Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feature: ssl.create_ctx and tcp:setsslctx #89

Open
wants to merge 26 commits into
base: master
Choose a base branch
from
Open

feature: ssl.create_ctx and tcp:setsslctx #89

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
15c95e7
feature: support ssl.create_ctx and tcp:setsslctx
detailyang Feb 19, 2017
9407f3c
tests: test sslctx with lrucache
detailyang Feb 21, 2017
818327e
refactor: use protocols as arg to create_ctx
detailyang Feb 26, 2017
a81d912
refactor: get tcp metatable from REGISTRY
detailyang Feb 28, 2017
1099992
refactor: use nil to replace false as return value
detailyang Feb 28, 2017
896f36e
refactor: caller allocate error message buffer
detailyang Mar 8, 2017
aa58488
refactor: copy literal to caller error buffer
detailyang Mar 11, 2017
f4fa4bc
travis: use personal lua-nginx-module to pass test
detailyang Mar 11, 2017
f1be855
style: remove unused variable
detailyang Mar 11, 2017
ea2e634
refactor: omit PROTOCOL prefix in ngx.ssl
detailyang May 7, 2017
2052108
style: ffi.cdef should not be indented
detailyang May 7, 2017
4b26b17
refactor: no need to assign ctx again after ffi_gc
detailyang May 7, 2017
9ebd5b6
style: omit parentheses only one argument
detailyang May 7, 2017
23b1d04
tests: fix create_ctx must pass options
detailyang May 7, 2017
38fb434
cert: regenerate ca client server key and crt
detailyang May 7, 2017
a2d7c28
cert: regenerate ca client server key and crt
detailyang May 7, 2017
91a0065
travis: empty commit to trigger travis-ci
detailyang May 7, 2017
e300597
Merge branch 'lua-ffi-api-sslctx' of https://github.com/detailyang/lu…
detailyang May 7, 2017
6fbc8a2
style: rename variable err_buf to err
detailyang May 17, 2017
cd4f37a
Merge remote-tracking branch 'openresty/master' into lua-ffi-api-sslctx
detailyang May 17, 2017
ea18436
Merge remote-tracking branch 'openresty/master' into lua-ffi-api-sslctx
detailyang May 25, 2017
930aa47
feature: add ciphers, CRL, ca, cert_store
detailyang Jun 1, 2017
bfca881
tests: ssl-ctx throw error when open file failed
detailyang Jun 1, 2017
91c58e1
tests: support ubuntu system certs
detailyang Jun 1, 2017
b795d4e
tests: add travis certificate path
detailyang Jun 1, 2017
3f5ce42
tests: ssl-ctx.t style tweaks
detailyang Jun 2, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ install:
- git clone https://github.com/openresty/openresty.git ../openresty
- git clone https://github.com/openresty/openresty-devel-utils.git
- git clone https://github.com/simpl/ngx_devel_kit.git ../ndk-nginx-module
- git clone https://github.com/openresty/lua-nginx-module.git ../lua-nginx-module
- git clone -b lua-ffi-api-sslctx https://github.com/detailyang/lua-nginx-module.git ../lua-nginx-module
- git clone https://github.com/openresty/no-pool-nginx.git ../no-pool-nginx
- git clone https://github.com/openresty/echo-nginx-module.git ../echo-nginx-module
- git clone https://github.com/openresty/lua-resty-lrucache.git
Expand Down
151 changes: 151 additions & 0 deletions lib/ngx/ssl.lua
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,13 @@

local ffi = require "ffi"
local base = require "resty.core.base"
local bit = require "bit"


local C = ffi.C
local ffi_str = ffi.string
local ffi_gc = ffi.gc
local ffi_copy = ffi.copy
local getfenv = getfenv
local error = error
local tonumber = tonumber
Expand All @@ -16,6 +18,8 @@ local get_string_buf = base.get_string_buf
local get_size_ptr = base.get_size_ptr
local FFI_DECLINED = base.FFI_DECLINED
local FFI_OK = base.FFI_OK
local bor = bit.bor
local ERR_BUF_SIZE = 256


ffi.cdef[[
Expand Down Expand Up @@ -58,6 +62,39 @@ int ngx_http_lua_ffi_set_priv_key(void *r, void *cdata, char **err);
void ngx_http_lua_ffi_free_cert(void *cdata);

void ngx_http_lua_ffi_free_priv_key(void *cdata);

void *ngx_http_lua_ffi_ssl_ctx_init(unsigned int protocols, char **err);

void ngx_http_lua_ffi_ssl_ctx_free(void *cdata);

int ngx_http_lua_ffi_ssl_ctx_add_ca_cert(void *cdata_ctx,
const unsigned char *cert, size_t size,
unsigned char *err, size_t *err_len);

int ngx_http_lua_ffi_ssl_ctx_set_priv_key(void *cdata_ctx, void *cdata_key,
unsigned char *err, size_t *err_len);

int ngx_http_lua_ffi_ssl_ctx_set_cert(void *cdata_ctx, void *cdata_cert,
unsigned char *err, size_t *err_len);

int ngx_http_lua_ffi_ssl_ctx_set_ciphers(void *cdata_ctx, const char *cipher,
unsigned char *err, size_t *err_len);

int ngx_http_lua_ffi_ssl_ctx_set_crl(void *cdata_ctx, const unsigned char *crl,
size_t size, unsigned char *err, size_t *err_len);

int ngx_http_lua_ffi_ssl_ctx_set_cert_store(void *cdata_ctx, void *cdata_store,
int up_ref, unsigned char *err, size_t *err_len);

void *ngx_http_lua_ffi_ssl_x509_store_init(unsigned char *err,
size_t *err_len);

void ngx_http_lua_ffi_ssl_x509_store_free(void *cdata_store);

int ngx_http_lua_ffi_ssl_x509_store_add_cert(void *cdata_store,
const unsigned char *cert, size_t size, unsigned char *err,
size_t *err_len);

]]


Expand Down Expand Up @@ -261,6 +298,120 @@ function _M.set_priv_key(priv_key)
end


function _M.create_x509_store(...)
local err_buf = get_string_buf(ERR_BUF_SIZE)
local err_buf_len = get_size_ptr()
err_buf_len[0] = ERR_BUF_SIZE

local store = C.ngx_http_lua_ffi_ssl_x509_store_init(err_buf, err_buf_len)
if store == nil then
return nil, ffi_str(err_buf, err_buf_len[0])
end

ffi_gc(store, C.ngx_http_lua_ffi_ssl_x509_store_free)

for i = 1, select('#', ...) do
local cert = select(i, ...)
local rc = C.ngx_http_lua_ffi_ssl_x509_store_add_cert(store, cert,
#cert, err_buf,
err_buf_len)
if rc ~= FFI_OK then
return nil, ffi_str(err_buf, err_buf_len[0])
end
end

return store
end


_M.SSLv2 = 0x0002
_M.SSLv3 = 0x0004
_M.TLSv1 = 0x0008
_M.TLSv1_1 = 0x0010
_M.TLSv1_2 = 0x0020
local default_protocols = bor(_M.SSLv3, _M.TLSv1, _M.TLSv1_1, _M.TLSv1_2)


function _M.create_ctx(options)
if type(options) ~= 'table' then
return nil, "no options found"
end

local protocols = options.protocols or default_protocols
local ca = options.ca
local cert_store = options.cert_store
local cert = options.cert
local priv_key = options.priv_key
local ciphers = options.ciphers
local crl = options.crl

local ctx = C.ngx_http_lua_ffi_ssl_ctx_init(protocols, errmsg)
if ctx == nil then
return nil, ffi_str(errmsg[0])
end

ffi_gc(ctx, C.ngx_http_lua_ffi_ssl_ctx_free)

local err_buf = get_string_buf(ERR_BUF_SIZE)
local err_buf_len = get_size_ptr()
err_buf_len[0] = ERR_BUF_SIZE

if cert_store ~= nil then
local rc = C.ngx_http_lua_ffi_ssl_ctx_set_cert_store(ctx, cert_store, 1,
err_buf,
err_buf_len)
if rc ~= FFI_OK then
return nil, ffi_str(err_buf, err_buf_len[0])
end
end

if ca ~= nil then
local rc = C.ngx_http_lua_ffi_ssl_ctx_add_ca_cert(ctx, ca, #ca, err_buf,
err_buf_len)
if rc ~= FFI_OK then
return nil, ffi_str(err_buf, err_buf_len[0])
end
end

if cert ~= nil then
local rc = C.ngx_http_lua_ffi_ssl_ctx_set_cert(ctx, cert,
err_buf, err_buf_len)
if rc ~= FFI_OK then
return nil, ffi_str(err_buf, err_buf_len[0])
end
end

if priv_key ~= nil then
local rc = C.ngx_http_lua_ffi_ssl_ctx_set_priv_key(ctx, priv_key,
err_buf, err_buf_len)
if rc ~= FFI_OK then
return nil, ffi_str(err_buf, err_buf_len[0])
end
end

if ciphers ~= nil then
local ciphers_buf = get_string_buf(#ciphers + 1)
ffi_copy(ciphers_buf, ciphers)

local rc = C.ngx_http_lua_ffi_ssl_ctx_set_ciphers(ctx, ciphers_buf,
err_buf, err_buf_len)
if rc ~= FFI_OK then
return nil, ffi_str(err_buf, err_buf_len[0])
end
end

if crl ~= nil then
local rc = C.ngx_http_lua_ffi_ssl_ctx_set_crl(ctx, crl, #crl, err_buf,
err_buf_len)
if rc ~= FFI_OK then
return nil, ffi_str(err_buf, err_buf_len[0])
end
end

return ctx
end


do
_M.SSL3_VERSION = 0x0300
_M.TLS1_VERSION = 0x0301
Expand Down
1 change: 1 addition & 0 deletions lib/resty/core.lua
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ require "resty.core.request"
require "resty.core.response"
require "resty.core.time"
require "resty.core.worker"
require "resty.core.socket.tcp"


local base = require "resty.core.base"
Expand Down
67 changes: 67 additions & 0 deletions lib/resty/core/socket/tcp.lua
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
-- Copyright (C) Yichun Zhang (agentzh)


local ffi = require "ffi"
local debug = require 'debug'
local base = require "resty.core.base"


local C = ffi.C
local ffi_str = ffi.string
local registry = debug.getregistry()
local error = error
local errmsg = base.get_errmsg_ptr()
local FFI_OK = base.FFI_OK


ffi.cdef[[

int ngx_http_lua_ffi_socket_tcp_setsslctx(ngx_http_request_t *r, void *u,
void *cdata_ctx, char **err);

]]


local function check_tcp(tcp)
if not tcp or type(tcp) ~= "table" then
return error("bad \"tcp\" argument")
end

tcp = tcp[1]
if type(tcp) ~= "userdata" then
return error("bad \"tcp\" argument")
end

return tcp
end


local function setsslctx(tcp, ssl_ctx)
tcp = check_tcp(tcp)

local r = getfenv(0).__ngx_req
if not r then
return error("no request found")
end

local rc = C.ngx_http_lua_ffi_socket_tcp_setsslctx(r, tcp, ssl_ctx, errmsg)
if rc ~= FFI_OK then
return nil, ffi_str(errmsg[0])
end

return true
end


local mt = registry.__ngx_socket_tcp_mt
if mt then
mt = mt.__index
if mt then
mt.setsslctx = setsslctx
end
end


return {
version = base.version
}
18 changes: 18 additions & 0 deletions t/cert/ca-client-server/ca.crt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC7TCCAdWgAwIBAgIJAO8bo8Y6NOllMA0GCSqGSIb3DQEBCwUAMA0xCzAJBgNV
BAMMAmNhMB4XDTE3MDUyNzIxNDYwOFoXDTE3MDYyNjIxNDYwOFowDTELMAkGA1UE
AwwCY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7mHzd9g+5Gthe
h5sr7a6/0JVTw+LtKA08IxRb7LqvHHiKsgoweKo+RomYtYvlNSZkROzJVscd85ND
xja2VfEGQ75Jf01+27pOgT+Gt5ZPVGIzr0KI/R9pWPLHeuWz6HkoLe4KTRJiLnPF
gvDWXKkMaGSTgul4W8PHWk+9ybEG/Tmm+48VlRMFrs1Y32GYsX4dA/CmPPbQeEQh
wIgMMu5NbTebxnK4AJ3sY3tZrm0kzXUePE4gXcj5GQNbnIr5cM2BsUb9QPCf+Ooe
PjBZiS9Ek8vDD+rVwZTVXiiSfWG4/7CJF/vPuoi/BhbsFKrZtqXWUR5MUaVs83mf
9aIDybjhAgMBAAGjUDBOMB0GA1UdDgQWBBT3QiA6YNIPWK5th89XtcHs6jv03jAf
BgNVHSMEGDAWgBT3QiA6YNIPWK5th89XtcHs6jv03jAMBgNVHRMEBTADAQH/MA0G
CSqGSIb3DQEBCwUAA4IBAQBIcwH1BFK/cRc88XQQFEHOkvFLlfPnnHPdLv+iyQ9v
BsoJZVh8lzLFzYLJRRPdyqbBxCwRAna86v7MfwGAEBseH5EnIFsne1iV7o7+wOKx
WY/p+Q4B/fOWVdzxVd7naDIeH00dvhxWP3+E7F2KRJyUUehQOP4XXVy9sVlny/U+
kloGu4i/k5y4wkn+kdmO9buH5hPEbaLv7Ud2A6J5brvqhktT1UIeA+jBycz0a5kH
h3x3DLq6+eeE8WuI1vLtPDJIAQXvSlKss3IpXcRf1r6kOtec6rpyjRtCGobL1CxV
QWWNRRLGjMRZSMlQAgp3QAmWbIvpKxxLwkEJUCtuujuR
-----END CERTIFICATE-----
30 changes: 30 additions & 0 deletions t/cert/ca-client-server/ca.key
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIEjDowCzAg4ACAggA
MBQGCCqGSIb3DQMHBAh3lw0oluucPASCBMgFFN7lYaWHeb7Hv7f9+zc2kD0k1sgV
S6N1uHwAxrhYouFqrYI2wtvs+8ow4oefTUU9gTyouQXzhoykHFaSJw3FixbeQB56
Jk/5X9Raq7zLZvTapkINWUE3q2ZOpzfXPlyCw9GkVjYhUSM2S0O+sKl2lco2SsNS
T7Vb8lNLaIJs8IMg+yDpGquoEMh3rQ4dywOuQ2to8/bxJYXo8o3L3lciaLTCGVCn
SOkjX6sUuFZJ8hR527z9u7/W4W2/HN0zRcGpyCDEswJGrDVV+b5nqHvy8KN3Yu5e
dwUErUvQmOpbDog9C+aNgtVHcD46rt21v9/FnQ/hEFNMx515lZVuH69BlaHWikUg
6QmUPAw7xb6kMgeVntFadPEMBghbqEXZtgXWyV8bxUggRRcE+pGphYcotMfx+6dR
JF6BBqo0dTlhPzzCqoV0wlumnnMbNwUSRlRsg25D+WC8dz5O0kj1Pv5HW/ccmiyx
8warzJlxGUSlz1wnysQ+Irgw11/ZnH3hcAywDP/8Jai2Mcml588KLm9QuPCS2F3d
QUmX9i7lYz3rJO0uNkC5eLrzB/LGRHFsvdxWUgUXh1HBweoJUN37CXY5UC7NQclA
xPI7Ocea3HgPChZ7/y9P0mVVEp9gFIpD5+uVb9GSR+zRv9y0aA8NrFyPWI+IBZdG
QDdC37LXjooueYXgDNMGsulb1UXOkUol2+UCxYiq12wjJ1eo3kfezswGCm7sSfl8
7hve78KeaoJwFFJTgDKY5O8xZMbKDl1SMcfsZT/z2yu4tmIXlDUq3iLaWy1u2Spt
tUa8fsGOkP+bprsFVQIyJO1cg9nrd2FLei5wkQZWDGq5nTjJfIDO4cUJx+vlGDQP
AWh8qy1CNRQoFwZ/xrqqwYiO8nZv64FMweVun2R96PvnoaD8hB1pfTfQ6kg7q8lg
uNQvTgCfiF+6dR3KFOf29GpxGqGsvBe89k5EVOW2nmxvBoPb/VKXOC8zEcRvn71n
dgrEK0nd/AhGEdvnIR1RT3+42Hae50XV8sF1tX8ODNgPCON4f3qECe5F1RTVJdx0
ZG/Jab/zOA1n1GyOqVSMWWZFIbKLt0U+XAhIO1HWruvgBDiMVxqk0cfjbMPFtD9n
yPHQPAMLZy7gqa96UD3BdS2YPSxJhLUqBtqaHwC4tU+LRoTBpC/Uiv6Ee5ZF2/OE
EnXSlCaPzzgW3KcPlf5q9/b4YikqSPVo3G76ouCdyHC/XA6uwd1ik2SpVQlZddth
rQra+UcQs6000hg1VP4yPOz/R5Jsd2GT+eA2ziYLKr959Lh32iBK+pnepWxdgW/y
jAHvfh9ysyUYUyGTIMQuMZ87r5DrsGcOoWIyuQeqFehlFze1RxGn0e7/ZcIUJhI3
dnPFPpM9uGnNMpK+qzewj+zLBtVJ4rZJ5x81A65cSXL389aHOTuRxrqK7K0Vslk9
EWmAd+XcuKEXnhWMtrugm9zxlEWbJzVDsX7IeR3kd5ewajTeOmS/fV8D5K57JQhH
YhlITCOHTWeUz68IQ2Dwb+XvmFM+Ijqp0YJq0cxOXy9ieuhbAjpG15P2xYmib9J6
4WivnLS8srLkumTmMmTng3HCVHiJTxvsELJBWBYvegrQiCo5MYZEs8ql3N17XNXW
0io=
-----END ENCRYPTED PRIVATE KEY-----
27 changes: 27 additions & 0 deletions t/cert/ca-client-server/ca.unsecure.key
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAu5h83fYPuRrYXoebK+2uv9CVU8Pi7SgNPCMUW+y6rxx4irIK
MHiqPkaJmLWL5TUmZETsyVbHHfOTQ8Y2tlXxBkO+SX9Nftu6ToE/hreWT1RiM69C
iP0faVjyx3rls+h5KC3uCk0SYi5zxYLw1lypDGhkk4LpeFvDx1pPvcmxBv05pvuP
FZUTBa7NWN9hmLF+HQPwpjz20HhEIcCIDDLuTW03m8ZyuACd7GN7Wa5tJM11HjxO
IF3I+RkDW5yK+XDNgbFG/UDwn/jqHj4wWYkvRJPLww/q1cGU1V4okn1huP+wiRf7
z7qIvwYW7BSq2bal1lEeTFGlbPN5n/WiA8m44QIDAQABAoIBADMPaD1J8jGh2u6v
3k5wnTXcYiiwkp2WXzPVIH98ybtL9otZtmhHD59vt5f3IiK6+r4j/Ic4tW2zlIvH
8bBjZ/0ahzqeCcvTprwjddUHN0RUZX5H38ZFjz0vVrVxAACd8Aw9pCLto2lR13UV
FNRj2Cdmaqmz4jQ+VeV28Wlo8mRCJQnEXXr4P78lxPqaWYE8CTh+Xw7PdyaAaMTz
I1uZCVeNhaks9SABXdCU2vAgSS9OtDco3QAHbkOfJAhuxPDygDOBDXuD6Cjno246
ChND68PdTjTa3Itn9M0/KsaWQAwUQjp0chlp7I318ukGFGt4FI/2P5mbJy2gNLp/
0v8tQAECgYEA4jZJQKtK++14CJPj0GTjRs70JxbkLLvyE2OYzeimJTFhwg+e39uM
fiHbuUfX506VOLalsxJIgO0qvhFlvm3sWBPzIZREQjl5SYjeOcemV038cm/T8MxE
s0VtCceGQVENld9Zw3lJg5JYEkVbNVrnveUF8R0siZtRTPer4Eheh+ECgYEA1Exs
vdlQy9+PxiupgSKBHSYrsWAQ3F1DaNZTAafV2W7XAHV4dCoAXlXQst8wUKCwy2AG
JHE+uVmb5g9rVYTHwA5JvgO7gH41vdVjv2JpaoXNeziGf2o8150lRdxficTo24G4
wjL260lKCK80zYEnmN2mOlxepX6w+uBsPGwNUQECgYEAgw2QQrb6KhnZgJ6tTP4l
7c/YAw1wA7qe9DyvOhuepc2GJTeHg4leS3SyJxVIL+mG6eRm+ueMuaStLpBFsZ1d
X2mvYbTUFsnVSpTQqgjQhaPYrTO8RbUR2ApQsWm2jgC3LizHhEewH1mZTHyB6tdP
iuQ0HQwZ0V76Ku0R1k4W9gECgYBnOp4pllD2QUfMyZBLbXawsM3QGvE35dWQVZ7Z
ED4o0v+ShoxCl+XD+SBYybPZkLlGuvNhpvsj71GiBV9gnwbt+UScM35p1XTWULuG
5RhzJoqq3upvbD4XbZ8hIC4IdInxqlsnetabw/BO1rrrLmENsMFSYXXYLQlrg9K9
cqDrAQKBgBTzs/jwX3cVdc+lOxTqJ7FdSTJ+RAZx1oD9ZQxrnG+ELYAo964Xp3iO
XhDTthN+PkDoBlLi/fikyhMCHSZjmcHBP+E+XteRKs4Sm/Jfc+gKs8IYfrR7j1z2
jeo/Nc/CCyNnyPmZ3yRiDasCbZDZntrlLFlmfxjg3MvBKLZlTJVl
-----END RSA PRIVATE KEY-----
18 changes: 18 additions & 0 deletions t/cert/ca-client-server/client.cer
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC5jCCAc4CAQEwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UEAwwCY2EwIBcNMTcw
NTI3MjE0NjA4WhgPMjEwMTA0MjcyMTQ2MDhaMGMxCzAJBgNVBAYTAlVTMRMwEQYD
VQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRYwFAYDVQQK
DA1PcGVuUmVzdHkgSW5jMQ8wDQYDVQQDDAZjbGllbnQwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCyeiP+hYpqsoFsD6vQ5UT4CZOIg+vy15G8SacwMZOs
pOSnREYBtdZqmC64HV54chD2UQYnyBDbXZKd89//jAqCbwdadwKX9DtyLMTnZ7i5
xhYxkMRWKEKrPkFQwbLlNGXkJzhkwYlJ+JX8M/wbHTn+sg2r1/G2uY9bjp68kpcm
dKHqm6ue7qEFaNrnX7G2nfXuCWImWsO0OvpRaanHMVR3cChAb/kfB/NMhwAOZjCt
UrggbMaW5zPGFl8d86iMLLrDoM1nzzb4vm4T99blDJPiq5XarDIHe+F+vuhEKZyF
v1w83Z2L/dM5sgDdViptaxk8CHb7xSd+VvWi1DxKjyIpAgMBAAEwDQYJKoZIhvcN
AQELBQADggEBAEXHdn0CGB7Lb3IAgbIXAbxT/ffSRS0OlE6gpI2szFH1g6REsEvl
oghATvdlZ5qCO3YumBmv05fAV5kw6GC3cdl9EW7BM1eHQXihxnOrJKz0etCZHabY
zW8LtDywLa0oMgBO6ob4WofiJ/Axh6rCksOvC7OuquNVj7mYjmQnz/OvQJpq90LJ
EyQ5WAY4Qx8g12feJwsNj20Vv/c30X6sFA9PcRinyMmDZzMoRuYmu596O8FCTIoF
kdXiBCRGMtgySSZS+RNWICtat3JmnNau9Ku//4WFJ4i/SlJ+uMwaBqsIPrz6dPbo
7twC0LkAtMeAfrp07hn4aoBWXBFeUlsLNfo=
-----END CERTIFICATE-----
18 changes: 18 additions & 0 deletions t/cert/ca-client-server/client.crt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC5jCCAc4CAQEwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UEAwwCY2EwIBcNMTcw
NTI3MjE0NjA4WhgPMjEwMTA0MjcyMTQ2MDhaMGMxCzAJBgNVBAYTAlVTMRMwEQYD
VQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRYwFAYDVQQK
DA1PcGVuUmVzdHkgSW5jMQ8wDQYDVQQDDAZjbGllbnQwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCyeiP+hYpqsoFsD6vQ5UT4CZOIg+vy15G8SacwMZOs
pOSnREYBtdZqmC64HV54chD2UQYnyBDbXZKd89//jAqCbwdadwKX9DtyLMTnZ7i5
xhYxkMRWKEKrPkFQwbLlNGXkJzhkwYlJ+JX8M/wbHTn+sg2r1/G2uY9bjp68kpcm
dKHqm6ue7qEFaNrnX7G2nfXuCWImWsO0OvpRaanHMVR3cChAb/kfB/NMhwAOZjCt
UrggbMaW5zPGFl8d86iMLLrDoM1nzzb4vm4T99blDJPiq5XarDIHe+F+vuhEKZyF
v1w83Z2L/dM5sgDdViptaxk8CHb7xSd+VvWi1DxKjyIpAgMBAAEwDQYJKoZIhvcN
AQELBQADggEBAEXHdn0CGB7Lb3IAgbIXAbxT/ffSRS0OlE6gpI2szFH1g6REsEvl
oghATvdlZ5qCO3YumBmv05fAV5kw6GC3cdl9EW7BM1eHQXihxnOrJKz0etCZHabY
zW8LtDywLa0oMgBO6ob4WofiJ/Axh6rCksOvC7OuquNVj7mYjmQnz/OvQJpq90LJ
EyQ5WAY4Qx8g12feJwsNj20Vv/c30X6sFA9PcRinyMmDZzMoRuYmu596O8FCTIoF
kdXiBCRGMtgySSZS+RNWICtat3JmnNau9Ku//4WFJ4i/SlJ+uMwaBqsIPrz6dPbo
7twC0LkAtMeAfrp07hn4aoBWXBFeUlsLNfo=
-----END CERTIFICATE-----
Loading