node-opcua-pki 4.18.0 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (85) hide show
  1. package/CHANGELOG.md +11 -1
  2. package/bin/crypto_create_CA.js +4 -6
  3. package/certificates/CA/conf/caconfig.cnf +125 -0
  4. package/certificates/CA/conf/caconfig.cnf.tmp +125 -0
  5. package/certificates/CA/crl/revocation_list.crl +16 -0
  6. package/certificates/CA/crl/revocation_list.der +0 -0
  7. package/certificates/CA/crlnumber +1 -0
  8. package/certificates/CA/crlnumber.old +1 -0
  9. package/certificates/CA/index.txt +24 -0
  10. package/certificates/CA/index.txt.attr +1 -0
  11. package/certificates/CA/index.txt.attr.old +1 -0
  12. package/certificates/CA/index.txt.old +23 -0
  13. package/certificates/CA/private/cakey.csr +77 -0
  14. package/certificates/CA/serial +1 -0
  15. package/certificates/CA/serial.old +1 -0
  16. package/certificates/PKI/own/openssl.cnf +72 -0
  17. package/certificates/PKI/own/openssl.cnf.tmp +72 -0
  18. package/certificates/client_cert_1024.pem.csr +49 -0
  19. package/certificates/client_cert_2048.pem.csr +70 -0
  20. package/certificates/client_cert_3072.pem.csr +90 -0
  21. package/certificates/client_cert_4096.pem.csr +112 -0
  22. package/certificates/client_public_key_1024.pub +6 -0
  23. package/certificates/client_public_key_2048.pub +9 -0
  24. package/certificates/client_public_key_3072.pub +11 -0
  25. package/certificates/client_public_key_4096.pub +14 -0
  26. package/certificates/config.js +18 -0
  27. package/certificates/discoveryServer_cert_1024.pem.csr +49 -0
  28. package/certificates/discoveryServer_cert_2048.pem.csr +70 -0
  29. package/certificates/discoveryServer_cert_3072.pem.csr +91 -0
  30. package/certificates/discoveryServer_cert_4096.pem.csr +112 -0
  31. package/certificates/discoveryServer_public_key_1024.pub +6 -0
  32. package/certificates/discoveryServer_public_key_2048.pub +9 -0
  33. package/certificates/discoveryServer_public_key_3072.pub +11 -0
  34. package/certificates/discoveryServer_public_key_4096.pub +14 -0
  35. package/certificates/server_cert_1024.pem.csr +49 -0
  36. package/certificates/server_cert_2048.pem.csr +70 -0
  37. package/certificates/server_cert_3072.pem.csr +90 -0
  38. package/certificates/server_cert_4096.pem.csr +112 -0
  39. package/certificates/server_public_key_1024.pub +6 -0
  40. package/certificates/server_public_key_2048.pub +9 -0
  41. package/certificates/server_public_key_3072.pub +11 -0
  42. package/certificates/server_public_key_4096.pub +14 -0
  43. package/dist/lib/ca/certificate_authority.d.ts +2 -11
  44. package/dist/lib/ca/certificate_authority.js +336 -381
  45. package/dist/lib/ca/crypto_create_CA.d.ts +1 -2
  46. package/dist/lib/ca/crypto_create_CA.js +26 -63
  47. package/dist/lib/ca/templates/ca_config_template.cnf.js +3 -3
  48. package/dist/lib/index.d.ts +0 -1
  49. package/dist/lib/index.js +1 -2
  50. package/dist/lib/misc/applicationurn.js +1 -1
  51. package/dist/lib/pki/certificate_manager.d.ts +1 -21
  52. package/dist/lib/pki/certificate_manager.js +277 -315
  53. package/dist/lib/pki/templates/simple_config_template.cnf.js +3 -3
  54. package/dist/lib/toolbox/common.d.ts +0 -1
  55. package/dist/lib/toolbox/common.js +1 -1
  56. package/dist/lib/toolbox/common2.d.ts +1 -1
  57. package/dist/lib/toolbox/common2.js +20 -7
  58. package/dist/lib/toolbox/config.js +1 -1
  59. package/dist/lib/toolbox/debug.js +1 -1
  60. package/dist/lib/toolbox/display.d.ts +4 -4
  61. package/dist/lib/toolbox/display.js +5 -17
  62. package/dist/lib/toolbox/index.js +1 -1
  63. package/dist/lib/toolbox/with_openssl/_create_random_file.d.ts +2 -3
  64. package/dist/lib/toolbox/with_openssl/_create_random_file.js +27 -16
  65. package/dist/lib/toolbox/with_openssl/create_certificate_signing_request.d.ts +1 -6
  66. package/dist/lib/toolbox/with_openssl/create_certificate_signing_request.js +42 -47
  67. package/dist/lib/toolbox/with_openssl/create_private_key.d.ts +2 -8
  68. package/dist/lib/toolbox/with_openssl/create_private_key.js +71 -77
  69. package/dist/lib/toolbox/with_openssl/create_self_signed_certificate.d.ts +1 -1
  70. package/dist/lib/toolbox/with_openssl/create_self_signed_certificate.js +89 -101
  71. package/dist/lib/toolbox/with_openssl/execute_openssl.d.ts +5 -7
  72. package/dist/lib/toolbox/with_openssl/execute_openssl.js +102 -116
  73. package/dist/lib/toolbox/with_openssl/install_prerequisite.d.ts +4 -6
  74. package/dist/lib/toolbox/with_openssl/install_prerequisite.js +254 -242
  75. package/dist/lib/toolbox/with_openssl/toolbox.d.ts +7 -10
  76. package/dist/lib/toolbox/with_openssl/toolbox.js +40 -25
  77. package/dist/lib/toolbox/without_openssl/create_certificate_signing_request.d.ts +0 -5
  78. package/dist/lib/toolbox/without_openssl/create_certificate_signing_request.js +1 -11
  79. package/dist/lib/toolbox/without_openssl/create_self_signed_certificate.d.ts +1 -1
  80. package/dist/lib/toolbox/without_openssl/create_self_signed_certificate.js +5 -5
  81. package/dist/lib/toolbox/without_openssl/deprecated_create_private_key.d.ts +0 -0
  82. package/dist/lib/toolbox/without_openssl/deprecated_create_private_key.js +2 -0
  83. package/dist/lib/toolbox/without_openssl/index.d.ts +0 -1
  84. package/dist/lib/toolbox/without_openssl/index.js +1 -2
  85. package/package.json +7 -9
package/CHANGELOG.md CHANGED
@@ -4,9 +4,19 @@ All notable changes to this project will be documented in this file. Dates are d
4
4
 
5
5
  Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog).
6
6
 
7
+ #### [5.0.0](https://github.com/node-opcua/node-opcua-pki/compare/4.18.0...5.0.0)
8
+
9
+ - BREAKING CHANGE: remove callback support to favor async/await [`85a6262`](https://github.com/node-opcua/node-opcua-pki/commit/85a6262d05a15e5ddf007eac78279582c2d1a908)
10
+ - chore: formatting [`4e0af65`](https://github.com/node-opcua/node-opcua-pki/commit/4e0af65d6d576a2b8f0f6b07d9f27de440fcd382)
11
+ - update copyright year [`6eadac5`](https://github.com/node-opcua/node-opcua-pki/commit/6eadac5e5d2ff0f80cab8e3df174ec05971e0fd4)
12
+
7
13
  #### [4.18.0](https://github.com/node-opcua/node-opcua-pki/compare/4.17.0...4.18.0)
8
14
 
9
- - .adjust release-it.json [`094a11e`](https://github.com/node-opcua/node-opcua-pki/commit/094a11e430ce0285b595d47e63daa2deacc8a4d7)
15
+ > 16 December 2024
16
+
17
+ - chore: release v4.18.0 [`65ef098`](https://github.com/node-opcua/node-opcua-pki/commit/65ef0986a9e8937fb5d7d2ae3ed68649875ca09c)
18
+ - replace deprecate string.substr with string.substring [`735ebe3`](https://github.com/node-opcua/node-opcua-pki/commit/735ebe322089c380321e39d16b60a440d3487fef)
19
+ - buildIdealCertificateName now replace / or \ with _ to avoid building invalid filename from certificate CN [`20aee24`](https://github.com/node-opcua/node-opcua-pki/commit/20aee24f1a3a0950cb206aa9570ba6b6b8f16a97)
10
20
 
11
21
  #### [4.17.0](https://github.com/node-opcua/node-opcua-pki/compare/4.16.0...4.17.0)
12
22
 
package/bin/crypto_create_CA.js CHANGED
@@ -1,4 +1,4 @@
1
- #!/usr/bin/env node
1
+ #!/usr/bin/env node
2
2
  /* eslint-disable @typescript-eslint/no-var-requires */
3
3
  // ---------------------------------------------------------------------------------------------------------------------
4
4
  // node-opcua-pki
@@ -30,8 +30,6 @@
30
30
  const _pkg = require("../package.json");
31
31
 
32
32
  // eslint-disable-next-line no-undef
33
- require("../dist/lib/ca/crypto_create_CA.js").main(process.argv.splice(2), () => {
34
- /* empty */
35
- // xx updateNotifier({pkg}).notify();
36
-
37
- });
33
+ const { main } = require("../dist/lib/ca/crypto_create_CA.js");
34
+
35
+ main(process.argv.splice(2));
package/certificates/CA/conf/caconfig.cnf ADDED
@@ -0,0 +1,125 @@
1
+ #.........DO NOT MODIFY BY HAND .........................
2
+ [ ca ]
3
+ default_ca = CA_default
4
+ [ CA_default ]
5
+ dir = /home/etienne/projects/node-opcua-pki/certificates/CA # the main CA folder
6
+ certs = $dir/certs # where to store certificates
7
+ new_certs_dir = $dir/certs #
8
+ database = $dir/index.txt # the certificate database
9
+ serial = $dir/serial # the serial number counter
10
+ certificate = $dir/public/cacert.pem # The root CA certificate
11
+ private_key = $dir/private/cakey.pem # the CA private key
12
+ x509_extensions = usr_cert #
13
+ default_days = 3650 # default validity : 10 years
14
+
15
+ # default_md = sha1
16
+
17
+ default_md = sha256 # The default digest algorithm
18
+
19
+ preserve = no
20
+ policy = policy_match
21
+ # randfile = $dir/random.rnd
22
+ # default_startdate = YYMMDDHHMMSSZ
23
+ # default_enddate = YYMMDDHHMMSSZ
24
+ crl_dir = $dir/crl
25
+ crl_extensions = crl_ext
26
+ crl = $dir/revocation_list.crl # the Revocation list
27
+ crlnumber = $dir/crlnumber # CRL number file
28
+ default_crl_days = 30
29
+ default_crl_hours = 24
30
+ #msie_hack
31
+
32
+ [ policy_match ]
33
+ countryName = optional
34
+ stateOrProvinceName = optional
35
+ localityName = optional
36
+ organizationName = optional
37
+ organizationalUnitName = optional
38
+ commonName = optional
39
+ emailAddress = optional
40
+
41
+ [ req ]
42
+ default_bits = 4096 # Size of keys
43
+ default_keyfile = key.pem # name of generated keys
44
+ distinguished_name = req_distinguished_name
45
+ attributes = req_attributes
46
+ x509_extensions = v3_ca
47
+ #input_password
48
+ #output_password
49
+ string_mask = nombstr # permitted characters
50
+ req_extensions = v3_req
51
+
52
+ [ req_distinguished_name ]
53
+
54
+ #0 countryName = Country Name (2 letter code)
55
+ # countryName_default = FR
56
+ # countryName_min = 2
57
+ # countryName_max = 2
58
+ # stateOrProvinceName = State or Province Name (full name)
59
+ # stateOrProvinceName_default = Ile de France
60
+ # localityName = Locality Name (city, district)
61
+ # localityName_default = Paris
62
+ organizationName = Organization Name (company)
63
+ organizationName_default = NodeOPCUA
64
+ # organizationalUnitName = Organizational Unit Name (department, division)
65
+ # organizationalUnitName_default = R&D
66
+ commonName = Common Name (hostname, FQDN, IP, or your name)
67
+ commonName_max = 256
68
+ commonName_default = NodeOPCUA
69
+ # emailAddress = Email Address
70
+ # emailAddress_max = 40
71
+ # emailAddress_default = node-opcua (at) node-opcua (dot) com
72
+
73
+ [ req_attributes ]
74
+ #challengePassword = A challenge password
75
+ #challengePassword_min = 4
76
+ #challengePassword_max = 20
77
+ #unstructuredName = An optional company name
78
+ [ usr_cert ]
79
+ basicConstraints = critical, CA:FALSE
80
+ subjectKeyIdentifier = hash
81
+ authorityKeyIdentifier = keyid,issuer:always
82
+ #authorityKeyIdentifier = keyid
83
+ subjectAltName = $ENV::ALTNAME
84
+ # issuerAltName = issuer:copy
85
+ nsComment = ''OpenSSL Generated Certificate''
86
+ #nsCertType = client, email, objsign for ''everything including object signing''
87
+ #nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
88
+ #nsBaseUrl =
89
+ #nsRenewalUrl =
90
+ #nsCaPolicyUrl =
91
+ #nsSslServerName =
92
+ keyUsage = critical, digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment, keyAgreement, keyCertSign
93
+ extendedKeyUsage = critical,serverAuth ,clientAuth
94
+
95
+ [ v3_req ]
96
+ basicConstraints = critical, CA:FALSE
97
+ keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyAgreement
98
+ extendedKeyUsage = critical,serverAuth ,clientAuth
99
+ subjectAltName = $ENV::ALTNAME
100
+ nsComment = "CA Generated by Node-OPCUA Certificate utility using openssl"
101
+ [ v3_ca ]
102
+ subjectKeyIdentifier = hash
103
+ authorityKeyIdentifier = keyid:always,issuer:always
104
+ # authorityKeyIdentifier = keyid
105
+ basicConstraints = CA:TRUE
106
+ keyUsage = critical, cRLSign, keyCertSign
107
+ nsComment = "CA Certificate generated by Node-OPCUA Certificate utility using openssl"
108
+ #nsCertType = sslCA, emailCA
109
+ #subjectAltName = email:copy
110
+ #issuerAltName = issuer:copy
111
+ #obj = DER:02:03
112
+ crlDistributionPoints = @crl_info
113
+ [ crl_info ]
114
+ URI.0 = http://localhost:8900/crl.pem
115
+ [ v3_selfsigned]
116
+ basicConstraints = critical, CA:FALSE
117
+ keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyAgreement
118
+ extendedKeyUsage = critical,serverAuth ,clientAuth
119
+ nsComment = "Self-signed certificate, generated by NodeOPCUA"
120
+ subjectAltName = $ENV::ALTNAME
121
+
122
+ [ crl_ext ]
123
+ #issuerAltName = issuer:copy
124
+ authorityKeyIdentifier = keyid:always,issuer:always
125
+ #authorityInfoAccess = @issuer_info
package/certificates/CA/conf/caconfig.cnf.tmp ADDED
@@ -0,0 +1,125 @@
1
+ #.........DO NOT MODIFY BY HAND .........................
2
+ [ ca ]
3
+ default_ca = CA_default
4
+ [ CA_default ]
5
+ dir = /home/etienne/projects/node-opcua-pki/certificates/CA # the main CA folder
6
+ certs = $dir/certs # where to store certificates
7
+ new_certs_dir = $dir/certs #
8
+ database = $dir/index.txt # the certificate database
9
+ serial = $dir/serial # the serial number counter
10
+ certificate = $dir/public/cacert.pem # The root CA certificate
11
+ private_key = $dir/private/cakey.pem # the CA private key
12
+ x509_extensions = usr_cert #
13
+ default_days = 3650 # default validity : 10 years
14
+
15
+ # default_md = sha1
16
+
17
+ default_md = sha256 # The default digest algorithm
18
+
19
+ preserve = no
20
+ policy = policy_match
21
+ # randfile = $dir/random.rnd
22
+ # default_startdate = YYMMDDHHMMSSZ
23
+ # default_enddate = YYMMDDHHMMSSZ
24
+ crl_dir = $dir/crl
25
+ crl_extensions = crl_ext
26
+ crl = $dir/revocation_list.crl # the Revocation list
27
+ crlnumber = $dir/crlnumber # CRL number file
28
+ default_crl_days = 30
29
+ default_crl_hours = 24
30
+ #msie_hack
31
+
32
+ [ policy_match ]
33
+ countryName = optional
34
+ stateOrProvinceName = optional
35
+ localityName = optional
36
+ organizationName = optional
37
+ organizationalUnitName = optional
38
+ commonName = optional
39
+ emailAddress = optional
40
+
41
+ [ req ]
42
+ default_bits = 4096 # Size of keys
43
+ default_keyfile = key.pem # name of generated keys
44
+ distinguished_name = req_distinguished_name
45
+ attributes = req_attributes
46
+ x509_extensions = v3_ca
47
+ #input_password
48
+ #output_password
49
+ string_mask = nombstr # permitted characters
50
+ req_extensions = v3_req
51
+
52
+ [ req_distinguished_name ]
53
+
54
+ #0 countryName = Country Name (2 letter code)
55
+ # countryName_default = FR
56
+ # countryName_min = 2
57
+ # countryName_max = 2
58
+ # stateOrProvinceName = State or Province Name (full name)
59
+ # stateOrProvinceName_default = Ile de France
60
+ # localityName = Locality Name (city, district)
61
+ # localityName_default = Paris
62
+ organizationName = Organization Name (company)
63
+ organizationName_default = NodeOPCUA
64
+ # organizationalUnitName = Organizational Unit Name (department, division)
65
+ # organizationalUnitName_default = R&D
66
+ commonName = Common Name (hostname, FQDN, IP, or your name)
67
+ commonName_max = 256
68
+ commonName_default = NodeOPCUA
69
+ # emailAddress = Email Address
70
+ # emailAddress_max = 40
71
+ # emailAddress_default = node-opcua (at) node-opcua (dot) com
72
+
73
+ [ req_attributes ]
74
+ #challengePassword = A challenge password
75
+ #challengePassword_min = 4
76
+ #challengePassword_max = 20
77
+ #unstructuredName = An optional company name
78
+ [ usr_cert ]
79
+ basicConstraints = critical, CA:FALSE
80
+ subjectKeyIdentifier = hash
81
+ authorityKeyIdentifier = keyid,issuer:always
82
+ #authorityKeyIdentifier = keyid
83
+ subjectAltName = URI:urn:ramses-linux:NodeOPCUA-DiscoveryServer, DNS:ramses-linux
84
+ # issuerAltName = issuer:copy
85
+ nsComment = ''OpenSSL Generated Certificate''
86
+ #nsCertType = client, email, objsign for ''everything including object signing''
87
+ #nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
88
+ #nsBaseUrl =
89
+ #nsRenewalUrl =
90
+ #nsCaPolicyUrl =
91
+ #nsSslServerName =
92
+ keyUsage = critical, digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment, keyAgreement, keyCertSign
93
+ extendedKeyUsage = critical,serverAuth ,clientAuth
94
+
95
+ [ v3_req ]
96
+ basicConstraints = critical, CA:FALSE
97
+ keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyAgreement
98
+ extendedKeyUsage = critical,serverAuth ,clientAuth
99
+ subjectAltName = URI:urn:ramses-linux:NodeOPCUA-DiscoveryServer, DNS:ramses-linux
100
+ nsComment = "CA Generated by Node-OPCUA Certificate utility using openssl"
101
+ [ v3_ca ]
102
+ subjectKeyIdentifier = hash
103
+ authorityKeyIdentifier = keyid:always,issuer:always
104
+ # authorityKeyIdentifier = keyid
105
+ basicConstraints = CA:TRUE
106
+ keyUsage = critical, cRLSign, keyCertSign
107
+ nsComment = "CA Certificate generated by Node-OPCUA Certificate utility using openssl"
108
+ #nsCertType = sslCA, emailCA
109
+ #subjectAltName = email:copy
110
+ #issuerAltName = issuer:copy
111
+ #obj = DER:02:03
112
+ crlDistributionPoints = @crl_info
113
+ [ crl_info ]
114
+ URI.0 = http://localhost:8900/crl.pem
115
+ [ v3_selfsigned]
116
+ basicConstraints = critical, CA:FALSE
117
+ keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyAgreement
118
+ extendedKeyUsage = critical,serverAuth ,clientAuth
119
+ nsComment = "Self-signed certificate, generated by NodeOPCUA"
120
+ subjectAltName = URI:urn:ramses-linux:NodeOPCUA-DiscoveryServer, DNS:ramses-linux
121
+
122
+ [ crl_ext ]
123
+ #issuerAltName = issuer:copy
124
+ authorityKeyIdentifier = keyid:always,issuer:always
125
+ #authorityInfoAccess = @issuer_info
package/certificates/CA/crl/revocation_list.crl ADDED
@@ -0,0 +1,16 @@
1
+ -----BEGIN X509 CRL-----
2
+ MIICgzCCAWsCAQEwDQYJKoZIhvcNAQELBQAwczELMAkGA1UEBhMCRlIxDDAKBgNV
3
+ BAgTA0lERjEOMAwGA1UEBxMFUGFyaXMxLzAtBgNVBAoTJkxvY2FsIE5PREUtT1BD
4
+ VUEgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRUwEwYDVQQDEwxOb2RlT1BDVUEtQ0EX
5
+ DTIzMDUxNDE2MDIwMloXDTIzMDYxNDE2MDIwMlqggcMwgcAwgbAGA1UdIwSBqDCB
6
+ pYAUex7icExQU+y3djszE73AQfg1e4Whd6R1MHMxCzAJBgNVBAYTAkZSMQwwCgYD
7
+ VQQIEwNJREYxDjAMBgNVBAcTBVBhcmlzMS8wLQYDVQQKEyZMb2NhbCBOT0RFLU9Q
8
+ Q1VBIENlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMTm9kZU9QQ1VBLUNB
9
+ ghRDFnHt5x7dihSBPb5/5MxySlgoZDALBgNVHRQEBAICEAAwDQYJKoZIhvcNAQEL
10
+ BQADggEBAFp54aI/z8Wqt5PA6dRzznQDt8ThjuFR6cgiwnJ0CjJF5/sES7elX1zA
11
+ zLPdR8cuEAKNzIfx224BUFONp5wVWJzfCIieqnrf1iZfWcsIp9eAjnyK4MBDK6zD
12
+ HxESAHFPooUhpIgUktuIQ3rz6xf++kVZPxer5CD/YEEDLv82bRqXOIdTAl2+gfNJ
13
+ Yx/YT4S66nzsUkUBo2KptO4xIaeKOMmdcbsqGArb5ekj65sKz3Up8X9J1Cwurz6s
14
+ PKqCkp0hYl357oacqHbkCCWi7QKidgvVuyRlgs6voqDGoR5Bs66oCK/Iy1tdd0kJ
15
+ sgzWFPUXsm1enRfxNUUov1jav5vwwXs=
16
+ -----END X509 CRL-----
package/certificates/CA/crlnumber ADDED
@@ -0,0 +1 @@
1
+ 1001
package/certificates/CA/crlnumber.old ADDED
@@ -0,0 +1 @@
1
+ 1000
package/certificates/CA/index.txt ADDED
@@ -0,0 +1,24 @@
1
+ V 240512192440Z 1000 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
2
+ V 240512192440Z 1001 unknown /O=NodeOPCUA/CN=NodeOPCUA
3
+ V 240512192440Z 1002 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
4
+ V 240512192440Z 1003 unknown /O=NodeOPCUA/CN=NodeOPCUA
5
+ V 240512192440Z 1004 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
6
+ V 240512192440Z 1005 unknown /O=NodeOPCUA/CN=NodeOPCUA
7
+ V 240512192440Z 1006 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
8
+ V 240512192440Z 1007 unknown /O=NodeOPCUA/CN=NodeOPCUA
9
+ V 240512192440Z 1008 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
10
+ V 240512192440Z 1009 unknown /O=NodeOPCUA/CN=NodeOPCUA
11
+ V 240512192440Z 100A unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
12
+ V 240512192440Z 100B unknown /O=NodeOPCUA/CN=NodeOPCUA
13
+ V 240512192440Z 100C unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
14
+ V 240512192440Z 100D unknown /O=NodeOPCUA/CN=NodeOPCUA
15
+ V 240512192440Z 100E unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
16
+ V 240512192440Z 100F unknown /O=NodeOPCUA/CN=NodeOPCUA
17
+ V 240512192440Z 1010 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
18
+ V 240512192440Z 1011 unknown /O=NodeOPCUA/CN=NodeOPCUA
19
+ V 240512192440Z 1012 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
20
+ V 240512192440Z 1013 unknown /O=NodeOPCUA/CN=NodeOPCUA
21
+ V 240512192440Z 1014 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
22
+ V 240512192440Z 1015 unknown /O=NodeOPCUA/CN=NodeOPCUA
23
+ V 240512192440Z 1016 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
24
+ V 240512192440Z 1017 unknown /O=NodeOPCUA/CN=NodeOPCUA
package/certificates/CA/index.txt.attr ADDED
@@ -0,0 +1 @@
1
+ unique_subject = no
package/certificates/CA/index.txt.attr.old ADDED
@@ -0,0 +1 @@
1
+ unique_subject = no
package/certificates/CA/index.txt.old ADDED
@@ -0,0 +1,23 @@
1
+ V 240512192440Z 1000 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
2
+ V 240512192440Z 1001 unknown /O=NodeOPCUA/CN=NodeOPCUA
3
+ V 240512192440Z 1002 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
4
+ V 240512192440Z 1003 unknown /O=NodeOPCUA/CN=NodeOPCUA
5
+ V 240512192440Z 1004 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
6
+ V 240512192440Z 1005 unknown /O=NodeOPCUA/CN=NodeOPCUA
7
+ V 240512192440Z 1006 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
8
+ V 240512192440Z 1007 unknown /O=NodeOPCUA/CN=NodeOPCUA
9
+ V 240512192440Z 1008 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
10
+ V 240512192440Z 1009 unknown /O=NodeOPCUA/CN=NodeOPCUA
11
+ V 240512192440Z 100A unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
12
+ V 240512192440Z 100B unknown /O=NodeOPCUA/CN=NodeOPCUA
13
+ V 240512192440Z 100C unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
14
+ V 240512192440Z 100D unknown /O=NodeOPCUA/CN=NodeOPCUA
15
+ V 240512192440Z 100E unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
16
+ V 240512192440Z 100F unknown /O=NodeOPCUA/CN=NodeOPCUA
17
+ V 240512192440Z 1010 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
18
+ V 240512192440Z 1011 unknown /O=NodeOPCUA/CN=NodeOPCUA
19
+ V 240512192440Z 1012 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
20
+ V 240512192440Z 1013 unknown /O=NodeOPCUA/CN=NodeOPCUA
21
+ V 240512192440Z 1014 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
22
+ V 240512192440Z 1015 unknown /O=NodeOPCUA/CN=NodeOPCUA
23
+ V 240512192440Z 1016 unknown /C=FR/O=NodeOPCUA/CN=NodeOPCUA
package/certificates/CA/private/cakey.csr ADDED
@@ -0,0 +1,77 @@
1
+ Certificate Request:
2
+ Data:
3
+ Version: 1 (0x0)
4
+ Subject: C = FR, ST = IDF, L = Paris, O = Local NODE-OPCUA Certificate Authority, CN = NodeOPCUA-CA
5
+ Subject Public Key Info:
6
+ Public Key Algorithm: rsaEncryption
7
+ Public-Key: (2048 bit)
8
+ Modulus:
9
+ 00:cc:3f:75:41:5a:01:c5:35:c0:d5:27:19:17:6b:
10
+ 9f:e7:3d:1a:36:ad:77:e5:3e:3f:e1:c4:e3:f0:37:
11
+ c4:ff:53:b9:21:0a:17:b2:f4:e4:4c:0c:fd:26:3b:
12
+ 83:0f:82:40:b7:a9:cd:5e:e6:85:de:14:17:49:2b:
13
+ 8c:8e:65:63:a6:7e:24:01:fa:a5:c0:d2:99:1c:b4:
14
+ 1d:7a:5d:56:ab:26:82:f1:b7:8c:85:6f:9b:6a:34:
15
+ 08:e6:51:06:63:02:25:07:19:25:7e:03:6f:99:c1:
16
+ 76:47:b6:60:31:f8:9f:34:5a:36:c9:1a:fa:4e:85:
17
+ 53:29:65:93:86:aa:10:16:72:72:0e:d2:f6:f4:99:
18
+ 3b:18:90:d6:92:e1:55:6f:11:9a:2d:9b:7a:b2:96:
19
+ 79:cd:0c:13:6c:a6:9e:cf:a8:9d:5d:fe:9c:19:83:
20
+ 34:09:e8:95:6a:b5:fd:8e:3b:3a:cd:c2:fd:73:7e:
21
+ 5a:49:9b:63:01:a5:7e:90:b0:d5:99:a8:f7:2a:ff:
22
+ 33:e1:c2:b5:37:5a:83:4a:a1:09:01:b3:3f:78:51:
23
+ be:ae:bf:e1:bb:51:ce:7a:4e:22:91:02:69:ef:fb:
24
+ f8:75:d8:7d:26:69:6d:8c:6f:d0:64:f7:4d:36:82:
25
+ 37:ed:50:87:6c:50:d4:83:34:5a:4f:91:7e:01:2d:
26
+ e7:07
27
+ Exponent: 65537 (0x10001)
28
+ Attributes:
29
+ Requested Extensions:
30
+ X509v3 Basic Constraints: critical
31
+ CA:FALSE
32
+ X509v3 Key Usage:
33
+ Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Key Agreement
34
+ X509v3 Extended Key Usage: critical
35
+ TLS Web Server Authentication, TLS Web Client Authentication
36
+ X509v3 Subject Alternative Name:
37
+ URI:undefined
38
+ Netscape Comment:
39
+ CA Generated by Node-OPCUA Certificate utility using openssl
40
+ Signature Algorithm: sha256WithRSAEncryption
41
+ Signature Value:
42
+ 71:47:73:4c:ac:d9:54:6a:5f:ca:a3:b5:1f:05:62:c3:cd:20:
43
+ 56:02:67:da:ac:e4:e6:e9:90:84:f0:a7:89:07:02:0f:38:41:
44
+ c9:3b:be:23:13:a4:1d:d8:f6:06:58:4c:91:5f:2b:a7:fc:e7:
45
+ 0d:3f:c1:3f:24:e7:21:f9:c4:36:4c:34:7e:2a:8f:66:79:4a:
46
+ ea:21:ca:37:23:68:40:08:c6:ba:f0:fe:de:76:55:a4:f5:dc:
47
+ f3:78:cb:85:9f:e6:46:eb:7f:39:43:e3:69:ff:70:72:92:ae:
48
+ d9:97:93:78:ac:34:7e:97:63:72:a9:65:66:f4:e7:ec:56:6c:
49
+ b5:46:9f:d8:fe:1c:32:48:65:81:a5:c2:b3:7c:e1:4b:ed:d0:
50
+ ac:f8:22:f9:87:36:49:e8:fc:b1:7e:de:b5:8e:f7:da:ac:1c:
51
+ 26:47:33:25:77:34:84:e0:f0:c3:ad:77:e2:38:87:4a:a0:35:
52
+ 43:17:c5:a5:19:64:e9:29:cf:13:90:f6:86:71:28:ff:13:a6:
53
+ ec:95:a0:f0:19:d4:8f:12:1d:c1:a2:10:c2:20:16:e6:ba:ec:
54
+ 56:75:58:5e:05:b1:69:00:85:81:90:6e:ca:34:0d:dd:64:1e:
55
+ cf:4f:9d:6d:e0:1b:75:33:89:ac:16:e3:72:40:ec:e1:46:3e:
56
+ 52:30:b6:5d
57
+ -----BEGIN CERTIFICATE REQUEST-----
58
+ MIIDbTCCAlUCAQAwczELMAkGA1UEBhMCRlIxDDAKBgNVBAgTA0lERjEOMAwGA1UE
59
+ BxMFUGFyaXMxLzAtBgNVBAoTJkxvY2FsIE5PREUtT1BDVUEgQ2VydGlmaWNhdGUg
60
+ QXV0aG9yaXR5MRUwEwYDVQQDEwxOb2RlT1BDVUEtQ0EwggEiMA0GCSqGSIb3DQEB
61
+ AQUAA4IBDwAwggEKAoIBAQDMP3VBWgHFNcDVJxkXa5/nPRo2rXflPj/hxOPwN8T/
62
+ U7khChey9ORMDP0mO4MPgkC3qc1e5oXeFBdJK4yOZWOmfiQB+qXA0pkctB16XVar
63
+ JoLxt4yFb5tqNAjmUQZjAiUHGSV+A2+ZwXZHtmAx+J80WjbJGvpOhVMpZZOGqhAW
64
+ cnIO0vb0mTsYkNaS4VVvEZotm3qylnnNDBNspp7PqJ1d/pwZgzQJ6JVqtf2OOzrN
65
+ wv1zflpJm2MBpX6QsNWZqPcq/zPhwrU3WoNKoQkBsz94Ub6uv+G7Uc56TiKRAmnv
66
+ +/h12H0maW2Mb9Bk9002gjftUIdsUNSDNFpPkX4BLecHAgMBAAGggbQwgbEGCSqG
67
+ SIb3DQEJDjGBozCBoDAMBgNVHRMBAf8EAjAAMAsGA1UdDwQEAwID+DAgBgNVHSUB
68
+ Af8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwFAYDVR0RBA0wC4YJdW5kZWZpbmVk
69
+ MEsGCWCGSAGG+EIBDQQ+FjxDQSBHZW5lcmF0ZWQgYnkgTm9kZS1PUENVQSBDZXJ0
70
+ aWZpY2F0ZSB1dGlsaXR5IHVzaW5nIG9wZW5zc2wwDQYJKoZIhvcNAQELBQADggEB
71
+ AHFHc0ys2VRqX8qjtR8FYsPNIFYCZ9qs5ObpkITwp4kHAg84Qck7viMTpB3Y9gZY
72
+ TJFfK6f85w0/wT8k5yH5xDZMNH4qj2Z5SuohyjcjaEAIxrrw/t52VaT13PN4y4Wf
73
+ 5kbrfzlD42n/cHKSrtmXk3isNH6XY3KpZWb05+xWbLVGn9j+HDJIZYGlwrN84Uvt
74
+ 0Kz4IvmHNkno/LF+3rWO99qsHCZHMyV3NITg8MOtd+I4h0qgNUMXxaUZZOkpzxOQ
75
+ 9oZxKP8TpuyVoPAZ1I8SHcGiEMIgFua67FZ1WF4FsWkAhYGQbso0Dd1kHs9PnW3g
76
+ G3UziawW43JA7OFGPlIwtl0=
77
+ -----END CERTIFICATE REQUEST-----
package/certificates/CA/serial ADDED
@@ -0,0 +1 @@
1
+ 1018
package/certificates/CA/serial.old ADDED
@@ -0,0 +1 @@
1
+ 1017
package/certificates/PKI/own/openssl.cnf ADDED
@@ -0,0 +1,72 @@
1
+ ##################################################################################################
2
+ ## SIMPLE OPENSSL CONFIG FILE FOR SELF-SIGNED CERTIFICATE GENERATION
3
+ ################################################################################################################
4
+
5
+ distinguished_name = req_distinguished_name
6
+ default_md = sha1
7
+
8
+ default_md = sha256 # The default digest algorithm
9
+
10
+ [ v3_ca ]
11
+ subjectKeyIdentifier = hash
12
+ authorityKeyIdentifier = keyid:always,issuer:always
13
+
14
+ # authorityKeyIdentifier = keyid
15
+ basicConstraints = CA:TRUE
16
+ keyUsage = critical, cRLSign, keyCertSign
17
+ nsComment = "Self-signed Certificate for CA generated by Node-OPCUA Certificate utility"
18
+ #nsCertType = sslCA, emailCA
19
+ #subjectAltName = email:copy
20
+ #issuerAltName = issuer:copy
21
+ #obj = DER:02:03
22
+ # crlDistributionPoints = @crl_info
23
+ # [ crl_info ]
24
+ # URI.0 = http://localhost:8900/crl.pem
25
+ subjectAltName = $ENV::ALTNAME
26
+
27
+ [ req ]
28
+ days = 390
29
+ req_extensions = v3_req
30
+ x509_extensions = v3_ca
31
+
32
+ [v3_req]
33
+ basicConstraints = CA:false
34
+ keyUsage = critical, cRLSign, keyCertSign
35
+ subjectAltName = $ENV::ALTNAME
36
+
37
+ [ v3_ca_signed]
38
+ subjectKeyIdentifier = hash
39
+ authorityKeyIdentifier = keyid,issuer
40
+ basicConstraints = critical, CA:FALSE
41
+ keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyCertSign
42
+ extendedKeyUsage = clientAuth,serverAuth
43
+ nsComment = "certificate generated by Node-OPCUA Certificate utility and signed by a CA"
44
+ subjectAltName = $ENV::ALTNAME
45
+ [ v3_selfsigned]
46
+ subjectKeyIdentifier = hash
47
+ authorityKeyIdentifier = keyid,issuer
48
+ basicConstraints = critical, CA:FALSE
49
+ keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyCertSign
50
+ extendedKeyUsage = clientAuth,serverAuth
51
+ nsComment = "Self-signed certificate generated by Node-OPCUA Certificate utility"
52
+ subjectAltName = $ENV::ALTNAME
53
+ [ req_distinguished_name ]
54
+ countryName = Country Name (2 letter code)
55
+ countryName_default = FR
56
+ countryName_min = 2
57
+ countryName_max = 2
58
+ # stateOrProvinceName = State or Province Name (full name)
59
+ # stateOrProvinceName_default = Ile de France
60
+ # localityName = Locality Name (city, district)
61
+ # localityName_default = Paris
62
+ organizationName = Organization Name (company)
63
+ organizationName_default = NodeOPCUA
64
+ # organizationalUnitName = Organizational Unit Name (department, division)
65
+ # organizationalUnitName_default = R&D
66
+ commonName = Common Name (hostname, FQDN, IP, or your name)
67
+ commonName_max = 256
68
+ commonName_default = NodeOPCUA
69
+ # emailAddress = Email Address
70
+ # emailAddress_max = 40
71
+ # emailAddress_default = node-opcua (at) node-opcua (dot) com
72
+ subjectAltName = $ENV::ALTNAME
package/certificates/PKI/own/openssl.cnf.tmp ADDED
@@ -0,0 +1,72 @@
1
+ ##################################################################################################
2
+ ## SIMPLE OPENSSL CONFIG FILE FOR SELF-SIGNED CERTIFICATE GENERATION
3
+ ################################################################################################################
4
+
5
+ distinguished_name = req_distinguished_name
6
+ default_md = sha1
7
+
8
+ default_md = sha256 # The default digest algorithm
9
+
10
+ [ v3_ca ]
11
+ subjectKeyIdentifier = hash
12
+ authorityKeyIdentifier = keyid:always,issuer:always
13
+
14
+ # authorityKeyIdentifier = keyid
15
+ basicConstraints = CA:TRUE
16
+ keyUsage = critical, cRLSign, keyCertSign
17
+ nsComment = "Self-signed Certificate for CA generated by Node-OPCUA Certificate utility"
18
+ #nsCertType = sslCA, emailCA
19
+ #subjectAltName = email:copy
20
+ #issuerAltName = issuer:copy
21
+ #obj = DER:02:03
22
+ # crlDistributionPoints = @crl_info
23
+ # [ crl_info ]
24
+ # URI.0 = http://localhost:8900/crl.pem
25
+ subjectAltName = URI:urn:ramses-linux:NodeOPCUA-DiscoveryServer, DNS:ramses-linux, IP:127.0.0.1
26
+
27
+ [ req ]
28
+ days = 390
29
+ req_extensions = v3_req
30
+ x509_extensions = v3_ca
31
+
32
+ [v3_req]
33
+ basicConstraints = CA:false
34
+ keyUsage = critical, cRLSign, keyCertSign
35
+ subjectAltName = URI:urn:ramses-linux:NodeOPCUA-DiscoveryServer, DNS:ramses-linux, IP:127.0.0.1
36
+
37
+ [ v3_ca_signed]
38
+ subjectKeyIdentifier = hash
39
+ authorityKeyIdentifier = keyid,issuer
40
+ basicConstraints = critical, CA:FALSE
41
+ keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyCertSign
42
+ extendedKeyUsage = clientAuth,serverAuth
43
+ nsComment = "certificate generated by Node-OPCUA Certificate utility and signed by a CA"
44
+ subjectAltName = URI:urn:ramses-linux:NodeOPCUA-DiscoveryServer, DNS:ramses-linux, IP:127.0.0.1
45
+ [ v3_selfsigned]
46
+ subjectKeyIdentifier = hash
47
+ authorityKeyIdentifier = keyid,issuer
48
+ basicConstraints = critical, CA:FALSE
49
+ keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyCertSign
50
+ extendedKeyUsage = clientAuth,serverAuth
51
+ nsComment = "Self-signed certificate generated by Node-OPCUA Certificate utility"
52
+ subjectAltName = URI:urn:ramses-linux:NodeOPCUA-DiscoveryServer, DNS:ramses-linux, IP:127.0.0.1
53
+ [ req_distinguished_name ]
54
+ countryName = Country Name (2 letter code)
55
+ countryName_default = FR
56
+ countryName_min = 2
57
+ countryName_max = 2
58
+ # stateOrProvinceName = State or Province Name (full name)
59
+ # stateOrProvinceName_default = Ile de France
60
+ # localityName = Locality Name (city, district)
61
+ # localityName_default = Paris
62
+ organizationName = Organization Name (company)
63
+ organizationName_default = NodeOPCUA
64
+ # organizationalUnitName = Organizational Unit Name (department, division)
65
+ # organizationalUnitName_default = R&D
66
+ commonName = Common Name (hostname, FQDN, IP, or your name)
67
+ commonName_max = 256
68
+ commonName_default = NodeOPCUA
69
+ # emailAddress = Email Address
70
+ # emailAddress_max = 40
71
+ # emailAddress_default = node-opcua (at) node-opcua (dot) com
72
+ subjectAltName = URI:urn:ramses-linux:NodeOPCUA-DiscoveryServer, DNS:ramses-linux, IP:127.0.0.1
package/certificates/client_cert_1024.pem.csr ADDED
@@ -0,0 +1,49 @@
1
+ Certificate Request:
2
+ Data:
3
+ Version: 1 (0x0)
4
+ Subject: C = FR, O = NodeOPCUA, CN = NodeOPCUA
5
+ Subject Public Key Info:
6
+ Public Key Algorithm: rsaEncryption
7
+ Public-Key: (1024 bit)
8
+ Modulus:
9
+ 00:ba:96:4d:11:a8:03:26:bd:d4:1e:d6:37:a3:f2:
10
+ 46:9f:84:a1:a7:0f:7f:68:26:cc:15:89:37:45:79:
11
+ a3:e0:94:7c:18:32:65:86:b1:a5:f3:46:f9:0f:9d:
12
+ 27:86:e2:04:87:7b:5a:01:b5:9c:87:7c:b0:02:f1:
13
+ 06:8b:16:49:13:57:ed:f9:e2:59:fb:0a:fd:db:6e:
14
+ 90:be:7c:7e:8c:a5:57:20:d7:84:49:5c:a6:d3:b2:
15
+ 9f:94:6d:c1:39:a7:b7:0b:48:8b:b2:a4:d6:16:40:
16
+ 05:f8:c5:9f:cd:91:14:c9:d8:cc:c2:b6:91:f1:08:
17
+ 5f:ff:55:2f:99:bf:de:1c:e1
18
+ Exponent: 65537 (0x10001)
19
+ Attributes:
20
+ Requested Extensions:
21
+ X509v3 Basic Constraints:
22
+ CA:FALSE
23
+ X509v3 Key Usage: critical
24
+ Certificate Sign, CRL Sign
25
+ X509v3 Subject Alternative Name:
26
+ URI:urn:ramses-linux:NodeOPCUA-Client, DNS:ramses-linux, IP Address:127.0.0.1
27
+ Signature Algorithm: sha256WithRSAEncryption
28
+ Signature Value:
29
+ 6b:7b:71:fe:2d:15:46:be:75:71:f2:60:43:ff:52:17:70:9c:
30
+ 59:0b:cc:30:2d:71:cc:4c:ac:d1:88:f4:fb:6a:e2:15:0f:30:
31
+ bc:f6:bd:bd:1c:d7:ca:d8:ee:ab:f2:27:30:da:54:a8:5a:b7:
32
+ cc:7a:a1:65:47:b4:9e:a0:51:91:9a:89:2e:64:6a:60:f1:6c:
33
+ d1:76:07:82:d2:a8:43:7c:50:2d:58:df:ff:3a:82:70:f6:6e:
34
+ 99:10:74:4e:34:0d:14:13:c6:54:8e:56:0b:a5:3a:7b:18:20:
35
+ 53:4b:33:be:fa:81:ee:7a:76:05:de:af:1e:7c:a3:7c:f2:be:
36
+ 91:c1
37
+ -----BEGIN CERTIFICATE REQUEST-----
38
+ MIIB4zCCAUwCAQAwNTELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU5vZGVPUENVQTES
39
+ MBAGA1UEAwwJTm9kZU9QQ1VBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6
40
+ lk0RqAMmvdQe1jej8kafhKGnD39oJswViTdFeaPglHwYMmWGsaXzRvkPnSeG4gSH
41
+ e1oBtZyHfLAC8QaLFkkTV+354ln7Cv3bbpC+fH6MpVcg14RJXKbTsp+UbcE5p7cL
42
+ SIuypNYWQAX4xZ/NkRTJ2MzCtpHxCF//VS+Zv94c4QIDAQABoG4wbAYJKoZIhvcN
43
+ AQkOMV8wXTAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIBBjBABgNVHREEOTA3hiF1
44
+ cm46cmFtc2VzLWxpbnV4Ok5vZGVPUENVQS1DbGllbnSCDHJhbXNlcy1saW51eIcE
45
+ fwAAATANBgkqhkiG9w0BAQsFAAOBgQBre3H+LRVGvnVx8mBD/1IXcJxZC8wwLXHM
46
+ TKzRiPT7auIVDzC89r29HNfK2O6r8icw2lSoWrfMeqFlR7SeoFGRmokuZGpg8WzR
47
+ dgeC0qhDfFAtWN//OoJw9m6ZEHRONA0UE8ZUjlYLpTp7GCBTSzO++oHuenYF3q8e
48
+ fKN88r6RwQ==
49
+ -----END CERTIFICATE REQUEST-----