ubios-cert
ubios-cert copied to clipboard
FW 3.2.7 breaks custom web certificates
my internal CA is as follows:
Root CA Intermediate CA Router certificate
the router certificate is signed by my intermediate CA.
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
83:a3:ae:9a:21:e4:00:4c:d2:89:5a:99:f9:41:fb:ad
Signature Algorithm: ecdsa-with-SHA256
Issuer: O = PaulGG Intranet, CN = PaulGG Intranet Intermediate CA
Validity
Not Before: Dec 14 12:04:01 2023 GMT
Not After : Dec 15 12:05:01 2023 GMT
Subject: CN = router.paulgg.int
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dc:42:d7:35:b3:dd:5b:96:86:29:4c:64:e7:
32:48:1c:0a:bb:e6:5f:43:ad:63:de:19:12:3e:3f:
a5:52:f3:20:1e:30:23:c4:ac:56:aa:d8:b8:5d:ae:
d8:fe:6b:e8:ce:c5:b6:e6:c8:20:36:e0:98:35:3f:
b5:c3:d3:51:cc:91:ca:1d:38:a7:c8:9c:9e:7b:9a:
5e:41:e1:5b:38:7e:b8:7d:6e:a3:d7:51:11:b9:c7:
1c:be:f7:44:b2:a9:f5:63:1a:f3:43:64:ea:11:f1:
97:4b:6b:a6:e4:95:e1:05:98:45:4f:63:8b:ae:ac:
8d:aa:7d:9b:a5:d8:b8:1d:61:5e:c1:9b:3a:d8:91:
45:57:a0:d6:b7:1c:d4:88:4e:01:e5:c3:61:b4:6d:
68:1d:c8:2c:00:9a:e8:fb:0c:76:f1:f0:b8:d2:22:
3b:35:c8:9c:b9:80:db:7b:d9:ee:b3:af:b0:0d:fc:
70:b8:ef:0b:f6:4c:39:b5:c8:d0:9c:86:b3:71:a1:
a5:42:26:f7:3e:82:4c:23:a0:84:67:f6:0a:a9:34:
eb:ac:f2:f6:bc:a5:f5:6e:1a:34:e8:2a:a6:7e:42:
90:28:b9:db:34:1d:0d:b7:a1:1a:65:d3:61:55:ad:
ec:52:0a:fe:f5:11:41:1d:21:12:25:fc:02:e8:4d:
9d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:58:1E:16:42:18:5A:CF:A5:DA:29:2E:37:50:AF:4E:5D:1B:CE:B9:93
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Subject Key Identifier:
98:41:E0:9B:1A:F8:23:F4:8F:6C:D7:53:37:A4:4E:D6:79:D3:A9:57
X509v3 Subject Alternative Name:
DNS:router.paulgg.int
1.3.6.1.4.1.37476.9000.64.1:
[email protected].+V5B126r4pfQJE_PkrMvSvc_gFds2wEs5EhzVSdSF-dQ
Signature Algorithm: ecdsa-with-SHA256
30:45:02:21:00:be:81:ea:60:62:19:71:3e:0b:54:48:43:79:
56:5f:b5:59:23:dc:21:1b:94:16:07:a6:74:f6:5a:24:ff:af:
43:02:20:25:29:02:8e:64:0f:01:b0:4e:b8:3d:47:8c:c5:b1:
f1:80:46:86:fd:48:55:df:65:fb:af:fb:2e:24:eb:8f:a9
I just checked /etc/ssl/certs and looks like there's some stuff that has been deleted, including my root certificate from the keystore.
When I have some more time I'll play around with this...
Originally posted by @therealpaulgg in https://github.com/alxwolf/ubios-cert/issues/61#issuecomment-1856221243