summaryrefslogtreecommitdiff
path: root/testing/hosts/winnetou
diff options
context:
space:
mode:
Diffstat (limited to 'testing/hosts/winnetou')
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/160769ece9ead9c1c4d89c34aa004c3b66402081bin0 -> 1062 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/442b7162c7a4c27bd0f1076e345c5664bed53c7cbin0 -> 1060 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/45b967b2f9b4a8855235b2d01249cd1e079348aabin0 -> 1062 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/644c5cc8c42a6c8cfe62f6a83bb0dbb43f0f0fb4bin0 -> 1059 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/c45be2b38883548967f4f959fd5ec0822f65237bbin0 -> 1058 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/dbb808e4f319d815aadd8dab6f6ae5b717800e83bin0 -> 1043 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/de106e5254cbafddb683117f90174910f43b5ae3bin0 -> 1062 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/de216601f06d10a41171392fdfc9127f0bb9d5b0bin0 -> 1062 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/edde495f4fb6db4e3eff85bcaecda2a3ccc58fcfbin0 -> 1076 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/rfc3779/0b5362afd8838bafb66c854732b490d5d8318261bin0 -> 1190 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/rfc3779/533394399c61128c957881790d70511537798da1bin0 -> 1212 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/rfc3779/6b5aec8fe9dcb8d0f707490abc84ab0890a7d2dabin0 -> 1188 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/rfc3779/b8a73c3433f4e341cc7c4ae42989f0a23a956488bin0 -> 1210 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/crlnumber2
-rw-r--r--testing/hosts/winnetou/etc/openssl/crlnumber.old2
-rw-r--r--testing/hosts/winnetou/etc/openssl/duck/.randbin0 -> 1024 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/duck/crlnumber1
-rw-r--r--testing/hosts/winnetou/etc/openssl/duck/duckCert.pem23
-rw-r--r--testing/hosts/winnetou/etc/openssl/duck/duckKey.pem27
-rw-r--r--testing/hosts/winnetou/etc/openssl/duck/duckReq.pem16
-rw-r--r--testing/hosts/winnetou/etc/openssl/duck/index.txt1
-rw-r--r--testing/hosts/winnetou/etc/openssl/duck/index.txt.attr1
-rw-r--r--testing/hosts/winnetou/etc/openssl/duck/index.txt.old0
-rw-r--r--testing/hosts/winnetou/etc/openssl/duck/newcerts/01.pem24
-rw-r--r--testing/hosts/winnetou/etc/openssl/duck/openssl.cnf178
-rw-r--r--testing/hosts/winnetou/etc/openssl/duck/serial1
-rw-r--r--testing/hosts/winnetou/etc/openssl/duck/serial.old1
-rwxr-xr-xtesting/hosts/winnetou/etc/openssl/generate-crl4
-rwxr-xr-xtesting/hosts/winnetou/etc/openssl/generate-hash-and-url13
-rw-r--r--testing/hosts/winnetou/etc/openssl/index.txt33
-rw-r--r--testing/hosts/winnetou/etc/openssl/index.txt.old33
-rw-r--r--testing/hosts/winnetou/etc/openssl/newcerts/16.pem25
-rw-r--r--testing/hosts/winnetou/etc/openssl/newcerts/17.pem25
-rw-r--r--testing/hosts/winnetou/etc/openssl/newcerts/18.pem24
-rw-r--r--testing/hosts/winnetou/etc/openssl/newcerts/19.pem25
-rw-r--r--testing/hosts/winnetou/etc/openssl/newcerts/1A.pem25
-rw-r--r--testing/hosts/winnetou/etc/openssl/newcerts/1B.pem25
-rw-r--r--testing/hosts/winnetou/etc/openssl/newcerts/1C.pem25
-rw-r--r--testing/hosts/winnetou/etc/openssl/newcerts/1D.pem25
-rw-r--r--testing/hosts/winnetou/etc/openssl/newcerts/1E.pem25
-rw-r--r--testing/hosts/winnetou/etc/openssl/ocspCert.pem30
-rw-r--r--testing/hosts/winnetou/etc/openssl/ocspKey.pem50
-rw-r--r--testing/hosts/winnetou/etc/openssl/openssl.cnf9
-rw-r--r--testing/hosts/winnetou/etc/openssl/research/index.txt1
-rw-r--r--testing/hosts/winnetou/etc/openssl/research/index.txt.old1
-rw-r--r--testing/hosts/winnetou/etc/openssl/research/newcerts/05.pem23
-rw-r--r--testing/hosts/winnetou/etc/openssl/research/serial2
-rw-r--r--testing/hosts/winnetou/etc/openssl/research/serial.old2
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/.randbin0 -> 1024 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/crl.pem15
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/crlnumber1
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/crlnumber.old1
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/index.txt4
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.attr1
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.attr.old1
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.old3
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/01.pem28
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/02.pem28
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/03.pem27
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/04.pem27
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/openssl.cnf214
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/serial1
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/serial.old1
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/strongswanCert.pem26
-rw-r--r--testing/hosts/winnetou/etc/openssl/rfc3779/strongswanKey.pem27
-rw-r--r--testing/hosts/winnetou/etc/openssl/serial2
-rw-r--r--testing/hosts/winnetou/etc/openssl/serial.old2
-rw-r--r--testing/hosts/winnetou/etc/openssl/strongswanCert.pem24
68 files changed, 1049 insertions, 86 deletions
diff --git a/testing/hosts/winnetou/etc/openssl/certs/160769ece9ead9c1c4d89c34aa004c3b66402081 b/testing/hosts/winnetou/etc/openssl/certs/160769ece9ead9c1c4d89c34aa004c3b66402081
new file mode 100644
index 000000000..eb21aa751
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/160769ece9ead9c1c4d89c34aa004c3b66402081
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/442b7162c7a4c27bd0f1076e345c5664bed53c7c b/testing/hosts/winnetou/etc/openssl/certs/442b7162c7a4c27bd0f1076e345c5664bed53c7c
new file mode 100644
index 000000000..2b48d673b
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/442b7162c7a4c27bd0f1076e345c5664bed53c7c
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/45b967b2f9b4a8855235b2d01249cd1e079348aa b/testing/hosts/winnetou/etc/openssl/certs/45b967b2f9b4a8855235b2d01249cd1e079348aa
new file mode 100644
index 000000000..c5d60508b
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/45b967b2f9b4a8855235b2d01249cd1e079348aa
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/644c5cc8c42a6c8cfe62f6a83bb0dbb43f0f0fb4 b/testing/hosts/winnetou/etc/openssl/certs/644c5cc8c42a6c8cfe62f6a83bb0dbb43f0f0fb4
new file mode 100644
index 000000000..10a5268a7
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/644c5cc8c42a6c8cfe62f6a83bb0dbb43f0f0fb4
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/c45be2b38883548967f4f959fd5ec0822f65237b b/testing/hosts/winnetou/etc/openssl/certs/c45be2b38883548967f4f959fd5ec0822f65237b
new file mode 100644
index 000000000..bee738de2
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/c45be2b38883548967f4f959fd5ec0822f65237b
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/dbb808e4f319d815aadd8dab6f6ae5b717800e83 b/testing/hosts/winnetou/etc/openssl/certs/dbb808e4f319d815aadd8dab6f6ae5b717800e83
new file mode 100644
index 000000000..a0bf27344
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/dbb808e4f319d815aadd8dab6f6ae5b717800e83
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/de106e5254cbafddb683117f90174910f43b5ae3 b/testing/hosts/winnetou/etc/openssl/certs/de106e5254cbafddb683117f90174910f43b5ae3
new file mode 100644
index 000000000..01b0f6c9d
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/de106e5254cbafddb683117f90174910f43b5ae3
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/de216601f06d10a41171392fdfc9127f0bb9d5b0 b/testing/hosts/winnetou/etc/openssl/certs/de216601f06d10a41171392fdfc9127f0bb9d5b0
new file mode 100644
index 000000000..002aaa25c
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/de216601f06d10a41171392fdfc9127f0bb9d5b0
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/edde495f4fb6db4e3eff85bcaecda2a3ccc58fcf b/testing/hosts/winnetou/etc/openssl/certs/edde495f4fb6db4e3eff85bcaecda2a3ccc58fcf
new file mode 100644
index 000000000..32ceccedc
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/edde495f4fb6db4e3eff85bcaecda2a3ccc58fcf
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/rfc3779/0b5362afd8838bafb66c854732b490d5d8318261 b/testing/hosts/winnetou/etc/openssl/certs/rfc3779/0b5362afd8838bafb66c854732b490d5d8318261
new file mode 100644
index 000000000..c98775369
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/rfc3779/0b5362afd8838bafb66c854732b490d5d8318261
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/rfc3779/533394399c61128c957881790d70511537798da1 b/testing/hosts/winnetou/etc/openssl/certs/rfc3779/533394399c61128c957881790d70511537798da1
new file mode 100644
index 000000000..0f2a0ec8d
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/rfc3779/533394399c61128c957881790d70511537798da1
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/rfc3779/6b5aec8fe9dcb8d0f707490abc84ab0890a7d2da b/testing/hosts/winnetou/etc/openssl/certs/rfc3779/6b5aec8fe9dcb8d0f707490abc84ab0890a7d2da
new file mode 100644
index 000000000..489030d9f
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/rfc3779/6b5aec8fe9dcb8d0f707490abc84ab0890a7d2da
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/rfc3779/b8a73c3433f4e341cc7c4ae42989f0a23a956488 b/testing/hosts/winnetou/etc/openssl/certs/rfc3779/b8a73c3433f4e341cc7c4ae42989f0a23a956488
new file mode 100644
index 000000000..863f65237
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/rfc3779/b8a73c3433f4e341cc7c4ae42989f0a23a956488
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/crlnumber b/testing/hosts/winnetou/etc/openssl/crlnumber
index 9e22bcb8e..eeee65ec4 100644
--- a/testing/hosts/winnetou/etc/openssl/crlnumber
+++ b/testing/hosts/winnetou/etc/openssl/crlnumber
@@ -1 +1 @@
-02
+05
diff --git a/testing/hosts/winnetou/etc/openssl/crlnumber.old b/testing/hosts/winnetou/etc/openssl/crlnumber.old
index 8a0f05e16..64969239d 100644
--- a/testing/hosts/winnetou/etc/openssl/crlnumber.old
+++ b/testing/hosts/winnetou/etc/openssl/crlnumber.old
@@ -1 +1 @@
-01
+04
diff --git a/testing/hosts/winnetou/etc/openssl/duck/.rand b/testing/hosts/winnetou/etc/openssl/duck/.rand
new file mode 100644
index 000000000..49c56672c
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/duck/.rand
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/duck/crlnumber b/testing/hosts/winnetou/etc/openssl/duck/crlnumber
new file mode 100644
index 000000000..8a0f05e16
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/duck/crlnumber
@@ -0,0 +1 @@
+01
diff --git a/testing/hosts/winnetou/etc/openssl/duck/duckCert.pem b/testing/hosts/winnetou/etc/openssl/duck/duckCert.pem
new file mode 100644
index 000000000..bb205a0fd
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/duck/duckCert.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID0jCCArqgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBRMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjERMA8GA1UECxMIUmVzZWFyY2gxFDAS
+BgNVBAMTC1Jlc2VhcmNoIENBMB4XDTA5MTEwNDE2MTUwM1oXDTE1MTEwMzE2MTUw
+M1owVjELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAP
+BgNVBAsTCFJlc2VhcmNoMRkwFwYDVQQDExBEdWNrIFJlc2VhcmNoIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIBRSgHCxHhMjsVZo4PtFnENkHNu
+MfyRDsc7m1KRDVt8N4h/EcbduU7xeq/RjxZSmlc1q6EWEgDv3KwDYY0sX+qrpQKa
+ub5AgsRa2fOOR9xfyf0Q7Nc3oR3keWqQUiigCuaw9NQRtdMm/JFdXLNY3r60tBsO
+UHOJAPZNoGPey5UL9ZjjsN6ROUVTh0NAkFwkmnTRwmUvY5bi/T7ulsSkO9BrfqKD
+h/pliP7uZANd0ZpPcrIc68WwrelpI1zu0kYGqu/y8HZpuPuAXtGqS2jctrjSieeY
+i9wFLnS2tgV3ID4LzEEICSeqVqOvYgGKbarqLkARdxmdRKM9QYpu+5J+YQIDAQAB
+o4GvMIGsMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBR2
+KqikMafGcY8wJbwCZpvLF1SNIDBtBgNVHSMEZjBkgBTndfCg8q0gzc1gI8zHyA8p
+891UIKFJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3
+YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIBDzANBgkqhkiG9w0BAQsF
+AAOCAQEAsHR1vDlz2sPQpD9xnt1PL4qX7XWSSM6d+QG3cjdiKCjH8t78ecEm1duv
+YozLg6SYHGUF9qYuPz2SAZjQjmIWLlkQpBfQm8/orG+jbsQl5HkXFYX0UWAKZFGx
+rjHnOzmQxnmIWHky4uMDT/UmhmWy6kuCmZbKeeOqkBR2gVxfLyzelTSbF4ntEm1C
+1XqqtM4OfTOD5QUPD+6rZ5RoIPId9+2A8pJ2NyCUCf47FbkmYzU5+oiChhcGzsC5
+wDlgP32NA88kSiSJ2p2ZveYveRqcyZXZDAiTxRaIwJY0bt2Dk4wKicvy6vPdLA5v
+DSlBqDpnqK8tEI9V9YeroihTcygrEg==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/duck/duckKey.pem b/testing/hosts/winnetou/etc/openssl/duck/duckKey.pem
new file mode 100644
index 000000000..5fff90708
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/duck/duckKey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEApIBRSgHCxHhMjsVZo4PtFnENkHNuMfyRDsc7m1KRDVt8N4h/
+EcbduU7xeq/RjxZSmlc1q6EWEgDv3KwDYY0sX+qrpQKaub5AgsRa2fOOR9xfyf0Q
+7Nc3oR3keWqQUiigCuaw9NQRtdMm/JFdXLNY3r60tBsOUHOJAPZNoGPey5UL9Zjj
+sN6ROUVTh0NAkFwkmnTRwmUvY5bi/T7ulsSkO9BrfqKDh/pliP7uZANd0ZpPcrIc
+68WwrelpI1zu0kYGqu/y8HZpuPuAXtGqS2jctrjSieeYi9wFLnS2tgV3ID4LzEEI
+CSeqVqOvYgGKbarqLkARdxmdRKM9QYpu+5J+YQIDAQABAoIBADfb0r6cpnRsnSKF
+5RBfReyu6vo4GB0lNGSeRqFRgivU+vMoiG2S58t7AQi2FyTNYbNDFdh31LS8WLbI
+OkWv2HehijN4FO4pqmI9JtSHnbLNJEHEizDBTASLz/9irisX3HCXMVORh4oEb2Ko
+QdmulOjePSJDZbLv6H/JI0bpYsgiAw26KEoB8cnHwiApF69a4uPJA6gW98nsabyq
+9NQVW5QAmUFDnzA6upFRBUeBBpufYMvP82zfntFx72yLBmXgBnyZW23WwZfQZSzw
+FChhl40mwykOE8jpeGgxmdWyPc29roF+kuvaOUaSF2nmyl4qhLCISdr0eHXHAGDH
+2RjVJ6ECgYEA0YW38d4309J1QegK5vhPWehnxpZHpK86DENevYaS7zRcCu1BRZc0
+aBAceTYCZHYofOWmeIns0qtMfzzuemPCiOZWy9VYgJrJ0YkmNin3DM1/13pWiKqn
+EkQCFa6K5AiB0umTOwJoAHlJYlJ2k4bw7Rm/LtiHC2fnRq2KJeKmg60CgYEAyP30
+5D8sUkih9rRfZRHAPo0x1qJpJQC+cFUBMIuOXFIz37TqbZcGDkRRb+ewywNxT73t
+TfVDvR7tD3cYTi78dVz539Dwl9mt10QLGsQJ4825uY/LQqUe8F2qz+E3lWqoo+yJ
+WlTAqbHI2a4g4CjFC4/+i6lKQ+NpmJLZIPz3HAUCgYEAiduy4Ti2gPAb6OZ1re05
+wM1y4q5kq04EIqd9QbS3Hx7TZPkgllpbyBC5u2M3BcTc9PjhpLQTl7XQGnQL8YmM
+KSlteKaCmfO+0NitxLut6sWX1T6Qi1HFpfYLbRqwFkQmr5CyKAR4S7+B8miRzpXe
+FhN3wKoFiRKvkMiEelL7/u0CgYEAnh4TWsBL+MuFBxTs+xDU4SCotYZ9GwwTxUFK
+N0uCiiRtBK9JwT8PF4gtXNCzZ3Jk4Ou0VSD+0jgTHJh/eXpDR30GYkn4DC3GMdQo
+vDy+3wSH+HAj4mEODuBRMUqnNJd85cB+aZ7FFnpzXLQ8zrukEC2OfYaHkxLDjrDv
+uaDoMZUCgYEAhD89Cj849LXbJEmjX0MGUCCBO9EBR2Ux2nbuB+TQnvwz7VT0Jkds
+Db1IfljoDefqzyFfH/0Z3bNg4EpidAG3BMC4MwY7WzR1rfnXwNluaWM5gmUzFNw0
+mBGXonIf6nRMIO9eeTFI8VfFb6BYvosNxz+9QA/5rpamGN1cKdMjgPc=
+-----END RSA PRIVATE KEY-----
diff --git a/testing/hosts/winnetou/etc/openssl/duck/duckReq.pem b/testing/hosts/winnetou/etc/openssl/duck/duckReq.pem
new file mode 100644
index 000000000..b5d3bcffd
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/duck/duckReq.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICmzCCAYMCAQAwVjELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9u
+Z1N3YW4xETAPBgNVBAsTCFJlc2VhcmNoMRkwFwYDVQQDExBEdWNrIFJlc2VhcmNo
+IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIBRSgHCxHhMjsVZ
+o4PtFnENkHNuMfyRDsc7m1KRDVt8N4h/EcbduU7xeq/RjxZSmlc1q6EWEgDv3KwD
+YY0sX+qrpQKaub5AgsRa2fOOR9xfyf0Q7Nc3oR3keWqQUiigCuaw9NQRtdMm/JFd
+XLNY3r60tBsOUHOJAPZNoGPey5UL9ZjjsN6ROUVTh0NAkFwkmnTRwmUvY5bi/T7u
+lsSkO9BrfqKDh/pliP7uZANd0ZpPcrIc68WwrelpI1zu0kYGqu/y8HZpuPuAXtGq
+S2jctrjSieeYi9wFLnS2tgV3ID4LzEEICSeqVqOvYgGKbarqLkARdxmdRKM9QYpu
++5J+YQIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAIDZVgYXbPT9NMLOv5Uc6w06
+D5bvQ3/j3W4J8bMpYM/kbvIjwnsNmVggxhYeMmRDhidUcj849ybKRoJo7zrzTfvK
+BR1v9xCenB+0mnJQWfxIt1aspEW0Y6Z9g3jW47WOxSQagS5BVKVCcw1qxLJ4q3JS
+QqZJeQheHYNu9BQCa2w2rJeE0TT2WohcHxt0RpERZyjMfAlOOEUOB/m8Yx1N7/Zd
+wJIWCd3o+HYoDqUCS11y3EN+VO6H/+8gcRANe7tKE5+gqc9+7gDpKLTL7hc0S6sh
+e3yYo2CHZ8U2hsJGRFz7sFnZpwFi5KeI4+sKgyUurM2lxvcCzTC3DplG+4Wtcls=
+-----END CERTIFICATE REQUEST-----
diff --git a/testing/hosts/winnetou/etc/openssl/duck/index.txt b/testing/hosts/winnetou/etc/openssl/duck/index.txt
new file mode 100644
index 000000000..759a85b80
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/duck/index.txt
@@ -0,0 +1 @@
+V 141103162335Z 01 unknown /C=CH/O=Linux strongSwan/OU=Duck Research/CN=carol@strongswan.org
diff --git a/testing/hosts/winnetou/etc/openssl/duck/index.txt.attr b/testing/hosts/winnetou/etc/openssl/duck/index.txt.attr
new file mode 100644
index 000000000..8f7e63a34
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/duck/index.txt.attr
@@ -0,0 +1 @@
+unique_subject = yes
diff --git a/testing/hosts/winnetou/etc/openssl/duck/index.txt.old b/testing/hosts/winnetou/etc/openssl/duck/index.txt.old
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/duck/index.txt.old
diff --git a/testing/hosts/winnetou/etc/openssl/duck/newcerts/01.pem b/testing/hosts/winnetou/etc/openssl/duck/newcerts/01.pem
new file mode 100644
index 000000000..4e13b52d0
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/duck/newcerts/01.pem
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEBzCCAu+gAwIBAgIBATANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjERMA8GA1UECxMIUmVzZWFyY2gxGTAX
+BgNVBAMTEER1Y2sgUmVzZWFyY2ggQ0EwHhcNMDkxMTA0MTYyMzM1WhcNMTQxMTAz
+MTYyMzM1WjBfMQswCQYDVQQGEwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dh
+bjEWMBQGA1UECxMNRHVjayBSZXNlYXJjaDEdMBsGA1UEAxQUY2Fyb2xAc3Ryb25n
+c3dhbi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6LueCi67Y
+IGRDKP5bkysGWZHrFrztq7elIFCPPSUxyIOYo4Upzr5WsvO0dIfcZY3agV2NcAI2
+30sATlfTUp+obedZMHbzE3VBvQuLjgK42ox2XIXDj23Vy496mVqlwUQulhBcAhMb
+jnBb4T0aR7WCnJvfzyckEyWrTN0ajRyQhJEmTn+spYNQX/2lg6hEn/K1T/3Py7sG
+veeF6BRenHR5L60NSK7qV7AU+hM4R0UIvgwYqzxSStgGS9G6Bwj9QTOWwSV1tuii
+ABiRdZSBoON0uMMpRjgEzuVe0f4VbOCIEXO8MtdpCu7Rwa9tc8OwneLcGCYVomr5
+7KKRJdvC5As3AgMBAAGjgdYwgdMwCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwHQYD
+VR0OBBYEFFSYDz2TYOMxfyrIx20NhPPHTCOIMHkGA1UdIwRyMHCAFHYqqKQxp8Zx
+jzAlvAJmm8sXVI0goVWkUzBRMQswCQYDVQQGEwJDSDEZMBcGA1UEChMQTGludXgg
+c3Ryb25nU3dhbjERMA8GA1UECxMIUmVzZWFyY2gxFDASBgNVBAMTC1Jlc2VhcmNo
+IENBggEFMB8GA1UdEQQYMBaBFGNhcm9sQHN0cm9uZ3N3YW4ub3JnMA0GCSqGSIb3
+DQEBCwUAA4IBAQBIpl8SH4Nytgr6KvmXzns80u615WnDmP6oJrnwIZUkunVns8HH
+TFUVjvDKoQ+8CvuaH9Ifo2dokGjtGObeO4Y38y0xBIkUO+JpwfTa3SeCEhdOZb3G
+4e9WxHhV9IGfRyPsXQG+3JpAMaHYH+PNKiv7RBTq6rGaHzvgUEXRMTbv/bJI+Fs6
+Yfd/XxIur/ftVh4dZocyC74MUyXy5tyZJkHe1aBszOa0iT1852fq93lNUQPQqw0O
+3q3Lg7CvbNSdWqeAMqUgeBqh6oQItY9Exrwh0tfuCsjZ0oWXUBghsuiV+GTmZ6ok
+BiGmSmtX5OD4UtKcicuMRqnK2MYJHp1z1goE
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/duck/openssl.cnf b/testing/hosts/winnetou/etc/openssl/duck/openssl.cnf
new file mode 100644
index 000000000..8b5511e9d
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/duck/openssl.cnf
@@ -0,0 +1,178 @@
+# openssl.cnf - OpenSSL configuration file for the ZHW PKI
+# Mario Strasser <mario.strasser@zhwin.ch>
+#
+
+# This definitions were set by the ca_init script DO NOT change
+# them manualy.
+CAHOME = /etc/openssl/duck
+RANDFILE = $CAHOME/.rand
+
+# Extra OBJECT IDENTIFIER info:
+oid_section = new_oids
+
+[ new_oids ]
+SmartcardLogin = 1.3.6.1.4.1.311.20.2
+ClientAuthentication = 1.3.6.1.4.1.311.20.2.2
+
+####################################################################
+
+[ ca ]
+default_ca = root_ca # The default ca section
+
+####################################################################
+
+[ root_ca ]
+
+dir = $CAHOME
+certs = $dir/certs # Where the issued certs are kept
+crl_dir = $dir/crl # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+new_certs_dir = $dir/newcerts # default place for new certs.
+
+certificate = $dir/duckCert.pem # The CA certificate
+serial = $dir/serial # The current serial number
+crl = $dir/crl.pem # The current CRL
+crlnumber = $dir/crlnumber # The current CRL serial number
+private_key = $dir/duckKey.pem # The private key
+RANDFILE = $dir/.rand # private random number file
+
+x509_extensions = host_ext # The extentions to add to the cert
+
+crl_extensions = crl_ext # The extentions to add to the CRL
+
+default_days = 1825 # how long to certify for
+default_crl_days= 30 # how long before next CRL
+default_md = sha256 # which md to use.
+preserve = no # keep passed DN ordering
+email_in_dn = no # allow/forbid EMail in DN
+
+policy = policy_match # specifying how similar the request must look
+
+####################################################################
+
+# the 'match' policy
+[ policy_match ]
+countryName = match
+stateOrProvinceName = optional
+localityName = optional
+organizationName = match
+organizationalUnitName = optional
+userId = optional
+commonName = supplied
+emailAddress = optional
+
+# the 'anything' policy
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+####################################################################
+
+[ req ]
+default_bits = 1024
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+x509_extensions = ca_ext # The extentions to add to the self signed cert
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+
+# This sets a mask for permitted string types. There are several options.
+# default: PrintableString, T61String, BMPString.
+# pkix : PrintableString, BMPString.
+# utf8only: only UTF8Strings.
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
+# so use this option with caution!
+string_mask = nombstr
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+####################################################################
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = CH
+countryName_min = 2
+countryName_max = 2
+
+#stateOrProvinceName = State or Province Name (full name)
+#stateOrProvinceName_default = ZH
+
+#localityName = Locality Name (eg, city)
+#localityName_default = Winterthur
+
+organizationName = Organization Name (eg, company)
+organizationName_default = Linux strongSwan
+
+0.organizationalUnitName = Organizational Unit Name (eg, section)
+0.organizationalUnitName_default = Duck Research
+
+#1.organizationalUnitName = Type (eg, Staff)
+#1.organizationalUnitName_default = Staff
+
+#userId = UID
+
+commonName = Common Name (eg, YOUR name)
+commonName_default = $ENV::COMMON_NAME
+commonName_max = 64
+
+#0.emailAddress = Email Address (eg, foo@bar.com)
+#0.emailAddress_min = 0
+#0.emailAddress_max = 40
+
+#1.emailAddress = Second Email Address (eg, foo@bar.com)
+#1.emailAddress_min = 0
+#1.emailAddress_max = 40
+
+####################################################################
+
+[ req_attributes ]
+
+####################################################################
+
+[ host_ext ]
+
+basicConstraints = CA:FALSE
+keyUsage = digitalSignature, keyEncipherment, keyAgreement
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid, issuer:always
+subjectAltName = DNS:$ENV::COMMON_NAME
+#extendedKeyUsage = OCSPSigning
+
+####################################################################
+
+[ user_ext ]
+
+basicConstraints = CA:FALSE
+keyUsage = digitalSignature, keyEncipherment, keyAgreement
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid, issuer:always
+subjectAltName = email:$ENV::COMMON_NAME
+
+####################################################################
+
+[ ca_ext ]
+
+basicConstraints = critical, CA:TRUE
+keyUsage = cRLSign, keyCertSign
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid, issuer:always
+
+####################################################################
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+#issuerAltName = issuer:copy
+authorityKeyIdentifier = keyid:always, issuer:always
+
+# eof
diff --git a/testing/hosts/winnetou/etc/openssl/duck/serial b/testing/hosts/winnetou/etc/openssl/duck/serial
new file mode 100644
index 000000000..9e22bcb8e
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/duck/serial
@@ -0,0 +1 @@
+02
diff --git a/testing/hosts/winnetou/etc/openssl/duck/serial.old b/testing/hosts/winnetou/etc/openssl/duck/serial.old
new file mode 100644
index 000000000..8a0f05e16
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/duck/serial.old
@@ -0,0 +1 @@
+01
diff --git a/testing/hosts/winnetou/etc/openssl/generate-crl b/testing/hosts/winnetou/etc/openssl/generate-crl
index 7776876c1..60e53a0a4 100755
--- a/testing/hosts/winnetou/etc/openssl/generate-crl
+++ b/testing/hosts/winnetou/etc/openssl/generate-crl
@@ -38,4 +38,8 @@ cd /etc/openssl/monster
openssl ca -gencrl -crldays 15 -config /etc/openssl/monster/openssl.cnf -out crl.pem
openssl crl -in crl.pem -outform der -out strongswan-monster.crl
cp strongswan-monster.crl /var/www/localhost/htdocs/
+cd /etc/openssl/rfc3779
+openssl ca -gencrl -crldays 15 -config /etc/openssl/rfc3779/openssl.cnf -out crl.pem
+openssl crl -in crl.pem -outform der -out strongswan_rfc3779.crl
+cp strongswan_rfc3779.crl /var/www/localhost/htdocs/
diff --git a/testing/hosts/winnetou/etc/openssl/generate-hash-and-url b/testing/hosts/winnetou/etc/openssl/generate-hash-and-url
new file mode 100755
index 000000000..08208ed65
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/generate-hash-and-url
@@ -0,0 +1,13 @@
+#! /bin/bash
+#
+# generates the SHA-1 hash required by the RFC 4306
+# HASH_AND_URL certificate fetching scheme
+#
+
+for cert in $@
+do
+ openssl x509 -in $cert -outform der -out cert.der
+ hash=`sha1sum cert.der | awk '{ print $1 }'`
+ cp cert.der "$hash"
+done
+rm cert.der
diff --git a/testing/hosts/winnetou/etc/openssl/index.txt b/testing/hosts/winnetou/etc/openssl/index.txt
index 9e5194ebc..abdbb857b 100644
--- a/testing/hosts/winnetou/etc/openssl/index.txt
+++ b/testing/hosts/winnetou/etc/openssl/index.txt
@@ -1,17 +1,17 @@
-V 090909111334Z 01 unknown /C=CH/O=Linux strongSwan/CN=mars.strongswan.org
-V 090909111553Z 02 unknown /C=CH/O=Linux strongSwan/CN=sun.strongswan.org
-V 090909111725Z 03 unknown /C=CH/O=Linux strongSwan/CN=moon.strongswan.org
-V 090909111826Z 04 unknown /C=CH/O=Linux strongSwan/CN=venus.strongswan.org
-V 090909112439Z 05 unknown /C=CH/O=Linux strongSwan/OU=Sales/CN=alice@strongswan.org
-V 090909112534Z 06 unknown /C=CH/O=Linux strongSwan/OU=Research/CN=bob@strongswan.org
-R 090909112548Z 041226135423Z 07 unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
-V 090909112651Z 08 unknown /C=CH/O=Linux strongSwan/OU=Accounting/CN=dave@strongswan.org
-V 091118162928Z 09 unknown /C=CH/O=Linux strongSwan/OU=OCSP Signing Authority/CN=ocsp.strongswan.org
-V 091231214318Z 0A unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
+R 090909111334Z 090827094721Z,cessationOfOperation 01 unknown /C=CH/O=Linux strongSwan/CN=mars.strongswan.org
+R 090909111553Z 090827094730Z,superseded 02 unknown /C=CH/O=Linux strongSwan/CN=sun.strongswan.org
+R 090909111725Z 090827094735Z,superseded 03 unknown /C=CH/O=Linux strongSwan/CN=moon.strongswan.org
+R 090909111826Z 090827094738Z,superseded 04 unknown /C=CH/O=Linux strongSwan/CN=venus.strongswan.org
+R 090909112439Z 090827094746Z,superseded 05 unknown /C=CH/O=Linux strongSwan/OU=Sales/CN=alice@strongswan.org
+R 090909112534Z 090827094749Z,superseded 06 unknown /C=CH/O=Linux strongSwan/OU=Research/CN=bob@strongswan.org
+R 090909112548Z 041226135423Z,keyCompromise 07 unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
+R 090909112651Z 090827094754Z,superseded 08 unknown /C=CH/O=Linux strongSwan/OU=Accounting/CN=dave@strongswan.org
+R 091118162928Z 091124124946Z,superseded 09 unknown /C=CH/O=Linux strongSwan/OU=OCSP Signing Authority/CN=ocsp.strongswan.org
+R 091231214318Z 090827113123Z,superseded 0A unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
V 100216084430Z 0B unknown /C=CH/O=Linux strongSwan/OU=Authorization Authority/CN=aa@strongswan.org
-R 140321062536Z 050621195214Z 0C unknown /C=CH/O=Linux strongSwan/OU=Research/CN=Research CA
+R 140321062536Z 050621195214Z,CACompromise 0C unknown /C=CH/O=Linux strongSwan/OU=Research/CN=Research CA
V 140321062916Z 0D unknown /C=CH/O=Linux strongSwan/OU=Sales/CN=Sales CA
-R 100607191714Z 070427213122Z 0E unknown /C=CH/O=Linux strongSwan/CN=winnetou.strongswan.org
+R 100607191714Z 070427213122Z,superseded 0E unknown /C=CH/O=Linux strongSwan/CN=winnetou.strongswan.org
V 100620195806Z 0F unknown /C=CH/O=Linux strongSwan/OU=Research/CN=Research CA
V 111007105811Z 10 unknown /C=CH/O=Linux strongSwan/OU=SHA-256/CN=moon.strongswan.org
V 111007121250Z 11 unknown /C=CH/O=Linux strongSwan/OU=SHA-384/CN=carol@strongswan.org
@@ -19,3 +19,12 @@ V 111007122112Z 12 unknown /C=CH/O=Linux strongSwan/OU=SHA-512/CN=dave@strongsw
V 120224075857Z 13 unknown /C=CH/O=Linux strongSwan/OU=OCSP/CN=carol@strongswan.org
V 120425210745Z 14 unknown /C=CH/O=Linux strongSwan/CN=winnetou.strongswan.org
V 140406120117Z 15 unknown /C=CH/O=Linux strongSwan/OU=Research/serialNumber=002/CN=carol@strongswan.org
+V 140826095904Z 16 unknown /C=CH/O=Linux strongSwan/CN=sun.strongswan.org
+V 140826100332Z 17 unknown /C=CH/O=Linux strongSwan/CN=moon.strongswan.org
+V 140826100522Z 18 unknown /C=CH/O=Linux strongSwan/CN=venus.strongswan.org
+V 140826100724Z 19 unknown /C=CH/O=Linux strongSwan/OU=Sales/CN=alice@strongswan.org
+V 140826100818Z 1A unknown /C=CH/O=Linux strongSwan/OU=Research/CN=bob@strongswan.org
+R 140826103106Z 090827103405Z,keyCompromise 1B unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
+V 140826103739Z 1C unknown /C=CH/O=Linux strongSwan/OU=Accounting/CN=dave@strongswan.org
+V 140826104451Z 1D unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
+V 141123125153Z 1E unknown /C=CH/O=Linux strongSwan/OU=OCSP Signing Authority/CN=ocsp.strongswan.org
diff --git a/testing/hosts/winnetou/etc/openssl/index.txt.old b/testing/hosts/winnetou/etc/openssl/index.txt.old
index 64b725536..67a737e0e 100644
--- a/testing/hosts/winnetou/etc/openssl/index.txt.old
+++ b/testing/hosts/winnetou/etc/openssl/index.txt.old
@@ -1,20 +1,29 @@
-V 090909111334Z 01 unknown /C=CH/O=Linux strongSwan/CN=mars.strongswan.org
-V 090909111553Z 02 unknown /C=CH/O=Linux strongSwan/CN=sun.strongswan.org
-V 090909111725Z 03 unknown /C=CH/O=Linux strongSwan/CN=moon.strongswan.org
-V 090909111826Z 04 unknown /C=CH/O=Linux strongSwan/CN=venus.strongswan.org
-V 090909112439Z 05 unknown /C=CH/O=Linux strongSwan/OU=Sales/CN=alice@strongswan.org
-V 090909112534Z 06 unknown /C=CH/O=Linux strongSwan/OU=Research/CN=bob@strongswan.org
-R 090909112548Z 041226135423Z 07 unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
-V 090909112651Z 08 unknown /C=CH/O=Linux strongSwan/OU=Accounting/CN=dave@strongswan.org
-V 091118162928Z 09 unknown /C=CH/O=Linux strongSwan/OU=OCSP Signing Authority/CN=ocsp.strongswan.org
-V 091231214318Z 0A unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
+R 090909111334Z 090827094721Z,cessationOfOperation 01 unknown /C=CH/O=Linux strongSwan/CN=mars.strongswan.org
+R 090909111553Z 090827094730Z,superseded 02 unknown /C=CH/O=Linux strongSwan/CN=sun.strongswan.org
+R 090909111725Z 090827094735Z,superseded 03 unknown /C=CH/O=Linux strongSwan/CN=moon.strongswan.org
+R 090909111826Z 090827094738Z,superseded 04 unknown /C=CH/O=Linux strongSwan/CN=venus.strongswan.org
+R 090909112439Z 090827094746Z,superseded 05 unknown /C=CH/O=Linux strongSwan/OU=Sales/CN=alice@strongswan.org
+R 090909112534Z 090827094749Z,superseded 06 unknown /C=CH/O=Linux strongSwan/OU=Research/CN=bob@strongswan.org
+R 090909112548Z 041226135423Z,keyCompromise 07 unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
+R 090909112651Z 090827094754Z,superseded 08 unknown /C=CH/O=Linux strongSwan/OU=Accounting/CN=dave@strongswan.org
+R 091118162928Z 091124124946Z,superseded 09 unknown /C=CH/O=Linux strongSwan/OU=OCSP Signing Authority/CN=ocsp.strongswan.org
+R 091231214318Z 090827113123Z,superseded 0A unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
V 100216084430Z 0B unknown /C=CH/O=Linux strongSwan/OU=Authorization Authority/CN=aa@strongswan.org
-R 140321062536Z 050621195214Z 0C unknown /C=CH/O=Linux strongSwan/OU=Research/CN=Research CA
+R 140321062536Z 050621195214Z,CACompromise 0C unknown /C=CH/O=Linux strongSwan/OU=Research/CN=Research CA
V 140321062916Z 0D unknown /C=CH/O=Linux strongSwan/OU=Sales/CN=Sales CA
-R 100607191714Z 070427213122Z 0E unknown /C=CH/O=Linux strongSwan/CN=winnetou.strongswan.org
+R 100607191714Z 070427213122Z,superseded 0E unknown /C=CH/O=Linux strongSwan/CN=winnetou.strongswan.org
V 100620195806Z 0F unknown /C=CH/O=Linux strongSwan/OU=Research/CN=Research CA
V 111007105811Z 10 unknown /C=CH/O=Linux strongSwan/OU=SHA-256/CN=moon.strongswan.org
V 111007121250Z 11 unknown /C=CH/O=Linux strongSwan/OU=SHA-384/CN=carol@strongswan.org
V 111007122112Z 12 unknown /C=CH/O=Linux strongSwan/OU=SHA-512/CN=dave@strongswan.org
V 120224075857Z 13 unknown /C=CH/O=Linux strongSwan/OU=OCSP/CN=carol@strongswan.org
V 120425210745Z 14 unknown /C=CH/O=Linux strongSwan/CN=winnetou.strongswan.org
+V 140406120117Z 15 unknown /C=CH/O=Linux strongSwan/OU=Research/serialNumber=002/CN=carol@strongswan.org
+V 140826095904Z 16 unknown /C=CH/O=Linux strongSwan/CN=sun.strongswan.org
+V 140826100332Z 17 unknown /C=CH/O=Linux strongSwan/CN=moon.strongswan.org
+V 140826100522Z 18 unknown /C=CH/O=Linux strongSwan/CN=venus.strongswan.org
+V 140826100724Z 19 unknown /C=CH/O=Linux strongSwan/OU=Sales/CN=alice@strongswan.org
+V 140826100818Z 1A unknown /C=CH/O=Linux strongSwan/OU=Research/CN=bob@strongswan.org
+R 140826103106Z 090827103405Z,keyCompromise 1B unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
+V 140826103739Z 1C unknown /C=CH/O=Linux strongSwan/OU=Accounting/CN=dave@strongswan.org
+V 140826104451Z 1D unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
diff --git a/testing/hosts/winnetou/etc/openssl/newcerts/16.pem b/testing/hosts/winnetou/etc/openssl/newcerts/16.pem
new file mode 100644
index 000000000..d0937bab8
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/newcerts/16.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIBFjANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA5MDgyNzA5NTkwNFoXDTE0MDgyNjA5NTkwNFowRTELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN1bi5z
+dHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+V
+VIpn6Q5jaU//EN6p6A5cSfUfhBK0mFa2laFFZh/Y0h66AXqqrQ3X917h7YNsSk68
+oowY9h9I3gOx7hNVBsJr2VjdYC+b0q5NTha09/A5mimv/prYj6o0yawxoPjoDs9Y
+h7D7Kf+F8fkgk0stlHJZX66J7dNrFXbg1xBld+Ep5Or2FbEZ9QWUpRQTuhdpNt/4
+9YuxQ59DemY9IRbwsrKCHH0mGrJsDdqeb0ap+8QvSXHjCt1fr9MNKWaAFAQLKQI4
+e0da1ntPCEQLeE833+NNRBgGufk0KqGT3eAXqrxa9AEIUJnVcPexQdqUMjcUpXFb
+8WNzRWB8Egh3BDK6FsECAwEAAaOCARkwggEVMAkGA1UdEwQCMAAwCwYDVR0PBAQD
+AgOoMB0GA1UdDgQWBBRW1p4v2qihzRlcI1PnxbZwluML+zBtBgNVHSMEZjBkgBRd
+p91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoT
+EExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIB
+ADAdBgNVHREEFjAUghJzdW4uc3Ryb25nc3dhbi5vcmcwEwYDVR0lBAwwCgYIKwYB
+BQUHAwEwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC5zdHJvbmdzd2FuLm9y
+Zy9zdHJvbmdzd2FuLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAo37LYT9Awx0MK/nA
+FZpPJqUr0Ey+O5Ukcsdx7nd00SlmpiQRY8KmuRXCBQnDEgdLstd3slQjT0pJEgWF
+0pzxybnI6eOzYAhLfhart+X1hURiNGbXjggm2s4I5+K32bVIkNEqlsYnd/6F9oo5
+ZNO0/eTTruLZfkNe/zchBGKe/Z7MacVwlYWWCbMtBV4K1d5dGcRRgpQ9WivDlmat
+Nh9wlscDSgSGk3HJkbxnq695VN7zUbDWAUvWWhV5bIDjlAR/xyT9ApqIxiyVVRul
+fYrE7U05Hbt6GgAroAKLp6qJup9+TxQAKSjKIwJ0hf7OuYyQ8TZtVHS7AOhm+T/5
+G/jGGA==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/newcerts/17.pem b/testing/hosts/winnetou/etc/openssl/newcerts/17.pem
new file mode 100644
index 000000000..d5c970f41
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/newcerts/17.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEIjCCAwqgAwIBAgIBFzANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA5MDgyNzEwMDMzMloXDTE0MDgyNjEwMDMzMlowRjELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHDAaBgNVBAMTE21vb24u
+c3Ryb25nc3dhbi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK
+L2M91Lu6BYYhWxWgMS9z9TMSTwszm5rhO7ZIsCtMRo4PAeYw+++SGXt3CPXb/+p+
+SWKGlm11rPE71eQ3ehgh2C3hAurfmWO0iQQaCw+fdreeIVCqOQIOP6UqZ327h5yY
+YpHk8VQv4vBJTpxclU1PqnWheqe1ZlLxsW773LRml/fQt/UgvJkCBTZZONLNMfK+
+7TDnYaVsAtncgvDN78nUNEe2qY92KK7SrBJ6SpUEg49m51F+XgsGcsgWVHS85on3
+Om/G48crLEVJjdu8CxewSRVgb+lPJWzHd8QsU0Vg/7vlqs3ZRMyNtNKrr4opSvVb
+A6agGlTXhDCreDiXU8KHAgMBAAGjggEaMIIBFjAJBgNVHRMEAjAAMAsGA1UdDwQE
+AwIDqDAdBgNVHQ4EFgQUapx00fiJeYn2WpTpifH6w2SdKS4wbQYDVR0jBGYwZIAU
+XafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkwFwYDVQQK
+ExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJvb3QgQ0GC
+AQAwHgYDVR0RBBcwFYITbW9vbi5zdHJvbmdzd2FuLm9yZzATBgNVHSUEDDAKBggr
+BgEFBQcDATA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4u
+b3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQCctXg2xeMozaTV
+jiBL1P8MY9uEH5JtU0EceQ1RbI5/2vGRdnECND9oADY5vamaaE2Mdq2Qh/vlXnML
+o3ii5ELjsQlYdTYZOcMOdcUUXYvbbFX1cwpkBhyBl1H25KptHcgQ/HnceKp3kOuq
+wYOYjgwePXulcpWXx0E2QtQCFQQZFPyEWeNJxH0oglg53QPXfHY9I2/Gukj5V0bz
+p7ME0Gs8KdnYdmbbDqzQgPsta96/m+HoJlsrVF+4Gqihj6BWMBQ2ybjPWZdG3oH9
+25cE8v60Ry98D0Z/tygbAUFnh5oOvaf642paVgc3aoA77I8U+UZjECxISoiHultY
+7QTufOwP
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/newcerts/18.pem b/testing/hosts/winnetou/etc/openssl/newcerts/18.pem
new file mode 100644
index 000000000..c383667e6
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/newcerts/18.pem
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEDzCCAvegAwIBAgIBGDANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA5MDgyNzEwMDUyMloXDTE0MDgyNjEwMDUyMlowRzELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHTAbBgNVBAMTFHZlbnVz
+LnN0cm9uZ3N3YW4ub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+s0UsstkyjuvNkpx/vmZlKpBITJyGmfTfFjl01uU4dUVwzE3yhllGPLN3ijLSteHP
+3opUbDNd5dG4eVsa9DUiqIJlk/g+tnKS5IdQbA6yUf1nIHr39tVukOtX66sMeHBU
++M46KD7r4RRrGSBYT1FsyIv47D2uk24nBZ7Sf2+LoVQZfMIVdydIGfHxmQJxymzS
+80mh57EN2y70oH9HMwn/bbGb8WrysN09WVbNbT2vdeYX3OJXi0xsmT/Ynev1VD9B
+2mbA/XCf4c45xFL1HxKQ/+RTlmY6z6m4rBFuFGCscLPba5g290mXqrpMSpuWUagI
+RZmOaeoyd3x25qbYwNe5QwIDAQABo4IBBjCCAQIwCQYDVR0TBAIwADALBgNVHQ8E
+BAMCA6gwHQYDVR0OBBYEFI9cCmyxR/wbUXCARuBjbHpUAS1nMG0GA1UdIwRmMGSA
+FF2n3XAGUTJ+57Zts7Xl4GDqLk3voUmkRzBFMQswCQYDVQQGEwJDSDEZMBcGA1UE
+ChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBSb290IENB
+ggEAMB8GA1UdEQQYMBaCFHZlbnVzLnN0cm9uZ3N3YW4ub3JnMDkGA1UdHwQyMDAw
+LqAsoCqGKGh0dHA6Ly9jcmwuc3Ryb25nc3dhbi5vcmcvc3Ryb25nc3dhbi5jcmww
+DQYJKoZIhvcNAQELBQADggEBAK5Pi/g5Y234tEcTFWE0Vdg4cKxIfZRewFOOZI1z
+/RWfzoqPZ6YzD15B1toKZrAGsqyhdJ4yQ/BwxJpdgNCscMelkzMubcLXL9QugPS4
+hz4MLkJR2tDCZA/mFUTEbAQwdNSCxSo/l0vZ5KXUg9y5zZhCWpZiHJBXnz/567wn
+K16J3x9TYtdh4sT+y+0vHgvosUs2srRTkK2WDDxlh9XTch7DZyrLuiRRFrWjc6y9
+ThVH/qQNXwEBq2t9UYjQUVyx77gVQmiLrPU7UjL4IBoZmBNV/VJ10+rmGj1eG1nD
+pgq6oBTrbEsv8Ix7y/MziTB8POj3dKjl2UZmRVBwMbnNqYk=
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/newcerts/19.pem b/testing/hosts/winnetou/etc/openssl/newcerts/19.pem
new file mode 100644
index 000000000..49fe4b80b
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/newcerts/19.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEHzCCAwegAwIBAgIBGTANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA5MDgyNzEwMDcyNFoXDTE0MDgyNjEwMDcyNFowVzELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xDjAMBgNVBAsTBVNhbGVz
+MR0wGwYDVQQDFBRhbGljZUBzdHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANiNakgR5pct0NqirfPJEb9e3YZkYHvqZ/RUJ6Ea9ZGE
+8KuQxGAHuLWqaf/3GrL/LYIs1fTJ7JTNMu+PSec8kf9I5AxItPzb+uSwI9hXQxhl
+NJ8V+Zjs9Q3GX/59wS3DcHF4i8b88I/f7aLGwHOoRyT/UZPXPGIrHS9UWh/50//Q
+/GLreivoW65Cfj7oNi3wMTYwZB5MyPY5q9MRcYyEPa0GNM0GzzYfIEkQz8nuSL/q
+WQrmLmlS6Ktw5L3HXsUaKinGt0xI7jLGWh4ysnrjMNxKzRt2LITqSPtoTTR2JB6a
+5/6544mB2FGErpSd/LgGTmwzOgloZLpsQgsN6xjpUvsCAwEAAaOCAQYwggECMAkG
+A1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBQF2gQgjAL0KEcKz2x3LQZm
+E9qGPDBtBgNVHSMEZjBkgBRdp91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkG
+A1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0
+cm9uZ1N3YW4gUm9vdCBDQYIBADAfBgNVHREEGDAWgRRhbGljZUBzdHJvbmdzd2Fu
+Lm9yZzA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3Jn
+L3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQBWv4PhHGVpiLF5M3Rn
+qQLSoRFjKqn3N9We81RWwVRpBzwoUEaHizelaVct9FJg6t7Fk/D8F0wag5EFKlcg
+KQ8fd/0qLE393uwGb4Dvql2w49NFFDUsk5FC+pMUDAYsWHyFu26WKY5kfaMwNMNJ
+HK6e4m6+Wmoy5ulkatwDJRDqkyG11YJ/p0n0HAG1DBJoL9079U+xQxT+9a2f7TaO
+B/UbQNOvOgqaddk5uUDTjqnY/bltbAAuuI1ZNMrPCCNUorcdhySJb1tlF/JXTTB6
+N60XqYRYnk5T1yftNU0AA26ggskv4MMDwgYCGsyZuCX9vW+XsArRQJ5fsSZDiO7R
+8FT2
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/newcerts/1A.pem b/testing/hosts/winnetou/etc/openssl/newcerts/1A.pem
new file mode 100644
index 000000000..00ecd5a2d
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/newcerts/1A.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEHjCCAwagAwIBAgIBGjANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA5MDgyNzEwMDgxOFoXDTE0MDgyNjEwMDgxOFowWDELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAPBgNVBAsTCFJlc2Vh
+cmNoMRswGQYDVQQDFBJib2JAc3Ryb25nc3dhbi5vcmcwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDXwxTtozmxKaUhC0T5HvxVShfM5jQQKwIzSVAZeXUp
+BgQ2uLT9Hn/J7boaUIE1Xf11zCRIlcy5Xkupha2gfqEmRbefYAOr/NFuC4pPEDeJ
+jWg/miCZo9/DH2iWvCvU4GCcrY/LKDeDoKL9fc9H5FTtA/Y1ugbooOO1yoV04eot
+MmvmYcqUtCX+h/Of9xM0w0m6aoDIXAhjcKEPMg/WL5acWuVVaWONa+x7HoQUDe+9
+MgoB1VmaoB77VYaK72jBhbvonF8GjEb3RiukfuMIOk5yN9OHzA9ODJbTDvSmmQkt
+h/oEHAL/tzOQ2zjEptsKvwq/3drGbdREO/cp39I5/ZRFAgMBAAGjggEEMIIBADAJ
+BgNVHRMEAjAAMAsGA1UdDwQEAwIDqDAdBgNVHQ4EFgQUYUK/uIcou7BS8ODHk9Ro
+PGJP1FcwbQYDVR0jBGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJ
+BgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJz
+dHJvbmdTd2FuIFJvb3QgQ0GCAQAwHQYDVR0RBBYwFIESYm9iQHN0cm9uZ3N3YW4u
+b3JnMDkGA1UdHwQyMDAwLqAsoCqGKGh0dHA6Ly9jcmwuc3Ryb25nc3dhbi5vcmcv
+c3Ryb25nc3dhbi5jcmwwDQYJKoZIhvcNAQELBQADggEBAEIkmrK7GPm4H/FAEVCN
+775XpuofsfGjT/bO/aPCqb+uPwwcKeUfxzICQDEqMv+mtxGuLjtfmTWwUcoPMgN+
+2HZDJGa1+kK2VLUz3QBIQXSdusbITb0ND/xCvbGwsk9y/0DGBnAo3xNBNM73ZQ8k
+/A7mQ2nnQfzI9gQ342FOuTTb/kwrVNixQI3dhvf6Th5Dj5rZfQs6c09+9jRLGBFx
+g7qQ1gej0fi6XYX4cSNwluu/Vo6xT5epEeTU5KoYn0mtOqFx6AY8xzIqQLvY4m8g
+viGoGRqId1gqNiEfshb8KICPI29WyiBRzMKO6reeb+446A9CSLgMW0Ze3SCRXrjr
+2nQ=
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/newcerts/1B.pem b/testing/hosts/winnetou/etc/openssl/newcerts/1B.pem
new file mode 100644
index 000000000..a92610c4f
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/newcerts/1B.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEIjCCAwqgAwIBAgIBGzANBgkqhkiG9w0BAQQFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA5MDgyNzEwMzEwNloXDTE0MDgyNjEwMzEwNlowWjELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAPBgNVBAsTCFJlc2Vh
+cmNoMR0wGwYDVQQDFBRjYXJvbEBzdHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAOHh/BBf9VwUbx3IU2ZvKJylwCUP2Gr40Velcexr
+lR1PoK3nwZrJxxfhhxrxdx7Wnt/PDiF2eyzA9U4cOyS1zPpWuRt69PEOWfzQJZkD
+e5C6bXZMHwJGaCM0h8EugnwI7/XgbEq8U/1PBwIeFh8xSyIwyn8NqyHWm+6haFZG
+Urz7y0ZOAYcX5ZldP8vjm2SyAl0hPlod0ypk2K1igmO8w3cRRFqD27XhztgIJyoi
++BO3umc+BXcpPGoZ7IFaXvHcMVECrxbkrvRdpKiz/4+u8FakQJtBmYuqP2TLodRJ
+TKSJ4UvIPXZ8DTEYC/Ja/wrm1hNfH4T3YjWGT++lVbYF7qECAwEAAaOCAQYwggEC
+MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBQRnt9aYXsi/fgMXGVh
+ZpTfg8kSYjBtBgNVHSMEZjBkgBRdp91wBlEyfue2bbO15eBg6i5N76FJpEcwRTEL
+MAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMT
+EnN0cm9uZ1N3YW4gUm9vdCBDQYIBADAfBgNVHREEGDAWgRRjYXJvbEBzdHJvbmdz
+d2FuLm9yZzA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4u
+b3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBBAUAA4IBAQCY2EMqkuhtAls/
+jkjXm+sI5YVglE62itSYgJxKZhxoFn3l4Afc6+XBeftK8Y1IjXdeyQUg8qHhkctl
+nBiEzRCClporCOXl5hOzWi+ft2hyKgcx8mFB8Qw5ZE9z8dvY70jdPCB4cH5EVaiC
+6ElGcI02iO073iCe38b3rmpwfnkIWZ0FVjSFSsTiNPLXWH6m6tt9Gux/PFuLff4a
+cdGfEGs01DEp9t0bHqZd6ESf2rEUljT57i9wSBfT5ULj78VTgudw/WhB0CgiXD+f
+q2dZC/19B8Xmk6XmEpRQjFK6wFmfBiQdelJo17/8M4LdT/RfvTHJOxr2OAtvCm2Z
+0xafBd5x
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/newcerts/1C.pem b/testing/hosts/winnetou/etc/openssl/newcerts/1C.pem
new file mode 100644
index 000000000..f212e19cf
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/newcerts/1C.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEIjCCAwqgAwIBAgIBHDANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA5MDgyNzEwMzczOVoXDTE0MDgyNjEwMzczOVowWzELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xEzARBgNVBAsTCkFjY291
+bnRpbmcxHDAaBgNVBAMUE2RhdmVAc3Ryb25nc3dhbi5vcmcwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDAB/JTbwVY5oNF0+8Behdbc0NOeX+bl0SOcgpZ
+ha6nbMBQO41jtOI5r5Xbg9sK9l+DYOnZQZEsEhIVZDoK8yGI/FIEE+gWRf+OLmI8
+k2K+G1dklTC/VP2tZWMQYQWs6UnX3iiVpHccI3CQqqJWe9fZsIsq0J9j9hu6h9dG
+IEbon6RXDLPI5DIiIKc3r0jDHNDsIUDzcjuUdCxKFCMuHUCfa1PBiqpj5pP6XT0G
+gI6UjbgnNWPTPb2axE7P1x5gQmVwiFiYs+VTh2fq9O9xNxnn/YmzLk4/YNly7xYX
+Q31NuhSvRpH7jsJ1p4VSuunYqvccPUKsp5PvCtCeGvNT2qt1AgMBAAGjggEFMIIB
+ATAJBgNVHRMEAjAAMAsGA1UdDwQEAwIDqDAdBgNVHQ4EFgQU7n842u6huBpBd394
+8mdL6EOdjg4wbQYDVR0jBGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUx
+CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQD
+ExJzdHJvbmdTd2FuIFJvb3QgQ0GCAQAwHgYDVR0RBBcwFYETZGF2ZUBzdHJvbmdz
+d2FuLm9yZzA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4u
+b3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQAyAbxrpMtTARw3
+jvBwuapaHXnTppz+TkWyfXVpgTwtPlf3rbhPk4DjhT2ygyMTI1azoqProf2aBbDr
+DldCSQPsZAcuzOdruKKMo2CQwgLuBFXL+JUX0hiIpFS1ZZHA2aDKyUw4OyADOvDU
+8r1/WiwRb91TdYP9nEu9qP30k0vkUg8DCbCmPI1/MVaxVzh9LRAFyOHrnKSCXG7o
+StmVFm2Yf3pE4HS1W6DtommyPs7aUD5XAaQdr3DYKI/TazoU6t5g2aEqigu+pj2M
+qk5idJkx5VCFvUU1hlChyX6NNNjJNnV6u5YiuatcdYQhpCTBsxnBoM+w0BvNOCl+
+1PdgEy1K
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/newcerts/1D.pem b/testing/hosts/winnetou/etc/openssl/newcerts/1D.pem
new file mode 100644
index 000000000..6c41df9c7
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/newcerts/1D.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEIjCCAwqgAwIBAgIBHTANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA5MDgyNzEwNDQ1MVoXDTE0MDgyNjEwNDQ1MVowWjELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAPBgNVBAsTCFJlc2Vh
+cmNoMR0wGwYDVQQDFBRjYXJvbEBzdHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANBdWU+BF7x4lyo+xHnr4UAOU89yQQuT5vdPoXzx
+6kRPsjYAuuktgXR+SaLkQHw/YRgDPSKj5nzmmlOQf/rWRr+8O2q+C92aUICmkNvZ
+Gamo5w2WlOMZ6T5dk2Hv+QM6xT/GzWyVr1dMYu/7tywD1Bw7aW/HqkRESDu6q95V
+Wu+Lzg6XlxCNEez0YsZrN/fC6BL2qzKAqMBbIHFW8OOnh+nEY4IF5AzkZnFrw12G
+I72Z882pw97lyKwZhSz/GMQFBJx+rnNdw5P1IJwTlG5PUdoDCte/Mcr1iiA+zOov
+x55x1GoGxduoXWU5egrf1MtalRf9Pc8Xr4q3WEKTAmsZrVECAwEAAaOCAQYwggEC
+MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBQfoamI2WSMtaCiVGQ5
+tPI9dF1ufDBtBgNVHSMEZjBkgBRdp91wBlEyfue2bbO15eBg6i5N76FJpEcwRTEL
+MAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMT
+EnN0cm9uZ1N3YW4gUm9vdCBDQYIBADAfBgNVHREEGDAWgRRjYXJvbEBzdHJvbmdz
+d2FuLm9yZzA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4u
+b3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQC8pqX3KrSzKeul
+GdzydAV4hGwYB3WiB02oJ2nh5MJBu7J0Kn4IVkvLUHSSZhSRxx55tQZfdYqtXVS7
+ZuyG+6rV7sb595SIRwfkLAdjbvv0yZIl4xx8j50K3yMR+9aXW1NSGPEkb8BjBUMr
+F2kjGTOqomo8OIzyI369z9kJrtEhnS37nHcdpewZC1wHcWfJ6wd9wxmz2dVXmgVQ
+L2BjXd/BcpLFaIC4h7jMXQ5FURjnU7K9xSa4T8PpR6FrQhOcIYBXAp94GiM8JqmK
+ZBGUpeP+3cy4i3DV18Kyr64Q4XZlzhZClNE43sgMqiX88dc3znpDzT7T51j+d+9k
+Rf5Z0GOR
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/newcerts/1E.pem b/testing/hosts/winnetou/etc/openssl/newcerts/1E.pem
new file mode 100644
index 000000000..f84d1a877
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/newcerts/1E.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEQzCCAyugAwIBAgIBHjANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
+b290IENBMB4XDTA5MTEyNDEyNTE1M1oXDTE0MTEyMzEyNTE1M1owZzELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHzAdBgNVBAsTFk9DU1Ag
+U2lnbmluZyBBdXRob3JpdHkxHDAaBgNVBAMTE29jc3Auc3Ryb25nc3dhbi5vcmcw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8BT5LvsaxM0gOw9QM74ML
+vbxXXxTv9W0L//oBnPohbVyueSl0/r2rcIeYa0g1eePgwRRBHwr356Om2mv/zXTp
+lQA4qtY6YMZkoeYCOVhO/fJ4CGO213qWeWIYOe4njTuiPUiI20PWancgaic5UOAC
+UBnyes94I5kB1OWx0THma4Sv0HdBRoWwO+ZqAA87fpV/Wagi6ElJBcjLbO5Hpy3J
+dFvrjNWZwuJw2+qHQ4QOT4McpusfIjgXaZtyEpVIcbJ7knNSq+MapdP0RBS6wzXa
+kWx9tMIAB9gKUfENTNl60ZnmqI0KgKiR3Yqia/bbsD7JcangOcOjWA2H0LKnnLdp
+AgMBAAGjggEaMIIBFjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIDqDAdBgNVHQ4EFgQU
+NJFukTK/NSVDzCh074LCV5J5E3MwbQYDVR0jBGYwZIAUXafdcAZRMn7ntm2zteXg
+YOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdT
+d2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJvb3QgQ0GCAQAwHgYDVR0RBBcwFYIT
+b2NzcC5zdHJvbmdzd2FuLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDCTA5BgNVHR8E
+MjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW4u
+Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQBteNdmkKbr3bUJSKTaJ/qssbyPjL7MjAmi
+QA1sSq5yIh7Ir23xEq/XQFF51N2yDNuXhLYk1fWou8BL+X9x97BlQkp9/nZ+BdJG
+uH2zOUxcsfq57jtwMzlXGrmVUTMAJRtMqrSnVa9jbW+IF2p/sJfeSRRqJ2qwQoDW
+ppvvBF4RfdWOVCCidtRmWKycEtP1ylSYyiHswVWhL2gLXQRQ0l5wJdgT2URRDopC
+CBiE5mHOWn17gTWQw9SdGbY37o9jXNrY8GRgOeubHFRmdXa1Cli5P5HhIZygUBWX
+tn5BvNDEIUz11/AT+HfpdMSKDiAXMq44wqWoYoUXsaLTIp+Vt6NM
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ocspCert.pem b/testing/hosts/winnetou/etc/openssl/ocspCert.pem
index 6ca9a58a4..f84d1a877 100644
--- a/testing/hosts/winnetou/etc/openssl/ocspCert.pem
+++ b/testing/hosts/winnetou/etc/openssl/ocspCert.pem
@@ -1,25 +1,25 @@
-----BEGIN CERTIFICATE-----
-MIIEQzCCAyugAwIBAgIBCTANBgkqhkiG9w0BAQQFADBFMQswCQYDVQQGEwJDSDEZ
+MIIEQzCCAyugAwIBAgIBHjANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
-b290IENBMB4XDTA0MTExOTE2MjkyOFoXDTA5MTExODE2MjkyOFowZzELMAkGA1UE
+b290IENBMB4XDTA5MTEyNDEyNTE1M1oXDTE0MTEyMzEyNTE1M1owZzELMAkGA1UE
BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHzAdBgNVBAsTFk9DU1Ag
U2lnbmluZyBBdXRob3JpdHkxHDAaBgNVBAMTE29jc3Auc3Ryb25nc3dhbi5vcmcw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqJ0y0yhF4iEygd8M73wNC
-8RO590BqiD3Z3x9/5GSVCgfm+ao4hcg6CogNGicu4ybzgPoHt0V/El4D8JRkM8QB
-pg/R7WI4L1ndSZGgTHcQ1vViXGr4PUsIiUR/EgVCSFs8+6Z73J4bJeMomy27Hn9w
-s4leHbrqK87btA2TETV3UlCaDXC6NF8321ZH+D+8OFQaQ0SqKrThKMVYSTf+QdpX
-BlI9vtce1SyS6Kiy4WLdXAt8mO7x+UjaVEzFNyi6SXb9FAGVvO9OXi3+mxm9eK2g
-+s1kA4jqDvL17JftvJLKzFZ5irEuTe2+wHdQbwtlOkW1JFAsGL4O+r4NIoBuMBZF
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8BT5LvsaxM0gOw9QM74ML
+vbxXXxTv9W0L//oBnPohbVyueSl0/r2rcIeYa0g1eePgwRRBHwr356Om2mv/zXTp
+lQA4qtY6YMZkoeYCOVhO/fJ4CGO213qWeWIYOe4njTuiPUiI20PWancgaic5UOAC
+UBnyes94I5kB1OWx0THma4Sv0HdBRoWwO+ZqAA87fpV/Wagi6ElJBcjLbO5Hpy3J
+dFvrjNWZwuJw2+qHQ4QOT4McpusfIjgXaZtyEpVIcbJ7knNSq+MapdP0RBS6wzXa
+kWx9tMIAB9gKUfENTNl60ZnmqI0KgKiR3Yqia/bbsD7JcangOcOjWA2H0LKnnLdp
AgMBAAGjggEaMIIBFjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIDqDAdBgNVHQ4EFgQU
-iAcKuK7HwQdcvmhqxKV/gR83tVYwbQYDVR0jBGYwZIAUXafdcAZRMn7ntm2zteXg
+NJFukTK/NSVDzCh074LCV5J5E3MwbQYDVR0jBGYwZIAUXafdcAZRMn7ntm2zteXg
YOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdT
d2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJvb3QgQ0GCAQAwHgYDVR0RBBcwFYIT
b2NzcC5zdHJvbmdzd2FuLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDCTA5BgNVHR8E
MjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW4u
-Y3JsMA0GCSqGSIb3DQEBBAUAA4IBAQA4jOyh+neFCkXMZ1gK0o98qkBr3vYEO2a0
-wb2hDv8Alx6T5kwLgdhAzZ5urZpAdiWF3NWE+z9KnEWnpep9MRDXNM8uBglgBO2v
-SAmV1BXNw2ZDe63w6QvQnezgUuWkrTShfduEDmb8j5jVdzoY+kTKwjLYHPG0Ec79
-Os3PPqXlfeUOkzWnhGVP2EtHCj8SppMdA/XIuwIq8aLN14SITi6gvo/cDMa5N6sT
-Q/UBAOWsxbLReaD7l5OXnAJOg3t/RM36vpRqPseGaAgrKy8805QDU2RxsCHrxwzF
-Wi/17J6nmX3e4PuwqPAI/4MsHlFdExRvSq/gXBN/Ib4AHGkUr0/q
+Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQBteNdmkKbr3bUJSKTaJ/qssbyPjL7MjAmi
+QA1sSq5yIh7Ir23xEq/XQFF51N2yDNuXhLYk1fWou8BL+X9x97BlQkp9/nZ+BdJG
+uH2zOUxcsfq57jtwMzlXGrmVUTMAJRtMqrSnVa9jbW+IF2p/sJfeSRRqJ2qwQoDW
+ppvvBF4RfdWOVCCidtRmWKycEtP1ylSYyiHswVWhL2gLXQRQ0l5wJdgT2URRDopC
+CBiE5mHOWn17gTWQw9SdGbY37o9jXNrY8GRgOeubHFRmdXa1Cli5P5HhIZygUBWX
+tn5BvNDEIUz11/AT+HfpdMSKDiAXMq44wqWoYoUXsaLTIp+Vt6NM
-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ocspKey.pem b/testing/hosts/winnetou/etc/openssl/ocspKey.pem
index aa04e24c6..d25396b09 100644
--- a/testing/hosts/winnetou/etc/openssl/ocspKey.pem
+++ b/testing/hosts/winnetou/etc/openssl/ocspKey.pem
@@ -1,27 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
-MIIEogIBAAKCAQEAqidMtMoReIhMoHfDO98DQvETufdAaog92d8ff+RklQoH5vmq
-OIXIOgqIDRonLuMm84D6B7dFfxJeA/CUZDPEAaYP0e1iOC9Z3UmRoEx3ENb1Ylxq
-+D1LCIlEfxIFQkhbPPume9yeGyXjKJstux5/cLOJXh266ivO27QNkxE1d1JQmg1w
-ujRfN9tWR/g/vDhUGkNEqiq04SjFWEk3/kHaVwZSPb7XHtUskuiosuFi3VwLfJju
-8flI2lRMxTcoukl2/RQBlbzvTl4t/psZvXitoPrNZAOI6g7y9eyX7bySysxWeYqx
-Lk3tvsB3UG8LZTpFtSRQLBi+Dvq+DSKAbjAWRQIDAQABAoIBAC9SnMfPR0qhhcY/
-aMIXBT4x9E2NUZIPcDxPDOCx8bNtxcLcfxYXRxe1ZB9YvbsRm/yvS1qoAyETR6iK
-2YqAxyu6Nr4o6l879B9SXbkaayb40ehYUbvWuC6Ylr9MkL/dhdqRFr1uH17ni6T4
-e6CGG+WJWVQeqqSEKJT8H6Zea+NSQi9UOsVgKIMiXr52j3hj8LraH/4FoOPlgg3r
-mqrVcQlDYLtt+cufpFJLGzJhTylqlWCRWA6nwKFl8zZqGNaCswKkC3Ql47vlAmQT
-ETl4MMpVsmezC8OcursRmgPJzRudnGg6RLyfTff9b/wFmIujvJLYeN/ILRFvFGkq
-kiIWNIUCgYEA27y3N6lHJ8ommqquoyAVfQpc5Y1gFFXoE8VzkO1ts5B0N6r2DVvy
-DFUT3cSWdBOsF2MykTnyAC0dVXRXTCTEI2AqdmgITOzs3Ydr0XlOPmuM3dOO060F
-I9x4GsCpVcV/zWBZfJyUhNQqxpozrWNvHVgxrEc8pjD29iMLf+EsP2cCgYEAxjvP
-9uQjRxWv3/5ZVEOpBnecZe+ysg0CgK0zt+nogTAn7ET27FFeW8BjcR6g+r57n9cu
-X6EGdxuLexwoqvt3dO/rBF74knTe4ElDzEhcAoxnZPnJrJ6aST0KZ7lGoX5UW7wp
-eyW7HXKpd1THY40v7aHhaSr4362kMTFpPvxxrXMCgYAkDa2+Kz8qjyeQXwryZvQ/
-pPCjFXQ7QfEnNVGF6P8D5GK9M4bVoE1xqo/s5jGNcCDfYX5Nh8VmNADJIaKlMq8f
-4sp0zRL3lDQ1EOAm6ZFl+n2NdAXOQ2hBfw4RzaS7FwGmL/Xe1U4lES7HkUuDWnpD
-xVG5I6MW3ZfXwN5FKCv7ZwKBgByIVWmq8qzzoSnzeTYYuwZ0Ru2hL65TEw4kX/JT
-16RoowZt8sCXAabhLS8GApO0wSSDm2gmTEDulQf2SKA7q7kII2KwrMSfz8imovyP
-WbcAMI2nKnEPLxPllk7RqynpfgjqL2pLRwB5FY1YhY59ru1cRI6XodTIMH7oJsbr
-HQ2jAoGADHlVLAf9hQTYMrLCaO4mjOlJwRa19e1l47o4Lt1H+cGh96Jc4i7Hfkmv
-e/j/ZF4XqtjvmZIR2xevL2+/pPVuMYV0hEWyDQzoUgM6OXF4smSG3N+SrDTSmM8I
-XE9Ohc2JL3IKWN8SarsTUCrqle7UakmbYTUJqH9bJwGyvm3Ro1o=
+MIIEowIBAAKCAQEAvAU+S77GsTNIDsPUDO+DC728V18U7/VtC//6AZz6IW1crnkp
+dP69q3CHmGtINXnj4MEUQR8K9+ejptpr/8106ZUAOKrWOmDGZKHmAjlYTv3yeAhj
+ttd6lnliGDnuJ407oj1IiNtD1mp3IGonOVDgAlAZ8nrPeCOZAdTlsdEx5muEr9B3
+QUaFsDvmagAPO36Vf1moIuhJSQXIy2zuR6ctyXRb64zVmcLicNvqh0OEDk+DHKbr
+HyI4F2mbchKVSHGye5JzUqvjGqXT9EQUusM12pFsfbTCAAfYClHxDUzZetGZ5qiN
+CoCokd2Komv227A+yXGp4DnDo1gNh9Cyp5y3aQIDAQABAoIBACKheJrs9Z3XyzLl
+AN6tEt8LwG/7VFjqRH6MVFkNt8iGYybDrE4fSYIVRPRe9jrbS4yvI3LnK9cDdFIc
+Mv43sov/ZL4LQVAZWRFZ/Ip2U3yhK5LOQMeBotOqYdYCfYoNaml0jjKe6DzK+Uwg
+IT9eVRQ3+r99vU7sh5cdxnzdAirlXAGdy2QxdF1lyC/49H6jxS7qxuxHPqI0P8VR
+9xVKIXaAKaxcijg47slC386/yEbO96morZuJX+F+iaQ37T0nV3tTergbwDtit3xo
+cOdsHan9zGHE1ayKh8DkBinD+BpiLZdapRvcSm2wAKlamXfI3GIAB5r/3B1NW9yb
+rsThgc0CgYEA4CN+fNaFYQmLMK33wZfXvcadaktSWWXmnqPVLIWRddUH3SA5qEJB
+RwuuLgcfmlmZqBqSOj4pDTtAoNooqA9Ryi0Ugzpvmn5iPevfixQoLix4mn1/bvbF
+bo4CX7Vb7mUdfXpu7PwVNALNfaW6fgKM79LoqX4yZ4k/yFuYl+JTIGcCgYEA1r9k
+mTi/5royyVX0vV7uwyKrXQ8VRVhnVeT2nG1KkuQqUraUQG8WD9J9uxvbZxhsrax1
+Hg1iCAobzlEL2XoX2y+dN+81o2tm9qcy3L7+g6M/+7nQmU+fbGdBkcWq72dZC4ev
+K6grD+gl0uQmdVc7m+3lErojNAlvxTSK1BKrR68CgYA2CxjijO8YGK8BC9FjUnNo
+hM1L5eFzQMi8k5BA7evG15jPzodYdLE8qipTWtBZ7STJja6YcIiBcjoBDtkivJ7h
++sCpa5uhSrvxZkA+Tpvpljt2NLBXVxT/tSoJXbdO4f6cVLsOVTHfmpVlqGIxI/hL
+kzUaOR16LXO9oahHZwDYHQKBgHPg60PS35p9NxJ1k47sPyKE/rtEfFHjFj+/QWO/
+hdIl1MC1TOJIDzuSdc4Vhhrnjx1YRgplZlS4P7DhAufjfiQEWW3pYqRAPFs0dbmw
+Rl56JPiMmAdic8BnJ3all0uAFQinutpv8Gyw9FgMTMRcwgmuIUIttvlJbkqXw6IU
+QOB5AoGBAJkTG5alPABxJG9ZuEE+iWCPAV1671FXT115D5wlKOY3CImuhsEW085X
+uGZz7WDZWFZJres8RiRlpK035MAg6lUG3trC9+wOluRNehT6h0Vwru8TxjLBxPcc
+yjdSVDH61FQLSKWIGLH9VVLX03NXqi3qxVGrrulUSW5h/HR2s3f7
-----END RSA PRIVATE KEY-----
diff --git a/testing/hosts/winnetou/etc/openssl/openssl.cnf b/testing/hosts/winnetou/etc/openssl/openssl.cnf
index 4a4027072..6433c7a24 100644
--- a/testing/hosts/winnetou/etc/openssl/openssl.cnf
+++ b/testing/hosts/winnetou/etc/openssl/openssl.cnf
@@ -42,7 +42,7 @@ crl_extensions = crl_ext # The extentions to add to the CRL
default_days = 1825 # how long to certify for
default_crl_days= 30 # how long before next CRL
-default_md = sha1 # which md to use.
+default_md = sha256 # which md to use.
preserve = no # keep passed DN ordering
email_in_dn = no # allow/forbid EMail in DN
@@ -146,6 +146,7 @@ subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid, issuer:always
subjectAltName = DNS:$ENV::COMMON_NAME
#extendedKeyUsage = OCSPSigning
+#extendedKeyUsage = serverAuth
crlDistributionPoints = URI:http://crl.strongswan.org/strongswan.crl
####################################################################
@@ -164,10 +165,10 @@ crlDistributionPoints = URI:http://crl.strongswan.org/strongswan.crl
[ ca_ext ]
-basicConstraints = critical, CA:TRUE
+basicConstraints = critical, CA:TRUE, pathlen:1
keyUsage = cRLSign, keyCertSign
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid, issuer:always
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid, issuer:always
####################################################################
diff --git a/testing/hosts/winnetou/etc/openssl/research/index.txt b/testing/hosts/winnetou/etc/openssl/research/index.txt
index 26e68d4f3..75e87f2c9 100644
--- a/testing/hosts/winnetou/etc/openssl/research/index.txt
+++ b/testing/hosts/winnetou/etc/openssl/research/index.txt
@@ -2,3 +2,4 @@ V 100322070423Z 01 unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strong
V 100615195710Z 02 unknown /C=CH/O=Linux strongSwan/OU=Sales/CN=Sales CA
V 120323210330Z 03 unknown /C=CH/O=Linux strongSwan/OU=Research OCSP Signing Authority/CN=ocsp.research.strongswan.org
V 140323203747Z 04 unknown /C=CH/O=Linux strongSwan/OU=Research no CDP/CN=carol@strongswan.org
+V 151103161503Z 05 unknown /C=CH/O=Linux strongSwan/OU=Research/CN=Duck Research CA
diff --git a/testing/hosts/winnetou/etc/openssl/research/index.txt.old b/testing/hosts/winnetou/etc/openssl/research/index.txt.old
index 2ccf6489c..26e68d4f3 100644
--- a/testing/hosts/winnetou/etc/openssl/research/index.txt.old
+++ b/testing/hosts/winnetou/etc/openssl/research/index.txt.old
@@ -1,3 +1,4 @@
V 100322070423Z 01 unknown /C=CH/O=Linux strongSwan/OU=Research/CN=carol@strongswan.org
V 100615195710Z 02 unknown /C=CH/O=Linux strongSwan/OU=Sales/CN=Sales CA
V 120323210330Z 03 unknown /C=CH/O=Linux strongSwan/OU=Research OCSP Signing Authority/CN=ocsp.research.strongswan.org
+V 140323203747Z 04 unknown /C=CH/O=Linux strongSwan/OU=Research no CDP/CN=carol@strongswan.org
diff --git a/testing/hosts/winnetou/etc/openssl/research/newcerts/05.pem b/testing/hosts/winnetou/etc/openssl/research/newcerts/05.pem
new file mode 100644
index 000000000..bb205a0fd
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/research/newcerts/05.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID0jCCArqgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBRMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjERMA8GA1UECxMIUmVzZWFyY2gxFDAS
+BgNVBAMTC1Jlc2VhcmNoIENBMB4XDTA5MTEwNDE2MTUwM1oXDTE1MTEwMzE2MTUw
+M1owVjELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAP
+BgNVBAsTCFJlc2VhcmNoMRkwFwYDVQQDExBEdWNrIFJlc2VhcmNoIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIBRSgHCxHhMjsVZo4PtFnENkHNu
+MfyRDsc7m1KRDVt8N4h/EcbduU7xeq/RjxZSmlc1q6EWEgDv3KwDYY0sX+qrpQKa
+ub5AgsRa2fOOR9xfyf0Q7Nc3oR3keWqQUiigCuaw9NQRtdMm/JFdXLNY3r60tBsO
+UHOJAPZNoGPey5UL9ZjjsN6ROUVTh0NAkFwkmnTRwmUvY5bi/T7ulsSkO9BrfqKD
+h/pliP7uZANd0ZpPcrIc68WwrelpI1zu0kYGqu/y8HZpuPuAXtGqS2jctrjSieeY
+i9wFLnS2tgV3ID4LzEEICSeqVqOvYgGKbarqLkARdxmdRKM9QYpu+5J+YQIDAQAB
+o4GvMIGsMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBR2
+KqikMafGcY8wJbwCZpvLF1SNIDBtBgNVHSMEZjBkgBTndfCg8q0gzc1gI8zHyA8p
+891UIKFJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3
+YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIBDzANBgkqhkiG9w0BAQsF
+AAOCAQEAsHR1vDlz2sPQpD9xnt1PL4qX7XWSSM6d+QG3cjdiKCjH8t78ecEm1duv
+YozLg6SYHGUF9qYuPz2SAZjQjmIWLlkQpBfQm8/orG+jbsQl5HkXFYX0UWAKZFGx
+rjHnOzmQxnmIWHky4uMDT/UmhmWy6kuCmZbKeeOqkBR2gVxfLyzelTSbF4ntEm1C
+1XqqtM4OfTOD5QUPD+6rZ5RoIPId9+2A8pJ2NyCUCf47FbkmYzU5+oiChhcGzsC5
+wDlgP32NA88kSiSJ2p2ZveYveRqcyZXZDAiTxRaIwJY0bt2Dk4wKicvy6vPdLA5v
+DSlBqDpnqK8tEI9V9YeroihTcygrEg==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/research/serial b/testing/hosts/winnetou/etc/openssl/research/serial
index eeee65ec4..cd672a533 100644
--- a/testing/hosts/winnetou/etc/openssl/research/serial
+++ b/testing/hosts/winnetou/etc/openssl/research/serial
@@ -1 +1 @@
-05
+06
diff --git a/testing/hosts/winnetou/etc/openssl/research/serial.old b/testing/hosts/winnetou/etc/openssl/research/serial.old
index 64969239d..eeee65ec4 100644
--- a/testing/hosts/winnetou/etc/openssl/research/serial.old
+++ b/testing/hosts/winnetou/etc/openssl/research/serial.old
@@ -1 +1 @@
-04
+05
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/.rand b/testing/hosts/winnetou/etc/openssl/rfc3779/.rand
new file mode 100644
index 000000000..20107f5f6
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/.rand
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/crl.pem b/testing/hosts/winnetou/etc/openssl/rfc3779/crl.pem
new file mode 100644
index 000000000..70a9d4c87
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/crl.pem
@@ -0,0 +1,15 @@
+-----BEGIN X509 CRL-----
+MIICRTCCAS0CAQEwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQ0gxGTAXBgNV
+BAoTEExpbnV4IHN0cm9uZ1N3YW4xEDAOBgNVBAsTB1JGQzM3NzkxHjAcBgNVBAMT
+FXN0cm9uZ1N3YW4gUkZDMzc3OSBDQRcNMDkxMjIzMDk0MjUxWhcNMTAwMTA3MDk0
+MjUxWqCBnjCBmzCBjAYDVR0jBIGEMIGBgBQhf6frN9CjCx+h3EIGHhFfPNIQFKFe
+pFwwWjELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xEDAO
+BgNVBAsTB1JGQzM3NzkxHjAcBgNVBAMTFXN0cm9uZ1N3YW4gUkZDMzc3OSBDQYIJ
+AMxcts8OCFQAMAoGA1UdFAQDAgECMA0GCSqGSIb3DQEBCwUAA4IBAQDLEmxXy56A
+UkZSg59BlPW1R2Fv9fBWiup4OoC1vBcSpPzbiBcD68h62T7hFMx935maBoYa4eLw
+sADS2TkRCBEZzAhYkAMQi72jCtPfJwYUJewlQ+V2As3cygkErBm2Vvo3Om37GKil
+uQaHvHlBSFGrC5IxeIxR2FOH1BeBD6MM9p7yRJ9yEt++jH2dLiGFYX1cmJ6m8aFr
+09tfjTwzw5VclQBjjXaqhrzr33hjAEv0thpx0VQVngq+8WX6HQv/QS1xNJVq8bes
+9GChW+MdNIx0ZH4Tb1hv8dafnSyHIVYzY8UuL4X/+LJDSPjyS8wtZWuj1k+cA9u2
+3TDt0F6MgNAH
+-----END X509 CRL-----
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/crlnumber b/testing/hosts/winnetou/etc/openssl/rfc3779/crlnumber
new file mode 100644
index 000000000..75016ea36
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/crlnumber
@@ -0,0 +1 @@
+03
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/crlnumber.old b/testing/hosts/winnetou/etc/openssl/rfc3779/crlnumber.old
new file mode 100644
index 000000000..9e22bcb8e
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/crlnumber.old
@@ -0,0 +1 @@
+02
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/index.txt b/testing/hosts/winnetou/etc/openssl/rfc3779/index.txt
new file mode 100644
index 000000000..9adf263bf
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/index.txt
@@ -0,0 +1,4 @@
+V 141222133356Z 01 unknown /C=CH/O=Linux strongSwan/OU=RFC3779/CN=moon.strongswan.org
+V 141222133521Z 02 unknown /C=CH/O=Linux strongSwan/OU=RFC3779/CN=sun.strongswan.org
+V 141222133612Z 03 unknown /C=CH/O=Linux strongSwan/OU=RFC3779/CN=carol@strongswan.org
+V 141222133736Z 04 unknown /C=CH/O=Linux strongSwan/OU=RFC3779/CN=dave@strongswan.org
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.attr b/testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.attr
new file mode 100644
index 000000000..8f7e63a34
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.attr
@@ -0,0 +1 @@
+unique_subject = yes
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.attr.old b/testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.attr.old
new file mode 100644
index 000000000..8f7e63a34
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.attr.old
@@ -0,0 +1 @@
+unique_subject = yes
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.old b/testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.old
new file mode 100644
index 000000000..be48eeee4
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.old
@@ -0,0 +1,3 @@
+V 141222133356Z 01 unknown /C=CH/O=Linux strongSwan/OU=RFC3779/CN=moon.strongswan.org
+V 141222133521Z 02 unknown /C=CH/O=Linux strongSwan/OU=RFC3779/CN=sun.strongswan.org
+V 141222133612Z 03 unknown /C=CH/O=Linux strongSwan/OU=RFC3779/CN=carol@strongswan.org
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/01.pem b/testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/01.pem
new file mode 100644
index 000000000..7f5f8d703
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/01.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEuDCCA6CgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEQMA4GA1UECxMHUkZDMzc3OTEeMBwG
+A1UEAxMVc3Ryb25nU3dhbiBSRkMzNzc5IENBMB4XDTA5MTIyMzEzMzM1NloXDTE0
+MTIyMjEzMzM1NlowWDELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9u
+Z1N3YW4xEDAOBgNVBAsTB1JGQzM3NzkxHDAaBgNVBAMTE21vb24uc3Ryb25nc3dh
+bi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTKaLLTmKX45Qm
+RjIaBSxBwofzqqkZWtl1mu0cDp6rGWr//hC31OO9MbLeRZBX0UBtuKouceAjdrwG
+aK7ChR0Ft+qlLZ6Z9BH2Dna4vTdESsB3Sn+uXuU4WNdwmmJuRBXfl/7h/Rt+34Cs
+BP82/RtR4GVpS7u73iSLlN4RaeWdySTqhtYH4cKt1H9MiSbwwomwdLedQo3UoOeU
+lkWPrzFKT3gzU4vHr1sgpbF54o/iBr5/YyJpUT9UVeDTffAEMxnAe8/Q/a3pgSLO
+wJ3HnSvcSH0w8zuH1YXOtfmqsphkwVBJGiLzUHWlYxVIAoCKdrv4eoSJLqlL5b51
+vGkmL83RAgMBAAGjggGJMIIBhTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIDqDAdBgNV
+HQ4EFgQU5zzmRRlKa8+cm1g4RYg4lKNkQz4wgYwGA1UdIwSBhDCBgYAUIX+n6zfQ
+owsfodxCBh4RXzzSEBShXqRcMFoxCzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51
+eCBzdHJvbmdTd2FuMRAwDgYDVQQLEwdSRkMzNzc5MR4wHAYDVQQDExVzdHJvbmdT
+d2FuIFJGQzM3NzkgQ0GCCQDyr+ZHsk6LRjAeBgNVHREEFzAVghNtb29uLnN0cm9u
+Z3N3YW4ub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMEEGA1UdHwQ6MDgwNqA0oDKG
+MGh0dHA6Ly9jcmwuc3Ryb25nc3dhbi5vcmcvc3Ryb25nc3dhbl9yZmMzNzc5LmNy
+bDBFBggrBgEFBQcBBwEB/wQ2MDQwEgQCAAEwDAMDAAoBAwUAwKgAATAeBAIAAjAY
+AxEA/sAAAAAAAAAAAAAAAAAAAQMDAP7BMA0GCSqGSIb3DQEBCwUAA4IBAQBVFKeX
+QIH5Zk0dp/7u/V0TKqu5vZ9x6ZrshAZ9nzbLgmSP+++yDXmlQe0D0i2Men4D095S
+smFqw1nMWM5oEPpP58+jhCOHzn7InMp+SRRBkX2j06wT9qbynAHiIun/qcdq13w1
+Fs0PiKVQZbbz72mwl9J3Hkj/JkLtOX00wMPqIFU6veeagGiwOW7KkehFUVqoD9+O
+vgkHnUti2XzgskEGcEWmE1EYv7Qo0OdZB15oNoUV5i8WelfmWO+nz9/QKciATNoC
+kAUVcEV9XY9sSKjazdyG6QfEd3l6lQ+KAt8MnqA89i0yIQ1lg+3Jfe67SMvM1gy6
+Y0Y2hqCja6SsIjVc
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/02.pem b/testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/02.pem
new file mode 100644
index 000000000..9ccd47a2c
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/02.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEtjCCA56gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEQMA4GA1UECxMHUkZDMzc3OTEeMBwG
+A1UEAxMVc3Ryb25nU3dhbiBSRkMzNzc5IENBMB4XDTA5MTIyMzEzMzUyMVoXDTE0
+MTIyMjEzMzUyMVowVzELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9u
+Z1N3YW4xEDAOBgNVBAsTB1JGQzM3NzkxGzAZBgNVBAMTEnN1bi5zdHJvbmdzd2Fu
+Lm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK1HhvoVh/fM14RE
+CTXr4to9ZEeGSqHLl5du+eYZl1fC7qLYaCtlaH+eLfDsCgYpe+XsDLHIxpTK9R6k
+XgLP1Jraxz3rtv5qJKkV3aDTjQ2d+cFc0EgiZmn53VEmI/IlcJS/VZzHhNvEJk7H
+k0YpoazpGPtNzFGaehV5mXUAeVPx4RH8fjcSiPbuPS3WC7cqtYvVwk97dj05VfEC
+VnG+90+eFKztvawBzNGwGQ7xZV7kSiPHNyGAV0qrKvhXZ0VPnm/OEiGCAlIo8uno
+Yb/4UMM/a5usCaA9Hgbf8+qqmrzavSUkFEa0y/p9bOBHaqfNP002xktbqBCCodRr
+6QgmiysCAwEAAaOCAYgwggGEMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0GA1Ud
+DgQWBBTaKhy7PH1ihWsD+3/bJQ3e3Isj+DCBjAYDVR0jBIGEMIGBgBQhf6frN9Cj
+Cx+h3EIGHhFfPNIQFKFepFwwWjELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4
+IHN0cm9uZ1N3YW4xEDAOBgNVBAsTB1JGQzM3NzkxHjAcBgNVBAMTFXN0cm9uZ1N3
+YW4gUkZDMzc3OSBDQYIJAPKv5keyTotGMB0GA1UdEQQWMBSCEnN1bi5zdHJvbmdz
+d2FuLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATBBBgNVHR8EOjA4MDagNKAyhjBo
+dHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW5fcmZjMzc3OS5jcmww
+RQYIKwYBBQUHAQcBAf8ENjA0MBIEAgABMAwDAwAKAgMFAMCoAAIwHgQCAAIwGAMR
+AP7AAAAAAAAAAAAAAAAAAAIDAwD+wjANBgkqhkiG9w0BAQsFAAOCAQEAOqdCIldA
+mPp2aAWVPBiKXNrk4VJoIGlwZaUtYNxGQ46wUqAro/taKwZd4B1yvwsX/cHX3Y6j
+C1mQtiXw9onJm1qJM1a804U9yPcgdI+9RMiU0hA+aVmyMlS6WQsKFubU17qP2Ljd
+4hOwVQ681Hi8zfQjJdYpaO1yLcpy2dkotreJS3wA24ssnskRBI/cuAN0dfbV6SDQ
+TK91qz0emHoK3efgtvX4oEpsxI4NrwMstaZSVsHn4npKTGYu82dmPoK6WPblGEHZ
+Iavl08lGcYBV5I2ZGuWOekWQzUuBSveV3AFjieeaDIG3Ue3AKaihn6dCLz6l+t7E
+dXN+1axy9zQ34g==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/03.pem b/testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/03.pem
new file mode 100644
index 000000000..3243bc294
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/03.pem
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEojCCA4qgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEQMA4GA1UECxMHUkZDMzc3OTEeMBwG
+A1UEAxMVc3Ryb25nU3dhbiBSRkMzNzc5IENBMB4XDTA5MTIyMzEzMzYxMloXDTE0
+MTIyMjEzMzYxMlowWTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9u
+Z1N3YW4xEDAOBgNVBAsTB1JGQzM3NzkxHTAbBgNVBAMUFGNhcm9sQHN0cm9uZ3N3
+YW4ub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD8OrNy0w+T2
+cru3RQgskGCGppwpvLH/QZVHD/UbumxjKVTrz4FskqN39sFxDFDSre1bps+F7jW/
+zmOFe7c7jmZhK1mPnbviYTS4LXdo1j02pPeBNBk4b6VAIKPaYmO3UIoZZ4SPnnVZ
+P7Aj3mU1ztsTbUQqgRmTsdfqiPaBNZ0zylWYPDOkTS+1sbRQHkgdZvw4fYno+Rd+
+hDK1scggL4kRg4uGvFojYciSxo5lC53Am4r8T2zI0aI6L8g57j4cX1XYQwM3tkHM
+2BiCRM/c1wQc+vn+xp1oh/GYM4qoSoZyLTD9A0gqmbnF9//wvSmwpDpSkDoHZ5O3
+Ur6HZ8mByQIDAQABo4IBcjCCAW4wCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwHQYD
+VR0OBBYEFL9rU6QFDLvUOEIFNZROVYWN5v++MIGMBgNVHSMEgYQwgYGAFCF/p+s3
+0KMLH6HcQgYeEV880hAUoV6kXDBaMQswCQYDVQQGEwJDSDEZMBcGA1UEChMQTGlu
+dXggc3Ryb25nU3dhbjEQMA4GA1UECxMHUkZDMzc3OTEeMBwGA1UEAxMVc3Ryb25n
+U3dhbiBSRkMzNzc5IENBggkA8q/mR7JOi0YwHwYDVR0RBBgwFoEUY2Fyb2xAc3Ry
+b25nc3dhbi5vcmcwQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL2NybC5zdHJvbmdz
+d2FuLm9yZy9zdHJvbmdzd2FuX3JmYzM3NzkuY3JsMEIGCCsGAQUFBwEHAQH/BDMw
+MTAUBAIAATAOAwUACgMAAQMFAMCoAGQwGQQCAAIwEwMRAP7AAAAAAAAAAAAAAAAA
+ABAwDQYJKoZIhvcNAQELBQADggEBAHhgG8qqLZX3uXDVX9uBZM8jErI78pyL9F8q
+ibTW5UPp+rbbMDY7tphBbFkg5Q0pzJhOzB6I6Oy/QWVVEC20DE7lhOpMu7auS3Gn
+z1t6DCIDR9NYXtKs6UXcMA0PSQ1r7iHQWvtZ0uD998k6UQfZCCOwBbonng2DAp/m
+FKkaCYiZmJw2YBwf+oVNLQp2fHI61uoguiiRQ4AV5Htho0z6MDqpMyrg2F7Uf2cq
+kQY/ZyvMe8VG5KuiaMJPIMdJPnRED2R4qiyHe8eDXgGYHsNhkt7VHRRgo3izqIdG
+1oCv+CHQ2XSK+4dA42U0Vw7V/ExmcLy99bZfCEZwNWG6Y/5Qwww=
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/04.pem b/testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/04.pem
new file mode 100644
index 000000000..dffbc67e9
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/04.pem
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEoDCCA4igAwIBAgIBBDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJDSDEZ
+MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEQMA4GA1UECxMHUkZDMzc3OTEeMBwG
+A1UEAxMVc3Ryb25nU3dhbiBSRkMzNzc5IENBMB4XDTA5MTIyMzEzMzczNloXDTE0
+MTIyMjEzMzczNlowWDELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9u
+Z1N3YW4xEDAOBgNVBAsTB1JGQzM3NzkxHDAaBgNVBAMUE2RhdmVAc3Ryb25nc3dh
+bi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPLwvUPUNIZnbX
+eyz8U0COp5RM7ZLFT2iJmSGxznZ30phUNHSy3WX9V8h2kQ2fBks2x0KYWEg8Lh2y
+ggZipePRpuHRnZlcll5/HY/YOUgdV2GE6euNiWKcDB6uE51sxZ+on5KasI9EJMdp
+hJpytYUFjx6pExsoqWMQLigrT6A4bYogkweOZHiUyHiqgtUQcHnmmKwxgeUAkZCb
+00dk7CYnXNQZ1uHj/08TDwrS37SGXfWEIcBGEx/awqlF+s2HTI6zw7NC2HhQsiSp
+Yo1nz8TBr/8XnO9KyYUg04TMkcQqBFDt/qiUswLRLapn9HSyd43BxaF+YuvJ1+ip
+M4G05K1nAgMBAAGjggFxMIIBbTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIDqDAdBgNV
+HQ4EFgQUJ/+79KP+Ea9vdAIMkUYx++cu6R0wgYwGA1UdIwSBhDCBgYAUIX+n6zfQ
+owsfodxCBh4RXzzSEBShXqRcMFoxCzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51
+eCBzdHJvbmdTd2FuMRAwDgYDVQQLEwdSRkMzNzc5MR4wHAYDVQQDExVzdHJvbmdT
+d2FuIFJGQzM3NzkgQ0GCCQDyr+ZHsk6LRjAeBgNVHREEFzAVgRNkYXZlQHN0cm9u
+Z3N3YW4ub3JnMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9jcmwuc3Ryb25nc3dh
+bi5vcmcvc3Ryb25nc3dhbl9yZmMzNzc5LmNybDBCBggrBgEFBQcBBwEB/wQzMDEw
+FAQCAAEwDgMFAAoDAAIDBQDAqADIMBkEAgACMBMDEQD+wAAAAAAAAAAAAAAAAAAg
+MA0GCSqGSIb3DQEBCwUAA4IBAQBlOlqceKqgr0putV9fUf2vekg5QtZGDtHFUOTH
+0gDIe2DJ60bWY5IXpjj2KtzRdoP448fpPaprrh8VEljWoVvAF8LaePKGggqwcG+D
+Z7ioDYlnV1j+/NnbZGM/hPqa841dh5jesTuTAF2giMod6P6eMiiRcnl9X3ltgSWp
+Ahk5C8CNYw+sISJcCHtFQHdKOM4QN7wAWksvpjMWkSDQgf/rnDUgW8DXAwX/9K4V
+G2etJ6/8drpjB115p6h+GYz8xFG28/MSf9BqNX03dBs5oyko2+FgSrb3ACK+pAO4
+Cpi2NKZfUH+M7Loo4baI+f5iavpDjDfar8KTiV610DAp0W2S
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/openssl.cnf b/testing/hosts/winnetou/etc/openssl/rfc3779/openssl.cnf
new file mode 100644
index 000000000..133b2ea71
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/openssl.cnf
@@ -0,0 +1,214 @@
+# openssl.cnf - OpenSSL configuration file for the ZHW PKI
+# Mario Strasser <mario.strasser@zhwin.ch>
+#
+
+# This definitions were set by the ca_init script DO NOT change
+# them manualy.
+CAHOME = /etc/openssl/rfc3779
+RANDFILE = $CAHOME/.rand
+
+# Extra OBJECT IDENTIFIER info:
+oid_section = new_oids
+
+[ new_oids ]
+SmartcardLogin = 1.3.6.1.4.1.311.20.2
+ClientAuthentication = 1.3.6.1.4.1.311.20.2.2
+
+####################################################################
+
+[ ca ]
+default_ca = root_ca # The default ca section
+
+####################################################################
+
+[ root_ca ]
+
+dir = $CAHOME
+certs = $dir/certs # Where the issued certs are kept
+crl_dir = $dir/crl # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+new_certs_dir = $dir/newcerts # default place for new certs.
+
+certificate = $dir/strongswanCert.pem # The CA certificate
+serial = $dir/serial # The current serial number
+crl = $dir/crl.pem # The current CRL
+crlnumber = $dir/crlnumber # The current CRL serial number
+private_key = $dir/strongswanKey.pem # The private key
+RANDFILE = $dir/.rand # private random number file
+
+x509_extensions = host_ext # The extentions to add to the cert
+
+crl_extensions = crl_ext # The extentions to add to the CRL
+
+default_days = 1825 # how long to certify for
+default_crl_days= 30 # how long before next CRL
+default_md = sha256 # which md to use.
+preserve = no # keep passed DN ordering
+email_in_dn = no # allow/forbid EMail in DN
+
+policy = policy_match # specifying how similar the request must look
+
+####################################################################
+
+# the 'match' policy
+[ policy_match ]
+countryName = match
+stateOrProvinceName = optional
+localityName = optional
+organizationName = match
+organizationalUnitName = optional
+userId = optional
+serialNumber = optional
+commonName = supplied
+emailAddress = optional
+
+# the 'anything' policy
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+####################################################################
+
+[ req ]
+default_bits = 1024
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+x509_extensions = ca_ext # The extentions to add to the self signed cert
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+
+# This sets a mask for permitted string types. There are several options.
+# default: PrintableString, T61String, BMPString.
+# pkix : PrintableString, BMPString.
+# utf8only: only UTF8Strings.
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
+# so use this option with caution!
+string_mask = nombstr
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+####################################################################
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = CH
+countryName_min = 2
+countryName_max = 2
+
+#stateOrProvinceName = State or Province Name (full name)
+#stateOrProvinceName_default = ZH
+
+#localityName = Locality Name (eg, city)
+#localityName_default = Winterthur
+
+organizationName = Organization Name (eg, company)
+organizationName_default = Linux strongSwan
+
+0.organizationalUnitName = Organizational Unit Name (eg, section)
+0.organizationalUnitName_default = RFC3779
+
+#1.organizationalUnitName = Type (eg, Staff)
+#1.organizationalUnitName_default = Staff
+
+#userId = UID
+
+commonName = Common Name (eg, YOUR name)
+commonName_default = $ENV::COMMON_NAME
+commonName_max = 64
+
+#0.emailAddress = Email Address (eg, foo@bar.com)
+#0.emailAddress_min = 0
+#0.emailAddress_max = 40
+
+#1.emailAddress = Second Email Address (eg, foo@bar.com)
+#1.emailAddress_min = 0
+#1.emailAddress_max = 40
+
+####################################################################
+
+[ req_attributes ]
+
+####################################################################
+
+[ host_ext ]
+
+basicConstraints = CA:FALSE
+keyUsage = digitalSignature, keyEncipherment, keyAgreement
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid, issuer:always
+subjectAltName = DNS:$ENV::COMMON_NAME
+#extendedKeyUsage = OCSPSigning
+extendedKeyUsage = serverAuth
+crlDistributionPoints = URI:http://crl.strongswan.org/strongswan_rfc3779.crl
+
+sbgp-ipAddrBlock = critical, @host-addr-section
+
+[host-addr-section]
+
+IPv4.0 = 192.168.0.2
+IPv4.1 = 10.2.0.0/16
+IPv6.0 = fec0::2
+IPv6.1 = fec2::/16
+
+####################################################################
+
+[ user_ext ]
+
+basicConstraints = CA:FALSE
+keyUsage = digitalSignature, keyEncipherment, keyAgreement
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid, issuer:always
+subjectAltName = email:$ENV::COMMON_NAME
+#authorityInfoAccess = OCSP;URI:http://ocsp.strongswan.org:8880
+crlDistributionPoints = URI:http://crl.strongswan.org/strongswan_rfc3779.crl
+
+#sbgp-ipAddrBlock = critical, IPv4:192.168.0.0/24, IPv6:inherit
+
+sbgp-ipAddrBlock = critical, @user-addr-section
+
+[user-addr-section]
+
+IPv4.0 = 192.168.0.200
+IPv4.1 = 10.3.0.2
+IPv6.0 = fec0::20
+
+####################################################################
+
+[ ca_ext ]
+
+basicConstraints = critical, CA:TRUE, pathlen:1
+keyUsage = cRLSign, keyCertSign
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid, issuer:always
+
+sbgp-ipAddrBlock = critical, @ca-addr-section
+
+[ca-addr-section]
+
+IPv4.0 = 192.168.0.0/24
+IPv4.1 = 10.1.0.0/16
+IPv4.2 = 10.2.0.0/16
+IPv4.3 = 10.3.0.1 - 10.3.3.232
+IPv6.0 = fec0::/16
+IPv6.1 = fec1::/16
+IPv6.2 = fec2::/16
+
+####################################################################
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+#issuerAltName = issuer:copy
+authorityKeyIdentifier = keyid:always, issuer:always
+
+# eof
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/serial b/testing/hosts/winnetou/etc/openssl/rfc3779/serial
new file mode 100644
index 000000000..eeee65ec4
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/serial
@@ -0,0 +1 @@
+05
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/serial.old b/testing/hosts/winnetou/etc/openssl/rfc3779/serial.old
new file mode 100644
index 000000000..64969239d
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/serial.old
@@ -0,0 +1 @@
+04
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/strongswanCert.pem b/testing/hosts/winnetou/etc/openssl/rfc3779/strongswanCert.pem
new file mode 100644
index 000000000..8e872d89f
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/strongswanCert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEXTCCA0WgAwIBAgIJAPKv5keyTotGMA0GCSqGSIb3DQEBCwUAMFoxCzAJBgNV
+BAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRAwDgYDVQQLEwdSRkMz
+Nzc5MR4wHAYDVQQDExVzdHJvbmdTd2FuIFJGQzM3NzkgQ0EwHhcNMDkxMjIzMTMz
+MDUwWhcNMTkxMjIxMTMzMDUwWjBaMQswCQYDVQQGEwJDSDEZMBcGA1UEChMQTGlu
+dXggc3Ryb25nU3dhbjEQMA4GA1UECxMHUkZDMzc3OTEeMBwGA1UEAxMVc3Ryb25n
+U3dhbiBSRkMzNzc5IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+zP4z54hRFM3bg0WWxpa9yBh8CrloV8wWd3YQR9daJjErXdZfbnECZqoK5obWPkQJ
+Cp2xGijnB5CDxvAdiFANgNxDeDuAD5jGzQALWVYgbhQ/y4qRw49IPs9k+Uf1OHVr
+b3qP8uSvWEmb1SlAJ24PGChB8Y5NwJJzFY5P0TJI/Zg3zgbLTsbgiplImgi/ZG7Y
+GE/DCb6UAzcRwE2y41U4ZVG86UW2ARnvOCXJZHdt16O3KzUJ78BA1IgMsNZs8cQF
+Avg1ZAUJW6oMLXu2XCwKOKTwJxdA2wpYadus2KEY/UyVovHSpyBa/zzSDXsP01PU
+EKNZhloVQVt9NX3MCUItfQIDAQABo4IBJDCCASAwEgYDVR0TAQH/BAgwBgEB/wIB
+ATALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFCF/p+s30KMLH6HcQgYeEV880hAUMIGM
+BgNVHSMEgYQwgYGAFCF/p+s30KMLH6HcQgYeEV880hAUoV6kXDBaMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEQMA4GA1UECxMHUkZDMzc3
+OTEeMBwGA1UEAxMVc3Ryb25nU3dhbiBSRkMzNzc5IENBggkA8q/mR7JOi0YwTwYI
+KwYBBQUHAQcBAf8EQDA+MCgEAgABMCIwCgMDAAoBAwMACgIwDgMFAAoDAAEDBQAK
+AwPoAwQAwKgAMBIEAgACMAwwCgMDBv7AAwMA/sIwDQYJKoZIhvcNAQELBQADggEB
+ABXhehDhC9jLipmZbP9r2t8ARjIjeHUk5UIX3sW9pKlwuOiFy/oEmJD72LYSPDFm
+uKK4NDAllhJWKw1KA1j1h1NxE6tEjQTpj9mizjULI6T1HPWyn5E93vqFIK71k4ud
+rxZXyq7fPrXM2QVKHpiT1DlAcopGe92Vxo0qooYEXIHd6XwVftSIo/1bi08p8jZS
+Oc+kjoOKkfqmBSKpqYzTtlbafdVOPBAEaTa3k516ks3bDQn3gtU+2ucNB3fIvVVA
+MI2//EaIMBIXorpcnOU3ja0nYCAf9kHAybRpBObWt7OLKFHcSatdE9El4Ri3YeJX
+fN8iF5kHn7S+Nd9ZFlf3S1w=
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/rfc3779/strongswanKey.pem b/testing/hosts/winnetou/etc/openssl/rfc3779/strongswanKey.pem
new file mode 100644
index 000000000..95897a2fe
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/rfc3779/strongswanKey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAzP4z54hRFM3bg0WWxpa9yBh8CrloV8wWd3YQR9daJjErXdZf
+bnECZqoK5obWPkQJCp2xGijnB5CDxvAdiFANgNxDeDuAD5jGzQALWVYgbhQ/y4qR
+w49IPs9k+Uf1OHVrb3qP8uSvWEmb1SlAJ24PGChB8Y5NwJJzFY5P0TJI/Zg3zgbL
+TsbgiplImgi/ZG7YGE/DCb6UAzcRwE2y41U4ZVG86UW2ARnvOCXJZHdt16O3KzUJ
+78BA1IgMsNZs8cQFAvg1ZAUJW6oMLXu2XCwKOKTwJxdA2wpYadus2KEY/UyVovHS
+pyBa/zzSDXsP01PUEKNZhloVQVt9NX3MCUItfQIDAQABAoIBAQC4iI1I/BmhVL8q
+qNZV5xTor8HaFZWsk3gWCh4VzfLFNrYHPxehX/H9YU12wCLU4oIRIGtxVSjEUn+N
+8lFjiEzfl2jVLxrU737mxAdzYGjJL0lOfWtCVBWBFUmcbf592JXiQL6ctOhz3a9+
+cCfkVtsXsAXM4YF0vWEEIpwPgeja/zKX9M0vRBgIfXdeh2cYQKDGxmEspbfMnTyW
+XVGmTbgDHQGkvN88OyJEOPulYwmZ1BgsQ2buQgR6OlxzulUmH1VOO+Xm8O6rA0Qn
+SjQRd6Q38KLPSEKXucHUIzpQemGdar3ziUoCgUiHJkl79h50W+WIIZTNv1LUR48u
+u14aT5eBAoGBAPZDaOK7/w5639WBG84iqLDMiFIuzKADjxrQqmVJXXH3nf1wnS93
+Iy9iAelUmq/He6aruvLJf8GdkFfC/sj4vdnlbvtT1wHiFznLxO49craxgr1J0SXO
+HLE5RvyrJrAArWQr33oy6YSOMob95imK58kwMwfpoQuWK3CZaVdMfbzFAoGBANUZ
+Ebo/N8bl9Opo/81zYcFpkUlxBP3vJR8aJ5Bx/0fbXCSwvt1AEHqnYiLBStfMyUTC
+N4MWCUoZ1H6yRyxqPg+QFnYFCqX/Y3DFhkV5d9kTRWvzxc+mumh81+bRsNU6AyxD
+9VFWpAkSA+K8IWCjx5fQ+jeLc7GQ1EjYpSiaEClZAoGBALL6tS0ssyfD+BBFQH8l
+w3KThHQuXTviukwj4eOxWX/uFl5PTX5k2Saj1X3OpoogsmalIz83YWnHaVPPfbt0
+xQ6raGizO22782NnDJ6V/Fx5UOrfzmjqjwHi/gu/HGQIafyGwmoevIdBjcl8mJ4S
+vXkEVeJnU0uHfdTdOqlfB3d9AoGALimZGoSZW5/zF1iZmXMWSSTKUWOHVk8Y9oze
+5z6as4FEi7oyDpHTQA7Ehozi3q7BJwD/r4j1iDTiQHP0UR3OxeZLx1M+REl3zDUt
+6hzvJnozPrh3MI2IshvhVWI1cWt4xn0ORomDTWe2qcZhYKL6GNwvaBrwfBXItuMf
+nBULzTkCgYAcK5LKu6dwUlnv9iro6Jff24qb3P32HdSC2uZTZMcaTXqqUBO/lST2
+elKAHqQxjGGxFf5buQwfFrOKfNlMhQRHppo2/gJLiiChZ7R3GaF49f/4I5YJOo2a
+k/bv70YB3Zf/8p+ip9w9H6N65YAyvzu5yUfoFXgKQQNv0y0B5rtZsw==
+-----END RSA PRIVATE KEY-----
diff --git a/testing/hosts/winnetou/etc/openssl/serial b/testing/hosts/winnetou/etc/openssl/serial
index b6a7d89c6..33c1ce6c7 100644
--- a/testing/hosts/winnetou/etc/openssl/serial
+++ b/testing/hosts/winnetou/etc/openssl/serial
@@ -1 +1 @@
-16
+1F
diff --git a/testing/hosts/winnetou/etc/openssl/serial.old b/testing/hosts/winnetou/etc/openssl/serial.old
index 60d3b2f4a..e28e17eb7 100644
--- a/testing/hosts/winnetou/etc/openssl/serial.old
+++ b/testing/hosts/winnetou/etc/openssl/serial.old
@@ -1 +1 @@
-15
+1E
diff --git a/testing/hosts/winnetou/etc/openssl/strongswanCert.pem b/testing/hosts/winnetou/etc/openssl/strongswanCert.pem
index 0de3b268d..0865ad22e 100644
--- a/testing/hosts/winnetou/etc/openssl/strongswanCert.pem
+++ b/testing/hosts/winnetou/etc/openssl/strongswanCert.pem
@@ -1,7 +1,7 @@
-----BEGIN CERTIFICATE-----
-MIIDtTCCAp2gAwIBAgIBADANBgkqhkiG9w0BAQQFADBFMQswCQYDVQQGEwJDSDEZ
+MIIDuDCCAqCgAwIBAgIBADANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ
MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
-b290IENBMB4XDTA0MDkxMDExMDE0NVoXDTE0MDkwODExMDE0NVowRTELMAkGA1UE
+b290IENBMB4XDTA0MDkxMDEwMDExOFoXDTE5MDkwNzEwMDExOFowRTELMAkGA1UE
BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9u
Z1N3YW4gUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/y
X2LqPVZuWLPIeknK86xhz6ljd3NNhC2z+P1uoCP3sBMuZiZQEjFzhnKcbXxCeo2f
@@ -9,14 +9,14 @@ FnvhOOjrrisSuVkzuu82oxXD3fIkzuS7m9V4E10EZzgmKWIf+WuNRfbgAuUINmLc
4YGAXBQLPyzpP4Ou48hhz/YQo58Bics6PHy5v34qCVROIXDvqhj91P8g+pS+F21/
7P+CH2jRcVIEHZtG8M/PweTPQ95dPzpYd2Ov6SZ/U7EWmbMmT8VcUYn1aChxFmy5
gweVBWlkH6MP+1DeE0/tL5c87xo5KCeGK8Tdqpe7sBRC4pPEEHDQciTUvkeuJ1Pr
-K+1LwdqRxo7HgMRiDw8CAwEAAaOBrzCBrDAPBgNVHRMBAf8EBTADAQH/MAsGA1Ud
-DwQEAwIBBjAdBgNVHQ4EFgQUXafdcAZRMn7ntm2zteXgYOouTe8wbQYDVR0jBGYw
-ZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkwFwYD
-VQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJvb3Qg
-Q0GCAQAwDQYJKoZIhvcNAQEEBQADggEBAJrXTj5gWS37myHHhii9drYwkMFyDHS/
-lHU8rW/drcnHdus507+qUhNr9SiEAHg4Ywj895UDvT0a1sFaw44QyEa/94iKA8/n
-+g5kS1IrKvWu3wu8UI3EgzChgHV3cncQlQWbK+FI9Y3Ax1O1np1r+wLptoWpKKKE
-UxsYcxP9K4Nbyeon0AIHOajUheiL3t6aRc3m0o7VU7Do6S2r+He+1Zq/nRUfFeTy
-0Atebkn8tmUpPSKWaXkmwpVNrjZ1Qu9umAU+dtJyhzL2zmnyhPC4VqpsKCOp7imy
-gKZvUIKPm1zyf4T+yjwxwkiX2xVseoM3aKswb1EoZFelHwndU7u0GQ8=
+K+1LwdqRxo7HgMRiDw8CAwEAAaOBsjCBrzASBgNVHRMBAf8ECDAGAQH/AgEBMAsG
+A1UdDwQEAwIBBjAdBgNVHQ4EFgQUXafdcAZRMn7ntm2zteXgYOouTe8wbQYDVR0j
+BGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkw
+FwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJv
+b3QgQ0GCAQAwDQYJKoZIhvcNAQELBQADggEBACOSmqEBtBLR9aV3UyCI8gmzR5in
+Lte9aUXXS+qis6F2h2Stf4sN+Nl6Gj7REC6SpfEH4wWdwiUL5J0CJhyoOjQuDl3n
+1Dw3dE4/zqMZdyDKEYTU75TmvusNJBdGsLkrf7EATAjoi/nrTOYPPhSUZvPp/D+Y
+vORJ9Ej51GXlK1nwEB5iA8+tDYniNQn6BD1MEgIejzK+fbiy7braZB1kqhoEr2Si
+7luBSnU912sw494E88a2EWbmMvg2TVHPNzCpVkpNk7kifCiwmw9VldkqYy9y/lCa
+Epyp7lTfKw7cbD04Vk8QJW782L6Csuxkl346b17wmOqn8AZips3tFsuAY3w=
-----END CERTIFICATE-----