source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/siteB-aa.crt @ 3135

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/siteB-aa.crt@3135
Revision 3135, 3.2 KB checked in by pjkersha, 13 years ago (diff)

Working Attribute Authority unit tests with WS-Security multiple CAs support. This will be needed for deployment of MyProxy? with Simple CA at partner sites.

Added CA cert and certs and keys for a *TEST* CA for use with unit tests. This CA is NOT for production use.

python/ndg.security.server/setup.py: include .crt certs in conf/ package data

python/ndg.security.server/ndg/security/server/AttAuthority/init.py: added sslCACertDir param. It enables M2Crypto SSL server side to pick up multiple CA certs for a dir.

python/ndg.security.server/ndg/security/server/conf/certs/ca/init.py: make new ca/ dir a package so that it's exported with egg package data.

python/ndg.security.server/ndg/security/server/conf/sessionMgr.tac,
python/ndg.security.server/ndg/security/server/conf/attAuthority.tac:

  • alter WS-Security SOAP handler init to accept multiple CA certs.
  • load multiple CA certs from sslCACertDir key of SessionMgr/AttAuthority? instance

python/ndg.security.server/ndg/security/server/conf/attAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/AttAuthority/siteBAttAuthorityProperties.xml,
python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrProperties.xml

  • added new sslCACertDir elem
  • fixed caCertFile - only single elem required

python/ndg.security.test/setup.py: include TEST CA and certs and keys issued from it for use in unit tests. These are fro test only.

python/ndg.security.test/ndg/security/test/AttAuthority/ca/ndg-test-ca.crt,
python/ndg.security.test/ndg/security/test/AttAuthority/siteA-aa.key,
python/ndg.security.test/ndg/security/test/AttAuthority/siteA-aa.crt: test CA certs and key.

python/ndg.security.test/ndg/security/test/AttAuthority/init.py: fix description

python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py: ditto + added NDGSEC_INT_DEBUG env var option

python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg: fixed for new location of CA cert in ca/ sub-dir

python/ndg.security.test/ndg/security/test/sessionMgrClient/ca/init.py,
python/ndg.security.test/ndg/security/test/sessionMgr/ca/init.py,
python/ndg.security.test/ndg/security/test/AttAuthority/ca/init.py: ensure ca/ dir gets included in egg package data

Line 
1Certificate:
2    Data:
3        Version: 3 (0x2)
4        Serial Number: 55 (0x37)
5        Signature Algorithm: md5WithRSAEncryption
6        Issuer: O=NDG, OU=BADC, CN=Test CA
7        Validity
8            Not Before: Dec 12 13:52:30 2007 GMT
9            Not After : Dec 11 13:52:30 2008 GMT
10        Subject: O=NDG Security Test, OU=Site B, CN=AttributeAuthority
11        Subject Public Key Info:
12            Public Key Algorithm: rsaEncryption
13            RSA Public Key: (2048 bit)
14                Modulus (2048 bit):
15                    00:bb:aa:33:54:05:24:af:0a:cb:bc:39:e1:5a:34:
16                    8c:88:f7:7d:d2:9e:2d:1f:59:e3:b4:30:5b:62:9d:
17                    36:24:f4:90:dd:4b:8b:f6:fc:ea:b0:f3:f6:72:92:
18                    c0:f6:2f:85:ce:00:50:6e:cc:03:1c:4a:63:20:68:
19                    53:cb:59:58:f5:2e:f9:d3:2b:e3:90:a5:68:ef:f9:
20                    44:24:7d:27:50:41:e2:1f:73:8c:2a:ee:9e:b8:bd:
21                    2e:59:d4:3c:86:62:f7:89:8d:45:0e:f8:33:4f:e8:
22                    23:8d:dd:0c:59:95:0a:22:98:86:65:a3:15:cf:10:
23                    8d:da:07:23:18:16:db:70:3b:33:7f:d9:25:74:52:
24                    ad:af:25:56:c8:a3:e5:a5:e1:9e:d8:74:49:db:8f:
25                    0d:f9:56:de:bc:8d:be:67:1d:a6:77:8c:d8:19:81:
26                    17:1c:0c:2b:b7:dc:07:6a:e6:73:29:e2:a7:f9:4c:
27                    39:c9:b7:bf:b5:e2:e6:b2:d3:79:10:12:bd:d7:2d:
28                    20:2e:e5:63:03:06:00:02:6e:a2:82:b4:d2:ad:83:
29                    f8:16:26:37:49:ef:07:b5:41:cb:7b:63:42:8e:34:
30                    35:12:cc:a9:9b:e6:35:28:b2:2f:04:ff:81:69:a7:
31                    9c:17:ca:37:1f:30:13:a1:9c:e6:c7:54:8e:5f:4e:
32                    af:89
33                Exponent: 65537 (0x10001)
34        X509v3 extensions:
35            Netscape Cert Type:
36                SSL Client, SSL Server, S/MIME, Object Signing
37    Signature Algorithm: md5WithRSAEncryption
38        23:67:52:67:36:32:ac:be:e1:76:70:c9:d5:a9:8b:27:08:db:
39        4a:42:6e:12:5e:9a:de:8d:f0:ce:8f:f0:92:ca:7c:1d:f3:20:
40        49:aa:c8:fa:59:76:85:02:66:13:57:b2:e3:90:4e:70:fd:6e:
41        ce:65:a6:dc:8c:90:7a:a8:8f:5e:31:f1:97:8c:dd:8b:48:e1:
42        64:e0:c1:45:09:7c:40:b1:8a:20:10:1d:b4:dd:c1:0f:ce:63:
43        76:02:1e:c4:42:d6:79:c9:76:94:a1:5a:ff:03:ec:93:59:d6:
44        74:3c:23:34:ab:0c:7e:49:2d:33:e9:0d:fb:cf:5a:91:53:12:
45        a8:1f
46-----BEGIN CERTIFICATE-----
47MIICiDCCAfGgAwIBAgIBNzANBgkqhkiG9w0BAQQFADAvMQwwCgYDVQQKEwNOREcx
48DTALBgNVBAsTBEJBREMxEDAOBgNVBAMTB1Rlc3QgQ0EwHhcNMDcxMjEyMTM1MjMw
49WhcNMDgxMjExMTM1MjMwWjBKMRowGAYDVQQKExFOREcgU2VjdXJpdHkgVGVzdDEP
50MA0GA1UECxMGU2l0ZSBCMRswGQYDVQQDExJBdHRyaWJ1dGVBdXRob3JpdHkwggEi
51MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7qjNUBSSvCsu8OeFaNIyI933S
52ni0fWeO0MFtinTYk9JDdS4v2/Oqw8/ZyksD2L4XOAFBuzAMcSmMgaFPLWVj1LvnT
53K+OQpWjv+UQkfSdQQeIfc4wq7p64vS5Z1DyGYveJjUUO+DNP6CON3QxZlQoimIZl
54oxXPEI3aByMYFttwOzN/2SV0Uq2vJVbIo+Wl4Z7YdEnbjw35Vt68jb5nHaZ3jNgZ
55gRccDCu33Adq5nMp4qf5TDnJt7+14uay03kQEr3XLSAu5WMDBgACbqKCtNKtg/gW
56JjdJ7we1Qct7Y0KONDUSzKmb5jUosi8E/4Fpp5wXyjcfMBOhnObHVI5fTq+JAgMB
57AAGjFTATMBEGCWCGSAGG+EIBAQQEAwIE8DANBgkqhkiG9w0BAQQFAAOBgQAjZ1Jn
58NjKsvuF2cMnVqYsnCNtKQm4SXprejfDOj/CSynwd8yBJqsj6WXaFAmYTV7LjkE5w
59/W7OZabcjJB6qI9eMfGXjN2LSOFk4MFFCXxAsYogEB203cEPzmN2Ah7EQtZ5yXaU
60oVr/A+yTWdZ0PCM0qwx+SS0z6Q37z1qRUxKoHw==
61-----END CERTIFICATE-----
Note: See TracBrowser for help on using the repository browser.