You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by we...@apache.org on 2004/02/29 13:37:39 UTC
cvs commit: ws-fx/wss4j/keys/ca.db.certs 02.pem 01.pem
werner 2004/02/29 04:37:39
Added: wss4j/keys cert.pem ca.db.index ca.key ca.config
genCertRequest.sh ca.db.serial wss4j.keystore
signConvertImportCert.sh genKeystore.sh cert.crt
cert.req ca.crt
wss4j/keys/ca.db.certs 02.pem 01.pem
Log:
Some scripts to generate certificates that contain SKI info
and put them in a keystore. Refer to new cryptoSKI.properties file
in src directory to see how to use. Refer also to test4 and test11 to
see how to use the new property file.
Revision Changes Path
1.1 ws-fx/wss4j/keys/cert.pem
Index: cert.pem
===================================================================
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=DE, ST=Bayern, L=Munich, O=Home, OU=Apache WSS4J, CN=Werner
Validity
Not Before: Feb 29 12:00:29 2004 GMT
Not After : Feb 28 12:00:29 2005 GMT
Subject: C=DE, ST=Bayern, L=Munich, O=Apache, OU=WSS4J, CN=wernerd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:ad:ce:34:88:66:c7:13:0b:41:33:37:10:df:fd:
87:2b:e0:3d:88:07:8d:84:7a:3c:51:1c:46:94:71:
77:ad:e3:b1:4c:b3:30:0e:5d:b5:72:39:ee:89:2f:
ab:bb:2f:08:2f:cd:de:a4:db:f7:4e:51:73:93:a2:
21:e0:47:9f:8b:c2:58:05:c9:f4:60:8c:89:fa:d3:
96:10:07:56:ce:de:06:63:e9:50:97:c1:83:3e:49:
67:e5:82:eb:5f:ef:85:83:01:db:62:10:8d:27:20:
3f:f3:03:40:6f:43:41:9e:e0:40:88:e5:bd:02:8f:
a9:4a:10:58:83:7c:43:42:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
5E:61:46:E0:09:9A:44:80:9A:A4:B2:6F:04:00:24:F3:86:D6:16:8F
X509v3 Authority Key Identifier:
keyid:D0:C2:5B:D0:A4:D4:EB:05:FD:7C:4C:0E:A7:1E:2F:A0:CA:68:4F:3A
DirName:/C=DE/ST=Bayern/L=Munich/O=Home/OU=Apache WSS4J/CN=Werner
serial:00
Signature Algorithm: md5WithRSAEncryption
7c:35:e4:e7:63:18:af:26:77:1c:5f:cc:e6:89:2b:ac:8d:a2:
f9:70:60:84:58:75:40:12:6e:b2:37:47:26:92:97:5e:f1:28:
06:35:1a:e2:48:6b:89:f3:f0:73:52:ad:77:ce:5a:01:c0:84:
cf:e4:3e:a4:ee:6e:ad:93:99:6b:ec:48:27:0e:f4:8c:c9:21:
12:76:43:ce:1c:af:c6:2e:1c:c3:eb:8e:22:29:58:50:d2:0d:
01:3e:19:df:0f:51:ea:88:37:9c:66:08:a1:df:71:73:11:20:
b7:02:19:38:e1:2f:53:d9:0b:1f:cb:62:6c:75:fa:42:10:24:
ff:4a
-----BEGIN CERTIFICATE-----
MIIDLTCCApagAwIBAgIBAjANBgkqhkiG9w0BAQQFADBmMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGQmF5ZXJuMQ8wDQYDVQQHEwZNdW5pY2gxDTALBgNVBAoTBEhvbWUx
FTATBgNVBAsTDEFwYWNoZSBXU1M0SjEPMA0GA1UEAxMGV2VybmVyMB4XDTA0MDIy
OTEyMDAyOVoXDTA1MDIyODEyMDAyOVowYjELMAkGA1UEBhMCREUxDzANBgNVBAgT
BkJheWVybjEPMA0GA1UEBxMGTXVuaWNoMQ8wDQYDVQQKEwZBcGFjaGUxDjAMBgNV
BAsTBVdTUzRKMRAwDgYDVQQDEwd3ZXJuZXJkMIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQCtzjSIZscTC0EzNxDf/Ycr4D2IB42EejxRHEaUcXet47FMszAOXbVy
Oe6JL6u7Lwgvzd6k2/dOUXOToiHgR5+LwlgFyfRgjIn605YQB1bO3gZj6VCXwYM+
SWflgutf74WDAdtiEI0nID/zA0BvQ0Ge4ECI5b0Cj6lKEFiDfENCAQIDAQABo4Hu
MIHrMAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVk
IENlcnRpZmljYXRlMB0GA1UdDgQWBBReYUbgCZpEgJqksm8EACTzhtYWjzCBkAYD
VR0jBIGIMIGFgBTQwlvQpNTrBf18TA6nHi+gymhPOqFqpGgwZjELMAkGA1UEBhMC
REUxDzANBgNVBAgTBkJheWVybjEPMA0GA1UEBxMGTXVuaWNoMQ0wCwYDVQQKEwRI
b21lMRUwEwYDVQQLEwxBcGFjaGUgV1NTNEoxDzANBgNVBAMTBldlcm5lcoIBADAN
BgkqhkiG9w0BAQQFAAOBgQB8NeTnYxivJnccX8zmiSusjaL5cGCEWHVAEm6yN0cm
kpde8SgGNRriSGuJ8/BzUq13zloBwITP5D6k7m6tk5lr7EgnDvSMySESdkPOHK/G
LhzD644iKVhQ0g0BPhnfD1HqiDecZgih33FzESC3Ahk44S9T2Qsfy2JsdfpCECT/
Sg==
-----END CERTIFICATE-----
1.1 ws-fx/wss4j/keys/ca.db.index
Index: ca.db.index
===================================================================
V 050228105117Z 01 unknown /C=DE/ST=Bayern/L=Munich/O=Apache/OU=WSS4J/CN=werner
V 050228120029Z 02 unknown /C=DE/ST=Bayern/L=Munich/O=Apache/OU=WSS4J/CN=wernerd
1.1 ws-fx/wss4j/keys/ca.key
Index: ca.key
===================================================================
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,6DA21E161F9EF0BF
QlIo6z9lYaqLSYm66f/4PgWsoBxls2uJkAp0IgQfxqftC9cZpkyYOeD//2JYtyWR
/09V6Nx4tcRF3JPCXx+BoX11oNZr1ze+1Tgt6ZmIETrKrW4oS69W43q0JiKcHYcP
3gTZASnBU+KkPEVcyN+XNP/6UURP0Y5P+IgQj8FEi0LSh3RVGXLwsVmeXo0vkGvH
+U+GrGW4h25udkqt62O2gi34XdBBuIMUaLl9wMJ+M/oTzP91v213JGMoVLd3N7Cf
S24rPb/pabcz+wIPKW2RU8Fgssun4pIRIjOujbzONo7OgoeIXM+n4zNyFa34E5ub
iLKYOiS8pFkWLKXPxSRTAweWKfyoWNYaGbsSxrJHMLiRplHlHveJdbBJ5Y1h7OEs
9+UqxZNXX1lMyzueC5TewoSUEkiFw+5Fmrw9N3m5v5oZOdFD/dWeysHimUPQS+zg
sn7mnY/M3VbPCMWbK4RLs3/ABZxFhmMDZWXRFXSXk+jXqt2mWBKJPALBTbNHFDsm
05fX0HD+IjRtODSjluK9dpnegS8EdJT5yG2J/Jhr2MzSPe2PlyvnrMXZ+MDWz5XJ
TWLsn5c3A6FsvIFbCRb/QxfZldT6d/33A6vxSpYHOfti4de7Yw32TlRmYr8F3DLA
BCHiVcCKzMRiJAbYRsCyKWWttdKV9fixNDhzvDNboMJf/duum8op4ALKaZsaBvq6
BfY6kmckqStZDJs/ytlnjDnAPBBpJML+vBIbo24n1d3X1mvIVwCADqMspfqr3Ukg
hACyMhPB+fNx+mUqgW+Sf77ffD62ktyoR5StxsbwJuZqqqghOjAvTg==
-----END RSA PRIVATE KEY-----
1.1 ws-fx/wss4j/keys/ca.config
Index: ca.config
===================================================================
#
# Beginning of file ca.config
[ ca ]
default_ca = CA_own
[ CA_own ]
dir = .
certs = $dir
new_certs_dir = $dir/ca.db.certs
database = $dir/ca.db.index
serial = $dir/ca.db.serial
RANDFILE = $dir/ca.db.rand
certificate = $dir/ca.crt
private_key = $dir/ca.key
default_days = 365
default_crl_days = 30
default_md = md5
preserve = no
x509_extensions = usr_cert
policy = policy_match
#
[ usr_cert ]
basicConstraints = CA:FALSE
nsComment = "OpenSSL Generated Certificate"
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer:always
[ req ]
default_bits = 1024
distinguished_name = req_distinguished_name
x509_extensions = v3_ca
policy = policy_anything
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
basicConstraints = CA:true
#
# For the CA policy
#
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
#
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
#
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = DE
CountryName_min = 2
CountryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Bayern
localityName = Locality Name (e.g., city)
localityName_default = Munich
0.organizationName = Organization Name (e.g., company)
0.organizationName_default = Home
organizationalUnitName = Organizational Unit Name (e.g., section)
organizationalUnitName_default = Apache WSS4J
commonName = Common Name (e.g., your name or server name)
commonName_max = 64
commonName_default = Werner
# end of file ca.config
1.1 ws-fx/wss4j/keys/genCertRequest.sh
Index: genCertRequest.sh
===================================================================
# Export the key as a request (use security as the password)
$JAVA_HOME/bin/keytool -keystore wss4j.keystore -alias wss4jCert -certreq -file cert.req
1.1 ws-fx/wss4j/keys/ca.db.serial
Index: ca.db.serial
===================================================================
03
1.1 ws-fx/wss4j/keys/wss4j.keystore
<<Binary file>>
1.1 ws-fx/wss4j/keys/signConvertImportCert.sh
Index: signConvertImportCert.sh
===================================================================
# Sign the server certificate request with the CA using the command
# (again, "security" is the PEM pass phrase):
openssl ca -config ca.config -policy policy_anything -days 365 -out cert.pem -infiles cert.req
# Convert the server certificate from PEM (plain text format) to DER (binary) format:
openssl x509 -outform DER -in cert.pem -out cert.crt
# import the CA and server certificate into wss4j's keystore (note that
# importing the server certificate results in the keystore's wss4j
# certificate being updated with the new signature):
$JAVA_HOME/bin/keytool -import -file ca.crt -keystore wss4j.keystore
$JAVA_HOME/bin/keytool -import -alias wss4jCert -file cert.crt -keystore wss4j.keystore
1.1 ws-fx/wss4j/keys/genKeystore.sh
Index: genKeystore.sh
===================================================================
#
# Clean out the server and client keystores
rm wss4j.keystore
# Generate the key that will be used for wss4j
# (use security as the password)
$JAVA_HOME/bin/keytool -genkey -alias wss4jCert -keyalg RSA -keystore wss4j.keystore -dname "CN=wernerd,OU=WSS4J,O=Apache,L=Munich,ST=Bayern,C=DE"
1.1 ws-fx/wss4j/keys/cert.crt
<<Binary file>>
1.1 ws-fx/wss4j/keys/cert.req
Index: cert.req
===================================================================
-----BEGIN NEW CERTIFICATE REQUEST-----
MIIBojCCAQsCAQAwYjELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJheWVybjEPMA0GA1UEBxMGTXVu
aWNoMQ8wDQYDVQQKEwZBcGFjaGUxDjAMBgNVBAsTBVdTUzRKMRAwDgYDVQQDEwd3ZXJuZXJkMIGf
MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtzjSIZscTC0EzNxDf/Ycr4D2IB42EejxRHEaUcXet
47FMszAOXbVyOe6JL6u7Lwgvzd6k2/dOUXOToiHgR5+LwlgFyfRgjIn605YQB1bO3gZj6VCXwYM+
SWflgutf74WDAdtiEI0nID/zA0BvQ0Ge4ECI5b0Cj6lKEFiDfENCAQIDAQABoAAwDQYJKoZIhvcN
AQEEBQADgYEAPfefpv0rWo/YlWh8CdcxN0sDYhc2cIPhgE3pMHjh05rv3QMG0Qg+goFLEsAbE6Yz
LxzBOxUDLF0eNAw4CuD2Y4+0eeuzFrCSdPl5v84O3FEHkb+WAlzWZTL8Au1Nw2vZq1+mHgU4mJ/Y
U6P5rAMyVWu7xeewBFRREztFqawRfs8=
-----END NEW CERTIFICATE REQUEST-----
1.1 ws-fx/wss4j/keys/ca.crt
Index: ca.crt
===================================================================
-----BEGIN CERTIFICATE-----
MIIDBjCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBmMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGQmF5ZXJuMQ8wDQYDVQQHEwZNdW5pY2gxDTALBgNVBAoTBEhvbWUx
FTATBgNVBAsTDEFwYWNoZSBXU1M0SjEPMA0GA1UEAxMGV2VybmVyMB4XDTA0MDIy
ODIwMDIxMVoXDTA0MDMyOTIwMDIxMVowZjELMAkGA1UEBhMCREUxDzANBgNVBAgT
BkJheWVybjEPMA0GA1UEBxMGTXVuaWNoMQ0wCwYDVQQKEwRIb21lMRUwEwYDVQQL
EwxBcGFjaGUgV1NTNEoxDzANBgNVBAMTBldlcm5lcjCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEA4d9amwRDXhwodlcLSJI4A6JkWD4kVwYl7gTYKm6nPdnn8JRO
RnVfZP/9qgplMdKR9C0SOxla99ZnxlY3xr6bInt46rtoMnQkAwc1H27UwOEDtua4
5tYLsx1Qde2tguS0VqrxHG6QLwi8kZ4fhLe41tE2Q4KgWw/WnMiLjgaZ61cCAwEA
AaOBwzCBwDAdBgNVHQ4EFgQU0MJb0KTU6wX9fEwOpx4voMpoTzowgZAGA1UdIwSB
iDCBhYAU0MJb0KTU6wX9fEwOpx4voMpoTzqhaqRoMGYxCzAJBgNVBAYTAkRFMQ8w
DQYDVQQIEwZCYXllcm4xDzANBgNVBAcTBk11bmljaDENMAsGA1UEChMESG9tZTEV
MBMGA1UECxMMQXBhY2hlIFdTUzRKMQ8wDQYDVQQDEwZXZXJuZXKCAQAwDAYDVR0T
BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQB9BPLWwvf2JgcCrXhMqtBAqkga/Q09
y9biKcEg4t65HkDtVarMpaWdRvtOra5JDA0lmyG2QQW3KF8a9gxEAlTWyJSVLIQJ
7p7sm2COVofjCurBwMYL3Da8Jx84u1qfga1GS3Q24QS3O3OHap1wKdb9YbzzyBqS
+Ly4o2GDXQYGFA==
-----END CERTIFICATE-----
1.1 ws-fx/wss4j/keys/ca.db.certs/02.pem
Index: 02.pem
===================================================================
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=DE, ST=Bayern, L=Munich, O=Home, OU=Apache WSS4J, CN=Werner
Validity
Not Before: Feb 29 12:00:29 2004 GMT
Not After : Feb 28 12:00:29 2005 GMT
Subject: C=DE, ST=Bayern, L=Munich, O=Apache, OU=WSS4J, CN=wernerd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:ad:ce:34:88:66:c7:13:0b:41:33:37:10:df:fd:
87:2b:e0:3d:88:07:8d:84:7a:3c:51:1c:46:94:71:
77:ad:e3:b1:4c:b3:30:0e:5d:b5:72:39:ee:89:2f:
ab:bb:2f:08:2f:cd:de:a4:db:f7:4e:51:73:93:a2:
21:e0:47:9f:8b:c2:58:05:c9:f4:60:8c:89:fa:d3:
96:10:07:56:ce:de:06:63:e9:50:97:c1:83:3e:49:
67:e5:82:eb:5f:ef:85:83:01:db:62:10:8d:27:20:
3f:f3:03:40:6f:43:41:9e:e0:40:88:e5:bd:02:8f:
a9:4a:10:58:83:7c:43:42:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
5E:61:46:E0:09:9A:44:80:9A:A4:B2:6F:04:00:24:F3:86:D6:16:8F
X509v3 Authority Key Identifier:
keyid:D0:C2:5B:D0:A4:D4:EB:05:FD:7C:4C:0E:A7:1E:2F:A0:CA:68:4F:3A
DirName:/C=DE/ST=Bayern/L=Munich/O=Home/OU=Apache WSS4J/CN=Werner
serial:00
Signature Algorithm: md5WithRSAEncryption
7c:35:e4:e7:63:18:af:26:77:1c:5f:cc:e6:89:2b:ac:8d:a2:
f9:70:60:84:58:75:40:12:6e:b2:37:47:26:92:97:5e:f1:28:
06:35:1a:e2:48:6b:89:f3:f0:73:52:ad:77:ce:5a:01:c0:84:
cf:e4:3e:a4:ee:6e:ad:93:99:6b:ec:48:27:0e:f4:8c:c9:21:
12:76:43:ce:1c:af:c6:2e:1c:c3:eb:8e:22:29:58:50:d2:0d:
01:3e:19:df:0f:51:ea:88:37:9c:66:08:a1:df:71:73:11:20:
b7:02:19:38:e1:2f:53:d9:0b:1f:cb:62:6c:75:fa:42:10:24:
ff:4a
-----BEGIN CERTIFICATE-----
MIIDLTCCApagAwIBAgIBAjANBgkqhkiG9w0BAQQFADBmMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGQmF5ZXJuMQ8wDQYDVQQHEwZNdW5pY2gxDTALBgNVBAoTBEhvbWUx
FTATBgNVBAsTDEFwYWNoZSBXU1M0SjEPMA0GA1UEAxMGV2VybmVyMB4XDTA0MDIy
OTEyMDAyOVoXDTA1MDIyODEyMDAyOVowYjELMAkGA1UEBhMCREUxDzANBgNVBAgT
BkJheWVybjEPMA0GA1UEBxMGTXVuaWNoMQ8wDQYDVQQKEwZBcGFjaGUxDjAMBgNV
BAsTBVdTUzRKMRAwDgYDVQQDEwd3ZXJuZXJkMIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQCtzjSIZscTC0EzNxDf/Ycr4D2IB42EejxRHEaUcXet47FMszAOXbVy
Oe6JL6u7Lwgvzd6k2/dOUXOToiHgR5+LwlgFyfRgjIn605YQB1bO3gZj6VCXwYM+
SWflgutf74WDAdtiEI0nID/zA0BvQ0Ge4ECI5b0Cj6lKEFiDfENCAQIDAQABo4Hu
MIHrMAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVk
IENlcnRpZmljYXRlMB0GA1UdDgQWBBReYUbgCZpEgJqksm8EACTzhtYWjzCBkAYD
VR0jBIGIMIGFgBTQwlvQpNTrBf18TA6nHi+gymhPOqFqpGgwZjELMAkGA1UEBhMC
REUxDzANBgNVBAgTBkJheWVybjEPMA0GA1UEBxMGTXVuaWNoMQ0wCwYDVQQKEwRI
b21lMRUwEwYDVQQLEwxBcGFjaGUgV1NTNEoxDzANBgNVBAMTBldlcm5lcoIBADAN
BgkqhkiG9w0BAQQFAAOBgQB8NeTnYxivJnccX8zmiSusjaL5cGCEWHVAEm6yN0cm
kpde8SgGNRriSGuJ8/BzUq13zloBwITP5D6k7m6tk5lr7EgnDvSMySESdkPOHK/G
LhzD644iKVhQ0g0BPhnfD1HqiDecZgih33FzESC3Ahk44S9T2Qsfy2JsdfpCECT/
Sg==
-----END CERTIFICATE-----
1.1 ws-fx/wss4j/keys/ca.db.certs/01.pem
Index: 01.pem
===================================================================
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=DE, ST=Bayern, L=Munich, O=Home, OU=Apache WSS4J, CN=Werner
Validity
Not Before: Feb 29 10:51:17 2004 GMT
Not After : Feb 28 10:51:17 2005 GMT
Subject: C=DE, ST=Bayern, L=Munich, O=Apache, OU=WSS4J, CN=werner
Subject Public Key Info:
Public Key Algorithm: dsaEncryption
DSA Public Key:
pub:
00:e2:aa:a5:25:3a:2e:7b:7f:88:1a:73:a1:d1:1a:
2d:5f:a1:fa:2b:bf:0c:de:55:f2:88:34:21:6c:eb:
71:5a:2c:ce:e4:d1:b4:e6:7b:87:f8:33:2b:83:4c:
4a:05:d0:f5:6c:50:b7:4a:aa:57:44:7a:7a:6c:e7:
37:d1:2c:8d:97:98:34:e1:6b:72:a3:e9:cb:69:02:
57:e9:0d:5d:ab:e8:a2:47:1d:15:01:cf:3d:7b:a8:
c3:23:ea:8e:85:c9:e8:74:60:64:a8:c1:07:16:b2:
87:6b:5d:c9:f8:eb:65:23:3e:2d:33:8a:9a:8f:09:
e0:12:45:8d:7f:fe:44:70:e1
P:
00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec:
e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6:
51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf:
c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34:
6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b:
10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7:
c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35:
54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef:
f2:22:03:19:9d:d1:48:01:c7
Q:
00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb:
84:0b:f0:58:1c:f5
G:
00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8:
57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d:
07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10:
81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09:
32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3:
ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62:
f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89:
a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55:
25:64:01:4c:3b:fe:cf:49:2a
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
55:B1:89:EB:BB:5E:9D:51:54:1C:50:AE:33:84:FC:22:E7:B6:4A:21
X509v3 Authority Key Identifier:
keyid:D0:C2:5B:D0:A4:D4:EB:05:FD:7C:4C:0E:A7:1E:2F:A0:CA:68:4F:3A
DirName:/C=DE/ST=Bayern/L=Munich/O=Home/OU=Apache WSS4J/CN=Werner
serial:00
Signature Algorithm: md5WithRSAEncryption
4b:e7:2b:8f:1b:19:92:34:52:af:b5:97:61:33:53:88:c0:dc:
db:fd:1c:30:11:3b:38:ab:5a:b4:4f:e6:3a:91:67:ba:89:68:
1e:9b:40:70:bc:0c:1d:07:c2:a0:46:c9:fb:e1:4b:02:10:fc:
7d:98:81:d7:98:9f:4b:7c:24:4c:1d:b1:6a:45:ca:5b:e7:44:
a3:e6:e8:17:8d:1d:87:72:68:86:a4:c3:04:08:b0:ca:09:78:
c0:2c:f5:01:3e:6e:ef:eb:64:dc:6c:1e:ad:74:2a:15:87:ec:
c9:b5:c4:de:47:6a:27:f7:27:a2:eb:8d:ac:16:b9:c2:2b:16:
ce:b0
-----BEGIN CERTIFICATE-----
MIIERjCCA6+gAwIBAgIBATANBgkqhkiG9w0BAQQFADBmMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGQmF5ZXJuMQ8wDQYDVQQHEwZNdW5pY2gxDTALBgNVBAoTBEhvbWUx
FTATBgNVBAsTDEFwYWNoZSBXU1M0SjEPMA0GA1UEAxMGV2VybmVyMB4XDTA0MDIy
OTEwNTExN1oXDTA1MDIyODEwNTExN1owYTELMAkGA1UEBhMCREUxDzANBgNVBAgT
BkJheWVybjEPMA0GA1UEBxMGTXVuaWNoMQ8wDQYDVQQKEwZBcGFjaGUxDjAMBgNV
BAsTBVdTUzRKMQ8wDQYDVQQDEwZ3ZXJuZXIwggG4MIIBLAYHKoZIzjgEATCCAR8C
gYEA/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F
9bow9subVWzXgTuAHTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYV
DwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKS
uYKi64QL8Fgc9QKBgQD34aCF1ps93su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZ
V4661FlP5nEHEIGAtEkWcSPoTCgWE7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFu
o38L+iE1YvH7YnoBJDvMpPG+qFGQiaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOB
hQACgYEA4qqlJToue3+IGnOh0RotX6H6K78M3lXyiDQhbOtxWizO5NG05nuH+DMr
g0xKBdD1bFC3SqpXRHp6bOc30SyNl5g04Wtyo+nLaQJX6Q1dq+iiRx0VAc89e6jD
I+qOhcnodGBkqMEHFrKHa13J+OtlIz4tM4qajwngEkWNf/5EcOGjge4wgeswCQYD
VR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlm
aWNhdGUwHQYDVR0OBBYEFFWxieu7Xp1RVBxQrjOE/CLntkohMIGQBgNVHSMEgYgw
gYWAFNDCW9Ck1OsF/XxMDqceL6DKaE86oWqkaDBmMQswCQYDVQQGEwJERTEPMA0G
A1UECBMGQmF5ZXJuMQ8wDQYDVQQHEwZNdW5pY2gxDTALBgNVBAoTBEhvbWUxFTAT
BgNVBAsTDEFwYWNoZSBXU1M0SjEPMA0GA1UEAxMGV2VybmVyggEAMA0GCSqGSIb3
DQEBBAUAA4GBAEvnK48bGZI0Uq+1l2EzU4jA3Nv9HDAROzirWrRP5jqRZ7qJaB6b
QHC8DB0HwqBGyfvhSwIQ/H2YgdeYn0t8JEwdsWpFylvnRKPm6BeNHYdyaIakwwQI
sMoJeMAs9QE+bu/rZNxsHq10KhWH7Mm1xN5Haif3J6LrjawWucIrFs6w
-----END CERTIFICATE-----