diff --git a/bin/create_certificates.sh b/bin/create_certificates.sh index 8e4c1563db..c0a96a7b39 100644 --- a/bin/create_certificates.sh +++ b/bin/create_certificates.sh @@ -34,6 +34,7 @@ # Create directories CERT_DIR=$1 OPEN_SSL_CONF=$2 # etc/certificates/openssl.cnf +VALIDITY_DAYS=${3:-18250} # defaults to 50 years echo $CERT_DIR @@ -52,7 +53,12 @@ echo "Create the CA's private and public keypair (2k long)" openssl genrsa -passout pass:foobar -des3 -out private/cakey.pem 2048 echo "You will be asked to enter some information about the certificate." -openssl req -x509 -passin pass:foobar -new -nodes -key private/cakey.pem -config $OPEN_SSL_CONF -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" -out ca_01.pem +openssl req -x509 -passin pass:foobar -new -nodes -key private/cakey.pem \ + -config $OPEN_SSL_CONF \ + -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" \ + -days $VALIDITY_DAYS \ + -out ca_01.pem + echo "Here is the certificate" openssl x509 -in ca_01.pem -text -noout @@ -66,7 +72,8 @@ openssl req \ -out client.csr echo "Sign request" -openssl ca -passin pass:foobar -config $OPEN_SSL_CONF -in client.csr -out client-.pem -batch +openssl ca -passin pass:foobar -config $OPEN_SSL_CONF -in client.csr \ + -days $VALIDITY_DAYS -out client-.pem -batch echo "Generate single pem client.pem" cat client-.pem client.key > client.pem diff --git a/devstack/pregenerated/certs/ca_01.pem b/devstack/pregenerated/certs/ca_01.pem index 35db01dff7..0b9e837abf 100644 --- a/devstack/pregenerated/certs/ca_01.pem +++ b/devstack/pregenerated/certs/ca_01.pem @@ -1,21 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDizCCAnOgAwIBAgIJAMtqzvqga9IyMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV +MIIDjTCCAnWgAwIBAgIJAPJtDNgcwPTZMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV BAYTAlVTMQ8wDQYDVQQIDAZEZW5pYWwxFDASBgNVBAcMC1NwcmluZ2ZpZWxkMQww -CgYDVQQKDANEaXMxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTAeFw0xNjA1MjUx -MzM0MjdaFw0xNjA2MjQxMzM0MjdaMFwxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZE -ZW5pYWwxFDASBgNVBAcMC1NwcmluZ2ZpZWxkMQwwCgYDVQQKDANEaXMxGDAWBgNV -BAMMD3d3dy5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBALlFd2FrPrYAAFjCvlfYPVuqdY4j+CngnvE7coWWGwjdbXfBrKDCN/XdhRYn -RD1Ozn1pgvYSDVFB/8LBR3B165nTvOWWP22E9xgKNHZU2obqI+5fqB7Klffq5u7w -01cUug7QY+j5qvFWUFpsHlgZ+UNaGSAqwOvg32s6V80uFz2TzHusK4mTMHYa/UV3 -/UUa3x09h1W26LRrrjF/u/ExEg+ucHYG4/1NXzN8sCLAsMg5obICC4v1J4kBinQX -M61xI/Ot1Bl3AJg+Vji/i9ZeTHOx7+eRFW+9mUDkhg8nIHFqwOc1sluzb7Ikzc7o -nWD2w3935psJEFxd50EbKjeHix8CAwEAAaNQME4wHQYDVR0OBBYEFKT3l2MZCElP -XzX/LYEYQNKRR2PiMB8GA1UdIwQYMBaAFKT3l2MZCElPXzX/LYEYQNKRR2PiMAwG -A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAH/HZ87QIHCzCB2W6hibJtP9 -SzRun0p+1au/lJFoecOzYnpO6TZxdg/Ng7JCtpQCn53oPRDbNIjHGlDZSsguJDwc -WhGnlyoJmtBfIUlwxAfx7WJF6odQCYF7fJdH61i/v8S3EXsay7JT1zGTUp44MNsO -9AuZRTHqwTtKa3MmnyEOIThZ1JDrodAbp6tXZ9P9OIHh1j8KOXUDw4k64YgAbmxK -iW9sFd8MNPAhy/7rRpYEBjO2Y/LcJGuzUZ/7S6o6whvuzzxLylqeFT5QvS8xs5Ic -gWQRftlg8F7snKNxheM5uGFAED3Zxaep9EBftif8NCi9Hsiv33pBYE3nozjZnwA= +CgYDVQQKDANEaXMxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTAgFw0xNjEwMTQx +MzQzNDJaGA8yMDY2MTAwMjEzNDM0MlowXDELMAkGA1UEBhMCVVMxDzANBgNVBAgM +BkRlbmlhbDEUMBIGA1UEBwwLU3ByaW5nZmllbGQxDDAKBgNVBAoMA0RpczEYMBYG +A1UEAwwPd3d3LmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAxptZMcFHFsCXWUxWNOkXXARCvAkZ7MeXDAyKzadWup9Trzn3qdz1h6+e +VbPBYTiJeuvX7RWpfN3lhFqy9Y+Fu0ip98zZE7ZjbvUx13BQBkXiJpqsYIoD6IK1 +Lh4J9Exllzy7bTQ0f/IX1yrRztXkpRM5KvcbfUrGAMEy4SW6Idc6ZI+lwxvVIhqZ +KXAyTBg4f8hMhPO5RYFyaxS2PdNDaTLrvb1aDiuYLqcpDcr4/0YSg0iejklMHovC +oLK/uEFgRGYDSX+Os1CUdtnVzLpkFHZtomtEB0kUug4lZpGQckappLq+dWNTu43O +tJzbEa9lpYT8P/nie94tBQYx5+HgSwIDAQABo1AwTjAdBgNVHQ4EFgQUBpJ+Zoky +aGdQtMu9NzcoqOPc+yMwHwYDVR0jBBgwFoAUBpJ+ZokyaGdQtMu9NzcoqOPc+yMw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAJe8mlfQ69kyrIuIdbTtg +Kl7ndj7MGQnmNfxytBB5gqUFwswEPKs4VTp3Pp+EStJZxJ8qeeG9B+g3oU3Rhpqc +CDhIyCW8shE2ACKLl0zRRk91LDyXASI4UyvjgN71Ti91VZ3oPVvTIefG6CMeI9oD +Spl6TbPzCOl2rFrTWmdwM3qIVpmhGntdWnA6btga6Fz7dRwUPwycJyhzfLmnjRlQ +3+QxmF2T5iIYw4B1Lsiz1uy27egMuq2M4Hvd2pSGhCB9l/3ZmEXvbF1aFVcnoEHH +/aHqOCx2fQTty1M+qnvofs1dNJlyyxq2LuE4r4wocSTRVfexaichhtsSkjQJ60w1 +VA== -----END CERTIFICATE----- diff --git a/devstack/pregenerated/certs/client.key b/devstack/pregenerated/certs/client.key index b83e55aa3e..b0649b6a0c 100644 --- a/devstack/pregenerated/certs/client.key +++ b/devstack/pregenerated/certs/client.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDemtEammVhI/N6 -kclRrnzxSF7TQdbf6bbpwsKxhEcwgo4Wda9mPab52rz54LabNTQEmT1KoJyeKIOP -9+JTyikOMItfPSc5d16UouVRzXi9OdPDHGvOk30PntIZ6F6bYS4cD8YI4aSN7EUy -+Jw6Bjwkj1rOVXhdgEwFPLGdzpBp8Dvmax7jSGEkZWXTNr+DGMSJ1xiq5Ba7b3V0 -jyYG3d6x3B1FENoDN5BDEtBvepXjdcMPwFK7WkkDbRSuLhFDIBNaB+/qc54f7Bm8 -NIrntfBhmyQ/YaNFr1KtGMl3vj4gRd4pd5BKr7KxLi3HCXKyykzeTcY1ZFyA4DjM -DTUR0lK/AgMBAAECggEBANc77CkD1jhZsYb2xSg0RVxqtD0hsOipqxFVHjjUBJ1T -7pyqx6BcxkFZjVUyQH3LsHMt08R/jU+jLqoabPzFQHMW3vuEPpPi5lFjO8WfnTmh -Wy6RIXAIzWg4ET+5nRgxm4rIeZuGyTvsknAZT70O4EIdVhihLZOChH6f08EYxCuY -rj3AlgrCu/YDZBe2eZlqqTWP/nEdB3ZfXjFXaS9EUuLAdQRqK1zapa++FE6pvuLZ -8apSrCWnP/q5d7vxg41E5Gv15Yv313W5b3kXiFpFL+WsLez8sQgkL+8rd6adyqE7 -hDHQV1IXck3D9ZTYCOZFn7YuLsd1seBtB+Dlxld3NGECgYEA7+gX3/8bQloo7xCn -bGK0dq1c9+L5CZ9hVoYZdFJWyUYxpWN8+G8tznE718nvbvLTj6v8UOQMRTo6L9Ib -nH22LccWSwaLWh43bQZC14s9QKrvSfDZJCkPKkym/Xq4FqUXJCggNewf3QLBuTZq -6Yd80sIie1JMCEgmdtfYinU1I+8CgYEA7YmZcNX+LEz1r/1Xzm0toP2UZEzhHVg0 -7ziDhlyduybFZ1NwZzU2Ude06gsST4sNt9Sf4k/X5mhPjCw/gwRUhcmFwD3HU35a -48wl0X302pL0J0mZEHdUcc9CSaOIfH5xMsU2Xb/DoR/qyI1pwTr70Dfun+jRV27Q -HRA3Vf1mrjECgYEAryz78fWnA+YtqZKxjbTtLRMdpWu4iMw2GSXGBGfzMvjsW2Wv -5P/ZpLqOBd1P1eW9kVT14mMCirIftrdmrfglRHvwzUu0CVOzCQrfV+A2E7g9DfKt -u3e3uR1Leh9XuEFICoC6NGV8RrcymXkgy/DAtmxHHWFUX1+/pluppEA9U0UCgYEA -qzs0xDVOq4qy1THQeTsU2GfT79XHtYqfZg8cKOBcx8u0I77vWUbvqGHRxaFDitmX -gvwgYVjjLvHk3gwLoJuffm3+H82pAZQlWu8QGAsvVdz3adbRIyCSXBRnGYRsYCoZ -2dp2TXBuSpkie34NTUECw19+ggGn3to/5aOJ8E/iFBECgYAD9uaFgW6YNdTHB9k2 -3Rm09i23gw1H0AkFmBbR4iu8X1oCeptZRaodgQue6JuY0rN/RMe7HZWHG6SD+7Sk -oN2lS/ASqvF3Ams3pkGveU/i9OGMpXjWv2Vrd/FOl+BKaKU1kwNp32vuIvvoycuH -+B8mcRkAmzXpfTFeA6+jslAN/g== +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDTVy+pO8vjce/b +QvCvyFiVOWWTSNfAcdtrEZU8kgH61jLtg1Omtz/x9LplQvC2U2lIlAiuLPWAUyTg +mDEhdOP178h3doCJAlKfnWnwseWDVW/s3arnkgnRoRfkzEJpE4JCPHHi1OgiX7F0 +ySwxCnBcQvd30eF2g4/xogYgVePq+mVcg4l+MiCLRSpRCzTx9XcVe/zwbeQ0fVSO +ivMKpvF/1mUrs++CFzGX9HFfZ9eAEdVDgi8PTjlJRQyojhopek6/lMivQi+fu+lD +GPOmmujIrevfLJT+K6dgJ/y4GjwubvNgUecMU3DeiLZtbGohFwoX0+WU/BN5M49t +54m3Zn4pAgMBAAECggEAZu5MwUDlYaZJauHkdci/FBa7WQueQRVzB2et5q06F6Ah +d7qBkG4pz78g1VbQBA0F9xpaS/KLs29LQ7P8Ic5bhJm/aiemHJSsBx9UzKzoGpoP +BC9GILjo3Vd3WrD9G04sH/Ruh0qosK0osbeVNWFfLiBThOEMzXrwLYB7OV57viJI +4YAXGOzOgK3aMHF8cYRRgTDIi2dGAMH1EyIIB8gKYlp1PdMmaTOk2LBhechuImRX +4LgvM1fUdJ7utyQKEXMJEg+wzV9BMlX6nvM3vVWdYZy2Hsu9DDyJUFYQk9cDpXNP +RF4jjLUtz6gEZOlotOQgPWqLANJrt/BdVfyeA97psQKBgQD7SeNlQd2bu8GfH0vB +mjzSWmJ3nDnpeaUR9MIYVQ6zNlvYPjM2BMVQtE5+VWK15YOjD5L9SoresNKubrSv +wzNFeqf6Dvq7zJ+6Rkst7GcRV/P3D4C3ZeKeDNjVm4eMRCa5ttIJlLmfqffeLO9M +RSanNjnjwWENgsXCCvlVBfc9ZQKBgQDXTY8X9ug9xVlqBR4TMfzXBadzP+nDqYd9 +MkH3tEltLba0vP4vKyjQa8A9FMzSRr9bv13mNpAbFEDGnhzv1l5OlHTM6tG//Rxq +nnhmFLFWZl8WowP0LiPTafrDjGEX/7iDAJjAtSacBBm6EGaM8igWEQT0WXwsQbTw +rlRolJ5DdQKBgQDgMBJ80x+IAiGC+iPXLOjYbqTsu2d7YfigJXJIzRHZV0Tnjs6X +gfgbwVFKKplvWL1xa8Ki0a9FcBH2Z3QyXv9OHFjiohyWEb/rKy2FYiSt938Dy0P1 +2yMsCKAnKqPqwx6dj3qh65sT1Er8X7B6pjMO+TT6ehtBN4uBS9MYRMNIdQKBgQDU +6UztTOzDUSqn7mGcZ916IYxDK1wXcsmapB2aQD4wanl4aEEREiQtX7DednhKJU5N +A4RvCVweezvHbkp9Xscp/CM5FanQqxPz17yGbkYkg93au+BIE2y4P+CMioDlw6uK +WQe14i5JMMDkQB25mirMD46PuQJTnbK6JBsyxG1xlQKBgGtcSY0AyVq00p0kkxNm +KhzI+17T0j0CuczJ/X+NvCUjLsx3NTJatRkJNYHWG7jUqs1vvtZbHVspQeteMlEi +rNE/xz98iG2eC8AdW+TmZvySmIZgoAoPuopUvBzRiyfLQVh4pPuikbTDghEn+CSG +WSyOd/I4JsH4xQFJC89nnm5M -----END PRIVATE KEY----- diff --git a/devstack/pregenerated/certs/client.pem b/devstack/pregenerated/certs/client.pem index a7203c4d40..13696aa718 100644 --- a/devstack/pregenerated/certs/client.pem +++ b/devstack/pregenerated/certs/client.pem @@ -5,31 +5,31 @@ Certificate: Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, ST=Denial, L=Springfield, O=Dis, CN=www.example.com Validity - Not Before: May 25 13:34:27 2016 GMT - Not After : May 23 13:34:27 2026 GMT + Not Before: Oct 14 13:43:42 2016 GMT + Not After : Oct 2 13:43:42 2066 GMT Subject: C=US, ST=Denial, O=Dis, CN=www.example.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: - 00:de:9a:d1:1a:9a:65:61:23:f3:7a:91:c9:51:ae: - 7c:f1:48:5e:d3:41:d6:df:e9:b6:e9:c2:c2:b1:84: - 47:30:82:8e:16:75:af:66:3d:a6:f9:da:bc:f9:e0: - b6:9b:35:34:04:99:3d:4a:a0:9c:9e:28:83:8f:f7: - e2:53:ca:29:0e:30:8b:5f:3d:27:39:77:5e:94:a2: - e5:51:cd:78:bd:39:d3:c3:1c:6b:ce:93:7d:0f:9e: - d2:19:e8:5e:9b:61:2e:1c:0f:c6:08:e1:a4:8d:ec: - 45:32:f8:9c:3a:06:3c:24:8f:5a:ce:55:78:5d:80: - 4c:05:3c:b1:9d:ce:90:69:f0:3b:e6:6b:1e:e3:48: - 61:24:65:65:d3:36:bf:83:18:c4:89:d7:18:aa:e4: - 16:bb:6f:75:74:8f:26:06:dd:de:b1:dc:1d:45:10: - da:03:37:90:43:12:d0:6f:7a:95:e3:75:c3:0f:c0: - 52:bb:5a:49:03:6d:14:ae:2e:11:43:20:13:5a:07: - ef:ea:73:9e:1f:ec:19:bc:34:8a:e7:b5:f0:61:9b: - 24:3f:61:a3:45:af:52:ad:18:c9:77:be:3e:20:45: - de:29:77:90:4a:af:b2:b1:2e:2d:c7:09:72:b2:ca: - 4c:de:4d:c6:35:64:5c:80:e0:38:cc:0d:35:11:d2: - 52:bf + 00:d3:57:2f:a9:3b:cb:e3:71:ef:db:42:f0:af:c8: + 58:95:39:65:93:48:d7:c0:71:db:6b:11:95:3c:92: + 01:fa:d6:32:ed:83:53:a6:b7:3f:f1:f4:ba:65:42: + f0:b6:53:69:48:94:08:ae:2c:f5:80:53:24:e0:98: + 31:21:74:e3:f5:ef:c8:77:76:80:89:02:52:9f:9d: + 69:f0:b1:e5:83:55:6f:ec:dd:aa:e7:92:09:d1:a1: + 17:e4:cc:42:69:13:82:42:3c:71:e2:d4:e8:22:5f: + b1:74:c9:2c:31:0a:70:5c:42:f7:77:d1:e1:76:83: + 8f:f1:a2:06:20:55:e3:ea:fa:65:5c:83:89:7e:32: + 20:8b:45:2a:51:0b:34:f1:f5:77:15:7b:fc:f0:6d: + e4:34:7d:54:8e:8a:f3:0a:a6:f1:7f:d6:65:2b:b3: + ef:82:17:31:97:f4:71:5f:67:d7:80:11:d5:43:82: + 2f:0f:4e:39:49:45:0c:a8:8e:1a:29:7a:4e:bf:94: + c8:af:42:2f:9f:bb:e9:43:18:f3:a6:9a:e8:c8:ad: + eb:df:2c:94:fe:2b:a7:60:27:fc:b8:1a:3c:2e:6e: + f3:60:51:e7:0c:53:70:de:88:b6:6d:6c:6a:21:17: + 0a:17:d3:e5:94:fc:13:79:33:8f:6d:e7:89:b7:66: + 7e:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -37,73 +37,73 @@ Certificate: Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: - B8:68:01:F4:21:7E:27:2F:9A:E6:5F:9E:1F:C4:F5:1E:FF:4D:39:86 + 73:7C:07:15:F5:CD:48:57:D5:D2:79:DF:0E:C4:E8:7A:29:1F:03:16 X509v3 Authority Key Identifier: - keyid:A4:F7:97:63:19:08:49:4F:5F:35:FF:2D:81:18:40:D2:91:47:63:E2 + keyid:06:92:7E:66:89:32:68:67:50:B4:CB:BD:37:37:28:A8:E3:DC:FB:23 Signature Algorithm: sha256WithRSAEncryption - 5b:46:32:11:5e:b6:68:bf:2b:50:8b:60:0f:70:27:08:21:cd: - 6b:ce:ec:a2:17:b2:e0:2d:43:1a:ee:b2:c9:e9:ea:87:a4:7a: - a3:4b:89:0c:63:9c:02:3c:9a:a4:96:28:b0:ba:72:34:17:5c: - 2f:e2:1a:83:a0:de:c5:da:14:5e:5c:db:7d:ef:24:0c:dd:1b: - 7c:26:6f:a7:b1:fb:22:1b:4e:2f:d6:0e:bd:15:73:6d:12:23: - 2e:9d:d6:78:4d:8d:21:9f:b2:c9:d0:42:92:5d:5c:09:bf:ca: - 63:e8:eb:58:d4:fe:f7:4a:05:69:ab:8d:34:aa:cf:dc:e9:89: - 80:9c:43:35:51:81:76:a3:f4:c6:db:99:71:d6:21:d1:ce:a7: - f2:2f:f6:38:40:84:0c:de:04:bc:43:9d:37:32:2b:12:c5:9e: - 33:1b:da:d5:db:f5:00:19:fa:66:6a:2f:7c:3e:33:33:dc:9d: - 6d:33:e3:51:e1:14:6d:f7:dd:a7:3f:cd:80:4f:6e:2f:a9:70: - 48:99:76:58:2a:a6:2d:66:ee:98:08:f4:b8:14:e8:f4:a9:66: - 5c:e6:c4:d5:c6:48:05:16:30:54:51:ca:7e:ce:3e:f2:d0:06: - 90:43:1f:4f:99:c2:07:79:50:01:81:7c:2b:09:8a:55:ef:4c: - a4:25:ba:2a + be:89:f1:3e:5e:3b:72:80:96:8b:74:d5:1d:06:14:02:d9:35: + b5:41:ed:6e:43:c1:d6:b9:1d:07:08:4e:c6:93:d0:a2:b8:93: + 81:71:34:d1:a8:f5:1d:d5:48:6f:14:af:14:65:69:1b:4e:9f: + 87:25:a2:62:fa:99:fd:c1:e6:ce:fb:87:44:38:b7:8b:c7:1d: + 88:0e:61:2f:14:d8:61:b2:bd:01:b5:a6:6c:11:76:b6:57:a1: + 03:cb:6a:8e:dc:97:25:33:75:49:a9:44:d7:08:6c:3d:ae:2e: + fe:4e:69:47:c1:3b:43:6a:fe:89:10:9f:3a:7f:7b:28:61:3b: + 4a:62:bb:c3:7f:01:7b:90:e1:38:e2:83:b4:c1:4f:ac:5a:12: + 9b:5e:4b:64:9e:50:d8:6f:79:7f:8f:f1:4e:4b:eb:9e:0e:b7: + 64:36:9c:cf:bc:7c:bd:a4:1e:37:a6:5f:2e:b1:24:88:50:cc: + 68:91:95:b8:9e:2a:00:5a:fb:28:eb:a1:9b:4f:54:cd:01:d3: + 90:34:b4:5d:aa:db:2e:90:37:0b:a6:8c:3c:80:43:c2:88:2d: + 00:b1:a1:5d:fe:4e:98:02:57:5f:fb:fc:78:7d:59:04:96:9c: + 2a:1a:be:ca:5b:87:2b:66:bc:55:6f:14:dd:85:e1:b5:4b:6f: + f7:c7:dd:eb -----BEGIN CERTIFICATE----- -MIIDmDCCAoCgAwIBAgIBATANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJVUzEP +MIIDmjCCAoKgAwIBAgIBATANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJVUzEP MA0GA1UECAwGRGVuaWFsMRQwEgYDVQQHDAtTcHJpbmdmaWVsZDEMMAoGA1UECgwD -RGlzMRgwFgYDVQQDDA93d3cuZXhhbXBsZS5jb20wHhcNMTYwNTI1MTMzNDI3WhcN -MjYwNTIzMTMzNDI3WjBGMQswCQYDVQQGEwJVUzEPMA0GA1UECAwGRGVuaWFsMQww -CgYDVQQKDANEaXMxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAN6a0RqaZWEj83qRyVGufPFIXtNB1t/ptunC -wrGERzCCjhZ1r2Y9pvnavPngtps1NASZPUqgnJ4og4/34lPKKQ4wi189Jzl3XpSi -5VHNeL0508Mca86TfQ+e0hnoXpthLhwPxgjhpI3sRTL4nDoGPCSPWs5VeF2ATAU8 -sZ3OkGnwO+ZrHuNIYSRlZdM2v4MYxInXGKrkFrtvdXSPJgbd3rHcHUUQ2gM3kEMS -0G96leN1ww/AUrtaSQNtFK4uEUMgE1oH7+pznh/sGbw0iue18GGbJD9ho0WvUq0Y -yXe+PiBF3il3kEqvsrEuLccJcrLKTN5NxjVkXIDgOMwNNRHSUr8CAwEAAaN7MHkw -CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2Vy -dGlmaWNhdGUwHQYDVR0OBBYEFLhoAfQhficvmuZfnh/E9R7/TTmGMB8GA1UdIwQY -MBaAFKT3l2MZCElPXzX/LYEYQNKRR2PiMA0GCSqGSIb3DQEBCwUAA4IBAQBbRjIR -XrZovytQi2APcCcIIc1rzuyiF7LgLUMa7rLJ6eqHpHqjS4kMY5wCPJqkliiwunI0 -F1wv4hqDoN7F2hReXNt97yQM3Rt8Jm+nsfsiG04v1g69FXNtEiMundZ4TY0hn7LJ -0EKSXVwJv8pj6OtY1P73SgVpq400qs/c6YmAnEM1UYF2o/TG25lx1iHRzqfyL/Y4 -QIQM3gS8Q503MisSxZ4zG9rV2/UAGfpmai98PjMz3J1tM+NR4RRt992nP82AT24v -qXBImXZYKqYtZu6YCPS4FOj0qWZc5sTVxkgFFjBUUcp+zj7y0AaQQx9PmcIHeVAB -gXwrCYpV70ykJboq +RGlzMRgwFgYDVQQDDA93d3cuZXhhbXBsZS5jb20wIBcNMTYxMDE0MTM0MzQyWhgP +MjA2NjEwMDIxMzQzNDJaMEYxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZEZW5pYWwx +DDAKBgNVBAoMA0RpczEYMBYGA1UEAwwPd3d3LmV4YW1wbGUuY29tMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01cvqTvL43Hv20Lwr8hYlTllk0jXwHHb +axGVPJIB+tYy7YNTprc/8fS6ZULwtlNpSJQIriz1gFMk4JgxIXTj9e/Id3aAiQJS +n51p8LHlg1Vv7N2q55IJ0aEX5MxCaROCQjxx4tToIl+xdMksMQpwXEL3d9HhdoOP +8aIGIFXj6vplXIOJfjIgi0UqUQs08fV3FXv88G3kNH1UjorzCqbxf9ZlK7Pvghcx +l/RxX2fXgBHVQ4IvD045SUUMqI4aKXpOv5TIr0Ivn7vpQxjzpproyK3r3yyU/iun +YCf8uBo8Lm7zYFHnDFNw3oi2bWxqIRcKF9PllPwTeTOPbeeJt2Z+KQIDAQABo3sw +eTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBD +ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUc3wHFfXNSFfV0nnfDsToeikfAxYwHwYDVR0j +BBgwFoAUBpJ+ZokyaGdQtMu9NzcoqOPc+yMwDQYJKoZIhvcNAQELBQADggEBAL6J +8T5eO3KAlot01R0GFALZNbVB7W5Dwda5HQcITsaT0KK4k4FxNNGo9R3VSG8UrxRl +aRtOn4clomL6mf3B5s77h0Q4t4vHHYgOYS8U2GGyvQG1pmwRdrZXoQPLao7clyUz +dUmpRNcIbD2uLv5OaUfBO0Nq/okQnzp/eyhhO0piu8N/AXuQ4Tjig7TBT6xaEpte +S2SeUNhveX+P8U5L654Ot2Q2nM+8fL2kHjemXy6xJIhQzGiRlbieKgBa+yjroZtP +VM0B05A0tF2q2y6QNwumjDyAQ8KILQCxoV3+TpgCV1/7/Hh9WQSWnCoavspbhytm +vFVvFN2F4bVLb/fH3es= -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDemtEammVhI/N6 -kclRrnzxSF7TQdbf6bbpwsKxhEcwgo4Wda9mPab52rz54LabNTQEmT1KoJyeKIOP -9+JTyikOMItfPSc5d16UouVRzXi9OdPDHGvOk30PntIZ6F6bYS4cD8YI4aSN7EUy -+Jw6Bjwkj1rOVXhdgEwFPLGdzpBp8Dvmax7jSGEkZWXTNr+DGMSJ1xiq5Ba7b3V0 -jyYG3d6x3B1FENoDN5BDEtBvepXjdcMPwFK7WkkDbRSuLhFDIBNaB+/qc54f7Bm8 -NIrntfBhmyQ/YaNFr1KtGMl3vj4gRd4pd5BKr7KxLi3HCXKyykzeTcY1ZFyA4DjM -DTUR0lK/AgMBAAECggEBANc77CkD1jhZsYb2xSg0RVxqtD0hsOipqxFVHjjUBJ1T -7pyqx6BcxkFZjVUyQH3LsHMt08R/jU+jLqoabPzFQHMW3vuEPpPi5lFjO8WfnTmh -Wy6RIXAIzWg4ET+5nRgxm4rIeZuGyTvsknAZT70O4EIdVhihLZOChH6f08EYxCuY -rj3AlgrCu/YDZBe2eZlqqTWP/nEdB3ZfXjFXaS9EUuLAdQRqK1zapa++FE6pvuLZ -8apSrCWnP/q5d7vxg41E5Gv15Yv313W5b3kXiFpFL+WsLez8sQgkL+8rd6adyqE7 -hDHQV1IXck3D9ZTYCOZFn7YuLsd1seBtB+Dlxld3NGECgYEA7+gX3/8bQloo7xCn -bGK0dq1c9+L5CZ9hVoYZdFJWyUYxpWN8+G8tznE718nvbvLTj6v8UOQMRTo6L9Ib -nH22LccWSwaLWh43bQZC14s9QKrvSfDZJCkPKkym/Xq4FqUXJCggNewf3QLBuTZq -6Yd80sIie1JMCEgmdtfYinU1I+8CgYEA7YmZcNX+LEz1r/1Xzm0toP2UZEzhHVg0 -7ziDhlyduybFZ1NwZzU2Ude06gsST4sNt9Sf4k/X5mhPjCw/gwRUhcmFwD3HU35a -48wl0X302pL0J0mZEHdUcc9CSaOIfH5xMsU2Xb/DoR/qyI1pwTr70Dfun+jRV27Q -HRA3Vf1mrjECgYEAryz78fWnA+YtqZKxjbTtLRMdpWu4iMw2GSXGBGfzMvjsW2Wv -5P/ZpLqOBd1P1eW9kVT14mMCirIftrdmrfglRHvwzUu0CVOzCQrfV+A2E7g9DfKt -u3e3uR1Leh9XuEFICoC6NGV8RrcymXkgy/DAtmxHHWFUX1+/pluppEA9U0UCgYEA -qzs0xDVOq4qy1THQeTsU2GfT79XHtYqfZg8cKOBcx8u0I77vWUbvqGHRxaFDitmX -gvwgYVjjLvHk3gwLoJuffm3+H82pAZQlWu8QGAsvVdz3adbRIyCSXBRnGYRsYCoZ -2dp2TXBuSpkie34NTUECw19+ggGn3to/5aOJ8E/iFBECgYAD9uaFgW6YNdTHB9k2 -3Rm09i23gw1H0AkFmBbR4iu8X1oCeptZRaodgQue6JuY0rN/RMe7HZWHG6SD+7Sk -oN2lS/ASqvF3Ams3pkGveU/i9OGMpXjWv2Vrd/FOl+BKaKU1kwNp32vuIvvoycuH -+B8mcRkAmzXpfTFeA6+jslAN/g== +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDTVy+pO8vjce/b +QvCvyFiVOWWTSNfAcdtrEZU8kgH61jLtg1Omtz/x9LplQvC2U2lIlAiuLPWAUyTg +mDEhdOP178h3doCJAlKfnWnwseWDVW/s3arnkgnRoRfkzEJpE4JCPHHi1OgiX7F0 +ySwxCnBcQvd30eF2g4/xogYgVePq+mVcg4l+MiCLRSpRCzTx9XcVe/zwbeQ0fVSO +ivMKpvF/1mUrs++CFzGX9HFfZ9eAEdVDgi8PTjlJRQyojhopek6/lMivQi+fu+lD +GPOmmujIrevfLJT+K6dgJ/y4GjwubvNgUecMU3DeiLZtbGohFwoX0+WU/BN5M49t +54m3Zn4pAgMBAAECggEAZu5MwUDlYaZJauHkdci/FBa7WQueQRVzB2et5q06F6Ah +d7qBkG4pz78g1VbQBA0F9xpaS/KLs29LQ7P8Ic5bhJm/aiemHJSsBx9UzKzoGpoP +BC9GILjo3Vd3WrD9G04sH/Ruh0qosK0osbeVNWFfLiBThOEMzXrwLYB7OV57viJI +4YAXGOzOgK3aMHF8cYRRgTDIi2dGAMH1EyIIB8gKYlp1PdMmaTOk2LBhechuImRX +4LgvM1fUdJ7utyQKEXMJEg+wzV9BMlX6nvM3vVWdYZy2Hsu9DDyJUFYQk9cDpXNP +RF4jjLUtz6gEZOlotOQgPWqLANJrt/BdVfyeA97psQKBgQD7SeNlQd2bu8GfH0vB +mjzSWmJ3nDnpeaUR9MIYVQ6zNlvYPjM2BMVQtE5+VWK15YOjD5L9SoresNKubrSv +wzNFeqf6Dvq7zJ+6Rkst7GcRV/P3D4C3ZeKeDNjVm4eMRCa5ttIJlLmfqffeLO9M +RSanNjnjwWENgsXCCvlVBfc9ZQKBgQDXTY8X9ug9xVlqBR4TMfzXBadzP+nDqYd9 +MkH3tEltLba0vP4vKyjQa8A9FMzSRr9bv13mNpAbFEDGnhzv1l5OlHTM6tG//Rxq +nnhmFLFWZl8WowP0LiPTafrDjGEX/7iDAJjAtSacBBm6EGaM8igWEQT0WXwsQbTw +rlRolJ5DdQKBgQDgMBJ80x+IAiGC+iPXLOjYbqTsu2d7YfigJXJIzRHZV0Tnjs6X +gfgbwVFKKplvWL1xa8Ki0a9FcBH2Z3QyXv9OHFjiohyWEb/rKy2FYiSt938Dy0P1 +2yMsCKAnKqPqwx6dj3qh65sT1Er8X7B6pjMO+TT6ehtBN4uBS9MYRMNIdQKBgQDU +6UztTOzDUSqn7mGcZ916IYxDK1wXcsmapB2aQD4wanl4aEEREiQtX7DednhKJU5N +A4RvCVweezvHbkp9Xscp/CM5FanQqxPz17yGbkYkg93au+BIE2y4P+CMioDlw6uK +WQe14i5JMMDkQB25mirMD46PuQJTnbK6JBsyxG1xlQKBgGtcSY0AyVq00p0kkxNm +KhzI+17T0j0CuczJ/X+NvCUjLsx3NTJatRkJNYHWG7jUqs1vvtZbHVspQeteMlEi +rNE/xz98iG2eC8AdW+TmZvySmIZgoAoPuopUvBzRiyfLQVh4pPuikbTDghEn+CSG +WSyOd/I4JsH4xQFJC89nnm5M -----END PRIVATE KEY----- diff --git a/devstack/pregenerated/certs/private/cakey.pem b/devstack/pregenerated/certs/private/cakey.pem index b71a6a517e..882df95b14 100644 --- a/devstack/pregenerated/certs/private/cakey.pem +++ b/devstack/pregenerated/certs/private/cakey.pem @@ -1,30 +1,30 @@ -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,9DFA118A6C7A4164 +DEK-Info: DES-EDE3-CBC,F5D5CAF138266C5C -/rcV/AKPY5LYMSykAGG5gKo6f+AMoClHc0Kr0CwAmRRDQBh80jR5oDkKHN53MCk7 -AzNeS4tMhz4CioaB8Ful5anMY7yhT51ly31w55z2abrxOUe/btHIVhm3ENf/6bNB -wRwey+NGCcMxeMal4NM2HFmsHUyLB/6XX3I1NTnmeMBOhYLKrELrtpX4WC0zWhu4 -LJbKqADgM1J2cdbMwV6aEjAbPJns8fBGY7MOuMzCgoHi/TIb0IGJtuWW0AjyT6Yu -WwuEdKsjYAGuG8LymB8DeGAnNMMCbJo3LpduwguS1rS79cTWlV2X913Np1m7dwco -HFWOFRk1A0hgjyGiy16Cu09w9fl/NigDhsCIUz7sDucuSnK3iTg/mMsdSuslFsNG -TF8KkAtyrXsHA+AAoOmatjsuoNyXLCZJgvtcAUYs2mUP7MwPVCaalWYazvks+p0j -3BfgOB6aS92dp/XHOvbOntbxq5v2AG7di0UYMvvQ/otXzBnGHPAx/N5Pd92z/keJ -PkXVdrwJWDLbTpKME9h2aXM1Tl1Ihg3J8hRSy1E3tGox6LGvlbGyBJVbURkvj+dX -no0akTOF19Gk1Y2YGY2eVQKi1FtzXYl9o3uRFoiLrJSoNy7pEd/VOD/pcN5zFe+e -ai2Yb/ujze0ddC2me6MHaqvjZuCF+dZJq2pAgjeBv+e4Jy7SsTMlmJETdVfH0jOW -0/Wz/hZdXmLhHC0zB6meW17J5lnZBSFd5wKIVlivt6RJQahbCEra6EOCuzDdcq0P -XJgzLXlA2EJcL7rEQGRL3zQvWIXyxxU4XZjR0+7PMjx9lJO0bBwjHTUBmpLwFNnG -ICTv7w1mZVfI7izcleIwdxINWoLXCiR+k22rxgW/T3O0pS85WX2h385QTJ6ib9EI -ptjMSwv0jyJZpP6wQGmBu3TLqtbhXsvITYrp9gL5HRswDonR4y0TUV+criJKUTL1 -OozTWJweSLc1/kl6kAp9XkqWUpgxim4HryjInXRmcmGWX0b8Y9dsH4oKxg7b3BlT -39xpAYbPXfpX8GFC2E6Ct2G8ZHt0AzauS6HbuEkj7HW4+MBGNenrU4up5r1Cpv5D -pT0Z4E5Py+T5Z+4qcAK7gWSmD16FG+pfwxnuHmsx7voiIIwMwTl462bbNnHeniPW -0taJcfdahZMbRHx+OkoV4e6yms0ZunXJffh6icq8jC42lZ0RRVN6usKKA238t6po -zV0I02jL/u3YMp9LmEQa32vQ6aWWIIrvTAwuZbLircgxzREtuLdqoULEUzFbzj7Y -xVOAnd4kGuWKNPSYsmaY3G9RJN3FzhKfCQBDzmoHl3HImA8BmLDKPPz4mP4P/Kub -48Hrmb2P6Khdwbf8BvA+GApd2YDLbkhwCNGXxLHWp++DfRMfgSjaH0O+RYPSil+h -ZaRAuCKvg8uAubNyM6LqQOEBmfX8FE56VCEziV1w+IMYblkyZ6fIwYJlUNwATEVi -2Dz/a0x1L9/ZTv3OZXEx3sHjmW4K78ubVDMxTr+qe97y02jINw2lJQinfDNUqDub -Q/EJzLTHcPw2lO4RXL0nIMjZ/P4WjQR3Xe/rhq23i4UIT1q8NYyp83WRGV2bgUOe +X7mebmQYgOOgOLi5ec7+kxrDzP5PqD4A2b4dph1qEoVEcwKEcVicrPdDtLeHReO4 +W5WpyJxqUIIHZZWmvCy08tX151/BJYzmDbF5gGf0c2Q7V0Mnfvkn4G01apIxXMXB +kD4NIL3UB+4D2xmWv7s+PK+T4uNsO9gotUoABc5s4sNDsl7Jbgozo14T8oZkGVot +GrS1PpTes4GiIwmmlBzrtO+0Y0Yv5tzJrdkz047nXur+1n4YNj87Ui6R3O/crFmI +cf+L8NefqihmW2qR1deTSozg1oMv3RaZdMsxNDYLcF+4o+18buAHCr//NU71eVIZ +/P4XrIQQAyLi8u5W/5dFH9FEnNtBz0AJlBpLpKb7O3ZdQ18/UATbdaRrb4cqocEH +PTEEUTWRf1/5DhT+AXryI3Op0yxEZlVQu/IbEAgiV3wvx5Cof75Hm0m0rtFdnNBc +L2IA+3+75HGRt/zljh7ByGcui0dQA7i6thDc+qxz4WpcUx10Y9Dn2V5DueWunez+ +kjwRsahervPoaRRL+MuP43B1w4HPDCPOuTDO35TXivSFHz/mFGJ5GOy+iMPddFMa +RYWlDGkruz4poQ1zXQ2d4Q6wXSFiihU78a/0af8IhjofqAxUA91bC6oBF6OYGXZT +9cKfK1TUPVQITH2VLcJLxRf+Q4Zgc7gYJqEnh8dJ0lpMAgSkgyQDE0p0ttakj0Xv +ombZq+7SDSUYnItcPARLe2FWhsihZfu7W6f9fWQcXAv7dYG/opB5yquXaE+96eCO +1eGc0VttBauW+r87fAJtfm3XgwfrrGwDglcmo5JmaBWRSkxdLn6xPP1pAfGj2jQQ +EhWhIcbFgnGPhPSWpYMpeE8RdgO0R7Hno10scF5j/t3JPE5pfBOAGmyBsOdWW4TT +UfICuZ6UznNYtaWcXSrUNXETMFjrDaHoXZ50bG1FMZKA1YCz6QnoE4w42nBTVLj9 +90K+h3mVLqD/5qA8UYZYUuKn+e7w3xY4dRLAXExfB/33kb3A3jjjHYqVTpFXV6Of +0EAa/BDeGpkWElTmIgjN7VN+1rUDXgLMJ62M/fEkICTM1tSYLKFUdntGQ3YfzYX6 +LHB5BWsrlPFc2a8OXUCu5tvtm387W8X80eMb97e0A501q5P2Wxv/XcuPgVlx5JQP +37nqFDEtqGJoOE1LC5xZVzisNk7QVh6r0N3tGVeyE/bE0nvOYr/Zw8SVmwqNr8/I +jQspeH48uAudQ/lZ8aFUFpj7bm2Ie8ka2QqZAhPMDHy2Y8zf0obNB/RTG/SHSdMc +j2jdL1cUPcPOG+c2yLsgap+lpFpHZgeiTFY9775F3ODrADOiS2k5XkQCTz/n/Z3z +QOhz2T1RM8aa+xjk33YFJyVfYKQGEXfQwJ/RSJjMglDsJSE+py1ZPj4TzYnXfcjr +f26ReNcqL1/0sTSMf14OIKYEBNN8L4zQHX8BWY8EhPc8qBxspJQzH8imbNYb0x/M ++X0kZJbsEpO5JRD70KOoOM8vmStAglWTbbt9JLDjL98Ks54+Si9fgGql8njyo96V +vwNihqd8kqEk9STXKwJZzmkXvcs8WDuFUuLDtQYjk6GMT17e10TgmA== -----END RSA PRIVATE KEY----- diff --git a/devstack/pregenerated/regenerate-certs.sh b/devstack/pregenerated/regenerate-certs.sh new file mode 100755 index 0000000000..bd6e9af95d --- /dev/null +++ b/devstack/pregenerated/regenerate-certs.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +GEN_DIR=/tmp/certs +rm -rf $GEN_DIR +bash ../../bin/create_certificates.sh $GEN_DIR $(pwd)/../../etc/certificates/openssl.cnf +for file in client.key client.pem ca_01.pem private/cakey.pem; do + cp -v $GEN_DIR/$file certs/$file +done + +echo "" +echo Validating client cert with CA: +openssl verify -verbose -CAfile certs/ca_01.pem certs/client.pem + +echo "" +echo CA expiration time: +openssl x509 -enddate -noout -in certs/ca_01.pem + +echo "" +echo Client cert expiration time: +openssl x509 -enddate -noout -in certs/client.pem +