openssl/test/certs/croot-serverAuth.pem
Viktor Dukhovni 33cc5dde47 Compat self-signed trust with reject-only aux data
When auxiliary data contains only reject entries, continue to trust
self-signed objects just as when no auxiliary data is present.

This makes it possible to reject specific uses without changing
what's accepted (and thus overring the underlying EKU).

Added new supported certs and doubled test count from 38 to 76.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-01-31 21:24:12 -05:00

20 lines
1.1 KiB
Plaintext

-----BEGIN TRUSTED CERTIFICATE-----
MIIDBjCCAe6gAwIBAgIBATANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDEyOTA0NDc0NloYDzIxMTYwMTMwMDQ0NzQ2WjASMRAwDgYDVQQD
DAdSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eYA9Qa8
oEY4eQ8/HnEZE20C3yubdmv8rLAh7daRCEI7pWM17FJboKJKxdYAlAOXWj25ZyjS
feMhXKTtxjyNjoTRnVTDPdl0opZ2Z3H5xhpQd7P9eO5b4OOMiSPCmiLsPtQ3ngfN
wCtVERc6NEIcaQ06GLDtFZRexv2eh8Yc55QaksBfBcFzQ+UD3gmRySTO2I6Lfi7g
MUjRhipqVSZ66As2Tpex4KTJ2lxpSwOACFaDox+yKrjBTP7FsU3UwAGq7b7OJb3u
aa32B81uK6GJVPVo65gJ7clgZsszYkoDsGjWDqtfwTVVfv1G7rrr3Laio+2Ff3ff
tWgiQ35mJCOvxQIDAQABo2UwYzAdBgNVHQ4EFgQUjvUlrx6ba4Q9fICayVOcTXL3
o1IwHwYDVR0jBBgwFoAUjvUlrx6ba4Q9fICayVOcTXL3o1IwDAYDVR0TBAUwAwEB
/zATBgNVHSUEDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAi/mR+SIa
bs1egGRRSAzqu4KkrOG1vGVQNj0XfHn1WeAdmwEAjNi+llErpkMyY08Cjb/3fiQc
6H9CA36utf/Ym84OQOY64m4C1Kikxw8EHudoPNvSWQAFEpCk5gs6rCJEnj9QolL3
32IvZQ1m+GcrjGg976PccEaM7S362kTj+kcAswmS8iJmDAJ2b+ghHTFrFQS4GAw7
XOcqQbinx9ntGn135VsJLOXKveYvQSD7sHKCd4RFrFTSEwWmtBL96vRXmTV5wTAr
tpkKKKw5N9CiHnbhNyVrSRiLCzVDTpYQDaBJhb7XOsHi+/HOzmbK6LHe0Lt1nP+k
4PR8O0S5WC0PlzAMoAoGCCsGAQUFBwMB
-----END TRUSTED CERTIFICATE-----