2009-07-12 13:11:06 +02:00
|
|
|
-----BEGIN CERTIFICATE-----
|
2011-02-20 11:40:16 +01:00
|
|
|
MIIDQjCCAiqgAwIBAgIBCTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
|
Regenerate test client certificates with a PrintableString issuer
The test certificate used for clients in compat.sh, cert_sha256.crt,
had the issuer ON and CN encoded as UTF8String, but the corresponding
CA certificate test-ca_cat12.crt had them encoded as PrintableString.
The strings matched, which is sufficient according to RFC 5280 §7.1
and RFC 4518 §2.1. However, GnuTLS 3.4.10 requires the strings to have
the same encoding, so it did not accept that the certificate issued by
UTF8String "PolarSSL Test CA" was validly issued by the
PrintableString "PolarSSL Test CA" CA.
ebc1f40aa008f6a2ba42e7436e4596d8f780b612, merged via
https://github.com/ARMmbed/mbedtls/pull/1641 and released in Mbed TLS
2.14, updated these certificates.
4f928c0f374558ec352825061a399db7a37ca2fc merged, via
https://github.com/ARMmbed/mbedtls/pull/2418 fixed this in the 2.7 LTS
branch for the SHA-1 certificate which was used at the time. The
present commit applies the same fix for the SHA-256 certificate that
is now in use.
For uniformity, this commit regenerates all the cert_*.crt.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-21 19:09:34 +02:00
|
|
|
MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
|
2019-02-12 14:03:42 +01:00
|
|
|
MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G
|
Regenerate test client certificates with a PrintableString issuer
The test certificate used for clients in compat.sh, cert_sha256.crt,
had the issuer ON and CN encoded as UTF8String, but the corresponding
CA certificate test-ca_cat12.crt had them encoded as PrintableString.
The strings matched, which is sufficient according to RFC 5280 §7.1
and RFC 4518 §2.1. However, GnuTLS 3.4.10 requires the strings to have
the same encoding, so it did not accept that the certificate issued by
UTF8String "PolarSSL Test CA" was validly issued by the
PrintableString "PolarSSL Test CA" CA.
ebc1f40aa008f6a2ba42e7436e4596d8f780b612, merged via
https://github.com/ARMmbed/mbedtls/pull/1641 and released in Mbed TLS
2.14, updated these certificates.
4f928c0f374558ec352825061a399db7a37ca2fc merged, via
https://github.com/ARMmbed/mbedtls/pull/2418 fixed this in the 2.7 LTS
branch for the SHA-1 certificate which was used at the time. The
present commit applies the same fix for the SHA-256 certificate that
is now in use.
For uniformity, this commit regenerates all the cert_*.crt.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-21 19:09:34 +02:00
|
|
|
A1UEChMIUG9sYXJTU0wxHTAbBgNVBAMTFFBvbGFyU1NMIENlcnQgU0hBMjU2MIIB
|
2019-02-12 14:03:42 +01:00
|
|
|
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh
|
|
|
|
|
Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq
|
|
|
|
|
1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht
|
|
|
|
|
gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l
|
|
|
|
|
LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu
|
|
|
|
|
pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID
|
|
|
|
|
AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC
|
|
|
|
|
pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsF
|
Regenerate test client certificates with a PrintableString issuer
The test certificate used for clients in compat.sh, cert_sha256.crt,
had the issuer ON and CN encoded as UTF8String, but the corresponding
CA certificate test-ca_cat12.crt had them encoded as PrintableString.
The strings matched, which is sufficient according to RFC 5280 §7.1
and RFC 4518 §2.1. However, GnuTLS 3.4.10 requires the strings to have
the same encoding, so it did not accept that the certificate issued by
UTF8String "PolarSSL Test CA" was validly issued by the
PrintableString "PolarSSL Test CA" CA.
ebc1f40aa008f6a2ba42e7436e4596d8f780b612, merged via
https://github.com/ARMmbed/mbedtls/pull/1641 and released in Mbed TLS
2.14, updated these certificates.
4f928c0f374558ec352825061a399db7a37ca2fc merged, via
https://github.com/ARMmbed/mbedtls/pull/2418 fixed this in the 2.7 LTS
branch for the SHA-1 certificate which was used at the time. The
present commit applies the same fix for the SHA-256 certificate that
is now in use.
For uniformity, this commit regenerates all the cert_*.crt.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-21 19:09:34 +02:00
|
|
|
AAOCAQEAPT4SOxVXMQ4NFxxh8qD8xRef6ku9QxpSSuUiiLOxzPTRn+t2fTP4GMRJ
|
|
|
|
|
3cjmdU+oHBd+Qoj4zwrnmCgi3ym8rMvGWGHKiRyrCwejb/cnm9EtzK88nqiot55+
|
|
|
|
|
oDpdCnuQZhVF5gfwR7nH1qbgQfnshKlBzYTQq+mC/s99mWV4fGDlmriuj9+rbHLA
|
|
|
|
|
s+ZPwb0WmLf9lynbZwdK9m+rOnJJV2b00r7vW8z4IAhExuwjeQULSt0wJvz4rV/M
|
|
|
|
|
DAJZoytApGjS5EzVFF0KiElPgwgkXJvKefMW80wL0JDaayX6+OmEFNnkQ98Tvhdq
|
|
|
|
|
veKLS/v6TyMOZ8CxaCmSEWqlvXhz3Q==
|
2009-07-12 13:11:06 +02:00
|
|
|
-----END CERTIFICATE-----
|