diff options
author | Jonathan Reams <jbreams@mongodb.com> | 2019-05-10 10:43:42 -0400 |
---|---|---|
committer | Jonathan Reams <jbreams@mongodb.com> | 2019-05-20 15:59:18 -0400 |
commit | fae0c3f0fa4d5dfbe2f4fb03715b60e9ce3e2d93 (patch) | |
tree | 53ba77cbc82b4b87017f22102e6cd6cc94331867 /jstests/libs | |
parent | 31967340abb31476910730163c04782f2e915d01 (diff) | |
download | mongo-fae0c3f0fa4d5dfbe2f4fb03715b60e9ce3e2d93.tar.gz |
SERVER-40841 Re-issue invalid test certificates
Diffstat (limited to 'jstests/libs')
-rw-r--r-- | jstests/libs/README.ssl | 52 | ||||
-rw-r--r-- | jstests/libs/badSAN.pem | 155 | ||||
-rw-r--r-- | jstests/libs/client-self-signed.pem | 157 | ||||
-rw-r--r-- | jstests/libs/client.pem | 154 | ||||
-rw-r--r-- | jstests/libs/client_revoked.pem | 154 | ||||
-rw-r--r-- | jstests/libs/crl_client_revoked.pem | 49 | ||||
-rw-r--r-- | jstests/libs/localhostnameCN.pem | 157 | ||||
-rw-r--r-- | jstests/libs/localhostnameSAN.pem | 159 | ||||
-rw-r--r-- | jstests/libs/openssl_config/badSAN.cnf | 29 | ||||
-rw-r--r-- | jstests/libs/openssl_config/ca.cnf | 72 | ||||
-rw-r--r-- | jstests/libs/openssl_config/client.cnf | 26 | ||||
-rw-r--r-- | jstests/libs/openssl_config/client_revoked.cnf | 26 | ||||
-rw-r--r-- | jstests/libs/openssl_config/localhostnameCN.cnf | 30 | ||||
-rw-r--r-- | jstests/libs/openssl_config/localhostnameSAN.cnf | 32 | ||||
-rw-r--r-- | jstests/libs/openssl_config/server.cnf | 30 | ||||
-rw-r--r-- | jstests/libs/password_protected.pem | 167 | ||||
-rw-r--r-- | jstests/libs/server.pem | 157 |
17 files changed, 1190 insertions, 416 deletions
diff --git a/jstests/libs/README.ssl b/jstests/libs/README.ssl index 05f19beb847..532e70dc2fe 100644 --- a/jstests/libs/README.ssl +++ b/jstests/libs/README.ssl @@ -62,7 +62,6 @@ combine key and certificate cat mycrt.crt mykey.key > mycrt.pem --------------------------- -The other ceriticates in this directory come from x509gen. How to generate a certificate with a custom extension: 1. Generate a normal certificate signing request without an extension @@ -95,3 +94,54 @@ cat roles.pem roles2.key > roles_final.pem Example Commands for UTF-8 -------------------------- openssl req -new -utf8 -nameopt multiline,utf8 -config .\jstests\libs\client_utf8.cnf -newkey rsa:2048 -nodes -keyout roles.key -out roles.csr + +Generating other certificates +----------------------------- + +The openssl_configs directory contains the openssl config files to create/sign certificates from the +test CA. There is one config file per certificate. As an example, to generate server.pem: + +Reset the CA state with fresh directories and a new serial +$ mkdir ca_state +$ echo '01' > ca_state/serial +$ touch ca_state/index.txt + +Create the CSR for the server certificate from its config (this will also generate server.key) +$ openssl req -new -config openssl_config/server.cnf -out server.csr + +Sign the certificate with the CA (this will update ca_state and output the certificate as server.pem) +$ openssl ca -config openssl_config/ca.cnf -out server.pem -in server.csr + +Concatenate the server key into the certificate you just generated +$ cat server.key >> server.pem + +Clean up - we don't keep the ca_state around +$ rm -rf ca_state server.key server.csr + +Generating CRLs +--------------- + +Issue your certificate using the ca config above and then revoke it/create a CRL file: + +Reset the CA state with fresh directories and a new serial +$ mkdir ca_state +$ echo '01' > ca_state/serial +$ touch ca_state/index.txt + +Create the CSR for the server certificate from its config (this will also generate server.key) +$ openssl req -new -config openssl_config/client_revoked.cnf -out client_revoked.csr + +Sign the certificate +$ openssl ca -config openssl_config/ca.cnf -out client_revoked.pem -in client_revoked.csr + +Revoked the certificate +$ openssl ca -config openssl_config/ca.cnf -revoke client_revoked.pem + +Generate the CRL +$ openssl ca -config openssl_config/ca.cnf -gencrl -out crl_client_revoked.pem + +Concatenate the revoked certificate +$ cat client_revoked.key >> client_revoked.pem + +Clean up +$ rm -rf ca_state client_revoked.key client_revoked.csr diff --git a/jstests/libs/badSAN.pem b/jstests/libs/badSAN.pem index d8e362731e0..ae60404bada 100644 --- a/jstests/libs/badSAN.pem +++ b/jstests/libs/badSAN.pem @@ -1,48 +1,111 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDF+7hf6dwP/V2K +HevGuQ15WyEI9FqbHgOGKEtaB9BUORyRM24ITXA3qPxPW59kwSCZA4pNmLhV9lRR +hbFEGxWBaLOSUupvX8p3hHlQX+rv5lXN4UHn95nTAwhGBkRZsDcNSvkeuTdXYQlD +AvmUYPuXMAsMLobPAYbAawOZgHjccUZ2+wGXPxzyH+rURl36y7PgeJPVdPvIRhEe +9+BimC2Fh2QMQYxHGueP8CZ/124R5d3gteWxImP5yp1JXg0AjiKdrstahXxBcI4W +NCDtSxauyloK8msitSOMr3MLyN8Q60PLdBsQcv7cfyeVaa2hGPWzEGyv+Bh/hNcm +H6kZLMmLAgMBAAECggEAJXjDKMQmdpBJx/5pxa74seNhmURGcd14ZUfzGxMnhwlY +MtM9HC0r9BzzxEFfJb634L4eyxkAqqR4yQU4y98kbt3WPveaj4Hd3EkifOfqm4VI +8DKWOsVOQ/Xq9vXwsdj8UnPCOuJrawpeqmRBwKeqdq8NKD0WHs/3JSwb/k2mknI4 +zE5w9E5p9+/F3G9LUn+t411zRKm30BfRI+G7kzB+fgK4pTI4yaYa6l+ZJUKoxzcY +JKMODD9y8bPaQc3VIGqZd53AtjmK6nSjkmBnVzxFmrKJxJObemxuoHJ2fkZNolB0 +vZj42A0i0vN3clR4ULDUX1VQe2D4ugJJ/LfFnJimQQKBgQDqxBshBQsIg5/OC3as +u4zQR4sGmPMzH6en3ag0yOSxTSyH79lZb9Vq7BFX8kBMsXCdaQgj/ntmByCBlyU9 +tP0VtMB88VhmsXhV+CA/TGkrnIh1r5gj5tkJ8jnNBDvgtImZGC1WikHL8E/CoqOn +TXLLJN15YlslUpVtaTSGSQdSKQKBgQDX4+1j25tj9xdll8AYPMomUhw5Efim21CJ +ijrLnMESarAVUpX5ojZJCLMQKnJvL8D3k+3DXQNN1iApSI0Jcwh3m0N+ybfAXd5W +hIcXYOk/i5vdxVLY5lXtlXvcqj+PUB7RSw7UBfHnOAFHmsXOFWE2MTVZKRgeSi39 +My6d+d88kwKBgQDAbK7j2LNbbi+M/j5uhGd9zDY62SD19WtBH2Cgq00vulbWsRRQ +x2aBdi8dC9YCRqpMi2t9vTe9v/e34IBI3NFYekgP4O4ZdjtxE6iy2VmWwn3jIGMu +gifBjEYuMds2aiQiVPvMZBRcKYPmv9It7kA6G+RgeurEY7VQ8Zt4ueEDSQKBgQCj +b+vxYvl6bj8KLB3Cu5KV/CddlRtWxkVsOndUWbFYjegL3F+pgoHyPGHC5T+IqPA+ +/YBMHAg6TtY+KqyK8MkCM0qfm3o+aVG+0cmrizRJZRl0hMO5bHa0zCve3AwOJKuP +6nCpVm7RinZ9jNAeudTEP/CRNSkLFUFHpA2wjs/PfQKBgA7pP6k4d/KrCAsA0VcL +yjjNZK/GS+FCA6nA6Dgf7EEWINYwaWWMU8EqmYRN808zmRF8c6+u4ssT7aMNpNru +nfELb9FbmtQTYI7aF6liwQEtQnVH5jfLFlGh324aP/kTm+XOkAt6MS0YmY4RoyPm +xxpnbjWiQcnGCHe63dS8r2t/ +-----END PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 3 (0x3) + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Kernel Test CA, OU=Kernel, O=MongoDB, L=New York City, ST=New York, C=US + Validity + Not Before: May 13 14:45:18 2019 GMT + Not After : May 10 14:45:18 2029 GMT + Subject: C=US, ST=New York, L=New York City, O=MongoDB, OU=Kernel, CN=127.0.0.1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c5:fb:b8:5f:e9:dc:0f:fd:5d:8a:1d:eb:c6:b9: + 0d:79:5b:21:08:f4:5a:9b:1e:03:86:28:4b:5a:07: + d0:54:39:1c:91:33:6e:08:4d:70:37:a8:fc:4f:5b: + 9f:64:c1:20:99:03:8a:4d:98:b8:55:f6:54:51:85: + b1:44:1b:15:81:68:b3:92:52:ea:6f:5f:ca:77:84: + 79:50:5f:ea:ef:e6:55:cd:e1:41:e7:f7:99:d3:03: + 08:46:06:44:59:b0:37:0d:4a:f9:1e:b9:37:57:61: + 09:43:02:f9:94:60:fb:97:30:0b:0c:2e:86:cf:01: + 86:c0:6b:03:99:80:78:dc:71:46:76:fb:01:97:3f: + 1c:f2:1f:ea:d4:46:5d:fa:cb:b3:e0:78:93:d5:74: + fb:c8:46:11:1e:f7:e0:62:98:2d:85:87:64:0c:41: + 8c:47:1a:e7:8f:f0:26:7f:d7:6e:11:e5:dd:e0:b5: + e5:b1:22:63:f9:ca:9d:49:5e:0d:00:8e:22:9d:ae: + cb:5a:85:7c:41:70:8e:16:34:20:ed:4b:16:ae:ca: + 5a:0a:f2:6b:22:b5:23:8c:af:73:0b:c8:df:10:eb: + 43:cb:74:1b:10:72:fe:dc:7f:27:95:69:ad:a1:18: + f5:b3:10:6c:af:f8:18:7f:84:d7:26:1f:a9:19:2c: + c9:8b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Alternative Name: + DNS:badSAN + X509v3 Subject Key Identifier: + 4F:2B:89:C6:AF:A0:C2:D2:D5:FC:C4:B9:5A:57:19:82:DE:95:F4:A5 + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication + Signature Algorithm: sha256WithRSAEncryption + 5a:20:97:d9:c9:67:77:73:13:0b:da:5f:03:45:2b:33:7a:03: + 19:67:b8:f4:4c:90:85:f9:19:c3:53:6a:3e:b0:9c:07:6c:f7: + 09:69:20:dc:c7:ab:53:01:1a:c1:36:5f:02:39:9a:59:43:43: + 3b:82:49:95:9e:3f:cb:70:08:4f:3b:f7:89:20:24:3a:87:20: + 19:2c:9f:21:5b:c7:c3:ac:21:2f:2d:58:5d:25:50:04:fe:f8: + ca:d7:bf:1e:dd:5d:46:3a:db:36:e4:8f:7b:d2:7e:24:35:c5: + fd:9d:be:87:85:3e:0f:34:b5:13:63:99:80:1c:a4:50:1d:5e: + f8:ff:88:da:c5:12:20:28:94:dc:1f:0b:c6:e6:55:b0:66:d4: + 19:0b:f0:d3:c0:69:11:85:18:6d:4e:98:1d:37:87:fb:68:90: + a0:bb:02:fc:68:da:6c:a0:87:a4:bc:27:6e:f0:a7:7b:98:7f: + 63:ec:38:56:42:8f:92:06:bd:3f:70:87:db:9c:2d:31:56:52: + 10:81:e2:25:b1:53:96:ed:df:12:5b:80:a6:59:f7:4f:86:7d: + 5c:6e:2f:37:78:f5:45:a4:3e:07:87:5b:3a:4a:57:82:9e:b3: + 1a:be:54:28:17:98:b8:9f:35:10:d8:71:77:70:59:17:3f:f4: + 30:c8:f9:8b -----BEGIN CERTIFICATE----- -MIIDdTCCAl2gAwIBAgIDAYKXMA0GCSqGSIb3DQEBBQUAMHQxFzAVBgNVBAMTDktl -cm5lbCBUZXN0IENBMQ8wDQYDVQQLEwZLZXJuZWwxEDAOBgNVBAoTB01vbmdvREIx -FjAUBgNVBAcTDU5ldyBZb3JrIENpdHkxETAPBgNVBAgTCE5ldyBZb3JrMQswCQYD -VQQGEwJVUzAeFw0xNDA5MjMxNTE3MjNaFw0zNDA5MjMxNTE3MjNaMG8xEjAQBgNV -BAMTCTEyNy4wLjAuMTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RC -MRYwFAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkG -A1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCDB/lxuzeU -OHR5nnOTJM0fHz0WeicnuUfGG5wP89Mbkd3Y+BNS0ozbnkW+NAGhD+ehNBjogISZ -jLCd+uaYu7TLWpkgki+1+gM99Ro0vv7dIc8vD7ToILKMbM8xQmLbSxDT2tCUoXlc -m7ccgDZl9oW1scQYQ8gWHjmk3yK8sCoGa/uwr49u74aVM7673tLsK41m8oYPzt/q -VGT+mXpBJQcGXkTNQtIPxBtD25jr+aPietS3u70zrVPY6ZDsGE7DofEeRl97kVoF -NcpaQmVEwEo8KCWaT6OaPaUUUjAMwzqiZaHNZ6mL1pCr65bLXP6T9tiMtWLw5+SG -3E09fhQuWod5AgMBAAGjFTATMBEGA1UdEQQKMAiCBmJhZFNBTjANBgkqhkiG9w0B -AQUFAAOCAQEAQzlibJvlUpJG3vc5JppdrudpXoVAP3wtpzvnkrY0GTWIUE52mCIf -MJ5sARvjzs/uMhV5GLnjqTcT+DFkihqKyFo1tKBD7LSuSjfDvjmggG9lq0/xDvVU -uczAuNtI1T7N+6P7LyTG4HqniYouPMDWyCKBOmzzNsk+r1OJb6cxU7QQwmSWw1n1 -ztNcF6JzCQVcd9Isau9AEXZ9q0M0sjD9mL67Qo3Dh3Mvf4UkJKqm3KOQOupUHZLU -vJwfsS2u+gfHY1Plywzq3AuT7ygbksR3Pqfs8LFPnuRAH+41sFTGUM52hiU7mNPj -ebl8s1tjK7WQ+a8GTABJV0hDNeWd3Sr+Og== +MIIDvzCCAqegAwIBAgIBAzANBgkqhkiG9w0BAQsFADB0MRcwFQYDVQQDEw5LZXJu +ZWwgVGVzdCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYw +FAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UE +BhMCVVMwHhcNMTkwNTEzMTQ0NTE4WhcNMjkwNTEwMTQ0NTE4WjBvMQswCQYDVQQG +EwJVUzERMA8GA1UECAwITmV3IFlvcmsxFjAUBgNVBAcMDU5ldyBZb3JrIENpdHkx +EDAOBgNVBAoMB01vbmdvREIxDzANBgNVBAsMBktlcm5lbDESMBAGA1UEAwwJMTI3 +LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfu4X+ncD/1d +ih3rxrkNeVshCPRamx4DhihLWgfQVDkckTNuCE1wN6j8T1ufZMEgmQOKTZi4VfZU +UYWxRBsVgWizklLqb1/Kd4R5UF/q7+ZVzeFB5/eZ0wMIRgZEWbA3DUr5Hrk3V2EJ +QwL5lGD7lzALDC6GzwGGwGsDmYB43HFGdvsBlz8c8h/q1EZd+suz4HiT1XT7yEYR +HvfgYpgthYdkDEGMRxrnj/Amf9duEeXd4LXlsSJj+cqdSV4NAI4ina7LWoV8QXCO +FjQg7UsWrspaCvJrIrUjjK9zC8jfEOtDy3QbEHL+3H8nlWmtoRj1sxBsr/gYf4TX +Jh+pGSzJiwIDAQABo2EwXzAJBgNVHRMEAjAAMBEGA1UdEQQKMAiCBmJhZFNBTjAd +BgNVHQ4EFgQUTyuJxq+gwtLV/MS5WlcZgt6V9KUwCwYDVR0PBAQDAgWgMBMGA1Ud +JQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IBAQBaIJfZyWd3cxML2l8D +RSszegMZZ7j0TJCF+RnDU2o+sJwHbPcJaSDcx6tTARrBNl8COZpZQ0M7gkmVnj/L +cAhPO/eJICQ6hyAZLJ8hW8fDrCEvLVhdJVAE/vjK178e3V1GOts25I970n4kNcX9 +nb6HhT4PNLUTY5mAHKRQHV74/4jaxRIgKJTcHwvG5lWwZtQZC/DTwGkRhRhtTpgd +N4f7aJCguwL8aNpsoIekvCdu8Kd7mH9j7DhWQo+SBr0/cIfbnC0xVlIQgeIlsVOW +7d8SW4CmWfdPhn1cbi83ePVFpD4Hh1s6SleCnrMavlQoF5i4nzUQ2HF3cFkXP/Qw +yPmL -----END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAgwf5cbs3lDh0eZ5zkyTNHx89FnonJ7lHxhucD/PTG5Hd2PgT -UtKM255FvjQBoQ/noTQY6ICEmYywnfrmmLu0y1qZIJIvtfoDPfUaNL7+3SHPLw+0 -6CCyjGzPMUJi20sQ09rQlKF5XJu3HIA2ZfaFtbHEGEPIFh45pN8ivLAqBmv7sK+P -bu+GlTO+u97S7CuNZvKGD87f6lRk/pl6QSUHBl5EzULSD8QbQ9uY6/mj4nrUt7u9 -M61T2OmQ7BhOw6HxHkZfe5FaBTXKWkJlRMBKPCglmk+jmj2lFFIwDMM6omWhzWep -i9aQq+uWy1z+k/bYjLVi8OfkhtxNPX4ULlqHeQIDAQABAoIBAC4Bx8jyJmKpq+Pk -CcqZelg6HLXesA7XlGbv3M0RHIeqoM2E1SwYd5LJMM3G7ueBcR/97dz8+xH6/yyJ -Ixxvk9xu9CMmkRABN9AyVkA867nzHA73Idr7WBXMQreWCqXa5o6sXt5BEB6/If0k -23TTqUERqLuoWQHDHRRRsJ218RuNmbvBe8TGXcfunC0eeDVKDeqAXol6bD5lztdu -B6jkdLt5UZSQ7X8OmClbeDlac90B8usNi+pUE9q1p7X462vAw8LohkxLY2nyIcmU -feNdTNHP+lklv+E+p9w/Az7Hf6zxm525tw90QVI048fr9SL3ftLHOt4FhucSCn0Z -CjylP4ECgYEA+nQrNVdVwmxcWCVn69LR1grNXUSz+fLHCo+QKma4IyC1kuuZ+BBo -Iwdf9t/S1tgtTYru3uxzCpQg7J1iDeEFEsMHl0rc6U1MmIE+6OvACVG3yotqoOqE -852pi1OWIe94yTk2ZmNXJ8gpUE/gtMprbcSWOb7IzzrXy2lDcaEMuGkCgYEAhe7L -ZvYI4LEvu6GSPp97qBzDH9m5UrHaTZIJk/Nu7ie919Sdg62LTfphsaK+pSyA55XQ -8L9P7wNUPC44NnE+7CIJZsIuKdYqR5QI6No9RdTyij0Hgljfc7KuH2b8lf8EjvuH -qZAf5zL3pIOQs8E8/MYHlGIqmTkYK41eCAcS9JECgYEADnra6KmU9rmnGR2IhZTZ -tuNG/kZzlVbY9R5ZumnX6YgBl23xp+ri6muJu88y9GLpM5t9tfu7pvfrc2KiAaVp -0qzd6nxUi1SBwituxK6kmqVT1+z5jDYi26bY34pEms+qjw+0unSx3EXxRYhouGsf -jOgZu1rxZzHCuirq0E38W0kCgYBzOK16RX37t9OFywlioJekWCIxu4BouSNCirl8 -s/eiIUR8cqiUCPAIRLhZNtZmiTPYiBW5mAyvZiDIqUao56InSVznL3TBf0LeU2ea -023VLs79yGU2aTjLc1PDJjl03XDRhWj/okMgBsPvn1QUoNDT8ZXBvPZC3VCC31qe -818GUQKBgQDBUP2BC/Th/0dErOQ5lWkY3YbmzrTp2pDsHGZJRD+OdQ5B8FUvCP8m -JESk/0ATn7niUqawnOy/2KlKIkeBBV2XL1rjIGEhCkBUuhCiInNDqz1AGdXzIKaT -myoZ4PhIsH1D643e6iLhyAZuUAA4yB31E2a3l7EMyhV3vKbdWWygGQ== ------END RSA PRIVATE KEY----- diff --git a/jstests/libs/client-self-signed.pem b/jstests/libs/client-self-signed.pem index 27fbf225059..5da5d7539de 100644 --- a/jstests/libs/client-self-signed.pem +++ b/jstests/libs/client-self-signed.pem @@ -1,47 +1,114 @@ ------BEGIN CERTIFICATE----- -MIIDXDCCAkQCCQCDkcJhHXlrtzANBgkqhkiG9w0BAQsFADBwMQ8wDQYDVQQDDAZj -bGllbnQxEzARBgNVBAsMCktlcm5lbFVzZXIxEDAOBgNVBAoMB01vbmdvREIxFjAU -BgNVBAcMDU5ldyBZb3JrIENpdHkxETAPBgNVBAgMCE5ldyBZb3JrMQswCQYDVQQG -EwJVUzAeFw0xODA1MDgxOTA2MTdaFw0yMDA3MTcxOTA2MTdaMHAxDzANBgNVBAMM -BmNsaWVudDETMBEGA1UECwwKS2VybmVsVXNlcjEQMA4GA1UECgwHTW9uZ29EQjEW -MBQGA1UEBwwNTmV3IFlvcmsgQ2l0eTERMA8GA1UECAwITmV3IFlvcmsxCzAJBgNV -BAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIP1BCsp6e+B -5BpefH+yDvdVwDteI3H7CKh8X0TJYAYHAy5bOJ9fS0PB50gAXYqDFTHWTnGGxTaq -67d4Hc5ZB+UgnNralBvhVYB6jFpV4oBqdht//VhcdLBq8n6aRmM63zP82dKA5Ehz -q7jhwLI0v/m3lZfkE+qKWb+E87KS47BstOHDIqAUIeUJutrC/usS7aatRhHqtmg2 -8pEVJV8/YBPL4DWZkKoqrg+hJjXNjpy7ec2GAvgk+5ZWvjmNUBTtrE+47l8Eq3nM -TLsTDqtPHqv/udZScaCltPkw2ffGMhhp/eFLF+F3E9NpZC5mpUfe4+E5iZAXL9/r -IRO4ESbI9wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQB4DscFT2z5hgzHC64SVjHk -Rpodjct0/kLkcJpaAZ/VTU6J6JI0TRDI0lsYV+UlogPxNWHgo7OGmG26tUPh61TX -XCq0Y1SbUsJFJa61d4fl30cBsA/w+eN1GRMua+eo1DTeFC8n0bVUqCjaMzumZWnX -bOR5eUUGw2r/JbCvCU2QNuL6/LKg2e2/C6pwkxQzFpKVTgvc0mq9+rifAIo0a9JV -41FIpgbJrojXCjP1gs2On3Uvr0XJsiMd9+T6duZt5MNh4M3Mfrr+tzATM61JM0Mg -VryKakzERFMLnTH3aS/JfTMGlCvUJEiMU2N9mePmSucNnJHX6wYjmOr++6RoLBhc ------END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEAxIP1BCsp6e+B5BpefH+yDvdVwDteI3H7CKh8X0TJYAYHAy5b -OJ9fS0PB50gAXYqDFTHWTnGGxTaq67d4Hc5ZB+UgnNralBvhVYB6jFpV4oBqdht/ -/VhcdLBq8n6aRmM63zP82dKA5Ehzq7jhwLI0v/m3lZfkE+qKWb+E87KS47BstOHD -IqAUIeUJutrC/usS7aatRhHqtmg28pEVJV8/YBPL4DWZkKoqrg+hJjXNjpy7ec2G -Avgk+5ZWvjmNUBTtrE+47l8Eq3nMTLsTDqtPHqv/udZScaCltPkw2ffGMhhp/eFL -F+F3E9NpZC5mpUfe4+E5iZAXL9/rIRO4ESbI9wIDAQABAoIBAEV/SUJNJYiG3E/Y -B3xOCKGEVP4jwLoWUCoSs9FZWUItP4OffEE9E41hjAyICSELoCn5swmQ2pGaML4l -50PbOt8w5+Sw/UYNyhXb1vsV43Oz6HKWbSAihKf70AasQVENPL+8+fnqmQyils2v -F593JnKSFJvB2LY2ZvEwawtoJsyAdENw+NacVnEoMbaJqn0x0XsFb0RAvV9PQaFD -U29yg3T3TxnoDHxmnPaLUhn4ht7bOc66PjeJEl2jvnhNdSwPND9dg+hF/hX966Io -vNfKyp5q5nr6dnshjMWciyAu3v0FhaQ+7MTG2pij1yR1L1XM/gxL7u65bCCw3D2d -BEiiB2ECgYEA7HoiLTImR2IN3QSkKi/j6YzLIhpZgfl1XW3P2EKXcbToghDsbZtV -81ZtPwX5R5gCSKR7c05hPOgio2ext71jomRQYDHHTFu2gbKyk0iC3fhY7u44ugRQ -KOMqQE2WZUV4Ll9QOflMoSWypDmSzgG5hYF86dSW1Leuoo8nDUnvcocCgYEA1L0/ -YNZoF+h4OsO3t7zJ38X6vmn7vwkWwlFC8puaseUmL0ENWGZxtBZzuzcVHWzSTxzk -+lpKNUloXeEE39btVWonDUx4uPajHsXE3i8/jjgOxden36cGxXxV1yWaSGTC7ikM -TPSzhtyMxlsmG7cXgIELCiWF0H2Mt+RGwTnz4hECgYEApQD/keu5O/vWUo7ngaxS -6mbcYppiNEf9Ncjmyy6D/8pMplzqq/xEd/upVN11OBiAF3H11douDVKowL4dCmky -+V/nmYeCWexwp4UqB40EC6A7ZdSBboKN8Em59I5uz5Eur6TAFQO4DYWBZgfqQKaB -bf+RSpOU/y5/w1wB0srxMkcCgYEAyq36geIDjjOWyDXLBKxCkIVoXJ1QkTKxkjQl -WkpRWYb9mCub8Uq4rWBupkDWRxB0VZcruDDpXlcvrbFCGZgEyUm3Jv5iTaX8xsaY -xy2wmWhi+q55a6UP2Hqatb1Hfg0xggFtjKvdlnDtVdVlOyZ2p6FJyULyeC4FMPW1 -S0ZRSmECgYEAyjTgEjvIUsd4NkVdMcBBHO/WKl7gMQDcUGOnlrpyEPumXC1+H2jy -GWbnBoWyXJ+SrMP3MFpCEG7BZ7P5oFjLDBJ8+xUiHWPLLGRRhp2tyySeR/urjgRO -kLX6W+WWErw2V5+KmgEJb/SpbAGcJhDyLCN56L/Osqrod9avQ4/YW60= +MIIEowIBAAKCAQEAwiVDsnHAL2fRW7lFMrkZOGbIuKXB/zjO4wctQLVEdH/YW0Ho +Oifh2zSwENU4LPm+FqPqRyWYr63LyzmnakA74d47Vp2np+MCsOji6ktDgbZkOuC5 +NSsw0Fg5PjhKzvC2LtXtB6MO4JJnG2t67fImZyHRoFrNWVK7khhF3fc6PKEkQ6zc +Z40cSTOLrEqPoj9AAgH+HWcgPg909EW1GrDA/nds7H8tbXmWyEr6TJ6/7YGe6QOl +cLUvkdc0Sq2jQR3fCIjVqI2KA2EQGoaDNUq8K5Mqza2sZpXw+sX8P//eGe2Q23CR +q83hRJMMzpRTZKT5YfyEGwMJ8SpkezkQnnZdEQIDAQABAoIBAQCGSyqRw7dx0zlx +Xi2skXcNmaOcfiQ8O/p39h3qVbjdcRWiwms11yKW89IaQrMSAUro9Ed5IVuFog2H +LQFOMNJ7QbMADhvLuO7CmsVj1d4DWrvoMkxKp+6jH3OxQ1UT4lPS/+1uy+7djse9 +otIsx8SisDUF2+mRsPXIb/vcN0hUaNiFIo2myv8L8YHkwQtPnB1650uZsd3FCEGl +5+1uvCj63Y3PP8R1HqX+U8p3QbvbBnVdXHMlKXj2FJm7bmTL8uxpjxlM3LWNLSki +X+TZBAiFcfuROdLALfLuxq0AETq/X7uiNS3Wzw/ZABXF5oo7KMWM9uotIwONyFt3 +/iIqppL1AoGBAPlfaAeKNjMIts+UDF+UsZW40O3+Qq1QwK6vnL2o7rOeM6NM0ErT +Akm4lY82YUymTvZmLZBGbu7ZWVayD/ePJHPts7VIIz3IsODNx2RMuE140ceYrNnX +Oz0RbEeFDBSoORoKo7PkaGLx7XaaMIkX38F4sqwKyZV054yAJ91JKTcPAoGBAMdO +H5QrYmjXw6hYZmUKqN9VrEqJCjFkmM9NekB5fb8c26VGRPPvWkY3m004Fm8RFemM +vJa8AXKmMpF3qKFjJ1U5qDuZ/MOnn1Z0KcVHOUXg2ZAMq17m1dH6bfDYWYx2nu/1 +In+qFTo9tS9wVP58hyQ3Nz9PHAYqL8iFy81qYinfAoGAA9Xj07nce4x2w1qTliTD +VnoxPHfcrq2/SPCKiKBAi6KzSJ+11HDKaDfelQVRGcy1CjUoHj/3FNVi+mJivHwH +I4FUckVZxWmAzvRbTL+hVg+1qkw+3FrjHl1WPQNe3DJ6LlxbiDjLIjp2XIyiknk7 +h85DcUH5N8NEjHSsKEsnxyECgYAW/zKxnBfs1Qikgh6+he5aZr5Mk2dzr5HaSaxT +iDE0PhYyCdum8fVOqNfonxInmqcWncCc+/CG1Bp9onr4tEIzmUWKKwh5YvwFs72m +H8PCBmHUN0IG30fIxMauxaf/hyhrs7NZW7y7Tad8Y8/K1X+adCyRx4UKSQ/eaWHM +v/u3rQKBgCDj9s/ls+1360dgDVVDqoxzHfUltjr5bmJZe5xA8P26nESLj/OBDVzb +vj50Wey1KiEl2Pj74ttn4ItRu6DA/3dzhopropLh5cmY7Nac+vXuuAsUql2vBHX6 +CCZyOW36kf9yt+0Zay2RGOW6xcBXGIPxp8SM8V63DF58XrZUnyIJ -----END RSA PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 7 (0x7) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=New York, L=New York City, O=MongoDB, OU=KernelUser, CN=client + Validity + Not Before: May 9 18:00:36 2019 GMT + Not After : May 6 18:00:36 2029 GMT + Subject: C=US, ST=New York, L=New York City, O=MongoDB, OU=KernelUser, CN=client + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c2:25:43:b2:71:c0:2f:67:d1:5b:b9:45:32:b9: + 19:38:66:c8:b8:a5:c1:ff:38:ce:e3:07:2d:40:b5: + 44:74:7f:d8:5b:41:e8:3a:27:e1:db:34:b0:10:d5: + 38:2c:f9:be:16:a3:ea:47:25:98:af:ad:cb:cb:39: + a7:6a:40:3b:e1:de:3b:56:9d:a7:a7:e3:02:b0:e8: + e2:ea:4b:43:81:b6:64:3a:e0:b9:35:2b:30:d0:58: + 39:3e:38:4a:ce:f0:b6:2e:d5:ed:07:a3:0e:e0:92: + 67:1b:6b:7a:ed:f2:26:67:21:d1:a0:5a:cd:59:52: + bb:92:18:45:dd:f7:3a:3c:a1:24:43:ac:dc:67:8d: + 1c:49:33:8b:ac:4a:8f:a2:3f:40:02:01:fe:1d:67: + 20:3e:0f:74:f4:45:b5:1a:b0:c0:fe:77:6c:ec:7f: + 2d:6d:79:96:c8:4a:fa:4c:9e:bf:ed:81:9e:e9:03: + a5:70:b5:2f:91:d7:34:4a:ad:a3:41:1d:df:08:88: + d5:a8:8d:8a:03:61:10:1a:86:83:35:4a:bc:2b:93: + 2a:cd:ad:ac:66:95:f0:fa:c5:fc:3f:ff:de:19:ed: + 90:db:70:91:ab:cd:e1:44:93:0c:ce:94:53:64:a4: + f9:61:fc:84:1b:03:09:f1:2a:64:7b:39:10:9e:76: + 5d:11 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Key Usage: + Digital Signature, Non Repudiation, Key Encipherment + X509v3 Extended Key Usage: + TLS Web Client Authentication + Netscape Comment: + OpenSSL Generated Certificate + X509v3 Subject Key Identifier: + 25:6A:3B:7A:80:BD:CF:5D:71:36:A3:5B:1E:75:86:87:63:52:B9:23 + X509v3 Authority Key Identifier: + keyid:25:6A:3B:7A:80:BD:CF:5D:71:36:A3:5B:1E:75:86:87:63:52:B9:23 + + Signature Algorithm: sha256WithRSAEncryption + bc:79:dc:c8:06:70:f0:8a:20:db:27:5a:b0:8e:98:28:12:7e: + 74:77:0d:9f:5b:17:49:65:d7:28:65:27:36:93:0b:3f:4f:86: + 59:e2:9b:ca:63:3e:0f:69:5b:64:0c:99:25:76:7d:99:1c:81: + ee:4a:08:d6:0b:e9:3c:ec:b8:ed:33:2b:c6:ab:f0:fb:4d:79: + a9:e0:19:22:ab:5a:8d:ab:f6:4d:2a:17:df:8d:aa:2b:26:61: + 92:8a:3e:17:71:07:0a:b9:70:73:36:1f:48:2b:f0:0c:2a:b6: + fc:17:bd:a3:1c:fb:a5:a7:cc:c3:c2:0b:de:ef:bc:17:07:9e: + 53:59:74:1a:3e:2a:96:e4:91:f4:59:7d:59:33:23:ad:c9:67: + 22:7e:af:88:9b:27:0c:13:b2:e3:3e:57:c4:55:d4:c2:be:96: + e8:f3:67:24:f9:81:ee:a4:f6:66:52:fd:6e:ae:55:b8:86:de: + 79:49:8f:d7:08:d5:db:1e:3b:77:b6:89:37:9d:43:04:5b:2e: + d1:88:47:47:75:64:3c:e9:59:87:74:84:3b:b7:41:c4:e7:15: + 0a:e5:59:f7:5e:e0:09:45:39:89:ac:3d:54:2f:c7:02:fd:9e: + 95:77:09:71:53:06:9a:5f:be:73:38:f7:4a:7a:83:81:1c:a1: + 63:35:8e:95 +-----BEGIN CERTIFICATE----- +MIID+jCCAuKgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzER +MA8GA1UECBMITmV3IFlvcmsxFjAUBgNVBAcTDU5ldyBZb3JrIENpdHkxEDAOBgNV +BAoTB01vbmdvREIxEzARBgNVBAsTCktlcm5lbFVzZXIxDzANBgNVBAMTBmNsaWVu +dDAeFw0xOTA1MDkxODAwMzZaFw0yOTA1MDYxODAwMzZaMHAxCzAJBgNVBAYTAlVT +MREwDwYDVQQIEwhOZXcgWW9yazEWMBQGA1UEBxMNTmV3IFlvcmsgQ2l0eTEQMA4G +A1UEChMHTW9uZ29EQjETMBEGA1UECxMKS2VybmVsVXNlcjEPMA0GA1UEAxMGY2xp +ZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiVDsnHAL2fRW7lF +MrkZOGbIuKXB/zjO4wctQLVEdH/YW0HoOifh2zSwENU4LPm+FqPqRyWYr63Lyzmn +akA74d47Vp2np+MCsOji6ktDgbZkOuC5NSsw0Fg5PjhKzvC2LtXtB6MO4JJnG2t6 +7fImZyHRoFrNWVK7khhF3fc6PKEkQ6zcZ40cSTOLrEqPoj9AAgH+HWcgPg909EW1 +GrDA/nds7H8tbXmWyEr6TJ6/7YGe6QOlcLUvkdc0Sq2jQR3fCIjVqI2KA2EQGoaD +NUq8K5Mqza2sZpXw+sX8P//eGe2Q23CRq83hRJMMzpRTZKT5YfyEGwMJ8SpkezkQ +nnZdEQIDAQABo4GeMIGbMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMBMGA1UdJQQM +MAoGCCsGAQUFBwMCMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBD +ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUJWo7eoC9z11xNqNbHnWGh2NSuSMwHwYDVR0j +BBgwFoAUJWo7eoC9z11xNqNbHnWGh2NSuSMwDQYJKoZIhvcNAQELBQADggEBALx5 +3MgGcPCKINsnWrCOmCgSfnR3DZ9bF0ll1yhlJzaTCz9Phlnim8pjPg9pW2QMmSV2 +fZkcge5KCNYL6TzsuO0zK8ar8PtNeangGSKrWo2r9k0qF9+NqismYZKKPhdxBwq5 +cHM2H0gr8AwqtvwXvaMc+6WnzMPCC97vvBcHnlNZdBo+KpbkkfRZfVkzI63JZyJ+ +r4ibJwwTsuM+V8RV1MK+lujzZyT5ge6k9mZS/W6uVbiG3nlJj9cI1dseO3e2iTed +QwRbLtGIR0d1ZDzpWYd0hDu3QcTnFQrlWfde4AlFOYmsPVQvxwL9npV3CXFTBppf +vnM490p6g4EcoWM1jpU= +-----END CERTIFICATE----- diff --git a/jstests/libs/client.pem b/jstests/libs/client.pem index 50a64e41728..b5d4bbc7cd5 100644 --- a/jstests/libs/client.pem +++ b/jstests/libs/client.pem @@ -1,48 +1,108 @@ ------BEGIN CERTIFICATE-----
-MIIDXTCCAkWgAwIBAgIBAzANBgkqhkiG9w0BAQUFADB0MRcwFQYDVQQDEw5LZXJu
-ZWwgVGVzdCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYw
-FAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UE
-BhMCVVMwHhcNMTQwNzE3MTYwMDAwWhcNMjAwNzE3MTYwMDAwWjBwMQ8wDQYDVQQD
-EwZjbGllbnQxEzARBgNVBAsTCktlcm5lbFVzZXIxEDAOBgNVBAoTB01vbmdvREIx
-FjAUBgNVBAcTDU5ldyBZb3JrIENpdHkxETAPBgNVBAgTCE5ldyBZb3JrMQswCQYD
-VQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJIFboAk9Fdi
-DY5Xld2iw36vB3IpHEfgWIimd+l1HX4jyp35i6xoqkZZHJUL/NMbUFJ6+44EfFJ5
-biB1y1Twr6GqpYp/3R30jKQU4PowO7DSal38MR34yiRFYPG4ZPPXXfwPSuwKrSNo
-bjqa0/DRJRVQlnGwzJkPsWxIgCjc8KNO/dSHv/CGymc9TjiFAI0VVOhMok1CBNvc
-ifwWjGBg5V1s3ItMw9x5qk+b9ff5hiOAGxPiCrr8R0C7RoeXg7ZG8K/TqXbsOZEG
-AOQPRGcrmqG3t4RNBJpZugarPWW6lr11zMpiPLFTrbq3ZNYB9akdsps4R43TKI4J
-AOtGMJmK430CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAA+nPgVT4addi13yB6mjW
-+UhdUkFwtb1Wcg0sLtnNucopHZLlCj5FfDdp1RQxe3CyMonxyHTKkrWtQmVtUyvf
-C/fjpIKt9A9kAmveMHBiu9FTNTc0sbiXcrEBeHF5cD7N+Uwfoc/4rJm0WjEGNkAd
-pYLCCLVZXPVr3bnc3ZLY1dFZPsJrdH3nJGMjLgUmoNsKnaGozcjiKiXqm6doFzkg
-0Le5yD4C/QTaie2ycFa1X5bJfrgoMP7NqKko05h4l0B0+DnjpoTJN+zRreNTMKvE
-ETGvpUu0IYGxe8ZVAFnlEO/lUeMrPFvH+nDmJYsxO1Sjpds2hi1M1JoeyrTQPwXj
-2Q==
+-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDJyauFhtHK3W3b +kFUiz/24lEi0VOesmDF5c/sUO67h+IXVdLUSz/v2tb30cgk8GhppczwcpZp98gTx +NgI3Z5ZRPumzK9Aw8l1p23YtDGzSdfsXGjOeab2MieRCHtbL847doxHae3C7YofJ +NTmJOVan4vviUT7YRBK0kSDgADOGtkt9YeviyPoX6vr9izcyTTg2Z/Zbm64zMNOo +ifyvi6i0P1HN708KVPsKpek87Hdi8LAy1QfLdDe3Z7dhUP0H0A5EQhDcd7FlAxwh +WqdMmm81STj4cvgWx1XSAHL7vj1s4O0qN5nEAb4lenSIIP7flGKyevU7fnGZg2I7 +rVQ3D0wRAgMBAAECggEBAK/uL6hMYk8f/a8nyMKAWvL5/eWT/SWCz+fXUfpTCuej +mXQAu/q58TEpRYOBhUGsdIip2qgTTn4ua1auwwHxQ6J0WqdHNM3oEb/AgulF4v8f +tBpxUr3z7TpB4wwu/RF2uYHNsjwt0ZzejArGZ/KXVlEr2nZ4ZXWC7FgYDHSgWExC +ySoI/XeeB+t3jJPjvKOj/EjexNC1qIJwV+YSrbZ4geAJsJf4TvzeY49G+Fng+c6b +bxD+aay+8NuROYt0zI+ufnMqr96FLyyrsO79auJRxeitwU6A2Hl/KLLoOn2vK5Q7 +6K/HmBsFC5k1NXTOG8hO3PdnqjCaslbwRCqUWlaxMsECgYEA7LJLAIYJ2gPZta/H +aKPbFYaVcBjkwN6QST6KyjlYTuHYITyMuLwdpeXyo0WZnohLA6L7FMN/JZF9i8f4 +3ip4TnOHuNvzerrtyjjyiMsLX/pMSPTTl6gtRNrppSRlPBphH+KbBdI4TZXmx8d9 +IoOe/kRomgukroZ90xy4CCTs8SkCgYEA2j6PRqZ0TCBhuAUbPNLtz2KbzIlXBU8I +KNurI34La72bgyjJ1Nc+l964VnRM2XA63Xix7H5dTWuUHdv93WMn3PvPVE8vk9eF +6ox3ANfa/+WU36ajP224iTLDNpmbLG808gGUKhcRGW+NcbhQKoVMxl9mfl1zn/NL +QjecaIeOWKkCgYAGBUb5HW+0tvJbt7vnwns5IfI9JrTy3vZmlourNygy4XXA6qxd +qpNKe/3e/084BBl8XzHpxks+pmO+IXkIFaZ3wGKMZjPcRFL2GNq6dge1CkXUeT3E +lseH/9V/mNxmWflseTQeQsmh15VGMaHSNezeZNkQSgmHUu5yZ0GbG21XeQKBgHoI +3UjeLs2alcm2YUKjl4KNWx0F9vjq9l8SZiHUi0JVpa2zkxhGu6NkUKNXKNm1HdVV +dfgNuNJfw1Tm/I9csJ+q1oYIOUxsCV/b53c7PCQ3FgXxQftnuPZOwkW3osM3890W +8OiQOWmFrQvXykvcec+67K7gRpU8D+sY+YahtgDxAoGBAJOduSQpjFgd4oTHBwI6 +ULhnGIPX7Yguf8MdP4rjbbbUyvbbMqYsMKaXvRhj8h/Fh9NhvST1dSV6y6RtLo3E ++MNuHDERk2C1RI9OipsttsBB2C6RKpTdHh+iAdUM8BkQYhvwvKJCHWpYdJ5239b3 +5Ghd3XrN4HKu9FaiEz01IKVH +-----END PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 2 (0x2) + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Kernel Test CA, OU=Kernel, O=MongoDB, L=New York City, ST=New York, C=US + Validity + Not Before: May 13 14:39:50 2019 GMT + Not After : May 10 14:39:50 2029 GMT + Subject: C=US, ST=New York, L=New York City, O=MongoDB, OU=KernelUser, CN=client + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c9:c9:ab:85:86:d1:ca:dd:6d:db:90:55:22:cf: + fd:b8:94:48:b4:54:e7:ac:98:31:79:73:fb:14:3b: + ae:e1:f8:85:d5:74:b5:12:cf:fb:f6:b5:bd:f4:72: + 09:3c:1a:1a:69:73:3c:1c:a5:9a:7d:f2:04:f1:36: + 02:37:67:96:51:3e:e9:b3:2b:d0:30:f2:5d:69:db: + 76:2d:0c:6c:d2:75:fb:17:1a:33:9e:69:bd:8c:89: + e4:42:1e:d6:cb:f3:8e:dd:a3:11:da:7b:70:bb:62: + 87:c9:35:39:89:39:56:a7:e2:fb:e2:51:3e:d8:44: + 12:b4:91:20:e0:00:33:86:b6:4b:7d:61:eb:e2:c8: + fa:17:ea:fa:fd:8b:37:32:4d:38:36:67:f6:5b:9b: + ae:33:30:d3:a8:89:fc:af:8b:a8:b4:3f:51:cd:ef: + 4f:0a:54:fb:0a:a5:e9:3c:ec:77:62:f0:b0:32:d5: + 07:cb:74:37:b7:67:b7:61:50:fd:07:d0:0e:44:42: + 10:dc:77:b1:65:03:1c:21:5a:a7:4c:9a:6f:35:49: + 38:f8:72:f8:16:c7:55:d2:00:72:fb:be:3d:6c:e0: + ed:2a:37:99:c4:01:be:25:7a:74:88:20:fe:df:94: + 62:b2:7a:f5:3b:7e:71:99:83:62:3b:ad:54:37:0f: + 4c:11 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 72:41:CD:3B:19:0F:71:1B:98:A6:94:61:25:B8:9C:58:7C:6F:4D:B3 + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Extended Key Usage: + TLS Web Client Authentication + Signature Algorithm: sha256WithRSAEncryption + 06:f1:f9:fd:38:a8:e5:8d:94:2e:6b:1f:74:b9:70:eb:52:98: + fe:62:b2:47:76:a2:df:f7:1b:af:72:51:6f:b8:8a:33:4a:3f: + 78:41:d3:b0:5d:94:2e:1c:ab:e7:3d:8d:88:51:66:5c:35:ff: + 22:4c:a7:a6:df:b9:0e:ec:95:22:63:a4:f0:89:9e:ee:00:2f: + 07:33:fc:1a:a5:72:34:e4:5b:a4:75:de:a9:7f:ca:a4:39:14: + c5:ae:98:6a:9d:f8:8c:16:cf:6c:d2:aa:45:5b:66:05:a1:ae: + e8:65:3d:c3:18:80:54:6d:45:14:01:a2:ee:5e:29:23:9e:ee: + 65:43:ff:88:11:00:09:32:7f:6b:e8:14:a3:74:20:20:02:ec: + fb:01:f7:cd:1c:82:de:1e:ac:52:b7:f4:e9:a1:a4:de:6d:1e: + 31:e5:fa:7f:6e:06:01:5b:83:97:45:94:93:16:f2:95:66:21: + b3:6f:fc:03:8f:6c:3a:30:ba:16:cd:b8:0d:7c:f9:97:d9:a9: + 76:76:98:07:9f:0f:bf:8f:17:e4:76:7e:a4:00:6c:cb:35:6f: + 69:7f:62:d5:dd:62:51:09:ad:c6:9d:8c:e4:58:08:53:7b:fa: + 4a:d2:69:8d:59:06:a2:e9:6a:2a:2e:b4:94:0c:f8:12:15:86: + bf:ef:af:60 +-----BEGIN CERTIFICATE----- +MIIDrTCCApWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADB0MRcwFQYDVQQDEw5LZXJu +ZWwgVGVzdCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYw +FAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UE +BhMCVVMwHhcNMTkwNTEzMTQzOTUwWhcNMjkwNTEwMTQzOTUwWjBwMQswCQYDVQQG +EwJVUzERMA8GA1UECAwITmV3IFlvcmsxFjAUBgNVBAcMDU5ldyBZb3JrIENpdHkx +EDAOBgNVBAoMB01vbmdvREIxEzARBgNVBAsMCktlcm5lbFVzZXIxDzANBgNVBAMM +BmNsaWVudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMnJq4WG0crd +bduQVSLP/biUSLRU56yYMXlz+xQ7ruH4hdV0tRLP+/a1vfRyCTwaGmlzPBylmn3y +BPE2AjdnllE+6bMr0DDyXWnbdi0MbNJ1+xcaM55pvYyJ5EIe1svzjt2jEdp7cLti +h8k1OYk5Vqfi++JRPthEErSRIOAAM4a2S31h6+LI+hfq+v2LNzJNODZn9lubrjMw +06iJ/K+LqLQ/Uc3vTwpU+wql6Tzsd2LwsDLVB8t0N7dnt2FQ/QfQDkRCENx3sWUD +HCFap0yabzVJOPhy+BbHVdIAcvu+PWzg7So3mcQBviV6dIgg/t+UYrJ69Tt+cZmD +YjutVDcPTBECAwEAAaNOMEwwCQYDVR0TBAIwADAdBgNVHQ4EFgQUckHNOxkPcRuY +ppRhJbicWHxvTbMwCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA0G +CSqGSIb3DQEBCwUAA4IBAQAG8fn9OKjljZQuax90uXDrUpj+YrJHdqLf9xuvclFv +uIozSj94QdOwXZQuHKvnPY2IUWZcNf8iTKem37kO7JUiY6TwiZ7uAC8HM/wapXI0 +5Fukdd6pf8qkORTFrphqnfiMFs9s0qpFW2YFoa7oZT3DGIBUbUUUAaLuXikjnu5l +Q/+IEQAJMn9r6BSjdCAgAuz7AffNHILeHqxSt/TpoaTebR4x5fp/bgYBW4OXRZST +FvKVZiGzb/wDj2w6MLoWzbgNfPmX2al2dpgHnw+/jxfkdn6kAGzLNW9pf2LV3WJR +Ca3GnYzkWAhTe/pK0mmNWQai6WoqLrSUDPgSFYa/769g -----END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAkgVugCT0V2INjleV3aLDfq8HcikcR+BYiKZ36XUdfiPKnfmL
-rGiqRlkclQv80xtQUnr7jgR8UnluIHXLVPCvoaqlin/dHfSMpBTg+jA7sNJqXfwx
-HfjKJEVg8bhk89dd/A9K7AqtI2huOprT8NElFVCWcbDMmQ+xbEiAKNzwo0791Ie/
-8IbKZz1OOIUAjRVU6EyiTUIE29yJ/BaMYGDlXWzci0zD3HmqT5v19/mGI4AbE+IK
-uvxHQLtGh5eDtkbwr9Opduw5kQYA5A9EZyuaobe3hE0Emlm6Bqs9ZbqWvXXMymI8
-sVOturdk1gH1qR2ymzhHjdMojgkA60YwmYrjfQIDAQABAoIBAB249VEoNIRE9TVw
-JpVCuEBlKELYk2UeCWdnWykuKZ6vcmLNlNy3QVGoeeTs172w5ZykY+f4icXP6da5
-o3XauCVUMvYKKNwcFzSe+1xxzPSlH/mZh/Xt2left6f8PLBVuk/AXSPG2I9Ihodv
-VIzERaQdD0J9FmhhhV/hMhUfQ+w5rTCaDpq1KVGU61ks+JAtlQ46g+cvPF9c80cI
-TEC875n2LqWKmLRN43JUnctV3uGTmolIqCRMHPAs/egl+lG2RXJjqXSQ2uFLOvC/
-PXtBb597yadSs2BWPnTu/r7LbLGBAExzlQK1uFsTvuKsBPb3qrvUux0L68qwPuiv
-W24N8BECgYEAydtAvVB7OymQEX3mck2j7ixDN01wc1ZaCLBDvYPYS/Pvzq4MBiAD
-lHRtbIa6HPGA5jskbccPqQn8WGnJWCaYvCQryvgaA+BBgo1UTLfQJUo/7N5517vv
-KvbUa6NF0nj3VwfDV1vvy+amoWi9NOVn6qOh0K84PF4gwagb1EVy9MsCgYEAuTAt
-KCWdZ/aNcKgJc4NCUqBpLPF7EQypX14teixrbF/IRNS1YC9S20hpkG25HMBXjpBe
-tVg/MJe8R8CKzYjCt3z5Ff1bUQ2bzivbAtgjcaO0Groo8WWjnamQlrIQcvWM7vBf
-dnIflQ0slxbHfCi3XEe8tj2T69R7wJZ8L7PxR9cCgYEACgwNtt6Qo6s37obzt3DB
-3hL57YC/Ph5oMNKFLKOpWm5z2zeyhYOGahc5cxNppBMpNUxwTb6AuwsyMjxhty+E
-nqi2PU4IDXVWDWd3cLIdfB2r/OA99Ez4ZI0QmaLw0L8QoJZUVL7QurdqR9JsyHs6
-puUqIrb195s/yiPR7sjeJe0CgYEAuJviKEd3JxCN52RcJ58OGrh2oKsJ9/EbV0rX
-Ixfs7th9GMDDHuOOQbNqKOR4yMSlhCU/hKA4PgTFWPIEbOiM08XtuZIb2i0qyNjH
-N4qnqr166bny3tJnzOAgl1ljNHa8y+UsBTO3cCr17Jh0vL0KLSAGa9XvBAWKaG6b
-1iIXwXkCgYAVz+DA1yy0qfXdS1pgPiCJGlGZXpbBcFnqvbpGSclKWyUG4obYCbrb
-p5VKVfoK7uU0ly60w9+PNIRsX/VN/6SVcoOzKx40qQBMuYfJ72DQrsPjPYvNg/Nb
-4SK94Qhp9TlAyXbqKJ02DjtuDim44sGZ8g7b+k3FfoK4OtzNsqdVdQ==
------END RSA PRIVATE KEY-----
\ No newline at end of file diff --git a/jstests/libs/client_revoked.pem b/jstests/libs/client_revoked.pem index 03db67deb50..221c59e8427 100644 --- a/jstests/libs/client_revoked.pem +++ b/jstests/libs/client_revoked.pem @@ -1,48 +1,108 @@ ------BEGIN CERTIFICATE-----
-MIIDZTCCAk2gAwIBAgIBAjANBgkqhkiG9w0BAQUFADB0MRcwFQYDVQQDEw5LZXJu
-ZWwgVGVzdCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYw
-FAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UE
-BhMCVVMwHhcNMTQwNzE3MTYwMDAwWhcNMjAwNzE3MTYwMDAwWjB4MRcwFQYDVQQD
-Ew5jbGllbnRfcmV2b2tlZDETMBEGA1UECxMKS2VybmVsVXNlcjEQMA4GA1UEChMH
-TW9uZ29EQjEWMBQGA1UEBxMNTmV3IFlvcmsgQ2l0eTERMA8GA1UECBMITmV3IFlv
-cmsxCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-lJog+grPpvDFKFn9mxxToLgkx1uM+LmuRf1XG707TIccGfSKyZMGCcqlYVQmqT/J
-Fnq2rvtXGG9yxPhHoBwKw4x9rfQEy8Z93BAMNRoIlbt505HaWv7b+M3qksRHDLpw
-/Ix0Yay+fjT9DGmcrahC9h8c8SVtyHoODvxdmR7P+p7e6F6/6vcUkg/aU/50MRUN
-qGUSMkm/kpcjFNmDqRSLQoDPE8G2UOIolG/m95uaCOkGCT4lQjrCpR36fkr5a+vI
-UbDJP8M26Kp2fFnvObKzoSFSEVOMGeBM9p4qa88I4hwfthNFvGDOCNBKZK5ZxLZ3
-gGFcR6kL6u11y4zoLrZ6xwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQB8WQMn/cjh
-9qFtr7JL4VPIz/+96QaBmkHxMqiYL/iMg5Vko3GllLc1mgfWQfaWOvyRJClKj395
-595L2u8wBKon3DXUPAkinc6+VOwDWsxFLNtWl+jhigat5UDzGm8ZKFhl0WwNhqzZ
-dlNPrh2LJZzPFfimfGyVkhPHYYdELvn+bnEMT8ae1jw2yQEeVFzHe7ZdlV5nMOE7
-Gx6ZZhYlS+jgpIxez5aiKqit/0azq5GGkpCv2H8/EXxkR4gLZGYnIqGuZP3r34NY
-Lkh5J3Qnpyhdopa/34yOCa8mY1wW7vEro0fb/Dh21bpyEOz6tBk3C1QRaGD+XQOM
-cedxtUjYmWqn
+-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDAIpegzAwgnae4 +RwVEaI+hRszc/6Z//UnDoAEi7bBT4rP+AuSERQnTnx6xkka+maxGFbEpWd5q8zsj +Q16TUxF0Ud8CjR2dLhmLzKgXlzyE6u8g6bcn9g+IsT6eJ9GoE8ezD0xuMdAU8VwQ +a4WNiEWKHH7iNNHePz+5UCs0VVSPdHnoBErE70aHOKIaBb+uELytVk8hBEmLONXL +8tF4bL85fl2WmGfrpkGYFslz8Z4EKjXVyFOv6bAKuYGAYcd0cojugvV8IhJlfWc2 +gwZ5hQF16FKyzG45j0MMhMu7S860V+p2UKEpxWITxfMKdbBNglRcpLp+AR+xb074 +2+CwVm/hAgMBAAECggEBAK0m/6tD+LH0ItCqAI80BCz+F2YbZzv1UmLgceW+e6g9 +qKSEitjBNyfmQM0a3HKtH1pR9kUj3pRX+7W94x+2PwarOeWcs1GR2CfrGpmYDExl +RXhN6Gg1Eq7HvXzeuc1VdiVi5ihw7+vP0H5jyApTAwiCwb6uh2xZZ95j52vUcs6M +QcLWFucjgyz6VqDv9ySA87Sw+qoGr9Xo22w320go2KEwZgqbhjfCqZByVAivaVE2 +8tKd4RVtbCZvRZJpdL1fgiP/1AsD/VLyjBVQVaexLaSIyWAoxssHeXmOjG9tIvsa +SDXBBmXt8p1bc8Rzr1fg+bDjSwo1EkQSySVWwQL1vSECgYEA9sQNR+conpXADL+H +bsX2ClEXmU1OG0JmU0W+NIjd+pCtcBuB7FFgGR7259Kuoq0rKrClMuUWFm0yAy0k +ZvnANyEvLgMdVmGNc0e/GNtDX6IJQTsWM0OdebVNdHaBfWbj+9oxWBBSY+RGNo3t +xRIH19Sbu3/prfmafhU0J4mK7IUCgYEAx1MxhvCPQrty5focScvRQNWkAjZtPdwc +oah6BJ+3iwdardsQB5TuIzBidvs0FHxHpSHA2b7PMH9WkP/OZKdxsgCja3dsXEf4 +l1vKr4pXJHfx5/LIbkf8QZuhdNaaMeuVrJriyPGNua23nGCenWWFYpPSDZxDV1wc +OYfPHyaKUq0CgYAyv6MTlICQDLAQbxtFNsUg3giCaJmVlZRBr+gsGbG9JB/nHGEd +3qZqxCl3B6cOoZptDyMKUn62YgKVEKWZ3+cd718qkU1pRGq4uJqeXAmBE2vf1Gz+ +Yfty2kxxlSWQSqa8VuUq/UBUds/RzGKH0ut2Aa19ZBMEyn5xS58MOoctmQKBgQC3 +dTsAmClDooP+aFXhFldi9UAfSTkC1rUDla2408h7jilIG3iFge4tNTtrh4pH0Jug +wZBe2eCZIprqmoe83OEolK3VG/YAeb20kifbqdjLGBrvAea4mkjzmerhPyRtDgiU +9XoGuU1YuStmIwfalrZOJQAQxuK0ZXMVAIsCgNaPgQKBgC9K8Not3nYOFh1hmPZs +xvJ7nVsz0xKJK9gq0kqnmg+UkGDvlieZEamXXiJFKGMAs/75SG0IERbvDEHXlSQd +69pje5L0RIoG63vEtI5EoigNHnpfdzGZZinvGSA8OdPzhHZG7AXH0kmCIvu8Ipwi +QU8sipT2m0P/OTldqTRtBb2J +-----END PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4 (0x4) + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Kernel Test CA, OU=Kernel, O=MongoDB, L=New York City, ST=New York, C=US + Validity + Not Before: May 13 14:47:19 2019 GMT + Not After : May 10 14:47:19 2029 GMT + Subject: C=US, ST=New York, L=New York City, O=MongoDB, OU=KernelUser, CN=client_revoked + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c0:22:97:a0:cc:0c:20:9d:a7:b8:47:05:44:68: + 8f:a1:46:cc:dc:ff:a6:7f:fd:49:c3:a0:01:22:ed: + b0:53:e2:b3:fe:02:e4:84:45:09:d3:9f:1e:b1:92: + 46:be:99:ac:46:15:b1:29:59:de:6a:f3:3b:23:43: + 5e:93:53:11:74:51:df:02:8d:1d:9d:2e:19:8b:cc: + a8:17:97:3c:84:ea:ef:20:e9:b7:27:f6:0f:88:b1: + 3e:9e:27:d1:a8:13:c7:b3:0f:4c:6e:31:d0:14:f1: + 5c:10:6b:85:8d:88:45:8a:1c:7e:e2:34:d1:de:3f: + 3f:b9:50:2b:34:55:54:8f:74:79:e8:04:4a:c4:ef: + 46:87:38:a2:1a:05:bf:ae:10:bc:ad:56:4f:21:04: + 49:8b:38:d5:cb:f2:d1:78:6c:bf:39:7e:5d:96:98: + 67:eb:a6:41:98:16:c9:73:f1:9e:04:2a:35:d5:c8: + 53:af:e9:b0:0a:b9:81:80:61:c7:74:72:88:ee:82: + f5:7c:22:12:65:7d:67:36:83:06:79:85:01:75:e8: + 52:b2:cc:6e:39:8f:43:0c:84:cb:bb:4b:ce:b4:57: + ea:76:50:a1:29:c5:62:13:c5:f3:0a:75:b0:4d:82: + 54:5c:a4:ba:7e:01:1f:b1:6f:4e:f8:db:e0:b0:56: + 6f:e1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + FA:44:60:2A:D2:67:5E:08:C5:74:4E:A9:8A:35:38:4F:5F:5E:73:F3 + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Extended Key Usage: + TLS Web Client Authentication + Signature Algorithm: sha256WithRSAEncryption + 1d:d4:bc:e7:37:1e:52:7b:09:76:99:ad:47:fc:fe:20:7f:13: + 9f:42:ed:0d:6e:37:7d:a1:41:58:e0:4e:39:3b:67:93:fc:a7: + 3b:fe:71:33:a5:d8:1f:76:b8:e4:2e:ab:0a:17:95:8f:c5:62: + 47:21:65:66:ca:7b:35:e9:e5:16:e4:c2:28:5a:42:22:06:78: + 1c:bf:54:80:5d:90:e6:0d:bf:bf:67:75:7a:b7:30:22:18:9a: + 01:92:1b:af:0c:d7:60:22:7e:ea:9b:d1:4a:6f:69:8c:63:9c: + a7:6b:e8:fb:70:20:4b:0e:be:5b:df:df:ed:08:be:c7:91:3a: + b8:01:4f:55:6f:dc:8d:dc:09:30:22:83:fc:fa:a0:f3:96:fb: + 0b:ae:f8:ee:97:f0:0e:fa:8f:05:ad:64:cc:67:4e:b2:14:21: + 44:61:d3:5c:b9:3a:4c:fb:54:6a:20:18:2f:6c:97:31:35:05: + 64:15:9f:b5:df:5d:a5:e3:81:b2:e5:58:5c:be:42:09:d0:65: + 96:44:a4:8f:ec:89:f9:29:23:8a:38:19:c0:20:54:fa:a2:ee: + fe:17:a1:30:b2:f4:f2:f3:a6:e2:bf:76:47:be:ac:f4:f5:54: + 1d:99:cc:c0:52:74:8f:bb:f8:dd:2a:52:41:49:57:af:11:b1: + d6:b9:b7:a4 +-----BEGIN CERTIFICATE----- +MIIDtTCCAp2gAwIBAgIBBDANBgkqhkiG9w0BAQsFADB0MRcwFQYDVQQDEw5LZXJu +ZWwgVGVzdCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYw +FAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UE +BhMCVVMwHhcNMTkwNTEzMTQ0NzE5WhcNMjkwNTEwMTQ0NzE5WjB4MQswCQYDVQQG +EwJVUzERMA8GA1UECAwITmV3IFlvcmsxFjAUBgNVBAcMDU5ldyBZb3JrIENpdHkx +EDAOBgNVBAoMB01vbmdvREIxEzARBgNVBAsMCktlcm5lbFVzZXIxFzAVBgNVBAMM +DmNsaWVudF9yZXZva2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +wCKXoMwMIJ2nuEcFRGiPoUbM3P+mf/1Jw6ABIu2wU+Kz/gLkhEUJ058esZJGvpms +RhWxKVneavM7I0Nek1MRdFHfAo0dnS4Zi8yoF5c8hOrvIOm3J/YPiLE+nifRqBPH +sw9MbjHQFPFcEGuFjYhFihx+4jTR3j8/uVArNFVUj3R56ARKxO9GhziiGgW/rhC8 +rVZPIQRJizjVy/LReGy/OX5dlphn66ZBmBbJc/GeBCo11chTr+mwCrmBgGHHdHKI +7oL1fCISZX1nNoMGeYUBdehSssxuOY9DDITLu0vOtFfqdlChKcViE8XzCnWwTYJU +XKS6fgEfsW9O+NvgsFZv4QIDAQABo04wTDAJBgNVHRMEAjAAMB0GA1UdDgQWBBT6 +RGAq0mdeCMV0TqmKNThPX15z8zALBgNVHQ8EBAMCBaAwEwYDVR0lBAwwCgYIKwYB +BQUHAwIwDQYJKoZIhvcNAQELBQADggEBAB3UvOc3HlJ7CXaZrUf8/iB/E59C7Q1u +N32hQVjgTjk7Z5P8pzv+cTOl2B92uOQuqwoXlY/FYkchZWbKezXp5RbkwihaQiIG +eBy/VIBdkOYNv79ndXq3MCIYmgGSG68M12Aifuqb0UpvaYxjnKdr6PtwIEsOvlvf +3+0IvseROrgBT1Vv3I3cCTAig/z6oPOW+wuu+O6X8A76jwWtZMxnTrIUIURh01y5 +Okz7VGogGC9slzE1BWQVn7XfXaXjgbLlWFy+QgnQZZZEpI/sifkpI4o4GcAgVPqi +7v4XoTCy9PLzpuK/dke+rPT1VB2ZzMBSdI+7+N0qUkFJV68Rsda5t6Q= -----END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAlJog+grPpvDFKFn9mxxToLgkx1uM+LmuRf1XG707TIccGfSK
-yZMGCcqlYVQmqT/JFnq2rvtXGG9yxPhHoBwKw4x9rfQEy8Z93BAMNRoIlbt505Ha
-Wv7b+M3qksRHDLpw/Ix0Yay+fjT9DGmcrahC9h8c8SVtyHoODvxdmR7P+p7e6F6/
-6vcUkg/aU/50MRUNqGUSMkm/kpcjFNmDqRSLQoDPE8G2UOIolG/m95uaCOkGCT4l
-QjrCpR36fkr5a+vIUbDJP8M26Kp2fFnvObKzoSFSEVOMGeBM9p4qa88I4hwfthNF
-vGDOCNBKZK5ZxLZ3gGFcR6kL6u11y4zoLrZ6xwIDAQABAoIBAFlu0T3q18Iu0VlR
-n5GEYMgvSuM4NAVVKo8wwwYMwu1xuvXb+NMLyuyFqzaCQKpHmywOOnfhCC/KkxX8
-Ho87kTbTDKhuXZyOHx0cA1zKCDSlGdK8yt9M1vJMa0pdGi2M34b+uOQ35IVsOocH
-4KWayIH7g52V2xZ2bpOSSnpm0uCPZSBTgClCgTUYepOT2wbLn/8V0NtVpZhDsBqg
-fORuEHkiurrbLa8yjQsvbR+hsR/XbGhre8sTQapj4EITXvkEuOL/vwbRebhOFHgh
-8sipsXZ9CMaJkBpVoLZTxTKQID/9006cczJK2MGKFhn6mvP6AeFuJAM3xqLGZTc4
-xxpfJyECgYEA0+iKxy5r1WUpBHR8jTh7WjLc6r5MFJQlGgLPjdQW6gCIe/PZc+b9
-x5vDp27EQ1cAEePEu0glQ/yk19yfxbxrqHsRjRrgwoiYTXjGI5zZSjXKArHyEgBj
-XOyo5leO5XMFnk2AShPlh+/RhAW3NhxcWkBEAsCD6QyC3BPvP6aaAXkCgYEAs4WH
-dTuweTdnyquHQm59ijatvBeP8h4tBozSupflQjB9WxJeW5uEa8lNQ3lSz1F4TV3M
-xvGdDSqwftLRS2mWGho/1jaCeAzjsiUQ2WUHChxprt0+QU7XkJbaBY9eF+6THZFw
-sDG688TiolxqoD8OYi8EtxmIvbQhXHmXnrk3jj8CgYBSi74rkrisuqg8tQejl0Ht
-w+xsgM5wIblGJZwmOlzmsGh6KGYnkO6Ap/uSKELJnIVJcrk63wKtNigccjPGufwR
-+EbA+ZxeCwmQ/B/q1XmLP+K+JAUQ4BfUpdexSqA+XwzsOnJj6NY7mr65t+RDbs7G
-1Uvo6oc37Ai5pAZJfCN3uQKBgQAJr5qvaJkM8UBYXwjdPLjpTCnzjBHoLlifkdmM
-18U23QbmcwdESg/LAQF6MoGVTf//rJ/v2/ltTHBZZ2aDex7uKZxoImjHsWpXokhW
-cmz+zqmlFarWOzrGQl1hD2s0P1sQrVg3KXe8z1KrD/Fw0/Yitga7GlWWZrGmG6li
-lvu4YQKBgQANODQYEaz739IoPNnMfTpTqAoQIOR4PNdMfCXSQrCB8i0Hh4z48E4F
-DEAd1xIYyxI8pu7r52dQlBk7yrILOTG0gmgLJd5xKdtCTrasYAICI3hsRLtP8dVA
-8WeykXY4Wf1bYQ+VzKVImkwL/SBm2ik5woyxCzT8JSjyoAwRrQp9Vw==
------END RSA PRIVATE KEY-----
\ No newline at end of file diff --git a/jstests/libs/crl_client_revoked.pem b/jstests/libs/crl_client_revoked.pem index 0b99d56936e..4ac5ae7f5a8 100644 --- a/jstests/libs/crl_client_revoked.pem +++ b/jstests/libs/crl_client_revoked.pem @@ -1,41 +1,12 @@ -Certificate Revocation List (CRL): - Version 2 (0x1) - Signature Algorithm: sha256WithRSAEncryption - Issuer: /CN=Kernel Test CA/OU=Kernel/O=MongoDB/L=New York City/ST=New York/C=US - Last Update: Aug 21 13:43:27 2014 GMT - Next Update: Aug 18 13:43:27 2024 GMT - CRL extensions: - X509v3 CRL Number: - 4096 -Revoked Certificates: - Serial Number: 02 - Revocation Date: Aug 21 13:43:27 2014 GMT - Signature Algorithm: sha256WithRSAEncryption - 24:86:73:8d:7f:55:15:d0:d6:8a:47:53:cf:97:f7:e5:3d:0b: - 4a:ea:fb:02:6a:2e:79:c6:b1:38:b2:ac:f0:c0:64:47:b0:3e: - ad:4e:2e:94:e6:64:ed:79:34:bd:74:c0:d4:3d:b9:a1:bb:38: - 89:5c:02:6a:ad:6b:dc:3b:64:34:6a:2d:4c:90:36:82:95:0c: - 19:88:e2:a3:bf:8e:1b:56:98:37:32:87:ed:f0:bd:dd:e2:0d: - f9:80:dc:f2:a5:b4:ee:d9:bb:83:fe:b8:3a:13:e0:da:fc:04: - 77:fb:ce:f9:c5:2a:54:a7:f0:34:09:2a:b2:3d:46:1b:48:e6: - e8:16:c7:a1:3c:88:8c:72:cd:cc:53:dc:f8:54:63:1f:b9:8b: - ea:2c:e5:26:c5:b4:a4:9f:8b:e1:6c:85:9b:c6:63:6f:2f:ae: - 18:c5:6a:23:f0:58:27:85:5c:0f:01:04:da:d2:8b:de:9e:ab: - 46:00:22:07:28:e1:ef:46:91:90:06:58:95:05:68:67:58:6e: - 67:a8:0b:06:1a:73:d9:04:18:c9:a3:e4:e3:d6:94:a3:e1:5c: - e5:08:1b:b3:9d:ab:3e:ea:20:b1:04:e5:90:e1:42:54:b2:58: - bb:51:1a:48:87:60:b0:95:4a:2e:ce:a0:4f:8c:17:6d:6b:4c: - 37:aa:4d:d7 -----BEGIN X509 CRL----- -MIIB5DCBzQIBATANBgkqhkiG9w0BAQsFADB0MRcwFQYDVQQDEw5LZXJuZWwgVGVz -dCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYwFAYDVQQH -Ew1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UEBhMCVVMX -DTE0MDgyMTEzNDMyN1oXDTI0MDgxODEzNDMyN1owFDASAgECFw0xNDA4MjExMzQz -MjdaoA8wDTALBgNVHRQEBAICEAAwDQYJKoZIhvcNAQELBQADggEBACSGc41/VRXQ -1opHU8+X9+U9C0rq+wJqLnnGsTiyrPDAZEewPq1OLpTmZO15NL10wNQ9uaG7OIlc -Amqta9w7ZDRqLUyQNoKVDBmI4qO/jhtWmDcyh+3wvd3iDfmA3PKltO7Zu4P+uDoT -4Nr8BHf7zvnFKlSn8DQJKrI9RhtI5ugWx6E8iIxyzcxT3PhUYx+5i+os5SbFtKSf -i+FshZvGY28vrhjFaiPwWCeFXA8BBNrSi96eq0YAIgco4e9GkZAGWJUFaGdYbmeo -CwYac9kEGMmj5OPWlKPhXOUIG7Odqz7qILEE5ZDhQlSyWLtRGkiHYLCVSi7OoE+M -F21rTDeqTdc= +MIIB0DCBuTANBgkqhkiG9w0BAQsFADB0MRcwFQYDVQQDEw5LZXJuZWwgVGVzdCBD +QTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYwFAYDVQQHEw1O +ZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UEBhMCVVMXDTE5 +MDUxMzE1MTYzOVoXDTI5MDUxMDE1MTYzOVowFDASAgEEFw0xOTA1MTMxNTE2MDZa +MA0GCSqGSIb3DQEBCwUAA4IBAQBm+QuZ+D8/Qw1CTXAJlAnT+WGI+9Gv+OvLbzej +LUYGCHpKoKO356HV7kf0DvDbaj5GooFtfeH4H0BxIPw/Ok4WQa9W1BqW/uEY9qn7 +waiwv3KMKu5xai6EhbU92jB45f6jrVfRpx3GS0Y11jrvj0g3fj4D4+qXC3efTBre +yd2daMMU9WHmZvfuOjtqN3KRh+sw/jX4B/ANigUY3ulWWI9czTyJRy8EHerJci/o +y3btw8HVDf1f7OTArsycVankwai1jfaPsQKUJ8vjUboYl8PzgfPN2vRhRKc1PZJ2 +LFRzAuQMCjTMAWhlybEIo8FkjoXBtaVHPDHSFqw8dOYKDald -----END X509 CRL----- diff --git a/jstests/libs/localhostnameCN.pem b/jstests/libs/localhostnameCN.pem index e6aca6a217d..b926d9bba1e 100644 --- a/jstests/libs/localhostnameCN.pem +++ b/jstests/libs/localhostnameCN.pem @@ -1,48 +1,111 @@ ------BEGIN CERTIFICATE-----
-MIIDgTCCAmmgAwIBAgIBBTANBgkqhkiG9w0BAQUFADB0MRcwFQYDVQQDEw5LZXJu
-ZWwgVGVzdCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYw
-FAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UE
-BhMCVVMwHhcNMTQwNzE3MTYwMDAwWhcNMjAwNzE3MTYwMDAwWjBvMRIwEAYDVQQD
-EwkxMjcuMC4wLjExDzANBgNVBAsTBktlcm5lbDEQMA4GA1UEChMHTW9uZ29EQjEW
-MBQGA1UEBxMNTmV3IFlvcmsgQ2l0eTERMA8GA1UECBMITmV3IFlvcmsxCzAJBgNV
-BAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqQNGgQggL8S
-LlxRgpM3qoktt3J9Pd3WXkknz7OjQr4dyj9wd0VNuD6+Ycg1mBbopO+M/K/ZWv8c
-7WDMM13DDZtpWjm+Q6uFc+vlI9Q9bLHgsZF9kVGRb2bNAfV2bC5/UnO1ulQdHoIB
-p3e/Jtko2WmruzVQFGVMBGCY7RlMRyxe3R8rwNNFvooMRg8yq8tq0qBkVhh85kct
-HHPggXD4/uM2Yc/Q94t5MhDFabewdzsFOLqvI/Y5eIeZLhdIzAv37kolr8AuyqIR
-qcJKztXIrFbLgEZBjoCNkOYZOQE+l8iwwiZxoZN9Jv7x5LyiA+ijtQ+5aI/kMPqG
-nox+/bNFCQIDAQABoyMwITAfBgNVHREEGDAWgglsb2NhbGhvc3SCCTEyNy4wLjAu
-MTANBgkqhkiG9w0BAQUFAAOCAQEAVJJNuUVzMRaft17NH6AzMSTiJxMFWoafmYgx
-jZnzA42XDPoPROuN7Bst6WVYDNpPb1AhPDco9qDylSZl0d341nHAuZNc84fD0omN
-Mbqieu8WseRQ300cbnS8p11c9aYpO/fNQ5iaYhGsRT7pnLs9MIgR468KVjY2xt49
-V0rshG6RxZj83KKuJd0T4X+5UeYz4B677y+SR0aoK2I2Sh+cffrMX2LotHc2I+JI
-Y9SDLvQT7chD9GzaWz634kmy3EEY0LreMm6AxhMOsr0lbZx5O8wLTScSjKARJ6OH
-nPxM1gYT07mkNmfyEnl1ChAN0MPgcLHQqEfe7x7ZQSbAv2gWfA==
+-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCRzOZXV5+ob+Me +iwWYxwNxpDCCIG4IyZJgk0zDVsNtQsTdtQ9GVtBTUJImSmxy1vxeTc1JD/pAGUcZ +e8Ecy1T5YD6S6qlR1t+kvwlrNyJNEfjeU/3vBMubQH2a8E8Orm3YAhhWlPVacd0j +R4L+gL5vByrJaIwLTfpq4Q7N+3XS4X47LT/V5PeV9T1c+nbF2BZfoEq2+r/7P2Nu +37mhH2jsFhZgcJd9kKUBJH3mhOD5jXOaIv/E+MoSSV9fZ5EeYcz6Qkv7eeA7SjwG +zDQT8xlmvWVf+taQ+DUuKFg7z/AXOPymPNTaGsO45xhMeygEdCedGexx9SKZwLQW +pwU0/uuxAgMBAAECggEAOa17OfY5/OI2UPDiR+wC2sP/RJsbrHJBa98ZsPTz3pdZ +VfO4lTTmuO7YwjkS6eNOdugEW/DsKMtXKyef34o4lWaTmn8meG+ujXfdfAKVmTOQ +5jMH87RL76D1j4OdYstyPM+nXSkUXrFIsBosIg5AR5/oN0EalaZFeF6MAsSFeeSN +tYcfJBopdYX1zRXAWqQ6PijZXq8VU48SsCfUSOSFF4p4i+BtzuAqHRmQyagef8VI +doWES633ENhVLSvZqzk/8RWScHn6w0Uz8Ge9ltI20X37OfEK2Luo5lK1aq8xnoo6 +5PZ091H8/0q9UfeBZ6c4xABn1KE39b5TQqE9CjGZoQKBgQDCGkOkHgFzUW9J5Tx8 +vY0eUkSiOm5h4EcgS0KErJe0HO//33LI6tmQIoaW/mX8kunIJPOX2KDAuoqm3mII +WarEWZWJxfGH2DbDRNvgMQhkqoQy6sO37Ry2Wg8ZvhvF2T08WLoz/2nO+tPWh9To +/JyxnSk+hUh/tVMO+Or7RrUC/QKBgQDAS3FQP0WNeTzeU5ZEmVH4j9Ng1/ChdhDT +tLOJv4lxvhwxauw20AjZsMiefyDsvGO4xSq3rPfks4W04AqU4iakC48AmBzwyzDJ +S79Ar28zzNLzsqZ5SbhdzyVGBW3llEQilFCqUOV744BSaMBcJfOyejYd6HoxWTzq +XWEKeDnLxQKBgE4cz7fOM3s6/HRaglsY1R+sr94xcZaF8Vm3r89AvdRICPWJ8OGW +UXPF0TAWtOhOHzLiW/1xuk+VQpMgz4bYvvZBrwJA3JB0nKU8ote4I86PKKBtBdKQ +44sm9wi/DuIyKIiOlHC0ito26uVcyHvynQSFYMG+VYy/ZeuSlM4GiHXpAoGAVQpI +L3v7z2gZgh0nLGk9thYtHfwBn/Yt1OJqL/Xz28h+gWBO3KK99z/WSTnhnrBlzZXs +oVQuQQcfj3ExXMxy2EOAV3vt+JNznOIRz5KGNDtV445TTvpKPbpZOpE2G7ypMT20 +Os4R3usqmcdXoqjqEDk565ofR+m2JdNsEgw/Sx0CgYAlvd1tACLh9uWmAbKB9ade +PGyUcEbEPbWGMexvu2Oo0hcpdncvGdtVQbgTqLQRPTC8IDeZrlq6tvxgml2W1DiV ++PnhiIOCxXxgwBleKsa2Veqk7UXg3m1E5KO+Hf4hA1Eh63+hqfTSwTPtdHh7URlV +PqAq4twgWQ8UZy7c/5vVrQ== +-----END PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 5 (0x5) + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Kernel Test CA, OU=Kernel, O=MongoDB, L=New York City, ST=New York, C=US + Validity + Not Before: May 13 14:54:59 2019 GMT + Not After : May 10 14:54:59 2029 GMT + Subject: C=US, ST=New York, L=New York City, O=MongoDB, OU=Kernel, CN=127.0.0.1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:91:cc:e6:57:57:9f:a8:6f:e3:1e:8b:05:98:c7: + 03:71:a4:30:82:20:6e:08:c9:92:60:93:4c:c3:56: + c3:6d:42:c4:dd:b5:0f:46:56:d0:53:50:92:26:4a: + 6c:72:d6:fc:5e:4d:cd:49:0f:fa:40:19:47:19:7b: + c1:1c:cb:54:f9:60:3e:92:ea:a9:51:d6:df:a4:bf: + 09:6b:37:22:4d:11:f8:de:53:fd:ef:04:cb:9b:40: + 7d:9a:f0:4f:0e:ae:6d:d8:02:18:56:94:f5:5a:71: + dd:23:47:82:fe:80:be:6f:07:2a:c9:68:8c:0b:4d: + fa:6a:e1:0e:cd:fb:75:d2:e1:7e:3b:2d:3f:d5:e4: + f7:95:f5:3d:5c:fa:76:c5:d8:16:5f:a0:4a:b6:fa: + bf:fb:3f:63:6e:df:b9:a1:1f:68:ec:16:16:60:70: + 97:7d:90:a5:01:24:7d:e6:84:e0:f9:8d:73:9a:22: + ff:c4:f8:ca:12:49:5f:5f:67:91:1e:61:cc:fa:42: + 4b:fb:79:e0:3b:4a:3c:06:cc:34:13:f3:19:66:bd: + 65:5f:fa:d6:90:f8:35:2e:28:58:3b:cf:f0:17:38: + fc:a6:3c:d4:da:1a:c3:b8:e7:18:4c:7b:28:04:74: + 27:9d:19:ec:71:f5:22:99:c0:b4:16:a7:05:34:fe: + eb:b1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Alternative Name: + DNS:localhost, DNS:127.0.0.1 + X509v3 Subject Key Identifier: + 74:B6:E6:1F:C2:00:FD:0B:E9:23:64:B5:F9:55:6F:5C:83:13:74:45 + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication + Signature Algorithm: sha256WithRSAEncryption + 4e:b6:51:b9:5b:c5:27:a3:3c:c9:ac:80:25:4f:9b:d0:82:65: + 55:be:ec:f3:a8:7a:78:5f:88:1e:6f:f7:9e:55:ac:6f:5b:93: + 48:6e:ae:1c:72:f7:14:2a:66:4e:28:2f:70:ba:29:63:47:4c: + 1b:52:95:92:76:2a:ed:d6:fb:2a:8e:1b:18:91:3b:b5:3b:34: + d2:1b:8d:3d:7f:59:44:b1:e6:f4:6a:92:16:39:df:9a:97:7b: + e6:58:8b:a4:cd:6b:8d:9b:4a:f5:5b:4a:96:52:66:d7:f5:36: + 21:a7:b6:f1:4e:c8:f2:0f:15:ee:bf:53:8a:13:50:5e:b6:76: + 83:7f:f3:7d:59:b7:d3:6a:85:ee:cf:f8:b4:b1:41:91:57:c3: + 37:f8:81:9c:16:24:49:6f:4f:3e:6c:ee:b1:5b:8c:bb:29:1e: + 52:a6:c9:c6:67:aa:77:b9:c6:fc:43:f9:31:78:57:2c:84:c0: + 61:ca:8e:64:2b:b7:1d:0b:c8:35:e0:d5:62:0a:64:4e:ca:30: + e3:b4:d1:65:65:fa:3b:b5:2d:41:f5:f0:83:19:ce:4a:90:61: + 7c:8d:b5:f4:b6:95:67:16:39:72:da:67:43:7e:a1:02:ea:d2: + de:17:3b:4a:9c:a5:f8:72:c2:6a:8c:31:e6:c3:87:23:a6:6b: + d8:b4:b3:83 +-----BEGIN CERTIFICATE----- +MIIDzTCCArWgAwIBAgIBBTANBgkqhkiG9w0BAQsFADB0MRcwFQYDVQQDEw5LZXJu +ZWwgVGVzdCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYw +FAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UE +BhMCVVMwHhcNMTkwNTEzMTQ1NDU5WhcNMjkwNTEwMTQ1NDU5WjBvMQswCQYDVQQG +EwJVUzERMA8GA1UECAwITmV3IFlvcmsxFjAUBgNVBAcMDU5ldyBZb3JrIENpdHkx +EDAOBgNVBAoMB01vbmdvREIxDzANBgNVBAsMBktlcm5lbDESMBAGA1UEAwwJMTI3 +LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkczmV1efqG/j +HosFmMcDcaQwgiBuCMmSYJNMw1bDbULE3bUPRlbQU1CSJkpsctb8Xk3NSQ/6QBlH +GXvBHMtU+WA+kuqpUdbfpL8JazciTRH43lP97wTLm0B9mvBPDq5t2AIYVpT1WnHd +I0eC/oC+bwcqyWiMC036auEOzft10uF+Oy0/1eT3lfU9XPp2xdgWX6BKtvq/+z9j +bt+5oR9o7BYWYHCXfZClASR95oTg+Y1zmiL/xPjKEklfX2eRHmHM+kJL+3ngO0o8 +Bsw0E/MZZr1lX/rWkPg1LihYO8/wFzj8pjzU2hrDuOcYTHsoBHQnnRnscfUimcC0 +FqcFNP7rsQIDAQABo28wbTAJBgNVHRMEAjAAMB8GA1UdEQQYMBaCCWxvY2FsaG9z +dIIJMTI3LjAuMC4xMB0GA1UdDgQWBBR0tuYfwgD9C+kjZLX5VW9cgxN0RTALBgNV +HQ8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEB +AE62UblbxSejPMmsgCVPm9CCZVW+7POoenhfiB5v955VrG9bk0hurhxy9xQqZk4o +L3C6KWNHTBtSlZJ2Ku3W+yqOGxiRO7U7NNIbjT1/WUSx5vRqkhY535qXe+ZYi6TN +a42bSvVbSpZSZtf1NiGntvFOyPIPFe6/U4oTUF62doN/831Zt9Nqhe7P+LSxQZFX +wzf4gZwWJElvTz5s7rFbjLspHlKmycZnqne5xvxD+TF4VyyEwGHKjmQrtx0LyDXg +1WIKZE7KMOO00WVl+ju1LUH18IMZzkqQYXyNtfS2lWcWOXLaZ0N+oQLq0t4XO0qc +pfhywmqMMebDhyOma9i0s4M= -----END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEAiqQNGgQggL8SLlxRgpM3qoktt3J9Pd3WXkknz7OjQr4dyj9w
-d0VNuD6+Ycg1mBbopO+M/K/ZWv8c7WDMM13DDZtpWjm+Q6uFc+vlI9Q9bLHgsZF9
-kVGRb2bNAfV2bC5/UnO1ulQdHoIBp3e/Jtko2WmruzVQFGVMBGCY7RlMRyxe3R8r
-wNNFvooMRg8yq8tq0qBkVhh85kctHHPggXD4/uM2Yc/Q94t5MhDFabewdzsFOLqv
-I/Y5eIeZLhdIzAv37kolr8AuyqIRqcJKztXIrFbLgEZBjoCNkOYZOQE+l8iwwiZx
-oZN9Jv7x5LyiA+ijtQ+5aI/kMPqGnox+/bNFCQIDAQABAoIBAQAMiUT+Az2FJsHY
-G1Trf7Ba5UiS+/FDNNn7cJX++/lZQaOj9BSRVFzwuguw/8+Izxl+QIL5HlWDGupc
-tJICWwoWIuVl2S7RI6NPlhcEJF7hgzwUElnOWBfUgPEsqitpINM2e2wFSzHO3maT
-5AoO0zgUYK+8n9d74KT9CFcLqWvyS3iksK/FXfCZt0T1EoJ4LsDjeCTfVKqrku2U
-+fCnZZYNkrgUI7Hku94EJfOh462V4KQAUGsvllwb1lfmR5NR86G6VX6oyMGctL5e
-1M6XQv+JQGEmAe6uULtCUGh32fzwJ9Un3j2GXOHT0LWrVc5iLuXwwzQvCGaMYtKm
-FAIDpPxhAoGBAMtwzpRyhf2op/REzZn+0aV5FWKjeq69Yxd62RaOf2EetcPwvUOs
-yQXcP0KZv15VWU/XhZUmTkPf52f0YHV/b1Sm6wUOiMNQ4XpnRj2THf0N7RS4idMm
-VwtMf1pxqttxQVKPpOvPEiTyIh2Nx/juyfD4CWkOVNTvOCd1w+av6ukNAoGBAK51
-gIXDuwJ2e5h3IJyewN/HOZqlgPKyMjnACaeXQ5wPJSrz4+UkJkuXT2dYKhv6u7K/
-GtucTdvBIJeq61+LjjkYk7OVDzoqP/uWU7p1y7gU9LZq+7tgq7r8cgeaC3IBQe7X
-jdFPEy1+zAEBh6MfFjnLZ2Kop9qbH3cNih/g9pTtAoGBAJ8dmdUtRXNByCsa7Rv2
-243qiDlf14J4CdrBcK1dwm75j/yye7VEnO2Cd8/lZHGpm3MBBC/FiA06QElkL1V2
-2GKDMun/liP9TH1p7NwYBqp3i+ha9SE6qXXi3PCmWpXLnOWwB7OPf4d6AgjPbYpb
-aYKY3PNYDC2G9IqYZyI0kSy5AoGBAJ5Fe5PfPom9c+OeL7fnTpO16kyiWZnUkDxU
-PG4OjQfHtbCCEv6PDS8G1sKq+Yjor+A5/+O8qeX0D92I8oB720txQI5rbKUYL3PP
-raY7t9YJLPlRlY8o5KN+4vSCjF+hRG+qnr6FPqDHp8xB1wvl6AQGxIR8/csVcDZR
-0j2ZmhsBAoGAO1Cpk/hWXOLAhSj8P8Q/+3439HEctTZheVBd8q/TtdwXocaZMLi8
-MXURuVTw0GtS9TmdqOFXzloFeaMhJx6TQzZ2aPcxu95b7RjEDtVHus3ed2cSJ2El
-AuRvFT2RCVvTu1mM0Ti7id+d8QBcpbIpPjNjK2Wxir/19gtEawlqlkA=
------END RSA PRIVATE KEY-----
\ No newline at end of file diff --git a/jstests/libs/localhostnameSAN.pem b/jstests/libs/localhostnameSAN.pem index 480300f29e1..ed6492e0090 100644 --- a/jstests/libs/localhostnameSAN.pem +++ b/jstests/libs/localhostnameSAN.pem @@ -1,49 +1,112 @@ ------BEGIN CERTIFICATE-----
-MIIDpDCCAoygAwIBAgIBBjANBgkqhkiG9w0BAQUFADB0MRcwFQYDVQQDEw5LZXJu
-ZWwgVGVzdCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYw
-FAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UE
-BhMCVVMwHhcNMTQwNzE3MTYwMDAwWhcNMjAwNzE3MTYwMDAwWjB5MRwwGgYDVQQD
-ExNzYW50ZXN0aG9zdG5hbWUuY29tMQ8wDQYDVQQLEwZLZXJuZWwxEDAOBgNVBAoT
-B01vbmdvREIxFjAUBgNVBAcTDU5ldyBZb3JrIENpdHkxETAPBgNVBAgTCE5ldyBZ
-b3JrMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-AJKOLTNEPv08IVmhfkv6Xq1dT6pki76ggpJ7UpwdUSsTsWDKO2o1c7wnzEjfhYQ+
-CtlEvbYyL3O7f8AaO15WJdi53SMuWS+QfCKs6b0symYbinSXlZGb4oZYFSrodSxH
-+G8u+TUxyeaXgTHowMWArmTRi2LgtIwXwwHJawfhFDxji3cSmLAr5YQMAaXUynq3
-g0DEAGMaeOlyn1PkJ2ZfJsX2di+sceKb+KK1xT+2vUSsvnIumBCYqMhU6y3WjBWK
-6WrmOcsldWo4IcgyzwVRlZiuuYoe6ZsxZ4nMyTdYebALPqgkt8QVXqkgcjWK8F18
-nuqWIAn1ISTjj73H4cnzYv0CAwEAAaM8MDowOAYDVR0RBDEwL4INKi5leGFtcGxl
-LmNvbYIJMTI3LjAuMC4xgghtb3JlZnVuIYIJbG9jYWxob3N0MA0GCSqGSIb3DQEB
-BQUAA4IBAQA5M3U4wvQYI3jz/+Eh4POrJAs9eSRGkUhz1lP7D6Fcyp+BbbXB1fa9
-5qpD4bp1ZoDP2R2zca2uwwfd3DTWPbmwFMNqs2D7d0hgX71Vg9DCAwExFjoeRo44
-cCE9kakZtE3kT/tiH6SpYpnBa3dizxTmiY48z212Pw813SSXSPMN1myx5sMJof5I
-whJNQhSQOw6WHw5swZJZT4FkzxjQMrTWdF6r0d5EU9K2WWk5DTwq4QaysplB5l0H
-8qm+fnC6xI+2qgqMO9xqc6qMtHHICXtdUOup6wj/bdeo7bAQdVDyKlFKiYivDXvO
-RJNp2cwsBgxU+qdrtOLp7/j/0R3tUqWb
+-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDIFYKNonJfhIJu +bgg+46we/wQfbmpcqDyRSTPDV4yMZ+0QW+dFDh1gBrTb5juVx4mTWjTyy48/FARi +naq/spbant/O7GtTswu71+ahGC5LOS8LIFWZonzKU6H8y13JDr4EtpNtLAKWbkh6 +3WP1CUiOqB9Q0zX//IySMK3pmZq1tQQST9/a8u0Ip9tUDQvqDxr1E/IJRzViFUB1 +zR2W/JAnFDbH348hvSZN5JkelywPRXnX2BNRXO+g8jEfSkAC7263Hb23osgG7/Ev +8SH6F3gFRuBOlMA1w+SttLXRB7YAAws7uO0K9W/43mAZ+QbWz+C0ncaZBGFEu2pE +/RBcARnPAgMBAAECggEBAK7AEqlPYyNHoX9/fJYo1RCxXFFzZ1QL3/Jog9wtn+SV +dDigfAoU/NT8poOUvx/fCap309zmqvLFsdrLp/ELsrO4pPKeDFMrAqmKNLUoYG50 +wECwefLYNrOjfcxDdmL/DDkjmPl1wcDPC2C78ex2sjdeYRN/lR9B3Shlec+Xx8bA +ijkUB89TfqKoch1RepCUC3EBzQaQHj3OSOj6PDaJG+O4YEHdTyP+GjNDw6TW7FNT +lJpYixhyl+kHLA3QtP7ZLsQSZ2fGUVdVQpHprFX0BufPVgrgTUGGJwR4qciAhuo1 +CXg8pFu4OFPXJboG4N/JHerdDi2ZXD9C+9IOran/UakCgYEA43VMv9UPZqUEtMvk +hbcvr3EyK2sItAC30yoOjhBsQ3btthcZN2US3jK4QIBQtBlr07B9fQh9pSstQm1P +NnrAt8UT8DSRTysJe8ibbm7rKZUQBHnCDgrIBPgMKbIi2OTyQT4okq8uX+8x42zN +Vja7DTRJ0iGqZkqswV7TA4QHc/sCgYEA4TDctiT+VCPonREiVtyeSq2SwYpOIzeZ +P2A0jp5miJ/ekUhG/3eD4CstB+abJ3fViyrJvnTbHvQYDZB3B0w2+PiycbtFRrle +unZdnK6ZEZUEZ8dS1PANf1oQQ023ByTJ+So4lkCVFSCP0N/eMPt9ZgBzeOgdFFHM +GHXXHSSOtT0CgYBKf4vQtN7jdp7w/GrvpM0YgFG3SMpD8oxCvF6iBxz+h8BZyHz4 +2MDyR9hzP9Ou+TiI0CB5yEMmytp7DERKiq/+QK1EGmORc34ardzCsc+SAgGKBbsa +UEus3PVW3sJtGaeC2PH/ASOGRlinrWYfm7NuIrce/OnLsR+eAgnI+ABc6wKBgQCZ +Vr5TwSj1fmYc3df2MdAPpdWyuEywqmFNyGLBYpcLHWFeqErAFk/US1IkeSDZZT4h +v4cUi1nR4ACo6+BBNeKQ8jgAPbbUi9E3QvZHhJRyZnhTemSq3rMyLs+4JKkm0iQ9 +6EQT+/IIKt4DKw2PaRBgbpoykEuM1I4XcdaC36vVOQKBgQC3RQGZvehpTdGJmqPd +o5+VQO+J/74ey07ZF3HMYgM4JyleD+Izjzd66QG4hepiqZAaLmCnq2THztJvNE6V +Ly1yxYg8sBitncLcirCGDkoMtKm1L4JrbaxUZY35OvTWRfD8FuCWAGR0QXO65owh +I8vHlFlEm2s/1Ipp2v/qQVNoIA== +-----END PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 6 (0x6) + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Kernel Test CA, OU=Kernel, O=MongoDB, L=New York City, ST=New York, C=US + Validity + Not Before: May 13 14:55:25 2019 GMT + Not After : May 10 14:55:25 2029 GMT + Subject: C=US, ST=New York, L=New York City, O=MongoDB, OU=Kernel, CN=santesthostname.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c8:15:82:8d:a2:72:5f:84:82:6e:6e:08:3e:e3: + ac:1e:ff:04:1f:6e:6a:5c:a8:3c:91:49:33:c3:57: + 8c:8c:67:ed:10:5b:e7:45:0e:1d:60:06:b4:db:e6: + 3b:95:c7:89:93:5a:34:f2:cb:8f:3f:14:04:62:9d: + aa:bf:b2:96:da:9e:df:ce:ec:6b:53:b3:0b:bb:d7: + e6:a1:18:2e:4b:39:2f:0b:20:55:99:a2:7c:ca:53: + a1:fc:cb:5d:c9:0e:be:04:b6:93:6d:2c:02:96:6e: + 48:7a:dd:63:f5:09:48:8e:a8:1f:50:d3:35:ff:fc: + 8c:92:30:ad:e9:99:9a:b5:b5:04:12:4f:df:da:f2: + ed:08:a7:db:54:0d:0b:ea:0f:1a:f5:13:f2:09:47: + 35:62:15:40:75:cd:1d:96:fc:90:27:14:36:c7:df: + 8f:21:bd:26:4d:e4:99:1e:97:2c:0f:45:79:d7:d8: + 13:51:5c:ef:a0:f2:31:1f:4a:40:02:ef:6e:b7:1d: + bd:b7:a2:c8:06:ef:f1:2f:f1:21:fa:17:78:05:46: + e0:4e:94:c0:35:c3:e4:ad:b4:b5:d1:07:b6:00:03: + 0b:3b:b8:ed:0a:f5:6f:f8:de:60:19:f9:06:d6:cf: + e0:b4:9d:c6:99:04:61:44:bb:6a:44:fd:10:5c:01: + 19:cf + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Alternative Name: + DNS:*.example.com, DNS:127.0.0.1, DNS:morefun!, DNS:localhost + X509v3 Subject Key Identifier: + D5:F5:A8:F8:D3:85:48:B2:99:95:40:74:26:FD:69:D3:60:55:14:AF + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication + Signature Algorithm: sha256WithRSAEncryption + 1b:c8:9c:5e:e9:5f:85:ba:c7:3c:13:5f:11:7f:4d:fa:64:1d: + 77:b0:6f:c8:b7:e4:31:16:d4:e6:07:5d:1e:16:92:03:b2:cb: + 0e:82:9c:df:c9:c8:54:c3:6a:2c:a1:b8:7d:32:02:19:67:1c: + b6:1c:52:c1:e2:27:42:5f:06:b4:95:bf:21:af:9f:38:47:5d: + 66:eb:26:b4:c0:0c:ec:cc:46:86:65:e3:a7:1d:58:22:eb:07: + fb:ba:82:a7:9e:5e:91:91:1e:9a:a7:eb:11:dd:bd:60:4f:38: + 82:63:c8:9c:26:c9:f8:e6:9b:6d:37:a0:14:2f:20:34:94:0a: + 1c:ea:04:95:22:97:9d:13:9b:df:2d:36:3b:e0:05:9a:4f:dc: + 18:82:78:a4:be:0f:01:43:14:d4:8b:1c:b0:9a:c4:43:72:19: + b5:9d:b6:bf:2c:d1:0a:20:14:a9:da:d6:81:59:c8:3f:45:24: + 00:39:10:30:34:7f:85:0b:02:9d:42:04:32:74:bf:c0:fd:34: + 76:37:cc:f0:a1:45:7c:13:d0:f2:d3:c6:92:fa:49:ab:89:c9: + 60:fb:6a:62:cb:8c:55:e4:30:8c:e0:f7:4e:46:f4:41:e2:5d: + b0:8b:ba:f6:16:69:c0:60:a9:72:d3:9e:7a:9c:fb:ef:e2:70: + 0a:fd:2d:a0 +-----BEGIN CERTIFICATE----- +MIID8jCCAtqgAwIBAgIBBjANBgkqhkiG9w0BAQsFADB0MRcwFQYDVQQDEw5LZXJu +ZWwgVGVzdCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYw +FAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UE +BhMCVVMwHhcNMTkwNTEzMTQ1NTI1WhcNMjkwNTEwMTQ1NTI1WjB5MQswCQYDVQQG +EwJVUzERMA8GA1UECAwITmV3IFlvcmsxFjAUBgNVBAcMDU5ldyBZb3JrIENpdHkx +EDAOBgNVBAoMB01vbmdvREIxDzANBgNVBAsMBktlcm5lbDEcMBoGA1UEAwwTc2Fu +dGVzdGhvc3RuYW1lLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AMgVgo2icl+Egm5uCD7jrB7/BB9ualyoPJFJM8NXjIxn7RBb50UOHWAGtNvmO5XH +iZNaNPLLjz8UBGKdqr+yltqe387sa1OzC7vX5qEYLks5LwsgVZmifMpTofzLXckO +vgS2k20sApZuSHrdY/UJSI6oH1DTNf/8jJIwremZmrW1BBJP39ry7Qin21QNC+oP +GvUT8glHNWIVQHXNHZb8kCcUNsffjyG9Jk3kmR6XLA9FedfYE1Fc76DyMR9KQALv +brcdvbeiyAbv8S/xIfoXeAVG4E6UwDXD5K20tdEHtgADCzu47Qr1b/jeYBn5BtbP +4LSdxpkEYUS7akT9EFwBGc8CAwEAAaOBiTCBhjAJBgNVHRMEAjAAMDgGA1UdEQQx +MC+CDSouZXhhbXBsZS5jb22CCTEyNy4wLjAuMYIIbW9yZWZ1biGCCWxvY2FsaG9z +dDAdBgNVHQ4EFgQU1fWo+NOFSLKZlUB0Jv1p02BVFK8wCwYDVR0PBAQDAgWgMBMG +A1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IBAQAbyJxe6V+Fusc8 +E18Rf036ZB13sG/It+QxFtTmB10eFpIDsssOgpzfychUw2osobh9MgIZZxy2HFLB +4idCXwa0lb8hr584R11m6ya0wAzszEaGZeOnHVgi6wf7uoKnnl6RkR6ap+sR3b1g +TziCY8icJsn45pttN6AULyA0lAoc6gSVIpedE5vfLTY74AWaT9wYgnikvg8BQxTU +ixywmsRDchm1nba/LNEKIBSp2taBWcg/RSQAORAwNH+FCwKdQgQydL/A/TR2N8zw +oUV8E9Dy08aS+kmriclg+2piy4xV5DCM4PdORvRB4l2wi7r2FmnAYKly0556nPvv +4nAK/S2g -----END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAko4tM0Q+/TwhWaF+S/perV1PqmSLvqCCkntSnB1RKxOxYMo7
-ajVzvCfMSN+FhD4K2US9tjIvc7t/wBo7XlYl2LndIy5ZL5B8IqzpvSzKZhuKdJeV
-kZvihlgVKuh1LEf4by75NTHJ5peBMejAxYCuZNGLYuC0jBfDAclrB+EUPGOLdxKY
-sCvlhAwBpdTKereDQMQAYxp46XKfU+QnZl8mxfZ2L6xx4pv4orXFP7a9RKy+ci6Y
-EJioyFTrLdaMFYrpauY5yyV1ajghyDLPBVGVmK65ih7pmzFniczJN1h5sAs+qCS3
-xBVeqSByNYrwXXye6pYgCfUhJOOPvcfhyfNi/QIDAQABAoIBADqGMkClwS2pJHxB
-hEjc+4/pklWt/ywpttq+CpgzEOXN4GiRebaJD+WUUvzK3euYRwbKb6PhWJezyWky
-UID0j/qDBm71JEJdRWUnfdPAnja2Ss0Sd3UFNimF5TYUTC5ZszjbHkOC1WiTGdGP
-a+Oy5nF2SF4883x6RLJi963W0Rjn3jIW9LoLeTgm9bjWXg3iqonCo3AjREdkR/SG
-BZaCvulGEWl/A3a7NmW5EGGNUMvzZOxrqQz4EX+VnYdb7SPrH3pmQJyJpAqUlvD5
-y7pO01fI0wg9kOWiIR0vd3Gbm9NaFmlH9Gr2oyan3CWt1h1gPzkH/V17rZzVYb5L
-RnjLdyECgYEA6X16A5Gpb5rOVR/SK/JZGd+3z52+hRR8je4WhXkZqRZmbn2deKha
-LKZi1eVl11t8zitLg/OSN1uZ/873iESKtp/R6vcGcriUCd87cDh7KTyW/7ZW5jdj
-o6Y3Liai3Xrf6dL+V2xYw964Map9oK9qatYw/L+Ke6b9wbGi+hduf1kCgYEAoK8n
-pzctajS3Ntmk147n4ZVtcv78nWItBNH2B8UaofdkBlSRyUURsEY9nA34zLNWI0f3
-k59+cR13iofkQ0rKqJw1HbTTncrSsFqptyEDt23iWSmmaU3/9Us8lcNGqRm7a35V
-Km0XBFLnE0mGFGFoTpNt8oiR4WGASJPi482xkEUCgYEAwPmQn2SDCheDEr2zAdlR
-pN3O2EwCi5DMBK3TdUsKV0KJNCajwHY72Q1HQItQ6XXWp7sGta7YmOIfXFodIUWs
-85URdMXnUWeWCrayNGSp/gHytrNoDOuYcUfN8VnDX5PPfjyBM5X7ox7vUzUakXSJ
-WnVelXZlKR9yOOTs0xAMpjkCgYAbF61N6mXD5IOHwgajObsrM/CyVP/u4WDJ0UT0
-Zm1pJbc9wgCauQSUfiNhLpHmoc5CQJ4jy96b3+YJ+4OnPPMSntPt4FFV557CkWbQ
-M8bWpLZnZjhixP4FM9xRPA2r8WTCaRifAKnC1t+TRvBOe2YE6aK+I/zEzZW9pwG4
-ezQXKQKBgQAIBSJLa6xWbfbzqyPsvmRNgiEjIamF7wcb1sRjgqWM6sCzYwYv8f5v
-9C4YhNXEn+c5V2KevgYeg6iPSQuzEAfJx64QV7JD8kEBf5GNETnuW45Yg7KwKPD6
-ZCealfpy/o9iiNqbWqDNND91pj2/g5oZnac3misJg5tGCJbJsBFXag==
------END RSA PRIVATE KEY-----
\ No newline at end of file diff --git a/jstests/libs/openssl_config/badSAN.cnf b/jstests/libs/openssl_config/badSAN.cnf new file mode 100644 index 00000000000..4e223df5e2f --- /dev/null +++ b/jstests/libs/openssl_config/badSAN.cnf @@ -0,0 +1,29 @@ +# This is the openssl config file for generating the CSR for the badSAN.pem certificate + +[ req ] +default_bits = 2048 +default_keyfile = badSAN.key +encrypt_key = no +default_md = sha256 +prompt = no +utf8 = yes +distinguished_name = badSAN_req_distinguished_name +req_extensions = badSAN_extensions + +[ badSAN_req_distinguished_name ] +C = US +ST = New York +L = New York City +O = MongoDB +OU = Kernel +CN = 127.0.0.1 + +[ badSAN_extensions ] +basicConstraints=CA:FALSE +subjectAltName=@badSAN_subject_alt_names +subjectKeyIdentifier = hash +keyUsage = keyEncipherment, digitalSignature +extendedKeyUsage = serverAuth + +[ badSAN_subject_alt_names ] +DNS.1 = badSAN diff --git a/jstests/libs/openssl_config/ca.cnf b/jstests/libs/openssl_config/ca.cnf new file mode 100644 index 00000000000..231939d5b28 --- /dev/null +++ b/jstests/libs/openssl_config/ca.cnf @@ -0,0 +1,72 @@ +[ ca ] +default_ca = CA_default # The default ca section + +[ CA_default ] +dir = . # top dir +database = $dir/ca_state/index.txt # index file. +new_certs_dir = $dir/ca_state/newcerts # new certs dir +RANDFILE = $dir/ca_state/.rand # random number file + +certificate = $dir/ca.pem # The CA cert +serial = $dir/ca_state/serial # serial no file +private_key = $dir/ca.pem # CA private key + +default_days = 3650 # how long to certify for +default_crl_days= 3650 # how long before next CRL +default_md = sha256 # md to use +copy_extensions = copy +unique_subject = no + +policy = policy_any # default policy + +[ policy_any ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ req ] +default_bits = 2048 +default_keyfile = privkey.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca # The extensions to add to the self signed cert + +string_mask = utf8only + +[ req_distinguished_name ] +commonName = Common Name (e.g. server FQDN or YOUR name) +commonName_max = 64 + +organizationalUnitName = Organizational Unit Name (eg, section) +organizationalUnitName_default = Kernel + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = MongoDB + +localityName = Locality Name (eg, city) +localityName_default = New York City + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = New York + +countryName = Country Name (2 letter code) +countryName_default = US +countryName_min = 2 +countryName_max = 2 + +[ v3_req ] +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +[ v3_ca ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer +basicConstraints = critical,CA:true + +[ crl_ext ] +authorityKeyIdentifier=keyid:always + diff --git a/jstests/libs/openssl_config/client.cnf b/jstests/libs/openssl_config/client.cnf new file mode 100644 index 00000000000..208f3a456cd --- /dev/null +++ b/jstests/libs/openssl_config/client.cnf @@ -0,0 +1,26 @@ +# This is the openssl config file for generating the CSR for the client.pem certificate + +[ req ] +default_bits = 2048 +default_keyfile = client.key +encrypt_key = no +default_md = sha256 +prompt = no +utf8 = yes +distinguished_name = client_req_distinguished_name +req_extensions = client_extensions + +[ client_req_distinguished_name ] +C = US +ST = New York +L = New York City +O = MongoDB +OU = KernelUser +CN = client + +[ client_extensions ] +basicConstraints=CA:FALSE +subjectKeyIdentifier = hash +keyUsage = digitalSignature, keyEncipherment +extendedKeyUsage = clientAuth + diff --git a/jstests/libs/openssl_config/client_revoked.cnf b/jstests/libs/openssl_config/client_revoked.cnf new file mode 100644 index 00000000000..3c7ae32c2bc --- /dev/null +++ b/jstests/libs/openssl_config/client_revoked.cnf @@ -0,0 +1,26 @@ +# This is the openssl config file for generating the CSR for the client.pem certificate + +[ req ] +default_bits = 2048 +default_keyfile = client_revoked.key +encrypt_key = no +default_md = sha256 +prompt = no +utf8 = yes +distinguished_name = client_revoked_req_distinguished_name +req_extensions = client_revoked_extensions + +[ client_revoked_req_distinguished_name ] +C = US +ST = New York +L = New York City +O = MongoDB +OU = KernelUser +CN = client_revoked + +[ client_revoked_extensions ] +basicConstraints=CA:FALSE +subjectKeyIdentifier = hash +keyUsage = digitalSignature, keyEncipherment +extendedKeyUsage = clientAuth + diff --git a/jstests/libs/openssl_config/localhostnameCN.cnf b/jstests/libs/openssl_config/localhostnameCN.cnf new file mode 100644 index 00000000000..99e84946a30 --- /dev/null +++ b/jstests/libs/openssl_config/localhostnameCN.cnf @@ -0,0 +1,30 @@ +# This is the openssl config file for generating the CSR for the localhostnameCN.pem certificate + +[ req ] +default_bits = 2048 +default_keyfile = localhostnameCN.key +encrypt_key = no +default_md = sha256 +prompt = no +utf8 = yes +distinguished_name = localhostnameCN_req_distinguished_name +req_extensions = localhostnameCN_extensions + +[ localhostnameCN_req_distinguished_name ] +C = US +ST = New York +L = New York City +O = MongoDB +OU = Kernel +CN = 127.0.0.1 + +[ localhostnameCN_extensions ] +basicConstraints=CA:FALSE +subjectAltName=@localhostnameCN_subject_alt_names +subjectKeyIdentifier = hash +keyUsage = keyEncipherment, digitalSignature +extendedKeyUsage = serverAuth + +[ localhostnameCN_subject_alt_names ] +DNS.1 = localhost +DNS.2 = 127.0.0.1 diff --git a/jstests/libs/openssl_config/localhostnameSAN.cnf b/jstests/libs/openssl_config/localhostnameSAN.cnf new file mode 100644 index 00000000000..c5376765e33 --- /dev/null +++ b/jstests/libs/openssl_config/localhostnameSAN.cnf @@ -0,0 +1,32 @@ +# This is the openssl config file for generating the CSR for the localhostnameSAN.pem certificate + +[ req ] +default_bits = 2048 +default_keyfile = localhostnameSAN.key +encrypt_key = no +default_md = sha256 +prompt = no +utf8 = yes +distinguished_name = localhostnameSAN_req_distinguished_name +req_extensions = localhostnameSAN_extensions + +[ localhostnameSAN_req_distinguished_name ] +C = US +ST = New York +L = New York City +O = MongoDB +OU = Kernel +CN = santesthostname.com + +[ localhostnameSAN_extensions ] +basicConstraints=CA:FALSE +subjectAltName=@localhostnameSAN_subject_alt_names +subjectKeyIdentifier = hash +keyUsage = keyEncipherment, digitalSignature +extendedKeyUsage = serverAuth + +[ localhostnameSAN_subject_alt_names ] +DNS.1 = *.example.com +DNS.2 = 127.0.0.1 +DNS.3 = morefun! +DNS.4 = localhost diff --git a/jstests/libs/openssl_config/server.cnf b/jstests/libs/openssl_config/server.cnf new file mode 100644 index 00000000000..0c85f360504 --- /dev/null +++ b/jstests/libs/openssl_config/server.cnf @@ -0,0 +1,30 @@ +# This is the openssl config file for generating the CSR for the server.pem certificate + +[ req ] +default_bits = 2048 +default_keyfile = server.key +encrypt_key = no +default_md = sha256 +prompt = no +utf8 = yes +distinguished_name = server_req_distinguished_name +req_extensions = server_extensions + +[ server_req_distinguished_name ] +C = US +ST = New York +L = New York City +O = MongoDB +OU = Kernel +CN = server + +[ server_extensions ] +basicConstraints=CA:FALSE +subjectAltName=@server_subject_alt_names +subjectKeyIdentifier = hash +keyUsage = keyEncipherment, digitalSignature +extendedKeyUsage = serverAuth, clientAuth + +[ server_subject_alt_names ] +DNS.1 = localhost +DNS.2 = 127.0.0.1 diff --git a/jstests/libs/password_protected.pem b/jstests/libs/password_protected.pem index 2a9b8ea4aa4..cfe86b03a83 100644 --- a/jstests/libs/password_protected.pem +++ b/jstests/libs/password_protected.pem @@ -1,51 +1,120 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,CA3A35762D730A5C72B1F25CBBD5AC25 + +QkFhwdG6X6kb58wz4lb3ezLsMAEhdRJCxCfk6OivL4zLPpL7eL1SMuHrs0DpSxpQ +27FJ0M6fu2XaMeLf2GlCyY37z7aCRn0Cxyk90rBHztKCBLBlMGCfjFsPTDctrmJE +tmtVSYSEJ4Ydb2EsUlXmRtSyCjzzKZ0Unt9FXziURVklqwCVKsWcPh/bEd4bxJyS +3ddlqZw48KSUcQKSo/xJ36Bn1t/FSpU3i4lkyo2bmbEkJl52MB7vtE9IkfMECRqY +lfWHepErG1p9/oIqdd2xDdKCt/M3KCcp99uFw0hVmTAaLv0G8ymyqVly8NJEyC8c +tYKR/4vr1KOClB4u4tH2F7THHwfvAIvqOqZIhiTRl+h4/pnXHBeldmkDy6yY0VgF +irOf+eb/JSUoe67gdQf4rQRaVuDe4PeU+CyldddLYEQiMr1FshZC1wtPH9kdP/OE +sRi1PND3dON9ovfIW4v+bS+0Oq8ycAtkmZYOSwqt9m67xKKURZebcoxVuPDHXrre +7CthjsWDB91y3YkMPCYlgtApGdCQZKf6nbVcYqp6SuRwO2MyvxOLo5/Oyi8JY6Uu +Npbonj83qmpoIyGVASKr9eR4a8kFQDOEMHjg37D7dWVEs4M6SGLJA9EmWFsbyfBc +ir2yBmIYKZU0a255QfF7zWTUnQQDthVXH3vp4a4QdShj2YGR8ctqExeeJ4JCrRWR +UB7T0IR+PCbKlFFMvdZTlS/vJZP6xvvzSFCqrkO3z5oqlEhNu4HagfteiSvcqYhv +bxWpX/pksTJuiVcz+G8srfCfotsQ9wVflSIHmyiiCsL5igr/IFATvyEqBWgvdfUR +4s+yY3OoOAihOqOdIb+j4I6Qlv0lAIFmoxoQj2JHjtFMoX6JRkb0hz17wvICJcrL +DE/OZ/WgbPufFbz6XFEu8H+wj0ITHX0Hp6CrJMKFZlJO4OgKAtNasOHl10blroUM +xZYc2H0fnmzjEVvTjiAcFZXyLpgwrRD0OVphPqBh1WNWjMDYDyd/6VIIy/g4/AtQ ++YWWomuiNdGefaG8j0+KjEOo7y19UFvuCE88UkAbjjwvsvRvNYWg5lDdyE7rpVnM +oOyVJGraM4+vECDtHTq0z0SVtE/wnIDO6azdy4mP2RMPLBsQ2UZ9jFtGRnq6rsQ6 +2/RgjARHlomfEmsxgYMZxyetoqFl5iJbf+92aYcWwF0g3TpezkR9ZVYlUHHgmOap +aufSFv+yGjZlHYQyYGYNpjIxIpaBVyEO4AdvESfhBYRLGhpa2oRHHdseZHEgXc0r +uGseGIxEJisgm4l0p8xciVXrrt8H1Yuc0tmjMjy58eY8Ey8uJWu2J3Su1XbO2WXi +zBufXgvzgoyULDSTIijGMp/oYm/zwTFiBLX5+ti51clrFh5S8RLANvkSf+c/eRDH +7PVQOsapCE+4QtcJOO/OLbybHtSGe5Zy28tsq832FRfHvALG5V/KsyQtGsl+x7lZ +24oC1rwZJJej9MYBKYqc4gyBwcNvKeSOQgQcuwL+xkELGE4XkaFzgsW+YY4v/M4w +QhKtDvsHHiW0BaH6W5WSstwxWNbfF4JOuv0g6NpMIxYGllCupaUrm98Bfto45FF8 +-----END RSA PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 8 (0x8) + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Kernel Test CA, OU=Kernel, O=MongoDB, L=New York City, ST=New York, C=US + Validity + Not Before: May 9 19:30:52 2019 GMT + Not After : May 6 19:30:52 2029 GMT + Subject: C=US, ST=New York, L=New York City, O=MongoDB, OU=Kernel, CN=server + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d7:9e:63:d8:75:ed:e0:df:8c:8b:bd:1d:08:f3: + 34:a3:b3:d9:ef:5f:0b:ca:a9:32:e4:a5:b3:2f:c7: + ee:6c:78:94:5f:46:6c:a1:a3:54:6e:b0:52:2f:e6: + 2a:b6:27:a2:43:7e:42:8c:40:2a:47:9a:d6:1b:3e: + 50:1e:04:34:40:48:87:f4:18:3b:71:91:1f:5b:d1: + dc:e1:fd:d5:61:c8:5c:4f:55:e5:fa:88:5d:d3:51: + ba:97:d4:d4:b7:4c:27:c6:61:8a:db:a1:02:99:d3: + c8:cc:49:72:f6:28:dd:9f:46:32:f8:51:89:01:38: + 5b:1b:9e:67:75:27:6b:3c:dc:3a:5d:36:70:de:c9: + bc:81:d6:41:b7:65:b7:9f:ac:da:25:cf:29:91:6a: + f5:d4:54:1c:78:8d:fc:68:6a:74:47:14:72:1d:f3: + d1:9a:80:11:24:f2:be:a4:c1:0c:61:15:01:de:ee: + f0:8a:9a:24:79:77:5c:66:b2:75:86:39:ca:93:6e: + 0a:32:d9:d5:32:03:69:61:81:5b:3f:34:e7:b5:9a: + fe:a1:ed:4b:06:3e:74:71:b3:e7:55:52:23:93:91: + c7:7a:08:c6:a4:33:5d:cf:27:2b:d8:b5:db:08:44: + c3:54:8d:e3:43:99:ef:b9:1b:4e:b6:51:a7:0d:8a: + 1c:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 Subject Alternative Name: + DNS:localhost, DNS:127.0.0.1 + X509v3 Subject Key Identifier: + 5C:78:7C:37:A4:38:82:F0:EA:E1:CA:CA:D8:F2:FB:00:09:92:47:09 + X509v3 Authority Key Identifier: + DirName:/CN=Kernel Test CA/OU=Kernel/O=MongoDB/L=New York City/ST=New York/C=US + serial:01 + + Signature Algorithm: sha256WithRSAEncryption + 0d:e1:de:62:dd:fc:a2:c6:05:22:53:f2:b2:83:ad:c6:9f:ae: + db:08:49:b9:d8:c6:21:f2:ec:b1:56:fc:7f:24:0f:6b:1a:6f: + 34:73:6e:bf:7b:e0:d0:59:98:5e:a6:82:2f:87:df:64:1c:8d: + 45:82:95:6b:c0:76:28:d6:b5:1b:28:4b:1b:91:47:2f:29:0e: + 2b:89:2c:94:92:a9:ff:eb:3c:38:7b:79:fa:e3:6a:68:1c:ce: + 52:a5:18:96:9a:29:1c:78:a3:bd:46:98:e3:93:f9:c3:3a:3a: + 0a:a3:24:ab:22:a1:50:f5:79:53:ca:e6:fc:ba:c4:31:73:c4: + 3b:bf:ba:5d:86:f4:2b:25:0a:e9:57:99:13:48:94:0b:c0:a7: + f1:b2:91:db:c4:32:24:50:7f:0b:5a:0a:8a:7d:22:13:c3:ee: + 05:20:a2:4a:4e:2d:f5:6c:7c:ec:7e:4f:23:61:9c:83:6c:35: + 52:8e:3b:9b:6f:4b:fd:22:26:e5:54:59:6e:47:86:5f:9a:f3: + d8:98:0d:08:be:79:35:91:8d:60:f0:e6:c9:7c:1b:5f:20:86: + 2a:95:70:f9:e6:f7:ee:89:b1:e9:ef:fc:a8:e3:41:1a:28:c7: + a2:0f:41:0d:b4:f1:9a:35:8e:b2:e4:2a:35:6a:ff:56:4c:16: + 9f:80:ec:83 -----BEGIN CERTIFICATE----- -MIIDfjCCAmagAwIBAgIDBUEVMA0GCSqGSIb3DQEBBQUAMHQxFzAVBgNVBAMTDktl -cm5lbCBUZXN0IENBMQ8wDQYDVQQLEwZLZXJuZWwxEDAOBgNVBAoTB01vbmdvREIx -FjAUBgNVBAcTDU5ldyBZb3JrIENpdHkxETAPBgNVBAgTCE5ldyBZb3JrMQswCQYD -VQQGEwJVUzAeFw0xNjA5MjIxODE1MTJaFw0zNjA5MjIxODE1MTJaMG8xEjAQBgNV -BAMTCWxvY2FsaG9zdDEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RC -MRYwFAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkG -A1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTHMXV0LEZ -OCuDZ292e26NbbrMaib6IL3obp/5tOvNVCNnvfgYyJwCCTIZq/mwCjAV5N8Y7tJM -v0JrrGIWgJ3qtPMQ/1VxfzLLW598nnBuqZG2HiR3CTfhd0JBmnjKDMscz90+xB2x -DUDVe6PkbZWnN2otsBzVbW+AAJRVTgUb3cjSbGcC0eTMg3SGaWiB+DtiJIAe3bl8 -6TTmrUKVvbzbJrdrFWpz+NVxf5ejZje+Wlz6OXgkWki5U41PtA7aDFIX3mo1J3c0 -jW957fC/q76jrBoTCbufYPaLQIb5QSex+aJZ40rHpSSV75tsXNUkn22u83Bes+Ih -X0As7g5kW2TDAgMBAAGjHjAcMBoGA1UdEQQTMBGCCWxvY2FsaG9zdIcEfwAAATAN -BgkqhkiG9w0BAQUFAAOCAQEAEDzWG64/IlXSEFQZom1z0uBLSLVaxrNg4se6geLH -Bt63EW78H+JMf97AA32DsDiT3ih5uo8yUcOVoEUwontUOSjekHrYfagF/KxMvyMy -sWX+8m5SLrU6s4FysUCtlXa92g1Nh/rET074U2sNShhALgNB2XSw9P5n9GnKt5VT -Rkh0AeBJd09WcOGnSHs30+kKGNV8A5a2GTJbDma0dLa7zlhV6VU91Z9LA0aamyrX -eWwnymJvRcIYvxGqgNDxN/8MsaU1EcW0MNEDkc+kDE1LbOwlAQbCeLQDq/w6AlmC -smoCi0pp6Bf8tZM2RhcUN/xXxgEKcZzhlDOI4v8RNHOyMg== +MIIEVTCCAz2gAwIBAgIBCDANBgkqhkiG9w0BAQsFADB0MRcwFQYDVQQDEw5LZXJu +ZWwgVGVzdCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYw +FAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UE +BhMCVVMwHhcNMTkwNTA5MTkzMDUyWhcNMjkwNTA2MTkzMDUyWjBsMQswCQYDVQQG +EwJVUzERMA8GA1UECBMITmV3IFlvcmsxFjAUBgNVBAcTDU5ldyBZb3JrIENpdHkx +EDAOBgNVBAoTB01vbmdvREIxDzANBgNVBAsTBktlcm5lbDEPMA0GA1UEAxMGc2Vy +dmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA155j2HXt4N+Mi70d +CPM0o7PZ718Lyqky5KWzL8fubHiUX0ZsoaNUbrBSL+YqtieiQ35CjEAqR5rWGz5Q +HgQ0QEiH9Bg7cZEfW9Hc4f3VYchcT1Xl+ohd01G6l9TUt0wnxmGK26ECmdPIzEly +9ijdn0Yy+FGJAThbG55ndSdrPNw6XTZw3sm8gdZBt2W3n6zaJc8pkWr11FQceI38 +aGp0RxRyHfPRmoARJPK+pMEMYRUB3u7wipokeXdcZrJ1hjnKk24KMtnVMgNpYYFb +PzTntZr+oe1LBj50cbPnVVIjk5HHegjGpDNdzycr2LXbCETDVI3jQ5nvuRtOtlGn +DYoc1QIDAQABo4H5MIH2MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMBMGA1UdJQQM +MAoGCCsGAQUFBwMBMB8GA1UdEQQYMBaCCWxvY2FsaG9zdIIJMTI3LjAuMC4xMB0G +A1UdDgQWBBRceHw3pDiC8OrhysrY8vsACZJHCTCBhgYDVR0jBH8wfaF4pHYwdDEX +MBUGA1UEAxMOS2VybmVsIFRlc3QgQ0ExDzANBgNVBAsTBktlcm5lbDEQMA4GA1UE +ChMHTW9uZ29EQjEWMBQGA1UEBxMNTmV3IFlvcmsgQ2l0eTERMA8GA1UECBMITmV3 +IFlvcmsxCzAJBgNVBAYTAlVTggEBMA0GCSqGSIb3DQEBCwUAA4IBAQAN4d5i3fyi +xgUiU/Kyg63Gn67bCEm52MYh8uyxVvx/JA9rGm80c26/e+DQWZhepoIvh99kHI1F +gpVrwHYo1rUbKEsbkUcvKQ4riSyUkqn/6zw4e3n642poHM5SpRiWmikceKO9Rpjj +k/nDOjoKoySrIqFQ9XlTyub8usQxc8Q7v7pdhvQrJQrpV5kTSJQLwKfxspHbxDIk +UH8LWgqKfSITw+4FIKJKTi31bHzsfk8jYZyDbDVSjjubb0v9IiblVFluR4ZfmvPY +mA0Ivnk1kY1g8ObJfBtfIIYqlXD55vfuibHp7/yo40EaKMeiD0ENtPGaNY6y5Co1 +av9WTBafgOyD -----END CERTIFICATE----- ------BEGIN ENCRYPTED PRIVATE KEY----- -MIIFHzBJBgkqhkiG9w0BBQ0wPDAbBgkqhkiG9w0BBQwwDgQIP80PLbXYYHUCAggA -MB0GCWCGSAFlAwQBAgQQu1qZnln9ymhZVDJmGJpIJQSCBNDufC1nGCgwBWtkzqP+ -MN3/UJD4cX6TQDjGotN484gLvCm138yB8EPSuFz2RUcOFQImKm3fuqBKgx08jen6 -DQRNekzW1ngIV3BZwn5kMwr0lJK4ibpfEmdTYu/2INq55ljsFx7pq+69PLOqskPa -l+1CzPub0xPC8spG6H0xxOV3HYZlzNX6SKgpK/GPCyGzspgijdacn+x+KFpvMRG3 -fDvdGTP5F/lk6++EHFM/LBfitNV0qkd9GoOIbcDkinu6EytSfJY/mY337AhitWQZ -zdhgC3nA+QYy9s/hs2hXBepkIsFzLMRF162Cqc7KPNObpVGBPxFS+an3c7FyYXVw -ekTf1XrUpdsqNIgvSQkUhzkPc01jHWd4paHgSCLayLx6c9jPXiCxgASZ7BcjAZOC -VLqoi9RHYrEdpoZBwMnSheHa6OVdqPbitlx4vA41s1ERuRktz9hXuhl/Rje+IF5i -2N2l4q3ix4K2yvtZ4wmoc92/WPy2XVudeBinupIxLbrq82HIs1KvLZZ78s+s2Gfh -PDH/1gMiraOWyBY1/4DtAnptl2qKW3YsTwMGCfrX8euRC7WCk/QBw6SBy1XlV2pc -uc1ZOAgWQHwDSRK6XJHgElrQkgVRlszg5vofJ1RdRxJo6XossIc3vx/IUqv2+7xx -mGBE+71FYDg4vmN5nAgN2MjEGdyMEGL4WiKT6Y/WSOTrtRVKRFTilzxuOmx6Hq37 -rldBokhttrx0JikU0fqDWSaDbERSslmv5TinygKyq/PnGOHtcBzHC0c+AIlp2Rj8 -Z5TbgMVcxjV0GZ0SojjO6DO9weJ5c5iBom+VJrniYNDc4jqn0OqIQEembgGuTdHk -37Dqp7oxonLZS1Qi+YNljxQvGUeaoy0hSJS/9C2ANWoo+POB/BkhdS3NT2CQAxNZ -ca4ThdtyLvhSjLIEEMJH7J+LFVuE32hbivWtjKcha8vJ/sYz5gZE193Jfz5H92Zq -3Ee7ipvaKQrxATCp7xJdX5ftHp2+dMsiRKxff8TOO9TVwoJkWOw9zSOMidI+znuL -IF2kTMMPu/o1EbOzEvgck/dcvPlTzWQEGy6eCSixndB4c9yjcVnZpzYnWJEhV7to -W9OfcBkQ/3V5jn96yQPCXm1br2j9FS5QDmWP+GOlLUEPwb27jUajTs3emeqvC0qJ -OALtJsKkwT9L7Cq/cZNByBrbmimEI1NkaVRPjauHhQSzPYIJWBkaJPoZIkbCJ5eO -vRi/2Bd74fda8pVFxm9kUNP8wwpz9JSXmzVRzGXOJ3lS1TKAXl++gb5HX+bieSNy -QHcjw6rBwOkdac40vs5mxGb0XHtP8Qqvn0+fzmKan4MBGKGrB2nlfBrhI2Uopni5 -WRSWbZjDe3ofsjlaj39rxQksvSnZEN/us4JHl2QWfYhpg9tYiCmO0zPREqdWKoi2 -IgydR30JXmNx+W2UBoh1iIPgxeqkDXsxWusGbAgyZs4s7/dcrlcVQz5vzHm0zXsK -hix58eAuxTJORkGKaxva5fmdwvHJJPt5/nPPsGdm81WVqm79yKRRE4mjl+PTBryE -4IuFZjGksVDHpi1LMpW4FMmaYjf/oNm9/ZAqOtxJYC8CFIyyVbqSMOwrqSDxmE8O -gHyWskGclbX/lOH8H83lXnh2xw== ------END ENCRYPTED PRIVATE KEY----- diff --git a/jstests/libs/server.pem b/jstests/libs/server.pem index df2b49163d6..fa75453b8d8 100644 --- a/jstests/libs/server.pem +++ b/jstests/libs/server.pem @@ -1,48 +1,111 @@ ------BEGIN CERTIFICATE-----
-MIIDfjCCAmagAwIBAgIBBzANBgkqhkiG9w0BAQUFADB0MRcwFQYDVQQDEw5LZXJu
-ZWwgVGVzdCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYw
-FAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UE
-BhMCVVMwHhcNMTQwNzE3MTYwMDAwWhcNMjAwNzE3MTYwMDAwWjBsMQ8wDQYDVQQD
-EwZzZXJ2ZXIxDzANBgNVBAsTBktlcm5lbDEQMA4GA1UEChMHTW9uZ29EQjEWMBQG
-A1UEBxMNTmV3IFlvcmsgQ2l0eTERMA8GA1UECBMITmV3IFlvcmsxCzAJBgNVBAYT
-AlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp76KJeDczBqjSPJj
-5f8DHdtrWpQDK9AWNDlslWpi6+pL8hMqwbX0D7hC2r3kAgccMyFoNIudPqIXfXVd
-1LOh6vyY+jveRvqjKW/UZVzZeiL4Gy4bhke6R8JRC3O5aMKIAbaiQUAI1Nd8LxIt
-LGvH+ia/DFza1whgB8ym/uzVQB6igOifJ1qHWJbTtIhDKaW8gvjOhv5R3jzjfLEb
-R9r5Q0ZyE0lrO27kTkqgBnHKPmu54GSzU/r0HM3B+Sc/6UN+xNhNbuR+LZ+EvJHm
-r4de8jhW8wivmjTIvte33jlLibQ5nYIHrlpDLEwlzvDGaIio+OfWcgs2WuPk98MU
-tht0IQIDAQABoyMwITAfBgNVHREEGDAWgglsb2NhbGhvc3SCCTEyNy4wLjAuMTAN
-BgkqhkiG9w0BAQUFAAOCAQEANoYxvVFsIol09BQA0fwryAye/Z4dYItvKhmwB9VS
-t99DsmJcyx0P5meB3Ed8SnwkD0NGCm5TkUY/YLacPP9uJ4SkbPkNZ1fRISyShCCn
-SGgQUJWHbCbcIEj+vssFb91c5RFJbvnenDkQokRvD2VJWspwioeLzuwtARUoMH3Y
-qg0k0Mn7Bx1bW1Y6xQJHeVlnZtzxfeueoFO55ZRkZ0ceAD/q7q1ohTXi0vMydYgu
-1CB6VkDuibGlv56NdjbttPJm2iQoPaez8tZGpBo76N/Z1ydan0ow2pVjDXVOR84Y
-2HSZgbHOGBiycNw2W3vfw7uK0OmiPRTFpJCmewDjYwZ/6w==
+-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCw9AqYTsI8akw5 +8/f2eQ9bzYbUdp5ok9ip5DiN1cbrF1br7pREgHgkfXuVJ7vtgcdDVtZkvPqTYgOG +rUpU82gIn74V5hshvQFgFgwxzJFZsUnnmI7JWprhTdCZXdomE2T5OqtaUwKK2YTx +svtjwu96ijWcPendBD5SqDh9h/Zq5fa0ckXyKA4vnQtiJ90/6/2tX60zV+y1AEyu +BTa4xvobSD5TY4YVMwqBYQ/d4MSRJEaoxLgLjBtNhxiOQs9OTZGDzcjDrEygU/M5 +8QOcQJd/QTvt4rPTB+enFn3goN67axJmy0u3qH0T/yfQI+UYnsrbWRc9ylrsgtYd +r1oGm8KvAgMBAAECggEAOur2wCGxIKaP/NfTnxhN2dZD52gbdFyNzntzrR4Z3lrm +ESZd7bUMy7GQPWh+dSU58JzwQ5h8oigHXodCcaid4gk2JFp6fDBPTevpYYdoegHC +xr8QA9EMMqpTI02Rfg4FF8rGFQwAk7S7RDLA60WTsSxlj0E6JeHs0l66eGmVzZ93 +3A79SJZEtjX3E967WbBFLbJd+xvWv4TnLBV9rzy8rqrewtJER/j3PvBMrRjpiv2n +qXR8hK6qD/BjXgTYxhwfof3VPYkDdG4Brx/Mo9fHcJKMt9JVYAB0JJYJO+cF4rco +N6D5Av6+B3KXqlhbAmEbk01JFd1ohgUPnxEp8oaW6QKBgQDnWcrl2i5KKoaHgpjn +rUrGBIN6K++zH2mUIwoC9PaSj2zxoFQOfJYIva36PGxl9hi35p7OMcI3eMYHCxu9 +P2G659i57gDFWGkJ9NxkjoRr0JcH5fMtQp7WRj+c4ne6vuZXQ9DBL70oWIeWZoeU +mfnVzNjmj0r/POpsByzIWxoexQKBgQDDzoffFXVkYGCEHB7M7cdY7nJn1Akd5J5N +oYikytwmIv29PBN0bP3Tt9sSMEhVIKIOt05geBt83ZU8GBLk7S6GZb0zNfA35fOX +Z1fw9SnoIFim55Qk6o9J19JFN+zXbXjP8I2XirnejjLLdlnifRIoVOSuLNTm6gNR +pigs2bAy4wKBgG3c9D9m9uh9fVlIqXgLkSCr8AvKZY/4cNjKMuzoi1daCPBNpN0k +SNNpz/6vRwK8dUyPlgZxFrvk/JVHryqVuMFbbE4POgp9S5RQ1YBjNXtFmRNFHc/2 +fRtgTMEhwp3KHfR+3dl/5CIOuISxt9zXqg7fsnj6vzCqKuCWH6wdpy/JAoGBAJB4 +u3GTIKmuHqh7IxKrQpHQZaNMJGnk/BRlYi/M6cBNwxAz2lrl7CahmkcCTuxYhpn7 +EB5HoGhyCaFsVcyJX/GT8ZRucM6doSyN+Kn2CjSWYTLM3VabppuiXSfrSpns0N4E +LESq+9dE7h+HNGzTQWl2sb/9nhy+fzJoOW5WNBZnAoGAWZ32/+1CvZmWFADvCBws +5m1fOVpahJQgqvwY+MzwZJcwmq1D/BQj8XBIIR4s1qL6j/gMNnW8FMx1eSfB0Tdd +5KO+wpIVFrEYzMltSAQoA8m+f/9Femjsi/7UZAIYqDZQrq93aD4e5mUeoEAS2EG7 +rAtXjDyW239JXThOyTxLgYo= +-----END PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Kernel Test CA, OU=Kernel, O=MongoDB, L=New York City, ST=New York, C=US + Validity + Not Before: May 13 14:39:33 2019 GMT + Not After : May 10 14:39:33 2029 GMT + Subject: C=US, ST=New York, L=New York City, O=MongoDB, OU=Kernel, CN=server + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b0:f4:0a:98:4e:c2:3c:6a:4c:39:f3:f7:f6:79: + 0f:5b:cd:86:d4:76:9e:68:93:d8:a9:e4:38:8d:d5: + c6:eb:17:56:eb:ee:94:44:80:78:24:7d:7b:95:27: + bb:ed:81:c7:43:56:d6:64:bc:fa:93:62:03:86:ad: + 4a:54:f3:68:08:9f:be:15:e6:1b:21:bd:01:60:16: + 0c:31:cc:91:59:b1:49:e7:98:8e:c9:5a:9a:e1:4d: + d0:99:5d:da:26:13:64:f9:3a:ab:5a:53:02:8a:d9: + 84:f1:b2:fb:63:c2:ef:7a:8a:35:9c:3d:e9:dd:04: + 3e:52:a8:38:7d:87:f6:6a:e5:f6:b4:72:45:f2:28: + 0e:2f:9d:0b:62:27:dd:3f:eb:fd:ad:5f:ad:33:57: + ec:b5:00:4c:ae:05:36:b8:c6:fa:1b:48:3e:53:63: + 86:15:33:0a:81:61:0f:dd:e0:c4:91:24:46:a8:c4: + b8:0b:8c:1b:4d:87:18:8e:42:cf:4e:4d:91:83:cd: + c8:c3:ac:4c:a0:53:f3:39:f1:03:9c:40:97:7f:41: + 3b:ed:e2:b3:d3:07:e7:a7:16:7d:e0:a0:de:bb:6b: + 12:66:cb:4b:b7:a8:7d:13:ff:27:d0:23:e5:18:9e: + ca:db:59:17:3d:ca:5a:ec:82:d6:1d:af:5a:06:9b: + c2:af + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Alternative Name: + DNS:localhost, DNS:127.0.0.1 + X509v3 Subject Key Identifier: + 7D:61:7F:88:97:FA:09:A9:93:23:91:4F:68:B2:F2:94:03:37:8A:2E + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + Signature Algorithm: sha256WithRSAEncryption + 56:1e:67:3f:a4:2e:cc:e9:6f:56:0b:70:5e:96:9f:66:1a:9f: + e6:b3:b8:d2:43:1d:77:6f:a7:b8:2e:8d:b0:3e:58:db:24:a2: + f1:26:cd:eb:d9:b4:a0:9f:88:8b:48:02:a8:9d:aa:fc:96:e6: + ac:6e:05:e2:7e:ab:1a:be:18:6d:cf:aa:53:7c:0d:aa:b3:15: + ec:79:2c:56:46:b1:38:87:d0:d5:1c:6b:29:cb:97:6a:86:fa: + 1c:f5:c6:4d:5b:ea:0a:01:4f:d3:d0:cc:dd:27:43:ce:89:34: + 51:8f:6b:5b:9d:14:b1:5b:82:a8:ab:3a:75:11:b1:78:35:3b: + f5:19:65:70:b4:89:aa:6c:20:cb:32:b1:80:5b:fe:c5:8b:93: + 90:b8:7c:18:9d:61:9f:4b:40:5d:20:89:4d:70:46:80:e6:a7: + 15:be:96:cf:93:59:c1:0f:f0:2a:bc:ed:b8:97:2b:df:2b:1d: + df:29:67:2f:4a:d2:12:d5:85:03:66:8e:74:3a:e1:27:b0:b9: + b7:69:59:3c:c0:42:90:d1:71:b3:2a:87:f2:23:47:6b:5e:5f: + 3c:3e:3e:cb:e7:e4:4e:f6:88:89:6d:af:ee:78:43:a2:15:78: + 37:7c:c0:94:45:08:0c:0b:2c:51:b7:b0:df:af:eb:38:fb:9f: + 6f:72:33:7f +-----BEGIN CERTIFICATE----- +MIID1DCCArygAwIBAgIBATANBgkqhkiG9w0BAQsFADB0MRcwFQYDVQQDEw5LZXJu +ZWwgVGVzdCBDQTEPMA0GA1UECxMGS2VybmVsMRAwDgYDVQQKEwdNb25nb0RCMRYw +FAYDVQQHEw1OZXcgWW9yayBDaXR5MREwDwYDVQQIEwhOZXcgWW9yazELMAkGA1UE +BhMCVVMwHhcNMTkwNTEzMTQzOTMzWhcNMjkwNTEwMTQzOTMzWjBsMQswCQYDVQQG +EwJVUzERMA8GA1UECAwITmV3IFlvcmsxFjAUBgNVBAcMDU5ldyBZb3JrIENpdHkx +EDAOBgNVBAoMB01vbmdvREIxDzANBgNVBAsMBktlcm5lbDEPMA0GA1UEAwwGc2Vy +dmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPQKmE7CPGpMOfP3 +9nkPW82G1HaeaJPYqeQ4jdXG6xdW6+6URIB4JH17lSe77YHHQ1bWZLz6k2IDhq1K +VPNoCJ++FeYbIb0BYBYMMcyRWbFJ55iOyVqa4U3QmV3aJhNk+TqrWlMCitmE8bL7 +Y8Lveoo1nD3p3QQ+Uqg4fYf2auX2tHJF8igOL50LYifdP+v9rV+tM1fstQBMrgU2 +uMb6G0g+U2OGFTMKgWEP3eDEkSRGqMS4C4wbTYcYjkLPTk2Rg83Iw6xMoFPzOfED +nECXf0E77eKz0wfnpxZ94KDeu2sSZstLt6h9E/8n0CPlGJ7K21kXPcpa7ILWHa9a +BpvCrwIDAQABo3kwdzAJBgNVHRMEAjAAMB8GA1UdEQQYMBaCCWxvY2FsaG9zdIIJ +MTI3LjAuMC4xMB0GA1UdDgQWBBR9YX+Il/oJqZMjkU9osvKUAzeKLjALBgNVHQ8E +BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEB +CwUAA4IBAQBWHmc/pC7M6W9WC3Belp9mGp/ms7jSQx13b6e4Lo2wPljbJKLxJs3r +2bSgn4iLSAKonar8luasbgXifqsavhhtz6pTfA2qsxXseSxWRrE4h9DVHGspy5dq +hvoc9cZNW+oKAU/T0MzdJ0POiTRRj2tbnRSxW4Koqzp1EbF4NTv1GWVwtImqbCDL +MrGAW/7Fi5OQuHwYnWGfS0BdIIlNcEaA5qcVvpbPk1nBD/AqvO24lyvfKx3fKWcv +StIS1YUDZo50OuEnsLm3aVk8wEKQ0XGzKofyI0drXl88Pj7L5+RO9oiJba/ueEOi +FXg3fMCURQgMCyxRt7Dfr+s4+59vcjN/ -----END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAp76KJeDczBqjSPJj5f8DHdtrWpQDK9AWNDlslWpi6+pL8hMq
-wbX0D7hC2r3kAgccMyFoNIudPqIXfXVd1LOh6vyY+jveRvqjKW/UZVzZeiL4Gy4b
-hke6R8JRC3O5aMKIAbaiQUAI1Nd8LxItLGvH+ia/DFza1whgB8ym/uzVQB6igOif
-J1qHWJbTtIhDKaW8gvjOhv5R3jzjfLEbR9r5Q0ZyE0lrO27kTkqgBnHKPmu54GSz
-U/r0HM3B+Sc/6UN+xNhNbuR+LZ+EvJHmr4de8jhW8wivmjTIvte33jlLibQ5nYIH
-rlpDLEwlzvDGaIio+OfWcgs2WuPk98MUtht0IQIDAQABAoIBACgi1ilECXCouwMc
-RDzm7Jb7Rk+Q9MVJ79YlG08Q+oRaNjvAzE03PSN5wj1WjDTUALJXPvi7oy82V4qE
-R6Q6Kvbv46aUJpYzKFEk2dw7ACpSLa1LNfjGNtMusnecA/QF/8bxLReRu8s5mBQn
-NDnZvCqllLbfjNlAvsF+/UIn5sqFZpAZPMtPwkTAeh5ge8H9JvrG8y8aXsiFGAhV
-Z7tMZyn8wPCUrRi14NLvVB4hxM66G/tuTp8r9AmeTU+PV+qbCnKXd+v0IS52hvX9
-z75OPfAc66nm4bbPCapb6Yx7WaewPXXU0HDxeaT0BeQ/YfoNa5OT+ZOX1KndSfHa
-VhtmEsECgYEA3m86yYMsNOo+dkhqctNVRw2N+8gTO28GmWxNV9AC+fy1epW9+FNR
-yTQXpBkRrR7qrd5mF7WBc7vAIiSfVs021RMofzn5B1x7jzkH34VZtlviNdE3TZhx
-lPinqo0Yy3UEksgsCBJFIofuCmeTLk4ZtqoiZnXr35RYibaZoQdUT4kCgYEAwQ6Y
-xsKFYFks1+HYl29kR0qUkXFlVbKOhQIlj/dPm0JjZ0xYkUxmzoXD68HrOWgz7hc2
-hZaQTgWf+8cRaZNfh7oL+Iglczc2UXuwuUYguYssD/G6/ZPY15PhItgCghaU5Ewy
-hMwIJ81NENY2EQTgk/Z1KZitXdVJfHl/IPMQgdkCgYASdqkqkPjaa5dDuj8byO8L
-NtTSUYlHJbAmjBbfcyTMG230/vkF4+SmDuznci1FcYuJYyyWSzqzoKISM3gGfIJQ
-rYZvCSDiu4qGGPXOWANaX8YnMXalukGzW/CO96dXPB9lD7iX8uxKMX5Q3sgYz+LS
-hszUNHWf2XB//ehCtZkKAQKBgQCxL2luepeZHx82H9T+38BkYgHLHw0HQzLkxlyd
-LjlE4QCEjSB4cmukvkZbuYXfEVEgAvQKVW6p/SWhGkpT4Gt8EXftKV9dyF21GVXQ
-JZnhUOcm1xBsrWYGLXYi2agrpvgONBTlprERfq5tdnz2z8giZL+RZswu45Nnh8bz
-AcKzuQKBgQCGOQvKvNL5XKKmws/KRkfJbXgsyRT2ubO6pVL9jGQG5wntkeIRaEpT
-oxFtWMdPx3b3cxtgSP2ojllEiISk87SFIN1zEhHZy/JpTF0GlU1qg3VIaA78M1p2
-ZdpUsuqJzYmc3dDbQMepIaqdW4xMoTtZFyenUJyoezz6eWy/NlZ/XQ==
------END RSA PRIVATE KEY-----
\ No newline at end of file |