12 files changed, 1010 insertions, 177 deletions
diff --git a/testing/hosts/default/etc/pts/data.sql b/testing/hosts/default/etc/pts/data.sql
index dde7c9fa5..35fd65753 100644
--- a/testing/hosts/default/etc/pts/data.sql
+++ b/testing/hosts/default/etc/pts/data.sql
@@ -1,80 +1,418 @@
 /* Products */
 
-INSERT INTO products (
+INSERT INTO products (			/*  1 */
   name
 ) VALUES (
- 'Debian 7.0'
+ 'Debian 6.0 i686'
 );
 
-INSERT INTO products (
+INSERT INTO products (			/*  2 */
+  name
+) VALUES (
+ 'Debian 6.0 x86_64'
+);
+
+INSERT INTO products (			/*  3 */
   name
 ) VALUES (
  'Debian 7.0 i686'
 );
 
-INSERT INTO products (
+INSERT INTO products (			/*  4 */
   name
 ) VALUES (
  'Debian 7.0 x86_64'
 );
 
-INSERT INTO products (
+INSERT INTO products (			/*  5 */
   name
 ) VALUES (
- 'Ubuntu 12.04'
+ 'Debian 8.0 i686'
 );
 
-INSERT INTO products (
+INSERT INTO products (			/*  6 */
   name
 ) VALUES (
- 'Ubuntu 12.04 i686'
+ 'Debian 8.0 x86_64'
 );
 
-INSERT INTO products (
+INSERT INTO products (			/*  7 */
   name
 ) VALUES (
- 'Ubuntu 12.04 x86_64'
+ 'Ubuntu 10.04 i686'
+);
+
+INSERT INTO products (			/*  8 */
+  name
+) VALUES (
+ 'Ubuntu 10.04 x86_64'
+);
+
+INSERT INTO products (			/*  9 */
+  name
+) VALUES (
+ 'Ubuntu 10.10 i686'
+);
+
+INSERT INTO products (			/* 10 */
+  name
+) VALUES (
+ 'Ubuntu 10.10 x86_64'
+);
+
+INSERT INTO products (			/* 11 */
+  name
+) VALUES (
+ 'Ubuntu 11.04 i686'
+);
+
+INSERT INTO products (			/* 12 */
+  name
+) VALUES (
+ 'Ubuntu 11.04 x86_64'
 );
 
-INSERT INTO products (
+INSERT INTO products (			/* 13 */
   name
 ) VALUES (
- 'Ubuntu 12.10'
+ 'Ubuntu 11.10 i686'
 );
 
-INSERT INTO products (
+INSERT INTO products (			/* 14 */
+  name
+) VALUES (
+ 'Ubuntu 11.10 x86_64'
+);
+
+INSERT INTO products (			/* 15 */
+  name
+) VALUES (
+ 'Ubuntu 12.04 i686'
+);
+
+INSERT INTO products (			/* 16 */
+  name
+) VALUES (
+ 'Ubuntu 12.04 x86_64'
+);
+
+INSERT INTO products (			/* 17 */
   name
 ) VALUES (
  'Ubuntu 12.10 i686'
 );
 
-INSERT INTO products (
+INSERT INTO products (			/* 18 */
   name
 ) VALUES (
  'Ubuntu 12.10 x86_64'
 );
 
+INSERT INTO products (			/* 19 */
+  name
+) VALUES (
+ 'Ubuntu 13.04 i686'
+);
+
+INSERT INTO products (			/* 20 */
+  name
+) VALUES (
+ 'Ubuntu 13.04 x86_64'
+);
+
+INSERT INTO products (			/* 21 */
+  name
+) VALUES (
+ 'Android 4.1.1'
+);
+
+INSERT INTO products (			/* 22 */
+  name
+) VALUES (
+ 'Android 4.2.1'
+);
+
+/* Directories */
+
+INSERT INTO directories (		/*  1 */
+  path
+) VALUES (
+ '/bin'
+);
+
+INSERT INTO directories (		/*  2 */
+  path
+) VALUES (
+ '/etc'
+);
+
+INSERT INTO directories (		/*  3 */
+  path
+) VALUES (
+ '/lib'
+);
+
+INSERT INTO directories (		/*  4 */
+  path
+) VALUES (
+ '/lib/i386-linux-gnu'
+);
+
+INSERT INTO directories (		/*  5 */
+  path
+) VALUES (
+ '/lib/x86_64-linux-gnu'
+);
+
+INSERT INTO directories (		/*  6 */
+  path
+) VALUES (
+ '/lib/xtables'
+);
+
+INSERT INTO directories (		/*  7 */
+  path
+) VALUES (
+ '/sbin'
+);
+
+INSERT INTO directories (		/*  8 */
+  path
+) VALUES (
+ '/usr/bin'
+);
+
+INSERT INTO directories (		/*  9 */
+  path
+) VALUES (
+ '/usr/lib'
+);
+
+INSERT INTO directories (		/* 10 */
+  path
+) VALUES (
+ '/usr/lib/i386-linux-gnu'
+);
+
+INSERT INTO directories (		/* 11 */
+  path
+) VALUES (
+ '/usr/lib/x86_64-linux-gnu'
+);
+
+INSERT INTO directories (		/* 12 */
+  path
+) VALUES (
+ '/usr/sbin'
+);
+
+INSERT INTO directories (		/* 13 */
+  path
+) VALUES (
+ '/system/bin'
+);
+
+INSERT INTO directories (		/* 14 */
+  path
+) VALUES (
+ '/system/lib'
+);
+
+/* Files */
+
+INSERT INTO files (				/*  1 */
+  name, dir
+) VALUES (
+ 'libcrypto.so.1.0.0', 5
+);
+
+INSERT INTO files (				/*  2 */
+  name, dir
+) VALUES (
+ 'libcrypto.so.1.0.0', 11
+);
+
+INSERT INTO files (				/*  3 */
+  name, dir
+) VALUES (
+ 'libssl.so.1.0.0', 5
+);
+
+INSERT INTO files (				/*  4 */
+  name, dir
+) VALUES (
+ 'libssl.so.1.0.0', 11
+);
+
+INSERT INTO files (				/*  5 */
+  name, dir
+) VALUES (
+  'openssl', 8
+);
+
+INSERT INTO files (				/*  6 */
+  name, dir
+) VALUES (
+  'tnc_config', 2
+);
+
+/* Algorithms */
+
+INSERT INTO algorithms (
+  id, name
+) VALUES (
+  65536, 'SHA1-IMA' 
+);
+
+INSERT INTO algorithms (
+  id, name
+) VALUES (
+  32768, 'SHA1' 
+);
+
+INSERT INTO algorithms (
+  id, name
+) VALUES (
+  16384, 'SHA256' 
+);
+
+INSERT INTO algorithms (
+  id, name
+) VALUES (
+  8192, 'SHA384' 
+);
+
+/* File Hashes */
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  4, 2, 32768, X'6c6f8e12f6cbfba612e780374c4cdcd40f20968a' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  4, 2, 16384, X'dbcecd19d59310183cf5c31ddee29e8d7bec64d3f9583aad074330a1b3024b07' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  4, 2, 8192, X'197c5385e5853003188833d4f991136c1b0875fa416a60b1159f64e57e457b3184762c884a802a2bda194c058e3bd953' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  4, 4, 32768, X'3ad204f99eb7262efab79cfca02628870ea76361' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  4, 4, 16384, X'3a2170aad92fdd58b55e0e199822bc873cf587b2d1eb1ed7ed8dcea97ae86376' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  4, 4, 8192, X'f778076baa876b5e4b502494a3db081fb09dd870dee6991d54104a74b7e009c58fe261db5ffd13c11e08ef0cefcfa59f' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  4, 5, 32768, X'ecd9c7076cc0572724c7a67db7f19c2831e0445f' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  4, 5, 16384, X'28f3ea5afd34444c8232ea75003131e294a0c9b847de300e4b205d38c1a41305' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  4, 5, 8192, X'51921a8b9322f2d3f06d55002ff40a79da67e70cb563b2a50977642d603dfac2ccbb68b3d32a8bb350769b75d6254208' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  18, 1, 32768, X'd9309b9e45928239d7a7b18711e690792632cce4' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  18, 1, 16384, X'dbfa1856d278d8707c4989b30dd065b4bcd309908f0f2e6e66ff2aa83ff93f59' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  18, 1, 8192, X'fb8d027f03bb5ebb47741ed247eb9e174127b714d20229885feb37e0979aeb14a1b74020cded891d680441093625729c' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  18, 3, 32768, X'3715f2f94016a91fab5bbc503f0f1d43c5a9fc2b' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  18, 3, 16384, X'c03a5296b5decb87b01517f9927a8b2349dfb29ff9f5ba084f994c155ca5d4be' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  18, 3, 8192, X'b8bc345f56115235cc6091f61e312ce43ea54a5b99e7295002ae7b415fd35e06ec4c731ab70ad00d784bb53a318a2fa0' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  18, 5, 32768, X'e59602f4edf24c1b36199588886d06665d4adcd7' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  18, 5, 16384, X'090e1b77bda7fe665e498c6b5e09dbb7ddc5cfe57f213de48f4fb6736484f500' 
+);
+
+INSERT INTO file_hashes (
+  product, file, algo, hash
+) VALUES (
+  18, 5, 8192, X'7cbdb4612a13443dba910ecdef5161f2213e52c9b4a2eef14bcee5d287e9df931cd022e9e9715518ad9c9b6e3384a668' 
+);
+
 /* Packages */
 
-INSERT INTO packages (
+INSERT INTO packages (			/*  1 */
   name
 ) VALUES (
  'libssl-dev'
 );
 
-INSERT INTO packages (
+INSERT INTO packages (			/*  2 */
   name
 ) VALUES (
  'libssl1.0.0'
 );
 
-INSERT INTO packages (
+INSERT INTO packages (			/*  3 */
   name
 ) VALUES (
  'libssl1.0.0-dbg'
 );
 
-INSERT INTO packages (
+INSERT INTO packages (			/*  4 */
   name
 ) VALUES (
  'openssl'
@@ -84,24 +422,425 @@ INSERT INTO packages (
 
 INSERT INTO versions (
   package, product, release, time
-) values (
-  1, 1, '1.0.1e-2', 1366531494
+) VALUES (
+  1, 4, '1.0.1e-2', 1366531494
 );
 
 INSERT INTO versions (
   package, product, release, time
-) values (
-  2, 1, '1.0.1e-2', 1366531494
+) VALUES (
+  2, 4, '1.0.1e-2', 1366531494
 );
 
 INSERT INTO versions (
   package, product, release, time
-) values (
-  3, 1, '1.0.1e-2', 1366531494
+) VALUES (
+  3, 4, '1.0.1e-2', 1366531494
 );
 
 INSERT INTO versions (
   package, product, release, time
-) values (
-  4, 1, '1.0.1e-2', 1366531494
+) VALUES (
+  4, 4, '1.0.1e-2', 1366531494
+);
+
+/* Components */
+
+INSERT INTO components (
+  vendor_id, name, qualifier
+) VALUES (
+  36906, 1, 33  /* ITA TGRUB */
+);
+
+INSERT INTO components (
+  vendor_id, name, qualifier
+) VALUES (
+  36906, 2, 33  /* ITA TBOOT */
 );
+
+INSERT INTO components (
+  vendor_id, name, qualifier
+) VALUES (
+  36906, 3, 33  /* ITA IMA - Trusted Platform */
+);
+
+INSERT INTO components (
+  vendor_id, name, qualifier
+) VALUES (
+  36906, 3, 34  /* ITA IMA - Operating System */
+);
+
+/* Groups */
+
+INSERT INTO groups (			/*  1 */
+  name
+) VALUES (
+  'Default'
+);
+
+INSERT INTO groups (			/*  2 */
+  name, parent
+) VALUES (
+  'Linux', 1
+);
+
+INSERT INTO groups (			/*  3 */
+  name, parent
+) VALUES (
+  'Android', 1
+);
+
+INSERT INTO groups (			/*  4 */
+  name, parent
+) VALUES (
+  'Debian i686', 2
+);
+
+INSERT INTO groups (			/*  5 */
+  name, parent
+) VALUES (
+  'Debian x86_64', 2
+);
+
+INSERT INTO groups (			/*  6 */
+  name, parent
+) VALUES (
+  'Ubuntu i686', 2
+);
+
+INSERT INTO groups (			/*  7 */
+  name, parent
+) VALUES (
+  'Ubuntu x86_64', 2
+);
+
+INSERT INTO groups (			/*  8 */
+  name
+) VALUES (
+  'Reference'
+);
+
+INSERT INTO groups (			/*  9 */
+  name, parent
+) VALUES (
+  'Ref. Android', 8
+);
+
+INSERT INTO groups (			/* 10 */
+  name, parent
+) VALUES (
+  'Ref. Linux', 8
+);
+
+/* Default Product Groups */
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  4, 1
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  4, 3
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  4, 5
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  5, 2
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  5, 4
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  5, 6
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  6, 7
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  6, 9
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  6, 11
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  6, 13
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  6, 15
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  6, 17
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  6, 19
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  7, 8
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  7, 10
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  7, 12
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  7, 14
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  7, 16
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  7, 18
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  7, 20
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  3, 21
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  3, 22
+);
+
+/* Policies */
+
+INSERT INTO policies (			/*  1 */
+  type, name, rec_fail, rec_noresult
+) VALUES (
+  1, 'Installed Packages', 2, 2
+);
+
+INSERT INTO policies (			/*  2 */
+  type, name, rec_fail, rec_noresult
+) VALUES (
+  2, 'Unknown Source', 2, 2
+);
+
+INSERT INTO policies (			/*  3 */
+  type, name, rec_fail, rec_noresult
+) VALUES (
+  3, 'IP Forwarding Enabled',  1, 1
+);
+
+INSERT INTO policies (			/*  4 */
+  type, name, rec_fail, rec_noresult
+) VALUES (
+  4, 'Default Factory Password Enabled', 1, 1
+);
+
+INSERT INTO policies (			/*  5 */
+  type, name, file, rec_fail, rec_noresult
+) VALUES (
+  6, 'Measure /lib/x86_64-linux-gnu/libcrypto.so.1.0.0', 1, 2, 2
+);
+
+INSERT INTO policies (			/*  6 */
+  type, name, file, rec_fail, rec_noresult
+) VALUES (
+  6, 'Measure /lib/x86_64-linux-gnu/libssl.so.1.0.0', 3, 2, 2
+);
+
+INSERT INTO policies (			/*  7 */
+  type, name, file, rec_fail, rec_noresult
+) VALUES (
+  6, 'Measure /usr/bin/openssl', 5, 2, 2
+);
+
+INSERT INTO policies (			/*  8 */
+  type, name, rec_fail, rec_noresult
+) VALUES (
+  11, 'No Open TCP Ports', 1, 1
+);
+
+INSERT INTO policies (			/*  9 */
+  type, name, argument, rec_fail, rec_noresult
+) VALUES (
+  13, 'Open UDP Ports', '500 4500 10000-65000', 1, 1
+);
+
+INSERT INTO policies (			/* 10 */
+  type, name, file, rec_fail, rec_noresult
+) VALUES (
+  7, 'Metadata of /etc/tnc_config', 6, 0, 0
+);
+
+INSERT INTO policies (			/* 11 */
+  type, name, dir, rec_fail, rec_noresult
+) VALUES (
+  8, 'Get /bin', 1, 0, 0
+);
+
+INSERT INTO policies (			/*  12 */
+  type, name, file, rec_fail, rec_noresult
+) VALUES (
+  6, 'Measure /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0', 2, 2, 2
+);
+
+INSERT INTO policies (			/* 13 */
+  type, name, file, rec_fail, rec_noresult
+) VALUES (
+  6, 'Measure /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0', 4, 2, 2
+);
+
+INSERT INTO policies (			/* 14 */
+  type, name, dir, rec_fail, rec_noresult
+) VALUES (
+  8, 'Get /system/bin', 13, 0, 0
+);
+
+INSERT INTO policies (			/* 15 */
+  type, name, dir, rec_fail, rec_noresult
+) VALUES (
+  8, 'Get /system/lib', 14, 0, 0
+);
+
+/* Enforcements */
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  1, 1, 86400
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  2, 3, 0
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  3, 2, 0
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  5, 7, 86400
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  6, 7, 86400
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  7, 2, 86400
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  8, 1, 60
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  9, 1, 60
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  10, 2, 60
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  11, 10, 86400
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  12, 5, 86400
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  13, 5, 86400
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  14, 9, 0
+);
+
+INSERT INTO enforcements (
+  policy, group_id, max_age
+) VALUES (
+  15, 9, 0
+);
+
diff --git a/testing/hosts/default/etc/pts/data.sql~ b/testing/hosts/default/etc/pts/data.sql~
deleted file mode 100644
index b08d035ab..000000000
--- a/testing/hosts/default/etc/pts/data.sql~
+++ /dev/null
@@ -1,107 +0,0 @@
-/* Products */
-
-INSERT INTO products (
-  name
-) VALUES (
- 'Debian 7.0'
-);
-
-INSERT INTO products (
-  name
-) VALUES (
- 'Debian 7.0 i686'
-);
-
-INSERT INTO products (
-  name
-) VALUES (
- 'Debian 7.0 x86_64'
-);
-
-INSERT INTO products (
-  name
-) VALUES (
- 'Ubuntu 12.04'
-);
-
-INSERT INTO products (
-  name
-) VALUES (
- 'Ubuntu 12.04 i686'
-);
-
-INSERT INTO products (
-  name
-) VALUES (
- 'Ubuntu 12.04 x86_64'
-);
-
-INSERT INTO products (
-  name
-) VALUES (
- 'Ubuntu 12.10'
-);
-
-INSERT INTO products (
-  name
-) VALUES (
- 'Ubuntu 12.10 i686'
-);
-
-INSERT INTO products (
-  name
-) VALUES (
- 'Ubuntu 12.10 x86_64'
-);
-
-INSERT INTO versions (
-  package, product, release, time
-) values (
-  1, 1, '1.0.1e-2', 1366531494
-);
-
-/* Packages */
-
-INSERT INTO packages (
-  name
-) VALUES (
- 'libssl-dev'
-);
-
-INSERT INTO packages (
-  name
-) VALUES (
- 'libssl1.0.0'
-);
-
-INSERT INTO packages (
-  name
-) VALUES (
- 'libssl1.0.0-dbg'
-);
-
-INSERT INTO packages (
-  name
-) VALUES (
- 'openssl'
-);
-
-/* Versions */
-
-INSERT INTO versions (
-  package, product, release, time
-) values (
-  2, 1, '1.0.1e-2', 1366531494
-);
-
-INSERT INTO versions (
-  package, product, release, time
-) values (
-  3, 1, '1.0.1e-2', 1366531494
-);
-
-INSERT INTO versions (
-  package, product, release, time
-) values (
-  4, 1, '1.0.1e-2', 1366531494
-);
diff --git a/testing/hosts/default/etc/pts/tables.sql b/testing/hosts/default/etc/pts/tables.sql
index 0c038d365..4cc959e09 100644
--- a/testing/hosts/default/etc/pts/tables.sql
+++ b/testing/hosts/default/etc/pts/tables.sql
@@ -1,16 +1,26 @@
-/* PTS SQLite database */
+/* IMV PTS SQLite database */
 
-DROP TABLE IF EXISTS files;
-CREATE TABLE files (
+DROP TABLE IF EXISTS directories;
+CREATE TABLE directories (
   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
-  type INTEGER NOT NULL,
   path TEXT NOT NULL
 );
-DROP INDEX IF EXISTS files_path;
-CREATE INDEX files_path ON files (
+DROP INDEX IF EXISTS directories_path;
+CREATE INDEX directories_path ON directories (
   path
 );
 
+DROP TABLE IF EXISTS files;
+CREATE TABLE files (
+  id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+  dir INTEGER DEFAULT 0 REFERENCES directories(id),
+  name TEXT NOT NULL
+);
+DROP INDEX IF EXISTS files_name;
+CREATE INDEX files_name ON files (
+  name
+);
+
 DROP TABLE IF EXISTS products;
 CREATE TABLE products (
   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
@@ -21,24 +31,21 @@ CREATE INDEX products_name ON products (
   name
 );
 
-DROP TABLE IF EXISTS product_file;
-CREATE TABLE product_file (
-  product INTEGER NOT NULL,
-  file INTEGER NOT NULL,
-  measurement INTEGER DEFAULT 0,
-  metadata INTEGER DEFAULT 0,
-  PRIMARY KEY (product, file)
+DROP TABLE IF EXISTS algorithms;
+CREATE TABLE algorithms (
+  id INTEGER PRIMARY KEY,
+  name VARCHAR(20) not NULL
 );
 
 DROP TABLE IF EXISTS file_hashes;
 CREATE TABLE file_hashes (
-  file INTEGER NOT NULL,
-  directory INTEGER DEFAULT 0,
-  product INTEGER NOT NULL,
-  key INTEGER DEFAULT 0,
-  algo INTEGER NOT NULL,
-  hash BLOB NOT NULL,
-  PRIMARY KEY(file, directory, product, algo)
+  id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+  file INTEGER NOT NULL REFERENCES files(id),
+  product INTEGER NOT NULL REFERENCES products(id),
+  device INTEGER DEFAULT 0,
+  key INTEGER DEFAULT 0 REFERENCES keys(id),
+  algo INTEGER NOT NULL REFERENCES algorithms(id),
+  hash BLOB NOT NULL
 );
 
 DROP TABLE IF EXISTS keys;
@@ -56,6 +63,94 @@ CREATE INDEX keys_owner ON keys (
   owner
 );
 
+DROP TABLE IF EXISTS groups;
+CREATE TABLE groups (
+  id INTEGER NOT NULL PRIMARY KEY,
+  name VARCHAR(50) NOT NULL UNIQUE,
+  parent INTEGER
+);
+
+DROP TABLE IF EXISTS groups_members;
+CREATE TABLE groups_members (
+  id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+  group_id INTEGER NOT NULL REFERENCES groups(id),
+  device_id INTEGER NOT NULL REFERENCES devices(id),
+  UNIQUE (group_id, device_id)
+);
+
+DROP TABLE IF EXISTS groups_product_defaults;
+CREATE TABLE groups_product_defaults (
+  id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+  group_id INTEGER NOT NULL REFERENCES groups(id),
+  product_id INTEGER NOT NULL REFERENCES products(id),
+  UNIQUE (group_id, product_id)
+);
+
+DROP TABLE IF EXISTS policies;
+CREATE TABLE policies (
+  id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+  type INTEGER NOT NULL,
+  name VARCHAR(100) NOT NULL UNIQUE,
+  argument TEXT DEFAULT '' NOT NULL,
+  rec_fail INTEGER NOT NULL,
+  rec_noresult INTEGER NOT NULL,
+  file INTEGER DEFAULT 0 REFERENCES files(id),
+  dir INTEGER DEFAULT 0 REFERENCES directories(id)
+);
+
+DROP TABLE IF EXISTS enforcements;
+CREATE TABLE enforcements (
+  id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+  policy INTEGER NOT NULL REFERENCES policies(id),
+  group_id INTEGER NOT NULL REFERENCES groups(id),
+  rec_fail INTEGER,
+  rec_noresult INTEGER,
+  max_age INTEGER NOT NULL,
+  UNIQUE (policy, group_id)
+);
+
+DROP TABLE IF EXISTS sessions;
+CREATE TABLE sessions (
+  id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+  time INTEGER NOT NULL,
+  connection INTEGER NOT NULL,
+  identity INTEGER DEFAULT 0 REFERENCES identities(id),
+  device INTEGER DEFAULT 0 REFERENCES devices(id),
+  product INTEGER DEFAULT 0 REFERENCES products(id),
+  rec INTEGER DEFAULT 3
+);
+
+DROP TABLE IF EXISTS workitems;
+CREATE TABLE workitems (
+  id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+  session INTEGER NOT NULL REFERENCES sessions(id),
+  enforcement INTEGER NOT NULL REFERENCES enforcements(id),
+  type INTEGER NOT NULL,
+  arg_str TEXT,
+  arg_int INTEGER DEFAULT 0,
+  rec_fail INTEGER NOT NULL,
+  rec_noresult INTEGER NOT NULL,
+  rec_final INTEGER,
+  result TEXT
+);
+DROP INDEX IF EXISTS workitems_session;
+CREATE INDEX workitems_sessions ON workitems (
+  session
+);
+
+DROP TABLE IF EXISTS results;
+CREATE TABLE results (
+  id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+  session INTEGER NOT NULL REFERENCES measurements(id),
+  policy INTEGER NOT NULL REFERENCES policies(id),
+  rec INTEGER NOT NULL,
+  result TEXT NOT NULL
+);
+DROP INDEX IF EXISTS results_session;
+CREATE INDEX results_session ON results (
+  session
+);
+
 DROP TABLE IF EXISTS components;
 CREATE TABLE components (
   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
@@ -89,7 +184,8 @@ CREATE TABLE component_hashes (
 DROP TABLE IF EXISTS packages;
 CREATE TABLE packages (
   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
-  name TEXT NOT NULL
+  name TEXT NOT NULL,
+  blacklist INTEGER DEFAULT 0
 );
 DROP INDEX IF EXISTS packages_name;
 CREATE INDEX packages_name ON packages (
@@ -99,10 +195,11 @@ CREATE INDEX packages_name ON packages (
 DROP TABLE IF EXISTS versions;
 CREATE TABLE versions (
   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
-  package INTEGER NOT NULL,
-  product INTEGER NOT NULL,
+  package INTEGER NOT NULL REFERENCES packages(id),
+  product INTEGER NOT NULL REFERENCES products(id),
   release TEXT NOT NULL,
   security INTEGER DEFAULT 0,
+  blacklist INTEGER DEFAULT 0,
   time INTEGER DEFAULT 0
 );
 DROP INDEX IF EXISTS versions_release;
@@ -117,30 +214,21 @@ CREATE INDEX versions_package_product ON versions (
 DROP TABLE IF EXISTS devices;
 CREATE TABLE devices (
   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
-  value BLOB NOT NULL
+  description TEXT DEFAULT '',
+  value TEXT NOT NULL,
+  product INTEGER REFERENCES products(id),
+  created INTEGER
 );
 DROP INDEX IF EXISTS devices_id;
 CREATE INDEX devices_value ON devices (
   value
 );
 
-DROP TABLE IF EXISTS device_infos;
-CREATE TABLE device_infos (
-  id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
-  device INTEGER NOT NULL,
-  time INTEGER NOT NULL,
-  ar_id INTEGER DEFAULT 0,
-  product INTEGER DEFAULT 0,
-  count INTEGER DEFAULT 0,
-  count_update INTEGER DEFAULT 0,
-  count_blacklist INTEGER DEFAULT 0,
-  flags INTEGER DEFAULT 0
-);
-
 DROP TABLE IF EXISTS identities;
 CREATE TABLE identities (
   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
   type INTEGER NOT NULL,
-  data BLOB NOT NULL,
-  UNIQUE (type, data)
+  value BLOB NOT NULL,
+  UNIQUE (type, value)
 );
+
diff --git a/testing/hosts/default/root/.bashrc b/testing/hosts/default/root/.bashrc
new file mode 100644
index 000000000..078dbd601
--- /dev/null
+++ b/testing/hosts/default/root/.bashrc
@@ -0,0 +1,11 @@
+# don't store duplicate entries in the history
+export HISTCONTROL=erasedups
+# use a simple prompt of host:pwd# (user is always root)
+PS1='\h:\w\$ '
+# set the terminal title to host:pwd
+case $TERM in
+xterm*)
+	PROMPT_COMMAND='echo -ne "\033]0;${HOSTNAME}:${PWD}\007"'
+	;;
+esac
+
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt
index 358e0fd3a..1f01a4c26 100644
--- a/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/index.txt
@@ -1,6 +1,13 @@
-V	130621144307Z		01	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 521 bit/CN=moon.strongswan.org
-R	130621161252Z	080622162459Z	02	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=carol@strongswan.org
-V	130621161359Z		03	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 384 bit/CN=dave@strongswan.org
-V	130621162918Z		04	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=carol@strongswan.org
+R	130621144307Z	130627211828Z,superseded	01	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 521 bit/CN=moon.strongswan.org
+R	130621161252Z	080622162459Z,keyCompromise	02	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=carol@strongswan.org
+R	130621161359Z	130627211849Z,superseded	03	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 384 bit/CN=dave@strongswan.org
+R	130621162918Z	130627211852Z,superseded	04	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=carol@strongswan.org
 V	140611160633Z		05	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=moon.strongswan.org
 V	140611160706Z		06	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 384 bit/CN=moon.strongswan.org
+V	180602071743Z		07	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=moon.strongswan.org
+V	180602072050Z		08	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 384 bit/CN=moon.strongswan.org
+V	180602072738Z		09	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=carol@strongswan.org
+V	180602073154Z		0A	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 384 bit/CN=carol@strongswan.org
+V	180602073328Z		0B	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 256 bit/CN=dave@strongswan.org
+V	180602073519Z		0C	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 384 bit/CN=dave@strongswan.org
+V	180602100216Z		0D	unknown	/C=CH/O=Linux strongSwan/OU=ECDSA 521 bit/CN=moon.strongswan.org
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/08.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/08.pem
new file mode 100644
index 000000000..7bf96cdc8
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/08.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICdzCCAdqgAwIBAgIBCDAKBggqhkjOPQQDBDBIMQswCQYDVQQGEwJDSDEZMBcG
+A1UEChMQTGludXggc3Ryb25nU3dhbjEeMBwGA1UEAxMVc3Ryb25nU3dhbiBFQyBS
+b290IENBMB4XDTEzMDYyODA3MjA1MFoXDTE4MDYwMjA3MjA1MFowXjELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xFjAUBgNVBAsTDUVDRFNB
+IDM4NCBiaXQxHDAaBgNVBAMTE21vb24uc3Ryb25nc3dhbi5vcmcwdjAQBgcqhkjO
+PQIBBgUrgQQAIgNiAAQh4YOVBbRxtdaM7uJvDrZqt6a1jJo+rijEV5Nw1OqU5jlk
+srCtZwcZXrR67MlqzFNyvkHtbcWRuBjL55xjQE+YavKnltuKu42COUhWXh760M/c
+2SNzsjvsJgGXAsiPwiajgYEwfzAfBgNVHSMEGDAWgBS6XflxthO1atHduja3qtLB
+7o/Y0jAeBgNVHREEFzAVghNtb29uLnN0cm9uZ3N3YW4ub3JnMDwGA1UdHwQ1MDMw
+MaAvoC2GK2h0dHA6Ly9jcmwuc3Ryb25nc3dhbi5vcmcvc3Ryb25nc3dhbl9lYy5j
+cmwwCgYIKoZIzj0EAwQDgYoAMIGGAkE35mfDj/fFUXGsetoU9l9Kt3jbIKYugJgE
+2gmv/MW8jwrqoP7y6ATHXJkonA6AvEK+o0ZMrae55lIKPkBh5xk3XQJBfp5Eqg6Y
+efRIXUeLksM56fRjVwJS6es7qb8l1q6+c1wC1A3lEHQvAs+kJxFfFyni2oxA923F
+h2eoaYy9vSqET5Q=
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/09.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/09.pem
new file mode 100644
index 000000000..a85635faf
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/09.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICXzCCAcCgAwIBAgIBCTAKBggqhkjOPQQDBDBIMQswCQYDVQQGEwJDSDEZMBcG
+A1UEChMQTGludXggc3Ryb25nU3dhbjEeMBwGA1UEAxMVc3Ryb25nU3dhbiBFQyBS
+b290IENBMB4XDTEzMDYyODA3MjczOFoXDTE4MDYwMjA3MjczOFowXzELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xFjAUBgNVBAsTDUVDRFNB
+IDI1NiBiaXQxHTAbBgNVBAMUFGNhcm9sQHN0cm9uZ3N3YW4ub3JnMFkwEwYHKoZI
+zj0CAQYIKoZIzj0DAQcDQgAEwYQaBELkyAVAzNzWJr9LqoK8gdKDv+Ns6D+ZQSAj
+BuX3bs5ZIn7BrRxYd+mbnpZ2in7FjXPWkcLkIK/cgay2n6OBgzCBgDAfBgNVHSME
+GDAWgBS6XflxthO1atHduja3qtLB7o/Y0jAfBgNVHREEGDAWgRRjYXJvbEBzdHJv
+bmdzd2FuLm9yZzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3JsLnN0cm9uZ3N3
+YW4ub3JnL3N0cm9uZ3N3YW5fZWMuY3JsMAoGCCqGSM49BAMEA4GMADCBiAJCAIU5
+nZLSfuiHElf7SFHl/sXCTSQ5FhEjSdhpMUvsgwq0vnEJRRdsdEOmmtVT5yQFHDUR
+Z9YVl4/zP5EFyUepvCH5AkIB2WFJ5WZ3Ds76Tq9AxAPaFbsQapGgOmrRZ6lGkj49
+hzLfARkvr+fTbOrttOC4yTIfnYVygA2G1cQYzceY/JiSk00=
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0A.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0A.pem
new file mode 100644
index 000000000..f43957143
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0A.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICfDCCAd2gAwIBAgIBCjAKBggqhkjOPQQDBDBIMQswCQYDVQQGEwJDSDEZMBcG
+A1UEChMQTGludXggc3Ryb25nU3dhbjEeMBwGA1UEAxMVc3Ryb25nU3dhbiBFQyBS
+b290IENBMB4XDTEzMDYyODA3MzE1NFoXDTE4MDYwMjA3MzE1NFowXzELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xFjAUBgNVBAsTDUVDRFNB
+IDM4NCBiaXQxHTAbBgNVBAMUFGNhcm9sQHN0cm9uZ3N3YW4ub3JnMHYwEAYHKoZI
+zj0CAQYFK4EEACIDYgAERiDlh/bOFDq6bSRdDq2ivOcNcxWSGlO5dy5yBRvAhTWl
+NJcy93jxhDIzF5mxPpmgNXpdmSBRKbm3ydkw8LbWI+5/lje06Yl6nOLBO6Zb7GqH
+XFO+BqJrUxzbdHXwxWqto4GDMIGAMB8GA1UdIwQYMBaAFLpd+XG2E7Vq0d26Nreq
+0sHuj9jSMB8GA1UdEQQYMBaBFGNhcm9sQHN0cm9uZ3N3YW4ub3JnMDwGA1UdHwQ1
+MDMwMaAvoC2GK2h0dHA6Ly9jcmwuc3Ryb25nc3dhbi5vcmcvc3Ryb25nc3dhbl9l
+Yy5jcmwwCgYIKoZIzj0EAwQDgYwAMIGIAkIA8mbKzo+mp8umjvpoQUo5pIvR1CQQ
+lvBGCUWv7mtq1CVBXzv7Z+HQqPsrL388RymEErA7BzDMkPKTa5E3ZV5LL38CQgDx
++v/cIcJdYngOOF0IgVSDzcGgSvOmMlPF/D97eC4Od7XwdYl5p9Sxi4SjmDZZi4r/
+EArN3teDfoc7CZcRxWcDhQ==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0B.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0B.pem
new file mode 100644
index 000000000..c83be145d
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0B.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICXDCCAb2gAwIBAgIBCzAKBggqhkjOPQQDBDBIMQswCQYDVQQGEwJDSDEZMBcG
+A1UEChMQTGludXggc3Ryb25nU3dhbjEeMBwGA1UEAxMVc3Ryb25nU3dhbiBFQyBS
+b290IENBMB4XDTEzMDYyODA3MzMyOFoXDTE4MDYwMjA3MzMyOFowXjELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xFjAUBgNVBAsTDUVDRFNB
+IDI1NiBiaXQxHDAaBgNVBAMUE2RhdmVAc3Ryb25nc3dhbi5vcmcwWTATBgcqhkjO
+PQIBBggqhkjOPQMBBwNCAAQ0aUuue3BcBvF6aEISID4c+mVBJyvSm2fPVRRkAQqh
+RktTHMYDWY6B8e/iGr4GDeF5bjr46vMB5eEtVx3chWbQo4GBMH8wHwYDVR0jBBgw
+FoAUul35cbYTtWrR3bo2t6rSwe6P2NIwHgYDVR0RBBcwFYETZGF2ZUBzdHJvbmdz
+d2FuLm9yZzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3JsLnN0cm9uZ3N3YW4u
+b3JnL3N0cm9uZ3N3YW5fZWMuY3JsMAoGCCqGSM49BAMEA4GMADCBiAJCAd5ols9c
+CP6HPtfMXbPlSpUDKSRyB3c5Ix2Yn3z5ogMM1QSoS88FW8D7KKsb0qTY5TnlAls3
+45PmauVwEbI2cV6qAkIBphvsmhYWMnt/QMOij7DinihEL9Ib1vxOS2boUos6sHWi
+gj3wfHyfgHM3Pgt0YYoZxELDIxcLVJeoa1TmNey7IaI=
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0C.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0C.pem
new file mode 100644
index 000000000..e97709a3f
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0C.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICeTCCAdqgAwIBAgIBDDAKBggqhkjOPQQDBDBIMQswCQYDVQQGEwJDSDEZMBcG
+A1UEChMQTGludXggc3Ryb25nU3dhbjEeMBwGA1UEAxMVc3Ryb25nU3dhbiBFQyBS
+b290IENBMB4XDTEzMDYyODA3MzUxOVoXDTE4MDYwMjA3MzUxOVowXjELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xFjAUBgNVBAsTDUVDRFNB
+IDM4NCBiaXQxHDAaBgNVBAMUE2RhdmVAc3Ryb25nc3dhbi5vcmcwdjAQBgcqhkjO
+PQIBBgUrgQQAIgNiAATVOQOBWOH7PhHx/mc+y5+uDpW/maSCkGwpnPP1dWQl4Dpr
+DokGZC8P+pm1j0sBvzbSCuHZCAkaSptYavgv4VVJ/X5u89tnj6QqQt/AtuPjCL7r
+3k3F0Nsj/TGSjRmcMr6jgYEwfzAfBgNVHSMEGDAWgBS6XflxthO1atHduja3qtLB
+7o/Y0jAeBgNVHREEFzAVgRNkYXZlQHN0cm9uZ3N3YW4ub3JnMDwGA1UdHwQ1MDMw
+MaAvoC2GK2h0dHA6Ly9jcmwuc3Ryb25nc3dhbi5vcmcvc3Ryb25nc3dhbl9lYy5j
+cmwwCgYIKoZIzj0EAwQDgYwAMIGIAkIB/x2+UiGE5T7229M2Ic2BMYLWSBQlZJeT
+d3uniJb3NAkeQAhDgj0TOxVdMz1SkgScLRS2RKYpsxiVsV+tVuijTMQCQgHn1WtY
+iiSY7OWcX9hQEqWDV0TxoNcgInEhsmtMbseCpR0dYXYsm54oC0pqVBeKp0GC7KJr
+ZEmeb0/mRB56osgppA==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0D.pem b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0D.pem
new file mode 100644
index 000000000..25f0538a7
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0D.pem
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICnTCCAf+gAwIBAgIBDTAKBggqhkjOPQQDBDBIMQswCQYDVQQGEwJDSDEZMBcG
+A1UEChMQTGludXggc3Ryb25nU3dhbjEeMBwGA1UEAxMVc3Ryb25nU3dhbiBFQyBS
+b290IENBMB4XDTEzMDYyODEwMDIxNloXDTE4MDYwMjEwMDIxNlowXTELMAkGA1UE
+BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xFTATBgNVBAsTDEVDU0Eg
+NTIxIGJpdDEcMBoGA1UEAxMTbW9vbi5zdHJvbmdzd2FuLm9yZzCBmzAQBgcqhkjO
+PQIBBgUrgQQAIwOBhgAEAGWctqQ4b4fNSACnlcg5A3nxHU5X5qir+Ep8QziYNokU
+ri9N6ZPX3ipNlVAi6AYS7MXWZCBiT2g0yGFfwSxPha/rATR3m7acgyGQt0BE2UJ0
+Z7ZfjkjUPaKKEhmw0fy2t5gUhPaXMBXnu5hGjUz4gaaApsaJtr5eEwdQ0II9DG71
+tSA2o4GBMH8wHwYDVR0jBBgwFoAUul35cbYTtWrR3bo2t6rSwe6P2NIwHgYDVR0R
+BBcwFYITbW9vbi5zdHJvbmdzd2FuLm9yZzA8BgNVHR8ENTAzMDGgL6AthitodHRw
+Oi8vY3JsLnN0cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW5fZWMuY3JsMAoGCCqGSM49
+BAMEA4GLADCBhwJBAjPn1KkfPOlfn51b6AtISSpccCsKJ6LhJiSLuQp0SzMrg3mv
+vSIkNpVrUigW0VVMwcanW3UuYKSxMBl3Z30+RpYCQgGh8v1XO4SO3DmVLD9+JLil
+9Dp0TNkzNLdOqeuIX6ili5yhnLU8chwSlpJ9d81FdAjHP9EDPO+7fTswC2vYL+Rm
+2A==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/ecdsa/serial b/testing/hosts/winnetou/etc/openssl/ecdsa/serial
index 2c7456e3e..ff470b05e 100644
--- a/testing/hosts/winnetou/etc/openssl/ecdsa/serial
+++ b/testing/hosts/winnetou/etc/openssl/ecdsa/serial
@@ -1 +1 @@
-07
+0E