+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11420 (0x2c9c)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Nov 6 09:18:33 2017 GMT
- Not After : Nov 4 09:18:33 2027 GMT
- Subject: CN=abellai
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:76:75:53:16:13:32:01:21:f9:80:8b:5f:aa:e9:
- b8:d8:0a:b6:cf:b1:d1:74:b8:f3:0b:cb:5a:60:41:
- d4:de:50:20:53:aa:f1:3e:ba:14:b6:e8:3a:56:75:
- cd:7d:1a:c9:a9:f6:31:b9:b8:55:a8:4c:cf:eb:91:
- f7:23:f7:98:13:30:79:08:6f:4a:4d:61:be:3b:46:
- 6d:80:83:67:bf:e9:03:4d:24:02:ce:a7:82:5f:6d:
- b3:1b:c2:64:e9:43:bc
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 6D:CB:36:20:EB:42:04:2D:DD:B7:03:29:70:E0:05:32:40:9B:96:E0
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:1e:ee:85:f7:51:aa:00:8c:a7:bc:5d:81:dd:54:
- 59:d0:bf:6b:31:6e:34:87:68:1c:23:1c:d8:6c:1a:59:6f:3f:
- b8:88:b2:f7:da:45:22:38:d2:22:fb:a6:e1:fb:e1:f6:02:31:
- 00:f0:6d:fc:d9:87:61:74:0e:6b:76:00:63:f2:16:5e:5d:ee:
- d7:96:c4:ac:dd:ef:b8:fd:e5:e4:b1:47:35:52:ef:1d:5d:1d:
- e6:1a:c7:7e:4a:b4:d4:be:86:64:2d:fd:52
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICLJwwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzExMDYwOTE4MzNaFw0yNzExMDQwOTE4MzNaMBIxEDAOBgNVBAMM
-B2FiZWxsYWkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAR2dVMWEzIBIfmAi1+q6bjY
-CrbPsdF0uPMLy1pgQdTeUCBTqvE+uhS26DpWdc19Gsmp9jG5uFWoTM/rkfcj95gT
-MHkIb0pNYb47Rm2Ag2e/6QNNJALOp4JfbbMbwmTpQ7yjgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUbcs2IOtCBC3dtwMpcOAFMkCbluAwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIwHu6F91GqAIynvF2B3VRZ0L9rMW40h2gcIxzYbBpZbz+4iLL3
-2kUiONIi+6bh++H2AjEA8G382YdhdA5rdgBj8hZeXe7XlsSs3e+4/eXksUc1Uu8d
-XR3mGsd+SrTUvoZkLf1S
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBFYzI7yj3wui4KYnrc
-HaHi0zzfEhd4GHhLKut+ILUjG1EFGAYB/x1INjV0pYiY9cyhZANiAAR2dVMWEzIB
-IfmAi1+q6bjYCrbPsdF0uPMLy1pgQdTeUCBTqvE+uhS26DpWdc19Gsmp9jG5uFWo
-TM/rkfcj95gTMHkIb0pNYb47Rm2Ag2e/6QNNJALOp4JfbbMbwmTpQ7w=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12782 (0x31ee)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:30:45 2017 GMT
- Not After : Oct 17 09:30:45 2027 GMT
- Subject: CN=aborza
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ca:81:c1:4a:ea:59:0a:e6:b5:34:90:78:60:ae:
- 9a:b9:5c:d8:52:3e:ec:8f:30:00:96:c0:6b:5e:17:
- 60:ab:72:09:73:e3:3e:31:5b:f7:fe:ed:31:48:94:
- 6f:e9:a0:4a:70:76:55:5b:41:07:ea:af:e2:8a:b1:
- 5f:5c:95:e4:f4:b4:60:1d:91:c8:0f:fb:57:f6:53:
- 79:07:3a:2e:c9:6f:96:6a:7d:1e:1c:f6:74:19:76:
- 8c:bb:c1:dd:dd:ff:6d
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 8D:C0:A1:00:5B:E9:79:9B:65:3D:0B:DA:CD:18:C0:80:D7:11:49:7A
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:70:1e:e8:7c:51:73:46:96:78:64:df:35:e8:90:
- 28:60:66:c3:a1:9c:ce:46:c6:09:95:c3:99:80:ce:70:84:10:
- 2f:a2:8b:ad:53:8f:0e:67:ad:05:88:71:4b:dc:a4:4a:02:31:
- 00:83:2b:87:a9:6e:6e:14:49:ff:53:61:8c:6b:8a:f3:cf:b4:
- 4a:b7:ec:19:e3:05:bd:4f:43:49:bb:cb:df:aa:ba:27:e7:5e:
- 07:4a:f8:32:c6:f0:f1:22:31:a0:7f:f8:22
------BEGIN CERTIFICATE-----
-MIIB6jCCAXCgAwIBAgICMe4wCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMwNDVaFw0yNzEwMTcwOTMwNDVaMBExDzANBgNVBAMM
-BmFib3J6YTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMqBwUrqWQrmtTSQeGCumrlc
-2FI+7I8wAJbAa14XYKtyCXPjPjFb9/7tMUiUb+mgSnB2VVtBB+qv4oqxX1yV5PS0
-YB2RyA/7V/ZTeQc6Lslvlmp9Hhz2dBl2jLvB3d3/baOBljCBkzAJBgNVHRMEAjAA
-MB0GA1UdDgQWBBSNwKEAW+l5m2U9C9rNGMCA1xFJejBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjO
-PQQDAgNoADBlAjBwHuh8UXNGlnhk3zXokChgZsOhnM5GxgmVw5mAznCEEC+ii61T
-jw5nrQWIcUvcpEoCMQCDK4epbm4USf9TYYxrivPPtEq37BnjBb1PQ0m7y9+quifn
-XgdK+DLG8PEiMaB/+CI=
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDXDmyQ4XF5iPRhk/8g
-XXdZ5ECp/D3r7OnQDsORGakLdezeXNdK0ZgdIBX0R5/Vg1mhZANiAATKgcFK6lkK
-5rU0kHhgrpq5XNhSPuyPMACWwGteF2Crcglz4z4xW/f+7TFIlG/poEpwdlVbQQfq
-r+KKsV9cleT0tGAdkcgP+1f2U3kHOi7Jb5ZqfR4c9nQZdoy7wd3d/20=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12010 (0x2eea)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:30:53 2017 GMT
- Not After : Oct 17 09:30:53 2027 GMT
- Subject: CN=acsiba
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:da:c2:53:06:83:f7:48:e5:6a:f8:89:fc:d5:bd:
- db:d0:b9:7c:e0:d9:83:2c:63:7b:d2:5f:81:a7:81:
- fc:c8:3d:ff:33:a8:48:f0:aa:7b:07:68:1b:aa:01:
- 70:5e:d8:d1:18:a6:12:c9:65:42:2a:43:bc:37:19:
- 41:57:a2:bc:e5:fb:9b:4a:0b:88:47:50:e2:ad:3e:
- 79:22:54:c0:e9:ac:2a:2f:e7:ed:0d:a0:c1:38:86:
- 9e:45:ec:14:12:a3:73
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 15:17:AB:54:ED:F7:6C:D1:1E:AD:12:A6:20:4F:04:78:22:83:6C:A0
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:a9:f0:bc:0c:01:70:39:9f:99:f1:c9:ce:5f:
- d0:f2:b3:66:64:38:7e:9b:36:51:1c:5e:69:6f:7a:4b:bd:32:
- 0f:50:7a:c9:8a:dc:f5:18:a3:f3:69:02:20:c2:3c:f1:95:02:
- 30:78:72:d5:53:c2:2e:b2:5c:91:a7:a6:78:b4:3f:0f:2e:3e:
- 22:20:22:3f:b2:67:96:e8:79:89:f0:b0:a8:bb:1d:d6:70:f1:
- c9:1b:22:31:e3:40:36:6e:40:da:7d:64:d7
------BEGIN CERTIFICATE-----
-MIIB6jCCAXCgAwIBAgICLuowCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMwNTNaFw0yNzEwMTcwOTMwNTNaMBExDzANBgNVBAMM
-BmFjc2liYTB2MBAGByqGSM49AgEGBSuBBAAiA2IABNrCUwaD90jlaviJ/NW929C5
-fODZgyxje9JfgaeB/Mg9/zOoSPCqewdoG6oBcF7Y0RimEsllQipDvDcZQVeivOX7
-m0oLiEdQ4q0+eSJUwOmsKi/n7Q2gwTiGnkXsFBKjc6OBljCBkzAJBgNVHRMEAjAA
-MB0GA1UdDgQWBBQVF6tU7fds0R6tEqYgTwR4IoNsoDBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjO
-PQQDAgNoADBlAjEAqfC8DAFwOZ+Z8cnOX9Dys2ZkOH6bNlEcXmlveku9Mg9QesmK
-3PUYo/NpAiDCPPGVAjB4ctVTwi6yXJGnpni0Pw8uPiIgIj+yZ5boeYnwsKi7HdZw
-8ckbIjHjQDZuQNp9ZNc=
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBWJGEFVc/SmIhR0WOU
-yvUkd77l0e1NWkcUaVzR9ImZR8hVKPHkSH7mxgZW8ntIWBShZANiAATawlMGg/dI
-5Wr4ifzVvdvQuXzg2YMsY3vSX4GngfzIPf8zqEjwqnsHaBuqAXBe2NEYphLJZUIq
-Q7w3GUFXorzl+5tKC4hHUOKtPnkiVMDprCov5+0NoME4hp5F7BQSo3M=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11036 (0x2b1c)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:31:11 2017 GMT
- Not After : Oct 17 09:31:11 2027 GMT
- Subject: CN=akosztolanyi
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:8f:3c:74:2e:5d:d7:90:ac:5c:2f:e8:fe:f3:8a:
- 8d:6b:6b:96:98:a7:63:e3:03:42:4c:2b:49:22:a8:
- 07:c2:ac:06:89:a8:80:04:26:5e:68:79:a8:b9:84:
- 79:3e:da:98:56:15:36:f2:7c:09:f8:41:78:5c:8e:
- 2c:de:1b:18:8a:49:4c:8f:fe:ed:95:8f:0f:cb:5b:
- e2:64:b1:63:ef:3d:d1:95:49:f1:4e:73:47:a7:11:
- 94:1c:36:da:e6:55:cf
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- B1:A3:E4:CB:16:E0:E1:12:E2:70:12:2B:8F:DA:D8:99:D6:63:A4:FC
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:b7:e6:6c:6c:e6:75:bd:45:00:d2:29:3e:55:
- 07:c4:33:b8:50:77:09:1b:d2:9b:1d:4d:48:ed:74:a3:2d:c0:
- 99:0a:06:7a:08:b6:c7:41:e0:58:a9:2c:3c:6e:3f:62:a3:02:
- 31:00:a9:80:0c:db:0c:c4:7c:79:44:ec:09:a5:2d:02:ef:31:
- a7:84:0b:c2:7e:a6:0b:0c:c1:e3:84:d5:35:7f:1d:ac:21:7f:
- f0:83:a7:2b:db:d8:06:61:f2:86:ee:1b:6f:1f
------BEGIN CERTIFICATE-----
-MIIB8TCCAXagAwIBAgICKxwwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMxMTFaFw0yNzEwMTcwOTMxMTFaMBcxFTATBgNVBAMM
-DGFrb3N6dG9sYW55aTB2MBAGByqGSM49AgEGBSuBBAAiA2IABI88dC5d15CsXC/o
-/vOKjWtrlpinY+MDQkwrSSKoB8KsBomogAQmXmh5qLmEeT7amFYVNvJ8CfhBeFyO
-LN4bGIpJTI/+7ZWPD8tb4mSxY+890ZVJ8U5zR6cRlBw22uZVz6OBljCBkzAJBgNV
-HRMEAjAAMB0GA1UdDgQWBBSxo+TLFuDhEuJwEiuP2tiZ1mOk/DBFBgNVHSMEPjA8
-gBQ0+FxfsE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBD
-QYIJANzVB7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAK
-BggqhkjOPQQDAgNpADBmAjEAt+ZsbOZ1vUUA0ik+VQfEM7hQdwkb0psdTUjtdKMt
-wJkKBnoItsdB4FipLDxuP2KjAjEAqYAM2wzEfHlE7AmlLQLvMaeEC8J+pgsMweOE
-1TV/Hawhf/CDpyvb2AZh8obuG28f
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAcQQScflm1tSD4BQhX
-fWc/SL9jTmJnJC4hHlFyr6u558vkhOn49nOv62bdtGUKQjGhZANiAASPPHQuXdeQ
-rFwv6P7zio1ra5aYp2PjA0JMK0kiqAfCrAaJqIAEJl5oeai5hHk+2phWFTbyfAn4
-QXhcjizeGxiKSUyP/u2Vjw/LW+JksWPvPdGVSfFOc0enEZQcNtrmVc8=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11427 (0x2ca3)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:31:22 2017 GMT
- Not After : Oct 17 09:31:22 2027 GMT
- Subject: CN=azsamboki
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:37:66:66:c1:b8:90:03:80:8d:75:22:db:61:2e:
- 72:0e:78:04:91:9d:da:99:39:1d:89:0b:0e:34:90:
- 06:0d:3d:8c:25:2f:fc:56:75:bc:85:ab:24:54:14:
- f4:27:39:49:10:11:80:4a:07:7b:72:ed:79:8d:95:
- 34:e3:07:13:3b:da:51:eb:8a:b5:77:b6:71:e4:97:
- e6:05:4f:27:3e:0a:c1:f6:1f:ff:bf:a4:5e:43:ca:
- bc:42:fd:3f:49:c3:5b
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- DE:CA:E6:F5:11:A9:62:D9:9C:93:4A:B3:2B:A4:9B:31:B1:1E:66:61
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:cb:c2:a4:ad:cd:f0:de:75:3b:7e:bb:c8:c1:
- 45:2a:bf:01:8e:83:b7:7b:15:98:7d:21:2c:86:83:bb:2d:21:
- f6:be:b8:0d:fb:91:d2:57:fb:21:e4:6c:4f:90:b8:29:eb:02:
- 31:00:f2:98:41:ca:42:df:94:78:e5:c7:9e:93:fc:e4:f2:5f:
- cc:5d:5d:e9:f8:97:84:1a:78:15:90:04:06:99:77:9b:dd:3c:
- 3a:93:55:d0:2b:f6:59:80:ae:c7:1d:85:32:61
------BEGIN CERTIFICATE-----
-MIIB7jCCAXOgAwIBAgICLKMwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMxMjJaFw0yNzEwMTcwOTMxMjJaMBQxEjAQBgNVBAMM
-CWF6c2FtYm9raTB2MBAGByqGSM49AgEGBSuBBAAiA2IABDdmZsG4kAOAjXUi22Eu
-cg54BJGd2pk5HYkLDjSQBg09jCUv/FZ1vIWrJFQU9Cc5SRARgEoHe3LteY2VNOMH
-EzvaUeuKtXe2ceSX5gVPJz4KwfYf/7+kXkPKvEL9P0nDW6OBljCBkzAJBgNVHRME
-AjAAMB0GA1UdDgQWBBTeyub1Eali2ZyTSrMrpJsxsR5mYTBFBgNVHSMEPjA8gBQ0
-+FxfsE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJ
-ANzVB7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggq
-hkjOPQQDAgNpADBmAjEAy8Kkrc3w3nU7frvIwUUqvwGOg7d7FZh9ISyGg7stIfa+
-uA37kdJX+yHkbE+QuCnrAjEA8phBykLflHjlx56T/OTyX8xdXen4l4QaeBWQBAaZ
-d5vdPDqTVdAr9lmArscdhTJh
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDArFkY/hBHoHVjQTRyX
-IrGy0dove2XopHBruMLhyoCeALqMVf71yMiC5ULPfcHa832hZANiAAQ3ZmbBuJAD
-gI11ItthLnIOeASRndqZOR2JCw40kAYNPYwlL/xWdbyFqyRUFPQnOUkQEYBKB3ty
-7XmNlTTjBxM72lHrirV3tnHkl+YFTyc+CsH2H/+/pF5DyrxC/T9Jw1s=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12239 (0x2fcf)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:31:36 2017 GMT
- Not After : Oct 17 09:31:36 2027 GMT
- Subject: CN=csgulyas
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:f2:18:09:ae:cd:31:69:80:cf:9b:ca:1b:ff:67:
- d8:40:61:dc:48:60:b5:19:f9:40:aa:0b:92:0b:2b:
- d9:7c:1f:01:23:cd:7a:62:51:0a:6a:57:18:49:dd:
- d3:6b:71:48:4e:31:69:7c:56:b9:68:ed:a4:e8:a7:
- cb:bb:6c:f8:95:f4:76:64:07:14:8f:4f:04:e9:26:
- a2:74:46:a5:10:77:67:18:28:9c:8d:29:10:f7:7f:
- 92:b2:83:75:19:8d:74
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 23:BC:13:C4:79:E6:B1:98:F7:D3:0D:AB:BB:B2:7F:C6:08:19:D5:15
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:d9:f1:2c:76:09:e3:5b:ed:20:3a:a7:47:48:
- b8:55:d1:eb:37:51:3a:9f:33:48:03:c3:ec:82:9b:72:d5:94:
- 24:58:7d:55:34:69:68:86:f4:57:85:1b:91:a5:57:c1:fb:02:
- 31:00:f3:8f:50:60:25:14:b9:48:73:a8:d0:a0:ee:b1:a4:f9:
- a3:6f:a8:29:d1:8c:fe:d0:be:7d:2f:67:e7:9d:02:85:ac:54:
- d4:da:0f:68:85:53:04:7a:9c:14:28:91:7b:c3
------BEGIN CERTIFICATE-----
-MIIB7TCCAXKgAwIBAgICL88wCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMxMzZaFw0yNzEwMTcwOTMxMzZaMBMxETAPBgNVBAMM
-CGNzZ3VseWFzMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8hgJrs0xaYDPm8ob/2fY
-QGHcSGC1GflAqguSCyvZfB8BI816YlEKalcYSd3Ta3FITjFpfFa5aO2k6KfLu2z4
-lfR2ZAcUj08E6SaidEalEHdnGCicjSkQ93+SsoN1GY10o4GWMIGTMAkGA1UdEwQC
-MAAwHQYDVR0OBBYEFCO8E8R55rGY99MNq7uyf8YIGdUVMEUGA1UdIwQ+MDyAFDT4
-XF+wT7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA
-3NUHtlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqG
-SM49BAMCA2kAMGYCMQDZ8Sx2CeNb7SA6p0dIuFXR6zdROp8zSAPD7IKbctWUJFh9
-VTRpaIb0V4UbkaVXwfsCMQDzj1BgJRS5SHOo0KDusaT5o2+oKdGM/tC+fS9n550C
-haxU1NoPaIVTBHqcFCiRe8M=
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCsHP52L0UObr9/psSM
-ua2cxeyl2m92YG5GgOAml76NIMUFfeFQgqGSW1slknJISZqhZANiAATyGAmuzTFp
-gM+byhv/Z9hAYdxIYLUZ+UCqC5ILK9l8HwEjzXpiUQpqVxhJ3dNrcUhOMWl8Vrlo
-7aTop8u7bPiV9HZkBxSPTwTpJqJ0RqUQd2cYKJyNKRD3f5Kyg3UZjXQ=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12383 (0x305f)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:31:47 2017 GMT
- Not After : Oct 17 09:31:47 2027 GMT
- Subject: CN=dvasary
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:e6:2e:65:84:8a:05:e7:d2:32:6b:85:20:26:cd:
- 0d:dc:a2:e6:cc:23:36:f4:33:7b:f0:6c:0d:a0:8d:
- f8:0c:13:77:57:f7:6e:02:b7:1a:35:b0:ee:31:26:
- 0d:57:31:df:11:fa:15:73:bd:d3:3e:e6:bc:97:9b:
- 5e:da:41:b0:36:a2:95:98:3b:a6:4e:f5:18:8c:9e:
- ff:26:8f:3e:00:93:b0:14:84:4d:43:f0:01:fa:95:
- 6d:32:f2:41:0e:4f:5e
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- CD:19:31:60:F7:8A:AB:3D:A9:4F:C8:83:0D:B0:5A:D0:EB:69:44:4B
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:c8:72:bd:64:1d:57:d1:87:d9:1c:ef:e9:4f:
- 7a:c9:b5:80:58:fb:ff:47:50:43:13:eb:80:4d:ab:ab:d6:9b:
- 90:65:ae:58:88:43:da:3a:56:ba:ea:24:c0:03:42:a6:b1:02:
- 30:22:fa:c5:a0:7d:b7:97:54:5a:e7:65:25:6a:02:f8:53:99:
- 08:64:5e:a9:70:27:84:b0:03:df:d1:39:c9:9a:b7:ca:be:60:
- d5:45:22:18:a7:ca:da:56:bd:15:d5:30:66
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICMF8wCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMxNDdaFw0yNzEwMTcwOTMxNDdaMBIxEDAOBgNVBAMM
-B2R2YXNhcnkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATmLmWEigXn0jJrhSAmzQ3c
-oubMIzb0M3vwbA2gjfgME3dX924Ctxo1sO4xJg1XMd8R+hVzvdM+5ryXm17aQbA2
-opWYO6ZO9RiMnv8mjz4Ak7AUhE1D8AH6lW0y8kEOT16jgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUzRkxYPeKqz2pT8iDDbBa0OtpREswRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIxAMhyvWQdV9GH2Rzv6U96ybWAWPv/R1BDE+uATaur1puQZa5Y
-iEPaOla66iTAA0KmsQIwIvrFoH23l1Ra52UlagL4U5kIZF6pcCeEsAPf0TnJmrfK
-vmDVRSIYp8raVr0V1TBm
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDARoRvzkpzAcOI8m67x
-hCTeRoMbGd40xLhjrm+wAufAwpw3qqJe/LHNP12sOuEHbGihZANiAATmLmWEigXn
-0jJrhSAmzQ3coubMIzb0M3vwbA2gjfgME3dX924Ctxo1sO4xJg1XMd8R+hVzvdM+
-5ryXm17aQbA2opWYO6ZO9RiMnv8mjz4Ak7AUhE1D8AH6lW0y8kEOT14=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13116 (0x333c)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:00 2017 GMT
- Not After : Oct 17 09:32:00 2027 GMT
- Subject: CN=fritter
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:2c:40:ec:81:89:ad:1b:ae:c8:1c:3e:5d:62:2f:
- 5e:27:33:d2:42:ba:b9:6c:38:34:ea:90:d6:dd:10:
- e6:b3:19:f5:02:4a:fe:8c:b4:77:cf:6f:c5:ab:81:
- 82:88:3c:4e:9b:82:c3:22:c2:1f:c8:c7:53:af:18:
- f9:9b:92:cf:18:51:8f:95:67:6b:04:9f:f4:95:b8:
- 8b:1a:6a:d4:4c:23:c5:33:46:20:d2:e5:15:bf:bd:
- af:1c:68:44:98:85:82
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- F6:A5:72:FC:DA:1E:8B:69:98:1A:0E:1E:21:31:3F:A3:CD:57:59:D2
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:ce:de:f9:f5:30:65:f1:0c:19:dd:a5:8d:42:
- e7:b5:5b:66:96:45:7f:d2:00:de:d2:9f:7a:7d:cc:0a:a8:6e:
- 0e:ce:f3:1a:4e:1e:33:50:48:9c:84:d4:47:47:d8:81:98:02:
- 30:0b:13:67:f6:2a:d8:0d:86:2b:15:18:e5:41:f3:dc:3b:1c:
- 15:a4:09:a6:82:03:d5:16:7e:4b:6b:0b:51:70:1a:01:92:e1:
- 4f:61:58:1b:ed:b8:d9:17:90:78:70:85:bc
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICMzwwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyMDBaFw0yNzEwMTcwOTMyMDBaMBIxEDAOBgNVBAMM
-B2ZyaXR0ZXIwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQsQOyBia0brsgcPl1iL14n
-M9JCurlsODTqkNbdEOazGfUCSv6MtHfPb8WrgYKIPE6bgsMiwh/Ix1OvGPmbks8Y
-UY+VZ2sEn/SVuIsaatRMI8UzRiDS5RW/va8caESYhYKjgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQU9qVy/Noei2mYGg4eITE/o81XWdIwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIxAM7e+fUwZfEMGd2ljULntVtmlkV/0gDe0p96fcwKqG4OzvMa
-Th4zUEichNRHR9iBmAIwCxNn9irYDYYrFRjlQfPcOxwVpAmmggPVFn5LawtRcBoB
-kuFPYVgb7bjZF5B4cIW8
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDATa0Ldyit4RAnORuqq
-C4y/tAt7nJCaZkGnOsL7NE2V2iKSNyfQ0cH3go0Rb9db/i6hZANiAAQsQOyBia0b
-rsgcPl1iL14nM9JCurlsODTqkNbdEOazGfUCSv6MtHfPb8WrgYKIPE6bgsMiwh/I
-x1OvGPmbks8YUY+VZ2sEn/SVuIsaatRMI8UzRiDS5RW/va8caESYhYI=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13057 (0x3301)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:15 2017 GMT
- Not After : Oct 17 09:32:15 2027 GMT
- Subject: CN=fschnell
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:53:8d:f8:f4:fd:5f:c9:b3:4c:57:f6:c4:93:7f:
- 94:43:31:09:62:ca:ef:5a:d8:12:54:59:58:84:21:
- aa:59:8b:5a:23:a9:b7:1b:e8:e6:e3:a6:76:14:75:
- 45:c7:d5:0c:89:5c:e7:9e:f1:56:2a:6d:25:b8:30:
- 6f:4a:dd:80:08:b0:a6:07:c8:98:d6:f3:0a:07:d9:
- 60:d0:00:58:7f:f6:a5:6b:78:53:82:44:5a:81:01:
- 54:18:6f:1b:f4:99:f9
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- C8:6F:89:82:1D:8F:8C:70:84:6F:E9:35:BD:92:9C:3E:56:DC:40:CD
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:f7:04:12:3d:b3:98:22:bc:aa:06:62:be:31:
- ac:32:26:c9:80:1b:aa:17:e0:85:82:0b:14:b8:35:09:8f:e4:
- 7c:2b:8f:82:a6:c2:08:9d:91:7a:43:19:30:a2:94:e6:2b:02:
- 31:00:fb:61:02:d5:e4:9b:a8:a3:d9:5e:e6:cf:4e:8f:5c:17:
- 4e:59:c4:20:78:bb:d6:2a:cc:8c:92:e5:78:aa:6b:2c:ce:db:
- 94:46:86:16:76:14:ac:64:41:d1:78:d2:a9:ec
------BEGIN CERTIFICATE-----
-MIIB7TCCAXKgAwIBAgICMwEwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyMTVaFw0yNzEwMTcwOTMyMTVaMBMxETAPBgNVBAMM
-CGZzY2huZWxsMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEU4349P1fybNMV/bEk3+U
-QzEJYsrvWtgSVFlYhCGqWYtaI6m3G+jm46Z2FHVFx9UMiVznnvFWKm0luDBvSt2A
-CLCmB8iY1vMKB9lg0ABYf/ala3hTgkRagQFUGG8b9Jn5o4GWMIGTMAkGA1UdEwQC
-MAAwHQYDVR0OBBYEFMhviYIdj4xwhG/pNb2SnD5W3EDNMEUGA1UdIwQ+MDyAFDT4
-XF+wT7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA
-3NUHtlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqG
-SM49BAMCA2kAMGYCMQD3BBI9s5givKoGYr4xrDImyYAbqhfghYILFLg1CY/kfCuP
-gqbCCJ2RekMZMKKU5isCMQD7YQLV5Juoo9le5s9Oj1wXTlnEIHi71irMjJLleKpr
-LM7blEaGFnYUrGRB0XjSqew=
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAxNEO7csy6z8FIuKh0
-cUYc7KxGcFNiRb1U0ArLkuTxcFCMBar/1RbshVlrM6ecWQKhZANiAARTjfj0/V/J
-s0xX9sSTf5RDMQliyu9a2BJUWViEIapZi1ojqbcb6ObjpnYUdUXH1QyJXOee8VYq
-bSW4MG9K3YAIsKYHyJjW8woH2WDQAFh/9qVreFOCRFqBAVQYbxv0mfk=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11182 (0x2bae)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:30 2017 GMT
- Not After : Oct 17 09:32:30 2027 GMT
- Subject: CN=khorvath
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ab:61:3a:de:89:4e:0e:63:ea:c8:6b:98:1a:8b:
- c4:f9:72:f4:bf:b2:0e:eb:94:ef:04:6c:a9:e4:78:
- 53:f9:a8:af:6a:14:9b:27:e9:17:45:c7:f9:9e:e4:
- d3:59:43:9c:13:c7:15:63:80:8e:aa:ac:fc:9a:55:
- 59:64:7c:62:3d:2c:50:20:97:d1:c1:1e:22:94:53:
- 74:4a:5f:30:fb:a0:3d:ba:e0:9d:2e:e2:70:af:73:
- a5:c0:32:45:77:2e:20
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 1D:C8:C2:9E:05:CF:12:BB:33:C2:D9:24:C7:ED:A4:8D:86:23:75:CF
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:98:ba:ed:a5:45:71:05:76:b6:40:76:4e:a3:
- 31:bd:38:7e:7d:0b:71:13:6f:1a:ee:58:1a:89:eb:ee:50:b2:
- 86:2b:c6:4b:dc:8b:a5:ee:4b:c7:06:c9:65:55:10:7c:95:02:
- 31:00:88:07:18:6d:65:2f:bf:79:42:d7:df:5c:88:f9:ff:81:
- 8a:3d:25:80:8b:76:33:59:a9:28:20:82:30:40:67:88:49:34:
- 51:f2:36:0a:22:49:2e:e5:d7:35:c3:4e:c8:2b
------BEGIN CERTIFICATE-----
-MIIB7TCCAXKgAwIBAgICK64wCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyMzBaFw0yNzEwMTcwOTMyMzBaMBMxETAPBgNVBAMM
-CGtob3J2YXRoMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEq2E63olODmPqyGuYGovE
-+XL0v7IO65TvBGyp5HhT+aivahSbJ+kXRcf5nuTTWUOcE8cVY4COqqz8mlVZZHxi
-PSxQIJfRwR4ilFN0Sl8w+6A9uuCdLuJwr3OlwDJFdy4go4GWMIGTMAkGA1UdEwQC
-MAAwHQYDVR0OBBYEFB3Iwp4FzxK7M8LZJMftpI2GI3XPMEUGA1UdIwQ+MDyAFDT4
-XF+wT7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA
-3NUHtlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqG
-SM49BAMCA2kAMGYCMQCYuu2lRXEFdrZAdk6jMb04fn0LcRNvGu5YGonr7lCyhivG
-S9yLpe5LxwbJZVUQfJUCMQCIBxhtZS+/eULX31yI+f+Bij0lgIt2M1mpKCCCMEBn
-iEk0UfI2CiJJLuXXNcNOyCs=
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA5CxtZG7mg0mVsbSQS
-QM45ehcXPIjeWufTSVmDFGXG3ON+mmjr/H7/N4yOY3Clj7+hZANiAASrYTreiU4O
-Y+rIa5gai8T5cvS/sg7rlO8EbKnkeFP5qK9qFJsn6RdFx/me5NNZQ5wTxxVjgI6q
-rPyaVVlkfGI9LFAgl9HBHiKUU3RKXzD7oD264J0u4nCvc6XAMkV3LiA=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12916 (0x3274)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:40 2017 GMT
- Not After : Oct 17 09:32:40 2027 GMT
- Subject: CN=kkele
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:25:3e:a3:bd:c9:27:5e:ba:c6:30:68:0f:90:17:
- 94:89:69:30:04:70:6a:ba:16:40:3d:04:08:ed:00:
- 2d:a2:c4:45:aa:db:af:85:d2:a6:40:7b:69:85:bc:
- cf:9a:41:66:0b:4d:1a:c4:82:53:b0:d1:cb:53:98:
- 39:90:11:11:5e:e7:98:a7:b3:71:31:b1:55:be:07:
- ef:ed:6a:e7:dc:e9:38:fd:03:fc:d5:52:ed:a8:da:
- de:88:22:6d:c2:80:0a
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 05:94:51:39:17:98:AD:AD:A6:A0:4D:7F:79:9C:81:1F:3C:BB:8A:88
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:6c:81:f6:f7:47:45:a0:a2:2b:20:6f:2c:22:7d:
- 40:79:45:2a:66:9e:04:5d:75:b9:d9:f9:a7:98:c8:81:c9:6e:
- bd:9c:35:e8:67:2c:9c:2f:52:62:3c:b4:5f:4a:33:68:02:30:
- 72:86:06:98:6e:ab:ff:2e:00:0d:20:1a:35:1f:86:33:ed:7c:
- 36:31:69:89:98:6e:3e:22:39:71:c3:e3:62:26:20:aa:56:77:
- 5f:1e:e3:60:45:dd:37:ca:6b:4f:f6:66
------BEGIN CERTIFICATE-----
-MIIB6DCCAW+gAwIBAgICMnQwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyNDBaFw0yNzEwMTcwOTMyNDBaMBAxDjAMBgNVBAMM
-BWtrZWxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEJT6jvcknXrrGMGgPkBeUiWkw
-BHBquhZAPQQI7QAtosRFqtuvhdKmQHtphbzPmkFmC00axIJTsNHLU5g5kBERXueY
-p7NxMbFVvgfv7Wrn3Ok4/QP81VLtqNreiCJtwoAKo4GWMIGTMAkGA1UdEwQCMAAw
-HQYDVR0OBBYEFAWUUTkXmK2tpqBNf3mcgR88u4qIMEUGA1UdIwQ+MDyAFDT4XF+w
-T7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA3NUH
-tlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49
-BAMCA2cAMGQCMGyB9vdHRaCiKyBvLCJ9QHlFKmaeBF11udn5p5jIgcluvZw16Gcs
-nC9SYjy0X0ozaAIwcoYGmG6r/y4ADSAaNR+GM+18NjFpiZhuPiI5ccPjYiYgqlZ3
-Xx7jYEXdN8prT/Zm
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDApjJ+iDz8X3qtoQVtC
-jUgcydPDcz6VjstIZ5PGAsYw1QiWbC+7OvnEy+oMETvEzxahZANiAAQlPqO9ySde
-usYwaA+QF5SJaTAEcGq6FkA9BAjtAC2ixEWq26+F0qZAe2mFvM+aQWYLTRrEglOw
-0ctTmDmQERFe55ins3ExsVW+B+/taufc6Tj9A/zVUu2o2t6IIm3CgAo=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11701 (0x2db5)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:51 2017 GMT
- Not After : Oct 17 09:32:51 2027 GMT
- Subject: CN=kschaffer
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:fc:5e:b3:e4:29:34:b3:d0:28:23:12:b9:4a:aa:
- 85:61:2a:cd:16:9b:f9:38:dc:06:32:b1:39:0f:89:
- 9f:df:aa:6e:1c:70:99:db:e9:aa:5d:21:eb:f6:6d:
- 8f:e6:6b:25:bd:f6:e6:48:2f:75:ee:16:10:a5:e5:
- 54:d7:32:7e:6e:26:1d:c2:8e:78:80:9e:69:3f:50:
- 38:36:43:36:42:95:f5:42:b3:22:2f:6c:8b:bd:ca:
- 2c:40:ea:3f:84:ce:be
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- B6:58:C0:94:45:C5:AC:E8:0A:30:D5:FA:15:AB:DC:7C:53:DC:88:06
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:95:e3:da:70:d6:17:f5:85:18:a7:2d:db:31:
- 5d:22:a2:98:9a:24:8f:15:75:a6:60:2f:5a:67:46:bc:14:cc:
- 38:d2:bc:b8:dd:f1:0d:4c:15:45:37:0f:cb:79:3e:d8:32:02:
- 31:00:95:0d:83:ef:33:b0:da:d2:bc:ba:99:27:10:c0:fc:b2:
- 9d:31:d7:e8:60:95:0a:0e:59:df:92:59:86:70:cc:7f:64:94:
- 76:df:f7:1f:b9:5c:e2:14:85:9c:61:76:b0:cb
------BEGIN CERTIFICATE-----
-MIIB7jCCAXOgAwIBAgICLbUwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyNTFaFw0yNzEwMTcwOTMyNTFaMBQxEjAQBgNVBAMM
-CWtzY2hhZmZlcjB2MBAGByqGSM49AgEGBSuBBAAiA2IABPxes+QpNLPQKCMSuUqq
-hWEqzRab+TjcBjKxOQ+Jn9+qbhxwmdvpql0h6/Ztj+ZrJb325kgvde4WEKXlVNcy
-fm4mHcKOeICeaT9QODZDNkKV9UKzIi9si73KLEDqP4TOvqOBljCBkzAJBgNVHRME
-AjAAMB0GA1UdDgQWBBS2WMCURcWs6Aow1foVq9x8U9yIBjBFBgNVHSMEPjA8gBQ0
-+FxfsE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJ
-ANzVB7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggq
-hkjOPQQDAgNpADBmAjEAlePacNYX9YUYpy3bMV0iopiaJI8VdaZgL1pnRrwUzDjS
-vLjd8Q1MFUU3D8t5PtgyAjEAlQ2D7zOw2tK8upknEMD8sp0x1+hglQoOWd+SWYZw
-zH9klHbf9x+5XOIUhZxhdrDL
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAGMS95Xt2w9eVSEIRz
-QiRQPN5zL1INxTsHy5flZSBvIe/1++f8Il+/vhSssmQeeBmhZANiAAT8XrPkKTSz
-0CgjErlKqoVhKs0Wm/k43AYysTkPiZ/fqm4ccJnb6apdIev2bY/mayW99uZIL3Xu
-FhCl5VTXMn5uJh3CjniAnmk/UDg2QzZClfVCsyIvbIu9yixA6j+Ezr4=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13129 (0x3349)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:02 2017 GMT
- Not After : Oct 17 09:33:02 2027 GMT
- Subject: CN=mszabo
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:69:c0:86:27:a1:fa:74:2a:18:21:dc:d4:d1:4b:
- b3:6e:d5:16:06:b7:50:8d:3a:5c:86:ea:b9:25:84:
- bd:4e:65:d9:7c:33:13:8e:63:64:cb:70:39:3a:ac:
- a5:d0:68:4d:f5:aa:f1:56:8c:55:11:26:d3:c3:c0:
- 4a:10:78:35:7d:ba:56:f6:9a:f5:af:3d:6b:be:ad:
- e7:e2:9c:0e:ec:42:b2:49:e3:f8:d6:36:0d:dd:56:
- fb:e3:c0:7d:34:e5:2e
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 28:55:A2:FF:1C:FC:9B:E2:22:C8:45:93:ED:DE:A6:8E:50:A6:86:0A
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:9e:5f:d5:2d:55:0f:44:fa:9f:67:9b:eb:11:
- a9:ef:a4:7e:2e:f1:c7:a4:99:11:d3:b3:05:30:bb:80:a9:0e:
- 0d:b4:57:30:a4:4b:c4:94:49:9e:f9:7a:b6:07:7a:02:02:02:
- 31:00:81:c9:96:28:0f:c6:47:84:e1:a2:86:17:a1:f3:c1:39:
- 55:ca:a9:ce:8c:fc:e9:ea:70:a9:de:be:8c:83:e5:25:1a:cf:
- 30:cb:f9:51:b5:3b:59:7d:15:df:9d:f2:2a:4f
------BEGIN CERTIFICATE-----
-MIIB6zCCAXCgAwIBAgICM0kwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzMDJaFw0yNzEwMTcwOTMzMDJaMBExDzANBgNVBAMM
-Bm1zemFibzB2MBAGByqGSM49AgEGBSuBBAAiA2IABGnAhieh+nQqGCHc1NFLs27V
-Fga3UI06XIbquSWEvU5l2XwzE45jZMtwOTqspdBoTfWq8VaMVREm08PAShB4NX26
-Vvaa9a89a76t5+KcDuxCsknj+NY2Dd1W++PAfTTlLqOBljCBkzAJBgNVHRMEAjAA
-MB0GA1UdDgQWBBQoVaL/HPyb4iLIRZPt3qaOUKaGCjBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjO
-PQQDAgNpADBmAjEAnl/VLVUPRPqfZ5vrEanvpH4u8cekmRHTswUwu4CpDg20VzCk
-S8SUSZ75erYHegICAjEAgcmWKA/GR4ThooYXofPBOVXKqc6M/OnqcKnevoyD5SUa
-zzDL+VG1O1l9Fd+d8ipP
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCDTjabyjcmnlfQF/VI
-cCppGo1RnOkZwbaw9uxuZt11AY9YidT/5HW7aKo/U8ie4cGhZANiAARpwIYnofp0
-Khgh3NTRS7Nu1RYGt1CNOlyG6rklhL1OZdl8MxOOY2TLcDk6rKXQaE31qvFWjFUR
-JtPDwEoQeDV9ulb2mvWvPWu+refinA7sQrJJ4/jWNg3dVvvjwH005S4=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11776 (0x2e00)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:17 2017 GMT
- Not After : Oct 17 09:33:17 2027 GMT
- Subject: CN=ptombor
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:b0:7a:62:43:10:8b:4b:ae:3e:13:cb:10:b3:8c:
- 85:4d:bb:74:df:61:bb:2b:0a:08:fb:15:e2:85:09:
- 05:ee:8f:f4:65:43:4b:fe:ef:3c:58:ac:06:11:e8:
- e4:d4:eb:7c:e3:dd:41:e0:24:f7:19:07:ee:48:fd:
- 69:96:74:1e:fa:f2:b9:15:41:c8:70:64:53:7d:70:
- 0a:46:f0:fe:f1:63:73:cc:bc:bc:e0:68:0d:e9:82:
- 52:f3:19:53:a4:13:cd
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 5C:60:32:8A:63:F9:49:95:B7:4E:5E:28:41:CB:E2:EB:38:47:A7:76
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:35:ab:49:b6:56:25:02:8f:d8:fe:85:29:52:dd:
- bb:ed:4f:52:83:1b:7b:09:ff:29:c3:18:84:48:04:df:34:dd:
- fd:19:a4:93:cb:29:bd:6f:e5:83:ec:d7:6a:17:99:02:02:30:
- 63:e7:11:4d:c2:f0:b7:50:50:d1:20:c1:9f:d8:27:a8:fd:dd:
- a1:57:c4:9a:cd:e4:ff:93:36:e4:32:a7:59:51:24:7b:f3:17:
- ff:49:2d:b6:82:da:a1:f9:bf:dc:35:29
------BEGIN CERTIFICATE-----
-MIIB6jCCAXGgAwIBAgICLgAwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzMTdaFw0yNzEwMTcwOTMzMTdaMBIxEDAOBgNVBAMM
-B3B0b21ib3IwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASwemJDEItLrj4TyxCzjIVN
-u3TfYbsrCgj7FeKFCQXuj/RlQ0v+7zxYrAYR6OTU63zj3UHgJPcZB+5I/WmWdB76
-8rkVQchwZFN9cApG8P7xY3PMvLzgaA3pglLzGVOkE82jgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUXGAyimP5SZW3Tl4oQcvi6zhHp3YwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDZwAwZAIwNatJtlYlAo/Y/oUpUt277U9Sgxt7Cf8pwxiESATfNN39GaST
-yym9b+WD7NdqF5kCAjBj5xFNwvC3UFDRIMGf2Ceo/d2hV8SazeT/kzbkMqdZUSR7
-8xf/SS22gtqh+b/cNSk=
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAWd4gq0fjrX6niP1sy
-BWNPL4IH/XsTCC6H7YzbUq3G6/m5B67/P6TLidyEjKAdx1WhZANiAASwemJDEItL
-rj4TyxCzjIVNu3TfYbsrCgj7FeKFCQXuj/RlQ0v+7zxYrAYR6OTU63zj3UHgJPcZ
-B+5I/WmWdB768rkVQchwZFN9cApG8P7xY3PMvLzgaA3pglLzGVOkE80=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13289 (0x33e9)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:34:00 2017 GMT
- Not After : Oct 17 09:34:00 2027 GMT
- Subject: CN=qqcs
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:9a:b6:99:d8:c9:2c:92:54:2a:9c:58:a3:1a:87:
- 7c:d3:90:4b:31:09:71:9a:65:6f:9e:04:8f:52:dc:
- 13:23:0f:d0:43:6f:6f:cd:87:1b:f6:43:e1:b8:45:
- e2:c2:21:e2:c1:ca:13:f8:5c:d4:7c:44:c4:8e:d2:
- d8:d4:c2:5e:76:89:93:1b:74:37:88:2e:c3:1e:3e:
- 80:b2:d0:2f:62:44:a6:cb:73:20:67:94:ed:b1:0a:
- 64:40:71:64:22:f8:6a
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- AA:02:0F:AC:73:99:75:38:B2:AA:0C:93:26:26:1C:16:CB:8E:0F:C6
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:21:83:0b:d3:2f:23:d3:94:5b:ec:f8:39:ab:eb:
- 8c:2b:d3:2d:d3:8c:02:91:c9:aa:27:43:94:2f:0b:4c:0a:3d:
- d3:5e:4e:f7:ce:00:a6:64:27:50:59:23:1c:ce:29:77:02:31:
- 00:cf:63:11:48:62:02:45:7c:4a:e2:b8:41:3a:28:9b:dc:24:
- c1:6e:04:19:fb:a5:0f:c0:46:85:ec:9c:c7:09:b2:c5:ca:a3:
- 2c:51:73:f1:8f:e0:83:3d:9e:61:a2:a1:30
------BEGIN CERTIFICATE-----
-MIIB6DCCAW6gAwIBAgICM+kwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTM0MDBaFw0yNzEwMTcwOTM0MDBaMA8xDTALBgNVBAMM
-BHFxY3MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASatpnYySySVCqcWKMah3zTkEsx
-CXGaZW+eBI9S3BMjD9BDb2/Nhxv2Q+G4ReLCIeLByhP4XNR8RMSO0tjUwl52iZMb
-dDeILsMePoCy0C9iRKbLcyBnlO2xCmRAcWQi+GqjgZYwgZMwCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUqgIPrHOZdTiyqgyTJiYcFsuOD8YwRQYDVR0jBD4wPIAUNPhcX7BP
-tuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc1Qe2
-VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0E
-AwIDaAAwZQIwIYML0y8j05Rb7Pg5q+uMK9Mt04wCkcmqJ0OULwtMCj3TXk73zgCm
-ZCdQWSMczil3AjEAz2MRSGICRXxK4rhBOiib3CTBbgQZ+6UPwEaF7JzHCbLFyqMs
-UXPxj+CDPZ5hoqEw
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCPSKMchbxya5tE3BvA
-aVwiGkpkGTYbBvB/2JSNYCyY9NlPJE740SiHT4k2722T6cihZANiAASatpnYySyS
-VCqcWKMah3zTkEsxCXGaZW+eBI9S3BMjD9BDb2/Nhxv2Q+G4ReLCIeLByhP4XNR8
-RMSO0tjUwl52iZMbdDeILsMePoCy0C9iRKbLcyBnlO2xCmRAcWQi+Go=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12392 (0x3068)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:27 2017 GMT
- Not After : Oct 17 09:33:27 2027 GMT
- Subject: CN=rrendek
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:93:14:3f:24:4e:45:1b:b9:99:2d:3f:dd:de:34:
- ef:fe:d2:92:04:02:a7:15:a2:13:70:63:c3:2d:7c:
- c9:4c:e1:b9:3d:16:da:4b:82:ab:f4:f8:12:fb:97:
- 67:f9:5c:ed:a8:9f:59:a6:8f:95:07:60:51:ae:d1:
- 31:a2:f3:7b:84:8e:22:12:cf:15:9d:f2:28:79:6f:
- ae:81:7a:4f:8d:17:c8:51:40:5d:00:8a:be:d7:bc:
- 89:9c:5c:6a:74:26:bd
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- DC:B3:A4:15:7A:8C:D4:35:51:97:3C:CE:EB:AE:04:F3:16:6E:06:EC
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:51:85:3f:d2:fb:cb:3c:b2:23:38:67:74:21:57:
- d1:ce:30:98:ce:74:ba:25:bc:1d:4c:78:a8:9a:b3:9d:65:e4:
- bb:f3:18:11:3d:78:3f:cb:0e:4e:84:10:d1:e3:36:fb:02:31:
- 00:ac:47:55:f0:2e:4f:8d:04:10:f0:d7:ef:e6:20:49:50:37:
- d9:8d:48:0a:4c:74:3a:ad:94:31:34:fc:b2:d8:ad:80:49:50:
- fa:a7:97:6c:9c:e2:28:2c:9e:1f:14:50:22
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICMGgwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzMjdaFw0yNzEwMTcwOTMzMjdaMBIxEDAOBgNVBAMM
-B3JyZW5kZWswdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASTFD8kTkUbuZktP93eNO/+
-0pIEAqcVohNwY8MtfMlM4bk9FtpLgqv0+BL7l2f5XO2on1mmj5UHYFGu0TGi83uE
-jiISzxWd8ih5b66Bek+NF8hRQF0Air7XvImcXGp0Jr2jgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQU3LOkFXqM1DVRlzzO664E8xZuBuwwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIwUYU/0vvLPLIjOGd0IVfRzjCYznS6JbwdTHiomrOdZeS78xgR
-PXg/yw5OhBDR4zb7AjEArEdV8C5PjQQQ8Nfv5iBJUDfZjUgKTHQ6rZQxNPyy2K2A
-SVD6p5dsnOIoLJ4fFFAi
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBtLhYsFhfQiSZ3tsoP
-Ohxtg8tjRVo5xuNdtovcs9sM6JdHVgNTppG2MHE9br37y6yhZANiAASTFD8kTkUb
-uZktP93eNO/+0pIEAqcVohNwY8MtfMlM4bk9FtpLgqv0+BL7l2f5XO2on1mmj5UH
-YFGu0TGi83uEjiISzxWd8ih5b66Bek+NF8hRQF0Air7XvImcXGp0Jr0=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12884 (0x3254)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:34:10 2017 GMT
- Not After : Oct 17 09:34:10 2027 GMT
- Subject: CN=rtoth
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:7a:7e:21:3f:34:e9:74:19:bb:bf:7e:9e:2b:c4:
- 62:fd:ad:9f:ed:82:83:00:5d:39:53:14:81:44:0f:
- 2b:bc:a8:6e:e3:10:00:fd:78:85:d2:76:12:bd:8a:
- 3d:0d:8c:45:cc:ef:d2:2e:17:b0:d6:0a:68:c9:7a:
- 12:f5:b4:df:44:11:27:da:22:4b:44:8c:4f:d9:d3:
- 7c:be:ee:76:a1:5b:4b:ae:cd:fe:40:d1:43:9a:3b:
- fd:9a:13:c6:68:b0:38
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 86:F1:74:B7:CD:8B:58:F7:D8:BD:31:75:B5:3F:EE:E1:6A:BB:99:0C
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:b9:da:3e:da:46:23:d5:66:a0:0e:c9:e1:cd:
- 09:66:11:30:47:4f:e8:d7:5e:1e:6b:7e:4a:ba:01:d9:2b:8d:
- d7:0c:9d:b1:53:a9:90:89:71:4b:18:ea:84:76:26:c1:e4:02:
- 30:76:0f:ab:a2:75:cc:8d:b0:5a:b9:b6:1a:32:50:2e:aa:d2:
- 3e:fb:be:da:35:e1:d0:17:95:49:fd:b5:63:c6:e8:b6:b9:3c:
- 53:6d:b6:4d:ad:00:27:7f:a5:60:f9:1e:db
------BEGIN CERTIFICATE-----
-MIIB6TCCAW+gAwIBAgICMlQwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTM0MTBaFw0yNzEwMTcwOTM0MTBaMBAxDjAMBgNVBAMM
-BXJ0b3RoMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEen4hPzTpdBm7v36eK8Ri/a2f
-7YKDAF05UxSBRA8rvKhu4xAA/XiF0nYSvYo9DYxFzO/SLhew1gpoyXoS9bTfRBEn
-2iJLRIxP2dN8vu52oVtLrs3+QNFDmjv9mhPGaLA4o4GWMIGTMAkGA1UdEwQCMAAw
-HQYDVR0OBBYEFIbxdLfNi1j32L0xdbU/7uFqu5kMMEUGA1UdIwQ+MDyAFDT4XF+w
-T7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA3NUH
-tlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49
-BAMCA2gAMGUCMQC52j7aRiPVZqAOyeHNCWYRMEdP6NdeHmt+SroB2SuN1wydsVOp
-kIlxSxjqhHYmweQCMHYPq6J1zI2wWrm2GjJQLqrSPvu+2jXh0BeVSf21Y8botrk8
-U222Ta0AJ3+lYPke2w==
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDYZtocWg502oc7z6yZ
-5prVXiJHzDxU5ujIdDzWicgPcPHSME2CwewAvXM07n5qXFmhZANiAAR6fiE/NOl0
-Gbu/fp4rxGL9rZ/tgoMAXTlTFIFEDyu8qG7jEAD9eIXSdhK9ij0NjEXM79IuF7DW
-CmjJehL1tN9EESfaIktEjE/Z03y+7nahW0uuzf5A0UOaO/2aE8ZosDg=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 14004 (0x36b4)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Jan 30 10:47:27 2018 GMT
- Not After : Jan 28 10:47:27 2028 GMT
- Subject: CN=zbartakovics
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:8e:37:8a:ac:33:b1:25:3b:48:63:b1:8b:49:68:
- d3:a2:56:b7:b6:6b:0e:de:ed:9f:7e:0e:c9:8c:8d:
- 1f:37:81:de:99:1c:ee:d8:74:ac:e0:73:cb:93:bd:
- c6:6f:32:a2:30:ae:d6:87:93:59:0d:b3:09:67:ba:
- fc:4b:43:54:ac:d2:86:2c:4a:08:91:08:d5:ef:17:
- 4e:b4:65:c3:69:55:3f:65:b5:18:59:31:e8:17:21:
- 04:eb:af:11:e3:b0:56
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 99:1D:BF:07:30:49:FC:A7:A7:2C:A2:3C:DD:C4:C8:4C:7A:BF:97:8E
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:15:70:82:b0:56:64:69:39:d9:05:44:4c:8a:59:
- 9f:2f:33:80:19:91:92:de:cb:8b:00:92:0c:0d:7c:0a:43:ec:
- bd:b3:dc:ca:d8:3b:ca:d1:b1:39:83:25:2f:00:0b:f8:02:31:
- 00:92:db:1d:38:d9:e2:7d:c2:43:8e:c1:7b:45:f3:e5:c0:aa:
- d2:d9:f7:be:28:d9:c1:b3:40:04:7d:6f:86:2f:ab:bb:4b:6d:
- 3e:ec:af:e2:27:b0:95:ce:2b:fc:0b:1f:b8
------BEGIN CERTIFICATE-----
-MIIB8DCCAXagAwIBAgICNrQwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xODAxMzAxMDQ3MjdaFw0yODAxMjgxMDQ3MjdaMBcxFTATBgNVBAMM
-DHpiYXJ0YWtvdmljczB2MBAGByqGSM49AgEGBSuBBAAiA2IABI43iqwzsSU7SGOx
-i0lo06JWt7ZrDt7tn34OyYyNHzeB3pkc7th0rOBzy5O9xm8yojCu1oeTWQ2zCWe6
-/EtDVKzShixKCJEI1e8XTrRlw2lVP2W1GFkx6BchBOuvEeOwVqOBljCBkzAJBgNV
-HRMEAjAAMB0GA1UdDgQWBBSZHb8HMEn8p6csojzdxMhMer+XjjBFBgNVHSMEPjA8
-gBQ0+FxfsE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBD
-QYIJANzVB7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAK
-BggqhkjOPQQDAgNoADBlAjAVcIKwVmRpOdkFREyKWZ8vM4AZkZLey4sAkgwNfApD
-7L2z3MrYO8rRsTmDJS8AC/gCMQCS2x042eJ9wkOOwXtF8+XAqtLZ974o2cGzQAR9
-b4Yvq7tLbT7sr+InsJXOK/wLH7g=
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDjqbEAqwUzgWCosiqe
-HcQFZ3ryCgJ+T91AnFv7rv/ZW6lkQ7tXJZ+F3ZHbMfEnsuShZANiAASON4qsM7El
-O0hjsYtJaNOiVre2aw7e7Z9+DsmMjR83gd6ZHO7YdKzgc8uTvcZvMqIwrtaHk1kN
-swlnuvxLQ1Ss0oYsSgiRCNXvF060ZcNpVT9ltRhZMegXIQTrrxHjsFY=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 10257 (0x2811)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:38 2017 GMT
- Not After : Oct 17 09:33:38 2027 GMT
- Subject: CN=zfelleg
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:cf:d4:8f:88:15:a2:5f:1a:5d:2d:dd:51:2b:0d:
- f1:6e:0b:4d:8b:81:67:ac:37:75:0b:1a:fa:fa:08:
- 5b:4c:4a:d1:9b:63:df:b6:df:bd:dc:14:75:47:c3:
- 77:6c:0e:f6:c1:7b:21:4b:5d:91:7e:93:7e:39:ac:
- 07:69:86:15:9f:d8:b2:85:ee:2e:24:24:b7:e1:12:
- 2a:d9:04:5b:f3:22:9e:2c:f3:3a:aa:3c:0d:de:28:
- 13:8b:7a:b6:72:62:28
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 0E:89:B8:B3:3F:79:44:1B:2D:22:D5:67:BE:BB:FB:4B:F8:52:27:4B
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:ed:61:aa:ec:d9:b6:11:19:58:65:7f:57:3c:
- 98:a8:dd:c0:db:3f:c2:43:a4:a6:21:34:98:21:f2:43:2f:81:
- c6:a2:b1:f2:c9:eb:ea:37:6a:18:f9:81:ea:33:1a:6a:d4:02:
- 30:48:a3:18:1a:4f:2e:8b:5e:67:e5:a9:f3:48:01:25:b9:73:
- 0c:48:50:9f:0a:c1:9f:45:d3:e9:70:09:bd:18:38:17:66:0b:
- f2:24:a2:77:0e:53:bf:67:be:36:9d:d7:9d
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICKBEwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzMzhaFw0yNzEwMTcwOTMzMzhaMBIxEDAOBgNVBAMM
-B3pmZWxsZWcwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATP1I+IFaJfGl0t3VErDfFu
-C02LgWesN3ULGvr6CFtMStGbY9+2373cFHVHw3dsDvbBeyFLXZF+k345rAdphhWf
-2LKF7i4kJLfhEirZBFvzIp4s8zqqPA3eKBOLerZyYiijgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUDom4sz95RBstItVnvrv7S/hSJ0swRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIxAO1hquzZthEZWGV/VzyYqN3A2z/CQ6SmITSYIfJDL4HGorHy
-yevqN2oY+YHqMxpq1AIwSKMYGk8ui15n5anzSAEluXMMSFCfCsGfRdPpcAm9GDgX
-ZgvyJKJ3DlO/Z742nded
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDlCNDXEXfkpMfZ4qrW
-tHKzpFEibWhvxc2cYDnXXb4SuZ999Xi1cZXp7McJ1lwntFWhZANiAATP1I+IFaJf
-Gl0t3VErDfFuC02LgWesN3ULGvr6CFtMStGbY9+2373cFHVHw3dsDvbBeyFLXZF+
-k345rAdphhWf2LKF7i4kJLfhEirZBFvzIp4s8zqqPA3eKBOLerZyYig=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12097 (0x2f41)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:49 2017 GMT
- Not After : Oct 17 09:33:49 2027 GMT
- Subject: CN=zsnemes
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ef:9d:6d:83:d5:6a:c2:ac:d9:a5:9f:37:e0:8f:
- cc:a1:38:66:87:b8:ed:b3:3a:3b:b3:04:de:c9:54:
- 72:4c:c5:0e:50:81:0f:9e:8c:cd:27:61:99:25:58:
- f6:b4:c8:0c:0b:2e:95:4e:a4:64:b1:25:b7:32:f5:
- 18:62:9b:3a:65:de:3c:5f:b3:c3:9d:30:34:b2:a5:
- 45:18:b8:17:a6:ef:47:29:48:56:e0:ff:93:4a:a8:
- 21:e9:1b:f4:71:63:7e
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 97:0E:42:9E:05:27:59:9E:29:8E:22:AA:1A:85:E0:F9:B8:03:DA:20
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:86:0d:4d:32:f7:5b:5f:a6:f8:36:52:7c:37:
- bd:d3:1a:39:c3:16:0b:42:2e:95:4d:ff:ed:25:05:89:03:11:
- 34:c2:30:7c:94:69:a5:90:68:15:7e:eb:1e:87:e4:c5:c1:02:
- 30:20:c1:1a:86:89:2c:b5:67:f7:1a:a5:bb:4e:8e:cd:42:78:
- 32:e7:75:b6:d0:c3:e5:61:40:48:c1:6b:20:54:42:de:ee:7a:
- aa:7e:52:d9:c6:ee:16:90:1a:8c:0a:ae:b3
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICL0EwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzNDlaFw0yNzEwMTcwOTMzNDlaMBIxEDAOBgNVBAMM
-B3pzbmVtZXMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATvnW2D1WrCrNmlnzfgj8yh
-OGaHuO2zOjuzBN7JVHJMxQ5QgQ+ejM0nYZklWPa0yAwLLpVOpGSxJbcy9Rhimzpl
-3jxfs8OdMDSypUUYuBem70cpSFbg/5NKqCHpG/RxY36jgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUlw5CngUnWZ4pjiKqGoXg+bgD2iAwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIxAIYNTTL3W1+m+DZSfDe90xo5wxYLQi6VTf/tJQWJAxE0wjB8
-lGmlkGgVfuseh+TFwQIwIMEahokstWf3GqW7To7NQngy53W20MPlYUBIwWsgVELe
-7nqqflLZxu4WkBqMCq6z
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDANt00lPuqR3fd6Ugh3
-3jI+P1HQ15Nwb3CAE04fzwAA30upq12Dao3oxs90TPen8fuhZANiAATvnW2D1WrC
-rNmlnzfgj8yhOGaHuO2zOjuzBN7JVHJMxQ5QgQ+ejM0nYZklWPa0yAwLLpVOpGSx
-Jbcy9Rhimzpl3jxfs8OdMDSypUUYuBem70cpSFbg/5NKqCHpG/RxY34=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-#!/bin/sh
-
-# Easy-RSA 3 -- A Shell-based CA Utility
-#
-# Copyright (C) 2013 by the Open-Source OpenVPN development community.
-# A full list of contributors can be found in the ChangeLog.
-#
-# This code released under version 2 of the GNU GPL; see COPYING and the
-# Licensing/ directory of this project for full licensing details.
-
-# Help/usage output to stdout
-usage() {
- # command help:
- print "
-Easy-RSA 3 usage and overview
-
-USAGE: easyrsa [options] COMMAND [command-options]
-
-A list of commands is shown below. To get detailed usage and help for a
-command, run:
- ./easyrsa help COMMAND
-
-For a listing of options that can be supplied before the command, use:
- ./easyrsa help options
-
-Here is the list of commands available with a short syntax reminder. Use the
-'help' command above to get full usage details.
-
- init-pki
- build-ca [ cmd-opts ]
- gen-dh
- gen-req <filename_base> [ cmd-opts ]
- sign-req <type> <filename_base>
- build-client-full <filename_base> [ cmd-opts ]
- build-server-full <filename_base> [ cmd-opts ]
- revoke <filename_base>
- gen-crl
- update-db
- show-req <filename_base> [ cmd-opts ]
- show-cert <filename_base> [ cmd-opts ]
- import-req <request_file_path> <short_basename>
- export-p7 <filename_base> [ cmd-opts ]
- export-p12 <filename_base> [ cmd-opts ]
- set-rsa-pass <filename_base> [ cmd-opts ]
- set-ec-pass <filename_base> [ cmd-opts ]
-"
-
- # collect/show dir status:
- local err_source="Not defined: vars autodetect failed and no value provided"
- local work_dir="${EASYRSA:-$err_source}"
- local pki_dir="${EASYRSA_PKI:-$err_source}"
- print "\
-DIRECTORY STATUS (commands would take effect on these locations)
- EASYRSA: $work_dir
- PKI: $pki_dir
-"
-} # => usage()
-
-# Detailed command help
-# When called with no args, calls usage(), otherwise shows help for a command
-cmd_help() {
- local text opts
- case "$1" in
- init-pki|clean-all) text="
- init-pki [ cmd-opts ]
- Removes & re-initializes the PKI dir for a clean PKI" ;;
- build-ca) text="
- build-ca [ cmd-opts ]
- Creates a new CA"
- opts="
- nopass - do not encrypt the CA key (default is encrypted)
- subca - create a sub-CA keypair and request (default is a root CA)" ;;
- gen-dh) text="
- gen-dh
- Generates DH (Diffie-Hellman) parameters" ;;
- gen-req) text="
- gen-req <filename_base> [ cmd-opts ]
- Generate a standalone keypair and request (CSR)
-
- This request is suitable for sending to a remote CA for signing."
- opts="
- nopass - do not encrypt the private key (default is encrypted)" ;;
- sign|sign-req) text="
- sign-req <type> <filename_base>
- Sign a certificate request of the defined type. <type> must be a known
- type such as 'client', 'server', or 'ca' (or a user-added type.)
-
- This request file must exist in the reqs/ dir and have a .req file
- extension. See import-req below for importing reqs from other sources." ;;
- build|build-client-full|build-server-full) text="
- build-client-full <filename_base> [ cmd-opts ]
- build-server-full <filename_base> [ cmd-opts ]
- Generate a keypair and sign locally for a client or server
-
- This mode uses the <filename_base> as the X509 CN."
- opts="
- nopass - do not encrypt the private key (default is encrypted)" ;;
- revoke) text="
- revoke <filename_base>
- Revoke a certificate specified by the filename_base" ;;
- gen-crl) text="
- gen-crl
- Generate a CRL" ;;
- update-db) text="
- update-db
- Update the index.txt database
-
- This command will use the system time to update the status of issued
- certificates." ;;
- show-req|show-cert) text="
- show-req <filename_base> [ cmd-opts ]
- show-cert <filename_base> [ cmd-opts ]
- Shows details of the req or cert referenced by filename_base
-
- Human-readable output is shown, including any requested cert options when
- showing a request."
- opts="
- full - show full req/cert info, including pubkey/sig data" ;;
- import-req) text="
- import-req <request_file_path> <short_basename>
- Import a certificate request from a file
-
- This will copy the specified file into the reqs/ dir in
- preparation for signing.
- The <short_basename> is the filename base to create.
-
- Example usage:
- import-req /some/where/bob_request.req bob" ;;
- export-p12) text="
- export-p12 <filename_base> [ cmd-opts ]
- Export a PKCS#12 file with the keypair specified by <filename_base>"
- opts="
- noca - do not include the ca.crt file in the PKCS12 output
- nokey - do not include the private key in the PKCS12 output" ;;
- export-p7) text="
- export-p7 <filename_base> [ cmd-opts ]
- Export a PKCS#7 file with the pubkey specified by <filename_base>"
- opts="
- noca - do not include the ca.crt file in the PKCS7 output" ;;
- set-rsa-pass|set-ec-pass) text="
- set-rsa-pass <filename_base> [ cmd-opts ]
- set-ec-pass <filename_base> [ cmd-opts ]
- Set a new passphrase on an RSA or EC key for the listed <filename_base>."
- opts="
- nopass - use no password and leave the key unencrypted
- file - (advanced) treat the file as a raw path, not a short-name" ;;
- altname|subjectaltname|san) text="
- --subject-alt-name=SAN_FORMAT_STRING
- This global option adds a subjectAltName to the request or issued
- certificate. It MUST be in a valid format accepted by openssl or
- req/cert generation will fail. Note that including multiple such names
- requires them to be comma-separated; further invocations of this
- option will REPLACE the value.
-
- Examples of the SAN_FORMAT_STRING shown below:
- DNS:alternate.example.net
- DNS:primary.example.net,DNS:alternate.example.net
- IP:203.0.113.29
- email:alternate@example.net" ;;
- options)
- opt_usage ;;
- "")
- usage ;;
- *) text="
- Unknown command: '$1' (try without commands for a list of commands)" ;;
- esac
-
- # display the help text
- print "$text"
- [ -n "$opts" ] && print "
- cmd-opts is an optional set of command options from this list:
-$opts"
-} # => cmd_help()
-
-# Options usage
-opt_usage() {
- print "
-Easy-RSA Global Option Flags
-
-The following options may be provided before the command. Options specified
-at runtime override env-vars and any 'vars' file in use. Unless noted,
-non-empty values to options are mandatory.
-
-General options:
-
---batch : set automatic (no-prompts when possible) mode
---pki-dir=DIR : declares the PKI directory
---vars=FILE : define a specific 'vars' file to use for Easy-RSA config
-
-Certificate & Request options: (these impact cert/req field values)
-
---days=# : sets the signing validity to the specified number of days
---digest=ALG : digest to use in the requests & certificates
---dn-mode=MODE : DN mode to use (cn_only or org)
---keysize=# : size in bits of keypair to generate
---req-cn=NAME : default CN to use
---subca-len=# : path length of signed sub-CA certs; must be >= 0 if used
---subject-alt-name : Add a subjectAltName. For more info and syntax, see:
- ./easyrsa help altname
---use-algo=ALG : crypto alg to use: choose rsa (default) or ec
---curve=NAME : for elliptic curve, sets the named curve to use
-
-Organizational DN options: (only used with the 'org' DN mode)
- (values may be blank for org DN options)
-
---req-c=CC : country code (2-letters)
---req-st=NAME : State/Province
---req-city=NAME : City/Locality
---req-org=NAME : Organization
---req-email=NAME : Email addresses
---req-ou=NAME : Organizational Unit
-
-Deprecated features:
-
---ns-cert=YESNO : yes or no to including deprecated NS extensions
---ns-comment=COMMENT : NS comment to include (value may be blank)
-"
-} # => opt_usage()
-
-# Wrapper around printf - clobber print since it's not POSIX anyway
-print() { printf "%s\n" "$*"; }
-
-# Exit fatally with a message to stderr
-# present even with EASYRSA_BATCH as these are fatal problems
-die() {
- print "
-Easy-RSA error:
-
-$1" 1>&2
- exit ${2:-1}
-} # => die()
-
-# non-fatal warning output
-warn() {
- [ ! $EASYRSA_BATCH ] && \
- print "
-$1" 1>&2
-} # => warn()
-
-# informational notices to stdout
-notice() {
- [ ! $EASYRSA_BATCH ] && \
- print "
-$1"
-} # => notice()
-
-# yes/no case-insensitive match (operates on stdin pipe)
-# Returns 0 when input contains yes, 1 for no, 2 for no match
-# If both strings are present, returns 1; first matching line returns.
-awk_yesno() {
- local awkscript='
-BEGIN {IGNORECASE=1; r=2}
-{ if(match($0,"no")) {r=1; exit}
- if(match($0,"yes")) {r=0; exit}
-} END {exit r}'
- awk "$awkscript"
-} # => awk_yesno()
-
-# intent confirmation helper func
-# returns without prompting in EASYRSA_BATCH
-confirm() {
- [ $EASYRSA_BATCH ] && return
- local prompt="$1" value="$2" msg="$3" input
- print "
-$msg
-
-Type the word '$value' to continue, or any other input to abort."
- printf %s " $prompt"
- read input
- [ "$input" = "$value" ] && return
- notice "Aborting without confirmation."
- exit 9
-} # => confirm()
-
-# remove temp files
-clean_temp() {
- for f in "$EASYRSA_TEMP_FILE" "$EASYRSA_TEMP_FILE_2" "$EASYRSA_TEMP_FILE_3"
- do [ -f "$f" ] && rm "$f" 2>/dev/null
- done
-} # => clean_temp()
-
-vars_source_check() {
- # Check for defined EASYRSA_PKI
- [ -n "$EASYRSA_PKI" ] || die "\
-EASYRSA_PKI env-var undefined"
-
- # Verify EASYRSA_OPENSSL command gives expected output
- if [ -z "$EASYRSA_SSL_OK" ]; then
- local val="$("$EASYRSA_OPENSSL" version)"
- case "${val%% *}" in
- OpenSSL|LibreSSL) ;;
- *) die "\
-Missing or invalid OpenSSL
-Expected to find openssl command at: $EASYRSA_OPENSSL"
- esac
- fi
- EASYRSA_SSL_OK=1
-
- # Verify EASYRSA_SSL_CONF file exists
- [ -f "$EASYRSA_SSL_CONF" ] || die "\
-The OpenSSL config file cannot be found.
-Expected location: $EASYRSA_SSL_CONF"
-} # => vars_source_check()
-
-# Verify supplied curve exists and generate curve file if needed
-verify_curve() {
- if ! "$EASYRSA_OPENSSL" ecparam -name "$EASYRSA_CURVE" > /dev/null; then
- die "\
-Curve $EASYRSA_CURVE not found. Run openssl ecparam -list_curves to show a
-list of supported curves."
- fi
-
- # Check that the ecparams dir exists
- [ -d "$EASYRSA_EC_DIR" ] || mkdir "$EASYRSA_EC_DIR" || die "\
-Failed creating ecparams dir (permissions?) at:
-$EASYRSA_EC_DIR"
-
- # Check that the required ecparams file exists
- local out="$EASYRSA_EC_DIR/${EASYRSA_CURVE}.pem"
- [ -f "$out" ] && return 0
- "$EASYRSA_OPENSSL" ecparam -name "$EASYRSA_CURVE" -out "$out" || die "\
-Failed to generate ecparam file (permissions?) when writing to:
-$out"
-
- # Explicitly return success for caller
- return 0
-}
-
-# Basic sanity-check of PKI init and complain if missing
-verify_pki_init() {
- local help_note="Run easyrsa without commands for usage and command help."
-
- # check that the pki dir exists
- vars_source_check
- [ -d "$EASYRSA_PKI" ] || die "\
-EASYRSA_PKI does not exist (perhaps you need to run init-pki)?
-Expected to find the EASYRSA_PKI at: $EASYRSA_PKI
-$help_note"
-
- # verify expected dirs present:
- for i in private reqs; do
- [ -d "$EASYRSA_PKI/$i" ] || die "\
-Missing expected directory: $i (perhaps you need to run init-pki?)
-$help_note"
- done
-} # => verify_pki_init()
-
-# Verify core CA files present
-verify_ca_init() {
- local help_note="Run without commands for usage and command help."
-
- # First check the PKI has been initialized
- verify_pki_init
-
- # verify expected files present:
- for i in serial index.txt ca.crt private/ca.key; do
- if [ ! -f "$EASYRSA_PKI/$i" ]; then
- [ "$1" = "test" ] && return 1
- die "\
-Missing expected CA file: $i (perhaps you need to run build-ca?)
-$help_note"
- fi
- done
-
- # When operating in 'test' mode, return success.
- # test callers don't care about CA-specific dir structure
- [ "$1" = "test" ] && return 0
-
- # verify expected CA-specific dirs:
- for i in issued certs_by_serial; do
- [ -d "$EASYRSA_PKI/$i" ] || die "\
-Missing expected CA dir: $i (perhaps you need to run build-ca?)
-$help_note"
- done
-
- # explicitly return success for callers
- return 0
-
-} # => verify_ca_init()
-
-# init-pki backend:
-init_pki() {
- vars_source_check
-
- # If EASYRSA_PKI exists, confirm before we rm -rf (skiped with EASYRSA_BATCH)
- if [ -e "$EASYRSA_PKI" ]; then
- confirm "Confirm removal: " "yes" "
-WARNING!!!
-
-You are about to remove the EASYRSA_PKI at: $EASYRSA_PKI
-and initialize a fresh PKI here."
- # now remove it:
- rm -rf "$EASYRSA_PKI" || die "Removal of PKI dir failed. Check/correct errors above"
- fi
-
- # new dirs:
- for i in private reqs; do
- mkdir -p "$EASYRSA_PKI/$i" || die "Failed to create PKI file structure (permissions?)"
- done
-
- notice "\
-init-pki complete; you may now create a CA or requests.
-Your newly created PKI dir is: $EASYRSA_PKI
-"
- return 0
-} # => init_pki()
-
-# build-ca backend:
-build_ca() {
- local opts= sub_ca=
- while [ -n "$1" ]; do
- case "$1" in
- nopass) opts="$opts -nodes" ;;
- subca) sub_ca=1 ;;
- *) warn "Ignoring unknown command option: '$1'" ;;
- esac
- shift
- done
-
- verify_pki_init
- [ "$EASYRSA_ALGO" = "ec" ] && verify_curve
-
- # setup for the simpler sub-CA situation and overwrite with root-CA if needed:
- local out_file="$EASYRSA_PKI/reqs/ca.req"
- local out_key="$EASYRSA_PKI/private/ca.key"
- if [ ! $sub_ca ]; then
- out_file="$EASYRSA_PKI/ca.crt"
- opts="$opts -x509 -days $EASYRSA_CA_EXPIRE"
- fi
-
- # Test for existing CA, and complain if already present
- if verify_ca_init test; then
- die "\
-Unable to create a CA as you already seem to have one set up.
-If you intended to start a new CA, run init-pki first."
- fi
- # If a private key exists here, a sub-ca was created but not signed.
- # Notify the user and require a signed ca.crt or a init-pki:
- [ -f "$out_key" ] && \
- die "\
-A CA private key exists but no ca.crt is found in your PKI dir of:
-$EASYRSA_PKI
-Refusing to create a new CA keypair as this operation would overwrite your
-current CA keypair. If you intended to start a new CA, run init-pki first."
-
- # create necessary files and dirs:
- local err_file="Unable to create necessary PKI files (permissions?)"
- for i in issued certs_by_serial; do
- mkdir -p "$EASYRSA_PKI/$i" || die "$err_file"
- done
- printf "" > "$EASYRSA_PKI/index.txt" || die "$err_file"
- print "01" > "$EASYRSA_PKI/serial" || die "$err_file"
-
- # Default CN only when not in global EASYRSA_BATCH mode:
- [ $EASYRSA_BATCH ] && opts="$opts -batch" || export EASYRSA_REQ_CN="Easy-RSA CA"
-
- out_key_tmp="$(mktemp -u "$out_key.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$out_key_tmp"
- out_file_tmp="$(mktemp -u "$out_file.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_3="$out_file_tmp"
- # create the CA keypair:
- "$EASYRSA_OPENSSL" req -utf8 -new -newkey $EASYRSA_ALGO:"$EASYRSA_ALGO_PARAMS" \
- -config "$EASYRSA_SSL_CONF" -keyout "$out_key_tmp" -out "$out_file_tmp" $opts || \
- die "Failed to build the CA"
- mv "$out_key_tmp" "$out_key"; EASYRSA_TEMP_FILE_2=
- mv "$out_file_tmp" "$out_file"; EASYRSA_TEMP_FILE_3=
-
- # Success messages
- if [ $sub_ca ]; then
- notice "\
-NOTE: Your sub-CA request is at $out_file
-and now must be sent to you parent CA for signing. Place your resulting cert
-at $EASYRSA_PKI/ca.crt prior to signing operations.
-"
- else notice "\
-CA creation complete and you may now import and sign cert requests.
-Your new CA certificate file for publishing is at:
-$out_file
-"
- fi
- return 0
-} # => build_ca()
-
-# gen-dh backend:
-gen_dh() {
- verify_pki_init
-
- local out_file="$EASYRSA_PKI/dh.pem"
- "$EASYRSA_OPENSSL" dhparam -out "$out_file" $EASYRSA_KEY_SIZE || \
- die "Failed to build DH params"
- notice "\
-DH parameters of size $EASYRSA_KEY_SIZE created at $out_file
-"
- return 0
-} # => gen_dh()
-
-# gen-req backend:
-gen_req() {
- # pull filename base and use as default interactive CommonName:
- [ -n "$1" ] || die "\
-Error: gen-req must have a file base as the first argument.
-Run easyrsa without commands for usage and commands."
- local key_out="$EASYRSA_PKI/private/$1.key"
- local req_out="$EASYRSA_PKI/reqs/$1.req"
- [ ! $EASYRSA_BATCH ] && EASYRSA_REQ_CN="$1"
- shift
-
- # function opts support
- local opts=
- while [ -n "$1" ]; do
- case "$1" in
- nopass) opts="$opts -nodes" ;;
- # batch flag supports internal callers needing silent operation
- batch) local EASYRSA_BATCH=1 ;;
- *) warn "Ignoring unknown command option: '$1'" ;;
- esac
- shift
- done
-
- verify_pki_init
- [ "$EASYRSA_ALGO" = "ec" ] && verify_curve
-
- # don't wipe out an existing private key without confirmation
- [ -f "$key_out" ] && confirm "Confirm key overwrite: " "yes" "\
-
-WARNING!!!
-
-An existing private key was found at $key_out
-Continuing with key generation will replace this key."
-
- # When EASYRSA_EXTRA_EXTS is defined, append it to openssl's [req] section:
- if [ -n "$EASYRSA_EXTRA_EXTS" ]; then
- # Setup & insert the extra ext data keyed by a magic line
- local extra_exts="
-req_extensions = req_extra
-[ req_extra ]
-$EASYRSA_EXTRA_EXTS"
- local awkscript='
-{if ( match($0, "^#%EXTRA_EXTS%") )
- { while ( getline<"/dev/stdin" ) {print} next }
- {print}
-}'
- print "$extra_exts" | \
- awk "$awkscript" "$EASYRSA_SSL_CONF" \
- > "$EASYRSA_TEMP_FILE" \
- || die "Copying SSL config to temp file failed"
- # Use this new SSL config for the rest of this function
- local EASYRSA_SSL_CONF="$EASYRSA_TEMP_FILE"
- fi
-
- key_out_tmp="$(mktemp -u "$key_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$key_out_tmp"
- req_out_tmp="$(mktemp -u "$req_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_3="$req_out_tmp"
- # generate request
- [ $EASYRSA_BATCH ] && opts="$opts -batch"
- "$EASYRSA_OPENSSL" req -utf8 -new -newkey $EASYRSA_ALGO:"$EASYRSA_ALGO_PARAMS" \
- -config "$EASYRSA_SSL_CONF" -keyout "$key_out_tmp" -out "$req_out_tmp" $opts \
- || die "Failed to generate request"
- mv "$key_out_tmp" "$key_out"; EASYRSA_TEMP_FILE_2=
- mv "$req_out_tmp" "$req_out"; EASYRSA_TEMP_FILE_3=
- notice "\
-Keypair and certificate request completed. Your files are:
-req: $req_out
-key: $key_out
-"
- return 0
-} # => gen_req()
-
-# common signing backend
-sign_req() {
- local crt_type="$1" opts=
- local req_in="$EASYRSA_PKI/reqs/$2.req"
- local crt_out="$EASYRSA_PKI/issued/$2.crt"
-
- # Support batch by internal caller:
- [ "$3" = "batch" ] && local EASYRSA_BATCH=1
-
- verify_ca_init
-
- # Check argument sanity:
- [ -n "$2" ] || die "\
-Incorrect number of arguments provided to sign-req:
-expected 2, got $# (see command help for usage)"
-
- # Cert type must exist under the EASYRSA_EXT_DIR
- [ -r "$EASYRSA_EXT_DIR/$crt_type" ] || die "\
-Unknown cert type '$crt_type'"
-
- # Request file must exist
- [ -f "$req_in" ] || die "\
-No request found for the input: '$2'
-Expected to find the request at: $req_in"
-
- # Confirm input is a cert req
- verify_file req "$req_in" || die "\
-The certificate request file is not in a valid X509 request format.
-Offending file: $req_in"
-
- # Display the request subject in an easy-to-read format
- # Confirm the user wishes to sign this request
- confirm "Confirm request details: " "yes" "
-You are about to sign the following certificate.
-Please check over the details shown below for accuracy. Note that this request
-has not been cryptographically verified. Please be sure it came from a trusted
-source or that you have verified the request checksum with the sender.
-
-Request subject, to be signed as a $crt_type certificate for $EASYRSA_CERT_EXPIRE days:
-
-$(display_dn req "$req_in")
-" # => confirm end
-
- # Generate the extensions file for this cert:
- {
- # Append first any COMMON file (if present) then the cert-type extensions
- cat "$EASYRSA_EXT_DIR/COMMON"
- cat "$EASYRSA_EXT_DIR/$crt_type"
-
- # Support a dynamic CA path length when present:
- [ "$crt_type" = "ca" ] && [ -n "$EASYRSA_SUBCA_LEN" ] && \
- print "basicConstraints = CA:TRUE, pathlen:$EASYRSA_SUBCA_LEN"
-
- # Deprecated Netscape extension support, if enabled
- if print "$EASYRSA_NS_SUPPORT" | awk_yesno; then
- [ -n "$EASYRSA_NS_COMMENT" ] && \
- print "nsComment = \"$EASYRSA_NS_COMMENT\""
- case "$crt_type" in
- server) print "nsCertType = server" ;;
- client) print "nsCertType = client" ;;
- ca) print "nsCertType = sslCA" ;;
- esac
- fi
-
- # Add any advanced extensions supplied by env-var:
- [ -n "$EASYRSA_EXTRA_EXTS" ] && print "$EASYRSA_EXTRA_EXTS"
-
- : # needed to keep die from inherting the above test
- } > "$EASYRSA_TEMP_FILE" || die "\
-Failed to create temp extension file (bad permissions?) at:
-$EASYRSA_TEMP_FILE"
-
- # sign request
- crt_out_tmp="$(mktemp -u "$crt_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$crt_out_tmp"
- "$EASYRSA_OPENSSL" ca -utf8 -in "$req_in" -out "$crt_out_tmp" -config "$EASYRSA_SSL_CONF" \
- -extfile "$EASYRSA_TEMP_FILE" -days $EASYRSA_CERT_EXPIRE -batch $opts \
- || die "signing failed (openssl output above may have more detail)"
- mv "$crt_out_tmp" "$crt_out"; EASYRSA_TEMP_FILE_2=
- notice "\
-Certificate created at: $crt_out
-"
- return 0
-} # => sign_req()
-
-# common build backend
-# used to generate+sign in 1 step
-build_full() {
- verify_ca_init
-
- # pull filename base:
- [ -n "$2" ] || die "\
-Error: didn't find a file base name as the first argument.
-Run easyrsa without commands for usage and commands."
- local crt_type="$1" name="$2"
- local req_out="$EASYRSA_PKI/reqs/$2.req"
- local key_out="$EASYRSA_PKI/private/$2.key"
- local crt_out="$EASYRSA_PKI/issued/$2.crt"
- shift 2
-
- # function opts support
- local req_opts=
- while [ -n "$1" ]; do
- case "$1" in
- nopass) req_opts="$req_opts nopass" ;;
- *) warn "Ignoring unknown command option: '$1'" ;;
- esac
- shift
- done
-
- # abort on existing req/key/crt files
- local err_exists="\
-file already exists. Aborting build to avoid overwriting this file.
-If you wish to continue, please use a different name or remove the file.
-Matching file found at: "
- [ -f "$req_out" ] && die "Request $err_exists $req_out"
- [ -f "$key_out" ] && die "Key $err_exists $key_out"
- [ -f "$crt_out" ] && die "Certificate $err_exists $crt_out"
-
- # create request
- EASYRSA_REQ_CN="$name"
- gen_req "$name" batch $req_opts
-
- # Sign it
- sign_req "$crt_type" "$name" batch
-
-} # => build_full()
-
-# revoke backend
-revoke() {
- verify_ca_init
-
- # pull filename base:
- [ -n "$1" ] || die "\
-Error: didn't find a file base name as the first argument.
-Run easyrsa without commands for usage and command help."
- local crt_in="$EASYRSA_PKI/issued/$1.crt"
-
- verify_file x509 "$crt_in" || die "\
-Unable to revoke as the input file is not a valid certificate. Unexpected
-input in file: $crt_in"
-
- # confirm operation by displaying DN:
- confirm "Continue with revocation: " "yes" "
-Please confirm you wish to revoke the certificate with the following subject:
-
-$(display_dn x509 "$crt_in")
-" # => confirm end
-
- # referenced cert must exist:
- [ -f "$crt_in" ] || die "\
-Unable to revoke as no certificate was found. Certificate was expected
-at: $crt_in"
-
- "$EASYRSA_OPENSSL" ca -utf8 -revoke "$crt_in" -config "$EASYRSA_SSL_CONF" || die "\
-Failed to revoke certificate: revocation command failed."
-
- notice "\
-IMPORTANT!!!
-
-Revocation was successful. You must run gen-crl and upload a CRL to your
-infrastructure in order to prevent the revoked cert from being accepted.
-" # => notice end
- return 0
-} #= revoke()
-
-# gen-crl backend
-gen_crl() {
- verify_ca_init
-
- local out_file="$EASYRSA_PKI/crl.pem"
- out_file_tmp="$(mktemp -u "$out_file.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$out_file_tmp"
- "$EASYRSA_OPENSSL" ca -utf8 -gencrl -out "$out_file_tmp" -config "$EASYRSA_SSL_CONF" || die "\
-CRL Generation failed.
-"
- mv "$out_file_tmp" "$out_file"; EASYRSA_TEMP_FILE_2=
-
- notice "\
-An updated CRL has been created.
-CRL file: $out_file
-"
- return 0
-} # => gen_crl()
-
-# import-req backend
-import_req() {
- verify_pki_init
-
- # pull passed paths
- local in_req="$1" short_name="$2"
- local out_req="$EASYRSA_PKI/reqs/$2.req"
-
- [ -n "$short_name" ] || die "\
-Unable to import: incorrect command syntax.
-Run easyrsa without commands for usage and command help."
-
- verify_file req "$in_req" || die "\
-The input file does not appear to be a certificate request. Aborting import.
-Offending file: $in_req"
-
- # destination must not exist
- [ -f "$out_req" ] && die "\
-Unable to import the request as the destination file already exists.
-Please choose a different name for your imported request file.
-Existing file at: $out_req"
-
- # now import it
- cp "$in_req" "$out_req"
-
- notice "\
-The request has been successfully imported with a short name of: $short_name
-You may now use this name to perform signing operations on this request.
-"
- return 0
-} # => import_req()
-
-# export pkcs#12 or pkcs#7
-export_pkcs() {
- local pkcs_type="$1"
- shift
-
- [ -n "$1" ] || die "\
-Unable to export p12: incorrect command syntax.
-Run easyrsa without commands for usage and command help."
-
- local short_name="$1"
- local crt_in="$EASYRSA_PKI/issued/$1.crt"
- local key_in="$EASYRSA_PKI/private/$1.key"
- local crt_ca="$EASYRSA_PKI/ca.crt"
- shift
-
- verify_pki_init
-
- # opts support
- local want_ca=1
- local want_key=1
- while [ -n "$1" ]; do
- case "$1" in
- noca) want_ca= ;;
- nokey) want_key= ;;
- *) warn "Ignoring unknown command option: '$1'" ;;
- esac
- shift
- done
-
- local pkcs_opts=
- if [ $want_ca ]; then
- verify_file x509 "$crt_ca" || die "\
-Unable to include CA cert in the $pkcs_type output (missing file, or use noca option.)
-Missing file expected at: $crt_ca"
- pkcs_opts="$pkcs_opts -certfile $crt_ca"
- fi
-
- # input files must exist
- verify_file x509 "$crt_in" || die "\
-Unable to export $pkcs_type for short name '$short_name' without the certificate.
-Missing cert expected at: $crt_in"
-
- case "$pkcs_type" in
- p12)
- local pkcs_out="$EASYRSA_PKI/private/$short_name.p12"
-
- if [ $want_key ]; then
- [ -f "$key_in" ] || die "\
-Unable to export p12 for short name '$short_name' without the key
-(if you want a p12 without the private key, use nokey option.)
-Missing key expected at: $key_in"
- else
- pkcs_opts="$pkcs_opts -nokeys"
- fi
-
- # export the p12:
- "$EASYRSA_OPENSSL" pkcs12 -in "$crt_in" -inkey "$key_in" -export \
- -out "$pkcs_out" $pkcs_opts || die "\
-Export of p12 failed: see above for related openssl errors."
- ;;
- p7)
- local pkcs_out="$EASYRSA_PKI/issued/$short_name.p7b"
-
- # export the p7:
- "$EASYRSA_OPENSSL" crl2pkcs7 -nocrl -certfile "$crt_in" \
- -out "$pkcs_out" $pkcs_opts || die "\
-Export of p7 failed: see above for related openssl errors."
- ;;
-esac
-
- notice "\
-Successful export of $pkcs_type file. Your exported file is at the following
-location: $pkcs_out
-"
- return 0
-} # => export_pkcs()
-
-# set-pass backend
-set_pass() {
- verify_pki_init
-
- # key type, supplied internally from frontend command call (rsa/ec)
- local key_type="$1"
-
- # values supplied by the user:
- local raw_file="$2"
- local file="$EASYRSA_PKI/private/$raw_file.key"
- [ -n "$raw_file" ] || die "\
-Missing argument to 'set-$key_type-pass' command: no name/file supplied.
-See help output for usage details."
-
- # parse command options
- shift 2
- local crypto="-aes256"
- while [ -n "$1" ]; do
- case "$1" in
- nopass) crypto= ;;
- file) file="$raw_file" ;;
- *) warn "Ignoring unknown command option: '$1'" ;;
- esac
- shift
- done
-
- [ -f "$file" ] || die "\
-Missing private key: expected to find the private key component at:
-$file"
-
- notice "\
-If the key is currently encrypted you must supply the decryption passphrase.
-${crypto:+You will then enter a new PEM passphrase for this key.$NL}"
-
- "$EASYRSA_OPENSSL" $key_type -in "$file" -out "$file" $crypto || die "\
-Failed to change the private key passphrase. See above for possible openssl
-error messages."
-
- notice "Key passphrase successfully changed"
-
-} # => set_pass()
-
-# update-db backend
-update_db() {
- verify_ca_init
-
- "$EASYRSA_OPENSSL" ca -utf8 -updatedb -config "$EASYRSA_SSL_CONF" || die "\
-Failed to perform update-db: see above for related openssl errors."
- return 0
-} # => update_db()
-
-# display cert DN info on a req/X509, passed by full pathname
-display_dn() {
- local format="$1" path="$2"
- print "$("$EASYRSA_OPENSSL" $format -in "$path" -noout -subject -nameopt multiline)"
-} # => display_dn()
-
-# verify a file seems to be a valid req/X509
-verify_file() {
- local format="$1" path="$2"
- "$EASYRSA_OPENSSL" $format -in "$path" -noout 2>/dev/null || return 1
- return 0
-} # => verify_x509()
-
-# show-* command backend
-# Prints req/cert details in a readable format
-show() {
- local type="$1" name="$2" in_file format
- [ -n "$name" ] || die "\
-Missing expected filename_base argument.
-Run easyrsa without commands for usage help."
- shift 2
-
- # opts support
- local opts="-${type}opt no_pubkey,no_sigdump"
- while [ -n "$1" ]; do
- case "$1" in
- full) opts= ;;
- *) warn "Ignoring unknown command option: '$1'" ;;
- esac
- shift
- done
-
- # Determine cert/req type
- if [ "$type" = "cert" ]; then
- verify_ca_init
- in_file="$EASYRSA_PKI/issued/${name}.crt"
- format="x509"
- else
- verify_pki_init
- in_file="$EASYRSA_PKI/reqs/${name}.req"
- format="req"
- fi
-
- # Verify file exists and is of the correct type
- [ -f "$in_file" ] || die "\
-No such $type file with a basename of '$name' is present.
-Expected to find this file at:
-$in_file"
- verify_file $format "$in_file" || die "\
-This file is not a valid $type file:
-$in_file"
-
- notice "\
-Showing $type details for '$name'.
-This file is stored at:
-$in_file
-"
- "$EASYRSA_OPENSSL" $format -in "$in_file" -noout -text\
- -nameopt multiline $opts || die "\
-OpenSSL failure to process the input"
-} # => show()
-
-# vars setup
-# Here sourcing of 'vars' if present occurs. If not present, defaults are used
-# to support running without a sourced config format
-vars_setup() {
- # Try to locate a 'vars' file in order of location preference.
- # If one is found, source it
- local vars=
-
- # set up program path
- local prog_vars="${0%/*}/vars"
-
- # command-line path:
- if [ -f "$EASYRSA_VARS_FILE" ]; then
- vars="$EASYRSA_VARS_FILE"
- # EASYRSA_PKI, if defined:
- elif [ -n "$EASYRSA_PKI" ] && [ -f "$EASYRSA_PKI/vars" ]; then
- vars="$EASYRSA_PKI/vars"
- # EASYRSA, if defined:
- elif [ -n "$EASYRSA" ] && [ -f "$EASYRSA/vars" ]; then
- vars="$EASYRSA/vars"
- # program location:
- elif [ -f "$prog_vars" ]; then
- vars="$prog_vars"
- fi
-
- # If a vars file was located, source it
- # If $EASYRSA_NO_VARS is defined (not blank) this is skipped
- if [ -z "$EASYRSA_NO_VARS" ] && [ -n "$vars" ]; then
- EASYRSA_CALLER=1 . "$vars"
- notice "\
-Note: using Easy-RSA configuration from: $vars"
- fi
-
- # Set defaults, preferring existing env-vars if present
- set_var EASYRSA "$PWD"
- set_var EASYRSA_OPENSSL openssl
- set_var EASYRSA_PKI "$EASYRSA/pki"
- set_var EASYRSA_DN cn_only
- set_var EASYRSA_REQ_COUNTRY "US"
- set_var EASYRSA_REQ_PROVINCE "California"
- set_var EASYRSA_REQ_CITY "San Francisco"
- set_var EASYRSA_REQ_ORG "Copyleft Certificate Co"
- set_var EASYRSA_REQ_EMAIL me@example.net
- set_var EASYRSA_REQ_OU "My Organizational Unit"
- set_var EASYRSA_ALGO rsa
- set_var EASYRSA_KEY_SIZE 2048
- set_var EASYRSA_CURVE secp384r1
- set_var EASYRSA_EC_DIR "$EASYRSA_PKI/ecparams"
- set_var EASYRSA_CA_EXPIRE 3650
- set_var EASYRSA_CERT_EXPIRE 3650
- set_var EASYRSA_CRL_DAYS 180
- set_var EASYRSA_NS_SUPPORT no
- set_var EASYRSA_NS_COMMENT "Easy-RSA Generated Certificate"
- set_var EASYRSA_TEMP_FILE "$EASYRSA_PKI/extensions.temp"
- set_var EASYRSA_TEMP_FILE_2 ""
- set_var EASYRSA_TEMP_FILE_3 ""
- set_var EASYRSA_REQ_CN ChangeMe
- set_var EASYRSA_DIGEST sha256
-
- # Detect openssl config, preferring EASYRSA_PKI over EASYRSA
- if [ -f "$EASYRSA_PKI/openssl-1.0.cnf" ]; then
- set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-1.0.cnf"
- else set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-1.0.cnf"
- fi
-
- # Same as above for the x509-types extensions dir
- if [ -d "$EASYRSA_PKI/x509-types" ]; then
- set_var EASYRSA_EXT_DIR "$EASYRSA_PKI/x509-types"
- else set_var EASYRSA_EXT_DIR "$EASYRSA/x509-types"
- fi
-
- # EASYRSA_ALGO_PARAMS must be set depending on selected algo
- if [ "ec" = "$EASYRSA_ALGO" ]; then
- EASYRSA_ALGO_PARAMS="$EASYRSA_EC_DIR/${EASYRSA_CURVE}.pem"
- elif [ "rsa" = "$EASYRSA_ALGO" ]; then
- EASYRSA_ALGO_PARAMS="${EASYRSA_KEY_SIZE}"
- else
- die "Alg '$EASYRSA_ALGO' is invalid: must be 'rsa' or 'ec'"
- fi
-
- # Setting OPENSSL_CONF prevents bogus warnings (especially useful on win32)
- export OPENSSL_CONF="$EASYRSA_SSL_CONF"
-} # vars_setup()
-
-# variable assignment by indirection when undefined; merely exports
-# the variable when it is already defined (even if currently null)
-# Sets $1 as the value contained in $2 and exports (may be blank)
-set_var() {
- local var=$1
- shift
- local value="$*"
- eval "export $var=\"\${$var-$value}\""
-} #=> set_var()
-
-########################################
-# Invocation entry point:
-
-NL='
-'
-
-# Be secure with a restrictive umask
-[ -z "$EASYRSA_NO_UMASK" ] && umask 077
-
-# Parse options
-while :; do
- # Separate option from value:
- opt="${1%%=*}"
- val="${1#*=}"
- empty_ok= # Empty values are not allowed unless excepted
-
- case "$opt" in
- --days)
- export EASYRSA_CERT_EXPIRE="$val"
- export EASYRSA_CA_EXPIRE="$val"
- export EASYRSA_CRL_DAYS="$val"
- ;;
- --pki-dir)
- export EASYRSA_PKI="$val" ;;
- --use-algo)
- export EASYRSA_ALGO="$val" ;;
- --keysize)
- export EASYRSA_KEY_SIZE="$val" ;;
- --curve)
- export EASYRSA_CURVE="$val" ;;
- --dn-mode)
- export EASYRSA_DN="$val" ;;
- --req-cn)
- export EASYRSA_REQ_CN="$val" ;;
- --digest)
- export EASYRSA_DIGEST="$val" ;;
- --req-c)
- empty_ok=1
- export EASYRSA_REQ_COUNTRY="$val" ;;
- --req-st)
- empty_ok=1
- export EASYRSA_REQ_PROVINCE="$val" ;;
- --req-city)
- empty_ok=1
- export EASYRSA_REQ_CITY="$val" ;;
- --req-org)
- empty_ok=1
- export EASYRSA_REQ_ORG="$val" ;;
- --req-email)
- empty_ok=1
- export EASYRSA_REQ_EMAIL="$val" ;;
- --req-ou)
- empty_ok=1
- export EASYRSA_REQ_OU="$val" ;;
- --ns-cert)
- export EASYRSA_NS_SUPPORT="$val" ;;
- --ns-comment)
- empty_ok=1
- export EASYRSA_NS_COMMENT="$val" ;;
- --batch)
- empty_ok=1
- export EASYRSA_BATCH=1 ;;
- --subca-len)
- export EASYRSA_SUBCA_LEN="$val" ;;
- --vars)
- export EASYRSA_VARS_FILE="$val" ;;
- --subject-alt-name)
- export EASYRSA_EXTRA_EXTS="\
-$EASYRSA_EXTRA_EXTS
-subjectAltName = $val" ;;
- *)
- break ;;
- esac
-
- # fatal error when no value was provided
- if [ ! $empty_ok ] && { [ "$val" = "$1" ] || [ -z "$val" ]; }; then
- die "Missing value to option: $opt"
- fi
-
- shift
-done
-
-# Intelligent env-var detection and auto-loading:
-vars_setup
-
-# Register clean_temp on EXIT
-trap "clean_temp" EXIT
-
-# determine how we were called, then hand off to the function responsible
-cmd="$1"
-[ -n "$1" ] && shift # scrape off command
-case "$cmd" in
- init-pki|clean-all)
- init_pki "$@"
- ;;
- build-ca)
- build_ca "$@"
- ;;
- gen-dh)
- gen_dh
- ;;
- gen-req)
- gen_req "$@"
- ;;
- sign|sign-req)
- sign_req "$@"
- ;;
- build-client-full)
- build_full client "$@"
- ;;
- build-server-full)
- build_full server "$@"
- ;;
- gen-crl)
- gen_crl
- ;;
- revoke)
- revoke "$@"
- ;;
- import-req)
- import_req "$@"
- ;;
- export-p12)
- export_pkcs p12 "$@"
- ;;
- export-p7)
- export_pkcs p7 "$@"
- ;;
- set-rsa-pass)
- set_pass rsa "$@"
- ;;
- set-ec-pass)
- set_pass ec "$@"
- ;;
- update-db)
- update_db
- ;;
- show-req)
- show req "$@"
- ;;
- show-cert)
- show cert "$@"
- ;;
- ""|help|-h|--help|--usage)
- cmd_help "$1"
- exit 0
- ;;
- *)
- die "Unknown command '$cmd'. Run without commands for usage help."
- ;;
-esac
-
-# vim: ft=sh nu ai sw=8 ts=8
+++ /dev/null
-# For use with Easy-RSA 3.0 and OpenSSL 1.0.*
-
-RANDFILE = $ENV::EASYRSA_PKI/.rnd
-
-####################################################################
-[ ca ]
-default_ca = CA_default # The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir = $ENV::EASYRSA_PKI # Where everything is kept
-certs = $dir # Where the issued certs are kept
-crl_dir = $dir # Where the issued crl are kept
-database = $dir/index.txt # database index file.
-new_certs_dir = $dir/certs_by_serial # default place for new certs.
-
-certificate = $dir/ca.crt # The CA certificate
-serial = $dir/serial # The current serial number
-crl = $dir/crl.pem # The current CRL
-private_key = $dir/private/ca.key # The private key
-RANDFILE = $dir/.rand # private random number file
-
-x509_extensions = basic_exts # The extentions to add to the cert
-
-# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
-# is designed for will. In return, we get the Issuer attached to CRLs.
-crl_extensions = crl_ext
-
-default_days = $ENV::EASYRSA_CERT_EXPIRE # how long to certify for
-default_crl_days= $ENV::EASYRSA_CRL_DAYS # how long before next CRL
-default_md = $ENV::EASYRSA_DIGEST # use public key default MD
-preserve = no # keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy = policy_anything
-
-# For the 'anything' policy, which defines allowed DN fields
-[ policy_anything ]
-countryName = optional
-stateOrProvinceName = optional
-localityName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-name = optional
-emailAddress = optional
-
-####################################################################
-# Easy-RSA request handling
-# We key off $DN_MODE to determine how to format the DN
-[ req ]
-default_bits = $ENV::EASYRSA_KEY_SIZE
-default_keyfile = privkey.pem
-default_md = $ENV::EASYRSA_DIGEST
-distinguished_name = $ENV::EASYRSA_DN
-x509_extensions = easyrsa_ca # The extentions to add to the self signed cert
-
-# A placeholder to handle the $EXTRA_EXTS feature:
-#%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it
-
-####################################################################
-# Easy-RSA DN (Subject) handling
-
-# Easy-RSA DN for cn_only support:
-[ cn_only ]
-commonName = Common Name (eg: your user, host, or server name)
-commonName_max = 64
-commonName_default = $ENV::EASYRSA_REQ_CN
-
-# Easy-RSA DN for org support:
-[ org ]
-countryName = Country Name (2 letter code)
-countryName_default = $ENV::EASYRSA_REQ_COUNTRY
-countryName_min = 2
-countryName_max = 2
-
-stateOrProvinceName = State or Province Name (full name)
-stateOrProvinceName_default = $ENV::EASYRSA_REQ_PROVINCE
-
-localityName = Locality Name (eg, city)
-localityName_default = $ENV::EASYRSA_REQ_CITY
-
-0.organizationName = Organization Name (eg, company)
-0.organizationName_default = $ENV::EASYRSA_REQ_ORG
-
-organizationalUnitName = Organizational Unit Name (eg, section)
-organizationalUnitName_default = $ENV::EASYRSA_REQ_OU
-
-commonName = Common Name (eg: your user, host, or server name)
-commonName_max = 64
-commonName_default = $ENV::EASYRSA_REQ_CN
-
-emailAddress = Email Address
-emailAddress_default = $ENV::EASYRSA_REQ_EMAIL
-emailAddress_max = 64
-
-####################################################################
-# Easy-RSA cert extension handling
-
-# This section is effectively unused as the main script sets extensions
-# dynamically. This core section is left to support the odd usecase where
-# a user calls openssl directly.
-[ basic_exts ]
-basicConstraints = CA:FALSE
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid,issuer:always
-
-# The Easy-RSA CA extensions
-[ easyrsa_ca ]
-
-# PKIX recommendations:
-
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This could be marked critical, but it's nice to support reading by any
-# broken clients who attempt to do so.
-basicConstraints = CA:true
-
-# Limit key usage to CA tasks. If you really want to use the generated pair as
-# a self-signed cert, comment this out.
-keyUsage = cRLSign, keyCertSign
-
-# nsCertType omitted by default. Let's try to let the deprecated stuff die.
-# nsCertType = sslCA
-
-# CRL extensions.
-[ crl_ext ]
-
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
-
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIJANzVB7ZWgM/zMAoGCCqGSM49BAMCMBUxEzARBgNVBAMM
-Ck9wZW5WUE4gQ0EwHhcNMTcxMDE5MDkyNjQ5WhcNMjcxMDE3MDkyNjQ5WjAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEZlRYMkM/
-C1BWwdhulSHhjowAkCXaAN8OUprngryT/qA/0Am+LYQmWdwNdef4ElhSTW4xaKQZ
-q4d36p1ygnf3lEKRQSkg2u/5mrTCBw1DEZOgg8CS1z4wTlttYqlido0Jo4GEMIGB
-MB0GA1UdDgQWBBQ0+FxfsE+24u9DitmrWHTQVshLzzBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqGSM49BAMCA2gA
-MGUCMQCzheSmsBg4AbeGKqnuJ9P/uvgQOZcsgxls63EDhpirHcL/eJFGwpF2xj1p
-9AnWZfwCMGO/71WFApKPRJo6rFfpbqt3UG/ht2TKE59f2kXNlhW2DS0Vg4FnFRVa
-+ARBv6orZw==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 1 (0x1)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:26:59 2017 GMT
- Not After : Oct 17 09:26:59 2027 GMT
- Subject: CN=server
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:f3:0e:85:4d:7a:51:75:26:35:e7:56:09:01:4f:
- a7:b4:75:c7:98:55:a7:ca:21:88:bf:0d:7a:29:c0:
- ed:f8:e5:fa:bb:4b:f7:73:63:9c:b5:37:bc:b6:b3:
- 24:3c:46:73:d0:46:4f:25:7c:b6:98:2f:03:85:b0:
- 13:11:6f:c1:0a:a4:ce:d1:70:1f:f4:60:fc:cc:29:
- 25:c0:b9:22:61:58:22:d6:3f:d2:f6:67:9f:06:ec:
- da:9f:b3:ca:1f:da:9d
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 1C:77:A0:CE:67:4B:FE:FC:6F:51:C0:C1:5D:E3:94:FD:26:CE:63:3E
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Server Authentication
- X509v3 Key Usage:
- Digital Signature, Key Encipherment
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:88:ec:52:55:18:34:d6:8c:e4:d2:26:c1:ec:
- ac:8a:09:74:7f:3b:0f:ae:28:30:de:04:2b:5c:5a:25:8a:f9:
- 6a:49:e8:a9:aa:1d:a3:86:17:f7:46:9f:3c:d0:fb:0b:98:02:
- 30:4e:a5:cf:fc:18:9e:89:c3:b3:48:3c:20:b4:2c:d8:8b:f7:
- 10:0f:80:e8:d9:40:ab:a4:3b:87:e3:57:a2:e5:15:2f:1a:10:
- c6:7a:e1:2b:c9:9c:20:49:a8:20:94:6b:d8
------BEGIN CERTIFICATE-----
-MIIB6TCCAW+gAwIBAgIBATAKBggqhkjOPQQDAjAVMRMwEQYDVQQDDApPcGVuVlBO
-IENBMB4XDTE3MTAxOTA5MjY1OVoXDTI3MTAxNzA5MjY1OVowETEPMA0GA1UEAwwG
-c2VydmVyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8w6FTXpRdSY151YJAU+ntHXH
-mFWnyiGIvw16KcDt+OX6u0v3c2OctTe8trMkPEZz0EZPJXy2mC8DhbATEW/BCqTO
-0XAf9GD8zCklwLkiYVgi1j/S9mefBuzan7PKH9qdo4GWMIGTMAkGA1UdEwQCMAAw
-HQYDVR0OBBYEFBx3oM5nS/78b1HAwV3jlP0mzmM+MEUGA1UdIwQ+MDyAFDT4XF+w
-T7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA3NUH
-tlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYDVR0PBAQDAgWgMAoGCCqGSM49
-BAMCA2gAMGUCMQCI7FJVGDTWjOTSJsHsrIoJdH87D64oMN4EK1xaJYr5aknoqaod
-o4YX90afPND7C5gCME6lz/wYnonDs0g8ILQs2Iv3EA+A6NlAq6Q7h+NXouUVLxoQ
-xnrhK8mcIEmoIJRr2A==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 10257 (0x2811)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:38 2017 GMT
- Not After : Oct 17 09:33:38 2027 GMT
- Subject: CN=zfelleg
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:cf:d4:8f:88:15:a2:5f:1a:5d:2d:dd:51:2b:0d:
- f1:6e:0b:4d:8b:81:67:ac:37:75:0b:1a:fa:fa:08:
- 5b:4c:4a:d1:9b:63:df:b6:df:bd:dc:14:75:47:c3:
- 77:6c:0e:f6:c1:7b:21:4b:5d:91:7e:93:7e:39:ac:
- 07:69:86:15:9f:d8:b2:85:ee:2e:24:24:b7:e1:12:
- 2a:d9:04:5b:f3:22:9e:2c:f3:3a:aa:3c:0d:de:28:
- 13:8b:7a:b6:72:62:28
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 0E:89:B8:B3:3F:79:44:1B:2D:22:D5:67:BE:BB:FB:4B:F8:52:27:4B
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:ed:61:aa:ec:d9:b6:11:19:58:65:7f:57:3c:
- 98:a8:dd:c0:db:3f:c2:43:a4:a6:21:34:98:21:f2:43:2f:81:
- c6:a2:b1:f2:c9:eb:ea:37:6a:18:f9:81:ea:33:1a:6a:d4:02:
- 30:48:a3:18:1a:4f:2e:8b:5e:67:e5:a9:f3:48:01:25:b9:73:
- 0c:48:50:9f:0a:c1:9f:45:d3:e9:70:09:bd:18:38:17:66:0b:
- f2:24:a2:77:0e:53:bf:67:be:36:9d:d7:9d
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICKBEwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzMzhaFw0yNzEwMTcwOTMzMzhaMBIxEDAOBgNVBAMM
-B3pmZWxsZWcwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATP1I+IFaJfGl0t3VErDfFu
-C02LgWesN3ULGvr6CFtMStGbY9+2373cFHVHw3dsDvbBeyFLXZF+k345rAdphhWf
-2LKF7i4kJLfhEirZBFvzIp4s8zqqPA3eKBOLerZyYiijgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUDom4sz95RBstItVnvrv7S/hSJ0swRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIxAO1hquzZthEZWGV/VzyYqN3A2z/CQ6SmITSYIfJDL4HGorHy
-yevqN2oY+YHqMxpq1AIwSKMYGk8ui15n5anzSAEluXMMSFCfCsGfRdPpcAm9GDgX
-ZgvyJKJ3DlO/Z742nded
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 10946 (0x2ac2)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: May 8 11:24:40 2018 GMT
- Not After : May 5 11:24:40 2028 GMT
- Subject: CN=cslevai
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:a1:0f:74:b8:b8:de:43:c0:f5:a6:5c:24:49:fb:
- 38:bc:80:d7:b7:af:a3:be:8d:f6:08:87:0b:13:8b:
- 2f:c0:1c:d6:1a:27:78:26:d5:3b:0f:01:f3:8b:a0:
- 3f:a0:dc:b5:2a:88:8d:7d:31:b2:98:ab:71:43:8c:
- d3:d7:c2:84:a4:db:e8:40:e6:83:d8:6f:7d:8c:c5:
- cf:87:5d:bc:6e:b2:6e:5a:07:64:cb:a6:57:e0:05:
- 78:35:ae:71:da:5e:b7
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- C0:FE:8D:CF:21:47:D9:22:05:1A:A9:0F:5C:9A:0C:DF:78:13:21:6A
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:31:1e:7f:c1:2c:49:3e:d4:d9:d4:c0:3e:ad:f7:
- 54:40:d9:f7:e5:1e:34:16:ef:52:35:51:92:d0:f1:9f:07:b0:
- d8:aa:1d:75:4c:73:27:a5:e7:7e:7c:fa:11:40:d2:55:02:31:
- 00:95:9a:5e:2d:20:ab:c6:93:30:7f:2a:91:e8:46:34:aa:90:
- 4f:3e:b0:63:c0:e1:01:36:23:61:03:20:01:51:ba:fc:3d:29:
- 74:50:0b:e0:5e:20:8a:33:58:f4:db:24:21
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICKsIwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xODA1MDgxMTI0NDBaFw0yODA1MDUxMTI0NDBaMBIxEDAOBgNVBAMM
-B2NzbGV2YWkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAShD3S4uN5DwPWmXCRJ+zi8
-gNe3r6O+jfYIhwsTiy/AHNYaJ3gm1TsPAfOLoD+g3LUqiI19MbKYq3FDjNPXwoSk
-2+hA5oPYb32Mxc+HXbxusm5aB2TLplfgBXg1rnHaXrejgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUwP6NzyFH2SIFGqkPXJoM33gTIWowRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIwMR5/wSxJPtTZ1MA+rfdUQNn35R40Fu9SNVGS0PGfB7DYqh11
-THMnped+fPoRQNJVAjEAlZpeLSCrxpMwfyqR6EY0qpBPPrBjwOEBNiNhAyABUbr8
-PSl0UAvgXiCKM1j02yQh
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11036 (0x2b1c)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:31:11 2017 GMT
- Not After : Oct 17 09:31:11 2027 GMT
- Subject: CN=akosztolanyi
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:8f:3c:74:2e:5d:d7:90:ac:5c:2f:e8:fe:f3:8a:
- 8d:6b:6b:96:98:a7:63:e3:03:42:4c:2b:49:22:a8:
- 07:c2:ac:06:89:a8:80:04:26:5e:68:79:a8:b9:84:
- 79:3e:da:98:56:15:36:f2:7c:09:f8:41:78:5c:8e:
- 2c:de:1b:18:8a:49:4c:8f:fe:ed:95:8f:0f:cb:5b:
- e2:64:b1:63:ef:3d:d1:95:49:f1:4e:73:47:a7:11:
- 94:1c:36:da:e6:55:cf
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- B1:A3:E4:CB:16:E0:E1:12:E2:70:12:2B:8F:DA:D8:99:D6:63:A4:FC
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:b7:e6:6c:6c:e6:75:bd:45:00:d2:29:3e:55:
- 07:c4:33:b8:50:77:09:1b:d2:9b:1d:4d:48:ed:74:a3:2d:c0:
- 99:0a:06:7a:08:b6:c7:41:e0:58:a9:2c:3c:6e:3f:62:a3:02:
- 31:00:a9:80:0c:db:0c:c4:7c:79:44:ec:09:a5:2d:02:ef:31:
- a7:84:0b:c2:7e:a6:0b:0c:c1:e3:84:d5:35:7f:1d:ac:21:7f:
- f0:83:a7:2b:db:d8:06:61:f2:86:ee:1b:6f:1f
------BEGIN CERTIFICATE-----
-MIIB8TCCAXagAwIBAgICKxwwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMxMTFaFw0yNzEwMTcwOTMxMTFaMBcxFTATBgNVBAMM
-DGFrb3N6dG9sYW55aTB2MBAGByqGSM49AgEGBSuBBAAiA2IABI88dC5d15CsXC/o
-/vOKjWtrlpinY+MDQkwrSSKoB8KsBomogAQmXmh5qLmEeT7amFYVNvJ8CfhBeFyO
-LN4bGIpJTI/+7ZWPD8tb4mSxY+890ZVJ8U5zR6cRlBw22uZVz6OBljCBkzAJBgNV
-HRMEAjAAMB0GA1UdDgQWBBSxo+TLFuDhEuJwEiuP2tiZ1mOk/DBFBgNVHSMEPjA8
-gBQ0+FxfsE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBD
-QYIJANzVB7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAK
-BggqhkjOPQQDAgNpADBmAjEAt+ZsbOZ1vUUA0ik+VQfEM7hQdwkb0psdTUjtdKMt
-wJkKBnoItsdB4FipLDxuP2KjAjEAqYAM2wzEfHlE7AmlLQLvMaeEC8J+pgsMweOE
-1TV/Hawhf/CDpyvb2AZh8obuG28f
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11182 (0x2bae)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:30 2017 GMT
- Not After : Oct 17 09:32:30 2027 GMT
- Subject: CN=khorvath
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ab:61:3a:de:89:4e:0e:63:ea:c8:6b:98:1a:8b:
- c4:f9:72:f4:bf:b2:0e:eb:94:ef:04:6c:a9:e4:78:
- 53:f9:a8:af:6a:14:9b:27:e9:17:45:c7:f9:9e:e4:
- d3:59:43:9c:13:c7:15:63:80:8e:aa:ac:fc:9a:55:
- 59:64:7c:62:3d:2c:50:20:97:d1:c1:1e:22:94:53:
- 74:4a:5f:30:fb:a0:3d:ba:e0:9d:2e:e2:70:af:73:
- a5:c0:32:45:77:2e:20
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 1D:C8:C2:9E:05:CF:12:BB:33:C2:D9:24:C7:ED:A4:8D:86:23:75:CF
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:98:ba:ed:a5:45:71:05:76:b6:40:76:4e:a3:
- 31:bd:38:7e:7d:0b:71:13:6f:1a:ee:58:1a:89:eb:ee:50:b2:
- 86:2b:c6:4b:dc:8b:a5:ee:4b:c7:06:c9:65:55:10:7c:95:02:
- 31:00:88:07:18:6d:65:2f:bf:79:42:d7:df:5c:88:f9:ff:81:
- 8a:3d:25:80:8b:76:33:59:a9:28:20:82:30:40:67:88:49:34:
- 51:f2:36:0a:22:49:2e:e5:d7:35:c3:4e:c8:2b
------BEGIN CERTIFICATE-----
-MIIB7TCCAXKgAwIBAgICK64wCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyMzBaFw0yNzEwMTcwOTMyMzBaMBMxETAPBgNVBAMM
-CGtob3J2YXRoMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEq2E63olODmPqyGuYGovE
-+XL0v7IO65TvBGyp5HhT+aivahSbJ+kXRcf5nuTTWUOcE8cVY4COqqz8mlVZZHxi
-PSxQIJfRwR4ilFN0Sl8w+6A9uuCdLuJwr3OlwDJFdy4go4GWMIGTMAkGA1UdEwQC
-MAAwHQYDVR0OBBYEFB3Iwp4FzxK7M8LZJMftpI2GI3XPMEUGA1UdIwQ+MDyAFDT4
-XF+wT7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA
-3NUHtlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqG
-SM49BAMCA2kAMGYCMQCYuu2lRXEFdrZAdk6jMb04fn0LcRNvGu5YGonr7lCyhivG
-S9yLpe5LxwbJZVUQfJUCMQCIBxhtZS+/eULX31yI+f+Bij0lgIt2M1mpKCCCMEBn
-iEk0UfI2CiJJLuXXNcNOyCs=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11427 (0x2ca3)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:31:22 2017 GMT
- Not After : Oct 17 09:31:22 2027 GMT
- Subject: CN=azsamboki
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:37:66:66:c1:b8:90:03:80:8d:75:22:db:61:2e:
- 72:0e:78:04:91:9d:da:99:39:1d:89:0b:0e:34:90:
- 06:0d:3d:8c:25:2f:fc:56:75:bc:85:ab:24:54:14:
- f4:27:39:49:10:11:80:4a:07:7b:72:ed:79:8d:95:
- 34:e3:07:13:3b:da:51:eb:8a:b5:77:b6:71:e4:97:
- e6:05:4f:27:3e:0a:c1:f6:1f:ff:bf:a4:5e:43:ca:
- bc:42:fd:3f:49:c3:5b
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- DE:CA:E6:F5:11:A9:62:D9:9C:93:4A:B3:2B:A4:9B:31:B1:1E:66:61
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:cb:c2:a4:ad:cd:f0:de:75:3b:7e:bb:c8:c1:
- 45:2a:bf:01:8e:83:b7:7b:15:98:7d:21:2c:86:83:bb:2d:21:
- f6:be:b8:0d:fb:91:d2:57:fb:21:e4:6c:4f:90:b8:29:eb:02:
- 31:00:f2:98:41:ca:42:df:94:78:e5:c7:9e:93:fc:e4:f2:5f:
- cc:5d:5d:e9:f8:97:84:1a:78:15:90:04:06:99:77:9b:dd:3c:
- 3a:93:55:d0:2b:f6:59:80:ae:c7:1d:85:32:61
------BEGIN CERTIFICATE-----
-MIIB7jCCAXOgAwIBAgICLKMwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMxMjJaFw0yNzEwMTcwOTMxMjJaMBQxEjAQBgNVBAMM
-CWF6c2FtYm9raTB2MBAGByqGSM49AgEGBSuBBAAiA2IABDdmZsG4kAOAjXUi22Eu
-cg54BJGd2pk5HYkLDjSQBg09jCUv/FZ1vIWrJFQU9Cc5SRARgEoHe3LteY2VNOMH
-EzvaUeuKtXe2ceSX5gVPJz4KwfYf/7+kXkPKvEL9P0nDW6OBljCBkzAJBgNVHRME
-AjAAMB0GA1UdDgQWBBTeyub1Eali2ZyTSrMrpJsxsR5mYTBFBgNVHSMEPjA8gBQ0
-+FxfsE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJ
-ANzVB7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggq
-hkjOPQQDAgNpADBmAjEAy8Kkrc3w3nU7frvIwUUqvwGOg7d7FZh9ISyGg7stIfa+
-uA37kdJX+yHkbE+QuCnrAjEA8phBykLflHjlx56T/OTyX8xdXen4l4QaeBWQBAaZ
-d5vdPDqTVdAr9lmArscdhTJh
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11701 (0x2db5)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:51 2017 GMT
- Not After : Oct 17 09:32:51 2027 GMT
- Subject: CN=kschaffer
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:fc:5e:b3:e4:29:34:b3:d0:28:23:12:b9:4a:aa:
- 85:61:2a:cd:16:9b:f9:38:dc:06:32:b1:39:0f:89:
- 9f:df:aa:6e:1c:70:99:db:e9:aa:5d:21:eb:f6:6d:
- 8f:e6:6b:25:bd:f6:e6:48:2f:75:ee:16:10:a5:e5:
- 54:d7:32:7e:6e:26:1d:c2:8e:78:80:9e:69:3f:50:
- 38:36:43:36:42:95:f5:42:b3:22:2f:6c:8b:bd:ca:
- 2c:40:ea:3f:84:ce:be
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- B6:58:C0:94:45:C5:AC:E8:0A:30:D5:FA:15:AB:DC:7C:53:DC:88:06
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:95:e3:da:70:d6:17:f5:85:18:a7:2d:db:31:
- 5d:22:a2:98:9a:24:8f:15:75:a6:60:2f:5a:67:46:bc:14:cc:
- 38:d2:bc:b8:dd:f1:0d:4c:15:45:37:0f:cb:79:3e:d8:32:02:
- 31:00:95:0d:83:ef:33:b0:da:d2:bc:ba:99:27:10:c0:fc:b2:
- 9d:31:d7:e8:60:95:0a:0e:59:df:92:59:86:70:cc:7f:64:94:
- 76:df:f7:1f:b9:5c:e2:14:85:9c:61:76:b0:cb
------BEGIN CERTIFICATE-----
-MIIB7jCCAXOgAwIBAgICLbUwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyNTFaFw0yNzEwMTcwOTMyNTFaMBQxEjAQBgNVBAMM
-CWtzY2hhZmZlcjB2MBAGByqGSM49AgEGBSuBBAAiA2IABPxes+QpNLPQKCMSuUqq
-hWEqzRab+TjcBjKxOQ+Jn9+qbhxwmdvpql0h6/Ztj+ZrJb325kgvde4WEKXlVNcy
-fm4mHcKOeICeaT9QODZDNkKV9UKzIi9si73KLEDqP4TOvqOBljCBkzAJBgNVHRME
-AjAAMB0GA1UdDgQWBBS2WMCURcWs6Aow1foVq9x8U9yIBjBFBgNVHSMEPjA8gBQ0
-+FxfsE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJ
-ANzVB7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggq
-hkjOPQQDAgNpADBmAjEAlePacNYX9YUYpy3bMV0iopiaJI8VdaZgL1pnRrwUzDjS
-vLjd8Q1MFUU3D8t5PtgyAjEAlQ2D7zOw2tK8upknEMD8sp0x1+hglQoOWd+SWYZw
-zH9klHbf9x+5XOIUhZxhdrDL
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11776 (0x2e00)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:17 2017 GMT
- Not After : Oct 17 09:33:17 2027 GMT
- Subject: CN=ptombor
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:b0:7a:62:43:10:8b:4b:ae:3e:13:cb:10:b3:8c:
- 85:4d:bb:74:df:61:bb:2b:0a:08:fb:15:e2:85:09:
- 05:ee:8f:f4:65:43:4b:fe:ef:3c:58:ac:06:11:e8:
- e4:d4:eb:7c:e3:dd:41:e0:24:f7:19:07:ee:48:fd:
- 69:96:74:1e:fa:f2:b9:15:41:c8:70:64:53:7d:70:
- 0a:46:f0:fe:f1:63:73:cc:bc:bc:e0:68:0d:e9:82:
- 52:f3:19:53:a4:13:cd
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 5C:60:32:8A:63:F9:49:95:B7:4E:5E:28:41:CB:E2:EB:38:47:A7:76
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:35:ab:49:b6:56:25:02:8f:d8:fe:85:29:52:dd:
- bb:ed:4f:52:83:1b:7b:09:ff:29:c3:18:84:48:04:df:34:dd:
- fd:19:a4:93:cb:29:bd:6f:e5:83:ec:d7:6a:17:99:02:02:30:
- 63:e7:11:4d:c2:f0:b7:50:50:d1:20:c1:9f:d8:27:a8:fd:dd:
- a1:57:c4:9a:cd:e4:ff:93:36:e4:32:a7:59:51:24:7b:f3:17:
- ff:49:2d:b6:82:da:a1:f9:bf:dc:35:29
------BEGIN CERTIFICATE-----
-MIIB6jCCAXGgAwIBAgICLgAwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzMTdaFw0yNzEwMTcwOTMzMTdaMBIxEDAOBgNVBAMM
-B3B0b21ib3IwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASwemJDEItLrj4TyxCzjIVN
-u3TfYbsrCgj7FeKFCQXuj/RlQ0v+7zxYrAYR6OTU63zj3UHgJPcZB+5I/WmWdB76
-8rkVQchwZFN9cApG8P7xY3PMvLzgaA3pglLzGVOkE82jgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUXGAyimP5SZW3Tl4oQcvi6zhHp3YwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDZwAwZAIwNatJtlYlAo/Y/oUpUt277U9Sgxt7Cf8pwxiESATfNN39GaST
-yym9b+WD7NdqF5kCAjBj5xFNwvC3UFDRIMGf2Ceo/d2hV8SazeT/kzbkMqdZUSR7
-8xf/SS22gtqh+b/cNSk=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12010 (0x2eea)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:30:53 2017 GMT
- Not After : Oct 17 09:30:53 2027 GMT
- Subject: CN=acsiba
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:da:c2:53:06:83:f7:48:e5:6a:f8:89:fc:d5:bd:
- db:d0:b9:7c:e0:d9:83:2c:63:7b:d2:5f:81:a7:81:
- fc:c8:3d:ff:33:a8:48:f0:aa:7b:07:68:1b:aa:01:
- 70:5e:d8:d1:18:a6:12:c9:65:42:2a:43:bc:37:19:
- 41:57:a2:bc:e5:fb:9b:4a:0b:88:47:50:e2:ad:3e:
- 79:22:54:c0:e9:ac:2a:2f:e7:ed:0d:a0:c1:38:86:
- 9e:45:ec:14:12:a3:73
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 15:17:AB:54:ED:F7:6C:D1:1E:AD:12:A6:20:4F:04:78:22:83:6C:A0
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:a9:f0:bc:0c:01:70:39:9f:99:f1:c9:ce:5f:
- d0:f2:b3:66:64:38:7e:9b:36:51:1c:5e:69:6f:7a:4b:bd:32:
- 0f:50:7a:c9:8a:dc:f5:18:a3:f3:69:02:20:c2:3c:f1:95:02:
- 30:78:72:d5:53:c2:2e:b2:5c:91:a7:a6:78:b4:3f:0f:2e:3e:
- 22:20:22:3f:b2:67:96:e8:79:89:f0:b0:a8:bb:1d:d6:70:f1:
- c9:1b:22:31:e3:40:36:6e:40:da:7d:64:d7
------BEGIN CERTIFICATE-----
-MIIB6jCCAXCgAwIBAgICLuowCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMwNTNaFw0yNzEwMTcwOTMwNTNaMBExDzANBgNVBAMM
-BmFjc2liYTB2MBAGByqGSM49AgEGBSuBBAAiA2IABNrCUwaD90jlaviJ/NW929C5
-fODZgyxje9JfgaeB/Mg9/zOoSPCqewdoG6oBcF7Y0RimEsllQipDvDcZQVeivOX7
-m0oLiEdQ4q0+eSJUwOmsKi/n7Q2gwTiGnkXsFBKjc6OBljCBkzAJBgNVHRMEAjAA
-MB0GA1UdDgQWBBQVF6tU7fds0R6tEqYgTwR4IoNsoDBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjO
-PQQDAgNoADBlAjEAqfC8DAFwOZ+Z8cnOX9Dys2ZkOH6bNlEcXmlveku9Mg9QesmK
-3PUYo/NpAiDCPPGVAjB4ctVTwi6yXJGnpni0Pw8uPiIgIj+yZ5boeYnwsKi7HdZw
-8ckbIjHjQDZuQNp9ZNc=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12097 (0x2f41)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:49 2017 GMT
- Not After : Oct 17 09:33:49 2027 GMT
- Subject: CN=zsnemes
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ef:9d:6d:83:d5:6a:c2:ac:d9:a5:9f:37:e0:8f:
- cc:a1:38:66:87:b8:ed:b3:3a:3b:b3:04:de:c9:54:
- 72:4c:c5:0e:50:81:0f:9e:8c:cd:27:61:99:25:58:
- f6:b4:c8:0c:0b:2e:95:4e:a4:64:b1:25:b7:32:f5:
- 18:62:9b:3a:65:de:3c:5f:b3:c3:9d:30:34:b2:a5:
- 45:18:b8:17:a6:ef:47:29:48:56:e0:ff:93:4a:a8:
- 21:e9:1b:f4:71:63:7e
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 97:0E:42:9E:05:27:59:9E:29:8E:22:AA:1A:85:E0:F9:B8:03:DA:20
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:86:0d:4d:32:f7:5b:5f:a6:f8:36:52:7c:37:
- bd:d3:1a:39:c3:16:0b:42:2e:95:4d:ff:ed:25:05:89:03:11:
- 34:c2:30:7c:94:69:a5:90:68:15:7e:eb:1e:87:e4:c5:c1:02:
- 30:20:c1:1a:86:89:2c:b5:67:f7:1a:a5:bb:4e:8e:cd:42:78:
- 32:e7:75:b6:d0:c3:e5:61:40:48:c1:6b:20:54:42:de:ee:7a:
- aa:7e:52:d9:c6:ee:16:90:1a:8c:0a:ae:b3
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICL0EwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzNDlaFw0yNzEwMTcwOTMzNDlaMBIxEDAOBgNVBAMM
-B3pzbmVtZXMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATvnW2D1WrCrNmlnzfgj8yh
-OGaHuO2zOjuzBN7JVHJMxQ5QgQ+ejM0nYZklWPa0yAwLLpVOpGSxJbcy9Rhimzpl
-3jxfs8OdMDSypUUYuBem70cpSFbg/5NKqCHpG/RxY36jgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUlw5CngUnWZ4pjiKqGoXg+bgD2iAwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIxAIYNTTL3W1+m+DZSfDe90xo5wxYLQi6VTf/tJQWJAxE0wjB8
-lGmlkGgVfuseh+TFwQIwIMEahokstWf3GqW7To7NQngy53W20MPlYUBIwWsgVELe
-7nqqflLZxu4WkBqMCq6z
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12239 (0x2fcf)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:31:36 2017 GMT
- Not After : Oct 17 09:31:36 2027 GMT
- Subject: CN=csgulyas
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:f2:18:09:ae:cd:31:69:80:cf:9b:ca:1b:ff:67:
- d8:40:61:dc:48:60:b5:19:f9:40:aa:0b:92:0b:2b:
- d9:7c:1f:01:23:cd:7a:62:51:0a:6a:57:18:49:dd:
- d3:6b:71:48:4e:31:69:7c:56:b9:68:ed:a4:e8:a7:
- cb:bb:6c:f8:95:f4:76:64:07:14:8f:4f:04:e9:26:
- a2:74:46:a5:10:77:67:18:28:9c:8d:29:10:f7:7f:
- 92:b2:83:75:19:8d:74
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 23:BC:13:C4:79:E6:B1:98:F7:D3:0D:AB:BB:B2:7F:C6:08:19:D5:15
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:d9:f1:2c:76:09:e3:5b:ed:20:3a:a7:47:48:
- b8:55:d1:eb:37:51:3a:9f:33:48:03:c3:ec:82:9b:72:d5:94:
- 24:58:7d:55:34:69:68:86:f4:57:85:1b:91:a5:57:c1:fb:02:
- 31:00:f3:8f:50:60:25:14:b9:48:73:a8:d0:a0:ee:b1:a4:f9:
- a3:6f:a8:29:d1:8c:fe:d0:be:7d:2f:67:e7:9d:02:85:ac:54:
- d4:da:0f:68:85:53:04:7a:9c:14:28:91:7b:c3
------BEGIN CERTIFICATE-----
-MIIB7TCCAXKgAwIBAgICL88wCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMxMzZaFw0yNzEwMTcwOTMxMzZaMBMxETAPBgNVBAMM
-CGNzZ3VseWFzMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8hgJrs0xaYDPm8ob/2fY
-QGHcSGC1GflAqguSCyvZfB8BI816YlEKalcYSd3Ta3FITjFpfFa5aO2k6KfLu2z4
-lfR2ZAcUj08E6SaidEalEHdnGCicjSkQ93+SsoN1GY10o4GWMIGTMAkGA1UdEwQC
-MAAwHQYDVR0OBBYEFCO8E8R55rGY99MNq7uyf8YIGdUVMEUGA1UdIwQ+MDyAFDT4
-XF+wT7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA
-3NUHtlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqG
-SM49BAMCA2kAMGYCMQDZ8Sx2CeNb7SA6p0dIuFXR6zdROp8zSAPD7IKbctWUJFh9
-VTRpaIb0V4UbkaVXwfsCMQDzj1BgJRS5SHOo0KDusaT5o2+oKdGM/tC+fS9n550C
-haxU1NoPaIVTBHqcFCiRe8M=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12383 (0x305f)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:31:47 2017 GMT
- Not After : Oct 17 09:31:47 2027 GMT
- Subject: CN=dvasary
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:e6:2e:65:84:8a:05:e7:d2:32:6b:85:20:26:cd:
- 0d:dc:a2:e6:cc:23:36:f4:33:7b:f0:6c:0d:a0:8d:
- f8:0c:13:77:57:f7:6e:02:b7:1a:35:b0:ee:31:26:
- 0d:57:31:df:11:fa:15:73:bd:d3:3e:e6:bc:97:9b:
- 5e:da:41:b0:36:a2:95:98:3b:a6:4e:f5:18:8c:9e:
- ff:26:8f:3e:00:93:b0:14:84:4d:43:f0:01:fa:95:
- 6d:32:f2:41:0e:4f:5e
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- CD:19:31:60:F7:8A:AB:3D:A9:4F:C8:83:0D:B0:5A:D0:EB:69:44:4B
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:c8:72:bd:64:1d:57:d1:87:d9:1c:ef:e9:4f:
- 7a:c9:b5:80:58:fb:ff:47:50:43:13:eb:80:4d:ab:ab:d6:9b:
- 90:65:ae:58:88:43:da:3a:56:ba:ea:24:c0:03:42:a6:b1:02:
- 30:22:fa:c5:a0:7d:b7:97:54:5a:e7:65:25:6a:02:f8:53:99:
- 08:64:5e:a9:70:27:84:b0:03:df:d1:39:c9:9a:b7:ca:be:60:
- d5:45:22:18:a7:ca:da:56:bd:15:d5:30:66
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICMF8wCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMxNDdaFw0yNzEwMTcwOTMxNDdaMBIxEDAOBgNVBAMM
-B2R2YXNhcnkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATmLmWEigXn0jJrhSAmzQ3c
-oubMIzb0M3vwbA2gjfgME3dX924Ctxo1sO4xJg1XMd8R+hVzvdM+5ryXm17aQbA2
-opWYO6ZO9RiMnv8mjz4Ak7AUhE1D8AH6lW0y8kEOT16jgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUzRkxYPeKqz2pT8iDDbBa0OtpREswRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIxAMhyvWQdV9GH2Rzv6U96ybWAWPv/R1BDE+uATaur1puQZa5Y
-iEPaOla66iTAA0KmsQIwIvrFoH23l1Ra52UlagL4U5kIZF6pcCeEsAPf0TnJmrfK
-vmDVRSIYp8raVr0V1TBm
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12392 (0x3068)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:27 2017 GMT
- Not After : Oct 17 09:33:27 2027 GMT
- Subject: CN=rrendek
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:93:14:3f:24:4e:45:1b:b9:99:2d:3f:dd:de:34:
- ef:fe:d2:92:04:02:a7:15:a2:13:70:63:c3:2d:7c:
- c9:4c:e1:b9:3d:16:da:4b:82:ab:f4:f8:12:fb:97:
- 67:f9:5c:ed:a8:9f:59:a6:8f:95:07:60:51:ae:d1:
- 31:a2:f3:7b:84:8e:22:12:cf:15:9d:f2:28:79:6f:
- ae:81:7a:4f:8d:17:c8:51:40:5d:00:8a:be:d7:bc:
- 89:9c:5c:6a:74:26:bd
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- DC:B3:A4:15:7A:8C:D4:35:51:97:3C:CE:EB:AE:04:F3:16:6E:06:EC
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:51:85:3f:d2:fb:cb:3c:b2:23:38:67:74:21:57:
- d1:ce:30:98:ce:74:ba:25:bc:1d:4c:78:a8:9a:b3:9d:65:e4:
- bb:f3:18:11:3d:78:3f:cb:0e:4e:84:10:d1:e3:36:fb:02:31:
- 00:ac:47:55:f0:2e:4f:8d:04:10:f0:d7:ef:e6:20:49:50:37:
- d9:8d:48:0a:4c:74:3a:ad:94:31:34:fc:b2:d8:ad:80:49:50:
- fa:a7:97:6c:9c:e2:28:2c:9e:1f:14:50:22
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICMGgwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzMjdaFw0yNzEwMTcwOTMzMjdaMBIxEDAOBgNVBAMM
-B3JyZW5kZWswdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASTFD8kTkUbuZktP93eNO/+
-0pIEAqcVohNwY8MtfMlM4bk9FtpLgqv0+BL7l2f5XO2on1mmj5UHYFGu0TGi83uE
-jiISzxWd8ih5b66Bek+NF8hRQF0Air7XvImcXGp0Jr2jgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQU3LOkFXqM1DVRlzzO664E8xZuBuwwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIwUYU/0vvLPLIjOGd0IVfRzjCYznS6JbwdTHiomrOdZeS78xgR
-PXg/yw5OhBDR4zb7AjEArEdV8C5PjQQQ8Nfv5iBJUDfZjUgKTHQ6rZQxNPyy2K2A
-SVD6p5dsnOIoLJ4fFFAi
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12782 (0x31ee)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:30:45 2017 GMT
- Not After : Oct 17 09:30:45 2027 GMT
- Subject: CN=aborza
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ca:81:c1:4a:ea:59:0a:e6:b5:34:90:78:60:ae:
- 9a:b9:5c:d8:52:3e:ec:8f:30:00:96:c0:6b:5e:17:
- 60:ab:72:09:73:e3:3e:31:5b:f7:fe:ed:31:48:94:
- 6f:e9:a0:4a:70:76:55:5b:41:07:ea:af:e2:8a:b1:
- 5f:5c:95:e4:f4:b4:60:1d:91:c8:0f:fb:57:f6:53:
- 79:07:3a:2e:c9:6f:96:6a:7d:1e:1c:f6:74:19:76:
- 8c:bb:c1:dd:dd:ff:6d
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 8D:C0:A1:00:5B:E9:79:9B:65:3D:0B:DA:CD:18:C0:80:D7:11:49:7A
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:70:1e:e8:7c:51:73:46:96:78:64:df:35:e8:90:
- 28:60:66:c3:a1:9c:ce:46:c6:09:95:c3:99:80:ce:70:84:10:
- 2f:a2:8b:ad:53:8f:0e:67:ad:05:88:71:4b:dc:a4:4a:02:31:
- 00:83:2b:87:a9:6e:6e:14:49:ff:53:61:8c:6b:8a:f3:cf:b4:
- 4a:b7:ec:19:e3:05:bd:4f:43:49:bb:cb:df:aa:ba:27:e7:5e:
- 07:4a:f8:32:c6:f0:f1:22:31:a0:7f:f8:22
------BEGIN CERTIFICATE-----
-MIIB6jCCAXCgAwIBAgICMe4wCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMwNDVaFw0yNzEwMTcwOTMwNDVaMBExDzANBgNVBAMM
-BmFib3J6YTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMqBwUrqWQrmtTSQeGCumrlc
-2FI+7I8wAJbAa14XYKtyCXPjPjFb9/7tMUiUb+mgSnB2VVtBB+qv4oqxX1yV5PS0
-YB2RyA/7V/ZTeQc6Lslvlmp9Hhz2dBl2jLvB3d3/baOBljCBkzAJBgNVHRMEAjAA
-MB0GA1UdDgQWBBSNwKEAW+l5m2U9C9rNGMCA1xFJejBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjO
-PQQDAgNoADBlAjBwHuh8UXNGlnhk3zXokChgZsOhnM5GxgmVw5mAznCEEC+ii61T
-jw5nrQWIcUvcpEoCMQCDK4epbm4USf9TYYxrivPPtEq37BnjBb1PQ0m7y9+quifn
-XgdK+DLG8PEiMaB/+CI=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12884 (0x3254)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:34:10 2017 GMT
- Not After : Oct 17 09:34:10 2027 GMT
- Subject: CN=rtoth
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:7a:7e:21:3f:34:e9:74:19:bb:bf:7e:9e:2b:c4:
- 62:fd:ad:9f:ed:82:83:00:5d:39:53:14:81:44:0f:
- 2b:bc:a8:6e:e3:10:00:fd:78:85:d2:76:12:bd:8a:
- 3d:0d:8c:45:cc:ef:d2:2e:17:b0:d6:0a:68:c9:7a:
- 12:f5:b4:df:44:11:27:da:22:4b:44:8c:4f:d9:d3:
- 7c:be:ee:76:a1:5b:4b:ae:cd:fe:40:d1:43:9a:3b:
- fd:9a:13:c6:68:b0:38
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 86:F1:74:B7:CD:8B:58:F7:D8:BD:31:75:B5:3F:EE:E1:6A:BB:99:0C
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:b9:da:3e:da:46:23:d5:66:a0:0e:c9:e1:cd:
- 09:66:11:30:47:4f:e8:d7:5e:1e:6b:7e:4a:ba:01:d9:2b:8d:
- d7:0c:9d:b1:53:a9:90:89:71:4b:18:ea:84:76:26:c1:e4:02:
- 30:76:0f:ab:a2:75:cc:8d:b0:5a:b9:b6:1a:32:50:2e:aa:d2:
- 3e:fb:be:da:35:e1:d0:17:95:49:fd:b5:63:c6:e8:b6:b9:3c:
- 53:6d:b6:4d:ad:00:27:7f:a5:60:f9:1e:db
------BEGIN CERTIFICATE-----
-MIIB6TCCAW+gAwIBAgICMlQwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTM0MTBaFw0yNzEwMTcwOTM0MTBaMBAxDjAMBgNVBAMM
-BXJ0b3RoMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEen4hPzTpdBm7v36eK8Ri/a2f
-7YKDAF05UxSBRA8rvKhu4xAA/XiF0nYSvYo9DYxFzO/SLhew1gpoyXoS9bTfRBEn
-2iJLRIxP2dN8vu52oVtLrs3+QNFDmjv9mhPGaLA4o4GWMIGTMAkGA1UdEwQCMAAw
-HQYDVR0OBBYEFIbxdLfNi1j32L0xdbU/7uFqu5kMMEUGA1UdIwQ+MDyAFDT4XF+w
-T7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA3NUH
-tlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49
-BAMCA2gAMGUCMQC52j7aRiPVZqAOyeHNCWYRMEdP6NdeHmt+SroB2SuN1wydsVOp
-kIlxSxjqhHYmweQCMHYPq6J1zI2wWrm2GjJQLqrSPvu+2jXh0BeVSf21Y8botrk8
-U222Ta0AJ3+lYPke2w==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12916 (0x3274)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:40 2017 GMT
- Not After : Oct 17 09:32:40 2027 GMT
- Subject: CN=kkele
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:25:3e:a3:bd:c9:27:5e:ba:c6:30:68:0f:90:17:
- 94:89:69:30:04:70:6a:ba:16:40:3d:04:08:ed:00:
- 2d:a2:c4:45:aa:db:af:85:d2:a6:40:7b:69:85:bc:
- cf:9a:41:66:0b:4d:1a:c4:82:53:b0:d1:cb:53:98:
- 39:90:11:11:5e:e7:98:a7:b3:71:31:b1:55:be:07:
- ef:ed:6a:e7:dc:e9:38:fd:03:fc:d5:52:ed:a8:da:
- de:88:22:6d:c2:80:0a
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 05:94:51:39:17:98:AD:AD:A6:A0:4D:7F:79:9C:81:1F:3C:BB:8A:88
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:6c:81:f6:f7:47:45:a0:a2:2b:20:6f:2c:22:7d:
- 40:79:45:2a:66:9e:04:5d:75:b9:d9:f9:a7:98:c8:81:c9:6e:
- bd:9c:35:e8:67:2c:9c:2f:52:62:3c:b4:5f:4a:33:68:02:30:
- 72:86:06:98:6e:ab:ff:2e:00:0d:20:1a:35:1f:86:33:ed:7c:
- 36:31:69:89:98:6e:3e:22:39:71:c3:e3:62:26:20:aa:56:77:
- 5f:1e:e3:60:45:dd:37:ca:6b:4f:f6:66
------BEGIN CERTIFICATE-----
-MIIB6DCCAW+gAwIBAgICMnQwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyNDBaFw0yNzEwMTcwOTMyNDBaMBAxDjAMBgNVBAMM
-BWtrZWxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEJT6jvcknXrrGMGgPkBeUiWkw
-BHBquhZAPQQI7QAtosRFqtuvhdKmQHtphbzPmkFmC00axIJTsNHLU5g5kBERXueY
-p7NxMbFVvgfv7Wrn3Ok4/QP81VLtqNreiCJtwoAKo4GWMIGTMAkGA1UdEwQCMAAw
-HQYDVR0OBBYEFAWUUTkXmK2tpqBNf3mcgR88u4qIMEUGA1UdIwQ+MDyAFDT4XF+w
-T7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA3NUH
-tlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49
-BAMCA2cAMGQCMGyB9vdHRaCiKyBvLCJ9QHlFKmaeBF11udn5p5jIgcluvZw16Gcs
-nC9SYjy0X0ozaAIwcoYGmG6r/y4ADSAaNR+GM+18NjFpiZhuPiI5ccPjYiYgqlZ3
-Xx7jYEXdN8prT/Zm
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13057 (0x3301)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:15 2017 GMT
- Not After : Oct 17 09:32:15 2027 GMT
- Subject: CN=fschnell
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:53:8d:f8:f4:fd:5f:c9:b3:4c:57:f6:c4:93:7f:
- 94:43:31:09:62:ca:ef:5a:d8:12:54:59:58:84:21:
- aa:59:8b:5a:23:a9:b7:1b:e8:e6:e3:a6:76:14:75:
- 45:c7:d5:0c:89:5c:e7:9e:f1:56:2a:6d:25:b8:30:
- 6f:4a:dd:80:08:b0:a6:07:c8:98:d6:f3:0a:07:d9:
- 60:d0:00:58:7f:f6:a5:6b:78:53:82:44:5a:81:01:
- 54:18:6f:1b:f4:99:f9
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- C8:6F:89:82:1D:8F:8C:70:84:6F:E9:35:BD:92:9C:3E:56:DC:40:CD
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:f7:04:12:3d:b3:98:22:bc:aa:06:62:be:31:
- ac:32:26:c9:80:1b:aa:17:e0:85:82:0b:14:b8:35:09:8f:e4:
- 7c:2b:8f:82:a6:c2:08:9d:91:7a:43:19:30:a2:94:e6:2b:02:
- 31:00:fb:61:02:d5:e4:9b:a8:a3:d9:5e:e6:cf:4e:8f:5c:17:
- 4e:59:c4:20:78:bb:d6:2a:cc:8c:92:e5:78:aa:6b:2c:ce:db:
- 94:46:86:16:76:14:ac:64:41:d1:78:d2:a9:ec
------BEGIN CERTIFICATE-----
-MIIB7TCCAXKgAwIBAgICMwEwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyMTVaFw0yNzEwMTcwOTMyMTVaMBMxETAPBgNVBAMM
-CGZzY2huZWxsMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEU4349P1fybNMV/bEk3+U
-QzEJYsrvWtgSVFlYhCGqWYtaI6m3G+jm46Z2FHVFx9UMiVznnvFWKm0luDBvSt2A
-CLCmB8iY1vMKB9lg0ABYf/ala3hTgkRagQFUGG8b9Jn5o4GWMIGTMAkGA1UdEwQC
-MAAwHQYDVR0OBBYEFMhviYIdj4xwhG/pNb2SnD5W3EDNMEUGA1UdIwQ+MDyAFDT4
-XF+wT7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA
-3NUHtlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqG
-SM49BAMCA2kAMGYCMQD3BBI9s5givKoGYr4xrDImyYAbqhfghYILFLg1CY/kfCuP
-gqbCCJ2RekMZMKKU5isCMQD7YQLV5Juoo9le5s9Oj1wXTlnEIHi71irMjJLleKpr
-LM7blEaGFnYUrGRB0XjSqew=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13116 (0x333c)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:00 2017 GMT
- Not After : Oct 17 09:32:00 2027 GMT
- Subject: CN=fritter
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:2c:40:ec:81:89:ad:1b:ae:c8:1c:3e:5d:62:2f:
- 5e:27:33:d2:42:ba:b9:6c:38:34:ea:90:d6:dd:10:
- e6:b3:19:f5:02:4a:fe:8c:b4:77:cf:6f:c5:ab:81:
- 82:88:3c:4e:9b:82:c3:22:c2:1f:c8:c7:53:af:18:
- f9:9b:92:cf:18:51:8f:95:67:6b:04:9f:f4:95:b8:
- 8b:1a:6a:d4:4c:23:c5:33:46:20:d2:e5:15:bf:bd:
- af:1c:68:44:98:85:82
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- F6:A5:72:FC:DA:1E:8B:69:98:1A:0E:1E:21:31:3F:A3:CD:57:59:D2
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:ce:de:f9:f5:30:65:f1:0c:19:dd:a5:8d:42:
- e7:b5:5b:66:96:45:7f:d2:00:de:d2:9f:7a:7d:cc:0a:a8:6e:
- 0e:ce:f3:1a:4e:1e:33:50:48:9c:84:d4:47:47:d8:81:98:02:
- 30:0b:13:67:f6:2a:d8:0d:86:2b:15:18:e5:41:f3:dc:3b:1c:
- 15:a4:09:a6:82:03:d5:16:7e:4b:6b:0b:51:70:1a:01:92:e1:
- 4f:61:58:1b:ed:b8:d9:17:90:78:70:85:bc
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICMzwwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyMDBaFw0yNzEwMTcwOTMyMDBaMBIxEDAOBgNVBAMM
-B2ZyaXR0ZXIwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQsQOyBia0brsgcPl1iL14n
-M9JCurlsODTqkNbdEOazGfUCSv6MtHfPb8WrgYKIPE6bgsMiwh/Ix1OvGPmbks8Y
-UY+VZ2sEn/SVuIsaatRMI8UzRiDS5RW/va8caESYhYKjgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQU9qVy/Noei2mYGg4eITE/o81XWdIwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIxAM7e+fUwZfEMGd2ljULntVtmlkV/0gDe0p96fcwKqG4OzvMa
-Th4zUEichNRHR9iBmAIwCxNn9irYDYYrFRjlQfPcOxwVpAmmggPVFn5LawtRcBoB
-kuFPYVgb7bjZF5B4cIW8
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13129 (0x3349)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:02 2017 GMT
- Not After : Oct 17 09:33:02 2027 GMT
- Subject: CN=mszabo
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:69:c0:86:27:a1:fa:74:2a:18:21:dc:d4:d1:4b:
- b3:6e:d5:16:06:b7:50:8d:3a:5c:86:ea:b9:25:84:
- bd:4e:65:d9:7c:33:13:8e:63:64:cb:70:39:3a:ac:
- a5:d0:68:4d:f5:aa:f1:56:8c:55:11:26:d3:c3:c0:
- 4a:10:78:35:7d:ba:56:f6:9a:f5:af:3d:6b:be:ad:
- e7:e2:9c:0e:ec:42:b2:49:e3:f8:d6:36:0d:dd:56:
- fb:e3:c0:7d:34:e5:2e
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 28:55:A2:FF:1C:FC:9B:E2:22:C8:45:93:ED:DE:A6:8E:50:A6:86:0A
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:9e:5f:d5:2d:55:0f:44:fa:9f:67:9b:eb:11:
- a9:ef:a4:7e:2e:f1:c7:a4:99:11:d3:b3:05:30:bb:80:a9:0e:
- 0d:b4:57:30:a4:4b:c4:94:49:9e:f9:7a:b6:07:7a:02:02:02:
- 31:00:81:c9:96:28:0f:c6:47:84:e1:a2:86:17:a1:f3:c1:39:
- 55:ca:a9:ce:8c:fc:e9:ea:70:a9:de:be:8c:83:e5:25:1a:cf:
- 30:cb:f9:51:b5:3b:59:7d:15:df:9d:f2:2a:4f
------BEGIN CERTIFICATE-----
-MIIB6zCCAXCgAwIBAgICM0kwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzMDJaFw0yNzEwMTcwOTMzMDJaMBExDzANBgNVBAMM
-Bm1zemFibzB2MBAGByqGSM49AgEGBSuBBAAiA2IABGnAhieh+nQqGCHc1NFLs27V
-Fga3UI06XIbquSWEvU5l2XwzE45jZMtwOTqspdBoTfWq8VaMVREm08PAShB4NX26
-Vvaa9a89a76t5+KcDuxCsknj+NY2Dd1W++PAfTTlLqOBljCBkzAJBgNVHRMEAjAA
-MB0GA1UdDgQWBBQoVaL/HPyb4iLIRZPt3qaOUKaGCjBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjO
-PQQDAgNpADBmAjEAnl/VLVUPRPqfZ5vrEanvpH4u8cekmRHTswUwu4CpDg20VzCk
-S8SUSZ75erYHegICAjEAgcmWKA/GR4ThooYXofPBOVXKqc6M/OnqcKnevoyD5SUa
-zzDL+VG1O1l9Fd+d8ipP
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13172 (0x3374)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: May 8 11:24:56 2018 GMT
- Not After : May 5 11:24:56 2028 GMT
- Subject: CN=ifabian
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:21:0d:77:39:b7:b1:43:2d:e9:a2:e9:a9:3b:88:
- cd:93:d5:05:4d:b5:58:04:1f:43:76:1b:93:1e:c3:
- d2:d8:15:37:df:3f:d4:75:c7:81:cc:78:f8:63:84:
- 8d:49:0d:49:b2:71:5e:b3:73:0b:ab:0c:5b:ff:9a:
- 68:39:1b:6a:c2:8e:b0:0f:bc:cd:69:93:79:73:f2:
- c3:b9:04:66:87:20:90:1c:4b:c7:c4:e9:77:86:a6:
- a5:8f:59:a0:6d:03:4b
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 47:CB:B8:DB:88:B9:FB:59:61:4B:66:B6:03:EB:5F:A5:30:2F:64:AC
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:2c:e5:1b:07:5f:bd:0b:75:e1:cb:fa:7c:30:1b:
- 09:31:ae:9d:83:1b:ec:23:04:96:67:14:7b:8c:3a:64:02:10:
- 0f:e6:f2:35:f9:44:2f:b4:7f:8f:ee:c9:dd:7c:4d:29:02:31:
- 00:e2:34:be:b9:77:34:3b:0e:89:c7:00:5b:2d:c3:36:fc:86:
- c6:8b:d8:10:64:28:d5:7c:84:f2:0a:b2:67:ad:7b:1e:8c:c6:
- 46:80:18:89:f1:16:d2:fb:61:53:2d:6f:61
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICM3QwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xODA1MDgxMTI0NTZaFw0yODA1MDUxMTI0NTZaMBIxEDAOBgNVBAMM
-B2lmYWJpYW4wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQhDXc5t7FDLemi6ak7iM2T
-1QVNtVgEH0N2G5Mew9LYFTffP9R1x4HMePhjhI1JDUmycV6zcwurDFv/mmg5G2rC
-jrAPvM1pk3lz8sO5BGaHIJAcS8fE6XeGpqWPWaBtA0ujgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUR8u424i5+1lhS2a2A+tfpTAvZKwwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIwLOUbB1+9C3Xhy/p8MBsJMa6dgxvsIwSWZxR7jDpkAhAP5vI1
-+UQvtH+P7sndfE0pAjEA4jS+uXc0Ow6JxwBbLcM2/IbGi9gQZCjVfITyCrJnrXse
-jMZGgBiJ8RbS+2FTLW9h
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13289 (0x33e9)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:34:00 2017 GMT
- Not After : Oct 17 09:34:00 2027 GMT
- Subject: CN=qqcs
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:9a:b6:99:d8:c9:2c:92:54:2a:9c:58:a3:1a:87:
- 7c:d3:90:4b:31:09:71:9a:65:6f:9e:04:8f:52:dc:
- 13:23:0f:d0:43:6f:6f:cd:87:1b:f6:43:e1:b8:45:
- e2:c2:21:e2:c1:ca:13:f8:5c:d4:7c:44:c4:8e:d2:
- d8:d4:c2:5e:76:89:93:1b:74:37:88:2e:c3:1e:3e:
- 80:b2:d0:2f:62:44:a6:cb:73:20:67:94:ed:b1:0a:
- 64:40:71:64:22:f8:6a
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- AA:02:0F:AC:73:99:75:38:B2:AA:0C:93:26:26:1C:16:CB:8E:0F:C6
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:21:83:0b:d3:2f:23:d3:94:5b:ec:f8:39:ab:eb:
- 8c:2b:d3:2d:d3:8c:02:91:c9:aa:27:43:94:2f:0b:4c:0a:3d:
- d3:5e:4e:f7:ce:00:a6:64:27:50:59:23:1c:ce:29:77:02:31:
- 00:cf:63:11:48:62:02:45:7c:4a:e2:b8:41:3a:28:9b:dc:24:
- c1:6e:04:19:fb:a5:0f:c0:46:85:ec:9c:c7:09:b2:c5:ca:a3:
- 2c:51:73:f1:8f:e0:83:3d:9e:61:a2:a1:30
------BEGIN CERTIFICATE-----
-MIIB6DCCAW6gAwIBAgICM+kwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTM0MDBaFw0yNzEwMTcwOTM0MDBaMA8xDTALBgNVBAMM
-BHFxY3MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASatpnYySySVCqcWKMah3zTkEsx
-CXGaZW+eBI9S3BMjD9BDb2/Nhxv2Q+G4ReLCIeLByhP4XNR8RMSO0tjUwl52iZMb
-dDeILsMePoCy0C9iRKbLcyBnlO2xCmRAcWQi+GqjgZYwgZMwCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUqgIPrHOZdTiyqgyTJiYcFsuOD8YwRQYDVR0jBD4wPIAUNPhcX7BP
-tuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc1Qe2
-VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0E
-AwIDaAAwZQIwIYML0y8j05Rb7Pg5q+uMK9Mt04wCkcmqJ0OULwtMCj3TXk73zgCm
-ZCdQWSMczil3AjEAz2MRSGICRXxK4rhBOiib3CTBbgQZ+6UPwEaF7JzHCbLFyqMs
-UXPxj+CDPZ5hoqEw
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 14004 (0x36b4)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Jan 30 10:47:27 2018 GMT
- Not After : Jan 28 10:47:27 2028 GMT
- Subject: CN=zbartakovics
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:8e:37:8a:ac:33:b1:25:3b:48:63:b1:8b:49:68:
- d3:a2:56:b7:b6:6b:0e:de:ed:9f:7e:0e:c9:8c:8d:
- 1f:37:81:de:99:1c:ee:d8:74:ac:e0:73:cb:93:bd:
- c6:6f:32:a2:30:ae:d6:87:93:59:0d:b3:09:67:ba:
- fc:4b:43:54:ac:d2:86:2c:4a:08:91:08:d5:ef:17:
- 4e:b4:65:c3:69:55:3f:65:b5:18:59:31:e8:17:21:
- 04:eb:af:11:e3:b0:56
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 99:1D:BF:07:30:49:FC:A7:A7:2C:A2:3C:DD:C4:C8:4C:7A:BF:97:8E
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:15:70:82:b0:56:64:69:39:d9:05:44:4c:8a:59:
- 9f:2f:33:80:19:91:92:de:cb:8b:00:92:0c:0d:7c:0a:43:ec:
- bd:b3:dc:ca:d8:3b:ca:d1:b1:39:83:25:2f:00:0b:f8:02:31:
- 00:92:db:1d:38:d9:e2:7d:c2:43:8e:c1:7b:45:f3:e5:c0:aa:
- d2:d9:f7:be:28:d9:c1:b3:40:04:7d:6f:86:2f:ab:bb:4b:6d:
- 3e:ec:af:e2:27:b0:95:ce:2b:fc:0b:1f:b8
------BEGIN CERTIFICATE-----
-MIIB8DCCAXagAwIBAgICNrQwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xODAxMzAxMDQ3MjdaFw0yODAxMjgxMDQ3MjdaMBcxFTATBgNVBAMM
-DHpiYXJ0YWtvdmljczB2MBAGByqGSM49AgEGBSuBBAAiA2IABI43iqwzsSU7SGOx
-i0lo06JWt7ZrDt7tn34OyYyNHzeB3pkc7th0rOBzy5O9xm8yojCu1oeTWQ2zCWe6
-/EtDVKzShixKCJEI1e8XTrRlw2lVP2W1GFkx6BchBOuvEeOwVqOBljCBkzAJBgNV
-HRMEAjAAMB0GA1UdDgQWBBSZHb8HMEn8p6csojzdxMhMer+XjjBFBgNVHSMEPjA8
-gBQ0+FxfsE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBD
-QYIJANzVB7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAK
-BggqhkjOPQQDAgNoADBlAjAVcIKwVmRpOdkFREyKWZ8vM4AZkZLey4sAkgwNfApD
-7L2z3MrYO8rRsTmDJS8AC/gCMQCS2x042eJ9wkOOwXtF8+XAqtLZ974o2cGzQAR9
-b4Yvq7tLbT7sr+InsJXOK/wLH7g=
------END CERTIFICATE-----
+++ /dev/null
------BEGIN X509 CRL-----
-MIIBHzCBpgIBATAKBggqhkjOPQQDAjAVMRMwEQYDVQQDDApPcGVuVlBOIENBFw0x
-ODEwMTMwODM5NDlaFw0xOTA0MTEwODM5NDlaMBUwEwICLgAXDTE4MDgwOTA5NTcy
-MFqgSTBHMEUGA1UdIwQ+MDyAFDT4XF+wT7bi70OK2atYdNBWyEvPoRmkFzAVMRMw
-EQYDVQQDDApPcGVuVlBOIENBggkA3NUHtlaAz/MwCgYIKoZIzj0EAwIDaAAwZQIx
-AKc1dDbNfBROolgs/frUj3g8TtOBVLD4oYkHl8DLAZ1badd7jKyTZe5PRTm4rWDO
-PAIwQy8pppUhsHClimepGdjen6sHFEsfW04WdzrWceN3U7fUsh+2SjQHrK5OogV8
-m5ru
------END X509 CRL-----
+++ /dev/null
------BEGIN DH PARAMETERS-----
-MIIBCAKCAQEAqkkmABC9P/tNOud15pJqJ3ZhHMafkwuzn3mhhXobcT8lKFSrq6lp
-I1lY/6MhgTWGmOTrFMBcR3TRuNh6SFrHAvkZDbXIl+g9oKJ8oZzTd4/kxQbVxigT
-I1XGj3Csurw+Nhc1gMG847XPiw4bdlGT2SNXzLMFL/tO+Ok9t+gPYtElL39kt9Hl
-2u1xEIdBwpUr+I3R5y1buwtQemZ5aEdCp7/WJZRyabIG7e8ERlmHyuov29p9IGKG
-OszUDoP0zIXXBB+/Co65lx7YbxA4eITpU5upB67JcOPD3SLHuTt8OknKWV2aG9ms
-3pCcr5aDq1zXElDqpcEh7ROwZIyGxY4yIwIBAg==
------END DH PARAMETERS-----
+++ /dev/null
------BEGIN EC PARAMETERS-----
-BgUrgQQAIg==
------END EC PARAMETERS-----
+++ /dev/null
-V 271017092659Z 01 unknown /CN=server
-V 271017093045Z 31EE unknown /CN=aborza
-V 271017093053Z 2EEA unknown /CN=acsiba
-V 271017093111Z 2B1C unknown /CN=akosztolanyi
-V 271017093122Z 2CA3 unknown /CN=azsamboki
-V 271017093136Z 2FCF unknown /CN=csgulyas
-V 271017093147Z 305F unknown /CN=dvasary
-V 271017093200Z 333C unknown /CN=fritter
-V 271017093215Z 3301 unknown /CN=fschnell
-V 271017093230Z 2BAE unknown /CN=khorvath
-V 271017093240Z 3274 unknown /CN=kkele
-V 271017093251Z 2DB5 unknown /CN=kschaffer
-V 271017093302Z 3349 unknown /CN=mszabo
-R 271017093317Z 180809095720Z 2E00 unknown /CN=ptombor
-V 271017093327Z 3068 unknown /CN=rrendek
-V 271017093338Z 2811 unknown /CN=zfelleg
-V 271017093349Z 2F41 unknown /CN=zsnemes
-V 271017093400Z 33E9 unknown /CN=qqcs
-V 271017093410Z 3254 unknown /CN=rtoth
-V 280128104727Z 36B4 unknown /CN=zbartakovics
-V 280505112440Z 2AC2 unknown /CN=cslevai
-V 280505112456Z 3374 unknown /CN=ifabian
+++ /dev/null
-unique_subject = yes
+++ /dev/null
-unique_subject = yes
+++ /dev/null
-V 271017092659Z 01 unknown /CN=server
-V 271017093045Z 31EE unknown /CN=aborza
-V 271017093053Z 2EEA unknown /CN=acsiba
-V 271017093111Z 2B1C unknown /CN=akosztolanyi
-V 271017093122Z 2CA3 unknown /CN=azsamboki
-V 271017093136Z 2FCF unknown /CN=csgulyas
-V 271017093147Z 305F unknown /CN=dvasary
-V 271017093200Z 333C unknown /CN=fritter
-V 271017093215Z 3301 unknown /CN=fschnell
-V 271017093230Z 2BAE unknown /CN=khorvath
-V 271017093240Z 3274 unknown /CN=kkele
-V 271017093251Z 2DB5 unknown /CN=kschaffer
-V 271017093302Z 3349 unknown /CN=mszabo
-V 271017093317Z 2E00 unknown /CN=ptombor
-V 271017093327Z 3068 unknown /CN=rrendek
-V 271017093338Z 2811 unknown /CN=zfelleg
-V 271017093349Z 2F41 unknown /CN=zsnemes
-V 271017093400Z 33E9 unknown /CN=qqcs
-V 271017093410Z 3254 unknown /CN=rtoth
-V 280128104727Z 36B4 unknown /CN=zbartakovics
-V 280505112440Z 2AC2 unknown /CN=cslevai
-V 280505112456Z 3374 unknown /CN=ifabian
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12782 (0x31ee)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:30:45 2017 GMT
- Not After : Oct 17 09:30:45 2027 GMT
- Subject: CN=aborza
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ca:81:c1:4a:ea:59:0a:e6:b5:34:90:78:60:ae:
- 9a:b9:5c:d8:52:3e:ec:8f:30:00:96:c0:6b:5e:17:
- 60:ab:72:09:73:e3:3e:31:5b:f7:fe:ed:31:48:94:
- 6f:e9:a0:4a:70:76:55:5b:41:07:ea:af:e2:8a:b1:
- 5f:5c:95:e4:f4:b4:60:1d:91:c8:0f:fb:57:f6:53:
- 79:07:3a:2e:c9:6f:96:6a:7d:1e:1c:f6:74:19:76:
- 8c:bb:c1:dd:dd:ff:6d
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 8D:C0:A1:00:5B:E9:79:9B:65:3D:0B:DA:CD:18:C0:80:D7:11:49:7A
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:70:1e:e8:7c:51:73:46:96:78:64:df:35:e8:90:
- 28:60:66:c3:a1:9c:ce:46:c6:09:95:c3:99:80:ce:70:84:10:
- 2f:a2:8b:ad:53:8f:0e:67:ad:05:88:71:4b:dc:a4:4a:02:31:
- 00:83:2b:87:a9:6e:6e:14:49:ff:53:61:8c:6b:8a:f3:cf:b4:
- 4a:b7:ec:19:e3:05:bd:4f:43:49:bb:cb:df:aa:ba:27:e7:5e:
- 07:4a:f8:32:c6:f0:f1:22:31:a0:7f:f8:22
------BEGIN CERTIFICATE-----
-MIIB6jCCAXCgAwIBAgICMe4wCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMwNDVaFw0yNzEwMTcwOTMwNDVaMBExDzANBgNVBAMM
-BmFib3J6YTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMqBwUrqWQrmtTSQeGCumrlc
-2FI+7I8wAJbAa14XYKtyCXPjPjFb9/7tMUiUb+mgSnB2VVtBB+qv4oqxX1yV5PS0
-YB2RyA/7V/ZTeQc6Lslvlmp9Hhz2dBl2jLvB3d3/baOBljCBkzAJBgNVHRMEAjAA
-MB0GA1UdDgQWBBSNwKEAW+l5m2U9C9rNGMCA1xFJejBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjO
-PQQDAgNoADBlAjBwHuh8UXNGlnhk3zXokChgZsOhnM5GxgmVw5mAznCEEC+ii61T
-jw5nrQWIcUvcpEoCMQCDK4epbm4USf9TYYxrivPPtEq37BnjBb1PQ0m7y9+quifn
-XgdK+DLG8PEiMaB/+CI=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12010 (0x2eea)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:30:53 2017 GMT
- Not After : Oct 17 09:30:53 2027 GMT
- Subject: CN=acsiba
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:da:c2:53:06:83:f7:48:e5:6a:f8:89:fc:d5:bd:
- db:d0:b9:7c:e0:d9:83:2c:63:7b:d2:5f:81:a7:81:
- fc:c8:3d:ff:33:a8:48:f0:aa:7b:07:68:1b:aa:01:
- 70:5e:d8:d1:18:a6:12:c9:65:42:2a:43:bc:37:19:
- 41:57:a2:bc:e5:fb:9b:4a:0b:88:47:50:e2:ad:3e:
- 79:22:54:c0:e9:ac:2a:2f:e7:ed:0d:a0:c1:38:86:
- 9e:45:ec:14:12:a3:73
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 15:17:AB:54:ED:F7:6C:D1:1E:AD:12:A6:20:4F:04:78:22:83:6C:A0
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:a9:f0:bc:0c:01:70:39:9f:99:f1:c9:ce:5f:
- d0:f2:b3:66:64:38:7e:9b:36:51:1c:5e:69:6f:7a:4b:bd:32:
- 0f:50:7a:c9:8a:dc:f5:18:a3:f3:69:02:20:c2:3c:f1:95:02:
- 30:78:72:d5:53:c2:2e:b2:5c:91:a7:a6:78:b4:3f:0f:2e:3e:
- 22:20:22:3f:b2:67:96:e8:79:89:f0:b0:a8:bb:1d:d6:70:f1:
- c9:1b:22:31:e3:40:36:6e:40:da:7d:64:d7
------BEGIN CERTIFICATE-----
-MIIB6jCCAXCgAwIBAgICLuowCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMwNTNaFw0yNzEwMTcwOTMwNTNaMBExDzANBgNVBAMM
-BmFjc2liYTB2MBAGByqGSM49AgEGBSuBBAAiA2IABNrCUwaD90jlaviJ/NW929C5
-fODZgyxje9JfgaeB/Mg9/zOoSPCqewdoG6oBcF7Y0RimEsllQipDvDcZQVeivOX7
-m0oLiEdQ4q0+eSJUwOmsKi/n7Q2gwTiGnkXsFBKjc6OBljCBkzAJBgNVHRMEAjAA
-MB0GA1UdDgQWBBQVF6tU7fds0R6tEqYgTwR4IoNsoDBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjO
-PQQDAgNoADBlAjEAqfC8DAFwOZ+Z8cnOX9Dys2ZkOH6bNlEcXmlveku9Mg9QesmK
-3PUYo/NpAiDCPPGVAjB4ctVTwi6yXJGnpni0Pw8uPiIgIj+yZ5boeYnwsKi7HdZw
-8ckbIjHjQDZuQNp9ZNc=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11036 (0x2b1c)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:31:11 2017 GMT
- Not After : Oct 17 09:31:11 2027 GMT
- Subject: CN=akosztolanyi
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:8f:3c:74:2e:5d:d7:90:ac:5c:2f:e8:fe:f3:8a:
- 8d:6b:6b:96:98:a7:63:e3:03:42:4c:2b:49:22:a8:
- 07:c2:ac:06:89:a8:80:04:26:5e:68:79:a8:b9:84:
- 79:3e:da:98:56:15:36:f2:7c:09:f8:41:78:5c:8e:
- 2c:de:1b:18:8a:49:4c:8f:fe:ed:95:8f:0f:cb:5b:
- e2:64:b1:63:ef:3d:d1:95:49:f1:4e:73:47:a7:11:
- 94:1c:36:da:e6:55:cf
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- B1:A3:E4:CB:16:E0:E1:12:E2:70:12:2B:8F:DA:D8:99:D6:63:A4:FC
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:b7:e6:6c:6c:e6:75:bd:45:00:d2:29:3e:55:
- 07:c4:33:b8:50:77:09:1b:d2:9b:1d:4d:48:ed:74:a3:2d:c0:
- 99:0a:06:7a:08:b6:c7:41:e0:58:a9:2c:3c:6e:3f:62:a3:02:
- 31:00:a9:80:0c:db:0c:c4:7c:79:44:ec:09:a5:2d:02:ef:31:
- a7:84:0b:c2:7e:a6:0b:0c:c1:e3:84:d5:35:7f:1d:ac:21:7f:
- f0:83:a7:2b:db:d8:06:61:f2:86:ee:1b:6f:1f
------BEGIN CERTIFICATE-----
-MIIB8TCCAXagAwIBAgICKxwwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMxMTFaFw0yNzEwMTcwOTMxMTFaMBcxFTATBgNVBAMM
-DGFrb3N6dG9sYW55aTB2MBAGByqGSM49AgEGBSuBBAAiA2IABI88dC5d15CsXC/o
-/vOKjWtrlpinY+MDQkwrSSKoB8KsBomogAQmXmh5qLmEeT7amFYVNvJ8CfhBeFyO
-LN4bGIpJTI/+7ZWPD8tb4mSxY+890ZVJ8U5zR6cRlBw22uZVz6OBljCBkzAJBgNV
-HRMEAjAAMB0GA1UdDgQWBBSxo+TLFuDhEuJwEiuP2tiZ1mOk/DBFBgNVHSMEPjA8
-gBQ0+FxfsE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBD
-QYIJANzVB7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAK
-BggqhkjOPQQDAgNpADBmAjEAt+ZsbOZ1vUUA0ik+VQfEM7hQdwkb0psdTUjtdKMt
-wJkKBnoItsdB4FipLDxuP2KjAjEAqYAM2wzEfHlE7AmlLQLvMaeEC8J+pgsMweOE
-1TV/Hawhf/CDpyvb2AZh8obuG28f
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11427 (0x2ca3)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:31:22 2017 GMT
- Not After : Oct 17 09:31:22 2027 GMT
- Subject: CN=azsamboki
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:37:66:66:c1:b8:90:03:80:8d:75:22:db:61:2e:
- 72:0e:78:04:91:9d:da:99:39:1d:89:0b:0e:34:90:
- 06:0d:3d:8c:25:2f:fc:56:75:bc:85:ab:24:54:14:
- f4:27:39:49:10:11:80:4a:07:7b:72:ed:79:8d:95:
- 34:e3:07:13:3b:da:51:eb:8a:b5:77:b6:71:e4:97:
- e6:05:4f:27:3e:0a:c1:f6:1f:ff:bf:a4:5e:43:ca:
- bc:42:fd:3f:49:c3:5b
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- DE:CA:E6:F5:11:A9:62:D9:9C:93:4A:B3:2B:A4:9B:31:B1:1E:66:61
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:cb:c2:a4:ad:cd:f0:de:75:3b:7e:bb:c8:c1:
- 45:2a:bf:01:8e:83:b7:7b:15:98:7d:21:2c:86:83:bb:2d:21:
- f6:be:b8:0d:fb:91:d2:57:fb:21:e4:6c:4f:90:b8:29:eb:02:
- 31:00:f2:98:41:ca:42:df:94:78:e5:c7:9e:93:fc:e4:f2:5f:
- cc:5d:5d:e9:f8:97:84:1a:78:15:90:04:06:99:77:9b:dd:3c:
- 3a:93:55:d0:2b:f6:59:80:ae:c7:1d:85:32:61
------BEGIN CERTIFICATE-----
-MIIB7jCCAXOgAwIBAgICLKMwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMxMjJaFw0yNzEwMTcwOTMxMjJaMBQxEjAQBgNVBAMM
-CWF6c2FtYm9raTB2MBAGByqGSM49AgEGBSuBBAAiA2IABDdmZsG4kAOAjXUi22Eu
-cg54BJGd2pk5HYkLDjSQBg09jCUv/FZ1vIWrJFQU9Cc5SRARgEoHe3LteY2VNOMH
-EzvaUeuKtXe2ceSX5gVPJz4KwfYf/7+kXkPKvEL9P0nDW6OBljCBkzAJBgNVHRME
-AjAAMB0GA1UdDgQWBBTeyub1Eali2ZyTSrMrpJsxsR5mYTBFBgNVHSMEPjA8gBQ0
-+FxfsE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJ
-ANzVB7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggq
-hkjOPQQDAgNpADBmAjEAy8Kkrc3w3nU7frvIwUUqvwGOg7d7FZh9ISyGg7stIfa+
-uA37kdJX+yHkbE+QuCnrAjEA8phBykLflHjlx56T/OTyX8xdXen4l4QaeBWQBAaZ
-d5vdPDqTVdAr9lmArscdhTJh
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12239 (0x2fcf)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:31:36 2017 GMT
- Not After : Oct 17 09:31:36 2027 GMT
- Subject: CN=csgulyas
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:f2:18:09:ae:cd:31:69:80:cf:9b:ca:1b:ff:67:
- d8:40:61:dc:48:60:b5:19:f9:40:aa:0b:92:0b:2b:
- d9:7c:1f:01:23:cd:7a:62:51:0a:6a:57:18:49:dd:
- d3:6b:71:48:4e:31:69:7c:56:b9:68:ed:a4:e8:a7:
- cb:bb:6c:f8:95:f4:76:64:07:14:8f:4f:04:e9:26:
- a2:74:46:a5:10:77:67:18:28:9c:8d:29:10:f7:7f:
- 92:b2:83:75:19:8d:74
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 23:BC:13:C4:79:E6:B1:98:F7:D3:0D:AB:BB:B2:7F:C6:08:19:D5:15
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:d9:f1:2c:76:09:e3:5b:ed:20:3a:a7:47:48:
- b8:55:d1:eb:37:51:3a:9f:33:48:03:c3:ec:82:9b:72:d5:94:
- 24:58:7d:55:34:69:68:86:f4:57:85:1b:91:a5:57:c1:fb:02:
- 31:00:f3:8f:50:60:25:14:b9:48:73:a8:d0:a0:ee:b1:a4:f9:
- a3:6f:a8:29:d1:8c:fe:d0:be:7d:2f:67:e7:9d:02:85:ac:54:
- d4:da:0f:68:85:53:04:7a:9c:14:28:91:7b:c3
------BEGIN CERTIFICATE-----
-MIIB7TCCAXKgAwIBAgICL88wCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMxMzZaFw0yNzEwMTcwOTMxMzZaMBMxETAPBgNVBAMM
-CGNzZ3VseWFzMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8hgJrs0xaYDPm8ob/2fY
-QGHcSGC1GflAqguSCyvZfB8BI816YlEKalcYSd3Ta3FITjFpfFa5aO2k6KfLu2z4
-lfR2ZAcUj08E6SaidEalEHdnGCicjSkQ93+SsoN1GY10o4GWMIGTMAkGA1UdEwQC
-MAAwHQYDVR0OBBYEFCO8E8R55rGY99MNq7uyf8YIGdUVMEUGA1UdIwQ+MDyAFDT4
-XF+wT7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA
-3NUHtlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqG
-SM49BAMCA2kAMGYCMQDZ8Sx2CeNb7SA6p0dIuFXR6zdROp8zSAPD7IKbctWUJFh9
-VTRpaIb0V4UbkaVXwfsCMQDzj1BgJRS5SHOo0KDusaT5o2+oKdGM/tC+fS9n550C
-haxU1NoPaIVTBHqcFCiRe8M=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 10946 (0x2ac2)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: May 8 11:24:40 2018 GMT
- Not After : May 5 11:24:40 2028 GMT
- Subject: CN=cslevai
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:a1:0f:74:b8:b8:de:43:c0:f5:a6:5c:24:49:fb:
- 38:bc:80:d7:b7:af:a3:be:8d:f6:08:87:0b:13:8b:
- 2f:c0:1c:d6:1a:27:78:26:d5:3b:0f:01:f3:8b:a0:
- 3f:a0:dc:b5:2a:88:8d:7d:31:b2:98:ab:71:43:8c:
- d3:d7:c2:84:a4:db:e8:40:e6:83:d8:6f:7d:8c:c5:
- cf:87:5d:bc:6e:b2:6e:5a:07:64:cb:a6:57:e0:05:
- 78:35:ae:71:da:5e:b7
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- C0:FE:8D:CF:21:47:D9:22:05:1A:A9:0F:5C:9A:0C:DF:78:13:21:6A
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:31:1e:7f:c1:2c:49:3e:d4:d9:d4:c0:3e:ad:f7:
- 54:40:d9:f7:e5:1e:34:16:ef:52:35:51:92:d0:f1:9f:07:b0:
- d8:aa:1d:75:4c:73:27:a5:e7:7e:7c:fa:11:40:d2:55:02:31:
- 00:95:9a:5e:2d:20:ab:c6:93:30:7f:2a:91:e8:46:34:aa:90:
- 4f:3e:b0:63:c0:e1:01:36:23:61:03:20:01:51:ba:fc:3d:29:
- 74:50:0b:e0:5e:20:8a:33:58:f4:db:24:21
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICKsIwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xODA1MDgxMTI0NDBaFw0yODA1MDUxMTI0NDBaMBIxEDAOBgNVBAMM
-B2NzbGV2YWkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAShD3S4uN5DwPWmXCRJ+zi8
-gNe3r6O+jfYIhwsTiy/AHNYaJ3gm1TsPAfOLoD+g3LUqiI19MbKYq3FDjNPXwoSk
-2+hA5oPYb32Mxc+HXbxusm5aB2TLplfgBXg1rnHaXrejgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUwP6NzyFH2SIFGqkPXJoM33gTIWowRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIwMR5/wSxJPtTZ1MA+rfdUQNn35R40Fu9SNVGS0PGfB7DYqh11
-THMnped+fPoRQNJVAjEAlZpeLSCrxpMwfyqR6EY0qpBPPrBjwOEBNiNhAyABUbr8
-PSl0UAvgXiCKM1j02yQh
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12383 (0x305f)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:31:47 2017 GMT
- Not After : Oct 17 09:31:47 2027 GMT
- Subject: CN=dvasary
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:e6:2e:65:84:8a:05:e7:d2:32:6b:85:20:26:cd:
- 0d:dc:a2:e6:cc:23:36:f4:33:7b:f0:6c:0d:a0:8d:
- f8:0c:13:77:57:f7:6e:02:b7:1a:35:b0:ee:31:26:
- 0d:57:31:df:11:fa:15:73:bd:d3:3e:e6:bc:97:9b:
- 5e:da:41:b0:36:a2:95:98:3b:a6:4e:f5:18:8c:9e:
- ff:26:8f:3e:00:93:b0:14:84:4d:43:f0:01:fa:95:
- 6d:32:f2:41:0e:4f:5e
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- CD:19:31:60:F7:8A:AB:3D:A9:4F:C8:83:0D:B0:5A:D0:EB:69:44:4B
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:c8:72:bd:64:1d:57:d1:87:d9:1c:ef:e9:4f:
- 7a:c9:b5:80:58:fb:ff:47:50:43:13:eb:80:4d:ab:ab:d6:9b:
- 90:65:ae:58:88:43:da:3a:56:ba:ea:24:c0:03:42:a6:b1:02:
- 30:22:fa:c5:a0:7d:b7:97:54:5a:e7:65:25:6a:02:f8:53:99:
- 08:64:5e:a9:70:27:84:b0:03:df:d1:39:c9:9a:b7:ca:be:60:
- d5:45:22:18:a7:ca:da:56:bd:15:d5:30:66
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICMF8wCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMxNDdaFw0yNzEwMTcwOTMxNDdaMBIxEDAOBgNVBAMM
-B2R2YXNhcnkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATmLmWEigXn0jJrhSAmzQ3c
-oubMIzb0M3vwbA2gjfgME3dX924Ctxo1sO4xJg1XMd8R+hVzvdM+5ryXm17aQbA2
-opWYO6ZO9RiMnv8mjz4Ak7AUhE1D8AH6lW0y8kEOT16jgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUzRkxYPeKqz2pT8iDDbBa0OtpREswRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIxAMhyvWQdV9GH2Rzv6U96ybWAWPv/R1BDE+uATaur1puQZa5Y
-iEPaOla66iTAA0KmsQIwIvrFoH23l1Ra52UlagL4U5kIZF6pcCeEsAPf0TnJmrfK
-vmDVRSIYp8raVr0V1TBm
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13116 (0x333c)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:00 2017 GMT
- Not After : Oct 17 09:32:00 2027 GMT
- Subject: CN=fritter
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:2c:40:ec:81:89:ad:1b:ae:c8:1c:3e:5d:62:2f:
- 5e:27:33:d2:42:ba:b9:6c:38:34:ea:90:d6:dd:10:
- e6:b3:19:f5:02:4a:fe:8c:b4:77:cf:6f:c5:ab:81:
- 82:88:3c:4e:9b:82:c3:22:c2:1f:c8:c7:53:af:18:
- f9:9b:92:cf:18:51:8f:95:67:6b:04:9f:f4:95:b8:
- 8b:1a:6a:d4:4c:23:c5:33:46:20:d2:e5:15:bf:bd:
- af:1c:68:44:98:85:82
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- F6:A5:72:FC:DA:1E:8B:69:98:1A:0E:1E:21:31:3F:A3:CD:57:59:D2
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:ce:de:f9:f5:30:65:f1:0c:19:dd:a5:8d:42:
- e7:b5:5b:66:96:45:7f:d2:00:de:d2:9f:7a:7d:cc:0a:a8:6e:
- 0e:ce:f3:1a:4e:1e:33:50:48:9c:84:d4:47:47:d8:81:98:02:
- 30:0b:13:67:f6:2a:d8:0d:86:2b:15:18:e5:41:f3:dc:3b:1c:
- 15:a4:09:a6:82:03:d5:16:7e:4b:6b:0b:51:70:1a:01:92:e1:
- 4f:61:58:1b:ed:b8:d9:17:90:78:70:85:bc
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICMzwwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyMDBaFw0yNzEwMTcwOTMyMDBaMBIxEDAOBgNVBAMM
-B2ZyaXR0ZXIwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQsQOyBia0brsgcPl1iL14n
-M9JCurlsODTqkNbdEOazGfUCSv6MtHfPb8WrgYKIPE6bgsMiwh/Ix1OvGPmbks8Y
-UY+VZ2sEn/SVuIsaatRMI8UzRiDS5RW/va8caESYhYKjgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQU9qVy/Noei2mYGg4eITE/o81XWdIwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIxAM7e+fUwZfEMGd2ljULntVtmlkV/0gDe0p96fcwKqG4OzvMa
-Th4zUEichNRHR9iBmAIwCxNn9irYDYYrFRjlQfPcOxwVpAmmggPVFn5LawtRcBoB
-kuFPYVgb7bjZF5B4cIW8
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13057 (0x3301)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:15 2017 GMT
- Not After : Oct 17 09:32:15 2027 GMT
- Subject: CN=fschnell
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:53:8d:f8:f4:fd:5f:c9:b3:4c:57:f6:c4:93:7f:
- 94:43:31:09:62:ca:ef:5a:d8:12:54:59:58:84:21:
- aa:59:8b:5a:23:a9:b7:1b:e8:e6:e3:a6:76:14:75:
- 45:c7:d5:0c:89:5c:e7:9e:f1:56:2a:6d:25:b8:30:
- 6f:4a:dd:80:08:b0:a6:07:c8:98:d6:f3:0a:07:d9:
- 60:d0:00:58:7f:f6:a5:6b:78:53:82:44:5a:81:01:
- 54:18:6f:1b:f4:99:f9
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- C8:6F:89:82:1D:8F:8C:70:84:6F:E9:35:BD:92:9C:3E:56:DC:40:CD
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:f7:04:12:3d:b3:98:22:bc:aa:06:62:be:31:
- ac:32:26:c9:80:1b:aa:17:e0:85:82:0b:14:b8:35:09:8f:e4:
- 7c:2b:8f:82:a6:c2:08:9d:91:7a:43:19:30:a2:94:e6:2b:02:
- 31:00:fb:61:02:d5:e4:9b:a8:a3:d9:5e:e6:cf:4e:8f:5c:17:
- 4e:59:c4:20:78:bb:d6:2a:cc:8c:92:e5:78:aa:6b:2c:ce:db:
- 94:46:86:16:76:14:ac:64:41:d1:78:d2:a9:ec
------BEGIN CERTIFICATE-----
-MIIB7TCCAXKgAwIBAgICMwEwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyMTVaFw0yNzEwMTcwOTMyMTVaMBMxETAPBgNVBAMM
-CGZzY2huZWxsMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEU4349P1fybNMV/bEk3+U
-QzEJYsrvWtgSVFlYhCGqWYtaI6m3G+jm46Z2FHVFx9UMiVznnvFWKm0luDBvSt2A
-CLCmB8iY1vMKB9lg0ABYf/ala3hTgkRagQFUGG8b9Jn5o4GWMIGTMAkGA1UdEwQC
-MAAwHQYDVR0OBBYEFMhviYIdj4xwhG/pNb2SnD5W3EDNMEUGA1UdIwQ+MDyAFDT4
-XF+wT7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA
-3NUHtlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqG
-SM49BAMCA2kAMGYCMQD3BBI9s5givKoGYr4xrDImyYAbqhfghYILFLg1CY/kfCuP
-gqbCCJ2RekMZMKKU5isCMQD7YQLV5Juoo9le5s9Oj1wXTlnEIHi71irMjJLleKpr
-LM7blEaGFnYUrGRB0XjSqew=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13172 (0x3374)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: May 8 11:24:56 2018 GMT
- Not After : May 5 11:24:56 2028 GMT
- Subject: CN=ifabian
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:21:0d:77:39:b7:b1:43:2d:e9:a2:e9:a9:3b:88:
- cd:93:d5:05:4d:b5:58:04:1f:43:76:1b:93:1e:c3:
- d2:d8:15:37:df:3f:d4:75:c7:81:cc:78:f8:63:84:
- 8d:49:0d:49:b2:71:5e:b3:73:0b:ab:0c:5b:ff:9a:
- 68:39:1b:6a:c2:8e:b0:0f:bc:cd:69:93:79:73:f2:
- c3:b9:04:66:87:20:90:1c:4b:c7:c4:e9:77:86:a6:
- a5:8f:59:a0:6d:03:4b
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 47:CB:B8:DB:88:B9:FB:59:61:4B:66:B6:03:EB:5F:A5:30:2F:64:AC
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:2c:e5:1b:07:5f:bd:0b:75:e1:cb:fa:7c:30:1b:
- 09:31:ae:9d:83:1b:ec:23:04:96:67:14:7b:8c:3a:64:02:10:
- 0f:e6:f2:35:f9:44:2f:b4:7f:8f:ee:c9:dd:7c:4d:29:02:31:
- 00:e2:34:be:b9:77:34:3b:0e:89:c7:00:5b:2d:c3:36:fc:86:
- c6:8b:d8:10:64:28:d5:7c:84:f2:0a:b2:67:ad:7b:1e:8c:c6:
- 46:80:18:89:f1:16:d2:fb:61:53:2d:6f:61
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICM3QwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xODA1MDgxMTI0NTZaFw0yODA1MDUxMTI0NTZaMBIxEDAOBgNVBAMM
-B2lmYWJpYW4wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQhDXc5t7FDLemi6ak7iM2T
-1QVNtVgEH0N2G5Mew9LYFTffP9R1x4HMePhjhI1JDUmycV6zcwurDFv/mmg5G2rC
-jrAPvM1pk3lz8sO5BGaHIJAcS8fE6XeGpqWPWaBtA0ujgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUR8u424i5+1lhS2a2A+tfpTAvZKwwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIwLOUbB1+9C3Xhy/p8MBsJMa6dgxvsIwSWZxR7jDpkAhAP5vI1
-+UQvtH+P7sndfE0pAjEA4jS+uXc0Ow6JxwBbLcM2/IbGi9gQZCjVfITyCrJnrXse
-jMZGgBiJ8RbS+2FTLW9h
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11182 (0x2bae)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:30 2017 GMT
- Not After : Oct 17 09:32:30 2027 GMT
- Subject: CN=khorvath
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ab:61:3a:de:89:4e:0e:63:ea:c8:6b:98:1a:8b:
- c4:f9:72:f4:bf:b2:0e:eb:94:ef:04:6c:a9:e4:78:
- 53:f9:a8:af:6a:14:9b:27:e9:17:45:c7:f9:9e:e4:
- d3:59:43:9c:13:c7:15:63:80:8e:aa:ac:fc:9a:55:
- 59:64:7c:62:3d:2c:50:20:97:d1:c1:1e:22:94:53:
- 74:4a:5f:30:fb:a0:3d:ba:e0:9d:2e:e2:70:af:73:
- a5:c0:32:45:77:2e:20
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 1D:C8:C2:9E:05:CF:12:BB:33:C2:D9:24:C7:ED:A4:8D:86:23:75:CF
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:98:ba:ed:a5:45:71:05:76:b6:40:76:4e:a3:
- 31:bd:38:7e:7d:0b:71:13:6f:1a:ee:58:1a:89:eb:ee:50:b2:
- 86:2b:c6:4b:dc:8b:a5:ee:4b:c7:06:c9:65:55:10:7c:95:02:
- 31:00:88:07:18:6d:65:2f:bf:79:42:d7:df:5c:88:f9:ff:81:
- 8a:3d:25:80:8b:76:33:59:a9:28:20:82:30:40:67:88:49:34:
- 51:f2:36:0a:22:49:2e:e5:d7:35:c3:4e:c8:2b
------BEGIN CERTIFICATE-----
-MIIB7TCCAXKgAwIBAgICK64wCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyMzBaFw0yNzEwMTcwOTMyMzBaMBMxETAPBgNVBAMM
-CGtob3J2YXRoMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEq2E63olODmPqyGuYGovE
-+XL0v7IO65TvBGyp5HhT+aivahSbJ+kXRcf5nuTTWUOcE8cVY4COqqz8mlVZZHxi
-PSxQIJfRwR4ilFN0Sl8w+6A9uuCdLuJwr3OlwDJFdy4go4GWMIGTMAkGA1UdEwQC
-MAAwHQYDVR0OBBYEFB3Iwp4FzxK7M8LZJMftpI2GI3XPMEUGA1UdIwQ+MDyAFDT4
-XF+wT7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA
-3NUHtlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqG
-SM49BAMCA2kAMGYCMQCYuu2lRXEFdrZAdk6jMb04fn0LcRNvGu5YGonr7lCyhivG
-S9yLpe5LxwbJZVUQfJUCMQCIBxhtZS+/eULX31yI+f+Bij0lgIt2M1mpKCCCMEBn
-iEk0UfI2CiJJLuXXNcNOyCs=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12916 (0x3274)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:40 2017 GMT
- Not After : Oct 17 09:32:40 2027 GMT
- Subject: CN=kkele
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:25:3e:a3:bd:c9:27:5e:ba:c6:30:68:0f:90:17:
- 94:89:69:30:04:70:6a:ba:16:40:3d:04:08:ed:00:
- 2d:a2:c4:45:aa:db:af:85:d2:a6:40:7b:69:85:bc:
- cf:9a:41:66:0b:4d:1a:c4:82:53:b0:d1:cb:53:98:
- 39:90:11:11:5e:e7:98:a7:b3:71:31:b1:55:be:07:
- ef:ed:6a:e7:dc:e9:38:fd:03:fc:d5:52:ed:a8:da:
- de:88:22:6d:c2:80:0a
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 05:94:51:39:17:98:AD:AD:A6:A0:4D:7F:79:9C:81:1F:3C:BB:8A:88
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:6c:81:f6:f7:47:45:a0:a2:2b:20:6f:2c:22:7d:
- 40:79:45:2a:66:9e:04:5d:75:b9:d9:f9:a7:98:c8:81:c9:6e:
- bd:9c:35:e8:67:2c:9c:2f:52:62:3c:b4:5f:4a:33:68:02:30:
- 72:86:06:98:6e:ab:ff:2e:00:0d:20:1a:35:1f:86:33:ed:7c:
- 36:31:69:89:98:6e:3e:22:39:71:c3:e3:62:26:20:aa:56:77:
- 5f:1e:e3:60:45:dd:37:ca:6b:4f:f6:66
------BEGIN CERTIFICATE-----
-MIIB6DCCAW+gAwIBAgICMnQwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyNDBaFw0yNzEwMTcwOTMyNDBaMBAxDjAMBgNVBAMM
-BWtrZWxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEJT6jvcknXrrGMGgPkBeUiWkw
-BHBquhZAPQQI7QAtosRFqtuvhdKmQHtphbzPmkFmC00axIJTsNHLU5g5kBERXueY
-p7NxMbFVvgfv7Wrn3Ok4/QP81VLtqNreiCJtwoAKo4GWMIGTMAkGA1UdEwQCMAAw
-HQYDVR0OBBYEFAWUUTkXmK2tpqBNf3mcgR88u4qIMEUGA1UdIwQ+MDyAFDT4XF+w
-T7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA3NUH
-tlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49
-BAMCA2cAMGQCMGyB9vdHRaCiKyBvLCJ9QHlFKmaeBF11udn5p5jIgcluvZw16Gcs
-nC9SYjy0X0ozaAIwcoYGmG6r/y4ADSAaNR+GM+18NjFpiZhuPiI5ccPjYiYgqlZ3
-Xx7jYEXdN8prT/Zm
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11701 (0x2db5)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:32:51 2017 GMT
- Not After : Oct 17 09:32:51 2027 GMT
- Subject: CN=kschaffer
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:fc:5e:b3:e4:29:34:b3:d0:28:23:12:b9:4a:aa:
- 85:61:2a:cd:16:9b:f9:38:dc:06:32:b1:39:0f:89:
- 9f:df:aa:6e:1c:70:99:db:e9:aa:5d:21:eb:f6:6d:
- 8f:e6:6b:25:bd:f6:e6:48:2f:75:ee:16:10:a5:e5:
- 54:d7:32:7e:6e:26:1d:c2:8e:78:80:9e:69:3f:50:
- 38:36:43:36:42:95:f5:42:b3:22:2f:6c:8b:bd:ca:
- 2c:40:ea:3f:84:ce:be
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- B6:58:C0:94:45:C5:AC:E8:0A:30:D5:FA:15:AB:DC:7C:53:DC:88:06
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:95:e3:da:70:d6:17:f5:85:18:a7:2d:db:31:
- 5d:22:a2:98:9a:24:8f:15:75:a6:60:2f:5a:67:46:bc:14:cc:
- 38:d2:bc:b8:dd:f1:0d:4c:15:45:37:0f:cb:79:3e:d8:32:02:
- 31:00:95:0d:83:ef:33:b0:da:d2:bc:ba:99:27:10:c0:fc:b2:
- 9d:31:d7:e8:60:95:0a:0e:59:df:92:59:86:70:cc:7f:64:94:
- 76:df:f7:1f:b9:5c:e2:14:85:9c:61:76:b0:cb
------BEGIN CERTIFICATE-----
-MIIB7jCCAXOgAwIBAgICLbUwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMyNTFaFw0yNzEwMTcwOTMyNTFaMBQxEjAQBgNVBAMM
-CWtzY2hhZmZlcjB2MBAGByqGSM49AgEGBSuBBAAiA2IABPxes+QpNLPQKCMSuUqq
-hWEqzRab+TjcBjKxOQ+Jn9+qbhxwmdvpql0h6/Ztj+ZrJb325kgvde4WEKXlVNcy
-fm4mHcKOeICeaT9QODZDNkKV9UKzIi9si73KLEDqP4TOvqOBljCBkzAJBgNVHRME
-AjAAMB0GA1UdDgQWBBS2WMCURcWs6Aow1foVq9x8U9yIBjBFBgNVHSMEPjA8gBQ0
-+FxfsE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJ
-ANzVB7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggq
-hkjOPQQDAgNpADBmAjEAlePacNYX9YUYpy3bMV0iopiaJI8VdaZgL1pnRrwUzDjS
-vLjd8Q1MFUU3D8t5PtgyAjEAlQ2D7zOw2tK8upknEMD8sp0x1+hglQoOWd+SWYZw
-zH9klHbf9x+5XOIUhZxhdrDL
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13129 (0x3349)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:02 2017 GMT
- Not After : Oct 17 09:33:02 2027 GMT
- Subject: CN=mszabo
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:69:c0:86:27:a1:fa:74:2a:18:21:dc:d4:d1:4b:
- b3:6e:d5:16:06:b7:50:8d:3a:5c:86:ea:b9:25:84:
- bd:4e:65:d9:7c:33:13:8e:63:64:cb:70:39:3a:ac:
- a5:d0:68:4d:f5:aa:f1:56:8c:55:11:26:d3:c3:c0:
- 4a:10:78:35:7d:ba:56:f6:9a:f5:af:3d:6b:be:ad:
- e7:e2:9c:0e:ec:42:b2:49:e3:f8:d6:36:0d:dd:56:
- fb:e3:c0:7d:34:e5:2e
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 28:55:A2:FF:1C:FC:9B:E2:22:C8:45:93:ED:DE:A6:8E:50:A6:86:0A
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:9e:5f:d5:2d:55:0f:44:fa:9f:67:9b:eb:11:
- a9:ef:a4:7e:2e:f1:c7:a4:99:11:d3:b3:05:30:bb:80:a9:0e:
- 0d:b4:57:30:a4:4b:c4:94:49:9e:f9:7a:b6:07:7a:02:02:02:
- 31:00:81:c9:96:28:0f:c6:47:84:e1:a2:86:17:a1:f3:c1:39:
- 55:ca:a9:ce:8c:fc:e9:ea:70:a9:de:be:8c:83:e5:25:1a:cf:
- 30:cb:f9:51:b5:3b:59:7d:15:df:9d:f2:2a:4f
------BEGIN CERTIFICATE-----
-MIIB6zCCAXCgAwIBAgICM0kwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzMDJaFw0yNzEwMTcwOTMzMDJaMBExDzANBgNVBAMM
-Bm1zemFibzB2MBAGByqGSM49AgEGBSuBBAAiA2IABGnAhieh+nQqGCHc1NFLs27V
-Fga3UI06XIbquSWEvU5l2XwzE45jZMtwOTqspdBoTfWq8VaMVREm08PAShB4NX26
-Vvaa9a89a76t5+KcDuxCsknj+NY2Dd1W++PAfTTlLqOBljCBkzAJBgNVHRMEAjAA
-MB0GA1UdDgQWBBQoVaL/HPyb4iLIRZPt3qaOUKaGCjBFBgNVHSMEPjA8gBQ0+Fxf
-sE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANzV
-B7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjO
-PQQDAgNpADBmAjEAnl/VLVUPRPqfZ5vrEanvpH4u8cekmRHTswUwu4CpDg20VzCk
-S8SUSZ75erYHegICAjEAgcmWKA/GR4ThooYXofPBOVXKqc6M/OnqcKnevoyD5SUa
-zzDL+VG1O1l9Fd+d8ipP
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 11776 (0x2e00)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:17 2017 GMT
- Not After : Oct 17 09:33:17 2027 GMT
- Subject: CN=ptombor
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:b0:7a:62:43:10:8b:4b:ae:3e:13:cb:10:b3:8c:
- 85:4d:bb:74:df:61:bb:2b:0a:08:fb:15:e2:85:09:
- 05:ee:8f:f4:65:43:4b:fe:ef:3c:58:ac:06:11:e8:
- e4:d4:eb:7c:e3:dd:41:e0:24:f7:19:07:ee:48:fd:
- 69:96:74:1e:fa:f2:b9:15:41:c8:70:64:53:7d:70:
- 0a:46:f0:fe:f1:63:73:cc:bc:bc:e0:68:0d:e9:82:
- 52:f3:19:53:a4:13:cd
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 5C:60:32:8A:63:F9:49:95:B7:4E:5E:28:41:CB:E2:EB:38:47:A7:76
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:35:ab:49:b6:56:25:02:8f:d8:fe:85:29:52:dd:
- bb:ed:4f:52:83:1b:7b:09:ff:29:c3:18:84:48:04:df:34:dd:
- fd:19:a4:93:cb:29:bd:6f:e5:83:ec:d7:6a:17:99:02:02:30:
- 63:e7:11:4d:c2:f0:b7:50:50:d1:20:c1:9f:d8:27:a8:fd:dd:
- a1:57:c4:9a:cd:e4:ff:93:36:e4:32:a7:59:51:24:7b:f3:17:
- ff:49:2d:b6:82:da:a1:f9:bf:dc:35:29
------BEGIN CERTIFICATE-----
-MIIB6jCCAXGgAwIBAgICLgAwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzMTdaFw0yNzEwMTcwOTMzMTdaMBIxEDAOBgNVBAMM
-B3B0b21ib3IwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASwemJDEItLrj4TyxCzjIVN
-u3TfYbsrCgj7FeKFCQXuj/RlQ0v+7zxYrAYR6OTU63zj3UHgJPcZB+5I/WmWdB76
-8rkVQchwZFN9cApG8P7xY3PMvLzgaA3pglLzGVOkE82jgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUXGAyimP5SZW3Tl4oQcvi6zhHp3YwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDZwAwZAIwNatJtlYlAo/Y/oUpUt277U9Sgxt7Cf8pwxiESATfNN39GaST
-yym9b+WD7NdqF5kCAjBj5xFNwvC3UFDRIMGf2Ceo/d2hV8SazeT/kzbkMqdZUSR7
-8xf/SS22gtqh+b/cNSk=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13289 (0x33e9)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:34:00 2017 GMT
- Not After : Oct 17 09:34:00 2027 GMT
- Subject: CN=qqcs
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:9a:b6:99:d8:c9:2c:92:54:2a:9c:58:a3:1a:87:
- 7c:d3:90:4b:31:09:71:9a:65:6f:9e:04:8f:52:dc:
- 13:23:0f:d0:43:6f:6f:cd:87:1b:f6:43:e1:b8:45:
- e2:c2:21:e2:c1:ca:13:f8:5c:d4:7c:44:c4:8e:d2:
- d8:d4:c2:5e:76:89:93:1b:74:37:88:2e:c3:1e:3e:
- 80:b2:d0:2f:62:44:a6:cb:73:20:67:94:ed:b1:0a:
- 64:40:71:64:22:f8:6a
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- AA:02:0F:AC:73:99:75:38:B2:AA:0C:93:26:26:1C:16:CB:8E:0F:C6
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:21:83:0b:d3:2f:23:d3:94:5b:ec:f8:39:ab:eb:
- 8c:2b:d3:2d:d3:8c:02:91:c9:aa:27:43:94:2f:0b:4c:0a:3d:
- d3:5e:4e:f7:ce:00:a6:64:27:50:59:23:1c:ce:29:77:02:31:
- 00:cf:63:11:48:62:02:45:7c:4a:e2:b8:41:3a:28:9b:dc:24:
- c1:6e:04:19:fb:a5:0f:c0:46:85:ec:9c:c7:09:b2:c5:ca:a3:
- 2c:51:73:f1:8f:e0:83:3d:9e:61:a2:a1:30
------BEGIN CERTIFICATE-----
-MIIB6DCCAW6gAwIBAgICM+kwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTM0MDBaFw0yNzEwMTcwOTM0MDBaMA8xDTALBgNVBAMM
-BHFxY3MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASatpnYySySVCqcWKMah3zTkEsx
-CXGaZW+eBI9S3BMjD9BDb2/Nhxv2Q+G4ReLCIeLByhP4XNR8RMSO0tjUwl52iZMb
-dDeILsMePoCy0C9iRKbLcyBnlO2xCmRAcWQi+GqjgZYwgZMwCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUqgIPrHOZdTiyqgyTJiYcFsuOD8YwRQYDVR0jBD4wPIAUNPhcX7BP
-tuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc1Qe2
-VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0E
-AwIDaAAwZQIwIYML0y8j05Rb7Pg5q+uMK9Mt04wCkcmqJ0OULwtMCj3TXk73zgCm
-ZCdQWSMczil3AjEAz2MRSGICRXxK4rhBOiib3CTBbgQZ+6UPwEaF7JzHCbLFyqMs
-UXPxj+CDPZ5hoqEw
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12392 (0x3068)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:27 2017 GMT
- Not After : Oct 17 09:33:27 2027 GMT
- Subject: CN=rrendek
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:93:14:3f:24:4e:45:1b:b9:99:2d:3f:dd:de:34:
- ef:fe:d2:92:04:02:a7:15:a2:13:70:63:c3:2d:7c:
- c9:4c:e1:b9:3d:16:da:4b:82:ab:f4:f8:12:fb:97:
- 67:f9:5c:ed:a8:9f:59:a6:8f:95:07:60:51:ae:d1:
- 31:a2:f3:7b:84:8e:22:12:cf:15:9d:f2:28:79:6f:
- ae:81:7a:4f:8d:17:c8:51:40:5d:00:8a:be:d7:bc:
- 89:9c:5c:6a:74:26:bd
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- DC:B3:A4:15:7A:8C:D4:35:51:97:3C:CE:EB:AE:04:F3:16:6E:06:EC
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:51:85:3f:d2:fb:cb:3c:b2:23:38:67:74:21:57:
- d1:ce:30:98:ce:74:ba:25:bc:1d:4c:78:a8:9a:b3:9d:65:e4:
- bb:f3:18:11:3d:78:3f:cb:0e:4e:84:10:d1:e3:36:fb:02:31:
- 00:ac:47:55:f0:2e:4f:8d:04:10:f0:d7:ef:e6:20:49:50:37:
- d9:8d:48:0a:4c:74:3a:ad:94:31:34:fc:b2:d8:ad:80:49:50:
- fa:a7:97:6c:9c:e2:28:2c:9e:1f:14:50:22
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICMGgwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzMjdaFw0yNzEwMTcwOTMzMjdaMBIxEDAOBgNVBAMM
-B3JyZW5kZWswdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASTFD8kTkUbuZktP93eNO/+
-0pIEAqcVohNwY8MtfMlM4bk9FtpLgqv0+BL7l2f5XO2on1mmj5UHYFGu0TGi83uE
-jiISzxWd8ih5b66Bek+NF8hRQF0Air7XvImcXGp0Jr2jgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQU3LOkFXqM1DVRlzzO664E8xZuBuwwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIwUYU/0vvLPLIjOGd0IVfRzjCYznS6JbwdTHiomrOdZeS78xgR
-PXg/yw5OhBDR4zb7AjEArEdV8C5PjQQQ8Nfv5iBJUDfZjUgKTHQ6rZQxNPyy2K2A
-SVD6p5dsnOIoLJ4fFFAi
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12884 (0x3254)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:34:10 2017 GMT
- Not After : Oct 17 09:34:10 2027 GMT
- Subject: CN=rtoth
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:7a:7e:21:3f:34:e9:74:19:bb:bf:7e:9e:2b:c4:
- 62:fd:ad:9f:ed:82:83:00:5d:39:53:14:81:44:0f:
- 2b:bc:a8:6e:e3:10:00:fd:78:85:d2:76:12:bd:8a:
- 3d:0d:8c:45:cc:ef:d2:2e:17:b0:d6:0a:68:c9:7a:
- 12:f5:b4:df:44:11:27:da:22:4b:44:8c:4f:d9:d3:
- 7c:be:ee:76:a1:5b:4b:ae:cd:fe:40:d1:43:9a:3b:
- fd:9a:13:c6:68:b0:38
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 86:F1:74:B7:CD:8B:58:F7:D8:BD:31:75:B5:3F:EE:E1:6A:BB:99:0C
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:b9:da:3e:da:46:23:d5:66:a0:0e:c9:e1:cd:
- 09:66:11:30:47:4f:e8:d7:5e:1e:6b:7e:4a:ba:01:d9:2b:8d:
- d7:0c:9d:b1:53:a9:90:89:71:4b:18:ea:84:76:26:c1:e4:02:
- 30:76:0f:ab:a2:75:cc:8d:b0:5a:b9:b6:1a:32:50:2e:aa:d2:
- 3e:fb:be:da:35:e1:d0:17:95:49:fd:b5:63:c6:e8:b6:b9:3c:
- 53:6d:b6:4d:ad:00:27:7f:a5:60:f9:1e:db
------BEGIN CERTIFICATE-----
-MIIB6TCCAW+gAwIBAgICMlQwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTM0MTBaFw0yNzEwMTcwOTM0MTBaMBAxDjAMBgNVBAMM
-BXJ0b3RoMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEen4hPzTpdBm7v36eK8Ri/a2f
-7YKDAF05UxSBRA8rvKhu4xAA/XiF0nYSvYo9DYxFzO/SLhew1gpoyXoS9bTfRBEn
-2iJLRIxP2dN8vu52oVtLrs3+QNFDmjv9mhPGaLA4o4GWMIGTMAkGA1UdEwQCMAAw
-HQYDVR0OBBYEFIbxdLfNi1j32L0xdbU/7uFqu5kMMEUGA1UdIwQ+MDyAFDT4XF+w
-T7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA3NUH
-tlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49
-BAMCA2gAMGUCMQC52j7aRiPVZqAOyeHNCWYRMEdP6NdeHmt+SroB2SuN1wydsVOp
-kIlxSxjqhHYmweQCMHYPq6J1zI2wWrm2GjJQLqrSPvu+2jXh0BeVSf21Y8botrk8
-U222Ta0AJ3+lYPke2w==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 1 (0x1)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:26:59 2017 GMT
- Not After : Oct 17 09:26:59 2027 GMT
- Subject: CN=server
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:f3:0e:85:4d:7a:51:75:26:35:e7:56:09:01:4f:
- a7:b4:75:c7:98:55:a7:ca:21:88:bf:0d:7a:29:c0:
- ed:f8:e5:fa:bb:4b:f7:73:63:9c:b5:37:bc:b6:b3:
- 24:3c:46:73:d0:46:4f:25:7c:b6:98:2f:03:85:b0:
- 13:11:6f:c1:0a:a4:ce:d1:70:1f:f4:60:fc:cc:29:
- 25:c0:b9:22:61:58:22:d6:3f:d2:f6:67:9f:06:ec:
- da:9f:b3:ca:1f:da:9d
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 1C:77:A0:CE:67:4B:FE:FC:6F:51:C0:C1:5D:E3:94:FD:26:CE:63:3E
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Server Authentication
- X509v3 Key Usage:
- Digital Signature, Key Encipherment
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:88:ec:52:55:18:34:d6:8c:e4:d2:26:c1:ec:
- ac:8a:09:74:7f:3b:0f:ae:28:30:de:04:2b:5c:5a:25:8a:f9:
- 6a:49:e8:a9:aa:1d:a3:86:17:f7:46:9f:3c:d0:fb:0b:98:02:
- 30:4e:a5:cf:fc:18:9e:89:c3:b3:48:3c:20:b4:2c:d8:8b:f7:
- 10:0f:80:e8:d9:40:ab:a4:3b:87:e3:57:a2:e5:15:2f:1a:10:
- c6:7a:e1:2b:c9:9c:20:49:a8:20:94:6b:d8
------BEGIN CERTIFICATE-----
-MIIB6TCCAW+gAwIBAgIBATAKBggqhkjOPQQDAjAVMRMwEQYDVQQDDApPcGVuVlBO
-IENBMB4XDTE3MTAxOTA5MjY1OVoXDTI3MTAxNzA5MjY1OVowETEPMA0GA1UEAwwG
-c2VydmVyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8w6FTXpRdSY151YJAU+ntHXH
-mFWnyiGIvw16KcDt+OX6u0v3c2OctTe8trMkPEZz0EZPJXy2mC8DhbATEW/BCqTO
-0XAf9GD8zCklwLkiYVgi1j/S9mefBuzan7PKH9qdo4GWMIGTMAkGA1UdEwQCMAAw
-HQYDVR0OBBYEFBx3oM5nS/78b1HAwV3jlP0mzmM+MEUGA1UdIwQ+MDyAFDT4XF+w
-T7bi70OK2atYdNBWyEvPoRmkFzAVMRMwEQYDVQQDDApPcGVuVlBOIENBggkA3NUH
-tlaAz/MwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYDVR0PBAQDAgWgMAoGCCqGSM49
-BAMCA2gAMGUCMQCI7FJVGDTWjOTSJsHsrIoJdH87D64oMN4EK1xaJYr5aknoqaod
-o4YX90afPND7C5gCME6lz/wYnonDs0g8ILQs2Iv3EA+A6NlAq6Q7h+NXouUVLxoQ
-xnrhK8mcIEmoIJRr2A==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 14004 (0x36b4)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Jan 30 10:47:27 2018 GMT
- Not After : Jan 28 10:47:27 2028 GMT
- Subject: CN=zbartakovics
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:8e:37:8a:ac:33:b1:25:3b:48:63:b1:8b:49:68:
- d3:a2:56:b7:b6:6b:0e:de:ed:9f:7e:0e:c9:8c:8d:
- 1f:37:81:de:99:1c:ee:d8:74:ac:e0:73:cb:93:bd:
- c6:6f:32:a2:30:ae:d6:87:93:59:0d:b3:09:67:ba:
- fc:4b:43:54:ac:d2:86:2c:4a:08:91:08:d5:ef:17:
- 4e:b4:65:c3:69:55:3f:65:b5:18:59:31:e8:17:21:
- 04:eb:af:11:e3:b0:56
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 99:1D:BF:07:30:49:FC:A7:A7:2C:A2:3C:DD:C4:C8:4C:7A:BF:97:8E
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:15:70:82:b0:56:64:69:39:d9:05:44:4c:8a:59:
- 9f:2f:33:80:19:91:92:de:cb:8b:00:92:0c:0d:7c:0a:43:ec:
- bd:b3:dc:ca:d8:3b:ca:d1:b1:39:83:25:2f:00:0b:f8:02:31:
- 00:92:db:1d:38:d9:e2:7d:c2:43:8e:c1:7b:45:f3:e5:c0:aa:
- d2:d9:f7:be:28:d9:c1:b3:40:04:7d:6f:86:2f:ab:bb:4b:6d:
- 3e:ec:af:e2:27:b0:95:ce:2b:fc:0b:1f:b8
------BEGIN CERTIFICATE-----
-MIIB8DCCAXagAwIBAgICNrQwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xODAxMzAxMDQ3MjdaFw0yODAxMjgxMDQ3MjdaMBcxFTATBgNVBAMM
-DHpiYXJ0YWtvdmljczB2MBAGByqGSM49AgEGBSuBBAAiA2IABI43iqwzsSU7SGOx
-i0lo06JWt7ZrDt7tn34OyYyNHzeB3pkc7th0rOBzy5O9xm8yojCu1oeTWQ2zCWe6
-/EtDVKzShixKCJEI1e8XTrRlw2lVP2W1GFkx6BchBOuvEeOwVqOBljCBkzAJBgNV
-HRMEAjAAMB0GA1UdDgQWBBSZHb8HMEn8p6csojzdxMhMer+XjjBFBgNVHSMEPjA8
-gBQ0+FxfsE+24u9DitmrWHTQVshLz6EZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBD
-QYIJANzVB7ZWgM/zMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAK
-BggqhkjOPQQDAgNoADBlAjAVcIKwVmRpOdkFREyKWZ8vM4AZkZLey4sAkgwNfApD
-7L2z3MrYO8rRsTmDJS8AC/gCMQCS2x042eJ9wkOOwXtF8+XAqtLZ974o2cGzQAR9
-b4Yvq7tLbT7sr+InsJXOK/wLH7g=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 10257 (0x2811)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:38 2017 GMT
- Not After : Oct 17 09:33:38 2027 GMT
- Subject: CN=zfelleg
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:cf:d4:8f:88:15:a2:5f:1a:5d:2d:dd:51:2b:0d:
- f1:6e:0b:4d:8b:81:67:ac:37:75:0b:1a:fa:fa:08:
- 5b:4c:4a:d1:9b:63:df:b6:df:bd:dc:14:75:47:c3:
- 77:6c:0e:f6:c1:7b:21:4b:5d:91:7e:93:7e:39:ac:
- 07:69:86:15:9f:d8:b2:85:ee:2e:24:24:b7:e1:12:
- 2a:d9:04:5b:f3:22:9e:2c:f3:3a:aa:3c:0d:de:28:
- 13:8b:7a:b6:72:62:28
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 0E:89:B8:B3:3F:79:44:1B:2D:22:D5:67:BE:BB:FB:4B:F8:52:27:4B
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:ed:61:aa:ec:d9:b6:11:19:58:65:7f:57:3c:
- 98:a8:dd:c0:db:3f:c2:43:a4:a6:21:34:98:21:f2:43:2f:81:
- c6:a2:b1:f2:c9:eb:ea:37:6a:18:f9:81:ea:33:1a:6a:d4:02:
- 30:48:a3:18:1a:4f:2e:8b:5e:67:e5:a9:f3:48:01:25:b9:73:
- 0c:48:50:9f:0a:c1:9f:45:d3:e9:70:09:bd:18:38:17:66:0b:
- f2:24:a2:77:0e:53:bf:67:be:36:9d:d7:9d
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICKBEwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzMzhaFw0yNzEwMTcwOTMzMzhaMBIxEDAOBgNVBAMM
-B3pmZWxsZWcwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATP1I+IFaJfGl0t3VErDfFu
-C02LgWesN3ULGvr6CFtMStGbY9+2373cFHVHw3dsDvbBeyFLXZF+k345rAdphhWf
-2LKF7i4kJLfhEirZBFvzIp4s8zqqPA3eKBOLerZyYiijgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUDom4sz95RBstItVnvrv7S/hSJ0swRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIxAO1hquzZthEZWGV/VzyYqN3A2z/CQ6SmITSYIfJDL4HGorHy
-yevqN2oY+YHqMxpq1AIwSKMYGk8ui15n5anzSAEluXMMSFCfCsGfRdPpcAm9GDgX
-ZgvyJKJ3DlO/Z742nded
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12097 (0x2f41)
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=OpenVPN CA
- Validity
- Not Before: Oct 19 09:33:49 2017 GMT
- Not After : Oct 17 09:33:49 2027 GMT
- Subject: CN=zsnemes
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ef:9d:6d:83:d5:6a:c2:ac:d9:a5:9f:37:e0:8f:
- cc:a1:38:66:87:b8:ed:b3:3a:3b:b3:04:de:c9:54:
- 72:4c:c5:0e:50:81:0f:9e:8c:cd:27:61:99:25:58:
- f6:b4:c8:0c:0b:2e:95:4e:a4:64:b1:25:b7:32:f5:
- 18:62:9b:3a:65:de:3c:5f:b3:c3:9d:30:34:b2:a5:
- 45:18:b8:17:a6:ef:47:29:48:56:e0:ff:93:4a:a8:
- 21:e9:1b:f4:71:63:7e
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 97:0E:42:9E:05:27:59:9E:29:8E:22:AA:1A:85:E0:F9:B8:03:DA:20
- X509v3 Authority Key Identifier:
- keyid:34:F8:5C:5F:B0:4F:B6:E2:EF:43:8A:D9:AB:58:74:D0:56:C8:4B:CF
- DirName:/CN=OpenVPN CA
- serial:DC:D5:07:B6:56:80:CF:F3
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:86:0d:4d:32:f7:5b:5f:a6:f8:36:52:7c:37:
- bd:d3:1a:39:c3:16:0b:42:2e:95:4d:ff:ed:25:05:89:03:11:
- 34:c2:30:7c:94:69:a5:90:68:15:7e:eb:1e:87:e4:c5:c1:02:
- 30:20:c1:1a:86:89:2c:b5:67:f7:1a:a5:bb:4e:8e:cd:42:78:
- 32:e7:75:b6:d0:c3:e5:61:40:48:c1:6b:20:54:42:de:ee:7a:
- aa:7e:52:d9:c6:ee:16:90:1a:8c:0a:ae:b3
------BEGIN CERTIFICATE-----
-MIIB6zCCAXGgAwIBAgICL0EwCgYIKoZIzj0EAwIwFTETMBEGA1UEAwwKT3BlblZQ
-TiBDQTAeFw0xNzEwMTkwOTMzNDlaFw0yNzEwMTcwOTMzNDlaMBIxEDAOBgNVBAMM
-B3pzbmVtZXMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATvnW2D1WrCrNmlnzfgj8yh
-OGaHuO2zOjuzBN7JVHJMxQ5QgQ+ejM0nYZklWPa0yAwLLpVOpGSxJbcy9Rhimzpl
-3jxfs8OdMDSypUUYuBem70cpSFbg/5NKqCHpG/RxY36jgZYwgZMwCQYDVR0TBAIw
-ADAdBgNVHQ4EFgQUlw5CngUnWZ4pjiKqGoXg+bgD2iAwRQYDVR0jBD4wPIAUNPhc
-X7BPtuLvQ4rZq1h00FbIS8+hGaQXMBUxEzARBgNVBAMMCk9wZW5WUE4gQ0GCCQDc
-1Qe2VoDP8zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZI
-zj0EAwIDaAAwZQIxAIYNTTL3W1+m+DZSfDe90xo5wxYLQi6VTf/tJQWJAxE0wjB8
-lGmlkGgVfuseh+TFwQIwIMEahokstWf3GqW7To7NQngy53W20MPlYUBIwWsgVELe
-7nqqflLZxu4WkBqMCq6z
------END CERTIFICATE-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDXDmyQ4XF5iPRhk/8g
-XXdZ5ECp/D3r7OnQDsORGakLdezeXNdK0ZgdIBX0R5/Vg1mhZANiAATKgcFK6lkK
-5rU0kHhgrpq5XNhSPuyPMACWwGteF2Crcglz4z4xW/f+7TFIlG/poEpwdlVbQQfq
-r+KKsV9cleT0tGAdkcgP+1f2U3kHOi7Jb5ZqfR4c9nQZdoy7wd3d/20=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBWJGEFVc/SmIhR0WOU
-yvUkd77l0e1NWkcUaVzR9ImZR8hVKPHkSH7mxgZW8ntIWBShZANiAATawlMGg/dI
-5Wr4ifzVvdvQuXzg2YMsY3vSX4GngfzIPf8zqEjwqnsHaBuqAXBe2NEYphLJZUIq
-Q7w3GUFXorzl+5tKC4hHUOKtPnkiVMDprCov5+0NoME4hp5F7BQSo3M=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAcQQScflm1tSD4BQhX
-fWc/SL9jTmJnJC4hHlFyr6u558vkhOn49nOv62bdtGUKQjGhZANiAASPPHQuXdeQ
-rFwv6P7zio1ra5aYp2PjA0JMK0kiqAfCrAaJqIAEJl5oeai5hHk+2phWFTbyfAn4
-QXhcjizeGxiKSUyP/u2Vjw/LW+JksWPvPdGVSfFOc0enEZQcNtrmVc8=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDArFkY/hBHoHVjQTRyX
-IrGy0dove2XopHBruMLhyoCeALqMVf71yMiC5ULPfcHa832hZANiAAQ3ZmbBuJAD
-gI11ItthLnIOeASRndqZOR2JCw40kAYNPYwlL/xWdbyFqyRUFPQnOUkQEYBKB3ty
-7XmNlTTjBxM72lHrirV3tnHkl+YFTyc+CsH2H/+/pF5DyrxC/T9Jw1s=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDe4Jpe920R6SnsUcPv
-m1PNDzITYzGgFBfuQgAsx6xyVacWYTjDoezx18adTrxebB6hZANiAARmVFgyQz8L
-UFbB2G6VIeGOjACQJdoA3w5SmueCvJP+oD/QCb4thCZZ3A115/gSWFJNbjFopBmr
-h3fqnXKCd/eUQpFBKSDa7/matMIHDUMRk6CDwJLXPjBOW21iqWJ2jQk=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCsHP52L0UObr9/psSM
-ua2cxeyl2m92YG5GgOAml76NIMUFfeFQgqGSW1slknJISZqhZANiAATyGAmuzTFp
-gM+byhv/Z9hAYdxIYLUZ+UCqC5ILK9l8HwEjzXpiUQpqVxhJ3dNrcUhOMWl8Vrlo
-7aTop8u7bPiV9HZkBxSPTwTpJqJ0RqUQd2cYKJyNKRD3f5Kyg3UZjXQ=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAiyNiQ4nY7MGLfAJwW
-spibaY/IOE/swPb1Ho2hwLXe7FTeGh1xSGH/NKlUE+KafoOhZANiAAShD3S4uN5D
-wPWmXCRJ+zi8gNe3r6O+jfYIhwsTiy/AHNYaJ3gm1TsPAfOLoD+g3LUqiI19MbKY
-q3FDjNPXwoSk2+hA5oPYb32Mxc+HXbxusm5aB2TLplfgBXg1rnHaXrc=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDARoRvzkpzAcOI8m67x
-hCTeRoMbGd40xLhjrm+wAufAwpw3qqJe/LHNP12sOuEHbGihZANiAATmLmWEigXn
-0jJrhSAmzQ3coubMIzb0M3vwbA2gjfgME3dX924Ctxo1sO4xJg1XMd8R+hVzvdM+
-5ryXm17aQbA2opWYO6ZO9RiMnv8mjz4Ak7AUhE1D8AH6lW0y8kEOT14=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDATa0Ldyit4RAnORuqq
-C4y/tAt7nJCaZkGnOsL7NE2V2iKSNyfQ0cH3go0Rb9db/i6hZANiAAQsQOyBia0b
-rsgcPl1iL14nM9JCurlsODTqkNbdEOazGfUCSv6MtHfPb8WrgYKIPE6bgsMiwh/I
-x1OvGPmbks8YUY+VZ2sEn/SVuIsaatRMI8UzRiDS5RW/va8caESYhYI=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAxNEO7csy6z8FIuKh0
-cUYc7KxGcFNiRb1U0ArLkuTxcFCMBar/1RbshVlrM6ecWQKhZANiAARTjfj0/V/J
-s0xX9sSTf5RDMQliyu9a2BJUWViEIapZi1ojqbcb6ObjpnYUdUXH1QyJXOee8VYq
-bSW4MG9K3YAIsKYHyJjW8woH2WDQAFh/9qVreFOCRFqBAVQYbxv0mfk=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBlmrzRa0VPDEy4dULf
-z8bt4hVQI0iuIVr7VP7WkGqyfaJXGZlH6OUcsISxn2xTKWChZANiAAQhDXc5t7FD
-Lemi6ak7iM2T1QVNtVgEH0N2G5Mew9LYFTffP9R1x4HMePhjhI1JDUmycV6zcwur
-DFv/mmg5G2rCjrAPvM1pk3lz8sO5BGaHIJAcS8fE6XeGpqWPWaBtA0s=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA5CxtZG7mg0mVsbSQS
-QM45ehcXPIjeWufTSVmDFGXG3ON+mmjr/H7/N4yOY3Clj7+hZANiAASrYTreiU4O
-Y+rIa5gai8T5cvS/sg7rlO8EbKnkeFP5qK9qFJsn6RdFx/me5NNZQ5wTxxVjgI6q
-rPyaVVlkfGI9LFAgl9HBHiKUU3RKXzD7oD264J0u4nCvc6XAMkV3LiA=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDApjJ+iDz8X3qtoQVtC
-jUgcydPDcz6VjstIZ5PGAsYw1QiWbC+7OvnEy+oMETvEzxahZANiAAQlPqO9ySde
-usYwaA+QF5SJaTAEcGq6FkA9BAjtAC2ixEWq26+F0qZAe2mFvM+aQWYLTRrEglOw
-0ctTmDmQERFe55ins3ExsVW+B+/taufc6Tj9A/zVUu2o2t6IIm3CgAo=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAGMS95Xt2w9eVSEIRz
-QiRQPN5zL1INxTsHy5flZSBvIe/1++f8Il+/vhSssmQeeBmhZANiAAT8XrPkKTSz
-0CgjErlKqoVhKs0Wm/k43AYysTkPiZ/fqm4ccJnb6apdIev2bY/mayW99uZIL3Xu
-FhCl5VTXMn5uJh3CjniAnmk/UDg2QzZClfVCsyIvbIu9yixA6j+Ezr4=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCDTjabyjcmnlfQF/VI
-cCppGo1RnOkZwbaw9uxuZt11AY9YidT/5HW7aKo/U8ie4cGhZANiAARpwIYnofp0
-Khgh3NTRS7Nu1RYGt1CNOlyG6rklhL1OZdl8MxOOY2TLcDk6rKXQaE31qvFWjFUR
-JtPDwEoQeDV9ulb2mvWvPWu+refinA7sQrJJ4/jWNg3dVvvjwH005S4=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAWd4gq0fjrX6niP1sy
-BWNPL4IH/XsTCC6H7YzbUq3G6/m5B67/P6TLidyEjKAdx1WhZANiAASwemJDEItL
-rj4TyxCzjIVNu3TfYbsrCgj7FeKFCQXuj/RlQ0v+7zxYrAYR6OTU63zj3UHgJPcZ
-B+5I/WmWdB768rkVQchwZFN9cApG8P7xY3PMvLzgaA3pglLzGVOkE80=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCPSKMchbxya5tE3BvA
-aVwiGkpkGTYbBvB/2JSNYCyY9NlPJE740SiHT4k2722T6cihZANiAASatpnYySyS
-VCqcWKMah3zTkEsxCXGaZW+eBI9S3BMjD9BDb2/Nhxv2Q+G4ReLCIeLByhP4XNR8
-RMSO0tjUwl52iZMbdDeILsMePoCy0C9iRKbLcyBnlO2xCmRAcWQi+Go=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBtLhYsFhfQiSZ3tsoP
-Ohxtg8tjRVo5xuNdtovcs9sM6JdHVgNTppG2MHE9br37y6yhZANiAASTFD8kTkUb
-uZktP93eNO/+0pIEAqcVohNwY8MtfMlM4bk9FtpLgqv0+BL7l2f5XO2on1mmj5UH
-YFGu0TGi83uEjiISzxWd8ih5b66Bek+NF8hRQF0Air7XvImcXGp0Jr0=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDYZtocWg502oc7z6yZ
-5prVXiJHzDxU5ujIdDzWicgPcPHSME2CwewAvXM07n5qXFmhZANiAAR6fiE/NOl0
-Gbu/fp4rxGL9rZ/tgoMAXTlTFIFEDyu8qG7jEAD9eIXSdhK9ij0NjEXM79IuF7DW
-CmjJehL1tN9EESfaIktEjE/Z03y+7nahW0uuzf5A0UOaO/2aE8ZosDg=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAX1a49j7Quu74cFXmJ
-IupkeE9mTr/tKPgPGiUCv0kyEVauuNkEpyBLO8nPQ81As9mhZANiAATzDoVNelF1
-JjXnVgkBT6e0dceYVafKIYi/DXopwO345fq7S/dzY5y1N7y2syQ8RnPQRk8lfLaY
-LwOFsBMRb8EKpM7RcB/0YPzMKSXAuSJhWCLWP9L2Z58G7Nqfs8of2p0=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDjqbEAqwUzgWCosiqe
-HcQFZ3ryCgJ+T91AnFv7rv/ZW6lkQ7tXJZ+F3ZHbMfEnsuShZANiAASON4qsM7El
-O0hjsYtJaNOiVre2aw7e7Z9+DsmMjR83gd6ZHO7YdKzgc8uTvcZvMqIwrtaHk1kN
-swlnuvxLQ1Ss0oYsSgiRCNXvF060ZcNpVT9ltRhZMegXIQTrrxHjsFY=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDlCNDXEXfkpMfZ4qrW
-tHKzpFEibWhvxc2cYDnXXb4SuZ999Xi1cZXp7McJ1lwntFWhZANiAATP1I+IFaJf
-Gl0t3VErDfFuC02LgWesN3ULGvr6CFtMStGbY9+2373cFHVHw3dsDvbBeyFLXZF+
-k345rAdphhWf2LKF7i4kJLfhEirZBFvzIp4s8zqqPA3eKBOLerZyYig=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDANt00lPuqR3fd6Ugh3
-3jI+P1HQ15Nwb3CAE04fzwAA30upq12Dao3oxs90TPen8fuhZANiAATvnW2D1WrC
-rNmlnzfgj8yhOGaHuO2zOjuzBN7JVHJMxQ5QgQ+ejM0nYZklWPa0yAwLLpVOpGSx
-Jbcy9Rhimzpl3jxfs8OdMDSypUUYuBem70cpSFbg/5NKqCHpG/RxY34=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCTCBkAIBADARMQ8wDQYDVQQDDAZhYm9yemEwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAATKgcFK6lkK5rU0kHhgrpq5XNhSPuyPMACWwGteF2Crcglz4z4xW/f+7TFI
-lG/poEpwdlVbQQfqr+KKsV9cleT0tGAdkcgP+1f2U3kHOi7Jb5ZqfR4c9nQZdoy7
-wd3d/22gADAKBggqhkjOPQQDAgNoADBlAjAHn6n+wwImEU6d8tn4wMlC5rk28Jn3
-VtZfeKd4k540CFx4J73Lzc9PzQaNgUDm2vQCMQC+wOh3T/Is8VLDw76Ht8WK74jd
-JyR3lWuNW+GXqA22/Zka4fkD0ihiQWOhwo/t5M0=
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCTCBkAIBADARMQ8wDQYDVQQDDAZhY3NpYmEwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAATawlMGg/dI5Wr4ifzVvdvQuXzg2YMsY3vSX4GngfzIPf8zqEjwqnsHaBuq
-AXBe2NEYphLJZUIqQ7w3GUFXorzl+5tKC4hHUOKtPnkiVMDprCov5+0NoME4hp5F
-7BQSo3OgADAKBggqhkjOPQQDAgNoADBlAjEAw69iohBTC/k5P1SNegtRvj7xNr8z
-qpCLNWpwpD+R7fQn/2oGrFcP8n1UUD2FCrRSAjBxvguhMfxhfB/6Zl3SLCSVTO1U
-zo4dJN1h/jjUEXaxYxNho6Rn3pKJIULn+aWp+v8=
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBDzCBlgIBADAXMRUwEwYDVQQDDAxha29zenRvbGFueWkwdjAQBgcqhkjOPQIB
-BgUrgQQAIgNiAASPPHQuXdeQrFwv6P7zio1ra5aYp2PjA0JMK0kiqAfCrAaJqIAE
-Jl5oeai5hHk+2phWFTbyfAn4QXhcjizeGxiKSUyP/u2Vjw/LW+JksWPvPdGVSfFO
-c0enEZQcNtrmVc+gADAKBggqhkjOPQQDAgNoADBlAjEA1B8DJJV3T4P1QS/u4jC4
-xQ146ioh9foP0Qk7/K2WTF+cnXNDCTCPUKeeen4h2J/OAjB2tJwM9FWvhQklgHQh
-0bbpFz3wUG9e98//hGBbAcylvPsXzIQLUvhIwdcCjlLI51I=
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCzCBkwIBADAUMRIwEAYDVQQDDAlhenNhbWJva2kwdjAQBgcqhkjOPQIBBgUr
-gQQAIgNiAAQ3ZmbBuJADgI11ItthLnIOeASRndqZOR2JCw40kAYNPYwlL/xWdbyF
-qyRUFPQnOUkQEYBKB3ty7XmNlTTjBxM72lHrirV3tnHkl+YFTyc+CsH2H/+/pF5D
-yrxC/T9Jw1ugADAKBggqhkjOPQQDAgNnADBkAjAORjxnyGtfv8E0QjnlDG3HgnLW
-dDTL58ucnYnipQ9XuDwdeYD+8dorvsm92jqFcA0CMAGy+ISAWh2n397dqeI4Xlml
-m9nCpnjUf/PHpYmEFEzcryU2BZL6ZT2z3DdJqIv6bQ==
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCzCBkgIBADATMREwDwYDVQQDDAhjc2d1bHlhczB2MBAGByqGSM49AgEGBSuB
-BAAiA2IABPIYCa7NMWmAz5vKG/9n2EBh3EhgtRn5QKoLkgsr2XwfASPNemJRCmpX
-GEnd02txSE4xaXxWuWjtpOiny7ts+JX0dmQHFI9PBOkmonRGpRB3ZxgonI0pEPd/
-krKDdRmNdKAAMAoGCCqGSM49BAMCA2gAMGUCMQCREMfh5Pi8JhC/zDaG2JJ6eY4X
-o1NMcUwfjBpwAvonaC0jo1U76Gg1zxsdVxJAPuACMB/Nxz1UNWsTydwyTS3JyaAT
-QstJL5PIYCAR37fUrU9K4EpQd3z3Edi32JIGlb9wiA==
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCjCBkQIBADASMRAwDgYDVQQDDAdjc2xldmFpMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAEoQ90uLjeQ8D1plwkSfs4vIDXt6+jvo32CIcLE4svwBzWGid4JtU7DwHz
-i6A/oNy1KoiNfTGymKtxQ4zT18KEpNvoQOaD2G99jMXPh128brJuWgdky6ZX4AV4
-Na5x2l63oAAwCgYIKoZIzj0EAwIDaAAwZQIwfkWR5WF3c1o+uV7ZWoYV/BEKl0m7
-8YiH8VrV1WXtZPW+1zzzpwCBGlRJ2FwBuqSMAjEAjx6g0IRQ/Zzw4Y6aCGOH6mP2
-aKqp5VAIJJFjJ/gPovPDxDgJFWhFuFlzcdm2Venv
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCTCBkQIBADASMRAwDgYDVQQDDAdkdmFzYXJ5MHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAE5i5lhIoF59Iya4UgJs0N3KLmzCM29DN78GwNoI34DBN3V/duArcaNbDu
-MSYNVzHfEfoVc73TPua8l5te2kGwNqKVmDumTvUYjJ7/Jo8+AJOwFIRNQ/AB+pVt
-MvJBDk9eoAAwCgYIKoZIzj0EAwIDZwAwZAIwQgDM/EyEAz0G+0Vqel9bMbddmnmD
-u5otbshs7IIRjEUgtaaM3zOgClgMNuDDc1GcAjAwvERdKdEyIwYRuWviRmHyOpI9
-0nvmEbPS52Vkdgu2WJpSEUC7TKUkElk2kmL9V10=
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCzCBkQIBADASMRAwDgYDVQQDDAdmcml0dGVyMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAELEDsgYmtG67IHD5dYi9eJzPSQrq5bDg06pDW3RDmsxn1Akr+jLR3z2/F
-q4GCiDxOm4LDIsIfyMdTrxj5m5LPGFGPlWdrBJ/0lbiLGmrUTCPFM0Yg0uUVv72v
-HGhEmIWCoAAwCgYIKoZIzj0EAwIDaQAwZgIxAJ2V46Z1RFtSNPPOaUkeHmNlT/vT
-VMiRYLCILaQiVXfu+z7ac23UsPex1QIDlxlIxgIxANSjHlc5G0suEd/8Ci+/MKMO
-oM0RrNFiT7N/yaeZN/kETTez0Ff6uXNwQK4yvqILQQ==
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCzCBkgIBADATMREwDwYDVQQDDAhmc2NobmVsbDB2MBAGByqGSM49AgEGBSuB
-BAAiA2IABFON+PT9X8mzTFf2xJN/lEMxCWLK71rYElRZWIQhqlmLWiOptxvo5uOm
-dhR1RcfVDIlc557xViptJbgwb0rdgAiwpgfImNbzCgfZYNAAWH/2pWt4U4JEWoEB
-VBhvG/SZ+aAAMAoGCCqGSM49BAMCA2gAMGUCMEsBzT78nmPLpK2HRJJxK/BJPcMl
-E70gcIm2YIR9qn2L/IQhktELOqoeILMURnR2qAIxAPiSkyKoVp7iRfyq8MvbiJB8
-aIo/blqnEDgi1m0Y/s/wuHRwJAsIn1nK6B55S3jjyA==
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCjCBkQIBADASMRAwDgYDVQQDDAdpZmFiaWFuMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAEIQ13ObexQy3poumpO4jNk9UFTbVYBB9DdhuTHsPS2BU33z/UdceBzHj4
-Y4SNSQ1JsnFes3MLqwxb/5poORtqwo6wD7zNaZN5c/LDuQRmhyCQHEvHxOl3hqal
-j1mgbQNLoAAwCgYIKoZIzj0EAwIDaAAwZQIxANNPYThD0Cil9d7rU6DohzuVDgYz
-TD0zUWxoZh6IuyCkhueEgO7v3zI+7HHwUdF0mwIwFTMXmxUmGFcIkFziUk2Ccwf2
-WAwQHouAeMguwDd5XVl7+6pFmJ9bXXHm+sPumuFs
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCzCBkgIBADATMREwDwYDVQQDDAhraG9ydmF0aDB2MBAGByqGSM49AgEGBSuB
-BAAiA2IABKthOt6JTg5j6shrmBqLxPly9L+yDuuU7wRsqeR4U/mor2oUmyfpF0XH
-+Z7k01lDnBPHFWOAjqqs/JpVWWR8Yj0sUCCX0cEeIpRTdEpfMPugPbrgnS7icK9z
-pcAyRXcuIKAAMAoGCCqGSM49BAMCA2gAMGUCMQChfy+YUCLrhvagP6wcWV9dSu5x
-7PrKDJGAuqcdufaFxn6PGG+K4szyrBkvGh5y6UcCMB0dpGJcz9ObOclOdg8XT2om
-5xqYIwcmh1P94/Nu41VCudq9XfTo3uovuleqhFfIXw==
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCDCBjwIBADAQMQ4wDAYDVQQDDAVra2VsZTB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABCU+o73JJ166xjBoD5AXlIlpMARwaroWQD0ECO0ALaLERarbr4XSpkB7aYW8
-z5pBZgtNGsSCU7DRy1OYOZAREV7nmKezcTGxVb4H7+1q59zpOP0D/NVS7aja3ogi
-bcKACqAAMAoGCCqGSM49BAMCA2gAMGUCMQC5ojkTrBXwECnhKwXfpjPyD3X4QHKV
-wMU8UkTW7GrcFujaRmrwdAmaX6FaN53Tls4CMB9NYoHASiHQ6LBFFGF5VV4VIhhU
-JOAXEGDvA7n4OZIqSWBHKsl9ZMFdJFR8NqTE7g==
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCzCBkwIBADAUMRIwEAYDVQQDDAlrc2NoYWZmZXIwdjAQBgcqhkjOPQIBBgUr
-gQQAIgNiAAT8XrPkKTSz0CgjErlKqoVhKs0Wm/k43AYysTkPiZ/fqm4ccJnb6apd
-Iev2bY/mayW99uZIL3XuFhCl5VTXMn5uJh3CjniAnmk/UDg2QzZClfVCsyIvbIu9
-yixA6j+Ezr6gADAKBggqhkjOPQQDAgNnADBkAjBk4JB3mbZLPtoFbXPWPM3lfVpw
-PHE7VkQtQ+E0BX8IrFU8R4T1nImdk2XIVWxsNQcCMEyksu0iBhXGmYeMOeyROERD
-L2/cc1nKZlgksMZgRV9jtisRGqEz5xk8R06jF9CuKQ==
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCjCBkAIBADARMQ8wDQYDVQQDDAZtc3phYm8wdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAARpwIYnofp0Khgh3NTRS7Nu1RYGt1CNOlyG6rklhL1OZdl8MxOOY2TLcDk6
-rKXQaE31qvFWjFURJtPDwEoQeDV9ulb2mvWvPWu+refinA7sQrJJ4/jWNg3dVvvj
-wH005S6gADAKBggqhkjOPQQDAgNpADBmAjEA4dPM+R0J+e6PZUREJgSuu19ZTJ55
-d724QwCa9e4g183kbH4tFDKw+AbGh/Mqa9aFAjEA2WoHY3D8qjqqHIg1y8AL3emC
-NWIKOC6CcDIdIEDW9K2ozHFWsrFl/v/V95acH1yb
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCjCBkQIBADASMRAwDgYDVQQDDAdwdG9tYm9yMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAEsHpiQxCLS64+E8sQs4yFTbt032G7KwoI+xXihQkF7o/0ZUNL/u88WKwG
-Eejk1Ot8491B4CT3GQfuSP1plnQe+vK5FUHIcGRTfXAKRvD+8WNzzLy84GgN6YJS
-8xlTpBPNoAAwCgYIKoZIzj0EAwIDaAAwZQIxAIN3/Ml9/EUkSfmMocYrw7o2FhjD
-JPwT4CwoXhHOi0v3G+oiYUngpSu/MrNH8Cv6WQIwO5rXLP+JSoq7JuwhcTaq/Wvk
-6DHRBNQruYut4L9XkKuQMFx+SWtVey4lbGv/Q2WB
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBBzCBjgIBADAPMQ0wCwYDVQQDDARxcWNzMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEmraZ2MksklQqnFijGod805BLMQlxmmVvngSPUtwTIw/QQ29vzYcb9kPhuEXi
-wiHiwcoT+FzUfETEjtLY1MJedomTG3Q3iC7DHj6AstAvYkSmy3MgZ5TtsQpkQHFk
-IvhqoAAwCgYIKoZIzj0EAwIDaAAwZQIxANIOQeE5+Y+D7xxSr09YKCkxDu+hTEAJ
-0Jdl6RsN1yAYXwQC+uDpuLFtFK6wCfkkTwIwYfHncH/VLj3FiGU9r020n1Ty7Kgm
-fzBqu2obFv7v0SoRuVaY8lMEo1kLMel3uaGI
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCTCBkQIBADASMRAwDgYDVQQDDAdycmVuZGVrMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAEkxQ/JE5FG7mZLT/d3jTv/tKSBAKnFaITcGPDLXzJTOG5PRbaS4Kr9PgS
-+5dn+VztqJ9Zpo+VB2BRrtExovN7hI4iEs8VnfIoeW+ugXpPjRfIUUBdAIq+17yJ
-nFxqdCa9oAAwCgYIKoZIzj0EAwIDZwAwZAIwU1YFf95rKyPzWcPqh6J7T86anGPp
-u4JOI3owLMqVkmNDRFHaX0MiKC0fK2K6F9KhAjB9PNfnF+U+XUzURgBk/k1gmhN3
-dIP8qzSNG7xr/q2zX9T2+kWwr8cujVk9SdMZvs8=
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCTCBjwIBADAQMQ4wDAYDVQQDDAVydG90aDB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABHp+IT806XQZu79+nivEYv2tn+2CgwBdOVMUgUQPK7yobuMQAP14hdJ2Er2K
-PQ2MRczv0i4XsNYKaMl6EvW030QRJ9oiS0SMT9nTfL7udqFbS67N/kDRQ5o7/ZoT
-xmiwOKAAMAoGCCqGSM49BAMCA2kAMGYCMQC5dDTbGjhQEFuZePDLLuofjiATkKWT
-uUCYIL/BejVZGrsWJr2gVfPvaqfKTlWPJoACMQCXPk3IxAlRRYT0j/OVGyHn+/zd
-/2zfmtoy7va1LXKTs0C0nZN68kF7UrKvtKxyFMg=
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCTCBkAIBADARMQ8wDQYDVQQDDAZzZXJ2ZXIwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAATzDoVNelF1JjXnVgkBT6e0dceYVafKIYi/DXopwO345fq7S/dzY5y1N7y2
-syQ8RnPQRk8lfLaYLwOFsBMRb8EKpM7RcB/0YPzMKSXAuSJhWCLWP9L2Z58G7Nqf
-s8of2p2gADAKBggqhkjOPQQDAgNoADBlAjAi4XYb4RfwUZhl6anNeeyPjC+hc0a7
-+VDfP7JO/jT1ZJMUu2pWyxWYSQnQeDLcDagCMQDXSrimsm3eOCxtHArtRmnaQ2co
-wyrc2q+Nf/7+7O8NIsdAWEcIDDmO4hNw0Gn+LBM=
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBDzCBlgIBADAXMRUwEwYDVQQDDAx6YmFydGFrb3ZpY3MwdjAQBgcqhkjOPQIB
-BgUrgQQAIgNiAASON4qsM7ElO0hjsYtJaNOiVre2aw7e7Z9+DsmMjR83gd6ZHO7Y
-dKzgc8uTvcZvMqIwrtaHk1kNswlnuvxLQ1Ss0oYsSgiRCNXvF060ZcNpVT9ltRhZ
-MegXIQTrrxHjsFagADAKBggqhkjOPQQDAgNoADBlAjEAtI4zlXdoRKDV6MsMmQlj
-HcNTayQ6SFCc8uZzXOS+GvKWNN05yJX7aJVpKhV64XbMAjBe20XbfTvkdOLrVYb5
-mnJ27Jj9aobYl3ILafAPOgthBX/t9YA2UCzCr5eJujxmLZM=
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCzCBkQIBADASMRAwDgYDVQQDDAd6ZmVsbGVnMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAEz9SPiBWiXxpdLd1RKw3xbgtNi4FnrDd1Cxr6+ghbTErRm2Pftt+93BR1
-R8N3bA72wXshS12RfpN+OawHaYYVn9iyhe4uJCS34RIq2QRb8yKeLPM6qjwN3igT
-i3q2cmIooAAwCgYIKoZIzj0EAwIDaQAwZgIxAN9ivd74Lzh+SsAoemHUqu6rhugM
-/wd54dqiap/Ckjr5SkEh2LxEGqlnMI6P9UpuzQIxAJzLyLFUg7OseNKzLCuXGJNu
-AOj3ZW41qcegZuZ1hEsWtkpdCLmrQIMRh0hNNT5JeQ==
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCzCBkQIBADASMRAwDgYDVQQDDAd6c25lbWVzMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAE751tg9VqwqzZpZ834I/MoThmh7jtszo7swTeyVRyTMUOUIEPnozNJ2GZ
-JVj2tMgMCy6VTqRksSW3MvUYYps6Zd48X7PDnTA0sqVFGLgXpu9HKUhW4P+TSqgh
-6Rv0cWN+oAAwCgYIKoZIzj0EAwIDaQAwZgIxAORI2d67T/kCfaAb3HmYNzE8tJSV
-a0JlXSbyNNR8qzE4y99kg+2Y45FqDiFwMWHrkgIxAIB2LM6T0Pr3bgM1dSanGIMy
-6A/alMG5hUjyZrDE9R9GmS/kqEw5IVMWwzCA8I8vKA==
------END CERTIFICATE REQUEST-----
+++ /dev/null
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-e2c3228e2b7b2e06ea31c36d88f0b025
-a43272d29c5e75ce0e0d848a22455f7f
-2fbbe2913630194ca637d987b9c9a62d
-4e68ce4cb9cc00a13475e749fdbf98c9
-cae6c8c4ef8e5b8bbf6d0cd30c217625
-382064df6f2fba84d572f0b462530549
-462ef72ebdf83b41bb1c25467d516938
-b9b82d3a5a6ba072c5ca7c1ed54500f1
-932f175f377cbf6a9250690eb36cf05b
-8d04c22756cb43d787d5c6efbbe78732
-02cdc11cf66cef8ccf0842f6f3de425a
-e0c1f29111e7aaf091b97b3958a35066
-94ba9f615b622339e6151314c6ea6014
-518c7ea5e064965985afab9a4bbba63e
-80fb88e0ab45db4f734c1650dcd01810
-c201d2efe838b414674643ce2d05fdab
------END OpenVPN Static key V1-----
+++ /dev/null
-# Easy-RSA 3 parameter settings
-
-# NOTE: If you installed Easy-RSA from your distro's package manager, don't edit
-# this file in place -- instead, you should copy the entire easy-rsa directory
-# to another location so future upgrades don't wipe out your changes.
-
-# HOW TO USE THIS FILE
-#
-# vars.example contains built-in examples to Easy-RSA settings. You MUST name
-# this file 'vars' if you want it to be used as a configuration file. If you do
-# not, it WILL NOT be automatically read when you call easyrsa commands.
-#
-# It is not necessary to use this config file unless you wish to change
-# operational defaults. These defaults should be fine for many uses without the
-# need to copy and edit the 'vars' file.
-#
-# All of the editable settings are shown commented and start with the command
-# 'set_var' -- this means any set_var command that is uncommented has been
-# modified by the user. If you're happy with a default, there is no need to
-# define the value to its default.
-
-# NOTES FOR WINDOWS USERS
-#
-# Paths for Windows *MUST* use forward slashes, or optionally double-esscaped
-# backslashes (single forward slashes are recommended.) This means your path to
-# the openssl binary might look like this:
-# "C:/Program Files/OpenSSL-Win32/bin/openssl.exe"
-
-# A little housekeeping: DON'T EDIT THIS SECTION
-#
-# Easy-RSA 3.x doesn't source into the environment directly.
-# Complain if a user tries to do this:
-if [ -z "$EASYRSA_CALLER" ]; then
- echo "You appear to be sourcing an Easy-RSA 'vars' file." >&2
- echo "This is no longer necessary and is disallowed. See the section called" >&2
- echo "'How to use this file' near the top comments for more details." >&2
- return 1
-fi
-
-# DO YOUR EDITS BELOW THIS POINT
-
-# This variable should point to the top level of the easy-rsa tree. By default,
-# this is taken to be the directory you are currently in.
-
-#set_var EASYRSA "$PWD"
-
-# If your OpenSSL command is not in the system PATH, you will need to define the
-# path to it here. Normally this means a full path to the executable, otherwise
-# you could have left it undefined here and the shown default would be used.
-#
-# Windows users, remember to use paths with forward-slashes (or escaped
-# back-slashes.) Windows users should declare the full path to the openssl
-# binary here if it is not in their system PATH.
-
-#set_var EASYRSA_OPENSSL "openssl"
-#
-# This sample is in Windows syntax -- edit it for your path if not using PATH:
-#set_var EASYRSA_OPENSSL "C:/Program Files/OpenSSL-Win32/bin/openssl.exe"
-
-# Edit this variable to point to your soon-to-be-created key directory.
-#
-# WARNING: init-pki will do a rm -rf on this directory so make sure you define
-# it correctly! (Interactive mode will prompt before acting.)
-
-#set_var EASYRSA_PKI "$EASYRSA/pki"
-
-# Define X509 DN mode.
-# This is used to adjust what elements are included in the Subject field as the DN
-# (this is the "Distinguished Name.")
-# Note that in cn_only mode the Organizational fields further below aren't used.
-#
-# Choices are:
-# cn_only - use just a CN value
-# org - use the "traditional" Country/Province/City/Org/OU/email/CN format
-
-#set_var EASYRSA_DN "cn_only"
-
-# Organizational fields (used with 'org' mode and ignored in 'cn_only' mode.)
-# These are the default values for fields which will be placed in the
-# certificate. Don't leave any of these fields blank, although interactively
-# you may omit any specific field by typing the "." symbol (not valid for
-# email.)
-
-#set_var EASYRSA_REQ_COUNTRY "US"
-#set_var EASYRSA_REQ_PROVINCE "California"
-#set_var EASYRSA_REQ_CITY "San Francisco"
-#set_var EASYRSA_REQ_ORG "Copyleft Certificate Co"
-#set_var EASYRSA_REQ_EMAIL "me@example.net"
-#set_var EASYRSA_REQ_OU "My Organizational Unit"
-
-# Choose a size in bits for your keypairs. The recommended value is 2048. Using
-# 2048-bit keys is considered more than sufficient for many years into the
-# future. Larger keysizes will slow down TLS negotiation and make key/DH param
-# generation take much longer. Values up to 4096 should be accepted by most
-# software. Only used when the crypto alg is rsa (see below.)
-
-#set_var EASYRSA_KEY_SIZE 2048
-
-# The default crypto mode is rsa; ec can enable elliptic curve support.
-# Note that not all software supports ECC, so use care when enabling it.
-# Choices for crypto alg are: (each in lower-case)
-# * rsa
-# * ec
-
-set_var EASYRSA_ALGO ec
-
-# Define the named curve, used in ec mode only:
-
-#set_var EASYRSA_CURVE secp384r1
-
-# In how many days should the root CA key expire?
-
-#set_var EASYRSA_CA_EXPIRE 3650
-
-# In how many days should certificates expire?
-
-#set_var EASYRSA_CERT_EXPIRE 3650
-
-# How many days until the next CRL publish date? Note that the CRL can still be
-# parsed after this timeframe passes. It is only used for an expected next
-# publication date.
-
-#set_var EASYRSA_CRL_DAYS 180
-
-# Support deprecated "Netscape" extensions? (choices "yes" or "no".) The default
-# is "no" to discourage use of deprecated extensions. If you require this
-# feature to use with --ns-cert-type, set this to "yes" here. This support
-# should be replaced with the more modern --remote-cert-tls feature. If you do
-# not use --ns-cert-type in your configs, it is safe (and recommended) to leave
-# this defined to "no". When set to "yes", server-signed certs get the
-# nsCertType=server attribute, and also get any NS_COMMENT defined below in the
-# nsComment field.
-
-#set_var EASYRSA_NS_SUPPORT "no"
-
-# When NS_SUPPORT is set to "yes", this field is added as the nsComment field.
-# Set this blank to omit it. With NS_SUPPORT set to "no" this field is ignored.
-
-#set_var EASYRSA_NS_COMMENT "Easy-RSA Generated Certificate"
-
-# A temp file used to stage cert extensions during signing. The default should
-# be fine for most users; however, some users might want an alternative under a
-# RAM-based FS, such as /dev/shm or /tmp on some systems.
-
-#set_var EASYRSA_TEMP_FILE "$EASYRSA_PKI/extensions.temp"
-
-# !!
-# NOTE: ADVANCED OPTIONS BELOW THIS POINT
-# PLAY WITH THEM AT YOUR OWN RISK
-# !!
-
-# Broken shell command aliases: If you have a largely broken shell that is
-# missing any of these POSIX-required commands used by Easy-RSA, you will need
-# to define an alias to the proper path for the command. The symptom will be
-# some form of a 'command not found' error from your shell. This means your
-# shell is BROKEN, but you can hack around it here if you really need. These
-# shown values are not defaults: it is up to you to know what you're doing if
-# you touch these.
-#
-#alias awk="/alt/bin/awk"
-#alias cat="/alt/bin/cat"
-
-# X509 extensions directory:
-# If you want to customize the X509 extensions used, set the directory to look
-# for extensions here. Each cert type you sign must have a matching filename,
-# and an optional file named 'COMMON' is included first when present. Note that
-# when undefined here, default behaviour is to look in $EASYRSA_PKI first, then
-# fallback to $EASYRSA for the 'x509-types' dir. You may override this
-# detection with an explicit dir here.
-#
-#set_var EASYRSA_EXT_DIR "$EASYRSA/x509-types"
-
-# OpenSSL config file:
-# If you need to use a specific openssl config file, you can reference it here.
-# Normally this file is auto-detected from a file named openssl-1.0.cnf from the
-# EASYRSA_PKI or EASYRSA dir (in that order.) NOTE that this file is Easy-RSA
-# specific and you cannot just use a standard config file, so this is an
-# advanced feature.
-
-#set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-1.0.cnf"
-
-# Default CN:
-# This is best left alone. Interactively you will set this manually, and BATCH
-# callers are expected to set this themselves.
-
-#set_var EASYRSA_REQ_CN "ChangeMe"
-
-# Cryptographic digest to use.
-# Do not change this default unless you understand the security implications.
-# Valid choices include: md5, sha1, sha256, sha224, sha384, sha512
-
-#set_var EASYRSA_DIGEST "sha256"
-
-# Batch mode. Leave this disabled unless you intend to call Easy-RSA explicitly
-# in batch mode without any user input, confirmation on dangerous operations,
-# or most output. Setting this to any non-blank string enables batch mode.
-
-#set_var EASYRSA_BATCH ""
-
+++ /dev/null
-# X509 extensions added to every signed cert
-
-# This file is included for every cert signed, and by default does nothing.
-# It could be used to add values every cert should have, such as a CDP as
-# demonstrated in the following example:
-
-#crlDistributionPoints = URI:http://example.net/pki/my_ca.crl
+++ /dev/null
-# X509 extensions for a ca
-
-# Note that basicConstraints will be overridden by Easy-RSA when defining a
-# CA_PATH_LEN for CA path length limits. You could also do this here
-# manually as in the following example in place of the existing line:
-#
-# basicConstraints = CA:TRUE, pathlen:1
-
-basicConstraints = CA:TRUE
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always,issuer:always
-keyUsage = cRLSign, keyCertSign
-
+++ /dev/null
-# X509 extensions for a client
-
-basicConstraints = CA:FALSE
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid,issuer:always
-extendedKeyUsage = clientAuth
-keyUsage = digitalSignature
-
+++ /dev/null
-# X509 extensions for a server
-
-basicConstraints = CA:FALSE
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid,issuer:always
-extendedKeyUsage = serverAuth
-keyUsage = digitalSignature,keyEncipherment
-
# Regular users
-acsiba
akosztolanyi
azsamboki
bcsoka
csgulyas
+cslevai
dvasary
fritter
fschnell
+ifabian
khorvath
kkele
mszabo
rrendek
-zbak
+tsuhajda
zbartakovics
zfelleg
https://git.useribm.hu / user-lxc.git / commitdiff