V 150215083008Z D8D3E3A6CBE3CCCB unknown /C=FI/O=w1.fi/CN=server5.w1.fi
V 150228224144Z D8D3E3A6CBE3CCCC unknown /C=FI/O=w1.fi/CN=server6.w1.fi
V 160111185024Z D8D3E3A6CBE3CCCD unknown /C=FI/O=w1.fi/CN=ocsp.w1.fi
-V 160929212846Z D8D3E3A6CBE3CCE2 unknown /C=FI/O=w1.fi/CN=server.w1.fi
+V 170930181357Z D8D3E3A6CBE3CCE9 unknown /C=FI/O=w1.fi/CN=server.w1.fi
V 150929211300Z D8D3E3A6CBE3CCD1 unknown /C=FI/O=w1.fi/CN=Test User
Certificate:
Data:
Version: 3 (0x2)
- Serial Number: 15624081837803162850 (0xd8d3e3a6cbe3cce2)
+ Serial Number: 15624081837803162857 (0xd8d3e3a6cbe3cce9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=FI, O=w1.fi, CN=Root CA
Validity
- Not Before: Sep 30 21:28:46 2015 GMT
- Not After : Sep 29 21:28:46 2016 GMT
+ Not Before: Sep 30 18:13:57 2016 GMT
+ Not After : Sep 30 18:13:57 2017 GMT
Subject: C=FI, O=w1.fi, CN=server.w1.fi
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: sha256WithRSAEncryption
- 48:4d:b8:be:72:ad:1c:4c:e8:9c:d9:0c:2c:77:ac:b2:60:20:
- 96:15:51:9d:0e:41:8c:79:8d:43:e8:01:af:9f:4b:c8:26:89:
- f9:17:38:90:d0:b9:d1:14:13:57:ba:ce:ce:3b:55:b0:90:20:
- f8:1e:d2:f0:32:98:6b:fc:55:f4:36:c1:55:9b:1b:55:26:26:
- dd:5f:0f:38:73:76:64:7d:61:36:ad:c8:86:e6:2f:3f:12:fe:
- d2:4c:cd:6e:57:4f:ab:3a:22:a1:0b:c9:5b:46:4e:43:71:dd:
- 1c:b3:38:af:5c:69:a1:6b:90:59:c0:1e:f8:3e:9d:f4:23:b8:
- d4:a9
+ 24:da:48:be:a8:ae:6e:25:ed:12:bd:f5:a3:32:1f:40:4c:ab:
+ 50:87:23:b1:46:45:b0:e5:9b:02:ad:c9:d3:fb:c0:52:78:b5:
+ 91:2a:d4:8f:f8:c8:a4:48:b4:66:f7:2e:f1:cf:8c:3a:7a:54:
+ fc:e2:41:a7:af:e3:d1:66:d6:02:d8:93:de:52:b2:c2:6e:d9:
+ 7a:bd:8c:ce:e5:dc:3b:0b:7a:f6:fc:a0:4e:9c:64:84:14:3f:
+ 9b:24:fc:d0:8f:9c:78:c8:57:0f:32:dd:ed:97:f1:c1:a2:b3:
+ 0a:14:9e:c8:35:68:30:1a:10:22:14:66:4a:6b:a4:47:b4:c6:
+ 4f:3b
-----BEGIN CERTIFICATE-----
-MIIClTCCAf6gAwIBAgIJANjT46bL48ziMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
-BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNTA5
-MzAyMTI4NDZaFw0xNjA5MjkyMTI4NDZaMDQxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
+MIIClTCCAf6gAwIBAgIJANjT46bL48zpMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
+BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNjA5
+MzAxODEzNTdaFw0xNzA5MzAxODEzNTdaMDQxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
DAV3MS5maTEVMBMGA1UEAwwMc2VydmVyLncxLmZpMIGfMA0GCSqGSIb3DQEBAQUA
A4GNADCBiQKBgQC6oHdVIhSFVWWbZCyt7ZvdZTHJ2mBQzjjWNNzovBueMOcS41Ns
ye1IA3mBaZjOirh3RzZFz8bg8XsecYlU9wHMIq2gQrGoNZ5gqjqYUdD/H+6+jQpj
MB8GA1UdIwQYMBaAFLiS3v2KGLMww59V8zNdtMgpikEUMDUGCCsGAQUFBwEBBCkw
JzAlBggrBgEFBQcwAYYZaHR0cDovL3NlcnZlci53MS5maTo4ODg4LzAXBgNVHREE
EDAOggxzZXJ2ZXIudzEuZmkwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcN
-AQELBQADgYEASE24vnKtHEzonNkMLHessmAglhVRnQ5BjHmNQ+gBr59LyCaJ+Rc4
-kNC50RQTV7rOzjtVsJAg+B7S8DKYa/xV9DbBVZsbVSYm3V8POHN2ZH1hNq3IhuYv
-PxL+0kzNbldPqzoioQvJW0ZOQ3HdHLM4r1xpoWuQWcAe+D6d9CO41Kk=
+AQELBQADgYEAJNpIvqiubiXtEr31ozIfQEyrUIcjsUZFsOWbAq3J0/vAUni1kSrU
+j/jIpEi0Zvcu8c+MOnpU/OJBp6/j0WbWAtiT3lKywm7Zer2MzuXcOwt69vygTpxk
+hBQ/myT80I+ceMhXDzLd7ZfxwaKzChSeyDVoMBoQIhRmSmukR7TGTzs=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
- Serial Number: 15624081837803162848 (0xd8d3e3a6cbe3cce0)
+ Serial Number: 15624081837803162859 (0xd8d3e3a6cbe3cceb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=FI, O=w1.fi, CN=Root CA
Validity
- Not Before: Sep 30 21:07:18 2015 GMT
- Not After : Sep 29 21:07:18 2016 GMT
+ Not Before: Sep 30 18:20:27 2016 GMT
+ Not After : Sep 30 18:20:27 2017 GMT
Subject: C=FI, O=w1.fi, CN=Test User
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
X509v3 Extended Key Usage:
TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- 27:11:93:4d:7b:a5:ce:2a:16:87:76:ea:c5:42:df:6c:c0:f7:
- 77:a9:3e:e9:4f:c7:a2:10:d1:47:53:f0:b1:c4:3f:b8:6a:65:
- b9:24:de:6b:ad:46:9d:7c:dc:e5:1e:4f:5b:e3:13:6d:e5:12:
- 94:59:33:17:6f:25:c6:b7:56:3a:1a:7c:78:17:bb:4e:e9:82:
- 19:cc:00:b0:44:4f:29:0a:ac:bd:9b:b4:db:41:e0:22:a9:36:
- d5:02:2d:14:c2:b0:61:aa:b7:3f:f4:26:b5:5c:5c:38:a6:4a:
- f7:f2:2a:3f:b2:33:10:a1:fb:68:b1:61:ac:3a:f9:b1:20:f8:
- e5:97
+ 47:2e:3d:23:86:d0:3e:fb:b5:7f:d6:32:6b:12:fb:7c:76:78:
+ ec:82:db:ab:fa:5e:0f:1d:97:36:f9:de:b3:cb:fd:08:9e:d5:
+ cd:3d:97:78:c5:00:ce:78:f1:39:3b:84:c9:d0:e6:17:58:ed:
+ ac:e2:d2:a8:7a:fd:b9:19:a4:1c:57:08:17:8c:7f:70:88:82:
+ d5:89:0f:1e:18:22:6d:62:69:4c:12:92:32:bc:cc:1b:a0:05:
+ bc:af:7f:53:a9:dc:a9:55:48:e0:28:34:3e:60:3f:82:16:ac:
+ 70:a1:01:e7:75:cf:a0:72:ad:39:ad:52:65:a8:64:fa:7f:11:
+ f2:f5
-----BEGIN CERTIFICATE-----
-MIICeTCCAeKgAwIBAgIJANjT46bL48zgMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
-BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNTA5
-MzAyMTA3MThaFw0xNjA5MjkyMTA3MThaMDExCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
+MIICeTCCAeKgAwIBAgIJANjT46bL48zrMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
+BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNjA5
+MzAxODIwMjdaFw0xNzA5MzAxODIwMjdaMDExCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
DAV3MS5maTESMBAGA1UEAwwJVGVzdCBVc2VyMIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQCmli6bIozflL6LiUn2eHaiYH4UlfOW/qsZJQM0ZHQBPqiffPFHYWBM
gpIofCugDsuHv1nr1/NhIjsU86sx9lqVH7h6uCw8qWFTeJvoPlDswtZE50PNvD5O
MIGXMAkGA1UdEwQCMAAwHQYDVR0OBBYEFIHe3+laABrKZ9YG3WWyTsWaBEN9MB8G
A1UdIwQYMBaAFLiS3v2KGLMww59V8zNdtMgpikEUMDUGCCsGAQUFBwEBBCkwJzAl
BggrBgEFBQcwAYYZaHR0cDovL3NlcnZlci53MS5maTo4ODg4LzATBgNVHSUEDDAK
-BggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOBgQAnEZNNe6XOKhaHdurFQt9swPd3
-qT7pT8eiENFHU/CxxD+4amW5JN5rrUadfNzlHk9b4xNt5RKUWTMXbyXGt1Y6Gnx4
-F7tO6YIZzACwRE8pCqy9m7TbQeAiqTbVAi0UwrBhqrc/9Ca1XFw4pkr38io/sjMQ
-oftosWGsOvmxIPjllw==
+BggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOBgQBHLj0jhtA++7V/1jJrEvt8dnjs
+gtur+l4PHZc2+d6zy/0IntXNPZd4xQDOePE5O4TJ0OYXWO2s4tKoev25GaQcVwgX
+jH9wiILViQ8eGCJtYmlMEpIyvMwboAW8r39TqdypVUjgKDQ+YD+CFqxwoQHndc+g
+cq05rVJlqGT6fxHy9Q==
-----END CERTIFICATE-----
done
openssl ocsp -reqout $LOGDIR/ocsp-req.der -issuer $DIR/auth_serv/ca.pem \
- -serial 0xD8D3E3A6CBE3CCE2 -no_nonce -sha256 >> $LOGDIR/ocsp.log 2>&1
+ -serial 0xD8D3E3A6CBE3CCE9 -no_nonce -sha256 >> $LOGDIR/ocsp.log 2>&1
for i in "" "-unknown" "-revoked"; do
openssl ocsp -index $DIR/auth_serv/index$i.txt \
-rsigner $DIR/auth_serv/ca.pem \
"""WPA2-Enterprise connection using EAP-TTLS and server certificate hash"""
check_cert_probe_support(dev[0])
skip_with_fips(dev[0])
- srv_cert_hash = "e75bd454c7b02d312e5006d75067c28ffa5baea422effeb2bbd572179cd000ca"
+ srv_cert_hash = "bdb9cb55d3df278e52a071abf58e7f0238fbec3ad8fb2c254742f63562628272"
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
projects / mech_eap.git / commitdiff