From b927d64a191c6e756591778aa672cb96b6cc0f9e Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Mon, 19 Mar 2018 16:14:12 +0100 Subject: [PATCH] Aktueller Stand --- Dokumentation/anhang.tex | 15 +- Dokumentation/durchführung.tex | 28 +++- Dokumentation/ergebnis.tex | 4 +- Dokumentation/quellen.bib.bak | 91 +++++++++++ .../sourcecode/bbwmodul/files/bbwca.crt | 1 - .../bbwmodul/files/dovecot-ldap.conf | 151 ------------------ Dokumentation/sourcecode/ca/ca.key | 53 ++++++ Dokumentation/sourcecode/ca/ca.pem | 40 +++++ Dokumentation/sourcecode/ca/ca.txt | 5 +- .../ca/certs/certs/icinga.literm.local.crt | 42 +++++ .../certs/certs/management.literm.local.crt | 42 +++++ .../ca/certs/certs/projekt.literm.local.crt | 42 +++++ .../icinga.literm.local.txt} | 14 +- .../ca/certs/management.literm.local.txt | 20 +++ .../ca/certs/private/icinga.literm.local.key | 52 ++++++ .../certs/private/management.literm.local.key | 52 ++++++ .../ca/certs/private/projekt.literm.local.key | 52 ++++++ .../ca/certs/projekt.literm.local.txt | 20 +++ Dokumentation/sourcecode/ca/gencrt | 4 +- Dokumentation/sourcecode/ca/genpuppet | 4 - Dokumentation/sourcecode/ca/normcert.txt | 6 +- Dokumentation/sourcecode/site.pp | 134 ---------------- 22 files changed, 562 insertions(+), 310 deletions(-) create mode 100644 Dokumentation/quellen.bib.bak delete mode 120000 Dokumentation/sourcecode/bbwmodul/files/bbwca.crt delete mode 100644 Dokumentation/sourcecode/bbwmodul/files/dovecot-ldap.conf create mode 100644 Dokumentation/sourcecode/ca/ca.key create mode 100644 Dokumentation/sourcecode/ca/ca.pem create mode 100644 Dokumentation/sourcecode/ca/certs/certs/icinga.literm.local.crt create mode 100644 Dokumentation/sourcecode/ca/certs/certs/management.literm.local.crt create mode 100644 Dokumentation/sourcecode/ca/certs/certs/projekt.literm.local.crt rename Dokumentation/sourcecode/ca/{puppet.txt => certs/icinga.literm.local.txt} (62%) create mode 100644 Dokumentation/sourcecode/ca/certs/management.literm.local.txt create mode 100644 Dokumentation/sourcecode/ca/certs/private/icinga.literm.local.key create mode 100644 Dokumentation/sourcecode/ca/certs/private/management.literm.local.key create mode 100644 Dokumentation/sourcecode/ca/certs/private/projekt.literm.local.key create mode 100644 Dokumentation/sourcecode/ca/certs/projekt.literm.local.txt delete mode 100755 Dokumentation/sourcecode/ca/genpuppet delete mode 100644 Dokumentation/sourcecode/site.pp diff --git a/Dokumentation/anhang.tex b/Dokumentation/anhang.tex index bc6a74d..aff0d6f 100644 --- a/Dokumentation/anhang.tex +++ b/Dokumentation/anhang.tex @@ -28,6 +28,18 @@ \caption{Einstellungen der Server bei Installation} \label{tab:einstserver} \end{table} +\begin{table}[h] +\centering +\begin{tabular}{ll} + \textbf{Anwendung}&\textbf{Passwort}\\\hdashline + LDAP-Administrator&ErlIfguc\\ + Icinga2 Datenbankpasswort&WewCegor\\ + Fusiondirectory&DyWeejis\\ + Openproject&UsadBykEv5\\ +\end{tabular} +\caption{andere Root-Passwörter} +\label{tab:passwort} +\end{table} \begin{table}[h] \centering \begin{tabular}{|l|l|r|} @@ -70,7 +82,7 @@ \label{list:interfacesh} \end{listing} \section{Abkürzungen} -\begin{acronym}[LAN] +\begin{acronym}[LDAP] \acro{VM}{virtuelle Maschine} \acrodefplural{VM}{virtuelle Maschinen} \acro{LAN}{Local Area Network} @@ -80,6 +92,7 @@ \acro{RDS}{Remote Desktop Service} \acro{SSH}{Secure Shell} \acro{CD}{Compact Disk} + \acro{LDAP}{Lightweight Directory Access Protocol} \end{acronym} \printbibliography[title=Quellenverzeichnis] \listoffigures diff --git a/Dokumentation/durchführung.tex b/Dokumentation/durchführung.tex index 2a18b4a..565a4da 100644 --- a/Dokumentation/durchführung.tex +++ b/Dokumentation/durchführung.tex @@ -9,19 +9,31 @@ Als der Brennvorgang fertig war habe ich von der DVD mittels EFI gebootet und di Ich habe nur die Standardwerkzeuge und den \acs{SSH}-Server installiert, da die Server nur Remote administriert werden müssen. Nachdem die Installation durchgeführt wurde, habe ich mich als User \texttt{administrator} angemeldet und das Programm \texttt{sudo} installiert und den user \texttt{administrator} der Gruppe \texttt{sudo} hinzugefügt. Hiernach habe ich die \texttt{/etc/network/interfaces} bearbeitet und die vorhandenen Einstellungen durch die entsprechenden Einstellungen aus den Listings \ref{list:interfacesz},\ref{list:interfacesp} und \ref{list:interfacesh} ersetzt. +Hiernach habe ich den \texttt{ISC-DHCP-server} und \texttt{bind9} installiert und konfiguriert. +die \texttt{/etc/resolv.conf} habe ich auf allen Servern durch den folgenden Inhalt ersetzt. +\begin{minted}{text} +domain literm.local +search literm.local +nameserver 10.0.0.1 +\end{minted} %TODO -Danach habe ich auf \master die Pakete \texttt{puppet-master-passenger, puppet-module-puppetlabs-apt, puppet-module-puppetlabs-apache, puppet-module-puppetlabs-postgresql, puppet-module-puppetlabs-tftp, libpam-ldap, slapd} +Danach habe ich auf \master{} das folgende Kommando ausgeführt. +\mint{text}{sudo apt install slapd postgresql-server} +Ich habe mich zur Automatisierung für Puppet entschieden, da es eine Einfache Automatisierung ermöglicht. +Dieser wird der Nutzerverwaltung und anderen Programmen später als Nutzerdatenbank dienen. +Die Frage nach dem Administratorpasswort für \texttt{slapd} habe ich mit dem Passwort aus Tabelle \ref{tab:passwort} beantwortet. + \section{Installation Nutzerverwaltung} -\blindtext[3] +%\blindtext[3] \section{Installation Remoteumgebung} -\blindtext[2] +%\blindtext[2] \section{Installation Monitoring} -\blindtext[2] +%\blindtext[2] \section{Installation Projektmanagementprogramm} -\blindtext[2] +%\blindtext[2] \section{Firmware Erstellung} -\blindtext[1] +%\blindtext[1] \section{Aufbau Clients} -\blindtext[1] +%\blindtext[1] \section{Schulung} -\blindtext[2] \ No newline at end of file +%\blindtext[2] \ No newline at end of file diff --git a/Dokumentation/ergebnis.tex b/Dokumentation/ergebnis.tex index c47a269..0da0608 100644 --- a/Dokumentation/ergebnis.tex +++ b/Dokumentation/ergebnis.tex @@ -1,5 +1,5 @@ \chapter{Ergebnis} \section{Technische Abweichungen} -\blindtext[2] +%\blindtext[2] \section{Zeitliche Abweichungen} -\blindtext[1] \ No newline at end of file +%\blindtext[1] \ No newline at end of file diff --git a/Dokumentation/quellen.bib.bak b/Dokumentation/quellen.bib.bak new file mode 100644 index 0000000..9c30b1c --- /dev/null +++ b/Dokumentation/quellen.bib.bak @@ -0,0 +1,91 @@ +% Encoding: UTF-8 + +@Online{web:de, + author = {Imanol Mateo}, + title = {Desktop Environment}, + date = {2017-09-29}, + url = {https://wiki.debian.org/DesktopEnvironment}, + urldate = {2017-07-30}, + keywords = {debian, desktop}, +} + +@Online{web:lh, + author = {Richard Kweskin}, + title = {LTSP Howto}, + date = {2017-09-23}, + url = {https://wiki.debian.org/LTSP/Howto}, + urldate = {2017-07-30}, + keywords = {ltsp,howto}, +} + +@Online{web:lp, + author = {Alex Mestiashvili}, + title = {LDAP PAM}, + date = {2017-09-23}, + url = {https://wiki.debian.org/LDAP/PAM}, + urldate = {2017-07-30}, + keywords = {debian,ldap,pam}, +} + +@Online{web:sualswo, + author = {jason Blewis}, + title = {Setting up an LDAP server with OpenLDAP}, + date = {2017-09-23}, + url = {https://wiki.debian.org/LDAP/OpenLDAPSetup}, + urldate = {2017-07-30}, + keywords = {debian,openldap}, +} + +@Manual{man:iscd, + author = {ISC}, + title = {dhcpd.conf}, + date = {2017-09-29}, + subtitle = {dhcpd configuration file}, + edition = {4.3.5-3}, + urldate = {2017-07-30}, +} + +@Online{web:htwirfi, + author = {Carla Schroder}, + title = {How to Write iptables Rules for IPv6}, + date = {2017-09-29}, + url = {https://www.linux.com/learn/intro-to-linux/2017/8/iptables-rules-ipv6}, + urldate = {2017-08-04}, + language = {english}, + keywords = {network,ipv6}, +} + +@Online{web:komitver, + author = {Dr. André Wiegand and Prof. Dr. Klaus Goldhammer and Sebastian Lehr and Prof. Norbert Pohlmann and Chris Wojzechowski and Johnny Hoang and Ole Jötten}, + title = {Kompass IT-Verschlüsselung}, + year = {2018}, + date = {2018-02-20}, + url = {http://www.bmwi.de/Redaktion/DE/Publikationen/Studien/kompass-it-verschluesselung.pdf?__blob=publicationFile&v=18}, + subtitle = {Orientierungs- und Entscheidungshilfen für kleine und Mittlere Unternehmen}, + organization = {Bundesministerium für Wirtschaft und Energie}, + urldate = {2018-02-27}, + file = {:../Dokumente/kompass-it-verschlüsselung.pdf:PDF}, +} + +@Online{web:debian, + title = {Debian -- The Universal Operating System}, + year = {2018}, + date = {2018-03-07}, + url = {https://debian.org}, +} + +@Article{art:ct12-2017, + author = {jürgen Schmidt and Ronald Eikenberg}, + title = {Zum Heulen}, + journal = {c't}, + year = {2017}, + date = {26.05.2017}, + subtitle = {Krypto-Wurm WannaCry stiftet weltweit Chaos}, + language = {german}, + issue = {12}, + pages = {20-21}, + issn = {0724-8679}, + keywords = {Erpressungs-Trojaner, Krypto-Wurm WannaCry, NSA, Ransomware, Sicherheitslücken, Verschlüsselung}, +} + +@Comment{jabref-meta: databaseType:biblatex;} diff --git a/Dokumentation/sourcecode/bbwmodul/files/bbwca.crt b/Dokumentation/sourcecode/bbwmodul/files/bbwca.crt deleted file mode 120000 index 0929ee8..0000000 --- a/Dokumentation/sourcecode/bbwmodul/files/bbwca.crt +++ /dev/null @@ -1 +0,0 @@ -../ca/ca.pem \ No newline at end of file diff --git a/Dokumentation/sourcecode/bbwmodul/files/dovecot-ldap.conf b/Dokumentation/sourcecode/bbwmodul/files/dovecot-ldap.conf deleted file mode 100644 index 88ba276..0000000 --- a/Dokumentation/sourcecode/bbwmodul/files/dovecot-ldap.conf +++ /dev/null @@ -1,151 +0,0 @@ -# This file is commonly accessed via passdb {} or userdb {} section in -# conf.d/auth-ldap.conf.ext - -# This file is opened as root, so it should be owned by root and mode 0600. -# -# http://wiki2.dovecot.org/AuthDatabase/LDAP -# -# NOTE: If you're not using authentication binds, you'll need to give -# dovecot-auth read access to userPassword field in the LDAP server. -# With OpenLDAP this is done by modifying /etc/ldap/slapd.conf. There should -# already be something like this: - -# access to attribute=userPassword -# by dn="" read # add this -# by anonymous auth -# by self write -# by * none - -# Space separated list of LDAP hosts to use. host:port is allowed too. -hosts = zeus.literm.local - -# LDAP URIs to use. You can use this instead of hosts list. Note that this -# setting isn't supported by all LDAP libraries. -#uris = - -# Distinguished Name - the username used to login to the LDAP server. -# Leave it commented out to bind anonymously (useful with auth_bind=yes). -#dn = - -# Password for LDAP server, if dn is specified. -#dnpass = - -# Use SASL binding instead of the simple binding. Note that this changes -# ldap_version automatically to be 3 if it's lower. -#sasl_bind = no -# SASL mechanism name to use. -#sasl_mech = -# SASL realm to use. -#sasl_realm = -# SASL authorization ID, ie. the dnpass is for this "master user", but the -# dn is still the logged in user. Normally you want to keep this empty. -#sasl_authz_id = - -# Use TLS to connect to the LDAP server. -#tls = no -# TLS options, currently supported only with OpenLDAP: -#tls_ca_cert_file = -#tls_ca_cert_dir = -#tls_cipher_suite = -# TLS cert/key is used only if LDAP server requires a client certificate. -#tls_cert_file = -#tls_key_file = -# Valid values: never, hard, demand, allow, try -#tls_require_cert = - -# Use the given ldaprc path. -#ldaprc_path = - -# LDAP library debug level as specified by LDAP_DEBUG_* in ldap_log.h. -# -1 = everything. You may need to recompile OpenLDAP with debugging enabled -# to get enough output. -#debug_level = 0 - -# Use authentication binding for verifying password's validity. This works by -# logging into LDAP server using the username and password given by client. -# The pass_filter is used to find the DN for the user. Note that the pass_attrs -# is still used, only the password field is ignored in it. Before doing any -# search, the binding is switched back to the default DN. -#auth_bind = no - -# If authentication binding is used, you can save one LDAP request per login -# if users' DN can be specified with a common template. The template can use -# the standard %variables (see user_filter). Note that you can't -# use any pass_attrs if you use this setting. -# -# If you use this setting, it's a good idea to use a different -# dovecot-ldap.conf.ext for userdb (it can even be a symlink, just as long as -# the filename is different in userdb's args). That way one connection is used -# only for LDAP binds and another connection is used for user lookups. -# Otherwise the binding is changed to the default DN before each user lookup. -# -# For example: -# auth_bind_userdn = cn=%u,ou=people,o=org -# -#auth_bind_userdn = - -# LDAP protocol version to use. Likely 2 or 3. -#ldap_version = 3 - -# LDAP base. %variables can be used here. -# For example: dc=mail, dc=example, dc=org -base = - -# Dereference: never, searching, finding, always -#deref = never - -# Search scope: base, onelevel, subtree -#scope = subtree - -# User attributes are given in LDAP-name=dovecot-internal-name list. The -# internal names are: -# uid - System UID -# gid - System GID -# home - Home directory -# mail - Mail location -# -# There are also other special fields which can be returned, see -# http://wiki2.dovecot.org/UserDatabase/ExtraFields -#user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid - -# Filter for user lookup. Some variables can be used (see -# http://wiki2.dovecot.org/Variables for full list): -# %u - username -# %n - user part in user@domain, same as %u if there's no domain -# %d - domain part in user@domain, empty if user there's no domain -#user_filter = (&(objectClass=posixAccount)(uid=%u)) - -# Password checking attributes: -# user: Virtual user name (user@domain), if you wish to change the -# user-given username to something else -# password: Password, may optionally start with {type}, eg. {crypt} -# There are also other special fields which can be returned, see -# http://wiki2.dovecot.org/PasswordDatabase/ExtraFields -#pass_attrs = uid=user,userPassword=password - -# If you wish to avoid two LDAP lookups (passdb + userdb), you can use -# userdb prefetch instead of userdb ldap in dovecot.conf. In that case you'll -# also have to include user_attrs in pass_attrs field prefixed with "userdb_" -# string. For example: -#pass_attrs = uid=user,userPassword=password,\ -# homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid - -# Filter for password lookups -#pass_filter = (&(objectClass=posixAccount)(uid=%u)) - -# Attributes and filter to get a list of all users -#iterate_attrs = uid=user -#iterate_filter = (objectClass=posixAccount) - -# Default password scheme. "{scheme}" before password overrides this. -# List of supported schemes is in: http://wiki2.dovecot.org/Authentication -#default_pass_scheme = CRYPT - -# By default all LDAP lookups are performed by the auth master process. -# If blocking=yes, auth worker processes are used to perform the lookups. -# Each auth worker process creates its own LDAP connection so this can -# increase parallelism. With blocking=no the auth master process can -# keep 8 requests pipelined for the LDAP connection, while with blocking=yes -# each connection has a maximum of 1 request running. For small systems the -# blocking=no is sufficient and uses less resources. -#blocking = no diff --git a/Dokumentation/sourcecode/ca/ca.key b/Dokumentation/sourcecode/ca/ca.key new file mode 100644 index 0000000..f6d491d --- /dev/null +++ b/Dokumentation/sourcecode/ca/ca.key @@ -0,0 +1,53 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIJajAcBgoqhkiG9w0BDAEDMA4ECNueXUaBXfYjAgIU2ASCCUjZmwTx4tiSsmAH +f5G6vDUUc4hEGObyy66p9D+4KWc3xL6TSiKXcaAZm//o57wtR/q3L/Ad+xXjVmkY +f0GAeknHXV+HQ91d2I8g5/y2+/IO0U3nAk9zbG47sUyhVmAB8lpre7ObwFEF6TIB +uR9tXxdncjeppsif2MWw0vgwsubXtkJPUI2OTQRSVf7kPEDKi4Cjmukbsy43JDyu +L+mp0iedkZVIQHWnieRmbtnS2H+v0jGbcTLs1327DMrzL3GcWa/70lvitXKU8pjG +3bu1LrvP7afcJuJ/+l9M20eWjiyRq4abH0aq7O/+qd62siHXwHcGtUQge++DqUdx +jcRhglnsk5F/5gBKYilB4D/SDZLoJXQ9dU1NGghi9WIBopeB4j65iUUzTdulEwRU +xQ9OyfDO5pDBsUkY4YlfPyd8OhyD/cg8cqMjGkSEbED/ma+nfWD022O0Kem1vOoX +dKRXoJnJ52lKsr55Ju8696UBcZsBJhMEU13HCrq1/QKW5yiOFEHGAj0Vz2kOIk5R +iTM1cO8VaLSXUjUBI1qZbbnxgtBhWRKF2b0pzFNjC0MvIiGs8iHKVGERTQ8nqylt +6HLQt+W36RSmaGnrWL5eVh32nOjMqHkJZY/MOcXVuIB35DT18NKUhqTy5aswa9Hx +JaYH5x6jh8D066MHwqSw6iHInD7ZmhdOyWQmH24QxH0Y+GeAXreQIaylU9Au+ISS +vC1P01Q7w/8HKd/9HIK7yFC17xsdU0yOcelmEP66/ZPkq/MmK66CX0rEKSeH0iQY +jkca3iAqfEoTW4nsuiyXzH2GdhoAJMjhjTtXMR1Y+oU6aE4DC0ld2bsUAj0SQtBs +9LcUk8un3fFkjMQhXUGFJ6RxNy8VIGfkvMM7WUe4YB6dLIjlJ21qS3qD553sqdEE +yKUDNEzmG0e1+5w44BHJhmS0PdvdHLgO0ijtMIO4UoucEbfVkjSCB/2ielJUTYz8 +mjuMFUBO+fZO7yZs3/Qu9jNYcbrLzdZZQCb2weKHhfhuQevUo8yBnd4jbRtUA+vE +JAM/NzDBTJis/5/EpfNQRSBVniukdnfR382TGETKZY934+9Omvci5qQak+P/GEp6 +yhWVNoTZqOcoxv2/rWpGm3f9TGqEPFrRCW8apj1qlQOrm5MRLw3Ec9QMqhhrHkZQ +Cf+VBNWOps53Nd3Fog+HJa0ACmo09MhSrhwOuw5L/Nyd2ksJYF/iw3KPn3oGwc+m +0UvCQ7DpUqiZvQwMbMXV6ubgBCcTAQfrUpr504qJWASCFneid1BCjT8saq5twHnX +oO35H/evIOYrL6K/YtFrZwZh58qKpCk9u8qI4hj/ULOWhYmkToRnrNAcSwq+Evrx +Fjk+ts1de16VyLSQ8t0Ksojfp7ctDZaYVNylavTG2cYW2rfqzk74F82X8nrVzXU0 +vNG/TrbdCB2wBFLh2Yev4IERTPTMy0zBm8QTkxB19urZE8tmHtA+m7GGEV3xxSbx +IAANjXe+UWJ9RA+XBtiysr6xpwzH1AVb3PcsV2lLN6LJU+JrdCK6Q0QRMiKZtaoS +Q6tuxa1TEP+eB0gZSAD0UhY7nPAN3rewlxHr6lQf83T1M2eAfydM7ViZ//yjtwha +NIupJp8+ul8HiAwHNrLyaVvPkttwWk49kdSWVtCg9osVcRxvCUZp0cYHDhQiqKTo +dVLP7F3OV+uoLQZ8ekc5y5NdT9wQUxv4L8Il302lRaD7tYtf8kI4WaWZv/xUkVug +fgMtIL0DzxD2UtJOmhJw3FCsrBWQL8m3FMiP6bZFP8OL/UehdrhVCJp7jrCUQQji +UqJf0v+sTLdUmbnhacxJEDck8Tn4F3SQJk4uH1Lbk02lq8PYtS06sZD8t8Js4wx/ +pH0ol+SCyT9biWM47BT+nmVqEzQnEImJJZxlNLFDgqeJyZxRClbONSDRuoiYg9zy +w7v0ajL/7O7PmXIouqLeLjNSB5WISNPpBs3p8/J2z/P2OD7knr/x8ZIz2ht5a90M +D8QoRlkbrTO8nRbq4IQu2w8B+PwsSnA6kkzoD0L7srzJgIHAEQ4JksmEnkGfUmgZ +4XH/zBf0BbuqR/wciBOpxrj/YJkKx4pZPyLe/SoBbhVR4xOf7bDPIKIF2rutECL9 +qzax+II2ZF6SQq0W6nb0OO2sMvws1JqZSbLUGRYN7K6JhIwnXLmbwln0T3VhCjTZ +gqvx6DNbKZNwCak7z5RYgKSJr9FhOxn7Ec3PIPJOBlsC3ovEiP0xW69XgGpOMjcZ +cvKQPh9yMPjTMQSnrthg+6eWMJvUQXmQ5JcDngEgGBURTy3aC54UlxZe3PWdQX6d +maD2Ebxwq5bioQ8euDz1beHi3e658qvUZxbsT4I6y1/QgCSRpru0/Ov47Ew5XoI5 +e4z43kmTyLxkRdwfuexonW9ElK57N8FJx6Dvy6KuadtNv72yXfeAyTeTZln7B5ID +9i6Tu5Or40r9oI2Ke3mfcSAAHQIO8UIMZZ14sB2/Wzb4tPwFwyrxscRbc4HG0hVs +fKyemP+HVFaYND8UrCxFTwBxydyurLD7V/BCsCJDXGFH8tpQM32mgbwUoSiOUQFs +W2DZcx8Fg+xn3VR7A1z33K9djC/fCViJX4Xf+r7YY+8PA5KP7YLk8BhBZdNUIpEi +B5djpcO3iuWQKinOAyspuZOkXI7957VKizWqa301T7WMZ8NIuEx5q2wOxnQUIz9s +Qf+d74rBoLzq58tBLWa+qxFdak/9LtnnypXUaj8xcxLNuDUgrbFF8Q6XoY6lO+C9 +7cbZLPUQnRefkjxzFxGcy7c5XUQM3Mw+oiiEpAUSkNQ9cAE+vWraAVQS1fDsfRwc +tAurBqVk2IDfKDsfTi0lIi76MWecL7S/rw0Id9qGc/XWc9BorCeAb/9SSO/4vDyR +qPDjfybhfGm3cH3oXRMoSsVqrg1es80LbtVLeYK4Jd3bq0Lsb1ihn0wmC8hUyM/U +No4bcOqljyOVCxQqQ0RS75YWUmypHIUQWraICtJrWWDBhDv7PYJchzxHG9w6ZRWw +XbTfJAxeoaw5qpgFecizcyghx3b/z3qyrS//5YgqsBr9J2W8PleIQtu2SEPxO/ME +DGc/Ezb92jLrbp42oMurq4n+3kcM5ENpqIW453s8A/CErp/l9zgOEqzs3rv01yPN +1rlePqH/TEzuSNiqvC4= +-----END ENCRYPTED PRIVATE KEY----- diff --git a/Dokumentation/sourcecode/ca/ca.pem b/Dokumentation/sourcecode/ca/ca.pem new file mode 100644 index 0000000..60abe33 --- /dev/null +++ b/Dokumentation/sourcecode/ca/ca.pem @@ -0,0 +1,40 @@ +-----BEGIN CERTIFICATE----- +MIIHCjCCBPKgAwIBAgIMWqedaiFNB4rJ5FbJMA0GCSqGSIb3DQEBCwUAMIIBBDEc +MBoGA1UEAxMTQkJXIFJvb3QgWmVydGlmaWthdDEgMB4GA1UECwwXS2F1Zm3DpG5u +aXNjaGVyIEJlcmVpY2gxCzAJBgNVBAsTAklUMSwwKgYDVQQKDCNCZXJ1ZnNiaWxk +dW5nc3dlcmsgU8O8ZGhlc3NlbiBnR21iSDEPMA0GA1UEBxMGS2FyYmVuMQ8wDQYD +VQQIEwZIZXNzZW4xCzAJBgNVBAYTAkRFMRYwFAYKCZImiZPyLGQBGRYGbGl0ZXJt +MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxGTAXBgNVBAkTEEFtIEhlcm9sZHNyYWlu +IDExDjAMBgNVBBETBTYxMTg0MB4XDTE4MDMwMTAwMDAwMFoXDTI4MDMwMTAwMDAw +MFowggEEMRwwGgYDVQQDExNCQlcgUm9vdCBaZXJ0aWZpa2F0MSAwHgYDVQQLDBdL +YXVmbcOkbm5pc2NoZXIgQmVyZWljaDELMAkGA1UECxMCSVQxLDAqBgNVBAoMI0Jl +cnVmc2JpbGR1bmdzd2VyayBTw7xkaGVzc2VuIGdHbWJIMQ8wDQYDVQQHEwZLYXJi +ZW4xDzANBgNVBAgTBkhlc3NlbjELMAkGA1UEBhMCREUxFjAUBgoJkiaJk/IsZAEZ +FgZsaXRlcm0xFTATBgoJkiaJk/IsZAEZFgVsb2NhbDEZMBcGA1UECRMQQW0gSGVy +b2xkc3JhaW4gMTEOMAwGA1UEERMFNjExODQwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQDiJx9E0LGvta8ZyrDQd73ndMWgIDZVq02TYn28O3VoCk4Hdw8q +57VrcfAbSALuUpIUutGDYn7K8SsPDm8eIDZWKmeqDiM/DydABKBMZpnH2ww/n+ob +RdWWuT61bGdQdSxiMPG68FwTU1uTAeOSUcvqpFr200771vl7ctOR5YN7R/ImChGd +cH6RGqpjIPxESISo79hxJn8dNIRfcZumREtk35NYTHlMySdwTEm21X1KLPTXewNZ +BwgZyr5kJfuDa8PDFIETYAQ6Bt6/NzgUtvKJwtHyeFqo+bX6xauLwpdy4uy4qrTo +uV+ztlhYyUEGAFK7c/+Jm2L68rA4K/qrcbSW6IXydQDQxh724fCDnSkOHiitoSbA +RR/PmjQHyLd+W20f2gJUTdOwB3oognpKCM0cBY6vYgJatt/DoqtbQ1RuJmQKd0v7 +6jkOPT7xUoz5xNr/nDIYhP53rhjFyEuk8OcwYFNLW57iE0Nq6VCY8DUneNkn7Xwn +Otj0briyx1B/5zYJlz01rBId+GU/5XHDoH/Pi9f5F9RGh/Ib9V80BTQM3ELi8LUl +yWswRJYTYKQftURZQ/53xdyW4VaViWtXz3v9EL0SzC6t3RSfhr7kHU6RWbP46GCY +xX9ixyOTfaH8c+CENG/HzJ0fTleYWbPhSRtXi5LAhnbSDabDOrWzRueVPwIDAQAB +o3gwdjAPBgNVHRMBAf8EBTADAQH/MBMGA1UdJQQMMAoGCCsGAQUFBwMJMB4GA1Ud +HgEB/wQUMBKgEDAOggxsaXRlcm0ubG9jYWwwDwYDVR0PAQH/BAUDAwcCADAdBgNV +HQ4EFgQUKd6eL3qUMQZWHP/9JGgZPv4uk7IwDQYJKoZIhvcNAQELBQADggIBAKeO +rMO/ky2SbTov1FbdpE+u2VAahM1ktix4bLvN+Y4BupSLjIE+M9IM8dsxjVTNj31i +CUhEcRJM3pmn4xXdHHe+86W7kpGMS7V03e8Mg7RP3FFX4RNFQzqhoHp8UaEoD3MP +s0gBYStVkXHU7hXdhZSMFs2iQdYUCa4q+rN3NBYkhYyuNhN7rD4nRvdJ5yPudMo6 +tvS//JzzpMCLiW/I6c7U+Yuc0RQ5c7L9PW8K1JJ6HsBCYYEpaFAiYs1bfFpzZedq +WIeSZosTluj1mPNqgPOe8szOCrbQuuUMrkg4NQmB0dG2d375q8poF6hAXXdNCOLs +ke/XOZdDqU2K4q87h5E1QjC6PVfR6LumYex/exjuKKojqqpdOeC9o9VeCeDEYK7i +zsVsNAKmfjeV83m39/WtHfsDwd5GzsW8PGAUxhdhDmftlxpJrgfCyrW8TivyMUt5 +RW+yplQyOVsUQcfBZf+1iLqytKpjDRjmn4TQaN2HiYVL5T/WA2wVw+z1nvuhyrSA +R73Tguf3Iu6o/lWxQlRlakydqSpECRJmCptXA1eWtFLPzeIeJ60uiX2wyZw7Ud3+ +TqjlTVVxXObtCvw+s4Q2LsWaW8/L+yLNMKyxbgcHn1J92pRgi2kz2nhCsVVvz6VD +77VS+v36Yp9dddLxnaVi+cSjpVgrGnVBlRWX+5AU +-----END CERTIFICATE----- diff --git a/Dokumentation/sourcecode/ca/ca.txt b/Dokumentation/sourcecode/ca/ca.txt index 36f5c96..b8a5fc1 100644 --- a/Dokumentation/sourcecode/ca/ca.txt +++ b/Dokumentation/sourcecode/ca/ca.txt @@ -5,7 +5,8 @@ locality = "Karben" state = "Hessen" country = DE cn = "BBW Root Zertifikat" -dc = "bbw" +dc = "literm" +dc = "local" dn_oid = "2.5.4.9 Am Heroldsrain 1" # Straße dn_oid = "2.5.4.17 61184" # Postleitzahl activation_date = "2018-03-01 00:00:00 UTC" @@ -15,6 +16,6 @@ signing_key crl_signing_key ocsp_signing_key policy1_txt = "Internes Zertifikat" -nc_permit_dns = bbw +nc_permit_dns = literm.local honor_crq_extensions diff --git a/Dokumentation/sourcecode/ca/certs/certs/icinga.literm.local.crt b/Dokumentation/sourcecode/ca/certs/certs/icinga.literm.local.crt new file mode 100644 index 0000000..c676588 --- /dev/null +++ b/Dokumentation/sourcecode/ca/certs/certs/icinga.literm.local.crt @@ -0,0 +1,42 @@ +-----BEGIN CERTIFICATE----- +MIIHTTCCBTWgAwIBAgIMWqpXNjsGHNd9hbV+MA0GCSqGSIb3DQEBCwUAMIIBBDEc +MBoGA1UEAxMTQkJXIFJvb3QgWmVydGlmaWthdDEgMB4GA1UECwwXS2F1Zm3DpG5u +aXNjaGVyIEJlcmVpY2gxCzAJBgNVBAsTAklUMSwwKgYDVQQKDCNCZXJ1ZnNiaWxk +dW5nc3dlcmsgU8O8ZGhlc3NlbiBnR21iSDEPMA0GA1UEBxMGS2FyYmVuMQ8wDQYD +VQQIEwZIZXNzZW4xCzAJBgNVBAYTAkRFMRYwFAYKCZImiZPyLGQBGRYGbGl0ZXJt +MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxGTAXBgNVBAkTEEFtIEhlcm9sZHNyYWlu +IDExDjAMBgNVBBETBTYxMTg0MB4XDTE4MDMwMTAwMDAwMFoXDTI4MDMwMTAwMDAw +MFowggEEMRwwGgYDVQQDExNpY2luZ2EubGl0ZXJtLmxvY2FsMSAwHgYDVQQLDBdL +YXVmbcOkbm5pc2NoZXIgQmVyZWljaDELMAkGA1UECxMCSVQxLDAqBgNVBAoMI0Jl +cnVmc2JpbGR1bmdzd2VyayBTw7xkaGVzc2VuIGdHbWJIMQ8wDQYDVQQHEwZLYXJi +ZW4xDzANBgNVBAgTBkhlc3NlbjELMAkGA1UEBhMCREUxFjAUBgoJkiaJk/IsZAEZ +FgZsaXRlcm0xFTATBgoJkiaJk/IsZAEZFgVsb2NhbDEZMBcGA1UECRMQQW0gSGVy +b2xkc3JhaW4gMTEOMAwGA1UEERMFNjExODQwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQDWEX/C60xRo9dda/+FM1Zf3BF1NEDHa1zAOUwYvVJHcmxfsM7F +xwvZLZTZpRIRZdDPYDEXHG22few+B6qUNsFs2lLdbCwem5kMLx1a0LWhU2zE2O2u +d9EWK/lhRlUfQrHLExbI7vqXSngJ4uFXAr+FEkyqaRfcWeeJiymOpnI3wnpOWwHt +1y7p8tNOuer8QrBtQvy6ecA7Inp9exLyEzuxrj5JwJEVQOxToNhluk5MB7gxJaTw +MHOmrfxWQpCHXbVMntp1JfBphiq4tVlALulqU77HLcmBc75LbF8lgCRuOsXCmt0D +vDthyCBUI5YFyR4rt+wKUYKblrxPH7vs2RwlSwR6woM+Ruw1lomR6OF6acdRJWl9 +2vCm84lygrJgLQvzn1tzqQWuw1SfnWzm+EduBP7XTMGOIC9LgumjBiAiogf1Q9VI +HiQ+LaXkv9EYE7b/2NHGkjGp+v0k7rgyhCjULMl72l/ezvR5nAI5FY2uFHvW0rCz +iVE+V/MIBVohVJKSNYL9OCfhGMhc9GXMtmdkH1LWerK9i4oHjbMoxKV0xWhnGO5P +dw8CErOd7dnO1EdUtKgck5PTRbZqoLQsrCTt4tpB2unWYFOShegWuOvlRQaIblIJ +OCxzSWW/FYrFnINp7XXd5UGowBsWwDWNzezfwdVyrZ/NLHdufUZMooSXmwIDAQAB +o4G6MIG3MAwGA1UdEwEB/wQCMAAwNwYDVR0RBDAwLoITaWNpbmdhLmxpdGVybS5s +b2NhbIIXd3d3LmljaW5nYS5saXRlcm0ubG9jYWwwHQYDVR0lBBYwFAYIKwYBBQUH +AwEGCCsGAQUFBwMDMA8GA1UdDwEB/wQFAwMHqAAwHQYDVR0OBBYEFEqbjjM2YSlb +AlLPCSNkcI0r0yB5MB8GA1UdIwQYMBaAFCneni96lDEGVhz//SRoGT7+LpOyMA0G +CSqGSIb3DQEBCwUAA4ICAQBpj4rNEpT2JDjLOlaQK/9AO2zhiB7+rIwMn0IGu5Q9 +4ZfMGX0sh6HuqBSaxJIJKBmLyjmMD1Q0dyLSOkbVpA7KM6rZLuGQ6oVtzreU2JVZ +oi6IkiLSJzyJ+QaXYxBtg/kM91cmcla5ZFlmaVJTX5L9Zp/SmaWK1oyrXEJx810Y +ux0VcHlp0W44O/xah9y9eJOoTf8KVom7rIt2mIax9dLBnTctHhrNk591ECEGx5Q1 +O39x08iYJrd7JuxPqHSRl4jUzL2o/QQX7A2eAwVAwGi8Tus/3T4x7Thdy7dOKfJf +ywODqtv8vPRDs48ECOR94Mgjr+pZ8ok+4jzIQPvQyL7S/ItmYcOMs5DKQzU1TwQk +Uux63/RvmyxM07qYqa6xOewzAYFlMcE7muEz5C7Kx4t1tDeIPAMBP6+1o+Z8N/37 +12sl6PfuwI4moxV1iY6ZmSKX08vBBD648dyxj+Wfoad93w5x6JWwM8B62JCcxDIr +pFWdERUKeIJPRSy/A9sSe/DCgp+6t7u0ggsRvh1mw6yy+m19nNdXeiadYLTuwTuG +zzYSki7D7l7tYmPqrl5CZn0G4MtJzlsSi/Xn8Ekcfy0XxIFreYw5L7cOmANpsHTE +mr3jgSOikQo2ERIUMN1NBmdbIrRiE1XLPDHDlFnXGEqvZdvv5pYCjvvsC/XubCOL +tQ== +-----END CERTIFICATE----- diff --git a/Dokumentation/sourcecode/ca/certs/certs/management.literm.local.crt b/Dokumentation/sourcecode/ca/certs/certs/management.literm.local.crt new file mode 100644 index 0000000..18a440a --- /dev/null +++ b/Dokumentation/sourcecode/ca/certs/certs/management.literm.local.crt @@ -0,0 +1,42 @@ +-----BEGIN CERTIFICATE----- +MIIHWTCCBUGgAwIBAgIMWqpXOAT0ubFfOam8MA0GCSqGSIb3DQEBCwUAMIIBBDEc +MBoGA1UEAxMTQkJXIFJvb3QgWmVydGlmaWthdDEgMB4GA1UECwwXS2F1Zm3DpG5u +aXNjaGVyIEJlcmVpY2gxCzAJBgNVBAsTAklUMSwwKgYDVQQKDCNCZXJ1ZnNiaWxk +dW5nc3dlcmsgU8O8ZGhlc3NlbiBnR21iSDEPMA0GA1UEBxMGS2FyYmVuMQ8wDQYD +VQQIEwZIZXNzZW4xCzAJBgNVBAYTAkRFMRYwFAYKCZImiZPyLGQBGRYGbGl0ZXJt +MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxGTAXBgNVBAkTEEFtIEhlcm9sZHNyYWlu +IDExDjAMBgNVBBETBTYxMTg0MB4XDTE4MDMwMTAwMDAwMFoXDTI4MDMwMTAwMDAw +MFowggEIMSAwHgYDVQQDExdtYW5hZ2VtZW50LmxpdGVybS5sb2NhbDEgMB4GA1UE +CwwXS2F1Zm3DpG5uaXNjaGVyIEJlcmVpY2gxCzAJBgNVBAsTAklUMSwwKgYDVQQK +DCNCZXJ1ZnNiaWxkdW5nc3dlcmsgU8O8ZGhlc3NlbiBnR21iSDEPMA0GA1UEBxMG +S2FyYmVuMQ8wDQYDVQQIEwZIZXNzZW4xCzAJBgNVBAYTAkRFMRYwFAYKCZImiZPy +LGQBGRYGbGl0ZXJtMRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxGTAXBgNVBAkTEEFt +IEhlcm9sZHNyYWluIDExDjAMBgNVBBETBTYxMTg0MIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEAxEXWXPDG2ElQUCFoQDTm5csIVQE/LPUTYgJlkFbrkALt +4eZxC1IuLYuLQIe13NnPSBYsNfP2ViAsqCAogjxDgjsWF9grSTSM+i117+L5t0oB +HiadV2VY4WJyxXXC1zvorNCajup9gFAtvVMd+6goYRAoI0wex4+92/DPpYj9Oa0v +snyQ9bfokNQCoX4l05sH+unwm4/GutXWGck9sbBKlEANXjx4fjRrmW8rcHngqBxx +JzvUHGjZxxuv/w2ON/Y3Nt8T7glmFoJckBJqLK3zgcxZ5jFT14nWqSrr6iIqBClG +7jw3K+7L5/oF+MQwre+asA50hBRyIAhlvvIFXWehmdAKYH2bNV243Ck/8ADjP11+ +xWTzc2pVjAAeKZ5rz3vuqTte/nVxG/awDEZloyVomNXN1HYjugHrgOC+Jv6O3Fj8 +0paritYrFXKyygPDlCqvhvKyut87n7xzUortVf0kP9e/b6Dv499zjeOnNOUrCYDH +bX45PU7k4wjaP8yvqGeL1u7PcrGj8dVXfyqPauQ5oXrfBtnVoxwU4ylWmbfHcGuT ++XAmpgr6ONwkGtxYP51/wxiZlWaCTryZ1Wxi/Q/Y+7GUPMUnc/+to8P5s4L6CYmP +iaxSenkD37oGmztxwFFvVt4ilrDs9S4wZJgWpYlBiunNbH7LyFu6p/PI7RVCBSkC +AwEAAaOBwjCBvzAMBgNVHRMBAf8EAjAAMD8GA1UdEQQ4MDaCF21hbmFnZW1lbnQu +bGl0ZXJtLmxvY2Fsght3d3cubWFuYWdlbWVudC5saXRlcm0ubG9jYWwwHQYDVR0l +BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMDMA8GA1UdDwEB/wQFAwMHqAAwHQYDVR0O +BBYEFAi+hTYr2i7q12t43ZiY97Hnb9DeMB8GA1UdIwQYMBaAFCneni96lDEGVhz/ +/SRoGT7+LpOyMA0GCSqGSIb3DQEBCwUAA4ICAQBKLcyID63lgX96j03o7Klp0ekE +gRLfJclHI3xOzeAJ9MhSmX4ogCsyFyma+2UanjY2ZGuVm4r2h4b7eCdGUnoF/wiL +ada6ac/XN0GirEJwXR43CDcVvwqzrpJKKMZ8PmkAfpRSysPSlxRdnBSM63qb4BKb +hv1jgpxzWvwHwGwJVpWg3TSa7yFXTOM/JeCl6gtJezyn/r6Y9nxzJ/LB7RpRo4N8 +cIpN6MWpNyU5SApizwoVXTw/2C9XxdQYcZxAy3urKgKjYG5v81TISRoFmufoDZGw +K6TkZ5Ycfqv444IU3jqcLs1XzOJDPEI8EC7DYXiWYvRapcVcaqYnghHEMtujd2n2 +/Y8hEk8RBS7jUgrXyPa+bOmIjWAoTQyBzITW9SFTE4tEpaGybzWgDY2o5kcA+yCu +LxsfrKpDQWxVei75XRL7XuY8RXMLtSTDMQ7QZLUYV1mdfjuOBuIc56G7TQmyoR4Q +TgoZp4fQZOntZZTfj2Ihe778HfP3qHUfmAKxdTlZRlUIcGm2Lze+ob/cwLd7y91q +ejM7a2hyozaCoizZeCnXztr0DNAXHtMD/7BBd4PAdMrgok5gLVWFrYYkd6Z3AivC +vPjc2kYEH69cWKqT15WF6WwHN13g49wNbRxuroEVq7k/L/q/iKFf4QYWiSdNoWM7 +qqKp9ZIsFLG13HXldA== +-----END CERTIFICATE----- diff --git a/Dokumentation/sourcecode/ca/certs/certs/projekt.literm.local.crt b/Dokumentation/sourcecode/ca/certs/certs/projekt.literm.local.crt new file mode 100644 index 0000000..890de99 --- /dev/null +++ b/Dokumentation/sourcecode/ca/certs/certs/projekt.literm.local.crt @@ -0,0 +1,42 @@ +-----BEGIN CERTIFICATE----- +MIIHUDCCBTigAwIBAgIMWqpXODa2RmB30FvrMA0GCSqGSIb3DQEBCwUAMIIBBDEc +MBoGA1UEAxMTQkJXIFJvb3QgWmVydGlmaWthdDEgMB4GA1UECwwXS2F1Zm3DpG5u +aXNjaGVyIEJlcmVpY2gxCzAJBgNVBAsTAklUMSwwKgYDVQQKDCNCZXJ1ZnNiaWxk +dW5nc3dlcmsgU8O8ZGhlc3NlbiBnR21iSDEPMA0GA1UEBxMGS2FyYmVuMQ8wDQYD +VQQIEwZIZXNzZW4xCzAJBgNVBAYTAkRFMRYwFAYKCZImiZPyLGQBGRYGbGl0ZXJt +MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxGTAXBgNVBAkTEEFtIEhlcm9sZHNyYWlu +IDExDjAMBgNVBBETBTYxMTg0MB4XDTE4MDMwMTAwMDAwMFoXDTI4MDMwMTAwMDAw +MFowggEFMR0wGwYDVQQDExRwcm9qZWt0LmxpdGVybS5sb2NhbDEgMB4GA1UECwwX +S2F1Zm3DpG5uaXNjaGVyIEJlcmVpY2gxCzAJBgNVBAsTAklUMSwwKgYDVQQKDCNC +ZXJ1ZnNiaWxkdW5nc3dlcmsgU8O8ZGhlc3NlbiBnR21iSDEPMA0GA1UEBxMGS2Fy +YmVuMQ8wDQYDVQQIEwZIZXNzZW4xCzAJBgNVBAYTAkRFMRYwFAYKCZImiZPyLGQB +GRYGbGl0ZXJtMRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxGTAXBgNVBAkTEEFtIEhl +cm9sZHNyYWluIDExDjAMBgNVBBETBTYxMTg0MIICIjANBgkqhkiG9w0BAQEFAAOC +Ag8AMIICCgKCAgEAwh8nA7bItEqnoWmx8YArJuhaNs8B9x+3NRdU5MkifdRHOWm5 +iSiS8sG2fTDx+Oohi/5YbVjN6z6Q3J1Y52lRSlJMw2whd7bK7aI8zQzPuibTca1h +Qld16oeARXAXCHBcsee0M3f9bcws/Ka6SVJKYf3sl8MGrFVs6h3j1GqOzBZ+EiiC +1LTm6fcwnWDGx5aRZLNFficl44UuT0/YTKtXt9OzUQmcZTQu5J2OD9CLnUaeNRo+ +DJ37dxDOQ7CgInDsohst7Rw4HD6q8PacFtp+EK78ADyVxKScX1vqHt5dZItLFi9k +qFVNnaOx6rh57cFGvZRdKlABsR49+YhKjT1LiHFGViWar05OKXmGAHb465IMAHGd +PMO91z0AgvrFUGAIx5pcGM7ZVyRyPn6qlWU/xWlFzpcgUO0X5GkHXKJutRVMk7j6 +ETsVM5PN8Zz48NivVx9okG+4FDlbqZV2sclqK0KOGgTmBRzJmJzJ1TCoBmVt2tNy +Mvc64/L0KYFXt1G3MpOcvujICMj8wEbiqQpIp7JRm/aHySje+c8wn0KXYauKRsit +iy6BOPtg6t1M/aoWCU1eYyM/usj1Tt5wqKfw+KvfspmYAx776RveVy2kSL28T8sQ +JBpvDJsNXi+m45fY4/bCFduJ0r33r0cDU4mBP0aO+IoL4oQ7NpkTQFzgEWMCAwEA +AaOBvDCBuTAMBgNVHRMBAf8EAjAAMDkGA1UdEQQyMDCCFHByb2pla3QubGl0ZXJt +LmxvY2Fsghh3d3cucHJvamVrdC5saXRlcm0ubG9jYWwwHQYDVR0lBBYwFAYIKwYB +BQUHAwEGCCsGAQUFBwMDMA8GA1UdDwEB/wQFAwMHqAAwHQYDVR0OBBYEFD5sKmo9 +o/USKTnIH/uThiwivfTOMB8GA1UdIwQYMBaAFCneni96lDEGVhz//SRoGT7+LpOy +MA0GCSqGSIb3DQEBCwUAA4ICAQCFtiSMsytQfO59FblG4b76/k1K7WD6GzmXfJ58 +w2a5TAuqFDdJPbOdgF94IGNHS1uJgHwknqc7dDtNCGWAfnvqvgKRX9kaG96Sn0U6 +osm8q3IK3mk1QAqWp1Z6Z+0NT2vqjaIdD799nRcrKdizp+NmHWTjy2/jZyWe7u0a +d4bG8Fiv7lYxrh3zPECTyeOMHIkqGK8er2USq/za8inApQNDtLvRejEb0YSd2prc +sEsMkz2AhQuT91jMNt7y3fwttfZxkUO6qeT9nDeRPtlF+ztAvxD5Y0Vi5XsNSCb5 +/9acmj1RAZsv6qITV8SEzfZmJhBk9Fd1qvaARGhC6UJgXgnmXmU9NKu1wc5zch7b +aHdHcaxW6CYzGP4Ss96W4bSXq8qq3nS2u/d6r3k3ckQhCIR+iooFxWV1VYEX57UH +FbhfZW8UQMqE2KzsdwcSTwzINifxFoTsEqmWL6GeirMs/SCrT9cs1BsgUxdI4EhT +LAW6cyAMEDne7rLQnibZxH6Kein8mHLVcXEnxygdYEdQp9zW7onYmbhmE3Pb4R61 +MsMtU6SH0OabZ3eHclLxVoaXZ4wCWv6r44nOCCLxTjWPJodZrcrUxKNRYFvBtPee +8a2IZi5pcf1/laT9wADG4kyRFDC6oDhZU0rFFJ36z7MDoawBWyCOon4IAGpuLZbO +rh0i1Q== +-----END CERTIFICATE----- diff --git a/Dokumentation/sourcecode/ca/puppet.txt b/Dokumentation/sourcecode/ca/certs/icinga.literm.local.txt similarity index 62% rename from Dokumentation/sourcecode/ca/puppet.txt rename to Dokumentation/sourcecode/ca/certs/icinga.literm.local.txt index fcbd9a2..6804996 100644 --- a/Dokumentation/sourcecode/ca/puppet.txt +++ b/Dokumentation/sourcecode/ca/certs/icinga.literm.local.txt @@ -4,11 +4,17 @@ unit = "IT" locality = "Karben" state = "Hessen" country = DE -cn = "Puppet Zertifikat" -dc = "bbw" +dc = "literm" +dc = "local" dn_oid = "2.5.4.9 Am Heroldsrain 1" # Straße dn_oid = "2.5.4.17 61184" # Postleitzahl activation_date = "2018-03-01 00:00:00 UTC" expiration_date = "2028-03-01 00:00:00 UTC" -ca -honor_crq_extensions +key_agreement +code_signing_key +signing_key +tls_www_server +encryption_key +cn = "icinga.literm.local" +dns_name = "icinga.literm.local" +dns_name = "www.icinga.literm.local" diff --git a/Dokumentation/sourcecode/ca/certs/management.literm.local.txt b/Dokumentation/sourcecode/ca/certs/management.literm.local.txt new file mode 100644 index 0000000..36c5b97 --- /dev/null +++ b/Dokumentation/sourcecode/ca/certs/management.literm.local.txt @@ -0,0 +1,20 @@ +organization = "Berufsbildungswerk Südhessen gGmbH" +unit = "Kaufmännischer Bereich" +unit = "IT" +locality = "Karben" +state = "Hessen" +country = DE +dc = "literm" +dc = "local" +dn_oid = "2.5.4.9 Am Heroldsrain 1" # Straße +dn_oid = "2.5.4.17 61184" # Postleitzahl +activation_date = "2018-03-01 00:00:00 UTC" +expiration_date = "2028-03-01 00:00:00 UTC" +key_agreement +code_signing_key +signing_key +tls_www_server +encryption_key +cn = "management.literm.local" +dns_name = "management.literm.local" +dns_name = "www.management.literm.local" diff --git a/Dokumentation/sourcecode/ca/certs/private/icinga.literm.local.key b/Dokumentation/sourcecode/ca/certs/private/icinga.literm.local.key new file mode 100644 index 0000000..0516195 --- /dev/null +++ b/Dokumentation/sourcecode/ca/certs/private/icinga.literm.local.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDWEX/C60xRo9dd +a/+FM1Zf3BF1NEDHa1zAOUwYvVJHcmxfsM7FxwvZLZTZpRIRZdDPYDEXHG22few+ +B6qUNsFs2lLdbCwem5kMLx1a0LWhU2zE2O2ud9EWK/lhRlUfQrHLExbI7vqXSngJ +4uFXAr+FEkyqaRfcWeeJiymOpnI3wnpOWwHt1y7p8tNOuer8QrBtQvy6ecA7Inp9 +exLyEzuxrj5JwJEVQOxToNhluk5MB7gxJaTwMHOmrfxWQpCHXbVMntp1JfBphiq4 +tVlALulqU77HLcmBc75LbF8lgCRuOsXCmt0DvDthyCBUI5YFyR4rt+wKUYKblrxP +H7vs2RwlSwR6woM+Ruw1lomR6OF6acdRJWl92vCm84lygrJgLQvzn1tzqQWuw1Sf +nWzm+EduBP7XTMGOIC9LgumjBiAiogf1Q9VIHiQ+LaXkv9EYE7b/2NHGkjGp+v0k +7rgyhCjULMl72l/ezvR5nAI5FY2uFHvW0rCziVE+V/MIBVohVJKSNYL9OCfhGMhc +9GXMtmdkH1LWerK9i4oHjbMoxKV0xWhnGO5Pdw8CErOd7dnO1EdUtKgck5PTRbZq +oLQsrCTt4tpB2unWYFOShegWuOvlRQaIblIJOCxzSWW/FYrFnINp7XXd5UGowBsW +wDWNzezfwdVyrZ/NLHdufUZMooSXmwIDAQABAoICAQCpbG4euhXMI41HPjuck5YQ +Bl+20GVYr6tX48FLb0OYkoIddhUgyTmiaIX/f7r+FAQgrPQNY42duqnoKi8iYPfT +jDO7VWrRyrplv0BPaRHnndxfK4Vp6SCNmL4l9AFY3XNT00bcPvAMH39D69IHCIDF +9EbDNKwS1QEAhiic4zVQ1lXwf+zV7dIOjQYar+DASJPT1gmqGMRAyTgC6g6Dkx9S +sCJSQttQ4/Jm+c1rLfncCNwJ4c5Z3y8ZQ2iMaOB0koD0JGGoCB/vlKVpTPZXawmI +AsHiaGWsVAvPK/Vd+75Zk6CDNggodajV6gtULFoHODbtyQJC5GInfDSLtwUIHok7 +ss8Pt93sVPakXTHDWuh842AeSErAntDa/+kwvhu4wuEIQZkx0BRKXoe5EGGzwbYi +A/T3KIuqOq67XT5ajLM185Zk/7MPpBvzKfEfHPz80OMLUWyHw9Py0GGrk5aKiUf3 +hHLvdrkedTE8jrRZU7Z1rzCgbaBJofWXfwKzbVuR4EiVG/21kXQSJkl9vHM7qzbn +LCmumXTZRgsD8yooPp7lwUp6vG2387j9SAvkFc7kHjSF6QI6hQ6aEBgTGQ5FNPD5 +rwzdvX8rEhbLU8CSyE3bTzjln4FjcBlqIX3IlM+2zJAElEkdd1kO7QODi193e8Pu +WiCElzrIQuOrSRmo9KcKQQKCAQEA1i1jnaaHBBMv5vO5ghk+8y5ED3eDZXis1NmS +1ijJFsyw8vTWZLyRL+vc4QutCxesKIg6lWGLfhRWtGxjoO/isM1MhiVq5RVCwJgl +gKgKtM7e76CWa1OCEO94MvtrZHxWyLzxRTPR2R8hSmvDbKlHm/O/lqzldt3OwK92 +3cTHk1gJWH2DofPjv0BkJC2UQ4joS5lnVqcM0JwFnlKsmxAaHf/08Uqv2KM29fxo +xeHZdMgzKX9rWJJrVQPV8W6RYcQX6wvXNxVDbec0M6tVqaNAY0a0i//HlXc10ZKf +oknjsBf+o6wvKMim0hgEgYrsw4a4n6fccqLtYB69q6JGmncsOwKCAQEA/96p77GV +XVY1ttH2SaJBKNa/JuiNTWPUyKzH5zBTwjYQnottH9nlgmGZ7HFk8oM0CzUoKCHx +Qi3MwUsHo3dHRwgCDvWwqMkjbITt828v0jsHgWn12MyfLycyS/8zBlUXwHWRxoJu +WKONRurpNaiwQikVhUOhNQIdRL3A11tQEnH1XiPigov2T1dRSuRSOECLopoYRm8g +nmaqgGlJtnZA7JfDNMzHYxJkPHhKApjWNbHRco9Hexet7B3jQeEiFArWHa2/3BDn +I/yDTiVyLlR050GfW76j9p4IPnWtsE3jtrebnYFl9vsG+7xIjkLuBMU/7J5Zjzci +r5ZrE4t74o1sIQKCAQEAyhAMeYHQw7Fucg/jJrC2ySsPHyB8INGXDUEv3UihXxdC +ohUH6AZXW8TEoLUpTtvImnzb+G8M8agynQndfMqVLoSh+7V1gidq0NU6HIVthGPf +xGfXQe6JOX0UA9Vb3nPIVJ6dadKX2qYZ/GJq/ys92g4+5OK9okVleDiShmvOdl6K +gqf39mVoqtkPIWq3BHg34IscCY6U8oMgcdxB6BFq8n63EqaJ/HMPuUeneXm4dQsj +6bTDC88n4A88WwkbtAcTIbgMFXXEJf4JK+4rZV4VsxPT5nksTQEpD02ruarIWyxo +Gvapj2quqGvsZGMzOMzzhf0SaDz6gsK94x24SqbAXQKCAQEAtQi00aui05woewaJ +LEYJtjximMPXHhdxON7OvWs7B+E61wItHmkL8rjdsCX214MvMnLUy7hgO4OuKGDO +scC2BLLMygrZiEJvtttChId5nVQ4lj8DO/Zi9njUJGMWlfdky74jewFT05E8Zx3U +DSwiMV1iJZzZFWk+jiF3rKelurc4dPgMznL6vd443TU4WyaH5W8Dl+oOeSSIpDxa +dCes/fjOm6/7rsQXeZVeQAIlJW5/k39+gsAZRUNMRJNmiim0nuENK0YmVBbYTFVA +OTl2URzkBISY++eKS671ShWB9QhpqQIhw6KOqVPpPgZq46Mv/Fl5YlQPTY6uifCZ +oYyQIQKCAQB6ebblAQGtNyBco1PEGtrFqxsrj6Cf0jWeU8rXv84r5g6+hSD/xisb +uBzd7jcWpaVP8h4yoJjA91TZObQe2DJBKuUj0kFXN9+8mfT1MWJJyTI1XVYqsCMo +vSAJeGjEv0so7PfNlXuVRLC/nYEvVACGP2mfyNhQjomBDHc1JC+HUuFGSOtXTE1k +j8QfbmfcngNFuKe5qLEjKFL/j2LsYBbKuWlbdzG3oYWPZnrPRkvrDLbgM+3bmXrf +g1cfTgDQNSVNWHmt1vPWXgDFsz9RiXXpjc4koWX2BtDOm7qqoy0EQrAEK3S+GdAo +/sG4mUie+fo/dKr+DddPpUUkjoDp71x3 +-----END PRIVATE KEY----- diff --git a/Dokumentation/sourcecode/ca/certs/private/management.literm.local.key b/Dokumentation/sourcecode/ca/certs/private/management.literm.local.key new file mode 100644 index 0000000..9559bf2 --- /dev/null +++ b/Dokumentation/sourcecode/ca/certs/private/management.literm.local.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDERdZc8MbYSVBQ +IWhANOblywhVAT8s9RNiAmWQVuuQAu3h5nELUi4ti4tAh7Xc2c9IFiw18/ZWICyo +ICiCPEOCOxYX2CtJNIz6LXXv4vm3SgEeJp1XZVjhYnLFdcLXO+is0JqO6n2AUC29 +Ux37qChhECgjTB7Hj73b8M+liP05rS+yfJD1t+iQ1AKhfiXTmwf66fCbj8a61dYZ +yT2xsEqUQA1ePHh+NGuZbytweeCoHHEnO9QcaNnHG6//DY439jc23xPuCWYWglyQ +EmosrfOBzFnmMVPXidapKuvqIioEKUbuPDcr7svn+gX4xDCt75qwDnSEFHIgCGW+ +8gVdZ6GZ0ApgfZs1XbjcKT/wAOM/XX7FZPNzalWMAB4pnmvPe+6pO17+dXEb9rAM +RmWjJWiY1c3UdiO6AeuA4L4m/o7cWPzSlquK1isVcrLKA8OUKq+G8rK63zufvHNS +iu1V/SQ/179voO/j33ON46c05SsJgMdtfjk9TuTjCNo/zK+oZ4vW7s9ysaPx1Vd/ +Ko9q5Dmhet8G2dWjHBTjKVaZt8dwa5P5cCamCvo43CQa3Fg/nX/DGJmVZoJOvJnV +bGL9D9j7sZQ8xSdz/62jw/mzgvoJiY+JrFJ6eQPfugabO3HAUW9W3iKWsOz1LjBk +mBaliUGK6c1sfsvIW7qn88jtFUIFKQIDAQABAoICAGpHIqca3aE6OZnaLRgvTSP7 +B5z32tyeLAuzHonE9zL40xSycl3d9xFEcXfUxH49FseC8heY7bd/Ho8/MpAqz6dS +FUl+DRpLsVa6jRUDQ5KjKO3JnQM45qLMazdO590iHICPSFHA2YpEYDAXNLITQSIl +3IYYbsZCqFzTDa0l+3BiveQZHWlgVzctBeuqYhMt7GlKibXCaaq7pX47AQQZYJjc +AiEX/2rfObBQiSYTaLm/BOpotBdaEyqEbI1gKrVUxlsY+jK3tibUGgkNX56n5qZP +IBLMfQjGI41gp3QVYcj1DOptgrZwTMtlEBy/J1jX2Fwix6bJZ26+/VEivhLwzYiI +X7Sy3frlOGpabJbFJMqlmzMLF+AOAYvsUqrpFiQcu4FvIBZ2/iyQU8EBhukSmJv4 +RELO3rSEv7N7KmEe69B86NJKJLluTJXxw97++/7tYqyq3HMnrDY7S3MshwU61AbU +Fi7GzIginsRPW/AdlYkEaaxTpy99v4h9Ay7Ku49TXMgHJ4S7Sixvn/nxd3nfr1gl +IlqfGE6u9OGj+waHzmFJt5Nol5BxnywCbi1S+Hx3Z/mde52ktwFrQGnI6TzJ6wVR +7pIvrbjyuKGmMeH2tJeDCCcW0G+qcW16XVqsydvowiucg0A/hMjIiUNrJgy0TGJO +9amPS1qSra9+ZvMq18UtAoIBAQDiwAfPoHdTvRTQZED0TkD/FOC2eJZs6HbN/nsC +nICuDP/fn1wr7Sjn37rk+SRZiS7C1j3OHIPDaKLeWtP5vX78rXtJ/LxfFHZlG/zx +qG1e8MZQXXdu2Uozm+NbJjRF2IDo3ZBSEBEgN1q8zIuwmgbWe6av8MlfDn5rkIHi +J0a9ZG/cPDY/YHJGotOUAPkoIjvmcwf4pDzQTLMz0w9SCA0bkv5oyTjberm2Apjy +H30UQMJYTzLvG27vjgE8BnQqzuVSrjZJDWKGYip7fKpkUxW0QO4PseQo/3zJaHEg +2EfLzwDKNNmxF1WzdaeOGH+RTFExuwfp2KMhUBZauDoLyVs3AoIBAQDdl1q3jfy2 +RWR7TDoBYciZxVMsxkE2sWf/fC1YKEo7RM0VluvtGcOO0KeQJ/dO7EIcJD33tZVt +rm4sTUMYdjbIV9v01O2JCy2kA8w4dIwEydNQdE/eIG20ZsOcdhIdCCO5nV64Zaur +DSTcMDqa6aaNGoHpHXT55LuJv3lp2TaC+XJ8RPdNamtWm38wxbjVd+YDRGZ2AIM1 +HJ8w+SjjZJX17pO1vzmnvgPb4HRHkjHegQ2nTMdblmm1GOSa/Xb9F4ojzY/mlkXX +9XH6CmBpN+SMt0YKaXgseTk5LwqHEGE8/SeqdIDHgDVGIBKSRknZGndsoQXG5kba +G9W7jxcUu5KfAoIBABoXSI7OgwyCpEN6VbMG0hnH2DeG1qA/e3QmhRb+1Rux6Ttd +BekUB/HuX337YQBgdZ37su7lfw/cGWmGf/+rm1IN0DLqPu6d1yW5O7i+zZ7wC5Gx +v41kuVII7PdPBRLIX8TrwbB/osjXNbyluKkggArr/XkfNryWWVudLCTOqigex3RL +BV7zhRK1p6zPE9xXXBcfQ1qL42eAe9pJveiNfpyepGGATeeLTpUv5VNu5iCPdw1c +R5sVyAUOjPvQLkvCtMZ3v01WmfCmmQbOiHi0yrmMAxiROpSxGTW/q8zAtjowXoHl +5OqoqbbVoesKzJr2ch1LzRROVi7+HSRhMGSsza8CggEBAKXrntGyT3drnkF0YjqG +rV32ksED8fCyBd0XbhyEjpCyg52W1DFFCVj2g4E9a8B8x0OrH3tLTAhEg9pIP+Uh +HwQERX6dsP7cj+Avt8rN+cncFY44iVUZkwtxpyaQgh+a6KUjYLlR56i8vszgkAFO +0pb1MjELDXvP+Vy7Mn4/VsHbZg4G1eXxuU2wQRyT8EJm9KOdo9rXp2ctd0WES0l5 +F5B+g7ui49jmPp11A5xTq2Of3klXBC9gAObJLOOgxmfcKGOGmClgfAuojR9chbRD +Va7HzHofXwxt+JsIzikz6ptwMzM+6O544WsQuNcuKj2Vw7ZjG6BC7OqDzRYTnoS3 +rqECggEAKWJO/2GtpqFQlIb2Upwb80eloSECV8O1lj5ajXQXMzV8UoPFIdsP25nk +mn3IwUaYKZZpp6yxxzjfE8laz5jAuOqrbn9VL4jyzyrxL3JENmnLzcOg9DFt98Lq +sX+pAxnsRzHiGwbfqlR3TMwUS7Jz7Ya/lhOhHGA4ywMHlJwON7PC0smLXsivk3mY +YtwPzQl3lnbXM4C+VxgM8wEDshT9OTlmfgXU0vU7EozQVe3gGUcl118lKs8KmBXE +JA2PzuHze60JnYMqpJMQTtCHkus0/Z3SfLZ7wJ5WerdIr/DJLA2CTADOENi+likX +QIyHuoTt03fJN2W023aysHgCfQmkcQ== +-----END PRIVATE KEY----- diff --git a/Dokumentation/sourcecode/ca/certs/private/projekt.literm.local.key b/Dokumentation/sourcecode/ca/certs/private/projekt.literm.local.key new file mode 100644 index 0000000..bc89978 --- /dev/null +++ b/Dokumentation/sourcecode/ca/certs/private/projekt.literm.local.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDCHycDtsi0Sqeh +abHxgCsm6Fo2zwH3H7c1F1TkySJ91Ec5abmJKJLywbZ9MPH46iGL/lhtWM3rPpDc +nVjnaVFKUkzDbCF3tsrtojzNDM+6JtNxrWFCV3Xqh4BFcBcIcFyx57Qzd/1tzCz8 +prpJUkph/eyXwwasVWzqHePUao7MFn4SKILUtObp9zCdYMbHlpFks0V+JyXjhS5P +T9hMq1e307NRCZxlNC7knY4P0IudRp41Gj4Mnft3EM5DsKAicOyiGy3tHDgcPqrw +9pwW2n4QrvwAPJXEpJxfW+oe3l1ki0sWL2SoVU2do7HquHntwUa9lF0qUAGxHj35 +iEqNPUuIcUZWJZqvTk4peYYAdvjrkgwAcZ08w73XPQCC+sVQYAjHmlwYztlXJHI+ +fqqVZT/FaUXOlyBQ7RfkaQdcom61FUyTuPoROxUzk83xnPjw2K9XH2iQb7gUOVup +lXaxyWorQo4aBOYFHMmYnMnVMKgGZW3a03Iy9zrj8vQpgVe3Ubcyk5y+6MgIyPzA +RuKpCkinslGb9ofJKN75zzCfQpdhq4pGyK2LLoE4+2Dq3Uz9qhYJTV5jIz+6yPVO +3nCop/D4q9+ymZgDHvvpG95XLaRIvbxPyxAkGm8Mmw1eL6bjl9jj9sIV24nSvfev +RwNTiYE/Ro74igvihDs2mRNAXOARYwIDAQABAoICAE6mgo8tqqnpqXtrsI4RiOpN +r+eO/dPbhMY8+sdres8Sh/0KCgM5bjhvJfoZL6DTc94dokRDe8L5aYYJNnEkKax8 +Jd/z2qd/Zz7awdmufCeG/ZqMTeCsQPlSBzWbEan4pIXsRAWqcwLee8et4cI9VifX +0tk2Smjef69nhtyUg+DKqC/BPCjkVr6qyYaqJD/PkH8FZ32SbPZ/CmFWD2QY9ARm +ALwvsa8LcohsEZf0vexuJUGMrWE9TRpTs86XLHpn2GhhrLzp9w3ykh3pPRrBUdx+ +mVmbMm8m5rh4LCZvn9VR3o1RjG3rifP50+cu8S/UZE4BY7H2EolpoGCOyO3qzMP5 +uDE/7TMvSxwEeVEQv9W7DIEiEq86sxTXsab+iUT/qJ4FYDlWaloXn5KaYlhL9DcX +sNX9COycGzOrDPAX1pJFwdV1QF/6SlrLNlggQBkERQ9dbMTVDyAMooyyA3aaPyGT +pfOYNEhbP+5wePBsNtT7sxRycp4PHqzLBmtY1dAr+sW0CAKhnBEx3CyuQyakuAtw +3L39ARMxg4Vt32fgfXiBO77dB/GQIwzcEVFCQcMxkwaqLKIzXF2uduowHdY6qGUL +12sn5IWUYUajWf+LT1wbmqoF0JzUExezsPZS3DURakfvSa+DlB3ZkF3BP0topXXi +R/2fpj3mrCQf5uWowEqBAoIBAQDkJ0LEAdEbonfV6I8Fn/lCYgX/GdCzE8fSM+Ak +qnu8xYR0bdDZAso4Cra+ewdXqZ1jomB+vZp8Ce8pV513+BNh4p+8YHKaLzr5VWmd +gdVngs3dB6ba+UAAqdA6e2qxl0ECHYeqLfrROcgjfwdfAdpxrtYcMgn+nHmevCAh +es5QKmIi1859dt4BUYntJDeVorhHW5V/BivAParCULGhUEMCx2Y5xRxS3cNVjmfr +DWhlzfmNlxGQhOreHIa3RoOJ40OZexkpo16KtjVmwCpWNTm1YkBJnat9wRyrpVzn +n1Uv+NZcW5JVDVI884zpzTje4h2DBn4ZFgV5M1qihEqcSwtBAoIBAQDZ0I8VwYX8 +nq9gopYWgpAAhxDvNoqG+hECl/hDp25iji+zv7odRe3dam4Yn8BbgD3eoZd54I+x +mn0gwIVXOvFLZ5uzz7knhfvKBPXN43rsh/Jo+HfMadxouIviPp1kr22JYREEf/Fj +F8kkhifTpHGr4X5aORuGPUqzDmmUm5nxAahfvvIUxZhIwm63w/fr2BO3qfBuAlwz +R29fgphf8kc2Z+IzCjC/zvNY4nlZDRkTl4LwYthdiMs0WrpWRVHlQHh0vL937Bsg +hc4x9sNsPrvIOK/LO+V2h8eqmdvlGNzb5wUwy6kQsetNLISIkR6SWzIUOvSFME/l +9dUUNtg3ISejAoIBAG4d4OSXd+SdmrccgoMVfgmjI//G5uq3nlb/AKzRt90Ze99x +7T4AUbeQvDjdSmLuE2+2PFqPipNZfBv5FKCFlF1HMw+JgWaXayBSMCJ8OpK2GEQY +4FiJunFXhI/lZ06FkTPDKuphPNBk0gsH0XfyfgsmdmKvaBGCVlTduahPDGq2uhzV +Ce2WRHpgb3CMbWOEYOrX8iSXxuAHI3ab2c/g3CboNJenYg9Ax3lwvQk+tGeGbW8A +PdMBxBYlsIOevff8P3FBb5igKA5M+SM5lnV7RPodjKe7OLz+SqcxrdCBH22C7Xsw +G0V/o3SVnCpwCYXRnqrRpGTZMxUXSyRrM1OSCMECggEAdB4lSZnjzirioAfNL67n +CgD3XC+dZhvGGbXemmKWDGB0ucTKeXSgPFvS2bnAmIcjdJ583HKE6E/NyToZW8mG +fYZ8kT16HcHl22sNh3dwPsyyxJdBdm4xHHrVyAVNbzG+mXBv3BBBJWy2xIvoi4Gt +P850x7COJeBjBFX4n0rcpIkXtANdlwlIB/HviHQmpUqKKG2mSV9ku8mnbCl5Bh1p +LW3wPvl9x6OSQ55oxrqe1bz+Bx0K78JPYlfD4t4NrMPT85f0EwCB7bKnnCdLQ1em +UDU4MoZ569iy7xYbDmVUyL6+G6dXOBlBseC7vvpua+PGLNbJKH/6+EM4FxCt76Xz +NQKCAQEAqAOZmtqT/vqDUC7FfN/59/5sSqztRbP51eak4BG1ZSTnU4DF8dW04JNx +lHAlh2yjzAashDbrB2YyS7uUwMV/5O1pqKYzL1fEhrnhsU+ZBa+jXq7xpJuaLjmY +T7B70TaJuW+PeJXMgTk7b7Ea3XGso5JZTUGzaML5bCYZCah/z65Etz88pIPThJ1C +lUC9kYUd+h2W8yzYcILpDb1yuNxCgrJYqhXvT3hZpTaxNUH0CWobwNRCWmJXEwvu +OBxu5DbdEy4tmsXTw3OJm4kKN0SotIwCCDnsnJ7kxKSONfBD2uWcWJ+Jb6AgVAuN +4UdOLwLHwElprBPFDd+pkoXyIstc2A== +-----END PRIVATE KEY----- diff --git a/Dokumentation/sourcecode/ca/certs/projekt.literm.local.txt b/Dokumentation/sourcecode/ca/certs/projekt.literm.local.txt new file mode 100644 index 0000000..b12ab55 --- /dev/null +++ b/Dokumentation/sourcecode/ca/certs/projekt.literm.local.txt @@ -0,0 +1,20 @@ +organization = "Berufsbildungswerk Südhessen gGmbH" +unit = "Kaufmännischer Bereich" +unit = "IT" +locality = "Karben" +state = "Hessen" +country = DE +dc = "literm" +dc = "local" +dn_oid = "2.5.4.9 Am Heroldsrain 1" # Straße +dn_oid = "2.5.4.17 61184" # Postleitzahl +activation_date = "2018-03-01 00:00:00 UTC" +expiration_date = "2028-03-01 00:00:00 UTC" +key_agreement +code_signing_key +signing_key +tls_www_server +encryption_key +cn = "projekt.literm.local" +dns_name = "projekt.literm.local" +dns_name = "www.projekt.literm.local" diff --git a/Dokumentation/sourcecode/ca/gencrt b/Dokumentation/sourcecode/ca/gencrt index f7f4cf0..63648d8 100755 --- a/Dokumentation/sourcecode/ca/gencrt +++ b/Dokumentation/sourcecode/ca/gencrt @@ -5,5 +5,5 @@ if [ -z "$1" ]; then exit 1 fi sed "s/DOMAIN/$1/g" normcert.txt >$crtdir/$1.txt -certtool -p --null-password --bits=$laenge --$typ --outfile=$crtdir/$1.key -8 -certtool -c --null-password --load-ca-privkey=ca.key --load-ca-certificate=ca.pem --load-privkey=$crtdir/$1.key --outfile=$crtdir/$1.pem --template=$crtdir/$1.txt +certtool -p --bits=$laenge --$typ --outfile=$crtdir/private/$1.key -8 +certtool -c --load-ca-privkey=ca.key --load-ca-certificate=ca.pem --load-privkey=$crtdir/private/$1.key --outfile=$crtdir/certs/$1.crt --template=$crtdir/$1.txt diff --git a/Dokumentation/sourcecode/ca/genpuppet b/Dokumentation/sourcecode/ca/genpuppet deleted file mode 100755 index b778aa8..0000000 --- a/Dokumentation/sourcecode/ca/genpuppet +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -source ./config -certtool -p --null-password --bits=$laenge --$typ --outfile=puppet.key -8 -certtool -c --null-password --load-ca-privkey=ca.key --load-ca-certificate=ca.pem --load-privkey=puppet.key --outfile=puppet.pem --template=puppet.txt diff --git a/Dokumentation/sourcecode/ca/normcert.txt b/Dokumentation/sourcecode/ca/normcert.txt index b61c818..6be2792 100644 --- a/Dokumentation/sourcecode/ca/normcert.txt +++ b/Dokumentation/sourcecode/ca/normcert.txt @@ -4,11 +4,15 @@ unit = "IT" locality = "Karben" state = "Hessen" country = DE -dc = "bbw" +dc = "literm" +dc = "local" dn_oid = "2.5.4.9 Am Heroldsrain 1" # Straße dn_oid = "2.5.4.17 61184" # Postleitzahl activation_date = "2018-03-01 00:00:00 UTC" expiration_date = "2028-03-01 00:00:00 UTC" +key_agreement +code_signing_key +signing_key tls_www_server encryption_key cn = "DOMAIN" diff --git a/Dokumentation/sourcecode/site.pp b/Dokumentation/sourcecode/site.pp deleted file mode 100644 index 129e4fe..0000000 --- a/Dokumentation/sourcecode/site.pp +++ /dev/null @@ -1,134 +0,0 @@ - -mod "oxc-dovecot", "1.0.1" -mod "pcfens-ca_cert", "1.7.1" - -class { "ca_cert": } - -ca_cert::ca { "GlobalSign-OrgSSL-Intermediate": - ensure => "trusted", - source => "puppet:///module/bbwmodul/bbwca.crt", -} - -class {"apt": - update => { - frequency => "daily", - }, -} -class { "apt::backports":} - - -node "zeus", "hades" { - apt::source { "fusiondirectory": - location => "http://repos.fusiondirectory.org/fusiondirectory-current/debian-jessie/", - release => "stable", - repos => "main", - key => { - "id" => "D744D55EACDA69FF", - "server" => "pgp.mit.edu", - }, - include => { - "deb" => true, - }, - } -} - -node "zeus" { - class { "postgresql::globals": - encoding => "UTF-8", - locale => "de_DE.UTF-8", - } - class { "postgresql::server": - } - postgresql::server::db { "icinga": - user => "icinga", - password => postgresql_password("icinga", ""), - } - postgresql::server::db { "sogo": - user => "sogo", - password => postgresql_password("sogo", ""), - } - postgresql::server::role { "tobieseb": - password_hash => postgresql_password("tobieseb", "mypasswd"), - superuser => true, - } - postgresql::server::pg_hba_rule { "sogo access rule": - description => "Gibt sogo zugriff auf die datenbank", - type => "host", - database => "sogo", - user => "sogo", - address => "10.x.x.3", - auth_method => "md5", - } - postgresql::server::pg_hba_rule { "icinga access rule": - description => "Gibt Icinga zugriff auf die datenbank", - type => "host", - database => "icinga", - user => "icinga", - address => "10.x.x.3", - auth_method => "md5", - } - postgresql::server::pg_hba_rule { "tobieseb access rule": - description => "Gibt dem Superuser Zugriff auf die datenbank", - type => "host", - user => "tobieseb", - address => "172.16.34.0/23", - auth_method => "md5", - } - file { "/etc/dovecot/private/dovecot-ldap.conf": - mode => 000, - owner => "", - group => "", - source => "puppet:///modules/bbwmodul/dovecot-ldap.conf", - } - class { "dovecot": - "plugins" => [ "imap" ], - "config" => { - "protocols" => "imap", - "listen" => "*, ::", - }, - "configs" => { - "auth-ldap" => { - "passdb" => { - "driver" => "ldap", - "args" => "/etc/dovecot/private/dovecot-ldap.conf", - }, - "userdb" => { - "driver" => "ldap", - "args" => "/etc/dovecot/private/dovecot-ldap.conf", - }, - }, - }, - } -} -node "poseidon" { -} -node "hades" { - class { "apache": } - class { "apache::mod::ssl": } - apache2::vhost { "sogo.bbw http": - "port" => "80", - redirect_status => "permanent", - redirect_dest => "https://sogo.bbw/", - "servername" => "sogo.bbw", - "ssl" => false, - } - apache2::vhost { "sogo.bbw https": - "port" => "443", - "docroot" => "", - "servername" => "sogo.bbw", - "ssl" => true, - } - apache2::vhost { "management.bbw http": - "port" => "80", - redirect_status => "permanent", - redirect_dest => "https://management.bbw/", - "servername" => "management.bbw", - "ssl" => false, - } - apache2::vhost { "management.bbw https": - "port" => "80", - "docroot" => "", - "servername" => "management.bbw", - "ssl" => true, - } -}