Skip to content

Commit 7cec304

Browse files
code-ashercode-asher
authored
Improve UX around certificate errors (#118)
1 parent 011c1cf commit 7cec304

19 files changed

+839
-69
lines changed

fixtures/chain-intermediate.crt

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
-----BEGIN CERTIFICATE-----
2+
MIIC/DCCAeSgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAwwJVEVT
3+
VC1yb290MB4XDTIzMDgwMTAxNDUxM1oXDTI0MDczMTAxNDUxM1owHDEaMBgGA1UE
4+
AwwRVEVTVC1pbnRlcm1lZGlhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
5+
AoIBAQDYpxiPSJIcdHoDlt6fueRkX8zBC5u9aItDrStM6/VGQRM/NmeAWB/ek1pU
6+
749TaPUAcx5uoMaP2FKqnUN9sExslD5cLY5c/ixAfxBw6dLL3oYHB5vgwr5YUyS2
7+
AHVnomYS4hXW1nhqK9oEBmx5MQzb7FFKXpamrOsGVMfVjROek/wz3YoW8fE30A8r
8+
Zezc0uxkAyq7GQ4+ur/Em8qGhA7YXGmoHd4+h2PpU2Co8iW6i5Mftt8DfSFHFCyt
9+
Yu9xMhX2o8HckPUXQTKVAcOY/S2JjpFdwjX6cc9iDZ3+ETMtIUtv+MSICaTU7PLv
10+
eHAl5nodMctAI9+NaQkO81z8XdoZAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYD
11+
VR0OBBYEFEuSnkkMoeox4UP07oJsZGcEMYAWMB8GA1UdIwQYMBaAFBBrunbDxn3d
12+
ZwfysAIt6DjRylEIMA0GCSqGSIb3DQEBCwUAA4IBAQB00UMFcTDyDUidWamh/fzS
13+
Z6pv2ms0mKHXeVYdqUGtWPjl9uocWGJXdgD3C77Ifpx02zayhtpdfSvvajyEnTAd
14+
XPM8jb/VBXpgW7wA7vMRoewvXLG4xITbh+HXKhDh1n+KLAJLSB4uBrmbmx1/pgpM
15+
rXJPAGv4ARzkozcs98qWND3dWAjDNn+7Wxb0wVhcYgrmvyQyNAUdgYImxZSqn7rR
16+
sP5rr7FbAZLGSHx0h9hzav3XuWRv7+mn1m9QplsvaJV2EehiY92C0JmNHt9BvMcX
17+
XTWGWgXMVeacm/0W+3XmQWtltDnBQq8fUsEy0Uts6fJdD/5tEmvYfwEtpomxdFds
18+
-----END CERTIFICATE-----

fixtures/chain-intermediate.key

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
-----BEGIN PRIVATE KEY-----
2+
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDYpxiPSJIcdHoD
3+
lt6fueRkX8zBC5u9aItDrStM6/VGQRM/NmeAWB/ek1pU749TaPUAcx5uoMaP2FKq
4+
nUN9sExslD5cLY5c/ixAfxBw6dLL3oYHB5vgwr5YUyS2AHVnomYS4hXW1nhqK9oE
5+
Bmx5MQzb7FFKXpamrOsGVMfVjROek/wz3YoW8fE30A8rZezc0uxkAyq7GQ4+ur/E
6+
m8qGhA7YXGmoHd4+h2PpU2Co8iW6i5Mftt8DfSFHFCytYu9xMhX2o8HckPUXQTKV
7+
AcOY/S2JjpFdwjX6cc9iDZ3+ETMtIUtv+MSICaTU7PLveHAl5nodMctAI9+NaQkO
8+
81z8XdoZAgMBAAECggEAT8s/MuqWEc/ebnr/FJIJKeTUy1bkrd6WyD6733FaXV0z
9+
Ywk9FpqeZkIcN4Mh5SUXc2pyz2j8qNcSH0+bn2uywhzZWObYc6yTjM+ftQ6Rek/D
10+
SkyFn0LqiypYL4Y8t4YrFRJa280S/XuYKPpaskocA9XmXL84ujueti68iQ0UKEeH
11+
5dWNveO40q2jLMTHQyB/+IdPtKqrpTd5CWKsRxIAO78hv+iQSEIAReEmdtUVXCTK
12+
5YhWDkfqNcvQ2+LWz+W0ISbsoKILiTbRxIJGpOGKSkBhVTgYlywyYaUVqISHqwuh
13+
fbhGzLFQ+eF1RLrtcqhkGTAH2zg6fHD7sZUSkG4kVwKBgQD82plKYXIorp4Vzgma
14+
DhSJJtmSbJGcYtTNVhaq3AFTBmbnvWuCQea7Iugo+vhoA+man60XilWdgmarwPUQ
15+
pjRPDQu3DG41el6fik9obtiXi/lqK40z1v3HbofMRmXM5MgLDYc/b1qX+Y8qAYlJ
16+
05hC5REZRgNFmCuarfW8jKwTewKBgQDbWTAEbYnZ9QlVdO1thQI401rgywRmdBow
17+
Yd7IxkztPFknwW0CtqmodqW3TPUhebX1BJlS6GfBONFCgBfT6gC4SH1a1X7E0U0M
18+
GBYQ3lyddZYs+axM3sF5jCcUKZB4HD8Bvgs1uN/G+lIEG76Ke5Xd0OIX6b2GL8+3
19+
iwIs0kIaewKBgE8Uy1ahDYQ9wMGPFB+zgaa3mNqbzBq+KlIiN6qubleaK/sUmhg+
20+
JjynGTcf7ysQ9jHe+NLg+A/wJc5X5g2T/c4vhVd1ss5U/F0nc9h0upcDNzmGb34k
21+
InEKV7yC0/n2H76dN4yWdh4L9kOsAVUusXNSkzt1Uzaj9hdFixKyaGsbAoGANXzJ
22+
HbtMSy7aaNFLeFJf2VWIqpo253jWTgf/mHvqlEsL/orHN0stkdvkyw7kE5anTSki
23+
7jmn21EsjgfIR6+fH1Dl6Hl5IStcm19gOhrPAMKErVDwuAn1qdsISH1eMjvJDXa3
24+
KxF61/2AdGoDi6dZQy7Fg0lHIuqTv1ERZbab0fMCgYB2r7XmVoWI0rIU2ptCFqwO
25+
KvBq8nwY/Nh10ETSGxLt77OSJJdQCcmzHuKc2Xb6mEqOj/lBZJibGrJcEHyGQTLg
26+
RAYUR4wsGtrV3Lh0TSEV7aAjo/+hoOwsjJ7SW6BLphaBjJKfPKx6mGKSrS/W8R73
27+
F1SDXNNKT6Wg/XNKG9Pdow==
28+
-----END PRIVATE KEY-----

fixtures/chain-leaf.crt

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
-----BEGIN CERTIFICATE-----
2+
MIIDMjCCAhqgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRVEVT
3+
VC1pbnRlcm1lZGlhdGUwHhcNMjMwODAxMDE0NTEzWhcNMjQwNzMxMDE0NTEzWjAU
4+
MRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
5+
AoIBAQCiLsCk5U0Xb0VSRaHJNd1q/X2aAgf7EPGi/4ul6XpZp8gT3iRu6sErsRc3
6+
3JS2svKRN0eRMXduvTO3q9S6aGgMAZUzy7jlDUzgRu8AckEiOATxfvb+4Bz0zGy/
7+
pVw0bIUiYDMOeJ8RgX0MVT6NrBTztDAj6npTXrtRYzD+SoOq4NkVYCxzDAJtO1+Q
8+
Ie59WJGCK5wz+VjfUbJbxbpQFs1de17uq3LrE6BqksKiZsIgd4vGAembsrIm8Z5U
9+
v3bAJukLFtlL380sCrhRM84IelbSPKQLTjAwPcVFvgC+SS0ezD3I5Og2FcZqVnLS
10+
yjAsCmeq5FENll1y66i3QxK0XtQ7AgMBAAGjgYUwgYIwCwYDVR0PBAQDAgWgMB0G
11+
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAUBgNVHREEDTALgglsb2NhbGhv
12+
c3QwHQYDVR0OBBYEFAv7QgX2lWUAOdbV2sSERShHfiAxMB8GA1UdIwQYMBaAFEuS
13+
nkkMoeox4UP07oJsZGcEMYAWMA0GCSqGSIb3DQEBCwUAA4IBAQBf5R8Jq11jmEV1
14+
0i7hNPDp6wDknG7IGO7En3yShvEaXAPZlRpGzJuJ39KDz9Qb/imi5juP/i701Tee
15+
OjvKOH5NGGklwIlzlmbNvtZNuZQAKpAUza0dKu1rPF6OZl65rmyYr2LVWyal9XUK
16+
GGxhyB8A0+5W4XnNjAHDkpNI1yR3DcB+WtSeybAPQrTUSZxpMNRCUMG/Ph+dBfdz
17+
5qC+kmDQoWB+G710CEdGfobkDPzYTq3obbjpBuOUqxBJHqAK8SFAjPkEcnr1GKvG
18+
9DDOojHM6GBYp9k8vSof3P7ptrjTHDjz5ItjGCCohk1zAIwRT2fTE1TOwI2qvYxo
19+
395vKvYI
20+
-----END CERTIFICATE-----

fixtures/chain-leaf.key

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
-----BEGIN PRIVATE KEY-----
2+
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCiLsCk5U0Xb0VS
3+
RaHJNd1q/X2aAgf7EPGi/4ul6XpZp8gT3iRu6sErsRc33JS2svKRN0eRMXduvTO3
4+
q9S6aGgMAZUzy7jlDUzgRu8AckEiOATxfvb+4Bz0zGy/pVw0bIUiYDMOeJ8RgX0M
5+
VT6NrBTztDAj6npTXrtRYzD+SoOq4NkVYCxzDAJtO1+QIe59WJGCK5wz+VjfUbJb
6+
xbpQFs1de17uq3LrE6BqksKiZsIgd4vGAembsrIm8Z5Uv3bAJukLFtlL380sCrhR
7+
M84IelbSPKQLTjAwPcVFvgC+SS0ezD3I5Og2FcZqVnLSyjAsCmeq5FENll1y66i3
8+
QxK0XtQ7AgMBAAECggEAAmfHG6r69boEwS+fMqjF2+xejIYzMBoUO2Km45MO6X1/
9+
jivhRnPc4ZUCzyVKX1tQFa9INHMTXmUX+0VlJk6eHG95kwcWeu8zkK/8o3kOVj+W
10+
cy5641TXmRnfEwiU0YI6h0P9/dz0HwJYpHIvN1KyDNtDS4USw2HITXC3LU5VnZcq
11+
FWdjKTQNdnm5AamTyov2SXb9LKJkxicCKxyJODuMYWe6MX0G51DUvmfWr5bQ3VbD
12+
eOG1Nf1g2pSaDA+xYTeLwrn/LvdATzXsvQZdD2y5u3m11WZFoczHA6MNciyt5Jk2
13+
kkXJlfxn10A3GXsedWxE1mq/VZ3l+vO311mdoqRiIQKBgQDQLxlkmmy3lbbNfVZc
14+
yr8+7dal1puBTc2ZfIq7Kr4ZSCXaVO41hLpi299OY1UEOdoKfnFBg6c1icDuSfvi
15+
MivU9a70h0XBTJXTYK+6FWXoRsiF9Ale/JmgMU/n0QiWoHMoi+jsXgQZ1WyUXcR6
16+
45HDbzfSnZIKrTyfJu8LuT9arwKBgQDHbtgDvXA8ewZJi0RWq0oXNS5XYr9ySe94
17+
LpWCoXT8hgeqNM8Ly43mUXHZiGsrbIHmgkAKJhylthc9CUCRJ4w0JL7UtkPZtcgi
18+
UaydfJ4io9Sx0KgZ38e/1bq3rolC7kESNpGeJHMrF4hUAI2gEgZEtf0m5rzKpaGo
19+
4yu8HVtSNQKBgBTi1MpaD9QvSgK9s19l2+AFXoaOzFUhqCHg884pUJ8atOl9odRu
20+
t4BZjMLBhnMBFtX8r4IiIjFl25xMgd/Eps8bwuy3cZEeDN4DEj46DVpLV6zQuev0
21+
rbj7mYepWhI6kLMdrkWgfQrWdalA6whlMmeIDfKsak116eIRtuPXNvrzAoGAUVHW
22+
TTgaot67QpPCCuEPdgUeX02JqO2S8ttz5W82h52TVIjx/+pBcy+0j7H7mRpGoZps
23+
yHaf6cYlFaNHK6kHl1+AXLXxVr2z3KKXEyR0SsWo/dSKJvrDtWpOF4XYvGzwJaAQ
24+
on5UY7bVxQLwvNt8qNnYXttpEeyVzYrME4mY6h0CgYBBVY08DRSkrrBwiY9sQWbF
25+
XVdWuffdLuuI27lVcBl0UwJh37EwXN0fsWhZ3upAitAzE3aBNwF5KHvq00yCsMKr
26+
A4bo7DeckePIfCAxdvp8kAuq+NwW8tkpMcqeb1ja2TPrgSy9eyHingzvMtYNDTxB
27+
i45lVy8xNJU85Fmzex0B0g==
28+
-----END PRIVATE KEY-----

fixtures/chain-root.crt

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
-----BEGIN CERTIFICATE-----
2+
MIIC5TCCAc2gAwIBAgIUXtcOjsFS175nGr07+htPEPGe2bYwDQYJKoZIhvcNAQEL
3+
BQAwFDESMBAGA1UEAwwJVEVTVC1yb290MB4XDTIzMDgwMTAxNDUxM1oXDTMzMDcy
4+
OTAxNDUxM1owFDESMBAGA1UEAwwJVEVTVC1yb290MIIBIjANBgkqhkiG9w0BAQEF
5+
AAOCAQ8AMIIBCgKCAQEA1cgfqUNIP0L356sUVEieG0ObtMDrnwnEXGSXX7c3dlSd
6+
oiXJStYDsC+DbyV2+yV24sgkDJM2YwuWvKntHb56hVXzeTydWekDrfLlHw9alYml
7+
llJUXbsTIBBUdk2aT/dFzPyZTN8HhtU8327w7latxKJXrYNpJCn6fcRtSSyo6dIm
8+
QXxvyF/kMLHIirBoOHGKXVVfZFRrDafFbux//1duw+TIjUfVin0rQE/z28iN+3TY
9+
ihXtJ2fhVm+WWR1w7IzoLFV6Xu23JIk92Fxvowho4p6BTOzsGeHPdlPoR0b5ECbI
10+
8VqSLgsa8WOPLmxTNmcuk1BHYVf+Dr3YU/Xb9TBa5QIDAQABoy8wLTAMBgNVHRME
11+
BTADAQH/MB0GA1UdDgQWBBQQa7p2w8Z93WcH8rACLeg40cpRCDANBgkqhkiG9w0B
12+
AQsFAAOCAQEAXp7kVoWuGbI1nep/FTL+PVptYQzD4IfnsonSKZvB7yYcGS0OZtGI
13+
cNr52WOx4EpksG58JsQxjowu5kAdeSwGI5cCKdAWMA/BpJhT+uOP+9Y+QBXFBM25
14+
50cZax5FFFCKWUcOrv7SSeaGRe3X13G6pPULwwS5WqFb0LZdL0gI9GxN0S9X6F/N
15+
g+T0akcluAe6xNIltnw6AeaUQXzK+jy/3zuSAulh6oiSm7kTU9kXLZ3Xiobko/MB
16+
PaDKL+Ygt0c2hX5TRVJQ2Bdvn5z5kkBJxT7Rb9uj8kT9JETbwQD3bssZB+tPkwvE
17+
O5mpOpR0Jkni8lJmOYrRYz9Jf9Cm0uQWlw==
18+
-----END CERTIFICATE-----

fixtures/chain-root.key

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
-----BEGIN PRIVATE KEY-----
2+
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVyB+pQ0g/Qvfn
3+
qxRUSJ4bQ5u0wOufCcRcZJdftzd2VJ2iJclK1gOwL4NvJXb7JXbiyCQMkzZjC5a8
4+
qe0dvnqFVfN5PJ1Z6QOt8uUfD1qViaWWUlRduxMgEFR2TZpP90XM/JlM3weG1Tzf
5+
bvDuVq3Eoletg2kkKfp9xG1JLKjp0iZBfG/IX+QwsciKsGg4cYpdVV9kVGsNp8Vu
6+
7H//V27D5MiNR9WKfStAT/PbyI37dNiKFe0nZ+FWb5ZZHXDsjOgsVXpe7bckiT3Y
7+
XG+jCGjinoFM7OwZ4c92U+hHRvkQJsjxWpIuCxrxY48ubFM2Zy6TUEdhV/4OvdhT
8+
9dv1MFrlAgMBAAECggEAALkNTyeb4u4TCh5MX0yV9eAKP4sEQPFp6Vx3UCq9oUTM
9+
xtn7dQ+4/quEDw6NX6QGY6+EwuLsi1rKrUo8M9GLdumN45pBqsApWjk41Rx0LfVD
10+
l6whMbMkPJ0eUmTiYX4KJy59EwMRP3KqvG0Szq60WVBDNtViHm38TtiPL6Qn0UKT
11+
3bc6+b7VlGeasb6vyChcSeemz+SIS0MvOG5kSVCOdJ0fTWVtayRPp5xCqIdIBtn6
12+
fyeTALAKW7uQLrydmzei+JpUh38L6J/HLwTxC9R2Uq0kOgLV9ZxSFGNeIWPhih2Q
13+
OgzqYgGMjSsYDeun+0aeS6j1z2ClIgywt5hSL6jHsQKBgQD3KifmzAUy14hweUak
14+
hto8SuOT5ngV5Bt2RfOnu+dlxnRvZzyOIPoik6sLB6WK42x6T2AaHN9oSHOi1Jwd
15+
2q3DP8PE/S4kFtaNmJVNFrMFoo/gP/ZRAvzo0qwFrIN6qYhkaG+s+ahwcj8dnnFj
16+
E0JaPcSw+OxFWG8hOYzy1PeeMwKBgQDdbHmgz8A1dkq7PvONk9pBSfb5TaLRPY78
17+
bVkONJnjmEQVi8kuucQxbeXBGfuOB9pzGdHUlkRCyiWjOpJ82eihaa35gpW/y4Sz
18+
fKEq5hXneuZO2kq9sV9AZBAub8aUH5GFU9fpORXGx6N+QNWfHkrBERdKO/8AdVs6
19+
7rKi6QpahwKBgQDOvUI2+Px4NHR5r9d5ExtER1fohGR52x1lZsmRyciaBs+px26N
20+
a+QOO/pb9X9wlx5LiE1YSkJMlh2zW6diCWJC6Pk1sph/s2KveauYmZ4Q3pL9/kJo
21+
LNmjXWRqMoyfc2MUqY6P3xwXQlisy7UILDnaBcSaSvxGXNxHrD3LeHvOpQKBgF8x
22+
Nm0DQ7/4NhKf8rcoHEm7UblGPjw0eddd705jINGu8X5N1VUIOieB9qd40yPxjmGz
23+
dPkvDPOl0l6FXNreF9vlAg1lrZmCFm/Pob4+oqYcuQynXkCFE80r96TvGvEtTTOD
24+
oyw6BXmq9Eff+bbpn/u2rEuW1X9N9MW2Pwg4peHbAoGBAM+QoaXHB8e7TPPiEkxx
25+
ppK8n34R5lhLc+DwvGCH6N3F+Dze/WlWRY+KzirE1QfJQTCJmp1cuQl1A0hzWUPL
26+
X/xZUg+kA0yFu9EJROOrpv+f4MK8OzEUN/2n69tobQHU4446iGVOOMtnzoFvaI9H
27+
h/z2c6S/DifigZ5sYSyL4TqJ
28+
-----END PRIVATE KEY-----

fixtures/chain.crt

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
-----BEGIN CERTIFICATE-----
2+
MIIDMjCCAhqgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRVEVT
3+
VC1pbnRlcm1lZGlhdGUwHhcNMjMwODAxMDE0NTEzWhcNMjQwNzMxMDE0NTEzWjAU
4+
MRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
5+
AoIBAQCiLsCk5U0Xb0VSRaHJNd1q/X2aAgf7EPGi/4ul6XpZp8gT3iRu6sErsRc3
6+
3JS2svKRN0eRMXduvTO3q9S6aGgMAZUzy7jlDUzgRu8AckEiOATxfvb+4Bz0zGy/
7+
pVw0bIUiYDMOeJ8RgX0MVT6NrBTztDAj6npTXrtRYzD+SoOq4NkVYCxzDAJtO1+Q
8+
Ie59WJGCK5wz+VjfUbJbxbpQFs1de17uq3LrE6BqksKiZsIgd4vGAembsrIm8Z5U
9+
v3bAJukLFtlL380sCrhRM84IelbSPKQLTjAwPcVFvgC+SS0ezD3I5Og2FcZqVnLS
10+
yjAsCmeq5FENll1y66i3QxK0XtQ7AgMBAAGjgYUwgYIwCwYDVR0PBAQDAgWgMB0G
11+
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAUBgNVHREEDTALgglsb2NhbGhv
12+
c3QwHQYDVR0OBBYEFAv7QgX2lWUAOdbV2sSERShHfiAxMB8GA1UdIwQYMBaAFEuS
13+
nkkMoeox4UP07oJsZGcEMYAWMA0GCSqGSIb3DQEBCwUAA4IBAQBf5R8Jq11jmEV1
14+
0i7hNPDp6wDknG7IGO7En3yShvEaXAPZlRpGzJuJ39KDz9Qb/imi5juP/i701Tee
15+
OjvKOH5NGGklwIlzlmbNvtZNuZQAKpAUza0dKu1rPF6OZl65rmyYr2LVWyal9XUK
16+
GGxhyB8A0+5W4XnNjAHDkpNI1yR3DcB+WtSeybAPQrTUSZxpMNRCUMG/Ph+dBfdz
17+
5qC+kmDQoWB+G710CEdGfobkDPzYTq3obbjpBuOUqxBJHqAK8SFAjPkEcnr1GKvG
18+
9DDOojHM6GBYp9k8vSof3P7ptrjTHDjz5ItjGCCohk1zAIwRT2fTE1TOwI2qvYxo
19+
395vKvYI
20+
-----END CERTIFICATE-----
21+
-----BEGIN CERTIFICATE-----
22+
MIIC/DCCAeSgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAwwJVEVT
23+
VC1yb290MB4XDTIzMDgwMTAxNDUxM1oXDTI0MDczMTAxNDUxM1owHDEaMBgGA1UE
24+
AwwRVEVTVC1pbnRlcm1lZGlhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
25+
AoIBAQDYpxiPSJIcdHoDlt6fueRkX8zBC5u9aItDrStM6/VGQRM/NmeAWB/ek1pU
26+
749TaPUAcx5uoMaP2FKqnUN9sExslD5cLY5c/ixAfxBw6dLL3oYHB5vgwr5YUyS2
27+
AHVnomYS4hXW1nhqK9oEBmx5MQzb7FFKXpamrOsGVMfVjROek/wz3YoW8fE30A8r
28+
Zezc0uxkAyq7GQ4+ur/Em8qGhA7YXGmoHd4+h2PpU2Co8iW6i5Mftt8DfSFHFCyt
29+
Yu9xMhX2o8HckPUXQTKVAcOY/S2JjpFdwjX6cc9iDZ3+ETMtIUtv+MSICaTU7PLv
30+
eHAl5nodMctAI9+NaQkO81z8XdoZAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYD
31+
VR0OBBYEFEuSnkkMoeox4UP07oJsZGcEMYAWMB8GA1UdIwQYMBaAFBBrunbDxn3d
32+
ZwfysAIt6DjRylEIMA0GCSqGSIb3DQEBCwUAA4IBAQB00UMFcTDyDUidWamh/fzS
33+
Z6pv2ms0mKHXeVYdqUGtWPjl9uocWGJXdgD3C77Ifpx02zayhtpdfSvvajyEnTAd
34+
XPM8jb/VBXpgW7wA7vMRoewvXLG4xITbh+HXKhDh1n+KLAJLSB4uBrmbmx1/pgpM
35+
rXJPAGv4ARzkozcs98qWND3dWAjDNn+7Wxb0wVhcYgrmvyQyNAUdgYImxZSqn7rR
36+
sP5rr7FbAZLGSHx0h9hzav3XuWRv7+mn1m9QplsvaJV2EehiY92C0JmNHt9BvMcX
37+
XTWGWgXMVeacm/0W+3XmQWtltDnBQq8fUsEy0Uts6fJdD/5tEmvYfwEtpomxdFds
38+
-----END CERTIFICATE-----
39+
-----BEGIN CERTIFICATE-----
40+
MIIC5TCCAc2gAwIBAgIUXtcOjsFS175nGr07+htPEPGe2bYwDQYJKoZIhvcNAQEL
41+
BQAwFDESMBAGA1UEAwwJVEVTVC1yb290MB4XDTIzMDgwMTAxNDUxM1oXDTMzMDcy
42+
OTAxNDUxM1owFDESMBAGA1UEAwwJVEVTVC1yb290MIIBIjANBgkqhkiG9w0BAQEF
43+
AAOCAQ8AMIIBCgKCAQEA1cgfqUNIP0L356sUVEieG0ObtMDrnwnEXGSXX7c3dlSd
44+
oiXJStYDsC+DbyV2+yV24sgkDJM2YwuWvKntHb56hVXzeTydWekDrfLlHw9alYml
45+
llJUXbsTIBBUdk2aT/dFzPyZTN8HhtU8327w7latxKJXrYNpJCn6fcRtSSyo6dIm
46+
QXxvyF/kMLHIirBoOHGKXVVfZFRrDafFbux//1duw+TIjUfVin0rQE/z28iN+3TY
47+
ihXtJ2fhVm+WWR1w7IzoLFV6Xu23JIk92Fxvowho4p6BTOzsGeHPdlPoR0b5ECbI
48+
8VqSLgsa8WOPLmxTNmcuk1BHYVf+Dr3YU/Xb9TBa5QIDAQABoy8wLTAMBgNVHRME
49+
BTADAQH/MB0GA1UdDgQWBBQQa7p2w8Z93WcH8rACLeg40cpRCDANBgkqhkiG9w0B
50+
AQsFAAOCAQEAXp7kVoWuGbI1nep/FTL+PVptYQzD4IfnsonSKZvB7yYcGS0OZtGI
51+
cNr52WOx4EpksG58JsQxjowu5kAdeSwGI5cCKdAWMA/BpJhT+uOP+9Y+QBXFBM25
52+
50cZax5FFFCKWUcOrv7SSeaGRe3X13G6pPULwwS5WqFb0LZdL0gI9GxN0S9X6F/N
53+
g+T0akcluAe6xNIltnw6AeaUQXzK+jy/3zuSAulh6oiSm7kTU9kXLZ3Xiobko/MB
54+
PaDKL+Ygt0c2hX5TRVJQ2Bdvn5z5kkBJxT7Rb9uj8kT9JETbwQD3bssZB+tPkwvE
55+
O5mpOpR0Jkni8lJmOYrRYz9Jf9Cm0uQWlw==
56+
-----END CERTIFICATE-----

fixtures/chain.key

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
-----BEGIN PRIVATE KEY-----
2+
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCiLsCk5U0Xb0VS
3+
RaHJNd1q/X2aAgf7EPGi/4ul6XpZp8gT3iRu6sErsRc33JS2svKRN0eRMXduvTO3
4+
q9S6aGgMAZUzy7jlDUzgRu8AckEiOATxfvb+4Bz0zGy/pVw0bIUiYDMOeJ8RgX0M
5+
VT6NrBTztDAj6npTXrtRYzD+SoOq4NkVYCxzDAJtO1+QIe59WJGCK5wz+VjfUbJb
6+
xbpQFs1de17uq3LrE6BqksKiZsIgd4vGAembsrIm8Z5Uv3bAJukLFtlL380sCrhR
7+
M84IelbSPKQLTjAwPcVFvgC+SS0ezD3I5Og2FcZqVnLSyjAsCmeq5FENll1y66i3
8+
QxK0XtQ7AgMBAAECggEAAmfHG6r69boEwS+fMqjF2+xejIYzMBoUO2Km45MO6X1/
9+
jivhRnPc4ZUCzyVKX1tQFa9INHMTXmUX+0VlJk6eHG95kwcWeu8zkK/8o3kOVj+W
10+
cy5641TXmRnfEwiU0YI6h0P9/dz0HwJYpHIvN1KyDNtDS4USw2HITXC3LU5VnZcq
11+
FWdjKTQNdnm5AamTyov2SXb9LKJkxicCKxyJODuMYWe6MX0G51DUvmfWr5bQ3VbD
12+
eOG1Nf1g2pSaDA+xYTeLwrn/LvdATzXsvQZdD2y5u3m11WZFoczHA6MNciyt5Jk2
13+
kkXJlfxn10A3GXsedWxE1mq/VZ3l+vO311mdoqRiIQKBgQDQLxlkmmy3lbbNfVZc
14+
yr8+7dal1puBTc2ZfIq7Kr4ZSCXaVO41hLpi299OY1UEOdoKfnFBg6c1icDuSfvi
15+
MivU9a70h0XBTJXTYK+6FWXoRsiF9Ale/JmgMU/n0QiWoHMoi+jsXgQZ1WyUXcR6
16+
45HDbzfSnZIKrTyfJu8LuT9arwKBgQDHbtgDvXA8ewZJi0RWq0oXNS5XYr9ySe94
17+
LpWCoXT8hgeqNM8Ly43mUXHZiGsrbIHmgkAKJhylthc9CUCRJ4w0JL7UtkPZtcgi
18+
UaydfJ4io9Sx0KgZ38e/1bq3rolC7kESNpGeJHMrF4hUAI2gEgZEtf0m5rzKpaGo
19+
4yu8HVtSNQKBgBTi1MpaD9QvSgK9s19l2+AFXoaOzFUhqCHg884pUJ8atOl9odRu
20+
t4BZjMLBhnMBFtX8r4IiIjFl25xMgd/Eps8bwuy3cZEeDN4DEj46DVpLV6zQuev0
21+
rbj7mYepWhI6kLMdrkWgfQrWdalA6whlMmeIDfKsak116eIRtuPXNvrzAoGAUVHW
22+
TTgaot67QpPCCuEPdgUeX02JqO2S8ttz5W82h52TVIjx/+pBcy+0j7H7mRpGoZps
23+
yHaf6cYlFaNHK6kHl1+AXLXxVr2z3KKXEyR0SsWo/dSKJvrDtWpOF4XYvGzwJaAQ
24+
on5UY7bVxQLwvNt8qNnYXttpEeyVzYrME4mY6h0CgYBBVY08DRSkrrBwiY9sQWbF
25+
XVdWuffdLuuI27lVcBl0UwJh37EwXN0fsWhZ3upAitAzE3aBNwF5KHvq00yCsMKr
26+
A4bo7DeckePIfCAxdvp8kAuq+NwW8tkpMcqeb1ja2TPrgSy9eyHingzvMtYNDTxB
27+
i45lVy8xNJU85Fmzex0B0g==
28+
-----END PRIVATE KEY-----

fixtures/generate.bash

Lines changed: 134 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,134 @@
1+
#!/usr/bin/env bash
2+
3+
set -xeuo pipefail
4+
5+
function prepare() {
6+
local cwd=$1
7+
local fwd=$(readlink -f "$cwd")
8+
mkdir -p "$cwd"/{certs,crl,newcerts,private}
9+
echo 1000 > "$cwd/serial"
10+
touch "$cwd"/{index.txt,index.txt.attr}
11+
12+
echo '
13+
[ ca ]
14+
default_ca = CA_default
15+
[ CA_default ]
16+
dir = '"$fwd"'
17+
certs = $dir/certs # Where the issued certs are kept
18+
crl_dir = $dir/crl # Where the issued crl are kept
19+
database = $dir/index.txt # database index file.
20+
new_certs_dir = $dir/newcerts # default place for new certs.
21+
certificate = $dir/cacert.pem # The CA certificate
22+
serial = $dir/serial # The current serial number
23+
crl = $dir/crl.pem # The current CRL
24+
private_key = $dir/private/ca.key.pem # The private key
25+
RANDFILE = $dir/.rnd # private random number file
26+
nameopt = default_ca
27+
certopt = default_ca
28+
policy = policy_match
29+
default_days = 365
30+
default_md = sha256
31+
32+
[ policy_match ]
33+
countryName = optional
34+
stateOrProvinceName = optional
35+
organizationName = optional
36+
organizationalUnitName = optional
37+
commonName = supplied
38+
emailAddress = optional
39+
40+
[req]
41+
req_extensions = v3_req
42+
distinguished_name = req_distinguished_name
43+
44+
[req_distinguished_name]
45+
46+
[v3_req]' > "$cwd/openssl.cnf"
47+
48+
if [[ $cwd == out ]] ; then
49+
echo "keyUsage = digitalSignature, keyEncipherment" >> "$cwd/openssl.cnf"
50+
echo "extendedKeyUsage = serverAuth, clientAuth" >> "$cwd/openssl.cnf"
51+
echo "subjectAltName = DNS:localhost" >> "$cwd/openssl.cnf"
52+
else
53+
echo "basicConstraints = CA:TRUE" >> "$cwd/openssl.cnf"
54+
fi
55+
}
56+
57+
# chain generates three certificates in a chain.
58+
function chain() {
59+
rm {root,intermediate,out} -rf
60+
prepare root
61+
prepare intermediate
62+
prepare out
63+
64+
# Create root certificate and key.
65+
openssl genrsa -out root/private/ca.key 2048
66+
openssl req -new -x509 -sha256 -days 3650 \
67+
-config root/openssl.cnf -extensions v3_req \
68+
-key root/private/ca.key --out root/certs/ca.crt \
69+
-subj '/CN=TEST-root'
70+
71+
# Create intermediate key and request.
72+
openssl genrsa -out intermediate/private/intermediate.key 2048
73+
openssl req -new -sha256 \
74+
-config intermediate/openssl.cnf -extensions v3_req \
75+
-key intermediate/private/intermediate.key -out intermediate/certs/intermediate.csr \
76+
-subj '/CN=TEST-intermediate'
77+
78+
# Sign intermediate request with root to create a cert.
79+
openssl ca -batch -notext -md sha256 \
80+
-config intermediate/openssl.cnf -extensions v3_req \
81+
-keyfile root/private/ca.key -cert root/certs/ca.crt \
82+
-in intermediate/certs/intermediate.csr \
83+
-out intermediate/certs/intermediate.crt
84+
85+
# Create a key and request for an end certificate.
86+
openssl req -new -days 365 -nodes -newkey rsa:2048 \
87+
-config out/openssl.cnf -extensions v3_req \
88+
-keyout out/private/localhost.key -out out/certs/localhost.csr \
89+
-subj "/CN=localhost"
90+
91+
# Sign that with the intermediate.
92+
openssl ca -batch \
93+
-config out/openssl.cnf -extensions v3_req \
94+
-keyfile intermediate/private/intermediate.key -cert intermediate/certs/intermediate.crt \
95+
-out out/certs/localhost.crt \
96+
-infiles out/certs/localhost.csr
97+
98+
mv out/certs/localhost.crt chain-leaf.crt
99+
mv out/private/localhost.key chain-leaf.key
100+
mv intermediate/certs/intermediate.crt chain-intermediate.crt
101+
mv intermediate/private/intermediate.key chain-intermediate.key
102+
mv root/certs/ca.crt chain-root.crt
103+
mv root/private/ca.key chain-root.key
104+
105+
rm {out,intermediate,root} -r
106+
107+
cat chain-leaf.crt chain-intermediate.crt chain-root.crt > chain.crt
108+
cp chain-leaf.key chain.key
109+
}
110+
111+
# non-signing generates a self-signed certificate that has cert signing
112+
# explicitly omitted.
113+
function non-signing() {
114+
openssl req -x509 -nodes -newkey rsa:2048 \
115+
-keyout no-signing.key -out no-signing.crt \
116+
-addext "keyUsage = digitalSignature, keyEncipherment" \
117+
-addext "subjectAltName=DNS:localhost" \
118+
-subj "/CN=localhost"
119+
}
120+
121+
# self-signed generates a certificate without specifying key usage.
122+
function self-signed() {
123+
openssl req -x509 -nodes -newkey rsa:2048 \
124+
-keyout self-signed.key -out self-signed.crt \
125+
-addext "subjectAltName=DNS:localhost" \
126+
-subj "/CN=localhost"
127+
}
128+
129+
function main() {
130+
local name=$1 ; shift
131+
"$name" "$@"
132+
}
133+
134+
main "$@"

fixtures/no-signing.crt

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
-----BEGIN CERTIFICATE-----
2+
MIIDLDCCAhSgAwIBAgIUZVpY6+MUJZuW/UJhu7r8crizzh0wDQYJKoZIhvcNAQEL
3+
BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIzMDgwMTAxMDQ0OFoXDTIzMDgz
4+
MTAxMDQ0OFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
5+
AAOCAQ8AMIIBCgKCAQEAzIxlOvO0DmWd0a2dA3f3uy6VuQ6kLHp+D4QNUvzAqSGE
6+
y6WCUQD0UWxqC+tXoHq9wX35qPPon9Ei2e3VarWv9Fc0BNN2I2pMgJDipxjuQC+P
7+
RMwDwCD+zsVQbfTel2ntfP4OAcs58964Rc9ZgMiZwxBWMOBbTUt68R3ba/oKKdEV
8+
AOBequ32qrmLMhNzFKdEooe8DzpPOXO3kaTxOoSUTx85UJfwdL+6vFYhDHJ6pvRU
9+
QvJj7G+H03YL4zBKRucAlI3jcaNAcNm5JCAliv4yPzo2PEl2aFfG2DL5lVhDU8S4
10+
62iTXpnPwSQAtloSNKE+xTzqsusfeJV/YFEnqTGYCwIDAQABo3YwdDAdBgNVHQ4E
11+
FgQU35DsH5EDKMKE0VTWs+YSWjT6u1gwHwYDVR0jBBgwFoAU35DsH5EDKMKE0VTW
12+
s+YSWjT6u1gwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCBaAwFAYDVR0RBA0w
13+
C4IJbG9jYWxob3N0MA0GCSqGSIb3DQEBCwUAA4IBAQDHgOSJfsSCD1SwFqY/k8eH
14+
o95y7jqlCH48jw+BxHh7W/jr7NnUUXRP0NgQjhUcJSBZ8mWqCQtdpwttEe5eYYGg
15+
0uA7FoiDfzEkyAs9QMAxDfgpHloafh1sJBdxiiUsu6LeYzzPcSajPEOlPNIpR7Uu
16+
CFy1fr/PMAmOPeIuF6NNYfwk9Isevqf/U8R5QK99abWJnP8S2Lqk90EFAdO7RAAZ
17+
g3xsVqO0Tzs9yvtHRSe92q5M/hyRMHTF8mPKQwTnSPXzxhVdYiTJ5VEZQOIhey0V
18+
s1sGtEpSUwhNiMEypJJbDhDJ6S5pn9lqDbSoCiRjXufq3ltu90Zht+2kCUCjTSBb
19+
-----END CERTIFICATE-----

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy