mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update CRLs switch to 120 days, add gen script

Browse Source
This commit is contained in:
toddouska 2012-08-10 11:02:46 -07:00
parent 8343317e1b
commit 15fe7f4d94
8 changed files with 167 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
certs/crl/cliCrl.pem
View File

@ -2,38 +2,38 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: /C=US/ST=Oregon/L=Portland/O=yaSSL/OU=Programming/CN=www.yassl.com/emailAddress=info@yassl.com
Last Update: May 18 17:37:23 2012 GMT
Next Update: Jun 17 17:37:23 2012 GMT
Last Update: Aug 10 18:01:01 2012 GMT
Next Update: Dec 8 18:01:01 2012 GMT
CRL extensions:
X509v3 CRL Number:
1
62
No Revoked Certificates.
Signature Algorithm: sha1WithRSAEncryption
6b:d7:b2:9e:21:8a:04:e7:43:68:46:a7:36:eb:4e:6e:23:91:
f9:e9:1f:f1:7f:48:79:64:cd:ea:86:1c:36:63:f8:aa:8c:b3:
62:34:bb:18:28:5a:42:f7:8a:64:3e:7f:36:05:49:a2:29:38:
71:e8:54:da:87:05:53:55:c3:0b:ae:10:0a:f0:5d:f0:6e:5c:
26:8b:55:4f:8f:d2:08:41:42:21:8d:b7:f1:6d:22:d1:a0:04:
9e:67:cb:43:51:55:e6:00:41:d0:cd:82:e8:03:42:29:88:49:
e1:f4:8d:1e:e5:ad:18:8b:3a:60:aa:dc:47:33:9d:ce:79:41:
0c:81:a9:cc:a7:a4:d9:07:3a:eb:df:41:34:ca:a6:b9:93:47:
72:1d:c4:71:71:69:4b:4b:74:e4:2c:ff:91:f3:47:77:de:da:
05:ab:de:05:57:6a:89:d6:f8:b2:f7:69:9b:a6:c6:e9:cd:c3:
60:4a:79:66:62:3b:a1:f2:e2:44:9b:f2:31:44:94:46:f0:96:
ab:b5:04:97:6b:09:82:64:8b:68:b0:73:46:ae:25:fa:33:ca:
f4:ce:cb:35:7e:e2:23:a1:df:5f:70:40:b5:1d:cd:dd:b0:ff:
20:6a:23:a1:ed:95:11:16:69:a0:ca:7e:90:c3:ed:be:5e:56:
0a:da:04:e3
1e:69:b2:c4:72:a7:b2:c9:e1:b9:ac:06:40:2c:c5:66:9a:07:
6c:91:2e:17:09:c7:86:b4:62:2d:0f:1f:a3:a3:1c:93:ce:45:
53:d5:57:94:a6:77:af:51:da:86:e4:1e:6f:57:c8:cc:5f:07:
8d:a5:db:bd:b3:f7:cf:e2:11:3c:e2:51:79:7e:b3:a9:47:f7:
c1:17:12:5b:7c:e5:c3:71:17:d2:ce:59:d4:0d:dc:45:ff:bc:
fe:a7:76:7b:92:88:52:0c:a5:e0:79:75:86:50:27:15:2a:01:
66:a6:ba:96:d4:9a:14:1d:92:7d:63:72:5f:25:9b:05:72:cb:
ed:6d:7c:92:1f:4f:3e:64:cb:5d:80:9e:ad:c8:47:83:88:5b:
3d:07:3f:d3:6a:2c:dd:c9:f7:09:bb:05:2f:9a:f4:73:15:f4:
61:b1:47:87:9c:bf:c9:61:42:19:14:b8:67:9c:c5:c1:86:f1:
e8:63:71:40:6c:2f:b1:c1:0c:1f:f4:c4:80:e2:d0:cb:88:6b:
51:1e:e9:b0:06:19:7c:6d:85:cf:05:7f:fe:3d:35:79:9e:f0:
5b:f4:06:63:d4:eb:d2:e2:70:29:a9:02:b4:c1:b4:bd:53:f4:
8f:b3:df:37:91:44:d5:e8:c4:10:86:76:0e:49:2b:ba:9a:a4:
dd:33:0e:7e
-----BEGIN X509 CRL-----
MIIB6DCB0QIBATANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxDzANBgNV
BAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxhbmQxDjAMBgNVBAoTBXlhU1NMMRQw
EgYDVQQLEwtQcm9ncmFtbWluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEdMBsG
CSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20XDTEyMDUxODE3MzcyM1oXDTEyMDYx
NzE3MzcyM1qgDjAMMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBBQUAA4IBAQBr17Ke
IYoE50NoRqc2605uI5H56R/xf0h5ZM3qhhw2Y/iqjLNiNLsYKFpC94pkPn82BUmi
KThx6FTahwVTVcMLrhAK8F3wblwmi1VPj9IIQUIhjbfxbSLRoASeZ8tDUVXmAEHQ
zYLoA0IpiEnh9I0e5a0YizpgqtxHM53OeUEMganMp6TZBzrr30E0yqa5k0dyHcRx
cWlLS3TkLP+R80d33toFq94FV2qJ1viy92mbpsbpzcNgSnlmYjuh8uJEm/IxRJRG
8JartQSXawmCZItosHNGriX6M8r0zss1fuIjod9fcEC1Hc3dsP8gaiOh7ZURFmmg
yn6Qw+2+XlYK2gTj
CSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20XDTEyMDgxMDE4MDEwMVoXDTEyMTIw
ODE4MDEwMVqgDjAMMAoGA1UdFAQDAgE+MA0GCSqGSIb3DQEBBQUAA4IBAQAeabLE
cqeyyeG5rAZALMVmmgdskS4XCceGtGItDx+joxyTzkVT1VeUpnevUdqG5B5vV8jM
XweNpdu9s/fP4hE84lF5frOpR/fBFxJbfOXDcRfSzlnUDdxF/7z+p3Z7kohSDKXg
eXWGUCcVKgFmprqW1JoUHZJ9Y3JfJZsFcsvtbXySH08+ZMtdgJ6tyEeDiFs9Bz/T
aizdyfcJuwUvmvRzFfRhsUeHnL/JYUIZFLhnnMXBhvHoY3FAbC+xwQwf9MSA4tDL
iGtRHumwBhl8bYXPBX/+PTV5nvBb9AZj1OvS4nApqQK0wbS9U/SPs983kUTV6MQQ
hnYOSSu6mqTdMw5+
-----END X509 CRL-----

52
certs/crl/crl.pem
View File

@ -2,38 +2,38 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com
Last Update: May 18 23:22:13 2012 GMT
Next Update: Jun 17 23:22:13 2012 GMT
Last Update: Aug 10 18:01:01 2012 GMT
Next Update: Dec 8 18:01:01 2012 GMT
CRL extensions:
X509v3 CRL Number:
5
60
No Revoked Certificates.
Signature Algorithm: sha1WithRSAEncryption
aa:c2:16:c6:7c:cf:4e:ee:f4:44:af:cf:66:ce:b9:af:89:1b:
83:e4:0b:cf:67:68:95:32:9f:ee:80:60:1e:93:82:4c:c6:d3:
93:90:c7:cd:7c:31:90:d0:f3:4f:4a:db:d2:ad:99:d5:38:fb:
ba:a6:3d:52:79:ce:6c:15:e5:dc:c0:57:43:f8:56:13:39:b9:
c1:af:e3:a3:fb:79:18:82:e7:b6:99:5a:4f:5f:88:b8:9e:5c:
54:ef:87:06:a7:bb:c7:64:08:b0:9a:32:f7:12:88:b7:f2:af:
35:5c:10:89:43:52:36:4e:90:55:25:c7:0e:5d:13:45:73:b5:
22:79:9f:62:b7:15:a6:2f:9a:02:a6:95:fc:a5:1d:bb:e3:c1:
fc:6a:49:db:21:fb:d5:19:68:9c:bc:08:af:bf:4f:58:87:bc:
34:fb:46:7a:60:e4:5c:8f:cf:da:a9:23:ab:f5:e1:e8:18:41:
fb:d0:5d:2d:b1:8c:80:1b:67:0f:eb:77:7d:53:39:9b:f4:e7:
a9:49:ff:94:39:8f:e4:5e:4b:a9:46:62:b6:17:28:1d:8f:30:
1c:19:5e:99:d3:4f:56:0d:5a:73:03:52:45:f4:5f:0d:af:e1:
dd:e1:f3:6f:6b:d9:94:48:4d:7e:6e:9d:f2:98:57:2c:03:56:
cb:5a:b5:3a
26:1c:06:6a:42:ff:8b:18:71:4e:ef:7c:02:74:43:6f:7b:83:
99:2f:e1:4e:74:0f:f9:99:62:a1:90:88:11:1b:d8:59:3b:1e:
34:dd:f4:92:81:6f:49:2c:9a:5f:ba:21:6f:11:95:19:6e:da:
38:a4:4e:a0:7e:4a:fb:7c:c6:9f:c8:26:2d:9b:cd:e8:30:14:
10:38:56:63:89:bf:a7:eb:11:0f:7c:81:60:d7:c3:ab:07:ef:
6c:af:81:4d:b9:cd:6e:91:c6:42:13:01:d8:1a:62:cb:52:fd:
44:0b:fa:9f:34:de:75:ba:5a:3d:df:d4:b1:7e:a0:b9:3f:f5:
ed:a3:e6:ef:ef:20:95:45:3c:75:8c:a8:5c:ae:8c:e9:3c:f1:
e6:34:fd:65:bb:9a:f9:5f:8c:96:7c:32:12:50:43:2b:30:94:
4e:8a:f0:c3:5e:c9:e2:49:08:83:64:7a:3b:f3:d5:30:f3:78:
4b:20:3c:51:d0:da:37:14:f4:c8:f2:ab:41:d2:c3:b9:7a:7f:
42:17:42:79:a4:10:67:4e:84:d4:e9:a9:e8:dd:46:5d:b2:f4:
e8:3d:1c:24:3c:81:e7:56:bb:43:11:e2:d9:a2:9d:ce:b5:78:
ad:19:14:7c:d7:37:e8:bf:f7:30:fc:4d:05:a9:33:6b:12:9f:
24:19:39:35
-----BEGIN X509 CRL-----
MIIB6jCB0wIBATANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMCVVMxEDAOBgNV
BAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAPBgNVBAoTCFNhd3Rvb3Ro
MRMwEQYDVQQLEwpDb25zdWx0aW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0w
GwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbRcNMTIwNTE4MjMyMjEzWhcNMTIw
NjE3MjMyMjEzWqAOMAwwCgYDVR0UBAMCAQUwDQYJKoZIhvcNAQEFBQADggEBAKrC
FsZ8z07u9ESvz2bOua+JG4PkC89naJUyn+6AYB6TgkzG05OQx818MZDQ809K29Kt
mdU4+7qmPVJ5zmwV5dzAV0P4VhM5ucGv46P7eRiC57aZWk9fiLieXFTvhwanu8dk
CLCaMvcSiLfyrzVcEIlDUjZOkFUlxw5dE0VztSJ5n2K3FaYvmgKmlfylHbvjwfxq
Sdsh+9UZaJy8CK+/T1iHvDT7Rnpg5FyPz9qpI6v14egYQfvQXS2xjIAbZw/rd31T
OZv056lJ/5Q5j+ReS6lGYrYXKB2PMBwZXpnTT1YNWnMDUkX0Xw2v4d3h829r2ZRI
TX5unfKYVywDVstatTo=
GwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbRcNMTIwODEwMTgwMTAxWhcNMTIx
MjA4MTgwMTAxWqAOMAwwCgYDVR0UBAMCATwwDQYJKoZIhvcNAQEFBQADggEBACYc
BmpC/4sYcU7vfAJ0Q297g5kv4U50D/mZYqGQiBEb2Fk7HjTd9JKBb0ksml+6IW8R
lRlu2jikTqB+Svt8xp/IJi2bzegwFBA4VmOJv6frEQ98gWDXw6sH72yvgU25zW6R
xkITAdgaYstS/UQL+p803nW6Wj3f1LF+oLk/9e2j5u/vIJVFPHWMqFyujOk88eY0
/WW7mvlfjJZ8MhJQQyswlE6K8MNeyeJJCINkejvz1TDzeEsgPFHQ2jcU9Mjyq0HS
w7l6f0IXQnmkEGdOhNTpqejdRl2y9Og9HCQ8gedWu0MR4tminc61eK0ZFHzXN+i/
9zD8TQWpM2sSnyQZOTU=
-----END X509 CRL-----

54
certs/crl/crl.revoked
View File

@ -2,40 +2,40 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com
Last Update: May 15 23:51:25 2012 GMT
Next Update: Jun 14 23:51:25 2012 GMT
Last Update: Aug 10 18:01:01 2012 GMT
Next Update: Dec 8 18:01:01 2012 GMT
CRL extensions:
X509v3 CRL Number:
4
61
Revoked Certificates:
Serial Number: 02
Revocation Date: May 4 17:06:05 2012 GMT
Revocation Date: Aug 10 18:01:01 2012 GMT
Signature Algorithm: sha1WithRSAEncryption
aa:e4:44:9b:6b:c9:0b:d3:6f:ba:09:3d:90:93:ae:96:86:73:
f6:90:28:ba:93:3b:95:0c:91:c9:10:53:f1:15:fd:43:9a:ba:
4e:dc:8e:e8:10:4d:d8:8b:be:a8:a2:12:4c:19:c1:13:9f:3c:
fe:54:60:32:b7:45:77:17:2a:40:f2:16:52:9e:68:fe:be:03:
99:9c:b1:d3:4b:be:87:5b:f4:12:3c:9e:3d:59:c8:b9:a2:2c:
78:94:9c:cd:b0:17:d0:b3:bd:86:99:2b:1d:38:b5:03:d8:d1:
0d:8f:1a:8c:97:ff:87:01:4f:91:22:30:c2:a5:10:bb:e3:fb:
31:b7:44:8a:5a:82:e1:e5:30:69:84:d1:4b:c2:d3:07:bf:21:
d5:33:2d:ad:4b:e4:6f:83:c1:66:16:74:31:7d:f9:d6:1e:10:
66:fd:7d:ad:66:3c:32:cc:a3:98:75:63:16:5c:df:e1:37:3d:
e9:08:d2:7b:05:dd:4c:31:92:53:0c:f1:ea:8e:be:31:d1:eb:
ac:37:a8:cd:c4:30:c5:91:cc:38:a3:55:4a:51:01:39:cf:7d:
50:57:d2:f2:47:4a:1d:7f:3a:32:16:89:e8:5a:1b:f8:64:33:
48:e5:b8:ef:ba:2e:f3:52:7e:ba:28:0e:9b:f7:07:b8:b6:38:
f9:d0:dd:78
5c:eb:53:33:02:74:bb:c1:37:37:81:1a:36:9c:eb:d0:28:87:
12:56:1a:d8:ec:ae:8e:ef:42:d0:61:07:f0:f0:b5:e8:2a:16:
5e:78:ab:e9:ad:62:f3:6c:c5:fe:7a:b5:c7:0e:8a:e3:0a:2d:
63:b5:ec:c4:c1:1f:1e:c3:77:b7:24:10:4b:09:b1:d8:ea:40:
4f:74:6a:9a:d7:57:bd:b9:d3:e2:42:81:81:b2:5c:42:d8:d3:
21:3f:f2:05:e2:11:8f:ce:60:cc:3b:76:55:e6:5f:6d:71:13:
b1:7e:2c:50:d2:29:fe:f2:ad:96:f9:ee:8f:5c:c3:0a:73:e7:
78:c5:8f:6e:0d:35:66:64:4a:76:05:93:9f:eb:05:b2:c3:a1:
f5:d5:4c:4b:6e:79:f2:8d:51:90:7c:9d:a9:f5:94:7f:93:fe:
39:da:c1:fb:8c:94:66:1d:d4:40:a9:48:ee:3b:91:14:83:4e:
b4:ea:93:07:f6:be:48:4a:ec:4c:26:61:2d:a2:66:01:c5:d8:
d3:18:f6:d0:1b:d2:94:13:c9:94:84:54:e4:44:10:01:66:25:
47:ee:b2:19:4a:65:e3:79:42:9e:12:af:a7:4a:a4:66:35:e3:
1a:db:2c:80:ff:a4:9c:2e:6e:32:8e:50:5d:ec:7e:de:1a:01:
a9:08:fc:a2
-----BEGIN X509 CRL-----
MIICADCB6QIBATANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMCVVMxEDAOBgNV
BAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAPBgNVBAoTCFNhd3Rvb3Ro
MRMwEQYDVQQLEwpDb25zdWx0aW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0w
GwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbRcNMTIwNTE1MjM1MTI1WhcNMTIw
NjE0MjM1MTI1WjAUMBICAQIXDTEyMDUwNDE3MDYwNVqgDjAMMAoGA1UdFAQDAgEE
MA0GCSqGSIb3DQEBBQUAA4IBAQCq5ESba8kL02+6CT2Qk66WhnP2kCi6kzuVDJHJ
EFPxFf1DmrpO3I7oEE3Yi76oohJMGcETnzz+VGAyt0V3FypA8hZSnmj+vgOZnLHT
S76HW/QSPJ49Wci5oix4lJzNsBfQs72GmSsdOLUD2NENjxqMl/+HAU+RIjDCpRC7
4/sxt0SKWoLh5TBphNFLwtMHvyHVMy2tS+Rvg8FmFnQxffnWHhBm/X2tZjwyzKOY
dWMWXN/hNz3pCNJ7Bd1MMZJTDPHqjr4x0eusN6jNxDDFkcw4o1VKUQE5z31QV9Ly
R0odfzoyFonoWhv4ZDNI5bjvui7zUn66KA6b9we4tjj50N14
GwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbRcNMTIwODEwMTgwMTAxWhcNMTIx
MjA4MTgwMTAxWjAUMBICAQIXDTEyMDgxMDE4MDEwMVqgDjAMMAoGA1UdFAQDAgE9
MA0GCSqGSIb3DQEBBQUAA4IBAQBc61MzAnS7wTc3gRo2nOvQKIcSVhrY7K6O70LQ
YQfw8LXoKhZeeKvprWLzbMX+erXHDorjCi1jtezEwR8ew3e3JBBLCbHY6kBPdGqa
11e9udPiQoGBslxC2NMhP/IF4hGPzmDMO3ZV5l9tcROxfixQ0in+8q2W+e6PXMMK
c+d4xY9uDTVmZEp2BZOf6wWyw6H11UxLbnnyjVGQfJ2p9ZR/k/452sH7jJRmHdRA
qUjuO5EUg0606pMH9r5ISuxMJmEtomYBxdjTGPbQG9KUE8mUhFTkRBABZiVH7rIZ
SmXjeUKeEq+nSqRmNeMa2yyA/6ScLm4yjlBd7H7eGgGpCPyi
-----END X509 CRL-----

24
certs/crl/eccCliCRL.pem
View File

@ -2,23 +2,23 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA1
Issuer: /C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.yassl.com/emailAddress=info@yassl.com
Last Update: May 25 20:21:43 2012 GMT
Next Update: Jun 24 20:21:43 2012 GMT
Last Update: Aug 10 18:01:01 2012 GMT
Next Update: Dec 8 18:01:01 2012 GMT
CRL extensions:
X509v3 CRL Number:
1
63
No Revoked Certificates.
Signature Algorithm: ecdsa-with-SHA1
30:45:02:21:00:c8:82:17:00:62:02:ae:73:f8:80:57:3d:19:
df:f3:36:5a:4c:12:89:d5:d6:b4:aa:29:b6:c8:7d:f2:1d:2f:
55:02:20:18:f4:ad:18:1a:c5:df:39:81:ad:0d:3e:45:14:3d:
07:44:31:21:bd:ed:13:32:7b:32:03:41:a1:0f:fd:1a:67
30:44:02:20:7f:8d:d7:28:61:96:4c:b7:a8:17:0a:7f:9d:cf:
fa:29:e1:1d:cb:30:61:1b:b3:6b:f0:61:68:15:25:76:62:32:
02:20:55:ca:fc:37:b4:4c:f9:78:99:b3:c9:d4:1a:e1:fa:f7:
8a:4a:94:ce:31:ed:b0:1f:dc:64:d7:2a:59:47:b9:2d
-----BEGIN X509 CRL-----
MIIBIDCByAIBATAJBgcqhkjOPQQBMIGJMQswCQYDVQQGEwJVUzEPMA0GA1UECBMG
MIIBHzCByAIBATAJBgcqhkjOPQQBMIGJMQswCQYDVQQGEwJVUzEPMA0GA1UECBMG
T3JlZ29uMQ4wDAYDVQQHEwVTYWxlbTETMBEGA1UEChMKQ2xpZW50IEVDQzENMAsG
A1UECxMERmFzdDEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEdMBsGCSqGSIb3DQEJ
ARYOaW5mb0B5YXNzbC5jb20XDTEyMDUyNTIwMjE0M1oXDTEyMDYyNDIwMjE0M1qg
DjAMMAoGA1UdFAQDAgEBMAkGByqGSM49BAEDSAAwRQIhAMiCFwBiAq5z+IBXPRnf
8zZaTBKJ1da0qim2yH3yHS9VAiAY9K0YGsXfOYGtDT5FFD0HRDEhve0TMnsyA0Gh
D/0aZw==
ARYOaW5mb0B5YXNzbC5jb20XDTEyMDgxMDE4MDEwMVoXDTEyMTIwODE4MDEwMVqg
DjAMMAoGA1UdFAQDAgE/MAkGByqGSM49BAEDRwAwRAIgf43XKGGWTLeoFwp/nc/6
KeEdyzBhG7Nr8GFoFSV2YjICIFXK/De0TPl4mbPJ1Brh+veKSpTOMe2wH9xk1ypZ
R7kt
-----END X509 CRL-----

24
certs/crl/eccSrvCRL.pem
View File

@ -2,23 +2,23 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA1
Issuer: /C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.yassl.com/emailAddress=info@yassl.com
Last Update: May 25 20:15:31 2012 GMT
Next Update: Jun 24 20:15:31 2012 GMT
Last Update: Aug 10 18:01:01 2012 GMT
Next Update: Dec 8 18:01:01 2012 GMT
CRL extensions:
X509v3 CRL Number:
1
64
No Revoked Certificates.
Signature Algorithm: ecdsa-with-SHA1
30:46:02:21:00:d3:e3:d6:58:f7:92:c6:93:e3:c2:b9:81:dd:
b2:3f:e8:c9:4d:61:b1:ed:25:d2:1d:49:da:bd:15:ab:c7:21:
9f:02:21:00:e6:8f:20:2a:10:e7:85:26:6b:31:6e:c4:c2:08:
b5:c3:fa:d0:fa:ca:34:8c:2a:85:6c:18:94:84:18:46:96:a7
30:44:02:20:59:42:06:a7:73:69:03:08:05:e8:4b:95:ca:cf:
f1:30:9e:84:4b:3c:52:c8:10:b9:c8:36:c8:07:64:65:fd:bf:
02:20:71:60:a7:35:d6:8c:52:c2:df:06:dc:40:52:c5:ef:4c:
8b:ec:96:4b:72:b0:c4:36:3e:c8:9d:62:5e:49:f2:5f
-----BEGIN X509 CRL-----
MIIBIzCBygIBATAJBgcqhkjOPQQBMIGLMQswCQYDVQQGEwJVUzETMBEGA1UECBMK
MIIBITCBygIBATAJBgcqhkjOPQQBMIGLMQswCQYDVQQGEwJVUzETMBEGA1UECBMK
V2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTEQMA4GA1UEChMHRWxpcHRpYzEM
MAoGA1UECxMDRUNDMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJKoZIhvcN
AQkBFg5pbmZvQHlhc3NsLmNvbRcNMTIwNTI1MjAxNTMxWhcNMTIwNjI0MjAxNTMx
WqAOMAwwCgYDVR0UBAMCAQEwCQYHKoZIzj0EAQNJADBGAiEA0+PWWPeSxpPjwrmB
3bI/6MlNYbHtJdIdSdq9FavHIZ8CIQDmjyAqEOeFJmsxbsTCCLXD+tD6yjSMKoVs
GJSEGEaWpw==
AQkBFg5pbmZvQHlhc3NsLmNvbRcNMTIwODEwMTgwMTAxWhcNMTIxMjA4MTgwMTAx
WqAOMAwwCgYDVR0UBAMCAUAwCQYHKoZIzj0EAQNHADBEAiBZQganc2kDCAXoS5XK
z/EwnoRLPFLIELnINsgHZGX9vwIgcWCnNdaMUsLfBtxAUsXvTIvslktysMQ2Psid
Yl5J8l8=
-----END X509 CRL-----

57
certs/crl/gencrls.sh Executable file
View File

@ -0,0 +1,57 @@
#!/bin/bash
# gencrls, crl config already done, see taoCerts.txt for setup
# caCrl
openssl ca -gencrl -crldays 120 -out crl.pem -keyfile ~/cyassl/certs/ca-key.pem -cert ~/cyassl/certs/ca-cert.pem
# metadata
openssl crl -in crl.pem -text > tmp
mv tmp crl.pem
# install
cp crl.pem ~/cyassl/certs/crl/crl.pem
# caCrl server revoked
openssl ca -revoke ~/cyassl/certs/server-cert.pem -keyfile ~/cyassl/certs/ca-key.pem -cert ~/cyassl/certs/ca-cert.pem
# caCrl server revoked generation
openssl ca -gencrl -crldays 120 -out crl.revoked -keyfile ~/cyassl/certs/ca-key.pem -cert ~/cyassl/certs/ca-cert.pem
# metadata
openssl crl -in crl.revoked -text > tmp
mv tmp crl.revoked
# install
cp crl.revoked ~/cyassl/certs/crl/crl.revoked
# remove revoked so next time through the normal CA won't have server revoked
cp blank.index.txt demoCA/index.txt
# cliCrl
openssl ca -gencrl -crldays 120 -out cliCrl.pem -keyfile ~/cyassl/certs/client-key.pem -cert ~/cyassl/certs/client-cert.pem
# metadata
openssl crl -in cliCrl.pem -text > tmp
mv tmp cliCrl.pem
# install
cp cliCrl.pem ~/cyassl/certs/crl/cliCrl.pem
# eccCliCRL
openssl ca -gencrl -crldays 120 -out eccCliCRL.pem -keyfile ~/cyassl/certs/ecc-client-key.pem -cert ~/cyassl/certs/client-ecc-cert.pem
# metadata
openssl crl -in eccCliCRL.pem -text > tmp
mv tmp eccCliCRL.pem
# install
cp eccCliCRL.pem ~/cyassl/certs/crl/eccCliCRL.pem
# eccSrvCRL
openssl ca -gencrl -crldays 120 -out eccSrvCRL.pem -keyfile ~/cyassl/certs/ecc-key.pem -cert ~/cyassl/certs/server-ecc.pem
# metadata
openssl crl -in eccSrvCRL.pem -text > tmp
mv tmp eccSrvCRL.pem
# install
cp eccSrvCRL.pem ~/cyassl/certs/crl/eccSrvCRL.pem

2
certs/taoCert.txt
View File

@ -112,7 +112,7 @@ openssl dhparam -in dh2048.param -text > dh2048.pem
1) create a crl
a) openssl ca -gencrl -out crl.pem -keyfile ./ca-key.pem -cert ./ca-cert.pem
a) openssl ca -gencrl -crldays 120 -out crl.pem -keyfile ./ca-key.pem -cert ./ca-cert.pem
Error No ./CA root/index.txt so:

9
examples/client/client.c
View File

@ -327,9 +327,12 @@ void client_test(void* args)
err_sys("unable to get SSL object");
CyaSSL_set_fd(ssl, sockfd);
#ifdef HAVE_CRL
CyaSSL_EnableCRL(ssl, CYASSL_CRL_CHECKALL);
CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0);
CyaSSL_SetCRL_Cb(ssl, CRL_CallBack);
if (CyaSSL_EnableCRL(ssl, CYASSL_CRL_CHECKALL) != SSL_SUCCESS)
err_sys("can't enable crl check");
if (CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0) != SSL_SUCCESS)
err_sys("can't load crl, check crlfile and date validity");
if (CyaSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS)
err_sys("can't set crl callback");
#endif
if (matchName && doPeerCheck)
CyaSSL_check_domain_name(ssl, domain);