Skip to content

P
paho.mqtt.c
Commit c48ba955 authored by Ian Craggs's avatar Ian Craggs
Browse files
Options

New SSL test configuration

parent 3a56d3dc
Hide whitespace changes
Inline Side-by-side
Showing with 301 additions and 1481 deletions
build.xml
View file @ c48ba955
...@@ -161,12 +161,21 @@ ...@@ -161,12 +161,21 @@
<target name="test" > <target name="test" >
<foreach target="runAtest" param="aTest" list="test1,test4"/> <foreach target="runAtest" param="aTest" list="test1,test4"/>
<foreach target="runSSLtest" param="aTest" list="test3"/>
</target> </target>
<target name="runAtest"> <target name="runAtest">
<exec executable="./${aTest}" failonerror="true" dir="${output.folder}" > <exec executable="./${aTest}" failonerror="true" dir="${output.folder}" >
<arg value="--connection" /> <arg value="--connection" />
<arg value="tcp://${test.hostname}:1883" /> <arg value="tcp://${test.hostname}:18883" />
<env key="LD_LIBRARY_PATH" value="." />
</exec>
</target>
<target name="runSSLtest">
<exec executable="./${aTest}" failonerror="true" dir="${output.folder}" >
<arg value="--hostname" />
<arg value="test.hostname" />
<env key="LD_LIBRARY_PATH" value="." /> <env key="LD_LIBRARY_PATH" value="." />
</exec> </exec>
</target> </target>
......
build/run_test2am 0 → 100644
View file @ c48ba955
LD_LIBRARY_PATH=. ./test3 --test_no 3 --hostname localhost --server_key /home/icraggs/nobackup/mosquitto-1.2/pkeys/test-root-ca.crt --client_key /home/icraggs/nobackup/mosquitto-1.2/pkeys/client.pem
build/run_test2as 0 → 100644
View file @ c48ba955
LD_LIBRARY_PATH=. ./test3 --test_no 2 --connection ssl://localhost:8883 --server_key /home/icraggs/nobackup/mosquitto-1.2/pkeys/server.pem --client_key /home/icraggs/nobackup/mosquitto-1.2/pkeys/client.pem
build/run_test3s 0 → 100644
View file @ c48ba955
LD_LIBRARY_PATH=. ./test3 --test_no 7 --connection ssl://localhost:8885 --server_key /home/icraggs/nobackup/mosquitto-1.2/pkeys/server.pem
test/ssl/client.crt 0 → 100644
View file @ c48ba955
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
Validity
Not Before: Jul 29 19:21:31 2013 GMT
Not After : Jul 28 19:21:31 2018 GMT
Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=test client
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:dc:17:82:af:47:dc:71:77:73:c3:69:11:4b:ff:
27:0e:29:4b:e6:6f:11:78:e4:56:88:c9:34:13:12:
e1:82:ec:24:fe:65:c8:9d:bb:05:54:20:d0:b4:31:
b9:4b:87:f8:4d:e5:c1:ba:99:f8:a2:cc:ff:8e:89:
f2:7a:68:2f:53:42:4d:73:19:5e:ca:7e:b2:fe:3b:
f7:d1:bc:e8:24:fa:77:47:ee:a4:89:cf:d1:dc:e9:
99:3f:da:0e:d0:1e:c6:40:d2:60:ee:38:83:4e:a4:
dd:46:a3:6a:ac:c9:61:af:d5:23:9d:23:14:b5:31:
d5:ca:66:7a:30:3f:c2:ce:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
17:CD:6D:67:FB:7D:77:59:0F:6C:F1:9B:0E:B0:EB:AE:BE:E0:9D:47
X509v3 Authority Key Identifier:
keyid:29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
Signature Algorithm: sha1WithRSAEncryption
b4:11:e8:8a:f5:21:d1:88:22:9e:f3:05:e6:47:c9:9d:87:10:
09:a1:9c:f1:38:5b:a0:5a:b4:f5:fd:8d:cf:ae:01:7d:b4:a8:
3c:dd:ed:17:b3:02:56:5b:4a:e6:17:58:8f:46:d4:02:97:95:
0b:00:0e:b4:77:3e:ad:f0:ce:06:25:38:2d:ff:df:a4:0e:3b:
83:73:f7:a3:da:c1:a1:24:68:a2:18:71:81:4e:3b:26:5a:e2:
10:9a:27:95:85:a8:3c:47:3a:60:49:21:2f:12:90:fc:4a:f0:
71:4d:bc:19:2a:06:07:f4:35:d9:8d:1d:b2:85:93:61:17:45:
26:9a
-----BEGIN CERTIFICATE-----
MIICyTCCAjKgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJHQjET
MBEGA1UECAwKRGVyYnlzaGlyZTEVMBMGA1UECgwMUGFobyBQcm9qZWN0MRAwDgYD
VQQLDAdUZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBMB4XDTEzMDcyOTE5MjEz
MVoXDTE4MDcyODE5MjEzMVoweDELMAkGA1UEBhMCR0IxGDAWBgNVBAgMD05vdHRp
bmdoYW1zaGlyZTETMBEGA1UEBwwKTm90dGluZ2hhbTEPMA0GA1UECgwGU2VydmVy
MRMwEQYDVQQLDApQcm9kdWN0aW9uMRQwEgYDVQQDDAt0ZXN0IGNsaWVudDCBnzAN
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3BeCr0fccXdzw2kRS/8nDilL5m8ReORW
iMk0ExLhguwk/mXInbsFVCDQtDG5S4f4TeXBupn4osz/jonyemgvU0JNcxleyn6y
/jv30bzoJPp3R+6kic/R3OmZP9oO0B7GQNJg7jiDTqTdRqNqrMlhr9UjnSMUtTHV
ymZ6MD/CzlkCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl
blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFBfNbWf7fXdZD2zx
mw6w666+4J1HMB8GA1UdIwQYMBaAFClNbsfy93Fy2iecnKvaBx1HnNhBMA0GCSqG
SIb3DQEBBQUAA4GBALQR6Ir1IdGIIp7zBeZHyZ2HEAmhnPE4W6BatPX9jc+uAX20
qDzd7RezAlZbSuYXWI9G1AKXlQsADrR3Pq3wzgYlOC3/36QOO4Nz96PawaEkaKIY
cYFOOyZa4hCaJ5WFqDxHOmBJIS8SkPxK8HFNvBkqBgf0NdmNHbKFk2EXRSaa
-----END CERTIFICATE-----
test/ssl/client.key 0 → 100644
View file @ c48ba955
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDcF4KvR9xxd3PDaRFL/ycOKUvmbxF45FaIyTQTEuGC7CT+Zcid
uwVUINC0MblLh/hN5cG6mfiizP+OifJ6aC9TQk1zGV7KfrL+O/fRvOgk+ndH7qSJ
z9Hc6Zk/2g7QHsZA0mDuOINOpN1Go2qsyWGv1SOdIxS1MdXKZnowP8LOWQIDAQAB
AoGAa+NifoXdfAmwR7QzdGuJO5nmyPjdOcPE35yx2D/DKCiWIdbHNvq8q/bCF/Lg
ADSQ9a6Q/uYHSdbv13Gr2XFE8MSOCex5cWe7xcQ4jHM9AR4soMxDLXoEqia6QtFg
RLrVolER/h1QcqJ4pP3QC025JLADXTAvarKAJlkR4nQPigECQQD1xCdxY3mHkl0C
KSVVjyALKrRHoqIxu2w1qivfTqA/S02Ws5tn6g+lkAEUa7Jg2s1/U2HybRAdGz5v
fuIW7eOhAkEA5UGrc2z7TyfKIwO5I6aRLFMqwyMKVdO5v4RZlJGBhtGHLEd5nJMw
ueKLVAUa5/1LaowfLQxYZD+yF8dWdpbvuQJAAbik+hNTR5LL2fcFzuqYs9tRteq6
rhR89odBlWfMkYTqfzK01O57u5Idn9H9RtZheBHSbss6wKlvL4K4/KYf4QJAZKXk
A5TA8Atj7uNfkIs8CN2qVGk5zFxbm/0a5uLKnsm2MnZeqaLlLXaL/KMRIPBO/8Ps
m/Zjh/9+zHmzN/Uj4QJBAPFmzczJDxDviQcEo7qL9J6JAJtijqDAgv9u1XpqIfIx
GveE+zuKYC2g2Absn1Art3dQgJAsttOF/40HykRLeGc=
-----END RSA PRIVATE KEY-----
test/ssl/client.pem 0 → 100644
View file @ c48ba955
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
Validity
Not Before: Jul 29 19:21:31 2013 GMT
Not After : Jul 28 19:21:31 2018 GMT
Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=test client
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:dc:17:82:af:47:dc:71:77:73:c3:69:11:4b:ff:
27:0e:29:4b:e6:6f:11:78:e4:56:88:c9:34:13:12:
e1:82:ec:24:fe:65:c8:9d:bb:05:54:20:d0:b4:31:
b9:4b:87:f8:4d:e5:c1:ba:99:f8:a2:cc:ff:8e:89:
f2:7a:68:2f:53:42:4d:73:19:5e:ca:7e:b2:fe:3b:
f7:d1:bc:e8:24:fa:77:47:ee:a4:89:cf:d1:dc:e9:
99:3f:da:0e:d0:1e:c6:40:d2:60:ee:38:83:4e:a4:
dd:46:a3:6a:ac:c9:61:af:d5:23:9d:23:14:b5:31:
d5:ca:66:7a:30:3f:c2:ce:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
17:CD:6D:67:FB:7D:77:59:0F:6C:F1:9B:0E:B0:EB:AE:BE:E0:9D:47
X509v3 Authority Key Identifier:
keyid:29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
Signature Algorithm: sha1WithRSAEncryption
b4:11:e8:8a:f5:21:d1:88:22:9e:f3:05:e6:47:c9:9d:87:10:
09:a1:9c:f1:38:5b:a0:5a:b4:f5:fd:8d:cf:ae:01:7d:b4:a8:
3c:dd:ed:17:b3:02:56:5b:4a:e6:17:58:8f:46:d4:02:97:95:
0b:00:0e:b4:77:3e:ad:f0:ce:06:25:38:2d:ff:df:a4:0e:3b:
83:73:f7:a3:da:c1:a1:24:68:a2:18:71:81:4e:3b:26:5a:e2:
10:9a:27:95:85:a8:3c:47:3a:60:49:21:2f:12:90:fc:4a:f0:
71:4d:bc:19:2a:06:07:f4:35:d9:8d:1d:b2:85:93:61:17:45:
26:9a
-----BEGIN CERTIFICATE-----
MIICyTCCAjKgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJHQjET
MBEGA1UECAwKRGVyYnlzaGlyZTEVMBMGA1UECgwMUGFobyBQcm9qZWN0MRAwDgYD
VQQLDAdUZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBMB4XDTEzMDcyOTE5MjEz
MVoXDTE4MDcyODE5MjEzMVoweDELMAkGA1UEBhMCR0IxGDAWBgNVBAgMD05vdHRp
bmdoYW1zaGlyZTETMBEGA1UEBwwKTm90dGluZ2hhbTEPMA0GA1UECgwGU2VydmVy
MRMwEQYDVQQLDApQcm9kdWN0aW9uMRQwEgYDVQQDDAt0ZXN0IGNsaWVudDCBnzAN
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3BeCr0fccXdzw2kRS/8nDilL5m8ReORW
iMk0ExLhguwk/mXInbsFVCDQtDG5S4f4TeXBupn4osz/jonyemgvU0JNcxleyn6y
/jv30bzoJPp3R+6kic/R3OmZP9oO0B7GQNJg7jiDTqTdRqNqrMlhr9UjnSMUtTHV
ymZ6MD/CzlkCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl
blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFBfNbWf7fXdZD2zx
mw6w666+4J1HMB8GA1UdIwQYMBaAFClNbsfy93Fy2iecnKvaBx1HnNhBMA0GCSqG
SIb3DQEBBQUAA4GBALQR6Ir1IdGIIp7zBeZHyZ2HEAmhnPE4W6BatPX9jc+uAX20
qDzd7RezAlZbSuYXWI9G1AKXlQsADrR3Pq3wzgYlOC3/36QOO4Nz96PawaEkaKIY
cYFOOyZa4hCaJ5WFqDxHOmBJIS8SkPxK8HFNvBkqBgf0NdmNHbKFk2EXRSaa
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDcF4KvR9xxd3PDaRFL/ycOKUvmbxF45FaIyTQTEuGC7CT+Zcid
uwVUINC0MblLh/hN5cG6mfiizP+OifJ6aC9TQk1zGV7KfrL+O/fRvOgk+ndH7qSJ
z9Hc6Zk/2g7QHsZA0mDuOINOpN1Go2qsyWGv1SOdIxS1MdXKZnowP8LOWQIDAQAB
AoGAa+NifoXdfAmwR7QzdGuJO5nmyPjdOcPE35yx2D/DKCiWIdbHNvq8q/bCF/Lg
ADSQ9a6Q/uYHSdbv13Gr2XFE8MSOCex5cWe7xcQ4jHM9AR4soMxDLXoEqia6QtFg
RLrVolER/h1QcqJ4pP3QC025JLADXTAvarKAJlkR4nQPigECQQD1xCdxY3mHkl0C
KSVVjyALKrRHoqIxu2w1qivfTqA/S02Ws5tn6g+lkAEUa7Jg2s1/U2HybRAdGz5v
fuIW7eOhAkEA5UGrc2z7TyfKIwO5I6aRLFMqwyMKVdO5v4RZlJGBhtGHLEd5nJMw
ueKLVAUa5/1LaowfLQxYZD+yF8dWdpbvuQJAAbik+hNTR5LL2fcFzuqYs9tRteq6
rhR89odBlWfMkYTqfzK01O57u5Idn9H9RtZheBHSbss6wKlvL4K4/KYf4QJAZKXk
A5TA8Atj7uNfkIs8CN2qVGk5zFxbm/0a5uLKnsm2MnZeqaLlLXaL/KMRIPBO/8Ps
m/Zjh/9+zHmzN/Uj4QJBAPFmzczJDxDviQcEo7qL9J6JAJtijqDAgv9u1XpqIfIx
GveE+zuKYC2g2Absn1Art3dQgJAsttOF/40HykRLeGc=
-----END RSA PRIVATE KEY-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=GB, ST=Derbyshire, L=Derby, O=Paho Project, OU=Testing, CN=Root CA
Validity
Not Before: Jul 29 19:21:30 2013 GMT
Not After : Jul 28 19:21:30 2018 GMT
Subject: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:dc:26:78:40:ae:b2:ad:2f:26:12:0a:d5:b1:18:
80:16:d8:88:be:0b:42:ce:32:ad:12:d5:f5:78:1b:
35:28:f2:13:1b:05:09:fb:7e:d7:d9:a1:8a:0d:4a:
fe:95:37:d4:16:75:83:e4:6a:44:34:33:57:2e:49:
ba:bc:b4:cf:d0:c0:87:e0:bc:f0:60:76:14:00:d6:
eb:cb:f6:db:b3:43:f1:c8:4d:4a:0a:bb:e0:37:7c:
8e:93:1f:a0:87:68:59:fe:0c:25:40:f3:7c:fd:71:
90:55:ef:de:18:b4:08:86:c9:75:c2:99:2f:ce:12:
bf:c5:5e:cf:5f:f1:06:53:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
X509v3 Authority Key Identifier:
keyid:4A:2B:69:D6:31:1D:A3:68:E8:46:6F:FB:4B:F3:8E:B6:8D:51:0E:BF
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
48:ec:d7:80:8a:8f:82:a6:42:b1:89:2c:b9:4b:6d:0a:37:b8:
72:19:05:de:75:80:0c:d6:41:97:b2:d7:fe:99:cb:7e:c4:0e:
77:97:09:a8:9f:87:ff:0b:de:3f:1c:dc:1e:fe:09:36:a7:f5:
54:9a:85:4e:fb:6f:27:fe:0f:29:45:61:8d:07:c6:0c:da:37:
3d:a3:69:4b:82:71:e6:24:e0:87:a6:ee:d5:87:61:dd:8f:08:
fe:33:a6:1f:ae:b2:ae:1f:d8:2c:20:c8:a6:fc:33:0e:82:68:
80:23:61:10:ad:5c:1d:80:d6:b1:5f:e4:af:66:6d:63:10:e4:
96:e4
-----BEGIN CERTIFICATE-----
MIICkzCCAfygAwIBAgIBATANBgkqhkiG9w0BAQUFADBtMQswCQYDVQQGEwJHQjET
MBEGA1UECAwKRGVyYnlzaGlyZTEOMAwGA1UEBwwFRGVyYnkxFTATBgNVBAoMDFBh
aG8gUHJvamVjdDEQMA4GA1UECwwHVGVzdGluZzEQMA4GA1UEAwwHUm9vdCBDQTAe
Fw0xMzA3MjkxOTIxMzBaFw0xODA3MjgxOTIxMzBaMGAxCzAJBgNVBAYTAkdCMRMw
EQYDVQQIDApEZXJieXNoaXJlMRUwEwYDVQQKDAxQYWhvIFByb2plY3QxEDAOBgNV
BAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwgZ8wDQYJKoZIhvcNAQEB
BQADgY0AMIGJAoGBANwmeECusq0vJhIK1bEYgBbYiL4LQs4yrRLV9XgbNSjyExsF
Cft+19mhig1K/pU31BZ1g+RqRDQzVy5Jury0z9DAh+C88GB2FADW68v227ND8chN
Sgq74Dd8jpMfoIdoWf4MJUDzfP1xkFXv3hi0CIbJdcKZL84Sv8Vez1/xBlMHAgMB
AAGjUDBOMB0GA1UdDgQWBBQpTW7H8vdxctonnJyr2gcdR5zYQTAfBgNVHSMEGDAW
gBRKK2nWMR2jaOhGb/tL8462jVEOvzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB
BQUAA4GBAEjs14CKj4KmQrGJLLlLbQo3uHIZBd51gAzWQZey1/6Zy37EDneXCaif
h/8L3j8c3B7+CTan9VSahU77byf+DylFYY0HxgzaNz2jaUuCceYk4Iem7tWHYd2P
CP4zph+usq4f2CwgyKb8Mw6CaIAjYRCtXB2A1rFf5K9mbWMQ5Jbk
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICqDCCAhGgAwIBAgIJAKrzwmdXIUxsMA0GCSqGSIb3DQEBBQUAMG0xCzAJBgNV
BAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYDVQQHDAVEZXJieTEVMBMG
A1UECgwMUGFobyBQcm9qZWN0MRAwDgYDVQQLDAdUZXN0aW5nMRAwDgYDVQQDDAdS
b290IENBMB4XDTEzMDcyOTE5MjEyOVoXDTIzMDcyNzE5MjEyOVowbTELMAkGA1UE
BhMCR0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUxDjAMBgNVBAcMBURlcmJ5MRUwEwYD
VQQKDAxQYWhvIFByb2plY3QxEDAOBgNVBAsMB1Rlc3RpbmcxEDAOBgNVBAMMB1Jv
b3QgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKbPzEEWCKsjjwjJ787u
Q32k5EdqoDddMEjSVbZNSNEwUew1L7O8NTbmtCEeVFQjOLAdmdiF3rQbXHV+Zew0
jt2g4vtPpl1GOG6jA/6YznKAyQdvGCdYfGZUN2tN+mbtVxWqkHZitQDQGaSHnx24
NX649La2uyFy+7l9o8++xPONAgMBAAGjUDBOMB0GA1UdDgQWBBRKK2nWMR2jaOhG
b/tL8462jVEOvzAfBgNVHSMEGDAWgBRKK2nWMR2jaOhGb/tL8462jVEOvzAMBgNV
HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAEd+gW86/W+fisz5PFHAeEw7zn9q
dzLHm7+QZgNLZ9h7/ZbhObRUFMRtU2xm4amyh85h7hUE5R2E2uW2OXumic7/D4ZD
6unjr4m5jwVWDTqTUYIcNSriyoDWAVlPfOWaU5NyUhqS1DM28tvOWVHVLCxmVcZl
tJQqo5eHbQ/+Hjfx
-----END CERTIFICATE-----
test/ssl/client/client.crt deleted 100644 → 0
View file @ 3a56d3dc
-----BEGIN CERTIFICATE-----
MIIDlzCCAn8CCQDWQsuukXdWtjANBgkqhkiG9w0BAQUFADCBoDELMAkGA1UEBhMC
Q0ExEDAOBgNVBAgMB09udGFyaW8xDzANBgNVBAcMBk90dGF3YTEgMB4GA1UECgwX
RWNsaXBzZSBGb3VuZGF0aW9uLCBJbmMxDTALBgNVBAsMBFBhaG8xDTALBgNVBAMM
BFBhaG8xLjAsBgkqhkiG9w0BCQEWH2ljcmFnZ3NAbW9kZWxiYXNlZHRlc3Rpbmcu
Y28udWswIBcNMTMwODA5MTI0ODIyWhgPNDc1MTA3MDYxMjQ4MjJaMHgxCzAJBgNV
BAYTAlVLMRAwDgYDVQQIDAdFbmdsYW5kMRIwEAYDVQQHDAlTYWxpc2J1cnkxEzAR
BgNVBAMMCklhbiBDcmFnZ3MxLjAsBgkqhkiG9w0BCQEWH2ljcmFnZ3NAbW9kZWxi
YXNlZHRlc3RpbmcuY28udWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDM5DE2MbswfBakm9hx5mNaP1m6EZoxEdZflDQ9RdoQI1eskXUj/Oa0NydHv5aL
aiBEUGedS6ZG+Lwod7hl56Xo6QHkf6n0tPad7/S/sLOICCcgig9s+r7w41G72+2D
tOKJ2AbxVTJKvUPKFJKEIAU2R8jX28otKcskrjl2URD8CKD+XNffbiOX9L0tjepX
l3gDH8LqtcAyvHpgtDePkv7NHg8ehdKuNGRVMQlxwKX2sOU7IS151OfwjY8fyXD6
n+P5MU7DPNeFxgggA7zapDaPE0+faYTJQXAkcN4zARcZWDyfz0ykvSj/KxZr28YF
LVoeXeOG55sUMXDiCgKb9T3jAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAHVKS+ho
RAKB+l81akVhMoV2D7qVOgJ9T2OWqFRpsv75uhTtMU7I8SW663XPhRG4gGDenpCZ
oQ1+Lth5Rzol2LoyX3++c5PwLRCtCupbE6P6XRjDgXmdhKr0Swyie5wa3ZI491PA
ueZMyKFLUy4LoydvXJ2hCXVPbqTxk7z9ImkxhzE9b8TF7pjR3yLJcTp/xA1Zpido
bfYrKBfNN8NoBOVrp4oqAjMhovpe/Izm1lF1YiRwgVBC5gGG+DTcrC1r8POsGij0
rzSfuq6eyRXMjjK7pBpWa69W5RCx14F+Hd3kdwxrSYy1kUnv+Bmd+ZNKjJIe92rd
UQmQAYXRFRHNT6s=
-----END CERTIFICATE-----
test/ssl/client/client.csr deleted 100644 → 0
View file @ 3a56d3dc
-----BEGIN CERTIFICATE REQUEST-----
MIICvTCCAaUCAQAweDELMAkGA1UEBhMCVUsxEDAOBgNVBAgMB0VuZ2xhbmQxEjAQ
BgNVBAcMCVNhbGlzYnVyeTETMBEGA1UEAwwKSWFuIENyYWdnczEuMCwGCSqGSIb3
DQEJARYfaWNyYWdnc0Btb2RlbGJhc2VkdGVzdGluZy5jby51azCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAMzkMTYxuzB8FqSb2HHmY1o/WboRmjER1l+U
ND1F2hAjV6yRdSP85rQ3J0e/lotqIERQZ51Lpkb4vCh3uGXnpejpAeR/qfS09p3v
9L+ws4gIJyCKD2z6vvDjUbvb7YO04onYBvFVMkq9Q8oUkoQgBTZHyNfbyi0pyySu
OXZREPwIoP5c199uI5f0vS2N6leXeAMfwuq1wDK8emC0N4+S/s0eDx6F0q40ZFUx
CXHApfaw5TshLXnU5/CNjx/JcPqf4/kxTsM814XGCCADvNqkNo8TT59phMlBcCRw
3jMBFxlYPJ/PTKS9KP8rFmvbxgUtWh5d44bnmxQxcOIKApv1PeMCAwEAAaAAMA0G
CSqGSIb3DQEBBQUAA4IBAQBI8wY0o4kT44k22kDqmbSQUIdBwmDyR1xl/ING0XMl
85hyTwGs6NObO48BkcpTC6fW7ZVR+GQqW+R13p1mYiA+Gn1mjcLI3urH110yTyy0
TVKQ51yyxnom7PhlHMjopGJplzqnYHYykVhKFXrBgLYNtIgXiDOyh8I2TOFLxHT4
mTHPDjOrWW/W6yTzlpUw7cZfRW3uUfHk218fHEorT1a0CERwc4yWUa12O0pCz6tS
nHeciLBVW6JEaA7yMaFjwGNYT6UBKTNQemg8PhzxzyiFtWh9Hug43CiaLD1sd1aJ
8EIw26iVkf/5eSa0vuF0YK33zor7SNljdiQGuBbJa6Ar
-----END CERTIFICATE REQUEST-----
test/ssl/client/client.key deleted 100644 → 0
View file @ 3a56d3dc
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,7F899F19C7D0C0B9
6qN2w+EqWASuQ9wg6c1Xg89Sr4q6Yg8Qrm2+nmXFD2DPLi3Wxckji/HkB1JD3lf9
Z87zCh9CX6hk3jkxhoYUz8uDffI3iioFO+Syrt5Mx5nHdNxnDxYado+JP55EYazP
xFySHge9AkQeJuHgYdCTqiNHS6k8cVId2zIxn4cETKP4vXmTzJ4RZkhCRibN2g00
XYinUAsLdKvr47cmBEKEI3o20PyKYzZR9Ae9K41hDu/S8jRqR4SBQu+5Ggz36ZKx
8uZwCf50PRuDDfRnDAIpw2cGHMAPUSJqbODqwpMOfCHRfjpnVL8ua5JY+vIfdLbX
6XxHLPveOYwIlwWhEas+TwDveluwVWF028Ist/pPqK4vRTVKvaphsVoDDWpoGQYL
bvlXkQ4Ptvn9UCrFcMBsBY2EcCIEuMG9AEOXaa2SQEQME1cG8la5Di2ACeWsH+u3
VKPs43V/AtkcbbnNk1nww0AY1pXsbATX/fWIexyVDKVFiqup8fbqhY5U3z/5dssa
9wmrdvCyVx6TgnNuHGJPMvaYTPSLpJc2s5uYvkUHC8l1HqfzZ4gVFftf+tgyi17E
Kws4W2evImnAmPl1SbQGIFyIwMjgnSZzcmn9OUpxYy+Dsz8wb/J/edkwtAXxCl6s
QmgRvw5+G7xNyWqPrMli46H9JKKR7OsJ+ar9xnumFvAoF2jWPZyvPzFOe7TaTTTM
+z9MQjB6M877ERNchmmpd5bgGkvYQEai1wKizSlbdyPPUyUAdfoh/TvoEcGCIr7g
+5ktCkIwn1CAdUEBxNSkvYWUBVcVDpYPou1aFZHXsH3pNNt6MsmyzrmETeLf9DVn
7R6hr/69FgKvquQC0qtLtMCLyJgIxp4Q7S6IgLJ6GmeHANPgw3nSQHGKkCh2L3wu
w/LUJNLIYGUWRccUTEzVV0ngRSsuNlFk9TYJUTwmW+kOGJJVdPGyF8RwjdT9tSXn
6mtfwLvgTQ2Zj80nSohZDHrGILT51Gv6HaApsCFfBkWZL5uzWPux8bgQoN2Foymq
ScWWXEUleOGXOC/N26d0pZSsvwGVnFnkHBTVgtw49TEcenPhp2B8vo4HjSyZku8/
fQ8Wakz6fXo6izjW9W6kOAzv4w5YwCVmqQIk/ADHNMv9GFit+qVP7hFbaa207wph
bEuxs7Q/dbqjscFXTIs0lZxFRdSn2Y8CCHHflijv1HzyRo25C7RAKrL/5tCbPtbv
NrnRa11P35ZvQ5atBNq9pjXUbitK2AqUDSSK76QdzEhOqBkXhvvG6+Sh8jYSu/Mr
8SFBc+cVSMNjExRrTWjreZ6OZTw4tWtaJAx8zRg+OAzomCsV+vET+tfaOdpOtgzB
fBl7yqkkNYVF4v+IcrA3vh6+0KaX3+scXwZGSKO2xBgTa0g2O4UPOvuRhS1y3ccS
GIHgInO6FCIjI1X64HUiAiXLITKdO/xZkbWBwSHCnvRNSZ1JBzFjO5h3g+o/EA5l
y6LbgoNnyw5ph57dKJex4uAEHRpnbdOsUA4F5+VUC3BmjC71rSDhBKNYF2zMox0a
ajxcZ17RdYvK5rN0lijuR0FmyfGFgNM9hrxhf82ABoOb6dC4YgmGsYe91shFFnQ8
-----END RSA PRIVATE KEY-----
test/ssl/client/client.pem deleted 100644 → 0
View file @ 3a56d3dc
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
bf:d0:e6:9a:27:0f:16:9d
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=CA, ST=Ontario, L=Ottawa, O=Eclipse Foundation, Inc, OU=Paho, CN=Paho/emailAddress=icraggs@modelbasedtesting.co.uk
Validity
Not Before: Aug 9 12:45:56 2013 GMT
Not After : Jul 6 12:45:56 4751 GMT
Subject: C=CA, ST=Ontario, L=Ottawa, O=Eclipse Foundation, Inc, OU=Paho, CN=Paho/emailAddress=icraggs@modelbasedtesting.co.uk
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b2:ef:ff:a1:56:c6:eb:99:01:72:4b:e2:50:7c:
23:d7:92:c4:79:9f:1e:d9:ff:d4:94:e4:2c:b7:6a:
2e:c9:65:80:05:95:82:31:a4:ce:dc:6d:a7:50:bb:
7e:10:dc:72:2f:b7:88:d7:4b:47:d6:52:fb:f9:41:
60:c7:c3:c8:9b:53:3c:39:ef:47:53:7f:26:56:12:
52:4c:9a:c1:05:59:04:51:12:10:1e:13:1d:2d:81:
78:42:51:f2:5c:32:a1:7a:a7:6c:a7:85:c8:df:45:
67:b1:5a:b6:b4:78:22:4e:fe:d4:b6:c4:70:65:67:
11:37:2d:e9:46:b8:92:ca:08:dd:fa:65:f9:e1:98:
6e:c5:b1:79:f2:43:87:ae:a9:6a:88:03:80:00:ce:
d9:60:e9:07:55:a6:e2:43:9a:2b:8c:19:94:7b:4f:
15:1a:77:26:5c:c5:51:f8:56:d5:1a:fd:4f:3d:7c:
2d:3e:74:9c:87:86:ef:6d:6a:82:8d:c9:9a:68:c7:
96:6d:3c:60:bf:18:6d:ad:d8:e1:67:60:8d:91:87:
64:6d:e3:f3:1f:42:73:28:04:8d:6d:54:d1:a5:9f:
b9:ae:71:a1:37:e9:89:8d:2e:14:a7:04:ac:2d:bd:
11:95:ae:03:f4:6f:a9:2c:2b:56:1a:67:a4:40:84:
31:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:7B:16:36:65:4D:CD:A3:41:9F:C8:42:3E:71:59:F2:87:92:A0:CB
X509v3 Authority Key Identifier:
keyid:4C:7B:16:36:65:4D:CD:A3:41:9F:C8:42:3E:71:59:F2:87:92:A0:CB
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
8f:37:a6:31:d0:f6:76:bb:bb:1b:85:70:f9:4f:74:54:2f:14:
2d:e3:69:8e:35:1c:0c:b8:c2:4a:3f:2b:b2:34:2b:64:55:1e:
a1:30:ec:0f:b9:c2:d5:49:4b:c4:09:7a:8f:6e:de:d3:6e:c4:
7a:1a:14:b4:45:78:09:4f:f2:7c:ec:35:db:47:39:b3:27:11:
96:dc:74:f4:60:aa:0c:91:7b:a1:8b:0b:8d:8a:55:66:5b:a5:
7f:42:2c:c2:dc:ae:53:f9:ca:5d:24:c8:78:4d:77:a0:be:14:
0f:ed:ea:41:bc:8e:1d:5b:51:cd:66:f6:8f:0f:5a:d8:f8:e5:
ac:74:af:0b:1d:bc:41:a3:04:aa:28:69:64:e2:cd:d0:47:4a:
46:0e:7c:25:4e:b4:16:bb:d4:b3:b1:90:6a:47:39:f5:c6:37:
b7:2a:50:87:b4:2c:fc:3b:4d:76:98:ca:ab:2e:7d:15:ea:86:
f4:52:b2:68:c4:c5:12:a7:06:d1:08:e8:37:a0:98:dd:ee:fe:
a7:d5:3c:c7:e1:a4:de:ca:b6:7f:46:4e:1d:f2:04:4e:81:18:
17:37:df:09:84:3f:74:f9:e7:d2:59:02:f8:f0:f6:5f:86:ba:
19:a3:88:a7:25:32:3d:8d:e0:b9:43:24:1f:77:8b:0a:8c:30:
56:a6:e7:43
-----BEGIN CERTIFICATE-----
MIIEFzCCAv+gAwIBAgIJAL/Q5ponDxadMA0GCSqGSIb3DQEBBQUAMIGgMQswCQYD
VQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEPMA0GA1UEBwwGT3R0YXdhMSAwHgYD
VQQKDBdFY2xpcHNlIEZvdW5kYXRpb24sIEluYzENMAsGA1UECwwEUGFobzENMAsG
A1UEAwwEUGFobzEuMCwGCSqGSIb3DQEJARYfaWNyYWdnc0Btb2RlbGJhc2VkdGVz
dGluZy5jby51azAgFw0xMzA4MDkxMjQ1NTZaGA80NzUxMDcwNjEyNDU1NlowgaAx
CzAJBgNVBAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMQ8wDQYDVQQHDAZPdHRhd2Ex
IDAeBgNVBAoMF0VjbGlwc2UgRm91bmRhdGlvbiwgSW5jMQ0wCwYDVQQLDARQYWhv
MQ0wCwYDVQQDDARQYWhvMS4wLAYJKoZIhvcNAQkBFh9pY3JhZ2dzQG1vZGVsYmFz
ZWR0ZXN0aW5nLmNvLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
su//oVbG65kBckviUHwj15LEeZ8e2f/UlOQst2ouyWWABZWCMaTO3G2nULt+ENxy
L7eI10tH1lL7+UFgx8PIm1M8Oe9HU38mVhJSTJrBBVkEURIQHhMdLYF4QlHyXDKh
eqdsp4XI30VnsVq2tHgiTv7UtsRwZWcRNy3pRriSygjd+mX54ZhuxbF58kOHrqlq
iAOAAM7ZYOkHVabiQ5orjBmUe08VGncmXMVR+FbVGv1PPXwtPnSch4bvbWqCjcma
aMeWbTxgvxhtrdjhZ2CNkYdkbePzH0JzKASNbVTRpZ+5rnGhN+mJjS4UpwSsLb0R
la4D9G+pLCtWGmekQIQxDwIDAQABo1AwTjAdBgNVHQ4EFgQUTHsWNmVNzaNBn8hC
PnFZ8oeSoMswHwYDVR0jBBgwFoAUTHsWNmVNzaNBn8hCPnFZ8oeSoMswDAYDVR0T
BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAjzemMdD2dru7G4Vw+U90VC8ULeNp
jjUcDLjCSj8rsjQrZFUeoTDsD7nC1UlLxAl6j27e027EehoUtEV4CU/yfOw120c5
sycRltx09GCqDJF7oYsLjYpVZlulf0IswtyuU/nKXSTIeE13oL4UD+3qQbyOHVtR
zWb2jw9a2PjlrHSvCx28QaMEqihpZOLN0EdKRg58JU60FrvUs7GQakc59cY3typQ
h7Qs/DtNdpjKqy59FeqG9FKyaMTFEqcG0QjoN6CY3e7+p9U8x+Gk3sq2f0ZOHfIE
ToEYFzffCYQ/dPnn0lkC+PD2X4a6GaOIpyUyPY3guUMkH3eLCowwVqbnQw==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
d6:42:cb:ae:91:77:56:b6
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=CA, ST=Ontario, L=Ottawa, O=Eclipse Foundation, Inc, OU=Paho, CN=Paho/emailAddress=icraggs@modelbasedtesting.co.uk
Validity
Not Before: Aug 9 12:48:22 2013 GMT
Not After : Jul 6 12:48:22 4751 GMT
Subject: C=UK, ST=England, L=Salisbury, CN=Ian Craggs/emailAddress=icraggs@modelbasedtesting.co.uk
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:cc:e4:31:36:31:bb:30:7c:16:a4:9b:d8:71:e6:
63:5a:3f:59:ba:11:9a:31:11:d6:5f:94:34:3d:45:
da:10:23:57:ac:91:75:23:fc:e6:b4:37:27:47:bf:
96:8b:6a:20:44:50:67:9d:4b:a6:46:f8:bc:28:77:
b8:65:e7:a5:e8:e9:01:e4:7f:a9:f4:b4:f6:9d:ef:
f4:bf:b0:b3:88:08:27:20:8a:0f:6c:fa:be:f0:e3:
51:bb:db:ed:83:b4:e2:89:d8:06:f1:55:32:4a:bd:
43:ca:14:92:84:20:05:36:47:c8:d7:db:ca:2d:29:
cb:24:ae:39:76:51:10:fc:08:a0:fe:5c:d7:df:6e:
23:97:f4:bd:2d:8d:ea:57:97:78:03:1f:c2:ea:b5:
c0:32:bc:7a:60:b4:37:8f:92:fe:cd:1e:0f:1e:85:
d2:ae:34:64:55:31:09:71:c0:a5:f6:b0:e5:3b:21:
2d:79:d4:e7:f0:8d:8f:1f:c9:70:fa:9f:e3:f9:31:
4e:c3:3c:d7:85:c6:08:20:03:bc:da:a4:36:8f:13:
4f:9f:69:84:c9:41:70:24:70:de:33:01:17:19:58:
3c:9f:cf:4c:a4:bd:28:ff:2b:16:6b:db:c6:05:2d:
5a:1e:5d:e3:86:e7:9b:14:31:70:e2:0a:02:9b:f5:
3d:e3
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
75:4a:4b:e8:68:44:02:81:fa:5f:35:6a:45:61:32:85:76:0f:
ba:95:3a:02:7d:4f:63:96:a8:54:69:b2:fe:f9:ba:14:ed:31:
4e:c8:f1:25:ba:eb:75:cf:85:11:b8:80:60:de:9e:90:99:a1:
0d:7e:2e:d8:79:47:3a:25:d8:ba:32:5f:7f:be:73:93:f0:2d:
10:ad:0a:ea:5b:13:a3:fa:5d:18:c3:81:79:9d:84:aa:f4:4b:
0c:a2:7b:9c:1a:dd:92:38:f7:53:c0:b9:e6:4c:c8:a1:4b:53:
2e:0b:a3:27:6f:5c:9d:a1:09:75:4f:6e:a4:f1:93:bc:fd:22:
69:31:87:31:3d:6f:c4:c5:ee:98:d1:df:22:c9:71:3a:7f:c4:
0d:59:a6:27:68:6d:f6:2b:28:17:cd:37:c3:68:04:e5:6b:a7:
8a:2a:02:33:21:a2:fa:5e:fc:8c:e6:d6:51:75:62:24:70:81:
50:42:e6:01:86:f8:34:dc:ac:2d:6b:f0:f3:ac:1a:28:f4:af:
34:9f:ba:ae:9e:c9:15:cc:8e:32:bb:a4:1a:56:6b:af:56:e5:
10:b1:d7:81:7e:1d:dd:e4:77:0c:6b:49:8c:b5:91:49:ef:f8:
19:9d:f9:93:4a:8c:92:1e:f7:6a:dd:51:09:90:01:85:d1:15:
11:cd:4f:ab
-----BEGIN CERTIFICATE-----
MIIDlzCCAn8CCQDWQsuukXdWtjANBgkqhkiG9w0BAQUFADCBoDELMAkGA1UEBhMC
Q0ExEDAOBgNVBAgMB09udGFyaW8xDzANBgNVBAcMBk90dGF3YTEgMB4GA1UECgwX
RWNsaXBzZSBGb3VuZGF0aW9uLCBJbmMxDTALBgNVBAsMBFBhaG8xDTALBgNVBAMM
BFBhaG8xLjAsBgkqhkiG9w0BCQEWH2ljcmFnZ3NAbW9kZWxiYXNlZHRlc3Rpbmcu
Y28udWswIBcNMTMwODA5MTI0ODIyWhgPNDc1MTA3MDYxMjQ4MjJaMHgxCzAJBgNV
BAYTAlVLMRAwDgYDVQQIDAdFbmdsYW5kMRIwEAYDVQQHDAlTYWxpc2J1cnkxEzAR
BgNVBAMMCklhbiBDcmFnZ3MxLjAsBgkqhkiG9w0BCQEWH2ljcmFnZ3NAbW9kZWxi
YXNlZHRlc3RpbmcuY28udWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDM5DE2MbswfBakm9hx5mNaP1m6EZoxEdZflDQ9RdoQI1eskXUj/Oa0NydHv5aL
aiBEUGedS6ZG+Lwod7hl56Xo6QHkf6n0tPad7/S/sLOICCcgig9s+r7w41G72+2D
tOKJ2AbxVTJKvUPKFJKEIAU2R8jX28otKcskrjl2URD8CKD+XNffbiOX9L0tjepX
l3gDH8LqtcAyvHpgtDePkv7NHg8ehdKuNGRVMQlxwKX2sOU7IS151OfwjY8fyXD6
n+P5MU7DPNeFxgggA7zapDaPE0+faYTJQXAkcN4zARcZWDyfz0ykvSj/KxZr28YF
LVoeXeOG55sUMXDiCgKb9T3jAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAHVKS+ho
RAKB+l81akVhMoV2D7qVOgJ9T2OWqFRpsv75uhTtMU7I8SW663XPhRG4gGDenpCZ
oQ1+Lth5Rzol2LoyX3++c5PwLRCtCupbE6P6XRjDgXmdhKr0Swyie5wa3ZI491PA
ueZMyKFLUy4LoydvXJ2hCXVPbqTxk7z9ImkxhzE9b8TF7pjR3yLJcTp/xA1Zpido
bfYrKBfNN8NoBOVrp4oqAjMhovpe/Izm1lF1YiRwgVBC5gGG+DTcrC1r8POsGij0
rzSfuq6eyRXMjjK7pBpWa69W5RCx14F+Hd3kdwxrSYy1kUnv+Bmd+ZNKjJIe92rd
UQmQAYXRFRHNT6s=
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDM5DE2MbswfBak
m9hx5mNaP1m6EZoxEdZflDQ9RdoQI1eskXUj/Oa0NydHv5aLaiBEUGedS6ZG+Lwo
d7hl56Xo6QHkf6n0tPad7/S/sLOICCcgig9s+r7w41G72+2DtOKJ2AbxVTJKvUPK
FJKEIAU2R8jX28otKcskrjl2URD8CKD+XNffbiOX9L0tjepXl3gDH8LqtcAyvHpg
tDePkv7NHg8ehdKuNGRVMQlxwKX2sOU7IS151OfwjY8fyXD6n+P5MU7DPNeFxggg
A7zapDaPE0+faYTJQXAkcN4zARcZWDyfz0ykvSj/KxZr28YFLVoeXeOG55sUMXDi
CgKb9T3jAgMBAAECggEBAMLH4JzTtE/Id8IvQhot2p+t///qwfoKKhEdFHh3knGr
F6s/cOwwfaYvlJEZ6uVIk7o98fLQOxfXWRDjl5KRIOGFub3fO9QdwSGuP6+ILXSR
w5ikhzukOKdKg6Yi0u5VpNNEYn1E8BWrTemrmwouYqYSojXLha1fwPZzBr+bG5ls
ahEUkWQR/4eJ4iPvt3J4cO03S5F+8zI9/nfEXabsxNnOZD5UKuIBJaEu8yjQWr5P
K7uJqowFEpAklhlnfVb+JHIzWtua+sl20g4hoq1e9q4UO8j3n9IxANxKW/0L0xhv
R8F6AbTrH1UZ5wkM2vTcYcBmRprqeUy/ZvFjMiDB3bkCgYEA9bZq+VMCiN5xCzNE
p7nqt0UVjjaLhLPSfC2WOYCipErOZA734IXs4oik1zE00jtjm3ufImfwyS4x/Trs
QhR/SL/5HeskCVJ13uGCYG7BHjDvFDYruCC67r4O0953K8oOdI4snVzd9BX+6vB+
kCks2iTKo2/7ftyP8yq/5yhO8L8CgYEA1Xg/PSvCf38dxzJxnNbpuEqo24QGxwwa
5AOp3yl13ujO2Sf32nCUj0ElHRaAVQE3UDAg62uAK++MHbzzioKYITxNUZvsBkYC
rjsGu/iRFZxHBvjKQKNpFc09z4JI0xg374DlAJ4k5tTk1oAxTEmGUEh/9GbgyPot
tuSU9kUh190CgYEAhBD1NGc6kIhG6Ec5GpGiJ7lZGaQVn1DrzFTQTr3mLToL7tng
v2wcY7IgL43CH1FOe26ZnOuTDv7mXX6DKA1OULLmWf9d0ijhM9evtNcys2CH0CxB
mWj2MIY1AAmtsfqbhGg6cKZOofgEmRCEZkXLVsC5rdjtq0UvlfqfRMZ0j48CgYEA
mvJnZK1oxkashLRWxzMv/rcijgPtL3nX4v3NxdBAYIa37eQXAhWJn9n3aH+2svzo
+2mT243yQPHl0Iggdr+IUUeGD+CPl5Ylx/XMU5B/LyJ6Y9Mea4CxfEO3w/Gbjq4b
m9sBXktsGakaWaA/KFKODaQyTGKIcxk1KXYNshxIDnkCgYEAuqMBohQViDDubWB/
1pZHkyYzjhrpD42UjsdWprTLeXb4ZOrM+Oc2HT3qkPiqW0M+sidJV9sqib0/0MKL
mrex5nxbnPfqpFobr3G2ZUT4JFFuT7AoQ3gvNbR7vQKfKWAeL6hnLlBXb37sA0Z2
gZ/mme8VKHmT4L1l0JAkPFwNA4I=
-----END PRIVATE KEY-----
Private-Key: (2048 bit)
modulus:
00:cc:e4:31:36:31:bb:30:7c:16:a4:9b:d8:71:e6:
63:5a:3f:59:ba:11:9a:31:11:d6:5f:94:34:3d:45:
da:10:23:57:ac:91:75:23:fc:e6:b4:37:27:47:bf:
96:8b:6a:20:44:50:67:9d:4b:a6:46:f8:bc:28:77:
b8:65:e7:a5:e8:e9:01:e4:7f:a9:f4:b4:f6:9d:ef:
f4:bf:b0:b3:88:08:27:20:8a:0f:6c:fa:be:f0:e3:
51:bb:db:ed:83:b4:e2:89:d8:06:f1:55:32:4a:bd:
43:ca:14:92:84:20:05:36:47:c8:d7:db:ca:2d:29:
cb:24:ae:39:76:51:10:fc:08:a0:fe:5c:d7:df:6e:
23:97:f4:bd:2d:8d:ea:57:97:78:03:1f:c2:ea:b5:
c0:32:bc:7a:60:b4:37:8f:92:fe:cd:1e:0f:1e:85:
d2:ae:34:64:55:31:09:71:c0:a5:f6:b0:e5:3b:21:
2d:79:d4:e7:f0:8d:8f:1f:c9:70:fa:9f:e3:f9:31:
4e:c3:3c:d7:85:c6:08:20:03:bc:da:a4:36:8f:13:
4f:9f:69:84:c9:41:70:24:70:de:33:01:17:19:58:
3c:9f:cf:4c:a4:bd:28:ff:2b:16:6b:db:c6:05:2d:
5a:1e:5d:e3:86:e7:9b:14:31:70:e2:0a:02:9b:f5:
3d:e3
publicExponent: 65537 (0x10001)
privateExponent:
00:c2:c7:e0:9c:d3:b4:4f:c8:77:c2:2f:42:1a:2d:
da:9f:ad:ff:ff:ea:c1:fa:0a:2a:11:1d:14:78:77:
92:71:ab:17:ab:3f:70:ec:30:7d:a6:2f:94:91:19:
ea:e5:48:93:ba:3d:f1:f2:d0:3b:17:d7:59:10:e3:
97:92:91:20:e1:85:b9:bd:df:3b:d4:1d:c1:21:ae:
3f:af:88:2d:74:91:c3:98:a4:87:3b:a4:38:a7:4a:
83:a6:22:d2:ee:55:a4:d3:44:62:7d:44:f0:15:ab:
4d:e9:ab:9b:0a:2e:62:a6:12:a2:35:cb:85:ad:5f:
c0:f6:73:06:bf:9b:1b:99:6c:6a:11:14:91:64:11:
ff:87:89:e2:23:ef:b7:72:78:70:ed:37:4b:91:7e:
f3:32:3d:fe:77:c4:5d:a6:ec:c4:d9:ce:64:3e:54:
2a:e2:01:25:a1:2e:f3:28:d0:5a:be:4f:2b:bb:89:
aa:8c:05:12:90:24:96:19:67:7d:56:fe:24:72:33:
5a:db:9a:fa:c9:76:d2:0e:21:a2:ad:5e:f6:ae:14:
3b:c8:f7:9f:d2:31:00:dc:4a:5b:fd:0b:d3:18:6f:
47:c1:7a:01:b4:eb:1f:55:19:e7:09:0c:da:f4:dc:
61:c0:66:46:9a:ea:79:4c:bf:66:f1:63:32:20:c1:
dd:b9
prime1:
00:f5:b6:6a:f9:53:02:88:de:71:0b:33:44:a7:b9:
ea:b7:45:15:8e:36:8b:84:b3:d2:7c:2d:96:39:80:
a2:a4:4a:ce:64:0e:f7:e0:85:ec:e2:88:a4:d7:31:
34:d2:3b:63:9b:7b:9f:22:67:f0:c9:2e:31:fd:3a:
ec:42:14:7f:48:bf:f9:1d:eb:24:09:52:75:de:e1:
82:60:6e:c1:1e:30:ef:14:36:2b:b8:20:ba:ee:be:
0e:d3:de:77:2b:ca:0e:74:8e:2c:9d:5c:dd:f4:15:
fe:ea:f0:7e:90:29:2c:da:24:ca:a3:6f:fb:7e:dc:
8f:f3:2a:bf:e7:28:4e:f0:bf
prime2:
00:d5:78:3f:3d:2b:c2:7f:7f:1d:c7:32:71:9c:d6:
e9:b8:4a:a8:db:84:06:c7:0c:1a:e4:03:a9:df:29:
75:de:e8:ce:d9:27:f7:da:70:94:8f:41:25:1d:16:
80:55:01:37:50:30:20:eb:6b:80:2b:ef:8c:1d:bc:
f3:8a:82:98:21:3c:4d:51:9b:ec:06:46:02:ae:3b:
06:bb:f8:91:15:9c:47:06:f8:ca:40:a3:69:15:cd:
3d:cf:82:48:d3:18:37:ef:80:e5:00:9e:24:e6:d4:
e4:d6:80:31:4c:49:86:50:48:7f:f4:66:e0:c8:fa:
2d:b6:e4:94:f6:45:21:d7:dd
exponent1:
00:84:10:f5:34:67:3a:90:88:46:e8:47:39:1a:91:
a2:27:b9:59:19:a4:15:9f:50:eb:cc:54:d0:4e:bd:
e6:2d:3a:0b:ee:d9:e0:bf:6c:1c:63:b2:20:2f:8d:
c2:1f:51:4e:7b:6e:99:9c:eb:93:0e:fe:e6:5d:7e:
83:28:0d:4e:50:b2:e6:59:ff:5d:d2:28:e1:33:d7:
af:b4:d7:32:b3:60:87:d0:2c:41:99:68:f6:30:86:
35:00:09:ad:b1:fa:9b:84:68:3a:70:a6:4e:a1:f8:
04:99:10:84:66:45:cb:56:c0:b9:ad:d8:ed:ab:45:
2f:95:fa:9f:44:c6:74:8f:8f
exponent2:
00:9a:f2:67:64:ad:68:c6:46:ac:84:b4:56:c7:33:
2f:fe:b7:22:8e:03:ed:2f:79:d7:e2:fd:cd:c5:d0:
40:60:86:b7:ed:e4:17:02:15:89:9f:d9:f7:68:7f:
b6:b2:fc:e8:fb:69:93:db:8d:f2:40:f1:e5:d0:88:
20:76:bf:88:51:47:86:0f:e0:8f:97:96:25:c7:f5:
cc:53:90:7f:2f:22:7a:63:d3:1e:6b:80:b1:7c:43:
b7:c3:f1:9b:8e:ae:1b:9b:db:01:5e:4b:6c:19:a9:
1a:59:a0:3f:28:52:8e:0d:a4:32:4c:62:88:73:19:
35:29:76:0d:b2:1c:48:0e:79
coefficient:
00:ba:a3:01:a2:14:15:88:30:ee:6d:60:7f:d6:96:
47:93:26:33:8e:1a:e9:0f:8d:94:8e:c7:56:a6:b4:
cb:79:76:f8:64:ea:cc:f8:e7:36:1d:3d:ea:90:f8:
aa:5b:43:3e:b2:27:49:57:db:2a:89:bd:3f:d0:c2:
8b:9a:b7:b1:e6:7c:5b:9c:f7:ea:a4:5a:1b:af:71:
b6:65:44:f8:24:51:6e:4f:b0:28:43:78:2f:35:b4:
7b:bd:02:9f:29:60:1e:2f:a8:67:2e:50:57:6f:7e:
ec:03:46:76:81:9f:e6:99:ef:15:28:79:93:e0:bd:
65:d0:90:24:3c:5c:0d:03:82
test/ssl/client/crtpem.sh deleted 100644 → 0
View file @ 3a56d3dc
rm client.pem
openssl x509 -in ../server/ca.crt -text >> client.pem
openssl x509 -in client.crt -text >> client.pem
openssl pkey -in client.key -text >> client.pem
test/ssl/client/generate.sh deleted 100644 → 0
View file @ 3a56d3dc
# Generate a client key.
openssl genrsa -des3 -out client.key 2048
# Generate a certificate signing request to send to the CA.
openssl req -out client.csr -key client.key -new
# Send the CSR to the CA, or sign it with your CA key:
openssl x509 -req -in client.csr -CA ../server/ca.crt -CAkey ../server/ca.key -CAcreateserial -out client.crt -days 999999
test/ssl/mosquitto.conf
View file @ c48ba955
# Config file for mosquitto
#
# See mosquitto.conf(5) for more information.
#
# Default values are shown, uncomment to change.
#
# Use the # character to indicate a comment, but only if it is the
# very first character on the line.
# =================================================================
# General configuration
# =================================================================
# Time in seconds to wait before resending an outgoing QoS=1 or
# QoS=2 message.
#retry_interval 20
# Time in seconds between updates of the $SYS tree.
#sys_interval 10
# Time in seconds between cleaning the internal message store of
# unreferenced messages. Lower values will result in lower memory
# usage but more processor time, higher values will have the
# opposite effect.
# Setting a value of 0 means the unreferenced messages will be
# disposed of as quickly as possible.
#store_clean_interval 10
# Write process id to a file. Default is a blank string which means
# a pid file shouldn't be written.
# This should be set to /var/run/mosquitto.pid if mosquitto is
# being run automatically on boot with an init script and
# start-stop-daemon or similar.
#pid_file
# When run as root, drop privileges to this user and its primary
# group.
# Leave blank to stay as root, but this is not recommended.
# If run as a non-root user, this setting has no effect.
# Note that on Windows this has no effect and so mosquitto should
# be started by the user you wish it to run as.
#user mosquitto
# The maximum number of QoS 1 and 2 messages currently inflight per
# client.
# This includes messages that are partway through handshakes and
# those that are being retried. Defaults to 20. Set to 0 for no
# maximum. Setting to 1 will guarantee in-order delivery of QoS 1
# and 2 messages.
#max_inflight_messages 20
# The maximum number of QoS 1 and 2 messages to hold in a queue
# above those that are currently in-flight. Defaults to 100. Set
# to 0 for no maximum (not recommended).
# See also queue_qos0_messages.
#max_queued_messages 100
# Set to true to queue messages with QoS 0 when a persistent client is
# disconnected. These messages are included in the limit imposed by
# max_queued_messages.
# Defaults to false.
# Note that the MQTT v3.1 spec states that only QoS 1 and 2 messages
# should be saved in this situation so this is a non-standard option.
#queue_qos0_messages false
# This option sets the maximum publish payload size that the broker will allow.
# Received messages that exceed this size will not be accepted by the broker.
# The default value is 0, which means that all valid MQTT messages are
# accepted. MQTT imposes a maximum payload size of 268435455 bytes.
#message_size_limit 0
# This option allows persistent clients (those with clean session set to false)
# to be removed if they do not reconnect within a certain time frame. This is a
# non-standard option. As far as the MQTT spec is concerned, persistent clients
# persist forever.
# Badly designed clients may set clean session to false whilst using a randomly
# generated client id. This leads to persistent clients that will never
# reconnect. This option allows these clients to be removed.
#
# The expiration period should be an integer followed by one of d w m y for
# day, week, month and year respectively. For example
#
# persistent_client_expiration 2m
# persistent_client_expiration 14d
# persistent_client_expiration 1y
#
# As this is a non-standard option, the default if not set is to never expire
# persistent clients.
#persistent_client_expiration
# If a client is subscribed to multiple subscriptions that overlap, e.g. foo/#
# and foo/+/baz , then MQTT expects that when the broker receives a message on
# a topic that matches both subscriptions, such as foo/bar/baz, then the client
# should only receive the message once.
# Mosquitto keeps track of which clients a message has been sent to in order to
# meet this requirement. The allow_duplicate_messages option allows this
# behaviour to be disabled, which may be useful if you have a large number of
# clients subscribed to the same set of topics and are very concerned about
# minimising memory usage.
# It can be safely set to true if you know in advance that your clients will
# never have overlapping subscriptions, otherwise your clients must be able to
# correctly deal with duplicate messages even when then have QoS=2.
#allow_duplicate_messages false
# The MQTT specification requires that the QoS of a message delivered to a
# subscriber is never upgraded to match the QoS of the subscription. Enabling
# this option changes this behaviour. If upgrade_outgoing_qos is set true,
# messages sent to a subscriber will always match the QoS of its subscription.
# This is a non-standard option not provided for by the spec.
#upgrade_outgoing_qos false
# =================================================================
# Default listener
# =================================================================
# IP address/hostname to bind the default listener to. If not
# given, the default listener will not be bound to a specific
# address and so will be accessible to all network interfaces.
# bind_address ip-address/host name
#bind_address
# Port to use for the default listener.
#port 1883
# The maximum number of client connections to allow. This is
# a per listener setting.
# Default is -1, which means unlimited connections.
# Note that other process limits mean that unlimited connections
# are not really possible. Typically the default maximum number of
# connections possible is around 1024.
#max_connections -1
# -----------------------------------------------------------------
# Certificate based SSL/TLS support
# -----------------------------------------------------------------
# The following options can be used to enable SSL/TLS support for
# this listener. Note that the recommended port for MQTT over TLS
# is 8883, but this must be set manually.
#
# See also the mosquitto-tls man page.
# At least one of cafile or capath must be defined. They both
# define methods of accessing the PEM encoded Certificate
# Authority certificates that have signed your server certificate
# and that you wish to trust.
# cafile defines the path to a file containing the CA certificates.
# capath defines a directory that will be searched for files
# containing the CA certificates. For capath to work correctly, the
# certificate files must have ".crt" as the file ending and you must run
# "c_rehash <path to capath>" each time you add/remove a certificate.
#cafile
#capath
# Path to the PEM encoded server certificate.
#certfile
# Path to the PEM encoded keyfile.
#keyfile
# This option defines the version of the TLS protocol to use for this listener.
# The default value will always be the highest version that is available for
# the version of openssl that the broker was compiled against. For openssl >=
# 1.0.1 the valid values are tlsv1.2 tlsv1.1 and tlsv1. For openssl < 1.0.1 the
# valid values are tlsv1.
#tls_version
# By default a TLS enabled listener will operate in a similar fashion to a
# https enabled web server, in that the server has a certificate signed by a CA
# and the client will verify that it is a trusted certificate. The overall aim
# is encryption of the network traffic. By setting require_certificate to true,
# the client must provide a valid certificate in order for the network
# connection to proceed. This allows access to the broker to be controlled
# outside of the mechanisms provided by MQTT.
#require_certificate false
# If require_certificate is true, you may set use_identity_as_username to true
# to use the CN value from the client certificate as a username. If this is
# true, the password_file option will not be used for this listener.
#use_identity_as_username false
# If you have require_certificate set to true, you can create a certificate
# revocation list file to revoke access to particular client certificates. If
# you have done this, use crlfile to point to the PEM encoded revocation file.
#crlfile
# If you wish to control which encryption ciphers are used, use the ciphers
# option. The list of available ciphers can be optained using the "openssl
# ciphers" command and should be provided in the same format as the output of
# that command.
#ciphers
# -----------------------------------------------------------------
# Pre-shared-key based SSL/TLS support
# -----------------------------------------------------------------
# The following options can be used to enable PSK based SSL/TLS support for
# this listener. Note that the recommended port for MQTT over TLS is 8883, but
# this must be set manually.
#
# See also the mosquitto-tls man page and the "Certificate based SSL/TLS
# support" section. Only one of certificate or PSK encryption support can be
# enabled for any listener.
# The psk_hint option enables pre-shared-key support for this listener and also
# acts as an identifier for this listener. The hint is sent to clients and may
# be used locally to aid authentication. The hint is a free form string that
# doesn't have much meaning in itself, so feel free to be creative.
# If this option is provided, see psk_file to define the pre-shared keys to be
# used or create a security plugin to handle them.
#psk_hint
# Set use_identity_as_username to have the psk identity sent by the client used
# as its username. Authentication will be carried out using the PSK rather than
# the MQTT username/password and so password_file will not be used for this
# listener.
#use_identity_as_username false
# When using PSK, the encryption ciphers used will be chosen from the list of
# available PSK ciphers. If you want to control which ciphers are available,
# use the "ciphers" option. The list of available ciphers can be optained
# using the "openssl ciphers" command and should be provided in the same format
# as the output of that command.
#ciphers
# =================================================================
# Extra listeners
# =================================================================
# Listen on a port/ip address combination. By using this variable
# multiple times, mosquitto can listen on more than one port. If
# this variable is used and neither bind_address nor port given,
# then the default listener will not be started.
# The port number to listen on must be given. Optionally, an ip
# address or host name may be supplied as a second argument. In
# this case, mosquitto will attempt to bind the listener to that
# address and so restrict access to the associated network and
# interface. By default, mosquitto will listen on all interfaces.
# listener port-number [ip address/host name]
#listener
# The maximum number of client connections to allow. This is
# a per listener setting.
# Default is -1, which means unlimited connections.
# Note that other process limits mean that unlimited connections
# are not really possible. Typically the default maximum number of
# connections possible is around 1024.
#max_connections -1
# The listener can be restricted to operating within a topic hierarchy using
# the mount_point option. This is achieved be prefixing the mount_point string
# to all topics for any clients connected to this listener. This prefixing only
# happens internally to the broker; the client will not see the prefix.
#mount_point
# -----------------------------------------------------------------
# Certificate based SSL/TLS support
# -----------------------------------------------------------------
# The following options can be used to enable certificate based SSL/TLS support
# for this listener. Note that the recommended port for MQTT over TLS is 8883,
# but this must be set manually.
#
# See also the mosquitto-tls man page and the "Pre-shared-key based SSL/TLS
# support" section. Only one of certificate or PSK encryption support can be
# enabled for any listener.
# At least one of cafile or capath must be defined to enable certificate based
# TLS encryption. They both define methods of accessing the PEM encoded
# Certificate Authority certificates that have signed your server certificate
# and that you wish to trust.
# cafile defines the path to a file containing the CA certificates.
# capath defines a directory that will be searched for files
# containing the CA certificates. For capath to work correctly, the
# certificate files must have ".crt" as the file ending and you must run
# "c_rehash <path to capath>" each time you add/remove a certificate.
#cafile
#capath
# Path to the PEM encoded server certificate.
#certfile
# Path to the PEM encoded keyfile.
#keyfile
# By default an TLS enabled listener will operate in a similar fashion to a
# https enabled web server, in that the server has a certificate signed by a CA
# and the client will verify that it is a trusted certificate. The overall aim
# is encryption of the network traffic. By setting require_certificate to true,
# the client must provide a valid certificate in order for the network
# connection to proceed. This allows access to the broker to be controlled
# outside of the mechanisms provided by MQTT.
#require_certificate false
# If require_certificate is true, you may set use_identity_as_username to true
# to use the CN value from the client certificate as a username. If this is
# true, the password_file option will not be used for this listener.
#use_identity_as_username false
# If you have require_certificate set to true, you can create a certificate
# revocation list file to revoke access to particular client certificates. If
# you have done this, use crlfile to point to the PEM encoded revocation file.
#crlfile
# If you wish to control which encryption ciphers are used, use the ciphers
# option. The list of available ciphers can be optained using the "openssl
# ciphers" command and should be provided in the same format as the output of
# that command.
#ciphers
# -----------------------------------------------------------------
# Pre-shared-key based SSL/TLS support
# -----------------------------------------------------------------
# The following options can be used to enable PSK based SSL/TLS support for
# this listener. Note that the recommended port for MQTT over TLS is 8883, but
# this must be set manually.
#
# See also the mosquitto-tls man page and the "Certificate based SSL/TLS
# support" section. Only one of certificate or PSK encryption support can be
# enabled for any listener.
# The psk_hint option enables pre-shared-key support for this listener and also
# acts as an identifier for this listener. The hint is sent to clients and may
# be used locally to aid authentication. The hint is a free form string that
# doesn't have much meaning in itself, so feel free to be creative.
# If this option is provided, see psk_file to define the pre-shared keys to be
# used or create a security plugin to handle them.
#psk_hint
# Set use_identity_as_username to have the psk identity sent by the client used
# as its username. Authentication will be carried out using the PSK rather than
# the MQTT username/password and so password_file will not be used for this
# listener.
#use_identity_as_username false
# When using PSK, the encryption ciphers used will be chosen from the list of
# available PSK ciphers. If you want to control which ciphers are available,
# use the "ciphers" option. The list of available ciphers can be optained
# using the "openssl ciphers" command and should be provided in the same format
# as the output of that command.
#ciphers
# =================================================================
# Persistence
# =================================================================
# If persistence is enabled, save the in-memory database to disk
# every autosave_interval seconds. If set to 0, the persistence
# database will only be written when mosquitto exits. See also
# autosave_on_changes.
# Note that writing of the persistence database can be forced by
# sending mosquitto a SIGUSR1 signal.
#autosave_interval 1800
# If true, mosquitto will count the number of subscription changes, retained
# messages received and queued messages and if the total exceeds
# autosave_interval then the in-memory database will be saved to disk.
# If false, mosquitto will save the in-memory database to disk by treating
# autosave_interval as a time in seconds.
#autosave_on_changes false
# Save persistent message data to disk (true/false).
# This saves information about all messages, including
# subscriptions, currently in-flight messages and retained
# messages.
# retained_persistence is a synonym for this option.
#persistence false
# The filename to use for the persistent database, not including
# the path.
#persistence_file mosquitto.db
# Location for persistent database. Must include trailing /
# Default is an empty string (current directory).
# Set to e.g. /var/lib/mosquitto/ if running as a proper service on Linux or
# similar.
#persistence_location
# =================================================================
# Logging
# =================================================================
# Places to log to. Use multiple log_dest lines for multiple
# logging destinations.
# Possible destinations are: stdout stderr syslog topic file
#
# stdout and stderr log to the console on the named output.
#
# syslog uses the userspace syslog facility which usually ends up
# in /var/log/messages or similar.
#
# topic logs to the broker topic '$SYS/broker/log/<severity>',
# where severity is one of D, E, W, N, I, M which are debug, error,
# warning, notice, information and message. Message type severity is used by
# the subscribe/unsubscribe log_types and publishes log messages to
# $SYS/broker/log/M/susbcribe or $SYS/broker/log/M/unsubscribe.
#
# The file destination requires an additional parameter which is the file to be
# logged to, e.g. "log_dest file /var/log/mosquitto.log". The file will be
# closed and reopened when the broker receives a HUP signal. Only a single file
# destination may be configured.
#
# Note that if the broker is running as a Windows service it will default to
# "log_dest none" and neither stdout nor stderr logging is available.
# Use "log_dest none" if you wish to disable logging.
#log_dest stderr
# Types of messages to log. Use multiple log_type lines for logging
# multiple types of messages.
# Possible types are: debug, error, warning, notice, information,
# none, subscribe, unsubscribe, all.
# Note that debug type messages are for decoding the incoming/outgoing
# network packets. They are not logged in "topics".
log_type error log_type error
log_type warning log_type warning
log_type notice log_type notice
log_type information log_type information
log_type debug log_type debug
# If set to true, client connection and disconnection messages will be included
# in the log.
#connection_messages true
# If set to true, add a timestamp value to each log message.
#log_timestamp true
# =================================================================
# Security
# =================================================================
# If set, only clients that have a matching prefix on their
# clientid will be allowed to connect to the broker. By default,
# all clients may connect.
# For example, setting "secure-" here would mean a client "secure-
# client" could connect but another with clientid "mqtt" couldn't.
#clientid_prefixes
# Boolean value that determines whether clients that connect
# without providing a username are allowed to connect. If set to
# false then a password file should be created (see the
# password_file option) to control authenticated client access.
# Defaults to true.
allow_anonymous true allow_anonymous true
# In addition to the clientid_prefixes, allow_anonymous and TLS # non-SSL listener
# authentication options, username based authentication is also listener 18883
# possible. The default support is described in "Default
# authentication and topic access control" below. The auth_plugin
# allows another authentication method to be used.
# Specify the path to the loadable plugin and see the
# "Authentication and topic access plugin options" section below.
#auth_plugin
# -----------------------------------------------------------------
# Default authentication and topic access control
# -----------------------------------------------------------------
# Control access to the broker using a password file. This file can be
# generated using the mosquitto_passwd utility. If TLS support is not compiled
# into mosquitto (it is recommended that TLS support should be included) then
# plain text passwords are used, in which case the file should be a text file
# with lines in the format:
# username:password
# The password (and colon) may be omitted if desired, although this
# offers very little in the way of security.
#
# See the TLS client require_certificate and use_identity_as_username options
# for alternative authentication options.
#password_file
# Access may also be controlled using a pre-shared-key file. This requires
# TLS-PSK support and a listener configured to use it. The file should be text
# lines in the format:
# identity:key
# The key should be in hexadecimal format without a leading "0x".
#psk_file
# Control access to topics on the broker using an access control list
# file. If this parameter is defined then only the topics listed will
# have access.
# If the first character of a line of the ACL file is a # it is treated as a
# comment.
# Topic access is added with lines of the format:
#
# topic [read|write] <topic>
#
# The access type is controlled using "read" or "write". This parameter
# is optional - if not given then the access is read/write.
# <topic> can contain the + or # wildcards as in subscriptions.
#
# The first set of topics are applied to anonymous clients, assuming
# allow_anonymous is true. User specific topic ACLs are added after a
# user line as follows:
#
# user <username>
#
# The username referred to here is the same as in password_file. It is
# not the clientid.
#
#
# If is also possible to define ACLs based on pattern substitution within the
# topic. The patterns available for substition are:
#
# %c to match the client id of the client
# %u to match the username of the client
#
# The substitution pattern must be the only text for that level of hierarchy.
#
# The form is the same as for the topic keyword, but using pattern as the
# keyword.
# Pattern ACLs apply to all users even if the "user" keyword has previously
# been given.
#
# If using bridges with usernames and ACLs, connection messages can be allowed
# with the following pattern:
# pattern write $SYS/broker/connection/%c/state
#
# pattern [read|write] <topic>
#
# Example:
#
# pattern write sensor/%u/data
#
#acl_file
# -----------------------------------------------------------------
# Authentication and topic access plugin options
# -----------------------------------------------------------------
# If the auth_plugin option above is used, define options to pass to the
# plugin here as described by the plugin instructions. All options named
# using the format auth_opt_* will be passed to the plugin, for example:
#
# auth_opt_db_host
# auth_opt_db_port
# auth_opt_db_username
# auth_opt_db_password
# =================================================================
# Bridges
# =================================================================
# A bridge is a way of connecting multiple MQTT brokers together.
# Create a new bridge using the "connection" option as described below. Set
# options for the bridges using the remaining parameters. You must specify the
# address and at least one topic to subscribe to.
# Each connection must have a unique name.
# The address line may have multiple host address and ports specified. See
# below in the round_robin description for more details on bridge behaviour if
# multiple addresses are used.
# The direction that the topic will be shared can be chosen by
# specifying out, in or both, where the default value is out.
# The QoS level of the bridged communication can be specified with the next
# topic option. The default QoS level is 0, to change the QoS the topic
# direction must also be given.
# The local and remote prefix options allow a topic to be remapped when it is
# bridged to/from the remote broker. This provides the ability to place a topic
# tree in an appropriate location.
# For more details see the mosquitto.conf man page.
# Multiple topics can be specified per connection, but be careful
# not to create any loops.
# If you are using bridges with cleansession set to false (the default), then
# you may get unexpected behaviour from incoming topics if you change what
# topics you are subscribing to. This is because the remote broker keeps the
# subscription for the old topic. If you have this problem, connect your bridge
# with cleansession set to true, then reconnect with cleansession set to false
# as normal.
#connection <name>
#address <host>[:<port>] [<host>[:<port>]]
#topic <topic> [[[out | in | both] qos-level] local-prefix remote-prefix]
# If the bridge has more than one address given in the address/addresses
# configuration, the round_robin option defines the behaviour of the bridge on
# a failure of the bridge connection. If round_robin is false, the default
# value, then the first address is treated as the main bridge connection. If
# the connection fails, the other secondary addresses will be attempted in
# turn. Whilst connected to a secondary bridge, the bridge will periodically
# attempt to reconnect to the main bridge until successful.
# If round_robin is true, then all addresses are treated as equals. If a
# connection fails, the next address will be tried and if successful will
# remain connected until it fails
#round_robin false
# Set the client id for this bridge connection. If not defined,
# this defaults to 'name.hostname' where name is the connection
# name and hostname is the hostname of this computer.
#clientid
# Set the clean session variable for this bridge.
# When set to true, when the bridge disconnects for any reason, all
# messages and subscriptions will be cleaned up on the remote
# broker. Note that with cleansession set to true, there may be a
# significant amount of retained messages sent when the bridge
# reconnects after losing its connection.
# When set to false, the subscriptions and messages are kept on the
# remote broker, and delivered when the bridge reconnects.
#cleansession false
# If set to true, publish notification messages to the local and remote brokers
# giving information about the state of the bridge connection. Retained
# messages are published to the topic $SYS/broker/connection/<clientid>/state
# unless the notification_topic option is used.
# If the message is 1 then the connection is active, or 0 if the connection has
# failed.
#notifications true
# Choose the topic on which notification messages for this bridge are
# published. If not set, messages are published on the topic
# $SYS/broker/connection/<clientid>/state
#notification_topic
# Set the keepalive interval for this bridge connection, in
# seconds.
#keepalive_interval 60
# Set the start type of the bridge. This controls how the bridge starts and # listener for mutual authentication
# can be one of three types: automatic, lazy and once. Note that RSMB provides listener 18884
# a fourth start type "manual" which isn't currently supported by mosquitto. cafile /etc/mosquitto/tls-testing/keys/all-ca.crt
# certfile /etc/mosquitto/tls-testing/keys/server/server.crt
# "automatic" is the default start type and means that the bridge connection keyfile /etc/mosquitto/tls-testing/keys/server/server.key
# will be started automatically when the broker starts and also restarted
# after a short delay (30 seconds) if the connection fails.
#
# Bridges using the "lazy" start type will be started automatically when the
# number of queued messages exceeds the number set with the "threshold"
# parameter. It will be stopped automatically after the time set by the
# "idle_timeout" parameter. Use this start type if you wish the connection to
# only be active when it is needed.
#
# A bridge using the "once" start type will be started automatically when the
# broker starts but will not be restarted if the connection fails.
#start_type automatic
# Set the amount of time a bridge using the automatic start type will wait
# until attempting to reconnect. Defaults to 30 seconds.
#restart_timeout 30
# Set the amount of time a bridge using the lazy start type must be idle before
# it will be stopped. Defaults to 60 seconds.
#idle_timeout 60
# Set the number of messages that need to be queued for a bridge with lazy
# start type to be restarted. Defaults to 10 messages.
# Must be less than max_queued_messages.
#threshold 10
# If try_private is set to true, the bridge will attempt to indicate to the
# remote broker that it is a bridge not an ordinary client. If successful, this
# means that loop detection will be more effective and that retained messages
# will be propagated correctly. Not all brokers support this feature so it may
# be necessary to set try_private to false if your bridge does not connect
# properly.
#try_private true
# Set the username to use when connecting to an MQTT v3.1 broker
# that requires authentication.
#username
# Set the password to use when connecting to an MQTT v3.1 broker
# that requires authentication. This option is only used if
# username is also set.
#password
# -----------------------------------------------------------------
# Certificate based SSL/TLS support
# -----------------------------------------------------------------
# Either bridge_cafile or bridge_capath must be defined to enable TLS support
# for this bridge.
# bridge_cafile defines the path to a file containing the
# Certificate Authority certificates that have signed the remote broker
# certificate.
# bridge_capath defines a directory that will be searched for files containing
# the CA certificates. For bridge_capath to work correctly, the certificate
# files must have ".crt" as the file ending and you must run "c_rehash <path to
# capath>" each time you add/remove a certificate.
#bridge_cafile
#bridge_capath
# Path to the PEM encoded client certificate, if required by the remote broker.
#bridge_certfile
# Path to the PEM encoded client private key, if required by the remote broker.
#bridge_keyfile
# When using certificate based encryption, bridge_insecure disables
# verification of the server hostname in the server certificate. This can be
# useful when testing initial server configurations, but makes it possible for
# a malicious third party to impersonate your server through DNS spoofing, for
# example. Use this option in testing only. If you need to resort to using this
# option in a production environment, your setup is at fault and there is no
# point using encryption.
#bridge_insecure false
# -----------------------------------------------------------------
# PSK based SSL/TLS support
# -----------------------------------------------------------------
# Pre-shared-key encryption provides an alternative to certificate based
# encryption. A bridge can be configured to use PSK with the bridge_identity
# and bridge_psk options. These are the client PSK identity, and pre-shared-key
# in hexadecimal format with no "0x". Only one of certificate and PSK based
# encryption can be used on one
# bridge at once.
#bridge_identity
#bridge_psk
# =================================================================
# External config files
# =================================================================
# External configuration files may be included by using the
# include_dir option. This defines a directory that will be searched
# for config files. All files that end in '.conf' will be loaded as
# a configuration file. It is best to have this as the last option
# in the main file. This option will only be processed from the main
# configuration file. The directory specified must not contain the
# main configuration file.
#include_dir
# =================================================================
# Unsupported rsmb options - for the future
# =================================================================
#addresses
#round_robin
# =================================================================
# rsmb options - unlikely to ever be supported
# =================================================================
#ffdc_output
#max_log_entries
#trace_level
#trace_output
# listener for mutual authentication - includes client certificate in trust store
listener 8883
cafile keys/client/client.pem
certfile keys/server/server.crt
keyfile keys/server/server.key
require_certificate true
# listener for mutual authentication only but no client certificate
listener 8884
cafile keys/server/ca.crt
certfile keys/server/server.crt
keyfile keys/server/server.key
require_certificate true require_certificate true
# server authentication - includes client certificate in trust store # server authentication - no client authentication
listener 8885 listener 18885
cafile keys/client/client.pem cafile /etc/mosquitto/tls-testing/keys/all-ca.crt
certfile keys/server/server.crt certfile /etc/mosquitto/tls-testing/keys/server/server.crt
keyfile keys/server/server.key keyfile /etc/mosquitto/tls-testing/keys/server/server.key
require_certificate false require_certificate false
listener 8886 listener 18886
cafile keys/server/ca.crt cafile /etc/mosquitto/tls-testing/keys/all-ca.crt
certfile keys/server/server.crt certfile /etc/mosquitto/tls-testing/keys/server/server.crt
keyfile keys/server/server.key keyfile /etc/mosquitto/tls-testing/keys/server/server.key
require_certificate false require_certificate false
ciphers ADH-DES-CBC-SHA ciphers ADH-DES-CBC-SHA
# server authentication - no client authentication - uses fake hostname to
# simulate mitm attack. Clients should refuse to connect to this listener.
listener 18887
cafile /etc/mosquitto/tls-testing/keys/all-ca.crt
certfile /etc/mosquitto/tls-testing/keys/server/server-mitm.crt
keyfile /etc/mosquitto/tls-testing/keys/server/server-mitm.key
require_certificate false
test/ssl/server/ca.crt deleted 100644 → 0
View file @ 3a56d3dc
-----BEGIN CERTIFICATE-----
MIIEFzCCAv+gAwIBAgIJAL/Q5ponDxadMA0GCSqGSIb3DQEBBQUAMIGgMQswCQYD
VQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEPMA0GA1UEBwwGT3R0YXdhMSAwHgYD
VQQKDBdFY2xpcHNlIEZvdW5kYXRpb24sIEluYzENMAsGA1UECwwEUGFobzENMAsG
A1UEAwwEUGFobzEuMCwGCSqGSIb3DQEJARYfaWNyYWdnc0Btb2RlbGJhc2VkdGVz
dGluZy5jby51azAgFw0xMzA4MDkxMjQ1NTZaGA80NzUxMDcwNjEyNDU1NlowgaAx
CzAJBgNVBAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMQ8wDQYDVQQHDAZPdHRhd2Ex
IDAeBgNVBAoMF0VjbGlwc2UgRm91bmRhdGlvbiwgSW5jMQ0wCwYDVQQLDARQYWhv
MQ0wCwYDVQQDDARQYWhvMS4wLAYJKoZIhvcNAQkBFh9pY3JhZ2dzQG1vZGVsYmFz
ZWR0ZXN0aW5nLmNvLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
su//oVbG65kBckviUHwj15LEeZ8e2f/UlOQst2ouyWWABZWCMaTO3G2nULt+ENxy
L7eI10tH1lL7+UFgx8PIm1M8Oe9HU38mVhJSTJrBBVkEURIQHhMdLYF4QlHyXDKh
eqdsp4XI30VnsVq2tHgiTv7UtsRwZWcRNy3pRriSygjd+mX54ZhuxbF58kOHrqlq
iAOAAM7ZYOkHVabiQ5orjBmUe08VGncmXMVR+FbVGv1PPXwtPnSch4bvbWqCjcma
aMeWbTxgvxhtrdjhZ2CNkYdkbePzH0JzKASNbVTRpZ+5rnGhN+mJjS4UpwSsLb0R
la4D9G+pLCtWGmekQIQxDwIDAQABo1AwTjAdBgNVHQ4EFgQUTHsWNmVNzaNBn8hC
PnFZ8oeSoMswHwYDVR0jBBgwFoAUTHsWNmVNzaNBn8hCPnFZ8oeSoMswDAYDVR0T
BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAjzemMdD2dru7G4Vw+U90VC8ULeNp
jjUcDLjCSj8rsjQrZFUeoTDsD7nC1UlLxAl6j27e027EehoUtEV4CU/yfOw120c5
sycRltx09GCqDJF7oYsLjYpVZlulf0IswtyuU/nKXSTIeE13oL4UD+3qQbyOHVtR
zWb2jw9a2PjlrHSvCx28QaMEqihpZOLN0EdKRg58JU60FrvUs7GQakc59cY3typQ
h7Qs/DtNdpjKqy59FeqG9FKyaMTFEqcG0QjoN6CY3e7+p9U8x+Gk3sq2f0ZOHfIE
ToEYFzffCYQ/dPnn0lkC+PD2X4a6GaOIpyUyPY3guUMkH3eLCowwVqbnQw==
-----END CERTIFICATE-----
test/ssl/server/ca.key deleted 100644 → 0
View file @ 3a56d3dc
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIULltH+HCkA0CAggA
MBQGCCqGSIb3DQMHBAi4ltq0ShMH5QSCBMjqQx0RjyGsrqg/GFfRtfOfD914aDWK
FpI0hk4AfrLs6ek+vpdXYY62ZhdbtBXRInmZsicZHw7E/WEL3MTvtuwy432L/RK+
hBKxzIFFgPZ67gA2f40oPdMD1wpGhDVTBuT7GA/60lnbbiO5YAr0iXLfdPuoO6GM
29C/3tRRa46euQQecocB7BHQewNvBR1u6yhAYAd8Yb5xjb4Bp6dtYWs/FiUfaETA
xyzNF0zGgNmokSnSRdgZDVrsj0sp/tFKkaTbpMfCIPEy+rK/0WfihTiwsXZygm+d
oqjXG6WhBhJHmPh52iEtgsgHnro0Ujv5UyXu+5S53gFSYTCzU854w9aIkU226c0F
NqB90azS4gBb6S7rxP2nvoX1lUzzQVfuRmqp93BhRCPZ8BIn44nVCohOH45+WPuL
EvLuz2oGdurxOL0xi7bkYIGQ1rToGdGOE/OshytjLBppHEpDZoxJpAwjxf7HIjDe
8Gbe92vPuHUlopVNBp+31d5TNIm1SpxK4NgmIJHUpZEUwuo6bIKn+jvdRG+DgvJ7
roURtdekBkjp7UQvvdIfzK1cfuUHmAcohM/g2jJXgJ/qkeHXf+Nlf42BoSWRV7J8
IZlNF42pasfyCZ1G5nC9dqjyyFcLulrRKpa/h4dtDOqiMRy+AHTxJCGYH9oV5WBe
4ugJBBbjn1g69LrUgcM5munzbkSo2VULWfUhYXhmW7oRVSdBCj33tjU7NgWVmQ0B
qaMooyonwnidila1gSyDxW/EVCeQ9GJGpjlCRo0YLjD5kUlng/1SJCD+SfMG8rX2
s3Y6rJEKDtd1w+OI5pdNQZCDfhR5XY+GuLfAfu99G2ejzWNH7vfEoiSliTE6Qbnw
ruhXNv1bgvSuCR/Bn2+sOqc/xLwgwsHCsvvoySleCfboBoFRtNBfpX+ANvxsj9vT
jexW5YL2z5N6rIjtWWZmSDYpBb+s4cbzGzSNlrLKrgbPliR6j0nLxwRvxGBWVBju
TS0wy9LyD2sQeHqcXSvh7qao4zn5FHF8+Yctl6as1TE5QZxp/1Tj1p8QjV5Sxj+s
wG9+t/hC7E3tE332VmmULvaR+7eJpDzCY6JNMsyZzMojg0JZzl3Dv3Dj51RNN0Ze
wNd7GD0aTXaGDKqLVXGlWt9JWqYW2ZzgZema3dgk1lYo4Hmb4dfvDVw8DWL+Ilk5
RN9yjUiHH/fU/moPIiD1lgN6TsIK5t5o5pT0fysE5P5NXs8OgrkxDIpWk4zqOidh
TBBZqx+Buk2x+iWhuVfMIk2ae33TDVVerHiptCUL40dqEg3V3guX9fAsiNNfHbV7
b0o+4v2LSvwBTE0WMoQcHiQiiEiEhPFh6CVfgVETZ/1xL8QVUJ2uoT4+3Vk6sOSZ
maolzvxnnrlKnG6H5Ic9gvKCtUrOGEDhoThSSIFi+avB8rqprJuUBfVrKvRLtd+g
gbjQw14y0QtxIiKYCRUvUYxNqdRXO+s5GGiMcy68N3IrzTSIO6BdRhbs1NmiSQth
SbnOF8072eikqFtW2QR7R7B1R9yudzhLKch/160St1a3hAXVLlvP67uUJa7CAKiW
uu1sBKCIxPP0u7a+ItE7AAiEMPLVZIWAiZITlnzhWQTsOywP/+3ykDB1H8sMklvV
J+Q=
-----END ENCRYPTED PRIVATE KEY-----
test/ssl/server/generate.sh deleted 100644 → 0
View file @ 3a56d3dc
#openssl req -new -x509 -days 999999 -extensions v3_ca -keyout ca.key -out ca.crt
openssl genrsa -des3 -out server.key 2048
openssl req -out server.csr -key server.key -new
openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 999999
test/ssl/server/server.crt deleted 100644 → 0
View file @ 3a56d3dc
-----BEGIN CERTIFICATE-----
MIIDmTCCAoECCQDbCxMEyfcKBTANBgkqhkiG9w0BAQUFADCBoDELMAkGA1UEBhMC
Q0ExEDAOBgNVBAgMB09udGFyaW8xDzANBgNVBAcMBk90dGF3YTEgMB4GA1UECgwX
RWNsaXBzZSBGb3VuZGF0aW9uLCBJbmMxDTALBgNVBAsMBFBhaG8xDTALBgNVBAMM
BFBhaG8xLjAsBgkqhkiG9w0BCQEWH2ljcmFnZ3NAbW9kZWxiYXNlZHRlc3Rpbmcu
Y28udWswIBcNMTMwODA5MTI0NzE4WhgPNDc1MTA3MDYxMjQ3MThaMHoxCzAJBgNV
BAYTAlVLMRAwDgYDVQQIDAdFbmdsYW5kMRMwEQYDVQQHDApXaW5jaGVzdGVyMQww
CgYDVQQKDANJQk0xEzARBgNVBAMMCklhbiBDcmFnZ3MxITAfBgkqhkiG9w0BCQEW
EmljcmFnZ3NAdWsuaWJtLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdH7FfImmCimMieBuiHNXV2ezwIJgUQLRTFlS3z2Hy5GNnohM/XO5eP6GkI
z74mf/bQujVJzbFQW6G8owRNN5gX3FwymP184Arl2Gnqrh1GEj/+nf6i6JT1EZj8
XrTe25Nz6PWEXW6bwVbbk+V32jAaayN373BvK68jJjA8toMmAr/O0DX9ylafmnCG
73Z7NrlEyj/sQPYyorpVhF87PXPJqfnlEZBUR4u9HNRrDT4BL2LUTcLBZnrxJ22j
szcnw7ntI6+jf+FpM303BdVuLqWPDb2Pr2jibkLylHEZV/UikPD38lgHBon6SG2G
oaQsTgiHsbkp4hlCsbIY2bwkdbECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAUeik
VMh33oQ3LFZHCDUKQ6yuFu1wtma1FyLNSNk7s3hRUmroOE/ozi97dzCUpgmhbYd9
6U0e2MxWj2k6HKecjuRW1HEjQFv1vhOiJcCEaSKMAVzKbAe8T/GJPsL1+eVCihtl
YFt8ew26xAcHBZJL6npfGUAhBEIzgGjQBh/Snw3caVZGlEFpssIzcskAB2rF0MuV
e9WaxFRjPmUFcEpZZoA0suJIkqRL+Xw0+YQH/ofbOPS/ja5lxtJWwGg5H2gcb4/z
StxrUda5yEinfzph4tiWiVXGPJ/+tlnaVIFEHchjPjOPmjmjgaHqGb5DFgIW0QLT
P7CCNKT9nQNz3mXD6w==
-----END CERTIFICATE-----
test/ssl/server/server.csr deleted 100644 → 0
View file @ 3a56d3dc
-----BEGIN CERTIFICATE REQUEST-----
MIICvzCCAacCAQAwejELMAkGA1UEBhMCVUsxEDAOBgNVBAgMB0VuZ2xhbmQxEzAR
BgNVBAcMCldpbmNoZXN0ZXIxDDAKBgNVBAoMA0lCTTETMBEGA1UEAwwKSWFuIENy
YWdnczEhMB8GCSqGSIb3DQEJARYSaWNyYWdnc0B1ay5pYm0uY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10fsV8iaYKKYyJ4G6Ic1dXZ7PAgmBRAt
FMWVLfPYfLkY2eiEz9c7l4/oaQjPviZ/9tC6NUnNsVBbobyjBE03mBfcXDKY/Xzg
CuXYaequHUYSP/6d/qLolPURmPxetN7bk3Po9YRdbpvBVtuT5XfaMBprI3fvcG8r
ryMmMDy2gyYCv87QNf3KVp+acIbvdns2uUTKP+xA9jKiulWEXzs9c8mp+eURkFRH
i70c1GsNPgEvYtRNwsFmevEnbaOzNyfDue0jr6N/4WkzfTcF1W4upY8NvY+vaOJu
QvKUcRlX9SKQ8PfyWAcGifpIbYahpCxOCIexuSniGUKxshjZvCR1sQIDAQABoAAw
DQYJKoZIhvcNAQEFBQADggEBAJQVWDn2Up8ct+q8Dn2qtkLk8VX7bNVEbs+Uqt/U
V//gfLnePSAmhrtn5IJttv/Xr5SCWVaINXESk5n1aJ9OnR2qWaEnC8xUm5OYlHst
rMmBdvZS6nHpyd6Qsn5SK9DdsHKGQvbImEKT1mgh7fH/27LWVNyymH58m7ZyYdgg
JV7+wLPnkk45SMt90hebvwOIludH9AyBZJ3OgzDQOPf9bDRfP7z7rXChANkRsmH4
qAwN9hK99M4KG4B8Dfug7/5qauxqtae+1Y/mMpB9JwI/C5EEKpeRt5AUuO9pY+G6
G1eSSlJmapLidhCsN0ZOSkR8w3iS2liL+ip8EHMlFQ7mraQ=
-----END CERTIFICATE REQUEST-----
test/ssl/server/server.key deleted 100644 → 0
View file @ 3a56d3dc
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,A395451144468E67
wfitpxIigHgd4fB4Iak+TSRTPMLws0adRj/VebVH2Fvy6dxy+Ls7Rjql3soRvUwY
s3y/roCJeAEWyMJZeHoUFp6md3U+8h8Tb2iC1KU/6bs+WREk9wZ1CbfxeSNF25K+
zDKnwRF72AdABR/2beg+7V2YJlTtNPvF88r7jz1W8C5KWg3jFaxB2l/FmYdSd1m1
A26w9VaOlzMHKkvrYZS+WUC2p/bpBdYTcKIXztekhFBr9qQzVQiBSTZW1uiq4HAP
A+zlXbbrU5czltHribsi9OlHwAbKfkSrIwe2zOyin25TelWCtnVqH+oq7LypKcNx
MGuwA0lIeM7iRuMHjf/MzE0lpQ4pqqJh+VWGjvgz7ynpXDqzweUmsllvoybUW+6S
hlE/3zFq63C8yO53qbSp2aYY6Bi9mmVdjc4k/mhvg8dF1cDGEmSZO7JTtQyvP8Iq
8dsdZasGnVZGWFEJaObJ+lXMnPKD2oBG+HSsXNT6hraY98kt7UFWX+N5X6lWc/iC
ddj1eUlG0ZWwc65jktGvoN10psTSWyNZNDFAiKbIjV7ufbmAwVXK1aCI4Z7lqHYa
OJKkSudu7wGoW/3a8laExJdFbpsjutFEDnHV7LEf6jntPHlH560vWgHAxFOuHcct
gqJ9L1fQqJdUuRirDiFpDjuOaAw7IWySLP7xd6Bc84YXgC+mpI373nXPdjgTNBrU
+aLsTkX3P2kC6t6SmhEL5hCaBXcXCIjwl7vQuh8loTFlGy7ET/6v6p/f0G9h04og
NYz53BTxoGpwDTHhtZ2BDEZqO/7r6nzi3J3l912utBOxJQY2Jjtjjof2k6+2Z+af
EeHeI2jy1cAA2t+CyglZOhhVrJ+fVPXwqaLuUsYKGEamqHZNd6EtUtO37xJzU/sT
LB3urVsO0p3ZkJkitrrIhiBJBERuAEwsq3qdn2GgzTiM5lJMsouXVhtalNAildFc
zTwefwfgblRP3XqyGfmxdkpWpWm8yi3Urut4wTga0rBfbZm5VMwKrTmDoKb05aEb
yRmDNyKmlatCXSJCiaNZt0jdFYXu8LuIbYWwau8t7yd2fjhFyyQ5thyqmKi6nxKY
Vo/gJN50gvACZqWJ/rNZezdAebo2HGtdScBrjIW4iMDALdehbicfhsducdP337+A
udyfcm2U8hiZXcalc5JvrLl7YMIS4Y+dRzdO407IFxcikDAJvNTDTvS+9PzzJx/Z
fGnISfizxDmJjSu5gDteWPNc7ZaqCceTURRuvZuub+QS6MazE0GDcshEHt0TrU+9
C6nFL+iAUM8nkJbR7nd71g9D84ltG0mNDjeJ3yrgGpYUdtO3BCBjdwwx01XSEe44
nhU/Ga53kqfjiTXYM7K7LziOCFoI7yGLa/l8h/7qiy5l2IMYpusoD7+c/PZ/M7o+
0Y3lnUCQ2fo2btpNEZHpEwe4ivEnib2Z1Xi5xSuVlL1/5NZxY6aXZMocHFpA10em
uv76oQ0+rOYn7U6RZR32pCVffy0FYyRXUtZp0xV6wW2o86PZltEUIvA3+vPBNeg3
fpv07AtHexhoAorREclDR6Do6Gv8IqYuPpBJ5LdE34WGRQhAlah+lQ==
-----END RSA PRIVATE KEY-----
test/ssl/server/server.pem deleted 100644 → 0
View file @ 3a56d3dc
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
db:0b:13:04:c9:f7:0a:04
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=UK, ST=England, L=Winchester, O=IBM, CN=Ian Craggs/emailAddress=icraggs@uk.ibm.com
Validity
Not Before: Aug 8 22:08:37 2013 GMT
Not After : Jul 5 22:08:37 4751 GMT
Subject: C=UK, ST=England, L=Winchester, O=IBM, CN=Ian Craggs/emailAddress=icraggs@uk.ibm.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e4:b9:35:7e:f8:89:6f:2b:f1:14:d1:28:f5:ed:
e0:ce:e5:8e:e3:0b:b3:eb:94:89:8a:e7:ce:26:f9:
d3:c4:92:15:bc:27:fe:10:5f:2c:e2:c1:02:60:7e:
b1:e5:5e:8f:ad:11:e9:6c:de:d6:b4:3f:7c:b3:60:
74:f3:9c:64:f5:d7:a1:1c:24:e7:7d:77:21:02:42:
94:ed:f3:33:58:c9:e0:17:60:4f:64:82:e3:18:0c:
b6:2d:3e:d0:a2:06:e1:4a:92:7f:84:92:e6:bb:6b:
06:bc:9d:b4:7a:ec:07:40:eb:32:37:65:57:87:1e:
7e:f1:ca:1d:72:28:98:c9:ec:e6:74:45:97:7a:bd:
a7:b5:69:2a:f4:a9:de:64:d3:fd:f0:d2:78:1d:a3:
7b:4f:4d:95:5b:ee:5d:8f:15:ed:e1:a8:94:1c:02:
e0:22:d7:4d:42:4f:2a:b1:dd:e7:2c:67:fa:63:88:
17:84:1a:ac:0c:e0:78:7d:6b:4f:cb:26:07:e9:a3:
d8:3a:44:1a:97:e0:25:96:01:33:29:ed:db:f1:19:
01:9d:bd:ec:8c:6c:8c:3a:78:ac:2f:66:69:0a:18:
ee:a8:35:e5:ac:52:bd:4d:37:60:71:ca:c1:26:bd:
0a:7e:db:d3:b0:d5:6d:9e:a1:cd:f4:83:4b:a2:77:
41:7f
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
6d:af:29:f3:49:4a:b1:d4:09:4b:76:f5:86:99:1f:79:a0:e4:
af:0f:3b:c8:c1:30:ca:d3:98:1d:3e:1f:2a:84:b6:90:a8:06:
1d:2b:33:2a:1a:05:1c:2d:e7:fc:aa:34:73:ee:9c:fd:2e:21:
9c:c1:42:be:86:de:42:92:47:52:69:ab:2a:cc:b2:26:3d:65:
8d:60:22:e0:e5:4c:03:33:cf:36:56:73:c0:02:62:1b:31:a1:
78:54:c4:f7:1e:19:f0:e3:a6:86:e6:49:57:90:e8:74:de:66:
68:b5:63:38:a3:4e:66:b1:c4:0a:4c:a0:df:3c:d7:b0:75:3e:
59:e2:5e:51:76:13:92:09:ec:0e:05:09:2b:d8:bb:b6:ec:83:
aa:b0:37:d1:4b:bb:0e:6f:ee:c9:18:06:e2:09:a1:b2:7d:ad:
5e:aa:2c:de:c1:c1:a6:4a:5b:d7:ab:29:78:09:14:c8:39:65:
14:52:7c:73:09:a6:43:cb:5d:31:ae:9c:5c:c8:39:30:9e:bc:
2c:dd:2d:e9:70:35:00:4c:98:42:ab:26:0c:5a:02:4b:92:c8:
c7:d2:23:c1:16:6f:b3:e0:78:8f:db:7b:35:89:b0:b8:4b:40:
a9:82:3a:f4:29:4a:82:60:25:e1:9e:42:96:59:f8:58:96:37:
5f:d0:30:6d
-----BEGIN CERTIFICATE-----
MIIDcjCCAloCCQDbCxMEyfcKBDANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJV
SzEQMA4GA1UECAwHRW5nbGFuZDETMBEGA1UEBwwKV2luY2hlc3RlcjEMMAoGA1UE
CgwDSUJNMRMwEQYDVQQDDApJYW4gQ3JhZ2dzMSEwHwYJKoZIhvcNAQkBFhJpY3Jh
Z2dzQHVrLmlibS5jb20wIBcNMTMwODA4MjIwODM3WhgPNDc1MTA3MDUyMjA4Mzda
MHoxCzAJBgNVBAYTAlVLMRAwDgYDVQQIDAdFbmdsYW5kMRMwEQYDVQQHDApXaW5j
aGVzdGVyMQwwCgYDVQQKDANJQk0xEzARBgNVBAMMCklhbiBDcmFnZ3MxITAfBgkq
hkiG9w0BCQEWEmljcmFnZ3NAdWsuaWJtLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOS5NX74iW8r8RTRKPXt4M7ljuMLs+uUiYrnzib508SSFbwn
/hBfLOLBAmB+seVej60R6Wze1rQ/fLNgdPOcZPXXoRwk5313IQJClO3zM1jJ4Bdg
T2SC4xgMti0+0KIG4UqSf4SS5rtrBrydtHrsB0DrMjdlV4cefvHKHXIomMns5nRF
l3q9p7VpKvSp3mTT/fDSeB2je09NlVvuXY8V7eGolBwC4CLXTUJPKrHd5yxn+mOI
F4QarAzgeH1rT8smB+mj2DpEGpfgJZYBMynt2/EZAZ297IxsjDp4rC9maQoY7qg1
5axSvU03YHHKwSa9Cn7b07DVbZ6hzfSDS6J3QX8CAwEAATANBgkqhkiG9w0BAQUF
AAOCAQEAba8p80lKsdQJS3b1hpkfeaDkrw87yMEwytOYHT4fKoS2kKgGHSszKhoF
HC3n/Ko0c+6c/S4hnMFCvobeQpJHUmmrKsyyJj1ljWAi4OVMAzPPNlZzwAJiGzGh
eFTE9x4Z8OOmhuZJV5DodN5maLVjOKNOZrHECkyg3zzXsHU+WeJeUXYTkgnsDgUJ
K9i7tuyDqrA30Uu7Dm/uyRgG4gmhsn2tXqos3sHBpkpb16speAkUyDllFFJ8cwmm
Q8tdMa6cXMg5MJ68LN0t6XA1AEyYQqsmDFoCS5LIx9IjwRZvs+B4j9t7NYmwuEtA
qYI69ClKgmAl4Z5Clln4WJY3X9AwbQ==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
bf:d0:e6:9a:27:0f:16:9d
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=CA, ST=Ontario, L=Ottawa, O=Eclipse Foundation, Inc, OU=Paho, CN=Paho/emailAddress=icraggs@modelbasedtesting.co.uk
Validity
Not Before: Aug 9 12:45:56 2013 GMT
Not After : Jul 6 12:45:56 4751 GMT
Subject: C=CA, ST=Ontario, L=Ottawa, O=Eclipse Foundation, Inc, OU=Paho, CN=Paho/emailAddress=icraggs@modelbasedtesting.co.uk
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b2:ef:ff:a1:56:c6:eb:99:01:72:4b:e2:50:7c:
23:d7:92:c4:79:9f:1e:d9:ff:d4:94:e4:2c:b7:6a:
2e:c9:65:80:05:95:82:31:a4:ce:dc:6d:a7:50:bb:
7e:10:dc:72:2f:b7:88:d7:4b:47:d6:52:fb:f9:41:
60:c7:c3:c8:9b:53:3c:39:ef:47:53:7f:26:56:12:
52:4c:9a:c1:05:59:04:51:12:10:1e:13:1d:2d:81:
78:42:51:f2:5c:32:a1:7a:a7:6c:a7:85:c8:df:45:
67:b1:5a:b6:b4:78:22:4e:fe:d4:b6:c4:70:65:67:
11:37:2d:e9:46:b8:92:ca:08:dd:fa:65:f9:e1:98:
6e:c5:b1:79:f2:43:87:ae:a9:6a:88:03:80:00:ce:
d9:60:e9:07:55:a6:e2:43:9a:2b:8c:19:94:7b:4f:
15:1a:77:26:5c:c5:51:f8:56:d5:1a:fd:4f:3d:7c:
2d:3e:74:9c:87:86:ef:6d:6a:82:8d:c9:9a:68:c7:
96:6d:3c:60:bf:18:6d:ad:d8:e1:67:60:8d:91:87:
64:6d:e3:f3:1f:42:73:28:04:8d:6d:54:d1:a5:9f:
b9:ae:71:a1:37:e9:89:8d:2e:14:a7:04:ac:2d:bd:
11:95:ae:03:f4:6f:a9:2c:2b:56:1a:67:a4:40:84:
31:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:7B:16:36:65:4D:CD:A3:41:9F:C8:42:3E:71:59:F2:87:92:A0:CB
X509v3 Authority Key Identifier:
keyid:4C:7B:16:36:65:4D:CD:A3:41:9F:C8:42:3E:71:59:F2:87:92:A0:CB
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
8f:37:a6:31:d0:f6:76:bb:bb:1b:85:70:f9:4f:74:54:2f:14:
2d:e3:69:8e:35:1c:0c:b8:c2:4a:3f:2b:b2:34:2b:64:55:1e:
a1:30:ec:0f:b9:c2:d5:49:4b:c4:09:7a:8f:6e:de:d3:6e:c4:
7a:1a:14:b4:45:78:09:4f:f2:7c:ec:35:db:47:39:b3:27:11:
96:dc:74:f4:60:aa:0c:91:7b:a1:8b:0b:8d:8a:55:66:5b:a5:
7f:42:2c:c2:dc:ae:53:f9:ca:5d:24:c8:78:4d:77:a0:be:14:
0f:ed:ea:41:bc:8e:1d:5b:51:cd:66:f6:8f:0f:5a:d8:f8:e5:
ac:74:af:0b:1d:bc:41:a3:04:aa:28:69:64:e2:cd:d0:47:4a:
46:0e:7c:25:4e:b4:16:bb:d4:b3:b1:90:6a:47:39:f5:c6:37:
b7:2a:50:87:b4:2c:fc:3b:4d:76:98:ca:ab:2e:7d:15:ea:86:
f4:52:b2:68:c4:c5:12:a7:06:d1:08:e8:37:a0:98:dd:ee:fe:
a7:d5:3c:c7:e1:a4:de:ca:b6:7f:46:4e:1d:f2:04:4e:81:18:
17:37:df:09:84:3f:74:f9:e7:d2:59:02:f8:f0:f6:5f:86:ba:
19:a3:88:a7:25:32:3d:8d:e0:b9:43:24:1f:77:8b:0a:8c:30:
56:a6:e7:43
-----BEGIN CERTIFICATE-----
MIIEFzCCAv+gAwIBAgIJAL/Q5ponDxadMA0GCSqGSIb3DQEBBQUAMIGgMQswCQYD
VQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEPMA0GA1UEBwwGT3R0YXdhMSAwHgYD
VQQKDBdFY2xpcHNlIEZvdW5kYXRpb24sIEluYzENMAsGA1UECwwEUGFobzENMAsG
A1UEAwwEUGFobzEuMCwGCSqGSIb3DQEJARYfaWNyYWdnc0Btb2RlbGJhc2VkdGVz
dGluZy5jby51azAgFw0xMzA4MDkxMjQ1NTZaGA80NzUxMDcwNjEyNDU1NlowgaAx
CzAJBgNVBAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMQ8wDQYDVQQHDAZPdHRhd2Ex
IDAeBgNVBAoMF0VjbGlwc2UgRm91bmRhdGlvbiwgSW5jMQ0wCwYDVQQLDARQYWhv
MQ0wCwYDVQQDDARQYWhvMS4wLAYJKoZIhvcNAQkBFh9pY3JhZ2dzQG1vZGVsYmFz
ZWR0ZXN0aW5nLmNvLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
su//oVbG65kBckviUHwj15LEeZ8e2f/UlOQst2ouyWWABZWCMaTO3G2nULt+ENxy
L7eI10tH1lL7+UFgx8PIm1M8Oe9HU38mVhJSTJrBBVkEURIQHhMdLYF4QlHyXDKh
eqdsp4XI30VnsVq2tHgiTv7UtsRwZWcRNy3pRriSygjd+mX54ZhuxbF58kOHrqlq
iAOAAM7ZYOkHVabiQ5orjBmUe08VGncmXMVR+FbVGv1PPXwtPnSch4bvbWqCjcma
aMeWbTxgvxhtrdjhZ2CNkYdkbePzH0JzKASNbVTRpZ+5rnGhN+mJjS4UpwSsLb0R
la4D9G+pLCtWGmekQIQxDwIDAQABo1AwTjAdBgNVHQ4EFgQUTHsWNmVNzaNBn8hC
PnFZ8oeSoMswHwYDVR0jBBgwFoAUTHsWNmVNzaNBn8hCPnFZ8oeSoMswDAYDVR0T
BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAjzemMdD2dru7G4Vw+U90VC8ULeNp
jjUcDLjCSj8rsjQrZFUeoTDsD7nC1UlLxAl6j27e027EehoUtEV4CU/yfOw120c5
sycRltx09GCqDJF7oYsLjYpVZlulf0IswtyuU/nKXSTIeE13oL4UD+3qQbyOHVtR
zWb2jw9a2PjlrHSvCx28QaMEqihpZOLN0EdKRg58JU60FrvUs7GQakc59cY3typQ
h7Qs/DtNdpjKqy59FeqG9FKyaMTFEqcG0QjoN6CY3e7+p9U8x+Gk3sq2f0ZOHfIE
ToEYFzffCYQ/dPnn0lkC+PD2X4a6GaOIpyUyPY3guUMkH3eLCowwVqbnQw==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
db:0b:13:04:c9:f7:0a:05
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=CA, ST=Ontario, L=Ottawa, O=Eclipse Foundation, Inc, OU=Paho, CN=Paho/emailAddress=icraggs@modelbasedtesting.co.uk
Validity
Not Before: Aug 9 12:47:18 2013 GMT
Not After : Jul 6 12:47:18 4751 GMT
Subject: C=UK, ST=England, L=Winchester, O=IBM, CN=Ian Craggs/emailAddress=icraggs@uk.ibm.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d7:47:ec:57:c8:9a:60:a2:98:c8:9e:06:e8:87:
35:75:76:7b:3c:08:26:05:10:2d:14:c5:95:2d:f3:
d8:7c:b9:18:d9:e8:84:cf:d7:3b:97:8f:e8:69:08:
cf:be:26:7f:f6:d0:ba:35:49:cd:b1:50:5b:a1:bc:
a3:04:4d:37:98:17:dc:5c:32:98:fd:7c:e0:0a:e5:
d8:69:ea:ae:1d:46:12:3f:fe:9d:fe:a2:e8:94:f5:
11:98:fc:5e:b4:de:db:93:73:e8:f5:84:5d:6e:9b:
c1:56:db:93:e5:77:da:30:1a:6b:23:77:ef:70:6f:
2b:af:23:26:30:3c:b6:83:26:02:bf:ce:d0:35:fd:
ca:56:9f:9a:70:86:ef:76:7b:36:b9:44:ca:3f:ec:
40:f6:32:a2:ba:55:84:5f:3b:3d:73:c9:a9:f9:e5:
11:90:54:47:8b:bd:1c:d4:6b:0d:3e:01:2f:62:d4:
4d:c2:c1:66:7a:f1:27:6d:a3:b3:37:27:c3:b9:ed:
23:af:a3:7f:e1:69:33:7d:37:05:d5:6e:2e:a5:8f:
0d:bd:8f:af:68:e2:6e:42:f2:94:71:19:57:f5:22:
90:f0:f7:f2:58:07:06:89:fa:48:6d:86:a1:a4:2c:
4e:08:87:b1:b9:29:e2:19:42:b1:b2:18:d9:bc:24:
75:b1
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
51:e8:a4:54:c8:77:de:84:37:2c:56:47:08:35:0a:43:ac:ae:
16:ed:70:b6:66:b5:17:22:cd:48:d9:3b:b3:78:51:52:6a:e8:
38:4f:e8:ce:2f:7b:77:30:94:a6:09:a1:6d:87:7d:e9:4d:1e:
d8:cc:56:8f:69:3a:1c:a7:9c:8e:e4:56:d4:71:23:40:5b:f5:
be:13:a2:25:c0:84:69:22:8c:01:5c:ca:6c:07:bc:4f:f1:89:
3e:c2:f5:f9:e5:42:8a:1b:65:60:5b:7c:7b:0d:ba:c4:07:07:
05:92:4b:ea:7a:5f:19:40:21:04:42:33:80:68:d0:06:1f:d2:
9f:0d:dc:69:56:46:94:41:69:b2:c2:33:72:c9:00:07:6a:c5:
d0:cb:95:7b:d5:9a:c4:54:63:3e:65:05:70:4a:59:66:80:34:
b2:e2:48:92:a4:4b:f9:7c:34:f9:84:07:fe:87:db:38:f4:bf:
8d:ae:65:c6:d2:56:c0:68:39:1f:68:1c:6f:8f:f3:4a:dc:6b:
51:d6:b9:c8:48:a7:7f:3a:61:e2:d8:96:89:55:c6:3c:9f:fe:
b6:59:da:54:81:44:1d:c8:63:3e:33:8f:9a:39:a3:81:a1:ea:
19:be:43:16:02:16:d1:02:d3:3f:b0:82:34:a4:fd:9d:03:73:
de:65:c3:eb
-----BEGIN CERTIFICATE-----
MIIDmTCCAoECCQDbCxMEyfcKBTANBgkqhkiG9w0BAQUFADCBoDELMAkGA1UEBhMC
Q0ExEDAOBgNVBAgMB09udGFyaW8xDzANBgNVBAcMBk90dGF3YTEgMB4GA1UECgwX
RWNsaXBzZSBGb3VuZGF0aW9uLCBJbmMxDTALBgNVBAsMBFBhaG8xDTALBgNVBAMM
BFBhaG8xLjAsBgkqhkiG9w0BCQEWH2ljcmFnZ3NAbW9kZWxiYXNlZHRlc3Rpbmcu
Y28udWswIBcNMTMwODA5MTI0NzE4WhgPNDc1MTA3MDYxMjQ3MThaMHoxCzAJBgNV
BAYTAlVLMRAwDgYDVQQIDAdFbmdsYW5kMRMwEQYDVQQHDApXaW5jaGVzdGVyMQww
CgYDVQQKDANJQk0xEzARBgNVBAMMCklhbiBDcmFnZ3MxITAfBgkqhkiG9w0BCQEW
EmljcmFnZ3NAdWsuaWJtLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdH7FfImmCimMieBuiHNXV2ezwIJgUQLRTFlS3z2Hy5GNnohM/XO5eP6GkI
z74mf/bQujVJzbFQW6G8owRNN5gX3FwymP184Arl2Gnqrh1GEj/+nf6i6JT1EZj8
XrTe25Nz6PWEXW6bwVbbk+V32jAaayN373BvK68jJjA8toMmAr/O0DX9ylafmnCG
73Z7NrlEyj/sQPYyorpVhF87PXPJqfnlEZBUR4u9HNRrDT4BL2LUTcLBZnrxJ22j
szcnw7ntI6+jf+FpM303BdVuLqWPDb2Pr2jibkLylHEZV/UikPD38lgHBon6SG2G
oaQsTgiHsbkp4hlCsbIY2bwkdbECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAUeik
VMh33oQ3LFZHCDUKQ6yuFu1wtma1FyLNSNk7s3hRUmroOE/ozi97dzCUpgmhbYd9
6U0e2MxWj2k6HKecjuRW1HEjQFv1vhOiJcCEaSKMAVzKbAe8T/GJPsL1+eVCihtl
YFt8ew26xAcHBZJL6npfGUAhBEIzgGjQBh/Snw3caVZGlEFpssIzcskAB2rF0MuV
e9WaxFRjPmUFcEpZZoA0suJIkqRL+Xw0+YQH/ofbOPS/ja5lxtJWwGg5H2gcb4/z
StxrUda5yEinfzph4tiWiVXGPJ/+tlnaVIFEHchjPjOPmjmjgaHqGb5DFgIW0QLT
P7CCNKT9nQNz3mXD6w==
-----END CERTIFICATE-----
test/ssl/test-root-ca.crt 0 → 100644
View file @ c48ba955
-----BEGIN CERTIFICATE-----
MIICqDCCAhGgAwIBAgIJAKrzwmdXIUxsMA0GCSqGSIb3DQEBBQUAMG0xCzAJBgNV
BAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYDVQQHDAVEZXJieTEVMBMG
A1UECgwMUGFobyBQcm9qZWN0MRAwDgYDVQQLDAdUZXN0aW5nMRAwDgYDVQQDDAdS
b290IENBMB4XDTEzMDcyOTE5MjEyOVoXDTIzMDcyNzE5MjEyOVowbTELMAkGA1UE
BhMCR0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUxDjAMBgNVBAcMBURlcmJ5MRUwEwYD
VQQKDAxQYWhvIFByb2plY3QxEDAOBgNVBAsMB1Rlc3RpbmcxEDAOBgNVBAMMB1Jv
b3QgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKbPzEEWCKsjjwjJ787u
Q32k5EdqoDddMEjSVbZNSNEwUew1L7O8NTbmtCEeVFQjOLAdmdiF3rQbXHV+Zew0
jt2g4vtPpl1GOG6jA/6YznKAyQdvGCdYfGZUN2tN+mbtVxWqkHZitQDQGaSHnx24
NX649La2uyFy+7l9o8++xPONAgMBAAGjUDBOMB0GA1UdDgQWBBRKK2nWMR2jaOhG
b/tL8462jVEOvzAfBgNVHSMEGDAWgBRKK2nWMR2jaOhGb/tL8462jVEOvzAMBgNV
HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAEd+gW86/W+fisz5PFHAeEw7zn9q
dzLHm7+QZgNLZ9h7/ZbhObRUFMRtU2xm4amyh85h7hUE5R2E2uW2OXumic7/D4ZD
6unjr4m5jwVWDTqTUYIcNSriyoDWAVlPfOWaU5NyUhqS1DM28tvOWVHVLCxmVcZl
tJQqo5eHbQ/+Hjfx
-----END CERTIFICATE-----
test/test3.c
View file @ c48ba955
...@@ -76,11 +76,11 @@ void usage() ...@@ -76,11 +76,11 @@ void usage()
struct Options struct Options
{ {
char* connection; char connection[100];
char* mutual_auth_connection; /**< connection to system under test. */ char mutual_auth_connection[100]; /**< connection to system under test. */
char* nocert_mutual_auth_connection; char nocert_mutual_auth_connection[100];
char* server_auth_connection; char server_auth_connection[100];
char* anon_connection; char anon_connection[100];
char** haconnections; /**< connection to system under test. */ char** haconnections; /**< connection to system under test. */
int hacount; int hacount;
char* client_key_file; char* client_key_file;
...@@ -91,16 +91,16 @@ struct Options ...@@ -91,16 +91,16 @@ struct Options
int test_no; int test_no;
} options = } options =
{ {
"tcp://localhost:1883", "ssl://m2m.eclipse.org:18883",
"ssl://localhost:8883", "ssl://m2m.eclipse.org:18884",
"ssl://localhost:8884", "ssl://m2m.eclipse.org:18885",
"ssl://localhost:8885", "ssl://m2m.eclipse.org:18886",
"ssl://localhost:8886", "ssl://m2m.eclipse.org:18887",
NULL, NULL,
0, 0,
"../../test/ssl/client.pem",
NULL, NULL,
NULL, "../../test/ssl/test-root-ca.crt",
NULL,
NULL, NULL,
0, 0,
0, 0,
...@@ -155,10 +155,16 @@ void getopts(int argc, char** argv) ...@@ -155,10 +155,16 @@ void getopts(int argc, char** argv)
else else
usage(); usage();
} }
else if (strcmp(argv[count], "--connection") == 0) else if (strcmp(argv[count], "--hostname") == 0)
{ {
if (++count < argc) if (++count < argc)
options.connection = argv[count]; {
sprintf(options.connection, "ssl://%s:18883", argv[count]);
sprintf(options.mutual_auth_connection, "ssl://%s:18884", argv[count]);
sprintf(options.nocert_mutual_auth_connection, "ssl://%s:18885", argv[count]);
sprintf(options.server_auth_connection, "ssl://%s:18886", argv[count]);
sprintf(options.anon_connection, "ssl://%s:18887", argv[count]);
}
else else
usage(); usage();
} }
...@@ -560,11 +566,8 @@ int test1(struct Options options) ...@@ -560,11 +566,8 @@ int test1(struct Options options)
} }
opts.ssl = &sslopts; opts.ssl = &sslopts;
//opts.ssl->trustStore = /*file of certificates trusted by client*/ if (options.server_key_file != NULL)
//opts.ssl->keyStore = options.client_key_file; /*file of certificate for client to present to server*/ opts.ssl->trustStore = options.server_key_file; /*file of certificates trusted by client*/
//if (options.client_key_pass != NULL) opts.ssl->privateKeyPassword = options.client_key_pass;
//opts.ssl->enabledCipherSuites = "DEFAULT";
opts.ssl->enableServerCertAuth = 0;
MyLog(LOGA_DEBUG, "Connecting"); MyLog(LOGA_DEBUG, "Connecting");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment