| Server IP : 15.235.198.142 / Your IP : 216.73.216.14 Web Server : Apache/2.4.58 (Ubuntu) System : Linux ballsack 6.8.0-45-generic #45-Ubuntu SMP PREEMPT_DYNAMIC Fri Aug 30 12:02:04 UTC 2024 x86_64 User : www-data ( 33) PHP Version : 8.3.6 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : OFF Directory : /snap/certbot/current/lib64/python3.12/site-packages/certbot/tests/testdata/ |
Upload File : |
The following command has been used to generate test keys:
for x in 512 2048; do openssl genrsa -out rsa${k}_key.pem $k; done
For the elliptic curve private keys, this command was used:
for k in "prime256v1" "secp384r1" "secp521r1" do
openssl genpkey -algorithm ${k} -out ec_${k}_key.pem
done
and for the CSR PEM (Certificate Signing Request):
openssl req -new -out csr-Xsans_X.pem -key rsa512_key.pem [-config csr-Xsans_X.conf | -subj '/CN=example.com'] [-outform DER > csr_X.der]
and for the certificate:
openssl req -new -out cert_X.pem -key rsaX_key.pem -subj '/CN=example.com' -x509 [-outform DER > cert_X.der]
`csr-mixed.pem` was generated with pyca/cryptography using the following snippet:
from cryptography import x509
from cryptography.hazmat.primitives import hashes, serialization
k = serialization.load_pem_private_key(
open("./acme/acme/_internal/tests/testdata/rsa2048_key.pem", "rb").read(), None
)
csr = (
x509.CertificateSigningRequestBuilder().add_extension(
x509.SubjectAlternativeName([x509.DNSName('a.exemple.com'), x509.IPAddress(ipaddress.ipaddr('192.0.2.111'))]),
critical=False
).subject_name(
x509.Name([])
).sign(
k, hashes.SHA256()
)
)
open("./acme/acme/_internal/tests/testdata/csr-mixed.pem", "wb").write(
csr.public_bytes(serialization.Encoding.PEM)
)