Also add makefile for easy tweaking.
--- /dev/null
+all: agent1-cert.pem agent2-cert.pem agent3-cert.pem
+
+
+#
+# Create Certificate Authority: ca1
+# ('password' is used for the CA password.)
+#
+ca1-cert.pem: ca1.cnf
+ openssl req -new -x509 -config ca1.cnf -keyout ca1-key.pem -out ca1-cert.pem
+
+#
+# Create Certificate Authority: ca2
+# ('password' is used for the CA password.)
+#
+ca2-cert.pem: ca2.cnf
+ openssl req -new -x509 -config ca2.cnf -keyout ca2-key.pem -out ca2-cert.pem
+
+
+#
+# agent1 is signed by ca1.
+#
+
+agent1-key.pem:
+ openssl genrsa -out agent1-key.pem
+
+agent1-csr.pem: agent1.cnf agent1-key.pem
+ openssl req -new -config agent1.cnf -key agent1-key.pem -out agent1-csr.pem
+
+agent1-cert.pem: agent1-csr.pem ca1-cert.pem ca1-key.pem
+ openssl x509 -req \
+ -passin "pass:password" \
+ -in agent1-csr.pem \
+ -CA ca1-cert.pem \
+ -CAkey ca1-key.pem \
+ -CAcreateserial \
+ -out agent1-cert.pem
+
+#
+# agent2 has a self signed cert
+#
+# Generate new private key
+agent2-key.pem:
+ openssl genrsa -out agent2-key.pem
+
+# Create a Certificate Signing Request for the key
+agent2-csr.pem: agent2-key.pem agent2.cnf
+ openssl req -new -config agent2.cnf -key agent2-key.pem -out agent2-csr.pem
+
+# Create a Certificate for the agent.
+agent2-cert.pem: agent2-csr.pem agent2-key.pem
+ openssl x509 -req \
+ -in agent2-csr.pem \
+ -signkey agent2-key.pem \
+ -out agent2-cert.pem
+
+
+#
+# agent3 is signed by ca2.
+#
+
+agent3-key.pem:
+ openssl genrsa -out agent3-key.pem
+
+agent3-csr.pem: agent3.cnf agent3-key.pem
+ openssl req -new -config agent3.cnf -key agent3-key.pem -out agent3-csr.pem
+
+agent3-cert.pem: agent3-csr.pem ca2-cert.pem ca2-key.pem
+ openssl x509 -req \
+ -passin "pass:password" \
+ -in agent3-csr.pem \
+ -CA ca2-cert.pem \
+ -CAkey ca2-key.pem \
+ -CAcreateserial \
+ -out agent3-cert.pem
+
+# TODO: agent on CRL
+
+
+clean:
+ rm -f *.pem *.srl
+
+
+.PHONY: all clean
-----BEGIN CERTIFICATE-----
-MIIBvTCCASYCCQCvwklkWmMPbzANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJB
-VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0
-cyBQdHkgTHRkMB4XDTEwMTIwNjA0MTgzMFoXDTExMDEwNTA0MTgzMFowRTELMAkG
-A1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0
-IFdpZGdpdHMgUHR5IEx0ZDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQD9JxFi0amR
-7dROTGDs1dUFYWfAp6Z7LvkTnRtFHBBNdk2TCSC1Zz8SLxMVIlfyT08GW/vNVxyH
-ExtfhS86o/kdAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAT70viMg4+FYnhEAkAISs
-uXh8D3SqCGsVqaiQP/6jZGAbLfX1QrbI/SAnaCrLX5pjsb5oBfv1tMbF3MBeYC2q
-SJz/tzUc8FaP3l8mUM8UuPNTo1iNBUmR0VfliC4lE5Lvh39EbqGs630mmScHYLCW
-WA518TIEw1K8CsrkYu63Ueo=
+MIICKjCCAZMCCQDhbs1HhtVdmzANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJV
+UzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQKEwZKb3llbnQxEDAO
+BgNVBAsTB05vZGUuanMxDDAKBgNVBAMTA2NhMTEgMB4GCSqGSIb3DQEJARYRcnlA
+dGlueWNsb3Vkcy5vcmcwHhcNMTAxMjA4MDAzNjA1WhcNMTEwMTA3MDAzNjA1WjB9
+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQK
+EwZKb3llbnQxEDAOBgNVBAsTB05vZGUuanMxDzANBgNVBAMTBmFnZW50MTEgMB4G
+CSqGSIb3DQEJARYRcnlAdGlueWNsb3Vkcy5vcmcwXDANBgkqhkiG9w0BAQEFAANL
+ADBIAkEAp36z1wNzmlDDZyjh9F5AAzqdfrdzIU9IpOkl7hsRxtzntpmpluUgkUDd
+bmbl8IHN4urY1mYhrhDtV5j93NJuiwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAJ2q
+4FRRI6BlcJPOjL4jxGIeQqzhsO4ZIfpMXJQCiM4IoTnh20jNV0WMBbVaFxLWePAZ
+y8MI8TQqUUupJW2LAKu5UaYaaoydyCTgkGQxOZpxmqXL/VAD2nyveG24abjzWMki
+bNNfGbMOb1B6HSWRVNs5MCQ1qlPSxkkkzCG7DbQ6
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE REQUEST-----
-MIH/MIGqAgEAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
-HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwXDANBgkqhkiG9w0BAQEF
-AANLADBIAkEA/ScRYtGpke3UTkxg7NXVBWFnwKemey75E50bRRwQTXZNkwkgtWc/
-Ei8TFSJX8k9PBlv7zVcchxMbX4UvOqP5HQIDAQABoAAwDQYJKoZIhvcNAQEFBQAD
-QQC0NPuOJB+Ustg8uBUKq0btzWii2vNWlmcDR5E9gf/egVRndSNMB+KWZtNiBe0g
-Z/0TM0zIty4gBCTBahpkd0yw
+MIIBXTCCAQcCAQAwfTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQswCQYDVQQH
+EwJTRjEPMA0GA1UEChMGSm95ZW50MRAwDgYDVQQLEwdOb2RlLmpzMQ8wDQYDVQQD
+EwZhZ2VudDExIDAeBgkqhkiG9w0BCQEWEXJ5QHRpbnljbG91ZHMub3JnMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAKd+s9cDc5pQw2co4fReQAM6nX63cyFPSKTpJe4b
+Ecbc57aZqZblIJFA3W5m5fCBzeLq2NZmIa4Q7VeY/dzSbosCAwEAAaAlMCMGCSqG
+SIb3DQEJBzEWExRBIGNoYWxsZW5nZSBwYXNzd29yZDANBgkqhkiG9w0BAQUFAANB
+AIcMDWFjs3iPXxSy/mYibIFlYJzqXfJqeZ9uMnNc6M5fYtb+p6cqIzEArpM0v3eX
+oaRGwAyprMKvDDcTaqGsE9g=
-----END CERTIFICATE REQUEST-----
-----BEGIN RSA PRIVATE KEY-----
-MIIBOgIBAAJBAP0nEWLRqZHt1E5MYOzV1QVhZ8Cnpnsu+ROdG0UcEE12TZMJILVn
-PxIvExUiV/JPTwZb+81XHIcTG1+FLzqj+R0CAwEAAQJAfDTd7+lE1KenAh+xcqJb
-2T74Y+sd4NSkOr5bseXaDdai2tBTLg+WFSuNYz6+Ots/22JTcWWMR2J86IfFNiGJ
-4QIhAP/44ymsR9QjN0XOfaKI994jlbnGhp4HMN1PFUkhA711AiEA/S4aKosF/NxP
-LJeFyFrdJcnclUoe2GByJqpXmkKfEAkCIQC+gfZPpbEv6aXRhoVq2pXf9owQ3/iA
-1MlBbQJikve9oQIgBV6q82gLcneBvmJgVgWHVzvWz9vIl7JD+Yn3XbA4C3ECIGjp
-eu/FQAYgB5y1DpwWejth/iva2OTg8j65ze524S62
+MIIBOwIBAAJBAKd+s9cDc5pQw2co4fReQAM6nX63cyFPSKTpJe4bEcbc57aZqZbl
+IJFA3W5m5fCBzeLq2NZmIa4Q7VeY/dzSbosCAwEAAQJADwHbOzij8v+pgmS3Wh3X
+vnJSCjiFqEZiS+RX8a2bOiYLtGVAW1BZyjYca/mLx/3n8j/8MOr69LaGr5Re6uDE
+AQIhANo4oGEgqCKs2C4mKoHKCt/NhFrh5rJBwK0jcBCl1xBhAiEAxH3unNcqog2R
+jQLrIzYV+TzQllRyXJpJedWCRzsuVmsCIAiM/3vO08fIDhCA3lmHmTV70BvfjjKd
+8PbX1KRSW0MBAiEAlVn7Qq+xsheKKJqtS8hSj22QRpPNkWGcs8R8D9SF9h0CIQDZ
+6JntMVqXfAdf/PRBl1MiL1d5OE03HT+axtZs7fh2bA==
-----END RSA PRIVATE KEY-----
--- /dev/null
+[ req ]
+default_bits = 1024
+days = 36500
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+prompt = no
+
+[ req_distinguished_name ]
+C = US
+ST = CA
+L = SF
+O = Joyent
+OU = Node.js
+CN = agent1
+emailAddress = ry@tinyclouds.org
+
+[ req_attributes ]
+challengePassword = A challenge password
+
-----BEGIN CERTIFICATE-----
-MIIBfDCCASYCCQCojwzqgiZi4jANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJB
-VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0
-cyBQdHkgTHRkMB4XDTEwMTIwNjA0MTg0N1oXDTExMDEwNTA0MTg0N1owRTELMAkG
-A1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0
-IFdpZGdpdHMgUHR5IEx0ZDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDjl3L8IstA
-r6OakBtAh9WRpnhqzfdAgbSIAX43jr/uxovu9S9TNc9qK0WyMAbJVePHuRwDtgTr
-957EUd4LLGUzAgMBAAEwDQYJKoZIhvcNAQEFBQADQQCN78Y26RpPlfDm5uDSoAgU
-hY09yDWKp0he03SH3V5AW/WMwT6Q6K2+ATK4g/W8f8+ZmS3FIff7Atcc6to3Lez7
+MIIB7DCCAZYCCQCfu9uLnwttiDANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJV
+UzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQKEwZKb3llbnQxEDAO
+BgNVBAsTB05vZGUuanMxDzANBgNVBAMTBmFnZW50MjEgMB4GCSqGSIb3DQEJARYR
+cnlAdGlueWNsb3Vkcy5vcmcwHhcNMTAxMjA4MDAzNjA1WhcNMTEwMTA3MDAzNjA1
+WjB9MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYD
+VQQKEwZKb3llbnQxEDAOBgNVBAsTB05vZGUuanMxDzANBgNVBAMTBmFnZW50MjEg
+MB4GCSqGSIb3DQEJARYRcnlAdGlueWNsb3Vkcy5vcmcwXDANBgkqhkiG9w0BAQEF
+AANLADBIAkEAzkrVOgCgjlkBUGL/McQfvNlmvYRaP6tuI0fmTpFc9ZIMts+aH2hQ
+zzKdpaVE57PxV/nQRs/yzOii04qyPty0hwIDAQABMA0GCSqGSIb3DQEBBQUAA0EA
+SOqMN7d4hkO1kqWhJS6QrFt+LVLsRE2gRMwoSiQg8THGW6RMImbtRZFSLSXyXKle
+SefMl2JK/1Ur/1L8BFMOSg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE REQUEST-----
-MIH/MIGqAgEAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
-HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwXDANBgkqhkiG9w0BAQEF
-AANLADBIAkEA45dy/CLLQK+jmpAbQIfVkaZ4as33QIG0iAF+N46/7saL7vUvUzXP
-aitFsjAGyVXjx7kcA7YE6/eexFHeCyxlMwIDAQABoAAwDQYJKoZIhvcNAQEFBQAD
-QQC0HpucL+WqX0AkP5y/644GyTjrq1rxsoWm0708pAdInMjBTNQicjVfFWcoTTQA
-zPQBqOuEsNtktcJyYfryhtWW
+MIIBXTCCAQcCAQAwfTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQswCQYDVQQH
+EwJTRjEPMA0GA1UEChMGSm95ZW50MRAwDgYDVQQLEwdOb2RlLmpzMQ8wDQYDVQQD
+EwZhZ2VudDIxIDAeBgkqhkiG9w0BCQEWEXJ5QHRpbnljbG91ZHMub3JnMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAM5K1ToAoI5ZAVBi/zHEH7zZZr2EWj+rbiNH5k6R
+XPWSDLbPmh9oUM8ynaWlROez8Vf50EbP8szootOKsj7ctIcCAwEAAaAlMCMGCSqG
+SIb3DQEJBzEWExRBIGNoYWxsZW5nZSBwYXNzd29yZDANBgkqhkiG9w0BAQUFAANB
+AJQ5mJG5IhKbA9dwielTqkfYM2St8pXnq+z2L2QfgHvkY3fk67+eZA8/0oplWmgD
+dnrWYMILwpGxDwzFBbBvoc4=
-----END CERTIFICATE REQUEST-----
-----BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAOOXcvwiy0Cvo5qQG0CH1ZGmeGrN90CBtIgBfjeOv+7Gi+71L1M1
-z2orRbIwBslV48e5HAO2BOv3nsRR3gssZTMCAwEAAQJBAMlC7dEgZ8NNTw1o8GCR
-foCtyQESINtvmBlJ0LcKypo4WLb2OkI2T/kG8mnoiUM2GyTf8MMGh7V5DeZskh3L
-pNkCIQD89pQtqNsDxC/vujdDIlT/0gHhUOZsnIXHZpYv+fzJfQIhAOZS5ZjkNpvb
-YcTqpk2HNgu0wFW0nKJ5bnFaTaPjY6hvAiBoDsrPqYlGmFqbw79d126duXbah9vx
-y8VgTDv1ymEJRQIhAJuWHhD1AMqyHM53sFWo4+JufIqo0jKTEv8xgEcYgSazAiEA
-hWqzWF/qpQ/JT/QaNE6agQWV6MydGAce56EGcpp22mA=
+MIIBOwIBAAJBAM5K1ToAoI5ZAVBi/zHEH7zZZr2EWj+rbiNH5k6RXPWSDLbPmh9o
+UM8ynaWlROez8Vf50EbP8szootOKsj7ctIcCAwEAAQJBAIaPEV5wIko3jD/fEw5n
+GzyXoghkWGnHbGPe9j6xWq1ilb6ccna83XC+CruZssC5WkQXGT2fUWt5+JiD11ZV
+KIECIQD6NXfuJVGJMeZrJWhJDSJTEl9jkI3+TSkGPd2cOSv11wIhANMRJrPjAEL4
+Oz2hPqWCAk41NdUZwrcinh+BEqEcrwDRAiEA5VczKbdNKErz4Ew2bZc7WheiFZn/
+fRPuwYjdY3/H+psCICW2hNHTl7JfpEYoz4bHKh5LR6kiBzatys8aQvfipiphAiBF
+HzX9wFNGiPp1VzmTvKeKNOsIjIkWO4umT26tW3RQVA==
-----END RSA PRIVATE KEY-----
--- /dev/null
+[ req ]
+default_bits = 1024
+days = 36500
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+prompt = no
+
+[ req_distinguished_name ]
+C = US
+ST = CA
+L = SF
+O = Joyent
+OU = Node.js
+CN = agent2
+emailAddress = ry@tinyclouds.org
+
+[ req_attributes ]
+challengePassword = A challenge password
+
-----BEGIN CERTIFICATE-----
-MIIBvTCCASYCCQDXXCDdhOcSNTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJB
-VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0
-cyBQdHkgTHRkMB4XDTEwMTIwNjA0NDMwOVoXDTExMDEwNTA0NDMwOVowRTELMAkG
-A1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0
-IFdpZGdpdHMgUHR5IEx0ZDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDNOPrBqq2b
-/gxs0WELdkSHvAkjJdEjuWia2Q+FI3v5asDXj6w4t+ZY46m6D3PCgTZ9FJmZjUH2
-prGyMbBS3Uf9AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAabTyzBk4tlG08+FTZtdb
-5bDELkPVHNCQapQVsKYqnnKzt3xLjIOEoSa67pKXm2gcupiVYOmC0Pz76pZinRhH
-IJ8gVp7dhv0sdog6+VMfrMTlR7gUEu7gQHF69ras7oswPV/kNH4YVljqUQpVDs+4
-VgOaivgOfhPZb4H5tz/P1Ms=
+MIICKjCCAZMCCQDc0bGBDDbJTjANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJV
+UzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQKEwZKb3llbnQxEDAO
+BgNVBAsTB05vZGUuanMxDDAKBgNVBAMTA2NhMjEgMB4GCSqGSIb3DQEJARYRcnlA
+dGlueWNsb3Vkcy5vcmcwHhcNMTAxMjA4MDAzNjA1WhcNMTEwMTA3MDAzNjA1WjB9
+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQK
+EwZKb3llbnQxEDAOBgNVBAsTB05vZGUuanMxDzANBgNVBAMTBmFnZW50MzEgMB4G
+CSqGSIb3DQEJARYRcnlAdGlueWNsb3Vkcy5vcmcwXDANBgkqhkiG9w0BAQEFAANL
+ADBIAkEArqF8nrro0iDtngOg1xgUCAVT9s7HUV5+vuqm1ymeZ5AdGZoyOLkW9iEk
+DtMAx3Ua+i8KJ1wWiWqowXCgynWmlwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAOC0
+oSOorjHv45jKcXeSEk8imp+q4MyBJHiQ6jT0r+Mth+JmzsEodsH6pblb1U5RLqMY
+yyd+z/c848CaftKvrs+kHFZUE2HpkdFm9kf3DZwFHFlMf5DYV5vipo5mzv4jajXZ
+SToE52xsLWbpCR762+uWMBAqTUqCkZY342bTs3ji
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE REQUEST-----
-MIH/MIGqAgEAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
-HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwXDANBgkqhkiG9w0BAQEF
-AANLADBIAkEAzTj6waqtm/4MbNFhC3ZEh7wJIyXRI7lomtkPhSN7+WrA14+sOLfm
-WOOpug9zwoE2fRSZmY1B9qaxsjGwUt1H/QIDAQABoAAwDQYJKoZIhvcNAQEFBQAD
-QQCsta4frzeUIkZrqt3EEG9cAI1FTGphl/5bA0fYpIlZOanR5V6kKPG6mgXiHDaN
-r46fwkE/AKS7mnIz6XGzXfCn
+MIIBXTCCAQcCAQAwfTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQswCQYDVQQH
+EwJTRjEPMA0GA1UEChMGSm95ZW50MRAwDgYDVQQLEwdOb2RlLmpzMQ8wDQYDVQQD
+EwZhZ2VudDMxIDAeBgkqhkiG9w0BCQEWEXJ5QHRpbnljbG91ZHMub3JnMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAK6hfJ666NIg7Z4DoNcYFAgFU/bOx1Fefr7qptcp
+nmeQHRmaMji5FvYhJA7TAMd1GvovCidcFolqqMFwoMp1ppcCAwEAAaAlMCMGCSqG
+SIb3DQEJBzEWExRBIGNoYWxsZW5nZSBwYXNzd29yZDANBgkqhkiG9w0BAQUFAANB
+AGlqt2SpEzYedu/Ouly8TcnQP8X1rHu2CF82Z1ayFHpkpcI86gsIC0OPV8Ju+lKK
+nISkKqKmcqbLbWOLbWex/xo=
-----END CERTIFICATE REQUEST-----
-----BEGIN RSA PRIVATE KEY-----
-MIIBOwIBAAJBAM04+sGqrZv+DGzRYQt2RIe8CSMl0SO5aJrZD4Uje/lqwNePrDi3
-5ljjqboPc8KBNn0UmZmNQfamsbIxsFLdR/0CAwEAAQJAT3v9KxtXCG76Ev95bb4N
-xuCeTV2tRf/esvLVHwTiVHRBw3ZcU4VsIwarwQy/CkPwGtWT91AN/xAgvLptwwmE
-AQIhAOuymRnLkS795CluenO5ybuF53ro3S9wFBY9jYJX46L9AiEA3uZfEeNTUVYR
-dJ56zqUxfakguhF/ibHT/lXRgkpVyQECIQCuRk5h/l0JS/2KjP/J1dPN7kKsZMY3
-Lz4K+9RITkgo2QIgTABs5iKG5DLenM70vMUizOAAIrGYtRCHYi9M0ooaGgECIQDK
-nWMUePU/NHBC2AYyp9KzF8ZEBIcItgppTeNtkdF7mw==
+MIIBPAIBAAJBAK6hfJ666NIg7Z4DoNcYFAgFU/bOx1Fefr7qptcpnmeQHRmaMji5
+FvYhJA7TAMd1GvovCidcFolqqMFwoMp1ppcCAwEAAQJBAJTO20jPcTIOCS3LXbWs
+uPUUxTXdgo9d/JdnkYBr4KXSCepq3VCKlKZXJVG2q6VjYB+5fIbK2FgvMZZTQr+F
+/HECIQDYKCdh3DIgqjiEoKiaGfRi4QegI66ok6zH1u6OVZ2Q5QIhAM7R1VqCNVxe
+nMuUbuYPAnx5J5P3VxH9hLLI1sxopa3LAiEAloPnYHJXCX3eWyQQIzY9gXjWuYD/
+Ru2F26XjeYNOc60CICWl+Oqi7UfFSVGd0Zo7fT5fZ5791XHG7pMFEGThX9eFAiEA
+q4Y+ao8ddoqMt31iaZklCLHFhWEokwKSI+3j99Nv3gU=
-----END RSA PRIVATE KEY-----
--- /dev/null
+[ req ]
+default_bits = 1024
+days = 36500
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+prompt = no
+
+[ req_distinguished_name ]
+C = US
+ST = CA
+L = SF
+O = Joyent
+OU = Node.js
+CN = agent3
+emailAddress = ry@tinyclouds.org
+
+[ req_attributes ]
+challengePassword = A challenge password
+
-----BEGIN CERTIFICATE-----
-MIICWDCCAcGgAwIBAgIJAPlzZCsvV/DFMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
-BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQwHhcNMTAxMjA2MDQxNzA3WhcNMTEwMTA1MDQxNzA3WjBF
-MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
-ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQC/HthOlERITtsUA7FJ0l/U4qFNLri6QKLRoHPn8tGRCXDg/jEAh/pwrycIjvA4
-V66RatOhdxC7bGDC2FOjoofMNHTsdXoCoC9f9pNoU5BlLoal12V5gfL+AklJNJny
-lL15FnmiQdUThLGDhRM918bWQdJTRJ+dkyVlUink/5wlxQIDAQABo1AwTjAdBgNV
-HQ4EFgQU5LAV1SB/xh57MHsWgEwl8MpiDhYwHwYDVR0jBBgwFoAU5LAV1SB/xh57
-MHsWgEwl8MpiDhYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAqgne5
-uBwDiQaCuWkBHDw5WGtcvzqc0HIoQ+qopwfTxGNaLv0dZ7N3wGsGIqSh0OCMYgxA
-0Ku7hdL9faEHrq8f2T6yUUMMDcMLOJgFDESl/hip8jRdCZy45CWAJNpQ8PfshSkR
-b/oae/TW79lT9Y5uzcV4YRwPFNU6RREuxq++hA==
+MIICazCCAdQCCQD7SXMhxW/WUDANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJV
+UzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQKEwZKb3llbnQxEDAO
+BgNVBAsTB05vZGUuanMxDDAKBgNVBAMTA2NhMTEgMB4GCSqGSIb3DQEJARYRcnlA
+dGlueWNsb3Vkcy5vcmcwHhcNMTAxMjA4MDAzNjA1WhcNMTEwMTA3MDAzNjA1WjB6
+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQK
+EwZKb3llbnQxEDAOBgNVBAsTB05vZGUuanMxDDAKBgNVBAMTA2NhMTEgMB4GCSqG
+SIb3DQEJARYRcnlAdGlueWNsb3Vkcy5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0A
+MIGJAoGBAK67DomaNCo90scJAchWpd83XKtkYa3SlfWn9YQRmocSPI9lKO5NfrIs
+Bd6Vt5C+AjeFFZ+zjsNSEYr95xmodlE83EtY16e3geSJc/qea0GPVD8HLOcvf0LD
+RpLIUgQH6olvvRhU8xMUwPYThl175wDpDVsgjV3YY9a4RmC9eJGHAgMBAAEwDQYJ
+KoZIhvcNAQEFBQADgYEAj0L54Mva2/WbCO/cGfdnvxetuT0VK/Jo5/lsmPY78EkA
+cnGwjJlJNPyUYta7izjbUo0gDpHq6HsgeE9D8Qx4GZ152RW5nkN1rRHLVZ6QCyCQ
+oO5cy2aZkOYRD5yNj9D7uUAKGwJVYo/6nTH4jd50LHGKsPwLQp/zhXyjPVrKZzQ=
-----END CERTIFICATE-----
-AFC249645A630F6F
+E16ECD4786D55D9B
-----BEGIN ENCRYPTED PRIVATE KEY-----
-MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIztmO4Z3hxi4CAggA
-MBQGCCqGSIb3DQMHBAgUmHxBmTJBNASCAoCeXNS3EkxMoX4QuAT4BIQF/qgXBiOV
-rcO8D5fHCca8kolzxOyk0LduS327TL2CAjKSK9NmpsQzZRQOWlKasmsWHzBD8I34
-AWcSbtAL+GGAgnD7XwFUPYHNzWVad5mmDJPWtsQMkcx6plwvQLFFvUAL5nmRe4vE
-5Brp88UvRp8wGzyBiotTzGbITdZEyKFLYVAni0KeApx2rqwAigmmWTqY2jXnUAxG
-zS8b9xy+aDya+UYQooFmYRLlQ8PlKl6B/zW/po/DJ38CofaSIR4zRWDs3lJrt4fL
-Q0hLJwz6ATRIOwGWxR2oQQ+1qgBr9Y4hhxk5tLSjDd0turiEwgul8cgJdHbshuan
-sD7J3k3teo2u/fR0CmYCo42l3hnGkvYPOdoXYfXDz3804a4ZkZhnsRMl5oH66ElZ
-MEmCY4t4VhsQTXleV1b6lK43vrKV+pSollrLvBKQhk3k+v0lq2wmBXsm4rB1vVv4
-KDgdOD7ITYte3C+EvaEwbnqaUYfURAYeF+td0212/wiwFIYhicjrwzN2Cq0E29pj
-23Vbe0JIwnpG6lfmzKVqmN3NT+e2e9G0zP7g3tDaWE4sUCcHxkgK7kmBryj272+j
-S4WClFgtSr/QJ/cNvU6Qlr8oO6EIG1rJuY1eLX/tHtbAwsDREXf612qtnFEXgFTA
-5QQmp02BPq2DCSJEOfQIN2LeaYJM0mFrotDCbtdS1Pje791CJq3C/+4h3gOye0br
-5QwiKb5IcgS5hAMu2ghhU01zmClDbFa98zIe3D8pjdrYt8zrZVVCTopcWxY6LU3g
-wvh9cdSKJ/Hgq3yRrnBwSolHUP9vMyC/EXRJ/T1CQHABjq0HNLOwhXuq
+MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIXKx2RfO0A+0CAggA
+MBQGCCqGSIb3DQMHBAi/V4ZO2/t54wSCAoDVHF80uFPqms1f9vuSkc66gd0PDLoi
+2nR8KQaoE3QLNo/w+AFMY+ehoA+u70njv1TQEproJ9CJUt0DXuRcwN1vXEntrYKr
+4IowbzW6GcvPCu7jm6LUXk9sAQDK5Om4QnUb+/I12j6Nb//ylWpbOkyGmc0nifJK
+wWgy0wV4chVLwM9rhE+bmFUDtBTUhFipPsjeg6ghyva98RnkyqWOYcYmKocwUZUU
+JZSz3Ip5nANWlNeHZOSrOiJBiMya6BfakWohh5owP8mQxVfxwog2AnjtvnpPNv6F
+9K6O/ThLe6cxVxDXzI9cM4HRcc2XFmzknIxBcCQELf2VGjU7FH+pf+TpN/4eTML2
+5IsKxUjYBKiBabkyblrYe1kdFRkCCVWOEvir6sarvxYBddXZ+aWQjxupKwLjAU1w
+VNFPbgbjlgyqgC7y8eg7XSVom+VbtmhVCostL+aq8hXi4BzMBeF8iCobxa5zvlII
+/F6srBdPq6CnaRnet77F69SnelDfskWClHr2DmFwv/+BnBORWnYQrZvqzPnXRoYC
+LYsGMbVMo62xiYby53ulnaxkYFQuUEMx3QrmZZ1zLLOXSLsTQtun5B+jCKtbhAmy
+Rdho1oBfEbfEZEQwWLiVSe8Zu6JYqz+nP3JO1Lt+gjQJSoaN96i1DKgtbRoMg9t5
+/6dymbixdRH6O1xy9fNQ6M5ACw1LnWPD/BzEeDCF6KQ+ZX4+AwYeC/h22XX2YymV
+l04ha5OcEcwGEGfk8vvhNd3S7Bn1DfnYcRrtQUbtjk1gUfUj3o4D9COJNUxnQYqb
+2XyPZkUEdUM7Aqcp06aCOBBIku2+tH0AkUeKFYlrtEvu2oxc+3p6yPDL
-----END ENCRYPTED PRIVATE KEY-----
--- /dev/null
+[ req ]
+default_bits = 1024
+days = 36500
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+prompt = no
+output_password = password
+
+[ req_distinguished_name ]
+C = US
+ST = CA
+L = SF
+O = Joyent
+OU = Node.js
+CN = ca1
+emailAddress = ry@tinyclouds.org
+
+[ req_attributes ]
+challengePassword = A challenge password
+
-----BEGIN CERTIFICATE-----
-MIICWDCCAcGgAwIBAgIJAKXrRJ3rkOnNMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
-BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQwHhcNMTAxMjA2MDQxNzI4WhcNMTEwMTA1MDQxNzI4WjBF
-MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
-ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
-gQDW5D3i3vuLpsekzkvF+pyZq6YDzESJQh0uGpWTk0oyBe/BCiTwHtZwyPpvO6UQ
-wpBPSMfwgmY30HoofXSKSBGW5ixyLvVa+brvJ0etqnNojI0NcNBk0/b+ynOCJ3A8
-O/fFotYdsg9C1sDusW2htymyYvEfyxX7/WR7+u+b5vclCwIDAQABo1AwTjAdBgNV
-HQ4EFgQUpKdzYuzbjpcqwWDiB8SgFiy3WxkwHwYDVR0jBBgwFoAUpKdzYuzbjpcq
-wWDiB8SgFiy3WxkwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAkc5++
-vmqCTlTzfNHL0cV24M8FR9Xl/4UOqbxl/pfyXXrGbZleww0B0EPXW5cjRW2Kb3FC
-kLznCyLJQ62pcSSvsQeQGayYmrmDiImmw+sfezrte27RNWqmqxl5w/r0Jte4xszC
-OP6UKrFcr2XXty/koGlgIQtAU0JenKLZuLhW1A==
+MIICazCCAdQCCQC1iOnduwhYbDANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJV
+UzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQKEwZKb3llbnQxEDAO
+BgNVBAsTB05vZGUuanMxDDAKBgNVBAMTA2NhMjEgMB4GCSqGSIb3DQEJARYRcnlA
+dGlueWNsb3Vkcy5vcmcwHhcNMTAxMjA4MDAzNjA1WhcNMTEwMTA3MDAzNjA1WjB6
+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNGMQ8wDQYDVQQK
+EwZKb3llbnQxEDAOBgNVBAsTB05vZGUuanMxDDAKBgNVBAMTA2NhMjEgMB4GCSqG
+SIb3DQEJARYRcnlAdGlueWNsb3Vkcy5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0A
+MIGJAoGBAOptTXfS4+0UDX5n3Yd6Bjy2I7bQ9lhYY4k3kgFiElfNoBUKElEL0V9F
+stOZRTBX2tn2QUkWi5KuMZf0ZddwkR4aSIT86t3JPyTgODbxK16/BbT1jxtoRRyc
+qMkWa5AYERpIPHB4c3IN6maOfRa/LaZMsWDcUfj8s4JoHoo+McFnAgMBAAEwDQYJ
+KoZIhvcNAQEFBQADgYEACPtiQv4M1cNjIsHJsdtLG5Xjpm7JU0ovFOdn0TEDSCqR
+GErBkZk07h2gvJtKtgdAN/9k+YGeKbQSZ2yfNn8IPpBHxPcSH1eUddtMvVlhSzQd
+7DrkY2i5yXRvx13HZFQN1vIi++A6KK731Pjl8XQWfjW6WIAEZj5lR2mWsfU0j7g=
-----END CERTIFICATE-----
-D75C20DD84E71235
+DCD1B1810C36C94E
-----BEGIN ENCRYPTED PRIVATE KEY-----
-MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIH5Qu64G4EEACAggA
-MBQGCCqGSIb3DQMHBAjiP/COBBl6LwSCAoDJ7fSWqLoz0Xv4ASmipwDghszUQDEu
-sJyeehMxRNPNqarbvXPR/6GJtfoOyhcaWiCuRvsISL61B4mw90bbgcksscaXqXGU
-KsR5H10ut3hfFfDxvy2NYPGiowg2Kvfoe+4ENDqYb1ilWs9YaJ0rFcohweHfUNcV
-W5A3WRfZ1zRyfEYlBbCpq45eMkxWCJ2X2YgqaK9itynqYbuBVXgqK+qP6rTSxvDC
-GZ+POdiT0GHcPQ2Z79NIEQI7kyzcQkJ0IzWqgIRNyrmIzBP0Et/zH/Z+Y6/5q+vX
-2fl0ox4IkDiTWVER8lN8E0u5w1pCBD0NFtwqTXC3HMqnYKJDRAaqK0Fad5qVCwZq
-bKjXT7xWB2QqrZ4T3Nf/cLnd/fb1sRE6oYfLG706lY7dYh1RpIITZLavmceMSDfG
-emwaSS4RoTJOpuOufUCrrFHW2EB+BgCADBgS4uD5PsrOvRLUj0CekTkJOJV0RFpY
-K12Pp5wk3y+69IsD2jlUO50Bx2hZz10snvBCbJhLIDf9VSy9pPunOXqsr+i3MY8v
-WdusJYnRxXN6ZbAb4d/Zi3mE3kcTG3YUwAIJiELAhWkZqRpK/O9SMXRb4+EMZ1nT
-LSicMzLfhRdY/IqrV5PGvcmyJUffAD2PF4dXX4cEqyODFBet7/6zIEIhivuEATad
-qNwE32FJxKpULPsLXgzSeIaZn71KrKiHaBIjRdGmfH7txBHIEwIW+fX2LzreZBqP
-LuYPFpTEvDCdJ7mcRLSrSCixyZRAQVqJEXcP2OpTb0lfqPlpE+AoMdpeUEdj9Jci
-ndyjWhrC/2emjHoHb1wrVVv4KdGcyz+uHdgFwXjtKugAYGA1Pb5Hq640
+MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIdtdE3kfiZ4ICAggA
+MBQGCCqGSIb3DQMHBAiAlZcmcpeVhwSCAoAWtsw6WHyob9SSPkfWcXxSZDUwm8l2
+E6xeffCm6vQiSShBDG/pjiTFaCBVQk/85BLBDN787sWB2Nyyr+8iTf8xAO73lny2
+XOiCHn6lPEGcTMa8q6XfjxFL7LZiOefu0UQPn8jGxejhQmH4XPN06pKh8Y5U41A9
+1yGLWUYIVLXZh7ZwGbTeh6XCMA4XgJRgL6usrebTbD6pyct8J46FqedxVPkNHEO6
+mv+U9XmpPT4wAJjSP8NxP4nWJ7NX+48E9lkaUnDCzPXDhZz5PEImrxIrbODqIAyf
+gv5pWL4/n7dLGJOeMaEL+/h2rCvG249e5oPW1F2zuUvAz/hIHA67FlbtsIrpIgW2
+bG20KYVcXcZIhOAA5iTtMImcZkkES3/UswbhEAuybjJGQM11fs4D+/wNc0Em2S1m
+LKgUoLKZs0znvBPIjGmzicut8qg634dyEWunaxJwm7I6QDOcQ/QOKJxGbcxmXYda
+qFYsf5jjIFi6a1nE6O54S5FaHHv7pBNAm9xl2XtbFMzJWOec14TMD8dN/cmZudDg
+Q4KzhKZ761cGbH5izWIJKjzt9dmd1s9wj6hDctJviWbDSRsQTjF2XCPJNup8p+3W
+r8DuJteMEq0Ba+9MQcG/rvH7i0AS5cENDc80hMNHEtyrSKWU2aK59A52ZEewIzQV
+9E0F6FDsFNN/TixHBkEg/dl9oLPDBC8ohK+990TiCBXVhHa7pNW1uNUW9FMmarwf
+qcn8w73gOgQScH7NmhOjNm4b1dlTzndQAA1frQW9bD0PjSUex1+z/e6kfBv+cF/P
+PrFTA7nGoB7cpVHkvA0woIy0vrAp4iOBgfI8xaJg72cZppa9m6D22JW2
-----END ENCRYPTED PRIVATE KEY-----
--- /dev/null
+[ req ]
+default_bits = 1024
+days = 36500
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+prompt = no
+output_password = password
+
+[ req_distinguished_name ]
+C = US
+ST = CA
+L = SF
+O = Joyent
+OU = Node.js
+CN = ca2
+emailAddress = ry@tinyclouds.org
+
+[ req_attributes ]
+challengePassword = A challenge password
+
+++ /dev/null
-# Create Certificate Authority: ca1
-#
-# ('password' is used for the CA password.)
-openssl req -new -x509 -extensions v3_ca -keyout ca1-key.pem -out ca1-cert.pem
-
-# Create Certificate Authority: ca2
-#
-# ('password' is used for the CA password.)
-openssl req -new -x509 -extensions v3_ca -keyout ca2-key.pem -out ca2-cert.pem
-
-
-#
-# agent1 is signed by ca1.
-#
-# Generate new private key
-openssl genrsa -out agent1-key.pem
-# Create a Certificate Signing Request for the key
-openssl req -new -key agent1-key.pem -out agent1-csr.pem
-# Create a Certificate for the agent.
-openssl x509 -req -in agent1-csr.pem -CA ca1-cert.pem -CAkey ca1-key.pem -CAcreateserial -out agent1-cert.pem
-
-
-
-#
-# agent2 has a self signed cert
-#
-# Generate new private key
-openssl genrsa -out agent2-key.pem
-# Create a Certificate Signing Request for the key
-openssl req -new -key agent2-key.pem -out agent2-csr.pem
-# Create a Certificate for the agent.
-openssl x509 -req -in agent2-csr.pem -signkey agent2-key.pem -out agent2-cert.pem
-
-
-
-#
-# agent3 is signed by ca2.
-#
-# Generate new private key
-openssl genrsa -out agent3-key.pem
-# Create a Certificate Signing Request for the key
-openssl req -new -key agent3-key.pem -out agent3-csr.pem
-# Create a Certificate for the agent.
-openssl x509 -req -in agent3-csr.pem -CA ca2-cert.pem -CAkey ca2-key.pem -CAcreateserial -out agent3-cert.pem
-
-
-#### TODO: agent on CRL
-
-
projects / platform / upstream / nodejs.git / commitdiff