Browse Source

Fix CNs for agent keys; can't be the same as CA's CN

Also add makefile for easy tweaking.
v0.7.4-release
Ryan Dahl 14 years ago
parent
commit
ee5366a410
  1. 83
      test/fixtures/keys/Makefile
  2. 22
      test/fixtures/keys/agent1-cert.pem
  3. 14
      test/fixtures/keys/agent1-csr.pem
  4. 14
      test/fixtures/keys/agent1-key.pem
  5. 19
      test/fixtures/keys/agent1.cnf
  6. 19
      test/fixtures/keys/agent2-cert.pem
  7. 14
      test/fixtures/keys/agent2-csr.pem
  8. 14
      test/fixtures/keys/agent2-key.pem
  9. 19
      test/fixtures/keys/agent2.cnf
  10. 22
      test/fixtures/keys/agent3-cert.pem
  11. 14
      test/fixtures/keys/agent3-csr.pem
  12. 14
      test/fixtures/keys/agent3-key.pem
  13. 19
      test/fixtures/keys/agent3.cnf
  14. 26
      test/fixtures/keys/ca1-cert.pem
  15. 2
      test/fixtures/keys/ca1-cert.srl
  16. 30
      test/fixtures/keys/ca1-key.pem
  17. 20
      test/fixtures/keys/ca1.cnf
  18. 26
      test/fixtures/keys/ca2-cert.pem
  19. 2
      test/fixtures/keys/ca2-cert.srl
  20. 30
      test/fixtures/keys/ca2-key.pem
  21. 20
      test/fixtures/keys/ca2.cnf
  22. 49
      test/fixtures/keys/cmds.txt

83
test/fixtures/keys/Makefile

@ -0,0 +1,83 @@
all: agent1-cert.pem agent2-cert.pem agent3-cert.pem
#
# Create Certificate Authority: ca1
# ('password' is used for the CA password.)
#
ca1-cert.pem: ca1.cnf
openssl req -new -x509 -config ca1.cnf -keyout ca1-key.pem -out ca1-cert.pem
#
# Create Certificate Authority: ca2
# ('password' is used for the CA password.)
#
ca2-cert.pem: ca2.cnf
openssl req -new -x509 -config ca2.cnf -keyout ca2-key.pem -out ca2-cert.pem
#
# agent1 is signed by ca1.
#
agent1-key.pem:
openssl genrsa -out agent1-key.pem
agent1-csr.pem: agent1.cnf agent1-key.pem
openssl req -new -config agent1.cnf -key agent1-key.pem -out agent1-csr.pem
agent1-cert.pem: agent1-csr.pem ca1-cert.pem ca1-key.pem
openssl x509 -req \
-passin "pass:password" \
-in agent1-csr.pem \
-CA ca1-cert.pem \
-CAkey ca1-key.pem \
-CAcreateserial \
-out agent1-cert.pem
#
# agent2 has a self signed cert
#
# Generate new private key
agent2-key.pem:
openssl genrsa -out agent2-key.pem
# Create a Certificate Signing Request for the key
agent2-csr.pem: agent2-key.pem agent2.cnf
openssl req -new -config agent2.cnf -key agent2-key.pem -out agent2-csr.pem
# Create a Certificate for the agent.
agent2-cert.pem: agent2-csr.pem agent2-key.pem
openssl x509 -req \
-in agent2-csr.pem \
-signkey agent2-key.pem \
-out agent2-cert.pem
#
# agent3 is signed by ca2.
#
agent3-key.pem:
openssl genrsa -out agent3-key.pem
agent3-csr.pem: agent3.cnf agent3-key.pem
openssl req -new -config agent3.cnf -key agent3-key.pem -out agent3-csr.pem
agent3-cert.pem: agent3-csr.pem ca2-cert.pem ca2-key.pem
openssl x509 -req \
-passin "pass:password" \
-in agent3-csr.pem \
-CA ca2-cert.pem \
-CAkey ca2-key.pem \
-CAcreateserial \
-out agent3-cert.pem
# TODO: agent on CRL
clean:
rm -f *.pem *.srl
.PHONY: all clean

22
test/fixtures/keys/agent1-cert.pem

@ -1,12 +1,14 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIBvTCCASYCCQCvwklkWmMPbzANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJB MIICKjCCAZMCCQDhbs1HhtVdmzANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJV
VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0 UzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQKEwZKb3llbnQxEDAO
cyBQdHkgTHRkMB4XDTEwMTIwNjA0MTgzMFoXDTExMDEwNTA0MTgzMFowRTELMAkG BgNVBAsTB05vZGUuanMxDDAKBgNVBAMTA2NhMTEgMB4GCSqGSIb3DQEJARYRcnlA
A1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0 dGlueWNsb3Vkcy5vcmcwHhcNMTAxMjA4MDAzNjA1WhcNMTEwMTA3MDAzNjA1WjB9
IFdpZGdpdHMgUHR5IEx0ZDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQD9JxFi0amR MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQK
7dROTGDs1dUFYWfAp6Z7LvkTnRtFHBBNdk2TCSC1Zz8SLxMVIlfyT08GW/vNVxyH EwZKb3llbnQxEDAOBgNVBAsTB05vZGUuanMxDzANBgNVBAMTBmFnZW50MTEgMB4G
ExtfhS86o/kdAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAT70viMg4+FYnhEAkAISs CSqGSIb3DQEJARYRcnlAdGlueWNsb3Vkcy5vcmcwXDANBgkqhkiG9w0BAQEFAANL
uXh8D3SqCGsVqaiQP/6jZGAbLfX1QrbI/SAnaCrLX5pjsb5oBfv1tMbF3MBeYC2q ADBIAkEAp36z1wNzmlDDZyjh9F5AAzqdfrdzIU9IpOkl7hsRxtzntpmpluUgkUDd
SJz/tzUc8FaP3l8mUM8UuPNTo1iNBUmR0VfliC4lE5Lvh39EbqGs630mmScHYLCW bmbl8IHN4urY1mYhrhDtV5j93NJuiwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAJ2q
WA518TIEw1K8CsrkYu63Ueo= 4FRRI6BlcJPOjL4jxGIeQqzhsO4ZIfpMXJQCiM4IoTnh20jNV0WMBbVaFxLWePAZ
y8MI8TQqUUupJW2LAKu5UaYaaoydyCTgkGQxOZpxmqXL/VAD2nyveG24abjzWMki
bNNfGbMOb1B6HSWRVNs5MCQ1qlPSxkkkzCG7DbQ6
-----END CERTIFICATE----- -----END CERTIFICATE-----

14
test/fixtures/keys/agent1-csr.pem

@ -1,8 +1,10 @@
-----BEGIN CERTIFICATE REQUEST----- -----BEGIN CERTIFICATE REQUEST-----
MIH/MIGqAgEAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw MIIBXTCCAQcCAQAwfTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQswCQYDVQQH
HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwXDANBgkqhkiG9w0BAQEF EwJTRjEPMA0GA1UEChMGSm95ZW50MRAwDgYDVQQLEwdOb2RlLmpzMQ8wDQYDVQQD
AANLADBIAkEA/ScRYtGpke3UTkxg7NXVBWFnwKemey75E50bRRwQTXZNkwkgtWc/ EwZhZ2VudDExIDAeBgkqhkiG9w0BCQEWEXJ5QHRpbnljbG91ZHMub3JnMFwwDQYJ
Ei8TFSJX8k9PBlv7zVcchxMbX4UvOqP5HQIDAQABoAAwDQYJKoZIhvcNAQEFBQAD KoZIhvcNAQEBBQADSwAwSAJBAKd+s9cDc5pQw2co4fReQAM6nX63cyFPSKTpJe4b
QQC0NPuOJB+Ustg8uBUKq0btzWii2vNWlmcDR5E9gf/egVRndSNMB+KWZtNiBe0g Ecbc57aZqZblIJFA3W5m5fCBzeLq2NZmIa4Q7VeY/dzSbosCAwEAAaAlMCMGCSqG
Z/0TM0zIty4gBCTBahpkd0yw SIb3DQEJBzEWExRBIGNoYWxsZW5nZSBwYXNzd29yZDANBgkqhkiG9w0BAQUFAANB
AIcMDWFjs3iPXxSy/mYibIFlYJzqXfJqeZ9uMnNc6M5fYtb+p6cqIzEArpM0v3eX
oaRGwAyprMKvDDcTaqGsE9g=
-----END CERTIFICATE REQUEST----- -----END CERTIFICATE REQUEST-----

14
test/fixtures/keys/agent1-key.pem

@ -1,9 +1,9 @@
-----BEGIN RSA PRIVATE KEY----- -----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBAP0nEWLRqZHt1E5MYOzV1QVhZ8Cnpnsu+ROdG0UcEE12TZMJILVn MIIBOwIBAAJBAKd+s9cDc5pQw2co4fReQAM6nX63cyFPSKTpJe4bEcbc57aZqZbl
PxIvExUiV/JPTwZb+81XHIcTG1+FLzqj+R0CAwEAAQJAfDTd7+lE1KenAh+xcqJb IJFA3W5m5fCBzeLq2NZmIa4Q7VeY/dzSbosCAwEAAQJADwHbOzij8v+pgmS3Wh3X
2T74Y+sd4NSkOr5bseXaDdai2tBTLg+WFSuNYz6+Ots/22JTcWWMR2J86IfFNiGJ vnJSCjiFqEZiS+RX8a2bOiYLtGVAW1BZyjYca/mLx/3n8j/8MOr69LaGr5Re6uDE
4QIhAP/44ymsR9QjN0XOfaKI994jlbnGhp4HMN1PFUkhA711AiEA/S4aKosF/NxP AQIhANo4oGEgqCKs2C4mKoHKCt/NhFrh5rJBwK0jcBCl1xBhAiEAxH3unNcqog2R
LJeFyFrdJcnclUoe2GByJqpXmkKfEAkCIQC+gfZPpbEv6aXRhoVq2pXf9owQ3/iA jQLrIzYV+TzQllRyXJpJedWCRzsuVmsCIAiM/3vO08fIDhCA3lmHmTV70BvfjjKd
1MlBbQJikve9oQIgBV6q82gLcneBvmJgVgWHVzvWz9vIl7JD+Yn3XbA4C3ECIGjp 8PbX1KRSW0MBAiEAlVn7Qq+xsheKKJqtS8hSj22QRpPNkWGcs8R8D9SF9h0CIQDZ
eu/FQAYgB5y1DpwWejth/iva2OTg8j65ze524S62 6JntMVqXfAdf/PRBl1MiL1d5OE03HT+axtZs7fh2bA==
-----END RSA PRIVATE KEY----- -----END RSA PRIVATE KEY-----

19
test/fixtures/keys/agent1.cnf

@ -0,0 +1,19 @@
[ req ]
default_bits = 1024
days = 36500
distinguished_name = req_distinguished_name
attributes = req_attributes
prompt = no
[ req_distinguished_name ]
C = US
ST = CA
L = SF
O = Joyent
OU = Node.js
CN = agent1
emailAddress = ry@tinyclouds.org
[ req_attributes ]
challengePassword = A challenge password

19
test/fixtures/keys/agent2-cert.pem

@ -1,10 +1,13 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIBfDCCASYCCQCojwzqgiZi4jANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJB MIIB7DCCAZYCCQCfu9uLnwttiDANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJV
VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0 UzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQKEwZKb3llbnQxEDAO
cyBQdHkgTHRkMB4XDTEwMTIwNjA0MTg0N1oXDTExMDEwNTA0MTg0N1owRTELMAkG BgNVBAsTB05vZGUuanMxDzANBgNVBAMTBmFnZW50MjEgMB4GCSqGSIb3DQEJARYR
A1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0 cnlAdGlueWNsb3Vkcy5vcmcwHhcNMTAxMjA4MDAzNjA1WhcNMTEwMTA3MDAzNjA1
IFdpZGdpdHMgUHR5IEx0ZDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDjl3L8IstA WjB9MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYD
r6OakBtAh9WRpnhqzfdAgbSIAX43jr/uxovu9S9TNc9qK0WyMAbJVePHuRwDtgTr VQQKEwZKb3llbnQxEDAOBgNVBAsTB05vZGUuanMxDzANBgNVBAMTBmFnZW50MjEg
957EUd4LLGUzAgMBAAEwDQYJKoZIhvcNAQEFBQADQQCN78Y26RpPlfDm5uDSoAgU MB4GCSqGSIb3DQEJARYRcnlAdGlueWNsb3Vkcy5vcmcwXDANBgkqhkiG9w0BAQEF
hY09yDWKp0he03SH3V5AW/WMwT6Q6K2+ATK4g/W8f8+ZmS3FIff7Atcc6to3Lez7 AANLADBIAkEAzkrVOgCgjlkBUGL/McQfvNlmvYRaP6tuI0fmTpFc9ZIMts+aH2hQ
zzKdpaVE57PxV/nQRs/yzOii04qyPty0hwIDAQABMA0GCSqGSIb3DQEBBQUAA0EA
SOqMN7d4hkO1kqWhJS6QrFt+LVLsRE2gRMwoSiQg8THGW6RMImbtRZFSLSXyXKle
SefMl2JK/1Ur/1L8BFMOSg==
-----END CERTIFICATE----- -----END CERTIFICATE-----

14
test/fixtures/keys/agent2-csr.pem

@ -1,8 +1,10 @@
-----BEGIN CERTIFICATE REQUEST----- -----BEGIN CERTIFICATE REQUEST-----
MIH/MIGqAgEAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw MIIBXTCCAQcCAQAwfTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQswCQYDVQQH
HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwXDANBgkqhkiG9w0BAQEF EwJTRjEPMA0GA1UEChMGSm95ZW50MRAwDgYDVQQLEwdOb2RlLmpzMQ8wDQYDVQQD
AANLADBIAkEA45dy/CLLQK+jmpAbQIfVkaZ4as33QIG0iAF+N46/7saL7vUvUzXP EwZhZ2VudDIxIDAeBgkqhkiG9w0BCQEWEXJ5QHRpbnljbG91ZHMub3JnMFwwDQYJ
aitFsjAGyVXjx7kcA7YE6/eexFHeCyxlMwIDAQABoAAwDQYJKoZIhvcNAQEFBQAD KoZIhvcNAQEBBQADSwAwSAJBAM5K1ToAoI5ZAVBi/zHEH7zZZr2EWj+rbiNH5k6R
QQC0HpucL+WqX0AkP5y/644GyTjrq1rxsoWm0708pAdInMjBTNQicjVfFWcoTTQA XPWSDLbPmh9oUM8ynaWlROez8Vf50EbP8szootOKsj7ctIcCAwEAAaAlMCMGCSqG
zPQBqOuEsNtktcJyYfryhtWW SIb3DQEJBzEWExRBIGNoYWxsZW5nZSBwYXNzd29yZDANBgkqhkiG9w0BAQUFAANB
AJQ5mJG5IhKbA9dwielTqkfYM2St8pXnq+z2L2QfgHvkY3fk67+eZA8/0oplWmgD
dnrWYMILwpGxDwzFBbBvoc4=
-----END CERTIFICATE REQUEST----- -----END CERTIFICATE REQUEST-----

14
test/fixtures/keys/agent2-key.pem

@ -1,9 +1,9 @@
-----BEGIN RSA PRIVATE KEY----- -----BEGIN RSA PRIVATE KEY-----
MIIBPAIBAAJBAOOXcvwiy0Cvo5qQG0CH1ZGmeGrN90CBtIgBfjeOv+7Gi+71L1M1 MIIBOwIBAAJBAM5K1ToAoI5ZAVBi/zHEH7zZZr2EWj+rbiNH5k6RXPWSDLbPmh9o
z2orRbIwBslV48e5HAO2BOv3nsRR3gssZTMCAwEAAQJBAMlC7dEgZ8NNTw1o8GCR UM8ynaWlROez8Vf50EbP8szootOKsj7ctIcCAwEAAQJBAIaPEV5wIko3jD/fEw5n
foCtyQESINtvmBlJ0LcKypo4WLb2OkI2T/kG8mnoiUM2GyTf8MMGh7V5DeZskh3L GzyXoghkWGnHbGPe9j6xWq1ilb6ccna83XC+CruZssC5WkQXGT2fUWt5+JiD11ZV
pNkCIQD89pQtqNsDxC/vujdDIlT/0gHhUOZsnIXHZpYv+fzJfQIhAOZS5ZjkNpvb KIECIQD6NXfuJVGJMeZrJWhJDSJTEl9jkI3+TSkGPd2cOSv11wIhANMRJrPjAEL4
YcTqpk2HNgu0wFW0nKJ5bnFaTaPjY6hvAiBoDsrPqYlGmFqbw79d126duXbah9vx Oz2hPqWCAk41NdUZwrcinh+BEqEcrwDRAiEA5VczKbdNKErz4Ew2bZc7WheiFZn/
y8VgTDv1ymEJRQIhAJuWHhD1AMqyHM53sFWo4+JufIqo0jKTEv8xgEcYgSazAiEA fRPuwYjdY3/H+psCICW2hNHTl7JfpEYoz4bHKh5LR6kiBzatys8aQvfipiphAiBF
hWqzWF/qpQ/JT/QaNE6agQWV6MydGAce56EGcpp22mA= HzX9wFNGiPp1VzmTvKeKNOsIjIkWO4umT26tW3RQVA==
-----END RSA PRIVATE KEY----- -----END RSA PRIVATE KEY-----

19
test/fixtures/keys/agent2.cnf

@ -0,0 +1,19 @@
[ req ]
default_bits = 1024
days = 36500
distinguished_name = req_distinguished_name
attributes = req_attributes
prompt = no
[ req_distinguished_name ]
C = US
ST = CA
L = SF
O = Joyent
OU = Node.js
CN = agent2
emailAddress = ry@tinyclouds.org
[ req_attributes ]
challengePassword = A challenge password

22
test/fixtures/keys/agent3-cert.pem

@ -1,12 +1,14 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIBvTCCASYCCQDXXCDdhOcSNTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJB MIICKjCCAZMCCQDc0bGBDDbJTjANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJV
VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0 UzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQKEwZKb3llbnQxEDAO
cyBQdHkgTHRkMB4XDTEwMTIwNjA0NDMwOVoXDTExMDEwNTA0NDMwOVowRTELMAkG BgNVBAsTB05vZGUuanMxDDAKBgNVBAMTA2NhMjEgMB4GCSqGSIb3DQEJARYRcnlA
A1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0 dGlueWNsb3Vkcy5vcmcwHhcNMTAxMjA4MDAzNjA1WhcNMTEwMTA3MDAzNjA1WjB9
IFdpZGdpdHMgUHR5IEx0ZDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDNOPrBqq2b MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQK
/gxs0WELdkSHvAkjJdEjuWia2Q+FI3v5asDXj6w4t+ZY46m6D3PCgTZ9FJmZjUH2 EwZKb3llbnQxEDAOBgNVBAsTB05vZGUuanMxDzANBgNVBAMTBmFnZW50MzEgMB4G
prGyMbBS3Uf9AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAabTyzBk4tlG08+FTZtdb CSqGSIb3DQEJARYRcnlAdGlueWNsb3Vkcy5vcmcwXDANBgkqhkiG9w0BAQEFAANL
5bDELkPVHNCQapQVsKYqnnKzt3xLjIOEoSa67pKXm2gcupiVYOmC0Pz76pZinRhH ADBIAkEArqF8nrro0iDtngOg1xgUCAVT9s7HUV5+vuqm1ymeZ5AdGZoyOLkW9iEk
IJ8gVp7dhv0sdog6+VMfrMTlR7gUEu7gQHF69ras7oswPV/kNH4YVljqUQpVDs+4 DtMAx3Ua+i8KJ1wWiWqowXCgynWmlwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAOC0
VgOaivgOfhPZb4H5tz/P1Ms= oSOorjHv45jKcXeSEk8imp+q4MyBJHiQ6jT0r+Mth+JmzsEodsH6pblb1U5RLqMY
yyd+z/c848CaftKvrs+kHFZUE2HpkdFm9kf3DZwFHFlMf5DYV5vipo5mzv4jajXZ
SToE52xsLWbpCR762+uWMBAqTUqCkZY342bTs3ji
-----END CERTIFICATE----- -----END CERTIFICATE-----

14
test/fixtures/keys/agent3-csr.pem

@ -1,8 +1,10 @@
-----BEGIN CERTIFICATE REQUEST----- -----BEGIN CERTIFICATE REQUEST-----
MIH/MIGqAgEAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw MIIBXTCCAQcCAQAwfTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQswCQYDVQQH
HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwXDANBgkqhkiG9w0BAQEF EwJTRjEPMA0GA1UEChMGSm95ZW50MRAwDgYDVQQLEwdOb2RlLmpzMQ8wDQYDVQQD
AANLADBIAkEAzTj6waqtm/4MbNFhC3ZEh7wJIyXRI7lomtkPhSN7+WrA14+sOLfm EwZhZ2VudDMxIDAeBgkqhkiG9w0BCQEWEXJ5QHRpbnljbG91ZHMub3JnMFwwDQYJ
WOOpug9zwoE2fRSZmY1B9qaxsjGwUt1H/QIDAQABoAAwDQYJKoZIhvcNAQEFBQAD KoZIhvcNAQEBBQADSwAwSAJBAK6hfJ666NIg7Z4DoNcYFAgFU/bOx1Fefr7qptcp
QQCsta4frzeUIkZrqt3EEG9cAI1FTGphl/5bA0fYpIlZOanR5V6kKPG6mgXiHDaN nmeQHRmaMji5FvYhJA7TAMd1GvovCidcFolqqMFwoMp1ppcCAwEAAaAlMCMGCSqG
r46fwkE/AKS7mnIz6XGzXfCn SIb3DQEJBzEWExRBIGNoYWxsZW5nZSBwYXNzd29yZDANBgkqhkiG9w0BAQUFAANB
AGlqt2SpEzYedu/Ouly8TcnQP8X1rHu2CF82Z1ayFHpkpcI86gsIC0OPV8Ju+lKK
nISkKqKmcqbLbWOLbWex/xo=
-----END CERTIFICATE REQUEST----- -----END CERTIFICATE REQUEST-----

14
test/fixtures/keys/agent3-key.pem

@ -1,9 +1,9 @@
-----BEGIN RSA PRIVATE KEY----- -----BEGIN RSA PRIVATE KEY-----
MIIBOwIBAAJBAM04+sGqrZv+DGzRYQt2RIe8CSMl0SO5aJrZD4Uje/lqwNePrDi3 MIIBPAIBAAJBAK6hfJ666NIg7Z4DoNcYFAgFU/bOx1Fefr7qptcpnmeQHRmaMji5
5ljjqboPc8KBNn0UmZmNQfamsbIxsFLdR/0CAwEAAQJAT3v9KxtXCG76Ev95bb4N FvYhJA7TAMd1GvovCidcFolqqMFwoMp1ppcCAwEAAQJBAJTO20jPcTIOCS3LXbWs
xuCeTV2tRf/esvLVHwTiVHRBw3ZcU4VsIwarwQy/CkPwGtWT91AN/xAgvLptwwmE uPUUxTXdgo9d/JdnkYBr4KXSCepq3VCKlKZXJVG2q6VjYB+5fIbK2FgvMZZTQr+F
AQIhAOuymRnLkS795CluenO5ybuF53ro3S9wFBY9jYJX46L9AiEA3uZfEeNTUVYR /HECIQDYKCdh3DIgqjiEoKiaGfRi4QegI66ok6zH1u6OVZ2Q5QIhAM7R1VqCNVxe
dJ56zqUxfakguhF/ibHT/lXRgkpVyQECIQCuRk5h/l0JS/2KjP/J1dPN7kKsZMY3 nMuUbuYPAnx5J5P3VxH9hLLI1sxopa3LAiEAloPnYHJXCX3eWyQQIzY9gXjWuYD/
Lz4K+9RITkgo2QIgTABs5iKG5DLenM70vMUizOAAIrGYtRCHYi9M0ooaGgECIQDK Ru2F26XjeYNOc60CICWl+Oqi7UfFSVGd0Zo7fT5fZ5791XHG7pMFEGThX9eFAiEA
nWMUePU/NHBC2AYyp9KzF8ZEBIcItgppTeNtkdF7mw== q4Y+ao8ddoqMt31iaZklCLHFhWEokwKSI+3j99Nv3gU=
-----END RSA PRIVATE KEY----- -----END RSA PRIVATE KEY-----

19
test/fixtures/keys/agent3.cnf

@ -0,0 +1,19 @@
[ req ]
default_bits = 1024
days = 36500
distinguished_name = req_distinguished_name
attributes = req_attributes
prompt = no
[ req_distinguished_name ]
C = US
ST = CA
L = SF
O = Joyent
OU = Node.js
CN = agent3
emailAddress = ry@tinyclouds.org
[ req_attributes ]
challengePassword = A challenge password

26
test/fixtures/keys/ca1-cert.pem

@ -1,15 +1,15 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIICWDCCAcGgAwIBAgIJAPlzZCsvV/DFMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV MIICazCCAdQCCQD7SXMhxW/WUDANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX UzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQKEwZKb3llbnQxEDAO
aWRnaXRzIFB0eSBMdGQwHhcNMTAxMjA2MDQxNzA3WhcNMTEwMTA1MDQxNzA3WjBF BgNVBAsTB05vZGUuanMxDDAKBgNVBAMTA2NhMTEgMB4GCSqGSIb3DQEJARYRcnlA
MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 dGlueWNsb3Vkcy5vcmcwHhcNMTAxMjA4MDAzNjA1WhcNMTEwMTA3MDAzNjA1WjB6
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQK
gQC/HthOlERITtsUA7FJ0l/U4qFNLri6QKLRoHPn8tGRCXDg/jEAh/pwrycIjvA4 EwZKb3llbnQxEDAOBgNVBAsTB05vZGUuanMxDDAKBgNVBAMTA2NhMTEgMB4GCSqG
V66RatOhdxC7bGDC2FOjoofMNHTsdXoCoC9f9pNoU5BlLoal12V5gfL+AklJNJny SIb3DQEJARYRcnlAdGlueWNsb3Vkcy5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0A
lL15FnmiQdUThLGDhRM918bWQdJTRJ+dkyVlUink/5wlxQIDAQABo1AwTjAdBgNV MIGJAoGBAK67DomaNCo90scJAchWpd83XKtkYa3SlfWn9YQRmocSPI9lKO5NfrIs
HQ4EFgQU5LAV1SB/xh57MHsWgEwl8MpiDhYwHwYDVR0jBBgwFoAU5LAV1SB/xh57 Bd6Vt5C+AjeFFZ+zjsNSEYr95xmodlE83EtY16e3geSJc/qea0GPVD8HLOcvf0LD
MHsWgEwl8MpiDhYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAqgne5 RpLIUgQH6olvvRhU8xMUwPYThl175wDpDVsgjV3YY9a4RmC9eJGHAgMBAAEwDQYJ
uBwDiQaCuWkBHDw5WGtcvzqc0HIoQ+qopwfTxGNaLv0dZ7N3wGsGIqSh0OCMYgxA KoZIhvcNAQEFBQADgYEAj0L54Mva2/WbCO/cGfdnvxetuT0VK/Jo5/lsmPY78EkA
0Ku7hdL9faEHrq8f2T6yUUMMDcMLOJgFDESl/hip8jRdCZy45CWAJNpQ8PfshSkR cnGwjJlJNPyUYta7izjbUo0gDpHq6HsgeE9D8Qx4GZ152RW5nkN1rRHLVZ6QCyCQ
b/oae/TW79lT9Y5uzcV4YRwPFNU6RREuxq++hA== oO5cy2aZkOYRD5yNj9D7uUAKGwJVYo/6nTH4jd50LHGKsPwLQp/zhXyjPVrKZzQ=
-----END CERTIFICATE----- -----END CERTIFICATE-----

2
test/fixtures/keys/ca1-cert.srl

@ -1 +1 @@
AFC249645A630F6F E16ECD4786D55D9B

30
test/fixtures/keys/ca1-key.pem

@ -1,17 +1,17 @@
-----BEGIN ENCRYPTED PRIVATE KEY----- -----BEGIN ENCRYPTED PRIVATE KEY-----
MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIztmO4Z3hxi4CAggA MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIXKx2RfO0A+0CAggA
MBQGCCqGSIb3DQMHBAgUmHxBmTJBNASCAoCeXNS3EkxMoX4QuAT4BIQF/qgXBiOV MBQGCCqGSIb3DQMHBAi/V4ZO2/t54wSCAoDVHF80uFPqms1f9vuSkc66gd0PDLoi
rcO8D5fHCca8kolzxOyk0LduS327TL2CAjKSK9NmpsQzZRQOWlKasmsWHzBD8I34 2nR8KQaoE3QLNo/w+AFMY+ehoA+u70njv1TQEproJ9CJUt0DXuRcwN1vXEntrYKr
AWcSbtAL+GGAgnD7XwFUPYHNzWVad5mmDJPWtsQMkcx6plwvQLFFvUAL5nmRe4vE 4IowbzW6GcvPCu7jm6LUXk9sAQDK5Om4QnUb+/I12j6Nb//ylWpbOkyGmc0nifJK
5Brp88UvRp8wGzyBiotTzGbITdZEyKFLYVAni0KeApx2rqwAigmmWTqY2jXnUAxG wWgy0wV4chVLwM9rhE+bmFUDtBTUhFipPsjeg6ghyva98RnkyqWOYcYmKocwUZUU
zS8b9xy+aDya+UYQooFmYRLlQ8PlKl6B/zW/po/DJ38CofaSIR4zRWDs3lJrt4fL JZSz3Ip5nANWlNeHZOSrOiJBiMya6BfakWohh5owP8mQxVfxwog2AnjtvnpPNv6F
Q0hLJwz6ATRIOwGWxR2oQQ+1qgBr9Y4hhxk5tLSjDd0turiEwgul8cgJdHbshuan 9K6O/ThLe6cxVxDXzI9cM4HRcc2XFmzknIxBcCQELf2VGjU7FH+pf+TpN/4eTML2
sD7J3k3teo2u/fR0CmYCo42l3hnGkvYPOdoXYfXDz3804a4ZkZhnsRMl5oH66ElZ 5IsKxUjYBKiBabkyblrYe1kdFRkCCVWOEvir6sarvxYBddXZ+aWQjxupKwLjAU1w
MEmCY4t4VhsQTXleV1b6lK43vrKV+pSollrLvBKQhk3k+v0lq2wmBXsm4rB1vVv4 VNFPbgbjlgyqgC7y8eg7XSVom+VbtmhVCostL+aq8hXi4BzMBeF8iCobxa5zvlII
KDgdOD7ITYte3C+EvaEwbnqaUYfURAYeF+td0212/wiwFIYhicjrwzN2Cq0E29pj /F6srBdPq6CnaRnet77F69SnelDfskWClHr2DmFwv/+BnBORWnYQrZvqzPnXRoYC
23Vbe0JIwnpG6lfmzKVqmN3NT+e2e9G0zP7g3tDaWE4sUCcHxkgK7kmBryj272+j LYsGMbVMo62xiYby53ulnaxkYFQuUEMx3QrmZZ1zLLOXSLsTQtun5B+jCKtbhAmy
S4WClFgtSr/QJ/cNvU6Qlr8oO6EIG1rJuY1eLX/tHtbAwsDREXf612qtnFEXgFTA Rdho1oBfEbfEZEQwWLiVSe8Zu6JYqz+nP3JO1Lt+gjQJSoaN96i1DKgtbRoMg9t5
5QQmp02BPq2DCSJEOfQIN2LeaYJM0mFrotDCbtdS1Pje791CJq3C/+4h3gOye0br /6dymbixdRH6O1xy9fNQ6M5ACw1LnWPD/BzEeDCF6KQ+ZX4+AwYeC/h22XX2YymV
5QwiKb5IcgS5hAMu2ghhU01zmClDbFa98zIe3D8pjdrYt8zrZVVCTopcWxY6LU3g l04ha5OcEcwGEGfk8vvhNd3S7Bn1DfnYcRrtQUbtjk1gUfUj3o4D9COJNUxnQYqb
wvh9cdSKJ/Hgq3yRrnBwSolHUP9vMyC/EXRJ/T1CQHABjq0HNLOwhXuq 2XyPZkUEdUM7Aqcp06aCOBBIku2+tH0AkUeKFYlrtEvu2oxc+3p6yPDL
-----END ENCRYPTED PRIVATE KEY----- -----END ENCRYPTED PRIVATE KEY-----

20
test/fixtures/keys/ca1.cnf

@ -0,0 +1,20 @@
[ req ]
default_bits = 1024
days = 36500
distinguished_name = req_distinguished_name
attributes = req_attributes
prompt = no
output_password = password
[ req_distinguished_name ]
C = US
ST = CA
L = SF
O = Joyent
OU = Node.js
CN = ca1
emailAddress = ry@tinyclouds.org
[ req_attributes ]
challengePassword = A challenge password

26
test/fixtures/keys/ca2-cert.pem

@ -1,15 +1,15 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIICWDCCAcGgAwIBAgIJAKXrRJ3rkOnNMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV MIICazCCAdQCCQC1iOnduwhYbDANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX UzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQKEwZKb3llbnQxEDAO
aWRnaXRzIFB0eSBMdGQwHhcNMTAxMjA2MDQxNzI4WhcNMTEwMTA1MDQxNzI4WjBF BgNVBAsTB05vZGUuanMxDDAKBgNVBAMTA2NhMjEgMB4GCSqGSIb3DQEJARYRcnlA
MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 dGlueWNsb3Vkcy5vcmcwHhcNMTAxMjA4MDAzNjA1WhcNMTEwMTA3MDAzNjA1WjB6
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQK
gQDW5D3i3vuLpsekzkvF+pyZq6YDzESJQh0uGpWTk0oyBe/BCiTwHtZwyPpvO6UQ EwZKb3llbnQxEDAOBgNVBAsTB05vZGUuanMxDDAKBgNVBAMTA2NhMjEgMB4GCSqG
wpBPSMfwgmY30HoofXSKSBGW5ixyLvVa+brvJ0etqnNojI0NcNBk0/b+ynOCJ3A8 SIb3DQEJARYRcnlAdGlueWNsb3Vkcy5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0A
O/fFotYdsg9C1sDusW2htymyYvEfyxX7/WR7+u+b5vclCwIDAQABo1AwTjAdBgNV MIGJAoGBAOptTXfS4+0UDX5n3Yd6Bjy2I7bQ9lhYY4k3kgFiElfNoBUKElEL0V9F
HQ4EFgQUpKdzYuzbjpcqwWDiB8SgFiy3WxkwHwYDVR0jBBgwFoAUpKdzYuzbjpcq stOZRTBX2tn2QUkWi5KuMZf0ZddwkR4aSIT86t3JPyTgODbxK16/BbT1jxtoRRyc
wWDiB8SgFiy3WxkwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAkc5++ qMkWa5AYERpIPHB4c3IN6maOfRa/LaZMsWDcUfj8s4JoHoo+McFnAgMBAAEwDQYJ
vmqCTlTzfNHL0cV24M8FR9Xl/4UOqbxl/pfyXXrGbZleww0B0EPXW5cjRW2Kb3FC KoZIhvcNAQEFBQADgYEACPtiQv4M1cNjIsHJsdtLG5Xjpm7JU0ovFOdn0TEDSCqR
kLznCyLJQ62pcSSvsQeQGayYmrmDiImmw+sfezrte27RNWqmqxl5w/r0Jte4xszC GErBkZk07h2gvJtKtgdAN/9k+YGeKbQSZ2yfNn8IPpBHxPcSH1eUddtMvVlhSzQd
OP6UKrFcr2XXty/koGlgIQtAU0JenKLZuLhW1A== 7DrkY2i5yXRvx13HZFQN1vIi++A6KK731Pjl8XQWfjW6WIAEZj5lR2mWsfU0j7g=
-----END CERTIFICATE----- -----END CERTIFICATE-----

2
test/fixtures/keys/ca2-cert.srl

@ -1 +1 @@
D75C20DD84E71235 DCD1B1810C36C94E

30
test/fixtures/keys/ca2-key.pem

@ -1,17 +1,17 @@
-----BEGIN ENCRYPTED PRIVATE KEY----- -----BEGIN ENCRYPTED PRIVATE KEY-----
MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIH5Qu64G4EEACAggA MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIdtdE3kfiZ4ICAggA
MBQGCCqGSIb3DQMHBAjiP/COBBl6LwSCAoDJ7fSWqLoz0Xv4ASmipwDghszUQDEu MBQGCCqGSIb3DQMHBAiAlZcmcpeVhwSCAoAWtsw6WHyob9SSPkfWcXxSZDUwm8l2
sJyeehMxRNPNqarbvXPR/6GJtfoOyhcaWiCuRvsISL61B4mw90bbgcksscaXqXGU E6xeffCm6vQiSShBDG/pjiTFaCBVQk/85BLBDN787sWB2Nyyr+8iTf8xAO73lny2
KsR5H10ut3hfFfDxvy2NYPGiowg2Kvfoe+4ENDqYb1ilWs9YaJ0rFcohweHfUNcV XOiCHn6lPEGcTMa8q6XfjxFL7LZiOefu0UQPn8jGxejhQmH4XPN06pKh8Y5U41A9
W5A3WRfZ1zRyfEYlBbCpq45eMkxWCJ2X2YgqaK9itynqYbuBVXgqK+qP6rTSxvDC 1yGLWUYIVLXZh7ZwGbTeh6XCMA4XgJRgL6usrebTbD6pyct8J46FqedxVPkNHEO6
GZ+POdiT0GHcPQ2Z79NIEQI7kyzcQkJ0IzWqgIRNyrmIzBP0Et/zH/Z+Y6/5q+vX mv+U9XmpPT4wAJjSP8NxP4nWJ7NX+48E9lkaUnDCzPXDhZz5PEImrxIrbODqIAyf
2fl0ox4IkDiTWVER8lN8E0u5w1pCBD0NFtwqTXC3HMqnYKJDRAaqK0Fad5qVCwZq gv5pWL4/n7dLGJOeMaEL+/h2rCvG249e5oPW1F2zuUvAz/hIHA67FlbtsIrpIgW2
bKjXT7xWB2QqrZ4T3Nf/cLnd/fb1sRE6oYfLG706lY7dYh1RpIITZLavmceMSDfG bG20KYVcXcZIhOAA5iTtMImcZkkES3/UswbhEAuybjJGQM11fs4D+/wNc0Em2S1m
emwaSS4RoTJOpuOufUCrrFHW2EB+BgCADBgS4uD5PsrOvRLUj0CekTkJOJV0RFpY LKgUoLKZs0znvBPIjGmzicut8qg634dyEWunaxJwm7I6QDOcQ/QOKJxGbcxmXYda
K12Pp5wk3y+69IsD2jlUO50Bx2hZz10snvBCbJhLIDf9VSy9pPunOXqsr+i3MY8v qFYsf5jjIFi6a1nE6O54S5FaHHv7pBNAm9xl2XtbFMzJWOec14TMD8dN/cmZudDg
WdusJYnRxXN6ZbAb4d/Zi3mE3kcTG3YUwAIJiELAhWkZqRpK/O9SMXRb4+EMZ1nT Q4KzhKZ761cGbH5izWIJKjzt9dmd1s9wj6hDctJviWbDSRsQTjF2XCPJNup8p+3W
LSicMzLfhRdY/IqrV5PGvcmyJUffAD2PF4dXX4cEqyODFBet7/6zIEIhivuEATad r8DuJteMEq0Ba+9MQcG/rvH7i0AS5cENDc80hMNHEtyrSKWU2aK59A52ZEewIzQV
qNwE32FJxKpULPsLXgzSeIaZn71KrKiHaBIjRdGmfH7txBHIEwIW+fX2LzreZBqP 9E0F6FDsFNN/TixHBkEg/dl9oLPDBC8ohK+990TiCBXVhHa7pNW1uNUW9FMmarwf
LuYPFpTEvDCdJ7mcRLSrSCixyZRAQVqJEXcP2OpTb0lfqPlpE+AoMdpeUEdj9Jci qcn8w73gOgQScH7NmhOjNm4b1dlTzndQAA1frQW9bD0PjSUex1+z/e6kfBv+cF/P
ndyjWhrC/2emjHoHb1wrVVv4KdGcyz+uHdgFwXjtKugAYGA1Pb5Hq640 PrFTA7nGoB7cpVHkvA0woIy0vrAp4iOBgfI8xaJg72cZppa9m6D22JW2
-----END ENCRYPTED PRIVATE KEY----- -----END ENCRYPTED PRIVATE KEY-----

20
test/fixtures/keys/ca2.cnf

@ -0,0 +1,20 @@
[ req ]
default_bits = 1024
days = 36500
distinguished_name = req_distinguished_name
attributes = req_attributes
prompt = no
output_password = password
[ req_distinguished_name ]
C = US
ST = CA
L = SF
O = Joyent
OU = Node.js
CN = ca2
emailAddress = ry@tinyclouds.org
[ req_attributes ]
challengePassword = A challenge password

49
test/fixtures/keys/cmds.txt

@ -1,49 +0,0 @@
# Create Certificate Authority: ca1
#
# ('password' is used for the CA password.)
openssl req -new -x509 -extensions v3_ca -keyout ca1-key.pem -out ca1-cert.pem
# Create Certificate Authority: ca2
#
# ('password' is used for the CA password.)
openssl req -new -x509 -extensions v3_ca -keyout ca2-key.pem -out ca2-cert.pem
#
# agent1 is signed by ca1.
#
# Generate new private key
openssl genrsa -out agent1-key.pem
# Create a Certificate Signing Request for the key
openssl req -new -key agent1-key.pem -out agent1-csr.pem
# Create a Certificate for the agent.
openssl x509 -req -in agent1-csr.pem -CA ca1-cert.pem -CAkey ca1-key.pem -CAcreateserial -out agent1-cert.pem
#
# agent2 has a self signed cert
#
# Generate new private key
openssl genrsa -out agent2-key.pem
# Create a Certificate Signing Request for the key
openssl req -new -key agent2-key.pem -out agent2-csr.pem
# Create a Certificate for the agent.
openssl x509 -req -in agent2-csr.pem -signkey agent2-key.pem -out agent2-cert.pem
#
# agent3 is signed by ca2.
#
# Generate new private key
openssl genrsa -out agent3-key.pem
# Create a Certificate Signing Request for the key
openssl req -new -key agent3-key.pem -out agent3-csr.pem
# Create a Certificate for the agent.
openssl x509 -req -in agent3-csr.pem -CA ca2-cert.pem -CAkey ca2-key.pem -CAcreateserial -out agent3-cert.pem
#### TODO: agent on CRL
Loading…
Cancel
Save