From: Timo Eisenmann Date: Wed, 18 Sep 2024 17:40:30 +0000 (+0200) Subject: Use correct certificates for TLS notify tests X-Git-Tag: v9.21.3~59^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=bbdc6b26aa93677cd895dc813b873621e987d40a;p=thirdparty%2Fbind9.git Use correct certificates for TLS notify tests Use tls-forward-secrecy instead of tls-expired for tls-x2 and regenerate the expired certificate for tls-x6 to reflect the swap of ns2 and ns3. --- diff --git a/bin/tests/system/notify/CA/certs/srv02.crt01-expired.example.com.key b/bin/tests/system/notify/CA/certs/srv02.crt01-expired.example.com.key index ed93725584a..68fa7b65cfa 100644 --- a/bin/tests/system/notify/CA/certs/srv02.crt01-expired.example.com.key +++ b/bin/tests/system/notify/CA/certs/srv02.crt01-expired.example.com.key @@ -1,6 +1,6 @@ -----BEGIN PRIVATE KEY----- -MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDVfQs1V2UjdqTM0Z0P -DDtGwwtGUR2P6PEyDQgebPRUpWxbVGf4W0N0DWy5C9UkMJihZANiAARNrIyo/8cA -Dc5puRjsTirIBvu+vKntuMfEUganjXfqO/nYzh3XtC3xGv8NcE+KqZz6pMQw8OXY -Pd1i8n1Ajl/cV2zdVDggDr7milzE6feVSPk0JrxduaqV+MnXJity65Q= +MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBbu3hxycrhJ+msVeQ0 +mNB/WkW7rxNr8Zi8iXLETgBJ40cJu0d/IA4jrJ4gvfwT82uhZANiAAT+AGZM20R/ +AnlbmJOoZ4qHWgcPhEDIZ3+5rzIYpyL67adW2henRZ2s/ULMi/v/OpLYfuT8f1Ro +RHxhJUK0kpu1yx1R0mEI94kimw2Ocpnf2VHIksml+D8tEek0h0lczC0= -----END PRIVATE KEY----- diff --git a/bin/tests/system/notify/CA/certs/srv02.crt01-expired.example.com.pem b/bin/tests/system/notify/CA/certs/srv02.crt01-expired.example.com.pem index d8a1f41f67a..1ccfd320f90 100644 --- a/bin/tests/system/notify/CA/certs/srv02.crt01-expired.example.com.pem +++ b/bin/tests/system/notify/CA/certs/srv02.crt01-expired.example.com.pem @@ -2,75 +2,75 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - c5:86:68:39:7b:1c:c4:a1 + c5:86:68:39:7b:1c:c4:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: C=UA, ST=Kharkiv Oblast', L=Kharkiv, O=Internet Systems Consortium, CN=ca.test.example.com Validity - Not Before: Sep 2 15:33:27 2024 GMT - Not After : Sep 3 15:33:27 2024 GMT - Subject: CN=srv03.crt01-expired.example.com + Not Before: Sep 17 16:18:18 2024 GMT + Not After : Sep 18 16:18:18 2024 GMT + Subject: CN=srv02.crt01-expired.example.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (384 bit) pub: - 04:4d:ac:8c:a8:ff:c7:00:0d:ce:69:b9:18:ec:4e: - 2a:c8:06:fb:be:bc:a9:ed:b8:c7:c4:52:06:a7:8d: - 77:ea:3b:f9:d8:ce:1d:d7:b4:2d:f1:1a:ff:0d:70: - 4f:8a:a9:9c:fa:a4:c4:30:f0:e5:d8:3d:dd:62:f2: - 7d:40:8e:5f:dc:57:6c:dd:54:38:20:0e:be:e6:8a: - 5c:c4:e9:f7:95:48:f9:34:26:bc:5d:b9:aa:95:f8: - c9:d7:26:2b:72:eb:94 + 04:fe:00:66:4c:db:44:7f:02:79:5b:98:93:a8:67: + 8a:87:5a:07:0f:84:40:c8:67:7f:b9:af:32:18:a7: + 22:fa:ed:a7:56:da:17:a7:45:9d:ac:fd:42:cc:8b: + fb:ff:3a:92:d8:7e:e4:fc:7f:54:68:44:7c:61:25: + 42:b4:92:9b:b5:cb:1d:51:d2:61:08:f7:89:22:9b: + 0d:8e:72:99:df:d9:51:c8:92:c9:a5:f8:3f:2d:11: + e9:34:87:49:5c:cc:2d ASN1 OID: secp384r1 NIST CURVE: P-384 X509v3 extensions: X509v3 Subject Alternative Name: - DNS:srv03.crt01-expired.example.com, IP Address:10.53.0.3 + DNS:srv02.crt01-expired.example.com, IP Address:10.53.0.2 X509v3 Subject Key Identifier: - 72:38:25:01:CB:38:FF:CB:D3:78:24:43:BA:64:EA:76:FB:58:F6:EA + 03:4C:AC:DE:C0:A3:EB:04:56:1C:10:47:EB:C9:4D:1A:5F:FD:8E:A1 X509v3 Authority Key Identifier: 7C:89:E8:5C:EB:E5:1F:72:48:04:C5:8F:FB:92:08:9C:F5:60:26:39 Signature Algorithm: sha256WithRSAEncryption Signature Value: - 4a:f3:59:df:4d:ff:fd:de:fc:c8:bc:34:4c:e1:39:00:62:09: - c8:34:2b:d0:3e:52:91:ea:ae:da:86:94:7d:83:84:48:5d:50: - ac:b7:a5:70:87:f4:62:f0:c6:9a:73:d2:78:29:cf:21:20:ae: - 0e:b0:55:36:1d:6c:c1:7f:0f:b7:26:d8:14:43:64:c6:58:8b: - 68:87:fd:cc:3f:d1:c1:f5:67:71:bc:71:7b:d4:f1:02:b0:4c: - dd:b2:4a:18:99:46:3a:44:b2:6b:c4:61:79:8f:be:e8:19:d4: - cc:f7:95:32:b0:74:18:76:c6:df:5f:c1:90:24:3c:a6:5d:2a: - 6f:90:7d:94:43:f3:df:1f:80:70:ff:8a:c8:b9:1f:c5:4e:08: - d1:54:f0:d8:72:af:07:30:9f:8a:65:66:ff:ff:a4:37:de:10: - 01:a6:00:c7:31:08:dd:f0:0a:5f:d3:e6:dd:d1:37:43:f2:44: - 13:bc:9e:68:40:bd:96:84:16:73:0f:01:95:40:65:ba:70:93: - a9:81:27:6e:b6:fb:ad:10:36:46:a3:75:94:00:62:f3:10:32: - c2:4a:0e:3a:bf:ab:07:14:a3:68:fd:eb:c7:c8:16:90:30:80: - f1:28:5c:64:a7:ba:8e:fa:27:09:4c:0b:08:d9:56:77:cd:25: - 7c:1f:58:78:48:c1:8c:73:10:39:f2:06:79:7c:8d:b9:ca:25: - 7c:b1:75:62:68:a7:14:c6:5b:00:78:67:e4:d8:e1:62:0b:6e: - 8d:5a:e6:23:d2:d4:dd:28:71:32:16:88:ad:b3:ee:a6:69:e7: - ff:1e:85:62:3c:65:88:c7:47:0c:1d:a0:d9:12:5c:31:98:01: - cd:a4:28:52:ad:dc:8b:1a:e6:d4:62:3d:1b:c6:52:00:b5:34: - 9d:1d:d8:6b:d3:ce:63:52:62:13:74:2a:7c:ff:0a:d7:0b:99: - a9:2b:b3:ba:e8:cf:a0:77:f0:85:12:ba:4c:54:71:74:dd:32: - 13:ca:44:c2:0f:d9 + 25:33:d0:30:6e:60:5e:f3:29:e7:1d:36:83:4d:cd:06:d2:35: + df:80:76:25:e5:56:c6:e7:5f:cb:70:c8:30:da:a1:15:50:1b: + 5d:e0:7b:01:60:47:32:ee:ea:98:cd:27:c2:2e:b8:d5:4a:2f: + 76:7b:f1:0d:ff:c3:b3:74:f9:98:37:c1:07:85:04:55:8f:42: + 25:b7:21:03:50:83:50:01:6a:88:84:bc:83:2c:48:3f:e5:96: + 04:d7:b5:56:68:7c:fe:d9:06:e2:bc:f0:fd:47:fd:4b:4c:9b: + 15:ca:ab:10:e4:8d:8f:b5:f7:dd:69:8c:9d:06:00:8f:80:5b: + 30:a6:6c:31:d2:b8:4b:cf:10:2a:bf:64:fb:be:da:3f:e2:ee: + f1:6c:74:02:a7:c5:0c:e2:13:f1:54:63:a9:45:43:7b:b7:85: + a3:48:00:62:34:db:ac:a1:b6:b8:76:b9:d9:aa:17:a2:f9:0b: + 96:87:ad:da:5e:95:50:2b:73:17:d7:2c:d0:43:40:e3:e9:80: + e2:87:be:1d:65:68:17:0d:90:98:0a:9b:6d:4f:2d:91:3e:f0: + 16:4e:c0:c3:e7:a9:a6:e8:bf:8e:b6:d0:3b:72:e6:d9:9a:b3: + 70:82:23:c1:02:c2:cc:91:d7:75:19:3c:79:33:ea:86:8d:80: + 9a:6b:f2:93:b4:dc:22:19:11:82:3d:62:1d:e5:58:58:7f:50: + 84:b0:d4:5a:67:be:d0:28:b0:be:a1:7f:9d:1b:a2:98:9b:70: + 5a:c0:a8:c5:03:ec:de:8a:e2:ea:03:2d:4e:9f:6c:7d:d8:0e: + 41:3c:58:df:3f:1e:4f:69:04:68:54:59:58:ef:dd:e3:32:b3: + 2c:b4:cc:40:28:eb:3e:3b:37:fd:42:f7:d9:60:bf:fa:6d:87: + ca:ed:43:24:93:47:a8:bc:54:cc:c9:4d:ac:d0:b8:09:cb:85: + c3:02:55:73:bf:f0:ff:a3:fc:d2:d1:ae:ea:5a:96:6a:76:51: + fb:da:d9:ad:e4:cd -----BEGIN CERTIFICATE----- -MIIDcDCCAdigAwIBAgIJAMWGaDl7HMShMA0GCSqGSIb3DQEBCwUAMH0xCzAJBgNV +MIIDcDCCAdigAwIBAgIJAMWGaDl7HMSiMA0GCSqGSIb3DQEBCwUAMH0xCzAJBgNV BAYTAlVBMRgwFgYDVQQIDA9LaGFya2l2IE9ibGFzdCcxEDAOBgNVBAcMB0toYXJr aXYxJDAiBgNVBAoMG0ludGVybmV0IFN5c3RlbXMgQ29uc29ydGl1bTEcMBoGA1UE -AwwTY2EudGVzdC5leGFtcGxlLmNvbTAeFw0yNDA5MDIxNTMzMjdaFw0yNDA5MDMx -NTMzMjdaMCoxKDAmBgNVBAMMH3NydjAzLmNydDAxLWV4cGlyZWQuZXhhbXBsZS5j -b20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARNrIyo/8cADc5puRjsTirIBvu+vKnt -uMfEUganjXfqO/nYzh3XtC3xGv8NcE+KqZz6pMQw8OXYPd1i8n1Ajl/cV2zdVDgg -Dr7milzE6feVSPk0JrxduaqV+MnXJity65SjdDByMDAGA1UdEQQpMCeCH3NydjAz -LmNydDAxLWV4cGlyZWQuZXhhbXBsZS5jb22HBAo1AAMwHQYDVR0OBBYEFHI4JQHL -OP/L03gkQ7pk6nb7WPbqMB8GA1UdIwQYMBaAFHyJ6Fzr5R9ySATFj/uSCJz1YCY5 -MA0GCSqGSIb3DQEBCwUAA4IBgQBK81nfTf/93vzIvDRM4TkAYgnINCvQPlKR6q7a -hpR9g4RIXVCst6Vwh/Ri8Maac9J4Kc8hIK4OsFU2HWzBfw+3JtgUQ2TGWItoh/3M -P9HB9WdxvHF71PECsEzdskoYmUY6RLJrxGF5j77oGdTM95UysHQYdsbfX8GQJDym -XSpvkH2UQ/PfH4Bw/4rIuR/FTgjRVPDYcq8HMJ+KZWb//6Q33hABpgDHMQjd8Apf -0+bd0TdD8kQTvJ5oQL2WhBZzDwGVQGW6cJOpgSdutvutEDZGo3WUAGLzEDLCSg46 -v6sHFKNo/evHyBaQMIDxKFxkp7qO+icJTAsI2VZ3zSV8H1h4SMGMcxA58gZ5fI25 -yiV8sXViaKcUxlsAeGfk2OFiC26NWuYj0tTdKHEyFoits+6maef/HoViPGWIx0cM -HaDZElwxmAHNpChSrdyLGubUYj0bxlIAtTSdHdhr085jUmITdCp8/wrXC5mpK7O6 -6M+gd/CFErpMVHF03TITykTCD9k= +AwwTY2EudGVzdC5leGFtcGxlLmNvbTAeFw0yNDA5MTcxNjE4MThaFw0yNDA5MTgx +NjE4MThaMCoxKDAmBgNVBAMMH3NydjAyLmNydDAxLWV4cGlyZWQuZXhhbXBsZS5j +b20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAT+AGZM20R/AnlbmJOoZ4qHWgcPhEDI +Z3+5rzIYpyL67adW2henRZ2s/ULMi/v/OpLYfuT8f1RoRHxhJUK0kpu1yx1R0mEI +94kimw2Ocpnf2VHIksml+D8tEek0h0lczC2jdDByMDAGA1UdEQQpMCeCH3NydjAy +LmNydDAxLWV4cGlyZWQuZXhhbXBsZS5jb22HBAo1AAIwHQYDVR0OBBYEFANMrN7A +o+sEVhwQR+vJTRpf/Y6hMB8GA1UdIwQYMBaAFHyJ6Fzr5R9ySATFj/uSCJz1YCY5 +MA0GCSqGSIb3DQEBCwUAA4IBgQAlM9AwbmBe8ynnHTaDTc0G0jXfgHYl5VbG51/L +cMgw2qEVUBtd4HsBYEcy7uqYzSfCLrjVSi92e/EN/8OzdPmYN8EHhQRVj0IltyED +UINQAWqIhLyDLEg/5ZYE17VWaHz+2QbivPD9R/1LTJsVyqsQ5I2PtffdaYydBgCP +gFswpmwx0rhLzxAqv2T7vto/4u7xbHQCp8UM4hPxVGOpRUN7t4WjSABiNNusoba4 +drnZqhei+QuWh63aXpVQK3MX1yzQQ0Dj6YDih74dZWgXDZCYCpttTy2RPvAWTsDD +56mm6L+OttA7cubZmrNwgiPBAsLMkdd1GTx5M+qGjYCaa/KTtNwiGRGCPWId5VhY +f1CEsNRaZ77QKLC+oX+dG6KYm3BawKjFA+zeiuLqAy1On2x92A5BPFjfPx5PaQRo +VFlY793jMrMstMxAKOs+Ozf9QvfZYL/6bYfK7UMkk0eovFTMyU2s0LgJy4XDAlVz +v/D/o/zS0a7qWpZqdlH72tmt5M0= -----END CERTIFICATE----- diff --git a/bin/tests/system/notify/CA/index.txt b/bin/tests/system/notify/CA/index.txt index 323e3f95b51..73de2990041 100644 --- a/bin/tests/system/notify/CA/index.txt +++ b/bin/tests/system/notify/CA/index.txt @@ -1,3 +1,3 @@ V 20540827153314Z C58668397B1CC49F unknown /CN=srv02.crt01.example.com V 20540827153318Z C58668397B1CC4A0 unknown /CN=srv03.crt01.example.com -V 240903153327Z C58668397B1CC4A1 unknown /CN=srv03.crt01-expired.example.com +V 240918161818Z C58668397B1CC4A2 unknown /CN=srv02.crt01-expired.example.com diff --git a/bin/tests/system/notify/CA/newcerts/C58668397B1CC4A1.pem b/bin/tests/system/notify/CA/newcerts/C58668397B1CC4A1.pem deleted file mode 100644 index d8a1f41f67a..00000000000 --- a/bin/tests/system/notify/CA/newcerts/C58668397B1CC4A1.pem +++ /dev/null @@ -1,76 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - c5:86:68:39:7b:1c:c4:a1 - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=UA, ST=Kharkiv Oblast', L=Kharkiv, O=Internet Systems Consortium, CN=ca.test.example.com - Validity - Not Before: Sep 2 15:33:27 2024 GMT - Not After : Sep 3 15:33:27 2024 GMT - Subject: CN=srv03.crt01-expired.example.com - Subject Public Key Info: - Public Key Algorithm: id-ecPublicKey - Public-Key: (384 bit) - pub: - 04:4d:ac:8c:a8:ff:c7:00:0d:ce:69:b9:18:ec:4e: - 2a:c8:06:fb:be:bc:a9:ed:b8:c7:c4:52:06:a7:8d: - 77:ea:3b:f9:d8:ce:1d:d7:b4:2d:f1:1a:ff:0d:70: - 4f:8a:a9:9c:fa:a4:c4:30:f0:e5:d8:3d:dd:62:f2: - 7d:40:8e:5f:dc:57:6c:dd:54:38:20:0e:be:e6:8a: - 5c:c4:e9:f7:95:48:f9:34:26:bc:5d:b9:aa:95:f8: - c9:d7:26:2b:72:eb:94 - ASN1 OID: secp384r1 - NIST CURVE: P-384 - X509v3 extensions: - X509v3 Subject Alternative Name: - DNS:srv03.crt01-expired.example.com, IP Address:10.53.0.3 - X509v3 Subject Key Identifier: - 72:38:25:01:CB:38:FF:CB:D3:78:24:43:BA:64:EA:76:FB:58:F6:EA - X509v3 Authority Key Identifier: - 7C:89:E8:5C:EB:E5:1F:72:48:04:C5:8F:FB:92:08:9C:F5:60:26:39 - Signature Algorithm: sha256WithRSAEncryption - Signature Value: - 4a:f3:59:df:4d:ff:fd:de:fc:c8:bc:34:4c:e1:39:00:62:09: - c8:34:2b:d0:3e:52:91:ea:ae:da:86:94:7d:83:84:48:5d:50: - ac:b7:a5:70:87:f4:62:f0:c6:9a:73:d2:78:29:cf:21:20:ae: - 0e:b0:55:36:1d:6c:c1:7f:0f:b7:26:d8:14:43:64:c6:58:8b: - 68:87:fd:cc:3f:d1:c1:f5:67:71:bc:71:7b:d4:f1:02:b0:4c: - dd:b2:4a:18:99:46:3a:44:b2:6b:c4:61:79:8f:be:e8:19:d4: - cc:f7:95:32:b0:74:18:76:c6:df:5f:c1:90:24:3c:a6:5d:2a: - 6f:90:7d:94:43:f3:df:1f:80:70:ff:8a:c8:b9:1f:c5:4e:08: - d1:54:f0:d8:72:af:07:30:9f:8a:65:66:ff:ff:a4:37:de:10: - 01:a6:00:c7:31:08:dd:f0:0a:5f:d3:e6:dd:d1:37:43:f2:44: - 13:bc:9e:68:40:bd:96:84:16:73:0f:01:95:40:65:ba:70:93: - a9:81:27:6e:b6:fb:ad:10:36:46:a3:75:94:00:62:f3:10:32: - c2:4a:0e:3a:bf:ab:07:14:a3:68:fd:eb:c7:c8:16:90:30:80: - f1:28:5c:64:a7:ba:8e:fa:27:09:4c:0b:08:d9:56:77:cd:25: - 7c:1f:58:78:48:c1:8c:73:10:39:f2:06:79:7c:8d:b9:ca:25: - 7c:b1:75:62:68:a7:14:c6:5b:00:78:67:e4:d8:e1:62:0b:6e: - 8d:5a:e6:23:d2:d4:dd:28:71:32:16:88:ad:b3:ee:a6:69:e7: - ff:1e:85:62:3c:65:88:c7:47:0c:1d:a0:d9:12:5c:31:98:01: - cd:a4:28:52:ad:dc:8b:1a:e6:d4:62:3d:1b:c6:52:00:b5:34: - 9d:1d:d8:6b:d3:ce:63:52:62:13:74:2a:7c:ff:0a:d7:0b:99: - a9:2b:b3:ba:e8:cf:a0:77:f0:85:12:ba:4c:54:71:74:dd:32: - 13:ca:44:c2:0f:d9 ------BEGIN CERTIFICATE----- -MIIDcDCCAdigAwIBAgIJAMWGaDl7HMShMA0GCSqGSIb3DQEBCwUAMH0xCzAJBgNV -BAYTAlVBMRgwFgYDVQQIDA9LaGFya2l2IE9ibGFzdCcxEDAOBgNVBAcMB0toYXJr -aXYxJDAiBgNVBAoMG0ludGVybmV0IFN5c3RlbXMgQ29uc29ydGl1bTEcMBoGA1UE -AwwTY2EudGVzdC5leGFtcGxlLmNvbTAeFw0yNDA5MDIxNTMzMjdaFw0yNDA5MDMx -NTMzMjdaMCoxKDAmBgNVBAMMH3NydjAzLmNydDAxLWV4cGlyZWQuZXhhbXBsZS5j -b20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARNrIyo/8cADc5puRjsTirIBvu+vKnt -uMfEUganjXfqO/nYzh3XtC3xGv8NcE+KqZz6pMQw8OXYPd1i8n1Ajl/cV2zdVDgg -Dr7milzE6feVSPk0JrxduaqV+MnXJity65SjdDByMDAGA1UdEQQpMCeCH3NydjAz -LmNydDAxLWV4cGlyZWQuZXhhbXBsZS5jb22HBAo1AAMwHQYDVR0OBBYEFHI4JQHL -OP/L03gkQ7pk6nb7WPbqMB8GA1UdIwQYMBaAFHyJ6Fzr5R9ySATFj/uSCJz1YCY5 -MA0GCSqGSIb3DQEBCwUAA4IBgQBK81nfTf/93vzIvDRM4TkAYgnINCvQPlKR6q7a -hpR9g4RIXVCst6Vwh/Ri8Maac9J4Kc8hIK4OsFU2HWzBfw+3JtgUQ2TGWItoh/3M -P9HB9WdxvHF71PECsEzdskoYmUY6RLJrxGF5j77oGdTM95UysHQYdsbfX8GQJDym -XSpvkH2UQ/PfH4Bw/4rIuR/FTgjRVPDYcq8HMJ+KZWb//6Q33hABpgDHMQjd8Apf -0+bd0TdD8kQTvJ5oQL2WhBZzDwGVQGW6cJOpgSdutvutEDZGo3WUAGLzEDLCSg46 -v6sHFKNo/evHyBaQMIDxKFxkp7qO+icJTAsI2VZ3zSV8H1h4SMGMcxA58gZ5fI25 -yiV8sXViaKcUxlsAeGfk2OFiC26NWuYj0tTdKHEyFoits+6maef/HoViPGWIx0cM -HaDZElwxmAHNpChSrdyLGubUYj0bxlIAtTSdHdhr085jUmITdCp8/wrXC5mpK7O6 -6M+gd/CFErpMVHF03TITykTCD9k= ------END CERTIFICATE----- diff --git a/bin/tests/system/notify/CA/newcerts/C58668397B1CC4A2.pem b/bin/tests/system/notify/CA/newcerts/C58668397B1CC4A2.pem new file mode 100644 index 00000000000..1ccfd320f90 --- /dev/null +++ b/bin/tests/system/notify/CA/newcerts/C58668397B1CC4A2.pem @@ -0,0 +1,76 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + c5:86:68:39:7b:1c:c4:a2 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=UA, ST=Kharkiv Oblast', L=Kharkiv, O=Internet Systems Consortium, CN=ca.test.example.com + Validity + Not Before: Sep 17 16:18:18 2024 GMT + Not After : Sep 18 16:18:18 2024 GMT + Subject: CN=srv02.crt01-expired.example.com + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (384 bit) + pub: + 04:fe:00:66:4c:db:44:7f:02:79:5b:98:93:a8:67: + 8a:87:5a:07:0f:84:40:c8:67:7f:b9:af:32:18:a7: + 22:fa:ed:a7:56:da:17:a7:45:9d:ac:fd:42:cc:8b: + fb:ff:3a:92:d8:7e:e4:fc:7f:54:68:44:7c:61:25: + 42:b4:92:9b:b5:cb:1d:51:d2:61:08:f7:89:22:9b: + 0d:8e:72:99:df:d9:51:c8:92:c9:a5:f8:3f:2d:11: + e9:34:87:49:5c:cc:2d + ASN1 OID: secp384r1 + NIST CURVE: P-384 + X509v3 extensions: + X509v3 Subject Alternative Name: + DNS:srv02.crt01-expired.example.com, IP Address:10.53.0.2 + X509v3 Subject Key Identifier: + 03:4C:AC:DE:C0:A3:EB:04:56:1C:10:47:EB:C9:4D:1A:5F:FD:8E:A1 + X509v3 Authority Key Identifier: + 7C:89:E8:5C:EB:E5:1F:72:48:04:C5:8F:FB:92:08:9C:F5:60:26:39 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 25:33:d0:30:6e:60:5e:f3:29:e7:1d:36:83:4d:cd:06:d2:35: + df:80:76:25:e5:56:c6:e7:5f:cb:70:c8:30:da:a1:15:50:1b: + 5d:e0:7b:01:60:47:32:ee:ea:98:cd:27:c2:2e:b8:d5:4a:2f: + 76:7b:f1:0d:ff:c3:b3:74:f9:98:37:c1:07:85:04:55:8f:42: + 25:b7:21:03:50:83:50:01:6a:88:84:bc:83:2c:48:3f:e5:96: + 04:d7:b5:56:68:7c:fe:d9:06:e2:bc:f0:fd:47:fd:4b:4c:9b: + 15:ca:ab:10:e4:8d:8f:b5:f7:dd:69:8c:9d:06:00:8f:80:5b: + 30:a6:6c:31:d2:b8:4b:cf:10:2a:bf:64:fb:be:da:3f:e2:ee: + f1:6c:74:02:a7:c5:0c:e2:13:f1:54:63:a9:45:43:7b:b7:85: + a3:48:00:62:34:db:ac:a1:b6:b8:76:b9:d9:aa:17:a2:f9:0b: + 96:87:ad:da:5e:95:50:2b:73:17:d7:2c:d0:43:40:e3:e9:80: + e2:87:be:1d:65:68:17:0d:90:98:0a:9b:6d:4f:2d:91:3e:f0: + 16:4e:c0:c3:e7:a9:a6:e8:bf:8e:b6:d0:3b:72:e6:d9:9a:b3: + 70:82:23:c1:02:c2:cc:91:d7:75:19:3c:79:33:ea:86:8d:80: + 9a:6b:f2:93:b4:dc:22:19:11:82:3d:62:1d:e5:58:58:7f:50: + 84:b0:d4:5a:67:be:d0:28:b0:be:a1:7f:9d:1b:a2:98:9b:70: + 5a:c0:a8:c5:03:ec:de:8a:e2:ea:03:2d:4e:9f:6c:7d:d8:0e: + 41:3c:58:df:3f:1e:4f:69:04:68:54:59:58:ef:dd:e3:32:b3: + 2c:b4:cc:40:28:eb:3e:3b:37:fd:42:f7:d9:60:bf:fa:6d:87: + ca:ed:43:24:93:47:a8:bc:54:cc:c9:4d:ac:d0:b8:09:cb:85: + c3:02:55:73:bf:f0:ff:a3:fc:d2:d1:ae:ea:5a:96:6a:76:51: + fb:da:d9:ad:e4:cd +-----BEGIN CERTIFICATE----- +MIIDcDCCAdigAwIBAgIJAMWGaDl7HMSiMA0GCSqGSIb3DQEBCwUAMH0xCzAJBgNV +BAYTAlVBMRgwFgYDVQQIDA9LaGFya2l2IE9ibGFzdCcxEDAOBgNVBAcMB0toYXJr +aXYxJDAiBgNVBAoMG0ludGVybmV0IFN5c3RlbXMgQ29uc29ydGl1bTEcMBoGA1UE +AwwTY2EudGVzdC5leGFtcGxlLmNvbTAeFw0yNDA5MTcxNjE4MThaFw0yNDA5MTgx +NjE4MThaMCoxKDAmBgNVBAMMH3NydjAyLmNydDAxLWV4cGlyZWQuZXhhbXBsZS5j +b20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAT+AGZM20R/AnlbmJOoZ4qHWgcPhEDI +Z3+5rzIYpyL67adW2henRZ2s/ULMi/v/OpLYfuT8f1RoRHxhJUK0kpu1yx1R0mEI +94kimw2Ocpnf2VHIksml+D8tEek0h0lczC2jdDByMDAGA1UdEQQpMCeCH3NydjAy +LmNydDAxLWV4cGlyZWQuZXhhbXBsZS5jb22HBAo1AAIwHQYDVR0OBBYEFANMrN7A +o+sEVhwQR+vJTRpf/Y6hMB8GA1UdIwQYMBaAFHyJ6Fzr5R9ySATFj/uSCJz1YCY5 +MA0GCSqGSIb3DQEBCwUAA4IBgQAlM9AwbmBe8ynnHTaDTc0G0jXfgHYl5VbG51/L +cMgw2qEVUBtd4HsBYEcy7uqYzSfCLrjVSi92e/EN/8OzdPmYN8EHhQRVj0IltyED +UINQAWqIhLyDLEg/5ZYE17VWaHz+2QbivPD9R/1LTJsVyqsQ5I2PtffdaYydBgCP +gFswpmwx0rhLzxAqv2T7vto/4u7xbHQCp8UM4hPxVGOpRUN7t4WjSABiNNusoba4 +drnZqhei+QuWh63aXpVQK3MX1yzQQ0Dj6YDih74dZWgXDZCYCpttTy2RPvAWTsDD +56mm6L+OttA7cubZmrNwgiPBAsLMkdd1GTx5M+qGjYCaa/KTtNwiGRGCPWId5VhY +f1CEsNRaZ77QKLC+oX+dG6KYm3BawKjFA+zeiuLqAy1On2x92A5BPFjfPx5PaQRo +VFlY793jMrMstMxAKOs+Ozf9QvfZYL/6bYfK7UMkk0eovFTMyU2s0LgJy4XDAlVz +v/D/o/zS0a7qWpZqdlH72tmt5M0= +-----END CERTIFICATE----- diff --git a/bin/tests/system/notify/CA/serial b/bin/tests/system/notify/CA/serial index c611a6a182a..82f4fbef2b9 100644 --- a/bin/tests/system/notify/CA/serial +++ b/bin/tests/system/notify/CA/serial @@ -1 +1 @@ -C58668397B1CC4A2 +C58668397B1CC4A3 diff --git a/bin/tests/system/notify/ns3/named-tls.conf.in b/bin/tests/system/notify/ns3/named-tls.conf.in index 3269091c871..1e1b291b174 100644 --- a/bin/tests/system/notify/ns3/named-tls.conf.in +++ b/bin/tests/system/notify/ns3/named-tls.conf.in @@ -58,7 +58,7 @@ zone tls-x2 { type primary; file "generic.db"; notify explicit; - also-notify { 10.53.0.2 port @EXTRAPORT1@ tls tls-expired; }; + also-notify { 10.53.0.2 port @EXTRAPORT1@ tls tls-forward-secrecy; }; }; zone tls-x3 {