espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-07-29 18:27:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(examples): Example CA certs must contain the Key Usage parameter

Browse Source 
- Example CA certificates that are used for self-signed client certificates
need to include the Key Usage parameter.
- Python3.13 changed the default context of the SSL context that is
generated using ssl.create_default_context() by enabling the VERIFY_X509_STRICT
flag by default
This commit is contained in:
harshal.patil
2025-04-02 13:07:02 +05:30
parent fcbe493070
commit 9221c4eecd
10 changed files with 91 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
examples/protocols/esp_local_ctrl/README.md
View File

@ -13,7 +13,7 @@ Note, that this example in not supported for IPv6-only configuration.
## Client Side Implementation
A python test script `scripts/esp_local_ctrl.py` has been provided for as a client side application for controlling the device over the same Wi-Fi network. The script relies on a pre-generated `main/certs/rootCA.pem` to verify the server certificate. The server side private key and certificate can also be found under `main/certs`, namely `prvtkey.pem` and `cacert.pem`.
A python test script `scripts/esp_local_ctrl.py` has been provided for as a client side application for controlling the device over the same Wi-Fi network. The script relies on a pre-generated `main/certs/rootCA.pem` to verify the server certificate. The server side private key and certificate can also be found under `main/certs`, namely `prvtkey.pem` and `servercert.pem`.
After configuring the Wi-Fi, flashing and booting the device, run the following command to test the device name
resolution through mDNS:
@ -91,7 +91,7 @@ You can generate a new server certificate using the OpenSSL command line tool.
For the purpose of this example, lets generate a rootCA, which we will use to sign the server certificates and which the client will use to verify the server certificate during SSL handshake. You will need to set a password for encrypting the generated `rootkey.pem`.
```
openssl req -new -x509 -subj "/CN=root" -days 3650 -sha256 -out rootCA.pem -keyout rootkey.pem
openssl req -new -x509 -subj "/CN=root" -days 3650 -sha256 -out rootCA.pem -keyout rootkey.pem -addext "keyUsage=critical,digitalSignature,keyCertSign"
```
Now generate a certificate signing request for the server, along with its private key `prvtkey.pem`.
@ -100,13 +100,13 @@ Now generate a certificate signing request for the server, along with its privat
openssl req -newkey rsa:2048 -nodes -keyout prvtkey.pem -days 3650 -out server.csr -subj "/CN=my_esp_ctrl_device.local"
```
Now use the previously generated rootCA to process the server's certificate signing request, and generate a signed certificate `cacert.pem`. The password set for encrypting `rootkey.pem` earlier, has to be entered during this step.
Now use the previously generated rootCA to process the server's certificate signing request, and generate a signed certificate `servercert.pem`. The password set for encrypting `rootkey.pem` earlier, has to be entered during this step.
```
openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootkey.pem -CAcreateserial -out cacert.pem -days 500 -sha256
openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootkey.pem -CAcreateserial -out servercert.pem -days 500 -sha256
```
Now that we have `rootCA.pem`, `cacert.pem` and `prvtkey.pem`, copy these into main/certs. Note that only the server related files (`cacert.pem` and `prvtkey.pem`) are embedded into the firmware.
Now that we have `rootCA.pem`, `servercert.pem` and `prvtkey.pem`, copy these into main/certs. Note that only the server related files (`servercert.pem` and `prvtkey.pem`) are embedded into the firmware.
Expiry time and metadata fields can be adjusted in the invocation.

31
examples/protocols/esp_local_ctrl/main/certs/rootCA.pem
View File

@ -1,16 +1,19 @@
-----BEGIN CERTIFICATE-----
MIICmjCCAYICCQCOEQkjYe2QMTANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARy
b290MB4XDTIwMTExMDExMjgyOVoXDTMwMTExMDExMjgyOVowDzENMAsGA1UEAwwE
cm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOqS7H7+XeFNcf5m
qlH04t0ru56MCDYv9JV3byILgUnk1j+ld74m2q4T+Xxiw5ruMXh41W2xryMLF3+3
jql8b7isJFwCXud4/WLr4KzCEKgqvr6Nez9Hb9rIBbQsGWtDTjfe06F/D9Zioyt3
RnoT+5ItpX0+9IJn3TmAx7g1wU2dlXeaTp48RWPtJBqxp80Lq4SR3CdxI9+eVHv9
sRA3sI9ggqFWzDNJDiTLZoJU1Z+n/MnHTUBt7WRZcMToMsHbj2Gtd4LruB3J46qO
bjoL4im9oUrfXJZh87nW9KQ/+gOVv8t0zU70A/JMrazb/YnE6xO7+40JfrGNuFMm
ZyylUyECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAvCJMjXDNO/zUv7SBlr8hlHse
KprCDEp91DlXsewpTB3h6s1gyZzDCygPtz80qRD6zy+T4r1veaYQeLecsIyfYNV1
qnhNPpHnxjuXrrVwpEYOk/aP0yVlv0PiHsjyxzblLQPomX4m43Ec8/wW0Nlw0Aau
K0sD5+Mv/3NNQIneGFsLF4JPRkJwLjSbjPdKLpjWdLsTKQwVg0FIslzI9RmBIQIq
Nz2RWNHSqfGzsRpne9deqx9/9M4N8URUcmo0j7Ly7mYuxTkF7sft6sxbWDYQx1S1
4GjAEFWe4352O0sFl0PWr+o8rd245yAu5SEahRFvjvnSNg8VlYcnezBmsp2rbQ==
MIIDDzCCAfegAwIBAgIUdplZAINp6jYpsMaG467s9Km4eHswDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEcm9vdDAeFw0yNTA0MDIwNzM1MTdaFw0zNTAzMzEwNzM1
MTdaMA8xDTALBgNVBAMMBHJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCavBVGCVrDZHhLqx19GrYKH+MocUYItc6uD00gK8O9MthZMRoUkKCjiJfb
8J3U9ufYdGHY/dZtXt9Ua+dadvdFh0u6PfGOZhbvMBAZNyWDyEVeV/CMYM946UXh
FNFxjP6tt5Z0HtitApe94k5kSGXvjpnwacQVLn88tIUtdQPpm2RfH3DOoTMjViQh
7a3ItPuwXJOXBFWeCZXmEPPjZO5xBOHjZLqWxyfolHm/XfWOqBXExb1SmTEk1EBo
z/wA0ORJYwewn2fgZP5o0Ou88SXcji7Rjn3CoWFottS2rxsz747jjtXJoieFA3fk
Qztu4QdPKsUIqevh/S+jtDi3JlozAgMBAAGjYzBhMB0GA1UdDgQWBBRy39hjtY/p
Dorc1bZdeISNsne+9jAfBgNVHSMEGDAWgBRy39hjtY/pDorc1bZdeISNsne+9jAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIChDANBgkqhkiG9w0BAQsFAAOC
AQEAa3EFXSXZ/wm1FGmvliXonhZsK88B11dscs5kxPPszbseHStg75n5ZfAHui7K
vZHJG1Pg3Rtaq7hDO+VeTGgSFq8kxQxS8wQRNRf7HI602jTmNeyccCW6XM4u3+bN
qbPFcTgJraceLSUCdYGE4ZPYK/8y5tfVafRbV08UBZ2bgqS9FmKQTPhohF6RBZ2s
m8rIKhtRca6LbX+3txpExnYzbOMtaC1TA58MspGujuV36xTGsrbS/cR9QU1CVyBL
e1p6W50YLtb82br/wou6WNY5QoTCQKV3eqq+Z76wOqdf6d9dMlIyl1Q0RZjOEysM
9VwHi6ONS9sYTuk8C99L0ewQ/Q==
-----END CERTIFICATE-----

32
examples/protocols/esp_local_ctrl/main/certs/servercert.pem
View File

@ -1,17 +1,19 @@
-----BEGIN CERTIFICATE-----
MIICrjCCAZYCCQDGnK9OU3UN2TANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARy
b290MB4XDTIwMTExMDExMzExNVoXDTMwMTExMDExMzExNVowIzEhMB8GA1UEAwwY
bXlfZXNwX2N0cmxfZGV2aWNlLmxvY2FsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2NgeOgHTX6yURoB8u3BAphDMTlp/Ar8oAtoO+xqIPw1sZKmhJLAS
bfKkHKhi7pr/h31xOHqzTxlPkUzWpfszFx5YiDFYtiIlcObrgk83u3CtvBw7wuZ6
BA/01hkiSGgkAFD/xnRNLKgidTu1tCIa2QY7Jnp+HdJz6yJws1/WAzn2lsXcJwSd
6tPu2U0lhE2w6ylCdLYD3upveo/80WArQqNg6bv6Wbz8iL18E87enpwfHMA7ZN+S
sDq7HACRjapAkcimjbzkrh7/f9Nr6c8KpPyeiWyHFxVTbmEj4NMG9IpbTKp9CMAt
ysmiPYAYNFXsTHjoRVf4EbfHbxGHobUwewIDAQABMA0GCSqGSIb3DQEBCwUAA4IB
AQBWg9Xh1MG4d4gGGx920OJBm+qQ9XY9oV2Aap81ZYshgBlnUKoKLhYolp/CHXyr
IXy7YA01ASX2wzohguqakdo0ghYkhwuRoly+0+uzphmqyMqXnTUDCgEcZF4l90xl
jRdMenqEgfOXDNk2VAK/rmAZ2jZsaGpBI4NRbEdwH1MVd61g2NVBk0nEI73cW6Ki
BPxMw2aGFizTwcPT9gwbQgLdLZeEuvcPrdzK5swqccZ+MBHMcwW/qvcmwqJGeLL2
zmx7o2ODQyElIKLKUDWAFIYrb7DXR4oajjhUa0+SOj9Ydj/5+eZ+Wx7NJoG+oH7N
DB0jK2qB8eexplQj1KLWS2Un
MIIDAjCCAeqgAwIBAgIUTYhcWJl9maLjHahTSmFZ/vxNraUwDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEcm9vdDAeFw0yNTA0MDIwNzM1NDdaFw0yNjA4MTUwNzM1
NDdaMCMxITAfBgNVBAMMGG15X2VzcF9jdHJsX2RldmljZS5sb2NhbDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBANjYHjoB01+slEaAfLtwQKYQzE5afwK/
KALaDvsaiD8NbGSpoSSwEm3ypByoYu6a/4d9cTh6s08ZT5FM1qX7MxceWIgxWLYi
JXDm64JPN7twrbwcO8LmegQP9NYZIkhoJABQ/8Z0TSyoInU7tbQiGtkGOyZ6fh3S
c+sicLNf1gM59pbF3CcEnerT7tlNJYRNsOspQnS2A97qb3qP/NFgK0KjYOm7+lm8
/Ii9fBPO3p6cHxzAO2TfkrA6uxwAkY2qQJHIpo285K4e/3/Ta+nPCqT8nolshxcV
U25hI+DTBvSKW0yqfQjALcrJoj2AGDRV7Ex46EVX+BG3x28Rh6G1MHsCAwEAAaNC
MEAwHQYDVR0OBBYEFIWrRCcd0EsQ14unaT9rQ8fxfXlDMB8GA1UdIwQYMBaAFHLf
2GO1j+kOitzVtl14hI2yd772MA0GCSqGSIb3DQEBCwUAA4IBAQBxGemDnMNibZag
C9zrz42c7Ag8MqjojoPqTghGfGN8NGmEylYossCpd/fVP2QriH9TB1cQhtV5AEgS
xipJr6ktjnxZjLcwfjxSrtHbwCGuXLtPNIqOEMPWvCxTWEnWkzNy6Mn9qSAwms6g
dQ7V2YU3nb7FTco9jt2V3JOXM/Yr1CbUHv27yycTpZSxSQAyp3U2xqC3snEbvlL4
Awp0j7tT5pR/JcfT0Fl0fgfoeRkdkJK1NWldzFs3G+A4DLKgFwyQHfT9Hlh5IU7a
4EtiavtsyNXtQPJLZajbdag06taQnQ6p6aqoiQnwcSHDjWtuCueSDVGN2rv1kWbt
pYByeDAW
-----END CERTIFICATE-----

2
examples/protocols/https_server/simple/README.md
View File

@ -40,7 +40,7 @@ as trusted.
You can generate a new certificate using the OpenSSL command line tool:
```
openssl req -newkey rsa:2048 -nodes -keyout prvtkey.pem -x509 -days 3650 -out cacert.pem -subj "/CN=ESP32 HTTPS server example"
openssl req -newkey rsa:2048 -nodes -keyout prvtkey.pem -x509 -days 3650 -out servercert.pem -subj "/CN=ESP32 HTTPS server example" -addext "keyUsage=critical,digitalSignature,keyCertSign"
```
Expiry time and metadata fields can be adjusted in the invocation.

21
examples/protocols/https_server/simple/main/certs/servercert.pem
View File

@ -1,19 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDKzCCAhOgAwIBAgIUBxM3WJf2bP12kAfqhmhhjZWv0ukwDQYJKoZIhvcNAQEL
BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMTgx
MDE3MTEzMjU3WhcNMjgxMDE0MTEzMjU3WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ
MIIDOzCCAiOgAwIBAgIUG/S51QF4EeUkdaqg54oogqIKBZkwDQYJKoZIhvcNAQEL
BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMjUw
NDAyMDcwMzI2WhcNMzUwMzMxMDcwMzI2WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ
UyBzZXJ2ZXIgZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALBint6nP77RCQcmKgwPtTsGK0uClxg+LwKJ3WXuye3oqnnjqJCwMEneXzGdG09T
sA0SyNPwrEgebLCH80an3gWU4pHDdqGHfJQa2jBL290e/5L5MB+6PTs2NKcojK/k
qcZkn58MWXhDW1NpAnJtjVniK2Ksvr/YIYSbyD+JiEs0MGxEx+kOl9d7hRHJaIzd
GF/vO2pl295v1qXekAlkgNMtYIVAjUy9CMpqaQBCQRL+BmPSJRkXBsYk8GPnieS4
sUsp53DsNvCCtWDT6fd9D1v+BB6nDk/FCPKhtjYOwOAZlX4wWNSZpRNr5dfrxKsb
jAn4PCuR2akdF4G8WLUeDWECAwEAAaNTMFEwHQYDVR0OBBYEFMnmdJKOEepXrHI/
jAn4PCuR2akdF4G8WLUeDWECAwEAAaNjMGEwHQYDVR0OBBYEFMnmdJKOEepXrHI/
ivM6mVqJgAX8MB8GA1UdIwQYMBaAFMnmdJKOEepXrHI/ivM6mVqJgAX8MA8GA1Ud
EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADiXIGEkSsN0SLSfCF1VNWO3
emBurfOcDq4EGEaxRKAU0814VEmU87btIDx80+z5Dbf+GGHCPrY7odIkxGNn0DJY
W1WcF+DOcbiWoUN6DTkAML0SMnp8aGj9ffx3x+qoggT+vGdWVVA4pgwqZT7Ybntx
bkzcNFW0sqmCv4IN1t4w6L0A87ZwsNwVpre/j6uyBw7s8YoJHDLRFT6g7qgn0tcN
ZufhNISvgWCVJQy/SZjNBHSpnIdCUSJAeTY2mkM4sGxY0Widk8LnjydxZUSxC3Nl
hb6pnMh3jRq4h0+5CZielA4/a+TdrNPv/qok67ot/XJdY3qHCCd8O2b14OVq9jo=
EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgKEMA0GCSqGSIb3DQEBCwUAA4IBAQBP
AgAagM33DqsDi+UArUxEoqmov1rH0PHXnd/a6Ct/IvNzr0qUH8hW4Lv0tWHfOJY8
pCf7bkejxXlhP/QHb6M+sobN9tN/WupEaeqNg4pCWi+6Caj2uFW9vkQQf2j50lMg
R0oxnd6SMEQArzy3f3yYRp8rliPERY6F2Rtb9HJNh53K51FE60xONPLZ/1dtSgDB
KcJseZfhg6oAUSLjFCYJEn5xa7CsIuQ8Jx2xMo4IkU44BJ8TJS4zw/hP1/vVjjvS
uU2Z0ZOUCQ78/3eMnsFfLMtDUYqXPyhNogm51GeHOR6dk+ICQ+c5gCDkJUnOTqzg
G2JUmXAXxJoUZDfalijl
-----END CERTIFICATE-----

21
examples/protocols/https_server/simple/pytest_https_server_simple.py
View File

@ -14,23 +14,24 @@ from pytest_embedded_idf.utils import idf_parametrize
server_cert_pem = (
'-----BEGIN CERTIFICATE-----\n'
'MIIDKzCCAhOgAwIBAgIUBxM3WJf2bP12kAfqhmhhjZWv0ukwDQYJKoZIhvcNAQEL\n'
'BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMTgx\n'
'MDE3MTEzMjU3WhcNMjgxMDE0MTEzMjU3WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ\n'
'MIIDOzCCAiOgAwIBAgIUG/S51QF4EeUkdaqg54oogqIKBZkwDQYJKoZIhvcNAQEL\n'
'BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMjUw\n'
'NDAyMDcwMzI2WhcNMzUwMzMxMDcwMzI2WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ\n'
'UyBzZXJ2ZXIgZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n'
'ALBint6nP77RCQcmKgwPtTsGK0uClxg+LwKJ3WXuye3oqnnjqJCwMEneXzGdG09T\n'
'sA0SyNPwrEgebLCH80an3gWU4pHDdqGHfJQa2jBL290e/5L5MB+6PTs2NKcojK/k\n'
'qcZkn58MWXhDW1NpAnJtjVniK2Ksvr/YIYSbyD+JiEs0MGxEx+kOl9d7hRHJaIzd\n'
'GF/vO2pl295v1qXekAlkgNMtYIVAjUy9CMpqaQBCQRL+BmPSJRkXBsYk8GPnieS4\n'
'sUsp53DsNvCCtWDT6fd9D1v+BB6nDk/FCPKhtjYOwOAZlX4wWNSZpRNr5dfrxKsb\n'
'jAn4PCuR2akdF4G8WLUeDWECAwEAAaNTMFEwHQYDVR0OBBYEFMnmdJKOEepXrHI/\n'
'jAn4PCuR2akdF4G8WLUeDWECAwEAAaNjMGEwHQYDVR0OBBYEFMnmdJKOEepXrHI/\n'
'ivM6mVqJgAX8MB8GA1UdIwQYMBaAFMnmdJKOEepXrHI/ivM6mVqJgAX8MA8GA1Ud\n'
'EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADiXIGEkSsN0SLSfCF1VNWO3\n'
'emBurfOcDq4EGEaxRKAU0814VEmU87btIDx80+z5Dbf+GGHCPrY7odIkxGNn0DJY\n'
'W1WcF+DOcbiWoUN6DTkAML0SMnp8aGj9ffx3x+qoggT+vGdWVVA4pgwqZT7Ybntx\n'
'bkzcNFW0sqmCv4IN1t4w6L0A87ZwsNwVpre/j6uyBw7s8YoJHDLRFT6g7qgn0tcN\n'
'ZufhNISvgWCVJQy/SZjNBHSpnIdCUSJAeTY2mkM4sGxY0Widk8LnjydxZUSxC3Nl\n'
'hb6pnMh3jRq4h0+5CZielA4/a+TdrNPv/qok67ot/XJdY3qHCCd8O2b14OVq9jo=\n'
'EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgKEMA0GCSqGSIb3DQEBCwUAA4IBAQBP\n'
'AgAagM33DqsDi+UArUxEoqmov1rH0PHXnd/a6Ct/IvNzr0qUH8hW4Lv0tWHfOJY8\n'
'pCf7bkejxXlhP/QHb6M+sobN9tN/WupEaeqNg4pCWi+6Caj2uFW9vkQQf2j50lMg\n'
'R0oxnd6SMEQArzy3f3yYRp8rliPERY6F2Rtb9HJNh53K51FE60xONPLZ/1dtSgDB\n'
'KcJseZfhg6oAUSLjFCYJEn5xa7CsIuQ8Jx2xMo4IkU44BJ8TJS4zw/hP1/vVjjvS\n'
'uU2Z0ZOUCQ78/3eMnsFfLMtDUYqXPyhNogm51GeHOR6dk+ICQ+c5gCDkJUnOTqzg\n'
'G2JUmXAXxJoUZDfalijl\n'
'-----END CERTIFICATE-----\n'
)

2
examples/protocols/https_server/wss_server/README.md
View File

@ -53,7 +53,7 @@ as trusted.
You can generate a new certificate using the OpenSSL command line tool:
```
openssl req -newkey rsa:2048 -nodes -keyout prvtkey.pem -x509 -days 3650 -out cacert.pem -subj "/CN=ESP32 HTTPS server example"
openssl req -newkey rsa:2048 -nodes -keyout prvtkey.pem -x509 -days 3650 -out servercert.pem -subj "/CN=ESP32 HTTPS server example" -addext "keyUsage=critical,digitalSignature,keyCertSign"
```
Expiry time and metadata fields can be adjusted in the invocation.

21
examples/protocols/https_server/wss_server/main/certs/servercert.pem
View File

@ -1,19 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDKzCCAhOgAwIBAgIUBxM3WJf2bP12kAfqhmhhjZWv0ukwDQYJKoZIhvcNAQEL
BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMTgx
MDE3MTEzMjU3WhcNMjgxMDE0MTEzMjU3WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ
MIIDOzCCAiOgAwIBAgIUGtx0JiogvT3DlTnZ3+tAT7Tr5JEwDQYJKoZIhvcNAQEL
BQAwJTEjMCEGA1UEAwwaRVNQMzIgSFRUUFMgc2VydmVyIGV4YW1wbGUwHhcNMjUw
NDAyMDcwNzE1WhcNMzUwMzMxMDcwNzE1WjAlMSMwIQYDVQQDDBpFU1AzMiBIVFRQ
UyBzZXJ2ZXIgZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALBint6nP77RCQcmKgwPtTsGK0uClxg+LwKJ3WXuye3oqnnjqJCwMEneXzGdG09T
sA0SyNPwrEgebLCH80an3gWU4pHDdqGHfJQa2jBL290e/5L5MB+6PTs2NKcojK/k
qcZkn58MWXhDW1NpAnJtjVniK2Ksvr/YIYSbyD+JiEs0MGxEx+kOl9d7hRHJaIzd
GF/vO2pl295v1qXekAlkgNMtYIVAjUy9CMpqaQBCQRL+BmPSJRkXBsYk8GPnieS4
sUsp53DsNvCCtWDT6fd9D1v+BB6nDk/FCPKhtjYOwOAZlX4wWNSZpRNr5dfrxKsb
jAn4PCuR2akdF4G8WLUeDWECAwEAAaNTMFEwHQYDVR0OBBYEFMnmdJKOEepXrHI/
jAn4PCuR2akdF4G8WLUeDWECAwEAAaNjMGEwHQYDVR0OBBYEFMnmdJKOEepXrHI/
ivM6mVqJgAX8MB8GA1UdIwQYMBaAFMnmdJKOEepXrHI/ivM6mVqJgAX8MA8GA1Ud
EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADiXIGEkSsN0SLSfCF1VNWO3
emBurfOcDq4EGEaxRKAU0814VEmU87btIDx80+z5Dbf+GGHCPrY7odIkxGNn0DJY
W1WcF+DOcbiWoUN6DTkAML0SMnp8aGj9ffx3x+qoggT+vGdWVVA4pgwqZT7Ybntx
bkzcNFW0sqmCv4IN1t4w6L0A87ZwsNwVpre/j6uyBw7s8YoJHDLRFT6g7qgn0tcN
ZufhNISvgWCVJQy/SZjNBHSpnIdCUSJAeTY2mkM4sGxY0Widk8LnjydxZUSxC3Nl
hb6pnMh3jRq4h0+5CZielA4/a+TdrNPv/qok67ot/XJdY3qHCCd8O2b14OVq9jo=
EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgKEMA0GCSqGSIb3DQEBCwUAA4IBAQAT
lpY3s1IAV369xl7cri72ErqFRBveKvJCaq/1l0FSH1w/u3SxABQw9SH29Lg0hbAa
jotcCMo4XZpmKSsQn0Zs4ZgKh1zk90JZVtssWuU3y8ftq9t4JjskRHTF19yp7CCC
zKIHPlCyYjCgw3tWhrsWa95dF3ebVrPkuUfd6CCxe8OB4EC74svI+uuxA7Ud9Jtx
Dno5yFu7NKpRLSwFqJnxbU0bZp434v2vcexkbvZP0Z2AW+C2L+x90xcP5rW2vL+a
S0bj0quNH43cGKbBFzE9cLy04xsGlOqzYSQcFbGeT9LyQBLFZtp6QlC97ZsQ78fG
A2PRPwcF0QCvQrT42b8y
-----END CERTIFICATE-----

34
tools/test_apps/protocols/mqtt/publish_connect_test/ca.crt
View File

@ -1,19 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDCzCCAfOgAwIBAgIUN9fSo2J8makY6P64QfrO+EcLLm0wDQYJKoZIhvcNAQEL
BQAwFDESMBAGA1UEAwwJRXNwcmVzc2lmMCAXDTI1MDEyODEzMjkxMVoYDzIyOTgx
MTEyMTMyOTExWjAUMRIwEAYDVQQDDAlFc3ByZXNzaWYwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDBJj+nzMM/xbd/fvF8vWPL9ZxZU45LaaxZHLGOldAz
Z77roxxKSfyZUpNbn9pn3qwVBuYEG6GnfKmikf6QFAfEriSVrqugRw383H3CkLxf
riVT0So+Y69wgbwcSURjTkvNn1HNzgsgFESr+wzwUTn5gc7bNrys3ZchoyKLSabZ
qV+jUwUSrWeQcF4kqVeSTp5kPBxD2SotYHP1hBbKATamYMKN0Khj3v91mmACO+Ss
AY31Riej1mY05h58vU/VmZW10FFb/EMZMNJkIkZgc6u298PxVLpyC446X6uzLehs
V2EDgCAYUQW191j/7Z8kcWSfo96nqP7uHx/2fz2qlLCzAgMBAAGjUzBRMB0GA1Ud
DgQWBBQn5CyOO5LXQ60QRxTRaHZeFdNrVjAfBgNVHSMEGDAWgBQn5CyOO5LXQ60Q
RxTRaHZeFdNrVjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAq
hKN1jrogQLY7AtnUaXb7eKFwI7k9NR6BZeXmE+xGCz02sUHNpzjuwo2oRacDZHZY
oEuwEM+zzWGV4x6cKriNUJ0G9uJwfFkCBZfWaNhyZ+r+3DqL4pH5kCcbQ3ZM+Mfk
dBOr9BUs7q4yZHRngmsi5lff0K6GC/uKC8bd9AKNs9I11g7CnJL2arf/GlZJrvTg
Lk7H7MT65SsAeX2MhifWl0urb20PNjDooQaki3qtApCgrUaIAtTUAP9p3jf8H0RT
rkfoVBxQtTDZltA+xelilUHcmj7pM9105/U6n0hD4yRQgemqaeSCbEo4ST2zm0pE
B4mjbFam7oBWdXdEDF1p
MIIDGTCCAgGgAwIBAgIUY6kAA+U+ZPIJYIff8dlbi6NCzKswDQYJKoZIhvcNAQEL
BQAwFDESMBAGA1UEAwwJRXNwcmVzc2lmMB4XDTI1MDQwMjA1MjcwMloXDTM1MDMz
MTA1MjcwMlowFDESMBAGA1UEAwwJRXNwcmVzc2lmMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAwSY/p8zDP8W3f37xfL1jy/WcWVOOS2msWRyxjpXQM2e+
66McSkn8mVKTW5/aZ96sFQbmBBuhp3ypopH+kBQHxK4kla6roEcN/Nx9wpC8X64l
U9EqPmOvcIG8HElEY05LzZ9Rzc4LIBREq/sM8FE5+YHO2za8rN2XIaMii0mm2alf
o1MFEq1nkHBeJKlXkk6eZDwcQ9kqLWBz9YQWygE2pmDCjdCoY97/dZpgAjvkrAGN
9UYno9ZmNOYefL1P1ZmVtdBRW/xDGTDSZCJGYHOrtvfD8VS6cguOOl+rsy3obFdh
A4AgGFEFtfdY/+2fJHFkn6Pep6j+7h8f9n89qpSwswIDAQABo2MwYTAdBgNVHQ4E
FgQUJ+QsjjuS10OtEEcU0Wh2XhXTa1YwHwYDVR0jBBgwFoAUJ+QsjjuS10OtEEcU
0Wh2XhXTa1YwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAoQwDQYJKoZI
hvcNAQELBQADggEBABKWpI+QdMYoDwyssIbfwpbqJxb5M1w3PLnMsPzg1d5aEqLh
zwN9EnEQ5TxfeC7Lxdv3hKEGtif/aVxBhs48wPSxD7Fuw17kX6P4l9Cu9Ro2+1Oy
0lUxHi61xXxf7zVkdPQ0JLXdSMUvSUuKfvBtHCwEfdC+lsamxIDmCJys69kDhsCM
VJzY8Yz4MA9WOY3Z2YYMRp6ryFBZ9UgSUEnFxSOpggymkcM5mNxod1jshvSJ3FDG
dmvfbmK0+dN3rCiooORsIYVbopAYxralavA9IY24oiULE+GyVt5pNSONmJ96Y7GK
dL72B8RxX+jUSzgu/N3D1DwbPHP/xRiI7EqaYvg=
-----END CERTIFICATE-----

BIN
tools/test_apps/protocols/mqtt/publish_connect_test/ca.der
View File

Binary file not shown.