From 92046daf3875f35c6e371640ebffffe17a5c0586 Mon Sep 17 00:00:00 2001 From: "Jose I. Paris" Date: Fri, 29 May 2026 01:06:17 +0200 Subject: [PATCH] regenerate development certs Signed-off-by: Jose I. Paris --- devel/devkeys/README | 7 ++++- devel/devkeys/ca.pem | 63 ++++++------------------------------- devel/devkeys/ca.pub | 42 +++++++------------------ devel/devkeys/ca_config.cnf | 15 +++++++++ 4 files changed, 41 insertions(+), 86 deletions(-) create mode 100644 devel/devkeys/ca_config.cnf diff --git a/devel/devkeys/README b/devel/devkeys/README index 15752c11b..b98cc590e 100644 --- a/devel/devkeys/README +++ b/devel/devkeys/README @@ -1,3 +1,8 @@ Keypair used for development -DO NOT USE IN PRODUCTION \ No newline at end of file +DO NOT USE IN PRODUCTION + +Regenerate with: + +openssl ecparam -name secp384r1 -genkey -noout | openssl ec -aes256 -out ca.pem +openssl req -x509 -new -key ca.pem -out ca.pub -days 3650 -sha384 -config ca_config.cnf diff --git a/devel/devkeys/ca.pem b/devel/devkeys/ca.pem index cf46a6d83..3cf3daf38 100644 --- a/devel/devkeys/ca.pem +++ b/devel/devkeys/ca.pem @@ -1,54 +1,9 @@ ------BEGIN ENCRYPTED PRIVATE KEY----- -MIIJtTBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQ2D3e9raMusWMreO7 -mpeVtwICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEA9FkRxb0q/kAtqX -q4ALPPMEgglQUwhfpxU8mFFq0pB78xg+MXf7DD12Ko0+qP0jm+DyVzlnwnmwuAqA -iRDp+LiAN07LAdH1AgFV3pyt/hQ5nvNf3vrPk9jS0tVDOVG0deE/DMpXA9nQN2yF -mYFqABWc7T/lp/PnIf0+oh7Qyg2EXBONMgrpGsEMdYQvqWFMyKo0ETChdynYDdDc -n8//W40jHDnfeoohxrT7LBhYsvAhG81+NfoM91RJrI61wuZVWsAAU/vxFdu7DqeA -P1BnUh847jqMBHi/XMBMRd+KA2XQU/cH2ym6y9t16J/N/tHx+aB6WdTbH9tv7PC6 -J1f1dnGDduXJ1kkiAF8eANqRswW8R2JIJK6TojmUO2mIeEE1+XTrQuuyd9NHsRvM -VSEl0jz2SWO3KaYBllC/CTmydngKxLC64ZK1pSUHKt6xSnUJYUuYZKpv8EsusotN -pawI3JNA0K8L5r2YYjMTSmei4ZSKmBckiuK8TTDTaPtLwWZzpT3rQSQjJafXjX/I -D7bQkDQP5PynXQcD7xKWJtDti/+KAa/osWrUK24jkUkn2cVLnb4TzKhx4znLL5JE -ZWYkSnU0mt51AtZR87ymYO+SE8hAhg9+oUwdst4LSmTlM9B2XCnQMpm8BtneTaPW -lsb1W5uNen9GSmJZ8vV5BVfBlcriCbWWbuh/SfLeYix9fyEuk12DM1lVe5WXIfgk -sR/BnV7qTYQ+UtuINtu+6K0qNONNi+yu8c5iU4sRHVQNK45i/2NXsNjFPST6yqJ2 -bDKPhVwbezlGczEXogyV7eS6H8E3DH8Fk4nBLpXXIvmm9x6FtiM9XVPlcG9bBEqz -AOvtznxIf143zMjBPYZ7nJh2ZD4IJs0093OBRaLrAfmRZNuQa2ruteuFcAYd3T2o -ar2x3KHkPHpmglo57+ZMzm7ZUcgTM/sIjDk50mKqR3E+nHPHvuPFg9rSoBi3NGaQ -HVWH+Y8c0nnHg8hSgf5rskHK7v5Nz7tsiattqEOTiO9XX+4p6IZZCMCPQDMalWF1 -79x/qIx+wrAJWZMs3/J4Hxba9WU6aDYhwk8LdkchE9wpQDEJpDhbXUN6lUIs6NVS -W4v7UMGx2Iq/obe8WcwenqnNI2QmDPFBpndBJG8A2M6xLyxjx6LuSodMtVzdXpY7 -+Dz2ndKbn7mf2a+uUJdXSsExnQIjVET1DezJMAMfF3ovCQ5F30ob2bdk36sLSzW0 -j4/8l4lCU+kn1ORV6KTxf/ou6cTPpg7x394u5nseJIBfZjwkmV7yJQAQBx6Xq+Gq -bBtcDVVLquvG20ldDZjfY17Jg8ErXj6AdEpdeYeGT7mkBMlFOt/g+OFjhbqaOeRw -yZoUcsKEj+9YO/chbfGDPbUIw6KsdYgZLfuCp6SqAeApJ7K+PVeViuXS7ar+g7jj -RN6mq2NBPVEsSomJQQ7Gf/2nY1AYP+RYdOJeFiODoFrMWRldRlPgOisT+FJMReGj -4eZ1aBJLeMsZ9QxX8QuARhBe+L18Ed+cqn1r3J3HjbEsMNFCHjM9S80YCkDsUvtO -8s9zimgyFQhWKo055GZWnW9kfIhZQh1bJ6i+Krj4feZd+i04JVSUA3tCjXBCP5Gu -BV0PM3mfRsa307cNTFFwo9qw1qNiboI7oucYHmm2u7OTsoSng03CkldijsYdjl76 -JxeswTTB7YGBeMasjKanRnNFjqkPaihkhrLtjau1/09pqto5bpvNUm/mfLhZlJKv -03eG3w8alRSOgNH87k/nrrPlDZFDyZLi15gJgBotLSqPqOFvXCuL3nvoErcC5OUf -SDPtPI6AObFOLkb5oQPR85MKqGfIpCMmDHhhKh3aGDGaq67v8uP0ywwt4lqvfPPf -fZ2vZYaKfRAOddca+sfJbNwA0h6a9ybMloosYoah+ozgO4Ds/Ium5IchG5Gxy9DJ -eV1mwdQd+MzWVqmoXd0nU3WcfW6sSfEnlyN5Vrbkzt4UbAwT6TAyr5L0JOXHvsCX -w1/rlNzib/aTbxmqcUF8yW/cd7ycovEPH10+KU/ABMNcQ+DPipRgkVptvlqarTdf -7sU3fOWqeBTYWA40SUdbtCeSlkPX7mlsO5kP/Fr0afIglFkhZiYW92qtHqUubjQW -6YchmSuA/Ib/uPPiyYhTO8qd3xMz5OErj/J3GDBQVMPqrpyRCu65A8n6a+qYWpqw -TNXG/vd8u2lIqObDkGi79Y00i6c2CXzhnbYgOuck61FY/wLJAAhlbDSEnhI06Iqz -a19L6uzI3uS17siabBjw8nZpKPDZ21IA2m4NgryBI8W36ZezQfK5AAnBYvezgVzv -azsnE6xJ3ovnuy48fptoZ78DpG2S4BEAoo9p9UbBipmrcMcTpiUDAfGgtt7WGwqu -+J7GrE05YE67uycS9K0xNMB51DfqaZGsDfZlL8up0lncD6rqmXNCeFqtrcBmhziG -40s6WngRyF1/4VKHfWbaeRG+YbizHjRfctGAgL1a+iLNsIPVPFj36T/0nd9o+QGI -vwGpDXluYKCdSUJ2l7jJgSU0U+FoyLQW2Waeb/pewjlCJA5eCySKIoSz2LrN99Va -q7LhCM+8odzGT2zv4BLd48JR6wjKbdJkFyvQ3UnsidqnZSUD4LVUSn+YrPuGLQLg -3MxgcZumoWUzQtCAzueRSUl1zt2xDIU/eiiRZHWwvSej++rTXtmdFJqinsLc1V6c -HAr1OUBsB9O3er5pUPygqnpQmcoIkiA5882bVpNauxsNxVmKggVWCaUp78uEHWXn -N7/EwWgvXjJ6OcqFBUF9lyEYuYZ8o+bHsWciT8mVROXn8pusvLRUvFZSKqZC8Wk0 -NaMe1oPSf2v+rGyRMNlu0q/x2VcQd3DV28AeuVQj4WJTjZdW2H/5O0KIpivfs5hG -XR9u+5p22TR1Y3lIOgL5fz6Hl26migDW+LkEFjVrqVDwYL4eemt8NYJHidghadfa -RqM1A5tFGovVbvIuk9M3lrMi0bCI0Ky6mMsJVGWHP1Rc1T86L+/RuSbzUCEu+Jox -zdEjIKBc+uMW6zM3dmAYlAbd9rmOhpe67rSjn9HZ2kfifFWFttd0NOpRsgvv4VJE -vZv5Oo6rF4Ay7SBKT8+t+jIDmiu/vQAMJdtT/pDQEtTbVc7pwLVC38c497PkoV9w -ySkhKzZvkNEfzV8VmP+5NsG2/N3ImVhUKJ+kBNY0AG4uHPYkvQ/ZcbY= ------END ENCRYPTED PRIVATE KEY----- +-----BEGIN EC PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,5B4CA46CD46727F8D078D6D749ABCAAC + +0sKc9F7bn7JI0VPLiJ7HcUQ4F0dXZB/r/2AZItnERKKtY/FTV6e+Tuy55Ulo91sL +qfQY7btNqlLpO5c/3usXzLX+B17UlNrTJEg8naJ2ijC9jGB+nZHVuXiIeg7K9KpP +PMYx+RbTSLO8LSuIm3EJD9QEV94UPAVK3pc1C6+js0aXvFcqxU3HYfnBFCi2q8Bp +TTcbT5ZqXWPNTK4cGmg60nCzb32DipG0AeNSyDkH7Ic= +-----END EC PRIVATE KEY----- diff --git a/devel/devkeys/ca.pub b/devel/devkeys/ca.pub index bea9b7ba6..c3b1a40c4 100644 --- a/devel/devkeys/ca.pub +++ b/devel/devkeys/ca.pub @@ -1,33 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIFnTCCA4WgAwIBAgIUErdOkmXh4B6wWuq3zdyoZwP4B2EwDQYJKoZIhvcNAQEL -BQAwXjELMAkGA1UEBhMCRVMxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAoM -CUNoYWlubG9vcDESMBAGA1UECwwJY2hhaW5sb29wMRIwEAYDVQQDDAljaGFpbmxv -b3AwHhcNMjQwNTI4MjAwMjM4WhcNMjYwNTI4MjAwMjM4WjBeMQswCQYDVQQGEwJF -UzETMBEGA1UECAwKU29tZS1TdGF0ZTESMBAGA1UECgwJQ2hhaW5sb29wMRIwEAYD -VQQLDAljaGFpbmxvb3AxEjAQBgNVBAMMCWNoYWlubG9vcDCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAJy5/qNvpiJITXKwR/hoE7NWXhPLj9glLv5hqqUN -ZHz5D1Mmj35B8JzMNe78lCFBhs4tf5xNSWj9AnDhIbYAW9edu6hA7YJUXVE3iJ7g -vrQ5NTdeQqd8xxSjvtwBKVaQCKGEBHaqyZatB8IQ5kY4YLfqFWQ1U9IkU4QdZJQ2 -beBm1hSh6KUqOtlNMgumIIx0kWiHYHQ/KRVSKhoxKD+YQFTvfqrEvMxR23gkxPo+ -Z8exeG30Nzeido31WCdrWhWwthO9TuXEUk8XdqHUpKqS47AFIcLZBHCzxGB784K2 -go1ixzxt5gSfeco0nT9sJHGIOMhh50Eec0bnIUcH61iEDuAJY5pj0XcAvl39l9C0 -oIS7+5qOyqZk0LVwABi5CHYrnNKcj2BbOkplRqw1u1lvlfJQSQ29rQ3mWFXoQeQr -sGhdJDMJkzNkMRXqReBuQxIREsmzjA5ZO2fSK/Mt+OugzO8exlVJ9d7ZA5P54tZr -t8mqOM3ahFwEnRincvJBNYSnfZGYIp7h7lDuDdF2hJxI5aCSuzNrtA7ea6n/R3zj -hmo5CmD+x/DOapYHW6c7DbFCyViOutQybiAL5E0ESBQVxfndXPbhT3725evLFpM8 -a5lp3Q1AHbaHwBNLt2ET+gQJl4Kv8+oSGgfTPMkcEXeehKq4UUSJImDpkdU9VSAm -rV+lAgMBAAGjUzBRMB0GA1UdDgQWBBSg5OU3ZPHjjjH//hg8PuthzR+lyjAfBgNV -HSMEGDAWgBSg5OU3ZPHjjjH//hg8PuthzR+lyjAPBgNVHRMBAf8EBTADAQH/MA0G -CSqGSIb3DQEBCwUAA4ICAQBZ6IOom849XSPoSfJ4pH9kIgrAg77JF0iYXw+rvmoa -tldzbXn8qPADn/IlfcARvnsDNymzQ1Ar+61vO0TIeuZhTKm06V4V46x/Xd4w6INZ -F8Yug+VpoLjh4IiPo79yz4lHcFRPWVoIbQe2b2k93qnsuwUxX1z7YlKXnmSj/FpW -jScy+ic/7YUB0TjZVN3Lm7LUcFMwlT3M04z5tQdDLHayQ5loRDOtA38tuuVexWiZ -KvdyvYk3AWyhNVRTnNoKyuZzaltWbzD2/vysi6krmJqXoH6vCCu+8CsYMJA6AVu0 -Y4375UNNSOBDVhPFMRH+oQ0gCFRKN+hPIxh9rnrBJnM11nOVolwcY5T3B3692cl+ -jVvpTqPnzVng5XBXpWgAhN6c6nkgduyhnq4zQp01EcmxZMmIfQMJ/MNwWVRIem+8 -YZ4f+aT1PXr6X3Jt9VS9Fq4FTaCYrFhfHbeKIKQtqLneXJosI8xWlAAcRMrTXAVn -kzLggDLeeSvDNz7X8jk63kbbVtISFdHBw65U4LgzCZR5kHXOlFjz59J9Bc6gChmh -w2ljLt9QRMjSEuHRVltfT5ZCYWgSU9PJTuGhbGJUkDntY6pB6TjgmARSk796jvo0 -S12JKd+hkgznl/q5ZzwsNI8087KIswqeZBSunCZGCcQziU97x3hl2orBfldtVm9m -sQ== +MIIB+jCCAYCgAwIBAgIUYjE9Yu8W9PgpPKOqXASZPK4crDkwCgYIKoZIzj0EAwMw +LDEWMBQGA1UECgwNY2hhaW5sb29wLmRldjESMBAGA1UEAwwJY2hhaW5sb29wMB4X +DTI2MDUyODIzMDQyMloXDTM2MDUyNTIzMDQyMlowLDEWMBQGA1UECgwNY2hhaW5s +b29wLmRldjESMBAGA1UEAwwJY2hhaW5sb29wMHYwEAYHKoZIzj0CAQYFK4EEACID +YgAEspLWDoofydKAcqoe7nWxOVr4MOS9W1RR9c2NvZhTpf0PyR3zKH1F+S0bQ/Xg +SOXPIbLD4uo40txvPxvWiD6w2bIivwGvdVYO+fMD/oaOBn5d7Kf2IRGab67v8fdO +oa7oo2MwYTAdBgNVHQ4EFgQUo9kYV7123u5LMAbmp8i5ePebzYIwHwYDVR0jBBgw +FoAUo9kYV7123u5LMAbmp8i5ePebzYIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B +Af8EBAMCAQYwCgYIKoZIzj0EAwMDaAAwZQIwZTXBhx5pXMaly2HsKq7rB0QTzVyS +D7Lg3Md1NsLViY27Sf/3TUneZPuwU7bClyu7AjEAvWhPMhTKfmqCvivyJp7o2jGu +c1fGBB+m0pkJt1SG6Gs/2DFPRJgd4tI98ziz7sxq -----END CERTIFICATE----- diff --git a/devel/devkeys/ca_config.cnf b/devel/devkeys/ca_config.cnf new file mode 100644 index 000000000..4c8f07414 --- /dev/null +++ b/devel/devkeys/ca_config.cnf @@ -0,0 +1,15 @@ +[ req ] +default_bits = 384 +distinguished_name = req_distinguished_name +x509_extensions = v3_ca +prompt = no + +[ req_distinguished_name ] +O = chainloop.dev +CN = chainloop + +[ v3_ca ] +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always,issuer +basicConstraints = critical, CA:TRUE +keyUsage = critical, keyCertSign, cRLSign