self._tls_ca_certs = None
self._tls_cert_reqs = None
self._tls_ciphers = None
+ self._tls_insecure = False
def __del__(self):
pass
self._tls_version = tls_version
self._tls_ciphers = ciphers
+ def tls_insecure_set(self, value):
+ """Configure verification of the server hostname in the server certificate.
+
+ If value is set to true, it is impossible to guarantee that the host
+ you are connecting to is not impersonating your server. This can be
+ useful in initial server testing, but makes it possible for a malicious
+ third party to impersonate your server through DNS spoofing, for
+ example.
+
+ Do not use this function in a real system. Setting value to true means
+ there is no point using encryption.
+
+ Must be called before connect()."""
+ self._tls_insecure = value
+
+
def connect(self, host, port=1883, keepalive=60, bind_address=""):
"""Connect to a remote broker.
ssl_version=self._tls_version,
ciphers=self._tls_ciphers)
- try:
- self.socket().connect((self._host, self._port))
- except socket.error as err:
- (msg) = err
- if msg.errno != errno.EINPROGRESS:
- print(msg)
- return 1
-
+ if self._tls_insecure == False:
+ if sys.version_info[0] < 3 or (sys.version_info[0] == 3 and sys.version_info[1] < 2):
+ self._tls_match_hostname()
+ else:
+ ssl.match_hostname(self._ssl.getpeercert(), self._host)
+
self._sock.setblocking(0)
return self._send_connect(self._keepalive, self._clean_session)
self.loop_forever()
+ def _tls_match_hostname(self):
+ cert = self._ssl.getpeercert()
+ san = cert.get('subjectAltName')
+ if san:
+ have_san_dns = False
+ for ((key,value),) in san:
+ if key == 'DNS':
+ have_san_dns = True
+ if value == self._host:
+ return
+
+ if have_san_dns:
+ # Only check subject if subjectAltName dns not found.
+ raise ssl.SSLError('Certificate subject does not match remote hostname.')
+ subject = cert.get('subject')
+ if subject:
+ for ((key,value),) in subject:
+ if key == 'commonName':
+ if value == self._host:
+ return
+
+ raise ssl.SSLError('Certificate subject does not match remote hostname.')
+
if paho_test.expect_packet(conn, "connect", connect_packet):
conn.send(connack_packet)
- if paho_test.expect_packet(conn, "2nd retried publish", publish_dup_packet):
- conn.send(pubrec_packet)
+ if paho_test.expect_packet(conn, "retried pubrel", pubrel_dup_packet):
+ conn.send(pubcomp_packet)
- if paho_test.expect_packet(conn, "pubrel", pubrel_packet):
- conn.send(pubcomp_packet)
-
- if paho_test.expect_packet(conn, "disconnect", disconnect_packet):
- rc = 0
+ if paho_test.expect_packet(conn, "disconnect", disconnect_packet):
+ rc = 0
conn.close()
finally:
# The client should connect to port 1888 with keepalive=60, clean session set,
# and client id 08-ssl-connect-crt-auth
-# It should use the CA certificate ssl/test-ca.crt for verifying the server.
+# It should use the CA certificate ssl/all-ca.crt for verifying the server.
# The test will send a CONNACK message to the client with rc=0. Upon receiving
# the CONNACK and verifying that rc=0, the client should send a DISCONNECT
# message. If rc!=0, the client should exit with an error.
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-ssock = ssl.wrap_socket(sock, ca_certs="../ssl/test-ca.crt",
+ssock = ssl.wrap_socket(sock, ca_certs="../ssl/all-ca.crt",
keyfile="../ssl/server.key", certfile="../ssl/server.crt",
server_side=True, ssl_version=ssl.PROTOCOL_TLSv1, cert_reqs=ssl.CERT_REQUIRED)
ssock.settimeout(10)
# The client should connect to port 1888 with keepalive=60, clean session set,
# and client id 08-ssl-connect-no-auth
-# It should use the CA certificate ssl/test-ca.crt for verifying the server.
+# It should use the CA certificate ssl/all-ca.crt for verifying the server.
# The test will send a CONNACK message to the client with rc=0. Upon receiving
# the CONNACK and verifying that rc=0, the client should send a DISCONNECT
# message. If rc!=0, the client should exit with an error.
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-ssock = ssl.wrap_socket(sock, ca_certs="../ssl/test-ca.crt", keyfile="../ssl/server.key", certfile="../ssl/server.crt", server_side=True, ssl_version=ssl.PROTOCOL_TLSv1)
+ssock = ssl.wrap_socket(sock, ca_certs="../ssl/all-ca.crt", keyfile="../ssl/server.key", certfile="../ssl/server.crt", server_side=True, ssl_version=ssl.PROTOCOL_TLSv1)
ssock.settimeout(10)
ssock.bind(('', 1888))
ssock.listen(5)
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-ssock = ssl.wrap_socket(sock, ca_certs="../ssl/test-ca.crt",
+ssock = ssl.wrap_socket(sock, ca_certs="../ssl/all-ca.crt",
keyfile="../ssl/server.key", certfile="../ssl/server.crt",
server_side=True, ssl_version=ssl.PROTOCOL_TLSv1, cert_reqs=ssl.CERT_REQUIRED)
ssock.settimeout(10)
run = -1
mqttc = mqtt.Client("08-ssl-connect-crt-auth", run)
-mqttc.tls_set("../ssl/test-ca.crt", "../ssl/client.crt", "../ssl/client.key")
+mqttc.tls_set("../ssl/all-ca.crt", "../ssl/client.crt", "../ssl/client.key")
mqttc.on_connect = on_connect
mqttc.on_disconnect = on_disconnect
run = -1
mqttc = mqtt.Client("08-ssl-connect-no-auth", run)
-mqttc.tls_set("../ssl/test-ca.crt")
+mqttc.tls_set("../ssl/all-ca.crt")
mqttc.on_connect = on_connect
mqttc.on_disconnect = on_disconnect
exit(1)
mqttc = mqtt.Client("08-ssl-fake-cacert")
-mqttc.tls_set("../ssl/fake-ca.crt", "../ssl/client.crt", "../ssl/client.key")
+mqttc.tls_set("../ssl/test-fake-root-ca.crt", "../ssl/client.crt", "../ssl/client.key")
mqttc.on_connect = on_connect
try:
run = -1
mqttc = mqtt.Client("08-ssl-connect-crt-auth", run)
-mqttc.tls_set("../ssl/test-ca.crt", "../ssl/client.crt", "../ssl/client.key")
+mqttc.tls_set("../ssl/all-ca.crt", "../ssl/client.crt", "../ssl/client.key")
mqttc.on_connect = on_connect
mqttc.on_disconnect = on_disconnect
run = -1
mqttc = mqtt.Client("08-ssl-connect-no-auth", run)
-mqttc.tls_set("../ssl/test-ca.crt")
+mqttc.tls_set("../ssl/all-ca.crt")
mqttc.on_connect = on_connect
mqttc.on_disconnect = on_disconnect
exit(1)
mqttc = mqtt.Client("08-ssl-fake-cacert")
-mqttc.tls_set("../ssl/fake-ca.crt", "../ssl/client.crt", "../ssl/client.key")
+mqttc.tls_set("../ssl/test-fake-root-ca.crt", "../ssl/client.crt", "../ssl/client.key")
mqttc.on_connect = on_connect
try:
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, L=Derby, O=Paho Project, OU=Testing, CN=Root CA
+ Validity
+ Not Before: Jul 29 19:21:30 2013 GMT
+ Not After : Jul 28 19:21:30 2018 GMT
+ Subject: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:dc:26:78:40:ae:b2:ad:2f:26:12:0a:d5:b1:18:
+ 80:16:d8:88:be:0b:42:ce:32:ad:12:d5:f5:78:1b:
+ 35:28:f2:13:1b:05:09:fb:7e:d7:d9:a1:8a:0d:4a:
+ fe:95:37:d4:16:75:83:e4:6a:44:34:33:57:2e:49:
+ ba:bc:b4:cf:d0:c0:87:e0:bc:f0:60:76:14:00:d6:
+ eb:cb:f6:db:b3:43:f1:c8:4d:4a:0a:bb:e0:37:7c:
+ 8e:93:1f:a0:87:68:59:fe:0c:25:40:f3:7c:fd:71:
+ 90:55:ef:de:18:b4:08:86:c9:75:c2:99:2f:ce:12:
+ bf:c5:5e:cf:5f:f1:06:53:07
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
+ X509v3 Authority Key Identifier:
+ keyid:4A:2B:69:D6:31:1D:A3:68:E8:46:6F:FB:4B:F3:8E:B6:8D:51:0E:BF
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 48:ec:d7:80:8a:8f:82:a6:42:b1:89:2c:b9:4b:6d:0a:37:b8:
+ 72:19:05:de:75:80:0c:d6:41:97:b2:d7:fe:99:cb:7e:c4:0e:
+ 77:97:09:a8:9f:87:ff:0b:de:3f:1c:dc:1e:fe:09:36:a7:f5:
+ 54:9a:85:4e:fb:6f:27:fe:0f:29:45:61:8d:07:c6:0c:da:37:
+ 3d:a3:69:4b:82:71:e6:24:e0:87:a6:ee:d5:87:61:dd:8f:08:
+ fe:33:a6:1f:ae:b2:ae:1f:d8:2c:20:c8:a6:fc:33:0e:82:68:
+ 80:23:61:10:ad:5c:1d:80:d6:b1:5f:e4:af:66:6d:63:10:e4:
+ 96:e4
+-----BEGIN CERTIFICATE-----
+MIICkzCCAfygAwIBAgIBATANBgkqhkiG9w0BAQUFADBtMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEOMAwGA1UEBwwFRGVyYnkxFTATBgNVBAoMDFBh
+aG8gUHJvamVjdDEQMA4GA1UECwwHVGVzdGluZzEQMA4GA1UEAwwHUm9vdCBDQTAe
+Fw0xMzA3MjkxOTIxMzBaFw0xODA3MjgxOTIxMzBaMGAxCzAJBgNVBAYTAkdCMRMw
+EQYDVQQIDApEZXJieXNoaXJlMRUwEwYDVQQKDAxQYWhvIFByb2plY3QxEDAOBgNV
+BAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwgZ8wDQYJKoZIhvcNAQEB
+BQADgY0AMIGJAoGBANwmeECusq0vJhIK1bEYgBbYiL4LQs4yrRLV9XgbNSjyExsF
+Cft+19mhig1K/pU31BZ1g+RqRDQzVy5Jury0z9DAh+C88GB2FADW68v227ND8chN
+Sgq74Dd8jpMfoIdoWf4MJUDzfP1xkFXv3hi0CIbJdcKZL84Sv8Vez1/xBlMHAgMB
+AAGjUDBOMB0GA1UdDgQWBBQpTW7H8vdxctonnJyr2gcdR5zYQTAfBgNVHSMEGDAW
+gBRKK2nWMR2jaOhGb/tL8462jVEOvzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB
+BQUAA4GBAEjs14CKj4KmQrGJLLlLbQo3uHIZBd51gAzWQZey1/6Zy37EDneXCaif
+h/8L3j8c3B7+CTan9VSahU77byf+DylFYY0HxgzaNz2jaUuCceYk4Iem7tWHYd2P
+CP4zph+usq4f2CwgyKb8Mw6CaIAjYRCtXB2A1rFf5K9mbWMQ5Jbk
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICqDCCAhGgAwIBAgIJAKrzwmdXIUxsMA0GCSqGSIb3DQEBBQUAMG0xCzAJBgNV
+BAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYDVQQHDAVEZXJieTEVMBMG
+A1UECgwMUGFobyBQcm9qZWN0MRAwDgYDVQQLDAdUZXN0aW5nMRAwDgYDVQQDDAdS
+b290IENBMB4XDTEzMDcyOTE5MjEyOVoXDTIzMDcyNzE5MjEyOVowbTELMAkGA1UE
+BhMCR0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUxDjAMBgNVBAcMBURlcmJ5MRUwEwYD
+VQQKDAxQYWhvIFByb2plY3QxEDAOBgNVBAsMB1Rlc3RpbmcxEDAOBgNVBAMMB1Jv
+b3QgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKbPzEEWCKsjjwjJ787u
+Q32k5EdqoDddMEjSVbZNSNEwUew1L7O8NTbmtCEeVFQjOLAdmdiF3rQbXHV+Zew0
+jt2g4vtPpl1GOG6jA/6YznKAyQdvGCdYfGZUN2tN+mbtVxWqkHZitQDQGaSHnx24
+NX649La2uyFy+7l9o8++xPONAgMBAAGjUDBOMB0GA1UdDgQWBBRKK2nWMR2jaOhG
+b/tL8462jVEOvzAfBgNVHSMEGDAWgBRKK2nWMR2jaOhGb/tL8462jVEOvzAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAEd+gW86/W+fisz5PFHAeEw7zn9q
+dzLHm7+QZgNLZ9h7/ZbhObRUFMRtU2xm4amyh85h7hUE5R2E2uW2OXumic7/D4ZD
+6unjr4m5jwVWDTqTUYIcNSriyoDWAVlPfOWaU5NyUhqS1DM28tvOWVHVLCxmVcZl
+tJQqo5eHbQ/+Hjfx
+-----END CERTIFICATE-----
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 3 (0x3)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
+ Validity
+ Not Before: Aug 20 00:00:00 2012 GMT
+ Not After : Aug 21 00:00:00 2012 GMT
+ Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=test client expired
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:dc:17:82:af:47:dc:71:77:73:c3:69:11:4b:ff:
+ 27:0e:29:4b:e6:6f:11:78:e4:56:88:c9:34:13:12:
+ e1:82:ec:24:fe:65:c8:9d:bb:05:54:20:d0:b4:31:
+ b9:4b:87:f8:4d:e5:c1:ba:99:f8:a2:cc:ff:8e:89:
+ f2:7a:68:2f:53:42:4d:73:19:5e:ca:7e:b2:fe:3b:
+ f7:d1:bc:e8:24:fa:77:47:ee:a4:89:cf:d1:dc:e9:
+ 99:3f:da:0e:d0:1e:c6:40:d2:60:ee:38:83:4e:a4:
+ dd:46:a3:6a:ac:c9:61:af:d5:23:9d:23:14:b5:31:
+ d5:ca:66:7a:30:3f:c2:ce:59
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ 17:CD:6D:67:FB:7D:77:59:0F:6C:F1:9B:0E:B0:EB:AE:BE:E0:9D:47
+ X509v3 Authority Key Identifier:
+ keyid:29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 7f:c3:be:e2:5b:d5:68:27:a6:ea:5a:9d:13:f1:21:47:56:7e:
+ 19:1e:35:47:2c:35:ff:df:81:71:9a:89:04:d0:f1:e6:49:ee:
+ c7:2a:a7:5d:2e:f2:19:18:77:f3:fe:c8:21:87:28:51:d5:1a:
+ 1b:7d:d3:36:58:42:39:df:7b:c8:41:a5:71:1f:56:6c:67:c5:
+ ee:07:45:ad:1a:91:ed:89:ce:ee:8e:48:cd:32:8e:a4:6a:ae:
+ 55:bb:3d:c0:77:e7:7a:e3:9d:25:d0:5c:03:6c:be:25:16:67:
+ 0f:d5:e3:c9:7a:c3:66:8d:8b:09:bf:e5:3d:b7:31:d6:80:d6:
+ fd:c7
-----BEGIN CERTIFICATE-----
-MIICpDCCAg0CCQDNrg5WSiiRqDANBgkqhkiG9w0BAQUFADCBoDELMAkGA1UEBhMC
-R0IxFzAVBgNVBAgMDlVuaXRlZCBLaW5nZG9tMQ4wDAYDVQQHDAVEZXJieTEdMBsG
-A1UECgwUTW9zcXVpdHRvIFRlc3QgU3VpdGUxDzANBgNVBAsMBkJyb2tlcjEXMBUG
-A1UEAwwOYnJva2VyLXRlc3QtY2ExHzAdBgkqhkiG9w0BCQEWEHRlc3RAZXhhbXBs
-ZS5jb20wHhcNMTIwNzAzMTQ0MDA3WhcNMTIwNzA0MTQ0MDA3WjCBizELMAkGA1UE
-BhMCR0IxFzAVBgNVBAgMDlVuaXRlZCBLaW5nZG9tMQ4wDAYDVQQHDAVEZXJieTEd
-MBsGA1UECgwUTW9zcXVpdHRvIFRlc3QgU3VpdGUxFDASBgNVBAsMC0Jyb2tlciBU
-ZXN0MR4wHAYDVQQDDBVsb2NhbGhvc3QtY2xpZW50LXRlc3QwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAM1kzx27D7TooydBNi6tTIMvstPZqFviwN5JGCKxs0wI
-ZAdVP1HNeECioww4HiMO6J6IfcLppLDuWr1pteSG471MjGLPc0Z6UKNejKntM30p
-7649fBZ9DIomVKTJHya/jtU8hIJfSpY29FKGOe3gVjg99nFZtB1dGnycQys5FRVZ
-AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEACkRM53UdHTXhDNv+xZk6DJyNneEm0BWG
-u9IExujL1YKbEIxlOncacDEzAYe3YbcnzN+1rgYel2l8Oq7Esb4OhlM5ftzfNLw5
-p2uM1QWzB1N1pwJ7BMtlkFuL+JI+VikaVdqvV9YhCDxIUUujoMsXLYzVOVMQbToJ
-YedFIjsMj6s=
+MIIC0jCCAjugAwIBAgIBAzANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEVMBMGA1UECgwMUGFobyBQcm9qZWN0MRAwDgYD
+VQQLDAdUZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBMB4XDTEyMDgyMDAwMDAw
+MFoXDTEyMDgyMTAwMDAwMFowgYAxCzAJBgNVBAYTAkdCMRgwFgYDVQQIDA9Ob3R0
+aW5naGFtc2hpcmUxEzARBgNVBAcMCk5vdHRpbmdoYW0xDzANBgNVBAoMBlNlcnZl
+cjETMBEGA1UECwwKUHJvZHVjdGlvbjEcMBoGA1UEAwwTdGVzdCBjbGllbnQgZXhw
+aXJlZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3BeCr0fccXdzw2kRS/8n
+DilL5m8ReORWiMk0ExLhguwk/mXInbsFVCDQtDG5S4f4TeXBupn4osz/jonyemgv
+U0JNcxleyn6y/jv30bzoJPp3R+6kic/R3OmZP9oO0B7GQNJg7jiDTqTdRqNqrMlh
+r9UjnSMUtTHVymZ6MD/CzlkCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC
+AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFBfN
+bWf7fXdZD2zxmw6w666+4J1HMB8GA1UdIwQYMBaAFClNbsfy93Fy2iecnKvaBx1H
+nNhBMA0GCSqGSIb3DQEBBQUAA4GBAH/DvuJb1WgnpupanRPxIUdWfhkeNUcsNf/f
+gXGaiQTQ8eZJ7scqp10u8hkYd/P+yCGHKFHVGht90zZYQjnfe8hBpXEfVmxnxe4H
+Ra0ake2Jzu6OSM0yjqRqrlW7PcB353rjnSXQXANsviUWZw/V48l6w2aNiwm/5T23
+MdaA1v3H
-----END CERTIFICATE-----
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 4 (0x4)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
+ Validity
+ Not Before: Jul 29 19:21:31 2013 GMT
+ Not After : Jul 28 19:21:31 2018 GMT
+ Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=test client revoked
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:bb:3b:8f:80:95:a8:32:56:ed:b9:c0:79:7f:36:
+ ef:33:39:1b:b1:c3:1c:0b:51:1b:0a:d4:04:ee:39:
+ 94:ab:fe:bb:d5:c9:72:be:e0:4c:f4:17:17:fe:a4:
+ e1:f1:69:2c:67:89:63:e7:0f:84:db:6c:bb:12:fb:
+ 29:4f:63:11:da:cc:22:85:c4:e8:bf:01:ea:3b:43:
+ b5:32:48:85:39:74:e5:0d:79:f1:12:19:01:b3:48:
+ bc:be:aa:9a:74:95:bb:d1:a6:78:51:cc:5b:0f:bc:
+ af:78:01:7b:42:36:43:41:49:7a:25:24:7e:1c:17:
+ 3a:4e:bb:a2:e9:65:3c:86:87
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ D8:E8:12:3D:B4:66:6A:1C:DC:F7:14:0D:55:0D:9D:81:A7:1C:52:35
+ X509v3 Authority Key Identifier:
+ keyid:29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 07:18:d5:41:31:1b:85:fe:ab:e9:f5:48:c1:c6:38:e1:28:28:
+ 90:66:10:8c:d7:ef:15:b7:da:89:5e:78:7d:dc:e5:45:e6:2a:
+ df:1f:3d:80:5f:0c:87:c8:5c:7e:bd:5b:1c:e3:a0:e2:ab:ee:
+ e7:8b:82:ec:94:2a:c4:1e:62:fd:4f:f7:ce:78:8f:a5:5a:96:
+ a7:76:3b:f5:37:73:1f:a0:d7:f0:6f:c5:d6:42:6a:bd:51:2d:
+ f1:4c:1b:3e:63:51:3f:47:7f:88:a7:16:de:c7:c0:3c:96:78:
+ a7:76:17:b9:48:85:83:18:bf:9d:b6:14:fa:1e:63:f9:86:2c:
+ 8a:b1
-----BEGIN CERTIFICATE-----
-MIICpDCCAg0CCQDNrg5WSiiRpzANBgkqhkiG9w0BAQUFADCBoDELMAkGA1UEBhMC
-R0IxFzAVBgNVBAgMDlVuaXRlZCBLaW5nZG9tMQ4wDAYDVQQHDAVEZXJieTEdMBsG
-A1UECgwUTW9zcXVpdHRvIFRlc3QgU3VpdGUxDzANBgNVBAsMBkJyb2tlcjEXMBUG
-A1UEAwwOYnJva2VyLXRlc3QtY2ExHzAdBgkqhkiG9w0BCQEWEHRlc3RAZXhhbXBs
-ZS5jb20wHhcNMTIwNzAzMTQ0MDAwWhcNMzkxMTE4MTQ0MDAwWjCBizELMAkGA1UE
-BhMCR0IxFzAVBgNVBAgMDlVuaXRlZCBLaW5nZG9tMQ4wDAYDVQQHDAVEZXJieTEd
-MBsGA1UECgwUTW9zcXVpdHRvIFRlc3QgU3VpdGUxFDASBgNVBAsMC0Jyb2tlciBU
-ZXN0MR4wHAYDVQQDDBVsb2NhbGhvc3QtY2xpZW50LXRlc3QwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAM1kzx27D7TooydBNi6tTIMvstPZqFviwN5JGCKxs0wI
-ZAdVP1HNeECioww4HiMO6J6IfcLppLDuWr1pteSG471MjGLPc0Z6UKNejKntM30p
-7649fBZ9DIomVKTJHya/jtU8hIJfSpY29FKGOe3gVjg99nFZtB1dGnycQys5FRVZ
-AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAXB40zdyBFQ7BjDbDFV/vcx4E2rpVxnQ4
-vtJ8TE7aaBqS9QmxlWYnx8ys/q51mVmOxbA/aIFllaSyR+P0MrgZfbWFtb/PK2IV
-VnCciP7dfwqbnsW3ziRUq+mTaaNDPtT+YJrLJyTYNZPRvGIBHOt0NKzNCyvO37v3
-op7ELGt0I+E=
+MIIC0jCCAjugAwIBAgIBBDANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEVMBMGA1UECgwMUGFobyBQcm9qZWN0MRAwDgYD
+VQQLDAdUZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBMB4XDTEzMDcyOTE5MjEz
+MVoXDTE4MDcyODE5MjEzMVowgYAxCzAJBgNVBAYTAkdCMRgwFgYDVQQIDA9Ob3R0
+aW5naGFtc2hpcmUxEzARBgNVBAcMCk5vdHRpbmdoYW0xDzANBgNVBAoMBlNlcnZl
+cjETMBEGA1UECwwKUHJvZHVjdGlvbjEcMBoGA1UEAwwTdGVzdCBjbGllbnQgcmV2
+b2tlZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuzuPgJWoMlbtucB5fzbv
+MzkbscMcC1EbCtQE7jmUq/671clyvuBM9BcX/qTh8WksZ4lj5w+E22y7EvspT2MR
+2swihcTovwHqO0O1MkiFOXTlDXnxEhkBs0i8vqqadJW70aZ4UcxbD7yveAF7QjZD
+QUl6JSR+HBc6Trui6WU8hocCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC
+AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNjo
+Ej20Zmoc3PcUDVUNnYGnHFI1MB8GA1UdIwQYMBaAFClNbsfy93Fy2iecnKvaBx1H
+nNhBMA0GCSqGSIb3DQEBBQUAA4GBAAcY1UExG4X+q+n1SMHGOOEoKJBmEIzX7xW3
+2oleeH3c5UXmKt8fPYBfDIfIXH69WxzjoOKr7ueLguyUKsQeYv1P9854j6Valqd2
+O/U3cx+g1/BvxdZCar1RLfFMGz5jUT9Hf4inFt7HwDyWeKd2F7lIhYMYv522FPoe
+Y/mGLIqx
-----END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBzDCCATUCAQAwgYsxCzAJBgNVBAYTAkdCMRcwFQYDVQQIDA5Vbml0ZWQgS2lu
-Z2RvbTEOMAwGA1UEBwwFRGVyYnkxHTAbBgNVBAoMFE1vc3F1aXR0byBUZXN0IFN1
-aXRlMRQwEgYDVQQLDAtCcm9rZXIgVGVzdDEeMBwGA1UEAwwVbG9jYWxob3N0LWNs
-aWVudC10ZXN0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNZM8duw+06KMn
-QTYurUyDL7LT2ahb4sDeSRgisbNMCGQHVT9RzXhAoqMMOB4jDuieiH3C6aSw7lq9
-abXkhuO9TIxiz3NGelCjXoyp7TN9Ke+uPXwWfQyKJlSkyR8mv47VPISCX0qWNvRS
-hjnt4FY4PfZxWbQdXRp8nEMrORUVWQIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEA
-uzoEdsl3JkiNIviQzDtr67k6L/vogtVSgRnCFCel16Q0i1W+mVAwUqYArwf/7fwp
-UhZPd8NLSVT1pn4Nj2a2Q7S3GMpMguiQlhCol7hZOrNpc0fDGg1JSmYjCEmm3TOl
-Z49eyqmE8r4xdDEAyPk3u21HYrZ5RshyS/8vfPwqR9o=
------END CERTIFICATE REQUEST-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDNZM8duw+06KMnQTYurUyDL7LT2ahb4sDeSRgisbNMCGQHVT9R
-zXhAoqMMOB4jDuieiH3C6aSw7lq9abXkhuO9TIxiz3NGelCjXoyp7TN9Ke+uPXwW
-fQyKJlSkyR8mv47VPISCX0qWNvRShjnt4FY4PfZxWbQdXRp8nEMrORUVWQIDAQAB
-AoGAdcKxuUMSG1AykwQhk5uKvcBwUGR/0cbte8T+0I1/1j0NVOL8feNHag+VWiEm
-rkUS/CoXqNQat9LBNc5RGmh4U35orG2xi/EqcBnp/Mse2UqnOTYO3xjeP+JQBtR9
-EiutMTabnaOIXox2bfb3olKA5b6phTt9Y0v8Li/jbVAhw3ECQQDslDu6ZvkKoljU
-VICOteQMMPESsrXVPs5brtxyK2LQn+GBwXvy7d655Ql9jUkyops546aTB6JgYOMs
-zDD3oJ7FAkEA3kE1wwap7NxtYSEbtwyIa7r+IKezG9IPwG27EHjTjPBgclOk0ZOf
-W51ZD/CYNbA7fYAbqREeBwzhe5u0jfHFhQJBAOccL/T6nxMqYYibPDMtsSfPr9FK
-T6OQBVs/SQ8nHxMa/NsbPpCkm04SVuEV4onam7VDlPhRHujz/TlICBYADNkCQEaA
-XwJ3ea2mGphF/VmqgxfRYE2RhNJdZxu+cyl9enXpxl5dxBmq/1D7b8YLpuzY83YT
-DjMqN+E6p8gjEzo3qFUCQGaSni6qTT9pT22uT3QwLthOPdVacV6a55Ci6g4XaFUR
-/Es/nQdkZTbCI1ufGV2Usodsqas+lNGqnClGVHqcUg8=
+MIICWwIBAAKBgQC7O4+AlagyVu25wHl/Nu8zORuxwxwLURsK1ATuOZSr/rvVyXK+
+4Ez0Fxf+pOHxaSxniWPnD4TbbLsS+ylPYxHazCKFxOi/Aeo7Q7UySIU5dOUNefES
+GQGzSLy+qpp0lbvRpnhRzFsPvK94AXtCNkNBSXolJH4cFzpOu6LpZTyGhwIDAQAB
+AoGABGk60ES2WblCkIXAVwbsS8CkrmNyXbHjeTXVh+dDYWn28up0EZsnNPj2T8GC
+sTVRHn9WIzNyZdkB70iLiJtE6GBW2gJ0wZnPXXP41AXFLsKzNN4tay50I/jLq4K6
+1iJ48B/18n7XuvVl+AllAwfu+oC/c3yrkE6xIBr152RXl0ECQQDznby6Z3cVTEgJ
+GOk7slyedoZhdTR4XReEuvYp7c/2akch68KiADzZLHpCqMxq03kCP14vScBRSfKR
+9UDRTT3FAkEAxMAVwcGaZnzpZAO/VZPE+z7ZGsHw4cAPrDDSDYyqX83LXRNyhC7A
+y3t1OqtCkhEzw5bsvabuoeNLkXg2Igfj2wJAYiN8INeHaGQHbOrFIlBS8V8r+Vy+
+23IdBFJQ0klECq97olWYXayc1pwNUIcxeiNgzx/58DDUsaqJdnUHPInSRQJAKFbt
+3w0P2CWSQLRX/XbPs2e+YbMT7WVQkVBtMOP/ZqcuJAZBu4JOeynz7jSA8KvgPiDq
+pzPbx4tvygKorq+JcwJATDLs/UNawCQh1E6VEYXDPzSAhF1eYjvkgt97SzZEgJGb
+C4/aRXGjhsJQxHzcyCt4EUdz+2mkxD3L2Qgnq2IXaw==
-----END RSA PRIVATE KEY-----
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 2 (0x2)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
+ Validity
+ Not Before: Jul 29 19:21:31 2013 GMT
+ Not After : Jul 28 19:21:31 2018 GMT
+ Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=test client
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:dc:17:82:af:47:dc:71:77:73:c3:69:11:4b:ff:
+ 27:0e:29:4b:e6:6f:11:78:e4:56:88:c9:34:13:12:
+ e1:82:ec:24:fe:65:c8:9d:bb:05:54:20:d0:b4:31:
+ b9:4b:87:f8:4d:e5:c1:ba:99:f8:a2:cc:ff:8e:89:
+ f2:7a:68:2f:53:42:4d:73:19:5e:ca:7e:b2:fe:3b:
+ f7:d1:bc:e8:24:fa:77:47:ee:a4:89:cf:d1:dc:e9:
+ 99:3f:da:0e:d0:1e:c6:40:d2:60:ee:38:83:4e:a4:
+ dd:46:a3:6a:ac:c9:61:af:d5:23:9d:23:14:b5:31:
+ d5:ca:66:7a:30:3f:c2:ce:59
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ 17:CD:6D:67:FB:7D:77:59:0F:6C:F1:9B:0E:B0:EB:AE:BE:E0:9D:47
+ X509v3 Authority Key Identifier:
+ keyid:29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
+
+ Signature Algorithm: sha1WithRSAEncryption
+ b4:11:e8:8a:f5:21:d1:88:22:9e:f3:05:e6:47:c9:9d:87:10:
+ 09:a1:9c:f1:38:5b:a0:5a:b4:f5:fd:8d:cf:ae:01:7d:b4:a8:
+ 3c:dd:ed:17:b3:02:56:5b:4a:e6:17:58:8f:46:d4:02:97:95:
+ 0b:00:0e:b4:77:3e:ad:f0:ce:06:25:38:2d:ff:df:a4:0e:3b:
+ 83:73:f7:a3:da:c1:a1:24:68:a2:18:71:81:4e:3b:26:5a:e2:
+ 10:9a:27:95:85:a8:3c:47:3a:60:49:21:2f:12:90:fc:4a:f0:
+ 71:4d:bc:19:2a:06:07:f4:35:d9:8d:1d:b2:85:93:61:17:45:
+ 26:9a
-----BEGIN CERTIFICATE-----
-MIICpDCCAg0CCQDNrg5WSiiRpzANBgkqhkiG9w0BAQUFADCBoDELMAkGA1UEBhMC
-R0IxFzAVBgNVBAgMDlVuaXRlZCBLaW5nZG9tMQ4wDAYDVQQHDAVEZXJieTEdMBsG
-A1UECgwUTW9zcXVpdHRvIFRlc3QgU3VpdGUxDzANBgNVBAsMBkJyb2tlcjEXMBUG
-A1UEAwwOYnJva2VyLXRlc3QtY2ExHzAdBgkqhkiG9w0BCQEWEHRlc3RAZXhhbXBs
-ZS5jb20wHhcNMTIwNzAzMTQ0MDAwWhcNMzkxMTE4MTQ0MDAwWjCBizELMAkGA1UE
-BhMCR0IxFzAVBgNVBAgMDlVuaXRlZCBLaW5nZG9tMQ4wDAYDVQQHDAVEZXJieTEd
-MBsGA1UECgwUTW9zcXVpdHRvIFRlc3QgU3VpdGUxFDASBgNVBAsMC0Jyb2tlciBU
-ZXN0MR4wHAYDVQQDDBVsb2NhbGhvc3QtY2xpZW50LXRlc3QwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAM1kzx27D7TooydBNi6tTIMvstPZqFviwN5JGCKxs0wI
-ZAdVP1HNeECioww4HiMO6J6IfcLppLDuWr1pteSG471MjGLPc0Z6UKNejKntM30p
-7649fBZ9DIomVKTJHya/jtU8hIJfSpY29FKGOe3gVjg99nFZtB1dGnycQys5FRVZ
-AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAXB40zdyBFQ7BjDbDFV/vcx4E2rpVxnQ4
-vtJ8TE7aaBqS9QmxlWYnx8ys/q51mVmOxbA/aIFllaSyR+P0MrgZfbWFtb/PK2IV
-VnCciP7dfwqbnsW3ziRUq+mTaaNDPtT+YJrLJyTYNZPRvGIBHOt0NKzNCyvO37v3
-op7ELGt0I+E=
+MIICyTCCAjKgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEVMBMGA1UECgwMUGFobyBQcm9qZWN0MRAwDgYD
+VQQLDAdUZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBMB4XDTEzMDcyOTE5MjEz
+MVoXDTE4MDcyODE5MjEzMVoweDELMAkGA1UEBhMCR0IxGDAWBgNVBAgMD05vdHRp
+bmdoYW1zaGlyZTETMBEGA1UEBwwKTm90dGluZ2hhbTEPMA0GA1UECgwGU2VydmVy
+MRMwEQYDVQQLDApQcm9kdWN0aW9uMRQwEgYDVQQDDAt0ZXN0IGNsaWVudDCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3BeCr0fccXdzw2kRS/8nDilL5m8ReORW
+iMk0ExLhguwk/mXInbsFVCDQtDG5S4f4TeXBupn4osz/jonyemgvU0JNcxleyn6y
+/jv30bzoJPp3R+6kic/R3OmZP9oO0B7GQNJg7jiDTqTdRqNqrMlhr9UjnSMUtTHV
+ymZ6MD/CzlkCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl
+blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFBfNbWf7fXdZD2zx
+mw6w666+4J1HMB8GA1UdIwQYMBaAFClNbsfy93Fy2iecnKvaBx1HnNhBMA0GCSqG
+SIb3DQEBBQUAA4GBALQR6Ir1IdGIIp7zBeZHyZ2HEAmhnPE4W6BatPX9jc+uAX20
+qDzd7RezAlZbSuYXWI9G1AKXlQsADrR3Pq3wzgYlOC3/36QOO4Nz96PawaEkaKIY
+cYFOOyZa4hCaJ5WFqDxHOmBJIS8SkPxK8HFNvBkqBgf0NdmNHbKFk2EXRSaa
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDNZM8duw+06KMnQTYurUyDL7LT2ahb4sDeSRgisbNMCGQHVT9R
-zXhAoqMMOB4jDuieiH3C6aSw7lq9abXkhuO9TIxiz3NGelCjXoyp7TN9Ke+uPXwW
-fQyKJlSkyR8mv47VPISCX0qWNvRShjnt4FY4PfZxWbQdXRp8nEMrORUVWQIDAQAB
-AoGAdcKxuUMSG1AykwQhk5uKvcBwUGR/0cbte8T+0I1/1j0NVOL8feNHag+VWiEm
-rkUS/CoXqNQat9LBNc5RGmh4U35orG2xi/EqcBnp/Mse2UqnOTYO3xjeP+JQBtR9
-EiutMTabnaOIXox2bfb3olKA5b6phTt9Y0v8Li/jbVAhw3ECQQDslDu6ZvkKoljU
-VICOteQMMPESsrXVPs5brtxyK2LQn+GBwXvy7d655Ql9jUkyops546aTB6JgYOMs
-zDD3oJ7FAkEA3kE1wwap7NxtYSEbtwyIa7r+IKezG9IPwG27EHjTjPBgclOk0ZOf
-W51ZD/CYNbA7fYAbqREeBwzhe5u0jfHFhQJBAOccL/T6nxMqYYibPDMtsSfPr9FK
-T6OQBVs/SQ8nHxMa/NsbPpCkm04SVuEV4onam7VDlPhRHujz/TlICBYADNkCQEaA
-XwJ3ea2mGphF/VmqgxfRYE2RhNJdZxu+cyl9enXpxl5dxBmq/1D7b8YLpuzY83YT
-DjMqN+E6p8gjEzo3qFUCQGaSni6qTT9pT22uT3QwLthOPdVacV6a55Ci6g4XaFUR
-/Es/nQdkZTbCI1ufGV2Usodsqas+lNGqnClGVHqcUg8=
+MIICXAIBAAKBgQDcF4KvR9xxd3PDaRFL/ycOKUvmbxF45FaIyTQTEuGC7CT+Zcid
+uwVUINC0MblLh/hN5cG6mfiizP+OifJ6aC9TQk1zGV7KfrL+O/fRvOgk+ndH7qSJ
+z9Hc6Zk/2g7QHsZA0mDuOINOpN1Go2qsyWGv1SOdIxS1MdXKZnowP8LOWQIDAQAB
+AoGAa+NifoXdfAmwR7QzdGuJO5nmyPjdOcPE35yx2D/DKCiWIdbHNvq8q/bCF/Lg
+ADSQ9a6Q/uYHSdbv13Gr2XFE8MSOCex5cWe7xcQ4jHM9AR4soMxDLXoEqia6QtFg
+RLrVolER/h1QcqJ4pP3QC025JLADXTAvarKAJlkR4nQPigECQQD1xCdxY3mHkl0C
+KSVVjyALKrRHoqIxu2w1qivfTqA/S02Ws5tn6g+lkAEUa7Jg2s1/U2HybRAdGz5v
+fuIW7eOhAkEA5UGrc2z7TyfKIwO5I6aRLFMqwyMKVdO5v4RZlJGBhtGHLEd5nJMw
+ueKLVAUa5/1LaowfLQxYZD+yF8dWdpbvuQJAAbik+hNTR5LL2fcFzuqYs9tRteq6
+rhR89odBlWfMkYTqfzK01O57u5Idn9H9RtZheBHSbss6wKlvL4K4/KYf4QJAZKXk
+A5TA8Atj7uNfkIs8CN2qVGk5zFxbm/0a5uLKnsm2MnZeqaLlLXaL/KMRIPBO/8Ps
+m/Zjh/9+zHmzN/Uj4QJBAPFmzczJDxDviQcEo7qL9J6JAJtijqDAgv9u1XpqIfIx
+GveE+zuKYC2g2Absn1Art3dQgJAsttOF/40HykRLeGc=
-----END RSA PRIVATE KEY-----
-----BEGIN X509 CRL-----
-MIIBmDCCAQECAQEwDQYJKoZIhvcNAQEFBQAwgaAxCzAJBgNVBAYTAkdCMRcwFQYD
-VQQIDA5Vbml0ZWQgS2luZ2RvbTEOMAwGA1UEBwwFRGVyYnkxHTAbBgNVBAoMFE1v
-c3F1aXR0byBUZXN0IFN1aXRlMQ8wDQYDVQQLDAZCcm9rZXIxFzAVBgNVBAMMDmJy
-b2tlci10ZXN0LWNhMR8wHQYJKoZIhvcNAQkBFhB0ZXN0QGV4YW1wbGUuY29tFw0x
-MjA3MDMxNTU5MzFaFw0xMjA4MDIxNTU5MzFaMBwwGgIJAM2uDlZKKJGnFw0xMjA3
-MDMxNTU4NDZaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG9w0BAQUFAAOBgQCPcwu3
-0rWWICxqPKPCXUWNgeoNygHt/n2Y+n+Y00LtHxAyfj0ag06GuW4cDH7CYNKsrt/s
-59O+3VBRFisbMc1k3aSI5CFE4kSabR7OXOxnbNm/+3LFK80Wp17CjyEeFQrEg6tn
-apeq3dUczj88uD7z5B/LtW5s+gGWcpgsDIA1wA==
+MIIBTjCBuAIBATANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJHQjETMBEGA1UE
+CAwKRGVyYnlzaGlyZTEVMBMGA1UECgwMUGFobyBQcm9qZWN0MRAwDgYDVQQLDAdU
+ZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBFw0xMzA3MjkxOTIxMzFaFw0xMzA4
+MjgxOTIxMzFaMBQwEgIBBBcNMTMwNzI5MTkyMTMxWqAOMAwwCgYDVR0UBAMCAQEw
+DQYJKoZIhvcNAQEFBQADgYEAqKuTRPtsyPDpOFg3PXmCJJJSoTCKwvhYf9GXCfub
+OIJMM5IYfcPceLWhsakpJ4fzoFQwhkCB2gQZ9eyIW44FJfKL4EFLqQkj/gKwrXti
+TQCii49XDyncCFNjUaWMqB6wYx7gVOLg8NPdE2iLNzhiA4RIWMbT0nyzM0AOzOGF
++k4=
-----END X509 CRL-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIEITCCAwmgAwIBAgIJAJu8ZUmvHGqDMA0GCSqGSIb3DQEBBQUAMIGmMQswCQYD
-VQQGEwJERTEQMA4GA1UECAwHR2VybWFueTEPMA0GA1UEBwwGQmVybGluMR8wHQYD
-VQQKDBZGYWtlIENlcnRpZmljYXRlcyBHbWJoMRcwFQYDVQQLDA5Eb2RneSBEZWFs
-aW5nczEZMBcGA1UEAwwQZmFrZS1jZXJ0aWZpY2F0ZTEfMB0GCSqGSIb3DQEJARYQ
-ZmFrZUBleGFtcGxlLmNvbTAeFw0xMzAxMjUwOTE0MTJaFw0yMzAxMjMwOTE0MTJa
-MIGmMQswCQYDVQQGEwJERTEQMA4GA1UECAwHR2VybWFueTEPMA0GA1UEBwwGQmVy
-bGluMR8wHQYDVQQKDBZGYWtlIENlcnRpZmljYXRlcyBHbWJoMRcwFQYDVQQLDA5E
-b2RneSBEZWFsaW5nczEZMBcGA1UEAwwQZmFrZS1jZXJ0aWZpY2F0ZTEfMB0GCSqG
-SIb3DQEJARYQZmFrZUBleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAKRMCDzm2gYvw4LViJLqbyYJLozmv12IIO2XYq1ySVftJlx3rfsP
-v67llJ56hncj/c53vCe9U1jcb/R+ycDMP+28XvnEaEGAsotO4W1ky60Sku8rUwKM
-wIIMj5/bhPGCuZqw1PTlUfwb5BCcP1Kte+Tx4lElZZ7KgigWFFrxwlORUaRrVrBm
-qervDlb4ze7iryShpPQRtWvzCxyXyEB2mD9QEwDdFRF3+mooqCfSxy/LlzMPn2dx
-5MJtJ9M1dnjY8vI1GI+Uiw78GigJjlBLiZAfRRTlRWja/Q8vt/j0IbNQHKumfzEe
-uTnl0UlpzzX5CpVtfZXJRXtF7KRnCBpMT5ECAwEAAaNQME4wHQYDVR0OBBYEFDA+
-RHNT+TYVdOAJ1YJWIfKlY/zIMB8GA1UdIwQYMBaAFDA+RHNT+TYVdOAJ1YJWIfKl
-Y/zIMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAG2oSw+kBTD9/FGJ
-+rYAmBchTQTMOS2RPgpudEwRapswLvnYhWh/Vos6I0oQaGu9wf7rYPdqmTsNPoke
-/0j/Jqwp7/QEwtu6X0heqtAh/+FJVrpUlLbRoGbAuCb8rS3t3k8zGjaAKzNLB5vL
-quy9f4TZI0ojyN7v4q6B5FTdjaaxQa5hFVRno98oipI6jghQsnL9oxqsBedKaRE5
-WowXviqK3umHh0zqfkzVptee5GsNt7MceKRAgWUE2qj70kp2ceSX8D9aoWEar5k8
-VmvWfTAgmFq9GPV2WhJAoDj7P8lGDdqqtoI5qJAg+KSjtC1MSzMDSy/xuW7eFdbJ
-qJVuqN8=
------END CERTIFICATE-----
+++ /dev/null
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIqEGGNc7YpJYCAggA
-MBQGCCqGSIb3DQMHBAiBEYk/9zv90QSCBMj06vSmv9YwCHKKSwyD2u7E+rbUbQz1
-UfY/Shf7zOvBTaELaSsctO9UpoAeWzPjkNvhhTsZIBhHxKomHc+YFBvAHLkUx7mk
-9MT9zxC5hQd0k0lcYt4xc5HFpg8AVx34PGA2AnRCWKz+Aj+fgxV0U3tNIzAw8V0w
-bZJGLFxQqhLXlME3Bd4iSG+oh5UzjhDvOVMTJoRsOpipOUfx/DKCMB23Z6987k7j
-t45VucNF3BlbBlaUDOCUKecMtkYAjHn44D9JmvII53xF5PTUFMVjd3Xdqdo6jQBX
-dN/HNigt2iDl1g0Wrere/8CjMFBuh3ANBrIF91eyj1xLTQ8+ZhBVRpEhgq11oMUd
-5jqWUJgax7PTgY4wSK24dYak9iSaqi32+1+KxQW8gi2E+vtCBgTO8NbH1F7OJarK
-wyUmRSE/hmD1XTLg6QEoKKl7/8WnGL5GkuppMkePHQj1YI5Dpwy4ElVFOzo7VvF0
-gqeLIFP7afE1BoTO7pcu8R30/KjHmg//LFJ4YksYMInyg1zv2djnoE7s/gwLA2jY
-J95VhN7SA4r5kpVzHdkwscaQ1J1ss9BLGRSJ2NuMo5vrvFnAHnZ9pvhzUA2UveD9
-EKzSbR8KRZf/BFn6d06n1nVEyNtGvD0p427L4Fn1HmD1yOi5z/iQHpgHUektFrEl
-LVduaLONwPyPXX3Gzzuy8ETQVRdiHA6J0ZQh/EpYPtsJ1MvmWMocQwKqaBvyQKc6
-CLop+2/MbAyJszUvUTJIDuXoHO4mm2u7G8h/4KOifDmRyERJdugQ+ZMu3LSgjl+e
-/Bi5qSDcgzI3GJLBjTsnkY5yKSz9VpCvvIh0gXlZT/7aFTBkic5+cc2l3K4Sf6DF
-C0FY2xfiNiFTsK2LZov4Dc7msv3Psfc0oCABpkv/i+lrHEMnJw3jj/KnVfw30/Gp
-/0hgcGBpdQ7EJmGXKY/yAd7gA3frfQ6lT7Fr6MTD6v5LRY7ZfJAka3RCQM4DrIj4
-Tl+CnAskekL2Zgm0L5K1QuVOZkH0uJca7Dy6HEAlSB+EhYQ0F/HZA94Vp/ZjtOvp
-cw9PJEztWLYSvsHwC9691vgkG79+YsI3mZ2i+t/Ps0zHe7EL6p3sbHp3h9FZj+7+
-rIfMWF7SGc0mQBNdwq+eyRg46LgZp4Za1R6ap5QoYFtV7cnHzZGeNAk6+ucmtviu
-2y5p5d51J1Ll6KELKodDZ7PLUDez9l0JMSLurlysQI7uvM91za6gtjoWgGlhNqYb
-/V8Zdj8jn2ri2fL3CGRHAQcPRDy26lzjh5DuHCXkHC8sn8cCl+wJWcBhU1GCrvlk
-d0TJZWbm8MDKTxJ+vC/jn0PZkZ0v0fOzVFYgnIDmteBvOx8IRkJUYmIY/tcBcpUz
-fMNXYedw9Xdd3dRdGcSuEPcFMtKWNX8H8GW6rydcj1wUsrYL7w8ONLWGWF1u09dQ
-N9fV1PK4J3ZS7u6O5aR9Pp+aZIUTj1nUgZucTlmyeNe8wl2pNm1TDNZHuoG1ogFj
-SFITR86ftxaYmn6oi5fbmbQN9n1zcSl4a+oAyldm1kwl2t8tbWlxmbfLiiPEkWlP
-MZky8x63apLPx1aJ3cf8Ie+ZwmHSYHSvNP89KdLnHOhRULW1KejVyLjmmnlEIRTr
-RUY=
------END ENCRYPTED PRIVATE KEY-----
--- /dev/null
+# This file generates the keys and certificates used for testing mosquitto.
+# None of the keys are encrypted, so do not just use this script to generate
+# files for your own use.
+
+rm -f *.crt *.key *.csr
+for a in root signing; do
+ rm -rf ${a}CA/
+ mkdir -p ${a}CA/newcerts
+ touch ${a}CA/index.txt
+ echo 01 > ${a}CA/serial
+ echo 01 > ${a}CA/crlnumber
+done
+rm -rf certs
+
+BASESUBJ="/C=GB/ST=Derbyshire/L=Derby/O=Paho Project/OU=Testing"
+SBASESUBJ="/C=GB/ST=Nottinghamshire/L=Nottingham/O=Server/OU=Production"
+BBASESUBJ="/C=GB/ST=Nottinghamshire/L=Nottingham/O=Server/OU=Bridge"
+
+# The root CA
+openssl genrsa -out test-root-ca.key 1024
+openssl req -new -x509 -days 3650 -key test-root-ca.key -out test-root-ca.crt -config openssl.cnf -subj "${BASESUBJ}/CN=Root CA/"
+
+# Another root CA that doesn't sign anything
+openssl genrsa -out test-bad-root-ca.key 1024
+openssl req -new -x509 -days 3650 -key test-bad-root-ca.key -out test-bad-root-ca.crt -config openssl.cnf -subj "${BASESUBJ}/CN=Bad Root CA/"
+
+# This is a root CA that has the exact same details as the real root CA, but is a different key and certificate. Effectively a "fake" CA.
+openssl genrsa -out test-fake-root-ca.key 1024
+openssl req -new -x509 -days 3650 -key test-fake-root-ca.key -out test-fake-root-ca.crt -config openssl.cnf -subj "${BASESUBJ}/CN=Root CA/"
+
+# An intermediate CA, signed by the root CA, used to sign server/client csrs.
+openssl genrsa -out test-signing-ca.key 1024
+openssl req -out test-signing-ca.csr -key test-signing-ca.key -new -config openssl.cnf -subj "${BASESUBJ}/CN=Signing CA/"
+openssl ca -config openssl.cnf -name CA_root -extensions v3_ca -out test-signing-ca.crt -infiles test-signing-ca.csr
+
+# An alternative intermediate CA, signed by the root CA, not used to sign anything.
+openssl genrsa -out test-alt-ca.key 1024
+openssl req -out test-alt-ca.csr -key test-alt-ca.key -new -config openssl.cnf -subj "${BASESUBJ}/CN=Alternative Signing CA/"
+openssl ca -config openssl.cnf -name CA_root -extensions v3_ca -out test-alt-ca.crt -infiles test-alt-ca.csr
+
+# Valid server key and certificate.
+openssl genrsa -out server.key 1024
+openssl req -new -key server.key -out server.csr -config openssl.cnf -subj "${SBASESUBJ}/CN=localhost/"
+openssl ca -config openssl.cnf -name CA_signing -out server.crt -infiles server.csr
+
+# Expired server certificate, based on the above server key.
+openssl req -new -days 1 -key server.key -out server-expired.csr -config openssl.cnf -subj "${SBASESUBJ}/CN=localhost/"
+openssl ca -config openssl.cnf -name CA_signing -days 1 -startdate 120820000000Z -enddate 120821000000Z -out server-expired.crt -infiles server-expired.csr
+
+# Valid client key and certificate.
+openssl genrsa -out client.key 1024
+openssl req -new -key client.key -out client.csr -config openssl.cnf -subj "${SBASESUBJ}/CN=test client/"
+openssl ca -config openssl.cnf -name CA_signing -out client.crt -infiles client.csr
+
+# Expired client certificate, based on the above client key.
+openssl req -new -days 1 -key client.key -out client-expired.csr -config openssl.cnf -subj "${SBASESUBJ}/CN=test client expired/"
+openssl ca -config openssl.cnf -name CA_signing -days 1 -startdate 120820000000Z -enddate 120821000000Z -out client-expired.crt -infiles client-expired.csr
+
+# Revoked client certificate, based on a new client key.
+openssl genrsa -out client-revoked.key 1024
+openssl req -new -days 1 -key client-revoked.key -out client-revoked.csr -config openssl.cnf -subj "${SBASESUBJ}/CN=test client revoked/"
+openssl ca -config openssl.cnf -name CA_signing -out client-revoked.crt -infiles client-revoked.csr
+openssl ca -config openssl.cnf -name CA_signing -revoke client-revoked.crt
+openssl ca -config openssl.cnf -name CA_signing -gencrl -out crl.pem
+
+cat test-signing-ca.crt test-root-ca.crt > all-ca.crt
+#mkdir certs
+#cp test-signing-ca.crt certs/test-signing-ca.pem
+#cp test-root-ca.crt certs/test-root.ca.pem
+c_rehash certs
--- /dev/null
+#
+# OpenSSL example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+# This definition stops the following lines choking if HOME isn't
+# defined.
+HOME = .
+RANDFILE = $ENV::HOME/.rnd
+
+# Extra OBJECT IDENTIFIER info:
+#oid_file = $ENV::HOME/.oid
+oid_section = new_oids
+
+# To use this configuration file with the "-extfile" option of the
+# "openssl x509" utility, name here the section containing the
+# X.509v3 extensions to use:
+# extensions =
+# (Alternatively, use a configuration file that has only
+# X.509v3 extensions in its main [= default] section.)
+
+[ new_oids ]
+
+# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
+# Add a simple OID like this:
+# testoid1=1.2.3.4
+# Or use config file substitution like this:
+# testoid2=${testoid1}.5.6
+
+# Policies used by the TSA examples.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
+####################################################################
+[ ca ]
+default_ca = CA_default # The default ca section
+
+####################################################################
+[ CA_signing ]
+
+dir = ./signingCA # Where everything is kept
+certs = $dir/certs # Where the issued certs are kept
+crl_dir = $dir/crl # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+#unique_subject = no # Set to 'no' to allow creation of
+ # several ctificates with same subject.
+new_certs_dir = $dir/newcerts # default place for new certs.
+
+certificate = test-signing-ca.crt # The CA certificate
+serial = $dir/serial # The current serial number
+crlnumber = $dir/crlnumber # the current crl number
+ # must be commented out to leave a V1 CRL
+crl = $dir/crl.pem # The current CRL
+private_key = test-signing-ca.key # The private key
+RANDFILE = $dir/.rand # private random number file
+
+x509_extensions = usr_cert # The extentions to add to the cert
+
+# Comment out the following two lines for the "traditional"
+# (and highly broken) format.
+name_opt = ca_default # Subject Name options
+cert_opt = ca_default # Certificate field options
+
+# Extension copying option: use with caution.
+# copy_extensions = copy
+
+# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
+# so this is commented out by default to leave a V1 CRL.
+# crlnumber must also be commented out to leave a V1 CRL.
+# crl_extensions = crl_ext
+
+default_days = 1825 # how long to certify for
+default_crl_days= 30 # how long before next CRL
+default_md = default # use public key default MD
+preserve = no # keep passed DN ordering
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy = policy_anything
+
+[ CA_inter ]
+dir = ./interCA
+certs = $dir/certs
+crl_dir = $dir/crl
+database = $dir/index.txt
+new_certs_dir = $dir/newcerts
+
+certificate = test-inter-ca.crt
+serial = $dir/serial
+crlnumber = $dir/crlnumber
+crl = $dir/crl.pem
+private_key = test-inter-ca.key
+RANDFILE = $dir/.rand
+
+#x509_extensions = v3_ca
+x509_extensions = usr_cert
+
+name_opt = ca_default
+cert_opt = ca_default
+
+default_days = 1825
+default_crl_days = 30
+default_md = default
+preserve = no
+
+policy = policy_match
+unique_subject = yes
+
+[ CA_root ]
+dir = ./rootCA
+certs = $dir/certs
+crl_dir = $dir/crl
+database = $dir/index.txt
+new_certs_dir = $dir/newcerts
+
+certificate = test-root-ca.crt
+serial = $dir/serial
+crlnumber = $dir/crlnumber
+crl = $dir/crl.pem
+private_key = test-root-ca.key
+RANDFILE = $dir/.rand
+
+x509_extensions = v3_ca
+
+name_opt = ca_default
+cert_opt = ca_default
+
+default_days = 1825
+default_crl_days = 30
+default_md = default
+preserve = no
+
+policy = policy_match
+unique_subject = yes
+
+# For the CA policy
+[ policy_match ]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+####################################################################
+[ req ]
+default_bits = 2048
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+x509_extensions = v3_ca # The extentions to add to the self signed cert
+
+# Passwords for private keys if not present they will be prompted for
+# input_password = secret
+# output_password = secret
+
+# This sets a mask for permitted string types. There are several options.
+# default: PrintableString, T61String, BMPString.
+# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = GB
+countryName_min = 2
+countryName_max = 2
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = Derbyshire
+
+localityName = Locality Name (eg, city)
+localityName_default = Derby
+
+0.organizationName = Organization Name (eg, company)
+0.organizationName_default = Paho Project
+
+# we can do this but it is not needed normally :-)
+#1.organizationName = Second Organization Name (eg, company)
+#1.organizationName_default = World Wide Web Pty Ltd
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+organizationalUnitName_default = Testing
+
+commonName = Common Name (e.g. server FQDN or YOUR name)
+commonName_max = 64
+
+emailAddress = Email Address
+emailAddress_max = 64
+
+# SET-ex3 = SET extension number 3
+
+[ req_attributes ]
+challengePassword = A challenge password
+challengePassword_min = 4
+challengePassword_max = 20
+
+unstructuredName = An optional company name
+
+[ usr_cert ]
+
+# These extensions are added when 'ca' signs a request.
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType = server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This is required for TSA certificates.
+# extendedKeyUsage = critical,timeStamping
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+
+authorityKeyIdentifier=keyid:always,issuer
+
+# This is what PKIX recommends but some broken software chokes on critical
+# extensions.
+#basicConstraints = critical,CA:true
+# So we do this instead.
+basicConstraints = CA:true
+
+# Key usage: this is typical for a CA certificate. However since it will
+# prevent it being used as an test self-signed certificate it is best
+# left out by default.
+# keyUsage = cRLSign, keyCertSign
+
+# Some might want this also
+# nsCertType = sslCA, emailCA
+
+# Include email address in subject alt name: another PKIX recommendation
+# subjectAltName=email:copy
+# Copy issuer details
+# issuerAltName=issuer:copy
+
+# DER hex encoding of an extension: beware experts only!
+# obj=DER:02:03
+# Where 'obj' is a standard or added object
+# You can even override a supported extension:
+# basicConstraints= critical, DER:30:03:01:01:FF
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always
+
+[ proxy_cert_ext ]
+# These extensions should be added when creating a proxy certificate
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType = server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment = "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This really needs to be in place for it to be a proxy certificate.
+proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
+
+####################################################################
+[ tsa ]
+
+default_tsa = tsa_config1 # the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir = ./demoCA # TSA root directory
+serial = $dir/tsaserial # The current serial number (mandatory)
+crypto_device = builtin # OpenSSL engine to use for signing
+signer_cert = $dir/tsacert.pem # The TSA signing certificate
+ # (optional)
+certs = $dir/cacert.pem # Certificate chain to include in reply
+ # (optional)
+signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
+
+default_policy = tsa_policy1 # Policy if request did not specify it
+ # (optional)
+other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
+digests = md5, sha1 # Acceptable message digests (mandatory)
+accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
+clock_precision_digits = 0 # number of digits after dot. (optional)
+ordering = yes # Is ordering defined for timestamps?
+ # (optional, default: no)
+tsa_name = yes # Must the TSA name be included in the reply?
+ # (optional, default: no)
+ess_cert_id_chain = no # Must the ESS cert id chain be included?
+ # (optional, default: no)
+++ /dev/null
-This directory contains certificates and keys required for SSL testing.
-The CA key has password "password".
--- /dev/null
+V 180728192130Z 01 unknown /C=GB/ST=Derbyshire/O=Paho Project/OU=Testing/CN=Signing CA
+V 180728192130Z 02 unknown /C=GB/ST=Derbyshire/O=Paho Project/OU=Testing/CN=Alternative Signing CA
--- /dev/null
+unique_subject = yes
--- /dev/null
+unique_subject = yes
--- /dev/null
+V 180728192130Z 01 unknown /C=GB/ST=Derbyshire/O=Paho Project/OU=Testing/CN=Signing CA
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, L=Derby, O=Paho Project, OU=Testing, CN=Root CA
+ Validity
+ Not Before: Jul 29 19:21:30 2013 GMT
+ Not After : Jul 28 19:21:30 2018 GMT
+ Subject: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:dc:26:78:40:ae:b2:ad:2f:26:12:0a:d5:b1:18:
+ 80:16:d8:88:be:0b:42:ce:32:ad:12:d5:f5:78:1b:
+ 35:28:f2:13:1b:05:09:fb:7e:d7:d9:a1:8a:0d:4a:
+ fe:95:37:d4:16:75:83:e4:6a:44:34:33:57:2e:49:
+ ba:bc:b4:cf:d0:c0:87:e0:bc:f0:60:76:14:00:d6:
+ eb:cb:f6:db:b3:43:f1:c8:4d:4a:0a:bb:e0:37:7c:
+ 8e:93:1f:a0:87:68:59:fe:0c:25:40:f3:7c:fd:71:
+ 90:55:ef:de:18:b4:08:86:c9:75:c2:99:2f:ce:12:
+ bf:c5:5e:cf:5f:f1:06:53:07
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
+ X509v3 Authority Key Identifier:
+ keyid:4A:2B:69:D6:31:1D:A3:68:E8:46:6F:FB:4B:F3:8E:B6:8D:51:0E:BF
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 48:ec:d7:80:8a:8f:82:a6:42:b1:89:2c:b9:4b:6d:0a:37:b8:
+ 72:19:05:de:75:80:0c:d6:41:97:b2:d7:fe:99:cb:7e:c4:0e:
+ 77:97:09:a8:9f:87:ff:0b:de:3f:1c:dc:1e:fe:09:36:a7:f5:
+ 54:9a:85:4e:fb:6f:27:fe:0f:29:45:61:8d:07:c6:0c:da:37:
+ 3d:a3:69:4b:82:71:e6:24:e0:87:a6:ee:d5:87:61:dd:8f:08:
+ fe:33:a6:1f:ae:b2:ae:1f:d8:2c:20:c8:a6:fc:33:0e:82:68:
+ 80:23:61:10:ad:5c:1d:80:d6:b1:5f:e4:af:66:6d:63:10:e4:
+ 96:e4
+-----BEGIN CERTIFICATE-----
+MIICkzCCAfygAwIBAgIBATANBgkqhkiG9w0BAQUFADBtMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEOMAwGA1UEBwwFRGVyYnkxFTATBgNVBAoMDFBh
+aG8gUHJvamVjdDEQMA4GA1UECwwHVGVzdGluZzEQMA4GA1UEAwwHUm9vdCBDQTAe
+Fw0xMzA3MjkxOTIxMzBaFw0xODA3MjgxOTIxMzBaMGAxCzAJBgNVBAYTAkdCMRMw
+EQYDVQQIDApEZXJieXNoaXJlMRUwEwYDVQQKDAxQYWhvIFByb2plY3QxEDAOBgNV
+BAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwgZ8wDQYJKoZIhvcNAQEB
+BQADgY0AMIGJAoGBANwmeECusq0vJhIK1bEYgBbYiL4LQs4yrRLV9XgbNSjyExsF
+Cft+19mhig1K/pU31BZ1g+RqRDQzVy5Jury0z9DAh+C88GB2FADW68v227ND8chN
+Sgq74Dd8jpMfoIdoWf4MJUDzfP1xkFXv3hi0CIbJdcKZL84Sv8Vez1/xBlMHAgMB
+AAGjUDBOMB0GA1UdDgQWBBQpTW7H8vdxctonnJyr2gcdR5zYQTAfBgNVHSMEGDAW
+gBRKK2nWMR2jaOhGb/tL8462jVEOvzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB
+BQUAA4GBAEjs14CKj4KmQrGJLLlLbQo3uHIZBd51gAzWQZey1/6Zy37EDneXCaif
+h/8L3j8c3B7+CTan9VSahU77byf+DylFYY0HxgzaNz2jaUuCceYk4Iem7tWHYd2P
+CP4zph+usq4f2CwgyKb8Mw6CaIAjYRCtXB2A1rFf5K9mbWMQ5Jbk
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 2 (0x2)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, L=Derby, O=Paho Project, OU=Testing, CN=Root CA
+ Validity
+ Not Before: Jul 29 19:21:30 2013 GMT
+ Not After : Jul 28 19:21:30 2018 GMT
+ Subject: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Alternative Signing CA
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:d3:16:c8:c3:0c:90:e5:68:3d:11:13:a7:8e:fb:
+ 11:c5:de:aa:3f:4d:ac:95:4f:c4:c2:60:8a:df:95:
+ b5:db:75:04:76:42:19:5f:d9:63:0e:e4:c0:8e:db:
+ a5:5f:21:ec:f3:3d:a0:c1:82:8b:61:b4:1a:5b:3c:
+ 9e:42:bd:5f:5b:b4:a8:00:8d:e1:bf:99:93:c8:45:
+ 1f:6d:29:ab:67:f0:35:9c:48:0b:a0:a2:18:32:70:
+ 35:5e:ea:fe:1f:33:ab:b5:85:ef:1d:2a:a9:75:60:
+ 38:ed:3a:33:be:5d:40:89:cb:0b:b3:25:e8:e7:bc:
+ 13:6b:62:28:1d:a7:9c:aa:99
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 3A:70:4C:5D:76:C6:B4:CF:E7:BC:4B:F4:CE:C6:B8:46:C2:95:41:9B
+ X509v3 Authority Key Identifier:
+ keyid:4A:2B:69:D6:31:1D:A3:68:E8:46:6F:FB:4B:F3:8E:B6:8D:51:0E:BF
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 2f:74:dd:ef:da:03:cf:14:78:ae:6f:0d:04:29:75:db:c5:a2:
+ c0:fd:1e:46:bf:3c:25:3c:03:3b:a6:f4:f1:3a:89:54:83:e9:
+ 3a:0f:d7:81:9a:8d:7f:2d:6b:b1:ca:17:7f:ef:93:18:c4:68:
+ b8:b2:1d:d2:9c:d9:9f:66:9d:18:25:18:b4:4f:72:bf:24:c5:
+ 0c:2d:fc:cf:ad:c8:ff:25:f1:36:12:72:b4:46:e1:c9:17:19:
+ c5:1e:f5:26:8a:ae:33:5f:69:16:6f:62:ce:fc:ba:c3:a3:c5:
+ 50:a3:a5:42:a9:02:6a:25:77:90:3e:e3:b7:e5:ac:7f:3f:bb:
+ 1c:17
+-----BEGIN CERTIFICATE-----
+MIICnzCCAgigAwIBAgIBAjANBgkqhkiG9w0BAQUFADBtMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEOMAwGA1UEBwwFRGVyYnkxFTATBgNVBAoMDFBh
+aG8gUHJvamVjdDEQMA4GA1UECwwHVGVzdGluZzEQMA4GA1UEAwwHUm9vdCBDQTAe
+Fw0xMzA3MjkxOTIxMzBaFw0xODA3MjgxOTIxMzBaMGwxCzAJBgNVBAYTAkdCMRMw
+EQYDVQQIDApEZXJieXNoaXJlMRUwEwYDVQQKDAxQYWhvIFByb2plY3QxEDAOBgNV
+BAsMB1Rlc3RpbmcxHzAdBgNVBAMMFkFsdGVybmF0aXZlIFNpZ25pbmcgQ0EwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANMWyMMMkOVoPRETp477EcXeqj9NrJVP
+xMJgit+Vtdt1BHZCGV/ZYw7kwI7bpV8h7PM9oMGCi2G0Gls8nkK9X1u0qACN4b+Z
+k8hFH20pq2fwNZxIC6CiGDJwNV7q/h8zq7WF7x0qqXVgOO06M75dQInLC7Ml6Oe8
+E2tiKB2nnKqZAgMBAAGjUDBOMB0GA1UdDgQWBBQ6cExddsa0z+e8S/TOxrhGwpVB
+mzAfBgNVHSMEGDAWgBRKK2nWMR2jaOhGb/tL8462jVEOvzAMBgNVHRMEBTADAQH/
+MA0GCSqGSIb3DQEBBQUAA4GBAC903e/aA88UeK5vDQQpddvFosD9Hka/PCU8Azum
+9PE6iVSD6ToP14GajX8ta7HKF3/vkxjEaLiyHdKc2Z9mnRglGLRPcr8kxQwt/M+t
+yP8l8TYScrRG4ckXGcUe9SaKrjNfaRZvYs78usOjxVCjpUKpAmold5A+47flrH8/
+uxwX
+-----END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICvjCCAicCCQDNrg5WSiiRqTANBgkqhkiG9w0BAQUFADCBoDELMAkGA1UEBhMC
-R0IxFzAVBgNVBAgMDlVuaXRlZCBLaW5nZG9tMQ4wDAYDVQQHDAVEZXJieTEdMBsG
-A1UECgwUTW9zcXVpdHRvIFRlc3QgU3VpdGUxDzANBgNVBAsMBkJyb2tlcjEXMBUG
-A1UEAwwOYnJva2VyLXRlc3QtY2ExHzAdBgkqhkiG9w0BCQEWEHRlc3RAZXhhbXBs
-ZS5jb20wHhcNMTIwNzAzMTU1MDE1WhcNMTIwNzA0MTU1MDE1WjCBpTELMAkGA1UE
-BhMCR0IxFzAVBgNVBAgMDlVuaXRlZCBLaW5nZG9tMQ4wDAYDVQQHDAVEZXJieTEd
-MBsGA1UECgwUTW9zcXVpdHRvIFRlc3QgU3VpdGUxFDASBgNVBAsMC0Jyb2tlciBU
-ZXN0MRcwFQYDVQQDDA5sb2NhbGhvc3QtdGVzdDEfMB0GCSqGSIb3DQEJARYQdGVz
-dEBleGFtcGxlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAttnPoWjp
-KXROyGM2yqR7IGVmn4RID5hdCCWiJT1s0cSm3BwY3aMD1m/ZrCZfMu3K6tA+9rrh
-xMjEVCmG4ez4UdTv+xfxRalo2SkA2J6Yiti5/ec8Hjh6m3ch9F8Ju62XsS5KZl0Q
-oOE5D7UrMayq2eflBlO02qobn8114MIc0EkCAwEAATANBgkqhkiG9w0BAQUFAAOB
-gQC2KotrVoQCtsqW54VbcaCyHki9GpYw2QR1Ex+0sRCLcr2HhUK471D8BCooNo53
-Kft0yEclN1x5j8I7Rk6QmLmrXDeZBrRqSasDo0glYGCN8QwoVfx5L54r0ktEGDvr
-4PUWTieyuLKbFB+be0esM+/5IwpdsgVZuDI3D4jBR53SgQ==
------END CERTIFICATE-----
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
+ Validity
+ Not Before: Jul 29 19:21:30 2013 GMT
+ Not After : Jul 28 19:21:30 2018 GMT
+ Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=localhost
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:be:b7:65:98:5e:e1:e0:68:e7:14:04:e5:40:2d:
+ d3:b4:f2:b2:dd:6e:5c:97:7a:5b:c5:4f:7a:45:11:
+ 99:4e:56:30:c6:d6:50:29:88:c3:31:6d:b0:f1:a8:
+ 5f:f5:fd:cc:d1:52:0f:40:70:04:cc:14:0d:98:45:
+ 62:a8:f9:88:0a:be:20:32:53:c5:48:fb:b0:e4:25:
+ db:25:ec:0d:c4:6a:28:dc:af:d7:2d:63:99:b9:f4:
+ c0:32:54:dc:be:4d:9f:7f:67:7e:2a:be:82:2d:de:
+ 37:35:0b:0d:7b:b8:9c:55:ff:cf:ab:fe:61:e9:8c:
+ bf:c4:27:e2:56:2f:1a:73:87
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ A1:8C:9A:D1:28:58:68:C5:46:5B:FA:C5:48:01:96:67:55:97:65:8A
+ X509v3 Authority Key Identifier:
+ keyid:29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 78:f6:a1:34:ac:2c:a5:0a:1d:82:97:97:1f:f5:03:44:a7:c0:
+ 4d:e8:8d:67:e7:71:50:30:3c:8b:77:eb:81:96:78:6b:ab:31:
+ 5a:ba:7b:1c:ad:ec:fd:a6:5d:73:ef:99:2d:6f:9f:7e:13:ac:
+ b2:61:2f:e4:56:cc:28:f1:e4:7f:ea:a9:b2:f2:85:87:68:52:
+ 65:b0:42:54:84:92:2f:fb:45:d4:36:e2:3c:0e:4c:a6:6d:82:
+ 8f:72:c0:66:0c:5f:b2:a7:7c:9b:be:cd:19:55:5d:40:27:99:
+ 14:e2:cf:59:cb:4b:40:e4:98:2d:f7:93:14:4a:50:dc:75:9c:
+ 5c:9d
-----BEGIN CERTIFICATE-----
-MIICvjCCAicCCQDNrg5WSiiRpDANBgkqhkiG9w0BAQUFADCBoDELMAkGA1UEBhMC
-R0IxFzAVBgNVBAgMDlVuaXRlZCBLaW5nZG9tMQ4wDAYDVQQHDAVEZXJieTEdMBsG
-A1UECgwUTW9zcXVpdHRvIFRlc3QgU3VpdGUxDzANBgNVBAsMBkJyb2tlcjEXMBUG
-A1UEAwwOYnJva2VyLXRlc3QtY2ExHzAdBgkqhkiG9w0BCQEWEHRlc3RAZXhhbXBs
-ZS5jb20wHhcNMTIwNzAzMTEzMjM0WhcNMzkxMTE4MTEzMjM0WjCBpTELMAkGA1UE
-BhMCR0IxFzAVBgNVBAgMDlVuaXRlZCBLaW5nZG9tMQ4wDAYDVQQHDAVEZXJieTEd
-MBsGA1UECgwUTW9zcXVpdHRvIFRlc3QgU3VpdGUxFDASBgNVBAsMC0Jyb2tlciBU
-ZXN0MRcwFQYDVQQDDA5sb2NhbGhvc3QtdGVzdDEfMB0GCSqGSIb3DQEJARYQdGVz
-dEBleGFtcGxlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAttnPoWjp
-KXROyGM2yqR7IGVmn4RID5hdCCWiJT1s0cSm3BwY3aMD1m/ZrCZfMu3K6tA+9rrh
-xMjEVCmG4ez4UdTv+xfxRalo2SkA2J6Yiti5/ec8Hjh6m3ch9F8Ju62XsS5KZl0Q
-oOE5D7UrMayq2eflBlO02qobn8114MIc0EkCAwEAATANBgkqhkiG9w0BAQUFAAOB
-gQCNcNqm8mb7K/ys+3LENUB7XccA1gzyb3ylpsqQj5TmGYqT+Z1g7pSw0Pbd94Uc
-x+ihqjRo5Eaz7GqCyS7mnNu5aGBHH3s1ir9hT18R7tm+XwMTQcGoRy986O1BJy+r
-q1Gg0lmgvu+jlYpR4xJHGzd3wK8agi+y9ZSAlfAZ6hJkrw==
+MIICxzCCAjCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEVMBMGA1UECgwMUGFobyBQcm9qZWN0MRAwDgYD
+VQQLDAdUZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBMB4XDTEzMDcyOTE5MjEz
+MFoXDTE4MDcyODE5MjEzMFowdjELMAkGA1UEBhMCR0IxGDAWBgNVBAgMD05vdHRp
+bmdoYW1zaGlyZTETMBEGA1UEBwwKTm90dGluZ2hhbTEPMA0GA1UECgwGU2VydmVy
+MRMwEQYDVQQLDApQcm9kdWN0aW9uMRIwEAYDVQQDDAlsb2NhbGhvc3QwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAL63ZZhe4eBo5xQE5UAt07Tyst1uXJd6W8VP
+ekURmU5WMMbWUCmIwzFtsPGoX/X9zNFSD0BwBMwUDZhFYqj5iAq+IDJTxUj7sOQl
+2yXsDcRqKNyv1y1jmbn0wDJU3L5Nn39nfiq+gi3eNzULDXu4nFX/z6v+YemMv8Qn
+4lYvGnOHAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5T
+U0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBShjJrRKFhoxUZb+sVI
+AZZnVZdlijAfBgNVHSMEGDAWgBQpTW7H8vdxctonnJyr2gcdR5zYQTANBgkqhkiG
+9w0BAQUFAAOBgQB49qE0rCylCh2Cl5cf9QNEp8BN6I1n53FQMDyLd+uBlnhrqzFa
+unscrez9pl1z75ktb59+E6yyYS/kVswo8eR/6qmy8oWHaFJlsEJUhJIv+0XUNuI8
+DkymbYKPcsBmDF+yp3ybvs0ZVV1AJ5kU4s9Zy0tA5Jgt95MUSlDcdZxcnQ==
-----END CERTIFICATE-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIB5jCCAU8CAQAwgaUxCzAJBgNVBAYTAkdCMRcwFQYDVQQIDA5Vbml0ZWQgS2lu
-Z2RvbTEOMAwGA1UEBwwFRGVyYnkxHTAbBgNVBAoMFE1vc3F1aXR0byBUZXN0IFN1
-aXRlMRQwEgYDVQQLDAtCcm9rZXIgVGVzdDEXMBUGA1UEAwwObG9jYWxob3N0LXRl
-c3QxHzAdBgkqhkiG9w0BCQEWEHRlc3RAZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBALbZz6Fo6Sl0TshjNsqkeyBlZp+ESA+YXQgloiU9bNHE
-ptwcGN2jA9Zv2awmXzLtyurQPva64cTIxFQphuHs+FHU7/sX8UWpaNkpANiemIrY
-uf3nPB44ept3IfRfCbutl7EuSmZdEKDhOQ+1KzGsqtnn5QZTtNqqG5/NdeDCHNBJ
-AgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQBDqZNA2bsljTddqvAONJDLXv9R7mTy
-sGHIRlQoV/p8GMywBaOzh1T5H3RdUKBDKN8Kt9nNW8Xfqi9vJGPse4ZBq11FoC+b
-59aFTlh+IXQu0rH9r1E8htjcMdNdzDSFxcD/6cwp1uiFm/2YbYl0iojsKLxbVlaK
-jMIfJi3EpeDyHQ==
------END CERTIFICATE REQUEST-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQC22c+haOkpdE7IYzbKpHsgZWafhEgPmF0IJaIlPWzRxKbcHBjd
-owPWb9msJl8y7crq0D72uuHEyMRUKYbh7PhR1O/7F/FFqWjZKQDYnpiK2Ln95zwe
-OHqbdyH0Xwm7rZexLkpmXRCg4TkPtSsxrKrZ5+UGU7TaqhufzXXgwhzQSQIDAQAB
-AoGAXUSq8SVHUXrfOL3K1ACkQXkXqKRb8YCBa8dudtpnKHTLvBik4mDlczsoZ/RG
-uP6sc6v3gfj/clYKNvfbsmAipRWfHVC157vBlEiBfAoBbNgicF/4dCOSGsDYStOy
-F88l1SvcDWjK6u33gj/SBHDMz6SOam2muXZNZa0brSSW2tUCQQDrQTuTHkf4PgUa
-5a4stlx4bplAEtJGJvXt4k2xXvtZ1UW/G7xMspphQb8n2UB3uQeXXV6cJAmHnmx2
-2ghxje0zAkEAxvmVMb2ZRmeIfiUOSFXPjtKNqJZG8hpQ8i2yDuyq69Hi7L3SQSGN
-V9uPceEdVW+IQEOJg2feXhmlfCNWIFP0kwJBAKy5HzlbsTGEr5DY8zFmzqupYCEX
-8ISLFGMMlUhV2StSl7vBbFXPh+NCN0vViSydkAJFDjKLjuegnDgCytI8htsCQA/N
-gLjrmwHJdUC3hrPeBNcOB+wsy0OtLWKemHaw+z4xdDljNhCwLn6c1H6x51eCvSqF
-cqV6GWIV3VvHnq6AnHsCQBqyU46p0dax4z+5vzbL+zWmi8gdBYvPSY5SpAjsQADQ
-A3PcKi2DFuPjcxdl0qr9aq1qg6VUHy3RLTcmgA8YKWo=
+MIICWwIBAAKBgQC+t2WYXuHgaOcUBOVALdO08rLdblyXelvFT3pFEZlOVjDG1lAp
+iMMxbbDxqF/1/czRUg9AcATMFA2YRWKo+YgKviAyU8VI+7DkJdsl7A3Eaijcr9ct
+Y5m59MAyVNy+TZ9/Z34qvoIt3jc1Cw17uJxV/8+r/mHpjL/EJ+JWLxpzhwIDAQAB
+AoGAW1dC1UM8M1qKsc/WbHKGXreOavccaYA0y79Q9BuFrTsiiVjDc+EIe3fpsxPN
+QeeYXPhMTbRY19US3cb9hahdOtPZc1zKRoloWl995v6X5XufTmgigBRUrRKG6rln
+wok6PYwKQmcG+yVaOjPwiJBx+4gfGjD6qO/fhK2sWWtyneECQQDrUEiaWvQE0uli
+EI34MhO3As0iYyw1qFHVck4bbFS4RT0gnhWYVeabd5mTKx1ztLlr0ykwaCf9FoMG
+U2liyV/VAkEAz3t0v8vZrlpotW9CRzBQ63vYW3+d8m5Hmkvsghrfem52je6MN0oL
+2Y7F3JrJh1bC9ZNgtkBF/mIQgv9jGBoP6wJASKTYRQ6fFn4mHmgN6/lJrM3olh0X
+oNj9qm9HPaAL53c4j8E92XFrZ8NcXdqJlRbNx0PBC3icH727ZVCK0DxqoQJABTRn
+nVgTwdfqwIJl+zsvDHky2Di/UZGKokg9SpY5/OxAdRcC1XA6E98M/5eybn6yrU5h
+IrFCEDuNhnu5lKUyuQJAAiNPFWPkl4XeghyzPDA1lUYMwKPr7oEwELqS8fIq/g4K
+BI10X7qlpioI4I6jA9lwlIdtR+q620UFZRlQts9nug==
-----END RSA PRIVATE KEY-----
--- /dev/null
+V 180728192130Z 01 unknown /C=GB/ST=Nottinghamshire/L=Nottingham/O=Server/OU=Production/CN=localhost
+V 180728192131Z 02 unknown /C=GB/ST=Nottinghamshire/L=Nottingham/O=Server/OU=Production/CN=test client
+V 120821000000Z 03 unknown /C=GB/ST=Nottinghamshire/L=Nottingham/O=Server/OU=Production/CN=test client expired
+R 180728192131Z 130729192131Z 04 unknown /C=GB/ST=Nottinghamshire/L=Nottingham/O=Server/OU=Production/CN=test client revoked
--- /dev/null
+unique_subject = yes
--- /dev/null
+unique_subject = yes
--- /dev/null
+V 180728192130Z 01 unknown /C=GB/ST=Nottinghamshire/L=Nottingham/O=Server/OU=Production/CN=localhost
+V 180728192131Z 02 unknown /C=GB/ST=Nottinghamshire/L=Nottingham/O=Server/OU=Production/CN=test client
+V 120821000000Z 03 unknown /C=GB/ST=Nottinghamshire/L=Nottingham/O=Server/OU=Production/CN=test client expired
+V 180728192131Z 04 unknown /C=GB/ST=Nottinghamshire/L=Nottingham/O=Server/OU=Production/CN=test client revoked
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
+ Validity
+ Not Before: Jul 29 19:21:30 2013 GMT
+ Not After : Jul 28 19:21:30 2018 GMT
+ Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=localhost
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:be:b7:65:98:5e:e1:e0:68:e7:14:04:e5:40:2d:
+ d3:b4:f2:b2:dd:6e:5c:97:7a:5b:c5:4f:7a:45:11:
+ 99:4e:56:30:c6:d6:50:29:88:c3:31:6d:b0:f1:a8:
+ 5f:f5:fd:cc:d1:52:0f:40:70:04:cc:14:0d:98:45:
+ 62:a8:f9:88:0a:be:20:32:53:c5:48:fb:b0:e4:25:
+ db:25:ec:0d:c4:6a:28:dc:af:d7:2d:63:99:b9:f4:
+ c0:32:54:dc:be:4d:9f:7f:67:7e:2a:be:82:2d:de:
+ 37:35:0b:0d:7b:b8:9c:55:ff:cf:ab:fe:61:e9:8c:
+ bf:c4:27:e2:56:2f:1a:73:87
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ A1:8C:9A:D1:28:58:68:C5:46:5B:FA:C5:48:01:96:67:55:97:65:8A
+ X509v3 Authority Key Identifier:
+ keyid:29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 78:f6:a1:34:ac:2c:a5:0a:1d:82:97:97:1f:f5:03:44:a7:c0:
+ 4d:e8:8d:67:e7:71:50:30:3c:8b:77:eb:81:96:78:6b:ab:31:
+ 5a:ba:7b:1c:ad:ec:fd:a6:5d:73:ef:99:2d:6f:9f:7e:13:ac:
+ b2:61:2f:e4:56:cc:28:f1:e4:7f:ea:a9:b2:f2:85:87:68:52:
+ 65:b0:42:54:84:92:2f:fb:45:d4:36:e2:3c:0e:4c:a6:6d:82:
+ 8f:72:c0:66:0c:5f:b2:a7:7c:9b:be:cd:19:55:5d:40:27:99:
+ 14:e2:cf:59:cb:4b:40:e4:98:2d:f7:93:14:4a:50:dc:75:9c:
+ 5c:9d
+-----BEGIN CERTIFICATE-----
+MIICxzCCAjCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEVMBMGA1UECgwMUGFobyBQcm9qZWN0MRAwDgYD
+VQQLDAdUZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBMB4XDTEzMDcyOTE5MjEz
+MFoXDTE4MDcyODE5MjEzMFowdjELMAkGA1UEBhMCR0IxGDAWBgNVBAgMD05vdHRp
+bmdoYW1zaGlyZTETMBEGA1UEBwwKTm90dGluZ2hhbTEPMA0GA1UECgwGU2VydmVy
+MRMwEQYDVQQLDApQcm9kdWN0aW9uMRIwEAYDVQQDDAlsb2NhbGhvc3QwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAL63ZZhe4eBo5xQE5UAt07Tyst1uXJd6W8VP
+ekURmU5WMMbWUCmIwzFtsPGoX/X9zNFSD0BwBMwUDZhFYqj5iAq+IDJTxUj7sOQl
+2yXsDcRqKNyv1y1jmbn0wDJU3L5Nn39nfiq+gi3eNzULDXu4nFX/z6v+YemMv8Qn
+4lYvGnOHAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5T
+U0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBShjJrRKFhoxUZb+sVI
+AZZnVZdlijAfBgNVHSMEGDAWgBQpTW7H8vdxctonnJyr2gcdR5zYQTANBgkqhkiG
+9w0BAQUFAAOBgQB49qE0rCylCh2Cl5cf9QNEp8BN6I1n53FQMDyLd+uBlnhrqzFa
+unscrez9pl1z75ktb59+E6yyYS/kVswo8eR/6qmy8oWHaFJlsEJUhJIv+0XUNuI8
+DkymbYKPcsBmDF+yp3ybvs0ZVV1AJ5kU4s9Zy0tA5Jgt95MUSlDcdZxcnQ==
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 2 (0x2)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
+ Validity
+ Not Before: Jul 29 19:21:31 2013 GMT
+ Not After : Jul 28 19:21:31 2018 GMT
+ Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=test client
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:dc:17:82:af:47:dc:71:77:73:c3:69:11:4b:ff:
+ 27:0e:29:4b:e6:6f:11:78:e4:56:88:c9:34:13:12:
+ e1:82:ec:24:fe:65:c8:9d:bb:05:54:20:d0:b4:31:
+ b9:4b:87:f8:4d:e5:c1:ba:99:f8:a2:cc:ff:8e:89:
+ f2:7a:68:2f:53:42:4d:73:19:5e:ca:7e:b2:fe:3b:
+ f7:d1:bc:e8:24:fa:77:47:ee:a4:89:cf:d1:dc:e9:
+ 99:3f:da:0e:d0:1e:c6:40:d2:60:ee:38:83:4e:a4:
+ dd:46:a3:6a:ac:c9:61:af:d5:23:9d:23:14:b5:31:
+ d5:ca:66:7a:30:3f:c2:ce:59
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ 17:CD:6D:67:FB:7D:77:59:0F:6C:F1:9B:0E:B0:EB:AE:BE:E0:9D:47
+ X509v3 Authority Key Identifier:
+ keyid:29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
+
+ Signature Algorithm: sha1WithRSAEncryption
+ b4:11:e8:8a:f5:21:d1:88:22:9e:f3:05:e6:47:c9:9d:87:10:
+ 09:a1:9c:f1:38:5b:a0:5a:b4:f5:fd:8d:cf:ae:01:7d:b4:a8:
+ 3c:dd:ed:17:b3:02:56:5b:4a:e6:17:58:8f:46:d4:02:97:95:
+ 0b:00:0e:b4:77:3e:ad:f0:ce:06:25:38:2d:ff:df:a4:0e:3b:
+ 83:73:f7:a3:da:c1:a1:24:68:a2:18:71:81:4e:3b:26:5a:e2:
+ 10:9a:27:95:85:a8:3c:47:3a:60:49:21:2f:12:90:fc:4a:f0:
+ 71:4d:bc:19:2a:06:07:f4:35:d9:8d:1d:b2:85:93:61:17:45:
+ 26:9a
+-----BEGIN CERTIFICATE-----
+MIICyTCCAjKgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEVMBMGA1UECgwMUGFobyBQcm9qZWN0MRAwDgYD
+VQQLDAdUZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBMB4XDTEzMDcyOTE5MjEz
+MVoXDTE4MDcyODE5MjEzMVoweDELMAkGA1UEBhMCR0IxGDAWBgNVBAgMD05vdHRp
+bmdoYW1zaGlyZTETMBEGA1UEBwwKTm90dGluZ2hhbTEPMA0GA1UECgwGU2VydmVy
+MRMwEQYDVQQLDApQcm9kdWN0aW9uMRQwEgYDVQQDDAt0ZXN0IGNsaWVudDCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3BeCr0fccXdzw2kRS/8nDilL5m8ReORW
+iMk0ExLhguwk/mXInbsFVCDQtDG5S4f4TeXBupn4osz/jonyemgvU0JNcxleyn6y
+/jv30bzoJPp3R+6kic/R3OmZP9oO0B7GQNJg7jiDTqTdRqNqrMlhr9UjnSMUtTHV
+ymZ6MD/CzlkCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl
+blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFBfNbWf7fXdZD2zx
+mw6w666+4J1HMB8GA1UdIwQYMBaAFClNbsfy93Fy2iecnKvaBx1HnNhBMA0GCSqG
+SIb3DQEBBQUAA4GBALQR6Ir1IdGIIp7zBeZHyZ2HEAmhnPE4W6BatPX9jc+uAX20
+qDzd7RezAlZbSuYXWI9G1AKXlQsADrR3Pq3wzgYlOC3/36QOO4Nz96PawaEkaKIY
+cYFOOyZa4hCaJ5WFqDxHOmBJIS8SkPxK8HFNvBkqBgf0NdmNHbKFk2EXRSaa
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 3 (0x3)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
+ Validity
+ Not Before: Aug 20 00:00:00 2012 GMT
+ Not After : Aug 21 00:00:00 2012 GMT
+ Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=test client expired
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:dc:17:82:af:47:dc:71:77:73:c3:69:11:4b:ff:
+ 27:0e:29:4b:e6:6f:11:78:e4:56:88:c9:34:13:12:
+ e1:82:ec:24:fe:65:c8:9d:bb:05:54:20:d0:b4:31:
+ b9:4b:87:f8:4d:e5:c1:ba:99:f8:a2:cc:ff:8e:89:
+ f2:7a:68:2f:53:42:4d:73:19:5e:ca:7e:b2:fe:3b:
+ f7:d1:bc:e8:24:fa:77:47:ee:a4:89:cf:d1:dc:e9:
+ 99:3f:da:0e:d0:1e:c6:40:d2:60:ee:38:83:4e:a4:
+ dd:46:a3:6a:ac:c9:61:af:d5:23:9d:23:14:b5:31:
+ d5:ca:66:7a:30:3f:c2:ce:59
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ 17:CD:6D:67:FB:7D:77:59:0F:6C:F1:9B:0E:B0:EB:AE:BE:E0:9D:47
+ X509v3 Authority Key Identifier:
+ keyid:29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 7f:c3:be:e2:5b:d5:68:27:a6:ea:5a:9d:13:f1:21:47:56:7e:
+ 19:1e:35:47:2c:35:ff:df:81:71:9a:89:04:d0:f1:e6:49:ee:
+ c7:2a:a7:5d:2e:f2:19:18:77:f3:fe:c8:21:87:28:51:d5:1a:
+ 1b:7d:d3:36:58:42:39:df:7b:c8:41:a5:71:1f:56:6c:67:c5:
+ ee:07:45:ad:1a:91:ed:89:ce:ee:8e:48:cd:32:8e:a4:6a:ae:
+ 55:bb:3d:c0:77:e7:7a:e3:9d:25:d0:5c:03:6c:be:25:16:67:
+ 0f:d5:e3:c9:7a:c3:66:8d:8b:09:bf:e5:3d:b7:31:d6:80:d6:
+ fd:c7
+-----BEGIN CERTIFICATE-----
+MIIC0jCCAjugAwIBAgIBAzANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEVMBMGA1UECgwMUGFobyBQcm9qZWN0MRAwDgYD
+VQQLDAdUZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBMB4XDTEyMDgyMDAwMDAw
+MFoXDTEyMDgyMTAwMDAwMFowgYAxCzAJBgNVBAYTAkdCMRgwFgYDVQQIDA9Ob3R0
+aW5naGFtc2hpcmUxEzARBgNVBAcMCk5vdHRpbmdoYW0xDzANBgNVBAoMBlNlcnZl
+cjETMBEGA1UECwwKUHJvZHVjdGlvbjEcMBoGA1UEAwwTdGVzdCBjbGllbnQgZXhw
+aXJlZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3BeCr0fccXdzw2kRS/8n
+DilL5m8ReORWiMk0ExLhguwk/mXInbsFVCDQtDG5S4f4TeXBupn4osz/jonyemgv
+U0JNcxleyn6y/jv30bzoJPp3R+6kic/R3OmZP9oO0B7GQNJg7jiDTqTdRqNqrMlh
+r9UjnSMUtTHVymZ6MD/CzlkCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC
+AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFBfN
+bWf7fXdZD2zxmw6w666+4J1HMB8GA1UdIwQYMBaAFClNbsfy93Fy2iecnKvaBx1H
+nNhBMA0GCSqGSIb3DQEBBQUAA4GBAH/DvuJb1WgnpupanRPxIUdWfhkeNUcsNf/f
+gXGaiQTQ8eZJ7scqp10u8hkYd/P+yCGHKFHVGht90zZYQjnfe8hBpXEfVmxnxe4H
+Ra0ake2Jzu6OSM0yjqRqrlW7PcB353rjnSXQXANsviUWZw/V48l6w2aNiwm/5T23
+MdaA1v3H
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 4 (0x4)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
+ Validity
+ Not Before: Jul 29 19:21:31 2013 GMT
+ Not After : Jul 28 19:21:31 2018 GMT
+ Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=test client revoked
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:bb:3b:8f:80:95:a8:32:56:ed:b9:c0:79:7f:36:
+ ef:33:39:1b:b1:c3:1c:0b:51:1b:0a:d4:04:ee:39:
+ 94:ab:fe:bb:d5:c9:72:be:e0:4c:f4:17:17:fe:a4:
+ e1:f1:69:2c:67:89:63:e7:0f:84:db:6c:bb:12:fb:
+ 29:4f:63:11:da:cc:22:85:c4:e8:bf:01:ea:3b:43:
+ b5:32:48:85:39:74:e5:0d:79:f1:12:19:01:b3:48:
+ bc:be:aa:9a:74:95:bb:d1:a6:78:51:cc:5b:0f:bc:
+ af:78:01:7b:42:36:43:41:49:7a:25:24:7e:1c:17:
+ 3a:4e:bb:a2:e9:65:3c:86:87
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ D8:E8:12:3D:B4:66:6A:1C:DC:F7:14:0D:55:0D:9D:81:A7:1C:52:35
+ X509v3 Authority Key Identifier:
+ keyid:29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 07:18:d5:41:31:1b:85:fe:ab:e9:f5:48:c1:c6:38:e1:28:28:
+ 90:66:10:8c:d7:ef:15:b7:da:89:5e:78:7d:dc:e5:45:e6:2a:
+ df:1f:3d:80:5f:0c:87:c8:5c:7e:bd:5b:1c:e3:a0:e2:ab:ee:
+ e7:8b:82:ec:94:2a:c4:1e:62:fd:4f:f7:ce:78:8f:a5:5a:96:
+ a7:76:3b:f5:37:73:1f:a0:d7:f0:6f:c5:d6:42:6a:bd:51:2d:
+ f1:4c:1b:3e:63:51:3f:47:7f:88:a7:16:de:c7:c0:3c:96:78:
+ a7:76:17:b9:48:85:83:18:bf:9d:b6:14:fa:1e:63:f9:86:2c:
+ 8a:b1
+-----BEGIN CERTIFICATE-----
+MIIC0jCCAjugAwIBAgIBBDANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEVMBMGA1UECgwMUGFobyBQcm9qZWN0MRAwDgYD
+VQQLDAdUZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBMB4XDTEzMDcyOTE5MjEz
+MVoXDTE4MDcyODE5MjEzMVowgYAxCzAJBgNVBAYTAkdCMRgwFgYDVQQIDA9Ob3R0
+aW5naGFtc2hpcmUxEzARBgNVBAcMCk5vdHRpbmdoYW0xDzANBgNVBAoMBlNlcnZl
+cjETMBEGA1UECwwKUHJvZHVjdGlvbjEcMBoGA1UEAwwTdGVzdCBjbGllbnQgcmV2
+b2tlZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuzuPgJWoMlbtucB5fzbv
+MzkbscMcC1EbCtQE7jmUq/671clyvuBM9BcX/qTh8WksZ4lj5w+E22y7EvspT2MR
+2swihcTovwHqO0O1MkiFOXTlDXnxEhkBs0i8vqqadJW70aZ4UcxbD7yveAF7QjZD
+QUl6JSR+HBc6Trui6WU8hocCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC
+AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNjo
+Ej20Zmoc3PcUDVUNnYGnHFI1MB8GA1UdIwQYMBaAFClNbsfy93Fy2iecnKvaBx1H
+nNhBMA0GCSqGSIb3DQEBBQUAA4GBAAcY1UExG4X+q+n1SMHGOOEoKJBmEIzX7xW3
+2oleeH3c5UXmKt8fPYBfDIfIXH69WxzjoOKr7ueLguyUKsQeYv1P9854j6Valqd2
+O/U3cx+g1/BvxdZCar1RLfFMGz5jUT9Hf4inFt7HwDyWeKd2F7lIhYMYv522FPoe
+Y/mGLIqx
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 2 (0x2)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, L=Derby, O=Paho Project, OU=Testing, CN=Root CA
+ Validity
+ Not Before: Jul 29 19:21:30 2013 GMT
+ Not After : Jul 28 19:21:30 2018 GMT
+ Subject: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Alternative Signing CA
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:d3:16:c8:c3:0c:90:e5:68:3d:11:13:a7:8e:fb:
+ 11:c5:de:aa:3f:4d:ac:95:4f:c4:c2:60:8a:df:95:
+ b5:db:75:04:76:42:19:5f:d9:63:0e:e4:c0:8e:db:
+ a5:5f:21:ec:f3:3d:a0:c1:82:8b:61:b4:1a:5b:3c:
+ 9e:42:bd:5f:5b:b4:a8:00:8d:e1:bf:99:93:c8:45:
+ 1f:6d:29:ab:67:f0:35:9c:48:0b:a0:a2:18:32:70:
+ 35:5e:ea:fe:1f:33:ab:b5:85:ef:1d:2a:a9:75:60:
+ 38:ed:3a:33:be:5d:40:89:cb:0b:b3:25:e8:e7:bc:
+ 13:6b:62:28:1d:a7:9c:aa:99
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 3A:70:4C:5D:76:C6:B4:CF:E7:BC:4B:F4:CE:C6:B8:46:C2:95:41:9B
+ X509v3 Authority Key Identifier:
+ keyid:4A:2B:69:D6:31:1D:A3:68:E8:46:6F:FB:4B:F3:8E:B6:8D:51:0E:BF
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 2f:74:dd:ef:da:03:cf:14:78:ae:6f:0d:04:29:75:db:c5:a2:
+ c0:fd:1e:46:bf:3c:25:3c:03:3b:a6:f4:f1:3a:89:54:83:e9:
+ 3a:0f:d7:81:9a:8d:7f:2d:6b:b1:ca:17:7f:ef:93:18:c4:68:
+ b8:b2:1d:d2:9c:d9:9f:66:9d:18:25:18:b4:4f:72:bf:24:c5:
+ 0c:2d:fc:cf:ad:c8:ff:25:f1:36:12:72:b4:46:e1:c9:17:19:
+ c5:1e:f5:26:8a:ae:33:5f:69:16:6f:62:ce:fc:ba:c3:a3:c5:
+ 50:a3:a5:42:a9:02:6a:25:77:90:3e:e3:b7:e5:ac:7f:3f:bb:
+ 1c:17
+-----BEGIN CERTIFICATE-----
+MIICnzCCAgigAwIBAgIBAjANBgkqhkiG9w0BAQUFADBtMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEOMAwGA1UEBwwFRGVyYnkxFTATBgNVBAoMDFBh
+aG8gUHJvamVjdDEQMA4GA1UECwwHVGVzdGluZzEQMA4GA1UEAwwHUm9vdCBDQTAe
+Fw0xMzA3MjkxOTIxMzBaFw0xODA3MjgxOTIxMzBaMGwxCzAJBgNVBAYTAkdCMRMw
+EQYDVQQIDApEZXJieXNoaXJlMRUwEwYDVQQKDAxQYWhvIFByb2plY3QxEDAOBgNV
+BAsMB1Rlc3RpbmcxHzAdBgNVBAMMFkFsdGVybmF0aXZlIFNpZ25pbmcgQ0EwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANMWyMMMkOVoPRETp477EcXeqj9NrJVP
+xMJgit+Vtdt1BHZCGV/ZYw7kwI7bpV8h7PM9oMGCi2G0Gls8nkK9X1u0qACN4b+Z
+k8hFH20pq2fwNZxIC6CiGDJwNV7q/h8zq7WF7x0qqXVgOO06M75dQInLC7Ml6Oe8
+E2tiKB2nnKqZAgMBAAGjUDBOMB0GA1UdDgQWBBQ6cExddsa0z+e8S/TOxrhGwpVB
+mzAfBgNVHSMEGDAWgBRKK2nWMR2jaOhGb/tL8462jVEOvzAMBgNVHRMEBTADAQH/
+MA0GCSqGSIb3DQEBBQUAA4GBAC903e/aA88UeK5vDQQpddvFosD9Hka/PCU8Azum
+9PE6iVSD6ToP14GajX8ta7HKF3/vkxjEaLiyHdKc2Z9mnRglGLRPcr8kxQwt/M+t
+yP8l8TYScrRG4ckXGcUe9SaKrjNfaRZvYs78usOjxVCjpUKpAmold5A+47flrH8/
+uxwX
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDTFsjDDJDlaD0RE6eO+xHF3qo/TayVT8TCYIrflbXbdQR2Qhlf
+2WMO5MCO26VfIezzPaDBgothtBpbPJ5CvV9btKgAjeG/mZPIRR9tKatn8DWcSAug
+ohgycDVe6v4fM6u1he8dKql1YDjtOjO+XUCJywuzJejnvBNrYigdp5yqmQIDAQAB
+AoGAFaQtWwnrxQlF0X1hXWBSNyYX8DuHaRtvgboiIsAXj/NUTMeEEHaaGEnNkBfm
+wXUZ9OoplA1NOuwbE6WIWDFQGEgma/yLBdy4HYxQpAbJ1qnR7DyoxQ8NHPhBH+cW
+GI92g7NqDEphdoHrWYy5YZYCFVr3pTHXbxlBn/VTLBsQnIECQQDr9BcQxEnPfi6e
+Kk8cenA/54tGl7Ewpklb8XBrQrm/djfOAFt+CTMexerBv7BnfgriAg5wtlHtTkpK
+BLLULE3pAkEA5QXmZ2WvGl0kvgBYGdiOZAruMobOVxxVxF05gvh8Sw6fNj8pI9pn
+sbzyFZWIjcuDBfTLx+GVvkhqtQhs6ZYZMQJBAOSfjR3c45veKrNsUV1Jsavp4cST
+xMdbyCcDaSc07x/6HxZGuGAF7/d4VABJiVauBUN6NJ23uuhR/J99r/zvtMkCQCQe
+qhfkkZk213Sf2UU6QjrE/ow5dpGGhoBRs6BUUEYGKFYF4BcnevMtOYDt9HtofWGT
+GhCMI3G/OhUTHxo38gECQG0nSN+QQ4tddHcktz1rnfwbnmTuNloZLC4ahR67lz75
+uP42Ct0dXPjzakzDCGI2CgNk5QGk/IUO6fq4mYVxqRI=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICsDCCAhmgAwIBAgIJANKB0fFTAhRpMA0GCSqGSIb3DQEBBQUAMHExCzAJBgNV
+BAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYDVQQHDAVEZXJieTEVMBMG
+A1UECgwMUGFobyBQcm9qZWN0MRAwDgYDVQQLDAdUZXN0aW5nMRQwEgYDVQQDDAtC
+YWQgUm9vdCBDQTAeFw0xMzA3MjkxOTIxMjlaFw0yMzA3MjcxOTIxMjlaMHExCzAJ
+BgNVBAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYDVQQHDAVEZXJieTEV
+MBMGA1UECgwMUGFobyBQcm9qZWN0MRAwDgYDVQQLDAdUZXN0aW5nMRQwEgYDVQQD
+DAtCYWQgUm9vdCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6+nf2D7S
+IP42qMVmfAEpKZw22qF0mLVjjL22bWVHwwE1CS5euzD/gBM7i0u7hvFgbvI13Yq4
+Du2ebfjv3n4TAIIQg+UOAY5NbzfUG0A+50J6tPpNtnTij3KXskhQRAlvjDSd3TlU
+UiONY2HMwaU56ktqXZzZE7prU0RICZ+DK8cCAwEAAaNQME4wHQYDVR0OBBYEFH/5
+0qkqiFd2x/lspeK61TO4PGF1MB8GA1UdIwQYMBaAFH/50qkqiFd2x/lspeK61TO4
+PGF1MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEARtsgIzT+IVRJHYT1
+wP7C2PuXxbRXFG8a0qqGaA0f4SuICq7NvC3bF5l9zDh4yMvftj8keTiOIa3+alw3
+ucdTz25Jaq/ZER/c68cklMPqcgdwcb/RbxpY5t3PittU2J5wAn/MmFfRiqbsxhgW
+hkYbAtnqBXzJ8HdN/HmIyFW7+q4=
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDr6d/YPtIg/jaoxWZ8ASkpnDbaoXSYtWOMvbZtZUfDATUJLl67
+MP+AEzuLS7uG8WBu8jXdirgO7Z5t+O/efhMAghCD5Q4Bjk1vN9QbQD7nQnq0+k22
+dOKPcpeySFBECW+MNJ3dOVRSI41jYczBpTnqS2pdnNkTumtTREgJn4MrxwIDAQAB
+AoGBAJk4o/bqDkX5dfy1gPOHOXnaCNKEzJqmLMrrKIHypuIjdZPJ9yLzFu7TDvhQ
+rrJdMTm9vHhwMU0Yza41YW2LSsDpeCI0RkpMxG+Aqaxz+kRYPzwDFFI6YAX0NWpS
+O9iie9+sDp0MfOwPlDwtY9T7OegrPH/ngtxWxFp7R0YxVLQJAkEA+Or0TgAklxy/
+2LQV27OPFXc0ejYf67hLNdOC66PhTCO18avjEpDEeA00vF5DkqT+VXJVz2XyXX97
++cCAf3sYhQJBAPKgM3pmHrhMxr+qgyqiTiKD42kASWLDGEDP0EP4tVaZNdwWH2XG
+tSanhf6eOdoHlq0+3c3tIDwJZ+uCr21ACtsCQAiUeLVTle9Lg2Vh17sJ9m2j/UAV
+K4aBhL4nO0UKEhMAzB23cg1KxirpMZ8olKWyYD3rwf9zISaN5WUXeJZsVM0CQQC5
+GEhNb0yuUzwoil+ojcvH/w/lUeeqZaXCBAghYsKMvzNcpK/tSAt44sKRfYoq8DEe
+F+DEscsuogpanAdS9FGTAkAt8POChqwkCSjXQ9TlPQhdL4bRcENBQz6xp9TEOYT+
+M+FFifLj/ke8sRWXjrar1k45u8VWJJmd/0gmsUSiWoaS
+-----END RSA PRIVATE KEY-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDHjCCAoegAwIBAgIJAK2kGB3tYrLVMA0GCSqGSIb3DQEBBQUAMIGnMQswCQYD
-VQQGEwJHQjEXMBUGA1UECAwOVW5pdGVkIEtpbmdkb20xDjAMBgNVBAcMBURlcmJ5
-MR0wGwYDVQQKDBRNb3NxdWl0dG8gVGVzdCBTdWl0ZTEXMBUGA1UECwwOQWx0ZXJu
-YXRpdmUgQ0ExFDASBgNVBAMMC3Rlc3QtY2EtYWx0MSEwHwYJKoZIhvcNAQkBFhJj
-YS1hbHRAZXhhbXBsZS5jb20wHhcNMTIwNzAzMTQ1MDI3WhcNMzkxMTE5MTQ1MDI3
-WjCBpzELMAkGA1UEBhMCR0IxFzAVBgNVBAgMDlVuaXRlZCBLaW5nZG9tMQ4wDAYD
-VQQHDAVEZXJieTEdMBsGA1UECgwUTW9zcXVpdHRvIFRlc3QgU3VpdGUxFzAVBgNV
-BAsMDkFsdGVybmF0aXZlIENBMRQwEgYDVQQDDAt0ZXN0LWNhLWFsdDEhMB8GCSqG
-SIb3DQEJARYSY2EtYWx0QGV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN
-ADCBiQKBgQDxlFX2Ihc2Uk0ksPe0EJoULBKfr3b5LEuTEqocnypXZ52i61sx8DPd
-HM1EBjlxSrUGxPR0mVoL7d/i9kgEs+4seeNeXn27Vot4Wd+jPTyaHbziLUG1L/nZ
-112hWfAfqTU6MUFAkv5BNCoHZZKXLybP4tBXgHpwrVzXa9f3hUGfMwIDAQABo1Aw
-TjAdBgNVHQ4EFgQUZik8IjLHGc/taXUD60zLp4TA3gkwHwYDVR0jBBgwFoAUZik8
-IjLHGc/taXUD60zLp4TA3gkwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOB
-gQAomJg4uKFY3Bi5+k+63O/Ze0SaV9gsgO9GWwb1Jjyi3ZyFTzCGWr3XsD9DsOyT
-gHwAzUgDFIyYVXc3kgBBg54wjEA8A7yQ++HIsutEIR3XykbBfU2oS0VbPKejsPrS
-4zuGt3nQdYrKI2iD207HG6XiO0VfUTro6BGuazvsfE9jGg==
------END CERTIFICATE-----
+++ /dev/null
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQImtEogQ274ucCAggA
-MBQGCCqGSIb3DQMHBAgmCV4tCw6jVwSCAoA7cj6maNe06C2LjYbSgRMr4s2DIini
-2E1KqqRnrz1Ie3U9a4OzmToGuwDqnYR1uK6ImWHwzFZxXkIfsmJUra2BEnSj7W1N
-qGPiQwsBD6L93YyejwoTRFMkkFw6pgdg64eyIstNxYMiiJ9cB+6dc4Z+kY4Ik7Fg
-4xR1+PTHVbNpHeM2ApUHuaoOyaMijzdhwwMbUegVdnsrjb6kgM/5EoIsrxvpax4E
-JSIk+DpdQ8jspwC6n6RNfYhOJdk6ECSi6Wszz1vfLb76YkSFvSsucxYFK7iH6vW2
-llrW/GqfA1+KQwUbD7RULSne+TIWqkk+Z3u/gpDsDe6qf17b3DLcJFGqRdUZXZ9G
-lJfGiWYBro3m/z8gELAfKqVf5BbRYdfAqXdNRHqQkC/VvwsqGknRO0XIawzHxZLA
-OajqAZ4MX2lG/GGYGv51bpnB6B7gdT4LcXtJAUUfezBiu+aw0cFxx3Mox+gPQgKy
-YimuMLPTVaayFfe963odDwVUTcmh48dIvfvfHonvJA8n6pdF3dl+F4FcJ3yTUdBf
-LivlIuXtbobm2ANR4aBrISP47tug11XKs92nGBv5fgvmALr8qjbMLd4naKjA3HR6
-g36cRAu5XBSqN8UNpNyw1lQrQMsNHlFtHhvD5pdh5KuXf9KJrVt6PVUuXCzOb4fW
-EvcSSNR2xIJeRkPwdgAIasnnThyCWQPxm+SoYvogNuRMuy/T2k4Y+RtofJ12KfPr
-mI7M6x2/TPuSbu9Vnee7Xt67JyCLAv1RLXrzqIIJlHrS4hw7Oza11CBCDbYVT3UE
-8Wf1a+L4dF6TSp4NGY6KXaISjvjGGCyueVwH8/YrxnfMk80HvVLNlS3g
------END ENCRYPTED PRIVATE KEY-----
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDEDCCAnmgAwIBAgIJALKg/M/sjw95MA0GCSqGSIb3DQEBBQUAMIGgMQswCQYD
-VQQGEwJHQjEXMBUGA1UECAwOVW5pdGVkIEtpbmdkb20xDjAMBgNVBAcMBURlcmJ5
-MR0wGwYDVQQKDBRNb3NxdWl0dG8gVGVzdCBTdWl0ZTEPMA0GA1UECwwGQnJva2Vy
-MRcwFQYDVQQDDA5icm9rZXItdGVzdC1jYTEfMB0GCSqGSIb3DQEJARYQdGVzdEBl
-eGFtcGxlLmNvbTAeFw0xMjA3MDMxMTMwMDdaFw0zOTExMTkxMTMwMDdaMIGgMQsw
-CQYDVQQGEwJHQjEXMBUGA1UECAwOVW5pdGVkIEtpbmdkb20xDjAMBgNVBAcMBURl
-cmJ5MR0wGwYDVQQKDBRNb3NxdWl0dG8gVGVzdCBTdWl0ZTEPMA0GA1UECwwGQnJv
-a2VyMRcwFQYDVQQDDA5icm9rZXItdGVzdC1jYTEfMB0GCSqGSIb3DQEJARYQdGVz
-dEBleGFtcGxlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxdqM/gN/
-nRuHdvjKQ3nOIHzblSQRmnU17AvusuucKaEAaIBJO05pUryoUfAPhb/QtPbiqGQ+
-VZN5n2Di4MxgYTdQ9SAjJKv/v6TNm23IjlYgt5XnXbvZhGid/FrTjsldPVEKKKM/
-DTPx24o3coE2KxDOjnfGsR20LPnmEp7icBkCAwEAAaNQME4wHQYDVR0OBBYEFO2l
-nlq5L/AmkNaZ0s7OqJr1KoUtMB8GA1UdIwQYMBaAFO2lnlq5L/AmkNaZ0s7OqJr1
-KoUtMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAEaeNG4qmUrJtQqR6
-Kq8rIYBfYpkhlWTgo/uOxo8OgAjwhrYja7SBiSDOk7dk+OPdvMxxLIalzb+4IaoH
-IMoFBsCuJApFBEkaxE4W6AZA7wjtwq5t3HbRtRD44soBtoeHhPILFfKuWpYVM4Vg
-esxJKdf10bGX48nXFREBcSg6ce4=
------END CERTIFICATE-----
+++ /dev/null
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI9H1Lfg1rh7wCAggA
-MBQGCCqGSIb3DQMHBAi1Lzw2lwTCCgSCAoAJV4++qH5sbnxx4yOO2OYOn8ceZePP
-xjfFHgG3D6AxrQtNnzIqk/WTeSOJKPn3jt5AZmpr///t2cEb45KZFPJff/CzXtfM
-jxhbklkTZLBv+4S7Z/Me0Z14eJdjk2uGDnV2dJdCOB7U+Ig06dfyliHktC/CIqiH
-5v9qsGog9Dv1oauN6HGcWjIz/fXI3THBRlynNo4tv1BOaoxDXTYenHgo2v4CXmsQ
-chOQX6u/RDDpht9Dm45IFQKcHfHbHIpB9s0iXXm+9kbDAdxIRfNV2EywK53Xm3D8
-u0iynbmAlUh30d0n+0sLEbITrs6BTS+/eCvRUnPqerYTVBOpGb+o4GiVLm3LsogH
-3nuh//JlRDD894rHLqQQ4uzXHvn1fVFNe+th8kjiIVEr6NevIIBPvTnPrxSFco4k
-CHmOMmm+hhp2B2sZa2IFfIKJ64DrmiT5mezG4aMRjkB2PK0MNDctoYdhQYmB01VR
-1P0r5svnt39tNep6jQhydiMOXhyhX2AVfbTBG9izoi0Sn2eQ0tYtlT+oQzw7yxK2
-7MOo7PTemlvIsCVgyL1+OkVSBn+n0nHEgRd+DNsu1gsmetUpENfYtqjqnKD6FDLN
-gOPJ3Eoj7XIo5qTrKbJd2EQNlzMFCMikfWHcijRLioEhS9tx8PHppdP7MSinXAYc
-IsWN1+4lIHj8jsnEWDp3UWy6FkLFsy5iOayWsC1PjJqo4yVdsYJ/Ef34g5IBBB1x
-AC7Orq6ZGWoV4jFXkzFj/FhOpf9G6wpQ30qiW/wnVUT09Nr45vsOqcLChLxUO7s7
-VQk9XcDNhUJQB9uVUgF+Z536CG6U9K9fZSqK72iN/1t+dhQn/eZbrwLL
------END ENCRYPTED PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICqDCCAhGgAwIBAgIJALWM56dkMt5jMA0GCSqGSIb3DQEBBQUAMG0xCzAJBgNV
+BAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYDVQQHDAVEZXJieTEVMBMG
+A1UECgwMUGFobyBQcm9qZWN0MRAwDgYDVQQLDAdUZXN0aW5nMRAwDgYDVQQDDAdS
+b290IENBMB4XDTEzMDcyOTE5MjEzMFoXDTIzMDcyNzE5MjEzMFowbTELMAkGA1UE
+BhMCR0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUxDjAMBgNVBAcMBURlcmJ5MRUwEwYD
+VQQKDAxQYWhvIFByb2plY3QxEDAOBgNVBAsMB1Rlc3RpbmcxEDAOBgNVBAMMB1Jv
+b3QgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOpNNgRF6qhcGxndkPFE
+1uZVQZ2x9GV3UlARuTnG89MX+6W+fXQ0gfdcbKs1/puhFqvrcqrWmoIgRtM/lZR/
+YDs5EXfpb13V5pDDn8X7AD2+poUb9eHxcB6fKuRbyt1PsS42umwUlpIDtK6p6H8/
+ZfxSiOE73kyY6CUvJfTC4WHrAgMBAAGjUDBOMB0GA1UdDgQWBBSXmasVth7iUHhF
+8MDaBnSIGBV4qzAfBgNVHSMEGDAWgBSXmasVth7iUHhF8MDaBnSIGBV4qzAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBANAYCcz14fk3Y+9CBMm/kitCWAkI
+Ia54KL0A8ynqrLHssO3Ilq+wb10vSNLxhsdws3zNAfXteFxOvGm24Yu+8oTBQ26K
+QfTp/cH9yoF97ONMxg7rqANOJeYv0BeJdDcgjCMgmql5ETEz2cf9tTWBUAtd1ZZC
+YPS5aiNsetk+XuS9
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDqTTYEReqoXBsZ3ZDxRNbmVUGdsfRld1JQEbk5xvPTF/ulvn10
+NIH3XGyrNf6boRar63Kq1pqCIEbTP5WUf2A7ORF36W9d1eaQw5/F+wA9vqaFG/Xh
+8XAenyrkW8rdT7EuNrpsFJaSA7Suqeh/P2X8UojhO95MmOglLyX0wuFh6wIDAQAB
+AoGBAMhOUgu9Kivc8l5eiXd6fq5T3NDQPjwwknJZdJzsda7WJhFAlUgvS50Jqu2E
+L7MlOJippVJgPZ9ZsLMQ/PQDIWRdLg2K9VLS4nPl3p7LzHoDmqDnMLPo9fUGBile
+EnWwSSCWrz8ATyDO1ct5oJmK/S9QRxdvtw+6SbmorhnzypihAkEA+9LNpjnpuOWf
+iF0TGWKhK53WPtiCBnuisXGZEZws9mzFGlfdR98sBDyekl7oHOb+JI0SDpPl3PBE
+hZXcF7VPtQJBAO4wA1sxXqfYUazt6SInUTzpaNZ9xPrK0p1PgxZLxJrZV6hZByvW
+FGb+cKGnOHIYq4tnCg0cyRe1xX4MJU6wrx8CQGRtNUZNYkAykuS2+Z7uDohucbqu
+bWxYchGB1CGJvwSnbBONZtn6znsCEdsdrkOYe1HoUIMvyEPMLgd4NEXgMOECQF+u
+y/pbR9IXVSAp5oiA0OKuRR49Id85kQf+xAM15sHp44vOT9ItSr7hIa/etA8pl+gF
+OYVw9dtfevmauXX2BjMCQQCrse1jUAp3xmsXwb1JieclSh/C/FcGeo6DYpIcm9bK
+RiVCmpzy3hOqYW137l5WvpUwZmN2wPvaKCacF/t75EiG
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICqDCCAhGgAwIBAgIJAKrzwmdXIUxsMA0GCSqGSIb3DQEBBQUAMG0xCzAJBgNV
+BAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYDVQQHDAVEZXJieTEVMBMG
+A1UECgwMUGFobyBQcm9qZWN0MRAwDgYDVQQLDAdUZXN0aW5nMRAwDgYDVQQDDAdS
+b290IENBMB4XDTEzMDcyOTE5MjEyOVoXDTIzMDcyNzE5MjEyOVowbTELMAkGA1UE
+BhMCR0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUxDjAMBgNVBAcMBURlcmJ5MRUwEwYD
+VQQKDAxQYWhvIFByb2plY3QxEDAOBgNVBAsMB1Rlc3RpbmcxEDAOBgNVBAMMB1Jv
+b3QgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKbPzEEWCKsjjwjJ787u
+Q32k5EdqoDddMEjSVbZNSNEwUew1L7O8NTbmtCEeVFQjOLAdmdiF3rQbXHV+Zew0
+jt2g4vtPpl1GOG6jA/6YznKAyQdvGCdYfGZUN2tN+mbtVxWqkHZitQDQGaSHnx24
+NX649La2uyFy+7l9o8++xPONAgMBAAGjUDBOMB0GA1UdDgQWBBRKK2nWMR2jaOhG
+b/tL8462jVEOvzAfBgNVHSMEGDAWgBRKK2nWMR2jaOhGb/tL8462jVEOvzAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAEd+gW86/W+fisz5PFHAeEw7zn9q
+dzLHm7+QZgNLZ9h7/ZbhObRUFMRtU2xm4amyh85h7hUE5R2E2uW2OXumic7/D4ZD
+6unjr4m5jwVWDTqTUYIcNSriyoDWAVlPfOWaU5NyUhqS1DM28tvOWVHVLCxmVcZl
+tJQqo5eHbQ/+Hjfx
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCmz8xBFgirI48Iye/O7kN9pORHaqA3XTBI0lW2TUjRMFHsNS+z
+vDU25rQhHlRUIziwHZnYhd60G1x1fmXsNI7doOL7T6ZdRjhuowP+mM5ygMkHbxgn
+WHxmVDdrTfpm7VcVqpB2YrUA0Bmkh58duDV+uPS2trshcvu5faPPvsTzjQIDAQAB
+AoGAFVhNqJ5rKYr5SISefPocBL3OwByyt6LjBM51TUiCYtIuCW2c1wDkRkwrDHnX
+DJUdMdv3za8DmkROBnLQE/N9vEVhrfrDpBpU6ne/0tbxRlmDi1ihH+zgBUZkIkQo
+kP5kQrV6Tfv7zhFv6cZzewRjGYzTwt8xWB54bKFlsJSlj/kCQQDY0AirnfIVyK+0
+mkqwYEiXWCQfkdRtbLBwpE8S/bbMQVb+Qxh8iCEdw3u1/c/GRFG/qUQ/54/Tetlx
+ZWTTusuXAkEAxPY1+EyW90I8cDSBsrL+S47meut5Qp1Z/WspKjuZgozT7YnECK1k
+JWyXIfBixMIqeQp+pVfVRtYSumvnVhAuewJAA3ylBw2NPShzGvZ4SQnjYPu76P4R
+aoka9VTPKMEH1ZUfbwtpM2eFENN6A91HICstHWX9gQGaYI5TPO2ih30zlQJBAIRH
+06FqVu3DJ3I4YW8R9eXrGHIvmaYapeikQuZhVs0uJdtf7i/hu+PClZIurzb0LLBU
+UxBa+Bt2BOf9NkY/4ecCQQCYLGMiKrfckXC6VtQalLuEXkeE8spcdh/NV22Qpim5
+xfir6M2ZcPDxaFpPmSDSS1TRTaeulX/djUE35EdNPVP8
+-----END RSA PRIVATE KEY-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=GB, ST=Derbyshire, L=Derby, O=Paho Project, OU=Testing, CN=Root CA
+ Validity
+ Not Before: Jul 29 19:21:30 2013 GMT
+ Not After : Jul 28 19:21:30 2018 GMT
+ Subject: C=GB, ST=Derbyshire, O=Paho Project, OU=Testing, CN=Signing CA
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:dc:26:78:40:ae:b2:ad:2f:26:12:0a:d5:b1:18:
+ 80:16:d8:88:be:0b:42:ce:32:ad:12:d5:f5:78:1b:
+ 35:28:f2:13:1b:05:09:fb:7e:d7:d9:a1:8a:0d:4a:
+ fe:95:37:d4:16:75:83:e4:6a:44:34:33:57:2e:49:
+ ba:bc:b4:cf:d0:c0:87:e0:bc:f0:60:76:14:00:d6:
+ eb:cb:f6:db:b3:43:f1:c8:4d:4a:0a:bb:e0:37:7c:
+ 8e:93:1f:a0:87:68:59:fe:0c:25:40:f3:7c:fd:71:
+ 90:55:ef:de:18:b4:08:86:c9:75:c2:99:2f:ce:12:
+ bf:c5:5e:cf:5f:f1:06:53:07
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 29:4D:6E:C7:F2:F7:71:72:DA:27:9C:9C:AB:DA:07:1D:47:9C:D8:41
+ X509v3 Authority Key Identifier:
+ keyid:4A:2B:69:D6:31:1D:A3:68:E8:46:6F:FB:4B:F3:8E:B6:8D:51:0E:BF
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 48:ec:d7:80:8a:8f:82:a6:42:b1:89:2c:b9:4b:6d:0a:37:b8:
+ 72:19:05:de:75:80:0c:d6:41:97:b2:d7:fe:99:cb:7e:c4:0e:
+ 77:97:09:a8:9f:87:ff:0b:de:3f:1c:dc:1e:fe:09:36:a7:f5:
+ 54:9a:85:4e:fb:6f:27:fe:0f:29:45:61:8d:07:c6:0c:da:37:
+ 3d:a3:69:4b:82:71:e6:24:e0:87:a6:ee:d5:87:61:dd:8f:08:
+ fe:33:a6:1f:ae:b2:ae:1f:d8:2c:20:c8:a6:fc:33:0e:82:68:
+ 80:23:61:10:ad:5c:1d:80:d6:b1:5f:e4:af:66:6d:63:10:e4:
+ 96:e4
+-----BEGIN CERTIFICATE-----
+MIICkzCCAfygAwIBAgIBATANBgkqhkiG9w0BAQUFADBtMQswCQYDVQQGEwJHQjET
+MBEGA1UECAwKRGVyYnlzaGlyZTEOMAwGA1UEBwwFRGVyYnkxFTATBgNVBAoMDFBh
+aG8gUHJvamVjdDEQMA4GA1UECwwHVGVzdGluZzEQMA4GA1UEAwwHUm9vdCBDQTAe
+Fw0xMzA3MjkxOTIxMzBaFw0xODA3MjgxOTIxMzBaMGAxCzAJBgNVBAYTAkdCMRMw
+EQYDVQQIDApEZXJieXNoaXJlMRUwEwYDVQQKDAxQYWhvIFByb2plY3QxEDAOBgNV
+BAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwgZ8wDQYJKoZIhvcNAQEB
+BQADgY0AMIGJAoGBANwmeECusq0vJhIK1bEYgBbYiL4LQs4yrRLV9XgbNSjyExsF
+Cft+19mhig1K/pU31BZ1g+RqRDQzVy5Jury0z9DAh+C88GB2FADW68v227ND8chN
+Sgq74Dd8jpMfoIdoWf4MJUDzfP1xkFXv3hi0CIbJdcKZL84Sv8Vez1/xBlMHAgMB
+AAGjUDBOMB0GA1UdDgQWBBQpTW7H8vdxctonnJyr2gcdR5zYQTAfBgNVHSMEGDAW
+gBRKK2nWMR2jaOhGb/tL8462jVEOvzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB
+BQUAA4GBAEjs14CKj4KmQrGJLLlLbQo3uHIZBd51gAzWQZey1/6Zy37EDneXCaif
+h/8L3j8c3B7+CTan9VSahU77byf+DylFYY0HxgzaNz2jaUuCceYk4Iem7tWHYd2P
+CP4zph+usq4f2CwgyKb8Mw6CaIAjYRCtXB2A1rFf5K9mbWMQ5Jbk
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBsDCCARkCAQAwcDELMAkGA1UEBhMCR0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUx
+DjAMBgNVBAcMBURlcmJ5MRUwEwYDVQQKDAxQYWhvIFByb2plY3QxEDAOBgNVBAsM
+B1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwgZ8wDQYJKoZIhvcNAQEBBQAD
+gY0AMIGJAoGBANwmeECusq0vJhIK1bEYgBbYiL4LQs4yrRLV9XgbNSjyExsFCft+
+19mhig1K/pU31BZ1g+RqRDQzVy5Jury0z9DAh+C88GB2FADW68v227ND8chNSgq7
+4Dd8jpMfoIdoWf4MJUDzfP1xkFXv3hi0CIbJdcKZL84Sv8Vez1/xBlMHAgMBAAGg
+ADANBgkqhkiG9w0BAQUFAAOBgQBhVBQJfwlQ1UcSyuRdJN8skHeWyiFHfRl3bEHf
+PS6A1+yr4uZoBTA6AJb3mItXCns1mb4+/mgrlud4KXG5kPzGas7eNpC1fqFywGAC
+zS2sA9TzShD+OUR5VDD+d4UqdYUspP+r/aHY1FUVlBL9tC/mUkURXVR2+BUkYnR7
+elw/ig==
+-----END CERTIFICATE REQUEST-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQDcJnhArrKtLyYSCtWxGIAW2Ii+C0LOMq0S1fV4GzUo8hMbBQn7
+ftfZoYoNSv6VN9QWdYPkakQ0M1cuSbq8tM/QwIfgvPBgdhQA1uvL9tuzQ/HITUoK
+u+A3fI6TH6CHaFn+DCVA83z9cZBV794YtAiGyXXCmS/OEr/FXs9f8QZTBwIDAQAB
+AoGAEEMDNPvylNpbvI9yU3+Uzps2FpusVqDlqfOGC1YvKhQflypbH2myNhA5q1uz
+zH/wOax6jp/O4/A6619k3NWaWBUSDeD1jczdzzDB6Eq1+6oj1szwLBA5EQHz5tuM
+0BIWVGv12bqY/LGBbYsIABBTr584rA3QSgM3K4SPxKKiyYECQQD6ELRf6hfd5qhs
+8RJY5f3yXaV6rSpz8meht4VwMguiYwNBHrHAHxgumMfLiJ2PWa+6aFUxcWs93RfL
+5Tzn2DtHAkEA4WADib1R05V3X2XcU9ursA0va5nPEtQ0fNJAUm4iJOtEElk61Ku4
+0KFokloTovpAgno+QxQdy1trwBz/ov2KQQJAaNeaGGCYUxPC57IHBDihSP1UROPX
+Wbd3FYlRK+H/mLy0f5fz5F3lEJxDoCUOEi0DDT9zAIDR+qT4tibNa1LwPwJAQDtT
+BtCUH487pE6tiqDSv6wiVbJSV/VuuBxcBKIqzQbYMbqIj9AZLiyyVvOhIRPditI4
+KHn1O93kSa56FQPZgQJAV0mCqYciPBU4z3qtLGIDqdzTszBh4U5cTu5M+TICrg20
+dtH2X0dETx7c2+7FDkr1ktVq9skJAXMw6mWM8FMYFg==
+-----END RSA PRIVATE KEY-----
projects / packages / p / paho-mqtt.git / commitdiff