fix things

Makefile

@@ -1,5 +1,7 @@
 clean :
-	rm -rf {certificats,config,db}
+	rm -rf certificats
+	rm -rf config
+	rm -rf db
 	rm -rf *.crt
 
 test :
@@ -10,4 +12,4 @@ test :
 
 all :
 	make clean
-	make test
+	make test

ca.config.sample

@@ -1,4 +1,4 @@
- [ ca ]
+[ ca ]
 default_ca	= CA_default		# The default ca section
 
 ####################################################################
@@ -18,12 +18,12 @@ distinguished_name = req_distinguished_name
 policy = generic_policy
 
 
- [ req ]
- distinguished_name     = req_noms_distingues
- policy = generic_policy
- req_extensions = v3_req
+[ req ]
+distinguished_name     = req_noms_distingues
+policy = generic_policy
+req_extensions = v3_req
 
- [ v3_req ]
+[ v3_req ]
 # Extensions to add to a certificate request
 basicConstraints = CA:FALSE
 keyUsage = nonRepudiation, digitalSignature, keyEncipherment
@@ -50,11 +50,11 @@ commonName_max = 64
 
 
 countryName_default    = FR
-organizationName_default   = IMAO-SAS Certificate authority
+organizationName_default   = myPKI Organizationn
 localityName_default   = Limoges
 stateOrProvinceName_default = Limousin
-organizationalUnitName_default = Information Technology
-emailAddress_default = it@imao-fr.com
+organizationalUnitName_default = IT
+emailAddress_default = pierre@pi3rrot.net
 commonName_default = Root Certificate
 
 
@@ -65,4 +65,4 @@ localityName = optional
 organizationName = optional
 organizationalUnitName = optional
 commonName = supplied
-emailAddress = optional
+emailAddress = optional

certificats/ca.crt

@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFyzCCA7OgAwIBAgIULKmGowm6q681DSf4J9k5fdc/bvIwDQYJKoZIhvcNAQEL
+BQAwgY0xDjAMBgNVBAoMBXRlc3QyMQswCQYDVQQLDAJJVDEhMB8GCSqGSIb3DQEJ
+ARYScGllcnJlQHBpM3Jyb3QubmV0MRAwDgYDVQQHDAdMaW1vZ2VzMREwDwYDVQQI
+DAhMaW1vdXNpbjELMAkGA1UEBhMCRlIxGTAXBgNVBAMMEFJvb3QgQ2VydGlmaWNh
+dGUwHhcNMjUwOTA1MTAxMjA0WhcNMzMxMTIyMTAxMjA0WjCBjTEOMAwGA1UECgwF
+dGVzdDIxCzAJBgNVBAsMAklUMSEwHwYJKoZIhvcNAQkBFhJwaWVycmVAcGkzcnJv
+dC5uZXQxEDAOBgNVBAcMB0xpbW9nZXMxETAPBgNVBAgMCExpbW91c2luMQswCQYD
+VQQGEwJGUjEZMBcGA1UEAwwQUm9vdCBDZXJ0aWZpY2F0ZTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBALYtO2x7BmbedSBN7w1FRDeC0lDJWHJpmUUtPI6d
+nHMcq+5WqnDJ3XznLGZnOfj7yCuyJJpsZMhQ2w3SkUaflzD4AYlTuZP7g6nCSdn+
+Ce4QbMSyYY1o7dUrQzK0wS5qqKfPpYFSnRrHP2RifRm14WNz1/prqpdroE6BxOpM
+FZTus6YdP73U+5tX/Qj1ptnNhxE2z0pOBCw1X0jJzdsjIYC7Y5NriS0wcGkGdjCO
+2CuxaSbc5eY+r3BZtACt5IyJ5jdvyFFAZxoImBpX0OeXqCc/TjFM9wRng6pJLTDB
+iunftmPt01UEQjoH/F6G5hVnWfU6/SZNexftoZZKPsueybsCQlW4uJwMDOZIJj6X
+YsVBiFQzoMB5QT9S4Dc8hHyel4RIH1PLUuAeJnS9QpFrXkfR/ZUUjJYw/eebA/gl
+cqGpPBBIebItEt2sMNSlvhDPpP9uYGpw+wOnqvwVz0zSS0w73XoZ58rMVINTVDNG
+LFIecF4A0X/L+HxIh3N0hsifo8apqdMELHaiDDvPPT/TXpjfKx32ROAsCTOswbRN
+KZ82r4Nv+tzYrwfaDN2ucs2SgGSw0T7C2j/QiXFfe+r0y43mbzdex1gyg186CVA3
+kjtsGdgOS/lRecfLicE35eofbWSvFCTksFDTnm3TaE88xzfoqIvVJjcF4E6y+FyG
+sf37AgMBAAGjITAfMB0GA1UdDgQWBBQzXrUeoE6IC2SKzV7lC/t+XVxkPzANBgkq
+hkiG9w0BAQsFAAOCAgEAgsthcJBPUGulDygDc/4G7oYkfKwMKZnipy69kzSmiuSi
+FNxwsuwDIHoNX35V+8x9pyflxHP79YdronTrRjYMHoHxftp09oTRsHeb3Fa2Kzg2
+azQkVZ9NjvRvblR/++xKkOAaKzXzp48HzNSjJHpM23BNbvAEuaEbWr7SqyYiLvkJ
+FsydOzk759LpYzao/LAZwbS98rqAE+Hb9LWk4cy1liJ4fiz10Ohcu2auOR1KNGZ0
+9U0jtMdacrwltECXDOf+3gyDPTLfDPy1weplpuOwFiK2yUGd5wrIuC0/SdOSufO9
+mcGCNAj7JMEgbjMg6QFHBUMeOJQyPnIyNYT3EGXaCXFuap1E2wbJpQe/f3zWaKza
+W93HBUMJ+YvXsTo3LN6shYNIg/xyswJCA77jqTxiARCRcREdI1gkAb1mUG1T4KAg
+J6t6UhcvifmLQa5fZXI4h2ok+HigEoHwzq1t0bGLseik7nXLxd6kUzSXn/vP1Lh6
+oOhRRDG4b45eWWSTaFtcfjJ1UUBLzPu44Nhs92P6Zv+H32RZzHIxLKdgIIhd3HRo
+si8woV8TOYriL2pfGfD0LDxEYhUeqKHj6CeP2tq+m51OqivPtBncis5RfOI6wpFa
+R6/RhrQIyJlGPeYDOzWvDqwI1FcDlhnUagpnpbcaZ0QEsbRH9rWTGAVInBJagFo=
+-----END CERTIFICATE-----

certificats/ca.key

@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC2LTtsewZm3nUg
+Te8NRUQ3gtJQyVhyaZlFLTyOnZxzHKvuVqpwyd185yxmZzn4+8grsiSabGTIUNsN
+0pFGn5cw+AGJU7mT+4OpwknZ/gnuEGzEsmGNaO3VK0MytMEuaqinz6WBUp0axz9k
+Yn0ZteFjc9f6a6qXa6BOgcTqTBWU7rOmHT+91PubV/0I9abZzYcRNs9KTgQsNV9I
+yc3bIyGAu2OTa4ktMHBpBnYwjtgrsWkm3OXmPq9wWbQAreSMieY3b8hRQGcaCJga
+V9Dnl6gnP04xTPcEZ4OqSS0wwYrp37Zj7dNVBEI6B/xehuYVZ1n1Ov0mTXsX7aGW
+Sj7Lnsm7AkJVuLicDAzmSCY+l2LFQYhUM6DAeUE/UuA3PIR8npeESB9Ty1LgHiZ0
+vUKRa15H0f2VFIyWMP3nmwP4JXKhqTwQSHmyLRLdrDDUpb4Qz6T/bmBqcPsDp6r8
+Fc9M0ktMO916GefKzFSDU1QzRixSHnBeANF/y/h8SIdzdIbIn6PGqanTBCx2ogw7
+zz0/016Y3ysd9kTgLAkzrMG0TSmfNq+Db/rc2K8H2gzdrnLNkoBksNE+wto/0Ilx
+X3vq9MuN5m83XsdYMoNfOglQN5I7bBnYDkv5UXnHy4nBN+XqH21krxQk5LBQ055t
+02hPPMc36KiL1SY3BeBOsvhchrH9+wIDAQABAoICAB4yh+PGzhwwdRsdD/++eDz4
+sxgFErjUXD2lQ/Z36xOsWwDaM3fCs7Nyi7Tlw4GharV42qxmRJvCcK0X4aY36f3f
+U5HfOPxt9+Mke3gRA2Bc2fVjhDFxL+CNQp7zFgU1qi3hiOj+OAsqSo2/QvFcvrbs
+4DjNrqyu1cHDAlBmuuUXCYcC2NVZ/+LoxjQSqXeiTpNB50Eahtffzk2TIKEEb8Hr
+oz6FLWs6LkfvyZjpn1eOxC6sSxzL+JTCVHNltQ6+r6ncyPL+8+19eIj//swveAYZ
+bkKpzqsCOvGic5qIr8LDUckQBl8p942wU9rvYtAwHi88z0g8FlK0ZyaHDrr939OX
+F5Fjc5wkwOCar/S71zDnCRRh+cbmHRLNmeQ4RPfMGQz1iRGjYXDfJaeG7H4uR/Dn
+Ee9bVHzyVGzr4KxJHCb2I5XA7+u3wmaQHSRByKvw/HgGT6JP2eBqRW98DgaH3stZ
+Z9jwAcX4aEwZNsOM/epxsf2p9pgm+p8Vou6HueMu39yNsZ0hA21rdgpPkN0oQwXI
+Vmmalxdx9iD/80b+HiDW7Xw++NWJhW8hu3dr7e0HgUUJMsE4awBvq/hTigN9aOfy
+q81qeX2rgSEIHbhFyvnDnjdrg4ENP+suSpHO+c1xI/ZW2X9R4KuBZjHe7h/rvTqP
+32+dEYbKT15KeUk3TbLRAoIBAQDzm5ZpOkRnv6dzjRjjT2zGNwe2mPeVWWone8wp
+frjYZt9dYKid9VdihIrHZ0cDg4TuzGS5wAxZCsWgtoceNQmwpXOfsJXYObmbAeFH
+jwCdmaeY+yHV6iqc5yR3q6I7W7w2pgm7RJYGFI9Kq/RyDPBy5XhO69LF1ejeSbQh
+0a2heOCi+hU7JE/qbz/V0G59LoA+ZBo05u3fc4XERQZWa4QX4dfgNUBJEUV2qckj
+udVdkJ5LhWuqWJ8X01ORBfvmaFROjpvrE1tud437DA85xyFT5xJsbcppKm/+JbUE
+pMwpYqQmiGdsL5tHIdSWHsRrs54iXIgUP4azFViz7225/bNHAoIBAQC/caaW/8oV
+RDYfGWODP+X6upZlehKTB4e/rncezwdBoznqbhAK7y3BlwrMDQj0MS/40j3B2MUx
+k4mIfZsG8o8ypBACDzXiTSNxOkjnlI78ak3Sy7dQG3o6BnW5EAvKu6SAf7LL4t1v
+tgEp2TpbXqkNJAJ2LROfXwcZkXa904/kKHYRqgDejr9KdGzw4ePNHGT2xW3m9g2c
+PwOfNRzIewwfnNifsUU4Bh+aA3Sj/AOwUY8hov3M2xgCjl6Lbq7MfTWU1eABX458
+t9U9EhOdnd3Y2s0R1FXR5ls44wgwZ3zQSdNd3V33cUvRCbnf67tBQLKuUrAdkLWb
+HpavcMkUtvGtAoIBAQDxO4ds2JhYrL8je/vDTSmH94KZ3Ux/BrZKNxtrk+Nz2Bsk
+ms0e7o8ELgBHigwWfKys1JaCIp2Xp0Ug6t9OmHLqDE09O16HalJUHz544DFZ34jJ
+wxY0gNiF25aPMtVKNoNhEnbcjQSLLNzgsvsz3YBWJspGTNzBsBwT06SfQMXR+qNo
+gIF5uXGx00zBbM+dAulX30TcUjoIZpt2SmwGNB3wkGJ30gPA12uUIHnf+OxC5Sz7
+2DlPzMZuj4RXPje+aF3kFPBtjxOhhp6AleaV7o0gSthBq08faTjR0YE6Af9ylA29
+YqIXzeTUQboElp8nkAzuNfdDJc07lc3rERP1dDeNAoIBADb56CEMq3eX8wLTQ6R5
+QQ3Tb0UM3TCjxPPiogqS4T6UJRmRKcI6FSW2vj8Cr0OQrHoDxgBYw6gM+j3b9Bz2
+ovCj9ITi4VJvXHIzjqQSIU2TKW4TWj0C5wKqwDu4w+ogIIlWIn4yU+y0k3j1DLEY
+aeuAH8TYBP6LR3qsLzEsA/I9PEquSzmePIihDnfOJqDMOqIy5/CfUCFCZ0Pc+LsJ
+ut2JKRwSyBHikEimHWTKBjUn9rZuG/wsHqT9RWE9E61dd3maQY2jZ0OhdvbmrgNh
+Rkfz7VflZg+02xVm/P8JeOpHiQ83driMLH2HEX2gMFH4xlcRH8oduEkna5ZOCTCN
+qLECggEAVlGOI+ROtTiFFkkOJOi6cEBGMAWIFQHgyz6Db1HT1k73DrKdq6MXxYFz
+8oroHfm0u4gpxoVBwMpI44vbWdE2X/2+zMMIyTTNP72bxagN6SRtOz3TU0I8Eufc
+M765gnlIYQpQp5iPwBYxEznDYklA3vTpzPupHYCzD2nr0yGky6jgM3EXMLKVkkti
+EjiLQoRMrNscohIarSBzen3t2dBBVqBgCwmNuMAjXP1IR24bCLYlyegCh7dUtfXV
+eLshPQwrIdfCef3n5J6zLgkClucR8jiB0Lc4JSQJsv504lgjB36OIQ65i78MCcMF
+bvrL/5BmXYesoiCMBGRdXVgTamc2Yw==
+-----END PRIVATE KEY-----

certificats/test5.csr

@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIFFzCCAv8CAQAwgZAxHDAaBgNVBAoME215UEtJIE9yZ2FuaXphdGlvbm4xCzAJ
+BgNVBAsMAklUMSEwHwYJKoZIhvcNAQkBFhJwaWVycmVAcGkzcnJvdC5uZXQxEDAO
+BgNVBAcMB0xpbW9nZXMxETAPBgNVBAgMCExpbW91c2luMQswCQYDVQQGEwJGUjEO
+MAwGA1UEAwwFdGVzdDUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDQ
+/DjfG1peZCyB3R4hHN8W42uzITsDVzoSmnRRCq6S6kfbkmSQ8z8RzYX7RfEIv2wG
+4CSSZw8jyTZv698atHs8D7ywY0Ee5WTJdN0JJQpsgK+y6UJ2T2yomU71Q9zQOMhz
+SEFPysuO3s7QAE6dhHJ7Dc7QLa0KM9nB7wLmtzUjVpoYehJPRGC5gz+4171PWiND
+61QilHDArysHlrJaihOVNaze7Utya/bofmLZS3gQQsWbtMW6yWQWsPQQTORBxQUJ
+FTgTpaPgyUMyIWanFT7wE9p7y1D8QJhunAlj8Y71VX0v1/mO765T0dzHVaeSPWvO
+yBUCZJyCAa/dfjK+zzeF75Ylo3Ds6yTnS5MXmETGKfbFCfWHHQxkEb5u8e8wYcjQ
+Az7dihL2TMxsndb9etcCcOHb2YkNHO8qa2Q9h3VW5GMYKGqLIXYcO2IdSVFMbC9j
+El5gPO0LJp6xunTyVL4Do78Wz8PE9CzidhInMhnegqhGSD1h1/q/8NrnRTfVgPM3
+YlQewFhtAzbJA6PUTE79u3VmeH+I43kF2oyNI4uRk0z0u8YrLoWSDNKIF+jvKYIz
+Vh/0BEFBr+k8BzUdCEfhZ347odmnVMRgiZn561XObyg9Tr5yxQvYia6XpUkWM3BB
+3Uq5xdOYB+YnRFosI3DI9lk+QOq8di6LxijiOmvOUwIDAQABoEEwPwYJKoZIhvcN
+AQkOMTIwMDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAWBgNVHREEDzANggV0ZXN0
+NYcEAQIDBDANBgkqhkiG9w0BAQsFAAOCAgEAOkpKzY3kUuP5JhQuUDiqR2MUy1dK
+bk2vX3Y7zdYuxziTSNFXNwp9EIF61Ih/vgvEiBV6D8mKeiBgjrc/etmjkQeulssx
+iYOHdWYaU7V4IzFS8pi9QbtBd0w+B7FuKgJi90w39KsLczxh6zM8YiTYHEI7hcvy
+eWa12AbK/zgMGWxVeYGfdfRY/u/heGIvQ0jAS2YjWOUJyP5mtIEvnZQ9F7F3uElo
+dKaDaQtP3NHoUTN37xroqhZRGFjNzfFYl8djCkTn3QRk1lZ3qwLaU1jSql7IQzFi
+raceWrOODggmHqW6rc1fOcbUxdMtU8kvP7jgprObG4pGeThptfkiR3Y0xWk4dE+q
+yE0w/2HfHRH+reHjEeLLCj4PuGmYEoiPJY1LFdKzNwh+SDlpUCNCMJhQVmc5vJmT
+RBfmy4hl60cv8LbJpdqS12V8qFj3QkjNWdeMdS4S+LBVFEBauehadqWQvwwq/8Gg
+bQw94tsnltklCW7farUooxr4I3APiE9qCdvebnAr9GQvWZDvxOA9+nkY6rTOafPE
+iAkgMFG/k8oiAHCrLsYwTKpL+AiskjZqwPIEqKOBq4H1Bds84H8wcecDaR/erCsj
+7mM94a9IUXLI/6fZqBZ5rSC92QubavCMU5BTA5vyia5wyIae8Lvzwr0t2iu8rrjz
+NLfy6XxJNRJHn/Q=
+-----END CERTIFICATE REQUEST-----

certificats/test5.key

@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDQ/DjfG1peZCyB
+3R4hHN8W42uzITsDVzoSmnRRCq6S6kfbkmSQ8z8RzYX7RfEIv2wG4CSSZw8jyTZv
+698atHs8D7ywY0Ee5WTJdN0JJQpsgK+y6UJ2T2yomU71Q9zQOMhzSEFPysuO3s7Q
+AE6dhHJ7Dc7QLa0KM9nB7wLmtzUjVpoYehJPRGC5gz+4171PWiND61QilHDArysH
+lrJaihOVNaze7Utya/bofmLZS3gQQsWbtMW6yWQWsPQQTORBxQUJFTgTpaPgyUMy
+IWanFT7wE9p7y1D8QJhunAlj8Y71VX0v1/mO765T0dzHVaeSPWvOyBUCZJyCAa/d
+fjK+zzeF75Ylo3Ds6yTnS5MXmETGKfbFCfWHHQxkEb5u8e8wYcjQAz7dihL2TMxs
+ndb9etcCcOHb2YkNHO8qa2Q9h3VW5GMYKGqLIXYcO2IdSVFMbC9jEl5gPO0LJp6x
+unTyVL4Do78Wz8PE9CzidhInMhnegqhGSD1h1/q/8NrnRTfVgPM3YlQewFhtAzbJ
+A6PUTE79u3VmeH+I43kF2oyNI4uRk0z0u8YrLoWSDNKIF+jvKYIzVh/0BEFBr+k8
+BzUdCEfhZ347odmnVMRgiZn561XObyg9Tr5yxQvYia6XpUkWM3BB3Uq5xdOYB+Yn
+RFosI3DI9lk+QOq8di6LxijiOmvOUwIDAQABAoICABPVEQ3rKe+ckLS059pl7liH
+tdLGq95XSsWKhCX6CN3G/zwRGnC/BL81wn85VfRp5gszqNopOZXrJGVepvTWfSi9
+UuoSS+huBdswYewvkwZU+AIsgggkOsA35vb+PQLtleg1dS09+4SlaaRHmIOjlrxN
+b9DwZLl7zjB0ntEyQF1dfJDSFNFnlcjvxv5NoEOFiaSKZ+5C0/2/zH+TMihxbgZS
+P64wKrbDFCgKxmqvRMeWQ+vQ2JWEmHZReKKLXtChrSaoLYLVIfDVE1wQhg4DxXiX
+CbwxwTpkZD2ARUvcwp+kQJW9EzZt/HHWj/MYEnzy+JDOYAqywuomKtWu14tQCDQG
+OSvn0+3AcGq3LennoJ2IRQfW70TcixdjSK3HN7sHDOLDOczVwD8gQbqSjd4EhgGJ
+O/TKktXv5BrASilPXPbTUspyhUVVTXbgu/Zpk/UUMKbKBn8d3iDL4ppQQL7Y1Zyt
+p7DvAEJnLww2sxjDeRZA8OC3VZqtxdvXJlUVka5Wt5CwkaTtxnT4/5sW3IkSYw6u
+qAt3kQ5zFx13obLQ+NXroifRz7/pdzpyMp2pCmc3AdBN+JxUpTWJAgKhLsqzEHZj
+Ys0UMU5oI5V6SaQ2QbG/ZB6eDBM4FxZaN0wD3q7eiDlC0Pikw54DdD7fZnK++YSj
+NGxWqb2WJgzUokSDXh2hAoIBAQD/TEx44XIqxmt2JPOn/5P/Q5CH8MFOUpvD8PT7
+MXlA74bgX1sHyyg9qe1yWHbhqVy8l6M4oNP8ZGJfDBaRvDGvkZZIjFec/D2iNVbF
+LKTHMeJEZSozAmFLyQ6NvENgcduR9BkKIpVAztcH9VHpqxHw89qMrtSwjzZ7igMU
+WXfoTPvGwpt3NSbeyFKkQEd6CtUFA5Q8VhwVGg5JEFiwg66ixYeHDB5wmqB+UBsM
+eToVi2Uha+0KXgrvnKPSc8Opa0B97YThUUIVeTa29Q6sKti0M3ni/jU23m10O23E
+BxGGyDic2f/YfvAvWm5jcCxTMFMnIf9kvHeucu7igG8x9/ZZAoIBAQDRj1ML/2cI
+j2s/kyQ7WxLm86IACdSNHY/XeRP/BWjOXR8XbzCke5P4+1vXXldNBxb8XyhqlrOR
+WgTsnLCK8BM4bdKNhzfibgHoOeZsAc4HYOH5TiZa0Tm6pKV/2jnvM7Ls3oFaHs9L
+eD+bQSj7oXeOCTN/JTQh7+b921nA52zPUP9CO7J0KeJOSHrhlf1uEpxju+heYxQc
+Gkkz8dPNBnNC9adF7DlPuKy65Kv0TPvKhCgVxEKU8y1ifv3hxOTVTjsOc8yN8U5w
+W+sY5x0/v3ja5zwEwzv8Ayr7bCgTXUq8qiFUb3x4LEjv6kWAn312rCfmt39igLEt
+jhovg/XHR+yLAoIBAQCmImjBYTSCUY0s3O8SrGcK/lTXofypk2h6IhvKO2/EqhsD
+eAotEC+nsSUr/BWg1C3dLHCzMTXCUTES2TL2s5lBv2Qk4e9B4YPaQwusVFkGp5ev
+GoZTm4DlaHloEtNlt7JDUK3awpaODgwwyZv8i66pNodKdZtDKm8yBaXrYC1/pllS
+BuJUuOoKoCHncU0SRmpJUQLuILs1oDcbpN+SPp8unYyMfX5xmK5IhKiVfW4nBwdQ
+sIMY9An5091n3p29amYVjLOkTNTMVI0ekmpx75AF9FmlNfg7NJPVx7aukkr9gt4U
+dGjh4fk7V4Xuf9jYaeIy3RTt4RehFnoOO7YgtlRBAoIBAHDmcquIEg5+lh1OPLrt
+uiVLJQA4S5crUg+YX7mJRInJibKqaN505afCZByH6yjIpQ2ahr/GKUAp63U+ha6U
+4QYJxOIS83y+H7DpYMbXwhQfkh8qh2duSVfQ1IkpHQVOKRuMVMwkxTG3uyz90gKf
+XzXapy/c71VJVn1168kN5YVb8enRF7eVySK70dgvYrYmuLLSzcHsRy1MzBt8McvH
+qdltV41IUygsKoMWJ74aq5zTznTLo8NzsAPcvxMfbNmuqAqFQLNISiYmn2ZvPUbW
+9VmaMq+uL2b6nfGOt5iXLmiuj/5ZggmMck8vO/qr8oA5B9Y5DhwXkV0lrd3jjkqq
+6TkCggEAdlTE17WP/N82/JlMC0o4jUG3oEOuNFt0pRb61JMk5KHm8mRabj9N5uni
+dEyX92WCi1pzHg2VF+6FZpProMD4vlL4h0YqbV7ADfpStvy8/olS9DLF4+JQMdkh
+Qols8yPz4z3ZOt48EWpDsAuh8a6eRZty9DEyA+1MSSCwW5k9/23jI6BqBmquo1CH
+/nmR3qtZtgOtTl7NjEg4qNoDvS7XPnhVOzeCpyNH1Zr8hMQ1z29FvDB4TVjHkquD
+di/HDWBBhe4lKtu6W5hyjNpl0jk57FUGfGJdzqa13Gkoxg1YUkeAJflT42s17boU
+ut6tBbsj2ewQEb7dbXf4ANWQ2vHovg==
+-----END PRIVATE KEY-----

config/ca.config

@@ -0,0 +1,68 @@
+[ ca ]
+default_ca	= CA_default		# The default ca section
+
+####################################################################
+[ CA_default ]
+dir             = ./db
+certs           = ./db
+new_certs_dir   = ./db/ca.db.certs
+database        = ./db/ca.db.index
+serial          = ./db/ca.db.serial
+certificate     = ./certificats/ca.crt
+private_key     = ./certificats/ca.key
+default_days    = 3000
+default_crl_days = 30
+default_md      = sha256
+preserve        = no
+distinguished_name = req_distinguished_name
+policy = generic_policy
+
+
+[ req ]
+distinguished_name     = req_noms_distingues
+policy = generic_policy
+req_extensions = v3_req
+
+[ v3_req ]
+# Extensions to add to a certificate request
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = DNSCHANGEME
+IP.1 = 0.0.0.0
+
+
+
+[ req_noms_distingues ]
+organizationName = Organizationnal Name
+organizationalUnitName = Organizational Unit Name (department, division) 
+emailAddress = Email Address 
+emailAddress_max = 40 
+localityName = Locality Name (city, district) 
+stateOrProvinceName = State or Province Name (full name) 
+countryName = Country Name (2 letter code) 
+countryName_min = 2 
+countryName_max = 2 
+commonName = Common Name (hostname, IP, or your name) 
+commonName_max = 64 
+
+
+countryName_default    = FR
+organizationName_default   = myPKI Organizationn
+localityName_default   = Limoges
+stateOrProvinceName_default = Limousin
+organizationalUnitName_default = IT
+emailAddress_default = pierre@pi3rrot.net
+commonName_default = DNSCHANGEME
+
+
+[ generic_policy ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional

db/ca.db.certs/01.pem

@@ -0,0 +1,120 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: O=test2, OU=IT/emailAddress=pierre@pi3rrot.net, L=Limoges, ST=Limousin, C=FR, CN=Root Certificate
+        Validity
+            Not Before: Sep  5 10:12:14 2025 GMT
+            Not After : Nov 22 10:12:14 2033 GMT
+        Subject: C=FR, ST=Limousin, L=Limoges, O=myPKI Organizationn, OU=IT, CN=test5/emailAddress=pierre@pi3rrot.net
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (4096 bit)
+                Modulus:
+                    00:d0:fc:38:df:1b:5a:5e:64:2c:81:dd:1e:21:1c:
+                    df:16:e3:6b:b3:21:3b:03:57:3a:12:9a:74:51:0a:
+                    ae:92:ea:47:db:92:64:90:f3:3f:11:cd:85:fb:45:
+                    f1:08:bf:6c:06:e0:24:92:67:0f:23:c9:36:6f:eb:
+                    df:1a:b4:7b:3c:0f:bc:b0:63:41:1e:e5:64:c9:74:
+                    dd:09:25:0a:6c:80:af:b2:e9:42:76:4f:6c:a8:99:
+                    4e:f5:43:dc:d0:38:c8:73:48:41:4f:ca:cb:8e:de:
+                    ce:d0:00:4e:9d:84:72:7b:0d:ce:d0:2d:ad:0a:33:
+                    d9:c1:ef:02:e6:b7:35:23:56:9a:18:7a:12:4f:44:
+                    60:b9:83:3f:b8:d7:bd:4f:5a:23:43:eb:54:22:94:
+                    70:c0:af:2b:07:96:b2:5a:8a:13:95:35:ac:de:ed:
+                    4b:72:6b:f6:e8:7e:62:d9:4b:78:10:42:c5:9b:b4:
+                    c5:ba:c9:64:16:b0:f4:10:4c:e4:41:c5:05:09:15:
+                    38:13:a5:a3:e0:c9:43:32:21:66:a7:15:3e:f0:13:
+                    da:7b:cb:50:fc:40:98:6e:9c:09:63:f1:8e:f5:55:
+                    7d:2f:d7:f9:8e:ef:ae:53:d1:dc:c7:55:a7:92:3d:
+                    6b:ce:c8:15:02:64:9c:82:01:af:dd:7e:32:be:cf:
+                    37:85:ef:96:25:a3:70:ec:eb:24:e7:4b:93:17:98:
+                    44:c6:29:f6:c5:09:f5:87:1d:0c:64:11:be:6e:f1:
+                    ef:30:61:c8:d0:03:3e:dd:8a:12:f6:4c:cc:6c:9d:
+                    d6:fd:7a:d7:02:70:e1:db:d9:89:0d:1c:ef:2a:6b:
+                    64:3d:87:75:56:e4:63:18:28:6a:8b:21:76:1c:3b:
+                    62:1d:49:51:4c:6c:2f:63:12:5e:60:3c:ed:0b:26:
+                    9e:b1:ba:74:f2:54:be:03:a3:bf:16:cf:c3:c4:f4:
+                    2c:e2:76:12:27:32:19:de:82:a8:46:48:3d:61:d7:
+                    fa:bf:f0:da:e7:45:37:d5:80:f3:37:62:54:1e:c0:
+                    58:6d:03:36:c9:03:a3:d4:4c:4e:fd:bb:75:66:78:
+                    7f:88:e3:79:05:da:8c:8d:23:8b:91:93:4c:f4:bb:
+                    c6:2b:2e:85:92:0c:d2:88:17:e8:ef:29:82:33:56:
+                    1f:f4:04:41:41:af:e9:3c:07:35:1d:08:47:e1:67:
+                    7e:3b:a1:d9:a7:54:c4:60:89:99:f9:eb:55:ce:6f:
+                    28:3d:4e:be:72:c5:0b:d8:89:ae:97:a5:49:16:33:
+                    70:41:dd:4a:b9:c5:d3:98:07:e6:27:44:5a:2c:23:
+                    70:c8:f6:59:3e:40:ea:bc:76:2e:8b:c6:28:e2:3a:
+                    6b:ce:53
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                18:F8:0B:65:81:AB:98:47:B7:DE:30:B5:1A:5D:6D:68:5C:EF:1B:1A
+            X509v3 Authority Key Identifier: 
+                33:5E:B5:1E:A0:4E:88:0B:64:8A:CD:5E:E5:0B:FB:7E:5D:5C:64:3F
+    Signature Algorithm: sha256WithRSAEncryption
+    Signature Value:
+        4d:67:d6:e1:e6:0f:8c:72:b6:81:63:6b:53:5e:2e:35:34:1a:
+        cb:93:3a:d3:72:55:fa:e7:32:c2:6c:4b:3e:34:b4:a6:88:b8:
+        bb:0e:5d:b4:3a:21:79:21:41:b1:48:71:a6:e6:75:0b:ce:20:
+        55:44:fe:b7:1b:42:d4:f8:56:e2:e4:49:88:91:63:f9:76:cd:
+        17:11:86:39:2e:3b:b7:42:22:6d:9a:94:54:ec:f4:e0:7d:7e:
+        8c:03:88:02:a7:af:20:54:b6:3f:ea:e9:46:32:05:b6:10:78:
+        c8:9d:d6:ae:5b:b0:3a:a0:32:25:c0:06:00:85:07:53:56:3f:
+        38:99:05:fa:51:27:6c:40:81:46:8e:69:1f:2b:52:1d:db:e9:
+        05:0f:99:b3:48:6d:87:01:2d:10:4b:c4:00:c2:f6:4f:03:2b:
+        a2:a1:dd:19:1d:a6:a9:4b:24:82:2d:28:8b:a2:4a:fc:8a:fc:
+        5c:84:92:80:b1:37:5f:d3:78:d6:b9:58:d5:f9:88:fb:56:e9:
+        54:a7:f3:d6:d6:a0:1a:1f:5a:37:ac:f0:19:d8:12:95:c3:b9:
+        23:7e:49:63:00:45:db:bc:bd:d5:ff:2a:37:35:df:3d:76:e0:
+        a2:4e:41:7b:cc:ee:49:23:7b:06:26:30:a6:66:b6:80:41:f4:
+        20:5c:7b:bd:a2:48:f0:ee:78:32:37:95:d5:18:54:ea:d8:03:
+        3a:66:96:03:32:1a:f4:aa:6e:d1:d6:db:3d:e3:98:fe:17:96:
+        b6:73:3a:ff:1e:af:85:ca:df:81:56:3f:2a:16:e2:1b:50:c4:
+        ff:71:8b:a4:13:97:49:51:6c:c1:fe:f7:a6:55:d4:bb:72:b9:
+        e3:f4:82:a3:73:69:8b:d0:0a:b4:14:20:71:03:e9:27:0b:11:
+        ce:9e:f4:9c:50:b4:58:88:04:fa:01:33:40:a1:41:d5:a8:23:
+        64:d9:da:69:8e:11:11:15:28:bf:8e:17:66:da:92:3a:85:d8:
+        f5:f9:62:b2:d4:f1:0c:40:10:28:be:46:38:49:cb:4a:30:66:
+        5c:88:14:32:87:e4:af:25:d8:09:1d:1e:50:18:df:7b:bc:4d:
+        62:80:ab:ba:fd:1e:47:77:d5:6c:08:18:39:0c:90:3c:53:fd:
+        16:5b:1e:38:2b:5c:59:2b:6c:b4:5e:13:79:f6:7a:36:fd:e2:
+        a7:0f:4a:79:0b:db:e2:c2:6e:83:81:24:d8:8a:d9:e4:ed:d6:
+        f5:2d:fe:b0:73:93:24:97:98:09:29:1e:fe:66:ef:5a:c0:c7:
+        b3:c3:d3:47:82:76:5b:e9:75:50:ca:74:be:d1:92:a5:ec:ba:
+        c5:2c:8b:c9:68:02:2b:0e
+-----BEGIN CERTIFICATE-----
+MIIF3DCCA8SgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBjTEOMAwGA1UECgwFdGVz
+dDIxCzAJBgNVBAsMAklUMSEwHwYJKoZIhvcNAQkBFhJwaWVycmVAcGkzcnJvdC5u
+ZXQxEDAOBgNVBAcMB0xpbW9nZXMxETAPBgNVBAgMCExpbW91c2luMQswCQYDVQQG
+EwJGUjEZMBcGA1UEAwwQUm9vdCBDZXJ0aWZpY2F0ZTAeFw0yNTA5MDUxMDEyMTRa
+Fw0zMzExMjIxMDEyMTRaMIGQMQswCQYDVQQGEwJGUjERMA8GA1UECAwITGltb3Vz
+aW4xEDAOBgNVBAcMB0xpbW9nZXMxHDAaBgNVBAoME215UEtJIE9yZ2FuaXphdGlv
+bm4xCzAJBgNVBAsMAklUMQ4wDAYDVQQDDAV0ZXN0NTEhMB8GCSqGSIb3DQEJARYS
+cGllcnJlQHBpM3Jyb3QubmV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEA0Pw43xtaXmQsgd0eIRzfFuNrsyE7A1c6Epp0UQqukupH25JkkPM/Ec2F+0Xx
+CL9sBuAkkmcPI8k2b+vfGrR7PA+8sGNBHuVkyXTdCSUKbICvsulCdk9sqJlO9UPc
+0DjIc0hBT8rLjt7O0ABOnYRyew3O0C2tCjPZwe8C5rc1I1aaGHoST0RguYM/uNe9
+T1ojQ+tUIpRwwK8rB5ayWooTlTWs3u1Lcmv26H5i2Ut4EELFm7TFuslkFrD0EEzk
+QcUFCRU4E6Wj4MlDMiFmpxU+8BPae8tQ/ECYbpwJY/GO9VV9L9f5ju+uU9Hcx1Wn
+kj1rzsgVAmScggGv3X4yvs83he+WJaNw7Osk50uTF5hExin2xQn1hx0MZBG+bvHv
+MGHI0AM+3YoS9kzMbJ3W/XrXAnDh29mJDRzvKmtkPYd1VuRjGChqiyF2HDtiHUlR
+TGwvYxJeYDztCyaesbp08lS+A6O/Fs/DxPQs4nYSJzIZ3oKoRkg9Ydf6v/Da50U3
+1YDzN2JUHsBYbQM2yQOj1ExO/bt1Znh/iON5BdqMjSOLkZNM9LvGKy6FkgzSiBfo
+7ymCM1Yf9ARBQa/pPAc1HQhH4Wd+O6HZp1TEYImZ+etVzm8oPU6+csUL2Imul6VJ
+FjNwQd1KucXTmAfmJ0RaLCNwyPZZPkDqvHYui8Yo4jprzlMCAwEAAaNCMEAwHQYD
+VR0OBBYEFBj4C2WBq5hHt94wtRpdbWhc7xsaMB8GA1UdIwQYMBaAFDNetR6gTogL
+ZIrNXuUL+35dXGQ/MA0GCSqGSIb3DQEBCwUAA4ICAQBNZ9bh5g+McraBY2tTXi41
+NBrLkzrTclX65zLCbEs+NLSmiLi7Dl20OiF5IUGxSHGm5nULziBVRP63G0LU+Fbi
+5EmIkWP5ds0XEYY5Lju3QiJtmpRU7PTgfX6MA4gCp68gVLY/6ulGMgW2EHjIndau
+W7A6oDIlwAYAhQdTVj84mQX6USdsQIFGjmkfK1Id2+kFD5mzSG2HAS0QS8QAwvZP
+Ayuiod0ZHaapSySCLSiLokr8ivxchJKAsTdf03jWuVjV+Yj7VulUp/PW1qAaH1o3
+rPAZ2BKVw7kjfkljAEXbvL3V/yo3Nd89duCiTkF7zO5JI3sGJjCmZraAQfQgXHu9
+okjw7ngyN5XVGFTq2AM6ZpYDMhr0qm7R1ts945j+F5a2czr/Hq+Fyt+BVj8qFuIb
+UMT/cYukE5dJUWzB/vemVdS7crnj9IKjc2mL0Aq0FCBxA+knCxHOnvScULRYiAT6
+ATNAoUHVqCNk2dppjhERFSi/jhdm2pI6hdj1+WKy1PEMQBAovkY4SctKMGZciBQy
+h+SvJdgJHR5QGN97vE1igKu6/R5Hd9VsCBg5DJA8U/0WWx44K1xZK2y0XhN59no2
+/eKnD0p5C9viwm6DgSTYitnk7db1Lf6wc5Mkl5gJKR7+Zu9awMezw9NHgnZb6XVQ
+ynS+0ZKl7LrFLIvJaAIrDg==
+-----END CERTIFICATE-----

db/ca.db.index

@@ -0,0 +1 @@
+V	331122101214Z		01	unknown	/C=FR/ST=Limousin/L=Limoges/O=myPKI Organizationn/OU=IT/CN=test5/emailAddress=pierre@pi3rrot.net

db/ca.db.index.attr

@@ -0,0 +1 @@
+unique_subject = yes

db/ca.db.serial

@@ -0,0 +1 @@
+02

db/ca.db.serial.old

@@ -0,0 +1 @@
+01

myPKI.py

@@ -1,3 +1,5 @@
+#!/usr/bin/env python3
+
 import sys, getopt, os
 
 def usage():
@@ -12,52 +14,85 @@ def usage():
     print('\t-h --help\tShows this help')
 
 def generate_client_auth_cert():
+    print("\n\nGénération d'un certificat client pour authentification")
+    print("=========================================================\n")
     tld = input("=> TLD of your certificate :")
     client_name = input("=> Client Name :")
 
-    # Changement du fichier de config
-    os.system('sed -i "s/DNSCHANGEME/'+ tld +'/" ./config/ca.config')
-    os.system('sed -i "s/Root Certificate/'+ tld +'/" ./config/ca.config')
-
+    with open('./config/ca.config', 'r') as file:
+        newText = file.read().replace('DNSCHANGEME', tld)
+        newText = newText.replace('Root Certificate', tld)
+    with open('./config/ca.config', 'w') as file:
+        file.write(newText)
 
     print("=> Création du certificat client")
     os.system("openssl genrsa -out ./certificats/" +client_name+ "_" +tld+ ".key 4096")
     print("[*] " +client_name+"_"+tld+".key is done")
     os.system('openssl req -new -config config/ca.config -key ./certificats/'+client_name+ '_'  +tld+  '.key  -out ./certificats/'+ client_name +'-remote.csr')
     print("[*] CSR Request completed  !")
-    os.system('openssl x509 -req -days 3650 -in ./certificats/'+client_name+'-remote.csr -CA ./certificats/ca.crt -CAkey ./certificats/ca.key -set_serial 001 -out ./certificats/'+client_name+'-remote.pem')
+    os.system('openssl req -x509 -days 3650 -in ./certificats/'+client_name+'-remote.csr -CA ./certificats/ca.crt -CAkey ./certificats/ca.key -set_serial 001 -out ./certificats/'+client_name+'-remote.pem')
     print("[*] Sign OK")
     os.system("openssl pkcs12 -export -out ./"+client_name+".full.pfx -inkey ./certificats/"+client_name+'_'+tld+".key -in ./certificats/"+client_name+"-remote.pem -certfile ./certificats/ca.crt")
     print("[*] Certificate OK")
 
+    # restauration du fichier de config
+    with open('./config/ca.config', 'r') as file:
+        newText = file.read().replace(tld, 'DNSCHANGEME')
+        newText = newText.replace(tld, 'Root Certificate')
+    with open('./config/ca.config', 'w') as file:
+        file.write(newText)
+
 
 def generate_sign():
+    print("\n\nGénération d'un certificat pour un hôte")
+    print("=====================================\n")
     tld = input("=> TLD of your certificate :")
     ip_addr = input("=> IPv4 :")
 
     # Changement du fichier de config
-    os.system('sed -i "s/DNSCHANGEME/'+ tld +'/" ./config/ca.config')
-    os.system('sed -i "s/0.0.0.0/'+ ip_addr +'/" ./config/ca.config')
-    os.system('sed -i "s/Root Certificate/'+ tld +'/" ./config/ca.config')
+    with open('./config/ca.config', 'r') as file:
+        newText = file.read().replace('DNSCHANGEME', tld)
+        newText = newText.replace('0.0.0.0', ip_addr)
+        newText = newText.replace('Root Certificate', tld)
+    with open('./config/ca.config', 'w') as file:
+        file.write(newText)
 
     # Création des certificats
+    print("=> Création du certificat pour " + tld)
     os.system("openssl genrsa -out ./certificats/"+tld+".key 4096")
-    os.system("openssl req -days 3650 -new -config config/ca.config -key ./certificats/"+tld+".key -out certificats/"+tld+".csr")
+    print("[*] "+tld+".key is donei")
+
+    print("=> Création de la CSR")
+    os.system("openssl req -new -config config/ca.config -key ./certificats/"+tld+".key -out certificats/"+tld+".csr")
+    print("[*] CSR Request completed  !")
+
+    print("=> Signature du certificat")
     os.system("openssl ca -out "+tld+".crt -config config/ca.config -infiles certificats/"+tld+".csr ")
+    print("[*] Sign OK")
 
     # On restaure ca.config d'origine
-    os.system('sed -i "s/'+ tld +'/DNSCHANGEME/" ./config/ca.config')
-    os.system('sed -i "s/'+ ip_addr +'/0.0.0.0/" ./config/ca.config')
-    os.system('sed -i "s/'+ tld +'/Root Certificate/" ./config/ca.config')
+    with open('./config/ca.config', 'r') as file:
+        newText = file.read().replace(tld, 'DNSCHANGEME')
+        newText = newText.replace(ip_addr, '0.0.0.0')
+        newText = newText.replace(tld, 'Root Certificate')
+    with open('./config/ca.config', 'w') as file:
+        file.write(newText)
 
     print("[*] Certificate Signed !")
 
 
 def generate_der():
-    os.system("openssl x509 -in certificats/ca.crt -outform DER -out certificats/ca.der")
-    print("[*] Put public CA ./certificats/ca.der on all browser you see !")
+    print("\n\nGénération d'un certificat DER pour les navigateurs")
+    print("=================================================\n")
+    if not os.path.isfile("./certificats/ca.der"):
+        os.system("openssl x509 -in certificats/ca.crt -outform DER -out certificats/ca.der")
+        print("[*] Put public CA ./certificats/ca.der on all browser you see !")
+    else:
+        print("[x] DER Certificate already exist...")
 
 def generate_ca():
+    print("\n\nGénération d'une autorité de certification")
+    print("========================================\n")
     if not os.path.isfile("./certificats/ca.key"):
         os.system("openssl genrsa -out ./certificats/ca.key 4096")
         os.system("openssl req -utf8 -new -x509 -days 3000 -config ./config/ca.config -key ./certificats/ca.key -out ./certificats/ca.crt")
@@ -67,6 +102,8 @@ def generate_ca():
 
 
 def init_dir():
+    print("\n\nInitialisation des répertoires")
+    print("================================\n")
     if not os.path.exists("./db/ca.db.certs"):
         print("[*] Creating directories")
         os.makedirs("./db/ca.db.certs")
@@ -104,6 +141,9 @@ def main():
                 generate_der()
                 generate_sign()
                 sys.exit()
+        if not opts:
+          usage()
+          sys.exit()
 
     except getopt.GetoptError as err:
         sys.stderr.write(str(err))
@@ -111,4 +151,4 @@ def main():
         sys.exit(2)
 
 if __name__ == "__main__":
-    main()
+    main()

test5.crt

@@ -0,0 +1,120 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: O=test2, OU=IT/emailAddress=pierre@pi3rrot.net, L=Limoges, ST=Limousin, C=FR, CN=Root Certificate
+        Validity
+            Not Before: Sep  5 10:12:14 2025 GMT
+            Not After : Nov 22 10:12:14 2033 GMT
+        Subject: C=FR, ST=Limousin, L=Limoges, O=myPKI Organizationn, OU=IT, CN=test5/emailAddress=pierre@pi3rrot.net
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (4096 bit)
+                Modulus:
+                    00:d0:fc:38:df:1b:5a:5e:64:2c:81:dd:1e:21:1c:
+                    df:16:e3:6b:b3:21:3b:03:57:3a:12:9a:74:51:0a:
+                    ae:92:ea:47:db:92:64:90:f3:3f:11:cd:85:fb:45:
+                    f1:08:bf:6c:06:e0:24:92:67:0f:23:c9:36:6f:eb:
+                    df:1a:b4:7b:3c:0f:bc:b0:63:41:1e:e5:64:c9:74:
+                    dd:09:25:0a:6c:80:af:b2:e9:42:76:4f:6c:a8:99:
+                    4e:f5:43:dc:d0:38:c8:73:48:41:4f:ca:cb:8e:de:
+                    ce:d0:00:4e:9d:84:72:7b:0d:ce:d0:2d:ad:0a:33:
+                    d9:c1:ef:02:e6:b7:35:23:56:9a:18:7a:12:4f:44:
+                    60:b9:83:3f:b8:d7:bd:4f:5a:23:43:eb:54:22:94:
+                    70:c0:af:2b:07:96:b2:5a:8a:13:95:35:ac:de:ed:
+                    4b:72:6b:f6:e8:7e:62:d9:4b:78:10:42:c5:9b:b4:
+                    c5:ba:c9:64:16:b0:f4:10:4c:e4:41:c5:05:09:15:
+                    38:13:a5:a3:e0:c9:43:32:21:66:a7:15:3e:f0:13:
+                    da:7b:cb:50:fc:40:98:6e:9c:09:63:f1:8e:f5:55:
+                    7d:2f:d7:f9:8e:ef:ae:53:d1:dc:c7:55:a7:92:3d:
+                    6b:ce:c8:15:02:64:9c:82:01:af:dd:7e:32:be:cf:
+                    37:85:ef:96:25:a3:70:ec:eb:24:e7:4b:93:17:98:
+                    44:c6:29:f6:c5:09:f5:87:1d:0c:64:11:be:6e:f1:
+                    ef:30:61:c8:d0:03:3e:dd:8a:12:f6:4c:cc:6c:9d:
+                    d6:fd:7a:d7:02:70:e1:db:d9:89:0d:1c:ef:2a:6b:
+                    64:3d:87:75:56:e4:63:18:28:6a:8b:21:76:1c:3b:
+                    62:1d:49:51:4c:6c:2f:63:12:5e:60:3c:ed:0b:26:
+                    9e:b1:ba:74:f2:54:be:03:a3:bf:16:cf:c3:c4:f4:
+                    2c:e2:76:12:27:32:19:de:82:a8:46:48:3d:61:d7:
+                    fa:bf:f0:da:e7:45:37:d5:80:f3:37:62:54:1e:c0:
+                    58:6d:03:36:c9:03:a3:d4:4c:4e:fd:bb:75:66:78:
+                    7f:88:e3:79:05:da:8c:8d:23:8b:91:93:4c:f4:bb:
+                    c6:2b:2e:85:92:0c:d2:88:17:e8:ef:29:82:33:56:
+                    1f:f4:04:41:41:af:e9:3c:07:35:1d:08:47:e1:67:
+                    7e:3b:a1:d9:a7:54:c4:60:89:99:f9:eb:55:ce:6f:
+                    28:3d:4e:be:72:c5:0b:d8:89:ae:97:a5:49:16:33:
+                    70:41:dd:4a:b9:c5:d3:98:07:e6:27:44:5a:2c:23:
+                    70:c8:f6:59:3e:40:ea:bc:76:2e:8b:c6:28:e2:3a:
+                    6b:ce:53
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                18:F8:0B:65:81:AB:98:47:B7:DE:30:B5:1A:5D:6D:68:5C:EF:1B:1A
+            X509v3 Authority Key Identifier: 
+                33:5E:B5:1E:A0:4E:88:0B:64:8A:CD:5E:E5:0B:FB:7E:5D:5C:64:3F
+    Signature Algorithm: sha256WithRSAEncryption
+    Signature Value:
+        4d:67:d6:e1:e6:0f:8c:72:b6:81:63:6b:53:5e:2e:35:34:1a:
+        cb:93:3a:d3:72:55:fa:e7:32:c2:6c:4b:3e:34:b4:a6:88:b8:
+        bb:0e:5d:b4:3a:21:79:21:41:b1:48:71:a6:e6:75:0b:ce:20:
+        55:44:fe:b7:1b:42:d4:f8:56:e2:e4:49:88:91:63:f9:76:cd:
+        17:11:86:39:2e:3b:b7:42:22:6d:9a:94:54:ec:f4:e0:7d:7e:
+        8c:03:88:02:a7:af:20:54:b6:3f:ea:e9:46:32:05:b6:10:78:
+        c8:9d:d6:ae:5b:b0:3a:a0:32:25:c0:06:00:85:07:53:56:3f:
+        38:99:05:fa:51:27:6c:40:81:46:8e:69:1f:2b:52:1d:db:e9:
+        05:0f:99:b3:48:6d:87:01:2d:10:4b:c4:00:c2:f6:4f:03:2b:
+        a2:a1:dd:19:1d:a6:a9:4b:24:82:2d:28:8b:a2:4a:fc:8a:fc:
+        5c:84:92:80:b1:37:5f:d3:78:d6:b9:58:d5:f9:88:fb:56:e9:
+        54:a7:f3:d6:d6:a0:1a:1f:5a:37:ac:f0:19:d8:12:95:c3:b9:
+        23:7e:49:63:00:45:db:bc:bd:d5:ff:2a:37:35:df:3d:76:e0:
+        a2:4e:41:7b:cc:ee:49:23:7b:06:26:30:a6:66:b6:80:41:f4:
+        20:5c:7b:bd:a2:48:f0:ee:78:32:37:95:d5:18:54:ea:d8:03:
+        3a:66:96:03:32:1a:f4:aa:6e:d1:d6:db:3d:e3:98:fe:17:96:
+        b6:73:3a:ff:1e:af:85:ca:df:81:56:3f:2a:16:e2:1b:50:c4:
+        ff:71:8b:a4:13:97:49:51:6c:c1:fe:f7:a6:55:d4:bb:72:b9:
+        e3:f4:82:a3:73:69:8b:d0:0a:b4:14:20:71:03:e9:27:0b:11:
+        ce:9e:f4:9c:50:b4:58:88:04:fa:01:33:40:a1:41:d5:a8:23:
+        64:d9:da:69:8e:11:11:15:28:bf:8e:17:66:da:92:3a:85:d8:
+        f5:f9:62:b2:d4:f1:0c:40:10:28:be:46:38:49:cb:4a:30:66:
+        5c:88:14:32:87:e4:af:25:d8:09:1d:1e:50:18:df:7b:bc:4d:
+        62:80:ab:ba:fd:1e:47:77:d5:6c:08:18:39:0c:90:3c:53:fd:
+        16:5b:1e:38:2b:5c:59:2b:6c:b4:5e:13:79:f6:7a:36:fd:e2:
+        a7:0f:4a:79:0b:db:e2:c2:6e:83:81:24:d8:8a:d9:e4:ed:d6:
+        f5:2d:fe:b0:73:93:24:97:98:09:29:1e:fe:66:ef:5a:c0:c7:
+        b3:c3:d3:47:82:76:5b:e9:75:50:ca:74:be:d1:92:a5:ec:ba:
+        c5:2c:8b:c9:68:02:2b:0e
+-----BEGIN CERTIFICATE-----
+MIIF3DCCA8SgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBjTEOMAwGA1UECgwFdGVz
+dDIxCzAJBgNVBAsMAklUMSEwHwYJKoZIhvcNAQkBFhJwaWVycmVAcGkzcnJvdC5u
+ZXQxEDAOBgNVBAcMB0xpbW9nZXMxETAPBgNVBAgMCExpbW91c2luMQswCQYDVQQG
+EwJGUjEZMBcGA1UEAwwQUm9vdCBDZXJ0aWZpY2F0ZTAeFw0yNTA5MDUxMDEyMTRa
+Fw0zMzExMjIxMDEyMTRaMIGQMQswCQYDVQQGEwJGUjERMA8GA1UECAwITGltb3Vz
+aW4xEDAOBgNVBAcMB0xpbW9nZXMxHDAaBgNVBAoME215UEtJIE9yZ2FuaXphdGlv
+bm4xCzAJBgNVBAsMAklUMQ4wDAYDVQQDDAV0ZXN0NTEhMB8GCSqGSIb3DQEJARYS
+cGllcnJlQHBpM3Jyb3QubmV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEA0Pw43xtaXmQsgd0eIRzfFuNrsyE7A1c6Epp0UQqukupH25JkkPM/Ec2F+0Xx
+CL9sBuAkkmcPI8k2b+vfGrR7PA+8sGNBHuVkyXTdCSUKbICvsulCdk9sqJlO9UPc
+0DjIc0hBT8rLjt7O0ABOnYRyew3O0C2tCjPZwe8C5rc1I1aaGHoST0RguYM/uNe9
+T1ojQ+tUIpRwwK8rB5ayWooTlTWs3u1Lcmv26H5i2Ut4EELFm7TFuslkFrD0EEzk
+QcUFCRU4E6Wj4MlDMiFmpxU+8BPae8tQ/ECYbpwJY/GO9VV9L9f5ju+uU9Hcx1Wn
+kj1rzsgVAmScggGv3X4yvs83he+WJaNw7Osk50uTF5hExin2xQn1hx0MZBG+bvHv
+MGHI0AM+3YoS9kzMbJ3W/XrXAnDh29mJDRzvKmtkPYd1VuRjGChqiyF2HDtiHUlR
+TGwvYxJeYDztCyaesbp08lS+A6O/Fs/DxPQs4nYSJzIZ3oKoRkg9Ydf6v/Da50U3
+1YDzN2JUHsBYbQM2yQOj1ExO/bt1Znh/iON5BdqMjSOLkZNM9LvGKy6FkgzSiBfo
+7ymCM1Yf9ARBQa/pPAc1HQhH4Wd+O6HZp1TEYImZ+etVzm8oPU6+csUL2Imul6VJ
+FjNwQd1KucXTmAfmJ0RaLCNwyPZZPkDqvHYui8Yo4jprzlMCAwEAAaNCMEAwHQYD
+VR0OBBYEFBj4C2WBq5hHt94wtRpdbWhc7xsaMB8GA1UdIwQYMBaAFDNetR6gTogL
+ZIrNXuUL+35dXGQ/MA0GCSqGSIb3DQEBCwUAA4ICAQBNZ9bh5g+McraBY2tTXi41
+NBrLkzrTclX65zLCbEs+NLSmiLi7Dl20OiF5IUGxSHGm5nULziBVRP63G0LU+Fbi
+5EmIkWP5ds0XEYY5Lju3QiJtmpRU7PTgfX6MA4gCp68gVLY/6ulGMgW2EHjIndau
+W7A6oDIlwAYAhQdTVj84mQX6USdsQIFGjmkfK1Id2+kFD5mzSG2HAS0QS8QAwvZP
+Ayuiod0ZHaapSySCLSiLokr8ivxchJKAsTdf03jWuVjV+Yj7VulUp/PW1qAaH1o3
+rPAZ2BKVw7kjfkljAEXbvL3V/yo3Nd89duCiTkF7zO5JI3sGJjCmZraAQfQgXHu9
+okjw7ngyN5XVGFTq2AM6ZpYDMhr0qm7R1ts945j+F5a2czr/Hq+Fyt+BVj8qFuIb
+UMT/cYukE5dJUWzB/vemVdS7crnj9IKjc2mL0Aq0FCBxA+knCxHOnvScULRYiAT6
+ATNAoUHVqCNk2dppjhERFSi/jhdm2pI6hdj1+WKy1PEMQBAovkY4SctKMGZciBQy
+h+SvJdgJHR5QGN97vE1igKu6/R5Hd9VsCBg5DJA8U/0WWx44K1xZK2y0XhN59no2
+/eKnD0p5C9viwm6DgSTYitnk7db1Lf6wc5Mkl5gJKR7+Zu9awMezw9NHgnZb6XVQ
+ynS+0ZKl7LrFLIvJaAIrDg==
+-----END CERTIFICATE-----