From 92f9db17466c4e28998a5cf849c7a861093eff23 Mon Sep 17 00:00:00 2001 From: Yiming Jing Date: Mon, 10 Sep 2018 11:32:23 -0700 Subject: tests/certs: rebuild certs with 2048-bit RSA keys The previous test certificates contained RSA keys of only 1024 bits. However, RSA claims that 1024-bit RSA keys are likely to become crackable some time before 2010. The NIST recommends at least 2048-bit keys for RSA for now. Better use full 2048 also for testing. Closes #2973 --- tests/certs/Server-localhost0h-sv.pem | 138 ++++++++++++++++++++-------------- 1 file changed, 81 insertions(+), 57 deletions(-) (limited to 'tests/certs/Server-localhost0h-sv.pem') diff --git a/tests/certs/Server-localhost0h-sv.pem b/tests/certs/Server-localhost0h-sv.pem index a953370e6..32d87c4f3 100644 --- a/tests/certs/Server-localhost0h-sv.pem +++ b/tests/certs/Server-localhost0h-sv.pem @@ -25,49 +25,70 @@ commonName_value = localhost # the certificate # some dhparam -----BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQDjx1L7fQKxpwtMLaYqsFdrXgv5nkvn0KxVQ0f6seD8sGMwhDH1 -lUSQmrciAW/HFxa+WhnuRzWQpV4nuoZHO8Vj0vLGodusvrEvTMKYhhly1fkSRQm8 -I+IA6026mXG1SvtJjE3zC07PSHvIBjeSNf+7T+qYrxOsqM2fp+B42xW8OwIDAQAB -AoGAHdkk2qfLDpShOl5RBA8PpZYxY4iG0d3ad2HVsNhWb0Z9+QGZumDRF1Hu5Zni -l+hCprcP5tWWA1poODSNHBCNEQRYZcHrfZlh+sDiV6ZmexBg7x9D5azyRbn20vr1 -79UxmisRxnDQQHCfOmgZtgs1EZXnFOs0OotoZAHFr+GLtQECQQD+R2TaWMCEPKJc -IswGBqLGL8cyy+v2d5Glt5l+xzb/KCdY9cbOR/B9wq//0Nvqyiq1I1jUBVw9NJi/ -eBx/OYxhAkEA5VIC6uMpIck0Qxpbj7/H3k2pBf1HROgmLEq+cVLFgY62CIpTgleO -SAzTmn0vDXir0jQHJn+JTokvn0PxyNquGwJBAJW+77rSl5WIq8j8yRAnakayrmnQ -w8ZjBggExsVthorfV8TBAPJMVWmKdOF/W3O62UnRZid+fKKize28S3P1LSECQDF8 -3FJSSWsYH6YnhwDjkz9fJQ281eeB7dL7IlQUV7kY0iHPsCvdtz/HPNcHEuNmWjYX -sj9VoI0JP/Sv1frRbmcCQDPaeWowPGf1Xtj0oTSlA6KQsKZPO7t15nivgX/AnZWQ -01l8q6GPHeYwyG/caD3BZwAavsVLg9nhKx0lf0wExM0= +MIIEpQIBAAKCAQEA+wZDhY2h64KAmUK2Vmx7tUK4gSvHyBAT8YKX/OcTnOsh7g7j +cZjE+rUbrwnwSvUsX/AGhLY5/FT6E9AK8+W2mDAfftn9X9jEDTBYRv822V8OOyor +UedIps8yZO1mAwWeuJUiU6XKRzOl+RB811Pa25v8t/nd7MtXBdVJToDolDQ32XT1 +x05yizuA6yLu5lsHIz2qY1vAychfzF8DekZHUDRmInMlfDOa8DxG/E5OpNi49iIQ +u59N3AcO9SwFcPKX9EHnw8fRwrRnYNGTvltC5nP0C2SAPG5PK1x+g9NSnVVx825Y +MNmHUPJMHEDkK+LEGzGMLFRuTEN2JHNTur3TOwIDAQABAoIBAQCEDHB6kd3KkNTr +Sl+2qMyOtnFuacRnZqXHFuazAC+eDUbE/woAWNfN9nWAp57DH6PfN9mF+IIaTe1b +fMY2NPHPrwjyZuPVhqbjNTpK5rhIsqs+zlkJdbwPG9GrrAJMtqke+jybegwlVnMJ +yPWTJCZt/el8MjHe/bxicidk54TxaFf/0R/WPBmWpGBuIrUM7AhGqwdqgRu6qt20 +t3iVokQ6cS9IWDfVH8gr/u//u+lFiJtKeJgKFLwJWVAh9gmXOZH0TudTb7RfLwiF +lu2gU+QmPv0MjL9BX1hxKay/YLxU/CEkET0JJSSoxQbZAYMJnTAEqWM/zQr4hQVS +VPIUBKERAoGBAP5BhmgW+QJo+0zCQFV+OYbNCRjOmi5Tcg3Kzq7SLRVgril+grY6 +zxiAv43+SwgpTzp8eF5I3CW3QvCgYEST/eqFKx8U2envtnW5Q/f58rqhs141/UmJ +PQL8MUpmJtImAKG22jvFX3SIDFR0TAuEqRFTzlSAgGliQxQyBStG/jtZAoGBAPy/ +EHB7IRiFLQPpTFEv/BjEBXWoFrSovPwhnn08taARY8inp96fhA8aBFSMMVoAWJrP +n5CNcccr0WCNJADc7qs1B1so2eb4l7HVaw4isC+9G0XXHNMivI11pRqjVvmgHflS +R+4nsanUus/vmLzq21IgoFLv1nbEiBhob+SABnSzAoGBAJTt5MDL1AfpXmnTzsNF +MIUZTJ7PRdik4EXb6bzVN7sx6lI73GzJfc0ofQu7TE/3goULq6Xun6Un93njNwB0 +f2MDpgKKwCobU5EZeAqkyd0wIlSo4zhTvv0ko+qkc1DdGbmf1az1K7iiiDZf+Ls2 +daHEqTMuIgmYmRoXQpfa+cfhAoGAekST11Y5dHs4g6Pg34WvFuv9GCXwlgTrJ627 +1ioAUycWdoNkmjXg1M1pOt13Imr4civurSc/23I/H84nlKNMclZ88ISapTmtaMIt +v/DX+sAo6Whe8WTkgipfbLuH38qttWcwlO1u7RGULfNimEGlR92wsW6E+X+ptuUO +/CNS/DECgYEA9/mkiScC/gNBOCuYj233Heqe79+gVYrlNFKDKPdrUktLhX+CLpvG +JlKxSJgdA9li+6ttPtNMTJyS0dzoxTnPdFDcCJtrsHBZrJoQ+dz1Nic9EPepZRyv +m1n7HoNvFEnbV6bew3j98WtqSQ71R2BDc6mIAKnc3TmXQ+6LTmITAJQ= -----END RSA PRIVATE KEY----- Certificate: Data: Version: 3 (0x2) - Serial Number: 14269504311662 (0xcfa60bc516e) + Serial Number: 15361883858469 (0xdf8b7a16625) Signature Algorithm: sha1WithRSAEncryption Issuer: countryName = NN organizationName = Edel Curl Arctic Illudium Research Cloud commonName = Northern Nowhere Trust Anchor Validity - Not Before: Mar 21 15:07:11 2015 GMT - Not After : Jun 7 15:07:11 2023 GMT + Not Before: Sep 5 22:59:45 2018 GMT + Not After : Nov 22 22:59:45 2026 GMT Subject: countryName = NN organizationName = Edel Curl Arctic Illudium Research Cloud commonName = localhost Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) + Public-Key: (2048 bit) Modulus: - 00:e3:c7:52:fb:7d:02:b1:a7:0b:4c:2d:a6:2a:b0: - 57:6b:5e:0b:f9:9e:4b:e7:d0:ac:55:43:47:fa:b1: - e0:fc:b0:63:30:84:31:f5:95:44:90:9a:b7:22:01: - 6f:c7:17:16:be:5a:19:ee:47:35:90:a5:5e:27:ba: - 86:47:3b:c5:63:d2:f2:c6:a1:db:ac:be:b1:2f:4c: - c2:98:86:19:72:d5:f9:12:45:09:bc:23:e2:00:eb: - 4d:ba:99:71:b5:4a:fb:49:8c:4d:f3:0b:4e:cf:48: - 7b:c8:06:37:92:35:ff:bb:4f:ea:98:af:13:ac:a8: - cd:9f:a7:e0:78:db:15:bc:3b + 00:fb:06:43:85:8d:a1:eb:82:80:99:42:b6:56:6c: + 7b:b5:42:b8:81:2b:c7:c8:10:13:f1:82:97:fc:e7: + 13:9c:eb:21:ee:0e:e3:71:98:c4:fa:b5:1b:af:09: + f0:4a:f5:2c:5f:f0:06:84:b6:39:fc:54:fa:13:d0: + 0a:f3:e5:b6:98:30:1f:7e:d9:fd:5f:d8:c4:0d:30: + 58:46:ff:36:d9:5f:0e:3b:2a:2b:51:e7:48:a6:cf: + 32:64:ed:66:03:05:9e:b8:95:22:53:a5:ca:47:33: + a5:f9:10:7c:d7:53:da:db:9b:fc:b7:f9:dd:ec:cb: + 57:05:d5:49:4e:80:e8:94:34:37:d9:74:f5:c7:4e: + 72:8b:3b:80:eb:22:ee:e6:5b:07:23:3d:aa:63:5b: + c0:c9:c8:5f:cc:5f:03:7a:46:47:50:34:66:22:73: + 25:7c:33:9a:f0:3c:46:fc:4e:4e:a4:d8:b8:f6:22: + 10:bb:9f:4d:dc:07:0e:f5:2c:05:70:f2:97:f4:41: + e7:c3:c7:d1:c2:b4:67:60:d1:93:be:5b:42:e6:73: + f4:0b:64:80:3c:6e:4f:2b:5c:7e:83:d3:52:9d:55: + 71:f3:6e:58:30:d9:87:50:f2:4c:1c:40:e4:2b:e2: + c4:1b:31:8c:2c:54:6e:4c:43:76:24:73:53:ba:bd: + d3:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Alternative Name: @@ -77,45 +98,48 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Subject Key Identifier: - 23:D7:CE:D8:B2:D0:F8:8E:3C:82:26:6C:F1:F5:2A:8A:48:90:58:66 + F6:C8:BF:09:CC:68:B9:BF:C3:5F:17:6B:2D:5D:68:85:B2:DE:4F:A4 X509v3 Authority Key Identifier: keyid:12:CA:BA:4B:46:04:A7:75:8A:2C:E8:0E:54:94:BC:12:65:A6:7B:CE X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha1WithRSAEncryption - 28:b9:77:ea:4a:8d:d6:a5:fb:72:5b:d6:cd:60:40:33:56:bf: - dd:23:ff:bf:e8:2e:10:cd:30:ab:24:a4:43:d8:98:71:e3:59: - 66:3e:38:bd:b8:fb:19:1a:13:8f:a1:c8:39:93:b5:83:8d:62: - 52:a9:7a:5b:0d:69:47:40:5c:51:4c:3a:be:a7:c9:5f:7b:93: - 49:20:59:23:30:7c:d9:4a:dd:29:2c:ed:96:fd:cb:b8:13:ff: - 36:2c:27:ce:28:c3:a6:d0:d8:ba:8c:38:9f:78:ff:54:c7:76: - 05:37:47:f5:d3:55:9c:2c:12:41:81:14:ca:48:a2:b7:6d:05: - 49:2b:c5:f5:7b:63:6d:6f:cd:3f:f4:8d:74:51:07:ff:e1:40: - d5:96:60:d8:c8:38:5a:15:f9:c5:fd:e1:5e:a3:02:95:90:4b: - fc:8a:42:de:72:31:72:3d:dd:a2:df:19:42:c8:fa:a8:77:11: - 67:e6:64:8c:d0:fd:45:fd:f0:49:8c:e1:85:e6:f5:1f:47:c6: - ae:f2:70:c3:e8:99:d0:cd:9d:88:6b:33:ba:b9:65:3d:f4:b1: - f4:d0:3c:76:9c:18:9e:9e:c8:62:29:43:8e:f7:2f:2c:12:37: - 39:02:26:4e:4b:b0:14:30:80:bb:2d:cc:fc:93:dc:c9:8b:c0: - 69:12:71:36 + 5b:ae:8a:4f:92:7f:db:eb:f6:76:94:83:e4:e2:65:83:ec:0b: + 42:d8:0b:53:3a:06:a7:67:91:23:3e:d6:e3:ed:20:80:9d:91: + 89:fa:d0:cf:2e:34:8c:48:5a:06:26:73:17:b9:27:3c:28:f2: + 82:9b:e4:6a:bc:10:86:de:ed:75:aa:9a:aa:59:1f:1b:dc:d4: + 2d:53:f1:65:fd:c6:92:16:40:fc:f3:5f:f0:7c:62:b1:a2:03: + 49:4a:e1:a8:c3:2d:90:a7:5a:99:b0:39:6e:b4:de:c9:68:e0: + 40:97:c2:6b:9f:0d:dd:73:c0:8c:54:db:cc:c9:c6:88:ec:54: + 52:62:f3:59:20:56:45:7e:f0:32:ce:a2:3c:06:64:37:e8:fa: + f4:b5:b5:bc:a9:df:28:0f:cb:69:4c:4a:19:6d:9b:51:24:a9: + d9:c0:d9:79:3a:96:64:9a:79:d8:5f:49:f6:50:44:d1:fd:0f: + 2a:5d:54:27:e2:38:7b:f3:bd:52:b7:09:b2:40:dc:6f:48:d6: + 79:ce:44:c6:55:74:f5:25:d8:6c:57:0d:f5:eb:b3:3d:ca:66: + 89:f5:b0:10:61:74:0c:d6:65:4e:3e:0d:1a:0b:55:61:e8:c6: + c8:01:ea:85:3e:7d:67:5c:a5:9f:e6:04:f5:dc:5d:54:21:c8: + 41:73:48:75 -----BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgIGDPpgvFFuMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNVBAYT +MIIDxTCCAq2gAwIBAgIGDfi3oWYlMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNVBAYT Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo IENsb3VkMSYwJAYDVQQDDB1Ob3J0aGVybiBOb3doZXJlIFRydXN0IEFuY2hvcjAe -Fw0xNTAzMjExNTA3MTFaFw0yMzA2MDcxNTA3MTFaMFQxCzAJBgNVBAYTAk5OMTEw +Fw0xODA5MDUyMjU5NDVaFw0yNjExMjIyMjU5NDVaMFQxCzAJBgNVBAYTAk5OMTEw LwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNoIENsb3Vk -MRIwEAYDVQQDDAlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB -AOPHUvt9ArGnC0wtpiqwV2teC/meS+fQrFVDR/qx4PywYzCEMfWVRJCatyIBb8cX -Fr5aGe5HNZClXie6hkc7xWPS8sah26y+sS9MwpiGGXLV+RJFCbwj4gDrTbqZcbVK -+0mMTfMLTs9Ie8gGN5I1/7tP6pivE6yozZ+n4HjbFbw7AgMBAAGjgYgwgYUwFgYD -VR0RBA8wDYILbG9jYWxob3N0AGgwCwYDVR0PBAQDAgOoMBMGA1UdJQQMMAoGCCsG -AQUFBwMBMB0GA1UdDgQWBBQj187YstD4jjyCJmzx9SqKSJBYZjAfBgNVHSMEGDAW -gBQSyrpLRgSndYos6A5UlLwSZaZ7zjAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUA -A4IBAQAouXfqSo3WpftyW9bNYEAzVr/dI/+/6C4QzTCrJKRD2Jhx41lmPji9uPsZ -GhOPocg5k7WDjWJSqXpbDWlHQFxRTDq+p8lfe5NJIFkjMHzZSt0pLO2W/cu4E/82 -LCfOKMOm0Ni6jDifeP9Ux3YFN0f101WcLBJBgRTKSKK3bQVJK8X1e2Ntb80/9I10 -UQf/4UDVlmDYyDhaFfnF/eFeowKVkEv8ikLecjFyPd2i3xlCyPqodxFn5mSM0P1F -/fBJjOGF5vUfR8au8nDD6JnQzZ2IazO6uWU99LH00Dx2nBienshiKUOO9y8sEjc5 -AiZOS7AUMIC7Lcz8k9zJi8BpEnE2 +MRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQD7BkOFjaHrgoCZQrZWbHu1QriBK8fIEBPxgpf85xOc6yHuDuNxmMT6tRuv +CfBK9Sxf8AaEtjn8VPoT0Arz5baYMB9+2f1f2MQNMFhG/zbZXw47KitR50imzzJk +7WYDBZ64lSJTpcpHM6X5EHzXU9rbm/y3+d3sy1cF1UlOgOiUNDfZdPXHTnKLO4Dr +Iu7mWwcjPapjW8DJyF/MXwN6RkdQNGYicyV8M5rwPEb8Tk6k2Lj2IhC7n03cBw71 +LAVw8pf0QefDx9HCtGdg0ZO+W0Lmc/QLZIA8bk8rXH6D01KdVXHzblgw2YdQ8kwc +QOQr4sQbMYwsVG5MQ3Ykc1O6vdM7AgMBAAGjgYgwgYUwFgYDVR0RBA8wDYILbG9j +YWxob3N0AGgwCwYDVR0PBAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1Ud +DgQWBBT2yL8JzGi5v8NfF2stXWiFst5PpDAfBgNVHSMEGDAWgBQSyrpLRgSndYos +6A5UlLwSZaZ7zjAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQBbropPkn/b +6/Z2lIPk4mWD7AtC2AtTOganZ5EjPtbj7SCAnZGJ+tDPLjSMSFoGJnMXuSc8KPKC +m+RqvBCG3u11qpqqWR8b3NQtU/Fl/caSFkD881/wfGKxogNJSuGowy2Qp1qZsDlu +tN7JaOBAl8Jrnw3dc8CMVNvMycaI7FRSYvNZIFZFfvAyzqI8BmQ36Pr0tbW8qd8o +D8tpTEoZbZtRJKnZwNl5OpZkmnnYX0n2UETR/Q8qXVQn4jh7871StwmyQNxvSNZ5 +zkTGVXT1JdhsVw3167M9ymaJ9bAQYXQM1mVOPg0aC1Vh6MbIAeqFPn1nXKWf5gT1 +3F1UIchBc0h1 -----END CERTIFICATE----- -- cgit v1.2.3