Publish Easy Internet vPn Extender (EINE) sub-project, sponsorized by…

… Orange Business Services

.gitignore

@@ -4,3 +4,5 @@ BSDRPcur/FreeBSD
 TESTING/FreeBSD
 TESTING/Files
 BSDMC/FreeBSD
+EINE/FreeBSD
+EINE/local.data

EINE/DEMO.data/data.conf

@@ -0,0 +1,7 @@
+DOMAIN_NAME="eine.orange.com"
+GATEWAYS="emea1 amer1 asia1"
+OVPN_UNREG_PORT="1194"
+#OVPN_REG_PORT will be OVPN_UNREG_PORT+1
+ADMIN_USERNAME="eine"
+CONSOLE_PASSWORD="eine"
+SSH_PORT="69"

EINE/DEMO.data/easy-rsa.vars

@@ -0,0 +1,75 @@
+# easy-rsa parameter settings
+
+# NOTE: If you installed from an RPM,
+# don't edit this file in place in
+# /usr/share/openvpn/easy-rsa --
+# instead, you should copy the whole
+# easy-rsa directory to another location
+# (such as /etc/openvpn) so that your
+# edits will not be wiped out by a future
+# OpenVPN package upgrade.
+
+# This variable should point to
+# the top level of the easy-rsa
+# tree.
+export EASY_RSA="`pwd`"
+
+#
+# This variable should point to
+# the requested executables
+#
+export OPENSSL="openssl"
+export PKCS11TOOL="pkcs11-tool"
+export GREP="grep"
+
+
+# This variable should point to
+# the openssl.cnf file included
+# with easy-rsa.
+export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
+
+# Edit this variable to point to
+# your soon-to-be-created key
+# directory.
+#
+# WARNING: clean-all will do
+# a rm -rf on this directory
+# so make sure you define
+# it correctly!
+export KEY_DIR="/usr/local/etc/keys"
+
+# Issue rm -rf warning
+echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
+
+# PKCS11 fixes
+export PKCS11_MODULE_PATH="dummy"
+export PKCS11_PIN="dummy"
+
+# Increase this to 2048 if you
+# are paranoid.  This will slow
+# down TLS negotiation performance
+# as well as the one-time DH parms
+# generation process.
+export KEY_SIZE=1024
+
+# In how many days should the root CA key expire?
+export CA_EXPIRE=3650
+
+# In how many days should certificates expire?
+export KEY_EXPIRE=3650
+
+# These are the default values for fields
+# which will be placed in the certificate.
+# Don't leave any of these fields blank.
+export KEY_COUNTRY="FR"
+export KEY_PROVINCE="Bretagne"
+export KEY_CITY="Rennes"
+export KEY_ORG="Orange Business Services"
+export KEY_EMAIL="[email protected]"
+export [email protected]
+export KEY_CN=changeme
+export KEY_NAME=changeme
+export KEY_OU=IBNF
+export PKCS11_MODULE_PATH=changeme
+export PKCS11_PIN=1234
+export RANDFILE=$KEY_DIR/.rnd

EINE/DEMO.data/how-to.generate.keys.txt

@@ -0,0 +1,39 @@
+==== SSH keys ========
+
+ssh-keygen -t ed25519 -b 256 -o -f id_ed25519
+
+pass: verylongpassword
+
+-o: new openSSH format (increased resistance to brute-force password cracking)
+-t: ed25519 (recommanded curve)
+-b: 256bits algo
+
+=== OpenVPN certificate ===
+
+sudo cp /usr/local/share/easy-rsa/vars /usr/local/etc/easy-rsa.vars
+sudo chown toutatis /usr/local/etc/easy-rsa.vars
+sudo sed -i "" -e '/KEY_SIZE=/s/1024/2048/' /usr/local/etc/easy-rsa.vars
+sudo sed -i "" -e '/KEY_DIR=/s/$EASY_RSA/\/usr\/local\/etc/' /usr/local/etc/easy-rsa.vars
+sudo sed -i "" -e '/KEY_COUNTRY=/s/US/FR/' /usr/local/etc/easy-rsa.vars
+sudo sed -i "" -e '/KEY_PROVINCE=/s/CA/Bretagne/' /usr/local/etc/easy-rsa.vars
+sudo sed -i "" -e '/KEY_CITY=/s/SanFrancisco/Rennes/' /usr/local/etc/easy-rsa.vars
+sudo sed -i "" -e '/KEY_ORG=/s/Fort-Funston/Orange Business Services/' /usr/local/etc/easy-rsa.vars
+sudo sed -i "" -e '/KEY_OU=/s/changeme/EINE DEMO unsecure certificate/' /usr/local/etc/easy-rsa.vars
+sudo sed -i "" -e '/KEY_EMAIL=/s/[email protected]/[email protected]/' /usr/local/etc/easy-rsa.vars
+echo 'export RANDFILE=$KEY_DIR/.rnd' >> /usr/local/etc/easy-rsa.vars
+sed 's/export/setenv/;s/=/ /' /usr/local/etc/easy-rsa.vars | sudo tee /usr/local/etc/easy-rsa.vars.tcsh
+
+cd /usr/local/share/easy-rsa
+source /usr/local/etc/easy-rsa.vars.tcsh
+sudo chmod g+w /usr/local/etc
+./clean-all
+./build-dh
+env KEY_CN=CA KEY_NAME=CA ./pkitool --initca CA
+env KEY_CN=unregistered KEY_NAME=unregistered ./pkitool unregistered
+openvpn --genkey --secret ${KEY_DIR}/ta.key
+openssl ca -gencrl -out ${KEY_DIR}/crl.pem -config "$KEY_CONFIG"
+
+=== Backuping 
+
+tar cvfz /tmp/PROD.certs.tgz -C /usr/local/etc easy-rsa.vars keys
+

EINE/DEMO.data/id_ed25519

@@ -0,0 +1,8 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABBmYLBYSh
+FR3fU5JPaUWGw3AAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIGvB2c8PBhkF/66n
+nCCZM8KId6fzNwi1xdA0gRyfpZfIAAAAoL59NyPxma3Q04ffuNqXI8cxhCCRI34JJ03hQ3
+1ZauSu+fa1m3nPVpnwqUYlIsQxeaOdBiP7dFno2IBH5k/jRv9p92s/sxtgdkOms0kxr+Ye
+kEmZv4sA6sCcdnlMmiTgWDiROEnZkGGjHiGvlPMGdfBCzADDsvUU8KjGB8Om/iXYczfZI3
+iPRll2oo7muABL/2WpYRFqlLe1Zg0rv7Zofp8=
+-----END OPENSSH PRIVATE KEY-----

EINE/DEMO.data/id_ed25519.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGvB2c8PBhkF/66nnCCZM8KId6fzNwi1xdA0gRyfpZfI [email protected]

EINE/DEMO.data/keys/01.pem

@@ -0,0 +1,74 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=FR, ST=Bretagne, L=Rennes, O=Orange Business Services, OU=IBNF, CN=CA/name=CA/[email protected]
+        Validity
+            Not Before: Sep 19 10:51:28 2014 GMT
+            Not After : Sep 16 10:51:28 2024 GMT
+        Subject: C=FR, ST=Bretagne, L=Rennes, O=Orange Business Services, OU=IBNF, CN=unregistered/name=unregistered/[email protected]
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (1024 bit)
+                Modulus:
+                    00:c5:ef:bb:bc:cb:2c:8f:df:09:56:bd:31:d4:fa:
+                    94:ba:16:9f:af:21:5d:67:14:9d:2e:87:b1:46:70:
+                    64:27:16:c3:f1:e8:ac:f6:e5:36:2c:8f:c8:72:1a:
+                    6f:53:29:00:43:50:0d:bc:04:a6:e6:64:99:63:51:
+                    52:bd:a2:cf:56:ec:90:52:7a:0c:96:0e:5b:bc:c9:
+                    60:37:4c:3f:19:88:46:bc:78:fc:3f:53:a2:de:c2:
+                    be:3d:a3:6f:f4:a2:4c:2e:ca:91:3a:99:57:20:f9:
+                    3f:e2:7d:20:ed:fe:c9:00:62:db:fa:3d:0d:14:ee:
+                    c7:0d:fe:2d:1d:25:08:b9:25
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Comment: 
+                Easy-RSA Generated Certificate
+            X509v3 Subject Key Identifier: 
+                B7:EA:88:0C:66:BE:B9:0A:15:29:1F:42:C4:76:D4:46:18:58:EF:5C
+            X509v3 Authority Key Identifier: 
+                keyid:70:48:06:C0:2B:31:06:33:EC:72:24:0B:1E:7A:E0:B4:3F:3F:5D:31
+                DirName:/C=FR/ST=Bretagne/L=Rennes/O=Orange Business Services/OU=IBNF/CN=CA/name=CA/[email protected]
+                serial:A7:3A:3D:4C:29:93:49:69
+
+            X509v3 Extended Key Usage: 
+                TLS Web Client Authentication
+            X509v3 Key Usage: 
+                Digital Signature
+    Signature Algorithm: sha1WithRSAEncryption
+         8d:3f:85:1e:49:06:82:eb:ed:40:4b:2d:c2:a2:f3:ce:8e:47:
+         08:ae:b9:72:a4:ae:87:aa:53:f0:d7:81:13:5d:68:96:ca:a8:
+         f3:c2:f3:f3:02:25:34:56:22:cc:6d:d4:7d:36:6b:f4:2a:1f:
+         7a:5b:b8:82:04:c6:e2:ee:d0:31:9d:50:2a:1b:af:b0:a4:81:
+         52:47:e0:41:69:af:9e:97:9f:6e:08:00:e0:4f:8b:92:93:c6:
+         db:17:94:91:51:17:c1:7c:d3:dc:56:90:48:3f:cc:5b:db:02:
+         12:24:02:41:97:d0:86:71:7b:4a:86:2f:79:10:7d:aa:28:26:
+         43:46
+-----BEGIN CERTIFICATE-----
+MIIEPTCCA6agAwIBAgIBATANBgkqhkiG9w0BAQUFADCBqDELMAkGA1UEBhMCRlIx
+ETAPBgNVBAgTCEJyZXRhZ25lMQ8wDQYDVQQHEwZSZW5uZXMxITAfBgNVBAoTGE9y
+YW5nZSBCdXNpbmVzcyBTZXJ2aWNlczENMAsGA1UECxMESUJORjELMAkGA1UEAxMC
+Q0ExCzAJBgNVBCkTAkNBMSkwJwYJKoZIhvcNAQkBFhpvbGl2aWVyLmNvY2hhcmRA
+b3JhbmdlLmNvbTAeFw0xNDA5MTkxMDUxMjhaFw0yNDA5MTYxMDUxMjhaMIG8MQsw
+CQYDVQQGEwJGUjERMA8GA1UECBMIQnJldGFnbmUxDzANBgNVBAcTBlJlbm5lczEh
+MB8GA1UEChMYT3JhbmdlIEJ1c2luZXNzIFNlcnZpY2VzMQ0wCwYDVQQLEwRJQk5G
+MRUwEwYDVQQDEwx1bnJlZ2lzdGVyZWQxFTATBgNVBCkTDHVucmVnaXN0ZXJlZDEp
+MCcGCSqGSIb3DQEJARYab2xpdmllci5jb2NoYXJkQG9yYW5nZS5jb20wgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAMXvu7zLLI/fCVa9MdT6lLoWn68hXWcUnS6H
+sUZwZCcWw/HorPblNiyPyHIab1MpAENQDbwEpuZkmWNRUr2iz1bskFJ6DJYOW7zJ
+YDdMPxmIRrx4/D9Tot7Cvj2jb/SiTC7KkTqZVyD5P+J9IO3+yQBi2/o9DRTuxw3+
+LR0lCLklAgMBAAGjggFfMIIBWzAJBgNVHRMEAjAAMC0GCWCGSAGG+EIBDQQgFh5F
+YXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFLfqiAxmvrkK
+FSkfQsR21EYYWO9cMIHdBgNVHSMEgdUwgdKAFHBIBsArMQYz7HIkCx564LQ/P10x
+oYGupIGrMIGoMQswCQYDVQQGEwJGUjERMA8GA1UECBMIQnJldGFnbmUxDzANBgNV
+BAcTBlJlbm5lczEhMB8GA1UEChMYT3JhbmdlIEJ1c2luZXNzIFNlcnZpY2VzMQ0w
+CwYDVQQLEwRJQk5GMQswCQYDVQQDEwJDQTELMAkGA1UEKRMCQ0ExKTAnBgkqhkiG
+9w0BCQEWGm9saXZpZXIuY29jaGFyZEBvcmFuZ2UuY29tggkApzo9TCmTSWkwEwYD
+VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMA0GCSqGSIb3DQEBBQUAA4GB
+AI0/hR5JBoLr7UBLLcKi886ORwiuuXKkroeqU/DXgRNdaJbKqPPC8/MCJTRWIsxt
+1H02a/QqH3pbuIIExuLu0DGdUCobr7CkgVJH4EFpr56Xn24IAOBPi5KTxtsXlJFR
+F8F809xWkEg/zFvbAhIkAkGX0IZxe0qGL3kQfaooJkNG
+-----END CERTIFICATE-----

EINE/DEMO.data/keys/ca.crt

@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID4zCCA0ygAwIBAgIJAKc6PUwpk0lpMA0GCSqGSIb3DQEBBQUAMIGoMQswCQYD
+VQQGEwJGUjERMA8GA1UECBMIQnJldGFnbmUxDzANBgNVBAcTBlJlbm5lczEhMB8G
+A1UEChMYT3JhbmdlIEJ1c2luZXNzIFNlcnZpY2VzMQ0wCwYDVQQLEwRJQk5GMQsw
+CQYDVQQDEwJDQTELMAkGA1UEKRMCQ0ExKTAnBgkqhkiG9w0BCQEWGm9saXZpZXIu
+Y29jaGFyZEBvcmFuZ2UuY29tMB4XDTE0MDkxOTEwNTEwNloXDTI0MDkxNjEwNTEw
+NlowgagxCzAJBgNVBAYTAkZSMREwDwYDVQQIEwhCcmV0YWduZTEPMA0GA1UEBxMG
+UmVubmVzMSEwHwYDVQQKExhPcmFuZ2UgQnVzaW5lc3MgU2VydmljZXMxDTALBgNV
+BAsTBElCTkYxCzAJBgNVBAMTAkNBMQswCQYDVQQpEwJDQTEpMCcGCSqGSIb3DQEJ
+ARYab2xpdmllci5jb2NoYXJkQG9yYW5nZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
+gY0AMIGJAoGBAMKH7AuUtRR76chpd8UUMrviCPKuypKgBIYMnvOEe8ex6eIRCTnE
+rF/7/qCl7wxFmYPfoIG8UQ4k4oDsK/VtIHEbIvgsrP0T7PUEgbCC2GocVh9DcePI
+9R30y/njQpBqgWlDf0T/5RSt6QsnWmTq8ZizwDPZi7V9aFNuYex7uWPDAgMBAAGj
+ggERMIIBDTAdBgNVHQ4EFgQUcEgGwCsxBjPsciQLHnrgtD8/XTEwgd0GA1UdIwSB
+1TCB0oAUcEgGwCsxBjPsciQLHnrgtD8/XTGhga6kgaswgagxCzAJBgNVBAYTAkZS
+MREwDwYDVQQIEwhCcmV0YWduZTEPMA0GA1UEBxMGUmVubmVzMSEwHwYDVQQKExhP
+cmFuZ2UgQnVzaW5lc3MgU2VydmljZXMxDTALBgNVBAsTBElCTkYxCzAJBgNVBAMT
+AkNBMQswCQYDVQQpEwJDQTEpMCcGCSqGSIb3DQEJARYab2xpdmllci5jb2NoYXJk
+QG9yYW5nZS5jb22CCQCnOj1MKZNJaTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB
+BQUAA4GBAB3uzniwH9l6EGEvb4w1EKvR6la646qxB9gbDh7EYCFFHd4uRN2foHNP
+BdjBHqZJSliBYhciSWLeMjB5UhPDhCE2whpJ3GFRd/qHp+3zwkppe8OTJi6J/6UR
+iWaVWZfiMVQ8zhIKyzutGoFdwe0Y1a4Q5lMeVOcxa9OstioDtyaG
+-----END CERTIFICATE-----

EINE/DEMO.data/keys/ca.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMKH7AuUtRR76chp
+d8UUMrviCPKuypKgBIYMnvOEe8ex6eIRCTnErF/7/qCl7wxFmYPfoIG8UQ4k4oDs
+K/VtIHEbIvgsrP0T7PUEgbCC2GocVh9DcePI9R30y/njQpBqgWlDf0T/5RSt6Qsn
+WmTq8ZizwDPZi7V9aFNuYex7uWPDAgMBAAECgYA+o6PnasAQU4JJDWUKqeFYTIWT
+F6OVKT+rpn68bUmqWOi16cRtvJ3A3pT0R9o8umCfbS/y9p+nDUt+Ng5FnhkWof0e
+3bEyysJotmZI07VQag20XUyOWrp/7f6utzsibyJxKK1KPFeC7pdIAdPuWo1qaJo6
+NYCHttEWGfbx0hGN0QJBAPouxtEXpWeVbDhSPSoJ+04SiKC3EgQoDLddnm3+cc4F
+6HvfXXGzqTuonbpOTSlnzgYXoeVcyU0ns4TWUWufnpsCQQDHDeA3RkqJLxV+t4uV
+rYtVVDDO5k0Qhj0cmORYVeVAs3KSrfo92keS4aQQA/mXsG3pnTrebGly4NCwuSj+
+ws35AkEA0JOa8cuS/K7YkIQPtjKoL0jIW6UFAi4Zm+4THYTagHbwggWQtDCi0Lgc
+96w8LF78ppuhP8WBli+ZPRAoxV9ILQJATgvCvelxkBhF9UlCEY3Z87ru6DCkRrZb
+f7ryzS/gk13IrnpIg7fyGEUgbqcgVbl3XwGm807OiZxcNu5ihIEdAQJADn8dpwtn
+hi3ZMKKE0ogvY1i/EBPzrQr5r00xO8wQGS9hroZYaceacuotVHkD3Yx+MzNwGIzO
+lgJtE4ViM7w5/A==
+-----END PRIVATE KEY-----

EINE/DEMO.data/keys/crl.pem

@@ -0,0 +1,10 @@
+-----BEGIN X509 CRL-----
+MIIBbjCB2DANBgkqhkiG9w0BAQQFADCBqDELMAkGA1UEBhMCRlIxETAPBgNVBAgT
+CEJyZXRhZ25lMQ8wDQYDVQQHEwZSZW5uZXMxITAfBgNVBAoTGE9yYW5nZSBCdXNp
+bmVzcyBTZXJ2aWNlczENMAsGA1UECxMESUJORjELMAkGA1UEAxMCQ0ExCzAJBgNV
+BCkTAkNBMSkwJwYJKoZIhvcNAQkBFhpvbGl2aWVyLmNvY2hhcmRAb3JhbmdlLmNv
+bRcNMTQwOTE5MTA1MjExWhcNMTQxMDE5MTA1MjExWjANBgkqhkiG9w0BAQQFAAOB
+gQAfD5pmLOjynZZkplXvqxaHfi83k8hnL9jiFUYIQNCSSzkLxv19QohjxetcD8+1
+Yt8yLPcHuyyo17Ug7Y38kyApNqBCHyzZJhqwMycn21V9aaOMmfRkSCI+QJggtpsE
+dQ5utXzA03KLCylHJi1btgHc0WYPohaPvybjKc0EvqaR7A==
+-----END X509 CRL-----

EINE/DEMO.data/keys/dh1024.pem

@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAPx7nO/6r25ZxDApbMpvuGkvTbdpG8gG4XJTWKZs3qiQwSXtIonLaCoh
+axLVxIB+rTSLXhrXAcyt6zl/6vk9BhUGiK+Mp+AOSYkE+l/OQR7uVIVTp3zOT83a
+qshtcgxobxZkzLK7kaK53RWDfr7OaTI2PGmfxUu8QnlLqFbOYIVjAgEC
+-----END DH PARAMETERS-----

EINE/DEMO.data/keys/index.txt

@@ -0,0 +1 @@
+V	240916105128Z		01	unknown	/C=FR/ST=Bretagne/L=Rennes/O=Orange Business Services/OU=IBNF/CN=unregistered/name=unregistered/[email protected]

EINE/DEMO.data/keys/index.txt.attr

@@ -0,0 +1 @@
+unique_subject = yes

EINE/DEMO.data/keys/serial

@@ -0,0 +1 @@
+02

EINE/DEMO.data/keys/serial.old

@@ -0,0 +1 @@
+01

EINE/DEMO.data/keys/ta.key

@@ -0,0 +1,21 @@
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+bb8656ae8e3de56e58c730d624f2be39
+a2b3cad7cde55841985005dce39c6b0a
+9cb21200fe2aa61d2e54ccad24800b22
+709d0b88ec3d9d153102145f1fc5e561
+dad6bf26cbfa622efc28f88323d6d441
+f1785cd38d25cbe676a7838363b8f2fd
+e2558705f16f64ea76512946d828b7f7
+1d68397ca7fea734016e3577df6cabb9
+cdef7c0319f48d6d32161ab5900e3c91
+111ff7887e59038a1e3a86445247ea16
+26c050669d1596692e160b473769fd53
+ac8a61930bca46920909acc1c779af70
+fdfb02b66179c67a4be95d625a5bc1d5
+93a67ff3ed719d30da62dea34ede2f21
+3a6616da75320e5aa26cafc1b9222f22
+e88dbb46cfbc43bf5ae3668ddeee9a9a
+-----END OpenVPN Static key V1-----

EINE/DEMO.data/keys/unregistered.crt

@@ -0,0 +1,74 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=FR, ST=Bretagne, L=Rennes, O=Orange Business Services, OU=IBNF, CN=CA/name=CA/[email protected]
+        Validity
+            Not Before: Sep 19 10:51:28 2014 GMT
+            Not After : Sep 16 10:51:28 2024 GMT
+        Subject: C=FR, ST=Bretagne, L=Rennes, O=Orange Business Services, OU=IBNF, CN=unregistered/name=unregistered/[email protected]
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (1024 bit)
+                Modulus:
+                    00:c5:ef:bb:bc:cb:2c:8f:df:09:56:bd:31:d4:fa:
+                    94:ba:16:9f:af:21:5d:67:14:9d:2e:87:b1:46:70:
+                    64:27:16:c3:f1:e8:ac:f6:e5:36:2c:8f:c8:72:1a:
+                    6f:53:29:00:43:50:0d:bc:04:a6:e6:64:99:63:51:
+                    52:bd:a2:cf:56:ec:90:52:7a:0c:96:0e:5b:bc:c9:
+                    60:37:4c:3f:19:88:46:bc:78:fc:3f:53:a2:de:c2:
+                    be:3d:a3:6f:f4:a2:4c:2e:ca:91:3a:99:57:20:f9:
+                    3f:e2:7d:20:ed:fe:c9:00:62:db:fa:3d:0d:14:ee:
+                    c7:0d:fe:2d:1d:25:08:b9:25
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Comment: 
+                Easy-RSA Generated Certificate
+            X509v3 Subject Key Identifier: 
+                B7:EA:88:0C:66:BE:B9:0A:15:29:1F:42:C4:76:D4:46:18:58:EF:5C
+            X509v3 Authority Key Identifier: 
+                keyid:70:48:06:C0:2B:31:06:33:EC:72:24:0B:1E:7A:E0:B4:3F:3F:5D:31
+                DirName:/C=FR/ST=Bretagne/L=Rennes/O=Orange Business Services/OU=IBNF/CN=CA/name=CA/[email protected]
+                serial:A7:3A:3D:4C:29:93:49:69
+
+            X509v3 Extended Key Usage: 
+                TLS Web Client Authentication
+            X509v3 Key Usage: 
+                Digital Signature
+    Signature Algorithm: sha1WithRSAEncryption
+         8d:3f:85:1e:49:06:82:eb:ed:40:4b:2d:c2:a2:f3:ce:8e:47:
+         08:ae:b9:72:a4:ae:87:aa:53:f0:d7:81:13:5d:68:96:ca:a8:
+         f3:c2:f3:f3:02:25:34:56:22:cc:6d:d4:7d:36:6b:f4:2a:1f:
+         7a:5b:b8:82:04:c6:e2:ee:d0:31:9d:50:2a:1b:af:b0:a4:81:
+         52:47:e0:41:69:af:9e:97:9f:6e:08:00:e0:4f:8b:92:93:c6:
+         db:17:94:91:51:17:c1:7c:d3:dc:56:90:48:3f:cc:5b:db:02:
+         12:24:02:41:97:d0:86:71:7b:4a:86:2f:79:10:7d:aa:28:26:
+         43:46
+-----BEGIN CERTIFICATE-----
+MIIEPTCCA6agAwIBAgIBATANBgkqhkiG9w0BAQUFADCBqDELMAkGA1UEBhMCRlIx
+ETAPBgNVBAgTCEJyZXRhZ25lMQ8wDQYDVQQHEwZSZW5uZXMxITAfBgNVBAoTGE9y
+YW5nZSBCdXNpbmVzcyBTZXJ2aWNlczENMAsGA1UECxMESUJORjELMAkGA1UEAxMC
+Q0ExCzAJBgNVBCkTAkNBMSkwJwYJKoZIhvcNAQkBFhpvbGl2aWVyLmNvY2hhcmRA
+b3JhbmdlLmNvbTAeFw0xNDA5MTkxMDUxMjhaFw0yNDA5MTYxMDUxMjhaMIG8MQsw
+CQYDVQQGEwJGUjERMA8GA1UECBMIQnJldGFnbmUxDzANBgNVBAcTBlJlbm5lczEh
+MB8GA1UEChMYT3JhbmdlIEJ1c2luZXNzIFNlcnZpY2VzMQ0wCwYDVQQLEwRJQk5G
+MRUwEwYDVQQDEwx1bnJlZ2lzdGVyZWQxFTATBgNVBCkTDHVucmVnaXN0ZXJlZDEp
+MCcGCSqGSIb3DQEJARYab2xpdmllci5jb2NoYXJkQG9yYW5nZS5jb20wgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAMXvu7zLLI/fCVa9MdT6lLoWn68hXWcUnS6H
+sUZwZCcWw/HorPblNiyPyHIab1MpAENQDbwEpuZkmWNRUr2iz1bskFJ6DJYOW7zJ
+YDdMPxmIRrx4/D9Tot7Cvj2jb/SiTC7KkTqZVyD5P+J9IO3+yQBi2/o9DRTuxw3+
+LR0lCLklAgMBAAGjggFfMIIBWzAJBgNVHRMEAjAAMC0GCWCGSAGG+EIBDQQgFh5F
+YXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFLfqiAxmvrkK
+FSkfQsR21EYYWO9cMIHdBgNVHSMEgdUwgdKAFHBIBsArMQYz7HIkCx564LQ/P10x
+oYGupIGrMIGoMQswCQYDVQQGEwJGUjERMA8GA1UECBMIQnJldGFnbmUxDzANBgNV
+BAcTBlJlbm5lczEhMB8GA1UEChMYT3JhbmdlIEJ1c2luZXNzIFNlcnZpY2VzMQ0w
+CwYDVQQLEwRJQk5GMQswCQYDVQQDEwJDQTELMAkGA1UEKRMCQ0ExKTAnBgkqhkiG
+9w0BCQEWGm9saXZpZXIuY29jaGFyZEBvcmFuZ2UuY29tggkApzo9TCmTSWkwEwYD
+VR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMA0GCSqGSIb3DQEBBQUAA4GB
+AI0/hR5JBoLr7UBLLcKi886ORwiuuXKkroeqU/DXgRNdaJbKqPPC8/MCJTRWIsxt
+1H02a/QqH3pbuIIExuLu0DGdUCobr7CkgVJH4EFpr56Xn24IAOBPi5KTxtsXlJFR
+F8F809xWkEg/zFvbAhIkAkGX0IZxe0qGL3kQfaooJkNG
+-----END CERTIFICATE-----

EINE/DEMO.data/keys/unregistered.csr

@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIB/TCCAWYCAQAwgbwxCzAJBgNVBAYTAkZSMREwDwYDVQQIEwhCcmV0YWduZTEP
+MA0GA1UEBxMGUmVubmVzMSEwHwYDVQQKExhPcmFuZ2UgQnVzaW5lc3MgU2Vydmlj
+ZXMxDTALBgNVBAsTBElCTkYxFTATBgNVBAMTDHVucmVnaXN0ZXJlZDEVMBMGA1UE
+KRMMdW5yZWdpc3RlcmVkMSkwJwYJKoZIhvcNAQkBFhpvbGl2aWVyLmNvY2hhcmRA
+b3JhbmdlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxe+7vMssj98J
+Vr0x1PqUuhafryFdZxSdLoexRnBkJxbD8eis9uU2LI/IchpvUykAQ1ANvASm5mSZ
+Y1FSvaLPVuyQUnoMlg5bvMlgN0w/GYhGvHj8P1Oi3sK+PaNv9KJMLsqROplXIPk/
+4n0g7f7JAGLb+j0NFO7HDf4tHSUIuSUCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GB
+AHjmc+FRT/4iTQf8D9WlbP/AtRgyOcS7YjLOlVSHv92Ffe5NuEpr6Jm537LKgEfr
+3aowlxFl5aPFXNVhwqFrKstpai/XMtMoC3Dl6tLOBcuDDwbwzYMnvN7IeOOCRunH
+3IV7jJHWUv3X+FMc2NDVOXnGVXeM5yZOIJ3EgOGFqhSm
+-----END CERTIFICATE REQUEST-----