RubyGems - logstash-integration-logstash - Versions diffs - 0.0.2-java → 0.0.4-java - Mend

logstash-integration-logstash 0.0.2-java → 0.0.4-java

Files changed (38) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +8 -0
data/VERSION +1 -1
data/docs/index.asciidoc +5 -4
data/docs/input-logstash.asciidoc +5 -7
data/docs/output-logstash.asciidoc +35 -22
data/lib/logstash/inputs/logstash.rb +1 -1
data/lib/logstash/outputs/logstash.rb +29 -4
data/logstash-integration-logstash.gemspec +1 -0
data/spec/fixtures/certs/generated/client_from_root.jks +0 -0
data/spec/fixtures/certs/generated/client_from_root.key.pem +50 -50
data/spec/fixtures/certs/generated/client_from_root.key.pkcs8.pem +52 -52
data/spec/fixtures/certs/generated/client_from_root.p12 +0 -0
data/spec/fixtures/certs/generated/client_from_root.pem +28 -28
data/spec/fixtures/certs/generated/client_from_untrusted.jks +0 -0
data/spec/fixtures/certs/generated/client_from_untrusted.key.pem +50 -50
data/spec/fixtures/certs/generated/client_from_untrusted.key.pkcs8.pem +52 -52
data/spec/fixtures/certs/generated/client_from_untrusted.p12 +0 -0
data/spec/fixtures/certs/generated/client_from_untrusted.pem +28 -28
data/spec/fixtures/certs/generated/client_self_signed.jks +0 -0
data/spec/fixtures/certs/generated/client_self_signed.key.pem +50 -50
data/spec/fixtures/certs/generated/client_self_signed.key.pkcs8.pem +52 -52
data/spec/fixtures/certs/generated/client_self_signed.p12 +0 -0
data/spec/fixtures/certs/generated/client_self_signed.pem +28 -28
data/spec/fixtures/certs/generated/root.key.pem +50 -50
data/spec/fixtures/certs/generated/root.pem +28 -28
data/spec/fixtures/certs/generated/server_from_root-key-pkcs8.pem +50 -50
data/spec/fixtures/certs/generated/server_from_root.jks +0 -0
data/spec/fixtures/certs/generated/server_from_root.key.pem +50 -50
data/spec/fixtures/certs/generated/server_from_root.key.pkcs8.pem +52 -52
data/spec/fixtures/certs/generated/server_from_root.p12 +0 -0
data/spec/fixtures/certs/generated/server_from_root.pem +29 -29
data/spec/fixtures/certs/generated/untrusted.key.pem +50 -50
data/spec/fixtures/certs/generated/untrusted.pem +28 -28
data/spec/unit/full_transmission_spec.rb +7 -7
data/spec/unit/logstash_input_spec.rb +31 -2
data/spec/unit/logstash_output_spec.rb +25 -2
metadata +16 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 100fe1eebe3923387873e209bafd207562d6efceed2e6e2213cd1c5748087716
-  data.tar.gz: cad431f6322dc5265b2453be888e723f0fa71c4f330786bc76c956f099e80932
+  metadata.gz: 27a5393272c2cfde9c75782f701b1751dd1d3b35225876fb54c36f13ba0696b6
+  data.tar.gz: d7d9337f2c85dcaddfbc7ef79723e3993dda720fe407b5b189d8bc9ee4e1570a
 SHA512:
-  metadata.gz: 4412dafb9ea8a8d48d61ac2b4ac276cf9646abdb7b2b17ee449d6a8fb6a18de59751cd20b3282c53044bc266c74d34fde17bcb8c9b0757a69d5d4add2ffb5f4b
-  data.tar.gz: 4b323e95606d6f07240b4386dc7587862901769a37362f591df5e58099af3dd0c6746789c078f76e02cca228a28bcda250b2a4fe949bc97a8d47b2686f50a904
+  metadata.gz: e4bf91d282d3bfac6a0dae1864db3da98f6ffa02623b9f68eb683d77155d97910b7480442f53a992dda28883a05582e610bc037499b4ed5fcbf51a33b19d65f0
+  data.tar.gz: c6eeb96c776110b415e48d0ce2299f102a3469aaf9673b8870b8e46c02f569c2cf0fd21782a273aa34923673b824730cf128a1569c1e38fdfbc9d831642eb5a9

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,11 @@
+## 0.0.4
+  - Simplify configuration [#13](https://github.com/logstash-plugins/logstash-integration-logstash/pull/13)
+    - Introduce a default `port` of `9800` for both input and output plugins
+    - BREAKING: Introduce `hosts` config to output plugin, _replacing_ its separate `host` and `port` configurations
+## 0.0.3
+  - Doc: Minor doc changes and version bump to facilitate adding integration files to doc build [#14](https://github.com/logstash-plugins/logstash-integration-logstash/pull/14)
 ## 0.0.2
   - Enable data compression [#10](https://github.com/logstash-plugins/logstash-integration-logstash/pull/10)

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.0.2
1	+ 0.0.4

data/docs/index.asciidoc CHANGED Viewed

@@ -29,7 +29,7 @@ The Logstash Integration Plugin provides integrated plugins for sending events f
 [id="plugins-{type}s-{plugin}-concepts"]
 ===== High-level concepts
-You can configure a `logstash` output to send events to a `logstash` input is in another pipeline that is running in a different process or on a different host.
+You can configure a `logstash` output to send events to a `logstash` input in another pipeline that is running in a different process or on a different host.
 To do so, you should first configure the downstream pipeline with a `logstash` input plugin, bound to an available port so that it can listen for inbound connections.
 Security is enabled by default, so you will need to either provide identity material or disable SSL.
@@ -40,7 +40,7 @@ NOTE: You will need a TCP route from the upstream pipeline to the interface that
 ----
 input {
   logstash {
-    port => 8080
+    port => 9800
     # SSL IDENTITY <1>
     ssl_keystore_path      => "/path/to/identity.p12"
@@ -53,12 +53,13 @@ input {
 Once the downstream pipeline is configured and running, you may send events from any number of upstream pipelines by adding a `logstash` output plugin that points to the downstream input.
 You may need to configure SSL to trust the certificates presented by the downstream input plugin.
+NOTE: Single host endpoint is supported for `hosts`. Multi-host support is coming soon.
 [source]
 ----
 output {
   logstash {
-    host => "10.0.0.123"
-    port => 8080
+    hosts => "10.0.0.123:9800"
     # SSL TRUST <1>
     ssl_truststore_path => "/path/to/truststore.p12"

data/docs/input-logstash.asciidoc CHANGED Viewed

@@ -23,10 +23,10 @@ include::{include_path}/plugin_header-integration.asciidoc[]
 ==== Description
 Listen for events that are sent by a <<plugins-outputs-logstash>> in a pipeline that may be in another process or on another host.
-The upstream output must have a TCP route to the port on an interface that this plugin is bound to.
+The upstream output must have a TCP route to the port (defaults to 9800) on an interface that this plugin is bound to.
-NOTE: Sending events to this input by _any_ means other than <<plugins-outputs-logstash>> is neither advised nor supported.
-      We will maintain cross-compatibility with any two supported versions of output/input pair and reserve the right to change details such as protocol and encoding.
+NOTE: Sending events to this input by _any_ means other than `plugins-outputs-logstash` is neither advised nor supported.
+We will maintain cross-compatibility with any two supported versions of output/input pair and reserve the right to change details such as protocol and encoding.
 [id="plugins-{type}s-{plugin}-minimum-config"]
 ===== Minimum Configuration
@@ -40,7 +40,6 @@ NOTE: Sending events to this input by _any_ means other than <<plugins-outputs-l
 ----
 input {
   logstash {
-    port => 8080
     ssl_keystore_path
          => "/path/to/logstash.p12"
     ssl_keystore_password
@@ -55,7 +54,6 @@ input {
 ----
 input {
   logstash {
-    port        => 8080
     ssl_enabled => false
   }
 }
@@ -107,7 +105,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 |Setting                            |Input type        |Required
 | <<plugins-{type}s-{plugin}-host>> |<<string,string>> |No
 | <<plugins-{type}s-{plugin}-password>> |<<password,password>>|No
-| <<plugins-{type}s-{plugin}-port>> |<<number,number>> |Yes
+| <<plugins-{type}s-{plugin}-port>> |<<number,number>> |No
 | <<plugins-{type}s-{plugin}-ssl_certificate>> | <<path,path>>|No
 | <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> |<<array,array>>|No
 | <<plugins-{type}s-{plugin}-ssl_client_authentication>> | <<string,string>>, one of `["none", "optional", "required"]`|No
@@ -146,7 +144,7 @@ Requires <<plugins-{type}s-{plugin}-username>>.
 ===== `port`
 * Value type is a <<number,number>> port
-* There is no default value
+* Default value is 9800
 Specify which port to listen on.

data/docs/output-logstash.asciidoc CHANGED Viewed

@@ -23,7 +23,7 @@ include::{include_path}/plugin_header-integration.asciidoc[]
 ==== Description
 Send events to a <<plugins-inputs-logstash>> in a pipeline that may be in another process or on another host.
-You must have a TCP route to the port on an interface that the downstream input is bound to.
+You must have a TCP route to the port (defaults to 9800) on an interface that the downstream input is bound to.
 NOTE: Sending events to _any_ destination other than <<plugins-inputs-logstash>> is neither advised nor supported.
       We will maintain cross-compatibility with any two supported versions of output/input pair and reserve the right to change details such as protocol and encoding.
@@ -40,8 +40,7 @@ NOTE: Sending events to _any_ destination other than <<plugins-inputs-logstash>>
 ----
 output {
   logstash {
-    host => "10.0.0.123"
-    port => 8080
+    hosts => "10.0.0.123:9801"
   }
 }
 ----
@@ -52,8 +51,7 @@ output {
 ----
 output {
   logstash {
-    host => "10.0.0.123"
-    port => 8080
+    hosts => "10.0.0.123:9801"
     ssl_enabled
          => false
   }
@@ -65,15 +63,15 @@ output {
 [id="plugins-{type}s-{plugin}-config-connecting"]
 ===== Configuration Concepts
-This output plugin needs to be configured to connect to a <<plugins-inputs-logstash>> by specifying its <<plugins-{type}s-{plugin}-host>> and <<plugins-{type}s-{plugin}-port>>.
-Depending on the downstream plugin's configuration, you may need to also configure SSL and/or credentials.
+This output plugin needs to be configured to connect to a <<plugins-inputs-logstash>> by specifying its <<plugins-{type}s-{plugin}-hosts>>.
+Depending on the downstream plugin's configuration, you may need to also configure the target port, SSL, and/or credentials.
 [id="plugins-{type}s-{plugin}-config-ssl-trust"]
 ===== Security: SSL Trust
 When communicating over SSL, this plugin establishes trust of the server it connects to before transmitting credentials or events.
-It does so by ensuring that the server presents a currently-valid certificate with identity claims matching the <<plugins-{type}s-{plugin}-host>> we are configured to connect to, signed by a trusted signing authority, along with proof-of-possession of the associated private key material.
+It does so by ensuring that the responding server presents a currently-valid certificate with identity claims matching host it is connecting to, signed by a trusted signing authority, along with proof-of-possession of the associated private key material.
 The system trust store is used by default.
 You can provide an _alternate_ source of trust with _ONE OF_:
@@ -105,9 +103,8 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 [cols="<,<,<",options="header",]
 |=======================================================================
 |Setting                            |Input type        |Required
-| <<plugins-{type}s-{plugin}-host>> |<<string,string>> |Yes
+| <<plugins-{type}s-{plugin}-hosts>> |<<string,string>> |Yes
 | <<plugins-{type}s-{plugin}-password>> |<<password,password>>|No
-| <<plugins-{type}s-{plugin}-port>> |<<number,number>> |Yes
 | <<plugins-{type}s-{plugin}-ssl_enabled>> |<<boolean,boolean>>|No
 | <<plugins-{type}s-{plugin}-ssl_certificate>> | <<path,path>>|No
 | <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> |list of <<path,path>>|No
@@ -125,23 +122,39 @@ output plugins.
 &nbsp;
-[id="plugins-{type}s-{plugin}-host"]
-===== `host`
+[id="plugins-{type}s-{plugin}-hosts"]
+===== `hosts`
-* Value type is a <<string,string>> ip address or hostname
-* There is no default value
+* Value type is <<string,string>>
+* There is no default value for this setting.
+* Constraints:
+** When using IPv6, IP address must be in an enclosed in brackets.
+** When a port is not provided, the default `9800` is used.
-Specify which host to connect to by providing its ip address or resolvable hostname.
+A downstream input {ls} host or IP address to connect.
-NOTE: when using SSL, the server that responds must present a certificated with identity claim matching this host name or ip address.
+NOTE: Single host endpoint is supported for `hosts`. Multi-host support is coming soon.
-[id="plugins-{type}s-{plugin}-port"]
-===== `port`
+Host can be any of IPv4, IPv6 (in enclosed bracket) or host name, examples:
-* Value type is a <<number,number>> port
-* There is no default value
+* `"127.0.0.1"`
+* `"127.0.0.1:9801"`
+* `"ds.example.com"`
+* `"ds.example:9802"`
+* `"[::1]"`
+* `"[::1]:9803"`
+* `"[2001:0db8:85a3:0000:0000:8a2e:0370:7334]"`
+* `"[2001:0db8:85a3:0000:0000:8a2e:0370:7334]:9804"`
-Specify which port to connect to.
+When connecting, communication to downstream input {ls} is secured with SSL unless configured otherwise.
+[WARNING]
+.Disabling SSL is dangerous
+============
+The security of this plugin relies on SSL to avoid leaking credentials and to avoid running illegitimate ingest pipeline definitions.
+============
+NOTE: when using SSL, the server that responds must present a certificated with identity claim matching this host name or ip address.
 [id="plugins-{type}s-{plugin}-password"]
 ===== `password`
@@ -244,7 +257,7 @@ Password for the <<plugins-{type}s-{plugin}-ssl_truststore_path>>
 * Value type is <<string,string>>
 * The supported modes are:
-** `full`: verifies that a certificate provided by the client has an identity claim matching <<plugins-{type}s-{plugin}-host>>, is signed by a trusted authority (CA), is within its valid date range, and that the client has possession of the associated key.
+** `full`: verifies that a certificate provided by the client has an identity claim matching <<plugins-{type}s-{plugin}-hosts>>, is signed by a trusted authority (CA), is within its valid date range, and that the client has possession of the associated key.
 ** `none`: performs no validation of the presented certificate
 * The default value is `full`.

data/lib/logstash/inputs/logstash.rb CHANGED Viewed

@@ -13,7 +13,7 @@ class LogStash::Inputs::Logstash < LogStash::Inputs::Base
   config_name "logstash"
   config :host,     :validate => :string,   :default => "0.0.0.0"
-  config :port,     :validate => :number,   :required => true
+  config :port,     :validate => :number,   :default => 9800
   # optional username/password credentials
   config :username, :validate => :string,   :required => false

data/lib/logstash/outputs/logstash.rb CHANGED Viewed

@@ -4,14 +4,28 @@ require 'logstash/outputs/base'
 require 'logstash/namespace'
 require "logstash/plugin_mixins/plugin_factory_support"
+require "logstash/plugin_mixins/validator_support/required_host_optional_port_validation_adapter"
 class LogStash::Outputs::Logstash < LogStash::Outputs::Base
+  extend LogStash::PluginMixins::ValidatorSupport::RequiredHostOptionalPortValidationAdapter
   include LogStash::PluginMixins::PluginFactorySupport
   config_name "logstash"
-  config :host,     :validate => :string,   :required => true
-  config :port,     :validate => :number,   :required => true
+  # Sets the host of the downstream Logstash instance.
+  # Host can be any of IPv4, IPv6 (requires to be in enclosed bracket) or host name, the forms:
+  #     `"127.0.0.1"`
+  #     `"127.0.0.1:9800"`
+  #     `"foo-bar.com"`
+  #     `"foo-bar.com:9800"`
+  #     `"[::1]"`
+  #     `"[::1]:9000"`
+  #     `"[2001:0db8:85a3:0000:0000:8a2e:0370:7334]"`
+  #
+  # NOTE: `hosts` naming is intentional and multi-host support is planned.
+  #
+  config :hosts, :validate => :required_host_optional_port, :required => true
   # optional username/password credentials
   config :username, :validate => :string,   :required => false
@@ -31,7 +45,7 @@ class LogStash::Outputs::Logstash < LogStash::Outputs::Base
   config :ssl_verification_mode,       :validate => %w(full none), :default => 'full'
   # SSL:TRUST:SOURCE ca file
-  config :ssl_certificate_authorities, :validate => :path,         :list => true
+  config :ssl_certificate_authorities, :validate => :path, :list => true
   # SSL:TRUST:SOURCE truststore
   config :ssl_truststore_path,         :validate => :path
@@ -83,10 +97,12 @@ class LogStash::Outputs::Logstash < LogStash::Outputs::Base
     logger.debug('inner HTTP output plugin has been closed')
   end
+  DEFAULT_PORT = 9800.freeze
   def inner_http_output_options
     @_inner_http_output_options ||= begin
       http_options = {
-        'url' => "#{@ssl_enabled ? 'https' : 'http'}://#{@host}:#{@port}",
+        'url'                  => construct_host_uri.to_s,
         'http_method'          => 'post',
         'retry_non_idempotent' => 'true',
@@ -119,6 +135,15 @@ class LogStash::Outputs::Logstash < LogStash::Outputs::Base
     end
   end
+  def construct_host_uri
+    scheme = @ssl_enabled ? 'https'.freeze : 'http'.freeze
+    host_port_pair = @hosts # Struct(:host, :port)
+    uri = LogStash::Util::SafeURI.new(host_port_pair[:host])
+    uri.port = host_port_pair[:port].nil? ? DEFAULT_PORT : host_port_pair[:port]
+    uri.update(:scheme, scheme)
+    uri.freeze
+  end
   def ssl_identity_options
     if @ssl_certificate && @ssl_keystore_path
       fail(LogStash::ConfigurationError, 'SSL identity can be configured with EITHER `ssl_certificate` OR `ssl_keystore_*`, but not both')

data/logstash-integration-logstash.gemspec CHANGED Viewed

@@ -25,6 +25,7 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency "logstash-core-plugin-api", ">= 2.1.12", "<= 2.99"
   s.add_runtime_dependency "logstash-mixin-plugin_factory_support", "~> 1.0"
+  s.add_runtime_dependency "logstash-mixin-validator_support", "~> 1.1"
   s.add_runtime_dependency "logstash-codec-json_lines", "~> 3.1"
   s.add_runtime_dependency "logstash-input-http", ">= 3.7.0"  # some params not available in older versions because they are renamed, such as `cacert` to `ssl_certificate_authorities`

data/spec/fixtures/certs/generated/client_from_root.jks CHANGED Viewed

Binary file

data/spec/fixtures/certs/generated/client_from_root.key.pem CHANGED Viewed

@@ -1,52 +1,52 @@
 -----BEGIN PRIVATE KEY-----
-MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCypsae0zNrx6xt
-fixM7w4ZdwGGB5iPc320+rrl+3RNdpInnuVdgqMxCoXtSmOuB/rQ3Lrn5vIZgIxw
-A/tDxf0ztkUo+MHwLKjRVT4YCOKs26K7RPq1NBlgRUxTCiM/hOJ8gZxdKJ+A1d8a
-C4RrDQfKPCYXHT+x9efE1N5cdY7fCkHzpz0eW/UQuNXK8y0n55xBspdv3yPtpbmJ
-7mhwmZeOqtEeZQn3B6s64iBY6saLfc8vng/hJ0xXieeOLqQVH739oUMDDeAtdP3X
-+AkNcunToByYPsUXT8Bg/2NDYEv5gIXkHMqmOJ7+s/cYvznCuqqUynzvEwyIY2b7
-7reB27ww3Hr0bXMAwyl5rQAlsDeiTgM7srV5LoBqoUP4CqluE0DMauI33QeaWnry
-jwwVh48dQ/pPvHEH6fm/HAhh9QgDuehmSknJCbVyxRtnoSQ6UB64LXMh7TD6JIyw
-juDD2zAT+yn3MDjVv3E52FeyVK05mOUDNhHJmvwxTYd+EsbW2PVgSA9GinyUax94
-CfMv9VunP2jo3errEuRTbIxcZ9vg8nvMqj5E6te7rfcFwCu5qpJEl8aMa6LBykCc
-4dNylFZ5F8QNAGsRspri/YVzL9LXOOFqqBrjJ0O7Irg8EfnOLPTGZiDgPM/5k3Gm
-n5Wiq3iLztGSASWk0TZNg09t6ldBlwIDAQABAoICAA80lq8p9rRzuD9Rf9/EcQTF
-1kFcICYFhGuE86djcZCuSN5Kbec5mT4xURjTPgyv7S8dumLGi1CUWl+mVxp7nYNr
-PhOwqIESrAO1J6XQC8r+nqklw9jsaESDYW2n7TwYyVYjifV74aeLjIOg+1JJN6KE
-4BETkjpJXcKpA4wHDXP6YYalc1REK2WS9c9iRzOgSPJmivEgouQ1OMd+nTEIQZgI
-/eeCXgjChFZsrKgkw2VX/exlnaBiQeMpf6XgXmLV4svVj+iQo8X6sShSmiKk5zX1
-6Lkkjo3fYdZfpkkzxwOjZsH1mWHwa8ft9VgL3pSuYppraZrHmkd5fmhu9vt8glXZ
-v5JA8hhEsDC95A9uIldKVJhstt+yHTspitG3JZSU/LAYbnQ/5alG+vtBb/kh/YFX
-rNy5Yy+TtjoIpSoNkOYu/Jg4a+HzLErw5JfBLg5APf34XogqGfK4XmcbPdeMI3Xb
-QIMEmUPis54no/qepFfbROs+3Ejc5wL9jwetVkPpBtPzb9Jy5biVzF5z3YGMIpM8
-ca+8wajPRbzNbKGpTyp7ahcxJ1E/Jx3eICjM6jmRq3aD7tLLTzZIAsSx67sUahv3
-UZoOKg8ImtUlPxqU3hTHJ9A/YQI2a7lqfrxe40rEaby4od8pfdMh6oSUzYLNqIkp
-QNnuRRaSLWQ9FmfM1PzRAoIBAQDDIaX3rlcQ+To7PdPeBc90LNSGxJw0Rs0PlpM+
-SL1w3GiUZML7+4UZgqMXCJXwFzNMP07h5Fs0QAjImAvdGbOccPs5AmWnusO6XJPd
-Ufmx/zFGBMYjPDzyAGXbmWLlIsYursCuFvLX54giqwzerYZRIUVQ0hUspqja8cTK
-l6gfzm44AAs1+ybKcNAxq/0tkPKzGF+lTc86wnNB+w0TY83zNNQERcRjQy6V9cPx
-zn3sGzxAxvcZZMQCfEewoG+aBVI6LCEpL2FjaulV7rjQmXREa/auINnJkGqz40K5
-qPNCZXSwWGMTMCGh3HqNsgctPE7iyS3wpEU5YbKUKxXPj8u1AoIBAQDqYRvEyF7a
-GIAm6gDyJdNe7+LAZWqnkoApONsGPLiYDbD7LjYURQe7OKTQQioLvGtWFJI8fiCw
-r6CIKaBowOOIo/jtSvNxev/yE1XXMpC8ZwVfd+FQJYh+9PSeTq+Il9Bhzi2Nxs8r
-2g/rXWua8he3KTyqnfwn2IVkcsmDBhhzc0TvqxhTTfVQaiteM06b6TVIEqlrN5wf
-bWop83l2wp3Y+ZCvlc9yXDzQIfu4vyZ0KQDXQhjZWwP3Q/qoC/SPa3pUBXRXjJd+
-7IWJp3EIovXaRZEE14roHxUJB+CURQe5D/SecQX1KuAf88ixgZg6EPe4/1dYmtoq
-U+XP53J7rB+bAoIBAQCmp8VdHbxk1cdjM3IRLPs6qNM26xLSHyoiRyMoze1mSAjV
-vJ0/o1jRKd7q3D1a2iXI2EUh7uvqW0plMF7pjnr1gRU/Yom50Gw8bbcoDkxpNqA5
-wfgLvfX7ZlWYUY/CTYnf8wbDaPwtZCTEHz0VrjSKdBUEavkEsq6CmHzP3ukLiT5f
-e8IXb5J40hMuaUsJsMNoLMf7odH8yHiyAJ3xUotiTVtK7t9FO+q8zzN0AT1Q+w3h
-8Uy3lnVF/ikodE38yNCquGf2Ce5uf7Ab4ZBdMMK5cVA09f+sBDjtvIqPkPl6WrZn
-qoWrrK781BajkEpK2zgwv0wKO/KXiJaBr66oIJMFAoIBAEK1Yu7uTLjsckUhIyXI
-iFGkGzjBZMrPErUo3oX28F8uvmmvbGr2fs3VwGsZ+defSDmW30xiZbGEOz+mAWbv
-R5OTf/0h8QoihQiEYlE+rh1BgTD78OAb3q6rz5fjM2jANOoxgZuxszN6/D70NvVB
-5GgYT5EMKEG7CbReS2aEbJ8ndr50RxcmwCSkIzXLipsrlCOwVBIVINV9EdNg3fhk
-SgMAfSLMk9+ryw8+LOQXW72CEiAyStpKYmWVLpl31aKgZ4/UgZmNhWz1qshUJQLd
-RvZaCH2FT57jgdwxJsVspFcS6H/UEWsHSgUuILgM96PHQoqf+l9Yq7GScX1sFZSH
-l/MCggEBAJlBdybam6Eqh84O1h51WTmJzOt9qqXtcG2O/18MQCLKCwQ+FiJXjWUo
-+Y48mW2JO73e9+P8YRnrrjaEGqa9Wb/eh9G6zYb+KjAvwOcFBdsRw1VdPoI6TSmI
-oYsa+Qns9SVdi6MgEjvcVIZFE+gqQLgP2gVPilBa5Ml8MYYsBFHXyUpS2z8rARex
-WWO13IJEPRUV9MJ0sqnOaP3lgGMjeR8Z+9hv5hftiGQ1MwkHkXTgs7UnqstHyEcc
-fxTqoI5k85vNTUtJQCQW/VmVVnnMpyZ8bXaSgS0XhYPrtgOvrRLyUKDetHMb5Wqb
-AiaJwOdPaX7KVKTs7nV/C5DxDY/1EbE=
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDN6cNsA43zDVMD
+u7UQt8rejwFHvE2lCIPKQW0cUaunm1jQiWTtiTzpUDkLQM2j+t1Q56UJ7Z/zjBr3
+44f2yF9GB8+oOtmoP30xt/+vvyewL4i1i/63189TP5O7eGDw8kj+hyDuvNDvulq1
+1YddXPdXRLWjG6zXbmP3iOL/jjzNiMVNLOR7q3nFcpikYZYA9KZDE1qivb6vaASm
+p9E098r4P1MfJlfSw5H8wPUA4sxtU5Ob2mzCGx8Coi5N8ZUlYAQw9S4gwLnGvt77
+xpltMM/VMPz90OvP20bNf3hAvW3Zvv7DkHvlaaW1kLTVFob96UKSlcxum3wHB93y
+GZbYqyqoewIaRglO2OS9Mu1YpKKqk5pr7S6pFcpRPHQjFF0eVJpyBUGUuIOxOsUC
+Ex6VJK7vlmAruMCuJwsAOXjwYcNr0AHJOv9jGnrba9N9jvr1gEpx8sG83upLKAl/
+uNnhsVYhSo8rOhw40VzOqJYjeDic2UAjfIgbz3mVJ8nD/h7gxOiGfGuYVUhIbOw1
+GyKXUPjobdu3tkO+TofYgNbF2TdJWZHHiSE8wz4eaB0UIUa1lIWdsF1Cwz0xIJe/
+46Rf5pQcHxND81MIwPVkK4WuYAqbQ+JwOZIMIStZdG9Lh2aPlfsZqHwupNPfkZM/
+SgFM7cZkU443hs0NW0i0LhsSslsA0QIDAQABAoICABj5qo9WWwhI7HG+eba+ZCfc
+do5J460JvFpy1xYhPc3FhN8+WvSIuc+ewFyCDq8+BUwD3Lu4i7cRnk/E1D/1i8DF
+v8Uq5i2HDdtS8vtRFzJCgbVrdoi771SsmHGbpz5yVLIyl6b9VeZN1yTI8nM7jHCU
+T+epuqwiopNqkgXnLa7MUQoMUOZDJTDytlrxzyzsf6IRHeQxWYiS+EVyg2iGSaMU
+ozNbBjn1KKbcjJr/50W3Zmb39ksQ2RELtMwVaj6vR7LceizU03OswQUO0Jsy2XKF
+T5pFleSPNyZDuMU5dLJ9fQ8hXjW0O7orBBP4eIUhnsaCztn3l/KOXLg5rFc5Y6H1
+5awWy6hfuThbQ2MTbbEUOvcktQJkGrN3eeEl/RcbusSCWRU+ptzsubi3esG2EVYx
+I/KJDd6zXtl4UYEsbtDMMoG02Hz8uU9QTrtbOrh9ByOCE4s6BrTL4K3ErFzVgG1+
+0ilNk0qSFf88/QBH/ofo/cRXS/It05LH0xIjxUoO1DxabsmCoRlFeZujteRNRYGC
+RwVX8mFp9TEJ4mlmJOAEtx+oU7dhT7q082q5oZgOmt3rbII5GsmRyvlFNGRoUwQe
+OowjO6PgF0/d/pTXY0hN+pb6C/q/dP91s2dMZxntuTM8GP4oNnifeOVcXJ5p3rwz
+F2CFmCVUHxjMezk4AnNBAoIBAQD7Mevw5+gPXI29jDUKSkcY7SsqbJYMDd6/K50q
+PWssaNQeebrGo7nUrUYIrn7Np/rzBWQd22aKVFoec7fF6c/yRB5hHedkHoBmkI+7
+dhFSTfF/R8XMmxRrnh68GqezKiaB3ECF37111WNtvjNVAJZFXftfmI/ifov8yhJO
+2F1wO6+86Y/dQUZmrn8LyzXXjcUlVv7x76PjydTYJB5aXPTLQn1ABQD+rABs6KvL
+2m77vwS6X+6r+4jIwdJFuRjgao10dTucyFcs1Jmm/L/twv980xpt2HKa6QZ+emj+
+CGN+cuCpVTnrMEWr0pnxFMNV39RHYY1EsjWTnGil7/aYMACpAoIBAQDR2hnFPsys
+LH6KCAQcsAj8G8UBnjHKWmVYCvVp3+Xi3BqhAUEbYlCe6g2cP4w3j6Bn5iy6zEvb
+A1W3N4rMevtzfFut2ZDtxsr6gN7iXP9/chDqy6DGb5X7AuJP/lUldC8cDqpuRGZQ
+uM+1/SigNrVWzOP27Jm/xbdrBxo6a7c1rybadZJLTooCSKAFb+u59tG/FNIMkuyT
+8g7lbC4QSH/aX8RtAdWk2FL4JCeAupOwnDLL2en8n1I1GdCgWGbJoonT6lCtodBH
+aLT2Zf50FEh8ec6sjTo3Ao9remh8Fh5ID7Yzivo5w4WcJYztbF4Ztyd7hZisz86X
+xSC+oHm/bI/pAoIBAB9dSV+IJVKdtNkBA7JoOd5j5qriag3RQYnPMU2P46zk3e98
+NZUN5msmw4Lb/ttA6TWk665Ksc/93k7FFiIxIpTWapCnwjefE1s7G6dFg74qG0hQ
+NuNoTbFuSdok3eGiFrLKRIgyup5W6ZZPVGt9qkW5CWUTUIvwTxxeQtDzdR9JZJUK
++LqgpuC1Uwmu8ucaPY5/AVBGIsmTbu8Z+2w/BRXIFImE1m32Hgt7NdA7UvY+EKIQ
+zmVM//RJNy8bgH6s70KmTK4z2aawWQsfrftLCMmWNkuW5iBvji8Gq8tkUr/8Kg8a
+pCO4oEpm/m+6rvUvAHt1M8VrFwN6WRq3DqxL+hkCggEAQghM/6IJKUw+7RQkpxpF
+WX8reJzcsf3L0e5w1sXbQo1b27nXUNSY5chkS/w7FOie4tKs1IKgg+QCvso9ZKZ2
+JRrGhmflkMxy5mxStgvpYaL068zzZD2MhhWcPOucw1JR2JRM0LG5OEFPKsbkV7Wf
+ThbezL4aixud4ZG0kRl/5uacZTWFuSiXiKxtnghftn6R9XyJs+cvhkYupcZqoDkP
+8hkcZ+ih32MqiGZn/7u16WbdHQQO+qzvY0IiQbJPdbctg39Br8ExFqc9+iKR9NjF
+DlYN0IIIBXNKydkUs6cKFEbNYF6k6jQ6AK5YMAVfftwBEn8xUX96VIt1CEbayH9S
+sQKCAQEA55p0t4PZ4ATXxWX7Lv/9yXNdQi37e31zl+VxCeI8H+xwZ0Luhkb7xEGP
+T/pXYASzuabRIWnFoj54yWbNfJiSlokfvMbOYgJTFt4xL8rb27IDYO19gwjJ8Ofk
+eo9hxsZlNIKDZWRCCQaMrkz2DknFCX+ICSlsD6BWSFkUZ+fOIRhlznsVgaCCuMf5
+JUq0LcCjhZ/rpWCHq4kuTB32mEPoxvausfNvCYNzgUyuyxbO2zczthXtT+MKpNfV
+8tQYtWWJrQJuddue2G/inz3w2Uzn+v5UX0kDlZAqTnA8RrgKnzijM6p2u3qjCScw
+CjgbIk+XQOnoNKbVTTRkwYuPtxAl7A==
 -----END PRIVATE KEY-----

data/spec/fixtures/certs/generated/client_from_root.key.pkcs8.pem CHANGED Viewed

@@ -1,54 +1,54 @@
 -----BEGIN ENCRYPTED PRIVATE KEY-----
-MIIJrTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQI/0pGJ0NlbWUCAggA
-MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBBFMA93NtehlXsPKIAfqEZJBIIJ
-UFXE0TdO/R6cTxjHeh5Xpp2c25s0MwDv65hx5YndJhftOGsBD+EVb+4TM6U61e6H
-xf+qlWO87sdk9GYEj07F7WHOCzn0QWveSL7AckJuJ2mJyu53iccZNSYYWmJFyIyw
-Cx3yjHgtguCACAECbPAQs0r6s995s+kPha9hHrvEGi5O5b+E3/4jSpG3k//ptgUu
-+ccYvai9PAW6y20Yqt+W4tlx96uUNbP4KdJRX2WXiv2RnLVZfp5SwVlzsVzVj4h7
-0a+ynpfj4T065ox2z+8u45pvoofkrCxU4t5pnN5kJw6IoPEwcN4J9HLhdlT1dbEU
-erAzXmfHtPC9/wrVwmuM44bpLkXOUJPVyLkE5H0VhWl2DafI7GorqWW+fSVbYF/h
-7ALoei9B+TsbJHwTzGL+5H3A3Z3s5MSYkSmkroejvP1Fe0PwZiq7Z72hIswG5mrr
-/ToOQHfkz9P8jAr6Y/ZJzxwQLrnR4YNvjnUyLKazXr6tPSGE4I3ZlGEYqx6WE+PF
-940YG1B7LTvj3B9Gwm2Q2ld1w3OOFnUNEEIMMqV9syYOJETw5oORaQHQ++q+SDpe
-YtUf8/cQihGJcbsFOMI0/uDHXFMEz4NBQxevfPB+krxO5qQFdZTtIvP/OAFnt5hJ
-E9ee9IHIwzYMESCgl90qB8xVLNdefWqY4pyljs1kdMiRmRNUKPGCNTfm1j+SgYIr
-BbTML/7g1TloWabcsdnShxK4idIZYqVYhAe8PtoDAxqIH/T+BhSD2zvkYSgs/1fI
-boeVQT+MGJxgD6fMZPBQU5mi7Auq2AWG0+6mY1TrAW/Gx68a09DHSPvcGWhiXIz7
-hgGW8A+SJfv8Xa/ZWuhJ29zzvyAfN0qbduFuSAHzawxyf21uvd2+ppIfk0/12xSa
-iKM2ee6LND8KNFyLj6/5rIk+9kmfV4VdF5J04UoFOFGrTaP9HdxVWeiPxpo5dTOH
-OqsN3PZhi/ueN2U2I6eDjdTWkWzBH3O6xLqJxV+UuVUbl2yOud6F20Y4H56U+uq8
-S8+9MF6MFfVj01CY0rZvz62dwcC14jQq6E/mFm0aQAm90uuGanTuPvHvir9NQOn7
-crCF89WkWnWMNbp2ptLtEYsT6DZ8k3Sy1PQ/g3PWHmsR9/u8Np1ewU1UhQwXL3Bm
-0xssJU/1xNHVGltzTBW9gw57q671vwB2Wpz9TytonNYtvQAiHWuDECDJPv4b02c+
-gNcwW132e1p6KBa5nDC8lHR0W/SbAWnCF/zA/La7KAxvThRvZrlKN3xDWb2dncyb
-7yzVFFSxEVA5fx5KRqrvWO/cTLmr9TQ9mk72tp76lsD2KeTvLMRMSacc+2Zy60mb
-Vm2Hi3u9cozu9iF67rBR9MIPdtpKlTWHL/B6K7AmPyTwkunD4ponfMiEN5zv+nbv
-XmeeV4MbljO5NiYzQQX54Ge6L6LMMJXTxvK0a6X23NzU+UL9OeGjkrkVdcH4weWo
-5zodOVGXWdsPsAgUJKV40MjJ+RdL6w7gUxEWfC0Rf4ecxKmsemRWgtKSltbZnvcf
-xbP2OcbW4zJOAiVaodujHSGRyGlQMkvVdvYmywfIYNrf/y7w/DXQj/i6p5HR0Rw3
-huicKHERSJtxcI1uXvJZTzzzD8S9GFkP0bPd8OXqoztg2vXmPfBQqRjrQKEsIDnm
-fYoTkucGjvg/pNDXZOt9TVYXu1wN0fb24+/dXIfhWWjz6gVVpLD9MN4gFYPD4bNF
-pQ+hGxtk7+rj9w51GKwIlfiTEwWQMGEgj2okQtbXGLOZZl0wWZRY3i8IE1aC5kIv
-rUiqHsGIswzQENUA3N2rO5hSARjnYQIT1ynrUjuCVluh7FvsebPBD8R6MUNI423x
-aTScd/BUpsew+wQ1ZQWI3xnG5y68WAOamjqGU9ynBVo8oKcsMgcku6swTtV6gq7I
-gFQezHvaEyTuGK/BtqhMfZDBAhzpFZvIO82MhFH45cnKmEvQRZ2XD5OBGgPXgoIY
-ER8xTgyWeaoXtRUdsilBu3trNfhWWu783YI3aRjBbhHPeQz+WbAobT+qYQEVfbFp
-l9iqrixhbGIZj4wFcxhj5qKnuV8HtSjHE/9dgd2rnRqsNYIWRgLRnA7etQ5jU3MD
-kx7OHobGMZuQ1LI7S2ev7LZ1pmgIk2ToMwDgLzhqHXKjC6E1skGbUcbYEgcBjSwV
-IwCLszSS5YGGH1hiL1wlH72trLFDAp5/ZiNa5OD92dx+mMcb8CAOQj7uycmKkfXV
-L0VoRvSr3p1Sj2cN1uvCA510ae22wWdgnAPpvRZEndVJk6Gc0wkWdYxZx6o4tJTR
-8aoMZSmSo/pJBVjA9doFhPdwjDBwRYzbBVMSb7g8fc5rwMtu1tkMqiCJzRxU82Fn
-OCDu+QOyZWAM1nko1uUyr/iAX1KrbTX9C/3nY7k/0sUQPuPIuCLOpnKviansIBmg
-N8uEkZRn8JUY9vQr2+TMcRWxHAA4ILm7ysH6xVkHLAvL6vwNO3AEquk2YZfs4rIm
-lYDIsAxGLOUg9bL4h8e+2ublTWNa4euJLjjrPXcpmIHtHcIey6YtijYBO2bD1QIs
-7IaMKvVv518lBVsG5m/RgcfrDrA9hI2lSzG36nXY0BxJmiaT52z7PQf8pNDs8cqk
-1F3xCZyS3EteXB1UV8k3Tcy0h2VGLbpegJCfAxNpncaSIL+QwI2uQJd7RYi+SXVQ
-ja9jAXdv5+4gLoFf70pn6OATuvD2yI+v6cA5kBsap9LtuzlNciJjuGEiQkZGSgJM
-usOTzSS4ifwrli/ii5iEMXJzqFsucahLqZwklV/F/U41WW1Nnju2I/Iza3t8hGdh
-WS3J7CEwYx7wdZgHTYmArDexDtXyzEyb2p+GX35rOMQmMl7ojlPr/WFcJvI1jw1J
-wuAPLm7scliej/BfKn+aDMWDMnJfTBC9W6CFka41tRSWqoneNj+YMBWsQQHM9TUi
-H6T6j1luBamVWAMugwi+RJzzgL1aM29KLM+IZTL9T8iVItm2CCESyULBPy4tu9x3
-0+MJn7mH/JK3nFKWJUc4fT7MEiOAWbY5QW0MjGZ5okA/jbquUmYLX3VOPVtboKnf
-wy1Pi4itF2oXetGx4Zh03VuOOzYS/y/9uYNAxrs3Jhwjc+H15iF5308Mp80MT/tk
-BdYEGMVRxnZi834LaTyb0LwI0Bu3S7eYngKrV4I/Gtnm
+MIIJrTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIbFZZr1ZBKQUCAggA
+MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBDa1RXlkrCJZ7ezzwXyyEFxBIIJ
+UPskWxablY0V7QaO9kI6/g6ddLfddipdjosDeQh2gbimCryWEI05PzoXiIiZrao5
+7S+/HryjSI9J5fpt5BHvI6xlMQuQ/ZryxrJncGgf1X9JC4RFVmRoihcwRtUf4Fzm
+lD/NJZDqNwAx2rbVe8jrQSnzl+iIva5HkHDC1aFvst4beWvxG1P3BlZdFr2wyw8j
+WncFFZ+zpUq9WVmrSFNVXKmkjMS5meKJWtqT0W7gksdkTEtZ2OWbpkfG1d1i+cwG
+ZHWt+8hAF22s08WTRDx/28QHQ38HMroKD9KIa8eNqJMqib93IiC95x++Nhjt9UKk
+S5umgy3J0xRKn3+PmYERh/ZqUWSRQUlg+lvMagm5DVn+/7bxi6KdsHkOh8i4+vv1
+hl8GVbbZtBXCivvgpcPlYburW+MxoT4NX0KpcpyYcMkdttG9uf+EYuGaXxfhQLxr
+DXLI0xjEqUnBQfcf/xV7A/yVqaQFCKYAsxbdC66J8HFlUdZffXOTtESZXAtHfS3z
+h8XKjhnG2zhyNTPJpXfJLaBmd9xahGzC6fu/nbzcwrlymKzQ5cjY6r+sMjQflf+z
+N2lSBwi9xUlNDA1yVZ3QDRslmf/Ah6q28JUXJXxYarvt7u73bJ5LvW5Wxvz7cb9k
+XqqAyvdqHdhMuWKWq+bXyY6EG2e5KibDf3y5Xguxl/dFDVvRChIgZtD5cTndqan1
+Lm6Tk4SPKJbJ61c2Mpc5XykR5YsURLYYdv/utVYyZY7YneWjUYcqp8UZZKVqtBRz
+NIhbDyyCIAD+psN3+Wl1V4xqrEWSKS2S6+nIs5CP1pG0Cgn69xoNnjfAY90qvy1J
+reKiBSUVTpT4MI2aRqA4GCq0RIP+fjDIEXOSDMVttg7SYkhFLhURY5fdh8K5H444
+jXKkId3EZr2NG7IukDmQoSTTlfI7PthPRxvrrR0V3Cu3USMkZAghLHM8PlUmTqzd
+Gq1ILQbeaojPaDRqml0ZRsToLgWuHRgpySuBAbwh7jf7OmnTcVFS68XqAymcdWuk
++yA7DRcx7+h/maIk8UoRTSUI1UdDpnzKCsBNLPhT+dzUJqJlvrGSzmMtP0DBbkPL
+hYNfFofyRqA8DZnSw2jQGH130F9RBI9E74ZT93WTrDaqZd/xQONZmyh9Fat7YA2z
+vzg0svfEtWYw4ZbucV1cLvBN0FWVtGGzlskJ8a+5fkACRM5gEqvDstUcgKHMOikG
+HFQzcidNIsUaE2fMUd1pJ6E+l6wnJ5ol47uIpdZK/7jZgSXx15XRvyrTiqTwCkK+
+hjS2f8FyisC6VP0vOXx62r+TzMQSf8ET/FT62C71CMlKR5kroW0XEaElg7ymt7kX
+Mj+PzXsKwlj2AyI/1sFpUWOwM448XPc1beInQ6A19MIlssms29fii30USWPtUQ0z
+PMZwI9j4d5JFYhbS1C06Q4QYv2yatjdzAo2/8LkkEnD0sVicLCZzM3modLalFLCM
+x9m/n+32uXbXcJeK7ucZKJ3trHETdf9GKycPNvm56ESdvzzE7a3U2H7FG4m0/Bb4
+o/tufPOP5IT5SVcBSiG8sPZYz2Hb+4nfnEv9HTWDuqdyFsynpEm7Q/qopWDnM+mY
+1rC4IVWDF7jfApPxCzMRuhBYvTNd7B/Mpxpv38GTi2Iy5M1goKvS7GTIf3B6VDva
+oPFEFCK6e9aKyyzELrZY2UH5gcykWH+5XK7lM12+Z3v4XFKC7hOh4lbxM3iUwyb4
+rTNep6HM4rdyC3ZvbDckmsIx9f+vzq47UDWs3h2TKR43TJRaXsBVKRLi8aROjn9a
+1w4yv71sMMQgB8FvXVbuKZRP853Q7h7wKx2yfiNhXJDU+x1yXk0mIXtdTf4JOwwy
+NWnajwu28cYnM9YhOoEMpdbTDUmuZTvsXX9Mwb2JpjbOFPoCvZVHseTqoJlLCJwg
+AR+rxdafnFvrkjbx3i+X5nl1lBnAom+iplotBSr8OICSwY7I2pqU7JaxC82Qs38s
+TW+e0dK7L2osETPu6sO3nkBomFWrKo1mscwWuEbuT4c9Tt7vCvYeJ034oJ6xL8lu
+uq6CvlBXGZJl/cbVHTfsQ5MMHfysg2giHIvWUnwki27IkkLY/fQ6AY6yN8V7PiW0
+IO3D14ys3BFuyeS7YHUXhmEz4l6kW2Qun/TDFnDFzfC4RbhV1sFnes4thDACp8G/
+sWJbKQZQtLKNjRWLH7vqyTy96dSSrNbiHJ8piGyCdP2+Gy4+zuBqvCoL0G6YJZuP
+p5Y2vsJoud5II9K4281kxThh40tjVDsvVL2EjgW0xpZhbT/HJkgKdvxryChOIy+U
+KXCoLsGX2YaBO/Iep/PNq4o7qsGQHZYx4yUgXQxXyIH7vDK7xJUOMak58KRNCKHE
+YdMrVV8ciJbqotYHOk7nzDpF3Ah8PZ07F8uq/LfvqBw48Fq4Ap1DhPamKWX7ovdc
+ZoC5punX8y2qk9NcSZ155lLP1SGFdsuW9hKIw6H0FFlI9mu5dKUp3wO42rP3iv+l
+O0FZ1OJs2cAgIZqF4WaY7DjlZa9IxFrEBGjkmH5oZ3m5EY9jYSe/oqidu7OaMxPI
+OUulL9b+yp6YKWVw43xOBSwUIZbfUV3QTSf1TxP1ebl/GjiHeR088OwOmcnESgOi
+KyRhpMqzEP+Yqn0yawr/cumNTvJzkp4y1LIa2aIrnNsnE/xf/4/CjXhip2E8ekFB
+C33Ub6C55SMRp3aJtWIUyi9sPSdNV/n0vUSDCtoYI9h7EPY9Iepx/S0GVLTHKPIl
+jwVBhtq8WZGnWxm2TA38jcvF94KQWBd6NNHhy8kexCVzvlYVaGKflSSp9PHMQZgY
+bmuTvwRqhgA/5cYOxhyIc2lJTxj7nSyLVrg0txKOSYXS0e8uPSsi/KoscV5aBbRG
+S9dbZLsq9OuOYAL9LX0lufor2CloqnKRZXZgChTCcwsg4vCf6P4luhtXMAz7ZBau
+80MmFEgkfk1+H3FLsvplVKTiKTH6dFd+Sb7sjKe4Lj2nx4F77k3csa9Me3e4IoEn
+2dJNMgRbe70/vQ1JH4eMNRQrcGu+CWP4YG8jRU0u9xKofck5nMZD9Yrlbcf2Bavi
+E450La18i7v+JHm1A+qrF74hF8X+I7hOFU9ud//MPPILdRRRbXRKOOQ16IpYauz3
+wJ0cfKixHS29wMHewE06glcHKq3uIKY/bONuxwQy3FT/
 -----END ENCRYPTED PRIVATE KEY-----

data/spec/fixtures/certs/generated/client_from_root.p12 CHANGED Viewed

Binary file

data/spec/fixtures/certs/generated/client_from_root.pem CHANGED Viewed

@@ -1,35 +1,35 @@
 -----BEGIN CERTIFICATE-----
 MIIGATCCA+mgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBRMQswCQYDVQQGEwJMUzEL
 MAkGA1UECAwCTkExEzARBgNVBAcMCkh0dHAgSW5wdXQxETAPBgNVBAoMCExvZ3N0
-YXNoMQ0wCwYDVQQDDARyb290MB4XDTIzMDkyNzIxNDgyOVoXDTI2MDkyNzIxNDgy
-OVowUzELMAkGA1UEBhMCTFMxCzAJBgNVBAgMAk5BMRMwEQYDVQQHDApIdHRwIElu
+YXNoMQ0wCwYDVQQDDARyb290MB4XDTIzMTAwMzA0MzY1MloXDTI2MTAwMzA0MzY1
+MlowUzELMAkGA1UEBhMCTFMxCzAJBgNVBAgMAk5BMRMwEQYDVQQHDApIdHRwIElu
 cHV0MREwDwYDVQQKDAhMb2dzdGFzaDEPMA0GA1UEAwwGY2xpZW50MIICIjANBgkq
-hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsqbGntMza8esbX4sTO8OGXcBhgeYj3N9
-tPq65ft0TXaSJ57lXYKjMQqF7Upjrgf60Ny65+byGYCMcAP7Q8X9M7ZFKPjB8Cyo
-0VU+GAjirNuiu0T6tTQZYEVMUwojP4TifIGcXSifgNXfGguEaw0HyjwmFx0/sfXn
-xNTeXHWO3wpB86c9Hlv1ELjVyvMtJ+ecQbKXb98j7aW5ie5ocJmXjqrRHmUJ9wer
-OuIgWOrGi33PL54P4SdMV4nnji6kFR+9/aFDAw3gLXT91/gJDXLp06AcmD7FF0/A
-YP9jQ2BL+YCF5BzKpjie/rP3GL85wrqqlMp87xMMiGNm++63gdu8MNx69G1zAMMp
-ea0AJbA3ok4DO7K1eS6AaqFD+AqpbhNAzGriN90Hmlp68o8MFYePHUP6T7xxB+n5
-vxwIYfUIA7noZkpJyQm1csUbZ6EkOlAeuC1zIe0w+iSMsI7gw9swE/sp9zA41b9x
-OdhXslStOZjlAzYRyZr8MU2HfhLG1tj1YEgPRop8lGsfeAnzL/Vbpz9o6N3q6xLk
-U2yMXGfb4PJ7zKo+ROrXu633BcAruaqSRJfGjGuiwcpAnOHTcpRWeRfEDQBrEbKa
-4v2Fcy/S1zjhaqga4ydDuyK4PBH5ziz0xmYg4DzP+ZNxpp+Voqt4i87RkgElpNE2
-TYNPbepXQZcCAwEAAaOB4TCB3jAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIF
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzenDbAON8w1TA7u1ELfK3o8BR7xNpQiD
+ykFtHFGrp5tY0Ilk7Yk86VA5C0DNo/rdUOelCe2f84wa9+OH9shfRgfPqDrZqD99
+Mbf/r78nsC+ItYv+t9fPUz+Tu3hg8PJI/ocg7rzQ77patdWHXVz3V0S1oxus125j
+94ji/448zYjFTSzke6t5xXKYpGGWAPSmQxNaor2+r2gEpqfRNPfK+D9THyZX0sOR
+/MD1AOLMbVOTm9pswhsfAqIuTfGVJWAEMPUuIMC5xr7e+8aZbTDP1TD8/dDrz9tG
+zX94QL1t2b7+w5B75WmltZC01RaG/elCkpXMbpt8Bwfd8hmW2KsqqHsCGkYJTtjk
+vTLtWKSiqpOaa+0uqRXKUTx0IxRdHlSacgVBlLiDsTrFAhMelSSu75ZgK7jAricL
+ADl48GHDa9AByTr/Yxp622vTfY769YBKcfLBvN7qSygJf7jZ4bFWIUqPKzocONFc
+zqiWI3g4nNlAI3yIG895lSfJw/4e4MTohnxrmFVISGzsNRsil1D46G3bt7ZDvk6H
+2IDWxdk3SVmRx4khPMM+HmgdFCFGtZSFnbBdQsM9MSCXv+OkX+aUHB8TQ/NTCMD1
+ZCuFrmAKm0PicDmSDCErWXRvS4dmj5X7Gah8LqTT35GTP0oBTO3GZFOON4bNDVtI
+tC4bErJbANECAwEAAaOB4TCB3jAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIF
 oDAzBglghkgBhvhCAQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQgQ2xpZW50IENlcnRp
-ZmljYXRlMB0GA1UdDgQWBBT1Bb7dDiHwnrNSmhEKeqvj/J3uQjAfBgNVHSMEGDAW
-gBRmFJo4weWfyYP7yaT+jH+wk7jWKjAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYw
+ZmljYXRlMB0GA1UdDgQWBBS1DozP7Ov25cJeDW3IXq1c6+Sx4zAfBgNVHSMEGDAW
+gBQz/zI1tCfs7stYavc3NvY/DDDBGDAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYw
 FAYIKwYBBQUHAwIGCCsGAQUFBwMEMBoGA1UdEQQTMBGCCWxvY2FsaG9zdIcEfwAA
-ATANBgkqhkiG9w0BAQsFAAOCAgEAMNog4nYJ3ebL9mic0qS1kk7PryhTe33/kJSQ
-sjDspod3tI3RHHfvhRX+ObVGw3abUcKsJqZPXog0h+90ac5oBQb9W0bO5wDsUOij
-uuNIhJjASNc+rfE3j6JI8Z6by6OsRlmfjdwETrVZYDhFlQmNfteXdt7iBh8PuBeR
-WXLsWlU8GXVi/sn57Ewai0Eor8aSUYp5BHi5W+aoDE+4TTjyJQi65I7l9irh22Em
-PabFAksfuLPXhBE5VjVfXVq4VieajGf8xIMiJQQKxduK5umVB1/Qm82Ypw8odnjk
-tZcNhwC2PeJrNcwTEKF7zm5ETJKozt572lwXkSxpNttUO3qqKnwJgYUxWLMin/wj
-p/Mlf4KkPvUVw+SyWDAMNnd+Ld2N1VSoHnQ/9nVpxbf0uhZqkk0VG62QRpgFBh95
-eTvLYGEbU5cbgtMP0dvR958PlCZCzFKs0YohhlidA2TVrWiMWoSgQgvA30otv113
-uvQ1+k0EsH1bYh/TFjOGSLflgWRHknaiLpq/TMTQ0AGwI6MMZ6TPCstcYNIzl0tg
-trVwCOl9j/lx2B0yZR8oK0Ha+gIb716M/WRknKevMxLBLva8pDeCVqXI1bOWEMva
-KUH4MzfJfrvpJQ99EiV93hqBAA0cd/Ti9+Y7s2EWLl+vicES0VXfF1zvrg/LXX1t
-RbkJhlE=
+ATANBgkqhkiG9w0BAQsFAAOCAgEAtdiU8wM37Q7V3axzEBZf2prwRQSyA1Sxd1+a
+EuAk0B93ynRhOkIoW0EmJQzOh5lB/V4fkce+PwIZb9j2cH1DnTJyE/XjZ6Y/p1f/
+Fpk2xbSiaRGwhetotQCpEmNBwKng1VD3wgzp942sCn0ddswgJQ/5KEt+H9vJuuKu
+CC503HUQ58pfiYJc5Kwz9cboYSR0VoRJ+iVdmXGHOW+8oHwt6F/Hd6GN/HX/s9FC
+UQ6KYxFUQM/oAvxJ8FNmaL4kNQvZW9MQebpyTVPwZwq7hNqDndUicXVMuD2DzbCU
+S0OLvYzLnAW9v4niTNRRTh6hjQnlAZOXdGuwPgmcIIfq3X7Mdme26d+J2AddPDc/
+olOQFydJJ7dyYh6DKI/bK71IengFm3vokPZooZU/0D1VZkcMFITvNnXxgtud5nW5
+ghNCfDCE+y8gU+C9djUC3kBZtxEP4n2RDoAzy44U0QKA31j7dy/KTy1UzIaVHiLL
+TtJc5Kuyb2xAM76ySoIZCpF+k7c1ZipOkKnOV7ZYDYqWIxzfTBgDOcux9LJDkBUF
+LLsBdg/818evYFC8sf28DiLJNZen8o2DHhN4XDx7dT5VPHLquLWOJMubYMCBbFGB
+wKu5HdANuPV+ohUCnatFlfwG2Vju/0qPozfkixy5esF5EuUHrTHvDUvoMliA7rCN
+yzJa2MI=
 -----END CERTIFICATE-----

data/spec/fixtures/certs/generated/client_from_untrusted.jks CHANGED Viewed

Binary file