From 944e125ef9186d933609c131dfdd85178a57453b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 10:29:40 +0200 Subject: certs: Certum Domain Validation CA SHA2 -> Certum Trusted Network CA --- certs/Certum-Domain-Validation-CA-SHA2.pem | 176 ----------------------------- certs/Certum-Trusted-Network-CA.pem | 29 +++++ global-config.rsc | 2 +- 3 files changed, 30 insertions(+), 177 deletions(-) delete mode 100644 certs/Certum-Domain-Validation-CA-SHA2.pem create mode 100644 certs/Certum-Trusted-Network-CA.pem diff --git a/certs/Certum-Domain-Validation-CA-SHA2.pem b/certs/Certum-Domain-Validation-CA-SHA2.pem deleted file mode 100644 index 0cc17ac..0000000 --- a/certs/Certum-Domain-Validation-CA-SHA2.pem +++ /dev/null @@ -1,176 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 279744 (0x444c0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA - Validity - Not Before: Oct 22 12:07:37 2008 GMT - Not After : Dec 31 12:07:37 2029 GMT - Subject: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:e3:fb:7d:a3:72:ba:c2:f0:c9:14:87:f5:6b:01: - 4e:e1:6e:40:07:ba:6d:27:5d:7f:f7:5b:2d:b3:5a: - c7:51:5f:ab:a4:32:a6:61:87:b6:6e:0f:86:d2:30: - 02:97:f8:d7:69:57:a1:18:39:5d:6a:64:79:c6:01: - 59:ac:3c:31:4a:38:7c:d2:04:d2:4b:28:e8:20:5f: - 3b:07:a2:cc:4d:73:db:f3:ae:4f:c7:56:d5:5a:a7: - 96:89:fa:f3:ab:68:d4:23:86:59:27:cf:09:27:bc: - ac:6e:72:83:1c:30:72:df:e0:a2:e9:d2:e1:74:75: - 19:bd:2a:9e:7b:15:54:04:1b:d7:43:39:ad:55:28: - c5:e2:1a:bb:f4:c0:e4:ae:38:49:33:cc:76:85:9f: - 39:45:d2:a4:9e:f2:12:8c:51:f8:7c:e4:2d:7f:f5: - ac:5f:eb:16:9f:b1:2d:d1:ba:cc:91:42:77:4c:25: - c9:90:38:6f:db:f0:cc:fb:8e:1e:97:59:3e:d5:60: - 4e:e6:05:28:ed:49:79:13:4b:ba:48:db:2f:f9:72: - d3:39:ca:fe:1f:d8:34:72:f5:b4:40:cf:31:01:c3: - ec:de:11:2d:17:5d:1f:b8:50:d1:5e:19:a7:69:de: - 07:33:28:ca:50:95:f9:a7:54:cb:54:86:50:45:a9: - f9:49 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 08:76:CD:CB:07:FF:24:F6:C5:CD:ED:BB:90:BC:E2:84:37:46:75:F7 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - Signature Value: - a6:a8:ad:22:ce:01:3d:a6:a3:ff:62:d0:48:9d:8b:5e:72:b0: - 78:44:e3:dc:1c:af:09:fd:23:48:fa:bd:2a:c4:b9:55:04:b5: - 10:a3:8d:27:de:0b:82:63:d0:ee:de:0c:37:79:41:5b:22:b2: - b0:9a:41:5c:a6:70:e0:d4:d0:77:cb:23:d3:00:e0:6c:56:2f: - e1:69:0d:0d:d9:aa:bf:21:81:50:d9:06:a5:a8:ff:95:37:d0: - aa:fe:e2:b3:f5:99:2d:45:84:8a:e5:42:09:d7:74:02:2f:f7: - 89:d8:99:e9:bc:27:d4:47:8d:ba:0d:46:1c:77:cf:14:a4:1c: - b9:a4:31:c4:9c:28:74:03:34:ff:33:19:26:a5:e9:0d:74:b7: - 3e:97:c6:76:e8:27:96:a3:66:dd:e1:ae:f2:41:5b:ca:98:56: - 83:73:70:e4:86:1a:d2:31:41:ba:2f:be:2d:13:5a:76:6f:4e: - e8:4e:81:0e:3f:5b:03:22:a0:12:be:66:58:11:4a:cb:03:c4: - b4:2a:2a:2d:96:17:e0:39:54:bc:48:d3:76:27:9d:9a:2d:06: - a6:c9:ec:39:d2:ab:db:9f:9a:0b:27:02:35:29:b1:40:95:e7: - f9:e8:9c:55:88:19:46:d6:b7:34:f5:7e:ce:39:9a:d9:38:f1: - 51:f7:4f:2c ------BEGIN CERTIFICATE----- -MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM -MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D -ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU -cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 -WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg -Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw -IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH -UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM -TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU -BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM -kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x -AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV -HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y -sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL -I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 -J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY -VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI -03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 26:dd:d2:2b:46:c9:c4:4d:5a:69:4d:39:80:7e:72:ad - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA - Validity - Not Before: Sep 11 12:00:00 2014 GMT - Not After : Jun 9 10:46:39 2027 GMT - Subject: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Domain Validation CA SHA2 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:a1:25:63:df:8d:e4:20:07:d9:54:d1:d1:04:f6: - 17:e2:3e:47:fb:c3:74:25:b8:c4:bf:12:12:bc:e0: - 70:d1:39:05:c2:17:b3:f7:82:70:a0:4e:07:fe:10: - 2a:ff:db:0d:46:5e:24:94:a3:8b:45:9f:18:9b:ce: - 42:c4:ae:db:83:33:bc:c2:bb:b4:30:b6:a7:37:87: - 78:7b:48:cb:25:2c:82:bb:0a:48:12:60:76:89:ec: - 8e:cc:8f:1e:52:48:e9:86:02:5a:c2:b0:8a:7c:85: - 3d:d9:ff:60:4f:33:6c:a6:a1:a0:85:e1:d7:53:f2: - ea:27:3d:65:a9:72:c1:08:83:cc:b0:25:9c:11:46: - 24:e0:3e:f4:a7:ef:ed:51:b1:65:93:42:b4:f6:e6: - 86:0a:10:79:32:36:58:b2:6b:a8:dc:d5:7a:1e:9d: - 14:ee:40:e7:b2:46:4c:bd:9a:29:c2:ec:f8:30:c1: - 62:02:2a:e2:1c:83:62:d0:85:36:1a:83:de:12:84: - 29:65:ef:d2:32:be:31:60:42:a8:cf:f8:dd:ea:d0: - 56:47:1d:bd:76:96:24:13:e7:be:d9:99:2b:fa:30: - 64:f1:8a:38:7a:a6:e1:2a:96:02:b0:9d:ba:d8:8f: - 6d:4e:7a:94:69:7d:b0:93:aa:74:e5:93:90:13:fa: - a2:99 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - E5:31:AD:BF:3A:11:96:F4:83:BC:50:3C:D4:B7:90:9B:90:EE:DE:25 - X509v3 Authority Key Identifier: - 08:76:CD:CB:07:FF:24:F6:C5:CD:ED:BB:90:BC:E2:84:37:46:75:F7 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 CRL Distribution Points: - Full Name: - URI:http://crl.certum.pl/ctnca.crl - Authority Information Access: - OCSP - URI:http://subca.ocsp-certum.com - CA Issuers - URI:http://repository.certum.pl/ctnca.cer - X509v3 Certificate Policies: - Policy: X509v3 Any Policy - CPS: http://www.certum.pl/CPS - Signature Algorithm: sha256WithRSAEncryption - Signature Value: - ba:bf:f0:e1:dd:4d:2b:42:43:64:58:df:64:f3:ff:80:1a:5f: - 56:be:3b:a9:b2:76:f7:54:7a:4c:30:c1:99:24:4b:72:d2:ca: - d4:fa:08:c6:90:de:88:12:ed:f8:90:f9:fc:a9:84:fd:92:f2: - 78:e5:db:c9:22:57:ab:41:30:42:6b:0b:9f:d7:73:33:fb:01: - 67:1c:42:5c:8f:27:67:c7:6e:07:03:8d:0e:96:cb:0a:03:cc: - 3e:f8:87:3c:35:30:cd:18:8c:d5:71:dd:cd:dd:61:b0:13:a3: - 64:46:4e:fe:71:4e:6b:65:e9:14:04:f2:3f:a8:bd:0c:36:3d: - 2a:5d:9e:07:f2:c2:4f:90:c5:5e:4d:18:37:d1:27:28:80:a4: - 36:e5:ca:93:6a:65:0e:f8:93:b9:af:52:58:4b:7a:71:d8:ba: - f3:ef:d2:f3:f6:a2:97:e4:5d:14:02:9a:cb:e5:ae:b6:93:e1: - 23:9f:9b:3f:46:f7:ee:8e:a1:00:5b:66:c3:1e:68:23:86:0f: - 5d:77:ba:53:ad:f9:52:fb:70:15:c5:75:eb:cf:79:ad:49:7c: - f2:76:62:ae:44:2f:c5:5f:51:34:25:41:6a:12:0a:5f:8e:ae: - 10:c4:43:89:35:fd:ec:ff:31:e6:ec:1e:87:e9:3a:7c:29:50: - 45:41:a3:14 ------BEGIN CERTIFICATE----- -MIIEzjCCA7agAwIBAgIQJt3SK0bJxE1aaU05gH5yrTANBgkqhkiG9w0BAQsFADB+ -MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B -LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYD -VQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMB4XDTE0MDkxMTEyMDAwMFoX -DTI3MDYwOTEwNDYzOVowgYUxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRv -IFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlv -biBBdXRob3JpdHkxKTAnBgNVBAMTIENlcnR1bSBEb21haW4gVmFsaWRhdGlvbiBD -QSBTSEEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSVj343kIAfZ -VNHRBPYX4j5H+8N0JbjEvxISvOBw0TkFwhez94JwoE4H/hAq/9sNRl4klKOLRZ8Y -m85CxK7bgzO8wru0MLanN4d4e0jLJSyCuwpIEmB2ieyOzI8eUkjphgJawrCKfIU9 -2f9gTzNspqGgheHXU/LqJz1lqXLBCIPMsCWcEUYk4D70p+/tUbFlk0K09uaGChB5 -MjZYsmuo3NV6Hp0U7kDnskZMvZopwuz4MMFiAiriHINi0IU2GoPeEoQpZe/SMr4x -YEKoz/jd6tBWRx29dpYkE+e+2Zkr+jBk8Yo4eqbhKpYCsJ262I9tTnqUaX2wk6p0 -5ZOQE/qimQIDAQABo4IBPjCCATowDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU -5TGtvzoRlvSDvFA81LeQm5Du3iUwHwYDVR0jBBgwFoAUCHbNywf/JPbFze27kLzi -hDdGdfcwDgYDVR0PAQH/BAQDAgEGMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9j -cmwuY2VydHVtLnBsL2N0bmNhLmNybDBrBggrBgEFBQcBAQRfMF0wKAYIKwYBBQUH -MAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNlcnR1bS5jb20wMQYIKwYBBQUHMAKGJWh0 -dHA6Ly9yZXBvc2l0b3J5LmNlcnR1bS5wbC9jdG5jYS5jZXIwOQYDVR0gBDIwMDAu -BgRVHSAAMCYwJAYIKwYBBQUHAgEWGGh0dHA6Ly93d3cuY2VydHVtLnBsL0NQUzAN -BgkqhkiG9w0BAQsFAAOCAQEAur/w4d1NK0JDZFjfZPP/gBpfVr47qbJ291R6TDDB -mSRLctLK1PoIxpDeiBLt+JD5/KmE/ZLyeOXbySJXq0EwQmsLn9dzM/sBZxxCXI8n -Z8duBwONDpbLCgPMPviHPDUwzRiM1XHdzd1hsBOjZEZO/nFOa2XpFATyP6i9DDY9 -Kl2eB/LCT5DFXk0YN9EnKICkNuXKk2plDviTua9SWEt6cdi68+/S8/ail+RdFAKa -y+WutpPhI5+bP0b37o6hAFtmwx5oI4YPXXe6U635UvtwFcV16895rUl88nZirkQv -xV9RNCVBahIKX46uEMRDiTX97P8x5uweh+k6fClQRUGjFA== ------END CERTIFICATE----- diff --git a/certs/Certum-Trusted-Network-CA.pem b/certs/Certum-Trusted-Network-CA.pem new file mode 100644 index 0000000..a48e706 --- /dev/null +++ b/certs/Certum-Trusted-Network-CA.pem @@ -0,0 +1,29 @@ +# Issuer: CN=Certum Trusted Network CA O=Unizeto Technologies S.A. OU=Certum Certification Authority +# Subject: CN=Certum Trusted Network CA O=Unizeto Technologies S.A. OU=Certum Certification Authority +# Label: "Certum Trusted Network CA" +# Serial: 279744 +# MD5 Fingerprint: d5:e9:81:40:c5:18:69:fc:46:2c:89:75:62:0f:aa:78 +# SHA1 Fingerprint: 07:e0:32:e0:20:b7:2c:3f:19:2f:06:28:a2:59:3a:19:a7:0f:06:9e +# SHA256 Fingerprint: 5c:58:46:8d:55:f5:8e:49:7e:74:39:82:d2:b5:00:10:b6:d1:65:37:4a:cf:83:a7:d4:a3:2d:b7:68:c4:40:8e +-----BEGIN CERTIFICATE----- +MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM +MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D +ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU +cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 +WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg +Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw +IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH +UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM +TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU +BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM +kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x +AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV +HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y +sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL +I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 +J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY +VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI +03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= +-----END CERTIFICATE----- diff --git a/global-config.rsc b/global-config.rsc index 16de721..73a9ca0 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -104,7 +104,7 @@ { url="https://www.dshield.org/block.txt"; cidr="/24"; cert="ISRG Root X1" }; { url="https://lists.blocklist.de/lists/strongips.txt"; - cert="Certum Domain Validation CA SHA2" }; + cert="Certum Trusted Network CA" }; # { url="https://www.spamhaus.org/drop/drop.txt"; # cert="Cloudflare Inc ECC CA-3" }; # { url="https://www.spamhaus.org/drop/edrop.txt"; -- cgit v1.2.3-54-g00ecf