b4635f0a61
GnuTLS seems to require the intermediate CA certificate to be included both in the ca_cert and client_cert file for the cases of server and client certificates using different intermediate CA certificates. Use the user_and_ica.pem file with GnuTLS builds and reorder the certificates in that file to make this work with GnuTLS. Signed-off-by: Jouni Malinen <j@w1.fi>
154 lines
8.1 KiB
Text
154 lines
8.1 KiB
Text
Certificate:
|
|
Data:
|
|
Version: 3 (0x2)
|
|
Serial Number: 16236525841851734558 (0xe153ba3a7605da1e)
|
|
Signature Algorithm: sha256WithRSAEncryption
|
|
Issuer: C=FI, O=w1.fi, CN=User Intermediate CA
|
|
Validity
|
|
Not Before: Dec 23 19:37:36 2015 GMT
|
|
Not After : Dec 20 19:37:36 2025 GMT
|
|
Subject: C=FI, O=w1.fi, CN=user.w1.fi
|
|
Subject Public Key Info:
|
|
Public Key Algorithm: rsaEncryption
|
|
Public-Key: (2048 bit)
|
|
Modulus:
|
|
00:c0:86:20:e5:06:5a:a8:47:2d:c9:5e:25:24:f7:
|
|
bf:a6:b6:44:50:99:8c:95:b5:6a:ad:74:b6:ba:ee:
|
|
31:5e:b2:20:60:9a:b4:93:55:6d:15:0b:dc:5a:27:
|
|
3f:df:c1:92:18:59:66:10:eb:47:1c:35:1f:08:dd:
|
|
eb:25:bd:21:9c:2d:48:34:5f:97:18:dc:83:28:db:
|
|
14:8c:16:3b:5a:36:6a:50:63:e9:3b:e0:37:fd:f6:
|
|
a0:d6:40:af:ef:1e:99:1d:88:c1:4f:4b:92:25:53:
|
|
28:cb:c4:b7:ce:ca:ca:26:af:2d:f7:e4:62:79:48:
|
|
49:6a:82:33:b0:a6:c6:a5:17:33:88:93:77:36:b2:
|
|
77:61:e0:55:de:2e:75:15:92:4c:e7:bf:11:ea:33:
|
|
03:1e:4a:e6:18:38:16:34:f5:d9:ed:f8:0c:17:6f:
|
|
78:65:ae:14:18:a3:0f:08:b6:e2:87:02:e4:eb:0f:
|
|
fb:81:d9:4b:90:ff:b3:fa:0f:d3:04:4d:b0:99:b4:
|
|
2b:5e:fb:ad:04:2b:a7:d6:36:0d:17:e0:be:c0:43:
|
|
cf:e5:2e:f0:8e:87:88:60:b3:22:d8:03:59:53:50:
|
|
a6:69:ce:de:d0:c9:2e:f7:6d:9a:59:4d:99:dc:4b:
|
|
3c:c2:15:8f:27:64:23:34:14:34:af:41:76:a5:6a:
|
|
9a:0f
|
|
Exponent: 65537 (0x10001)
|
|
X509v3 extensions:
|
|
X509v3 Basic Constraints:
|
|
CA:FALSE
|
|
X509v3 Subject Key Identifier:
|
|
3E:35:E0:F9:A3:1E:2C:FA:DD:E7:8B:CE:58:06:38:20:5D:5E:71:D2
|
|
X509v3 Authority Key Identifier:
|
|
keyid:AC:C4:F6:07:9E:B2:E5:F1:66:7C:40:05:08:AA:DC:EF:8A:60:DA:C1
|
|
|
|
X509v3 Subject Alternative Name: critical
|
|
DNS:user.w1.fi
|
|
X509v3 Extended Key Usage:
|
|
TLS Web Client Authentication
|
|
X509v3 Key Usage:
|
|
Digital Signature, Key Encipherment
|
|
Signature Algorithm: sha256WithRSAEncryption
|
|
7b:e9:eb:d7:d4:60:a8:08:62:71:61:dd:42:7d:e5:88:f4:24:
|
|
bb:3f:6b:a9:16:64:2d:fb:ce:8e:55:1c:f5:7e:b4:c3:74:de:
|
|
96:e4:59:32:f4:aa:74:e2:ac:43:28:06:54:5d:f7:fe:87:31:
|
|
3d:ac:45:d5:1c:51:7f:8c:f9:37:0b:66:94:a7:22:5f:d1:55:
|
|
bf:a4:82:c7:0a:50:bb:c7:18:cf:df:47:81:00:c4:d2:d7:12:
|
|
b0:83:2d:67:3f:80:b8:be:6f:c9:c5:76:9a:87:ef:3a:f6:0d:
|
|
4f:24:d8:e7:06:6c:6e:ff:dc:5e:6e:21:a1:e7:26:f6:94:44:
|
|
69:f4:b2:36:38:08:b1:df:07:fa:7a:53:b8:60:db:63:4b:4f:
|
|
e6:2a:42:ff:29:68:b5:99:3a:36:eb:26:05:76:d2:ab:e6:d0:
|
|
7c:af:8c:a0:20:8b:50:6c:3b:bc:1a:53:6d:a7:c8:70:97:21:
|
|
56:02:24:04:9b:63:2a:5d:b8:8c:e4:bf:e9:8f:58:cd:6e:99:
|
|
47:3c:02:7b:63:67:c1:c7:32:53:cc:d5:cb:e9:a0:39:ef:f8:
|
|
44:b7:f3:57:0c:b5:a7:23:3f:16:28:c6:02:14:b6:80:d8:33:
|
|
42:0c:81:5c:ac:3f:13:d0:5b:4a:66:9f:33:ee:ac:56:fe:37:
|
|
17:2b:03:40
|
|
-----BEGIN CERTIFICATE-----
|
|
MIIDfDCCAmSgAwIBAgIJAOFTujp2BdoeMA0GCSqGSIb3DQEBCwUAMDwxCzAJBgNV
|
|
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEdMBsGA1UEAwwUVXNlciBJbnRlcm1lZGlh
|
|
dGUgQ0EwHhcNMTUxMjIzMTkzNzM2WhcNMjUxMjIwMTkzNzM2WjAyMQswCQYDVQQG
|
|
EwJGSTEOMAwGA1UECgwFdzEuZmkxEzARBgNVBAMMCnVzZXIudzEuZmkwggEiMA0G
|
|
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAhiDlBlqoRy3JXiUk97+mtkRQmYyV
|
|
tWqtdLa67jFesiBgmrSTVW0VC9xaJz/fwZIYWWYQ60ccNR8I3eslvSGcLUg0X5cY
|
|
3IMo2xSMFjtaNmpQY+k74Df99qDWQK/vHpkdiMFPS5IlUyjLxLfOysomry335GJ5
|
|
SElqgjOwpsalFzOIk3c2sndh4FXeLnUVkkznvxHqMwMeSuYYOBY09dnt+AwXb3hl
|
|
rhQYow8ItuKHAuTrD/uB2UuQ/7P6D9METbCZtCte+60EK6fWNg0X4L7AQ8/lLvCO
|
|
h4hgsyLYA1lTUKZpzt7QyS73bZpZTZncSzzCFY8nZCM0FDSvQXalapoPAgMBAAGj
|
|
gYowgYcwCQYDVR0TBAIwADAdBgNVHQ4EFgQUPjXg+aMeLPrd54vOWAY4IF1ecdIw
|
|
HwYDVR0jBBgwFoAUrMT2B56y5fFmfEAFCKrc74pg2sEwGAYDVR0RAQH/BA4wDIIK
|
|
dXNlci53MS5maTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCBaAwDQYJ
|
|
KoZIhvcNAQELBQADggEBAHvp69fUYKgIYnFh3UJ95Yj0JLs/a6kWZC37zo5VHPV+
|
|
tMN03pbkWTL0qnTirEMoBlRd9/6HMT2sRdUcUX+M+TcLZpSnIl/RVb+kgscKULvH
|
|
GM/fR4EAxNLXErCDLWc/gLi+b8nFdpqH7zr2DU8k2OcGbG7/3F5uIaHnJvaURGn0
|
|
sjY4CLHfB/p6U7hg22NLT+YqQv8paLWZOjbrJgV20qvm0HyvjKAgi1BsO7waU22n
|
|
yHCXIVYCJASbYypduIzkv+mPWM1umUc8AntjZ8HHMlPM1cvpoDnv+ES381cMtacj
|
|
PxYoxgIUtoDYM0IMgVysPxPQW0pmnzPurFb+NxcrA0A=
|
|
-----END CERTIFICATE-----
|
|
Certificate:
|
|
Data:
|
|
Version: 3 (0x2)
|
|
Serial Number: 15624081837803162868 (0xd8d3e3a6cbe3ccf4)
|
|
Signature Algorithm: sha256WithRSAEncryption
|
|
Issuer: C=FI, O=w1.fi, CN=Root CA
|
|
Validity
|
|
Not Before: Dec 23 19:37:36 2015 GMT
|
|
Not After : Dec 22 19:37:36 2025 GMT
|
|
Subject: C=FI, O=w1.fi, CN=User Intermediate CA
|
|
Subject Public Key Info:
|
|
Public Key Algorithm: rsaEncryption
|
|
Public-Key: (2048 bit)
|
|
Modulus:
|
|
00:c3:2a:0d:f4:66:23:5d:96:91:f7:a0:be:b1:b0:
|
|
f7:9e:ae:ea:a6:72:91:f5:70:65:57:91:49:55:59:
|
|
67:bb:d7:f5:9e:bc:66:b2:bf:cf:95:31:32:ae:db:
|
|
9a:3b:43:e8:a5:8d:1f:8b:3b:e6:e8:e3:3b:b2:9d:
|
|
f0:58:62:ea:a3:8a:6f:c8:ed:01:ca:27:74:1c:0e:
|
|
9e:28:5c:43:98:db:14:b8:72:07:9f:6b:27:28:25:
|
|
ce:a5:91:b7:b7:23:9a:35:ef:0e:b7:fc:9f:69:4d:
|
|
10:2e:81:ab:9d:04:ba:2f:b4:eb:61:7d:fd:68:a1:
|
|
11:6f:f4:16:42:16:99:20:38:24:04:2d:39:7c:74:
|
|
67:14:b9:aa:26:7a:b2:d9:1e:ce:cd:8b:bc:8d:e3:
|
|
c7:58:9c:4a:f9:3a:7e:6c:38:f8:5f:1c:ec:05:4c:
|
|
e5:56:64:d4:08:d8:fa:db:17:d9:a1:e4:cf:b4:9d:
|
|
df:99:50:ce:fa:a4:af:af:c6:f7:f2:0e:c2:c5:7b:
|
|
6c:f9:6c:eb:17:e5:c8:6e:5a:bf:eb:a6:b8:c0:f7:
|
|
43:81:88:c3:d8:aa:a9:60:ac:a7:45:3f:5d:cb:8d:
|
|
6c:48:92:2b:04:5a:c4:a8:32:b3:e9:6f:fe:8d:2d:
|
|
65:c0:ea:c5:09:b2:30:b1:a3:2e:db:22:8a:49:b1:
|
|
fe:4f
|
|
Exponent: 65537 (0x10001)
|
|
X509v3 extensions:
|
|
X509v3 Subject Key Identifier:
|
|
AC:C4:F6:07:9E:B2:E5:F1:66:7C:40:05:08:AA:DC:EF:8A:60:DA:C1
|
|
X509v3 Authority Key Identifier:
|
|
keyid:B8:92:DE:FD:8A:18:B3:30:C3:9F:55:F3:33:5D:B4:C8:29:8A:41:14
|
|
|
|
X509v3 Basic Constraints: critical
|
|
CA:TRUE, pathlen:0
|
|
X509v3 Key Usage: critical
|
|
Certificate Sign, CRL Sign
|
|
Signature Algorithm: sha256WithRSAEncryption
|
|
0d:60:2b:fa:00:f2:5a:90:31:96:50:c8:9e:7f:60:02:99:c6:
|
|
31:d4:93:86:9e:4c:24:15:b6:b2:31:49:21:79:ce:7f:92:86:
|
|
1e:83:d8:a0:37:05:1b:89:2b:ef:0b:83:21:b0:37:8d:2f:7b:
|
|
6b:7d:c6:04:1e:a2:c8:59:be:52:bf:47:ee:46:cb:45:8d:1f:
|
|
7a:e4:d4:e5:54:60:5f:46:b0:ac:68:8a:26:57:ea:48:45:c1:
|
|
07:7d:ee:10:9e:94:87:4c:7e:26:2e:f8:ad:03:e5:03:86:09:
|
|
3e:48:0c:e0:04:2f:22:b4:e0:3a:b0:72:8c:e2:40:d2:cd:fb:
|
|
8f:fa
|
|
-----BEGIN CERTIFICATE-----
|
|
MIIC0zCCAjygAwIBAgIJANjT46bL48z0MA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
|
|
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNTEy
|
|
MjMxOTM3MzZaFw0yNTEyMjIxOTM3MzZaMDwxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
|
DAV3MS5maTEdMBsGA1UEAwwUVXNlciBJbnRlcm1lZGlhdGUgQ0EwggEiMA0GCSqG
|
|
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDKg30ZiNdlpH3oL6xsPeeruqmcpH1cGVX
|
|
kUlVWWe71/WevGayv8+VMTKu25o7Q+iljR+LO+bo4zuynfBYYuqjim/I7QHKJ3Qc
|
|
Dp4oXEOY2xS4cgefaycoJc6lkbe3I5o17w63/J9pTRAugaudBLovtOthff1ooRFv
|
|
9BZCFpkgOCQELTl8dGcUuaomerLZHs7Ni7yN48dYnEr5On5sOPhfHOwFTOVWZNQI
|
|
2PrbF9mh5M+0nd+ZUM76pK+vxvfyDsLFe2z5bOsX5chuWr/rprjA90OBiMPYqqlg
|
|
rKdFP13LjWxIkisEWsSoMrPpb/6NLWXA6sUJsjCxoy7bIopJsf5PAgMBAAGjZjBk
|
|
MB0GA1UdDgQWBBSsxPYHnrLl8WZ8QAUIqtzvimDawTAfBgNVHSMEGDAWgBS4kt79
|
|
ihizMMOfVfMzXbTIKYpBFDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQE
|
|
AwIBBjANBgkqhkiG9w0BAQsFAAOBgQANYCv6APJakDGWUMief2ACmcYx1JOGnkwk
|
|
FbayMUkhec5/koYeg9igNwUbiSvvC4MhsDeNL3trfcYEHqLIWb5Sv0fuRstFjR96
|
|
5NTlVGBfRrCsaIomV+pIRcEHfe4QnpSHTH4mLvitA+UDhgk+SAzgBC8itOA6sHKM
|
|
4kDSzfuP+g==
|
|
-----END CERTIFICATE-----
|