From 92f9db17466c4e28998a5cf849c7a861093eff23 Mon Sep 17 00:00:00 2001 From: Yiming Jing Date: Mon, 10 Sep 2018 11:32:23 -0700 Subject: tests/certs: rebuild certs with 2048-bit RSA keys The previous test certificates contained RSA keys of only 1024 bits. However, RSA claims that 1024-bit RSA keys are likely to become crackable some time before 2010. The NIST recommends at least 2048-bit keys for RSA for now. Better use full 2048 also for testing. Closes #2973 --- tests/certs/Server-localhost-lastSAN-sv.crt | 100 ++++++++++++++++------------ 1 file changed, 56 insertions(+), 44 deletions(-) (limited to 'tests/certs/Server-localhost-lastSAN-sv.crt') diff --git a/tests/certs/Server-localhost-lastSAN-sv.crt b/tests/certs/Server-localhost-lastSAN-sv.crt index a6d8ae9c2..b3116b695 100644 --- a/tests/certs/Server-localhost-lastSAN-sv.crt +++ b/tests/certs/Server-localhost-lastSAN-sv.crt @@ -1,32 +1,41 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 14725819772555 (0xd649f41ae8b) + Serial Number: 15361901406880 (0xdf8b8ad2aa0) Signature Algorithm: sha1WithRSAEncryption Issuer: countryName = NN organizationName = Edel Curl Arctic Illudium Research Cloud commonName = Northern Nowhere Trust Anchor Validity - Not Before: Aug 30 18:32:57 2016 GMT - Not After : Nov 16 18:32:57 2024 GMT + Not Before: Sep 5 23:29:01 2018 GMT + Not After : Nov 22 23:29:01 2026 GMT Subject: countryName = NN organizationName = Edel Curl Arctic Illudium Research Cloud commonName = localhost.nn Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) + Public-Key: (2048 bit) Modulus: - 00:a3:2a:75:d7:bf:75:41:40:be:42:b8:b9:00:28: - f1:45:29:55:bc:36:ca:a6:b7:86:93:97:25:84:aa: - c9:80:ac:41:d9:28:fb:b0:68:4b:5b:ee:bd:94:83: - da:2b:f6:cc:cc:11:df:fb:48:e6:e9:d5:97:41:7f: - 9a:0d:b7:87:96:12:22:41:2a:7f:95:8a:14:d6:6c: - 4b:34:df:18:29:01:0d:b2:3c:4d:c8:c4:5e:87:fa: - 9f:aa:ee:a4:73:e9:bb:74:57:85:24:2a:51:e4:43: - 5c:4b:97:51:52:b9:82:6e:9c:ce:ae:0f:91:45:25: - f9:b4:24:66:8e:47:1f:d7:d5 + 00:df:16:15:5f:2a:a4:50:cf:3a:a8:79:6e:22:8d: + 95:16:b7:4d:7d:d2:1f:4f:6d:2d:7a:7d:dc:8a:4f: + 53:7b:5f:c9:de:5c:88:6c:a2:74:26:35:1c:78:68: + c1:60:25:a7:7b:b6:1a:9a:aa:33:d0:9f:5e:f2:2e: + 21:04:8c:0d:9a:28:f5:61:40:3c:34:1a:9b:8a:70: + 81:6d:83:9e:7c:d0:4c:d9:79:dc:37:d9:24:6e:73: + c7:61:31:71:e9:f5:97:b7:65:ad:3d:f6:af:20:6f: + 56:b9:b5:42:b5:3d:96:61:31:eb:0d:4c:e9:f5:31: + d3:25:af:40:b3:bb:81:04:7f:1a:ce:21:18:83:52: + 2d:51:31:ae:82:f9:cb:10:d3:d5:06:af:f8:71:e8: + a3:c6:9f:7b:48:da:e2:28:af:1c:ff:41:6d:32:81: + 45:59:d7:64:e4:b1:d7:c9:86:6a:0b:65:71:66:d6: + 42:a8:67:fd:83:49:20:75:16:1e:bb:1b:85:5c:7e: + e2:8f:5f:1c:81:d3:8a:95:d6:92:5c:9e:7f:a2:10: + 08:e1:df:ae:69:68:3f:8d:dd:79:4f:da:3f:79:b5: + 02:97:57:30:67:4d:3d:76:35:b5:4f:d1:5d:35:dd: + d4:b5:6b:57:b2:e0:23:35:ad:1a:bf:6f:77:e6:bc: + 58:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Alternative Name: @@ -36,45 +45,48 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Subject Key Identifier: - 2C:CF:E3:6E:08:F9:CE:9B:98:3B:B3:17:7F:0C:9D:E4:5B:1B:76:8A + 7C:9A:EA:9B:92:98:FB:77:25:89:8B:EF:D3:F4:88:34:AF:EA:24:CC X509v3 Authority Key Identifier: keyid:12:CA:BA:4B:46:04:A7:75:8A:2C:E8:0E:54:94:BC:12:65:A6:7B:CE X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha1WithRSAEncryption - 2e:3d:c1:a2:a7:e4:70:f8:a8:13:86:c3:af:22:1f:e9:e1:62: - f4:cf:16:66:a8:3b:70:f6:12:30:be:fe:8e:44:1b:71:b5:c1: - e0:4b:66:c4:5d:d4:d7:7d:49:43:4a:6d:22:1b:ce:3d:e3:14: - 14:b3:6d:3a:93:39:0c:9b:2c:83:35:1d:7e:7c:29:29:3c:51: - 6b:27:c3:5b:2d:f2:61:18:f8:c7:90:be:3b:68:3f:08:9b:ac: - 68:01:d2:0c:ec:aa:5d:9e:78:b7:8b:84:04:01:b2:08:ef:df: - 0c:f2:29:99:fe:61:d1:65:80:aa:ef:df:8e:28:55:a6:f9:88: - 0c:01:bb:fc:1c:9e:9c:08:8d:c5:34:24:91:c1:ac:71:22:e1: - 12:78:e0:45:d5:e2:39:c4:3c:16:09:80:d0:5b:bc:49:0a:4c: - a3:5b:e1:36:40:ed:26:6d:8d:a0:d3:4a:3c:86:93:2f:d4:0a: - 3c:72:08:62:d7:66:d0:b3:05:c2:0f:1d:af:3c:65:67:f2:6c: - 76:a5:9c:37:ac:c4:ac:96:b7:e4:c0:ef:a4:5b:28:1e:16:09: - 15:f6:7b:bb:5d:a2:94:9a:df:52:7b:ae:c9:39:f4:18:9e:84: - 57:6c:d3:6d:ae:35:38:8f:8f:9b:0d:df:77:69:ae:25:ec:ce: - d0:2b:bd:8d + 0f:97:60:47:2f:22:9f:d4:16:99:5a:ed:f4:b5:54:31:bf:9f: + a1:bd:2d:8b:eb:c1:24:db:73:30:c7:46:d6:4c:c8:c6:38:0c: + 9a:e6:d6:5e:e8:a7:fb:9f:b6:44:66:73:43:86:46:10:c0:4c: + 40:4e:c1:d7:e4:41:0b:f0:61:f0:6f:45:8c:5a:14:40:42:97: + c3:03:d0:ff:6d:4a:06:80:65:49:d4:2f:07:9d:86:59:6b:5b: + 9e:bc:0c:46:8a:62:da:c0:22:af:13:6c:0d:9d:54:5e:46:53: + a5:aa:f2:80:44:c7:07:6e:f7:b0:4c:37:5c:31:08:a0:37:df: + 8a:35:92:3c:8c:91:2f:64:4f:d3:a0:eb:95:b3:4a:9e:f7:ac: + 25:ad:06:13:5c:dd:bd:d5:6b:74:8d:c7:c5:a6:b4:89:27:fd: + b7:c2:24:a7:6a:b3:64:e6:e6:31:91:35:fc:0e:15:14:38:d6: + 39:b0:c4:b2:c1:c8:c7:ed:25:d7:b0:a9:b9:a0:70:33:42:90: + 86:33:2a:d8:d5:8a:02:e6:ab:8d:92:d6:ae:b4:1d:e9:6c:22: + a5:2f:1a:48:48:2b:5c:b8:30:01:4b:27:1a:d3:cf:21:77:ab: + 9f:bc:55:34:2e:9f:03:2b:17:0b:c3:44:8e:a8:94:ae:92:a2: + 9a:33:c0:8e -----BEGIN CERTIFICATE----- -MIIDWjCCAkKgAwIBAgIGDWSfQa6LMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNVBAYT +MIID3jCCAsagAwIBAgIGDfi4rSqgMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNVBAYT Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo IENsb3VkMSYwJAYDVQQDDB1Ob3J0aGVybiBOb3doZXJlIFRydXN0IEFuY2hvcjAe -Fw0xNjA4MzAxODMyNTdaFw0yNDExMTYxODMyNTdaMFcxCzAJBgNVBAYTAk5OMTEw +Fw0xODA5MDUyMzI5MDFaFw0yNjExMjIyMzI5MDFaMFcxCzAJBgNVBAYTAk5OMTEw LwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNoIENsb3Vk -MRUwEwYDVQQDDAxsb2NhbGhvc3Qubm4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ -AoGBAKMqdde/dUFAvkK4uQAo8UUpVbw2yqa3hpOXJYSqyYCsQdko+7BoS1vuvZSD -2iv2zMwR3/tI5unVl0F/mg23h5YSIkEqf5WKFNZsSzTfGCkBDbI8TcjEXof6n6ru -pHPpu3RXhSQqUeRDXEuXUVK5gm6czq4PkUUl+bQkZo5HH9fVAgMBAAGjgZ4wgZsw -LAYDVR0RBCUwI4IKbG9jYWxob3N0MYIKbG9jYWxob3N0MoIJbG9jYWxob3N0MAsG -A1UdDwQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQULM/jbgj5 -zpuYO7MXfwyd5FsbdoowHwYDVR0jBBgwFoAUEsq6S0YEp3WKLOgOVJS8EmWme84w -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEALj3BoqfkcPioE4bDryIf6eFi -9M8WZqg7cPYSML7+jkQbcbXB4EtmxF3U131JQ0ptIhvOPeMUFLNtOpM5DJssgzUd -fnwpKTxRayfDWy3yYRj4x5C+O2g/CJusaAHSDOyqXZ54t4uEBAGyCO/fDPIpmf5h -0WWAqu/fjihVpvmIDAG7/ByenAiNxTQkkcGscSLhEnjgRdXiOcQ8FgmA0Fu8SQpM -o1vhNkDtJm2NoNNKPIaTL9QKPHIIYtdm0LMFwg8drzxlZ/JsdqWcN6zErJa35MDv -pFsoHhYJFfZ7u12ilJrfUnuuyTn0GJ6EV2zTba41OI+Pmw3fd2muJezO0Cu9jQ== +MRUwEwYDVQQDDAxsb2NhbGhvc3Qubm4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQDfFhVfKqRQzzqoeW4ijZUWt0190h9PbS16fdyKT1N7X8neXIhsonQm +NRx4aMFgJad7thqaqjPQn17yLiEEjA2aKPVhQDw0GpuKcIFtg5580EzZedw32SRu +c8dhMXHp9Ze3Za099q8gb1a5tUK1PZZhMesNTOn1MdMlr0Czu4EEfxrOIRiDUi1R +Ma6C+csQ09UGr/hx6KPGn3tI2uIorxz/QW0ygUVZ12TksdfJhmoLZXFm1kKoZ/2D +SSB1Fh67G4VcfuKPXxyB04qV1pJcnn+iEAjh365paD+N3XlP2j95tQKXVzBnTT12 +NbVP0V013dS1a1ey4CM1rRq/b3fmvFjtAgMBAAGjgZ4wgZswLAYDVR0RBCUwI4IK +bG9jYWxob3N0MYIKbG9jYWxob3N0MoIJbG9jYWxob3N0MAsGA1UdDwQEAwIDqDAT +BgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQUfJrqm5KY+3cliYvv0/SINK/q +JMwwHwYDVR0jBBgwFoAUEsq6S0YEp3WKLOgOVJS8EmWme84wCQYDVR0TBAIwADAN +BgkqhkiG9w0BAQUFAAOCAQEAD5dgRy8in9QWmVrt9LVUMb+fob0ti+vBJNtzMMdG +1kzIxjgMmubWXuin+5+2RGZzQ4ZGEMBMQE7B1+RBC/Bh8G9FjFoUQEKXwwPQ/21K +BoBlSdQvB52GWWtbnrwMRopi2sAirxNsDZ1UXkZTparygETHB273sEw3XDEIoDff +ijWSPIyRL2RP06DrlbNKnvesJa0GE1zdvdVrdI3Hxaa0iSf9t8Ikp2qzZObmMZE1 +/A4VFDjWObDEssHIx+0l17CpuaBwM0KQhjMq2NWKAuarjZLWrrQd6WwipS8aSEgr +XLgwAUsnGtPPIXern7xVNC6fAysXC8NEjqiUrpKimjPAjg== -----END CERTIFICATE----- -- cgit v1.2.3