mirror of
https://github.com/curl/curl.git
synced 2024-12-27 06:59:43 +08:00
b5486adc9b
The previous test certificate contained a MD5 hash which is not supported using TLSv1.2 with Schannel on Windows 7 or newer. See the update to this blog post on IEInternals / MSDN: http://blogs.msdn.com/b/ieinternals/archive/2011/03/25/ misbehaving-https-servers-impair-tls-1.1-and-tls-1.2.aspx "Update: If the server negotiates a TLS1.2 connection with a Windows 7 or 8 schannel.dll-using client application, and it provides a certificate chain which uses the (weak) MD5 hash algorithm, the client will abort the connection (TCP/IP FIN) upon receipt of the certificate."
144 lines
6.9 KiB
Plaintext
144 lines
6.9 KiB
Plaintext
#
|
|
# This file contains a private key and a certificate used for stunnel.
|
|
# The certificate contains a number of extensions essentially being
|
|
# used in the 509 test. The certificate has been generated using
|
|
# openssl with the parameters listed below up to the line
|
|
# contain [something], after that you find the result.
|
|
#
|
|
#
|
|
extensions = x509v3
|
|
[ x509v3 ]
|
|
subjectAltName = DNS:localhost
|
|
nsCertType = server
|
|
nsComment = "CURL stunnel server test certificate"
|
|
keyUsage = digitalSignature,keyEncipherment
|
|
extendedKeyUsage = serverAuth
|
|
basicConstraints = CA:false
|
|
subjectKeyIdentifier = hash
|
|
subjectInfoAccess = AD_DVCS;URI:"https://localhost:8433/509"
|
|
authorityInfoAccess = AD_DVCS;URI:"https://localhost:8433/509"
|
|
[ req ]
|
|
default_bits = 1234
|
|
distinguished_name = req_DN
|
|
default_md = sha1
|
|
string_mask = pkix
|
|
[ req_DN ]
|
|
countryName = "1. Country Name (2 letter code)"
|
|
countryName_value = SE
|
|
stateOrProvinceName = "2. State or Province Name (full name) "
|
|
stateOrProvinceName_value = Solna
|
|
localityName = "3. Locality Name (eg, city) "
|
|
localityName_value = Mooo
|
|
0.organizationName = "4. Organization Name (eg, company) "
|
|
0.organizationName_value = Haxx
|
|
organizationalUnitName = "5. Organizational Unit Name (eg, section) "
|
|
organizationalUnitName_value = Coolx
|
|
commonName = "6. Common Name (eg, FQDN) "
|
|
commonName_value = "storbror"
|
|
1.commonName = "6. Common Name (eg, FQDN) "
|
|
1.commonName_value = "localhost"
|
|
[something]
|
|
-----BEGIN RSA PRIVATE KEY-----
|
|
MIIC1AIBAAKBmwNZN+oG6vJ8DAze+FvOKSS49X4xGMxALhKRLhQQb7qvM+7BcMgR
|
|
v+RKxkX7SNgcxKPLcIHf7QQ6DBIlLXuAuVHQtWW9b06q64kBElkEwh6gP5Ia9JrR
|
|
ysGbu2U6NRP+xBU33dVwZjF07ocN9Pp392W4VxEc+g3+FkRzUEaahDGOabmjgKuq
|
|
DdlKdZLzgJj7+9sEKpb7+FdG56rZAgMBAAECgZsCkK1Z1XTUz5x3m7PMuHEiVaKS
|
|
yk/B4ISq6pbO/gxpieARzhR038wNug6L+8VA8UDebXHBvGYYr9Mhb2OZUfIlr+nW
|
|
h7kmHZ+T88M3eH/hQc3jtnvnu1dGmMlIXjTLQOrKgrAn6fYaw2HAGPdGKjpatAy/
|
|
3vRjguv/22pNJLRQmMHdozJdc8mEYY+AhqrQxXCWQT/1peZzlq/IAQJOAfhE2YWf
|
|
qB9iYNmuhxJ1PolPW4I63atXuoavqadbaRoaLm/pqLVB1QjMeyak8O/0TmO6CXk6
|
|
878ps85fLFgARRjSYX+rYwoYNzqxK3cBAk4Bsy4oofReVT8xB+7rFZFMV4McyL7e
|
|
sOABFqecLuNIGT6CdeEU1z7TUfq8sKM1MQ25e0J1PMmoWTqDwzhnxK+ckeFsZ8Te
|
|
dgqVW+Oyy9kCTgHqyc/P/uEZkp1ioDu0WkpAR+1vZa2jeyH+vm9nhE9Z6Uty/r6F
|
|
k4otIx9lMDmTwXqeE03vINJlJshqvjShfbnCe9gK8xrUk1cFl7QPAQJOATD3LQRq
|
|
At2MniioFtiTbUN6n2ZS1C5xnHGq3fnBzxnZw4UmSfuZjG/L3gWPKkyJCK3HYe9K
|
|
ho6ZQhNB6P5d7sQQjG6f+SIRwp+VjwvpAk4AnM4do54FETeLHhY4zy47dM/zdy3u
|
|
iDjiFwoMTR+PfF03evsWe5pW3EaXolGi3FRAZ/idFA+L3Gi2y4xR44z71HkbF32L
|
|
WKaLdOuBQvI=
|
|
-----END RSA PRIVATE KEY-----
|
|
Certificate:
|
|
Data:
|
|
Version: 3 (0x2)
|
|
Serial Number:
|
|
a4:17:70:09:88:8c:48:cd
|
|
Signature Algorithm: sha1WithRSAEncryption
|
|
Issuer: C=SE, ST=Solna, L=Mooo, O=Haxx, OU=Coolx, CN=storbror, CN=localhost
|
|
Validity
|
|
Not Before: Feb 22 15:38:48 2014 GMT
|
|
Not After : Feb 20 15:38:48 2024 GMT
|
|
Subject: C=SE, ST=Solna, L=Mooo, O=Haxx, OU=Coolx, CN=storbror, CN=localhost
|
|
Subject Public Key Info:
|
|
Public Key Algorithm: rsaEncryption
|
|
Public-Key: (1234 bit)
|
|
Modulus:
|
|
03:59:37:ea:06:ea:f2:7c:0c:0c:de:f8:5b:ce:29:
|
|
24:b8:f5:7e:31:18:cc:40:2e:12:91:2e:14:10:6f:
|
|
ba:af:33:ee:c1:70:c8:11:bf:e4:4a:c6:45:fb:48:
|
|
d8:1c:c4:a3:cb:70:81:df:ed:04:3a:0c:12:25:2d:
|
|
7b:80:b9:51:d0:b5:65:bd:6f:4e:aa:eb:89:01:12:
|
|
59:04:c2:1e:a0:3f:92:1a:f4:9a:d1:ca:c1:9b:bb:
|
|
65:3a:35:13:fe:c4:15:37:dd:d5:70:66:31:74:ee:
|
|
87:0d:f4:fa:77:f7:65:b8:57:11:1c:fa:0d:fe:16:
|
|
44:73:50:46:9a:84:31:8e:69:b9:a3:80:ab:aa:0d:
|
|
d9:4a:75:92:f3:80:98:fb:fb:db:04:2a:96:fb:f8:
|
|
57:46:e7:aa:d9
|
|
Exponent: 65537 (0x10001)
|
|
X509v3 extensions:
|
|
X509v3 Subject Alternative Name:
|
|
DNS:localhost
|
|
Netscape Cert Type:
|
|
SSL Server
|
|
Netscape Comment:
|
|
CURL stunnel server test certificate
|
|
X509v3 Key Usage:
|
|
Digital Signature, Key Encipherment
|
|
X509v3 Extended Key Usage:
|
|
TLS Web Server Authentication
|
|
X509v3 Basic Constraints:
|
|
CA:FALSE
|
|
X509v3 Subject Key Identifier:
|
|
35:77:35:3B:9B:98:3C:B6:C7:9A:E7:A8:04:B9:7C:70:AD:FA:37:A9
|
|
Subject Information Access:
|
|
ad dvcs - URI:https://localhost:8433/509
|
|
|
|
Authority Information Access:
|
|
ad dvcs - URI:https://localhost:8433/509
|
|
|
|
Signature Algorithm: sha1WithRSAEncryption
|
|
00:45:db:09:5b:08:5b:1a:ff:71:50:6c:12:ad:8e:78:32:1d:
|
|
7d:e7:e4:d3:3e:5f:ca:20:84:aa:ff:9a:c2:b6:a9:48:93:1f:
|
|
73:27:d1:68:05:76:36:f9:c1:53:90:ad:8a:c0:b3:12:c8:11:
|
|
5c:2c:65:01:ac:31:d1:8e:60:6e:c6:f5:ba:9d:69:e8:f1:ac:
|
|
4a:de:52:94:cd:06:24:45:72:64:89:0f:57:8b:26:2b:16:cf:
|
|
0b:27:c4:e8:73:c7:d3:e5:42:38:95:57:b5:bb:83:b4:92:d4:
|
|
e0:cd:fb:c8:f5:d2:da:1d:11:fe:3c:18:20:8b:bd:22:31:1c:
|
|
5a:82:d4:f5:71:8d:8a:e3:13:82:c5:2d:f3:9f:d0:b7:b8:4b:
|
|
d2:46:9d:8e:1a:d7:99:6e:c1:b9:a0
|
|
-----BEGIN CERTIFICATE-----
|
|
MIIDtzCCAwWgAwIBAgIJAKQXcAmIjEjNMA0GCSqGSIb3DQEBBQUAMHIxCzAJBgNV
|
|
BAYTAlNFMQ4wDAYDVQQIEwVTb2xuYTENMAsGA1UEBxMETW9vbzENMAsGA1UEChME
|
|
SGF4eDEOMAwGA1UECxMFQ29vbHgxETAPBgNVBAMTCHN0b3Jicm9yMRIwEAYDVQQD
|
|
Ewlsb2NhbGhvc3QwHhcNMTQwMjIyMTUzODQ4WhcNMjQwMjIwMTUzODQ4WjByMQsw
|
|
CQYDVQQGEwJTRTEOMAwGA1UECBMFU29sbmExDTALBgNVBAcTBE1vb28xDTALBgNV
|
|
BAoTBEhheHgxDjAMBgNVBAsTBUNvb2x4MREwDwYDVQQDEwhzdG9yYnJvcjESMBAG
|
|
A1UEAxMJbG9jYWxob3N0MIG5MA0GCSqGSIb3DQEBAQUAA4GnADCBowKBmwNZN+oG
|
|
6vJ8DAze+FvOKSS49X4xGMxALhKRLhQQb7qvM+7BcMgRv+RKxkX7SNgcxKPLcIHf
|
|
7QQ6DBIlLXuAuVHQtWW9b06q64kBElkEwh6gP5Ia9JrRysGbu2U6NRP+xBU33dVw
|
|
ZjF07ocN9Pp392W4VxEc+g3+FkRzUEaahDGOabmjgKuqDdlKdZLzgJj7+9sEKpb7
|
|
+FdG56rZAgMBAAGjggEeMIIBGjAUBgNVHREEDTALgglsb2NhbGhvc3QwEQYJYIZI
|
|
AYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRDVVJMIHN0dW5uZWwgc2VydmVy
|
|
IHRlc3QgY2VydGlmaWNhdGUwCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUF
|
|
BwMBMAkGA1UdEwQCMAAwHQYDVR0OBBYEFDV3NTubmDy2x5rnqAS5fHCt+jepMDYG
|
|
CCsGAQUFBwELBCowKDAmBggrBgEFBQcwBIYaaHR0cHM6Ly9sb2NhbGhvc3Q6ODQz
|
|
My81MDkwNgYIKwYBBQUHAQEEKjAoMCYGCCsGAQUFBzAEhhpodHRwczovL2xvY2Fs
|
|
aG9zdDo4NDMzLzUwOTANBgkqhkiG9w0BAQUFAAOBnAAARdsJWwhbGv9xUGwSrY54
|
|
Mh195+TTPl/KIISq/5rCtqlIkx9zJ9FoBXY2+cFTkK2KwLMSyBFcLGUBrDHRjmBu
|
|
xvW6nWno8axK3lKUzQYkRXJkiQ9XiyYrFs8LJ8Toc8fT5UI4lVe1u4O0ktTgzfvI
|
|
9dLaHRH+PBggi70iMRxagtT1cY2K4xOCxS3zn9C3uEvSRp2OGteZbsG5oA==
|
|
-----END CERTIFICATE-----
|
|
-----BEGIN DH PARAMETERS-----
|
|
MIGHAoGBAMq/KFGh2oy16WzkFs1U71Uz7dIEKvSYfc+zo439pYyVzcD8MkcC15Zb
|
|
ayK3jPBYf07eKzc2TvI3/ZSducmECNP8gk2gAndP1P1rmpheN+owZJS7kQVfQmHl
|
|
UmT87U99NPaMHXMNOsFj/3mbAaANndKEnd8PM2r5fg16C4+2e5KzAgEC
|
|
-----END DH PARAMETERS-----
|