--- a/Makefile Mon Nov 09 12:41:00 2015 +0100
+++ b/Makefile Mon Nov 09 21:51:46 2015 +0100
@@ -1,5 +1,6 @@
prefix = /usr/local
+etc_ssl_certs = /etc/ssl/certs
share = $(prefix)/share
certbase = $(share)/ca-certificates/schlittermann
@@ -9,14 +10,13 @@
clean:
install: all
- install -d -m 0755 $(DESTDIR)`dirname $(certbase)`
+ install -d -m 0755 $(DESTDIR)$(certbase)
+ install -d -m 0755 $(DESTDIR)$(etc_ssl_certs)
+ install -d -m 0755 $(DESTDIR)$(private_certbase)
set -e ;\
- umask 0644 ;\
- openssl x509 -in ca-crt.pem >$(DESTDIR)$(certbase)-ca.crt ;\
+ umask 022 ;\
for p in *-crt.pem; do \
- openssl x509 -in $$p > $(DESTDIR)$(certbase)-$$p; \
+ openssl x509 -in $$p > $(DESTDIR)$(certbase)/schlittermann-$$(basename $$p -crt.pem).crt ;\
+ openssl x509 -in $$p >> $(DESTDIR)$(certbase)/schlittermann-ca.pem ;\
done
-
-uninstall:
- -rm -f $(DESTDIR)$(cert)
- -rmdir -p $(DESTDIR)`dirname $(cert)`
+ cp ${certbase}/schlittermann-ca.pem $(DESTDIR)${etc_ssl_certs}/schlittermann-ca.pem
--- a/ca-crt.pem Mon Nov 09 12:41:00 2015 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,68 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- a9:08:b2:d7:76:b4:ce:92
- Signature Algorithm: md5WithRSAEncryption
- Issuer: C=DE, ST=Saxony, L=Dresden, O=schlittermann -- internet & unix support, OU=CA, CN=Heiko Schlittermann/emailAddress=hs@schlittermann.de
- Validity
- Not Before: Jan 19 18:36:30 2005 GMT
- Not After : Jan 2 18:36:30 2016 GMT
- Subject: C=DE, ST=Saxony, L=Dresden, O=schlittermann -- internet & unix support, OU=CA, CN=Heiko Schlittermann/emailAddress=hs@schlittermann.de
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:e2:1e:85:56:0b:2e:44:19:25:94:1a:06:04:3a:
- 46:4e:ac:d6:01:72:e4:10:db:8e:db:7e:b5:70:da:
- b7:09:bd:7a:1e:62:2b:d7:3e:32:fe:4f:83:bf:68:
- e1:aa:eb:77:4e:50:f4:64:42:82:09:2d:cc:59:61:
- 7c:65:b6:99:93:5b:85:7e:7a:83:bd:01:10:8d:51:
- bd:ee:90:5e:b4:38:a8:ad:2d:25:1f:f2:7a:32:2d:
- 1a:d5:a2:74:7e:07:a4:06:7f:0a:91:db:31:29:81:
- 3a:41:7d:92:18:f7:6a:2f:f2:8d:0a:9b:ad:e0:de:
- 3c:d5:fa:c3:d4:9f:61:d6:2d
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 49:14:1B:C0:73:8A:19:4B:BA:E7:2C:49:A6:C8:AD:A8:0C:87:58:55
- X509v3 Authority Key Identifier:
- keyid:49:14:1B:C0:73:8A:19:4B:BA:E7:2C:49:A6:C8:AD:A8:0C:87:58:55
- DirName:/C=DE/ST=Saxony/L=Dresden/O=schlittermann -- internet & unix support/OU=CA/CN=Heiko Schlittermann/emailAddress=hs@schlittermann.de
- serial:A9:08:B2:D7:76:B4:CE:92
-
- X509v3 Basic Constraints:
- CA:TRUE
- Signature Algorithm: md5WithRSAEncryption
- a3:15:62:62:b3:e8:ae:84:3b:6e:af:ec:61:03:66:49:09:3a:
- 17:25:ed:86:55:3d:57:ff:d9:3e:6a:a3:a9:63:6d:55:ce:ea:
- 20:1f:bd:dd:93:a8:ed:94:30:66:8b:7a:c2:16:38:b0:10:f6:
- b6:49:1a:05:ad:23:2b:3e:4c:10:dc:fa:0e:9a:de:5b:9c:77:
- dd:85:9c:20:d0:fc:a4:52:07:df:ce:80:96:01:4b:3c:db:85:
- 11:62:f7:3a:22:fb:b0:cc:9c:b0:65:70:51:e3:9a:70:3a:6c:
- 10:48:b2:30:f1:39:88:b0:3f:e7:28:8f:f0:22:48:87:18:b2:
- 62:ec
------BEGIN CERTIFICATE-----
-MIIEATCCA2qgAwIBAgIJAKkIstd2tM6SMA0GCSqGSIb3DQEBBAUAMIGyMQswCQYD
-VQQGEwJERTEPMA0GA1UECBMGU2F4b255MRAwDgYDVQQHEwdEcmVzZGVuMTEwLwYD
-VQQKFChzY2hsaXR0ZXJtYW5uIC0tIGludGVybmV0ICYgdW5peCBzdXBwb3J0MQsw
-CQYDVQQLEwJDQTEcMBoGA1UEAxMTSGVpa28gU2NobGl0dGVybWFubjEiMCAGCSqG
-SIb3DQEJARYTaHNAc2NobGl0dGVybWFubi5kZTAeFw0wNTAxMTkxODM2MzBaFw0x
-NjAxMDIxODM2MzBaMIGyMQswCQYDVQQGEwJERTEPMA0GA1UECBMGU2F4b255MRAw
-DgYDVQQHEwdEcmVzZGVuMTEwLwYDVQQKFChzY2hsaXR0ZXJtYW5uIC0tIGludGVy
-bmV0ICYgdW5peCBzdXBwb3J0MQswCQYDVQQLEwJDQTEcMBoGA1UEAxMTSGVpa28g
-U2NobGl0dGVybWFubjEiMCAGCSqGSIb3DQEJARYTaHNAc2NobGl0dGVybWFubi5k
-ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4h6FVgsuRBkllBoGBDpGTqzW
-AXLkENuO2361cNq3Cb16HmIr1z4y/k+Dv2jhqut3TlD0ZEKCCS3MWWF8ZbaZk1uF
-fnqDvQEQjVG97pBetDiorS0lH/J6Mi0a1aJ0fgekBn8KkdsxKYE6QX2SGPdqL/KN
-Cput4N481frD1J9h1i0CAwEAAaOCARswggEXMB0GA1UdDgQWBBRJFBvAc4oZS7rn
-LEmmyK2oDIdYVTCB5wYDVR0jBIHfMIHcgBRJFBvAc4oZS7rnLEmmyK2oDIdYVaGB
-uKSBtTCBsjELMAkGA1UEBhMCREUxDzANBgNVBAgTBlNheG9ueTEQMA4GA1UEBxMH
-RHJlc2RlbjExMC8GA1UEChQoc2NobGl0dGVybWFubiAtLSBpbnRlcm5ldCAmIHVu
-aXggc3VwcG9ydDELMAkGA1UECxMCQ0ExHDAaBgNVBAMTE0hlaWtvIFNjaGxpdHRl
-cm1hbm4xIjAgBgkqhkiG9w0BCQEWE2hzQHNjaGxpdHRlcm1hbm4uZGWCCQCpCLLX
-drTOkjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAKMVYmKz6K6EO26v
-7GEDZkkJOhcl7YZVPVf/2T5qo6ljbVXO6iAfvd2TqO2UMGaLesIWOLAQ9rZJGgWt
-Iys+TBDc+g6a3lucd92FnCDQ/KRSB9/OgJYBSzzbhRFi9zoi+7DMnLBlcFHjmnA6
-bBBIsjDxOYiwP+coj/AiSIcYsmLs
------END CERTIFICATE-----
--- a/ca2-crt.pem Mon Nov 09 12:41:00 2015 +0100
+++ b/ca2-crt.pem Mon Nov 09 21:51:46 2015 +0100
@@ -1,3 +1,93 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 13065174099466629619 (0xb550d29f0757b1f3)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=DE, ST=Saxony, L=Dresden, O=schlittermann - internet & unix support, OU=Certificate Authority 2, CN=CA2
+ Validity
+ Not Before: Oct 15 10:21:34 2010 GMT
+ Not After : Jun 6 10:21:34 2035 GMT
+ Subject: C=DE, ST=Saxony, L=Dresden, O=schlittermann - internet & unix support, OU=Certificate Authority 2, CN=CA2
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (4096 bit)
+ Modulus:
+ 00:bc:fd:4e:af:71:e7:0f:ac:21:82:0f:77:4b:7c:
+ 0a:07:d4:49:79:68:56:31:4c:53:7e:92:6b:96:fa:
+ a8:07:f5:10:dc:83:f0:10:d0:53:77:08:11:ae:a9:
+ 18:e5:30:d5:7e:2d:da:78:03:03:c1:b3:d9:35:9a:
+ 20:8b:ee:86:99:69:93:b8:b3:8a:a9:13:24:13:a7:
+ 00:f2:7f:30:8a:bc:bd:b9:c1:4f:ed:fd:f6:d6:7e:
+ f8:12:39:da:f3:9d:67:23:90:89:8d:df:51:54:4d:
+ 2f:86:ba:68:15:e3:d1:c0:ce:21:fe:2b:ab:44:ce:
+ 94:5b:43:9d:18:48:cb:cc:40:71:91:c4:93:e2:69:
+ 2a:21:56:42:f3:c3:0e:5d:57:ec:60:53:6e:b6:31:
+ 2b:74:98:74:89:70:49:31:9f:7e:89:ce:06:99:73:
+ 2b:73:0c:7e:bb:1b:c5:f1:68:b2:f4:20:95:1f:dc:
+ 56:90:32:1f:52:3e:97:9c:10:99:e5:73:34:1f:d3:
+ f6:ea:d9:41:77:69:f6:42:c3:17:9b:6a:18:ef:c2:
+ 87:f0:d6:af:69:0d:3c:c6:1f:5f:35:f8:c5:dd:32:
+ ab:f5:7a:cc:02:a1:ca:a8:76:2c:c2:51:0d:cc:16:
+ 77:74:48:14:bc:1d:dd:a2:ad:46:99:a5:de:f2:eb:
+ 6a:a0:92:55:f8:5c:05:98:b6:91:a2:57:6e:33:e0:
+ 68:7b:2b:de:91:08:7d:4d:7c:44:ac:1a:2d:f4:23:
+ 52:35:5b:b4:66:68:20:b4:da:d7:57:eb:9f:84:51:
+ 19:73:1b:01:de:f7:ca:fd:70:a5:b7:81:51:89:71:
+ 70:14:91:87:62:df:03:74:00:61:2c:8f:07:ee:a4:
+ e2:a5:93:6d:26:30:33:e2:4b:e4:fb:ef:0f:af:e6:
+ e7:63:75:ce:83:71:53:47:74:63:5a:91:19:31:52:
+ c8:37:5c:1a:ab:5f:cf:02:87:22:c7:f7:b1:fa:17:
+ 6a:da:d2:04:02:24:10:fe:e3:09:a7:4d:24:0b:fb:
+ f3:5a:b7:e7:6e:1e:1e:3b:e5:94:0c:db:b0:d4:1e:
+ 15:c0:b9:8e:87:40:22:cb:59:8d:6e:f7:ec:6c:91:
+ f0:a8:7e:fd:dc:e7:00:30:de:be:4c:6f:e9:a8:43:
+ 06:84:21:58:f5:64:e3:0e:95:46:e5:26:33:4b:67:
+ 2f:5c:4f:82:89:f0:ac:25:74:a8:58:84:d0:af:d7:
+ 4b:5c:37:d0:72:8f:07:26:d4:03:e8:ff:b0:2d:8f:
+ 15:7a:0b:4b:8f:44:d3:32:7b:1d:d0:00:c4:2f:41:
+ cb:3f:4e:cd:13:42:a2:b4:6a:59:fd:ee:b5:15:6f:
+ 78:86:75
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 93:32:78:F5:98:C3:46:B1:FF:45:1B:C8:E9:DC:48:52:47:32:4A:7F
+ X509v3 Authority Key Identifier:
+ keyid:93:32:78:F5:98:C3:46:B1:FF:45:1B:C8:E9:DC:48:52:47:32:4A:7F
+ DirName:/C=DE/ST=Saxony/L=Dresden/O=schlittermann - internet & unix support/OU=Certificate Authority 2/CN=CA2
+ serial:B5:50:D2:9F:07:57:B1:F3
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 4c:e3:77:89:94:37:3d:bc:90:56:8b:8f:94:1f:47:02:75:f2:
+ 0f:03:ae:ec:ca:fa:fe:86:7c:89:79:e3:70:0b:f0:b8:f7:ce:
+ 2f:3d:5b:d4:15:cb:47:e4:47:bb:a3:6c:13:cb:0f:e6:80:b3:
+ d9:11:8a:f2:83:2b:d8:7b:56:ab:e0:50:f0:a8:8c:ac:e5:be:
+ 49:de:e0:30:9a:f8:b2:16:3a:c1:5f:97:1f:11:e5:3a:ab:af:
+ dc:56:b9:f6:2d:d4:da:78:97:fb:4c:58:70:cd:a1:5b:85:0f:
+ ca:db:eb:9d:39:29:e6:e4:c6:e7:1b:1e:a1:ac:eb:bc:e7:2d:
+ 3a:ed:1c:1c:dd:49:92:cc:9b:c3:37:fb:7a:70:72:aa:ff:ba:
+ 47:02:fd:04:64:d5:98:6e:98:63:ad:72:75:be:a0:09:46:81:
+ b5:16:69:b6:8e:1d:4b:ac:f2:18:dc:21:13:b0:9f:74:7c:01:
+ c0:00:38:1f:b1:ab:91:2d:38:60:6d:ae:6e:90:b4:3b:ec:39:
+ 6e:d4:56:c9:10:16:6e:da:8f:8e:55:e3:bc:c7:55:e7:30:5d:
+ 52:f7:38:f4:d0:09:87:fc:d0:0e:01:38:06:1d:3e:33:f0:01:
+ e8:a0:0a:2a:ac:55:e2:99:9e:d1:f4:d7:d0:5b:7c:d4:67:e6:
+ c3:d8:c0:f8:53:58:90:01:25:a3:63:e8:a9:60:31:d1:61:cc:
+ 82:fa:cf:49:b4:84:71:52:f0:c4:f7:63:74:5b:08:68:3c:da:
+ 3e:99:f7:66:21:90:53:a4:ff:38:4b:aa:b2:a4:cc:36:ce:d9:
+ 08:5c:13:8f:1c:ba:c2:9a:21:5d:c2:09:02:bd:ca:d8:56:af:
+ 29:d8:f8:27:a1:e2:9f:2f:43:7c:32:90:cf:0b:5a:9b:d3:a9:
+ a4:79:57:46:c9:1e:77:b4:4e:ec:d8:3a:1e:d1:b0:13:30:bf:
+ b7:70:6f:a8:24:c4:05:35:2b:31:98:1e:0b:f5:5b:48:fb:c9:
+ 46:eb:ed:fe:fd:76:ba:d0:95:9a:6b:9a:39:5b:02:69:90:b5:
+ 65:95:d6:f2:d4:8e:4b:a0:48:de:c6:6f:52:7b:64:69:fb:fe:
+ 1e:05:e8:7a:ae:3d:93:71:74:ec:89:52:af:b0:d3:53:a5:3d:
+ 05:86:41:bf:48:07:c6:8d:f9:55:8a:b7:d7:7a:4d:cf:81:8e:
+ 9f:f1:ad:81:18:89:20:7a:90:3d:1b:6e:97:2a:c4:a1:23:a4:
+ f9:85:d5:b7:f8:05:b9:d9:c2:40:cf:85:4f:3b:64:4c:dc:b3:
+ 09:f9:af:fb:e9:30:08:24:de:20:e1:39:6f:d7:1b:7e:c3:2a:
+ 3e:76:1c:79:ca:50:b2:03
-----BEGIN CERTIFICATE-----
MIIGpDCCBIygAwIBAgIJALVQ0p8HV7HzMA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGU2F4b255MRAwDgYDVQQHEwdEcmVzZGVuMTAwLgYD
--- a/ca2.1-crt.pem Mon Nov 09 12:41:00 2015 +0100
+++ b/ca2.1-crt.pem Mon Nov 09 21:51:46 2015 +0100
@@ -2,7 +2,7 @@
Data:
Version: 3 (0x2)
Serial Number: 447 (0x1bf)
- Signature Algorithm: sha1WithRSAEncryption
+ Signature Algorithm: sha1WithRSAEncryption
Issuer: C=DE, ST=Saxony, L=Dresden, O=schlittermann - internet & unix support, OU=Certificate Authority 2, CN=CA2
Validity
Not Before: Oct 15 10:28:07 2010 GMT
@@ -10,8 +10,8 @@
Subject: C=DE, ST=Saxony, O=schlittermann - internet & unix support, OU=Certificate Authority 2.1, CN=CA2.1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
+ Public-Key: (1024 bit)
+ Modulus:
00:c1:1b:27:b0:9f:09:f8:57:df:cc:04:c6:2a:50:
3a:37:3a:35:54:bf:9d:4f:05:25:bd:b3:c8:82:78:
66:f8:a7:47:2c:44:58:c2:8b:ca:90:42:94:81:15:
@@ -33,35 +33,35 @@
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
- 1f:6a:01:82:c5:38:96:94:95:df:99:64:42:df:82:4b:76:a9:
- 54:52:c8:f7:34:ad:38:4d:c4:f3:35:59:71:6e:79:fa:ac:39:
- 86:14:af:eb:d8:68:08:ad:57:91:63:48:b4:fd:43:a6:ea:5f:
- 98:d4:38:f0:3e:d6:d8:b6:24:bc:01:58:b1:33:be:74:72:38:
- 80:1c:ff:cb:7e:86:b7:49:b6:cc:6f:1e:23:a9:40:0d:51:7c:
- ea:de:b3:d3:2d:df:67:15:86:df:59:2f:13:a4:c5:9a:f7:47:
- b5:4a:f7:7b:09:b3:ee:9e:b0:2f:de:05:e4:6a:2d:67:92:65:
- 5e:2f:b5:fc:d8:e0:27:3a:27:bd:3f:2a:55:4a:86:e2:8f:85:
- 7b:31:51:d4:b6:a4:9e:2d:9f:75:96:26:15:c1:8c:a3:72:2e:
- 20:c3:48:1e:65:fd:8b:6b:a6:c2:aa:97:f8:cb:2c:18:28:6c:
- 2c:2e:b6:a6:00:1d:f9:93:c6:cf:d1:b9:5d:43:c2:7b:6d:b8:
- 17:5a:9c:ec:18:0e:96:a7:09:22:09:2c:2a:7e:91:9b:17:d6:
- 47:d7:13:da:f8:69:81:fb:98:b1:79:b7:bc:14:a9:f2:37:5a:
- 0f:98:ef:1b:15:aa:40:d8:df:1b:b9:84:93:b3:78:78:c5:7a:
- 55:d2:5c:58:19:4b:54:cc:4c:98:9e:2c:1a:63:eb:19:8c:58:
- 53:1f:5a:e8:e7:e8:09:aa:d5:e8:41:db:c9:0e:68:6c:1f:0e:
- 38:f6:1a:cd:c2:62:01:78:7f:51:ad:88:1b:5a:bd:e0:24:ea:
- 3a:cc:e3:0d:35:a9:fa:20:ff:57:42:c1:de:78:1d:af:5f:14:
- d7:69:ca:80:b4:a1:ba:60:29:bd:4e:62:3d:0d:98:1d:b9:2d:
- e2:14:ec:38:49:33:96:e2:14:00:5c:9a:61:87:82:0c:72:d3:
- 60:98:fc:35:32:45:b3:f1:b9:84:38:21:d0:47:4e:26:ef:3b:
- 1d:e0:20:51:2e:5a:c4:20:bf:ff:7e:33:49:d4:17:27:36:05:
- 40:b6:16:9b:49:60:4a:1c:3d:1f:5c:e5:04:51:91:d5:38:a3:
- d4:04:99:7c:62:58:6e:2e:e3:d1:75:0d:3a:2a:55:d6:76:3c:
- 1d:25:d6:29:40:64:07:60:53:eb:ca:ba:31:8f:5c:40:be:3f:
- a9:f4:10:3e:85:a4:56:1a:0b:e3:35:d9:51:b0:b9:a6:70:65:
- ce:81:63:98:c0:a9:e3:a4:d2:07:55:20:d7:62:a9:d1:43:15:
- 5c:df:19:25:8b:25:90:c9:11:b4:f6:80:d2:97:b6:27:d1:bd:
- b7:40:a9:7b:66:ad:49:a0
+ 1f:6a:01:82:c5:38:96:94:95:df:99:64:42:df:82:4b:76:a9:
+ 54:52:c8:f7:34:ad:38:4d:c4:f3:35:59:71:6e:79:fa:ac:39:
+ 86:14:af:eb:d8:68:08:ad:57:91:63:48:b4:fd:43:a6:ea:5f:
+ 98:d4:38:f0:3e:d6:d8:b6:24:bc:01:58:b1:33:be:74:72:38:
+ 80:1c:ff:cb:7e:86:b7:49:b6:cc:6f:1e:23:a9:40:0d:51:7c:
+ ea:de:b3:d3:2d:df:67:15:86:df:59:2f:13:a4:c5:9a:f7:47:
+ b5:4a:f7:7b:09:b3:ee:9e:b0:2f:de:05:e4:6a:2d:67:92:65:
+ 5e:2f:b5:fc:d8:e0:27:3a:27:bd:3f:2a:55:4a:86:e2:8f:85:
+ 7b:31:51:d4:b6:a4:9e:2d:9f:75:96:26:15:c1:8c:a3:72:2e:
+ 20:c3:48:1e:65:fd:8b:6b:a6:c2:aa:97:f8:cb:2c:18:28:6c:
+ 2c:2e:b6:a6:00:1d:f9:93:c6:cf:d1:b9:5d:43:c2:7b:6d:b8:
+ 17:5a:9c:ec:18:0e:96:a7:09:22:09:2c:2a:7e:91:9b:17:d6:
+ 47:d7:13:da:f8:69:81:fb:98:b1:79:b7:bc:14:a9:f2:37:5a:
+ 0f:98:ef:1b:15:aa:40:d8:df:1b:b9:84:93:b3:78:78:c5:7a:
+ 55:d2:5c:58:19:4b:54:cc:4c:98:9e:2c:1a:63:eb:19:8c:58:
+ 53:1f:5a:e8:e7:e8:09:aa:d5:e8:41:db:c9:0e:68:6c:1f:0e:
+ 38:f6:1a:cd:c2:62:01:78:7f:51:ad:88:1b:5a:bd:e0:24:ea:
+ 3a:cc:e3:0d:35:a9:fa:20:ff:57:42:c1:de:78:1d:af:5f:14:
+ d7:69:ca:80:b4:a1:ba:60:29:bd:4e:62:3d:0d:98:1d:b9:2d:
+ e2:14:ec:38:49:33:96:e2:14:00:5c:9a:61:87:82:0c:72:d3:
+ 60:98:fc:35:32:45:b3:f1:b9:84:38:21:d0:47:4e:26:ef:3b:
+ 1d:e0:20:51:2e:5a:c4:20:bf:ff:7e:33:49:d4:17:27:36:05:
+ 40:b6:16:9b:49:60:4a:1c:3d:1f:5c:e5:04:51:91:d5:38:a3:
+ d4:04:99:7c:62:58:6e:2e:e3:d1:75:0d:3a:2a:55:d6:76:3c:
+ 1d:25:d6:29:40:64:07:60:53:eb:ca:ba:31:8f:5c:40:be:3f:
+ a9:f4:10:3e:85:a4:56:1a:0b:e3:35:d9:51:b0:b9:a6:70:65:
+ ce:81:63:98:c0:a9:e3:a4:d2:07:55:20:d7:62:a9:d1:43:15:
+ 5c:df:19:25:8b:25:90:c9:11:b4:f6:80:d2:97:b6:27:d1:bd:
+ b7:40:a9:7b:66:ad:49:a0
-----BEGIN CERTIFICATE-----
MIIFCzCCAvOgAwIBAgICAb8wDQYJKoZIhvcNAQEFBQAwgZIxCzAJBgNVBAYTAkRF
MQ8wDQYDVQQIEwZTYXhvbnkxEDAOBgNVBAcTB0RyZXNkZW4xMDAuBgNVBAoUJ3Nj
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/ca2005-crt.pem Mon Nov 09 21:51:46 2015 +0100
@@ -0,0 +1,68 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ a9:08:b2:d7:76:b4:ce:92
+ Signature Algorithm: md5WithRSAEncryption
+ Issuer: C=DE, ST=Saxony, L=Dresden, O=schlittermann -- internet & unix support, OU=CA, CN=Heiko Schlittermann/emailAddress=hs@schlittermann.de
+ Validity
+ Not Before: Jan 19 18:36:30 2005 GMT
+ Not After : Jan 2 18:36:30 2016 GMT
+ Subject: C=DE, ST=Saxony, L=Dresden, O=schlittermann -- internet & unix support, OU=CA, CN=Heiko Schlittermann/emailAddress=hs@schlittermann.de
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:e2:1e:85:56:0b:2e:44:19:25:94:1a:06:04:3a:
+ 46:4e:ac:d6:01:72:e4:10:db:8e:db:7e:b5:70:da:
+ b7:09:bd:7a:1e:62:2b:d7:3e:32:fe:4f:83:bf:68:
+ e1:aa:eb:77:4e:50:f4:64:42:82:09:2d:cc:59:61:
+ 7c:65:b6:99:93:5b:85:7e:7a:83:bd:01:10:8d:51:
+ bd:ee:90:5e:b4:38:a8:ad:2d:25:1f:f2:7a:32:2d:
+ 1a:d5:a2:74:7e:07:a4:06:7f:0a:91:db:31:29:81:
+ 3a:41:7d:92:18:f7:6a:2f:f2:8d:0a:9b:ad:e0:de:
+ 3c:d5:fa:c3:d4:9f:61:d6:2d
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 49:14:1B:C0:73:8A:19:4B:BA:E7:2C:49:A6:C8:AD:A8:0C:87:58:55
+ X509v3 Authority Key Identifier:
+ keyid:49:14:1B:C0:73:8A:19:4B:BA:E7:2C:49:A6:C8:AD:A8:0C:87:58:55
+ DirName:/C=DE/ST=Saxony/L=Dresden/O=schlittermann -- internet & unix support/OU=CA/CN=Heiko Schlittermann/emailAddress=hs@schlittermann.de
+ serial:A9:08:B2:D7:76:B4:CE:92
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: md5WithRSAEncryption
+ a3:15:62:62:b3:e8:ae:84:3b:6e:af:ec:61:03:66:49:09:3a:
+ 17:25:ed:86:55:3d:57:ff:d9:3e:6a:a3:a9:63:6d:55:ce:ea:
+ 20:1f:bd:dd:93:a8:ed:94:30:66:8b:7a:c2:16:38:b0:10:f6:
+ b6:49:1a:05:ad:23:2b:3e:4c:10:dc:fa:0e:9a:de:5b:9c:77:
+ dd:85:9c:20:d0:fc:a4:52:07:df:ce:80:96:01:4b:3c:db:85:
+ 11:62:f7:3a:22:fb:b0:cc:9c:b0:65:70:51:e3:9a:70:3a:6c:
+ 10:48:b2:30:f1:39:88:b0:3f:e7:28:8f:f0:22:48:87:18:b2:
+ 62:ec
+-----BEGIN CERTIFICATE-----
+MIIEATCCA2qgAwIBAgIJAKkIstd2tM6SMA0GCSqGSIb3DQEBBAUAMIGyMQswCQYD
+VQQGEwJERTEPMA0GA1UECBMGU2F4b255MRAwDgYDVQQHEwdEcmVzZGVuMTEwLwYD
+VQQKFChzY2hsaXR0ZXJtYW5uIC0tIGludGVybmV0ICYgdW5peCBzdXBwb3J0MQsw
+CQYDVQQLEwJDQTEcMBoGA1UEAxMTSGVpa28gU2NobGl0dGVybWFubjEiMCAGCSqG
+SIb3DQEJARYTaHNAc2NobGl0dGVybWFubi5kZTAeFw0wNTAxMTkxODM2MzBaFw0x
+NjAxMDIxODM2MzBaMIGyMQswCQYDVQQGEwJERTEPMA0GA1UECBMGU2F4b255MRAw
+DgYDVQQHEwdEcmVzZGVuMTEwLwYDVQQKFChzY2hsaXR0ZXJtYW5uIC0tIGludGVy
+bmV0ICYgdW5peCBzdXBwb3J0MQswCQYDVQQLEwJDQTEcMBoGA1UEAxMTSGVpa28g
+U2NobGl0dGVybWFubjEiMCAGCSqGSIb3DQEJARYTaHNAc2NobGl0dGVybWFubi5k
+ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4h6FVgsuRBkllBoGBDpGTqzW
+AXLkENuO2361cNq3Cb16HmIr1z4y/k+Dv2jhqut3TlD0ZEKCCS3MWWF8ZbaZk1uF
+fnqDvQEQjVG97pBetDiorS0lH/J6Mi0a1aJ0fgekBn8KkdsxKYE6QX2SGPdqL/KN
+Cput4N481frD1J9h1i0CAwEAAaOCARswggEXMB0GA1UdDgQWBBRJFBvAc4oZS7rn
+LEmmyK2oDIdYVTCB5wYDVR0jBIHfMIHcgBRJFBvAc4oZS7rnLEmmyK2oDIdYVaGB
+uKSBtTCBsjELMAkGA1UEBhMCREUxDzANBgNVBAgTBlNheG9ueTEQMA4GA1UEBxMH
+RHJlc2RlbjExMC8GA1UEChQoc2NobGl0dGVybWFubiAtLSBpbnRlcm5ldCAmIHVu
+aXggc3VwcG9ydDELMAkGA1UECxMCQ0ExHDAaBgNVBAMTE0hlaWtvIFNjaGxpdHRl
+cm1hbm4xIjAgBgkqhkiG9w0BCQEWE2hzQHNjaGxpdHRlcm1hbm4uZGWCCQCpCLLX
+drTOkjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAKMVYmKz6K6EO26v
+7GEDZkkJOhcl7YZVPVf/2T5qo6ljbVXO6iAfvd2TqO2UMGaLesIWOLAQ9rZJGgWt
+Iys+TBDc+g6a3lucd92FnCDQ/KRSB9/OgJYBSzzbhRFi9zoi+7DMnLBlcFHjmnA6
+bBBIsjDxOYiwP+coj/AiSIcYsmLs
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/ca2015-crt.pem Mon Nov 09 21:51:46 2015 +0100
@@ -0,0 +1,35 @@
+-----BEGIN CERTIFICATE-----
+MIIGEzCCA/ugAwIBAgIJANihrI2GJzpdMA0GCSqGSIb3DQEBCwUAMIGfMQswCQYD
+VQQGEwJERTEQMA4GA1UECAwHU2FjaHNlbjEQMA4GA1UEBwwHRHJlc2RlbjEWMBQG
+A1UECgwNU2NobGl0dGVybWFubjEeMBwGA1UECwwVQ2VydGlmaWNhdGUgQXV0aG9y
+aXR5MRAwDgYDVQQDDAdDQSAyMDE2MSIwIAYJKoZIhvcNAQkBFhNjYUBzY2hsaXR0
+ZXJtYW5uLmRlMB4XDTE1MTEwOTExMTE1MloXDTM1MDcyMzExMTE1MlowgZ8xCzAJ
+BgNVBAYTAkRFMRAwDgYDVQQIDAdTYWNoc2VuMRAwDgYDVQQHDAdEcmVzZGVuMRYw
+FAYDVQQKDA1TY2hsaXR0ZXJtYW5uMR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRo
+b3JpdHkxEDAOBgNVBAMMB0NBIDIwMTYxIjAgBgkqhkiG9w0BCQEWE2NhQHNjaGxp
+dHRlcm1hbm4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDu99lm
+FnrErdMLgZ9U1/T+fmq5t3qD8VCBrGUzin8ivAZ17PQ+5oGPwIxkNvRY7ZJYqqqa
+E3UeD/RWjoXRMyzyEgqkwHLnIevwUJf7nyDgv/b0FeIEqVZICGuZzLzux5DeO1Fe
+nNbSPeklwr3MtP63FgvZQVlst/F/zow2eyGHjSr5J9o+bkApG1MXjazwVFJS3oVh
+JJRZnqgA0VrJA7JHSTVuQSfs0bq0y+vksRDchD4mvMNWKIkraFg8cYPa4qSQsev1
+d6ajYslqimJUWRlQwppFLoYVnod9BWqbhWCjpaBuStMsVRM/YujeRjqXEUCiuooU
+XogGzOND0lXMqTR1FIMP6gxTXfhEKqx27wnG3aRaXl7OzyfWc30xJKJytuVwdY37
+SbyWGeXHoRFKJKIOhRzEqSv1mwI6EHxMSbPGM84rEDj72wcumQmlqgzG3Jvyqe/c
++I3n/O9isqwTmWFEk9HpJ/OYQGIxVwAPt54gMtY+izMvO9uVW2v8WhaSTf6OhhrC
+50HPLLa1MYrRgq2wlJNOo15fiHf5o08Zn39x0TDMDp5oSBnOIxOS8vI8lHiGI/Ea
+eOokqULIzWDo9HlOLSyjJVQCFj+uxcQDqEyArj6WIwSzD8/EE/w79O9CpXZB+ghY
+lUqeUR5tzTwJXF/WgatZz+8yGWDwVBQYcxk3xQIDAQABo1AwTjAdBgNVHQ4EFgQU
+uiIQt838h/3EJ5RRiUD5JMSgxcQwHwYDVR0jBBgwFoAUuiIQt838h/3EJ5RRiUD5
+JMSgxcQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEACcpKbeW4L6w4
+9PfPYtweqA85GKGOnDBAmusJusMGIAlieRd9fblvpYlRzB3m/Gkyjm7si0F4b74J
+yuixvyEW5idOoqMVgHJ4R9yqRt4ChJMeTKUVx8AgK89qBOAsTknE5KctKMZcGC8N
+6ZptAcl5N+/IFtCFGz2IBVZTCDUz8mUmQPjfmPploOo5+qRhM9037HmSFo8hUd0G
+LZx5Ivb32EcqAYwHF63q9gqu8XlZuRcDc6Z79h6eldH+mb/arrEH4mIe2itxgROl
+uIfgNT6+5J5bAMf4oD0PgO55JUED7LeYoYMZxeW2GSiO1uGLpvEpZ4MvX5XRT2Ic
+MD99CmAroQkndJaelkY+eb4aMncJiygu4NpLUfB+7rTnpFQ4BI2zVUcuxeZ49CQQ
+ECpmBLjPyIAR4C/UFso+jxnBr4MJP7DV6Wr954+u1G35XZCHwzheIx5wpiSTun9a
+AMQv4Pd4tHhUgtFlwU5QfiyhqhfZKXcCIUxK4aUrUFrMuZzqBtOk2FYu6DiuoKGf
+PySnc106yTCjG/L9gHIJTvKBSFrCIRHuE56/s9q7mAWgQe4VlmBJ59cdhxVU12bn
+Z/D9RoGoJ6MA0s5rH2CPP8nh1NA64RB5qMLMlJ36vcyynts/oGt82vbE8NXH1CpD
+p9zSqn+XQ0Jj9I8B+fQQdDdTpNaWF2A=
+-----END CERTIFICATE-----
--- a/ca2016-crt.pem Mon Nov 09 12:41:00 2015 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,35 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIGEzCCA/ugAwIBAgIJANihrI2GJzpdMA0GCSqGSIb3DQEBCwUAMIGfMQswCQYD
-VQQGEwJERTEQMA4GA1UECAwHU2FjaHNlbjEQMA4GA1UEBwwHRHJlc2RlbjEWMBQG
-A1UECgwNU2NobGl0dGVybWFubjEeMBwGA1UECwwVQ2VydGlmaWNhdGUgQXV0aG9y
-aXR5MRAwDgYDVQQDDAdDQSAyMDE2MSIwIAYJKoZIhvcNAQkBFhNjYUBzY2hsaXR0
-ZXJtYW5uLmRlMB4XDTE1MTEwOTExMTE1MloXDTM1MDcyMzExMTE1MlowgZ8xCzAJ
-BgNVBAYTAkRFMRAwDgYDVQQIDAdTYWNoc2VuMRAwDgYDVQQHDAdEcmVzZGVuMRYw
-FAYDVQQKDA1TY2hsaXR0ZXJtYW5uMR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRo
-b3JpdHkxEDAOBgNVBAMMB0NBIDIwMTYxIjAgBgkqhkiG9w0BCQEWE2NhQHNjaGxp
-dHRlcm1hbm4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDu99lm
-FnrErdMLgZ9U1/T+fmq5t3qD8VCBrGUzin8ivAZ17PQ+5oGPwIxkNvRY7ZJYqqqa
-E3UeD/RWjoXRMyzyEgqkwHLnIevwUJf7nyDgv/b0FeIEqVZICGuZzLzux5DeO1Fe
-nNbSPeklwr3MtP63FgvZQVlst/F/zow2eyGHjSr5J9o+bkApG1MXjazwVFJS3oVh
-JJRZnqgA0VrJA7JHSTVuQSfs0bq0y+vksRDchD4mvMNWKIkraFg8cYPa4qSQsev1
-d6ajYslqimJUWRlQwppFLoYVnod9BWqbhWCjpaBuStMsVRM/YujeRjqXEUCiuooU
-XogGzOND0lXMqTR1FIMP6gxTXfhEKqx27wnG3aRaXl7OzyfWc30xJKJytuVwdY37
-SbyWGeXHoRFKJKIOhRzEqSv1mwI6EHxMSbPGM84rEDj72wcumQmlqgzG3Jvyqe/c
-+I3n/O9isqwTmWFEk9HpJ/OYQGIxVwAPt54gMtY+izMvO9uVW2v8WhaSTf6OhhrC
-50HPLLa1MYrRgq2wlJNOo15fiHf5o08Zn39x0TDMDp5oSBnOIxOS8vI8lHiGI/Ea
-eOokqULIzWDo9HlOLSyjJVQCFj+uxcQDqEyArj6WIwSzD8/EE/w79O9CpXZB+ghY
-lUqeUR5tzTwJXF/WgatZz+8yGWDwVBQYcxk3xQIDAQABo1AwTjAdBgNVHQ4EFgQU
-uiIQt838h/3EJ5RRiUD5JMSgxcQwHwYDVR0jBBgwFoAUuiIQt838h/3EJ5RRiUD5
-JMSgxcQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEACcpKbeW4L6w4
-9PfPYtweqA85GKGOnDBAmusJusMGIAlieRd9fblvpYlRzB3m/Gkyjm7si0F4b74J
-yuixvyEW5idOoqMVgHJ4R9yqRt4ChJMeTKUVx8AgK89qBOAsTknE5KctKMZcGC8N
-6ZptAcl5N+/IFtCFGz2IBVZTCDUz8mUmQPjfmPploOo5+qRhM9037HmSFo8hUd0G
-LZx5Ivb32EcqAYwHF63q9gqu8XlZuRcDc6Z79h6eldH+mb/arrEH4mIe2itxgROl
-uIfgNT6+5J5bAMf4oD0PgO55JUED7LeYoYMZxeW2GSiO1uGLpvEpZ4MvX5XRT2Ic
-MD99CmAroQkndJaelkY+eb4aMncJiygu4NpLUfB+7rTnpFQ4BI2zVUcuxeZ49CQQ
-ECpmBLjPyIAR4C/UFso+jxnBr4MJP7DV6Wr954+u1G35XZCHwzheIx5wpiSTun9a
-AMQv4Pd4tHhUgtFlwU5QfiyhqhfZKXcCIUxK4aUrUFrMuZzqBtOk2FYu6DiuoKGf
-PySnc106yTCjG/L9gHIJTvKBSFrCIRHuE56/s9q7mAWgQe4VlmBJ59cdhxVU12bn
-Z/D9RoGoJ6MA0s5rH2CPP8nh1NA64RB5qMLMlJ36vcyynts/oGt82vbE8NXH1CpD
-p9zSqn+XQ0Jj9I8B+fQQdDdTpNaWF2A=
------END CERTIFICATE-----
--- a/debian/dirs Mon Nov 09 12:41:00 2015 +0100
+++ b/debian/dirs Mon Nov 09 21:51:46 2015 +0100
@@ -1,2 +1,3 @@
+etc
usr/bin
usr/sbin
--- a/debian/postinst Mon Nov 09 12:41:00 2015 +0100
+++ b/debian/postinst Mon Nov 09 21:51:46 2015 +0100
@@ -19,27 +19,33 @@
CONF=/etc/ca-certificates.conf
DIR=/usr/share/ca-certificates
-CRTS=$DIR/schlittermann-ca*
+CRTS=$DIR/schlittermann/*.crt
hash() { openssl x509 -noout -in "$1" -hash; }
case "$1" in
configure)
+ # aus der ca-certificates.conf entfernen
+ tmp=`mktemp`
+ grep -v '^schlittermann-ca\.crt$' $CONF > $tmp
+ cp $tmp $CONF
+ rm -f $tmp
+
# zuerst mal gucken, ob's nicht zufällig schon in /etc/ssl/certs
# mit rumliegt von früher
for CRT in $CRTS; do
CRT=$(basename $CRT)
- HASH=`hash $DIR/$CRT`
+ HASH=`hash $DIR/$CRT 2>/dev/null || echo 0`
echo "$DIR/$CRT: $HASH"
for p in /etc/ssl/certs/*.crt; do
- test -e "$p" || { rm -f "$p"; continue; }
+ test -e "$p" || { rm -f "$p"; continue; } # dangling symlinks
test "$HASH" = `hash "$p"` || continue
test -L "$p" || { rm -v "$p"; continue; }
test `readlink "$p"` = "$DIR/$CRT" || { rm "$p"; continue; }
done
- grep -q "$CRT" "$CONF" || echo "$CRT" >> "$CONF"
+ grep -F -q "schlittermann/$CRT" "$CONF" || echo "schlittermann/$CRT" >> "$CONF"
done
update-ca-certificates
--- a/debian/postrm Mon Nov 09 12:41:00 2015 +0100
+++ b/debian/postrm Mon Nov 09 21:51:46 2015 +0100
@@ -23,14 +23,18 @@
case "$1" in
purge)
- TMP=`tempfile`
+ TMP=`mktemp`
grep -v "$CRT" <$CONF >$TMP
- cat <$TMP >$CONF
+ cp $TMP $CONF
rm $TMP
update-ca-certificates --fresh
;;
remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+ tmp=`mktemp`
+ grep -F -v 'schlittermann-ca.crt' $CONF
+ cp $tmp $CONF
+ rm $tmp
update-ca-certificates --fresh
;;