diff options
| author | Kali Kaneko <kali@leap.se> | 2017-07-14 14:34:29 +0200 |
|---|---|---|
| committer | Kali Kaneko <kali@leap.se> | 2017-07-14 14:36:54 +0200 |
| commit | aceff1bf17afe60378ff5ad7335573da7ba9ddde (patch) | |
| tree | 7ff95c56d46dd342c65095655e0840096dc6d9bc /src/leap/common/EFFchain.pem | |
| parent | 07df10c11fa092af4abfe09dbc7584fc22e614a6 (diff) | |
[refactor] remove heuristic to check for usable platformRoot
the rationale here is that, in debian, certifi will always return a
working platform trust, since the package points to the system
certificates. in osx and windows, certifi will load an usable trustRoot
that is kept up to date.
another detail we didn't like about the heuristic is that the bundled
certificate for testing will eventually expire, so that introduces the
duty of keeping it up-to-date.
Diffstat (limited to 'src/leap/common/EFFchain.pem')
| -rw-r--r-- | src/leap/common/EFFchain.pem | 116 |
1 files changed, 0 insertions, 116 deletions
diff --git a/src/leap/common/EFFchain.pem b/src/leap/common/EFFchain.pem deleted file mode 100644 index 15a79d8..0000000 --- a/src/leap/common/EFFchain.pem +++ /dev/null @@ -1,116 +0,0 @@ -CONNECTED(00000003) ---- -Certificate chain - 0 s:/CN=eff.org - i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 ------BEGIN CERTIFICATE----- -MIIGVTCCBT2gAwIBAgISAx9kTOWisGpqooJ4k5cVH4SGMA0GCSqGSIb3DQEBCwUA -MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD -ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA3MDYxNzMzMDBaFw0x -NzEwMDQxNzMzMDBaMBIxEDAOBgNVBAMTB2VmZi5vcmcwggIiMA0GCSqGSIb3DQEB -AQUAA4ICDwAwggIKAoICAQCzZ72xy22icrzIE+m0NeoMNgB4qTB39bOPx+2Lod3J -ZwYpUHN2QJDdvOC51Tanwnuutnyjhahwi7JLOFzLY9Tz14FGICrAosILnHuBQBML -QtgpeybCs+IAukZuu2n0Pt0u290JUwzmiWxjx18mxkVFB5NyeHwhg6JG59uOYoJ/ -JMIGDz4kTQuIAOTZFgV7bMOHUJNrYuN/tUB00zriy7cAJ5aovq30gIhpePbeDAja -BE0pj5UdV5V9EsYFz7kZMe/VIgPY/O3KxD7k+40Dv2W6XOQPxiDXB/oAQkzT/KO2 -yIgdRWJfD2ohmGWi5cJdP99rvtUshmhYcynenqRP2bKtZIEi7DvGj2r6MNiTHqtC -HTZJmlrfJkqkjLMbPuQC0skOhfYImLVZtMGz6nzU4Uh6ZVM+2YM1S5oxJ9d74S7k -Rvh58AIaz1yf8drMc+PvrQqeZhiQA9od4i4ldtAjA2b7fX4YCN7eG4Q/YQi90rRE -xnmeHJaJYC/sYr6igaV63HXGyJ63JNoSDc3u9tDAB0goLh1kRXrmfsGX4B+ADYxt -cEzA1LvVeLcWf06edO+mJFZSUYYhVb5JUloaSdGRAa3MlEbZ/2xBeQZUY4kjwv/o -2axeRRC1BuQxeyizs40NF2t+ziwFlEoERqFVNlAKn7R+7QvVu0TGvLW/CmYXuIyP -NwIDAQABo4ICazCCAmcwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF -BwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTC4NDcy8n+xv0N -1GNig3ieBGnUkTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggr -BgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRz -ZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRz -ZW5jcnlwdC5vcmcvMHYGA1UdEQRvMG2CDWF0bGFzLmVmZi5vcmeCB2VmZi5vcmeC -Hmh0dHBzLWV2ZXJ5d2hlcmUtYXRsYXMuZWZmLm9yZ4IUaHR0cHNlLWF0bGFzLmVm -Zi5vcmeCD2tpdHRlbnMuZWZmLm9yZ4IMbWFwcy5lZmYub3JnMIH+BgNVHSAEgfYw -gfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0 -cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBD -ZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBh -cnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0 -ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3Np -dG9yeS8wDQYJKoZIhvcNAQELBQADggEBAGWQ738VV+3dK3fB2gJBHE/MEaHg000P -koHe1NKc5eoCLWbjUqP0QzcxKha1LwqFz8EaDglO23R9ZkXkI6IlhXsj6n3MTT+j -FkF5ccbuYd1sY69ghcEHBiZss4b/qepSxcu82LUU2UiuIc6zfxUfglEzzMsV72sb -Z1qjhA7E5iTyZHJ+0kwj+2XbtxqUbBrzZjN6ku0dyul3d43hnaEoJkeEDlADeWZM -gfDzoQ4FtIyVYq1FZVODBEr3kjccAlwWMO59YmJeFgjFRHASDw1akT+95h9puS/F -z+9Sior3hfcLNdGZUZWpd7GQMKKoEbDPm8GubFTvcPfivu8I9Lc5428= ------END CERTIFICATE----- - 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 - i:/O=Digital Signature Trust Co./CN=DST Root CA X3 ------BEGIN CERTIFICATE----- -MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/ -MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT -DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow -SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT -GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC -AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF -q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8 -SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0 -Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA -a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj -/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T -AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG -CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv -bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k -c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw -VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC -ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz -MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu -Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF -AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo -uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/ -wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu -X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG -PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6 -KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg== ------END CERTIFICATE----- ---- -Server certificate -subject=/CN=eff.org -issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 ---- -No client certificate CA names sent -Peer signing digest: SHA512 -Server Temp Key: ECDH, P-256, 256 bits ---- -SSL handshake has read 3728 bytes and written 302 bytes -Verification: OK ---- -New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 -Server public key is 4096 bit -Secure Renegotiation IS supported -Compression: NONE -Expansion: NONE -No ALPN negotiated -SSL-Session: - Protocol : TLSv1.2 - Cipher : ECDHE-RSA-AES256-GCM-SHA384 - Session-ID: D448EDCC480EF1C06FE70E6D8B4B868431F613E1D4308FC9A40A0DAA3460C06B - Session-ID-ctx: - Master-Key: 59C06531A77DCF1603ABC42B700311866C7D85A3154D9F733F1E671BC59C0287C81CBD9FD39516871CD434BD939379A0 - PSK identity: None - PSK identity hint: None - SRP username: None - TLS session ticket lifetime hint: 600 (seconds) - TLS session ticket: - 0000 - f8 47 e4 94 45 bd d3 df-61 76 8f b5 98 a1 b8 b5 .G..E...av...... - 0010 - 56 6d 1f 59 43 5e 5e c5-2a 90 66 66 3e 6e b4 45 Vm.YC^^.*.ff>n.E - 0020 - 7d 15 76 d9 cc 6a d4 d5-db 26 bf d5 e5 4a 5e 9a }.v..j...&...J^. - 0030 - 96 ce 88 00 23 64 36 6e-1a 26 7b 94 6b da c4 95 ....#d6n.&{.k... - 0040 - 96 49 1e 96 5e 34 35 3c-38 e1 0c 3e 41 57 64 1f .I..^45<8..>AWd. - 0050 - b0 fe 09 0b 3b f6 bf 8a-f5 6c 54 6e bc 63 35 4e ....;....lTn.c5N - 0060 - 3a 37 27 64 8f a4 0c 5b-4f 6b f3 17 a1 9a 12 be :7'd...[Ok...... - 0070 - 4f 75 8d aa 40 01 58 83-be db 07 77 38 8c 04 ff Ou..@.X....w8... - 0080 - f2 58 f0 36 ba dc 74 39-1f 14 16 57 8a ac d2 e9 .X.6..t9...W.... - 0090 - 98 4d 30 2f ce 5e 5b d8-1e 66 96 bd f8 a9 eb 04 .M0/.^[..f...... - 00a0 - 35 14 c0 ad 84 7e 93 28-10 22 8c 7e 50 d2 ca ca 5....~.(.".~P... - - Start Time: 1499775511 - Timeout : 7200 (sec) - Verify return code: 0 (ok) - Extended master secret: no ---- |