summaryrefslogtreecommitdiff
path: root/testing/hosts
diff options
context:
space:
mode:
Diffstat (limited to 'testing/hosts')
-rw-r--r--testing/hosts/alice/etc/ipsec.d/ipsec.sql4
-rw-r--r--testing/hosts/alice/etc/strongswan.conf1
-rw-r--r--testing/hosts/bob/etc/ipsec.d/ipsec.sql4
-rw-r--r--testing/hosts/bob/etc/strongswan.conf1
-rw-r--r--testing/hosts/carol/etc/ipsec.d/ipsec.sql4
-rw-r--r--testing/hosts/carol/etc/strongswan.conf1
-rw-r--r--testing/hosts/dave/etc/ipsec.d/ipsec.sql4
-rw-r--r--testing/hosts/dave/etc/strongswan.conf1
-rw-r--r--testing/hosts/default/etc/ipsec.d/tables.sql204
-rw-r--r--testing/hosts/moon/etc/ipsec.d/ipsec.sql4
-rw-r--r--testing/hosts/moon/etc/strongswan.conf1
-rw-r--r--testing/hosts/sun/etc/ipsec.d/ipsec.sql4
-rw-r--r--testing/hosts/sun/etc/strongswan.conf1
-rw-r--r--testing/hosts/venus/etc/ipsec.d/ipsec.sql4
-rw-r--r--testing/hosts/venus/etc/strongswan.conf1
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/0e35060aed55a85aa8520815c166588fc35bcd93bin0 -> 965 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/1b260aa901f29db73635f568c34e27d1f1cb23abbin0 -> 959 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/394ceefaef48af8394d9a0e63d74cc56a4117a23bin0 -> 1062 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/430651fd670098ad72f02c4cc34a017f9931c88bbin0 -> 1049 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/47a2450a79a68462c105747751a6526aa8a20277bin0 -> 1043 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/4f4b98c28a1d286274f529e75000cfbb02ce4c64bin0 -> 1039 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/53b5bf163ae90d54271288852c2ab062fb9e74e3bin0 -> 1061 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/7c6a448fb938e5c19ab75631f0d0cbb92b25f2a9bin0 -> 1049 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/7db109750703f47b822eb10cf205159f90fe3634bin0 -> 1119 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/8dcd0fcfbfdcfce2480a4f18b20007517df2091fbin0 -> 965 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/8e9be7e9f0de2874707245ee200bfb971a646ba9bin0 -> 1059 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/9ff39ec266e309f2b53748a4fe0cfd3923955ff4bin0 -> 1095 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/a91bb369a86604673f42f25b3fc94422eb73afd5bin0 -> 1041 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/af19b02dcdc28a4e86d1657b656f0cac63b5474bbin0 -> 1059 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/b15a2fbbd5613781df896d28f82e4b0893011530bin0 -> 1070 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/bb027269812f2cb0c1ba534c0016b7f33bdca83fbin0 -> 1041 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/cedd2d5985ee0efde7acb2f788ed1a4237197d01bin0 -> 1062 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/e07015ca76fba1039b247ce96c214bb038539cc8bin0 -> 1058 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/e08213ec6a79e05c86a6f8a378eb4d5086352a7bbin0 -> 1059 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/f2595dbd1ee26d9df0e8c5beae47875c68b97b4cbin0 -> 1062 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/research/0855c55d208f71747b88da0fabcce348be495ac0bin0 -> 1028 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/research/29d8bec44f188d61072bad52bfaf6f8553342f15bin0 -> 1013 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/research/91b2e4f8a1612a34c646fb8320aaf374cc78ab7bbin0 -> 1072 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/research/fc384911d10e35814a20c92642873925eada85c3bin0 -> 1132 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/sales/3f24becda29cf44f0e4e89f894b925ab7e7a0aacbin0 -> 1056 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/sales/937fb1c8fa8bb3b169c63c8f77562592e44cfb32bin0 -> 1066 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/sales/a4317f76f97afb3b6308c4b3496eb09d9efeed00bin0 -> 1025 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/certs/sales/fcc1991dae2d8444c841c386e1921c59882afcf2bin0 -> 1114 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/.randbin0 -> 1024 bytes
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber1
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber.old1
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/index.txt4
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr1
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr.old1
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.old3
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/01.pem20
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/02.pem18
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/03.pem19
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/04.pem18
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf184
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/serial1
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/serial.old1
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecCert.pem17
-rw-r--r--testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecKey.pem7
-rwxr-xr-xtesting/hosts/winnetou/etc/openssl/generate-crl5
60 files changed, 539 insertions, 1 deletions
diff --git a/testing/hosts/alice/etc/ipsec.d/ipsec.sql b/testing/hosts/alice/etc/ipsec.d/ipsec.sql
new file mode 100644
index 000000000..da38e9ab4
--- /dev/null
+++ b/testing/hosts/alice/etc/ipsec.d/ipsec.sql
@@ -0,0 +1,4 @@
+/* strongSwan SQLite database */
+
+/* configuration is read from ipsec.conf */
+/* credentials are read from ipsec.secrets */
diff --git a/testing/hosts/alice/etc/strongswan.conf b/testing/hosts/alice/etc/strongswan.conf
new file mode 100644
index 000000000..e79fe2c92
--- /dev/null
+++ b/testing/hosts/alice/etc/strongswan.conf
@@ -0,0 +1 @@
+# /etc/strongswan.conf - strongSwan configuration file
diff --git a/testing/hosts/bob/etc/ipsec.d/ipsec.sql b/testing/hosts/bob/etc/ipsec.d/ipsec.sql
new file mode 100644
index 000000000..da38e9ab4
--- /dev/null
+++ b/testing/hosts/bob/etc/ipsec.d/ipsec.sql
@@ -0,0 +1,4 @@
+/* strongSwan SQLite database */
+
+/* configuration is read from ipsec.conf */
+/* credentials are read from ipsec.secrets */
diff --git a/testing/hosts/bob/etc/strongswan.conf b/testing/hosts/bob/etc/strongswan.conf
new file mode 100644
index 000000000..e79fe2c92
--- /dev/null
+++ b/testing/hosts/bob/etc/strongswan.conf
@@ -0,0 +1 @@
+# /etc/strongswan.conf - strongSwan configuration file
diff --git a/testing/hosts/carol/etc/ipsec.d/ipsec.sql b/testing/hosts/carol/etc/ipsec.d/ipsec.sql
new file mode 100644
index 000000000..da38e9ab4
--- /dev/null
+++ b/testing/hosts/carol/etc/ipsec.d/ipsec.sql
@@ -0,0 +1,4 @@
+/* strongSwan SQLite database */
+
+/* configuration is read from ipsec.conf */
+/* credentials are read from ipsec.secrets */
diff --git a/testing/hosts/carol/etc/strongswan.conf b/testing/hosts/carol/etc/strongswan.conf
new file mode 100644
index 000000000..e79fe2c92
--- /dev/null
+++ b/testing/hosts/carol/etc/strongswan.conf
@@ -0,0 +1 @@
+# /etc/strongswan.conf - strongSwan configuration file
diff --git a/testing/hosts/dave/etc/ipsec.d/ipsec.sql b/testing/hosts/dave/etc/ipsec.d/ipsec.sql
new file mode 100644
index 000000000..da38e9ab4
--- /dev/null
+++ b/testing/hosts/dave/etc/ipsec.d/ipsec.sql
@@ -0,0 +1,4 @@
+/* strongSwan SQLite database */
+
+/* configuration is read from ipsec.conf */
+/* credentials are read from ipsec.secrets */
diff --git a/testing/hosts/dave/etc/strongswan.conf b/testing/hosts/dave/etc/strongswan.conf
new file mode 100644
index 000000000..e79fe2c92
--- /dev/null
+++ b/testing/hosts/dave/etc/strongswan.conf
@@ -0,0 +1 @@
+# /etc/strongswan.conf - strongSwan configuration file
diff --git a/testing/hosts/default/etc/ipsec.d/tables.sql b/testing/hosts/default/etc/ipsec.d/tables.sql
new file mode 100644
index 000000000..6b5be2bcf
--- /dev/null
+++ b/testing/hosts/default/etc/ipsec.d/tables.sql
@@ -0,0 +1,204 @@
+/* strongSwan SQLite database */
+
+DROP TABLE IF EXISTS identities;
+CREATE TABLE identities (
+ id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+ type INTEGER NOT NULL,
+ data BLOB NOT NULL,
+ UNIQUE (type, data)
+);
+
+DROP TABLE IF EXISTS child_configs;
+CREATE TABLE child_configs (
+ id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+ name TEXT NOT NULL,
+ lifetime INTEGER NOT NULL DEFAULT '1200',
+ rekeytime INTEGER NOT NULL DEFAULT '1020',
+ jitter INTEGER NOT NULL DEFAULT '180',
+ updown TEXT DEFAULT NULL,
+ hostaccess INTEGER NOT NULL DEFAULT '0',
+ mode INTEGER NOT NULL DEFAULT '1',
+ dpd_action INTEGER NOT NULL DEFAULT '0',
+ close_action INTEGER NOT NULL DEFAULT '0',
+ ipcomp INTEGER NOT NULL DEFAULT '0'
+);
+DROP INDEX IF EXISTS child_configs_name;
+CREATE INDEX child_configs_name ON child_configs (
+ name
+);
+
+DROP TABLE IF EXISTS child_config_traffic_selector;
+CREATE TABLE child_config_traffic_selector (
+ child_cfg INTEGER NOT NULL,
+ traffic_selector INTEGER NOT NULL,
+ kind INTEGER NOT NULL
+);
+DROP INDEX IF EXISTS child_config_traffic_selector;
+CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector (
+ child_cfg, traffic_selector
+);
+
+DROP TABLE IF EXISTS ike_configs;
+CREATE TABLE ike_configs (
+ id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+ certreq INTEGER NOT NULL DEFAULT '1',
+ force_encap INTEGER NOT NULL DEFAULT '0',
+ local TEXT NOT NULL,
+ remote TEXT NOT NULL
+);
+
+DROP TABLE IF EXISTS peer_configs;
+CREATE TABLE peer_configs (
+ id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+ name TEXT NOT NULL,
+ ike_version INTEGER NOT NULL DEFAULT '2',
+ ike_cfg INTEGER NOT NULL,
+ local_id TEXT NOT NULL,
+ remote_id TEXT NOT NULL,
+ cert_policy INTEGER NOT NULL DEFAULT '1',
+ uniqueid INTEGER NOT NULL DEFAULT '0',
+ auth_method INTEGER NOT NULL DEFAULT '1',
+ eap_type INTEGER NOT NULL DEFAULT '0',
+ eap_vendor INTEGER NOT NULL DEFAULT '0',
+ keyingtries INTEGER NOT NULL DEFAULT '1',
+ rekeytime INTEGER NOT NULL DEFAULT '0',
+ reauthtime INTEGER NOT NULL DEFAULT '3600',
+ jitter INTEGER NOT NULL DEFAULT '180',
+ overtime INTEGER NOT NULL DEFAULT '300',
+ mobike INTEGER NOT NULL DEFAULT '1',
+ dpd_delay INTEGER NOT NULL DEFAULT '120',
+ virtual TEXT DEFAULT NULL,
+ pool TEXT DEFAULT NULL,
+ mediation INTEGER NOT NULL DEFAULT '0',
+ mediated_by INTEGER NOT NULL DEFAULT '0',
+ peer_id INTEGER NOT NULL DEFAULT '0'
+);
+DROP INDEX IF EXISTS peer_configs_name;
+CREATE INDEX peer_configs_name ON peer_configs (
+ name
+);
+
+DROP TABLE IF EXISTS peer_config_child_config;
+CREATE TABLE peer_config_child_config (
+ peer_cfg INTEGER NOT NULL,
+ child_cfg INTEGER NOT NULL,
+ PRIMARY KEY (peer_cfg, child_cfg)
+);
+
+DROP TABLE IF EXISTS traffic_selectors;
+CREATE TABLE traffic_selectors (
+ id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+ type INTEGER NOT NULL DEFAULT '7',
+ protocol INTEGER NOT NULL DEFAULT '0',
+ start_addr BLOB DEFAULT NULL,
+ end_addr BLOB DEFAULT NULL,
+ start_port INTEGER NOT NULL DEFAULT '0',
+ end_port INTEGER NOT NULL DEFAULT '65535'
+);
+
+DROP TABLE IF EXISTS certificates;
+CREATE TABLE certificates (
+ id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+ type INTEGER NOT NULL,
+ keytype INTEGER NOT NULL,
+ data BLOB NOT NULL
+);
+
+DROP TABLE IF EXISTS certificate_identity;
+CREATE TABLE certificate_identity (
+ certificate INTEGER NOT NULL,
+ identity INTEGER NOT NULL,
+ PRIMARY KEY (certificate, identity)
+);
+
+DROP TABLE IF EXISTS private_keys;
+CREATE TABLE private_keys (
+ id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+ type INTEGER NOT NULL,
+ data BLOB NOT NULL
+);
+
+DROP TABLE IF EXISTS private_key_identity;
+CREATE TABLE private_key_identity (
+ private_key INTEGER NOT NULL,
+ identity INTEGER NOT NULL,
+ PRIMARY KEY (private_key, identity)
+);
+
+DROP TABLE IF EXISTS shared_secrets;
+CREATE TABLE shared_secrets (
+ id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+ type INTEGER NOT NULL,
+ data BLOB NOT NULL
+);
+
+DROP TABLE IF EXISTS shared_secret_identity;
+CREATE TABLE shared_secret_identity (
+ shared_secret INTEGER NOT NULL,
+ identity INTEGER NOT NULL,
+ PRIMARY KEY (shared_secret, identity)
+);
+
+DROP TABLE IF EXISTS pools;
+CREATE TABLE pools (
+ id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+ name TEXT NOT NULL,
+ start BLOB NOT NULL,
+ end BLOB NOT NULL,
+ next BLOB NOT NULL,
+ timeout INTEGER DEFAULT NULL,
+ UNIQUE (name)
+);
+DROP INDEX IF EXISTS pools_name;
+CREATE INDEX pools_name ON pools (
+ name
+);
+
+DROP TABLE IF EXISTS leases;
+CREATE TABLE leases (
+ id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+ pool INTEGER NOT NULL,
+ address BLOB NOT NULL,
+ identity INTEGER NOT NULL,
+ acquired INTEGER NOT NULL,
+ released INTEGER DEFAULT NULL
+);
+DROP INDEX IF EXISTS leases_pool;
+CREATE INDEX leases_pool ON leases (
+ pool
+);
+DROP INDEX IF EXISTS leases_identity;
+CREATE INDEX leases_identity ON leases (
+ identity
+);
+DROP INDEX IF EXISTS leases_released;
+CREATE INDEX leases_released ON leases (
+ released
+);
+
+DROP TABLE IF EXISTS ike_sas;
+CREATE TABLE ike_sas (
+ local_spi BLOB NOT NULL PRIMARY KEY,
+ remote_spi BLOB NOT NULL,
+ id INTEGER NOT NULL,
+ initiator INTEGER NOT NULL,
+ local_id_type INTEGER NOT NULL,
+ local_id_data BLOB NOT NULL,
+ remote_id_type INTEGER NOT NULL,
+ remote_id_data BLOB NOT NULL,
+ host_family INTEGER NOT NULL,
+ local_host_data BLOB NOT NULL,
+ remote_host_data BLOB NOT NULL,
+ created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+
+DROP TABLE IF EXISTS logs;
+CREATE TABLE logs (
+ id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+ local_spi BLOB NOT NULL,
+ signal INTEGER NOT NULL,
+ level INTEGER NOT NULL,
+ msg TEXT NOT NULL,
+ time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+
diff --git a/testing/hosts/moon/etc/ipsec.d/ipsec.sql b/testing/hosts/moon/etc/ipsec.d/ipsec.sql
new file mode 100644
index 000000000..da38e9ab4
--- /dev/null
+++ b/testing/hosts/moon/etc/ipsec.d/ipsec.sql
@@ -0,0 +1,4 @@
+/* strongSwan SQLite database */
+
+/* configuration is read from ipsec.conf */
+/* credentials are read from ipsec.secrets */
diff --git a/testing/hosts/moon/etc/strongswan.conf b/testing/hosts/moon/etc/strongswan.conf
new file mode 100644
index 000000000..e79fe2c92
--- /dev/null
+++ b/testing/hosts/moon/etc/strongswan.conf
@@ -0,0 +1 @@
+# /etc/strongswan.conf - strongSwan configuration file
diff --git a/testing/hosts/sun/etc/ipsec.d/ipsec.sql b/testing/hosts/sun/etc/ipsec.d/ipsec.sql
new file mode 100644
index 000000000..da38e9ab4
--- /dev/null
+++ b/testing/hosts/sun/etc/ipsec.d/ipsec.sql
@@ -0,0 +1,4 @@
+/* strongSwan SQLite database */
+
+/* configuration is read from ipsec.conf */
+/* credentials are read from ipsec.secrets */
diff --git a/testing/hosts/sun/etc/strongswan.conf b/testing/hosts/sun/etc/strongswan.conf
new file mode 100644
index 000000000..e79fe2c92
--- /dev/null
+++ b/testing/hosts/sun/etc/strongswan.conf
@@ -0,0 +1 @@
+# /etc/strongswan.conf - strongSwan configuration file
diff --git a/testing/hosts/venus/etc/ipsec.d/ipsec.sql b/testing/hosts/venus/etc/ipsec.d/ipsec.sql
new file mode 100644
index 000000000..da38e9ab4
--- /dev/null
+++ b/testing/hosts/venus/etc/ipsec.d/ipsec.sql
@@ -0,0 +1,4 @@
+/* strongSwan SQLite database */
+
+/* configuration is read from ipsec.conf */
+/* credentials are read from ipsec.secrets */
diff --git a/testing/hosts/venus/etc/strongswan.conf b/testing/hosts/venus/etc/strongswan.conf
new file mode 100644
index 000000000..e79fe2c92
--- /dev/null
+++ b/testing/hosts/venus/etc/strongswan.conf
@@ -0,0 +1 @@
+# /etc/strongswan.conf - strongSwan configuration file
diff --git a/testing/hosts/winnetou/etc/openssl/certs/0e35060aed55a85aa8520815c166588fc35bcd93 b/testing/hosts/winnetou/etc/openssl/certs/0e35060aed55a85aa8520815c166588fc35bcd93
new file mode 100644
index 000000000..dcb5746ec
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/0e35060aed55a85aa8520815c166588fc35bcd93
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/1b260aa901f29db73635f568c34e27d1f1cb23ab b/testing/hosts/winnetou/etc/openssl/certs/1b260aa901f29db73635f568c34e27d1f1cb23ab
new file mode 100644
index 000000000..529fd2d45
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/1b260aa901f29db73635f568c34e27d1f1cb23ab
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/394ceefaef48af8394d9a0e63d74cc56a4117a23 b/testing/hosts/winnetou/etc/openssl/certs/394ceefaef48af8394d9a0e63d74cc56a4117a23
new file mode 100644
index 000000000..29cbe00d1
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/394ceefaef48af8394d9a0e63d74cc56a4117a23
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/430651fd670098ad72f02c4cc34a017f9931c88b b/testing/hosts/winnetou/etc/openssl/certs/430651fd670098ad72f02c4cc34a017f9931c88b
new file mode 100644
index 000000000..1be390003
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/430651fd670098ad72f02c4cc34a017f9931c88b
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/47a2450a79a68462c105747751a6526aa8a20277 b/testing/hosts/winnetou/etc/openssl/certs/47a2450a79a68462c105747751a6526aa8a20277
new file mode 100644
index 000000000..5044790eb
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/47a2450a79a68462c105747751a6526aa8a20277
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/4f4b98c28a1d286274f529e75000cfbb02ce4c64 b/testing/hosts/winnetou/etc/openssl/certs/4f4b98c28a1d286274f529e75000cfbb02ce4c64
new file mode 100644
index 000000000..2bf0d15d5
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/4f4b98c28a1d286274f529e75000cfbb02ce4c64
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/53b5bf163ae90d54271288852c2ab062fb9e74e3 b/testing/hosts/winnetou/etc/openssl/certs/53b5bf163ae90d54271288852c2ab062fb9e74e3
new file mode 100644
index 000000000..ac09de4f8
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/53b5bf163ae90d54271288852c2ab062fb9e74e3
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/7c6a448fb938e5c19ab75631f0d0cbb92b25f2a9 b/testing/hosts/winnetou/etc/openssl/certs/7c6a448fb938e5c19ab75631f0d0cbb92b25f2a9
new file mode 100644
index 000000000..ecc8b3f56
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/7c6a448fb938e5c19ab75631f0d0cbb92b25f2a9
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/7db109750703f47b822eb10cf205159f90fe3634 b/testing/hosts/winnetou/etc/openssl/certs/7db109750703f47b822eb10cf205159f90fe3634
new file mode 100644
index 000000000..87b809718
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/7db109750703f47b822eb10cf205159f90fe3634
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/8dcd0fcfbfdcfce2480a4f18b20007517df2091f b/testing/hosts/winnetou/etc/openssl/certs/8dcd0fcfbfdcfce2480a4f18b20007517df2091f
new file mode 100644
index 000000000..2a52f620d
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/8dcd0fcfbfdcfce2480a4f18b20007517df2091f
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/8e9be7e9f0de2874707245ee200bfb971a646ba9 b/testing/hosts/winnetou/etc/openssl/certs/8e9be7e9f0de2874707245ee200bfb971a646ba9
new file mode 100644
index 000000000..ab91cd3d1
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/8e9be7e9f0de2874707245ee200bfb971a646ba9
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/9ff39ec266e309f2b53748a4fe0cfd3923955ff4 b/testing/hosts/winnetou/etc/openssl/certs/9ff39ec266e309f2b53748a4fe0cfd3923955ff4
new file mode 100644
index 000000000..9e4bb373d
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/9ff39ec266e309f2b53748a4fe0cfd3923955ff4
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/a91bb369a86604673f42f25b3fc94422eb73afd5 b/testing/hosts/winnetou/etc/openssl/certs/a91bb369a86604673f42f25b3fc94422eb73afd5
new file mode 100644
index 000000000..cfca39504
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/a91bb369a86604673f42f25b3fc94422eb73afd5
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/af19b02dcdc28a4e86d1657b656f0cac63b5474b b/testing/hosts/winnetou/etc/openssl/certs/af19b02dcdc28a4e86d1657b656f0cac63b5474b
new file mode 100644
index 000000000..891800d67
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/af19b02dcdc28a4e86d1657b656f0cac63b5474b
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/b15a2fbbd5613781df896d28f82e4b0893011530 b/testing/hosts/winnetou/etc/openssl/certs/b15a2fbbd5613781df896d28f82e4b0893011530
new file mode 100644
index 000000000..8137fc7fa
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/b15a2fbbd5613781df896d28f82e4b0893011530
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/bb027269812f2cb0c1ba534c0016b7f33bdca83f b/testing/hosts/winnetou/etc/openssl/certs/bb027269812f2cb0c1ba534c0016b7f33bdca83f
new file mode 100644
index 000000000..804030056
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/bb027269812f2cb0c1ba534c0016b7f33bdca83f
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/cedd2d5985ee0efde7acb2f788ed1a4237197d01 b/testing/hosts/winnetou/etc/openssl/certs/cedd2d5985ee0efde7acb2f788ed1a4237197d01
new file mode 100644
index 000000000..0fcc92de4
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/cedd2d5985ee0efde7acb2f788ed1a4237197d01
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/e07015ca76fba1039b247ce96c214bb038539cc8 b/testing/hosts/winnetou/etc/openssl/certs/e07015ca76fba1039b247ce96c214bb038539cc8
new file mode 100644
index 000000000..b928af4da
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/e07015ca76fba1039b247ce96c214bb038539cc8
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/e08213ec6a79e05c86a6f8a378eb4d5086352a7b b/testing/hosts/winnetou/etc/openssl/certs/e08213ec6a79e05c86a6f8a378eb4d5086352a7b
new file mode 100644
index 000000000..7afadad25
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/e08213ec6a79e05c86a6f8a378eb4d5086352a7b
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/f2595dbd1ee26d9df0e8c5beae47875c68b97b4c b/testing/hosts/winnetou/etc/openssl/certs/f2595dbd1ee26d9df0e8c5beae47875c68b97b4c
new file mode 100644
index 000000000..0fd84ad38
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/f2595dbd1ee26d9df0e8c5beae47875c68b97b4c
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/research/0855c55d208f71747b88da0fabcce348be495ac0 b/testing/hosts/winnetou/etc/openssl/certs/research/0855c55d208f71747b88da0fabcce348be495ac0
new file mode 100644
index 000000000..7a0c66f34
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/research/0855c55d208f71747b88da0fabcce348be495ac0
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/research/29d8bec44f188d61072bad52bfaf6f8553342f15 b/testing/hosts/winnetou/etc/openssl/certs/research/29d8bec44f188d61072bad52bfaf6f8553342f15
new file mode 100644
index 000000000..a82b76e5e
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/research/29d8bec44f188d61072bad52bfaf6f8553342f15
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/research/91b2e4f8a1612a34c646fb8320aaf374cc78ab7b b/testing/hosts/winnetou/etc/openssl/certs/research/91b2e4f8a1612a34c646fb8320aaf374cc78ab7b
new file mode 100644
index 000000000..dd144594f
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/research/91b2e4f8a1612a34c646fb8320aaf374cc78ab7b
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/research/fc384911d10e35814a20c92642873925eada85c3 b/testing/hosts/winnetou/etc/openssl/certs/research/fc384911d10e35814a20c92642873925eada85c3
new file mode 100644
index 000000000..6a41d41f0
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/research/fc384911d10e35814a20c92642873925eada85c3
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/sales/3f24becda29cf44f0e4e89f894b925ab7e7a0aac b/testing/hosts/winnetou/etc/openssl/certs/sales/3f24becda29cf44f0e4e89f894b925ab7e7a0aac
new file mode 100644
index 000000000..83ae4280f
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/sales/3f24becda29cf44f0e4e89f894b925ab7e7a0aac
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/sales/937fb1c8fa8bb3b169c63c8f77562592e44cfb32 b/testing/hosts/winnetou/etc/openssl/certs/sales/937fb1c8fa8bb3b169c63c8f77562592e44cfb32
new file mode 100644
index 000000000..e0c092d4d
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/sales/937fb1c8fa8bb3b169c63c8f77562592e44cfb32
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/sales/a4317f76f97afb3b6308c4b3496eb09d9efeed00 b/testing/hosts/winnetou/etc/openssl/certs/sales/a4317f76f97afb3b6308c4b3496eb09d9efeed00
new file mode 100644
index 000000000..3bc7c777b
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/sales/a4317f76f97afb3b6308c4b3496eb09d9efeed00
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/certs/sales/fcc1991dae2d8444c841c386e1921c59882afcf2 b/testing/hosts/winnetou/etc/openssl/certs/sales/fcc1991dae2d8444c841c386e1921c59882afcf2
new file mode 100644
index 000000000..63294efab
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/certs/sales/fcc1991dae2d8444c841c386e1921c59882afcf2
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/.rand b/testing/hosts/winnetou/etc/openssl/ecdsa/.rand
new file mode 100644
index 000000000..ff05826f2
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/.rand
Binary files differ
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber b/testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber
new file mode 100644
index 000000000..64969239d
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber
@@ -0,0 +1 @@
+04
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber.old b/testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber.old
new file mode 100644
index 000000000..75016ea36
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber.old
@@ -0,0 +1 @@
+03
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt
new file mode 100644
index 000000000..1e0540f94
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt
@@ -0,0 +1,4 @@
+V 130621144307Z 01 unknown /C=CH/O=Linux strongSwan/OU=ECDSA 521 bit/CN=moon.strongswan.org
+R 130621161252Z 080622162459Z 02 unknown /C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=carol@strongswan.org
+V 130621161359Z 03 unknown /C=CH/O=Linux strongSwan/OU=ECDSA 384 bit/CN=dave@strongswan.org
+V 130621162918Z 04 unknown /C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=carol@strongswan.org
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr
new file mode 100644
index 000000000..3a7e39e6e
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr
@@ -0,0 +1 @@
+unique_subject = no
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr.old b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr.old
new file mode 100644
index 000000000..3a7e39e6e
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr.old
@@ -0,0 +1 @@
+unique_subject = no
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.old b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.old
new file mode 100644
index 000000000..a41b4599f
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.old
@@ -0,0 +1,3 @@
+V 130621144307Z 01 unknown /C=CH/O=Linux strongSwan/OU=ECDSA 521 bit/CN=moon.strongswan.org
+R 130621161252Z 080622162459Z 02 unknown /C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=carol@strongswan.org
+V 130621161359Z 03 unknown /C=CH/O=Linux strongSwan/OU=ECDSA 384 bit/CN=dave@strongswan.org
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/01.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/01.pem
new file mode 100644
index 000000000..5178c7f38
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/01.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDMDCCApKgAwIBAgIBATAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
+VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
+b3QgQ0EwHhcNMDgwNjIyMTQ0MzA3WhcNMTMwNjIxMTQ0MzA3WjBeMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
+NTIxIGJpdDEcMBoGA1UEAxMTbW9vbi5zdHJvbmdzd2FuLm9yZzCBmzAQBgcqhkjO
+PQIBBgUrgQQAIwOBhgAEALmnl/PUy9v7Qsc914kdzY+TQ6VY2192oRoa9SkpxXrs
+5GnWSJoz3yinpPHdchH0UknKt/C2Ik2k7izDH/Zau5gNAD1PqBrYWtcP+sLnH1G9
+BTibraniAUSpSaDhiWrfTteRNWqkzZI37a6YfKcBZozQcvYMW1co15EwZTptqykX
+Eepuo4IBEzCCAQ8wCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFDVU
+Hzs47lOG0dHsezm6aFqdwJwfMHgGA1UdIwRxMG+AFLpd+XG2E7Vq0d26Nreq0sHu
+j9jSoUykSjBIMQswCQYDVQQGEwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dh
+bjEeMBwGA1UEAxMVc3Ryb25nU3dhbiBFQyBSb290IENBggkA9qJ1fiLvpokwHgYD
+VR0RBBcwFYITbW9vbi5zdHJvbmdzd2FuLm9yZzA8BgNVHR8ENTAzMDGgL6Athito
+dHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW5fZWMuY3JsMAkGByqG
+SM49BAEDgYwAMIGIAkIBDgZs1pXvm8SwT9S1m6nIHwuZsJDsDri/PWM6NXdMUXEt
+l0p8cfq8PbJlK/0+eLz8Ec1zpWuF5vasFHkVhauHdnECQgEVuYTrlry9gAx7G4kH
+mne2yDxTclEDziWxPG4UkZbkGttf9eZlsXmNoX/Z/fojXxMYZaPqM3eOT2h6ezMD
+CI9WpQ==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/02.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/02.pem
new file mode 100644
index 000000000..69f8841c9
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/02.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC6jCCAk6gAwIBAgIBAjAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
+VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
+b3QgQ0EwHhcNMDgwNjIyMTYxMjUyWhcNMTMwNjIxMTYxMjUyWjBfMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
+MjU2IGJpdDEdMBsGA1UEAxQUY2Fyb2xAc3Ryb25nc3dhbi5vcmcwVjAQBgcqhkjO
+PQIBBgUrgQQACgNCAAQlXpPktKrfBWubyHuZOa6qs6oZEOyEvg2564RRwATbgbco
+dyhpdDd4LAZSIcDznicaFnyAFXcH7petwggbFxY+o4IBFDCCARAwCQYDVR0TBAIw
+ADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFKlXB+yOT1OKIF6OJJARCE2ehUfoMHgG
+A1UdIwRxMG+AFLpd+XG2E7Vq0d26Nreq0sHuj9jSoUykSjBIMQswCQYDVQQGEwJD
+SDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEeMBwGA1UEAxMVc3Ryb25nU3dh
+biBFQyBSb290IENBggkA9qJ1fiLvpokwHwYDVR0RBBgwFoEUY2Fyb2xAc3Ryb25n
+c3dhbi5vcmcwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5zdHJvbmdzd2Fu
+Lm9yZy9zdHJvbmdzd2FuX2VjLmNybDAJBgcqhkjOPQQBA4GKADCBhgJBAUi8pORy
+e8TjdVVGpvnMAyCfbY6XvMtn8leLAF1RLNGLvW9vYnpTJYwlFVQlnHDNp+bbVwfw
+BxjbM3jZjh6IgWwCQVYJayzuhboLCs18sgr+VqOCEuVhVpDolGUFnP4427/6bQsq
+hY98yakkyYM6xIHd7phMDg1v5ufWt0e/2Vp7r+v6
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/03.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/03.pem
new file mode 100644
index 000000000..075d8f1e5
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/03.pem
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDCTCCAmygAwIBAgIBAzAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
+VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
+b3QgQ0EwHhcNMDgwNjIyMTYxMzU5WhcNMTMwNjIxMTYxMzU5WjBeMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
+Mzg0IGJpdDEcMBoGA1UEAxQTZGF2ZUBzdHJvbmdzd2FuLm9yZzB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABPxEg8AaVNAwCXqg0p21Zc7YzPLA3voAWf233CZJpsjb1w3y
+IeTUeIeGU7aLWAyuXgeBsx+lKzWy00LzPELOgK+3ulTHzBZg7s8kMGhwPWfV4JLA
+zrso5+i64+Y4wvRCBaOCARMwggEPMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0G
+A1UdDgQWBBQxJAy8gaP3RNBt1WTD27/IMzANmTB4BgNVHSMEcTBvgBS6XflxthO1
+atHduja3qtLB7o/Y0qFMpEowSDELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4
+IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3YW4gRUMgUm9vdCBDQYIJAPai
+dX4i76aJMB4GA1UdEQQXMBWBE2RhdmVAc3Ryb25nc3dhbi5vcmcwPAYDVR0fBDUw
+MzAxoC+gLYYraHR0cDovL2NybC5zdHJvbmdzd2FuLm9yZy9zdHJvbmdzd2FuX2Vj
+LmNybDAJBgcqhkjOPQQBA4GLADCBhwJCAZaqaroyGwqd7nb5dVVWjTK8glVzDFJH
+ru4F6R+7fDCGEOaFlxf4GRkSrvQQA8vfgo6Md9XjBwq0r+9s3xt5xJjJAkElSo1/
+wyn8KQ3XN07UIaMvPctipq2OgpfteQK/F81CtZ+YCLEQt3xT7NQpriaKwGQxJAQv
+g+Z+grJzTppAqpwRpg==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/04.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/04.pem
new file mode 100644
index 000000000..29709926a
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/04.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC7zCCAlGgAwIBAgIBBDAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD
+VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv
+b3QgQ0EwHhcNMDgwNjIyMTYyOTE4WhcNMTMwNjIxMTYyOTE4WjBfMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg
+MjU2IGJpdDEdMBsGA1UEAxQUY2Fyb2xAc3Ryb25nc3dhbi5vcmcwWTATBgcqhkjO
+PQIBBggqhkjOPQMBBwNCAAQgp/Z/GgzvVCDdVcIYqERml0KroZEaVqiF8uy8dlTS
+4mxNs6snDdEWh/LzXTd3NVnCihT2XgHxOk8NrX4hBMMYo4IBFDCCARAwCQYDVR0T
+BAIwADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFLdhGhurno1dU2SMx7UGXpa/lgJ9
+MHgGA1UdIwRxMG+AFLpd+XG2E7Vq0d26Nreq0sHuj9jSoUykSjBIMQswCQYDVQQG
+EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEeMBwGA1UEAxMVc3Ryb25n
+U3dhbiBFQyBSb290IENBggkA9qJ1fiLvpokwHwYDVR0RBBgwFoEUY2Fyb2xAc3Ry
+b25nc3dhbi5vcmcwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5zdHJvbmdz
+d2FuLm9yZy9zdHJvbmdzd2FuX2VjLmNybDAJBgcqhkjOPQQBA4GMADCBiAJCATa+
+sBFW3vCx/JgLyxU85F2QuLO0/zdNBhIU0kN7kr1cYBBr8mpbhuNKm6iFe2DsFJZx
+ii3DQjwvG46is2Njzi4vAkIA72lPodCDtAFpD/2PUxjzo6xTAFazUejobkdDTUXn
+s0f8qIzzeQuTwLbp6pDmR/JGzhAeRvQT82njCo0PJ8Hbz1c=
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf b/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf
new file mode 100644
index 000000000..6da2682b3
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf
@@ -0,0 +1,184 @@
+# openssl.cnf - OpenSSL configuration file for the ZHW PKI
+# Mario Strasser <mario.strasser@zhwin.ch>
+#
+# $Id: openssl.cnf,v 1.2 2005/08/15 21:25:22 as Exp $
+#
+
+# This definitions were set by the ca_init script DO NOT change
+# them manualy.
+CAHOME = /etc/openssl/ecdsa
+RANDFILE = $CAHOME/.rand
+
+# Extra OBJECT IDENTIFIER info:
+oid_section = new_oids
+
+[ new_oids ]
+SmartcardLogin = 1.3.6.1.4.1.311.20.2
+ClientAuthentication = 1.3.6.1.4.1.311.20.2.2
+
+####################################################################
+
+[ ca ]
+default_ca = root_ca # The default ca section
+
+####################################################################
+
+[ root_ca ]
+
+dir = $CAHOME
+certs = $dir/certs # Where the issued certs are kept
+crl_dir = $dir/crl # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+new_certs_dir = $dir/newcerts # default place for new certs.
+
+certificate = $dir/strongswan_ecCert.pem # The CA certificate
+serial = $dir/serial # The current serial number
+crl = $dir/crl.pem # The current CRL
+crlnumber = $dir/crlnumber # The current CRL serial number
+private_key = $dir/strongswan_ecKey.pem # The private key
+RANDFILE = $dir/.rand # private random number file
+
+x509_extensions = host_ext # The extentions to add to the cert
+
+crl_extensions = crl_ext # The extentions to add to the CRL
+
+default_days = 1825 # how long to certify for
+default_crl_days= 30 # how long before next CRL
+default_md = sha256 # which md to use.
+preserve = no # keep passed DN ordering
+email_in_dn = no # allow/forbid EMail in DN
+
+policy = policy_match # specifying how similar the request must look
+
+####################################################################
+
+# the 'match' policy
+[ policy_match ]
+countryName = match
+stateOrProvinceName = optional
+localityName = optional
+organizationName = match
+organizationalUnitName = optional
+userId = optional
+serialNumber = optional
+commonName = supplied
+emailAddress = optional
+
+# the 'anything' policy
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+####################################################################
+
+[ req ]
+default_bits = 1024
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+x509_extensions = ca_ext # The extentions to add to the self signed cert
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+
+# This sets a mask for permitted string types. There are several options.
+# default: PrintableString, T61String, BMPString.
+# pkix : PrintableString, BMPString.
+# utf8only: only UTF8Strings.
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
+# so use this option with caution!
+string_mask = nombstr
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+####################################################################
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = CH
+countryName_min = 2
+countryName_max = 2
+
+#stateOrProvinceName = State or Province Name (full name)
+#stateOrProvinceName_default = ZH
+
+#localityName = Locality Name (eg, city)
+#localityName_default = Winterthur
+
+organizationName = Organization Name (eg, company)
+organizationName_default = Linux strongSwan
+
+0.organizationalUnitName = Organizational Unit Name (eg, section)
+#0.organizationalUnitName_default = Research
+
+#1.organizationalUnitName = Type (eg, Staff)
+#1.organizationalUnitName_default = Staff
+
+#userId = UID
+
+commonName = Common Name (eg, YOUR name)
+commonName_default = $ENV::COMMON_NAME
+commonName_max = 64
+
+#0.emailAddress = Email Address (eg, foo@bar.com)
+#0.emailAddress_min = 0
+#0.emailAddress_max = 40
+
+#1.emailAddress = Second Email Address (eg, foo@bar.com)
+#1.emailAddress_min = 0
+#1.emailAddress_max = 40
+
+####################################################################
+
+[ req_attributes ]
+
+####################################################################
+
+[ host_ext ]
+
+basicConstraints = CA:FALSE
+keyUsage = digitalSignature, keyEncipherment, keyAgreement
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid, issuer:always
+subjectAltName = DNS:$ENV::COMMON_NAME
+#extendedKeyUsage = OCSPSigning
+crlDistributionPoints = URI:http://crl.strongswan.org/strongswan_ec.crl
+
+####################################################################
+
+[ user_ext ]
+
+basicConstraints = CA:FALSE
+keyUsage = digitalSignature, keyEncipherment, keyAgreement
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid, issuer:always
+subjectAltName = email:$ENV::COMMON_NAME
+#authorityInfoAccess = OCSP;URI:http://ocsp.strongswan.org:8880
+crlDistributionPoints = URI:http://crl.strongswan.org/strongswan_ec.crl
+
+####################################################################
+
+[ ca_ext ]
+
+basicConstraints = critical, CA:TRUE
+keyUsage = cRLSign, keyCertSign
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid, issuer:always
+
+####################################################################
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+#issuerAltName = issuer:copy
+authorityKeyIdentifier = keyid:always, issuer:always
+
+# eof
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/serial b/testing/hosts/winnetou/etc/openssl/ecdsa/serial
new file mode 100644
index 000000000..eeee65ec4
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/serial
@@ -0,0 +1 @@
+05
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/serial.old b/testing/hosts/winnetou/etc/openssl/ecdsa/serial.old
new file mode 100644
index 000000000..64969239d
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/serial.old
@@ -0,0 +1 @@
+04
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecCert.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecCert.pem
new file mode 100644
index 000000000..3480a434a
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecCert.pem
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICyDCCAiqgAwIBAgIJAPaidX4i76aJMAkGByqGSM49BAEwSDELMAkGA1UEBhMC
+Q0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3
+YW4gRUMgUm9vdCBDQTAeFw0wODA2MjIxNDM2MDZaFw0xODA2MjAxNDM2MDZaMEgx
+CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
+ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0EwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYA
+BAEUx1NvjNKzbDHaRPMsqIf/6SbUpzBa78N/WIyF6rYj8e5McAqfTfzUfFJZYoQn
+/mbP3VfjOxRuMDjrlfvdgMxwkwFDigWQfHg3CJbS7eQjjO1MrxxIJUtfSTnF29tM
+h6IYMdxaZKloCGCOrpmGCGdxD2/KwoX1SA3BlnjaNt7kSTonkqOBujCBtzAPBgNV
+HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUul35cbYTtWrR3bo2
+t6rSwe6P2NIweAYDVR0jBHEwb4AUul35cbYTtWrR3bo2t6rSwe6P2NKhTKRKMEgx
+CzAJBgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQD
+ExVzdHJvbmdTd2FuIEVDIFJvb3QgQ0GCCQD2onV+Iu+miTAJBgcqhkjOPQQBA4GM
+ADCBiAJCAL5pU3X6NYWjOYe0cxrah27UxtUDLUNkFG/Ojl+gOH4QB0CKY0HXNyrq
+cgba73dXF/U0Cg3Ij/9g4Kd9GgYq0GlSAkIAqgqMKqXni8wbeGMJE2Mn2/8aHM3Q
+3flpHSoeNWOe/VzpRviw+VRgA4vbhhKUXBtQSiea77/DXLwOp5w7rkBoEUg=
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecKey.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecKey.pem
new file mode 100644
index 000000000..4a3b7c479
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecKey.pem
@@ -0,0 +1,7 @@
+-----BEGIN EC PRIVATE KEY-----
+MIHbAgEBBEFJlQ5poxh00lP7dd/rWQe5grTgrFtUqguppHAY/JZL0eKNiS7PpAb8
+xLmROFGAUcpraen+l6K7GKEzTCh/uUeeFaAHBgUrgQQAI6GBiQOBhgAEARTHU2+M
+0rNsMdpE8yyoh//pJtSnMFrvw39YjIXqtiPx7kxwCp9N/NR8UllihCf+Zs/dV+M7
+FG4wOOuV+92AzHCTAUOKBZB8eDcIltLt5COM7UyvHEglS19JOcXb20yHohgx3Fpk
+qWgIYI6umYYIZ3EPb8rChfVIDcGWeNo23uRJOieS
+-----END EC PRIVATE KEY-----
diff --git a/testing/hosts/winnetou/etc/openssl/generate-crl b/testing/hosts/winnetou/etc/openssl/generate-crl
index 99274c0ba..199ecf10e 100755
--- a/testing/hosts/winnetou/etc/openssl/generate-crl
+++ b/testing/hosts/winnetou/etc/openssl/generate-crl
@@ -32,4 +32,7 @@ cd /etc/openssl/sales
openssl ca -gencrl -crldays 15 -config /etc/openssl/sales/openssl.cnf -out crl.pem
openssl crl -in crl.pem -outform der -out sales.crl
cp sales.crl /var/www/localhost/htdocs/
-
+cd /etc/openssl/ecdsa
+openssl ca -gencrl -crldays 15 -config /etc/openssl/ecdsa/openssl.cnf -out crl.pem
+openssl crl -in crl.pem -outform der -out strongswan_ec.crl
+cp strongswan_ec.crl /var/www/localhost/htdocs/