pcs host auth vhost2 addr=10.228.93.2 -u hacluster -p Passw@rd01
pcs cluster setup lxc-cluster --start --enable \
- vhost1 addr=10.228.93.1 addr=vhost1.mlx1.useribm.hu addr=vhost1.mlx2.useribm.hu \
- vhost2 addr=10.228.93.2 addr=vhost2.mlx1.useribm.hu addr=vhost2.mlx2.useribm.hu
+ vhost1 addr=10.228.93.1 addr=172.16.131.221 addr=172.16.132.221 \
+ vhost2 addr=10.228.93.2 addr=172.16.131.222 addr=172.16.132.222
CLUSTER_NODES_STARTED=0
while [ $CLUSTER_NODES_STARTED -lt 2 ]
hardware ethernet 00:50:56:00:2a:b4;
fixed-address 10.228.42.180;
}
-host azsssam {
- hardware ethernet 00:50:56:00:24:d1;
- fixed-address 10.228.36.209;
-}
-host azsssamdev {
- hardware ethernet 00:50:56:00:24:c2;
- fixed-address 10.228.36.194;
-}
-host azsnfs {
- hardware ethernet 00:50:56:00:24:92;
- fixed-address 10.228.36.146;
-}
-host azsgpfs2 {
- hardware ethernet 00:50:56:00:24:58;
- fixed-address 10.228.36.88;
-}
-host azsgpfs1 {
- hardware ethernet 00:50:56:00:24:57;
- fixed-address 10.228.36.87;
+host cfserver {
+ hardware ethernet 00:0c:29:ca:eb:d3;
+ fixed-address 10.228.36.1;
}
host cdvm {
hardware ethernet 00:50:56:00:22:e9;
ipv4.gateway "188.6.255.9" \
ipv4.method "manual" \
ipv4.route-metric 100 \
- ipv4.routes "10.228.0.0/16 192.168.173.1, 192.168.42.0/24 192.168.173.1, 192.168.43.0/24 192.168.173.1" \
ipv6.method "disabled" \
save yes
#ipv4.route-table 150 \
ipv4.method "manual" \
ipv4.route-metric 100 \
ipv4.route-table 30 \
+ ipv4.routes "10.228.0.0/16 192.168.173.1, 192.168.42.0/24 192.168.173.1, 192.168.43.0/24 192.168.173.1" \
ipv6.addresses "2a02:d400:0000:f200:000c:18ff:fe03:8961/64" \
ipv6.gateway "2a02:d400:0000:f200::1" \
ipv6.method "manual" \
184.42 IN PTR jenkinstst.in.useribm.hu.
180.42 IN PTR ssam71.in.useribm.hu.
+; ================================================================
+; cloudforms (cf = 3 * 10 + 6 = 36)
+; ================================================================
+1.36 IN PTR cfserver.in.useribm.hu.
+
; ================================================================
; capi development (cd = 3 * 10 + 4 = 34)
; ================================================================
jenkinstst IN A 10.228.42.184
ssam71 IN A 10.228.42.180
+; ================================================================
+; cloudforms (cf = 3 * 10 + 6 = 36)
+; ================================================================
+cfserver IN A 10.228.36.1
+
; ================================================================
; capi development (cd = 3 * 10 + 4 = 34)
; ================================================================
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- 26:84:6a:96:d0:db:00:70:3b:7d:c8:aa:d6:0a:5b:07
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ b7:e4:9a:ec:69:ad:ac:37:db:3d:e7:3a:72:68:05:aa
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:12:51 2019 GMT
- Not After : Jul 14 13:12:51 2022 GMT
+ Not Before: Jan 27 16:52:59 2022 GMT
+ Not After : Jan 25 16:52:59 2032 GMT
Subject: CN=akosztolanyi
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:97:d4:89:82:0c:1b:ad:c4:4b:dd:4c:19:a5:f5:
- d8:3c:42:9d:d2:b0:0d:9e:6c:a6:a8:62:9a:bf:fd:
- 78:9d:76:f4:02:ad:51:9f:97:12:59:bc:c1:a3:a0:
- 17:35:76:2f:74:ea:b9:d3:72:4b:35:94:40:f3:7e:
- b5:1c:af:51:d1:b4:d3:7a:69:3d:7f:1e:51:97:fe:
- e3:4a:ec:01:c6:e9:89:e9:8e:b7:94:a3:72:12:6e:
- 66:c5:a2:de:ad:27:e2
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:cd:02:9c:1d:2c:a3:f2:9f:dc:ed:e2:44:32:e2:
+ 0f:02:2e:47:45:a2:a5:22:31:5a:8e:c8:68:c6:df:
+ 63:6b:25:32:62:ee:db:16:97:dd:60:21:61:a9:cb:
+ 77:6c:99:45:d1:5a:bf:b5:4c:0e:30:a6:33:ae:12:
+ 37:66:38:ec:5c:e5:b9:7c:4f:0e:14:b0:1a:c1:a8:
+ 50:e3:56:01:ce:68:0d:63:d4:9a:1b:33:95:f0:d5:
+ 38:7a:0d:d5:b3:a7:73:2f:a3:ed:54:bb:4e:40:0a:
+ 09:0b:ed:73:38:e0:bd:65:36:2e:92:29:b9:59:e1:
+ 3b:e6:bf:74:6b:8d:2a:f7:61:31:ba:10:04:98:d3:
+ b5:73:b7:74:bc:06:d7:c0:7c:33:4b:18:d7:5a:ea:
+ bf:87:7d:95:3e:ba:d9:5a:ad:c7:40:8e:6f:5b:90:
+ 38:91:54:f2:b8:30:71:b3:ad:d4:2f:c8:19:66:83:
+ 99:28:ba:7e:2f:00:c2:df:cc:e6:88:08:e4:ef:c2:
+ e3:e5:47:8b:6d:2d:70:b4:71:de:33:c5:47:9e:e6:
+ 2e:f7:7d:de:81:6f:ad:a4:00:44:b5:78:4f:3d:43:
+ 43:ef:5d:5a:0b:56:be:ab:da:22:2d:80:f1:99:fe:
+ 13:d7:a2:8e:4a:fb:31:1f:8e:27:fd:40:79:e1:73:
+ f3:d7
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- E9:6C:48:68:A1:BA:B9:7D:A3:9C:BF:89:F3:87:51:9B:B1:6C:9B:16
+ AB:71:5B:8D:67:12:A3:DB:00:A1:63:AA:37:72:C3:EC:6A:82:CC:FB
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:6c:e9:e9:01:19:c4:53:40:ff:e6:bb:36:1f:51:
- cd:1f:40:88:1d:e2:b3:8d:61:48:5d:ec:de:f8:20:c1:21:b1:
- 38:5e:0b:c3:f7:ae:9c:41:38:36:73:a0:06:b6:a4:55:02:31:
- 00:cc:50:fa:3f:7a:6c:6b:90:bf:6a:c6:af:1e:94:88:b7:90:
- 5d:b7:27:cf:b3:28:bc:ee:31:99:f0:9b:87:48:06:d2:6d:24:
- f0:d1:ad:be:94:b8:22:64:63:0f:d0:2d:85
+ Signature Algorithm: sha256WithRSAEncryption
+ 3c:b1:50:93:48:68:cc:42:76:ba:3e:f4:c7:38:95:40:18:23:
+ 17:6b:0e:2b:f9:13:25:d3:5e:49:e5:51:38:6c:66:da:c4:c1:
+ df:9f:71:96:65:6c:53:1d:bf:af:98:05:d5:4d:c2:cf:f3:6d:
+ cc:92:7c:79:c6:cc:47:5b:8a:9e:95:f5:fa:02:9d:69:73:b7:
+ 75:93:6f:18:f2:b8:15:97:08:a6:fa:c8:a9:e9:6d:44:bf:cb:
+ 77:73:b4:6a:02:55:c0:fb:3e:f0:e1:a3:a7:35:90:d1:91:79:
+ f1:3d:0f:b7:c9:2c:0a:de:c7:23:c2:10:b6:2c:d2:8a:a7:bf:
+ 11:ea:64:cb:93:99:c3:f6:0c:3f:57:a2:65:27:7e:ce:d2:f7:
+ 85:e2:ec:66:56:b4:a1:d6:5f:4b:56:6f:fb:93:1b:77:80:7a:
+ f4:c4:9d:59:71:09:d3:08:ba:75:0a:57:ce:c6:a0:08:e9:cd:
+ 94:0d:39:51:3b:e1:a1:a8:97:a9:26:4c:4d:fe:a6:e2:86:11:
+ 1c:2a:34:4d:ab:89:b2:ea:35:39:57:90:65:74:f8:89:75:53:
+ 0b:50:74:64:26:52:39:8b:b4:b7:6c:3a:a5:2d:59:68:fa:80:
+ ef:93:79:92:fe:88:ea:80:b8:bc:d0:79:c6:1f:a6:6d:01:5b:
+ 58:1d:30:0e
-----BEGIN CERTIFICATE-----
-MIICEzCCAZmgAwIBAgIQJoRqltDbAHA7fciq1gpbBzAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMjUxWhcNMjIwNzE0
-MTMxMjUxWjAXMRUwEwYDVQQDDAxha29zenRvbGFueWkwdjAQBgcqhkjOPQIBBgUr
-gQQAIgNiAASX1ImCDButxEvdTBml9dg8Qp3SsA2ebKaoYpq//XiddvQCrVGflxJZ
-vMGjoBc1di906rnTcks1lEDzfrUcr1HRtNN6aT1/HlGX/uNK7AHG6YnpjreUo3IS
-bmbFot6tJ+KjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQU6WxIaKG6uX2jnL+J
-84dRm7FsmxYwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBox
-GDAWBgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5Sgaeww
-EwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gA
-MGUCMGzp6QEZxFNA/+a7Nh9RzR9AiB3is41hSF3s3vggwSGxOF4Lw/eunEE4NnOg
-BrakVQIxAMxQ+j96bGuQv2rGrx6UiLeQXbcnz7MovO4xmfCbh0gG0m0k8NGtvpS4
-ImRjD9AthQ==
+MIIDWzCCAkOgAwIBAgIRALfkmuxpraw32z3nOnJoBaowDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1MjU5WhcNMzIwMTI1
+MTY1MjU5WjAXMRUwEwYDVQQDDAxha29zenRvbGFueWkwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDNApwdLKPyn9zt4kQy4g8CLkdFoqUiMVqOyGjG32Nr
+JTJi7tsWl91gIWGpy3dsmUXRWr+1TA4wpjOuEjdmOOxc5bl8Tw4UsBrBqFDjVgHO
+aA1j1JobM5Xw1Th6DdWzp3Mvo+1Uu05ACgkL7XM44L1lNi6SKblZ4Tvmv3RrjSr3
+YTG6EASY07Vzt3S8BtfAfDNLGNda6r+HfZU+utlarcdAjm9bkDiRVPK4MHGzrdQv
+yBlmg5koun4vAMLfzOaICOTvwuPlR4ttLXC0cd4zxUee5i73fd6Bb62kAES1eE89
+Q0PvXVoLVr6r2iItgPGZ/hPXoo5K+zEfjif9QHnhc/PXAgMBAAGjgaIwgZ8wCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUq3FbjWcSo9sAoWOqN3LD7GqCzPswUQYDVR0jBEow
+SIAUSUNbUvgxeLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNB
+IENBghR1zzE7pfY7l0pNuhTRWMqTy/F/pTATBgNVHSUEDDAKBggrBgEFBQcDAjAL
+BgNVHQ8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBADyxUJNIaMxCdro+9Mc4lUAY
+IxdrDiv5EyXTXknlUThsZtrEwd+fcZZlbFMdv6+YBdVNws/zbcySfHnGzEdbip6V
+9foCnWlzt3WTbxjyuBWXCKb6yKnpbUS/y3dztGoCVcD7PvDho6c1kNGRefE9D7fJ
+LArexyPCELYs0oqnvxHqZMuTmcP2DD9XomUnfs7S94Xi7GZWtKHWX0tWb/uTG3eA
+evTEnVlxCdMIunUKV87GoAjpzZQNOVE74aGol6kmTE3+puKGERwqNE2ribLqNTlX
+kGV0+Il1UwtQdGQmUjmLtLdsOqUtWWj6gO+TeZL+iOqAuLzQecYfpm0BW1gdMA4=
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAAawl07oNQMZCfcl3T
-oCd6VLq2esm4lDOpS6pk79zJuxrVrgWXWZ3DJdVPE939ZZyhZANiAASX1ImCDBut
-xEvdTBml9dg8Qp3SsA2ebKaoYpq//XiddvQCrVGflxJZvMGjoBc1di906rnTcks1
-lEDzfrUcr1HRtNN6aT1/HlGX/uNK7AHG6YnpjreUo3ISbmbFot6tJ+I=
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDNApwdLKPyn9zt
+4kQy4g8CLkdFoqUiMVqOyGjG32NrJTJi7tsWl91gIWGpy3dsmUXRWr+1TA4wpjOu
+EjdmOOxc5bl8Tw4UsBrBqFDjVgHOaA1j1JobM5Xw1Th6DdWzp3Mvo+1Uu05ACgkL
+7XM44L1lNi6SKblZ4Tvmv3RrjSr3YTG6EASY07Vzt3S8BtfAfDNLGNda6r+HfZU+
+utlarcdAjm9bkDiRVPK4MHGzrdQvyBlmg5koun4vAMLfzOaICOTvwuPlR4ttLXC0
+cd4zxUee5i73fd6Bb62kAES1eE89Q0PvXVoLVr6r2iItgPGZ/hPXoo5K+zEfjif9
+QHnhc/PXAgMBAAECggEAEzXEZSNytWBvdkb2dwIhv+WQPiEwchTH1ItI7iGukjKp
+FwYkt2hBkSlvmlZ7eUyfcy+auSVISxy3yP7h/A0ncMkB6XkK67tYtn7MHZFImAu9
+/XXFfvkFesyv/xfex3fQXk1xBriKa4vFLz3vxwugE6TRFlccjCSD1WppQU64EPf6
+ZFbnd3oDg3DTLB4sRP50LRRiOd0LGd5Rrfvfm9+4os5MB8O0zD/KuJtFLTCVPPZs
+v7xHq49y2aokUj4ZpYli1Cw8gMypL32ZIgWHtXaclZL2x5jMZNRj2r+suSArweCB
+KKJpG4VJNTTSvLDDsFvZF3Ax5NSofDW2xFNAb/kAGQKBgQD9/WHWoRYH6dP9g/Kl
+1aG0fuqMIfPZCRk/2ogDd2EcxJ2QfcMnJGmTYQtyDPu5UPw7uQi4VP0NBSzLMC4t
+gNQTPPBuZYWr+anDNmxJuy85Aitaay+iQHUvLE+l4MviueYv6CTE5XC7TFtFJ6c+
+psfXFQZZlnNUiBfVy+lMWMJSowKBgQDOof0EjoC7XBoiLg9CgHrRBho6yZtwxfN2
+xSO4V6JabE+hytgs0NGRw91ZAkrJZCAgns4RkN57lJa62T9uTGfJgSuOwoh4b7As
+Z0ZUxgb8OHMdJLsfS/4s9rAvE4AS4lDSHX/2KBdscguEiqTy+eauAwvfHuSaJeYA
+ZrL7irfhPQKBgCII6ClooJki3kNkgQlz3R1gvHFWw2Rb8cQ6tmswfhTqy+pmz9XY
+7UTQhkYcM0cb8RDXtLFuwhISlXQM2sNCNij1y4oflI/8/qCoFE61BJjxD3ooTtPB
+K3LMz0d9HhUdsBjPVM4FqNuQWdKkg6bDlpfdu2IZ5Q54xijiEDso0bFdAoGAKNIh
+nQvV7K2mUAhPZXDiUnblKaX4ek/w6A7MHrfZUAnDtY/QIxJhxG0wRkxIn/6Sxj75
+MMkw2rMhD+qpOE4J1uoYw8w0j65o3GzOnSK98IfqXeCKwwUNQq69YZ91lsV09/1x
+8Rw8fGUPV3DYY1PxOYFKkBqXSMih5oRjaYQfDXUCgYA7DrzT8VANm8LNJH0aStSf
+Pgcd4zZb9hPbBaV2QMlZulbvYA5/01Nhqbhjdg7aQ3sDVINWoxS2BN2Uab/NAkNP
+biOnv2AOmscJ9a4zyYQqtT3TrmuR/HdiBMd2+wIE708mifXLuDR6t4KH1gWZkAuO
+2Vkf/8W3elyje5X2/kdhMQ==
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 29:f1:f8:31:17:93:d7:58:d5:ad:0e:ce:a7:26:70:33
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:13:11 2019 GMT
- Not After : Jul 14 13:13:11 2022 GMT
- Subject: CN=azsamboki
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:34:0d:f3:0e:e6:05:69:f3:24:7d:ef:19:0c:ce:
- 04:bd:24:34:e3:8c:e5:2b:7e:3f:70:39:55:9b:2e:
- 73:fa:c6:4e:44:42:95:69:82:13:85:98:63:5a:25:
- dc:1c:b2:32:9c:97:01:b5:fb:c4:dd:59:05:8a:ab:
- b6:c1:b2:13:03:0a:e3:8b:e7:ea:62:c1:71:1b:4f:
- 20:74:9c:0b:df:46:56:6c:03:d5:8c:d8:4c:02:e9:
- 6e:62:3a:1f:b3:0e:ba
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 19:A1:EF:03:DB:DF:4F:40:2A:FD:35:E0:C9:ED:DD:75:47:2F:32:1B
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:d2:08:c6:1b:75:81:72:2e:c6:46:cd:47:11:
- 2e:7c:3e:ba:e2:75:1c:8c:48:e1:4f:ac:61:5b:07:26:97:cc:
- 0a:38:7f:0d:e4:63:35:c6:a5:8e:39:f3:4c:18:79:6d:0a:02:
- 30:54:57:e5:dd:49:2b:8e:3e:89:ef:87:2f:d4:f4:ef:a3:95:
- 2d:f5:87:5a:3a:1f:93:58:7d:c5:fe:9a:45:f1:8f:d1:44:13:
- 30:b0:07:c0:b6:80:35:3f:b8:a8:96:c7:8c
------BEGIN CERTIFICATE-----
-MIICEDCCAZagAwIBAgIQKfH4MReT11jVrQ7OpyZwMzAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMzExWhcNMjIwNzE0
-MTMxMzExWjAUMRIwEAYDVQQDDAlhenNhbWJva2kwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAAQ0DfMO5gVp8yR97xkMzgS9JDTjjOUrfj9wOVWbLnP6xk5EQpVpghOFmGNa
-JdwcsjKclwG1+8TdWQWKq7bBshMDCuOL5+piwXEbTyB0nAvfRlZsA9WM2EwC6W5i
-Oh+zDrqjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUGaHvA9vfT0Aq/TXgye3d
-dUcvMhswVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAW
-BgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYD
-VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUC
-MQDSCMYbdYFyLsZGzUcRLnw+uuJ1HIxI4U+sYVsHJpfMCjh/DeRjNcaljjnzTBh5
-bQoCMFRX5d1JK44+ie+HL9T076OVLfWHWjofk1h9xf6aRfGP0UQTMLAHwLaANT+4
-qJbHjA==
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDVEmbLHw/XijB+525e
-66kG1MP6JphJr44lPXVQvIujmajoE+MTm78fNuiGTdATr9uhZANiAAQ0DfMO5gVp
-8yR97xkMzgS9JDTjjOUrfj9wOVWbLnP6xk5EQpVpghOFmGNaJdwcsjKclwG1+8Td
-WQWKq7bBshMDCuOL5+piwXEbTyB0nAvfRlZsA9WM2EwC6W5iOh+zDro=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 46:6e:f0:8c:89:77:64:34:62:2c:ea:be:e1:df:93:68
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:13:22 2019 GMT
- Not After : Jul 14 13:13:22 2022 GMT
- Subject: CN=bcsoka
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:a7:95:bf:6c:8e:0f:34:9c:ca:14:8b:33:4d:80:
- 55:98:1e:10:c3:e9:84:7f:72:4d:f2:61:68:70:59:
- c7:6f:6d:02:c4:22:cf:58:80:e7:35:18:6e:ee:11:
- fe:29:01:c3:ea:79:85:83:e6:0c:6f:c5:d8:7f:9f:
- d5:55:27:7b:a8:17:14:2d:94:e5:c4:a4:9f:ac:b8:
- 38:02:c0:41:5a:1a:8a:63:e5:c3:52:27:62:57:0b:
- 14:6b:36:cc:8e:51:3f
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 5A:57:D9:73:6A:27:49:66:7D:18:9E:2A:96:1F:4C:49:7E:AD:9C:15
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:2b:52:16:40:fb:43:11:6a:9a:45:62:58:5b:f5:
- 19:34:3f:32:fe:f7:d0:82:4a:32:98:61:0f:22:22:99:9a:16:
- b3:94:79:46:fe:a2:7a:9c:9a:86:a6:31:4e:72:f4:54:02:31:
- 00:94:2c:a6:21:e6:78:73:3e:d9:93:89:c6:72:72:8e:1d:17:
- 87:07:27:22:2c:5d:2c:00:f1:38:1f:17:fb:0e:c1:c9:52:80:
- 52:ba:1c:79:93:69:c1:59:0e:f0:a0:cd:76
------BEGIN CERTIFICATE-----
-MIICDTCCAZOgAwIBAgIQRm7wjIl3ZDRiLOq+4d+TaDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMzIyWhcNMjIwNzE0
-MTMxMzIyWjARMQ8wDQYDVQQDDAZiY3Nva2EwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
-AASnlb9sjg80nMoUizNNgFWYHhDD6YR/ck3yYWhwWcdvbQLEIs9YgOc1GG7uEf4p
-AcPqeYWD5gxvxdh/n9VVJ3uoFxQtlOXEpJ+suDgCwEFaGopj5cNSJ2JXCxRrNsyO
-UT+jgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUWlfZc2onSWZ9GJ4qlh9MSX6t
-nBUwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNV
-BAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0l
-BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUCMCtS
-FkD7QxFqmkViWFv1GTQ/Mv730IJKMphhDyIimZoWs5R5Rv6iepyahqYxTnL0VAIx
-AJQspiHmeHM+2ZOJxnJyjh0XhwcnIixdLADxOB8X+w7ByVKAUroceZNpwVkO8KDN
-dg==
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDW2V2Xoel5TxZHAr05
-sZS3frZowpcmgSGHc5yQagP0O0qR6qZFC78bee0wsOy/fG2hZANiAASnlb9sjg80
-nMoUizNNgFWYHhDD6YR/ck3yYWhwWcdvbQLEIs9YgOc1GG7uEf4pAcPqeYWD5gxv
-xdh/n9VVJ3uoFxQtlOXEpJ+suDgCwEFaGopj5cNSJ2JXCxRrNsyOUT8=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 6c:ec:ac:4a:d5:4f:bc:03:e4:72:a5:9b:07:27:af:32
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Oct 8 08:57:29 2019 GMT
- Not After : Sep 22 08:57:29 2022 GMT
- Subject: CN=bme
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:86:d3:5d:6e:be:3e:91:90:d7:a3:2c:d2:6a:2a:
- 4f:bb:cd:52:4e:46:5b:1b:60:f0:cb:aa:5b:b4:88:
- 71:f4:71:00:e4:b8:cb:74:ce:b8:9d:c1:fd:5c:69:
- a7:28:66:21:43:11:4a:35:06:cb:1c:57:0b:37:9b:
- f1:2f:78:2a:d2:1d:01:49:66:71:25:74:74:0e:be:
- 93:75:40:6c:cb:0a:81:0e:23:7c:b7:f9:9b:e1:d0:
- c4:d2:1c:6d:da:ca:f2
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- F9:F8:F4:23:C5:01:A0:4F:6A:66:BB:D9:A0:AB:2E:5A:4D:05:10:96
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:1c:97:83:ea:9d:3f:9e:9b:99:26:1f:42:df:01:
- b0:d5:33:0b:b5:40:9d:be:20:1c:c2:ef:ab:7e:1b:14:d6:72:
- e2:43:19:6c:ec:2b:db:cf:ab:bf:21:27:2e:4f:0f:80:02:30:
- 7e:e7:f7:c3:21:78:67:a5:71:7b:cb:45:cd:6f:8c:07:36:de:
- fb:77:0a:08:f6:c7:3b:06:eb:f8:37:f0:2c:06:6b:c6:2a:95:
- 0c:02:e4:87:34:ee:f9:af:93:27:b1:b5
------BEGIN CERTIFICATE-----
-MIICCTCCAZCgAwIBAgIQbOysStVPvAPkcqWbByevMjAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkxMDA4MDg1NzI5WhcNMjIwOTIy
-MDg1NzI5WjAOMQwwCgYDVQQDDANibWUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASG
-011uvj6RkNejLNJqKk+7zVJORlsbYPDLqlu0iHH0cQDkuMt0zridwf1caacoZiFD
-EUo1BsscVws3m/EveCrSHQFJZnEldHQOvpN1QGzLCoEOI3y3+Zvh0MTSHG3ayvKj
-gaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQU+fj0I8UBoE9qZrvZoKsuWk0FEJYw
-VQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNVBAMM
-D1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0lBAww
-CgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2cAMGQCMByXg+qd
-P56bmSYfQt8BsNUzC7VAnb4gHMLvq34bFNZy4kMZbOwr28+rvyEnLk8PgAIwfuf3
-wyF4Z6Vxe8tFzW+MBzbe+3cKCPbHOwbr+DfwLAZrxiqVDALkhzTu+a+TJ7G1
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDGOiNJILhTWN7SPHdY
-gpwEUN8RoQ0ZNV1vZGV8yKqoQbfc58QwZ7b1HLT95z79oeuhZANiAASG011uvj6R
-kNejLNJqKk+7zVJORlsbYPDLqlu0iHH0cQDkuMt0zridwf1caacoZiFDEUo1Bssc
-Vws3m/EveCrSHQFJZnEldHQOvpN1QGzLCoEOI3y3+Zvh0MTSHG3ayvI=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
------END OpenVPN Static key V1-----
-</tls-auth>
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- a1:74:ec:e4:d9:52:56:fa:d7:ad:43:1c:5e:3a:e2:84
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ cc:ff:e2:58:83:b8:5d:b6:9b:12:89:cf:9a:aa:2f:d4
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:13:36 2019 GMT
- Not After : Jul 14 13:13:36 2022 GMT
+ Not Before: Jan 27 16:53:22 2022 GMT
+ Not After : Jan 25 16:53:22 2032 GMT
Subject: CN=csgulyas
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:82:03:91:ad:e7:76:b7:8d:51:86:6d:cc:e3:15:
- 91:6c:ac:31:e7:6d:e1:44:0d:c3:29:95:7c:5e:e1:
- e8:37:aa:00:f6:47:74:18:e7:28:90:95:16:6c:08:
- e2:9f:d7:24:55:46:22:1c:19:9f:06:4b:9b:8e:96:
- 4b:5d:bb:c0:ad:35:5a:06:73:10:36:32:1d:89:e6:
- b1:9e:f3:62:0d:8f:85:70:72:4c:48:4a:47:f0:fa:
- eb:f6:7b:9c:7f:a8:7a
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:c6:73:39:5f:81:fd:b4:0c:84:c8:23:e0:44:80:
+ f5:9f:c1:cd:0f:f8:b8:4b:dd:c9:b0:8a:74:b4:23:
+ 37:34:c9:d9:82:95:d9:f0:a1:9e:54:3a:c4:33:19:
+ cd:71:96:ee:55:f2:10:67:34:de:dc:0a:b2:21:04:
+ d9:d7:5b:15:29:7f:08:54:da:0c:b5:ec:39:b8:78:
+ 92:03:07:1d:36:3d:ca:54:75:e9:67:fe:bb:b8:d2:
+ 30:72:6a:e7:5c:39:1f:93:bb:b4:62:40:6c:d3:c5:
+ a7:4f:24:7c:1e:0d:f9:ea:15:cd:1b:f1:e5:5b:86:
+ 7b:99:03:99:20:b0:2a:2f:58:2a:aa:b6:0f:e6:6e:
+ 1e:dc:43:57:04:dd:32:d7:ec:01:2c:1c:83:52:02:
+ 04:c2:8f:cd:69:da:ed:33:e1:ff:69:65:2e:26:67:
+ 23:a6:81:35:05:7c:52:c7:49:8a:69:38:26:9e:87:
+ fd:53:2a:9b:7b:90:d1:1a:b8:4e:fc:b7:6e:0c:26:
+ b8:55:b2:50:72:4c:d5:cb:8b:dd:de:e6:da:b4:b4:
+ 02:12:1c:24:84:bd:81:8a:4d:78:b8:6f:bc:dc:5a:
+ 03:da:70:44:48:10:13:bd:ba:be:db:94:e8:6b:71:
+ be:d0:cf:03:99:56:fe:c5:ad:68:51:ee:ff:7d:25:
+ 80:ff
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 7E:44:12:28:E0:31:C6:7D:40:5A:E4:D5:86:5D:90:10:CC:14:12:33
+ 74:79:FB:63:0E:0D:0C:52:6E:FD:DC:CD:22:A3:E6:59:9E:0D:93:E7
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:2c:e3:e6:64:cd:43:ae:4a:9c:d7:40:66:cb:b2:
- 1e:90:c3:97:17:32:f8:df:62:fd:54:32:d3:85:ee:bb:71:5e:
- 4a:e2:23:ea:a4:cb:75:3a:72:ac:ca:f6:1b:f5:6b:57:02:31:
- 00:e7:0a:38:06:b4:97:17:2c:f3:76:cc:aa:1e:6e:8d:be:12:
- 7e:0a:ef:d6:34:fa:42:37:e1:6d:d3:bb:1f:75:39:a3:c5:40:
- 32:37:7e:ba:c1:18:d4:cb:1b:55:62:ad:1b
+ Signature Algorithm: sha256WithRSAEncryption
+ 17:0c:56:0d:55:55:8a:58:6a:c0:b6:b1:0e:df:ce:77:a6:a6:
+ 09:4b:07:f8:01:5b:e2:b9:21:1d:d9:3c:63:14:7c:f4:b8:1f:
+ db:90:c8:bb:c5:c1:ef:86:08:ff:d4:55:17:3c:cb:d3:0a:e5:
+ ac:f6:fa:93:fe:55:13:3f:94:d1:d9:9d:08:43:46:be:65:d2:
+ dd:60:55:6e:82:39:ca:49:20:50:1f:84:e4:b8:8a:3b:f1:51:
+ da:59:dc:f9:62:3b:c6:fc:a7:ae:34:8a:90:d3:d4:a6:53:39:
+ eb:8a:a3:64:a6:18:3a:62:c1:e2:a3:1f:ae:01:d1:21:e3:77:
+ ce:07:16:3c:37:02:05:e6:5c:76:63:45:7e:61:3c:18:44:f2:
+ 72:a0:37:7b:24:31:bf:af:ef:40:1c:5a:e1:8d:06:26:fd:3a:
+ 4b:3c:fe:21:a8:6f:d4:01:71:d8:77:a4:46:82:c9:60:84:a7:
+ a1:7f:c8:95:c5:a9:16:4f:60:28:86:53:97:9d:52:ef:9a:31:
+ 51:60:80:44:26:5e:67:79:33:64:01:b3:99:c3:24:cd:ad:5e:
+ a1:7f:18:d6:3d:f9:f0:ce:b0:70:f0:25:72:34:45:7a:68:17:
+ 13:4b:24:82:d7:83:5b:e3:78:77:98:5e:ea:85:19:ee:83:3b:
+ 68:7c:5e:8e
-----BEGIN CERTIFICATE-----
-MIICEDCCAZagAwIBAgIRAKF07OTZUlb6161DHF464oQwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMTMzNloXDTIyMDcx
-NDEzMTMzNlowEzERMA8GA1UEAwwIY3NndWx5YXMwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAASCA5Gt53a3jVGGbczjFZFsrDHnbeFEDcMplXxe4eg3qgD2R3QY5yiQlRZs
-COKf1yRVRiIcGZ8GS5uOlktdu8CtNVoGcxA2Mh2J5rGe82INj4VwckxISkfw+uv2
-e5x/qHqjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUfkQSKOAxxn1AWuTVhl2Q
-EMwUEjMwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAW
-BgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYD
-VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUC
-MCzj5mTNQ65KnNdAZsuyHpDDlxcy+N9i/VQy04Xuu3FeSuIj6qTLdTpyrMr2G/Vr
-VwIxAOcKOAa0lxcs83bMqh5ujb4Sfgrv1jT6QjfhbdO7H3U5o8VAMjd+usEY1Msb
-VWKtGw==
+MIIDVzCCAj+gAwIBAgIRAMz/4liDuF22mxKJz5qqL9QwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1MzIyWhcNMzIwMTI1
+MTY1MzIyWjATMREwDwYDVQQDDAhjc2d1bHlhczCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMZzOV+B/bQMhMgj4ESA9Z/BzQ/4uEvdybCKdLQjNzTJ2YKV
+2fChnlQ6xDMZzXGW7lXyEGc03twKsiEE2ddbFSl/CFTaDLXsObh4kgMHHTY9ylR1
+6Wf+u7jSMHJq51w5H5O7tGJAbNPFp08kfB4N+eoVzRvx5VuGe5kDmSCwKi9YKqq2
+D+ZuHtxDVwTdMtfsASwcg1ICBMKPzWna7TPh/2llLiZnI6aBNQV8UsdJimk4Jp6H
+/VMqm3uQ0Rq4Tvy3bgwmuFWyUHJM1cuL3d7m2rS0AhIcJIS9gYpNeLhvvNxaA9pw
+REgQE726vtuU6GtxvtDPA5lW/sWtaFHu/30lgP8CAwEAAaOBojCBnzAJBgNVHRME
+AjAAMB0GA1UdDgQWBBR0eftjDg0MUm793M0io+ZZng2T5zBRBgNVHSMESjBIgBRJ
+Q1tS+DF4tYR0eo0n0yIfqdTCpaEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GC
+FHXPMTul9juXSk26FNFYypPL8X+lMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1Ud
+DwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAFwxWDVVVilhqwLaxDt/Od6amCUsH
++AFb4rkhHdk8YxR89Lgf25DIu8XB74YI/9RVFzzL0wrlrPb6k/5VEz+U0dmdCENG
+vmXS3WBVboI5ykkgUB+E5LiKO/FR2lnc+WI7xvynrjSKkNPUplM564qjZKYYOmLB
+4qMfrgHRIeN3zgcWPDcCBeZcdmNFfmE8GETycqA3eyQxv6/vQBxa4Y0GJv06Szz+
+Iahv1AFx2HekRoLJYISnoX/IlcWpFk9gKIZTl51S75oxUWCARCZeZ3kzZAGzmcMk
+za1eoX8Y1j358M6wcPAlcjRFemgXE0skgteDW+N4d5he6oUZ7oM7aHxejg==
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDByGpeF+ILcYFWX4cH9
-SxRUvZUkSb1ejVW5jVjfr8UyyfDaAR35ZNCZ1JLgdSWC0g2hZANiAASCA5Gt53a3
-jVGGbczjFZFsrDHnbeFEDcMplXxe4eg3qgD2R3QY5yiQlRZsCOKf1yRVRiIcGZ8G
-S5uOlktdu8CtNVoGcxA2Mh2J5rGe82INj4VwckxISkfw+uv2e5x/qHo=
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDGczlfgf20DITI
+I+BEgPWfwc0P+LhL3cmwinS0Izc0ydmCldnwoZ5UOsQzGc1xlu5V8hBnNN7cCrIh
+BNnXWxUpfwhU2gy17Dm4eJIDBx02PcpUdeln/ru40jByaudcOR+Tu7RiQGzTxadP
+JHweDfnqFc0b8eVbhnuZA5kgsCovWCqqtg/mbh7cQ1cE3TLX7AEsHINSAgTCj81p
+2u0z4f9pZS4mZyOmgTUFfFLHSYppOCaeh/1TKpt7kNEauE78t24MJrhVslByTNXL
+i93e5tq0tAISHCSEvYGKTXi4b7zcWgPacERIEBO9ur7blOhrcb7QzwOZVv7FrWhR
+7v99JYD/AgMBAAECggEBAK61yF/mEFZP4yJUO1/z7MqOExupi473HlZ3PpFMo5Cs
+1/pYNPvdPYfICO04HR+QkhlGN9y0tjMgk3vwSlyHSpUyykHxidkrtBFMzLcvry8O
+rS84c5ljsR7gpVhF95PAkqU8Tm1lbKnwTACoDUFkao4ETYP5rUOrnOq0OT6G+Uyd
+lA00kqmumvuSEXSRrP5sfm8TVfruVZTqLJm2osW6LSCx3XqHIwWyNDABpENGmPxW
+Klxy7WLRjWOfS+RgA8GtYkKH5mSKMhabUXlbUgxHHs7qrIgowKovDZc16RV6KgLA
+8JpQrUT7UXocH3fpGB3KrJgriXv+q9vinUmrqoZ5f5ECgYEA61TkLzGSJVENdImi
+ha46btPiwSI0xD874bxwrAxjPq+CdlrKO01gGvjKfJg05v5lEiCF9aEtJ/z1OXlu
+Wiz5HWSFzQsSWMx5Qud10J+OciXY5Zq6gKptjXkXyGR1O0j1xa/WgjN0hSXYCH7S
+h7r+LYg2Q3//r6Acuya3p+gxfBcCgYEA1+EaPa173NFrwPz/K3BMCV9th2VJvypP
+VuEs/JRKOD/2SwjYR944P/08rV03hUpgU/Xbr7zkV2Yc1sqzFvtjqLvH1gy9Y/2Z
+7aRNFzFGY7ZzBbNyqBhFffQvbUnBMQ3O0BoLh0P4P21L/8fg7RbBcYvufM9YUASy
+yYCGq30iq1kCgYEA3oxccokFdYbOG6xhZtxaZB667PxFPGW0YojLYNkiLdDapsS7
+RROqVDd9fhCOzvg7asYZCS5QPuXInn7IrjyjpXk/06WpxxIvhubPEukhU6+ZC6Gk
+yDLkAYtHw3nFJ7iavEXKrTyt75DXWUleHX/oCfUro+/zRAo9wXse6Yn66icCgYBj
+cVjyInEVJg755lDwxJjyFFhS71CKU8YaYj2j1/dcc/JTXC6s5GuK5m9F+NOzfbBj
+3LQm/t88d1g/hT38Dy84Mc/7BQFVByQZ+P5d+Z/QHOJdNO1TC2MvgwU51ai9nPuw
+lt7Kn3/CT+mbWIp/DGVtlaT1L1oh+hgVhDQE2O7YeQKBgBZE22pasu2XGxCOhUt0
+OHatbUebuWO3CKv5hH8o+jFoDseZWtjM4PbvkrRv0AWLIYMxp7yUkZl3ZBHD4Fkk
+wpjnm4dLqmaxQ+wvnK4hhxul2hs7j5Hxmfo7bpF8v6MSHLTQEhOsVX0U9onI7IIn
+8XG+eKM27X28XAOAOXCo1b2q
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- 12:23:21:70:b0:f9:e3:c1:fe:60:d8:6e:ec:97:35:12
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 98:28:a1:64:04:42:5a:3f:9f:42:0b:d6:47:20:1b:be
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:13:49 2019 GMT
- Not After : Jul 14 13:13:49 2022 GMT
+ Not Before: Jan 27 16:53:32 2022 GMT
+ Not After : Jan 25 16:53:32 2032 GMT
Subject: CN=cslevai
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:4b:d4:e1:4f:a7:5b:1e:c4:7d:40:27:19:de:bc:
- cc:78:6b:5a:86:13:48:c4:c0:40:09:4e:1d:cd:b4:
- f0:8d:14:2e:44:7c:8e:2d:7b:75:27:00:c4:9b:5c:
- 71:1d:35:ff:f6:91:01:e2:3f:22:4d:f4:59:45:e4:
- 85:61:a2:30:bb:7f:8e:7f:86:db:79:7a:da:61:00:
- 72:3d:60:0b:3a:7b:d3:8e:43:d5:21:f9:e5:ef:01:
- 02:48:0e:aa:07:e0:df
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:d1:ac:70:e4:89:88:d8:df:db:ce:fe:1e:85:79:
+ 12:be:c3:fe:78:5d:90:21:37:4c:8b:f7:83:21:8b:
+ af:e0:17:83:20:b9:34:f7:f4:ac:ac:c3:6b:6f:94:
+ 60:b1:c3:82:98:55:4a:19:61:89:3a:60:75:8c:99:
+ 86:55:07:e0:b5:ee:6a:62:41:29:39:e4:c0:d3:14:
+ 22:78:1e:4c:02:ff:9a:36:3c:d5:17:a2:28:d8:68:
+ 9c:cd:cc:cc:32:0d:ac:b5:c4:c3:b4:ce:c1:d7:50:
+ ad:65:44:56:3f:d6:9a:1e:12:4c:18:d9:f7:c4:d9:
+ d0:eb:5f:ee:d4:b8:1c:64:40:cb:cf:62:72:38:33:
+ ab:d7:c5:bc:84:af:5e:5d:d2:df:51:0e:62:48:b5:
+ 71:e8:74:c2:de:1c:59:fb:ad:ae:f9:9e:9a:7b:73:
+ c7:ad:1a:43:9d:92:03:40:5c:b0:89:0a:79:e7:7a:
+ a4:a9:fe:d2:a2:37:fb:30:b9:84:8b:af:4d:ae:d1:
+ 68:36:dc:df:9c:f3:e9:84:b3:dc:41:97:cb:34:ea:
+ 18:97:9f:d8:60:86:e2:8f:f1:9e:6b:6d:69:fe:78:
+ 87:f9:5b:f5:4d:bf:5d:7e:29:c3:73:68:1d:9a:03:
+ 5c:f7:34:fd:89:d9:70:59:e6:df:e3:64:55:21:a9:
+ 23:d1
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- A5:71:47:49:34:D9:70:4C:8E:A6:06:51:69:AC:4D:2F:61:9F:3F:D2
+ 78:8A:3B:63:8C:10:54:23:2A:F6:61:5B:4E:8D:23:85:01:A5:3A:B8
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:79:11:b6:e8:91:42:c8:db:cd:fa:27:07:1d:5b:
- cc:9f:b2:f3:d2:0f:79:7f:7e:83:3a:e9:4b:86:a0:ba:c1:10:
- 9a:87:21:f0:2c:26:e9:c5:fc:fc:7c:6c:45:79:29:d3:02:30:
- 0b:74:ab:68:f6:25:3f:d3:2b:eb:a9:13:1d:3d:b1:a8:80:9c:
- 1f:8f:6f:de:de:2f:a7:7f:ad:5a:a5:18:29:05:99:65:5f:63:
- 50:31:6e:78:90:e6:12:3e:83:f1:d8:b0
+ Signature Algorithm: sha256WithRSAEncryption
+ 5f:0c:9b:ec:2f:d1:0f:96:91:e2:9c:3b:55:27:f0:56:5d:7c:
+ 85:0c:8b:d3:03:d5:40:86:0e:9b:0b:d1:ce:f5:e6:ab:7a:ec:
+ 18:17:e0:0f:56:03:c6:29:20:35:4a:bc:43:01:0b:c0:6e:77:
+ 5d:33:c8:57:11:75:c3:d6:e4:fa:70:42:9c:0f:cd:33:75:ce:
+ 68:3e:8b:2c:c1:19:07:5f:ab:00:8d:cc:b5:7e:bf:6d:ec:01:
+ db:6a:5e:56:dd:2e:95:13:bb:4c:8e:ed:06:3e:50:c9:48:ad:
+ 87:7d:1b:0b:54:b2:cb:70:cf:c3:15:19:fc:cf:57:05:3c:c8:
+ e3:34:9f:e7:d1:57:65:5d:07:08:82:3e:2e:00:dc:02:ab:4a:
+ ab:9d:f3:e1:37:c7:17:83:71:e0:c2:92:a8:5a:45:46:83:a2:
+ 8b:c8:f4:41:cb:17:fb:dd:cd:ea:40:02:63:3d:a5:79:8c:f4:
+ ea:3b:4c:d1:2c:1b:82:f1:ff:6a:d4:e4:dc:8c:b1:ff:8a:72:
+ 00:f0:53:a1:c8:98:45:ac:22:7a:35:40:b8:fe:13:8a:9c:d1:
+ b9:d6:74:31:08:30:db:03:a9:75:6c:75:48:96:ad:02:ce:a3:
+ 22:2a:a9:a8:63:c9:7f:0b:25:0d:91:6c:3a:72:56:11:22:4c:
+ 37:5f:3d:f9
-----BEGIN CERTIFICATE-----
-MIICDTCCAZSgAwIBAgIQEiMhcLD548H+YNhu7Jc1EjAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMzQ5WhcNMjIwNzE0
-MTMxMzQ5WjASMRAwDgYDVQQDDAdjc2xldmFpMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAES9ThT6dbHsR9QCcZ3rzMeGtahhNIxMBACU4dzbTwjRQuRHyOLXt1JwDEm1xx
-HTX/9pEB4j8iTfRZReSFYaIwu3+Of4bbeXraYQByPWALOnvTjkPVIfnl7wECSA6q
-B+Dfo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFKVxR0k02XBMjqYGUWmsTS9h
-nz/SMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNnADBkAjB5
-EbbokULI2836JwcdW8yfsvPSD3l/foM66UuGoLrBEJqHIfAsJunF/Px8bEV5KdMC
-MAt0q2j2JT/TK+upEx09saiAnB+Pb97eL6d/rVqlGCkFmWVfY1AxbniQ5hI+g/HY
-sA==
+MIIDVjCCAj6gAwIBAgIRAJgooWQEQlo/n0IL1kcgG74wDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1MzMyWhcNMzIwMTI1
+MTY1MzMyWjASMRAwDgYDVQQDDAdjc2xldmFpMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA0axw5ImI2N/bzv4ehXkSvsP+eF2QITdMi/eDIYuv4BeDILk0
+9/SsrMNrb5RgscOCmFVKGWGJOmB1jJmGVQfgte5qYkEpOeTA0xQieB5MAv+aNjzV
+F6Io2GiczczMMg2stcTDtM7B11CtZURWP9aaHhJMGNn3xNnQ61/u1LgcZEDLz2Jy
+ODOr18W8hK9eXdLfUQ5iSLVx6HTC3hxZ+62u+Z6ae3PHrRpDnZIDQFywiQp553qk
+qf7Sojf7MLmEi69NrtFoNtzfnPPphLPcQZfLNOoYl5/YYIbij/Gea21p/niH+Vv1
+Tb9dfinDc2gdmgNc9zT9idlwWebf42RVIakj0QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFHiKO2OMEFQjKvZhW06NI4UBpTq4MFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBfDJvsL9EPlpHinDtVJ/BWXXyFDIvT
+A9VAhg6bC9HO9eareuwYF+APVgPGKSA1SrxDAQvAbnddM8hXEXXD1uT6cEKcD80z
+dc5oPosswRkHX6sAjcy1fr9t7AHbal5W3S6VE7tMju0GPlDJSK2HfRsLVLLLcM/D
+FRn8z1cFPMjjNJ/n0VdlXQcIgj4uANwCq0qrnfPhN8cXg3HgwpKoWkVGg6KLyPRB
+yxf73c3qQAJjPaV5jPTqO0zRLBuC8f9q1OTcjLH/inIA8FOhyJhFrCJ6NUC4/hOK
+nNG51nQxCDDbA6l1bHVIlq0CzqMiKqmoY8l/CyUNkWw6clYRIkw3Xz35
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBcc3FEyoXLKwyy5rTO
-jo9SMOdGwdkwZFGBHDUYB65z/JrmvW6ArIv/XuYS3eCOg3mhZANiAARL1OFPp1se
-xH1AJxnevMx4a1qGE0jEwEAJTh3NtPCNFC5EfI4te3UnAMSbXHEdNf/2kQHiPyJN
-9FlF5IVhojC7f45/htt5etphAHI9YAs6e9OOQ9Uh+eXvAQJIDqoH4N8=
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDRrHDkiYjY39vO
+/h6FeRK+w/54XZAhN0yL94Mhi6/gF4MguTT39Kysw2tvlGCxw4KYVUoZYYk6YHWM
+mYZVB+C17mpiQSk55MDTFCJ4HkwC/5o2PNUXoijYaJzNzMwyDay1xMO0zsHXUK1l
+RFY/1poeEkwY2ffE2dDrX+7UuBxkQMvPYnI4M6vXxbyEr15d0t9RDmJItXHodMLe
+HFn7ra75npp7c8etGkOdkgNAXLCJCnnneqSp/tKiN/swuYSLr02u0Wg23N+c8+mE
+s9xBl8s06hiXn9hghuKP8Z5rbWn+eIf5W/VNv11+KcNzaB2aA1z3NP2J2XBZ5t/j
+ZFUhqSPRAgMBAAECggEBAMqSNJvH+Ou3E7GfODOx7pdZ2j/F/VrqB01u+0TspSX2
+8VwrM26f+DgNsX2it+zmvASa2jU9U4yP5uHI7cy3CLYcurFkzQS+6kDEQi0U8FEx
+S3c9PI9Rvu6d22jFhT6SkZsnmADWhNaWfn/JDx8sIcgN23FjHQsVec/95kuj+OIt
+LARLRmID+/Pu0KempNsL+4E+DXEsC5qARVAa/oZVoGmLLbYZXIie+LyXlph224lX
+2wVoOp7aCQ4BxlD7wVTq5mDEaGaFaYqZHzDRqzRX8V754caBNO8j7KsPPcsaZG4B
+ge7vMvIcEiF8IOB/JBw9IosH4xksaC+Ar6ynlMEnxDUCgYEA8DJQZgiXcg1L707/
+1zaRVRh85YHu5o4gCXexxHaEEhZUvUT8ZmehdFjajBrvp2yZsm6z8WUL2+sjn4gR
+yJA7+qr3FYMYvn7cl+hbDz2QHXRyG9sYWjhBPEvbrYpeC4pVEvrRNDuIG0L1T1ts
+JI/OtaIw9bYH42cVdSaiKvRZxPcCgYEA33gFnsoSvRakPHFitMHbyrhsKpgzWKt3
+HrpYyJiOkj7fHKHonSV8CeZeVV2QLbqkrwODAXewHFQRS8titFFXmWZGqqcxVJtj
+vTtCY7tsLBzXay56NZPN4EPV3JbX3+XBWKJF1c2clURm6iB3ev5B1terF8od89bC
+VMw/KTth03cCgYEA4eF/CCUmPsRQV7FEGWCglZTcx3xEbR7U8/JTA32sv9GuSPua
+HLdx9xckF0OxghI4C7vdjrJGz762Fm2Aw8sYDKhAikNpvqNQ0a5aC+AKKhj6wkVt
+BlMGzixMX0vTGykwzhN/L46YdYKnbMR903hFnTv0rO1NR8YGQNBfCuQVk4sCgYEA
+pnvra/5N8ZOBrgonKFVY4vF8nEshzciIiVr5NBD7/pZacCFrhE/d1h5LXzvCY18u
+u7hZDGnXyXMUI6yVj5MeOQmKUi8XQFo3903DyzthfofKMW7B21KPSaogFSRIFeU8
+o0TZ1ExHgKkiJwEjIn10HZQ1QhbxM61mv/gegiBcZEcCgYAVRURDfBPPfDRw6VrR
+WgeQX3I+N/dy6cFkBZLflpxdW9IgOAegEXRBYoTfyKXy6KHgGoJRePM1SDss2+mu
+ku8dBPBdOTIIoBhrRT0onwigoJaMerE9ipUglZnmu4ZtixH2w80VGXp4l08CUmgj
+VjgdFdDlKJ6ql29pDiiNvM27/A==
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- ee:43:78:cd:16:7f:a5:7c:d5:10:b8:71:1f:5e:50:4e
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ ac:ba:23:20:4b:73:6c:f4:35:3c:08:0b:12:1b:ff:49
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Aug 2 08:47:52 2019 GMT
- Not After : Jul 17 08:47:52 2022 GMT
+ Not Before: Jan 27 16:53:47 2022 GMT
+ Not After : Jan 25 16:53:47 2032 GMT
Subject: CN=dhorvath
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:c2:77:2a:57:01:7b:d9:0b:e0:e0:69:7e:2a:df:
- 05:b8:91:4e:50:51:e9:52:bd:a5:fa:01:ad:62:0a:
- 69:10:82:6f:aa:84:64:33:71:d9:96:ca:9c:05:ce:
- d9:13:99:b0:d9:d5:4d:d9:1a:43:8c:41:d5:e7:0a:
- ae:92:6c:f6:7f:bf:73:b6:ff:bd:a4:bb:fc:d9:0c:
- 36:0d:e2:f4:78:24:bb:cd:ac:e9:04:d6:9c:a5:2b:
- ce:d7:0e:85:85:10:f1
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:c6:f8:1a:ee:a6:a6:42:b8:ae:3f:fc:45:c6:86:
+ 81:17:81:74:f1:e2:eb:14:a6:22:5e:3a:44:33:0c:
+ d9:a4:2b:64:62:f5:77:61:c1:97:56:42:ee:89:d0:
+ 6d:61:a7:a1:59:65:7d:83:0e:97:7e:63:b4:ab:f7:
+ 95:fd:18:c1:0b:2d:c3:de:66:7a:9a:75:cd:ef:1f:
+ 0e:56:b5:c3:c8:45:78:68:f0:51:a1:30:75:9f:3e:
+ b0:31:02:a7:d8:73:b5:eb:1c:6c:93:6a:c0:bb:3f:
+ f7:ad:27:76:0e:86:55:f8:23:e5:d3:70:6e:23:9f:
+ dc:94:f0:50:40:98:a9:8a:07:c7:e3:cb:e9:23:ca:
+ 91:4d:01:49:db:8d:1a:ca:4c:f6:52:5b:b6:02:15:
+ 69:b3:20:6a:33:c0:61:52:bc:d5:1d:ac:f4:6a:8e:
+ cc:a9:fb:36:8f:8b:21:db:91:f8:3a:11:d4:cd:c7:
+ d6:c7:cd:41:17:cd:91:49:0b:40:21:8d:13:a2:ee:
+ fa:59:d3:60:55:f8:8e:bb:6b:2b:0e:f7:af:61:a7:
+ 6b:88:c1:03:4d:73:4d:e3:c0:e2:17:b1:2c:9d:78:
+ 78:1c:9e:e9:f8:0c:2c:64:68:b4:c1:4a:43:47:f4:
+ 87:91:06:f9:00:fd:76:00:41:09:58:b5:a2:b8:af:
+ b7:05
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- D7:31:77:61:74:16:36:31:0A:BF:D2:E5:EA:44:1E:FD:CE:E3:7E:26
+ CF:44:3C:7F:23:15:9C:76:59:D3:47:32:F3:05:35:6E:23:A0:3B:C7
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:cc:88:44:5d:a2:1b:e2:d5:1f:f6:17:f7:4f:
- fe:11:b1:6a:e7:9b:cd:bb:35:21:90:9d:a5:07:e8:34:1c:b4:
- 29:b6:a1:ff:d1:d9:d3:60:a1:04:ed:47:17:d5:81:53:bf:02:
- 31:00:db:af:26:de:3e:0a:b9:2b:e7:43:a0:34:10:96:fb:7c:
- 25:4a:dd:e6:82:bc:5a:f0:f9:ea:cc:10:3f:2f:18:09:eb:32:
- f3:83:d4:49:b1:7b:30:d4:d0:3f:9c:00:75:7b
+ Signature Algorithm: sha256WithRSAEncryption
+ 41:c4:86:a3:f5:3b:0d:5e:b2:78:78:b1:18:80:65:4d:02:06:
+ ba:f5:3b:49:5d:09:13:a9:7d:e2:6e:f2:a3:ea:e0:27:78:8c:
+ 41:63:85:f5:8b:11:86:89:f4:83:d4:2a:91:22:26:b9:68:11:
+ 3a:2a:74:df:3c:ea:d5:3b:bc:e9:d8:c6:1b:01:6d:3d:db:43:
+ bb:eb:6b:76:2c:fe:d9:ec:d1:d6:3d:c1:f2:59:27:29:17:cc:
+ 6a:be:da:b3:cd:c7:6f:b6:5d:1e:49:a5:4b:d5:c0:87:fc:7a:
+ a6:40:67:e4:1e:5b:93:01:51:be:f9:33:7e:cb:29:4a:4f:55:
+ 52:09:66:f1:b9:b3:98:99:59:f8:24:50:09:80:51:21:76:47:
+ 93:c1:f7:c2:83:32:9c:a8:da:63:1b:cf:85:3a:99:9d:43:22:
+ af:76:94:b0:50:18:7c:bf:c4:16:55:09:79:90:2c:41:ee:84:
+ ac:b5:f1:26:d7:b3:23:38:95:28:e0:66:3e:ae:11:61:72:cf:
+ a2:e7:c4:58:d9:14:52:a7:da:0a:6b:2b:94:7e:b5:66:57:8e:
+ 54:40:df:57:09:5e:61:7f:7e:dd:71:fa:a7:23:06:18:c1:2d:
+ ff:8d:90:f2:b0:8d:5a:0a:7e:ae:64:d3:bb:ae:48:29:24:ea:
+ 39:9f:cf:0d
-----BEGIN CERTIFICATE-----
-MIICETCCAZagAwIBAgIRAO5DeM0Wf6V81RC4cR9eUE4wCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDgwMjA4NDc1MloXDTIyMDcx
-NzA4NDc1MlowEzERMA8GA1UEAwwIZGhvcnZhdGgwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAATCdypXAXvZC+DgaX4q3wW4kU5QUelSvaX6Aa1iCmkQgm+qhGQzcdmWypwF
-ztkTmbDZ1U3ZGkOMQdXnCq6SbPZ/v3O2/72ku/zZDDYN4vR4JLvNrOkE1pylK87X
-DoWFEPGjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQU1zF3YXQWNjEKv9Ll6kQe
-/c7jfiYwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAW
-BgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYD
-VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2kAMGYC
-MQDMiERdohvi1R/2F/dP/hGxauebzbs1IZCdpQfoNBy0Kbah/9HZ02ChBO1HF9WB
-U78CMQDbrybePgq5K+dDoDQQlvt8JUrd5oK8WvD56swQPy8YCesy84PUSbF7MNTQ
-P5wAdXs=
+MIIDVzCCAj+gAwIBAgIRAKy6IyBLc2z0NTwICxIb/0kwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1MzQ3WhcNMzIwMTI1
+MTY1MzQ3WjATMREwDwYDVQQDDAhkaG9ydmF0aDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMb4Gu6mpkK4rj/8RcaGgReBdPHi6xSmIl46RDMM2aQrZGL1
+d2HBl1ZC7onQbWGnoVllfYMOl35jtKv3lf0YwQstw95mepp1ze8fDla1w8hFeGjw
+UaEwdZ8+sDECp9hztescbJNqwLs/960ndg6GVfgj5dNwbiOf3JTwUECYqYoHx+PL
+6SPKkU0BSduNGspM9lJbtgIVabMgajPAYVK81R2s9GqOzKn7No+LIduR+DoR1M3H
+1sfNQRfNkUkLQCGNE6Lu+lnTYFX4jrtrKw73r2Gna4jBA01zTePA4hexLJ14eBye
+6fgMLGRotMFKQ0f0h5EG+QD9dgBBCVi1orivtwUCAwEAAaOBojCBnzAJBgNVHRME
+AjAAMB0GA1UdDgQWBBTPRDx/IxWcdlnTRzLzBTVuI6A7xzBRBgNVHSMESjBIgBRJ
+Q1tS+DF4tYR0eo0n0yIfqdTCpaEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GC
+FHXPMTul9juXSk26FNFYypPL8X+lMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1Ud
+DwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAQcSGo/U7DV6yeHixGIBlTQIGuvU7
+SV0JE6l94m7yo+rgJ3iMQWOF9YsRhon0g9QqkSImuWgROip03zzq1Tu86djGGwFt
+PdtDu+trdiz+2ezR1j3B8lknKRfMar7as83Hb7ZdHkmlS9XAh/x6pkBn5B5bkwFR
+vvkzfsspSk9VUglm8bmzmJlZ+CRQCYBRIXZHk8H3woMynKjaYxvPhTqZnUMir3aU
+sFAYfL/EFlUJeZAsQe6ErLXxJtezIziVKOBmPq4RYXLPoufEWNkUUqfaCmsrlH61
+ZleOVEDfVwleYX9+3XH6pyMGGMEt/42Q8rCNWgp+rmTTu65IKSTqOZ/PDQ==
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAiHqPToF5VeW4qNuAu
-JwWSuOhHA5ZoB1jVj28Cxtnd2nbtrVwpIKlKOMiQy4WhyoKhZANiAATCdypXAXvZ
-C+DgaX4q3wW4kU5QUelSvaX6Aa1iCmkQgm+qhGQzcdmWypwFztkTmbDZ1U3ZGkOM
-QdXnCq6SbPZ/v3O2/72ku/zZDDYN4vR4JLvNrOkE1pylK87XDoWFEPE=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDG+BrupqZCuK4/
+/EXGhoEXgXTx4usUpiJeOkQzDNmkK2Ri9XdhwZdWQu6J0G1hp6FZZX2DDpd+Y7Sr
+95X9GMELLcPeZnqadc3vHw5WtcPIRXho8FGhMHWfPrAxAqfYc7XrHGyTasC7P/et
+J3YOhlX4I+XTcG4jn9yU8FBAmKmKB8fjy+kjypFNAUnbjRrKTPZSW7YCFWmzIGoz
+wGFSvNUdrPRqjsyp+zaPiyHbkfg6EdTNx9bHzUEXzZFJC0AhjROi7vpZ02BV+I67
+aysO969hp2uIwQNNc03jwOIXsSydeHgcnun4DCxkaLTBSkNH9IeRBvkA/XYAQQlY
+taK4r7cFAgMBAAECggEASv6tOBK8TB3MH/X4XtHHypJS//El5kyQW6/ekNdhGU35
+sosPClurrSnhOzTCZbKHUGi+nC1d0JfIO6FAeXthF9OSJju+LoYErwKnpusv9kap
+EfSy7+ySCQnZ4z87AIzsnsfB7Pap2mpL8ooTJ3pe4P6227Fe8jKJM+I4fYCNNqb5
+3pCvUQ7ajpnhVwzrmJ68JzQMAHNr1mOwjd5PZIJFt+Qr5JrkNfhbRmK7fdEGwD4d
+lW0vZcj0Dbi48ohVlv+8vY7T2Gmv+1CrPMZOIGdKM+FdSAWPSPwVno/6+OqEMP8g
+QKP5BvBsLUg+YmRqNOga0lCZ33aau67DKkq79zlzKQKBgQDqugIWvdb6G4p1HKJq
+IfLZ7cPFmZKQSKQESncNAXLZqPSE45U5XWsLiS+LemSGE+CAiiuOg54Iw0fbijuu
+w7x5ek5GB2oC8nDoEKUBMq28eWcSAVt4DjZdfTzMcHDavpdfxe9EkUYBVMwP8rDj
+4r/xV572rttqUZ2t65ZGFf6NkwKBgQDZAHk8e2b7b1nFtYEES81dua0RdndnqvO2
+yvl5w0qUuxxXpEEN+UFUg0JNOmRN96F24g+ZYcy/Vts+XXvkMuAWh0WixiK5DeD/
+7HExpYNl440B0Xy5Vp/s3sIAS49cgjcz/a6HwJcV4YgAyYNAKqtAiMFnKEe0ZcRY
+iMYBOsXIBwKBgEmgcPlLMPyg2OxlP/jEj1WWhBseUd/aOUBzTyaQNsNZgOGSNYOZ
+7vLeZEB+8rsvzvLi5Ei+tjqPbqHJmXD3Ss5b8+N5feJQw+O3HNrkV6TP++mk7Vka
+NCldGE4UUwH6WKcdAjFi1C+ktqGmAaBpxsVgM6ezL3YJBcnBJRD04zTrAoGAYZ5u
+66Bv4WhkMCbIlVAsYJ9oldR/PqmO3YpN1FLgOCw8QcjoYwrgMs6hgvBjsxdVEY/8
+iHmQi/rcwh933l5spHXSA7myYSE3OKn6+eSFSc6l3k2JGC853msPRua25VzGzKKw
+Yu1mijdc4U3Ft5X6WButNWTPbP3i6BkPSfpQgv0CgYEAkhDKG+xABN8XvLocvlg+
+vGofIprLK03A+rvegZAT9/JlmEqaEbdvBSiaCGQNHdy+k6xdAFnsrMzVIL1cDLKv
+u/ncsR/kdVZ5b/5uaJrtixkuYZVJdYEs5CabJc6aeRsHD5Slb1Z7/v8FB2wjQPRx
+lvV2jdeuwJ37WIetVS/tqkw=
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- 07:5b:cc:38:0a:a7:60:e4:33:ea:dc:63:5f:da:65:bb
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ d0:00:c3:68:db:1f:1a:36:3a:cd:08:ff:f2:13:d8:e9
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:14:04 2019 GMT
- Not After : Jul 14 13:14:04 2022 GMT
+ Not Before: Jan 27 16:54:00 2022 GMT
+ Not After : Jan 25 16:54:00 2032 GMT
Subject: CN=dvasary
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:83:4f:51:7b:f1:30:dc:76:25:db:21:fd:11:8a:
- 39:fc:6f:4a:0f:f5:38:9d:8e:3c:18:c3:e2:b9:9a:
- 7e:d8:25:9d:69:f1:40:f2:1c:f8:bd:7c:98:e9:1d:
- 86:78:d0:d5:7b:b1:e6:8a:cb:44:e9:42:6c:61:c4:
- d9:32:c5:16:f0:76:71:90:58:0f:13:f4:cb:01:02:
- 68:fa:bb:3e:cb:24:47:e2:87:2d:f2:c6:d9:5f:b8:
- 16:de:47:aa:bf:02:65
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b4:d9:2e:da:28:56:77:92:4d:fd:38:96:a6:8d:
+ c4:0a:44:75:dc:ff:81:ee:9e:0d:af:9b:7b:ed:5e:
+ 5f:03:be:33:5e:af:54:e1:e8:b8:0e:9c:83:62:24:
+ ce:94:0c:e5:d0:8a:90:41:5f:72:4f:a3:b0:27:9c:
+ 73:32:52:1f:8c:9d:d9:52:db:ce:91:85:db:0e:c6:
+ 71:f0:fe:42:6f:06:11:76:16:32:45:22:f0:37:72:
+ d8:87:d2:f4:15:ad:77:b5:e2:a7:50:81:80:57:87:
+ 2f:84:f4:9d:9c:5a:b6:47:61:2e:42:f5:59:4a:f8:
+ b1:de:2f:c3:bb:4a:69:57:61:6d:d2:a6:9c:bd:ee:
+ 91:2d:fc:8e:68:5f:62:b8:c6:6f:0d:29:7c:2c:26:
+ 17:96:8a:42:45:29:93:49:e9:71:3b:df:11:54:c5:
+ 19:47:11:be:48:42:5d:df:e7:39:0d:59:06:79:a7:
+ 5d:68:fd:ff:63:d4:d5:f2:a4:77:b3:46:c2:7c:9d:
+ bf:10:57:73:da:03:c0:82:4c:6c:55:37:1e:64:68:
+ d0:96:f3:9e:02:f9:c5:52:73:dc:15:57:81:2e:0f:
+ 01:98:29:bc:cf:a1:8e:fa:58:e8:05:98:3b:4c:73:
+ 65:06:e5:f9:be:25:9a:e2:e9:33:be:86:5f:16:8a:
+ fc:f9
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 61:47:26:E4:48:A5:C7:F8:38:0A:5F:06:FE:F6:35:DC:BB:71:F1:36
+ D0:78:94:E1:01:5B:22:6C:03:1E:7C:BC:CA:35:8D:58:BC:31:78:82
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:8a:59:88:96:eb:a1:b6:5d:51:39:39:63:b6:
- 53:c1:1e:01:ae:35:ff:3e:a5:ba:ed:17:a9:0b:2d:a9:86:c3:
- ae:c1:47:55:9b:16:9f:d7:29:71:28:06:92:6c:da:86:75:02:
- 31:00:b3:f1:55:67:51:44:2f:fa:5f:c0:65:ce:45:c3:ef:88:
- f4:80:98:65:69:e5:db:7b:42:71:6f:16:f2:06:5c:ad:e1:ce:
- fb:dc:fc:46:1f:b2:79:61:5a:c9:81:b5:24:c3
+ Signature Algorithm: sha256WithRSAEncryption
+ cb:3e:27:5c:98:9f:19:d3:e3:e6:9b:13:23:fc:6d:06:62:1f:
+ 80:6e:95:f3:67:02:a0:9e:a0:71:fd:c2:08:c4:a3:ed:61:44:
+ 5e:3e:d7:fa:a2:53:ca:97:44:97:8a:e3:e5:e4:c6:b0:b7:cc:
+ 46:aa:5d:32:71:7b:0c:e7:ac:e8:c3:65:9e:45:bf:39:4a:d1:
+ fe:20:4f:1b:8e:88:f3:9d:82:3b:99:0d:95:53:da:ed:db:60:
+ 68:79:31:c3:11:f5:63:e9:74:1a:8d:15:8d:e7:0e:ff:0f:8f:
+ a1:e0:82:ad:42:cd:6d:2c:73:93:a8:fc:c3:c7:37:24:f5:44:
+ 51:c9:3d:28:67:6c:a3:3b:11:3c:f2:5e:45:a8:cc:09:21:f7:
+ 3a:be:aa:53:c6:4f:90:65:83:df:3d:1b:01:c5:a8:95:f0:d3:
+ da:b0:e4:9a:d5:ed:c5:f6:2e:78:38:39:ba:78:db:53:d6:0a:
+ e4:5d:e7:59:7d:81:a1:1d:81:96:ef:28:26:0a:8d:73:9c:60:
+ e3:6c:02:c3:95:cf:93:6f:e5:c0:49:b9:eb:8f:5e:02:19:83:
+ 5a:50:d9:6b:9d:0d:01:80:06:ba:96:2d:e0:82:4a:5b:02:53:
+ 37:36:a6:41:5d:34:1d:9a:96:86:ae:46:cf:74:f7:49:dd:cd:
+ 93:eb:81:23
-----BEGIN CERTIFICATE-----
-MIICDzCCAZSgAwIBAgIQB1vMOAqnYOQz6txjX9pluzAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDA0WhcNMjIwNzE0
-MTMxNDA0WjASMRAwDgYDVQQDDAdkdmFzYXJ5MHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEg09Re/Ew3HYl2yH9EYo5/G9KD/U4nY48GMPiuZp+2CWdafFA8hz4vXyY6R2G
-eNDVe7HmistE6UJsYcTZMsUW8HZxkFgPE/TLAQJo+rs+yyRH4oct8sbZX7gW3keq
-vwJlo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFGFHJuRIpcf4OApfBv72Ndy7
-cfE2MFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEA
-ilmIluuhtl1ROTljtlPBHgGuNf8+pbrtF6kLLamGw67BR1WbFp/XKXEoBpJs2oZ1
-AjEAs/FVZ1FEL/pfwGXORcPviPSAmGVp5dt7QnFvFvIGXK3hzvvc/EYfsnlhWsmB
-tSTD
+MIIDVjCCAj6gAwIBAgIRANAAw2jbHxo2Os0I//IT2OkwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1NDAwWhcNMzIwMTI1
+MTY1NDAwWjASMRAwDgYDVQQDDAdkdmFzYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAtNku2ihWd5JN/TiWpo3ECkR13P+B7p4Nr5t77V5fA74zXq9U
+4ei4DpyDYiTOlAzl0IqQQV9yT6OwJ5xzMlIfjJ3ZUtvOkYXbDsZx8P5CbwYRdhYy
+RSLwN3LYh9L0Fa13teKnUIGAV4cvhPSdnFq2R2EuQvVZSvix3i/Du0ppV2Ft0qac
+ve6RLfyOaF9iuMZvDSl8LCYXlopCRSmTSelxO98RVMUZRxG+SEJd3+c5DVkGeadd
+aP3/Y9TV8qR3s0bCfJ2/EFdz2gPAgkxsVTceZGjQlvOeAvnFUnPcFVeBLg8BmCm8
+z6GO+ljoBZg7THNlBuX5viWa4ukzvoZfFor8+QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFNB4lOEBWyJsAx58vMo1jVi8MXiCMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQDLPidcmJ8Z0+PmmxMj/G0GYh+AbpXz
+ZwKgnqBx/cIIxKPtYURePtf6olPKl0SXiuPl5Mawt8xGql0ycXsM56zow2WeRb85
+StH+IE8bjojznYI7mQ2VU9rt22BoeTHDEfVj6XQajRWN5w7/D4+h4IKtQs1tLHOT
+qPzDxzck9URRyT0oZ2yjOxE88l5FqMwJIfc6vqpTxk+QZYPfPRsBxaiV8NPasOSa
+1e3F9i54ODm6eNtT1grkXedZfYGhHYGW7ygmCo1znGDjbALDlc+Tb+XASbnrj14C
+GYNaUNlrnQ0BgAa6li3ggkpbAlM3NqZBXTQdmpaGrkbPdPdJ3c2T64Ej
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBlosRzur9E4uOwMzTj
-/x+I2VSe0jDyJr/CDV50ElawBO6bEvw4a5m2HjNW7HcAF4yhZANiAASDT1F78TDc
-diXbIf0Rijn8b0oP9TidjjwYw+K5mn7YJZ1p8UDyHPi9fJjpHYZ40NV7seaKy0Tp
-QmxhxNkyxRbwdnGQWA8T9MsBAmj6uz7LJEfihy3yxtlfuBbeR6q/AmU=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC02S7aKFZ3kk39
+OJamjcQKRHXc/4Hung2vm3vtXl8DvjNer1Th6LgOnINiJM6UDOXQipBBX3JPo7An
+nHMyUh+MndlS286RhdsOxnHw/kJvBhF2FjJFIvA3ctiH0vQVrXe14qdQgYBXhy+E
+9J2cWrZHYS5C9VlK+LHeL8O7SmlXYW3Sppy97pEt/I5oX2K4xm8NKXwsJheWikJF
+KZNJ6XE73xFUxRlHEb5IQl3f5zkNWQZ5p11o/f9j1NXypHezRsJ8nb8QV3PaA8CC
+TGxVNx5kaNCW854C+cVSc9wVV4EuDwGYKbzPoY76WOgFmDtMc2UG5fm+JZri6TO+
+hl8Wivz5AgMBAAECggEANUs/TFjQymHaC8JOWvyyBdiQ5zSApMH9BIAMcDH8TA0T
+9FY07HH5M40aBqUUH3sBioga5Ljs5d01/yZSqESdOYIW1h0iba4FlQAT+dHj3/Xo
+1WTLIaafJaf5eWVIOs8o1PfbGJVhLeoPrd2sSLROvRA9YswMqVRKjlCDHMFb87yq
+Cuwa/YEIxGYI0OLMPdDXMOwcXL2iy4oHm7rOjpwakB4nJypKDVRPCutC1uAN7sHn
+q9Z/NXRfe6SYqq62LWlSWm90u7ESEUem1BkUL8F+yd+xL86gA0eBGT1IIXdm1QPk
+CNjVxjqEM0BF55Qavjw2xZGb9Yf0YM+1sLCxyB5ZtQKBgQDs1Ig3nIVTj6VXTQDq
+yGgiqloRDwLPa6e5zG98z69dH25hlJjsiWVvZ0NVMEiLhhLr3UtMs96wunqqGKc9
+AOH/3v/hVaPH2px6EPP9ASV8YgSxMPHSVNc49pTkJ1xCuxeGovem19VrggWNznlW
++kGaHAPOE8i0QTa6usUPj2+RXwKBgQDDfKAjp4cxsj1TJJmPHUa69wpcbcvlTpjY
+RZUWoYiMOlWujbDAaQUS9jorSzm28TMCtwAm+iKRo/TNwvWs9MGhTuwfkQeblTtm
+C/hRGF8Cm/X7v4/84p6BzDs1FGov4D9MBjDRfXk1JHdWqjQHpFn+9fW6efgHdHSh
+R26C/MXYpwKBgHl4cP2FDGVVkgp69nN1ouPU2ClTt69HmlmT38L2iw2KZ4UpQF5i
+AmLnZgO1ph/Z/q53bH3E6/1dSDkiN/T0FPa2HCwpTr3dBNEfDOXBxsZLR/jSD9Y/
+qbwPzUJQZePcLi7iO3+ZyF9B6zNWqanQ5gDzSYhTYWgC4t1XmmdmvGSlAoGAXIfo
+ERhiQN66cll3qitUaHk42UlLYu4SIQTGriClzqJqHiaJTHopYbFVFVsVJYgD+jv/
+AXQS2tc9sAuhWE2+PYlq8QIoFLfNlt8BmfksN8L060XgdPYbyxqNx/Ey1hiSPX0M
+rIx0y/fH2SjVWeysgKeRucOz6GtyLUjvgWb+iy8CgYEA620weTdaFfnoGojrDrOM
+e2wl+ll86GX9OXRS2mkUSgg9AOYTl15ik94U8+QBA6W1QDT7k7rCDr/NDlUnmPO9
+l2hzCnYbrE4Cqs63N0sGb8dHdwzBDG2f4txrfUotL5wb9NqJeV1yg21WKV2bhiPo
+7XDtHqlGenpGP/D54L1amIk=
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- 32:06:af:0b:00:a2:dd:98:26:61:13:a2:f8:c5:f8:e7
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ dd:3f:8e:ec:40:23:98:27:3e:6e:03:0d:a4:c4:94:43
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:14:15 2019 GMT
- Not After : Jul 14 13:14:15 2022 GMT
+ Not Before: Jan 27 16:54:12 2022 GMT
+ Not After : Jan 25 16:54:12 2032 GMT
Subject: CN=fritter
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:01:16:61:9a:29:9b:00:34:c6:d8:d0:31:87:e7:
- 2c:fd:7a:7e:e0:6e:f7:26:1a:62:7f:d4:7d:aa:8d:
- 0e:83:bd:c2:51:8c:cb:34:2b:3d:04:40:4f:2c:6f:
- 8b:86:9b:7f:de:a2:79:a4:0a:03:4c:70:71:34:ba:
- f6:f8:d1:e8:92:18:32:d6:78:3d:5d:29:5c:70:a0:
- b6:80:7f:21:e2:63:09:57:c1:46:fd:9b:d9:7a:2a:
- b8:13:f2:f7:83:cc:32
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:d2:58:d1:a5:05:3c:bd:ed:ca:7c:f3:0b:96:d1:
+ 01:db:c5:61:64:ed:9c:2e:23:0f:9d:94:cc:dc:ff:
+ 84:4b:20:ce:9d:1f:f6:f2:20:b8:1b:7c:87:1a:6a:
+ f7:8e:5f:cf:b0:3b:0b:f5:8a:2c:84:fb:35:63:3f:
+ ae:4f:54:ce:8f:b5:3c:76:ee:b4:6e:3d:e9:39:13:
+ 4b:0f:03:64:32:a1:2f:4f:12:c7:91:db:5e:09:93:
+ 92:2e:9e:7e:7d:bd:1c:00:f8:f2:12:48:e0:57:0d:
+ 8a:7a:8b:d4:68:6f:3e:19:6f:86:d8:91:97:11:5f:
+ db:52:5e:53:4b:62:92:56:d6:e3:02:68:6d:40:7f:
+ ce:4b:28:b5:c1:9d:7d:87:5c:0a:b5:33:f5:a3:a0:
+ 1a:a8:a6:1c:24:a8:33:a0:36:59:e6:3c:ce:aa:90:
+ d1:74:68:59:4d:6a:da:c3:7a:90:74:44:af:b3:e6:
+ 3f:82:86:9a:bb:a5:03:7c:79:92:ef:f9:fd:e2:09:
+ 46:b7:2c:57:df:f0:1d:4b:8b:a8:e3:5d:29:7b:40:
+ 4b:b0:63:e9:9b:aa:f3:26:70:94:81:4d:29:44:55:
+ 97:b6:75:3c:e3:be:ca:a4:5b:8b:9e:a9:04:d1:d7:
+ 45:72:95:ed:cd:62:20:aa:0f:2f:06:ca:59:2b:1f:
+ fe:05
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- B1:1A:69:80:EF:74:B3:58:F8:3B:86:7A:86:DF:8C:50:30:56:12:04
+ 38:5F:64:D8:70:65:7B:A2:3F:85:A7:10:E8:23:47:ED:0B:22:89:1A
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:da:29:1d:b3:22:d6:c9:b3:16:e6:14:41:77:
- fb:87:e7:9c:39:0b:a4:40:42:bf:45:0a:b0:4e:53:89:c9:a9:
- 6b:90:b7:88:85:bd:f0:9b:a0:a4:4b:fb:e3:2e:6f:d1:ff:02:
- 31:00:82:ce:d7:ed:cd:94:17:96:d4:65:97:82:11:ae:dd:22:
- 2c:2f:f2:64:55:ef:e7:25:c9:89:c3:bf:fc:cf:5f:c5:60:00:
- 2c:e9:7d:36:7b:6b:b8:c0:08:c2:66:f2:f7:ef
+ Signature Algorithm: sha256WithRSAEncryption
+ 0b:9e:0b:ac:0c:d5:88:a3:4b:66:cf:2d:a4:ed:7f:e3:32:94:
+ 5d:c6:20:33:20:50:cb:51:12:7b:cc:a6:61:43:bf:22:39:95:
+ f9:15:c8:5a:ba:82:07:92:d4:b8:11:34:47:17:7b:00:b4:40:
+ 32:d6:c9:e1:a3:e4:cf:1b:b8:3f:8e:ef:9e:96:c6:60:6f:63:
+ 2d:70:58:46:f7:bb:30:31:bc:08:19:3f:45:b6:45:31:db:db:
+ d7:eb:fd:8a:dd:04:bc:d3:30:b0:f0:e4:1c:84:e8:71:9a:a8:
+ e8:16:19:1e:96:60:d5:2f:c1:09:46:3c:a5:84:00:5f:f8:3d:
+ 0d:f8:0f:ec:8a:c9:31:ed:4f:64:2d:b3:ed:f1:6a:f0:ed:31:
+ 10:e6:38:69:a9:02:c8:3b:8c:a9:57:dc:65:c5:35:fd:e6:5a:
+ 4d:a1:f0:43:e5:ca:18:02:eb:41:28:32:c3:04:5e:77:d1:b7:
+ 64:69:aa:ff:ca:e1:dc:2c:14:9f:02:25:2d:77:bd:88:c6:6c:
+ ff:61:cd:7d:9c:fe:f1:58:5a:17:60:88:d6:ae:9a:76:86:7e:
+ b1:84:00:f2:f5:3a:b3:5e:6e:e9:cf:5d:b7:bb:1d:79:1b:e6:
+ b8:5c:f9:c0:21:e9:35:30:01:1e:a0:23:a2:cf:42:6e:a6:74:
+ fc:da:bf:6a
-----BEGIN CERTIFICATE-----
-MIICDzCCAZSgAwIBAgIQMgavCwCi3ZgmYROi+MX45zAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDE1WhcNMjIwNzE0
-MTMxNDE1WjASMRAwDgYDVQQDDAdmcml0dGVyMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEARZhmimbADTG2NAxh+cs/Xp+4G73Jhpif9R9qo0Og73CUYzLNCs9BEBPLG+L
-hpt/3qJ5pAoDTHBxNLr2+NHokhgy1ng9XSlccKC2gH8h4mMJV8FG/ZvZeiq4E/L3
-g8wyo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFLEaaYDvdLNY+DuGeobfjFAw
-VhIEMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEA
-2ikdsyLWybMW5hRBd/uH55w5C6RAQr9FCrBOU4nJqWuQt4iFvfCboKRL++Mub9H/
-AjEAgs7X7c2UF5bUZZeCEa7dIiwv8mRV7+clyYnDv/zPX8VgACzpfTZ7a7jACMJm
-8vfv
+MIIDVjCCAj6gAwIBAgIRAN0/juxAI5gnPm4DDaTElEMwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1NDEyWhcNMzIwMTI1
+MTY1NDEyWjASMRAwDgYDVQQDDAdmcml0dGVyMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA0ljRpQU8ve3KfPMLltEB28VhZO2cLiMPnZTM3P+ESyDOnR/2
+8iC4G3yHGmr3jl/PsDsL9YoshPs1Yz+uT1TOj7U8du60bj3pORNLDwNkMqEvTxLH
+kdteCZOSLp5+fb0cAPjyEkjgVw2KeovUaG8+GW+G2JGXEV/bUl5TS2KSVtbjAmht
+QH/OSyi1wZ19h1wKtTP1o6AaqKYcJKgzoDZZ5jzOqpDRdGhZTWraw3qQdESvs+Y/
+goaau6UDfHmS7/n94glGtyxX3/AdS4uo410pe0BLsGPpm6rzJnCUgU0pRFWXtnU8
+477KpFuLnqkE0ddFcpXtzWIgqg8vBspZKx/+BQIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFDhfZNhwZXuiP4WnEOgjR+0LIokaMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQALngusDNWIo0tmzy2k7X/jMpRdxiAz
+IFDLURJ7zKZhQ78iOZX5FchauoIHktS4ETRHF3sAtEAy1snho+TPG7g/ju+elsZg
+b2MtcFhG97swMbwIGT9FtkUx29vX6/2K3QS80zCw8OQchOhxmqjoFhkelmDVL8EJ
+RjylhABf+D0N+A/siskx7U9kLbPt8Wrw7TEQ5jhpqQLIO4ypV9xlxTX95lpNofBD
+5coYAutBKDLDBF530bdkaar/yuHcLBSfAiUtd72Ixmz/Yc19nP7xWFoXYIjWrpp2
+hn6xhADy9TqzXm7pz123ux15G+a4XPnAIek1MAEeoCOiz0JupnT82r9q
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDaUFU/AcO1aLWRrpXF
-pdIp3a8bUuIn0Sf/p2z+xd96uy8q/k4ldwJuAFpDqIWU7EehZANiAAQBFmGaKZsA
-NMbY0DGH5yz9en7gbvcmGmJ/1H2qjQ6DvcJRjMs0Kz0EQE8sb4uGm3/eonmkCgNM
-cHE0uvb40eiSGDLWeD1dKVxwoLaAfyHiYwlXwUb9m9l6KrgT8veDzDI=
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDSWNGlBTy97cp8
+8wuW0QHbxWFk7ZwuIw+dlMzc/4RLIM6dH/byILgbfIcaaveOX8+wOwv1iiyE+zVj
+P65PVM6PtTx27rRuPek5E0sPA2QyoS9PEseR214Jk5Iunn59vRwA+PISSOBXDYp6
+i9Robz4Zb4bYkZcRX9tSXlNLYpJW1uMCaG1Af85LKLXBnX2HXAq1M/WjoBqophwk
+qDOgNlnmPM6qkNF0aFlNatrDepB0RK+z5j+Chpq7pQN8eZLv+f3iCUa3LFff8B1L
+i6jjXSl7QEuwY+mbqvMmcJSBTSlEVZe2dTzjvsqkW4ueqQTR10Vyle3NYiCqDy8G
+ylkrH/4FAgMBAAECggEAIMHQNCCyqulDJV48Kcp2vaDpX+xY7B5tqh6oIKpyEbkU
+NAfsTxylTzJ/X6/UyYlGMK2hWSWhdTwhvkkGfjg4ysxwlBzsYFan4UmN4NKoYfIU
+Cf5kseQ1qsweccAg9rfiiow6Nnq+5Q+oxxjLhU/9nbxuhX92xS/mWddypUS+gWNB
+BsXOc8V3+pg84nMNQRvP8EgocGT7pPRW9VzufA0CLAayjzXLxnXvvyJR9Sey2BLx
+PcaHMM1BhOzVig9Psq1jJna5NAu+PkmqRPBbgD7WJ3n6WGvm8y++6exF3nOllxcY
+0mvcdw5XIVy1BItgHt5Im3r4r1M2UuAvJqP+WrWygQKBgQD7xUyiEwKyLOKAmOvo
+nBCYEb+EKv3aybF1AyAZIvUlifT9cBeZtEKkdMdrbYi57iHAxC0GWAgduWA4uN3D
+jxnwI2XzKk6+AtKhbYxP7/ADloaOzteeCQ7mGTtiwqU5LMgh4rLuTq3zj+26fWcq
+jVdpu5LyoJV7iOpSqP8vj3Pr8QKBgQDV4WIYshS4L1NQbq15uY2Kg/Kk7aMAQuNM
+IuOPmoO4Rci7Dp53gX8ZGjRWt5PTa1pVnABV0/IQZMl4kZ8TtKBL2sjb++kh0Hm5
+6HdvaQ75sFkr8Jd/hJh8lIcFbfM8oLDUdBMAs2V3a2wAWv01Q3xo8JAyJm5KYD2k
+dctwRnAXVQKBgQCFbLLG9YIpQIYsll324LYekNFIzqvHRboIg8Z/67m00h6GLOAk
+8ZWbp9ODCAI8Xol+qbges4phjjsC9F155J1fWLMPoa0nH0HWkMKaHlK45A2dItq7
+gptlr5t8JCEBYs0QwB4JEqM2/2CBwzFoKI1ZmDEw6Y8ub4mWkr7hyokpUQKBgQDB
+e8X5X0hdIvr0vVsTzidcUmd0ikG2H8xt+PXx2C8myYKArgXvSGfJNqp4dFQ3o1sy
+LREkk7rc18Bm4R2Ofw2v8XlZgLdzTpx/8OvzDpBskvroRBtZUYN82ASZhdDQXPH7
+EBKMxL2a3cPzQlzkDWwDpvRbWebWQ+Af4iwrIp2OjQKBgQCMnPfrcjiS7+Kc29jF
+6+karf1C2sL3zCoTi1pY6KXFAiO46rg6RFvfMwDEHSAI2mRv7l0jpgyFgWizJqYH
+85i30MxQUWzJu59CAEcqe9SSu1NrGdzx2wswOdhGjiBhh2Tt+uX1B8eFPqjp5+Fg
+df2uTy3RZuhKT/h0GrhFnliXrQ==
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- 62:de:03:11:22:c6:4b:00:ac:33:d5:e5:8a:25:0f:ff
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 60:87:51:1c:41:ab:64:4d:6e:87:35:4b:37:da:5a:be
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:14:27 2019 GMT
- Not After : Jul 14 13:14:27 2022 GMT
+ Not Before: Jan 27 16:54:21 2022 GMT
+ Not After : Jan 25 16:54:21 2032 GMT
Subject: CN=fschnell
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:c1:66:71:37:bb:f5:b6:2c:b0:a0:d6:8c:85:2c:
- 31:28:d1:5e:d6:23:71:ae:b7:6f:79:12:50:7a:b5:
- 6c:ee:eb:a0:a9:9b:1a:d5:f3:5d:72:fd:cd:f1:0d:
- 23:3f:6e:44:7b:1f:c9:8a:1e:fb:51:ad:e2:bf:c8:
- 12:0d:d0:7a:11:de:ee:c2:6e:06:af:67:c7:51:13:
- 8c:cf:75:9f:a9:80:42:f2:9c:5a:78:af:29:57:df:
- b0:c1:d6:d6:3b:42:60
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:ba:48:1e:7f:2f:93:ee:b3:88:cf:0a:0a:82:0d:
+ 48:bd:ed:d8:3f:5d:13:d1:20:c0:34:b9:8f:53:39:
+ 52:d2:7e:91:4f:e5:4c:07:73:54:25:a6:6a:c7:83:
+ b8:fc:93:1d:b6:03:72:59:41:4a:61:b9:68:0d:4e:
+ e2:9b:b4:74:6c:87:7c:a3:61:30:22:3f:9b:53:23:
+ 31:e1:b6:37:ef:0d:32:df:6e:40:14:e1:d8:1a:0e:
+ 93:8f:6c:55:0d:dd:c9:9a:a2:5c:1e:46:c1:19:ce:
+ e4:ee:8b:3e:93:bf:ce:60:30:29:da:2c:e7:d7:a9:
+ 06:4d:84:60:cd:3a:28:18:0d:d2:11:6e:01:e9:1a:
+ 0c:6b:d1:09:b4:e6:5f:95:7d:c3:a3:d3:fb:44:15:
+ 50:b7:be:6e:89:d3:75:cf:57:e3:13:f6:99:3e:ea:
+ 2b:38:05:5b:d4:0d:c6:65:42:93:63:c6:e7:44:5a:
+ 2c:01:19:88:52:c7:6f:12:fa:27:df:5e:b6:40:e9:
+ 15:35:e4:27:0f:e3:c7:1d:37:4f:5f:0b:78:cb:33:
+ a2:e6:06:35:b3:b1:d4:4a:4f:55:48:95:b1:e0:5c:
+ 8f:35:87:d9:32:07:1b:68:b0:eb:8b:03:67:9c:0e:
+ 14:0c:63:ca:22:c7:86:9a:35:5f:af:84:75:fa:3b:
+ e7:43
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- B9:32:14:86:9B:D6:96:CB:A1:D9:29:28:C4:F7:93:25:5F:2A:A1:1C
+ 4C:D9:F1:08:3B:62:3F:D4:E3:22:0B:27:BD:9C:7C:15:44:B8:D6:11
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:61:aa:3e:2c:c7:81:3c:56:1a:87:fe:c8:42:6a:
- b1:61:dd:1c:6a:21:ac:81:90:ef:04:4c:2f:fc:9f:b7:75:e1:
- b2:2a:60:f8:67:f0:9a:b4:7f:18:cd:81:68:bf:ae:1b:02:30:
- 33:0e:e6:86:5d:2e:bc:64:4e:4c:fd:8d:05:45:a6:c0:3d:d8:
- af:53:fa:37:2f:e5:84:8e:ea:30:80:82:60:96:8e:5d:8f:1f:
- f2:4f:d1:f7:c0:d1:a0:19:d7:93:95:82
+ Signature Algorithm: sha256WithRSAEncryption
+ 4c:cf:19:8e:b2:4a:87:3c:de:5b:f3:31:9d:c3:58:4d:9a:d6:
+ 59:ad:49:ec:aa:ec:2a:3c:04:c2:1b:fd:31:76:8f:af:2a:bc:
+ 9e:d4:96:5d:31:b5:86:16:df:af:2f:ea:12:e9:2a:23:f5:37:
+ bb:9b:c0:c5:b6:bc:77:28:2c:f6:8d:31:8a:8e:a2:f8:dc:b8:
+ 65:14:ba:1a:8c:32:4f:ec:84:08:3c:87:c2:97:08:93:f8:b9:
+ a4:30:a4:78:54:05:a0:f0:29:7b:61:bb:22:4a:98:21:bb:a3:
+ c1:38:be:14:bf:58:ab:09:07:8c:d8:c1:66:17:98:91:f3:64:
+ ca:05:41:f8:04:5d:91:8a:8f:29:2b:d1:85:20:c5:7c:3e:32:
+ 3e:40:8b:c5:1a:20:1f:c4:95:4b:3a:35:a1:37:e3:c8:15:f1:
+ 04:4f:9e:cb:1d:1f:bf:4a:c5:8b:f9:81:a7:42:e5:95:04:e5:
+ b2:04:f0:3e:1e:d5:24:1d:37:e1:cd:c4:b9:69:77:0d:d6:28:
+ b2:f9:7b:be:93:a0:b5:2b:c3:3d:27:9e:4d:a0:73:64:d1:16:
+ 9a:07:cc:ff:55:e8:06:ff:a7:d3:fe:a7:33:ff:1c:9d:b4:c8:
+ f8:37:fa:e3:24:1d:57:e9:ea:df:92:61:7b:ec:f3:6b:3d:0f:
+ 7e:75:72:59
-----BEGIN CERTIFICATE-----
-MIICDjCCAZWgAwIBAgIQYt4DESLGSwCsM9XliiUP/zAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDI3WhcNMjIwNzE0
-MTMxNDI3WjATMREwDwYDVQQDDAhmc2NobmVsbDB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABMFmcTe79bYssKDWjIUsMSjRXtYjca63b3kSUHq1bO7roKmbGtXzXXL9zfEN
-Iz9uRHsfyYoe+1Gt4r/IEg3QehHe7sJuBq9nx1ETjM91n6mAQvKcWnivKVffsMHW
-1jtCYKOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBS5MhSGm9aWy6HZKSjE95Ml
-XyqhHDBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDZwAwZAIw
-Yao+LMeBPFYah/7IQmqxYd0caiGsgZDvBEwv/J+3deGyKmD4Z/CatH8YzYFov64b
-AjAzDuaGXS68ZE5M/Y0FRabAPdivU/o3L+WEjuowgIJglo5djx/yT9H3wNGgGdeT
-lYI=
+MIIDVjCCAj6gAwIBAgIQYIdRHEGrZE1uhzVLN9pavjANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU0MjFaFw0zMjAxMjUx
+NjU0MjFaMBMxETAPBgNVBAMMCGZzY2huZWxsMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAukgefy+T7rOIzwoKgg1Ive3YP10T0SDANLmPUzlS0n6RT+VM
+B3NUJaZqx4O4/JMdtgNyWUFKYbloDU7im7R0bId8o2EwIj+bUyMx4bY37w0y325A
+FOHYGg6Tj2xVDd3JmqJcHkbBGc7k7os+k7/OYDAp2izn16kGTYRgzTooGA3SEW4B
+6RoMa9EJtOZflX3Do9P7RBVQt75uidN1z1fjE/aZPuorOAVb1A3GZUKTY8bnRFos
+ARmIUsdvEvon3162QOkVNeQnD+PHHTdPXwt4yzOi5gY1s7HUSk9VSJWx4FyPNYfZ
+MgcbaLDriwNnnA4UDGPKIseGmjVfr4R1+jvnQwIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFEzZ8Qg7Yj/U4yILJ72cfBVEuNYRMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBMzxmOskqHPN5b8zGdw1hNmtZZrUns
+quwqPATCG/0xdo+vKrye1JZdMbWGFt+vL+oS6Soj9Te7m8DFtrx3KCz2jTGKjqL4
+3LhlFLoajDJP7IQIPIfClwiT+LmkMKR4VAWg8Cl7YbsiSpghu6PBOL4Uv1irCQeM
+2MFmF5iR82TKBUH4BF2Rio8pK9GFIMV8PjI+QIvFGiAfxJVLOjWhN+PIFfEET57L
+HR+/SsWL+YGnQuWVBOWyBPA+HtUkHTfhzcS5aXcN1iiy+Xu+k6C1K8M9J55NoHNk
+0RaaB8z/VegG/6fT/qcz/xydtMj4N/rjJB1X6erfkmF77PNrPQ9+dXJZ
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDJrT8LYg3Z3J0bN6Zo
-Hu+9iFCXEwyBg21YcYlkT+Ugp2+VCgT27UByvVcOCBWffvGhZANiAATBZnE3u/W2
-LLCg1oyFLDEo0V7WI3Gut295ElB6tWzu66CpmxrV811y/c3xDSM/bkR7H8mKHvtR
-reK/yBIN0HoR3u7CbgavZ8dRE4zPdZ+pgELynFp4rylX37DB1tY7QmA=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6SB5/L5Pus4jP
+CgqCDUi97dg/XRPRIMA0uY9TOVLSfpFP5UwHc1QlpmrHg7j8kx22A3JZQUphuWgN
+TuKbtHRsh3yjYTAiP5tTIzHhtjfvDTLfbkAU4dgaDpOPbFUN3cmaolweRsEZzuTu
+iz6Tv85gMCnaLOfXqQZNhGDNOigYDdIRbgHpGgxr0Qm05l+VfcOj0/tEFVC3vm6J
+03XPV+MT9pk+6is4BVvUDcZlQpNjxudEWiwBGYhSx28S+iffXrZA6RU15CcP48cd
+N09fC3jLM6LmBjWzsdRKT1VIlbHgXI81h9kyBxtosOuLA2ecDhQMY8oix4aaNV+v
+hHX6O+dDAgMBAAECggEAOee5MygDACxm1pT0d0DR39hTZD72rgdUOA+GcgRbrnsR
+iJhqbdZ3zcxRXPuhQUIp9i5UGVKmYIJVye0/m88YcbQcFl1brQnAqrNCCjuuX2zm
+53VKDjO2DUOCsw6l0c2joaHeqLqtw+wAVfaK2TrCWDwghmV3HB66itYfkSwG0pLR
+BdhqK+DLGo9aWUqv9ktxBk87kEf00DLTlX3IdZOPreaNqVhJOjaVBEMd7RrgUZ/o
+UAkc1d18cxLxlGtQkO4oQxMujQ/NmSj9vOMBtT2aU6o3PdlitrcpmH362LlzpzT/
+iFB3b/rgQnNiSEvkR3CmodQAhKIlOXQiCWMPcJ6xAQKBgQDs+0unYAe/A1DX1CRB
+Lj84CjVmWquPEr2tg4s3umZ26rE8MKoWXswkCFaSuX97jFRANVQXS9+x1AZhPr2h
+74SIt3rzVGcnXxJ49zqiFK4+jHURx4/ad8b0dfJZh7KgVaBQ2iu0L+Jm/Vh1VO2A
+fU+6WkUWEiUHrvpVZf7JeI0iYwKBgQDJOzY1SQv7VV6BfV8H0mq8owQLF0+ntLCv
+Ogm9DzZrsMHtBB9gd08+ZR95b6KNwdS+4pJPOrNmZaETxLF6RbiV+N/2WSPLjcAU
+BLPCjKwmLGQNn+/wxXgqYIHvwaMgaYB+h2RkIryAlFDprJVRSc8c5OeiNoBKzI1H
+vgXW4lDNoQKBgQCYS4K6BL/VpIbevSmzbcoY9I6OwbRBFRUqnj/ox3Sz9W2DNe8I
+w1FD0sv4LRfdSTiXru3krtEKUizrb8ukdu3ggrGUEOjd535SmOdoZAv6jH9rtqkf
+CBym2+msWcWUvpJxg1PUz3UbJLMlbDfZfC6xnvOJFI4RmwSrvwl3Zm6k6wKBgBUA
+kQ/Op+l7Z3msVBbE50741Jszu6SNP0OKkymgRNXIhPTv0TaIPUUN2NMby6Nv73xc
+uVh7j+3H/Z/Kj5trW3CLoRRdCVddXAa61ugfNnhleavSXYCLm5cQq38SfqwLVtXd
+26R326Sv1iINWSg6w9sIKQTNG2azIquyMXnT9QsBAoGAEyW4Scj08YF2JUpBfCcQ
+d7IKFRmfrV6sC5CnRfiOhDWRQZ0ud60ObX27VFY18pRg9wlfYvsjfiObqgF6UqjZ
+IYGshZWEQf9micH8+uGuWVd4bRQG2RxcNtwsKncX3UNerxprxUJYPQm/5JrkoR12
+JhvAwPkmisVXMlZ3U+monYs=
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 46:9e:0b:aa:82:d0:07:b1:9d:fc:c4:87:c5:6c:9e:80
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:14:38 2019 GMT
- Not After : Jul 14 13:14:38 2022 GMT
- Subject: CN=ifabian
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ba:65:94:67:08:34:86:c7:0f:94:00:5f:e2:38:
- 5b:9e:29:5f:76:7a:87:43:5b:37:a4:44:ab:39:72:
- be:37:0e:3f:c5:ba:55:8b:6c:bd:22:ed:74:54:88:
- a2:1c:ec:f8:24:37:3f:b3:b2:e3:56:0e:e5:81:cb:
- ef:48:1d:e5:ea:1f:67:51:5f:20:8b:2f:aa:fe:fe:
- 8e:d4:be:91:28:94:b6:cc:04:74:90:72:90:10:a0:
- 7c:42:a2:e3:4c:7f:49
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 0B:41:AE:87:A5:73:BB:DC:4E:16:2E:F3:A0:20:FA:D5:38:52:40:AA
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:1f:f9:44:c2:c2:63:91:08:c2:c8:ca:22:28:7d:
- 9b:84:3d:d1:f7:89:43:26:b0:a6:e7:2c:e5:63:e9:bd:86:81:
- e5:ad:1a:c2:bb:30:31:05:eb:e9:d3:71:d1:6e:c0:df:02:31:
- 00:d3:38:d5:bb:9f:d2:a2:92:6e:0e:2a:b4:d9:d6:a9:c9:eb:
- 5c:c9:ef:33:1c:66:d4:3c:a0:86:07:39:38:14:0c:61:8b:67:
- 75:20:06:d8:79:0c:65:a2:2d:87:fc:00:04
------BEGIN CERTIFICATE-----
-MIICDjCCAZSgAwIBAgIQRp4LqoLQB7Gd/MSHxWyegDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDM4WhcNMjIwNzE0
-MTMxNDM4WjASMRAwDgYDVQQDDAdpZmFiaWFuMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEumWUZwg0hscPlABf4jhbnilfdnqHQ1s3pESrOXK+Nw4/xbpVi2y9Iu10VIii
-HOz4JDc/s7LjVg7lgcvvSB3l6h9nUV8giy+q/v6O1L6RKJS2zAR0kHKQEKB8QqLj
-TH9Jo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFAtBroelc7vcThYu86Ag+tU4
-UkCqMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNoADBlAjAf
-+UTCwmORCMLIyiIofZuEPdH3iUMmsKbnLOVj6b2GgeWtGsK7MDEF6+nTcdFuwN8C
-MQDTONW7n9Kikm4OKrTZ1qnJ61zJ7zMcZtQ8oIYHOTgUDGGLZ3UgBth5DGWiLYf8
-AAQ=
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBJtymPakZLlMwR+KYJ
-QWARrF1lWXrsteVeTa36Rx5Hj/VVVvDBIdnd6jJ8ZYtFkP6hZANiAAS6ZZRnCDSG
-xw+UAF/iOFueKV92eodDWzekRKs5cr43Dj/FulWLbL0i7XRUiKIc7PgkNz+zsuNW
-DuWBy+9IHeXqH2dRXyCLL6r+/o7UvpEolLbMBHSQcpAQoHxCouNMf0k=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
------END OpenVPN Static key V1-----
-</tls-auth>
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- 68:02:68:8c:e3:bb:71:c1:e8:67:ca:49:0a:9d:0b:4c
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 23:70:61:7d:39:85:fe:76:8d:ca:0f:04:d3:68:3d:1f
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:14:53 2019 GMT
- Not After : Jul 14 13:14:53 2022 GMT
+ Not Before: Jan 27 16:54:35 2022 GMT
+ Not After : Jan 25 16:54:35 2032 GMT
Subject: CN=khorvath
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:10:d0:a2:68:66:ea:40:36:f3:9d:13:e2:bc:e7:
- 87:92:d4:ca:f2:e6:13:a9:0b:d0:92:b7:a0:24:f0:
- e4:ce:69:08:e4:e2:c0:66:e0:2a:2a:79:06:e3:d4:
- 33:e8:6b:94:a7:fb:71:9a:e7:9a:a1:f9:1a:3b:28:
- 3f:3b:0c:99:5f:2e:cf:17:98:60:10:16:22:c3:1f:
- 7e:61:62:97:85:36:0a:0a:e9:26:0e:76:c3:88:b8:
- 8e:e4:80:78:52:b5:9c
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:eb:04:0d:b5:38:69:3a:69:07:21:1c:59:4c:07:
+ 6c:1d:30:89:93:3d:90:d3:ef:04:cb:ec:41:94:9e:
+ 35:91:28:17:e4:1f:cb:2b:0a:06:b9:6a:91:e6:cb:
+ 89:60:e6:3c:0a:f8:ff:ae:6c:48:e3:d7:a9:52:95:
+ 5f:e5:c8:80:5c:82:b5:91:3b:5e:e0:23:82:8d:52:
+ 53:0a:ea:e8:b2:92:b3:4b:bb:1d:2f:5a:e4:29:a9:
+ 69:2c:b9:e1:9e:13:1c:3c:0d:d9:fe:fd:e9:a7:1f:
+ f4:c2:ab:3b:eb:52:95:41:2a:5a:d4:9e:e9:8e:40:
+ 97:60:fb:e8:12:9e:d6:e4:72:2b:43:57:de:85:6b:
+ db:94:27:45:eb:43:bb:3d:6e:17:c6:dc:19:d2:dc:
+ cd:c8:67:fc:d0:d3:8f:81:4c:1a:ad:df:e6:2b:43:
+ 07:95:18:ad:e0:21:c6:5a:fd:ce:17:af:63:58:97:
+ b7:86:db:42:95:7f:38:46:08:7e:26:81:24:e2:7e:
+ dd:53:51:ab:29:43:19:ad:5f:8b:b2:b8:cf:19:06:
+ 0e:15:67:a4:50:79:00:f4:f8:2a:b8:e7:fd:b4:59:
+ 9a:ef:10:fb:10:bf:57:3e:26:ec:1e:97:6d:ad:87:
+ b9:60:94:69:24:96:69:36:9a:21:00:42:98:06:24:
+ d5:f9
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 42:88:C3:F8:81:2A:78:1F:C8:3F:D2:7D:BA:E9:44:09:4A:36:3A:B1
+ 96:F4:90:70:43:B0:6E:93:48:D7:95:1F:9B:BC:0E:8A:8D:33:36:99
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:27:4e:d4:b0:5a:4b:af:6a:d6:a0:b7:ae:b4:57:
- d1:dc:4e:77:9c:bf:06:c0:bd:3d:06:c3:90:7e:e4:7a:24:1e:
- e9:a4:76:51:4b:2f:3d:8a:1c:6e:93:0d:de:b1:3c:63:02:31:
- 00:fb:48:45:89:a8:e7:74:16:4a:1d:5e:a1:ad:b2:d3:34:9f:
- 95:04:ed:92:1f:a8:ad:05:6f:81:ee:d0:8c:fc:9d:6c:e3:5d:
- 5a:1b:e8:27:86:20:a0:e4:78:a2:4f:63:b3
+ Signature Algorithm: sha256WithRSAEncryption
+ 01:8a:5e:af:fe:5a:9d:65:ba:a5:3a:51:d0:1e:7d:fe:9e:b7:
+ 7e:bc:da:33:0b:e2:f8:13:6f:73:40:5f:c2:b7:5d:2f:54:5e:
+ 0d:db:1d:28:b0:e9:fa:a2:ff:23:3c:4e:63:90:d6:5e:6c:81:
+ 9a:69:3d:06:05:5f:c3:a5:67:4a:29:e9:40:36:eb:53:89:a7:
+ 13:a5:69:ba:8d:61:ac:d9:5f:89:35:59:dc:c0:98:73:f1:f8:
+ 1e:14:80:d9:09:9c:bd:db:69:54:ea:15:68:97:bd:08:27:d7:
+ af:c9:8a:b5:41:4a:6c:dc:4f:4c:dd:5b:c7:cf:86:01:07:a2:
+ ad:33:7d:aa:47:ae:a8:b0:d2:24:89:9c:a0:48:8d:74:51:79:
+ 89:f8:8d:ee:33:4f:d6:45:b8:b5:a6:48:eb:ad:3a:86:68:53:
+ 4d:ba:55:fa:d4:2f:7b:59:3d:a6:16:d9:8a:81:90:72:e8:14:
+ e8:06:7f:de:0e:f8:be:cf:ce:91:22:8e:cd:5a:94:8f:1c:d0:
+ 4b:f6:b5:41:2d:1d:c4:0a:1e:36:17:dd:78:17:23:85:c7:cb:
+ ae:1b:ae:65:90:22:b0:c0:94:df:cc:83:38:61:cb:fa:a7:e6:
+ a4:a7:9b:10:5d:fc:30:6f:d2:dc:02:15:07:a0:42:9f:1b:a9:
+ f9:c7:22:34
-----BEGIN CERTIFICATE-----
-MIICDzCCAZWgAwIBAgIQaAJojOO7ccHoZ8pJCp0LTDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDUzWhcNMjIwNzE0
-MTMxNDUzWjATMREwDwYDVQQDDAhraG9ydmF0aDB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABBDQomhm6kA2850T4rznh5LUyvLmE6kL0JK3oCTw5M5pCOTiwGbgKip5BuPU
-M+hrlKf7cZrnmqH5GjsoPzsMmV8uzxeYYBAWIsMffmFil4U2CgrpJg52w4i4juSA
-eFK1nKOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBRCiMP4gSp4H8g/0n266UQJ
-SjY6sTBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIw
-J07UsFpLr2rWoLeutFfR3E53nL8GwL09BsOQfuR6JB7ppHZRSy89ihxukw3esTxj
-AjEA+0hFiajndBZKHV6hrbLTNJ+VBO2SH6itBW+B7tCM/J1s411aG+gnhiCg5Hii
-T2Oz
+MIIDVjCCAj6gAwIBAgIQI3BhfTmF/naNyg8E02g9HzANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU0MzVaFw0zMjAxMjUx
+NjU0MzVaMBMxETAPBgNVBAMMCGtob3J2YXRoMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA6wQNtThpOmkHIRxZTAdsHTCJkz2Q0+8Ey+xBlJ41kSgX5B/L
+KwoGuWqR5suJYOY8Cvj/rmxI49epUpVf5ciAXIK1kTte4COCjVJTCurospKzS7sd
+L1rkKalpLLnhnhMcPA3Z/v3ppx/0wqs761KVQSpa1J7pjkCXYPvoEp7W5HIrQ1fe
+hWvblCdF60O7PW4XxtwZ0tzNyGf80NOPgUward/mK0MHlRit4CHGWv3OF69jWJe3
+httClX84Rgh+JoEk4n7dU1GrKUMZrV+LsrjPGQYOFWekUHkA9PgquOf9tFma7xD7
+EL9XPibsHpdtrYe5YJRpJJZpNpohAEKYBiTV+QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFJb0kHBDsG6TSNeVH5u8DoqNMzaZMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQABil6v/lqdZbqlOlHQHn3+nrd+vNoz
+C+L4E29zQF/Ct10vVF4N2x0osOn6ov8jPE5jkNZebIGaaT0GBV/DpWdKKelANutT
+iacTpWm6jWGs2V+JNVncwJhz8fgeFIDZCZy922lU6hVol70IJ9evyYq1QUps3E9M
+3VvHz4YBB6KtM32qR66osNIkiZygSI10UXmJ+I3uM0/WRbi1pkjrrTqGaFNNulX6
+1C97WT2mFtmKgZBy6BToBn/eDvi+z86RIo7NWpSPHNBL9rVBLR3ECh42F914FyOF
+x8uuG65lkCKwwJTfzIM4Ycv6p+akp5sQXfwwb9LcAhUHoEKfG6n5xyI0
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCHVXyxB2Mu+VF6/KPn
-CMn4rSmKCw0bg6ui1SzGZj+A8F334h0AnMFdygwAWFFwjI+hZANiAAQQ0KJoZupA
-NvOdE+K854eS1Mry5hOpC9CSt6Ak8OTOaQjk4sBm4CoqeQbj1DPoa5Sn+3Ga55qh
-+Ro7KD87DJlfLs8XmGAQFiLDH35hYpeFNgoK6SYOdsOIuI7kgHhStZw=
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDrBA21OGk6aQch
+HFlMB2wdMImTPZDT7wTL7EGUnjWRKBfkH8srCga5apHmy4lg5jwK+P+ubEjj16lS
+lV/lyIBcgrWRO17gI4KNUlMK6uiykrNLux0vWuQpqWksueGeExw8Ddn+/emnH/TC
+qzvrUpVBKlrUnumOQJdg++gSntbkcitDV96Fa9uUJ0XrQ7s9bhfG3BnS3M3IZ/zQ
+04+BTBqt3+YrQweVGK3gIcZa/c4Xr2NYl7eG20KVfzhGCH4mgSTift1TUaspQxmt
+X4uyuM8ZBg4VZ6RQeQD0+Cq45/20WZrvEPsQv1c+Juwel22th7lglGkklmk2miEA
+QpgGJNX5AgMBAAECggEBAONhmKGtYqJQ28T9WKhmxgO34mPDPUzQBSQIAat5Jvq6
+f+MHn9qUaM0cfu1+H/zQxWcYYsivnBZVok10mMQJqafYDzPk7XaO5NE2xYHapimg
+JjkvYJ1go0Br2Iadkd0PQFIaVMCRim9YS8fNRLv5us7B2/+7gN1RQSVklLTvWZrL
+wJwsnhACnzEpJIKLhnFyrjbF2XCWtrxBvdSTRzP6Z5frrg8IKPDV0qFdGYNS3Wl0
+YCt/80vcsIe39xxh31XdzXPNnLmWDXRqc8Nrx7Du2W8QlGMQMK6OOFF9J9wud04w
+NzZoCZDPt6kUjFouMU7xhnt/lAMzh3OhMYc+KrVlMMECgYEA/E5/4yDWAHCdFqeL
+mCzpGSL2FS3XcP20ZsAfGCAYAF8w9qONWKxQS44vL/Ffi2KClmw6pFi+XXnSJ0DE
+GKp1R//UwVWQBJR3W0t7FEJKOZcDqrdy/n6UspMVq9RlQKcdrGIxHRBVoO12dnSU
+r72PtbNUSp8mfU5lbs9rXMihDMsCgYEA7nTCCsfed4Ogk7so89sgB7XXGGKtvRg/
+uNuZ7wy0Fp2sQ1WfG0SEJ7N9r8w1anM2tasvJqQRaUHBGLCsONEA7rU1L4kEexCY
+799oQ+dUYVJLwcs8dw5slEcvEhKbmC4VeXkLyysChAXWCJBjNEqm/LZVkUzBNPAd
+zsX/ZzeB88sCgYAfHUckKV56u2iD7LGIWLF+ShNy1S5mXsMqkLLE9OBA23xcThsW
+PlnAl442KVwRAlr8Veh9b/w55tYFxTTpncvMzz3bgcO67NwzRAGvo+UnaPooyWrC
++7U2uHDJue2qpXFBWvKXlPYaXG5peUME0SmxzKWudiX2+f4ERkwFKzDBNQKBgEOY
+kZEgy22xwIlgWuGV0mSdJZZiEsIx545tohtjzIFEvRpxYSMHrzbZ6N021EWS14V0
+O2+GvvDJlQV8v7VzegIxGBybiMuiDtigyhvFrePQwmzzQfa1/g2iiDNlVvoyxh+j
+MrarQJFQXjYbSCQArYmh3mvMCFELaEe/VQFbeNk1AoGBAKkKwFtlFRD33jpX/fD3
+HSU1Orl1+TYA2qpFyf1S7fyrBFOGojsyaoLD1CqVTwLhr2OAexKNRcm9Adx/zXYX
+wVeb13aM7GoubwKYDV3zjLyhetYLLTg0jkgBCprKRD7zKTZgzAdkZcIGlMVVB+FL
+NXyvV71TyYb5UkoYgnDk1Jb3
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- 58:5a:a9:7d:7c:ca:b5:2c:49:57:bb:bf:91:37:42:61
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 16:d6:7e:bd:b7:16:bd:51:0c:34:0d:08:fa:8c:cb:b1
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Mar 26 10:41:27 2020 GMT
- Not After : Mar 11 10:41:27 2023 GMT
+ Not Before: Jan 27 16:54:48 2022 GMT
+ Not After : Jan 25 16:54:48 2032 GMT
Subject: CN=kkancz
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:16:c3:cc:4c:19:91:e6:b3:53:89:7d:7a:1e:ae:
- 57:89:52:19:d7:e5:c7:d0:68:74:a6:0d:92:e9:09:
- e7:81:5e:11:02:ea:87:89:20:e7:57:b1:ca:44:b6:
- cf:5f:01:58:73:94:89:3a:0a:67:fa:9f:c8:c9:16:
- 8d:e7:72:75:94:8d:52:de:f1:0f:47:a3:15:83:c3:
- cd:67:c8:14:af:b2:f5:63:08:0c:25:d5:d5:0a:ba:
- fb:9b:0f:df:e0:45:b4
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b9:6a:63:78:e0:1b:e8:2f:dc:70:f4:49:6f:6c:
+ 7b:62:05:76:60:4e:01:4f:91:07:2d:b2:8e:7f:e1:
+ 61:4e:c3:24:1d:da:6c:ae:b9:d5:de:00:d5:f7:cf:
+ 36:8f:a1:cb:9c:15:4c:57:e8:76:36:83:8b:7b:d4:
+ de:04:c9:06:40:32:c3:31:01:f1:f5:bc:9c:97:42:
+ 4d:82:47:71:cc:b8:0c:2c:91:bb:c8:6b:2b:62:09:
+ f3:5a:c5:5f:40:e8:46:7c:9f:d8:dd:20:a3:bc:34:
+ f9:67:28:ae:ed:fc:cd:3e:f0:68:ce:1b:02:d4:da:
+ d2:0b:74:b6:32:11:39:6e:53:80:a7:e1:b9:06:96:
+ ae:ef:8e:dd:0e:26:05:7a:2c:46:7d:f6:ba:af:6f:
+ 3e:44:8b:fa:ff:40:fd:3e:32:64:a5:f7:27:60:f7:
+ 85:28:33:e2:a3:2f:5a:37:cd:15:02:ff:28:b5:95:
+ a4:3d:ee:01:9f:86:76:2d:01:3d:b4:e7:e2:1f:fb:
+ be:1f:6a:2f:e8:50:68:2a:2d:86:3a:ef:38:f1:46:
+ df:e7:5c:53:b0:63:13:80:b4:4d:b8:60:7a:ee:71:
+ 67:bc:c8:21:83:64:6f:45:07:19:87:f3:49:c2:63:
+ 04:59:3f:6d:80:21:0e:2f:4e:cc:b5:7c:38:47:c4:
+ 7b:a5
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 61:CB:25:BC:82:6D:D5:01:DE:15:AF:18:59:C3:D7:34:16:B7:A6:94
+ 9E:32:BB:AC:26:6F:9A:04:73:A5:B9:42:DA:29:46:95:C8:DE:F3:05
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:ca:f1:79:0b:1b:e1:0f:15:b4:6e:3e:69:9b:
- 92:a8:bc:fe:2f:5c:96:c0:ad:d7:02:97:e0:ea:f7:08:77:43:
- 31:22:93:50:19:24:88:91:63:39:b1:1a:80:bf:9d:bf:f1:02:
- 30:38:5b:c1:af:a7:58:0d:de:b5:19:77:00:33:31:7d:41:c5:
- 3c:bb:b2:9e:cd:86:66:f6:1a:84:4d:80:b6:28:b5:2b:04:5f:
- 1c:a3:49:cd:89:2d:21:0a:5f:65:eb:d0:36
+ Signature Algorithm: sha256WithRSAEncryption
+ 6a:07:04:54:3c:a9:4c:05:72:9e:78:6b:a6:dd:a8:09:15:0b:
+ cb:54:ad:54:91:f9:8d:ee:61:37:a3:97:92:9e:97:25:4d:db:
+ 96:91:9f:39:45:92:e5:d7:06:45:57:89:ef:96:bf:47:c5:5a:
+ 84:c8:6d:78:7a:43:02:f5:0f:4b:7f:7b:04:49:53:4b:85:13:
+ 5a:cb:75:06:f3:ba:8b:0b:83:f2:1a:df:27:0b:17:b2:28:ca:
+ c6:38:14:8c:3d:42:02:db:f2:63:79:ce:00:be:90:b6:0a:5f:
+ 23:5a:06:37:c3:34:da:09:1f:66:c8:29:11:0c:b0:8e:ac:43:
+ b3:a9:8b:eb:71:38:9c:ed:cf:7c:00:55:47:a4:48:6b:a8:1c:
+ 13:4a:b7:bf:4a:48:72:10:32:a7:48:64:d7:82:60:64:cb:a0:
+ 20:6a:20:13:d9:0a:09:03:8b:be:76:f1:23:af:90:73:d9:de:
+ 65:23:0d:07:04:48:61:f1:9a:c8:37:41:ff:65:72:27:de:88:
+ 82:ca:8f:eb:92:2c:8e:b3:ab:dc:26:ff:d4:3d:d8:99:66:c5:
+ f8:c4:cc:54:ac:98:21:29:65:ac:77:4e:f6:12:de:f5:ba:cc:
+ 1b:ee:eb:08:bf:fe:33:77:19:a5:5c:43:6c:30:40:40:e2:6c:
+ bf:93:e0:af
-----BEGIN CERTIFICATE-----
-MIICDTCCAZOgAwIBAgIQWFqpfXzKtSxJV7u/kTdCYTAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMjAwMzI2MTA0MTI3WhcNMjMwMzEx
-MTA0MTI3WjARMQ8wDQYDVQQDDAZra2FuY3owdjAQBgcqhkjOPQIBBgUrgQQAIgNi
-AAQWw8xMGZHms1OJfXoerleJUhnX5cfQaHSmDZLpCeeBXhEC6oeJIOdXscpEts9f
-AVhzlIk6Cmf6n8jJFo3ncnWUjVLe8Q9HoxWDw81nyBSvsvVjCAwl1dUKuvubD9/g
-RbSjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUYcslvIJt1QHeFa8YWcPXNBa3
-ppQwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNV
-BAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0l
-BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUCMQDK
-8XkLG+EPFbRuPmmbkqi8/i9clsCt1wKX4Or3CHdDMSKTUBkkiJFjObEagL+dv/EC
-MDhbwa+nWA3etRl3ADMxfUHFPLuyns2GZvYahE2Atii1KwRfHKNJzYktIQpfZevQ
-Ng==
+MIIDVDCCAjygAwIBAgIQFtZ+vbcWvVEMNA0I+ozLsTANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU0NDhaFw0zMjAxMjUx
+NjU0NDhaMBExDzANBgNVBAMMBmtrYW5jejCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBALlqY3jgG+gv3HD0SW9se2IFdmBOAU+RBy2yjn/hYU7DJB3abK65
+1d4A1ffPNo+hy5wVTFfodjaDi3vU3gTJBkAywzEB8fW8nJdCTYJHccy4DCyRu8hr
+K2IJ81rFX0DoRnyf2N0go7w0+Wcoru38zT7waM4bAtTa0gt0tjIROW5TgKfhuQaW
+ru+O3Q4mBXosRn32uq9vPkSL+v9A/T4yZKX3J2D3hSgz4qMvWjfNFQL/KLWVpD3u
+AZ+Gdi0BPbTn4h/7vh9qL+hQaCothjrvOPFG3+dcU7BjE4C0Tbhgeu5xZ7zIIYNk
+b0UHGYfzScJjBFk/bYAhDi9OzLV8OEfEe6UCAwEAAaOBojCBnzAJBgNVHRMEAjAA
+MB0GA1UdDgQWBBSeMrusJm+aBHOluULaKUaVyN7zBTBRBgNVHSMESjBIgBRJQ1tS
++DF4tYR0eo0n0yIfqdTCpaEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GCFHXP
+MTul9juXSk26FNFYypPL8X+lMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQE
+AwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAagcEVDypTAVynnhrpt2oCRULy1StVJH5
+je5hN6OXkp6XJU3blpGfOUWS5dcGRVeJ75a/R8VahMhteHpDAvUPS397BElTS4UT
+Wst1BvO6iwuD8hrfJwsXsijKxjgUjD1CAtvyY3nOAL6QtgpfI1oGN8M02gkfZsgp
+EQywjqxDs6mL63E4nO3PfABVR6RIa6gcE0q3v0pIchAyp0hk14JgZMugIGogE9kK
+CQOLvnbxI6+Qc9neZSMNBwRIYfGayDdB/2VyJ96IgsqP65IsjrOr3Cb/1D3YmWbF
++MTMVKyYISllrHdO9hLe9brMG+7rCL/+M3cZpVxDbDBAQOJsv5Pgrw==
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDC6hDj7GpCg6mhd+Ih0
-NNNHxi0brgmGC0T53l8asSES2Af/Ot8NgmKXCLncufiW/DyhZANiAAQWw8xMGZHm
-s1OJfXoerleJUhnX5cfQaHSmDZLpCeeBXhEC6oeJIOdXscpEts9fAVhzlIk6Cmf6
-n8jJFo3ncnWUjVLe8Q9HoxWDw81nyBSvsvVjCAwl1dUKuvubD9/gRbQ=
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC5amN44BvoL9xw
+9ElvbHtiBXZgTgFPkQctso5/4WFOwyQd2myuudXeANX3zzaPocucFUxX6HY2g4t7
+1N4EyQZAMsMxAfH1vJyXQk2CR3HMuAwskbvIaytiCfNaxV9A6EZ8n9jdIKO8NPln
+KK7t/M0+8GjOGwLU2tILdLYyETluU4Cn4bkGlq7vjt0OJgV6LEZ99rqvbz5Ei/r/
+QP0+MmSl9ydg94UoM+KjL1o3zRUC/yi1laQ97gGfhnYtAT205+If+74fai/oUGgq
+LYY67zjxRt/nXFOwYxOAtE24YHrucWe8yCGDZG9FBxmH80nCYwRZP22AIQ4vTsy1
+fDhHxHulAgMBAAECggEAUkCo6gl5N9Jrl0w3e4+DWKOVtPlFyZdLuPD6GC7SbQ9S
+aU/pYMWd44M5aFprGOKsoYwtNt4v+tT2PrPa3gKTnE0onAgB34KRcOR/3+hzyl5n
+QCpSRIGOWEqTw1PFgtTH2CdNHCOLn0Vc0m+Q0pCQOHiL9cqzwdtkzKI05RcRBCiT
+aMehWb4fBE9H1isI4K8I9o4EFCiEs3PdRDgIuokLn1cCRXWXqEpU9YYiSu0typkI
+iBowhKMyaAe0XXn/U+e8UsDlyWZoG1kaGwJNcimGkAESTZluItOO17Uhq5DbhxaV
+bQMZPdCNY9MLCei8aBARwe9hzXsTongM6C/JjAlsIQKBgQDkc7JTr4Slr3LCqpdw
+MgppsrK0b7R553yB4i9sBvjr0S5P6/Zm+7h7Z9ercPQpvzoenAICt2e5dHWcyZvu
+lphhVmEc6WoxuLXoCL6cD961qKJzTvlBlsa5tvJMLJ6pYZWuF+ajRumzeJBjkEpM
+iSkK+T95qYblc9NY2Hv4joYmGQKBgQDPxik7HWZMHXCyCmu7GoDbxHNUklY121oD
+ciudOKco5GZY/U3/OUbDIp/30TLH4vJi3/3fJ/l02E19Fpd3abF2HG0Fjg1vMCXK
+Gp1A7shoXGVkbT4m4ytl0GE2qbMfGZyqPze2q8OfgOjNyVh4OCynMafZBujnrFAy
+chsZV6K7bQKBgHM7TIrbsJvmKIu6gpKMGyZ/hZZv9ee7dNkK3wKtbad9JtAXZH1D
+oSVWFroaSn44P7eq13TJUB+Cd8SzCN1KxufqKyfrMK6NzeuRZZvQgXS979sbzaxg
+wjJw7jywEQO8/kQHOEXJgh4NxT8DTAbY9IPdfz/929YnG0boQ3f3ZAEZAoGAbjqy
+SyN4zy7bSAmRSA1yiaV6jkaoqB/8bFGY4+tXe7FYvyN7ysjHSuVGuwHoj/VOJLiz
+Bj498QiEa7WdnAOd24yPJmBLrk577fIatYU5G2zReesfCyCAOJ7JxGdZmUlMPWIW
+m7oaqbeJSwvj/LvIrNcCNnic/bQERA8XY2WD9y0CgYAaqBh90AJbHUUKnBu9YhiF
+Yo50N5W6iaP8LIYxBVReOo9T0AdSsZAne9g9kWvkWz7XOdJlpTmT9uBX6Hvd3GKf
+S/j2xQt9sct0/pLp7tVCMMudZflafo1yOa1w2Z+augMX94CZcW9FIAWZFpR9hg5Q
+J7FYKqXP64A1Ef1OVIUeLw==
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 39:4b:dd:54:1c:10:82:ea:c5:cd:4d:9d:fe:b6:d4:d3
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:15:02 2019 GMT
- Not After : Jul 14 13:15:02 2022 GMT
- Subject: CN=kkele
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:0a:e8:ed:f9:1a:f5:b6:17:d7:5f:ff:9e:9c:1e:
- 1d:11:cf:12:7f:01:11:ca:a2:b1:e0:b5:bc:30:6b:
- 5c:ff:5e:d2:06:2b:55:a9:0f:55:3a:ae:ee:a6:5e:
- 74:0d:f6:43:b6:a4:1d:17:2b:0f:87:7b:c2:39:47:
- 1d:e7:fb:e4:64:d1:00:60:bb:1c:eb:e0:40:82:8d:
- 77:09:85:d1:1c:37:c8:3e:d5:64:51:0f:1d:71:71:
- 04:3a:21:6c:a2:57:36
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- B0:47:56:D8:59:56:0D:E2:68:86:01:E8:12:30:4C:EF:D9:7D:EE:F7
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:df:6c:06:c1:07:aa:bb:76:58:d8:ea:dc:60:
- ce:e0:5c:a9:32:c0:20:c9:8b:da:3b:7e:98:74:94:96:83:0e:
- 9f:71:8f:4e:af:72:d0:49:29:06:d0:c8:e9:12:88:67:67:02:
- 30:77:f4:e3:b5:89:dd:e6:6e:83:65:64:77:09:8e:52:2d:47:
- 04:80:27:14:25:51:08:97:01:86:e9:23:0d:04:fa:44:89:35:
- c4:4e:18:84:09:86:cf:5a:7b:6c:0e:09:fd
------BEGIN CERTIFICATE-----
-MIICDDCCAZKgAwIBAgIQOUvdVBwQgurFzU2d/rbU0zAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNTAyWhcNMjIwNzE0
-MTMxNTAyWjAQMQ4wDAYDVQQDDAVra2VsZTB2MBAGByqGSM49AgEGBSuBBAAiA2IA
-BAro7fka9bYX11//npweHRHPEn8BEcqiseC1vDBrXP9e0gYrVakPVTqu7qZedA32
-Q7akHRcrD4d7wjlHHef75GTRAGC7HOvgQIKNdwmF0Rw3yD7VZFEPHXFxBDohbKJX
-NqOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBSwR1bYWVYN4miGAegSMEzv2X3u
-9zBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYGA1UE
-AwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNVHSUE
-DDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIxAN9s
-BsEHqrt2WNjq3GDO4FypMsAgyYvaO36YdJSWgw6fcY9Or3LQSSkG0MjpEohnZwIw
-d/TjtYnd5m6DZWR3CY5SLUcEgCcUJVEIlwGG6SMNBPpEiTXEThiECYbPWntsDgn9
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCZCcP1YRtj97FZBxtE
-5Axn4mV2pTI/8RH0/SBivyOK4NsnVPQeiXI1XOBgXKRafIWhZANiAAQK6O35GvW2
-F9df/56cHh0RzxJ/ARHKorHgtbwwa1z/XtIGK1WpD1U6ru6mXnQN9kO2pB0XKw+H
-e8I5Rx3n++Rk0QBguxzr4ECCjXcJhdEcN8g+1WRRDx1xcQQ6IWyiVzY=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
------END OpenVPN Static key V1-----
-</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certificate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the data-ciphers option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 7f:02:84:bd:04:07:a8:de:a7:7a:76:16:b2:25:d0:8e
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:54:58 2022 GMT
+ Not After : Jan 25 16:54:58 2032 GMT
+ Subject: CN=kvajda
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:d1:7a:06:e5:cf:eb:9b:3f:97:77:e5:31:89:cf:
+ 0a:4d:63:b4:7d:df:31:04:83:62:eb:5c:b9:75:35:
+ d2:b1:9b:60:63:36:3a:70:3e:e1:5f:f4:22:0b:7c:
+ 32:ed:c7:bb:64:44:4a:5a:9b:a6:3a:5b:b5:a5:f8:
+ a0:c3:bb:c4:a4:10:5a:99:b1:0c:d1:05:ae:08:25:
+ 15:dd:af:b6:2e:cf:96:eb:35:25:d7:73:e3:a8:d4:
+ eb:fc:a9:5e:37:71:35:aa:1a:58:4d:57:df:a7:8c:
+ 27:0b:76:28:98:0b:17:98:74:25:3c:54:21:52:5e:
+ 38:ce:e2:7f:fd:50:17:43:3c:fc:4c:b9:6b:28:53:
+ 59:89:e2:b9:f8:ec:b6:1e:14:b4:f6:8a:51:3e:d2:
+ 1b:04:77:8f:a3:7d:57:f2:14:0b:7c:e5:70:ca:1a:
+ 57:7c:e1:b2:1a:5e:ad:fc:af:c9:dd:d4:81:4c:19:
+ 2c:bd:b6:c3:5b:fa:3d:f9:2d:ad:06:be:49:84:01:
+ f6:44:ca:a3:bb:2a:23:4c:b2:ea:d8:67:36:22:ca:
+ c6:c6:19:df:b1:fa:31:1b:c4:40:dc:4e:c7:0a:66:
+ 22:5c:25:36:2d:5b:22:23:f6:5d:bd:c9:b3:95:ef:
+ c0:82:a2:d9:d8:eb:d2:05:4d:e5:31:1f:8a:0c:05:
+ 0d:bd
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 5C:FF:92:2D:39:79:AC:9A:F5:F2:B6:9D:63:81:87:78:07:94:0F:04
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ a8:5b:2c:2d:3a:6a:d1:9d:1a:44:b3:ef:14:fd:63:2b:fd:72:
+ 79:4e:3a:30:ff:1b:91:82:fc:7f:c8:bf:45:05:74:ed:e9:94:
+ d4:73:4d:66:f7:82:b7:7e:b2:e3:41:fc:f8:b6:2c:c2:a0:64:
+ af:e3:05:65:80:51:5e:6a:cb:c6:2d:33:84:d0:bc:ba:40:c5:
+ c7:0e:2d:05:16:b5:81:7a:de:6a:d6:13:aa:b2:58:5d:18:72:
+ 1a:98:9f:be:2b:00:67:70:7a:82:1c:9b:6f:38:5a:7a:60:ee:
+ d5:1a:fd:8f:8f:d2:55:87:bc:b9:bc:e0:c0:bf:d6:ec:09:70:
+ a2:2a:50:6e:de:41:75:99:bd:c9:5e:8c:5e:52:09:3b:3d:1c:
+ e0:c7:05:ec:65:64:7f:e4:57:98:0d:2e:c7:79:5f:6f:9b:f4:
+ b0:bb:cc:58:f0:dd:c4:c0:04:a6:a3:8f:ae:1d:74:c3:04:73:
+ 56:5e:e4:4b:2b:ef:87:d9:c6:84:1d:bd:a7:17:63:8d:8a:31:
+ 99:6e:d7:e9:15:56:b1:00:b7:5f:49:c9:44:71:f2:6d:14:b5:
+ 06:b9:7a:7f:e5:8d:fb:8e:a3:f1:f4:52:c7:72:3b:6c:f4:50:
+ d1:c8:c5:26:4a:40:6b:16:08:7e:ab:c9:8c:54:3c:94:57:5e:
+ 3e:52:84:f7
+-----BEGIN CERTIFICATE-----
+MIIDVDCCAjygAwIBAgIQfwKEvQQHqN6nenYWsiXQjjANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU0NThaFw0zMjAxMjUx
+NjU0NThaMBExDzANBgNVBAMMBmt2YWpkYTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANF6BuXP65s/l3flMYnPCk1jtH3fMQSDYutcuXU10rGbYGM2OnA+
+4V/0Igt8Mu3Hu2RESlqbpjpbtaX4oMO7xKQQWpmxDNEFrgglFd2vti7Plus1Jddz
+46jU6/ypXjdxNaoaWE1X36eMJwt2KJgLF5h0JTxUIVJeOM7if/1QF0M8/Ey5ayhT
+WYniufjsth4UtPaKUT7SGwR3j6N9V/IUC3zlcMoaV3zhshperfyvyd3UgUwZLL22
+w1v6PfktrQa+SYQB9kTKo7sqI0yy6thnNiLKxsYZ37H6MRvEQNxOxwpmIlwlNi1b
+IiP2Xb3Js5XvwIKi2djr0gVN5TEfigwFDb0CAwEAAaOBojCBnzAJBgNVHRMEAjAA
+MB0GA1UdDgQWBBRc/5ItOXmsmvXytp1jgYd4B5QPBDBRBgNVHSMESjBIgBRJQ1tS
++DF4tYR0eo0n0yIfqdTCpaEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GCFHXP
+MTul9juXSk26FNFYypPL8X+lMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQE
+AwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAqFssLTpq0Z0aRLPvFP1jK/1yeU46MP8b
+kYL8f8i/RQV07emU1HNNZveCt36y40H8+LYswqBkr+MFZYBRXmrLxi0zhNC8ukDF
+xw4tBRa1gXreatYTqrJYXRhyGpifvisAZ3B6ghybbzhaemDu1Rr9j4/SVYe8ubzg
+wL/W7AlwoipQbt5BdZm9yV6MXlIJOz0c4McF7GVkf+RXmA0ux3lfb5v0sLvMWPDd
+xMAEpqOPrh10wwRzVl7kSyvvh9nGhB29pxdjjYoxmW7X6RVWsQC3X0nJRHHybRS1
+Brl6f+WN+46j8fRSx3I7bPRQ0cjFJkpAaxYIfqvJjFQ8lFdePlKE9w==
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDRegblz+ubP5d3
+5TGJzwpNY7R93zEEg2LrXLl1NdKxm2BjNjpwPuFf9CILfDLtx7tkREpam6Y6W7Wl
++KDDu8SkEFqZsQzRBa4IJRXdr7Yuz5brNSXXc+Oo1Ov8qV43cTWqGlhNV9+njCcL
+diiYCxeYdCU8VCFSXjjO4n/9UBdDPPxMuWsoU1mJ4rn47LYeFLT2ilE+0hsEd4+j
+fVfyFAt85XDKGld84bIaXq38r8nd1IFMGSy9tsNb+j35La0GvkmEAfZEyqO7KiNM
+surYZzYiysbGGd+x+jEbxEDcTscKZiJcJTYtWyIj9l29ybOV78CCotnY69IFTeUx
+H4oMBQ29AgMBAAECggEAA9RFOAI6/lWFQU3RQAGm4I9IB10DGmAEeOTzBu968IA0
+nNuq6c5cdFKUJL2aeLpD9KtC6LEbsslmYqhO2AUgrRcXcOPJpjCCY+e5pJnHrMdi
+rN4F2RBnQvjRb4bxD/Zj0r40iwVmMzveotkAGPdq8QB+hcHL8iOCylVdnZXPNw1n
+2kgDW7Fjl5uK6QTV+rLeHKIhLJnpib6plYX2LT9DYTxvSO2Dk1iEn1ORR57lLQie
+dD85fmnugt4Cb7KA/0YeaGlekL3sPHhzT70d74MzAmiprEDydOZ0vNOUHO9Vpkm3
+swG7JmXOeNuA0EUmbDjbdI1Ug34PWnD8/08z2UkzCQKBgQD429emRyh5rq52onJ9
+fmLArdxvOX3IrE4t7yPNQTpuHGqlc3mvBLIVY6/ICoHjbPAxxIMAYsIJL7xxU+ah
+TaHtmWcL1vBRXqPXn4yIcECw6L1wEiyJh+anzsh2ceOBz16yBWFCIgBrJwX9eG+E
+2gxi3zcr/UQMphSRWMMw1PMnewKBgQDXfOCQX/B57VbFJBnY/YmbfueexCK3R3N2
+LdKN2f+Ee3G1QDuwZ+zypmb4EcSYPu6tXjMTpQPqS8GUuLxtNoWP8X2lK4E3x6Zl
+R1eaQkxyFBXeadupiS/SG8R1Qe+iDW9Lbfc0jRK6sUxVNR6g+nB4QxevZEtGwrrx
+fAERvQr+JwKBgGo9ICECO8tGwYAv9YSRkgMDthldh89Fj9KYRsZ3VERxqS2c0JPh
+A02SUxapNa4rcZctd2eQwZk+YcpXsRunkrtmQ9GQHuP97SA+IraUhWmA0m6ns4+7
+DsMQyg+WqzNdneWN2mlrLpaQAESnR6SFmcgT1u/WnVhxBlLOe/W601tFAoGAKAj7
+b9djRkPiKx5Z7war2kfpoIWwLX0I5pv80n3+Cw8kQRh9/nhQfYSM/OnQLLkEfxFR
+TAUMhSst/AOWfnPyvJuRTG6Yw1REheyLSg2nRkqVBY2FUio6yD6AcYiejO0SEGGN
+3CWZpTXriKkl16Kv4qgUbnGjyrHDKbpwOGt272ECgYEA8blqgKwA5MMA4GGPyN4h
+Y7OzvbBU63EbEjszV+oeADjVqLyucGuWSSJxAdbEtmJM9zwzUYAxswXwr/LgEIEL
+j1LmrQ7ASXzaOosZnu3SxM003jarqcDWhQxoH6MuZE0/tuWwaEpws/nRyQhV/INB
+WmlVEtGP9Ny/1daWt4tVk/w=
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
+-----END OpenVPN Static key V1-----
+</tls-auth>
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- 23:7b:c7:68:f3:7b:5c:8e:17:63:b5:67:3e:d3:10:1c
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ c3:0f:84:cf:71:19:04:e9:f7:bc:b1:ad:5d:99:6b:80
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:15:16 2019 GMT
- Not After : Jul 14 13:15:16 2022 GMT
+ Not Before: Jan 27 16:55:11 2022 GMT
+ Not After : Jan 25 16:55:11 2032 GMT
Subject: CN=mszabo
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:d4:de:f0:4a:f4:a0:8a:bd:52:97:87:c0:f5:28:
- 87:7d:7b:4c:f3:3d:13:be:6b:f6:61:23:f8:91:fd:
- 2a:59:db:38:2e:ec:d6:5d:21:c2:b9:e0:8c:38:36:
- c9:bb:2c:f9:87:f3:c5:53:28:d1:94:03:d3:24:c0:
- fa:95:b3:19:4a:42:95:94:22:11:4f:82:ea:bf:16:
- 42:42:90:f1:9e:e9:68:48:2e:b9:db:71:be:48:4a:
- eb:06:61:63:73:77:18
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b7:e3:57:e4:6d:41:2f:71:88:38:35:5c:fb:54:
+ 6d:75:dc:d4:fc:38:95:81:ed:98:13:6a:1b:aa:db:
+ 41:fb:2d:8b:ff:1d:49:9c:08:9e:b5:4a:a0:7c:48:
+ 96:87:1d:8d:ea:df:85:ad:5a:23:a0:7c:9a:ec:97:
+ 9c:73:20:06:2b:02:06:67:2b:86:fb:94:7f:e8:ff:
+ 3e:e2:3c:f4:3d:13:40:f2:6d:3c:15:5d:72:a2:7d:
+ b0:c2:0a:17:a2:a3:83:66:52:e9:0a:04:b2:f1:b7:
+ 1d:86:93:f9:11:82:bd:26:5a:b5:39:9d:61:d2:34:
+ 78:25:24:c6:fd:e7:c8:3b:c8:bb:8d:98:fa:cf:5f:
+ b8:e4:a8:93:2d:68:70:51:b9:2c:d0:7c:31:94:4a:
+ 00:b9:2d:d4:29:2a:b2:18:54:27:77:2f:e0:3c:a7:
+ f4:0a:16:c7:9c:a9:a0:b1:ba:54:43:a2:52:14:58:
+ 71:74:63:f6:9b:e6:5e:89:09:8c:a5:1c:ae:41:82:
+ 01:8d:2c:94:ad:a1:c0:47:c7:1a:8b:79:06:c6:3e:
+ 66:9b:d9:37:64:70:7b:d6:c3:f1:02:81:9f:4c:42:
+ 5d:da:c0:95:ca:96:e4:7f:41:75:72:f3:35:eb:e2:
+ a1:97:78:3d:07:6d:90:27:d0:41:b1:74:1a:ee:1d:
+ 0c:7f
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 8B:C8:96:C9:E3:FD:F0:F2:13:BD:F3:32:17:FD:4F:40:19:3D:2A:5F
+ 54:03:3E:8D:18:23:6D:03:63:E7:22:D6:12:21:9B:0A:0B:24:47:19
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:84:81:10:d7:e4:4f:e6:1d:de:3f:6c:9d:f9:
- 45:2f:6c:74:c1:ce:65:da:b9:0f:56:2d:3c:08:2d:a9:62:d2:
- ec:45:46:50:7d:da:d1:0d:73:8c:e9:57:57:3e:2d:49:14:02:
- 31:00:9e:6a:e2:fa:4f:6d:04:6f:3f:6b:35:9e:1b:6a:94:b8:
- 3b:f3:79:db:9b:cd:2c:84:48:e9:7a:a9:13:d2:08:b0:d0:f2:
- c6:22:7e:87:3b:f4:6d:d0:b7:db:c4:b5:ad:5d
+ Signature Algorithm: sha256WithRSAEncryption
+ 6b:11:da:f5:70:9e:8f:07:ec:18:40:e5:2e:65:9c:10:36:55:
+ 83:13:8e:3e:5e:82:8a:3d:db:6b:ac:fc:6f:ea:8d:9d:97:27:
+ 47:a6:b1:d4:b7:4d:f5:b6:36:dc:62:7d:66:be:f1:ab:24:29:
+ f2:b2:89:83:49:e4:de:40:00:74:ca:e8:7e:92:2a:3c:65:e0:
+ 6d:ac:5a:5c:76:31:27:2d:57:82:8e:e4:cb:ee:8b:a1:db:a2:
+ f8:e1:12:25:93:d1:79:1f:82:93:2b:d8:83:37:07:6b:b5:bc:
+ 48:4f:bf:36:23:ea:04:23:0f:81:87:3a:d7:e5:51:75:ce:7e:
+ e4:fd:76:ee:ff:df:31:4b:2f:28:9e:9e:28:c1:2a:01:ab:66:
+ a3:b8:95:17:70:1f:2f:7b:06:da:ca:73:81:e3:a5:5b:1a:74:
+ 4c:8d:93:df:3e:56:ef:f7:16:0c:8b:78:5c:69:35:af:9a:64:
+ df:bc:12:ac:c8:77:48:94:4f:b8:28:5f:86:dd:ff:4c:b8:8e:
+ 0c:64:5b:9b:ce:24:5e:02:53:6a:78:f3:41:a2:86:7b:07:43:
+ 64:92:2c:fa:77:18:f0:31:58:05:e4:76:2a:60:cf:71:6b:2b:
+ c9:71:d4:e2:48:00:0b:d9:59:1a:3c:dd:bf:55:54:ea:79:fd:
+ 44:37:79:b8
-----BEGIN CERTIFICATE-----
-MIICDjCCAZOgAwIBAgIQI3vHaPN7XI4XY7VnPtMQHDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNTE2WhcNMjIwNzE0
-MTMxNTE2WjARMQ8wDQYDVQQDDAZtc3phYm8wdjAQBgcqhkjOPQIBBgUrgQQAIgNi
-AATU3vBK9KCKvVKXh8D1KId9e0zzPRO+a/ZhI/iR/SpZ2zgu7NZdIcK54Iw4Nsm7
-LPmH88VTKNGUA9MkwPqVsxlKQpWUIhFPguq/FkJCkPGe6WhILrnbcb5ISusGYWNz
-dxijgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUi8iWyeP98PITvfMyF/1PQBk9
-Kl8wVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNV
-BAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0l
-BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2kAMGYCMQCE
-gRDX5E/mHd4/bJ35RS9sdMHOZdq5D1YtPAgtqWLS7EVGUH3a0Q1zjOlXVz4tSRQC
-MQCeauL6T20Ebz9rNZ4bapS4O/N525vNLIRI6XqpE9IIsNDyxiJ+hzv0bdC328S1
-rV0=
+MIIDVTCCAj2gAwIBAgIRAMMPhM9xGQTp97yxrV2Za4AwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1NTExWhcNMzIwMTI1
+MTY1NTExWjARMQ8wDQYDVQQDDAZtc3phYm8wggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQC341fkbUEvcYg4NVz7VG113NT8OJWB7ZgTahuq20H7LYv/HUmc
+CJ61SqB8SJaHHY3q34WtWiOgfJrsl5xzIAYrAgZnK4b7lH/o/z7iPPQ9E0DybTwV
+XXKifbDCCheio4NmUukKBLLxtx2Gk/kRgr0mWrU5nWHSNHglJMb958g7yLuNmPrP
+X7jkqJMtaHBRuSzQfDGUSgC5LdQpKrIYVCd3L+A8p/QKFsecqaCxulRDolIUWHF0
+Y/ab5l6JCYylHK5BggGNLJStocBHxxqLeQbGPmab2TdkcHvWw/ECgZ9MQl3awJXK
+luR/QXVy8zXr4qGXeD0HbZAn0EGxdBruHQx/AgMBAAGjgaIwgZ8wCQYDVR0TBAIw
+ADAdBgNVHQ4EFgQUVAM+jRgjbQNj5yLWEiGbCgskRxkwUQYDVR0jBEowSIAUSUNb
+UvgxeLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1
+zzE7pfY7l0pNuhTRWMqTy/F/pTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8E
+BAMCB4AwDQYJKoZIhvcNAQELBQADggEBAGsR2vVwno8H7BhA5S5lnBA2VYMTjj5e
+goo922us/G/qjZ2XJ0emsdS3TfW2NtxifWa+8askKfKyiYNJ5N5AAHTK6H6SKjxl
+4G2sWlx2MSctV4KO5Mvui6HbovjhEiWT0XkfgpMr2IM3B2u1vEhPvzYj6gQjD4GH
+OtflUXXOfuT9du7/3zFLLyienijBKgGrZqO4lRdwHy97BtrKc4HjpVsadEyNk98+
+Vu/3FgyLeFxpNa+aZN+8EqzId0iUT7goX4bd/0y4jgxkW5vOJF4CU2p480GihnsH
+Q2SSLPp3GPAxWAXkdipgz3FrK8lx1OJIAAvZWRo83b9VVOp5/UQ3ebg=
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDlaHtUEb8WUjje5qw7
-TWC4QX2Cpc2Cp9yZfsw2l18Iz5G/fwCCzsYbfOstnZyIiJahZANiAATU3vBK9KCK
-vVKXh8D1KId9e0zzPRO+a/ZhI/iR/SpZ2zgu7NZdIcK54Iw4Nsm7LPmH88VTKNGU
-A9MkwPqVsxlKQpWUIhFPguq/FkJCkPGe6WhILrnbcb5ISusGYWNzdxg=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC341fkbUEvcYg4
+NVz7VG113NT8OJWB7ZgTahuq20H7LYv/HUmcCJ61SqB8SJaHHY3q34WtWiOgfJrs
+l5xzIAYrAgZnK4b7lH/o/z7iPPQ9E0DybTwVXXKifbDCCheio4NmUukKBLLxtx2G
+k/kRgr0mWrU5nWHSNHglJMb958g7yLuNmPrPX7jkqJMtaHBRuSzQfDGUSgC5LdQp
+KrIYVCd3L+A8p/QKFsecqaCxulRDolIUWHF0Y/ab5l6JCYylHK5BggGNLJStocBH
+xxqLeQbGPmab2TdkcHvWw/ECgZ9MQl3awJXKluR/QXVy8zXr4qGXeD0HbZAn0EGx
+dBruHQx/AgMBAAECggEALrcBmBUtTykvauAbm/mpyRxtuxmA2b4LOTtmhfQngfDj
+NM8y6QHDl9i6hnhGTVLzv6xDIHPawyWEkgA+DX0gNALSr5j+NKFYEU/uoLjNb0qZ
+4Dxh3CeePKtjoRfBQ174vaDodNQWxZM4W/zxdEJbXQgEK/vQYv9TWlRKfSxJ0O3S
+KXLsktKS7GUjJZK/qWZCzi5/WesHpFnxHhoZEUqhWaaeo8LnulU7xlD47R2UYWkR
+09YKVjQ5vlcVitIcquBLHT2ranO/+Bdktt7XVwxnKMrPqZojMlLw72BneAC4HStb
+CcwzekyTQSMe9/R/pEg+sYIVpiroYD9sQL5Yuq4NKQKBgQDq6M56o+MFx8uSaMsp
+4q6mAcnIXOMSJ+vcXUyW0b2eYAQNss5LROfK5C2TVNtPobXdJwa/VtO6HZKKBUWM
+ah72jyoGzHg8x0OWxZ8MIqEV0AbSQEUq0ZqKmaH0AZwLKE3nGuPKnupVwEu3a7LW
+8/7/1p8lSQhuLWogD0eP+3vTNQKBgQDIZdrAyPQZvBGNBQrrfvzOyt0ScQq+DKDN
+P9zzYjVg0M9Ii7PPh72N+NqJK9/fHU/A021ulDqjIw5wTw+dMR6++g/ipA5NuSP7
+MOJaL4ZOJ49i9nOT1O+xk3co9UT4sBJp6GvliIPsxsPr5QgxMkpE3m94dO8UnR0x
+oz256BXDYwKBgGcrThvgxIEyaX7o1WmU7B1upZ+A5B2COP10YIHQphXbl4wonp/C
+KIccRcPyPcuwev4g+L6qNJ0GBejmPdBYfzbMU6nevWP8I/wg2SRsRREeZxCKN5aB
+rfz3UoCnAFCKKAS685Z2yvZUWSy6eTYcvT7BlO28MJ6rBXQFIenjilONAoGBAJTY
+wqDLIjQzMr4R7sh4bAKVP5tBB3+eFZoeQ1krqwYcUrpJueb9pdfb7UZRplkshl5t
+LC0kQGGH2mOk9a4GHBYx2ra2sEEesREUgCwIfLN0QtZ4w+QcF2VIaQutEeu9rA+q
+KOo2efbWtBN07J7OAcghh55rDGG9ST/jRifdsLyNAoGAeW1zjD6MFFEYy2rBHyM6
+yswunGISx/Kdy7Rv+1aUSGyfIZ49tn/7dXv1kNBbLElleTxDS2TMWdoIF3soU5BO
+/kthQ8jKa6LvCDVXXvo89kJavdYgcofPCfoA83UxQyPt3D+7gYeVrvZoDEkJtg6w
+oOQXLabZ7qUNkLFcZF0kKXA=
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
--- /dev/null
+##############################################
+# Sample client-side OpenVPN 2.0 config file #
+# for connecting to multi-client server. #
+# #
+# This configuration can be used by multiple #
+# clients, however each client should have #
+# its own cert and key files. #
+# #
+# On Windows, you might want to rename this #
+# file so it has a .ovpn extension #
+##############################################
+
+# Specify that we are a client and that we
+# will be pulling certain config file directives
+# from the server.
+client
+
+# Use the same setting as you are using on
+# the server.
+# On most systems, the VPN will not function
+# unless you partially or fully disable
+# the firewall for the TUN/TAP interface.
+;dev tap
+dev tun
+
+# Windows needs the TAP-Win32 adapter name
+# from the Network Connections panel
+# if you have more than one. On XP SP2,
+# you may need to disable the firewall
+# for the TAP adapter.
+;dev-node MyTap
+
+# Are we connecting to a TCP or
+# UDP server? Use the same setting as
+# on the server.
+;proto tcp
+proto udp
+
+# The hostname/IP and port of the server.
+# You can have multiple remote entries
+# to load balance between the servers.
+remote vpn.userrendszerhaz.hu 1194
+
+# Choose a random host from the remote
+# list for load-balancing. Otherwise
+# try hosts in the order specified.
+;remote-random
+
+# Keep trying indefinitely to resolve the
+# host name of the OpenVPN server. Very useful
+# on machines which are not permanently connected
+# to the internet such as laptops.
+resolv-retry infinite
+
+# Most clients don't need to bind to
+# a specific local port number.
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nobody
+
+# Try to preserve some state across restarts.
+persist-key
+persist-tun
+
+# If you are connecting through an
+# HTTP proxy to reach the actual OpenVPN
+# server, put the proxy server/IP and
+# port number here. See the man page
+# if your proxy server requires
+# authentication.
+;http-proxy-retry # retry on connection failures
+;http-proxy [proxy server] [proxy port #]
+
+# Wireless networks often produce a lot
+# of duplicate packets. Set this flag
+# to silence duplicate packet warnings.
+;mute-replay-warnings
+
+# SSL/TLS parms.
+# See the server config file for more
+# description. It's best to use
+# a separate .crt/.key file pair
+# for each client. A single ca
+# file can be used for all clients.
+;ca ca.crt
+;cert client.crt
+;key client.key
+
+# Verify server certificate by checking that the
+# certificate has the correct key usage set.
+# This is an important precaution to protect against
+# a potential attack discussed here:
+# http://openvpn.net/howto.html#mitm
+#
+# To use this feature, you will need to generate
+# your server certificates with the keyUsage set to
+# digitalSignature, keyEncipherment
+# and the extendedKeyUsage to
+# serverAuth
+# EasyRSA can do this for you.
+remote-cert-tls server
+
+# If a tls-auth key is used on the server
+# then every client must also have the key.
+;tls-auth ta.key 1
+key-direction 1
+
+# Select a cryptographic cipher.
+# If the cipher option is used on the server
+# then you must also specify it here.
+# Note that v2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the data-ciphers option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link.
+# Don't enable this unless it is also
+# enabled in the server config file.
+#comp-lzo
+
+# Set log file verbosity.
+verb 3
+
+# Silence repeating messages
+;mute 20
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 07:42:93:a8:25:71:a4:ae:b0:96:4d:14:d1:e2:ff:22
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:55:26 2022 GMT
+ Not After : Jan 25 16:55:26 2032 GMT
+ Subject: CN=osweidan
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:c4:fd:94:e9:62:a5:7d:74:92:9a:22:d6:7b:35:
+ ff:95:26:e8:d3:bf:1e:ee:96:be:ba:de:2c:31:5a:
+ 02:27:6d:ac:42:b4:3a:e0:22:89:63:e3:a3:b5:68:
+ 8b:6f:f8:0e:a9:1f:a9:e5:62:d1:b4:39:6c:73:61:
+ 89:a1:0e:db:8e:62:21:06:0b:d5:4f:64:10:39:4c:
+ 91:f5:05:ca:65:09:82:e7:c6:52:61:7f:ed:de:95:
+ bc:8f:23:a3:01:77:c3:2a:1c:75:ff:b9:55:66:a2:
+ ae:ff:27:0d:4a:70:8c:b6:4d:f8:bc:65:fd:ff:a8:
+ 60:e1:ea:df:64:e9:46:34:71:ec:3b:05:cb:ec:e7:
+ a0:bc:39:6c:04:16:f9:0c:2c:c2:4b:4f:aa:80:6b:
+ d7:37:68:e9:c4:f2:91:11:5b:33:03:8e:85:67:40:
+ 7c:97:36:84:94:15:21:3d:2a:e9:87:81:65:21:fa:
+ 27:07:ca:1b:0b:df:fa:eb:34:62:d5:52:fc:b6:00:
+ 1a:54:bc:6d:0a:52:70:5e:15:38:ec:ce:dd:62:0c:
+ c6:c2:10:7c:b2:a5:8b:18:10:81:f4:b5:9a:38:c4:
+ cc:00:fa:de:0b:ca:8b:bc:82:df:2f:9e:84:3b:6a:
+ 1e:13:61:c1:72:28:cd:0d:71:1d:97:36:04:2d:c8:
+ 50:e1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 52:89:7A:20:5D:CA:C8:13:92:30:14:B2:BD:6D:FA:8B:FE:73:38:9C
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 17:99:13:42:f0:60:a8:b3:54:d4:c6:30:12:1e:0f:d3:78:a5:
+ c1:1f:54:0e:3f:15:8c:72:60:dd:8e:e4:23:64:4f:5f:a5:7f:
+ 12:59:d3:c4:cf:9b:51:98:67:cb:49:a9:99:38:65:09:7f:56:
+ 42:08:86:31:e5:48:54:04:82:ac:1b:23:fd:63:b6:49:dd:73:
+ 50:af:84:0c:d5:37:6e:47:49:f6:2a:17:0c:c1:08:f9:cf:4f:
+ 3f:90:c7:dc:c4:d8:ef:99:ab:f8:12:55:8d:9a:18:4b:2f:9e:
+ c8:1f:97:31:83:8a:62:3d:6c:d0:0e:0c:e2:d4:7c:2f:10:37:
+ 7e:23:be:7d:f8:59:97:4e:a6:5f:75:ca:6a:a4:f1:ea:b9:41:
+ da:fe:be:8f:28:ff:0a:93:17:b0:7a:d2:fe:4e:7a:c7:ed:c2:
+ fe:91:93:c8:94:43:ec:74:4f:34:85:6e:7c:72:1d:45:2a:b1:
+ b9:bd:3b:d7:d0:b9:4d:54:74:6d:c5:73:03:ad:5c:7d:9d:16:
+ bb:28:d4:9c:6e:33:54:65:e5:11:06:b5:a5:e8:e9:dc:b4:95:
+ 4b:b4:6b:ef:db:5a:fe:4e:8f:4b:3d:b6:e2:37:fb:78:37:36:
+ 9a:a0:26:cc:19:72:e6:26:99:05:e2:6b:a2:6f:d4:86:cb:f5:
+ 5c:fe:cc:54
+-----BEGIN CERTIFICATE-----
+MIIDVjCCAj6gAwIBAgIQB0KTqCVxpK6wlk0U0eL/IjANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU1MjZaFw0zMjAxMjUx
+NjU1MjZaMBMxETAPBgNVBAMMCG9zd2VpZGFuMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAxP2U6WKlfXSSmiLWezX/lSbo078e7pa+ut4sMVoCJ22sQrQ6
+4CKJY+OjtWiLb/gOqR+p5WLRtDlsc2GJoQ7bjmIhBgvVT2QQOUyR9QXKZQmC58ZS
+YX/t3pW8jyOjAXfDKhx1/7lVZqKu/ycNSnCMtk34vGX9/6hg4erfZOlGNHHsOwXL
+7OegvDlsBBb5DCzCS0+qgGvXN2jpxPKREVszA46FZ0B8lzaElBUhPSrph4FlIfon
+B8obC9/66zRi1VL8tgAaVLxtClJwXhU47M7dYgzGwhB8sqWLGBCB9LWaOMTMAPre
+C8qLvILfL56EO2oeE2HBcijNDXEdlzYELchQ4QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFFKJeiBdysgTkjAUsr1t+ov+czicMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQAXmRNC8GCos1TUxjASHg/TeKXBH1QO
+PxWMcmDdjuQjZE9fpX8SWdPEz5tRmGfLSamZOGUJf1ZCCIYx5UhUBIKsGyP9Y7ZJ
+3XNQr4QM1TduR0n2KhcMwQj5z08/kMfcxNjvmav4ElWNmhhLL57IH5cxg4piPWzQ
+Dgzi1HwvEDd+I759+FmXTqZfdcpqpPHquUHa/r6PKP8KkxewetL+TnrH7cL+kZPI
+lEPsdE80hW58ch1FKrG5vTvX0LlNVHRtxXMDrVx9nRa7KNScbjNUZeURBrWl6Onc
+tJVLtGvv21r+To9LPbbiN/t4NzaaoCbMGXLmJpkF4muib9SGy/Vc/sxU
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDE/ZTpYqV9dJKa
+ItZ7Nf+VJujTvx7ulr663iwxWgInbaxCtDrgIolj46O1aItv+A6pH6nlYtG0OWxz
+YYmhDtuOYiEGC9VPZBA5TJH1BcplCYLnxlJhf+3elbyPI6MBd8MqHHX/uVVmoq7/
+Jw1KcIy2Tfi8Zf3/qGDh6t9k6UY0cew7Bcvs56C8OWwEFvkMLMJLT6qAa9c3aOnE
+8pERWzMDjoVnQHyXNoSUFSE9KumHgWUh+icHyhsL3/rrNGLVUvy2ABpUvG0KUnBe
+FTjszt1iDMbCEHyypYsYEIH0tZo4xMwA+t4Lyou8gt8vnoQ7ah4TYcFyKM0NcR2X
+NgQtyFDhAgMBAAECggEAZSp55FXl+YT5mTEVB1fW90lxPvWjNBK0xxE8jufTvV4E
+nokix2LVPjh1JcAYBBvXo6GARi621aC8ApFv9gfEV94raYiANvKDpnmdZ8FejP8S
+fGeMfUgO6EXr/XLmzuUrlJ/jNb5/jmM0DhOHLtiYWzO170NN65MUllFiAtgOVvXX
+8N/scDs85X9wTYoDZ38UQXdGMWpbvdgaGsWUSUrag87MvJa3zLCVbrRfOxTSIpCf
+l+U1L22x/6l2pRhiG/1k8JTl4Ns3kclTs2otZXiBOQLymayNx16g0Qwbo6/rmlYH
+opLM0D+zfu8N8L60IDFgGoTUE3wvn3JOTtcjXb+2wQKBgQDpYIz6CNP7+Dugh9ao
+DrYWR9njP4NMLfqqVXaHf6qYVRAaM6iyE+SXs5QBdiLKhClKq9+XZ65muvH2RuSV
+V5DqL733ZJhr86bWz9SPLOSir01PWsmwjBm3D4quGsuvH/tJAt0kNzRktHsPr00W
+qW91DRZNp+9Jt2zUCAG7Kq8+yQKBgQDYFhEvDL/Oxr4E1AgGEsPDGBGVzvD6JVa6
+4GZvfBwzw/S6aqSLKnhAcYhAZ4VesFMuVQ57W5nACNPdqejeAFgapeLMLTeeBLxe
+H4vMSrZvDCJPq/tPhkQ1FxTdDHHYdbbWvUNIN5Gov9QsY5WzpXwu2wI5Mop6yCmm
+jQ5QUo0VWQKBgQCUQjQNO8J/1gj7SJCDnyTqLqcrCNQ+dw9BWp28IsybjZ53Js5K
+ovybqwehjg04HpGk0F9w7fsLZEQGsq7QeRqky8OhAJUcL2OUH9/nPRvahgdVHFX5
+BGfptcPiKz+ud2DJ1znpofB08XskUbdlaCpYcAH1P3RynkZSxOtkng9KkQKBgC1S
+o5QMxoZmZSC6IFy1vt3CxJ15ZE3zWvejbZjgnUG2TjRzfcO6yrIpnfx0OiMcNLY5
+HOp+0gbXUyjhJHi79b7RIHrW2R2JvMC5OSdGXHF6SBAR8IpDjTbdeoDKxW4zcoAj
+/mK9VQ3h/my5DoM5qIxjX1oD4cvTA/ltCJ2MUw8xAoGBAMTxTljV/UcPki5qZX7F
+OoZu450hmuxZ3D/eaQPQHiUJXkK3hNRoNjs1tk4mZR5g1piczvPGOwbXblY0YXaJ
+58PQE0eUjAQ5XrWofBAQ0FPeUA6/F4GABNbrI+B8BfuHBDsK0x41OhvS2JcQ0N+Y
+Zp2QP2kMgaSuFw60va9ST1DS
+-----END PRIVATE KEY-----
+</key>
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
+-----END OpenVPN Static key V1-----
+</tls-auth>
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- ac:b6:49:fd:c2:e3:b8:1c:54:2c:66:1f:04:12:e1:b6
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 73:44:69:33:9d:70:f8:2e:cc:af:44:62:a8:c4:d2:32
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:16:25 2019 GMT
- Not After : Jul 14 13:16:25 2022 GMT
+ Not Before: Jan 27 16:52:17 2022 GMT
+ Not After : Jan 25 16:52:17 2032 GMT
Subject: CN=qqcs
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:4a:c3:a5:30:3e:35:30:99:34:68:48:48:08:05:
- 96:c9:b4:40:cc:e5:09:81:e3:47:07:84:59:63:59:
- f8:c5:92:7f:35:ba:68:1b:14:d2:f3:da:39:14:97:
- e3:11:09:d8:4f:34:61:9d:b2:75:d6:73:ab:d9:eb:
- ed:0e:e8:e5:7b:28:c6:9d:04:b1:ed:47:97:2b:d3:
- 62:01:b3:83:e7:6c:c8:c7:11:82:f3:c8:c0:97:27:
- 52:8d:54:da:42:98:fb
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b9:83:80:30:d8:21:63:c5:f1:85:af:0d:2a:af:
+ b6:c8:50:03:6e:6c:1c:55:28:b2:9d:59:1d:42:0b:
+ f9:42:ea:38:d6:3d:1b:2f:9e:c2:c4:91:d8:0e:56:
+ 28:03:5f:a8:a9:bf:6a:d7:9f:22:78:b8:cb:f5:7e:
+ da:c0:bb:56:b7:25:a1:84:af:19:70:c3:27:fc:33:
+ 82:01:71:76:25:a3:6e:bb:d6:a3:71:1b:4a:48:51:
+ 3d:6a:c6:36:28:05:88:01:3c:6a:45:b5:a3:46:f1:
+ 8b:bf:49:52:80:c6:30:fd:a3:4c:36:22:f0:b5:22:
+ fe:05:0d:8f:8d:14:0b:67:3d:95:4f:56:d3:88:a6:
+ a3:a7:56:52:86:ad:7b:a9:03:e8:39:50:18:7d:79:
+ d0:9c:c7:24:4b:02:75:60:95:60:0f:92:a5:44:7a:
+ 7c:6b:ec:77:29:ac:6f:a9:7f:7d:ee:06:9c:36:d5:
+ 8c:fe:34:f5:c0:52:6c:4e:26:c9:4c:e6:17:02:41:
+ 89:f7:5e:83:51:eb:2c:59:c1:e0:96:6d:7b:57:7f:
+ f7:d6:df:59:59:5a:c2:23:5b:7c:f6:f9:41:ec:fa:
+ 5a:6c:a7:41:2c:5e:c6:a1:50:3f:c2:4c:a9:ee:60:
+ d1:10:af:e3:99:c3:2d:c5:dc:cd:ac:ee:8e:c6:92:
+ 16:33
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 8B:85:13:8E:D2:D4:4D:3F:AE:DD:0D:38:D0:65:84:40:E9:2A:3F:02
+ E5:15:40:45:95:37:CC:FA:F8:7F:B7:70:67:A8:23:62:31:B6:58:35
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:28:fe:ea:a7:50:e0:71:a6:51:36:4e:19:42:f7:
- 01:c4:d0:fd:a2:66:f3:4c:28:15:81:51:9d:75:33:88:3e:6e:
- 96:02:e4:67:be:26:cf:05:81:18:c3:e6:96:7f:73:2a:02:31:
- 00:fc:ea:f1:0c:28:55:3b:9e:d1:5f:46:c7:41:0f:da:48:c5:
- a6:35:45:19:07:f1:ad:59:2a:ae:0b:60:c6:f3:7d:a8:af:4f:
- 71:50:5d:bb:fb:a7:55:7c:6c:b2:ce:12:c4
+ Signature Algorithm: sha256WithRSAEncryption
+ 1b:08:06:e9:01:65:f8:ff:f8:52:03:4c:f4:e3:da:41:7a:b1:
+ e3:af:78:f3:ba:0d:7a:28:68:71:ef:fe:db:ef:8d:eb:c9:5f:
+ 18:c2:0c:36:48:2e:b3:38:f1:21:09:d4:21:11:4a:21:4d:3b:
+ 6c:c0:cb:2a:55:c9:59:5e:e9:03:e9:ca:af:c3:46:86:68:96:
+ 3b:2a:1a:41:a9:d0:f1:f5:21:78:45:ab:70:d9:a5:7d:58:9d:
+ 3b:cb:39:3a:d5:17:39:cb:9a:21:fa:b1:01:c2:4e:12:35:48:
+ a2:d4:0f:06:d1:ca:37:98:3e:0b:51:a2:bf:34:ff:d1:28:86:
+ 3d:34:1a:25:a8:5d:0d:08:03:d9:80:26:e7:9b:9a:31:a2:d0:
+ b8:26:1f:b6:60:d8:50:8b:a2:aa:6b:61:94:9d:56:b9:6e:c4:
+ 02:b7:45:91:6b:fb:45:ae:62:00:cd:54:37:07:82:10:1c:bf:
+ 4c:73:ff:53:ff:f8:0f:67:43:9d:a7:27:1c:4b:51:01:27:cf:
+ 0a:8d:8f:84:49:85:3c:c4:59:1e:23:9a:2f:2d:71:03:a3:b4:
+ 3a:59:2d:6b:d5:ec:c0:0f:8b:95:79:b6:71:50:4a:e7:13:6e:
+ 49:59:fc:4f:e7:df:8a:40:23:32:41:f4:28:54:4e:43:ef:16:
+ 24:f2:f1:8d
-----BEGIN CERTIFICATE-----
-MIICDDCCAZKgAwIBAgIRAKy2Sf3C47gcVCxmHwQS4bYwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMTYyNVoXDTIyMDcx
-NDEzMTYyNVowDzENMAsGA1UEAwwEcXFjczB2MBAGByqGSM49AgEGBSuBBAAiA2IA
-BErDpTA+NTCZNGhISAgFlsm0QMzlCYHjRweEWWNZ+MWSfzW6aBsU0vPaORSX4xEJ
-2E80YZ2yddZzq9nr7Q7o5Xsoxp0Ese1HlyvTYgGzg+dsyMcRgvPIwJcnUo1U2kKY
-+6OBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBSLhROO0tRNP67dDTjQZYRA6So/
-AjBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYGA1UE
-AwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNVHSUE
-DDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIwKP7q
-p1DgcaZRNk4ZQvcBxND9ombzTCgVgVGddTOIPm6WAuRnvibPBYEYw+aWf3MqAjEA
-/OrxDChVO57RX0bHQQ/aSMWmNUUZB/GtWSquC2DG832or09xUF27+6dVfGyyzhLE
+MIIDUjCCAjqgAwIBAgIQc0RpM51w+C7Mr0RiqMTSMjANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjUyMTdaFw0zMjAxMjUx
+NjUyMTdaMA8xDTALBgNVBAMMBHFxY3MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQC5g4Aw2CFjxfGFrw0qr7bIUANubBxVKLKdWR1CC/lC6jjWPRsvnsLE
+kdgOVigDX6ipv2rXnyJ4uMv1ftrAu1a3JaGErxlwwyf8M4IBcXYlo2671qNxG0pI
+UT1qxjYoBYgBPGpFtaNG8Yu/SVKAxjD9o0w2IvC1Iv4FDY+NFAtnPZVPVtOIpqOn
+VlKGrXupA+g5UBh9edCcxyRLAnVglWAPkqVEenxr7HcprG+pf33uBpw21Yz+NPXA
+UmxOJslM5hcCQYn3XoNR6yxZweCWbXtXf/fW31lZWsIjW3z2+UHs+lpsp0EsXsah
+UD/CTKnuYNEQr+OZwy3F3M2s7o7GkhYzAgMBAAGjgaIwgZ8wCQYDVR0TBAIwADAd
+BgNVHQ4EFgQU5RVARZU3zPr4f7dwZ6gjYjG2WDUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMC
+B4AwDQYJKoZIhvcNAQELBQADggEBABsIBukBZfj/+FIDTPTj2kF6seOvePO6DXoo
+aHHv/tvvjevJXxjCDDZILrM48SEJ1CERSiFNO2zAyypVyVle6QPpyq/DRoZoljsq
+GkGp0PH1IXhFq3DZpX1YnTvLOTrVFznLmiH6sQHCThI1SKLUDwbRyjeYPgtRor80
+/9Eohj00GiWoXQ0IA9mAJuebmjGi0LgmH7Zg2FCLoqprYZSdVrluxAK3RZFr+0Wu
+YgDNVDcHghAcv0xz/1P/+A9nQ52nJxxLUQEnzwqNj4RJhTzEWR4jmi8tcQOjtDpZ
+LWvV7MAPi5V5tnFQSucTbklZ/E/n34pAIzJB9ChUTkPvFiTy8Y0=
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBJVj3xLzZDW0wggPR3
-JPZUDXSKsfeXT+1IyjY7IKpB0Ku+jIOzCt1ma3S4iUK/F4ChZANiAARKw6UwPjUw
-mTRoSEgIBZbJtEDM5QmB40cHhFljWfjFkn81umgbFNLz2jkUl+MRCdhPNGGdsnXW
-c6vZ6+0O6OV7KMadBLHtR5cr02IBs4PnbMjHEYLzyMCXJ1KNVNpCmPs=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC5g4Aw2CFjxfGF
+rw0qr7bIUANubBxVKLKdWR1CC/lC6jjWPRsvnsLEkdgOVigDX6ipv2rXnyJ4uMv1
+ftrAu1a3JaGErxlwwyf8M4IBcXYlo2671qNxG0pIUT1qxjYoBYgBPGpFtaNG8Yu/
+SVKAxjD9o0w2IvC1Iv4FDY+NFAtnPZVPVtOIpqOnVlKGrXupA+g5UBh9edCcxyRL
+AnVglWAPkqVEenxr7HcprG+pf33uBpw21Yz+NPXAUmxOJslM5hcCQYn3XoNR6yxZ
+weCWbXtXf/fW31lZWsIjW3z2+UHs+lpsp0EsXsahUD/CTKnuYNEQr+OZwy3F3M2s
+7o7GkhYzAgMBAAECggEBAImf17rkrCijkWDWk5MGVjhWu6TwiThX/+IhWUZFMb8F
+mfK91GxIgD9p3voLypVuIucDPZUG1oDuv0i5ujlfAZ7PSPrxF5ODBCfiYmEFtluH
+2j95pTjkwP/TXRfYQhcAu3wHQOPEM4QO79iR4aXs4i1YNtK2qxIGCqLfA47qvubw
+EEgrqx+4vfCehT4o5FDoCzyFlZX0wah3KKUBw2anCf8bdSuiWkRT4jpGeST4R2Yc
+V45iNHgzv3Y3renxuAKUH4ZD0BE9cVLu5L6HCl54N00INOGO/dzZfg2PI7rxjieC
+xKeU5xHsPS37ZrmeT5qcexQCZHph+Y+lGBuIhbRWzPkCgYEA9OFUKTBz465ZJHng
+8KzK8cj3BACIIGHAmAMRQTpYpw3fVN5VX/Z66G2h2rxTNWuiCcmUnITbT4NRcs44
+AnekUnSEG2L7cyp92oGeTrqXAbhDdZwYXHN05mQPabsh3pSirVyx8KyVltU2JaIa
+GiwLE4Dmu8DJ1FfSZb8igMZDND8CgYEAwfANECZLDpFbjDPuVCQ+P5apAjrfJUT3
+uacB5fND+EJuZ2XeUA0XrHkNAx0iMVbizqNvq7tPIXyGdTaI1+xNkSvqwUnrqUVR
+V0VO6lNpo8v8DhYBEus9jKT4EEuSrc73wToi/nA24YJ6RtWeJMghuDr/0vWe79lz
+tewj8wQ/0Q0CgYAOKkajB1F81yYC7SXs5iHrMJPRYHJ/ZQguAudpnYVpTG0hzKal
+oW1kqorVS1WI3owGAuocz7ab992rRXCJ+/++YU0PBH/FHq0fCaZtqW94wv7r+7aR
+CoC1nw4hMJj59iEe5CDK6kDQ885pCOJ3pxqQ60DtlW5XYSkjh5XoWw+iIwKBgBtU
+zUJ9Yw6GhbRYjTnmca9ceC0MRu5lrdPIKYhSpD2UfyKrRI1biv6PgLnznSH+8K/W
+cKJvH1PEzN4v9VEYyEWxPsBGvqN4VWJLLjfv0W94C+mgSD52UJJFnYAOZnmANYJR
+wyTAg7t8O+dHq6XbXoUsK2l7nA6JQrlcsiRJcQTxAoGACpeisPQfNaqQIOmMvRVy
+EX8WIyYqOEzmqlCogodUHQEfQtbC31BkU1NrnH0HOXJTPa8Yvq40Phty1ahXVpCk
+/5+VPjzAj6SKD5whq5oZe/3wAL0NHCcPqnyU+5/mTJpwTKM/1L36T+vYBRMzpk5u
+dHr9d4JiY4L4RET03fg9E3w=
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- f6:01:86:d6:4b:85:3a:3d:d9:f8:79:9f:b8:17:c3:01
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ c2:28:3c:ff:fa:8e:dc:f7:39:52:42:b1:f3:82:40:74
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:15:29 2019 GMT
- Not After : Jul 14 13:15:29 2022 GMT
+ Not Before: Jan 27 16:56:00 2022 GMT
+ Not After : Jan 25 16:56:00 2032 GMT
Subject: CN=rrendek
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ea:c4:ab:e1:24:42:91:06:17:73:d6:d9:87:17:
- 29:a8:05:73:be:5a:54:38:3e:c9:dd:78:55:ca:e2:
- 27:e6:44:1a:22:5b:3a:15:68:61:bf:ae:ce:05:a5:
- c9:98:f7:a3:ff:0e:b9:db:8e:fc:15:ac:76:41:c8:
- 6e:de:85:38:cb:1f:b1:98:41:df:4e:18:62:24:04:
- 95:5a:16:6b:0b:fd:13:e3:26:8b:76:d3:9a:54:6c:
- 9b:19:3c:55:de:d0:2e
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:f3:4f:9c:e7:ba:7f:36:4f:1d:ac:7a:c7:d0:6c:
+ 59:f4:c2:e8:07:a3:d2:f1:ba:7b:e7:75:96:91:47:
+ 02:ac:53:d5:40:1b:43:25:ad:b9:15:b5:e5:b0:c0:
+ 90:42:74:47:a5:92:b0:f5:1c:fb:02:a9:0e:bd:9d:
+ b2:6d:85:95:2a:2b:95:51:9b:4e:14:22:45:bc:ab:
+ 23:df:76:e3:1a:f6:b7:27:a2:f0:e5:49:88:04:dc:
+ cb:7d:a0:4e:2b:8d:56:97:59:e9:4e:dc:f7:9f:41:
+ 2e:16:ef:75:59:db:e9:9c:59:3e:e5:3f:05:a7:aa:
+ 0d:01:bc:db:f8:03:e1:b1:d6:4b:70:18:1b:5e:10:
+ 05:a6:28:99:59:e5:a5:38:17:a9:92:95:ba:74:84:
+ cf:20:d4:e4:e4:26:4f:82:6d:3b:aa:51:d4:2e:4e:
+ c8:99:63:3a:bb:dd:ee:5d:e9:1c:ab:4b:54:a3:df:
+ 48:54:c0:7e:20:85:a1:4f:0a:93:3e:94:90:90:92:
+ f3:dc:73:94:16:3d:99:6e:57:82:98:87:8c:f8:15:
+ 0c:1e:35:6f:48:47:ed:15:3f:e4:06:98:04:f1:af:
+ 27:3d:af:25:10:aa:46:79:4e:00:ce:d4:bf:70:1f:
+ 2f:60:4b:a1:77:be:68:ff:36:4a:5f:60:ff:2e:cf:
+ ef:d5
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- D5:73:9E:FA:32:4C:D8:2A:E0:33:CF:15:F6:C0:D5:E9:56:5A:D0:EE
+ 20:87:C3:77:30:AC:3B:C2:8A:77:02:A3:86:B8:C0:A4:44:7D:33:FD
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:49:21:38:44:26:a9:96:15:98:29:c4:4f:04:25:
- be:35:90:bc:44:00:60:0d:6a:f7:f8:d4:ed:58:ea:28:45:f2:
- 99:33:d1:e3:2e:82:4e:04:bb:e5:27:10:ea:64:b8:83:02:31:
- 00:c3:59:fe:dc:8a:a1:e4:d1:30:09:51:2a:d8:d2:76:af:dc:
- 28:b2:d3:0d:ad:f3:19:91:b5:92:e6:8b:b4:77:d8:c3:87:f8:
- 7b:39:94:ab:f2:c0:06:c1:c4:43:b8:0e:16
+ Signature Algorithm: sha256WithRSAEncryption
+ 10:48:0c:b5:7b:c8:7f:51:e4:53:31:e9:c0:88:8a:da:55:2e:
+ e2:3b:ee:5f:20:bf:b1:ce:c8:0b:90:f5:d3:99:cf:b0:96:8b:
+ 63:9b:0a:ba:9b:2f:7b:d0:27:29:8b:67:b7:b2:85:d4:e6:26:
+ 6a:06:9f:27:f5:c0:a1:d9:35:39:51:89:82:18:b7:d4:25:72:
+ d5:a1:5f:56:65:37:15:e9:f6:8a:6f:03:6d:59:b7:8c:17:44:
+ f9:09:c3:71:3f:5d:e0:25:99:22:c4:32:41:a0:8b:93:02:47:
+ 14:ff:eb:df:1b:0b:d8:7e:ea:d8:d9:40:33:c6:ca:b2:f2:c6:
+ 53:89:90:b1:4a:5a:68:44:a1:18:df:af:1b:fc:b7:b7:04:20:
+ 36:61:e0:44:0d:9f:95:ed:f7:59:d7:a6:22:5a:0f:82:bf:5a:
+ aa:5a:fd:3c:77:0e:82:e6:ac:f3:b8:5d:26:62:55:66:06:3d:
+ cc:0a:22:09:dd:18:ec:98:eb:e9:f2:c5:43:85:f9:d8:43:82:
+ a8:ed:0e:19:0d:43:95:d9:ee:17:93:b4:ad:da:2a:b3:10:cf:
+ 52:74:50:2b:3d:8a:06:bd:31:52:38:07:85:dd:ca:9b:cb:97:
+ fb:ad:e6:a0:78:23:93:5c:22:5d:b9:d1:0f:55:32:07:d7:df:
+ c0:db:e5:05
-----BEGIN CERTIFICATE-----
-MIICDzCCAZWgAwIBAgIRAPYBhtZLhTo92fh5n7gXwwEwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMTUyOVoXDTIyMDcx
-NDEzMTUyOVowEjEQMA4GA1UEAwwHcnJlbmRlazB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABOrEq+EkQpEGF3PW2YcXKagFc75aVDg+yd14VcriJ+ZEGiJbOhVoYb+uzgWl
-yZj3o/8OuduO/BWsdkHIbt6FOMsfsZhB304YYiQElVoWawv9E+Mmi3bTmlRsmxk8
-Vd7QLqOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBTVc576MkzYKuAzzxX2wNXp
-VlrQ7jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIw
-SSE4RCaplhWYKcRPBCW+NZC8RABgDWr3+NTtWOooRfKZM9HjLoJOBLvlJxDqZLiD
-AjEAw1n+3Iqh5NEwCVEq2NJ2r9wostMNrfMZkbWS5ou0d9jDh/h7OZSr8sAGwcRD
-uA4W
+MIIDVjCCAj6gAwIBAgIRAMIoPP/6jtz3OVJCsfOCQHQwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1NjAwWhcNMzIwMTI1
+MTY1NjAwWjASMRAwDgYDVQQDDAdycmVuZGVrMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA80+c57p/Nk8drHrH0GxZ9MLoB6PS8bp753WWkUcCrFPVQBtD
+Ja25FbXlsMCQQnRHpZKw9Rz7AqkOvZ2ybYWVKiuVUZtOFCJFvKsj33bjGva3J6Lw
+5UmIBNzLfaBOK41Wl1npTtz3n0EuFu91WdvpnFk+5T8Fp6oNAbzb+APhsdZLcBgb
+XhAFpiiZWeWlOBepkpW6dITPINTk5CZPgm07qlHULk7ImWM6u93uXekcq0tUo99I
+VMB+IIWhTwqTPpSQkJLz3HOUFj2ZbleCmIeM+BUMHjVvSEftFT/kBpgE8a8nPa8l
+EKpGeU4AztS/cB8vYEuhd75o/zZKX2D/Ls/v1QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFCCHw3cwrDvCincCo4a4wKREfTP9MFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQAQSAy1e8h/UeRTMenAiIraVS7iO+5f
+IL+xzsgLkPXTmc+wlotjmwq6my970Ccpi2e3soXU5iZqBp8n9cCh2TU5UYmCGLfU
+JXLVoV9WZTcV6faKbwNtWbeMF0T5CcNxP13gJZkixDJBoIuTAkcU/+vfGwvYfurY
+2UAzxsqy8sZTiZCxSlpoRKEY368b/Le3BCA2YeBEDZ+V7fdZ16YiWg+Cv1qqWv08
+dw6C5qzzuF0mYlVmBj3MCiIJ3RjsmOvp8sVDhfnYQ4Ko7Q4ZDUOV2e4Xk7St2iqz
+EM9SdFArPYoGvTFSOAeF3cqby5f7reageCOTXCJdudEPVTIH19/A2+UF
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCsxtcmrcd9xqynDZ3a
-foxPCtPVy9dGZ9GYZY0umi1aXddSZmTQLis9HcQZsg6fqpuhZANiAATqxKvhJEKR
-Bhdz1tmHFymoBXO+WlQ4PsndeFXK4ifmRBoiWzoVaGG/rs4FpcmY96P/DrnbjvwV
-rHZByG7ehTjLH7GYQd9OGGIkBJVaFmsL/RPjJot205pUbJsZPFXe0C4=
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDzT5znun82Tx2s
+esfQbFn0wugHo9LxunvndZaRRwKsU9VAG0MlrbkVteWwwJBCdEelkrD1HPsCqQ69
+nbJthZUqK5VRm04UIkW8qyPfduMa9rcnovDlSYgE3Mt9oE4rjVaXWelO3PefQS4W
+73VZ2+mcWT7lPwWnqg0BvNv4A+Gx1ktwGBteEAWmKJlZ5aU4F6mSlbp0hM8g1OTk
+Jk+CbTuqUdQuTsiZYzq73e5d6RyrS1Sj30hUwH4ghaFPCpM+lJCQkvPcc5QWPZlu
+V4KYh4z4FQweNW9IR+0VP+QGmATxryc9ryUQqkZ5TgDO1L9wHy9gS6F3vmj/Nkpf
+YP8uz+/VAgMBAAECggEBAKuDdYHMb5xjDPHm4y/DEW5+bn3kN/D6mhlBRNBIFFRS
+DENSdHT9DzmErdN5Crgtq8vFqkQ/F5p6fc+geITH46yEaI/MQK/ksPAcW/9MmS8K
+t3WTYOjgeqei1TdLZ48/5MhwMwzKqytyEQFN75VWdkkmiDWlxWC5eM2+yfj9E339
+x/Ed7UyNGTeL6gdFdDUXwNmPBYWhO/0YFeWlMLS9I0wF1NL9GaoHNdmeGh6usjKk
+zDFM+PmrRC5kZJH3Un3Qd0fD2hUvwppAtw5/+IAwg98TOVKdh0ZCCWgERV0YvTkC
+Bzlos3JDv0PH2kJbv0xkzjSsfcbd15GkCxMwpIDh2EECgYEA/GOVoh5MU1RlU5lS
+eSuo/w96ceuZybE0FUku2UdRf0j6nyOIknsgbypDpQop1DGSZNgc7msBMbaUObTt
+OoDmPCUQF3GEDQj0swwgMjLgA5UYL38T7eVGYIO7nR1uuNfKpZqga8xHy9JoQt7t
+8LuX5G+EdULi2Z04rD96XuTiNa0CgYEA9srHWbomGfYli59OsdvB1MkVaiJSLnC5
+liG82rq/v74yVIu2D2wRY5jZ3piZhPUlMCzLCd66zLtJfCLl9rU4NDZXToUO+0Pt
+KTHYaDaGaPjR+CyWDVGIS3fZ0/msjFw3P6/NlfPDJTIUSghiIHvffFx/kI2Wjnzp
+rQYoQn+OV8kCgYEAz9zYhM99Pvf4B7TztrXdlktSJfbLDtCxu4ItYmeZWEJrnpsu
+RK3BVayyT3+iWY+GKSXQFg/syNu9EhXPd2pntEs2CIjGH9IrbjbjYVSDKJAnfh6j
+9D7rClwULV7rLLMUw/Uof/+bdeNRWRmvT5/AhjPOHKE8ocsZvMr+5p6NK3UCgYAR
+Y9SMRAuvRKL8pasb6UpNPiYeJnD4CMVrCNGP8BzW3AYb4wRfLdRD2l9vyfz3W3bV
+YDKmbWVoS8Iv1x2xNq/RLgsU41dc6Tpq7rI7Fax+9RmGjU29foNGHhnhT/SSp2TV
+PgQUjuqvUkoPtWuEsnXbA4GRpAh53d9xa7+mf+p90QKBgQD5TYbSS6oXC75uTcvZ
+5oWrzZDI+1j+hScwT7piX8DDaUbB/KPenl7jKQvFkWCQ2PIhNnMzWF57NCzt//9E
+yq9wkTbBETXWeSI6AxPpwhMnhCCgAnfP0Qc96ndiB2/3n7iMB5DDjkeA74WPhwlE
+3C1HC5XSNxNAY9STdR4TVu6seA==
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- b5:63:ff:7c:ff:87:23:f8:fd:6c:cd:82:85:1f:fa:31
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Mar 26 10:41:42 2020 GMT
- Not After : Mar 11 10:41:42 2023 GMT
- Subject: CN=thering
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:18:e6:74:25:a4:09:6a:83:9f:bc:71:e8:8e:c1:
- 44:73:6c:60:17:3a:29:a4:11:40:94:9d:ad:aa:f4:
- 37:03:cc:83:a7:28:5b:58:c8:0b:40:bf:ec:c8:83:
- 6e:41:db:56:24:37:56:7f:ba:25:57:09:76:82:27:
- 45:93:e9:65:25:aa:55:f1:cb:48:d8:8b:d2:65:dc:
- 8e:51:71:e8:60:d1:2e:88:34:f4:d1:f3:c2:81:3a:
- 36:9a:9c:08:7f:ac:c7
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- DE:BA:42:67:DA:26:9A:79:0C:E4:D7:AB:BA:DA:0A:02:71:D0:48:FE
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:87:c1:1b:d1:15:d9:85:62:f9:58:ff:0b:30:
- a0:3b:c7:31:ca:46:0c:71:0c:55:9d:83:a3:a9:32:93:94:7a:
- 6b:b4:54:e2:a3:e6:be:de:aa:29:bc:77:a7:9e:1b:cc:6f:02:
- 30:66:a5:9a:15:42:7f:e4:ad:00:be:0b:73:70:20:1b:c1:65:
- 40:15:22:28:51:8a:d1:7a:06:3a:50:2c:d2:56:0d:48:2c:7a:
- f4:b1:63:3e:ac:7f:01:c8:ac:bc:04:ce:b9
------BEGIN CERTIFICATE-----
-MIICDzCCAZWgAwIBAgIRALVj/3z/hyP4/WzNgoUf+jEwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTIwMDMyNjEwNDE0MloXDTIzMDMx
-MTEwNDE0MlowEjEQMA4GA1UEAwwHdGhlcmluZzB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABBjmdCWkCWqDn7xx6I7BRHNsYBc6KaQRQJSdrar0NwPMg6coW1jIC0C/7MiD
-bkHbViQ3Vn+6JVcJdoInRZPpZSWqVfHLSNiL0mXcjlFx6GDRLog09NHzwoE6Npqc
-CH+sx6OBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBTeukJn2iaaeQzk16u62goC
-cdBI/jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIx
-AIfBG9EV2YVi+Vj/CzCgO8cxykYMcQxVnYOjqTKTlHprtFTio+a+3qopvHennhvM
-bwIwZqWaFUJ/5K0AvgtzcCAbwWVAFSIoUYrRegY6UCzSVg1ILHr0sWM+rH8ByKy8
-BM65
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCboZiI4T9fQqhuUhZ1
-lsZw4yXdJ5COxryQGbWBWZanAdbF2JG/wNgYVcYHmU+IpEyhZANiAAQY5nQlpAlq
-g5+8ceiOwURzbGAXOimkEUCUna2q9DcDzIOnKFtYyAtAv+zIg25B21YkN1Z/uiVX
-CXaCJ0WT6WUlqlXxy0jYi9Jl3I5Rcehg0S6INPTR88KBOjaanAh/rMc=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 4b:df:84:b3:7b:17:ce:e1:09:87:9b:67:05:4b:27:91
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:15:51 2019 GMT
- Not After : Jul 14 13:15:51 2022 GMT
- Subject: CN=tsuhajda
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:6a:52:47:b4:82:6f:88:07:39:d2:55:37:5b:de:
- e8:37:fd:12:c8:2e:2a:c5:b4:9b:54:cf:2b:7c:73:
- dd:9c:89:37:d7:a9:09:50:11:bb:ae:8e:8d:3f:e7:
- d0:c9:7e:89:f5:7f:29:28:2d:d6:49:5b:69:b9:47:
- da:82:87:1e:a9:e8:7a:98:e2:fe:2b:b6:b0:c2:fd:
- aa:18:af:c3:d5:b0:c3:51:8b:77:8e:4d:68:60:47:
- 41:28:4d:30:81:4d:7c
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 60:FA:D3:CB:9A:38:0E:08:58:0C:11:BB:A1:C8:18:FB:36:31:2A:67
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:c2:3b:36:d4:ec:38:f3:3f:11:b3:74:6b:34:
- 27:2f:bd:77:41:c1:20:55:e8:39:b5:1b:ad:04:a1:ab:ca:19:
- 1e:31:6f:32:4e:12:80:f9:c9:fc:96:f4:7b:81:34:87:07:02:
- 31:00:92:a4:26:4c:73:29:b6:4f:be:37:a7:98:50:33:4f:10:
- cd:f2:a0:2d:e6:f1:dd:18:7e:0a:51:1d:81:36:5a:36:3c:17:
- f8:d3:2c:cb:c1:16:5d:38:1d:57:97:9a:be:69
------BEGIN CERTIFICATE-----
-MIICEDCCAZWgAwIBAgIQS9+Es3sXzuEJh5tnBUsnkTAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNTUxWhcNMjIwNzE0
-MTMxNTUxWjATMREwDwYDVQQDDAh0c3VoYWpkYTB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABGpSR7SCb4gHOdJVN1ve6Df9EsguKsW0m1TPK3xz3ZyJN9epCVARu66OjT/n
-0Ml+ifV/KSgt1klbablH2oKHHqnoepji/iu2sML9qhivw9Www1GLd45NaGBHQShN
-MIFNfKOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBRg+tPLmjgOCFgMEbuhyBj7
-NjEqZzBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaQAwZgIx
-AMI7NtTsOPM/EbN0azQnL713QcEgVeg5tRutBKGryhkeMW8yThKA+cn8lvR7gTSH
-BwIxAJKkJkxzKbZPvjenmFAzTxDN8qAt5vHdGH4KUR2BNlo2PBf40yzLwRZdOB1X
-l5q+aQ==
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA3FfCdgRHmr7R09vcV
-oMIHICl1w6SEHkvJWvu/kgBvfUTDa+8xO6TcfLj3bcN7SUKhZANiAARqUke0gm+I
-BznSVTdb3ug3/RLILirFtJtUzyt8c92ciTfXqQlQEbuujo0/59DJfon1fykoLdZJ
-W2m5R9qChx6p6HqY4v4rtrDC/aoYr8PVsMNRi3eOTWhgR0EoTTCBTXw=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
------END OpenVPN Static key V1-----
-</tls-auth>
+++ /dev/null
-##############################################
-# Sample client-side OpenVPN 2.0 config file #
-# for connecting to multi-client server. #
-# #
-# This configuration can be used by multiple #
-# clients, however each client should have #
-# its own cert and key files. #
-# #
-# On Windows, you might want to rename this #
-# file so it has a .ovpn extension #
-##############################################
-
-# Specify that we are a client and that we
-# will be pulling certain config file directives
-# from the server.
-client
-
-# Use the same setting as you are using on
-# the server.
-# On most systems, the VPN will not function
-# unless you partially or fully disable
-# the firewall for the TUN/TAP interface.
-;dev tap
-dev tun
-
-# Windows needs the TAP-Win32 adapter name
-# from the Network Connections panel
-# if you have more than one. On XP SP2,
-# you may need to disable the firewall
-# for the TAP adapter.
-;dev-node MyTap
-
-# Are we connecting to a TCP or
-# UDP server? Use the same setting as
-# on the server.
-;proto tcp
-proto udp
-
-# The hostname/IP and port of the server.
-# You can have multiple remote entries
-# to load balance between the servers.
-remote vpn.userrendszerhaz.hu 1194
-
-# Choose a random host from the remote
-# list for load-balancing. Otherwise
-# try hosts in the order specified.
-;remote-random
-
-# Keep trying indefinitely to resolve the
-# host name of the OpenVPN server. Very useful
-# on machines which are not permanently connected
-# to the internet such as laptops.
-resolv-retry infinite
-
-# Most clients don't need to bind to
-# a specific local port number.
-nobind
-
-# Downgrade privileges after initialization (non-Windows only)
-user nobody
-group nobody
-
-# Try to preserve some state across restarts.
-persist-key
-persist-tun
-
-# If you are connecting through an
-# HTTP proxy to reach the actual OpenVPN
-# server, put the proxy server/IP and
-# port number here. See the man page
-# if your proxy server requires
-# authentication.
-;http-proxy-retry # retry on connection failures
-;http-proxy [proxy server] [proxy port #]
-
-# Wireless networks often produce a lot
-# of duplicate packets. Set this flag
-# to silence duplicate packet warnings.
-;mute-replay-warnings
-
-# SSL/TLS parms.
-# See the server config file for more
-# description. It's best to use
-# a separate .crt/.key file pair
-# for each client. A single ca
-# file can be used for all clients.
-;ca ca.crt
-;cert client.crt
-;key client.key
-
-# Verify server certificate by checking that the
-# certicate has the correct key usage set.
-# This is an important precaution to protect against
-# a potential attack discussed here:
-# http://openvpn.net/howto.html#mitm
-#
-# To use this feature, you will need to generate
-# your server certificates with the keyUsage set to
-# digitalSignature, keyEncipherment
-# and the extendedKeyUsage to
-# serverAuth
-# EasyRSA can do this for you.
-remote-cert-tls server
-
-# If a tls-auth key is used on the server
-# then every client must also have the key.
-;tls-auth ta.key 1
-key-direction 1
-
-# Select a cryptographic cipher.
-# If the cipher option is used on the server
-# then you must also specify it here.
-# Note that v2.4 client/server will automatically
-# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
-cipher AES-256-CBC
-
-# Enable compression on the VPN link.
-# Don't enable this unless it is also
-# enabled in the server config file.
-#comp-lzo
-
-# Set log file verbosity.
-verb 3
-
-# Silence repeating messages
-;mute 20
-
-<ca>
------BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
------END CERTIFICATE-----
-</ca>
-
-<cert>
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 6b:9d:83:08:3d:87:cc:88:0a:de:bc:cd:3b:5c:ef:4d
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:16:02 2019 GMT
- Not After : Jul 14 13:16:02 2022 GMT
- Subject: CN=zbartakovics
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:0f:68:0b:c6:8e:81:3c:ef:a7:cb:71:84:f3:84:
- 12:e5:9c:28:13:15:e1:ab:bf:2f:92:3c:db:40:2c:
- e5:f7:c9:61:94:d2:23:08:10:75:53:7a:ec:39:3c:
- a1:9c:d3:73:0e:79:db:4c:15:94:77:11:a4:30:e2:
- bc:73:fa:66:0e:17:90:e2:a3:4c:17:82:41:87:c2:
- 94:8a:c3:28:47:40:76:76:59:c7:16:47:07:8b:ec:
- dd:22:6c:3c:af:26:25
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 36:50:AD:4A:3A:69:D8:C0:00:F4:3C:7C:FF:B0:7D:E2:94:B9:7C:8A
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:7e:1a:02:39:9f:2d:c8:dd:5b:4a:2b:9a:2e:61:
- 60:a5:e2:60:92:29:d4:7e:f2:32:5a:be:90:72:89:42:1a:74:
- 74:72:c3:e8:32:0b:63:82:52:65:fa:2f:b3:13:4f:16:02:30:
- 1e:a0:79:e7:55:d1:45:54:97:8d:a0:fb:50:ce:47:b0:1f:d0:
- 78:47:21:dc:21:d1:7d:f4:1a:da:48:55:fc:43:ce:28:ae:b9:
- 96:c0:72:2b:29:e4:61:b7:6b:9a:b2:92
------BEGIN CERTIFICATE-----
-MIICEjCCAZmgAwIBAgIQa52DCD2HzIgK3rzNO1zvTTAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNjAyWhcNMjIwNzE0
-MTMxNjAyWjAXMRUwEwYDVQQDDAx6YmFydGFrb3ZpY3MwdjAQBgcqhkjOPQIBBgUr
-gQQAIgNiAAQPaAvGjoE876fLcYTzhBLlnCgTFeGrvy+SPNtALOX3yWGU0iMIEHVT
-euw5PKGc03MOedtMFZR3EaQw4rxz+mYOF5Dio0wXgkGHwpSKwyhHQHZ2WccWRweL
-7N0ibDyvJiWjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUNlCtSjpp2MAA9Dx8
-/7B94pS5fIowVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBox
-GDAWBgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5Sgaeww
-EwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2cA
-MGQCMH4aAjmfLcjdW0ormi5hYKXiYJIp1H7yMlq+kHKJQhp0dHLD6DILY4JSZfov
-sxNPFgIwHqB551XRRVSXjaD7UM5HsB/QeEch3CHRffQa2khV/EPOKK65lsByKynk
-YbdrmrKS
------END CERTIFICATE-----
-</cert>
-
-<key>
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA0fa139CTqeLKWJaqU
-GKH5EIpDoFGwek9AW9Td5BTuYxpTREQwi3vMbEZ4sULZI2ehZANiAAQPaAvGjoE8
-76fLcYTzhBLlnCgTFeGrvy+SPNtALOX3yWGU0iMIEHVTeuw5PKGc03MOedtMFZR3
-EaQw4rxz+mYOF5Dio0wXgkGHwpSKwyhHQHZ2WccWRweL7N0ibDyvJiU=
------END PRIVATE KEY-----
-</key>
-
-<tls-auth>
-#
-# 2048 bit OpenVPN static key
-#
------BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
------END OpenVPN Static key V1-----
-</tls-auth>
;key client.key
# Verify server certificate by checking that the
-# certicate has the correct key usage set.
+# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
-# See also the ncp-cipher option in the manpage
+# See also the data-ciphers option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link.
<ca>
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
</ca>
Data:
Version: 3 (0x2)
Serial Number:
- 34:13:80:3e:21:7f:3b:dd:0a:af:d5:cb:0d:17:4b:3c
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 2b:f6:cb:e6:ee:b9:5f:05:2f:9d:64:50:3f:0c:c3:37
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:16:17 2019 GMT
- Not After : Jul 14 13:16:17 2022 GMT
+ Not Before: Jan 27 16:56:14 2022 GMT
+ Not After : Jan 25 16:56:14 2032 GMT
Subject: CN=zfelleg
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:83:a4:95:4c:f4:18:92:47:f1:fe:26:d4:2c:3a:
- a1:65:73:7b:ef:cd:26:ef:dc:d7:7a:dc:95:9a:8b:
- 66:3f:e9:c9:2e:f6:ac:0a:0e:a1:8f:bd:a5:00:42:
- 3a:30:03:9c:0a:5b:4a:c3:3c:bc:62:05:60:37:36:
- 99:e4:e7:27:2d:ae:a9:c1:a2:57:35:8e:d2:59:77:
- 29:16:64:50:94:16:ca:1a:19:31:1a:83:8c:41:07:
- 7f:7d:e7:fc:98:80:73
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:a9:54:33:8f:8b:4d:40:21:59:cf:42:77:2e:a3:
+ 58:dc:9b:6c:62:ab:d8:f7:7e:06:98:e0:d8:20:13:
+ 6f:14:01:d2:3a:9c:d6:a8:d5:9e:cd:1b:b7:53:e4:
+ a5:c0:aa:50:13:6a:9a:34:c6:8b:ce:b0:f2:68:ff:
+ e1:8d:ed:a3:91:27:c9:30:75:d3:8d:ee:be:df:c6:
+ 1f:df:ef:50:f1:21:d5:4d:ae:07:b7:b9:97:bc:ba:
+ 6a:65:22:03:00:86:7b:7f:b3:8b:c4:98:73:3d:e6:
+ 44:2f:27:31:6d:9c:7d:9d:da:d6:a4:65:68:bb:5b:
+ 06:fb:f3:9b:b6:69:f9:08:dd:61:6b:0e:04:48:e7:
+ d7:d9:8a:82:1f:44:74:a4:be:86:54:bb:c0:55:da:
+ c5:d6:d7:83:6d:26:09:4e:c6:87:cc:89:e1:e8:40:
+ 6d:3b:9f:c3:b2:8b:23:87:d2:8c:93:be:95:33:6a:
+ 35:dd:33:45:de:06:42:ee:18:19:5a:1d:52:46:54:
+ a4:f0:af:5b:f9:56:6d:be:3d:01:ea:96:fe:75:6b:
+ 44:95:f8:3b:8a:11:67:59:7b:c8:30:cd:05:40:5a:
+ f5:ce:5d:80:2a:aa:0b:f5:e1:24:d2:81:54:b7:7f:
+ 39:b0:1c:10:0e:6b:39:d3:06:3b:58:48:7a:a9:7e:
+ ea:4f
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 40:51:B5:0A:53:CE:54:25:34:5C:DC:E5:70:74:B3:6F:D4:D3:01:84
+ E2:66:F5:04:A5:2A:61:D5:3B:DF:7A:50:2E:78:E9:C4:76:F1:D5:78
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:7e:24:b4:72:c8:67:13:4f:a0:ba:09:76:d0:33:
- 36:35:d4:d0:df:e7:a5:25:25:af:ce:36:67:42:22:bf:42:fb:
- ab:96:52:73:c1:b2:a0:58:3a:90:b1:8a:78:70:eb:c9:02:31:
- 00:d9:4a:41:83:7a:5d:1b:6c:e2:d0:2d:b7:c3:b9:b7:11:26:
- 90:fa:9c:cb:20:e6:c4:cf:06:65:8b:8e:6b:00:c7:ec:77:f0:
- 85:75:17:58:0b:ef:06:8b:13:0b:57:61:25
+ Signature Algorithm: sha256WithRSAEncryption
+ 21:ff:e7:b7:cf:17:01:19:6e:2c:43:1c:96:37:32:3b:49:ba:
+ 4f:97:59:fc:31:2a:97:88:54:5b:96:6b:cd:20:75:f8:91:29:
+ 69:93:a0:54:8f:bf:2a:9e:1f:7a:d5:25:ef:7e:16:04:72:0b:
+ ab:fc:26:fb:65:47:6a:dc:64:59:e5:51:1a:3b:bd:1c:21:93:
+ ba:39:dc:34:37:98:68:0b:7b:72:96:81:0f:63:ea:bc:ea:ed:
+ 19:9e:bb:b4:56:8e:c9:67:44:4f:d6:c8:60:2c:7f:37:c7:8e:
+ a7:37:c5:f1:67:99:57:2b:0e:1d:8d:27:8c:bf:e1:5b:b7:42:
+ 76:09:f0:e5:03:72:a3:93:91:03:62:8c:7d:f5:d9:f0:8e:ca:
+ 52:9e:00:8c:1a:90:72:30:ba:86:92:ff:f6:41:ca:17:7d:75:
+ 6f:3c:e0:4b:9a:26:d2:fe:79:23:cd:96:0e:c3:77:eb:d4:0c:
+ 44:e5:d4:1a:5d:73:2e:48:26:25:97:04:65:90:0b:1f:6f:f1:
+ 0c:f6:07:68:c5:38:cf:f4:74:b1:c3:06:ce:38:d2:98:b1:be:
+ 82:20:bf:41:6e:8e:74:a5:f7:e9:de:dd:ed:c8:99:db:1c:de:
+ c6:14:4d:8d:f1:85:52:d0:a7:44:3e:18:41:87:52:b9:e0:8c:
+ ee:1f:01:42
-----BEGIN CERTIFICATE-----
-MIICDjCCAZSgAwIBAgIQNBOAPiF/O90Kr9XLDRdLPDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNjE3WhcNMjIwNzE0
-MTMxNjE3WjASMRAwDgYDVQQDDAd6ZmVsbGVnMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEg6SVTPQYkkfx/ibULDqhZXN7780m79zXetyVmotmP+nJLvasCg6hj72lAEI6
-MAOcCltKwzy8YgVgNzaZ5OcnLa6pwaJXNY7SWXcpFmRQlBbKGhkxGoOMQQd/fef8
-mIBzo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFEBRtQpTzlQlNFzc5XB0s2/U
-0wGEMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNoADBlAjB+
-JLRyyGcTT6C6CXbQMzY11NDf56UlJa/ONmdCIr9C+6uWUnPBsqBYOpCxinhw68kC
-MQDZSkGDel0bbOLQLbfDubcRJpD6nMsg5sTPBmWLjmsAx+x38IV1F1gL7waLEwtX
-YSU=
+MIIDVTCCAj2gAwIBAgIQK/bL5u65XwUvnWRQPwzDNzANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU2MTRaFw0zMjAxMjUx
+NjU2MTRaMBIxEDAOBgNVBAMMB3pmZWxsZWcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCpVDOPi01AIVnPQncuo1jcm2xiq9j3fgaY4NggE28UAdI6nNao
+1Z7NG7dT5KXAqlATapo0xovOsPJo/+GN7aORJ8kwddON7r7fxh/f71DxIdVNrge3
+uZe8umplIgMAhnt/s4vEmHM95kQvJzFtnH2d2takZWi7Wwb785u2afkI3WFrDgRI
+59fZioIfRHSkvoZUu8BV2sXW14NtJglOxofMieHoQG07n8OyiyOH0oyTvpUzajXd
+M0XeBkLuGBlaHVJGVKTwr1v5Vm2+PQHqlv51a0SV+DuKEWdZe8gwzQVAWvXOXYAq
+qgv14STSgVS3fzmwHBAOaznTBjtYSHqpfupPAgMBAAGjgaIwgZ8wCQYDVR0TBAIw
+ADAdBgNVHQ4EFgQU4mb1BKUqYdU733pQLnjpxHbx1XgwUQYDVR0jBEowSIAUSUNb
+UvgxeLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1
+zzE7pfY7l0pNuhTRWMqTy/F/pTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8E
+BAMCB4AwDQYJKoZIhvcNAQELBQADggEBACH/57fPFwEZbixDHJY3MjtJuk+XWfwx
+KpeIVFuWa80gdfiRKWmToFSPvyqeH3rVJe9+FgRyC6v8JvtlR2rcZFnlURo7vRwh
+k7o53DQ3mGgLe3KWgQ9j6rzq7Rmeu7RWjslnRE/WyGAsfzfHjqc3xfFnmVcrDh2N
+J4y/4Vu3QnYJ8OUDcqOTkQNijH312fCOylKeAIwakHIwuoaS//ZByhd9dW884Eua
+JtL+eSPNlg7Dd+vUDETl1Bpdcy5IJiWXBGWQCx9v8Qz2B2jFOM/0dLHDBs440pix
+voIgv0FujnSl9+ne3e3Imdsc3sYUTY3xhVLQp0Q+GEGHUrngjO4fAUI=
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDrR6bejMZ+YEKPLqFW
-EcqqktxOsksvQB6WL0olu99MczjNpHbWRJdzF0b1CxYYTKChZANiAASDpJVM9BiS
-R/H+JtQsOqFlc3vvzSbv3Nd63JWai2Y/6cku9qwKDqGPvaUAQjowA5wKW0rDPLxi
-BWA3Npnk5yctrqnBolc1jtJZdykWZFCUFsoaGTEag4xBB3995/yYgHM=
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCpVDOPi01AIVnP
+Qncuo1jcm2xiq9j3fgaY4NggE28UAdI6nNao1Z7NG7dT5KXAqlATapo0xovOsPJo
+/+GN7aORJ8kwddON7r7fxh/f71DxIdVNrge3uZe8umplIgMAhnt/s4vEmHM95kQv
+JzFtnH2d2takZWi7Wwb785u2afkI3WFrDgRI59fZioIfRHSkvoZUu8BV2sXW14Nt
+JglOxofMieHoQG07n8OyiyOH0oyTvpUzajXdM0XeBkLuGBlaHVJGVKTwr1v5Vm2+
+PQHqlv51a0SV+DuKEWdZe8gwzQVAWvXOXYAqqgv14STSgVS3fzmwHBAOaznTBjtY
+SHqpfupPAgMBAAECggEAb3LTKPR32PDairbleNXcg/7sPJl9CZBySSccOShxYMq+
+EwPtqVxI1Bkc9eO1UPUIFW+BpaDUnisKsh9Q1riFguGb4wB6SJ3OFbzyd9KtBLjP
+CvyzabKG85oCsyPKtArPuEJ1iOUKXMB1Ok/ikZGBgGdsBPIWF9KW6zfw0gQ3/COf
+Kff46NYB2IK+aydp9oeq45yfPMts+ZtfDg2dEsUmRojvy/oy7uLehtEEyj09BzU4
+VLiV9OY3XFcCFtkj3SDqaLEDCv+Wb3ywsBs+6ZbfbQ4JJFqqHhqEgYrXPdG1lu7k
+pAAEbXaUucgdnf5K11PvtQnfHkLKxZ5z9Y7nd/PKmQKBgQDbd9a01dlY/Mg/7S1I
+NvzBKS35oSFVgWUaAlDv7K/x74HA8hO+insOV/8UYoRMOpHDTYElVsxAQ4ymOfXZ
+ghk+38EqKZPvVG6q9C9FhCNiqSjoxQUMbGJVPM0QF5/nWk5SgBefkA02lCWj+Ox7
+Bk2ne7hjaJeuWQUN1tQZAGijlQKBgQDFg8nQH8qFBQd9NN/9ldNIDkeyxK9pBxxX
+MFislUZof85Hnaf8SKTErequT6OKIj2Wr7a7osmub1UXqCryFvTU9mAJsGQEWDVb
+rB/j+xFNtR3RC4vBKATENfT9NjW4S8gj7TRZZKosiHDE7ZIRYZQwvhqvxk7vrBx7
+CFrNVmIdUwKBgC3JpdDaoNrw+jJkIENlvXvrRH1FQbgeI+K2Qv6baeXW60I+/yGM
+sLnAYCZ3m1RwD8MoY15P6pMpxKlVhFZZzzyP4DQUspmHCwO9qDMfq2ZFFpThrfj2
+j9lqsvm9hA33iEmsEcGngyo05Fl+cJAGM6NSq5iJ1MN6LRTDEkMZE7u1AoGAbg00
+UYalLODUf2sKsxzcEHYEdRMqOXcAz4PcpKy4AlnT8gtiIivHwt60uFMfaEQT1PYq
+9vmJLmxSGVBWPXWVDWQJttxVniYX9PA/BKRLy+RyrJumTwWhQkJeMwgVfo6bAYmV
+dYmlWBLd4pwMmyqni1EhRXdVXC2l4NeS4H6VRIkCgYBFXAcEbTWIpEJn+iTjaoao
+FMu6f8nAqTwGyX+0o43Zt7V8I+WcPHkSfNZvhQyl9vYwZTdOGMyE0/KYgaitrtCc
+XZiWTowoy1POGoAMqXwkvB/iqe7++Isb9BQrRoTqS49gIdIYLkL0dkQamjuOAOLC
+ayUpgzo6DfPSNIqgAnDSUQ==
-----END PRIVATE KEY-----
</key>
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
</tls-auth>
show-ca [ cmd-opts ]
import-req <request_file_path> <short_basename>
export-p7 <filename_base> [ cmd-opts ]
+ export-p8 <filename_base> [ cmd-opts ]
export-p12 <filename_base> [ cmd-opts ]
set-rsa-pass <filename_base> [ cmd-opts ]
set-ec-pass <filename_base> [ cmd-opts ]
+ upgrade <type>
"
# collect/show dir status:
Creates a new CA"
opts="
nopass - do not encrypt the CA key (default is encrypted)
- subca - create a sub-CA keypair and request (default is a root CA)" ;;
+ subca - create an intermediate CA keypair and request (default is a root CA)
+ intca - alias to the above" ;;
gen-dh) text="
gen-dh
Generates DH (Diffie-Hellman) parameters" ;;
This mode uses the <filename_base> as the X509 CN."
opts="
- nopass - do not encrypt the private key (default is encrypted)" ;;
+ nopass - do not encrypt the private key (default is encrypted)
+ inline - create an inline credentials file for this node" ;;
revoke) text="
revoke <filename_base> [reason]
Revoke a certificate specified by the filename_base, with an optional
export-p7 <filename_base> [ cmd-opts ]
Export a PKCS#7 file with the pubkey specified by <filename_base>"
opts="
+ noca - do not include the ca.crt file in the PKCS7 output" ;;
+ export-p8) text="
+ export-p8 <filename_base> [ cmd-opts ]
+ Export a PKCS#8 file with the private key specified by <filename_base>"
+ opts="
noca - do not include the ca.crt file in the PKCS7 output" ;;
set-rsa-pass|set-ec-pass) text="
set-rsa-pass <filename_base> [ cmd-opts ]
opts="
nopass - use no password and leave the key unencrypted
file - (advanced) treat the file as a raw path, not a short-name" ;;
+ upgrade) text="
+ upgrade <type>
+ Upgrade EasyRSA PKI and/or CA. <type> must be one of:
+ pki - Upgrade EasyRSA v2.x PKI to EasyRSA v3.x PKI (includes CA below)
+ ca - Upgrade EasyRSA v3.0.5 CA or older to EasyRSA v3.0.6 CA or later." ;;
altname|subjectaltname|san) text="
--subject-alt-name=SAN_FORMAT_STRING
This global option adds a subjectAltName to the request or issued
General options:
--batch : set automatic (no-prompts when possible) mode
+--passin=ARG : set -passin ARG for openssl
+--passout=ARG : set -passout ARG for openssl
--pki-dir=DIR : declares the PKI directory
--vars=FILE : define a specific 'vars' file to use for Easy-RSA config
+--version : prints EasyRSA version and build information, then exits
Certificate & Request options: (these impact cert/req field values)
--dn-mode=MODE : DN mode to use (cn_only or org)
--keysize=# : size in bits of keypair to generate
--req-cn=NAME : default CN to use
---subca-len=# : path length of signed sub-CA certs; must be >= 0 if used
+--subca-len=# : path length of signed intermediate CA certs; must be >= 0 if used
--subject-alt-name : Add a subjectAltName. For more info and syntax, see:
./easyrsa help altname
--use-algo=ALG : crypto alg to use: choose rsa (default) or ec
# Wrapper around printf - clobber print since it's not POSIX anyway
# shellcheck disable=SC1117
-print() { printf "%s\n" "$*"; }
+print() { printf "%s\n" "$*" || exit 1; }
# Exit fatally with a message to stderr
# present even with EASYRSA_BATCH as these are fatal problems
Easy-RSA error:
$1" 1>&2
- clean_temp;
- prog_exit "${2:-1}"
+ exit "${2:-1}"
} # => die()
# non-fatal warning output
[ ! "$EASYRSA_BATCH" ] && \
print "
$1" 1>&2
+
+ return 0
} # => warn()
# informational notices to stdout
[ ! "$EASYRSA_BATCH" ] && \
print "
$1"
+
+ return 0
} # => notice()
# yes/no case-insensitive match (operates on stdin pipe)
exit 9
} # => confirm()
-# remove temp files
-clean_temp() {
- for f in "$EASYRSA_TEMP_CONF" "$EASYRSA_TEMP_EXT" \
- "$EASYRSA_TEMP_FILE_2" "$EASYRSA_TEMP_FILE_3" "$EASYRSA_TEMP_FILE_4"
- do [ -f "$f" ] && rm "$f" 2>/dev/null
- done
-} # => clean_temp()
-
-prog_exit() {
- ESTAT=0
- [ -n "$1" ] && ESTAT=$1
- (stty echo 2>/dev/null) || set -o echo
+# mktemp wrapper
+easyrsa_mktemp() {
+ [ -n "$EASYRSA_TEMP_DIR_session" ] || die "EASYRSA_TEMP_DIR_session not initialized!"
+ [ -d "$EASYRSA_TEMP_DIR_session" ] || mkdir -p "$EASYRSA_TEMP_DIR_session" ||
+ die "Could not create temporary directory '$EASYRSA_TEMP_DIR_session'. Permission or concurrency problem?"
+ [ -d "$EASYRSA_TEMP_DIR_session" ] || die "Temporary directory '$EASYRSA_TEMP_DIR_session' does not exist"
+
+ template="$EASYRSA_TEMP_DIR_session/tmp.XXXXXX"
+ tempfile=$(mktemp "$template") || return
+
+ # win32 mktemp shipped by easyrsa returns template as file!
+ if [ "$template" = "$tempfile" ]; then
+ # but win32 mktemp -d does work
+ # but win32 mktemp -u does not work
+ tempfile=$(mktemp -du "$tempfile") || return
+ printf "" > "$tempfile" || return
+ fi
+ echo "$tempfile"
+} # => easyrsa_mktemp
+
+# remove temp files and do terminal cleanups
+cleanup() {
+ [ -z "$EASYRSA_TEMP_DIR_session" ] || rm -rf "$EASYRSA_TEMP_DIR_session"
+ # shellcheck disable=SC2039
+ (stty echo 2>/dev/null) || { (set -o echo 2>/dev/null) && set -o echo; }
echo "" # just to get a clean line
- exit "$ESTAT"
-} # => prog_exit()
-
-# Make LibreSSL safe config file from OpenSSL config file
-make_ssl_config() {
-sed \
- -e "s\`ENV::EASYRSA\`EASYRSA\`g" \
- -e "s\`\$dir\`$EASYRSA_PKI\`g" \
- -e "s\`\$EASYRSA_PKI\`$EASYRSA_PKI\`g" \
- -e "s\`\$EASYRSA_CERT_EXPIRE\`$EASYRSA_CERT_EXPIRE\`g" \
- -e "s\`\$EASYRSA_CRL_DAYS\`$EASYRSA_CRL_DAYS\`g" \
- -e "s\`\$EASYRSA_DIGEST\`$EASYRSA_DIGEST\`g" \
- -e "s\`\$EASYRSA_KEY_SIZE\`$EASYRSA_KEY_SIZE\`g" \
- -e "s\`\$EASYRSA_DIGEST\`$EASYRSA_DIGEST\`g" \
- -e "s\`\$EASYRSA_DN\`$EASYRSA_DN\`g" \
- -e "s\`\$EASYRSA_REQ_COUNTRY\`$EASYRSA_REQ_COUNTRY\`g" \
- -e "s\`\$EASYRSA_REQ_PROVINCE\`$EASYRSA_REQ_PROVINCE\`g" \
- -e "s\`\$EASYRSA_REQ_CITY\`$EASYRSA_REQ_CITY\`g" \
- -e "s\`\$EASYRSA_REQ_ORG\`$EASYRSA_REQ_ORG\`g" \
- -e "s\`\$EASYRSA_REQ_OU\`$EASYRSA_REQ_OU\`g" \
- -e "s\`\$EASYRSA_REQ_CN\`$EASYRSA_REQ_CN\`g" \
- -e "s\`\$EASYRSA_REQ_EMAIL\`$EASYRSA_REQ_EMAIL\`g" \
- "$EASYRSA_SSL_CONF" > "$EASYRSA_SAFE_CONF" || die "\
-Failed to update $EASYRSA_SAFE_CONF"
-} # => make_ssl_config()
+} # => cleanup()
+
+easyrsa_openssl() {
+ openssl_command=$1; shift
+
+ case $openssl_command in
+ makesafeconf) has_config=true;;
+ ca|req|srp|ts) has_config=true;;
+ *) has_config=false;;
+ esac
+
+ if ! $has_config; then
+ "$EASYRSA_OPENSSL" "$openssl_command" "$@"
+ return
+ fi
+
+ easyrsa_openssl_conf=$(easyrsa_mktemp) || die "Failed to create temporary file"
+ easyrsa_extra_exts=
+ if [ -n "$EASYRSA_EXTRA_EXTS" ]; then
+ easyrsa_extra_exts=$(easyrsa_mktemp) || die "Failed to create temporary file"
+ cat >"$easyrsa_extra_exts" <<-EOF
+ req_extensions = req_extra
+ [ req_extra ]
+ $EASYRSA_EXTRA_EXTS
+ EOF
+ fi
+
+ # Make LibreSSL safe config file from OpenSSL config file
+ sed \
+ -e "s\`ENV::EASYRSA\`EASYRSA\`g" \
+ -e "s\`\$dir\`$EASYRSA_PKI\`g" \
+ -e "s\`\$EASYRSA_PKI\`$EASYRSA_PKI\`g" \
+ -e "s\`\$EASYRSA_CERT_EXPIRE\`$EASYRSA_CERT_EXPIRE\`g" \
+ -e "s\`\$EASYRSA_CRL_DAYS\`$EASYRSA_CRL_DAYS\`g" \
+ -e "s\`\$EASYRSA_DIGEST\`$EASYRSA_DIGEST\`g" \
+ -e "s\`\$EASYRSA_KEY_SIZE\`$EASYRSA_KEY_SIZE\`g" \
+ -e "s\`\$EASYRSA_DIGEST\`$EASYRSA_DIGEST\`g" \
+ -e "s\`\$EASYRSA_DN\`$EASYRSA_DN\`g" \
+ -e "s\`\$EASYRSA_REQ_COUNTRY\`$EASYRSA_REQ_COUNTRY\`g" \
+ -e "s\`\$EASYRSA_REQ_PROVINCE\`$EASYRSA_REQ_PROVINCE\`g" \
+ -e "s\`\$EASYRSA_REQ_CITY\`$EASYRSA_REQ_CITY\`g" \
+ -e "s\`\$EASYRSA_REQ_ORG\`$EASYRSA_REQ_ORG\`g" \
+ -e "s\`\$EASYRSA_REQ_OU\`$EASYRSA_REQ_OU\`g" \
+ -e "s\`\$EASYRSA_REQ_CN\`$EASYRSA_REQ_CN\`g" \
+ -e "s\`\$EASYRSA_REQ_EMAIL\`$EASYRSA_REQ_EMAIL\`g" \
+ ${EASYRSA_EXTRA_EXTS:+-e "/^#%EXTRA_EXTS%/r $easyrsa_extra_exts"} \
+ "$EASYRSA_SSL_CONF" > "$easyrsa_openssl_conf" ||
+ die "Failed to update $easyrsa_openssl_conf"
+
+ if [ "$openssl_command" = "makesafeconf" ]; then
+ cp "$easyrsa_openssl_conf" "$EASYRSA_SAFE_CONF"
+ err=$?
+ else
+ "$EASYRSA_OPENSSL" "$openssl_command" -config "$easyrsa_openssl_conf" "$@"
+ err=$?
+ fi
+
+ rm -f "$easyrsa_openssl_conf"
+ rm -f "$easyrsa_extra_exts"
+ return $err
+} # => easyrsa_openssl
vars_source_check() {
# Check for defined EASYRSA_PKI
} # => vars_source_check()
# Verify supplied curve exists and generate curve file if needed
-verify_curve() {
+verify_curve_ec() {
if ! "$EASYRSA_OPENSSL" ecparam -name "$EASYRSA_CURVE" > /dev/null; then
die "\
Curve $EASYRSA_CURVE not found. Run openssl ecparam -list_curves to show a
return 0
}
-verify_ssl_lib () {
- # make safessl-easyrsa.cnf
- make_ssl_config
+# Verify if Edward Curve exists
+verify_curve_ed() {
+ if [ "ed25519" = "$EASYRSA_CURVE" ] && "$EASYRSA_OPENSSL" genpkey -algorithm ED25519 > /dev/null; then
+ return 0
+ elif [ "ed448" = "$EASYRSA_CURVE" ] && "$EASYRSA_OPENSSL" genpkey -algorithm ED448 > /dev/null; then
+ return 0
+ fi
+ die "Curve $EASYRSA_CURVE not found."
+}
+verify_ssl_lib () {
# Verify EASYRSA_OPENSSL command gives expected output
if [ -z "$EASYRSA_SSL_OK" ]; then
val="$("$EASYRSA_OPENSSL" version)"
case "${val%% *}" in
OpenSSL|LibreSSL)
- notice "\
+ print "\
Using SSL: $EASYRSA_OPENSSL $("$EASYRSA_OPENSSL" version)" ;;
*) die "\
Missing or invalid OpenSSL
# First check the PKI has been initialized
verify_pki_init
- # verify expected files present:
- for i in serial index.txt ca.crt private/ca.key; do
- if [ ! -f "$EASYRSA_PKI/$i" ]; then
+ # Verify expected files are present. Allow files to be regular files
+ # (or symlinks), but also pipes, for flexibility with ca.key
+ for i in serial index.txt index.txt.attr ca.crt private/ca.key; do
+ if [ ! -f "$EASYRSA_PKI/$i" ] && [ ! -p "$EASYRSA_PKI/$i" ]; then
[ "$1" = "test" ] && return 1
die "\
Missing expected CA file: $i (perhaps you need to run build-ca?)
[ "$1" = "test" ] && return 0
# verify expected CA-specific dirs:
- for i in issued certs_by_serial \
- revoked/certs_by_serial revoked/private_by_serial revoked/reqs_by_serial \
- renewed/certs_by_serial renewed/private_by_serial renewed/reqs_by_serial ;
+ for i in issued certs_by_serial
do
[ -d "$EASYRSA_PKI/$i" ] || die "\
Missing expected CA dir: $i (perhaps you need to run build-ca?)
mkdir -p "$EASYRSA_PKI/$i" || die "Failed to create PKI file structure (permissions?)"
done
+ # Create $EASYRSA_SAFE_CONF ($OPENSSL_CONF) prevents bogus warnings (especially useful on win32)
if [ ! -f "$EASYRSA_SSL_CONF" ] && [ -f "$EASYRSA/openssl-easyrsa.cnf" ];
then
cp "$EASYRSA/openssl-easyrsa.cnf" "$EASYRSA_SSL_CONF"
+ easyrsa_openssl makesafeconf
fi
notice "\
hide_read_pass()
{
- (stty -echo 2>/dev/null) || set +o echo
- read -r "$@"
- (stty echo 2>/dev/null) || set -o echo
+ # shellcheck disable=SC2039
+ if stty -echo 2>/dev/null; then
+ read -r "$@"
+ stty echo
+ elif (set +o echo 2>/dev/null); then
+ set +o echo
+ read -r "$@"
+ set -o echo
+ elif (echo | read -r -s 2>/dev/null) ; then
+ read -r -s "$@"
+ else
+ warn "Could not disable echo. Password will be shown on screen!"
+ read -r "$@"
+ fi
} # => hide_read_pass()
# build-ca backend:
sub_ca=""
nopass=""
crypto="-aes256"
- crypto_opts=""
while [ -n "$1" ]; do
case "$1" in
+ intca) sub_ca=1 ;;
subca) sub_ca=1 ;;
nopass) nopass=1 ;;
*) warn "Ignoring unknown command option: '$1'" ;;
done
verify_pki_init
- [ "$EASYRSA_ALGO" = "ec" ] && verify_curve
+ [ "$EASYRSA_ALGO" = "ec" ] && verify_curve_ec
+ [ "$EASYRSA_ALGO" = "ed" ] && verify_curve_ed
- # setup for the simpler sub-CA situation and overwrite with root-CA if needed:
+ # setup for the simpler intermediate CA situation and overwrite with root-CA if needed:
out_file="$EASYRSA_PKI/reqs/ca.req"
out_key="$EASYRSA_PKI/private/ca.key"
if [ ! $sub_ca ]; then
Unable to create a CA as you already seem to have one set up.
If you intended to start a new CA, run init-pki first."
fi
- # If a private key exists here, a sub-ca was created but not signed.
+ # If a private key exists here, a intermediate ca was created but not signed.
# Notify the user and require a signed ca.crt or a init-pki:
[ -f "$out_key" ] && \
die "\
mkdir -p "$EASYRSA_PKI/$i" || die "$err_file"
done
printf "" > "$EASYRSA_PKI/index.txt" || die "$err_file"
+ printf "" > "$EASYRSA_PKI/index.txt.attr" || die "$err_file"
print "01" > "$EASYRSA_PKI/serial" || die "$err_file"
# Default CN only when not in global EASYRSA_BATCH mode:
# shellcheck disable=SC2015
[ "$EASYRSA_BATCH" ] && opts="$opts -batch" || export EASYRSA_REQ_CN="Easy-RSA CA"
- out_key_tmp="$(mktemp "$out_key.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$out_key_tmp"
- out_file_tmp="$(mktemp "$out_file.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_3="$out_file_tmp"
+ out_key_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
+ out_file_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
# Get password from user if necessary
- if [ ! $nopass ]; then
- out_key_pass_tmp="$(mktemp)"; EASYRSA_TEMP_FILE_4="$out_key_pass_tmp"
+ if [ ! $nopass ] && ( [ -z "$EASYRSA_PASSOUT" ] || [ -z "$EASYRSA_PASSIN" ] ); then
+ out_key_pass_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
echo
printf "Enter New CA Key Passphrase: "
hide_read_pass kpass
fi
# create the CA key using AES256
- [ ! $nopass ] && crypto_opts="$crypto -passout file:$out_key_pass_tmp"
+ crypto_opts=""
+ if [ ! $nopass ]; then
+ crypto_opts="$crypto"
+ if [ -z "$EASYRSA_PASSOUT" ]; then
+ if [ "ed" = "$EASYRSA_ALGO" ]; then
+ crypto_opts="$crypto_opts -pass file:$out_key_pass_tmp"
+ else
+ crypto_opts="$crypto_opts -passout file:$out_key_pass_tmp"
+ fi
+ fi
+ fi
if [ "$EASYRSA_ALGO" = "rsa" ]; then
#shellcheck disable=SC2086
- "$EASYRSA_OPENSSL" genrsa -out "$out_key_tmp" $crypto_opts "$EASYRSA_ALGO_PARAMS"
+ "$EASYRSA_OPENSSL" genrsa -out "$out_key_tmp" $crypto_opts ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} "$EASYRSA_ALGO_PARAMS" || \
+ die "Failed create CA private key"
elif [ "$EASYRSA_ALGO" = "ec" ]; then
#shellcheck disable=SC2086
"$EASYRSA_OPENSSL" ecparam -in "$EASYRSA_ALGO_PARAMS" -genkey | \
- "$EASYRSA_OPENSSL" ec -out "$out_key_tmp" $crypto_opts
+ "$EASYRSA_OPENSSL" ec -out "$out_key_tmp" $crypto_opts ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || \
+ die "Failed create CA private key"
+ elif [ "ed" = "$EASYRSA_ALGO" ]; then
+ if [ "ed25519" = "$EASYRSA_CURVE" ]; then
+ "$EASYRSA_OPENSSL" genpkey -algorithm ED25519 -out $out_key_tmp $crypto_opts ${EASYRSA_PASSOUT:+-pass "$EASYRSA_PASSOUT"} || \
+ die "Failed create CA private key"
+ elif [ "ed448" = "$EASYRSA_CURVE" ]; then
+ "$EASYRSA_OPENSSL" genpkey -algorithm ED448 -out $out_key_tmp $crypto_opts ${EASYRSA_PASSOUT:+-pass "$EASYRSA_PASSOUT"} || \
+ die "Failed create CA private key"
+ fi
fi
- # make safessl-easyrsa.cnf
- make_ssl_config
-
# create the CA keypair:
- [ ! $nopass ] && crypto_opts="-passin file:$out_key_pass_tmp"
+ crypto_opts=""
+ [ ! $nopass ] && [ -z "$EASYRSA_PASSIN" ] && crypto_opts="-passin file:$out_key_pass_tmp"
+
#shellcheck disable=SC2086
- "$EASYRSA_OPENSSL" req -utf8 -new -key "$out_key_tmp" \
- -config "$EASYRSA_SAFE_CONF" -keyout "$out_key_tmp" -out "$out_file_tmp" $crypto_opts $opts || \
+ easyrsa_openssl req -utf8 -new -key "$out_key_tmp" \
+ -keyout "$out_key_tmp" -out "$out_file_tmp" $crypto_opts $opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || \
die "Failed to build the CA"
- mv "$out_key_tmp" "$out_key"; EASYRSA_TEMP_FILE_2=
- mv "$out_file_tmp" "$out_file"; EASYRSA_TEMP_FILE_3=
- [ -f "$out_key_pass_tmp" ] && rm "$out_key_pass_tmp" && EASYRSA_TEMP_FILE_4=
+ mv "$out_key_tmp" "$out_key"
+ mv "$out_file_tmp" "$out_file"
+ [ -f "$out_key_pass_tmp" ] && rm "$out_key_pass_tmp"
# Success messages
if [ $sub_ca ]; then
notice "\
-NOTE: Your sub-CA request is at $out_file
+NOTE: Your intermediate CA request is at $out_file
and now must be sent to your parent CA for signing. Place your resulting cert
at $EASYRSA_PKI/ca.crt prior to signing operations.
"
verify_pki_init
out_file="$EASYRSA_PKI/dh.pem"
+
+ # check to see if we already have a dh parameters file
+ if [ -e "$EASYRSA_PKI/dh.pem" ]; then
+ if [ "$EASYRSA_BATCH" = "1" ]; then
+ # if batch is enabled, die
+ die "file $EASYRSA_PKI/dh.pem already exists!"
+ else
+ # warn the user, give them a chance to force overwrite
+ confirm "Overwrite? " "yes" "*** File $EASYRSA_PKI/dh.pem already exists! ***"
+ fi
+ fi
+
"$EASYRSA_OPENSSL" dhparam -out "$out_file" "$EASYRSA_KEY_SIZE" || \
die "Failed to build DH params"
notice "\
done
verify_pki_init
- [ "$EASYRSA_ALGO" = "ec" ] && verify_curve
+ [ "$EASYRSA_ALGO" = "ec" ] && verify_curve_ec
+ [ "$EASYRSA_ALGO" = "ed" ] && verify_curve_ed
# don't wipe out an existing private key without confirmation
[ -f "$key_out" ] && confirm "Confirm key overwrite: " "yes" "\
{ while ( getline<"/dev/stdin" ) {print} next }
{print}
}'
+ conf_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
print "$extra_exts" | \
awk "$awkscript" "$EASYRSA_SSL_CONF" \
- > "$EASYRSA_TEMP_CONF" \
+ > "$conf_tmp" \
|| die "Copying SSL config to temp file failed"
# Use this new SSL config for the rest of this function
- EASYRSA_SSL_CONF="$EASYRSA_TEMP_CONF"
+ EASYRSA_SSL_CONF="$conf_tmp"
fi
- # make safessl-easyrsa.cnf
- make_ssl_config
-
- key_out_tmp="$(mktemp "$key_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$key_out_tmp"
- req_out_tmp="$(mktemp "$req_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_3="$req_out_tmp"
+ key_out_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
+ req_out_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
# generate request
[ $EASYRSA_BATCH ] && opts="$opts -batch"
# shellcheck disable=2086,2148
- "$EASYRSA_OPENSSL" req -utf8 -new -newkey "$EASYRSA_ALGO":"$EASYRSA_ALGO_PARAMS" \
- -config "$EASYRSA_SAFE_CONF" -keyout "$key_out_tmp" -out "$req_out_tmp" $opts \
+ algo_opts=""
+ if [ "ed" = "$EASYRSA_ALGO" ]; then
+ algo_opts=" -newkey $EASYRSA_CURVE "
+ else
+ algo_opts=" -newkey $EASYRSA_ALGO:$EASYRSA_ALGO_PARAMS "
+ fi
+ easyrsa_openssl req -utf8 -new $algo_opts \
+ -keyout "$key_out_tmp" -out "$req_out_tmp" $opts ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} \
|| die "Failed to generate request"
- mv "$key_out_tmp" "$key_out"; EASYRSA_TEMP_FILE_2=
- mv "$req_out_tmp" "$req_out"; EASYRSA_TEMP_FILE_3=
+ mv "$key_out_tmp" "$key_out"
+ mv "$req_out_tmp" "$req_out"
notice "\
Keypair and certificate request completed. Your files are:
req: $req_out
crt_out="$EASYRSA_PKI/issued/$2.crt"
# Randomize Serial number
- i=""
- serial=""
- check_serial=""
- for i in 1 2 3 4 5; do
- "$EASYRSA_OPENSSL" rand -hex -out "$EASYRSA_PKI/serial" 16
- serial="$(cat "$EASYRSA_PKI/serial")"
- check_serial="$("$EASYRSA_OPENSSL" ca -config "$EASYRSA_SSL_CONF" -status "$serial" 2>&1)"
- case "$check_serial" in
- *"not present in db"*) break ;;
- *) continue ;;
- esac
- done
+ if [ "$EASYRSA_RAND_SN" != "no" ];
+ then
+ i=""
+ serial=""
+ check_serial=""
+ for i in 1 2 3 4 5; do
+ "$EASYRSA_OPENSSL" rand -hex -out "$EASYRSA_PKI/serial" 16
+ serial="$(cat "$EASYRSA_PKI/serial")"
+ check_serial="$("$EASYRSA_OPENSSL" ca -config "$EASYRSA_SSL_CONF" -status "$serial" 2>&1)"
+ case "$check_serial" in
+ *"not present in db"*) break ;;
+ *) continue ;;
+ esac
+ done
+ fi
# Support batch by internal caller:
[ "$3" = "batch" ] && EASYRSA_BATCH=1
# Confirm input is a cert req
verify_file req "$req_in" || die "\
The certificate request file is not in a valid X509 request format.
-Offending file: $req_in"
+File Path: $req_in"
# Display the request subject in an easy-to-read format
# Confirm the user wishes to sign this request
" # => confirm end
# Generate the extensions file for this cert:
+ ext_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
{
# Append first any COMMON file (if present) then the cert-type extensions
cat "$EASYRSA_EXT_DIR/COMMON"
# If type is server and no subjectAltName was requested,
# add one to the extensions file
- if [ "$crt_type" = 'server' ];
+ if [ "$crt_type" = 'server' ] || [ "$crt_type" = 'serverClient' ];
then
- echo "$EASYRSA_EXTRA_EXTS" |
- grep -q subjectAltName ||
- default_server_san "$req_in"
+ echo "$EASYRSA_EXTRA_EXTS" | grep -q subjectAltName
+ if [ $? -ne 0 ];
+ then
+ san=$(display_san req "$req_in")
+
+ if [ -n "$san" ];
+ then
+ print "subjectAltName = $san"
+ else
+ default_server_san "$req_in"
+ fi
+ fi
fi
# Add any advanced extensions supplied by env-var:
[ -n "$EASYRSA_EXTRA_EXTS" ] && print "$EASYRSA_EXTRA_EXTS"
: # needed to keep die from inherting the above test
- } > "$EASYRSA_TEMP_EXT" || die "\
+ } > "$ext_tmp" || die "\
Failed to create temp extension file (bad permissions?) at:
-$EASYRSA_TEMP_EXT"
-
- # make safessl-easyrsa.cnf
- make_ssl_config
+$ext_tmp"
# sign request
- # shellcheck disable=SC2086
- crt_out_tmp="$(mktemp "$crt_out.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$crt_out_tmp"
- "$EASYRSA_OPENSSL" ca -utf8 -in "$req_in" -out "$crt_out_tmp" -config "$EASYRSA_SAFE_CONF" \
- -extfile "$EASYRSA_TEMP_EXT" -days "$EASYRSA_CERT_EXPIRE" -batch $opts \
+ crt_out_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
+ easyrsa_openssl ca -utf8 -in "$req_in" -out "$crt_out_tmp" \
+ -extfile "$ext_tmp" -days "$EASYRSA_CERT_EXPIRE" -batch $opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} \
|| die "signing failed (openssl output above may have more detail)"
- mv "$crt_out_tmp" "$crt_out"; EASYRSA_TEMP_FILE_2=
+ mv "$crt_out_tmp" "$crt_out"
+ rm -f "$ext_tmp"
notice "\
Certificate created at: $crt_out
"
while [ -n "$1" ]; do
case "$1" in
nopass) req_opts="$req_opts nopass" ;;
+ inline) EASYRSA_INLINE=1 ;;
*) warn "Ignoring unknown command option: '$1'" ;;
esac
shift
gen_req "$name" batch $req_opts
# Sign it
- sign_req "$crt_type" "$name" batch
+ ( sign_req "$crt_type" "$name" batch ) || {
+ rm -f "$req_out" "$key_out"
+ die "Failed to sign '$name'"
+ }
+ # inline it
+ if [ $EASYRSA_INLINE ]; then
+ inline_creds
+ fi
} # => build_full()
+# Create inline credentials file for this node
+inline_creds ()
+{
+ [ -f "$EASYRSA_PKI/$EASYRSA_REQ_CN.creds" ] \
+ && die "Inline file exists: $EASYRSA_PKI/$EASYRSA_REQ_CN.creds"
+ {
+ printf "%s\n" "# $crt_type: $EASYRSA_REQ_CN"
+ printf "%s\n" ""
+ printf "%s\n" "<ca>"
+ cat "$EASYRSA_PKI/ca.crt"
+ printf "%s\n" "</ca>"
+ printf "%s\n" ""
+ printf "%s\n" "<cert>"
+ cat "$crt_out"
+ printf "%s\n" "</cert>"
+ printf "%s\n" ""
+ printf "%s\n" "<key>"
+ cat "$key_out"
+ printf "%s\n" "</key>"
+ printf "%s\n" ""
+ } > "$EASYRSA_PKI/$EASYRSA_REQ_CN.creds"
+} # => inline_creds ()
+
# revoke backend
revoke() {
verify_ca_init
Unable to revoke as no certificate was found. Certificate was expected
at: $crt_in"
- # make safessl-easyrsa.cnf
- make_ssl_config
-
# shellcheck disable=SC2086
- "$EASYRSA_OPENSSL" ca -utf8 -revoke "$crt_in" -config "$EASYRSA_SAFE_CONF" $opts || die "\
+ easyrsa_openssl ca -utf8 -revoke "$crt_in" ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} $opts || die "\
Failed to revoke certificate: revocation command failed."
# move revoked files so we can reissue certificates with the same name
Unable to move revoked input file. The file is not a valid certificate. Unexpected
input in file: $crt_in"
- verify_file req "$req_in" || die "\
+ if [ -e "$req_in" ]
+ then
+ verify_file req "$req_in" || die "\
Unable to move request. The file is not a valid request. Unexpected
input in file: $req_in"
+ fi
# get the serial number of the certificate -> serial=XXXX
- cert_serial="$("$EASYRSA_OPENSSL" x509 -in "$crt_in" -noout -serial)"
+ cert_serial="$(easyrsa_openssl x509 -in "$crt_in" -noout -serial)"
# remove the serial= part -> we only need the XXXX part
cert_serial=${cert_serial##*=}
key_by_serial_revoked="$EASYRSA_PKI/revoked/private_by_serial/$cert_serial.key"
req_by_serial_revoked="$EASYRSA_PKI/revoked/reqs_by_serial/$cert_serial.req"
+ # make sure revoked dirs exist
+ [ -d "$EASYRSA_PKI/revoked" ] || mkdir "$EASYRSA_PKI/revoked"
+ [ -d "$EASYRSA_PKI/revoked/certs_by_serial" ] || mkdir "$EASYRSA_PKI/revoked/certs_by_serial"
+ [ -d "$EASYRSA_PKI/revoked/private_by_serial" ] || mkdir "$EASYRSA_PKI/revoked/private_by_serial"
+ [ -d "$EASYRSA_PKI/revoked/reqs_by_serial" ] || mkdir "$EASYRSA_PKI/revoked/reqs_by_serial"
# move crt, key and req file to revoked folders
mv "$crt_in" "$crt_by_serial_revoked"
- mv "$req_in" "$req_by_serial_revoked"
+
+ # only move the req if we have it
+ [ -e "$req_in" ] && mv "$req_in" "$req_by_serial_revoked"
# only move the key if we have it
- if [ -e "$key_in" ]
- then
- mv "$key_in" "$key_by_serial_revoked"
- fi
+ [ -e "$key_in" ] && mv "$key_in" "$key_by_serial_revoked"
# move the rest of the files (p12, p7, ...)
# shellcheck disable=SC2231
Unable to renew as no certificate was found. Certificate was expected
at: $crt_in"
- # make safessl-easyrsa.cnf
- make_ssl_config
-
# Check if old cert is expired or expires within 30 days
expire_date=$(
- "$EASYRSA_OPENSSL" x509 -in "$crt_in" -noout -enddate |
+ easyrsa_openssl x509 -in "$crt_in" -noout -enddate |
sed 's/^notAfter=//'
)
- case $(uname) in
+ case $(uname 2>/dev/null) in
"Darwin"|*"BSD")
expire_date=$(date -j -f '%b %d %T %Y %Z' "$expire_date" +%s)
allow_renew_date=$(date -j -v"+${EASYRSA_CERT_RENEW}d" +%s)
# Extract certificate usage from old cert
cert_ext_key_usage=$(
- "$EASYRSA_OPENSSL" x509 -in "$crt_in" -noout -text |
+ easyrsa_openssl x509 -in "$crt_in" -noout -text |
sed -n "/X509v3 Extended Key Usage:/{n;s/^ *//g;p;}"
)
case $cert_ext_key_usage in
echo "$EASYRSA_EXTRA_EXTS" | grep -q subjectAltName || \
{
san=$(
- "$EASYRSA_OPENSSL" x509 -in "$crt_in" -noout -text |
- sed -n "/X509v3 Subject Alternative Name:/{n;s/ //g;p;}"
+ easyrsa_openssl x509 -in "$crt_in" -noout -text |
+ sed -n "/X509v3 Subject Alternative Name:/{n;s/IP Address:/IP:/;s/ //g;p;}"
)
[ -n "$san" ] && export EASYRSA_EXTRA_EXTS="\
$EASYRSA_EXTRA_EXTS
Unable to move renewed input file. The file is not a valid certificate. Unexpected
input in file: $crt_in"
- verify_file req "$req_in" || die "\
+ if [ -e "$req_in" ]
+ then
+ verify_file req "$req_in" || die "\
Unable to move request. The file is not a valid request. Unexpected
input in file: $req_in"
+ fi
# get the serial number of the certificate -> serial=XXXX
- cert_serial="$("$EASYRSA_OPENSSL" x509 -in "$crt_in" -noout -serial)"
+ cert_serial="$(easyrsa_openssl x509 -in "$crt_in" -noout -serial)"
# remove the serial= part -> we only need the XXXX part
cert_serial=${cert_serial##*=}
key_by_serial_renewed="$EASYRSA_PKI/renewed/private_by_serial/$cert_serial.key"
req_by_serial_renewed="$EASYRSA_PKI/renewed/reqs_by_serial/$cert_serial.req"
+ # make sure renewed dirs exist
+ [ -d "$EASYRSA_PKI/renewed" ] || mkdir "$EASYRSA_PKI/renewed"
+ [ -d "$EASYRSA_PKI/renewed/certs_by_serial" ] || mkdir "$EASYRSA_PKI/renewed/certs_by_serial"
+ [ -d "$EASYRSA_PKI/renewed/private_by_serial" ] || mkdir "$EASYRSA_PKI/renewed/private_by_serial"
+ [ -d "$EASYRSA_PKI/renewed/reqs_by_serial" ] || mkdir "$EASYRSA_PKI/renewed/reqs_by_serial"
# move crt, key and req file to renewed folders
mv "$crt_in" "$crt_by_serial_renewed"
- mv "$req_in" "$req_by_serial_renewed"
+
+ # only move the req if we have it
+ [ -e "$req_in" ] && mv "$req_in" "$req_by_serial_renewed"
# only move the key if we have it
- if [ -e "$key_in" ]
- then
- mv "$key_in" "$key_by_serial_renewed"
- fi
+ [ -e "$key_in" ] && mv "$key_in" "$key_by_serial_renewed"
# move the rest of the files (p12, p7, ...)
# shellcheck disable=SC2231
gen_crl() {
verify_ca_init
- # make safessl-easyrsa.cnf
- make_ssl_config
-
out_file="$EASYRSA_PKI/crl.pem"
- out_file_tmp="$(mktemp "$out_file.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$out_file_tmp"
- "$EASYRSA_OPENSSL" ca -utf8 -gencrl -out "$out_file_tmp" -config "$EASYRSA_SAFE_CONF" || die "\
+ out_file_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
+ easyrsa_openssl ca -utf8 -gencrl -out "$out_file_tmp" ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\
CRL Generation failed.
"
- mv "$out_file_tmp" "$out_file"; EASYRSA_TEMP_FILE_2=
+ mv "$out_file_tmp" "$out_file"
notice "\
An updated CRL has been created.
verify_file req "$in_req" || die "\
The input file does not appear to be a certificate request. Aborting import.
-Offending file: $in_req"
+File Path: $in_req"
# destination must not exist
[ -f "$out_req" ] && die "\
# opts support
want_ca=1
want_key=1
+ want_pass=1
while [ -n "$1" ]; do
case "$1" in
noca) want_ca="" ;;
nokey) want_key="" ;;
+ nopass) want_pass="" ;;
*) warn "Ignoring unknown command option: '$1'" ;;
esac
shift
# export the p12:
# shellcheck disable=SC2086
- "$EASYRSA_OPENSSL" pkcs12 -in "$crt_in" -inkey "$key_in" -export \
- -out "$pkcs_out" $pkcs_opts || die "\
+ easyrsa_openssl pkcs12 -in "$crt_in" -inkey "$key_in" -export \
+ -out "$pkcs_out" $pkcs_opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
Export of p12 failed: see above for related openssl errors."
;;
p7)
# export the p7:
# shellcheck disable=SC2086
- "$EASYRSA_OPENSSL" crl2pkcs7 -nocrl -certfile "$crt_in" \
- -out "$pkcs_out" $pkcs_opts || die "\
+ easyrsa_openssl crl2pkcs7 -nocrl -certfile "$crt_in" \
+ -out "$pkcs_out" $pkcs_opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
Export of p7 failed: see above for related openssl errors."
;;
+ p8)
+ if [ -z $want_pass ]; then
+ pkcs_opts="-nocrypt"
+ else
+ pkcs_opts=""
+ fi
+ pkcs_out="$EASYRSA_PKI/private/$short_name.p8"
+
+ # export the p8:
+ # shellcheck disable=SC2086
+ easyrsa_openssl pkcs8 -in "$key_in" -topk8 \
+ -out "$pkcs_out" $pkcs_opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
+Export of p8 failed: see above for related openssl errors."
+ ;;
esac
notice "\
If the key is currently encrypted you must supply the decryption passphrase.
${crypto:+You will then enter a new PEM passphrase for this key.$NL}"
- EASYRSA_TEMP_FILE_2="$file.temp"
-
- "$EASYRSA_OPENSSL" "$key_type" -in "$file" -out "$EASYRSA_TEMP_FILE_2" $crypto || die "\
+ out_key_tmp="$(easyrsa_mktemp)" || die "Failed to create temporary file"
+ easyrsa_openssl "$key_type" -in "$file" -out "$out_key_tmp" $crypto ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
Failed to change the private key passphrase. See above for possible openssl
error messages."
- mv "$EASYRSA_TEMP_FILE_2" "$file" || die "\
+ mv "$out_key_tmp" "$file" || die "\
Failed to change the private key passphrase. See above for error messages."
notice "Key passphrase successfully changed"
-
+
+ return 0
} # => set_pass()
# update-db backend
update_db() {
verify_ca_init
- "$EASYRSA_OPENSSL" ca -utf8 -updatedb -config "$EASYRSA_SSL_CONF" || die "\
+ easyrsa_openssl ca -utf8 -updatedb ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\
Failed to perform update-db: see above for related openssl errors."
return 0
} # => update_db()
+display_san() {
+ format="$1" path="$2"
+
+ echo "$EASYRSA_EXTRA_EXTS" | grep -q subjectAltName
+
+ if [ $? -eq 0 ]; then
+ print "$(echo "$EASYRSA_EXTRA_EXTS" | grep subjectAltName | sed 's/^\s*subjectAltName\s*=\s*//')"
+ else
+ san=$(
+ "$EASYRSA_OPENSSL" "$format" -in "$path" -noout -text |
+ sed -n "/X509v3 Subject Alternative Name:/{n;s/ //g;s/IPAddress:/IP:/g;s/RegisteredID/RID/;p;}"
+ )
+
+ [ -n "$san" ] && print "$san"
+ fi
+}
+
# display cert DN info on a req/X509, passed by full pathname
display_dn() {
format="$1" path="$2"
print "$("$EASYRSA_OPENSSL" "$format" -in "$path" -noout -subject -nameopt multiline)"
+ san=$(display_san "$1" "$2")
+ if [ -n "$san" ]; then
+ print ""
+ print "X509v3 Subject Alternative Name:"
+ print " $san"
+ fi
+
} # => display_dn()
# generate default SAN from req/X509, passed by full pathname
default_server_san() {
path="$1"
cn=$(
- "$EASYRSA_OPENSSL" req -in "$path" -noout -subject -nameopt sep_multiline |
+ easyrsa_openssl req -in "$path" -noout -subject -nameopt sep_multiline |
awk -F'=' '/^ *CN=/{print $2}'
)
echo "$cn" | grep -E -q '^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$'
verify_file() {
format="$1"
path="$2"
- "$EASYRSA_OPENSSL" "$format" -in "$path" -noout 2>/dev/null || return 1
+ easyrsa_openssl "$format" -in "$path" -noout 2>/dev/null || return 1
return 0
} # => verify_file()
This file is stored at:
$in_file
"
- "$EASYRSA_OPENSSL" $format -in "$in_file" -noout -text\
+ easyrsa_openssl $format -in "$in_file" -noout -text\
-nameopt multiline $opts || die "\
OpenSSL failure to process the input"
} # => show()
This file is stored at:
$in_file
"
- "$EASYRSA_OPENSSL" $format -in "$in_file" -noout -text\
+ easyrsa_openssl $format -in "$in_file" -noout -text\
-nameopt multiline $opts || die "\
OpenSSL failure to process the input"
} # => show_ca()
vars=
# set up program path
- prog_vars="${0%/*}/vars"
+ prog_file="$0"
+ prog_file2="$(which -- "$prog_file" 2>/dev/null)" && prog_file="$prog_file2"
+ prog_file2="$(readlink -f "$prog_file" 2>/dev/null)" && prog_file="$prog_file2"
+ prog_dir="${prog_file%/*}"
+ prog_vars="${prog_dir}/vars"
# set up PKI path
pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
# command-line path:
- if [ -f "$EASYRSA_VARS_FILE" ]; then
+ if [ ! -z "$EASYRSA_VARS_FILE" ]; then
+ if [ ! -f "$EASYRSA_VARS_FILE" ]; then
+ # If the --vars option does not point to a file, show helpful error.
+ die "The file '$EASYRSA_VARS_FILE' was not found."
+ fi
vars="$EASYRSA_VARS_FILE"
# PKI location, if present:
elif [ -f "$pki_vars" ]; then
# If a vars file was located, source it
# If $EASYRSA_NO_VARS is defined (not blank) this is skipped
if [ -z "$EASYRSA_NO_VARS" ] && [ -n "$vars" ]; then
+ if grep -Eq 'EASYRSA_PASSIN|EASYRSA_PASSOUT' "$vars"; then
+ die "\
+Variable EASYRSA_PASSIN or EASYRSA_PASSOUT has been found in the configuration \
+file. Storing sensitive information in the configuration file is not \
+recommended - please remove it from there before continuing."
+ fi
#shellcheck disable=SC2034
EASYRSA_CALLER=1
# shellcheck disable=SC1090
fi
# Set defaults, preferring existing env-vars if present
- set_var EASYRSA "${0%/*}"
+ set_var EASYRSA "$prog_dir"
set_var EASYRSA_OPENSSL openssl
set_var EASYRSA_PKI "$PWD/pki"
set_var EASYRSA_DN cn_only
set_var EASYRSA_CURVE secp384r1
set_var EASYRSA_EC_DIR "$EASYRSA_PKI/ecparams"
set_var EASYRSA_CA_EXPIRE 3650
- set_var EASYRSA_CERT_EXPIRE 1080 # new default of 36 months
+ set_var EASYRSA_CERT_EXPIRE 825 # new default of 36 months
set_var EASYRSA_CERT_RENEW 30
set_var EASYRSA_CRL_DAYS 180
set_var EASYRSA_NS_SUPPORT no
- set_var EASYRSA_NS_COMMENT "Easy-RSA (v3.0.6) Generated Certificate"
- set_var EASYRSA_TEMP_CONF "$EASYRSA_PKI/openssl-easyrsa.temp"
- set_var EASYRSA_TEMP_EXT "$EASYRSA_PKI/extensions.temp"
- set_var EASYRSA_TEMP_FILE_2 ""
- set_var EASYRSA_TEMP_FILE_3 ""
+ set_var EASYRSA_NS_COMMENT "Easy-RSA (3.0.8) Generated Certificate"
+ set_var EASYRSA_TEMP_DIR "$EASYRSA_PKI"
set_var EASYRSA_REQ_CN ChangeMe
set_var EASYRSA_DIGEST sha256
-
set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-easyrsa.cnf"
set_var EASYRSA_SAFE_CONF "$EASYRSA_PKI/safessl-easyrsa.cnf"
+ set_var EASYRSA_KDC_REALM "CHANGEME.EXAMPLE.COM"
# Same as above for the x509-types extensions dir
if [ -d "$EASYRSA_PKI/x509-types" ]; then
EASYRSA_ALGO_PARAMS="$EASYRSA_EC_DIR/${EASYRSA_CURVE}.pem"
elif [ "rsa" = "$EASYRSA_ALGO" ]; then
EASYRSA_ALGO_PARAMS="${EASYRSA_KEY_SIZE}"
- else
- die "Alg '$EASYRSA_ALGO' is invalid: must be 'rsa' or 'ec'"
+ elif [ "ed" != "$EASYRSA_ALGO" ]; then
+ die "Alg '$EASYRSA_ALGO' is invalid: must be 'rsa', 'ec' or 'ed' "
+ fi
+
+ # Assign value to $EASYRSA_TEMP_DIR_session and work around Windows mktemp bug when parent dir is missing
+ if [ -z "$EASYRSA_TEMP_DIR_session" ]; then
+ if [ -d "$EASYRSA_TEMP_DIR" ]; then
+ EASYRSA_TEMP_DIR_session="$(mktemp -du "$EASYRSA_TEMP_DIR/easy-rsa-$$.XXXXXX")"
+ else
+ # If the directory does not exist then we have not run init-pki
+ mkdir -p "$EASYRSA_TEMP_DIR" || die "Cannot create $EASYRSA_TEMP_DIR (permission?)"
+ EASYRSA_TEMP_DIR_session="$(mktemp -du "$EASYRSA_TEMP_DIR/easy-rsa-$$.XXXXXX")"
+ rm -rf "$EASYRSA_TEMP_DIR"
+ fi
fi
# Setting OPENSSL_CONF prevents bogus warnings (especially useful on win32)
export OPENSSL_CONF="$EASYRSA_SAFE_CONF"
+
+ # Upgrade to 306: Create $EASYRSA_SSL_CONF if it does not exist but only if $EASYRSA_PKI exists.
+ if [ ! -f "$EASYRSA_SSL_CONF" ] && [ -f "$EASYRSA/openssl-easyrsa.cnf" ] && [ -d "$EASYRSA_PKI" ];
+ then
+ cp "$EASYRSA/openssl-easyrsa.cnf" "$EASYRSA_SSL_CONF"
+ easyrsa_openssl makesafeconf
+ fi
+
} # vars_setup()
# variable assignment by indirection when undefined; merely exports
eval "export $var=\"\${$var-$value}\""
} #=> set_var()
+
+############################################################################
+# Upgrade v2 PKI to v3 PKI
+
+# You can report problems on the normal openvpn support channels:
+# --------------------------------------------------------------------------
+# 1. The Openvpn Forum: https://forums.openvpn.net/viewforum.php?f=31
+# 2. The #easyrsa IRC channel at freenode
+# 3. Info: https://community.openvpn.net/openvpn/wiki/easyrsa-upgrade
+# --------------------------------------------------------------------------
+#
+
+up23_fail_upgrade ()
+{
+ # Replace die()
+ unset EASYRSA_BATCH
+ notice "
+============================================================================
+The update has failed but NOTHING has been lost.
+
+ERROR: $1
+----------------------------------------------------------------------------
+
+Further info:
+* https://community.openvpn.net/openvpn/wiki/easyrsa-upgrade#ersa-up23-fails
+
+Easyrsa3 upgrade FAILED
+============================================================================
+"
+ exit 9
+} #=> up23_fail_upgrade ()
+
+up23_verbose ()
+{
+ [ "$VERBOSE" ] || return 0
+ printf "%s\n" "$1"
+} #=> up23_verbose ()
+
+up23_verify_new_pki ()
+{
+ # Fail now, before any changes are made
+
+ up23_verbose "> Verify DEFAULT NEW PKI does not exist .."
+ EASYRSA_NEW_PKI="$EASYRSA/pki"
+ [ -d "$EASYRSA_NEW_PKI" ] \
+ && up23_fail_upgrade "DEFAULT NEW PKI exists: $EASYRSA_NEW_PKI"
+
+ up23_verbose "> Verify VERY-SAFE-PKI does not exist .."
+ EASYRSA_SAFE_PKI="$EASYRSA/VERY-SAFE-PKI"
+ [ -d "$EASYRSA_SAFE_PKI" ] \
+ && up23_fail_upgrade "VERY-SAFE-PKI exists: $EASYRSA_SAFE_PKI"
+
+ up23_verbose "> Verify openssl-easyrsa.cnf does exist .."
+ EASYRSA_SSL_CNFFILE="$EASYRSA/openssl-easyrsa.cnf"
+ [ -f "$EASYRSA_SSL_CNFFILE" ] \
+ || up23_fail_upgrade "cannot find $EASYRSA_SSL_CNFFILE"
+
+ up23_verbose "> Verify vars.example does exist .."
+ EASYRSA_VARSV3_EXMP="$EASYRSA/vars.example"
+ [ -f "$EASYRSA_VARSV3_EXMP" ] \
+ || up23_fail_upgrade "cannot find $EASYRSA_VARSV3_EXMP"
+
+ up23_verbose "> OK"
+ up23_verbose " Initial dirs & files are in a workable state."
+} #=> up23_verify_new_pki ()
+
+up23_verify_current_pki ()
+{
+ up23_verbose "> Verify CURRENT PKI vars .."
+
+ # This can probably be improved
+ EASYRSA_NO_REM="$(grep '^set ' "$EASYRSA_VER2_VARSFILE")"
+
+ # This list may not be complete
+ # Not required: DH_KEY_SIZE PKCS11_MODULE_PATH PKCS11_PIN
+ for i in KEY_DIR KEY_SIZE KEY_COUNTRY KEY_PROVINCE \
+ KEY_CITY KEY_ORG KEY_EMAIL KEY_CN KEY_NAME KEY_OU
+ do
+ # Effectively, source the v2 vars file
+ UNIQUE="set $i"
+ KEY_grep="$(printf "%s\n" "$EASYRSA_NO_REM" | grep "$UNIQUE")"
+ KEY_value="${KEY_grep##*=}"
+ set_var $i "$KEY_value"
+ done
+
+ [ -d "$KEY_DIR" ] || up23_fail_upgrade "Cannot find CURRENT PKI KEY_DIR: $KEY_DIR"
+
+ up23_verbose "> OK"
+ up23_verbose " Current CURRENT PKI vars uses PKI in: $KEY_DIR"
+} #=> up23_verify_current_pki ()
+
+up23_verify_current_ca ()
+{
+ up23_verbose "> Find CA .."
+ # $KEY_DIR is assigned in up23_verify_current_pki ()
+ [ -f "$KEY_DIR/ca.crt" ] \
+ || up23_fail_upgrade "Cannot find current ca.crt: $KEY_DIR/ca.crt"
+ up23_verbose "> OK"
+
+ # If CA is already verified then return
+ in_file="$KEY_DIR/ca.crt"
+ [ "$CURRENT_CA_IS_VERIFIED" = "$in_file" ] && return 0
+ format="x509"
+
+ # Current CA is unverified
+ # Extract the current CA details
+ CA_SUBJECT="$(easyrsa_openssl $format -in "$in_file" -subject -noout -nameopt multiline)"
+
+ # Extract individual elements
+ CA_countryName="$(printf "%s\n" "$CA_SUBJECT" \
+ | grep countryName | sed "s\`^.*=\ \`\`g")"
+ CA_stateOrProvinceName="$(printf "%s\n" "$CA_SUBJECT" \
+ | grep stateOrProvinceName | sed "s\`^.*=\ \`\`g")"
+ CA_localityName="$(printf "%s\n" "$CA_SUBJECT" \
+ | grep localityName | sed "s\`^.*=\ \`\`g")"
+ CA_organizationName="$(printf "%s\n" "$CA_SUBJECT" \
+ | grep organizationName | sed "s\`^.*=\ \`\`g")"
+ CA_organizationalUnitName="$(printf "%s\n" "$CA_SUBJECT" \
+ | grep organizationalUnitName | sed "s\`^.*=\ \`\`g")"
+ CA_emailAddress="$(printf "%s\n" "$CA_SUBJECT" \
+ | grep emailAddress | sed "s\`^.*=\ \`\`g")"
+
+ # Match the current CA elements to the vars file settings
+ CA_vars_match=1
+ [ "$CA_countryName" = "$KEY_COUNTRY" ] || CA_vars_match=0
+ [ "$CA_stateOrProvinceName" = "$KEY_PROVINCE" ] || CA_vars_match=0
+ [ "$CA_localityName" = "$KEY_CITY" ] || CA_vars_match=0
+ [ "$CA_organizationName" = "$KEY_ORG" ] || CA_vars_match=0
+ [ "$CA_organizationalUnitName" = "$KEY_OU" ] || CA_vars_match=0
+ [ "$CA_emailAddress" = "$KEY_EMAIL" ] || CA_vars_match=0
+
+ if [ "$CA_vars_match" -eq 1 ]
+ then
+ CURRENT_CA_IS_VERIFIED="partially"
+ else
+ up23_fail_upgrade "CA certificate does not match vars file settings"
+ fi
+
+ opts="-certopt no_pubkey,no_sigdump"
+ if [ ! "$EASYRSA_BATCH" ]
+ then
+ up23_show_current_ca
+ elif [ "$VERBOSE" ]
+ then
+ up23_show_current_ca
+ fi
+ confirm "* Confirm CA shown above is correct: " "yes" \
+ "Found current CA at: $KEY_DIR/ca.crt"
+ CURRENT_CA_IS_VERIFIED="$in_file"
+} #=> up23_verify_current_ca ()
+
+up23_show_current_ca ()
+{
+ printf "%s\n" "-------------------------------------------------------------------------"
+ # $opts is always set here
+ # shellcheck disable=SC2086
+ easyrsa_openssl $format -in "$in_file" -noout -text\
+ -nameopt multiline $opts || die "\
+ OpenSSL failure to process the input CA certificate: $in_file"
+ printf "%s\n" "-------------------------------------------------------------------------"
+} #=> up23_show_current_ca ()
+
+up23_backup_current_pki ()
+{
+ up23_verbose "> Backup current PKI .."
+
+ mkdir -p "$EASYRSA_SAFE_PKI" \
+ || up23_fail_upgrade "Failed to create safe PKI dir: $EASYRSA_SAFE_PKI"
+
+ cp -r "$KEY_DIR" "$EASYRSA_SAFE_PKI" \
+ || up23_fail_upgrade "Failed to copy $KEY_DIR to $EASYRSA_SAFE_PKI"
+
+ # EASYRSA_VER2_VARSFILE is either version 2 *nix ./vars or Win vars.bat
+ cp "$EASYRSA_VER2_VARSFILE" "$EASYRSA_SAFE_PKI" \
+ || up23_fail_upgrade "Failed to copy $EASYRSA_VER2_VARSFILE to EASYRSA_SAFE_PKI"
+
+ up23_verbose "> OK"
+ up23_verbose " Current PKI backup created in: $EASYRSA_SAFE_PKI"
+} #=> up23_backup_current_pki ()
+
+up23_create_new_pki ()
+{
+ # Dirs: renewed and revoked are created when used.
+ up23_verbose "> Create NEW PKI .."
+ up23_verbose ">> Create NEW PKI dirs .."
+ for i in private reqs issued certs_by_serial
+ do
+ mkdir -p "$EASYRSA_PKI/$i" \
+ || up23_fail_upgrade "Failed to Create NEW PKI dir: $EASYRSA_PKI/$i"
+ done
+ up23_verbose ">> OK"
+
+ up23_verbose ">> Copy database to NEW PKI .."
+ # Failure for these is not optional
+ # Files ignored: index.txt.old serial.old
+ for i in index.txt serial ca.crt index.txt.attr
+ do
+ cp "$KEY_DIR/$i" "$EASYRSA_PKI" \
+ || up23_fail_upgrade "Failed to copy $KEY_DIR/$i to $EASYRSA_PKI"
+ done
+ up23_verbose ">> OK"
+
+ up23_verbose ">> Copy current PKI to NEW PKI .."
+ for i in "csr.reqs" "pem.certs_by_serial" "crt.issued" "key.private" \
+ "p12.private" "p8.private" "p7b.issued"
+ do
+ FILE_EXT="${i%%.*}"
+ DEST_DIR="${i##*.}"
+ if ls "$KEY_DIR/"*".$FILE_EXT" > /dev/null 2>&1; then
+ cp "$KEY_DIR/"*".$FILE_EXT" "$EASYRSA_PKI/$DEST_DIR" \
+ || up23_fail_upgrade "Failed to copy .$FILE_EXT"
+ else
+ up23_verbose " Note: No .$FILE_EXT files found"
+ fi
+ done
+ up23_verbose ">> OK"
+ up23_verbose "> OK"
+
+ # Todo: CRL - Or generate a new CRL on completion
+ up23_verbose " New PKI created in: $EASYRSA_PKI"
+} #=> up23_create_new_pki ()
+
+up23_upgrade_ca ()
+{
+ [ -d "$EASYRSA_PKI" ] || return 0
+ up23_verbose "> Confirm that index.txt.attr exists and 'unique_subject = no'"
+ if [ -f "$EASYRSA_PKI/index.txt.attr" ]
+ then
+ if grep -q 'unique_subject = no' "$EASYRSA_PKI/index.txt.attr"
+ then
+ # If index.txt.attr exists and "unique_suject = no" then do nothing
+ return 0
+ fi
+ else
+ # If index.txt.attr does not exists then do nothing
+ return 0
+ fi
+
+ # Otherwise this is required for all easyrsa v3
+ #confirm "Set 'unique_subject = no' in index.txt.attr for your current CA: " \
+ #"yes" "This version of easyrsa requires that 'unique_subject = no' is set correctly"
+
+ printf "%s\n" "unique_subject = no" > "$EASYRSA_PKI/index.txt.attr"
+ up23_verbose "> OK"
+ up23_verbose " Upgraded index.txt.attr to v306+"
+} #=> up23_upgrade_index_txt_attr ()
+
+up23_create_openssl_cnf ()
+{
+ up23_verbose "> OpenSSL config .."
+ EASYRSA_PKI_SSL_CNFFILE="$EASYRSA_PKI/openssl-easyrsa.cnf"
+ EASYRSA_PKI_SAFE_CNFFILE="$EASYRSA_PKI/safessl-easyrsa.cnf"
+ cp "$EASYRSA_SSL_CNFFILE" "$EASYRSA_PKI_SSL_CNFFILE" \
+ || up23_fail_upgrade "create $EASYRSA_PKI_SSL_CNFFILE"
+ up23_verbose "> OK"
+ up23_verbose " New OpenSSL config file created in: $EASYRSA_PKI_SSL_CNFFILE"
+
+ # Create $EASYRSA_PKI/safessl-easyrsa.cnf
+ easyrsa_openssl makesafeconf
+ if [ -f "$EASYRSA_PKI_SAFE_CNFFILE" ]
+ then
+ up23_verbose " New SafeSSL config file created in: $EASYRSA_PKI_SAFE_CNFFILE"
+ else
+ up23_verbose " FAILED to create New SafeSSL config file in: $EASYRSA_PKI_SAFE_CNFFILE"
+ fi
+} #=> up23_create_openssl_cnf ()
+
+up23_move_easyrsa2_programs ()
+{
+ # These files may not exist here
+ up23_verbose "> Move easyrsa2 programs to SAFE PKI .."
+ for i in build-ca build-dh build-inter build-key build-key-pass \
+ build-key-pkcs12 build-key-server build-req build-req-pass \
+ clean-all inherit-inter list-crl pkitool revoke-full sign-req \
+ whichopensslcnf build-ca-pass build-key-server-pass init-config \
+ make-crl revoke-crt openssl-0.9.6.cnf openssl-0.9.8.cnf \
+ openssl-1.0.0.cnf openssl.cnf README.txt index.txt.start \
+ vars.bat.sample serial.start
+ do
+ # Although unlikely, both files could exist
+ # EG: ./build-ca and ./build-ca.bat
+ NIX_FILE="$EASYRSA/$i"
+ WIN_FILE="$EASYRSA/$i.bat"
+ if [ -f "$NIX_FILE" ]
+ then
+ cp "$NIX_FILE" "$EASYRSA_SAFE_PKI" \
+ || up23_fail_upgrade "copy $NIX_FILE $EASYRSA_SAFE_PKI"
+ fi
+
+ if [ -f "$WIN_FILE" ]
+ then
+ cp "$WIN_FILE" "$EASYRSA_SAFE_PKI" \
+ || up23_fail_upgrade "copy $WIN_FILE $EASYRSA_SAFE_PKI"
+ fi
+
+ if [ ! -f "$NIX_FILE" ] && [ ! -f "$WIN_FILE" ]
+ then
+ up23_verbose "File does not exist, ignoring: $i(.bat)"
+ fi
+
+ # These files are not removed on TEST run
+ [ "$NOSAVE" -eq 1 ] && rm -f "$NIX_FILE" "$WIN_FILE"
+ done
+
+ up23_verbose "> OK"
+ up23_verbose " Easyrsa2 programs successfully moved to: $EASYRSA_SAFE_PKI"
+} #=> up23_move_easyrsa2_programs ()
+
+up23_build_v3_vars ()
+{
+ up23_verbose "> Build v3 vars file .."
+
+ EASYRSA_EXT="easyrsa-upgrade-23"
+ EASYRSA_VARSV2_TMP="$EASYRSA/vars-v2.tmp.$EASYRSA_EXT"
+ rm -f "$EASYRSA_VARSV2_TMP"
+ EASYRSA_VARSV3_TMP="$EASYRSA/vars-v3.tmp.$EASYRSA_EXT"
+ rm -f "$EASYRSA_VARSV3_TMP"
+ EASYRSA_VARSV3_NEW="$EASYRSA/vars-v3.new.$EASYRSA_EXT"
+ rm -f "$EASYRSA_VARSV3_NEW"
+ EASYRSA_VARSV3_WRN="$EASYRSA/vars-v3.wrn.$EASYRSA_EXT"
+ rm -f "$EASYRSA_VARSV3_WRN"
+
+ printf "%s\n" "\
+########################++++++++++#########################
+### ###
+### WARNING: THIS FILE WAS AUTOMATICALLY GENERATED ###
+### ALL SETTINGS ARE AT THE END OF THE FILE ###
+### ###
+########################++++++++++#########################
+
+" > "$EASYRSA_VARSV3_WRN" || up23_fail_upgrade "Failed to create $EASYRSA_VARSV3_WRN"
+
+ # Create vars v3 temp file from sourced vars v2 key variables
+ {
+ printf "%s\n" "set_var EASYRSA_KEY_SIZE $KEY_SIZE"
+ printf "%s\n" "set_var EASYRSA_REQ_COUNTRY \"$KEY_COUNTRY\""
+ printf "%s\n" "set_var EASYRSA_REQ_PROVINCE \"$KEY_PROVINCE\""
+ printf "%s\n" "set_var EASYRSA_REQ_CITY \"$KEY_CITY\""
+ printf "%s\n" "set_var EASYRSA_REQ_ORG \"$KEY_ORG\""
+ printf "%s\n" "set_var EASYRSA_REQ_EMAIL \"$KEY_EMAIL\""
+ printf "%s\n" "set_var EASYRSA_REQ_OU \"$KEY_OU\""
+ printf "%s\n" 'set_var EASYRSA_NS_SUPPORT "yes"'
+ printf "%s\n" 'set_var EASYRSA_DN "org"'
+ printf "%s\n" 'set_var EASYRSA_RAND_SN "no"'
+ printf "%s\n" ""
+ } > "$EASYRSA_VARSV3_TMP" \
+ || up23_fail_upgrade "Failed to create $EASYRSA_VARSV3_TMP"
+
+ # cat temp files into new v3 vars
+ cat "$EASYRSA_VARSV3_WRN" "$EASYRSA_VARSV3_EXMP" "$EASYRSA_VARSV3_TMP" \
+ > "$EASYRSA_VARSV3_NEW" \
+ || up23_fail_upgrade "Failed to create $EASYRSA_VARSV3_NEW"
+
+ # This file must be created and restored at the end of TEST
+ # for the REAL update to to succeed
+ EASYRSA_VARS_LIVEBKP="$EASYRSA_TARGET_VARSFILE.livebackup"
+ cp "$EASYRSA_VER2_VARSFILE" "$EASYRSA_VARS_LIVEBKP" \
+ || up23_fail_upgrade "Failed to create $EASYRSA_VARS_LIVEBKP"
+ rm -f "$EASYRSA_VER2_VARSFILE"
+
+ # "$EASYRSA_TARGET_VARSFILE" is always $EASYRSA/vars
+ cp "$EASYRSA_VARSV3_NEW" "$EASYRSA_TARGET_VARSFILE" \
+ || up23_fail_upgrade "copy $EASYRSA_VARSV3_NEW to $EASYRSA_TARGET_VARSFILE"
+
+ # Delete temp files
+ rm -f "$EASYRSA_VARSV2_TMP" "$EASYRSA_VARSV3_TMP" \
+ "$EASYRSA_VARSV3_NEW" "$EASYRSA_VARSV3_WRN"
+
+ up23_verbose "> OK"
+ up23_verbose " New v3 vars file created in: $EASYRSA_TARGET_VARSFILE"
+} #=> up23_build_v3_vars ()
+
+up23_do_upgrade_23 ()
+{
+ up23_verbose "============================================================================"
+ up23_verbose "Begin ** $1 ** upgrade process .."
+ up23_verbose ""
+ up23_verbose "Easyrsa upgrade version: $EASYRSA_UPGRADE_23"
+ up23_verbose ""
+
+ up23_verify_new_pki
+ up23_verify_current_pki
+ up23_verify_current_ca
+ up23_backup_current_pki
+ up23_create_new_pki
+ up23_upgrade_ca
+ up23_move_easyrsa2_programs
+ up23_build_v3_vars
+ up23_create_openssl_cnf
+
+ if [ "$NOSAVE" -eq 0 ]
+ then
+ # Must stay in this order
+ # New created dirs: EASYRSA_NEW_PKI and EASYRSA_SAFE_PKI
+ rm -rf "$EASYRSA_NEW_PKI"
+ rm -rf "$EASYRSA_SAFE_PKI"
+ # EASYRSA_TARGET_VARSFILE is always the new created v3 vars
+ # Need to know if this fails
+ rm "$EASYRSA_TARGET_VARSFILE" \
+ || up23_fail_upgrade "remove new vars file: $EASYRSA_TARGET_VARSFILE"
+ # EASYRSA_VER2_VARSFILE is either v2 *nix ./vars or Win vars.bat
+ # Need this dance because v2 vars is same name as v3 vars above
+ cp "$EASYRSA_VARS_LIVEBKP" "$EASYRSA_VER2_VARSFILE"
+ fi
+ rm -f "$EASYRSA_VARS_LIVEBKP"
+} #= up23_do_upgrade_23 ()
+
+up23_manage_upgrade_23 ()
+{
+ EASYRSA_UPGRADE_VERSION="v1.0a (2020/01/08)"
+ EASYRSA_UPGRADE_TYPE="$1"
+ EASYRSA_FOUND_VARS=0
+
+ # Verify all existing versions of vars/vars.bat
+ if [ -f "$vars" ]
+ then
+ if grep -q 'Complain if a user tries to do this:' "$vars"
+ then
+ EASYRSA_FOUND_VARS=1
+ EASYRSA_VARS_IS_VER3=1
+ fi
+
+ # Easyrsa v3 does not use NOR allow use of `export`.
+ if grep -q 'export' "$vars"
+ then
+ EASYRSA_FOUND_VARS=1
+ EASYRSA_VARS_IS_VER2=1
+ EASYRSA_VER2_VARSFILE="$vars"
+ EASYRSA_TARGET_VARSFILE="$vars"
+ fi
+ fi
+
+ if [ -f "$EASYRSA/vars.bat" ]
+ then
+ EASYRSA_FOUND_VARS=1
+ EASYRSA_VARS_IS_WIN2=1
+ EASYRSA_VER2_VARSFILE="$EASYRSA/vars.bat"
+ EASYRSA_TARGET_VARSFILE="$EASYRSA/vars"
+ fi
+
+ if [ $EASYRSA_FOUND_VARS -ne 1 ];
+ then
+ die echo "vars file not found"
+ fi
+
+ # Only allow specific vars/vars.bat to exist
+ if [ "$EASYRSA_VARS_IS_VER3" ] && [ "$EASYRSA_VARS_IS_VER2" ]
+ then
+ die "Verify your current vars file, v3 cannot use 'export'."
+ fi
+
+ if [ "$EASYRSA_VARS_IS_VER3" ] && [ "$EASYRSA_VARS_IS_WIN2" ]
+ then
+ die "Verify your current vars/vars.bat file, cannot have both."
+ fi
+
+ if [ "$EASYRSA_VARS_IS_VER2" ] && [ "$EASYRSA_VARS_IS_WIN2" ]
+ then
+ die "Verify your current vars/vars.bat file, cannot have both."
+ fi
+
+ # Die on invalid upgrade type or environment
+ if [ "$EASYRSA_UPGRADE_TYPE" = "ca" ]
+ then
+ if [ "$EASYRSA_VARS_IS_VER3" ]
+ then
+ # v3 ensure index.txt.attr "unique_subject = no"
+ up23_upgrade_ca
+ unset EASYRSA_BATCH
+ notice "Your CA is fully up to date."
+ return 0
+ else
+ die "Only v3 PKI CA can be upgraded."
+ fi
+ fi
+
+ if [ "$EASYRSA_UPGRADE_TYPE" = "pki" ]
+ then
+ if [ "$EASYRSA_VARS_IS_VER3" ]
+ then
+ unset EASYRSA_BATCH
+ notice "Your PKI is fully up to date."
+ return 0
+ fi
+ else
+ die "upgrade type must be 'pki' or 'ca'."
+ fi
+
+ # PKI is potentially suitable for upgrade
+
+ warn "
+=========================================================================
+
+ * WARNING *
+
+Found settings from EasyRSA-v2 which are not compatible with EasyRSA-v3.
+Before you can continue, EasyRSA must upgrade your settings and PKI.
+* Found EASYRSA and vars file:
+ $EASYRSA
+ $EASYRSA_VER2_VARSFILE :
+
+Further info:
+* https://community.openvpn.net/openvpn/wiki/easyrsa-upgrade
+
+Easyrsa upgrade version: $EASYRSA_UPGRADE_VERSION
+=========================================================================
+"
+
+# Test upgrade
+
+ NOSAVE=0
+
+ confirm "* EasyRSA **TEST** upgrade (Changes will NOT be written): " "yes" "
+This upgrade will TEST that the upgrade works BEFORE making any changes."
+
+ up23_do_upgrade_23 "TEST"
+
+ notice "
+=========================================================================
+
+ * NOTICE *
+
+EasyRSA upgrade **TEST** has successfully completed.
+"
+# Upgrade for REAL
+
+ NOSAVE=1
+
+ confirm "* EasyRSA **REAL** upgrade (Changes WILL be written): " "yes" "
+=========================================================================
+
+ * WARNING *
+
+Run REAL upgrade: Answer yes (Once completed you will have a version 3 PKI)
+Terminate upgrade: Answer no (No changes have been made to your current PKI)
+"
+
+ confirm "* Confirm **REAL** upgrade (Changes will be written): " "yes" "
+=========================================================================
+
+ * SECOND WARNING *
+
+This upgrade will permanently write changes to your PKI !
+(With full backup backout)
+"
+ up23_do_upgrade_23 "REAL"
+
+ notice "
+=========================================================================
+
+ * NOTICE *
+
+Your settings and PKI have been successfully upgraded to EasyRSA version3
+
+A backup of your current PKI is here:
+ $EASYRSA_SAFE_PKI
+
+ * IMPORTANT NOTICE *
+
+1. YOU MUST VERIFY THAT YOUR NEW ./vars FILE IS SETUP CORRECTLY
+2. IF YOU ARE USING WINDOWS YOU MUST ENSURE THAT openssl IS CORRECTLY DEFINED
+ IN ./vars (example follows)
+
+ #
+ # This sample is in Windows syntax -- edit it for your path if not using PATH:
+ # set_var EASYRSA_OPENSSL \"C:/Program Files/OpenSSL-Win32/bin/openssl.exe\"
+ #
+ # Alternate location (Note: Forward slash '/' is correct for Windpws):
+ # set_var EASYRSA_OPENSSL \"C:/Program Files/Openvpn/bin/openssl.exe\"
+ #
+
+3. Finally, you can verify that easyrsa works by using these two commands:
+ ./easyrsa show-ca (Verify that your CA is intact and correct)
+ ./easyrsa gen-crl ((re)-generate a CRL file)
+
+Further info:
+* https://community.openvpn.net/openvpn/wiki/easyrsa-upgrade"
+ up23_verbose "
+ * UPGRADE COMPLETED SUCCESSFULLY *
+"
+
+return 0
+
+} # => up23_manage_upgrade_23 ()
+
+print_version()
+{
+ cat <<HERE
+EasyRSA Version Information
+Version: 3.0.8
+Generated: Wed Sep 9 15:59:45 CDT 2020
+SSL Lib: $(openssl version)
+Git Commit: f12e00e53b4f486ce3d119ca429198780fa694ac
+Source Repo: https://github.com/OpenVPN/easy-rsa
+HERE
+ exit 0
+} # => print_version ()
+
+
########################################
# Invocation entry point:
--batch)
empty_ok=1
export EASYRSA_BATCH=1 ;;
+ --passin)
+ export EASYRSA_PASSIN="$val";;
+ --passout)
+ export EASYRSA_PASSOUT="$val";;
--subca-len)
export EASYRSA_SUBCA_LEN="$val" ;;
--vars)
export EASYRSA_EXTRA_EXTS="\
$EASYRSA_EXTRA_EXTS
subjectAltName = $val" ;;
+ --version)
+ print_version
+ ;;
*)
break ;;
esac
# Intelligent env-var detection and auto-loading:
vars_setup
-# Register clean_temp and prog_exit on SIGHUP, SIGINT, SIGQUIT, and SIGABRT
-trap "clean_temp; prog_exit 1" 1
-trap "clean_temp; prog_exit 2" 2
-trap "clean_temp; prog_exit 3" 3
-trap "clean_temp; prog_exit 6" 6
-trap "clean_temp; prog_exit 15" 15
+# Register cleanup on EXIT
+trap "cleanup" EXIT
+# When SIGHUP, SIGINT, SIGQUIT, SIGABRT and SIGTERM,
+# explicitly exit to signal EXIT (non-bash shells)
+trap "exit 1" 1
+trap "exit 2" 2
+trap "exit 3" 3
+trap "exit 6" 6
+trap "exit 14" 15
+
+# Upgrade: EasyRSA v2.x to EasyRSA v3.x
+# Upgrade: EasyRSA < v3.0.6 to v3.0.6+
+#up23_manage_upgrade_23
# determine how we were called, then hand off to the function responsible
cmd="$1"
export-p7)
export_pkcs p7 "$@"
;;
+ export-p8)
+ export_pkcs p8 "$@"
+ ;;
set-rsa-pass)
set_pass rsa "$@"
;;
show-ca)
show_ca "$@"
;;
+ upgrade)
+ up23_manage_upgrade_23 "$@"
+ ;;
""|help|-h|--help|--usage)
cmd_help "$1"
exit 0
;;
+ version)
+ print_version
+ ;;
*)
die "Unknown command '$cmd'. Run without commands for usage help."
;;
-# For use with Easy-RSA 3.1 and OpenSSL or LibreSSL
-
-RANDFILE = $ENV::EASYRSA_PKI/.rnd
+# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL
####################################################################
[ ca ]
private_key = $dir/private/ca.key # The private key
RANDFILE = $dir/.rand # private random number file
-x509_extensions = basic_exts # The extentions to add to the cert
+x509_extensions = basic_exts # The extensions to add to the cert
# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
# is designed for will. In return, we get the Issuer attached to CRLs.
# This allows to renew certificates which have not been revoked
unique_subject = no
-# A few difference way of specifying how similar the request should look
+# A few different ways of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_anything
default_keyfile = privkey.pem
default_md = $ENV::EASYRSA_DIGEST
distinguished_name = $ENV::EASYRSA_DN
-x509_extensions = easyrsa_ca # The extentions to add to the self signed cert
+x509_extensions = easyrsa_ca # The extensions to add to the self signed cert
# A placeholder to handle the $EXTRA_EXTS feature:
#%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it
-----BEGIN CERTIFICATE-----
-MIICCDCCAY6gAwIBAgIUFpM3siy07jymSvRE5W3KA5SgaewwCgYIKoZIzj0EAwIw
-GjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQyMFoXDTI5
-MDcyNzEzMDQyMFowGjEYMBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAEf0Vp3WUOyNyNadbV0wXRxNws3Vfj0DtLOWS+PqHnpqQR
-DDoiX0VgP22UPewYdBM0G+8rY69V7/T0I2c1MOxehEJpwzDtrPSwWFIYlovhrTm5
-aCXFWv7Emjc2lzff7796o4GUMIGRMB0GA1UdDgQWBBTbN0eikCKafCP5MWLoyV7R
-ZUYZ1jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DAMBgNV
-HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNoADBlAjEAhPooIL9r
-CPdBnbm7odHvnvllUvR+iwwfcJSB17uV7Zt/XrobItEvMkrj1pBNz/OHAjAL+ktb
-q0j0Zxzt35PA8oNPttbKNAUXT7KYSQ4KYstqX3NRvoXKOAj48p1IjkuUC3k=
+MIIDSzCCAjOgAwIBAgIUdc8xO6X2O5dKTboU0VjKk8vxf6UwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTYyMjI1WhcNMzIw
+MTI1MTYyMjI1WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANfUW/VYGBdUDdq3yGWMD7TDDoXNFX+FaESEj8ad
+KhU3aakSF2bltPSLV0OKh+6H0avL1sPwvgleI7mmHU3PnyOTt4Seeikhcx9ZMLTZ
+NJ5unObrnfCyTOrpg7oQGUfu/eYsF3wAxXkQp/CG3aq++eTc741V3HVoj8slPtqJ
+7wMPMWDOgqENgIitOYD5gA9iywoLthXsIrPtWKy2zo8kUTQ3KE61UOEUa1I9r+3X
+EMM25lCid8I4kPTRU4JMbFvFqM+q3EOhMXeLlzAj6bD0ebmndxUyJLvbDBC5Uk9Q
+4CJsMRFhXTZZVUeCdmzvt4iUBZXN1P9AeM9lYCw4ZOjIknECAwEAAaOBkDCBjTAd
+BgNVHQ4EFgQUSUNbUvgxeLWEdHqNJ9MiH6nUwqUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAQEAn4m1/6ptyMlGlobrZJ1/zpFykrHdlsFU2JbfVKB1Cu3P
+Hz9rJ0ai3du++7TObktNkALQgMy+i6eGH6+EbLp9lazcRRdJPVhJIuhQX9hvzQfk
+F/mM5wRJd6Rg6Cy8SDp0KYPwOM74Xck9ukvIPxdWd6omgu0b0qpruc58P0AW2Tjk
+XIP5YnBTBQGmN7NUzrJ4zWLKEJbOOi/P47oqEwYBGaWquLBsCPq03oDMs8EsGTcO
+90k9S8vgrrZfW4jHfkOmmNepgvt3g4A3g7Y9qYKLQi6vBtDOpK8OWfD6kIXBxqNt
+uSXdVmSwgbCTdXsMU3aEnVEyvgnlw/Wz+tXo+gLb5w==
-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 07:42:93:a8:25:71:a4:ae:b0:96:4d:14:d1:e2:ff:22
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:55:26 2022 GMT
+ Not After : Jan 25 16:55:26 2032 GMT
+ Subject: CN=osweidan
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:c4:fd:94:e9:62:a5:7d:74:92:9a:22:d6:7b:35:
+ ff:95:26:e8:d3:bf:1e:ee:96:be:ba:de:2c:31:5a:
+ 02:27:6d:ac:42:b4:3a:e0:22:89:63:e3:a3:b5:68:
+ 8b:6f:f8:0e:a9:1f:a9:e5:62:d1:b4:39:6c:73:61:
+ 89:a1:0e:db:8e:62:21:06:0b:d5:4f:64:10:39:4c:
+ 91:f5:05:ca:65:09:82:e7:c6:52:61:7f:ed:de:95:
+ bc:8f:23:a3:01:77:c3:2a:1c:75:ff:b9:55:66:a2:
+ ae:ff:27:0d:4a:70:8c:b6:4d:f8:bc:65:fd:ff:a8:
+ 60:e1:ea:df:64:e9:46:34:71:ec:3b:05:cb:ec:e7:
+ a0:bc:39:6c:04:16:f9:0c:2c:c2:4b:4f:aa:80:6b:
+ d7:37:68:e9:c4:f2:91:11:5b:33:03:8e:85:67:40:
+ 7c:97:36:84:94:15:21:3d:2a:e9:87:81:65:21:fa:
+ 27:07:ca:1b:0b:df:fa:eb:34:62:d5:52:fc:b6:00:
+ 1a:54:bc:6d:0a:52:70:5e:15:38:ec:ce:dd:62:0c:
+ c6:c2:10:7c:b2:a5:8b:18:10:81:f4:b5:9a:38:c4:
+ cc:00:fa:de:0b:ca:8b:bc:82:df:2f:9e:84:3b:6a:
+ 1e:13:61:c1:72:28:cd:0d:71:1d:97:36:04:2d:c8:
+ 50:e1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 52:89:7A:20:5D:CA:C8:13:92:30:14:B2:BD:6D:FA:8B:FE:73:38:9C
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 17:99:13:42:f0:60:a8:b3:54:d4:c6:30:12:1e:0f:d3:78:a5:
+ c1:1f:54:0e:3f:15:8c:72:60:dd:8e:e4:23:64:4f:5f:a5:7f:
+ 12:59:d3:c4:cf:9b:51:98:67:cb:49:a9:99:38:65:09:7f:56:
+ 42:08:86:31:e5:48:54:04:82:ac:1b:23:fd:63:b6:49:dd:73:
+ 50:af:84:0c:d5:37:6e:47:49:f6:2a:17:0c:c1:08:f9:cf:4f:
+ 3f:90:c7:dc:c4:d8:ef:99:ab:f8:12:55:8d:9a:18:4b:2f:9e:
+ c8:1f:97:31:83:8a:62:3d:6c:d0:0e:0c:e2:d4:7c:2f:10:37:
+ 7e:23:be:7d:f8:59:97:4e:a6:5f:75:ca:6a:a4:f1:ea:b9:41:
+ da:fe:be:8f:28:ff:0a:93:17:b0:7a:d2:fe:4e:7a:c7:ed:c2:
+ fe:91:93:c8:94:43:ec:74:4f:34:85:6e:7c:72:1d:45:2a:b1:
+ b9:bd:3b:d7:d0:b9:4d:54:74:6d:c5:73:03:ad:5c:7d:9d:16:
+ bb:28:d4:9c:6e:33:54:65:e5:11:06:b5:a5:e8:e9:dc:b4:95:
+ 4b:b4:6b:ef:db:5a:fe:4e:8f:4b:3d:b6:e2:37:fb:78:37:36:
+ 9a:a0:26:cc:19:72:e6:26:99:05:e2:6b:a2:6f:d4:86:cb:f5:
+ 5c:fe:cc:54
+-----BEGIN CERTIFICATE-----
+MIIDVjCCAj6gAwIBAgIQB0KTqCVxpK6wlk0U0eL/IjANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU1MjZaFw0zMjAxMjUx
+NjU1MjZaMBMxETAPBgNVBAMMCG9zd2VpZGFuMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAxP2U6WKlfXSSmiLWezX/lSbo078e7pa+ut4sMVoCJ22sQrQ6
+4CKJY+OjtWiLb/gOqR+p5WLRtDlsc2GJoQ7bjmIhBgvVT2QQOUyR9QXKZQmC58ZS
+YX/t3pW8jyOjAXfDKhx1/7lVZqKu/ycNSnCMtk34vGX9/6hg4erfZOlGNHHsOwXL
+7OegvDlsBBb5DCzCS0+qgGvXN2jpxPKREVszA46FZ0B8lzaElBUhPSrph4FlIfon
+B8obC9/66zRi1VL8tgAaVLxtClJwXhU47M7dYgzGwhB8sqWLGBCB9LWaOMTMAPre
+C8qLvILfL56EO2oeE2HBcijNDXEdlzYELchQ4QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFFKJeiBdysgTkjAUsr1t+ov+czicMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQAXmRNC8GCos1TUxjASHg/TeKXBH1QO
+PxWMcmDdjuQjZE9fpX8SWdPEz5tRmGfLSamZOGUJf1ZCCIYx5UhUBIKsGyP9Y7ZJ
+3XNQr4QM1TduR0n2KhcMwQj5z08/kMfcxNjvmav4ElWNmhhLL57IH5cxg4piPWzQ
+Dgzi1HwvEDd+I759+FmXTqZfdcpqpPHquUHa/r6PKP8KkxewetL+TnrH7cL+kZPI
+lEPsdE80hW58ch1FKrG5vTvX0LlNVHRtxXMDrVx9nRa7KNScbjNUZeURBrWl6Onc
+tJVLtGvv21r+To9LPbbiN/t4NzaaoCbMGXLmJpkF4muib9SGy/Vc/sxU
+-----END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 07:5b:cc:38:0a:a7:60:e4:33:ea:dc:63:5f:da:65:bb
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:14:04 2019 GMT
- Not After : Jul 14 13:14:04 2022 GMT
- Subject: CN=dvasary
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:83:4f:51:7b:f1:30:dc:76:25:db:21:fd:11:8a:
- 39:fc:6f:4a:0f:f5:38:9d:8e:3c:18:c3:e2:b9:9a:
- 7e:d8:25:9d:69:f1:40:f2:1c:f8:bd:7c:98:e9:1d:
- 86:78:d0:d5:7b:b1:e6:8a:cb:44:e9:42:6c:61:c4:
- d9:32:c5:16:f0:76:71:90:58:0f:13:f4:cb:01:02:
- 68:fa:bb:3e:cb:24:47:e2:87:2d:f2:c6:d9:5f:b8:
- 16:de:47:aa:bf:02:65
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 61:47:26:E4:48:A5:C7:F8:38:0A:5F:06:FE:F6:35:DC:BB:71:F1:36
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:8a:59:88:96:eb:a1:b6:5d:51:39:39:63:b6:
- 53:c1:1e:01:ae:35:ff:3e:a5:ba:ed:17:a9:0b:2d:a9:86:c3:
- ae:c1:47:55:9b:16:9f:d7:29:71:28:06:92:6c:da:86:75:02:
- 31:00:b3:f1:55:67:51:44:2f:fa:5f:c0:65:ce:45:c3:ef:88:
- f4:80:98:65:69:e5:db:7b:42:71:6f:16:f2:06:5c:ad:e1:ce:
- fb:dc:fc:46:1f:b2:79:61:5a:c9:81:b5:24:c3
------BEGIN CERTIFICATE-----
-MIICDzCCAZSgAwIBAgIQB1vMOAqnYOQz6txjX9pluzAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDA0WhcNMjIwNzE0
-MTMxNDA0WjASMRAwDgYDVQQDDAdkdmFzYXJ5MHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEg09Re/Ew3HYl2yH9EYo5/G9KD/U4nY48GMPiuZp+2CWdafFA8hz4vXyY6R2G
-eNDVe7HmistE6UJsYcTZMsUW8HZxkFgPE/TLAQJo+rs+yyRH4oct8sbZX7gW3keq
-vwJlo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFGFHJuRIpcf4OApfBv72Ndy7
-cfE2MFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEA
-ilmIluuhtl1ROTljtlPBHgGuNf8+pbrtF6kLLamGw67BR1WbFp/XKXEoBpJs2oZ1
-AjEAs/FVZ1FEL/pfwGXORcPviPSAmGVp5dt7QnFvFvIGXK3hzvvc/EYfsnlhWsmB
-tSTD
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 12:23:21:70:b0:f9:e3:c1:fe:60:d8:6e:ec:97:35:12
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:13:49 2019 GMT
- Not After : Jul 14 13:13:49 2022 GMT
- Subject: CN=cslevai
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:4b:d4:e1:4f:a7:5b:1e:c4:7d:40:27:19:de:bc:
- cc:78:6b:5a:86:13:48:c4:c0:40:09:4e:1d:cd:b4:
- f0:8d:14:2e:44:7c:8e:2d:7b:75:27:00:c4:9b:5c:
- 71:1d:35:ff:f6:91:01:e2:3f:22:4d:f4:59:45:e4:
- 85:61:a2:30:bb:7f:8e:7f:86:db:79:7a:da:61:00:
- 72:3d:60:0b:3a:7b:d3:8e:43:d5:21:f9:e5:ef:01:
- 02:48:0e:aa:07:e0:df
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- A5:71:47:49:34:D9:70:4C:8E:A6:06:51:69:AC:4D:2F:61:9F:3F:D2
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:79:11:b6:e8:91:42:c8:db:cd:fa:27:07:1d:5b:
- cc:9f:b2:f3:d2:0f:79:7f:7e:83:3a:e9:4b:86:a0:ba:c1:10:
- 9a:87:21:f0:2c:26:e9:c5:fc:fc:7c:6c:45:79:29:d3:02:30:
- 0b:74:ab:68:f6:25:3f:d3:2b:eb:a9:13:1d:3d:b1:a8:80:9c:
- 1f:8f:6f:de:de:2f:a7:7f:ad:5a:a5:18:29:05:99:65:5f:63:
- 50:31:6e:78:90:e6:12:3e:83:f1:d8:b0
------BEGIN CERTIFICATE-----
-MIICDTCCAZSgAwIBAgIQEiMhcLD548H+YNhu7Jc1EjAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMzQ5WhcNMjIwNzE0
-MTMxMzQ5WjASMRAwDgYDVQQDDAdjc2xldmFpMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAES9ThT6dbHsR9QCcZ3rzMeGtahhNIxMBACU4dzbTwjRQuRHyOLXt1JwDEm1xx
-HTX/9pEB4j8iTfRZReSFYaIwu3+Of4bbeXraYQByPWALOnvTjkPVIfnl7wECSA6q
-B+Dfo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFKVxR0k02XBMjqYGUWmsTS9h
-nz/SMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNnADBkAjB5
-EbbokULI2836JwcdW8yfsvPSD3l/foM66UuGoLrBEJqHIfAsJunF/Px8bEV5KdMC
-MAt0q2j2JT/TK+upEx09saiAnB+Pb97eL6d/rVqlGCkFmWVfY1AxbniQ5hI+g/HY
-sA==
------END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 16:d6:7e:bd:b7:16:bd:51:0c:34:0d:08:fa:8c:cb:b1
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:54:48 2022 GMT
+ Not After : Jan 25 16:54:48 2032 GMT
+ Subject: CN=kkancz
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b9:6a:63:78:e0:1b:e8:2f:dc:70:f4:49:6f:6c:
+ 7b:62:05:76:60:4e:01:4f:91:07:2d:b2:8e:7f:e1:
+ 61:4e:c3:24:1d:da:6c:ae:b9:d5:de:00:d5:f7:cf:
+ 36:8f:a1:cb:9c:15:4c:57:e8:76:36:83:8b:7b:d4:
+ de:04:c9:06:40:32:c3:31:01:f1:f5:bc:9c:97:42:
+ 4d:82:47:71:cc:b8:0c:2c:91:bb:c8:6b:2b:62:09:
+ f3:5a:c5:5f:40:e8:46:7c:9f:d8:dd:20:a3:bc:34:
+ f9:67:28:ae:ed:fc:cd:3e:f0:68:ce:1b:02:d4:da:
+ d2:0b:74:b6:32:11:39:6e:53:80:a7:e1:b9:06:96:
+ ae:ef:8e:dd:0e:26:05:7a:2c:46:7d:f6:ba:af:6f:
+ 3e:44:8b:fa:ff:40:fd:3e:32:64:a5:f7:27:60:f7:
+ 85:28:33:e2:a3:2f:5a:37:cd:15:02:ff:28:b5:95:
+ a4:3d:ee:01:9f:86:76:2d:01:3d:b4:e7:e2:1f:fb:
+ be:1f:6a:2f:e8:50:68:2a:2d:86:3a:ef:38:f1:46:
+ df:e7:5c:53:b0:63:13:80:b4:4d:b8:60:7a:ee:71:
+ 67:bc:c8:21:83:64:6f:45:07:19:87:f3:49:c2:63:
+ 04:59:3f:6d:80:21:0e:2f:4e:cc:b5:7c:38:47:c4:
+ 7b:a5
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 9E:32:BB:AC:26:6F:9A:04:73:A5:B9:42:DA:29:46:95:C8:DE:F3:05
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 6a:07:04:54:3c:a9:4c:05:72:9e:78:6b:a6:dd:a8:09:15:0b:
+ cb:54:ad:54:91:f9:8d:ee:61:37:a3:97:92:9e:97:25:4d:db:
+ 96:91:9f:39:45:92:e5:d7:06:45:57:89:ef:96:bf:47:c5:5a:
+ 84:c8:6d:78:7a:43:02:f5:0f:4b:7f:7b:04:49:53:4b:85:13:
+ 5a:cb:75:06:f3:ba:8b:0b:83:f2:1a:df:27:0b:17:b2:28:ca:
+ c6:38:14:8c:3d:42:02:db:f2:63:79:ce:00:be:90:b6:0a:5f:
+ 23:5a:06:37:c3:34:da:09:1f:66:c8:29:11:0c:b0:8e:ac:43:
+ b3:a9:8b:eb:71:38:9c:ed:cf:7c:00:55:47:a4:48:6b:a8:1c:
+ 13:4a:b7:bf:4a:48:72:10:32:a7:48:64:d7:82:60:64:cb:a0:
+ 20:6a:20:13:d9:0a:09:03:8b:be:76:f1:23:af:90:73:d9:de:
+ 65:23:0d:07:04:48:61:f1:9a:c8:37:41:ff:65:72:27:de:88:
+ 82:ca:8f:eb:92:2c:8e:b3:ab:dc:26:ff:d4:3d:d8:99:66:c5:
+ f8:c4:cc:54:ac:98:21:29:65:ac:77:4e:f6:12:de:f5:ba:cc:
+ 1b:ee:eb:08:bf:fe:33:77:19:a5:5c:43:6c:30:40:40:e2:6c:
+ bf:93:e0:af
+-----BEGIN CERTIFICATE-----
+MIIDVDCCAjygAwIBAgIQFtZ+vbcWvVEMNA0I+ozLsTANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU0NDhaFw0zMjAxMjUx
+NjU0NDhaMBExDzANBgNVBAMMBmtrYW5jejCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBALlqY3jgG+gv3HD0SW9se2IFdmBOAU+RBy2yjn/hYU7DJB3abK65
+1d4A1ffPNo+hy5wVTFfodjaDi3vU3gTJBkAywzEB8fW8nJdCTYJHccy4DCyRu8hr
+K2IJ81rFX0DoRnyf2N0go7w0+Wcoru38zT7waM4bAtTa0gt0tjIROW5TgKfhuQaW
+ru+O3Q4mBXosRn32uq9vPkSL+v9A/T4yZKX3J2D3hSgz4qMvWjfNFQL/KLWVpD3u
+AZ+Gdi0BPbTn4h/7vh9qL+hQaCothjrvOPFG3+dcU7BjE4C0Tbhgeu5xZ7zIIYNk
+b0UHGYfzScJjBFk/bYAhDi9OzLV8OEfEe6UCAwEAAaOBojCBnzAJBgNVHRMEAjAA
+MB0GA1UdDgQWBBSeMrusJm+aBHOluULaKUaVyN7zBTBRBgNVHSMESjBIgBRJQ1tS
++DF4tYR0eo0n0yIfqdTCpaEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GCFHXP
+MTul9juXSk26FNFYypPL8X+lMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQE
+AwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAagcEVDypTAVynnhrpt2oCRULy1StVJH5
+je5hN6OXkp6XJU3blpGfOUWS5dcGRVeJ75a/R8VahMhteHpDAvUPS397BElTS4UT
+Wst1BvO6iwuD8hrfJwsXsijKxjgUjD1CAtvyY3nOAL6QtgpfI1oGN8M02gkfZsgp
+EQywjqxDs6mL63E4nO3PfABVR6RIa6gcE0q3v0pIchAyp0hk14JgZMugIGogE9kK
+CQOLvnbxI6+Qc9neZSMNBwRIYfGayDdB/2VyJ96IgsqP65IsjrOr3Cb/1D3YmWbF
++MTMVKyYISllrHdO9hLe9brMG+7rCL/+M3cZpVxDbDBAQOJsv5Pgrw==
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 23:70:61:7d:39:85:fe:76:8d:ca:0f:04:d3:68:3d:1f
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:54:35 2022 GMT
+ Not After : Jan 25 16:54:35 2032 GMT
+ Subject: CN=khorvath
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:eb:04:0d:b5:38:69:3a:69:07:21:1c:59:4c:07:
+ 6c:1d:30:89:93:3d:90:d3:ef:04:cb:ec:41:94:9e:
+ 35:91:28:17:e4:1f:cb:2b:0a:06:b9:6a:91:e6:cb:
+ 89:60:e6:3c:0a:f8:ff:ae:6c:48:e3:d7:a9:52:95:
+ 5f:e5:c8:80:5c:82:b5:91:3b:5e:e0:23:82:8d:52:
+ 53:0a:ea:e8:b2:92:b3:4b:bb:1d:2f:5a:e4:29:a9:
+ 69:2c:b9:e1:9e:13:1c:3c:0d:d9:fe:fd:e9:a7:1f:
+ f4:c2:ab:3b:eb:52:95:41:2a:5a:d4:9e:e9:8e:40:
+ 97:60:fb:e8:12:9e:d6:e4:72:2b:43:57:de:85:6b:
+ db:94:27:45:eb:43:bb:3d:6e:17:c6:dc:19:d2:dc:
+ cd:c8:67:fc:d0:d3:8f:81:4c:1a:ad:df:e6:2b:43:
+ 07:95:18:ad:e0:21:c6:5a:fd:ce:17:af:63:58:97:
+ b7:86:db:42:95:7f:38:46:08:7e:26:81:24:e2:7e:
+ dd:53:51:ab:29:43:19:ad:5f:8b:b2:b8:cf:19:06:
+ 0e:15:67:a4:50:79:00:f4:f8:2a:b8:e7:fd:b4:59:
+ 9a:ef:10:fb:10:bf:57:3e:26:ec:1e:97:6d:ad:87:
+ b9:60:94:69:24:96:69:36:9a:21:00:42:98:06:24:
+ d5:f9
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 96:F4:90:70:43:B0:6E:93:48:D7:95:1F:9B:BC:0E:8A:8D:33:36:99
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 01:8a:5e:af:fe:5a:9d:65:ba:a5:3a:51:d0:1e:7d:fe:9e:b7:
+ 7e:bc:da:33:0b:e2:f8:13:6f:73:40:5f:c2:b7:5d:2f:54:5e:
+ 0d:db:1d:28:b0:e9:fa:a2:ff:23:3c:4e:63:90:d6:5e:6c:81:
+ 9a:69:3d:06:05:5f:c3:a5:67:4a:29:e9:40:36:eb:53:89:a7:
+ 13:a5:69:ba:8d:61:ac:d9:5f:89:35:59:dc:c0:98:73:f1:f8:
+ 1e:14:80:d9:09:9c:bd:db:69:54:ea:15:68:97:bd:08:27:d7:
+ af:c9:8a:b5:41:4a:6c:dc:4f:4c:dd:5b:c7:cf:86:01:07:a2:
+ ad:33:7d:aa:47:ae:a8:b0:d2:24:89:9c:a0:48:8d:74:51:79:
+ 89:f8:8d:ee:33:4f:d6:45:b8:b5:a6:48:eb:ad:3a:86:68:53:
+ 4d:ba:55:fa:d4:2f:7b:59:3d:a6:16:d9:8a:81:90:72:e8:14:
+ e8:06:7f:de:0e:f8:be:cf:ce:91:22:8e:cd:5a:94:8f:1c:d0:
+ 4b:f6:b5:41:2d:1d:c4:0a:1e:36:17:dd:78:17:23:85:c7:cb:
+ ae:1b:ae:65:90:22:b0:c0:94:df:cc:83:38:61:cb:fa:a7:e6:
+ a4:a7:9b:10:5d:fc:30:6f:d2:dc:02:15:07:a0:42:9f:1b:a9:
+ f9:c7:22:34
+-----BEGIN CERTIFICATE-----
+MIIDVjCCAj6gAwIBAgIQI3BhfTmF/naNyg8E02g9HzANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU0MzVaFw0zMjAxMjUx
+NjU0MzVaMBMxETAPBgNVBAMMCGtob3J2YXRoMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA6wQNtThpOmkHIRxZTAdsHTCJkz2Q0+8Ey+xBlJ41kSgX5B/L
+KwoGuWqR5suJYOY8Cvj/rmxI49epUpVf5ciAXIK1kTte4COCjVJTCurospKzS7sd
+L1rkKalpLLnhnhMcPA3Z/v3ppx/0wqs761KVQSpa1J7pjkCXYPvoEp7W5HIrQ1fe
+hWvblCdF60O7PW4XxtwZ0tzNyGf80NOPgUward/mK0MHlRit4CHGWv3OF69jWJe3
+httClX84Rgh+JoEk4n7dU1GrKUMZrV+LsrjPGQYOFWekUHkA9PgquOf9tFma7xD7
+EL9XPibsHpdtrYe5YJRpJJZpNpohAEKYBiTV+QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFJb0kHBDsG6TSNeVH5u8DoqNMzaZMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQABil6v/lqdZbqlOlHQHn3+nrd+vNoz
+C+L4E29zQF/Ct10vVF4N2x0osOn6ov8jPE5jkNZebIGaaT0GBV/DpWdKKelANutT
+iacTpWm6jWGs2V+JNVncwJhz8fgeFIDZCZy922lU6hVol70IJ9evyYq1QUps3E9M
+3VvHz4YBB6KtM32qR66osNIkiZygSI10UXmJ+I3uM0/WRbi1pkjrrTqGaFNNulX6
+1C97WT2mFtmKgZBy6BToBn/eDvi+z86RIo7NWpSPHNBL9rVBLR3ECh42F914FyOF
+x8uuG65lkCKwwJTfzIM4Ycv6p+akp5sQXfwwb9LcAhUHoEKfG6n5xyI0
+-----END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 23:7b:c7:68:f3:7b:5c:8e:17:63:b5:67:3e:d3:10:1c
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:15:16 2019 GMT
- Not After : Jul 14 13:15:16 2022 GMT
- Subject: CN=mszabo
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:d4:de:f0:4a:f4:a0:8a:bd:52:97:87:c0:f5:28:
- 87:7d:7b:4c:f3:3d:13:be:6b:f6:61:23:f8:91:fd:
- 2a:59:db:38:2e:ec:d6:5d:21:c2:b9:e0:8c:38:36:
- c9:bb:2c:f9:87:f3:c5:53:28:d1:94:03:d3:24:c0:
- fa:95:b3:19:4a:42:95:94:22:11:4f:82:ea:bf:16:
- 42:42:90:f1:9e:e9:68:48:2e:b9:db:71:be:48:4a:
- eb:06:61:63:73:77:18
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 8B:C8:96:C9:E3:FD:F0:F2:13:BD:F3:32:17:FD:4F:40:19:3D:2A:5F
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:84:81:10:d7:e4:4f:e6:1d:de:3f:6c:9d:f9:
- 45:2f:6c:74:c1:ce:65:da:b9:0f:56:2d:3c:08:2d:a9:62:d2:
- ec:45:46:50:7d:da:d1:0d:73:8c:e9:57:57:3e:2d:49:14:02:
- 31:00:9e:6a:e2:fa:4f:6d:04:6f:3f:6b:35:9e:1b:6a:94:b8:
- 3b:f3:79:db:9b:cd:2c:84:48:e9:7a:a9:13:d2:08:b0:d0:f2:
- c6:22:7e:87:3b:f4:6d:d0:b7:db:c4:b5:ad:5d
------BEGIN CERTIFICATE-----
-MIICDjCCAZOgAwIBAgIQI3vHaPN7XI4XY7VnPtMQHDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNTE2WhcNMjIwNzE0
-MTMxNTE2WjARMQ8wDQYDVQQDDAZtc3phYm8wdjAQBgcqhkjOPQIBBgUrgQQAIgNi
-AATU3vBK9KCKvVKXh8D1KId9e0zzPRO+a/ZhI/iR/SpZ2zgu7NZdIcK54Iw4Nsm7
-LPmH88VTKNGUA9MkwPqVsxlKQpWUIhFPguq/FkJCkPGe6WhILrnbcb5ISusGYWNz
-dxijgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUi8iWyeP98PITvfMyF/1PQBk9
-Kl8wVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNV
-BAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0l
-BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2kAMGYCMQCE
-gRDX5E/mHd4/bJ35RS9sdMHOZdq5D1YtPAgtqWLS7EVGUH3a0Q1zjOlXVz4tSRQC
-MQCeauL6T20Ebz9rNZ4bapS4O/N525vNLIRI6XqpE9IIsNDyxiJ+hzv0bdC328S1
-rV0=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 26:84:6a:96:d0:db:00:70:3b:7d:c8:aa:d6:0a:5b:07
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:12:51 2019 GMT
- Not After : Jul 14 13:12:51 2022 GMT
- Subject: CN=akosztolanyi
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:97:d4:89:82:0c:1b:ad:c4:4b:dd:4c:19:a5:f5:
- d8:3c:42:9d:d2:b0:0d:9e:6c:a6:a8:62:9a:bf:fd:
- 78:9d:76:f4:02:ad:51:9f:97:12:59:bc:c1:a3:a0:
- 17:35:76:2f:74:ea:b9:d3:72:4b:35:94:40:f3:7e:
- b5:1c:af:51:d1:b4:d3:7a:69:3d:7f:1e:51:97:fe:
- e3:4a:ec:01:c6:e9:89:e9:8e:b7:94:a3:72:12:6e:
- 66:c5:a2:de:ad:27:e2
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- E9:6C:48:68:A1:BA:B9:7D:A3:9C:BF:89:F3:87:51:9B:B1:6C:9B:16
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:6c:e9:e9:01:19:c4:53:40:ff:e6:bb:36:1f:51:
- cd:1f:40:88:1d:e2:b3:8d:61:48:5d:ec:de:f8:20:c1:21:b1:
- 38:5e:0b:c3:f7:ae:9c:41:38:36:73:a0:06:b6:a4:55:02:31:
- 00:cc:50:fa:3f:7a:6c:6b:90:bf:6a:c6:af:1e:94:88:b7:90:
- 5d:b7:27:cf:b3:28:bc:ee:31:99:f0:9b:87:48:06:d2:6d:24:
- f0:d1:ad:be:94:b8:22:64:63:0f:d0:2d:85
------BEGIN CERTIFICATE-----
-MIICEzCCAZmgAwIBAgIQJoRqltDbAHA7fciq1gpbBzAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMjUxWhcNMjIwNzE0
-MTMxMjUxWjAXMRUwEwYDVQQDDAxha29zenRvbGFueWkwdjAQBgcqhkjOPQIBBgUr
-gQQAIgNiAASX1ImCDButxEvdTBml9dg8Qp3SsA2ebKaoYpq//XiddvQCrVGflxJZ
-vMGjoBc1di906rnTcks1lEDzfrUcr1HRtNN6aT1/HlGX/uNK7AHG6YnpjreUo3IS
-bmbFot6tJ+KjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQU6WxIaKG6uX2jnL+J
-84dRm7FsmxYwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBox
-GDAWBgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5Sgaeww
-EwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gA
-MGUCMGzp6QEZxFNA/+a7Nh9RzR9AiB3is41hSF3s3vggwSGxOF4Lw/eunEE4NnOg
-BrakVQIxAMxQ+j96bGuQv2rGrx6UiLeQXbcnz7MovO4xmfCbh0gG0m0k8NGtvpS4
-ImRjD9AthQ==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 29:f1:f8:31:17:93:d7:58:d5:ad:0e:ce:a7:26:70:33
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:13:11 2019 GMT
- Not After : Jul 14 13:13:11 2022 GMT
- Subject: CN=azsamboki
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:34:0d:f3:0e:e6:05:69:f3:24:7d:ef:19:0c:ce:
- 04:bd:24:34:e3:8c:e5:2b:7e:3f:70:39:55:9b:2e:
- 73:fa:c6:4e:44:42:95:69:82:13:85:98:63:5a:25:
- dc:1c:b2:32:9c:97:01:b5:fb:c4:dd:59:05:8a:ab:
- b6:c1:b2:13:03:0a:e3:8b:e7:ea:62:c1:71:1b:4f:
- 20:74:9c:0b:df:46:56:6c:03:d5:8c:d8:4c:02:e9:
- 6e:62:3a:1f:b3:0e:ba
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 19:A1:EF:03:DB:DF:4F:40:2A:FD:35:E0:C9:ED:DD:75:47:2F:32:1B
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:d2:08:c6:1b:75:81:72:2e:c6:46:cd:47:11:
- 2e:7c:3e:ba:e2:75:1c:8c:48:e1:4f:ac:61:5b:07:26:97:cc:
- 0a:38:7f:0d:e4:63:35:c6:a5:8e:39:f3:4c:18:79:6d:0a:02:
- 30:54:57:e5:dd:49:2b:8e:3e:89:ef:87:2f:d4:f4:ef:a3:95:
- 2d:f5:87:5a:3a:1f:93:58:7d:c5:fe:9a:45:f1:8f:d1:44:13:
- 30:b0:07:c0:b6:80:35:3f:b8:a8:96:c7:8c
------BEGIN CERTIFICATE-----
-MIICEDCCAZagAwIBAgIQKfH4MReT11jVrQ7OpyZwMzAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMzExWhcNMjIwNzE0
-MTMxMzExWjAUMRIwEAYDVQQDDAlhenNhbWJva2kwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAAQ0DfMO5gVp8yR97xkMzgS9JDTjjOUrfj9wOVWbLnP6xk5EQpVpghOFmGNa
-JdwcsjKclwG1+8TdWQWKq7bBshMDCuOL5+piwXEbTyB0nAvfRlZsA9WM2EwC6W5i
-Oh+zDrqjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUGaHvA9vfT0Aq/TXgye3d
-dUcvMhswVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAW
-BgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYD
-VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUC
-MQDSCMYbdYFyLsZGzUcRLnw+uuJ1HIxI4U+sYVsHJpfMCjh/DeRjNcaljjnzTBh5
-bQoCMFRX5d1JK44+ie+HL9T076OVLfWHWjofk1h9xf6aRfGP0UQTMLAHwLaANT+4
-qJbHjA==
------END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 2b:f6:cb:e6:ee:b9:5f:05:2f:9d:64:50:3f:0c:c3:37
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:56:14 2022 GMT
+ Not After : Jan 25 16:56:14 2032 GMT
+ Subject: CN=zfelleg
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:a9:54:33:8f:8b:4d:40:21:59:cf:42:77:2e:a3:
+ 58:dc:9b:6c:62:ab:d8:f7:7e:06:98:e0:d8:20:13:
+ 6f:14:01:d2:3a:9c:d6:a8:d5:9e:cd:1b:b7:53:e4:
+ a5:c0:aa:50:13:6a:9a:34:c6:8b:ce:b0:f2:68:ff:
+ e1:8d:ed:a3:91:27:c9:30:75:d3:8d:ee:be:df:c6:
+ 1f:df:ef:50:f1:21:d5:4d:ae:07:b7:b9:97:bc:ba:
+ 6a:65:22:03:00:86:7b:7f:b3:8b:c4:98:73:3d:e6:
+ 44:2f:27:31:6d:9c:7d:9d:da:d6:a4:65:68:bb:5b:
+ 06:fb:f3:9b:b6:69:f9:08:dd:61:6b:0e:04:48:e7:
+ d7:d9:8a:82:1f:44:74:a4:be:86:54:bb:c0:55:da:
+ c5:d6:d7:83:6d:26:09:4e:c6:87:cc:89:e1:e8:40:
+ 6d:3b:9f:c3:b2:8b:23:87:d2:8c:93:be:95:33:6a:
+ 35:dd:33:45:de:06:42:ee:18:19:5a:1d:52:46:54:
+ a4:f0:af:5b:f9:56:6d:be:3d:01:ea:96:fe:75:6b:
+ 44:95:f8:3b:8a:11:67:59:7b:c8:30:cd:05:40:5a:
+ f5:ce:5d:80:2a:aa:0b:f5:e1:24:d2:81:54:b7:7f:
+ 39:b0:1c:10:0e:6b:39:d3:06:3b:58:48:7a:a9:7e:
+ ea:4f
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ E2:66:F5:04:A5:2A:61:D5:3B:DF:7A:50:2E:78:E9:C4:76:F1:D5:78
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 21:ff:e7:b7:cf:17:01:19:6e:2c:43:1c:96:37:32:3b:49:ba:
+ 4f:97:59:fc:31:2a:97:88:54:5b:96:6b:cd:20:75:f8:91:29:
+ 69:93:a0:54:8f:bf:2a:9e:1f:7a:d5:25:ef:7e:16:04:72:0b:
+ ab:fc:26:fb:65:47:6a:dc:64:59:e5:51:1a:3b:bd:1c:21:93:
+ ba:39:dc:34:37:98:68:0b:7b:72:96:81:0f:63:ea:bc:ea:ed:
+ 19:9e:bb:b4:56:8e:c9:67:44:4f:d6:c8:60:2c:7f:37:c7:8e:
+ a7:37:c5:f1:67:99:57:2b:0e:1d:8d:27:8c:bf:e1:5b:b7:42:
+ 76:09:f0:e5:03:72:a3:93:91:03:62:8c:7d:f5:d9:f0:8e:ca:
+ 52:9e:00:8c:1a:90:72:30:ba:86:92:ff:f6:41:ca:17:7d:75:
+ 6f:3c:e0:4b:9a:26:d2:fe:79:23:cd:96:0e:c3:77:eb:d4:0c:
+ 44:e5:d4:1a:5d:73:2e:48:26:25:97:04:65:90:0b:1f:6f:f1:
+ 0c:f6:07:68:c5:38:cf:f4:74:b1:c3:06:ce:38:d2:98:b1:be:
+ 82:20:bf:41:6e:8e:74:a5:f7:e9:de:dd:ed:c8:99:db:1c:de:
+ c6:14:4d:8d:f1:85:52:d0:a7:44:3e:18:41:87:52:b9:e0:8c:
+ ee:1f:01:42
+-----BEGIN CERTIFICATE-----
+MIIDVTCCAj2gAwIBAgIQK/bL5u65XwUvnWRQPwzDNzANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU2MTRaFw0zMjAxMjUx
+NjU2MTRaMBIxEDAOBgNVBAMMB3pmZWxsZWcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCpVDOPi01AIVnPQncuo1jcm2xiq9j3fgaY4NggE28UAdI6nNao
+1Z7NG7dT5KXAqlATapo0xovOsPJo/+GN7aORJ8kwddON7r7fxh/f71DxIdVNrge3
+uZe8umplIgMAhnt/s4vEmHM95kQvJzFtnH2d2takZWi7Wwb785u2afkI3WFrDgRI
+59fZioIfRHSkvoZUu8BV2sXW14NtJglOxofMieHoQG07n8OyiyOH0oyTvpUzajXd
+M0XeBkLuGBlaHVJGVKTwr1v5Vm2+PQHqlv51a0SV+DuKEWdZe8gwzQVAWvXOXYAq
+qgv14STSgVS3fzmwHBAOaznTBjtYSHqpfupPAgMBAAGjgaIwgZ8wCQYDVR0TBAIw
+ADAdBgNVHQ4EFgQU4mb1BKUqYdU733pQLnjpxHbx1XgwUQYDVR0jBEowSIAUSUNb
+UvgxeLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1
+zzE7pfY7l0pNuhTRWMqTy/F/pTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8E
+BAMCB4AwDQYJKoZIhvcNAQELBQADggEBACH/57fPFwEZbixDHJY3MjtJuk+XWfwx
+KpeIVFuWa80gdfiRKWmToFSPvyqeH3rVJe9+FgRyC6v8JvtlR2rcZFnlURo7vRwh
+k7o53DQ3mGgLe3KWgQ9j6rzq7Rmeu7RWjslnRE/WyGAsfzfHjqc3xfFnmVcrDh2N
+J4y/4Vu3QnYJ8OUDcqOTkQNijH312fCOylKeAIwakHIwuoaS//ZByhd9dW884Eua
+JtL+eSPNlg7Dd+vUDETl1Bpdcy5IJiWXBGWQCx9v8Qz2B2jFOM/0dLHDBs440pix
+voIgv0FujnSl9+ne3e3Imdsc3sYUTY3xhVLQp0Q+GEGHUrngjO4fAUI=
+-----END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 32:06:af:0b:00:a2:dd:98:26:61:13:a2:f8:c5:f8:e7
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:14:15 2019 GMT
- Not After : Jul 14 13:14:15 2022 GMT
- Subject: CN=fritter
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:01:16:61:9a:29:9b:00:34:c6:d8:d0:31:87:e7:
- 2c:fd:7a:7e:e0:6e:f7:26:1a:62:7f:d4:7d:aa:8d:
- 0e:83:bd:c2:51:8c:cb:34:2b:3d:04:40:4f:2c:6f:
- 8b:86:9b:7f:de:a2:79:a4:0a:03:4c:70:71:34:ba:
- f6:f8:d1:e8:92:18:32:d6:78:3d:5d:29:5c:70:a0:
- b6:80:7f:21:e2:63:09:57:c1:46:fd:9b:d9:7a:2a:
- b8:13:f2:f7:83:cc:32
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- B1:1A:69:80:EF:74:B3:58:F8:3B:86:7A:86:DF:8C:50:30:56:12:04
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:da:29:1d:b3:22:d6:c9:b3:16:e6:14:41:77:
- fb:87:e7:9c:39:0b:a4:40:42:bf:45:0a:b0:4e:53:89:c9:a9:
- 6b:90:b7:88:85:bd:f0:9b:a0:a4:4b:fb:e3:2e:6f:d1:ff:02:
- 31:00:82:ce:d7:ed:cd:94:17:96:d4:65:97:82:11:ae:dd:22:
- 2c:2f:f2:64:55:ef:e7:25:c9:89:c3:bf:fc:cf:5f:c5:60:00:
- 2c:e9:7d:36:7b:6b:b8:c0:08:c2:66:f2:f7:ef
------BEGIN CERTIFICATE-----
-MIICDzCCAZSgAwIBAgIQMgavCwCi3ZgmYROi+MX45zAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDE1WhcNMjIwNzE0
-MTMxNDE1WjASMRAwDgYDVQQDDAdmcml0dGVyMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEARZhmimbADTG2NAxh+cs/Xp+4G73Jhpif9R9qo0Og73CUYzLNCs9BEBPLG+L
-hpt/3qJ5pAoDTHBxNLr2+NHokhgy1ng9XSlccKC2gH8h4mMJV8FG/ZvZeiq4E/L3
-g8wyo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFLEaaYDvdLNY+DuGeobfjFAw
-VhIEMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEA
-2ikdsyLWybMW5hRBd/uH55w5C6RAQr9FCrBOU4nJqWuQt4iFvfCboKRL++Mub9H/
-AjEAgs7X7c2UF5bUZZeCEa7dIiwv8mRV7+clyYnDv/zPX8VgACzpfTZ7a7jACMJm
-8vfv
------END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 33:59:80:b8:6f:f1:71:c9:57:98:a1:e9:af:81:5f:cb
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:22:46 2022 GMT
+ Not After : Jan 25 16:22:46 2032 GMT
+ Subject: CN=vpn.in.useribm.hu
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:d1:47:ff:20:8f:34:88:dd:50:ed:d5:d1:55:d8:
+ 12:a2:ff:61:e5:0d:71:29:00:49:35:d0:1c:4a:ef:
+ d4:01:49:c5:84:3a:a3:b9:14:ae:cc:d1:50:53:4c:
+ 7d:68:38:55:14:88:e3:42:0e:76:8c:17:a7:fd:8b:
+ 3b:a9:9c:26:37:fc:d1:4f:89:ab:ea:b9:e1:1e:0b:
+ 58:8b:ea:bd:80:8d:df:a0:0e:1d:bf:19:85:81:94:
+ 87:e6:d0:0e:31:77:e3:29:7e:ef:16:6f:7e:01:09:
+ eb:39:3d:da:11:a2:62:72:a7:8b:5b:f6:5c:75:f3:
+ 24:a9:66:15:c2:fa:7a:b8:9c:35:a3:82:bb:84:41:
+ cc:39:fe:cc:f2:d0:65:3b:13:b9:7b:1a:05:9b:6f:
+ 8c:77:a1:a5:2c:59:17:86:e5:d7:58:23:c5:03:3e:
+ ad:75:38:69:ba:f3:b4:41:3b:8a:ee:a0:8c:81:60:
+ e0:13:51:ed:cb:90:d4:8c:d2:5e:d5:f9:d4:b3:b9:
+ 7e:e6:71:4d:4a:bf:50:f1:d6:63:6a:f7:c0:44:8d:
+ 48:46:9d:53:36:e8:c6:ba:fa:9d:08:5b:22:c5:f7:
+ 6a:f9:b1:cf:9a:76:bd:fe:e0:88:01:82:4c:c8:a1:
+ c0:3e:68:fc:06:e3:df:07:ec:97:48:1f:d2:c5:cd:
+ 11:81
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 71:D0:E0:F8:9D:2C:0D:A1:35:C6:F5:4D:1C:88:53:40:07:00:78:35
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication
+ X509v3 Key Usage:
+ Digital Signature, Key Encipherment
+ X509v3 Subject Alternative Name:
+ DNS:vpn.in.useribm.hu
+ Signature Algorithm: sha256WithRSAEncryption
+ af:9b:99:1f:f6:90:a0:7a:58:9f:98:d7:da:75:0d:86:85:c7:
+ 8e:99:95:86:ad:8b:1d:c4:a8:e5:cf:75:79:bc:b8:ce:b8:2c:
+ 53:e3:c6:93:e9:4a:42:b6:f7:2d:82:85:cf:ed:82:37:21:0f:
+ 27:c5:07:56:33:99:37:37:66:da:72:1a:e1:0e:78:2d:f0:2c:
+ fc:d8:af:b9:23:07:d9:82:9f:42:6d:e8:7a:5d:69:b1:f5:a2:
+ 7a:d8:85:72:4c:e2:c6:c3:91:c7:65:1a:a2:a5:2e:94:58:5b:
+ fe:a1:12:dc:48:15:9e:e6:18:a8:21:3f:fd:be:fa:28:02:22:
+ 9f:f2:04:0c:e3:57:01:3f:fb:87:4f:64:ff:5a:c0:4c:60:48:
+ 65:59:1a:db:76:c2:d4:1d:57:39:e8:10:57:f2:10:15:10:ce:
+ 3d:7a:d5:4e:70:6e:90:22:6b:37:58:c7:01:7f:62:78:7c:b6:
+ aa:e5:f6:5f:47:a0:97:27:b5:18:cd:ac:22:90:76:5d:0b:c8:
+ dc:4c:55:01:b2:8f:67:e6:14:17:7f:f3:c6:1a:f5:0d:a3:f4:
+ 2e:0c:d5:bb:08:fc:7b:23:c2:c7:ed:25:77:97:94:3d:86:87:
+ de:bd:0c:83:ea:52:6b:44:45:fd:39:a0:e8:61:dc:be:73:1c:
+ 10:c6:ba:0c
+-----BEGIN CERTIFICATE-----
+MIIDfTCCAmWgAwIBAgIQM1mAuG/xcclXmKHpr4FfyzANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjIyNDZaFw0zMjAxMjUx
+NjIyNDZaMBwxGjAYBgNVBAMMEXZwbi5pbi51c2VyaWJtLmh1MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Uf/II80iN1Q7dXRVdgSov9h5Q1xKQBJNdAc
+Su/UAUnFhDqjuRSuzNFQU0x9aDhVFIjjQg52jBen/Ys7qZwmN/zRT4mr6rnhHgtY
+i+q9gI3foA4dvxmFgZSH5tAOMXfjKX7vFm9+AQnrOT3aEaJicqeLW/ZcdfMkqWYV
+wvp6uJw1o4K7hEHMOf7M8tBlOxO5exoFm2+Md6GlLFkXhuXXWCPFAz6tdThpuvO0
+QTuK7qCMgWDgE1Hty5DUjNJe1fnUs7l+5nFNSr9Q8dZjavfARI1IRp1TNujGuvqd
+CFsixfdq+bHPmna9/uCIAYJMyKHAPmj8BuPfB+yXSB/Sxc0RgQIDAQABo4HAMIG9
+MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHHQ4PidLA2hNcb1TRyIU0AHAHg1MFEGA1Ud
+IwRKMEiAFElDW1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5
+LVJTQSBDQYIUdc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUH
+AwEwCwYDVR0PBAQDAgWgMBwGA1UdEQQVMBOCEXZwbi5pbi51c2VyaWJtLmh1MA0G
+CSqGSIb3DQEBCwUAA4IBAQCvm5kf9pCgelifmNfadQ2GhceOmZWGrYsdxKjlz3V5
+vLjOuCxT48aT6UpCtvctgoXP7YI3IQ8nxQdWM5k3N2bachrhDngt8Cz82K+5IwfZ
+gp9Cbeh6XWmx9aJ62IVyTOLGw5HHZRqipS6UWFv+oRLcSBWe5hioIT/9vvooAiKf
+8gQM41cBP/uHT2T/WsBMYEhlWRrbdsLUHVc56BBX8hAVEM49etVOcG6QIms3WMcB
+f2J4fLaq5fZfR6CXJ7UYzawikHZdC8jcTFUBso9n5hQXf/PGGvUNo/QuDNW7CPx7
+I8LH7SV3l5Q9hofevQyD6lJrREX9OaDoYdy+cxwQxroM
+-----END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 34:13:80:3e:21:7f:3b:dd:0a:af:d5:cb:0d:17:4b:3c
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:16:17 2019 GMT
- Not After : Jul 14 13:16:17 2022 GMT
- Subject: CN=zfelleg
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:83:a4:95:4c:f4:18:92:47:f1:fe:26:d4:2c:3a:
- a1:65:73:7b:ef:cd:26:ef:dc:d7:7a:dc:95:9a:8b:
- 66:3f:e9:c9:2e:f6:ac:0a:0e:a1:8f:bd:a5:00:42:
- 3a:30:03:9c:0a:5b:4a:c3:3c:bc:62:05:60:37:36:
- 99:e4:e7:27:2d:ae:a9:c1:a2:57:35:8e:d2:59:77:
- 29:16:64:50:94:16:ca:1a:19:31:1a:83:8c:41:07:
- 7f:7d:e7:fc:98:80:73
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 40:51:B5:0A:53:CE:54:25:34:5C:DC:E5:70:74:B3:6F:D4:D3:01:84
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:7e:24:b4:72:c8:67:13:4f:a0:ba:09:76:d0:33:
- 36:35:d4:d0:df:e7:a5:25:25:af:ce:36:67:42:22:bf:42:fb:
- ab:96:52:73:c1:b2:a0:58:3a:90:b1:8a:78:70:eb:c9:02:31:
- 00:d9:4a:41:83:7a:5d:1b:6c:e2:d0:2d:b7:c3:b9:b7:11:26:
- 90:fa:9c:cb:20:e6:c4:cf:06:65:8b:8e:6b:00:c7:ec:77:f0:
- 85:75:17:58:0b:ef:06:8b:13:0b:57:61:25
------BEGIN CERTIFICATE-----
-MIICDjCCAZSgAwIBAgIQNBOAPiF/O90Kr9XLDRdLPDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNjE3WhcNMjIwNzE0
-MTMxNjE3WjASMRAwDgYDVQQDDAd6ZmVsbGVnMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEg6SVTPQYkkfx/ibULDqhZXN7780m79zXetyVmotmP+nJLvasCg6hj72lAEI6
-MAOcCltKwzy8YgVgNzaZ5OcnLa6pwaJXNY7SWXcpFmRQlBbKGhkxGoOMQQd/fef8
-mIBzo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFEBRtQpTzlQlNFzc5XB0s2/U
-0wGEMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNoADBlAjB+
-JLRyyGcTT6C6CXbQMzY11NDf56UlJa/ONmdCIr9C+6uWUnPBsqBYOpCxinhw68kC
-MQDZSkGDel0bbOLQLbfDubcRJpD6nMsg5sTPBmWLjmsAx+x38IV1F1gL7waLEwtX
-YSU=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 39:4b:dd:54:1c:10:82:ea:c5:cd:4d:9d:fe:b6:d4:d3
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:15:02 2019 GMT
- Not After : Jul 14 13:15:02 2022 GMT
- Subject: CN=kkele
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:0a:e8:ed:f9:1a:f5:b6:17:d7:5f:ff:9e:9c:1e:
- 1d:11:cf:12:7f:01:11:ca:a2:b1:e0:b5:bc:30:6b:
- 5c:ff:5e:d2:06:2b:55:a9:0f:55:3a:ae:ee:a6:5e:
- 74:0d:f6:43:b6:a4:1d:17:2b:0f:87:7b:c2:39:47:
- 1d:e7:fb:e4:64:d1:00:60:bb:1c:eb:e0:40:82:8d:
- 77:09:85:d1:1c:37:c8:3e:d5:64:51:0f:1d:71:71:
- 04:3a:21:6c:a2:57:36
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- B0:47:56:D8:59:56:0D:E2:68:86:01:E8:12:30:4C:EF:D9:7D:EE:F7
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:df:6c:06:c1:07:aa:bb:76:58:d8:ea:dc:60:
- ce:e0:5c:a9:32:c0:20:c9:8b:da:3b:7e:98:74:94:96:83:0e:
- 9f:71:8f:4e:af:72:d0:49:29:06:d0:c8:e9:12:88:67:67:02:
- 30:77:f4:e3:b5:89:dd:e6:6e:83:65:64:77:09:8e:52:2d:47:
- 04:80:27:14:25:51:08:97:01:86:e9:23:0d:04:fa:44:89:35:
- c4:4e:18:84:09:86:cf:5a:7b:6c:0e:09:fd
------BEGIN CERTIFICATE-----
-MIICDDCCAZKgAwIBAgIQOUvdVBwQgurFzU2d/rbU0zAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNTAyWhcNMjIwNzE0
-MTMxNTAyWjAQMQ4wDAYDVQQDDAVra2VsZTB2MBAGByqGSM49AgEGBSuBBAAiA2IA
-BAro7fka9bYX11//npweHRHPEn8BEcqiseC1vDBrXP9e0gYrVakPVTqu7qZedA32
-Q7akHRcrD4d7wjlHHef75GTRAGC7HOvgQIKNdwmF0Rw3yD7VZFEPHXFxBDohbKJX
-NqOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBSwR1bYWVYN4miGAegSMEzv2X3u
-9zBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYGA1UE
-AwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNVHSUE
-DDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIxAN9s
-BsEHqrt2WNjq3GDO4FypMsAgyYvaO36YdJSWgw6fcY9Or3LQSSkG0MjpEohnZwIw
-d/TjtYnd5m6DZWR3CY5SLUcEgCcUJVEIlwGG6SMNBPpEiTXEThiECYbPWntsDgn9
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 46:6e:f0:8c:89:77:64:34:62:2c:ea:be:e1:df:93:68
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:13:22 2019 GMT
- Not After : Jul 14 13:13:22 2022 GMT
- Subject: CN=bcsoka
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:a7:95:bf:6c:8e:0f:34:9c:ca:14:8b:33:4d:80:
- 55:98:1e:10:c3:e9:84:7f:72:4d:f2:61:68:70:59:
- c7:6f:6d:02:c4:22:cf:58:80:e7:35:18:6e:ee:11:
- fe:29:01:c3:ea:79:85:83:e6:0c:6f:c5:d8:7f:9f:
- d5:55:27:7b:a8:17:14:2d:94:e5:c4:a4:9f:ac:b8:
- 38:02:c0:41:5a:1a:8a:63:e5:c3:52:27:62:57:0b:
- 14:6b:36:cc:8e:51:3f
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 5A:57:D9:73:6A:27:49:66:7D:18:9E:2A:96:1F:4C:49:7E:AD:9C:15
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:2b:52:16:40:fb:43:11:6a:9a:45:62:58:5b:f5:
- 19:34:3f:32:fe:f7:d0:82:4a:32:98:61:0f:22:22:99:9a:16:
- b3:94:79:46:fe:a2:7a:9c:9a:86:a6:31:4e:72:f4:54:02:31:
- 00:94:2c:a6:21:e6:78:73:3e:d9:93:89:c6:72:72:8e:1d:17:
- 87:07:27:22:2c:5d:2c:00:f1:38:1f:17:fb:0e:c1:c9:52:80:
- 52:ba:1c:79:93:69:c1:59:0e:f0:a0:cd:76
------BEGIN CERTIFICATE-----
-MIICDTCCAZOgAwIBAgIQRm7wjIl3ZDRiLOq+4d+TaDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMzIyWhcNMjIwNzE0
-MTMxMzIyWjARMQ8wDQYDVQQDDAZiY3Nva2EwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
-AASnlb9sjg80nMoUizNNgFWYHhDD6YR/ck3yYWhwWcdvbQLEIs9YgOc1GG7uEf4p
-AcPqeYWD5gxvxdh/n9VVJ3uoFxQtlOXEpJ+suDgCwEFaGopj5cNSJ2JXCxRrNsyO
-UT+jgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUWlfZc2onSWZ9GJ4qlh9MSX6t
-nBUwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNV
-BAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0l
-BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUCMCtS
-FkD7QxFqmkViWFv1GTQ/Mv730IJKMphhDyIimZoWs5R5Rv6iepyahqYxTnL0VAIx
-AJQspiHmeHM+2ZOJxnJyjh0XhwcnIixdLADxOB8X+w7ByVKAUroceZNpwVkO8KDN
-dg==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 46:9e:0b:aa:82:d0:07:b1:9d:fc:c4:87:c5:6c:9e:80
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:14:38 2019 GMT
- Not After : Jul 14 13:14:38 2022 GMT
- Subject: CN=ifabian
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ba:65:94:67:08:34:86:c7:0f:94:00:5f:e2:38:
- 5b:9e:29:5f:76:7a:87:43:5b:37:a4:44:ab:39:72:
- be:37:0e:3f:c5:ba:55:8b:6c:bd:22:ed:74:54:88:
- a2:1c:ec:f8:24:37:3f:b3:b2:e3:56:0e:e5:81:cb:
- ef:48:1d:e5:ea:1f:67:51:5f:20:8b:2f:aa:fe:fe:
- 8e:d4:be:91:28:94:b6:cc:04:74:90:72:90:10:a0:
- 7c:42:a2:e3:4c:7f:49
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 0B:41:AE:87:A5:73:BB:DC:4E:16:2E:F3:A0:20:FA:D5:38:52:40:AA
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:1f:f9:44:c2:c2:63:91:08:c2:c8:ca:22:28:7d:
- 9b:84:3d:d1:f7:89:43:26:b0:a6:e7:2c:e5:63:e9:bd:86:81:
- e5:ad:1a:c2:bb:30:31:05:eb:e9:d3:71:d1:6e:c0:df:02:31:
- 00:d3:38:d5:bb:9f:d2:a2:92:6e:0e:2a:b4:d9:d6:a9:c9:eb:
- 5c:c9:ef:33:1c:66:d4:3c:a0:86:07:39:38:14:0c:61:8b:67:
- 75:20:06:d8:79:0c:65:a2:2d:87:fc:00:04
------BEGIN CERTIFICATE-----
-MIICDjCCAZSgAwIBAgIQRp4LqoLQB7Gd/MSHxWyegDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDM4WhcNMjIwNzE0
-MTMxNDM4WjASMRAwDgYDVQQDDAdpZmFiaWFuMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEumWUZwg0hscPlABf4jhbnilfdnqHQ1s3pESrOXK+Nw4/xbpVi2y9Iu10VIii
-HOz4JDc/s7LjVg7lgcvvSB3l6h9nUV8giy+q/v6O1L6RKJS2zAR0kHKQEKB8QqLj
-TH9Jo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFAtBroelc7vcThYu86Ag+tU4
-UkCqMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNoADBlAjAf
-+UTCwmORCMLIyiIofZuEPdH3iUMmsKbnLOVj6b2GgeWtGsK7MDEF6+nTcdFuwN8C
-MQDTONW7n9Kikm4OKrTZ1qnJ61zJ7zMcZtQ8oIYHOTgUDGGLZ3UgBth5DGWiLYf8
-AAQ=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 4b:df:84:b3:7b:17:ce:e1:09:87:9b:67:05:4b:27:91
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:15:51 2019 GMT
- Not After : Jul 14 13:15:51 2022 GMT
- Subject: CN=tsuhajda
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:6a:52:47:b4:82:6f:88:07:39:d2:55:37:5b:de:
- e8:37:fd:12:c8:2e:2a:c5:b4:9b:54:cf:2b:7c:73:
- dd:9c:89:37:d7:a9:09:50:11:bb:ae:8e:8d:3f:e7:
- d0:c9:7e:89:f5:7f:29:28:2d:d6:49:5b:69:b9:47:
- da:82:87:1e:a9:e8:7a:98:e2:fe:2b:b6:b0:c2:fd:
- aa:18:af:c3:d5:b0:c3:51:8b:77:8e:4d:68:60:47:
- 41:28:4d:30:81:4d:7c
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 60:FA:D3:CB:9A:38:0E:08:58:0C:11:BB:A1:C8:18:FB:36:31:2A:67
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:c2:3b:36:d4:ec:38:f3:3f:11:b3:74:6b:34:
- 27:2f:bd:77:41:c1:20:55:e8:39:b5:1b:ad:04:a1:ab:ca:19:
- 1e:31:6f:32:4e:12:80:f9:c9:fc:96:f4:7b:81:34:87:07:02:
- 31:00:92:a4:26:4c:73:29:b6:4f:be:37:a7:98:50:33:4f:10:
- cd:f2:a0:2d:e6:f1:dd:18:7e:0a:51:1d:81:36:5a:36:3c:17:
- f8:d3:2c:cb:c1:16:5d:38:1d:57:97:9a:be:69
------BEGIN CERTIFICATE-----
-MIICEDCCAZWgAwIBAgIQS9+Es3sXzuEJh5tnBUsnkTAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNTUxWhcNMjIwNzE0
-MTMxNTUxWjATMREwDwYDVQQDDAh0c3VoYWpkYTB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABGpSR7SCb4gHOdJVN1ve6Df9EsguKsW0m1TPK3xz3ZyJN9epCVARu66OjT/n
-0Ml+ifV/KSgt1klbablH2oKHHqnoepji/iu2sML9qhivw9Www1GLd45NaGBHQShN
-MIFNfKOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBRg+tPLmjgOCFgMEbuhyBj7
-NjEqZzBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaQAwZgIx
-AMI7NtTsOPM/EbN0azQnL713QcEgVeg5tRutBKGryhkeMW8yThKA+cn8lvR7gTSH
-BwIxAJKkJkxzKbZPvjenmFAzTxDN8qAt5vHdGH4KUR2BNlo2PBf40yzLwRZdOB1X
-l5q+aQ==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 58:5a:a9:7d:7c:ca:b5:2c:49:57:bb:bf:91:37:42:61
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Mar 26 10:41:27 2020 GMT
- Not After : Mar 11 10:41:27 2023 GMT
- Subject: CN=kkancz
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:16:c3:cc:4c:19:91:e6:b3:53:89:7d:7a:1e:ae:
- 57:89:52:19:d7:e5:c7:d0:68:74:a6:0d:92:e9:09:
- e7:81:5e:11:02:ea:87:89:20:e7:57:b1:ca:44:b6:
- cf:5f:01:58:73:94:89:3a:0a:67:fa:9f:c8:c9:16:
- 8d:e7:72:75:94:8d:52:de:f1:0f:47:a3:15:83:c3:
- cd:67:c8:14:af:b2:f5:63:08:0c:25:d5:d5:0a:ba:
- fb:9b:0f:df:e0:45:b4
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 61:CB:25:BC:82:6D:D5:01:DE:15:AF:18:59:C3:D7:34:16:B7:A6:94
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:ca:f1:79:0b:1b:e1:0f:15:b4:6e:3e:69:9b:
- 92:a8:bc:fe:2f:5c:96:c0:ad:d7:02:97:e0:ea:f7:08:77:43:
- 31:22:93:50:19:24:88:91:63:39:b1:1a:80:bf:9d:bf:f1:02:
- 30:38:5b:c1:af:a7:58:0d:de:b5:19:77:00:33:31:7d:41:c5:
- 3c:bb:b2:9e:cd:86:66:f6:1a:84:4d:80:b6:28:b5:2b:04:5f:
- 1c:a3:49:cd:89:2d:21:0a:5f:65:eb:d0:36
------BEGIN CERTIFICATE-----
-MIICDTCCAZOgAwIBAgIQWFqpfXzKtSxJV7u/kTdCYTAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMjAwMzI2MTA0MTI3WhcNMjMwMzEx
-MTA0MTI3WjARMQ8wDQYDVQQDDAZra2FuY3owdjAQBgcqhkjOPQIBBgUrgQQAIgNi
-AAQWw8xMGZHms1OJfXoerleJUhnX5cfQaHSmDZLpCeeBXhEC6oeJIOdXscpEts9f
-AVhzlIk6Cmf6n8jJFo3ncnWUjVLe8Q9HoxWDw81nyBSvsvVjCAwl1dUKuvubD9/g
-RbSjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUYcslvIJt1QHeFa8YWcPXNBa3
-ppQwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNV
-BAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0l
-BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUCMQDK
-8XkLG+EPFbRuPmmbkqi8/i9clsCt1wKX4Or3CHdDMSKTUBkkiJFjObEagL+dv/EC
-MDhbwa+nWA3etRl3ADMxfUHFPLuyns2GZvYahE2Atii1KwRfHKNJzYktIQpfZevQ
-Ng==
------END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 60:87:51:1c:41:ab:64:4d:6e:87:35:4b:37:da:5a:be
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:54:21 2022 GMT
+ Not After : Jan 25 16:54:21 2032 GMT
+ Subject: CN=fschnell
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:ba:48:1e:7f:2f:93:ee:b3:88:cf:0a:0a:82:0d:
+ 48:bd:ed:d8:3f:5d:13:d1:20:c0:34:b9:8f:53:39:
+ 52:d2:7e:91:4f:e5:4c:07:73:54:25:a6:6a:c7:83:
+ b8:fc:93:1d:b6:03:72:59:41:4a:61:b9:68:0d:4e:
+ e2:9b:b4:74:6c:87:7c:a3:61:30:22:3f:9b:53:23:
+ 31:e1:b6:37:ef:0d:32:df:6e:40:14:e1:d8:1a:0e:
+ 93:8f:6c:55:0d:dd:c9:9a:a2:5c:1e:46:c1:19:ce:
+ e4:ee:8b:3e:93:bf:ce:60:30:29:da:2c:e7:d7:a9:
+ 06:4d:84:60:cd:3a:28:18:0d:d2:11:6e:01:e9:1a:
+ 0c:6b:d1:09:b4:e6:5f:95:7d:c3:a3:d3:fb:44:15:
+ 50:b7:be:6e:89:d3:75:cf:57:e3:13:f6:99:3e:ea:
+ 2b:38:05:5b:d4:0d:c6:65:42:93:63:c6:e7:44:5a:
+ 2c:01:19:88:52:c7:6f:12:fa:27:df:5e:b6:40:e9:
+ 15:35:e4:27:0f:e3:c7:1d:37:4f:5f:0b:78:cb:33:
+ a2:e6:06:35:b3:b1:d4:4a:4f:55:48:95:b1:e0:5c:
+ 8f:35:87:d9:32:07:1b:68:b0:eb:8b:03:67:9c:0e:
+ 14:0c:63:ca:22:c7:86:9a:35:5f:af:84:75:fa:3b:
+ e7:43
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 4C:D9:F1:08:3B:62:3F:D4:E3:22:0B:27:BD:9C:7C:15:44:B8:D6:11
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 4c:cf:19:8e:b2:4a:87:3c:de:5b:f3:31:9d:c3:58:4d:9a:d6:
+ 59:ad:49:ec:aa:ec:2a:3c:04:c2:1b:fd:31:76:8f:af:2a:bc:
+ 9e:d4:96:5d:31:b5:86:16:df:af:2f:ea:12:e9:2a:23:f5:37:
+ bb:9b:c0:c5:b6:bc:77:28:2c:f6:8d:31:8a:8e:a2:f8:dc:b8:
+ 65:14:ba:1a:8c:32:4f:ec:84:08:3c:87:c2:97:08:93:f8:b9:
+ a4:30:a4:78:54:05:a0:f0:29:7b:61:bb:22:4a:98:21:bb:a3:
+ c1:38:be:14:bf:58:ab:09:07:8c:d8:c1:66:17:98:91:f3:64:
+ ca:05:41:f8:04:5d:91:8a:8f:29:2b:d1:85:20:c5:7c:3e:32:
+ 3e:40:8b:c5:1a:20:1f:c4:95:4b:3a:35:a1:37:e3:c8:15:f1:
+ 04:4f:9e:cb:1d:1f:bf:4a:c5:8b:f9:81:a7:42:e5:95:04:e5:
+ b2:04:f0:3e:1e:d5:24:1d:37:e1:cd:c4:b9:69:77:0d:d6:28:
+ b2:f9:7b:be:93:a0:b5:2b:c3:3d:27:9e:4d:a0:73:64:d1:16:
+ 9a:07:cc:ff:55:e8:06:ff:a7:d3:fe:a7:33:ff:1c:9d:b4:c8:
+ f8:37:fa:e3:24:1d:57:e9:ea:df:92:61:7b:ec:f3:6b:3d:0f:
+ 7e:75:72:59
+-----BEGIN CERTIFICATE-----
+MIIDVjCCAj6gAwIBAgIQYIdRHEGrZE1uhzVLN9pavjANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU0MjFaFw0zMjAxMjUx
+NjU0MjFaMBMxETAPBgNVBAMMCGZzY2huZWxsMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAukgefy+T7rOIzwoKgg1Ive3YP10T0SDANLmPUzlS0n6RT+VM
+B3NUJaZqx4O4/JMdtgNyWUFKYbloDU7im7R0bId8o2EwIj+bUyMx4bY37w0y325A
+FOHYGg6Tj2xVDd3JmqJcHkbBGc7k7os+k7/OYDAp2izn16kGTYRgzTooGA3SEW4B
+6RoMa9EJtOZflX3Do9P7RBVQt75uidN1z1fjE/aZPuorOAVb1A3GZUKTY8bnRFos
+ARmIUsdvEvon3162QOkVNeQnD+PHHTdPXwt4yzOi5gY1s7HUSk9VSJWx4FyPNYfZ
+MgcbaLDriwNnnA4UDGPKIseGmjVfr4R1+jvnQwIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFEzZ8Qg7Yj/U4yILJ72cfBVEuNYRMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBMzxmOskqHPN5b8zGdw1hNmtZZrUns
+quwqPATCG/0xdo+vKrye1JZdMbWGFt+vL+oS6Soj9Te7m8DFtrx3KCz2jTGKjqL4
+3LhlFLoajDJP7IQIPIfClwiT+LmkMKR4VAWg8Cl7YbsiSpghu6PBOL4Uv1irCQeM
+2MFmF5iR82TKBUH4BF2Rio8pK9GFIMV8PjI+QIvFGiAfxJVLOjWhN+PIFfEET57L
+HR+/SsWL+YGnQuWVBOWyBPA+HtUkHTfhzcS5aXcN1iiy+Xu+k6C1K8M9J55NoHNk
+0RaaB8z/VegG/6fT/qcz/xydtMj4N/rjJB1X6erfkmF77PNrPQ9+dXJZ
+-----END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 62:de:03:11:22:c6:4b:00:ac:33:d5:e5:8a:25:0f:ff
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:14:27 2019 GMT
- Not After : Jul 14 13:14:27 2022 GMT
- Subject: CN=fschnell
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:c1:66:71:37:bb:f5:b6:2c:b0:a0:d6:8c:85:2c:
- 31:28:d1:5e:d6:23:71:ae:b7:6f:79:12:50:7a:b5:
- 6c:ee:eb:a0:a9:9b:1a:d5:f3:5d:72:fd:cd:f1:0d:
- 23:3f:6e:44:7b:1f:c9:8a:1e:fb:51:ad:e2:bf:c8:
- 12:0d:d0:7a:11:de:ee:c2:6e:06:af:67:c7:51:13:
- 8c:cf:75:9f:a9:80:42:f2:9c:5a:78:af:29:57:df:
- b0:c1:d6:d6:3b:42:60
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- B9:32:14:86:9B:D6:96:CB:A1:D9:29:28:C4:F7:93:25:5F:2A:A1:1C
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:61:aa:3e:2c:c7:81:3c:56:1a:87:fe:c8:42:6a:
- b1:61:dd:1c:6a:21:ac:81:90:ef:04:4c:2f:fc:9f:b7:75:e1:
- b2:2a:60:f8:67:f0:9a:b4:7f:18:cd:81:68:bf:ae:1b:02:30:
- 33:0e:e6:86:5d:2e:bc:64:4e:4c:fd:8d:05:45:a6:c0:3d:d8:
- af:53:fa:37:2f:e5:84:8e:ea:30:80:82:60:96:8e:5d:8f:1f:
- f2:4f:d1:f7:c0:d1:a0:19:d7:93:95:82
------BEGIN CERTIFICATE-----
-MIICDjCCAZWgAwIBAgIQYt4DESLGSwCsM9XliiUP/zAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDI3WhcNMjIwNzE0
-MTMxNDI3WjATMREwDwYDVQQDDAhmc2NobmVsbDB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABMFmcTe79bYssKDWjIUsMSjRXtYjca63b3kSUHq1bO7roKmbGtXzXXL9zfEN
-Iz9uRHsfyYoe+1Gt4r/IEg3QehHe7sJuBq9nx1ETjM91n6mAQvKcWnivKVffsMHW
-1jtCYKOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBS5MhSGm9aWy6HZKSjE95Ml
-XyqhHDBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDZwAwZAIw
-Yao+LMeBPFYah/7IQmqxYd0caiGsgZDvBEwv/J+3deGyKmD4Z/CatH8YzYFov64b
-AjAzDuaGXS68ZE5M/Y0FRabAPdivU/o3L+WEjuowgIJglo5djx/yT9H3wNGgGdeT
-lYI=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 68:02:68:8c:e3:bb:71:c1:e8:67:ca:49:0a:9d:0b:4c
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:14:53 2019 GMT
- Not After : Jul 14 13:14:53 2022 GMT
- Subject: CN=khorvath
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:10:d0:a2:68:66:ea:40:36:f3:9d:13:e2:bc:e7:
- 87:92:d4:ca:f2:e6:13:a9:0b:d0:92:b7:a0:24:f0:
- e4:ce:69:08:e4:e2:c0:66:e0:2a:2a:79:06:e3:d4:
- 33:e8:6b:94:a7:fb:71:9a:e7:9a:a1:f9:1a:3b:28:
- 3f:3b:0c:99:5f:2e:cf:17:98:60:10:16:22:c3:1f:
- 7e:61:62:97:85:36:0a:0a:e9:26:0e:76:c3:88:b8:
- 8e:e4:80:78:52:b5:9c
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 42:88:C3:F8:81:2A:78:1F:C8:3F:D2:7D:BA:E9:44:09:4A:36:3A:B1
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:27:4e:d4:b0:5a:4b:af:6a:d6:a0:b7:ae:b4:57:
- d1:dc:4e:77:9c:bf:06:c0:bd:3d:06:c3:90:7e:e4:7a:24:1e:
- e9:a4:76:51:4b:2f:3d:8a:1c:6e:93:0d:de:b1:3c:63:02:31:
- 00:fb:48:45:89:a8:e7:74:16:4a:1d:5e:a1:ad:b2:d3:34:9f:
- 95:04:ed:92:1f:a8:ad:05:6f:81:ee:d0:8c:fc:9d:6c:e3:5d:
- 5a:1b:e8:27:86:20:a0:e4:78:a2:4f:63:b3
------BEGIN CERTIFICATE-----
-MIICDzCCAZWgAwIBAgIQaAJojOO7ccHoZ8pJCp0LTDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDUzWhcNMjIwNzE0
-MTMxNDUzWjATMREwDwYDVQQDDAhraG9ydmF0aDB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABBDQomhm6kA2850T4rznh5LUyvLmE6kL0JK3oCTw5M5pCOTiwGbgKip5BuPU
-M+hrlKf7cZrnmqH5GjsoPzsMmV8uzxeYYBAWIsMffmFil4U2CgrpJg52w4i4juSA
-eFK1nKOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBRCiMP4gSp4H8g/0n266UQJ
-SjY6sTBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIw
-J07UsFpLr2rWoLeutFfR3E53nL8GwL09BsOQfuR6JB7ppHZRSy89ihxukw3esTxj
-AjEA+0hFiajndBZKHV6hrbLTNJ+VBO2SH6itBW+B7tCM/J1s411aG+gnhiCg5Hii
-T2Oz
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 6b:9d:83:08:3d:87:cc:88:0a:de:bc:cd:3b:5c:ef:4d
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:16:02 2019 GMT
- Not After : Jul 14 13:16:02 2022 GMT
- Subject: CN=zbartakovics
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:0f:68:0b:c6:8e:81:3c:ef:a7:cb:71:84:f3:84:
- 12:e5:9c:28:13:15:e1:ab:bf:2f:92:3c:db:40:2c:
- e5:f7:c9:61:94:d2:23:08:10:75:53:7a:ec:39:3c:
- a1:9c:d3:73:0e:79:db:4c:15:94:77:11:a4:30:e2:
- bc:73:fa:66:0e:17:90:e2:a3:4c:17:82:41:87:c2:
- 94:8a:c3:28:47:40:76:76:59:c7:16:47:07:8b:ec:
- dd:22:6c:3c:af:26:25
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 36:50:AD:4A:3A:69:D8:C0:00:F4:3C:7C:FF:B0:7D:E2:94:B9:7C:8A
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:7e:1a:02:39:9f:2d:c8:dd:5b:4a:2b:9a:2e:61:
- 60:a5:e2:60:92:29:d4:7e:f2:32:5a:be:90:72:89:42:1a:74:
- 74:72:c3:e8:32:0b:63:82:52:65:fa:2f:b3:13:4f:16:02:30:
- 1e:a0:79:e7:55:d1:45:54:97:8d:a0:fb:50:ce:47:b0:1f:d0:
- 78:47:21:dc:21:d1:7d:f4:1a:da:48:55:fc:43:ce:28:ae:b9:
- 96:c0:72:2b:29:e4:61:b7:6b:9a:b2:92
------BEGIN CERTIFICATE-----
-MIICEjCCAZmgAwIBAgIQa52DCD2HzIgK3rzNO1zvTTAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNjAyWhcNMjIwNzE0
-MTMxNjAyWjAXMRUwEwYDVQQDDAx6YmFydGFrb3ZpY3MwdjAQBgcqhkjOPQIBBgUr
-gQQAIgNiAAQPaAvGjoE876fLcYTzhBLlnCgTFeGrvy+SPNtALOX3yWGU0iMIEHVT
-euw5PKGc03MOedtMFZR3EaQw4rxz+mYOF5Dio0wXgkGHwpSKwyhHQHZ2WccWRweL
-7N0ibDyvJiWjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUNlCtSjpp2MAA9Dx8
-/7B94pS5fIowVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBox
-GDAWBgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5Sgaeww
-EwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2cA
-MGQCMH4aAjmfLcjdW0ormi5hYKXiYJIp1H7yMlq+kHKJQhp0dHLD6DILY4JSZfov
-sxNPFgIwHqB551XRRVSXjaD7UM5HsB/QeEch3CHRffQa2khV/EPOKK65lsByKynk
-YbdrmrKS
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 6c:ec:ac:4a:d5:4f:bc:03:e4:72:a5:9b:07:27:af:32
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Oct 8 08:57:29 2019 GMT
- Not After : Sep 22 08:57:29 2022 GMT
- Subject: CN=bme
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:86:d3:5d:6e:be:3e:91:90:d7:a3:2c:d2:6a:2a:
- 4f:bb:cd:52:4e:46:5b:1b:60:f0:cb:aa:5b:b4:88:
- 71:f4:71:00:e4:b8:cb:74:ce:b8:9d:c1:fd:5c:69:
- a7:28:66:21:43:11:4a:35:06:cb:1c:57:0b:37:9b:
- f1:2f:78:2a:d2:1d:01:49:66:71:25:74:74:0e:be:
- 93:75:40:6c:cb:0a:81:0e:23:7c:b7:f9:9b:e1:d0:
- c4:d2:1c:6d:da:ca:f2
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- F9:F8:F4:23:C5:01:A0:4F:6A:66:BB:D9:A0:AB:2E:5A:4D:05:10:96
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:1c:97:83:ea:9d:3f:9e:9b:99:26:1f:42:df:01:
- b0:d5:33:0b:b5:40:9d:be:20:1c:c2:ef:ab:7e:1b:14:d6:72:
- e2:43:19:6c:ec:2b:db:cf:ab:bf:21:27:2e:4f:0f:80:02:30:
- 7e:e7:f7:c3:21:78:67:a5:71:7b:cb:45:cd:6f:8c:07:36:de:
- fb:77:0a:08:f6:c7:3b:06:eb:f8:37:f0:2c:06:6b:c6:2a:95:
- 0c:02:e4:87:34:ee:f9:af:93:27:b1:b5
------BEGIN CERTIFICATE-----
-MIICCTCCAZCgAwIBAgIQbOysStVPvAPkcqWbByevMjAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkxMDA4MDg1NzI5WhcNMjIwOTIy
-MDg1NzI5WjAOMQwwCgYDVQQDDANibWUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASG
-011uvj6RkNejLNJqKk+7zVJORlsbYPDLqlu0iHH0cQDkuMt0zridwf1caacoZiFD
-EUo1BsscVws3m/EveCrSHQFJZnEldHQOvpN1QGzLCoEOI3y3+Zvh0MTSHG3ayvKj
-gaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQU+fj0I8UBoE9qZrvZoKsuWk0FEJYw
-VQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNVBAMM
-D1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0lBAww
-CgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2cAMGQCMByXg+qd
-P56bmSYfQt8BsNUzC7VAnb4gHMLvq34bFNZy4kMZbOwr28+rvyEnLk8PgAIwfuf3
-wyF4Z6Vxe8tFzW+MBzbe+3cKCPbHOwbr+DfwLAZrxiqVDALkhzTu+a+TJ7G1
------END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 73:44:69:33:9d:70:f8:2e:cc:af:44:62:a8:c4:d2:32
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:52:17 2022 GMT
+ Not After : Jan 25 16:52:17 2032 GMT
+ Subject: CN=qqcs
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b9:83:80:30:d8:21:63:c5:f1:85:af:0d:2a:af:
+ b6:c8:50:03:6e:6c:1c:55:28:b2:9d:59:1d:42:0b:
+ f9:42:ea:38:d6:3d:1b:2f:9e:c2:c4:91:d8:0e:56:
+ 28:03:5f:a8:a9:bf:6a:d7:9f:22:78:b8:cb:f5:7e:
+ da:c0:bb:56:b7:25:a1:84:af:19:70:c3:27:fc:33:
+ 82:01:71:76:25:a3:6e:bb:d6:a3:71:1b:4a:48:51:
+ 3d:6a:c6:36:28:05:88:01:3c:6a:45:b5:a3:46:f1:
+ 8b:bf:49:52:80:c6:30:fd:a3:4c:36:22:f0:b5:22:
+ fe:05:0d:8f:8d:14:0b:67:3d:95:4f:56:d3:88:a6:
+ a3:a7:56:52:86:ad:7b:a9:03:e8:39:50:18:7d:79:
+ d0:9c:c7:24:4b:02:75:60:95:60:0f:92:a5:44:7a:
+ 7c:6b:ec:77:29:ac:6f:a9:7f:7d:ee:06:9c:36:d5:
+ 8c:fe:34:f5:c0:52:6c:4e:26:c9:4c:e6:17:02:41:
+ 89:f7:5e:83:51:eb:2c:59:c1:e0:96:6d:7b:57:7f:
+ f7:d6:df:59:59:5a:c2:23:5b:7c:f6:f9:41:ec:fa:
+ 5a:6c:a7:41:2c:5e:c6:a1:50:3f:c2:4c:a9:ee:60:
+ d1:10:af:e3:99:c3:2d:c5:dc:cd:ac:ee:8e:c6:92:
+ 16:33
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ E5:15:40:45:95:37:CC:FA:F8:7F:B7:70:67:A8:23:62:31:B6:58:35
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 1b:08:06:e9:01:65:f8:ff:f8:52:03:4c:f4:e3:da:41:7a:b1:
+ e3:af:78:f3:ba:0d:7a:28:68:71:ef:fe:db:ef:8d:eb:c9:5f:
+ 18:c2:0c:36:48:2e:b3:38:f1:21:09:d4:21:11:4a:21:4d:3b:
+ 6c:c0:cb:2a:55:c9:59:5e:e9:03:e9:ca:af:c3:46:86:68:96:
+ 3b:2a:1a:41:a9:d0:f1:f5:21:78:45:ab:70:d9:a5:7d:58:9d:
+ 3b:cb:39:3a:d5:17:39:cb:9a:21:fa:b1:01:c2:4e:12:35:48:
+ a2:d4:0f:06:d1:ca:37:98:3e:0b:51:a2:bf:34:ff:d1:28:86:
+ 3d:34:1a:25:a8:5d:0d:08:03:d9:80:26:e7:9b:9a:31:a2:d0:
+ b8:26:1f:b6:60:d8:50:8b:a2:aa:6b:61:94:9d:56:b9:6e:c4:
+ 02:b7:45:91:6b:fb:45:ae:62:00:cd:54:37:07:82:10:1c:bf:
+ 4c:73:ff:53:ff:f8:0f:67:43:9d:a7:27:1c:4b:51:01:27:cf:
+ 0a:8d:8f:84:49:85:3c:c4:59:1e:23:9a:2f:2d:71:03:a3:b4:
+ 3a:59:2d:6b:d5:ec:c0:0f:8b:95:79:b6:71:50:4a:e7:13:6e:
+ 49:59:fc:4f:e7:df:8a:40:23:32:41:f4:28:54:4e:43:ef:16:
+ 24:f2:f1:8d
+-----BEGIN CERTIFICATE-----
+MIIDUjCCAjqgAwIBAgIQc0RpM51w+C7Mr0RiqMTSMjANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjUyMTdaFw0zMjAxMjUx
+NjUyMTdaMA8xDTALBgNVBAMMBHFxY3MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQC5g4Aw2CFjxfGFrw0qr7bIUANubBxVKLKdWR1CC/lC6jjWPRsvnsLE
+kdgOVigDX6ipv2rXnyJ4uMv1ftrAu1a3JaGErxlwwyf8M4IBcXYlo2671qNxG0pI
+UT1qxjYoBYgBPGpFtaNG8Yu/SVKAxjD9o0w2IvC1Iv4FDY+NFAtnPZVPVtOIpqOn
+VlKGrXupA+g5UBh9edCcxyRLAnVglWAPkqVEenxr7HcprG+pf33uBpw21Yz+NPXA
+UmxOJslM5hcCQYn3XoNR6yxZweCWbXtXf/fW31lZWsIjW3z2+UHs+lpsp0EsXsah
+UD/CTKnuYNEQr+OZwy3F3M2s7o7GkhYzAgMBAAGjgaIwgZ8wCQYDVR0TBAIwADAd
+BgNVHQ4EFgQU5RVARZU3zPr4f7dwZ6gjYjG2WDUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMC
+B4AwDQYJKoZIhvcNAQELBQADggEBABsIBukBZfj/+FIDTPTj2kF6seOvePO6DXoo
+aHHv/tvvjevJXxjCDDZILrM48SEJ1CERSiFNO2zAyypVyVle6QPpyq/DRoZoljsq
+GkGp0PH1IXhFq3DZpX1YnTvLOTrVFznLmiH6sQHCThI1SKLUDwbRyjeYPgtRor80
+/9Eohj00GiWoXQ0IA9mAJuebmjGi0LgmH7Zg2FCLoqprYZSdVrluxAK3RZFr+0Wu
+YgDNVDcHghAcv0xz/1P/+A9nQ52nJxxLUQEnzwqNj4RJhTzEWR4jmi8tcQOjtDpZ
+LWvV7MAPi5V5tnFQSucTbklZ/E/n34pAIzJB9ChUTkPvFiTy8Y0=
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 7f:02:84:bd:04:07:a8:de:a7:7a:76:16:b2:25:d0:8e
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:54:58 2022 GMT
+ Not After : Jan 25 16:54:58 2032 GMT
+ Subject: CN=kvajda
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:d1:7a:06:e5:cf:eb:9b:3f:97:77:e5:31:89:cf:
+ 0a:4d:63:b4:7d:df:31:04:83:62:eb:5c:b9:75:35:
+ d2:b1:9b:60:63:36:3a:70:3e:e1:5f:f4:22:0b:7c:
+ 32:ed:c7:bb:64:44:4a:5a:9b:a6:3a:5b:b5:a5:f8:
+ a0:c3:bb:c4:a4:10:5a:99:b1:0c:d1:05:ae:08:25:
+ 15:dd:af:b6:2e:cf:96:eb:35:25:d7:73:e3:a8:d4:
+ eb:fc:a9:5e:37:71:35:aa:1a:58:4d:57:df:a7:8c:
+ 27:0b:76:28:98:0b:17:98:74:25:3c:54:21:52:5e:
+ 38:ce:e2:7f:fd:50:17:43:3c:fc:4c:b9:6b:28:53:
+ 59:89:e2:b9:f8:ec:b6:1e:14:b4:f6:8a:51:3e:d2:
+ 1b:04:77:8f:a3:7d:57:f2:14:0b:7c:e5:70:ca:1a:
+ 57:7c:e1:b2:1a:5e:ad:fc:af:c9:dd:d4:81:4c:19:
+ 2c:bd:b6:c3:5b:fa:3d:f9:2d:ad:06:be:49:84:01:
+ f6:44:ca:a3:bb:2a:23:4c:b2:ea:d8:67:36:22:ca:
+ c6:c6:19:df:b1:fa:31:1b:c4:40:dc:4e:c7:0a:66:
+ 22:5c:25:36:2d:5b:22:23:f6:5d:bd:c9:b3:95:ef:
+ c0:82:a2:d9:d8:eb:d2:05:4d:e5:31:1f:8a:0c:05:
+ 0d:bd
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 5C:FF:92:2D:39:79:AC:9A:F5:F2:B6:9D:63:81:87:78:07:94:0F:04
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ a8:5b:2c:2d:3a:6a:d1:9d:1a:44:b3:ef:14:fd:63:2b:fd:72:
+ 79:4e:3a:30:ff:1b:91:82:fc:7f:c8:bf:45:05:74:ed:e9:94:
+ d4:73:4d:66:f7:82:b7:7e:b2:e3:41:fc:f8:b6:2c:c2:a0:64:
+ af:e3:05:65:80:51:5e:6a:cb:c6:2d:33:84:d0:bc:ba:40:c5:
+ c7:0e:2d:05:16:b5:81:7a:de:6a:d6:13:aa:b2:58:5d:18:72:
+ 1a:98:9f:be:2b:00:67:70:7a:82:1c:9b:6f:38:5a:7a:60:ee:
+ d5:1a:fd:8f:8f:d2:55:87:bc:b9:bc:e0:c0:bf:d6:ec:09:70:
+ a2:2a:50:6e:de:41:75:99:bd:c9:5e:8c:5e:52:09:3b:3d:1c:
+ e0:c7:05:ec:65:64:7f:e4:57:98:0d:2e:c7:79:5f:6f:9b:f4:
+ b0:bb:cc:58:f0:dd:c4:c0:04:a6:a3:8f:ae:1d:74:c3:04:73:
+ 56:5e:e4:4b:2b:ef:87:d9:c6:84:1d:bd:a7:17:63:8d:8a:31:
+ 99:6e:d7:e9:15:56:b1:00:b7:5f:49:c9:44:71:f2:6d:14:b5:
+ 06:b9:7a:7f:e5:8d:fb:8e:a3:f1:f4:52:c7:72:3b:6c:f4:50:
+ d1:c8:c5:26:4a:40:6b:16:08:7e:ab:c9:8c:54:3c:94:57:5e:
+ 3e:52:84:f7
+-----BEGIN CERTIFICATE-----
+MIIDVDCCAjygAwIBAgIQfwKEvQQHqN6nenYWsiXQjjANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU0NThaFw0zMjAxMjUx
+NjU0NThaMBExDzANBgNVBAMMBmt2YWpkYTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANF6BuXP65s/l3flMYnPCk1jtH3fMQSDYutcuXU10rGbYGM2OnA+
+4V/0Igt8Mu3Hu2RESlqbpjpbtaX4oMO7xKQQWpmxDNEFrgglFd2vti7Plus1Jddz
+46jU6/ypXjdxNaoaWE1X36eMJwt2KJgLF5h0JTxUIVJeOM7if/1QF0M8/Ey5ayhT
+WYniufjsth4UtPaKUT7SGwR3j6N9V/IUC3zlcMoaV3zhshperfyvyd3UgUwZLL22
+w1v6PfktrQa+SYQB9kTKo7sqI0yy6thnNiLKxsYZ37H6MRvEQNxOxwpmIlwlNi1b
+IiP2Xb3Js5XvwIKi2djr0gVN5TEfigwFDb0CAwEAAaOBojCBnzAJBgNVHRMEAjAA
+MB0GA1UdDgQWBBRc/5ItOXmsmvXytp1jgYd4B5QPBDBRBgNVHSMESjBIgBRJQ1tS
++DF4tYR0eo0n0yIfqdTCpaEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GCFHXP
+MTul9juXSk26FNFYypPL8X+lMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQE
+AwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAqFssLTpq0Z0aRLPvFP1jK/1yeU46MP8b
+kYL8f8i/RQV07emU1HNNZveCt36y40H8+LYswqBkr+MFZYBRXmrLxi0zhNC8ukDF
+xw4tBRa1gXreatYTqrJYXRhyGpifvisAZ3B6ghybbzhaemDu1Rr9j4/SVYe8ubzg
+wL/W7AlwoipQbt5BdZm9yV6MXlIJOz0c4McF7GVkf+RXmA0ux3lfb5v0sLvMWPDd
+xMAEpqOPrh10wwRzVl7kSyvvh9nGhB29pxdjjYoxmW7X6RVWsQC3X0nJRHHybRS1
+Brl6f+WN+46j8fRSx3I7bPRQ0cjFJkpAaxYIfqvJjFQ8lFdePlKE9w==
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 98:28:a1:64:04:42:5a:3f:9f:42:0b:d6:47:20:1b:be
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:53:32 2022 GMT
+ Not After : Jan 25 16:53:32 2032 GMT
+ Subject: CN=cslevai
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:d1:ac:70:e4:89:88:d8:df:db:ce:fe:1e:85:79:
+ 12:be:c3:fe:78:5d:90:21:37:4c:8b:f7:83:21:8b:
+ af:e0:17:83:20:b9:34:f7:f4:ac:ac:c3:6b:6f:94:
+ 60:b1:c3:82:98:55:4a:19:61:89:3a:60:75:8c:99:
+ 86:55:07:e0:b5:ee:6a:62:41:29:39:e4:c0:d3:14:
+ 22:78:1e:4c:02:ff:9a:36:3c:d5:17:a2:28:d8:68:
+ 9c:cd:cc:cc:32:0d:ac:b5:c4:c3:b4:ce:c1:d7:50:
+ ad:65:44:56:3f:d6:9a:1e:12:4c:18:d9:f7:c4:d9:
+ d0:eb:5f:ee:d4:b8:1c:64:40:cb:cf:62:72:38:33:
+ ab:d7:c5:bc:84:af:5e:5d:d2:df:51:0e:62:48:b5:
+ 71:e8:74:c2:de:1c:59:fb:ad:ae:f9:9e:9a:7b:73:
+ c7:ad:1a:43:9d:92:03:40:5c:b0:89:0a:79:e7:7a:
+ a4:a9:fe:d2:a2:37:fb:30:b9:84:8b:af:4d:ae:d1:
+ 68:36:dc:df:9c:f3:e9:84:b3:dc:41:97:cb:34:ea:
+ 18:97:9f:d8:60:86:e2:8f:f1:9e:6b:6d:69:fe:78:
+ 87:f9:5b:f5:4d:bf:5d:7e:29:c3:73:68:1d:9a:03:
+ 5c:f7:34:fd:89:d9:70:59:e6:df:e3:64:55:21:a9:
+ 23:d1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 78:8A:3B:63:8C:10:54:23:2A:F6:61:5B:4E:8D:23:85:01:A5:3A:B8
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 5f:0c:9b:ec:2f:d1:0f:96:91:e2:9c:3b:55:27:f0:56:5d:7c:
+ 85:0c:8b:d3:03:d5:40:86:0e:9b:0b:d1:ce:f5:e6:ab:7a:ec:
+ 18:17:e0:0f:56:03:c6:29:20:35:4a:bc:43:01:0b:c0:6e:77:
+ 5d:33:c8:57:11:75:c3:d6:e4:fa:70:42:9c:0f:cd:33:75:ce:
+ 68:3e:8b:2c:c1:19:07:5f:ab:00:8d:cc:b5:7e:bf:6d:ec:01:
+ db:6a:5e:56:dd:2e:95:13:bb:4c:8e:ed:06:3e:50:c9:48:ad:
+ 87:7d:1b:0b:54:b2:cb:70:cf:c3:15:19:fc:cf:57:05:3c:c8:
+ e3:34:9f:e7:d1:57:65:5d:07:08:82:3e:2e:00:dc:02:ab:4a:
+ ab:9d:f3:e1:37:c7:17:83:71:e0:c2:92:a8:5a:45:46:83:a2:
+ 8b:c8:f4:41:cb:17:fb:dd:cd:ea:40:02:63:3d:a5:79:8c:f4:
+ ea:3b:4c:d1:2c:1b:82:f1:ff:6a:d4:e4:dc:8c:b1:ff:8a:72:
+ 00:f0:53:a1:c8:98:45:ac:22:7a:35:40:b8:fe:13:8a:9c:d1:
+ b9:d6:74:31:08:30:db:03:a9:75:6c:75:48:96:ad:02:ce:a3:
+ 22:2a:a9:a8:63:c9:7f:0b:25:0d:91:6c:3a:72:56:11:22:4c:
+ 37:5f:3d:f9
+-----BEGIN CERTIFICATE-----
+MIIDVjCCAj6gAwIBAgIRAJgooWQEQlo/n0IL1kcgG74wDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1MzMyWhcNMzIwMTI1
+MTY1MzMyWjASMRAwDgYDVQQDDAdjc2xldmFpMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA0axw5ImI2N/bzv4ehXkSvsP+eF2QITdMi/eDIYuv4BeDILk0
+9/SsrMNrb5RgscOCmFVKGWGJOmB1jJmGVQfgte5qYkEpOeTA0xQieB5MAv+aNjzV
+F6Io2GiczczMMg2stcTDtM7B11CtZURWP9aaHhJMGNn3xNnQ61/u1LgcZEDLz2Jy
+ODOr18W8hK9eXdLfUQ5iSLVx6HTC3hxZ+62u+Z6ae3PHrRpDnZIDQFywiQp553qk
+qf7Sojf7MLmEi69NrtFoNtzfnPPphLPcQZfLNOoYl5/YYIbij/Gea21p/niH+Vv1
+Tb9dfinDc2gdmgNc9zT9idlwWebf42RVIakj0QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFHiKO2OMEFQjKvZhW06NI4UBpTq4MFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBfDJvsL9EPlpHinDtVJ/BWXXyFDIvT
+A9VAhg6bC9HO9eareuwYF+APVgPGKSA1SrxDAQvAbnddM8hXEXXD1uT6cEKcD80z
+dc5oPosswRkHX6sAjcy1fr9t7AHbal5W3S6VE7tMju0GPlDJSK2HfRsLVLLLcM/D
+FRn8z1cFPMjjNJ/n0VdlXQcIgj4uANwCq0qrnfPhN8cXg3HgwpKoWkVGg6KLyPRB
+yxf73c3qQAJjPaV5jPTqO0zRLBuC8f9q1OTcjLH/inIA8FOhyJhFrCJ6NUC4/hOK
+nNG51nQxCDDbA6l1bHVIlq0CzqMiKqmoY8l/CyUNkWw6clYRIkw3Xz35
+-----END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- a1:74:ec:e4:d9:52:56:fa:d7:ad:43:1c:5e:3a:e2:84
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:13:36 2019 GMT
- Not After : Jul 14 13:13:36 2022 GMT
- Subject: CN=csgulyas
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:82:03:91:ad:e7:76:b7:8d:51:86:6d:cc:e3:15:
- 91:6c:ac:31:e7:6d:e1:44:0d:c3:29:95:7c:5e:e1:
- e8:37:aa:00:f6:47:74:18:e7:28:90:95:16:6c:08:
- e2:9f:d7:24:55:46:22:1c:19:9f:06:4b:9b:8e:96:
- 4b:5d:bb:c0:ad:35:5a:06:73:10:36:32:1d:89:e6:
- b1:9e:f3:62:0d:8f:85:70:72:4c:48:4a:47:f0:fa:
- eb:f6:7b:9c:7f:a8:7a
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 7E:44:12:28:E0:31:C6:7D:40:5A:E4:D5:86:5D:90:10:CC:14:12:33
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:2c:e3:e6:64:cd:43:ae:4a:9c:d7:40:66:cb:b2:
- 1e:90:c3:97:17:32:f8:df:62:fd:54:32:d3:85:ee:bb:71:5e:
- 4a:e2:23:ea:a4:cb:75:3a:72:ac:ca:f6:1b:f5:6b:57:02:31:
- 00:e7:0a:38:06:b4:97:17:2c:f3:76:cc:aa:1e:6e:8d:be:12:
- 7e:0a:ef:d6:34:fa:42:37:e1:6d:d3:bb:1f:75:39:a3:c5:40:
- 32:37:7e:ba:c1:18:d4:cb:1b:55:62:ad:1b
------BEGIN CERTIFICATE-----
-MIICEDCCAZagAwIBAgIRAKF07OTZUlb6161DHF464oQwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMTMzNloXDTIyMDcx
-NDEzMTMzNlowEzERMA8GA1UEAwwIY3NndWx5YXMwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAASCA5Gt53a3jVGGbczjFZFsrDHnbeFEDcMplXxe4eg3qgD2R3QY5yiQlRZs
-COKf1yRVRiIcGZ8GS5uOlktdu8CtNVoGcxA2Mh2J5rGe82INj4VwckxISkfw+uv2
-e5x/qHqjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUfkQSKOAxxn1AWuTVhl2Q
-EMwUEjMwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAW
-BgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYD
-VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUC
-MCzj5mTNQ65KnNdAZsuyHpDDlxcy+N9i/VQy04Xuu3FeSuIj6qTLdTpyrMr2G/Vr
-VwIxAOcKOAa0lxcs83bMqh5ujb4Sfgrv1jT6QjfhbdO7H3U5o8VAMjd+usEY1Msb
-VWKtGw==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- ab:51:7a:c1:c6:bf:8c:35:5c:a1:ea:62:5a:ca:67:84
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:04:35 2019 GMT
- Not After : Jul 14 13:04:35 2022 GMT
- Subject: CN=server
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:b9:1f:ea:83:e0:6a:e3:49:dd:a8:f5:06:17:33:
- 4c:44:73:ac:46:01:33:eb:88:a3:12:d6:0a:aa:3b:
- ee:6f:d3:75:69:19:f6:82:12:9d:23:17:3a:b9:fe:
- 66:61:26:4c:46:db:d2:f9:5a:fc:a8:82:58:22:a8:
- b7:fc:cb:fd:cc:3d:f1:e8:c9:19:39:f1:f3:d0:fb:
- 73:b0:9f:77:53:9c:ff:35:b5:b5:c6:8d:ee:eb:66:
- 0b:d1:70:d5:bb:a4:66
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 81:F8:B0:C6:7B:70:D8:D6:C9:E1:9D:B2:67:8B:3B:D8:21:1B:9A:B2
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Server Authentication
- X509v3 Key Usage:
- Digital Signature, Key Encipherment
- X509v3 Subject Alternative Name:
- DNS:server
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:88:cf:12:d6:9c:fd:43:24:58:63:13:27:f1:
- 44:0a:62:b0:b2:1d:0f:28:3d:50:d0:be:f2:ea:5e:d6:23:27:
- ac:42:b3:67:2c:d3:8d:7d:19:15:ce:4a:7f:5e:cb:67:94:02:
- 31:00:8a:f3:c3:f9:ce:f2:35:3a:5a:21:55:1c:d1:ec:80:fa:
- ad:ef:9b:d9:7d:5c:33:55:f3:71:9c:6d:eb:68:15:ba:45:43:
- 23:1c:83:7a:21:36:a0:4c:24:73:44:14:ef:ea
------BEGIN CERTIFICATE-----
-MIICIjCCAaegAwIBAgIRAKtResHGv4w1XKHqYlrKZ4QwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQzNVoXDTIyMDcx
-NDEzMDQzNVowETEPMA0GA1UEAwwGc2VydmVyMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEuR/qg+Bq40ndqPUGFzNMRHOsRgEz64ijEtYKqjvub9N1aRn2ghKdIxc6uf5m
-YSZMRtvS+Vr8qIJYIqi3/Mv9zD3x6MkZOfHz0PtzsJ93U5z/NbW1xo3u62YL0XDV
-u6Rmo4G5MIG2MAkGA1UdEwQCMAAwHQYDVR0OBBYEFIH4sMZ7cNjWyeGdsmeLO9gh
-G5qyMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMBMAsGA1UdDwQEAwIFoDARBgNVHREECjAIggZzZXJ2ZXIw
-CgYIKoZIzj0EAwIDaQAwZgIxAIjPEtac/UMkWGMTJ/FECmKwsh0PKD1Q0L7y6l7W
-IyesQrNnLNONfRkVzkp/XstnlAIxAIrzw/nO8jU6WiFVHNHsgPqt75vZfVwzVfNx
-nG3raBW6RUMjHIN6ITagTCRzRBTv6g==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- ac:b6:49:fd:c2:e3:b8:1c:54:2c:66:1f:04:12:e1:b6
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:16:25 2019 GMT
- Not After : Jul 14 13:16:25 2022 GMT
- Subject: CN=qqcs
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:4a:c3:a5:30:3e:35:30:99:34:68:48:48:08:05:
- 96:c9:b4:40:cc:e5:09:81:e3:47:07:84:59:63:59:
- f8:c5:92:7f:35:ba:68:1b:14:d2:f3:da:39:14:97:
- e3:11:09:d8:4f:34:61:9d:b2:75:d6:73:ab:d9:eb:
- ed:0e:e8:e5:7b:28:c6:9d:04:b1:ed:47:97:2b:d3:
- 62:01:b3:83:e7:6c:c8:c7:11:82:f3:c8:c0:97:27:
- 52:8d:54:da:42:98:fb
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 8B:85:13:8E:D2:D4:4D:3F:AE:DD:0D:38:D0:65:84:40:E9:2A:3F:02
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:28:fe:ea:a7:50:e0:71:a6:51:36:4e:19:42:f7:
- 01:c4:d0:fd:a2:66:f3:4c:28:15:81:51:9d:75:33:88:3e:6e:
- 96:02:e4:67:be:26:cf:05:81:18:c3:e6:96:7f:73:2a:02:31:
- 00:fc:ea:f1:0c:28:55:3b:9e:d1:5f:46:c7:41:0f:da:48:c5:
- a6:35:45:19:07:f1:ad:59:2a:ae:0b:60:c6:f3:7d:a8:af:4f:
- 71:50:5d:bb:fb:a7:55:7c:6c:b2:ce:12:c4
------BEGIN CERTIFICATE-----
-MIICDDCCAZKgAwIBAgIRAKy2Sf3C47gcVCxmHwQS4bYwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMTYyNVoXDTIyMDcx
-NDEzMTYyNVowDzENMAsGA1UEAwwEcXFjczB2MBAGByqGSM49AgEGBSuBBAAiA2IA
-BErDpTA+NTCZNGhISAgFlsm0QMzlCYHjRweEWWNZ+MWSfzW6aBsU0vPaORSX4xEJ
-2E80YZ2yddZzq9nr7Q7o5Xsoxp0Ese1HlyvTYgGzg+dsyMcRgvPIwJcnUo1U2kKY
-+6OBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBSLhROO0tRNP67dDTjQZYRA6So/
-AjBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYGA1UE
-AwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNVHSUE
-DDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIwKP7q
-p1DgcaZRNk4ZQvcBxND9ombzTCgVgVGddTOIPm6WAuRnvibPBYEYw+aWf3MqAjEA
-/OrxDChVO57RX0bHQQ/aSMWmNUUZB/GtWSquC2DG832or09xUF27+6dVfGyyzhLE
------END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ ac:ba:23:20:4b:73:6c:f4:35:3c:08:0b:12:1b:ff:49
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:53:47 2022 GMT
+ Not After : Jan 25 16:53:47 2032 GMT
+ Subject: CN=dhorvath
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:c6:f8:1a:ee:a6:a6:42:b8:ae:3f:fc:45:c6:86:
+ 81:17:81:74:f1:e2:eb:14:a6:22:5e:3a:44:33:0c:
+ d9:a4:2b:64:62:f5:77:61:c1:97:56:42:ee:89:d0:
+ 6d:61:a7:a1:59:65:7d:83:0e:97:7e:63:b4:ab:f7:
+ 95:fd:18:c1:0b:2d:c3:de:66:7a:9a:75:cd:ef:1f:
+ 0e:56:b5:c3:c8:45:78:68:f0:51:a1:30:75:9f:3e:
+ b0:31:02:a7:d8:73:b5:eb:1c:6c:93:6a:c0:bb:3f:
+ f7:ad:27:76:0e:86:55:f8:23:e5:d3:70:6e:23:9f:
+ dc:94:f0:50:40:98:a9:8a:07:c7:e3:cb:e9:23:ca:
+ 91:4d:01:49:db:8d:1a:ca:4c:f6:52:5b:b6:02:15:
+ 69:b3:20:6a:33:c0:61:52:bc:d5:1d:ac:f4:6a:8e:
+ cc:a9:fb:36:8f:8b:21:db:91:f8:3a:11:d4:cd:c7:
+ d6:c7:cd:41:17:cd:91:49:0b:40:21:8d:13:a2:ee:
+ fa:59:d3:60:55:f8:8e:bb:6b:2b:0e:f7:af:61:a7:
+ 6b:88:c1:03:4d:73:4d:e3:c0:e2:17:b1:2c:9d:78:
+ 78:1c:9e:e9:f8:0c:2c:64:68:b4:c1:4a:43:47:f4:
+ 87:91:06:f9:00:fd:76:00:41:09:58:b5:a2:b8:af:
+ b7:05
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ CF:44:3C:7F:23:15:9C:76:59:D3:47:32:F3:05:35:6E:23:A0:3B:C7
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 41:c4:86:a3:f5:3b:0d:5e:b2:78:78:b1:18:80:65:4d:02:06:
+ ba:f5:3b:49:5d:09:13:a9:7d:e2:6e:f2:a3:ea:e0:27:78:8c:
+ 41:63:85:f5:8b:11:86:89:f4:83:d4:2a:91:22:26:b9:68:11:
+ 3a:2a:74:df:3c:ea:d5:3b:bc:e9:d8:c6:1b:01:6d:3d:db:43:
+ bb:eb:6b:76:2c:fe:d9:ec:d1:d6:3d:c1:f2:59:27:29:17:cc:
+ 6a:be:da:b3:cd:c7:6f:b6:5d:1e:49:a5:4b:d5:c0:87:fc:7a:
+ a6:40:67:e4:1e:5b:93:01:51:be:f9:33:7e:cb:29:4a:4f:55:
+ 52:09:66:f1:b9:b3:98:99:59:f8:24:50:09:80:51:21:76:47:
+ 93:c1:f7:c2:83:32:9c:a8:da:63:1b:cf:85:3a:99:9d:43:22:
+ af:76:94:b0:50:18:7c:bf:c4:16:55:09:79:90:2c:41:ee:84:
+ ac:b5:f1:26:d7:b3:23:38:95:28:e0:66:3e:ae:11:61:72:cf:
+ a2:e7:c4:58:d9:14:52:a7:da:0a:6b:2b:94:7e:b5:66:57:8e:
+ 54:40:df:57:09:5e:61:7f:7e:dd:71:fa:a7:23:06:18:c1:2d:
+ ff:8d:90:f2:b0:8d:5a:0a:7e:ae:64:d3:bb:ae:48:29:24:ea:
+ 39:9f:cf:0d
+-----BEGIN CERTIFICATE-----
+MIIDVzCCAj+gAwIBAgIRAKy6IyBLc2z0NTwICxIb/0kwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1MzQ3WhcNMzIwMTI1
+MTY1MzQ3WjATMREwDwYDVQQDDAhkaG9ydmF0aDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMb4Gu6mpkK4rj/8RcaGgReBdPHi6xSmIl46RDMM2aQrZGL1
+d2HBl1ZC7onQbWGnoVllfYMOl35jtKv3lf0YwQstw95mepp1ze8fDla1w8hFeGjw
+UaEwdZ8+sDECp9hztescbJNqwLs/960ndg6GVfgj5dNwbiOf3JTwUECYqYoHx+PL
+6SPKkU0BSduNGspM9lJbtgIVabMgajPAYVK81R2s9GqOzKn7No+LIduR+DoR1M3H
+1sfNQRfNkUkLQCGNE6Lu+lnTYFX4jrtrKw73r2Gna4jBA01zTePA4hexLJ14eBye
+6fgMLGRotMFKQ0f0h5EG+QD9dgBBCVi1orivtwUCAwEAAaOBojCBnzAJBgNVHRME
+AjAAMB0GA1UdDgQWBBTPRDx/IxWcdlnTRzLzBTVuI6A7xzBRBgNVHSMESjBIgBRJ
+Q1tS+DF4tYR0eo0n0yIfqdTCpaEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GC
+FHXPMTul9juXSk26FNFYypPL8X+lMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1Ud
+DwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAQcSGo/U7DV6yeHixGIBlTQIGuvU7
+SV0JE6l94m7yo+rgJ3iMQWOF9YsRhon0g9QqkSImuWgROip03zzq1Tu86djGGwFt
+PdtDu+trdiz+2ezR1j3B8lknKRfMar7as83Hb7ZdHkmlS9XAh/x6pkBn5B5bkwFR
+vvkzfsspSk9VUglm8bmzmJlZ+CRQCYBRIXZHk8H3woMynKjaYxvPhTqZnUMir3aU
+sFAYfL/EFlUJeZAsQe6ErLXxJtezIziVKOBmPq4RYXLPoufEWNkUUqfaCmsrlH61
+ZleOVEDfVwleYX9+3XH6pyMGGMEt/42Q8rCNWgp+rmTTu65IKSTqOZ/PDQ==
+-----END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- b5:63:ff:7c:ff:87:23:f8:fd:6c:cd:82:85:1f:fa:31
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Mar 26 10:41:42 2020 GMT
- Not After : Mar 11 10:41:42 2023 GMT
- Subject: CN=thering
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:18:e6:74:25:a4:09:6a:83:9f:bc:71:e8:8e:c1:
- 44:73:6c:60:17:3a:29:a4:11:40:94:9d:ad:aa:f4:
- 37:03:cc:83:a7:28:5b:58:c8:0b:40:bf:ec:c8:83:
- 6e:41:db:56:24:37:56:7f:ba:25:57:09:76:82:27:
- 45:93:e9:65:25:aa:55:f1:cb:48:d8:8b:d2:65:dc:
- 8e:51:71:e8:60:d1:2e:88:34:f4:d1:f3:c2:81:3a:
- 36:9a:9c:08:7f:ac:c7
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- DE:BA:42:67:DA:26:9A:79:0C:E4:D7:AB:BA:DA:0A:02:71:D0:48:FE
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:87:c1:1b:d1:15:d9:85:62:f9:58:ff:0b:30:
- a0:3b:c7:31:ca:46:0c:71:0c:55:9d:83:a3:a9:32:93:94:7a:
- 6b:b4:54:e2:a3:e6:be:de:aa:29:bc:77:a7:9e:1b:cc:6f:02:
- 30:66:a5:9a:15:42:7f:e4:ad:00:be:0b:73:70:20:1b:c1:65:
- 40:15:22:28:51:8a:d1:7a:06:3a:50:2c:d2:56:0d:48:2c:7a:
- f4:b1:63:3e:ac:7f:01:c8:ac:bc:04:ce:b9
------BEGIN CERTIFICATE-----
-MIICDzCCAZWgAwIBAgIRALVj/3z/hyP4/WzNgoUf+jEwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTIwMDMyNjEwNDE0MloXDTIzMDMx
-MTEwNDE0MlowEjEQMA4GA1UEAwwHdGhlcmluZzB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABBjmdCWkCWqDn7xx6I7BRHNsYBc6KaQRQJSdrar0NwPMg6coW1jIC0C/7MiD
-bkHbViQ3Vn+6JVcJdoInRZPpZSWqVfHLSNiL0mXcjlFx6GDRLog09NHzwoE6Npqc
-CH+sx6OBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBTeukJn2iaaeQzk16u62goC
-cdBI/jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIx
-AIfBG9EV2YVi+Vj/CzCgO8cxykYMcQxVnYOjqTKTlHprtFTio+a+3qopvHennhvM
-bwIwZqWaFUJ/5K0AvgtzcCAbwWVAFSIoUYrRegY6UCzSVg1ILHr0sWM+rH8ByKy8
-BM65
------END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ b7:e4:9a:ec:69:ad:ac:37:db:3d:e7:3a:72:68:05:aa
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:52:59 2022 GMT
+ Not After : Jan 25 16:52:59 2032 GMT
+ Subject: CN=akosztolanyi
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:cd:02:9c:1d:2c:a3:f2:9f:dc:ed:e2:44:32:e2:
+ 0f:02:2e:47:45:a2:a5:22:31:5a:8e:c8:68:c6:df:
+ 63:6b:25:32:62:ee:db:16:97:dd:60:21:61:a9:cb:
+ 77:6c:99:45:d1:5a:bf:b5:4c:0e:30:a6:33:ae:12:
+ 37:66:38:ec:5c:e5:b9:7c:4f:0e:14:b0:1a:c1:a8:
+ 50:e3:56:01:ce:68:0d:63:d4:9a:1b:33:95:f0:d5:
+ 38:7a:0d:d5:b3:a7:73:2f:a3:ed:54:bb:4e:40:0a:
+ 09:0b:ed:73:38:e0:bd:65:36:2e:92:29:b9:59:e1:
+ 3b:e6:bf:74:6b:8d:2a:f7:61:31:ba:10:04:98:d3:
+ b5:73:b7:74:bc:06:d7:c0:7c:33:4b:18:d7:5a:ea:
+ bf:87:7d:95:3e:ba:d9:5a:ad:c7:40:8e:6f:5b:90:
+ 38:91:54:f2:b8:30:71:b3:ad:d4:2f:c8:19:66:83:
+ 99:28:ba:7e:2f:00:c2:df:cc:e6:88:08:e4:ef:c2:
+ e3:e5:47:8b:6d:2d:70:b4:71:de:33:c5:47:9e:e6:
+ 2e:f7:7d:de:81:6f:ad:a4:00:44:b5:78:4f:3d:43:
+ 43:ef:5d:5a:0b:56:be:ab:da:22:2d:80:f1:99:fe:
+ 13:d7:a2:8e:4a:fb:31:1f:8e:27:fd:40:79:e1:73:
+ f3:d7
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ AB:71:5B:8D:67:12:A3:DB:00:A1:63:AA:37:72:C3:EC:6A:82:CC:FB
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 3c:b1:50:93:48:68:cc:42:76:ba:3e:f4:c7:38:95:40:18:23:
+ 17:6b:0e:2b:f9:13:25:d3:5e:49:e5:51:38:6c:66:da:c4:c1:
+ df:9f:71:96:65:6c:53:1d:bf:af:98:05:d5:4d:c2:cf:f3:6d:
+ cc:92:7c:79:c6:cc:47:5b:8a:9e:95:f5:fa:02:9d:69:73:b7:
+ 75:93:6f:18:f2:b8:15:97:08:a6:fa:c8:a9:e9:6d:44:bf:cb:
+ 77:73:b4:6a:02:55:c0:fb:3e:f0:e1:a3:a7:35:90:d1:91:79:
+ f1:3d:0f:b7:c9:2c:0a:de:c7:23:c2:10:b6:2c:d2:8a:a7:bf:
+ 11:ea:64:cb:93:99:c3:f6:0c:3f:57:a2:65:27:7e:ce:d2:f7:
+ 85:e2:ec:66:56:b4:a1:d6:5f:4b:56:6f:fb:93:1b:77:80:7a:
+ f4:c4:9d:59:71:09:d3:08:ba:75:0a:57:ce:c6:a0:08:e9:cd:
+ 94:0d:39:51:3b:e1:a1:a8:97:a9:26:4c:4d:fe:a6:e2:86:11:
+ 1c:2a:34:4d:ab:89:b2:ea:35:39:57:90:65:74:f8:89:75:53:
+ 0b:50:74:64:26:52:39:8b:b4:b7:6c:3a:a5:2d:59:68:fa:80:
+ ef:93:79:92:fe:88:ea:80:b8:bc:d0:79:c6:1f:a6:6d:01:5b:
+ 58:1d:30:0e
+-----BEGIN CERTIFICATE-----
+MIIDWzCCAkOgAwIBAgIRALfkmuxpraw32z3nOnJoBaowDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1MjU5WhcNMzIwMTI1
+MTY1MjU5WjAXMRUwEwYDVQQDDAxha29zenRvbGFueWkwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDNApwdLKPyn9zt4kQy4g8CLkdFoqUiMVqOyGjG32Nr
+JTJi7tsWl91gIWGpy3dsmUXRWr+1TA4wpjOuEjdmOOxc5bl8Tw4UsBrBqFDjVgHO
+aA1j1JobM5Xw1Th6DdWzp3Mvo+1Uu05ACgkL7XM44L1lNi6SKblZ4Tvmv3RrjSr3
+YTG6EASY07Vzt3S8BtfAfDNLGNda6r+HfZU+utlarcdAjm9bkDiRVPK4MHGzrdQv
+yBlmg5koun4vAMLfzOaICOTvwuPlR4ttLXC0cd4zxUee5i73fd6Bb62kAES1eE89
+Q0PvXVoLVr6r2iItgPGZ/hPXoo5K+zEfjif9QHnhc/PXAgMBAAGjgaIwgZ8wCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUq3FbjWcSo9sAoWOqN3LD7GqCzPswUQYDVR0jBEow
+SIAUSUNbUvgxeLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNB
+IENBghR1zzE7pfY7l0pNuhTRWMqTy/F/pTATBgNVHSUEDDAKBggrBgEFBQcDAjAL
+BgNVHQ8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBADyxUJNIaMxCdro+9Mc4lUAY
+IxdrDiv5EyXTXknlUThsZtrEwd+fcZZlbFMdv6+YBdVNws/zbcySfHnGzEdbip6V
+9foCnWlzt3WTbxjyuBWXCKb6yKnpbUS/y3dztGoCVcD7PvDho6c1kNGRefE9D7fJ
+LArexyPCELYs0oqnvxHqZMuTmcP2DD9XomUnfs7S94Xi7GZWtKHWX0tWb/uTG3eA
+evTEnVlxCdMIunUKV87GoAjpzZQNOVE74aGol6kmTE3+puKGERwqNE2ribLqNTlX
+kGV0+Il1UwtQdGQmUjmLtLdsOqUtWWj6gO+TeZL+iOqAuLzQecYfpm0BW1gdMA4=
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ c2:28:3c:ff:fa:8e:dc:f7:39:52:42:b1:f3:82:40:74
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:56:00 2022 GMT
+ Not After : Jan 25 16:56:00 2032 GMT
+ Subject: CN=rrendek
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:f3:4f:9c:e7:ba:7f:36:4f:1d:ac:7a:c7:d0:6c:
+ 59:f4:c2:e8:07:a3:d2:f1:ba:7b:e7:75:96:91:47:
+ 02:ac:53:d5:40:1b:43:25:ad:b9:15:b5:e5:b0:c0:
+ 90:42:74:47:a5:92:b0:f5:1c:fb:02:a9:0e:bd:9d:
+ b2:6d:85:95:2a:2b:95:51:9b:4e:14:22:45:bc:ab:
+ 23:df:76:e3:1a:f6:b7:27:a2:f0:e5:49:88:04:dc:
+ cb:7d:a0:4e:2b:8d:56:97:59:e9:4e:dc:f7:9f:41:
+ 2e:16:ef:75:59:db:e9:9c:59:3e:e5:3f:05:a7:aa:
+ 0d:01:bc:db:f8:03:e1:b1:d6:4b:70:18:1b:5e:10:
+ 05:a6:28:99:59:e5:a5:38:17:a9:92:95:ba:74:84:
+ cf:20:d4:e4:e4:26:4f:82:6d:3b:aa:51:d4:2e:4e:
+ c8:99:63:3a:bb:dd:ee:5d:e9:1c:ab:4b:54:a3:df:
+ 48:54:c0:7e:20:85:a1:4f:0a:93:3e:94:90:90:92:
+ f3:dc:73:94:16:3d:99:6e:57:82:98:87:8c:f8:15:
+ 0c:1e:35:6f:48:47:ed:15:3f:e4:06:98:04:f1:af:
+ 27:3d:af:25:10:aa:46:79:4e:00:ce:d4:bf:70:1f:
+ 2f:60:4b:a1:77:be:68:ff:36:4a:5f:60:ff:2e:cf:
+ ef:d5
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 20:87:C3:77:30:AC:3B:C2:8A:77:02:A3:86:B8:C0:A4:44:7D:33:FD
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 10:48:0c:b5:7b:c8:7f:51:e4:53:31:e9:c0:88:8a:da:55:2e:
+ e2:3b:ee:5f:20:bf:b1:ce:c8:0b:90:f5:d3:99:cf:b0:96:8b:
+ 63:9b:0a:ba:9b:2f:7b:d0:27:29:8b:67:b7:b2:85:d4:e6:26:
+ 6a:06:9f:27:f5:c0:a1:d9:35:39:51:89:82:18:b7:d4:25:72:
+ d5:a1:5f:56:65:37:15:e9:f6:8a:6f:03:6d:59:b7:8c:17:44:
+ f9:09:c3:71:3f:5d:e0:25:99:22:c4:32:41:a0:8b:93:02:47:
+ 14:ff:eb:df:1b:0b:d8:7e:ea:d8:d9:40:33:c6:ca:b2:f2:c6:
+ 53:89:90:b1:4a:5a:68:44:a1:18:df:af:1b:fc:b7:b7:04:20:
+ 36:61:e0:44:0d:9f:95:ed:f7:59:d7:a6:22:5a:0f:82:bf:5a:
+ aa:5a:fd:3c:77:0e:82:e6:ac:f3:b8:5d:26:62:55:66:06:3d:
+ cc:0a:22:09:dd:18:ec:98:eb:e9:f2:c5:43:85:f9:d8:43:82:
+ a8:ed:0e:19:0d:43:95:d9:ee:17:93:b4:ad:da:2a:b3:10:cf:
+ 52:74:50:2b:3d:8a:06:bd:31:52:38:07:85:dd:ca:9b:cb:97:
+ fb:ad:e6:a0:78:23:93:5c:22:5d:b9:d1:0f:55:32:07:d7:df:
+ c0:db:e5:05
+-----BEGIN CERTIFICATE-----
+MIIDVjCCAj6gAwIBAgIRAMIoPP/6jtz3OVJCsfOCQHQwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1NjAwWhcNMzIwMTI1
+MTY1NjAwWjASMRAwDgYDVQQDDAdycmVuZGVrMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA80+c57p/Nk8drHrH0GxZ9MLoB6PS8bp753WWkUcCrFPVQBtD
+Ja25FbXlsMCQQnRHpZKw9Rz7AqkOvZ2ybYWVKiuVUZtOFCJFvKsj33bjGva3J6Lw
+5UmIBNzLfaBOK41Wl1npTtz3n0EuFu91WdvpnFk+5T8Fp6oNAbzb+APhsdZLcBgb
+XhAFpiiZWeWlOBepkpW6dITPINTk5CZPgm07qlHULk7ImWM6u93uXekcq0tUo99I
+VMB+IIWhTwqTPpSQkJLz3HOUFj2ZbleCmIeM+BUMHjVvSEftFT/kBpgE8a8nPa8l
+EKpGeU4AztS/cB8vYEuhd75o/zZKX2D/Ls/v1QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFCCHw3cwrDvCincCo4a4wKREfTP9MFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQAQSAy1e8h/UeRTMenAiIraVS7iO+5f
+IL+xzsgLkPXTmc+wlotjmwq6my970Ccpi2e3soXU5iZqBp8n9cCh2TU5UYmCGLfU
+JXLVoV9WZTcV6faKbwNtWbeMF0T5CcNxP13gJZkixDJBoIuTAkcU/+vfGwvYfurY
+2UAzxsqy8sZTiZCxSlpoRKEY368b/Le3BCA2YeBEDZ+V7fdZ16YiWg+Cv1qqWv08
+dw6C5qzzuF0mYlVmBj3MCiIJ3RjsmOvp8sVDhfnYQ4Ko7Q4ZDUOV2e4Xk7St2iqz
+EM9SdFArPYoGvTFSOAeF3cqby5f7reageCOTXCJdudEPVTIH19/A2+UF
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ c3:0f:84:cf:71:19:04:e9:f7:bc:b1:ad:5d:99:6b:80
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:55:11 2022 GMT
+ Not After : Jan 25 16:55:11 2032 GMT
+ Subject: CN=mszabo
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b7:e3:57:e4:6d:41:2f:71:88:38:35:5c:fb:54:
+ 6d:75:dc:d4:fc:38:95:81:ed:98:13:6a:1b:aa:db:
+ 41:fb:2d:8b:ff:1d:49:9c:08:9e:b5:4a:a0:7c:48:
+ 96:87:1d:8d:ea:df:85:ad:5a:23:a0:7c:9a:ec:97:
+ 9c:73:20:06:2b:02:06:67:2b:86:fb:94:7f:e8:ff:
+ 3e:e2:3c:f4:3d:13:40:f2:6d:3c:15:5d:72:a2:7d:
+ b0:c2:0a:17:a2:a3:83:66:52:e9:0a:04:b2:f1:b7:
+ 1d:86:93:f9:11:82:bd:26:5a:b5:39:9d:61:d2:34:
+ 78:25:24:c6:fd:e7:c8:3b:c8:bb:8d:98:fa:cf:5f:
+ b8:e4:a8:93:2d:68:70:51:b9:2c:d0:7c:31:94:4a:
+ 00:b9:2d:d4:29:2a:b2:18:54:27:77:2f:e0:3c:a7:
+ f4:0a:16:c7:9c:a9:a0:b1:ba:54:43:a2:52:14:58:
+ 71:74:63:f6:9b:e6:5e:89:09:8c:a5:1c:ae:41:82:
+ 01:8d:2c:94:ad:a1:c0:47:c7:1a:8b:79:06:c6:3e:
+ 66:9b:d9:37:64:70:7b:d6:c3:f1:02:81:9f:4c:42:
+ 5d:da:c0:95:ca:96:e4:7f:41:75:72:f3:35:eb:e2:
+ a1:97:78:3d:07:6d:90:27:d0:41:b1:74:1a:ee:1d:
+ 0c:7f
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 54:03:3E:8D:18:23:6D:03:63:E7:22:D6:12:21:9B:0A:0B:24:47:19
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 6b:11:da:f5:70:9e:8f:07:ec:18:40:e5:2e:65:9c:10:36:55:
+ 83:13:8e:3e:5e:82:8a:3d:db:6b:ac:fc:6f:ea:8d:9d:97:27:
+ 47:a6:b1:d4:b7:4d:f5:b6:36:dc:62:7d:66:be:f1:ab:24:29:
+ f2:b2:89:83:49:e4:de:40:00:74:ca:e8:7e:92:2a:3c:65:e0:
+ 6d:ac:5a:5c:76:31:27:2d:57:82:8e:e4:cb:ee:8b:a1:db:a2:
+ f8:e1:12:25:93:d1:79:1f:82:93:2b:d8:83:37:07:6b:b5:bc:
+ 48:4f:bf:36:23:ea:04:23:0f:81:87:3a:d7:e5:51:75:ce:7e:
+ e4:fd:76:ee:ff:df:31:4b:2f:28:9e:9e:28:c1:2a:01:ab:66:
+ a3:b8:95:17:70:1f:2f:7b:06:da:ca:73:81:e3:a5:5b:1a:74:
+ 4c:8d:93:df:3e:56:ef:f7:16:0c:8b:78:5c:69:35:af:9a:64:
+ df:bc:12:ac:c8:77:48:94:4f:b8:28:5f:86:dd:ff:4c:b8:8e:
+ 0c:64:5b:9b:ce:24:5e:02:53:6a:78:f3:41:a2:86:7b:07:43:
+ 64:92:2c:fa:77:18:f0:31:58:05:e4:76:2a:60:cf:71:6b:2b:
+ c9:71:d4:e2:48:00:0b:d9:59:1a:3c:dd:bf:55:54:ea:79:fd:
+ 44:37:79:b8
+-----BEGIN CERTIFICATE-----
+MIIDVTCCAj2gAwIBAgIRAMMPhM9xGQTp97yxrV2Za4AwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1NTExWhcNMzIwMTI1
+MTY1NTExWjARMQ8wDQYDVQQDDAZtc3phYm8wggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQC341fkbUEvcYg4NVz7VG113NT8OJWB7ZgTahuq20H7LYv/HUmc
+CJ61SqB8SJaHHY3q34WtWiOgfJrsl5xzIAYrAgZnK4b7lH/o/z7iPPQ9E0DybTwV
+XXKifbDCCheio4NmUukKBLLxtx2Gk/kRgr0mWrU5nWHSNHglJMb958g7yLuNmPrP
+X7jkqJMtaHBRuSzQfDGUSgC5LdQpKrIYVCd3L+A8p/QKFsecqaCxulRDolIUWHF0
+Y/ab5l6JCYylHK5BggGNLJStocBHxxqLeQbGPmab2TdkcHvWw/ECgZ9MQl3awJXK
+luR/QXVy8zXr4qGXeD0HbZAn0EGxdBruHQx/AgMBAAGjgaIwgZ8wCQYDVR0TBAIw
+ADAdBgNVHQ4EFgQUVAM+jRgjbQNj5yLWEiGbCgskRxkwUQYDVR0jBEowSIAUSUNb
+UvgxeLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1
+zzE7pfY7l0pNuhTRWMqTy/F/pTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8E
+BAMCB4AwDQYJKoZIhvcNAQELBQADggEBAGsR2vVwno8H7BhA5S5lnBA2VYMTjj5e
+goo922us/G/qjZ2XJ0emsdS3TfW2NtxifWa+8askKfKyiYNJ5N5AAHTK6H6SKjxl
+4G2sWlx2MSctV4KO5Mvui6HbovjhEiWT0XkfgpMr2IM3B2u1vEhPvzYj6gQjD4GH
+OtflUXXOfuT9du7/3zFLLyienijBKgGrZqO4lRdwHy97BtrKc4HjpVsadEyNk98+
+Vu/3FgyLeFxpNa+aZN+8EqzId0iUT7goX4bd/0y4jgxkW5vOJF4CU2p480GihnsH
+Q2SSLPp3GPAxWAXkdipgz3FrK8lx1OJIAAvZWRo83b9VVOp5/UQ3ebg=
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ cc:ff:e2:58:83:b8:5d:b6:9b:12:89:cf:9a:aa:2f:d4
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:53:22 2022 GMT
+ Not After : Jan 25 16:53:22 2032 GMT
+ Subject: CN=csgulyas
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:c6:73:39:5f:81:fd:b4:0c:84:c8:23:e0:44:80:
+ f5:9f:c1:cd:0f:f8:b8:4b:dd:c9:b0:8a:74:b4:23:
+ 37:34:c9:d9:82:95:d9:f0:a1:9e:54:3a:c4:33:19:
+ cd:71:96:ee:55:f2:10:67:34:de:dc:0a:b2:21:04:
+ d9:d7:5b:15:29:7f:08:54:da:0c:b5:ec:39:b8:78:
+ 92:03:07:1d:36:3d:ca:54:75:e9:67:fe:bb:b8:d2:
+ 30:72:6a:e7:5c:39:1f:93:bb:b4:62:40:6c:d3:c5:
+ a7:4f:24:7c:1e:0d:f9:ea:15:cd:1b:f1:e5:5b:86:
+ 7b:99:03:99:20:b0:2a:2f:58:2a:aa:b6:0f:e6:6e:
+ 1e:dc:43:57:04:dd:32:d7:ec:01:2c:1c:83:52:02:
+ 04:c2:8f:cd:69:da:ed:33:e1:ff:69:65:2e:26:67:
+ 23:a6:81:35:05:7c:52:c7:49:8a:69:38:26:9e:87:
+ fd:53:2a:9b:7b:90:d1:1a:b8:4e:fc:b7:6e:0c:26:
+ b8:55:b2:50:72:4c:d5:cb:8b:dd:de:e6:da:b4:b4:
+ 02:12:1c:24:84:bd:81:8a:4d:78:b8:6f:bc:dc:5a:
+ 03:da:70:44:48:10:13:bd:ba:be:db:94:e8:6b:71:
+ be:d0:cf:03:99:56:fe:c5:ad:68:51:ee:ff:7d:25:
+ 80:ff
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 74:79:FB:63:0E:0D:0C:52:6E:FD:DC:CD:22:A3:E6:59:9E:0D:93:E7
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 17:0c:56:0d:55:55:8a:58:6a:c0:b6:b1:0e:df:ce:77:a6:a6:
+ 09:4b:07:f8:01:5b:e2:b9:21:1d:d9:3c:63:14:7c:f4:b8:1f:
+ db:90:c8:bb:c5:c1:ef:86:08:ff:d4:55:17:3c:cb:d3:0a:e5:
+ ac:f6:fa:93:fe:55:13:3f:94:d1:d9:9d:08:43:46:be:65:d2:
+ dd:60:55:6e:82:39:ca:49:20:50:1f:84:e4:b8:8a:3b:f1:51:
+ da:59:dc:f9:62:3b:c6:fc:a7:ae:34:8a:90:d3:d4:a6:53:39:
+ eb:8a:a3:64:a6:18:3a:62:c1:e2:a3:1f:ae:01:d1:21:e3:77:
+ ce:07:16:3c:37:02:05:e6:5c:76:63:45:7e:61:3c:18:44:f2:
+ 72:a0:37:7b:24:31:bf:af:ef:40:1c:5a:e1:8d:06:26:fd:3a:
+ 4b:3c:fe:21:a8:6f:d4:01:71:d8:77:a4:46:82:c9:60:84:a7:
+ a1:7f:c8:95:c5:a9:16:4f:60:28:86:53:97:9d:52:ef:9a:31:
+ 51:60:80:44:26:5e:67:79:33:64:01:b3:99:c3:24:cd:ad:5e:
+ a1:7f:18:d6:3d:f9:f0:ce:b0:70:f0:25:72:34:45:7a:68:17:
+ 13:4b:24:82:d7:83:5b:e3:78:77:98:5e:ea:85:19:ee:83:3b:
+ 68:7c:5e:8e
+-----BEGIN CERTIFICATE-----
+MIIDVzCCAj+gAwIBAgIRAMz/4liDuF22mxKJz5qqL9QwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1MzIyWhcNMzIwMTI1
+MTY1MzIyWjATMREwDwYDVQQDDAhjc2d1bHlhczCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMZzOV+B/bQMhMgj4ESA9Z/BzQ/4uEvdybCKdLQjNzTJ2YKV
+2fChnlQ6xDMZzXGW7lXyEGc03twKsiEE2ddbFSl/CFTaDLXsObh4kgMHHTY9ylR1
+6Wf+u7jSMHJq51w5H5O7tGJAbNPFp08kfB4N+eoVzRvx5VuGe5kDmSCwKi9YKqq2
+D+ZuHtxDVwTdMtfsASwcg1ICBMKPzWna7TPh/2llLiZnI6aBNQV8UsdJimk4Jp6H
+/VMqm3uQ0Rq4Tvy3bgwmuFWyUHJM1cuL3d7m2rS0AhIcJIS9gYpNeLhvvNxaA9pw
+REgQE726vtuU6GtxvtDPA5lW/sWtaFHu/30lgP8CAwEAAaOBojCBnzAJBgNVHRME
+AjAAMB0GA1UdDgQWBBR0eftjDg0MUm793M0io+ZZng2T5zBRBgNVHSMESjBIgBRJ
+Q1tS+DF4tYR0eo0n0yIfqdTCpaEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GC
+FHXPMTul9juXSk26FNFYypPL8X+lMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1Ud
+DwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAFwxWDVVVilhqwLaxDt/Od6amCUsH
++AFb4rkhHdk8YxR89Lgf25DIu8XB74YI/9RVFzzL0wrlrPb6k/5VEz+U0dmdCENG
+vmXS3WBVboI5ykkgUB+E5LiKO/FR2lnc+WI7xvynrjSKkNPUplM564qjZKYYOmLB
+4qMfrgHRIeN3zgcWPDcCBeZcdmNFfmE8GETycqA3eyQxv6/vQBxa4Y0GJv06Szz+
+Iahv1AFx2HekRoLJYISnoX/IlcWpFk9gKIZTl51S75oxUWCARCZeZ3kzZAGzmcMk
+za1eoX8Y1j358M6wcPAlcjRFemgXE0skgteDW+N4d5he6oUZ7oM7aHxejg==
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ d0:00:c3:68:db:1f:1a:36:3a:cd:08:ff:f2:13:d8:e9
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:54:00 2022 GMT
+ Not After : Jan 25 16:54:00 2032 GMT
+ Subject: CN=dvasary
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b4:d9:2e:da:28:56:77:92:4d:fd:38:96:a6:8d:
+ c4:0a:44:75:dc:ff:81:ee:9e:0d:af:9b:7b:ed:5e:
+ 5f:03:be:33:5e:af:54:e1:e8:b8:0e:9c:83:62:24:
+ ce:94:0c:e5:d0:8a:90:41:5f:72:4f:a3:b0:27:9c:
+ 73:32:52:1f:8c:9d:d9:52:db:ce:91:85:db:0e:c6:
+ 71:f0:fe:42:6f:06:11:76:16:32:45:22:f0:37:72:
+ d8:87:d2:f4:15:ad:77:b5:e2:a7:50:81:80:57:87:
+ 2f:84:f4:9d:9c:5a:b6:47:61:2e:42:f5:59:4a:f8:
+ b1:de:2f:c3:bb:4a:69:57:61:6d:d2:a6:9c:bd:ee:
+ 91:2d:fc:8e:68:5f:62:b8:c6:6f:0d:29:7c:2c:26:
+ 17:96:8a:42:45:29:93:49:e9:71:3b:df:11:54:c5:
+ 19:47:11:be:48:42:5d:df:e7:39:0d:59:06:79:a7:
+ 5d:68:fd:ff:63:d4:d5:f2:a4:77:b3:46:c2:7c:9d:
+ bf:10:57:73:da:03:c0:82:4c:6c:55:37:1e:64:68:
+ d0:96:f3:9e:02:f9:c5:52:73:dc:15:57:81:2e:0f:
+ 01:98:29:bc:cf:a1:8e:fa:58:e8:05:98:3b:4c:73:
+ 65:06:e5:f9:be:25:9a:e2:e9:33:be:86:5f:16:8a:
+ fc:f9
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ D0:78:94:E1:01:5B:22:6C:03:1E:7C:BC:CA:35:8D:58:BC:31:78:82
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ cb:3e:27:5c:98:9f:19:d3:e3:e6:9b:13:23:fc:6d:06:62:1f:
+ 80:6e:95:f3:67:02:a0:9e:a0:71:fd:c2:08:c4:a3:ed:61:44:
+ 5e:3e:d7:fa:a2:53:ca:97:44:97:8a:e3:e5:e4:c6:b0:b7:cc:
+ 46:aa:5d:32:71:7b:0c:e7:ac:e8:c3:65:9e:45:bf:39:4a:d1:
+ fe:20:4f:1b:8e:88:f3:9d:82:3b:99:0d:95:53:da:ed:db:60:
+ 68:79:31:c3:11:f5:63:e9:74:1a:8d:15:8d:e7:0e:ff:0f:8f:
+ a1:e0:82:ad:42:cd:6d:2c:73:93:a8:fc:c3:c7:37:24:f5:44:
+ 51:c9:3d:28:67:6c:a3:3b:11:3c:f2:5e:45:a8:cc:09:21:f7:
+ 3a:be:aa:53:c6:4f:90:65:83:df:3d:1b:01:c5:a8:95:f0:d3:
+ da:b0:e4:9a:d5:ed:c5:f6:2e:78:38:39:ba:78:db:53:d6:0a:
+ e4:5d:e7:59:7d:81:a1:1d:81:96:ef:28:26:0a:8d:73:9c:60:
+ e3:6c:02:c3:95:cf:93:6f:e5:c0:49:b9:eb:8f:5e:02:19:83:
+ 5a:50:d9:6b:9d:0d:01:80:06:ba:96:2d:e0:82:4a:5b:02:53:
+ 37:36:a6:41:5d:34:1d:9a:96:86:ae:46:cf:74:f7:49:dd:cd:
+ 93:eb:81:23
+-----BEGIN CERTIFICATE-----
+MIIDVjCCAj6gAwIBAgIRANAAw2jbHxo2Os0I//IT2OkwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1NDAwWhcNMzIwMTI1
+MTY1NDAwWjASMRAwDgYDVQQDDAdkdmFzYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAtNku2ihWd5JN/TiWpo3ECkR13P+B7p4Nr5t77V5fA74zXq9U
+4ei4DpyDYiTOlAzl0IqQQV9yT6OwJ5xzMlIfjJ3ZUtvOkYXbDsZx8P5CbwYRdhYy
+RSLwN3LYh9L0Fa13teKnUIGAV4cvhPSdnFq2R2EuQvVZSvix3i/Du0ppV2Ft0qac
+ve6RLfyOaF9iuMZvDSl8LCYXlopCRSmTSelxO98RVMUZRxG+SEJd3+c5DVkGeadd
+aP3/Y9TV8qR3s0bCfJ2/EFdz2gPAgkxsVTceZGjQlvOeAvnFUnPcFVeBLg8BmCm8
+z6GO+ljoBZg7THNlBuX5viWa4ukzvoZfFor8+QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFNB4lOEBWyJsAx58vMo1jVi8MXiCMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQDLPidcmJ8Z0+PmmxMj/G0GYh+AbpXz
+ZwKgnqBx/cIIxKPtYURePtf6olPKl0SXiuPl5Mawt8xGql0ycXsM56zow2WeRb85
+StH+IE8bjojznYI7mQ2VU9rt22BoeTHDEfVj6XQajRWN5w7/D4+h4IKtQs1tLHOT
+qPzDxzck9URRyT0oZ2yjOxE88l5FqMwJIfc6vqpTxk+QZYPfPRsBxaiV8NPasOSa
+1e3F9i54ODm6eNtT1grkXedZfYGhHYGW7ygmCo1znGDjbALDlc+Tb+XASbnrj14C
+GYNaUNlrnQ0BgAa6li3ggkpbAlM3NqZBXTQdmpaGrkbPdPdJ3c2T64Ej
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ dd:3f:8e:ec:40:23:98:27:3e:6e:03:0d:a4:c4:94:43
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:54:12 2022 GMT
+ Not After : Jan 25 16:54:12 2032 GMT
+ Subject: CN=fritter
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:d2:58:d1:a5:05:3c:bd:ed:ca:7c:f3:0b:96:d1:
+ 01:db:c5:61:64:ed:9c:2e:23:0f:9d:94:cc:dc:ff:
+ 84:4b:20:ce:9d:1f:f6:f2:20:b8:1b:7c:87:1a:6a:
+ f7:8e:5f:cf:b0:3b:0b:f5:8a:2c:84:fb:35:63:3f:
+ ae:4f:54:ce:8f:b5:3c:76:ee:b4:6e:3d:e9:39:13:
+ 4b:0f:03:64:32:a1:2f:4f:12:c7:91:db:5e:09:93:
+ 92:2e:9e:7e:7d:bd:1c:00:f8:f2:12:48:e0:57:0d:
+ 8a:7a:8b:d4:68:6f:3e:19:6f:86:d8:91:97:11:5f:
+ db:52:5e:53:4b:62:92:56:d6:e3:02:68:6d:40:7f:
+ ce:4b:28:b5:c1:9d:7d:87:5c:0a:b5:33:f5:a3:a0:
+ 1a:a8:a6:1c:24:a8:33:a0:36:59:e6:3c:ce:aa:90:
+ d1:74:68:59:4d:6a:da:c3:7a:90:74:44:af:b3:e6:
+ 3f:82:86:9a:bb:a5:03:7c:79:92:ef:f9:fd:e2:09:
+ 46:b7:2c:57:df:f0:1d:4b:8b:a8:e3:5d:29:7b:40:
+ 4b:b0:63:e9:9b:aa:f3:26:70:94:81:4d:29:44:55:
+ 97:b6:75:3c:e3:be:ca:a4:5b:8b:9e:a9:04:d1:d7:
+ 45:72:95:ed:cd:62:20:aa:0f:2f:06:ca:59:2b:1f:
+ fe:05
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 38:5F:64:D8:70:65:7B:A2:3F:85:A7:10:E8:23:47:ED:0B:22:89:1A
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 0b:9e:0b:ac:0c:d5:88:a3:4b:66:cf:2d:a4:ed:7f:e3:32:94:
+ 5d:c6:20:33:20:50:cb:51:12:7b:cc:a6:61:43:bf:22:39:95:
+ f9:15:c8:5a:ba:82:07:92:d4:b8:11:34:47:17:7b:00:b4:40:
+ 32:d6:c9:e1:a3:e4:cf:1b:b8:3f:8e:ef:9e:96:c6:60:6f:63:
+ 2d:70:58:46:f7:bb:30:31:bc:08:19:3f:45:b6:45:31:db:db:
+ d7:eb:fd:8a:dd:04:bc:d3:30:b0:f0:e4:1c:84:e8:71:9a:a8:
+ e8:16:19:1e:96:60:d5:2f:c1:09:46:3c:a5:84:00:5f:f8:3d:
+ 0d:f8:0f:ec:8a:c9:31:ed:4f:64:2d:b3:ed:f1:6a:f0:ed:31:
+ 10:e6:38:69:a9:02:c8:3b:8c:a9:57:dc:65:c5:35:fd:e6:5a:
+ 4d:a1:f0:43:e5:ca:18:02:eb:41:28:32:c3:04:5e:77:d1:b7:
+ 64:69:aa:ff:ca:e1:dc:2c:14:9f:02:25:2d:77:bd:88:c6:6c:
+ ff:61:cd:7d:9c:fe:f1:58:5a:17:60:88:d6:ae:9a:76:86:7e:
+ b1:84:00:f2:f5:3a:b3:5e:6e:e9:cf:5d:b7:bb:1d:79:1b:e6:
+ b8:5c:f9:c0:21:e9:35:30:01:1e:a0:23:a2:cf:42:6e:a6:74:
+ fc:da:bf:6a
+-----BEGIN CERTIFICATE-----
+MIIDVjCCAj6gAwIBAgIRAN0/juxAI5gnPm4DDaTElEMwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1NDEyWhcNMzIwMTI1
+MTY1NDEyWjASMRAwDgYDVQQDDAdmcml0dGVyMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA0ljRpQU8ve3KfPMLltEB28VhZO2cLiMPnZTM3P+ESyDOnR/2
+8iC4G3yHGmr3jl/PsDsL9YoshPs1Yz+uT1TOj7U8du60bj3pORNLDwNkMqEvTxLH
+kdteCZOSLp5+fb0cAPjyEkjgVw2KeovUaG8+GW+G2JGXEV/bUl5TS2KSVtbjAmht
+QH/OSyi1wZ19h1wKtTP1o6AaqKYcJKgzoDZZ5jzOqpDRdGhZTWraw3qQdESvs+Y/
+goaau6UDfHmS7/n94glGtyxX3/AdS4uo410pe0BLsGPpm6rzJnCUgU0pRFWXtnU8
+477KpFuLnqkE0ddFcpXtzWIgqg8vBspZKx/+BQIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFDhfZNhwZXuiP4WnEOgjR+0LIokaMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQALngusDNWIo0tmzy2k7X/jMpRdxiAz
+IFDLURJ7zKZhQ78iOZX5FchauoIHktS4ETRHF3sAtEAy1snho+TPG7g/ju+elsZg
+b2MtcFhG97swMbwIGT9FtkUx29vX6/2K3QS80zCw8OQchOhxmqjoFhkelmDVL8EJ
+RjylhABf+D0N+A/siskx7U9kLbPt8Wrw7TEQ5jhpqQLIO4ypV9xlxTX95lpNofBD
+5coYAutBKDLDBF530bdkaar/yuHcLBSfAiUtd72Ixmz/Yc19nP7xWFoXYIjWrpp2
+hn6xhADy9TqzXm7pz123ux15G+a4XPnAIek1MAEeoCOiz0JupnT82r9q
+-----END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- ee:43:78:cd:16:7f:a5:7c:d5:10:b8:71:1f:5e:50:4e
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Aug 2 08:47:52 2019 GMT
- Not After : Jul 17 08:47:52 2022 GMT
- Subject: CN=dhorvath
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:c2:77:2a:57:01:7b:d9:0b:e0:e0:69:7e:2a:df:
- 05:b8:91:4e:50:51:e9:52:bd:a5:fa:01:ad:62:0a:
- 69:10:82:6f:aa:84:64:33:71:d9:96:ca:9c:05:ce:
- d9:13:99:b0:d9:d5:4d:d9:1a:43:8c:41:d5:e7:0a:
- ae:92:6c:f6:7f:bf:73:b6:ff:bd:a4:bb:fc:d9:0c:
- 36:0d:e2:f4:78:24:bb:cd:ac:e9:04:d6:9c:a5:2b:
- ce:d7:0e:85:85:10:f1
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- D7:31:77:61:74:16:36:31:0A:BF:D2:E5:EA:44:1E:FD:CE:E3:7E:26
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:cc:88:44:5d:a2:1b:e2:d5:1f:f6:17:f7:4f:
- fe:11:b1:6a:e7:9b:cd:bb:35:21:90:9d:a5:07:e8:34:1c:b4:
- 29:b6:a1:ff:d1:d9:d3:60:a1:04:ed:47:17:d5:81:53:bf:02:
- 31:00:db:af:26:de:3e:0a:b9:2b:e7:43:a0:34:10:96:fb:7c:
- 25:4a:dd:e6:82:bc:5a:f0:f9:ea:cc:10:3f:2f:18:09:eb:32:
- f3:83:d4:49:b1:7b:30:d4:d0:3f:9c:00:75:7b
------BEGIN CERTIFICATE-----
-MIICETCCAZagAwIBAgIRAO5DeM0Wf6V81RC4cR9eUE4wCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDgwMjA4NDc1MloXDTIyMDcx
-NzA4NDc1MlowEzERMA8GA1UEAwwIZGhvcnZhdGgwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAATCdypXAXvZC+DgaX4q3wW4kU5QUelSvaX6Aa1iCmkQgm+qhGQzcdmWypwF
-ztkTmbDZ1U3ZGkOMQdXnCq6SbPZ/v3O2/72ku/zZDDYN4vR4JLvNrOkE1pylK87X
-DoWFEPGjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQU1zF3YXQWNjEKv9Ll6kQe
-/c7jfiYwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAW
-BgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYD
-VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2kAMGYC
-MQDMiERdohvi1R/2F/dP/hGxauebzbs1IZCdpQfoNBy0Kbah/9HZ02ChBO1HF9WB
-U78CMQDbrybePgq5K+dDoDQQlvt8JUrd5oK8WvD56swQPy8YCesy84PUSbF7MNTQ
-P5wAdXs=
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- f6:01:86:d6:4b:85:3a:3d:d9:f8:79:9f:b8:17:c3:01
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:15:29 2019 GMT
- Not After : Jul 14 13:15:29 2022 GMT
- Subject: CN=rrendek
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ea:c4:ab:e1:24:42:91:06:17:73:d6:d9:87:17:
- 29:a8:05:73:be:5a:54:38:3e:c9:dd:78:55:ca:e2:
- 27:e6:44:1a:22:5b:3a:15:68:61:bf:ae:ce:05:a5:
- c9:98:f7:a3:ff:0e:b9:db:8e:fc:15:ac:76:41:c8:
- 6e:de:85:38:cb:1f:b1:98:41:df:4e:18:62:24:04:
- 95:5a:16:6b:0b:fd:13:e3:26:8b:76:d3:9a:54:6c:
- 9b:19:3c:55:de:d0:2e
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- D5:73:9E:FA:32:4C:D8:2A:E0:33:CF:15:F6:C0:D5:E9:56:5A:D0:EE
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:49:21:38:44:26:a9:96:15:98:29:c4:4f:04:25:
- be:35:90:bc:44:00:60:0d:6a:f7:f8:d4:ed:58:ea:28:45:f2:
- 99:33:d1:e3:2e:82:4e:04:bb:e5:27:10:ea:64:b8:83:02:31:
- 00:c3:59:fe:dc:8a:a1:e4:d1:30:09:51:2a:d8:d2:76:af:dc:
- 28:b2:d3:0d:ad:f3:19:91:b5:92:e6:8b:b4:77:d8:c3:87:f8:
- 7b:39:94:ab:f2:c0:06:c1:c4:43:b8:0e:16
------BEGIN CERTIFICATE-----
-MIICDzCCAZWgAwIBAgIRAPYBhtZLhTo92fh5n7gXwwEwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMTUyOVoXDTIyMDcx
-NDEzMTUyOVowEjEQMA4GA1UEAwwHcnJlbmRlazB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABOrEq+EkQpEGF3PW2YcXKagFc75aVDg+yd14VcriJ+ZEGiJbOhVoYb+uzgWl
-yZj3o/8OuduO/BWsdkHIbt6FOMsfsZhB304YYiQElVoWawv9E+Mmi3bTmlRsmxk8
-Vd7QLqOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBTVc576MkzYKuAzzxX2wNXp
-VlrQ7jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIw
-SSE4RCaplhWYKcRPBCW+NZC8RABgDWr3+NTtWOooRfKZM9HjLoJOBLvlJxDqZLiD
-AjEAw1n+3Iqh5NEwCVEq2NJ2r9wostMNrfMZkbWS5ou0d9jDh/h7OZSr8sAGwcRD
-uA4W
------END CERTIFICATE-----
-----BEGIN X509 CRL-----
-MIIBHDCBpAIBATAKBggqhkjOPQQDAjAaMRgwFgYDVQQDDA9VU0VSIE9wZW5WUE4g
-Q0EXDTIwMDEyNzEyMDkyMFoXDTIwMDcyNTEyMDkyMFqgWTBXMFUGA1UdIwROMEyA
-FNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYDVQQDDA9VU0VSIE9wZW5W
-UE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMAoGCCqGSM49BAMCA2cAMGQCMCSK
-OFDvc+LfpeUGXWamFRsZGpS5GSsTZ1qqs4FfG3S2BfgxopiepNJOPh8bwzXDMgIw
-a2cSXw5zpYIk16o/VodiF8zu6WymAkhKQ5EU5k2r3G2ELzMzjp3iltON6ffVYkre
+MIIBtjCBnwIBATANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAtFYXN5LVJTQSBD
+QRcNMjIwMTI3MTYyMjI3WhcNMjIwNzI2MTYyMjI3WqBVMFMwUQYDVR0jBEowSIAU
+SUNbUvgxeLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENB
+ghR1zzE7pfY7l0pNuhTRWMqTy/F/pTANBgkqhkiG9w0BAQsFAAOCAQEAUCRIUB6t
+1Tz4UWGV5de+YIYXESYaNgkHLq1Q8QnPz4hp/Z5HMecbfJYqom3aFJlzKHyK7cMO
+ImRm3UQudWpBQolfMwDY5OhQDIfLkDW1IrQYfQWe4oEX3jWcAZ0MCNfbnjAKD1If
+kfDxfdWK8Np2muvxF8ux++wFaUVthl0ftGxoLfUQ7gq94DN9rWVpWXpOekfAY8au
+P0Fda4IGz5Y/rIXJ2ZdeZxHbdPrWEOcNi5G4E4KY1TPKmxD+809KcF4Y/+J6kD4S
+xEs39z4y5epTka3pyexrAMNZ7+5dTzmjOrk4P7i1fwZ6PmmvVxOEvwZxVhIEURdt
+jFiMZt2mwB2TKA==
-----END X509 CRL-----
-----BEGIN DH PARAMETERS-----
-MIIBCAKCAQEAhdskhioTTeqbN4UtIAU05EVawl1yG3q6P+xy5WzWnKZSe8y2/4uv
-SVs1IbubGWk4Xqvlz4TOnYi9nNYIL5rA9Ov7YXs5JCYDjLV4nZWB9CQZs1vy8/GZ
-j6zvfblvWqH7vjWcrPsSaCse0n1+UKcGNC7tYOOJZf7MbvhKonvC+vldBgWkgHkJ
-vfJTkhjjXKnf7p3zKBfTPyyXqmKC7A+rtkT96L4y2FsU1t9+6eurj6zfzWalhyRF
-YrKnKENpHVHtAMs4/Wcbo9wQPHHWAvQDLoq1uUyjU2BlYSirxdeJwSFPI29nOPeN
-SMJ1fgI6Dwq9yU88UzGoH1klOjv8PzRyQwIBAg==
+MIIBCAKCAQEAns3FyV7aGDjxLwi/52fFlURQfz/TFuG7zzUdmCTRhaexacT8fDHf
+1nEnb6OFIRNeUwArWCCHFK9Y224NNSByp8KUN8kpMRSm53LEoxMGoreLTEIq4inX
+TM4wyEUBYiOWa/EHxo13wwMNPWwz7DYVL4mMa/Dc12I/G7olqQ5RgQYtjim4trap
+uI2lGIZBJKnOWfisAdWOn3jB8jSgz7iyAM6Fs6yhISWf3k/YzKAQsD5oYcixBaHX
+Do6PwYlVJXZRoDy/DdEkosd5wLJ/ZNMkTu7T2fm1Eyt32taQgIQSVv75/H4DuVm2
+T0VXi3dNTXDyfLIswsRIPOR0EeNoHu4WGwIBAg==
-----END DH PARAMETERS-----
+++ /dev/null
------BEGIN EC PARAMETERS-----
-BgUrgQQAIg==
------END EC PARAMETERS-----
+++ /dev/null
-# X509 extensions added to every signed cert
-
-# This file is included for every cert signed, and by default does nothing.
-# It could be used to add values every cert should have, such as a CDP as
-# demonstrated in the following example:
-
-#crlDistributionPoints = URI:http://example.net/pki/my_ca.crl
-# X509 extensions for a client
-
-basicConstraints = CA:FALSE
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid,issuer:always
-extendedKeyUsage = clientAuth
-keyUsage = digitalSignature
-
-V 220714130435Z AB517AC1C6BF8C355CA1EA625ACA6784 unknown /CN=server
-V 220714131251Z 26846A96D0DB00703B7DC8AAD60A5B07 unknown /CN=akosztolanyi
-V 220714131311Z 29F1F8311793D758D5AD0ECEA7267033 unknown /CN=azsamboki
-V 220714131322Z 466EF08C89776434622CEABEE1DF9368 unknown /CN=bcsoka
-V 220714131336Z A174ECE4D95256FAD7AD431C5E3AE284 unknown /CN=csgulyas
-V 220714131349Z 12232170B0F9E3C1FE60D86EEC973512 unknown /CN=cslevai
-V 220714131404Z 075BCC380AA760E433EADC635FDA65BB unknown /CN=dvasary
-V 220714131415Z 3206AF0B00A2DD98266113A2F8C5F8E7 unknown /CN=fritter
-V 220714131427Z 62DE031122C64B00AC33D5E58A250FFF unknown /CN=fschnell
-V 220714131438Z 469E0BAA82D007B19DFCC487C56C9E80 unknown /CN=ifabian
-V 220714131453Z 6802688CE3BB71C1E867CA490A9D0B4C unknown /CN=khorvath
-V 220714131502Z 394BDD541C1082EAC5CD4D9DFEB6D4D3 unknown /CN=kkele
-V 220714131516Z 237BC768F37B5C8E1763B5673ED3101C unknown /CN=mszabo
-V 220714131529Z F60186D64B853A3DD9F8799FB817C301 unknown /CN=rrendek
-V 220714131551Z 4BDF84B37B17CEE109879B67054B2791 unknown /CN=tsuhajda
-V 220714131602Z 6B9D83083D87CC880ADEBCCD3B5CEF4D unknown /CN=zbartakovics
-V 220714131617Z 3413803E217F3BDD0AAFD5CB0D174B3C unknown /CN=zfelleg
-V 220714131625Z ACB649FDC2E3B81C542C661F0412E1B6 unknown /CN=qqcs
-V 220717084752Z EE4378CD167FA57CD510B8711F5E504E unknown /CN=dhorvath
-V 220922085729Z 6CECAC4AD54FBC03E472A59B0727AF32 unknown /CN=bme
-V 230311104127Z 585AA97D7CCAB52C4957BBBF91374261 unknown /CN=kkancz
-V 230311104142Z B563FF7CFF8723F8FD6CCD82851FFA31 unknown /CN=thering
+V 320125162246Z 335980B86FF171C95798A1E9AF815FCB unknown /CN=vpn.in.useribm.hu
+V 320125165217Z 734469339D70F82ECCAF4462A8C4D232 unknown /CN=qqcs
+V 320125165259Z B7E49AEC69ADAC37DB3DE73A726805AA unknown /CN=akosztolanyi
+V 320125165322Z CCFFE25883B85DB69B1289CF9AAA2FD4 unknown /CN=csgulyas
+V 320125165332Z 9828A16404425A3F9F420BD647201BBE unknown /CN=cslevai
+V 320125165347Z ACBA23204B736CF4353C080B121BFF49 unknown /CN=dhorvath
+V 320125165400Z D000C368DB1F1A363ACD08FFF213D8E9 unknown /CN=dvasary
+V 320125165412Z DD3F8EEC402398273E6E030DA4C49443 unknown /CN=fritter
+V 320125165421Z 6087511C41AB644D6E87354B37DA5ABE unknown /CN=fschnell
+V 320125165435Z 2370617D3985FE768DCA0F04D3683D1F unknown /CN=khorvath
+V 320125165448Z 16D67EBDB716BD510C340D08FA8CCBB1 unknown /CN=kkancz
+V 320125165458Z 7F0284BD0407A8DEA77A7616B225D08E unknown /CN=kvajda
+V 320125165511Z C30F84CF711904E9F7BCB1AD5D996B80 unknown /CN=mszabo
+V 320125165526Z 074293A82571A4AEB0964D14D1E2FF22 unknown /CN=osweidan
+V 320125165600Z C2283CFFFA8EDCF7395242B1F3824074 unknown /CN=rrendek
+V 320125165614Z 2BF6CBE6EEB95F052F9D64503F0CC337 unknown /CN=zfelleg
-V 220714130435Z AB517AC1C6BF8C355CA1EA625ACA6784 unknown /CN=server
-V 220714131251Z 26846A96D0DB00703B7DC8AAD60A5B07 unknown /CN=akosztolanyi
-V 220714131311Z 29F1F8311793D758D5AD0ECEA7267033 unknown /CN=azsamboki
-V 220714131322Z 466EF08C89776434622CEABEE1DF9368 unknown /CN=bcsoka
-V 220714131336Z A174ECE4D95256FAD7AD431C5E3AE284 unknown /CN=csgulyas
-V 220714131349Z 12232170B0F9E3C1FE60D86EEC973512 unknown /CN=cslevai
-V 220714131404Z 075BCC380AA760E433EADC635FDA65BB unknown /CN=dvasary
-V 220714131415Z 3206AF0B00A2DD98266113A2F8C5F8E7 unknown /CN=fritter
-V 220714131427Z 62DE031122C64B00AC33D5E58A250FFF unknown /CN=fschnell
-V 220714131438Z 469E0BAA82D007B19DFCC487C56C9E80 unknown /CN=ifabian
-V 220714131453Z 6802688CE3BB71C1E867CA490A9D0B4C unknown /CN=khorvath
-V 220714131502Z 394BDD541C1082EAC5CD4D9DFEB6D4D3 unknown /CN=kkele
-V 220714131516Z 237BC768F37B5C8E1763B5673ED3101C unknown /CN=mszabo
-V 220714131529Z F60186D64B853A3DD9F8799FB817C301 unknown /CN=rrendek
-V 220714131551Z 4BDF84B37B17CEE109879B67054B2791 unknown /CN=tsuhajda
-V 220714131602Z 6B9D83083D87CC880ADEBCCD3B5CEF4D unknown /CN=zbartakovics
-V 220714131617Z 3413803E217F3BDD0AAFD5CB0D174B3C unknown /CN=zfelleg
-V 220714131625Z ACB649FDC2E3B81C542C661F0412E1B6 unknown /CN=qqcs
-V 220717084752Z EE4378CD167FA57CD510B8711F5E504E unknown /CN=dhorvath
-V 220922085729Z 6CECAC4AD54FBC03E472A59B0727AF32 unknown /CN=bme
-V 230311104127Z 585AA97D7CCAB52C4957BBBF91374261 unknown /CN=kkancz
+V 320125162246Z 335980B86FF171C95798A1E9AF815FCB unknown /CN=vpn.in.useribm.hu
+V 320125165217Z 734469339D70F82ECCAF4462A8C4D232 unknown /CN=qqcs
+V 320125165259Z B7E49AEC69ADAC37DB3DE73A726805AA unknown /CN=akosztolanyi
+V 320125165322Z CCFFE25883B85DB69B1289CF9AAA2FD4 unknown /CN=csgulyas
+V 320125165332Z 9828A16404425A3F9F420BD647201BBE unknown /CN=cslevai
+V 320125165347Z ACBA23204B736CF4353C080B121BFF49 unknown /CN=dhorvath
+V 320125165400Z D000C368DB1F1A363ACD08FFF213D8E9 unknown /CN=dvasary
+V 320125165412Z DD3F8EEC402398273E6E030DA4C49443 unknown /CN=fritter
+V 320125165421Z 6087511C41AB644D6E87354B37DA5ABE unknown /CN=fschnell
+V 320125165435Z 2370617D3985FE768DCA0F04D3683D1F unknown /CN=khorvath
+V 320125165448Z 16D67EBDB716BD510C340D08FA8CCBB1 unknown /CN=kkancz
+V 320125165458Z 7F0284BD0407A8DEA77A7616B225D08E unknown /CN=kvajda
+V 320125165511Z C30F84CF711904E9F7BCB1AD5D996B80 unknown /CN=mszabo
+V 320125165526Z 074293A82571A4AEB0964D14D1E2FF22 unknown /CN=osweidan
+V 320125165600Z C2283CFFFA8EDCF7395242B1F3824074 unknown /CN=rrendek
Data:
Version: 3 (0x2)
Serial Number:
- 26:84:6a:96:d0:db:00:70:3b:7d:c8:aa:d6:0a:5b:07
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ b7:e4:9a:ec:69:ad:ac:37:db:3d:e7:3a:72:68:05:aa
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:12:51 2019 GMT
- Not After : Jul 14 13:12:51 2022 GMT
+ Not Before: Jan 27 16:52:59 2022 GMT
+ Not After : Jan 25 16:52:59 2032 GMT
Subject: CN=akosztolanyi
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:97:d4:89:82:0c:1b:ad:c4:4b:dd:4c:19:a5:f5:
- d8:3c:42:9d:d2:b0:0d:9e:6c:a6:a8:62:9a:bf:fd:
- 78:9d:76:f4:02:ad:51:9f:97:12:59:bc:c1:a3:a0:
- 17:35:76:2f:74:ea:b9:d3:72:4b:35:94:40:f3:7e:
- b5:1c:af:51:d1:b4:d3:7a:69:3d:7f:1e:51:97:fe:
- e3:4a:ec:01:c6:e9:89:e9:8e:b7:94:a3:72:12:6e:
- 66:c5:a2:de:ad:27:e2
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:cd:02:9c:1d:2c:a3:f2:9f:dc:ed:e2:44:32:e2:
+ 0f:02:2e:47:45:a2:a5:22:31:5a:8e:c8:68:c6:df:
+ 63:6b:25:32:62:ee:db:16:97:dd:60:21:61:a9:cb:
+ 77:6c:99:45:d1:5a:bf:b5:4c:0e:30:a6:33:ae:12:
+ 37:66:38:ec:5c:e5:b9:7c:4f:0e:14:b0:1a:c1:a8:
+ 50:e3:56:01:ce:68:0d:63:d4:9a:1b:33:95:f0:d5:
+ 38:7a:0d:d5:b3:a7:73:2f:a3:ed:54:bb:4e:40:0a:
+ 09:0b:ed:73:38:e0:bd:65:36:2e:92:29:b9:59:e1:
+ 3b:e6:bf:74:6b:8d:2a:f7:61:31:ba:10:04:98:d3:
+ b5:73:b7:74:bc:06:d7:c0:7c:33:4b:18:d7:5a:ea:
+ bf:87:7d:95:3e:ba:d9:5a:ad:c7:40:8e:6f:5b:90:
+ 38:91:54:f2:b8:30:71:b3:ad:d4:2f:c8:19:66:83:
+ 99:28:ba:7e:2f:00:c2:df:cc:e6:88:08:e4:ef:c2:
+ e3:e5:47:8b:6d:2d:70:b4:71:de:33:c5:47:9e:e6:
+ 2e:f7:7d:de:81:6f:ad:a4:00:44:b5:78:4f:3d:43:
+ 43:ef:5d:5a:0b:56:be:ab:da:22:2d:80:f1:99:fe:
+ 13:d7:a2:8e:4a:fb:31:1f:8e:27:fd:40:79:e1:73:
+ f3:d7
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- E9:6C:48:68:A1:BA:B9:7D:A3:9C:BF:89:F3:87:51:9B:B1:6C:9B:16
+ AB:71:5B:8D:67:12:A3:DB:00:A1:63:AA:37:72:C3:EC:6A:82:CC:FB
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:6c:e9:e9:01:19:c4:53:40:ff:e6:bb:36:1f:51:
- cd:1f:40:88:1d:e2:b3:8d:61:48:5d:ec:de:f8:20:c1:21:b1:
- 38:5e:0b:c3:f7:ae:9c:41:38:36:73:a0:06:b6:a4:55:02:31:
- 00:cc:50:fa:3f:7a:6c:6b:90:bf:6a:c6:af:1e:94:88:b7:90:
- 5d:b7:27:cf:b3:28:bc:ee:31:99:f0:9b:87:48:06:d2:6d:24:
- f0:d1:ad:be:94:b8:22:64:63:0f:d0:2d:85
+ Signature Algorithm: sha256WithRSAEncryption
+ 3c:b1:50:93:48:68:cc:42:76:ba:3e:f4:c7:38:95:40:18:23:
+ 17:6b:0e:2b:f9:13:25:d3:5e:49:e5:51:38:6c:66:da:c4:c1:
+ df:9f:71:96:65:6c:53:1d:bf:af:98:05:d5:4d:c2:cf:f3:6d:
+ cc:92:7c:79:c6:cc:47:5b:8a:9e:95:f5:fa:02:9d:69:73:b7:
+ 75:93:6f:18:f2:b8:15:97:08:a6:fa:c8:a9:e9:6d:44:bf:cb:
+ 77:73:b4:6a:02:55:c0:fb:3e:f0:e1:a3:a7:35:90:d1:91:79:
+ f1:3d:0f:b7:c9:2c:0a:de:c7:23:c2:10:b6:2c:d2:8a:a7:bf:
+ 11:ea:64:cb:93:99:c3:f6:0c:3f:57:a2:65:27:7e:ce:d2:f7:
+ 85:e2:ec:66:56:b4:a1:d6:5f:4b:56:6f:fb:93:1b:77:80:7a:
+ f4:c4:9d:59:71:09:d3:08:ba:75:0a:57:ce:c6:a0:08:e9:cd:
+ 94:0d:39:51:3b:e1:a1:a8:97:a9:26:4c:4d:fe:a6:e2:86:11:
+ 1c:2a:34:4d:ab:89:b2:ea:35:39:57:90:65:74:f8:89:75:53:
+ 0b:50:74:64:26:52:39:8b:b4:b7:6c:3a:a5:2d:59:68:fa:80:
+ ef:93:79:92:fe:88:ea:80:b8:bc:d0:79:c6:1f:a6:6d:01:5b:
+ 58:1d:30:0e
-----BEGIN CERTIFICATE-----
-MIICEzCCAZmgAwIBAgIQJoRqltDbAHA7fciq1gpbBzAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMjUxWhcNMjIwNzE0
-MTMxMjUxWjAXMRUwEwYDVQQDDAxha29zenRvbGFueWkwdjAQBgcqhkjOPQIBBgUr
-gQQAIgNiAASX1ImCDButxEvdTBml9dg8Qp3SsA2ebKaoYpq//XiddvQCrVGflxJZ
-vMGjoBc1di906rnTcks1lEDzfrUcr1HRtNN6aT1/HlGX/uNK7AHG6YnpjreUo3IS
-bmbFot6tJ+KjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQU6WxIaKG6uX2jnL+J
-84dRm7FsmxYwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBox
-GDAWBgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5Sgaeww
-EwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gA
-MGUCMGzp6QEZxFNA/+a7Nh9RzR9AiB3is41hSF3s3vggwSGxOF4Lw/eunEE4NnOg
-BrakVQIxAMxQ+j96bGuQv2rGrx6UiLeQXbcnz7MovO4xmfCbh0gG0m0k8NGtvpS4
-ImRjD9AthQ==
+MIIDWzCCAkOgAwIBAgIRALfkmuxpraw32z3nOnJoBaowDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1MjU5WhcNMzIwMTI1
+MTY1MjU5WjAXMRUwEwYDVQQDDAxha29zenRvbGFueWkwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDNApwdLKPyn9zt4kQy4g8CLkdFoqUiMVqOyGjG32Nr
+JTJi7tsWl91gIWGpy3dsmUXRWr+1TA4wpjOuEjdmOOxc5bl8Tw4UsBrBqFDjVgHO
+aA1j1JobM5Xw1Th6DdWzp3Mvo+1Uu05ACgkL7XM44L1lNi6SKblZ4Tvmv3RrjSr3
+YTG6EASY07Vzt3S8BtfAfDNLGNda6r+HfZU+utlarcdAjm9bkDiRVPK4MHGzrdQv
+yBlmg5koun4vAMLfzOaICOTvwuPlR4ttLXC0cd4zxUee5i73fd6Bb62kAES1eE89
+Q0PvXVoLVr6r2iItgPGZ/hPXoo5K+zEfjif9QHnhc/PXAgMBAAGjgaIwgZ8wCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUq3FbjWcSo9sAoWOqN3LD7GqCzPswUQYDVR0jBEow
+SIAUSUNbUvgxeLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNB
+IENBghR1zzE7pfY7l0pNuhTRWMqTy/F/pTATBgNVHSUEDDAKBggrBgEFBQcDAjAL
+BgNVHQ8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBADyxUJNIaMxCdro+9Mc4lUAY
+IxdrDiv5EyXTXknlUThsZtrEwd+fcZZlbFMdv6+YBdVNws/zbcySfHnGzEdbip6V
+9foCnWlzt3WTbxjyuBWXCKb6yKnpbUS/y3dztGoCVcD7PvDho6c1kNGRefE9D7fJ
+LArexyPCELYs0oqnvxHqZMuTmcP2DD9XomUnfs7S94Xi7GZWtKHWX0tWb/uTG3eA
+evTEnVlxCdMIunUKV87GoAjpzZQNOVE74aGol6kmTE3+puKGERwqNE2ribLqNTlX
+kGV0+Il1UwtQdGQmUjmLtLdsOqUtWWj6gO+TeZL+iOqAuLzQecYfpm0BW1gdMA4=
-----END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 29:f1:f8:31:17:93:d7:58:d5:ad:0e:ce:a7:26:70:33
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:13:11 2019 GMT
- Not After : Jul 14 13:13:11 2022 GMT
- Subject: CN=azsamboki
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:34:0d:f3:0e:e6:05:69:f3:24:7d:ef:19:0c:ce:
- 04:bd:24:34:e3:8c:e5:2b:7e:3f:70:39:55:9b:2e:
- 73:fa:c6:4e:44:42:95:69:82:13:85:98:63:5a:25:
- dc:1c:b2:32:9c:97:01:b5:fb:c4:dd:59:05:8a:ab:
- b6:c1:b2:13:03:0a:e3:8b:e7:ea:62:c1:71:1b:4f:
- 20:74:9c:0b:df:46:56:6c:03:d5:8c:d8:4c:02:e9:
- 6e:62:3a:1f:b3:0e:ba
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 19:A1:EF:03:DB:DF:4F:40:2A:FD:35:E0:C9:ED:DD:75:47:2F:32:1B
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:d2:08:c6:1b:75:81:72:2e:c6:46:cd:47:11:
- 2e:7c:3e:ba:e2:75:1c:8c:48:e1:4f:ac:61:5b:07:26:97:cc:
- 0a:38:7f:0d:e4:63:35:c6:a5:8e:39:f3:4c:18:79:6d:0a:02:
- 30:54:57:e5:dd:49:2b:8e:3e:89:ef:87:2f:d4:f4:ef:a3:95:
- 2d:f5:87:5a:3a:1f:93:58:7d:c5:fe:9a:45:f1:8f:d1:44:13:
- 30:b0:07:c0:b6:80:35:3f:b8:a8:96:c7:8c
------BEGIN CERTIFICATE-----
-MIICEDCCAZagAwIBAgIQKfH4MReT11jVrQ7OpyZwMzAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMzExWhcNMjIwNzE0
-MTMxMzExWjAUMRIwEAYDVQQDDAlhenNhbWJva2kwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAAQ0DfMO5gVp8yR97xkMzgS9JDTjjOUrfj9wOVWbLnP6xk5EQpVpghOFmGNa
-JdwcsjKclwG1+8TdWQWKq7bBshMDCuOL5+piwXEbTyB0nAvfRlZsA9WM2EwC6W5i
-Oh+zDrqjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUGaHvA9vfT0Aq/TXgye3d
-dUcvMhswVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAW
-BgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYD
-VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUC
-MQDSCMYbdYFyLsZGzUcRLnw+uuJ1HIxI4U+sYVsHJpfMCjh/DeRjNcaljjnzTBh5
-bQoCMFRX5d1JK44+ie+HL9T076OVLfWHWjofk1h9xf6aRfGP0UQTMLAHwLaANT+4
-qJbHjA==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 46:6e:f0:8c:89:77:64:34:62:2c:ea:be:e1:df:93:68
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:13:22 2019 GMT
- Not After : Jul 14 13:13:22 2022 GMT
- Subject: CN=bcsoka
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:a7:95:bf:6c:8e:0f:34:9c:ca:14:8b:33:4d:80:
- 55:98:1e:10:c3:e9:84:7f:72:4d:f2:61:68:70:59:
- c7:6f:6d:02:c4:22:cf:58:80:e7:35:18:6e:ee:11:
- fe:29:01:c3:ea:79:85:83:e6:0c:6f:c5:d8:7f:9f:
- d5:55:27:7b:a8:17:14:2d:94:e5:c4:a4:9f:ac:b8:
- 38:02:c0:41:5a:1a:8a:63:e5:c3:52:27:62:57:0b:
- 14:6b:36:cc:8e:51:3f
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 5A:57:D9:73:6A:27:49:66:7D:18:9E:2A:96:1F:4C:49:7E:AD:9C:15
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:2b:52:16:40:fb:43:11:6a:9a:45:62:58:5b:f5:
- 19:34:3f:32:fe:f7:d0:82:4a:32:98:61:0f:22:22:99:9a:16:
- b3:94:79:46:fe:a2:7a:9c:9a:86:a6:31:4e:72:f4:54:02:31:
- 00:94:2c:a6:21:e6:78:73:3e:d9:93:89:c6:72:72:8e:1d:17:
- 87:07:27:22:2c:5d:2c:00:f1:38:1f:17:fb:0e:c1:c9:52:80:
- 52:ba:1c:79:93:69:c1:59:0e:f0:a0:cd:76
------BEGIN CERTIFICATE-----
-MIICDTCCAZOgAwIBAgIQRm7wjIl3ZDRiLOq+4d+TaDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMzIyWhcNMjIwNzE0
-MTMxMzIyWjARMQ8wDQYDVQQDDAZiY3Nva2EwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
-AASnlb9sjg80nMoUizNNgFWYHhDD6YR/ck3yYWhwWcdvbQLEIs9YgOc1GG7uEf4p
-AcPqeYWD5gxvxdh/n9VVJ3uoFxQtlOXEpJ+suDgCwEFaGopj5cNSJ2JXCxRrNsyO
-UT+jgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUWlfZc2onSWZ9GJ4qlh9MSX6t
-nBUwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNV
-BAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0l
-BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUCMCtS
-FkD7QxFqmkViWFv1GTQ/Mv730IJKMphhDyIimZoWs5R5Rv6iepyahqYxTnL0VAIx
-AJQspiHmeHM+2ZOJxnJyjh0XhwcnIixdLADxOB8X+w7ByVKAUroceZNpwVkO8KDN
-dg==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 6c:ec:ac:4a:d5:4f:bc:03:e4:72:a5:9b:07:27:af:32
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Oct 8 08:57:29 2019 GMT
- Not After : Sep 22 08:57:29 2022 GMT
- Subject: CN=bme
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:86:d3:5d:6e:be:3e:91:90:d7:a3:2c:d2:6a:2a:
- 4f:bb:cd:52:4e:46:5b:1b:60:f0:cb:aa:5b:b4:88:
- 71:f4:71:00:e4:b8:cb:74:ce:b8:9d:c1:fd:5c:69:
- a7:28:66:21:43:11:4a:35:06:cb:1c:57:0b:37:9b:
- f1:2f:78:2a:d2:1d:01:49:66:71:25:74:74:0e:be:
- 93:75:40:6c:cb:0a:81:0e:23:7c:b7:f9:9b:e1:d0:
- c4:d2:1c:6d:da:ca:f2
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- F9:F8:F4:23:C5:01:A0:4F:6A:66:BB:D9:A0:AB:2E:5A:4D:05:10:96
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:1c:97:83:ea:9d:3f:9e:9b:99:26:1f:42:df:01:
- b0:d5:33:0b:b5:40:9d:be:20:1c:c2:ef:ab:7e:1b:14:d6:72:
- e2:43:19:6c:ec:2b:db:cf:ab:bf:21:27:2e:4f:0f:80:02:30:
- 7e:e7:f7:c3:21:78:67:a5:71:7b:cb:45:cd:6f:8c:07:36:de:
- fb:77:0a:08:f6:c7:3b:06:eb:f8:37:f0:2c:06:6b:c6:2a:95:
- 0c:02:e4:87:34:ee:f9:af:93:27:b1:b5
------BEGIN CERTIFICATE-----
-MIICCTCCAZCgAwIBAgIQbOysStVPvAPkcqWbByevMjAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkxMDA4MDg1NzI5WhcNMjIwOTIy
-MDg1NzI5WjAOMQwwCgYDVQQDDANibWUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASG
-011uvj6RkNejLNJqKk+7zVJORlsbYPDLqlu0iHH0cQDkuMt0zridwf1caacoZiFD
-EUo1BsscVws3m/EveCrSHQFJZnEldHQOvpN1QGzLCoEOI3y3+Zvh0MTSHG3ayvKj
-gaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQU+fj0I8UBoE9qZrvZoKsuWk0FEJYw
-VQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNVBAMM
-D1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0lBAww
-CgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2cAMGQCMByXg+qd
-P56bmSYfQt8BsNUzC7VAnb4gHMLvq34bFNZy4kMZbOwr28+rvyEnLk8PgAIwfuf3
-wyF4Z6Vxe8tFzW+MBzbe+3cKCPbHOwbr+DfwLAZrxiqVDALkhzTu+a+TJ7G1
------END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- a1:74:ec:e4:d9:52:56:fa:d7:ad:43:1c:5e:3a:e2:84
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ cc:ff:e2:58:83:b8:5d:b6:9b:12:89:cf:9a:aa:2f:d4
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:13:36 2019 GMT
- Not After : Jul 14 13:13:36 2022 GMT
+ Not Before: Jan 27 16:53:22 2022 GMT
+ Not After : Jan 25 16:53:22 2032 GMT
Subject: CN=csgulyas
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:82:03:91:ad:e7:76:b7:8d:51:86:6d:cc:e3:15:
- 91:6c:ac:31:e7:6d:e1:44:0d:c3:29:95:7c:5e:e1:
- e8:37:aa:00:f6:47:74:18:e7:28:90:95:16:6c:08:
- e2:9f:d7:24:55:46:22:1c:19:9f:06:4b:9b:8e:96:
- 4b:5d:bb:c0:ad:35:5a:06:73:10:36:32:1d:89:e6:
- b1:9e:f3:62:0d:8f:85:70:72:4c:48:4a:47:f0:fa:
- eb:f6:7b:9c:7f:a8:7a
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:c6:73:39:5f:81:fd:b4:0c:84:c8:23:e0:44:80:
+ f5:9f:c1:cd:0f:f8:b8:4b:dd:c9:b0:8a:74:b4:23:
+ 37:34:c9:d9:82:95:d9:f0:a1:9e:54:3a:c4:33:19:
+ cd:71:96:ee:55:f2:10:67:34:de:dc:0a:b2:21:04:
+ d9:d7:5b:15:29:7f:08:54:da:0c:b5:ec:39:b8:78:
+ 92:03:07:1d:36:3d:ca:54:75:e9:67:fe:bb:b8:d2:
+ 30:72:6a:e7:5c:39:1f:93:bb:b4:62:40:6c:d3:c5:
+ a7:4f:24:7c:1e:0d:f9:ea:15:cd:1b:f1:e5:5b:86:
+ 7b:99:03:99:20:b0:2a:2f:58:2a:aa:b6:0f:e6:6e:
+ 1e:dc:43:57:04:dd:32:d7:ec:01:2c:1c:83:52:02:
+ 04:c2:8f:cd:69:da:ed:33:e1:ff:69:65:2e:26:67:
+ 23:a6:81:35:05:7c:52:c7:49:8a:69:38:26:9e:87:
+ fd:53:2a:9b:7b:90:d1:1a:b8:4e:fc:b7:6e:0c:26:
+ b8:55:b2:50:72:4c:d5:cb:8b:dd:de:e6:da:b4:b4:
+ 02:12:1c:24:84:bd:81:8a:4d:78:b8:6f:bc:dc:5a:
+ 03:da:70:44:48:10:13:bd:ba:be:db:94:e8:6b:71:
+ be:d0:cf:03:99:56:fe:c5:ad:68:51:ee:ff:7d:25:
+ 80:ff
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 7E:44:12:28:E0:31:C6:7D:40:5A:E4:D5:86:5D:90:10:CC:14:12:33
+ 74:79:FB:63:0E:0D:0C:52:6E:FD:DC:CD:22:A3:E6:59:9E:0D:93:E7
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:2c:e3:e6:64:cd:43:ae:4a:9c:d7:40:66:cb:b2:
- 1e:90:c3:97:17:32:f8:df:62:fd:54:32:d3:85:ee:bb:71:5e:
- 4a:e2:23:ea:a4:cb:75:3a:72:ac:ca:f6:1b:f5:6b:57:02:31:
- 00:e7:0a:38:06:b4:97:17:2c:f3:76:cc:aa:1e:6e:8d:be:12:
- 7e:0a:ef:d6:34:fa:42:37:e1:6d:d3:bb:1f:75:39:a3:c5:40:
- 32:37:7e:ba:c1:18:d4:cb:1b:55:62:ad:1b
+ Signature Algorithm: sha256WithRSAEncryption
+ 17:0c:56:0d:55:55:8a:58:6a:c0:b6:b1:0e:df:ce:77:a6:a6:
+ 09:4b:07:f8:01:5b:e2:b9:21:1d:d9:3c:63:14:7c:f4:b8:1f:
+ db:90:c8:bb:c5:c1:ef:86:08:ff:d4:55:17:3c:cb:d3:0a:e5:
+ ac:f6:fa:93:fe:55:13:3f:94:d1:d9:9d:08:43:46:be:65:d2:
+ dd:60:55:6e:82:39:ca:49:20:50:1f:84:e4:b8:8a:3b:f1:51:
+ da:59:dc:f9:62:3b:c6:fc:a7:ae:34:8a:90:d3:d4:a6:53:39:
+ eb:8a:a3:64:a6:18:3a:62:c1:e2:a3:1f:ae:01:d1:21:e3:77:
+ ce:07:16:3c:37:02:05:e6:5c:76:63:45:7e:61:3c:18:44:f2:
+ 72:a0:37:7b:24:31:bf:af:ef:40:1c:5a:e1:8d:06:26:fd:3a:
+ 4b:3c:fe:21:a8:6f:d4:01:71:d8:77:a4:46:82:c9:60:84:a7:
+ a1:7f:c8:95:c5:a9:16:4f:60:28:86:53:97:9d:52:ef:9a:31:
+ 51:60:80:44:26:5e:67:79:33:64:01:b3:99:c3:24:cd:ad:5e:
+ a1:7f:18:d6:3d:f9:f0:ce:b0:70:f0:25:72:34:45:7a:68:17:
+ 13:4b:24:82:d7:83:5b:e3:78:77:98:5e:ea:85:19:ee:83:3b:
+ 68:7c:5e:8e
-----BEGIN CERTIFICATE-----
-MIICEDCCAZagAwIBAgIRAKF07OTZUlb6161DHF464oQwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMTMzNloXDTIyMDcx
-NDEzMTMzNlowEzERMA8GA1UEAwwIY3NndWx5YXMwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAASCA5Gt53a3jVGGbczjFZFsrDHnbeFEDcMplXxe4eg3qgD2R3QY5yiQlRZs
-COKf1yRVRiIcGZ8GS5uOlktdu8CtNVoGcxA2Mh2J5rGe82INj4VwckxISkfw+uv2
-e5x/qHqjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUfkQSKOAxxn1AWuTVhl2Q
-EMwUEjMwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAW
-BgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYD
-VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUC
-MCzj5mTNQ65KnNdAZsuyHpDDlxcy+N9i/VQy04Xuu3FeSuIj6qTLdTpyrMr2G/Vr
-VwIxAOcKOAa0lxcs83bMqh5ujb4Sfgrv1jT6QjfhbdO7H3U5o8VAMjd+usEY1Msb
-VWKtGw==
+MIIDVzCCAj+gAwIBAgIRAMz/4liDuF22mxKJz5qqL9QwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1MzIyWhcNMzIwMTI1
+MTY1MzIyWjATMREwDwYDVQQDDAhjc2d1bHlhczCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMZzOV+B/bQMhMgj4ESA9Z/BzQ/4uEvdybCKdLQjNzTJ2YKV
+2fChnlQ6xDMZzXGW7lXyEGc03twKsiEE2ddbFSl/CFTaDLXsObh4kgMHHTY9ylR1
+6Wf+u7jSMHJq51w5H5O7tGJAbNPFp08kfB4N+eoVzRvx5VuGe5kDmSCwKi9YKqq2
+D+ZuHtxDVwTdMtfsASwcg1ICBMKPzWna7TPh/2llLiZnI6aBNQV8UsdJimk4Jp6H
+/VMqm3uQ0Rq4Tvy3bgwmuFWyUHJM1cuL3d7m2rS0AhIcJIS9gYpNeLhvvNxaA9pw
+REgQE726vtuU6GtxvtDPA5lW/sWtaFHu/30lgP8CAwEAAaOBojCBnzAJBgNVHRME
+AjAAMB0GA1UdDgQWBBR0eftjDg0MUm793M0io+ZZng2T5zBRBgNVHSMESjBIgBRJ
+Q1tS+DF4tYR0eo0n0yIfqdTCpaEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GC
+FHXPMTul9juXSk26FNFYypPL8X+lMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1Ud
+DwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAFwxWDVVVilhqwLaxDt/Od6amCUsH
++AFb4rkhHdk8YxR89Lgf25DIu8XB74YI/9RVFzzL0wrlrPb6k/5VEz+U0dmdCENG
+vmXS3WBVboI5ykkgUB+E5LiKO/FR2lnc+WI7xvynrjSKkNPUplM564qjZKYYOmLB
+4qMfrgHRIeN3zgcWPDcCBeZcdmNFfmE8GETycqA3eyQxv6/vQBxa4Y0GJv06Szz+
+Iahv1AFx2HekRoLJYISnoX/IlcWpFk9gKIZTl51S75oxUWCARCZeZ3kzZAGzmcMk
+za1eoX8Y1j358M6wcPAlcjRFemgXE0skgteDW+N4d5he6oUZ7oM7aHxejg==
-----END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- 12:23:21:70:b0:f9:e3:c1:fe:60:d8:6e:ec:97:35:12
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 98:28:a1:64:04:42:5a:3f:9f:42:0b:d6:47:20:1b:be
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:13:49 2019 GMT
- Not After : Jul 14 13:13:49 2022 GMT
+ Not Before: Jan 27 16:53:32 2022 GMT
+ Not After : Jan 25 16:53:32 2032 GMT
Subject: CN=cslevai
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:4b:d4:e1:4f:a7:5b:1e:c4:7d:40:27:19:de:bc:
- cc:78:6b:5a:86:13:48:c4:c0:40:09:4e:1d:cd:b4:
- f0:8d:14:2e:44:7c:8e:2d:7b:75:27:00:c4:9b:5c:
- 71:1d:35:ff:f6:91:01:e2:3f:22:4d:f4:59:45:e4:
- 85:61:a2:30:bb:7f:8e:7f:86:db:79:7a:da:61:00:
- 72:3d:60:0b:3a:7b:d3:8e:43:d5:21:f9:e5:ef:01:
- 02:48:0e:aa:07:e0:df
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:d1:ac:70:e4:89:88:d8:df:db:ce:fe:1e:85:79:
+ 12:be:c3:fe:78:5d:90:21:37:4c:8b:f7:83:21:8b:
+ af:e0:17:83:20:b9:34:f7:f4:ac:ac:c3:6b:6f:94:
+ 60:b1:c3:82:98:55:4a:19:61:89:3a:60:75:8c:99:
+ 86:55:07:e0:b5:ee:6a:62:41:29:39:e4:c0:d3:14:
+ 22:78:1e:4c:02:ff:9a:36:3c:d5:17:a2:28:d8:68:
+ 9c:cd:cc:cc:32:0d:ac:b5:c4:c3:b4:ce:c1:d7:50:
+ ad:65:44:56:3f:d6:9a:1e:12:4c:18:d9:f7:c4:d9:
+ d0:eb:5f:ee:d4:b8:1c:64:40:cb:cf:62:72:38:33:
+ ab:d7:c5:bc:84:af:5e:5d:d2:df:51:0e:62:48:b5:
+ 71:e8:74:c2:de:1c:59:fb:ad:ae:f9:9e:9a:7b:73:
+ c7:ad:1a:43:9d:92:03:40:5c:b0:89:0a:79:e7:7a:
+ a4:a9:fe:d2:a2:37:fb:30:b9:84:8b:af:4d:ae:d1:
+ 68:36:dc:df:9c:f3:e9:84:b3:dc:41:97:cb:34:ea:
+ 18:97:9f:d8:60:86:e2:8f:f1:9e:6b:6d:69:fe:78:
+ 87:f9:5b:f5:4d:bf:5d:7e:29:c3:73:68:1d:9a:03:
+ 5c:f7:34:fd:89:d9:70:59:e6:df:e3:64:55:21:a9:
+ 23:d1
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- A5:71:47:49:34:D9:70:4C:8E:A6:06:51:69:AC:4D:2F:61:9F:3F:D2
+ 78:8A:3B:63:8C:10:54:23:2A:F6:61:5B:4E:8D:23:85:01:A5:3A:B8
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:79:11:b6:e8:91:42:c8:db:cd:fa:27:07:1d:5b:
- cc:9f:b2:f3:d2:0f:79:7f:7e:83:3a:e9:4b:86:a0:ba:c1:10:
- 9a:87:21:f0:2c:26:e9:c5:fc:fc:7c:6c:45:79:29:d3:02:30:
- 0b:74:ab:68:f6:25:3f:d3:2b:eb:a9:13:1d:3d:b1:a8:80:9c:
- 1f:8f:6f:de:de:2f:a7:7f:ad:5a:a5:18:29:05:99:65:5f:63:
- 50:31:6e:78:90:e6:12:3e:83:f1:d8:b0
+ Signature Algorithm: sha256WithRSAEncryption
+ 5f:0c:9b:ec:2f:d1:0f:96:91:e2:9c:3b:55:27:f0:56:5d:7c:
+ 85:0c:8b:d3:03:d5:40:86:0e:9b:0b:d1:ce:f5:e6:ab:7a:ec:
+ 18:17:e0:0f:56:03:c6:29:20:35:4a:bc:43:01:0b:c0:6e:77:
+ 5d:33:c8:57:11:75:c3:d6:e4:fa:70:42:9c:0f:cd:33:75:ce:
+ 68:3e:8b:2c:c1:19:07:5f:ab:00:8d:cc:b5:7e:bf:6d:ec:01:
+ db:6a:5e:56:dd:2e:95:13:bb:4c:8e:ed:06:3e:50:c9:48:ad:
+ 87:7d:1b:0b:54:b2:cb:70:cf:c3:15:19:fc:cf:57:05:3c:c8:
+ e3:34:9f:e7:d1:57:65:5d:07:08:82:3e:2e:00:dc:02:ab:4a:
+ ab:9d:f3:e1:37:c7:17:83:71:e0:c2:92:a8:5a:45:46:83:a2:
+ 8b:c8:f4:41:cb:17:fb:dd:cd:ea:40:02:63:3d:a5:79:8c:f4:
+ ea:3b:4c:d1:2c:1b:82:f1:ff:6a:d4:e4:dc:8c:b1:ff:8a:72:
+ 00:f0:53:a1:c8:98:45:ac:22:7a:35:40:b8:fe:13:8a:9c:d1:
+ b9:d6:74:31:08:30:db:03:a9:75:6c:75:48:96:ad:02:ce:a3:
+ 22:2a:a9:a8:63:c9:7f:0b:25:0d:91:6c:3a:72:56:11:22:4c:
+ 37:5f:3d:f9
-----BEGIN CERTIFICATE-----
-MIICDTCCAZSgAwIBAgIQEiMhcLD548H+YNhu7Jc1EjAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxMzQ5WhcNMjIwNzE0
-MTMxMzQ5WjASMRAwDgYDVQQDDAdjc2xldmFpMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAES9ThT6dbHsR9QCcZ3rzMeGtahhNIxMBACU4dzbTwjRQuRHyOLXt1JwDEm1xx
-HTX/9pEB4j8iTfRZReSFYaIwu3+Of4bbeXraYQByPWALOnvTjkPVIfnl7wECSA6q
-B+Dfo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFKVxR0k02XBMjqYGUWmsTS9h
-nz/SMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNnADBkAjB5
-EbbokULI2836JwcdW8yfsvPSD3l/foM66UuGoLrBEJqHIfAsJunF/Px8bEV5KdMC
-MAt0q2j2JT/TK+upEx09saiAnB+Pb97eL6d/rVqlGCkFmWVfY1AxbniQ5hI+g/HY
-sA==
+MIIDVjCCAj6gAwIBAgIRAJgooWQEQlo/n0IL1kcgG74wDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1MzMyWhcNMzIwMTI1
+MTY1MzMyWjASMRAwDgYDVQQDDAdjc2xldmFpMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA0axw5ImI2N/bzv4ehXkSvsP+eF2QITdMi/eDIYuv4BeDILk0
+9/SsrMNrb5RgscOCmFVKGWGJOmB1jJmGVQfgte5qYkEpOeTA0xQieB5MAv+aNjzV
+F6Io2GiczczMMg2stcTDtM7B11CtZURWP9aaHhJMGNn3xNnQ61/u1LgcZEDLz2Jy
+ODOr18W8hK9eXdLfUQ5iSLVx6HTC3hxZ+62u+Z6ae3PHrRpDnZIDQFywiQp553qk
+qf7Sojf7MLmEi69NrtFoNtzfnPPphLPcQZfLNOoYl5/YYIbij/Gea21p/niH+Vv1
+Tb9dfinDc2gdmgNc9zT9idlwWebf42RVIakj0QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFHiKO2OMEFQjKvZhW06NI4UBpTq4MFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBfDJvsL9EPlpHinDtVJ/BWXXyFDIvT
+A9VAhg6bC9HO9eareuwYF+APVgPGKSA1SrxDAQvAbnddM8hXEXXD1uT6cEKcD80z
+dc5oPosswRkHX6sAjcy1fr9t7AHbal5W3S6VE7tMju0GPlDJSK2HfRsLVLLLcM/D
+FRn8z1cFPMjjNJ/n0VdlXQcIgj4uANwCq0qrnfPhN8cXg3HgwpKoWkVGg6KLyPRB
+yxf73c3qQAJjPaV5jPTqO0zRLBuC8f9q1OTcjLH/inIA8FOhyJhFrCJ6NUC4/hOK
+nNG51nQxCDDbA6l1bHVIlq0CzqMiKqmoY8l/CyUNkWw6clYRIkw3Xz35
-----END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- ee:43:78:cd:16:7f:a5:7c:d5:10:b8:71:1f:5e:50:4e
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ ac:ba:23:20:4b:73:6c:f4:35:3c:08:0b:12:1b:ff:49
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Aug 2 08:47:52 2019 GMT
- Not After : Jul 17 08:47:52 2022 GMT
+ Not Before: Jan 27 16:53:47 2022 GMT
+ Not After : Jan 25 16:53:47 2032 GMT
Subject: CN=dhorvath
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:c2:77:2a:57:01:7b:d9:0b:e0:e0:69:7e:2a:df:
- 05:b8:91:4e:50:51:e9:52:bd:a5:fa:01:ad:62:0a:
- 69:10:82:6f:aa:84:64:33:71:d9:96:ca:9c:05:ce:
- d9:13:99:b0:d9:d5:4d:d9:1a:43:8c:41:d5:e7:0a:
- ae:92:6c:f6:7f:bf:73:b6:ff:bd:a4:bb:fc:d9:0c:
- 36:0d:e2:f4:78:24:bb:cd:ac:e9:04:d6:9c:a5:2b:
- ce:d7:0e:85:85:10:f1
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:c6:f8:1a:ee:a6:a6:42:b8:ae:3f:fc:45:c6:86:
+ 81:17:81:74:f1:e2:eb:14:a6:22:5e:3a:44:33:0c:
+ d9:a4:2b:64:62:f5:77:61:c1:97:56:42:ee:89:d0:
+ 6d:61:a7:a1:59:65:7d:83:0e:97:7e:63:b4:ab:f7:
+ 95:fd:18:c1:0b:2d:c3:de:66:7a:9a:75:cd:ef:1f:
+ 0e:56:b5:c3:c8:45:78:68:f0:51:a1:30:75:9f:3e:
+ b0:31:02:a7:d8:73:b5:eb:1c:6c:93:6a:c0:bb:3f:
+ f7:ad:27:76:0e:86:55:f8:23:e5:d3:70:6e:23:9f:
+ dc:94:f0:50:40:98:a9:8a:07:c7:e3:cb:e9:23:ca:
+ 91:4d:01:49:db:8d:1a:ca:4c:f6:52:5b:b6:02:15:
+ 69:b3:20:6a:33:c0:61:52:bc:d5:1d:ac:f4:6a:8e:
+ cc:a9:fb:36:8f:8b:21:db:91:f8:3a:11:d4:cd:c7:
+ d6:c7:cd:41:17:cd:91:49:0b:40:21:8d:13:a2:ee:
+ fa:59:d3:60:55:f8:8e:bb:6b:2b:0e:f7:af:61:a7:
+ 6b:88:c1:03:4d:73:4d:e3:c0:e2:17:b1:2c:9d:78:
+ 78:1c:9e:e9:f8:0c:2c:64:68:b4:c1:4a:43:47:f4:
+ 87:91:06:f9:00:fd:76:00:41:09:58:b5:a2:b8:af:
+ b7:05
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- D7:31:77:61:74:16:36:31:0A:BF:D2:E5:EA:44:1E:FD:CE:E3:7E:26
+ CF:44:3C:7F:23:15:9C:76:59:D3:47:32:F3:05:35:6E:23:A0:3B:C7
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:cc:88:44:5d:a2:1b:e2:d5:1f:f6:17:f7:4f:
- fe:11:b1:6a:e7:9b:cd:bb:35:21:90:9d:a5:07:e8:34:1c:b4:
- 29:b6:a1:ff:d1:d9:d3:60:a1:04:ed:47:17:d5:81:53:bf:02:
- 31:00:db:af:26:de:3e:0a:b9:2b:e7:43:a0:34:10:96:fb:7c:
- 25:4a:dd:e6:82:bc:5a:f0:f9:ea:cc:10:3f:2f:18:09:eb:32:
- f3:83:d4:49:b1:7b:30:d4:d0:3f:9c:00:75:7b
+ Signature Algorithm: sha256WithRSAEncryption
+ 41:c4:86:a3:f5:3b:0d:5e:b2:78:78:b1:18:80:65:4d:02:06:
+ ba:f5:3b:49:5d:09:13:a9:7d:e2:6e:f2:a3:ea:e0:27:78:8c:
+ 41:63:85:f5:8b:11:86:89:f4:83:d4:2a:91:22:26:b9:68:11:
+ 3a:2a:74:df:3c:ea:d5:3b:bc:e9:d8:c6:1b:01:6d:3d:db:43:
+ bb:eb:6b:76:2c:fe:d9:ec:d1:d6:3d:c1:f2:59:27:29:17:cc:
+ 6a:be:da:b3:cd:c7:6f:b6:5d:1e:49:a5:4b:d5:c0:87:fc:7a:
+ a6:40:67:e4:1e:5b:93:01:51:be:f9:33:7e:cb:29:4a:4f:55:
+ 52:09:66:f1:b9:b3:98:99:59:f8:24:50:09:80:51:21:76:47:
+ 93:c1:f7:c2:83:32:9c:a8:da:63:1b:cf:85:3a:99:9d:43:22:
+ af:76:94:b0:50:18:7c:bf:c4:16:55:09:79:90:2c:41:ee:84:
+ ac:b5:f1:26:d7:b3:23:38:95:28:e0:66:3e:ae:11:61:72:cf:
+ a2:e7:c4:58:d9:14:52:a7:da:0a:6b:2b:94:7e:b5:66:57:8e:
+ 54:40:df:57:09:5e:61:7f:7e:dd:71:fa:a7:23:06:18:c1:2d:
+ ff:8d:90:f2:b0:8d:5a:0a:7e:ae:64:d3:bb:ae:48:29:24:ea:
+ 39:9f:cf:0d
-----BEGIN CERTIFICATE-----
-MIICETCCAZagAwIBAgIRAO5DeM0Wf6V81RC4cR9eUE4wCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDgwMjA4NDc1MloXDTIyMDcx
-NzA4NDc1MlowEzERMA8GA1UEAwwIZGhvcnZhdGgwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAATCdypXAXvZC+DgaX4q3wW4kU5QUelSvaX6Aa1iCmkQgm+qhGQzcdmWypwF
-ztkTmbDZ1U3ZGkOMQdXnCq6SbPZ/v3O2/72ku/zZDDYN4vR4JLvNrOkE1pylK87X
-DoWFEPGjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQU1zF3YXQWNjEKv9Ll6kQe
-/c7jfiYwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAW
-BgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYD
-VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2kAMGYC
-MQDMiERdohvi1R/2F/dP/hGxauebzbs1IZCdpQfoNBy0Kbah/9HZ02ChBO1HF9WB
-U78CMQDbrybePgq5K+dDoDQQlvt8JUrd5oK8WvD56swQPy8YCesy84PUSbF7MNTQ
-P5wAdXs=
+MIIDVzCCAj+gAwIBAgIRAKy6IyBLc2z0NTwICxIb/0kwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1MzQ3WhcNMzIwMTI1
+MTY1MzQ3WjATMREwDwYDVQQDDAhkaG9ydmF0aDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMb4Gu6mpkK4rj/8RcaGgReBdPHi6xSmIl46RDMM2aQrZGL1
+d2HBl1ZC7onQbWGnoVllfYMOl35jtKv3lf0YwQstw95mepp1ze8fDla1w8hFeGjw
+UaEwdZ8+sDECp9hztescbJNqwLs/960ndg6GVfgj5dNwbiOf3JTwUECYqYoHx+PL
+6SPKkU0BSduNGspM9lJbtgIVabMgajPAYVK81R2s9GqOzKn7No+LIduR+DoR1M3H
+1sfNQRfNkUkLQCGNE6Lu+lnTYFX4jrtrKw73r2Gna4jBA01zTePA4hexLJ14eBye
+6fgMLGRotMFKQ0f0h5EG+QD9dgBBCVi1orivtwUCAwEAAaOBojCBnzAJBgNVHRME
+AjAAMB0GA1UdDgQWBBTPRDx/IxWcdlnTRzLzBTVuI6A7xzBRBgNVHSMESjBIgBRJ
+Q1tS+DF4tYR0eo0n0yIfqdTCpaEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GC
+FHXPMTul9juXSk26FNFYypPL8X+lMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1Ud
+DwQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAQcSGo/U7DV6yeHixGIBlTQIGuvU7
+SV0JE6l94m7yo+rgJ3iMQWOF9YsRhon0g9QqkSImuWgROip03zzq1Tu86djGGwFt
+PdtDu+trdiz+2ezR1j3B8lknKRfMar7as83Hb7ZdHkmlS9XAh/x6pkBn5B5bkwFR
+vvkzfsspSk9VUglm8bmzmJlZ+CRQCYBRIXZHk8H3woMynKjaYxvPhTqZnUMir3aU
+sFAYfL/EFlUJeZAsQe6ErLXxJtezIziVKOBmPq4RYXLPoufEWNkUUqfaCmsrlH61
+ZleOVEDfVwleYX9+3XH6pyMGGMEt/42Q8rCNWgp+rmTTu65IKSTqOZ/PDQ==
-----END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- 07:5b:cc:38:0a:a7:60:e4:33:ea:dc:63:5f:da:65:bb
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ d0:00:c3:68:db:1f:1a:36:3a:cd:08:ff:f2:13:d8:e9
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:14:04 2019 GMT
- Not After : Jul 14 13:14:04 2022 GMT
+ Not Before: Jan 27 16:54:00 2022 GMT
+ Not After : Jan 25 16:54:00 2032 GMT
Subject: CN=dvasary
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:83:4f:51:7b:f1:30:dc:76:25:db:21:fd:11:8a:
- 39:fc:6f:4a:0f:f5:38:9d:8e:3c:18:c3:e2:b9:9a:
- 7e:d8:25:9d:69:f1:40:f2:1c:f8:bd:7c:98:e9:1d:
- 86:78:d0:d5:7b:b1:e6:8a:cb:44:e9:42:6c:61:c4:
- d9:32:c5:16:f0:76:71:90:58:0f:13:f4:cb:01:02:
- 68:fa:bb:3e:cb:24:47:e2:87:2d:f2:c6:d9:5f:b8:
- 16:de:47:aa:bf:02:65
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b4:d9:2e:da:28:56:77:92:4d:fd:38:96:a6:8d:
+ c4:0a:44:75:dc:ff:81:ee:9e:0d:af:9b:7b:ed:5e:
+ 5f:03:be:33:5e:af:54:e1:e8:b8:0e:9c:83:62:24:
+ ce:94:0c:e5:d0:8a:90:41:5f:72:4f:a3:b0:27:9c:
+ 73:32:52:1f:8c:9d:d9:52:db:ce:91:85:db:0e:c6:
+ 71:f0:fe:42:6f:06:11:76:16:32:45:22:f0:37:72:
+ d8:87:d2:f4:15:ad:77:b5:e2:a7:50:81:80:57:87:
+ 2f:84:f4:9d:9c:5a:b6:47:61:2e:42:f5:59:4a:f8:
+ b1:de:2f:c3:bb:4a:69:57:61:6d:d2:a6:9c:bd:ee:
+ 91:2d:fc:8e:68:5f:62:b8:c6:6f:0d:29:7c:2c:26:
+ 17:96:8a:42:45:29:93:49:e9:71:3b:df:11:54:c5:
+ 19:47:11:be:48:42:5d:df:e7:39:0d:59:06:79:a7:
+ 5d:68:fd:ff:63:d4:d5:f2:a4:77:b3:46:c2:7c:9d:
+ bf:10:57:73:da:03:c0:82:4c:6c:55:37:1e:64:68:
+ d0:96:f3:9e:02:f9:c5:52:73:dc:15:57:81:2e:0f:
+ 01:98:29:bc:cf:a1:8e:fa:58:e8:05:98:3b:4c:73:
+ 65:06:e5:f9:be:25:9a:e2:e9:33:be:86:5f:16:8a:
+ fc:f9
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 61:47:26:E4:48:A5:C7:F8:38:0A:5F:06:FE:F6:35:DC:BB:71:F1:36
+ D0:78:94:E1:01:5B:22:6C:03:1E:7C:BC:CA:35:8D:58:BC:31:78:82
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:8a:59:88:96:eb:a1:b6:5d:51:39:39:63:b6:
- 53:c1:1e:01:ae:35:ff:3e:a5:ba:ed:17:a9:0b:2d:a9:86:c3:
- ae:c1:47:55:9b:16:9f:d7:29:71:28:06:92:6c:da:86:75:02:
- 31:00:b3:f1:55:67:51:44:2f:fa:5f:c0:65:ce:45:c3:ef:88:
- f4:80:98:65:69:e5:db:7b:42:71:6f:16:f2:06:5c:ad:e1:ce:
- fb:dc:fc:46:1f:b2:79:61:5a:c9:81:b5:24:c3
+ Signature Algorithm: sha256WithRSAEncryption
+ cb:3e:27:5c:98:9f:19:d3:e3:e6:9b:13:23:fc:6d:06:62:1f:
+ 80:6e:95:f3:67:02:a0:9e:a0:71:fd:c2:08:c4:a3:ed:61:44:
+ 5e:3e:d7:fa:a2:53:ca:97:44:97:8a:e3:e5:e4:c6:b0:b7:cc:
+ 46:aa:5d:32:71:7b:0c:e7:ac:e8:c3:65:9e:45:bf:39:4a:d1:
+ fe:20:4f:1b:8e:88:f3:9d:82:3b:99:0d:95:53:da:ed:db:60:
+ 68:79:31:c3:11:f5:63:e9:74:1a:8d:15:8d:e7:0e:ff:0f:8f:
+ a1:e0:82:ad:42:cd:6d:2c:73:93:a8:fc:c3:c7:37:24:f5:44:
+ 51:c9:3d:28:67:6c:a3:3b:11:3c:f2:5e:45:a8:cc:09:21:f7:
+ 3a:be:aa:53:c6:4f:90:65:83:df:3d:1b:01:c5:a8:95:f0:d3:
+ da:b0:e4:9a:d5:ed:c5:f6:2e:78:38:39:ba:78:db:53:d6:0a:
+ e4:5d:e7:59:7d:81:a1:1d:81:96:ef:28:26:0a:8d:73:9c:60:
+ e3:6c:02:c3:95:cf:93:6f:e5:c0:49:b9:eb:8f:5e:02:19:83:
+ 5a:50:d9:6b:9d:0d:01:80:06:ba:96:2d:e0:82:4a:5b:02:53:
+ 37:36:a6:41:5d:34:1d:9a:96:86:ae:46:cf:74:f7:49:dd:cd:
+ 93:eb:81:23
-----BEGIN CERTIFICATE-----
-MIICDzCCAZSgAwIBAgIQB1vMOAqnYOQz6txjX9pluzAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDA0WhcNMjIwNzE0
-MTMxNDA0WjASMRAwDgYDVQQDDAdkdmFzYXJ5MHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEg09Re/Ew3HYl2yH9EYo5/G9KD/U4nY48GMPiuZp+2CWdafFA8hz4vXyY6R2G
-eNDVe7HmistE6UJsYcTZMsUW8HZxkFgPE/TLAQJo+rs+yyRH4oct8sbZX7gW3keq
-vwJlo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFGFHJuRIpcf4OApfBv72Ndy7
-cfE2MFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEA
-ilmIluuhtl1ROTljtlPBHgGuNf8+pbrtF6kLLamGw67BR1WbFp/XKXEoBpJs2oZ1
-AjEAs/FVZ1FEL/pfwGXORcPviPSAmGVp5dt7QnFvFvIGXK3hzvvc/EYfsnlhWsmB
-tSTD
+MIIDVjCCAj6gAwIBAgIRANAAw2jbHxo2Os0I//IT2OkwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1NDAwWhcNMzIwMTI1
+MTY1NDAwWjASMRAwDgYDVQQDDAdkdmFzYXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAtNku2ihWd5JN/TiWpo3ECkR13P+B7p4Nr5t77V5fA74zXq9U
+4ei4DpyDYiTOlAzl0IqQQV9yT6OwJ5xzMlIfjJ3ZUtvOkYXbDsZx8P5CbwYRdhYy
+RSLwN3LYh9L0Fa13teKnUIGAV4cvhPSdnFq2R2EuQvVZSvix3i/Du0ppV2Ft0qac
+ve6RLfyOaF9iuMZvDSl8LCYXlopCRSmTSelxO98RVMUZRxG+SEJd3+c5DVkGeadd
+aP3/Y9TV8qR3s0bCfJ2/EFdz2gPAgkxsVTceZGjQlvOeAvnFUnPcFVeBLg8BmCm8
+z6GO+ljoBZg7THNlBuX5viWa4ukzvoZfFor8+QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFNB4lOEBWyJsAx58vMo1jVi8MXiCMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQDLPidcmJ8Z0+PmmxMj/G0GYh+AbpXz
+ZwKgnqBx/cIIxKPtYURePtf6olPKl0SXiuPl5Mawt8xGql0ycXsM56zow2WeRb85
+StH+IE8bjojznYI7mQ2VU9rt22BoeTHDEfVj6XQajRWN5w7/D4+h4IKtQs1tLHOT
+qPzDxzck9URRyT0oZ2yjOxE88l5FqMwJIfc6vqpTxk+QZYPfPRsBxaiV8NPasOSa
+1e3F9i54ODm6eNtT1grkXedZfYGhHYGW7ygmCo1znGDjbALDlc+Tb+XASbnrj14C
+GYNaUNlrnQ0BgAa6li3ggkpbAlM3NqZBXTQdmpaGrkbPdPdJ3c2T64Ej
-----END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- 32:06:af:0b:00:a2:dd:98:26:61:13:a2:f8:c5:f8:e7
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ dd:3f:8e:ec:40:23:98:27:3e:6e:03:0d:a4:c4:94:43
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:14:15 2019 GMT
- Not After : Jul 14 13:14:15 2022 GMT
+ Not Before: Jan 27 16:54:12 2022 GMT
+ Not After : Jan 25 16:54:12 2032 GMT
Subject: CN=fritter
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:01:16:61:9a:29:9b:00:34:c6:d8:d0:31:87:e7:
- 2c:fd:7a:7e:e0:6e:f7:26:1a:62:7f:d4:7d:aa:8d:
- 0e:83:bd:c2:51:8c:cb:34:2b:3d:04:40:4f:2c:6f:
- 8b:86:9b:7f:de:a2:79:a4:0a:03:4c:70:71:34:ba:
- f6:f8:d1:e8:92:18:32:d6:78:3d:5d:29:5c:70:a0:
- b6:80:7f:21:e2:63:09:57:c1:46:fd:9b:d9:7a:2a:
- b8:13:f2:f7:83:cc:32
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:d2:58:d1:a5:05:3c:bd:ed:ca:7c:f3:0b:96:d1:
+ 01:db:c5:61:64:ed:9c:2e:23:0f:9d:94:cc:dc:ff:
+ 84:4b:20:ce:9d:1f:f6:f2:20:b8:1b:7c:87:1a:6a:
+ f7:8e:5f:cf:b0:3b:0b:f5:8a:2c:84:fb:35:63:3f:
+ ae:4f:54:ce:8f:b5:3c:76:ee:b4:6e:3d:e9:39:13:
+ 4b:0f:03:64:32:a1:2f:4f:12:c7:91:db:5e:09:93:
+ 92:2e:9e:7e:7d:bd:1c:00:f8:f2:12:48:e0:57:0d:
+ 8a:7a:8b:d4:68:6f:3e:19:6f:86:d8:91:97:11:5f:
+ db:52:5e:53:4b:62:92:56:d6:e3:02:68:6d:40:7f:
+ ce:4b:28:b5:c1:9d:7d:87:5c:0a:b5:33:f5:a3:a0:
+ 1a:a8:a6:1c:24:a8:33:a0:36:59:e6:3c:ce:aa:90:
+ d1:74:68:59:4d:6a:da:c3:7a:90:74:44:af:b3:e6:
+ 3f:82:86:9a:bb:a5:03:7c:79:92:ef:f9:fd:e2:09:
+ 46:b7:2c:57:df:f0:1d:4b:8b:a8:e3:5d:29:7b:40:
+ 4b:b0:63:e9:9b:aa:f3:26:70:94:81:4d:29:44:55:
+ 97:b6:75:3c:e3:be:ca:a4:5b:8b:9e:a9:04:d1:d7:
+ 45:72:95:ed:cd:62:20:aa:0f:2f:06:ca:59:2b:1f:
+ fe:05
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- B1:1A:69:80:EF:74:B3:58:F8:3B:86:7A:86:DF:8C:50:30:56:12:04
+ 38:5F:64:D8:70:65:7B:A2:3F:85:A7:10:E8:23:47:ED:0B:22:89:1A
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:da:29:1d:b3:22:d6:c9:b3:16:e6:14:41:77:
- fb:87:e7:9c:39:0b:a4:40:42:bf:45:0a:b0:4e:53:89:c9:a9:
- 6b:90:b7:88:85:bd:f0:9b:a0:a4:4b:fb:e3:2e:6f:d1:ff:02:
- 31:00:82:ce:d7:ed:cd:94:17:96:d4:65:97:82:11:ae:dd:22:
- 2c:2f:f2:64:55:ef:e7:25:c9:89:c3:bf:fc:cf:5f:c5:60:00:
- 2c:e9:7d:36:7b:6b:b8:c0:08:c2:66:f2:f7:ef
+ Signature Algorithm: sha256WithRSAEncryption
+ 0b:9e:0b:ac:0c:d5:88:a3:4b:66:cf:2d:a4:ed:7f:e3:32:94:
+ 5d:c6:20:33:20:50:cb:51:12:7b:cc:a6:61:43:bf:22:39:95:
+ f9:15:c8:5a:ba:82:07:92:d4:b8:11:34:47:17:7b:00:b4:40:
+ 32:d6:c9:e1:a3:e4:cf:1b:b8:3f:8e:ef:9e:96:c6:60:6f:63:
+ 2d:70:58:46:f7:bb:30:31:bc:08:19:3f:45:b6:45:31:db:db:
+ d7:eb:fd:8a:dd:04:bc:d3:30:b0:f0:e4:1c:84:e8:71:9a:a8:
+ e8:16:19:1e:96:60:d5:2f:c1:09:46:3c:a5:84:00:5f:f8:3d:
+ 0d:f8:0f:ec:8a:c9:31:ed:4f:64:2d:b3:ed:f1:6a:f0:ed:31:
+ 10:e6:38:69:a9:02:c8:3b:8c:a9:57:dc:65:c5:35:fd:e6:5a:
+ 4d:a1:f0:43:e5:ca:18:02:eb:41:28:32:c3:04:5e:77:d1:b7:
+ 64:69:aa:ff:ca:e1:dc:2c:14:9f:02:25:2d:77:bd:88:c6:6c:
+ ff:61:cd:7d:9c:fe:f1:58:5a:17:60:88:d6:ae:9a:76:86:7e:
+ b1:84:00:f2:f5:3a:b3:5e:6e:e9:cf:5d:b7:bb:1d:79:1b:e6:
+ b8:5c:f9:c0:21:e9:35:30:01:1e:a0:23:a2:cf:42:6e:a6:74:
+ fc:da:bf:6a
-----BEGIN CERTIFICATE-----
-MIICDzCCAZSgAwIBAgIQMgavCwCi3ZgmYROi+MX45zAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDE1WhcNMjIwNzE0
-MTMxNDE1WjASMRAwDgYDVQQDDAdmcml0dGVyMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEARZhmimbADTG2NAxh+cs/Xp+4G73Jhpif9R9qo0Og73CUYzLNCs9BEBPLG+L
-hpt/3qJ5pAoDTHBxNLr2+NHokhgy1ng9XSlccKC2gH8h4mMJV8FG/ZvZeiq4E/L3
-g8wyo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFLEaaYDvdLNY+DuGeobfjFAw
-VhIEMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEA
-2ikdsyLWybMW5hRBd/uH55w5C6RAQr9FCrBOU4nJqWuQt4iFvfCboKRL++Mub9H/
-AjEAgs7X7c2UF5bUZZeCEa7dIiwv8mRV7+clyYnDv/zPX8VgACzpfTZ7a7jACMJm
-8vfv
+MIIDVjCCAj6gAwIBAgIRAN0/juxAI5gnPm4DDaTElEMwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1NDEyWhcNMzIwMTI1
+MTY1NDEyWjASMRAwDgYDVQQDDAdmcml0dGVyMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA0ljRpQU8ve3KfPMLltEB28VhZO2cLiMPnZTM3P+ESyDOnR/2
+8iC4G3yHGmr3jl/PsDsL9YoshPs1Yz+uT1TOj7U8du60bj3pORNLDwNkMqEvTxLH
+kdteCZOSLp5+fb0cAPjyEkjgVw2KeovUaG8+GW+G2JGXEV/bUl5TS2KSVtbjAmht
+QH/OSyi1wZ19h1wKtTP1o6AaqKYcJKgzoDZZ5jzOqpDRdGhZTWraw3qQdESvs+Y/
+goaau6UDfHmS7/n94glGtyxX3/AdS4uo410pe0BLsGPpm6rzJnCUgU0pRFWXtnU8
+477KpFuLnqkE0ddFcpXtzWIgqg8vBspZKx/+BQIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFDhfZNhwZXuiP4WnEOgjR+0LIokaMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQALngusDNWIo0tmzy2k7X/jMpRdxiAz
+IFDLURJ7zKZhQ78iOZX5FchauoIHktS4ETRHF3sAtEAy1snho+TPG7g/ju+elsZg
+b2MtcFhG97swMbwIGT9FtkUx29vX6/2K3QS80zCw8OQchOhxmqjoFhkelmDVL8EJ
+RjylhABf+D0N+A/siskx7U9kLbPt8Wrw7TEQ5jhpqQLIO4ypV9xlxTX95lpNofBD
+5coYAutBKDLDBF530bdkaar/yuHcLBSfAiUtd72Ixmz/Yc19nP7xWFoXYIjWrpp2
+hn6xhADy9TqzXm7pz123ux15G+a4XPnAIek1MAEeoCOiz0JupnT82r9q
-----END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- 62:de:03:11:22:c6:4b:00:ac:33:d5:e5:8a:25:0f:ff
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 60:87:51:1c:41:ab:64:4d:6e:87:35:4b:37:da:5a:be
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:14:27 2019 GMT
- Not After : Jul 14 13:14:27 2022 GMT
+ Not Before: Jan 27 16:54:21 2022 GMT
+ Not After : Jan 25 16:54:21 2032 GMT
Subject: CN=fschnell
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:c1:66:71:37:bb:f5:b6:2c:b0:a0:d6:8c:85:2c:
- 31:28:d1:5e:d6:23:71:ae:b7:6f:79:12:50:7a:b5:
- 6c:ee:eb:a0:a9:9b:1a:d5:f3:5d:72:fd:cd:f1:0d:
- 23:3f:6e:44:7b:1f:c9:8a:1e:fb:51:ad:e2:bf:c8:
- 12:0d:d0:7a:11:de:ee:c2:6e:06:af:67:c7:51:13:
- 8c:cf:75:9f:a9:80:42:f2:9c:5a:78:af:29:57:df:
- b0:c1:d6:d6:3b:42:60
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:ba:48:1e:7f:2f:93:ee:b3:88:cf:0a:0a:82:0d:
+ 48:bd:ed:d8:3f:5d:13:d1:20:c0:34:b9:8f:53:39:
+ 52:d2:7e:91:4f:e5:4c:07:73:54:25:a6:6a:c7:83:
+ b8:fc:93:1d:b6:03:72:59:41:4a:61:b9:68:0d:4e:
+ e2:9b:b4:74:6c:87:7c:a3:61:30:22:3f:9b:53:23:
+ 31:e1:b6:37:ef:0d:32:df:6e:40:14:e1:d8:1a:0e:
+ 93:8f:6c:55:0d:dd:c9:9a:a2:5c:1e:46:c1:19:ce:
+ e4:ee:8b:3e:93:bf:ce:60:30:29:da:2c:e7:d7:a9:
+ 06:4d:84:60:cd:3a:28:18:0d:d2:11:6e:01:e9:1a:
+ 0c:6b:d1:09:b4:e6:5f:95:7d:c3:a3:d3:fb:44:15:
+ 50:b7:be:6e:89:d3:75:cf:57:e3:13:f6:99:3e:ea:
+ 2b:38:05:5b:d4:0d:c6:65:42:93:63:c6:e7:44:5a:
+ 2c:01:19:88:52:c7:6f:12:fa:27:df:5e:b6:40:e9:
+ 15:35:e4:27:0f:e3:c7:1d:37:4f:5f:0b:78:cb:33:
+ a2:e6:06:35:b3:b1:d4:4a:4f:55:48:95:b1:e0:5c:
+ 8f:35:87:d9:32:07:1b:68:b0:eb:8b:03:67:9c:0e:
+ 14:0c:63:ca:22:c7:86:9a:35:5f:af:84:75:fa:3b:
+ e7:43
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- B9:32:14:86:9B:D6:96:CB:A1:D9:29:28:C4:F7:93:25:5F:2A:A1:1C
+ 4C:D9:F1:08:3B:62:3F:D4:E3:22:0B:27:BD:9C:7C:15:44:B8:D6:11
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:61:aa:3e:2c:c7:81:3c:56:1a:87:fe:c8:42:6a:
- b1:61:dd:1c:6a:21:ac:81:90:ef:04:4c:2f:fc:9f:b7:75:e1:
- b2:2a:60:f8:67:f0:9a:b4:7f:18:cd:81:68:bf:ae:1b:02:30:
- 33:0e:e6:86:5d:2e:bc:64:4e:4c:fd:8d:05:45:a6:c0:3d:d8:
- af:53:fa:37:2f:e5:84:8e:ea:30:80:82:60:96:8e:5d:8f:1f:
- f2:4f:d1:f7:c0:d1:a0:19:d7:93:95:82
+ Signature Algorithm: sha256WithRSAEncryption
+ 4c:cf:19:8e:b2:4a:87:3c:de:5b:f3:31:9d:c3:58:4d:9a:d6:
+ 59:ad:49:ec:aa:ec:2a:3c:04:c2:1b:fd:31:76:8f:af:2a:bc:
+ 9e:d4:96:5d:31:b5:86:16:df:af:2f:ea:12:e9:2a:23:f5:37:
+ bb:9b:c0:c5:b6:bc:77:28:2c:f6:8d:31:8a:8e:a2:f8:dc:b8:
+ 65:14:ba:1a:8c:32:4f:ec:84:08:3c:87:c2:97:08:93:f8:b9:
+ a4:30:a4:78:54:05:a0:f0:29:7b:61:bb:22:4a:98:21:bb:a3:
+ c1:38:be:14:bf:58:ab:09:07:8c:d8:c1:66:17:98:91:f3:64:
+ ca:05:41:f8:04:5d:91:8a:8f:29:2b:d1:85:20:c5:7c:3e:32:
+ 3e:40:8b:c5:1a:20:1f:c4:95:4b:3a:35:a1:37:e3:c8:15:f1:
+ 04:4f:9e:cb:1d:1f:bf:4a:c5:8b:f9:81:a7:42:e5:95:04:e5:
+ b2:04:f0:3e:1e:d5:24:1d:37:e1:cd:c4:b9:69:77:0d:d6:28:
+ b2:f9:7b:be:93:a0:b5:2b:c3:3d:27:9e:4d:a0:73:64:d1:16:
+ 9a:07:cc:ff:55:e8:06:ff:a7:d3:fe:a7:33:ff:1c:9d:b4:c8:
+ f8:37:fa:e3:24:1d:57:e9:ea:df:92:61:7b:ec:f3:6b:3d:0f:
+ 7e:75:72:59
-----BEGIN CERTIFICATE-----
-MIICDjCCAZWgAwIBAgIQYt4DESLGSwCsM9XliiUP/zAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDI3WhcNMjIwNzE0
-MTMxNDI3WjATMREwDwYDVQQDDAhmc2NobmVsbDB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABMFmcTe79bYssKDWjIUsMSjRXtYjca63b3kSUHq1bO7roKmbGtXzXXL9zfEN
-Iz9uRHsfyYoe+1Gt4r/IEg3QehHe7sJuBq9nx1ETjM91n6mAQvKcWnivKVffsMHW
-1jtCYKOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBS5MhSGm9aWy6HZKSjE95Ml
-XyqhHDBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDZwAwZAIw
-Yao+LMeBPFYah/7IQmqxYd0caiGsgZDvBEwv/J+3deGyKmD4Z/CatH8YzYFov64b
-AjAzDuaGXS68ZE5M/Y0FRabAPdivU/o3L+WEjuowgIJglo5djx/yT9H3wNGgGdeT
-lYI=
+MIIDVjCCAj6gAwIBAgIQYIdRHEGrZE1uhzVLN9pavjANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU0MjFaFw0zMjAxMjUx
+NjU0MjFaMBMxETAPBgNVBAMMCGZzY2huZWxsMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAukgefy+T7rOIzwoKgg1Ive3YP10T0SDANLmPUzlS0n6RT+VM
+B3NUJaZqx4O4/JMdtgNyWUFKYbloDU7im7R0bId8o2EwIj+bUyMx4bY37w0y325A
+FOHYGg6Tj2xVDd3JmqJcHkbBGc7k7os+k7/OYDAp2izn16kGTYRgzTooGA3SEW4B
+6RoMa9EJtOZflX3Do9P7RBVQt75uidN1z1fjE/aZPuorOAVb1A3GZUKTY8bnRFos
+ARmIUsdvEvon3162QOkVNeQnD+PHHTdPXwt4yzOi5gY1s7HUSk9VSJWx4FyPNYfZ
+MgcbaLDriwNnnA4UDGPKIseGmjVfr4R1+jvnQwIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFEzZ8Qg7Yj/U4yILJ72cfBVEuNYRMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBMzxmOskqHPN5b8zGdw1hNmtZZrUns
+quwqPATCG/0xdo+vKrye1JZdMbWGFt+vL+oS6Soj9Te7m8DFtrx3KCz2jTGKjqL4
+3LhlFLoajDJP7IQIPIfClwiT+LmkMKR4VAWg8Cl7YbsiSpghu6PBOL4Uv1irCQeM
+2MFmF5iR82TKBUH4BF2Rio8pK9GFIMV8PjI+QIvFGiAfxJVLOjWhN+PIFfEET57L
+HR+/SsWL+YGnQuWVBOWyBPA+HtUkHTfhzcS5aXcN1iiy+Xu+k6C1K8M9J55NoHNk
+0RaaB8z/VegG/6fT/qcz/xydtMj4N/rjJB1X6erfkmF77PNrPQ9+dXJZ
-----END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 46:9e:0b:aa:82:d0:07:b1:9d:fc:c4:87:c5:6c:9e:80
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:14:38 2019 GMT
- Not After : Jul 14 13:14:38 2022 GMT
- Subject: CN=ifabian
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ba:65:94:67:08:34:86:c7:0f:94:00:5f:e2:38:
- 5b:9e:29:5f:76:7a:87:43:5b:37:a4:44:ab:39:72:
- be:37:0e:3f:c5:ba:55:8b:6c:bd:22:ed:74:54:88:
- a2:1c:ec:f8:24:37:3f:b3:b2:e3:56:0e:e5:81:cb:
- ef:48:1d:e5:ea:1f:67:51:5f:20:8b:2f:aa:fe:fe:
- 8e:d4:be:91:28:94:b6:cc:04:74:90:72:90:10:a0:
- 7c:42:a2:e3:4c:7f:49
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 0B:41:AE:87:A5:73:BB:DC:4E:16:2E:F3:A0:20:FA:D5:38:52:40:AA
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:1f:f9:44:c2:c2:63:91:08:c2:c8:ca:22:28:7d:
- 9b:84:3d:d1:f7:89:43:26:b0:a6:e7:2c:e5:63:e9:bd:86:81:
- e5:ad:1a:c2:bb:30:31:05:eb:e9:d3:71:d1:6e:c0:df:02:31:
- 00:d3:38:d5:bb:9f:d2:a2:92:6e:0e:2a:b4:d9:d6:a9:c9:eb:
- 5c:c9:ef:33:1c:66:d4:3c:a0:86:07:39:38:14:0c:61:8b:67:
- 75:20:06:d8:79:0c:65:a2:2d:87:fc:00:04
------BEGIN CERTIFICATE-----
-MIICDjCCAZSgAwIBAgIQRp4LqoLQB7Gd/MSHxWyegDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDM4WhcNMjIwNzE0
-MTMxNDM4WjASMRAwDgYDVQQDDAdpZmFiaWFuMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEumWUZwg0hscPlABf4jhbnilfdnqHQ1s3pESrOXK+Nw4/xbpVi2y9Iu10VIii
-HOz4JDc/s7LjVg7lgcvvSB3l6h9nUV8giy+q/v6O1L6RKJS2zAR0kHKQEKB8QqLj
-TH9Jo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFAtBroelc7vcThYu86Ag+tU4
-UkCqMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNoADBlAjAf
-+UTCwmORCMLIyiIofZuEPdH3iUMmsKbnLOVj6b2GgeWtGsK7MDEF6+nTcdFuwN8C
-MQDTONW7n9Kikm4OKrTZ1qnJ61zJ7zMcZtQ8oIYHOTgUDGGLZ3UgBth5DGWiLYf8
-AAQ=
------END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- 68:02:68:8c:e3:bb:71:c1:e8:67:ca:49:0a:9d:0b:4c
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 23:70:61:7d:39:85:fe:76:8d:ca:0f:04:d3:68:3d:1f
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:14:53 2019 GMT
- Not After : Jul 14 13:14:53 2022 GMT
+ Not Before: Jan 27 16:54:35 2022 GMT
+ Not After : Jan 25 16:54:35 2032 GMT
Subject: CN=khorvath
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:10:d0:a2:68:66:ea:40:36:f3:9d:13:e2:bc:e7:
- 87:92:d4:ca:f2:e6:13:a9:0b:d0:92:b7:a0:24:f0:
- e4:ce:69:08:e4:e2:c0:66:e0:2a:2a:79:06:e3:d4:
- 33:e8:6b:94:a7:fb:71:9a:e7:9a:a1:f9:1a:3b:28:
- 3f:3b:0c:99:5f:2e:cf:17:98:60:10:16:22:c3:1f:
- 7e:61:62:97:85:36:0a:0a:e9:26:0e:76:c3:88:b8:
- 8e:e4:80:78:52:b5:9c
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:eb:04:0d:b5:38:69:3a:69:07:21:1c:59:4c:07:
+ 6c:1d:30:89:93:3d:90:d3:ef:04:cb:ec:41:94:9e:
+ 35:91:28:17:e4:1f:cb:2b:0a:06:b9:6a:91:e6:cb:
+ 89:60:e6:3c:0a:f8:ff:ae:6c:48:e3:d7:a9:52:95:
+ 5f:e5:c8:80:5c:82:b5:91:3b:5e:e0:23:82:8d:52:
+ 53:0a:ea:e8:b2:92:b3:4b:bb:1d:2f:5a:e4:29:a9:
+ 69:2c:b9:e1:9e:13:1c:3c:0d:d9:fe:fd:e9:a7:1f:
+ f4:c2:ab:3b:eb:52:95:41:2a:5a:d4:9e:e9:8e:40:
+ 97:60:fb:e8:12:9e:d6:e4:72:2b:43:57:de:85:6b:
+ db:94:27:45:eb:43:bb:3d:6e:17:c6:dc:19:d2:dc:
+ cd:c8:67:fc:d0:d3:8f:81:4c:1a:ad:df:e6:2b:43:
+ 07:95:18:ad:e0:21:c6:5a:fd:ce:17:af:63:58:97:
+ b7:86:db:42:95:7f:38:46:08:7e:26:81:24:e2:7e:
+ dd:53:51:ab:29:43:19:ad:5f:8b:b2:b8:cf:19:06:
+ 0e:15:67:a4:50:79:00:f4:f8:2a:b8:e7:fd:b4:59:
+ 9a:ef:10:fb:10:bf:57:3e:26:ec:1e:97:6d:ad:87:
+ b9:60:94:69:24:96:69:36:9a:21:00:42:98:06:24:
+ d5:f9
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 42:88:C3:F8:81:2A:78:1F:C8:3F:D2:7D:BA:E9:44:09:4A:36:3A:B1
+ 96:F4:90:70:43:B0:6E:93:48:D7:95:1F:9B:BC:0E:8A:8D:33:36:99
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:27:4e:d4:b0:5a:4b:af:6a:d6:a0:b7:ae:b4:57:
- d1:dc:4e:77:9c:bf:06:c0:bd:3d:06:c3:90:7e:e4:7a:24:1e:
- e9:a4:76:51:4b:2f:3d:8a:1c:6e:93:0d:de:b1:3c:63:02:31:
- 00:fb:48:45:89:a8:e7:74:16:4a:1d:5e:a1:ad:b2:d3:34:9f:
- 95:04:ed:92:1f:a8:ad:05:6f:81:ee:d0:8c:fc:9d:6c:e3:5d:
- 5a:1b:e8:27:86:20:a0:e4:78:a2:4f:63:b3
+ Signature Algorithm: sha256WithRSAEncryption
+ 01:8a:5e:af:fe:5a:9d:65:ba:a5:3a:51:d0:1e:7d:fe:9e:b7:
+ 7e:bc:da:33:0b:e2:f8:13:6f:73:40:5f:c2:b7:5d:2f:54:5e:
+ 0d:db:1d:28:b0:e9:fa:a2:ff:23:3c:4e:63:90:d6:5e:6c:81:
+ 9a:69:3d:06:05:5f:c3:a5:67:4a:29:e9:40:36:eb:53:89:a7:
+ 13:a5:69:ba:8d:61:ac:d9:5f:89:35:59:dc:c0:98:73:f1:f8:
+ 1e:14:80:d9:09:9c:bd:db:69:54:ea:15:68:97:bd:08:27:d7:
+ af:c9:8a:b5:41:4a:6c:dc:4f:4c:dd:5b:c7:cf:86:01:07:a2:
+ ad:33:7d:aa:47:ae:a8:b0:d2:24:89:9c:a0:48:8d:74:51:79:
+ 89:f8:8d:ee:33:4f:d6:45:b8:b5:a6:48:eb:ad:3a:86:68:53:
+ 4d:ba:55:fa:d4:2f:7b:59:3d:a6:16:d9:8a:81:90:72:e8:14:
+ e8:06:7f:de:0e:f8:be:cf:ce:91:22:8e:cd:5a:94:8f:1c:d0:
+ 4b:f6:b5:41:2d:1d:c4:0a:1e:36:17:dd:78:17:23:85:c7:cb:
+ ae:1b:ae:65:90:22:b0:c0:94:df:cc:83:38:61:cb:fa:a7:e6:
+ a4:a7:9b:10:5d:fc:30:6f:d2:dc:02:15:07:a0:42:9f:1b:a9:
+ f9:c7:22:34
-----BEGIN CERTIFICATE-----
-MIICDzCCAZWgAwIBAgIQaAJojOO7ccHoZ8pJCp0LTDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNDUzWhcNMjIwNzE0
-MTMxNDUzWjATMREwDwYDVQQDDAhraG9ydmF0aDB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABBDQomhm6kA2850T4rznh5LUyvLmE6kL0JK3oCTw5M5pCOTiwGbgKip5BuPU
-M+hrlKf7cZrnmqH5GjsoPzsMmV8uzxeYYBAWIsMffmFil4U2CgrpJg52w4i4juSA
-eFK1nKOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBRCiMP4gSp4H8g/0n266UQJ
-SjY6sTBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIw
-J07UsFpLr2rWoLeutFfR3E53nL8GwL09BsOQfuR6JB7ppHZRSy89ihxukw3esTxj
-AjEA+0hFiajndBZKHV6hrbLTNJ+VBO2SH6itBW+B7tCM/J1s411aG+gnhiCg5Hii
-T2Oz
+MIIDVjCCAj6gAwIBAgIQI3BhfTmF/naNyg8E02g9HzANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU0MzVaFw0zMjAxMjUx
+NjU0MzVaMBMxETAPBgNVBAMMCGtob3J2YXRoMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA6wQNtThpOmkHIRxZTAdsHTCJkz2Q0+8Ey+xBlJ41kSgX5B/L
+KwoGuWqR5suJYOY8Cvj/rmxI49epUpVf5ciAXIK1kTte4COCjVJTCurospKzS7sd
+L1rkKalpLLnhnhMcPA3Z/v3ppx/0wqs761KVQSpa1J7pjkCXYPvoEp7W5HIrQ1fe
+hWvblCdF60O7PW4XxtwZ0tzNyGf80NOPgUward/mK0MHlRit4CHGWv3OF69jWJe3
+httClX84Rgh+JoEk4n7dU1GrKUMZrV+LsrjPGQYOFWekUHkA9PgquOf9tFma7xD7
+EL9XPibsHpdtrYe5YJRpJJZpNpohAEKYBiTV+QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFJb0kHBDsG6TSNeVH5u8DoqNMzaZMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQABil6v/lqdZbqlOlHQHn3+nrd+vNoz
+C+L4E29zQF/Ct10vVF4N2x0osOn6ov8jPE5jkNZebIGaaT0GBV/DpWdKKelANutT
+iacTpWm6jWGs2V+JNVncwJhz8fgeFIDZCZy922lU6hVol70IJ9evyYq1QUps3E9M
+3VvHz4YBB6KtM32qR66osNIkiZygSI10UXmJ+I3uM0/WRbi1pkjrrTqGaFNNulX6
+1C97WT2mFtmKgZBy6BToBn/eDvi+z86RIo7NWpSPHNBL9rVBLR3ECh42F914FyOF
+x8uuG65lkCKwwJTfzIM4Ycv6p+akp5sQXfwwb9LcAhUHoEKfG6n5xyI0
-----END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- 58:5a:a9:7d:7c:ca:b5:2c:49:57:bb:bf:91:37:42:61
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 16:d6:7e:bd:b7:16:bd:51:0c:34:0d:08:fa:8c:cb:b1
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Mar 26 10:41:27 2020 GMT
- Not After : Mar 11 10:41:27 2023 GMT
+ Not Before: Jan 27 16:54:48 2022 GMT
+ Not After : Jan 25 16:54:48 2032 GMT
Subject: CN=kkancz
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:16:c3:cc:4c:19:91:e6:b3:53:89:7d:7a:1e:ae:
- 57:89:52:19:d7:e5:c7:d0:68:74:a6:0d:92:e9:09:
- e7:81:5e:11:02:ea:87:89:20:e7:57:b1:ca:44:b6:
- cf:5f:01:58:73:94:89:3a:0a:67:fa:9f:c8:c9:16:
- 8d:e7:72:75:94:8d:52:de:f1:0f:47:a3:15:83:c3:
- cd:67:c8:14:af:b2:f5:63:08:0c:25:d5:d5:0a:ba:
- fb:9b:0f:df:e0:45:b4
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b9:6a:63:78:e0:1b:e8:2f:dc:70:f4:49:6f:6c:
+ 7b:62:05:76:60:4e:01:4f:91:07:2d:b2:8e:7f:e1:
+ 61:4e:c3:24:1d:da:6c:ae:b9:d5:de:00:d5:f7:cf:
+ 36:8f:a1:cb:9c:15:4c:57:e8:76:36:83:8b:7b:d4:
+ de:04:c9:06:40:32:c3:31:01:f1:f5:bc:9c:97:42:
+ 4d:82:47:71:cc:b8:0c:2c:91:bb:c8:6b:2b:62:09:
+ f3:5a:c5:5f:40:e8:46:7c:9f:d8:dd:20:a3:bc:34:
+ f9:67:28:ae:ed:fc:cd:3e:f0:68:ce:1b:02:d4:da:
+ d2:0b:74:b6:32:11:39:6e:53:80:a7:e1:b9:06:96:
+ ae:ef:8e:dd:0e:26:05:7a:2c:46:7d:f6:ba:af:6f:
+ 3e:44:8b:fa:ff:40:fd:3e:32:64:a5:f7:27:60:f7:
+ 85:28:33:e2:a3:2f:5a:37:cd:15:02:ff:28:b5:95:
+ a4:3d:ee:01:9f:86:76:2d:01:3d:b4:e7:e2:1f:fb:
+ be:1f:6a:2f:e8:50:68:2a:2d:86:3a:ef:38:f1:46:
+ df:e7:5c:53:b0:63:13:80:b4:4d:b8:60:7a:ee:71:
+ 67:bc:c8:21:83:64:6f:45:07:19:87:f3:49:c2:63:
+ 04:59:3f:6d:80:21:0e:2f:4e:cc:b5:7c:38:47:c4:
+ 7b:a5
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 61:CB:25:BC:82:6D:D5:01:DE:15:AF:18:59:C3:D7:34:16:B7:A6:94
+ 9E:32:BB:AC:26:6F:9A:04:73:A5:B9:42:DA:29:46:95:C8:DE:F3:05
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:ca:f1:79:0b:1b:e1:0f:15:b4:6e:3e:69:9b:
- 92:a8:bc:fe:2f:5c:96:c0:ad:d7:02:97:e0:ea:f7:08:77:43:
- 31:22:93:50:19:24:88:91:63:39:b1:1a:80:bf:9d:bf:f1:02:
- 30:38:5b:c1:af:a7:58:0d:de:b5:19:77:00:33:31:7d:41:c5:
- 3c:bb:b2:9e:cd:86:66:f6:1a:84:4d:80:b6:28:b5:2b:04:5f:
- 1c:a3:49:cd:89:2d:21:0a:5f:65:eb:d0:36
+ Signature Algorithm: sha256WithRSAEncryption
+ 6a:07:04:54:3c:a9:4c:05:72:9e:78:6b:a6:dd:a8:09:15:0b:
+ cb:54:ad:54:91:f9:8d:ee:61:37:a3:97:92:9e:97:25:4d:db:
+ 96:91:9f:39:45:92:e5:d7:06:45:57:89:ef:96:bf:47:c5:5a:
+ 84:c8:6d:78:7a:43:02:f5:0f:4b:7f:7b:04:49:53:4b:85:13:
+ 5a:cb:75:06:f3:ba:8b:0b:83:f2:1a:df:27:0b:17:b2:28:ca:
+ c6:38:14:8c:3d:42:02:db:f2:63:79:ce:00:be:90:b6:0a:5f:
+ 23:5a:06:37:c3:34:da:09:1f:66:c8:29:11:0c:b0:8e:ac:43:
+ b3:a9:8b:eb:71:38:9c:ed:cf:7c:00:55:47:a4:48:6b:a8:1c:
+ 13:4a:b7:bf:4a:48:72:10:32:a7:48:64:d7:82:60:64:cb:a0:
+ 20:6a:20:13:d9:0a:09:03:8b:be:76:f1:23:af:90:73:d9:de:
+ 65:23:0d:07:04:48:61:f1:9a:c8:37:41:ff:65:72:27:de:88:
+ 82:ca:8f:eb:92:2c:8e:b3:ab:dc:26:ff:d4:3d:d8:99:66:c5:
+ f8:c4:cc:54:ac:98:21:29:65:ac:77:4e:f6:12:de:f5:ba:cc:
+ 1b:ee:eb:08:bf:fe:33:77:19:a5:5c:43:6c:30:40:40:e2:6c:
+ bf:93:e0:af
-----BEGIN CERTIFICATE-----
-MIICDTCCAZOgAwIBAgIQWFqpfXzKtSxJV7u/kTdCYTAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMjAwMzI2MTA0MTI3WhcNMjMwMzEx
-MTA0MTI3WjARMQ8wDQYDVQQDDAZra2FuY3owdjAQBgcqhkjOPQIBBgUrgQQAIgNi
-AAQWw8xMGZHms1OJfXoerleJUhnX5cfQaHSmDZLpCeeBXhEC6oeJIOdXscpEts9f
-AVhzlIk6Cmf6n8jJFo3ncnWUjVLe8Q9HoxWDw81nyBSvsvVjCAwl1dUKuvubD9/g
-RbSjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUYcslvIJt1QHeFa8YWcPXNBa3
-ppQwVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNV
-BAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0l
-BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2gAMGUCMQDK
-8XkLG+EPFbRuPmmbkqi8/i9clsCt1wKX4Or3CHdDMSKTUBkkiJFjObEagL+dv/EC
-MDhbwa+nWA3etRl3ADMxfUHFPLuyns2GZvYahE2Atii1KwRfHKNJzYktIQpfZevQ
-Ng==
+MIIDVDCCAjygAwIBAgIQFtZ+vbcWvVEMNA0I+ozLsTANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU0NDhaFw0zMjAxMjUx
+NjU0NDhaMBExDzANBgNVBAMMBmtrYW5jejCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBALlqY3jgG+gv3HD0SW9se2IFdmBOAU+RBy2yjn/hYU7DJB3abK65
+1d4A1ffPNo+hy5wVTFfodjaDi3vU3gTJBkAywzEB8fW8nJdCTYJHccy4DCyRu8hr
+K2IJ81rFX0DoRnyf2N0go7w0+Wcoru38zT7waM4bAtTa0gt0tjIROW5TgKfhuQaW
+ru+O3Q4mBXosRn32uq9vPkSL+v9A/T4yZKX3J2D3hSgz4qMvWjfNFQL/KLWVpD3u
+AZ+Gdi0BPbTn4h/7vh9qL+hQaCothjrvOPFG3+dcU7BjE4C0Tbhgeu5xZ7zIIYNk
+b0UHGYfzScJjBFk/bYAhDi9OzLV8OEfEe6UCAwEAAaOBojCBnzAJBgNVHRMEAjAA
+MB0GA1UdDgQWBBSeMrusJm+aBHOluULaKUaVyN7zBTBRBgNVHSMESjBIgBRJQ1tS
++DF4tYR0eo0n0yIfqdTCpaEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GCFHXP
+MTul9juXSk26FNFYypPL8X+lMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQE
+AwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAagcEVDypTAVynnhrpt2oCRULy1StVJH5
+je5hN6OXkp6XJU3blpGfOUWS5dcGRVeJ75a/R8VahMhteHpDAvUPS397BElTS4UT
+Wst1BvO6iwuD8hrfJwsXsijKxjgUjD1CAtvyY3nOAL6QtgpfI1oGN8M02gkfZsgp
+EQywjqxDs6mL63E4nO3PfABVR6RIa6gcE0q3v0pIchAyp0hk14JgZMugIGogE9kK
+CQOLvnbxI6+Qc9neZSMNBwRIYfGayDdB/2VyJ96IgsqP65IsjrOr3Cb/1D3YmWbF
++MTMVKyYISllrHdO9hLe9brMG+7rCL/+M3cZpVxDbDBAQOJsv5Pgrw==
-----END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 39:4b:dd:54:1c:10:82:ea:c5:cd:4d:9d:fe:b6:d4:d3
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:15:02 2019 GMT
- Not After : Jul 14 13:15:02 2022 GMT
- Subject: CN=kkele
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:0a:e8:ed:f9:1a:f5:b6:17:d7:5f:ff:9e:9c:1e:
- 1d:11:cf:12:7f:01:11:ca:a2:b1:e0:b5:bc:30:6b:
- 5c:ff:5e:d2:06:2b:55:a9:0f:55:3a:ae:ee:a6:5e:
- 74:0d:f6:43:b6:a4:1d:17:2b:0f:87:7b:c2:39:47:
- 1d:e7:fb:e4:64:d1:00:60:bb:1c:eb:e0:40:82:8d:
- 77:09:85:d1:1c:37:c8:3e:d5:64:51:0f:1d:71:71:
- 04:3a:21:6c:a2:57:36
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- B0:47:56:D8:59:56:0D:E2:68:86:01:E8:12:30:4C:EF:D9:7D:EE:F7
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:df:6c:06:c1:07:aa:bb:76:58:d8:ea:dc:60:
- ce:e0:5c:a9:32:c0:20:c9:8b:da:3b:7e:98:74:94:96:83:0e:
- 9f:71:8f:4e:af:72:d0:49:29:06:d0:c8:e9:12:88:67:67:02:
- 30:77:f4:e3:b5:89:dd:e6:6e:83:65:64:77:09:8e:52:2d:47:
- 04:80:27:14:25:51:08:97:01:86:e9:23:0d:04:fa:44:89:35:
- c4:4e:18:84:09:86:cf:5a:7b:6c:0e:09:fd
------BEGIN CERTIFICATE-----
-MIICDDCCAZKgAwIBAgIQOUvdVBwQgurFzU2d/rbU0zAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNTAyWhcNMjIwNzE0
-MTMxNTAyWjAQMQ4wDAYDVQQDDAVra2VsZTB2MBAGByqGSM49AgEGBSuBBAAiA2IA
-BAro7fka9bYX11//npweHRHPEn8BEcqiseC1vDBrXP9e0gYrVakPVTqu7qZedA32
-Q7akHRcrD4d7wjlHHef75GTRAGC7HOvgQIKNdwmF0Rw3yD7VZFEPHXFxBDohbKJX
-NqOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBSwR1bYWVYN4miGAegSMEzv2X3u
-9zBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYGA1UE
-AwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNVHSUE
-DDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIxAN9s
-BsEHqrt2WNjq3GDO4FypMsAgyYvaO36YdJSWgw6fcY9Or3LQSSkG0MjpEohnZwIw
-d/TjtYnd5m6DZWR3CY5SLUcEgCcUJVEIlwGG6SMNBPpEiTXEThiECYbPWntsDgn9
------END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 7f:02:84:bd:04:07:a8:de:a7:7a:76:16:b2:25:d0:8e
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:54:58 2022 GMT
+ Not After : Jan 25 16:54:58 2032 GMT
+ Subject: CN=kvajda
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:d1:7a:06:e5:cf:eb:9b:3f:97:77:e5:31:89:cf:
+ 0a:4d:63:b4:7d:df:31:04:83:62:eb:5c:b9:75:35:
+ d2:b1:9b:60:63:36:3a:70:3e:e1:5f:f4:22:0b:7c:
+ 32:ed:c7:bb:64:44:4a:5a:9b:a6:3a:5b:b5:a5:f8:
+ a0:c3:bb:c4:a4:10:5a:99:b1:0c:d1:05:ae:08:25:
+ 15:dd:af:b6:2e:cf:96:eb:35:25:d7:73:e3:a8:d4:
+ eb:fc:a9:5e:37:71:35:aa:1a:58:4d:57:df:a7:8c:
+ 27:0b:76:28:98:0b:17:98:74:25:3c:54:21:52:5e:
+ 38:ce:e2:7f:fd:50:17:43:3c:fc:4c:b9:6b:28:53:
+ 59:89:e2:b9:f8:ec:b6:1e:14:b4:f6:8a:51:3e:d2:
+ 1b:04:77:8f:a3:7d:57:f2:14:0b:7c:e5:70:ca:1a:
+ 57:7c:e1:b2:1a:5e:ad:fc:af:c9:dd:d4:81:4c:19:
+ 2c:bd:b6:c3:5b:fa:3d:f9:2d:ad:06:be:49:84:01:
+ f6:44:ca:a3:bb:2a:23:4c:b2:ea:d8:67:36:22:ca:
+ c6:c6:19:df:b1:fa:31:1b:c4:40:dc:4e:c7:0a:66:
+ 22:5c:25:36:2d:5b:22:23:f6:5d:bd:c9:b3:95:ef:
+ c0:82:a2:d9:d8:eb:d2:05:4d:e5:31:1f:8a:0c:05:
+ 0d:bd
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 5C:FF:92:2D:39:79:AC:9A:F5:F2:B6:9D:63:81:87:78:07:94:0F:04
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ a8:5b:2c:2d:3a:6a:d1:9d:1a:44:b3:ef:14:fd:63:2b:fd:72:
+ 79:4e:3a:30:ff:1b:91:82:fc:7f:c8:bf:45:05:74:ed:e9:94:
+ d4:73:4d:66:f7:82:b7:7e:b2:e3:41:fc:f8:b6:2c:c2:a0:64:
+ af:e3:05:65:80:51:5e:6a:cb:c6:2d:33:84:d0:bc:ba:40:c5:
+ c7:0e:2d:05:16:b5:81:7a:de:6a:d6:13:aa:b2:58:5d:18:72:
+ 1a:98:9f:be:2b:00:67:70:7a:82:1c:9b:6f:38:5a:7a:60:ee:
+ d5:1a:fd:8f:8f:d2:55:87:bc:b9:bc:e0:c0:bf:d6:ec:09:70:
+ a2:2a:50:6e:de:41:75:99:bd:c9:5e:8c:5e:52:09:3b:3d:1c:
+ e0:c7:05:ec:65:64:7f:e4:57:98:0d:2e:c7:79:5f:6f:9b:f4:
+ b0:bb:cc:58:f0:dd:c4:c0:04:a6:a3:8f:ae:1d:74:c3:04:73:
+ 56:5e:e4:4b:2b:ef:87:d9:c6:84:1d:bd:a7:17:63:8d:8a:31:
+ 99:6e:d7:e9:15:56:b1:00:b7:5f:49:c9:44:71:f2:6d:14:b5:
+ 06:b9:7a:7f:e5:8d:fb:8e:a3:f1:f4:52:c7:72:3b:6c:f4:50:
+ d1:c8:c5:26:4a:40:6b:16:08:7e:ab:c9:8c:54:3c:94:57:5e:
+ 3e:52:84:f7
+-----BEGIN CERTIFICATE-----
+MIIDVDCCAjygAwIBAgIQfwKEvQQHqN6nenYWsiXQjjANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU0NThaFw0zMjAxMjUx
+NjU0NThaMBExDzANBgNVBAMMBmt2YWpkYTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANF6BuXP65s/l3flMYnPCk1jtH3fMQSDYutcuXU10rGbYGM2OnA+
+4V/0Igt8Mu3Hu2RESlqbpjpbtaX4oMO7xKQQWpmxDNEFrgglFd2vti7Plus1Jddz
+46jU6/ypXjdxNaoaWE1X36eMJwt2KJgLF5h0JTxUIVJeOM7if/1QF0M8/Ey5ayhT
+WYniufjsth4UtPaKUT7SGwR3j6N9V/IUC3zlcMoaV3zhshperfyvyd3UgUwZLL22
+w1v6PfktrQa+SYQB9kTKo7sqI0yy6thnNiLKxsYZ37H6MRvEQNxOxwpmIlwlNi1b
+IiP2Xb3Js5XvwIKi2djr0gVN5TEfigwFDb0CAwEAAaOBojCBnzAJBgNVHRMEAjAA
+MB0GA1UdDgQWBBRc/5ItOXmsmvXytp1jgYd4B5QPBDBRBgNVHSMESjBIgBRJQ1tS
++DF4tYR0eo0n0yIfqdTCpaEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GCFHXP
+MTul9juXSk26FNFYypPL8X+lMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQE
+AwIHgDANBgkqhkiG9w0BAQsFAAOCAQEAqFssLTpq0Z0aRLPvFP1jK/1yeU46MP8b
+kYL8f8i/RQV07emU1HNNZveCt36y40H8+LYswqBkr+MFZYBRXmrLxi0zhNC8ukDF
+xw4tBRa1gXreatYTqrJYXRhyGpifvisAZ3B6ghybbzhaemDu1Rr9j4/SVYe8ubzg
+wL/W7AlwoipQbt5BdZm9yV6MXlIJOz0c4McF7GVkf+RXmA0ux3lfb5v0sLvMWPDd
+xMAEpqOPrh10wwRzVl7kSyvvh9nGhB29pxdjjYoxmW7X6RVWsQC3X0nJRHHybRS1
+Brl6f+WN+46j8fRSx3I7bPRQ0cjFJkpAaxYIfqvJjFQ8lFdePlKE9w==
+-----END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- 23:7b:c7:68:f3:7b:5c:8e:17:63:b5:67:3e:d3:10:1c
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ c3:0f:84:cf:71:19:04:e9:f7:bc:b1:ad:5d:99:6b:80
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:15:16 2019 GMT
- Not After : Jul 14 13:15:16 2022 GMT
+ Not Before: Jan 27 16:55:11 2022 GMT
+ Not After : Jan 25 16:55:11 2032 GMT
Subject: CN=mszabo
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:d4:de:f0:4a:f4:a0:8a:bd:52:97:87:c0:f5:28:
- 87:7d:7b:4c:f3:3d:13:be:6b:f6:61:23:f8:91:fd:
- 2a:59:db:38:2e:ec:d6:5d:21:c2:b9:e0:8c:38:36:
- c9:bb:2c:f9:87:f3:c5:53:28:d1:94:03:d3:24:c0:
- fa:95:b3:19:4a:42:95:94:22:11:4f:82:ea:bf:16:
- 42:42:90:f1:9e:e9:68:48:2e:b9:db:71:be:48:4a:
- eb:06:61:63:73:77:18
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b7:e3:57:e4:6d:41:2f:71:88:38:35:5c:fb:54:
+ 6d:75:dc:d4:fc:38:95:81:ed:98:13:6a:1b:aa:db:
+ 41:fb:2d:8b:ff:1d:49:9c:08:9e:b5:4a:a0:7c:48:
+ 96:87:1d:8d:ea:df:85:ad:5a:23:a0:7c:9a:ec:97:
+ 9c:73:20:06:2b:02:06:67:2b:86:fb:94:7f:e8:ff:
+ 3e:e2:3c:f4:3d:13:40:f2:6d:3c:15:5d:72:a2:7d:
+ b0:c2:0a:17:a2:a3:83:66:52:e9:0a:04:b2:f1:b7:
+ 1d:86:93:f9:11:82:bd:26:5a:b5:39:9d:61:d2:34:
+ 78:25:24:c6:fd:e7:c8:3b:c8:bb:8d:98:fa:cf:5f:
+ b8:e4:a8:93:2d:68:70:51:b9:2c:d0:7c:31:94:4a:
+ 00:b9:2d:d4:29:2a:b2:18:54:27:77:2f:e0:3c:a7:
+ f4:0a:16:c7:9c:a9:a0:b1:ba:54:43:a2:52:14:58:
+ 71:74:63:f6:9b:e6:5e:89:09:8c:a5:1c:ae:41:82:
+ 01:8d:2c:94:ad:a1:c0:47:c7:1a:8b:79:06:c6:3e:
+ 66:9b:d9:37:64:70:7b:d6:c3:f1:02:81:9f:4c:42:
+ 5d:da:c0:95:ca:96:e4:7f:41:75:72:f3:35:eb:e2:
+ a1:97:78:3d:07:6d:90:27:d0:41:b1:74:1a:ee:1d:
+ 0c:7f
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 8B:C8:96:C9:E3:FD:F0:F2:13:BD:F3:32:17:FD:4F:40:19:3D:2A:5F
+ 54:03:3E:8D:18:23:6D:03:63:E7:22:D6:12:21:9B:0A:0B:24:47:19
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:84:81:10:d7:e4:4f:e6:1d:de:3f:6c:9d:f9:
- 45:2f:6c:74:c1:ce:65:da:b9:0f:56:2d:3c:08:2d:a9:62:d2:
- ec:45:46:50:7d:da:d1:0d:73:8c:e9:57:57:3e:2d:49:14:02:
- 31:00:9e:6a:e2:fa:4f:6d:04:6f:3f:6b:35:9e:1b:6a:94:b8:
- 3b:f3:79:db:9b:cd:2c:84:48:e9:7a:a9:13:d2:08:b0:d0:f2:
- c6:22:7e:87:3b:f4:6d:d0:b7:db:c4:b5:ad:5d
+ Signature Algorithm: sha256WithRSAEncryption
+ 6b:11:da:f5:70:9e:8f:07:ec:18:40:e5:2e:65:9c:10:36:55:
+ 83:13:8e:3e:5e:82:8a:3d:db:6b:ac:fc:6f:ea:8d:9d:97:27:
+ 47:a6:b1:d4:b7:4d:f5:b6:36:dc:62:7d:66:be:f1:ab:24:29:
+ f2:b2:89:83:49:e4:de:40:00:74:ca:e8:7e:92:2a:3c:65:e0:
+ 6d:ac:5a:5c:76:31:27:2d:57:82:8e:e4:cb:ee:8b:a1:db:a2:
+ f8:e1:12:25:93:d1:79:1f:82:93:2b:d8:83:37:07:6b:b5:bc:
+ 48:4f:bf:36:23:ea:04:23:0f:81:87:3a:d7:e5:51:75:ce:7e:
+ e4:fd:76:ee:ff:df:31:4b:2f:28:9e:9e:28:c1:2a:01:ab:66:
+ a3:b8:95:17:70:1f:2f:7b:06:da:ca:73:81:e3:a5:5b:1a:74:
+ 4c:8d:93:df:3e:56:ef:f7:16:0c:8b:78:5c:69:35:af:9a:64:
+ df:bc:12:ac:c8:77:48:94:4f:b8:28:5f:86:dd:ff:4c:b8:8e:
+ 0c:64:5b:9b:ce:24:5e:02:53:6a:78:f3:41:a2:86:7b:07:43:
+ 64:92:2c:fa:77:18:f0:31:58:05:e4:76:2a:60:cf:71:6b:2b:
+ c9:71:d4:e2:48:00:0b:d9:59:1a:3c:dd:bf:55:54:ea:79:fd:
+ 44:37:79:b8
-----BEGIN CERTIFICATE-----
-MIICDjCCAZOgAwIBAgIQI3vHaPN7XI4XY7VnPtMQHDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNTE2WhcNMjIwNzE0
-MTMxNTE2WjARMQ8wDQYDVQQDDAZtc3phYm8wdjAQBgcqhkjOPQIBBgUrgQQAIgNi
-AATU3vBK9KCKvVKXh8D1KId9e0zzPRO+a/ZhI/iR/SpZ2zgu7NZdIcK54Iw4Nsm7
-LPmH88VTKNGUA9MkwPqVsxlKQpWUIhFPguq/FkJCkPGe6WhILrnbcb5ISusGYWNz
-dxijgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUi8iWyeP98PITvfMyF/1PQBk9
-Kl8wVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBoxGDAWBgNV
-BAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5SgaewwEwYDVR0l
-BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2kAMGYCMQCE
-gRDX5E/mHd4/bJ35RS9sdMHOZdq5D1YtPAgtqWLS7EVGUH3a0Q1zjOlXVz4tSRQC
-MQCeauL6T20Ebz9rNZ4bapS4O/N525vNLIRI6XqpE9IIsNDyxiJ+hzv0bdC328S1
-rV0=
+MIIDVTCCAj2gAwIBAgIRAMMPhM9xGQTp97yxrV2Za4AwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1NTExWhcNMzIwMTI1
+MTY1NTExWjARMQ8wDQYDVQQDDAZtc3phYm8wggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQC341fkbUEvcYg4NVz7VG113NT8OJWB7ZgTahuq20H7LYv/HUmc
+CJ61SqB8SJaHHY3q34WtWiOgfJrsl5xzIAYrAgZnK4b7lH/o/z7iPPQ9E0DybTwV
+XXKifbDCCheio4NmUukKBLLxtx2Gk/kRgr0mWrU5nWHSNHglJMb958g7yLuNmPrP
+X7jkqJMtaHBRuSzQfDGUSgC5LdQpKrIYVCd3L+A8p/QKFsecqaCxulRDolIUWHF0
+Y/ab5l6JCYylHK5BggGNLJStocBHxxqLeQbGPmab2TdkcHvWw/ECgZ9MQl3awJXK
+luR/QXVy8zXr4qGXeD0HbZAn0EGxdBruHQx/AgMBAAGjgaIwgZ8wCQYDVR0TBAIw
+ADAdBgNVHQ4EFgQUVAM+jRgjbQNj5yLWEiGbCgskRxkwUQYDVR0jBEowSIAUSUNb
+UvgxeLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1
+zzE7pfY7l0pNuhTRWMqTy/F/pTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8E
+BAMCB4AwDQYJKoZIhvcNAQELBQADggEBAGsR2vVwno8H7BhA5S5lnBA2VYMTjj5e
+goo922us/G/qjZ2XJ0emsdS3TfW2NtxifWa+8askKfKyiYNJ5N5AAHTK6H6SKjxl
+4G2sWlx2MSctV4KO5Mvui6HbovjhEiWT0XkfgpMr2IM3B2u1vEhPvzYj6gQjD4GH
+OtflUXXOfuT9du7/3zFLLyienijBKgGrZqO4lRdwHy97BtrKc4HjpVsadEyNk98+
+Vu/3FgyLeFxpNa+aZN+8EqzId0iUT7goX4bd/0y4jgxkW5vOJF4CU2p480GihnsH
+Q2SSLPp3GPAxWAXkdipgz3FrK8lx1OJIAAvZWRo83b9VVOp5/UQ3ebg=
-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 07:42:93:a8:25:71:a4:ae:b0:96:4d:14:d1:e2:ff:22
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
+ Validity
+ Not Before: Jan 27 16:55:26 2022 GMT
+ Not After : Jan 25 16:55:26 2032 GMT
+ Subject: CN=osweidan
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:c4:fd:94:e9:62:a5:7d:74:92:9a:22:d6:7b:35:
+ ff:95:26:e8:d3:bf:1e:ee:96:be:ba:de:2c:31:5a:
+ 02:27:6d:ac:42:b4:3a:e0:22:89:63:e3:a3:b5:68:
+ 8b:6f:f8:0e:a9:1f:a9:e5:62:d1:b4:39:6c:73:61:
+ 89:a1:0e:db:8e:62:21:06:0b:d5:4f:64:10:39:4c:
+ 91:f5:05:ca:65:09:82:e7:c6:52:61:7f:ed:de:95:
+ bc:8f:23:a3:01:77:c3:2a:1c:75:ff:b9:55:66:a2:
+ ae:ff:27:0d:4a:70:8c:b6:4d:f8:bc:65:fd:ff:a8:
+ 60:e1:ea:df:64:e9:46:34:71:ec:3b:05:cb:ec:e7:
+ a0:bc:39:6c:04:16:f9:0c:2c:c2:4b:4f:aa:80:6b:
+ d7:37:68:e9:c4:f2:91:11:5b:33:03:8e:85:67:40:
+ 7c:97:36:84:94:15:21:3d:2a:e9:87:81:65:21:fa:
+ 27:07:ca:1b:0b:df:fa:eb:34:62:d5:52:fc:b6:00:
+ 1a:54:bc:6d:0a:52:70:5e:15:38:ec:ce:dd:62:0c:
+ c6:c2:10:7c:b2:a5:8b:18:10:81:f4:b5:9a:38:c4:
+ cc:00:fa:de:0b:ca:8b:bc:82:df:2f:9e:84:3b:6a:
+ 1e:13:61:c1:72:28:cd:0d:71:1d:97:36:04:2d:c8:
+ 50:e1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 52:89:7A:20:5D:CA:C8:13:92:30:14:B2:BD:6D:FA:8B:FE:73:38:9C
+ X509v3 Authority Key Identifier:
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
+
+ X509v3 Extended Key Usage:
+ TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 17:99:13:42:f0:60:a8:b3:54:d4:c6:30:12:1e:0f:d3:78:a5:
+ c1:1f:54:0e:3f:15:8c:72:60:dd:8e:e4:23:64:4f:5f:a5:7f:
+ 12:59:d3:c4:cf:9b:51:98:67:cb:49:a9:99:38:65:09:7f:56:
+ 42:08:86:31:e5:48:54:04:82:ac:1b:23:fd:63:b6:49:dd:73:
+ 50:af:84:0c:d5:37:6e:47:49:f6:2a:17:0c:c1:08:f9:cf:4f:
+ 3f:90:c7:dc:c4:d8:ef:99:ab:f8:12:55:8d:9a:18:4b:2f:9e:
+ c8:1f:97:31:83:8a:62:3d:6c:d0:0e:0c:e2:d4:7c:2f:10:37:
+ 7e:23:be:7d:f8:59:97:4e:a6:5f:75:ca:6a:a4:f1:ea:b9:41:
+ da:fe:be:8f:28:ff:0a:93:17:b0:7a:d2:fe:4e:7a:c7:ed:c2:
+ fe:91:93:c8:94:43:ec:74:4f:34:85:6e:7c:72:1d:45:2a:b1:
+ b9:bd:3b:d7:d0:b9:4d:54:74:6d:c5:73:03:ad:5c:7d:9d:16:
+ bb:28:d4:9c:6e:33:54:65:e5:11:06:b5:a5:e8:e9:dc:b4:95:
+ 4b:b4:6b:ef:db:5a:fe:4e:8f:4b:3d:b6:e2:37:fb:78:37:36:
+ 9a:a0:26:cc:19:72:e6:26:99:05:e2:6b:a2:6f:d4:86:cb:f5:
+ 5c:fe:cc:54
+-----BEGIN CERTIFICATE-----
+MIIDVjCCAj6gAwIBAgIQB0KTqCVxpK6wlk0U0eL/IjANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU1MjZaFw0zMjAxMjUx
+NjU1MjZaMBMxETAPBgNVBAMMCG9zd2VpZGFuMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAxP2U6WKlfXSSmiLWezX/lSbo078e7pa+ut4sMVoCJ22sQrQ6
+4CKJY+OjtWiLb/gOqR+p5WLRtDlsc2GJoQ7bjmIhBgvVT2QQOUyR9QXKZQmC58ZS
+YX/t3pW8jyOjAXfDKhx1/7lVZqKu/ycNSnCMtk34vGX9/6hg4erfZOlGNHHsOwXL
+7OegvDlsBBb5DCzCS0+qgGvXN2jpxPKREVszA46FZ0B8lzaElBUhPSrph4FlIfon
+B8obC9/66zRi1VL8tgAaVLxtClJwXhU47M7dYgzGwhB8sqWLGBCB9LWaOMTMAPre
+C8qLvILfL56EO2oeE2HBcijNDXEdlzYELchQ4QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFFKJeiBdysgTkjAUsr1t+ov+czicMFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQAXmRNC8GCos1TUxjASHg/TeKXBH1QO
+PxWMcmDdjuQjZE9fpX8SWdPEz5tRmGfLSamZOGUJf1ZCCIYx5UhUBIKsGyP9Y7ZJ
+3XNQr4QM1TduR0n2KhcMwQj5z08/kMfcxNjvmav4ElWNmhhLL57IH5cxg4piPWzQ
+Dgzi1HwvEDd+I759+FmXTqZfdcpqpPHquUHa/r6PKP8KkxewetL+TnrH7cL+kZPI
+lEPsdE80hW58ch1FKrG5vTvX0LlNVHRtxXMDrVx9nRa7KNScbjNUZeURBrWl6Onc
+tJVLtGvv21r+To9LPbbiN/t4NzaaoCbMGXLmJpkF4muib9SGy/Vc/sxU
+-----END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- ac:b6:49:fd:c2:e3:b8:1c:54:2c:66:1f:04:12:e1:b6
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 73:44:69:33:9d:70:f8:2e:cc:af:44:62:a8:c4:d2:32
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:16:25 2019 GMT
- Not After : Jul 14 13:16:25 2022 GMT
+ Not Before: Jan 27 16:52:17 2022 GMT
+ Not After : Jan 25 16:52:17 2032 GMT
Subject: CN=qqcs
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:4a:c3:a5:30:3e:35:30:99:34:68:48:48:08:05:
- 96:c9:b4:40:cc:e5:09:81:e3:47:07:84:59:63:59:
- f8:c5:92:7f:35:ba:68:1b:14:d2:f3:da:39:14:97:
- e3:11:09:d8:4f:34:61:9d:b2:75:d6:73:ab:d9:eb:
- ed:0e:e8:e5:7b:28:c6:9d:04:b1:ed:47:97:2b:d3:
- 62:01:b3:83:e7:6c:c8:c7:11:82:f3:c8:c0:97:27:
- 52:8d:54:da:42:98:fb
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:b9:83:80:30:d8:21:63:c5:f1:85:af:0d:2a:af:
+ b6:c8:50:03:6e:6c:1c:55:28:b2:9d:59:1d:42:0b:
+ f9:42:ea:38:d6:3d:1b:2f:9e:c2:c4:91:d8:0e:56:
+ 28:03:5f:a8:a9:bf:6a:d7:9f:22:78:b8:cb:f5:7e:
+ da:c0:bb:56:b7:25:a1:84:af:19:70:c3:27:fc:33:
+ 82:01:71:76:25:a3:6e:bb:d6:a3:71:1b:4a:48:51:
+ 3d:6a:c6:36:28:05:88:01:3c:6a:45:b5:a3:46:f1:
+ 8b:bf:49:52:80:c6:30:fd:a3:4c:36:22:f0:b5:22:
+ fe:05:0d:8f:8d:14:0b:67:3d:95:4f:56:d3:88:a6:
+ a3:a7:56:52:86:ad:7b:a9:03:e8:39:50:18:7d:79:
+ d0:9c:c7:24:4b:02:75:60:95:60:0f:92:a5:44:7a:
+ 7c:6b:ec:77:29:ac:6f:a9:7f:7d:ee:06:9c:36:d5:
+ 8c:fe:34:f5:c0:52:6c:4e:26:c9:4c:e6:17:02:41:
+ 89:f7:5e:83:51:eb:2c:59:c1:e0:96:6d:7b:57:7f:
+ f7:d6:df:59:59:5a:c2:23:5b:7c:f6:f9:41:ec:fa:
+ 5a:6c:a7:41:2c:5e:c6:a1:50:3f:c2:4c:a9:ee:60:
+ d1:10:af:e3:99:c3:2d:c5:dc:cd:ac:ee:8e:c6:92:
+ 16:33
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 8B:85:13:8E:D2:D4:4D:3F:AE:DD:0D:38:D0:65:84:40:E9:2A:3F:02
+ E5:15:40:45:95:37:CC:FA:F8:7F:B7:70:67:A8:23:62:31:B6:58:35
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:28:fe:ea:a7:50:e0:71:a6:51:36:4e:19:42:f7:
- 01:c4:d0:fd:a2:66:f3:4c:28:15:81:51:9d:75:33:88:3e:6e:
- 96:02:e4:67:be:26:cf:05:81:18:c3:e6:96:7f:73:2a:02:31:
- 00:fc:ea:f1:0c:28:55:3b:9e:d1:5f:46:c7:41:0f:da:48:c5:
- a6:35:45:19:07:f1:ad:59:2a:ae:0b:60:c6:f3:7d:a8:af:4f:
- 71:50:5d:bb:fb:a7:55:7c:6c:b2:ce:12:c4
+ Signature Algorithm: sha256WithRSAEncryption
+ 1b:08:06:e9:01:65:f8:ff:f8:52:03:4c:f4:e3:da:41:7a:b1:
+ e3:af:78:f3:ba:0d:7a:28:68:71:ef:fe:db:ef:8d:eb:c9:5f:
+ 18:c2:0c:36:48:2e:b3:38:f1:21:09:d4:21:11:4a:21:4d:3b:
+ 6c:c0:cb:2a:55:c9:59:5e:e9:03:e9:ca:af:c3:46:86:68:96:
+ 3b:2a:1a:41:a9:d0:f1:f5:21:78:45:ab:70:d9:a5:7d:58:9d:
+ 3b:cb:39:3a:d5:17:39:cb:9a:21:fa:b1:01:c2:4e:12:35:48:
+ a2:d4:0f:06:d1:ca:37:98:3e:0b:51:a2:bf:34:ff:d1:28:86:
+ 3d:34:1a:25:a8:5d:0d:08:03:d9:80:26:e7:9b:9a:31:a2:d0:
+ b8:26:1f:b6:60:d8:50:8b:a2:aa:6b:61:94:9d:56:b9:6e:c4:
+ 02:b7:45:91:6b:fb:45:ae:62:00:cd:54:37:07:82:10:1c:bf:
+ 4c:73:ff:53:ff:f8:0f:67:43:9d:a7:27:1c:4b:51:01:27:cf:
+ 0a:8d:8f:84:49:85:3c:c4:59:1e:23:9a:2f:2d:71:03:a3:b4:
+ 3a:59:2d:6b:d5:ec:c0:0f:8b:95:79:b6:71:50:4a:e7:13:6e:
+ 49:59:fc:4f:e7:df:8a:40:23:32:41:f4:28:54:4e:43:ef:16:
+ 24:f2:f1:8d
-----BEGIN CERTIFICATE-----
-MIICDDCCAZKgAwIBAgIRAKy2Sf3C47gcVCxmHwQS4bYwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMTYyNVoXDTIyMDcx
-NDEzMTYyNVowDzENMAsGA1UEAwwEcXFjczB2MBAGByqGSM49AgEGBSuBBAAiA2IA
-BErDpTA+NTCZNGhISAgFlsm0QMzlCYHjRweEWWNZ+MWSfzW6aBsU0vPaORSX4xEJ
-2E80YZ2yddZzq9nr7Q7o5Xsoxp0Ese1HlyvTYgGzg+dsyMcRgvPIwJcnUo1U2kKY
-+6OBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBSLhROO0tRNP67dDTjQZYRA6So/
-AjBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYGA1UE
-AwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNVHSUE
-DDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIwKP7q
-p1DgcaZRNk4ZQvcBxND9ombzTCgVgVGddTOIPm6WAuRnvibPBYEYw+aWf3MqAjEA
-/OrxDChVO57RX0bHQQ/aSMWmNUUZB/GtWSquC2DG832or09xUF27+6dVfGyyzhLE
+MIIDUjCCAjqgAwIBAgIQc0RpM51w+C7Mr0RiqMTSMjANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjUyMTdaFw0zMjAxMjUx
+NjUyMTdaMA8xDTALBgNVBAMMBHFxY3MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQC5g4Aw2CFjxfGFrw0qr7bIUANubBxVKLKdWR1CC/lC6jjWPRsvnsLE
+kdgOVigDX6ipv2rXnyJ4uMv1ftrAu1a3JaGErxlwwyf8M4IBcXYlo2671qNxG0pI
+UT1qxjYoBYgBPGpFtaNG8Yu/SVKAxjD9o0w2IvC1Iv4FDY+NFAtnPZVPVtOIpqOn
+VlKGrXupA+g5UBh9edCcxyRLAnVglWAPkqVEenxr7HcprG+pf33uBpw21Yz+NPXA
+UmxOJslM5hcCQYn3XoNR6yxZweCWbXtXf/fW31lZWsIjW3z2+UHs+lpsp0EsXsah
+UD/CTKnuYNEQr+OZwy3F3M2s7o7GkhYzAgMBAAGjgaIwgZ8wCQYDVR0TBAIwADAd
+BgNVHQ4EFgQU5RVARZU3zPr4f7dwZ6gjYjG2WDUwUQYDVR0jBEowSIAUSUNbUvgx
+eLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1zzE7
+pfY7l0pNuhTRWMqTy/F/pTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMC
+B4AwDQYJKoZIhvcNAQELBQADggEBABsIBukBZfj/+FIDTPTj2kF6seOvePO6DXoo
+aHHv/tvvjevJXxjCDDZILrM48SEJ1CERSiFNO2zAyypVyVle6QPpyq/DRoZoljsq
+GkGp0PH1IXhFq3DZpX1YnTvLOTrVFznLmiH6sQHCThI1SKLUDwbRyjeYPgtRor80
+/9Eohj00GiWoXQ0IA9mAJuebmjGi0LgmH7Zg2FCLoqprYZSdVrluxAK3RZFr+0Wu
+YgDNVDcHghAcv0xz/1P/+A9nQ52nJxxLUQEnzwqNj4RJhTzEWR4jmi8tcQOjtDpZ
+LWvV7MAPi5V5tnFQSucTbklZ/E/n34pAIzJB9ChUTkPvFiTy8Y0=
-----END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- f6:01:86:d6:4b:85:3a:3d:d9:f8:79:9f:b8:17:c3:01
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ c2:28:3c:ff:fa:8e:dc:f7:39:52:42:b1:f3:82:40:74
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:15:29 2019 GMT
- Not After : Jul 14 13:15:29 2022 GMT
+ Not Before: Jan 27 16:56:00 2022 GMT
+ Not After : Jan 25 16:56:00 2032 GMT
Subject: CN=rrendek
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:ea:c4:ab:e1:24:42:91:06:17:73:d6:d9:87:17:
- 29:a8:05:73:be:5a:54:38:3e:c9:dd:78:55:ca:e2:
- 27:e6:44:1a:22:5b:3a:15:68:61:bf:ae:ce:05:a5:
- c9:98:f7:a3:ff:0e:b9:db:8e:fc:15:ac:76:41:c8:
- 6e:de:85:38:cb:1f:b1:98:41:df:4e:18:62:24:04:
- 95:5a:16:6b:0b:fd:13:e3:26:8b:76:d3:9a:54:6c:
- 9b:19:3c:55:de:d0:2e
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:f3:4f:9c:e7:ba:7f:36:4f:1d:ac:7a:c7:d0:6c:
+ 59:f4:c2:e8:07:a3:d2:f1:ba:7b:e7:75:96:91:47:
+ 02:ac:53:d5:40:1b:43:25:ad:b9:15:b5:e5:b0:c0:
+ 90:42:74:47:a5:92:b0:f5:1c:fb:02:a9:0e:bd:9d:
+ b2:6d:85:95:2a:2b:95:51:9b:4e:14:22:45:bc:ab:
+ 23:df:76:e3:1a:f6:b7:27:a2:f0:e5:49:88:04:dc:
+ cb:7d:a0:4e:2b:8d:56:97:59:e9:4e:dc:f7:9f:41:
+ 2e:16:ef:75:59:db:e9:9c:59:3e:e5:3f:05:a7:aa:
+ 0d:01:bc:db:f8:03:e1:b1:d6:4b:70:18:1b:5e:10:
+ 05:a6:28:99:59:e5:a5:38:17:a9:92:95:ba:74:84:
+ cf:20:d4:e4:e4:26:4f:82:6d:3b:aa:51:d4:2e:4e:
+ c8:99:63:3a:bb:dd:ee:5d:e9:1c:ab:4b:54:a3:df:
+ 48:54:c0:7e:20:85:a1:4f:0a:93:3e:94:90:90:92:
+ f3:dc:73:94:16:3d:99:6e:57:82:98:87:8c:f8:15:
+ 0c:1e:35:6f:48:47:ed:15:3f:e4:06:98:04:f1:af:
+ 27:3d:af:25:10:aa:46:79:4e:00:ce:d4:bf:70:1f:
+ 2f:60:4b:a1:77:be:68:ff:36:4a:5f:60:ff:2e:cf:
+ ef:d5
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- D5:73:9E:FA:32:4C:D8:2A:E0:33:CF:15:F6:C0:D5:E9:56:5A:D0:EE
+ 20:87:C3:77:30:AC:3B:C2:8A:77:02:A3:86:B8:C0:A4:44:7D:33:FD
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:49:21:38:44:26:a9:96:15:98:29:c4:4f:04:25:
- be:35:90:bc:44:00:60:0d:6a:f7:f8:d4:ed:58:ea:28:45:f2:
- 99:33:d1:e3:2e:82:4e:04:bb:e5:27:10:ea:64:b8:83:02:31:
- 00:c3:59:fe:dc:8a:a1:e4:d1:30:09:51:2a:d8:d2:76:af:dc:
- 28:b2:d3:0d:ad:f3:19:91:b5:92:e6:8b:b4:77:d8:c3:87:f8:
- 7b:39:94:ab:f2:c0:06:c1:c4:43:b8:0e:16
+ Signature Algorithm: sha256WithRSAEncryption
+ 10:48:0c:b5:7b:c8:7f:51:e4:53:31:e9:c0:88:8a:da:55:2e:
+ e2:3b:ee:5f:20:bf:b1:ce:c8:0b:90:f5:d3:99:cf:b0:96:8b:
+ 63:9b:0a:ba:9b:2f:7b:d0:27:29:8b:67:b7:b2:85:d4:e6:26:
+ 6a:06:9f:27:f5:c0:a1:d9:35:39:51:89:82:18:b7:d4:25:72:
+ d5:a1:5f:56:65:37:15:e9:f6:8a:6f:03:6d:59:b7:8c:17:44:
+ f9:09:c3:71:3f:5d:e0:25:99:22:c4:32:41:a0:8b:93:02:47:
+ 14:ff:eb:df:1b:0b:d8:7e:ea:d8:d9:40:33:c6:ca:b2:f2:c6:
+ 53:89:90:b1:4a:5a:68:44:a1:18:df:af:1b:fc:b7:b7:04:20:
+ 36:61:e0:44:0d:9f:95:ed:f7:59:d7:a6:22:5a:0f:82:bf:5a:
+ aa:5a:fd:3c:77:0e:82:e6:ac:f3:b8:5d:26:62:55:66:06:3d:
+ cc:0a:22:09:dd:18:ec:98:eb:e9:f2:c5:43:85:f9:d8:43:82:
+ a8:ed:0e:19:0d:43:95:d9:ee:17:93:b4:ad:da:2a:b3:10:cf:
+ 52:74:50:2b:3d:8a:06:bd:31:52:38:07:85:dd:ca:9b:cb:97:
+ fb:ad:e6:a0:78:23:93:5c:22:5d:b9:d1:0f:55:32:07:d7:df:
+ c0:db:e5:05
-----BEGIN CERTIFICATE-----
-MIICDzCCAZWgAwIBAgIRAPYBhtZLhTo92fh5n7gXwwEwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMTUyOVoXDTIyMDcx
-NDEzMTUyOVowEjEQMA4GA1UEAwwHcnJlbmRlazB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABOrEq+EkQpEGF3PW2YcXKagFc75aVDg+yd14VcriJ+ZEGiJbOhVoYb+uzgWl
-yZj3o/8OuduO/BWsdkHIbt6FOMsfsZhB304YYiQElVoWawv9E+Mmi3bTmlRsmxk8
-Vd7QLqOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBTVc576MkzYKuAzzxX2wNXp
-VlrQ7jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIw
-SSE4RCaplhWYKcRPBCW+NZC8RABgDWr3+NTtWOooRfKZM9HjLoJOBLvlJxDqZLiD
-AjEAw1n+3Iqh5NEwCVEq2NJ2r9wostMNrfMZkbWS5ou0d9jDh/h7OZSr8sAGwcRD
-uA4W
+MIIDVjCCAj6gAwIBAgIRAMIoPP/6jtz3OVJCsfOCQHQwDQYJKoZIhvcNAQELBQAw
+FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIwMTI3MTY1NjAwWhcNMzIwMTI1
+MTY1NjAwWjASMRAwDgYDVQQDDAdycmVuZGVrMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA80+c57p/Nk8drHrH0GxZ9MLoB6PS8bp753WWkUcCrFPVQBtD
+Ja25FbXlsMCQQnRHpZKw9Rz7AqkOvZ2ybYWVKiuVUZtOFCJFvKsj33bjGva3J6Lw
+5UmIBNzLfaBOK41Wl1npTtz3n0EuFu91WdvpnFk+5T8Fp6oNAbzb+APhsdZLcBgb
+XhAFpiiZWeWlOBepkpW6dITPINTk5CZPgm07qlHULk7ImWM6u93uXekcq0tUo99I
+VMB+IIWhTwqTPpSQkJLz3HOUFj2ZbleCmIeM+BUMHjVvSEftFT/kBpgE8a8nPa8l
+EKpGeU4AztS/cB8vYEuhd75o/zZKX2D/Ls/v1QIDAQABo4GiMIGfMAkGA1UdEwQC
+MAAwHQYDVR0OBBYEFCCHw3cwrDvCincCo4a4wKREfTP9MFEGA1UdIwRKMEiAFElD
+W1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
+dc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
+BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQAQSAy1e8h/UeRTMenAiIraVS7iO+5f
+IL+xzsgLkPXTmc+wlotjmwq6my970Ccpi2e3soXU5iZqBp8n9cCh2TU5UYmCGLfU
+JXLVoV9WZTcV6faKbwNtWbeMF0T5CcNxP13gJZkixDJBoIuTAkcU/+vfGwvYfurY
+2UAzxsqy8sZTiZCxSlpoRKEY368b/Le3BCA2YeBEDZ+V7fdZ16YiWg+Cv1qqWv08
+dw6C5qzzuF0mYlVmBj3MCiIJ3RjsmOvp8sVDhfnYQ4Ko7Q4ZDUOV2e4Xk7St2iqz
+EM9SdFArPYoGvTFSOAeF3cqby5f7reageCOTXCJdudEPVTIH19/A2+UF
-----END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- ab:51:7a:c1:c6:bf:8c:35:5c:a1:ea:62:5a:ca:67:84
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 33:59:80:b8:6f:f1:71:c9:57:98:a1:e9:af:81:5f:cb
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:04:35 2019 GMT
- Not After : Jul 14 13:04:35 2022 GMT
- Subject: CN=server
+ Not Before: Jan 27 16:22:46 2022 GMT
+ Not After : Jan 25 16:22:46 2032 GMT
+ Subject: CN=vpn.in.useribm.hu
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:b9:1f:ea:83:e0:6a:e3:49:dd:a8:f5:06:17:33:
- 4c:44:73:ac:46:01:33:eb:88:a3:12:d6:0a:aa:3b:
- ee:6f:d3:75:69:19:f6:82:12:9d:23:17:3a:b9:fe:
- 66:61:26:4c:46:db:d2:f9:5a:fc:a8:82:58:22:a8:
- b7:fc:cb:fd:cc:3d:f1:e8:c9:19:39:f1:f3:d0:fb:
- 73:b0:9f:77:53:9c:ff:35:b5:b5:c6:8d:ee:eb:66:
- 0b:d1:70:d5:bb:a4:66
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:d1:47:ff:20:8f:34:88:dd:50:ed:d5:d1:55:d8:
+ 12:a2:ff:61:e5:0d:71:29:00:49:35:d0:1c:4a:ef:
+ d4:01:49:c5:84:3a:a3:b9:14:ae:cc:d1:50:53:4c:
+ 7d:68:38:55:14:88:e3:42:0e:76:8c:17:a7:fd:8b:
+ 3b:a9:9c:26:37:fc:d1:4f:89:ab:ea:b9:e1:1e:0b:
+ 58:8b:ea:bd:80:8d:df:a0:0e:1d:bf:19:85:81:94:
+ 87:e6:d0:0e:31:77:e3:29:7e:ef:16:6f:7e:01:09:
+ eb:39:3d:da:11:a2:62:72:a7:8b:5b:f6:5c:75:f3:
+ 24:a9:66:15:c2:fa:7a:b8:9c:35:a3:82:bb:84:41:
+ cc:39:fe:cc:f2:d0:65:3b:13:b9:7b:1a:05:9b:6f:
+ 8c:77:a1:a5:2c:59:17:86:e5:d7:58:23:c5:03:3e:
+ ad:75:38:69:ba:f3:b4:41:3b:8a:ee:a0:8c:81:60:
+ e0:13:51:ed:cb:90:d4:8c:d2:5e:d5:f9:d4:b3:b9:
+ 7e:e6:71:4d:4a:bf:50:f1:d6:63:6a:f7:c0:44:8d:
+ 48:46:9d:53:36:e8:c6:ba:fa:9d:08:5b:22:c5:f7:
+ 6a:f9:b1:cf:9a:76:bd:fe:e0:88:01:82:4c:c8:a1:
+ c0:3e:68:fc:06:e3:df:07:ec:97:48:1f:d2:c5:cd:
+ 11:81
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 81:F8:B0:C6:7B:70:D8:D6:C9:E1:9D:B2:67:8B:3B:D8:21:1B:9A:B2
+ 71:D0:E0:F8:9D:2C:0D:A1:35:C6:F5:4D:1C:88:53:40:07:00:78:35
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Subject Alternative Name:
- DNS:server
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:88:cf:12:d6:9c:fd:43:24:58:63:13:27:f1:
- 44:0a:62:b0:b2:1d:0f:28:3d:50:d0:be:f2:ea:5e:d6:23:27:
- ac:42:b3:67:2c:d3:8d:7d:19:15:ce:4a:7f:5e:cb:67:94:02:
- 31:00:8a:f3:c3:f9:ce:f2:35:3a:5a:21:55:1c:d1:ec:80:fa:
- ad:ef:9b:d9:7d:5c:33:55:f3:71:9c:6d:eb:68:15:ba:45:43:
- 23:1c:83:7a:21:36:a0:4c:24:73:44:14:ef:ea
+ DNS:vpn.in.useribm.hu
+ Signature Algorithm: sha256WithRSAEncryption
+ af:9b:99:1f:f6:90:a0:7a:58:9f:98:d7:da:75:0d:86:85:c7:
+ 8e:99:95:86:ad:8b:1d:c4:a8:e5:cf:75:79:bc:b8:ce:b8:2c:
+ 53:e3:c6:93:e9:4a:42:b6:f7:2d:82:85:cf:ed:82:37:21:0f:
+ 27:c5:07:56:33:99:37:37:66:da:72:1a:e1:0e:78:2d:f0:2c:
+ fc:d8:af:b9:23:07:d9:82:9f:42:6d:e8:7a:5d:69:b1:f5:a2:
+ 7a:d8:85:72:4c:e2:c6:c3:91:c7:65:1a:a2:a5:2e:94:58:5b:
+ fe:a1:12:dc:48:15:9e:e6:18:a8:21:3f:fd:be:fa:28:02:22:
+ 9f:f2:04:0c:e3:57:01:3f:fb:87:4f:64:ff:5a:c0:4c:60:48:
+ 65:59:1a:db:76:c2:d4:1d:57:39:e8:10:57:f2:10:15:10:ce:
+ 3d:7a:d5:4e:70:6e:90:22:6b:37:58:c7:01:7f:62:78:7c:b6:
+ aa:e5:f6:5f:47:a0:97:27:b5:18:cd:ac:22:90:76:5d:0b:c8:
+ dc:4c:55:01:b2:8f:67:e6:14:17:7f:f3:c6:1a:f5:0d:a3:f4:
+ 2e:0c:d5:bb:08:fc:7b:23:c2:c7:ed:25:77:97:94:3d:86:87:
+ de:bd:0c:83:ea:52:6b:44:45:fd:39:a0:e8:61:dc:be:73:1c:
+ 10:c6:ba:0c
-----BEGIN CERTIFICATE-----
-MIICIjCCAaegAwIBAgIRAKtResHGv4w1XKHqYlrKZ4QwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTE5MDczMDEzMDQzNVoXDTIyMDcx
-NDEzMDQzNVowETEPMA0GA1UEAwwGc2VydmVyMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEuR/qg+Bq40ndqPUGFzNMRHOsRgEz64ijEtYKqjvub9N1aRn2ghKdIxc6uf5m
-YSZMRtvS+Vr8qIJYIqi3/Mv9zD3x6MkZOfHz0PtzsJ93U5z/NbW1xo3u62YL0XDV
-u6Rmo4G5MIG2MAkGA1UdEwQCMAAwHQYDVR0OBBYEFIH4sMZ7cNjWyeGdsmeLO9gh
-G5qyMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMBMAsGA1UdDwQEAwIFoDARBgNVHREECjAIggZzZXJ2ZXIw
-CgYIKoZIzj0EAwIDaQAwZgIxAIjPEtac/UMkWGMTJ/FECmKwsh0PKD1Q0L7y6l7W
-IyesQrNnLNONfRkVzkp/XstnlAIxAIrzw/nO8jU6WiFVHNHsgPqt75vZfVwzVfNx
-nG3raBW6RUMjHIN6ITagTCRzRBTv6g==
+MIIDfTCCAmWgAwIBAgIQM1mAuG/xcclXmKHpr4FfyzANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjIyNDZaFw0zMjAxMjUx
+NjIyNDZaMBwxGjAYBgNVBAMMEXZwbi5pbi51c2VyaWJtLmh1MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Uf/II80iN1Q7dXRVdgSov9h5Q1xKQBJNdAc
+Su/UAUnFhDqjuRSuzNFQU0x9aDhVFIjjQg52jBen/Ys7qZwmN/zRT4mr6rnhHgtY
+i+q9gI3foA4dvxmFgZSH5tAOMXfjKX7vFm9+AQnrOT3aEaJicqeLW/ZcdfMkqWYV
+wvp6uJw1o4K7hEHMOf7M8tBlOxO5exoFm2+Md6GlLFkXhuXXWCPFAz6tdThpuvO0
+QTuK7qCMgWDgE1Hty5DUjNJe1fnUs7l+5nFNSr9Q8dZjavfARI1IRp1TNujGuvqd
+CFsixfdq+bHPmna9/uCIAYJMyKHAPmj8BuPfB+yXSB/Sxc0RgQIDAQABo4HAMIG9
+MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHHQ4PidLA2hNcb1TRyIU0AHAHg1MFEGA1Ud
+IwRKMEiAFElDW1L4MXi1hHR6jSfTIh+p1MKloRqkGDAWMRQwEgYDVQQDDAtFYXN5
+LVJTQSBDQYIUdc8xO6X2O5dKTboU0VjKk8vxf6UwEwYDVR0lBAwwCgYIKwYBBQUH
+AwEwCwYDVR0PBAQDAgWgMBwGA1UdEQQVMBOCEXZwbi5pbi51c2VyaWJtLmh1MA0G
+CSqGSIb3DQEBCwUAA4IBAQCvm5kf9pCgelifmNfadQ2GhceOmZWGrYsdxKjlz3V5
+vLjOuCxT48aT6UpCtvctgoXP7YI3IQ8nxQdWM5k3N2bachrhDngt8Cz82K+5IwfZ
+gp9Cbeh6XWmx9aJ62IVyTOLGw5HHZRqipS6UWFv+oRLcSBWe5hioIT/9vvooAiKf
+8gQM41cBP/uHT2T/WsBMYEhlWRrbdsLUHVc56BBX8hAVEM49etVOcG6QIms3WMcB
+f2J4fLaq5fZfR6CXJ7UYzawikHZdC8jcTFUBso9n5hQXf/PGGvUNo/QuDNW7CPx7
+I8LH7SV3l5Q9hofevQyD6lJrREX9OaDoYdy+cxwQxroM
-----END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- b5:63:ff:7c:ff:87:23:f8:fd:6c:cd:82:85:1f:fa:31
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Mar 26 10:41:42 2020 GMT
- Not After : Mar 11 10:41:42 2023 GMT
- Subject: CN=thering
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:18:e6:74:25:a4:09:6a:83:9f:bc:71:e8:8e:c1:
- 44:73:6c:60:17:3a:29:a4:11:40:94:9d:ad:aa:f4:
- 37:03:cc:83:a7:28:5b:58:c8:0b:40:bf:ec:c8:83:
- 6e:41:db:56:24:37:56:7f:ba:25:57:09:76:82:27:
- 45:93:e9:65:25:aa:55:f1:cb:48:d8:8b:d2:65:dc:
- 8e:51:71:e8:60:d1:2e:88:34:f4:d1:f3:c2:81:3a:
- 36:9a:9c:08:7f:ac:c7
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- DE:BA:42:67:DA:26:9A:79:0C:E4:D7:AB:BA:DA:0A:02:71:D0:48:FE
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:31:00:87:c1:1b:d1:15:d9:85:62:f9:58:ff:0b:30:
- a0:3b:c7:31:ca:46:0c:71:0c:55:9d:83:a3:a9:32:93:94:7a:
- 6b:b4:54:e2:a3:e6:be:de:aa:29:bc:77:a7:9e:1b:cc:6f:02:
- 30:66:a5:9a:15:42:7f:e4:ad:00:be:0b:73:70:20:1b:c1:65:
- 40:15:22:28:51:8a:d1:7a:06:3a:50:2c:d2:56:0d:48:2c:7a:
- f4:b1:63:3e:ac:7f:01:c8:ac:bc:04:ce:b9
------BEGIN CERTIFICATE-----
-MIICDzCCAZWgAwIBAgIRALVj/3z/hyP4/WzNgoUf+jEwCgYIKoZIzj0EAwIwGjEY
-MBYGA1UEAwwPVVNFUiBPcGVuVlBOIENBMB4XDTIwMDMyNjEwNDE0MloXDTIzMDMx
-MTEwNDE0MlowEjEQMA4GA1UEAwwHdGhlcmluZzB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABBjmdCWkCWqDn7xx6I7BRHNsYBc6KaQRQJSdrar0NwPMg6coW1jIC0C/7MiD
-bkHbViQ3Vn+6JVcJdoInRZPpZSWqVfHLSNiL0mXcjlFx6GDRLog09NHzwoE6Npqc
-CH+sx6OBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBTeukJn2iaaeQzk16u62goC
-cdBI/jBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaAAwZQIx
-AIfBG9EV2YVi+Vj/CzCgO8cxykYMcQxVnYOjqTKTlHprtFTio+a+3qopvHennhvM
-bwIwZqWaFUJ/5K0AvgtzcCAbwWVAFSIoUYrRegY6UCzSVg1ILHr0sWM+rH8ByKy8
-BM65
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 4b:df:84:b3:7b:17:ce:e1:09:87:9b:67:05:4b:27:91
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:15:51 2019 GMT
- Not After : Jul 14 13:15:51 2022 GMT
- Subject: CN=tsuhajda
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:6a:52:47:b4:82:6f:88:07:39:d2:55:37:5b:de:
- e8:37:fd:12:c8:2e:2a:c5:b4:9b:54:cf:2b:7c:73:
- dd:9c:89:37:d7:a9:09:50:11:bb:ae:8e:8d:3f:e7:
- d0:c9:7e:89:f5:7f:29:28:2d:d6:49:5b:69:b9:47:
- da:82:87:1e:a9:e8:7a:98:e2:fe:2b:b6:b0:c2:fd:
- aa:18:af:c3:d5:b0:c3:51:8b:77:8e:4d:68:60:47:
- 41:28:4d:30:81:4d:7c
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 60:FA:D3:CB:9A:38:0E:08:58:0C:11:BB:A1:C8:18:FB:36:31:2A:67
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:66:02:31:00:c2:3b:36:d4:ec:38:f3:3f:11:b3:74:6b:34:
- 27:2f:bd:77:41:c1:20:55:e8:39:b5:1b:ad:04:a1:ab:ca:19:
- 1e:31:6f:32:4e:12:80:f9:c9:fc:96:f4:7b:81:34:87:07:02:
- 31:00:92:a4:26:4c:73:29:b6:4f:be:37:a7:98:50:33:4f:10:
- cd:f2:a0:2d:e6:f1:dd:18:7e:0a:51:1d:81:36:5a:36:3c:17:
- f8:d3:2c:cb:c1:16:5d:38:1d:57:97:9a:be:69
------BEGIN CERTIFICATE-----
-MIICEDCCAZWgAwIBAgIQS9+Es3sXzuEJh5tnBUsnkTAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNTUxWhcNMjIwNzE0
-MTMxNTUxWjATMREwDwYDVQQDDAh0c3VoYWpkYTB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABGpSR7SCb4gHOdJVN1ve6Df9EsguKsW0m1TPK3xz3ZyJN9epCVARu66OjT/n
-0Ml+ifV/KSgt1klbablH2oKHHqnoepji/iu2sML9qhivw9Www1GLd45NaGBHQShN
-MIFNfKOBpjCBozAJBgNVHRMEAjAAMB0GA1UdDgQWBBRg+tPLmjgOCFgMEbuhyBj7
-NjEqZzBVBgNVHSMETjBMgBTbN0eikCKafCP5MWLoyV7RZUYZ1qEepBwwGjEYMBYG
-A1UEAwwPVVNFUiBPcGVuVlBOIENBghQWkzeyLLTuPKZK9ETlbcoDlKBp7DATBgNV
-HSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDaQAwZgIx
-AMI7NtTsOPM/EbN0azQnL713QcEgVeg5tRutBKGryhkeMW8yThKA+cn8lvR7gTSH
-BwIxAJKkJkxzKbZPvjenmFAzTxDN8qAt5vHdGH4KUR2BNlo2PBf40yzLwRZdOB1X
-l5q+aQ==
------END CERTIFICATE-----
+++ /dev/null
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- 6b:9d:83:08:3d:87:cc:88:0a:de:bc:cd:3b:5c:ef:4d
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
- Validity
- Not Before: Jul 30 13:16:02 2019 GMT
- Not After : Jul 14 13:16:02 2022 GMT
- Subject: CN=zbartakovics
- Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:0f:68:0b:c6:8e:81:3c:ef:a7:cb:71:84:f3:84:
- 12:e5:9c:28:13:15:e1:ab:bf:2f:92:3c:db:40:2c:
- e5:f7:c9:61:94:d2:23:08:10:75:53:7a:ec:39:3c:
- a1:9c:d3:73:0e:79:db:4c:15:94:77:11:a4:30:e2:
- bc:73:fa:66:0e:17:90:e2:a3:4c:17:82:41:87:c2:
- 94:8a:c3:28:47:40:76:76:59:c7:16:47:07:8b:ec:
- dd:22:6c:3c:af:26:25
- ASN1 OID: secp384r1
- NIST CURVE: P-384
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- X509v3 Subject Key Identifier:
- 36:50:AD:4A:3A:69:D8:C0:00:F4:3C:7C:FF:B0:7D:E2:94:B9:7C:8A
- X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
-
- X509v3 Extended Key Usage:
- TLS Web Client Authentication
- X509v3 Key Usage:
- Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:64:02:30:7e:1a:02:39:9f:2d:c8:dd:5b:4a:2b:9a:2e:61:
- 60:a5:e2:60:92:29:d4:7e:f2:32:5a:be:90:72:89:42:1a:74:
- 74:72:c3:e8:32:0b:63:82:52:65:fa:2f:b3:13:4f:16:02:30:
- 1e:a0:79:e7:55:d1:45:54:97:8d:a0:fb:50:ce:47:b0:1f:d0:
- 78:47:21:dc:21:d1:7d:f4:1a:da:48:55:fc:43:ce:28:ae:b9:
- 96:c0:72:2b:29:e4:61:b7:6b:9a:b2:92
------BEGIN CERTIFICATE-----
-MIICEjCCAZmgAwIBAgIQa52DCD2HzIgK3rzNO1zvTTAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNjAyWhcNMjIwNzE0
-MTMxNjAyWjAXMRUwEwYDVQQDDAx6YmFydGFrb3ZpY3MwdjAQBgcqhkjOPQIBBgUr
-gQQAIgNiAAQPaAvGjoE876fLcYTzhBLlnCgTFeGrvy+SPNtALOX3yWGU0iMIEHVT
-euw5PKGc03MOedtMFZR3EaQw4rxz+mYOF5Dio0wXgkGHwpSKwyhHQHZ2WccWRweL
-7N0ibDyvJiWjgaYwgaMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUNlCtSjpp2MAA9Dx8
-/7B94pS5fIowVQYDVR0jBE4wTIAU2zdHopAimnwj+TFi6Mle0WVGGdahHqQcMBox
-GDAWBgNVBAMMD1VTRVIgT3BlblZQTiBDQYIUFpM3siy07jymSvRE5W3KA5Sgaeww
-EwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMCA2cA
-MGQCMH4aAjmfLcjdW0ormi5hYKXiYJIp1H7yMlq+kHKJQhp0dHLD6DILY4JSZfov
-sxNPFgIwHqB551XRRVSXjaD7UM5HsB/QeEch3CHRffQa2khV/EPOKK65lsByKynk
-YbdrmrKS
------END CERTIFICATE-----
Data:
Version: 3 (0x2)
Serial Number:
- 34:13:80:3e:21:7f:3b:dd:0a:af:d5:cb:0d:17:4b:3c
- Signature Algorithm: ecdsa-with-SHA256
- Issuer: CN=USER OpenVPN CA
+ 2b:f6:cb:e6:ee:b9:5f:05:2f:9d:64:50:3f:0c:c3:37
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=Easy-RSA CA
Validity
- Not Before: Jul 30 13:16:17 2019 GMT
- Not After : Jul 14 13:16:17 2022 GMT
+ Not Before: Jan 27 16:56:14 2022 GMT
+ Not After : Jan 25 16:56:14 2032 GMT
Subject: CN=zfelleg
Subject Public Key Info:
- Public Key Algorithm: id-ecPublicKey
- Public-Key: (384 bit)
- pub:
- 04:83:a4:95:4c:f4:18:92:47:f1:fe:26:d4:2c:3a:
- a1:65:73:7b:ef:cd:26:ef:dc:d7:7a:dc:95:9a:8b:
- 66:3f:e9:c9:2e:f6:ac:0a:0e:a1:8f:bd:a5:00:42:
- 3a:30:03:9c:0a:5b:4a:c3:3c:bc:62:05:60:37:36:
- 99:e4:e7:27:2d:ae:a9:c1:a2:57:35:8e:d2:59:77:
- 29:16:64:50:94:16:ca:1a:19:31:1a:83:8c:41:07:
- 7f:7d:e7:fc:98:80:73
- ASN1 OID: secp384r1
- NIST CURVE: P-384
+ Public Key Algorithm: rsaEncryption
+ RSA Public-Key: (2048 bit)
+ Modulus:
+ 00:a9:54:33:8f:8b:4d:40:21:59:cf:42:77:2e:a3:
+ 58:dc:9b:6c:62:ab:d8:f7:7e:06:98:e0:d8:20:13:
+ 6f:14:01:d2:3a:9c:d6:a8:d5:9e:cd:1b:b7:53:e4:
+ a5:c0:aa:50:13:6a:9a:34:c6:8b:ce:b0:f2:68:ff:
+ e1:8d:ed:a3:91:27:c9:30:75:d3:8d:ee:be:df:c6:
+ 1f:df:ef:50:f1:21:d5:4d:ae:07:b7:b9:97:bc:ba:
+ 6a:65:22:03:00:86:7b:7f:b3:8b:c4:98:73:3d:e6:
+ 44:2f:27:31:6d:9c:7d:9d:da:d6:a4:65:68:bb:5b:
+ 06:fb:f3:9b:b6:69:f9:08:dd:61:6b:0e:04:48:e7:
+ d7:d9:8a:82:1f:44:74:a4:be:86:54:bb:c0:55:da:
+ c5:d6:d7:83:6d:26:09:4e:c6:87:cc:89:e1:e8:40:
+ 6d:3b:9f:c3:b2:8b:23:87:d2:8c:93:be:95:33:6a:
+ 35:dd:33:45:de:06:42:ee:18:19:5a:1d:52:46:54:
+ a4:f0:af:5b:f9:56:6d:be:3d:01:ea:96:fe:75:6b:
+ 44:95:f8:3b:8a:11:67:59:7b:c8:30:cd:05:40:5a:
+ f5:ce:5d:80:2a:aa:0b:f5:e1:24:d2:81:54:b7:7f:
+ 39:b0:1c:10:0e:6b:39:d3:06:3b:58:48:7a:a9:7e:
+ ea:4f
+ Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
- 40:51:B5:0A:53:CE:54:25:34:5C:DC:E5:70:74:B3:6F:D4:D3:01:84
+ E2:66:F5:04:A5:2A:61:D5:3B:DF:7A:50:2E:78:E9:C4:76:F1:D5:78
X509v3 Authority Key Identifier:
- keyid:DB:37:47:A2:90:22:9A:7C:23:F9:31:62:E8:C9:5E:D1:65:46:19:D6
- DirName:/CN=USER OpenVPN CA
- serial:16:93:37:B2:2C:B4:EE:3C:A6:4A:F4:44:E5:6D:CA:03:94:A0:69:EC
+ keyid:49:43:5B:52:F8:31:78:B5:84:74:7A:8D:27:D3:22:1F:A9:D4:C2:A5
+ DirName:/CN=Easy-RSA CA
+ serial:75:CF:31:3B:A5:F6:3B:97:4A:4D:BA:14:D1:58:CA:93:CB:F1:7F:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
- Signature Algorithm: ecdsa-with-SHA256
- 30:65:02:30:7e:24:b4:72:c8:67:13:4f:a0:ba:09:76:d0:33:
- 36:35:d4:d0:df:e7:a5:25:25:af:ce:36:67:42:22:bf:42:fb:
- ab:96:52:73:c1:b2:a0:58:3a:90:b1:8a:78:70:eb:c9:02:31:
- 00:d9:4a:41:83:7a:5d:1b:6c:e2:d0:2d:b7:c3:b9:b7:11:26:
- 90:fa:9c:cb:20:e6:c4:cf:06:65:8b:8e:6b:00:c7:ec:77:f0:
- 85:75:17:58:0b:ef:06:8b:13:0b:57:61:25
+ Signature Algorithm: sha256WithRSAEncryption
+ 21:ff:e7:b7:cf:17:01:19:6e:2c:43:1c:96:37:32:3b:49:ba:
+ 4f:97:59:fc:31:2a:97:88:54:5b:96:6b:cd:20:75:f8:91:29:
+ 69:93:a0:54:8f:bf:2a:9e:1f:7a:d5:25:ef:7e:16:04:72:0b:
+ ab:fc:26:fb:65:47:6a:dc:64:59:e5:51:1a:3b:bd:1c:21:93:
+ ba:39:dc:34:37:98:68:0b:7b:72:96:81:0f:63:ea:bc:ea:ed:
+ 19:9e:bb:b4:56:8e:c9:67:44:4f:d6:c8:60:2c:7f:37:c7:8e:
+ a7:37:c5:f1:67:99:57:2b:0e:1d:8d:27:8c:bf:e1:5b:b7:42:
+ 76:09:f0:e5:03:72:a3:93:91:03:62:8c:7d:f5:d9:f0:8e:ca:
+ 52:9e:00:8c:1a:90:72:30:ba:86:92:ff:f6:41:ca:17:7d:75:
+ 6f:3c:e0:4b:9a:26:d2:fe:79:23:cd:96:0e:c3:77:eb:d4:0c:
+ 44:e5:d4:1a:5d:73:2e:48:26:25:97:04:65:90:0b:1f:6f:f1:
+ 0c:f6:07:68:c5:38:cf:f4:74:b1:c3:06:ce:38:d2:98:b1:be:
+ 82:20:bf:41:6e:8e:74:a5:f7:e9:de:dd:ed:c8:99:db:1c:de:
+ c6:14:4d:8d:f1:85:52:d0:a7:44:3e:18:41:87:52:b9:e0:8c:
+ ee:1f:01:42
-----BEGIN CERTIFICATE-----
-MIICDjCCAZSgAwIBAgIQNBOAPiF/O90Kr9XLDRdLPDAKBggqhkjOPQQDAjAaMRgw
-FgYDVQQDDA9VU0VSIE9wZW5WUE4gQ0EwHhcNMTkwNzMwMTMxNjE3WhcNMjIwNzE0
-MTMxNjE3WjASMRAwDgYDVQQDDAd6ZmVsbGVnMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAEg6SVTPQYkkfx/ibULDqhZXN7780m79zXetyVmotmP+nJLvasCg6hj72lAEI6
-MAOcCltKwzy8YgVgNzaZ5OcnLa6pwaJXNY7SWXcpFmRQlBbKGhkxGoOMQQd/fef8
-mIBzo4GmMIGjMAkGA1UdEwQCMAAwHQYDVR0OBBYEFEBRtQpTzlQlNFzc5XB0s2/U
-0wGEMFUGA1UdIwROMEyAFNs3R6KQIpp8I/kxYujJXtFlRhnWoR6kHDAaMRgwFgYD
-VQQDDA9VU0VSIE9wZW5WUE4gQ0GCFBaTN7IstO48pkr0ROVtygOUoGnsMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNoADBlAjB+
-JLRyyGcTT6C6CXbQMzY11NDf56UlJa/ONmdCIr9C+6uWUnPBsqBYOpCxinhw68kC
-MQDZSkGDel0bbOLQLbfDubcRJpD6nMsg5sTPBmWLjmsAx+x38IV1F1gL7waLEwtX
-YSU=
+MIIDVTCCAj2gAwIBAgIQK/bL5u65XwUvnWRQPwzDNzANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMjAxMjcxNjU2MTRaFw0zMjAxMjUx
+NjU2MTRaMBIxEDAOBgNVBAMMB3pmZWxsZWcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCpVDOPi01AIVnPQncuo1jcm2xiq9j3fgaY4NggE28UAdI6nNao
+1Z7NG7dT5KXAqlATapo0xovOsPJo/+GN7aORJ8kwddON7r7fxh/f71DxIdVNrge3
+uZe8umplIgMAhnt/s4vEmHM95kQvJzFtnH2d2takZWi7Wwb785u2afkI3WFrDgRI
+59fZioIfRHSkvoZUu8BV2sXW14NtJglOxofMieHoQG07n8OyiyOH0oyTvpUzajXd
+M0XeBkLuGBlaHVJGVKTwr1v5Vm2+PQHqlv51a0SV+DuKEWdZe8gwzQVAWvXOXYAq
+qgv14STSgVS3fzmwHBAOaznTBjtYSHqpfupPAgMBAAGjgaIwgZ8wCQYDVR0TBAIw
+ADAdBgNVHQ4EFgQU4mb1BKUqYdU733pQLnjpxHbx1XgwUQYDVR0jBEowSIAUSUNb
+UvgxeLWEdHqNJ9MiH6nUwqWhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghR1
+zzE7pfY7l0pNuhTRWMqTy/F/pTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8E
+BAMCB4AwDQYJKoZIhvcNAQELBQADggEBACH/57fPFwEZbixDHJY3MjtJuk+XWfwx
+KpeIVFuWa80gdfiRKWmToFSPvyqeH3rVJe9+FgRyC6v8JvtlR2rcZFnlURo7vRwh
+k7o53DQ3mGgLe3KWgQ9j6rzq7Rmeu7RWjslnRE/WyGAsfzfHjqc3xfFnmVcrDh2N
+J4y/4Vu3QnYJ8OUDcqOTkQNijH312fCOylKeAIwakHIwuoaS//ZByhd9dW884Eua
+JtL+eSPNlg7Dd+vUDETl1Bpdcy5IJiWXBGWQCx9v8Qz2B2jFOM/0dLHDBs440pix
+voIgv0FujnSl9+ne3e3Imdsc3sYUTY3xhVLQp0Q+GEGHUrngjO4fAUI=
-----END CERTIFICATE-----
-# For use with Easy-RSA 3.1 and OpenSSL or LibreSSL
-
-RANDFILE = $ENV::EASYRSA_PKI/.rnd
+# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL
####################################################################
[ ca ]
private_key = $dir/private/ca.key # The private key
RANDFILE = $dir/.rand # private random number file
-x509_extensions = basic_exts # The extentions to add to the cert
+x509_extensions = basic_exts # The extensions to add to the cert
# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
# is designed for will. In return, we get the Issuer attached to CRLs.
# This allows to renew certificates which have not been revoked
unique_subject = no
-# A few difference way of specifying how similar the request should look
+# A few different ways of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_anything
default_keyfile = privkey.pem
default_md = $ENV::EASYRSA_DIGEST
distinguished_name = $ENV::EASYRSA_DN
-x509_extensions = easyrsa_ca # The extentions to add to the self signed cert
+x509_extensions = easyrsa_ca # The extensions to add to the self signed cert
# A placeholder to handle the $EXTRA_EXTS feature:
#%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAAawl07oNQMZCfcl3T
-oCd6VLq2esm4lDOpS6pk79zJuxrVrgWXWZ3DJdVPE939ZZyhZANiAASX1ImCDBut
-xEvdTBml9dg8Qp3SsA2ebKaoYpq//XiddvQCrVGflxJZvMGjoBc1di906rnTcks1
-lEDzfrUcr1HRtNN6aT1/HlGX/uNK7AHG6YnpjreUo3ISbmbFot6tJ+I=
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDNApwdLKPyn9zt
+4kQy4g8CLkdFoqUiMVqOyGjG32NrJTJi7tsWl91gIWGpy3dsmUXRWr+1TA4wpjOu
+EjdmOOxc5bl8Tw4UsBrBqFDjVgHOaA1j1JobM5Xw1Th6DdWzp3Mvo+1Uu05ACgkL
+7XM44L1lNi6SKblZ4Tvmv3RrjSr3YTG6EASY07Vzt3S8BtfAfDNLGNda6r+HfZU+
+utlarcdAjm9bkDiRVPK4MHGzrdQvyBlmg5koun4vAMLfzOaICOTvwuPlR4ttLXC0
+cd4zxUee5i73fd6Bb62kAES1eE89Q0PvXVoLVr6r2iItgPGZ/hPXoo5K+zEfjif9
+QHnhc/PXAgMBAAECggEAEzXEZSNytWBvdkb2dwIhv+WQPiEwchTH1ItI7iGukjKp
+FwYkt2hBkSlvmlZ7eUyfcy+auSVISxy3yP7h/A0ncMkB6XkK67tYtn7MHZFImAu9
+/XXFfvkFesyv/xfex3fQXk1xBriKa4vFLz3vxwugE6TRFlccjCSD1WppQU64EPf6
+ZFbnd3oDg3DTLB4sRP50LRRiOd0LGd5Rrfvfm9+4os5MB8O0zD/KuJtFLTCVPPZs
+v7xHq49y2aokUj4ZpYli1Cw8gMypL32ZIgWHtXaclZL2x5jMZNRj2r+suSArweCB
+KKJpG4VJNTTSvLDDsFvZF3Ax5NSofDW2xFNAb/kAGQKBgQD9/WHWoRYH6dP9g/Kl
+1aG0fuqMIfPZCRk/2ogDd2EcxJ2QfcMnJGmTYQtyDPu5UPw7uQi4VP0NBSzLMC4t
+gNQTPPBuZYWr+anDNmxJuy85Aitaay+iQHUvLE+l4MviueYv6CTE5XC7TFtFJ6c+
+psfXFQZZlnNUiBfVy+lMWMJSowKBgQDOof0EjoC7XBoiLg9CgHrRBho6yZtwxfN2
+xSO4V6JabE+hytgs0NGRw91ZAkrJZCAgns4RkN57lJa62T9uTGfJgSuOwoh4b7As
+Z0ZUxgb8OHMdJLsfS/4s9rAvE4AS4lDSHX/2KBdscguEiqTy+eauAwvfHuSaJeYA
+ZrL7irfhPQKBgCII6ClooJki3kNkgQlz3R1gvHFWw2Rb8cQ6tmswfhTqy+pmz9XY
+7UTQhkYcM0cb8RDXtLFuwhISlXQM2sNCNij1y4oflI/8/qCoFE61BJjxD3ooTtPB
+K3LMz0d9HhUdsBjPVM4FqNuQWdKkg6bDlpfdu2IZ5Q54xijiEDso0bFdAoGAKNIh
+nQvV7K2mUAhPZXDiUnblKaX4ek/w6A7MHrfZUAnDtY/QIxJhxG0wRkxIn/6Sxj75
+MMkw2rMhD+qpOE4J1uoYw8w0j65o3GzOnSK98IfqXeCKwwUNQq69YZ91lsV09/1x
+8Rw8fGUPV3DYY1PxOYFKkBqXSMih5oRjaYQfDXUCgYA7DrzT8VANm8LNJH0aStSf
+Pgcd4zZb9hPbBaV2QMlZulbvYA5/01Nhqbhjdg7aQ3sDVINWoxS2BN2Uab/NAkNP
+biOnv2AOmscJ9a4zyYQqtT3TrmuR/HdiBMd2+wIE708mifXLuDR6t4KH1gWZkAuO
+2Vkf/8W3elyje5X2/kdhMQ==
-----END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDVEmbLHw/XijB+525e
-66kG1MP6JphJr44lPXVQvIujmajoE+MTm78fNuiGTdATr9uhZANiAAQ0DfMO5gVp
-8yR97xkMzgS9JDTjjOUrfj9wOVWbLnP6xk5EQpVpghOFmGNaJdwcsjKclwG1+8Td
-WQWKq7bBshMDCuOL5+piwXEbTyB0nAvfRlZsA9WM2EwC6W5iOh+zDro=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDW2V2Xoel5TxZHAr05
-sZS3frZowpcmgSGHc5yQagP0O0qR6qZFC78bee0wsOy/fG2hZANiAASnlb9sjg80
-nMoUizNNgFWYHhDD6YR/ck3yYWhwWcdvbQLEIs9YgOc1GG7uEf4pAcPqeYWD5gxv
-xdh/n9VVJ3uoFxQtlOXEpJ+suDgCwEFaGopj5cNSJ2JXCxRrNsyOUT8=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDGOiNJILhTWN7SPHdY
-gpwEUN8RoQ0ZNV1vZGV8yKqoQbfc58QwZ7b1HLT95z79oeuhZANiAASG011uvj6R
-kNejLNJqKk+7zVJORlsbYPDLqlu0iHH0cQDkuMt0zridwf1caacoZiFDEUo1Bssc
-Vws3m/EveCrSHQFJZnEldHQOvpN1QGzLCoEOI3y3+Zvh0MTSHG3ayvI=
------END PRIVATE KEY-----
------BEGIN EC PRIVATE KEY-----
-MIGkAgEBBDA3vz1kTnTJw5rUdKXLe+731c2Q/jGtdnPZzYmi5D3MpQSzeH9DoOQx
-fWsPZKD3sXSgBwYFK4EEACKhZANiAAR/RWndZQ7I3I1p1tXTBdHE3CzdV+PQO0s5
-ZL4+oeempBEMOiJfRWA/bZQ97Bh0EzQb7ytjr1Xv9PQjZzUw7F6EQmnDMO2s9LBY
-UhiWi+GtObloJcVa/sSaNzaXN9/vv3o=
------END EC PRIVATE KEY-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpgIBAAKCAQEA19Rb9VgYF1QN2rfIZYwPtMMOhc0Vf4VoRISPxp0qFTdpqRIX
+ZuW09ItXQ4qH7ofRq8vWw/C+CV4juaYdTc+fI5O3hJ56KSFzH1kwtNk0nm6c5uud
+8LJM6umDuhAZR+795iwXfADFeRCn8Ibdqr755NzvjVXcdWiPyyU+2onvAw8xYM6C
+oQ2AiK05gPmAD2LLCgu2Fewis+1YrLbOjyRRNDcoTrVQ4RRrUj2v7dcQwzbmUKJ3
+wjiQ9NFTgkxsW8Woz6rcQ6Exd4uXMCPpsPR5uad3FTIku9sMELlST1DgImwxEWFd
+NllVR4J2bO+3iJQFlc3U/0B4z2VgLDhk6MiScQIDAQABAoIBAQDCVnnzAb63irzq
+2x87qJEf3579Bbw81eAcCgz39t5Eul+OmDawNVfp9mm97EgXlP5LpcCdL/G9t6GN
+cbDjNncB7umJJbWzwWXKrWG5BfdmTQ1EtJXDfJjb0SYGbKaG6gB+t+bxhjRJnaDK
+aHXCYDHdTL760Xwvz9XiQohE+XxYkDczGmMt5MuZ+TgILIvZ2EO7lieTr1GHQ3op
+xUCber0mH0Ya2mrf+MKLJv9OSoS6aRMmJLT37y6Yx6/eS6GdkvpBsd4NayayZM84
+D9aCPxUyFkSxnvLB7WzV3Yx4lYLUBlLmJAmZgK/KoJbhYFmniEJQWP2RfTbYcdtB
+VKVhPf6tAoGBAO802xqW/ds0YhmouNN70NtBRJdsmA9ELHKhbdcuMn4Zunb9ppL+
+EX9LCZZYpZpEMGyGRK2XhLWw5uiPXAlg/B4wL7NdqM1nVkRAwLfdEiwsI7PdVbFn
+sRYRocIhdqUoLWBsQfiR0mT+TMxg6nsbaP7iXY26r8Mxij6zrLg/tSkfAoGBAOb7
+XFdd0X/TpmdlmdG0htQTt0arNRHv9aUFv2oIkNrjAjh9P5CSpfhTxjdhZWvNivK5
+jnscBp9KSqTzUHOZKarg88imfSfmLqUVVU9ckZFOP8RYu6gXFgGgNunp5j2x+rpK
+78UQn95rhd7cK103AZ+RH0+iU8GzLe0VECIYZoJvAoGBAMuqvUMOfGY/W6dtOLEY
+IuQL1lL3ayDUcuPG/rbP5r3nOhRGM6XEHTG8uhUAtT97/57nU2JaN+xbCr/IEB0M
+Lp2leXfGrwr0iUbjuzLRT7+8dUmXknbSSrz3ljqsM1C7vKb0hdcWkYTb4JfDjOH0
+nJkoM2+RHEWd0I9CfDUESUMRAoGBAJhXQFf+8KW2GhIn2IOO5T4Kot5hHOdvtDva
+xpxQefljr5tCQCJCFmTqG9l6y0GGlxXvfCGGInf8r66LK4ySgADLzP2RkQo3rpwC
+rflhvEBxs2z0eRAr6b+4w38TXV9je1JTCkCW7lnr4KdT3uXj2ZY8SMJk9YjTfH7Z
+XYKfRTzRAoGBAMroEz2k/BCaccxRJIWYxCKiH7cK+Ool9qkuWz5H5TfFfx6ZDANy
+Cf/vToziF0mc+sG+9eY9dNhn2p63J4Qu/83XpIkFPqrZSwYEG4wkTO3PM9gQEdHQ
+zc5LMVSjvg4ayNtFc8jV/CLKP0hb+Bvyb3cwMC689qBOouaZiAMrXCfr
+-----END RSA PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDByGpeF+ILcYFWX4cH9
-SxRUvZUkSb1ejVW5jVjfr8UyyfDaAR35ZNCZ1JLgdSWC0g2hZANiAASCA5Gt53a3
-jVGGbczjFZFsrDHnbeFEDcMplXxe4eg3qgD2R3QY5yiQlRZsCOKf1yRVRiIcGZ8G
-S5uOlktdu8CtNVoGcxA2Mh2J5rGe82INj4VwckxISkfw+uv2e5x/qHo=
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDGczlfgf20DITI
+I+BEgPWfwc0P+LhL3cmwinS0Izc0ydmCldnwoZ5UOsQzGc1xlu5V8hBnNN7cCrIh
+BNnXWxUpfwhU2gy17Dm4eJIDBx02PcpUdeln/ru40jByaudcOR+Tu7RiQGzTxadP
+JHweDfnqFc0b8eVbhnuZA5kgsCovWCqqtg/mbh7cQ1cE3TLX7AEsHINSAgTCj81p
+2u0z4f9pZS4mZyOmgTUFfFLHSYppOCaeh/1TKpt7kNEauE78t24MJrhVslByTNXL
+i93e5tq0tAISHCSEvYGKTXi4b7zcWgPacERIEBO9ur7blOhrcb7QzwOZVv7FrWhR
+7v99JYD/AgMBAAECggEBAK61yF/mEFZP4yJUO1/z7MqOExupi473HlZ3PpFMo5Cs
+1/pYNPvdPYfICO04HR+QkhlGN9y0tjMgk3vwSlyHSpUyykHxidkrtBFMzLcvry8O
+rS84c5ljsR7gpVhF95PAkqU8Tm1lbKnwTACoDUFkao4ETYP5rUOrnOq0OT6G+Uyd
+lA00kqmumvuSEXSRrP5sfm8TVfruVZTqLJm2osW6LSCx3XqHIwWyNDABpENGmPxW
+Klxy7WLRjWOfS+RgA8GtYkKH5mSKMhabUXlbUgxHHs7qrIgowKovDZc16RV6KgLA
+8JpQrUT7UXocH3fpGB3KrJgriXv+q9vinUmrqoZ5f5ECgYEA61TkLzGSJVENdImi
+ha46btPiwSI0xD874bxwrAxjPq+CdlrKO01gGvjKfJg05v5lEiCF9aEtJ/z1OXlu
+Wiz5HWSFzQsSWMx5Qud10J+OciXY5Zq6gKptjXkXyGR1O0j1xa/WgjN0hSXYCH7S
+h7r+LYg2Q3//r6Acuya3p+gxfBcCgYEA1+EaPa173NFrwPz/K3BMCV9th2VJvypP
+VuEs/JRKOD/2SwjYR944P/08rV03hUpgU/Xbr7zkV2Yc1sqzFvtjqLvH1gy9Y/2Z
+7aRNFzFGY7ZzBbNyqBhFffQvbUnBMQ3O0BoLh0P4P21L/8fg7RbBcYvufM9YUASy
+yYCGq30iq1kCgYEA3oxccokFdYbOG6xhZtxaZB667PxFPGW0YojLYNkiLdDapsS7
+RROqVDd9fhCOzvg7asYZCS5QPuXInn7IrjyjpXk/06WpxxIvhubPEukhU6+ZC6Gk
+yDLkAYtHw3nFJ7iavEXKrTyt75DXWUleHX/oCfUro+/zRAo9wXse6Yn66icCgYBj
+cVjyInEVJg755lDwxJjyFFhS71CKU8YaYj2j1/dcc/JTXC6s5GuK5m9F+NOzfbBj
+3LQm/t88d1g/hT38Dy84Mc/7BQFVByQZ+P5d+Z/QHOJdNO1TC2MvgwU51ai9nPuw
+lt7Kn3/CT+mbWIp/DGVtlaT1L1oh+hgVhDQE2O7YeQKBgBZE22pasu2XGxCOhUt0
+OHatbUebuWO3CKv5hH8o+jFoDseZWtjM4PbvkrRv0AWLIYMxp7yUkZl3ZBHD4Fkk
+wpjnm4dLqmaxQ+wvnK4hhxul2hs7j5Hxmfo7bpF8v6MSHLTQEhOsVX0U9onI7IIn
+8XG+eKM27X28XAOAOXCo1b2q
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBcc3FEyoXLKwyy5rTO
-jo9SMOdGwdkwZFGBHDUYB65z/JrmvW6ArIv/XuYS3eCOg3mhZANiAARL1OFPp1se
-xH1AJxnevMx4a1qGE0jEwEAJTh3NtPCNFC5EfI4te3UnAMSbXHEdNf/2kQHiPyJN
-9FlF5IVhojC7f45/htt5etphAHI9YAs6e9OOQ9Uh+eXvAQJIDqoH4N8=
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDRrHDkiYjY39vO
+/h6FeRK+w/54XZAhN0yL94Mhi6/gF4MguTT39Kysw2tvlGCxw4KYVUoZYYk6YHWM
+mYZVB+C17mpiQSk55MDTFCJ4HkwC/5o2PNUXoijYaJzNzMwyDay1xMO0zsHXUK1l
+RFY/1poeEkwY2ffE2dDrX+7UuBxkQMvPYnI4M6vXxbyEr15d0t9RDmJItXHodMLe
+HFn7ra75npp7c8etGkOdkgNAXLCJCnnneqSp/tKiN/swuYSLr02u0Wg23N+c8+mE
+s9xBl8s06hiXn9hghuKP8Z5rbWn+eIf5W/VNv11+KcNzaB2aA1z3NP2J2XBZ5t/j
+ZFUhqSPRAgMBAAECggEBAMqSNJvH+Ou3E7GfODOx7pdZ2j/F/VrqB01u+0TspSX2
+8VwrM26f+DgNsX2it+zmvASa2jU9U4yP5uHI7cy3CLYcurFkzQS+6kDEQi0U8FEx
+S3c9PI9Rvu6d22jFhT6SkZsnmADWhNaWfn/JDx8sIcgN23FjHQsVec/95kuj+OIt
+LARLRmID+/Pu0KempNsL+4E+DXEsC5qARVAa/oZVoGmLLbYZXIie+LyXlph224lX
+2wVoOp7aCQ4BxlD7wVTq5mDEaGaFaYqZHzDRqzRX8V754caBNO8j7KsPPcsaZG4B
+ge7vMvIcEiF8IOB/JBw9IosH4xksaC+Ar6ynlMEnxDUCgYEA8DJQZgiXcg1L707/
+1zaRVRh85YHu5o4gCXexxHaEEhZUvUT8ZmehdFjajBrvp2yZsm6z8WUL2+sjn4gR
+yJA7+qr3FYMYvn7cl+hbDz2QHXRyG9sYWjhBPEvbrYpeC4pVEvrRNDuIG0L1T1ts
+JI/OtaIw9bYH42cVdSaiKvRZxPcCgYEA33gFnsoSvRakPHFitMHbyrhsKpgzWKt3
+HrpYyJiOkj7fHKHonSV8CeZeVV2QLbqkrwODAXewHFQRS8titFFXmWZGqqcxVJtj
+vTtCY7tsLBzXay56NZPN4EPV3JbX3+XBWKJF1c2clURm6iB3ev5B1terF8od89bC
+VMw/KTth03cCgYEA4eF/CCUmPsRQV7FEGWCglZTcx3xEbR7U8/JTA32sv9GuSPua
+HLdx9xckF0OxghI4C7vdjrJGz762Fm2Aw8sYDKhAikNpvqNQ0a5aC+AKKhj6wkVt
+BlMGzixMX0vTGykwzhN/L46YdYKnbMR903hFnTv0rO1NR8YGQNBfCuQVk4sCgYEA
+pnvra/5N8ZOBrgonKFVY4vF8nEshzciIiVr5NBD7/pZacCFrhE/d1h5LXzvCY18u
+u7hZDGnXyXMUI6yVj5MeOQmKUi8XQFo3903DyzthfofKMW7B21KPSaogFSRIFeU8
+o0TZ1ExHgKkiJwEjIn10HZQ1QhbxM61mv/gegiBcZEcCgYAVRURDfBPPfDRw6VrR
+WgeQX3I+N/dy6cFkBZLflpxdW9IgOAegEXRBYoTfyKXy6KHgGoJRePM1SDss2+mu
+ku8dBPBdOTIIoBhrRT0onwigoJaMerE9ipUglZnmu4ZtixH2w80VGXp4l08CUmgj
+VjgdFdDlKJ6ql29pDiiNvM27/A==
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAiHqPToF5VeW4qNuAu
-JwWSuOhHA5ZoB1jVj28Cxtnd2nbtrVwpIKlKOMiQy4WhyoKhZANiAATCdypXAXvZ
-C+DgaX4q3wW4kU5QUelSvaX6Aa1iCmkQgm+qhGQzcdmWypwFztkTmbDZ1U3ZGkOM
-QdXnCq6SbPZ/v3O2/72ku/zZDDYN4vR4JLvNrOkE1pylK87XDoWFEPE=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDG+BrupqZCuK4/
+/EXGhoEXgXTx4usUpiJeOkQzDNmkK2Ri9XdhwZdWQu6J0G1hp6FZZX2DDpd+Y7Sr
+95X9GMELLcPeZnqadc3vHw5WtcPIRXho8FGhMHWfPrAxAqfYc7XrHGyTasC7P/et
+J3YOhlX4I+XTcG4jn9yU8FBAmKmKB8fjy+kjypFNAUnbjRrKTPZSW7YCFWmzIGoz
+wGFSvNUdrPRqjsyp+zaPiyHbkfg6EdTNx9bHzUEXzZFJC0AhjROi7vpZ02BV+I67
+aysO969hp2uIwQNNc03jwOIXsSydeHgcnun4DCxkaLTBSkNH9IeRBvkA/XYAQQlY
+taK4r7cFAgMBAAECggEASv6tOBK8TB3MH/X4XtHHypJS//El5kyQW6/ekNdhGU35
+sosPClurrSnhOzTCZbKHUGi+nC1d0JfIO6FAeXthF9OSJju+LoYErwKnpusv9kap
+EfSy7+ySCQnZ4z87AIzsnsfB7Pap2mpL8ooTJ3pe4P6227Fe8jKJM+I4fYCNNqb5
+3pCvUQ7ajpnhVwzrmJ68JzQMAHNr1mOwjd5PZIJFt+Qr5JrkNfhbRmK7fdEGwD4d
+lW0vZcj0Dbi48ohVlv+8vY7T2Gmv+1CrPMZOIGdKM+FdSAWPSPwVno/6+OqEMP8g
+QKP5BvBsLUg+YmRqNOga0lCZ33aau67DKkq79zlzKQKBgQDqugIWvdb6G4p1HKJq
+IfLZ7cPFmZKQSKQESncNAXLZqPSE45U5XWsLiS+LemSGE+CAiiuOg54Iw0fbijuu
+w7x5ek5GB2oC8nDoEKUBMq28eWcSAVt4DjZdfTzMcHDavpdfxe9EkUYBVMwP8rDj
+4r/xV572rttqUZ2t65ZGFf6NkwKBgQDZAHk8e2b7b1nFtYEES81dua0RdndnqvO2
+yvl5w0qUuxxXpEEN+UFUg0JNOmRN96F24g+ZYcy/Vts+XXvkMuAWh0WixiK5DeD/
+7HExpYNl440B0Xy5Vp/s3sIAS49cgjcz/a6HwJcV4YgAyYNAKqtAiMFnKEe0ZcRY
+iMYBOsXIBwKBgEmgcPlLMPyg2OxlP/jEj1WWhBseUd/aOUBzTyaQNsNZgOGSNYOZ
+7vLeZEB+8rsvzvLi5Ei+tjqPbqHJmXD3Ss5b8+N5feJQw+O3HNrkV6TP++mk7Vka
+NCldGE4UUwH6WKcdAjFi1C+ktqGmAaBpxsVgM6ezL3YJBcnBJRD04zTrAoGAYZ5u
+66Bv4WhkMCbIlVAsYJ9oldR/PqmO3YpN1FLgOCw8QcjoYwrgMs6hgvBjsxdVEY/8
+iHmQi/rcwh933l5spHXSA7myYSE3OKn6+eSFSc6l3k2JGC853msPRua25VzGzKKw
+Yu1mijdc4U3Ft5X6WButNWTPbP3i6BkPSfpQgv0CgYEAkhDKG+xABN8XvLocvlg+
+vGofIprLK03A+rvegZAT9/JlmEqaEbdvBSiaCGQNHdy+k6xdAFnsrMzVIL1cDLKv
+u/ncsR/kdVZ5b/5uaJrtixkuYZVJdYEs5CabJc6aeRsHD5Slb1Z7/v8FB2wjQPRx
+lvV2jdeuwJ37WIetVS/tqkw=
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBlosRzur9E4uOwMzTj
-/x+I2VSe0jDyJr/CDV50ElawBO6bEvw4a5m2HjNW7HcAF4yhZANiAASDT1F78TDc
-diXbIf0Rijn8b0oP9TidjjwYw+K5mn7YJZ1p8UDyHPi9fJjpHYZ40NV7seaKy0Tp
-QmxhxNkyxRbwdnGQWA8T9MsBAmj6uz7LJEfihy3yxtlfuBbeR6q/AmU=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC02S7aKFZ3kk39
+OJamjcQKRHXc/4Hung2vm3vtXl8DvjNer1Th6LgOnINiJM6UDOXQipBBX3JPo7An
+nHMyUh+MndlS286RhdsOxnHw/kJvBhF2FjJFIvA3ctiH0vQVrXe14qdQgYBXhy+E
+9J2cWrZHYS5C9VlK+LHeL8O7SmlXYW3Sppy97pEt/I5oX2K4xm8NKXwsJheWikJF
+KZNJ6XE73xFUxRlHEb5IQl3f5zkNWQZ5p11o/f9j1NXypHezRsJ8nb8QV3PaA8CC
+TGxVNx5kaNCW854C+cVSc9wVV4EuDwGYKbzPoY76WOgFmDtMc2UG5fm+JZri6TO+
+hl8Wivz5AgMBAAECggEANUs/TFjQymHaC8JOWvyyBdiQ5zSApMH9BIAMcDH8TA0T
+9FY07HH5M40aBqUUH3sBioga5Ljs5d01/yZSqESdOYIW1h0iba4FlQAT+dHj3/Xo
+1WTLIaafJaf5eWVIOs8o1PfbGJVhLeoPrd2sSLROvRA9YswMqVRKjlCDHMFb87yq
+Cuwa/YEIxGYI0OLMPdDXMOwcXL2iy4oHm7rOjpwakB4nJypKDVRPCutC1uAN7sHn
+q9Z/NXRfe6SYqq62LWlSWm90u7ESEUem1BkUL8F+yd+xL86gA0eBGT1IIXdm1QPk
+CNjVxjqEM0BF55Qavjw2xZGb9Yf0YM+1sLCxyB5ZtQKBgQDs1Ig3nIVTj6VXTQDq
+yGgiqloRDwLPa6e5zG98z69dH25hlJjsiWVvZ0NVMEiLhhLr3UtMs96wunqqGKc9
+AOH/3v/hVaPH2px6EPP9ASV8YgSxMPHSVNc49pTkJ1xCuxeGovem19VrggWNznlW
++kGaHAPOE8i0QTa6usUPj2+RXwKBgQDDfKAjp4cxsj1TJJmPHUa69wpcbcvlTpjY
+RZUWoYiMOlWujbDAaQUS9jorSzm28TMCtwAm+iKRo/TNwvWs9MGhTuwfkQeblTtm
+C/hRGF8Cm/X7v4/84p6BzDs1FGov4D9MBjDRfXk1JHdWqjQHpFn+9fW6efgHdHSh
+R26C/MXYpwKBgHl4cP2FDGVVkgp69nN1ouPU2ClTt69HmlmT38L2iw2KZ4UpQF5i
+AmLnZgO1ph/Z/q53bH3E6/1dSDkiN/T0FPa2HCwpTr3dBNEfDOXBxsZLR/jSD9Y/
+qbwPzUJQZePcLi7iO3+ZyF9B6zNWqanQ5gDzSYhTYWgC4t1XmmdmvGSlAoGAXIfo
+ERhiQN66cll3qitUaHk42UlLYu4SIQTGriClzqJqHiaJTHopYbFVFVsVJYgD+jv/
+AXQS2tc9sAuhWE2+PYlq8QIoFLfNlt8BmfksN8L060XgdPYbyxqNx/Ey1hiSPX0M
+rIx0y/fH2SjVWeysgKeRucOz6GtyLUjvgWb+iy8CgYEA620weTdaFfnoGojrDrOM
+e2wl+ll86GX9OXRS2mkUSgg9AOYTl15ik94U8+QBA6W1QDT7k7rCDr/NDlUnmPO9
+l2hzCnYbrE4Cqs63N0sGb8dHdwzBDG2f4txrfUotL5wb9NqJeV1yg21WKV2bhiPo
+7XDtHqlGenpGP/D54L1amIk=
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDaUFU/AcO1aLWRrpXF
-pdIp3a8bUuIn0Sf/p2z+xd96uy8q/k4ldwJuAFpDqIWU7EehZANiAAQBFmGaKZsA
-NMbY0DGH5yz9en7gbvcmGmJ/1H2qjQ6DvcJRjMs0Kz0EQE8sb4uGm3/eonmkCgNM
-cHE0uvb40eiSGDLWeD1dKVxwoLaAfyHiYwlXwUb9m9l6KrgT8veDzDI=
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDSWNGlBTy97cp8
+8wuW0QHbxWFk7ZwuIw+dlMzc/4RLIM6dH/byILgbfIcaaveOX8+wOwv1iiyE+zVj
+P65PVM6PtTx27rRuPek5E0sPA2QyoS9PEseR214Jk5Iunn59vRwA+PISSOBXDYp6
+i9Robz4Zb4bYkZcRX9tSXlNLYpJW1uMCaG1Af85LKLXBnX2HXAq1M/WjoBqophwk
+qDOgNlnmPM6qkNF0aFlNatrDepB0RK+z5j+Chpq7pQN8eZLv+f3iCUa3LFff8B1L
+i6jjXSl7QEuwY+mbqvMmcJSBTSlEVZe2dTzjvsqkW4ueqQTR10Vyle3NYiCqDy8G
+ylkrH/4FAgMBAAECggEAIMHQNCCyqulDJV48Kcp2vaDpX+xY7B5tqh6oIKpyEbkU
+NAfsTxylTzJ/X6/UyYlGMK2hWSWhdTwhvkkGfjg4ysxwlBzsYFan4UmN4NKoYfIU
+Cf5kseQ1qsweccAg9rfiiow6Nnq+5Q+oxxjLhU/9nbxuhX92xS/mWddypUS+gWNB
+BsXOc8V3+pg84nMNQRvP8EgocGT7pPRW9VzufA0CLAayjzXLxnXvvyJR9Sey2BLx
+PcaHMM1BhOzVig9Psq1jJna5NAu+PkmqRPBbgD7WJ3n6WGvm8y++6exF3nOllxcY
+0mvcdw5XIVy1BItgHt5Im3r4r1M2UuAvJqP+WrWygQKBgQD7xUyiEwKyLOKAmOvo
+nBCYEb+EKv3aybF1AyAZIvUlifT9cBeZtEKkdMdrbYi57iHAxC0GWAgduWA4uN3D
+jxnwI2XzKk6+AtKhbYxP7/ADloaOzteeCQ7mGTtiwqU5LMgh4rLuTq3zj+26fWcq
+jVdpu5LyoJV7iOpSqP8vj3Pr8QKBgQDV4WIYshS4L1NQbq15uY2Kg/Kk7aMAQuNM
+IuOPmoO4Rci7Dp53gX8ZGjRWt5PTa1pVnABV0/IQZMl4kZ8TtKBL2sjb++kh0Hm5
+6HdvaQ75sFkr8Jd/hJh8lIcFbfM8oLDUdBMAs2V3a2wAWv01Q3xo8JAyJm5KYD2k
+dctwRnAXVQKBgQCFbLLG9YIpQIYsll324LYekNFIzqvHRboIg8Z/67m00h6GLOAk
+8ZWbp9ODCAI8Xol+qbges4phjjsC9F155J1fWLMPoa0nH0HWkMKaHlK45A2dItq7
+gptlr5t8JCEBYs0QwB4JEqM2/2CBwzFoKI1ZmDEw6Y8ub4mWkr7hyokpUQKBgQDB
+e8X5X0hdIvr0vVsTzidcUmd0ikG2H8xt+PXx2C8myYKArgXvSGfJNqp4dFQ3o1sy
+LREkk7rc18Bm4R2Ofw2v8XlZgLdzTpx/8OvzDpBskvroRBtZUYN82ASZhdDQXPH7
+EBKMxL2a3cPzQlzkDWwDpvRbWebWQ+Af4iwrIp2OjQKBgQCMnPfrcjiS7+Kc29jF
+6+karf1C2sL3zCoTi1pY6KXFAiO46rg6RFvfMwDEHSAI2mRv7l0jpgyFgWizJqYH
+85i30MxQUWzJu59CAEcqe9SSu1NrGdzx2wswOdhGjiBhh2Tt+uX1B8eFPqjp5+Fg
+df2uTy3RZuhKT/h0GrhFnliXrQ==
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDJrT8LYg3Z3J0bN6Zo
-Hu+9iFCXEwyBg21YcYlkT+Ugp2+VCgT27UByvVcOCBWffvGhZANiAATBZnE3u/W2
-LLCg1oyFLDEo0V7WI3Gut295ElB6tWzu66CpmxrV811y/c3xDSM/bkR7H8mKHvtR
-reK/yBIN0HoR3u7CbgavZ8dRE4zPdZ+pgELynFp4rylX37DB1tY7QmA=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6SB5/L5Pus4jP
+CgqCDUi97dg/XRPRIMA0uY9TOVLSfpFP5UwHc1QlpmrHg7j8kx22A3JZQUphuWgN
+TuKbtHRsh3yjYTAiP5tTIzHhtjfvDTLfbkAU4dgaDpOPbFUN3cmaolweRsEZzuTu
+iz6Tv85gMCnaLOfXqQZNhGDNOigYDdIRbgHpGgxr0Qm05l+VfcOj0/tEFVC3vm6J
+03XPV+MT9pk+6is4BVvUDcZlQpNjxudEWiwBGYhSx28S+iffXrZA6RU15CcP48cd
+N09fC3jLM6LmBjWzsdRKT1VIlbHgXI81h9kyBxtosOuLA2ecDhQMY8oix4aaNV+v
+hHX6O+dDAgMBAAECggEAOee5MygDACxm1pT0d0DR39hTZD72rgdUOA+GcgRbrnsR
+iJhqbdZ3zcxRXPuhQUIp9i5UGVKmYIJVye0/m88YcbQcFl1brQnAqrNCCjuuX2zm
+53VKDjO2DUOCsw6l0c2joaHeqLqtw+wAVfaK2TrCWDwghmV3HB66itYfkSwG0pLR
+BdhqK+DLGo9aWUqv9ktxBk87kEf00DLTlX3IdZOPreaNqVhJOjaVBEMd7RrgUZ/o
+UAkc1d18cxLxlGtQkO4oQxMujQ/NmSj9vOMBtT2aU6o3PdlitrcpmH362LlzpzT/
+iFB3b/rgQnNiSEvkR3CmodQAhKIlOXQiCWMPcJ6xAQKBgQDs+0unYAe/A1DX1CRB
+Lj84CjVmWquPEr2tg4s3umZ26rE8MKoWXswkCFaSuX97jFRANVQXS9+x1AZhPr2h
+74SIt3rzVGcnXxJ49zqiFK4+jHURx4/ad8b0dfJZh7KgVaBQ2iu0L+Jm/Vh1VO2A
+fU+6WkUWEiUHrvpVZf7JeI0iYwKBgQDJOzY1SQv7VV6BfV8H0mq8owQLF0+ntLCv
+Ogm9DzZrsMHtBB9gd08+ZR95b6KNwdS+4pJPOrNmZaETxLF6RbiV+N/2WSPLjcAU
+BLPCjKwmLGQNn+/wxXgqYIHvwaMgaYB+h2RkIryAlFDprJVRSc8c5OeiNoBKzI1H
+vgXW4lDNoQKBgQCYS4K6BL/VpIbevSmzbcoY9I6OwbRBFRUqnj/ox3Sz9W2DNe8I
+w1FD0sv4LRfdSTiXru3krtEKUizrb8ukdu3ggrGUEOjd535SmOdoZAv6jH9rtqkf
+CBym2+msWcWUvpJxg1PUz3UbJLMlbDfZfC6xnvOJFI4RmwSrvwl3Zm6k6wKBgBUA
+kQ/Op+l7Z3msVBbE50741Jszu6SNP0OKkymgRNXIhPTv0TaIPUUN2NMby6Nv73xc
+uVh7j+3H/Z/Kj5trW3CLoRRdCVddXAa61ugfNnhleavSXYCLm5cQq38SfqwLVtXd
+26R326Sv1iINWSg6w9sIKQTNG2azIquyMXnT9QsBAoGAEyW4Scj08YF2JUpBfCcQ
+d7IKFRmfrV6sC5CnRfiOhDWRQZ0ud60ObX27VFY18pRg9wlfYvsjfiObqgF6UqjZ
+IYGshZWEQf9micH8+uGuWVd4bRQG2RxcNtwsKncX3UNerxprxUJYPQm/5JrkoR12
+JhvAwPkmisVXMlZ3U+monYs=
-----END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBJtymPakZLlMwR+KYJ
-QWARrF1lWXrsteVeTa36Rx5Hj/VVVvDBIdnd6jJ8ZYtFkP6hZANiAAS6ZZRnCDSG
-xw+UAF/iOFueKV92eodDWzekRKs5cr43Dj/FulWLbL0i7XRUiKIc7PgkNz+zsuNW
-DuWBy+9IHeXqH2dRXyCLL6r+/o7UvpEolLbMBHSQcpAQoHxCouNMf0k=
------END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCHVXyxB2Mu+VF6/KPn
-CMn4rSmKCw0bg6ui1SzGZj+A8F334h0AnMFdygwAWFFwjI+hZANiAAQQ0KJoZupA
-NvOdE+K854eS1Mry5hOpC9CSt6Ak8OTOaQjk4sBm4CoqeQbj1DPoa5Sn+3Ga55qh
-+Ro7KD87DJlfLs8XmGAQFiLDH35hYpeFNgoK6SYOdsOIuI7kgHhStZw=
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDrBA21OGk6aQch
+HFlMB2wdMImTPZDT7wTL7EGUnjWRKBfkH8srCga5apHmy4lg5jwK+P+ubEjj16lS
+lV/lyIBcgrWRO17gI4KNUlMK6uiykrNLux0vWuQpqWksueGeExw8Ddn+/emnH/TC
+qzvrUpVBKlrUnumOQJdg++gSntbkcitDV96Fa9uUJ0XrQ7s9bhfG3BnS3M3IZ/zQ
+04+BTBqt3+YrQweVGK3gIcZa/c4Xr2NYl7eG20KVfzhGCH4mgSTift1TUaspQxmt
+X4uyuM8ZBg4VZ6RQeQD0+Cq45/20WZrvEPsQv1c+Juwel22th7lglGkklmk2miEA
+QpgGJNX5AgMBAAECggEBAONhmKGtYqJQ28T9WKhmxgO34mPDPUzQBSQIAat5Jvq6
+f+MHn9qUaM0cfu1+H/zQxWcYYsivnBZVok10mMQJqafYDzPk7XaO5NE2xYHapimg
+JjkvYJ1go0Br2Iadkd0PQFIaVMCRim9YS8fNRLv5us7B2/+7gN1RQSVklLTvWZrL
+wJwsnhACnzEpJIKLhnFyrjbF2XCWtrxBvdSTRzP6Z5frrg8IKPDV0qFdGYNS3Wl0
+YCt/80vcsIe39xxh31XdzXPNnLmWDXRqc8Nrx7Du2W8QlGMQMK6OOFF9J9wud04w
+NzZoCZDPt6kUjFouMU7xhnt/lAMzh3OhMYc+KrVlMMECgYEA/E5/4yDWAHCdFqeL
+mCzpGSL2FS3XcP20ZsAfGCAYAF8w9qONWKxQS44vL/Ffi2KClmw6pFi+XXnSJ0DE
+GKp1R//UwVWQBJR3W0t7FEJKOZcDqrdy/n6UspMVq9RlQKcdrGIxHRBVoO12dnSU
+r72PtbNUSp8mfU5lbs9rXMihDMsCgYEA7nTCCsfed4Ogk7so89sgB7XXGGKtvRg/
+uNuZ7wy0Fp2sQ1WfG0SEJ7N9r8w1anM2tasvJqQRaUHBGLCsONEA7rU1L4kEexCY
+799oQ+dUYVJLwcs8dw5slEcvEhKbmC4VeXkLyysChAXWCJBjNEqm/LZVkUzBNPAd
+zsX/ZzeB88sCgYAfHUckKV56u2iD7LGIWLF+ShNy1S5mXsMqkLLE9OBA23xcThsW
+PlnAl442KVwRAlr8Veh9b/w55tYFxTTpncvMzz3bgcO67NwzRAGvo+UnaPooyWrC
++7U2uHDJue2qpXFBWvKXlPYaXG5peUME0SmxzKWudiX2+f4ERkwFKzDBNQKBgEOY
+kZEgy22xwIlgWuGV0mSdJZZiEsIx545tohtjzIFEvRpxYSMHrzbZ6N021EWS14V0
+O2+GvvDJlQV8v7VzegIxGBybiMuiDtigyhvFrePQwmzzQfa1/g2iiDNlVvoyxh+j
+MrarQJFQXjYbSCQArYmh3mvMCFELaEe/VQFbeNk1AoGBAKkKwFtlFRD33jpX/fD3
+HSU1Orl1+TYA2qpFyf1S7fyrBFOGojsyaoLD1CqVTwLhr2OAexKNRcm9Adx/zXYX
+wVeb13aM7GoubwKYDV3zjLyhetYLLTg0jkgBCprKRD7zKTZgzAdkZcIGlMVVB+FL
+NXyvV71TyYb5UkoYgnDk1Jb3
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDC6hDj7GpCg6mhd+Ih0
-NNNHxi0brgmGC0T53l8asSES2Af/Ot8NgmKXCLncufiW/DyhZANiAAQWw8xMGZHm
-s1OJfXoerleJUhnX5cfQaHSmDZLpCeeBXhEC6oeJIOdXscpEts9fAVhzlIk6Cmf6
-n8jJFo3ncnWUjVLe8Q9HoxWDw81nyBSvsvVjCAwl1dUKuvubD9/gRbQ=
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC5amN44BvoL9xw
+9ElvbHtiBXZgTgFPkQctso5/4WFOwyQd2myuudXeANX3zzaPocucFUxX6HY2g4t7
+1N4EyQZAMsMxAfH1vJyXQk2CR3HMuAwskbvIaytiCfNaxV9A6EZ8n9jdIKO8NPln
+KK7t/M0+8GjOGwLU2tILdLYyETluU4Cn4bkGlq7vjt0OJgV6LEZ99rqvbz5Ei/r/
+QP0+MmSl9ydg94UoM+KjL1o3zRUC/yi1laQ97gGfhnYtAT205+If+74fai/oUGgq
+LYY67zjxRt/nXFOwYxOAtE24YHrucWe8yCGDZG9FBxmH80nCYwRZP22AIQ4vTsy1
+fDhHxHulAgMBAAECggEAUkCo6gl5N9Jrl0w3e4+DWKOVtPlFyZdLuPD6GC7SbQ9S
+aU/pYMWd44M5aFprGOKsoYwtNt4v+tT2PrPa3gKTnE0onAgB34KRcOR/3+hzyl5n
+QCpSRIGOWEqTw1PFgtTH2CdNHCOLn0Vc0m+Q0pCQOHiL9cqzwdtkzKI05RcRBCiT
+aMehWb4fBE9H1isI4K8I9o4EFCiEs3PdRDgIuokLn1cCRXWXqEpU9YYiSu0typkI
+iBowhKMyaAe0XXn/U+e8UsDlyWZoG1kaGwJNcimGkAESTZluItOO17Uhq5DbhxaV
+bQMZPdCNY9MLCei8aBARwe9hzXsTongM6C/JjAlsIQKBgQDkc7JTr4Slr3LCqpdw
+MgppsrK0b7R553yB4i9sBvjr0S5P6/Zm+7h7Z9ercPQpvzoenAICt2e5dHWcyZvu
+lphhVmEc6WoxuLXoCL6cD961qKJzTvlBlsa5tvJMLJ6pYZWuF+ajRumzeJBjkEpM
+iSkK+T95qYblc9NY2Hv4joYmGQKBgQDPxik7HWZMHXCyCmu7GoDbxHNUklY121oD
+ciudOKco5GZY/U3/OUbDIp/30TLH4vJi3/3fJ/l02E19Fpd3abF2HG0Fjg1vMCXK
+Gp1A7shoXGVkbT4m4ytl0GE2qbMfGZyqPze2q8OfgOjNyVh4OCynMafZBujnrFAy
+chsZV6K7bQKBgHM7TIrbsJvmKIu6gpKMGyZ/hZZv9ee7dNkK3wKtbad9JtAXZH1D
+oSVWFroaSn44P7eq13TJUB+Cd8SzCN1KxufqKyfrMK6NzeuRZZvQgXS979sbzaxg
+wjJw7jywEQO8/kQHOEXJgh4NxT8DTAbY9IPdfz/929YnG0boQ3f3ZAEZAoGAbjqy
+SyN4zy7bSAmRSA1yiaV6jkaoqB/8bFGY4+tXe7FYvyN7ysjHSuVGuwHoj/VOJLiz
+Bj498QiEa7WdnAOd24yPJmBLrk577fIatYU5G2zReesfCyCAOJ7JxGdZmUlMPWIW
+m7oaqbeJSwvj/LvIrNcCNnic/bQERA8XY2WD9y0CgYAaqBh90AJbHUUKnBu9YhiF
+Yo50N5W6iaP8LIYxBVReOo9T0AdSsZAne9g9kWvkWz7XOdJlpTmT9uBX6Hvd3GKf
+S/j2xQt9sct0/pLp7tVCMMudZflafo1yOa1w2Z+augMX94CZcW9FIAWZFpR9hg5Q
+J7FYKqXP64A1Ef1OVIUeLw==
-----END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCZCcP1YRtj97FZBxtE
-5Axn4mV2pTI/8RH0/SBivyOK4NsnVPQeiXI1XOBgXKRafIWhZANiAAQK6O35GvW2
-F9df/56cHh0RzxJ/ARHKorHgtbwwa1z/XtIGK1WpD1U6ru6mXnQN9kO2pB0XKw+H
-e8I5Rx3n++Rk0QBguxzr4ECCjXcJhdEcN8g+1WRRDx1xcQQ6IWyiVzY=
------END PRIVATE KEY-----
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDRegblz+ubP5d3
+5TGJzwpNY7R93zEEg2LrXLl1NdKxm2BjNjpwPuFf9CILfDLtx7tkREpam6Y6W7Wl
++KDDu8SkEFqZsQzRBa4IJRXdr7Yuz5brNSXXc+Oo1Ov8qV43cTWqGlhNV9+njCcL
+diiYCxeYdCU8VCFSXjjO4n/9UBdDPPxMuWsoU1mJ4rn47LYeFLT2ilE+0hsEd4+j
+fVfyFAt85XDKGld84bIaXq38r8nd1IFMGSy9tsNb+j35La0GvkmEAfZEyqO7KiNM
+surYZzYiysbGGd+x+jEbxEDcTscKZiJcJTYtWyIj9l29ybOV78CCotnY69IFTeUx
+H4oMBQ29AgMBAAECggEAA9RFOAI6/lWFQU3RQAGm4I9IB10DGmAEeOTzBu968IA0
+nNuq6c5cdFKUJL2aeLpD9KtC6LEbsslmYqhO2AUgrRcXcOPJpjCCY+e5pJnHrMdi
+rN4F2RBnQvjRb4bxD/Zj0r40iwVmMzveotkAGPdq8QB+hcHL8iOCylVdnZXPNw1n
+2kgDW7Fjl5uK6QTV+rLeHKIhLJnpib6plYX2LT9DYTxvSO2Dk1iEn1ORR57lLQie
+dD85fmnugt4Cb7KA/0YeaGlekL3sPHhzT70d74MzAmiprEDydOZ0vNOUHO9Vpkm3
+swG7JmXOeNuA0EUmbDjbdI1Ug34PWnD8/08z2UkzCQKBgQD429emRyh5rq52onJ9
+fmLArdxvOX3IrE4t7yPNQTpuHGqlc3mvBLIVY6/ICoHjbPAxxIMAYsIJL7xxU+ah
+TaHtmWcL1vBRXqPXn4yIcECw6L1wEiyJh+anzsh2ceOBz16yBWFCIgBrJwX9eG+E
+2gxi3zcr/UQMphSRWMMw1PMnewKBgQDXfOCQX/B57VbFJBnY/YmbfueexCK3R3N2
+LdKN2f+Ee3G1QDuwZ+zypmb4EcSYPu6tXjMTpQPqS8GUuLxtNoWP8X2lK4E3x6Zl
+R1eaQkxyFBXeadupiS/SG8R1Qe+iDW9Lbfc0jRK6sUxVNR6g+nB4QxevZEtGwrrx
+fAERvQr+JwKBgGo9ICECO8tGwYAv9YSRkgMDthldh89Fj9KYRsZ3VERxqS2c0JPh
+A02SUxapNa4rcZctd2eQwZk+YcpXsRunkrtmQ9GQHuP97SA+IraUhWmA0m6ns4+7
+DsMQyg+WqzNdneWN2mlrLpaQAESnR6SFmcgT1u/WnVhxBlLOe/W601tFAoGAKAj7
+b9djRkPiKx5Z7war2kfpoIWwLX0I5pv80n3+Cw8kQRh9/nhQfYSM/OnQLLkEfxFR
+TAUMhSst/AOWfnPyvJuRTG6Yw1REheyLSg2nRkqVBY2FUio6yD6AcYiejO0SEGGN
+3CWZpTXriKkl16Kv4qgUbnGjyrHDKbpwOGt272ECgYEA8blqgKwA5MMA4GGPyN4h
+Y7OzvbBU63EbEjszV+oeADjVqLyucGuWSSJxAdbEtmJM9zwzUYAxswXwr/LgEIEL
+j1LmrQ7ASXzaOosZnu3SxM003jarqcDWhQxoH6MuZE0/tuWwaEpws/nRyQhV/INB
+WmlVEtGP9Ny/1daWt4tVk/w=
+-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDlaHtUEb8WUjje5qw7
-TWC4QX2Cpc2Cp9yZfsw2l18Iz5G/fwCCzsYbfOstnZyIiJahZANiAATU3vBK9KCK
-vVKXh8D1KId9e0zzPRO+a/ZhI/iR/SpZ2zgu7NZdIcK54Iw4Nsm7LPmH88VTKNGU
-A9MkwPqVsxlKQpWUIhFPguq/FkJCkPGe6WhILrnbcb5ISusGYWNzdxg=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC341fkbUEvcYg4
+NVz7VG113NT8OJWB7ZgTahuq20H7LYv/HUmcCJ61SqB8SJaHHY3q34WtWiOgfJrs
+l5xzIAYrAgZnK4b7lH/o/z7iPPQ9E0DybTwVXXKifbDCCheio4NmUukKBLLxtx2G
+k/kRgr0mWrU5nWHSNHglJMb958g7yLuNmPrPX7jkqJMtaHBRuSzQfDGUSgC5LdQp
+KrIYVCd3L+A8p/QKFsecqaCxulRDolIUWHF0Y/ab5l6JCYylHK5BggGNLJStocBH
+xxqLeQbGPmab2TdkcHvWw/ECgZ9MQl3awJXKluR/QXVy8zXr4qGXeD0HbZAn0EGx
+dBruHQx/AgMBAAECggEALrcBmBUtTykvauAbm/mpyRxtuxmA2b4LOTtmhfQngfDj
+NM8y6QHDl9i6hnhGTVLzv6xDIHPawyWEkgA+DX0gNALSr5j+NKFYEU/uoLjNb0qZ
+4Dxh3CeePKtjoRfBQ174vaDodNQWxZM4W/zxdEJbXQgEK/vQYv9TWlRKfSxJ0O3S
+KXLsktKS7GUjJZK/qWZCzi5/WesHpFnxHhoZEUqhWaaeo8LnulU7xlD47R2UYWkR
+09YKVjQ5vlcVitIcquBLHT2ranO/+Bdktt7XVwxnKMrPqZojMlLw72BneAC4HStb
+CcwzekyTQSMe9/R/pEg+sYIVpiroYD9sQL5Yuq4NKQKBgQDq6M56o+MFx8uSaMsp
+4q6mAcnIXOMSJ+vcXUyW0b2eYAQNss5LROfK5C2TVNtPobXdJwa/VtO6HZKKBUWM
+ah72jyoGzHg8x0OWxZ8MIqEV0AbSQEUq0ZqKmaH0AZwLKE3nGuPKnupVwEu3a7LW
+8/7/1p8lSQhuLWogD0eP+3vTNQKBgQDIZdrAyPQZvBGNBQrrfvzOyt0ScQq+DKDN
+P9zzYjVg0M9Ii7PPh72N+NqJK9/fHU/A021ulDqjIw5wTw+dMR6++g/ipA5NuSP7
+MOJaL4ZOJ49i9nOT1O+xk3co9UT4sBJp6GvliIPsxsPr5QgxMkpE3m94dO8UnR0x
+oz256BXDYwKBgGcrThvgxIEyaX7o1WmU7B1upZ+A5B2COP10YIHQphXbl4wonp/C
+KIccRcPyPcuwev4g+L6qNJ0GBejmPdBYfzbMU6nevWP8I/wg2SRsRREeZxCKN5aB
+rfz3UoCnAFCKKAS685Z2yvZUWSy6eTYcvT7BlO28MJ6rBXQFIenjilONAoGBAJTY
+wqDLIjQzMr4R7sh4bAKVP5tBB3+eFZoeQ1krqwYcUrpJueb9pdfb7UZRplkshl5t
+LC0kQGGH2mOk9a4GHBYx2ra2sEEesREUgCwIfLN0QtZ4w+QcF2VIaQutEeu9rA+q
+KOo2efbWtBN07J7OAcghh55rDGG9ST/jRifdsLyNAoGAeW1zjD6MFFEYy2rBHyM6
+yswunGISx/Kdy7Rv+1aUSGyfIZ49tn/7dXv1kNBbLElleTxDS2TMWdoIF3soU5BO
+/kthQ8jKa6LvCDVXXvo89kJavdYgcofPCfoA83UxQyPt3D+7gYeVrvZoDEkJtg6w
+oOQXLabZ7qUNkLFcZF0kKXA=
-----END PRIVATE KEY-----
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDE/ZTpYqV9dJKa
+ItZ7Nf+VJujTvx7ulr663iwxWgInbaxCtDrgIolj46O1aItv+A6pH6nlYtG0OWxz
+YYmhDtuOYiEGC9VPZBA5TJH1BcplCYLnxlJhf+3elbyPI6MBd8MqHHX/uVVmoq7/
+Jw1KcIy2Tfi8Zf3/qGDh6t9k6UY0cew7Bcvs56C8OWwEFvkMLMJLT6qAa9c3aOnE
+8pERWzMDjoVnQHyXNoSUFSE9KumHgWUh+icHyhsL3/rrNGLVUvy2ABpUvG0KUnBe
+FTjszt1iDMbCEHyypYsYEIH0tZo4xMwA+t4Lyou8gt8vnoQ7ah4TYcFyKM0NcR2X
+NgQtyFDhAgMBAAECggEAZSp55FXl+YT5mTEVB1fW90lxPvWjNBK0xxE8jufTvV4E
+nokix2LVPjh1JcAYBBvXo6GARi621aC8ApFv9gfEV94raYiANvKDpnmdZ8FejP8S
+fGeMfUgO6EXr/XLmzuUrlJ/jNb5/jmM0DhOHLtiYWzO170NN65MUllFiAtgOVvXX
+8N/scDs85X9wTYoDZ38UQXdGMWpbvdgaGsWUSUrag87MvJa3zLCVbrRfOxTSIpCf
+l+U1L22x/6l2pRhiG/1k8JTl4Ns3kclTs2otZXiBOQLymayNx16g0Qwbo6/rmlYH
+opLM0D+zfu8N8L60IDFgGoTUE3wvn3JOTtcjXb+2wQKBgQDpYIz6CNP7+Dugh9ao
+DrYWR9njP4NMLfqqVXaHf6qYVRAaM6iyE+SXs5QBdiLKhClKq9+XZ65muvH2RuSV
+V5DqL733ZJhr86bWz9SPLOSir01PWsmwjBm3D4quGsuvH/tJAt0kNzRktHsPr00W
+qW91DRZNp+9Jt2zUCAG7Kq8+yQKBgQDYFhEvDL/Oxr4E1AgGEsPDGBGVzvD6JVa6
+4GZvfBwzw/S6aqSLKnhAcYhAZ4VesFMuVQ57W5nACNPdqejeAFgapeLMLTeeBLxe
+H4vMSrZvDCJPq/tPhkQ1FxTdDHHYdbbWvUNIN5Gov9QsY5WzpXwu2wI5Mop6yCmm
+jQ5QUo0VWQKBgQCUQjQNO8J/1gj7SJCDnyTqLqcrCNQ+dw9BWp28IsybjZ53Js5K
+ovybqwehjg04HpGk0F9w7fsLZEQGsq7QeRqky8OhAJUcL2OUH9/nPRvahgdVHFX5
+BGfptcPiKz+ud2DJ1znpofB08XskUbdlaCpYcAH1P3RynkZSxOtkng9KkQKBgC1S
+o5QMxoZmZSC6IFy1vt3CxJ15ZE3zWvejbZjgnUG2TjRzfcO6yrIpnfx0OiMcNLY5
+HOp+0gbXUyjhJHi79b7RIHrW2R2JvMC5OSdGXHF6SBAR8IpDjTbdeoDKxW4zcoAj
+/mK9VQ3h/my5DoM5qIxjX1oD4cvTA/ltCJ2MUw8xAoGBAMTxTljV/UcPki5qZX7F
+OoZu450hmuxZ3D/eaQPQHiUJXkK3hNRoNjs1tk4mZR5g1piczvPGOwbXblY0YXaJ
+58PQE0eUjAQ5XrWofBAQ0FPeUA6/F4GABNbrI+B8BfuHBDsK0x41OhvS2JcQ0N+Y
+Zp2QP2kMgaSuFw60va9ST1DS
+-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBJVj3xLzZDW0wggPR3
-JPZUDXSKsfeXT+1IyjY7IKpB0Ku+jIOzCt1ma3S4iUK/F4ChZANiAARKw6UwPjUw
-mTRoSEgIBZbJtEDM5QmB40cHhFljWfjFkn81umgbFNLz2jkUl+MRCdhPNGGdsnXW
-c6vZ6+0O6OV7KMadBLHtR5cr02IBs4PnbMjHEYLzyMCXJ1KNVNpCmPs=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC5g4Aw2CFjxfGF
+rw0qr7bIUANubBxVKLKdWR1CC/lC6jjWPRsvnsLEkdgOVigDX6ipv2rXnyJ4uMv1
+ftrAu1a3JaGErxlwwyf8M4IBcXYlo2671qNxG0pIUT1qxjYoBYgBPGpFtaNG8Yu/
+SVKAxjD9o0w2IvC1Iv4FDY+NFAtnPZVPVtOIpqOnVlKGrXupA+g5UBh9edCcxyRL
+AnVglWAPkqVEenxr7HcprG+pf33uBpw21Yz+NPXAUmxOJslM5hcCQYn3XoNR6yxZ
+weCWbXtXf/fW31lZWsIjW3z2+UHs+lpsp0EsXsahUD/CTKnuYNEQr+OZwy3F3M2s
+7o7GkhYzAgMBAAECggEBAImf17rkrCijkWDWk5MGVjhWu6TwiThX/+IhWUZFMb8F
+mfK91GxIgD9p3voLypVuIucDPZUG1oDuv0i5ujlfAZ7PSPrxF5ODBCfiYmEFtluH
+2j95pTjkwP/TXRfYQhcAu3wHQOPEM4QO79iR4aXs4i1YNtK2qxIGCqLfA47qvubw
+EEgrqx+4vfCehT4o5FDoCzyFlZX0wah3KKUBw2anCf8bdSuiWkRT4jpGeST4R2Yc
+V45iNHgzv3Y3renxuAKUH4ZD0BE9cVLu5L6HCl54N00INOGO/dzZfg2PI7rxjieC
+xKeU5xHsPS37ZrmeT5qcexQCZHph+Y+lGBuIhbRWzPkCgYEA9OFUKTBz465ZJHng
+8KzK8cj3BACIIGHAmAMRQTpYpw3fVN5VX/Z66G2h2rxTNWuiCcmUnITbT4NRcs44
+AnekUnSEG2L7cyp92oGeTrqXAbhDdZwYXHN05mQPabsh3pSirVyx8KyVltU2JaIa
+GiwLE4Dmu8DJ1FfSZb8igMZDND8CgYEAwfANECZLDpFbjDPuVCQ+P5apAjrfJUT3
+uacB5fND+EJuZ2XeUA0XrHkNAx0iMVbizqNvq7tPIXyGdTaI1+xNkSvqwUnrqUVR
+V0VO6lNpo8v8DhYBEus9jKT4EEuSrc73wToi/nA24YJ6RtWeJMghuDr/0vWe79lz
+tewj8wQ/0Q0CgYAOKkajB1F81yYC7SXs5iHrMJPRYHJ/ZQguAudpnYVpTG0hzKal
+oW1kqorVS1WI3owGAuocz7ab992rRXCJ+/++YU0PBH/FHq0fCaZtqW94wv7r+7aR
+CoC1nw4hMJj59iEe5CDK6kDQ885pCOJ3pxqQ60DtlW5XYSkjh5XoWw+iIwKBgBtU
+zUJ9Yw6GhbRYjTnmca9ceC0MRu5lrdPIKYhSpD2UfyKrRI1biv6PgLnznSH+8K/W
+cKJvH1PEzN4v9VEYyEWxPsBGvqN4VWJLLjfv0W94C+mgSD52UJJFnYAOZnmANYJR
+wyTAg7t8O+dHq6XbXoUsK2l7nA6JQrlcsiRJcQTxAoGACpeisPQfNaqQIOmMvRVy
+EX8WIyYqOEzmqlCogodUHQEfQtbC31BkU1NrnH0HOXJTPa8Yvq40Phty1ahXVpCk
+/5+VPjzAj6SKD5whq5oZe/3wAL0NHCcPqnyU+5/mTJpwTKM/1L36T+vYBRMzpk5u
+dHr9d4JiY4L4RET03fg9E3w=
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCsxtcmrcd9xqynDZ3a
-foxPCtPVy9dGZ9GYZY0umi1aXddSZmTQLis9HcQZsg6fqpuhZANiAATqxKvhJEKR
-Bhdz1tmHFymoBXO+WlQ4PsndeFXK4ifmRBoiWzoVaGG/rs4FpcmY96P/DrnbjvwV
-rHZByG7ehTjLH7GYQd9OGGIkBJVaFmsL/RPjJot205pUbJsZPFXe0C4=
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDzT5znun82Tx2s
+esfQbFn0wugHo9LxunvndZaRRwKsU9VAG0MlrbkVteWwwJBCdEelkrD1HPsCqQ69
+nbJthZUqK5VRm04UIkW8qyPfduMa9rcnovDlSYgE3Mt9oE4rjVaXWelO3PefQS4W
+73VZ2+mcWT7lPwWnqg0BvNv4A+Gx1ktwGBteEAWmKJlZ5aU4F6mSlbp0hM8g1OTk
+Jk+CbTuqUdQuTsiZYzq73e5d6RyrS1Sj30hUwH4ghaFPCpM+lJCQkvPcc5QWPZlu
+V4KYh4z4FQweNW9IR+0VP+QGmATxryc9ryUQqkZ5TgDO1L9wHy9gS6F3vmj/Nkpf
+YP8uz+/VAgMBAAECggEBAKuDdYHMb5xjDPHm4y/DEW5+bn3kN/D6mhlBRNBIFFRS
+DENSdHT9DzmErdN5Crgtq8vFqkQ/F5p6fc+geITH46yEaI/MQK/ksPAcW/9MmS8K
+t3WTYOjgeqei1TdLZ48/5MhwMwzKqytyEQFN75VWdkkmiDWlxWC5eM2+yfj9E339
+x/Ed7UyNGTeL6gdFdDUXwNmPBYWhO/0YFeWlMLS9I0wF1NL9GaoHNdmeGh6usjKk
+zDFM+PmrRC5kZJH3Un3Qd0fD2hUvwppAtw5/+IAwg98TOVKdh0ZCCWgERV0YvTkC
+Bzlos3JDv0PH2kJbv0xkzjSsfcbd15GkCxMwpIDh2EECgYEA/GOVoh5MU1RlU5lS
+eSuo/w96ceuZybE0FUku2UdRf0j6nyOIknsgbypDpQop1DGSZNgc7msBMbaUObTt
+OoDmPCUQF3GEDQj0swwgMjLgA5UYL38T7eVGYIO7nR1uuNfKpZqga8xHy9JoQt7t
+8LuX5G+EdULi2Z04rD96XuTiNa0CgYEA9srHWbomGfYli59OsdvB1MkVaiJSLnC5
+liG82rq/v74yVIu2D2wRY5jZ3piZhPUlMCzLCd66zLtJfCLl9rU4NDZXToUO+0Pt
+KTHYaDaGaPjR+CyWDVGIS3fZ0/msjFw3P6/NlfPDJTIUSghiIHvffFx/kI2Wjnzp
+rQYoQn+OV8kCgYEAz9zYhM99Pvf4B7TztrXdlktSJfbLDtCxu4ItYmeZWEJrnpsu
+RK3BVayyT3+iWY+GKSXQFg/syNu9EhXPd2pntEs2CIjGH9IrbjbjYVSDKJAnfh6j
+9D7rClwULV7rLLMUw/Uof/+bdeNRWRmvT5/AhjPOHKE8ocsZvMr+5p6NK3UCgYAR
+Y9SMRAuvRKL8pasb6UpNPiYeJnD4CMVrCNGP8BzW3AYb4wRfLdRD2l9vyfz3W3bV
+YDKmbWVoS8Iv1x2xNq/RLgsU41dc6Tpq7rI7Fax+9RmGjU29foNGHhnhT/SSp2TV
+PgQUjuqvUkoPtWuEsnXbA4GRpAh53d9xa7+mf+p90QKBgQD5TYbSS6oXC75uTcvZ
+5oWrzZDI+1j+hScwT7piX8DDaUbB/KPenl7jKQvFkWCQ2PIhNnMzWF57NCzt//9E
+yq9wkTbBETXWeSI6AxPpwhMnhCCgAnfP0Qc96ndiB2/3n7iMB5DDjkeA74WPhwlE
+3C1HC5XSNxNAY9STdR4TVu6seA==
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAxKh8kZwIH7ORp/VMB
-sKaPF30JqoD2BfBnnsKIMk9tVLvGYQuBZPfOhIEejfuiT1mhZANiAAS5H+qD4Grj
-Sd2o9QYXM0xEc6xGATPriKMS1gqqO+5v03VpGfaCEp0jFzq5/mZhJkxG29L5Wvyo
-glgiqLf8y/3MPfHoyRk58fPQ+3Own3dTnP81tbXGje7rZgvRcNW7pGY=
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDRR/8gjzSI3VDt
+1dFV2BKi/2HlDXEpAEk10BxK79QBScWEOqO5FK7M0VBTTH1oOFUUiONCDnaMF6f9
+izupnCY3/NFPiavqueEeC1iL6r2Ajd+gDh2/GYWBlIfm0A4xd+Mpfu8Wb34BCes5
+PdoRomJyp4tb9lx18ySpZhXC+nq4nDWjgruEQcw5/szy0GU7E7l7GgWbb4x3oaUs
+WReG5ddYI8UDPq11OGm687RBO4ruoIyBYOATUe3LkNSM0l7V+dSzuX7mcU1Kv1Dx
+1mNq98BEjUhGnVM26Ma6+p0IWyLF92r5sc+adr3+4IgBgkzIocA+aPwG498H7JdI
+H9LFzRGBAgMBAAECggEBALYk8lCVMsT30irdkI8lOrswiDRBqb5kqFM0qJsz9pGU
+clruanZ4INbUShPlm7QsaygvJ5PjYJv3LteF6cxpwf2yhT2zdbQaSWrLtyo3iO0t
+DXeRMaSUAtVPv6RMaj31uPjxqAcfzEv9JQOx6Gy2pvZhCfJlDf3+O2dQGRqUxGCM
+x2S9pYdLsvTD7QRwskf9IhDK8YHRNDsjd5JM5OilesBTWiOsLyt9yLc7rfenRUZv
++vCU4h6X6Mj/dTSaw3rPYvWIntbSvASlwOJfiupvJWM/K2uchqOi8HTLKcnmOZf+
+iF7AWJxM6EyV5ElRXvD4qmDHIbz6E+IvceRMUNUZAAECgYEA/4dPG8aDTbExiECK
+NNTu1bTdJIKDt/p/KgNPclXsOufnveNziRjjw7E1JGHNB09OJkr/iWXUJbni9N7m
+8NWNCojO2SWiP+Wgf1PABI8f8V5sr6n6reatanEyp/SzYQ+9pBH7igyksvCEL54v
+apNRrw42DzCXdEryw9z1tVA4ZAECgYEA0arYFjlsWdQBhBXhkf/4JsvdrNacJ/L0
+ZL0PO2qeg194gzwvJLQGZGPEHOqGfX4qrWj3kCMvJI+5OAmV/iUt2CcxfKO/+QtC
+cF4ZCimwl2tHi72lXnL8TlOl06c3hOV0OX/98QMclZSzCyejJg8FhZK77/Jond24
+UiNt6sXOrYECgYBLbxNwfKr4fY3EzmC+dfnHxuvdwlXGM0HlEjMa6rihLyLfkMzj
+tSBP/flVMzYGqWfFsDA9zHzTYkvYxBDjGffYG0kNG6oJOO2niP7PmbzxUVG+jex9
+9/JL0P0GThvCVJZEYDakq1TXql8re4Q97x2XExfsZgjgANwn7AvxKaxsAQJ/YXYI
+/Eu1Egx6p+uD71oM//vED5OzAt7su+cmLXhiNq8qVdakE2ubjQ7TGp3p5mu/atxg
+N6AjSduFPYc3MewWY2PUnRuBIUManyEegpree4RivZJqTH0my0IW00vngt8mJ5RX
+drD7mIyGrai/LfHNn0mWEvObrcZi58uQTJGmgQKBgQD+nxQL7NxySUz2ibT9AYaR
+DSli8zxE8tCP52B42DoDXQzlZpriDE8FbtoYK3MiFlpFPTYoHSf57A5NTngLgmQ4
+n2+HNn+MJUB3fyvitAobEXZS98nLLixtk/wlYyqoKGCgoRDLpWjR+XALhsdQ3HJm
+18AbgRl2U6ov3eAvNyV6IA==
-----END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCboZiI4T9fQqhuUhZ1
-lsZw4yXdJ5COxryQGbWBWZanAdbF2JG/wNgYVcYHmU+IpEyhZANiAAQY5nQlpAlq
-g5+8ceiOwURzbGAXOimkEUCUna2q9DcDzIOnKFtYyAtAv+zIg25B21YkN1Z/uiVX
-CXaCJ0WT6WUlqlXxy0jYi9Jl3I5Rcehg0S6INPTR88KBOjaanAh/rMc=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA3FfCdgRHmr7R09vcV
-oMIHICl1w6SEHkvJWvu/kgBvfUTDa+8xO6TcfLj3bcN7SUKhZANiAARqUke0gm+I
-BznSVTdb3ug3/RLILirFtJtUzyt8c92ciTfXqQlQEbuujo0/59DJfon1fykoLdZJ
-W2m5R9qChx6p6HqY4v4rtrDC/aoYr8PVsMNRi3eOTWhgR0EoTTCBTXw=
------END PRIVATE KEY-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDA0fa139CTqeLKWJaqU
-GKH5EIpDoFGwek9AW9Td5BTuYxpTREQwi3vMbEZ4sULZI2ehZANiAAQPaAvGjoE8
-76fLcYTzhBLlnCgTFeGrvy+SPNtALOX3yWGU0iMIEHVTeuw5PKGc03MOedtMFZR3
-EaQw4rxz+mYOF5Dio0wXgkGHwpSKwyhHQHZ2WccWRweL7N0ibDyvJiU=
------END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
-MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDrR6bejMZ+YEKPLqFW
-EcqqktxOsksvQB6WL0olu99MczjNpHbWRJdzF0b1CxYYTKChZANiAASDpJVM9BiS
-R/H+JtQsOqFlc3vvzSbv3Nd63JWai2Y/6cku9qwKDqGPvaUAQjowA5wKW0rDPLxi
-BWA3Npnk5yctrqnBolc1jtJZdykWZFCUFsoaGTEag4xBB3995/yYgHM=
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCpVDOPi01AIVnP
+Qncuo1jcm2xiq9j3fgaY4NggE28UAdI6nNao1Z7NG7dT5KXAqlATapo0xovOsPJo
+/+GN7aORJ8kwddON7r7fxh/f71DxIdVNrge3uZe8umplIgMAhnt/s4vEmHM95kQv
+JzFtnH2d2takZWi7Wwb785u2afkI3WFrDgRI59fZioIfRHSkvoZUu8BV2sXW14Nt
+JglOxofMieHoQG07n8OyiyOH0oyTvpUzajXdM0XeBkLuGBlaHVJGVKTwr1v5Vm2+
+PQHqlv51a0SV+DuKEWdZe8gwzQVAWvXOXYAqqgv14STSgVS3fzmwHBAOaznTBjtY
+SHqpfupPAgMBAAECggEAb3LTKPR32PDairbleNXcg/7sPJl9CZBySSccOShxYMq+
+EwPtqVxI1Bkc9eO1UPUIFW+BpaDUnisKsh9Q1riFguGb4wB6SJ3OFbzyd9KtBLjP
+CvyzabKG85oCsyPKtArPuEJ1iOUKXMB1Ok/ikZGBgGdsBPIWF9KW6zfw0gQ3/COf
+Kff46NYB2IK+aydp9oeq45yfPMts+ZtfDg2dEsUmRojvy/oy7uLehtEEyj09BzU4
+VLiV9OY3XFcCFtkj3SDqaLEDCv+Wb3ywsBs+6ZbfbQ4JJFqqHhqEgYrXPdG1lu7k
+pAAEbXaUucgdnf5K11PvtQnfHkLKxZ5z9Y7nd/PKmQKBgQDbd9a01dlY/Mg/7S1I
+NvzBKS35oSFVgWUaAlDv7K/x74HA8hO+insOV/8UYoRMOpHDTYElVsxAQ4ymOfXZ
+ghk+38EqKZPvVG6q9C9FhCNiqSjoxQUMbGJVPM0QF5/nWk5SgBefkA02lCWj+Ox7
+Bk2ne7hjaJeuWQUN1tQZAGijlQKBgQDFg8nQH8qFBQd9NN/9ldNIDkeyxK9pBxxX
+MFislUZof85Hnaf8SKTErequT6OKIj2Wr7a7osmub1UXqCryFvTU9mAJsGQEWDVb
+rB/j+xFNtR3RC4vBKATENfT9NjW4S8gj7TRZZKosiHDE7ZIRYZQwvhqvxk7vrBx7
+CFrNVmIdUwKBgC3JpdDaoNrw+jJkIENlvXvrRH1FQbgeI+K2Qv6baeXW60I+/yGM
+sLnAYCZ3m1RwD8MoY15P6pMpxKlVhFZZzzyP4DQUspmHCwO9qDMfq2ZFFpThrfj2
+j9lqsvm9hA33iEmsEcGngyo05Fl+cJAGM6NSq5iJ1MN6LRTDEkMZE7u1AoGAbg00
+UYalLODUf2sKsxzcEHYEdRMqOXcAz4PcpKy4AlnT8gtiIivHwt60uFMfaEQT1PYq
+9vmJLmxSGVBWPXWVDWQJttxVniYX9PA/BKRLy+RyrJumTwWhQkJeMwgVfo6bAYmV
+dYmlWBLd4pwMmyqni1EhRXdVXC2l4NeS4H6VRIkCgYBFXAcEbTWIpEJn+iTjaoao
+FMu6f8nAqTwGyX+0o43Zt7V8I+WcPHkSfNZvhQyl9vYwZTdOGMyE0/KYgaitrtCc
+XZiWTowoy1POGoAMqXwkvB/iqe7++Isb9BQrRoTqS49gIdIYLkL0dkQamjuOAOLC
+ayUpgzo6DfPSNIqgAnDSUQ==
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBEDCBlgIBADAXMRUwEwYDVQQDDAxha29zenRvbGFueWkwdjAQBgcqhkjOPQIB
-BgUrgQQAIgNiAASX1ImCDButxEvdTBml9dg8Qp3SsA2ebKaoYpq//XiddvQCrVGf
-lxJZvMGjoBc1di906rnTcks1lEDzfrUcr1HRtNN6aT1/HlGX/uNK7AHG6YnpjreU
-o3ISbmbFot6tJ+KgADAKBggqhkjOPQQDAgNpADBmAjEA9b9s6OwjKnzMIMxDIDp7
-oUEmxZkKTd/qnF1rLkGMkEqPR1BtjmTQ0VCmiqqFHE78AjEAv2QzGitc04jGM9qN
-+usRbImaeg6z0raTPfqLyMWm6nnBY8uSUU6v4+3QN71cRK9Q
+MIICXDCCAUQCAQAwFzEVMBMGA1UEAwwMYWtvc3p0b2xhbnlpMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQKcHSyj8p/c7eJEMuIPAi5HRaKlIjFajsho
+xt9jayUyYu7bFpfdYCFhqct3bJlF0Vq/tUwOMKYzrhI3ZjjsXOW5fE8OFLAawahQ
+41YBzmgNY9SaGzOV8NU4eg3Vs6dzL6PtVLtOQAoJC+1zOOC9ZTYukim5WeE75r90
+a40q92ExuhAEmNO1c7d0vAbXwHwzSxjXWuq/h32VPrrZWq3HQI5vW5A4kVTyuDBx
+s63UL8gZZoOZKLp+LwDC38zmiAjk78Lj5UeLbS1wtHHeM8VHnuYu933egW+tpABE
+tXhPPUND711aC1a+q9oiLYDxmf4T16KOSvsxH44n/UB54XPz1wIDAQABoAAwDQYJ
+KoZIhvcNAQELBQADggEBAI2tMCc6wiKaFLPbrGXXLjcT/QEmXGo9TxUXvMHhg8ZA
+SXsAHc61tYk2dipGE4ttIMomTPEDdQxhAY2Dk6IoEz8Jcs0xC8LqbHZusl+Ttf42
+LHIVUAF8rmLcQcjeSuYnrtntCLvk6wV7P49RhQM6RguP4ItySXshkRGJCxIgLBzm
+GtHJbJ2AWr+qvfTB2bMb4bZgCWo9jDYEc8LNBcT6NzWPQQkGl+oOSzfXukDQBG2K
+5WvMQYwbyHUr2b8XB36uOJi3UasWHKoRiUihaRNrXnaIa13zXEYCM1+Jd4ZP0xBr
+ji2hOqi8fCCAZGhKmUtWEKdKD8I4qJPW0JoAk09ayYM=
-----END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBDTCBkwIBADAUMRIwEAYDVQQDDAlhenNhbWJva2kwdjAQBgcqhkjOPQIBBgUr
-gQQAIgNiAAQ0DfMO5gVp8yR97xkMzgS9JDTjjOUrfj9wOVWbLnP6xk5EQpVpghOF
-mGNaJdwcsjKclwG1+8TdWQWKq7bBshMDCuOL5+piwXEbTyB0nAvfRlZsA9WM2EwC
-6W5iOh+zDrqgADAKBggqhkjOPQQDAgNpADBmAjEAiHN5e892//rYy9BnKTBTQC2J
-TzqUkavZbFxD5mw0lMNSdPH+h1NStxXieQFf2SylAjEAjz34uHonL001gQgmvGab
-31SogblGs9rlmN3nbHnQqOFMufbEhjlv4DRDrkEUyENY
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCjCBkAIBADARMQ8wDQYDVQQDDAZiY3Nva2EwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAASnlb9sjg80nMoUizNNgFWYHhDD6YR/ck3yYWhwWcdvbQLEIs9YgOc1GG7u
-Ef4pAcPqeYWD5gxvxdh/n9VVJ3uoFxQtlOXEpJ+suDgCwEFaGopj5cNSJ2JXCxRr
-NsyOUT+gADAKBggqhkjOPQQDAgNpADBmAjEAwjmYAhasFVT6Lq4gGkMn4U1sz/9q
-fcKAwjgYttqn0Ua3aerak8JkHZmInKqhACx8AjEAmdWK89Q64CZvB1GiN6BAfRo6
-OSbxdsrK9tZF+ZwwGqoQtdzMndk3C8nVKzUq6pRM
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBBjCBjQIBADAOMQwwCgYDVQQDDANibWUwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
-AASG011uvj6RkNejLNJqKk+7zVJORlsbYPDLqlu0iHH0cQDkuMt0zridwf1caaco
-ZiFDEUo1BsscVws3m/EveCrSHQFJZnEldHQOvpN1QGzLCoEOI3y3+Zvh0MTSHG3a
-yvKgADAKBggqhkjOPQQDAgNoADBlAjAoEqLeEaWwBS6VbzcFoWGufgr14IuWII3H
-CFQDf5mztT88Dbx+uPlZ3CpHUqHMDO8CMQCPOOmlAUz4AlATmoyuE8Ey7JVEqMxX
-Z82izTz2dCDKQYaY4JpVJhrtkR6L7M5rvyg=
------END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBCzCBkgIBADATMREwDwYDVQQDDAhjc2d1bHlhczB2MBAGByqGSM49AgEGBSuB
-BAAiA2IABIIDka3ndreNUYZtzOMVkWysMedt4UQNwymVfF7h6DeqAPZHdBjnKJCV
-FmwI4p/XJFVGIhwZnwZLm46WS127wK01WgZzEDYyHYnmsZ7zYg2PhXByTEhKR/D6
-6/Z7nH+oeqAAMAoGCCqGSM49BAMCA2gAMGUCMQCRn3Yv+/MqzS4M2I0Z8+BQU4PP
-r8IhvDBMeycOF7kbsUhg1p//ai8lcRM+GME5dzsCMD62uS2r1aCZkFRlYP82B5PH
-LxrohmLJIPjb7bxJ89S4JF0FlkvRO9jSaGa7wj5FiA==
+MIICWDCCAUACAQAwEzERMA8GA1UEAwwIY3NndWx5YXMwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDGczlfgf20DITII+BEgPWfwc0P+LhL3cmwinS0Izc0
+ydmCldnwoZ5UOsQzGc1xlu5V8hBnNN7cCrIhBNnXWxUpfwhU2gy17Dm4eJIDBx02
+PcpUdeln/ru40jByaudcOR+Tu7RiQGzTxadPJHweDfnqFc0b8eVbhnuZA5kgsCov
+WCqqtg/mbh7cQ1cE3TLX7AEsHINSAgTCj81p2u0z4f9pZS4mZyOmgTUFfFLHSYpp
+OCaeh/1TKpt7kNEauE78t24MJrhVslByTNXLi93e5tq0tAISHCSEvYGKTXi4b7zc
+WgPacERIEBO9ur7blOhrcb7QzwOZVv7FrWhR7v99JYD/AgMBAAGgADANBgkqhkiG
+9w0BAQsFAAOCAQEAHhRbMPoD+Dig7DFE5O06DwodCGb3Mh4nY3Y1lK3QAXvpo8+0
+FV1Dc6paJE48PRUcW0Tm2h344l6gs2PCjxzzjYOK1A5GAikU0TE9Nk83Ic3dwZKv
+4XV+/NkXMQP5qjAdje0rdd70ApDWudsXAu0Rz+vCR4ynEj26x8TAiTFB0jKnvMfd
+caXlI7/fNylpX12s9i6MJ2xYB/q/wtUQHWxhaJL1GA+i3EjVtj9fvZP3BBdIVUvF
+a6QOgNqiEMhuU3Oyxt8vBh+2h80/IKJzCDwUy059pAnNjK+dZY9NzsKlCI2VktQl
+iYSmsOIFyjGK6WFfyxtNl0YkDtDnIsCPaNu42Q==
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBCjCBkQIBADASMRAwDgYDVQQDDAdjc2xldmFpMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAES9ThT6dbHsR9QCcZ3rzMeGtahhNIxMBACU4dzbTwjRQuRHyOLXt1JwDE
-m1xxHTX/9pEB4j8iTfRZReSFYaIwu3+Of4bbeXraYQByPWALOnvTjkPVIfnl7wEC
-SA6qB+DfoAAwCgYIKoZIzj0EAwIDaAAwZQIwNeJETbz7Dat7wMfmHtx9Pv0jh8C4
-YodGVagDeEUqF3infv2UyBZcIbCyEPV1mFFhAjEA5hWnL38pc1lZjaNCnVRZmRWQ
-3Ex5dlmifgYarn0mYzPkDWMzTsSdzwNGJ7OmKe8p
+MIICVzCCAT8CAQAwEjEQMA4GA1UEAwwHY3NsZXZhaTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANGscOSJiNjf287+HoV5Er7D/nhdkCE3TIv3gyGLr+AX
+gyC5NPf0rKzDa2+UYLHDgphVShlhiTpgdYyZhlUH4LXuamJBKTnkwNMUIngeTAL/
+mjY81ReiKNhonM3MzDINrLXEw7TOwddQrWVEVj/Wmh4STBjZ98TZ0Otf7tS4HGRA
+y89icjgzq9fFvISvXl3S31EOYki1ceh0wt4cWfutrvmemntzx60aQ52SA0BcsIkK
+eed6pKn+0qI3+zC5hIuvTa7RaDbc35zz6YSz3EGXyzTqGJef2GCG4o/xnmttaf54
+h/lb9U2/XX4pw3NoHZoDXPc0/YnZcFnm3+NkVSGpI9ECAwEAAaAAMA0GCSqGSIb3
+DQEBCwUAA4IBAQBfEotuHRmWP6y/xf5+VnUC832xQ4e3jubH6BoAobXoQgDLmPsm
+h0paUXF86tG5ZfdyseiNGH4KBCiAljFZS51y3H0S3/ueAkMSSVo8o1LcgOk/iZx8
+eRbKixqZywx6erCHJSIhhRFvGgN3DvPHvl+txND+62q+0kUVEPTC6pUcubCTn6ZE
+DhWXRUF9MpQHVrw38bbXdXc5YpJ6IAWJFopFbFUebt9380ncsSU/Oh7B9Zy+cHaF
+a3mcxDiKF8UFnGnlj4eMOOtnRNeQvjzdBPqf9U3nby+m8o90/W7wskeC+fd8mLww
+dtDAj3H5LSRGhlTXT1ZBVcUhLYgwx9DAS1zt
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBCjCBkgIBADATMREwDwYDVQQDDAhkaG9ydmF0aDB2MBAGByqGSM49AgEGBSuB
-BAAiA2IABMJ3KlcBe9kL4OBpfirfBbiRTlBR6VK9pfoBrWIKaRCCb6qEZDNx2ZbK
-nAXO2ROZsNnVTdkaQ4xB1ecKrpJs9n+/c7b/vaS7/NkMNg3i9Hgku82s6QTWnKUr
-ztcOhYUQ8aAAMAoGCCqGSM49BAMCA2cAMGQCMBEnuVtyHrzWaRjKbPnZ0QtctxoE
-drQ3vda///knPl0W/HPqmdkp2t1oPfbMCYZi9gIwTC/4kV1Fs35Y1diGh6zMAQnH
-JqBRXkU4Hzq8wf5hB8d2rlGTeKllFhtLED2l8SHn
+MIICWDCCAUACAQAwEzERMA8GA1UEAwwIZGhvcnZhdGgwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDG+BrupqZCuK4//EXGhoEXgXTx4usUpiJeOkQzDNmk
+K2Ri9XdhwZdWQu6J0G1hp6FZZX2DDpd+Y7Sr95X9GMELLcPeZnqadc3vHw5WtcPI
+RXho8FGhMHWfPrAxAqfYc7XrHGyTasC7P/etJ3YOhlX4I+XTcG4jn9yU8FBAmKmK
+B8fjy+kjypFNAUnbjRrKTPZSW7YCFWmzIGozwGFSvNUdrPRqjsyp+zaPiyHbkfg6
+EdTNx9bHzUEXzZFJC0AhjROi7vpZ02BV+I67aysO969hp2uIwQNNc03jwOIXsSyd
+eHgcnun4DCxkaLTBSkNH9IeRBvkA/XYAQQlYtaK4r7cFAgMBAAGgADANBgkqhkiG
+9w0BAQsFAAOCAQEAQRwJTQmsuy3iKYMr+qEOxTeN7MEnjFfcgS/lsMCirpCuMbFo
+Tp9LcD7ik6OGV5wjsAu+JFdD38jFBn56oSAzOJlNCzjAo9pB+aR+M+07Xk3mr5No
+6wkx1EiemRRixBG7l19OOKf0/0ciU3Ykmla6/Y8dbht7Ti9DWLXBM2zp5JgOBg6h
+Cqm8USROS1pBQxBlDa1IoHpRcR5nNjO6l2RfDnd88zoRgXZdpFu7w9BdRv8mzy11
+e9RYIFoPj7oHe5TYMUJ5o91TuBv2/0qqKhNqYYB9ZtwEGb0jwKvgiLdx30Dr+9dh
+L/kNNOZ/h4YiYaYP3NWi1alhxavUjMXoWR5Z7Q==
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBCjCBkQIBADASMRAwDgYDVQQDDAdkdmFzYXJ5MHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAEg09Re/Ew3HYl2yH9EYo5/G9KD/U4nY48GMPiuZp+2CWdafFA8hz4vXyY
-6R2GeNDVe7HmistE6UJsYcTZMsUW8HZxkFgPE/TLAQJo+rs+yyRH4oct8sbZX7gW
-3keqvwJloAAwCgYIKoZIzj0EAwIDaAAwZQIwDWGTqyuFxTU89a8QFmWFhnl98LAK
-E6NmA5PtTd5jpFHIXReIRr3hSQooV1rSGVPhAjEAtdPDlua5HNE4BNHH0bAKmEXa
-3nDHf5bW7ni58J4cLvwED/pVd6iOgqG4dA4S+qi2
+MIICVzCCAT8CAQAwEjEQMA4GA1UEAwwHZHZhc2FyeTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBALTZLtooVneSTf04lqaNxApEddz/ge6eDa+be+1eXwO+
+M16vVOHouA6cg2IkzpQM5dCKkEFfck+jsCecczJSH4yd2VLbzpGF2w7GcfD+Qm8G
+EXYWMkUi8Ddy2IfS9BWtd7Xip1CBgFeHL4T0nZxatkdhLkL1WUr4sd4vw7tKaVdh
+bdKmnL3ukS38jmhfYrjGbw0pfCwmF5aKQkUpk0npcTvfEVTFGUcRvkhCXd/nOQ1Z
+BnmnXWj9/2PU1fKkd7NGwnydvxBXc9oDwIJMbFU3HmRo0JbzngL5xVJz3BVXgS4P
+AZgpvM+hjvpY6AWYO0xzZQbl+b4lmuLpM76GXxaK/PkCAwEAAaAAMA0GCSqGSIb3
+DQEBCwUAA4IBAQCR+nN9xaT6hQw6bJZqNyn6hBJ8F5tc71RBUFD8ETUsN5MJuhfu
+HAT7E1eMHRKE4ByZDsb62IMmZC/nsOV66wW1pdnRuDxNGtLtafM8+pwZFMK/GueD
+vAu19aYmXpvuGRmHmU6v7NcAR7m8HOXgpy372wAsCMCUTWw4Ss6X8hFI6IQ2hANn
+kyvYHY6xtPGPd+/UwMAR+TnZqdg2wUVvVcNlW8y+TjnZp+f318pLAv0aDs/pVb9O
+bYLNBL5ccWh2QrWz9AH8KC5vZqwfIPsvnnDK+Md9SG4qbUOgwGHqiDi3Dv1OZHN2
+O3NntAI7yo4rY2RI6LL7ZTCZdJ8R2ZGfwjol
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBCzCBkQIBADASMRAwDgYDVQQDDAdmcml0dGVyMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAEARZhmimbADTG2NAxh+cs/Xp+4G73Jhpif9R9qo0Og73CUYzLNCs9BEBP
-LG+Lhpt/3qJ5pAoDTHBxNLr2+NHokhgy1ng9XSlccKC2gH8h4mMJV8FG/ZvZeiq4
-E/L3g8wyoAAwCgYIKoZIzj0EAwIDaQAwZgIxAKqfCt8f45Cqbn0WnXE6MhQ1JxKj
-QHAB75GEZ2u+Vpe0gnqlZh0S6GQxGhAsBMmtCAIxAKLdxowosLANPnPNGIkClJcI
-C1L9r5AUWLA3E5hlEDDfc6V1XzYGPjwK1sVKsVSQtg==
+MIICVzCCAT8CAQAwEjEQMA4GA1UEAwwHZnJpdHRlcjCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANJY0aUFPL3tynzzC5bRAdvFYWTtnC4jD52UzNz/hEsg
+zp0f9vIguBt8hxpq945fz7A7C/WKLIT7NWM/rk9Uzo+1PHbutG496TkTSw8DZDKh
+L08Sx5HbXgmTki6efn29HAD48hJI4FcNinqL1GhvPhlvhtiRlxFf21JeU0tiklbW
+4wJobUB/zksotcGdfYdcCrUz9aOgGqimHCSoM6A2WeY8zqqQ0XRoWU1q2sN6kHRE
+r7PmP4KGmrulA3x5ku/5/eIJRrcsV9/wHUuLqONdKXtAS7Bj6Zuq8yZwlIFNKURV
+l7Z1POO+yqRbi56pBNHXRXKV7c1iIKoPLwbKWSsf/gUCAwEAAaAAMA0GCSqGSIb3
+DQEBCwUAA4IBAQCOYkP7z1sBtyC4jxSIkIDhR9VlKzX7tcJfOKK5igQqYhTXUhpO
+Lk62G96P2KFNKmFXKv743yrGh7mcp9wB7T/X5MQH19dQtdng8jkmMQV1m4CAiPfG
+0EOWqOIxlD5ua3nSF532mxhpmtQSJWSHeihwK2BfxOi2ZDXyBMbtxa2X9lxzeKIT
+P5WnKZPA9Lj3gpJGbsiL7LSfYhR/mwQYKNhenO1+5YpPg+XpLDT7lWkTmWIpUWez
++5O0LWPR1+EZBTx02XZCLh8zJaU5cy3uL270aRH4pmU2wMUzP4pbToEAEOxtObQZ
+7WXC1vsC8QPMdhhAsIztGKnEVUvjg7tElV/h
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBDDCBkgIBADATMREwDwYDVQQDDAhmc2NobmVsbDB2MBAGByqGSM49AgEGBSuB
-BAAiA2IABMFmcTe79bYssKDWjIUsMSjRXtYjca63b3kSUHq1bO7roKmbGtXzXXL9
-zfENIz9uRHsfyYoe+1Gt4r/IEg3QehHe7sJuBq9nx1ETjM91n6mAQvKcWnivKVff
-sMHW1jtCYKAAMAoGCCqGSM49BAMCA2kAMGYCMQDv/73kqyWsmH2ko9P2v8OsTtwM
-5t+jTagnhMiEn5m5JcRL7Ek5KvIMtjMZis++hxMCMQCTjT/T7/5J7IbB5Hl4QwYR
-DZ8rFgjx7pgwiGj+h5TJLsvYfziM4F7c7FJ3klh1T08=
+MIICWDCCAUACAQAwEzERMA8GA1UEAwwIZnNjaG5lbGwwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQC6SB5/L5Pus4jPCgqCDUi97dg/XRPRIMA0uY9TOVLS
+fpFP5UwHc1QlpmrHg7j8kx22A3JZQUphuWgNTuKbtHRsh3yjYTAiP5tTIzHhtjfv
+DTLfbkAU4dgaDpOPbFUN3cmaolweRsEZzuTuiz6Tv85gMCnaLOfXqQZNhGDNOigY
+DdIRbgHpGgxr0Qm05l+VfcOj0/tEFVC3vm6J03XPV+MT9pk+6is4BVvUDcZlQpNj
+xudEWiwBGYhSx28S+iffXrZA6RU15CcP48cdN09fC3jLM6LmBjWzsdRKT1VIlbHg
+XI81h9kyBxtosOuLA2ecDhQMY8oix4aaNV+vhHX6O+dDAgMBAAGgADANBgkqhkiG
+9w0BAQsFAAOCAQEAdsL3yRsG40pw3tyyaOi4fxKAYcnKyT30lVQOMHaHW3f48K3z
+95jw3FhnuPPa6escjh+/RQBUijhtTkPiUTf9ZH3iCFxYAtMUiQ7+ak4nX40A35PS
+hAwyq/9tKSjYS8c+55oT1qLDLwsqEL3qQJpP+x097qyl8lviOBl2emD2/npe25OS
+faeST748fKTM9Ew2oXZyUoNch1psFKDo5uxR2erQ18hvM1h8OivyfhvNVmLcA5fe
+oJIA5AjXmBv9JP+v2rDn/YA9I+hBLkKgfWckcce19E20Yu9rsSD/25jlXXf+NEfS
+IbwqT26UiGaT7H/2mjNuIpX19vupXEQLRFARHw==
-----END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCzCBkQIBADASMRAwDgYDVQQDDAdpZmFiaWFuMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAEumWUZwg0hscPlABf4jhbnilfdnqHQ1s3pESrOXK+Nw4/xbpVi2y9Iu10
-VIiiHOz4JDc/s7LjVg7lgcvvSB3l6h9nUV8giy+q/v6O1L6RKJS2zAR0kHKQEKB8
-QqLjTH9JoAAwCgYIKoZIzj0EAwIDaQAwZgIxAOKmHpLEoJhLnOz8fNiI5WoDjBgJ
-12SbiqqP30nhj3VHCHp9vVQHIowqsKGaEcNMfgIxALfI4SN2rbCVk/NoNuJjnLjv
-R7oQ9xPH/Vs0lsLiphy8HvgOVuX/GFMviRcI9BY4Fg==
------END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBCzCBkgIBADATMREwDwYDVQQDDAhraG9ydmF0aDB2MBAGByqGSM49AgEGBSuB
-BAAiA2IABBDQomhm6kA2850T4rznh5LUyvLmE6kL0JK3oCTw5M5pCOTiwGbgKip5
-BuPUM+hrlKf7cZrnmqH5GjsoPzsMmV8uzxeYYBAWIsMffmFil4U2CgrpJg52w4i4
-juSAeFK1nKAAMAoGCCqGSM49BAMCA2gAMGUCMH78kCLrP1jOuv+CdBvdGargTkqY
-6VkaO+Ygm/mvXkZkLA62C3kDAYQivt7N2nleRAIxAIeEvYFTairnHufjd/Gr8xdt
-SRei3fPpAm1gcQs02kNM6BFCuDPMg3E0AFMOX1SNBA==
+MIICWDCCAUACAQAwEzERMA8GA1UEAwwIa2hvcnZhdGgwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDrBA21OGk6aQchHFlMB2wdMImTPZDT7wTL7EGUnjWR
+KBfkH8srCga5apHmy4lg5jwK+P+ubEjj16lSlV/lyIBcgrWRO17gI4KNUlMK6uiy
+krNLux0vWuQpqWksueGeExw8Ddn+/emnH/TCqzvrUpVBKlrUnumOQJdg++gSntbk
+citDV96Fa9uUJ0XrQ7s9bhfG3BnS3M3IZ/zQ04+BTBqt3+YrQweVGK3gIcZa/c4X
+r2NYl7eG20KVfzhGCH4mgSTift1TUaspQxmtX4uyuM8ZBg4VZ6RQeQD0+Cq45/20
+WZrvEPsQv1c+Juwel22th7lglGkklmk2miEAQpgGJNX5AgMBAAGgADANBgkqhkiG
+9w0BAQsFAAOCAQEA2mPLxcIieCIW1HFUCOjiR9KqB8bnGlsfJ6nJWaVNOu8mpNqZ
+/LbA0ixNhV1EotRQNRpMgrvN+Z1j1UlUFNhPud/LBY/u8JL92q8h45UX+YpOBTzX
+d7qFzyGR3uHbRLYk1eGAXvBYevJChG2s8DhLgqfN4t+3+DROD26is3ZQcqNNmA8Z
+nfFG88zareVj2MY7Hy2qA1GEt0l0D7xY33vQULGjMw1JzL8CpEPRmpSgGMN2Oc7y
+IVB9xW7LnWiR8ROEWsGyaVGarR3IP2G2LHbG4CGacOMPfiF15uq0uOvO4tvrNEDw
+WgSnxQmpNip+UsFE4yohgzagj3vfPT3offeFjQ==
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBCDCBkAIBADARMQ8wDQYDVQQDDAZra2FuY3owdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAAQWw8xMGZHms1OJfXoerleJUhnX5cfQaHSmDZLpCeeBXhEC6oeJIOdXscpE
-ts9fAVhzlIk6Cmf6n8jJFo3ncnWUjVLe8Q9HoxWDw81nyBSvsvVjCAwl1dUKuvub
-D9/gRbSgADAKBggqhkjOPQQDAgNnADBkAjAtsBR5gMCCHg5yQj7OW2MvxwMYTEpk
-6066ABE0i66Ro8XJ0/7a/Wda5XvfqXVczIkCMG1SCQ20okavRvLqFg3O0+DH8Y7z
-+jRPtszyVZ99Z9cGqK5CYszm7xf7ozyv/mN17Q==
+MIICVjCCAT4CAQAwETEPMA0GA1UEAwwGa2thbmN6MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAuWpjeOAb6C/ccPRJb2x7YgV2YE4BT5EHLbKOf+FhTsMk
+HdpsrrnV3gDV9882j6HLnBVMV+h2NoOLe9TeBMkGQDLDMQHx9bycl0JNgkdxzLgM
+LJG7yGsrYgnzWsVfQOhGfJ/Y3SCjvDT5Zyiu7fzNPvBozhsC1NrSC3S2MhE5blOA
+p+G5Bpau747dDiYFeixGffa6r28+RIv6/0D9PjJkpfcnYPeFKDPioy9aN80VAv8o
+tZWkPe4Bn4Z2LQE9tOfiH/u+H2ov6FBoKi2GOu848Ubf51xTsGMTgLRNuGB67nFn
+vMghg2RvRQcZh/NJwmMEWT9tgCEOL07MtXw4R8R7pQIDAQABoAAwDQYJKoZIhvcN
+AQELBQADggEBAIv3o0kbUToXn2KYKa2R/oeQOrddTwFRS6TzlNsZ+Y5bhgRHmfn7
+ZujH7wGb2qyhKCf0FdF6SdxTC3lagBorDXm+VJW8gpslWgS3rYLCgfHd9jtbmqHs
+mzHXap1LzKIGrQjmshR1U2B32CdVlyDLnMdCiu6q76DDcFLt85DL6hLVRsIHzcHf
++aSTTrydAgLVdH7O8k/Rpk4BSD6TDSkMZpJE/Fs5hhO9155D9uf3Df8DOhsHDu4e
+TrFnErqTjuq1T620QQHGUtgqQsM82om0k6vaAAk4f8qkfa/9kO8tcqvGpYLomTli
+LU4MMPZLj+lP4p47+OA0rei8oJdCnkzDXfI=
-----END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCDCBjwIBADAQMQ4wDAYDVQQDDAVra2VsZTB2MBAGByqGSM49AgEGBSuBBAAi
-A2IABAro7fka9bYX11//npweHRHPEn8BEcqiseC1vDBrXP9e0gYrVakPVTqu7qZe
-dA32Q7akHRcrD4d7wjlHHef75GTRAGC7HOvgQIKNdwmF0Rw3yD7VZFEPHXFxBDoh
-bKJXNqAAMAoGCCqGSM49BAMCA2gAMGUCMBjHpxycgLPtdG09aiKCsVXlJRk4GIv3
-Zhpf/CaMZG4oDH/YzEwiFdand/7//GlE/gIxANy5n0vGIq56l1X3+WuIaNb3NFeR
-G+8d4Z7W05tgac/dBYKR2hcAqvF16QE31vhWhA==
------END CERTIFICATE REQUEST-----
--- /dev/null
+-----BEGIN CERTIFICATE REQUEST-----
+MIICVjCCAT4CAQAwETEPMA0GA1UEAwwGa3ZhamRhMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEA0XoG5c/rmz+Xd+Uxic8KTWO0fd8xBINi61y5dTXSsZtg
+YzY6cD7hX/QiC3wy7ce7ZERKWpumOlu1pfigw7vEpBBambEM0QWuCCUV3a+2Ls+W
+6zUl13PjqNTr/KleN3E1qhpYTVffp4wnC3YomAsXmHQlPFQhUl44zuJ//VAXQzz8
+TLlrKFNZieK5+Oy2HhS09opRPtIbBHePo31X8hQLfOVwyhpXfOGyGl6t/K/J3dSB
+TBksvbbDW/o9+S2tBr5JhAH2RMqjuyojTLLq2Gc2IsrGxhnfsfoxG8RA3E7HCmYi
+XCU2LVsiI/Zdvcmzle/AgqLZ2OvSBU3lMR+KDAUNvQIDAQABoAAwDQYJKoZIhvcN
+AQELBQADggEBAIA2nWkRT+waN7T/ZC2crLMH9rUOAVVzC8ufFLIy0/bhsUkOQZ/b
+q22U6Lr/H/FKudVzIizCTjrDd6iSBdNCTnqkveuThxjXVqYQCF+BfOLOm49Rv/oN
+pXG/ScnRhbdJN2ui3+ZvdtfsBk0K2lsSvJ+oxnOeN5CrDOFFEuXlkPpBulzm1y8g
+aB1dyOi6SKSRXDQqn48HPoUT/XQCE1sbAYhdnig7ryoOUwLmi1k6+8ZOMfXyzdvi
+MQFsryRxqqWXkXNTrL51Z5PD24w4XmMemqfsKX8SJ314vGz8W+H/ufQMo8DYS7f9
+flfKcecSSx7ATSJqwoJpjpuK/L7pg/4AjLw=
+-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBCTCBkAIBADARMQ8wDQYDVQQDDAZtc3phYm8wdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAATU3vBK9KCKvVKXh8D1KId9e0zzPRO+a/ZhI/iR/SpZ2zgu7NZdIcK54Iw4
-Nsm7LPmH88VTKNGUA9MkwPqVsxlKQpWUIhFPguq/FkJCkPGe6WhILrnbcb5ISusG
-YWNzdxigADAKBggqhkjOPQQDAgNoADBlAjEA077+fweY97IYc/LAi6fe72rejGAF
-0mULlTDUxgFddu7wfUb/lgcnLv9M+SwIoaIHAjBqf5POJ5fsE4qaMP2YwoKjfrlG
-08T6USZqvB4FpFa0zbd8LZihlkNroDBOx2TpXy0=
+MIICVjCCAT4CAQAwETEPMA0GA1UEAwwGbXN6YWJvMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAt+NX5G1BL3GIODVc+1RtddzU/DiVge2YE2obqttB+y2L
+/x1JnAietUqgfEiWhx2N6t+FrVojoHya7JeccyAGKwIGZyuG+5R/6P8+4jz0PRNA
+8m08FV1yon2wwgoXoqODZlLpCgSy8bcdhpP5EYK9Jlq1OZ1h0jR4JSTG/efIO8i7
+jZj6z1+45KiTLWhwUbks0HwxlEoAuS3UKSqyGFQndy/gPKf0ChbHnKmgsbpUQ6JS
+FFhxdGP2m+ZeiQmMpRyuQYIBjSyUraHAR8cai3kGxj5mm9k3ZHB71sPxAoGfTEJd
+2sCVypbkf0F1cvM16+Khl3g9B22QJ9BBsXQa7h0MfwIDAQABoAAwDQYJKoZIhvcN
+AQELBQADggEBADL3T5id0TGdqLrj1EVEPuYEvACvAjWeffcc34uicH9RqfydfgYY
+q59c7alCb65a2giNFyVocJ7Im5hwPtt60STLJkHYJJh36AYV/ADYuBXD0stbB+DK
+fLyqvGK24WbMDFOLX9iPIY8L7e5sMfuN7zF8AZ2piMlAh6d78Z6PLu/r6c8M+acS
+1pWtYkM8oZ1U7H/DHE7aAfAlk2AeK8aZ0W75Q1UmZJ97YfvhmfIAWSEiVmbwhTnx
++bzs5MYzAHbguZvoK1ZdVMtDtXxFzRx6jZhT+T5/cYxTrjduHq8V68j90I8KJM8+
+y6LqwfOxtYPpn1ZMikmLFjrbxsHYlxYb7bE=
-----END CERTIFICATE REQUEST-----
--- /dev/null
+-----BEGIN CERTIFICATE REQUEST-----
+MIICWDCCAUACAQAwEzERMA8GA1UEAwwIb3N3ZWlkYW4wggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDE/ZTpYqV9dJKaItZ7Nf+VJujTvx7ulr663iwxWgIn
+baxCtDrgIolj46O1aItv+A6pH6nlYtG0OWxzYYmhDtuOYiEGC9VPZBA5TJH1Bcpl
+CYLnxlJhf+3elbyPI6MBd8MqHHX/uVVmoq7/Jw1KcIy2Tfi8Zf3/qGDh6t9k6UY0
+cew7Bcvs56C8OWwEFvkMLMJLT6qAa9c3aOnE8pERWzMDjoVnQHyXNoSUFSE9KumH
+gWUh+icHyhsL3/rrNGLVUvy2ABpUvG0KUnBeFTjszt1iDMbCEHyypYsYEIH0tZo4
+xMwA+t4Lyou8gt8vnoQ7ah4TYcFyKM0NcR2XNgQtyFDhAgMBAAGgADANBgkqhkiG
+9w0BAQsFAAOCAQEAH07ihRGZT6u4oiqPbe6zFQo1kECfvxzuHBU4EpExc4R6lrCr
+WwAgF9sSLhpEZMQA57XK1HuIGZBxMTgrsei6FtvOP4ql2B1Jm/HYqJsCp/JtRrpp
+w0xGenXbQa01J1S/qOeVBFFTHO4RVmVpJyrv6iSzY5a2OVwj7nhgpgkjegM2nYQG
+p9IJO1nE3mSeJ4Ir6BE5dNEGWR1Nlqs5YS1XhU55VN5TIwIOrGi408jRtGMWtnrB
+zz6FT5XEzaDRBcxKml2W4nCgNXXx0HNmplMcQ9my0cf8pMYR7jf8IDVf+kHV8pVH
+/Ixohh0Sky7h+Tld/AsfmxRrQ3IV7LKAc2OsQg==
+-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBBjCBjgIBADAPMQ0wCwYDVQQDDARxcWNzMHYwEAYHKoZIzj0CAQYFK4EEACID
-YgAESsOlMD41MJk0aEhICAWWybRAzOUJgeNHB4RZY1n4xZJ/NbpoGxTS89o5FJfj
-EQnYTzRhnbJ11nOr2evtDujleyjGnQSx7UeXK9NiAbOD52zIxxGC88jAlydSjVTa
-Qpj7oAAwCgYIKoZIzj0EAwIDZwAwZAIwR7VnIf4uVK82n307s6g0dYL1NUglgPwX
-yIjqZIY2q2PvHGxwbmz/cU1Fuk1FeuAuAjB3QYjcUtk7kIcSmcI3SphCCRlbH0cD
-4eImTHMs/6bJqft7xrDdAZN9uIAtBpsSqFk=
+MIICVDCCATwCAQAwDzENMAsGA1UEAwwEcXFjczCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBALmDgDDYIWPF8YWvDSqvtshQA25sHFUosp1ZHUIL+ULqONY9
+Gy+ewsSR2A5WKANfqKm/atefIni4y/V+2sC7VrcloYSvGXDDJ/wzggFxdiWjbrvW
+o3EbSkhRPWrGNigFiAE8akW1o0bxi79JUoDGMP2jTDYi8LUi/gUNj40UC2c9lU9W
+04imo6dWUoate6kD6DlQGH150JzHJEsCdWCVYA+SpUR6fGvsdymsb6l/fe4GnDbV
+jP409cBSbE4myUzmFwJBifdeg1HrLFnB4JZte1d/99bfWVlawiNbfPb5Qez6Wmyn
+QSxexqFQP8JMqe5g0RCv45nDLcXczazujsaSFjMCAwEAAaAAMA0GCSqGSIb3DQEB
+CwUAA4IBAQAYllfsBlZwMHZdZX4N99Noin31OtCdCb0UrAcKTSYyDv4mnHItbTs5
+9gbrnlSz5iliytteNvgVpAUGltnADCHk0Cw6u5izGMepxzdDHUKGTF3o61SqwObb
+WZCtOLB0iFyBt1C8KCHSFowGe8J0amA/Ng1rRBplQMHQtRkP3YbM4AOB8yvAx76s
+7PhrKJlNEe6+q2vRr9Ymil4Cp7HAUHTC8jvZ2OWT+hzokkXhXjnPCivXOTvg0stp
+MKpUjh3G8PAYTZd2TBc1vI4lsxhCEfwD4HKYhsrR1e6dUBepbsNR1aJ6mvFwplGq
+eG3JiRe5N0kszNTeMuX9nKsrTSrk3XcB
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBCjCBkQIBADASMRAwDgYDVQQDDAdycmVuZGVrMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAE6sSr4SRCkQYXc9bZhxcpqAVzvlpUOD7J3XhVyuIn5kQaIls6FWhhv67O
-BaXJmPej/w652478Fax2Qchu3oU4yx+xmEHfThhiJASVWhZrC/0T4yaLdtOaVGyb
-GTxV3tAuoAAwCgYIKoZIzj0EAwIDaAAwZQIwfcU6uSYmTg5df6XK0lxeYfAnNJJS
-nCvW2iLWb2d8PHsQIj3CaTIDMAyMEUolkDD7AjEA1Rc+CDn480fUb2/IEGZvkYRi
-0kztuCXQIz1WWJgpIr9X7OETpmkrNGWL4qNLJ/F5
+MIICVzCCAT8CAQAwEjEQMA4GA1UEAwwHcnJlbmRlazCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAPNPnOe6fzZPHax6x9BsWfTC6Aej0vG6e+d1lpFHAqxT
+1UAbQyWtuRW15bDAkEJ0R6WSsPUc+wKpDr2dsm2FlSorlVGbThQiRbyrI9924xr2
+tyei8OVJiATcy32gTiuNVpdZ6U7c959BLhbvdVnb6ZxZPuU/BaeqDQG82/gD4bHW
+S3AYG14QBaYomVnlpTgXqZKVunSEzyDU5OQmT4JtO6pR1C5OyJljOrvd7l3pHKtL
+VKPfSFTAfiCFoU8Kkz6UkJCS89xzlBY9mW5XgpiHjPgVDB41b0hH7RU/5AaYBPGv
+Jz2vJRCqRnlOAM7Uv3AfL2BLoXe+aP82Sl9g/y7P79UCAwEAAaAAMA0GCSqGSIb3
+DQEBCwUAA4IBAQCo8enI5r9XgBEk8aIAvOvOMrqCYWR1unGm1MrzrDn59786uaM6
+mr7xkDajclPNjg17BHXuD1G7b16pCqP1laysBQ2oEZPznfUS7DoZ+YhYtUoKDnvx
+JISsOwRw/VWlZedUt+GZh+PoUaoQ6TWHgiNpt5j10o3aIvCdaLxRAMg+1fo0ta0g
+wRCDGgAKxpacs+10h7iSFpG6LWxXsQbCw3bd3gliPEmPkFk22W9io3hruszLfaPx
+OCNBuS4Q2McyLZAwLb15PneF9GukDGkv5TBbAdFsOSrd89eZVrGohdyty+P3EPiY
+6LLQtujN/8yHH8xPyGIgxHXVzIBq2z3YYEHD
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBCTCBkAIBADARMQ8wDQYDVQQDDAZzZXJ2ZXIwdjAQBgcqhkjOPQIBBgUrgQQA
-IgNiAAS5H+qD4GrjSd2o9QYXM0xEc6xGATPriKMS1gqqO+5v03VpGfaCEp0jFzq5
-/mZhJkxG29L5WvyoglgiqLf8y/3MPfHoyRk58fPQ+3Own3dTnP81tbXGje7rZgvR
-cNW7pGagADAKBggqhkjOPQQDAgNoADBlAjEAv8gQnvhdDlNzx4eJwKHCciWX53PD
-r9H+z1SZ44816XiTpFYZnMhRQI68+5TBp7CGAjByELeSgotlb4k9l3E0x/6/1QA8
-CC6AE4W/m8s1wXsRAhEHxmA6UZmOgPlZftSFICY=
+MIICYTCCAUkCAQAwHDEaMBgGA1UEAwwRdnBuLmluLnVzZXJpYm0uaHUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRR/8gjzSI3VDt1dFV2BKi/2HlDXEp
+AEk10BxK79QBScWEOqO5FK7M0VBTTH1oOFUUiONCDnaMF6f9izupnCY3/NFPiavq
+ueEeC1iL6r2Ajd+gDh2/GYWBlIfm0A4xd+Mpfu8Wb34BCes5PdoRomJyp4tb9lx1
+8ySpZhXC+nq4nDWjgruEQcw5/szy0GU7E7l7GgWbb4x3oaUsWReG5ddYI8UDPq11
+OGm687RBO4ruoIyBYOATUe3LkNSM0l7V+dSzuX7mcU1Kv1Dx1mNq98BEjUhGnVM2
+6Ma6+p0IWyLF92r5sc+adr3+4IgBgkzIocA+aPwG498H7JdIH9LFzRGBAgMBAAGg
+ADANBgkqhkiG9w0BAQsFAAOCAQEAGeMg5XZVlzzxpKUvkXYdNIyVtrk6ZFc1ln7E
+ulg2kPeaNhAfOFcK0JSj9xi3C1lyj+vT0KXftHTN0S830rZOaz8dqaYW1zsc0Z8l
+9yN7/LBZ/nJhgziZDeHawXrVkBBNCJ6rnIlqVXUjKLvzyV6NNtFjTakGMu4A37Z+
+I2On858OxttZN0Ush13HcXVz0wRR4/gIJwwAcTcVoT4D4hjSh4f8ARAa9+9RbZL7
+UsHzS5GevDlcfXECZRuJLFEZxhViiQQfnZjqKMGDoDVUGBXG05AGf5YifEABRQx7
+i0ic6m/mNfovYgbbjtadh7KBYzcq+acbeJYYz3sFhxNK/pJvjA==
-----END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBCTCBkQIBADASMRAwDgYDVQQDDAd0aGVyaW5nMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAEGOZ0JaQJaoOfvHHojsFEc2xgFzoppBFAlJ2tqvQ3A8yDpyhbWMgLQL/s
-yINuQdtWJDdWf7olVwl2gidFk+llJapV8ctI2IvSZdyOUXHoYNEuiDT00fPCgTo2
-mpwIf6zHoAAwCgYIKoZIzj0EAwIDZwAwZAIwKkd3GRIaqtKhD6xkY/oDDkfO3JhS
-1pytj/Y5Arxyllpq2WGKHk84Xpijpt+5mURuAjAJT6aKO8Yj/7gn0gUgqU7sgUjs
-jeK8ul/weOnx98dvGarGCtHVFk/YOm1US3G60M4=
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBDDCBkgIBADATMREwDwYDVQQDDAh0c3VoYWpkYTB2MBAGByqGSM49AgEGBSuB
-BAAiA2IABGpSR7SCb4gHOdJVN1ve6Df9EsguKsW0m1TPK3xz3ZyJN9epCVARu66O
-jT/n0Ml+ifV/KSgt1klbablH2oKHHqnoepji/iu2sML9qhivw9Www1GLd45NaGBH
-QShNMIFNfKAAMAoGCCqGSM49BAMCA2kAMGYCMQCaTPqfIpR3fVd//V/S5FDLDF5D
-hUNIACH9bZYmY8pyH7PZ/hhQ23fZNDPWB8QcoHECMQDtcOGvrFd2VjHzZLsI98s5
-EHL436RfdE5WFtOnfEkCVoTvDkfZqkMjNh7M1dq/sgE=
------END CERTIFICATE REQUEST-----
+++ /dev/null
------BEGIN CERTIFICATE REQUEST-----
-MIIBEDCBlgIBADAXMRUwEwYDVQQDDAx6YmFydGFrb3ZpY3MwdjAQBgcqhkjOPQIB
-BgUrgQQAIgNiAAQPaAvGjoE876fLcYTzhBLlnCgTFeGrvy+SPNtALOX3yWGU0iMI
-EHVTeuw5PKGc03MOedtMFZR3EaQw4rxz+mYOF5Dio0wXgkGHwpSKwyhHQHZ2WccW
-RweL7N0ibDyvJiWgADAKBggqhkjOPQQDAgNpADBmAjEAlZgYRYG0puqjc3GQoAAI
-sAZaw67rUqf+J9z6JDYnUPfqX3VrsJaKpTy4bmo8OwKnAjEArbINmKjKr9cOyTFu
-IjC97INHf7dUzIWJQNJsmjpG9cUTetFHV9DlTiL+P72BRLWt
------END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
-MIIBCjCBkQIBADASMRAwDgYDVQQDDAd6ZmVsbGVnMHYwEAYHKoZIzj0CAQYFK4EE
-ACIDYgAEg6SVTPQYkkfx/ibULDqhZXN7780m79zXetyVmotmP+nJLvasCg6hj72l
-AEI6MAOcCltKwzy8YgVgNzaZ5OcnLa6pwaJXNY7SWXcpFmRQlBbKGhkxGoOMQQd/
-fef8mIBzoAAwCgYIKoZIzj0EAwIDaAAwZQIxAPVqTTqKn5lRfhUswnzTfZEQS3e+
-zgb/KRloYHNkWyQiBgeevAegtg8QtJsyOnffagIwRrQOxn8+3w3QVui71ThBnVPz
-6+8lqo25fipBYQ9xp0ONM6IxukuMdH5HBGqZi94q
+MIICVzCCAT8CAQAwEjEQMA4GA1UEAwwHemZlbGxlZzCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAKlUM4+LTUAhWc9Cdy6jWNybbGKr2Pd+Bpjg2CATbxQB
+0jqc1qjVns0bt1PkpcCqUBNqmjTGi86w8mj/4Y3to5EnyTB1043uvt/GH9/vUPEh
+1U2uB7e5l7y6amUiAwCGe3+zi8SYcz3mRC8nMW2cfZ3a1qRlaLtbBvvzm7Zp+Qjd
+YWsOBEjn19mKgh9EdKS+hlS7wFXaxdbXg20mCU7Gh8yJ4ehAbTufw7KLI4fSjJO+
+lTNqNd0zRd4GQu4YGVodUkZUpPCvW/lWbb49AeqW/nVrRJX4O4oRZ1l7yDDNBUBa
+9c5dgCqqC/XhJNKBVLd/ObAcEA5rOdMGO1hIeql+6k8CAwEAAaAAMA0GCSqGSIb3
+DQEBCwUAA4IBAQBfUQ2ax4jVJl4owEU9/EfFud9kD4g019uptRnxghNOU8JCZJOf
+JF2JQvOy7MEbFCvWqaKSDRpa3OI4NDwutX1pvcJba7AHBuftcp7nqZXSTH4oudU0
+2Sqwe2zpTaYbkU7sGh91R2DapAbQGiz8+v8ibMobH0k2IxbnOiAcin5QY6mBB7yV
+7WC9IpVQfC3EOAurJUN+Ya55RZ4xlH55EFXr4xe/7KpRrBzR0mdZUfauXWLrgjgy
+jHu4u3wMA9YNeIw615h4hvLDBmnvOBeNjmUTVxH3Wd8WtOWVOh/hTCRbR5Co2OGc
++4+v1JGchh7g4xNtu8rt0KvNWV/Zmi5/vZZ/
-----END CERTIFICATE REQUEST-----
-# For use with Easy-RSA 3.1 and OpenSSL or LibreSSL
-
-RANDFILE = /etc/openvpn/server/easy-rsa/pki/.rnd
+# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL
####################################################################
[ ca ]
private_key = /etc/openvpn/server/easy-rsa/pki/private/ca.key # The private key
RANDFILE = /etc/openvpn/server/easy-rsa/pki/.rand # private random number file
-x509_extensions = basic_exts # The extentions to add to the cert
+x509_extensions = basic_exts # The extensions to add to the cert
# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
# is designed for will. In return, we get the Issuer attached to CRLs.
crl_extensions = crl_ext
-default_days = 1080 # how long to certify for
+default_days = 3650 # how long to certify for
default_crl_days= 180 # how long before next CRL
default_md = sha256 # use public key default MD
preserve = no # keep passed DN ordering
# This allows to renew certificates which have not been revoked
unique_subject = no
-# A few difference way of specifying how similar the request should look
+# A few different ways of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_anything
default_keyfile = privkey.pem
default_md = sha256
distinguished_name = cn_only
-x509_extensions = easyrsa_ca # The extentions to add to the self signed cert
+x509_extensions = easyrsa_ca # The extensions to add to the self signed cert
# A placeholder to handle the $EXTRA_EXTS feature:
#%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it
-B563FF7CFF8723F8FD6CCD82851FFA32
+2BF6CBE6EEB95F052F9D64503F0CC338
-b563ff7cff8723f8fd6ccd82851ffa31
+2bf6cbe6eeb95f052f9d64503f0cc337
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-ea8f1c83226838b22597668f903e9929
-6b77ff8cf2afd8d9f839344c47f85693
-d4280a82bc743e01159f17545f7d7e23
-1e91d5292c53c26c353618495b7a4013
-8df9a1de2a3278ea55ac22d1a85b11bb
-b155df61c10e835b49b2960a52840aa1
-64ea57bc98da062b695e06e3aca108c8
-d755dbd543d0d816546d7647d326aaea
-8e02195160d37f131ffe52a1f39c017e
-69fcb995e6fab1ee7a64c8b5a3946faa
-38613b3bdbdd95443a7ec3b17386dce9
-b070e4a7cb7ce59152a37985e8a7d881
-b2c1da898f177dba80e0b53e7bbf53c0
-c7431ebce43cfebc92fa4e4ac49a146c
-84ae27231334ca1dac42dea1f964d48f
-eb7313175e956356f6ecefd289864a1a
+7a5f3c2dd505666b595d6a03a6d627e1
+9babefe23197dc2181a7d1c00b3f5fd6
+7f28ea49abf33ea7422e0ab63c9eae14
+261ce5c099dd27ae26ba9b70b87737fa
+313a21b5e9d99ae382649eb1d0344703
+5a3b99fb9a1cddf03a89aed78fd3be92
+37ba0fa96e49814ea45495148a6552b4
+5f85d6fcc38fe88fbf8f86e0a0e33894
+89c418f65d4c8fc04ca6e59c61024995
+50547f35e5a7985d6415a7304d9340fd
+9f7ff6bb6f063a745fc3d656f275e07c
+8486233627fb96b8d798fbe8d2f8171d
+afc8bf5677ebef7ab1d80c8495d7262b
+c20efbdcc8645b48b68d6a537d9fb3f3
+03e345699bea11b99d9ace6fa5cd1e1d
+5d0951970c379d3e0b28bcaf453c2700
-----END OpenVPN Static key V1-----
# NOTES FOR WINDOWS USERS
#
-# Paths for Windows *MUST* use forward slashes, or optionally double-esscaped
+# Paths for Windows *MUST* use forward slashes, or optionally double-escaped
# backslashes (single forward slashes are recommended.) This means your path to
# the openssl binary might look like this:
# "C:/Program Files/OpenSSL-Win32/bin/openssl.exe"
#set_var EASYRSA_PKI "$PWD/pki"
+# Define directory for temporary subdirectories.
+
+#set_var EASYRSA_TEMP_DIR "$EASYRSA_PKI"
+
# Define X509 DN mode.
# This is used to adjust what elements are included in the Subject field as the DN
# (this is the "Distinguished Name.")
# Choices for crypto alg are: (each in lower-case)
# * rsa
# * ec
+# * ed
-set_var EASYRSA_ALGO ec
+#set_var EASYRSA_ALGO rsa
-# Define the named curve, used in ec mode only:
+# Define the named curve, used in ec & ed modes:
-#set_var EASYRSA_CURVE secp384r1
+set_var EASYRSA_CURVE secp521r1
# In how many days should the root CA key expire?
# In how many days should certificates expire?
-#set_var EASYRSA_CERT_EXPIRE 1080
+set_var EASYRSA_CERT_EXPIRE 3650
# How many days until the next CRL publish date? Note that the CRL can still be
# parsed after this timeframe passes. It is only used for an expected next
# publication date.
+#set_var EASYRSA_CRL_DAYS 180
# How many days before its expiration date a certificate is allowed to be
# renewed?
#set_var EASYRSA_CERT_RENEW 30
-#set_var EASYRSA_CRL_DAYS 180
+# Random serial numbers by default, set to no for the old incremental serial numbers
+#
+#set_var EASYRSA_RAND_SN "yes"
# Support deprecated "Netscape" extensions? (choices "yes" or "no".) The default
# is "no" to discourage use of deprecated extensions. If you require this
#
#set_var EASYRSA_EXT_DIR "$EASYRSA/x509-types"
+# If you want to generate KDC certificates, you need to set the realm here.
+#set_var EASYRSA_KDC_REALM "CHANGEME.EXAMPLE.COM"
+
# OpenSSL config file:
# If you need to use a specific openssl config file, you can reference it here.
# Normally this file is auto-detected from a file named openssl-easyrsa.cnf from the
--- /dev/null
+# X509 extensions for email
+
+basicConstraints = CA:FALSE
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
+extendedKeyUsage = emailProtection
+keyUsage = digitalSignature,keyEncipherment,nonRepudiation
+
--- /dev/null
+# X509 extensions for a KDC server certificate
+
+basicConstraints = CA:FALSE
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
+extendedKeyUsage = 1.3.6.1.5.2.3.5
+keyUsage = nonRepudiation,digitalSignature,keyEncipherment,keyAgreement
+issuerAltName = issuer:copy
+subjectAltName = otherName:1.3.6.1.5.2.2;SEQUENCE:kdc_princ_name
+
+[kdc_princ_name]
+realm = EXP:0,GeneralString:${ENV::EASYRSA_KDC_REALM}
+principal_name = EXP:1,SEQUENCE:kdc_principal_seq
+
+[kdc_principal_seq]
+name_type = EXP:0,INTEGER:1
+name_string = EXP:1,SEQUENCE:kdc_principals
+
+[kdc_principals]
+princ1 = GeneralString:krbtgt
+princ2 = GeneralString:${ENV::EASYRSA_KDC_REALM}
# Diffie hellman parameters.
# Generate your own with:
# openssl dhparam -out dh2048.pem 2048
-#dh dh2048.pem
dh easy-rsa/pki/dh.pem
# Network topology
# subnet behind it that should also have VPN access,
# use the subdirectory "ccd" for client-specific
# configuration files (see man page for more info).
-client-config-dir ccd
+client-config-dir /etc/openvpn/ccd
route 10.162.104.0 255.255.255.0
# EXAMPLE: Suppose the client
# DNS servers provided by opendns.com.
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
-push "dhcp-option DNS 10.228.109.104"
-push "dhcp-option DNS 10.228.109.253"
+push "dhcp-option DNS 10.228.109.159"
+push "dhcp-option DNS 10.228.92.159"
# Uncomment this directive to allow different
# clients to be able to "see" each other.
# to help block DoS attacks and UDP port flooding.
#
# Generate with:
-# openvpn --genkey --secret ta.key
+# openvpn --genkey tls-auth ta.key
#
# The server and each client must have
# a copy of this key.
# Select a cryptographic cipher.
# This config item must be copied to
# the client config file as well.
-# Note that 2.4 client/server will automatically
+# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
# See also the ncp-cipher option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link and push the
-# option to the client (2.4+ only, for earlier
+# option to the client (v2.4+ only, for earlier
# versions see below)
;compress lz4-v2
;push "compress lz4-v2"
echo "Run ./easyrsa gen-dh"
read
./easyrsa gen-dh
- echo "Run openvpn --genkey --secret pki/ta.key"
+ echo "Run openvpn --genkey tls-auth pki/ta.key"
read
- openvpn --genkey --secret pki/ta.key
+ openvpn --genkey tls-auth pki/ta.key
echo "Check server.conf"
read
echo "Run ./20_getuids.sh"
# Regular users
akosztolanyi
-bcsoka
csgulyas
cslevai
dhorvath
fschnell
khorvath
kkancz
-kkele
+kvajda
mszabo
+osweidan
rrendek
zfelleg
https://git.useribm.hu / user-lxc.git / commitdiff