Re-generated the example Secret/CA/ with the small.private domain.
authorMatt Birkholz <matt@birchwood-abbey.net>
Thu, 28 Dec 2023 01:08:42 +0000 (18:08 -0700)
committerMatt Birkholz <matt@birchwood-abbey.net>
Thu, 28 Dec 2023 06:18:36 +0000 (23:18 -0700)
39 files changed:
Secret/CA/openssl-easyrsa.cnf
Secret/CA/pki/.rnd [deleted file]
Secret/CA/pki/ca.crt
Secret/CA/pki/certs_by_serial/1D7FC1A54BC58C35B3E300C337CABFA8.pem [new file with mode: 0644]
Secret/CA/pki/certs_by_serial/5BC4C03F376A8688415E10F3BCAD905E.pem [new file with mode: 0644]
Secret/CA/pki/certs_by_serial/95F05D64CEB9D8907681D5A528461DDA.pem [deleted file]
Secret/CA/pki/certs_by_serial/99AACABEAF22703B05EDC426849DF177.pem [deleted file]
Secret/CA/pki/certs_by_serial/B0C65C6B0A978A7897BA90C7E68C7FF0.pem [new file with mode: 0644]
Secret/CA/pki/certs_by_serial/C9AC3501E1D4CEF58E104B8674B99987.pem [new file with mode: 0644]
Secret/CA/pki/certs_by_serial/DCCAF785FE1F49DD878444FEE564818A.pem [deleted file]
Secret/CA/pki/certs_by_serial/EE0A8C45387C14368F23883D172135C8.pem [deleted file]
Secret/CA/pki/extensions.temp [deleted file]
Secret/CA/pki/index.txt
Secret/CA/pki/index.txt.old
Secret/CA/pki/issued/core.crt
Secret/CA/pki/issued/core.small.example.org.crt [deleted file]
Secret/CA/pki/issued/core.small.private.crt [new file with mode: 0644]
Secret/CA/pki/issued/gate.small.example.org.crt [deleted file]
Secret/CA/pki/issued/gate.small.private.crt [new file with mode: 0644]
Secret/CA/pki/issued/small.example.org.crt
Secret/CA/pki/openssl-easyrsa.cnf
Secret/CA/pki/private/ca.key
Secret/CA/pki/private/core.key
Secret/CA/pki/private/core.small.example.org.key [deleted file]
Secret/CA/pki/private/core.small.private.key [new file with mode: 0644]
Secret/CA/pki/private/gate.small.example.org.key [deleted file]
Secret/CA/pki/private/gate.small.private.key [new file with mode: 0644]
Secret/CA/pki/private/small.example.org.key
Secret/CA/pki/reqs/core.req
Secret/CA/pki/reqs/core.small.example.org.req [deleted file]
Secret/CA/pki/reqs/core.small.private.req [new file with mode: 0644]
Secret/CA/pki/reqs/gate.small.example.org.req [deleted file]
Secret/CA/pki/reqs/gate.small.private.req [new file with mode: 0644]
Secret/CA/pki/reqs/small.example.org.req
Secret/CA/pki/safessl-easyrsa.cnf
Secret/CA/pki/serial
Secret/CA/pki/serial.old
Secret/CA/vars
inst

index 11394147697414e4d5fac6329cfdc8210ab98d8a..5c4fc79e7e90a1ddb01be620a483b22c82db30af 100644 (file)
@@ -1,6 +1,4 @@
-# For use with Easy-RSA 3.1 and OpenSSL or LibreSSL
-
-RANDFILE               = $ENV::EASYRSA_PKI/.rnd
+# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL
 
 ####################################################################
 [ ca ]
@@ -21,7 +19,7 @@ crl           = $dir/crl.pem          # The current CRL
 private_key    = $dir/private/ca.key   # The private key
 RANDFILE       = $dir/.rand            # private random number file
 
-x509_extensions        = basic_exts            # The extentions to add to the cert
+x509_extensions        = basic_exts            # The extensions to add to the cert
 
 # This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
 # is designed for will. In return, we get the Issuer attached to CRLs.
@@ -35,7 +33,7 @@ preserve      = no                    # keep passed DN ordering
 # This allows to renew certificates which have not been revoked
 unique_subject = no
 
-# A few difference way of specifying how similar the request should look
+# A few different ways of specifying how similar the request should look
 # For type CA, the listed attributes must be the same, and the optional
 # and supplied fields are just that :-)
 policy         = policy_anything
@@ -59,7 +57,7 @@ default_bits          = $ENV::EASYRSA_KEY_SIZE
 default_keyfile        = privkey.pem
 default_md             = $ENV::EASYRSA_DIGEST
 distinguished_name     = $ENV::EASYRSA_DN
-x509_extensions                = easyrsa_ca    # The extentions to add to the self signed cert
+x509_extensions                = easyrsa_ca    # The extensions to add to the self signed cert
 
 # A placeholder to handle the $EXTRA_EXTS feature:
 #%EXTRA_EXTS%  # Do NOT remove or change this line as $EXTRA_EXTS support requires it
diff --git a/Secret/CA/pki/.rnd b/Secret/CA/pki/.rnd
deleted file mode 100644 (file)
index d70df68..0000000
Binary files a/Secret/CA/pki/.rnd and /dev/null differ
index 64112dc89d2d0687d47c254da2795242fe792896..e371222481f81e070e44c52d958eba69c9220416 100644 (file)
@@ -1,21 +1,21 @@
 -----BEGIN CERTIFICATE-----
-MIIDYzCCAkugAwIBAgIUdC8YacgtTTMxV6EsXOCNhlrWrWUwDQYJKoZIhvcNAQEL
-BQAwHjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMjAzMjIwMDE0
-MTFaFw0zMjAzMTkwMDE0MTFaMB4xHDAaBgNVBAMME1NtYWxsIEluc3RpdHV0ZSBM
-TEMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xV25/G1PuntuWsJm
-Yy92ACqD2ksCeGD6CFCR39HJT8NW/rp23F95iqjWkd/9FZoegrYA9MiM1E7bfaQ+
-IdtKeHAhKozODTv4sJSwkmwtUtVaxp91C32HXMpXS9WUoybkkJz2qFJ/hP94JvbI
-uNovGkW0MVfknDc0+gp1ozW757MHPR/W0sr4ne4V2UhRUZa8+xyCdv2KPV/u0FRg
-eqyIV9h/r8Bwk3ojLQGV9/vlI8nPzNQctguChA+9/a31kUAMqTsDFsR0JIEoMdpj
-iwM3i9ECcucW0oZpoJZgW+kh5LYPeiFyLKjop07FjwC0Ljek24X7m4nb//mBRl7J
-dOClAgMBAAGjgZgwgZUwHQYDVR0OBBYEFKNL3ah13z0nwBPkmbTRw3fNDee8MFkG
-A1UdIwRSMFCAFKNL3ah13z0nwBPkmbTRw3fNDee8oSKkIDAeMRwwGgYDVQQDDBNT
-bWFsbCBJbnN0aXR1dGUgTExDghR0LxhpyC1NMzFXoSxc4I2GWtatZTAMBgNVHRME
-BTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAqKX/gHEpZK08
-px/2A9WeV9eOf0S++OXJG39TIIbvGCzAjxjsTDMTwrvHawFgi6EwQUvY0+dtdxOf
-4fP+iizBbBw8jzUvmMTubbSdYGWXwYxlEwo3+x7yD9Du1waMbi+E1+qAzqj4WTvS
-PRDjUSolPFBz11d47snKQjTzCATfaDM0DzgMDUrSGL2NmTZnqoZapgpFdP+wviyK
-H6QNAGmFfqgeT1un9+mwx9NBKpoSz6Y8iAq4kthy4GXzcnIYsrd7J6rK9qe9M4Mb
-sHpxis6cJ0LSV8aZy5aVgXVPgU4mJvbUhyytJCDsX2A9TeNSXXwgXN5dhsshka4c
-VNVlFIXaVg==
+MIIDYzCCAkugAwIBAgIUZhbvHAW4Z2OFVyAt3Ps2phaX3DMwDQYJKoZIhvcNAQEL
+BQAwHjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMzEyMjgwMDQx
+NTNaFw0zMzEyMjUwMDQxNTNaMB4xHDAaBgNVBAMME1NtYWxsIEluc3RpdHV0ZSBM
+TEMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkkntMbsL2eMSxYvUX
+oM/2ZK421Sl1LzAa/tMyF8DsnQtdZz+Oa4/AXFIQOPyXNySXRKfaGlLSduE+le75
+0xyftnjBwKsCO7ieoGY6XNkgVEe5QAj+r0yJxU4dKnkjCc0vO+XSjdZkVS5ZG8yX
+4KfRa8arCGfKzrIMaj3HmnRNJsRERbsqA/XpxFoN7kZNrJjuBSA40vPmFckxI4V2
+zg/11iqbV8UY0nyzRFgLM0ZhIYKMKyGSsBxtSYWEPu31brbnpDXztNgKrJuubcqF
+YrNJvqkS+PcNQt31DJefpsTG7VDQC+xURMPQt1INjI1iHS/cFJgmXUveIlHdn5U1
+XClPAgMBAAGjgZgwgZUwHQYDVR0OBBYEFB+6gKxai4slTr8jZKKuqVEDfLE7MFkG
+A1UdIwRSMFCAFB+6gKxai4slTr8jZKKuqVEDfLE7oSKkIDAeMRwwGgYDVQQDDBNT
+bWFsbCBJbnN0aXR1dGUgTExDghRmFu8cBbhnY4VXIC3c+zamFpfcMzAMBgNVHRME
+BTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAgzSqu+ptHwuG
+L/84uFWJLBlIqnIxghZ6bCzO9iTUqRv4KjEJ69DxbD+R5IqmuQ0QI6gFdnLHAsY9
+/NkCaerQumoBuibb6eXct3nPRveH2ybnF+9jQ5EoipsX13OZea/f5j4h/SmaIA8h
+hTdm/xnlKVOuAamBI3leOpH209qlFHajrYvLB8qxarKXA6SlRtNoYFgoT6Etwp1E
+Sd9zpigQHMN5KExedIL7M4BAeL1AHzU2zXAnaZv9gdVD/S4iFCyIP+A3gkq9rAvj
+G7tWtZV+Eo6WQMyk4/qTOdyfU5QobKRXdpbZ0zAaSLH2FL4P0AR7ZgjvIsrzUoNU
+x3+lnZqnsQ==
 -----END CERTIFICATE-----
diff --git a/Secret/CA/pki/certs_by_serial/1D7FC1A54BC58C35B3E300C337CABFA8.pem b/Secret/CA/pki/certs_by_serial/1D7FC1A54BC58C35B3E300C337CABFA8.pem
new file mode 100644 (file)
index 0000000..2f95c18
--- /dev/null
@@ -0,0 +1,88 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            1d:7f:c1:a5:4b:c5:8c:35:b3:e3:00:c3:37:ca:bf:a8
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: CN=Small Institute LLC
+        Validity
+            Not Before: Dec 28 00:41:53 2023 GMT
+            Not After : Apr  1 00:41:53 2026 GMT
+        Subject: CN=small.example.org
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:a8:71:50:3b:72:39:95:55:c7:4f:0a:ad:d4:c6:
+                    21:ce:d8:ea:54:3e:b8:ab:b2:07:e6:07:e5:b3:e6:
+                    af:91:15:3d:0b:4f:72:6a:fb:98:fb:be:2d:d8:ff:
+                    11:56:88:37:c3:84:55:d2:d3:b7:06:5e:4f:b9:c2:
+                    56:90:d4:49:a0:49:d6:13:aa:bf:a4:66:30:ce:4c:
+                    bf:dd:c6:13:09:0f:f9:ea:fc:f8:d1:23:60:be:95:
+                    ff:4a:3b:2a:29:34:9d:f5:62:9f:60:7c:d7:a1:91:
+                    5b:02:5f:a2:43:50:34:8b:f7:b6:ec:52:1e:f8:bd:
+                    f3:59:0e:89:48:12:16:48:27:13:0e:b1:ed:09:f9:
+                    15:d1:12:da:dc:cc:21:20:54:ec:ce:54:36:1a:55:
+                    d4:af:07:d2:e6:58:a9:9b:8d:46:b8:8c:6f:8a:3c:
+                    07:4c:da:11:32:62:a1:53:43:5d:7e:41:31:23:ef:
+                    c3:19:40:6e:39:f6:73:74:a6:76:f7:6a:ba:56:9c:
+                    27:b2:64:b1:9f:9f:e2:6a:96:2e:24:0c:14:11:06:
+                    5e:46:08:39:94:d1:0a:a1:2e:03:b3:ba:1f:03:5a:
+                    63:b6:d1:66:1f:30:05:a2:d0:df:c5:68:cd:9a:6c:
+                    bc:73:c7:ad:71:91:ad:aa:1c:34:7a:f5:00:e7:ad:
+                    4e:51
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            X509v3 Subject Key Identifier: 
+                40:50:21:48:6C:E5:F5:D0:69:32:5D:A9:0F:54:25:FA:B3:15:58:EB
+            X509v3 Authority Key Identifier: 
+                keyid:1F:BA:80:AC:5A:8B:8B:25:4E:BF:23:64:A2:AE:A9:51:03:7C:B1:3B
+                DirName:/CN=Small Institute LLC
+                serial:66:16:EF:1C:05:B8:67:63:85:57:20:2D:DC:FB:36:A6:16:97:DC:33
+            X509v3 Extended Key Usage: 
+                TLS Web Server Authentication
+            X509v3 Key Usage: 
+                Digital Signature, Key Encipherment
+            X509v3 Subject Alternative Name: 
+                DNS:small.example.org
+    Signature Algorithm: sha256WithRSAEncryption
+    Signature Value:
+        6d:13:9d:c6:12:e9:99:e2:ea:ad:7d:72:d7:95:28:c5:3b:b6:
+        32:98:72:97:4f:72:c6:50:e2:8a:01:43:26:9c:98:03:72:4e:
+        6e:09:74:fb:be:22:99:56:4d:a0:1f:20:50:70:0e:ac:c8:53:
+        1c:3a:7c:28:de:e3:4c:49:a3:6b:72:77:eb:0b:2c:78:fd:82:
+        d6:11:5e:49:93:85:ed:97:a4:b7:69:9e:ce:1e:1b:55:70:69:
+        50:00:b4:e4:e7:c9:88:f3:63:9a:a6:5a:70:59:df:63:0f:bb:
+        49:ee:4e:18:29:7e:e6:a6:b0:2c:8b:99:a6:ad:6a:72:48:3f:
+        62:13:0f:b2:94:db:8d:fc:e4:47:ff:ae:64:4b:ab:c0:0e:6c:
+        1f:f2:24:e6:e3:1e:30:85:52:bf:8c:76:15:d6:77:13:bb:1a:
+        1e:55:88:57:40:c3:e8:83:f2:ae:e0:ca:9a:9b:35:08:62:31:
+        9a:65:81:7f:3f:ce:9e:a7:13:f8:74:fd:d0:00:19:03:00:5c:
+        0c:e8:10:76:b3:a1:9f:3e:74:0e:c2:4e:95:35:f9:7b:af:77:
+        15:43:d8:8d:34:af:6b:2d:17:05:72:49:43:4b:ae:56:89:1e:
+        ad:25:ca:96:ef:53:d0:18:18:a5:54:ba:32:4a:a0:fc:92:44:
+        cc:1e:1a:1f
+-----BEGIN CERTIFICATE-----
+MIIDjTCCAnWgAwIBAgIQHX/BpUvFjDWz4wDDN8q/qDANBgkqhkiG9w0BAQsFADAe
+MRwwGgYDVQQDDBNTbWFsbCBJbnN0aXR1dGUgTExDMB4XDTIzMTIyODAwNDE1M1oX
+DTI2MDQwMTAwNDE1M1owHDEaMBgGA1UEAwwRc21hbGwuZXhhbXBsZS5vcmcwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCocVA7cjmVVcdPCq3UxiHO2OpU
+PrirsgfmB+Wz5q+RFT0LT3Jq+5j7vi3Y/xFWiDfDhFXS07cGXk+5wlaQ1EmgSdYT
+qr+kZjDOTL/dxhMJD/nq/PjRI2C+lf9KOyopNJ31Yp9gfNehkVsCX6JDUDSL97bs
+Uh74vfNZDolIEhZIJxMOse0J+RXREtrczCEgVOzOVDYaVdSvB9LmWKmbjUa4jG+K
+PAdM2hEyYqFTQ11+QTEj78MZQG459nN0pnb3arpWnCeyZLGfn+Jqli4kDBQRBl5G
+CDmU0QqhLgOzuh8DWmO20WYfMAWi0N/FaM2abLxzx61xka2qHDR69QDnrU5RAgMB
+AAGjgcgwgcUwCQYDVR0TBAIwADAdBgNVHQ4EFgQUQFAhSGzl9dBpMl2pD1Ql+rMV
+WOswWQYDVR0jBFIwUIAUH7qArFqLiyVOvyNkoq6pUQN8sTuhIqQgMB4xHDAaBgNV
+BAMME1NtYWxsIEluc3RpdHV0ZSBMTEOCFGYW7xwFuGdjhVcgLdz7NqYWl9wzMBMG
+A1UdJQQMMAoGCCsGAQUFBwMBMAsGA1UdDwQEAwIFoDAcBgNVHREEFTATghFzbWFs
+bC5leGFtcGxlLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEAbROdxhLpmeLqrX1y15Uo
+xTu2Mphyl09yxlDiigFDJpyYA3JObgl0+74imVZNoB8gUHAOrMhTHDp8KN7jTEmj
+a3J36wsseP2C1hFeSZOF7Zekt2mezh4bVXBpUAC05OfJiPNjmqZacFnfYw+7Se5O
+GCl+5qawLIuZpq1qckg/YhMPspTbjfzkR/+uZEurwA5sH/Ik5uMeMIVSv4x2FdZ3
+E7saHlWIV0DD6IPyruDKmps1CGIxmmWBfz/OnqcT+HT90AAZAwBcDOgQdrOhnz50
+DsJOlTX5e693FUPYjTSvay0XBXJJQ0uuVokerSXKlu9T0BgYpVS6Mkqg/JJEzB4a
+Hw==
+-----END CERTIFICATE-----
diff --git a/Secret/CA/pki/certs_by_serial/5BC4C03F376A8688415E10F3BCAD905E.pem b/Secret/CA/pki/certs_by_serial/5BC4C03F376A8688415E10F3BCAD905E.pem
new file mode 100644 (file)
index 0000000..5fe5605
--- /dev/null
@@ -0,0 +1,88 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            5b:c4:c0:3f:37:6a:86:88:41:5e:10:f3:bc:ad:90:5e
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: CN=Small Institute LLC
+        Validity
+            Not Before: Dec 28 00:41:53 2023 GMT
+            Not After : Apr  1 00:41:53 2026 GMT
+        Subject: CN=gate.small.private
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:a7:da:84:ff:f6:57:28:31:8d:d3:2b:53:ea:d0:
+                    0e:55:67:c4:bd:48:b5:50:e2:e0:46:ab:71:ff:45:
+                    bf:cc:7d:64:01:63:6b:80:2d:8b:7b:3f:2b:17:5b:
+                    e5:4c:c4:6a:59:6e:b8:04:3c:5e:df:ab:d1:54:4b:
+                    7e:88:fc:8f:74:c0:c6:ca:6c:b5:31:12:f0:6b:8f:
+                    63:2c:b8:01:e7:d0:c3:c2:76:f3:42:f2:c4:e6:b0:
+                    a0:75:00:41:bb:83:35:5f:15:fc:f7:ba:2a:5a:92:
+                    6f:f4:17:09:e1:66:e6:05:23:1c:40:97:24:07:3f:
+                    48:1d:23:60:04:90:1f:bc:4e:38:1d:05:35:2c:a9:
+                    36:2b:b7:3d:b4:ea:3f:f5:2e:02:14:70:4b:56:52:
+                    3d:c9:2b:c8:e2:5c:9a:bf:cb:9a:9b:22:d3:85:c1:
+                    a8:bf:c6:7e:c9:57:b9:7a:04:5b:9a:22:60:f4:c8:
+                    0e:fe:ea:f4:8c:4e:f4:c4:06:00:be:9d:7e:13:b9:
+                    e0:87:b7:37:78:8b:f5:e3:d3:7d:d8:eb:5a:a4:f4:
+                    9b:b0:fe:1f:f7:8d:2b:f8:27:1d:5b:aa:c0:5b:c5:
+                    f4:a1:91:34:49:cd:47:69:ad:0c:d4:92:fa:d0:1b:
+                    d9:f8:e7:e7:de:a0:3e:d1:75:d3:d3:9c:d8:df:db:
+                    6c:97
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            X509v3 Subject Key Identifier: 
+                67:47:45:12:EA:0F:59:B8:34:4E:B1:E7:D6:8D:2A:09:18:67:F7:61
+            X509v3 Authority Key Identifier: 
+                keyid:1F:BA:80:AC:5A:8B:8B:25:4E:BF:23:64:A2:AE:A9:51:03:7C:B1:3B
+                DirName:/CN=Small Institute LLC
+                serial:66:16:EF:1C:05:B8:67:63:85:57:20:2D:DC:FB:36:A6:16:97:DC:33
+            X509v3 Extended Key Usage: 
+                TLS Web Server Authentication
+            X509v3 Key Usage: 
+                Digital Signature, Key Encipherment
+            X509v3 Subject Alternative Name: 
+                DNS:gate.small.private
+    Signature Algorithm: sha256WithRSAEncryption
+    Signature Value:
+        73:47:a3:51:15:cd:44:5e:67:79:dd:68:32:f3:32:e6:35:4e:
+        0a:da:a4:c5:eb:07:12:f9:41:72:a0:95:e6:34:5c:66:e9:7a:
+        53:be:1c:87:9f:b3:b2:5c:65:9a:5f:a1:31:62:90:bb:3d:a2:
+        9a:84:ef:f8:5a:7c:e1:c8:13:67:df:50:ae:9b:6d:e4:3b:31:
+        80:1f:f6:34:83:31:6f:fe:0f:9a:15:d4:85:ab:dd:a5:30:2e:
+        35:85:72:01:9a:fb:4a:ab:49:5e:e4:68:ef:11:d4:20:81:9e:
+        f0:be:6a:e8:ed:0c:8f:2c:20:38:93:be:f3:b9:31:f2:3b:c4:
+        7f:80:5a:a8:bb:03:76:95:1b:74:93:76:ef:60:9f:29:ae:fa:
+        d0:79:18:dd:e4:c8:f2:d6:9b:93:3d:d6:a6:07:ef:7c:ed:c7:
+        77:91:35:36:bb:ec:47:75:f5:fd:41:92:aa:fe:a5:fa:02:c7:
+        0c:7c:b6:8a:c5:be:02:df:52:ae:5c:a9:9a:c0:88:7e:f3:9a:
+        cc:c2:a7:ec:b9:48:47:c7:9c:39:6e:08:2d:2a:0f:c8:18:36:
+        ed:9b:ff:9e:0a:ea:2d:ee:66:89:28:7b:56:aa:a5:b7:61:6f:
+        eb:79:97:e0:3b:0e:70:12:f3:3b:5f:d5:4e:79:64:e3:a7:32:
+        ec:c2:35:1f
+-----BEGIN CERTIFICATE-----
+MIIDjzCCAnegAwIBAgIQW8TAPzdqhohBXhDzvK2QXjANBgkqhkiG9w0BAQsFADAe
+MRwwGgYDVQQDDBNTbWFsbCBJbnN0aXR1dGUgTExDMB4XDTIzMTIyODAwNDE1M1oX
+DTI2MDQwMTAwNDE1M1owHTEbMBkGA1UEAwwSZ2F0ZS5zbWFsbC5wcml2YXRlMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9qE//ZXKDGN0ytT6tAOVWfE
+vUi1UOLgRqtx/0W/zH1kAWNrgC2Lez8rF1vlTMRqWW64BDxe36vRVEt+iPyPdMDG
+ymy1MRLwa49jLLgB59DDwnbzQvLE5rCgdQBBu4M1XxX897oqWpJv9BcJ4WbmBSMc
+QJckBz9IHSNgBJAfvE44HQU1LKk2K7c9tOo/9S4CFHBLVlI9ySvI4lyav8uamyLT
+hcGov8Z+yVe5egRbmiJg9MgO/ur0jE70xAYAvp1+E7ngh7c3eIv149N92OtapPSb
+sP4f940r+CcdW6rAW8X0oZE0Sc1Haa0M1JL60BvZ+Ofn3qA+0XXT05zY39tslwID
+AQABo4HJMIHGMAkGA1UdEwQCMAAwHQYDVR0OBBYEFGdHRRLqD1m4NE6x59aNKgkY
+Z/dhMFkGA1UdIwRSMFCAFB+6gKxai4slTr8jZKKuqVEDfLE7oSKkIDAeMRwwGgYD
+VQQDDBNTbWFsbCBJbnN0aXR1dGUgTExDghRmFu8cBbhnY4VXIC3c+zamFpfcMzAT
+BgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8EBAMCBaAwHQYDVR0RBBYwFIISZ2F0
+ZS5zbWFsbC5wcml2YXRlMA0GCSqGSIb3DQEBCwUAA4IBAQBzR6NRFc1EXmd53Wgy
+8zLmNU4K2qTF6wcS+UFyoJXmNFxm6XpTvhyHn7OyXGWaX6ExYpC7PaKahO/4Wnzh
+yBNn31Cum23kOzGAH/Y0gzFv/g+aFdSFq92lMC41hXIBmvtKq0le5GjvEdQggZ7w
+vmro7QyPLCA4k77zuTHyO8R/gFqouwN2lRt0k3bvYJ8prvrQeRjd5Mjy1puTPdam
+B+987cd3kTU2u+xHdfX9QZKq/qX6AscMfLaKxb4C31KuXKmawIh+85rMwqfsuUhH
+x5w5bggtKg/IGDbtm/+eCuot7maJKHtWqqW3YW/reZfgOw5wEvM7X9VOeWTjpzLs
+wjUf
+-----END CERTIFICATE-----
diff --git a/Secret/CA/pki/certs_by_serial/95F05D64CEB9D8907681D5A528461DDA.pem b/Secret/CA/pki/certs_by_serial/95F05D64CEB9D8907681D5A528461DDA.pem
deleted file mode 100644 (file)
index bc6e145..0000000
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            95:f0:5d:64:ce:b9:d8:90:76:81:d5:a5:28:46:1d:da
-        Signature Algorithm: sha256WithRSAEncryption
-        Issuer: CN=Small Institute LLC
-        Validity
-            Not Before: Mar 22 00:14:11 2022 GMT
-            Not After : Mar  6 00:14:11 2025 GMT
-        Subject: CN=small.example.org
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
-                Modulus:
-                    00:c2:b3:c6:1f:e0:e6:54:5c:1e:0d:34:2c:02:bb:
-                    5f:d6:84:7d:fb:63:0c:fa:0d:33:a5:92:86:af:f7:
-                    e8:72:86:69:fb:45:fd:90:14:9d:55:dd:22:50:b0:
-                    be:71:94:da:68:ff:3c:46:ef:22:4a:84:ae:8e:84:
-                    2e:f9:d6:8c:fd:44:2e:eb:fe:95:5e:45:86:3f:f7:
-                    86:47:00:c1:d8:64:b4:3f:55:c8:b5:fc:69:c3:1b:
-                    aa:54:c5:f4:b6:a6:40:3f:9f:15:ff:eb:3b:1e:5e:
-                    d7:d4:eb:ae:ad:bc:e2:cf:4a:fe:df:3d:69:36:37:
-                    79:67:95:bf:43:b0:e2:d6:29:60:36:18:f8:7d:32:
-                    67:79:bb:30:95:ec:8d:93:46:56:13:72:93:96:ac:
-                    70:29:53:26:c1:d8:c7:38:4a:83:2d:56:bb:90:0f:
-                    a4:09:fd:e6:d8:72:fd:0b:48:4f:38:d4:28:31:0f:
-                    e3:63:d0:3d:d1:e2:ab:e1:10:12:c7:27:85:03:5d:
-                    7d:01:40:2e:3b:96:2e:f1:a6:a2:32:a8:bd:97:2a:
-                    90:6e:10:b6:6f:98:7a:e9:9f:06:01:de:0b:c9:18:
-                    9e:83:4c:2d:a5:5b:99:0e:19:69:77:f0:5d:e2:3d:
-                    37:c6:4d:73:c7:b0:e8:fb:5c:16:45:29:74:e4:31:
-                    99:7b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Subject Key Identifier: 
-                2C:AD:E6:55:8E:A6:4B:DF:B1:40:E4:7C:88:CB:75:5A:65:02:6F:8B
-            X509v3 Authority Key Identifier: 
-                keyid:A3:4B:DD:A8:75:DF:3D:27:C0:13:E4:99:B4:D1:C3:77:CD:0D:E7:BC
-                DirName:/CN=Small Institute LLC
-                serial:74:2F:18:69:C8:2D:4D:33:31:57:A1:2C:5C:E0:8D:86:5A:D6:AD:65
-
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 Subject Alternative Name: 
-                DNS:small.example.org
-    Signature Algorithm: sha256WithRSAEncryption
-         58:e3:fd:10:09:c5:cb:15:f6:0c:0d:22:b8:56:f6:89:85:58:
-         66:e2:24:64:99:b3:35:d2:bb:63:9f:f8:53:89:29:f5:75:61:
-         c2:34:8a:50:ac:67:fd:97:40:98:d5:8b:05:91:fb:36:f3:50:
-         ad:12:53:29:44:c0:86:b1:6f:1a:21:77:6d:43:05:84:1f:ae:
-         74:8f:ba:44:49:0e:61:90:17:39:2f:6c:c6:69:9f:89:82:f8:
-         22:6e:63:c6:d5:88:46:e5:30:e6:80:51:4c:fc:01:98:e3:31:
-         59:20:b6:3d:36:d1:0d:42:b0:9b:8e:6a:74:34:1d:a9:fb:13:
-         28:49:ae:d5:b3:83:19:38:77:f6:81:74:81:7f:d0:00:f7:22:
-         01:04:70:7d:ba:d0:44:1a:e9:00:b4:20:e9:3c:87:b1:84:c1:
-         79:92:f0:96:b5:69:77:d1:50:c4:26:da:8d:13:45:c0:ec:70:
-         5d:59:59:8f:13:59:dc:e0:84:da:73:af:7e:99:c1:30:d2:b2:
-         f1:b1:ed:79:b7:2e:c7:12:88:04:55:ce:d1:71:de:8c:bd:e8:
-         1f:0c:c1:14:24:2b:cc:74:b7:fa:e8:ce:d2:7b:48:fb:2b:fb:
-         bd:d0:98:29:bb:1c:8e:e6:1c:d3:8d:78:70:b1:c3:40:00:a3:
-         48:8c:a2:f4
------BEGIN CERTIFICATE-----
-MIIDjjCCAnagAwIBAgIRAJXwXWTOudiQdoHVpShGHdowDQYJKoZIhvcNAQELBQAw
-HjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMjAzMjIwMDE0MTFa
-Fw0yNTAzMDYwMDE0MTFaMBwxGjAYBgNVBAMMEXNtYWxsLmV4YW1wbGUub3JnMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrPGH+DmVFweDTQsArtf1oR9
-+2MM+g0zpZKGr/focoZp+0X9kBSdVd0iULC+cZTaaP88Ru8iSoSujoQu+daM/UQu
-6/6VXkWGP/eGRwDB2GS0P1XItfxpwxuqVMX0tqZAP58V/+s7Hl7X1Ouurbziz0r+
-3z1pNjd5Z5W/Q7Di1ilgNhj4fTJnebswleyNk0ZWE3KTlqxwKVMmwdjHOEqDLVa7
-kA+kCf3m2HL9C0hPONQoMQ/jY9A90eKr4RASxyeFA119AUAuO5Yu8aaiMqi9lyqQ
-bhC2b5h66Z8GAd4LyRieg0wtpVuZDhlpd/Bd4j03xk1zx7Do+1wWRSl05DGZewID
-AQABo4HIMIHFMAkGA1UdEwQCMAAwHQYDVR0OBBYEFCyt5lWOpkvfsUDkfIjLdVpl
-Am+LMFkGA1UdIwRSMFCAFKNL3ah13z0nwBPkmbTRw3fNDee8oSKkIDAeMRwwGgYD
-VQQDDBNTbWFsbCBJbnN0aXR1dGUgTExDghR0LxhpyC1NMzFXoSxc4I2GWtatZTAT
-BgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8EBAMCBaAwHAYDVR0RBBUwE4IRc21h
-bGwuZXhhbXBsZS5vcmcwDQYJKoZIhvcNAQELBQADggEBAFjj/RAJxcsV9gwNIrhW
-9omFWGbiJGSZszXSu2Of+FOJKfV1YcI0ilCsZ/2XQJjViwWR+zbzUK0SUylEwIax
-bxohd21DBYQfrnSPukRJDmGQFzkvbMZpn4mC+CJuY8bViEblMOaAUUz8AZjjMVkg
-tj020Q1CsJuOanQ0Han7EyhJrtWzgxk4d/aBdIF/0AD3IgEEcH260EQa6QC0IOk8
-h7GEwXmS8Ja1aXfRUMQm2o0TRcDscF1ZWY8TWdzghNpzr36ZwTDSsvGx7Xm3LscS
-iARVztFx3oy96B8MwRQkK8x0t/roztJ7SPsr+73QmCm7HI7mHNONeHCxw0AAo0iM
-ovQ=
------END CERTIFICATE-----
diff --git a/Secret/CA/pki/certs_by_serial/99AACABEAF22703B05EDC426849DF177.pem b/Secret/CA/pki/certs_by_serial/99AACABEAF22703B05EDC426849DF177.pem
deleted file mode 100644 (file)
index a0dae9e..0000000
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            99:aa:ca:be:af:22:70:3b:05:ed:c4:26:84:9d:f1:77
-        Signature Algorithm: sha256WithRSAEncryption
-        Issuer: CN=Small Institute LLC
-        Validity
-            Not Before: Mar 22 00:14:11 2022 GMT
-            Not After : Mar  6 00:14:11 2025 GMT
-        Subject: CN=gate.small.example.org
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
-                Modulus:
-                    00:c1:84:ad:a4:1d:8c:86:1d:eb:87:e5:dc:33:c6:
-                    00:97:00:b7:ce:03:92:3c:47:ea:d1:2b:a6:ef:2a:
-                    de:bc:58:06:5b:00:36:80:96:2f:e2:c2:7c:a6:7c:
-                    71:40:f9:67:a1:6c:f7:0b:d2:d4:41:81:98:99:66:
-                    08:93:e5:bf:b4:dc:cf:95:36:28:14:df:4d:71:f6:
-                    d8:5d:2a:17:25:ac:4a:dc:e8:bd:d9:17:d5:36:51:
-                    bf:a5:00:9f:66:eb:c0:ce:fa:e3:1f:ad:1f:45:40:
-                    d7:88:bf:93:62:cf:98:09:ba:1c:7f:74:c8:90:2f:
-                    a5:2d:78:88:64:b9:fb:3a:c5:44:29:a1:92:99:87:
-                    82:35:d8:96:18:27:23:89:a6:89:1e:3f:d2:1e:08:
-                    da:55:bf:53:aa:1d:d5:8a:17:64:6f:60:1d:07:c7:
-                    85:87:73:33:b4:ed:a5:c4:0b:79:e4:92:45:1c:0e:
-                    cc:00:6a:a1:de:44:4d:67:1a:fe:fc:b5:e8:c0:f8:
-                    44:60:a6:fb:0a:d2:f4:d9:8a:ea:d3:dc:d4:c2:18:
-                    1f:1c:57:c3:72:92:2a:6f:e7:81:9a:08:e7:8a:92:
-                    ce:45:d6:17:e1:85:a9:a5:70:99:26:aa:9a:b0:c7:
-                    fc:55:58:b8:54:9b:89:aa:b3:5a:50:db:3d:fd:21:
-                    27:37
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Subject Key Identifier: 
-                16:BC:27:A4:D7:CC:6F:29:65:3A:BA:F4:5A:8D:38:84:C0:FA:FF:C7
-            X509v3 Authority Key Identifier: 
-                keyid:A3:4B:DD:A8:75:DF:3D:27:C0:13:E4:99:B4:D1:C3:77:CD:0D:E7:BC
-                DirName:/CN=Small Institute LLC
-                serial:74:2F:18:69:C8:2D:4D:33:31:57:A1:2C:5C:E0:8D:86:5A:D6:AD:65
-
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 Subject Alternative Name: 
-                DNS:gate.small.example.org
-    Signature Algorithm: sha256WithRSAEncryption
-         4d:42:0b:e4:65:35:a9:0a:26:03:96:eb:3e:56:52:6e:82:c1:
-         cd:bd:f3:45:50:a2:66:d2:65:f6:65:8e:9d:60:4e:72:53:75:
-         04:02:cc:09:bb:41:b7:bd:b4:9f:d5:d0:26:75:f8:83:c1:b5:
-         88:9f:b5:d5:05:07:20:6b:4b:41:ca:bf:22:49:5e:42:c3:6c:
-         c5:01:b2:06:af:e8:f0:b4:a5:5e:8e:14:4c:f1:1b:85:dc:33:
-         19:63:ef:70:a3:02:2b:ec:19:72:58:95:04:81:78:8b:1d:05:
-         ef:3f:f3:2a:6b:3c:fd:ff:0b:90:81:2b:80:c0:99:bd:91:b0:
-         2f:08:10:7a:1f:bb:63:3c:03:91:e8:5b:0e:69:f4:2d:75:7c:
-         45:5b:c4:8d:0d:f3:4b:c9:a0:bc:9d:94:64:70:df:4f:53:a3:
-         28:69:cf:fe:f3:46:e9:7a:e7:34:1e:15:f3:bb:98:b9:31:d5:
-         8f:6e:e2:65:fb:0b:aa:de:a4:6d:f0:56:2a:0d:c0:51:a5:5c:
-         91:ab:a8:bc:6f:65:0a:74:3c:2d:96:5c:da:0f:f1:f7:01:f3:
-         cc:0f:51:fe:54:d0:82:86:c2:40:60:c9:a4:81:db:9e:43:db:
-         3c:66:8d:c5:2a:63:55:92:ce:9e:18:2b:2e:6b:86:7d:91:f7:
-         88:c4:5c:a8
------BEGIN CERTIFICATE-----
-MIIDmDCCAoCgAwIBAgIRAJmqyr6vInA7Be3EJoSd8XcwDQYJKoZIhvcNAQELBQAw
-HjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMjAzMjIwMDE0MTFa
-Fw0yNTAzMDYwMDE0MTFaMCExHzAdBgNVBAMMFmdhdGUuc21hbGwuZXhhbXBsZS5v
-cmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBhK2kHYyGHeuH5dwz
-xgCXALfOA5I8R+rRK6bvKt68WAZbADaAli/iwnymfHFA+WehbPcL0tRBgZiZZgiT
-5b+03M+VNigU301x9thdKhclrErc6L3ZF9U2Ub+lAJ9m68DO+uMfrR9FQNeIv5Ni
-z5gJuhx/dMiQL6UteIhkufs6xUQpoZKZh4I12JYYJyOJpokeP9IeCNpVv1OqHdWK
-F2RvYB0Hx4WHczO07aXEC3nkkkUcDswAaqHeRE1nGv78tejA+ERgpvsK0vTZiurT
-3NTCGB8cV8Nykipv54GaCOeKks5F1hfhhamlcJkmqpqwx/xVWLhUm4mqs1pQ2z39
-ISc3AgMBAAGjgc0wgcowCQYDVR0TBAIwADAdBgNVHQ4EFgQUFrwnpNfMbyllOrr0
-Wo04hMD6/8cwWQYDVR0jBFIwUIAUo0vdqHXfPSfAE+SZtNHDd80N57yhIqQgMB4x
-HDAaBgNVBAMME1NtYWxsIEluc3RpdHV0ZSBMTEOCFHQvGGnILU0zMVehLFzgjYZa
-1q1lMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGA1UdDwQEAwIFoDAhBgNVHREEGjAY
-ghZnYXRlLnNtYWxsLmV4YW1wbGUub3JnMA0GCSqGSIb3DQEBCwUAA4IBAQBNQgvk
-ZTWpCiYDlus+VlJugsHNvfNFUKJm0mX2ZY6dYE5yU3UEAswJu0G3vbSf1dAmdfiD
-wbWIn7XVBQcga0tByr8iSV5Cw2zFAbIGr+jwtKVejhRM8RuF3DMZY+9wowIr7Bly
-WJUEgXiLHQXvP/Mqazz9/wuQgSuAwJm9kbAvCBB6H7tjPAOR6FsOafQtdXxFW8SN
-DfNLyaC8nZRkcN9PU6Moac/+80bpeuc0HhXzu5i5MdWPbuJl+wuq3qRt8FYqDcBR
-pVyRq6i8b2UKdDwtllzaD/H3AfPMD1H+VNCChsJAYMmkgdueQ9s8Zo3FKmNVks6e
-GCsua4Z9kfeIxFyo
------END CERTIFICATE-----
diff --git a/Secret/CA/pki/certs_by_serial/B0C65C6B0A978A7897BA90C7E68C7FF0.pem b/Secret/CA/pki/certs_by_serial/B0C65C6B0A978A7897BA90C7E68C7FF0.pem
new file mode 100644 (file)
index 0000000..df14768
--- /dev/null
@@ -0,0 +1,85 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            b0:c6:5c:6b:0a:97:8a:78:97:ba:90:c7:e6:8c:7f:f0
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: CN=Small Institute LLC
+        Validity
+            Not Before: Dec 28 00:41:54 2023 GMT
+            Not After : Apr  1 00:41:54 2026 GMT
+        Subject: CN=core
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:9e:e1:f0:02:7e:fa:74:8b:03:8a:64:70:6b:18:
+                    2d:c8:60:4a:ce:88:f3:4c:ab:76:33:c0:1d:8c:0f:
+                    97:62:08:2e:3e:46:83:af:66:98:7d:cd:fb:3e:a7:
+                    3c:96:9e:c9:a1:f9:54:1f:90:c0:db:1b:31:9d:be:
+                    d7:fc:b9:8b:26:ae:34:9e:aa:d5:ef:3b:7e:ee:b3:
+                    7e:dc:88:07:be:cd:38:19:7d:d4:97:6a:db:12:85:
+                    ce:11:a2:2c:79:aa:2f:cc:4f:67:cf:94:ab:82:cc:
+                    76:9f:95:18:f2:96:a7:36:25:07:5b:29:61:c3:20:
+                    f8:9d:ff:cd:35:fc:43:bf:dc:4b:fe:ab:c1:bc:68:
+                    b1:f9:db:5d:35:f9:04:28:88:e0:76:74:6f:8b:d5:
+                    c1:f9:20:a3:f3:cb:1f:12:e5:6f:77:0a:ce:c1:31:
+                    e6:e1:c4:10:d1:9a:64:e4:a8:7c:16:4b:84:ed:30:
+                    e5:3e:e4:6f:b6:27:b8:4c:36:2f:44:76:00:75:83:
+                    5e:ab:91:cc:82:98:c7:57:51:ca:55:5f:2c:a4:f2:
+                    bc:b5:2a:2d:ea:41:8e:93:d9:80:b2:49:af:98:6d:
+                    94:e2:c4:f1:f0:14:0f:7e:bb:5b:15:9a:30:df:83:
+                    b2:21:7a:3c:6d:58:05:d3:62:fd:f4:f3:f5:d5:42:
+                    53:53
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            X509v3 Subject Key Identifier: 
+                C1:1F:16:6C:BD:1B:9C:46:D9:41:1F:A3:5B:C7:5B:13:94:6C:A6:DF
+            X509v3 Authority Key Identifier: 
+                keyid:1F:BA:80:AC:5A:8B:8B:25:4E:BF:23:64:A2:AE:A9:51:03:7C:B1:3B
+                DirName:/CN=Small Institute LLC
+                serial:66:16:EF:1C:05:B8:67:63:85:57:20:2D:DC:FB:36:A6:16:97:DC:33
+            X509v3 Extended Key Usage: 
+                TLS Web Client Authentication
+            X509v3 Key Usage: 
+                Digital Signature
+    Signature Algorithm: sha256WithRSAEncryption
+    Signature Value:
+        9a:51:d3:7e:b5:3e:6c:6d:c1:49:f9:14:7a:c2:8b:ae:af:0a:
+        72:7e:ac:fd:fe:72:75:fd:e7:79:23:da:03:2e:65:83:d6:b2:
+        62:05:5e:88:18:e9:c9:47:26:07:54:9e:c6:50:98:22:72:f3:
+        34:1e:d3:c0:3e:73:b2:0a:96:5c:a7:0e:81:54:01:01:ff:86:
+        61:4d:20:d7:00:bd:36:5a:09:cc:f3:8e:94:b4:32:18:13:a9:
+        34:bf:7f:be:64:d0:c6:2c:3a:4f:64:31:d5:e8:0a:ed:7a:3d:
+        99:2a:79:1e:00:20:44:92:e5:82:ee:43:f9:83:cd:1f:fb:75:
+        cf:af:5e:f7:a7:2c:98:af:e8:07:f6:22:72:a0:b9:84:01:0a:
+        7c:3c:57:f8:b1:db:33:b7:13:cf:57:25:72:10:88:49:c7:9f:
+        70:8a:59:ea:71:5c:ac:94:07:cf:05:ce:b5:0f:57:3c:4c:47:
+        f2:1a:d0:f7:d7:bb:a5:04:57:33:85:c5:8d:2c:05:b9:7d:f6:
+        a0:24:69:eb:86:94:25:88:78:0e:a6:a8:80:10:5b:5b:84:c1:
+        a2:2e:42:fd:9e:00:dc:db:5f:ba:b4:8c:0d:34:43:06:0d:d8:
+        7e:06:4e:51:64:2a:5e:1b:03:64:ce:a2:fd:41:9c:01:de:d6:
+        45:fb:42:72
+-----BEGIN CERTIFICATE-----
+MIIDYzCCAkugAwIBAgIRALDGXGsKl4p4l7qQx+aMf/AwDQYJKoZIhvcNAQELBQAw
+HjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMzEyMjgwMDQxNTRa
+Fw0yNjA0MDEwMDQxNTRaMA8xDTALBgNVBAMMBGNvcmUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCe4fACfvp0iwOKZHBrGC3IYErOiPNMq3YzwB2MD5di
+CC4+RoOvZph9zfs+pzyWnsmh+VQfkMDbGzGdvtf8uYsmrjSeqtXvO37us37ciAe+
+zTgZfdSXatsShc4Roix5qi/MT2fPlKuCzHaflRjylqc2JQdbKWHDIPid/801/EO/
+3Ev+q8G8aLH52101+QQoiOB2dG+L1cH5IKPzyx8S5W93Cs7BMebhxBDRmmTkqHwW
+S4TtMOU+5G+2J7hMNi9EdgB1g16rkcyCmMdXUcpVXyyk8ry1Ki3qQY6T2YCySa+Y
+bZTixPHwFA9+u1sVmjDfg7IhejxtWAXTYv308/XVQlNTAgMBAAGjgaowgacwCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUwR8WbL0bnEbZQR+jW8dbE5Rspt8wWQYDVR0jBFIw
+UIAUH7qArFqLiyVOvyNkoq6pUQN8sTuhIqQgMB4xHDAaBgNVBAMME1NtYWxsIElu
+c3RpdHV0ZSBMTEOCFGYW7xwFuGdjhVcgLdz7NqYWl9wzMBMGA1UdJQQMMAoGCCsG
+AQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAmlHTfrU+bG3B
+SfkUesKLrq8Kcn6s/f5ydf3neSPaAy5lg9ayYgVeiBjpyUcmB1SexlCYInLzNB7T
+wD5zsgqWXKcOgVQBAf+GYU0g1wC9NloJzPOOlLQyGBOpNL9/vmTQxiw6T2Qx1egK
+7Xo9mSp5HgAgRJLlgu5D+YPNH/t1z69e96csmK/oB/YicqC5hAEKfDxX+LHbM7cT
+z1clchCIScefcIpZ6nFcrJQHzwXOtQ9XPExH8hrQ99e7pQRXM4XFjSwFuX32oCRp
+64aUJYh4DqaogBBbW4TBoi5C/Z4A3NtfurSMDTRDBg3YfgZOUWQqXhsDZM6i/UGc
+Ad7WRftCcg==
+-----END CERTIFICATE-----
diff --git a/Secret/CA/pki/certs_by_serial/C9AC3501E1D4CEF58E104B8674B99987.pem b/Secret/CA/pki/certs_by_serial/C9AC3501E1D4CEF58E104B8674B99987.pem
new file mode 100644 (file)
index 0000000..cf35d37
--- /dev/null
@@ -0,0 +1,88 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            c9:ac:35:01:e1:d4:ce:f5:8e:10:4b:86:74:b9:99:87
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: CN=Small Institute LLC
+        Validity
+            Not Before: Dec 28 00:41:54 2023 GMT
+            Not After : Apr  1 00:41:54 2026 GMT
+        Subject: CN=core.small.private
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:a6:a4:2a:5e:62:22:18:f8:c9:97:8a:af:f1:e7:
+                    d1:be:34:67:fe:59:31:f8:10:33:a4:b3:01:b6:3b:
+                    f4:8b:27:e4:de:e0:a7:60:55:f1:c1:7d:5d:ee:f6:
+                    b9:41:e9:12:af:2f:a7:70:05:2a:f6:4f:4b:e3:e1:
+                    b3:09:6f:c6:c3:38:de:fe:28:bd:f8:dd:44:72:15:
+                    db:89:03:f1:0d:70:ed:90:e9:d9:d7:a2:25:a7:7a:
+                    7b:de:d6:62:55:c8:5b:02:31:e7:1c:f5:78:e4:a6:
+                    7d:30:bf:92:d2:fc:77:d7:9b:d2:eb:f6:69:d5:35:
+                    d0:31:4f:2f:22:85:94:6f:b5:06:a7:fc:41:11:8f:
+                    51:a9:d2:2f:e0:dd:b9:f6:bc:cf:b0:f7:27:a7:8e:
+                    4d:d1:de:48:cd:a9:a3:5d:b6:86:ac:2a:b1:c1:61:
+                    8a:30:f5:84:a2:a6:13:cc:39:29:c4:95:d0:33:6d:
+                    8e:a9:ec:54:1e:3f:0d:3b:11:26:0d:56:13:c4:27:
+                    7a:d2:69:e2:c0:39:ac:ee:75:57:ec:61:d2:0c:92:
+                    fb:13:3a:38:1d:d2:3a:5f:7d:65:68:06:3a:78:1a:
+                    5e:1b:a6:83:bd:fb:3e:2f:14:fd:e7:ad:d3:d9:ea:
+                    00:61:79:d0:c1:31:73:21:df:22:3a:b6:87:8a:a4:
+                    b6:6b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            X509v3 Subject Key Identifier: 
+                4F:A5:B5:CC:E6:EC:FA:20:5D:5A:1F:01:54:19:A6:9B:83:07:7B:10
+            X509v3 Authority Key Identifier: 
+                keyid:1F:BA:80:AC:5A:8B:8B:25:4E:BF:23:64:A2:AE:A9:51:03:7C:B1:3B
+                DirName:/CN=Small Institute LLC
+                serial:66:16:EF:1C:05:B8:67:63:85:57:20:2D:DC:FB:36:A6:16:97:DC:33
+            X509v3 Extended Key Usage: 
+                TLS Web Server Authentication
+            X509v3 Key Usage: 
+                Digital Signature, Key Encipherment
+            X509v3 Subject Alternative Name: 
+                DNS:core.small.private
+    Signature Algorithm: sha256WithRSAEncryption
+    Signature Value:
+        36:4f:21:96:09:ab:bd:29:ac:af:7e:8d:c3:60:6f:b5:c9:ff:
+        99:13:fc:30:85:60:c5:0a:39:35:5d:38:05:1e:d4:15:36:c8:
+        bb:b5:7c:b3:11:fc:5f:26:e0:af:66:3b:b7:10:b4:3a:5d:8c:
+        25:35:68:f0:69:d1:bc:de:aa:e3:4c:a1:47:1f:c0:61:c0:a8:
+        8b:76:5d:50:84:77:4d:2a:24:2a:da:82:ce:75:3f:fe:2d:55:
+        86:53:c6:e9:30:d7:b2:c4:8b:6f:64:25:42:50:0e:93:94:59:
+        34:c7:4e:6d:3c:ee:d1:05:eb:c7:4b:48:f7:da:e2:c0:12:5d:
+        f8:71:ff:ce:78:6e:48:b2:6f:4b:b6:75:a3:e6:f0:ee:38:76:
+        f0:96:b1:b4:42:04:d7:d6:05:c7:c6:89:c7:8e:60:21:89:28:
+        ec:6e:fb:33:08:11:aa:b6:5e:37:28:f1:95:40:af:88:de:34:
+        cc:d0:5d:dc:77:7f:cf:92:26:69:a7:53:c1:c6:17:80:af:24:
+        5c:5b:99:e1:56:b9:e8:cd:03:06:b9:17:9e:a7:99:b1:3a:56:
+        a0:a9:c4:ed:17:12:92:ed:9a:f9:25:db:4c:a8:33:4e:45:dc:
+        2a:dc:59:65:ff:4c:3f:a6:b2:40:30:16:01:1b:7c:fa:94:bb:
+        8c:18:60:5a
+-----BEGIN CERTIFICATE-----
+MIIDkDCCAnigAwIBAgIRAMmsNQHh1M71jhBLhnS5mYcwDQYJKoZIhvcNAQELBQAw
+HjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMzEyMjgwMDQxNTRa
+Fw0yNjA0MDEwMDQxNTRaMB0xGzAZBgNVBAMMEmNvcmUuc21hbGwucHJpdmF0ZTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKakKl5iIhj4yZeKr/Hn0b40
+Z/5ZMfgQM6SzAbY79Isn5N7gp2BV8cF9Xe72uUHpEq8vp3AFKvZPS+PhswlvxsM4
+3v4ovfjdRHIV24kD8Q1w7ZDp2deiJad6e97WYlXIWwIx5xz1eOSmfTC/ktL8d9eb
+0uv2adU10DFPLyKFlG+1Bqf8QRGPUanSL+Ddufa8z7D3J6eOTdHeSM2po122hqwq
+scFhijD1hKKmE8w5KcSV0DNtjqnsVB4/DTsRJg1WE8QnetJp4sA5rO51V+xh0gyS
++xM6OB3SOl99ZWgGOngaXhumg737Pi8U/eet09nqAGF50MExcyHfIjq2h4qktmsC
+AwEAAaOByTCBxjAJBgNVHRMEAjAAMB0GA1UdDgQWBBRPpbXM5uz6IF1aHwFUGaab
+gwd7EDBZBgNVHSMEUjBQgBQfuoCsWouLJU6/I2SirqlRA3yxO6EipCAwHjEcMBoG
+A1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQ4IUZhbvHAW4Z2OFVyAt3Ps2phaX3DMw
+EwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYDVR0PBAQDAgWgMB0GA1UdEQQWMBSCEmNv
+cmUuc21hbGwucHJpdmF0ZTANBgkqhkiG9w0BAQsFAAOCAQEANk8hlgmrvSmsr36N
+w2Bvtcn/mRP8MIVgxQo5NV04BR7UFTbIu7V8sxH8Xybgr2Y7txC0Ol2MJTVo8GnR
+vN6q40yhRx/AYcCoi3ZdUIR3TSokKtqCznU//i1VhlPG6TDXssSLb2QlQlAOk5RZ
+NMdObTzu0QXrx0tI99riwBJd+HH/znhuSLJvS7Z1o+bw7jh28JaxtEIE19YFx8aJ
+x45gIYko7G77MwgRqrZeNyjxlUCviN40zNBd3Hd/z5ImaadTwcYXgK8kXFuZ4Va5
+6M0DBrkXnqeZsTpWoKnE7RcSku2a+SXbTKgzTkXcKtxZZf9MP6ayQDAWARt8+pS7
+jBhgWg==
+-----END CERTIFICATE-----
diff --git a/Secret/CA/pki/certs_by_serial/DCCAF785FE1F49DD878444FEE564818A.pem b/Secret/CA/pki/certs_by_serial/DCCAF785FE1F49DD878444FEE564818A.pem
deleted file mode 100644 (file)
index 9a74670..0000000
+++ /dev/null
@@ -1,85 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            dc:ca:f7:85:fe:1f:49:dd:87:84:44:fe:e5:64:81:8a
-        Signature Algorithm: sha256WithRSAEncryption
-        Issuer: CN=Small Institute LLC
-        Validity
-            Not Before: Mar 22 00:14:11 2022 GMT
-            Not After : Mar  6 00:14:11 2025 GMT
-        Subject: CN=core
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
-                Modulus:
-                    00:d2:73:dd:06:e8:d8:fd:6c:62:83:fb:39:cf:9e:
-                    72:75:eb:25:0f:3e:46:cb:12:9b:9f:d0:a0:de:71:
-                    b9:3e:68:54:b7:31:eb:44:c9:80:db:13:76:cf:71:
-                    f4:55:01:e4:77:cf:8f:19:d2:1d:5f:1e:a4:6f:ea:
-                    42:ca:05:26:eb:7f:48:8c:cc:bd:4d:4c:91:14:c5:
-                    74:7f:38:cf:22:75:48:4d:cb:96:65:e0:b1:12:0e:
-                    c4:38:9e:ce:f0:ff:98:05:5e:c8:c4:36:9b:31:95:
-                    0a:4e:df:03:5d:dc:2a:58:49:83:cf:ef:e0:25:57:
-                    6f:71:b2:37:1f:1f:f0:ee:da:6e:23:e4:37:58:34:
-                    55:81:0b:4e:d4:c1:f6:51:9b:4c:7d:e4:e3:36:4e:
-                    be:f9:82:5f:24:f4:48:b6:c2:36:18:df:3a:45:58:
-                    49:34:b2:44:57:9b:1c:50:ea:06:8e:f8:af:0d:6d:
-                    e4:85:18:83:94:24:8e:e1:20:f6:ee:7a:2a:b0:93:
-                    b7:7e:3e:fc:a3:4d:13:89:97:c4:5e:c0:80:36:e7:
-                    ea:9f:0c:8a:c1:a0:5d:74:61:55:9d:fd:6e:b4:85:
-                    53:00:85:68:5c:3f:9a:aa:60:b8:ec:1f:35:f3:76:
-                    97:04:1b:86:52:21:8f:51:0b:c1:78:46:5d:59:76:
-                    1e:99
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Subject Key Identifier: 
-                DA:E2:A2:DA:C0:46:A1:A8:FD:77:29:AD:10:17:3E:67:2E:C4:AA:36
-            X509v3 Authority Key Identifier: 
-                keyid:A3:4B:DD:A8:75:DF:3D:27:C0:13:E4:99:B4:D1:C3:77:CD:0D:E7:BC
-                DirName:/CN=Small Institute LLC
-                serial:74:2F:18:69:C8:2D:4D:33:31:57:A1:2C:5C:E0:8D:86:5A:D6:AD:65
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication
-            X509v3 Key Usage: 
-                Digital Signature
-    Signature Algorithm: sha256WithRSAEncryption
-         91:8c:50:62:c7:71:a2:06:8f:a5:ff:d8:04:e8:c8:e9:f9:d6:
-         14:02:80:8f:ac:94:0a:7c:cc:75:c7:5a:d7:1f:ea:49:8a:ca:
-         f1:45:69:ac:5e:5c:24:b4:7e:63:97:a3:e2:ab:de:0c:63:b6:
-         2c:e0:ac:85:8a:08:66:91:e6:f5:a3:eb:8d:14:3f:a2:b2:9c:
-         4d:9f:e5:36:ae:7b:99:39:7d:39:a6:22:a6:9c:e2:82:7d:7e:
-         d5:ab:0e:f9:72:c7:41:3e:b6:56:b5:b8:53:f1:54:22:09:90:
-         18:dc:98:b0:a0:a0:60:8e:d1:43:86:7f:46:dd:89:7a:21:03:
-         7e:68:0e:14:a4:1e:40:3c:b8:74:26:66:a3:18:c7:84:2f:9f:
-         80:d5:cb:53:f2:39:65:5a:61:20:0d:bb:5d:6b:da:5b:e5:59:
-         7e:33:ec:56:3d:f8:b3:69:e9:1c:87:44:e5:c0:db:35:17:b7:
-         d4:d0:fe:cf:40:32:b7:bd:6c:ce:62:4a:c0:c0:1e:08:ee:45:
-         c8:ef:66:98:4a:e6:11:53:b4:78:53:3e:d9:c5:f8:94:b8:c8:
-         77:d8:a1:04:0c:1d:d4:fe:9c:9b:8e:cb:69:5c:34:5a:5e:11:
-         a9:dd:06:a1:8d:0d:67:c6:b0:cc:c1:d8:35:f4:ff:dd:2e:3b:
-         e6:46:5b:43
------BEGIN CERTIFICATE-----
-MIIDYzCCAkugAwIBAgIRANzK94X+H0ndh4RE/uVkgYowDQYJKoZIhvcNAQELBQAw
-HjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMjAzMjIwMDE0MTFa
-Fw0yNTAzMDYwMDE0MTFaMA8xDTALBgNVBAMMBGNvcmUwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQDSc90G6Nj9bGKD+znPnnJ16yUPPkbLEpuf0KDecbk+
-aFS3MetEyYDbE3bPcfRVAeR3z48Z0h1fHqRv6kLKBSbrf0iMzL1NTJEUxXR/OM8i
-dUhNy5Zl4LESDsQ4ns7w/5gFXsjENpsxlQpO3wNd3CpYSYPP7+AlV29xsjcfH/Du
-2m4j5DdYNFWBC07UwfZRm0x95OM2Tr75gl8k9Ei2wjYY3zpFWEk0skRXmxxQ6gaO
-+K8NbeSFGIOUJI7hIPbueiqwk7d+PvyjTROJl8RewIA25+qfDIrBoF10YVWd/W60
-hVMAhWhcP5qqYLjsHzXzdpcEG4ZSIY9RC8F4Rl1Zdh6ZAgMBAAGjgaowgacwCQYD
-VR0TBAIwADAdBgNVHQ4EFgQU2uKi2sBGoaj9dymtEBc+Zy7EqjYwWQYDVR0jBFIw
-UIAUo0vdqHXfPSfAE+SZtNHDd80N57yhIqQgMB4xHDAaBgNVBAMME1NtYWxsIElu
-c3RpdHV0ZSBMTEOCFHQvGGnILU0zMVehLFzgjYZa1q1lMBMGA1UdJQQMMAoGCCsG
-AQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAkYxQYsdxogaP
-pf/YBOjI6fnWFAKAj6yUCnzMdcda1x/qSYrK8UVprF5cJLR+Y5ej4qveDGO2LOCs
-hYoIZpHm9aPrjRQ/orKcTZ/lNq57mTl9OaYippzign1+1asO+XLHQT62VrW4U/FU
-IgmQGNyYsKCgYI7RQ4Z/Rt2JeiEDfmgOFKQeQDy4dCZmoxjHhC+fgNXLU/I5ZVph
-IA27XWvaW+VZfjPsVj34s2npHIdE5cDbNRe31ND+z0Ayt71szmJKwMAeCO5FyO9m
-mErmEVO0eFM+2cX4lLjId9ihBAwd1P6cm47LaVw0Wl4Rqd0GoY0NZ8awzMHYNfT/
-3S475kZbQw==
------END CERTIFICATE-----
diff --git a/Secret/CA/pki/certs_by_serial/EE0A8C45387C14368F23883D172135C8.pem b/Secret/CA/pki/certs_by_serial/EE0A8C45387C14368F23883D172135C8.pem
deleted file mode 100644 (file)
index 0aded0d..0000000
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            ee:0a:8c:45:38:7c:14:36:8f:23:88:3d:17:21:35:c8
-        Signature Algorithm: sha256WithRSAEncryption
-        Issuer: CN=Small Institute LLC
-        Validity
-            Not Before: Mar 22 00:14:11 2022 GMT
-            Not After : Mar  6 00:14:11 2025 GMT
-        Subject: CN=core.small.example.org
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
-                Modulus:
-                    00:a5:a0:85:99:10:99:2f:21:8b:a4:dd:de:36:5c:
-                    1c:5d:7a:43:78:09:74:28:76:35:db:52:00:d2:74:
-                    83:53:e3:a2:3d:77:ec:4d:56:90:7c:f3:26:94:47:
-                    6b:2d:a2:d4:bb:22:4c:1d:73:a3:6c:c3:70:8c:a0:
-                    fd:89:3f:8b:eb:59:b8:22:62:42:a7:7c:d7:c9:ee:
-                    74:bb:8e:38:20:f7:13:48:3a:f1:a3:e3:6e:18:d0:
-                    8d:dc:ef:ae:54:33:db:30:50:09:f2:5f:25:7a:a4:
-                    09:9a:65:5c:ca:fc:44:35:76:74:5e:4b:fe:cd:55:
-                    a9:3e:bd:36:4e:8d:a5:bc:53:f4:3d:9f:59:c7:a9:
-                    ab:08:9c:08:e8:0a:13:97:97:07:a6:a0:86:15:44:
-                    6e:22:13:85:96:ae:64:8a:80:c5:09:83:c1:4d:88:
-                    3b:ee:0c:b7:70:eb:c7:26:15:c6:b6:63:b4:ff:50:
-                    71:f1:35:ed:30:6f:b2:44:06:86:5c:bd:90:7f:80:
-                    dd:c9:d2:cc:07:55:f3:c1:29:f5:36:bd:bf:af:7c:
-                    18:6c:47:41:55:5b:6f:ec:d3:ef:d8:2d:5d:83:02:
-                    71:40:4f:95:24:14:39:14:2a:1e:a4:36:65:f5:38:
-                    b6:6e:42:f3:bb:c1:b9:aa:5a:e0:87:28:6a:5c:e5:
-                    81:c3
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Subject Key Identifier: 
-                9E:B9:DA:54:5F:16:1B:9F:EF:60:EB:5E:68:3E:10:35:18:BC:D6:10
-            X509v3 Authority Key Identifier: 
-                keyid:A3:4B:DD:A8:75:DF:3D:27:C0:13:E4:99:B4:D1:C3:77:CD:0D:E7:BC
-                DirName:/CN=Small Institute LLC
-                serial:74:2F:18:69:C8:2D:4D:33:31:57:A1:2C:5C:E0:8D:86:5A:D6:AD:65
-
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 Subject Alternative Name: 
-                DNS:core.small.example.org
-    Signature Algorithm: sha256WithRSAEncryption
-         2a:e0:b2:65:09:a0:7b:42:a7:98:fc:09:df:28:88:f8:17:fe:
-         ae:46:6c:1c:c3:c7:18:7a:6e:d5:91:a4:dc:33:43:fe:26:23:
-         12:f5:79:dd:9b:10:d2:d1:b9:db:dc:93:f6:f2:b7:23:9a:9e:
-         49:ba:af:51:d1:39:7d:f9:99:ae:96:1f:84:96:6d:0c:90:8e:
-         55:40:2e:15:76:24:72:0e:e3:5f:0c:40:ed:bf:57:a3:86:0b:
-         5a:6c:5c:09:9b:fd:72:c7:20:56:a4:1e:dc:07:4a:b2:da:a8:
-         dc:7b:21:2e:1b:62:50:0f:22:0a:15:98:a1:4f:27:b0:15:49:
-         c1:b6:a2:87:f9:36:64:8b:5d:4d:36:60:f8:b3:4f:73:2b:64:
-         e7:7f:e4:c9:f3:d1:50:4b:1f:51:9c:27:eb:22:68:95:e2:49:
-         b4:88:98:ae:4c:47:67:0a:7a:32:ae:33:06:e8:8a:0d:28:12:
-         83:85:df:f4:7c:13:0a:68:df:6c:2d:43:a8:57:ea:a2:63:e7:
-         66:b0:07:7d:c8:18:52:c5:d7:69:5f:cf:4d:a3:ec:b2:3b:e6:
-         51:ac:5d:e0:8b:e9:d7:67:8c:33:f8:9b:6f:13:20:69:73:e1:
-         1f:f2:80:46:cb:e0:6a:0b:a8:50:65:93:13:49:51:97:6b:69:
-         11:9a:2b:27
------BEGIN CERTIFICATE-----
-MIIDmDCCAoCgAwIBAgIRAO4KjEU4fBQ2jyOIPRchNcgwDQYJKoZIhvcNAQELBQAw
-HjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMjAzMjIwMDE0MTFa
-Fw0yNTAzMDYwMDE0MTFaMCExHzAdBgNVBAMMFmNvcmUuc21hbGwuZXhhbXBsZS5v
-cmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCloIWZEJkvIYuk3d42
-XBxdekN4CXQodjXbUgDSdINT46I9d+xNVpB88yaUR2stotS7Ikwdc6Nsw3CMoP2J
-P4vrWbgiYkKnfNfJ7nS7jjgg9xNIOvGj424Y0I3c765UM9swUAnyXyV6pAmaZVzK
-/EQ1dnReS/7NVak+vTZOjaW8U/Q9n1nHqasInAjoChOXlwemoIYVRG4iE4WWrmSK
-gMUJg8FNiDvuDLdw68cmFca2Y7T/UHHxNe0wb7JEBoZcvZB/gN3J0swHVfPBKfU2
-vb+vfBhsR0FVW2/s0+/YLV2DAnFAT5UkFDkUKh6kNmX1OLZuQvO7wbmqWuCHKGpc
-5YHDAgMBAAGjgc0wgcowCQYDVR0TBAIwADAdBgNVHQ4EFgQUnrnaVF8WG5/vYOte
-aD4QNRi81hAwWQYDVR0jBFIwUIAUo0vdqHXfPSfAE+SZtNHDd80N57yhIqQgMB4x
-HDAaBgNVBAMME1NtYWxsIEluc3RpdHV0ZSBMTEOCFHQvGGnILU0zMVehLFzgjYZa
-1q1lMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGA1UdDwQEAwIFoDAhBgNVHREEGjAY
-ghZjb3JlLnNtYWxsLmV4YW1wbGUub3JnMA0GCSqGSIb3DQEBCwUAA4IBAQAq4LJl
-CaB7QqeY/AnfKIj4F/6uRmwcw8cYem7VkaTcM0P+JiMS9XndmxDS0bnb3JP28rcj
-mp5Juq9R0Tl9+Zmulh+Elm0MkI5VQC4VdiRyDuNfDEDtv1ejhgtabFwJm/1yxyBW
-pB7cB0qy2qjceyEuG2JQDyIKFZihTyewFUnBtqKH+TZki11NNmD4s09zK2Tnf+TJ
-89FQSx9RnCfrImiV4km0iJiuTEdnCnoyrjMG6IoNKBKDhd/0fBMKaN9sLUOoV+qi
-Y+dmsAd9yBhSxddpX89No+yyO+ZRrF3gi+nXZ4wz+JtvEyBpc+Ef8oBGy+BqC6hQ
-ZZMTSVGXa2kRmisn
------END CERTIFICATE-----
diff --git a/Secret/CA/pki/extensions.temp b/Secret/CA/pki/extensions.temp
deleted file mode 100644 (file)
index 5680ec9..0000000
+++ /dev/null
@@ -1,15 +0,0 @@
-# X509 extensions added to every signed cert
-
-# This file is included for every cert signed, and by default does nothing.
-# It could be used to add values every cert should have, such as a CDP as
-# demonstrated in the following example:
-
-#crlDistributionPoints = URI:http://example.net/pki/my_ca.crl
-# X509 extensions for a client
-
-basicConstraints = CA:FALSE
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid,issuer:always
-extendedKeyUsage = clientAuth
-keyUsage = digitalSignature
-
index 46f5d7f26d2f7e8fd13006dbe1f0dbc6ee409fe3..6542964e8854a464c11b1f7a1b60d236e0668ac9 100644 (file)
@@ -1,4 +1,4 @@
-V      250306001411Z           95F05D64CEB9D8907681D5A528461DDA        unknown /CN=small.example.org
-V      250306001411Z           99AACABEAF22703B05EDC426849DF177        unknown /CN=gate.small.example.org
-V      250306001411Z           EE0A8C45387C14368F23883D172135C8        unknown /CN=core.small.example.org
-V      250306001411Z           DCCAF785FE1F49DD878444FEE564818A        unknown /CN=core
+V      260401004153Z           1D7FC1A54BC58C35B3E300C337CABFA8        unknown /CN=small.example.org
+V      260401004153Z           5BC4C03F376A8688415E10F3BCAD905E        unknown /CN=gate.small.private
+V      260401004154Z           C9AC3501E1D4CEF58E104B8674B99987        unknown /CN=core.small.private
+V      260401004154Z           B0C65C6B0A978A7897BA90C7E68C7FF0        unknown /CN=core
index f37651fa5b00698d7370a239bcc10b2a9edaa1a1..c22d05c244d6b1d8254de83d69e078932734d457 100644 (file)
@@ -1,3 +1,3 @@
-V      250306001411Z           95F05D64CEB9D8907681D5A528461DDA        unknown /CN=small.example.org
-V      250306001411Z           99AACABEAF22703B05EDC426849DF177        unknown /CN=gate.small.example.org
-V      250306001411Z           EE0A8C45387C14368F23883D172135C8        unknown /CN=core.small.example.org
+V      260401004153Z           1D7FC1A54BC58C35B3E300C337CABFA8        unknown /CN=small.example.org
+V      260401004153Z           5BC4C03F376A8688415E10F3BCAD905E        unknown /CN=gate.small.private
+V      260401004154Z           C9AC3501E1D4CEF58E104B8674B99987        unknown /CN=core.small.private
index 9a74670dd062151acd57c173c1798bc6fc9ad774..df14768e5bd897fe2caa79efb4092b2f928cc06f 100644 (file)
@@ -2,84 +2,84 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            dc:ca:f7:85:fe:1f:49:dd:87:84:44:fe:e5:64:81:8a
+            b0:c6:5c:6b:0a:97:8a:78:97:ba:90:c7:e6:8c:7f:f0
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: CN=Small Institute LLC
         Validity
-            Not Before: Mar 22 00:14:11 2022 GMT
-            Not After : Mar  6 00:14:11 2025 GMT
+            Not Before: Dec 28 00:41:54 2023 GMT
+            Not After : Apr  1 00:41:54 2026 GMT
         Subject: CN=core
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
+                Public-Key: (2048 bit)
                 Modulus:
-                    00:d2:73:dd:06:e8:d8:fd:6c:62:83:fb:39:cf:9e:
-                    72:75:eb:25:0f:3e:46:cb:12:9b:9f:d0:a0:de:71:
-                    b9:3e:68:54:b7:31:eb:44:c9:80:db:13:76:cf:71:
-                    f4:55:01:e4:77:cf:8f:19:d2:1d:5f:1e:a4:6f:ea:
-                    42:ca:05:26:eb:7f:48:8c:cc:bd:4d:4c:91:14:c5:
-                    74:7f:38:cf:22:75:48:4d:cb:96:65:e0:b1:12:0e:
-                    c4:38:9e:ce:f0:ff:98:05:5e:c8:c4:36:9b:31:95:
-                    0a:4e:df:03:5d:dc:2a:58:49:83:cf:ef:e0:25:57:
-                    6f:71:b2:37:1f:1f:f0:ee:da:6e:23:e4:37:58:34:
-                    55:81:0b:4e:d4:c1:f6:51:9b:4c:7d:e4:e3:36:4e:
-                    be:f9:82:5f:24:f4:48:b6:c2:36:18:df:3a:45:58:
-                    49:34:b2:44:57:9b:1c:50:ea:06:8e:f8:af:0d:6d:
-                    e4:85:18:83:94:24:8e:e1:20:f6:ee:7a:2a:b0:93:
-                    b7:7e:3e:fc:a3:4d:13:89:97:c4:5e:c0:80:36:e7:
-                    ea:9f:0c:8a:c1:a0:5d:74:61:55:9d:fd:6e:b4:85:
-                    53:00:85:68:5c:3f:9a:aa:60:b8:ec:1f:35:f3:76:
-                    97:04:1b:86:52:21:8f:51:0b:c1:78:46:5d:59:76:
-                    1e:99
+                    00:9e:e1:f0:02:7e:fa:74:8b:03:8a:64:70:6b:18:
+                    2d:c8:60:4a:ce:88:f3:4c:ab:76:33:c0:1d:8c:0f:
+                    97:62:08:2e:3e:46:83:af:66:98:7d:cd:fb:3e:a7:
+                    3c:96:9e:c9:a1:f9:54:1f:90:c0:db:1b:31:9d:be:
+                    d7:fc:b9:8b:26:ae:34:9e:aa:d5:ef:3b:7e:ee:b3:
+                    7e:dc:88:07:be:cd:38:19:7d:d4:97:6a:db:12:85:
+                    ce:11:a2:2c:79:aa:2f:cc:4f:67:cf:94:ab:82:cc:
+                    76:9f:95:18:f2:96:a7:36:25:07:5b:29:61:c3:20:
+                    f8:9d:ff:cd:35:fc:43:bf:dc:4b:fe:ab:c1:bc:68:
+                    b1:f9:db:5d:35:f9:04:28:88:e0:76:74:6f:8b:d5:
+                    c1:f9:20:a3:f3:cb:1f:12:e5:6f:77:0a:ce:c1:31:
+                    e6:e1:c4:10:d1:9a:64:e4:a8:7c:16:4b:84:ed:30:
+                    e5:3e:e4:6f:b6:27:b8:4c:36:2f:44:76:00:75:83:
+                    5e:ab:91:cc:82:98:c7:57:51:ca:55:5f:2c:a4:f2:
+                    bc:b5:2a:2d:ea:41:8e:93:d9:80:b2:49:af:98:6d:
+                    94:e2:c4:f1:f0:14:0f:7e:bb:5b:15:9a:30:df:83:
+                    b2:21:7a:3c:6d:58:05:d3:62:fd:f4:f3:f5:d5:42:
+                    53:53
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Basic Constraints: 
                 CA:FALSE
             X509v3 Subject Key Identifier: 
-                DA:E2:A2:DA:C0:46:A1:A8:FD:77:29:AD:10:17:3E:67:2E:C4:AA:36
+                C1:1F:16:6C:BD:1B:9C:46:D9:41:1F:A3:5B:C7:5B:13:94:6C:A6:DF
             X509v3 Authority Key Identifier: 
-                keyid:A3:4B:DD:A8:75:DF:3D:27:C0:13:E4:99:B4:D1:C3:77:CD:0D:E7:BC
+                keyid:1F:BA:80:AC:5A:8B:8B:25:4E:BF:23:64:A2:AE:A9:51:03:7C:B1:3B
                 DirName:/CN=Small Institute LLC
-                serial:74:2F:18:69:C8:2D:4D:33:31:57:A1:2C:5C:E0:8D:86:5A:D6:AD:65
-
+                serial:66:16:EF:1C:05:B8:67:63:85:57:20:2D:DC:FB:36:A6:16:97:DC:33
             X509v3 Extended Key Usage: 
                 TLS Web Client Authentication
             X509v3 Key Usage: 
                 Digital Signature
     Signature Algorithm: sha256WithRSAEncryption
-         91:8c:50:62:c7:71:a2:06:8f:a5:ff:d8:04:e8:c8:e9:f9:d6:
-         14:02:80:8f:ac:94:0a:7c:cc:75:c7:5a:d7:1f:ea:49:8a:ca:
-         f1:45:69:ac:5e:5c:24:b4:7e:63:97:a3:e2:ab:de:0c:63:b6:
-         2c:e0:ac:85:8a:08:66:91:e6:f5:a3:eb:8d:14:3f:a2:b2:9c:
-         4d:9f:e5:36:ae:7b:99:39:7d:39:a6:22:a6:9c:e2:82:7d:7e:
-         d5:ab:0e:f9:72:c7:41:3e:b6:56:b5:b8:53:f1:54:22:09:90:
-         18:dc:98:b0:a0:a0:60:8e:d1:43:86:7f:46:dd:89:7a:21:03:
-         7e:68:0e:14:a4:1e:40:3c:b8:74:26:66:a3:18:c7:84:2f:9f:
-         80:d5:cb:53:f2:39:65:5a:61:20:0d:bb:5d:6b:da:5b:e5:59:
-         7e:33:ec:56:3d:f8:b3:69:e9:1c:87:44:e5:c0:db:35:17:b7:
-         d4:d0:fe:cf:40:32:b7:bd:6c:ce:62:4a:c0:c0:1e:08:ee:45:
-         c8:ef:66:98:4a:e6:11:53:b4:78:53:3e:d9:c5:f8:94:b8:c8:
-         77:d8:a1:04:0c:1d:d4:fe:9c:9b:8e:cb:69:5c:34:5a:5e:11:
-         a9:dd:06:a1:8d:0d:67:c6:b0:cc:c1:d8:35:f4:ff:dd:2e:3b:
-         e6:46:5b:43
+    Signature Value:
+        9a:51:d3:7e:b5:3e:6c:6d:c1:49:f9:14:7a:c2:8b:ae:af:0a:
+        72:7e:ac:fd:fe:72:75:fd:e7:79:23:da:03:2e:65:83:d6:b2:
+        62:05:5e:88:18:e9:c9:47:26:07:54:9e:c6:50:98:22:72:f3:
+        34:1e:d3:c0:3e:73:b2:0a:96:5c:a7:0e:81:54:01:01:ff:86:
+        61:4d:20:d7:00:bd:36:5a:09:cc:f3:8e:94:b4:32:18:13:a9:
+        34:bf:7f:be:64:d0:c6:2c:3a:4f:64:31:d5:e8:0a:ed:7a:3d:
+        99:2a:79:1e:00:20:44:92:e5:82:ee:43:f9:83:cd:1f:fb:75:
+        cf:af:5e:f7:a7:2c:98:af:e8:07:f6:22:72:a0:b9:84:01:0a:
+        7c:3c:57:f8:b1:db:33:b7:13:cf:57:25:72:10:88:49:c7:9f:
+        70:8a:59:ea:71:5c:ac:94:07:cf:05:ce:b5:0f:57:3c:4c:47:
+        f2:1a:d0:f7:d7:bb:a5:04:57:33:85:c5:8d:2c:05:b9:7d:f6:
+        a0:24:69:eb:86:94:25:88:78:0e:a6:a8:80:10:5b:5b:84:c1:
+        a2:2e:42:fd:9e:00:dc:db:5f:ba:b4:8c:0d:34:43:06:0d:d8:
+        7e:06:4e:51:64:2a:5e:1b:03:64:ce:a2:fd:41:9c:01:de:d6:
+        45:fb:42:72
 -----BEGIN CERTIFICATE-----
-MIIDYzCCAkugAwIBAgIRANzK94X+H0ndh4RE/uVkgYowDQYJKoZIhvcNAQELBQAw
-HjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMjAzMjIwMDE0MTFa
-Fw0yNTAzMDYwMDE0MTFaMA8xDTALBgNVBAMMBGNvcmUwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQDSc90G6Nj9bGKD+znPnnJ16yUPPkbLEpuf0KDecbk+
-aFS3MetEyYDbE3bPcfRVAeR3z48Z0h1fHqRv6kLKBSbrf0iMzL1NTJEUxXR/OM8i
-dUhNy5Zl4LESDsQ4ns7w/5gFXsjENpsxlQpO3wNd3CpYSYPP7+AlV29xsjcfH/Du
-2m4j5DdYNFWBC07UwfZRm0x95OM2Tr75gl8k9Ei2wjYY3zpFWEk0skRXmxxQ6gaO
-+K8NbeSFGIOUJI7hIPbueiqwk7d+PvyjTROJl8RewIA25+qfDIrBoF10YVWd/W60
-hVMAhWhcP5qqYLjsHzXzdpcEG4ZSIY9RC8F4Rl1Zdh6ZAgMBAAGjgaowgacwCQYD
-VR0TBAIwADAdBgNVHQ4EFgQU2uKi2sBGoaj9dymtEBc+Zy7EqjYwWQYDVR0jBFIw
-UIAUo0vdqHXfPSfAE+SZtNHDd80N57yhIqQgMB4xHDAaBgNVBAMME1NtYWxsIElu
-c3RpdHV0ZSBMTEOCFHQvGGnILU0zMVehLFzgjYZa1q1lMBMGA1UdJQQMMAoGCCsG
-AQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAkYxQYsdxogaP
-pf/YBOjI6fnWFAKAj6yUCnzMdcda1x/qSYrK8UVprF5cJLR+Y5ej4qveDGO2LOCs
-hYoIZpHm9aPrjRQ/orKcTZ/lNq57mTl9OaYippzign1+1asO+XLHQT62VrW4U/FU
-IgmQGNyYsKCgYI7RQ4Z/Rt2JeiEDfmgOFKQeQDy4dCZmoxjHhC+fgNXLU/I5ZVph
-IA27XWvaW+VZfjPsVj34s2npHIdE5cDbNRe31ND+z0Ayt71szmJKwMAeCO5FyO9m
-mErmEVO0eFM+2cX4lLjId9ihBAwd1P6cm47LaVw0Wl4Rqd0GoY0NZ8awzMHYNfT/
-3S475kZbQw==
+MIIDYzCCAkugAwIBAgIRALDGXGsKl4p4l7qQx+aMf/AwDQYJKoZIhvcNAQELBQAw
+HjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMzEyMjgwMDQxNTRa
+Fw0yNjA0MDEwMDQxNTRaMA8xDTALBgNVBAMMBGNvcmUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCe4fACfvp0iwOKZHBrGC3IYErOiPNMq3YzwB2MD5di
+CC4+RoOvZph9zfs+pzyWnsmh+VQfkMDbGzGdvtf8uYsmrjSeqtXvO37us37ciAe+
+zTgZfdSXatsShc4Roix5qi/MT2fPlKuCzHaflRjylqc2JQdbKWHDIPid/801/EO/
+3Ev+q8G8aLH52101+QQoiOB2dG+L1cH5IKPzyx8S5W93Cs7BMebhxBDRmmTkqHwW
+S4TtMOU+5G+2J7hMNi9EdgB1g16rkcyCmMdXUcpVXyyk8ry1Ki3qQY6T2YCySa+Y
+bZTixPHwFA9+u1sVmjDfg7IhejxtWAXTYv308/XVQlNTAgMBAAGjgaowgacwCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUwR8WbL0bnEbZQR+jW8dbE5Rspt8wWQYDVR0jBFIw
+UIAUH7qArFqLiyVOvyNkoq6pUQN8sTuhIqQgMB4xHDAaBgNVBAMME1NtYWxsIElu
+c3RpdHV0ZSBMTEOCFGYW7xwFuGdjhVcgLdz7NqYWl9wzMBMGA1UdJQQMMAoGCCsG
+AQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAmlHTfrU+bG3B
+SfkUesKLrq8Kcn6s/f5ydf3neSPaAy5lg9ayYgVeiBjpyUcmB1SexlCYInLzNB7T
+wD5zsgqWXKcOgVQBAf+GYU0g1wC9NloJzPOOlLQyGBOpNL9/vmTQxiw6T2Qx1egK
+7Xo9mSp5HgAgRJLlgu5D+YPNH/t1z69e96csmK/oB/YicqC5hAEKfDxX+LHbM7cT
+z1clchCIScefcIpZ6nFcrJQHzwXOtQ9XPExH8hrQ99e7pQRXM4XFjSwFuX32oCRp
+64aUJYh4DqaogBBbW4TBoi5C/Z4A3NtfurSMDTRDBg3YfgZOUWQqXhsDZM6i/UGc
+Ad7WRftCcg==
 -----END CERTIFICATE-----
diff --git a/Secret/CA/pki/issued/core.small.example.org.crt b/Secret/CA/pki/issued/core.small.example.org.crt
deleted file mode 100644 (file)
index 0aded0d..0000000
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            ee:0a:8c:45:38:7c:14:36:8f:23:88:3d:17:21:35:c8
-        Signature Algorithm: sha256WithRSAEncryption
-        Issuer: CN=Small Institute LLC
-        Validity
-            Not Before: Mar 22 00:14:11 2022 GMT
-            Not After : Mar  6 00:14:11 2025 GMT
-        Subject: CN=core.small.example.org
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
-                Modulus:
-                    00:a5:a0:85:99:10:99:2f:21:8b:a4:dd:de:36:5c:
-                    1c:5d:7a:43:78:09:74:28:76:35:db:52:00:d2:74:
-                    83:53:e3:a2:3d:77:ec:4d:56:90:7c:f3:26:94:47:
-                    6b:2d:a2:d4:bb:22:4c:1d:73:a3:6c:c3:70:8c:a0:
-                    fd:89:3f:8b:eb:59:b8:22:62:42:a7:7c:d7:c9:ee:
-                    74:bb:8e:38:20:f7:13:48:3a:f1:a3:e3:6e:18:d0:
-                    8d:dc:ef:ae:54:33:db:30:50:09:f2:5f:25:7a:a4:
-                    09:9a:65:5c:ca:fc:44:35:76:74:5e:4b:fe:cd:55:
-                    a9:3e:bd:36:4e:8d:a5:bc:53:f4:3d:9f:59:c7:a9:
-                    ab:08:9c:08:e8:0a:13:97:97:07:a6:a0:86:15:44:
-                    6e:22:13:85:96:ae:64:8a:80:c5:09:83:c1:4d:88:
-                    3b:ee:0c:b7:70:eb:c7:26:15:c6:b6:63:b4:ff:50:
-                    71:f1:35:ed:30:6f:b2:44:06:86:5c:bd:90:7f:80:
-                    dd:c9:d2:cc:07:55:f3:c1:29:f5:36:bd:bf:af:7c:
-                    18:6c:47:41:55:5b:6f:ec:d3:ef:d8:2d:5d:83:02:
-                    71:40:4f:95:24:14:39:14:2a:1e:a4:36:65:f5:38:
-                    b6:6e:42:f3:bb:c1:b9:aa:5a:e0:87:28:6a:5c:e5:
-                    81:c3
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Subject Key Identifier: 
-                9E:B9:DA:54:5F:16:1B:9F:EF:60:EB:5E:68:3E:10:35:18:BC:D6:10
-            X509v3 Authority Key Identifier: 
-                keyid:A3:4B:DD:A8:75:DF:3D:27:C0:13:E4:99:B4:D1:C3:77:CD:0D:E7:BC
-                DirName:/CN=Small Institute LLC
-                serial:74:2F:18:69:C8:2D:4D:33:31:57:A1:2C:5C:E0:8D:86:5A:D6:AD:65
-
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 Subject Alternative Name: 
-                DNS:core.small.example.org
-    Signature Algorithm: sha256WithRSAEncryption
-         2a:e0:b2:65:09:a0:7b:42:a7:98:fc:09:df:28:88:f8:17:fe:
-         ae:46:6c:1c:c3:c7:18:7a:6e:d5:91:a4:dc:33:43:fe:26:23:
-         12:f5:79:dd:9b:10:d2:d1:b9:db:dc:93:f6:f2:b7:23:9a:9e:
-         49:ba:af:51:d1:39:7d:f9:99:ae:96:1f:84:96:6d:0c:90:8e:
-         55:40:2e:15:76:24:72:0e:e3:5f:0c:40:ed:bf:57:a3:86:0b:
-         5a:6c:5c:09:9b:fd:72:c7:20:56:a4:1e:dc:07:4a:b2:da:a8:
-         dc:7b:21:2e:1b:62:50:0f:22:0a:15:98:a1:4f:27:b0:15:49:
-         c1:b6:a2:87:f9:36:64:8b:5d:4d:36:60:f8:b3:4f:73:2b:64:
-         e7:7f:e4:c9:f3:d1:50:4b:1f:51:9c:27:eb:22:68:95:e2:49:
-         b4:88:98:ae:4c:47:67:0a:7a:32:ae:33:06:e8:8a:0d:28:12:
-         83:85:df:f4:7c:13:0a:68:df:6c:2d:43:a8:57:ea:a2:63:e7:
-         66:b0:07:7d:c8:18:52:c5:d7:69:5f:cf:4d:a3:ec:b2:3b:e6:
-         51:ac:5d:e0:8b:e9:d7:67:8c:33:f8:9b:6f:13:20:69:73:e1:
-         1f:f2:80:46:cb:e0:6a:0b:a8:50:65:93:13:49:51:97:6b:69:
-         11:9a:2b:27
------BEGIN CERTIFICATE-----
-MIIDmDCCAoCgAwIBAgIRAO4KjEU4fBQ2jyOIPRchNcgwDQYJKoZIhvcNAQELBQAw
-HjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMjAzMjIwMDE0MTFa
-Fw0yNTAzMDYwMDE0MTFaMCExHzAdBgNVBAMMFmNvcmUuc21hbGwuZXhhbXBsZS5v
-cmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCloIWZEJkvIYuk3d42
-XBxdekN4CXQodjXbUgDSdINT46I9d+xNVpB88yaUR2stotS7Ikwdc6Nsw3CMoP2J
-P4vrWbgiYkKnfNfJ7nS7jjgg9xNIOvGj424Y0I3c765UM9swUAnyXyV6pAmaZVzK
-/EQ1dnReS/7NVak+vTZOjaW8U/Q9n1nHqasInAjoChOXlwemoIYVRG4iE4WWrmSK
-gMUJg8FNiDvuDLdw68cmFca2Y7T/UHHxNe0wb7JEBoZcvZB/gN3J0swHVfPBKfU2
-vb+vfBhsR0FVW2/s0+/YLV2DAnFAT5UkFDkUKh6kNmX1OLZuQvO7wbmqWuCHKGpc
-5YHDAgMBAAGjgc0wgcowCQYDVR0TBAIwADAdBgNVHQ4EFgQUnrnaVF8WG5/vYOte
-aD4QNRi81hAwWQYDVR0jBFIwUIAUo0vdqHXfPSfAE+SZtNHDd80N57yhIqQgMB4x
-HDAaBgNVBAMME1NtYWxsIEluc3RpdHV0ZSBMTEOCFHQvGGnILU0zMVehLFzgjYZa
-1q1lMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGA1UdDwQEAwIFoDAhBgNVHREEGjAY
-ghZjb3JlLnNtYWxsLmV4YW1wbGUub3JnMA0GCSqGSIb3DQEBCwUAA4IBAQAq4LJl
-CaB7QqeY/AnfKIj4F/6uRmwcw8cYem7VkaTcM0P+JiMS9XndmxDS0bnb3JP28rcj
-mp5Juq9R0Tl9+Zmulh+Elm0MkI5VQC4VdiRyDuNfDEDtv1ejhgtabFwJm/1yxyBW
-pB7cB0qy2qjceyEuG2JQDyIKFZihTyewFUnBtqKH+TZki11NNmD4s09zK2Tnf+TJ
-89FQSx9RnCfrImiV4km0iJiuTEdnCnoyrjMG6IoNKBKDhd/0fBMKaN9sLUOoV+qi
-Y+dmsAd9yBhSxddpX89No+yyO+ZRrF3gi+nXZ4wz+JtvEyBpc+Ef8oBGy+BqC6hQ
-ZZMTSVGXa2kRmisn
------END CERTIFICATE-----
diff --git a/Secret/CA/pki/issued/core.small.private.crt b/Secret/CA/pki/issued/core.small.private.crt
new file mode 100644 (file)
index 0000000..cf35d37
--- /dev/null
@@ -0,0 +1,88 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            c9:ac:35:01:e1:d4:ce:f5:8e:10:4b:86:74:b9:99:87
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: CN=Small Institute LLC
+        Validity
+            Not Before: Dec 28 00:41:54 2023 GMT
+            Not After : Apr  1 00:41:54 2026 GMT
+        Subject: CN=core.small.private
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:a6:a4:2a:5e:62:22:18:f8:c9:97:8a:af:f1:e7:
+                    d1:be:34:67:fe:59:31:f8:10:33:a4:b3:01:b6:3b:
+                    f4:8b:27:e4:de:e0:a7:60:55:f1:c1:7d:5d:ee:f6:
+                    b9:41:e9:12:af:2f:a7:70:05:2a:f6:4f:4b:e3:e1:
+                    b3:09:6f:c6:c3:38:de:fe:28:bd:f8:dd:44:72:15:
+                    db:89:03:f1:0d:70:ed:90:e9:d9:d7:a2:25:a7:7a:
+                    7b:de:d6:62:55:c8:5b:02:31:e7:1c:f5:78:e4:a6:
+                    7d:30:bf:92:d2:fc:77:d7:9b:d2:eb:f6:69:d5:35:
+                    d0:31:4f:2f:22:85:94:6f:b5:06:a7:fc:41:11:8f:
+                    51:a9:d2:2f:e0:dd:b9:f6:bc:cf:b0:f7:27:a7:8e:
+                    4d:d1:de:48:cd:a9:a3:5d:b6:86:ac:2a:b1:c1:61:
+                    8a:30:f5:84:a2:a6:13:cc:39:29:c4:95:d0:33:6d:
+                    8e:a9:ec:54:1e:3f:0d:3b:11:26:0d:56:13:c4:27:
+                    7a:d2:69:e2:c0:39:ac:ee:75:57:ec:61:d2:0c:92:
+                    fb:13:3a:38:1d:d2:3a:5f:7d:65:68:06:3a:78:1a:
+                    5e:1b:a6:83:bd:fb:3e:2f:14:fd:e7:ad:d3:d9:ea:
+                    00:61:79:d0:c1:31:73:21:df:22:3a:b6:87:8a:a4:
+                    b6:6b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            X509v3 Subject Key Identifier: 
+                4F:A5:B5:CC:E6:EC:FA:20:5D:5A:1F:01:54:19:A6:9B:83:07:7B:10
+            X509v3 Authority Key Identifier: 
+                keyid:1F:BA:80:AC:5A:8B:8B:25:4E:BF:23:64:A2:AE:A9:51:03:7C:B1:3B
+                DirName:/CN=Small Institute LLC
+                serial:66:16:EF:1C:05:B8:67:63:85:57:20:2D:DC:FB:36:A6:16:97:DC:33
+            X509v3 Extended Key Usage: 
+                TLS Web Server Authentication
+            X509v3 Key Usage: 
+                Digital Signature, Key Encipherment
+            X509v3 Subject Alternative Name: 
+                DNS:core.small.private
+    Signature Algorithm: sha256WithRSAEncryption
+    Signature Value:
+        36:4f:21:96:09:ab:bd:29:ac:af:7e:8d:c3:60:6f:b5:c9:ff:
+        99:13:fc:30:85:60:c5:0a:39:35:5d:38:05:1e:d4:15:36:c8:
+        bb:b5:7c:b3:11:fc:5f:26:e0:af:66:3b:b7:10:b4:3a:5d:8c:
+        25:35:68:f0:69:d1:bc:de:aa:e3:4c:a1:47:1f:c0:61:c0:a8:
+        8b:76:5d:50:84:77:4d:2a:24:2a:da:82:ce:75:3f:fe:2d:55:
+        86:53:c6:e9:30:d7:b2:c4:8b:6f:64:25:42:50:0e:93:94:59:
+        34:c7:4e:6d:3c:ee:d1:05:eb:c7:4b:48:f7:da:e2:c0:12:5d:
+        f8:71:ff:ce:78:6e:48:b2:6f:4b:b6:75:a3:e6:f0:ee:38:76:
+        f0:96:b1:b4:42:04:d7:d6:05:c7:c6:89:c7:8e:60:21:89:28:
+        ec:6e:fb:33:08:11:aa:b6:5e:37:28:f1:95:40:af:88:de:34:
+        cc:d0:5d:dc:77:7f:cf:92:26:69:a7:53:c1:c6:17:80:af:24:
+        5c:5b:99:e1:56:b9:e8:cd:03:06:b9:17:9e:a7:99:b1:3a:56:
+        a0:a9:c4:ed:17:12:92:ed:9a:f9:25:db:4c:a8:33:4e:45:dc:
+        2a:dc:59:65:ff:4c:3f:a6:b2:40:30:16:01:1b:7c:fa:94:bb:
+        8c:18:60:5a
+-----BEGIN CERTIFICATE-----
+MIIDkDCCAnigAwIBAgIRAMmsNQHh1M71jhBLhnS5mYcwDQYJKoZIhvcNAQELBQAw
+HjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMzEyMjgwMDQxNTRa
+Fw0yNjA0MDEwMDQxNTRaMB0xGzAZBgNVBAMMEmNvcmUuc21hbGwucHJpdmF0ZTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKakKl5iIhj4yZeKr/Hn0b40
+Z/5ZMfgQM6SzAbY79Isn5N7gp2BV8cF9Xe72uUHpEq8vp3AFKvZPS+PhswlvxsM4
+3v4ovfjdRHIV24kD8Q1w7ZDp2deiJad6e97WYlXIWwIx5xz1eOSmfTC/ktL8d9eb
+0uv2adU10DFPLyKFlG+1Bqf8QRGPUanSL+Ddufa8z7D3J6eOTdHeSM2po122hqwq
+scFhijD1hKKmE8w5KcSV0DNtjqnsVB4/DTsRJg1WE8QnetJp4sA5rO51V+xh0gyS
++xM6OB3SOl99ZWgGOngaXhumg737Pi8U/eet09nqAGF50MExcyHfIjq2h4qktmsC
+AwEAAaOByTCBxjAJBgNVHRMEAjAAMB0GA1UdDgQWBBRPpbXM5uz6IF1aHwFUGaab
+gwd7EDBZBgNVHSMEUjBQgBQfuoCsWouLJU6/I2SirqlRA3yxO6EipCAwHjEcMBoG
+A1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQ4IUZhbvHAW4Z2OFVyAt3Ps2phaX3DMw
+EwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYDVR0PBAQDAgWgMB0GA1UdEQQWMBSCEmNv
+cmUuc21hbGwucHJpdmF0ZTANBgkqhkiG9w0BAQsFAAOCAQEANk8hlgmrvSmsr36N
+w2Bvtcn/mRP8MIVgxQo5NV04BR7UFTbIu7V8sxH8Xybgr2Y7txC0Ol2MJTVo8GnR
+vN6q40yhRx/AYcCoi3ZdUIR3TSokKtqCznU//i1VhlPG6TDXssSLb2QlQlAOk5RZ
+NMdObTzu0QXrx0tI99riwBJd+HH/znhuSLJvS7Z1o+bw7jh28JaxtEIE19YFx8aJ
+x45gIYko7G77MwgRqrZeNyjxlUCviN40zNBd3Hd/z5ImaadTwcYXgK8kXFuZ4Va5
+6M0DBrkXnqeZsTpWoKnE7RcSku2a+SXbTKgzTkXcKtxZZf9MP6ayQDAWARt8+pS7
+jBhgWg==
+-----END CERTIFICATE-----
diff --git a/Secret/CA/pki/issued/gate.small.example.org.crt b/Secret/CA/pki/issued/gate.small.example.org.crt
deleted file mode 100644 (file)
index a0dae9e..0000000
+++ /dev/null
@@ -1,88 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            99:aa:ca:be:af:22:70:3b:05:ed:c4:26:84:9d:f1:77
-        Signature Algorithm: sha256WithRSAEncryption
-        Issuer: CN=Small Institute LLC
-        Validity
-            Not Before: Mar 22 00:14:11 2022 GMT
-            Not After : Mar  6 00:14:11 2025 GMT
-        Subject: CN=gate.small.example.org
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
-                Modulus:
-                    00:c1:84:ad:a4:1d:8c:86:1d:eb:87:e5:dc:33:c6:
-                    00:97:00:b7:ce:03:92:3c:47:ea:d1:2b:a6:ef:2a:
-                    de:bc:58:06:5b:00:36:80:96:2f:e2:c2:7c:a6:7c:
-                    71:40:f9:67:a1:6c:f7:0b:d2:d4:41:81:98:99:66:
-                    08:93:e5:bf:b4:dc:cf:95:36:28:14:df:4d:71:f6:
-                    d8:5d:2a:17:25:ac:4a:dc:e8:bd:d9:17:d5:36:51:
-                    bf:a5:00:9f:66:eb:c0:ce:fa:e3:1f:ad:1f:45:40:
-                    d7:88:bf:93:62:cf:98:09:ba:1c:7f:74:c8:90:2f:
-                    a5:2d:78:88:64:b9:fb:3a:c5:44:29:a1:92:99:87:
-                    82:35:d8:96:18:27:23:89:a6:89:1e:3f:d2:1e:08:
-                    da:55:bf:53:aa:1d:d5:8a:17:64:6f:60:1d:07:c7:
-                    85:87:73:33:b4:ed:a5:c4:0b:79:e4:92:45:1c:0e:
-                    cc:00:6a:a1:de:44:4d:67:1a:fe:fc:b5:e8:c0:f8:
-                    44:60:a6:fb:0a:d2:f4:d9:8a:ea:d3:dc:d4:c2:18:
-                    1f:1c:57:c3:72:92:2a:6f:e7:81:9a:08:e7:8a:92:
-                    ce:45:d6:17:e1:85:a9:a5:70:99:26:aa:9a:b0:c7:
-                    fc:55:58:b8:54:9b:89:aa:b3:5a:50:db:3d:fd:21:
-                    27:37
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Subject Key Identifier: 
-                16:BC:27:A4:D7:CC:6F:29:65:3A:BA:F4:5A:8D:38:84:C0:FA:FF:C7
-            X509v3 Authority Key Identifier: 
-                keyid:A3:4B:DD:A8:75:DF:3D:27:C0:13:E4:99:B4:D1:C3:77:CD:0D:E7:BC
-                DirName:/CN=Small Institute LLC
-                serial:74:2F:18:69:C8:2D:4D:33:31:57:A1:2C:5C:E0:8D:86:5A:D6:AD:65
-
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 Subject Alternative Name: 
-                DNS:gate.small.example.org
-    Signature Algorithm: sha256WithRSAEncryption
-         4d:42:0b:e4:65:35:a9:0a:26:03:96:eb:3e:56:52:6e:82:c1:
-         cd:bd:f3:45:50:a2:66:d2:65:f6:65:8e:9d:60:4e:72:53:75:
-         04:02:cc:09:bb:41:b7:bd:b4:9f:d5:d0:26:75:f8:83:c1:b5:
-         88:9f:b5:d5:05:07:20:6b:4b:41:ca:bf:22:49:5e:42:c3:6c:
-         c5:01:b2:06:af:e8:f0:b4:a5:5e:8e:14:4c:f1:1b:85:dc:33:
-         19:63:ef:70:a3:02:2b:ec:19:72:58:95:04:81:78:8b:1d:05:
-         ef:3f:f3:2a:6b:3c:fd:ff:0b:90:81:2b:80:c0:99:bd:91:b0:
-         2f:08:10:7a:1f:bb:63:3c:03:91:e8:5b:0e:69:f4:2d:75:7c:
-         45:5b:c4:8d:0d:f3:4b:c9:a0:bc:9d:94:64:70:df:4f:53:a3:
-         28:69:cf:fe:f3:46:e9:7a:e7:34:1e:15:f3:bb:98:b9:31:d5:
-         8f:6e:e2:65:fb:0b:aa:de:a4:6d:f0:56:2a:0d:c0:51:a5:5c:
-         91:ab:a8:bc:6f:65:0a:74:3c:2d:96:5c:da:0f:f1:f7:01:f3:
-         cc:0f:51:fe:54:d0:82:86:c2:40:60:c9:a4:81:db:9e:43:db:
-         3c:66:8d:c5:2a:63:55:92:ce:9e:18:2b:2e:6b:86:7d:91:f7:
-         88:c4:5c:a8
------BEGIN CERTIFICATE-----
-MIIDmDCCAoCgAwIBAgIRAJmqyr6vInA7Be3EJoSd8XcwDQYJKoZIhvcNAQELBQAw
-HjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMjAzMjIwMDE0MTFa
-Fw0yNTAzMDYwMDE0MTFaMCExHzAdBgNVBAMMFmdhdGUuc21hbGwuZXhhbXBsZS5v
-cmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBhK2kHYyGHeuH5dwz
-xgCXALfOA5I8R+rRK6bvKt68WAZbADaAli/iwnymfHFA+WehbPcL0tRBgZiZZgiT
-5b+03M+VNigU301x9thdKhclrErc6L3ZF9U2Ub+lAJ9m68DO+uMfrR9FQNeIv5Ni
-z5gJuhx/dMiQL6UteIhkufs6xUQpoZKZh4I12JYYJyOJpokeP9IeCNpVv1OqHdWK
-F2RvYB0Hx4WHczO07aXEC3nkkkUcDswAaqHeRE1nGv78tejA+ERgpvsK0vTZiurT
-3NTCGB8cV8Nykipv54GaCOeKks5F1hfhhamlcJkmqpqwx/xVWLhUm4mqs1pQ2z39
-ISc3AgMBAAGjgc0wgcowCQYDVR0TBAIwADAdBgNVHQ4EFgQUFrwnpNfMbyllOrr0
-Wo04hMD6/8cwWQYDVR0jBFIwUIAUo0vdqHXfPSfAE+SZtNHDd80N57yhIqQgMB4x
-HDAaBgNVBAMME1NtYWxsIEluc3RpdHV0ZSBMTEOCFHQvGGnILU0zMVehLFzgjYZa
-1q1lMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGA1UdDwQEAwIFoDAhBgNVHREEGjAY
-ghZnYXRlLnNtYWxsLmV4YW1wbGUub3JnMA0GCSqGSIb3DQEBCwUAA4IBAQBNQgvk
-ZTWpCiYDlus+VlJugsHNvfNFUKJm0mX2ZY6dYE5yU3UEAswJu0G3vbSf1dAmdfiD
-wbWIn7XVBQcga0tByr8iSV5Cw2zFAbIGr+jwtKVejhRM8RuF3DMZY+9wowIr7Bly
-WJUEgXiLHQXvP/Mqazz9/wuQgSuAwJm9kbAvCBB6H7tjPAOR6FsOafQtdXxFW8SN
-DfNLyaC8nZRkcN9PU6Moac/+80bpeuc0HhXzu5i5MdWPbuJl+wuq3qRt8FYqDcBR
-pVyRq6i8b2UKdDwtllzaD/H3AfPMD1H+VNCChsJAYMmkgdueQ9s8Zo3FKmNVks6e
-GCsua4Z9kfeIxFyo
------END CERTIFICATE-----
diff --git a/Secret/CA/pki/issued/gate.small.private.crt b/Secret/CA/pki/issued/gate.small.private.crt
new file mode 100644 (file)
index 0000000..5fe5605
--- /dev/null
@@ -0,0 +1,88 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            5b:c4:c0:3f:37:6a:86:88:41:5e:10:f3:bc:ad:90:5e
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: CN=Small Institute LLC
+        Validity
+            Not Before: Dec 28 00:41:53 2023 GMT
+            Not After : Apr  1 00:41:53 2026 GMT
+        Subject: CN=gate.small.private
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:a7:da:84:ff:f6:57:28:31:8d:d3:2b:53:ea:d0:
+                    0e:55:67:c4:bd:48:b5:50:e2:e0:46:ab:71:ff:45:
+                    bf:cc:7d:64:01:63:6b:80:2d:8b:7b:3f:2b:17:5b:
+                    e5:4c:c4:6a:59:6e:b8:04:3c:5e:df:ab:d1:54:4b:
+                    7e:88:fc:8f:74:c0:c6:ca:6c:b5:31:12:f0:6b:8f:
+                    63:2c:b8:01:e7:d0:c3:c2:76:f3:42:f2:c4:e6:b0:
+                    a0:75:00:41:bb:83:35:5f:15:fc:f7:ba:2a:5a:92:
+                    6f:f4:17:09:e1:66:e6:05:23:1c:40:97:24:07:3f:
+                    48:1d:23:60:04:90:1f:bc:4e:38:1d:05:35:2c:a9:
+                    36:2b:b7:3d:b4:ea:3f:f5:2e:02:14:70:4b:56:52:
+                    3d:c9:2b:c8:e2:5c:9a:bf:cb:9a:9b:22:d3:85:c1:
+                    a8:bf:c6:7e:c9:57:b9:7a:04:5b:9a:22:60:f4:c8:
+                    0e:fe:ea:f4:8c:4e:f4:c4:06:00:be:9d:7e:13:b9:
+                    e0:87:b7:37:78:8b:f5:e3:d3:7d:d8:eb:5a:a4:f4:
+                    9b:b0:fe:1f:f7:8d:2b:f8:27:1d:5b:aa:c0:5b:c5:
+                    f4:a1:91:34:49:cd:47:69:ad:0c:d4:92:fa:d0:1b:
+                    d9:f8:e7:e7:de:a0:3e:d1:75:d3:d3:9c:d8:df:db:
+                    6c:97
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            X509v3 Subject Key Identifier: 
+                67:47:45:12:EA:0F:59:B8:34:4E:B1:E7:D6:8D:2A:09:18:67:F7:61
+            X509v3 Authority Key Identifier: 
+                keyid:1F:BA:80:AC:5A:8B:8B:25:4E:BF:23:64:A2:AE:A9:51:03:7C:B1:3B
+                DirName:/CN=Small Institute LLC
+                serial:66:16:EF:1C:05:B8:67:63:85:57:20:2D:DC:FB:36:A6:16:97:DC:33
+            X509v3 Extended Key Usage: 
+                TLS Web Server Authentication
+            X509v3 Key Usage: 
+                Digital Signature, Key Encipherment
+            X509v3 Subject Alternative Name: 
+                DNS:gate.small.private
+    Signature Algorithm: sha256WithRSAEncryption
+    Signature Value:
+        73:47:a3:51:15:cd:44:5e:67:79:dd:68:32:f3:32:e6:35:4e:
+        0a:da:a4:c5:eb:07:12:f9:41:72:a0:95:e6:34:5c:66:e9:7a:
+        53:be:1c:87:9f:b3:b2:5c:65:9a:5f:a1:31:62:90:bb:3d:a2:
+        9a:84:ef:f8:5a:7c:e1:c8:13:67:df:50:ae:9b:6d:e4:3b:31:
+        80:1f:f6:34:83:31:6f:fe:0f:9a:15:d4:85:ab:dd:a5:30:2e:
+        35:85:72:01:9a:fb:4a:ab:49:5e:e4:68:ef:11:d4:20:81:9e:
+        f0:be:6a:e8:ed:0c:8f:2c:20:38:93:be:f3:b9:31:f2:3b:c4:
+        7f:80:5a:a8:bb:03:76:95:1b:74:93:76:ef:60:9f:29:ae:fa:
+        d0:79:18:dd:e4:c8:f2:d6:9b:93:3d:d6:a6:07:ef:7c:ed:c7:
+        77:91:35:36:bb:ec:47:75:f5:fd:41:92:aa:fe:a5:fa:02:c7:
+        0c:7c:b6:8a:c5:be:02:df:52:ae:5c:a9:9a:c0:88:7e:f3:9a:
+        cc:c2:a7:ec:b9:48:47:c7:9c:39:6e:08:2d:2a:0f:c8:18:36:
+        ed:9b:ff:9e:0a:ea:2d:ee:66:89:28:7b:56:aa:a5:b7:61:6f:
+        eb:79:97:e0:3b:0e:70:12:f3:3b:5f:d5:4e:79:64:e3:a7:32:
+        ec:c2:35:1f
+-----BEGIN CERTIFICATE-----
+MIIDjzCCAnegAwIBAgIQW8TAPzdqhohBXhDzvK2QXjANBgkqhkiG9w0BAQsFADAe
+MRwwGgYDVQQDDBNTbWFsbCBJbnN0aXR1dGUgTExDMB4XDTIzMTIyODAwNDE1M1oX
+DTI2MDQwMTAwNDE1M1owHTEbMBkGA1UEAwwSZ2F0ZS5zbWFsbC5wcml2YXRlMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9qE//ZXKDGN0ytT6tAOVWfE
+vUi1UOLgRqtx/0W/zH1kAWNrgC2Lez8rF1vlTMRqWW64BDxe36vRVEt+iPyPdMDG
+ymy1MRLwa49jLLgB59DDwnbzQvLE5rCgdQBBu4M1XxX897oqWpJv9BcJ4WbmBSMc
+QJckBz9IHSNgBJAfvE44HQU1LKk2K7c9tOo/9S4CFHBLVlI9ySvI4lyav8uamyLT
+hcGov8Z+yVe5egRbmiJg9MgO/ur0jE70xAYAvp1+E7ngh7c3eIv149N92OtapPSb
+sP4f940r+CcdW6rAW8X0oZE0Sc1Haa0M1JL60BvZ+Ofn3qA+0XXT05zY39tslwID
+AQABo4HJMIHGMAkGA1UdEwQCMAAwHQYDVR0OBBYEFGdHRRLqD1m4NE6x59aNKgkY
+Z/dhMFkGA1UdIwRSMFCAFB+6gKxai4slTr8jZKKuqVEDfLE7oSKkIDAeMRwwGgYD
+VQQDDBNTbWFsbCBJbnN0aXR1dGUgTExDghRmFu8cBbhnY4VXIC3c+zamFpfcMzAT
+BgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8EBAMCBaAwHQYDVR0RBBYwFIISZ2F0
+ZS5zbWFsbC5wcml2YXRlMA0GCSqGSIb3DQEBCwUAA4IBAQBzR6NRFc1EXmd53Wgy
+8zLmNU4K2qTF6wcS+UFyoJXmNFxm6XpTvhyHn7OyXGWaX6ExYpC7PaKahO/4Wnzh
+yBNn31Cum23kOzGAH/Y0gzFv/g+aFdSFq92lMC41hXIBmvtKq0le5GjvEdQggZ7w
+vmro7QyPLCA4k77zuTHyO8R/gFqouwN2lRt0k3bvYJ8prvrQeRjd5Mjy1puTPdam
+B+987cd3kTU2u+xHdfX9QZKq/qX6AscMfLaKxb4C31KuXKmawIh+85rMwqfsuUhH
+x5w5bggtKg/IGDbtm/+eCuot7maJKHtWqqW3YW/reZfgOw5wEvM7X9VOeWTjpzLs
+wjUf
+-----END CERTIFICATE-----
index bc6e145378f2bd2eadfabed3998b36c2ee1c258d..2f95c18424f29a84d95e1462ea9c4d22a0a33f51 100644 (file)
@@ -2,46 +2,45 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            95:f0:5d:64:ce:b9:d8:90:76:81:d5:a5:28:46:1d:da
+            1d:7f:c1:a5:4b:c5:8c:35:b3:e3:00:c3:37:ca:bf:a8
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: CN=Small Institute LLC
         Validity
-            Not Before: Mar 22 00:14:11 2022 GMT
-            Not After : Mar  6 00:14:11 2025 GMT
+            Not Before: Dec 28 00:41:53 2023 GMT
+            Not After : Apr  1 00:41:53 2026 GMT
         Subject: CN=small.example.org
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
+                Public-Key: (2048 bit)
                 Modulus:
-                    00:c2:b3:c6:1f:e0:e6:54:5c:1e:0d:34:2c:02:bb:
-                    5f:d6:84:7d:fb:63:0c:fa:0d:33:a5:92:86:af:f7:
-                    e8:72:86:69:fb:45:fd:90:14:9d:55:dd:22:50:b0:
-                    be:71:94:da:68:ff:3c:46:ef:22:4a:84:ae:8e:84:
-                    2e:f9:d6:8c:fd:44:2e:eb:fe:95:5e:45:86:3f:f7:
-                    86:47:00:c1:d8:64:b4:3f:55:c8:b5:fc:69:c3:1b:
-                    aa:54:c5:f4:b6:a6:40:3f:9f:15:ff:eb:3b:1e:5e:
-                    d7:d4:eb:ae:ad:bc:e2:cf:4a:fe:df:3d:69:36:37:
-                    79:67:95:bf:43:b0:e2:d6:29:60:36:18:f8:7d:32:
-                    67:79:bb:30:95:ec:8d:93:46:56:13:72:93:96:ac:
-                    70:29:53:26:c1:d8:c7:38:4a:83:2d:56:bb:90:0f:
-                    a4:09:fd:e6:d8:72:fd:0b:48:4f:38:d4:28:31:0f:
-                    e3:63:d0:3d:d1:e2:ab:e1:10:12:c7:27:85:03:5d:
-                    7d:01:40:2e:3b:96:2e:f1:a6:a2:32:a8:bd:97:2a:
-                    90:6e:10:b6:6f:98:7a:e9:9f:06:01:de:0b:c9:18:
-                    9e:83:4c:2d:a5:5b:99:0e:19:69:77:f0:5d:e2:3d:
-                    37:c6:4d:73:c7:b0:e8:fb:5c:16:45:29:74:e4:31:
-                    99:7b
+                    00:a8:71:50:3b:72:39:95:55:c7:4f:0a:ad:d4:c6:
+                    21:ce:d8:ea:54:3e:b8:ab:b2:07:e6:07:e5:b3:e6:
+                    af:91:15:3d:0b:4f:72:6a:fb:98:fb:be:2d:d8:ff:
+                    11:56:88:37:c3:84:55:d2:d3:b7:06:5e:4f:b9:c2:
+                    56:90:d4:49:a0:49:d6:13:aa:bf:a4:66:30:ce:4c:
+                    bf:dd:c6:13:09:0f:f9:ea:fc:f8:d1:23:60:be:95:
+                    ff:4a:3b:2a:29:34:9d:f5:62:9f:60:7c:d7:a1:91:
+                    5b:02:5f:a2:43:50:34:8b:f7:b6:ec:52:1e:f8:bd:
+                    f3:59:0e:89:48:12:16:48:27:13:0e:b1:ed:09:f9:
+                    15:d1:12:da:dc:cc:21:20:54:ec:ce:54:36:1a:55:
+                    d4:af:07:d2:e6:58:a9:9b:8d:46:b8:8c:6f:8a:3c:
+                    07:4c:da:11:32:62:a1:53:43:5d:7e:41:31:23:ef:
+                    c3:19:40:6e:39:f6:73:74:a6:76:f7:6a:ba:56:9c:
+                    27:b2:64:b1:9f:9f:e2:6a:96:2e:24:0c:14:11:06:
+                    5e:46:08:39:94:d1:0a:a1:2e:03:b3:ba:1f:03:5a:
+                    63:b6:d1:66:1f:30:05:a2:d0:df:c5:68:cd:9a:6c:
+                    bc:73:c7:ad:71:91:ad:aa:1c:34:7a:f5:00:e7:ad:
+                    4e:51
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Basic Constraints: 
                 CA:FALSE
             X509v3 Subject Key Identifier: 
-                2C:AD:E6:55:8E:A6:4B:DF:B1:40:E4:7C:88:CB:75:5A:65:02:6F:8B
+                40:50:21:48:6C:E5:F5:D0:69:32:5D:A9:0F:54:25:FA:B3:15:58:EB
             X509v3 Authority Key Identifier: 
-                keyid:A3:4B:DD:A8:75:DF:3D:27:C0:13:E4:99:B4:D1:C3:77:CD:0D:E7:BC
+                keyid:1F:BA:80:AC:5A:8B:8B:25:4E:BF:23:64:A2:AE:A9:51:03:7C:B1:3B
                 DirName:/CN=Small Institute LLC
-                serial:74:2F:18:69:C8:2D:4D:33:31:57:A1:2C:5C:E0:8D:86:5A:D6:AD:65
-
+                serial:66:16:EF:1C:05:B8:67:63:85:57:20:2D:DC:FB:36:A6:16:97:DC:33
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication
             X509v3 Key Usage: 
@@ -49,40 +48,41 @@ Certificate:
             X509v3 Subject Alternative Name: 
                 DNS:small.example.org
     Signature Algorithm: sha256WithRSAEncryption
-         58:e3:fd:10:09:c5:cb:15:f6:0c:0d:22:b8:56:f6:89:85:58:
-         66:e2:24:64:99:b3:35:d2:bb:63:9f:f8:53:89:29:f5:75:61:
-         c2:34:8a:50:ac:67:fd:97:40:98:d5:8b:05:91:fb:36:f3:50:
-         ad:12:53:29:44:c0:86:b1:6f:1a:21:77:6d:43:05:84:1f:ae:
-         74:8f:ba:44:49:0e:61:90:17:39:2f:6c:c6:69:9f:89:82:f8:
-         22:6e:63:c6:d5:88:46:e5:30:e6:80:51:4c:fc:01:98:e3:31:
-         59:20:b6:3d:36:d1:0d:42:b0:9b:8e:6a:74:34:1d:a9:fb:13:
-         28:49:ae:d5:b3:83:19:38:77:f6:81:74:81:7f:d0:00:f7:22:
-         01:04:70:7d:ba:d0:44:1a:e9:00:b4:20:e9:3c:87:b1:84:c1:
-         79:92:f0:96:b5:69:77:d1:50:c4:26:da:8d:13:45:c0:ec:70:
-         5d:59:59:8f:13:59:dc:e0:84:da:73:af:7e:99:c1:30:d2:b2:
-         f1:b1:ed:79:b7:2e:c7:12:88:04:55:ce:d1:71:de:8c:bd:e8:
-         1f:0c:c1:14:24:2b:cc:74:b7:fa:e8:ce:d2:7b:48:fb:2b:fb:
-         bd:d0:98:29:bb:1c:8e:e6:1c:d3:8d:78:70:b1:c3:40:00:a3:
-         48:8c:a2:f4
+    Signature Value:
+        6d:13:9d:c6:12:e9:99:e2:ea:ad:7d:72:d7:95:28:c5:3b:b6:
+        32:98:72:97:4f:72:c6:50:e2:8a:01:43:26:9c:98:03:72:4e:
+        6e:09:74:fb:be:22:99:56:4d:a0:1f:20:50:70:0e:ac:c8:53:
+        1c:3a:7c:28:de:e3:4c:49:a3:6b:72:77:eb:0b:2c:78:fd:82:
+        d6:11:5e:49:93:85:ed:97:a4:b7:69:9e:ce:1e:1b:55:70:69:
+        50:00:b4:e4:e7:c9:88:f3:63:9a:a6:5a:70:59:df:63:0f:bb:
+        49:ee:4e:18:29:7e:e6:a6:b0:2c:8b:99:a6:ad:6a:72:48:3f:
+        62:13:0f:b2:94:db:8d:fc:e4:47:ff:ae:64:4b:ab:c0:0e:6c:
+        1f:f2:24:e6:e3:1e:30:85:52:bf:8c:76:15:d6:77:13:bb:1a:
+        1e:55:88:57:40:c3:e8:83:f2:ae:e0:ca:9a:9b:35:08:62:31:
+        9a:65:81:7f:3f:ce:9e:a7:13:f8:74:fd:d0:00:19:03:00:5c:
+        0c:e8:10:76:b3:a1:9f:3e:74:0e:c2:4e:95:35:f9:7b:af:77:
+        15:43:d8:8d:34:af:6b:2d:17:05:72:49:43:4b:ae:56:89:1e:
+        ad:25:ca:96:ef:53:d0:18:18:a5:54:ba:32:4a:a0:fc:92:44:
+        cc:1e:1a:1f
 -----BEGIN CERTIFICATE-----
-MIIDjjCCAnagAwIBAgIRAJXwXWTOudiQdoHVpShGHdowDQYJKoZIhvcNAQELBQAw
-HjEcMBoGA1UEAwwTU21hbGwgSW5zdGl0dXRlIExMQzAeFw0yMjAzMjIwMDE0MTFa
-Fw0yNTAzMDYwMDE0MTFaMBwxGjAYBgNVBAMMEXNtYWxsLmV4YW1wbGUub3JnMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrPGH+DmVFweDTQsArtf1oR9
-+2MM+g0zpZKGr/focoZp+0X9kBSdVd0iULC+cZTaaP88Ru8iSoSujoQu+daM/UQu
-6/6VXkWGP/eGRwDB2GS0P1XItfxpwxuqVMX0tqZAP58V/+s7Hl7X1Ouurbziz0r+
-3z1pNjd5Z5W/Q7Di1ilgNhj4fTJnebswleyNk0ZWE3KTlqxwKVMmwdjHOEqDLVa7
-kA+kCf3m2HL9C0hPONQoMQ/jY9A90eKr4RASxyeFA119AUAuO5Yu8aaiMqi9lyqQ
-bhC2b5h66Z8GAd4LyRieg0wtpVuZDhlpd/Bd4j03xk1zx7Do+1wWRSl05DGZewID
-AQABo4HIMIHFMAkGA1UdEwQCMAAwHQYDVR0OBBYEFCyt5lWOpkvfsUDkfIjLdVpl
-Am+LMFkGA1UdIwRSMFCAFKNL3ah13z0nwBPkmbTRw3fNDee8oSKkIDAeMRwwGgYD
-VQQDDBNTbWFsbCBJbnN0aXR1dGUgTExDghR0LxhpyC1NMzFXoSxc4I2GWtatZTAT
-BgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8EBAMCBaAwHAYDVR0RBBUwE4IRc21h
-bGwuZXhhbXBsZS5vcmcwDQYJKoZIhvcNAQELBQADggEBAFjj/RAJxcsV9gwNIrhW
-9omFWGbiJGSZszXSu2Of+FOJKfV1YcI0ilCsZ/2XQJjViwWR+zbzUK0SUylEwIax
-bxohd21DBYQfrnSPukRJDmGQFzkvbMZpn4mC+CJuY8bViEblMOaAUUz8AZjjMVkg
-tj020Q1CsJuOanQ0Han7EyhJrtWzgxk4d/aBdIF/0AD3IgEEcH260EQa6QC0IOk8
-h7GEwXmS8Ja1aXfRUMQm2o0TRcDscF1ZWY8TWdzghNpzr36ZwTDSsvGx7Xm3LscS
-iARVztFx3oy96B8MwRQkK8x0t/roztJ7SPsr+73QmCm7HI7mHNONeHCxw0AAo0iM
-ovQ=
+MIIDjTCCAnWgAwIBAgIQHX/BpUvFjDWz4wDDN8q/qDANBgkqhkiG9w0BAQsFADAe
+MRwwGgYDVQQDDBNTbWFsbCBJbnN0aXR1dGUgTExDMB4XDTIzMTIyODAwNDE1M1oX
+DTI2MDQwMTAwNDE1M1owHDEaMBgGA1UEAwwRc21hbGwuZXhhbXBsZS5vcmcwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCocVA7cjmVVcdPCq3UxiHO2OpU
+PrirsgfmB+Wz5q+RFT0LT3Jq+5j7vi3Y/xFWiDfDhFXS07cGXk+5wlaQ1EmgSdYT
+qr+kZjDOTL/dxhMJD/nq/PjRI2C+lf9KOyopNJ31Yp9gfNehkVsCX6JDUDSL97bs
+Uh74vfNZDolIEhZIJxMOse0J+RXREtrczCEgVOzOVDYaVdSvB9LmWKmbjUa4jG+K
+PAdM2hEyYqFTQ11+QTEj78MZQG459nN0pnb3arpWnCeyZLGfn+Jqli4kDBQRBl5G
+CDmU0QqhLgOzuh8DWmO20WYfMAWi0N/FaM2abLxzx61xka2qHDR69QDnrU5RAgMB
+AAGjgcgwgcUwCQYDVR0TBAIwADAdBgNVHQ4EFgQUQFAhSGzl9dBpMl2pD1Ql+rMV
+WOswWQYDVR0jBFIwUIAUH7qArFqLiyVOvyNkoq6pUQN8sTuhIqQgMB4xHDAaBgNV
+BAMME1NtYWxsIEluc3RpdHV0ZSBMTEOCFGYW7xwFuGdjhVcgLdz7NqYWl9wzMBMG
+A1UdJQQMMAoGCCsGAQUFBwMBMAsGA1UdDwQEAwIFoDAcBgNVHREEFTATghFzbWFs
+bC5leGFtcGxlLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEAbROdxhLpmeLqrX1y15Uo
+xTu2Mphyl09yxlDiigFDJpyYA3JObgl0+74imVZNoB8gUHAOrMhTHDp8KN7jTEmj
+a3J36wsseP2C1hFeSZOF7Zekt2mezh4bVXBpUAC05OfJiPNjmqZacFnfYw+7Se5O
+GCl+5qawLIuZpq1qckg/YhMPspTbjfzkR/+uZEurwA5sH/Ik5uMeMIVSv4x2FdZ3
+E7saHlWIV0DD6IPyruDKmps1CGIxmmWBfz/OnqcT+HT90AAZAwBcDOgQdrOhnz50
+DsJOlTX5e693FUPYjTSvay0XBXJJQ0uuVokerSXKlu9T0BgYpVS6Mkqg/JJEzB4a
+Hw==
 -----END CERTIFICATE-----
index 11394147697414e4d5fac6329cfdc8210ab98d8a..5c4fc79e7e90a1ddb01be620a483b22c82db30af 100644 (file)
@@ -1,6 +1,4 @@
-# For use with Easy-RSA 3.1 and OpenSSL or LibreSSL
-
-RANDFILE               = $ENV::EASYRSA_PKI/.rnd
+# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL
 
 ####################################################################
 [ ca ]
@@ -21,7 +19,7 @@ crl           = $dir/crl.pem          # The current CRL
 private_key    = $dir/private/ca.key   # The private key
 RANDFILE       = $dir/.rand            # private random number file
 
-x509_extensions        = basic_exts            # The extentions to add to the cert
+x509_extensions        = basic_exts            # The extensions to add to the cert
 
 # This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
 # is designed for will. In return, we get the Issuer attached to CRLs.
@@ -35,7 +33,7 @@ preserve      = no                    # keep passed DN ordering
 # This allows to renew certificates which have not been revoked
 unique_subject = no
 
-# A few difference way of specifying how similar the request should look
+# A few different ways of specifying how similar the request should look
 # For type CA, the listed attributes must be the same, and the optional
 # and supplied fields are just that :-)
 policy         = policy_anything
@@ -59,7 +57,7 @@ default_bits          = $ENV::EASYRSA_KEY_SIZE
 default_keyfile        = privkey.pem
 default_md             = $ENV::EASYRSA_DIGEST
 distinguished_name     = $ENV::EASYRSA_DN
-x509_extensions                = easyrsa_ca    # The extentions to add to the self signed cert
+x509_extensions                = easyrsa_ca    # The extensions to add to the self signed cert
 
 # A placeholder to handle the $EXTRA_EXTS feature:
 #%EXTRA_EXTS%  # Do NOT remove or change this line as $EXTRA_EXTS support requires it
index 88923ed969b0638032982aa54c56ff12e1bcbc99..571955dc94356c79c49b9277589b79b7e6abe9b5 100644 (file)
@@ -1,27 +1,28 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAvcVdufxtT7p7blrCZmMvdgAqg9pLAnhg+ghQkd/RyU/DVv66
-dtxfeYqo1pHf/RWaHoK2APTIjNRO232kPiHbSnhwISqMzg07+LCUsJJsLVLVWsaf
-dQt9h1zKV0vVlKMm5JCc9qhSf4T/eCb2yLjaLxpFtDFX5Jw3NPoKdaM1u+ezBz0f
-1tLK+J3uFdlIUVGWvPscgnb9ij1f7tBUYHqsiFfYf6/AcJN6Iy0Blff75SPJz8zU
-HLYLgoQPvf2t9ZFADKk7AxbEdCSBKDHaY4sDN4vRAnLnFtKGaaCWYFvpIeS2D3oh
-ciyo6KdOxY8AtC43pNuF+5uJ2//5gUZeyXTgpQIDAQABAoIBAB31TGiSCwetHtM7
-DLlxKwrr18pc6b6IFnciXOXKeanYJ7RSHkmpXIEpfKHzAXNIt73dULIx8n8Y/SH1
-YbpVSfMltD3oI7ZbrH4EElUVqHI3Q2tDM+UcXULDSUYiuKLwZrFqivz9cZij/FiR
-fiAN3pPVB+/8Yi2645Q/bOtJSrBRC4CLjCDckmHG2IHIZLKPPd9OkeLTWNQ+k2d+
-2Ovm/W8Ep/A9Rj/A3VZRXxj1jZL1D5r9WT/R7qmeZypL+UYwgxSfnHtZIhZPRG8P
-Momulsvzkr1oUqmtCVzqSxHGMSYewufFP7P0wUxVV+rD+ENXr05whI8K8uvDxjTx
-0+O4j4ECgYEA+Hyw14FpteIvdQLxTbmlJrPcFamxJy7flx/LQDaOIsfHdXoRzty0
-6ee81qAtspqPYkG7OFdfaRWuVZpCB13ZZcNg9Za3DWFTuI/9ZqnAy3mimIn22blF
-4pOd3rg9qOFcbcwFi4E3GzzbR5NTuCTknXD7VCk+tsaelsW+7KWpx/ECgYEAw4I1
-RDdN+1hq88mxCR5IHYapHhJL6HrBnB6XAfu0Ys4fFfKIwDaCCzq6UJyyONlJXgCo
-o5xIqsAL/ukDK88/qkFMM+4wkTqrTY9bD/x4sxny89s8XBm1imaF9ZBui/XoNq6k
-Wrlfhms/xhFTNcV6VOqwEV5gJCByzlm9kJX/9/UCgYEAnolHdqd9n2rI5nnTJMje
-ApxcPYH/ocU5KD1DuxtTggM+UchpFjcgQd/1TmXx4fLUqlbPsTmliPEpQjpiCDsr
-Wc7WzLm03peLB8TuYpLJi8h2IaZcVTrsyItv/MpFpLrr8q1pmED/vKQOL1Ni5ai8
-J2sPHvoVph2AzycpEej8MrECgYEAta58nYXfW+FQkngtolGXpoiLBDzweXwKC3CJ
-1/f2K5NsY9LcrfJ5asIKffr/y8BwY4CtNk13YeXRv/L9VWrkuOyxSdjhHTSuGAdO
-Ek8GQzmsAl0LfHMPtyuK9SZg9INyZc5pQT3evWVRAFj9QIzhH6RwNdPD+A6HYacX
-eBNMqTkCgYATjxrJyXnlaimk5YFgd1Ptknjth1NMC7NwctCRUCurmkYUYHSgbzuq
-eMKHrnhWYtyGu695T8jh7TDgYM+MuOJnaAmqmCyGn+l/1DIMjblTlk/o3UTrn7St
-LKBaEGJ4OHpO+HCv2C4xNjI324zS3Yy5b4/LewWzU8sVvwvx79Gouw==
------END RSA PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCkkntMbsL2eMSx
+YvUXoM/2ZK421Sl1LzAa/tMyF8DsnQtdZz+Oa4/AXFIQOPyXNySXRKfaGlLSduE+
+le750xyftnjBwKsCO7ieoGY6XNkgVEe5QAj+r0yJxU4dKnkjCc0vO+XSjdZkVS5Z
+G8yX4KfRa8arCGfKzrIMaj3HmnRNJsRERbsqA/XpxFoN7kZNrJjuBSA40vPmFckx
+I4V2zg/11iqbV8UY0nyzRFgLM0ZhIYKMKyGSsBxtSYWEPu31brbnpDXztNgKrJuu
+bcqFYrNJvqkS+PcNQt31DJefpsTG7VDQC+xURMPQt1INjI1iHS/cFJgmXUveIlHd
+n5U1XClPAgMBAAECggEABxDqoVsztmOnq/QgEOEmb+5eIPWUrGoXw/j2aXUZCZYr
+adnBu73R8/dWALAc5emhgd5m4WSPwAChs2jtoPIxc7wUDqgINg+i+11otkKZTs8l
++zkmibga7nydwEvVqRPF9XkgnFWoHTIffznEPMf4SXO55n5B/2e4WY2DbigRrH3j
+4usGGuYURtIqfyZR03rSdNVV0UlPHtTjPXkbY5vOmw2RPJ7vGgKeMmXjVsHfF5bX
+EldBRSli+2Rj5jWIUoZ3IG6t/+l3rVbTXg0bl9dv8Svxl86vxTqfiJfJzWcLriKc
+p/XsmQyJucQeXjReOUurmRcjRoguJjepClqsS7yjzQKBgQDGHp9gbjwxx+kTHwKY
+cMssTxQf0zzBlvFi+jgzU7qGIVvOtsrzZ66/bfs2yQca0CnjWmQxZNlPF+jVjX4X
+CLRZVHyNdxRyZaZkWxOXWA9agpiK0RW4HZlCcZuOFwDlVGGURnflRmSCsJZJQpFm
+Tp0lR1pUlxIjLSU8anD611K3VQKBgQDUpthhaxN9DU0NHbMRAByOV0nq85u+2Lwm
+wKnB2J8DiuX1U5JnLmUWYZALB1iNpu9tqxepOYGZJFf4+RH/STK0gOUv/2sA8RAD
+hC6Siy8HwMgkaW/s7ZtmePDZ5ir5QmR4vBvOKN/riwqGB5YsvP2gYMkdTC8VzgS6
+zJfLihpWEwKBgDlVp13qyPTHG8Zy1Pd0vPeHsxU6tnx3yEeSji0ccABdKwp5j+Y8
+/S9dDrReHPY/g7/N6uz4eIMRMkqK9hCIbljjwF/YNEye6jZkvRixXVAeNzMFKznr
+Ju05n4DRW2sCrnKQqiXp5zCDFhsBbr6ixYuCSLvuNEuFxx7i1utg4Qk5AoGAKKP+
+ZJffMJ4TJLeRWmVoD7gU82c9U7r+MnXNu7NXqIiqLDmdmESgoydgLQtpXCEUTyRM
+sFXCM+9jNLz9OInXu/GKW6L340Uu500izXT2Nwgb+AGCl4hNk8b3WN2JRvvuUbi5
+o6viJ5T6HOVkSQaRfk4hAY1mzkcCVmT1ebvaDqsCgYANEtrKNHoT48CeBvyq43hO
+VLoeuSe2ST2X3d8ReAwC4q30jHnocAEOioUE4toO47316Nz4FCsLUkrRJ4XtEaFm
+7qS9Bz3K1Y8eA6EZk4p9+HspS8chQcFALIyo1EsczTosBfR4uYh7VoIlpD5YAmzt
+kNknyFaiolEVaWRoW8Z2Ag==
+-----END PRIVATE KEY-----
index 96d523ff4c32354143ee0c51ce0c61de43300488..e1218d3dcbf09304ee74770b49b9752709ba61cc 100644 (file)
@@ -1,28 +1,28 @@
 -----BEGIN PRIVATE KEY-----
-MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDSc90G6Nj9bGKD
-+znPnnJ16yUPPkbLEpuf0KDecbk+aFS3MetEyYDbE3bPcfRVAeR3z48Z0h1fHqRv
-6kLKBSbrf0iMzL1NTJEUxXR/OM8idUhNy5Zl4LESDsQ4ns7w/5gFXsjENpsxlQpO
-3wNd3CpYSYPP7+AlV29xsjcfH/Du2m4j5DdYNFWBC07UwfZRm0x95OM2Tr75gl8k
-9Ei2wjYY3zpFWEk0skRXmxxQ6gaO+K8NbeSFGIOUJI7hIPbueiqwk7d+PvyjTROJ
-l8RewIA25+qfDIrBoF10YVWd/W60hVMAhWhcP5qqYLjsHzXzdpcEG4ZSIY9RC8F4
-Rl1Zdh6ZAgMBAAECggEAIUwFn289zbLVT25zMh8umuuOXIAM8VpLVxjKKwexOGeH
-Z8i1IZgEFCVbOe0crEp1XGNxj7NHxGHzwGU/FfmEs+PalbRbCxzfI3suOGbDlv8Z
-Zn2cmRfYzDOb5h1yPn0iD0900l6VZV3gWKQ+Qx5vcLKI8WBRhXb1Afchc4I5O4D3
-/fjCwlCmms7g/MXNlHmxZi/svzIpwXPgTc7E3ygBpk9MnHEAcGmcwsHjaEh52qcq
-zv2dFzPr9ZJpg3gwUBx0gzpy2KqU4rtaKZtao3a7l25nZzcSlhspbES5AEZ9l/Nc
-GJ0CVw00BEgykUyWwLvMwJisOy+1PMWVkJ/V23nUZQKBgQD/TKwvapwNW/1Xil4n
-d14IRQiyGYCUBg1n6Jy8i3M6c7o4sDCD9soLHTqyedquOrzIjWL77VuRCK2H/FLz
-pB1p81kKeT3D+WmSR1jnu6Vl9nRDxj5UzIcl5YDfFY86fZIYLhekQxFrrsyd63Kd
-saAh8nFWT3wWnCfZqDzmm3P3owKBgQDTB7B+wRhexfDQN28VCVCAlvEa47Ozz720
-m6O+4dZO3SPyTnr5q8WUpGZVsIxK5SIQd6/zzlmLraZnKLTvKVvflWHUqs4s9Axq
-yvXZunPVVz1js8j0+LvngX3l4VkZHrTp5GZV9ZcV1l3xCzZoR04WjMDn2RJW5UKn
-S5Ia/YQkkwKBgQDACFw8DmTzZ45YmqvX4+HHNqYj0Sr2LNdIoZ/D8uDpxsL8gQr9
-OFUhpwrP1Pi4tVXrRO5/sTp/DZf6AcIjof6+A12mkyvyjVjrvt8Q8ASpfYhWsneQ
-MYg26TrWktD5nhqWNZVy6T/hT8p5vvCnzUQ2RLcbxQ4Bs9QF1JZ6n9PLIQKBgA7d
-5tA3OElM9pckoJ3BxzsX5yp2yi0rwHid0l5bOKbbq3Ghl8ZJFKVRI6h7xJZuKAUy
-+WFaszJE7Ikt8/k5V7CbrIW39shx9QH9BG7vVMO93qRMgSbI8yvvEniEdKtxX1tu
-7Mq3f4pZTMrzeETGaTjrd5ed0k3u3tA8YbGnFI0jAoGBAOkDspNIobHbzv4vAZXq
-Qc4Q2b4KZ7Cz6scmwfA9ave1hdHrr9DL2OPXERQFX3HU36UISBvUa0+U70L88leP
-JCblbMxpn8WpZyA7TxFiSBO1VlngrA0i/zGC4yAg0tuiojeV/z4ZhrkMnQbHNh0F
-LDfKKUuZ5+ZpnSqbYTfaePDw
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCe4fACfvp0iwOK
+ZHBrGC3IYErOiPNMq3YzwB2MD5diCC4+RoOvZph9zfs+pzyWnsmh+VQfkMDbGzGd
+vtf8uYsmrjSeqtXvO37us37ciAe+zTgZfdSXatsShc4Roix5qi/MT2fPlKuCzHaf
+lRjylqc2JQdbKWHDIPid/801/EO/3Ev+q8G8aLH52101+QQoiOB2dG+L1cH5IKPz
+yx8S5W93Cs7BMebhxBDRmmTkqHwWS4TtMOU+5G+2J7hMNi9EdgB1g16rkcyCmMdX
+UcpVXyyk8ry1Ki3qQY6T2YCySa+YbZTixPHwFA9+u1sVmjDfg7IhejxtWAXTYv30
+8/XVQlNTAgMBAAECggEAAcV9uKsAxBIVHbkyXBQeoo7MSew5LKAp+h677zO9s0A2
+TJR0FtCoH5lcO6qyrSOjfOGIrUdrlww0RYPhgmkkYryFGRKV8XJlrAFzulkiUpLI
+LtfHA7jGk4WXzBa75zYqDUQClMwEDSCWRZlseBWM7LiFK5OIPWkD/8/HBafErs8G
+w3Q1LzD1ImC4D0pdGc4vzwVtz29hOIj7QNO6hSuXaQAApXWTQK7n9i7OGyBjj5/2
+ry+zmIK2/tjtAMo1sgbNBMI6EaFL2w8VsjLZcSnr++0TjJP5xXOxGhffKpE4uTIX
+I6X1OrHG1HlMQYnewA6sgvb3EKJINNwa4wApO5VhsQKBgQDfOK8c2aA0fii8aHlb
+esIzQypvbahcEacP5Kf70TCHlzLkWnP8hMiybl9RyXJ78YXSq+8Y4d3a+sERta8M
+Z5TndHmEbJMF/ft6cxVikT4QiJm4QL528LCHy+XoAaNMtgrUnVcQNrIk8ABOkc0q
+I/PV1diAuKZ7NnxOgHeaZ8p8YwKBgQC2NqJYgpkCScEekx9Q5GZcVkaXTlqS0FDo
+LMh8YsaJALybcjDTZRbj8cymCBVsJsK3En2KAMZuERbA5MqVYRE4RPSKqXGFDbEc
+X8DJuBcJvFS3f8NswuPUgt84ZoU2I4LCvsGNjU52m//G40MHG8JkSZKoZuZKND9y
+j/ivLjCoUQKBgCtRZrokiXBmYyVc6OAVzIYCLMP+9cMYMeFlsCuwBsjpUJj77LI+
+Wmw1+w12GF9xGVUuxHGBs3oBW2JCbbvshfr8oXBPWaC6DwlOOAIuyWqP97TH665N
+OxS/PthtKPGECkoEVpbw5lVAte6JYNUisPj4TNF+A+C5TBo31/4A0kydAoGAW8Rc
+MtNjGAHpHurdhLHi03IoDx/JAdOkS6nyNqLQdkNGucriyDRLOPWYKa48i8Fhoy3O
+x+foB5rXqMIRPPYr4/jmZ8c6gtYIcs/Omkj6YU7WI6xW0bm9YFOg9Bi90ixEOKw1
+coLOF3IteQ8PvM7AMh3TnLhmFs0Ffz7+8csDemECgYEAw69eauRzYj24Q//1vIEk
+0AVtERZmgqRAwNaNJTFgwukJtb0+1sKbAkObRy3yuBJmtX9dk20gdNi7MWjbTRWl
+aEKKeSERyfbzTdOovxgAAUZk9sjlvbel78B+HhjG5p5/AseGVEnHHzDHEVVGEd9v
+bXuMYBr+pIEcsxtk4t0qXQ0=
 -----END PRIVATE KEY-----
diff --git a/Secret/CA/pki/private/core.small.example.org.key b/Secret/CA/pki/private/core.small.example.org.key
deleted file mode 100644 (file)
index 06d38cc..0000000
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCloIWZEJkvIYuk
-3d42XBxdekN4CXQodjXbUgDSdINT46I9d+xNVpB88yaUR2stotS7Ikwdc6Nsw3CM
-oP2JP4vrWbgiYkKnfNfJ7nS7jjgg9xNIOvGj424Y0I3c765UM9swUAnyXyV6pAma
-ZVzK/EQ1dnReS/7NVak+vTZOjaW8U/Q9n1nHqasInAjoChOXlwemoIYVRG4iE4WW
-rmSKgMUJg8FNiDvuDLdw68cmFca2Y7T/UHHxNe0wb7JEBoZcvZB/gN3J0swHVfPB
-KfU2vb+vfBhsR0FVW2/s0+/YLV2DAnFAT5UkFDkUKh6kNmX1OLZuQvO7wbmqWuCH
-KGpc5YHDAgMBAAECggEBAKQAhQmBtA1FTD9eKnDtWHD/ZdtwkQKXutCHLKU4Fep1
-VutC2kviUYRISIU/CtPPjpIWbgQjw0kpZUL7DtJeiC/tUTVK0vGB3zLm2dP2CYIq
-5X76TteXlicgK7j/5EEgcAQw3QiQSk5cK94kTHP6w5ekyamt2op8LfAf76xs+hW1
-/A9Swt+FpHLnFfKiuPQPJp1OR6kdWd++O9XXQ9Jn3JzuJcuMUO/S3OI6lRurhSkO
-GFclA0P5nMMTPgX2rSPwWQJYqLPKJFw3i06YbcFQwtyi3JAmdaounZKowz466nI2
-eXPKDmpctRVTyJaYf8AzAX1d4d/FF4Hx5MHhIjso74ECgYEA00qG2KeYPGlXtH4Z
-OduDzJUxyiYOEFE7dhPpmqmAdjEV4AS7a5ycadQ24DLP/M37Mq+yBC6NKXtBa1q8
-jfPTDLJOzHMx/OtiCW5iIkM3gDvKEQuRUCZScct6SZcgl+2byMomMw7/1ya+cc1i
-YsyHNj+Lh/lMmhIWG9OGQuicBiECgYEAyKxoaVIWWv+CJplTAk8Ls4MGthkum14c
-ON5pg1Bd6I8fR3FMQ3QJRILKcaLRZS884YEbLjRI1mdhKWwhZY4EEO5tvfEJMLpn
-YFqjzED7/Ip/fW/ErlS9RHh5zwA+FpVnv4e/+42JV8v68jhxulVcw/5m4oy1XWxJ
-EMaj7ctkw2MCgYA3ra33LcLqOIBKKeiP3I7QvIgQUxLlreJTbU/j18LoYmr3S4fw
-BacaJDgJwJoablVBuBbbD0FXqwlENvb1GUmGUP5+1eRYV9bP0Wy+xqO7gQXwk/HJ
-AzA6mHozJkYKgyzILqz+S3eTxLvu1UaV7nu7CefE/yb2esmkr4rz2sQywQKBgBzx
-6VmPspPLmQ1SPkvt9OUeuCAZ/8P/ThjR0+xR8kmyIzPd3r84BIIyT1sWvhdXOfPY
-+H+woPT0Emq0IxkP4/xBN+kW1FmH+ZNHX6r9kJs7qun/7iGrLWWr7v3xrgL55+4T
-eZiiMLZOQNMhWx4iY/ANSO/SlfJ0xRE7ZbfOB6m7AoGAeOHEffVVPHBnalX/YQO4
-l81DFfv9BHhsQBQ6yfUs1m5VSAeQGeZ6StSxsc0GZoyKmOHSP7glDHx1vnjmHFLo
-Pvjx1hmWw5VAmZhef9cRp2lYx+A34DyRHAsjDHTic1IpIfvc1fWPsmub6rdp9v0L
-I/hWsrrCY3SEk/zWyFM8cQc=
------END PRIVATE KEY-----
diff --git a/Secret/CA/pki/private/core.small.private.key b/Secret/CA/pki/private/core.small.private.key
new file mode 100644 (file)
index 0000000..9eb8417
--- /dev/null
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCmpCpeYiIY+MmX
+iq/x59G+NGf+WTH4EDOkswG2O/SLJ+Te4KdgVfHBfV3u9rlB6RKvL6dwBSr2T0vj
+4bMJb8bDON7+KL343URyFduJA/ENcO2Q6dnXoiWnenve1mJVyFsCMecc9Xjkpn0w
+v5LS/HfXm9Lr9mnVNdAxTy8ihZRvtQan/EERj1Gp0i/g3bn2vM+w9yenjk3R3kjN
+qaNdtoasKrHBYYow9YSiphPMOSnEldAzbY6p7FQePw07ESYNVhPEJ3rSaeLAOazu
+dVfsYdIMkvsTOjgd0jpffWVoBjp4Gl4bpoO9+z4vFP3nrdPZ6gBhedDBMXMh3yI6
+toeKpLZrAgMBAAECggEAAb5NESxQyTTUCxYfyW9DvJSlk5uZnO3/Q0ATxnlk98n+
+W3r3My1x784tl7MdBclnAkW3uVsx0V52aDlZ9NriRwULQx75ZY2PDrkGjPqlE9r0
+XIINzfM3fOXDHLpWLkvmeS1fNV/q3NT8703K2Hk6s1a4oXsjHD5atyN7GnVSTXZT
+zn1Vow0Mfwv1Kideby8OmZbGybabnbeoeZ+uCbIqq/VcWVGBOnofMnDaHUWuiwlu
+69ycyp+0mHzp5HyLcFIb6OUKFEgxPsYHSb1ao9BWjtfjt8/ADv+bcNv+apkPXKPK
+Ldr8xeLfInibVsr/Yvr/Yn3Gzyae3Sv+oZSxYpP7lQKBgQDdEz1Q0XaQk0IIhHPz
+x9wmoGqN/P4SzyeIiHoovucgV4nkdXgeIUvUPqei+/jWQlye8vfoGRHijfMdm6QC
+UEC9cO/kK4Qf3CNazmP+fJxqlUVL5t2Xxdj5sg7I6wvuZzQph8Ur2ryOSw+PDaLP
+BywyW/rUrzii8uthYta10LpYnwKBgQDA94BTXNPC6CtjK/k+Hf3ghNcV0WvNg7NU
+y0to1OxcagxB2Q2lqutWpQSX30Zhs9d1MiWHY0CqxH3G2ZJ6+PSLFPgfwrZYOtH1
+EQ4CUJPRVoDQZ0rqHgaa2SER4ZMMZI3IVMRe/d/6c17HR7C4CkS+cX3Al+dbx5RU
+T8TshUsytQKBgQCeQ7jAk8OiiplaSaBM5EZZrLu7fGNTidOObc2uP8Rspd6EnAfq
+4gFMJ7KQ/nvMv2NZMy2Ajfn8y4xBJPwL3/II7MIAAZsrx8fTqS9yrzi3ILekN9lp
+Xu0PDIaDFanL+Twhgx4HYCdeYqP30FY+ia79OlXeTrZoCSmy5TQ6ovvUlwKBgE1D
+jJVUaNH05lJ6K/0sQxgf+IMa7GBIqIh+Mf6SquVB7RB8mVNJQZvazSEGXIcIXG/n
+mVFBc4Ys0PPK8DTe9AOwbL1C2IIxYxoOLx7MJrO+QCuyADQHu7tKz0v6l0dyB7c8
+AbjLTGBay4tdcCvwqJ/cj26LJC8ClajAm+fcY0S1AoGBALfwhZlxnVl9cmgrblxC
+HK7o0V4fmioYXa5srM2u+78tJcYquS8EYSx4o++fpARGze7S+Y80kmT8fqVDu7do
+uSqQQyw2Y3id30OahFxngB0mezvKWdqxBGpDe+jJxthTKxRAKp83MXiT5IMSl5XQ
+JfmtrbjU5pf1UhyT+bdTqm1H
+-----END PRIVATE KEY-----
diff --git a/Secret/CA/pki/private/gate.small.example.org.key b/Secret/CA/pki/private/gate.small.example.org.key
deleted file mode 100644 (file)
index 43197bb..0000000
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDBhK2kHYyGHeuH
-5dwzxgCXALfOA5I8R+rRK6bvKt68WAZbADaAli/iwnymfHFA+WehbPcL0tRBgZiZ
-ZgiT5b+03M+VNigU301x9thdKhclrErc6L3ZF9U2Ub+lAJ9m68DO+uMfrR9FQNeI
-v5Niz5gJuhx/dMiQL6UteIhkufs6xUQpoZKZh4I12JYYJyOJpokeP9IeCNpVv1Oq
-HdWKF2RvYB0Hx4WHczO07aXEC3nkkkUcDswAaqHeRE1nGv78tejA+ERgpvsK0vTZ
-iurT3NTCGB8cV8Nykipv54GaCOeKks5F1hfhhamlcJkmqpqwx/xVWLhUm4mqs1pQ
-2z39ISc3AgMBAAECggEAFpC8FrkDW9g9ULly9e6OvwzsYe90q+bO8NkgPB9Jnbi9
-9PqPYGsi5lQ7aMZ2BleOx/oGzLAm5ASSoMCPG3/c3OAqrIGGJvjq9PENxb9Ut6Xh
-jOTuzlPDHvRlXn42GDBBaWFD/ruXO+IVv/Jm40zFs8yp6graIEYOAsFdVjGBpBaM
-r0KiG+UDlldp5sxxjrYfX4Xk39ZyY+4/OBXPm36UJtcV2wiUiv/XCbujmOfXerpi
-VIHH0OFtnqDCxBVngk1dsWmjEyWQ9teh45bn7M4Z2kHW152oyeDb9ptarP71oTMD
-1fttNeh7c0rAS/3OwbDqzuScgA0KQV0+6T1q/ULJEQKBgQDllhU/B0HvtWnfcXd3
-i7ZtQmaNWL44qkBjsi1RxrH0AJo/9pT8vR+4PZ5oYDMI35YKwh7UGZHj9u208Kq8
-A6lmRIqB9U4XIi2jzBO7DzHoFQRTrVsDUwG+ibrfV7LP824EO4fAsq+9YsfUeH5n
-bHqLlvbacnGyDp7wNlBEnSD4SwKBgQDXyExua4JbYj/wzGUGIf5gaOeGo4wUwpbA
-Db8Ukc+1y5dGyUs0L4wpVzHZnItym7xX3h79gefd3CMG+zkiwa3XaeSH51bgaUMj
-ybQr0zSVbrZcxVTFxEHnqaGArmqjvsj3kMvJxainU6uHa04ThsaObiNPjqHTYBDr
-3OS+dfvRRQKBgQCIHXYVOzFNdAoEDpqcxrluh6qTbKTCpbWtJesWi63fkyfgekoU
-mfAfZHDxQu+e+ChV0odCirJjLHf8CZ+//o/FcSeJKy2UK5BRh2G/Sp/1D9jT33iR
-PPpQxAmF9tGt1o5Idh7jEU1+A/2jq5iNqtPwxJ0wIB/mSCLVGe52742nhwKBgQCB
-7gPHwUifCgwCTLDP/owTNVekBLqGjZ0ES8Kw+hOeHdcbMn3sEG1PP0evBsoY2pmQ
-NxlmAGDDgJg+zerbeM/ak9Kd2ri/K+LXm863TNeu2xlHxzKCWuhsPAIZX+yqaGjO
-WQu8lR42kvUH957ttwu8G6l7cCEVDBVkUIAUByr4GQKBgQCy8aSZVh5m7g6NKOUw
-kla5NrZ5a5ffN7dXHEI0zdzR5Ee4s1OETwWypECcvIRt9gVg8+w4GDd3Fb2dDauB
-tsBL1RKqGTXqeukUAuMXvgSa+PXQBCyrhQXs/L65ZWVFX0yN6kBqEbF5+s4UeG7T
-ZIu5SWq1PzvpbvjfVotIvbJnow==
------END PRIVATE KEY-----
diff --git a/Secret/CA/pki/private/gate.small.private.key b/Secret/CA/pki/private/gate.small.private.key
new file mode 100644 (file)
index 0000000..176d4b0
--- /dev/null
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCn2oT/9lcoMY3T
+K1Pq0A5VZ8S9SLVQ4uBGq3H/Rb/MfWQBY2uALYt7PysXW+VMxGpZbrgEPF7fq9FU
+S36I/I90wMbKbLUxEvBrj2MsuAHn0MPCdvNC8sTmsKB1AEG7gzVfFfz3uipakm/0
+FwnhZuYFIxxAlyQHP0gdI2AEkB+8TjgdBTUsqTYrtz206j/1LgIUcEtWUj3JK8ji
+XJq/y5qbItOFwai/xn7JV7l6BFuaImD0yA7+6vSMTvTEBgC+nX4TueCHtzd4i/Xj
+033Y61qk9Juw/h/3jSv4Jx1bqsBbxfShkTRJzUdprQzUkvrQG9n45+feoD7RddPT
+nNjf22yXAgMBAAECggEAGWx9QaHH0MQ0tZv18XaC/Uei4oKtR+udScb1FNO1Od1y
+NM2gvkDnxAqs1bRrFkYXz6T4BVg5jIpjQe/PYiNS/T2nvohZp221ca09ucvDKiAS
+TpWiweywizqMizw3OJYmktjrQIB3otFUWLXWnsftpjCLunLKF7jrjNJLXFWSIPy/
+MkWT1TFTIJsrjhvfPbh+f+OO1Jtdb9V9NOQdtAzvZMB2lK1BLPEJjEEpoy5ryvir
+dKbPBRD9r06zp4NyubOXXxxBhevwR1NfJ3AQAfKgZTs6pi6OLWVMoxIuJOcyZO0K
+YXMSeAM5Y1//JOBWy+d2BKh/K+GOUTMHK9FAub3iyQKBgQDPwcG3RkMjta319bbw
+yIyVAOhM0J+qHYjrSaCeCJ2P2NPCgVrzcg6SuSydEBg3e+v1knITcrsqDq3OYapd
+eCQVIaUaKkZ6c4fxFde3fOgA6Kr6N7Vb8+goZXRAnFKTkudgD4hKUlWbQpTnh2gG
+R32M9zNkDBCotwQ+PRnL7sONbwKBgQDO1K/K1g6V8CEUcbsBP7IlGcVUOsYcfeZ8
+GjCHGRYZDfQL646lq4kMxQm6rOV5o5JCCQHGedZOwfY7DIpjWh4jim39iYQGFmTb
+65JIubCvqDUNxDKXHaq2bUuvhfd+wOpBTyNPyBmYQOZVK40yMLH0Vs9uQ/2I9Pm3
+w1lZBWZPWQKBgQDC2SyukBY98pHiAX5/GwhGYyB7kpp8eNDGIzqhnODxXWFVpe5A
+LnOehk9iSwr7Vpz5p0yYEt2Y10WJLy4SFbB5pSFshcOt6pbPtDWp4FrTJ2Pb4s2U
+HRBaerRqOHJ196xK+qZPViL1x59R+jvEz93fjKTFK0+gfG1dVf7QtfDvvwKBgCrA
+F13LhNRE//Fj2I1XhxDYFMtmIpC9DSjVmPYznzeqhKj6FU/09qznBS3KktvjjVWM
+2wsVH9DDkot9+hSzCcu6zyU6iUlg05QJSwExMG3+TIj95p8JiMGQMbaj8BYI9eJt
+4xSYfYHU2Eb+a37WRdIFJ3bZIsxuJjdvb0ZRMWZxAoGAdEflKm0SdtpHzRUKZjLF
+jl319XN2ZkJd/Lm47jBDiDP39G3h/0Qs2x7O1kEVFHT/ylZrlu9yFPT6xa4b686r
+FTzNS7xmi4kGZ/VACaBB57yF7pBnXj+Bgcb/9gZNAdSJA7zi/4xaU7c8X1udgK+T
+0WQ46DtKSF9UfmXdgZUjtA0=
+-----END PRIVATE KEY-----
index 28a67167556f3384998b0e4a681ecc4dbf30d0da..157b0534c5a802840073878e45ba03d40a40766b 100644 (file)
@@ -1,28 +1,28 @@
 -----BEGIN PRIVATE KEY-----
-MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDCs8Yf4OZUXB4N
-NCwCu1/WhH37Ywz6DTOlkoav9+hyhmn7Rf2QFJ1V3SJQsL5xlNpo/zxG7yJKhK6O
-hC751oz9RC7r/pVeRYY/94ZHAMHYZLQ/Vci1/GnDG6pUxfS2pkA/nxX/6zseXtfU
-666tvOLPSv7fPWk2N3lnlb9DsOLWKWA2GPh9Mmd5uzCV7I2TRlYTcpOWrHApUybB
-2Mc4SoMtVruQD6QJ/ebYcv0LSE841CgxD+Nj0D3R4qvhEBLHJ4UDXX0BQC47li7x
-pqIyqL2XKpBuELZvmHrpnwYB3gvJGJ6DTC2lW5kOGWl38F3iPTfGTXPHsOj7XBZF
-KXTkMZl7AgMBAAECggEAdJtaYyk8iPWKgfnnCdPSeBVtpisSUIerkNQKmkTtD/n0
-ayrly26tNAl2TcEsrbWqgQurvAfoD50bNftwbuzSD7TQLUKRjp4w4wqJfuizL7hQ
-Q0ZLKML9TH67Kn5MKz+yZugOMvFcvLmspbZpLWBcri2KK4UKCBB9Q05p+E5t7Dha
-kKJ/9yTtOqQY//3utpABYMpue9lsDPaTJ1/vjI7kBU0mB4ocEc2WiqyWklztIUg5
-CtGFttxALQVMyyKxzyYrHqsOq3TUzRtm/5Lw6NbZeu7x3b12uF6RshqT0PWfXGFX
-tVkKzNkYIQhQqyUia6LSYeZotBEIH6gFFqRxPUtugQKBgQD4nHkUYPJ1VtoBUsGp
-WCCi5D9aB025Vzzslgm2r+dDh0LctKWTt91xWHVuWAN5dWELmd7lzdhZnEG5tPAL
-fpCJYOU+j0H9EGvWuX9YoDo3AArppUX1MpqE1CzWSPXtytlBqAR52Eges86sqNmD
-4nNw2zvmpMALrbI7kMmYskP1IQKBgQDIfSQsGxHouItn4BMlUf8nUKx6n+XorK8V
-OqwtZa+sTxNdvL7egQznJIcKCy379OfpKXuTdzJFsklC8QytWu48hqhRSpanzz0n
-enj4LNrpP3lrS+upz67bxLlvvC8/SG1vhNQnBk2p2OMCSbWsFxqTN8P7+SXTAbeL
-2ILSBZ/fGwKBgEX7RdoGsDl3iUZ2FS2mMQmpVmvxQl+5vtyaH4HdYiwQFzIpZ7J9
-P0h4rhWxkMjP0dGCLsxhdVVENvwfgrK5ndYOAHnruZeS18hJzx8Te0+gI3JBo7+x
-zu01DKoFP7UANMfWk+v4hdSeqL7RiOknBXfvPp1eIvEmo9VAnH7vL1IBAoGBALCC
-DDCQfInov0LqcbCvqfWQ/ujOkXjxXwtPpnopRiprS9+A5oG6GAP/kqvy/78M9IfA
-L726eRYHSpyW39RXc9rxqoo3IsAGog55srq7stcbPOiL5KSR5Z4yahfHE8mhGEfQ
-J39b+1AHVISVJE6n4Iuv0umphfVpU5DZQwNoVEH1AoGBAJLdjxNJjP+Eh07ZV0o+
-Y1W6/GSXoTuJdrmSKalQppdgr2l/0C3VSe7MjIxIlfVuULJWfoebj89epblQ0O4O
-uMvIhpPy8Fq+LFDl2jjZ3HoMz0VrqaYe9hNQ7AGVYqy22D+xFTi3hXugRIVY+ut0
-aYBCoHEDILw+LVVlOIUXWrNi
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCocVA7cjmVVcdP
+Cq3UxiHO2OpUPrirsgfmB+Wz5q+RFT0LT3Jq+5j7vi3Y/xFWiDfDhFXS07cGXk+5
+wlaQ1EmgSdYTqr+kZjDOTL/dxhMJD/nq/PjRI2C+lf9KOyopNJ31Yp9gfNehkVsC
+X6JDUDSL97bsUh74vfNZDolIEhZIJxMOse0J+RXREtrczCEgVOzOVDYaVdSvB9Lm
+WKmbjUa4jG+KPAdM2hEyYqFTQ11+QTEj78MZQG459nN0pnb3arpWnCeyZLGfn+Jq
+li4kDBQRBl5GCDmU0QqhLgOzuh8DWmO20WYfMAWi0N/FaM2abLxzx61xka2qHDR6
+9QDnrU5RAgMBAAECggEACk+NYBDY54RDBAVHqMD2wX5Tsb55IsFuFwL1aPK+XSeA
+qhg94mtDl71czxil9gxhOs2h90V7FvUKSk5UFYojy5+uxAYYCbcxAPUqatKSHbmQ
+THXEbADkuNCJD6vZeSuTCQ9KvubwHXVpWGwu4ZH09XsUrm3vHr4kjuyt3e8wKqW9
+j6LtpR+AU7z0VUhsFSvFZiJO+2wF1rsQySHlXpeNOhAKka4dJTeZhUfuak+QLyVf
+1/xPIhbB7l/HfeQniRLXmX6ds0H0eKP7aYsIJxr1DLOXuILYEXtk5MJEh032ZD7i
+CvuvKq21kdInFMpRSt0DPjh4ocpnoE82jQ1EtlEn8QKBgQDYSag/9zXhCBDgdyEr
+dZEzEjdEgcwNz/t2aNWvksS/mv0OZGw9HQTQesHj7fT6uex9Ih6KFHWonZq21Cak
+a6j/w8ujwcX8WlUQNzN+HciQUgmen8RL/doiuPyaciqYtGsMFbGpf9BEzizGGztj
+XF7i3WHaWoFw8RnXQRULLvCpjQKBgQDHXsFmR3aksw8ehZyUA+aNhJI0d/4oHjrp
+l2XYdVXzbqaA7GuyvvvbDFKWU4DlEnecKQgjO5gJ4hqnvQEPlHmj1ZJDXkujxNk6
+oWoxyrfmuMyFXAj4Oc8rHVGDMRudkNvBGdsgmILmG0z6sohoh3aPzcOOJ4ZqSGNT
+3v5/zHws1QKBgQDGgmQPwV8MGJEU04H4F0Ga9B8Rm2ejTb5oITPunvBBQ4j6yqSl
+OpsOlXybK+1qqXYqK0SIStrqVSyInRKSWdWUWSnwNIr4YBgud9uk5sUL4J+/nLdX
+X7fzooEFZ788xGpzfv2+qfaHEAv8D0ZknYThB3smI2cmN8MV0z/zMbPkiQKBgGEt
+Rodb/fB5dr0h0xgyboY8QCdi9XcIhR6mtPW0+5gULwRYOIZ/oLM8ZmTvfrwpLDPp
+rBXATnNCyktITOQTMtcwmoJLzAKfSGLTmrd6X/kNymKWYajcRKZ3O+v+W7+JhBOz
+TqOssuEGHZd0vhh1Ls0ZNmBr05Cqh/+xicsxGLWhAoGBAJPHVS/vTjCX6z5eTKuS
+I51bisXJ2CpR7+bREYX9Gzzb4gwCWFV/7alyRQ2TFMaeKcsJjrHHDX9MY43whWyE
+05D+fxONJKn0ClLezWwtyemWjBZ0cg/GDUqHY5aoCC8VfCxaFMbHlRN/xGb7Z2Y/
+b/HetgGFVxZ70xJkVPQEEpx2
 -----END PRIVATE KEY-----
index 4670da8abdfa491d56f92737ed77226020db5136..37920d8a166c80d0e1975e699ac89a021c04c0a2 100644 (file)
@@ -1,15 +1,15 @@
 -----BEGIN CERTIFICATE REQUEST-----
 MIICVDCCATwCAQAwDzENMAsGA1UEAwwEY29yZTCCASIwDQYJKoZIhvcNAQEBBQAD
-ggEPADCCAQoCggEBANJz3Qbo2P1sYoP7Oc+ecnXrJQ8+RssSm5/QoN5xuT5oVLcx
-60TJgNsTds9x9FUB5HfPjxnSHV8epG/qQsoFJut/SIzMvU1MkRTFdH84zyJ1SE3L
-lmXgsRIOxDiezvD/mAVeyMQ2mzGVCk7fA13cKlhJg8/v4CVXb3GyNx8f8O7abiPk
-N1g0VYELTtTB9lGbTH3k4zZOvvmCXyT0SLbCNhjfOkVYSTSyRFebHFDqBo74rw1t
-5IUYg5QkjuEg9u56KrCTt34+/KNNE4mXxF7AgDbn6p8MisGgXXRhVZ39brSFUwCF
-aFw/mqpguOwfNfN2lwQbhlIhj1ELwXhGXVl2HpkCAwEAAaAAMA0GCSqGSIb3DQEB
-CwUAA4IBAQC6bMENrO6PK3lEVJK61oOCLiw51O7uK3Cpp1d+jTArH+L3oR55jIfH
-FJ7Ex/yhYBGR12F9iafkyfWwmT3oEgfngsUaSF4VJZWeNFMGXrCpvlDxwFP14RHi
-7hL7PnaritX6tJm+5Y8lYnalIzLlbUgY4HQD3QWYPOL1aYKeatEL9jY5UENpsw/L
-X1NV2XWZ3ePFIQIvEHecRpj8/03Rvv9rsKlRnoCU12FIVDE5YFqJ6xq7HDV8IdII
-U/0k4n9qzOyub17X139dvDJjl6ViCRnLwo4d5Bksic+Av4ILRlW+iH85F+S3eKqF
-PGP78oFqUYoNE64NmsFle+C66D0hb9r/
+ggEPADCCAQoCggEBAJ7h8AJ++nSLA4pkcGsYLchgSs6I80yrdjPAHYwPl2IILj5G
+g69mmH3N+z6nPJaeyaH5VB+QwNsbMZ2+1/y5iyauNJ6q1e87fu6zftyIB77NOBl9
+1Jdq2xKFzhGiLHmqL8xPZ8+Uq4LMdp+VGPKWpzYlB1spYcMg+J3/zTX8Q7/cS/6r
+wbxosfnbXTX5BCiI4HZ0b4vVwfkgo/PLHxLlb3cKzsEx5uHEENGaZOSofBZLhO0w
+5T7kb7YnuEw2L0R2AHWDXquRzIKYx1dRylVfLKTyvLUqLepBjpPZgLJJr5htlOLE
+8fAUD367WxWaMN+DsiF6PG1YBdNi/fTz9dVCU1MCAwEAAaAAMA0GCSqGSIb3DQEB
+CwUAA4IBAQAGg6ZVBzd70SvsfDilCFTWEFhaMpvgZ73UdiEpxxGaRQuN7wFzQipa
+KCxdFunQ4lPMoVj7JFM4yu6JvG7ba0B7VqG9HTXV2TpFxBOYeqfEX6Y3xFf/HX0W
+uNVTuZTbwKu2/4C/yylWdiN3znm2tZ/+zs28Xy8bCPCOAgWg5BVgWST8EGfNvL3B
+InG0fwwXxwYRJEdyT+dUbfH9YKLzrKmlVO33vpxR7u6pIYk7AAL1R5XAkHxdSZJG
+3W7TQJEaZf+OKquMbNcBKwNhzLMEeCO3RIVRmmw2xyoPkeivlbG1HGeImnLeA2xm
+YDdDPjRy0H61kNPyvhp8EGCsNBebD3D4
 -----END CERTIFICATE REQUEST-----
diff --git a/Secret/CA/pki/reqs/core.small.example.org.req b/Secret/CA/pki/reqs/core.small.example.org.req
deleted file mode 100644 (file)
index ad8b221..0000000
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICZjCCAU4CAQAwITEfMB0GA1UEAwwWY29yZS5zbWFsbC5leGFtcGxlLm9yZzCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKWghZkQmS8hi6Td3jZcHF16
-Q3gJdCh2NdtSANJ0g1Pjoj137E1WkHzzJpRHay2i1LsiTB1zo2zDcIyg/Yk/i+tZ
-uCJiQqd818nudLuOOCD3E0g68aPjbhjQjdzvrlQz2zBQCfJfJXqkCZplXMr8RDV2
-dF5L/s1VqT69Nk6NpbxT9D2fWcepqwicCOgKE5eXB6aghhVEbiIThZauZIqAxQmD
-wU2IO+4Mt3DrxyYVxrZjtP9QcfE17TBvskQGhly9kH+A3cnSzAdV88Ep9Ta9v698
-GGxHQVVbb+zT79gtXYMCcUBPlSQUORQqHqQ2ZfU4tm5C87vBuapa4IcoalzlgcMC
-AwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAN5bB3nLJEky5WyxE4JQ9luHmS3heY
-r3OtS66sNUlGxvUkwZ3Vl5TRMppn1g9S6OnuwImtXXYIw2U7kh/n3M3maMLKjqAb
-XlA6hAz1+MTHcx1TN5d3VLLe/qUcMzViyx4Pijia3gFnS+AUeXYyFNgcWjjFjuDo
-lUhGDG/WHD0OMhDoY6qaoNerwU63JdCoh4eh8tWvRSKS2C+OSIihssF2PhkVj7yC
-JW3SLgwcT9XHvRHKXxcNHT7aToEqzaYaTZGpUUMNoomsfuvsKgblyPXNZr546ffG
-AnHzQUX+Nygtp5OugfO65m0Yq1v7sz138QgRLw0CRxK1IW/8e/312vVJ
------END CERTIFICATE REQUEST-----
diff --git a/Secret/CA/pki/reqs/core.small.private.req b/Secret/CA/pki/reqs/core.small.private.req
new file mode 100644 (file)
index 0000000..e7c551a
--- /dev/null
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICYjCCAUoCAQAwHTEbMBkGA1UEAwwSY29yZS5zbWFsbC5wcml2YXRlMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqQqXmIiGPjJl4qv8efRvjRn/lkx
++BAzpLMBtjv0iyfk3uCnYFXxwX1d7va5QekSry+ncAUq9k9L4+GzCW/Gwzje/ii9
++N1EchXbiQPxDXDtkOnZ16Ilp3p73tZiVchbAjHnHPV45KZ9ML+S0vx315vS6/Zp
+1TXQMU8vIoWUb7UGp/xBEY9RqdIv4N259rzPsPcnp45N0d5IzamjXbaGrCqxwWGK
+MPWEoqYTzDkpxJXQM22OqexUHj8NOxEmDVYTxCd60mniwDms7nVX7GHSDJL7Ezo4
+HdI6X31laAY6eBpeG6aDvfs+LxT9563T2eoAYXnQwTFzId8iOraHiqS2awIDAQAB
+oAAwDQYJKoZIhvcNAQELBQADggEBAIYXdmjQ1g95iG5pLnJ4+pV+WQVqeLCQzbRc
+fEv34pVd8zmpVU6mTIHk/QrPkFDFnP0TCqlkieOcSK6r+DoK6lp3aIgq/qfG3aAZ
+jwHm7UQDioHuNTXkCYzhpGnbHyMl2NmXkuiKKQ6FlhyvPMpYCFESSofVXCwK1dKT
+o2VAY+seQgAUkAk4EFy1WfLLbRA173y78YpxPXPrnAszn92BFSKFdXI0b2zAeQxd
+67FwmTVvcpUyXF93n6JBdo+4YGBW8UL+N7hdJwd+/PrhO8UwsB6sgsU6yEa9mhck
+YdiCEU8bnafVxL7dH3ZSrfET6qUXpK2dOJ2acl5KohlBpC0trdQ=
+-----END CERTIFICATE REQUEST-----
diff --git a/Secret/CA/pki/reqs/gate.small.example.org.req b/Secret/CA/pki/reqs/gate.small.example.org.req
deleted file mode 100644 (file)
index c648ce0..0000000
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICZjCCAU4CAQAwITEfMB0GA1UEAwwWZ2F0ZS5zbWFsbC5leGFtcGxlLm9yZzCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMGEraQdjIYd64fl3DPGAJcA
-t84DkjxH6tErpu8q3rxYBlsANoCWL+LCfKZ8cUD5Z6Fs9wvS1EGBmJlmCJPlv7Tc
-z5U2KBTfTXH22F0qFyWsStzovdkX1TZRv6UAn2brwM764x+tH0VA14i/k2LPmAm6
-HH90yJAvpS14iGS5+zrFRCmhkpmHgjXYlhgnI4mmiR4/0h4I2lW/U6od1YoXZG9g
-HQfHhYdzM7TtpcQLeeSSRRwOzABqod5ETWca/vy16MD4RGCm+wrS9NmK6tPc1MIY
-HxxXw3KSKm/ngZoI54qSzkXWF+GFqaVwmSaqmrDH/FVYuFSbiaqzWlDbPf0hJzcC
-AwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQA9SuOBX0MduLi6Tuf9NK1tNXCq669U
-KnHf1Okt+lGaknYBgfwdWzNUyoWrdIqfT5Ryk8bAV4+pKH4WRjIRoNJ9uwJ8vRl/
-I7IVVG94wvT/agfPZaui7bbATGTeL5zCKloIHecbfse7XoLD4zUm1HTa98eTOakI
-wwUpXBFPdDt5/WFDYFA2yLwaE94dv1A90z4GwqRFE1Qd080niGPMgwImVTNYqkIc
-Pdm0txM0hSBtv120HDzaSwRAiYUPfUUUuoDsdGMc2KfFcZn1Tjnxn/pgsbXc1jK2
-wrQ4h+Pkloz8urEvohMCiWlCz87PnwUUaKYWGgnJcNqtkVg7q6VIYR+Q
------END CERTIFICATE REQUEST-----
diff --git a/Secret/CA/pki/reqs/gate.small.private.req b/Secret/CA/pki/reqs/gate.small.private.req
new file mode 100644 (file)
index 0000000..b1dc2e2
--- /dev/null
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICYjCCAUoCAQAwHTEbMBkGA1UEAwwSZ2F0ZS5zbWFsbC5wcml2YXRlMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9qE//ZXKDGN0ytT6tAOVWfEvUi1
+UOLgRqtx/0W/zH1kAWNrgC2Lez8rF1vlTMRqWW64BDxe36vRVEt+iPyPdMDGymy1
+MRLwa49jLLgB59DDwnbzQvLE5rCgdQBBu4M1XxX897oqWpJv9BcJ4WbmBSMcQJck
+Bz9IHSNgBJAfvE44HQU1LKk2K7c9tOo/9S4CFHBLVlI9ySvI4lyav8uamyLThcGo
+v8Z+yVe5egRbmiJg9MgO/ur0jE70xAYAvp1+E7ngh7c3eIv149N92OtapPSbsP4f
+940r+CcdW6rAW8X0oZE0Sc1Haa0M1JL60BvZ+Ofn3qA+0XXT05zY39tslwIDAQAB
+oAAwDQYJKoZIhvcNAQELBQADggEBAFSpfB5tiD6s9+hzasMy7hJC49SlX4zrZZga
+uLgebvtwepPCBclfk8dsI7hr0YtQ8hf/e7sTdNvRUuhv0QetjQV42nP8zV23y20L
+E7O65+o1erx3FdFs3ruetZaPsMYdwsZvpnxLKFgb8OEd0VQ6E5bjZzLhxD0JYDjC
+D8MBPW8wC3AcR6ZPdCSdmoYl6Y+sFmeoeHLMnXivdSkKcnKR/gcIKdspotoshRp7
+3ZVr73uR8xUKKxslLXvjy3eDT1GcBaD89FUWJcEiG4ylF4hFcrhd/EkfDbNcEDIA
+XAnVURPJ3NYIKmSJ7nVurj3mlQLBgig6AH+dpqMn6BLTJ0m80a0=
+-----END CERTIFICATE REQUEST-----
index 0aa2f95caf7cea464db4bf30f02df2c6e9323fc6..535ba5235e524c565548ef978072858a6794570a 100644 (file)
@@ -1,15 +1,15 @@
 -----BEGIN CERTIFICATE REQUEST-----
 MIICYTCCAUkCAQAwHDEaMBgGA1UEAwwRc21hbGwuZXhhbXBsZS5vcmcwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCs8Yf4OZUXB4NNCwCu1/WhH37Ywz6
-DTOlkoav9+hyhmn7Rf2QFJ1V3SJQsL5xlNpo/zxG7yJKhK6OhC751oz9RC7r/pVe
-RYY/94ZHAMHYZLQ/Vci1/GnDG6pUxfS2pkA/nxX/6zseXtfU666tvOLPSv7fPWk2
-N3lnlb9DsOLWKWA2GPh9Mmd5uzCV7I2TRlYTcpOWrHApUybB2Mc4SoMtVruQD6QJ
-/ebYcv0LSE841CgxD+Nj0D3R4qvhEBLHJ4UDXX0BQC47li7xpqIyqL2XKpBuELZv
-mHrpnwYB3gvJGJ6DTC2lW5kOGWl38F3iPTfGTXPHsOj7XBZFKXTkMZl7AgMBAAGg
-ADANBgkqhkiG9w0BAQsFAAOCAQEAenoC7hzNcGxnfQ314qpsIX6s+8A/Yrhc8y0Q
-rojHMzS2T8HAsm+S1RR6lVmbYHwufdEgZB0DpDMCwJhVG9FYn4Givef5ByW7+ohm
-ejc+WpYw26tpjj/DZzYAaxFe/Np0JK5gPcXuRIXtetFaQTDEfbiD5X8K0sit4aMT
-4jlmaiULsVv4eOsFHbXJImWVQ0azyXdCWRJgIbsVUsFZxaN6rnzCbGsNR/y5ynHQ
-q1b+EQ/nAEY93QwJiX+kRBs4B8GR/2qEqUxeVcZhh/LPImtgihI3uThf/bNKxDAv
-ZxW4LgucVfVrfVZtA2DB5T1cD5CC26tgI7+/SoYFx3hOhhuiBA==
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCocVA7cjmVVcdPCq3UxiHO2OpUPrir
+sgfmB+Wz5q+RFT0LT3Jq+5j7vi3Y/xFWiDfDhFXS07cGXk+5wlaQ1EmgSdYTqr+k
+ZjDOTL/dxhMJD/nq/PjRI2C+lf9KOyopNJ31Yp9gfNehkVsCX6JDUDSL97bsUh74
+vfNZDolIEhZIJxMOse0J+RXREtrczCEgVOzOVDYaVdSvB9LmWKmbjUa4jG+KPAdM
+2hEyYqFTQ11+QTEj78MZQG459nN0pnb3arpWnCeyZLGfn+Jqli4kDBQRBl5GCDmU
+0QqhLgOzuh8DWmO20WYfMAWi0N/FaM2abLxzx61xka2qHDR69QDnrU5RAgMBAAGg
+ADANBgkqhkiG9w0BAQsFAAOCAQEAOeyF6lhwbAuCzm7CVsma/FQn7OVhCa63//go
+CRAolfgit1ZD/B8XuqZ+HKresYsDG+pgJ9+D3n+87j6zqIaXgVDgbqzk93Fayekh
+K+ytHeYAhEqAM7+M0aQacyimMls5eyIKwtAqglo69PDKGczzLKo0YwT7BJnlcr3v
+zYojoBuNNncdzOYV4FQFHQ2Un5S4uzWKXrDWUPtjjDEfDcahvPO0bKBrl1ReJQBr
+RYTmGV24VAPlS/gU04ZbbDrdwK5RkwtBOPJX82ws0aBHAcq6e2vosMnBHKDyUDRz
++/4cx0iMQIfafhJJH+qep0s7QNV6XEC2ltc6uFSyMbRmIASoog==
 -----END CERTIFICATE REQUEST-----
index 8d7993cf9e3f15cfe79ba2a038ca2ae46220bd97..6605da41cc1b49db3a1006e38e39cc9fdda658f7 100644 (file)
@@ -1,6 +1,4 @@
-# For use with Easy-RSA 3.1 and OpenSSL or LibreSSL
-
-RANDFILE               = Secret/CA/pki/.rnd
+# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL
 
 ####################################################################
 [ ca ]
@@ -9,25 +7,25 @@ default_ca    = CA_default            # The default ca section
 ####################################################################
 [ CA_default ]
 
-dir            = Secret/CA/pki # Where everything is kept
-certs          = Secret/CA/pki                 # Where the issued certs are kept
-crl_dir                = Secret/CA/pki                 # Where the issued crl are kept
-database       = Secret/CA/pki/index.txt       # database index file.
-new_certs_dir  = Secret/CA/pki/certs_by_serial # default place for new certs.
+dir            = /home/matt/Network/Abbey/Institute/Secret/CA/pki      # Where everything is kept
+certs          = /home/matt/Network/Abbey/Institute/Secret/CA/pki                      # Where the issued certs are kept
+crl_dir                = /home/matt/Network/Abbey/Institute/Secret/CA/pki                      # Where the issued crl are kept
+database       = /home/matt/Network/Abbey/Institute/Secret/CA/pki/index.txt    # database index file.
+new_certs_dir  = /home/matt/Network/Abbey/Institute/Secret/CA/pki/certs_by_serial      # default place for new certs.
 
-certificate    = Secret/CA/pki/ca.crt          # The CA certificate
-serial         = Secret/CA/pki/serial          # The current serial number
-crl            = Secret/CA/pki/crl.pem                 # The current CRL
-private_key    = Secret/CA/pki/private/ca.key  # The private key
-RANDFILE       = Secret/CA/pki/.rand           # private random number file
+certificate    = /home/matt/Network/Abbey/Institute/Secret/CA/pki/ca.crt               # The CA certificate
+serial         = /home/matt/Network/Abbey/Institute/Secret/CA/pki/serial               # The current serial number
+crl            = /home/matt/Network/Abbey/Institute/Secret/CA/pki/crl.pem              # The current CRL
+private_key    = /home/matt/Network/Abbey/Institute/Secret/CA/pki/private/ca.key       # The private key
+RANDFILE       = /home/matt/Network/Abbey/Institute/Secret/CA/pki/.rand                # private random number file
 
-x509_extensions        = basic_exts            # The extentions to add to the cert
+x509_extensions        = basic_exts            # The extensions to add to the cert
 
 # This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
 # is designed for will. In return, we get the Issuer attached to CRLs.
 crl_extensions = crl_ext
 
-default_days   = 1080  # how long to certify for
+default_days   = 825   # how long to certify for
 default_crl_days= 180  # how long before next CRL
 default_md     = sha256                # use public key default MD
 preserve       = no                    # keep passed DN ordering
@@ -35,7 +33,7 @@ preserve      = no                    # keep passed DN ordering
 # This allows to renew certificates which have not been revoked
 unique_subject = no
 
-# A few difference way of specifying how similar the request should look
+# A few different ways of specifying how similar the request should look
 # For type CA, the listed attributes must be the same, and the optional
 # and supplied fields are just that :-)
 policy         = policy_anything
@@ -59,7 +57,7 @@ default_bits          = 2048
 default_keyfile        = privkey.pem
 default_md             = sha256
 distinguished_name     = cn_only
-x509_extensions                = easyrsa_ca    # The extentions to add to the self signed cert
+x509_extensions                = easyrsa_ca    # The extensions to add to the self signed cert
 
 # A placeholder to handle the $EXTRA_EXTS feature:
 #%EXTRA_EXTS%  # Do NOT remove or change this line as $EXTRA_EXTS support requires it
@@ -71,7 +69,7 @@ x509_extensions               = easyrsa_ca    # The extentions to add to the self signed cert
 [ cn_only ]
 commonName             = Common Name (eg: your user, host, or server name)
 commonName_max         = 64
-commonName_default     = core
+commonName_default     = ChangeMe
 
 # Easy-RSA DN for org support:
 [ org ]
@@ -94,7 +92,7 @@ organizationalUnitName_default        = My Organizational Unit
 
 commonName                     = Common Name (eg: your user, host, or server name)
 commonName_max                 = 64
-commonName_default             = core
+commonName_default             = ChangeMe
 
 emailAddress                   = Email Address
 emailAddress_default           = me@example.net
index b7cb96f1f073c49d565077589e3a9f26ff11a7a0..085988d34c9a0383b12a8a0a85a0d9d39e59de64 100644 (file)
@@ -1 +1 @@
-DCCAF785FE1F49DD878444FEE564818B
+B0C65C6B0A978A7897BA90C7E68C7FF1
index 56f8f2cb8cc4c8aa026bf4a165d19c81cbe2ad24..1f7d95d983cd07e4bdb21cf4748e390e7fc058e7 100644 (file)
@@ -1 +1 @@
-dccaf785fe1f49dd878444fee564818a
+b0c65c6b0a978a7897ba90c7e68c7ff0
index be4fd0ce83b9c4dd4373f34372f28c29211df847..799c9280bc837ae9e8812fe6a43a15476487c1ea 100644 (file)
@@ -21,7 +21,7 @@
 
 # NOTES FOR WINDOWS USERS
 #
-# Paths for Windows  *MUST* use forward slashes, or optionally double-esscaped
+# Paths for Windows  *MUST* use forward slashes, or optionally double-escaped
 # backslashes (single forward slashes are recommended.) This means your path to
 # the openssl binary might look like this:
 # "C:/Program Files/OpenSSL-Win32/bin/openssl.exe"
@@ -71,6 +71,10 @@ fi
 
 #set_var EASYRSA_PKI           "$PWD/pki"
 
+# Define directory for temporary subdirectories.
+
+#set_var EASYRSA_TEMP_DIR      "$EASYRSA_PKI"
+
 # Define X509 DN mode.
 # This is used to adjust what elements are included in the Subject field as the DN
 # (this is the "Distinguished Name.")
@@ -108,10 +112,11 @@ set_var EASYRSA_DN        "cn_only"
 # Choices for crypto alg are: (each in lower-case)
 #  * rsa
 #  * ec
+#  * ed
 
 #set_var EASYRSA_ALGO          rsa
 
-# Define the named curve, used in ec mode only:
+# Define the named curve, used in ec & ed modes:
 
 #set_var EASYRSA_CURVE         secp384r1
 
@@ -121,17 +126,20 @@ set_var EASYRSA_DN        "cn_only"
 
 # In how many days should certificates expire?
 
-#set_var EASYRSA_CERT_EXPIRE   1080
+#set_var EASYRSA_CERT_EXPIRE   825
 
 # How many days until the next CRL publish date?  Note that the CRL can still be
 # parsed after this timeframe passes. It is only used for an expected next
 # publication date.
+#set_var EASYRSA_CRL_DAYS      180
 
 # How many days before its expiration date a certificate is allowed to be
 # renewed?
 #set_var EASYRSA_CERT_RENEW    30
 
-#set_var EASYRSA_CRL_DAYS      180
+# Random serial numbers by default, set to no for the old incremental serial numbers
+#
+#set_var EASYRSA_RAND_SN       "yes"
 
 # Support deprecated "Netscape" extensions? (choices "yes" or "no".) The default
 # is "no" to discourage use of deprecated extensions. If you require this
@@ -181,6 +189,9 @@ set_var EASYRSA_DN  "cn_only"
 #
 #set_var EASYRSA_EXT_DIR       "$EASYRSA/x509-types"
 
+# If you want to generate KDC certificates, you need to set the realm here.
+#set_var EASYRSA_KDC_REALM      "CHANGEME.EXAMPLE.COM"
+
 # OpenSSL config file:
 # If you need to use a specific openssl config file, you can reference it here.
 # Normally this file is auto-detected from a file named openssl-easyrsa.cnf from the
diff --git a/inst b/inst
index 6b6a00352fb94d614cc2a683577dfee2f5ddd134..9924c9598f4f2118a2760b1c238a72f409134edf 100755 (executable)
--- a/inst
+++ b/inst
@@ -77,8 +77,8 @@ if (defined $ARGV[0] && $ARGV[0] eq "CA") {
   mysystem "cd Secret/CA; ./easyrsa build-server-full core.$pvt nopass";
   mysystem "cd Secret/CA; ./easyrsa build-client-full core nopass";
   umask 077;
-  mysystem "openvpn --genkey --secret Secret/front-ta.key";
-  mysystem "openvpn --genkey --secret Secret/gate-ta.key";
+  mysystem "openvpn --genkey secret Secret/front-ta.key";
+  mysystem "openvpn --genkey secret Secret/gate-ta.key";
   mysystem "openssl dhparam -out Secret/front-dh2048.pem 2048";
   mysystem "openssl dhparam -out Secret/gate-dh2048.pem 2048";