static char titre[100]; //test title
static char testname[100]; //dest description
+
+//default and debugging certificate for client/feeder mode
+static const char *fdr_certs[3]={
+ "./certs/localhost-key.pem",
+ "./certs/localhost-chain-cert.pem",
+ "./certs/root-safe_CA.pem" //safe root certificate
+ };
/*
\f
*/
}
break;
case 3 : //initiating TLS-Crypted in client mode
- if (soc_starttls(socptr,false)==false)
+ if (soc_starttls(socptr,false,fdr_certs)==false)
phase=999;
break;
case 4 : //eveythin is fine SOC in crypted mode
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 2a:01:e0:a5:fb:80:80:00:00:00:29
+ Signature Algorithm: sha384WithRSAEncryption
+ Issuer: C=CA, O=SAFE Inc., OU=Digital Certificate Signing, CN=SAFE Midle Ground CA (2024) - SHA384 - 3
+ Validity
+ Not Before: Apr 6 13:59:06 2025 GMT
+ Not After : Apr 6 13:59:06 2050 GMT
+ Subject: C=CA, ST=Quebec, L=Montreal, O=SAFE Inc., OU=Mailleur email developpement test, CN=localhost.localdomain
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (4096 bit)
+ Modulus:
+ 00:ba:5f:35:d2:04:d5:f4:da:f0:b1:99:6f:f3:42:
+ 42:0e:59:8d:7b:6c:24:97:6d:24:df:e8:fa:83:7c:
+ ae:92:fd:d1:58:1c:14:7e:20:71:5e:44:5a:b0:e8:
+ 7a:ce:45:33:95:aa:27:ef:52:fe:bd:5a:23:7b:4f:
+ 8b:24:4d:0b:f7:9c:99:25:b8:b9:af:8c:46:f7:a9:
+ 6c:18:ff:39:7c:a9:ff:9a:f5:f0:d7:d7:ca:dc:6c:
+ 5d:c7:09:02:83:87:37:1a:2f:f7:05:b8:39:af:9f:
+ ab:24:3b:24:48:e6:72:af:36:10:0d:c6:dc:bd:c2:
+ de:05:4f:4a:fd:d8:5b:35:24:b9:bc:ce:ab:37:3a:
+ f9:ff:2d:44:c2:33:f2:52:4a:36:5c:5f:80:a7:cd:
+ f7:1b:6d:55:b7:d6:13:25:72:d5:55:4d:54:ff:a1:
+ 1e:7d:85:8b:e0:e2:16:d1:d1:22:21:07:99:ad:9a:
+ 51:25:02:71:7b:56:e5:77:16:07:18:c6:fd:de:c4:
+ e0:e5:55:01:78:f6:3c:53:ab:35:1d:44:f8:26:af:
+ c3:11:a2:2d:63:73:29:c5:bd:b4:17:f7:83:7e:0d:
+ d9:0a:d9:a1:27:f2:7c:bc:ee:95:76:68:ec:c4:7f:
+ 35:64:44:d4:6d:43:46:99:40:52:cd:b4:c0:11:3a:
+ d7:ab:7c:cf:87:b5:41:32:a4:23:2d:3f:cc:fa:b2:
+ 6b:5b:dd:a5:58:14:7a:24:cb:3a:26:04:49:8f:07:
+ 8b:5b:d0:be:c2:ee:24:de:d1:74:cb:04:48:be:f9:
+ 74:5a:17:52:1e:0e:c0:ea:02:d1:7a:1e:e7:a2:95:
+ b4:77:1a:96:6d:34:80:78:85:0f:84:e6:3b:60:27:
+ 75:5d:33:60:6d:6b:d9:da:b9:af:a9:cf:bc:ae:c3:
+ 29:ca:a3:1b:4f:3b:7f:fa:ba:d6:01:f0:07:3f:7d:
+ 00:45:e6:6e:7f:aa:67:ad:90:db:1d:2a:eb:e4:be:
+ 43:13:5e:2e:dc:de:a1:36:fd:20:90:1f:ac:8c:3c:
+ c9:0e:32:96:ef:a8:19:1d:30:87:d1:f2:42:c7:55:
+ e7:46:24:9c:d2:4a:1f:42:01:f7:eb:68:5f:d6:b5:
+ 9a:3a:e2:51:90:94:59:9d:bc:83:dd:d8:89:e9:34:
+ af:d6:43:66:8f:87:85:2b:c6:b1:43:b6:09:92:ba:
+ f4:e3:d6:3b:c1:5b:2d:76:cd:56:ac:7f:bb:fb:60:
+ 30:a5:13:76:73:35:5e:67:df:dd:c5:fe:ab:e5:4f:
+ dd:80:56:19:a6:e0:d8:53:b2:20:5c:5c:34:2f:a1:
+ 31:0b:12:27:71:b6:ea:5b:2e:fa:a3:88:2f:f7:24:
+ 5b:93:0d
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Key Usage: critical
+ Digital Signature, Key Encipherment
+ Authority Information Access:
+ CA Issuers - URI:http://certificates.safe.ca/cacert/safeMDL.pem
+ OCSP - URI:http://certificates/safe.ca/chkcertstats
+ X509v3 Certificate Policies:
+ Policy: 1.3.6.1.4.1.7438.1.2
+ CPS: http://certificates.safe.ca/policies
+ Policy: 2.23.140.1.1
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 CRL Distribution Points:
+ Full Name:
+ URI:http://certificates.safe.ca/repository/revoklist.pem
+ X509v3 Subject Alternative Name:
+ DNS:localhost.localdomain, IP Address:127.127.0.1
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication, TLS Web Client Authentication, E-mail Protection
+ X509v3 Subject Key Identifier:
+ 2D:BD:65:E1:4E:2B:7D:E0:80:3E:D2:66:6E:ED:81:87:4A:52:CD:6C
+ X509v3 Authority Key Identifier:
+ 9C:BE:0B:C0:22:76:F5:CF:BC:FD:78:9A:92:77:20:FE:BF:96:1E:D8
+ Signature Algorithm: sha384WithRSAEncryption
+ Signature Value:
+ ac:e8:1e:50:ec:0e:b8:02:c6:ac:70:19:ee:37:7f:53:24:69:
+ cc:ca:6e:34:6b:9b:14:cf:71:67:bb:7d:f9:60:a7:92:59:9b:
+ de:56:8b:86:9a:8e:59:da:ad:4a:90:a4:2e:2d:c4:a0:17:01:
+ 18:84:c4:dd:5c:93:97:dd:d9:ad:d4:0d:63:33:3b:4e:3f:24:
+ 0e:6c:13:6c:3f:3b:5e:ca:27:a1:5a:1c:30:e4:eb:da:d0:e5:
+ b1:4f:ce:fb:c4:8c:76:da:e6:f6:00:a5:03:58:9b:6d:79:84:
+ 92:2c:10:66:96:b9:7f:73:57:97:7e:6a:f2:74:d3:ac:0a:3e:
+ b2:11:c4:f5:1e:4d:87:1f:8e:6d:29:ed:ef:97:8f:70:f7:37:
+ 61:3e:ae:4a:d6:6d:6e:80:c5:bb:de:9b:bd:06:bb:a8:94:28:
+ ed:f6:c9:4a:7f:e2:9a:44:e1:96:07:25:60:74:19:d1:fb:86:
+ 32:16:1c:c4:99:dd:de:ab:fe:7a:88:af:8e:3a:fa:36:c3:92:
+ b3:82:ba:50:18:02:42:2c:b4:6a:d2:ba:a3:8e:fb:72:6a:d1:
+ 8a:b4:3f:b3:9e:27:90:18:b8:50:04:b8:1e:14:d6:e1:98:ff:
+ ed:78:5d:5e:76:b0:6e:8d:e0:ea:e3:00:5e:c7:f3:eb:ed:71:
+ c6:c0:de:f1:e2:bb:03:14:f1:27:0f:a6:2e:6c:38:0a:ca:3e:
+ ef:e1:4c:d8:a4:dc:7d:6a:ec:e5:3e:b5:a7:53:7b:2a:32:76:
+ da:a8:e1:1b:8c:76:6b:8b:b8:75:51:65:25:e0:c2:31:c7:0b:
+ b1:a6:a2:10:b7:45:4d:fc:69:67:84:c6:81:c8:e7:5e:b8:fc:
+ fb:8d:64:e3:28:dc:b3:41:be:8e:58:7a:8e:9e:89:ee:51:f1:
+ bf:5e:82:a6:29:a8:98:fe:ef:fb:7c:70:f7:8c:ee:4e:07:47:
+ 10:4e:75:ad:21:a2:ad:9a:4e:e7:3a:01:2e:bc:81:63:b7:7c:
+ 4c:ea:32:4c:12:78:20:81:9d:f2:8d:5f:1f:4b:82:67:55:1f:
+ 95:ff:d8:7f:5b:50:74:fd:18:4c:74:3e:4e:cf:5b:26:d6:73:
+ 29:ea:dd:9b:a0:a5:0b:5d:5e:0d:36:fd:f5:d1:d0:91:9a:6e:
+ 81:b9:4a:93:d7:94:bb:75:e5:fa:ff:9f:5f:1e:f4:d3:63:9e:
+ 09:03:00:b5:aa:77:0d:9f:2f:25:41:99:f3:52:04:08:3d:f4:
+ d5:ab:37:3a:0c:1b:fe:db:66:45:8b:b3:88:7e:1d:9c:98:98:
+ a7:f7:00:30:06:78:f6:0e:ea:aa:e6:24:3d:3f:31:39:80:3e:
+ a8:74:a2:1e:42:51:d7:13
+-----BEGIN CERTIFICATE-----
+MIIHZDCCBUygAwIBAgILKgHgpfuAgAAAACkwDQYJKoZIhvcNAQEMBQAwejELMAkG
+A1UEBhMCQ0ExEjAQBgNVBAoMCVNBRkUgSW5jLjEkMCIGA1UECwwbRGlnaXRhbCBD
+ZXJ0aWZpY2F0ZSBTaWduaW5nMTEwLwYDVQQDDChTQUZFIE1pZGxlIEdyb3VuZCBD
+QSAoMjAyNCkgLSBTSEEzODQgLSAzMCAXDTI1MDQwNjEzNTkwNloYDzIwNTAwNDA2
+MTM1OTA2WjCBkTELMAkGA1UEBhMCQ0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UE
+BwwITW9udHJlYWwxEjAQBgNVBAoMCVNBRkUgSW5jLjEqMCgGA1UECwwhTWFpbGxl
+dXIgZW1haWwgZGV2ZWxvcHBlbWVudCB0ZXN0MR4wHAYDVQQDDBVsb2NhbGhvc3Qu
+bG9jYWxkb21haW4wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC6XzXS
+BNX02vCxmW/zQkIOWY17bCSXbSTf6PqDfK6S/dFYHBR+IHFeRFqw6HrORTOVqifv
+Uv69WiN7T4skTQv3nJkluLmvjEb3qWwY/zl8qf+a9fDX18rcbF3HCQKDhzcaL/cF
+uDmvn6skOyRI5nKvNhANxty9wt4FT0r92Fs1JLm8zqs3Ovn/LUTCM/JSSjZcX4Cn
+zfcbbVW31hMlctVVTVT/oR59hYvg4hbR0SIhB5mtmlElAnF7VuV3FgcYxv3exODl
+VQF49jxTqzUdRPgmr8MRoi1jcynFvbQX94N+DdkK2aEn8ny87pV2aOzEfzVkRNRt
+Q0aZQFLNtMAROterfM+HtUEypCMtP8z6smtb3aVYFHokyzomBEmPB4tb0L7C7iTe
+0XTLBEi++XRaF1IeDsDqAtF6HueilbR3GpZtNIB4hQ+E5jtgJ3VdM2Bta9naua+p
+z7yuwynKoxtPO3/6utYB8Ac/fQBF5m5/qmetkNsdKuvkvkMTXi7c3qE2/SCQH6yM
+PMkOMpbvqBkdMIfR8kLHVedGJJzSSh9CAffraF/WtZo64lGQlFmdvIPd2InpNK/W
+Q2aPh4UrxrFDtgmSuvTj1jvBWy12zVasf7v7YDClE3ZzNV5n393F/qvlT92AVhmm
+4NhTsiBcXDQvoTELEidxtupbLvqjiC/3JFuTDQIDAQABo4IBzzCCAcswDgYDVR0P
+AQH/BAQDAgWgMIGABggrBgEFBQcBAQR0MHIwOgYIKwYBBQUHMAKGLmh0dHA6Ly9j
+ZXJ0aWZpY2F0ZXMuc2FmZS5jYS9jYWNlcnQvc2FmZU1ETC5wZW0wNAYIKwYBBQUH
+MAGGKGh0dHA6Ly9jZXJ0aWZpY2F0ZXMvc2FmZS5jYS9jaGtjZXJ0c3RhdHMwUwYD
+VR0gBEwwSjA/BgkrBgEEAboOAQIwMjAwBggrBgEFBQcCARYkaHR0cDovL2NlcnRp
+ZmljYXRlcy5zYWZlLmNhL3BvbGljaWVzMAcGBWeBDAEBMAkGA1UdEwQCMAAwRQYD
+VR0fBD4wPDA6oDigNoY0aHR0cDovL2NlcnRpZmljYXRlcy5zYWZlLmNhL3JlcG9z
+aXRvcnkvcmV2b2tsaXN0LnBlbTAmBgNVHREEHzAdghVsb2NhbGhvc3QubG9jYWxk
+b21haW6HBH9/AAEwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEF
+BQcDBDAdBgNVHQ4EFgQULb1l4U4rfeCAPtJmbu2Bh0pSzWwwHwYDVR0jBBgwFoAU
+nL4LwCJ29c+8/Xiakncg/r+WHtgwDQYJKoZIhvcNAQEMBQADggIBAKzoHlDsDrgC
+xqxwGe43f1MkaczKbjRrmxTPcWe7fflgp5JZm95Wi4aajlnarUqQpC4txKAXARiE
+xN1ck5fd2a3UDWMzO04/JA5sE2w/O17KJ6FaHDDk69rQ5bFPzvvEjHba5vYApQNY
+m215hJIsEGaWuX9zV5d+avJ006wKPrIRxPUeTYcfjm0p7e+Xj3D3N2E+rkrWbW6A
+xbvem70Gu6iUKO32yUp/4ppE4ZYHJWB0GdH7hjIWHMSZ3d6r/nqIr446+jbDkrOC
+ulAYAkIstGrSuqOO+3Jq0Yq0P7OeJ5AYuFAEuB4U1uGY/+14XV52sG6N4OrjAF7H
+8+vtccbA3vHiuwMU8ScPpi5sOArKPu/hTNik3H1q7OU+tadTeyoydtqo4RuMdmuL
+uHVRZSXgwjHHC7GmohC3RU38aWeExoHI5164/PuNZOMo3LNBvo5Yeo6eie5R8b9e
+gqYpqJj+7/t8cPeM7k4HRxBOda0hoq2aTuc6AS68gWO3fEzqMkwSeCCBnfKNXx9L
+gmdVH5X/2H9bUHT9GEx0Pk7PWybWcynq3ZugpQtdXg02/fXR0JGaboG5SpPXlLt1
+5fr/n18e9NNjngkDALWqdw2fLyVBmfNSBAg99NWrNzoMG/7bZkWLs4h+HZyYmKf3
+ADAGePYO6qrmJD0/MTmAPqh0oh5CUdcT
+-----END CERTIFICATE-----
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 2a:01:e0:a5:fb:80:10:00:00:00:02
+ Signature Algorithm: ecdsa-with-SHA384
+ Issuer: C=CA, L=Montreal, ST=Quebec, O=SAFE Inc., OU=Digital Certificate Signing, CN=SAFE Root CA 1
+ Validity
+ Not Before: Jan 20 17:19:55 2024 GMT
+ Not After : Jun 7 17:19:55 2051 GMT
+ Subject: C=CA, O=SAFE Inc., OU=Digital Certificate Signing, CN=SAFE Midle Ground CA (2024) - SHA384 - 3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (4096 bit)
+ Modulus:
+ 00:d1:52:9b:dc:10:57:6d:9a:0e:09:5b:1b:aa:fb:
+ 76:8c:65:b3:f2:ca:75:36:8f:c0:cb:82:d8:2f:5b:
+ 0e:25:0c:5f:fc:18:94:41:87:5d:75:eb:92:ec:2a:
+ 87:14:ec:5f:cc:f6:8f:bf:db:4e:a3:07:aa:ec:90:
+ 3a:48:43:b9:01:84:42:fb:34:0b:06:5f:d8:e4:6d:
+ e7:55:8f:f6:ad:98:c4:7d:6f:a8:39:de:f8:70:94:
+ 71:f3:2f:24:1b:3b:ab:42:70:d8:6c:06:ef:81:af:
+ fa:f7:68:77:66:0e:60:12:df:80:bb:b4:92:4a:1f:
+ 3e:52:2d:f5:9a:e3:ba:26:d3:88:68:aa:11:88:0f:
+ b8:be:7e:e3:d7:88:ce:86:09:1a:a3:2c:ce:74:c1:
+ d7:d6:7a:c4:b5:04:1e:25:ef:b7:15:6a:16:27:4d:
+ 0f:ed:af:46:fc:a0:57:a2:6d:fe:91:c3:c7:1f:87:
+ 06:fe:5a:e2:a8:de:33:67:ae:6d:06:84:f2:15:1d:
+ 9d:ff:11:cf:be:6f:a9:a5:13:13:0b:ef:67:19:1f:
+ ea:a8:ed:f0:db:f2:1f:ba:8c:a5:1e:b3:54:b7:68:
+ c3:37:85:db:01:2e:83:4d:e0:06:be:93:54:b0:dc:
+ 31:23:98:15:b7:ec:b5:82:57:7a:7c:34:6c:3b:2b:
+ 3b:fa:b3:12:9a:63:63:d9:54:fd:bf:a1:ee:3c:a4:
+ 47:83:04:60:b9:9b:74:8f:f7:92:93:1d:f5:ea:98:
+ 87:c4:c9:de:d6:b8:5f:bf:fc:2e:41:e0:55:38:65:
+ 80:54:02:c6:d9:bd:7d:51:96:ba:55:ad:bf:01:ce:
+ 31:21:54:1e:56:16:79:7b:97:1a:53:92:86:80:54:
+ ef:e9:75:ad:21:45:37:82:54:52:ed:c3:37:8c:11:
+ ab:63:dd:64:ae:15:b4:f5:cc:02:2f:61:ab:42:d6:
+ c5:a1:c0:dd:19:ef:70:f1:7f:6d:31:af:4e:60:bb:
+ 83:a1:f7:49:a5:de:94:dd:31:c1:74:4b:11:73:da:
+ 4d:f4:4e:90:9e:ae:dd:c0:61:d6:6b:54:3f:3a:78:
+ c3:8b:e4:0e:ba:c6:9c:f3:3f:fb:6c:34:7c:ff:3d:
+ 65:d7:0b:ec:4c:19:37:51:37:c5:3b:34:7e:55:85:
+ 10:82:33:30:7f:ff:95:63:5b:45:3c:45:90:34:fb:
+ 1c:5e:ef:64:a3:a7:a8:58:0f:d0:97:6a:de:5a:8f:
+ 29:51:6b:14:01:b1:ec:59:74:47:0e:d9:d0:1a:78:
+ df:16:e5:fe:5b:8b:95:48:0f:26:20:58:ef:14:6a:
+ 97:ca:c0:b3:7d:ac:7f:8a:6c:59:be:1b:fc:a0:47:
+ e7:57:b1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Authority Information Access:
+ CA Issuers - URI:http://certificates.safe.ca/cacert/safeMDL.pem
+ OCSP - URI:http://certificates/safe.ca/chkcertstats
+ X509v3 Certificate Policies:
+ Policy: 1.3.6.1.4.1.7438.1.1
+ CPS: http://certificates.safe.ca/repository/
+ Policy: 2.23.140.1.2.1
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:0
+ X509v3 CRL Distribution Points:
+ Full Name:
+ URI:http://certificates.safe.ca/repository/revoklist.pem
+ X509v3 Subject Alternative Name:
+ DNS:certificates.safe.ca, IP Address:192.219.254.53
+ X509v3 Authority Key Identifier:
+ 87:DD:FB:32:49:26:5E:13:F8:B7:F2:DF:EF:9C:F6:85:34:37:7A:D9
+ X509v3 Subject Key Identifier:
+ 9C:BE:0B:C0:22:76:F5:CF:BC:FD:78:9A:92:77:20:FE:BF:96:1E:D8
+ Signature Algorithm: ecdsa-with-SHA384
+ Signature Value:
+ 30:46:02:21:00:ff:21:78:ff:d7:43:e7:9d:7d:dd:e6:f1:89:
+ f9:39:8a:14:e0:46:ca:b2:f2:59:a1:09:70:a0:2d:8b:66:a1:
+ 65:02:21:00:d6:cf:8e:54:06:f0:d3:4c:23:f6:9d:a7:d5:b7:
+ 23:6d:b9:c8:18:15:63:a3:92:98:3c:dc:25:18:71:1c:74:68
+-----BEGIN CERTIFICATE-----
+MIIFejCCBR+gAwIBAgILKgHgpfuAEAAAAAIwCgYIKoZIzj0EAwMwgYQxCzAJBgNV
+BAYTAkNBMREwDwYDVQQHDAhNb250cmVhbDEPMA0GA1UECAwGUXVlYmVjMRIwEAYD
+VQQKDAlTQUZFIEluYy4xJDAiBgNVBAsMG0RpZ2l0YWwgQ2VydGlmaWNhdGUgU2ln
+bmluZzEXMBUGA1UEAwwOU0FGRSBSb290IENBIDEwIBcNMjQwMTIwMTcxOTU1WhgP
+MjA1MTA2MDcxNzE5NTVaMHoxCzAJBgNVBAYTAkNBMRIwEAYDVQQKDAlTQUZFIElu
+Yy4xJDAiBgNVBAsMG0RpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzExMC8GA1UE
+AwwoU0FGRSBNaWRsZSBHcm91bmQgQ0EgKDIwMjQpIC0gU0hBMzg0IC0gMzCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANFSm9wQV22aDglbG6r7doxls/LK
+dTaPwMuC2C9bDiUMX/wYlEGHXXXrkuwqhxTsX8z2j7/bTqMHquyQOkhDuQGEQvs0
+CwZf2ORt51WP9q2YxH1vqDne+HCUcfMvJBs7q0Jw2GwG74Gv+vdod2YOYBLfgLu0
+kkofPlIt9ZrjuibTiGiqEYgPuL5+49eIzoYJGqMsznTB19Z6xLUEHiXvtxVqFidN
+D+2vRvygV6Jt/pHDxx+HBv5a4qjeM2eubQaE8hUdnf8Rz75vqaUTEwvvZxkf6qjt
+8NvyH7qMpR6zVLdowzeF2wEug03gBr6TVLDcMSOYFbfstYJXenw0bDsrO/qzEppj
+Y9lU/b+h7jykR4MEYLmbdI/3kpMd9eqYh8TJ3ta4X7/8LkHgVThlgFQCxtm9fVGW
+ulWtvwHOMSFUHlYWeXuXGlOShoBU7+l1rSFFN4JUUu3DN4wRq2PdZK4VtPXMAi9h
+q0LWxaHA3RnvcPF/bTGvTmC7g6H3SaXelN0xwXRLEXPaTfROkJ6u3cBh1mtUPzp4
+w4vkDrrGnPM/+2w0fP89ZdcL7EwZN1E3xTs0flWFEIIzMH//lWNbRTxFkDT7HF7v
+ZKOnqFgP0Jdq3lqPKVFrFAGx7Fl0Rw7Z0Bp43xbl/luLlUgPJiBY7xRql8rAs32s
+f4psWb4b/KBH51exAgMBAAGjggGyMIIBrjAOBgNVHQ8BAf8EBAMCAQYwgYAGCCsG
+AQUFBwEBBHQwcjA6BggrBgEFBQcwAoYuaHR0cDovL2NlcnRpZmljYXRlcy5zYWZl
+LmNhL2NhY2VydC9zYWZlTURMLnBlbTA0BggrBgEFBQcwAYYoaHR0cDovL2NlcnRp
+ZmljYXRlcy9zYWZlLmNhL2Noa2NlcnRzdGF0czBXBgNVHSAEUDBOMEIGCSsGAQQB
+ug4BATA1MDMGCCsGAQUFBwIBFidodHRwOi8vY2VydGlmaWNhdGVzLnNhZmUuY2Ev
+cmVwb3NpdG9yeS8wCAYGZ4EMAQIBMBIGA1UdEwEB/wQIMAYBAf8CAQAwRQYDVR0f
+BD4wPDA6oDigNoY0aHR0cDovL2NlcnRpZmljYXRlcy5zYWZlLmNhL3JlcG9zaXRv
+cnkvcmV2b2tsaXN0LnBlbTAlBgNVHREEHjAcghRjZXJ0aWZpY2F0ZXMuc2FmZS5j
+YYcEwNv+NTAfBgNVHSMEGDAWgBSH3fsySSZeE/i38t/vnPaFNDd62TAdBgNVHQ4E
+FgQUnL4LwCJ29c+8/Xiakncg/r+WHtgwCgYIKoZIzj0EAwMDSQAwRgIhAP8heP/X
+Q+edfd3m8Yn5OYoU4EbKsvJZoQlwoC2LZqFlAiEA1s+OVAbw00wj9p2n1bcjbbnI
+GBVjo5KYPNwlGHEcdGg=
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 2a:01:e0:a5:fb:80:80:00:00:00:28
+ Signature Algorithm: sha384WithRSAEncryption
+ Issuer: C=CA, O=SAFE Inc., OU=Digital Certificate Signing, CN=SAFE Midle Ground CA (2024) - SHA384 - 3
+ Validity
+ Not Before: Apr 6 11:54:45 2025 GMT
+ Not After : Apr 6 11:54:45 2050 GMT
+ Subject: C=CA, ST=Quebec, L=Montreal, O=SAFE Inc., OU=Mailleur email developpement test, CN=mailleur.example.com
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (4096 bit)
+ Modulus:
+ 00:b2:6e:35:f7:8c:eb:07:0d:a1:f8:10:fd:dd:8d:
+ d9:9e:cf:9f:4b:39:4d:ee:81:5e:b3:5e:a2:67:81:
+ 9e:b7:ec:b8:bb:08:12:5d:07:01:23:bc:3d:24:82:
+ a7:b0:a6:b1:56:57:6e:e6:b9:95:8f:fb:7f:12:fd:
+ ec:91:4b:81:6d:e8:8f:5d:33:c3:e6:db:24:66:f5:
+ f2:cd:1e:86:8f:23:b6:38:2e:46:c9:94:cd:4c:b6:
+ 37:41:44:5f:8f:08:36:f7:90:77:97:f6:1d:81:a8:
+ 44:94:23:30:a8:19:41:bc:b8:d4:52:d9:4c:57:45:
+ ea:1e:2e:a8:60:9b:c7:34:6d:81:66:5d:68:f8:a5:
+ 67:31:5a:49:14:13:7c:68:af:d0:ab:6e:e5:2c:da:
+ 5c:b1:20:78:ff:4b:3c:1e:5a:81:a0:91:66:7f:a9:
+ 6c:2d:df:b6:4f:89:53:db:62:40:01:ea:ab:d8:9f:
+ 1d:4b:5c:dc:2d:95:83:73:a2:77:c8:3f:ce:fe:39:
+ 11:2e:b2:38:17:3d:bc:50:73:50:d0:1a:5b:76:9e:
+ 44:76:6d:c9:14:53:61:05:31:a6:66:1d:ba:a9:88:
+ 52:bb:28:a9:bb:de:3e:05:3f:11:6b:ee:14:0b:0f:
+ f2:79:6a:3c:56:c9:f6:78:0f:d5:2f:8b:7b:ad:23:
+ 75:f3:53:e7:b4:ab:82:c4:8d:f1:84:f8:82:3e:97:
+ a6:85:84:18:fc:89:e7:12:95:c9:ed:28:c5:6c:d8:
+ 84:de:f7:d5:fd:a8:c1:e6:2d:55:75:14:9c:1b:5f:
+ 89:91:0a:58:0e:ff:92:67:2e:f0:9e:c4:48:30:1a:
+ be:1d:64:35:ba:87:92:ae:d7:24:5f:08:28:37:b2:
+ ec:c9:5a:36:84:66:1e:f2:94:73:bc:7e:83:3e:0c:
+ da:ff:8f:ea:1c:13:94:53:d6:71:8f:a1:52:27:c5:
+ 0f:31:0b:7d:3a:96:23:f5:cc:bf:4a:9b:8e:08:5a:
+ 15:ec:4a:6b:db:25:16:21:2c:9b:52:4d:71:d3:6c:
+ 6f:55:63:cc:28:37:23:58:cf:63:dd:38:79:24:ab:
+ 46:f9:96:20:6b:b1:77:b4:b8:f1:cf:1e:7e:ae:f5:
+ 8b:5b:89:98:e5:df:71:d1:b5:66:cd:6f:b6:c2:8f:
+ 0e:75:59:e1:5f:cf:ab:b3:87:ce:6d:c1:ba:44:68:
+ 79:70:ae:0b:07:1f:d5:7a:33:0b:13:fd:39:98:5b:
+ 46:19:e4:a2:bf:f4:06:48:12:01:c7:fc:c8:cc:15:
+ 81:d6:2e:82:3f:7e:57:b8:a8:06:d8:70:81:f7:c3:
+ 42:4c:af:48:7a:26:38:96:e2:6f:fc:b3:e6:9f:b8:
+ 6f:2b:0d
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Key Usage: critical
+ Digital Signature, Key Encipherment
+ Authority Information Access:
+ CA Issuers - URI:http://certificates.safe.ca/cacert/safeMDL.pem
+ OCSP - URI:http://certificates/safe.ca/chkcertstats
+ X509v3 Certificate Policies:
+ Policy: 1.3.6.1.4.1.7438.1.2
+ CPS: http://certificates.safe.ca/policies
+ Policy: 2.23.140.1.1
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 CRL Distribution Points:
+ Full Name:
+ URI:http://certificates.safe.ca/repository/revoklist.pem
+ X509v3 Subject Alternative Name:
+ DNS:mailleur.example.com, IP Address:127.127.10.25
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication, TLS Web Client Authentication, E-mail Protection
+ X509v3 Subject Key Identifier:
+ 89:FC:FA:27:85:1A:75:70:74:B6:47:9C:2A:B6:1F:90:58:BF:C5:C1
+ X509v3 Authority Key Identifier:
+ 9C:BE:0B:C0:22:76:F5:CF:BC:FD:78:9A:92:77:20:FE:BF:96:1E:D8
+ Signature Algorithm: sha384WithRSAEncryption
+ Signature Value:
+ 68:21:b6:11:60:a6:ea:31:af:9a:31:64:be:88:f9:60:17:d7:
+ 4b:d5:95:a8:cd:bd:04:10:2a:3d:f9:61:25:e1:44:87:5d:53:
+ 81:47:a5:d4:46:32:a8:ef:f3:be:1c:36:71:19:77:4a:f8:15:
+ 43:38:c5:61:62:09:7c:1e:d6:0c:72:b9:9c:97:eb:c2:ce:b6:
+ d0:14:0b:7c:01:8c:1d:05:bf:7e:29:09:9f:13:e2:e5:1d:d8:
+ 89:78:0e:f8:af:87:2b:94:dc:c3:27:9c:cd:db:33:f7:60:7c:
+ 9a:0f:ab:09:79:dd:5f:b4:b2:60:54:a5:88:9c:76:3f:6e:cc:
+ 91:b3:a6:13:63:64:be:b0:2e:37:9c:80:db:e1:95:11:12:e8:
+ 0a:5b:bd:b0:b9:49:ee:cd:6c:34:64:ef:85:57:39:d7:2f:8d:
+ a5:b6:4d:98:8f:c5:2e:2d:d5:97:8b:cc:49:84:ba:29:a9:e9:
+ 40:b7:2a:56:f4:0f:cb:02:d2:2f:ec:5d:4c:2c:6b:88:e1:b6:
+ 01:cb:2c:6e:c8:49:a6:2c:48:d3:81:9c:0d:6f:07:c5:56:7e:
+ 47:f4:7d:14:81:62:e1:29:b6:28:91:7f:db:fc:47:7c:7f:e1:
+ fe:9c:08:ab:64:22:f8:cf:bb:8f:9e:75:1e:07:ac:dd:56:88:
+ 95:ca:84:42:1f:b0:90:ca:3a:7b:24:00:43:44:57:3a:83:67:
+ f7:15:65:14:bf:96:85:39:d9:53:6c:e3:f2:dc:0f:e2:bb:d7:
+ 0f:81:71:00:16:bd:1f:82:2b:af:f7:2b:49:04:9f:1c:fe:3b:
+ bb:da:26:a9:ba:8b:5f:70:f4:68:a3:fc:88:4b:cf:34:47:54:
+ eb:3a:65:4d:24:c7:66:60:61:55:03:81:10:a4:b3:30:3e:40:
+ ca:e8:0c:e8:24:9f:0e:20:5c:1f:ea:65:bd:5b:23:cd:95:f8:
+ 1c:74:ef:25:2c:55:7a:d8:85:eb:33:fe:98:8e:cd:bc:d1:6e:
+ f9:38:71:5f:8b:cb:09:2e:3d:78:b4:37:4b:70:60:60:85:f0:
+ 34:78:e7:4c:05:47:a7:ba:46:58:7b:4a:2e:8c:03:5f:49:ea:
+ a8:c4:81:4e:08:c7:50:e2:43:b2:22:d2:cb:6a:e6:69:71:4e:
+ a5:f5:49:a5:fd:03:07:25:e8:43:2e:fd:fa:1d:f5:9c:24:90:
+ 7d:29:e7:40:f8:e5:b0:ea:02:a4:c5:e5:3a:f8:d0:a7:88:31:
+ 1a:3d:8d:3a:fd:ac:cd:02:6a:4a:08:d4:dd:a9:a3:76:45:2a:
+ d1:43:3a:17:be:75:50:33:43:66:7b:1c:a6:cc:0e:0d:90:5c:
+ 85:7d:6c:cc:b0:56:44:45
+-----BEGIN CERTIFICATE-----
+MIIHYjCCBUqgAwIBAgILKgHgpfuAgAAAACgwDQYJKoZIhvcNAQEMBQAwejELMAkG
+A1UEBhMCQ0ExEjAQBgNVBAoMCVNBRkUgSW5jLjEkMCIGA1UECwwbRGlnaXRhbCBD
+ZXJ0aWZpY2F0ZSBTaWduaW5nMTEwLwYDVQQDDChTQUZFIE1pZGxlIEdyb3VuZCBD
+QSAoMjAyNCkgLSBTSEEzODQgLSAzMCAXDTI1MDQwNjExNTQ0NVoYDzIwNTAwNDA2
+MTE1NDQ1WjCBkDELMAkGA1UEBhMCQ0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UE
+BwwITW9udHJlYWwxEjAQBgNVBAoMCVNBRkUgSW5jLjEqMCgGA1UECwwhTWFpbGxl
+dXIgZW1haWwgZGV2ZWxvcHBlbWVudCB0ZXN0MR0wGwYDVQQDDBRtYWlsbGV1ci5l
+eGFtcGxlLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALJuNfeM
+6wcNofgQ/d2N2Z7Pn0s5Te6BXrNeomeBnrfsuLsIEl0HASO8PSSCp7CmsVZXbua5
+lY/7fxL97JFLgW3oj10zw+bbJGb18s0eho8jtjguRsmUzUy2N0FEX48INveQd5f2
+HYGoRJQjMKgZQby41FLZTFdF6h4uqGCbxzRtgWZdaPilZzFaSRQTfGiv0Ktu5Sza
+XLEgeP9LPB5agaCRZn+pbC3ftk+JU9tiQAHqq9ifHUtc3C2Vg3Oid8g/zv45ES6y
+OBc9vFBzUNAaW3aeRHZtyRRTYQUxpmYduqmIUrsoqbvePgU/EWvuFAsP8nlqPFbJ
+9ngP1S+Le60jdfNT57SrgsSN8YT4gj6XpoWEGPyJ5xKVye0oxWzYhN731f2oweYt
+VXUUnBtfiZEKWA7/kmcu8J7ESDAavh1kNbqHkq7XJF8IKDey7MlaNoRmHvKUc7x+
+gz4M2v+P6hwTlFPWcY+hUifFDzELfTqWI/XMv0qbjghaFexKa9slFiEsm1JNcdNs
+b1VjzCg3I1jPY904eSSrRvmWIGuxd7S48c8efq71i1uJmOXfcdG1Zs1vtsKPDnVZ
+4V/Pq7OHzm3BukRoeXCuCwcf1XozCxP9OZhbRhnkor/0BkgSAcf8yMwVgdYugj9+
+V7ioBthwgffDQkyvSHomOJbib/yz5p+4bysNAgMBAAGjggHOMIIByjAOBgNVHQ8B
+Af8EBAMCBaAwgYAGCCsGAQUFBwEBBHQwcjA6BggrBgEFBQcwAoYuaHR0cDovL2Nl
+cnRpZmljYXRlcy5zYWZlLmNhL2NhY2VydC9zYWZlTURMLnBlbTA0BggrBgEFBQcw
+AYYoaHR0cDovL2NlcnRpZmljYXRlcy9zYWZlLmNhL2Noa2NlcnRzdGF0czBTBgNV
+HSAETDBKMD8GCSsGAQQBug4BAjAyMDAGCCsGAQUFBwIBFiRodHRwOi8vY2VydGlm
+aWNhdGVzLnNhZmUuY2EvcG9saWNpZXMwBwYFZ4EMAQEwCQYDVR0TBAIwADBFBgNV
+HR8EPjA8MDqgOKA2hjRodHRwOi8vY2VydGlmaWNhdGVzLnNhZmUuY2EvcmVwb3Np
+dG9yeS9yZXZva2xpc3QucGVtMCUGA1UdEQQeMByCFG1haWxsZXVyLmV4YW1wbGUu
+Y29thwR/fwoZMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUH
+AwQwHQYDVR0OBBYEFIn8+ieFGnVwdLZHnCq2H5BYv8XBMB8GA1UdIwQYMBaAFJy+
+C8AidvXPvP14mpJ3IP6/lh7YMA0GCSqGSIb3DQEBDAUAA4ICAQBoIbYRYKbqMa+a
+MWS+iPlgF9dL1ZWozb0EECo9+WEl4USHXVOBR6XURjKo7/O+HDZxGXdK+BVDOMVh
+Ygl8HtYMcrmcl+vCzrbQFAt8AYwdBb9+KQmfE+LlHdiJeA74r4crlNzDJ5zN2zP3
+YHyaD6sJed1ftLJgVKWInHY/bsyRs6YTY2S+sC43nIDb4ZUREugKW72wuUnuzWw0
+ZO+FVznXL42ltk2Yj8UuLdWXi8xJhLopqelAtypW9A/LAtIv7F1MLGuI4bYByyxu
+yEmmLEjTgZwNbwfFVn5H9H0UgWLhKbYokX/b/Ed8f+H+nAirZCL4z7uPnnUeB6zd
+VoiVyoRCH7CQyjp7JABDRFc6g2f3FWUUv5aFOdlTbOPy3A/iu9cPgXEAFr0fgiuv
+9ytJBJ8c/ju72iapuotfcPRoo/yIS880R1TrOmVNJMdmYGFVA4EQpLMwPkDK6Azo
+JJ8OIFwf6mW9WyPNlfgcdO8lLFV62IXrM/6Yjs280W75OHFfi8sJLj14tDdLcGBg
+hfA0eOdMBUenukZYe0oujANfSeqoxIFOCMdQ4kOyItLLauZpcU6l9Uml/QMHJehD
+Lv36HfWcJJB9KedA+OWw6gKkxeU6+NCniDEaPY06/azNAmpKCNTdqaN2RSrRQzoX
+vnVQM0NmexymzA4NkFyFfWzMsFZERQ==
+-----END CERTIFICATE-----
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 2a:01:e0:a5:fb:80:10:00:00:00:02
+ Signature Algorithm: ecdsa-with-SHA384
+ Issuer: C=CA, L=Montreal, ST=Quebec, O=SAFE Inc., OU=Digital Certificate Signing, CN=SAFE Root CA 1
+ Validity
+ Not Before: Jan 20 17:19:55 2024 GMT
+ Not After : Jun 7 17:19:55 2051 GMT
+ Subject: C=CA, O=SAFE Inc., OU=Digital Certificate Signing, CN=SAFE Midle Ground CA (2024) - SHA384 - 3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (4096 bit)
+ Modulus:
+ 00:d1:52:9b:dc:10:57:6d:9a:0e:09:5b:1b:aa:fb:
+ 76:8c:65:b3:f2:ca:75:36:8f:c0:cb:82:d8:2f:5b:
+ 0e:25:0c:5f:fc:18:94:41:87:5d:75:eb:92:ec:2a:
+ 87:14:ec:5f:cc:f6:8f:bf:db:4e:a3:07:aa:ec:90:
+ 3a:48:43:b9:01:84:42:fb:34:0b:06:5f:d8:e4:6d:
+ e7:55:8f:f6:ad:98:c4:7d:6f:a8:39:de:f8:70:94:
+ 71:f3:2f:24:1b:3b:ab:42:70:d8:6c:06:ef:81:af:
+ fa:f7:68:77:66:0e:60:12:df:80:bb:b4:92:4a:1f:
+ 3e:52:2d:f5:9a:e3:ba:26:d3:88:68:aa:11:88:0f:
+ b8:be:7e:e3:d7:88:ce:86:09:1a:a3:2c:ce:74:c1:
+ d7:d6:7a:c4:b5:04:1e:25:ef:b7:15:6a:16:27:4d:
+ 0f:ed:af:46:fc:a0:57:a2:6d:fe:91:c3:c7:1f:87:
+ 06:fe:5a:e2:a8:de:33:67:ae:6d:06:84:f2:15:1d:
+ 9d:ff:11:cf:be:6f:a9:a5:13:13:0b:ef:67:19:1f:
+ ea:a8:ed:f0:db:f2:1f:ba:8c:a5:1e:b3:54:b7:68:
+ c3:37:85:db:01:2e:83:4d:e0:06:be:93:54:b0:dc:
+ 31:23:98:15:b7:ec:b5:82:57:7a:7c:34:6c:3b:2b:
+ 3b:fa:b3:12:9a:63:63:d9:54:fd:bf:a1:ee:3c:a4:
+ 47:83:04:60:b9:9b:74:8f:f7:92:93:1d:f5:ea:98:
+ 87:c4:c9:de:d6:b8:5f:bf:fc:2e:41:e0:55:38:65:
+ 80:54:02:c6:d9:bd:7d:51:96:ba:55:ad:bf:01:ce:
+ 31:21:54:1e:56:16:79:7b:97:1a:53:92:86:80:54:
+ ef:e9:75:ad:21:45:37:82:54:52:ed:c3:37:8c:11:
+ ab:63:dd:64:ae:15:b4:f5:cc:02:2f:61:ab:42:d6:
+ c5:a1:c0:dd:19:ef:70:f1:7f:6d:31:af:4e:60:bb:
+ 83:a1:f7:49:a5:de:94:dd:31:c1:74:4b:11:73:da:
+ 4d:f4:4e:90:9e:ae:dd:c0:61:d6:6b:54:3f:3a:78:
+ c3:8b:e4:0e:ba:c6:9c:f3:3f:fb:6c:34:7c:ff:3d:
+ 65:d7:0b:ec:4c:19:37:51:37:c5:3b:34:7e:55:85:
+ 10:82:33:30:7f:ff:95:63:5b:45:3c:45:90:34:fb:
+ 1c:5e:ef:64:a3:a7:a8:58:0f:d0:97:6a:de:5a:8f:
+ 29:51:6b:14:01:b1:ec:59:74:47:0e:d9:d0:1a:78:
+ df:16:e5:fe:5b:8b:95:48:0f:26:20:58:ef:14:6a:
+ 97:ca:c0:b3:7d:ac:7f:8a:6c:59:be:1b:fc:a0:47:
+ e7:57:b1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Authority Information Access:
+ CA Issuers - URI:http://certificates.safe.ca/cacert/safeMDL.pem
+ OCSP - URI:http://certificates/safe.ca/chkcertstats
+ X509v3 Certificate Policies:
+ Policy: 1.3.6.1.4.1.7438.1.1
+ CPS: http://certificates.safe.ca/repository/
+ Policy: 2.23.140.1.2.1
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:0
+ X509v3 CRL Distribution Points:
+ Full Name:
+ URI:http://certificates.safe.ca/repository/revoklist.pem
+ X509v3 Subject Alternative Name:
+ DNS:certificates.safe.ca, IP Address:192.219.254.53
+ X509v3 Authority Key Identifier:
+ 87:DD:FB:32:49:26:5E:13:F8:B7:F2:DF:EF:9C:F6:85:34:37:7A:D9
+ X509v3 Subject Key Identifier:
+ 9C:BE:0B:C0:22:76:F5:CF:BC:FD:78:9A:92:77:20:FE:BF:96:1E:D8
+ Signature Algorithm: ecdsa-with-SHA384
+ Signature Value:
+ 30:46:02:21:00:ff:21:78:ff:d7:43:e7:9d:7d:dd:e6:f1:89:
+ f9:39:8a:14:e0:46:ca:b2:f2:59:a1:09:70:a0:2d:8b:66:a1:
+ 65:02:21:00:d6:cf:8e:54:06:f0:d3:4c:23:f6:9d:a7:d5:b7:
+ 23:6d:b9:c8:18:15:63:a3:92:98:3c:dc:25:18:71:1c:74:68
+-----BEGIN CERTIFICATE-----
+MIIFejCCBR+gAwIBAgILKgHgpfuAEAAAAAIwCgYIKoZIzj0EAwMwgYQxCzAJBgNV
+BAYTAkNBMREwDwYDVQQHDAhNb250cmVhbDEPMA0GA1UECAwGUXVlYmVjMRIwEAYD
+VQQKDAlTQUZFIEluYy4xJDAiBgNVBAsMG0RpZ2l0YWwgQ2VydGlmaWNhdGUgU2ln
+bmluZzEXMBUGA1UEAwwOU0FGRSBSb290IENBIDEwIBcNMjQwMTIwMTcxOTU1WhgP
+MjA1MTA2MDcxNzE5NTVaMHoxCzAJBgNVBAYTAkNBMRIwEAYDVQQKDAlTQUZFIElu
+Yy4xJDAiBgNVBAsMG0RpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzExMC8GA1UE
+AwwoU0FGRSBNaWRsZSBHcm91bmQgQ0EgKDIwMjQpIC0gU0hBMzg0IC0gMzCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANFSm9wQV22aDglbG6r7doxls/LK
+dTaPwMuC2C9bDiUMX/wYlEGHXXXrkuwqhxTsX8z2j7/bTqMHquyQOkhDuQGEQvs0
+CwZf2ORt51WP9q2YxH1vqDne+HCUcfMvJBs7q0Jw2GwG74Gv+vdod2YOYBLfgLu0
+kkofPlIt9ZrjuibTiGiqEYgPuL5+49eIzoYJGqMsznTB19Z6xLUEHiXvtxVqFidN
+D+2vRvygV6Jt/pHDxx+HBv5a4qjeM2eubQaE8hUdnf8Rz75vqaUTEwvvZxkf6qjt
+8NvyH7qMpR6zVLdowzeF2wEug03gBr6TVLDcMSOYFbfstYJXenw0bDsrO/qzEppj
+Y9lU/b+h7jykR4MEYLmbdI/3kpMd9eqYh8TJ3ta4X7/8LkHgVThlgFQCxtm9fVGW
+ulWtvwHOMSFUHlYWeXuXGlOShoBU7+l1rSFFN4JUUu3DN4wRq2PdZK4VtPXMAi9h
+q0LWxaHA3RnvcPF/bTGvTmC7g6H3SaXelN0xwXRLEXPaTfROkJ6u3cBh1mtUPzp4
+w4vkDrrGnPM/+2w0fP89ZdcL7EwZN1E3xTs0flWFEIIzMH//lWNbRTxFkDT7HF7v
+ZKOnqFgP0Jdq3lqPKVFrFAGx7Fl0Rw7Z0Bp43xbl/luLlUgPJiBY7xRql8rAs32s
+f4psWb4b/KBH51exAgMBAAGjggGyMIIBrjAOBgNVHQ8BAf8EBAMCAQYwgYAGCCsG
+AQUFBwEBBHQwcjA6BggrBgEFBQcwAoYuaHR0cDovL2NlcnRpZmljYXRlcy5zYWZl
+LmNhL2NhY2VydC9zYWZlTURMLnBlbTA0BggrBgEFBQcwAYYoaHR0cDovL2NlcnRp
+ZmljYXRlcy9zYWZlLmNhL2Noa2NlcnRzdGF0czBXBgNVHSAEUDBOMEIGCSsGAQQB
+ug4BATA1MDMGCCsGAQUFBwIBFidodHRwOi8vY2VydGlmaWNhdGVzLnNhZmUuY2Ev
+cmVwb3NpdG9yeS8wCAYGZ4EMAQIBMBIGA1UdEwEB/wQIMAYBAf8CAQAwRQYDVR0f
+BD4wPDA6oDigNoY0aHR0cDovL2NlcnRpZmljYXRlcy5zYWZlLmNhL3JlcG9zaXRv
+cnkvcmV2b2tsaXN0LnBlbTAlBgNVHREEHjAcghRjZXJ0aWZpY2F0ZXMuc2FmZS5j
+YYcEwNv+NTAfBgNVHSMEGDAWgBSH3fsySSZeE/i38t/vnPaFNDd62TAdBgNVHQ4E
+FgQUnL4LwCJ29c+8/Xiakncg/r+WHtgwCgYIKoZIzj0EAwMDSQAwRgIhAP8heP/X
+Q+edfd3m8Yn5OYoU4EbKsvJZoQlwoC2LZqFlAiEA1s+OVAbw00wj9p2n1bcjbbnI
+GBVjo5KYPNwlGHEcdGg=
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 02:d3:24:58:50:9a:63:62:01:9c:77:99:26:1d:07:d4:9a:6f:b8:31
+ Signature Algorithm: ecdsa-with-SHA384
+ Issuer: C=CA, L=Montreal, ST=Quebec, O=SAFE Inc., OU=Digital Certificate Signing, CN=SAFE Root CA 1
+ Validity
+ Not Before: Apr 25 13:26:55 2021 GMT
+ Not After : Apr 25 13:26:55 2041 GMT
+ Subject: C=CA, L=Montreal, ST=Quebec, O=SAFE Inc., OU=Digital Certificate Signing, CN=SAFE Root CA 1
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (256 bit)
+ pub:
+ 04:2b:ba:82:6e:03:14:e8:ee:9b:1d:0b:e3:80:e8:
+ ef:1f:68:fd:b5:4d:24:50:9d:7a:04:07:b9:d1:c3:
+ 70:db:aa:c9:10:c3:3d:7f:26:a0:88:22:21:51:39:
+ fd:51:10:8e:67:31:9e:5c:b2:be:60:94:01:75:7e:
+ c3:ef:b3:ac:6c
+ ASN1 OID: prime256v1
+ NIST CURVE: P-256
+ X509v3 extensions:
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Subject Key Identifier:
+ 87:DD:FB:32:49:26:5E:13:F8:B7:F2:DF:EF:9C:F6:85:34:37:7A:D9
+ X509v3 Authority Key Identifier:
+ 87:DD:FB:32:49:26:5E:13:F8:B7:F2:DF:EF:9C:F6:85:34:37:7A:D9
+ X509v3 Certificate Policies:
+ Policy: 1.3.6.1.4.1.7438.1.1
+ CPS: http://certificates.safe.ca/repository/
+ Policy: 2.23.140.1.2.1
+ Signature Algorithm: ecdsa-with-SHA384
+ Signature Value:
+ 30:45:02:20:50:43:0d:35:ec:ec:53:6e:3c:74:4e:7b:53:3f:
+ df:2d:d4:5d:8a:2a:0b:7a:21:c4:6e:93:04:70:b5:b5:74:2a:
+ 02:21:00:a6:6e:95:77:72:9d:0e:bc:f0:15:5f:b7:02:cc:e1:
+ ac:b1:3d:f5:a6:99:01:23:30:3a:76:03:6b:ee:ac:92:fa
+-----BEGIN CERTIFICATE-----
+MIICyjCCAnCgAwIBAgIUAtMkWFCaY2IBnHeZJh0H1JpvuDEwCgYIKoZIzj0EAwMw
+gYQxCzAJBgNVBAYTAkNBMREwDwYDVQQHDAhNb250cmVhbDEPMA0GA1UECAwGUXVl
+YmVjMRIwEAYDVQQKDAlTQUZFIEluYy4xJDAiBgNVBAsMG0RpZ2l0YWwgQ2VydGlm
+aWNhdGUgU2lnbmluZzEXMBUGA1UEAwwOU0FGRSBSb290IENBIDEwHhcNMjEwNDI1
+MTMyNjU1WhcNNDEwNDI1MTMyNjU1WjCBhDELMAkGA1UEBhMCQ0ExETAPBgNVBAcM
+CE1vbnRyZWFsMQ8wDQYDVQQIDAZRdWViZWMxEjAQBgNVBAoMCVNBRkUgSW5jLjEk
+MCIGA1UECwwbRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMRcwFQYDVQQDDA5T
+QUZFIFJvb3QgQ0EgMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCu6gm4DFOju
+mx0L44Do7x9o/bVNJFCdegQHudHDcNuqyRDDPX8moIgiIVE5/VEQjmcxnlyyvmCU
+AXV+w++zrGyjgb0wgbowDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w
+HQYDVR0OBBYEFIfd+zJJJl4T+Lfy3++c9oU0N3rZMB8GA1UdIwQYMBaAFIfd+zJJ
+Jl4T+Lfy3++c9oU0N3rZMFcGA1UdIARQME4wQgYJKwYBBAG6DgEBMDUwMwYIKwYB
+BQUHAgEWJ2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuc2FmZS5jYS9yZXBvc2l0b3J5LzAI
+BgZngQwBAgEwCgYIKoZIzj0EAwMDSAAwRQIgUEMNNezsU248dE57Uz/fLdRdiioL
+eiHEbpMEcLW1dCoCIQCmbpV3cp0OvPAVX7cCzOGssT31ppkBIzA6dgNr7qyS+g==
+-----END CERTIFICATE-----
Q+edfd3m8Yn5OYoU4EbKsvJZoQlwoC2LZqFlAiEA1s+OVAbw00wj9p2n1bcjbbnI
GBVjo5KYPNwlGHEcdGg=
-----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICyjCCAnCgAwIBAgIUAtMkWFCaY2IBnHeZJh0H1JpvuDEwCgYIKoZIzj0EAwMw
-gYQxCzAJBgNVBAYTAkNBMREwDwYDVQQHDAhNb250cmVhbDEPMA0GA1UECAwGUXVl
-YmVjMRIwEAYDVQQKDAlTQUZFIEluYy4xJDAiBgNVBAsMG0RpZ2l0YWwgQ2VydGlm
-aWNhdGUgU2lnbmluZzEXMBUGA1UEAwwOU0FGRSBSb290IENBIDEwHhcNMjEwNDI1
-MTMyNjU1WhcNNDEwNDI1MTMyNjU1WjCBhDELMAkGA1UEBhMCQ0ExETAPBgNVBAcM
-CE1vbnRyZWFsMQ8wDQYDVQQIDAZRdWViZWMxEjAQBgNVBAoMCVNBRkUgSW5jLjEk
-MCIGA1UECwwbRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMRcwFQYDVQQDDA5T
-QUZFIFJvb3QgQ0EgMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCu6gm4DFOju
-mx0L44Do7x9o/bVNJFCdegQHudHDcNuqyRDDPX8moIgiIVE5/VEQjmcxnlyyvmCU
-AXV+w++zrGyjgb0wgbowDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w
-HQYDVR0OBBYEFIfd+zJJJl4T+Lfy3++c9oU0N3rZMB8GA1UdIwQYMBaAFIfd+zJJ
-Jl4T+Lfy3++c9oU0N3rZMFcGA1UdIARQME4wQgYJKwYBBAG6DgEBMDUwMwYIKwYB
-BQUHAgEWJ2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuc2FmZS5jYS9yZXBvc2l0b3J5LzAI
-BgZngQwBAgEwCgYIKoZIzj0EAwMDSAAwRQIgUEMNNezsU248dE57Uz/fLdRdiioL
-eiHEbpMEcLW1dCoCIQCmbpV3cp0OvPAVX7cCzOGssT31ppkBIzA6dgNr7qyS+g==
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIHYjCCBUqgAwIBAgILKgHgpfuAgAAAACgwDQYJKoZIhvcNAQEMBQAwejELMAkG
-A1UEBhMCQ0ExEjAQBgNVBAoMCVNBRkUgSW5jLjEkMCIGA1UECwwbRGlnaXRhbCBD
-ZXJ0aWZpY2F0ZSBTaWduaW5nMTEwLwYDVQQDDChTQUZFIE1pZGxlIEdyb3VuZCBD
-QSAoMjAyNCkgLSBTSEEzODQgLSAzMCAXDTI1MDQwNjExNTQ0NVoYDzIwNTAwNDA2
-MTE1NDQ1WjCBkDELMAkGA1UEBhMCQ0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UE
-BwwITW9udHJlYWwxEjAQBgNVBAoMCVNBRkUgSW5jLjEqMCgGA1UECwwhTWFpbGxl
-dXIgZW1haWwgZGV2ZWxvcHBlbWVudCB0ZXN0MR0wGwYDVQQDDBRtYWlsbGV1ci5l
-eGFtcGxlLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALJuNfeM
-6wcNofgQ/d2N2Z7Pn0s5Te6BXrNeomeBnrfsuLsIEl0HASO8PSSCp7CmsVZXbua5
-lY/7fxL97JFLgW3oj10zw+bbJGb18s0eho8jtjguRsmUzUy2N0FEX48INveQd5f2
-HYGoRJQjMKgZQby41FLZTFdF6h4uqGCbxzRtgWZdaPilZzFaSRQTfGiv0Ktu5Sza
-XLEgeP9LPB5agaCRZn+pbC3ftk+JU9tiQAHqq9ifHUtc3C2Vg3Oid8g/zv45ES6y
-OBc9vFBzUNAaW3aeRHZtyRRTYQUxpmYduqmIUrsoqbvePgU/EWvuFAsP8nlqPFbJ
-9ngP1S+Le60jdfNT57SrgsSN8YT4gj6XpoWEGPyJ5xKVye0oxWzYhN731f2oweYt
-VXUUnBtfiZEKWA7/kmcu8J7ESDAavh1kNbqHkq7XJF8IKDey7MlaNoRmHvKUc7x+
-gz4M2v+P6hwTlFPWcY+hUifFDzELfTqWI/XMv0qbjghaFexKa9slFiEsm1JNcdNs
-b1VjzCg3I1jPY904eSSrRvmWIGuxd7S48c8efq71i1uJmOXfcdG1Zs1vtsKPDnVZ
-4V/Pq7OHzm3BukRoeXCuCwcf1XozCxP9OZhbRhnkor/0BkgSAcf8yMwVgdYugj9+
-V7ioBthwgffDQkyvSHomOJbib/yz5p+4bysNAgMBAAGjggHOMIIByjAOBgNVHQ8B
-Af8EBAMCBaAwgYAGCCsGAQUFBwEBBHQwcjA6BggrBgEFBQcwAoYuaHR0cDovL2Nl
-cnRpZmljYXRlcy5zYWZlLmNhL2NhY2VydC9zYWZlTURMLnBlbTA0BggrBgEFBQcw
-AYYoaHR0cDovL2NlcnRpZmljYXRlcy9zYWZlLmNhL2Noa2NlcnRzdGF0czBTBgNV
-HSAETDBKMD8GCSsGAQQBug4BAjAyMDAGCCsGAQUFBwIBFiRodHRwOi8vY2VydGlm
-aWNhdGVzLnNhZmUuY2EvcG9saWNpZXMwBwYFZ4EMAQEwCQYDVR0TBAIwADBFBgNV
-HR8EPjA8MDqgOKA2hjRodHRwOi8vY2VydGlmaWNhdGVzLnNhZmUuY2EvcmVwb3Np
-dG9yeS9yZXZva2xpc3QucGVtMCUGA1UdEQQeMByCFG1haWxsZXVyLmV4YW1wbGUu
-Y29thwR/fwoZMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUH
-AwQwHQYDVR0OBBYEFIn8+ieFGnVwdLZHnCq2H5BYv8XBMB8GA1UdIwQYMBaAFJy+
-C8AidvXPvP14mpJ3IP6/lh7YMA0GCSqGSIb3DQEBDAUAA4ICAQBoIbYRYKbqMa+a
-MWS+iPlgF9dL1ZWozb0EECo9+WEl4USHXVOBR6XURjKo7/O+HDZxGXdK+BVDOMVh
-Ygl8HtYMcrmcl+vCzrbQFAt8AYwdBb9+KQmfE+LlHdiJeA74r4crlNzDJ5zN2zP3
-YHyaD6sJed1ftLJgVKWInHY/bsyRs6YTY2S+sC43nIDb4ZUREugKW72wuUnuzWw0
-ZO+FVznXL42ltk2Yj8UuLdWXi8xJhLopqelAtypW9A/LAtIv7F1MLGuI4bYByyxu
-yEmmLEjTgZwNbwfFVn5H9H0UgWLhKbYokX/b/Ed8f+H+nAirZCL4z7uPnnUeB6zd
-VoiVyoRCH7CQyjp7JABDRFc6g2f3FWUUv5aFOdlTbOPy3A/iu9cPgXEAFr0fgiuv
-9ytJBJ8c/ju72iapuotfcPRoo/yIS880R1TrOmVNJMdmYGFVA4EQpLMwPkDK6Azo
-JJ8OIFwf6mW9WyPNlfgcdO8lLFV62IXrM/6Yjs280W75OHFfi8sJLj14tDdLcGBg
-hfA0eOdMBUenukZYe0oujANfSeqoxIFOCMdQ4kOyItLLauZpcU6l9Uml/QMHJehD
-Lv36HfWcJJB9KedA+OWw6gKkxeU6+NCniDEaPY06/azNAmpKCNTdqaN2RSrRQzoX
-vnVQM0NmexymzA4NkFyFfWzMsFZERQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFejCCBR+gAwIBAgILKgHgpfuAEAAAAAIwCgYIKoZIzj0EAwMwgYQxCzAJBgNV
-BAYTAkNBMREwDwYDVQQHDAhNb250cmVhbDEPMA0GA1UECAwGUXVlYmVjMRIwEAYD
-VQQKDAlTQUZFIEluYy4xJDAiBgNVBAsMG0RpZ2l0YWwgQ2VydGlmaWNhdGUgU2ln
-bmluZzEXMBUGA1UEAwwOU0FGRSBSb290IENBIDEwIBcNMjQwMTIwMTcxOTU1WhgP
-MjA1MTA2MDcxNzE5NTVaMHoxCzAJBgNVBAYTAkNBMRIwEAYDVQQKDAlTQUZFIElu
-Yy4xJDAiBgNVBAsMG0RpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzExMC8GA1UE
-AwwoU0FGRSBNaWRsZSBHcm91bmQgQ0EgKDIwMjQpIC0gU0hBMzg0IC0gMzCCAiIw
-DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANFSm9wQV22aDglbG6r7doxls/LK
-dTaPwMuC2C9bDiUMX/wYlEGHXXXrkuwqhxTsX8z2j7/bTqMHquyQOkhDuQGEQvs0
-CwZf2ORt51WP9q2YxH1vqDne+HCUcfMvJBs7q0Jw2GwG74Gv+vdod2YOYBLfgLu0
-kkofPlIt9ZrjuibTiGiqEYgPuL5+49eIzoYJGqMsznTB19Z6xLUEHiXvtxVqFidN
-D+2vRvygV6Jt/pHDxx+HBv5a4qjeM2eubQaE8hUdnf8Rz75vqaUTEwvvZxkf6qjt
-8NvyH7qMpR6zVLdowzeF2wEug03gBr6TVLDcMSOYFbfstYJXenw0bDsrO/qzEppj
-Y9lU/b+h7jykR4MEYLmbdI/3kpMd9eqYh8TJ3ta4X7/8LkHgVThlgFQCxtm9fVGW
-ulWtvwHOMSFUHlYWeXuXGlOShoBU7+l1rSFFN4JUUu3DN4wRq2PdZK4VtPXMAi9h
-q0LWxaHA3RnvcPF/bTGvTmC7g6H3SaXelN0xwXRLEXPaTfROkJ6u3cBh1mtUPzp4
-w4vkDrrGnPM/+2w0fP89ZdcL7EwZN1E3xTs0flWFEIIzMH//lWNbRTxFkDT7HF7v
-ZKOnqFgP0Jdq3lqPKVFrFAGx7Fl0Rw7Z0Bp43xbl/luLlUgPJiBY7xRql8rAs32s
-f4psWb4b/KBH51exAgMBAAGjggGyMIIBrjAOBgNVHQ8BAf8EBAMCAQYwgYAGCCsG
-AQUFBwEBBHQwcjA6BggrBgEFBQcwAoYuaHR0cDovL2NlcnRpZmljYXRlcy5zYWZl
-LmNhL2NhY2VydC9zYWZlTURMLnBlbTA0BggrBgEFBQcwAYYoaHR0cDovL2NlcnRp
-ZmljYXRlcy9zYWZlLmNhL2Noa2NlcnRzdGF0czBXBgNVHSAEUDBOMEIGCSsGAQQB
-ug4BATA1MDMGCCsGAQUFBwIBFidodHRwOi8vY2VydGlmaWNhdGVzLnNhZmUuY2Ev
-cmVwb3NpdG9yeS8wCAYGZ4EMAQIBMBIGA1UdEwEB/wQIMAYBAf8CAQAwRQYDVR0f
-BD4wPDA6oDigNoY0aHR0cDovL2NlcnRpZmljYXRlcy5zYWZlLmNhL3JlcG9zaXRv
-cnkvcmV2b2tsaXN0LnBlbTAlBgNVHREEHjAcghRjZXJ0aWZpY2F0ZXMuc2FmZS5j
-YYcEwNv+NTAfBgNVHSMEGDAWgBSH3fsySSZeE/i38t/vnPaFNDd62TAdBgNVHQ4E
-FgQUnL4LwCJ29c+8/Xiakncg/r+WHtgwCgYIKoZIzj0EAwMDSQAwRgIhAP8heP/X
-Q+edfd3m8Yn5OYoU4EbKsvJZoQlwoC2LZqFlAiEA1s+OVAbw00wj9p2n1bcjbbnI
-GBVjo5KYPNwlGHEcdGg=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICyjCCAnCgAwIBAgIUAtMkWFCaY2IBnHeZJh0H1JpvuDEwCgYIKoZIzj0EAwMw
-gYQxCzAJBgNVBAYTAkNBMREwDwYDVQQHDAhNb250cmVhbDEPMA0GA1UECAwGUXVl
-YmVjMRIwEAYDVQQKDAlTQUZFIEluYy4xJDAiBgNVBAsMG0RpZ2l0YWwgQ2VydGlm
-aWNhdGUgU2lnbmluZzEXMBUGA1UEAwwOU0FGRSBSb290IENBIDEwHhcNMjEwNDI1
-MTMyNjU1WhcNNDEwNDI1MTMyNjU1WjCBhDELMAkGA1UEBhMCQ0ExETAPBgNVBAcM
-CE1vbnRyZWFsMQ8wDQYDVQQIDAZRdWViZWMxEjAQBgNVBAoMCVNBRkUgSW5jLjEk
-MCIGA1UECwwbRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMRcwFQYDVQQDDA5T
-QUZFIFJvb3QgQ0EgMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCu6gm4DFOju
-mx0L44Do7x9o/bVNJFCdegQHudHDcNuqyRDDPX8moIgiIVE5/VEQjmcxnlyyvmCU
-AXV+w++zrGyjgb0wgbowDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w
-HQYDVR0OBBYEFIfd+zJJJl4T+Lfy3++c9oU0N3rZMB8GA1UdIwQYMBaAFIfd+zJJ
-Jl4T+Lfy3++c9oU0N3rZMFcGA1UdIARQME4wQgYJKwYBBAG6DgEBMDUwMwYIKwYB
-BQUHAgEWJ2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuc2FmZS5jYS9yZXBvc2l0b3J5LzAI
-BgZngQwBAgEwCgYIKoZIzj0EAwMDSAAwRQIgUEMNNezsU248dE57Uz/fLdRdiioL
-eiHEbpMEcLW1dCoCIQCmbpV3cp0OvPAVX7cCzOGssT31ppkBIzA6dgNr7qyS+g==
------END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIICyjCCAnCgAwIBAgIUAtMkWFCaY2IBnHeZJh0H1JpvuDEwCgYIKoZIzj0EAwMw
-gYQxCzAJBgNVBAYTAkNBMREwDwYDVQQHDAhNb250cmVhbDEPMA0GA1UECAwGUXVl
-YmVjMRIwEAYDVQQKDAlTQUZFIEluYy4xJDAiBgNVBAsMG0RpZ2l0YWwgQ2VydGlm
-aWNhdGUgU2lnbmluZzEXMBUGA1UEAwwOU0FGRSBSb290IENBIDEwHhcNMjEwNDI1
-MTMyNjU1WhcNNDEwNDI1MTMyNjU1WjCBhDELMAkGA1UEBhMCQ0ExETAPBgNVBAcM
-CE1vbnRyZWFsMQ8wDQYDVQQIDAZRdWViZWMxEjAQBgNVBAoMCVNBRkUgSW5jLjEk
-MCIGA1UECwwbRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMRcwFQYDVQQDDA5T
-QUZFIFJvb3QgQ0EgMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCu6gm4DFOju
-mx0L44Do7x9o/bVNJFCdegQHudHDcNuqyRDDPX8moIgiIVE5/VEQjmcxnlyyvmCU
-AXV+w++zrGyjgb0wgbowDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w
-HQYDVR0OBBYEFIfd+zJJJl4T+Lfy3++c9oU0N3rZMB8GA1UdIwQYMBaAFIfd+zJJ
-Jl4T+Lfy3++c9oU0N3rZMFcGA1UdIARQME4wQgYJKwYBBAG6DgEBMDUwMwYIKwYB
-BQUHAgEWJ2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuc2FmZS5jYS9yZXBvc2l0b3J5LzAI
-BgZngQwBAgEwCgYIKoZIzj0EAwMDSAAwRQIgUEMNNezsU248dE57Uz/fLdRdiioL
-eiHEbpMEcLW1dCoCIQCmbpV3cp0OvPAVX7cCzOGssT31ppkBIzA6dgNr7qyS+g==
------END CERTIFICATE-----
int iteration; //number of soc slot used on the IP
}SOCTYP;
+//default and debugging certificate for server mode
+PUBLIC const char *srvr_certs[3]={
+ "./certs/mailleur_server-key.pem",
+ "./certs/mailleur_server-chain-cert_x509.pem",
+ "./certs/root-safe_CA.pem" //safe root certificate
+ };
/*
\f
*/
break;
case pro_smtps : //set secure socket
newsoc->modtls=true;
- if ((newsoc->tls=tls_opentls(newsoc->handle,true))==(TLSTYP *)0) {
+ newsoc->tls=tls_opentls(newsoc->handle,true,srvr_certs);
+ if (newsoc->tls==(TLSTYP *)0) {
(void) rou_alert(0,"%s Unable to get a TLS channel",OPEP);
newsoc->modtls=false;
phase=999; //trouble trouble
/* crypted channel, return true is successful. */
/* */
/********************************************************/
-PUBLIC _Bool soc_starttls(SOCPTR *socptr,_Bool server)
+PUBLIC _Bool soc_starttls(SOCPTR *socptr,_Bool server,const char *certs[3])
{
#define OPEP "devsoc.c:soc_starttls,"
tosend=snprintf(buffer,sizeof(buffer),"%d 2.0.0 Ready to start TLS%s",
SIGNON,CRLF);
(void) soc_writebuffer(soc,buffer,tosend);
- soc->tls=tls_opentls(soc->handle,true);
break;
case false :
- soc->tls=tls_opentls(soc->handle,false);
- (void) rou_alert(0,"%s JMPDBG starting client mode",OPEP);
break;
}
+ soc->tls=tls_opentls(soc->handle,server,certs);
if (soc->tls!=(TLSTYP *)0) {
soc->proto=pro_smtps;
soc->modtls=true;
pro_unknwn //Protcole undefined
}PROTYP;
+//default and debugging certificate for server mode
+extern const char *srvr_certs[3];
+
//reference to a socket definition
typedef void SOCPTR;
extern SOCPTR *soc_release(SOCPTR *socptr);
//procedure to initiate crypted mode on plain channel
-extern _Bool soc_starttls(SOCPTR *socptr,_Bool server);
+extern _Bool soc_starttls(SOCPTR *socptr,_Bool server,const char *certs[3]);
//return flag true if socet is in crypted mode
extern _Bool soc_iscrypted(SOCPTR *socptr);
#include "devlog.h"
#include "lvleml.h"
-
/*
^L
*/
proceed=doreset(contact,line);
break;
case c_starttls : //EHLO start encrypted link in server mode
- switch (soc_starttls(contact->socptr,true)) {
+ switch (soc_starttls(contact->socptr,true,srvr_certs)) {
case true : //link now in TLS crypted mode
(void) transmit(contact,"%d Link now encrypted",CMDOK);
(void) rou_alert(0,"%s, CMDOK sent",OPEP);
/* Procedure to set the link certificate */
/* */
/********************************************************/
-static int set_certificate(TLSTYP *tls)
+static int set_certificate(TLSTYP *tls,const char *certs[3])
{
#define OPEP "unitls.c:set_certificate"
int done;
int mode;
-const char *certpub[3];
int phase;
_Bool proceed;
done=false;
mode=SSL_VERIFY_NONE;
//mode=SSL_VERIFY_PEER;
-certpub[0]="./certs/safe_CA.pem"; //default and debugging certificats
-//Default debugging server certificate
-certpub[1]="./certs/mailleur_server_cert_x509.pem";
-certpub[2]="./certs/mailleur_server_key.pem";
phase=0;
proceed=true;
while (proceed==true) {
switch (phase) {
- case 0 : //load CA trusted file
- if (SSL_CTX_use_certificate_chain_file(tls->ctx,certpub[0])!=1) {
+ case 0 : //first load certificate key
+ if (SSL_CTX_use_PrivateKey_file(tls->ctx,certs[0],SSL_FILETYPE_PEM)!=1) {
char msg[200];
(void) snprintf(msg,sizeof(msg),"%s, file <%s> missing?",
- "No chain Certificate",certpub[0]);
+ "Probleme with Certificate key",certs[0]);
(void) showtlserror(tls,0,msg);
- phase=999; //no need to go furter
- }
- break;
- case 1 : //loading default CA verify dir
- phase++;
- if (SSL_CTX_set_default_verify_paths(tls->ctx)==0) {
- (void) showtlserror(tls,0,"Unable to verify default path");
- phase=999; //no need to go furter
+ phase=999;
}
break;
- case 2 : //set certificate
- if (SSL_CTX_use_certificate_file(tls->ctx,certpub[1],SSL_FILETYPE_PEM)!=1) {
+ case 1 : //load certificate + chain file
+ if (SSL_CTX_use_certificate_chain_file(tls->ctx,certs[1])!=1) {
char msg[200];
(void) snprintf(msg,sizeof(msg),"%s, file <%s> missing?",
- "Problem with certificate",certpub[1]);
+ "No chain Certificate",certs[1]);
(void) showtlserror(tls,0,msg);
phase=999; //no need to go furter
}
break;
- case 3 : //set key
- if (SSL_CTX_use_PrivateKey_file(tls->ctx,certpub[2],SSL_FILETYPE_PEM)!=1) {
+ case 2 : //loading root certificate
+ if (SSL_CTX_load_verify_locations(tls->ctx,certs[2],(const char *)0)!=1) {
char msg[200];
(void) snprintf(msg,sizeof(msg),"%s, file <%s> missing?",
- "Probleme with Certificate key",certpub[2]);
+ "No root Certificate",certs[2]);
(void) showtlserror(tls,0,msg);
- phase=999;
+ phase=999; //no need to go furter
}
break;
- case 4 : //verify management
+ case 3 : //verify management
(void) SSL_CTX_set_purpose(tls->ctx,X509_PURPOSE_ANY);
(void) SSL_CTX_set_verify(tls->ctx,mode,(int(*)())0);
(void) SSL_CTX_set_verify_depth(tls->ctx,5);
phase=999;
}
break;
- case 5 : //allowing partial write
+ case 4 : //allowing partial write
(void) SSL_CTX_set_mode(tls->ctx,SSL_MODE_ENABLE_PARTIAL_WRITE);
break;
- case 6 : //everything fine
+ case 5 : //everything fine
done=true;
break;
default : //SAFE Guard
/* Procedure to open an SSL channel */
/* */
/********************************************************/
-PUBLIC TLSTYP *tls_opentls(int handle,_Bool server)
+PUBLIC TLSTYP *tls_opentls(int handle,_Bool server,const char *certs[3])
{
#define OPEP "unitls.c:tls_opentls"
}
break;
case 1 : //set certificate
- if (set_certificate(tls)==false)
+ if (set_certificate(tls,certs)==false)
phase=999; //trouble, trouble no need to go furter
break;
case 2 : //Setting the TLS channel
extern _Bool tls_verify(TLSTYP *tls);
//procedure to open an tls channel
-extern TLSTYP *tls_opentls(int handle,_Bool server);
+extern TLSTYP *tls_opentls(int handle,_Bool server,const char *certs[3]);
//procedure to close an tls channel
extern TLSTYP *tls_closetls(TLSTYP *tls);
vps2: / jmp / mailleur / commitdiff