From ed23e682da05c27adf599a6305a2b5f08678c222 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
Date: Fri, 9 Nov 2018 15:41:54 +0100
Subject: Fix HTTPS Perl tests
* tests/SSLTest.pm: Rename server cert and key file
* tests/Test-https*.px: Fix and remove OpenSSL hard-coding
* tests/certs/create-certs.sh: Script to generate test files
* tests/certs/*-template.txt: GnuTLS template files for certs and crl
* tests/certs/*.pem: Keys, certs, crls
* tests/certs/README: Removed commands, link to create-certs.sh
---
tests/SSLTest.pm | 4 +-
tests/Test-https-badcerts.px | 36 +-----
tests/Test-https-clientcert.px | 36 +-----
tests/Test-https-crl.px | 32 +-----
tests/Test-https-pfs.px | 7 --
tests/Test-https-selfsigned.px | 17 ---
tests/Test-https-tlsv1.px | 7 --
tests/Test-https-tlsv1x.px | 7 --
tests/certs/README | 88 +--------------
tests/certs/client-cert.pem | 27 +++++
tests/certs/client-key.pem | 182 ++++++++++++++++++++++++++++++
tests/certs/client-template.txt | 23 ++++
tests/certs/client.crt | 148 -------------------------
tests/certs/client.key | 51 ---------
tests/certs/create-certs.sh | 28 +++++
tests/certs/expired-template.txt | 20 ++++
tests/certs/expired.crt | 149 -------------------------
tests/certs/expired.key | 51 ---------
tests/certs/expired.pem | 28 +++++
tests/certs/invalid-template.txt | 20 ++++
tests/certs/invalid.crt | 149 -------------------------
tests/certs/invalid.key | 51 ---------
tests/certs/invalid.pem | 28 +++++
tests/certs/revoked-crl.pem | 16 +++
tests/certs/revoked-template.txt | 5 +
tests/certs/revoked.crt | 41 -------
tests/certs/revoked.key | 51 ---------
tests/certs/revokedcrl.pem | 18 ---
tests/certs/server-cert.pem | 47 ++++----
tests/certs/server-key.pem | 196 +++++++++++++++++++++++++++++---
tests/certs/server-template.txt | 23 ++++
tests/certs/server.crt | 27 -----
tests/certs/server.key | 27 -----
tests/certs/test-ca-cert.pem | 52 ++++-----
tests/certs/test-ca-key.pem | 234 ++++++++++++++++++++++++++++++---------
tests/certs/test-ca-template.txt | 20 ++++
36 files changed, 845 insertions(+), 1101 deletions(-)
create mode 100644 tests/certs/client-cert.pem
create mode 100644 tests/certs/client-key.pem
create mode 100644 tests/certs/client-template.txt
delete mode 100644 tests/certs/client.crt
delete mode 100644 tests/certs/client.key
create mode 100755 tests/certs/create-certs.sh
create mode 100644 tests/certs/expired-template.txt
delete mode 100644 tests/certs/expired.crt
delete mode 100644 tests/certs/expired.key
create mode 100644 tests/certs/expired.pem
create mode 100644 tests/certs/invalid-template.txt
delete mode 100644 tests/certs/invalid.crt
delete mode 100644 tests/certs/invalid.key
create mode 100644 tests/certs/invalid.pem
create mode 100644 tests/certs/revoked-crl.pem
create mode 100644 tests/certs/revoked-template.txt
delete mode 100644 tests/certs/revoked.crt
delete mode 100644 tests/certs/revoked.key
delete mode 100644 tests/certs/revokedcrl.pem
create mode 100644 tests/certs/server-template.txt
delete mode 100644 tests/certs/server.crt
delete mode 100644 tests/certs/server.key
create mode 100644 tests/certs/test-ca-template.txt
diff --git a/tests/SSLTest.pm b/tests/SSLTest.pm
index 28ff9dc..60f8188 100644
--- a/tests/SSLTest.pm
+++ b/tests/SSLTest.pm
@@ -18,8 +18,8 @@ if (defined $ENV{srcdir}) {
}
my %ssl_defaults = (
- _certfile => "$srcdir/certs/server.crt",
- _keyfile => "$srcdir/certs/server.key",
+ _certfile => "$srcdir/certs/server-cert.pem",
+ _keyfile => "$srcdir/certs/server-key.pem",
_cafile => "$srcdir/certs/test-ca-cert.pem",
_ciphers => 'ALL',
_lhostname => 'wgettestingserver',
diff --git a/tests/Test-https-badcerts.px b/tests/Test-https-badcerts.px
index 7352203..b6ce3de 100755
--- a/tests/Test-https-badcerts.px
+++ b/tests/Test-https-badcerts.px
@@ -21,13 +21,6 @@ my %urls = (
},
);
-# Skip the test if openssl is not available
-my $ossl = `openssl version`;
-unless ($ossl =~ m/OpenSSL 1/)
-{
- exit 77;
-}
-
my $srcdir;
if (@ARGV) {
$srcdir = shift @ARGV;
@@ -52,22 +45,11 @@ unless (inet_ntoa($addr) =~ "127.0.0.1")
exit 77;
}
-my $caconf = "$srcdir/certs/rootca.conf";
my $cacrt = "$srcdir/certs/test-ca-cert.pem";
-my $cakey = "$srcdir/certs/test-ca-key.pem";
# Use expired server certificate
-my $servercrt = "$srcdir/certs/expired.crt";
-my $serverkey = "$srcdir/certs/expired.key";
-
-my $servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ;
- openssl rsa -noout -modulus -in $serverkey | openssl md5) |
- uniq | wc -l`;
-# Check if certificate and key are made correctly.
-unless(-e $servercrt && -e $serverkey && $servercheck == 1)
-{
- exit 77; # skip
-}
+my $servercrt = "$srcdir/certs/expired.pem";
+my $serverkey = "$srcdir/certs/server-key.pem";
# Try Wget using SSL with expired cert. Expect Failure.
my $port = 30443;
@@ -99,18 +81,8 @@ if ($sslsock->run() == 0)
print "Test successful.\n";
# Use certificate that is not yet valid
-$servercrt = "$srcdir/certs/invalid.crt";
-$serverkey = "$srcdir/certs/invalid.key";
-
-$servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ;
- openssl rsa -noout -modulus -in $serverkey | openssl md5) |
- uniq | wc -l`;
-# Check if certificate and key are made correctly.
-unless(-e $servercrt && -e $serverkey && $servercheck == 1)
-{
- exit 77; # skip
-}
-
+$servercrt = "$srcdir/certs/invalid.pem";
+$serverkey = "$srcdir/certs/server-key.pem";
# Retry the test with --no-check-certificate. expect success
$port = 20443;
diff --git a/tests/Test-https-clientcert.px b/tests/Test-https-clientcert.px
index e788058..e2a4188 100755
--- a/tests/Test-https-clientcert.px
+++ b/tests/Test-https-clientcert.px
@@ -20,13 +20,6 @@ my %urls = (
},
);
-# Skip the test if openssl is not available
-my $ossl = `openssl version`;
-unless ($ossl =~ m/OpenSSL 1/)
-{
- exit 77;
-}
-
my $srcdir;
if (@ARGV) {
$srcdir = shift @ARGV;
@@ -52,34 +45,15 @@ unless (inet_ntoa($addr) =~ "127.0.0.1")
}
my $cacrt = "$srcdir/certs/test-ca-cert.pem";
-my $cakey = "$srcdir/certs/test-ca-key.pem";
+#my $cakey = "$srcdir/certs/test-ca-key.pem";
# Prepare server certificate
-my $servercrt = "$srcdir/certs/server.crt";
-my $serverkey = "$srcdir/certs/server.key";
-
-my $servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ;
- openssl rsa -noout -modulus -in $serverkey | openssl md5) |
- uniq | wc -l`;
-# Check if certificate and key are made correctly.
-unless(-e $servercrt && -e $serverkey && $servercheck == 1)
-{
- exit 77; # skip
-}
+my $servercrt = "$srcdir/certs/server-cert.pem";
+my $serverkey = "$srcdir/certs/server-key.pem";
# Use client certificate
-my $clientcert = "$srcdir/certs/client.crt";
-my $clientkey = "$srcdir/certs/client.key";
-
-my $clientcheck=`(openssl x509 -noout -modulus -in $clientcert | openssl md5 ;
- openssl rsa -noout -modulus -in $clientkey | openssl md5) |
- uniq | wc -l`;
-
-# Check if client certificate and key are made correctly.
-unless(-e $clientcert && -e $clientkey && $clientcheck == 1)
-{
- exit 77; # skip
-}
+my $clientcert = "$srcdir/certs/client-cert.pem";
+my $clientkey = "$srcdir/certs/client-key.pem";
# Try Wget using SSL with mismatched client cert & key . Expect error
my $port = 21443;
diff --git a/tests/Test-https-crl.px b/tests/Test-https-crl.px
index 20f3da9..329f035 100755
--- a/tests/Test-https-crl.px
+++ b/tests/Test-https-crl.px
@@ -20,13 +20,6 @@ my %urls = (
},
);
-# Skip the test if openssl is not available
-my $ossl = `openssl version`;
-unless ($ossl =~ m/OpenSSL 1/)
-{
- exit 77;
-}
-
my $srcdir;
if (@ARGV) {
$srcdir = shift @ARGV;
@@ -52,20 +45,10 @@ unless (inet_ntoa($addr) =~ "127.0.0.1")
}
my $cacrt = "$srcdir/certs/test-ca-cert.pem";
-my $cakey = "$srcdir/certs/test-ca-key.pem";
# Use a revoked certificate
-my $servercrt = "$srcdir/certs/server.crt";
-my $serverkey = "$srcdir/certs/server.key";
-
-my $servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ;
- openssl rsa -noout -modulus -in $serverkey | openssl md5) |
- uniq | wc -l`;
-# Check if certificate and key are correct.
-unless(-e $servercrt && -e $serverkey && $servercheck == 1)
-{
- exit 77; # skip
-}
+my $servercrt = "$srcdir/certs/server-cert.pem";
+my $serverkey = "$srcdir/certs/server-key.pem";
# Try Wget using SSL first without --no-check-certificate. Expect Success.
my $port = 32443;
@@ -96,16 +79,7 @@ if ($sslsock->run() != 0)
}
# Revoke the certificate
-my $crlfile = "$srcdir/certs/revokedcrl.pem";
-
-# Check if CRL file is generated.
-unless(-e $crlfile)
-{
- exit 77; # skip
-}
-
-# To read a CRL file use the following command:
-# openssl crl -text -in $srcdir/certs/root.crl.pem
+my $crlfile = "$srcdir/certs/revoked-crl.pem";
# Retry the test with CRL. Expect Failure.
$port = 23443;
diff --git a/tests/Test-https-pfs.px b/tests/Test-https-pfs.px
index bbe8652..bc140eb 100755
--- a/tests/Test-https-pfs.px
+++ b/tests/Test-https-pfs.px
@@ -20,13 +20,6 @@ my %urls = (
},
);
-# Skip the test if openssl is not available
-my $ossl = `openssl version`;
-unless ($ossl =~ m/OpenSSL 1/)
-{
- exit 77;
-}
-
my $srcdir;
if (@ARGV) {
$srcdir = shift @ARGV;
diff --git a/tests/Test-https-selfsigned.px b/tests/Test-https-selfsigned.px
index 08f6dcb..330f648 100755
--- a/tests/Test-https-selfsigned.px
+++ b/tests/Test-https-selfsigned.px
@@ -20,13 +20,6 @@ my %urls = (
},
);
-# Skip the test if openssl is not available
-my $ossl = `openssl version`;
-unless ($ossl =~ m/OpenSSL 1/)
-{
- exit 77;
-}
-
my $srcdir;
if (@ARGV) {
$srcdir = shift @ARGV;
@@ -55,16 +48,6 @@ unless (inet_ntoa($addr) =~ "127.0.0.1")
my $certfile="$srcdir/certs/selfsigned.crt";
my $keyfile="$srcdir/certs/selfsigned.key";
-my $sscheck=`(openssl x509 -noout -modulus -in $certfile | openssl md5 ;
- openssl rsa -noout -modulus -in $keyfile | openssl md5) |
- uniq|wc -l`;
-
-# Check if Self signed certificate and key are made correctly.
-unless(-e $certfile && -e $keyfile && $sscheck == 1)
-{
- exit 77; # skip
-}
-
# Try Wget using SSL first without --no-check-certificate. expect error
my $port = 26443;
my $cmdline = $WgetTest::WGETPATH . " --ca-certificate=$srcdir/certs/test-ca-cert.pem".
diff --git a/tests/Test-https-tlsv1.px b/tests/Test-https-tlsv1.px
index a3d36e4..e148a13 100755
--- a/tests/Test-https-tlsv1.px
+++ b/tests/Test-https-tlsv1.px
@@ -20,13 +20,6 @@ my %urls = (
},
);
-# Skip the test if openssl is not available
-my $ossl = `openssl version`;
-unless ($ossl =~ m/OpenSSL 1/)
-{
- exit 77;
-}
-
my $srcdir;
if (@ARGV) {
$srcdir = shift @ARGV;
diff --git a/tests/Test-https-tlsv1x.px b/tests/Test-https-tlsv1x.px
index 1284576..7fbfcac 100755
--- a/tests/Test-https-tlsv1x.px
+++ b/tests/Test-https-tlsv1x.px
@@ -21,13 +21,6 @@ my %urls = (
},
);
-# Skip the test if openssl is not available
-my $ossl = `openssl version`;
-unless ($ossl =~ m/OpenSSL 1/)
-{
- exit 77;
-}
-
my $srcdir;
if (@ARGV) {
$srcdir = shift @ARGV;
diff --git a/tests/certs/README b/tests/certs/README
index 963a762..bf77991 100644
--- a/tests/certs/README
+++ b/tests/certs/README
@@ -1,87 +1 @@
-# create a CA certificate
-$certtool --generate-privkey --outfile test-ca-key.pem
-$certtool --generate-self-signed --load-privkey test-ca-key.pem --outfile test-ca-cert.pem
-
-Common name: Wget
-UID:
-Organizational unit name: Wget
-Organization name: GNU Wget
-Locality name:
-State or province name:
-Country name (2 chars):
-Enter the subject's domain component (DC):
-This field should not be used in new certificates.
-E-mail:
-Enter the certificate's serial number in decimal (default: 6080487640893163573):
-
-Activation/Expiration time.
-The certificate will expire in (days): -1
-
-Extensions.
-Does the certificate belong to an authority? (y/N): y
-Path length constraint (decimal, -1 for no constraint):
-Is this a TLS web client certificate? (y/N):
-Will the certificate be used for IPsec IKE operations? (y/N):
-Is this a TLS web server certificate? (y/N):
-Enter a dnsName of the subject of the certificate:
-Enter a URI of the subject of the certificate:
-Enter the IP address of the subject of the certificate:
-Enter the e-mail of the subject of the certificate:
-Will the certificate be used to sign other certificates? (y/N): y
-Will the certificate be used to sign CRLs? (y/N): y
-Will the certificate be used to sign code? (y/N):
-Will the certificate be used to sign OCSP requests? (y/N): y
-Will the certificate be used for time stamping? (y/N):
-Enter the URI of the CRL distribution point:
-
-
-# generate a server certificate
-$ certtool --generate-privkey --outfile server.key --rsa
-$ certtool --generate-certificate --load-privkey server.key --outfile server.crt --load-ca-certificate test-ca-cert.pem --load-ca-privkey test-ca-key.pem
-
-Please enter the details of the certificate's distinguished name. Just press enter to ignore a field.
-Common name: WgetTestingServer
-UID:
-Organizational unit name: Wget
-Organization name: GNU Wget
-Locality name:
-State or province name:
-Country name (2 chars):
-Enter the subject's domain component (DC):
-This field should not be used in new certificates.
-E-mail:
-Enter the certificate's serial number in decimal (default: 6552424755099978648):
-
-
-Activation/Expiration time.
-The certificate will expire in (days): -1
-
-
-Extensions.
-Does the certificate belong to an authority? (y/N):
-Is this a TLS web client certificate? (y/N):
-Will the certificate be used for IPsec IKE operations? (y/N):
-Is this a TLS web server certificate? (y/N): y
-Enter a dnsName of the subject of the certificate: 127.0.0.1
-Enter a dnsName of the subject of the certificate: ::1
-Enter a dnsName of the subject of the certificate: localhost
-Enter a dnsName of the subject of the certificate: WgetTestingServer
-Enter a dnsName of the subject of the certificate:
-Enter a URI of the subject of the certificate:
-Enter the IP address of the subject of the certificate:
-Will the certificate be used for signing (DHE ciphersuites)? (Y/n):
-Will the certificate be used for encryption (RSA ciphersuites)? (Y/n):
-Will the certificate be used to sign OCSP requests? (y/N):
-Will the certificate be used to sign code? (y/N):
-Will the certificate be used for time stamping? (y/N):
-Will the certificate be used for email protection? (y/N):
-
-
-# create a CRL for the server certificate:
-$ certtool --generate-crl --load-ca-privkey test-ca-key.pem --load-ca-certificate test-ca-cert.pem --load-certificate server.crt --outfile revokedcrl.pem
-
-Generating a signed CRL...
-Update times.
-The certificate will expire in (days): -1
-CRL Number (default: 6552487324127713992):
-
+If ever needed, 'create-certs.sh' generates all keys, certs and crls.
diff --git a/tests/certs/client-cert.pem b/tests/certs/client-cert.pem
new file mode 100644
index 0000000..b82364b
--- /dev/null
+++ b/tests/certs/client-cert.pem
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEojCCAwqgAwIBAgIMW+WWpC75FINCVgviMA0GCSqGSIb3DQEBCwUAMFIxDTAL
+BgNVBAMTBFdnZXQxDTALBgNVBAsTBFdnZXQxDDAKBgNVBAoTA0dOVTERMA8GA1UE
+CBMIU3Vuc2hpbmUxETAPBgNVBAYTCEZyZWVsYW5kMCAXDTE4MTEwOTE0MTYwNFoY
+Dzk5OTkxMjMxMjM1OTU5WjBSMQ0wCwYDVQQDEwRXZ2V0MQ0wCwYDVQQLEwRXZ2V0
+MQwwCgYDVQQKEwNHTlUxETAPBgNVBAgTCFN1bnNoaW5lMREwDwYDVQQGEwhGcmVl
+bGFuZDCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAM9Y7Xzh1QnHbO1q
+7kc/4mK0xhsldkMMD4Zg15dXUww6w1wso4gUv7F3IbJywyd6nTK+5rt+mMPiQaGI
+3pFGS3o2/AvFemrbyw9unifeAWEvioHH0Hsfxk2+M1sToWAgHwSCzEkYt9Vs/LIe
+efQxFTJPsEw4B3Sk+iySZPujsOP6he5kHKSw4QHHJqM4sbaOE3XejFb/IX/eOkH6
++VvW5o0fILIyw0eTFs5sGf6dBj0DMdSyHzo8v3svjSLil5ryE97CYlSHQJLCGKUm
+BVMBhyhBGCzCmL2TdfMy7JY6t+9nvpmpPJ4QEyHMIvnebKFGTpDn+9niJDj6ZWcb
+P2m0yRMB7a6kWAFP8Fk9dCLP0FZQz+qJH/JkKRt7+Kjs5ZMtLJor1UlSJpBVouyz
+Ig0nf1qy92Uv3QoOCqCU3yIxsa3MsV32RSO0S6Ii3MlpF/3Wufgmdd7vRRgsHnq5
+WD9fdNPRxUPin7SmJMJQg4SY4XBPBHNEKVp8d2OlpTw3miZZAQIDAQABo3YwdDAM
+BgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdDwEB/wQFAwMH
+oAAwHQYDVR0OBBYEFG1jBA//1vnWiPseRPqA50QHSGbpMB8GA1UdIwQYMBaAFJ4O
+WyKM+9KPJ1PV1goMyw1ZD2SYMA0GCSqGSIb3DQEBCwUAA4IBgQBovKzuJjbQD7Mk
+GOKj9HQhJeGEvn6MEi1c0o3KWgOm8D2PA78Uq++JJKBxowD7WSCmSNVDltJzDWQO
+FFpIiWkvaOH11JeXhmf4kYsRsSRVlgUEj5SEqZn5lMxX7sIHHr9QmNdFqQgKVM2V
+4qIg233MiOA3RUV6IsP0XgGdhFjqZ61bDyEZ48pdiRhg/iuI0yIiFRnJsthUl3LU
+D0fVgP2/4gTWvUTvVNrR8yH6Ou4bcOovWp+8y5J2KKwMD+6QKKP5DVhZOighdKI+
+v5F3aS1/DbazHs8NFcuuHntDq/gEdjn7IHGcyIhe5NWzExOejTx0yOGX8Q6dTqLw
+UUltfqZk1QsgsBilR9Dk9A7AGy5VonknFvwS+HqUSruR6OwKTsqq6KIlfbpgpkj3
+YiO8BlhhfwG2K9rpdToywZDNS2RKAY1rjjFw3lwiK+qcE6KanJbMKZO9kpstMYlS
+z4E2sTUOL5pfVRPngJrOJwQSUe+JWS55zFpv6bt80VGWNcPkJLY=
+-----END CERTIFICATE-----
diff --git a/tests/certs/client-key.pem b/tests/certs/client-key.pem
new file mode 100644
index 0000000..891082d
--- /dev/null
+++ b/tests/certs/client-key.pem
@@ -0,0 +1,182 @@
+Public Key Info:
+ Public Key Algorithm: RSA
+ Key Security Level: High (3072 bits)
+
+modulus:
+ 00:cf:58:ed:7c:e1:d5:09:c7:6c:ed:6a:ee:47:3f:e2
+ 62:b4:c6:1b:25:76:43:0c:0f:86:60:d7:97:57:53:0c
+ 3a:c3:5c:2c:a3:88:14:bf:b1:77:21:b2:72:c3:27:7a
+ 9d:32:be:e6:bb:7e:98:c3:e2:41:a1:88:de:91:46:4b
+ 7a:36:fc:0b:c5:7a:6a:db:cb:0f:6e:9e:27:de:01:61
+ 2f:8a:81:c7:d0:7b:1f:c6:4d:be:33:5b:13:a1:60:20
+ 1f:04:82:cc:49:18:b7:d5:6c:fc:b2:1e:79:f4:31:15
+ 32:4f:b0:4c:38:07:74:a4:fa:2c:92:64:fb:a3:b0:e3
+ fa:85:ee:64:1c:a4:b0:e1:01:c7:26:a3:38:b1:b6:8e
+ 13:75:de:8c:56:ff:21:7f:de:3a:41:fa:f9:5b:d6:e6
+ 8d:1f:20:b2:32:c3:47:93:16:ce:6c:19:fe:9d:06:3d
+ 03:31:d4:b2:1f:3a:3c:bf:7b:2f:8d:22:e2:97:9a:f2
+ 13:de:c2:62:54:87:40:92:c2:18:a5:26:05:53:01:87
+ 28:41:18:2c:c2:98:bd:93:75:f3:32:ec:96:3a:b7:ef
+ 67:be:99:a9:3c:9e:10:13:21:cc:22:f9:de:6c:a1:46
+ 4e:90:e7:fb:d9:e2:24:38:fa:65:67:1b:3f:69:b4:c9
+ 13:01:ed:ae:a4:58:01:4f:f0:59:3d:74:22:cf:d0:56
+ 50:cf:ea:89:1f:f2:64:29:1b:7b:f8:a8:ec:e5:93:2d
+ 2c:9a:2b:d5:49:52:26:90:55:a2:ec:b3:22:0d:27:7f
+ 5a:b2:f7:65:2f:dd:0a:0e:0a:a0:94:df:22:31:b1:ad
+ cc:b1:5d:f6:45:23:b4:4b:a2:22:dc:c9:69:17:fd:d6
+ b9:f8:26:75:de:ef:45:18:2c:1e:7a:b9:58:3f:5f:74
+ d3:d1:c5:43:e2:9f:b4:a6:24:c2:50:83:84:98:e1:70
+ 4f:04:73:44:29:5a:7c:77:63:a5:a5:3c:37:9a:26:59
+ 01:
+
+public exponent:
+ 01:00:01:
+
+private exponent:
+ 15:5e:52:cb:45:f2:d0:99:2e:ce:a0:f0:81:83:41:ef
+ 6e:35:e4:62:4d:f7:c6:ec:6a:aa:dc:4d:0a:80:d2:87
+ d3:ce:52:03:60:68:d3:00:95:08:71:fd:85:c3:31:cd
+ b5:87:1a:fc:43:a5:b6:ba:40:8d:47:2f:b8:c5:07:ce
+ 46:90:5f:1e:30:e9:86:51:3c:fb:e7:6c:b0:62:70:03
+ 98:40:9b:b9:0e:97:4d:b6:81:5d:85:8b:56:5c:33:b3
+ 3e:a1:c4:2f:dc:4e:45:be:7f:a4:53:a3:b9:d8:bd:18
+ 7c:41:ec:f8:f1:3b:c2:2c:ce:1f:20:2d:16:c7:8a:17
+ 2d:6a:4e:02:ed:ae:14:e2:3c:05:ed:58:50:68:41:e8
+ 1b:83:9d:ee:f1:48:20:87:64:75:9c:49:ca:7f:31:2f
+ 65:ff:d6:9d:88:a6:7d:b0:22:01:de:03:f1:66:cd:2e
+ e1:19:cc:69:8f:74:e7:3e:e8:bd:a0:d4:bd:4f:08:97
+ 77:f8:13:76:1c:c6:2e:2b:3d:93:f0:78:1b:f6:ff:c7
+ 2f:59:8c:57:46:63:93:00:6f:c8:6e:5d:61:7e:f2:78
+ 1a:de:42:2b:61:0c:77:33:a9:ca:57:1b:fa:57:fb:a1
+ 11:fc:62:d1:6d:0b:b4:88:17:4b:b6:df:22:72:52:f0
+ 29:fe:57:07:ed:ab:b3:b1:ce:94:aa:ed:7e:55:56:e2
+ 1c:5b:cd:ce:bd:92:30:a0:29:af:45:13:28:1d:4d:0e
+ 6b:2e:8c:30:04:55:70:d0:af:a0:69:63:38:1b:24:7a
+ 02:e7:7e:a9:05:ee:82:01:23:7c:9d:4a:ef:16:8f:82
+ e5:e3:c8:0e:4e:9b:d0:58:66:9d:3a:e7:f3:68:68:0d
+ 57:f4:a0:26:b0:84:fa:61:60:3b:3c:a7:aa:15:67:7a
+ 5c:dc:ca:9a:18:fc:c3:a9:be:ff:f5:a5:58:9f:75:d4
+ 93:08:f8:23:fd:6e:25:05:23:b6:e2:29:f5:74:d7:81
+
+
+prime1:
+ 00:d3:13:55:70:ff:9d:91:c0:9f:6e:0b:2b:dc:b7:87
+ 94:30:56:4d:01:0d:dc:48:db:39:7d:ec:45:b8:e8:65
+ 76:1c:6c:04:25:f4:42:d0:9b:98:a9:ea:c4:45:05:e9
+ 6f:7e:14:91:76:d5:3a:23:50:e6:77:d3:78:7d:0d:eb
+ b8:f2:bf:b8:14:61:e1:94:f2:1b:f7:cc:67:9b:7b:2c
+ ea:c6:06:fc:b6:9c:ac:c0:4f:be:2e:49:d7:eb:6a:58
+ 4b:16:b5:36:d2:68:06:40:69:6d:3a:71:3e:ec:0d:ac
+ 40:b2:14:ce:09:3e:64:a8:8e:dc:77:ad:c6:b4:6f:7c
+ 69:ab:22:5a:06:fa:8c:b7:37:c2:ed:bd:40:14:98:83
+ 23:50:cd:0d:49:4b:48:70:c5:57:7f:0f:01:ae:5c:6a
+ 98:08:19:56:cc:02:87:d8:d5:17:77:00:67:9e:4d:8d
+ a5:a5:84:d7:31:78:a7:ca:3d:82:0d:d2:c5:48:33:b6
+ d9:
+
+prime2:
+ 00:fb:7a:76:40:d6:d8:08:74:ef:e2:59:d7:da:8a:24
+ 08:d7:57:fb:c5:fc:c9:21:d1:e2:14:48:f1:d4:5a:1d
+ 80:06:27:63:ae:4e:89:40:65:91:04:bc:b0:1f:1e:34
+ e1:96:fa:59:90:9d:96:42:17:b9:c4:ab:a8:8d:3b:3d
+ fc:b4:a5:9f:9a:04:63:c0:d9:4f:99:70:c3:df:da:28
+ 21:76:4b:c6:d6:85:36:4d:7d:f3:a2:8b:42:df:00:d6
+ 41:8d:48:18:f2:75:c8:7b:f6:33:13:c8:4e:91:21:3b
+ 4a:d8:b9:e6:0b:d6:61:c7:70:7d:78:a9:87:4a:90:19
+ 87:34:fa:df:8e:56:dc:92:0e:b0:13:60:90:7a:52:c6
+ 37:d1:a6:93:71:00:1a:dd:e4:ab:5d:b9:d8:2b:16:3c
+ 59:cb:5f:14:04:f7:6d:ab:06:f1:83:4b:92:b2:61:00
+ 73:d1:7e:2f:d4:e0:28:6d:0b:1f:b9:74:2d:e1:7e:ea
+ 69:
+
+coefficient:
+ 00:c0:04:52:12:3b:e6:a3:0a:1a:95:d7:ad:7b:97:af
+ 68:4e:ee:38:4e:88:c3:45:05:d5:bd:5d:69:70:d3:20
+ 90:cd:d3:d9:c3:49:ff:84:dd:36:c0:a0:6b:73:11:f0
+ cb:55:6b:e2:11:76:7c:a3:4a:7e:9c:ac:0f:c9:aa:85
+ 2e:95:f0:cc:07:20:b2:1f:54:2c:e8:20:a6:98:ac:e1
+ 44:ec:e0:00:eb:aa:21:48:bb:45:45:39:6e:66:0c:91
+ 29:32:25:83:f9:c6:34:d1:1b:b2:ac:49:ef:00:c6:19
+ e2:d6:72:50:f8:ac:ff:2c:90:35:0f:1c:ec:35:fe:de
+ 3a:65:12:a0:3e:bd:94:c5:29:95:dd:0d:0e:4d:94:61
+ ff:c3:68:01:6a:89:3c:03:fe:3e:31:80:3a:30:31:9b
+ 01:0f:30:30:97:48:fe:e7:fa:b2:da:02:e1:37:ca:18
+ 34:a3:f8:4d:e8:ac:1b:a0:bb:e2:5d:73:3f:7d:81:79
+ d6:
+
+exp1:
+ 00:98:4f:7c:39:25:0a:d3:d1:16:7a:76:ef:38:be:ea
+ c3:a1:39:b5:29:4c:92:27:b4:a1:c0:df:0c:d4:c8:45
+ e6:bb:cd:aa:14:a5:34:cd:89:69:d9:3b:02:53:f8:57
+ 21:4f:ee:91:a5:19:6a:71:6f:80:4e:f9:37:19:ae:40
+ e9:dd:a9:40:b0:dc:8c:c6:49:0a:ab:7e:41:49:2d:d2
+ 14:bb:be:f0:fe:e9:01:b3:68:17:89:19:5a:08:93:5d
+ 91:19:9a:bc:2b:8a:4a:f0:91:e2:f2:e8:23:0a:7d:37
+ 4e:1b:f2:ed:56:38:42:b4:6b:1a:65:f5:ec:cb:e9:22
+ f2:b1:3e:01:8e:c5:9f:62:da:86:fb:bc:b3:8f:e9:19
+ c0:13:1f:54:36:0e:70:00:88:36:82:06:17:25:75:a4
+ a9:7e:36:a2:ae:66:29:16:eb:75:9a:36:9d:8e:da:d1
+ 9a:b5:5c:ad:58:12:83:a9:69:46:fe:a8:98:19:68:cf
+ c9:
+
+exp2:
+ 00:cd:0f:4e:de:10:52:98:92:c2:09:10:b9:b2:ba:72
+ 27:c3:71:3b:1c:76:c4:8b:8f:59:8a:b0:f0:80:f7:fa
+ 96:2a:6e:74:19:ee:70:7c:d2:55:2e:47:ae:55:b1:8b
+ ed:67:ef:3c:99:6f:e6:d6:7e:02:3d:1c:bc:94:6d:7a
+ 5e:55:ef:b7:f5:1f:1f:38:61:fb:46:63:6d:55:5b:ce
+ dd:7a:58:d0:0a:9d:15:6a:9b:09:cf:c1:3f:06:18:e8
+ 9d:0b:57:7f:00:36:8b:04:89:fd:9c:63:f9:ac:de:2c
+ 3b:1b:fe:7a:57:ac:b8:8e:a8:6b:a7:b8:95:59:77:a7
+ 59:59:1a:38:b1:18:a3:43:76:36:9d:96:60:39:5e:c5
+ c3:3e:71:56:49:0e:8c:d9:e3:5c:d9:50:71:b4:b0:ad
+ 05:8b:90:3c:02:d0:bf:dc:76:0c:f9:c2:e6:1c:0e:7d
+ 0f:f4:03:b1:7d:24:4b:d2:9e:ff:7f:79:fc:ef:a3:4e
+ 01:
+
+
+Public Key PIN:
+ pin-sha256:WiIaPbDgZ234tiqBvORGWeUdOMl96+Vkd/bTbTgWXPU=
+Public Key ID:
+ sha256:5a221a3db0e0676df8b62a81bce44659e51d38c97debe56477f6d36d38165cf5
+ sha1:6d63040fffd6f9d688fb1e44fa80e744074866e9
+
+-----BEGIN RSA PRIVATE KEY-----
+MIIG5QIBAAKCAYEAz1jtfOHVCcds7WruRz/iYrTGGyV2QwwPhmDXl1dTDDrDXCyj
+iBS/sXchsnLDJ3qdMr7mu36Yw+JBoYjekUZLejb8C8V6atvLD26eJ94BYS+KgcfQ
+ex/GTb4zWxOhYCAfBILMSRi31Wz8sh559DEVMk+wTDgHdKT6LJJk+6Ow4/qF7mQc
+pLDhAccmozixto4Tdd6MVv8hf946Qfr5W9bmjR8gsjLDR5MWzmwZ/p0GPQMx1LIf
+Ojy/ey+NIuKXmvIT3sJiVIdAksIYpSYFUwGHKEEYLMKYvZN18zLsljq372e+mak8
+nhATIcwi+d5soUZOkOf72eIkOPplZxs/abTJEwHtrqRYAU/wWT10Is/QVlDP6okf
+8mQpG3v4qOzlky0smivVSVImkFWi7LMiDSd/WrL3ZS/dCg4KoJTfIjGxrcyxXfZF
+I7RLoiLcyWkX/da5+CZ13u9FGCweerlYP19009HFQ+KftKYkwlCDhJjhcE8Ec0Qp
+Wnx3Y6WlPDeaJlkBAgMBAAECggGAFV5Sy0Xy0JkuzqDwgYNB72415GJN98bsaqrc
+TQqA0ofTzlIDYGjTAJUIcf2FwzHNtYca/EOltrpAjUcvuMUHzkaQXx4w6YZRPPvn
+bLBicAOYQJu5DpdNtoFdhYtWXDOzPqHEL9xORb5/pFOjudi9GHxB7PjxO8Iszh8g
+LRbHihctak4C7a4U4jwF7VhQaEHoG4Od7vFIIIdkdZxJyn8xL2X/1p2Ipn2wIgHe
+A/FmzS7hGcxpj3TnPui9oNS9TwiXd/gTdhzGLis9k/B4G/b/xy9ZjFdGY5MAb8hu
+XWF+8nga3kIrYQx3M6nKVxv6V/uhEfxi0W0LtIgXS7bfInJS8Cn+Vwftq7OxzpSq
+7X5VVuIcW83OvZIwoCmvRRMoHU0Oay6MMARVcNCvoGljOBskegLnfqkF7oIBI3yd
+Su8Wj4Ll48gOTpvQWGadOufzaGgNV/SgJrCE+mFgOzynqhVnelzcypoY/MOpvv/1
+pVifddSTCPgj/W4lBSO24in1dNeBAoHBANMTVXD/nZHAn24LK9y3h5QwVk0BDdxI
+2zl97EW46GV2HGwEJfRC0JuYqerERQXpb34UkXbVOiNQ5nfTeH0N67jyv7gUYeGU
+8hv3zGebeyzqxgb8tpyswE++LknX62pYSxa1NtJoBkBpbTpxPuwNrECyFM4JPmSo
+jtx3rca0b3xpqyJaBvqMtzfC7b1AFJiDI1DNDUlLSHDFV38PAa5capgIGVbMAofY
+1Rd3AGeeTY2lpYTXMXinyj2CDdLFSDO22QKBwQD7enZA1tgIdO/iWdfaiiQI11f7
+xfzJIdHiFEjx1FodgAYnY65OiUBlkQS8sB8eNOGW+lmQnZZCF7nEq6iNOz38tKWf
+mgRjwNlPmXDD39ooIXZLxtaFNk1986KLQt8A1kGNSBjydch79jMTyE6RITtK2Lnm
+C9Zhx3B9eKmHSpAZhzT6345W3JIOsBNgkHpSxjfRppNxABrd5KtdudgrFjxZy18U
+BPdtqwbxg0uSsmEAc9F+L9TgKG0LH7l0LeF+6mkCgcEAmE98OSUK09EWenbvOL7q
+w6E5tSlMkie0ocDfDNTIRea7zaoUpTTNiWnZOwJT+FchT+6RpRlqcW+ATvk3Ga5A
+6d2pQLDcjMZJCqt+QUkt0hS7vvD+6QGzaBeJGVoIk12RGZq8K4pK8JHi8ugjCn03
+Thvy7VY4QrRrGmX17MvpIvKxPgGOxZ9i2ob7vLOP6RnAEx9UNg5wAIg2ggYXJXWk
+qX42oq5mKRbrdZo2nY7a0Zq1XK1YEoOpaUb+qJgZaM/JAoHBAM0PTt4QUpiSwgkQ
+ubK6cifDcTscdsSLj1mKsPCA9/qWKm50Ge5wfNJVLkeuVbGL7WfvPJlv5tZ+Aj0c
+vJRtel5V77f1Hx84YftGY21VW87deljQCp0VapsJz8E/BhjonQtXfwA2iwSJ/Zxj
++azeLDsb/npXrLiOqGunuJVZd6dZWRo4sRijQ3Y2nZZgOV7Fwz5xVkkOjNnjXNlQ
+cbSwrQWLkDwC0L/cdgz5wuYcDn0P9AOxfSRL0p7/f3n876NOAQKBwQDABFISO+aj
+ChqV1617l69oTu44TojDRQXVvV1pcNMgkM3T2cNJ/4TdNsCga3MR8MtVa+IRdnyj
+Sn6crA/JqoUulfDMByCyH1Qs6CCmmKzhROzgAOuqIUi7RUU5bmYMkSkyJYP5xjTR
+G7KsSe8Axhni1nJQ+Kz/LJA1DxzsNf7eOmUSoD69lMUpld0NDk2UYf/DaAFqiTwD
+/j4xgDowMZsBDzAwl0j+5/qy2gLhN8oYNKP4TeisG6C74l1zP32BedY=
+-----END RSA PRIVATE KEY-----
diff --git a/tests/certs/client-template.txt b/tests/certs/client-template.txt
new file mode 100644
index 0000000..092f367
--- /dev/null
+++ b/tests/certs/client-template.txt
@@ -0,0 +1,23 @@
+# Template file to generate server-cert.pem for certtool (GnuTLS)
+# see 'man certtool' for more options
+
+organization = "GNU"
+unit = "Wget"
+# locality =
+state = "Sunshine"
+country = Freeland
+cn = "Wget"
+#uid = "wget"
+#dc = "name"
+#dc = "domain"
+expiration_days = -1
+#dns_name="127.0.0.1"
+#dns_name="::1"
+#dns_name="localhost"
+#dns_name = "WgetTestingServer"
+#ca
+
+# key options
+signing_key
+encryption_key
+tls_www_client
diff --git a/tests/certs/client.crt b/tests/certs/client.crt
deleted file mode 100644
index a2b58a9..0000000
--- a/tests/certs/client.crt
+++ /dev/null
@@ -1,148 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 4386 (0x1122)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=US, ST=CA, L=San Jose, O=Wget Testing Department, OU=Testing, CN=WgetTesting/emailAddress=bugs-wget@gnu.org
- Validity
- Not Before: May 9 21:08:52 2017 GMT
- Not After : May 9 21:08:52 2019 GMT
- Subject: CN=., ST=CA, C=US, O=Client
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- Public-Key: (4096 bit)
- Modulus:
- 00:c8:e0:0f:fd:d5:96:99:1d:f5:8e:4a:d7:84:85:
- fc:48:8b:e4:cf:78:27:22:ea:1b:b4:4e:f0:a2:05:
- 29:78:37:43:42:17:fe:8d:98:4b:4b:8a:f6:b2:92:
- 23:2c:f2:af:c8:9d:36:57:03:90:82:00:02:0c:f8:
- 33:14:f2:5c:5f:cc:8f:f8:14:b5:df:a8:e3:0d:d1:
- bf:5a:f2:8d:24:37:66:1a:31:99:7e:f7:8d:8e:86:
- fd:ea:a6:73:60:84:dc:1c:d9:28:87:92:9f:cf:c4:
- 8e:9f:2b:ce:c3:8a:20:ce:8d:5b:66:fe:78:f1:bd:
- 7b:57:b1:ad:bc:db:8c:0a:a8:92:c1:92:5d:6f:b9:
- 5f:7f:c7:62:4d:59:60:48:8e:1f:a3:02:2f:79:26:
- 68:6f:ed:0a:95:07:c8:e5:9a:93:ba:cb:af:c7:a9:
- 06:a7:99:b4:ce:1f:26:b7:d5:f6:bd:b4:b2:ad:14:
- fe:df:8c:41:94:d4:d2:41:18:43:fe:19:0e:43:67:
- 10:8a:ac:f1:47:1c:5a:71:ed:d7:76:aa:67:81:67:
- 1d:6f:77:db:c1:93:ee:36:ec:34:6f:c8:97:73:57:
- 09:dc:9a:b8:54:35:ae:a3:91:2a:5d:f3:e4:70:77:
- 7c:bc:0d:d8:f5:a2:f0:2d:b2:ba:3e:b6:ce:8a:30:
- 16:ea:6d:20:b8:ac:dd:eb:3c:a5:62:c5:7d:3a:ef:
- df:64:83:a7:ab:a1:c3:65:7a:54:fc:a4:26:0f:64:
- a5:83:ed:29:8f:05:ef:aa:2f:98:af:87:98:87:34:
- a7:31:55:09:75:37:7d:70:c3:44:14:c4:05:b2:f8:
- 6b:6b:25:b4:55:d5:fe:29:3f:ab:f0:d1:e6:3f:dc:
- e9:c6:83:5d:f5:4a:ca:34:e0:3d:52:a4:dd:86:09:
- e5:3e:b3:9e:f3:79:99:af:b1:6b:7e:6e:c8:0d:04:
- 28:fa:38:59:94:71:3c:d2:39:84:a5:56:41:ae:8c:
- 63:2d:5c:9b:79:ce:f0:a6:69:6c:74:b7:36:e9:87:
- 67:ad:5b:61:6f:d2:53:d4:7a:94:e1:26:29:d0:56:
- 02:f5:6e:15:dc:a9:0b:e6:37:2a:32:9c:35:f3:72:
- 2d:3d:e2:d4:25:48:a9:d0:c9:7b:cb:1a:4d:c1:44:
- 5c:57:ab:75:65:ae:06:b2:40:b6:55:a8:2e:fb:fa:
- 6e:0b:75:eb:86:02:ea:63:fe:9a:74:9d:02:4b:60:
- 95:ef:53:04:13:87:07:6a:52:64:ba:e6:40:09:ab:
- a9:50:a3:12:ce:75:51:35:af:37:34:60:6a:e9:d7:
- 3c:00:2b:4a:92:75:48:f3:4a:26:13:08:04:d0:47:
- 05:a1:07
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- 41:CD:E0:FB:C1:87:D6:77:38:B5:A3:94:8A:D0:5B:5C:87:70:32:E9
- X509v3 Authority Key Identifier:
- keyid:17:ED:93:43:8F:A7:A6:00:75:D4:E8:B6:82:0D:88:37:7E:C0:6D:08
-
- X509v3 Key Usage:
- Digital Signature, Key Encipherment, Certificate Sign, CRL Sign
- X509v3 Extended Key Usage:
- TLS Web Server Authentication
- X509v3 CRL Distribution Points:
-
- Full Name:
- URI:http://test.wgettest.org/Bogus.crl
-
- Full Name:
- URI:http://test.wgettest.org/Bogus.crl
-
- X509v3 Subject Alternative Name:
- DNS:WgetTestingServer
- Authority Information Access:
- CA Issuers - URI:http://test.wgettest.com/Bogus.crt
- CA Issuers - URI:http://test.wgettest.com/Bogus.crt
- OCSP - URI:http://test.wgettest.com/ocsp/
- OCSP - URI:http://test.wgettest.com/ocsp/
-
- Signature Algorithm: sha1WithRSAEncryption
- 46:a4:f3:c2:63:cf:c3:76:84:aa:a3:ba:27:32:25:15:54:e6:
- 69:d2:2f:7c:c9:68:88:01:10:8c:0d:4e:f7:3c:cc:e5:7f:e6:
- 87:55:e9:80:69:e0:05:cb:40:84:65:cc:4d:35:f3:a0:6a:95:
- 28:08:cb:95:16:9c:2b:d2:15:5b:d7:43:81:e1:ff:7e:e0:0f:
- d7:25:01:f5:3d:d5:0f:88:15:1b:59:5f:6f:31:75:03:19:2b:
- 24:5a:d4:b4:e8:1a:19:81:c9:c6:b9:e2:b2:cb:dc:fd:b3:fc:
- 18:ec:76:68:2d:9e:78:41:31:0b:c0:f2:ca:70:93:66:6b:97:
- cf:b8:8e:69:3e:86:63:7b:12:40:8f:1b:de:25:2a:a7:97:83:
- 4f:a1:7e:0b:07:15:bb:42:e9:a0:a8:80:17:c2:75:a9:35:e6:
- 57:bf:09:83:71:b5:51:3b:95:37:79:d6:8b:4e:96:86:22:d3:
- 54:53:ac:af:ea:ec:0c:58:4c:18:11:4d:77:35:ae:40:7c:6d:
- 5d:c5:36:46:19:fa:d9:83:76:cf:e6:70:69:3a:32:a3:0c:4f:
- 6f:28:18:0d:6a:d3:47:b4:e8:e3:77:a8:90:0d:74:08:f1:4e:
- 68:45:27:fc:22:57:ad:63:92:7c:fd:bf:44:ad:ec:be:12:42:
- 49:b9:e0:23:2c:95:98:f2:d3:07:a3:00:6a:4f:eb:3d:8b:6d:
- c6:0a:ef:1e:c8:71:1b:d2:3b:2e:81:86:5b:36:05:6a:f4:3f:
- 25:cc:4a:d1:a4:d9:f6:8e:6d:a2:db:54:1e:c5:1b:dd:44:e3:
- fc:0b:8b:8c:84:7d:e0:bf:1b:d4:53:3e:ab:31:fd:f4:25:1f:
- 29:b9:55:f0:92:0e:fe:ab:46:cc:a1:50:96:10:6a:d9:c0:cd:
- 6d:c1:e9:86:77:7e:ef:93:bf:be:03:21:87:d9:dc:36:53:41:
- f6:a6:6c:f2:23:ee:be:34:4a:2e:95:29:09:7d:8f:1a:10:d2:
- ff:a5:6b:26:93:e1:83:da:be:22:fd:7f:14:f2:1c:03:f5:64:
- f8:75:00:f0:da:5e:78:e3:07:90:a0:4a:16:1c:31:70:09:b5:
- 46:4d:71:42:64:19:b0:53:ce:27:f7:9a:34:5d:c4:df:7d:06:
- bf:af:8e:c2:9a:19:c1:f9:90:36:eb:41:0c:2c:3d:51:22:bb:
- 18:eb:ed:0b:5c:92:15:60:79:42:be:c1:f6:f1:46:29:c9:6c:
- 0a:ba:f9:4c:46:44:1e:32:7d:83:df:55:b1:31:1f:c2:db:22:
- a4:bd:2d:79:d1:ca:a1:80:12:ce:5a:26:68:54:8b:d3:f4:8b:
- cf:45:d3:57:92:70:b6:7c
------BEGIN CERTIFICATE-----
-MIIHDjCCBPagAwIBAgICESIwDQYJKoZIhvcNAQEFBQAwgZkxCzAJBgNVBAYTAlVT
-MQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU2FuIEpvc2UxIDAeBgNVBAoMF1dnZXQg
-VGVzdGluZyBEZXBhcnRtZW50MRAwDgYDVQQLDAdUZXN0aW5nMRQwEgYDVQQDDAtX
-Z2V0VGVzdGluZzEgMB4GCSqGSIb3DQEJARYRYnVncy13Z2V0QGdudS5vcmcwHhcN
-MTcwNTA5MjEwODUyWhcNMTkwNTA5MjEwODUyWjA3MQowCAYDVQQDDAEuMQswCQYD
-VQQIDAJDQTELMAkGA1UEBhMCVVMxDzANBgNVBAoMBkNsaWVudDCCAiIwDQYJKoZI
-hvcNAQEBBQADggIPADCCAgoCggIBAMjgD/3Vlpkd9Y5K14SF/EiL5M94JyLqG7RO
-8KIFKXg3Q0IX/o2YS0uK9rKSIyzyr8idNlcDkIIAAgz4MxTyXF/Mj/gUtd+o4w3R
-v1ryjSQ3ZhoxmX73jY6G/eqmc2CE3BzZKIeSn8/Ejp8rzsOKIM6NW2b+ePG9e1ex
-rbzbjAqoksGSXW+5X3/HYk1ZYEiOH6MCL3kmaG/tCpUHyOWak7rLr8epBqeZtM4f
-JrfV9r20sq0U/t+MQZTU0kEYQ/4ZDkNnEIqs8UccWnHt13aqZ4FnHW9328GT7jbs
-NG/Il3NXCdyauFQ1rqORKl3z5HB3fLwN2PWi8C2yuj62zoowFuptILis3es8pWLF
-fTrv32SDp6uhw2V6VPykJg9kpYPtKY8F76ovmK+HmIc0pzFVCXU3fXDDRBTEBbL4
-a2sltFXV/ik/q/DR5j/c6caDXfVKyjTgPVKk3YYJ5T6znvN5ma+xa35uyA0EKPo4
-WZRxPNI5hKVWQa6MYy1cm3nO8KZpbHS3NumHZ61bYW/SU9R6lOEmKdBWAvVuFdyp
-C+Y3KjKcNfNyLT3i1CVIqdDJe8saTcFEXFerdWWuBrJAtlWoLvv6bgt164YC6mP+
-mnSdAktgle9TBBOHB2pSZLrmQAmrqVCjEs51UTWvNzRgaunXPAArSpJ1SPNKJhMI
-BNBHBaEHAgMBAAGjggG/MIIBuzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRB
-zeD7wYfWdzi1o5SK0Ftch3Ay6TAfBgNVHSMEGDAWgBQX7ZNDj6emAHXU6LaCDYg3
-fsBtCDALBgNVHQ8EBAMCAaYwEwYDVR0lBAwwCgYIKwYBBQUHAwEwXQYDVR0fBFYw
-VDAooCagJIYiaHR0cDovL3Rlc3Qud2dldHRlc3Qub3JnL0JvZ3VzLmNybDAooCag
-JIYiaHR0cDovL3Rlc3Qud2dldHRlc3Qub3JnL0JvZ3VzLmNybDAcBgNVHREEFTAT
-ghFXZ2V0VGVzdGluZ1NlcnZlcjCByAYIKwYBBQUHAQEEgbswgbgwLgYIKwYBBQUH
-MAKGImh0dHA6Ly90ZXN0LndnZXR0ZXN0LmNvbS9Cb2d1cy5jcnQwLgYIKwYBBQUH
-MAKGImh0dHA6Ly90ZXN0LndnZXR0ZXN0LmNvbS9Cb2d1cy5jcnQwKgYIKwYBBQUH
-MAGGHmh0dHA6Ly90ZXN0LndnZXR0ZXN0LmNvbS9vY3NwLzAqBggrBgEFBQcwAYYe
-aHR0cDovL3Rlc3Qud2dldHRlc3QuY29tL29jc3AvMA0GCSqGSIb3DQEBBQUAA4IC
-AQBGpPPCY8/DdoSqo7onMiUVVOZp0i98yWiIARCMDU73PMzlf+aHVemAaeAFy0CE
-ZcxNNfOgapUoCMuVFpwr0hVb10OB4f9+4A/XJQH1PdUPiBUbWV9vMXUDGSskWtS0
-6BoZgcnGueKyy9z9s/wY7HZoLZ54QTELwPLKcJNma5fPuI5pPoZjexJAjxveJSqn
-l4NPoX4LBxW7QumgqIAXwnWpNeZXvwmDcbVRO5U3edaLTpaGItNUU6yv6uwMWEwY
-EU13Na5AfG1dxTZGGfrZg3bP5nBpOjKjDE9vKBgNatNHtOjjd6iQDXQI8U5oRSf8
-IletY5J8/b9Erey+EkJJueAjLJWY8tMHowBqT+s9i23GCu8eyHEb0jsugYZbNgVq
-9D8lzErRpNn2jm2i21QexRvdROP8C4uMhH3gvxvUUz6rMf30JR8puVXwkg7+q0bM
-oVCWEGrZwM1twemGd37vk7++AyGH2dw2U0H2pmzyI+6+NEoulSkJfY8aENL/pWsm
-k+GD2r4i/X8U8hwD9WT4dQDw2l544weQoEoWHDFwCbVGTXFCZBmwU84n95o0XcTf
-fQa/r47CmhnB+ZA260EMLD1RIrsY6+0LXJIVYHlCvsH28UYpyWwKuvlMRkQeMn2D
-31WxMR/C2yKkvS150cqhgBLOWiZoVIvT9IvPRdNXknC2fA==
------END CERTIFICATE-----
diff --git a/tests/certs/client.key b/tests/certs/client.key
deleted file mode 100644
index 31d556b..0000000
--- a/tests/certs/client.key
+++ /dev/null
@@ -1,51 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIJKQIBAAKCAgEAyOAP/dWWmR31jkrXhIX8SIvkz3gnIuobtE7wogUpeDdDQhf+
-jZhLS4r2spIjLPKvyJ02VwOQggACDPgzFPJcX8yP+BS136jjDdG/WvKNJDdmGjGZ
-fveNjob96qZzYITcHNkoh5Kfz8SOnyvOw4ogzo1bZv548b17V7GtvNuMCqiSwZJd
-b7lff8diTVlgSI4fowIveSZob+0KlQfI5ZqTusuvx6kGp5m0zh8mt9X2vbSyrRT+
-34xBlNTSQRhD/hkOQ2cQiqzxRxxace3XdqpngWcdb3fbwZPuNuw0b8iXc1cJ3Jq4
-VDWuo5EqXfPkcHd8vA3Y9aLwLbK6PrbOijAW6m0guKzd6zylYsV9Ou/fZIOnq6HD
-ZXpU/KQmD2Slg+0pjwXvqi+Yr4eYhzSnMVUJdTd9cMNEFMQFsvhrayW0VdX+KT+r
-8NHmP9zpxoNd9UrKNOA9UqTdhgnlPrOe83mZr7Frfm7IDQQo+jhZlHE80jmEpVZB
-roxjLVybec7wpmlsdLc26YdnrVthb9JT1HqU4SYp0FYC9W4V3KkL5jcqMpw183It
-PeLUJUip0Ml7yxpNwURcV6t1Za4GskC2Vagu+/puC3XrhgLqY/6adJ0CS2CV71ME
-E4cHalJkuuZACaupUKMSznVRNa83NGBq6dc8ACtKknVI80omEwgE0EcFoQcCAwEA
-AQKCAgADk7HVNEt1OIpZ2U1TJ8uhQxR0+U/BGGgb4tf4Gp1tbZZ+A81dmhulIblY
-3q9PqpakvN/t1rtpBTUEJBtMwTAR6KObqErAy9IXOeftZ6pJvc7Mopt4HlJf+lll
-J0egrVz6CoflOiAsY/SiMvaAluIUq4G4KMngjB45JonQdhxdSDksxz1wst1XeiZu
-+Ct1v0oi7fQIdT2g2Ji6pKPYKtN8nQnpRUJAE8WbcgSPe3jkUeZonJoZQvcb/los
-HJGBYdLWMmyh+4hkWsXlh3WxwEENldd5V6oLHWY9hiE86FaCEEe1rO+hWD9e3EPj
-3mbv9cC73IdDgH5EYg1c9oZhAZA23lvH1u8yFpfPAOdvl0X2T6rSmd0zWrrWpKem
-yoghSaW9rpWsM6rwI/B+gZlgwQQHLcRVrNJuXW7kTqRQnD+y9EM8HNddkNjmI6Op
-z135xRR4JNX15b1CCgiVWoHO/o/U/ivMRo4zjaoASxUB50TX9C+HTVY75Sr7tSAb
-v9/+8TWrCWJVXrCg/SddPF1DfBrpSPR77wa/zoD9IY7MHwnrmgdDt5I59Faa0KDF
-F1E0RLsVUUS8byLNcb26KpWUJQRi6ILr8KDQ+iVbk6QE/TqVQ5oxwmaa7dRdAL5s
-ao8gKU8XiGezbXFtN22adTEGIUPBAxGBcuEr8CYqlX1Gz0YvmQKCAQEA6wpdT6OZ
-s4bYuuMJiXxSwSSmXuqslP6JDSWliqznsJJnfn2Dy4+d945DRAE24IDgzJdrPtWv
-MfgRFJOG7Gri+7eVlLR7H+zfKnge/lOsdmVdBCrTiqTNt0XhAKZAEAq9j+4/5GMF
-bj9Mt9LUN12YgmVnWIfLgGDfQA0B5sTUjQwaSImAv4s24MLXW+sE8Jzq+k3C5u44
-oWqmU1LEBGqXVamtlM8xIRKghWVofeAVKjkGdUBrPptIEwYMAWub40Q2I9G7w5cF
-PGSFn51R8ahLOGICE42n3Aus0N6iDsNvDc2EdlR0NIKT0sbkya/sy9jgDLg1UhkG
-LJblXa5OXCDmWwKCAQEA2snBNmRuiczN43VzRgTVS840Ri46Hhx1BGaKRwNmGiTK
-4p/TLSnL1MgjdBLs/M678srxTSCzQX1YuV6G3p708ez+Q1IwHAuWiwBc7bmHHgxj
-v4gimIrPux+cMtOEmyxUL8s9leqZflGqoc3UILNNq9QcrVITcEkwCNqdpDk9vmii
-l54bjwuyad7IyFe7txIzLzNib5bbrK+t/R10RuvHKPaAeLDa1kDvwyOQa5ImRHWt
-yg1Kj63lVBwXJv+K6d+Z/NFMgT7fVJk70j6WcKfEcufyYdKzhkj+ai1wJzeQplu4
-+x2YFS9ygonISPge+55LJ3PCLj0g0MIhPK+BI32nxQKCAQEA4HUDa1x3GeT68G6E
-2xEpDl3rq9U8fwUc6Ls8/dPlZtBJmZhP1oQOfS0Uu8rVF0y8YWVw+46hQnz+AsJo
-JTpmDbDiXiKFOpXBARO5tXM+zco7LBGh91MvSYioOTCLGUbIhL0nsvmFZCV7JElo
-dH8jd9NTAE6eXrkkOkyxtineOdyG9SKrG0DdZYNsmtEz5HxWQjckm9h/qFbrA8OU
-ggsw/pONuwCqkETzmrCfOyZVz/6pVivwvtcX22L48BpNwpmPgmF2iHCehXAR074v
-VTI8s1mVVgr/dLqJjOYvqR2l3m6Xw1EfsE3K0Y0zTBB/eKRiQoNgGEjhho+L9wzQ
-tFaO5QKCAQEAmYvCh5PQZ/FOBXYmIlu9/eeHlEFZFEzQavgzz0a5X1u273lPUYDl
-xj13dDzcCUhlay22T3TFmQ6JN/75FD/mk+rJPyHtFaGkU4U7srLj+tijIIZAEWJK
-C39RtfHwPJ7NroUqgY4VjyttXwT+/LwZpJ/GSHUzozgZ9/zFab2qcXkpstKJcMi6
-u8ZYjxHTcdXaCiQ7zyjGntjkeKE1O5i5OyxUWV91FayZGBBbiMMXDDCyePz++PsH
-2RGlxf7N1PjSLzYMRSCEx/CKpTC7j/CN1D6oQrMGvxV3R7j/3uYGJFp25fWNCEE2
-Uhq0b1GDHP+oqtV4z86iux+jB937+ZZ0KQKCAQBetr8pywp3jftYVhGU9+VZxYc/
-2vM5+WEdOqJAoHwXed5AMHReycKUmbDilWbswXyiBDGmIokoMKP09JMXfCbHMTkX
-LZCsxFGUpzAGg7sHI1NLTqWGU+fOmtzg7SJ77tZqJj1zzmgLX54oQ9qx53V6StWV
-Zw7YxkRbnLQ+LZU0HyYb11v5oh1CnWUoGINMkV6Bhv+jPCzUP/vs4/JgOFqhwjlN
-GVX0ewFGykinTK34ia9TI1Updgb3FWt3i9+twwAis1nnnuHt19tdi22BPwAuyFPx
-hsf5t4Kcm8xibjeHzQMLqP4v2arW09zsg5kDTQHoQDcUajJ+cdbpY2PeosfN
------END RSA PRIVATE KEY-----
diff --git a/tests/certs/create-certs.sh b/tests/certs/create-certs.sh
new file mode 100755
index 0000000..8e5f409
--- /dev/null
+++ b/tests/certs/create-certs.sh
@@ -0,0 +1,28 @@
+#!/bin/sh
+
+#create key for CA self-signed certificate
+certtool --generate-privkey --outfile test-ca-key.pem --rsa
+
+#create CA self-signed certificate
+certtool --generate-self-signed --load-privkey test-ca-key.pem --template test-ca-template.txt --outfile test-ca-cert.pem
+
+# create server key
+certtool --generate-privkey --outfile server-key.pem --rsa
+
+# create server certificate
+certtool --generate-certificate --load-privkey server-key.pem --template server-template.txt --outfile server-cert.pem --load-ca-certificate test-ca-cert.pem --load-ca-privkey test-ca-key.pem
+
+# create expired server certificate
+certtool --generate-certificate --load-privkey server-key.pem --template expired-template.txt --outfile expired.pem --load-ca-certificate test-ca-cert.pem --load-ca-privkey test-ca-key.pem
+
+# create not activated server cert
+certtool --generate-certificate --load-privkey server-key.pem --template invalid-template.txt --outfile invalid.pem --load-ca-certificate test-ca-cert.pem --load-ca-privkey test-ca-key.pem
+
+# create client key
+certtool --generate-privkey --outfile client-key.pem --rsa
+
+# create client certificate
+certtool --generate-certificate --load-privkey client-key.pem --template client-template.txt --outfile client-cert.pem --load-ca-certificate test-ca-cert.pem --load-ca-privkey test-ca-key.pem
+
+# create CRL for the server certificate
+certtool --generate-crl --load-ca-privkey test-ca-key.pem --load-ca-certificate test-ca-cert.pem --load-certificate server-cert.pem --outfile revoked-crl.pem --template revoked-template.txt
diff --git a/tests/certs/expired-template.txt b/tests/certs/expired-template.txt
new file mode 100644
index 0000000..ffdef72
--- /dev/null
+++ b/tests/certs/expired-template.txt
@@ -0,0 +1,20 @@
+# Template file to generate expired.pem for certtool (GnuTLS)
+# see 'man certtool' for more options
+
+organization = "GNU"
+unit = "Wget"
+# locality =
+state = "Sunshine"
+country = Freeland
+cn = "WgetTestingServer"
+dns_name = "WgetTestingServer"
+#uid = "wget"
+#dc = "name"
+#dc = "domain"
+activation_date = "2004-02-28 16:21:42"
+expiration_date = "2005-02-28 16:24:41"
+#ca
+
+# key options
+encryption_key
+tls_www_server
diff --git a/tests/certs/expired.crt b/tests/certs/expired.crt
deleted file mode 100644
index b624e77..0000000
--- a/tests/certs/expired.crt
+++ /dev/null
@@ -1,149 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 1 (0x1)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=US, ST=CA, L=San Jose, O=Wget Testing Department, OU=Testing, CN=WgetTesting/emailAddress=bugs-wget@gnu.org
- Validity
- Not Before: May 14 09:05:02 2017 GMT
- Not After : May 8 16:03:42 2017 GMT
- Subject: CN=WgetTestingServer, ST=CA, C=US/emailAddress=ExpiredTester, O=Dis
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- Public-Key: (4096 bit)
- Modulus:
- 00:d8:ed:cc:9c:e5:35:42:f2:1b:d8:30:36:40:a5:
- 01:8e:0f:c2:3c:5b:f0:d1:09:a0:aa:63:07:44:b9:
- 2e:20:20:47:5e:43:f3:bc:3b:df:88:f9:26:e6:07:
- d9:9c:4c:67:53:46:3a:78:c5:0a:90:0c:f2:e9:a1:
- e0:d9:f3:52:bc:51:07:32:ac:9b:d3:ac:f9:25:7d:
- 52:8b:2f:fa:06:6e:2d:c4:d4:2e:c7:38:81:f3:30:
- 4e:b5:d6:7b:2e:fe:4c:12:84:db:f4:7f:22:91:4d:
- 45:37:bb:01:96:61:59:62:af:2e:de:21:70:fa:3e:
- 29:97:9d:3c:bf:41:5c:cd:2a:b4:f7:4f:6f:78:a1:
- b3:d5:79:53:4e:68:7b:cf:0e:78:87:47:9c:3f:3f:
- da:50:27:08:7d:12:c7:e2:da:cc:6f:a4:63:12:ca:
- 28:a0:7d:f8:a8:ac:a3:72:77:ab:18:52:83:b1:2e:
- 44:49:1a:0c:25:bc:21:bd:40:09:96:6b:60:04:e4:
- f2:3f:bc:c4:1e:3c:43:55:1d:fa:40:18:cd:70:91:
- 24:03:1a:b8:95:e0:b2:70:3f:1e:05:a8:21:37:b1:
- d0:ff:54:36:65:9f:a7:ba:2d:c2:ef:e2:a9:a4:c4:
- 72:c5:4c:82:8e:46:3e:b6:d9:aa:62:14:07:1d:53:
- 19:08:9b:88:6d:b9:20:88:7c:bc:89:95:02:d5:54:
- 96:7b:b0:a8:14:fd:30:ce:5f:41:b7:bf:e2:75:9a:
- a3:fa:20:43:2f:c8:80:cd:97:f7:57:37:5d:11:9b:
- fe:bf:aa:56:0e:2f:cd:47:7e:0f:db:2d:f7:71:44:
- c5:21:7d:c6:b3:50:5d:30:b0:4c:54:8f:7e:05:82:
- e6:5e:3b:62:d7:1b:5a:f5:de:57:76:2a:90:b0:d4:
- ec:72:8e:ab:64:f1:6f:12:21:80:7c:64:8a:5c:da:
- c1:86:12:ff:a9:e9:93:2f:2c:70:59:84:a4:5c:13:
- e0:02:d4:9a:72:0e:40:c3:db:99:1b:60:85:c0:94:
- 1d:15:24:5b:8b:f6:6f:2c:d1:b5:95:50:e2:53:76:
- 4f:cf:57:8e:d5:8b:c1:f5:3f:ad:07:aa:7b:84:32:
- dd:32:b5:59:a5:1b:d4:a2:b6:3b:6c:07:cc:4b:e8:
- fc:6a:d8:42:e8:08:dc:f1:f1:91:74:cf:9f:5f:57:
- 6e:ab:93:5b:5e:af:7d:1c:b7:d3:eb:08:4c:a9:a7:
- b5:aa:d6:46:a8:a0:63:68:7b:44:cf:5c:21:42:3c:
- 98:ff:42:31:77:94:4f:85:d2:7a:da:56:b1:c4:3c:
- b9:2d:e9:d6:88:f3:6c:ff:7b:39:19:83:80:ab:31:
- ab:19:6b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- E6:C0:06:2E:89:41:44:32:AE:B6:C5:62:B6:7E:B5:DA:3B:75:D4:04
- X509v3 Authority Key Identifier:
- keyid:17:ED:93:43:8F:A7:A6:00:75:D4:E8:B6:82:0D:88:37:7E:C0:6D:08
-
- X509v3 Key Usage:
- Digital Signature, Key Encipherment, Certificate Sign, CRL Sign
- X509v3 Extended Key Usage:
- TLS Web Server Authentication
- X509v3 CRL Distribution Points:
-
- Full Name:
- URI:http://test.wgettest.org/Bogus.crl
-
- Full Name:
- URI:http://test.wgettest.org/Bogus.crl
-
- X509v3 Subject Alternative Name:
- DNS:WgetTestingServer
- Authority Information Access:
- CA Issuers - URI:http://test.wgettest.com/Bogus.crt
- CA Issuers - URI:http://test.wgettest.com/Bogus.crt
- OCSP - URI:http://test.wgettest.com/ocsp/
- OCSP - URI:http://test.wgettest.com/ocsp/
-
- Signature Algorithm: sha1WithRSAEncryption
- 41:03:d8:91:54:f2:5c:e5:15:80:cd:96:a2:89:94:df:8c:d4:
- ce:99:1a:f6:69:03:1d:aa:a8:3d:7f:8a:65:bd:b2:3a:f0:46:
- 00:6d:c7:cc:7a:18:44:cb:b4:17:f1:40:83:b1:17:90:64:ba:
- 22:2e:18:7e:35:29:20:4c:8f:34:14:86:34:1f:42:6e:a6:e7:
- d7:18:a3:11:77:3d:ec:b1:39:59:7b:12:3f:55:b0:86:4a:9f:
- 6a:1c:b6:9e:03:3d:39:bf:f6:34:f5:d7:6f:44:bd:9a:54:e5:
- f9:d9:14:85:01:d9:3d:0e:18:89:d0:bf:27:df:9a:4f:39:7c:
- ec:46:92:e5:3e:9e:e5:10:4a:ed:03:aa:3b:93:02:e9:f3:18:
- c1:5f:e8:cb:16:e0:54:9f:8b:0a:c9:65:48:32:93:90:91:2e:
- 84:26:14:28:b5:5c:61:38:39:28:3e:8e:74:dd:08:07:67:41:
- 9a:82:67:48:ba:3b:c1:66:76:27:7a:9c:c5:95:45:b5:9c:4d:
- 94:9b:f5:e2:93:39:2c:d8:15:31:27:82:56:9b:1a:73:e5:f2:
- 6a:9a:cd:47:0a:2b:ff:6e:5f:b2:f8:53:4f:fc:c3:1c:b7:25:
- 00:30:77:21:87:9b:88:d4:87:f7:30:79:f7:bd:a2:df:42:c4:
- 95:c4:e3:3c:94:4a:87:96:94:54:de:fe:80:13:e6:ec:37:dd:
- 33:a2:e4:f7:15:e7:a8:08:c6:3d:3b:65:34:96:5f:46:c8:41:
- 7f:ce:c5:ca:3a:44:d2:fb:9c:3c:c7:2c:da:12:b3:1f:62:40:
- 38:12:cb:36:b7:5c:e7:32:5c:e3:2a:af:b5:36:e8:83:d3:8e:
- da:4c:b5:52:5f:f4:d6:54:b7:3b:9d:62:86:5a:26:f1:58:a8:
- 2e:f6:46:9c:6f:98:76:e1:bb:9c:27:73:0f:78:11:60:b9:ac:
- 13:6e:d9:ec:24:5f:64:e9:59:14:36:02:f1:f0:57:97:ce:31:
- 0a:80:1e:d0:c0:c0:77:62:24:c5:d9:61:e9:d9:57:76:64:e1:
- 1c:c7:5a:55:e2:58:ab:2f:58:6f:42:91:03:aa:6f:1c:9b:fc:
- 0a:c5:ee:14:1d:07:a1:b3:ec:97:6f:ac:2f:85:7f:ea:88:18:
- 78:84:ac:af:d8:e9:b7:23:5c:a3:14:ab:8e:ee:95:5b:0d:6c:
- e4:25:be:77:04:59:19:57:1e:f7:e0:5a:f2:fc:33:12:57:28:
- 11:2e:1f:05:6b:43:62:8f:c0:c3:4a:97:f9:6a:73:1d:dd:c0:
- 6f:d4:a2:23:0a:d2:86:68:df:bd:ac:75:61:cf:d8:3f:9a:d1:
- 8e:e9:33:59:bd:13:9a:27
------BEGIN CERTIFICATE-----
-MIIHODCCBSCgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmTELMAkGA1UEBhMCVVMx
-CzAJBgNVBAgMAkNBMREwDwYDVQQHDAhTYW4gSm9zZTEgMB4GA1UECgwXV2dldCBU
-ZXN0aW5nIERlcGFydG1lbnQxEDAOBgNVBAsMB1Rlc3RpbmcxFDASBgNVBAMMC1dn
-ZXRUZXN0aW5nMSAwHgYJKoZIhvcNAQkBFhFidWdzLXdnZXRAZ251Lm9yZzAeFw0x
-NzA1MTQwOTA1MDJaFw0xNzA1MDgxNjAzNDJaMGIxGjAYBgNVBAMMEVdnZXRUZXN0
-aW5nU2VydmVyMQswCQYDVQQIDAJDQTELMAkGA1UEBhMCVVMxHDAaBgkqhkiG9w0B
-CQEWDUV4cGlyZWRUZXN0ZXIxDDAKBgNVBAoMA0RpczCCAiIwDQYJKoZIhvcNAQEB
-BQADggIPADCCAgoCggIBANjtzJzlNULyG9gwNkClAY4Pwjxb8NEJoKpjB0S5LiAg
-R15D87w734j5JuYH2ZxMZ1NGOnjFCpAM8umh4NnzUrxRBzKsm9Os+SV9Uosv+gZu
-LcTULsc4gfMwTrXWey7+TBKE2/R/IpFNRTe7AZZhWWKvLt4hcPo+KZedPL9BXM0q
-tPdPb3ihs9V5U05oe88OeIdHnD8/2lAnCH0Sx+LazG+kYxLKKKB9+Kiso3J3qxhS
-g7EuREkaDCW8Ib1ACZZrYATk8j+8xB48Q1Ud+kAYzXCRJAMauJXgsnA/HgWoITex
-0P9UNmWfp7otwu/iqaTEcsVMgo5GPrbZqmIUBx1TGQibiG25IIh8vImVAtVUlnuw
-qBT9MM5fQbe/4nWao/ogQy/IgM2X91c3XRGb/r+qVg4vzUd+D9st93FExSF9xrNQ
-XTCwTFSPfgWC5l47YtcbWvXeV3YqkLDU7HKOq2TxbxIhgHxkilzawYYS/6npky8s
-cFmEpFwT4ALUmnIOQMPbmRtghcCUHRUkW4v2byzRtZVQ4lN2T89XjtWLwfU/rQeq
-e4Qy3TK1WaUb1KK2O2wHzEvo/GrYQugI3PHxkXTPn19XbquTW16vfRy30+sITKmn
-tarWRqigY2h7RM9cIUI8mP9CMXeUT4XSetpWscQ8uS3p1ojzbP97ORmDgKsxqxlr
-AgMBAAGjggG/MIIBuzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTmwAYuiUFE
-Mq62xWK2frXaO3XUBDAfBgNVHSMEGDAWgBQX7ZNDj6emAHXU6LaCDYg3fsBtCDAL
-BgNVHQ8EBAMCAaYwEwYDVR0lBAwwCgYIKwYBBQUHAwEwXQYDVR0fBFYwVDAooCag
-JIYiaHR0cDovL3Rlc3Qud2dldHRlc3Qub3JnL0JvZ3VzLmNybDAooCagJIYiaHR0
-cDovL3Rlc3Qud2dldHRlc3Qub3JnL0JvZ3VzLmNybDAcBgNVHREEFTATghFXZ2V0
-VGVzdGluZ1NlcnZlcjCByAYIKwYBBQUHAQEEgbswgbgwLgYIKwYBBQUHMAKGImh0
-dHA6Ly90ZXN0LndnZXR0ZXN0LmNvbS9Cb2d1cy5jcnQwLgYIKwYBBQUHMAKGImh0
-dHA6Ly90ZXN0LndnZXR0ZXN0LmNvbS9Cb2d1cy5jcnQwKgYIKwYBBQUHMAGGHmh0
-dHA6Ly90ZXN0LndnZXR0ZXN0LmNvbS9vY3NwLzAqBggrBgEFBQcwAYYeaHR0cDov
-L3Rlc3Qud2dldHRlc3QuY29tL29jc3AvMA0GCSqGSIb3DQEBBQUAA4ICAQBBA9iR
-VPJc5RWAzZaiiZTfjNTOmRr2aQMdqqg9f4plvbI68EYAbcfMehhEy7QX8UCDsReQ
-ZLoiLhh+NSkgTI80FIY0H0JupufXGKMRdz3ssTlZexI/VbCGSp9qHLaeAz05v/Y0
-9ddvRL2aVOX52RSFAdk9DhiJ0L8n35pPOXzsRpLlPp7lEErtA6o7kwLp8xjBX+jL
-FuBUn4sKyWVIMpOQkS6EJhQotVxhODkoPo503QgHZ0GagmdIujvBZnYnepzFlUW1
-nE2Um/Xikzks2BUxJ4JWmxpz5fJqms1HCiv/bl+y+FNP/MMctyUAMHchh5uI1If3
-MHn3vaLfQsSVxOM8lEqHlpRU3v6AE+bsN90zouT3FeeoCMY9O2U0ll9GyEF/zsXK
-OkTS+5w8xyzaErMfYkA4Ess2t1znMlzjKq+1NuiD047aTLVSX/TWVLc7nWKGWibx
-WKgu9kacb5h24bucJ3MPeBFguawTbtnsJF9k6VkUNgLx8FeXzjEKgB7QwMB3YiTF
-2WHp2Vd2ZOEcx1pV4lirL1hvQpEDqm8cm/wKxe4UHQehs+yXb6wvhX/qiBh4hKyv
-2Om3I1yjFKuO7pVbDWzkJb53BFkZVx734Fry/DMSVygRLh8Fa0Nij8DDSpf5anMd
-3cBv1KIjCtKGaN+9rHVhz9g/mtGO6TNZvROaJw==
------END CERTIFICATE-----
diff --git a/tests/certs/expired.key b/tests/certs/expired.key
deleted file mode 100644
index 72951ce..0000000
--- a/tests/certs/expired.key
+++ /dev/null
@@ -1,51 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIJKAIBAAKCAgEA2O3MnOU1QvIb2DA2QKUBjg/CPFvw0QmgqmMHRLkuICBHXkPz
-vDvfiPkm5gfZnExnU0Y6eMUKkAzy6aHg2fNSvFEHMqyb06z5JX1Siy/6Bm4txNQu
-xziB8zBOtdZ7Lv5MEoTb9H8ikU1FN7sBlmFZYq8u3iFw+j4pl508v0FczSq0909v
-eKGz1XlTTmh7zw54h0ecPz/aUCcIfRLH4trMb6RjEsoooH34qKyjcnerGFKDsS5E
-SRoMJbwhvUAJlmtgBOTyP7zEHjxDVR36QBjNcJEkAxq4leCycD8eBaghN7HQ/1Q2
-ZZ+nui3C7+KppMRyxUyCjkY+ttmqYhQHHVMZCJuIbbkgiHy8iZUC1VSWe7CoFP0w
-zl9Bt7/idZqj+iBDL8iAzZf3VzddEZv+v6pWDi/NR34P2y33cUTFIX3Gs1BdMLBM
-VI9+BYLmXjti1xta9d5XdiqQsNTsco6rZPFvEiGAfGSKXNrBhhL/qemTLyxwWYSk
-XBPgAtSacg5Aw9uZG2CFwJQdFSRbi/ZvLNG1lVDiU3ZPz1eO1YvB9T+tB6p7hDLd
-MrVZpRvUorY7bAfMS+j8athC6Ajc8fGRdM+fX1duq5NbXq99HLfT6whMqae1qtZG
-qKBjaHtEz1whQjyY/0Ixd5RPhdJ62laxxDy5LenWiPNs/3s5GYOAqzGrGWsCAwEA
-AQKCAgBPnog5Fc+EsMQThy6Cb42wjIwoBz7OGpCDuTETwjvxwqcvLBWrgvY6mefz
-CfKO8WQDJoWTig6kbHxD0AxtMmetgrf3m27eNGCFqAfB2mwULCBUW+SHbnATyCk7
-iGtSBjf5nBX3GSqg1hGPsO2WOkjKda3oDbIfxu0RHr8LG3xqOUCOfPNW/VK6CXvQ
-DX1Ts+X9EQWCGXeRb6In9dqzosbiOx256cUbkuDPV/3tp4p+tNptD6Q0iIDo4LIp
-efWK5gIqCbX4OtpolonIFeah2/ibVko3cXlKWVxk4mWsgdcfT/57mHcWuZCgPueL
-kE/fj9LoI3rPqWyfRCjLMrqhwrwuxZArvsN56CALrbBRpmJql+JL68bPu3fXBgak
-X457pXZVGj6GNFdv8JMXRMo/oyn/73jJdWt4g83HiXkXlcxuoLwsbiA8hq72DLMn
-dLTVS31Kn3T9RczKSk44xbGSJQUV/s3ErOA378lHJe5wQHk+A0p59fKen7GiT7dj
-4ZOzFy1sJW+DS9rklq6gGupdoHJVhcCLe9ryanb28MidMeWsUMa11OGXCpoRk8Np
-ZY9ASgfW0+o2XUZukL+NpU7/1ihdybr3E5w0N1IFAAvUa+f7A4iKJW65COdB53wz
-jG7zGal2aDqTbC2xLpaUk54Z3sEgpZNW7PqB+O21Yu/ZzC8wkQKCAQEA8MDWS7LF
-MkAppvl3M7ATU2tzq0PisoiUS595Sp+Y3LxB3GHKEQKKeMz2P2mHcg4tzYCg4bvP
-LE0HXizfFNBKwGMyi40+T2fYz+FC8zAYHKbsZQt0O2uvSGcMriZLCWuAEs45U/b0
-N9UN9BuE4yYizmUGYFjYmUMBUB0Oj/nIU8iikdbV3wBoCzuH1sP5f3kIQzAqNJgt
-zci+etMVCPecT8brbLAxKZOEaIX3IAxQu2t2V3geDvukLNECWsVeDAY9DGuL2x3e
-BnS+HGrOYDyAPVjxyzzNkjjzBdCV2ciipxwL2QzKsgVPx8L21RdK8mYEDB0dkv7B
-kTLw8wH4fxMavwKCAQEA5qq264K+QCRBTYtdayoK2qQksWd3U1QynF3zM0XMb8Ip
-J1HnCbzhQ2/ccXKgT9j9KuK+8A4q4Mw+RggwM5QWIfxzD7AjOYPO4G4mCFwwViM7
-H/HbH1WJMHo2LWDEx4/UrphXg2FF2yApX3nCDzNx2cVz39BDyiIKNXs+O8PFoF9N
-7emitJ7U+GV7wLWacMgTz4qvTuNu/dQfoCVzsfEvxYay6sAW2cX0nrwr5/+T7js8
-KrfklAOD5Rd36cLRTB7vUDgYQ39MN9Ab1X1e5kwn2HSLbcBJyUMDfRgnc82MnLKn
-O8CS2AS4j6tyEvRYrAOwqMmcwWnDBJzrfVicThLIVQKCAQBh7P39YmTFcMXAbh4n
-PwpNVxqAYid2mQlAzUgHq20A8+4SFxCa5J6wTiYnWuRF5zCIMza9OqglC9vgWX4P
-uD1/jZnEm5npsILG44hY5IoaNWdYHlWTydRNLeVBfL/uv/QjMhCtb3icsSNw1DS0
-NBHaQ8tZKypHBLMnA/qlY2MxeR1vFqR9hWvMjdVN7P6x8+gBdDjmlbOjzXB1AyC+
-OgExjea6mdwVXjRwU3VWasv3v9kt8OTBEWgQ9p7vjvIXD/6K67/CS57An4Goi2UQ
-TeuXiHMpSL0RKernxZT+NZa7RDQpgAN+b5yo00uVF1lbyVUCHGGoJclUJxVMstOB
-1KJ/AoIBAFCOvmNxvc/Y2ZWjXnTWsgO537a1U88eUK6bgRwe/E7rmEPLLs0P0fwj
-TPGx/prkRUZ8+gIMcJ0ht33tzie1SCWGbQjFkwe7KLzouw+gYqEynKuDY+uFi+wK
-QnGGojKv4K85NRcFGch1av2VIFj+tnw/oUBBE+u8B6S17f4hWRuxLR4xwkkiT26Q
-wq+CvPU2avTIkoESnOi49HKRod47RVvOtx2VCGX15ICrZwoXECrbNSAWKRYoRB/2
-GkLhbwcOprV1YcPw6UV0wMPGjSYQ4rmNukQSK7LGXKmLjfu7hagUHKOZla8rtuk2
-DxjfjThF8aSBBOXncdxikTutfqklliECggEBANGHBID63eBukoc16NOIRenrRNSJ
-Oa2W0VhQ/iI9Di9fjZuQutPq2UqR+N0tW5V7qiGm7vb7lRlrnB/jt3pNqGj3qSdC
-CEp7IEH0kJ/hp9KwA7MxVzmk5hbDbSrtzxYFYjYNEybKndPmKt+J9AZS3u21WGwU
-MaaX2WS2JHLwnSJ0qgp/rg+uoYIXzPLn/1k7H0s8s6lMhY40nZSaxx9dEEe5RWSz
-HY9ajmcRUqEbdFNmu+J9yR5q5mku++CLRGU921XomoIf/R3dBvMFFRtiymiVV0qt
-+fueaAfibaLDFRSutkfLCyOl2EFyvsSk5TJmutAIe8ba5d1CdCkm4w9SsBI=
------END RSA PRIVATE KEY-----
diff --git a/tests/certs/expired.pem b/tests/certs/expired.pem
new file mode 100644
index 0000000..4d62237
--- /dev/null
+++ b/tests/certs/expired.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEzTCCAzWgAwIBAgIMW+WWpBQQ7rn1JYOGMA0GCSqGSIb3DQEBCwUAMFIxDTAL
+BgNVBAMTBFdnZXQxDTALBgNVBAsTBFdnZXQxDDAKBgNVBAoTA0dOVTERMA8GA1UE
+CBMIU3Vuc2hpbmUxETAPBgNVBAYTCEZyZWVsYW5kMB4XDTA0MDIyODE1MjE0MloX
+DTA1MDIyODE1MjQ0MVowXzEaMBgGA1UEAxMRV2dldFRlc3RpbmdTZXJ2ZXIxDTAL
+BgNVBAsTBFdnZXQxDDAKBgNVBAoTA0dOVTERMA8GA1UECBMIU3Vuc2hpbmUxETAP
+BgNVBAYTCEZyZWVsYW5kMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA
+sNRnU60QudO+MD8QbYbKtD09cxTCqT7ozRAk5yt5ETwMlGLHBBsEcFDStuwdgXci
+ddoXXulLEvuHSobTCdR0GK0ifCxDRwddvE2heudxZtp5xKUHEb0LFob7boRt1Emu
+HeXLk9U81oUdDmEEyEW0xmKeaPI4cKJ/n4vczLIpH8+rQD/2AJwWSC+OFnUpt78p
+vQzfObKIakr81ckw0G49A6p9OFO7l28AUzwB7UUpnRKllC44FZ5LvsXdK5SQQ44r
+f4do1PjTflC9L9iccSdqq4z+FCL0rwK3Wpw+Ly5HeBGtsfMk88Eg00KeF9Fym5ho
+bcrky5EPFBLhRJ/k4BGnlGnxboFdKK8Gyna7ivAIhvXJ+9sbnfg7FPQ+MEnpqJzq
+i/ziJzC339ruJqYWted/tGlYbPm8M02MmIejGYnMp85v6tnhkToaDKeElAp7E6wC
++/fl3LQyW9vvWdSiVl29sAG1QlVq2IFfprRkRwy7SwsBPTtgIHwm7JyG2kYA/2vB
+AgMBAAGjgZUwgZIwDAYDVR0TAQH/BAIwADAcBgNVHREEFTATghFXZ2V0VGVzdGlu
+Z1NlcnZlcjATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDByAAMB0G
+A1UdDgQWBBSxiQDjENGd3WwSbMM3SdgZqkgNajAfBgNVHSMEGDAWgBSeDlsijPvS
+jydT1dYKDMsNWQ9kmDANBgkqhkiG9w0BAQsFAAOCAYEAMHNHe6JsrZu3J/6Lw6wL
+wh0U7X+er01qPq4Csp4Zrk66eLWt9475TNXGYzDaOv8Yrczx3Lv+Liny73R4/HLi
+P5lMjXwfijFnj6cCzMziLbpxo11cHj7Km7nDequtiUFt80Ug3PEuYoMkY6HpNMHo
+rh5dgTOHjX1q8j/T6s/b46SKr4nEtdX9IdNvWzdxiLTR2EMH5mE0q3Pu+A25N0GG
+ij+L09Fh+qq3BlhqeRYvROO4LqE5VvbS7cpqXnxL/jSLm87CV2/0z7E1ApWSDDvK
+205ORvoE3oc+gOMbpMbKP4dPbXLves+iTQWabWjlMdleTD2eEE7aewH71r7Y8lEn
+LH/lpxIcteasOUNFxet9nBB26L4yVG29t4dhrwqd/lf8tvLV4h79DGJCESocu3Z/
+xkZIZZLWywGuDxrGSvJrcaA6BlSV/8oiGttyaP4XTQ+K4ZHFMCmC3jceXQFPkatq
+bqeIKABNlxsYVk9vDLiPL+8HbBoN0LtHb+KfORGUc9Qi
+-----END CERTIFICATE-----
diff --git a/tests/certs/invalid-template.txt b/tests/certs/invalid-template.txt
new file mode 100644
index 0000000..9a8d538
--- /dev/null
+++ b/tests/certs/invalid-template.txt
@@ -0,0 +1,20 @@
+# Template file to generate expired.pem for certtool (GnuTLS)
+# see 'man certtool' for more options
+
+organization = "GNU"
+unit = "Wget"
+# locality =
+state = "Sunshine"
+country = Freeland
+cn = "WgetTestingServer"
+dns_name = "WgetTestingServer"
+#uid = "wget"
+#dc = "name"
+#dc = "domain"
+activation_date = "2035-02-28 16:21:42"
+expiration_date = "2005-02-28 16:24:41"
+#ca
+
+# key options
+encryption_key
+tls_www_server
diff --git a/tests/certs/invalid.crt b/tests/certs/invalid.crt
deleted file mode 100644
index 0ab8ff1..0000000
--- a/tests/certs/invalid.crt
+++ /dev/null
@@ -1,149 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 1 (0x1)
- Signature Algorithm: sha1WithRSAEncryption
- Issuer: C=US, ST=CA, L=San Jose, O=Wget Testing Department, OU=Testing, CN=WgetTesting/emailAddress=bugs-wget@gnu.org
- Validity
- Not Before: May 15 15:28:03 2037 GMT
- Not After : May 15 13:28:04 2019 GMT
- Subject: CN=WgetTestingServer, ST=CA, C=US/emailAddress=ServerTester, O=Dis
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- Public-Key: (4096 bit)
- Modulus:
- 00:b4:d4:0b:fe:35:25:05:a2:ec:28:c3:6a:d8:13:
- f7:57:7f:f6:f2:4b:87:64:59:29:cb:81:93:c0:3d:
- f5:2b:30:d4:30:4b:ab:e1:0e:5a:57:e9:ac:d0:ef:
- 62:f6:a3:f2:d7:24:f6:8b:e3:54:98:68:75:bc:f8:
- 34:4c:2f:96:6c:dc:1d:af:72:f9:c6:5a:6e:0f:03:
- 4c:45:ed:0a:17:9b:ba:2e:f3:8d:7d:6e:e9:4b:3d:
- 36:d9:7a:18:2e:24:72:5b:98:84:5b:09:6f:a5:f2:
- 87:b3:0d:d7:93:92:2e:6f:68:4f:db:5d:78:77:c6:
- 63:04:c6:29:67:42:3a:6f:0f:c0:e2:cb:1e:52:f3:
- 11:0b:c3:80:4a:3f:b5:5e:1f:43:0c:04:c4:b4:f1:
- 95:98:e4:b7:b0:4b:14:fe:1c:99:70:f4:1c:91:1e:
- e3:9a:a2:ff:48:54:fa:3d:01:e7:48:6f:0b:3f:4f:
- a5:45:b1:1b:98:0d:57:6f:15:a6:75:bb:45:0a:52:
- 66:e6:1b:77:29:ba:c5:13:41:91:8b:0b:a0:6a:44:
- fa:8e:60:46:8c:c6:43:de:67:46:1d:30:c5:ce:77:
- f2:4a:53:c2:27:85:1f:48:69:c8:27:df:b1:71:09:
- 42:10:2e:7f:b8:fe:85:fe:bd:39:2c:84:2a:10:a5:
- 80:00:79:42:a8:6f:3b:55:08:f2:98:c7:44:e7:a0:
- b4:dc:c5:c1:3e:75:30:cb:a9:7a:44:a8:a1:03:8a:
- 44:cb:dd:04:74:54:91:91:11:2d:32:ce:67:2b:af:
- 23:a9:69:35:39:8c:7e:4a:fe:d9:b4:86:c9:ff:f8:
- 09:86:2b:ad:eb:12:74:2c:6a:25:29:8c:ab:13:68:
- 9a:26:8f:12:2d:ac:36:23:99:91:7f:5f:22:3e:f3:
- 6c:a3:a1:5b:fa:64:da:dd:80:81:8f:8d:36:5b:e7:
- 8f:0a:0f:84:c7:6a:fb:f4:6d:4d:3f:ce:ff:f4:1e:
- c2:62:d7:95:e7:af:f4:57:c2:b8:e4:ba:d2:18:1f:
- 2c:47:ef:6b:b8:7f:e3:92:4d:6d:b2:86:70:fe:fd:
- 54:42:0e:88:cf:9c:02:7d:a5:11:72:ef:6e:63:05:
- 81:1a:00:fc:cb:b7:91:af:3c:7c:53:da:7a:54:d8:
- 3b:98:e7:de:bc:1e:10:7b:fb:60:89:e6:40:13:da:
- da:d7:d6:7c:f6:61:b9:82:33:1c:c6:62:06:6e:ae:
- 5c:99:ab:1d:44:a7:10:7e:03:51:dd:59:97:0a:da:
- ab:c8:85:28:bd:e0:5d:12:5d:aa:02:3c:1d:a6:0e:
- 6e:43:18:b6:ac:4e:7f:f3:4a:2f:67:84:dc:7c:0c:
- c0:9f:bf
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- EA:FC:B3:3E:7E:5E:68:61:80:61:59:4C:D5:B7:A0:9D:1D:86:E5:97
- X509v3 Authority Key Identifier:
- keyid:17:ED:93:43:8F:A7:A6:00:75:D4:E8:B6:82:0D:88:37:7E:C0:6D:08
-
- X509v3 Key Usage:
- Digital Signature, Key Encipherment, Certificate Sign, CRL Sign
- X509v3 Extended Key Usage:
- TLS Web Server Authentication
- X509v3 CRL Distribution Points:
-
- Full Name:
- URI:http://test.wgettest.org/Bogus.crl
-
- Full Name:
- URI:http://test.wgettest.org/Bogus.crl
-
- X509v3 Subject Alternative Name:
- DNS:WgetTestingServer
- Authority Information Access:
- CA Issuers - URI:http://test.wgettest.com/Bogus.crt
- CA Issuers - URI:http://test.wgettest.com/Bogus.crt
- OCSP - URI:http://test.wgettest.com/ocsp/
- OCSP - URI:http://test.wgettest.com/ocsp/
-
- Signature Algorithm: sha1WithRSAEncryption
- 3d:8d:a9:7a:8c:32:7e:7a:9c:c5:d6:14:d4:05:3e:49:50:d3:
- 11:a4:61:df:82:91:c3:87:26:9d:fb:3f:2f:b5:10:86:22:f0:
- 4e:c5:54:6d:09:33:17:3c:0d:aa:87:43:2a:89:62:c6:28:b5:
- 4e:41:17:7d:57:ad:76:f5:3e:c6:e7:b5:3b:21:16:79:7b:a0:
- 42:ee:59:88:16:92:4e:3d:8d:ec:8e:87:07:3b:8a:dd:55:1d:
- 0a:f2:ea:aa:e7:20:6b:0e:4e:f5:33:46:34:16:8c:be:61:b1:
- 6c:47:52:03:cc:df:8a:3e:cd:01:92:6d:1a:39:5a:d0:75:38:
- 71:f2:b2:78:65:26:5c:c9:72:c6:26:dc:09:ee:b6:e8:b5:60:
- d6:e8:09:d0:db:ea:c5:80:8a:86:c0:f9:97:1d:44:94:33:c7:
- 73:39:d0:5e:62:e7:90:d8:1f:23:09:98:18:c6:da:28:b4:30:
- e0:d0:6f:20:a7:a4:06:4e:ee:b4:ef:3e:18:16:0b:f7:46:f0:
- c7:d0:6d:41:1e:cf:c7:08:78:f7:22:b6:a7:c5:40:be:09:61:
- 5a:65:71:c5:37:33:f5:c1:8c:b0:c3:1a:d8:9e:a2:98:71:10:
- a3:39:c5:d2:57:5d:24:62:dc:48:58:2d:1e:f1:29:54:a2:e7:
- dd:86:09:1b:a6:b4:27:27:e1:7f:04:98:92:2e:e1:68:48:51:
- 38:44:59:9a:3e:3d:e9:d1:69:db:eb:4d:27:d6:9f:a4:d0:4a:
- 58:10:ca:b4:60:dc:52:5d:63:a0:73:9c:74:89:aa:92:40:81:
- 91:0a:b1:ad:ea:d2:f6:bf:9c:49:ab:ce:d9:47:ae:86:8f:da:
- 41:ad:ec:0f:2a:cb:f6:ce:0e:67:09:0b:75:60:16:99:cd:4a:
- 2b:d1:b8:be:9b:37:58:4d:78:c5:67:69:5c:c7:48:31:50:83:
- dd:10:40:b7:80:fe:d7:a4:a9:59:32:c4:3c:80:ad:6b:7c:9c:
- 47:14:e8:74:18:e8:f9:ad:b4:dc:e9:f6:38:21:90:0b:58:60:
- 48:a2:95:2b:a1:58:0a:52:5a:ba:5d:8e:4a:96:22:a7:8e:cc:
- f1:db:5e:15:cd:e2:77:db:25:1f:83:ad:d6:10:98:1b:0a:b0:
- 43:23:8c:14:65:72:8e:c4:b8:81:f8:a2:27:55:69:37:e6:fa:
- 4a:74:30:fc:d0:31:e8:9a:67:cf:b0:59:e3:82:92:37:2e:f1:
- 77:7f:ec:41:2d:9c:6e:46:11:65:b7:5f:b6:8b:90:fa:a7:2c:
- 4e:3e:fd:18:c7:5c:6c:b6:f3:f4:07:13:66:48:43:b4:30:ec:
- b6:ca:f1:3d:03:57:c1:38
------BEGIN CERTIFICATE-----
-MIIHNzCCBR+gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmTELMAkGA1UEBhMCVVMx
-CzAJBgNVBAgMAkNBMREwDwYDVQQHDAhTYW4gSm9zZTEgMB4GA1UECgwXV2dldCBU
-ZXN0aW5nIERlcGFydG1lbnQxEDAOBgNVBAsMB1Rlc3RpbmcxFDASBgNVBAMMC1dn
-ZXRUZXN0aW5nMSAwHgYJKoZIhvcNAQkBFhFidWdzLXdnZXRAZ251Lm9yZzAeFw0z
-NzA1MTUxNTI4MDNaFw0xOTA1MTUxMzI4MDRaMGExGjAYBgNVBAMMEVdnZXRUZXN0
-aW5nU2VydmVyMQswCQYDVQQIDAJDQTELMAkGA1UEBhMCVVMxGzAZBgkqhkiG9w0B
-CQEWDFNlcnZlclRlc3RlcjEMMAoGA1UECgwDRGlzMIICIjANBgkqhkiG9w0BAQEF
-AAOCAg8AMIICCgKCAgEAtNQL/jUlBaLsKMNq2BP3V3/28kuHZFkpy4GTwD31KzDU
-MEur4Q5aV+ms0O9i9qPy1yT2i+NUmGh1vPg0TC+WbNwdr3L5xlpuDwNMRe0KF5u6
-LvONfW7pSz022XoYLiRyW5iEWwlvpfKHsw3Xk5Iub2hP2114d8ZjBMYpZ0I6bw/A
-4sseUvMRC8OASj+1Xh9DDATEtPGVmOS3sEsU/hyZcPQckR7jmqL/SFT6PQHnSG8L
-P0+lRbEbmA1XbxWmdbtFClJm5ht3KbrFE0GRiwugakT6jmBGjMZD3mdGHTDFznfy
-SlPCJ4UfSGnIJ9+xcQlCEC5/uP6F/r05LIQqEKWAAHlCqG87VQjymMdE56C03MXB
-PnUwy6l6RKihA4pEy90EdFSRkREtMs5nK68jqWk1OYx+Sv7ZtIbJ//gJhiut6xJ0
-LGolKYyrE2iaJo8SLaw2I5mRf18iPvNso6Fb+mTa3YCBj402W+ePCg+Ex2r79G1N
-P87/9B7CYteV56/0V8K45LrSGB8sR+9ruH/jkk1tsoZw/v1UQg6Iz5wCfaURcu9u
-YwWBGgD8y7eRrzx8U9p6VNg7mOfevB4Qe/tgieZAE9ra19Z89mG5gjMcxmIGbq5c
-masdRKcQfgNR3VmXCtqryIUoveBdEl2qAjwdpg5uQxi2rE5/80ovZ4TcfAzAn78C
-AwEAAaOCAb8wggG7MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOr8sz5+Xmhh
-gGFZTNW3oJ0dhuWXMB8GA1UdIwQYMBaAFBftk0OPp6YAddTotoINiDd+wG0IMAsG
-A1UdDwQEAwIBpjATBgNVHSUEDDAKBggrBgEFBQcDATBdBgNVHR8EVjBUMCigJqAk
-hiJodHRwOi8vdGVzdC53Z2V0dGVzdC5vcmcvQm9ndXMuY3JsMCigJqAkhiJodHRw
-Oi8vdGVzdC53Z2V0dGVzdC5vcmcvQm9ndXMuY3JsMBwGA1UdEQQVMBOCEVdnZXRU
-ZXN0aW5nU2VydmVyMIHIBggrBgEFBQcBAQSBuzCBuDAuBggrBgEFBQcwAoYiaHR0
-cDovL3Rlc3Qud2dldHRlc3QuY29tL0JvZ3VzLmNydDAuBggrBgEFBQcwAoYiaHR0
-cDovL3Rlc3Qud2dldHRlc3QuY29tL0JvZ3VzLmNydDAqBggrBgEFBQcwAYYeaHR0
-cDovL3Rlc3Qud2dldHRlc3QuY29tL29jc3AvMCoGCCsGAQUFBzABhh5odHRwOi8v
-dGVzdC53Z2V0dGVzdC5jb20vb2NzcC8wDQYJKoZIhvcNAQEFBQADggIBAD2NqXqM
-Mn56nMXWFNQFPklQ0xGkYd+CkcOHJp37Py+1EIYi8E7FVG0JMxc8DaqHQyqJYsYo
-tU5BF31XrXb1PsbntTshFnl7oELuWYgWkk49jeyOhwc7it1VHQry6qrnIGsOTvUz
-RjQWjL5hsWxHUgPM34o+zQGSbRo5WtB1OHHysnhlJlzJcsYm3Anutui1YNboCdDb
-6sWAiobA+ZcdRJQzx3M50F5i55DYHyMJmBjG2ii0MODQbyCnpAZO7rTvPhgWC/dG
-8MfQbUEez8cIePcitqfFQL4JYVplccU3M/XBjLDDGtieophxEKM5xdJXXSRi3EhY
-LR7xKVSi592GCRumtCcn4X8EmJIu4WhIUThEWZo+PenRadvrTSfWn6TQSlgQyrRg
-3FJdY6BznHSJqpJAgZEKsa3q0va/nEmrztlHroaP2kGt7A8qy/bODmcJC3VgFpnN
-SivRuL6bN1hNeMVnaVzHSDFQg90QQLeA/tekqVkyxDyArWt8nEcU6HQY6PmttNzp
-9jghkAtYYEiilSuhWApSWrpdjkqWIqeOzPHbXhXN4nfbJR+DrdYQmBsKsEMjjBRl
-co7EuIH4oidVaTfm+kp0MPzQMeiaZ8+wWeOCkjcu8Xd/7EEtnG5GEWW3X7aLkPqn
-LE4+/RjHXGy28/QHE2ZIQ7Qw7LbK8T0DV8E4
------END CERTIFICATE-----
diff --git a/tests/certs/invalid.key b/tests/certs/invalid.key
deleted file mode 100644
index 426a2ef..0000000
--- a/tests/certs/invalid.key
+++ /dev/null
@@ -1,51 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIJKAIBAAKCAgEAtNQL/jUlBaLsKMNq2BP3V3/28kuHZFkpy4GTwD31KzDUMEur
-4Q5aV+ms0O9i9qPy1yT2i+NUmGh1vPg0TC+WbNwdr3L5xlpuDwNMRe0KF5u6LvON
-fW7pSz022XoYLiRyW5iEWwlvpfKHsw3Xk5Iub2hP2114d8ZjBMYpZ0I6bw/A4sse
-UvMRC8OASj+1Xh9DDATEtPGVmOS3sEsU/hyZcPQckR7jmqL/SFT6PQHnSG8LP0+l
-RbEbmA1XbxWmdbtFClJm5ht3KbrFE0GRiwugakT6jmBGjMZD3mdGHTDFznfySlPC
-J4UfSGnIJ9+xcQlCEC5/uP6F/r05LIQqEKWAAHlCqG87VQjymMdE56C03MXBPnUw
-y6l6RKihA4pEy90EdFSRkREtMs5nK68jqWk1OYx+Sv7ZtIbJ//gJhiut6xJ0LGol
-KYyrE2iaJo8SLaw2I5mRf18iPvNso6Fb+mTa3YCBj402W+ePCg+Ex2r79G1NP87/
-9B7CYteV56/0V8K45LrSGB8sR+9ruH/jkk1tsoZw/v1UQg6Iz5wCfaURcu9uYwWB
-GgD8y7eRrzx8U9p6VNg7mOfevB4Qe/tgieZAE9ra19Z89mG5gjMcxmIGbq5cmasd
-RKcQfgNR3VmXCtqryIUoveBdEl2qAjwdpg5uQxi2rE5/80ovZ4TcfAzAn78CAwEA
-AQKCAgAZRMBgR4Di5r9letlFVJTtrz4M4a0LwsHqZDMHXCEUZgBgt1JPYrgRLOAv
-WiRUHtjiY5HoPl4l5gL94xk7xDKbB69GQyTQKPbUNjvEUbllTyeXRAVzj7od/3HY
-tg0G9aTdU9S6+/iUEe4QgVCsmHLQspzmJIufASP5GM/UVBbiSitEBeo44SpyoGEe
-/wQTIP83gLsUJeYntV5NzlAiqlBuzk3noY9gnoJZ0zYcrFVrc8j4keKgeH1IpCSh
-qz7VmNOu+5DReukN9cFwTWtPKNLDxtvUZXO2XEZDn97WWWhqz6wV4tpwt1OFxPJp
-UAL1rruCk1zZtwd2b26738QZC2d1bUdWwFo/d100cihzgvycMNCERne37ZDl4/NA
-izm1nfWraYiFcbAMXLccnt19SWvPo1/UgtHVutOgTuV/dHnLq4iBktUnbiwnHrn6
-aVchQeetKtVYtjDx3ioP1v8vnYtZiKh7TSePVrOZPQah4H3wqCvxawdRFsK4jSXq
-KFtCCDaspFcIcbkPnfRnCnojFnXwso0d0o3g0sY6RIRmkIrdzbFTwtYPTgiTP7A+
-F2LMjvAdkEQFHPop2vtji9tlMdNSK/zlG4M74Vc68IKa5/JtsnN+TjCkVlQ2uwfo
-/NJnGANZZZm3kpS+an7XrwJMo8WqWt35jS9i3mt0/awzTEVAoQKCAQEA4jvWInF/
-PK34RUzrVA4Xc5QCkVqxbcSu6+V2EKKLhS15eqp+jaBhUSL+d8e2oTIYCIEf2YWK
-7lrD424NR/i93TlBVdkg4AjZ6yvjFRqdK6+6NjINvgObkcdDMORrPxE5h2n1LoO0
-efHwRD3Ae1PHOgSPZHNHL75lfH4wzQOmHsBm6Oucu9DBFa8mAhFONrZOSFsD6cbi
-6B0Qdpz/Eb0MrNF8pJA0rupe88Jg1d6/DX24TIUMaKEd3rbqb3YENBw9mPlT1Vr7
-VHvR9oxyZgQ69sx9BblBVilyXoxtZclL1ebx/03zvzZ4v1PgP7x4eW1Upz8QyaBh
-KFed6yrzrJYc5wKCAQEAzJ7VNzxzTMfKgw/Ps3Y10qHTigyZ48y+6tMFGoc5ecul
-8zsElksR35D0wBsJHmoVLs0JFH2vsuWPFqAaS34o3ayaXhMOkD6PuwKN2jJOckxn
-3Urh9dQ5S0j2L4ektRt1dTTJrYDTpMShBEAuYBeDEiuEVYH+ccnPLhL7Tz/Kwfkj
-cfjo1WwmU3JMo3hSuEKRkdchYdS6F9sHeC04qjYzJSyKkvuularZN8alkiR8xJTx
-9iwjst0K9JEgL/pe3KvNx1ukh/jLPB3B6RtUhy5EWlT/IsO2MUyn0GrBRvR+CugF
-LdND4zJQEMy1FRdVjch2HZjOBuNCW5YOjvtb+NVzaQKCAQEAy4UC3Vd3HFJxD37k
-EWjf5gTXzoVlKpeOuP5jGRHxK6y+JQDt+mC2S3SMsZrDi/3xquzmhxvg4Q5cPOQL
-JJz7yOEyCpXbQlAUIsEHdzvK+rsKbKjYvgCm2h0FMB288S6Ar3Y9sEuhdzaUa/+V
-ghzbFDF4AejGuIey6qznH/fRYMa7jXwwMrHYkbZQHfoNf6C/ic3/Fjbqd991qQ8R
-U5bbqTiHxc9I5bZIF0fdL2lEPFHGE2h5wkJ3CZ1KB12G6I4jR9O8fCpuARGm0AKH
-A4l4tf891YFT6rw8fBweajwNce9h8sfgqDrLo2tESHI3ex1E03QjmQ8jeFRh52Zr
-ce5VLwKCAQAxUyBmnkXU/lxM16Tjx90VlzjdEEiQZyymgpO6X1p1h6fLSDDE4fe/
-ArxdCqdaE4xjqb1EmT+fSkMB2zo7dH/5X8AeaU2ba9lN5UG4lWPfnZdz+rcZgT0G
-buIZdwM3PRVFWaI8Fs/t6hA+bBJBy6km2iKeUiW53EH7A0xdQC1qMNpggPXvbJCY
-kPb0eO7HyBQ7Kba8VIE/eucECzKbpVES5vfIkq71GSgfj90dq3oAET96bg108l/P
-sKQnrJztaOTD581zkX+8UBgMTzBDHd4QQGj4QmFK5QWW8gUBS7KOgnutHj5BKEGw
-qwgDu4o+EVKXs9wGQQYf+b4srV7wTtPxAoIBAGnAVJA9pLhXHG0ClgbAyHDyK/uG
-/OSDkfJwLtauYs5ZpLIe0wnNJgDUWs4Sk/1UpedZeg5YuyjGJsBwwOLKmv4Smxgf
-2/j7mEU6otSeIdgGwrWdCGbQij4tWE0g6KehNbovOZm0dpUPw5LZqynWbkioSP/L
-qFSGfxvqdwYM0Oe+GI6gxXA9OU6kzZcXXYiq08eFaRWHcrksGHL84tp4T3OoL/Xq
-EBDHD8byyvCcOTb7aAopAA+XVWZEACeHbAHbyoD8t4aXRVWSddOBix/tM5aSIcvb
-G4I/tnbAb23NFmgLNxsUEg5zE0NklQx6ogt+OdEHmjTbDFCAnPFYEZ3Romc=
------END RSA PRIVATE KEY-----
diff --git a/tests/certs/invalid.pem b/tests/certs/invalid.pem
new file mode 100644
index 0000000..138f816
--- /dev/null
+++ b/tests/certs/invalid.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEzTCCAzWgAwIBAgIMW+WWpBUMPLiaHr/bMA0GCSqGSIb3DQEBCwUAMFIxDTAL
+BgNVBAMTBFdnZXQxDTALBgNVBAsTBFdnZXQxDDAKBgNVBAoTA0dOVTERMA8GA1UE
+CBMIU3Vuc2hpbmUxETAPBgNVBAYTCEZyZWVsYW5kMB4XDTM1MDIyODE1MjE0MloX
+DTA1MDIyODE1MjQ0MVowXzEaMBgGA1UEAxMRV2dldFRlc3RpbmdTZXJ2ZXIxDTAL
+BgNVBAsTBFdnZXQxDDAKBgNVBAoTA0dOVTERMA8GA1UECBMIU3Vuc2hpbmUxETAP
+BgNVBAYTCEZyZWVsYW5kMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA
+sNRnU60QudO+MD8QbYbKtD09cxTCqT7ozRAk5yt5ETwMlGLHBBsEcFDStuwdgXci
+ddoXXulLEvuHSobTCdR0GK0ifCxDRwddvE2heudxZtp5xKUHEb0LFob7boRt1Emu
+HeXLk9U81oUdDmEEyEW0xmKeaPI4cKJ/n4vczLIpH8+rQD/2AJwWSC+OFnUpt78p
+vQzfObKIakr81ckw0G49A6p9OFO7l28AUzwB7UUpnRKllC44FZ5LvsXdK5SQQ44r
+f4do1PjTflC9L9iccSdqq4z+FCL0rwK3Wpw+Ly5HeBGtsfMk88Eg00KeF9Fym5ho
+bcrky5EPFBLhRJ/k4BGnlGnxboFdKK8Gyna7ivAIhvXJ+9sbnfg7FPQ+MEnpqJzq
+i/ziJzC339ruJqYWted/tGlYbPm8M02MmIejGYnMp85v6tnhkToaDKeElAp7E6wC
++/fl3LQyW9vvWdSiVl29sAG1QlVq2IFfprRkRwy7SwsBPTtgIHwm7JyG2kYA/2vB
+AgMBAAGjgZUwgZIwDAYDVR0TAQH/BAIwADAcBgNVHREEFTATghFXZ2V0VGVzdGlu
+Z1NlcnZlcjATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDByAAMB0G
+A1UdDgQWBBSxiQDjENGd3WwSbMM3SdgZqkgNajAfBgNVHSMEGDAWgBSeDlsijPvS
+jydT1dYKDMsNWQ9kmDANBgkqhkiG9w0BAQsFAAOCAYEABiAwqOoIbbA5q3IvEU3X
+qZ9WYemx1AVvUpJY1ft+hYqc6Z/XJfXzHb6xzN6duzpjC5/fER+FTqGk7PpIp17q
+9WAABo+LGM1fEDNvTJ4+v054Yi2qbV151T8xwv5xvMsI6VOx2+fMFBsKYrvoee1i
+NBlyUIoeBjWmauHouXslQY1BKxhNgH7qYVr+LN9cicJEJNgsVcjfGGXOvf8PHMNZ
+YxCEVZDhQ7F7Zqpy+84z8gaEhthZ19tdfuVEW40GX1mOVk6MAWTolKd5EK1CYOS6
+Dtth4yJivopbG4UwMAOQvHq6t1jXAubYXyrVoxMVw0BOCimiGuPWqHYR3rmTgQWS
+ABwsxcc9RtDbF+PcXpqLRSUwTZLjo39xvy2mIAdssE+dKqWPqgIk8+3InJJI/9Fq
+NZaY4p+olmPQUHw8GFrB/jrm8GjGzt0Z+IACcNEr+SD5BSmNKlCe70xyBVfdmwHZ
+o62bYy40zCW8+3lzLQoi+t5PYXIF/ioUJP67EBYkWGf7
+-----END CERTIFICATE-----
diff --git a/tests/certs/revoked-crl.pem b/tests/certs/revoked-crl.pem
new file mode 100644
index 0000000..5b928e2
--- /dev/null
+++ b/tests/certs/revoked-crl.pem
@@ -0,0 +1,16 @@
+-----BEGIN X509 CRL-----
+MIICejCB4wIBATANBgkqhkiG9w0BAQsFADBSMQ0wCwYDVQQDEwRXZ2V0MQ0wCwYD
+VQQLEwRXZ2V0MQwwCgYDVQQKEwNHTlUxETAPBgNVBAgTCFN1bnNoaW5lMREwDwYD
+VQQGEwhGcmVlbGFuZBcNMTgxMTA5MTQxNjA0WhgPOTk5OTEyMzEyMzU5NTlaMB8w
+HQIMW+WWpBMQnOLkjLG8Fw0xODExMDkxNDE2MDRaoDowODAfBgNVHSMEGDAWgBSe
+DlsijPvSjydT1dYKDMsNWQ9kmDAVBgNVHRQEDgIMW+WWpDAhS8Dvbk2wMA0GCSqG
+SIb3DQEBCwUAA4IBgQCNblPk62TVxX2dFmY5IqMGnrBNwIgMehX1q6p5MYEkRGne
+qJ76ZhvNPZMXh+gM5SHzp9zKicRiGQu2RL5lPOJ7FDnmoQrTXxAORFqJUGDa681p
+DMT5bkYkkwNT0+goyinDc+8Zw8DsXPYNO7bi4JcwDtBky5tSt/BPXjfT0Pi5I4Ki
+Gf/sdIIGCYd+s4IlHDtnBn1cz33TDZZ4efEYVKI2uqSihtchDbCLR/TouQB+f9G/
+FL67qeNdE7h+D5MEYyHLwlZ0yMl7Om1kDevKyODWL+wh2+QK8rkdC2YYkDqy20Gc
+jNqUHvGZDGnjh6iwoC2WcStlin45KNaSWEvU9WirYvqxLap4CRDfBXlcI8vuWUZl
+HCovBQBTeuNNVkMShyTWlK82qC3idWWmsGk0UdvUmkR/TOu+RACdeFhyqlu1RXwK
+TC9I7yBCVATs7NGdTCK98PGuqt08IKuqNhZ5qAEk2JR2iF4HoIeIC0hpjJEF3DWi
+PwayMhMirDuyo8yMTHY=
+-----END X509 CRL-----
diff --git a/tests/certs/revoked-template.txt b/tests/certs/revoked-template.txt
new file mode 100644
index 0000000..86cb377
--- /dev/null
+++ b/tests/certs/revoked-template.txt
@@ -0,0 +1,5 @@
+# Template file to generate revoked.crl for certtool (GnuTLS)
+# see 'man certtool' for more options
+
+crl_next_update = -1
+
diff --git a/tests/certs/revoked.crt b/tests/certs/revoked.crt
deleted file mode 100644
index 6884513..0000000
--- a/tests/certs/revoked.crt
+++ /dev/null
@@ -1,41 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIHOTCCBSGgAwIBAgICESUwDQYJKoZIhvcNAQEFBQAwgZkxCzAJBgNVBAYTAlVT
-MQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU2FuIEpvc2UxIDAeBgNVBAoMF1dnZXQg
-VGVzdGluZyBEZXBhcnRtZW50MRAwDgYDVQQLDAdUZXN0aW5nMRQwEgYDVQQDDAtX
-Z2V0VGVzdGluZzEgMB4GCSqGSIb3DQEJARYRYnVncy13Z2V0QGdudS5vcmcwHhcN
-MTcwNTA5MjIzMDE5WhcNMTkwNTA5MjIzMDE5WjBiMRowGAYDVQQDDBFXZ2V0VGVz
-dGluZ1NlcnZlcjELMAkGA1UECAwCQ0ExCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcN
-AQkBFgxzZXJ2ZXJ0ZXN0ZXIxDTALBgNVBAoMBFNlcnYwggIiMA0GCSqGSIb3DQEB
-AQUAA4ICDwAwggIKAoICAQDOQ+DNimL/GtTaZZotU21lLk4tZnbLrgJkBjlIWQvU
-N91vhjrQqJDK7pwojk5kKZ4RL+ZBPdd0dYgXMNaDflv9mlwlzTIwy0nveY7/APML
-R4p+PtbmKVP3YXe8kLmgkJklWntu6iCVhESO8PJ/It2KUS6bgr/M2zXN6HiPlgns
-IyH1Mo+Nxtvs7Hz+Qc+37rctmgtSR25qfQtqK4MmzeAGcMIG3JRlVT6B1cjlOmIJ
-23+KCd24tng3+G0+4u1FnIQS0Z25yrPWSvRSZJE678zQDDxzd6gGsuQbG/fniTIt
-Csj/9SV+6C12ZIl/j5snzdNJtb72s5BlcTVIiTXXwOxx+1/IKvTRCpGUDF+7jLHF
-68jIIzbP7z2lSWJz70MDzZoyT63rgnlakrwwcvWK45cCuyHVrItPDOcPbiVfJYP7
-OSafzC2NqtK+JdY5/RWhEJIgm86nbPvZCIh9xAVpVXg4NXLvPBW+hwN1V5GFY6Pk
-9LG2IYEedUabHtojFC8JK8A+cHFsVn1Kur5Gn1aqp/lYotIKZ1hWryFB6gmOfK6J
-RI1Vrj/j/hSfFY5yZFRcb1qlP1Z1yi6X6WFlIU10JRB9qr1Pc5ohDDN9fwtL/n5b
-gzPP22NsOcIomf5PdPTjmI2JKe2cQRPZkatNoKqFmgPy6gR+jm2auQkKDzXhP18+
-xwIDAQABo4IBvzCCAbswDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUqTa7LrpK
-PiP4/zI29dHqqxgv/SkwHwYDVR0jBBgwFoAUF+2TQ4+npgB11Oi2gg2IN37AbQgw
-CwYDVR0PBAQDAgGmMBMGA1UdJQQMMAoGCCsGAQUFBwMBMF0GA1UdHwRWMFQwKKAm
-oCSGImh0dHA6Ly90ZXN0LndnZXR0ZXN0Lm9yZy9Cb2d1cy5jcmwwKKAmoCSGImh0
-dHA6Ly90ZXN0LndnZXR0ZXN0Lm9yZy9Cb2d1cy5jcmwwHAYDVR0RBBUwE4IRV2dl
-dFRlc3RpbmdTZXJ2ZXIwgcgGCCsGAQUFBwEBBIG7MIG4MC4GCCsGAQUFBzAChiJo
-dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vQm9ndXMuY3J0MC4GCCsGAQUFBzAChiJo
-dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vQm9ndXMuY3J0MCoGCCsGAQUFBzABhh5o
-dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vb2NzcC8wKgYIKwYBBQUHMAGGHmh0dHA6
-Ly90ZXN0LndnZXR0ZXN0LmNvbS9vY3NwLzANBgkqhkiG9w0BAQUFAAOCAgEAPUgd
-LtrK+WYYhSJkvsa7pB6hUmZFMiqs1/uJqz8b8Q6uX33IXyg5zmFU07d3uOrFYSXi
-MFMhpw2A/D+CbPECaPEWGXII8dh9WlomxpjpZABZ/cmeG2SM7BxVwjIjACscXogJ
-A/Gm7I0hhvYSZ/G+kFbYbSf/Pj7Rz/4KW6WSwwQK23ab00MXBM6jWEueAeWebzeW
-rzWgyyy+GiqgLqQAKQrYtD51uF5Co+S0e2wazORLakvdF/USCBQwX+Pla09Wyf+b
-0HBqNjuxQc278/69Xp0mg8k67oUrWt3zgJ8kDhNIGvLnCB+0595G/z+7+mxdEztc
-BavKAMEDWTSCClwxO6lBQR7+oiNWdaaqHP1SS8sckjtt2jTbmjmRzWWkU+xSIlt2
-waIXS/BYRbyhLuWfxivvRjS7eQogeSP0rtZj/upBwM4xKVPF0bal/LMyEfrY3qV5
-8YXXFhnoVr7q3t0YaioIZXY35QcA5aR+P4XyLnzCTVuKUi172BS8KJBXMijEXxta
-rRQxtHLQeYB5eP/MaC2qMJH/OMR3A9Z7sXYbp/YuE+V/MxcGwAoHWKxMeKtdF420
-HGeKfzMla6uJQk26VEFAt+TYV2KUriPWyL/IPDzAjrSPMF9ZDIMhqELjFYCRGPwc
-X6txpIEgZCGdJWK0H3et8ZSe469AED6oqTfn44w=
------END CERTIFICATE-----
diff --git a/tests/certs/revoked.key b/tests/certs/revoked.key
deleted file mode 100644
index 2f41605..0000000
--- a/tests/certs/revoked.key
+++ /dev/null
@@ -1,51 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIJJwIBAAKCAgEAzkPgzYpi/xrU2mWaLVNtZS5OLWZ2y64CZAY5SFkL1Dfdb4Y6
-0KiQyu6cKI5OZCmeES/mQT3XdHWIFzDWg35b/ZpcJc0yMMtJ73mO/wDzC0eKfj7W
-5ilT92F3vJC5oJCZJVp7buoglYREjvDyfyLdilEum4K/zNs1zeh4j5YJ7CMh9TKP
-jcbb7Ox8/kHPt+63LZoLUkduan0LaiuDJs3gBnDCBtyUZVU+gdXI5TpiCdt/ignd
-uLZ4N/htPuLtRZyEEtGducqz1kr0UmSROu/M0Aw8c3eoBrLkGxv354kyLQrI//Ul
-fugtdmSJf4+bJ83TSbW+9rOQZXE1SIk118DscftfyCr00QqRlAxfu4yxxevIyCM2
-z+89pUlic+9DA82aMk+t64J5WpK8MHL1iuOXArsh1ayLTwznD24lXyWD+zkmn8wt
-jarSviXWOf0VoRCSIJvOp2z72QiIfcQFaVV4ODVy7zwVvocDdVeRhWOj5PSxtiGB
-HnVGmx7aIxQvCSvAPnBxbFZ9Srq+Rp9Wqqf5WKLSCmdYVq8hQeoJjnyuiUSNVa4/
-4/4UnxWOcmRUXG9apT9Wdcoul+lhZSFNdCUQfaq9T3OaIQwzfX8LS/5+W4Mzz9tj
-bDnCKJn+T3T045iNiSntnEET2ZGrTaCqhZoD8uoEfo5tmrkJCg814T9fPscCAwEA
-AQKCAgAEWkxZKg1ywrcxMKmzQSpy0ypVLO9e1vo38CWvUCm+vbsPim6dTqFXlvd2
-p6Ih3Pr38+HRCKQOUhigHKi6N6VrUaGWLqFbhD64LgGFghie6VCT33Gbg83Az66+
-LPOt3r9MmX83VPuBDDyCI7WKV0sDizkHkRfJE+srwDcjGJB3CjrCOOHspQCpHEh6
-+RqQEBqPfMu2XcmHt8HQ6MAoxnluyVxe1rLO/KCIDuHhbHz7JkWnvROPvVIGJFjx
-1coaCPaEiyXf8NYgtI45WuPxsXPKBCgWa7UBBy9nHwz5Ntz3NF4PgLXc2rty3yZD
-qd0lVuOZj5tLC3kFmwD72eFn/ys+JtIw9a2wwQ1sGbNa764yY4T3GWLJ6HgHHhPk
-D94PC7wfBFzoZtUoZrE0T4XP8TrM730SERj0HCNfURnYlYR6mqj+0pVTHZaeXEho
-NZdDgdWP0b8v+EZky1L5pgM761GtJ9vKHZMMBj0/hVULIkpVcf5gs5fwGiXzj/o6
-CcSoLP4JvFm8nINH302dBzS0o2bW4fZehvRtiapdu6kXE9k7ZsnpFcvMCxmtHJGd
-p3yRyhqO5CEMVJOVJSpNQqRueyd8X6QRbuFsGG+FcBOTe9DxIcdzKkwHRAo1osRw
-mPF85QzsgF7tWw/AoYzi5FupLud7HUNg4ucQS6NZdKM+DvEzcQKCAQEA7tPxo01m
-z3MAJdHtyG8PE66SNCXBDyoIYhXl1EiYppPn75jjOnaIK0sRSJF9DX6rt+7OX6Jd
-InhqEJKFk22pJ7lcACBZl0Obg9RBTd2hNKWkH5oRvPOHwGC8NF34HDxpgY6utw3Z
-LiLr8nwLZkd7FXGi6GFL0wB2YQhXqn2cJvPSgnNE8HQINU5OHfEMPRhikat8+OoJ
-ZVgm8kQ5N7sy6Up9G2OCF8iV/qkSLYyVATN/5SZmLohSWlSJZIfMJe1tEexSOQEM
-8wQxgBaJNqBXeeEOR7XIrbCcc50ZZ6INzR1Hdakyd27Qi8gOJqCKkAOS8bwlGzMb
-5Na7xm4/GQn5eQKCAQEA3RiO6x66Pmsuz4Q+2+3sZFipX9D1GRnMRVSsgd/HjtZk
-8NkaGXI2NA5GdVXmZrWl/65kAcDsh93+rv1X7hKYkTkpOE+G1Zkj8mLgEN3V0nh9
-WoPcrqthzvRNUUuklJCuxAGA3mgKIUuSW4oBnBgop5EFtz9Y0aai/wP0gdAp4/7S
-CR2g910KgvDtbsAp93hTBrzzu/+Engar5mdZKvqCl7uOxWqSmeaPD1tucraDX0e5
-rd3KE/vXd9RSlcWiJmKkqEiNnsQ2XnwjiE0jJdJdH5z+Vo7OqfexXDsydtFKrmke
-2ZQ+eajLU7iXipiYpM+wWkwGGdUFdJAi+N7T6KUqPwKCAQAe03Zt+JCbmCFdwFHr
-vAH7LV4rou/fUDKSznbCxrgFUDPwphA2PJRo2iCZ+EVm14G8lPNIPsG8sEQobXEW
-TWI3AWLRlVta/dv10RC4xzGGhRbBCXbep6RO/W1taO+cXWPU2CDO+dedb956hu5F
-vlYxt2AqlFxgGMAu2A/QrrPYB0KVmeE9FAz3LGtCzBkjTaFzYeoYisS5sv4b6Rhl
-jCEPIZEyVs602SwbGaGCBZI5/Ha2khVATlIq3Jx7QFfmUVXxqUoXl34fY9wrxzzg
-syN3VMguE1WaraAUACQGT1FutyfBFRyxc7kxQZop/DDGU9/Emd9EOn2QNPM5soMs
-bTApAoIBAAZnMaxphWdNX1uvLsrbxx7Y2n7l5FNHxfy0CRLx0iu21dGL2A+omR1E
-1JGNXVDYLeiLumW6mp8MtNWIjMVeUIDUMPdqhjMlbj8U0fxrEEg6KRc3/moomHqP
-5LVYBXov/n+6s2q9hJ2WPLTd+FH2+SZxMsMt2Hqp4sqT6L7hsnTh6l9NNl4zmZxV
-MeslMZHzMCRf0Ic/TS3ub4gKsjBmdOXEDsx0264NWVNOiJJV6tQVlbENXU7a2lCk
-G4gu4xVNggtFnqRcdl6iJb1KzpvHzd6eg1cqZ53QiJhtNnbudMU8UiJnArAvTUQt
-cmYXKUSMp0TWMs8ItlG74udmPKjeL60CggEAdUp2FbZZEB3/G8tR7Z5slF925zXK
-N8ku/qOUEk3d76kcqYi9XJLmyJAXu9PhQnsN8DpfThOqJUXCh9xtk+1AiHTdXk8m
-BP7RE2oI2aoT9lO0ozwFJBFRRCkd6zTtYJYUbwIk1nayro83xl/AQPF2wRm5unKU
-xl5KJ8I2GCUw4Bh5Gjwk21y6XpPsjO8tfbO5jrAIQVTqab3hAcBouwQNsxNpunJm
-BaP+XYTBNM+HVamwLwDQgtVxPb8WUX8TSTuFv99jpWBYhlhq/OUcbo8f1D7miIFt
-b6UYNl1ofvBtqjlNz3NKJ+S57AN+jcdQfOG8xAiKPWCj1QnVc3aJdr+8bQ==
------END RSA PRIVATE KEY-----
diff --git a/tests/certs/revokedcrl.pem b/tests/certs/revokedcrl.pem
deleted file mode 100644
index e6a1ceb..0000000
--- a/tests/certs/revokedcrl.pem
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN X509 CRL-----
-MIIC0TCBugIBATANBgkqhkiG9w0BAQsFADAxMQ0wCwYDVQQDEwRXZ2V0MQ0wCwYD
-VQQLEwRXZ2V0MREwDwYDVQQKEwhHTlUgV2dldBcNMTgwNTA2MTUxNzE5WhgPOTk5
-OTEyMzEyMzU5NTlaMBswGQIIWu7jmTk1y5gXDTE4MDUwNjE1MTcxOVqgNjA0MB8G
-A1UdIwQYMBaAFH681m4jgi27YaqRhfZ+jeWJEyn/MBEGA1UdFAQKAgha7xyBNeHa
-yDANBgkqhkiG9w0BAQsFAAOCAgEAYLQQbcz/tfEC02QEIWu0S39e4+b+lssOsZ4u
-ljcz0UfavagkLLTiunFQx64no0d+xRzk5c1IZd6HGmf2TokIK0+6bkTJejLLeL7G
-3mmhzbFY8tQYcCEbcJL2fj5jmQAd33nr+wZkajQWLt6PbuGmpLpXz9lG27RKm8xc
-5TD51+5RwwWUrsFLwEt7xnk7737zB4flZmjpvlHvGVDgp81SVndghVvpUcqQSCwq
-XgvgbxYy+f1peHV0matV3it9jmwrCfOBkxD2zOX6UphUn4upXNGuHR0zLN37CINA
-OoYlFtHRsabbW/c2b+qUBBw4OniH7g/HMH3/p8MUrMmInxE1/cZCmTcR+NUyogqo
-VtDFAG8UV9MFyYK6vCfUqgrE3UzSXvKIXoX6DypOb4wgXdHF8dt93yUOSHVynjON
-FbgpHz8XUj6r/o0OcJioACCSv3j34w7Hvwh/8jkHBKucjWly/IpyQjs+qiLbnGmN
-Fqf/kuLKqxrXrkvePyPMts5w+eIXauGy+a5p72H58ZncoV3+w0v3LJpQ0G0lnjnV
-nQGKm1MUAfcDZQr07iEva7DneoMCZIB1CZz1Yfp7/7oY1BRF1KsyknI5Fh+gSiUp
-LdC4ycYcO1RSfPnKx7Hw+VeiFVy2Ka6Yi346zlJMAyFDyxqYG+tbHQLwF3flTtW7
-UYoG2xE=
------END X509 CRL-----
diff --git a/tests/certs/server-cert.pem b/tests/certs/server-cert.pem
index af653c9..0088749 100644
--- a/tests/certs/server-cert.pem
+++ b/tests/certs/server-cert.pem
@@ -1,22 +1,29 @@
-----BEGIN CERTIFICATE-----
-MIIDnDCCAwWgAwIBAgIJAIsoR6UicPPEMA0GCSqGSIb3DQEBBQUAMIGRMQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKU2FudGEgQ2xh
-YTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRQwEgYDVQQDEwtN
-aWNhaCBDb3dhbjEfMB0GCSqGSIb3DQEJARYQbWljYWhAY293YW4ubmFtZTAeFw0w
-ODA0MjIwNTQxNDBaFw0wODA1MjIwNTQxNDBaMIGRMQswCQYDVQQGEwJVUzETMBEG
-A1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKU2FudGEgQ2xhYTEhMB8GA1UEChMY
-SW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRQwEgYDVQQDEwtNaWNhaCBDb3dhbjEf
-MB0GCSqGSIb3DQEJARYQbWljYWhAY293YW4ubmFtZTCBnzANBgkqhkiG9w0BAQEF
-AAOBjQAwgYkCgYEAxgJGqBxMUjykBTWHg0jTAH59WbxV6JLMAirwskri0u9o6m9f
-Xw/ZsteKxmypgvwPcDoqZFWF5TB4sEf2l2m7N++mOLtjS9PLBaE8Y0siF1+EMXrI
-mffet9PeXXceuTMFx6bTzls7EwLMvmvSynwFK1j9EHH0mFA19MkeQwWG5zECAwEA
-AaOB+TCB9jAdBgNVHQ4EFgQU0LEi7ld7tvUls/fmbmn80+b//TAwgcYGA1UdIwSB
-vjCBu4AU0LEi7ld7tvUls/fmbmn80+b//TChgZekgZQwgZExCzAJBgNVBAYTAlVT
-MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpTYW50YSBDbGFhMSEwHwYD
-VQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFDASBgNVBAMTC01pY2FoIENv
-d2FuMR8wHQYJKoZIhvcNAQkBFhBtaWNhaEBjb3dhbi5uYW1lggkAiyhHpSJw88Qw
-DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBOSi75jsItAkhiYW0Up1d8
-OFA1saDlxBDm7ZUQTcfxIQL75iYfxMUEWeWPRLmNId96a1PgMT6U2+vKrnoNj8bu
-R45xNaFPKxOzp7axWSOp9AJcR6neug2v7lKkKOcQ14dFlKH1AoP+fDuvSAZyfMeC
-7fbIfz3XFNxaR4Rd07w/OQ==
+MIIE3TCCA0WgAwIBAgIMW+WWpBMQnOLkjLG8MA0GCSqGSIb3DQEBCwUAMFIxDTAL
+BgNVBAMTBFdnZXQxDTALBgNVBAsTBFdnZXQxDDAKBgNVBAoTA0dOVTERMA8GA1UE
+CBMIU3Vuc2hpbmUxETAPBgNVBAYTCEZyZWVsYW5kMCAXDTE4MTEwOTE0MTYwNFoY
+Dzk5OTkxMjMxMjM1OTU5WjBSMQ0wCwYDVQQDEwRXZ2V0MQ0wCwYDVQQLEwRXZ2V0
+MQwwCgYDVQQKEwNHTlUxETAPBgNVBAgTCFN1bnNoaW5lMREwDwYDVQQGEwhGcmVl
+bGFuZDCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALDUZ1OtELnTvjA/
+EG2GyrQ9PXMUwqk+6M0QJOcreRE8DJRixwQbBHBQ0rbsHYF3InXaF17pSxL7h0qG
+0wnUdBitInwsQ0cHXbxNoXrncWbaecSlBxG9CxaG+26EbdRJrh3ly5PVPNaFHQ5h
+BMhFtMZinmjyOHCif5+L3MyyKR/Pq0A/9gCcFkgvjhZ1Kbe/Kb0M3zmyiGpK/NXJ
+MNBuPQOqfThTu5dvAFM8Ae1FKZ0SpZQuOBWeS77F3SuUkEOOK3+HaNT4035QvS/Y
+nHEnaquM/hQi9K8Ct1qcPi8uR3gRrbHzJPPBINNCnhfRcpuYaG3K5MuRDxQS4USf
+5OARp5Rp8W6BXSivBsp2u4rwCIb1yfvbG534OxT0PjBJ6aic6ov84icwt9/a7iam
+FrXnf7RpWGz5vDNNjJiHoxmJzKfOb+rZ4ZE6GgynhJQKexOsAvv35dy0Mlvb71nU
+olZdvbABtUJVatiBX6a0ZEcMu0sLAT07YCB8JuychtpGAP9rwQIDAQABo4GwMIGt
+MAwGA1UdEwEB/wQCMAAwNwYDVR0RBDAwLoIJMTI3LjAuMC4xggM6OjGCCWxvY2Fs
+aG9zdIIRV2dldFRlc3RpbmdTZXJ2ZXIwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYD
+VR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUsYkA4xDRnd1sEmzDN0nYGapIDWowHwYD
+VR0jBBgwFoAUng5bIoz70o8nU9XWCgzLDVkPZJgwDQYJKoZIhvcNAQELBQADggGB
+AKEexGBDmeETUgumcxjYszaDSX3YdAJiKvmzy/9KVn6riOvmjy5x9ilpdOZ0+JHn
+PQhgjkxFNQsq+G6j5RKQGBBklIz/JaUpCWZWCVbnPEMmdsEMWKwAvRRpSbxRt55w
+UChuprPu1A+RWOqggbkB74GaT8BmMacPIMDKo1frSzPmX1a9xaWgiYQiSatJpOOE
+ElcZd4sN1NyrIYNqIj0krxbQ64O8tMg2pPRtVFq1BQT1Kf5mAxusE+pilStGrGAk
+F9J+lDfwKxuIQ3p0uaR6isLGpEtdEe02+vm1zlYh4ER+7xGOuoXPTIS/foIngih+
+JoM8URUVgwyuhdsh7gPGAv8q5OlL3tmur0TZA6dWYMQKRRnw1oZGsw3/I/o4cfXD
+xHHCBTN+V6/A4ZeRKA8qMcLhfr3QrD7/BStLf4/Ylm3V02ZDniOCxBPxkvhSxwYG
+b/+9mPMDVrF5Ls8V+VwdMnPuDLIv7DfGncDvqJXF+iM/t79lrF2D8DfcIqBkbS3M
+JQ==
-----END CERTIFICATE-----
diff --git a/tests/certs/server-key.pem b/tests/certs/server-key.pem
index f3e6007..4c26c3a 100644
--- a/tests/certs/server-key.pem
+++ b/tests/certs/server-key.pem
@@ -1,18 +1,182 @@
+Public Key Info:
+ Public Key Algorithm: RSA
+ Key Security Level: High (3072 bits)
+
+modulus:
+ 00:b0:d4:67:53:ad:10:b9:d3:be:30:3f:10:6d:86:ca
+ b4:3d:3d:73:14:c2:a9:3e:e8:cd:10:24:e7:2b:79:11
+ 3c:0c:94:62:c7:04:1b:04:70:50:d2:b6:ec:1d:81:77
+ 22:75:da:17:5e:e9:4b:12:fb:87:4a:86:d3:09:d4:74
+ 18:ad:22:7c:2c:43:47:07:5d:bc:4d:a1:7a:e7:71:66
+ da:79:c4:a5:07:11:bd:0b:16:86:fb:6e:84:6d:d4:49
+ ae:1d:e5:cb:93:d5:3c:d6:85:1d:0e:61:04:c8:45:b4
+ c6:62:9e:68:f2:38:70:a2:7f:9f:8b:dc:cc:b2:29:1f
+ cf:ab:40:3f:f6:00:9c:16:48:2f:8e:16:75:29:b7:bf
+ 29:bd:0c:df:39:b2:88:6a:4a:fc:d5:c9:30:d0:6e:3d
+ 03:aa:7d:38:53:bb:97:6f:00:53:3c:01:ed:45:29:9d
+ 12:a5:94:2e:38:15:9e:4b:be:c5:dd:2b:94:90:43:8e
+ 2b:7f:87:68:d4:f8:d3:7e:50:bd:2f:d8:9c:71:27:6a
+ ab:8c:fe:14:22:f4:af:02:b7:5a:9c:3e:2f:2e:47:78
+ 11:ad:b1:f3:24:f3:c1:20:d3:42:9e:17:d1:72:9b:98
+ 68:6d:ca:e4:cb:91:0f:14:12:e1:44:9f:e4:e0:11:a7
+ 94:69:f1:6e:81:5d:28:af:06:ca:76:bb:8a:f0:08:86
+ f5:c9:fb:db:1b:9d:f8:3b:14:f4:3e:30:49:e9:a8:9c
+ ea:8b:fc:e2:27:30:b7:df:da:ee:26:a6:16:b5:e7:7f
+ b4:69:58:6c:f9:bc:33:4d:8c:98:87:a3:19:89:cc:a7
+ ce:6f:ea:d9:e1:91:3a:1a:0c:a7:84:94:0a:7b:13:ac
+ 02:fb:f7:e5:dc:b4:32:5b:db:ef:59:d4:a2:56:5d:bd
+ b0:01:b5:42:55:6a:d8:81:5f:a6:b4:64:47:0c:bb:4b
+ 0b:01:3d:3b:60:20:7c:26:ec:9c:86:da:46:00:ff:6b
+ c1:
+
+public exponent:
+ 01:00:01:
+
+private exponent:
+ 00:80:07:29:50:a2:2b:4c:00:0c:e1:ad:a7:5d:45:8c
+ 99:f7:04:f8:bf:7d:39:40:bd:19:4b:a9:0c:5e:a3:67
+ 61:0c:d2:9a:b9:f1:35:06:7f:b3:64:fc:df:f3:74:fb
+ 26:ce:21:3b:6e:92:86:b2:95:be:9c:ad:05:3b:46:c1
+ 4f:e4:7a:e5:60:be:cd:3c:7e:17:8a:35:72:61:03:f0
+ 2e:1a:9f:cf:c4:50:89:88:ef:a4:87:82:bb:0b:31:fa
+ ae:c0:22:d2:c4:94:4d:5a:1c:42:af:58:7b:37:ed:90
+ 37:5a:cb:ca:bc:25:35:17:d2:43:57:e6:63:a6:52:b4
+ 1f:8d:a4:15:2b:2d:c1:d5:38:2a:86:3b:a8:54:ae:1f
+ 10:3f:3a:84:9c:a7:b0:b1:14:dd:fe:83:8e:7e:3a:72
+ 9e:a6:df:c6:da:89:25:d9:4e:68:f5:37:87:ec:dd:76
+ 46:3b:f0:0f:8e:b7:c8:46:9b:37:73:2c:cc:81:af:07
+ cd:2d:cd:f5:c8:12:72:55:05:90:d1:bc:2c:bb:c3:5f
+ 60:dd:5f:cf:bc:ff:23:b5:ca:a3:86:29:08:6a:93:ce
+ d2:83:c6:cc:57:bc:18:5a:ce:48:b4:16:f3:55:d2:8a
+ ef:14:d5:14:1d:8b:55:b1:07:9f:f0:29:93:a1:66:85
+ 05:1c:1b:ff:35:ee:fe:c9:6c:40:68:5a:6a:f3:9a:60
+ 5c:7e:fa:f9:ed:24:05:c3:e7:ba:67:9f:f4:f3:a4:35
+ 3c:3c:cb:d9:d1:d0:02:ec:c7:40:fe:e9:33:62:4d:b2
+ 8f:51:1b:a7:da:d7:27:14:18:a8:10:ba:6c:f8:68:73
+ 22:38:34:a3:49:fe:e5:5b:7a:1f:97:87:0b:c4:11:84
+ 5c:19:2a:49:23:fa:e5:15:dc:a6:d2:fd:e4:36:4d:5d
+ ad:b5:fa:7b:ef:84:d6:9c:02:ce:98:e4:fe:12:b4:e3
+ 9d:09:c5:d1:52:93:fb:31:9f:cb:7a:38:96:2e:39:c5
+ e1:
+
+prime1:
+ 00:e4:26:db:d4:9f:04:12:81:66:e6:1c:4e:a3:af:69
+ f6:73:63:87:04:1f:52:53:87:0b:ea:73:7a:e5:b1:43
+ c2:3d:63:c6:f0:57:91:0d:5d:02:e4:02:48:fb:20:d6
+ 2b:38:a9:c1:9c:06:5a:a1:33:2b:c4:74:bb:b5:29:21
+ 15:85:fc:72:f6:e4:96:4b:40:c5:2b:98:c9:00:a7:09
+ dc:60:d9:4d:ae:f4:c1:62:6f:02:49:7a:72:29:e3:ee
+ 61:81:0a:5a:15:99:7d:08:f0:c1:cd:ae:9d:88:df:8f
+ e3:29:ba:18:eb:74:d3:fe:85:9b:71:9f:28:26:9b:d3
+ a1:2c:99:ab:ac:c5:d7:f0:b9:ae:eb:f9:fc:43:e0:04
+ e7:01:7e:82:48:08:45:ef:ed:05:1e:a1:7c:db:be:a3
+ ce:01:48:a9:fc:92:0e:d5:db:1b:81:f1:36:81:8b:85
+ a6:91:4d:e6:05:3b:38:1a:46:4b:4c:05:a0:c2:96:3f
+ dd:
+
+prime2:
+ 00:c6:69:dd:74:26:b1:c2:ee:6f:82:3d:31:0b:f9:f7
+ 40:fb:41:fa:79:d0:04:5c:53:fb:dd:22:2a:d6:b7:26
+ 7f:39:c9:20:a8:31:89:32:f7:56:04:84:7b:6a:c4:ea
+ 9b:8f:29:b3:28:4b:2f:bc:9e:56:0a:3b:b1:53:40:a0
+ 3e:4b:29:07:24:0f:20:05:62:96:c3:df:f5:62:15:dc
+ 0f:5e:53:70:3c:6d:b8:ef:41:b3:97:67:93:db:d1:1b
+ 83:d7:77:63:a4:78:23:95:07:36:0e:d3:50:3d:7a:fa
+ 76:41:72:94:49:ac:8a:ea:97:b2:4f:ff:f6:82:23:f5
+ 5d:3a:bb:f4:0b:06:31:b0:79:b9:5d:e6:29:d2:6f:5a
+ 6c:b6:cb:99:42:d6:74:02:2d:cc:13:03:48:ef:54:ea
+ f8:b7:93:ea:5a:76:11:0b:14:70:a2:08:c3:9c:45:f4
+ 46:cf:74:f4:64:28:4b:e2:a3:3f:35:bc:be:27:7b:4f
+ 35:
+
+coefficient:
+ 4a:53:30:b7:56:5a:d3:2b:40:f0:70:f7:32:54:9b:1a
+ b2:15:40:35:f0:62:65:21:7a:16:6a:2e:ae:81:7e:94
+ 19:58:19:57:d4:b5:c4:84:e1:65:5f:84:3b:50:e0:7f
+ 4e:01:97:74:9f:6c:ed:e4:fa:85:96:17:b3:c4:79:df
+ c4:20:bf:ea:9e:de:b5:aa:99:e4:2f:58:e0:0b:d3:aa
+ 86:e8:5c:1e:8a:8b:69:bb:9d:62:a4:32:63:48:53:cc
+ 19:32:62:2e:30:9a:9f:58:f2:3e:c1:ef:d2:50:a7:cd
+ 89:2b:98:3d:4e:6d:c1:4b:1d:f1:3f:fe:ff:87:fe:5c
+ 16:88:ca:dc:9e:1c:ae:2b:2e:b1:86:ff:90:ee:c1:29
+ d9:12:b3:a8:02:ac:2f:81:85:49:6e:4a:27:10:14:40
+ 27:46:e1:49:b4:31:3a:b5:84:24:45:63:f4:9c:60:a6
+ bc:0f:4a:6d:7a:87:22:e8:9c:bc:10:bb:ad:8d:e9:9a
+
+
+exp1:
+ 32:3d:dc:6b:16:19:6f:79:cf:8f:1c:ec:b4:5f:0c:96
+ 99:12:71:c9:16:9c:aa:88:32:b7:8e:76:a1:de:47:6d
+ 9e:d7:3a:17:f3:30:9e:20:bd:62:38:9e:99:ae:c1:7b
+ 03:1f:5e:e3:5d:02:d8:3c:cc:86:96:ae:3f:56:af:52
+ 6e:0f:09:c2:14:d4:83:fd:df:6d:9a:57:a9:2d:1f:9e
+ c8:35:12:46:54:df:c1:2d:70:f3:7d:63:66:96:2b:08
+ 8d:c2:19:d4:67:d8:80:ff:83:ae:27:a5:c9:5e:71:f1
+ 34:5f:26:dd:b2:fc:7c:30:2f:ea:f5:81:81:ff:0e:bb
+ 8f:76:c7:b7:64:5a:09:48:da:9c:5c:90:90:e1:e4:32
+ 7a:c1:c1:2e:db:a3:8b:12:46:ee:57:e1:87:02:94:4f
+ e9:38:77:36:87:73:7c:e4:a3:4a:1a:34:46:92:d2:fb
+ bb:43:cc:43:9a:a6:e0:22:5a:b2:83:0a:c3:cf:12:81
+
+
+exp2:
+ 00:a9:b9:93:7b:31:42:6c:6a:44:2e:d7:a3:66:08:4c
+ 8e:64:a0:1a:e0:2a:a6:20:48:a3:31:95:71:a9:bc:80
+ 0c:e2:e4:7e:b0:01:b7:c8:46:35:69:a5:de:61:05:d3
+ 5e:80:47:7e:7e:e0:5a:14:72:29:4d:95:a4:69:7f:e5
+ d3:83:bd:b3:e3:0f:a1:27:9a:1f:37:ad:13:9d:f4:ef
+ 0a:a2:78:a3:90:bd:97:2d:eb:38:f2:31:e3:14:6d:3a
+ a9:3c:1e:5f:b9:28:1f:df:f2:8c:36:80:62:aa:44:d1
+ 8d:69:0c:d7:76:72:47:5e:c7:a6:fb:b2:0c:2f:65:0d
+ 15:d4:11:45:80:4c:ab:22:b7:ed:6e:3a:5d:da:29:f0
+ e3:00:37:07:82:5a:2a:60:56:c6:b4:18:e2:42:00:95
+ 03:6f:1d:f3:a1:b0:4f:81:f7:d9:25:72:73:c9:f1:39
+ 35:7d:6f:21:43:b0:08:c1:f5:3d:33:fd:a1:77:ea:8e
+ 65:
+
+
+Public Key PIN:
+ pin-sha256:wBv5do0qlKwMzOKVUIb13Gdlv7BAhyWaX/jgaxcqy2U=
+Public Key ID:
+ sha256:c01bf9768d2a94ac0ccce2955086f5dc6765bfb04087259a5ff8e06b172acb65
+ sha1:b18900e310d19ddd6c126cc33749d819aa480d6a
+
-----BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,8B09CBCC4587B80C
-
-Yikael4jBlULlN5QU2SIN38OsTqbkcNZGVcoT5rpGf2Mh+aLRRnSvpIAOqNbIcEw
-T8pOtbic9AUh2YaCUK5xw5ou47t2dkieWB0a/amfOAFiajca+94AI+f1k73D85Y9
-bqCkal7pMzIEh22+qIHrUqJLeZdFOIq/C2j4a8Ymv2qmcQ7aKHfmtM3I1XWqg/ql
-GNDwhDxTJ1C6rMvXblDQ5gb4uqdUCw03jVOKTh7kQCNjV6RZqtzFShARiuL2yt4J
-l8H116hT6JtyVAm6kQIws0wqYPiIQxgpHQV21OibDh7WwD+i2sN77vnG06bYi7C6
-l8PkHsB2VbR2GjrZXAW1MGrCIVllbouFJ3zhPTr1DsDuCQ7G9dc8J/lviaWCi+HL
-aWq99V824sjz0CuzRqdUINx1f2XR53+ltSiyXk77NpyUOj/2nGQd2RhsjC/gLHdU
-J5152dOoYRmhftubfNr9Cend76rCkwLhZ1ZOa1LDgkT7HFD+4FIeW02opwGpRo/k
-XxOIkI7EF3em1MXfbRq1GEXr/KBkTKKeiaVUYW4klytX9crOZ+Dxv9KZRANAPzuF
-Tmx1gO4qJL2d8SXlNbUd4MRwCwK2CgUyUknL9kGkt98N2sYUyJETwSWUWbNnP31g
-R0sUKSvJN1k8DfZTpP/8znW1kz+vPa66tuRjBRd96JNUDdqSHHywT4DnR/pUNzdG
-uUD4/x4VgEwMcOYOKAFeOInn5pPINecU8EE4SehLODW3YdQW4hnxxaltuXPAkvNo
-6ST/6HVi/iSJsfvqUuEEXw/SGRMB0aZ+YEIOn4hVnu+gE8N07tuyvQ==
+MIIG5AIBAAKCAYEAsNRnU60QudO+MD8QbYbKtD09cxTCqT7ozRAk5yt5ETwMlGLH
+BBsEcFDStuwdgXciddoXXulLEvuHSobTCdR0GK0ifCxDRwddvE2heudxZtp5xKUH
+Eb0LFob7boRt1EmuHeXLk9U81oUdDmEEyEW0xmKeaPI4cKJ/n4vczLIpH8+rQD/2
+AJwWSC+OFnUpt78pvQzfObKIakr81ckw0G49A6p9OFO7l28AUzwB7UUpnRKllC44
+FZ5LvsXdK5SQQ44rf4do1PjTflC9L9iccSdqq4z+FCL0rwK3Wpw+Ly5HeBGtsfMk
+88Eg00KeF9Fym5hobcrky5EPFBLhRJ/k4BGnlGnxboFdKK8Gyna7ivAIhvXJ+9sb
+nfg7FPQ+MEnpqJzqi/ziJzC339ruJqYWted/tGlYbPm8M02MmIejGYnMp85v6tnh
+kToaDKeElAp7E6wC+/fl3LQyW9vvWdSiVl29sAG1QlVq2IFfprRkRwy7SwsBPTtg
+IHwm7JyG2kYA/2vBAgMBAAECggGBAIAHKVCiK0wADOGtp11FjJn3BPi/fTlAvRlL
+qQxeo2dhDNKaufE1Bn+zZPzf83T7Js4hO26ShrKVvpytBTtGwU/keuVgvs08fheK
+NXJhA/AuGp/PxFCJiO+kh4K7CzH6rsAi0sSUTVocQq9YezftkDday8q8JTUX0kNX
+5mOmUrQfjaQVKy3B1TgqhjuoVK4fED86hJynsLEU3f6Djn46cp6m38baiSXZTmj1
+N4fs3XZGO/APjrfIRps3cyzMga8HzS3N9cgSclUFkNG8LLvDX2DdX8+8/yO1yqOG
+KQhqk87Sg8bMV7wYWs5ItBbzVdKK7xTVFB2LVbEHn/Apk6FmhQUcG/817v7JbEBo
+WmrzmmBcfvr57SQFw+e6Z5/086Q1PDzL2dHQAuzHQP7pM2JNso9RG6fa1ycUGKgQ
+umz4aHMiODSjSf7lW3ofl4cLxBGEXBkqSSP65RXcptL95DZNXa21+nvvhNacAs6Y
+5P4StOOdCcXRUpP7MZ/LejiWLjnF4QKBwQDkJtvUnwQSgWbmHE6jr2n2c2OHBB9S
+U4cL6nN65bFDwj1jxvBXkQ1dAuQCSPsg1is4qcGcBlqhMyvEdLu1KSEVhfxy9uSW
+S0DFK5jJAKcJ3GDZTa70wWJvAkl6cinj7mGBCloVmX0I8MHNrp2I34/jKboY63TT
+/oWbcZ8oJpvToSyZq6zF1/C5ruv5/EPgBOcBfoJICEXv7QUeoXzbvqPOAUip/JIO
+1dsbgfE2gYuFppFN5gU7OBpGS0wFoMKWP90CgcEAxmnddCaxwu5vgj0xC/n3QPtB
++nnQBFxT+90iKta3Jn85ySCoMYky91YEhHtqxOqbjymzKEsvvJ5WCjuxU0CgPksp
+ByQPIAVilsPf9WIV3A9eU3A8bbjvQbOXZ5Pb0RuD13djpHgjlQc2DtNQPXr6dkFy
+lEmsiuqXsk//9oIj9V06u/QLBjGwebld5inSb1pstsuZQtZ0Ai3MEwNI71Tq+LeT
+6lp2EQsUcKIIw5xF9EbPdPRkKEvioz81vL4ne081AoHAMj3caxYZb3nPjxzstF8M
+lpkScckWnKqIMreOdqHeR22e1zoX8zCeIL1iOJ6ZrsF7Ax9e410C2DzMhpauP1av
+Um4PCcIU1IP9322aV6ktH57INRJGVN/BLXDzfWNmlisIjcIZ1GfYgP+DrielyV5x
+8TRfJt2y/HwwL+r1gYH/DruPdse3ZFoJSNqcXJCQ4eQyesHBLtujixJG7lfhhwKU
+T+k4dzaHc3zko0oaNEaS0vu7Q8xDmqbgIlqygwrDzxKBAoHBAKm5k3sxQmxqRC7X
+o2YITI5koBrgKqYgSKMxlXGpvIAM4uR+sAG3yEY1aaXeYQXTXoBHfn7gWhRyKU2V
+pGl/5dODvbPjD6Enmh83rROd9O8KonijkL2XLes48jHjFG06qTweX7koH9/yjDaA
+YqpE0Y1pDNd2ckdex6b7sgwvZQ0V1BFFgEyrIrftbjpd2inw4wA3B4JaKmBWxrQY
+4kIAlQNvHfOhsE+B99klcnPJ8Tk1fW8hQ7AIwfU9M/2hd+qOZQKBwEpTMLdWWtMr
+QPBw9zJUmxqyFUA18GJlIXoWai6ugX6UGVgZV9S1xIThZV+EO1Dgf04Bl3SfbO3k
++oWWF7PEed/EIL/qnt61qpnkL1jgC9OqhuhcHoqLabudYqQyY0hTzBkyYi4wmp9Y
+8j7B79JQp82JK5g9Tm3BSx3xP/7/h/5cFojK3J4crisusYb/kO7BKdkSs6gCrC+B
+hUluSicQFEAnRuFJtDE6tYQkRWP0nGCmvA9KbXqHIuicvBC7rY3pmg==
-----END RSA PRIVATE KEY-----
diff --git a/tests/certs/server-template.txt b/tests/certs/server-template.txt
new file mode 100644
index 0000000..d214e67
--- /dev/null
+++ b/tests/certs/server-template.txt
@@ -0,0 +1,23 @@
+# Template file to generate server-cert.pem for certtool (GnuTLS)
+# see 'man certtool' for more options
+
+organization = "GNU"
+unit = "Wget"
+# locality =
+state = "Sunshine"
+country = Freeland
+cn = "Wget"
+#uid = "wget"
+#dc = "name"
+#dc = "domain"
+expiration_days = -1
+dns_name="127.0.0.1"
+dns_name="::1"
+dns_name="localhost"
+dns_name = "WgetTestingServer"
+#ca
+
+# key options
+signing_key
+encryption_key
+tls_www_server
diff --git a/tests/certs/server.crt b/tests/certs/server.crt
deleted file mode 100644
index 5131074..0000000
--- a/tests/certs/server.crt
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEpDCCAoygAwIBAgIIWu7jmTk1y5gwDQYJKoZIhvcNAQELBQAwMTENMAsGA1UE
-AxMEV2dldDENMAsGA1UECxMEV2dldDERMA8GA1UEChMIR05VIFdnZXQwIBcNMTgw
-NTA2MTExNDM2WhgPOTk5OTEyMzEyMzU5NTlaMD4xGjAYBgNVBAMTEVdnZXRUZXN0
-aW5nU2VydmVyMQ0wCwYDVQQLEwRXZ2V0MREwDwYDVQQKEwhHTlUgV2dldDCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANXGNSzoaeTX3B34xqiKuVXc2YzL
-/QQFexj+dyJ5XwwDF420gEv+zFjy8Y9wiGZ4rgHzF2TviNCoAy7ntlltA9Ab41jk
-CikwbZ9R81qsvmxc4HXRNgiKadNIb7BYNh6HljJjOSclkbF/LypJtdF5g7b6Qron
-ME/UuDIYLQV765emZh+2h/BJLtTXU+8n985gC+/9dw68WjLnWk9REzHYZPFU4UGK
-bCx+h7M/cVE5uIWjDC3Uq93jCweZJ8UFbmAnwlER8fXSEzy2SK5yqlRu+st8ae5w
-ZQAgXSeHF0jZ/lUgZBlq2QnqfzVlDd26CXMa/2OLZo9qUIoS/c0y5qLghTUCAwEA
-AaOBsDCBrTAMBgNVHRMBAf8EAjAAMDcGA1UdEQQwMC6CCTEyNy4wLjAuMYIDOjox
-gglsb2NhbGhvc3SCEVdnZXRUZXN0aW5nU2VydmVyMBMGA1UdJQQMMAoGCCsGAQUF
-BwMBMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFOBZKlHSJ4GW2mOjJ4fkDhLr
-X5mCMB8GA1UdIwQYMBaAFH681m4jgi27YaqRhfZ+jeWJEyn/MA0GCSqGSIb3DQEB
-CwUAA4ICAQAwCcJs/+PLNhWF43YQOCB2ZXRELfE9j/p/H018rTr6vdYZunpdi0wf
-AceI+xBylMQs6CG0zh8bOgf0wwaOwGd1ESg3a5qtLbp565KZ8VD0LvnwZQX+ZBwA
-b5V1mrmtPzyLTSJScf6GiuqQJiwrQIDhpGlw00r8U0s9L+yuBP7XbUY+TFKNWhL1
-wkoalRc6vFOSWkc6SJHa/dDqMBXC86Q90OUu+DSNMiKk8ps0MpZAj17OADyf6Qu0
-IbB0+l+rJKKuOSl87pl3ACKZwSEopQBxjOuSmUZ641ZtZRy5HoMwM+LneoR3I1Re
-a2xKgCT3qMNVrKI4gzN7zYAAXlVT7ZfZWzPYvRZ+1Hxlbsf/DrSmBIvaCx7fTyBL
-etFKP8joarPrtffLu9XhXH5IB6G8spPOlkxGHg8WyCG67Y7hHzwDJH4cyG1OKiWj
-gsaxaN7WQ8Nyyz/WoQq9NeAkjhMen1JXB4ueeVXI4wgQIl1jWb31foR0KylGdAj7
-H89v9QJtBf/1Jghi6t78faUq8t1dyfF0vAiLAOF9DKjvCUd7oU5zBZTB0inoWK1g
-WoDaOddQKc76LajP74X4t78L8mGkQ0W2Kmnr508YXYGHU8eNlYgrSxBGNhW2QRFM
-/cCToErw+hJAAXNWibGPW8yZTcen7jKQBQTVL18tRxDOSgjgoWbpRw==
------END CERTIFICATE-----
diff --git a/tests/certs/server.key b/tests/certs/server.key
deleted file mode 100644
index 8f75db4..0000000
--- a/tests/certs/server.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEogIBAAKCAQEA1cY1LOhp5NfcHfjGqIq5VdzZjMv9BAV7GP53InlfDAMXjbSA
-S/7MWPLxj3CIZniuAfMXZO+I0KgDLue2WW0D0BvjWOQKKTBtn1HzWqy+bFzgddE2
-CIpp00hvsFg2HoeWMmM5JyWRsX8vKkm10XmDtvpCuicwT9S4MhgtBXvrl6ZmH7aH
-8Eku1NdT7yf3zmAL7/13DrxaMudaT1ETMdhk8VThQYpsLH6Hsz9xUTm4haMMLdSr
-3eMLB5knxQVuYCfCURHx9dITPLZIrnKqVG76y3xp7nBlACBdJ4cXSNn+VSBkGWrZ
-Cep/NWUN3boJcxr/Y4tmj2pQihL9zTLmouCFNQIDAQABAoIBAEXCOlP/O58Lua6m
-Id2Z90THns5NOrF3QGY1k5bSWGvJDoSVZFBoQzK7hIw0Qq59rvq/4uBzMgg062UB
-BAZGhroAf73gHFi4ju0whuMN/83IuQ55SNKcqE/kEV5QSsjHogGrU1ks71AmmrOH
-/ibvKkYpgGDSrPdACSN/tCFYANcpQtzbhkFXRqZ5JSIQyVCE+XLrZinxI6D23XVe
-5qMpfBH1gnKfBPf86UCI+iVTdNIC9sLp+C5MoSKCWMvYzKlQqbxVgulEdcOq01U7
-Sq7ZU6/f8QuTjd3d+WGTp2ZxFf2H+2XuKNVl9akp2exap+/JEj9Et0jMIN5Z9zHa
-6bTDMPkCgYEA8uO+VAAq4R1WJCTFpYy4/gzJPbQtxVxOMGBnxgAW+4G0jv+BiqiU
-WrQ6Rtcyfx8LFB/z1tExfDSJSpTw8wd3j19a/sMqACwCgkudmi8dzKbH2Y9U9DCz
-IB++zaQVKgJNE1VEsuySpf9HzQKBJGhO4fNMzol6YhlQT4ex7gSrFyMCgYEA4VAl
-p0A6798a9rmUGhNSzn5IcO2unpS7IYDTqKv46oIQ1rKKEiawugni+F1gL9StK90g
-NvDREiaM0eKo9QlhUzqBBSsNBVh4UVadbOpBOqyM6CUE94I4H199SwfzPuCILYa4
-01syaosJ2SRUr8S101x7U0VQ2SCYq38as27FY8cCgYB67dr5RrBtCNz9JANIW2WR
-ZsU/Tn7P4XzNLS24X3lCR44rxZM5q0KSeZ75FZdAEWUZBWby9SN3elt1/NXKGqBf
-VuKGCB6swZlvenfEfk41sr95E/rqL++otYhrKb1waoO54jEH4YYDL6WWU8sqswQh
-hXL9IUVoeulTpxjdn008QwKBgCxCnELwoSNBxoA1EFzW8utRb1WPuz+3o9L/BZUa
-wzj99+TVCb5rD0hcbNOxNBXxR1tYgt2IDOnt3LfWOK55+z5oPbQQMuyb5nbD9wTQ
-N6QZBU0NCJ6+W9v93BUDKMtvPBEFaAVM4uh/C542PtSQZc9xWWCQO0OL3bHCtDIP
-ToM9AoGADJ+6tYMTBEHhJyZxqD6oZgHTAqfA6HqKP5UUCpQ8G4IEedEq+cpQSFM9
-Wez+ChUdeDCaFSOeh+8o/u4w3x44g7GyFdOL6lGV6YjzGk4WkbRwqJWW/AKV0htl
-Fby2y2PzLnbLGKnt7nGTxag9l28NwbGppy7Kex8jVYcQP15djCg=
------END RSA PRIVATE KEY-----
diff --git a/tests/certs/test-ca-cert.pem b/tests/certs/test-ca-cert.pem
index 2623576..ca04457 100644
--- a/tests/certs/test-ca-cert.pem
+++ b/tests/certs/test-ca-cert.pem
@@ -1,30 +1,26 @@
-----BEGIN CERTIFICATE-----
-MIIFKTCCAxGgAwIBAgIIWu7f2CMW9qgwDQYJKoZIhvcNAQELBQAwMTENMAsGA1UE
-AxMEV2dldDENMAsGA1UECxMEV2dldDERMA8GA1UEChMIR05VIFdnZXQwIBcNMTgw
-NTA2MTA1ODM0WhgPOTk5OTEyMzEyMzU5NTlaMDExDTALBgNVBAMTBFdnZXQxDTAL
-BgNVBAsTBFdnZXQxETAPBgNVBAoTCEdOVSBXZ2V0MIICIjANBgkqhkiG9w0BAQEF
-AAOCAg8AMIICCgKCAgEArx5p0JWOfE/z3GXkd57QaemGBC8ZmE463Yhy6WtR7ww5
-MGMlQmlsYYvEeZj/3FLe2mdAazTAlU8uf3BM5f8PUVahESgwevGVNJLtgOGJgxXp
-5cslLlWYZ+a3qL1FJYVqPKfiK/tb8BsgzzPyECmlCerXw1lQ+34Fc36bw5vFw6ig
-egb8yz5N59yvZp3b9iooU1J5yRTGTpEmGhUrUNdUc2MEe2bwLiEgffVmX9oc2mIq
-LwfRtFjJMvNb6Zr42yllWC5aVeSJ86tkIhuLRQRD/nmy3NR/Txne764BhNnJ+/IN
-V16UfJz1A2BeFBhbPdH7T6jQx3BxRDQew66Qe8ESGuWa6SsjWwhiCl/lJ1UeUWt9
-pjDNqT4kfeWQzZKnbMoC7hwLMmmo9fsL65jPNR9iclf5FXBap39/gtWl9vobuTi+
-6yLJBGBvB4FsFsRNDVu0PM06wUew/d9oTP+3/GKI8UnqiT+76RlC3lcyRdAk5LKF
-ofg9bPkNm/dw6aDFtfFTE4oNjRXrUK9w3SZsknne2oOveKoGOYg79T/wlgUo++Uw
-wa8NyYujycVhEvqMdvX68awlrQIxMFSOcyeaiGVuZ/gWIq/7VZaDJGEpnm8vXkpk
-yxhDWa3qQcLqHKbydckEaLHc2BuNjI3yNiYZUxVr8MHRgrBarEXLHz0yarvNNUEC
-AwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0GA1Ud
-DgQWBBR+vNZuI4Itu2GqkYX2fo3liRMp/zANBgkqhkiG9w0BAQsFAAOCAgEALbu9
-EGQtB7WSOL+bsj30/1dvzKngq71Mpv00jrXwPjtHbhc7ZWMqbcd0v9ws64bJX8sg
-LrEv1zpqB4oS/yRKWZsCgLaBxPdPqPcCrmdLEBACkrIAl65LWzvFquMZ+XxXcruJ
-vVTKmfTcTVGo5n9ixNtoZ41Sl4oT67AsViSmk6Yai2Eyi7LbXkZrCva758lMbWmw
-QT3Scr4HDaHYVnPLqSicb6qWPssZidNtQyE7v96s9nXvjYs9UOYR6Dg8U2VOsPXn
-XyevMumH/70Z4wfwkMwBOtgKe+UmxAfOwYh/N3AFpbK93cfGEFWBzo+uMkH1SeGw
-ccDYk9riVe/ya4xutOqz9dJF05Els5Qq6SwBNClHedJNM0HWOgYvZqhBrngGjDQI
-VP4Klxewn5Q4FTMud1sZEfr4wnZvgH0Axkl+vVvDkEcC0LnfXc4fUj3mpD9X0YKl
-AYw/MPsDVA7kF3ayctbZDBqEoqVg6UkG2cv9Jt2nXDRTpANPzQg6J4XxVrF2m8fR
-P7fiXtM6vczzpl9nwFvpon0sqD52sRlvyjB0DWuTFBU1V5fQOdCfnsQayyYvbigx
-rHlw0D97+hhNQhWZw0i3+YcpoAGiftpSFSxIcbCp+aYFfmgmwVCYG5QVEjaH+TJp
-cVBYPisU7ic8jq97R+D0Ot6kZtcaHeFzh1BYbF4=
+MIIEbzCCAtegAwIBAgIMW+WWpAgbVfvBnwynMA0GCSqGSIb3DQEBCwUAMFIxDTAL
+BgNVBAMTBFdnZXQxDTALBgNVBAsTBFdnZXQxDDAKBgNVBAoTA0dOVTERMA8GA1UE
+CBMIU3Vuc2hpbmUxETAPBgNVBAYTCEZyZWVsYW5kMCAXDTE4MTEwOTE0MTYwNFoY
+Dzk5OTkxMjMxMjM1OTU5WjBSMQ0wCwYDVQQDEwRXZ2V0MQ0wCwYDVQQLEwRXZ2V0
+MQwwCgYDVQQKEwNHTlUxETAPBgNVBAgTCFN1bnNoaW5lMREwDwYDVQQGEwhGcmVl
+bGFuZDCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAMUMCfmwSzYFSrbQ
+7C/CbcKVkirAWjFmSVCndYbb4Wbi4kr7+VHU02w6NFRXoQsB7dLwXlpKEuuuVPSc
+FgGUIy450JbQ9QCvqn0Ln+OR25tzAXPFH4975cNTWdv5ZNunh/K688VJ3xtQRZYv
+7YcqW3mrP81VZUKSsPGrlQN3GiwzCRRVPt5db3eG4t/oWfYlLxP3wnRGUaMuTj3g
+Cf1tQAtL0EBr9k2HwrPyIylJEI2u5iDA3XL66uAkWhj0jWyYbydE/BcGpsRnIjpl
+4igvFdEjiJb8dGL9pHVO7i/kAxoTYc45KbI3SUTMMNA1nAVMKrTCX2IbRUh7VrIs
+ohYTxXPOB5dy3lWU/sypdiHFyPt9PO24G3oeXjOQv7oE93bMbYmBisk50zt2csdU
+B89cqAKo7oMXjaZZ3F5ELIaLRsdh7R7qKHVYzqRLuLqitjEr+sY11znfzFpuje6l
+d9PzZHmsiSie8iS2apkqr1KLpkM3zry6+fv3BbjdhRAbyq3LRQIDAQABo0MwQTAP
+BgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB/wQFAwMHBgAwHQYDVR0OBBYEFJ4OWyKM
++9KPJ1PV1goMyw1ZD2SYMA0GCSqGSIb3DQEBCwUAA4IBgQBZvCyOAWWB+/sAyK4y
+Lv34sv2DJijSYsxOWOEJEG8OurbWSl74cmI5YXIswvVI455nnZ4jPQUKZobPL8rO
+uGWrdhJItE7lN8YioswZhJk9VmCxHdk1G2+slHwVddfHIrvrYD7F5MijxAvvijJ8
+tdWprACJGrsoaKu/t129oumjfVy4/1sAVw6S+Jj+vr21Q/3SVnIv0gyTIWhu4cYA
+bzzcDu6+wo4TwjfL/EbgHwFvu0H9PuwgP71xQSFz8+KHvNwxIb65xCgfEVycmuFm
+oDyDMGUu95XG14QKeKOmQlqHd+nkWqcT+NvrcbDkEvnOgaQM3qX5YDokiOpGhY2q
+f7PBiTbYLqP4L5o5qGhWyD3iQvDfTPZKIQA6AX8ZR3T0fVdwUOyiMPkgfYSZ3ZYG
+1kH3TFQk0IkRp5H56ZOfeFd7p3lTpqYMYofYpbG1p763VFuZTIaZJFeCtFaA4ZoY
+lPut92lZl8Igo6iW/tB0JNama558N/T0BJ8QWYSwaRkjyJM=
-----END CERTIFICATE-----
diff --git a/tests/certs/test-ca-key.pem b/tests/certs/test-ca-key.pem
index bc4afb5..1e64dd6 100644
--- a/tests/certs/test-ca-key.pem
+++ b/tests/certs/test-ca-key.pem
@@ -1,58 +1,182 @@
-!!!!!DO NOT USE THIS KEY FOR ANYTHING !!!!!!!
-!!!!THIS FILE IS FOR TESTING WGET ONLY!!!!!!
+Public Key Info:
+ Public Key Algorithm: RSA
+ Key Security Level: High (3072 bits)
+
+modulus:
+ 00:c5:0c:09:f9:b0:4b:36:05:4a:b6:d0:ec:2f:c2:6d
+ c2:95:92:2a:c0:5a:31:66:49:50:a7:75:86:db:e1:66
+ e2:e2:4a:fb:f9:51:d4:d3:6c:3a:34:54:57:a1:0b:01
+ ed:d2:f0:5e:5a:4a:12:eb:ae:54:f4:9c:16:01:94:23
+ 2e:39:d0:96:d0:f5:00:af:aa:7d:0b:9f:e3:91:db:9b
+ 73:01:73:c5:1f:8f:7b:e5:c3:53:59:db:f9:64:db:a7
+ 87:f2:ba:f3:c5:49:df:1b:50:45:96:2f:ed:87:2a:5b
+ 79:ab:3f:cd:55:65:42:92:b0:f1:ab:95:03:77:1a:2c
+ 33:09:14:55:3e:de:5d:6f:77:86:e2:df:e8:59:f6:25
+ 2f:13:f7:c2:74:46:51:a3:2e:4e:3d:e0:09:fd:6d:40
+ 0b:4b:d0:40:6b:f6:4d:87:c2:b3:f2:23:29:49:10:8d
+ ae:e6:20:c0:dd:72:fa:ea:e0:24:5a:18:f4:8d:6c:98
+ 6f:27:44:fc:17:06:a6:c4:67:22:3a:65:e2:28:2f:15
+ d1:23:88:96:fc:74:62:fd:a4:75:4e:ee:2f:e4:03:1a
+ 13:61:ce:39:29:b2:37:49:44:cc:30:d0:35:9c:05:4c
+ 2a:b4:c2:5f:62:1b:45:48:7b:56:b2:2c:a2:16:13:c5
+ 73:ce:07:97:72:de:55:94:fe:cc:a9:76:21:c5:c8:fb
+ 7d:3c:ed:b8:1b:7a:1e:5e:33:90:bf:ba:04:f7:76:cc
+ 6d:89:81:8a:c9:39:d3:3b:76:72:c7:54:07:cf:5c:a8
+ 02:a8:ee:83:17:8d:a6:59:dc:5e:44:2c:86:8b:46:c7
+ 61:ed:1e:ea:28:75:58:ce:a4:4b:b8:ba:a2:b6:31:2b
+ fa:c6:35:d7:39:df:cc:5a:6e:8d:ee:a5:77:d3:f3:64
+ 79:ac:89:28:9e:f2:24:b6:6a:99:2a:af:52:8b:a6:43
+ 37:ce:bc:ba:f9:fb:f7:05:b8:dd:85:10:1b:ca:ad:cb
+ 45:
+
+public exponent:
+ 01:00:01:
+
+private exponent:
+ 5a:0b:d7:5f:28:46:26:88:a2:8d:0a:ca:74:44:d8:9d
+ cc:76:40:5d:28:9a:5c:90:f2:6f:a4:50:9d:98:d2:c8
+ a9:fa:f4:4d:0a:2d:44:f4:b7:60:84:8e:8b:04:99:bc
+ 11:e2:50:6b:d8:5f:ef:1d:fa:aa:d1:cd:68:a9:46:ae
+ 70:33:37:48:84:3d:ed:08:ef:1d:e9:d2:38:2c:70:4c
+ 4d:04:97:b7:85:7d:6c:11:27:bc:ef:be:77:6d:bd:90
+ 6d:c7:2b:71:24:01:f5:dc:68:00:6b:24:93:d9:32:76
+ 56:60:d0:b7:ce:8f:6e:b3:b7:ac:de:6a:f7:f9:98:eb
+ 35:a1:fa:16:c1:cd:57:0b:fb:33:20:79:70:eb:00:31
+ 14:61:eb:95:f1:30:8b:6e:b4:c8:a7:e2:48:d2:ad:2a
+ bc:59:8d:a7:08:a6:83:7c:e1:78:ac:c2:c8:25:ed:69
+ 58:b6:ed:0c:05:e8:4e:7f:61:7d:5e:dc:1a:e8:de:7b
+ 57:d3:ac:05:9b:44:f1:fb:3b:ff:86:15:ae:e4:19:cf
+ 82:cd:2d:ba:59:a8:2a:23:1a:a9:ad:30:55:c8:de:15
+ f4:16:cd:14:17:c3:8b:1b:93:dd:10:8a:6b:72:78:3e
+ fc:73:2e:2f:b9:a5:3c:5e:fc:4e:90:bd:3a:12:79:9d
+ 95:83:87:49:6d:c4:51:ab:d6:15:7f:d2:a5:6b:c0:76
+ d6:0b:75:5c:83:d1:63:14:33:ad:26:43:97:d5:7e:08
+ b8:80:b5:58:ff:b5:1d:eb:7a:1b:2c:e1:54:c9:86:37
+ e9:fc:df:64:83:47:38:02:4c:43:78:93:4f:84:33:35
+ a8:1d:3a:0a:17:63:79:fd:91:be:1c:8c:c6:d9:40:16
+ fa:13:4c:d3:6d:f3:3a:39:65:e9:97:12:5d:6e:eb:9d
+ 07:64:3a:b1:4d:47:9b:82:fb:ff:e1:92:96:9a:f7:a7
+ ec:5a:8a:91:e8:1d:87:21:db:7f:e9:23:53:a8:bc:61
+
+
+prime1:
+ 00:e6:1e:8d:ca:3e:ea:2f:43:8d:71:47:88:e1:5e:57
+ e3:6b:9d:61:45:d6:15:79:b1:ee:21:06:8d:da:66:b7
+ ba:de:b6:0d:68:4e:14:ec:97:30:ec:30:61:2f:ff:6a
+ 49:3d:33:3c:af:30:2e:a3:19:f1:7c:07:49:83:bf:34
+ b3:f8:46:e0:e8:3b:35:46:69:19:c8:05:c4:f5:b7:90
+ 97:01:80:bc:9a:ed:06:ca:a8:e7:c9:55:76:fa:b8:d7
+ b7:38:ec:c2:80:d4:19:77:db:d7:6f:f4:c9:31:21:2d
+ 57:3a:2e:cd:b3:15:bb:1c:07:ae:9f:a8:a8:57:14:8c
+ 2b:5d:2b:84:2f:62:c8:7b:80:04:59:59:08:02:fc:86
+ ef:4d:8f:5a:22:88:71:7b:83:4a:3b:31:11:e3:0d:ae
+ 53:9c:c1:41:d9:1c:66:d4:d9:8c:96:cb:96:ea:42:a0
+ ed:c5:d6:e7:56:c2:40:22:9a:da:8e:1f:87:c7:73:b8
+ 1d:
+
+prime2:
+ 00:db:35:49:d0:b4:9a:10:6c:5d:ce:cd:5b:1f:88:00
+ 8b:a0:5f:40:48:54:9d:a5:15:cc:59:bb:21:f7:11:9e
+ 86:35:1d:45:c6:aa:a1:ae:fe:38:bf:99:58:aa:84:71
+ d4:d8:2c:99:4f:54:1d:cc:e9:95:2b:3a:d8:7b:c4:3a
+ 96:1c:9a:e6:25:1d:1f:9c:60:a7:1d:aa:ff:e9:98:dc
+ 06:7a:97:87:bd:18:19:2a:c8:53:8e:c8:dd:b4:2d:af
+ a9:23:4e:da:82:64:e7:70:41:d6:45:f3:9d:36:2b:ff
+ bb:03:7b:c8:b2:e3:ac:f3:66:6e:f4:51:c0:f3:ca:d0
+ 22:a0:3c:46:af:5e:81:b6:96:51:71:d7:97:67:db:21
+ ca:57:fc:91:04:c0:64:e0:fb:73:f4:2b:b2:f1:c4:49
+ f9:d3:8f:17:74:f6:bc:bc:cc:13:89:6c:0f:0e:5a:45
+ 94:7a:60:0f:d3:ec:e1:ea:3e:2b:fa:af:d3:79:43:87
+ 49:
+
+coefficient:
+ 00:8d:93:8a:53:c5:d3:ad:67:1c:8e:ef:bb:27:db:2c
+ 99:83:7c:a8:9f:a1:a8:23:ce:0e:7e:44:31:03:fd:23
+ 8a:bc:1c:32:85:f3:3b:27:7a:66:5b:a2:38:13:26:4f
+ 11:ed:f4:c3:ce:ad:89:5e:db:ce:a1:2b:3a:69:f6:77
+ 18:57:97:27:d3:2c:cd:9d:21:69:3c:40:ca:e4:df:82
+ 62:d3:aa:88:e2:fe:e9:a8:ca:b3:c9:9d:b4:eb:9a:dc
+ 57:80:62:92:5b:94:76:10:a8:55:44:bf:4e:71:42:84
+ 21:04:f8:d5:ff:aa:85:0f:e9:43:3e:04:33:c2:ef:00
+ 46:e5:62:db:93:89:82:ff:fc:63:0e:09:6d:be:1b:23
+ 6f:52:b9:9e:d5:71:7d:5f:b0:e2:a6:9c:d1:e2:c7:5f
+ 1a:63:a5:9b:54:f7:ff:ae:ae:d0:fc:a1:56:4a:d2:1a
+ 7e:19:3c:a6:40:98:c0:fe:54:2b:ea:50:99:3e:88:f4
+
+
+exp1:
+ 00:ba:89:87:fc:aa:f5:60:ec:cc:8a:48:27:90:30:ce
+ e3:be:47:6c:23:95:40:01:4f:17:ae:53:c6:c7:84:be
+ 68:cf:c2:19:aa:34:a9:47:83:e3:97:82:3c:36:11:40
+ 92:2f:f7:09:b9:25:40:98:dc:1d:e1:a1:72:99:46:74
+ ad:72:93:da:1a:c6:6c:10:30:80:42:a1:52:a0:b0:75
+ 97:c3:13:1d:50:24:d5:7d:90:5f:9b:d8:18:c3:72:f5
+ 02:44:35:c0:11:78:5d:50:c8:b7:a1:bc:77:1e:c9:3b
+ 1c:db:40:37:64:75:38:20:a7:a5:89:2c:c9:91:15:49
+ ee:98:ee:fe:8e:fe:ef:6f:15:3d:f1:43:77:78:1c:46
+ 31:53:d8:e1:82:de:c1:c7:12:8d:28:e0:45:14:9d:f1
+ 73:3b:bd:78:e8:4a:da:9c:ad:e1:06:17:f0:b4:e2:df
+ da:fe:a5:8f:0f:c8:14:ff:38:31:f4:45:60:e6:70:4a
+ 8d:
+
+exp2:
+ 00:a4:06:90:d0:61:83:72:cc:93:b9:1e:02:94:6a:80
+ f5:f9:af:ac:7b:33:0d:af:2c:cb:77:4d:46:92:08:96
+ 15:18:83:69:e5:c9:62:28:7e:43:da:62:95:6d:2a:a3
+ be:bf:6f:47:dc:8b:35:ad:52:0f:73:84:99:de:aa:ab
+ a8:0d:89:7e:b2:c0:c3:19:91:5d:1b:1f:0c:55:30:33
+ 5b:89:b9:ff:30:e8:6a:54:90:07:ae:2c:f1:70:54:4b
+ 40:05:92:88:80:cf:9e:3a:6a:99:3a:48:9b:17:a0:fe
+ bf:62:50:ea:91:a9:39:8d:fb:d5:04:6e:74:32:38:4d
+ 5b:cb:88:ae:df:a4:98:ed:16:37:a5:36:cc:2d:43:54
+ 5a:83:52:12:f5:7a:3d:41:f8:06:00:eb:fd:ff:58:80
+ 7e:36:e6:b8:87:a5:e4:fe:64:ba:2d:b7:34:e0:e9:7d
+ 6d:27:d0:df:a7:15:76:ca:7f:71:0b:29:2b:d5:6e:49
+ 39:
+
+
+Public Key PIN:
+ pin-sha256:JJoOmvj7dwVzA9NdhmQGGH7pyIfyklw0jEoNpxXnfTk=
+Public Key ID:
+ sha256:249a0e9af8fb77057303d35d866406187ee9c887f2925c348c4a0da715e77d39
+ sha1:9e0e5b228cfbd28f2753d5d60a0ccb0d590f6498
-----BEGIN RSA PRIVATE KEY-----
-MIIJKgIBAAKCAgEArx5p0JWOfE/z3GXkd57QaemGBC8ZmE463Yhy6WtR7ww5MGMl
-QmlsYYvEeZj/3FLe2mdAazTAlU8uf3BM5f8PUVahESgwevGVNJLtgOGJgxXp5csl
-LlWYZ+a3qL1FJYVqPKfiK/tb8BsgzzPyECmlCerXw1lQ+34Fc36bw5vFw6igegb8
-yz5N59yvZp3b9iooU1J5yRTGTpEmGhUrUNdUc2MEe2bwLiEgffVmX9oc2mIqLwfR
-tFjJMvNb6Zr42yllWC5aVeSJ86tkIhuLRQRD/nmy3NR/Txne764BhNnJ+/INV16U
-fJz1A2BeFBhbPdH7T6jQx3BxRDQew66Qe8ESGuWa6SsjWwhiCl/lJ1UeUWt9pjDN
-qT4kfeWQzZKnbMoC7hwLMmmo9fsL65jPNR9iclf5FXBap39/gtWl9vobuTi+6yLJ
-BGBvB4FsFsRNDVu0PM06wUew/d9oTP+3/GKI8UnqiT+76RlC3lcyRdAk5LKFofg9
-bPkNm/dw6aDFtfFTE4oNjRXrUK9w3SZsknne2oOveKoGOYg79T/wlgUo++Uwwa8N
-yYujycVhEvqMdvX68awlrQIxMFSOcyeaiGVuZ/gWIq/7VZaDJGEpnm8vXkpkyxhD
-Wa3qQcLqHKbydckEaLHc2BuNjI3yNiYZUxVr8MHRgrBarEXLHz0yarvNNUECAwEA
-AQKCAgEApUnNkoU3QfqtMCA0bvvFt9IlHpneTLW6NhNucwdLBJjC+fr61h5vn/qu
-bh+NkMXfdsHyOb5G8CcWuk6jJouCR8G+sVT/vWt862yrI/S9OK9cX/tIkt1Txu4r
-9+b99xZgWfQUNHNCKfVRGIHtPngwQJYbJVWObHJcbtDX8N984Nqu7b7eqG+cVPcl
-z3O8hDLycQLt1G/5ZXr3PbMxeVJlcavKNTfKB6BY7MrN4Dcc+LujGVUGCHWtIpw0
-6t/Nd/8wmvTVazEVTJs/HjplT7VhADaaLnmb2GuQ0yWoZV6zmUy0bvzkpmH3mUJC
-SjFbHZSu4ldzCGwHXNrdFtITqdtoW81Tj+b3EsqNlB2u1I8DpOMR8vMGy5f0rYhs
-Lf4Vmpvggw4bzLeu9A6XStxiB/wExn1QlQd54X1zfhssoF/pbu2RtCujn+y3zYCd
-2c9gqdN5MaGsr1NSYUPilj39E4S4FwtGnZGIYhClglToy0sMB/8lQvGIz0WRRfSG
-g+LUuiWuqn95ZrnSJvTSYCvsH0OB64IWpd9sHtu/P8Cjms3B/nIYjbG5gj68m319
-AsK1uFAqVmlGYVJVzgND9B9Egd4cODlTSsncEUQlS8PUZaym50FoBuO4vN+IYrZO
-H/yL6+hq3l/va/xlr4ZMEiBdEAiSj7g6XqQGzTgOz47RJn1FAGECggEBAOi8Moix
-SGHhxpJZgeHuL2FgBuNT9GVDoTNbUtEoZ7NsJd4BG3MjbZFluFoSfFiawAqJ3e6c
-ptUSiZ1KXN1gvMwVkget3MyenEzohYczwYOQeREAeRVr25Wq8cegvLaDFejMclCs
-ILC80BaGbVcAmJMdOBzLVqtY/7lps0LWpGd/6KYXTm41erhWJkvx+Vt0uPKVzGqx
-Ijjh/DSc5eX5BIdn2bYHLRu/xqfnX2kSH37PSto55ROSu8D8YwjaOdyQ1Hha6+O1
-Q6E4d2HliYqv1WaDHjyAXjmlP/3ob5f3QdXbqpB1smGPimK3hiZB0sYgdUI3yW9c
-NkynqGBeoTSPjG0CggEBAMCfyVJnG1fCnFZFCtPawYKK/IoMNyYzgIKomlcBdF/8
-J8Gwr6jcFBbdefT+VypVO0DywPrIFppDzjGEmZarFRgXsspGBenQQrZTPG1eUldY
-U89ODTsYNk0AXdctkMvAFSfVbA/4pnXAiXzKeEDk2YOhDYP1Y/T9eZQ3AI+LNeGO
-1Oqd9hGgsW0rqVgW+rCbUTezFE5J+2zbzMu2XnJieueG33iaVMpHzqnLLe27SYcI
-7VmgttZL4eL6/klPHSKC8x3y1c2T88d+HAuW+mB+bQ2iQWYfM82SyxjTER/7jpTy
-Zpj/mibgt2cQxVowWFmMMOLXczhpu/GOgRxxCXVQn6UCggEBAOa30vzxiskGMn1Y
-4EpifnPw50MrMkfFEKRB70rL3GnhV3TK8jRlNbSC+4vHcZ/A4YpQ/EMU5sqp0uSs
-GH2Z7e//nkGgmRf8UQRpKh5LL5bGfU5egqq6vveTfJajARGJyAl9zAGvccTjmQIL
-h49NVvPYbo0VAzlgRDrBz2T+NgMoqTEmP6k/uQXO2a5GFiYVA1fxKrHGIh/z37sk
-o0Aladj2Gby7RnuQ1VYUJ+CYh8KFqzXFWRPbTefWDDN1axD+PrOFpv2Y749+09Kn
-438qKsqyRyJBO6e360VBzIcBJjHkzyTgmNLgopaUSxfX/yRMfxIDDd0os+ev+Vp3
-1SWu/M0CggEAWSvfZCFNPCRggWN27rpPaOJ0pGehRDMFY/cvc+W9fQ3bTcRAnXg8
-aJVg9vSjX3qTcq6ufaoRJJsNIklTXLeYjU2zPAaMiEAcEhGYYL0Qe1Ttf4OPhnLf
-+GeaCZoTdO9YG9emLgKa9NoMC9QjNU98Dn6JJjR8cJbDKMUJomn8qI2ZrX8wwdpV
-KMfUnm4M4aMVRybE2LVRCoT6WrfzIxrJ8NK0Mz2m0PnLBzmC6pIQKM4OKrbGzY/V
-Y2F0RHW2dBqQ96VKKuA6M3kC/K6I/BCq5WvewKrjLWCuWrCjNd4blIJe0qdJMoRH
-AxR1eBn3XIUUwH6i3VO9aMbiqEr/6OpI7QKCAQEAslqWEcRSL8bxXTVs1Jqip4wW
-lbJoym+zXhMLiqxCbMukClkkCdaI+lxNVdxs4MpACHYRAhHwVvAujz5JcgiMjSRC
-IK/JGu9uVkSriA/YJxmmMPvTYI1bmT1lT99HUqhzM5COuSFJh9D8cfpHJSUC+6rF
-1U/YcdcrZAMl3UH30XdsJLc6l3L/0gyseohwWT76dSqqOOathvNM5PsE8jNzPEo7
-VUdfrrDpEw0dPjk4IF8cpC389H1j8lnwxkWQtHHhXZTXHJlC9xYPa3PRsRn18pJy
-vxz9r76vJ3YJiQTxv8MKw/AaQrNDZng0Ff5kqQAqc/q/CvHdb2pur8NTsS/09w==
+MIIG5AIBAAKCAYEAxQwJ+bBLNgVKttDsL8JtwpWSKsBaMWZJUKd1htvhZuLiSvv5
+UdTTbDo0VFehCwHt0vBeWkoS665U9JwWAZQjLjnQltD1AK+qfQuf45Hbm3MBc8Uf
+j3vlw1NZ2/lk26eH8rrzxUnfG1BFli/thypbeas/zVVlQpKw8auVA3caLDMJFFU+
+3l1vd4bi3+hZ9iUvE/fCdEZRoy5OPeAJ/W1AC0vQQGv2TYfCs/IjKUkQja7mIMDd
+cvrq4CRaGPSNbJhvJ0T8FwamxGciOmXiKC8V0SOIlvx0Yv2kdU7uL+QDGhNhzjkp
+sjdJRMww0DWcBUwqtMJfYhtFSHtWsiyiFhPFc84Hl3LeVZT+zKl2IcXI+3087bgb
+eh5eM5C/ugT3dsxtiYGKyTnTO3Zyx1QHz1yoAqjugxeNplncXkQshotGx2HtHuoo
+dVjOpEu4uqK2MSv6xjXXOd/MWm6N7qV30/NkeayJKJ7yJLZqmSqvUoumQzfOvLr5
++/cFuN2FEBvKrctFAgMBAAECggGAWgvXXyhGJoiijQrKdETYncx2QF0omlyQ8m+k
+UJ2Y0sip+vRNCi1E9LdghI6LBJm8EeJQa9hf7x36qtHNaKlGrnAzN0iEPe0I7x3p
+0jgscExNBJe3hX1sESe87753bb2QbccrcSQB9dxoAGskk9kydlZg0LfOj26zt6ze
+avf5mOs1ofoWwc1XC/szIHlw6wAxFGHrlfEwi260yKfiSNKtKrxZjacIpoN84Xis
+wsgl7WlYtu0MBehOf2F9Xtwa6N57V9OsBZtE8fs7/4YVruQZz4LNLbpZqCojGqmt
+MFXI3hX0Fs0UF8OLG5PdEIprcng+/HMuL7mlPF78TpC9OhJ5nZWDh0ltxFGr1hV/
+0qVrwHbWC3Vcg9FjFDOtJkOX1X4IuIC1WP+1Het6GyzhVMmGN+n832SDRzgCTEN4
+k0+EMzWoHToKF2N5/ZG+HIzG2UAW+hNM023zOjll6ZcSXW7rnQdkOrFNR5uC+//h
+kpaa96fsWoqR6B2HIdt/6SNTqLxhAoHBAOYejco+6i9DjXFHiOFeV+NrnWFF1hV5
+se4hBo3aZre63rYNaE4U7Jcw7DBhL/9qST0zPK8wLqMZ8XwHSYO/NLP4RuDoOzVG
+aRnIBcT1t5CXAYC8mu0GyqjnyVV2+rjXtzjswoDUGXfb12/0yTEhLVc6Ls2zFbsc
+B66fqKhXFIwrXSuEL2LIe4AEWVkIAvyG702PWiKIcXuDSjsxEeMNrlOcwUHZHGbU
+2YyWy5bqQqDtxdbnVsJAIprajh+Hx3O4HQKBwQDbNUnQtJoQbF3OzVsfiACLoF9A
+SFSdpRXMWbsh9xGehjUdRcaqoa7+OL+ZWKqEcdTYLJlPVB3M6ZUrOth7xDqWHJrm
+JR0fnGCnHar/6ZjcBnqXh70YGSrIU47I3bQtr6kjTtqCZOdwQdZF8502K/+7A3vI
+suOs82Zu9FHA88rQIqA8Rq9egbaWUXHXl2fbIcpX/JEEwGTg+3P0K7LxxEn5048X
+dPa8vMwTiWwPDlpFlHpgD9Ps4eo+K/qv03lDh0kCgcEAuomH/Kr1YOzMikgnkDDO
+475HbCOVQAFPF65TxseEvmjPwhmqNKlHg+OXgjw2EUCSL/cJuSVAmNwd4aFymUZ0
+rXKT2hrGbBAwgEKhUqCwdZfDEx1QJNV9kF+b2BjDcvUCRDXAEXhdUMi3obx3Hsk7
+HNtAN2R1OCCnpYksyZEVSe6Y7v6O/u9vFT3xQ3d4HEYxU9jhgt7BxxKNKOBFFJ3x
+czu9eOhK2pyt4QYX8LTi39r+pY8PyBT/ODH0RWDmcEqNAoHBAKQGkNBhg3LMk7ke
+ApRqgPX5r6x7Mw2vLMt3TUaSCJYVGINp5cliKH5D2mKVbSqjvr9vR9yLNa1SD3OE
+md6qq6gNiX6ywMMZkV0bHwxVMDNbibn/MOhqVJAHrizxcFRLQAWSiIDPnjpqmTpI
+mxeg/r9iUOqRqTmN+9UEbnQyOE1by4iu36SY7RY3pTbMLUNUWoNSEvV6PUH4BgDr
+/f9YgH425riHpeT+ZLottzTg6X1tJ9DfpxV2yn9xCykr1W5JOQKBwACNk4pTxdOt
+ZxyO77sn2yyZg3yon6GoI84OfkQxA/0jirwcMoXzOyd6ZluiOBMmTxHt9MPOrYle
+286hKzpp9ncYV5cn0yzNnSFpPEDK5N+CYtOqiOL+6ajKs8mdtOua3FeAYpJblHYQ
+qFVEv05xQoQhBPjV/6qFD+lDPgQzwu8ARuVi25OJgv/8Yw4Jbb4bI29SuZ7VcX1f
+sOKmnNHix18aY6WbVPf/rq7Q/KFWStIafhk8pkCYwP5UK+pQmT6I9A==
-----END RSA PRIVATE KEY-----
-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!!!!!DO NOT USE THIS KEY FOR ANYTHING !!!!!!!
-!!!!THIS FILE IS FOR TESTING WGET ONLY!!!!!!
diff --git a/tests/certs/test-ca-template.txt b/tests/certs/test-ca-template.txt
new file mode 100644
index 0000000..8f729d7
--- /dev/null
+++ b/tests/certs/test-ca-template.txt
@@ -0,0 +1,20 @@
+# Template file to generate server-cert.pem for certtool (GnuTLS)
+# see 'man certtool' for more options
+
+organization = "GNU"
+unit = "Wget"
+# locality =
+state = "Sunshine"
+country = Freeland
+cn = "Wget"
+#uid = "wget"
+#dc = "name"
+#dc = "domain"
+expiration_days = -1
+ca
+
+# key options
+signing_key
+encryption_key
+cert_signing_key
+crl_signing_key
--
cgit v1.0-41-gc330