You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by rj...@apache.org on 2015/02/28 19:23:30 UTC

svn commit: r1662985 - in /tomcat/trunk/test/org/apache/tomcat/util/net: localhost-cert.pem localhost-copy1.jks localhost.jks user1.jks

Author: rjung
Date: Sat Feb 28 18:23:30 2015
New Revision: 1662985

URL: http://svn.apache.org/r1662985
Log:
New certs and key stores.
Same private keys, same csrs.
Valid until Feb 27th 2017.

Modified:
    tomcat/trunk/test/org/apache/tomcat/util/net/localhost-cert.pem
    tomcat/trunk/test/org/apache/tomcat/util/net/localhost-copy1.jks
    tomcat/trunk/test/org/apache/tomcat/util/net/localhost.jks
    tomcat/trunk/test/org/apache/tomcat/util/net/user1.jks

Modified: tomcat/trunk/test/org/apache/tomcat/util/net/localhost-cert.pem
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/localhost-cert.pem?rev=1662985&r1=1662984&r2=1662985&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/util/net/localhost-cert.pem (original)
+++ tomcat/trunk/test/org/apache/tomcat/util/net/localhost-cert.pem Sat Feb 28 18:23:30 2015
@@ -1,12 +1,12 @@
 Certificate:
     Data:
         Version: 3 (0x2)
-        Serial Number: 4099 (0x1003)
+        Serial Number: 4102 (0x1006)
     Signature Algorithm: sha1WithRSAEncryption
         Issuer: C=US, CN=ca-test.tomcat.apache.org
         Validity
-            Not Before: Feb 28 05:28:42 2013 GMT
-            Not After : Feb 28 05:28:42 2015 GMT
+            Not Before: Feb 28 16:57:14 2015 GMT
+            Not After : Feb 27 16:57:14 2017 GMT
         Subject: C=US, CN=localhost
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,25 +42,25 @@ Certificate:
                 keyid:B0:3B:BC:C9:FA:28:5F:3E:04:1F:9B:6C:C7:8B:68:D8:01:B0:F8:3D
 
     Signature Algorithm: sha1WithRSAEncryption
-         ab:d3:e7:2b:35:d3:6d:9f:87:2a:64:58:f1:61:cb:56:a8:84:
-         22:79:ac:0d:68:1f:55:0d:dd:16:16:72:c4:a9:75:2a:0e:f8:
-         b1:73:68:c9:ee:43:d8:5c:fa:07:5d:3f:41:fb:14:17:be:64:
-         21:d8:1e:25:67:92:b2:c5:bb:43:1d:96:b6:d3:bd:1c:e1:a4:
-         c7:ee:e3:37:0b:92:14:56:ca:ad:a8:76:5b:80:c9:42:8c:89:
-         f1:42:6e:8c:fb:a1:d7:98:d5:6d:49:99:fe:b6:f6:c6:f3:cc:
-         8f:06:54:6e:02:f5:8f:4b:f1:86:ac:14:93:6c:74:25:26:44:
-         7a:5b:82:3c:57:d6:e5:14:6e:b7:29:53:e4:40:7a:2f:10:5d:
-         ff:28:7f:e5:e5:54:6c:38:fa:b9:27:97:2a:69:60:ba:4a:5a:
-         28:65:b1:81:e0:b7:a1:74:d6:e6:07:81:6d:b8:59:c3:45:bd:
-         7c:a8:17:67:1f:fc:52:1a:6c:90:87:4d:a1:98:51:8c:29:6a:
-         84:d9:0d:24:a8:86:6a:5e:6a:b7:f9:27:9b:52:37:96:b5:fd:
-         94:11:ca:c4:d9:6d:69:81:fa:96:34:63:3a:7c:49:2d:06:48:
-         ae:b1:14:59:12:29:8e:59:3d:03:99:42:90:e6:82:df:08:cf:
-         d7:77:ec:00
+         ac:e9:89:a0:fd:83:a7:aa:39:0b:08:f2:89:bc:64:e4:fa:3f:
+         7d:7a:5e:6d:79:98:34:31:19:ec:fb:e3:07:2b:ff:ab:2f:58:
+         7f:49:33:ca:d1:bb:36:9c:bd:3d:e2:3b:39:e9:a9:c2:b7:9e:
+         58:7d:5c:f4:9f:02:80:0b:e2:e2:d8:b8:3a:c0:76:c7:3b:33:
+         29:2a:61:02:ac:e0:23:aa:3e:a7:0d:0a:e9:8b:2d:4d:2a:ed:
+         59:0c:05:2d:40:86:ed:63:ad:fd:3c:a0:5e:4e:77:a6:f5:fe:
+         16:19:e5:bf:66:2f:c0:a3:21:25:65:a8:30:0b:25:9e:b4:67:
+         ad:9d:7a:33:c2:c7:c0:18:80:ef:f0:ea:1f:33:6b:f5:d6:b6:
+         7c:47:8d:99:b5:be:77:cd:61:ba:27:11:a0:8e:19:0f:8b:2d:
+         3d:70:ac:44:b3:f7:f5:a1:a7:a9:36:93:89:e4:63:cc:89:50:
+         ea:cc:c0:5a:c1:a7:41:7b:2f:64:c3:1e:e2:7f:62:72:3a:a1:
+         d5:9f:8d:83:bf:f4:10:5f:3b:e3:48:fd:2c:7c:55:7f:81:e2:
+         e3:2f:95:53:67:20:40:97:2a:cf:cf:f2:e0:13:0d:02:fe:9f:
+         43:93:01:55:22:5b:d9:b6:fd:a6:55:6c:c8:68:dc:3c:73:e7:
+         29:14:78:29
 -----BEGIN CERTIFICATE-----
-MIIDSTCCAjGgAwIBAgICEAMwDQYJKoZIhvcNAQEFBQAwMTELMAkGA1UEBhMCVVMx
-IjAgBgNVBAMTGWNhLXRlc3QudG9tY2F0LmFwYWNoZS5vcmcwHhcNMTMwMjI4MDUy
-ODQyWhcNMTUwMjI4MDUyODQyWjAhMQswCQYDVQQGEwJVUzESMBAGA1UEAxMJbG9j
+MIIDSTCCAjGgAwIBAgICEAYwDQYJKoZIhvcNAQEFBQAwMTELMAkGA1UEBhMCVVMx
+IjAgBgNVBAMTGWNhLXRlc3QudG9tY2F0LmFwYWNoZS5vcmcwHhcNMTUwMjI4MTY1
+NzE0WhcNMTcwMjI3MTY1NzE0WjAhMQswCQYDVQQGEwJVUzESMBAGA1UEAxMJbG9j
 YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5295PxiHkd0n
 mDQkeVhH+cJpK9hbwOC7SlfWALW7arBmhFy48BIKJycynIIqLw9pd6bpDd9kMVHA
 QR7c1HRRnKO4URNYc+4hnPljghvCLEnDCXD/qfOvogwLYC9q26UBRT40kI5naetF
@@ -70,10 +70,10 @@ KrOf4Wt4DWMaQdVr29hIWQSI0RHV50UoDnwbeHUg
 iViUaVtwJwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVu
 U1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUMNurcJQ0yv11RqvO
 4kqpnnS8abswHwYDVR0jBBgwFoAUsDu8yfooXz4EH5tsx4to2AGw+D0wDQYJKoZI
-hvcNAQEFBQADggEBAKvT5ys1022fhypkWPFhy1aohCJ5rA1oH1UN3RYWcsSpdSoO
-+LFzaMnuQ9hc+gddP0H7FBe+ZCHYHiVnkrLFu0MdlrbTvRzhpMfu4zcLkhRWyq2o
-dluAyUKMifFCboz7odeY1W1Jmf629sbzzI8GVG4C9Y9L8YasFJNsdCUmRHpbgjxX
-1uUUbrcpU+RAei8QXf8of+XlVGw4+rknlyppYLpKWihlsYHgt6F01uYHgW24WcNF
-vXyoF2cf/FIabJCHTaGYUYwpaoTZDSSohmpearf5J5tSN5a1/ZQRysTZbWmB+pY0
-Yzp8SS0GSK6xFFkSKY5ZPQOZQpDmgt8Iz9d37AA=
+hvcNAQEFBQADggEBAKzpiaD9g6eqOQsI8om8ZOT6P316Xm15mDQxGez74wcr/6sv
+WH9JM8rRuzacvT3iOznpqcK3nlh9XPSfAoAL4uLYuDrAdsc7MykqYQKs4COqPqcN
+CumLLU0q7VkMBS1Ahu1jrf08oF5Od6b1/hYZ5b9mL8CjISVlqDALJZ60Z62dejPC
+x8AYgO/w6h8za/XWtnxHjZm1vnfNYbonEaCOGQ+LLT1wrESz9/Whp6k2k4nkY8yJ
+UOrMwFrBp0F7L2TDHuJ/YnI6odWfjYO/9BBfO+NI/Sx8VX+B4uMvlVNnIECXKs/P
+8uATDQL+n0OTAVUiW9m2/aZVbMho3Dxz5ykUeCk=
 -----END CERTIFICATE-----

Modified: tomcat/trunk/test/org/apache/tomcat/util/net/localhost-copy1.jks
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/localhost-copy1.jks?rev=1662985&r1=1662984&r2=1662985&view=diff
==============================================================================
Binary files - no diff available.

Modified: tomcat/trunk/test/org/apache/tomcat/util/net/localhost.jks
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/localhost.jks?rev=1662985&r1=1662984&r2=1662985&view=diff
==============================================================================
Binary files - no diff available.

Modified: tomcat/trunk/test/org/apache/tomcat/util/net/user1.jks
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/user1.jks?rev=1662985&r1=1662984&r2=1662985&view=diff
==============================================================================
Binary files - no diff available.



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

Re: svn commit: r1662985 - in /tomcat/trunk/test/org/apache/tomcat/util/net: localhost-cert.pem localhost-copy1.jks localhost.jks user1.jks

Posted by Christopher Schultz <ch...@christopherschultz.net>.

Rainer,

On 2/28/15 1:23 PM, rjung@apache.org wrote:
> Author: rjung
> Date: Sat Feb 28 18:23:30 2015
> New Revision: 1662985
> 
> URL: http://svn.apache.org/r1662985
> Log:
> New certs and key stores.
> Same private keys, same csrs.
> Valid until Feb 27th 2017.

Why bother with updating these? Two things I can think of to
future-proof these:

1. Auto-generate the certs for each run
2. Install a certificate-verifier that ignores validity dates for the cert

-chris

> Modified:
>     tomcat/trunk/test/org/apache/tomcat/util/net/localhost-cert.pem
>     tomcat/trunk/test/org/apache/tomcat/util/net/localhost-copy1.jks
>     tomcat/trunk/test/org/apache/tomcat/util/net/localhost.jks
>     tomcat/trunk/test/org/apache/tomcat/util/net/user1.jks
> 
> Modified: tomcat/trunk/test/org/apache/tomcat/util/net/localhost-cert.pem
> URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/localhost-cert.pem?rev=1662985&r1=1662984&r2=1662985&view=diff
> ==============================================================================
> --- tomcat/trunk/test/org/apache/tomcat/util/net/localhost-cert.pem (original)
> +++ tomcat/trunk/test/org/apache/tomcat/util/net/localhost-cert.pem Sat Feb 28 18:23:30 2015
> @@ -1,12 +1,12 @@
>  Certificate:
>      Data:
>          Version: 3 (0x2)
> -        Serial Number: 4099 (0x1003)
> +        Serial Number: 4102 (0x1006)
>      Signature Algorithm: sha1WithRSAEncryption
>          Issuer: C=US, CN=ca-test.tomcat.apache.org
>          Validity
> -            Not Before: Feb 28 05:28:42 2013 GMT
> -            Not After : Feb 28 05:28:42 2015 GMT
> +            Not Before: Feb 28 16:57:14 2015 GMT
> +            Not After : Feb 27 16:57:14 2017 GMT
>          Subject: C=US, CN=localhost
>          Subject Public Key Info:
>              Public Key Algorithm: rsaEncryption
> @@ -42,25 +42,25 @@ Certificate:
>                  keyid:B0:3B:BC:C9:FA:28:5F:3E:04:1F:9B:6C:C7:8B:68:D8:01:B0:F8:3D
>  
>      Signature Algorithm: sha1WithRSAEncryption
> -         ab:d3:e7:2b:35:d3:6d:9f:87:2a:64:58:f1:61:cb:56:a8:84:
> -         22:79:ac:0d:68:1f:55:0d:dd:16:16:72:c4:a9:75:2a:0e:f8:
> -         b1:73:68:c9:ee:43:d8:5c:fa:07:5d:3f:41:fb:14:17:be:64:
> -         21:d8:1e:25:67:92:b2:c5:bb:43:1d:96:b6:d3:bd:1c:e1:a4:
> -         c7:ee:e3:37:0b:92:14:56:ca:ad:a8:76:5b:80:c9:42:8c:89:
> -         f1:42:6e:8c:fb:a1:d7:98:d5:6d:49:99:fe:b6:f6:c6:f3:cc:
> -         8f:06:54:6e:02:f5:8f:4b:f1:86:ac:14:93:6c:74:25:26:44:
> -         7a:5b:82:3c:57:d6:e5:14:6e:b7:29:53:e4:40:7a:2f:10:5d:
> -         ff:28:7f:e5:e5:54:6c:38:fa:b9:27:97:2a:69:60:ba:4a:5a:
> -         28:65:b1:81:e0:b7:a1:74:d6:e6:07:81:6d:b8:59:c3:45:bd:
> -         7c:a8:17:67:1f:fc:52:1a:6c:90:87:4d:a1:98:51:8c:29:6a:
> -         84:d9:0d:24:a8:86:6a:5e:6a:b7:f9:27:9b:52:37:96:b5:fd:
> -         94:11:ca:c4:d9:6d:69:81:fa:96:34:63:3a:7c:49:2d:06:48:
> -         ae:b1:14:59:12:29:8e:59:3d:03:99:42:90:e6:82:df:08:cf:
> -         d7:77:ec:00
> +         ac:e9:89:a0:fd:83:a7:aa:39:0b:08:f2:89:bc:64:e4:fa:3f:
> +         7d:7a:5e:6d:79:98:34:31:19:ec:fb:e3:07:2b:ff:ab:2f:58:
> +         7f:49:33:ca:d1:bb:36:9c:bd:3d:e2:3b:39:e9:a9:c2:b7:9e:
> +         58:7d:5c:f4:9f:02:80:0b:e2:e2:d8:b8:3a:c0:76:c7:3b:33:
> +         29:2a:61:02:ac:e0:23:aa:3e:a7:0d:0a:e9:8b:2d:4d:2a:ed:
> +         59:0c:05:2d:40:86:ed:63:ad:fd:3c:a0:5e:4e:77:a6:f5:fe:
> +         16:19:e5:bf:66:2f:c0:a3:21:25:65:a8:30:0b:25:9e:b4:67:
> +         ad:9d:7a:33:c2:c7:c0:18:80:ef:f0:ea:1f:33:6b:f5:d6:b6:
> +         7c:47:8d:99:b5:be:77:cd:61:ba:27:11:a0:8e:19:0f:8b:2d:
> +         3d:70:ac:44:b3:f7:f5:a1:a7:a9:36:93:89:e4:63:cc:89:50:
> +         ea:cc:c0:5a:c1:a7:41:7b:2f:64:c3:1e:e2:7f:62:72:3a:a1:
> +         d5:9f:8d:83:bf:f4:10:5f:3b:e3:48:fd:2c:7c:55:7f:81:e2:
> +         e3:2f:95:53:67:20:40:97:2a:cf:cf:f2:e0:13:0d:02:fe:9f:
> +         43:93:01:55:22:5b:d9:b6:fd:a6:55:6c:c8:68:dc:3c:73:e7:
> +         29:14:78:29
>  -----BEGIN CERTIFICATE-----
> -MIIDSTCCAjGgAwIBAgICEAMwDQYJKoZIhvcNAQEFBQAwMTELMAkGA1UEBhMCVVMx
> -IjAgBgNVBAMTGWNhLXRlc3QudG9tY2F0LmFwYWNoZS5vcmcwHhcNMTMwMjI4MDUy
> -ODQyWhcNMTUwMjI4MDUyODQyWjAhMQswCQYDVQQGEwJVUzESMBAGA1UEAxMJbG9j
> +MIIDSTCCAjGgAwIBAgICEAYwDQYJKoZIhvcNAQEFBQAwMTELMAkGA1UEBhMCVVMx
> +IjAgBgNVBAMTGWNhLXRlc3QudG9tY2F0LmFwYWNoZS5vcmcwHhcNMTUwMjI4MTY1
> +NzE0WhcNMTcwMjI3MTY1NzE0WjAhMQswCQYDVQQGEwJVUzESMBAGA1UEAxMJbG9j
>  YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5295PxiHkd0n
>  mDQkeVhH+cJpK9hbwOC7SlfWALW7arBmhFy48BIKJycynIIqLw9pd6bpDd9kMVHA
>  QR7c1HRRnKO4URNYc+4hnPljghvCLEnDCXD/qfOvogwLYC9q26UBRT40kI5naetF
> @@ -70,10 +70,10 @@ KrOf4Wt4DWMaQdVr29hIWQSI0RHV50UoDnwbeHUg
>  iViUaVtwJwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVu
>  U1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUMNurcJQ0yv11RqvO
>  4kqpnnS8abswHwYDVR0jBBgwFoAUsDu8yfooXz4EH5tsx4to2AGw+D0wDQYJKoZI
> -hvcNAQEFBQADggEBAKvT5ys1022fhypkWPFhy1aohCJ5rA1oH1UN3RYWcsSpdSoO
> -+LFzaMnuQ9hc+gddP0H7FBe+ZCHYHiVnkrLFu0MdlrbTvRzhpMfu4zcLkhRWyq2o
> -dluAyUKMifFCboz7odeY1W1Jmf629sbzzI8GVG4C9Y9L8YasFJNsdCUmRHpbgjxX
> -1uUUbrcpU+RAei8QXf8of+XlVGw4+rknlyppYLpKWihlsYHgt6F01uYHgW24WcNF
> -vXyoF2cf/FIabJCHTaGYUYwpaoTZDSSohmpearf5J5tSN5a1/ZQRysTZbWmB+pY0
> -Yzp8SS0GSK6xFFkSKY5ZPQOZQpDmgt8Iz9d37AA=
> +hvcNAQEFBQADggEBAKzpiaD9g6eqOQsI8om8ZOT6P316Xm15mDQxGez74wcr/6sv
> +WH9JM8rRuzacvT3iOznpqcK3nlh9XPSfAoAL4uLYuDrAdsc7MykqYQKs4COqPqcN
> +CumLLU0q7VkMBS1Ahu1jrf08oF5Od6b1/hYZ5b9mL8CjISVlqDALJZ60Z62dejPC
> +x8AYgO/w6h8za/XWtnxHjZm1vnfNYbonEaCOGQ+LLT1wrESz9/Whp6k2k4nkY8yJ
> +UOrMwFrBp0F7L2TDHuJ/YnI6odWfjYO/9BBfO+NI/Sx8VX+B4uMvlVNnIECXKs/P
> +8uATDQL+n0OTAVUiW9m2/aZVbMho3Dxz5ykUeCk=
>  -----END CERTIFICATE-----
> 
> Modified: tomcat/trunk/test/org/apache/tomcat/util/net/localhost-copy1.jks
> URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/localhost-copy1.jks?rev=1662985&r1=1662984&r2=1662985&view=diff
> ==============================================================================
> Binary files - no diff available.
> 
> Modified: tomcat/trunk/test/org/apache/tomcat/util/net/localhost.jks
> URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/localhost.jks?rev=1662985&r1=1662984&r2=1662985&view=diff
> ==============================================================================
> Binary files - no diff available.
> 
> Modified: tomcat/trunk/test/org/apache/tomcat/util/net/user1.jks
> URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/user1.jks?rev=1662985&r1=1662984&r2=1662985&view=diff
> ==============================================================================
> Binary files - no diff available.
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
>