added cert with OCSP access info
authorAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 28 Feb 2007 23:25:13 +0000 (23:25 -0000)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 28 Feb 2007 23:25:13 +0000 (23:25 -0000)
testing/hosts/winnetou/etc/openssl/index.txt
testing/hosts/winnetou/etc/openssl/index.txt.old
testing/hosts/winnetou/etc/openssl/newcerts/13.pem [new file with mode: 0644]
testing/hosts/winnetou/etc/openssl/openssl.cnf
testing/hosts/winnetou/etc/openssl/serial
testing/hosts/winnetou/etc/openssl/serial.old

index 9e74467..12025d7 100644 (file)
@@ -16,3 +16,4 @@ V     100620195806Z           0F      unknown /C=CH/O=Linux strongSwan/OU=Research/CN=Research CA
 V      111007105811Z           10      unknown /C=CH/O=Linux strongSwan/OU=SHA-256/CN=moon.strongswan.org
 V      111007121250Z           11      unknown /C=CH/O=Linux strongSwan/OU=SHA-384/CN=carol@strongswan.org
 V      111007122112Z           12      unknown /C=CH/O=Linux strongSwan/OU=SHA-512/CN=dave@strongswan.org
+V      120224075857Z           13      unknown /C=CH/O=Linux strongSwan/OU=OCSP/CN=carol@strongswan.org
index 4d7201a..9e74467 100644 (file)
@@ -15,3 +15,4 @@ V     100607191714Z           0E      unknown /C=CH/O=Linux strongSwan/CN=winnetou.strongswan.org
 V      100620195806Z           0F      unknown /C=CH/O=Linux strongSwan/OU=Research/CN=Research CA
 V      111007105811Z           10      unknown /C=CH/O=Linux strongSwan/OU=SHA-256/CN=moon.strongswan.org
 V      111007121250Z           11      unknown /C=CH/O=Linux strongSwan/OU=SHA-384/CN=carol@strongswan.org
+V      111007122112Z           12      unknown /C=CH/O=Linux strongSwan/OU=SHA-512/CN=dave@strongswan.org
diff --git a/testing/hosts/winnetou/etc/openssl/newcerts/13.pem b/testing/hosts/winnetou/etc/openssl/newcerts/13.pem
new file mode 100644 (file)
index 0000000..aeca7e1
--- /dev/null
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEWzCCA0OgAwIBAgIBEzANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA3MDIyNTA3NTg1N1oXDTEyMDIyNDA3NTg1N1owVjELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xDTALBgNVBAsTBE9DU1Ax
+HTAbBgNVBAMUFGNhcm9sQHN0cm9uZ3N3YW4ub3JnMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAyO4WxrPomcQSspX+ZnPit3t+tzYE/wi1E8rH3h5aO3e5
+vVZX3YxNvBqge2RPB3oQHrWwWT8vKmqzZNjJUx4bRIqd1JdTRI7L0f6XJHjnrRv8
+G7M2uHe+JbHQKPRT7IefJ4PZ1FEA8SCwKfWs5vk1/w/cabM6DVzzjtWTV9DXKD6J
+5rRlvXtJDbhAvI2w8pCC1Gt6H8qjVSb7ItJ+SD3BlW3tq3nBsYFJRL24TyQg+Kdt
+kkCRQYirog29q+J59SErjolse59dte+MhNTv+SnVFgpQE9IGEo6yaKMAWLSTv0If
+pPr/QaEV9rcsYFmR3RtHc+QaaP0hvDAPMaKdhQMIUwIDAQABo4IBQzCCAT8wCQYD
+VR0TBAIwADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFDRTWKccFIi95BslK3U92mIQ
+2rWGMG0GA1UdIwRmMGSAFF2n3XAGUTJ+57Zts7Xl4GDqLk3voUmkRzBFMQswCQYD
+VQQGEwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ry
+b25nU3dhbiBSb290IENBggEAMB8GA1UdEQQYMBaBFGNhcm9sQHN0cm9uZ3N3YW4u
+b3JnMDsGCCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL29jc3Auc3Ry
+b25nc3dhbi5vcmc6ODg4MDA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0
+cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQAc
+1bBYLYcc+js3UsHVk7W17Nr/qoNFzQZJ5Er3RjhNAgzAX1wOTrNgKXztwZde1Alj
+o05ZLXUFkB4coQwl7xo7I3EMJPUmSdHoyYyG7c7AgfcL/wwnzz4rWQl74WIZjySc
+ON0Ny9vrzbVboktYof/9Yp/+HgeKopfsaIiuNCAwmAWxiYqvDmlxxn16oOXeJFV8
+pFzZMirQ5l7QRD9iuabOdcnBp8ASH+5AbD4KjFQjo5RBVg92LwOkJo3Pf1twI57s
+pObrcM4JbHVohDornYQYfr9ymkMxJbqqkEgD8oIip0NFSbziam4ZkwgUlRIMUMU1
+/xsH+BXYZtKJbYjlnyc8
+-----END CERTIFICATE-----
index dbe31ab..5e07b16 100644 (file)
@@ -43,7 +43,7 @@ crl_extensions        = crl_ext                 # The extentions to add to the CRL
 
 default_days    = 1825                    # how long to certify for
 default_crl_days= 30                     # how long before next CRL
-default_md      = md5                     # which md to use.
+default_md      = sha1                    # which md to use.
 preserve        = no                      # keep passed DN ordering
 email_in_dn    = no                      # allow/forbid EMail in DN
 
@@ -158,6 +158,7 @@ keyUsage                        = digitalSignature, keyEncipherment, keyAgreemen
 subjectKeyIdentifier            = hash
 authorityKeyIdentifier          = keyid, issuer:always
 subjectAltName                  = email:$ENV::COMMON_NAME 
+#authorityInfoAccess           = OCSP;URI:http://ocsp.strongswan.org:8880
 crlDistributionPoints                  = URI:http://crl.strongswan.org/strongswan.crl
 
 ####################################################################