# HG changeset patch # User Heiko Schlittermann # Date 1447102306 -3600 # Node ID 75c45a13ac8c435d67520f3a7483fd4061eb6063 # Parent 34964c339a31e0aa38a1db631355bc64e2487268 Deploy schlittermann-ca.pem in /etc/ssl/certs diff -r 34964c339a31 -r 75c45a13ac8c Makefile --- a/Makefile Mon Nov 09 12:41:00 2015 +0100 +++ b/Makefile Mon Nov 09 21:51:46 2015 +0100 @@ -1,5 +1,6 @@ prefix = /usr/local +etc_ssl_certs = /etc/ssl/certs share = $(prefix)/share certbase = $(share)/ca-certificates/schlittermann @@ -9,14 +10,13 @@ clean: install: all - install -d -m 0755 $(DESTDIR)`dirname $(certbase)` + install -d -m 0755 $(DESTDIR)$(certbase) + install -d -m 0755 $(DESTDIR)$(etc_ssl_certs) + install -d -m 0755 $(DESTDIR)$(private_certbase) set -e ;\ - umask 0644 ;\ - openssl x509 -in ca-crt.pem >$(DESTDIR)$(certbase)-ca.crt ;\ + umask 022 ;\ for p in *-crt.pem; do \ - openssl x509 -in $$p > $(DESTDIR)$(certbase)-$$p; \ + openssl x509 -in $$p > $(DESTDIR)$(certbase)/schlittermann-$$(basename $$p -crt.pem).crt ;\ + openssl x509 -in $$p >> $(DESTDIR)$(certbase)/schlittermann-ca.pem ;\ done - -uninstall: - -rm -f $(DESTDIR)$(cert) - -rmdir -p $(DESTDIR)`dirname $(cert)` + cp ${certbase}/schlittermann-ca.pem $(DESTDIR)${etc_ssl_certs}/schlittermann-ca.pem diff -r 34964c339a31 -r 75c45a13ac8c ca-crt.pem --- a/ca-crt.pem Mon Nov 09 12:41:00 2015 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,68 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - a9:08:b2:d7:76:b4:ce:92 - Signature Algorithm: md5WithRSAEncryption - Issuer: C=DE, ST=Saxony, L=Dresden, O=schlittermann -- internet & unix support, OU=CA, CN=Heiko Schlittermann/emailAddress=hs@schlittermann.de - Validity - Not Before: Jan 19 18:36:30 2005 GMT - Not After : Jan 2 18:36:30 2016 GMT - Subject: C=DE, ST=Saxony, L=Dresden, O=schlittermann -- internet & unix support, OU=CA, CN=Heiko Schlittermann/emailAddress=hs@schlittermann.de - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:e2:1e:85:56:0b:2e:44:19:25:94:1a:06:04:3a: - 46:4e:ac:d6:01:72:e4:10:db:8e:db:7e:b5:70:da: - b7:09:bd:7a:1e:62:2b:d7:3e:32:fe:4f:83:bf:68: - e1:aa:eb:77:4e:50:f4:64:42:82:09:2d:cc:59:61: - 7c:65:b6:99:93:5b:85:7e:7a:83:bd:01:10:8d:51: - bd:ee:90:5e:b4:38:a8:ad:2d:25:1f:f2:7a:32:2d: - 1a:d5:a2:74:7e:07:a4:06:7f:0a:91:db:31:29:81: - 3a:41:7d:92:18:f7:6a:2f:f2:8d:0a:9b:ad:e0:de: - 3c:d5:fa:c3:d4:9f:61:d6:2d - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 49:14:1B:C0:73:8A:19:4B:BA:E7:2C:49:A6:C8:AD:A8:0C:87:58:55 - X509v3 Authority Key Identifier: - keyid:49:14:1B:C0:73:8A:19:4B:BA:E7:2C:49:A6:C8:AD:A8:0C:87:58:55 - DirName:/C=DE/ST=Saxony/L=Dresden/O=schlittermann -- internet & unix support/OU=CA/CN=Heiko Schlittermann/emailAddress=hs@schlittermann.de - serial:A9:08:B2:D7:76:B4:CE:92 - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: md5WithRSAEncryption - a3:15:62:62:b3:e8:ae:84:3b:6e:af:ec:61:03:66:49:09:3a: - 17:25:ed:86:55:3d:57:ff:d9:3e:6a:a3:a9:63:6d:55:ce:ea: - 20:1f:bd:dd:93:a8:ed:94:30:66:8b:7a:c2:16:38:b0:10:f6: - b6:49:1a:05:ad:23:2b:3e:4c:10:dc:fa:0e:9a:de:5b:9c:77: - dd:85:9c:20:d0:fc:a4:52:07:df:ce:80:96:01:4b:3c:db:85: - 11:62:f7:3a:22:fb:b0:cc:9c:b0:65:70:51:e3:9a:70:3a:6c: - 10:48:b2:30:f1:39:88:b0:3f:e7:28:8f:f0:22:48:87:18:b2: - 62:ec ------BEGIN CERTIFICATE----- -MIIEATCCA2qgAwIBAgIJAKkIstd2tM6SMA0GCSqGSIb3DQEBBAUAMIGyMQswCQYD -VQQGEwJERTEPMA0GA1UECBMGU2F4b255MRAwDgYDVQQHEwdEcmVzZGVuMTEwLwYD -VQQKFChzY2hsaXR0ZXJtYW5uIC0tIGludGVybmV0ICYgdW5peCBzdXBwb3J0MQsw -CQYDVQQLEwJDQTEcMBoGA1UEAxMTSGVpa28gU2NobGl0dGVybWFubjEiMCAGCSqG -SIb3DQEJARYTaHNAc2NobGl0dGVybWFubi5kZTAeFw0wNTAxMTkxODM2MzBaFw0x -NjAxMDIxODM2MzBaMIGyMQswCQYDVQQGEwJERTEPMA0GA1UECBMGU2F4b255MRAw -DgYDVQQHEwdEcmVzZGVuMTEwLwYDVQQKFChzY2hsaXR0ZXJtYW5uIC0tIGludGVy -bmV0ICYgdW5peCBzdXBwb3J0MQswCQYDVQQLEwJDQTEcMBoGA1UEAxMTSGVpa28g -U2NobGl0dGVybWFubjEiMCAGCSqGSIb3DQEJARYTaHNAc2NobGl0dGVybWFubi5k -ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4h6FVgsuRBkllBoGBDpGTqzW -AXLkENuO2361cNq3Cb16HmIr1z4y/k+Dv2jhqut3TlD0ZEKCCS3MWWF8ZbaZk1uF -fnqDvQEQjVG97pBetDiorS0lH/J6Mi0a1aJ0fgekBn8KkdsxKYE6QX2SGPdqL/KN -Cput4N481frD1J9h1i0CAwEAAaOCARswggEXMB0GA1UdDgQWBBRJFBvAc4oZS7rn -LEmmyK2oDIdYVTCB5wYDVR0jBIHfMIHcgBRJFBvAc4oZS7rnLEmmyK2oDIdYVaGB -uKSBtTCBsjELMAkGA1UEBhMCREUxDzANBgNVBAgTBlNheG9ueTEQMA4GA1UEBxMH -RHJlc2RlbjExMC8GA1UEChQoc2NobGl0dGVybWFubiAtLSBpbnRlcm5ldCAmIHVu -aXggc3VwcG9ydDELMAkGA1UECxMCQ0ExHDAaBgNVBAMTE0hlaWtvIFNjaGxpdHRl -cm1hbm4xIjAgBgkqhkiG9w0BCQEWE2hzQHNjaGxpdHRlcm1hbm4uZGWCCQCpCLLX -drTOkjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAKMVYmKz6K6EO26v -7GEDZkkJOhcl7YZVPVf/2T5qo6ljbVXO6iAfvd2TqO2UMGaLesIWOLAQ9rZJGgWt -Iys+TBDc+g6a3lucd92FnCDQ/KRSB9/OgJYBSzzbhRFi9zoi+7DMnLBlcFHjmnA6 -bBBIsjDxOYiwP+coj/AiSIcYsmLs ------END CERTIFICATE----- diff -r 34964c339a31 -r 75c45a13ac8c ca2-crt.pem --- a/ca2-crt.pem Mon Nov 09 12:41:00 2015 +0100 +++ b/ca2-crt.pem Mon Nov 09 21:51:46 2015 +0100 @@ -1,3 +1,93 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 13065174099466629619 (0xb550d29f0757b1f3) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=DE, ST=Saxony, L=Dresden, O=schlittermann - internet & unix support, OU=Certificate Authority 2, CN=CA2 + Validity + Not Before: Oct 15 10:21:34 2010 GMT + Not After : Jun 6 10:21:34 2035 GMT + Subject: C=DE, ST=Saxony, L=Dresden, O=schlittermann - internet & unix support, OU=Certificate Authority 2, CN=CA2 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:bc:fd:4e:af:71:e7:0f:ac:21:82:0f:77:4b:7c: + 0a:07:d4:49:79:68:56:31:4c:53:7e:92:6b:96:fa: + a8:07:f5:10:dc:83:f0:10:d0:53:77:08:11:ae:a9: + 18:e5:30:d5:7e:2d:da:78:03:03:c1:b3:d9:35:9a: + 20:8b:ee:86:99:69:93:b8:b3:8a:a9:13:24:13:a7: + 00:f2:7f:30:8a:bc:bd:b9:c1:4f:ed:fd:f6:d6:7e: + f8:12:39:da:f3:9d:67:23:90:89:8d:df:51:54:4d: + 2f:86:ba:68:15:e3:d1:c0:ce:21:fe:2b:ab:44:ce: + 94:5b:43:9d:18:48:cb:cc:40:71:91:c4:93:e2:69: + 2a:21:56:42:f3:c3:0e:5d:57:ec:60:53:6e:b6:31: + 2b:74:98:74:89:70:49:31:9f:7e:89:ce:06:99:73: + 2b:73:0c:7e:bb:1b:c5:f1:68:b2:f4:20:95:1f:dc: + 56:90:32:1f:52:3e:97:9c:10:99:e5:73:34:1f:d3: + f6:ea:d9:41:77:69:f6:42:c3:17:9b:6a:18:ef:c2: + 87:f0:d6:af:69:0d:3c:c6:1f:5f:35:f8:c5:dd:32: + ab:f5:7a:cc:02:a1:ca:a8:76:2c:c2:51:0d:cc:16: + 77:74:48:14:bc:1d:dd:a2:ad:46:99:a5:de:f2:eb: + 6a:a0:92:55:f8:5c:05:98:b6:91:a2:57:6e:33:e0: + 68:7b:2b:de:91:08:7d:4d:7c:44:ac:1a:2d:f4:23: + 52:35:5b:b4:66:68:20:b4:da:d7:57:eb:9f:84:51: + 19:73:1b:01:de:f7:ca:fd:70:a5:b7:81:51:89:71: + 70:14:91:87:62:df:03:74:00:61:2c:8f:07:ee:a4: + e2:a5:93:6d:26:30:33:e2:4b:e4:fb:ef:0f:af:e6: + e7:63:75:ce:83:71:53:47:74:63:5a:91:19:31:52: + c8:37:5c:1a:ab:5f:cf:02:87:22:c7:f7:b1:fa:17: + 6a:da:d2:04:02:24:10:fe:e3:09:a7:4d:24:0b:fb: + f3:5a:b7:e7:6e:1e:1e:3b:e5:94:0c:db:b0:d4:1e: + 15:c0:b9:8e:87:40:22:cb:59:8d:6e:f7:ec:6c:91: + f0:a8:7e:fd:dc:e7:00:30:de:be:4c:6f:e9:a8:43: + 06:84:21:58:f5:64:e3:0e:95:46:e5:26:33:4b:67: + 2f:5c:4f:82:89:f0:ac:25:74:a8:58:84:d0:af:d7: + 4b:5c:37:d0:72:8f:07:26:d4:03:e8:ff:b0:2d:8f: + 15:7a:0b:4b:8f:44:d3:32:7b:1d:d0:00:c4:2f:41: + cb:3f:4e:cd:13:42:a2:b4:6a:59:fd:ee:b5:15:6f: + 78:86:75 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 93:32:78:F5:98:C3:46:B1:FF:45:1B:C8:E9:DC:48:52:47:32:4A:7F + X509v3 Authority Key Identifier: + keyid:93:32:78:F5:98:C3:46:B1:FF:45:1B:C8:E9:DC:48:52:47:32:4A:7F + DirName:/C=DE/ST=Saxony/L=Dresden/O=schlittermann - internet & unix support/OU=Certificate Authority 2/CN=CA2 + serial:B5:50:D2:9F:07:57:B1:F3 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + 4c:e3:77:89:94:37:3d:bc:90:56:8b:8f:94:1f:47:02:75:f2: + 0f:03:ae:ec:ca:fa:fe:86:7c:89:79:e3:70:0b:f0:b8:f7:ce: + 2f:3d:5b:d4:15:cb:47:e4:47:bb:a3:6c:13:cb:0f:e6:80:b3: + d9:11:8a:f2:83:2b:d8:7b:56:ab:e0:50:f0:a8:8c:ac:e5:be: + 49:de:e0:30:9a:f8:b2:16:3a:c1:5f:97:1f:11:e5:3a:ab:af: + dc:56:b9:f6:2d:d4:da:78:97:fb:4c:58:70:cd:a1:5b:85:0f: + ca:db:eb:9d:39:29:e6:e4:c6:e7:1b:1e:a1:ac:eb:bc:e7:2d: + 3a:ed:1c:1c:dd:49:92:cc:9b:c3:37:fb:7a:70:72:aa:ff:ba: + 47:02:fd:04:64:d5:98:6e:98:63:ad:72:75:be:a0:09:46:81: + b5:16:69:b6:8e:1d:4b:ac:f2:18:dc:21:13:b0:9f:74:7c:01: + c0:00:38:1f:b1:ab:91:2d:38:60:6d:ae:6e:90:b4:3b:ec:39: + 6e:d4:56:c9:10:16:6e:da:8f:8e:55:e3:bc:c7:55:e7:30:5d: + 52:f7:38:f4:d0:09:87:fc:d0:0e:01:38:06:1d:3e:33:f0:01: + e8:a0:0a:2a:ac:55:e2:99:9e:d1:f4:d7:d0:5b:7c:d4:67:e6: + c3:d8:c0:f8:53:58:90:01:25:a3:63:e8:a9:60:31:d1:61:cc: + 82:fa:cf:49:b4:84:71:52:f0:c4:f7:63:74:5b:08:68:3c:da: + 3e:99:f7:66:21:90:53:a4:ff:38:4b:aa:b2:a4:cc:36:ce:d9: + 08:5c:13:8f:1c:ba:c2:9a:21:5d:c2:09:02:bd:ca:d8:56:af: + 29:d8:f8:27:a1:e2:9f:2f:43:7c:32:90:cf:0b:5a:9b:d3:a9: + a4:79:57:46:c9:1e:77:b4:4e:ec:d8:3a:1e:d1:b0:13:30:bf: + b7:70:6f:a8:24:c4:05:35:2b:31:98:1e:0b:f5:5b:48:fb:c9: + 46:eb:ed:fe:fd:76:ba:d0:95:9a:6b:9a:39:5b:02:69:90:b5: + 65:95:d6:f2:d4:8e:4b:a0:48:de:c6:6f:52:7b:64:69:fb:fe: + 1e:05:e8:7a:ae:3d:93:71:74:ec:89:52:af:b0:d3:53:a5:3d: + 05:86:41:bf:48:07:c6:8d:f9:55:8a:b7:d7:7a:4d:cf:81:8e: + 9f:f1:ad:81:18:89:20:7a:90:3d:1b:6e:97:2a:c4:a1:23:a4: + f9:85:d5:b7:f8:05:b9:d9:c2:40:cf:85:4f:3b:64:4c:dc:b3: + 09:f9:af:fb:e9:30:08:24:de:20:e1:39:6f:d7:1b:7e:c3:2a: + 3e:76:1c:79:ca:50:b2:03 -----BEGIN CERTIFICATE----- MIIGpDCCBIygAwIBAgIJALVQ0p8HV7HzMA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD VQQGEwJERTEPMA0GA1UECBMGU2F4b255MRAwDgYDVQQHEwdEcmVzZGVuMTAwLgYD diff -r 34964c339a31 -r 75c45a13ac8c ca2.1-crt.pem --- a/ca2.1-crt.pem Mon Nov 09 12:41:00 2015 +0100 +++ b/ca2.1-crt.pem Mon Nov 09 21:51:46 2015 +0100 @@ -2,7 +2,7 @@ Data: Version: 3 (0x2) Serial Number: 447 (0x1bf) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha1WithRSAEncryption Issuer: C=DE, ST=Saxony, L=Dresden, O=schlittermann - internet & unix support, OU=Certificate Authority 2, CN=CA2 Validity Not Before: Oct 15 10:28:07 2010 GMT @@ -10,8 +10,8 @@ Subject: C=DE, ST=Saxony, O=schlittermann - internet & unix support, OU=Certificate Authority 2.1, CN=CA2.1 Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): + Public-Key: (1024 bit) + Modulus: 00:c1:1b:27:b0:9f:09:f8:57:df:cc:04:c6:2a:50: 3a:37:3a:35:54:bf:9d:4f:05:25:bd:b3:c8:82:78: 66:f8:a7:47:2c:44:58:c2:8b:ca:90:42:94:81:15: @@ -33,35 +33,35 @@ X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha1WithRSAEncryption - 1f:6a:01:82:c5:38:96:94:95:df:99:64:42:df:82:4b:76:a9: - 54:52:c8:f7:34:ad:38:4d:c4:f3:35:59:71:6e:79:fa:ac:39: - 86:14:af:eb:d8:68:08:ad:57:91:63:48:b4:fd:43:a6:ea:5f: - 98:d4:38:f0:3e:d6:d8:b6:24:bc:01:58:b1:33:be:74:72:38: - 80:1c:ff:cb:7e:86:b7:49:b6:cc:6f:1e:23:a9:40:0d:51:7c: - ea:de:b3:d3:2d:df:67:15:86:df:59:2f:13:a4:c5:9a:f7:47: - b5:4a:f7:7b:09:b3:ee:9e:b0:2f:de:05:e4:6a:2d:67:92:65: - 5e:2f:b5:fc:d8:e0:27:3a:27:bd:3f:2a:55:4a:86:e2:8f:85: - 7b:31:51:d4:b6:a4:9e:2d:9f:75:96:26:15:c1:8c:a3:72:2e: - 20:c3:48:1e:65:fd:8b:6b:a6:c2:aa:97:f8:cb:2c:18:28:6c: - 2c:2e:b6:a6:00:1d:f9:93:c6:cf:d1:b9:5d:43:c2:7b:6d:b8: - 17:5a:9c:ec:18:0e:96:a7:09:22:09:2c:2a:7e:91:9b:17:d6: - 47:d7:13:da:f8:69:81:fb:98:b1:79:b7:bc:14:a9:f2:37:5a: - 0f:98:ef:1b:15:aa:40:d8:df:1b:b9:84:93:b3:78:78:c5:7a: - 55:d2:5c:58:19:4b:54:cc:4c:98:9e:2c:1a:63:eb:19:8c:58: - 53:1f:5a:e8:e7:e8:09:aa:d5:e8:41:db:c9:0e:68:6c:1f:0e: - 38:f6:1a:cd:c2:62:01:78:7f:51:ad:88:1b:5a:bd:e0:24:ea: - 3a:cc:e3:0d:35:a9:fa:20:ff:57:42:c1:de:78:1d:af:5f:14: - d7:69:ca:80:b4:a1:ba:60:29:bd:4e:62:3d:0d:98:1d:b9:2d: - e2:14:ec:38:49:33:96:e2:14:00:5c:9a:61:87:82:0c:72:d3: - 60:98:fc:35:32:45:b3:f1:b9:84:38:21:d0:47:4e:26:ef:3b: - 1d:e0:20:51:2e:5a:c4:20:bf:ff:7e:33:49:d4:17:27:36:05: - 40:b6:16:9b:49:60:4a:1c:3d:1f:5c:e5:04:51:91:d5:38:a3: - d4:04:99:7c:62:58:6e:2e:e3:d1:75:0d:3a:2a:55:d6:76:3c: - 1d:25:d6:29:40:64:07:60:53:eb:ca:ba:31:8f:5c:40:be:3f: - a9:f4:10:3e:85:a4:56:1a:0b:e3:35:d9:51:b0:b9:a6:70:65: - ce:81:63:98:c0:a9:e3:a4:d2:07:55:20:d7:62:a9:d1:43:15: - 5c:df:19:25:8b:25:90:c9:11:b4:f6:80:d2:97:b6:27:d1:bd: - b7:40:a9:7b:66:ad:49:a0 + 1f:6a:01:82:c5:38:96:94:95:df:99:64:42:df:82:4b:76:a9: + 54:52:c8:f7:34:ad:38:4d:c4:f3:35:59:71:6e:79:fa:ac:39: + 86:14:af:eb:d8:68:08:ad:57:91:63:48:b4:fd:43:a6:ea:5f: + 98:d4:38:f0:3e:d6:d8:b6:24:bc:01:58:b1:33:be:74:72:38: + 80:1c:ff:cb:7e:86:b7:49:b6:cc:6f:1e:23:a9:40:0d:51:7c: + ea:de:b3:d3:2d:df:67:15:86:df:59:2f:13:a4:c5:9a:f7:47: + b5:4a:f7:7b:09:b3:ee:9e:b0:2f:de:05:e4:6a:2d:67:92:65: + 5e:2f:b5:fc:d8:e0:27:3a:27:bd:3f:2a:55:4a:86:e2:8f:85: + 7b:31:51:d4:b6:a4:9e:2d:9f:75:96:26:15:c1:8c:a3:72:2e: + 20:c3:48:1e:65:fd:8b:6b:a6:c2:aa:97:f8:cb:2c:18:28:6c: + 2c:2e:b6:a6:00:1d:f9:93:c6:cf:d1:b9:5d:43:c2:7b:6d:b8: + 17:5a:9c:ec:18:0e:96:a7:09:22:09:2c:2a:7e:91:9b:17:d6: + 47:d7:13:da:f8:69:81:fb:98:b1:79:b7:bc:14:a9:f2:37:5a: + 0f:98:ef:1b:15:aa:40:d8:df:1b:b9:84:93:b3:78:78:c5:7a: + 55:d2:5c:58:19:4b:54:cc:4c:98:9e:2c:1a:63:eb:19:8c:58: + 53:1f:5a:e8:e7:e8:09:aa:d5:e8:41:db:c9:0e:68:6c:1f:0e: + 38:f6:1a:cd:c2:62:01:78:7f:51:ad:88:1b:5a:bd:e0:24:ea: + 3a:cc:e3:0d:35:a9:fa:20:ff:57:42:c1:de:78:1d:af:5f:14: + d7:69:ca:80:b4:a1:ba:60:29:bd:4e:62:3d:0d:98:1d:b9:2d: + e2:14:ec:38:49:33:96:e2:14:00:5c:9a:61:87:82:0c:72:d3: + 60:98:fc:35:32:45:b3:f1:b9:84:38:21:d0:47:4e:26:ef:3b: + 1d:e0:20:51:2e:5a:c4:20:bf:ff:7e:33:49:d4:17:27:36:05: + 40:b6:16:9b:49:60:4a:1c:3d:1f:5c:e5:04:51:91:d5:38:a3: + d4:04:99:7c:62:58:6e:2e:e3:d1:75:0d:3a:2a:55:d6:76:3c: + 1d:25:d6:29:40:64:07:60:53:eb:ca:ba:31:8f:5c:40:be:3f: + a9:f4:10:3e:85:a4:56:1a:0b:e3:35:d9:51:b0:b9:a6:70:65: + ce:81:63:98:c0:a9:e3:a4:d2:07:55:20:d7:62:a9:d1:43:15: + 5c:df:19:25:8b:25:90:c9:11:b4:f6:80:d2:97:b6:27:d1:bd: + b7:40:a9:7b:66:ad:49:a0 -----BEGIN CERTIFICATE----- MIIFCzCCAvOgAwIBAgICAb8wDQYJKoZIhvcNAQEFBQAwgZIxCzAJBgNVBAYTAkRF MQ8wDQYDVQQIEwZTYXhvbnkxEDAOBgNVBAcTB0RyZXNkZW4xMDAuBgNVBAoUJ3Nj diff -r 34964c339a31 -r 75c45a13ac8c ca2005-crt.pem --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/ca2005-crt.pem Mon Nov 09 21:51:46 2015 +0100 @@ -0,0 +1,68 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + a9:08:b2:d7:76:b4:ce:92 + Signature Algorithm: md5WithRSAEncryption + Issuer: C=DE, ST=Saxony, L=Dresden, O=schlittermann -- internet & unix support, OU=CA, CN=Heiko Schlittermann/emailAddress=hs@schlittermann.de + Validity + Not Before: Jan 19 18:36:30 2005 GMT + Not After : Jan 2 18:36:30 2016 GMT + Subject: C=DE, ST=Saxony, L=Dresden, O=schlittermann -- internet & unix support, OU=CA, CN=Heiko Schlittermann/emailAddress=hs@schlittermann.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:e2:1e:85:56:0b:2e:44:19:25:94:1a:06:04:3a: + 46:4e:ac:d6:01:72:e4:10:db:8e:db:7e:b5:70:da: + b7:09:bd:7a:1e:62:2b:d7:3e:32:fe:4f:83:bf:68: + e1:aa:eb:77:4e:50:f4:64:42:82:09:2d:cc:59:61: + 7c:65:b6:99:93:5b:85:7e:7a:83:bd:01:10:8d:51: + bd:ee:90:5e:b4:38:a8:ad:2d:25:1f:f2:7a:32:2d: + 1a:d5:a2:74:7e:07:a4:06:7f:0a:91:db:31:29:81: + 3a:41:7d:92:18:f7:6a:2f:f2:8d:0a:9b:ad:e0:de: + 3c:d5:fa:c3:d4:9f:61:d6:2d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 49:14:1B:C0:73:8A:19:4B:BA:E7:2C:49:A6:C8:AD:A8:0C:87:58:55 + X509v3 Authority Key Identifier: + keyid:49:14:1B:C0:73:8A:19:4B:BA:E7:2C:49:A6:C8:AD:A8:0C:87:58:55 + DirName:/C=DE/ST=Saxony/L=Dresden/O=schlittermann -- internet & unix support/OU=CA/CN=Heiko Schlittermann/emailAddress=hs@schlittermann.de + serial:A9:08:B2:D7:76:B4:CE:92 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: md5WithRSAEncryption + a3:15:62:62:b3:e8:ae:84:3b:6e:af:ec:61:03:66:49:09:3a: + 17:25:ed:86:55:3d:57:ff:d9:3e:6a:a3:a9:63:6d:55:ce:ea: + 20:1f:bd:dd:93:a8:ed:94:30:66:8b:7a:c2:16:38:b0:10:f6: + b6:49:1a:05:ad:23:2b:3e:4c:10:dc:fa:0e:9a:de:5b:9c:77: + dd:85:9c:20:d0:fc:a4:52:07:df:ce:80:96:01:4b:3c:db:85: + 11:62:f7:3a:22:fb:b0:cc:9c:b0:65:70:51:e3:9a:70:3a:6c: + 10:48:b2:30:f1:39:88:b0:3f:e7:28:8f:f0:22:48:87:18:b2: + 62:ec +-----BEGIN CERTIFICATE----- +MIIEATCCA2qgAwIBAgIJAKkIstd2tM6SMA0GCSqGSIb3DQEBBAUAMIGyMQswCQYD +VQQGEwJERTEPMA0GA1UECBMGU2F4b255MRAwDgYDVQQHEwdEcmVzZGVuMTEwLwYD +VQQKFChzY2hsaXR0ZXJtYW5uIC0tIGludGVybmV0ICYgdW5peCBzdXBwb3J0MQsw +CQYDVQQLEwJDQTEcMBoGA1UEAxMTSGVpa28gU2NobGl0dGVybWFubjEiMCAGCSqG +SIb3DQEJARYTaHNAc2NobGl0dGVybWFubi5kZTAeFw0wNTAxMTkxODM2MzBaFw0x +NjAxMDIxODM2MzBaMIGyMQswCQYDVQQGEwJERTEPMA0GA1UECBMGU2F4b255MRAw +DgYDVQQHEwdEcmVzZGVuMTEwLwYDVQQKFChzY2hsaXR0ZXJtYW5uIC0tIGludGVy +bmV0ICYgdW5peCBzdXBwb3J0MQswCQYDVQQLEwJDQTEcMBoGA1UEAxMTSGVpa28g +U2NobGl0dGVybWFubjEiMCAGCSqGSIb3DQEJARYTaHNAc2NobGl0dGVybWFubi5k +ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4h6FVgsuRBkllBoGBDpGTqzW +AXLkENuO2361cNq3Cb16HmIr1z4y/k+Dv2jhqut3TlD0ZEKCCS3MWWF8ZbaZk1uF +fnqDvQEQjVG97pBetDiorS0lH/J6Mi0a1aJ0fgekBn8KkdsxKYE6QX2SGPdqL/KN +Cput4N481frD1J9h1i0CAwEAAaOCARswggEXMB0GA1UdDgQWBBRJFBvAc4oZS7rn +LEmmyK2oDIdYVTCB5wYDVR0jBIHfMIHcgBRJFBvAc4oZS7rnLEmmyK2oDIdYVaGB +uKSBtTCBsjELMAkGA1UEBhMCREUxDzANBgNVBAgTBlNheG9ueTEQMA4GA1UEBxMH +RHJlc2RlbjExMC8GA1UEChQoc2NobGl0dGVybWFubiAtLSBpbnRlcm5ldCAmIHVu +aXggc3VwcG9ydDELMAkGA1UECxMCQ0ExHDAaBgNVBAMTE0hlaWtvIFNjaGxpdHRl +cm1hbm4xIjAgBgkqhkiG9w0BCQEWE2hzQHNjaGxpdHRlcm1hbm4uZGWCCQCpCLLX +drTOkjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAKMVYmKz6K6EO26v +7GEDZkkJOhcl7YZVPVf/2T5qo6ljbVXO6iAfvd2TqO2UMGaLesIWOLAQ9rZJGgWt +Iys+TBDc+g6a3lucd92FnCDQ/KRSB9/OgJYBSzzbhRFi9zoi+7DMnLBlcFHjmnA6 +bBBIsjDxOYiwP+coj/AiSIcYsmLs +-----END CERTIFICATE----- diff -r 34964c339a31 -r 75c45a13ac8c ca2015-crt.pem --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/ca2015-crt.pem Mon Nov 09 21:51:46 2015 +0100 @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGEzCCA/ugAwIBAgIJANihrI2GJzpdMA0GCSqGSIb3DQEBCwUAMIGfMQswCQYD +VQQGEwJERTEQMA4GA1UECAwHU2FjaHNlbjEQMA4GA1UEBwwHRHJlc2RlbjEWMBQG +A1UECgwNU2NobGl0dGVybWFubjEeMBwGA1UECwwVQ2VydGlmaWNhdGUgQXV0aG9y +aXR5MRAwDgYDVQQDDAdDQSAyMDE2MSIwIAYJKoZIhvcNAQkBFhNjYUBzY2hsaXR0 +ZXJtYW5uLmRlMB4XDTE1MTEwOTExMTE1MloXDTM1MDcyMzExMTE1MlowgZ8xCzAJ +BgNVBAYTAkRFMRAwDgYDVQQIDAdTYWNoc2VuMRAwDgYDVQQHDAdEcmVzZGVuMRYw +FAYDVQQKDA1TY2hsaXR0ZXJtYW5uMR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRo +b3JpdHkxEDAOBgNVBAMMB0NBIDIwMTYxIjAgBgkqhkiG9w0BCQEWE2NhQHNjaGxp +dHRlcm1hbm4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDu99lm +FnrErdMLgZ9U1/T+fmq5t3qD8VCBrGUzin8ivAZ17PQ+5oGPwIxkNvRY7ZJYqqqa +E3UeD/RWjoXRMyzyEgqkwHLnIevwUJf7nyDgv/b0FeIEqVZICGuZzLzux5DeO1Fe +nNbSPeklwr3MtP63FgvZQVlst/F/zow2eyGHjSr5J9o+bkApG1MXjazwVFJS3oVh +JJRZnqgA0VrJA7JHSTVuQSfs0bq0y+vksRDchD4mvMNWKIkraFg8cYPa4qSQsev1 +d6ajYslqimJUWRlQwppFLoYVnod9BWqbhWCjpaBuStMsVRM/YujeRjqXEUCiuooU +XogGzOND0lXMqTR1FIMP6gxTXfhEKqx27wnG3aRaXl7OzyfWc30xJKJytuVwdY37 +SbyWGeXHoRFKJKIOhRzEqSv1mwI6EHxMSbPGM84rEDj72wcumQmlqgzG3Jvyqe/c ++I3n/O9isqwTmWFEk9HpJ/OYQGIxVwAPt54gMtY+izMvO9uVW2v8WhaSTf6OhhrC +50HPLLa1MYrRgq2wlJNOo15fiHf5o08Zn39x0TDMDp5oSBnOIxOS8vI8lHiGI/Ea +eOokqULIzWDo9HlOLSyjJVQCFj+uxcQDqEyArj6WIwSzD8/EE/w79O9CpXZB+ghY +lUqeUR5tzTwJXF/WgatZz+8yGWDwVBQYcxk3xQIDAQABo1AwTjAdBgNVHQ4EFgQU +uiIQt838h/3EJ5RRiUD5JMSgxcQwHwYDVR0jBBgwFoAUuiIQt838h/3EJ5RRiUD5 +JMSgxcQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEACcpKbeW4L6w4 +9PfPYtweqA85GKGOnDBAmusJusMGIAlieRd9fblvpYlRzB3m/Gkyjm7si0F4b74J +yuixvyEW5idOoqMVgHJ4R9yqRt4ChJMeTKUVx8AgK89qBOAsTknE5KctKMZcGC8N +6ZptAcl5N+/IFtCFGz2IBVZTCDUz8mUmQPjfmPploOo5+qRhM9037HmSFo8hUd0G +LZx5Ivb32EcqAYwHF63q9gqu8XlZuRcDc6Z79h6eldH+mb/arrEH4mIe2itxgROl +uIfgNT6+5J5bAMf4oD0PgO55JUED7LeYoYMZxeW2GSiO1uGLpvEpZ4MvX5XRT2Ic +MD99CmAroQkndJaelkY+eb4aMncJiygu4NpLUfB+7rTnpFQ4BI2zVUcuxeZ49CQQ +ECpmBLjPyIAR4C/UFso+jxnBr4MJP7DV6Wr954+u1G35XZCHwzheIx5wpiSTun9a +AMQv4Pd4tHhUgtFlwU5QfiyhqhfZKXcCIUxK4aUrUFrMuZzqBtOk2FYu6DiuoKGf +PySnc106yTCjG/L9gHIJTvKBSFrCIRHuE56/s9q7mAWgQe4VlmBJ59cdhxVU12bn +Z/D9RoGoJ6MA0s5rH2CPP8nh1NA64RB5qMLMlJ36vcyynts/oGt82vbE8NXH1CpD +p9zSqn+XQ0Jj9I8B+fQQdDdTpNaWF2A= +-----END CERTIFICATE----- diff -r 34964c339a31 -r 75c45a13ac8c ca2016-crt.pem --- a/ca2016-crt.pem Mon Nov 09 12:41:00 2015 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,35 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIGEzCCA/ugAwIBAgIJANihrI2GJzpdMA0GCSqGSIb3DQEBCwUAMIGfMQswCQYD -VQQGEwJERTEQMA4GA1UECAwHU2FjaHNlbjEQMA4GA1UEBwwHRHJlc2RlbjEWMBQG -A1UECgwNU2NobGl0dGVybWFubjEeMBwGA1UECwwVQ2VydGlmaWNhdGUgQXV0aG9y -aXR5MRAwDgYDVQQDDAdDQSAyMDE2MSIwIAYJKoZIhvcNAQkBFhNjYUBzY2hsaXR0 -ZXJtYW5uLmRlMB4XDTE1MTEwOTExMTE1MloXDTM1MDcyMzExMTE1MlowgZ8xCzAJ -BgNVBAYTAkRFMRAwDgYDVQQIDAdTYWNoc2VuMRAwDgYDVQQHDAdEcmVzZGVuMRYw -FAYDVQQKDA1TY2hsaXR0ZXJtYW5uMR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRo -b3JpdHkxEDAOBgNVBAMMB0NBIDIwMTYxIjAgBgkqhkiG9w0BCQEWE2NhQHNjaGxp -dHRlcm1hbm4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDu99lm -FnrErdMLgZ9U1/T+fmq5t3qD8VCBrGUzin8ivAZ17PQ+5oGPwIxkNvRY7ZJYqqqa -E3UeD/RWjoXRMyzyEgqkwHLnIevwUJf7nyDgv/b0FeIEqVZICGuZzLzux5DeO1Fe -nNbSPeklwr3MtP63FgvZQVlst/F/zow2eyGHjSr5J9o+bkApG1MXjazwVFJS3oVh -JJRZnqgA0VrJA7JHSTVuQSfs0bq0y+vksRDchD4mvMNWKIkraFg8cYPa4qSQsev1 -d6ajYslqimJUWRlQwppFLoYVnod9BWqbhWCjpaBuStMsVRM/YujeRjqXEUCiuooU -XogGzOND0lXMqTR1FIMP6gxTXfhEKqx27wnG3aRaXl7OzyfWc30xJKJytuVwdY37 -SbyWGeXHoRFKJKIOhRzEqSv1mwI6EHxMSbPGM84rEDj72wcumQmlqgzG3Jvyqe/c -+I3n/O9isqwTmWFEk9HpJ/OYQGIxVwAPt54gMtY+izMvO9uVW2v8WhaSTf6OhhrC -50HPLLa1MYrRgq2wlJNOo15fiHf5o08Zn39x0TDMDp5oSBnOIxOS8vI8lHiGI/Ea -eOokqULIzWDo9HlOLSyjJVQCFj+uxcQDqEyArj6WIwSzD8/EE/w79O9CpXZB+ghY -lUqeUR5tzTwJXF/WgatZz+8yGWDwVBQYcxk3xQIDAQABo1AwTjAdBgNVHQ4EFgQU -uiIQt838h/3EJ5RRiUD5JMSgxcQwHwYDVR0jBBgwFoAUuiIQt838h/3EJ5RRiUD5 -JMSgxcQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEACcpKbeW4L6w4 -9PfPYtweqA85GKGOnDBAmusJusMGIAlieRd9fblvpYlRzB3m/Gkyjm7si0F4b74J -yuixvyEW5idOoqMVgHJ4R9yqRt4ChJMeTKUVx8AgK89qBOAsTknE5KctKMZcGC8N -6ZptAcl5N+/IFtCFGz2IBVZTCDUz8mUmQPjfmPploOo5+qRhM9037HmSFo8hUd0G -LZx5Ivb32EcqAYwHF63q9gqu8XlZuRcDc6Z79h6eldH+mb/arrEH4mIe2itxgROl -uIfgNT6+5J5bAMf4oD0PgO55JUED7LeYoYMZxeW2GSiO1uGLpvEpZ4MvX5XRT2Ic -MD99CmAroQkndJaelkY+eb4aMncJiygu4NpLUfB+7rTnpFQ4BI2zVUcuxeZ49CQQ -ECpmBLjPyIAR4C/UFso+jxnBr4MJP7DV6Wr954+u1G35XZCHwzheIx5wpiSTun9a -AMQv4Pd4tHhUgtFlwU5QfiyhqhfZKXcCIUxK4aUrUFrMuZzqBtOk2FYu6DiuoKGf -PySnc106yTCjG/L9gHIJTvKBSFrCIRHuE56/s9q7mAWgQe4VlmBJ59cdhxVU12bn -Z/D9RoGoJ6MA0s5rH2CPP8nh1NA64RB5qMLMlJ36vcyynts/oGt82vbE8NXH1CpD -p9zSqn+XQ0Jj9I8B+fQQdDdTpNaWF2A= ------END CERTIFICATE----- diff -r 34964c339a31 -r 75c45a13ac8c debian/dirs --- a/debian/dirs Mon Nov 09 12:41:00 2015 +0100 +++ b/debian/dirs Mon Nov 09 21:51:46 2015 +0100 @@ -1,2 +1,3 @@ +etc usr/bin usr/sbin diff -r 34964c339a31 -r 75c45a13ac8c debian/postinst --- a/debian/postinst Mon Nov 09 12:41:00 2015 +0100 +++ b/debian/postinst Mon Nov 09 21:51:46 2015 +0100 @@ -19,27 +19,33 @@ CONF=/etc/ca-certificates.conf DIR=/usr/share/ca-certificates -CRTS=$DIR/schlittermann-ca* +CRTS=$DIR/schlittermann/*.crt hash() { openssl x509 -noout -in "$1" -hash; } case "$1" in configure) + # aus der ca-certificates.conf entfernen + tmp=`mktemp` + grep -v '^schlittermann-ca\.crt$' $CONF > $tmp + cp $tmp $CONF + rm -f $tmp + # zuerst mal gucken, ob's nicht zufällig schon in /etc/ssl/certs # mit rumliegt von früher for CRT in $CRTS; do CRT=$(basename $CRT) - HASH=`hash $DIR/$CRT` + HASH=`hash $DIR/$CRT 2>/dev/null || echo 0` echo "$DIR/$CRT: $HASH" for p in /etc/ssl/certs/*.crt; do - test -e "$p" || { rm -f "$p"; continue; } + test -e "$p" || { rm -f "$p"; continue; } # dangling symlinks test "$HASH" = `hash "$p"` || continue test -L "$p" || { rm -v "$p"; continue; } test `readlink "$p"` = "$DIR/$CRT" || { rm "$p"; continue; } done - grep -q "$CRT" "$CONF" || echo "$CRT" >> "$CONF" + grep -F -q "schlittermann/$CRT" "$CONF" || echo "schlittermann/$CRT" >> "$CONF" done update-ca-certificates diff -r 34964c339a31 -r 75c45a13ac8c debian/postrm --- a/debian/postrm Mon Nov 09 12:41:00 2015 +0100 +++ b/debian/postrm Mon Nov 09 21:51:46 2015 +0100 @@ -23,14 +23,18 @@ case "$1" in purge) - TMP=`tempfile` + TMP=`mktemp` grep -v "$CRT" <$CONF >$TMP - cat <$TMP >$CONF + cp $TMP $CONF rm $TMP update-ca-certificates --fresh ;; remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + tmp=`mktemp` + grep -F -v 'schlittermann-ca.crt' $CONF + cp $tmp $CONF + rm $tmp update-ca-certificates --fresh ;;