From f370b3225b1d0f7f5d8c91821677412a1829aa9f Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Wed, 23 Jul 2014 22:34:49 +0200 Subject: [PATCH] Add alioth certs to our cert tree --- .../ssl/files/servicecerts/git.debian.org.crt | 109 ++++++++++++++++++ .../servicecerts/star.alioth.debian.org.crt | 107 +++++++++++++++++ 2 files changed, 216 insertions(+) create mode 100644 modules/ssl/files/servicecerts/git.debian.org.crt create mode 100644 modules/ssl/files/servicecerts/star.alioth.debian.org.crt diff --git a/modules/ssl/files/servicecerts/git.debian.org.crt b/modules/ssl/files/servicecerts/git.debian.org.crt new file mode 100644 index 000000000..19d8bec1f --- /dev/null +++ b/modules/ssl/files/servicecerts/git.debian.org.crt @@ -0,0 +1,109 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 6b:23:83:f2:5f:ed:f7:3c:1d:77:31:76:8c:f5:54:ff + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=FR, O=GANDI SAS, CN=Gandi Standard SSL CA + Validity + Not Before: Apr 30 00:00:00 2014 GMT + Not After : Apr 30 23:59:59 2015 GMT + Subject: OU=Domain Control Validated, OU=PositiveSSL Multi-Domain, CN=git.debian.org + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:e3:5e:a4:40:9e:b3:de:0d:2c:df:55:26:ae:8d: + b3:3e:e9:9f:fd:e9:4e:d6:73:f2:d5:df:54:e9:6d: + 60:41:e9:82:8b:eb:d6:3b:37:b3:ce:57:6d:ec:68: + 88:36:f1:76:85:bd:5e:8f:ea:15:80:f1:25:6e:9f: + 8e:5e:f5:a3:ed:7e:91:7e:d1:97:49:3d:43:ef:f2: + 53:dd:c1:11:57:bb:30:9e:d6:ac:01:3f:72:f2:9c: + 2c:55:02:40:e5:50:f4:99:e6:04:cd:a4:15:ce:cd: + 25:71:6d:07:25:27:b3:d4:64:89:57:09:9d:47:ce: + de:35:55:7e:e7:15:55:cf:60:43:43:4c:45:d3:6b: + 18:26:bc:b8:c3:ff:b6:42:e5:0a:40:38:f7:7b:07: + 7e:2c:e8:6b:a2:bd:e8:7f:97:b0:38:f5:5c:ee:51: + d1:97:94:6e:7b:e7:79:b6:2a:7f:a9:7d:da:1d:35: + d0:a9:5d:55:75:e6:90:c7:1c:a7:ad:e6:06:51:c8: + d5:7c:77:e1:a9:19:e1:f4:64:96:df:e7:4a:a2:9b: + 07:29:e6:d3:31:bb:54:78:5e:a1:92:8b:85:32:a6: + 19:32:76:d1:f7:a1:7d:a8:69:dd:72:9c:86:ea:ef: + 07:60:a7:55:a7:28:fa:2b:f4:fc:0b:13:ea:bc:48: + 57:a1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + keyid:B6:A8:FF:A2:A8:2F:D0:A6:CD:4B:B1:68:F3:E7:50:10:31:A7:79:21 + + X509v3 Subject Key Identifier: + 66:63:D3:46:43:D3:E2:B8:3C:40:7F:31:F5:C9:8F:53:DC:5D:10:FE + X509v3 Key Usage: critical + Digital Signature, Key Encipherment + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Certificate Policies: + Policy: 1.3.6.1.4.1.6449.1.2.2.26 + CPS: http://www.gandi.net/contracts/fr/ssl/cps/pdf/ + Policy: 2.23.140.1.2.1 + + X509v3 CRL Distribution Points: + + Full Name: + URI:http://crl.gandi.net/GandiStandardSSLCA.crl + + Authority Information Access: + CA Issuers - URI:http://crt.gandi.net/GandiStandardSSLCA.crt + OCSP - URI:http://ocsp.gandi.net + + X509v3 Subject Alternative Name: + DNS:git.debian.org, DNS:anonscm.debian.org, DNS:arch.debian.org, DNS:bzr.debian.org, DNS:cvs.debian.org, DNS:darcs.debian.org, DNS:hg.debian.org, DNS:scm.debian.org, DNS:svn.debian.org + Signature Algorithm: sha1WithRSAEncryption + 70:f7:7a:d5:3d:96:21:9a:a1:cf:60:be:10:30:07:8d:9f:47: + 30:cc:e0:f2:ad:e3:92:c0:48:3a:f4:22:c4:5f:a9:ec:96:2e: + c7:d3:99:bb:fb:92:f9:16:2c:40:a6:cc:85:ba:14:6b:24:49: + 05:b5:05:c7:dd:f3:23:04:11:af:56:bd:54:5c:05:29:85:cf: + 85:29:28:a0:89:c8:de:aa:47:37:fb:29:ec:bc:86:58:60:2d: + 20:36:92:83:35:35:1f:68:fa:b3:ad:a7:6e:bd:4f:3d:04:8b: + 13:aa:a1:e3:26:93:38:3d:19:5d:2a:24:d3:f5:1e:e9:d7:11: + b5:fc:22:03:76:36:3d:de:6a:60:64:5d:21:fe:4a:08:9e:ed: + 2d:36:b0:41:8e:fc:33:03:4f:c7:2c:83:7a:f0:28:d6:a3:20: + 02:bd:3b:3d:9d:49:2c:4d:19:27:6d:b3:f5:a2:2e:7a:61:5f: + 99:ef:31:20:cd:67:46:b3:66:43:4c:91:cd:5f:9f:ec:bc:44: + ff:eb:65:18:22:58:0e:bb:f2:86:a8:f4:6c:b1:80:97:c3:85: + be:bf:70:54:84:0a:d3:34:46:d9:09:12:09:79:1c:ed:61:3f: + 66:9c:2c:f9:a0:38:ab:68:40:c4:4a:f4:26:8d:d1:03:70:79: + ee:da:4d:da +-----BEGIN CERTIFICATE----- +MIIFXTCCBEWgAwIBAgIQayOD8l/t9zwddzF2jPVU/zANBgkqhkiG9w0BAQUFADBB +MQswCQYDVQQGEwJGUjESMBAGA1UEChMJR0FOREkgU0FTMR4wHAYDVQQDExVHYW5k +aSBTdGFuZGFyZCBTU0wgQ0EwHhcNMTQwNDMwMDAwMDAwWhcNMTUwNDMwMjM1OTU5 +WjBfMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxITAfBgNVBAsT +GFBvc2l0aXZlU1NMIE11bHRpLURvbWFpbjEXMBUGA1UEAxMOZ2l0LmRlYmlhbi5v +cmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjXqRAnrPeDSzfVSau +jbM+6Z/96U7Wc/LV31TpbWBB6YKL69Y7N7POV23saIg28XaFvV6P6hWA8SVun45e +9aPtfpF+0ZdJPUPv8lPdwRFXuzCe1qwBP3LynCxVAkDlUPSZ5gTNpBXOzSVxbQcl +J7PUZIlXCZ1Hzt41VX7nFVXPYENDTEXTaxgmvLjD/7ZC5QpAOPd7B34s6Guiveh/ +l7A49VzuUdGXlG5753m2Kn+pfdodNdCpXVV15pDHHKet5gZRyNV8d+GpGeH0ZJbf +50qimwcp5tMxu1R4XqGSi4UyphkydtH3oX2oad1ynIbq7wdgp1WnKPor9PwLE+q8 +SFehAgMBAAGjggIxMIICLTAfBgNVHSMEGDAWgBS2qP+iqC/Qps1LsWjz51AQMad5 +ITAdBgNVHQ4EFgQUZmPTRkPT4rg8QH8x9cmPU9xdEP4wDgYDVR0PAQH/BAQDAgWg +MAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGAG +A1UdIARZMFcwSwYLKwYBBAGyMQECAhowPDA6BggrBgEFBQcCARYuaHR0cDovL3d3 +dy5nYW5kaS5uZXQvY29udHJhY3RzL2ZyL3NzbC9jcHMvcGRmLzAIBgZngQwBAgEw +PAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5nYW5kaS5uZXQvR2FuZGlTdGFu +ZGFyZFNTTENBLmNybDBqBggrBgEFBQcBAQReMFwwNwYIKwYBBQUHMAKGK2h0dHA6 +Ly9jcnQuZ2FuZGkubmV0L0dhbmRpU3RhbmRhcmRTU0xDQS5jcnQwIQYIKwYBBQUH +MAGGFWh0dHA6Ly9vY3NwLmdhbmRpLm5ldDCBoQYDVR0RBIGZMIGWgg5naXQuZGVi +aWFuLm9yZ4ISYW5vbnNjbS5kZWJpYW4ub3Jngg9hcmNoLmRlYmlhbi5vcmeCDmJ6 +ci5kZWJpYW4ub3Jngg5jdnMuZGViaWFuLm9yZ4IQZGFyY3MuZGViaWFuLm9yZ4IN +aGcuZGViaWFuLm9yZ4IOc2NtLmRlYmlhbi5vcmeCDnN2bi5kZWJpYW4ub3JnMA0G +CSqGSIb3DQEBBQUAA4IBAQBw93rVPZYhmqHPYL4QMAeNn0cwzODyreOSwEg69CLE +X6nsli7H05m7+5L5FixApsyFuhRrJEkFtQXH3fMjBBGvVr1UXAUphc+FKSigicje +qkc3+ynsvIZYYC0gNpKDNTUfaPqzraduvU89BIsTqqHjJpM4PRldKiTT9R7p1xG1 +/CIDdjY93mpgZF0h/koInu0tNrBBjvwzA0/HLIN68CjWoyACvTs9nUksTRknbbP1 +oi56YV+Z7zEgzWdGs2ZDTJHNX5/svET/62UYIlgOu/KGqPRssYCXw4W+v3BUhArT +NEbZCRIJeRztYT9mnCz5oDiraEDESvQmjdEDcHnu2k3a +-----END CERTIFICATE----- diff --git a/modules/ssl/files/servicecerts/star.alioth.debian.org.crt b/modules/ssl/files/servicecerts/star.alioth.debian.org.crt new file mode 100644 index 000000000..9bcb4cc50 --- /dev/null +++ b/modules/ssl/files/servicecerts/star.alioth.debian.org.crt @@ -0,0 +1,107 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 56:ab:60:22:82:ee:a3:4c:2d:78:ee:af:bf:c4:94:c7 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=FR, O=GANDI SAS, CN=Gandi Standard SSL CA + Validity + Not Before: Apr 26 00:00:00 2014 GMT + Not After : Apr 26 23:59:59 2015 GMT + Subject: OU=Domain Control Validated, OU=Gandi Standard Wildcard SSL, CN=*.alioth.debian.org + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:f1:86:fa:35:d6:ce:e5:de:28:89:91:5a:44:c5: + cb:39:be:50:12:d0:9d:0e:64:c9:2e:d7:f7:a0:4d: + b1:d5:17:41:6e:03:c5:0d:ff:fc:2d:90:b3:f4:29: + ad:17:8f:06:e4:fd:6c:06:85:3e:fb:6f:33:e5:a9: + b3:ed:da:f0:49:83:18:a9:74:1f:5d:97:a7:b9:63: + 43:61:72:8d:26:c2:78:48:b6:e7:20:4d:13:d2:d6: + 0e:f3:a0:12:bc:87:8d:6c:e4:c9:0a:07:01:d0:7c: + 65:83:36:de:cb:d9:a6:f6:3d:57:2a:dc:47:e4:46: + db:00:14:e9:f9:7f:34:78:9f:fc:68:e1:e1:8b:02: + c9:ef:69:c8:0b:0d:88:e1:63:72:aa:95:16:ed:27: + c7:46:e8:32:47:ea:31:4a:d7:0c:91:25:29:71:f0: + 9b:1a:fe:e6:ef:f3:43:49:07:11:81:9e:51:f7:82: + a0:3c:63:a5:de:04:bf:02:81:18:0d:a2:b7:ed:5d: + 93:ab:9e:27:78:9d:b2:4b:e6:d5:be:5a:c5:78:61: + a0:6f:f2:9c:c2:5e:60:00:83:ef:1e:16:3c:08:3d: + 54:ae:af:0f:6d:77:aa:d3:d1:4e:2b:d5:99:6a:59: + 0b:9e:20:de:a5:d4:1f:f9:cc:3c:31:29:c5:e2:e5: + 06:91 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + keyid:B6:A8:FF:A2:A8:2F:D0:A6:CD:4B:B1:68:F3:E7:50:10:31:A7:79:21 + + X509v3 Subject Key Identifier: + DD:63:45:F1:50:22:68:E9:D9:D3:4D:83:F7:A5:EC:02:81:53:A4:E3 + X509v3 Key Usage: critical + Digital Signature, Key Encipherment + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Certificate Policies: + Policy: 1.3.6.1.4.1.6449.1.2.2.26 + CPS: http://www.gandi.net/contracts/fr/ssl/cps/pdf/ + Policy: 2.23.140.1.2.1 + + X509v3 CRL Distribution Points: + + Full Name: + URI:http://crl.gandi.net/GandiStandardSSLCA.crl + + Authority Information Access: + CA Issuers - URI:http://crt.gandi.net/GandiStandardSSLCA.crt + OCSP - URI:http://ocsp.gandi.net + + X509v3 Subject Alternative Name: + DNS:*.alioth.debian.org, DNS:alioth.debian.org + Signature Algorithm: sha1WithRSAEncryption + 88:09:e4:2e:0a:55:97:d7:53:ca:e5:8d:ca:d7:cc:ba:e4:76: + f0:58:12:9d:2f:17:9a:36:e3:ca:66:05:cd:a6:bb:bd:80:fd: + bd:bf:44:8b:10:55:38:f0:9d:1c:0a:b0:6e:0e:40:75:d0:fb: + 93:f4:59:dc:c4:fb:2b:38:2a:63:f2:f2:17:63:b3:87:cf:80: + 96:e2:2a:56:a4:32:34:38:eb:ff:5d:0d:a6:cc:88:05:74:fc: + 87:05:a3:1c:ea:68:21:c2:e1:b6:6d:96:ec:c3:13:1b:73:bf: + fd:d8:37:14:8b:48:f1:51:10:7c:03:a7:3e:ba:65:0f:7c:d7: + d4:a1:df:d0:43:1b:b8:ac:c3:64:34:90:ae:0d:61:dc:7e:11: + 25:7f:8e:9a:89:59:3a:22:07:59:94:2f:7c:9f:9b:64:70:a6: + 7d:bf:5c:d2:a1:a0:50:28:2c:c3:4a:55:3c:1e:1b:c8:80:fb: + 30:b1:09:ae:81:78:3c:72:06:f2:0b:8f:6c:67:53:af:69:34: + c7:a5:ca:63:28:d9:41:98:4e:8f:e8:6d:f6:f3:d6:4f:9c:5a: + fc:fc:91:ee:02:ac:bd:f9:94:7f:9e:97:37:e9:c6:df:e9:74: + ee:f3:89:c5:6e:5c:23:5e:70:23:8e:5d:03:48:3a:88:5b:6d: + 71:a6:c5:c0 +-----BEGIN CERTIFICATE----- +MIIE9DCCA9ygAwIBAgIQVqtgIoLuo0wteO6vv8SUxzANBgkqhkiG9w0BAQUFADBB +MQswCQYDVQQGEwJGUjESMBAGA1UEChMJR0FOREkgU0FTMR4wHAYDVQQDExVHYW5k +aSBTdGFuZGFyZCBTU0wgQ0EwHhcNMTQwNDI2MDAwMDAwWhcNMTUwNDI2MjM1OTU5 +WjBnMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxJDAiBgNVBAsT +G0dhbmRpIFN0YW5kYXJkIFdpbGRjYXJkIFNTTDEcMBoGA1UEAxQTKi5hbGlvdGgu +ZGViaWFuLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPGG+jXW +zuXeKImRWkTFyzm+UBLQnQ5kyS7X96BNsdUXQW4DxQ3//C2Qs/QprRePBuT9bAaF +PvtvM+Wps+3a8EmDGKl0H12Xp7ljQ2FyjSbCeEi25yBNE9LWDvOgEryHjWzkyQoH +AdB8ZYM23svZpvY9VyrcR+RG2wAU6fl/NHif/Gjh4YsCye9pyAsNiOFjcqqVFu0n +x0boMkfqMUrXDJElKXHwmxr+5u/zQ0kHEYGeUfeCoDxjpd4EvwKBGA2it+1dk6ue +J3idskvm1b5axXhhoG/ynMJeYACD7x4WPAg9VK6vD213qtPRTivVmWpZC54g3qXU +H/nMPDEpxeLlBpECAwEAAaOCAcAwggG8MB8GA1UdIwQYMBaAFLao/6KoL9CmzUux +aPPnUBAxp3khMB0GA1UdDgQWBBTdY0XxUCJo6dnTTYP3pewCgVOk4zAOBgNVHQ8B +Af8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB +BQUHAwIwYAYDVR0gBFkwVzBLBgsrBgEEAbIxAQICGjA8MDoGCCsGAQUFBwIBFi5o +dHRwOi8vd3d3LmdhbmRpLm5ldC9jb250cmFjdHMvZnIvc3NsL2Nwcy9wZGYvMAgG +BmeBDAECATA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3JsLmdhbmRpLm5ldC9H +YW5kaVN0YW5kYXJkU1NMQ0EuY3JsMGoGCCsGAQUFBwEBBF4wXDA3BggrBgEFBQcw +AoYraHR0cDovL2NydC5nYW5kaS5uZXQvR2FuZGlTdGFuZGFyZFNTTENBLmNydDAh +BggrBgEFBQcwAYYVaHR0cDovL29jc3AuZ2FuZGkubmV0MDEGA1UdEQQqMCiCEyou +YWxpb3RoLmRlYmlhbi5vcmeCEWFsaW90aC5kZWJpYW4ub3JnMA0GCSqGSIb3DQEB +BQUAA4IBAQCICeQuClWX11PK5Y3K18y65HbwWBKdLxeaNuPKZgXNpru9gP29v0SL +EFU48J0cCrBuDkB10PuT9FncxPsrOCpj8vIXY7OHz4CW4ipWpDI0OOv/XQ2mzIgF +dPyHBaMc6mghwuG2bZbswxMbc7/92DcUi0jxURB8A6c+umUPfNfUod/QQxu4rMNk +NJCuDWHcfhElf46aiVk6IgdZlC98n5tkcKZ9v1zSoaBQKCzDSlU8HhvIgPswsQmu +gXg8cgbyC49sZ1OvaTTHpcpjKNlBmE6P6G3289ZPnFr8/JHuAqy9+ZR/npc36cbf +6XTu84nFblwjXnAjjl0DSDqIW21xpsXA +-----END CERTIFICATE----- -- 2.20.1