383 lines
7.4 KiB
Text
383 lines
7.4 KiB
Text
This folder contains the directory structures needed by openssl to create
|
|
and manager certificates.
|
|
|
|
|
|
|
|
################################################################################
|
|
|
|
Root 1
|
|
======
|
|
Valid root CA certificate.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
|
|
Sub CA 1 Root 1
|
|
===============
|
|
Valid intermediate CA certificate.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
User 1 Sub CA 1 Root 1
|
|
======================
|
|
Valid end certificate.
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
################################################################################
|
|
|
|
Root 2
|
|
======
|
|
Valid root CA certificate.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
|
|
Sub CA 1 Root 2
|
|
===============
|
|
Valid intermediate CA certificate.
|
|
Provides CRL = YES
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
User 1 Sub CA 1 Root 2
|
|
======================
|
|
Valid end certificate.
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
################################################################################
|
|
|
|
Root 3
|
|
======
|
|
Valid root CA certificate.
|
|
Provides CRL = YES
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
|
|
Sub CA 1 Root 3
|
|
===============
|
|
Valid intermediate CA certificate.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
User 1 Sub CA 1 Root 3
|
|
======================
|
|
Valid end certificate.
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
################################################################################
|
|
|
|
Root 4
|
|
======
|
|
Valid root CA certificate.
|
|
Provides CRL = YES
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
|
|
Revoked certificates:
|
|
|
|
- Sub CA 2 Root 4
|
|
|
|
|
|
Sub CA 1 Root 4
|
|
===============
|
|
Valid intermediate CA certificate.
|
|
Provides CRL = YES
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
Revoked certificates:
|
|
|
|
- User 2 Sub CA 1 Root 4
|
|
|
|
|
|
User 1 Sub CA 1 Root 4
|
|
======================
|
|
Valid end certificate.
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
User 2 Sub CA 1 Root 4
|
|
======================
|
|
Revoked end certificate.
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
Sub CA 2 Root 4
|
|
===============
|
|
Revoked intermediate CA certificate. Reason = keyCompromise
|
|
Provides CRL = YES
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
Revoked certificates:
|
|
|
|
- User 2 Sub CA 2 Root 4
|
|
|
|
User 1 Sub CA 2 Root 4
|
|
======================
|
|
Valid end certificate. Issuer is revoked.
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
User 2 Sub CA 2 Root 4
|
|
======================
|
|
Revoked end certificate. Reason = keyCompromise. Issuer is revoked.
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
################################################################################
|
|
|
|
Root 5
|
|
======
|
|
Valid root CA certificate.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
|
|
Sub CA 1 Root 5
|
|
===============
|
|
Valid intermediate CA certificate.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = YES
|
|
Provides OCSP = NO
|
|
CRLDP = URL=http://localhost:8901/demoCA/crl/Root_5.crl
|
|
AIA = NO
|
|
|
|
User 1 Sub CA 1 Root 5
|
|
======================
|
|
Valid end certificate.
|
|
CRLDP = URL=http://localhost:8902/demoCA/crl/Sub_CA_1_Root_5.crl
|
|
AIA = NO
|
|
|
|
|
|
################################################################################
|
|
|
|
Root 6
|
|
======
|
|
Valid root CA certificate.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = YES
|
|
Provides OCSP = NO
|
|
|
|
Sub CA 1 Root 6
|
|
===============
|
|
Valid intermediate CA certificate.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
CRLDP = URL=http://localhost:8901/demoCA/crl/Root_6.crl
|
|
AIA = NO
|
|
|
|
User 1 Sub CA 1 Root 6
|
|
======================
|
|
Valid end certificate.
|
|
CRLDP = URL=http://localhost:8902/demoCA/crl/Sub_CA_1_Root_6.crl
|
|
AIA = NO
|
|
|
|
################################################################################
|
|
|
|
Root 7
|
|
======
|
|
Valid root CA certificate.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = YES
|
|
Provides OCSP = NO
|
|
|
|
Revoked certificates:
|
|
|
|
- Sub CA 2 Root 7
|
|
|
|
|
|
Sub CA 1 Root 7
|
|
===============
|
|
Valid intermediate CA certificate.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = YES
|
|
Provides OCSP = NO
|
|
CRLDP = URL=http://localhost:8901/demoCA/crl/Root_7.crl
|
|
AIA = NO
|
|
|
|
Revoked certificates:
|
|
|
|
- User 2 Sub CA 1 Root 7
|
|
|
|
|
|
User 1 Sub CA 1 Root 7
|
|
======================
|
|
Valid end certificate.
|
|
CRLDP = URL=http://localhost:8902/demoCA/crl/Sub_CA_1_Root_7.crl
|
|
AIA = NO
|
|
|
|
User 2 Sub CA 1 Root 7
|
|
======================
|
|
Revoked end certificate. Reason = CACompromise.
|
|
CRLDP = URL=http://localhost:8902/demoCA/crl/Sub_CA_1_Root_7.crl
|
|
AIA = NO
|
|
|
|
Sub CA 2 Root 7
|
|
===============
|
|
Revoked intermediate CA certificate. Reason = keyCompromise
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = YES
|
|
Provides OCSP = NO
|
|
CRLDP = URL=http://localhost:8901/demoCA/crl/Root_7.crl
|
|
AIA = NO
|
|
|
|
Revoked certificates:
|
|
|
|
- User 2 Sub CA 2 Root 7
|
|
|
|
User 1 Sub CA 2 Root 7
|
|
======================
|
|
Valid end certificate. Issuer is revoked.
|
|
CRLDP = URL=http://localhost:8902/demoCA/crl/Sub_CA_2_Root_7.crl
|
|
AIA = NO
|
|
|
|
User 2 Sub CA 2 Root 7
|
|
======================
|
|
Revoked end certificate. Reason = CACompromise. Issuer is revoked.
|
|
CRLDP = URL=http://localhost:8902/demoCA/crl/Sub_CA_2_Root_7.crl
|
|
AIA = NO
|
|
|
|
################################################################################
|
|
|
|
Root 8
|
|
======
|
|
Valid root CA certificate.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = YES
|
|
|
|
Revoked certificates:
|
|
|
|
- Sub CA 2 Root 8
|
|
|
|
|
|
Sub CA 1 Root 8
|
|
===============
|
|
Valid intermediate CA certificate.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = YES
|
|
CRLDP =
|
|
AIA = OCSP;URI:http://localhost:8888
|
|
|
|
Revoked certificates:
|
|
|
|
- User 2 Sub CA 1 Root 8
|
|
|
|
|
|
User 1 Sub CA 1 Root 8
|
|
======================
|
|
Valid end certificate.
|
|
CRLDP = NO
|
|
AIA = OCSP;URI:http://localhost:8889
|
|
|
|
User 2 Sub CA 1 Root 8
|
|
======================
|
|
Revoked end certificate. Reason = superseded.
|
|
CRLDP = NO
|
|
AIA = OCSP;URI:http://localhost:8889
|
|
|
|
Sub CA 2 Root 8
|
|
===============
|
|
Revoked intermediate CA certificate. Reason = superseded.
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = YES
|
|
CRLDP = NO
|
|
AIA = OCSP;URI:http://localhost:8888
|
|
|
|
Revoked certificates:
|
|
|
|
- User 2 Sub CA 2 Root 8
|
|
|
|
User 1 Sub CA 2 Root 8
|
|
======================
|
|
Valid end certificate. Issuer is revoked.
|
|
CRLDP = NO
|
|
AIA = OCSP;URI:http://localhost:8889
|
|
|
|
User 2 Sub CA 2 Root 8
|
|
======================
|
|
Revoked end certificate. Reason = superseded. Issuer is revoked.
|
|
CRLDP = NO
|
|
AIA = OCSP;URI:http://localhost:8889
|
|
|
|
################################################################################
|
|
|
|
Root 9
|
|
======
|
|
Valid root CA certificate. (Not installed.)
|
|
Provides CRL = YES
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
|
|
Sub CA 1 Root 9
|
|
===============
|
|
Valid intermediate CA certificate.
|
|
Provides CRL = YES
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
User 1 Sub CA 1 Root 9
|
|
======================
|
|
Valid end certificate.
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
################################################################################
|
|
|
|
Root 10
|
|
======
|
|
Valid root CA certificate.
|
|
Provides CRL = YES
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
|
|
Sub CA 1 Root 10
|
|
===============
|
|
Valid intermediate CA certificate. (Not installed.)
|
|
Provides CRL = NO
|
|
Provides CRL via HTTP = YES
|
|
Provides OCSP = NO
|
|
CRLDP = NO
|
|
AIA = NO
|
|
|
|
User 1 Sub CA 1 Root 10
|
|
======================
|
|
Valid end certificate.
|
|
CRLDP = URI:http://localhost:8902/demoCA/crl/Sub_CA_1_Root_10.crl
|
|
AIA = caIssuers;URI:http://localhost:8910/demoCA/Sub_CA_1_Root_10.crt
|
|
|
|
################################################################################
|
|
|
|
Root 11
|
|
======
|
|
Valid root CA certificate.
|
|
Provides CRL = YES
|
|
Provides CRL via HTTP = NO
|
|
Provides OCSP = NO
|
|
|
|
User x Root 11
|
|
======================
|
|
All certificate issues by Root 11 are valid end certificate. Currently there are
|
|
31 certificates.
|
|
|