Google Git
Sign in
chromium / chromium / src / 52939ed422f481e2970edfa57a8bf24ca3dbacb8 / . / net / data / verify_certificate_chain_unittest / intermediate-basic-constraints-ca-false.pem
blob: c51ee5b86a49a49c0307c668209105d6c168a415 [file] [log] [blame]
[Created by: generate-intermediate-basic-constraints-ca-false.py]
Certificate chain with 1 intermediate and a trusted root. The intermediate
has a basic constraints extension that indicates it is NOT a CA. Verification
is expected to fail.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:96:d4:6b:47:00:ed:9a:72:03:1f:bc:14:42:63:
28:8d:c9:5a:08:27:59:06:2e:61:d9:28:aa:ed:58:
17:5f:f2:bf:ee:33:ab:74:0b:1c:c3:00:b6:38:96:
96:d0:dc:91:44:ab:1d:fa:e5:99:ed:fe:ee:43:dd:
21:b0:b8:1a:31:70:bb:c6:a5:eb:6e:2e:79:cf:c3:
c9:32:f7:39:e5:ff:9f:1e:fd:c8:8c:8f:9d:42:e6:
5d:cc:b1:75:fa:94:f3:f8:df:f8:47:ea:7a:4f:4c:
1d:67:fd:37:2e:75:a3:13:84:00:92:c5:6c:86:66:
80:39:7b:0f:2e:af:14:ce:82:1c:e4:78:7b:f3:d8:
f4:b3:b1:d1:7d:5f:ed:19:6f:1d:eb:7e:be:3a:33:
e1:b4:86:82:22:05:28:87:85:b8:2b:70:f1:88:45:
6b:b4:fb:d0:f0:0a:e5:45:f6:a8:e2:18:88:74:56:
4c:a7:4b:cb:13:8e:61:8b:1a:c2:a2:2b:2d:24:7a:
f0:4c:53:49:8b:98:be:52:31:72:5d:38:e7:8d:36:
7b:bb:34:4d:66:2d:b3:8b:82:85:9f:e6:f9:d8:58:
da:0d:e9:d5:d2:be:53:4b:88:ad:58:8a:3b:3c:1d:
53:60:ed:15:50:9c:fd:c3:bf:0c:fc:56:02:8f:06:
ab:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F2:C8:4F:15:5E:61:18:40:61:41:B1:88:18:21:B5:77:6F:F9:DE
X509v3 Authority Key Identifier:
keyid:AF:9B:3A:70:86:45:08:AD:02:CD:FC:FD:46:48:82:7D:46:63:31:DB
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
b2:5a:9e:62:99:e4:0e:de:7b:de:ca:d6:a9:50:9d:18:c4:83:
51:0d:be:00:9f:f8:61:b1:d2:38:f6:30:61:ef:d5:88:05:38:
ac:37:8e:fc:c4:24:50:c5:eb:1f:75:f6:87:20:ba:47:a4:fe:
91:e6:82:ef:4a:03:66:0e:67:a7:24:d9:f3:00:92:bc:a5:41:
66:ca:36:f7:ef:c7:7c:84:72:28:74:23:d9:f2:aa:cb:9c:bc:
1b:e1:3a:16:22:60:29:6e:f9:88:2f:92:a2:39:81:7e:0f:55:
4c:fe:c5:ab:e3:8d:54:41:4b:b8:09:57:57:07:e5:c9:7a:85:
43:b7:1f:1d:39:81:d0:18:83:dd:fd:db:28:6f:07:88:42:7e:
cd:89:73:7b:08:ef:8b:01:33:f2:a3:e4:3a:be:43:de:c1:03:
e0:0c:e1:6d:0a:dd:ad:36:bc:76:13:57:2f:89:35:35:85:d3:
74:8c:11:ff:86:16:39:7e:3e:ee:fc:88:30:8d:4d:1d:5f:97:
ba:77:c7:6a:d4:05:d9:c9:27:29:10:08:f9:a0:56:8e:5b:5d:
d9:3f:7d:d4:73:5b:eb:d7:0c:f9:58:b4:38:66:37:8e:f2:48:
ad:80:7e:2b:bd:09:01:66:16:31:e4:31:df:4e:cc:78:d3:40:
c8:08:44:72
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW1GtH
AO2acgMfvBRCYyiNyVoIJ1kGLmHZKKrtWBdf8r/uM6t0CxzDALY4lpbQ3JFEqx36
5Znt/u5D3SGwuBoxcLvGpetuLnnPw8ky9znl/58e/ciMj51C5l3MsXX6lPP43/hH
6npPTB1n/TcudaMThACSxWyGZoA5ew8urxTOghzkeHvz2PSzsdF9X+0Zbx3rfr46
M+G0hoIiBSiHhbgrcPGIRWu0+9DwCuVF9qjiGIh0VkynS8sTjmGLGsKiKy0kevBM
U0mLmL5SMXJdOOeNNnu7NE1mLbOLgoWf5vnYWNoN6dXSvlNLiK1Yijs8HVNg7RVQ
nP3Dvwz8VgKPBqudAgMBAAGjgekwgeYwHQYDVR0OBBYEFGnyyE8VXmEYQGFBsYgY
IbV3b/neMB8GA1UdIwQYMBaAFK+bOnCGRQitAs38/UZIgn1GYzHbMD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAslqeYpnkDt573srWqVCd
GMSDUQ2+AJ/4YbHSOPYwYe/ViAU4rDeO/MQkUMXrH3X2hyC6R6T+keaC70oDZg5n
pyTZ8wCSvKVBZso29+/HfIRyKHQj2fKqy5y8G+E6FiJgKW75iC+SojmBfg9VTP7F
q+ONVEFLuAlXVwflyXqFQ7cfHTmB0BiD3f3bKG8HiEJ+zYlzewjviwEz8qPkOr5D
3sED4AzhbQrdrTa8dhNXL4k1NYXTdIwR/4YWOX4+7vyIMI1NHV+XunfHatQF2ckn
KRAI+aBWjltd2T991HNb69cM+Vi0OGY3jvJIrYB+K70JAWYWMeQx307MeNNAyAhE
cg==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c2:02:78:c1:e7:a0:b7:63:87:52:e4:d4:11:71:
3e:cb:65:9c:d9:2f:cb:48:30:8e:62:29:ae:c9:22:
36:a6:67:d2:ea:10:58:d2:82:ab:bc:1e:a3:12:64:
6e:fd:79:af:2e:6c:c0:8b:fd:36:68:ea:e0:0a:09:
53:99:89:75:92:61:13:ac:aa:d9:e2:f1:ac:93:72:
94:65:99:9e:52:9d:8f:6d:1e:b1:3e:83:fb:fa:c4:
dd:b4:b3:d2:0b:bb:f8:21:10:a9:51:8e:9e:b4:c8:
a8:63:79:50:62:03:59:3f:53:19:02:7c:a4:d9:45:
dd:07:b7:76:89:ac:ac:6f:b1:1d:aa:8c:4a:e5:40:
a2:05:32:2f:ba:a8:a9:8a:f3:eb:f0:f3:d9:9e:97:
e6:89:42:dd:95:67:de:33:62:2c:10:59:0b:b6:de:
9a:3e:54:10:b8:a4:a9:33:05:4d:fc:ea:8b:56:38:
2a:11:88:cd:75:1f:74:ea:4e:ad:3c:ef:da:d4:00:
72:57:1c:16:d3:20:b6:99:cc:7f:aa:58:fa:48:e8:
e9:a9:bd:00:2e:87:ce:39:9b:1c:17:23:ac:28:55:
77:81:e7:ac:f6:d6:6d:77:27:fb:e7:a0:22:72:58:
83:4d:1a:1a:be:b6:00:8e:d1:11:c7:71:28:93:09:
74:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:9B:3A:70:86:45:08:AD:02:CD:FC:FD:46:48:82:7D:46:63:31:DB
X509v3 Authority Key Identifier:
keyid:6C:B8:FE:A6:74:44:97:70:ED:FE:CB:24:38:90:2A:A9:61:48:FB:EB
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
3f:ec:85:4a:fd:7e:f8:bf:4e:fd:12:e1:c4:70:75:17:55:d8:
51:0e:92:49:9f:52:f9:e5:56:25:54:62:9e:0e:c4:24:be:d9:
aa:71:d6:cf:83:89:12:db:0a:6d:a1:c8:97:37:c6:89:9a:f7:
50:45:de:27:de:5f:48:27:6c:09:90:b0:7f:4b:1e:d4:0a:50:
8a:be:71:6f:b6:38:76:b5:a1:9d:73:2e:79:51:73:a0:7e:f9:
5e:17:12:09:99:5a:e9:f9:b7:a7:59:8d:83:6f:8c:b4:ff:b6:
2b:13:24:a0:ca:e6:e3:d2:61:b2:18:7f:40:fe:e1:08:98:d5:
e1:cb:54:b6:6e:3a:78:52:07:a7:0c:20:d8:d6:e5:ae:b5:a7:
89:92:24:91:4c:51:99:e0:bf:0e:f8:28:82:ca:64:f1:83:30:
7a:cd:83:a5:16:77:de:58:21:2b:e5:0c:46:3a:c8:67:14:d3:
e4:4a:0d:5d:61:d2:4c:5a:00:8f:89:e3:93:a7:e2:e9:9c:fd:
13:83:8a:39:09:d6:22:90:e1:ee:3b:d9:4c:8a:5d:a9:39:f0:
f0:a4:f2:ee:a1:5b:1a:12:80:cb:61:1c:6d:fb:15:8a:e7:8d:
f9:8b:bf:99:06:94:f2:e1:00:e6:c3:a8:08:1c:d1:cf:f6:a7:
23:e1:3d:3d
-----BEGIN CERTIFICATE-----
MIIDajCCAlKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgJ4weeg
t2OHUuTUEXE+y2Wc2S/LSDCOYimuySI2pmfS6hBY0oKrvB6jEmRu/XmvLmzAi/02
aOrgCglTmYl1kmETrKrZ4vGsk3KUZZmeUp2PbR6xPoP7+sTdtLPSC7v4IRCpUY6e
tMioY3lQYgNZP1MZAnyk2UXdB7d2iaysb7EdqoxK5UCiBTIvuqipivPr8PPZnpfm
iULdlWfeM2IsEFkLtt6aPlQQuKSpMwVN/OqLVjgqEYjNdR906k6tPO/a1AByVxwW
0yC2mcx/qlj6SOjpqb0ALofOOZscFyOsKFV3gees9tZtdyf756AicliDTRoavrYA
jtERx3Eokwl0ewIDAQABo4HIMIHFMB0GA1UdDgQWBBSvmzpwhkUIrQLN/P1GSIJ9
RmMx2zAfBgNVHSMEGDAWgBRsuP6mdESXcO3+yyQ4kCqpYUj76zA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAD/s
hUr9fvi/Tv0S4cRwdRdV2FEOkkmfUvnlViVUYp4OxCS+2apx1s+DiRLbCm2hyJc3
xoma91BF3ifeX0gnbAmQsH9LHtQKUIq+cW+2OHa1oZ1zLnlRc6B++V4XEgmZWun5
t6dZjYNvjLT/tisTJKDK5uPSYbIYf0D+4QiY1eHLVLZuOnhSB6cMINjW5a61p4mS
JJFMUZngvw74KILKZPGDMHrNg6UWd95YISvlDEY6yGcU0+RKDV1h0kxaAI+J45On
4umc/RODijkJ1iKQ4e472UyKXak58PCk8u6hWxoSgMthHG37FYrnjfmLv5kGlPLh
AObDqAgc0c/2pyPhPT0=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bb:74:06:fa:a6:03:d1:64:c6:fa:62:8c:f6:40:
93:be:4e:7d:71:8b:3c:fb:57:b2:64:7a:08:9d:ce:
c3:40:ff:eb:84:43:e9:0c:e0:80:2c:e3:9c:38:43:
90:9d:e1:a5:4e:a1:10:9f:ac:b4:bf:24:38:7a:d7:
37:21:0d:ae:de:f0:99:37:43:6a:e7:7f:d0:4a:ba:
d3:a4:f4:df:ce:fa:d1:b0:03:f9:5d:79:a5:c5:82:
b0:cf:62:02:87:84:ec:73:d2:65:33:86:02:d7:f4:
57:8d:98:a2:2a:8f:89:c6:23:29:68:ff:56:46:d2:
dc:9a:e3:d2:24:d8:e9:fe:18:0c:4f:67:b3:cd:5e:
31:4a:70:2e:4c:b2:7e:10:e1:38:c7:a1:fa:bc:8f:
9b:23:e9:19:56:c5:38:4a:e8:7d:31:e2:6e:03:70:
ce:f2:0b:52:7d:6d:d7:d7:53:d8:e0:1c:6e:95:f3:
1c:b6:04:50:03:23:39:86:42:28:68:26:5f:ca:a7:
13:e2:51:ed:f0:55:bb:ac:4e:9d:cf:e5:07:44:41:
45:f8:5c:65:cf:d7:7f:0a:e0:ee:5e:5e:2c:0c:13:
10:f6:d4:e3:ba:9f:16:f4:8c:85:b2:53:4c:e1:56:
63:f0:08:11:84:df:dc:e1:a0:7f:fb:78:5d:eb:21:
f9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B8:FE:A6:74:44:97:70:ED:FE:CB:24:38:90:2A:A9:61:48:FB:EB
X509v3 Authority Key Identifier:
keyid:6C:B8:FE:A6:74:44:97:70:ED:FE:CB:24:38:90:2A:A9:61:48:FB:EB
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
1d:f7:c7:61:bf:e6:5b:98:aa:4f:b3:9f:a5:9b:af:d0:31:38:
d1:9e:b6:44:59:c0:23:e7:cb:e5:2b:8d:f3:fe:6c:85:96:74:
25:ad:05:ae:bd:6b:c6:c2:aa:54:80:43:8d:af:e4:3f:0d:1c:
9d:79:52:17:57:dc:81:d1:cc:14:a7:32:99:fa:b3:dc:4c:e6:
c5:f8:3d:76:23:68:af:01:84:b9:39:89:ea:c7:b1:25:dc:01:
73:5c:f6:f4:f5:f4:9e:16:6e:13:59:90:a5:dd:9d:62:1f:73:
3f:51:90:79:7c:ff:7c:98:2c:b5:a2:1b:62:72:f6:86:3f:1e:
18:fc:52:f2:f0:af:6d:3e:2b:e6:89:fa:25:62:6c:6d:35:59:
87:5f:9e:8d:f4:49:7f:83:eb:d2:e9:b2:49:f7:11:2f:2e:c9:
f4:f1:36:46:72:3f:63:21:88:f2:ba:60:c8:6b:9f:8d:9c:bd:
64:9b:18:d9:c0:b8:c4:62:6a:85:47:e9:07:11:a1:0f:ff:a7:
38:7f:ed:35:55:ca:60:c9:ed:51:53:d8:e9:1c:40:9b:cf:3a:
d1:be:a5:aa:71:35:50:30:92:50:97:04:9c:68:27:27:ce:19:
bf:c5:6a:f0:86:4e:19:ef:4a:2b:14:9f:39:cc:5b:4d:d8:3e:
8b:9d:bb:cb
-----BEGIN TRUST_ANCHOR_UNCONSTRAINED-----
MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALt0BvqmA9FkxvpijPZA
k75OfXGLPPtXsmR6CJ3Ow0D/64RD6QzggCzjnDhDkJ3hpU6hEJ+stL8kOHrXNyEN
rt7wmTdDaud/0Eq606T038760bAD+V15pcWCsM9iAoeE7HPSZTOGAtf0V42YoiqP
icYjKWj/VkbS3Jrj0iTY6f4YDE9ns81eMUpwLkyyfhDhOMeh+ryPmyPpGVbFOEro
fTHibgNwzvILUn1t19dT2OAcbpXzHLYEUAMjOYZCKGgmX8qnE+JR7fBVu6xOnc/l
B0RBRfhcZc/Xfwrg7l5eLAwTEPbU47qfFvSMhbJTTOFWY/AIEYTf3OGgf/t4Xesh
+eUCAwEAAaOByzCByDAdBgNVHQ4EFgQUbLj+pnREl3Dt/sskOJAqqWFI++swHwYD
VR0jBBgwFoAUbLj+pnREl3Dt/sskOJAqqWFI++swNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAd98dhv+Zb
mKpPs5+lm6/QMTjRnrZEWcAj58vlK43z/myFlnQlrQWuvWvGwqpUgEONr+Q/DRyd
eVIXV9yB0cwUpzKZ+rPcTObF+D12I2ivAYS5OYnqx7El3AFzXPb09fSeFm4TWZCl
3Z1iH3M/UZB5fP98mCy1ohticvaGPx4Y/FLy8K9tPivmifolYmxtNVmHX56N9El/
g+vS6bJJ9xEvLsn08TZGcj9jIYjyumDIa5+NnL1kmxjZwLjEYmqFR+kHEaEP/6c4
f+01Vcpgye1RU9jpHECbzzrRvqWqcTVQMJJQlwScaCcnzhm/xWrwhk4Z70orFJ85
zFtN2D6LnbvL
-----END TRUST_ANCHOR_UNCONSTRAINED-----
150302120000Z
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
FAIL
-----BEGIN VERIFY_RESULT-----
RkFJTA==
-----END VERIFY_RESULT-----
serverAuth
-----BEGIN KEY_PURPOSE-----
c2VydmVyQXV0aA==
-----END KEY_PURPOSE-----
----- Certificate i=1 (CN=Intermediate) -----
ERROR: Basic Constraints indicates not a CA
-----BEGIN ERRORS-----
LS0tLS0gQ2VydGlmaWNhdGUgaT0xIChDTj1JbnRlcm1lZGlhdGUpIC0tLS0tCkVSUk9SOiBCYXNpYyBDb25zdHJhaW50cyBpbmRpY2F0ZXMgbm90IGEgQ0EKCg==
-----END ERRORS-----