added strongSwan EC Root CA
authorAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 22 Jun 2008 16:41:00 +0000 (16:41 -0000)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 22 Jun 2008 16:41:00 +0000 (16:41 -0000)
16 files changed:
testing/hosts/winnetou/etc/openssl/ecdsa/.rand [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber.old [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/index.txt [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr.old [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.old [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/01.pem [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/02.pem [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/03.pem [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/04.pem [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/serial [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/serial.old [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecCert.pem [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecKey.pem [new file with mode: 0644]

diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/.rand b/testing/hosts/winnetou/etc/openssl/ecdsa/.rand
new file mode 100644 (file)
index 0000000..ff05826
Binary files /dev/null and b/testing/hosts/winnetou/etc/openssl/ecdsa/.rand differ
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber b/testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber
new file mode 100644 (file)
index 0000000..6496923
--- /dev/null
@@ -0,0 +1 @@
+04
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber.old b/testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber.old
new file mode 100644 (file)
index 0000000..75016ea
--- /dev/null
@@ -0,0 +1 @@
+03
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt
new file mode 100644 (file)
index 0000000..1e0540f
--- /dev/null
@@ -0,0 +1,4 @@
+V      130621144307Z           01      unknown /C=CH/O=Linux strongSwan/OU=ECDSA 521 bit/CN=moon.strongswan.org
+R      130621161252Z   080622162459Z   02      unknown /C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=carol@strongswan.org
+V      130621161359Z           03      unknown /C=CH/O=Linux strongSwan/OU=ECDSA 384 bit/CN=dave@strongswan.org
+V      130621162918Z           04      unknown /C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=carol@strongswan.org
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr
new file mode 100644 (file)
index 0000000..3a7e39e
--- /dev/null
@@ -0,0 +1 @@
+unique_subject = no
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr.old b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr.old
new file mode 100644 (file)
index 0000000..3a7e39e
--- /dev/null
@@ -0,0 +1 @@
+unique_subject = no
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.old b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.old
new file mode 100644 (file)
index 0000000..a41b459
--- /dev/null
@@ -0,0 +1,3 @@
+V      130621144307Z           01      unknown /C=CH/O=Linux strongSwan/OU=ECDSA 521 bit/CN=moon.strongswan.org
+R      130621161252Z   080622162459Z   02      unknown /C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=carol@strongswan.org
+V      130621161359Z           03      unknown /C=CH/O=Linux strongSwan/OU=ECDSA 384 bit/CN=dave@strongswan.org
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/01.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/01.pem
new file mode 100644 (file)
index 0000000..5178c7f
--- /dev/null
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDMDCCApKgAwIBAgIBATAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
+VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
+b3QgQ0EwHhcNMDgwNjIyMTQ0MzA3WhcNMTMwNjIxMTQ0MzA3WjBeMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
+NTIxIGJpdDEcMBoGA1UEAxMTbW9vbi5zdHJvbmdzd2FuLm9yZzCBmzAQBgcqhkjO
+PQIBBgUrgQQAIwOBhgAEALmnl/PUy9v7Qsc914kdzY+TQ6VY2192oRoa9SkpxXrs
+5GnWSJoz3yinpPHdchH0UknKt/C2Ik2k7izDH/Zau5gNAD1PqBrYWtcP+sLnH1G9
+BTibraniAUSpSaDhiWrfTteRNWqkzZI37a6YfKcBZozQcvYMW1co15EwZTptqykX
+Eepuo4IBEzCCAQ8wCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFDVU
+Hzs47lOG0dHsezm6aFqdwJwfMHgGA1UdIwRxMG+AFLpd+XG2E7Vq0d26Nreq0sHu
+j9jSoUykSjBIMQswCQYDVQQGEwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dh
+bjEeMBwGA1UEAxMVc3Ryb25nU3dhbiBFQyBSb290IENBggkA9qJ1fiLvpokwHgYD
+VR0RBBcwFYITbW9vbi5zdHJvbmdzd2FuLm9yZzA8BgNVHR8ENTAzMDGgL6Athito
+dHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW5fZWMuY3JsMAkGByqG
+SM49BAEDgYwAMIGIAkIBDgZs1pXvm8SwT9S1m6nIHwuZsJDsDri/PWM6NXdMUXEt
+l0p8cfq8PbJlK/0+eLz8Ec1zpWuF5vasFHkVhauHdnECQgEVuYTrlry9gAx7G4kH
+mne2yDxTclEDziWxPG4UkZbkGttf9eZlsXmNoX/Z/fojXxMYZaPqM3eOT2h6ezMD
+CI9WpQ==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/02.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/02.pem
new file mode 100644 (file)
index 0000000..69f8841
--- /dev/null
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC6jCCAk6gAwIBAgIBAjAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
+VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
+b3QgQ0EwHhcNMDgwNjIyMTYxMjUyWhcNMTMwNjIxMTYxMjUyWjBfMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
+MjU2IGJpdDEdMBsGA1UEAxQUY2Fyb2xAc3Ryb25nc3dhbi5vcmcwVjAQBgcqhkjO
+PQIBBgUrgQQACgNCAAQlXpPktKrfBWubyHuZOa6qs6oZEOyEvg2564RRwATbgbco
+dyhpdDd4LAZSIcDznicaFnyAFXcH7petwggbFxY+o4IBFDCCARAwCQYDVR0TBAIw
+ADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFKlXB+yOT1OKIF6OJJARCE2ehUfoMHgG
+A1UdIwRxMG+AFLpd+XG2E7Vq0d26Nreq0sHuj9jSoUykSjBIMQswCQYDVQQGEwJD
+SDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEeMBwGA1UEAxMVc3Ryb25nU3dh
+biBFQyBSb290IENBggkA9qJ1fiLvpokwHwYDVR0RBBgwFoEUY2Fyb2xAc3Ryb25n
+c3dhbi5vcmcwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5zdHJvbmdzd2Fu
+Lm9yZy9zdHJvbmdzd2FuX2VjLmNybDAJBgcqhkjOPQQBA4GKADCBhgJBAUi8pORy
+e8TjdVVGpvnMAyCfbY6XvMtn8leLAF1RLNGLvW9vYnpTJYwlFVQlnHDNp+bbVwfw
+BxjbM3jZjh6IgWwCQVYJayzuhboLCs18sgr+VqOCEuVhVpDolGUFnP4427/6bQsq
+hY98yakkyYM6xIHd7phMDg1v5ufWt0e/2Vp7r+v6
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/03.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/03.pem
new file mode 100644 (file)
index 0000000..075d8f1
--- /dev/null
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDCTCCAmygAwIBAgIBAzAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
+VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
+b3QgQ0EwHhcNMDgwNjIyMTYxMzU5WhcNMTMwNjIxMTYxMzU5WjBeMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
+Mzg0IGJpdDEcMBoGA1UEAxQTZGF2ZUBzdHJvbmdzd2FuLm9yZzB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABPxEg8AaVNAwCXqg0p21Zc7YzPLA3voAWf233CZJpsjb1w3y
+IeTUeIeGU7aLWAyuXgeBsx+lKzWy00LzPELOgK+3ulTHzBZg7s8kMGhwPWfV4JLA
+zrso5+i64+Y4wvRCBaOCARMwggEPMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0G
+A1UdDgQWBBQxJAy8gaP3RNBt1WTD27/IMzANmTB4BgNVHSMEcTBvgBS6XflxthO1
+atHduja3qtLB7o/Y0qFMpEowSDELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4
+IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3YW4gRUMgUm9vdCBDQYIJAPai
+dX4i76aJMB4GA1UdEQQXMBWBE2RhdmVAc3Ryb25nc3dhbi5vcmcwPAYDVR0fBDUw
+MzAxoC+gLYYraHR0cDovL2NybC5zdHJvbmdzd2FuLm9yZy9zdHJvbmdzd2FuX2Vj
+LmNybDAJBgcqhkjOPQQBA4GLADCBhwJCAZaqaroyGwqd7nb5dVVWjTK8glVzDFJH
+ru4F6R+7fDCGEOaFlxf4GRkSrvQQA8vfgo6Md9XjBwq0r+9s3xt5xJjJAkElSo1/
+wyn8KQ3XN07UIaMvPctipq2OgpfteQK/F81CtZ+YCLEQt3xT7NQpriaKwGQxJAQv
+g+Z+grJzTppAqpwRpg==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/04.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/04.pem
new file mode 100644 (file)
index 0000000..2970992
--- /dev/null
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC7zCCAlGgAwIBAgIBBDAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
+VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
+b3QgQ0EwHhcNMDgwNjIyMTYyOTE4WhcNMTMwNjIxMTYyOTE4WjBfMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
+MjU2IGJpdDEdMBsGA1UEAxQUY2Fyb2xAc3Ryb25nc3dhbi5vcmcwWTATBgcqhkjO
+PQIBBggqhkjOPQMBBwNCAAQgp/Z/GgzvVCDdVcIYqERml0KroZEaVqiF8uy8dlTS
+4mxNs6snDdEWh/LzXTd3NVnCihT2XgHxOk8NrX4hBMMYo4IBFDCCARAwCQYDVR0T
+BAIwADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFLdhGhurno1dU2SMx7UGXpa/lgJ9
+MHgGA1UdIwRxMG+AFLpd+XG2E7Vq0d26Nreq0sHuj9jSoUykSjBIMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEeMBwGA1UEAxMVc3Ryb25n
+U3dhbiBFQyBSb290IENBggkA9qJ1fiLvpokwHwYDVR0RBBgwFoEUY2Fyb2xAc3Ry
+b25nc3dhbi5vcmcwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5zdHJvbmdz
+d2FuLm9yZy9zdHJvbmdzd2FuX2VjLmNybDAJBgcqhkjOPQQBA4GMADCBiAJCATa+
+sBFW3vCx/JgLyxU85F2QuLO0/zdNBhIU0kN7kr1cYBBr8mpbhuNKm6iFe2DsFJZx
+ii3DQjwvG46is2Njzi4vAkIA72lPodCDtAFpD/2PUxjzo6xTAFazUejobkdDTUXn
+s0f8qIzzeQuTwLbp6pDmR/JGzhAeRvQT82njCo0PJ8Hbz1c=
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf b/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf
new file mode 100644 (file)
index 0000000..6da2682
--- /dev/null
@@ -0,0 +1,184 @@
+# openssl.cnf -  OpenSSL configuration file for the ZHW PKI
+# Mario Strasser <mario.strasser@zhwin.ch>
+#
+# $Id: openssl.cnf,v 1.2 2005/08/15 21:25:22 as Exp $
+#      
+
+# This definitions were set by the ca_init script DO NOT change
+# them manualy.
+CAHOME                 = /etc/openssl/ecdsa 
+RANDFILE               = $CAHOME/.rand
+
+# Extra OBJECT IDENTIFIER info:
+oid_section            = new_oids
+
+[ new_oids ]
+SmartcardLogin         = 1.3.6.1.4.1.311.20.2
+ClientAuthentication   = 1.3.6.1.4.1.311.20.2.2
+
+####################################################################
+
+[ ca ]
+default_ca     = root_ca               # The default ca section
+
+####################################################################
+
+[ root_ca ]                            
+
+dir            = $CAHOME
+certs          = $dir/certs                 # Where the issued certs are kept
+crl_dir                = $dir/crl                   # Where the issued crl are kept
+database       = $dir/index.txt             # database index file.
+new_certs_dir   = $dir/newcerts              # default place for new certs.
+
+certificate     = $dir/strongswan_ecCert.pem # The CA certificate
+serial          = $dir/serial                # The current serial number
+crl             = $dir/crl.pem               # The current CRL
+crlnumber      = $dir/crlnumber             # The current CRL serial number
+private_key     = $dir/strongswan_ecKey.pem  # The private key
+RANDFILE        = $dir/.rand                 # private random number file
+
+x509_extensions = host_ext                  # The extentions to add to the cert
+
+crl_extensions = crl_ext                    # The extentions to add to the CRL
+
+default_days    = 1825                       # how long to certify for
+default_crl_days= 30                        # how long before next CRL
+default_md      = sha256                     # which md to use.
+preserve        = no                         # keep passed DN ordering
+email_in_dn    = no                         # allow/forbid EMail in DN
+
+policy          = policy_match              # specifying how similar the request must look
+
+####################################################################
+
+# the 'match' policy
+[ policy_match ]
+countryName            = match
+stateOrProvinceName    = optional
+localityName            = optional
+organizationName       = match
+organizationalUnitName = optional
+userId                 = optional
+serialNumber           = optional
+commonName             = supplied
+emailAddress           = optional
+
+# the 'anything' policy
+[ policy_anything ]
+countryName            = optional
+stateOrProvinceName    = optional
+localityName           = optional
+organizationName       = optional
+organizationalUnitName = optional
+commonName             = supplied
+emailAddress           = optional
+
+####################################################################
+
+[ req ]
+default_bits           = 1024
+default_keyfile        = privkey.pem
+distinguished_name     = req_distinguished_name
+attributes             = req_attributes
+x509_extensions                = ca_ext        # The extentions to add to the self signed cert
+# req_extensions       = v3_req        # The extensions to add to a certificate request
+
+
+# This sets a mask for permitted string types. There are several options. 
+# default: PrintableString, T61String, BMPString.
+# pkix  : PrintableString, BMPString.
+# utf8only: only UTF8Strings.
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
+# so use this option with caution!
+string_mask                    = nombstr
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+####################################################################
+
+[ req_distinguished_name ]
+countryName                    = Country Name (2 letter code)
+countryName_default            = CH
+countryName_min                        = 2
+countryName_max                        = 2
+
+#stateOrProvinceName           = State or Province Name (full name)
+#stateOrProvinceName_default   = ZH
+
+#localityName                  = Locality Name (eg, city)
+#localityName_default          = Winterthur
+
+organizationName               = Organization Name (eg, company)
+organizationName_default       = Linux strongSwan
+
+0.organizationalUnitName               = Organizational Unit Name (eg, section)
+#0.organizationalUnitName_default      = Research
+
+#1.organizationalUnitName      = Type (eg, Staff)
+#1.organizationalUnitName_default = Staff
+
+#userId                                = UID 
+
+commonName                     = Common Name (eg, YOUR name)
+commonName_default             = $ENV::COMMON_NAME
+commonName_max                 = 64
+
+#0.emailAddress                        = Email Address (eg, foo@bar.com)
+#0.emailAddress_min              = 0
+#0.emailAddress_max              = 40
+
+#1.emailAddress                  = Second Email Address (eg, foo@bar.com)
+#1.emailAddress_min              = 0
+#1.emailAddress_max              = 40
+
+####################################################################
+
+[ req_attributes ]
+
+####################################################################
+
+[ host_ext ]
+
+basicConstraints               = CA:FALSE
+keyUsage                       = digitalSignature, keyEncipherment, keyAgreement
+subjectKeyIdentifier            = hash
+authorityKeyIdentifier          = keyid, issuer:always
+subjectAltName                 = DNS:$ENV::COMMON_NAME
+#extendedKeyUsage              = OCSPSigning
+crlDistributionPoints                  = URI:http://crl.strongswan.org/strongswan_ec.crl
+
+####################################################################
+
+[ user_ext ]
+
+basicConstraints               = CA:FALSE
+keyUsage                        = digitalSignature, keyEncipherment, keyAgreement
+subjectKeyIdentifier            = hash
+authorityKeyIdentifier          = keyid, issuer:always
+subjectAltName                  = email:$ENV::COMMON_NAME 
+#authorityInfoAccess           = OCSP;URI:http://ocsp.strongswan.org:8880
+crlDistributionPoints                  = URI:http://crl.strongswan.org/strongswan_ec.crl
+
+####################################################################
+
+[ ca_ext ]
+
+basicConstraints                       = critical, CA:TRUE
+keyUsage                        = cRLSign, keyCertSign
+subjectKeyIdentifier           = hash
+authorityKeyIdentifier         = keyid, issuer:always
+
+####################################################################
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+#issuerAltName                 = issuer:copy
+authorityKeyIdentifier         = keyid:always, issuer:always
+
+# eof
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/serial b/testing/hosts/winnetou/etc/openssl/ecdsa/serial
new file mode 100644 (file)
index 0000000..eeee65e
--- /dev/null
@@ -0,0 +1 @@
+05
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/serial.old b/testing/hosts/winnetou/etc/openssl/ecdsa/serial.old
new file mode 100644 (file)
index 0000000..6496923
--- /dev/null
@@ -0,0 +1 @@
+04
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecCert.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecCert.pem
new file mode 100644 (file)
index 0000000..3480a43
--- /dev/null
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICyDCCAiqgAwIBAgIJAPaidX4i76aJMAkGByqGSM49BAEwSDELMAkGA1UEBhMC
+Q0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3
+YW4gRUMgUm9vdCBDQTAeFw0wODA2MjIxNDM2MDZaFw0xODA2MjAxNDM2MDZaMEgx
+CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
+ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0EwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYA
+BAEUx1NvjNKzbDHaRPMsqIf/6SbUpzBa78N/WIyF6rYj8e5McAqfTfzUfFJZYoQn
+/mbP3VfjOxRuMDjrlfvdgMxwkwFDigWQfHg3CJbS7eQjjO1MrxxIJUtfSTnF29tM
+h6IYMdxaZKloCGCOrpmGCGdxD2/KwoX1SA3BlnjaNt7kSTonkqOBujCBtzAPBgNV
+HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUul35cbYTtWrR3bo2
+t6rSwe6P2NIweAYDVR0jBHEwb4AUul35cbYTtWrR3bo2t6rSwe6P2NKhTKRKMEgx
+CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
+ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0GCCQD2onV+Iu+miTAJBgcqhkjOPQQBA4GM
+ADCBiAJCAL5pU3X6NYWjOYe0cxrah27UxtUDLUNkFG/Ojl+gOH4QB0CKY0HXNyrq
+cgba73dXF/U0Cg3Ij/9g4Kd9GgYq0GlSAkIAqgqMKqXni8wbeGMJE2Mn2/8aHM3Q
+3flpHSoeNWOe/VzpRviw+VRgA4vbhhKUXBtQSiea77/DXLwOp5w7rkBoEUg=
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecKey.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecKey.pem
new file mode 100644 (file)
index 0000000..4a3b7c4
--- /dev/null
@@ -0,0 +1,7 @@
+-----BEGIN EC PRIVATE KEY-----
+MIHbAgEBBEFJlQ5poxh00lP7dd/rWQe5grTgrFtUqguppHAY/JZL0eKNiS7PpAb8
+xLmROFGAUcpraen+l6K7GKEzTCh/uUeeFaAHBgUrgQQAI6GBiQOBhgAEARTHU2+M
+0rNsMdpE8yyoh//pJtSnMFrvw39YjIXqtiPx7kxwCp9N/NR8UllihCf+Zs/dV+M7
+FG4wOOuV+92AzHCTAUOKBZB8eDcIltLt5COM7UyvHEglS19JOcXb20yHohgx3Fpk
+qWgIYI6umYYIZ3EPb8rChfVIDcGWeNo23uRJOieS
+-----END EC PRIVATE KEY-----