAE1rM2McjlZF3IwGRQG5UH/Tz0DPmM+b8eYBZaH4dFCu +8JVC21Efg25snr+YtsoGdC7suRUP2Wo4U8bEMFBrnSXXmFNgVA8iuHQst6kZ2Q9R +J/ahLo5p0Zoh1YIegFezptonERV+zk31GFkFRXqdFaFHF4G72rpZ8m6nr7Sa8KhI +P4X2Dkej7bPJBPGIIxyK8NLEIh004X98GkpkrQ+j4IoLrbsIBUDNSMxQM0NX2TCw +xSgWoddHNFp5Xv9SyB8fr8YQhMgTFHT9RAEKs9LKQm8LyWw/tboeti/ZzDPPHbRU +MD3kDQ7FK5W7jSAOVrLbmFtWsUGZUuiQZ6hcGJQfSLw= -----END CERTIFICATE----- diff --git a/src/test/resources/tls/other-ca/ca-cert.pem b/src/test/resources/tls/other-ca/ca-cert.pem index eae4f9e6bfb..11d94951e0f 100644 --- a/src/test/resources/tls/other-ca/ca-cert.pem +++ b/src/test/resources/tls/other-ca/ca-cert.pem @@ -1,18 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIC/DCCAeSgAwIBAgIJAJDFe23gf0pwMA0GCSqGSIb3DQEBCwUAMBMxETAPBgNV -BAMMCE90aGVyIENBMB4XDTE4MDUyNjExMzY1MloXDTE4MDYyNTExMzY1MlowEzER -MA8GA1UEAwwIT3RoZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQDu83z3Z2yKLNbhrqG6Zjl8QHdDVH1bSXi9zl4mDhJP5Ha31WYMm0WtFUbrhArS -dy/ZAj7Zx1o3yDA6l0yELVtsqriHs9y6rq4cZB8aqZ423pzSfUrKUh1xijsVNBGZ -NVRUTkpRA28q+1q27+fuOuNuGXnTXWIC8VvARGqE39bPALWK94GEIudBFh+E50kr -MdBPaLdhR7hnkGqEpIm0MUqvBj0JC9pT8pnYZSzpWUTzHrts/e0oUYg/n2xdtF/v -JNciyPw3awiXUrSepj1pnEY/DJH8GVmtmaGnptDwnec41Er65tcRqD3I6P/kh5QM -zMVchTMRHGwAXldzKNAmiu2pAgMBAAGjUzBRMB0GA1UdDgQWBBT6372kBOogJIix -pBzyuAy6Baht5TAfBgNVHSMEGDAWgBT6372kBOogJIixpBzyuAy6Baht5TAPBgNV -HRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA+LsUAQq7BujladIOFZEjR -qEVXdqTXARU5p3Vzw6ydfgtruk4Zb/pyYK43X44O6KBHQoa2jJaSE7su6jrarrxi -ZhyySPjIvK9nyAPzEFlUXxcGMTVGE+lanXWEGsDe6ub+68EGzLpO3U9w0io4gKUE -U6N/VIctsO5es5qLYTu1O3COKnu+CUquqvX8m27Ko6EXg/+P14Gne5Dl839Psqh4 -ceHhegH3i/UgYqB02ZpohuIwClTo+W2aR1ENdBM+l2eOtcXCQ/ABjFRHcNOS50r/ -GJUB+J9fn/NT0m9EqkID1ccdjNT1QjBEv1aDlclioRozjjeMZPRlUPMC47sFZGS/ +MIIDCTCCAfGgAwIBAgIUXcKRK63PeoPunOPyPKq6xo3CxyEwDQYJKoZIhvcNAQEL +BQAwEzERMA8GA1UEAwwIT3RoZXIgQ0EwIBcNMjIwNTI3MTcwNjEwWhgPMjA1MjA1 +MTkxNzA2MTBaMBMxETAPBgNVBAMMCE90aGVyIENBMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAs29di8fcwaZkUSORRvuDOYUnqnfksEFP8gUzVVWTFxEo +YdeXkB4uUL81DOKD5Yti5F0gjMioapNfN/0cQc1GcI5tE04mTgdaDaJSbwkhW5ge +9FeYwlmQuYRf2Kl6oIPYv7/+4JCcXF9BioKVJw2nH2jWM5IhvKj2s8Z19T1QPK16 +gFR+E7JhFsPRC6TvcxunKkHHkYR/QEKGXRcv/hhJGfMuJXj9qO0XSIP+LyD6uJf1 +ylyhrYEyBJif0r7EWds4qvvOHy6D7ItQIQk3A3iU8QcG/k/vZ+xGNczhJprrRvcC +OdCqjCUX8XurJS6L96CVc8B6HNMgzeyUuH1fJJVclQIDAQABo1MwUTAdBgNVHQ4E +FgQU9W8gOHNTlHu9nYNsSjf8iMBF3pswHwYDVR0jBBgwFoAU9W8gOHNTlHu9nYNs +Sjf8iMBF3pswDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAnxEZ +5ib0otUZQgKHlSIucXPvzWG4tVCSiN1z8rUPuzkK5V9IRo//nsioD3R9Hhwuv+Ak ++ZDkV4m/FQMt0ZmepUnnBANTC4P3cS9v7Rvm4rBtMJ3HJ4SEHgs+x0dmKLJguVgk +ncMgJZ52qJmjBcZrDtV48GQpH2EbJCLCltJ1r0UsA9+QhnUHDh1ysJ8QgMUL6fRh +NU81T5/sm1l8h+K8ZoSdGMUvKqvJlW/cZ7+7Rs6Y+RqRJ/FEA30N8q8yr0jDMmak +V8DBhrSBaLFGvNRhCTj6PJYLmdUHt55mrteGMz+nWWHlTdjGlL1gvfw+7aMBM/b8 +ZpSG1toE9ADK8cV4Mg== -----END CERTIFICATE----- diff --git a/src/test/resources/tls/other-ca/ca-key.pem b/src/test/resources/tls/other-ca/ca-key.pem index cc6b96e5d00..52faf07d5a3 100644 --- a/src/test/resources/tls/other-ca/ca-key.pem +++ b/src/test/resources/tls/other-ca/ca-key.pem @@ -1,30 +1,30 @@ -----BEGIN ENCRYPTED PRIVATE KEY----- -MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQItb9nWY3b38ICAggA -MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECKcZLGF7DggoBIIEyFfV/ihohZ5n -s7fJEwHLxo5HFyZ5RcqRgQP1+Ll5Kyg+GNbFE9Xm+QqDKrdRFaouHbBiLUBNHQQI -fs+SDku3kuaVtO2FiGGGEvhyjx1NMc1yPvfBvtREN2lSroSWAv6wtuSpcs626oKH -xI93OGg7s5HTFefswI7l0/OpxmPMGftog0faBxQdAUZ/KqOZxuluhfKEN9cXYVjW -6sx7FoPv9mftspeDCXi4maC0JrarYZ0VC93YBRBvh4xVceyzRJ/UwBOW/xtzeOGV -YsGdGy0mIt2kK21vF4hzTCJrwg5Ft+LpxlSMjNyp7TpJlvZb1GgF2rM+1BvnLn0Z -aJXRPPbVYQhcgo6lYWGulje75RVjT+Kf2ABdc0+bA4vmU8msQlRXeR7nHZv2lTJW -0J2rpGonY84HulHBebuUNmRhOYaULQXuIKQE5kde1cfK95VALMItS48hLmMHySPA -S8suKkCvW1Q6W1HqzQYTWv2tev8JNCHbZG/Vo/0qu++4M8YyOKHjxw3rBLB0Ajr7 -fPGwraRXupmIGnbxJAEtDuSLEGMkkSn+SEjO5fUolMXyQBtxTLENAavyYk17fucv -c6Vqy+tz9OuhNZZyyIga6Lo9UAknujaFcd0OrkNXMhVHfQCT6LfTKFSN2AvJj3i2 -uusvsMIx4c2aPfqH0B9Pv0CwzQnQdlvRMoNgd7/tRyrb0Nh9VkrSdW/EgtxD4aQO -g0i0ElpBgza1fjqGMbGvuysAw5DUKU2kWuTXyj88AZCzDFf26PlesRCPVAfpqu+h -xRNMO2Ftl/IlPYa4gvGXz9660lMlbANZjZVTvhmUUvYONRfKG7icHxGYQqKtgq4Q -LEAbtH3xZOubF3007CdaOJgiSpd8ygOretht9Mfc+Lhv88fHm6e3PV1FfH4iY2lM -5KEUv8osw3+8xFY/+iX6lgi/o3zbdaRjYkUBlq0Wv/AnQXoicamTJWWm81hHsdzu -Jt/2JHqVCkCdjNzdh2yPEG7e8vL93hytbtyVcy9NljRZeKgfXMD1oOgp8sosvDlQ -lLyecjPaMZmmEe3eljgmKWJk7bzBCsmxIItwShoHGm8ybi2aBXdaTaxGdld34XgH -ZAuufjp+PL881zGFLJ/PKqnEvptRbzrszNhvcImMkZcnq8xNFRuTcqYnMWzta6pe -10T5lsIb4fdlz0Y5pB65r7v48T/G75NGRa7O1jFQLyI2ZPNUAHC1aU1XaC7/DpfL -rIk5D2C2a4JiRQs3dJlZUkvnGE67xrpw2zYNuWs11MJe1MYr9bociQPhkD3twUkk -sUWHiLzCK16AmwoUSMIYhVWObjAxJPDNea2vylT+7li1s9+CIeEzw3mFq1wYjK99 -ndSatYjaeXuW3TqLJtpwYjqJ47OiKm7q1uEcDUhYCygfR6QOfBT9HeJpBsJptEwU -omB4BTS38h4P4UBKF2jvaeR3P4YyFLDYhejRgZGwY+3X3cLkRyF8gxpIi/HA9tqD -VnuVEF3tixEpXuSQ4EEdBxHmsP4UGZr11sRBvtw+KQwA3uoSyh+dMrM50Gb1u2Uc -DrLgTf9++TaMYq0o/Xcsgw6l8yaFjgtZO7B3q/Ov3Xpervz7Il6+e/2jSKRPb7Bf -Ksb1EBffpPPjGKZETy5aoQ== +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQItMFzA7QICK8CAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECAzyafUA0ycbBIIEyBXbvUQskawV +BcGVGJLEGcL9jGujnXsGt0WitdnqOt/GyMCekxOIdMBkB0lNC+A//ihK7fNhMdwS ++2UzNcuIZ1SSBWNxg93S2om8Y+pLIlcdHKqyqPqgqkW51xuGQXjeewrRyQgOMl/e +nFacXyGQob3NMMu2WpJfazKnMaXTetOEl2JK316pHVldXc05k4t9mSZhOvGWeX38 +M6Hdy/UwAai70tRLgoDT1SZcB5SmdVIfhJnR7KojqJ38MWidN8eFeqP/6rlIWV0f +HKG/J+z9RpJ8AfZZ2TzR4WikjW7sk0P4Z2XeO+WIZ/RuL8QGvvTMhEUKrqvJBBx9 +GrTbImacTK8doJXgzrZLOwqvTXgx94lu6VTqWk5oeMFb4FOIJ1AwWQktJgcAnOKq +LhdAqe5bfEDgFU3BBmv/SfM0LGbuuFbyWrT9egoxqRWdlZRkqRwuyOQcDFLVMqmi +Bnu4RuyWJYV61OOCn5NDWD52HtNmeAlIKEwI9xWJY+QjWR7Nh0B5RKqprjXJSF3f +k3EBhQwmq5r+wO0fVkB6F9carErV+69gqAxcYtQor91rWyoxvRn1VWVx5gNrU9EW +Y3TfxCbqOcKqaJzwmI74dzfACNMFRcSpQalG/TY1QKtsWL3txH18r4y0kAUSI/Jm +1oD6FwV0Yik/h0G/2uPc2muk56QdTJgteh/1+1dsQH7LKl/WDrUeY5YI3oUG0axA +QLByuCzASma2hWjK3pkcjSrTXABUFMNB5hIcrdzWwuSH3ieznQvve0X5in57itMJ +5/c7a8ROMnOitwiLepwSlt9X+tk1H7Sl3/BBeSdYSKNIi9VX8oekWrZZc8jQfON/ +gNP/pgVmzm8icYtSTRBurPnMko6hRaWs/xy0AERP0wEuf3qekCMZcyME+31fWXqJ +KFuP0TQfuHe79b3gO56egQSkmjHnNEYS0vihDELMnI32+oWMdytWfYad90a5OyDi +LQDmWW9Aq1q/nQizp66NzRcjbJtYwnWsoUi0i2urALlngpQvfZkBUR8FwGftaqiw +X5Zr3dkEpinsdeoYhgOMKLCo8+adfVpRqentV1m6GETIMijQjssRPpwTcibWWwjt +aL+bSoWAaL/I6TVuH9qqfnpxnMj2tD9WNGasI9F8oBPpR6hC7+hjPMqWntnvWOKU +zco7FXl+FYIqQezpYXogTi8nkhupMGVgUW6lUg2Wrwv7LvNmYar5fawexQBzlPbU +7qP7X+jOvFSn92/QWMjeCQi2XoMZnQqvZlBLaIqSwDu5LCKXftaGCD4xsiwV3SlD +4w87gCBoPdnhh+5i1KzjRzGKX4euEY5NRef9ZP+nB6oIONu6GiilfpdUcnQjRPQV +Izi19TIxRdbFn3k94QjVZIJkR6n4spAA0DAZ9JnPNMMWBVXVXOr0znjSDNJp0XUt +Lu/XT4hwpbKcMh1aeSaJkoc71eQccW6X//4DjshTJ4fsfT5bsT20GqBa8mecrcJq ++fFuvCbIZGyKmCru5CL4Ir5SVUc8sGw3aOuLmVxLYjukidIsJwS7Nz5R5d2tmT7+ +7+74lnaRUlsyR6sUp65Qcg3tvAnrgXFv0WCOHQ8DIwGSYAFiSll2L5K99PnXE5Hg +2y5IZoVQfMm5DieVGoOgYA== -----END ENCRYPTED PRIVATE KEY----- diff --git a/src/test/resources/tls/other-ca/index.txt b/src/test/resources/tls/other-ca/index.txt index cbae8077d9c..0521e5c1f6d 100644 --- a/src/test/resources/tls/other-ca/index.txt +++ b/src/test/resources/tls/other-ca/index.txt @@ -1 +1 @@ -V 280523113652Z 01 unknown /CN=localhost +V 20520519170610Z 01 unknown /CN=localhost diff --git a/src/test/resources/tls/root-ca/01.pem b/src/test/resources/tls/root-ca/01.pem index 08eb07666f6..4126801c7af 100644 --- a/src/test/resources/tls/root-ca/01.pem +++ b/src/test/resources/tls/root-ca/01.pem @@ -2,68 +2,68 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: CN=Root CA Validity - Not Before: May 26 11:36:50 2018 GMT - Not After : May 23 11:36:50 2028 GMT + Not Before: May 27 17:06:06 2022 GMT + Not After : May 19 17:06:06 2052 GMT Subject: CN=localhost Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: - 00:a7:14:34:bc:ee:03:63:09:64:7e:d2:8f:2e:77: - 1a:54:b1:9c:84:30:be:98:00:5b:1c:25:6c:a0:c9: - 1f:7d:01:19:dc:7c:e6:33:66:26:02:d9:50:3c:9d: - ca:a4:23:e5:14:4d:00:47:7c:8d:49:f8:46:4b:00: - 17:e9:93:2e:ad:2a:57:23:42:b4:eb:e5:a8:5d:63: - bf:cc:05:f5:62:fa:56:3a:29:30:88:18:af:e5:ad: - 6a:6a:4e:79:e7:30:9c:a1:0b:f9:33:64:ef:ab:c9: - 2b:0a:ae:88:bb:a3:0c:13:c1:38:c0:02:b3:62:e9: - d8:03:80:f2:b0:a7:05:8f:e9:59:a6:62:8b:d2:e8: - b9:0e:e6:e6:f8:ac:58:b0:0d:33:69:f3:ef:7b:71: - 52:30:6b:78:f4:53:30:58:90:83:f3:7d:79:6f:dd: - a2:6b:ab:93:ab:99:93:3c:ea:a5:7c:d3:86:1c:33: - 9e:bd:83:aa:fb:b0:38:3c:bf:cf:7a:e9:38:9c:84: - 09:9f:7d:a7:62:2c:01:72:5d:8c:ee:be:63:44:50: - 0e:45:6a:e2:19:e7:02:98:c1:29:c4:1b:43:d9:ea: - 7d:46:46:d5:fa:68:60:f9:ce:bf:37:64:e2:72:c8: - ca:a9:4c:e5:38:45:87:04:c5:c8:cc:94:09:42:0f: - 8e:7b + 00:dc:f4:80:a5:a5:59:e2:dd:b5:0f:d9:b9:ac:f7: + 6f:3d:22:c1:dc:05:78:3b:ff:f6:bb:8e:70:15:13: + b1:04:40:8c:0c:98:10:86:f5:08:72:54:92:b5:94: + d4:1d:c9:64:33:53:dc:b2:61:a3:c8:dd:94:07:f8: + 95:6e:f0:a6:16:c2:e5:5f:5b:aa:20:2d:a8:42:ff: + ba:84:e2:71:1e:e5:1b:5a:26:bb:28:db:7d:39:b5: + 71:ea:a7:ac:11:52:89:5f:b0:54:d5:25:0c:2f:c9: + 38:81:1e:0f:71:7d:d7:ed:b6:33:16:d4:85:40:3f: + 64:62:50:05:d1:3f:23:9e:15:4b:78:13:f8:ec:61: + e5:e9:43:0f:e8:83:d0:18:b8:b5:3f:04:d2:e7:7f: + d4:fd:47:e0:9e:6f:cd:9d:fc:c7:8c:51:44:1a:1f: + 3d:2d:9d:4f:67:67:35:d9:3e:a7:da:e8:dc:53:d8: + c7:4c:8c:dd:6c:1a:e8:da:38:dd:34:9d:94:bc:b2: + be:bc:c1:f5:84:9c:f4:7f:30:c7:c0:e6:30:34:17: + d2:b8:97:a1:d3:cc:ec:1c:29:ec:8b:3c:b6:9c:f1: + f5:6e:3a:b4:51:20:84:85:46:19:c5:54:26:b7:cc: + f7:18:b3:9c:6d:55:2f:79:30:01:74:5a:d0:15:d7: + 72:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Alternative Name: DNS:localhost Signature Algorithm: sha256WithRSAEncryption - 9f:69:56:e6:8d:be:04:77:45:c3:4e:2a:75:75:d4:e8:17:37: - f5:6c:34:ce:1d:da:99:53:f9:b2:3a:14:d7:a6:7b:e6:17:e9: - 8b:bd:03:65:90:99:55:df:ff:1b:8c:72:1d:96:f4:ea:17:94: - 93:ea:d5:0e:f4:ee:ec:ba:3f:ed:ea:b9:49:a2:58:27:96:be: - 5f:9e:7e:04:45:b3:c1:b8:05:1f:c4:5e:c5:43:13:43:af:bb: - c1:cf:fc:50:e7:d7:6b:58:e2:df:c5:c4:a3:22:b6:45:79:9a: - a3:f8:1f:74:16:08:0b:a2:e1:42:4f:6d:31:dc:09:ef:70:5d: - 3b:a8:d5:aa:ae:d6:58:88:22:97:bf:fe:2c:a1:29:4a:44:ed: - ab:6b:9e:dd:cc:a6:45:34:b2:94:d6:65:78:fa:cd:1b:9a:0e: - 84:36:0b:ff:eb:1c:bb:9f:e9:88:85:88:d1:df:8f:9f:bd:e1: - 45:7c:bf:87:07:10:b4:a7:f8:3a:84:7f:31:2b:a9:40:af:8f: - 56:ee:48:dc:a0:8e:98:2d:4f:48:de:76:c3:0e:a6:b9:b9:57: - 9b:cf:02:b2:5d:8e:88:04:b7:5e:16:b0:bd:f1:b6:6f:bf:dd: - 73:36:9d:90:6f:21:c9:66:12:85:61:89:72:14:b4:c0:2b:8d: - a1:66:79:00 + 6d:a3:b3:ab:83:38:39:e6:65:9c:cc:a4:fa:05:bb:b5:75:eb: + 90:00:e7:80:5b:c0:e6:c8:ff:00:c2:0e:18:97:96:3d:0e:b1: + 82:63:e9:4f:11:a8:b3:c0:36:ec:f5:ae:e9:07:23:ac:cd:8d: + 6e:95:96:b0:cd:39:d7:5d:48:a9:19:80:2a:96:c1:5a:e4:f9: + f2:9d:76:d6:05:6a:11:7e:df:a3:70:c5:53:9b:59:1b:51:0d: + 72:6d:35:fc:78:02:86:40:2d:2f:82:d3:e3:8d:60:4e:9d:de: + bf:fa:5f:fc:14:a9:82:46:af:05:be:3f:57:36:94:b5:39:73: + 45:ec:2b:fe:a2:21:60:1e:cd:b3:76:22:7d:d9:b8:93:32:39: + 5d:09:b7:40:41:bf:de:d7:df:80:2b:d7:a7:cc:e6:4e:2d:6d: + ce:d4:23:91:47:f8:f6:66:1f:bd:fe:bc:e9:a2:46:0f:41:6f: + 5f:a8:1a:29:87:9c:4e:be:e1:f0:47:44:ac:0a:f3:c1:6b:fe: + cb:d5:84:96:cd:ff:cc:a5:93:f8:5c:f7:2f:53:2b:d4:32:ef: + d8:e7:44:6c:98:11:ba:13:1b:76:03:ca:08:82:7c:e9:b0:8a: + 67:77:4e:59:7a:9f:8b:54:32:fa:24:45:01:a2:50:62:ad:5a: + ec:54:52:87 -----BEGIN CERTIFICATE----- -MIICuTCCAaGgAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 -IENBMB4XDTE4MDUyNjExMzY1MFoXDTI4MDUyMzExMzY1MFowFDESMBAGA1UEAxMJ -bG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxQ0vO4D -YwlkftKPLncaVLGchDC+mABbHCVsoMkffQEZ3HzmM2YmAtlQPJ3KpCPlFE0AR3yN -SfhGSwAX6ZMurSpXI0K06+WoXWO/zAX1YvpWOikwiBiv5a1qak555zCcoQv5M2Tv -q8krCq6Iu6MME8E4wAKzYunYA4DysKcFj+lZpmKL0ui5Dubm+KxYsA0zafPve3FS -MGt49FMwWJCD8315b92ia6uTq5mTPOqlfNOGHDOevYOq+7A4PL/Peuk4nIQJn32n -YiwBcl2M7r5jRFAORWriGecCmMEpxBtD2ep9RkbV+mhg+c6/N2TicsjKqUzlOEWH -BMXIzJQJQg+OewIDAQABoxgwFjAUBgNVHREEDTALgglsb2NhbGhvc3QwDQYJKoZI -hvcNAQELBQADggEBAJ9pVuaNvgR3RcNOKnV11OgXN/VsNM4d2plT+bI6FNeme+YX -6Yu9A2WQmVXf/xuMch2W9OoXlJPq1Q707uy6P+3quUmiWCeWvl+efgRFs8G4BR/E -XsVDE0Ovu8HP/FDn12tY4t/FxKMitkV5mqP4H3QWCAui4UJPbTHcCe9wXTuo1aqu -1liIIpe//iyhKUpE7atrnt3MpkU0spTWZXj6zRuaDoQ2C//rHLuf6YiFiNHfj5+9 -4UV8v4cHELSn+DqEfzErqUCvj1buSNygjpgtT0jedsMOprm5V5vPArJdjogEt14W -sL3xtm+/3XM2nZBvIclmEoVhiXIUtMArjaFmeQA= +MIICuzCCAaOgAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTIyMDUyNzE3MDYwNloYDzIwNTIwNTE5MTcwNjA2WjAUMRIwEAYDVQQD +Ewlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc9ICl +pVni3bUP2bms9289IsHcBXg7//a7jnAVE7EEQIwMmBCG9QhyVJK1lNQdyWQzU9yy +YaPI3ZQH+JVu8KYWwuVfW6ogLahC/7qE4nEe5RtaJrso2305tXHqp6wRUolfsFTV +JQwvyTiBHg9xfdfttjMW1IVAP2RiUAXRPyOeFUt4E/jsYeXpQw/og9AYuLU/BNLn +f9T9R+Ceb82d/MeMUUQaHz0tnU9nZzXZPqfa6NxT2MdMjN1sGujaON00nZS8sr68 +wfWEnPR/MMfA5jA0F9K4l6HTzOwcKeyLPLac8fVuOrRRIISFRhnFVCa3zPcYs5xt +VS95MAF0WtAV13LnAgMBAAGjGDAWMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDANBgkq +hkiG9w0BAQsFAAOCAQEAbaOzq4M4OeZlnMyk+gW7tXXrkADngFvA5sj/AMIOGJeW +PQ6xgmPpTxGos8A27PWu6QcjrM2NbpWWsM05111IqRmAKpbBWuT58p121gVqEX7f +o3DFU5tZG1ENcm01/HgChkAtL4LT441gTp3ev/pf/BSpgkavBb4/VzaUtTlzRewr +/qIhYB7Ns3Yifdm4kzI5XQm3QEG/3tffgCvXp8zmTi1tztQjkUf49mYfvf686aJG +D0FvX6gaKYecTr7h8EdErArzwWv+y9WEls3/zKWT+Fz3L1Mr1DLv2OdEbJgRuhMb +dgPKCIJ86bCKZ3dOWXqfi1Qy+iRFAaJQYq1a7FRShw== -----END CERTIFICATE----- diff --git a/src/test/resources/tls/root-ca/02.pem b/src/test/resources/tls/root-ca/02.pem index 1e0dc95022c..cdb3247c822 100644 --- a/src/test/resources/tls/root-ca/02.pem +++ b/src/test/resources/tls/root-ca/02.pem @@ -2,68 +2,68 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) - Signature Algorithm: sha256WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: CN=Root CA Validity - Not Before: May 26 11:36:51 2018 GMT - Not After : May 23 11:36:51 2028 GMT + Not Before: May 27 17:06:07 2022 GMT + Not After : May 19 17:06:07 2052 GMT Subject: CN=Intermediate CA Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: - 00:b6:6b:ed:4e:b8:cd:f8:0e:60:7b:7c:4a:fd:4d: - 98:9e:2e:25:24:99:6a:77:a6:39:7d:5b:08:3d:40: - b5:e4:48:cc:f5:63:70:ff:55:2e:1e:81:44:80:25: - 32:14:0a:7c:0a:5f:99:28:28:b4:2a:f7:ce:58:3e: - 6c:77:d7:ba:3b:fa:9a:13:a0:47:ad:51:6d:9c:05: - bd:04:3f:40:b8:6c:e3:f8:d9:76:25:ba:f9:47:3f: - 62:82:6f:e1:df:e2:b5:0b:98:53:81:31:f7:14:5b: - 2a:b3:3c:87:ec:ed:f6:c8:51:61:98:7d:00:11:84: - 65:9d:36:5e:e1:27:b2:97:09:80:8b:8c:22:b1:b1: - 74:d3:6e:e8:43:7c:a0:51:a2:65:39:b6:dd:08:de: - 01:fd:62:12:91:16:27:1b:75:05:ff:fa:f4:17:3b: - 1a:c5:41:cd:fb:01:a0:ce:15:cb:6d:94:e1:e8:7c: - 05:04:d4:e7:53:2a:68:1b:82:b1:4c:9d:f5:bd:98: - c1:e8:51:a4:42:f5:94:7d:95:c6:d1:c4:79:80:0d: - b8:a8:fb:70:87:40:12:8f:f2:2a:08:d4:40:54:37: - 2e:30:ee:6a:bb:d2:af:f1:7f:ec:25:58:5a:d6:0f: - d6:34:3e:ad:a3:1b:95:fc:97:43:a0:5b:8f:b0:5e: - c9:19 + 00:c6:a6:1d:24:5f:c3:13:d1:83:9e:a7:10:da:20: + 6d:4f:8e:eb:3e:0b:6a:55:bd:66:f5:39:8a:8a:a9: + 35:9e:3b:0e:5d:e2:47:01:45:52:3a:23:a2:f2:46: + ef:4c:02:de:12:fd:8f:d5:2d:dd:5f:3b:9f:75:00: + 59:1f:33:52:c7:43:45:84:37:c8:88:4a:75:af:9d: + b8:e9:ab:01:f5:b9:8d:8f:d6:c6:86:f8:6c:a4:67: + 42:39:c3:7a:35:ce:77:01:0f:07:e4:fb:d5:61:8a: + 2a:a3:05:ad:5d:7b:c4:67:f1:aa:c8:f8:48:0e:40: + 20:1b:d9:30:b5:df:27:b9:a9:2a:bc:9c:26:2b:8a: + a3:3d:60:b1:5c:8b:59:cd:ce:f9:91:8b:83:bc:62: + a5:68:0e:02:33:a9:17:73:1e:74:35:c1:e4:d7:79: + f8:e1:69:da:d5:78:a3:41:c3:53:3a:b4:67:8a:fe: + 7c:cc:03:59:51:a6:88:15:56:c6:83:a9:42:78:7c: + 4a:e9:7f:ab:87:b0:b3:30:86:7a:8a:6f:9e:f0:65: + 75:56:c7:d9:e5:cd:a1:9f:73:ce:ef:b3:0f:4d:59: + b0:5f:92:fa:03:ec:35:c7:60:3c:40:2d:c7:d9:f6: + a0:58:16:39:98:1e:73:6b:64:86:64:a5:f4:15:f2: + 03:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha256WithRSAEncryption - 0d:41:e3:42:3b:0f:b4:fd:7c:b2:7c:3f:c8:aa:8b:fc:12:10: - f3:cd:9b:a1:25:8b:ee:a4:e6:0e:f4:15:9a:b1:22:6f:c9:16: - 1b:8d:6d:5a:e3:3e:2d:ad:d8:99:b5:76:90:b4:41:14:78:6a: - 5f:ff:a7:e4:cc:f1:49:fc:5a:c8:b8:83:55:8c:41:5b:11:00: - c5:24:7d:97:58:8a:b0:59:ae:16:c0:bc:ce:e1:30:01:ee:2e: - de:cd:06:ea:ec:c9:a2:48:76:8b:b2:c8:b0:24:c4:eb:3f:43: - 2f:86:f4:da:92:f4:cb:6b:88:ed:55:3f:59:38:ff:e8:67:49: - a4:5b:48:94:77:fd:d0:ce:29:d5:e2:be:8c:70:27:33:52:19: - 35:9e:51:e5:ba:95:e6:99:4c:40:42:20:11:02:e6:86:2f:a5: - 61:85:e2:30:83:b6:b4:09:36:5e:02:39:51:ce:85:7a:61:03: - fe:b4:83:1e:82:89:96:43:4c:df:de:75:83:98:2d:9c:7b:ab: - fa:17:c9:48:99:4c:d0:cf:2e:73:e6:69:b8:66:9a:dd:23:08: - 0f:0c:18:bc:c4:00:d8:58:43:b5:69:01:df:10:39:6c:11:25: - fb:2a:7c:3d:71:0c:8d:71:87:3e:b6:b2:2e:7b:27:95:b7:4f: - 44:fd:f3:0e + 73:56:c9:93:86:52:ad:a9:a1:87:e8:1b:c6:0e:39:0b:c9:02: + b7:83:88:11:63:b4:f5:a0:06:0f:26:7c:f9:67:cf:a6:e4:f6: + ec:83:1c:67:c5:70:26:3c:e6:36:40:8f:08:20:37:f9:97:d4: + 6e:82:73:99:da:18:18:5d:69:f4:25:0c:3e:9b:4f:f6:80:20: + 7c:82:2d:c9:75:20:16:f6:99:cf:3d:bf:df:69:63:7f:1b:c0: + 0a:9f:e7:c2:46:04:cb:49:34:b4:0e:84:09:be:54:94:3f:da: + a7:5a:01:98:72:ba:de:10:66:80:f4:46:88:34:70:92:63:d6: + 31:93:f1:42:93:ab:da:c8:59:c6:d9:ef:96:57:92:f0:88:d7: + 13:2e:fe:87:8a:63:98:e8:95:58:9b:74:48:37:89:1a:8f:5f: + 7e:b4:20:0a:10:7e:04:48:0f:57:c9:a9:ca:7c:7a:1e:f9:c5: + bd:61:0e:f7:43:d9:a6:9f:f6:1a:d0:98:93:11:53:14:ba:e5: + 0a:ec:8e:28:d5:4c:ad:9c:be:7e:5f:73:08:9d:11:70:83:34: + 01:64:43:6c:75:2d:13:6a:24:29:de:62:24:07:9d:22:06:ab: + 24:c6:f2:5c:11:36:81:98:7f:bd:11:8a:05:2f:14:21:69:d7: + 6b:b4:b3:94 -----BEGIN CERTIFICATE----- -MIICtzCCAZ+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 -IENBMB4XDTE4MDUyNjExMzY1MVoXDTI4MDUyMzExMzY1MVowGjEYMBYGA1UEAwwP -SW50ZXJtZWRpYXRlIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -tmvtTrjN+A5ge3xK/U2Yni4lJJlqd6Y5fVsIPUC15EjM9WNw/1UuHoFEgCUyFAp8 -Cl+ZKCi0KvfOWD5sd9e6O/qaE6BHrVFtnAW9BD9AuGzj+Nl2Jbr5Rz9igm/h3+K1 -C5hTgTH3FFsqszyH7O32yFFhmH0AEYRlnTZe4SeylwmAi4wisbF0027oQ3ygUaJl -ObbdCN4B/WISkRYnG3UF//r0FzsaxUHN+wGgzhXLbZTh6HwFBNTnUypoG4KxTJ31 -vZjB6FGkQvWUfZXG0cR5gA24qPtwh0ASj/IqCNRAVDcuMO5qu9Kv8X/sJVha1g/W -ND6toxuV/JdDoFuPsF7JGQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3 -DQEBCwUAA4IBAQANQeNCOw+0/XyyfD/Iqov8EhDzzZuhJYvupOYO9BWasSJvyRYb -jW1a4z4trdiZtXaQtEEUeGpf/6fkzPFJ/FrIuINVjEFbEQDFJH2XWIqwWa4WwLzO -4TAB7i7ezQbq7MmiSHaLssiwJMTrP0MvhvTakvTLa4jtVT9ZOP/oZ0mkW0iUd/3Q -zinV4r6McCczUhk1nlHlupXmmUxAQiARAuaGL6VhheIwg7a0CTZeAjlRzoV6YQP+ -tIMegomWQ0zf3nWDmC2ce6v6F8lImUzQzy5z5mm4ZprdIwgPDBi8xADYWEO1aQHf -EDlsESX7Knw9cQyNcYc+trIueyeVt09E/fMO +MIICuTCCAaGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTIyMDUyNzE3MDYwN1oYDzIwNTIwNTE5MTcwNjA3WjAaMRgwFgYDVQQD +DA9JbnRlcm1lZGlhdGUgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQDGph0kX8MT0YOepxDaIG1Pjus+C2pVvWb1OYqKqTWeOw5d4kcBRVI6I6LyRu9M +At4S/Y/VLd1fO591AFkfM1LHQ0WEN8iISnWvnbjpqwH1uY2P1saG+GykZ0I5w3o1 +zncBDwfk+9VhiiqjBa1de8Rn8arI+EgOQCAb2TC13ye5qSq8nCYriqM9YLFci1nN +zvmRi4O8YqVoDgIzqRdzHnQ1weTXefjhadrVeKNBw1M6tGeK/nzMA1lRpogVVsaD +qUJ4fErpf6uHsLMwhnqKb57wZXVWx9nlzaGfc87vsw9NWbBfkvoD7DXHYDxALcfZ +9qBYFjmYHnNrZIZkpfQV8gMzAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHNWyZOGUq2poYfoG8YOOQvJAreDiBFjtPWgBg8mfPlnz6bk +9uyDHGfFcCY85jZAjwggN/mX1G6Cc5naGBhdafQlDD6bT/aAIHyCLcl1IBb2mc89 +v99pY38bwAqf58JGBMtJNLQOhAm+VJQ/2qdaAZhyut4QZoD0Rog0cJJj1jGT8UKT +q9rIWcbZ75ZXkvCI1xMu/oeKY5jolVibdEg3iRqPX360IAoQfgRID1fJqcp8eh75 +xb1hDvdD2aaf9hrQmJMRUxS65QrsjijVTK2cvn5fcwidEXCDNAFkQ2x1LRNqJCne +YiQHnSIGqyTG8lwRNoGYf70RigUvFCFp12u0s5Q= -----END CERTIFICATE----- diff --git a/src/test/resources/tls/root-ca/03.pem b/src/test/resources/tls/root-ca/03.pem index 260174c808d..238f1bfe506 100644 --- a/src/test/resources/tls/root-ca/03.pem +++ b/src/test/resources/tls/root-ca/03.pem @@ -2,64 +2,64 @@ Certificate: Data: Version: 1 (0x0) Serial Number: 3 (0x3) - Signature Algorithm: sha256WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: CN=Root CA Validity - Not Before: May 26 11:36:52 2018 GMT - Not After : May 23 11:36:52 2028 GMT + Not Before: May 27 17:06:10 2022 GMT + Not After : May 19 17:06:10 2052 GMT Subject: CN=client Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: - 00:d5:98:27:9c:2d:d5:19:53:dd:7b:87:07:95:cf: - 82:6a:bd:9f:6f:64:48:b5:ac:7f:81:1b:df:07:61: - f4:51:fe:1d:d0:6a:86:f1:3c:89:99:bb:78:73:28: - 76:7e:30:f6:e6:f7:81:ee:9c:b3:c0:54:0f:72:66: - 1b:d9:31:3a:0d:7c:eb:83:e1:35:0f:04:f9:68:06: - e3:73:c0:17:d9:93:63:b8:09:a5:de:1b:86:a2:95: - 55:94:7e:6e:6d:fe:5f:91:0f:fe:79:cd:82:ae:87: - 0d:7f:56:5f:65:70:ea:f2:17:65:c0:98:f4:36:17: - 58:30:10:a2:bb:c2:dd:40:93:cc:f0:f3:fc:9e:62: - 00:6f:d7:f1:7e:89:b0:8c:bd:1e:85:56:3f:40:04: - 11:1f:4c:cf:a8:3a:ce:28:cb:9d:68:b5:4b:f4:87: - ad:c6:a9:88:17:30:9c:8b:5f:ba:be:00:65:9d:0b: - 7b:2b:c3:02:d0:44:eb:64:ce:2e:f2:d3:48:3f:62: - bc:97:52:82:2a:75:71:08:ec:2a:cd:2f:7e:6b:65: - 77:19:e4:b7:c6:47:01:57:f5:eb:d7:d7:53:e9:4f: - 73:92:85:89:6c:24:17:05:13:d2:8c:6a:d4:68:21: - 67:7a:c5:42:a5:c5:39:34:c8:b8:e8:39:41:36:b6: - c3:09 + 00:c8:55:7f:c3:b3:d4:64:6d:f9:68:ee:fa:4d:16: + 92:b5:55:7f:d9:e8:2d:a6:51:8c:b9:ed:fd:6a:f0: + 4f:67:73:ae:bd:40:64:de:74:c1:c2:7c:bc:96:6d: + 3f:8d:49:a6:cc:1c:8b:f5:30:15:e7:3e:a3:9e:36: + c9:4d:92:2c:c4:f1:02:a6:ee:3d:5b:98:e7:95:af: + 00:f4:d1:ce:8e:52:74:84:1a:3a:a1:dd:4b:06:e4: + 81:a8:08:90:53:92:0f:bf:79:c6:a9:1e:7c:56:75: + 9b:f4:7b:68:dc:1c:4d:4c:45:19:61:42:0e:16:2d: + f7:c1:91:76:cb:71:1a:23:61:55:83:b8:26:cb:65: + 2d:8f:fd:78:36:71:f4:c5:5f:4f:9c:52:84:73:67: + ad:ee:dd:40:c5:b4:c7:81:17:45:1f:eb:d3:82:89: + 80:5a:fa:aa:57:0b:cf:0f:91:12:3f:56:cf:75:e5: + 87:c3:10:26:a3:de:d0:99:ca:0d:df:28:df:3e:b7: + ae:43:9a:05:e1:15:09:7e:05:80:07:2f:8a:b0:e4: + 28:28:3e:d6:0f:22:2e:f5:c1:0f:9b:4d:9f:71:75: + 26:14:3e:37:1f:01:f0:78:b4:d5:ff:09:51:93:06: + 39:73:88:2f:aa:a7:f7:e0:ad:e1:97:af:2a:8f:33: + 05:5d Exponent: 65537 (0x10001) Signature Algorithm: sha256WithRSAEncryption - 3e:39:8d:20:aa:44:54:00:09:02:c2:f7:5b:06:6d:31:cc:47: - 80:75:79:bc:d7:fc:c0:5f:fa:88:8e:5a:fc:1e:9d:10:b0:c0: - bb:29:05:57:89:03:86:dd:7f:f1:c2:2e:76:31:d2:bd:a1:b7: - 70:88:13:38:4f:b6:1c:dc:23:8a:75:72:67:e8:33:29:3b:e7: - 72:69:b0:0f:b8:ff:ea:b0:49:04:b1:d3:b1:4a:79:8b:62:c5: - 94:a7:a8:7a:94:66:ca:23:b9:f6:24:31:29:ed:a5:d9:c4:26: - 0c:83:99:10:48:77:f5:67:45:f5:49:e7:97:74:b4:d0:34:d8: - b0:65:30:45:53:33:1e:f4:49:c4:dd:43:d5:98:b2:1d:e1:5b: - 2c:eb:44:e6:ab:54:eb:38:35:19:fe:3e:9a:2b:ac:60:0d:66: - 46:03:43:57:9f:4a:38:4c:e6:bb:7a:29:2b:1c:0e:02:b1:09: - 6a:2f:56:cd:c9:d3:76:d7:54:6f:d1:32:46:ef:50:f4:56:a9: - 01:fe:66:52:78:9f:18:cd:91:6a:20:9e:15:1f:8b:ed:f6:a6: - 1e:b7:20:4b:22:f2:1d:ee:06:fc:6f:87:76:c2:2e:e1:0c:3b: - 32:e0:bb:8c:8e:52:cd:64:fd:aa:01:f9:c0:9a:ed:aa:74:e9: - 59:b5:e3:ce + 47:77:0f:66:c7:04:86:58:b9:b2:a9:f9:20:17:f3:54:db:81: + b0:a0:ec:5c:f3:a6:90:1f:47:8a:d3:19:73:59:cf:2a:9a:7b: + b7:c9:10:fe:fb:96:93:81:6a:95:83:0f:68:9c:52:4f:34:d7: + 32:83:93:c3:c2:4c:2e:10:f9:61:5a:a7:89:7f:37:6f:9b:f8: + 26:7d:85:87:88:de:0c:89:70:0a:9a:ae:81:b6:08:c2:86:01: + 6d:b1:8d:7a:80:17:e8:28:3d:88:ea:bb:7a:f2:c0:cb:32:80: + 5e:dd:05:c2:08:5b:55:b1:e7:e3:82:12:d3:03:a4:ae:4e:9d: + 91:ee:9d:7e:a3:63:46:d9:f1:af:89:a5:9c:15:ae:cc:0f:dd: + f1:8a:42:2a:1f:23:93:78:25:af:5a:ba:2d:88:d5:00:fa:4e: + a4:10:46:14:b8:a1:ed:74:03:c5:29:7c:d8:3f:6e:6c:79:0d: + 5c:cb:e9:38:09:4b:f7:aa:f2:c3:c4:5e:5d:eb:44:d7:c0:ea: + 83:a3:18:32:0c:3d:2e:67:ec:84:66:15:a2:75:fa:69:21:07: + 70:74:00:bc:57:f7:20:f9:df:17:f7:34:a4:66:a9:c4:bd:75: + 5b:d3:f3:81:0c:2d:ae:51:88:3a:c9:6e:5b:0f:5b:bc:18:71: + 10:96:ff:83 -----BEGIN CERTIFICATE----- -MIIClzCCAX8CAQMwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHUm9vdCBDQTAe -Fw0xODA1MjYxMTM2NTJaFw0yODA1MjMxMTM2NTJaMBExDzANBgNVBAMTBmNsaWVu -dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANWYJ5wt1RlT3XuHB5XP -gmq9n29kSLWsf4Eb3wdh9FH+HdBqhvE8iZm7eHModn4w9ub3ge6cs8BUD3JmG9kx -Og1864PhNQ8E+WgG43PAF9mTY7gJpd4bhqKVVZR+bm3+X5EP/nnNgq6HDX9WX2Vw -6vIXZcCY9DYXWDAQorvC3UCTzPDz/J5iAG/X8X6JsIy9HoVWP0AEER9Mz6g6zijL -nWi1S/SHrcapiBcwnItfur4AZZ0LeyvDAtBE62TOLvLTSD9ivJdSgip1cQjsKs0v -fmtldxnkt8ZHAVf169fXU+lPc5KFiWwkFwUT0oxq1GghZ3rFQqXFOTTIuOg5QTa2 -wwkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAPjmNIKpEVAAJAsL3WwZtMcxHgHV5 -vNf8wF/6iI5a/B6dELDAuykFV4kDht1/8cIudjHSvaG3cIgTOE+2HNwjinVyZ+gz -KTvncmmwD7j/6rBJBLHTsUp5i2LFlKeoepRmyiO59iQxKe2l2cQmDIOZEEh39WdF -9Unnl3S00DTYsGUwRVMzHvRJxN1D1ZiyHeFbLOtE5qtU6zg1Gf4+miusYA1mRgND -V59KOEzmu3opKxwOArEJai9WzcnTdtdUb9EyRu9Q9FapAf5mUnifGM2RaiCeFR+L -7famHrcgSyLyHe4G/G+HdsIu4Qw7MuC7jI5SzWT9qgH5wJrtqnTpWbXjzg== +MIICmTCCAYECAQMwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHUm9vdCBDQTAg +Fw0yMjA1MjcxNzA2MTBaGA8yMDUyMDUxOTE3MDYxMFowETEPMA0GA1UEAxMGY2xp +ZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFV/w7PUZG35aO76 +TRaStVV/2egtplGMue39avBPZ3OuvUBk3nTBwny8lm0/jUmmzByL9TAV5z6jnjbJ +TZIsxPECpu49W5jnla8A9NHOjlJ0hBo6od1LBuSBqAiQU5IPv3nGqR58VnWb9Hto +3BxNTEUZYUIOFi33wZF2y3EaI2FVg7gmy2Utj/14NnH0xV9PnFKEc2et7t1AxbTH +gRdFH+vTgomAWvqqVwvPD5ESP1bPdeWHwxAmo97QmcoN3yjfPreuQ5oF4RUJfgWA +By+KsOQoKD7WDyIu9cEPm02fcXUmFD43HwHweLTV/wlRkwY5c4gvqqf34K3hl68q +jzMFXQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBHdw9mxwSGWLmyqfkgF/NU24Gw +oOxc86aQH0eK0xlzWc8qmnu3yRD++5aTgWqVgw9onFJPNNcyg5PDwkwuEPlhWqeJ +fzdvm/gmfYWHiN4MiXAKmq6BtgjChgFtsY16gBfoKD2I6rt68sDLMoBe3QXCCFtV +sefjghLTA6SuTp2R7p1+o2NG2fGviaWcFa7MD93xikIqHyOTeCWvWrotiNUA+k6k +EEYUuKHtdAPFKXzYP25seQ1cy+k4CUv3qvLDxF5d60TXwOqDoxgyDD0uZ+yEZhWi +dfppIQdwdAC8V/cg+d8X9zSkZqnEvXVb0/OBDC2uUYg6yW5bD1u8GHEQlv+D -----END CERTIFICATE----- diff --git a/src/test/resources/tls/root-ca/ca-cert.pem b/src/test/resources/tls/root-ca/ca-cert.pem index fa10f933b6a..ea64a97f8e9 100644 --- a/src/test/resources/tls/root-ca/ca-cert.pem +++ b/src/test/resources/tls/root-ca/ca-cert.pem @@ -1,18 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIC+jCCAeKgAwIBAgIJAOxhhPR74/wHMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV -BAMMB1Jvb3QgQ0EwHhcNMTgwNTI2MTEzNjUwWhcNMTgwNjI1MTEzNjUwWjASMRAw -DgYDVQQDDAdSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -s5Oz+eujQUU38nQazQ4tkaeOQFTYW4qZOZwpqbX0l7x9WT4bdMAAo4ikGetYQVWt -EIMdHNztkAcJg0A/y6u3c4Dv/KJPgvOdUVcwR9WJl6UvVfePcRb58cnOCkSiYDKC -3fK+A7jsIwbW0/saYutJkwnECTw33Ye3KdCBB9CrJgL7rKTwjGt9M9eSS3EcTDSV -+hRYRjJz/2j0xOKEguEha//o+EjfffUiCvZydC70MjR4a2uBaMzXu1iogfJ7oNMf -KSF5ghdLK5yC4Jl+fKppr+5JOJkMU5Ru9kudDML9DfLS5mwnjZ7IIAib7NnSZCby -ksYMu1/IMZ5sjRnKbF5niQIDAQABo1MwUTAdBgNVHQ4EFgQUbfwfFcpF8j/FSy3c -mCq4ihUHc6EwHwYDVR0jBBgwFoAUbfwfFcpF8j/FSy3cmCq4ihUHc6EwDwYDVR0T -AQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAESk2UfrXhitiRK5fugH+od8F -JJfiiq8LeuxR7/fegSfVOhvOAROpYSQHNseDs3SEsin1DBrYQUHt1aJY5miCxo+v -uXZGgLgUozZc1lBqYXC09cLCf/en1saXFjlkoWgj/C00EKZyYG1B+cQPj5yZuK9e -qvymF81v8h40N/r9Ho/JZh5jg8BPjKMzkD69swTo96U83FzoQIP3yrayB+MCkSpU -j7bbO4qguPs4eFZJEaqrvDwNpAzdQXY2Aj0dwyCr8c6BLUyJL0R9aSPmQpfYS/it -ycsjAnoP9/YB2sTKoaeTE43GGjKpC/MkEiS85It/2ByeRVuy35KsLtGQJGsAAQ== +MIIDBzCCAe+gAwIBAgIUZgSDfKmpQRSFd3mrOI9dsmGVs+0wDQYJKoZIhvcNAQEL +BQAwEjEQMA4GA1UEAwwHUm9vdCBDQTAgFw0yMjA1MjcxNzA2MDZaGA8yMDUyMDUx +OTE3MDYwNlowEjEQMA4GA1UEAwwHUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBANS3bXUGArs/o3elaMg2fHHgfnYvBySbzj0lfD/N0TnE4JSx +au6cP77TVbBaODCIeqgkPocKVJvAr4IvU/M09Cl/dHLrXUplpZFGVg8czypRo3kX +viH/g5L/BDkOwxBDoD/467LFDQ9KPLfXeol2XC50Syqthsp2+4/P3RMr79HsXAHO +KXLYlghSfJ3R/I1eWX5nfwp5oJysxBS2CRjdlbVfklCIaMR9wVd4TwN2bi3lcTgW +ZufVJrF2oclXILFu3vFW+guth9tz/+fwv6G6g1Or0SdtzYy33hM2BmEb6oRcoCMU +jWaJqdEWXiD2k4x29dCiXJcOpP2skIk4+InCnM8CAwEAAaNTMFEwHQYDVR0OBBYE +FMrGK+4yRA+wMZCzJA7HrXH+/faSMB8GA1UdIwQYMBaAFMrGK+4yRA+wMZCzJA7H +rXH+/faSMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBABbQC80G +qwAX427hir2yU8GayN8mJ4NsNmVXF9eUvYmLRspiLU9FkFGsxqklH+ub5TDXUol2 +q8j0/+7r/SFXG/DHDSOYQD6ngsRps9eG2mAShkgs0M1wsGlvQpPiFUSouYxgPx7v +R/VVv+YZIHXfxSOhZxOcXiJfheLY3RdDtodDNu/scNVS5wgZuzM5qyiBHrFTmVlP +L6ctd7yzQ1ktcUboFJsL88JUgOGr3a+LXwayDxvh0WLDps8HAzPo/Jz8emUpKi4O +tuy4G4jW3eHqN9HHHWOv/bOHJVUSaAfBPyo1DtwpXqSr6HBHzMm0yFecPIRHXMUT +8RQtEBN3//e05KA= -----END CERTIFICATE----- diff --git a/src/test/resources/tls/root-ca/ca-key.pem b/src/test/resources/tls/root-ca/ca-key.pem index c7b159e8dd1..59994f61d12 100644 --- a/src/test/resources/tls/root-ca/ca-key.pem +++ b/src/test/resources/tls/root-ca/ca-key.pem @@ -1,30 +1,30 @@ -----BEGIN ENCRYPTED PRIVATE KEY----- -MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIzxg4Sf5yRtYCAggA -MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECIBBIIaHNzecBIIEyMWb+vDkwq5r -/txQ8+S8lTYnjJptkIsz8x4hK7osql8jiOPHyXoUqHMNPHQFCuWU/2mndaJTqYBp -PGPi3sEdBFzsutIEjMdZeSyIT3XcBA3VtzAYFarvgQ/SO037WzdptakU/RuN51Mw -Ub3rZaydKB6Rag0v15fxdE9xHhvGhtSSboWhkwpZsQiD4XjCOlkDw1kpqKJu2zyW -/MMvNSebBd/WLPogWxKoeeZiQkwe66Ohg512nw1xnwNfLfMiTfmg1j27bKtQX2uW -0yO3fJMbL7sf9LeSUQIrClQNFQf4kZgrKsWH8qmrYOCt04dzYGMHLyS2A3MFHVqi -txbeTrqb4FEMcpV/D6fCsnkIPCJkZLTR9tdRmECFvipOznIiufrbkqqQZWuLWH4F -h40aYVnoJr1qeRjU2PUohNHDUE5/9moYk5OQ32mV9E2AorYj04jdRDM66cRRvD0v -OXrbB6P7mP3dg1gs/VLJseqk7ax+vJWX9pe9BwX2SrSUqKWScxqIJbM3X8wJFqSL -3Ctk4ymzu9jQE8RwQZE5ETUXtE8kopEZtS4scXOuZWLebkCIs6kDJ2dDAOGnnbmv -0ZMCUb72o6B0Tv3cWyL1nDhWjD0swFDgG48HHtfeKryNXnKSMSk0w+CTzKhjmLnf -VnmAuBioyeAGctcLHm3bG98fdrkhar4Sqq9vchnz3wsQtRJUuoFFvhnOGceqLWTC -2go/xL/Jy13644AKnZzvVpN7jh2fRc4tCpumOgc8j5RT6Iwe6OMxArxBevsHb6vU -g847kbpiw+sPGLFM5e0sYWWut+dxB6SzuCFMWjswjnkZjbWENCpXc1lmYKbHlotu -6XmdhBzuLWNZ++xY5GXaNVieFw81lgDSFLUgSIBw+OxuXd2RMiKkdFAyzccQ8R9G -mUaLNZhREakoalS6MRC+e/XSKSsK+lb+L0TReilVkwgtgCXaXwhGFSBS3rFCruEO -aZjdQO6QmeTfjtL4YVufyoZg2MI7pAcZ9g6M9kTObwYE0xXHjQfRgmHiI5fZMIuB -nx1zMzGmPmuLRbWsuOAhpuNWMssB1g6gqUBnoBfVuBS2WTQInQXdOu3uC1pVTbNO -thqY+X+euAn39hQZu7vRmr/8oq2N/r7A4Q5iyKfNcLeN9aYroyiDHHoPfN57o2Ap -t5YFOitQ3OFctsSB990DxLLE14waIsIxuErboxWln86Zpk9+8f4b1f123HfAXGww -Ggj2rkbje65F5dMl0xB5YDaxD8EdpD2dhXGieWvrpSLc29L1hu2/x/Mh+AgiKruT -bHk3X8rRamUfAp49xX0QV2nCqDFKk+xc5U5wi4Ag4Vw+eaff108E+tgsQ5X4AAoR -XRJSGgsNB1xoHsWmnAOX4oTES8FbHFCmH0O88qRtT2JDqbAJ+u3nogmMkaH96W6L -5RSRo6G0QTK7dQcU9dlTFjOuZ8A+J/fezsJx2YgYKfprdlP2pWE2pqVIwtjGCJMZ -K7yuUEmKZcwp7vjPHin9h+32bt/7LKDfC9ECxqs0WZCjSkRCzw/GLV5OYGoLd7hz -ZeUnNHtZZzCMsiZYRx2/VfuTlMw++ODqmaMelIZXLPKdBk0nxaZJoy2oGGvSGVx9 -HIXc8csLPSIzZy8UGhasCA== +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIjeVPW6EF7BQCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECPqkeypm0BYkBIIEyD3empSksBcg +/NmdVgIet+Xqo5IpYYrciZedV0chZXdccnnJr52hFPfkwfEIutNrP/dr3qHJkp5o +oM/8O2OgUgEVV8xP/d7JMtkah/2vTFJ69ZccMCeW1vRsstHiMjRbuWLbkvw1AReB +XZAKnjnK0hYdteJbCnpwoGf8quQe60BxsdD8NExU1ig4gomQEHe7Qtk6MDx/Kf5t +YeCPu1kd1y8rerVxxN7n5SF0Y6CSCR4j5RbvyE9cn3kEFUOekSW/sd87+4YCCRrw +G+lPpc3S11fn9sVeG43BC/jdjEaMxT4Av9wxGPunBnC6PXpYGXt/fH9uaCQkkqad +CFVr+pXpAW2UeIFWKhezJKkUWJedHKFQnZGQ7oMJaUT9z5l7iwjFyR6YIx2gMmyD +x43ScReZgY7X+vvNz/YiL4AQeHojFakXZxyRTKKAhEIo58Oi955di3Usysr0XVBV +825v5tvKjrSljGl6FjLVIevX270L/uF+SXWx0DCc197an2efVaxd/dliQZEaQyXy +ky0R+vngG5rAknMaMMqoJPm6Qk/g7gS53T+b7XlVXABgY8KccwOyrOLnYH8jvtFW +awWNODKJP8x4KDGVm2lNpv1ijcKJQxqECl/ngj30HzzsDy0ampD+T4bwsCMJJZMg +bkePRG3cABtS7zhcSzlEec76sqxdBsglsN5A1or1Rh/XSDf1E4R+mxYa2t+V4ZHA +Z2KZvfZS6Q2+5Y5XdAz2tt8otfCpvjKqMuEeu3sS6jRMFT3MYnGZ/kK2Ixt7IJVl +dghYuW44pEnAtWG5XCimkqBdCCRxix/bmbztLinLzOtw7CKRdpAHn6BHk2m0fsna +kEMAEz8oVocUbDTKUZVJ1CPqbyxTHbd0MWs4rwcgdH5+wIp7dkh4xRhpk627pfOU +W60mJuBnGSBI3Sjati+kpJAmHPp16Pyb4cqa8/8Xex4T0ATZPSav+iLobak1xYv/ +76HWG0m+TFURlqZWRy/D4pJk8I+tDESDtykFP6wOCgaJu0VHD3RpZBmfwCYAaJa7 +8XFPVpVKDVnoHtwmjLGyDDIsPNTKzOBSBp6U5QpDVqlZjF8iJG17dn78FIDSSseT +B/A0QD01UUWvo1Bkg8rKLUM4Q2ZyJ5LJUnO9akGzIZ1cGnkjJqWoqALcr2GlmivK +rnQnfDOnKci++ybnJhNkyTfUHChE2qB+spO2hcreQfPgqn1SRh7ukhP9Kv0oEE9b +hW7fpZOQYAH0NQBQl5kFjjxIZfMlomr/27iFCuMTjJaBa6G6hJ6h35pjtCwUid4L +1f5WumkFU5ZwkY3vriuc5zDhxNfvquM00vhSR2GDIJKzxhBOm/M5xzEfp0qwVP4Y +7mHGoArESFeZWwstmHcG7JACbUUK4hNoAOKAHxpiiNv2t77hCk1AbCzUYQy0a1sv +Y0l7nlRjUGNOmxuH4hUvKR8OfvJuZqYHSNTQDvRlXADs6Cq0AU6nKkMlXb7k1JrE +skEwlIAvj+SSDdaMmhViTTl448Mi+xRtdfE/ReH0jQdtm8oMR991tsJKuKvqDKIR +6Ksc6XMLTEQrl/17d41vSkWW64lWmXF+PQmSKkRLjjXLmBk9nS6f+t7tBIv7VtmW +an65UX0XlZsKf3Jryj8tpg== -----END ENCRYPTED PRIVATE KEY----- diff --git a/src/test/resources/tls/root-ca/crl.pem b/src/test/resources/tls/root-ca/crl.pem index a34bb35ced7..a812fc8802c 100644 --- a/src/test/resources/tls/root-ca/crl.pem +++ b/src/test/resources/tls/root-ca/crl.pem @@ -1,11 +1,11 @@ -----BEGIN X509 CRL----- -MIIBlTB/AgEBMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1Jvb3QgQ0EXDTE4 -MDUyNjExMzY1MloXDTI4MDUyMzExMzY1MlowKDASAgEBFw0xODA1MjYxMTM2NTJa -MBICAQMXDTE4MDUyNjExMzY1MlqgDzANMAsGA1UdFAQEAgIQADANBgkqhkiG9w0B -AQsFAAOCAQEAUbxdTIDkR+eHLlYhUF4MTYeJ6Ur9TsN72wtnPn6qdmDgy0nkB190 -KXiYymoINXgqQRgxXlxOUMpZV/tt4t4BgwOYpiTFHEY0KiCOJYwNhh700os51H/D -YuJwgf68SvwtxtpN5PV2M/oT/BY+cdbf9Z2h88dZwqt2ojhPcm1/oaSK7Q3V+4q3 -nkCNfM+Y9lUuvicgZhy1qlVX54pg+SjS2TQJE/GQqhR/hII1AUY2iSJBQZ/HyKyw -WZf3clM/4agNS55XMAuoD1NdC2Aka0ybcoqxSwrQ9KF8n+36iBtaPPmpMuozg/pE -/2aMju7vq5BGQh4k67Hn0qHzTCCF22vjqA== +MIIBmDCBgQIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290IENBFw0y +MjA1MjcxNzA2MTJaGA8yMDUyMDUxOTE3MDYxMlowKDASAgEBFw0yMjA1MjcxNzA2 +MTJaMBICAQMXDTIyMDUyNzE3MDYxMlqgDzANMAsGA1UdFAQEAgIQADANBgkqhkiG +9w0BAQsFAAOCAQEArgoJxFUVFSTotYYnzEGrP7ya39ddufDC7NkwqG+K3RhPDjac +n55NJ8SVWujEMmwHCt+rxLzzXS87lRJVTlK5v/zQNwk0Hcd5NHIjxm+yzL3rZaBf +HiONcwyTOApTO9TbQg66iB6ycO1Q9rNtOYrgLP788UuAlNTAr0TTcxv7Gg4x5WdQ +3Pi00iZc+p4nkAtpOvm7HvlQqa3ettyO4AHHkNx3weUkKyg1qMLJ7x6SjRpWa3mi +4DiHXMGNp4q0BuiVtx2a+cpa8bvOzHNgy/zBMS2lSbcZfirlztd2aODmll7YklDr +YvnyxLxfFhOY87uayq+2JlQhgDvDJKhgVcMDuA== -----END X509 CRL----- diff --git a/src/test/resources/tls/root-ca/index.txt b/src/test/resources/tls/root-ca/index.txt index 16455507505..0501b378775 100644 --- a/src/test/resources/tls/root-ca/index.txt +++ b/src/test/resources/tls/root-ca/index.txt @@ -1,3 +1,3 @@ -R 280523113650Z 180526113652Z 01 unknown /CN=localhost -V 280523113651Z 02 unknown /CN=Intermediate CA -R 280523113652Z 180526113652Z 03 unknown /CN=client +R 20520519170606Z 220527170612Z 01 unknown /CN=localhost +V 20520519170607Z 02 unknown /CN=Intermediate CA +R 20520519170610Z 220527170612Z 03 unknown /CN=client diff --git a/src/test/resources/tls/root-ca/index.txt.old b/src/test/resources/tls/root-ca/index.txt.old index 49d4315d525..29f6e32e052 100644 --- a/src/test/resources/tls/root-ca/index.txt.old +++ b/src/test/resources/tls/root-ca/index.txt.old @@ -1,3 +1,3 @@ -R 280523113650Z 180526113652Z 01 unknown /CN=localhost -V 280523113651Z 02 unknown /CN=Intermediate CA -V 280523113652Z 03 unknown /CN=client +R 20520519170606Z 220527170612Z 01 unknown /CN=localhost +V 20520519170607Z 02 unknown /CN=Intermediate CA +V 20520519170610Z 03 unknown /CN=client diff --git a/src/test/resources/tls/server-cert-ca-chain.pem b/src/test/resources/tls/server-cert-ca-chain.pem index 572c34a78de..bd124390b62 100644 --- a/src/test/resources/tls/server-cert-ca-chain.pem +++ b/src/test/resources/tls/server-cert-ca-chain.pem @@ -1,34 +1,34 @@ -----BEGIN CERTIFICATE----- -MIICojCCAYoCAQEwDQYJKoZIhvcNAQELBQAwGjEYMBYGA1UEAwwPSW50ZXJtZWRp -YXRlIENBMB4XDTE4MDUyNjExMzY1MVoXDTI4MDUyMzExMzY1MVowFDESMBAGA1UE -AxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxQ0 -vO4DYwlkftKPLncaVLGchDC+mABbHCVsoMkffQEZ3HzmM2YmAtlQPJ3KpCPlFE0A -R3yNSfhGSwAX6ZMurSpXI0K06+WoXWO/zAX1YvpWOikwiBiv5a1qak555zCcoQv5 -M2Tvq8krCq6Iu6MME8E4wAKzYunYA4DysKcFj+lZpmKL0ui5Dubm+KxYsA0zafPv -e3FSMGt49FMwWJCD8315b92ia6uTq5mTPOqlfNOGHDOevYOq+7A4PL/Peuk4nIQJ -n32nYiwBcl2M7r5jRFAORWriGecCmMEpxBtD2ep9RkbV+mhg+c6/N2TicsjKqUzl -OEWHBMXIzJQJQg+OewIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQB2rl4oI+XMt7zK -JxhRK5cUTU2zeQBNAVFLDWiC+MyHF5q83tcF4ipKIEgXcCecFkW1FXeD79iGqb2f -gK5v4Sa/rupQbQWCejCM5z2InP3b7nhxfyVd/yZoTVVI/URkxWJSUisfCT5gRV70 -hJrIb1x2V2QVt/xxNSwg2g6PCuC2IUQhxJXzQv+IOt7be7CVnecnWa1n11RhFCn8 -7wzwXX1Eo5n+eopFqJwBsUFsCFW1KOnR79HlGAUgvhXw+TG2dfGtLHYYPgbzp0uT -E1TL5xw+lH1wClwpc7E+s+NEyOqUAbvo6Zn1Jm+I9QAJNkhOhHIca3aGeKyDNNFX -yZsiEGPR +MIICpDCCAYwCAQEwDQYJKoZIhvcNAQELBQAwGjEYMBYGA1UEAwwPSW50ZXJtZWRp +YXRlIENBMCAXDTIyMDUyNzE3MDYwN1oYDzIwNTIwNTE5MTcwNjA3WjAUMRIwEAYD +VQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc +9IClpVni3bUP2bms9289IsHcBXg7//a7jnAVE7EEQIwMmBCG9QhyVJK1lNQdyWQz +U9yyYaPI3ZQH+JVu8KYWwuVfW6ogLahC/7qE4nEe5RtaJrso2305tXHqp6wRUolf +sFTVJQwvyTiBHg9xfdfttjMW1IVAP2RiUAXRPyOeFUt4E/jsYeXpQw/og9AYuLU/ +BNLnf9T9R+Ceb82d/MeMUUQaHz0tnU9nZzXZPqfa6NxT2MdMjN1sGujaON00nZS8 +sr68wfWEnPR/MMfA5jA0F9K4l6HTzOwcKeyLPLac8fVuOrRRIISFRhnFVCa3zPcY +s5xtVS95MAF0WtAV13LnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKMPq0DDfcWu +URfveSpnV+Mws1y5HTIWmef83mQDzrW1mCqEtiLu7seSIq3L1sPVdvDGDRwnKHJf +inOGTpsMpDu8QDSa9GQhe0qmb/5kJbo9LHAnzO9zZ4q50S66QkZOvkT3TPpm0e3R +wsFceDA9bgjaOs2FLH5DFGbxoj1jQn+IIa7bAbWPoAS9nQ7l3tNBXqQ27G/mqB0d +eJuG65CqxP0Y3UNJ0ba3hobAjvF+rxaUKXo24sVM6liDwV+TJEg++zdVfSqPeHxM +7nF/JBn9GpdUIAAlntJod1zIMwLtO099SD6UcgisppLwDNNUC1JjMy6LBgU6kMy4 +s8dzwnQenuQ= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIICtzCCAZ+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 -IENBMB4XDTE4MDUyNjExMzY1MVoXDTI4MDUyMzExMzY1MVowGjEYMBYGA1UEAwwP -SW50ZXJtZWRpYXRlIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -tmvtTrjN+A5ge3xK/U2Yni4lJJlqd6Y5fVsIPUC15EjM9WNw/1UuHoFEgCUyFAp8 -Cl+ZKCi0KvfOWD5sd9e6O/qaE6BHrVFtnAW9BD9AuGzj+Nl2Jbr5Rz9igm/h3+K1 -C5hTgTH3FFsqszyH7O32yFFhmH0AEYRlnTZe4SeylwmAi4wisbF0027oQ3ygUaJl -ObbdCN4B/WISkRYnG3UF//r0FzsaxUHN+wGgzhXLbZTh6HwFBNTnUypoG4KxTJ31 -vZjB6FGkQvWUfZXG0cR5gA24qPtwh0ASj/IqCNRAVDcuMO5qu9Kv8X/sJVha1g/W -ND6toxuV/JdDoFuPsF7JGQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3 -DQEBCwUAA4IBAQANQeNCOw+0/XyyfD/Iqov8EhDzzZuhJYvupOYO9BWasSJvyRYb -jW1a4z4trdiZtXaQtEEUeGpf/6fkzPFJ/FrIuINVjEFbEQDFJH2XWIqwWa4WwLzO -4TAB7i7ezQbq7MmiSHaLssiwJMTrP0MvhvTakvTLa4jtVT9ZOP/oZ0mkW0iUd/3Q -zinV4r6McCczUhk1nlHlupXmmUxAQiARAuaGL6VhheIwg7a0CTZeAjlRzoV6YQP+ -tIMegomWQ0zf3nWDmC2ce6v6F8lImUzQzy5z5mm4ZprdIwgPDBi8xADYWEO1aQHf -EDlsESX7Knw9cQyNcYc+trIueyeVt09E/fMO +MIICuTCCAaGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTIyMDUyNzE3MDYwN1oYDzIwNTIwNTE5MTcwNjA3WjAaMRgwFgYDVQQD +DA9JbnRlcm1lZGlhdGUgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQDGph0kX8MT0YOepxDaIG1Pjus+C2pVvWb1OYqKqTWeOw5d4kcBRVI6I6LyRu9M +At4S/Y/VLd1fO591AFkfM1LHQ0WEN8iISnWvnbjpqwH1uY2P1saG+GykZ0I5w3o1 +zncBDwfk+9VhiiqjBa1de8Rn8arI+EgOQCAb2TC13ye5qSq8nCYriqM9YLFci1nN +zvmRi4O8YqVoDgIzqRdzHnQ1weTXefjhadrVeKNBw1M6tGeK/nzMA1lRpogVVsaD +qUJ4fErpf6uHsLMwhnqKb57wZXVWx9nlzaGfc87vsw9NWbBfkvoD7DXHYDxALcfZ +9qBYFjmYHnNrZIZkpfQV8gMzAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHNWyZOGUq2poYfoG8YOOQvJAreDiBFjtPWgBg8mfPlnz6bk +9uyDHGfFcCY85jZAjwggN/mX1G6Cc5naGBhdafQlDD6bT/aAIHyCLcl1IBb2mc89 +v99pY38bwAqf58JGBMtJNLQOhAm+VJQ/2qdaAZhyut4QZoD0Rog0cJJj1jGT8UKT +q9rIWcbZ75ZXkvCI1xMu/oeKY5jolVibdEg3iRqPX360IAoQfgRID1fJqcp8eh75 +xb1hDvdD2aaf9hrQmJMRUxS65QrsjijVTK2cvn5fcwidEXCDNAFkQ2x1LRNqJCne +YiQHnSIGqyTG8lwRNoGYf70RigUvFCFp12u0s5Q= -----END CERTIFICATE----- diff --git a/src/test/resources/tls/server-cert-ec.pem b/src/test/resources/tls/server-cert-ec.pem index 339fbfbfbf6..d36061e7d90 100644 --- a/src/test/resources/tls/server-cert-ec.pem +++ b/src/test/resources/tls/server-cert-ec.pem @@ -1,16 +1,16 @@ Bag Attributes friendlyName: test-store - localKeyID: 54 69 6D 65 20 31 35 35 32 33 30 36 36 38 31 31 32 33 + localKeyID: 54 69 6D 65 20 31 36 35 33 36 37 31 31 36 35 33 35 38 subject=CN = localhost issuer=CN = localhost -----BEGIN CERTIFICATE----- -MIIBPjCB46ADAgECAgQ6tJi/MAwGCCqGSM49BAMCBQAwFDESMBAGA1UEAxMJbG9j -YWxob3N0MB4XDTE5MDMxMTEyMTczMVoXDTIyMDMxMDEyMTczMVowFDESMBAGA1UE -AxMJbG9jYWxob3N0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAERV4SZQWdTlbD -jo6+YD0QKnBl4YQQ+FAX+W3kiu8EnKH++yt/DYanhUgLZe1b4Y5FHYvvCxL6f1Is -eE64fh1/qqMhMB8wHQYDVR0OBBYEFKvysDIz/CBLQ23fIcGnR4noVkEKMAwGCCqG -SM49BAMCBQADSAAwRQIgQNjY6uP2NaYZUVtpdDDkP1lDuf+NXf2fi13WulUmZugC -IQD+rknpUHHpqtsKmeaZNOEotS3k+fyqM7dIGaVdLsFi8A== +MIIBQTCB5aADAgECAgQ0Zbh8MAwGCCqGSM49BAMCBQAwFDESMBAGA1UEAxMJbG9j +YWxob3N0MCAXDTIyMDUyNzE3MDYwM1oYDzIwNTIwNTE5MTcwNjAzWjAUMRIwEAYD +VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARWgR+dltsa +Y17C9qnwXjoxrN1O+SPHDuWGG0OTcOLTlq3P6dlFeQlKpPSGsOzYUhzCgVmwQ7bm +LLJ4QtUTRT8WoyEwHzAdBgNVHQ4EFgQUQfehWk0cjk5xLL1ExxZ0TgMlMA8wDAYI +KoZIzj0EAwIFAANJADBGAiEAt80QBnJXxkvw2HP3rDWH+UPUHTTtpLNZeFO3wmoM +3M4CIQDUL5m2b4aimZq0w0QTFoPmcWby9maitPFpdl4rCgqUfw== -----END CERTIFICATE----- diff --git a/src/test/resources/tls/server-cert-int-ca.pem b/src/test/resources/tls/server-cert-int-ca.pem index faeb738abbe..aa97ddae274 100644 --- a/src/test/resources/tls/server-cert-int-ca.pem +++ b/src/test/resources/tls/server-cert-int-ca.pem @@ -1,17 +1,17 @@ -----BEGIN CERTIFICATE----- -MIICojCCAYoCAQEwDQYJKoZIhvcNAQELBQAwGjEYMBYGA1UEAwwPSW50ZXJtZWRp -YXRlIENBMB4XDTE4MDUyNjExMzY1MVoXDTI4MDUyMzExMzY1MVowFDESMBAGA1UE -AxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxQ0 -vO4DYwlkftKPLncaVLGchDC+mABbHCVsoMkffQEZ3HzmM2YmAtlQPJ3KpCPlFE0A -R3yNSfhGSwAX6ZMurSpXI0K06+WoXWO/zAX1YvpWOikwiBiv5a1qak555zCcoQv5 -M2Tvq8krCq6Iu6MME8E4wAKzYunYA4DysKcFj+lZpmKL0ui5Dubm+KxYsA0zafPv -e3FSMGt49FMwWJCD8315b92ia6uTq5mTPOqlfNOGHDOevYOq+7A4PL/Peuk4nIQJ -n32nYiwBcl2M7r5jRFAORWriGecCmMEpxBtD2ep9RkbV+mhg+c6/N2TicsjKqUzl -OEWHBMXIzJQJQg+OewIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQB2rl4oI+XMt7zK -JxhRK5cUTU2zeQBNAVFLDWiC+MyHF5q83tcF4ipKIEgXcCecFkW1FXeD79iGqb2f -gK5v4Sa/rupQbQWCejCM5z2InP3b7nhxfyVd/yZoTVVI/URkxWJSUisfCT5gRV70 -hJrIb1x2V2QVt/xxNSwg2g6PCuC2IUQhxJXzQv+IOt7be7CVnecnWa1n11RhFCn8 -7wzwXX1Eo5n+eopFqJwBsUFsCFW1KOnR79HlGAUgvhXw+TG2dfGtLHYYPgbzp0uT -E1TL5xw+lH1wClwpc7E+s+NEyOqUAbvo6Zn1Jm+I9QAJNkhOhHIca3aGeKyDNNFX -yZsiEGPR +MIICpDCCAYwCAQEwDQYJKoZIhvcNAQELBQAwGjEYMBYGA1UEAwwPSW50ZXJtZWRp +YXRlIENBMCAXDTIyMDUyNzE3MDYwN1oYDzIwNTIwNTE5MTcwNjA3WjAUMRIwEAYD +VQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc +9IClpVni3bUP2bms9289IsHcBXg7//a7jnAVE7EEQIwMmBCG9QhyVJK1lNQdyWQz +U9yyYaPI3ZQH+JVu8KYWwuVfW6ogLahC/7qE4nEe5RtaJrso2305tXHqp6wRUolf +sFTVJQwvyTiBHg9xfdfttjMW1IVAP2RiUAXRPyOeFUt4E/jsYeXpQw/og9AYuLU/ +BNLnf9T9R+Ceb82d/MeMUUQaHz0tnU9nZzXZPqfa6NxT2MdMjN1sGujaON00nZS8 +sr68wfWEnPR/MMfA5jA0F9K4l6HTzOwcKeyLPLac8fVuOrRRIISFRhnFVCa3zPcY +s5xtVS95MAF0WtAV13LnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKMPq0DDfcWu +URfveSpnV+Mws1y5HTIWmef83mQDzrW1mCqEtiLu7seSIq3L1sPVdvDGDRwnKHJf +inOGTpsMpDu8QDSa9GQhe0qmb/5kJbo9LHAnzO9zZ4q50S66QkZOvkT3TPpm0e3R +wsFceDA9bgjaOs2FLH5DFGbxoj1jQn+IIa7bAbWPoAS9nQ7l3tNBXqQ27G/mqB0d +eJuG65CqxP0Y3UNJ0ba3hobAjvF+rxaUKXo24sVM6liDwV+TJEg++zdVfSqPeHxM +7nF/JBn9GpdUIAAlntJod1zIMwLtO099SD6UcgisppLwDNNUC1JjMy6LBgU6kMy4 +s8dzwnQenuQ= -----END CERTIFICATE----- diff --git a/src/test/resources/tls/server-cert-other-ca.pem b/src/test/resources/tls/server-cert-other-ca.pem index d2354394264..498bfbcba3a 100644 --- a/src/test/resources/tls/server-cert-other-ca.pem +++ b/src/test/resources/tls/server-cert-other-ca.pem @@ -1,17 +1,17 @@ -----BEGIN CERTIFICATE----- -MIICujCCAaKgAwIBAgIBATANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhPdGhl -ciBDQTAeFw0xODA1MjYxMTM2NTJaFw0yODA1MjMxMTM2NTJaMBQxEjAQBgNVBAMT -CWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKcUNLzu -A2MJZH7Sjy53GlSxnIQwvpgAWxwlbKDJH30BGdx85jNmJgLZUDydyqQj5RRNAEd8 -jUn4RksAF+mTLq0qVyNCtOvlqF1jv8wF9WL6VjopMIgYr+WtampOeecwnKEL+TNk -76vJKwquiLujDBPBOMACs2Lp2AOA8rCnBY/pWaZii9LouQ7m5visWLANM2nz73tx -UjBrePRTMFiQg/N9eW/domurk6uZkzzqpXzThhwznr2DqvuwODy/z3rpOJyECZ99 -p2IsAXJdjO6+Y0RQDkVq4hnnApjBKcQbQ9nqfUZG1fpoYPnOvzdk4nLIyqlM5ThF -hwTFyMyUCUIPjnsCAwEAAaMYMBYwFAYDVR0RBA0wC4IJbG9jYWxob3N0MA0GCSqG -SIb3DQEBCwUAA4IBAQAVs/iGugJ2eTjapnBTdHwlisko8NNAO54br8vvZC1tXk6K -V5mJwtnYn7tbVjxZgA5Wsh9FcehaqIHsb+rvZi607unXSsmuuS7uMmRXO7UB2rWp -cXUbgp8XjmIfHIDmYIImCZshtWokiiCeAWul9MH07aAS7y/NiyaabPku4oQGy67s -xbH7LPFzECZ3b+JLKSEOBGG2R564ofkJT/joWj8TQTPEfCxuyAJXjd0Hem/B7ABc -8om7K4pllh8R50tY/d9KCKOpcqdx3ZFh0mgspm8Wu+67ngqR9wlS6rgIl9VPc2Ie -bV84nQA0Ga10eXF8kZlZt0a/CyKMMZh7D0OI67Cc +MIICvDCCAaSgAwIBAgIBATANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhPdGhl +ciBDQTAgFw0yMjA1MjcxNzA2MTBaGA8yMDUyMDUxOTE3MDYxMFowFDESMBAGA1UE +AxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PSA +paVZ4t21D9m5rPdvPSLB3AV4O//2u45wFROxBECMDJgQhvUIclSStZTUHclkM1Pc +smGjyN2UB/iVbvCmFsLlX1uqIC2oQv+6hOJxHuUbWia7KNt9ObVx6qesEVKJX7BU +1SUML8k4gR4PcX3X7bYzFtSFQD9kYlAF0T8jnhVLeBP47GHl6UMP6IPQGLi1PwTS +53/U/Ufgnm/NnfzHjFFEGh89LZ1PZ2c12T6n2ujcU9jHTIzdbBro2jjdNJ2UvLK+ +vMH1hJz0fzDHwOYwNBfSuJeh08zsHCnsizy2nPH1bjq0USCEhUYZxVQmt8z3GLOc +bVUveTABdFrQFddy5wIDAQABoxgwFjAUBgNVHREEDTALgglsb2NhbGhvc3QwDQYJ +KoZIhvcNAQELBQADggEBAE1rM2McjlZF3IwGRQG5UH/Tz0DPmM+b8eYBZaH4dFCu +8JVC21Efg25snr+YtsoGdC7suRUP2Wo4U8bEMFBrnSXXmFNgVA8iuHQst6kZ2Q9R +J/ahLo5p0Zoh1YIegFezptonERV+zk31GFkFRXqdFaFHF4G72rpZ8m6nr7Sa8KhI +P4X2Dkej7bPJBPGIIxyK8NLEIh004X98GkpkrQ+j4IoLrbsIBUDNSMxQM0NX2TCw +xSgWoddHNFp5Xv9SyB8fr8YQhMgTFHT9RAEKs9LKQm8LyWw/tboeti/ZzDPPHbRU +MD3kDQ7FK5W7jSAOVrLbmFtWsUGZUuiQZ6hcGJQfSLw= -----END CERTIFICATE----- diff --git a/src/test/resources/tls/server-cert-root-ca.pem b/src/test/resources/tls/server-cert-root-ca.pem index b3a7a39c65c..49a03dc8588 100644 --- a/src/test/resources/tls/server-cert-root-ca.pem +++ b/src/test/resources/tls/server-cert-root-ca.pem @@ -1,17 +1,17 @@ -----BEGIN CERTIFICATE----- -MIICuTCCAaGgAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 -IENBMB4XDTE4MDUyNjExMzY1MFoXDTI4MDUyMzExMzY1MFowFDESMBAGA1UEAxMJ -bG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxQ0vO4D -YwlkftKPLncaVLGchDC+mABbHCVsoMkffQEZ3HzmM2YmAtlQPJ3KpCPlFE0AR3yN -SfhGSwAX6ZMurSpXI0K06+WoXWO/zAX1YvpWOikwiBiv5a1qak555zCcoQv5M2Tv -q8krCq6Iu6MME8E4wAKzYunYA4DysKcFj+lZpmKL0ui5Dubm+KxYsA0zafPve3FS -MGt49FMwWJCD8315b92ia6uTq5mTPOqlfNOGHDOevYOq+7A4PL/Peuk4nIQJn32n -YiwBcl2M7r5jRFAORWriGecCmMEpxBtD2ep9RkbV+mhg+c6/N2TicsjKqUzlOEWH -BMXIzJQJQg+OewIDAQABoxgwFjAUBgNVHREEDTALgglsb2NhbGhvc3QwDQYJKoZI -hvcNAQELBQADggEBAJ9pVuaNvgR3RcNOKnV11OgXN/VsNM4d2plT+bI6FNeme+YX -6Yu9A2WQmVXf/xuMch2W9OoXlJPq1Q707uy6P+3quUmiWCeWvl+efgRFs8G4BR/E -XsVDE0Ovu8HP/FDn12tY4t/FxKMitkV5mqP4H3QWCAui4UJPbTHcCe9wXTuo1aqu -1liIIpe//iyhKUpE7atrnt3MpkU0spTWZXj6zRuaDoQ2C//rHLuf6YiFiNHfj5+9 -4UV8v4cHELSn+DqEfzErqUCvj1buSNygjpgtT0jedsMOprm5V5vPArJdjogEt14W -sL3xtm+/3XM2nZBvIclmEoVhiXIUtMArjaFmeQA= +MIICuzCCAaOgAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTIyMDUyNzE3MDYwNloYDzIwNTIwNTE5MTcwNjA2WjAUMRIwEAYDVQQD +Ewlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc9ICl +pVni3bUP2bms9289IsHcBXg7//a7jnAVE7EEQIwMmBCG9QhyVJK1lNQdyWQzU9yy +YaPI3ZQH+JVu8KYWwuVfW6ogLahC/7qE4nEe5RtaJrso2305tXHqp6wRUolfsFTV +JQwvyTiBHg9xfdfttjMW1IVAP2RiUAXRPyOeFUt4E/jsYeXpQw/og9AYuLU/BNLn +f9T9R+Ceb82d/MeMUUQaHz0tnU9nZzXZPqfa6NxT2MdMjN1sGujaON00nZS8sr68 +wfWEnPR/MMfA5jA0F9K4l6HTzOwcKeyLPLac8fVuOrRRIISFRhnFVCa3zPcYs5xt +VS95MAF0WtAV13LnAgMBAAGjGDAWMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDANBgkq +hkiG9w0BAQsFAAOCAQEAbaOzq4M4OeZlnMyk+gW7tXXrkADngFvA5sj/AMIOGJeW +PQ6xgmPpTxGos8A27PWu6QcjrM2NbpWWsM05111IqRmAKpbBWuT58p121gVqEX7f +o3DFU5tZG1ENcm01/HgChkAtL4LT441gTp3ev/pf/BSpgkavBb4/VzaUtTlzRewr +/qIhYB7Ns3Yifdm4kzI5XQm3QEG/3tffgCvXp8zmTi1tztQjkUf49mYfvf686aJG +D0FvX6gaKYecTr7h8EdErArzwWv+y9WEls3/zKWT+Fz3L1Mr1DLv2OdEbJgRuhMb +dgPKCIJ86bCKZ3dOWXqfi1Qy+iRFAaJQYq1a7FRShw== -----END CERTIFICATE----- diff --git a/src/test/resources/tls/server-cert.pem b/src/test/resources/tls/server-cert.pem index 1379d2cc71b..f7c0e66614c 100644 --- a/src/test/resources/tls/server-cert.pem +++ b/src/test/resources/tls/server-cert.pem @@ -1,22 +1,24 @@ Bag Attributes friendlyName: test-store - localKeyID: 54 69 6D 65 20 31 35 32 37 33 33 34 36 31 30 30 31 31 -subject=/CN=localhost -issuer=/CN=localhost + localKeyID: 54 69 6D 65 20 31 36 35 33 36 37 31 31 36 34 39 30 37 +subject=CN = localhost + +issuer=CN = localhost + -----BEGIN CERTIFICATE----- -MIICxzCCAa+gAwIBAgIEWM3JmDANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwls -b2NhbGhvc3QwHhcNMTgwNTI2MTEzNjQ5WhcNMjEwNTI1MTEzNjQ5WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn -FDS87gNjCWR+0o8udxpUsZyEML6YAFscJWygyR99ARncfOYzZiYC2VA8ncqkI+UU -TQBHfI1J+EZLABfpky6tKlcjQrTr5ahdY7/MBfVi+lY6KTCIGK/lrWpqTnnnMJyh -C/kzZO+rySsKroi7owwTwTjAArNi6dgDgPKwpwWP6VmmYovS6LkO5ub4rFiwDTNp -8+97cVIwa3j0UzBYkIPzfXlv3aJrq5OrmZM86qV804YcM569g6r7sDg8v8966Tic -hAmffadiLAFyXYzuvmNEUA5FauIZ5wKYwSnEG0PZ6n1GRtX6aGD5zr83ZOJyyMqp -TOU4RYcExcjMlAlCD457AgMBAAGjITAfMB0GA1UdDgQWBBTwWmMGjEm0IpuRlVpd -Rm7ol7d34jANBgkqhkiG9w0BAQsFAAOCAQEAl6r+9heUbjssFvMXfLiOl3PCBCFn -a765gKdjlw2HZTBaZ79ay5FooYTqMvQa1j8NRQyfkGupM7QaBU02O3Y7gkMn3Ton -QsaZtZRXUDUWGeIyXwMIbjLM3YUhm3Fk+RfIiLEf/yphaJffT9Uf2Ykht8oawfjh -e/5aPg/7TN93Au3ChNKSht190a4CNC1MWlih8bHbmj6yHUIqgAwoQOxcoFziPFUd -YUJ5rZy3DrLX9fxGV59JksivGcfWGWbFWt9NPTB29yKo5rnVvdGBMBQpNUrly9Xa -00SX2aDISJJg3Qdhm8oqGNeKRij//Lf7yYX08fnTS4sg6C7R+RSEWod7bg== +MIICyTCCAbGgAwIBAgIEELXNZzANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwls +b2NhbGhvc3QwIBcNMjIwNTI3MTcwNjAyWhgPMjA1MjA1MTkxNzA2MDJaMBQxEjAQ +BgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +ANz0gKWlWeLdtQ/Zuaz3bz0iwdwFeDv/9ruOcBUTsQRAjAyYEIb1CHJUkrWU1B3J +ZDNT3LJho8jdlAf4lW7wphbC5V9bqiAtqEL/uoTicR7lG1omuyjbfTm1ceqnrBFS +iV+wVNUlDC/JOIEeD3F91+22MxbUhUA/ZGJQBdE/I54VS3gT+Oxh5elDD+iD0Bi4 +tT8E0ud/1P1H4J5vzZ38x4xRRBofPS2dT2dnNdk+p9ro3FPYx0yM3Wwa6No43TSd +lLyyvrzB9YSc9H8wx8DmMDQX0riXodPM7Bwp7Is8tpzx9W46tFEghIVGGcVUJrfM +9xiznG1VL3kwAXRa0BXXcucCAwEAAaMhMB8wHQYDVR0OBBYEFNHOT8YUmwHb7L44 +VOv9xSi6qRHBMA0GCSqGSIb3DQEBCwUAA4IBAQABFuGiFZRo5CiJMcYmOARlPzw+ +uLIeILSP5wbDGOKB7KGnPn94u3lMNbSWZH6srDEjJZswXCxTS+esu4SgHlUUXBnE +xwDWa3JVHjmv+51I3KvjrwLmpIQvu/58sHnt0nLE1sk+SG9grlkqPDq3pz3RDmDC +kApPQCdw6EfJgoOxJP7j3DQN8xqQ3D8/VqMJBV8Cr/WUv2mml18aho/RtX7l0vyJ +5000fOmKf6rilIm1/GD52CcbnnHVbz/lOxnDduYXFHB9HkDw1rNUBiOGLU0D+O5c ++nj4gO/JkhEVK5hM6JKz4ZtkpdFafWmKSEv/xCQjYW3sVGUBTr2KaxxjGLFN -----END CERTIFICATE----- diff --git a/src/test/resources/tls/server-csr.pem b/src/test/resources/tls/server-csr.pem index a1f4873ac99..e2edbfebf26 100644 --- a/src/test/resources/tls/server-csr.pem +++ b/src/test/resources/tls/server-csr.pem @@ -1,16 +1,16 @@ -----BEGIN NEW CERTIFICATE REQUEST----- MIICiTCCAXECAQAwFDESMBAGA1UEAxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEApxQ0vO4DYwlkftKPLncaVLGchDC+mABbHCVsoMkf -fQEZ3HzmM2YmAtlQPJ3KpCPlFE0AR3yNSfhGSwAX6ZMurSpXI0K06+WoXWO/zAX1 -YvpWOikwiBiv5a1qak555zCcoQv5M2Tvq8krCq6Iu6MME8E4wAKzYunYA4DysKcF -j+lZpmKL0ui5Dubm+KxYsA0zafPve3FSMGt49FMwWJCD8315b92ia6uTq5mTPOql -fNOGHDOevYOq+7A4PL/Peuk4nIQJn32nYiwBcl2M7r5jRFAORWriGecCmMEpxBtD -2ep9RkbV+mhg+c6/N2TicsjKqUzlOEWHBMXIzJQJQg+OewIDAQABoDAwLgYJKoZI -hvcNAQkOMSEwHzAdBgNVHQ4EFgQU8FpjBoxJtCKbkZVaXUZu6Je3d+IwDQYJKoZI -hvcNAQELBQADggEBADGNG9YS5v2QPYX1qsyUHyWD1DpUp9eS2zzvLJImNGi/xdGG -ifJcKxgLJ2+Hqq3lO7zFoOx/spmMe7kuuAtJZB3yNpHhDCanXaovP/5cOQ6CSeZw -Zeg5mqU61wZ2sWS7NtiKEKAL//vYmcoB0goFnhwzAgd8G2IcKEfsaApbJ4Bqa7uX -Xu1a3fMJxLIl2qECJXxQg9xblg0qZ/AJ5khF4NWLGbRCoZF/RMgL0O/vlLv0eXDW -/VHIYqluoOWCoSf6Gx8VPLxyzKFB1dFCYCmOKnvxC/2+G6ewA7p6pd6OH3rJP89C -Ohvt7EN17tCgIDloJ2HnPGqWjt02dQla01CBdIc= +AQEFAAOCAQ8AMIIBCgKCAQEA3PSApaVZ4t21D9m5rPdvPSLB3AV4O//2u45wFROx +BECMDJgQhvUIclSStZTUHclkM1PcsmGjyN2UB/iVbvCmFsLlX1uqIC2oQv+6hOJx +HuUbWia7KNt9ObVx6qesEVKJX7BU1SUML8k4gR4PcX3X7bYzFtSFQD9kYlAF0T8j +nhVLeBP47GHl6UMP6IPQGLi1PwTS53/U/Ufgnm/NnfzHjFFEGh89LZ1PZ2c12T6n +2ujcU9jHTIzdbBro2jjdNJ2UvLK+vMH1hJz0fzDHwOYwNBfSuJeh08zsHCnsizy2 +nPH1bjq0USCEhUYZxVQmt8z3GLOcbVUveTABdFrQFddy5wIDAQABoDAwLgYJKoZI +hvcNAQkOMSEwHzAdBgNVHQ4EFgQU0c5PxhSbAdvsvjhU6/3FKLqpEcEwDQYJKoZI +hvcNAQELBQADggEBAI5RJlz5RF4H3JPTY4Jgfw6iny/jx30h10jAkwpeTI4NeGgn +jdzLL/07z9L5c8IGAvghdBvVICmavZRNc3Ta1LqyyNQDpXh1AvZXYh45+gSQusdA +hrtmMAIYyS/Ll2xu2pqc9zHmTgP+4cmA+7r7+HDzNWjv28IYBfi1YoEi+nJGzPog +mseyOKfbwfwBouQtGTxrlNtfMzj3xi7do4na8mDl8PV204Bcu+YvsSLUiTvgpudr +CH4+lTBIaNl3AprZx0QUXCETZiA8zLGLDyOQOBc1ObHywQaUCDV8YgzgsPUcX5Xn +BWM+bVh/sufqQ2uHO/Ep4LGEhR8diDRiHeQvD7A= -----END NEW CERTIFICATE REQUEST----- diff --git a/src/test/resources/tls/server-key-ec-pkcs1.pem b/src/test/resources/tls/server-key-ec-pkcs1.pem index c3837127f37..671cb3ed792 100644 --- a/src/test/resources/tls/server-key-ec-pkcs1.pem +++ b/src/test/resources/tls/server-key-ec-pkcs1.pem @@ -1,4 +1,4 @@ -----BEGIN EC PRIVATE KEY----- -MDECAQEEIOGCEgqfOpeQIh66HxDk4OIRJqeBGMVWksopcHW4loHMoAoGCCqGSM49 +MDECAQEEIBzzsrOeRXdorI2HLp6sWIxXU/1tO6DyqVwWUZou9pJcoAoGCCqGSM49 AwEH -----END EC PRIVATE KEY----- diff --git a/src/test/resources/tls/server-key-ec.pem b/src/test/resources/tls/server-key-ec.pem index 4d84403b0fb..3a574dcf975 100644 --- a/src/test/resources/tls/server-key-ec.pem +++ b/src/test/resources/tls/server-key-ec.pem @@ -1,4 +1,4 @@ -----BEGIN PRIVATE KEY----- -MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDhghIKnzqXkCIeuh8Q -5ODiESangRjFVpLKKXB1uJaBzA== +MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCAc87KznkV3aKyNhy6e +rFiMV1P9bTug8qlcFlGaLvaSXA== -----END PRIVATE KEY----- diff --git a/src/test/resources/tls/server-key-pkcs1.pem b/src/test/resources/tls/server-key-pkcs1.pem index 6c34bc7c0ae..e1e81a439f0 100644 --- a/src/test/resources/tls/server-key-pkcs1.pem +++ b/src/test/resources/tls/server-key-pkcs1.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEApxQ0vO4DYwlkftKPLncaVLGchDC+mABbHCVsoMkffQEZ3Hzm -M2YmAtlQPJ3KpCPlFE0AR3yNSfhGSwAX6ZMurSpXI0K06+WoXWO/zAX1YvpWOikw -iBiv5a1qak555zCcoQv5M2Tvq8krCq6Iu6MME8E4wAKzYunYA4DysKcFj+lZpmKL -0ui5Dubm+KxYsA0zafPve3FSMGt49FMwWJCD8315b92ia6uTq5mTPOqlfNOGHDOe -vYOq+7A4PL/Peuk4nIQJn32nYiwBcl2M7r5jRFAORWriGecCmMEpxBtD2ep9RkbV -+mhg+c6/N2TicsjKqUzlOEWHBMXIzJQJQg+OewIDAQABAoIBAHx73JNLjvByJhMr -1IxdJxwlPSVsoATmdvuwko/1aeWcNWWHFYkEOZvzyAlx03KaX+rROD0K+sY7Gjx1 -NFvOUn+oxUW7RMth0CDM2jEr21nEhQxOdh9grWWl4FyWXdM37+s53ZFCSiQm/U+3 -HJ8Y6z2owBynpnozGsP5hljCCK3gjYm9BYM4itRGGfvijccdOMKenLUMKzx4ulug -a8BIhjlIzl1gZ783mU4s9GyrQRuSWMUoctpBZwiaiqSDh/dNfa9KS3/PthLvU8Ta -pYhZ/lFo5NMWZ/Qhc8Txyumlu5+BOaO+GmD5/VxNKWvVcysSie6dVuNC1I7tYfl6 -Z0KJNIkCgYEA1riGem7DdKHUZlFhcVpSjSrSasfrp6ldN8vB/56a1iDOsjSZ8O1T -Gx+sRxKW+0FzoS0qQBCjgEH8OTLVipClo4rCXnOnpibwAHQdFba2N9wJCUveMjTT -8sKrq35fsdZmLhOifFEv0fkzoOUJ+BfqpTSqZregUoTiAZl6mEAoYT0CgYEAxzL8 -8woYXql0LJ9HXy0c/S7tw949smjLZOg77MgNBGiZnBZwt71bWK/26N5zHMRJnap4 -ZXCmgq2oTF1CPvHGRkgr54ExUasGMt9BGRmzG2orQJ3o4Zqmpu0QvSGPMFLbUWEF -YhHtjF0ctgmXWAKkyPN6L1qxvHz8TeyY//JzOhcCgYEAq7MGpiSoWz2FEQSGfRQS -6xuRAx42zO1bw2BGE1gKzKuTXWE+sC+2wvvC0VqGLQibpAjvvicP92HMhRinNZSR -P4OYBdtJ9k0wocw37cMbVvO2rh5i4Zbo3TjZ+dqmPxkIwFOnHO325Vr28/Py0tad -JdpFYLn5k8L6zvih1dmH8KkCgYAfnFfHubJkUz+8VQpecCpJg0j37CyeQ0MDoFbi -HFz0diTqQCVjAwmb6VClY6egyQVln8e7UUUbN7Odaq84jeWJAar18eqBq0IwkH0k -Ho/tqctzVZu/MWuA0d32JX0zjfJ/14WjKnUn8R69RIhfzwuXWAvrt9i8sJjZRNKC -y1a9wQKBgBIJB+gieAXR7+UBrBQ9qunx9q22qYHeaJgFIqHx4i6ud2oCMkTTqLJi -q+zNhCUtagaH1yeSn4cT2ggYhe3KrjysQMcwglUBqH+EKBlM3aiu4+Ab6GnH86Sa -kGgd1W8zwsVTYrtXj9VRWSs4p+jcVsH1eHt4kjm1RQzzgjEvrLgu +MIIEowIBAAKCAQEA3PSApaVZ4t21D9m5rPdvPSLB3AV4O//2u45wFROxBECMDJgQ +hvUIclSStZTUHclkM1PcsmGjyN2UB/iVbvCmFsLlX1uqIC2oQv+6hOJxHuUbWia7 +KNt9ObVx6qesEVKJX7BU1SUML8k4gR4PcX3X7bYzFtSFQD9kYlAF0T8jnhVLeBP4 +7GHl6UMP6IPQGLi1PwTS53/U/Ufgnm/NnfzHjFFEGh89LZ1PZ2c12T6n2ujcU9jH +TIzdbBro2jjdNJ2UvLK+vMH1hJz0fzDHwOYwNBfSuJeh08zsHCnsizy2nPH1bjq0 +USCEhUYZxVQmt8z3GLOcbVUveTABdFrQFddy5wIDAQABAoIBACwB8sGLPmzmFZLz +nXyqx5gYnR3yZPEmWQEgLIi2JFKhfINhoiEPGsCSwamy29CW9QMYF+PbeKCgKUSx +KSowehQce0zT1/2Summlv4OKClfJ7/mzryFDHhzpW6gN/0Jv+vZ5C1xshZHa9Qsa +bp7/Hou091X7vBKAzcCbCZ2UgsaQPkiRVSua+vzIxGHJx/mjBYWmDEhSm5b62hGs +u3Shap4upHU6oJOtnBf0JYaFlaSg+vKPiSLLh4NpOhXVs40HvsRcFpXq9uXMsHfR +4nWCYaC4AAQB+NW47BTD/2sOWoQIobZLymhvAHBo9tzCKBptypBiAoURKjtqWkGt +1vgYFVECgYEA/b09cVjg2YvmpWOEAPtjAe+eC/FK0WRWw90JahGOPZ8kHjc8PZZz +CRb6i1MKcX8uY7Npw0IiBBq0JmsxbJRTflGhyJYVFQhfmBmmOZckU8LuyAgVafcX +mDB7mLaDB92lE2Un6eU/UkQF9CcmU2beRKeOJU+dXZqr0DCUnC87w7kCgYEA3ux8 +AQ5pZ17gPz5pRO/4sg+6hfWK2+j9pMbCDe78gfjDHG+Gc5dvoN945RLXim6pZaup +fHQ7ibFosP9DMPM5ZsSZduz3COk2yRkQ1eq+9K5RpP/SPVwOWiTUbj9rxWlbKm0R +ISSPppFR5AolBbBUNfB6Y4CSCmFv3GHCdrOne58CgYEA1xmGrcDfk+xCUXBEZiS1 +sN11yL/7YfjCiPWnVnCdeWWgU7EVc0xIJquBJ3z0/HQJWmGsxecZOQt+LpduZZJ0 +GUCQep+oLZVUnHcZ7/ZNyGgWziH0LUlXih+Hl1UZTSC7IO7+4AwEGvQpa+mIVul8 +gQzdtomAaOqGvk2Ancp4ypkCgYAQx5Ip7jDG5CBTAlqgIsQAeyiaDrpuBSKadY+D +xvpguh3NlSN0rfBsFoYeEAYDWIMNsRcn1APrQFxV/lDLbXNjpea7SejqVcuW5Xkb +8PiAqGJi3hKwJa664EzRI5r0GBMRpXYFnZ/mdMfKN21D+VrNWJWNyc60U1M9LmqZ +zroLlwKBgE0EgT+UdXgg/HtWNshr68zGNgp3SfftPrCaSasQXZlDhI/hp018UG3A +tdQbc75PmVmnCY7vWKrzHtgNTPadsVeunFAisQ2pZOHiQb/VRfjX9UXO4sL2M0zZ +3Re67XwszV+MWyjfA8Ls/Z0k5pgL+YjMz5+Flkz1j0uaytk2NINc -----END RSA PRIVATE KEY----- diff --git a/src/test/resources/tls/server-key.pem b/src/test/resources/tls/server-key.pem index 770929f1835..82d56506484 100644 --- a/src/test/resources/tls/server-key.pem +++ b/src/test/resources/tls/server-key.pem @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCnFDS87gNjCWR+ -0o8udxpUsZyEML6YAFscJWygyR99ARncfOYzZiYC2VA8ncqkI+UUTQBHfI1J+EZL -ABfpky6tKlcjQrTr5ahdY7/MBfVi+lY6KTCIGK/lrWpqTnnnMJyhC/kzZO+rySsK -roi7owwTwTjAArNi6dgDgPKwpwWP6VmmYovS6LkO5ub4rFiwDTNp8+97cVIwa3j0 -UzBYkIPzfXlv3aJrq5OrmZM86qV804YcM569g6r7sDg8v8966TichAmffadiLAFy -XYzuvmNEUA5FauIZ5wKYwSnEG0PZ6n1GRtX6aGD5zr83ZOJyyMqpTOU4RYcExcjM -lAlCD457AgMBAAECggEAfHvck0uO8HImEyvUjF0nHCU9JWygBOZ2+7CSj/Vp5Zw1 -ZYcViQQ5m/PICXHTcppf6tE4PQr6xjsaPHU0W85Sf6jFRbtEy2HQIMzaMSvbWcSF -DE52H2CtZaXgXJZd0zfv6zndkUJKJCb9T7ccnxjrPajAHKemejMaw/mGWMIIreCN -ib0FgziK1EYZ++KNxx04wp6ctQwrPHi6W6BrwEiGOUjOXWBnvzeZTiz0bKtBG5JY -xShy2kFnCJqKpIOH9019r0pLf8+2Eu9TxNqliFn+UWjk0xZn9CFzxPHK6aW7n4E5 -o74aYPn9XE0pa9VzKxKJ7p1W40LUju1h+XpnQok0iQKBgQDWuIZ6bsN0odRmUWFx -WlKNKtJqx+unqV03y8H/nprWIM6yNJnw7VMbH6xHEpb7QXOhLSpAEKOAQfw5MtWK -kKWjisJec6emJvAAdB0VtrY33AkJS94yNNPywqurfl+x1mYuE6J8US/R+TOg5Qn4 -F+qlNKpmt6BShOIBmXqYQChhPQKBgQDHMvzzChheqXQsn0dfLRz9Lu3D3j2yaMtk -6DvsyA0EaJmcFnC3vVtYr/bo3nMcxEmdqnhlcKaCrahMXUI+8cZGSCvngTFRqwYy -30EZGbMbaitAnejhmqam7RC9IY8wUttRYQViEe2MXRy2CZdYAqTI83ovWrG8fPxN -7Jj/8nM6FwKBgQCrswamJKhbPYURBIZ9FBLrG5EDHjbM7VvDYEYTWArMq5NdYT6w -L7bC+8LRWoYtCJukCO++Jw/3YcyFGKc1lJE/g5gF20n2TTChzDftwxtW87auHmLh -lujdONn52qY/GQjAU6cc7fblWvbz8/LS1p0l2kVgufmTwvrO+KHV2YfwqQKBgB+c -V8e5smRTP7xVCl5wKkmDSPfsLJ5DQwOgVuIcXPR2JOpAJWMDCZvpUKVjp6DJBWWf -x7tRRRs3s51qrziN5YkBqvXx6oGrQjCQfSQej+2py3NVm78xa4DR3fYlfTON8n/X -haMqdSfxHr1EiF/PC5dYC+u32LywmNlE0oLLVr3BAoGAEgkH6CJ4BdHv5QGsFD2q -6fH2rbapgd5omAUiofHiLq53agIyRNOosmKr7M2EJS1qBofXJ5KfhxPaCBiF7cqu -PKxAxzCCVQGof4QoGUzdqK7j4BvoacfzpJqQaB3VbzPCxVNiu1eP1VFZKzin6NxW -wfV4e3iSObVFDPOCMS+suC4= +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDc9IClpVni3bUP +2bms9289IsHcBXg7//a7jnAVE7EEQIwMmBCG9QhyVJK1lNQdyWQzU9yyYaPI3ZQH ++JVu8KYWwuVfW6ogLahC/7qE4nEe5RtaJrso2305tXHqp6wRUolfsFTVJQwvyTiB +Hg9xfdfttjMW1IVAP2RiUAXRPyOeFUt4E/jsYeXpQw/og9AYuLU/BNLnf9T9R+Ce +b82d/MeMUUQaHz0tnU9nZzXZPqfa6NxT2MdMjN1sGujaON00nZS8sr68wfWEnPR/ +MMfA5jA0F9K4l6HTzOwcKeyLPLac8fVuOrRRIISFRhnFVCa3zPcYs5xtVS95MAF0 +WtAV13LnAgMBAAECggEALAHywYs+bOYVkvOdfKrHmBidHfJk8SZZASAsiLYkUqF8 +g2GiIQ8awJLBqbLb0Jb1AxgX49t4oKApRLEpKjB6FBx7TNPX/ZK6aaW/g4oKV8nv ++bOvIUMeHOlbqA3/Qm/69nkLXGyFkdr1Cxpunv8ei7T3Vfu8EoDNwJsJnZSCxpA+ +SJFVK5r6/MjEYcnH+aMFhaYMSFKblvraEay7dKFqni6kdTqgk62cF/QlhoWVpKD6 +8o+JIsuHg2k6FdWzjQe+xFwWler25cywd9HidYJhoLgABAH41bjsFMP/aw5ahAih +tkvKaG8AcGj23MIoGm3KkGIChREqO2paQa3W+BgVUQKBgQD9vT1xWODZi+alY4QA ++2MB754L8UrRZFbD3QlqEY49nyQeNzw9lnMJFvqLUwpxfy5js2nDQiIEGrQmazFs +lFN+UaHIlhUVCF+YGaY5lyRTwu7ICBVp9xeYMHuYtoMH3aUTZSfp5T9SRAX0JyZT +Zt5Ep44lT51dmqvQMJScLzvDuQKBgQDe7HwBDmlnXuA/PmlE7/iyD7qF9Yrb6P2k +xsIN7vyB+MMcb4Zzl2+g33jlEteKbqllq6l8dDuJsWiw/0Mw8zlmxJl27PcI6TbJ +GRDV6r70rlGk/9I9XA5aJNRuP2vFaVsqbREhJI+mkVHkCiUFsFQ18HpjgJIKYW/c +YcJ2s6d7nwKBgQDXGYatwN+T7EJRcERmJLWw3XXIv/th+MKI9adWcJ15ZaBTsRVz +TEgmq4EnfPT8dAlaYazF5xk5C34ul25lknQZQJB6n6gtlVScdxnv9k3IaBbOIfQt +SVeKH4eXVRlNILsg7v7gDAQa9Clr6YhW6XyBDN22iYBo6oa+TYCdynjKmQKBgBDH +kinuMMbkIFMCWqAixAB7KJoOum4FIpp1j4PG+mC6Hc2VI3St8GwWhh4QBgNYgw2x +FyfUA+tAXFX+UMttc2Ol5rtJ6OpVy5bleRvw+ICoYmLeErAlrrrgTNEjmvQYExGl +dgWdn+Z0x8o3bUP5Ws1YlY3JzrRTUz0uapnOuguXAoGATQSBP5R1eCD8e1Y2yGvr +zMY2CndJ9+0+sJpJqxBdmUOEj+GnTXxQbcC11Btzvk+ZWacJju9YqvMe2A1M9p2x +V66cUCKxDalk4eJBv9VF+Nf1Rc7iwvYzTNndF7rtfCzNX4xbKN8Dwuz9nSTmmAv5 +iMzPn4WWTPWPS5rK2TY0g1w= -----END PRIVATE KEY----- diff --git a/src/test/resources/tls/server-keystore-ec.jks b/src/test/resources/tls/server-keystore-ec.jks index cbe90d1103d..a260cac63ed 100644 Binary files a/src/test/resources/tls/server-keystore-ec.jks and b/src/test/resources/tls/server-keystore-ec.jks differ diff --git a/src/test/resources/tls/server-keystore-ec.p12 b/src/test/resources/tls/server-keystore-ec.p12 index d29fac4af30..d5ea6d58308 100644 Binary files a/src/test/resources/tls/server-keystore-ec.p12 and b/src/test/resources/tls/server-keystore-ec.p12 differ diff --git a/src/test/resources/tls/server-keystore-root-ca.jks b/src/test/resources/tls/server-keystore-root-ca.jks index 0cc23014106..07c0cd12446 100644 Binary files a/src/test/resources/tls/server-keystore-root-ca.jks and b/src/test/resources/tls/server-keystore-root-ca.jks differ diff --git a/src/test/resources/tls/server-keystore-root-ca.p12 b/src/test/resources/tls/server-keystore-root-ca.p12 index d4120f8f7d8..25c698ce567 100644 Binary files a/src/test/resources/tls/server-keystore-root-ca.p12 and b/src/test/resources/tls/server-keystore-root-ca.p12 differ diff --git a/src/test/resources/tls/server-keystore.jks b/src/test/resources/tls/server-keystore.jks index 73ea8a83c1a..06efd57d1f8 100644 Binary files a/src/test/resources/tls/server-keystore.jks and b/src/test/resources/tls/server-keystore.jks differ diff --git a/src/test/resources/tls/server-keystore.p12 b/src/test/resources/tls/server-keystore.p12 index 246a7f9a6be..5eb52320719 100644 Binary files a/src/test/resources/tls/server-keystore.p12 and b/src/test/resources/tls/server-keystore.p12 differ diff --git a/src/test/resources/tls/server-truststore-other-ca-fallback.jks b/src/test/resources/tls/server-truststore-other-ca-fallback.jks index 41074d44036..8880d67ac94 100644 Binary files a/src/test/resources/tls/server-truststore-other-ca-fallback.jks and b/src/test/resources/tls/server-truststore-other-ca-fallback.jks differ diff --git a/src/test/resources/tls/server-truststore-root-ca-fallback.jks b/src/test/resources/tls/server-truststore-root-ca-fallback.jks index 39773437367..4f7e32979c5 100644 Binary files a/src/test/resources/tls/server-truststore-root-ca-fallback.jks and b/src/test/resources/tls/server-truststore-root-ca-fallback.jks differ diff --git a/src/test/resources/tls/server-truststore-root-ca-host2.jks b/src/test/resources/tls/server-truststore-root-ca-host2.jks index 4866853636c..6c7ffaa6523 100644 Binary files a/src/test/resources/tls/server-truststore-root-ca-host2.jks and b/src/test/resources/tls/server-truststore-root-ca-host2.jks differ diff --git a/src/test/resources/tls/server-truststore-root-ca-host3.jks b/src/test/resources/tls/server-truststore-root-ca-host3.jks index 353c6be4d2a..7b861e122b8 100644 Binary files a/src/test/resources/tls/server-truststore-root-ca-host3.jks and b/src/test/resources/tls/server-truststore-root-ca-host3.jks differ diff --git a/src/test/resources/tls/server-truststore.jks b/src/test/resources/tls/server-truststore.jks index 87d3c9692fa..eef7f43839b 100644 Binary files a/src/test/resources/tls/server-truststore.jks and b/src/test/resources/tls/server-truststore.jks differ diff --git a/src/test/resources/tls/server-truststore.p12 b/src/test/resources/tls/server-truststore.p12 index b2cb593115b..588a9105606 100644 Binary files a/src/test/resources/tls/server-truststore.p12 and b/src/test/resources/tls/server-truststore.p12 differ diff --git a/src/test/resources/tls/sni-keystore.jks b/src/test/resources/tls/sni-keystore.jks index 9b45763301d..621de8c244b 100644 Binary files a/src/test/resources/tls/sni-keystore.jks and b/src/test/resources/tls/sni-keystore.jks differ diff --git a/src/test/resources/tls/sni-keystore.p12 b/src/test/resources/tls/sni-keystore.p12 index 63890a666e1..f6857e0808f 100644 Binary files a/src/test/resources/tls/sni-keystore.p12 and b/src/test/resources/tls/sni-keystore.p12 differ diff --git a/src/test/resources/tls/sni-truststore-host1.jks b/src/test/resources/tls/sni-truststore-host1.jks index c9ac727f756..711df74be5b 100644 Binary files a/src/test/resources/tls/sni-truststore-host1.jks and b/src/test/resources/tls/sni-truststore-host1.jks differ diff --git a/src/test/resources/tls/sni-truststore-host2.jks b/src/test/resources/tls/sni-truststore-host2.jks index 070f4d230ca..6f8821be985 100644 Binary files a/src/test/resources/tls/sni-truststore-host2.jks and b/src/test/resources/tls/sni-truststore-host2.jks differ diff --git a/src/test/resources/tls/sni-truststore-host3.jks b/src/test/resources/tls/sni-truststore-host3.jks index 495ad95ecab..ec48939e089 100644 Binary files a/src/test/resources/tls/sni-truststore-host3.jks and b/src/test/resources/tls/sni-truststore-host3.jks differ diff --git a/src/test/resources/tls/sni-truststore-host4.jks b/src/test/resources/tls/sni-truststore-host4.jks index 6e7ece7503d..e6ee237972a 100644 Binary files a/src/test/resources/tls/sni-truststore-host4.jks and b/src/test/resources/tls/sni-truststore-host4.jks differ diff --git a/src/test/resources/tls/sni-truststore-host5.jks b/src/test/resources/tls/sni-truststore-host5.jks index 9800d3ee53f..f4658c7f1a9 100644 Binary files a/src/test/resources/tls/sni-truststore-host5.jks and b/src/test/resources/tls/sni-truststore-host5.jks differ diff --git a/src/test/resources/tls/ssl.txt b/src/test/resources/tls/ssl.sh old mode 100644 new mode 100755 similarity index 67% rename from src/test/resources/tls/ssl.txt rename to src/test/resources/tls/ssl.sh index 23ddcda0ff5..b1cd48968c5 --- a/src/test/resources/tls/ssl.txt +++ b/src/test/resources/tls/ssl.sh @@ -1,55 +1,60 @@ -This file describes the sequence of commands to create the various files necessary for TLS tests. - -- when prompted for a password use "wibble" -- to generate the test-host5 entry in the sni-keystore.jks you need to use the KeyStore Explorer GUI application and create the entry manually +#!/bin/bash -ex +# +# This file describes the sequence of commands to create the various files necessary for TLS tests. +# # Self signed server->client ## Self signed JKS (Java KeyStore) -1) Create RSA and ECC private keys + certificates for the server in a new key store: +# 1) Create RSA and ECC private keys + certificates for the server in a new key store: -keytool -genkey -alias test-store -keyalg RSA -keystore server-keystore.jks -keysize 2048 -validity 1095 -dname CN=localhost -keypass wibble -storepass wibble -keytool -genkey -alias test-store -keyalg EC -keystore server-keystore-ec.jks -validity 1095 -dname CN=localhost -keypass wibble -storepass wibble +rm -f server-keystore.jks server-keystore-ec.jks +keytool -genkey -alias test-store -keyalg RSA -keystore server-keystore.jks -storetype JKS -keysize 2048 -validity 10950 -dname CN=localhost -keypass wibble -storepass wibble +keytool -genkey -alias test-store -keyalg EC -keystore server-keystore-ec.jks -storetype JKS -validity 10950 -dname CN=localhost -keypass wibble -storepass wibble -2) Export the cert from the store +# 2) Export the cert from the store keytool -export -alias test-store -file localhost.crt -keystore server-keystore.jks -keypass wibble -storepass wibble -3) Import the cert into a new trust-store for the client +# 3) Import the cert into a new trust-store for the client +rm -f client-truststore.jks keytool -import -noprompt -trustcacerts -alias test-store -file localhost.crt -keystore client-truststore.jks -keypass wibble -storepass wibble -4) Create a private key + man-in-middle certificate for the server in a new key store: +# 4) Create a private key + man-in-middle certificate for the server in a new key store: -keytool -genkey -alias test-store -keyalg RSA -keystore mim-server-keystore.jks -keysize 2048 -validity 1095 -dname CN=mim-localhost -keypass wibble -storepass wibble +rm -f mim-server-keystore.jks +keytool -genkey -alias test-store -keyalg RSA -keystore mim-server-keystore.jks -storetype JKS -keysize 2048 -validity 10950 -dname CN=mim-localhost -keypass wibble -storepass wibble ## Self signed PKCS12 -1) Transform JKS to PKCS12 +# 1) Transform JKS to PKCS12 +rm -f server-keystore.p12 server-keystore-ec.p12 keytool -importkeystore -srckeystore server-keystore.jks -srcstorepass wibble -destkeystore server-keystore.p12 -deststoretype PKCS12 -deststorepass wibble keytool -importkeystore -srckeystore server-keystore-ec.jks -srcstorepass wibble -destkeystore server-keystore-ec.p12 -deststoretype PKCS12 -deststorepass wibble -2) Transform JKS to PKCS12 +# 2) Transform JKS to PKCS12 +rm -f client-truststore.p12 keytool -importkeystore -srckeystore client-truststore.jks -srcstorepass wibble -destkeystore client-truststore.p12 -deststoretype PKCS12 -deststorepass wibble ## Self signed PEM -1) Extract the private key from the PCS12 store and convert it to PKCS8 format +# 1) Extract the private key from the PCS12 store and convert it to PKCS8 format openssl pkcs12 -in server-keystore.p12 -nodes -passin pass:wibble | openssl pkcs8 -topk8 -inform PEM -outform PEM -out server-key.pem -nocrypt openssl pkcs12 -in server-keystore-ec.p12 -nodes -passin pass:wibble | openssl pkcs8 -topk8 -inform PEM -outform PEM -out server-key-ec.pem -nocrypt -2) Convert PKCS#8 format to PKCS#1 format +# 2) Convert PKCS#8 format to PKCS#1 format openssl rsa -inform PEM -outform PEM -in server-key.pem -out server-key-pkcs1.pem openssl ec -inform PEM -outform PEM -in server-key-ec.pem -out server-key-ec-pkcs1.pem -3) Extract the X.509 certificate from the PCS12 store +# 3) Extract the X.509 certificate from the PCS12 store openssl pkcs12 -in server-keystore.p12 -nokeys -passin pass:wibble -out server-cert.pem openssl pkcs12 -in server-keystore-ec.p12 -nokeys -passin pass:wibble -out server-cert-ec.pem @@ -57,24 +62,25 @@ openssl pkcs12 -in server-keystore-ec.p12 -nokeys -passin pass:wibble -out serve # Signed by root CA server->client -(cert contains alt subject name "localhost" as required by Java for hostname verification) +# (cert contains alt subject name "localhost" as required by Java for hostname verification) ## PEM signed by root CA -1) Generate a Certificate Signing Request for the server cert +# 1) Generate a Certificate Signing Request for the server cert keytool -certreq -alias test-store -file server-csr.pem -keystore server-keystore.jks -keypass wibble -storepass wibble -2) Create a root CA database +# 2) Create a root CA database +rm -rf root-ca mkdir root-ca -openssl req -x509 -newkey rsa:2048 -subj "/CN=Root CA" -keyout root-ca/ca-key.pem -passout pass:wibble -out root-ca/ca-cert.pem +openssl req -x509 -newkey rsa:2048 -subj "/CN=Root CA" -days 10950 -keyout root-ca/ca-key.pem -passout pass:wibble -out root-ca/ca-cert.pem touch root-ca/index.txt echo 01 > root-ca/serial echo 1000 > root-ca/crlnumber echo "unique_subject = no" > root-ca/index.txt.attr -3) Sign the server cert with the root CA and convert it to the X.509 format +# 3) Sign the server cert with the root CA and convert it to the X.509 format openssl ca -config openssl.cnf -batch -name CA_root -keyfile root-ca/ca-key.pem -passin pass:wibble -cert root-ca/ca-cert.pem -in server-csr.pem -extensions req_ext -extfile openssl.cnf | openssl x509 -out server-cert-root-ca.pem -outform PEM @@ -82,29 +88,32 @@ openssl ca -config openssl.cnf -batch -name CA_root -keyfile root-ca/ca-key.pem # PKCS#12 key store signed by root CA -1) Import the signed certificate and the private key into a new PKCS#12 key-store for the server +# 1) Import the signed certificate and the private key into a new PKCS#12 key-store for the server openssl pkcs12 -export -name test-store -in server-cert-root-ca.pem -inkey server-key.pem -out server-keystore-root-ca.p12 -password pass:wibble # JKS key store signed by root CA -1) Convert the PKCS#12 key-store to the JKS format +# 1) Convert the PKCS#12 key-store to the JKS format -keytool -importkeystore -destkeystore server-keystore-root-ca.jks -srckeystore server-keystore-root-ca.p12 -srcstorepass wibble -srcstoretype pkcs12 -alias test-store -keypass wibble -storepass wibble +rm -f server-keystore-root-ca.jks +keytool -importkeystore -destkeystore server-keystore-root-ca.jks -deststoretype JKS -srckeystore server-keystore-root-ca.p12 -srcstorepass wibble -srcstoretype pkcs12 -alias test-store -keypass wibble -storepass wibble # JKS trust store containing the root CA -1) Create a JKS trust-store containing the root CA +# 1) Create a JKS trust-store containing the root CA -keytool -import -noprompt -trustcacerts -alias test-store -file root-ca/ca-cert.pem -keystore client-truststore-root-ca.jks -keypass wibble -storepass wibble +rm -f client-truststore-root-ca.jks +keytool -import -noprompt -trustcacerts -alias test-store -file root-ca/ca-cert.pem -keystore client-truststore-root-ca.jks -storetype JKS -keypass wibble -storepass wibble # PKCS#12 trust store containing the root CA -1) Convert the JKS trust-store contain the root CA certificate to the PKCS#12 format +# 1) Convert the JKS trust-store contain the root CA certificate to the PKCS#12 format +rm -f client-truststore-root-ca.p12 keytool -importkeystore -srckeystore client-truststore-root-ca.jks -srcstorepass wibble -destkeystore client-truststore-root-ca.p12 -deststoretype PKCS12 -keypass wibble -storepass wibble @@ -112,28 +121,29 @@ keytool -importkeystore -srckeystore client-truststore-root-ca.jks -srcstorepass ## PEM signed by intermediate CA -1) Create an intermediate CA database +# 1) Create an intermediate CA database +rm -rf int-ca mkdir int-ca -openssl req -x509 -newkey rsa:2048 -subj "/CN=Intermediate CA" -keyout int-ca/ca-key.pem -passout pass:wibble -out int-ca/ca-cert.pem +openssl req -x509 -newkey rsa:2048 -subj "/CN=Intermediate CA" -days 10950 -keyout int-ca/ca-key.pem -passout pass:wibble -out int-ca/ca-cert.pem touch int-ca/index.txt echo 01 > int-ca/serial echo 1000 > int-ca/crlnumber echo "unique_subject = no" > int-ca/index.txt.attr -2) Generate a Certificate Signing Request for the intermediate CA cert +# 2) Generate a Certificate Signing Request for the intermediate CA cert openssl req -new -sha256 -subj "/CN=Intermediate CA" -key int-ca/ca-key.pem -passin pass:wibble -out int-ca/ca-csr.pem -3) Sign the int CA cert with the root CA and convert it to the X.509 format +# 3) Sign the int CA cert with the root CA and convert it to the X.509 format openssl ca -config openssl.cnf -batch -name CA_root -extensions cacert_ext -keyfile root-ca/ca-key.pem -passin pass:wibble -cert root-ca/ca-cert.pem -in int-ca/ca-csr.pem | openssl x509 -out int-ca/ca-cert-root-ca.pem -outform PEM -3) Sign the server cert with the intermediate CA and convert it to the X.509 format +# 3) Sign the server cert with the intermediate CA and convert it to the X.509 format openssl ca -config openssl.cnf -batch -name CA_int -keyfile int-ca/ca-key.pem -passin pass:wibble -cert int-ca/ca-cert.pem -in server-csr.pem | openssl x509 -out server-cert-int-ca.pem -outform PEM -4) Create the server cert chain with the intermediate CA +# 4) Create the server cert chain with the intermediate CA cat server-cert-int-ca.pem int-ca/ca-cert-root-ca.pem >server-cert-ca-chain.pem @@ -143,57 +153,62 @@ cat server-cert-int-ca.pem int-ca/ca-cert-root-ca.pem >server-cert-ca-chain.pem ## Self signed client-server JKS (Java KeyStore) -1) Create a private key + certificate for the client in a new key store: +# 1) Create a private key + certificate for the client in a new key store: -keytool -genkey -alias test-store -keyalg RSA -keystore client-keystore.jks -keysize 2048 -validity 1095 -dname CN=client -keypass wibble -storepass wibble +rm -f client-keystore.jks +keytool -genkey -alias test-store -keyalg RSA -keystore client-keystore.jks -storetype JKS -keysize 2048 -validity 10950 -dname CN=client -keypass wibble -storepass wibble -2) Export the cert from the store +# 2) Export the cert from the store keytool -export -alias test-store -file client-self-signed.crt -keystore client-keystore.jks -keypass wibble -storepass wibble -3) Import the cert into a new trust-store for the server +# 3) Import the cert into a new trust-store for the server -keytool -import -noprompt -trustcacerts -alias test-store -file client-self-signed.crt -keystore server-truststore.jks -keypass wibble -storepass wibble +rm server-truststore.jks +keytool -import -noprompt -trustcacerts -alias test-store -file client-self-signed.crt -keystore server-truststore.jks -storetype JKS -keypass wibble -storepass wibble ## Self signed client-server PKCS12 -1) Transform JKS to PKCS12 +# 1) Transform JKS to PKCS12 +rm -f client-keystore.p12 keytool -importkeystore -srckeystore client-keystore.jks -srcstorepass wibble -destkeystore client-keystore.p12 -deststoretype PKCS12 -keypass wibble -storepass wibble -2) Transform JKS to PKCS12 +# 2) Transform JKS to PKCS12 +rm -f server-truststore.p12 keytool -importkeystore -srckeystore server-truststore.jks -srcstorepass wibble -destkeystore server-truststore.p12 -deststoretype PKCS12 -keypass wibble -storepass wibble ## Self signed client-server PEM -1) Extract the private key from the PCS12 store and convert it to PKCS8 format +# 1) Extract the private key from the PCS12 store and convert it to PKCS8 format openssl pkcs12 -in client-keystore.p12 -passin pass:wibble -nodes | openssl pkcs8 -topk8 -inform PEM -outform PEM -out client-key.pem -nocrypt -2) Extract the X.509 certificate from the PCS12 store +# 2) Extract the X.509 certificate from the PCS12 store openssl pkcs12 -in client-keystore.p12 -passin pass:wibble -nokeys -out client-cert.pem # Signed by other CA server->client -(cert contains alt subject name "localhost" as required by Java for hostname verification) +# (cert contains alt subject name "localhost" as required by Java for hostname verification) ## PEM signed by other CA -1) Create a other CA database +# 1) Create a other CA database +rm -rf other-ca mkdir other-ca -openssl req -x509 -newkey rsa:2048 -subj "/CN=Other CA" -keyout other-ca/ca-key.pem -passout pass:wibble -out other-ca/ca-cert.pem +openssl req -x509 -newkey rsa:2048 -subj "/CN=Other CA" -days 10950 -keyout other-ca/ca-key.pem -passout pass:wibble -out other-ca/ca-cert.pem touch other-ca/index.txt echo 01 > other-ca/serial echo 1000 > other-ca/crlnumber echo "unique_subject = no" > other-ca/index.txt.attr -3) Sign the server cert with the other CA and convert it to the X.509 format +# 3) Sign the server cert with the other CA and convert it to the X.509 format openssl ca -config openssl.cnf -batch -name CA_other -keyfile other-ca/ca-key.pem -passin pass:wibble -cert other-ca/ca-cert.pem -in server-csr.pem -extensions req_ext -extfile openssl.cnf | openssl x509 -out server-cert-other-ca.pem -outform PEM @@ -201,16 +216,17 @@ openssl ca -config openssl.cnf -batch -name CA_other -keyfile other-ca/ca-key.pe # PEM signed by root CA client-server (to verify CA signed client cases) -1) Generate a Certificate Signing Request for the client cert +# 1) Generate a Certificate Signing Request for the client cert keytool -certreq -alias test-store -file client-csr.pem -keystore client-keystore.jks -keypass wibble -storepass wibble -2) Sign the client cert with the root CA and convert it to the X.509 format +# 2) Sign the client cert with the root CA and convert it to the X.509 format openssl ca -config openssl.cnf -batch -name CA_root -keyfile root-ca/ca-key.pem -passin pass:wibble -cert root-ca/ca-cert.pem -in client-csr.pem | openssl x509 -out client-cert-root-ca.pem -outform PEM -3) Create certificate bundle and import it to keystore +# 3) Create certificate bundle and import it to keystore +rm -f client-keystore-root-ca.jks cat client-cert-root-ca.pem root-ca/ca-cert.pem >client-cert-root-ca-chain.pem openssl pkcs12 -export -name test-store -in client-cert-root-ca-chain.pem -inkey client-key.pem -out client-keystore-root-ca.p12 -password pass:wibble keytool -importkeystore -destkeystore client-keystore-root-ca.jks -srckeystore client-keystore-root-ca.p12 -srcstorepass wibble -srcstoretype pkcs12 -alias test-store -keypass wibble -storepass wibble @@ -218,16 +234,17 @@ keytool -importkeystore -destkeystore client-keystore-root-ca.jks -srckeystore c # PEM signed by other CA client-server (to verify unknown client cases) -1) Generate a Certificate Signing Request for the client cert +# 1) Generate a Certificate Signing Request for the client cert keytool -certreq -alias test-store -file client-csr.pem -keystore client-keystore.jks -keypass wibble -storepass wibble -2) Sign the client cert with the intermediate CA and convert it to the X.509 format +# 2) Sign the client cert with the intermediate CA and convert it to the X.509 format openssl ca -config openssl.cnf -batch -name CA_int -keyfile other-ca/ca-key.pem -passin pass:wibble -cert other-ca/ca-cert.pem -in client-csr.pem | openssl x509 -out client-cert-other-ca.pem -outform PEM -3) Create certificate bundle and import it to keystore +# 3) Create certificate bundle and import it to keystore +rm -f client-keystore-other-ca.jks cat client-cert-other-ca.pem other-ca/ca-cert.pem >client-cert-other-ca-chain.pem openssl pkcs12 -export -name test-store -in client-cert-other-ca-chain.pem -inkey client-key.pem -out client-keystore-other-ca.p12 -password pass:wibble keytool -importkeystore -destkeystore client-keystore-other-ca.jks -srckeystore client-keystore-other-ca.p12 -srcstorepass wibble -srcstoretype pkcs12 -alias test-store -keypass wibble -storepass wibble @@ -235,15 +252,15 @@ keytool -importkeystore -destkeystore client-keystore-other-ca.jks -srckeystore # Certificate Revocation List -1) Revoke the server cert +# 1) Revoke the server cert openssl ca -config openssl.cnf -name CA_root -keyfile root-ca/ca-key.pem -passin pass:wibble -cert root-ca/ca-cert.pem -revoke root-ca/01.pem -2) Revoke the client cert +# 2) Revoke the client cert openssl ca -config openssl.cnf -name CA_root -keyfile root-ca/ca-key.pem -passin pass:wibble -cert root-ca/ca-cert.pem -revoke root-ca/03.pem -3) Generate the Certificate Revocation List +# 3) Generate the Certificate Revocation List openssl ca -config openssl.cnf -name CA_root -keyfile root-ca/ca-key.pem -passin pass:wibble -cert root-ca/ca-cert.pem -gencrl -out root-ca/crl.pem @@ -253,23 +270,23 @@ openssl ca -config openssl.cnf -name CA_root -keyfile root-ca/ca-key.pem -passin ## JKS (Java KeyStore) -1) Copy the server-keystore to reuse the localhost cerfificate +# 1) Copy the server-keystore to reuse the localhost cerfificate cp server-keystore.jks sni-keystore.jks -2) Add a few extra keys for host1-host5 top level domains for SNI +# 2) Add a few extra keys for host1-host5 top level domains for SNI -keytool -genkey -alias test-host1 -keyalg RSA -keystore sni-keystore.jks -keysize 2048 -validity 1095 -dname CN=host1 -keypass wibble -storepass wibble -keytool -genkey -alias test-host2 -keyalg RSA -keystore sni-keystore.jks -keysize 2048 -validity 1095 -dname CN=host2.com -keypass wibble -storepass wibble -keytool -genkey -alias test-host3 -keyalg RSA -keystore sni-keystore.jks -keysize 2048 -validity 1095 -dname CN=*.host3.com -keypass wibble -storepass wibble -keytool -genkey -alias test-host4 -keyalg RSA -keystore sni-keystore.jks -keysize 2048 -validity 1095 -dname CN="host4.com certificate" -ext san=dns:host4.com,dns:www.host4.com -keypass wibble -storepass wibble +keytool -genkey -alias test-host1 -keyalg RSA -keystore sni-keystore.jks -keysize 2048 -validity 10950 -dname CN=host1 -keypass wibble -storepass wibble +keytool -genkey -alias test-host2 -keyalg RSA -keystore sni-keystore.jks -keysize 2048 -validity 10950 -dname CN=host2.com -keypass wibble -storepass wibble +keytool -genkey -alias test-host3 -keyalg RSA -keystore sni-keystore.jks -keysize 2048 -validity 10950 -dname CN=*.host3.com -keypass wibble -storepass wibble +keytool -genkey -alias test-host4 -keyalg RSA -keystore sni-keystore.jks -keysize 2048 -validity 10950 -dname CN="host4.com certificate" -ext san=dns:host4.com,dns:www.host4.com -keypass wibble -storepass wibble # note: creating wildcard san certificate with openssl due to bug in keytool (https://bugs.openjdk.java.net/browse/JDK-8007706) # keytool -genkey -alias test-host5 -keyalg RSA -keystore sni-keystore.jks -keysize 2048 -validity 1095 -dname CN="host5.com" -ext san=dns:*.host5.com -keypass wibble -storepass wibble -openssl req -x509 -config openssl-host5.cnf -out host5.pem -new -newkey rsa:2048 -subj "/CN=host5.com" -days +1095 -keyout host5-key.pem -passout pass:wibble +openssl req -x509 -config openssl-host5.cnf -out host5.pem -new -newkey rsa:2048 -subj "/CN=host5.com" -days +10950 -keyout host5-key.pem -passout pass:wibble openssl pkcs12 -export -name test-host5 -in host5.pem -inkey host5-key.pem -out host5.p12 -passin pass:wibble -passout pass:wibble keytool -importkeystore -destkeystore sni-keystore.jks -deststorepass wibble -srckeystore host5.p12 -srcstoretype pkcs12 -srcstorepass wibble -alias test-host5 -3) Extract the cerfificate for the host1-host5 domains +# 3) Extract the cerfificate for the host1-host5 domains keytool -export -alias test-host1 -file host1.crt -keystore sni-keystore.jks -keypass wibble -storepass wibble keytool -export -alias test-host2 -file host2.crt -keystore sni-keystore.jks -keypass wibble -storepass wibble @@ -277,16 +294,18 @@ keytool -export -alias test-host3 -file host3.crt -keystore sni-keystore.jks -ke keytool -export -alias test-host4 -file host4.crt -keystore sni-keystore.jks -keypass wibble -storepass wibble keytool -export -alias test-host5 -file host5.crt -keystore sni-keystore.jks -keypass wibble -storepass wibble -4) Create trust stores for the host1-host5 domains +# 4) Create trust stores for the host1-host5 domains +rm -f sni-truststore-host1.jks sni-truststore-host2.jks sni-truststore-host3.jks sni-truststore-host4.jks sni-truststore-host5.jks keytool -noprompt -import -trustcacerts -alias test-host1 -file host1.crt -keystore sni-truststore-host1.jks -keypass wibble -storepass wibble keytool -noprompt -import -trustcacerts -alias test-host2 -file host2.crt -keystore sni-truststore-host2.jks -keypass wibble -storepass wibble keytool -noprompt -import -trustcacerts -alias test-host3 -file host3.crt -keystore sni-truststore-host3.jks -keypass wibble -storepass wibble keytool -noprompt -import -trustcacerts -alias test-host4 -file host4.crt -keystore sni-truststore-host4.jks -keypass wibble -storepass wibble keytool -noprompt -import -trustcacerts -alias test-host5 -file host5.crt -keystore sni-truststore-host5.jks -keypass wibble -storepass wibble -5) Create trust stores for the SNI server trust tests +# 5) Create trust stores for the SNI server trust tests +rm -f server-truststore-root-ca-host2.jks server-truststore-root-ca-host3.jks server-truststore-root-ca-fallback.jks server-truststore-other-ca-fallback.jks keytool -noprompt -import -trustcacerts -alias host2.com -file root-ca/ca-cert.pem -keystore server-truststore-root-ca-host2.jks -storepass wibble keytool -noprompt -import -trustcacerts -alias host3.com -file other-ca/ca-cert.pem -keystore server-truststore-root-ca-host2.jks -storepass wibble @@ -299,13 +318,14 @@ keytool -noprompt -import -trustcacerts -alias xxx.com -file other-ca/ca-cert.pe ## Self signed PKCS12 -1) Transform JKS to PKCS12 +# 1) Transform JKS to PKCS12 +rm -f sni-keystore.p12 keytool -importkeystore -srckeystore sni-keystore.jks -srcstorepass wibble -destkeystore sni-keystore.p12 -deststoretype PKCS12 -keypass wibble -storepass wibble ## Self signed PEM -1) Extract each keycert as a PKCS12 store +# 1) Extract each keycert as a PKCS12 store keytool -importkeystore -srckeystore sni-keystore.jks -srcstorepass wibble -destkeystore host1-keystore.p12 -deststoretype PKCS12 -keypass wibble -storepass wibble -alias test-host1 keytool -importkeystore -srckeystore sni-keystore.jks -srcstorepass wibble -destkeystore host2-keystore.p12 -deststoretype PKCS12 -keypass wibble -storepass wibble -alias test-host2 @@ -313,7 +333,7 @@ keytool -importkeystore -srckeystore sni-keystore.jks -srcstorepass wibble -dest keytool -importkeystore -srckeystore sni-keystore.jks -srcstorepass wibble -destkeystore host4-keystore.p12 -deststoretype PKCS12 -keypass wibble -storepass wibble -alias test-host4 keytool -importkeystore -srckeystore sni-keystore.jks -srcstorepass wibble -destkeystore host5-keystore.p12 -deststoretype PKCS12 -keypass wibble -storepass wibble -alias test-host5 -2) Extract each private key from the PCS12 store and convert it to PKCS8 format +# 2) Extract each private key from the PCS12 store and convert it to PKCS8 format openssl pkcs12 -in host1-keystore.p12 -passin pass:wibble -nodes | openssl pkcs8 -topk8 -inform PEM -outform PEM -out host1-key.pem -nocrypt openssl pkcs12 -in host2-keystore.p12 -passin pass:wibble -nodes | openssl pkcs8 -topk8 -inform PEM -outform PEM -out host2-key.pem -nocrypt @@ -321,7 +341,7 @@ openssl pkcs12 -in host3-keystore.p12 -passin pass:wibble -nodes | openssl pkcs8 openssl pkcs12 -in host4-keystore.p12 -passin pass:wibble -nodes | openssl pkcs8 -topk8 -inform PEM -outform PEM -out host4-key.pem -nocrypt openssl pkcs12 -in host5-keystore.p12 -passin pass:wibble -nodes | openssl pkcs8 -topk8 -inform PEM -outform PEM -out host5-key.pem -nocrypt -3) Extract each X.509 certificate from the PCS12 store +# 3) Extract each X.509 certificate from the PCS12 store openssl pkcs12 -in host1-keystore.p12 -passin pass:wibble -nokeys -out host1-cert.pem openssl pkcs12 -in host2-keystore.p12 -passin pass:wibble -nokeys -out host2-cert.pem @@ -329,7 +349,7 @@ openssl pkcs12 -in host3-keystore.p12 -passin pass:wibble -nokeys -out host3-cer openssl pkcs12 -in host4-keystore.p12 -passin pass:wibble -nokeys -out host4-cert.pem openssl pkcs12 -in host5-keystore.p12 -passin pass:wibble -nokeys -out host5-cert.pem -4) Remove the temporary PKCS12 stores +# 4) Remove the temporary PKCS12 stores rm host1-keystore.p12 rm host2-keystore.p12 rm host3-keystore.p12 @@ -338,17 +358,19 @@ rm host5-keystore.p12 ## JKS Store with multiple entries -Execute these commands, in the same order: +# Execute these commands, in the same order: -keytool -v -genkeypair -alias precious -keyalg RSA -keysize 4096 -keystore multiple.jks -validity 36500 -keytool -v -genkeypair -alias other -keyalg RSA -keysize 4096 -keystore multiple.jks -validity 36500 +rm -f multiple.jks +keytool -v -genkeypair -alias precious -dname "CN=precious, OU=Vert.x, O=Eclipse, L=Unknown, ST=Unknown, C=Unknown" -keyalg RSA -keysize 4096 -keystore multiple.jks -storetype JKS -validity 36500 -keypass wibble -storepass wibble +keytool -v -genkeypair -alias other -dname "CN=other, OU=Vert.x, O=Eclipse, L=Unknown, ST=Unknown, C=Unknown" -keyalg RSA -keysize 4096 -keystore multiple.jks -validity 36500 -keypass wibble -storepass wibble -The generated file is used to setup a server and check we can force Vert.x to use a specific alias. -By default the SSL engine selects the first entry in the keystore (which corresponds to the second generated key pair - "other"). +# The generated file is used to setup a server and check we can force Vert.x to use a specific alias. +# By default the SSL engine selects the first entry in the keystore (which corresponds to the second generated key pair - "other"). ## JKS Store with multiple entries and key passwords -Same as previous one but with key passwords. +# Same as previous one but with key passwords. -keytool -v -genkeypair -alias fonky -dname "CN=fonky, OU=Vert.x, O=Eclipse" -keyalg RSA -keysize 4096 -keystore multiple-alias-password.jks -validity 36500 -storepass wibble -keypass family -storetype jks +rm -f multiple-alias-password.jks +keytool -v -genkeypair -alias fonky -dname "CN=fonky, OU=Vert.x, O=Eclipse" -keyalg RSA -keysize 4096 -keystore multiple-alias-password.jks -storetype JKS -validity 36500 -storepass wibble -keypass family -storetype jks keytool -v -genkeypair -alias reflection -dname "CN=reflection, OU=Vert.x, O=Eclipse" -keyalg RSA -keysize 4096 -keystore multiple-alias-password.jks -validity 36500 -storepass wibble -keypass eternal -storetype jks