grenache-ruby-http 0.2.4 → 0.2.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -0
- data/examples/worker_ssl.rb +2 -1
- data/grenache-ruby-http.gemspec +1 -1
- data/lib/grenache/http/configurable.rb +37 -0
- data/lib/grenache/http/http_server.rb +22 -0
- data/lib/grenache/http/version.rb +1 -1
- data/lib/grenache/http.rb +6 -0
- data/lib/grenache-ruby-http.rb +2 -0
- metadata +6 -12
- data/examples/ssl_R/cacert.pem +0 -22
- data/examples/ssl_R/clientkey.pem +0 -28
- data/examples/ssl_R/clientreq.pem +0 -22
- data/examples/ssl_R/openssl.cnf +0 -346
- data/examples/ssl_R/private/cakey.pem +0 -30
- data/examples/ssl_R/serial +0 -1
- data/examples/ssl_R/serverkey.pem +0 -28
- data/examples/ssl_R/serverreq.pem +0 -22
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 985cc37eaad45ea6c7b4b12edeea4b7d299b64b5
|
4
|
+
data.tar.gz: 41f9a1189694c9499326c7ddd9bce5f0d4168176
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b424721eb0cb1467bb5586cdcaf73ac6ab64c7a6c77f53813d83603946892940d53bc7a85f5bc102aba7908b04a81541d7c38bd39cc5c6d44cd37bcf090637ec
|
7
|
+
data.tar.gz: 00ada15ed90502d9f43c0557ddffb1f91fe3e8034558ac2c5780c774a1cac1701e02458ec7327e9d9edd43f38dd835e4954fab8d062c7e288d9a7881a2635690
|
data/Gemfile
CHANGED
data/examples/worker_ssl.rb
CHANGED
@@ -4,6 +4,7 @@ Grenache::Http.configure do |conf|
|
|
4
4
|
conf.grape_address = "http://127.0.0.1:40002/"
|
5
5
|
conf.key = File.expand_path('.') + "/ssl/server-key.pem"
|
6
6
|
conf.cert_pem = File.expand_path('.') + "/ssl/server-chain.pem"
|
7
|
+
conf.ca = File.expand_path('.') + "/ssl/ca-crt.pem"
|
7
8
|
conf.service_host = "localhost"
|
8
9
|
end
|
9
10
|
|
@@ -16,7 +17,7 @@ EM.run do
|
|
16
17
|
|
17
18
|
c.listen('rpc_test', 5004) do |msg, fingerprint|
|
18
19
|
#[StandardError.new("Error!"),"hello #{msg.payload}"]
|
19
|
-
puts fingerprint
|
20
|
+
puts "certificate fingerprint #{fingerprint}"
|
20
21
|
[nil,"hello #{msg.payload}"]
|
21
22
|
end
|
22
23
|
|
data/grenache-ruby-http.gemspec
CHANGED
@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
|
|
18
18
|
|
19
19
|
spec.add_runtime_dependency "eventmachine", "~> 1.2"
|
20
20
|
spec.add_runtime_dependency "faye-websocket", "~> 0.10"
|
21
|
-
spec.add_runtime_dependency "grenache-ruby-base", "~> 0.2.
|
21
|
+
spec.add_runtime_dependency "grenache-ruby-base", "~> 0.2.7"
|
22
22
|
spec.add_runtime_dependency "httparty", "~> 0.14.0"
|
23
23
|
spec.add_runtime_dependency "oj", "~> 2.18"
|
24
24
|
spec.add_runtime_dependency "thin", "~> 1.7"
|
@@ -0,0 +1,37 @@
|
|
1
|
+
module Granache
|
2
|
+
class Http < Grenache::Base
|
3
|
+
class Configuration < Grenache::Configuration
|
4
|
+
|
5
|
+
# thin server
|
6
|
+
attr_accessor :thin_threaded, :thin_threadpool_size
|
7
|
+
|
8
|
+
def initialize
|
9
|
+
set_bool :thin_threaded, params, false
|
10
|
+
set_val :thin_threadpool_size, params, 0
|
11
|
+
super
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
module HttpConfigurable
|
17
|
+
def self.included(base)
|
18
|
+
base.extend(ClassMethods)
|
19
|
+
end
|
20
|
+
|
21
|
+
def config
|
22
|
+
self.class.config
|
23
|
+
end
|
24
|
+
|
25
|
+
module ClassMethods
|
26
|
+
def configure
|
27
|
+
yield config
|
28
|
+
end
|
29
|
+
|
30
|
+
def config
|
31
|
+
@configuration ||= Grenache::Http::Configuration.new
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
include HttpConfigurable
|
37
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
module Thin
|
2
|
+
class Connection < EventMachine::Connection
|
3
|
+
def ssl_verify_peer cert
|
4
|
+
client = OpenSSL::X509::Certificate.new cert
|
5
|
+
store.verify client
|
6
|
+
end
|
7
|
+
|
8
|
+
|
9
|
+
private
|
10
|
+
def store
|
11
|
+
@store ||= OpenSSL::X509::Store.new.tap do |store|
|
12
|
+
root = OpenSSL::X509::Certificate.new ca_cert
|
13
|
+
store.add_cert root
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
def ca_cert
|
18
|
+
@ca_cert ||= File.read Grenache::Http.config.ca
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
data/lib/grenache/http.rb
CHANGED
@@ -19,6 +19,12 @@ module Grenache
|
|
19
19
|
[200,nil, ServiceMessage.new(payload, err, req.rid).to_json]
|
20
20
|
}
|
21
21
|
server = Thin::Server.new config.service_host, port, {signals: false}, app
|
22
|
+
|
23
|
+
if config.thin_threaded
|
24
|
+
server.threaded = true
|
25
|
+
server.threadpool_size = config.thin_threadpool_size
|
26
|
+
end
|
27
|
+
|
22
28
|
if tls?
|
23
29
|
server.ssl = true
|
24
30
|
server.ssl_options = {
|
data/lib/grenache-ruby-http.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: grenache-ruby-http
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Bitfinex <info@bitfinex.com>
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-06-
|
11
|
+
date: 2017-06-16 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: eventmachine
|
@@ -44,14 +44,14 @@ dependencies:
|
|
44
44
|
requirements:
|
45
45
|
- - "~>"
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: 0.2.
|
47
|
+
version: 0.2.7
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: 0.2.
|
54
|
+
version: 0.2.7
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
56
|
name: httparty
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -124,20 +124,14 @@ files:
|
|
124
124
|
- examples/ssl/server-csr.pem
|
125
125
|
- examples/ssl/server-key.pem
|
126
126
|
- examples/ssl/server.cnf
|
127
|
-
- examples/ssl_R/cacert.pem
|
128
|
-
- examples/ssl_R/clientkey.pem
|
129
|
-
- examples/ssl_R/clientreq.pem
|
130
|
-
- examples/ssl_R/openssl.cnf
|
131
|
-
- examples/ssl_R/private/cakey.pem
|
132
|
-
- examples/ssl_R/serial
|
133
|
-
- examples/ssl_R/serverkey.pem
|
134
|
-
- examples/ssl_R/serverreq.pem
|
135
127
|
- examples/worker.rb
|
136
128
|
- examples/worker_ssl.rb
|
137
129
|
- grenache-ruby-http.gemspec
|
138
130
|
- lib/grenache-ruby-http.rb
|
139
131
|
- lib/grenache/http.rb
|
132
|
+
- lib/grenache/http/configurable.rb
|
140
133
|
- lib/grenache/http/http_client.rb
|
134
|
+
- lib/grenache/http/http_server.rb
|
141
135
|
- lib/grenache/http/version.rb
|
142
136
|
homepage: https://github.com/bitfinexcom/grenache-ruby-http
|
143
137
|
licenses:
|
data/examples/ssl_R/cacert.pem
DELETED
@@ -1,22 +0,0 @@
|
|
1
|
-
-----BEGIN CERTIFICATE-----
|
2
|
-
MIIDljCCAn6gAwIBAgIJAKt0CAfWcrP1MA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNV
|
3
|
-
BAYTAlVLMQ8wDQYDVQQIDAZMb25kb24xGTAXBgNVBAoMEEJpdGZpbmV4IExpbWl0
|
4
|
-
ZWQxETAPBgNVBAsMCFNlY3VyaXR5MRIwEAYDVQQDDAkxMjcuMC4wLjEwHhcNMTcw
|
5
|
-
NjA3MjEzNzUxWhcNMTgwNjA3MjEzNzUxWjBgMQswCQYDVQQGEwJVSzEPMA0GA1UE
|
6
|
-
CAwGTG9uZG9uMRkwFwYDVQQKDBBCaXRmaW5leCBMaW1pdGVkMREwDwYDVQQLDAhT
|
7
|
-
ZWN1cml0eTESMBAGA1UEAwwJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOC
|
8
|
-
AQ8AMIIBCgKCAQEAxmu3r6ZNyE5UHrvaZ5fMgkQa28xrZINyKq2hk+0YV3dWzaA2
|
9
|
-
gDSUxI7LzwrWygfGOkankQhpRhnRBTxIYJV2xtmHOqz0A40vIRc0xhKcl7WnsfOP
|
10
|
-
X0gnjsAQL9CJBJ0zw4zubtV7+qmZG/mNaIKmGzJioR393Yqq9objAfy9E5bZV00e
|
11
|
-
fErJnpvAkyTFMouwDfTcwkVP8dDSJ0pgqQt5vC6+r+0GXpwgVirka6Dw0S+j/kF3
|
12
|
-
oP4kRDTUQ8lvxihcqvzZd3Z3dnlHiYAWjWcyifCvzWc9iQb/L1D+vz7vW3W5EPlL
|
13
|
-
ZzB7b+m7iNXSm1/C3R2AFNKVZFkESWyESZ0+2QIDAQABo1MwUTAdBgNVHQ4EFgQU
|
14
|
-
TJaXwKzssSOTNyZGwPz1t9yafWowHwYDVR0jBBgwFoAUTJaXwKzssSOTNyZGwPz1
|
15
|
-
t9yafWowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAA9tUOBxN
|
16
|
-
ZIl/KvezJgkYjcc1HUsj+E/XKph1kvuD/A8oxWZ165XikFyj3/S/Ja3zZigaX26+
|
17
|
-
OcaT3xb0KTYoCKO6FRtFaVc8YFva0j5RebpchhZWkaKaxcG4b0g/cthMhSTUz56K
|
18
|
-
hjXRBEZIw3QMbwwLTCHw/j2QI83z03jnLT+QmDq+r1yXH5fEYNXJ/CFLqBi0c5vY
|
19
|
-
ai8BMD2mkfrBwn5L3ZmCgljpeQikeloXWSKL8ss9CMzk3CKlrDw5awIk9CrxbKY8
|
20
|
-
jrJc3qCme0If7nhoKwSEI9HkkYQlFoUVPhONWmldQFBdgrE7YAhZVoGYGW6ov0MK
|
21
|
-
X9fL4mCWwh4mIw==
|
22
|
-
-----END CERTIFICATE-----
|
@@ -1,28 +0,0 @@
|
|
1
|
-
-----BEGIN PRIVATE KEY-----
|
2
|
-
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDbP9kIJ4oEwGH0
|
3
|
-
Dgy8chvLBl2o0WDYONOiJvQTT/W9xMZ52t0/+XL6P1y9S0BO46atk/k+6dRck3DU
|
4
|
-
QZk9DMEtt+QZOHnHREqnJ7BLpwz6GBMcCTd7mrcjW8v+c7isS2EfHPtzDAGpN8hd
|
5
|
-
Zltv1Yc0W1tR9FTgqA82P+LBQ0pM6e20KnHTHqB+q56baJErbHaDoO6bVeVS14pv
|
6
|
-
qnfDX6TsXUBw6ewqpJVIf6tEvbGk8EGt9GW/vzxZGvDsLqOL8OtG3XLfqXH84HKq
|
7
|
-
QfwmLtKYGv7fZ0hg+6dE/pdBLP+hz66TqwaVPmJdZHMdtPhaYnuKz9J1xA8WONjH
|
8
|
-
8R3jREN/AgMBAAECggEBALtKX2vH2u8UKJkDJ34TPArC9V8w/Tm30ZHDFN0qgRIK
|
9
|
-
9kFB5Z6wyLddSSurDNRXRBsjPNexh+dNTCUFpJGyQ5N6cy/YPq8qd1szXDZEDaHW
|
10
|
-
zvw0I2FDWQ6rbCeBU1BbVCvv5hzxNLoJHPAscA+oqEbhg7EOtzLyXYxKJrpRcTch
|
11
|
-
SJ6RcGzaap2s7G2wHrr0g0/zj1VJFKiNt/yucrMN6Omo2KNNmFEKZnIQtFGm5MDr
|
12
|
-
kfoL/kI+Uxna5EqpFOYmape0XffqcrSAhzXUH5Vxfu3sq+n33h56dkSRdzY/3byN
|
13
|
-
f2w+9zOSCmWB/P0oXvE+DQmjZFIAH/CaeviVrs66LYECgYEA+5WR/FgCsg/pwKPL
|
14
|
-
uzozaveBbnaj53g09BNHW4X/IGahC2G6UA0mm9Rd/xe8FzFx4LeNFYeY6jOIDN/3
|
15
|
-
aGxa+j6IOnqc7k1bPF2PUI0IzKCIoVSDRSYrxLUWXVXDH5BnwZXzndfN3OK++xNh
|
16
|
-
sPD/UVvqlJR16ZPvKnXTlazqBqUCgYEA3xj9NcNYZ1XY3hCmgnwlXzntwKIh9bmz
|
17
|
-
VuFek7WVEVP5zPcDcF6YbOwWYEtRZUxsOIzpJBwSB7OqwCwN0oCyCHQbnU32vHcr
|
18
|
-
Yvk9SndXiQGKyNfqMc5YGB9YjUp+fT146wtVD7AnliA7hDB+BkCAqFsC4eN61zhq
|
19
|
-
/Z3DgcD07FMCgYAQeOuVDSIoDHiun0rgmF/zef8kf2od5rX44SZD7NMWiQG0YBK1
|
20
|
-
2RaVD2OUJzaughNFtl7rcPRnKTaYOTXWxXlzdxKuWYba53+4xRt0F7fixgQMJB9w
|
21
|
-
MJ6fA4hSViIvd+IDP9EynYWiF8qPX+Z+klj1N8J1Nf8+auw26H4RB8BO7QKBgQC2
|
22
|
-
IrCWM+T4eB2VLgLChJf+Jkzz92nCMtk3FMch0BzjCKvnqcIk+xV110htVRAeo0W2
|
23
|
-
5VNxJ3mQ0B2WxmCCeo7eV+wzgHLvalsBcnmXUdclAx1K2vtXrh49k1m4ABlEJeuR
|
24
|
-
+K55IFcxOR9dzDkW4ZIn4CV6RT0EeArhAuuaAu3yAQKBgQCj6VHPX4s5izR6D89J
|
25
|
-
fhEJrEmxzighH0jvC1mDtYea/5SDI0nKb2KfPWyy69E1EOOgLvalG5+3H5UcBGx9
|
26
|
-
Z0Y2D0BkKY1rdkTEC7HYLrreRis8HqtuQas92HQzVh6jDSdA0ZdMDARF6JrtEhA8
|
27
|
-
ecYY8PuPaIPDzzeB6XHUUqTlAQ==
|
28
|
-
-----END PRIVATE KEY-----
|
@@ -1,22 +0,0 @@
|
|
1
|
-
-----BEGIN CERTIFICATE-----
|
2
|
-
MIIDojCCAoqgAwIBAgIJAMI0yYskTydNMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNV
|
3
|
-
BAYTAlVLMQ8wDQYDVQQIDAZMb25kb24xGTAXBgNVBAoMEEJpdGZpbmV4IExpbWl0
|
4
|
-
ZWQxFzAVBgNVBAsMDkluZnJhc3RydWN0dXJlMRIwEAYDVQQDDAkxMjcuMC4wLjEw
|
5
|
-
HhcNMTcwNjA3MjEzOTM1WhcNMTgwNjA3MjEzOTM1WjBmMQswCQYDVQQGEwJVSzEP
|
6
|
-
MA0GA1UECAwGTG9uZG9uMRkwFwYDVQQKDBBCaXRmaW5leCBMaW1pdGVkMRcwFQYD
|
7
|
-
VQQLDA5JbmZyYXN0cnVjdHVyZTESMBAGA1UEAwwJMTI3LjAuMC4xMIIBIjANBgkq
|
8
|
-
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2z/ZCCeKBMBh9A4MvHIbywZdqNFg2DjT
|
9
|
-
oib0E0/1vcTGedrdP/ly+j9cvUtATuOmrZP5PunUXJNw1EGZPQzBLbfkGTh5x0RK
|
10
|
-
pyewS6cM+hgTHAk3e5q3I1vL/nO4rEthHxz7cwwBqTfIXWZbb9WHNFtbUfRU4KgP
|
11
|
-
Nj/iwUNKTOnttCpx0x6gfquem2iRK2x2g6Dum1XlUteKb6p3w1+k7F1AcOnsKqSV
|
12
|
-
SH+rRL2xpPBBrfRlv788WRrw7C6ji/DrRt1y36lx/OByqkH8Ji7SmBr+32dIYPun
|
13
|
-
RP6XQSz/oc+uk6sGlT5iXWRzHbT4WmJ7is/SdcQPFjjYx/Ed40RDfwIDAQABo1Mw
|
14
|
-
UTAdBgNVHQ4EFgQUDTUx+d9DTDhBPmbmrDsbnZDamLUwHwYDVR0jBBgwFoAUDTUx
|
15
|
-
+d9DTDhBPmbmrDsbnZDamLUwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsF
|
16
|
-
AAOCAQEA1YFKHna73k6otketEGbOfP0dAN8SF9qJ1tEoRUFgbRd/a6b9Pgz9cVwZ
|
17
|
-
7MfFnz77+HHomUTVLt7Euxly3Me8Y8dkftPRffoURykrH6GABkE2Q38bqBfKcFT2
|
18
|
-
25Pu8C18un43hIRC2ti50/zdsoaXY/XxwcWMBvRt3zOE7JxV6iPXX9K2cLdfyMxR
|
19
|
-
sYI5rCA3bEqQrv2kjEt42Slp861TrddgYvaM00iUrWW4QewBJI3ahPsfbzJgxdyl
|
20
|
-
2DKbcoqFLtEi8VAv47xam3jMoVcpmvMsn7deQs8vKT58tfsKFE7DXUCm2BzBPy5Y
|
21
|
-
iGksJFFkmiBcJ+zHOuilqXlOpqTecg==
|
22
|
-
-----END CERTIFICATE-----
|
data/examples/ssl_R/openssl.cnf
DELETED
@@ -1,346 +0,0 @@
|
|
1
|
-
#
|
2
|
-
# OpenSSL example configuration file.
|
3
|
-
# This is mostly being used for generation of certificate requests.
|
4
|
-
#
|
5
|
-
|
6
|
-
# This definition stops the following lines choking if HOME isn't
|
7
|
-
# defined.
|
8
|
-
HOME = .
|
9
|
-
RANDFILE = $ENV::HOME/.rnd
|
10
|
-
|
11
|
-
# Extra OBJECT IDENTIFIER info:
|
12
|
-
#oid_file = $ENV::HOME/.oid
|
13
|
-
oid_section = new_oids
|
14
|
-
|
15
|
-
# To use this configuration file with the "-extfile" option of the
|
16
|
-
# "openssl x509" utility, name here the section containing the
|
17
|
-
# X.509v3 extensions to use:
|
18
|
-
# extensions =
|
19
|
-
# (Alternatively, use a configuration file that has only
|
20
|
-
# X.509v3 extensions in its main [= default] section.)
|
21
|
-
|
22
|
-
[ new_oids ]
|
23
|
-
|
24
|
-
# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
|
25
|
-
# Add a simple OID like this:
|
26
|
-
# testoid1=1.2.3.4
|
27
|
-
# Or use config file substitution like this:
|
28
|
-
# testoid2=${testoid1}.5.6
|
29
|
-
|
30
|
-
# Policies used by the TSA examples.
|
31
|
-
tsa_policy1 = 1.2.3.4.1
|
32
|
-
tsa_policy2 = 1.2.3.4.5.6
|
33
|
-
tsa_policy3 = 1.2.3.4.5.7
|
34
|
-
|
35
|
-
####################################################################
|
36
|
-
[ ca ]
|
37
|
-
default_ca = CA_default # The default ca section
|
38
|
-
|
39
|
-
####################################################################
|
40
|
-
[ CA_default ]
|
41
|
-
|
42
|
-
dir = . # Where everything is kept
|
43
|
-
certs = $dir/certs # Where the issued certs are kept
|
44
|
-
crl_dir = $dir/crl # Where the issued crl are kept
|
45
|
-
database = $dir/index.txt # database index file.
|
46
|
-
#unique_subject = no # Set to 'no' to allow creation of
|
47
|
-
# several certs with same subject.
|
48
|
-
new_certs_dir = $dir/newcerts # default place for new certs.
|
49
|
-
|
50
|
-
certificate = $dir/cacert.pem # The CA certificate
|
51
|
-
serial = $dir/serial # The current serial number
|
52
|
-
crlnumber = $dir/crlnumber # the current crl number
|
53
|
-
# must be commented out to leave a V1 CRL
|
54
|
-
crl = $dir/crl.pem # The current CRL
|
55
|
-
private_key = $dir/private/cakey.pem# The private key
|
56
|
-
RANDFILE = $dir/private/.rand # private random number file
|
57
|
-
|
58
|
-
x509_extensions = usr_cert # The extensions to add to the cert
|
59
|
-
|
60
|
-
# Comment out the following two lines for the "traditional"
|
61
|
-
# (and highly broken) format.
|
62
|
-
name_opt = ca_default # Subject Name options
|
63
|
-
cert_opt = ca_default # Certificate field options
|
64
|
-
|
65
|
-
# Extension copying option: use with caution.
|
66
|
-
# copy_extensions = copy
|
67
|
-
|
68
|
-
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
|
69
|
-
# so this is commented out by default to leave a V1 CRL.
|
70
|
-
# crlnumber must also be commented out to leave a V1 CRL.
|
71
|
-
# crl_extensions = crl_ext
|
72
|
-
|
73
|
-
default_days = 365 # how long to certify for
|
74
|
-
default_crl_days= 30 # how long before next CRL
|
75
|
-
default_md = default # use public key default MD
|
76
|
-
preserve = no # keep passed DN ordering
|
77
|
-
|
78
|
-
# A few difference way of specifying how similar the request should look
|
79
|
-
# For type CA, the listed attributes must be the same, and the optional
|
80
|
-
# and supplied fields are just that :-)
|
81
|
-
policy = policy_match
|
82
|
-
|
83
|
-
# For the CA policy
|
84
|
-
[ policy_match ]
|
85
|
-
countryName = match
|
86
|
-
stateOrProvinceName = match
|
87
|
-
organizationName = match
|
88
|
-
organizationalUnitName = optional
|
89
|
-
commonName = supplied
|
90
|
-
emailAddress = optional
|
91
|
-
|
92
|
-
# For the 'anything' policy
|
93
|
-
# At this point in time, you must list all acceptable 'object'
|
94
|
-
# types.
|
95
|
-
[ policy_anything ]
|
96
|
-
countryName = optional
|
97
|
-
stateOrProvinceName = optional
|
98
|
-
localityName = optional
|
99
|
-
organizationName = optional
|
100
|
-
organizationalUnitName = optional
|
101
|
-
commonName = supplied
|
102
|
-
emailAddress = optional
|
103
|
-
|
104
|
-
####################################################################
|
105
|
-
[ req ]
|
106
|
-
default_bits = 2048
|
107
|
-
default_keyfile = privkey.pem
|
108
|
-
distinguished_name = req_distinguished_name
|
109
|
-
attributes = req_attributes
|
110
|
-
x509_extensions = v3_ca # The extensions to add to the self signed cert
|
111
|
-
|
112
|
-
# Passwords for private keys if not present they will be prompted for
|
113
|
-
# input_password = secret
|
114
|
-
# output_password = secret
|
115
|
-
|
116
|
-
# This sets a mask for permitted string types. There are several options.
|
117
|
-
# default: PrintableString, T61String, BMPString.
|
118
|
-
# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
|
119
|
-
# utf8only: only UTF8Strings (PKIX recommendation after 2004).
|
120
|
-
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
|
121
|
-
# MASK:XXXX a literal mask value.
|
122
|
-
# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
|
123
|
-
string_mask = utf8only
|
124
|
-
|
125
|
-
# req_extensions = v3_req # The extensions to add to a certificate request
|
126
|
-
|
127
|
-
[ req_distinguished_name ]
|
128
|
-
countryName = Country Name (2 letter code)
|
129
|
-
countryName_default = AU
|
130
|
-
countryName_min = 2
|
131
|
-
countryName_max = 2
|
132
|
-
|
133
|
-
stateOrProvinceName = State or Province Name (full name)
|
134
|
-
stateOrProvinceName_default = Some-State
|
135
|
-
|
136
|
-
localityName = Locality Name (eg, city)
|
137
|
-
|
138
|
-
0.organizationName = Organization Name (eg, company)
|
139
|
-
0.organizationName_default = Internet Widgits Pty Ltd
|
140
|
-
|
141
|
-
# we can do this but it is not needed normally :-)
|
142
|
-
#1.organizationName = Second Organization Name (eg, company)
|
143
|
-
#1.organizationName_default = World Wide Web Pty Ltd
|
144
|
-
|
145
|
-
organizationalUnitName = Organizational Unit Name (eg, section)
|
146
|
-
#organizationalUnitName_default =
|
147
|
-
|
148
|
-
commonName = Common Name (e.g. server FQDN or YOUR name)
|
149
|
-
commonName_max = 64
|
150
|
-
|
151
|
-
emailAddress = Email Address
|
152
|
-
emailAddress_max = 64
|
153
|
-
|
154
|
-
# SET-ex3 = SET extension number 3
|
155
|
-
|
156
|
-
[ req_attributes ]
|
157
|
-
challengePassword = A challenge password
|
158
|
-
challengePassword_min = 4
|
159
|
-
challengePassword_max = 20
|
160
|
-
|
161
|
-
unstructuredName = An optional company name
|
162
|
-
|
163
|
-
[ usr_cert ]
|
164
|
-
|
165
|
-
# These extensions are added when 'ca' signs a request.
|
166
|
-
|
167
|
-
# This goes against PKIX guidelines but some CAs do it and some software
|
168
|
-
# requires this to avoid interpreting an end user certificate as a CA.
|
169
|
-
|
170
|
-
basicConstraints=CA:FALSE
|
171
|
-
|
172
|
-
# Here are some examples of the usage of nsCertType. If it is omitted
|
173
|
-
# the certificate can be used for anything *except* object signing.
|
174
|
-
|
175
|
-
# This is OK for an SSL server.
|
176
|
-
# nsCertType = server
|
177
|
-
|
178
|
-
# For an object signing certificate this would be used.
|
179
|
-
# nsCertType = objsign
|
180
|
-
|
181
|
-
# For normal client use this is typical
|
182
|
-
# nsCertType = client, email
|
183
|
-
|
184
|
-
# and for everything including object signing:
|
185
|
-
# nsCertType = client, email, objsign
|
186
|
-
|
187
|
-
# This is typical in keyUsage for a client certificate.
|
188
|
-
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
189
|
-
|
190
|
-
# This will be displayed in Netscape's comment listbox.
|
191
|
-
nsComment = "OpenSSL Generated Certificate"
|
192
|
-
|
193
|
-
# PKIX recommendations harmless if included in all certificates.
|
194
|
-
subjectKeyIdentifier=hash
|
195
|
-
authorityKeyIdentifier=keyid,issuer
|
196
|
-
|
197
|
-
# This stuff is for subjectAltName and issuerAltname.
|
198
|
-
# Import the email address.
|
199
|
-
# subjectAltName=email:copy
|
200
|
-
# An alternative to produce certificates that aren't
|
201
|
-
# deprecated according to PKIX.
|
202
|
-
# subjectAltName=email:move
|
203
|
-
|
204
|
-
# Copy subject details
|
205
|
-
# issuerAltName=issuer:copy
|
206
|
-
|
207
|
-
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
|
208
|
-
#nsBaseUrl
|
209
|
-
#nsRevocationUrl
|
210
|
-
#nsRenewalUrl
|
211
|
-
#nsCaPolicyUrl
|
212
|
-
#nsSslServerName
|
213
|
-
|
214
|
-
# This is required for TSA certificates.
|
215
|
-
# extendedKeyUsage = critical,timeStamping
|
216
|
-
|
217
|
-
[ v3_req ]
|
218
|
-
|
219
|
-
# Extensions to add to a certificate request
|
220
|
-
|
221
|
-
basicConstraints = CA:FALSE
|
222
|
-
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
223
|
-
|
224
|
-
[ v3_ca ]
|
225
|
-
|
226
|
-
|
227
|
-
# Extensions for a typical CA
|
228
|
-
|
229
|
-
|
230
|
-
# PKIX recommendation.
|
231
|
-
|
232
|
-
subjectKeyIdentifier=hash
|
233
|
-
|
234
|
-
authorityKeyIdentifier=keyid:always,issuer
|
235
|
-
|
236
|
-
basicConstraints = critical,CA:true
|
237
|
-
|
238
|
-
# Key usage: this is typical for a CA certificate. However since it will
|
239
|
-
# prevent it being used as an test self-signed certificate it is best
|
240
|
-
# left out by default.
|
241
|
-
# keyUsage = cRLSign, keyCertSign
|
242
|
-
|
243
|
-
# Some might want this also
|
244
|
-
# nsCertType = sslCA, emailCA
|
245
|
-
|
246
|
-
# Include email address in subject alt name: another PKIX recommendation
|
247
|
-
# subjectAltName=email:copy
|
248
|
-
# Copy issuer details
|
249
|
-
# issuerAltName=issuer:copy
|
250
|
-
|
251
|
-
# DER hex encoding of an extension: beware experts only!
|
252
|
-
# obj=DER:02:03
|
253
|
-
# Where 'obj' is a standard or added object
|
254
|
-
# You can even override a supported extension:
|
255
|
-
# basicConstraints= critical, DER:30:03:01:01:FF
|
256
|
-
|
257
|
-
[ crl_ext ]
|
258
|
-
|
259
|
-
# CRL extensions.
|
260
|
-
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
|
261
|
-
|
262
|
-
# issuerAltName=issuer:copy
|
263
|
-
authorityKeyIdentifier=keyid:always
|
264
|
-
|
265
|
-
[ proxy_cert_ext ]
|
266
|
-
# These extensions should be added when creating a proxy certificate
|
267
|
-
|
268
|
-
# This goes against PKIX guidelines but some CAs do it and some software
|
269
|
-
# requires this to avoid interpreting an end user certificate as a CA.
|
270
|
-
|
271
|
-
basicConstraints=CA:FALSE
|
272
|
-
|
273
|
-
# Here are some examples of the usage of nsCertType. If it is omitted
|
274
|
-
# the certificate can be used for anything *except* object signing.
|
275
|
-
|
276
|
-
# This is OK for an SSL server.
|
277
|
-
# nsCertType = server
|
278
|
-
|
279
|
-
# For an object signing certificate this would be used.
|
280
|
-
# nsCertType = objsign
|
281
|
-
|
282
|
-
# For normal client use this is typical
|
283
|
-
# nsCertType = client, email
|
284
|
-
|
285
|
-
# and for everything including object signing:
|
286
|
-
# nsCertType = client, email, objsign
|
287
|
-
|
288
|
-
# This is typical in keyUsage for a client certificate.
|
289
|
-
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
290
|
-
|
291
|
-
# This will be displayed in Netscape's comment listbox.
|
292
|
-
nsComment = "OpenSSL Generated Certificate"
|
293
|
-
|
294
|
-
# PKIX recommendations harmless if included in all certificates.
|
295
|
-
subjectKeyIdentifier=hash
|
296
|
-
authorityKeyIdentifier=keyid,issuer
|
297
|
-
|
298
|
-
# This stuff is for subjectAltName and issuerAltname.
|
299
|
-
# Import the email address.
|
300
|
-
# subjectAltName=email:copy
|
301
|
-
# An alternative to produce certificates that aren't
|
302
|
-
# deprecated according to PKIX.
|
303
|
-
# subjectAltName=email:move
|
304
|
-
|
305
|
-
# Copy subject details
|
306
|
-
# issuerAltName=issuer:copy
|
307
|
-
|
308
|
-
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
|
309
|
-
#nsBaseUrl
|
310
|
-
#nsRevocationUrl
|
311
|
-
#nsRenewalUrl
|
312
|
-
#nsCaPolicyUrl
|
313
|
-
#nsSslServerName
|
314
|
-
|
315
|
-
# This really needs to be in place for it to be a proxy certificate.
|
316
|
-
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
|
317
|
-
|
318
|
-
####################################################################
|
319
|
-
[ tsa ]
|
320
|
-
|
321
|
-
default_tsa = tsa_config1 # the default TSA section
|
322
|
-
|
323
|
-
[ tsa_config1 ]
|
324
|
-
|
325
|
-
# These are used by the TSA reply generation only.
|
326
|
-
dir = /etc/ssl # TSA root directory
|
327
|
-
serial = $dir/tsaserial # The current serial number (mandatory)
|
328
|
-
crypto_device = builtin # OpenSSL engine to use for signing
|
329
|
-
signer_cert = $dir/tsacert.pem # The TSA signing certificate
|
330
|
-
# (optional)
|
331
|
-
certs = $dir/cacert.pem # Certificate chain to include in reply
|
332
|
-
# (optional)
|
333
|
-
signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
|
334
|
-
signer_digest = sha256 # Signing digest to use. (Optional)
|
335
|
-
default_policy = tsa_policy1 # Policy if request did not specify it
|
336
|
-
# (optional)
|
337
|
-
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
|
338
|
-
digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory)
|
339
|
-
accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
|
340
|
-
clock_precision_digits = 0 # number of digits after dot. (optional)
|
341
|
-
ordering = yes # Is ordering defined for timestamps?
|
342
|
-
# (optional, default: no)
|
343
|
-
tsa_name = yes # Must the TSA name be included in the reply?
|
344
|
-
# (optional, default: no)
|
345
|
-
ess_cert_id_chain = no # Must the ESS cert id chain be included?
|
346
|
-
# (optional, default: no)
|
@@ -1,30 +0,0 @@
|
|
1
|
-
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
2
|
-
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI/9PYxW9nXMoCAggA
|
3
|
-
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECLrgz9P2kXvGBIIEyMik2zIicpbu
|
4
|
-
+RaCRPYH7u7Nv21eAB5xkBcRt8yvWPDkVA/6bgCVcfpDNVW7yIMszMyEHCtUSoKh
|
5
|
-
XXhTeaTDk0E1ArASv8GWMtycd9kVl5MfEP1QqvP2HcXrYjkXPtQXLhah59vF3iBJ
|
6
|
-
JO7278RzqYlOfmh4j9o+YE3Qt+4kdiNboDYc1RxREridi651N2M9Rzi2xtiwn6Hr
|
7
|
-
CQfZ4MMaQhfp8QRuqGMv24ddWpi3eCySauV+pKuAWeaRTm0KPcng3pKuHwBO31OJ
|
8
|
-
S81MZPojWdKspgsZkXO3RTfndKfB9+Oi5g9SV9KGlV96dRiJkadhXGLPU+8Vpfm6
|
9
|
-
qMDExNPJ7cq70y8lYOEMiXeu8OWuMc8+CWnt5uHpJS9Ig7c9D6gwLAfufymBj6yN
|
10
|
-
6C9UnzjXmnpZYBvU31uET2Y7qmf2x95wCJ3z72XsURsomf5KwyJKEPecV2o1GWrC
|
11
|
-
vsupV41qVu9L9nhlWpmzL99XRxmmy8KE+Tm1LpncCseSIdVWcdZ7DOtLry3kn3a/
|
12
|
-
J61c5/rFWbiKEzuTo+jIAKCVgkOKhy/7V16eOLuvgal6cmi02uKNFZRVhcfNdV99
|
13
|
-
CZ5X12+Cz0p9w/632R9f0qM04clBE3JnT0JeiP3c6cDMCUP6DZtNxwaMIZ+bVPRp
|
14
|
-
M4nBaxk3yE50oyMwvw/+L5KkZ/wAaswuJkFq2Cf6mXjWusr2Hq0Kaz1YAQ3WVaGL
|
15
|
-
YSeuS8LilkJhLQTctvO0zv3tAa9mPnDg5M1bJTUHtnpezIWrwG1VId3Wg1ykUZPV
|
16
|
-
cOk1nr5dJlLbEv86C2unAKCdUKITNKAqcxoRmfi/cUEJIzsWuoDRAxsZ0gcE8y8r
|
17
|
-
izC3RvAazbBndo2EkIPtTrWHdh4ppilgSZ6ETT6rw8ik7fPB48NtnuAaM/G3xtD3
|
18
|
-
B5M5T6W00iPJCPZqMe9LRhiu9VWnamHPQcSnNt/IWXh6C+rwO338o2cXd4uZJGWo
|
19
|
-
tfRjOdLmKjzGVi57jcpKcHyZ+AbiEYE3gsa+6Qiebd2W2hW+VsQJKBfYEGlnW8da
|
20
|
-
WNldU+eZtJFpUbBBBkv878isFXQyrP+22NmgUdU+PfUMKPc0DTDrKGmO3LOptv1k
|
21
|
-
PFtquWON5dlmhrAFvNPl3BH0wVhHFRYm9616jkM27nGvqSnf2F3GQUX+eFwrpTmI
|
22
|
-
N75O4mHEQDVU8JImHrWrjthFVJzkF76BsJA8jit4Oeg5MWlE/Lrvd3eLp+Pi4UIo
|
23
|
-
K2P8Xa9SxFucqEyNkE9YYE2uuTiIwjOwKxE5vVs1iJokEPeH5IMbq0zfDiprFU1o
|
24
|
-
evyKFiDdFHrpGA7wdQ1bHSMbb/YA2TZGnmailwOjBF+jeCh7RZPPhLEg6eviRgwJ
|
25
|
-
8PU00u3+DNZ0HRrCnRU85MbgTiqfBNh1LUqxu6hbf0k4D2vKwKVOgeVEOam3sy7T
|
26
|
-
nV7eUlIIaLKecoPsTUjg91p3JNQ+pNUZR6+9BW15D3d7ANnHp1Vrv2FetQNesHFi
|
27
|
-
XLBJbXgjMxCCExpVHed0LGvrl/GBTYhpRD/G3FDP/QE7UmZgbRdJl9Py21TLoAKQ
|
28
|
-
l+uZ/wEUy4VJAC6smgttK+7vWpSwzNzq6Zyqmlu9pC/y515NWLNUHDybXhOHnaKd
|
29
|
-
OLx8SUhmBHuCQ/EnOM0CXA==
|
30
|
-
-----END ENCRYPTED PRIVATE KEY-----
|
data/examples/ssl_R/serial
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
01
|
@@ -1,28 +0,0 @@
|
|
1
|
-
-----BEGIN PRIVATE KEY-----
|
2
|
-
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDarkxzkR3m+xeQ
|
3
|
-
6UDuPdMk8H8gBhQ6r/HMheOvYKlyhcxWtdlyZcPTEqKcbmeygKTIuSBQpiEzfH0y
|
4
|
-
opc+qdEwaXbQfUNkkfAPddXQPjQo+sw3V6XGHoB0GaiIZW/F09RVlVfWFgvyqUzB
|
5
|
-
QiuhlJrhUdZCSx8o8OZU06tW3E4AOyeDZPkiIGPfV13FHH39MmpNDw8BP9+ezbGf
|
6
|
-
FaZJ9byYkIH+vfEIgGSAqVs3NL2Fu3bE4RFCKL/Mq7xlbxHG4wUVTbKiztpZasx1
|
7
|
-
CJ4K2OWa/QSvSAlXjfireRIBA/bSLKshyjCR+Kyg/pHEp4SVT+Tp/6EGGKypUQud
|
8
|
-
4Ok/mAhZAgMBAAECggEALCDqKpQJLbhTvBll0e3F8vlZHfQ8Fs+0gqouFRDzgLnB
|
9
|
-
T2oo9C3XA3wKNnkNEfdlyV+aRswPfR1NAm/PB4UrQpK1uELe26ebgvMrb3dt/SsH
|
10
|
-
FM/qEv3KvCMFYGjf0lL50T9u1zPhu1kwtPsOZO/hBUEHdJ9GLXPXdxyzwbZ5QxBN
|
11
|
-
UYrplS5gpKY3/xxYqJ+DoiAibMHbX+25Gmals0j9OEnEloe+DsaFWm8SW1ZS9k7Q
|
12
|
-
pcFA29j9dYc2DNPJRUfqfr3Q+pCFwES1QyaoZouXRsXboHCkdsplfYTNMyyEdLGV
|
13
|
-
qe2F+OYQJAD44P3YoOZqeQ2a75by0l5gF/hkzxEUUQKBgQD0Nc1JygKh1cUZytrJ
|
14
|
-
RknZGCARHQPHhxGV4WXAhYshatjih8yBA51HDskURsie78RQBKZJ4xVg+uanrxv/
|
15
|
-
QVH4Nrr2/sovwzduMRB4opyuS0ivE5qCg6y6PGxXk96SurEi6pxp+LQa3jQ3sdX7
|
16
|
-
RED44KxJEg2Q6vS42ti9rlMf7QKBgQDlPPrAyIZUUd+aztTnMuhoSt6uqg+H9mtF
|
17
|
-
kdQOEgaYwOkGa5LxfWnqpvcBsLRQ+twhJUbJrEaBohR0M28KrkV25VeaFlAxPXBL
|
18
|
-
bwCJWEj047UjweJG8LSesvz1HjteYJMpEIm+f8sBQe1GT3hdYWoRdt3sKw8bfF4s
|
19
|
-
MglV/VzEnQKBgQCQJeHTGGaNWD1LiC20eMTGXDMxZssAT33V1oHVLf597y+uJzJT
|
20
|
-
ROrlMpkGWvG4vxZFlTkCjAPmhrL3b6k69jeIJ+YcPTDjGHvzkwqB6ppJVy7ECPI+
|
21
|
-
77JZC6l32FScj45XadyBwMeuxFJWPaZs9lDTluqbBwjy7X0eUC93Zxqx0QKBgQDO
|
22
|
-
QBhIXeLmeKebrJ5HyjjqpPpH4oCIzwBjHrrRUgyXYXIHscALANDMLB8vaSJDfgGS
|
23
|
-
3OwcxaDGP+LxTdmJnZSoTd6Mp6jNNL8VT7EG4eT6WOoAWxBQzX9lDhukGuhFmNSu
|
24
|
-
7M9SE769yehHC3d7ZQs+3Vj8hR1ZmINOdlKKCKRvzQKBgQDnfoNhMLgHMyzxe9QU
|
25
|
-
yIbW0Iy/bZgHgogbiZUSrqccFzZqoJYYppDtf9r/4v/fv33N0LXlTHnmynqdEn2V
|
26
|
-
9uq297R+Xx3JmdBIuHRhYfVWBjPZpS0AaWCg7TWy9IDRs7w0rNnWQIHZ31UXJ1FV
|
27
|
-
IXGqWb8lkCJYf5SJ5wFH9FeKhg==
|
28
|
-
-----END PRIVATE KEY-----
|
@@ -1,22 +0,0 @@
|
|
1
|
-
-----BEGIN CERTIFICATE-----
|
2
|
-
MIIDljCCAn6gAwIBAgIJAJ+xCVRfdiL2MA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNV
|
3
|
-
BAYTAlVLMQ8wDQYDVQQIDAZMb25kb24xGTAXBgNVBAoMEEJpdGZpbmV4IExpbWl0
|
4
|
-
ZWQxETAPBgNVBAsMCFNlY3VyaXR5MRIwEAYDVQQDDAkxMjcuMC4wLjEwHhcNMTcw
|
5
|
-
NjA3MjEzODUzWhcNMTgwNjA3MjEzODUzWjBgMQswCQYDVQQGEwJVSzEPMA0GA1UE
|
6
|
-
CAwGTG9uZG9uMRkwFwYDVQQKDBBCaXRmaW5leCBMaW1pdGVkMREwDwYDVQQLDAhT
|
7
|
-
ZWN1cml0eTESMBAGA1UEAwwJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOC
|
8
|
-
AQ8AMIIBCgKCAQEA2q5Mc5Ed5vsXkOlA7j3TJPB/IAYUOq/xzIXjr2CpcoXMVrXZ
|
9
|
-
cmXD0xKinG5nsoCkyLkgUKYhM3x9MqKXPqnRMGl20H1DZJHwD3XV0D40KPrMN1el
|
10
|
-
xh6AdBmoiGVvxdPUVZVX1hYL8qlMwUIroZSa4VHWQksfKPDmVNOrVtxOADsng2T5
|
11
|
-
IiBj31ddxRx9/TJqTQ8PAT/fns2xnxWmSfW8mJCB/r3xCIBkgKlbNzS9hbt2xOER
|
12
|
-
Qii/zKu8ZW8RxuMFFU2yos7aWWrMdQieCtjlmv0Er0gJV434q3kSAQP20iyrIcow
|
13
|
-
kfisoP6RxKeElU/k6f+hBhisqVELneDpP5gIWQIDAQABo1MwUTAdBgNVHQ4EFgQU
|
14
|
-
ljiy80UAHCJU946wKXxtJAIL6eEwHwYDVR0jBBgwFoAUljiy80UAHCJU946wKXxt
|
15
|
-
JAIL6eEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAsOXXgYSI
|
16
|
-
IDI+ZPErZJ2cb2unsgtd1xwFxd8KTx7ZRmVu+ElnJjMhRyaKOUw4EXhplbQoyK/1
|
17
|
-
EKHqAGpl+uwddafFsx3qK0sMBRH/oSEz6RG5ONRCfISZ2jMSGKfg2AsdJIBD+Wko
|
18
|
-
c5hHFVZk/xkeEri6tI04co9xfl1pJquAtbH0cQyDUISssdUJeC9jRTm8460fBkFg
|
19
|
-
79bbxn+34swSCe/lVIcF6u4Tu7fiaUsUG2XSRyjsNRWrZe0nKmJ3QQsMHYwkua7p
|
20
|
-
HEBJXLzamDdd+0wHyKckk+R7TXa0d2r83t6c7kNVbFwGWl1iljXvtbhnbddzlAzk
|
21
|
-
Ts0eU2wgPtMQQw==
|
22
|
-
-----END CERTIFICATE-----
|