From c285a15bee39d064733a1565d2df6be42f5341c9 Mon Sep 17 00:00:00 2001 From: simon Date: Sat, 22 Feb 2020 17:37:45 +0100 Subject: [PATCH] chore: add default ssl certs --- ssl/ca.cnf | 10 +-- ssl/cert/00.pem | 80 ++++++++++++++++++++++++ ssl/cert/ca.pem | 29 +++++++++ ssl/cert/server.csr | 18 ++++++ ssl/db/index.txt | 1 + ssl/db/index.txt.attr | 1 + ssl/{cert/index.txt => db/index.txt.old} | 0 ssl/db/serial | 2 +- ssl/{cert/serial => db/serial.old} | 0 ssl/server.cnf | 12 ++-- 10 files changed, 141 insertions(+), 12 deletions(-) create mode 100644 ssl/cert/00.pem create mode 100644 ssl/cert/ca.pem create mode 100644 ssl/cert/server.csr create mode 100644 ssl/db/index.txt.attr rename ssl/{cert/index.txt => db/index.txt.old} (100%) rename ssl/{cert/serial => db/serial.old} (100%) diff --git a/ssl/ca.cnf b/ssl/ca.cnf index 86fbf40..c481265 100644 --- a/ssl/ca.cnf +++ b/ssl/ca.cnf @@ -48,11 +48,11 @@ x509_extensions = v3_ca [certificate_authority] countryName = AT -stateOrProvinceName = Vienna -localityName = Vienna -organizationName = hokify.com -emailAddress = info@hokify.com -commonName = "hokify GmbH" +stateOrProvinceName = Radius +localityName = Somewhere +organizationName = Example Inc. +emailAddress = admin@example.org +commonName = "Example Certificate Authority" [v3_ca] subjectKeyIdentifier = hash diff --git a/ssl/cert/00.pem b/ssl/cert/00.pem new file mode 100644 index 0000000..145f3e4 --- /dev/null +++ b/ssl/cert/00.pem @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 0 (0x0) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=AT, ST=Radius, L=Somewhere, O=Example Inc./emailAddress=admin@example.org, CN=Example Certificate Authority + Validity + Not Before: Feb 22 16:37:01 2020 GMT + Not After : Jul 27 16:37:01 2036 GMT + Subject: C=AT, ST=Radius, O=Example Inc., CN=Example Certificate Authority/emailAddress=admin@example.org + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:eb:86:1d:bf:2e:b6:9a:52:72:3e:db:33:b1:dc: + b2:63:23:64:73:4f:d8:eb:32:25:f2:9c:19:a0:1b: + 32:12:10:8a:d6:f3:c4:0a:10:25:be:0a:dc:14:1b: + 94:b5:2b:16:df:87:09:c2:99:0b:be:18:5e:fb:0c: + 0f:e0:d2:8a:6c:e5:22:0e:cd:aa:a8:57:91:e9:dc: + 4c:dc:b7:11:2b:2c:c8:46:8e:a5:a2:41:90:8a:89: + 1b:f1:d2:f7:cd:d9:bd:f7:12:19:4b:c9:05:b5:05: + 99:76:3f:b1:6a:27:42:22:d5:fe:b9:65:aa:95:f2: + 25:5b:b6:3c:f4:a8:be:59:ce:c5:35:02:39:ba:c8: + f6:bd:ce:95:60:e6:bd:1e:fd:a7:e3:8b:3f:e7:45: + e0:c9:6d:2d:78:e8:90:46:a6:88:90:04:13:84:6d: + a4:2f:b8:d3:fc:93:f8:31:9a:27:67:f4:fb:1d:55: + 80:e4:20:df:8f:b8:b0:c1:42:88:9e:89:e0:29:6f: + 36:2e:4e:18:ce:da:92:ad:4e:3e:eb:a3:4f:eb:0b: + 20:e6:1d:89:51:cf:8f:43:06:e9:d6:5a:94:6f:6a: + 07:b0:43:3e:d7:b1:a0:68:23:1a:e7:10:65:a1:75: + ea:19:bb:ed:7d:e4:9a:07:9b:10:99:0a:5d:75:b3: + 15:83 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 CRL Distribution Points: + + Full Name: + URI:http://www.example.com/example_ca.crl + + Signature Algorithm: sha256WithRSAEncryption + 9f:4d:e9:78:d5:5f:c1:fb:e1:43:d1:9f:2d:d6:c3:f8:94:56: + 0b:94:2d:b5:e7:d2:bd:f6:3b:e1:69:6b:cb:84:e4:8a:a9:fd: + 1b:58:16:b5:2d:c7:00:d8:cb:56:37:72:f8:0c:17:a7:17:ec: + 52:9c:17:b7:78:90:9e:8c:a9:a1:b4:72:87:96:3b:06:48:83: + 27:8b:ca:8d:0c:8d:06:f9:4d:e9:bb:26:5e:76:a7:79:62:31: + d4:99:e2:e3:ad:83:3f:c0:79:5d:0f:60:33:9d:f9:05:cd:12: + 25:c3:10:22:81:d4:e3:95:3f:b3:ab:21:84:e7:6b:f5:55:9f: + 8d:30:a7:eb:c4:85:23:94:5d:59:08:c7:48:f9:cf:37:98:9e: + 96:89:e0:8b:75:05:ce:27:76:e4:bf:e5:14:b6:7f:21:07:bc: + 67:53:95:f0:c5:ac:bd:4f:9e:46:df:40:6d:8d:8a:80:c6:21: + 80:ab:c4:bd:ee:77:01:16:9c:d5:7a:62:3b:d0:bd:38:6b:9d: + db:4e:0e:aa:cf:03:c8:a5:07:0a:c5:79:42:53:6a:34:74:ec: + 01:e1:3b:38:fe:14:15:0a:a1:cf:3b:a7:90:76:ba:1b:34:b5: + 70:77:78:0e:6d:2d:96:8b:d5:dc:1b:1e:21:a6:57:6a:97:5a: + 67:49:64:81 +-----BEGIN CERTIFICATE----- +MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBkzELMAkGA1UEBhMCQVQx +DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYDVQQKDAxF +eGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUub3JnMSYw +JAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0yMDAyMjIx +NjM3MDFaFw0zNjA3MjcxNjM3MDFaMH8xCzAJBgNVBAYTAkFUMQ8wDQYDVQQIDAZS +YWRpdXMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEmMCQGA1UEAwwdRXhhbXBsZSBD +ZXJ0aWZpY2F0ZSBBdXRob3JpdHkxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1w +bGUub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64Ydvy62mlJy +PtszsdyyYyNkc0/Y6zIl8pwZoBsyEhCK1vPEChAlvgrcFBuUtSsW34cJwpkLvhhe ++wwP4NKKbOUiDs2qqFeR6dxM3LcRKyzIRo6lokGQiokb8dL3zdm99xIZS8kFtQWZ +dj+xaidCItX+uWWqlfIlW7Y89Ki+Wc7FNQI5usj2vc6VYOa9Hv2n44s/50XgyW0t +eOiQRqaIkAQThG2kL7jT/JP4MZonZ/T7HVWA5CDfj7iwwUKInongKW82Lk4YztqS +rU4+66NP6wsg5h2JUc+PQwbp1lqUb2oHsEM+17GgaCMa5xBloXXqGbvtfeSaB5sQ +mQpddbMVgwIDAQABo08wTTATBgNVHSUEDDAKBggrBgEFBQcDATA2BgNVHR8ELzAt +MCugKaAnhiVodHRwOi8vd3d3LmV4YW1wbGUuY29tL2V4YW1wbGVfY2EuY3JsMA0G +CSqGSIb3DQEBCwUAA4IBAQCfTel41V/B++FD0Z8t1sP4lFYLlC2159K99jvhaWvL +hOSKqf0bWBa1LccA2MtWN3L4DBenF+xSnBe3eJCejKmhtHKHljsGSIMni8qNDI0G ++U3puyZedqd5YjHUmeLjrYM/wHldD2AznfkFzRIlwxAigdTjlT+zqyGE52v1VZ+N +MKfrxIUjlF1ZCMdI+c83mJ6WieCLdQXOJ3bkv+UUtn8hB7xnU5Xwxay9T55G30Bt +jYqAxiGAq8S97ncBFpzVemI70L04a53bTg6qzwPIpQcKxXlCU2o0dOwB4Ts4/hQV +CqHPO6eQdrobNLVwd3gObS2Wi9XcGx4hpldql1pnSWSB +-----END CERTIFICATE----- diff --git a/ssl/cert/ca.pem b/ssl/cert/ca.pem new file mode 100644 index 0000000..9ae9f81 --- /dev/null +++ b/ssl/cert/ca.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE+jCCA+KgAwIBAgIUVIBUu2vZ0TrxOwqlIyfxooaF4bIwDQYJKoZIhvcNAQEL +BQAwgZMxCzAJBgNVBAYTAkFUMQ8wDQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNv +bWV3aGVyZTEVMBMGA1UECgwMRXhhbXBsZSBJbmMuMSAwHgYJKoZIhvcNAQkBFhFh +ZG1pbkBleGFtcGxlLm9yZzEmMCQGA1UEAwwdRXhhbXBsZSBDZXJ0aWZpY2F0ZSBB +dXRob3JpdHkwHhcNMjAwMjIyMTYzNzAxWhcNMjkxMjMxMTYzNzAxWjCBkzELMAkG +A1UEBhMCQVQxDzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUw +EwYDVQQKDAxFeGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1w +bGUub3JnMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMg5QnJc+a8K0YGIcnZ0OfFZ +ZNQUMIBJIxdE3LnIa1Y6JNA89oVodtD/J4bFOHa8ehji7R6JzTCpDi6Sc61D9mT2 +Fa1sm8wSrD4NU+tMlaK5U73C6nYrAtnTpFnDeQQEzgfyzoN988QXAknY++Ls0CU/ +B2Pjd5D4Sk1VOOf88/XYyU5OM5jT5/skOuBULdGhbL9TME3PRieMLOokTFZjNnDy +uCKV3p5PD8MYAVh6qNEdHHnQMp559JfdzAh2FZPvdr88MbhO78pFCymdnOkhIr6M +ZvBqDLxaV7mjcduU/U1lq13CekZ2DUTDpbUa9z4w+BiqgFpWJdxy0ZTwpwPBqd8C +AwEAAaOCAUIwggE+MB0GA1UdDgQWBBR0nqW1x1vNwtdFezphgGtkz7B2RjCB0wYD +VR0jBIHLMIHIgBR0nqW1x1vNwtdFezphgGtkz7B2RqGBmaSBljCBkzELMAkGA1UE +BhMCQVQxDzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYD +VQQKDAxFeGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUu +b3JnMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eYIUVIBU +u2vZ0TrxOwqlIyfxooaF4bIwDwYDVR0TAQH/BAUwAwEB/zA2BgNVHR8ELzAtMCug +KaAnhiVodHRwOi8vd3d3LmV4YW1wbGUub3JnL2V4YW1wbGVfY2EuY3JsMA0GCSqG +SIb3DQEBCwUAA4IBAQAdywbOcOa9XSx/hEOKkG4rZR8F6eb+z/u+BYfEhQE4unTR +3ihNarsHwteTQArabTRzuV8+phX7fgkQJHmp1NOpJVmMEr3JOs00SGbisxDmK0Z3 +2HkE+DjpYo2Sz8b77YD1AWk705rJkJ0Jp5+d/BLk6CjCr524XsSKLwKRWKOit3eu +WKsbt+VMd7d8jDvgwrtKLDpGv/sBym5w9zQjUqOTPBr70BBbpynJD62mzdr5OjIc +JiZKjusr1fieOeBzo2us+hFdvoCmW8X4hwVAyWm4JgP1yZ9IT/KLnFtJo0k/BM3B +lzcz90I0zzpewC8xxaWJ7kz6h+eSIa3orlSIug4o +-----END CERTIFICATE----- diff --git a/ssl/cert/server.csr b/ssl/cert/server.csr new file mode 100644 index 0000000..d81abea --- /dev/null +++ b/ssl/cert/server.csr @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIC2TCCAcECAQAwgZMxCzAJBgNVBAYTAkFUMQ8wDQYDVQQIDAZSYWRpdXMxEjAQ +BgNVBAcMCVNvbWV3aGVyZTEVMBMGA1UECgwMRXhhbXBsZSBJbmMuMSAwHgYJKoZI +hvcNAQkBFhFhZG1pbkBleGFtcGxlLm9yZzEmMCQGA1UEAwwdRXhhbXBsZSBDZXJ0 +aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQDrhh2/LraaUnI+2zOx3LJjI2RzT9jrMiXynBmgGzISEIrW88QKECW+CtwUG5S1 +KxbfhwnCmQu+GF77DA/g0ops5SIOzaqoV5Hp3EzctxErLMhGjqWiQZCKiRvx0vfN +2b33EhlLyQW1BZl2P7FqJ0Ii1f65ZaqV8iVbtjz0qL5ZzsU1Ajm6yPa9zpVg5r0e +/afjiz/nReDJbS146JBGpoiQBBOEbaQvuNP8k/gxmidn9PsdVYDkIN+PuLDBQoie +ieApbzYuThjO2pKtTj7ro0/rCyDmHYlRz49DBunWWpRvagewQz7XsaBoIxrnEGWh +deoZu+195JoHmxCZCl11sxWDAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAKYUI +sRw13r+FXj0cR7rvz2JQVBcJSphHrBK5O8xkO4zlOLVuxbUIA3/6YunmmnFMChTb +O/Be6HDHX0+SmqfrT0VUGZ2zF1QeDFtkK195r3gMCQ1qqUEBCdAWZG4u1XDEnVvV +fctXt3D/D8cYJ0Dw+xHMBq5RpxO6/dv+ML1QicRJ8h4uvtjcf3ePPF6cyrtLeCxM +Vw6RWUB0XbdSqA6ljFcT0ytI1f4hnu7pwp4Rhc6xAtZyGWn7Vgbm9kxlThzenT+r +fePBF77E2CY16kRzzKQOiyEqumkotEimvGsUsGx90TtPTMNX8GiXm9Ct1XRBL4SI +R+SlHRAayKRGPyhvOA== +-----END CERTIFICATE REQUEST----- diff --git a/ssl/db/index.txt b/ssl/db/index.txt index e69de29..a362bb7 100644 --- a/ssl/db/index.txt +++ b/ssl/db/index.txt @@ -0,0 +1 @@ +V 360727163701Z 00 unknown /C=AT/ST=Radius/O=Example Inc./CN=Example Certificate Authority/emailAddress=admin@example.org diff --git a/ssl/db/index.txt.attr b/ssl/db/index.txt.attr new file mode 100644 index 0000000..8f7e63a --- /dev/null +++ b/ssl/db/index.txt.attr @@ -0,0 +1 @@ +unique_subject = yes diff --git a/ssl/cert/index.txt b/ssl/db/index.txt.old similarity index 100% rename from ssl/cert/index.txt rename to ssl/db/index.txt.old diff --git a/ssl/db/serial b/ssl/db/serial index 4daddb7..8a0f05e 100644 --- a/ssl/db/serial +++ b/ssl/db/serial @@ -1 +1 @@ -00 +01 diff --git a/ssl/cert/serial b/ssl/db/serial.old similarity index 100% rename from ssl/cert/serial rename to ssl/db/serial.old diff --git a/ssl/server.cnf b/ssl/server.cnf index 4bcbc95..4678829 100644 --- a/ssl/server.cnf +++ b/ssl/server.cnf @@ -45,10 +45,10 @@ input_password = whatever2020 output_password = whatever2020 [server] -countryName = AT -stateOrProvinceName = Vienna -localityName = Vienna -organizationName = hokify.com -emailAddress = info@hokify.com -commonName = "hokify GmbH" +countryName = AT +stateOrProvinceName = Radius +localityName = Somewhere +organizationName = Example Inc. +emailAddress = admin@example.org +commonName = "Example Certificate Authority"