Skip to content

Commit 9ca20c0

Browse files
lgarronlgarron
committed
Add rsa4096 subdomain. Closes #337.
1 parent 0b1b3a2 commit 9ca20c0

File tree

6 files changed

+123
-0
lines changed

6 files changed

+123
-0
lines changed

certs/Makefile

+11
Original file line numberDiff line numberDiff line change
@@ -240,6 +240,17 @@ CHAINS_PROD += $(O)/gen/chain/wildcard-rsa8192.pem
240240
$(O)/gen/chain/wildcard-rsa8192.pem: $(O)/gen/crt/wildcard-rsa8192.crt $(O)/gen/crt/ca-intermediate.crt
241241
./tool chain $@ $(D) $^
242242

243+
################################
244+
$(O)/gen/key/leaf-rsa4096.key:
245+
./tool gen-key $@ $(D) 4096
246+
$(O)/gen/csr/wildcard-rsa4096.csr: src/conf/wildcard.conf $(O)/gen/key/leaf-rsa4096.key
247+
./tool gen-csr $@ $(D) $^
248+
$(O)/gen/crt/wildcard-rsa4096.crt: src/conf/wildcard.conf $(O)/gen/csr/wildcard-rsa4096.csr $(O)/gen/key/ca-intermediate.key $(O)/gen/crt/ca-intermediate.crt
249+
./tool sign $@ $(D) $(SIGN_LEAF_DEFAULTS) $^
250+
CHAINS_PROD += $(O)/gen/chain/wildcard-rsa4096.pem
251+
$(O)/gen/chain/wildcard-rsa4096.pem: $(O)/gen/crt/wildcard-rsa4096.crt $(O)/gen/crt/ca-intermediate.crt
252+
./tool chain $@ $(D) $^
253+
243254
################################
244255
$(O)/gen/key/leaf-ecc256.key:
245256
./tool gen-ecckey $@ $(D) prime256v1

certs/sets/prod/pregen/chain/wildcard-rsa4096.pem

+70
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,70 @@
1+
-----BEGIN CERTIFICATE-----
2+
MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh
3+
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
4+
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
5+
QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT
6+
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg
7+
U2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
8+
ANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83
9+
nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd
10+
KpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f
11+
/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX
12+
kujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0
13+
/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C
14+
AQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY
15+
aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6
16+
Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1
17+
oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD
18+
QS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v
19+
d3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh
20+
xtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB
21+
CwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl
22+
5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA
23+
8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC
24+
2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit
25+
c+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0
26+
j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz
27+
-----END CERTIFICATE-----
28+
-----BEGIN CERTIFICATE-----
29+
MIIHoTCCBomgAwIBAgIQAQ0UXdUddO/h3TOZxAN3RTANBgkqhkiG9w0BAQsFADBN
30+
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
31+
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNDIwMDAwMDAwWhcN
32+
MjAwNDI0MTIwMDAwWjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p
33+
YTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRUwEwYDVQQKEwxMdWNhcyBHYXJyb24x
34+
FTATBgNVBAMMDCouYmFkc3NsLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
35+
AgoCggIBALT8CTWQ0QjO7l2uXVbpA3IuiKLvoOikadGypzzalLPhK0oLUufqSVU8
36+
UwoqJA2YaS+Dl5RcJfIpZKW2ews1Q0d6TAjlMnhYAJfF4uGf1rYCP6XvEm5V4gPL
37+
fnXh6IoCTK2g2H3pz5QjUjVZm0Uhl2/hkpelHb9976zhZhzOOJBqvgyYJ4zhiQ/0
38+
HIL4/4C/fCYdtRROl5Vbf+cM4wU4J+pqkoWUwGGiAgjBEWCaDcG+y8x2ps5/Ttod
39+
FZDPfkQzPvl/14u5cTAPayGHdPKQD7IfexHZntqi3frobumhc37m/Xx9UW9HMlIR
40+
z2bU24iwXvmoLTrgGQdigP497A31OtmgYRMzRLkQgQd/5b5n/zIiJfxHFDbPLTwP
41+
iJBuinElHgfG15pyEmj3Bt0sLgNxKwBgHcVE87fYHxQ+WgQc30uQORAYpGmoWBJH
42+
VAMco/AzJTl2aWbTMMka2aaFPzonhquJ2FPHDrKRuOz1INLymVyobASfImUUrPzK
43+
BhRiyWuydF+Bdavk3w1NiIfTI7rICpfD8AzP8tBh8qRodUeoC/GcbsfoIQTtgW34
44+
i0DJ6Nn+IWNCQQkqrfFPCPh9anpIGj+2nShlpIlhPQHbo4KvOe/4NlNh/eZdiLkT
45+
THIF4ghC0T7reqo2hzJmt9GbZ5Aj3IKvyLR1Zt8NIQ9jP/6EmHC3AgMBAAGjggNh
46+
MIIDXTAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQU
47+
YCPJw569dyZ7woLqVx+j2ya1ksswIwYDVR0RBBwwGoIMKi5iYWRzc2wuY29tggpi
48+
YWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
49+
KwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQu
50+
Y29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0
51+
LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCow
52+
KAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EM
53+
AQIDMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln
54+
aWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j
55+
b20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAw
56+
ggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AKS5CZC0GFgUh7sTosxncAo8NZgE
57+
+RvfuON3zQ7IDdwQAAABYuVr0/YAAAQDAEcwRQIgbAIBYdIx0SbSvF5eyRKmzFg3
58+
0TbAA7ahziTFSnFjGwcCIQDnGQkFwvurnb/U05g5u035ndpfg+uTF3plS0W4aoxl
59+
ewB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABYuVr1TsAAAQD
60+
AEcwRQIgKuhDIfsyclCe+ywbalql5ZP+tKGD94QWxK7qiRnBsCsCIQCbWm6kZhSr
61+
B/56bORtB32sPVrGbQO6Xg/864noQ3LWBgB2ALvZ37wfinG1k5Qjl6qSe0c4V5UK
62+
q1LoGpCWZDaOHtGFAAABYuVr1BEAAAQDAEcwRQIgeO7CYN+fqTbCeafifWQu5Rrd
63+
meUU5oqj371NC8KUD84CIQCU09EPYMODcylGKSNlwMVRvCgCQVto2s1WxywoqzZ6
64+
njANBgkqhkiG9w0BAQsFAAOCAQEAnMD35hF6k/tVxf2cMcfnuVMh6kbGAUDd7RF2
65+
DcwKaoGxQehkXGFkDvq6siGh4Yv4Xt+aV/eTn9ORigNJ0RQkFxGbyhUkiyilYl/G
66+
Kd/4ZWLBS66+s7ve3eBgwuufZ0Y29Yu4R9eUoplZyQRLRKOrdDhBPbQj00s3qbg2
67+
2q/JnP8TKzlfsb1EoWd4sXnbwUMi84qTbpwwV271bYWL62EtFicFDOj/zI4z/Gtl
68+
nIHlSc8awxUabPPNN05f0xmd1KALDxJ3jaqqvBaTUrjZQwP2vkUBs2H97GhTGnby
69+
tXWRXPnr/JlvyEcnyKVwaAGxUksTf5wIgFWXFUsNTa++34uB1g==
70+
-----END CERTIFICATE-----

domains/cert/rsa4096.conf

+19
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
---
2+
---
3+
server {
4+
listen 80;
5+
server_name rsa4096.{{ site.domain }};
6+
7+
return 301 https://$server_name$request_uri;
8+
}
9+
10+
server {
11+
listen 443;
12+
server_name rsa4096.{{ site.domain }};
13+
14+
include {{ site.serving-path }}/nginx-includes/wildcard-rsa4096.conf;
15+
include {{ site.serving-path }}/nginx-includes/tls-defaults.conf;
16+
include {{ site.serving-path }}/common/common.conf;
17+
18+
root {{ site.serving-path }}/domains/cert/rsa4096;
19+
}

domains/cert/rsa4096/index.html

+16
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
---
2+
subdomain: rsa4096
3+
layout: page
4+
favicon: green
5+
background: green
6+
---
7+
8+
<div id="content">
9+
<h1 style="font-size: 8vw;">
10+
{{ page.subdomain }}.{{ site.domain }}
11+
</h1>
12+
</div>
13+
14+
<div id="footer" style="font-size: 2.75vw;">
15+
This site uses a 4096-bit RSA key for key exchange.
16+
</div>

domains/misc/badssl.com/index.html

+1
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,7 @@ <h2 id="certificate"><span class="emoji">🎫</span>Certificate</h2>
5555
<a href="https://ecc384.{{ site.domain }}/" class="good"><span class="icon"></span>ecc384</a>
5656
<hr>
5757
<a href="https://rsa2048.{{ site.domain }}/" class="good"><span class="icon"></span>rsa2048</a>
58+
<a href="https://rsa4096.{{ site.domain }}/" class="good"><span class="icon"></span>rsa4096</a>
5859
<a href="https://rsa8192.{{ site.domain }}/" class="dubious"><span class="icon"></span>rsa8192</a>
5960
<hr>
6061
<a href="https://extended-validation.{{ site.domain }}/" class="good"><span class="icon"></span>extended-validation</a>

nginx-includes/wildcard-rsa4096.conf

+6
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
---
2+
---
3+
4+
ssl on;
5+
ssl_certificate {{ site.cert-path }}/wildcard-rsa4096.pem;
6+
ssl_certificate_key /etc/keys/leaf-rsa4096.key;

0 commit comments

Comments
 (0)