Aktueller Stand

2018-03-19 16:14:12 +01:00 · 2018-03-19 16:14:12 +01:00 · b927d64a19
Commit b927d64a19
--- a/Dokumentation/anhang.tex
+++ b/Dokumentation/anhang.tex
@ -28,6 +28,18 @@
    \caption{Einstellungen der Server bei Installation}
    \label{tab:einstserver}
 \end{table}
 \begin{table}[h]
 \centering
 \begin{tabular}{ll}
    \textbf{Anwendung}&\textbf{Passwort}\\\hdashline
    LDAP-Administrator&ErlIfguc\\
    Icinga2 Datenbankpasswort&WewCegor\\
    Fusiondirectory&DyWeejis\\
    Openproject&UsadBykEv5\\
 \end{tabular}
 \caption{andere Root-Passwörter}
 \label{tab:passwort}
 \end{table}
 \begin{table}[h]
    \centering
    \begin{tabular}{|l|l|r|}
@ -70,7 +82,7 @@
    \label{list:interfacesh}
 \end{listing}
 \section{Abkürzungen}
-\begin{acronym}[LAN]
+\begin{acronym}[LDAP]
    \acro{VM}{virtuelle Maschine}
    \acrodefplural{VM}{virtuelle Maschinen}
    \acro{LAN}{Local Area Network}
@ -80,6 +92,7 @@
    \acro{RDS}{Remote Desktop Service}
    \acro{SSH}{Secure Shell}
    \acro{CD}{Compact Disk}
    \acro{LDAP}{Lightweight Directory Access Protocol}
 \end{acronym}
 \printbibliography[title=Quellenverzeichnis]
 \listoffigures
--- a/Dokumentation/durchführung.tex
+++ b/Dokumentation/durchführung.tex
@ -9,19 +9,31 @@ Als der Brennvorgang fertig war habe ich von der DVD mittels EFI gebootet und di
 Ich habe nur die Standardwerkzeuge und den \acs{SSH}-Server installiert, da die Server nur Remote administriert werden müssen.
 Nachdem die Installation durchgeführt wurde, habe ich mich als User \texttt{administrator} angemeldet und das Programm \texttt{sudo} installiert und den user \texttt{administrator} der Gruppe \texttt{sudo} hinzugefügt.
 Hiernach habe ich die \texttt{/etc/network/interfaces} bearbeitet und die vorhandenen Einstellungen durch die entsprechenden Einstellungen aus den Listings \ref{list:interfacesz},\ref{list:interfacesp} und \ref{list:interfacesh} ersetzt.
 Hiernach habe ich den \texttt{ISC-DHCP-server} und \texttt{bind9} installiert und konfiguriert.
 die \texttt{/etc/resolv.conf} habe ich auf allen Servern durch den folgenden Inhalt ersetzt.
 \begin{minted}{text}
 domain literm.local
 search literm.local
 nameserver 10.0.0.1
 \end{minted}
 %TODO
-Danach habe ich auf \master die Pakete \texttt{puppet-master-passenger, puppet-module-puppetlabs-apt, puppet-module-puppetlabs-apache, puppet-module-puppetlabs-postgresql, puppet-module-puppetlabs-tftp, libpam-ldap, slapd}
+Danach habe ich auf \master{} das folgende Kommando ausgeführt.
 \mint{text}{sudo apt install slapd postgresql-server}
 Ich habe mich zur Automatisierung für Puppet entschieden, da es eine Einfache Automatisierung ermöglicht.
 Dieser wird der Nutzerverwaltung und anderen Programmen später als Nutzerdatenbank dienen.
 Die Frage nach dem Administratorpasswort für \texttt{slapd} habe ich mit dem Passwort aus Tabelle \ref{tab:passwort} beantwortet.
 \section{Installation Nutzerverwaltung}
-\blindtext[3]
+%\blindtext[3]
 \section{Installation Remoteumgebung}
-\blindtext[2]
+%\blindtext[2]
 \section{Installation Monitoring}
-\blindtext[2]
+%\blindtext[2]
 \section{Installation Projektmanagementprogramm}
-\blindtext[2]
+%\blindtext[2]
 \section{Firmware Erstellung}
-\blindtext[1]
+%\blindtext[1]
 \section{Aufbau Clients}
-\blindtext[1]
+%\blindtext[1]
 \section{Schulung}
-\blindtext[2]
+%\blindtext[2]
--- a/Dokumentation/ergebnis.tex
+++ b/Dokumentation/ergebnis.tex
@ -1,5 +1,5 @@
 \chapter{Ergebnis}
 \section{Technische Abweichungen}
-\blindtext[2]
+%\blindtext[2]
 \section{Zeitliche Abweichungen}
-\blindtext[1]
+%\blindtext[1]
--- a/Dokumentation/quellen.bib.bak
+++ b/Dokumentation/quellen.bib.bak
@ -0,0 +1,91 @@
 % Encoding: UTF-8
@Online{web:de,
  author   = {Imanol Mateo},
  title    = {Desktop Environment},
  date     = {2017-09-29},
  url      = {https://wiki.debian.org/DesktopEnvironment},
  urldate  = {2017-07-30},
  keywords = {debian, desktop},
 }
@Online{web:lh,
  author   = {Richard Kweskin},
  title    = {LTSP Howto},
  date     = {2017-09-23},
  url      = {https://wiki.debian.org/LTSP/Howto},
  urldate  = {2017-07-30},
  keywords = {ltsp,howto},
 }
@Online{web:lp,
  author   = {Alex Mestiashvili},
  title    = {LDAP PAM},
  date     = {2017-09-23},
  url      = {https://wiki.debian.org/LDAP/PAM},
  urldate  = {2017-07-30},
  keywords = {debian,ldap,pam},
 }
@Online{web:sualswo,
  author   = {jason Blewis},
  title    = {Setting up an LDAP server with OpenLDAP},
  date     = {2017-09-23},
  url      = {https://wiki.debian.org/LDAP/OpenLDAPSetup},
  urldate  = {2017-07-30},
  keywords = {debian,openldap},
 }
@Manual{man:iscd,
  author   = {ISC},
  title    = {dhcpd.conf},
  date     = {2017-09-29},
  subtitle = {dhcpd configuration file},
  edition  = {4.3.5-3},
  urldate  = {2017-07-30},
 }
@Online{web:htwirfi,
  author   = {Carla Schroder},
  title    = {How to Write iptables Rules for IPv6},
  date     = {2017-09-29},
  url      = {https://www.linux.com/learn/intro-to-linux/2017/8/iptables-rules-ipv6},
  urldate  = {2017-08-04},
  language = {english},
  keywords = {network,ipv6},
 }
@Online{web:komitver,
  author       = {Dr. André Wiegand and Prof. Dr. Klaus Goldhammer and Sebastian Lehr and Prof. Norbert Pohlmann and Chris Wojzechowski and Johnny Hoang and Ole Jötten},
  title        = {Kompass IT-Verschlüsselung},
  year         = {2018},
  date         = {2018-02-20},
  url          = {http://www.bmwi.de/Redaktion/DE/Publikationen/Studien/kompass-it-verschluesselung.pdf?__blob=publicationFile&v=18},
  subtitle     = {Orientierungs- und Entscheidungshilfen für kleine und Mittlere Unternehmen},
  organization = {Bundesministerium für Wirtschaft und Energie},
  urldate      = {2018-02-27},
  file         = {:../Dokumente/kompass-it-verschlüsselung.pdf:PDF},
 }
@Online{web:debian,
  title = {Debian -- The Universal Operating System},
  year  = {2018},
  date  = {2018-03-07},
  url   = {https://debian.org},
 }
@Article{art:ct12-2017,
  author   = {jürgen Schmidt and Ronald Eikenberg},
  title    = {Zum Heulen},
  journal  = {c't},
  year     = {2017},
  date     = {26.05.2017},
  subtitle = {Krypto-Wurm WannaCry stiftet weltweit Chaos},
  language = {german},
  issue    = {12},
  pages    = {20-21},
  issn     = {0724-8679},
  keywords = {Erpressungs-Trojaner, Krypto-Wurm WannaCry, NSA, Ransomware, Sicherheitslücken, Verschlüsselung},
 }
@Comment{jabref-meta: databaseType:biblatex;}
--- a/Dokumentation/sourcecode/bbwmodul/files/bbwca.crt
+++ b/Dokumentation/sourcecode/bbwmodul/files/bbwca.crt
@ -1 +0,0 @@
 ../ca/ca.pem
--- a/Dokumentation/sourcecode/bbwmodul/files/dovecot-ldap.conf
+++ b/Dokumentation/sourcecode/bbwmodul/files/dovecot-ldap.conf
@ -1,151 +0,0 @@
 # This file is commonly accessed via passdb {} or userdb {} section in
 # conf.d/auth-ldap.conf.ext
 # This file is opened as root, so it should be owned by root and mode 0600.
 #
 # http://wiki2.dovecot.org/AuthDatabase/LDAP
 #
 # NOTE: If you're not using authentication binds, you'll need to give
 # dovecot-auth read access to userPassword field in the LDAP server.
 # With OpenLDAP this is done by modifying /etc/ldap/slapd.conf. There should
 # already be something like this:
 # access to attribute=userPassword
 #        by dn="<dovecot's dn>" read # add this
 #        by anonymous auth
 #        by self write
 #        by * none
 # Space separated list of LDAP hosts to use. host:port is allowed too.
 hosts = zeus.literm.local
 # LDAP URIs to use. You can use this instead of hosts list. Note that this
 # setting isn't supported by all LDAP libraries.
 #uris = 
 # Distinguished Name - the username used to login to the LDAP server.
 # Leave it commented out to bind anonymously (useful with auth_bind=yes).
 #dn = 
 # Password for LDAP server, if dn is specified.
 #dnpass = 
 # Use SASL binding instead of the simple binding. Note that this changes
 # ldap_version automatically to be 3 if it's lower.
 #sasl_bind = no
 # SASL mechanism name to use.
 #sasl_mech =
 # SASL realm to use.
 #sasl_realm =
 # SASL authorization ID, ie. the dnpass is for this "master user", but the
 # dn is still the logged in user. Normally you want to keep this empty.
 #sasl_authz_id =
 # Use TLS to connect to the LDAP server.
 #tls = no
 # TLS options, currently supported only with OpenLDAP:
 #tls_ca_cert_file =
 #tls_ca_cert_dir =
 #tls_cipher_suite =
 # TLS cert/key is used only if LDAP server requires a client certificate.
 #tls_cert_file =
 #tls_key_file =
 # Valid values: never, hard, demand, allow, try
 #tls_require_cert =
 # Use the given ldaprc path.
 #ldaprc_path =
 # LDAP library debug level as specified by LDAP_DEBUG_* in ldap_log.h.
 # -1 = everything. You may need to recompile OpenLDAP with debugging enabled
 # to get enough output.
 #debug_level = 0
 # Use authentication binding for verifying password's validity. This works by
 # logging into LDAP server using the username and password given by client.
 # The pass_filter is used to find the DN for the user. Note that the pass_attrs
 # is still used, only the password field is ignored in it. Before doing any
 # search, the binding is switched back to the default DN.
 #auth_bind = no
 # If authentication binding is used, you can save one LDAP request per login
 # if users' DN can be specified with a common template. The template can use
 # the standard %variables (see user_filter). Note that you can't
 # use any pass_attrs if you use this setting.
 #
 # If you use this setting, it's a good idea to use a different
 # dovecot-ldap.conf.ext for userdb (it can even be a symlink, just as long as
 # the filename is different in userdb's args). That way one connection is used
 # only for LDAP binds and another connection is used for user lookups.
 # Otherwise the binding is changed to the default DN before each user lookup.
 #
 # For example:
 #   auth_bind_userdn = cn=%u,ou=people,o=org
 #
 #auth_bind_userdn =
 # LDAP protocol version to use. Likely 2 or 3.
 #ldap_version = 3
 # LDAP base. %variables can be used here.
 # For example: dc=mail, dc=example, dc=org
 base =
 # Dereference: never, searching, finding, always
 #deref = never
 # Search scope: base, onelevel, subtree
 #scope = subtree
 # User attributes are given in LDAP-name=dovecot-internal-name list. The
 # internal names are:
 #   uid - System UID
 #   gid - System GID
 #   home - Home directory
 #   mail - Mail location
 #
 # There are also other special fields which can be returned, see
 # http://wiki2.dovecot.org/UserDatabase/ExtraFields
 #user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
 # Filter for user lookup. Some variables can be used (see
 # http://wiki2.dovecot.org/Variables for full list):
 #   %u - username
 #   %n - user part in user@domain, same as %u if there's no domain
 #   %d - domain part in user@domain, empty if user there's no domain
 #user_filter = (&(objectClass=posixAccount)(uid=%u))
 # Password checking attributes:
 #  user: Virtual user name (user@domain), if you wish to change the
 #        user-given username to something else
 #  password: Password, may optionally start with {type}, eg. {crypt}
 # There are also other special fields which can be returned, see
 # http://wiki2.dovecot.org/PasswordDatabase/ExtraFields
 #pass_attrs = uid=user,userPassword=password
 # If you wish to avoid two LDAP lookups (passdb + userdb), you can use
 # userdb prefetch instead of userdb ldap in dovecot.conf. In that case you'll
 # also have to include user_attrs in pass_attrs field prefixed with "userdb_"
 # string. For example:
 #pass_attrs = uid=user,userPassword=password,\
 #  homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid
 # Filter for password lookups
 #pass_filter = (&(objectClass=posixAccount)(uid=%u))
 # Attributes and filter to get a list of all users
 #iterate_attrs = uid=user
 #iterate_filter = (objectClass=posixAccount)
 # Default password scheme. "{scheme}" before password overrides this.
 # List of supported schemes is in: http://wiki2.dovecot.org/Authentication
 #default_pass_scheme = CRYPT
 # By default all LDAP lookups are performed by the auth master process.
 # If blocking=yes, auth worker processes are used to perform the lookups.
 # Each auth worker process creates its own LDAP connection so this can
 # increase parallelism. With blocking=no the auth master process can
 # keep 8 requests pipelined for the LDAP connection, while with blocking=yes
 # each connection has a maximum of 1 request running. For small systems the
 # blocking=no is sufficient and uses less resources.
 #blocking = no
--- a/Dokumentation/sourcecode/ca/ca.key
+++ b/Dokumentation/sourcecode/ca/ca.key
@ -0,0 +1,53 @@
 -----BEGIN ENCRYPTED PRIVATE KEY-----
 MIIJajAcBgoqhkiG9w0BDAEDMA4ECNueXUaBXfYjAgIU2ASCCUjZmwTx4tiSsmAH
 f5G6vDUUc4hEGObyy66p9D+4KWc3xL6TSiKXcaAZm//o57wtR/q3L/Ad+xXjVmkY
 f0GAeknHXV+HQ91d2I8g5/y2+/IO0U3nAk9zbG47sUyhVmAB8lpre7ObwFEF6TIB
 uR9tXxdncjeppsif2MWw0vgwsubXtkJPUI2OTQRSVf7kPEDKi4Cjmukbsy43JDyu
 L+mp0iedkZVIQHWnieRmbtnS2H+v0jGbcTLs1327DMrzL3GcWa/70lvitXKU8pjG
 3bu1LrvP7afcJuJ/+l9M20eWjiyRq4abH0aq7O/+qd62siHXwHcGtUQge++DqUdx
 jcRhglnsk5F/5gBKYilB4D/SDZLoJXQ9dU1NGghi9WIBopeB4j65iUUzTdulEwRU
 xQ9OyfDO5pDBsUkY4YlfPyd8OhyD/cg8cqMjGkSEbED/ma+nfWD022O0Kem1vOoX
 dKRXoJnJ52lKsr55Ju8696UBcZsBJhMEU13HCrq1/QKW5yiOFEHGAj0Vz2kOIk5R
 iTM1cO8VaLSXUjUBI1qZbbnxgtBhWRKF2b0pzFNjC0MvIiGs8iHKVGERTQ8nqylt
 6HLQt+W36RSmaGnrWL5eVh32nOjMqHkJZY/MOcXVuIB35DT18NKUhqTy5aswa9Hx
 JaYH5x6jh8D066MHwqSw6iHInD7ZmhdOyWQmH24QxH0Y+GeAXreQIaylU9Au+ISS
 vC1P01Q7w/8HKd/9HIK7yFC17xsdU0yOcelmEP66/ZPkq/MmK66CX0rEKSeH0iQY
 jkca3iAqfEoTW4nsuiyXzH2GdhoAJMjhjTtXMR1Y+oU6aE4DC0ld2bsUAj0SQtBs
 9LcUk8un3fFkjMQhXUGFJ6RxNy8VIGfkvMM7WUe4YB6dLIjlJ21qS3qD553sqdEE
 yKUDNEzmG0e1+5w44BHJhmS0PdvdHLgO0ijtMIO4UoucEbfVkjSCB/2ielJUTYz8
 mjuMFUBO+fZO7yZs3/Qu9jNYcbrLzdZZQCb2weKHhfhuQevUo8yBnd4jbRtUA+vE
 JAM/NzDBTJis/5/EpfNQRSBVniukdnfR382TGETKZY934+9Omvci5qQak+P/GEp6
 yhWVNoTZqOcoxv2/rWpGm3f9TGqEPFrRCW8apj1qlQOrm5MRLw3Ec9QMqhhrHkZQ
 Cf+VBNWOps53Nd3Fog+HJa0ACmo09MhSrhwOuw5L/Nyd2ksJYF/iw3KPn3oGwc+m
 0UvCQ7DpUqiZvQwMbMXV6ubgBCcTAQfrUpr504qJWASCFneid1BCjT8saq5twHnX
 oO35H/evIOYrL6K/YtFrZwZh58qKpCk9u8qI4hj/ULOWhYmkToRnrNAcSwq+Evrx
 Fjk+ts1de16VyLSQ8t0Ksojfp7ctDZaYVNylavTG2cYW2rfqzk74F82X8nrVzXU0
 vNG/TrbdCB2wBFLh2Yev4IERTPTMy0zBm8QTkxB19urZE8tmHtA+m7GGEV3xxSbx
 IAANjXe+UWJ9RA+XBtiysr6xpwzH1AVb3PcsV2lLN6LJU+JrdCK6Q0QRMiKZtaoS
 Q6tuxa1TEP+eB0gZSAD0UhY7nPAN3rewlxHr6lQf83T1M2eAfydM7ViZ//yjtwha
 NIupJp8+ul8HiAwHNrLyaVvPkttwWk49kdSWVtCg9osVcRxvCUZp0cYHDhQiqKTo
 dVLP7F3OV+uoLQZ8ekc5y5NdT9wQUxv4L8Il302lRaD7tYtf8kI4WaWZv/xUkVug
 fgMtIL0DzxD2UtJOmhJw3FCsrBWQL8m3FMiP6bZFP8OL/UehdrhVCJp7jrCUQQji
 UqJf0v+sTLdUmbnhacxJEDck8Tn4F3SQJk4uH1Lbk02lq8PYtS06sZD8t8Js4wx/
 pH0ol+SCyT9biWM47BT+nmVqEzQnEImJJZxlNLFDgqeJyZxRClbONSDRuoiYg9zy
 w7v0ajL/7O7PmXIouqLeLjNSB5WISNPpBs3p8/J2z/P2OD7knr/x8ZIz2ht5a90M
 D8QoRlkbrTO8nRbq4IQu2w8B+PwsSnA6kkzoD0L7srzJgIHAEQ4JksmEnkGfUmgZ
 4XH/zBf0BbuqR/wciBOpxrj/YJkKx4pZPyLe/SoBbhVR4xOf7bDPIKIF2rutECL9
 qzax+II2ZF6SQq0W6nb0OO2sMvws1JqZSbLUGRYN7K6JhIwnXLmbwln0T3VhCjTZ
 gqvx6DNbKZNwCak7z5RYgKSJr9FhOxn7Ec3PIPJOBlsC3ovEiP0xW69XgGpOMjcZ
 cvKQPh9yMPjTMQSnrthg+6eWMJvUQXmQ5JcDngEgGBURTy3aC54UlxZe3PWdQX6d
 maD2Ebxwq5bioQ8euDz1beHi3e658qvUZxbsT4I6y1/QgCSRpru0/Ov47Ew5XoI5
 e4z43kmTyLxkRdwfuexonW9ElK57N8FJx6Dvy6KuadtNv72yXfeAyTeTZln7B5ID
 9i6Tu5Or40r9oI2Ke3mfcSAAHQIO8UIMZZ14sB2/Wzb4tPwFwyrxscRbc4HG0hVs
 fKyemP+HVFaYND8UrCxFTwBxydyurLD7V/BCsCJDXGFH8tpQM32mgbwUoSiOUQFs
 W2DZcx8Fg+xn3VR7A1z33K9djC/fCViJX4Xf+r7YY+8PA5KP7YLk8BhBZdNUIpEi
 B5djpcO3iuWQKinOAyspuZOkXI7957VKizWqa301T7WMZ8NIuEx5q2wOxnQUIz9s
 Qf+d74rBoLzq58tBLWa+qxFdak/9LtnnypXUaj8xcxLNuDUgrbFF8Q6XoY6lO+C9
 7cbZLPUQnRefkjxzFxGcy7c5XUQM3Mw+oiiEpAUSkNQ9cAE+vWraAVQS1fDsfRwc
 tAurBqVk2IDfKDsfTi0lIi76MWecL7S/rw0Id9qGc/XWc9BorCeAb/9SSO/4vDyR
 qPDjfybhfGm3cH3oXRMoSsVqrg1es80LbtVLeYK4Jd3bq0Lsb1ihn0wmC8hUyM/U
 No4bcOqljyOVCxQqQ0RS75YWUmypHIUQWraICtJrWWDBhDv7PYJchzxHG9w6ZRWw
 XbTfJAxeoaw5qpgFecizcyghx3b/z3qyrS//5YgqsBr9J2W8PleIQtu2SEPxO/ME
 DGc/Ezb92jLrbp42oMurq4n+3kcM5ENpqIW453s8A/CErp/l9zgOEqzs3rv01yPN
 1rlePqH/TEzuSNiqvC4=
 -----END ENCRYPTED PRIVATE KEY-----
--- a/Dokumentation/sourcecode/ca/ca.pem
+++ b/Dokumentation/sourcecode/ca/ca.pem
@ -0,0 +1,40 @@
 -----BEGIN CERTIFICATE-----
 MIIHCjCCBPKgAwIBAgIMWqedaiFNB4rJ5FbJMA0GCSqGSIb3DQEBCwUAMIIBBDEc
 MBoGA1UEAxMTQkJXIFJvb3QgWmVydGlmaWthdDEgMB4GA1UECwwXS2F1Zm3DpG5u
 aXNjaGVyIEJlcmVpY2gxCzAJBgNVBAsTAklUMSwwKgYDVQQKDCNCZXJ1ZnNiaWxk
 dW5nc3dlcmsgU8O8ZGhlc3NlbiBnR21iSDEPMA0GA1UEBxMGS2FyYmVuMQ8wDQYD
 VQQIEwZIZXNzZW4xCzAJBgNVBAYTAkRFMRYwFAYKCZImiZPyLGQBGRYGbGl0ZXJt
 MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxGTAXBgNVBAkTEEFtIEhlcm9sZHNyYWlu
 IDExDjAMBgNVBBETBTYxMTg0MB4XDTE4MDMwMTAwMDAwMFoXDTI4MDMwMTAwMDAw
 MFowggEEMRwwGgYDVQQDExNCQlcgUm9vdCBaZXJ0aWZpa2F0MSAwHgYDVQQLDBdL
 YXVmbcOkbm5pc2NoZXIgQmVyZWljaDELMAkGA1UECxMCSVQxLDAqBgNVBAoMI0Jl
 cnVmc2JpbGR1bmdzd2VyayBTw7xkaGVzc2VuIGdHbWJIMQ8wDQYDVQQHEwZLYXJi
 ZW4xDzANBgNVBAgTBkhlc3NlbjELMAkGA1UEBhMCREUxFjAUBgoJkiaJk/IsZAEZ
 FgZsaXRlcm0xFTATBgoJkiaJk/IsZAEZFgVsb2NhbDEZMBcGA1UECRMQQW0gSGVy
 b2xkc3JhaW4gMTEOMAwGA1UEERMFNjExODQwggIiMA0GCSqGSIb3DQEBAQUAA4IC
 DwAwggIKAoICAQDiJx9E0LGvta8ZyrDQd73ndMWgIDZVq02TYn28O3VoCk4Hdw8q
 57VrcfAbSALuUpIUutGDYn7K8SsPDm8eIDZWKmeqDiM/DydABKBMZpnH2ww/n+ob
 RdWWuT61bGdQdSxiMPG68FwTU1uTAeOSUcvqpFr200771vl7ctOR5YN7R/ImChGd
 cH6RGqpjIPxESISo79hxJn8dNIRfcZumREtk35NYTHlMySdwTEm21X1KLPTXewNZ
 BwgZyr5kJfuDa8PDFIETYAQ6Bt6/NzgUtvKJwtHyeFqo+bX6xauLwpdy4uy4qrTo
 uV+ztlhYyUEGAFK7c/+Jm2L68rA4K/qrcbSW6IXydQDQxh724fCDnSkOHiitoSbA
 RR/PmjQHyLd+W20f2gJUTdOwB3oognpKCM0cBY6vYgJatt/DoqtbQ1RuJmQKd0v7
 6jkOPT7xUoz5xNr/nDIYhP53rhjFyEuk8OcwYFNLW57iE0Nq6VCY8DUneNkn7Xwn
 Otj0briyx1B/5zYJlz01rBId+GU/5XHDoH/Pi9f5F9RGh/Ib9V80BTQM3ELi8LUl
 yWswRJYTYKQftURZQ/53xdyW4VaViWtXz3v9EL0SzC6t3RSfhr7kHU6RWbP46GCY
 xX9ixyOTfaH8c+CENG/HzJ0fTleYWbPhSRtXi5LAhnbSDabDOrWzRueVPwIDAQAB
 o3gwdjAPBgNVHRMBAf8EBTADAQH/MBMGA1UdJQQMMAoGCCsGAQUFBwMJMB4GA1Ud
 HgEB/wQUMBKgEDAOggxsaXRlcm0ubG9jYWwwDwYDVR0PAQH/BAUDAwcCADAdBgNV
 HQ4EFgQUKd6eL3qUMQZWHP/9JGgZPv4uk7IwDQYJKoZIhvcNAQELBQADggIBAKeO
 rMO/ky2SbTov1FbdpE+u2VAahM1ktix4bLvN+Y4BupSLjIE+M9IM8dsxjVTNj31i
 CUhEcRJM3pmn4xXdHHe+86W7kpGMS7V03e8Mg7RP3FFX4RNFQzqhoHp8UaEoD3MP
 s0gBYStVkXHU7hXdhZSMFs2iQdYUCa4q+rN3NBYkhYyuNhN7rD4nRvdJ5yPudMo6
 tvS//JzzpMCLiW/I6c7U+Yuc0RQ5c7L9PW8K1JJ6HsBCYYEpaFAiYs1bfFpzZedq
 WIeSZosTluj1mPNqgPOe8szOCrbQuuUMrkg4NQmB0dG2d375q8poF6hAXXdNCOLs
 ke/XOZdDqU2K4q87h5E1QjC6PVfR6LumYex/exjuKKojqqpdOeC9o9VeCeDEYK7i
 zsVsNAKmfjeV83m39/WtHfsDwd5GzsW8PGAUxhdhDmftlxpJrgfCyrW8TivyMUt5
 RW+yplQyOVsUQcfBZf+1iLqytKpjDRjmn4TQaN2HiYVL5T/WA2wVw+z1nvuhyrSA
 R73Tguf3Iu6o/lWxQlRlakydqSpECRJmCptXA1eWtFLPzeIeJ60uiX2wyZw7Ud3+
 TqjlTVVxXObtCvw+s4Q2LsWaW8/L+yLNMKyxbgcHn1J92pRgi2kz2nhCsVVvz6VD
 77VS+v36Yp9dddLxnaVi+cSjpVgrGnVBlRWX+5AU
 -----END CERTIFICATE-----
--- a/Dokumentation/sourcecode/ca/ca.txt
+++ b/Dokumentation/sourcecode/ca/ca.txt
@ -5,7 +5,8 @@ locality = "Karben"
 state = "Hessen"
 country = DE
 cn = "BBW Root Zertifikat"
-dc = "bbw"
+dc = "literm"
 dc = "local"
 dn_oid = "2.5.4.9 Am Heroldsrain 1" # Straße
 dn_oid = "2.5.4.17 61184" # Postleitzahl
 activation_date = "2018-03-01 00:00:00 UTC"
@ -15,6 +16,6 @@ signing_key
 crl_signing_key
 ocsp_signing_key
 policy1_txt = "Internes Zertifikat"
-nc_permit_dns = bbw
+nc_permit_dns = literm.local
 honor_crq_extensions
--- a/Dokumentation/sourcecode/ca/certs/certs/icinga.literm.local.crt
+++ b/Dokumentation/sourcecode/ca/certs/certs/icinga.literm.local.crt
@ -0,0 +1,42 @@
 -----BEGIN CERTIFICATE-----
 MIIHTTCCBTWgAwIBAgIMWqpXNjsGHNd9hbV+MA0GCSqGSIb3DQEBCwUAMIIBBDEc
 MBoGA1UEAxMTQkJXIFJvb3QgWmVydGlmaWthdDEgMB4GA1UECwwXS2F1Zm3DpG5u
 aXNjaGVyIEJlcmVpY2gxCzAJBgNVBAsTAklUMSwwKgYDVQQKDCNCZXJ1ZnNiaWxk
 dW5nc3dlcmsgU8O8ZGhlc3NlbiBnR21iSDEPMA0GA1UEBxMGS2FyYmVuMQ8wDQYD
 VQQIEwZIZXNzZW4xCzAJBgNVBAYTAkRFMRYwFAYKCZImiZPyLGQBGRYGbGl0ZXJt
 MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxGTAXBgNVBAkTEEFtIEhlcm9sZHNyYWlu
 IDExDjAMBgNVBBETBTYxMTg0MB4XDTE4MDMwMTAwMDAwMFoXDTI4MDMwMTAwMDAw
 MFowggEEMRwwGgYDVQQDExNpY2luZ2EubGl0ZXJtLmxvY2FsMSAwHgYDVQQLDBdL
 YXVmbcOkbm5pc2NoZXIgQmVyZWljaDELMAkGA1UECxMCSVQxLDAqBgNVBAoMI0Jl
 cnVmc2JpbGR1bmdzd2VyayBTw7xkaGVzc2VuIGdHbWJIMQ8wDQYDVQQHEwZLYXJi
 ZW4xDzANBgNVBAgTBkhlc3NlbjELMAkGA1UEBhMCREUxFjAUBgoJkiaJk/IsZAEZ
 FgZsaXRlcm0xFTATBgoJkiaJk/IsZAEZFgVsb2NhbDEZMBcGA1UECRMQQW0gSGVy
 b2xkc3JhaW4gMTEOMAwGA1UEERMFNjExODQwggIiMA0GCSqGSIb3DQEBAQUAA4IC
 DwAwggIKAoICAQDWEX/C60xRo9dda/+FM1Zf3BF1NEDHa1zAOUwYvVJHcmxfsM7F
 xwvZLZTZpRIRZdDPYDEXHG22few+B6qUNsFs2lLdbCwem5kMLx1a0LWhU2zE2O2u
 d9EWK/lhRlUfQrHLExbI7vqXSngJ4uFXAr+FEkyqaRfcWeeJiymOpnI3wnpOWwHt
 1y7p8tNOuer8QrBtQvy6ecA7Inp9exLyEzuxrj5JwJEVQOxToNhluk5MB7gxJaTw
 MHOmrfxWQpCHXbVMntp1JfBphiq4tVlALulqU77HLcmBc75LbF8lgCRuOsXCmt0D
 vDthyCBUI5YFyR4rt+wKUYKblrxPH7vs2RwlSwR6woM+Ruw1lomR6OF6acdRJWl9
 2vCm84lygrJgLQvzn1tzqQWuw1SfnWzm+EduBP7XTMGOIC9LgumjBiAiogf1Q9VI
 HiQ+LaXkv9EYE7b/2NHGkjGp+v0k7rgyhCjULMl72l/ezvR5nAI5FY2uFHvW0rCz
 iVE+V/MIBVohVJKSNYL9OCfhGMhc9GXMtmdkH1LWerK9i4oHjbMoxKV0xWhnGO5P
 dw8CErOd7dnO1EdUtKgck5PTRbZqoLQsrCTt4tpB2unWYFOShegWuOvlRQaIblIJ
 OCxzSWW/FYrFnINp7XXd5UGowBsWwDWNzezfwdVyrZ/NLHdufUZMooSXmwIDAQAB
 o4G6MIG3MAwGA1UdEwEB/wQCMAAwNwYDVR0RBDAwLoITaWNpbmdhLmxpdGVybS5s
 b2NhbIIXd3d3LmljaW5nYS5saXRlcm0ubG9jYWwwHQYDVR0lBBYwFAYIKwYBBQUH
 AwEGCCsGAQUFBwMDMA8GA1UdDwEB/wQFAwMHqAAwHQYDVR0OBBYEFEqbjjM2YSlb
 AlLPCSNkcI0r0yB5MB8GA1UdIwQYMBaAFCneni96lDEGVhz//SRoGT7+LpOyMA0G
 CSqGSIb3DQEBCwUAA4ICAQBpj4rNEpT2JDjLOlaQK/9AO2zhiB7+rIwMn0IGu5Q9
 4ZfMGX0sh6HuqBSaxJIJKBmLyjmMD1Q0dyLSOkbVpA7KM6rZLuGQ6oVtzreU2JVZ
 oi6IkiLSJzyJ+QaXYxBtg/kM91cmcla5ZFlmaVJTX5L9Zp/SmaWK1oyrXEJx810Y
 ux0VcHlp0W44O/xah9y9eJOoTf8KVom7rIt2mIax9dLBnTctHhrNk591ECEGx5Q1
 O39x08iYJrd7JuxPqHSRl4jUzL2o/QQX7A2eAwVAwGi8Tus/3T4x7Thdy7dOKfJf
 ywODqtv8vPRDs48ECOR94Mgjr+pZ8ok+4jzIQPvQyL7S/ItmYcOMs5DKQzU1TwQk
 Uux63/RvmyxM07qYqa6xOewzAYFlMcE7muEz5C7Kx4t1tDeIPAMBP6+1o+Z8N/37
 12sl6PfuwI4moxV1iY6ZmSKX08vBBD648dyxj+Wfoad93w5x6JWwM8B62JCcxDIr
 pFWdERUKeIJPRSy/A9sSe/DCgp+6t7u0ggsRvh1mw6yy+m19nNdXeiadYLTuwTuG
 zzYSki7D7l7tYmPqrl5CZn0G4MtJzlsSi/Xn8Ekcfy0XxIFreYw5L7cOmANpsHTE
 mr3jgSOikQo2ERIUMN1NBmdbIrRiE1XLPDHDlFnXGEqvZdvv5pYCjvvsC/XubCOL
 tQ==
 -----END CERTIFICATE-----
--- a/Dokumentation/sourcecode/ca/certs/certs/management.literm.local.crt
+++ b/Dokumentation/sourcecode/ca/certs/certs/management.literm.local.crt
@ -0,0 +1,42 @@
 -----BEGIN CERTIFICATE-----
 MIIHWTCCBUGgAwIBAgIMWqpXOAT0ubFfOam8MA0GCSqGSIb3DQEBCwUAMIIBBDEc
 MBoGA1UEAxMTQkJXIFJvb3QgWmVydGlmaWthdDEgMB4GA1UECwwXS2F1Zm3DpG5u
 aXNjaGVyIEJlcmVpY2gxCzAJBgNVBAsTAklUMSwwKgYDVQQKDCNCZXJ1ZnNiaWxk
 dW5nc3dlcmsgU8O8ZGhlc3NlbiBnR21iSDEPMA0GA1UEBxMGS2FyYmVuMQ8wDQYD
 VQQIEwZIZXNzZW4xCzAJBgNVBAYTAkRFMRYwFAYKCZImiZPyLGQBGRYGbGl0ZXJt
 MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxGTAXBgNVBAkTEEFtIEhlcm9sZHNyYWlu
 IDExDjAMBgNVBBETBTYxMTg0MB4XDTE4MDMwMTAwMDAwMFoXDTI4MDMwMTAwMDAw
 MFowggEIMSAwHgYDVQQDExdtYW5hZ2VtZW50LmxpdGVybS5sb2NhbDEgMB4GA1UE
 CwwXS2F1Zm3DpG5uaXNjaGVyIEJlcmVpY2gxCzAJBgNVBAsTAklUMSwwKgYDVQQK
 DCNCZXJ1ZnNiaWxkdW5nc3dlcmsgU8O8ZGhlc3NlbiBnR21iSDEPMA0GA1UEBxMG
 S2FyYmVuMQ8wDQYDVQQIEwZIZXNzZW4xCzAJBgNVBAYTAkRFMRYwFAYKCZImiZPy
 LGQBGRYGbGl0ZXJtMRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxGTAXBgNVBAkTEEFt
 IEhlcm9sZHNyYWluIDExDjAMBgNVBBETBTYxMTg0MIICIjANBgkqhkiG9w0BAQEF
 AAOCAg8AMIICCgKCAgEAxEXWXPDG2ElQUCFoQDTm5csIVQE/LPUTYgJlkFbrkALt
 4eZxC1IuLYuLQIe13NnPSBYsNfP2ViAsqCAogjxDgjsWF9grSTSM+i117+L5t0oB
 HiadV2VY4WJyxXXC1zvorNCajup9gFAtvVMd+6goYRAoI0wex4+92/DPpYj9Oa0v
 snyQ9bfokNQCoX4l05sH+unwm4/GutXWGck9sbBKlEANXjx4fjRrmW8rcHngqBxx
 JzvUHGjZxxuv/w2ON/Y3Nt8T7glmFoJckBJqLK3zgcxZ5jFT14nWqSrr6iIqBClG
 7jw3K+7L5/oF+MQwre+asA50hBRyIAhlvvIFXWehmdAKYH2bNV243Ck/8ADjP11+
 xWTzc2pVjAAeKZ5rz3vuqTte/nVxG/awDEZloyVomNXN1HYjugHrgOC+Jv6O3Fj8
 0paritYrFXKyygPDlCqvhvKyut87n7xzUortVf0kP9e/b6Dv499zjeOnNOUrCYDH
 bX45PU7k4wjaP8yvqGeL1u7PcrGj8dVXfyqPauQ5oXrfBtnVoxwU4ylWmbfHcGuT
 +XAmpgr6ONwkGtxYP51/wxiZlWaCTryZ1Wxi/Q/Y+7GUPMUnc/+to8P5s4L6CYmP
 iaxSenkD37oGmztxwFFvVt4ilrDs9S4wZJgWpYlBiunNbH7LyFu6p/PI7RVCBSkC
 AwEAAaOBwjCBvzAMBgNVHRMBAf8EAjAAMD8GA1UdEQQ4MDaCF21hbmFnZW1lbnQu
 bGl0ZXJtLmxvY2Fsght3d3cubWFuYWdlbWVudC5saXRlcm0ubG9jYWwwHQYDVR0l
 BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMDMA8GA1UdDwEB/wQFAwMHqAAwHQYDVR0O
 BBYEFAi+hTYr2i7q12t43ZiY97Hnb9DeMB8GA1UdIwQYMBaAFCneni96lDEGVhz/
 /SRoGT7+LpOyMA0GCSqGSIb3DQEBCwUAA4ICAQBKLcyID63lgX96j03o7Klp0ekE
 gRLfJclHI3xOzeAJ9MhSmX4ogCsyFyma+2UanjY2ZGuVm4r2h4b7eCdGUnoF/wiL
 ada6ac/XN0GirEJwXR43CDcVvwqzrpJKKMZ8PmkAfpRSysPSlxRdnBSM63qb4BKb
 hv1jgpxzWvwHwGwJVpWg3TSa7yFXTOM/JeCl6gtJezyn/r6Y9nxzJ/LB7RpRo4N8
 cIpN6MWpNyU5SApizwoVXTw/2C9XxdQYcZxAy3urKgKjYG5v81TISRoFmufoDZGw
 K6TkZ5Ycfqv444IU3jqcLs1XzOJDPEI8EC7DYXiWYvRapcVcaqYnghHEMtujd2n2
 /Y8hEk8RBS7jUgrXyPa+bOmIjWAoTQyBzITW9SFTE4tEpaGybzWgDY2o5kcA+yCu
 LxsfrKpDQWxVei75XRL7XuY8RXMLtSTDMQ7QZLUYV1mdfjuOBuIc56G7TQmyoR4Q
 TgoZp4fQZOntZZTfj2Ihe778HfP3qHUfmAKxdTlZRlUIcGm2Lze+ob/cwLd7y91q
 ejM7a2hyozaCoizZeCnXztr0DNAXHtMD/7BBd4PAdMrgok5gLVWFrYYkd6Z3AivC
 vPjc2kYEH69cWKqT15WF6WwHN13g49wNbRxuroEVq7k/L/q/iKFf4QYWiSdNoWM7
 qqKp9ZIsFLG13HXldA==
 -----END CERTIFICATE-----
--- a/Dokumentation/sourcecode/ca/certs/certs/projekt.literm.local.crt
+++ b/Dokumentation/sourcecode/ca/certs/certs/projekt.literm.local.crt
@ -0,0 +1,42 @@
 -----BEGIN CERTIFICATE-----
 MIIHUDCCBTigAwIBAgIMWqpXODa2RmB30FvrMA0GCSqGSIb3DQEBCwUAMIIBBDEc
 MBoGA1UEAxMTQkJXIFJvb3QgWmVydGlmaWthdDEgMB4GA1UECwwXS2F1Zm3DpG5u
 aXNjaGVyIEJlcmVpY2gxCzAJBgNVBAsTAklUMSwwKgYDVQQKDCNCZXJ1ZnNiaWxk
 dW5nc3dlcmsgU8O8ZGhlc3NlbiBnR21iSDEPMA0GA1UEBxMGS2FyYmVuMQ8wDQYD
 VQQIEwZIZXNzZW4xCzAJBgNVBAYTAkRFMRYwFAYKCZImiZPyLGQBGRYGbGl0ZXJt
 MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxGTAXBgNVBAkTEEFtIEhlcm9sZHNyYWlu
 IDExDjAMBgNVBBETBTYxMTg0MB4XDTE4MDMwMTAwMDAwMFoXDTI4MDMwMTAwMDAw
 MFowggEFMR0wGwYDVQQDExRwcm9qZWt0LmxpdGVybS5sb2NhbDEgMB4GA1UECwwX
 S2F1Zm3DpG5uaXNjaGVyIEJlcmVpY2gxCzAJBgNVBAsTAklUMSwwKgYDVQQKDCNC
 ZXJ1ZnNiaWxkdW5nc3dlcmsgU8O8ZGhlc3NlbiBnR21iSDEPMA0GA1UEBxMGS2Fy
 YmVuMQ8wDQYDVQQIEwZIZXNzZW4xCzAJBgNVBAYTAkRFMRYwFAYKCZImiZPyLGQB
 GRYGbGl0ZXJtMRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxGTAXBgNVBAkTEEFtIEhl
 cm9sZHNyYWluIDExDjAMBgNVBBETBTYxMTg0MIICIjANBgkqhkiG9w0BAQEFAAOC
 Ag8AMIICCgKCAgEAwh8nA7bItEqnoWmx8YArJuhaNs8B9x+3NRdU5MkifdRHOWm5
 iSiS8sG2fTDx+Oohi/5YbVjN6z6Q3J1Y52lRSlJMw2whd7bK7aI8zQzPuibTca1h
 Qld16oeARXAXCHBcsee0M3f9bcws/Ka6SVJKYf3sl8MGrFVs6h3j1GqOzBZ+EiiC
 1LTm6fcwnWDGx5aRZLNFficl44UuT0/YTKtXt9OzUQmcZTQu5J2OD9CLnUaeNRo+
 DJ37dxDOQ7CgInDsohst7Rw4HD6q8PacFtp+EK78ADyVxKScX1vqHt5dZItLFi9k
 qFVNnaOx6rh57cFGvZRdKlABsR49+YhKjT1LiHFGViWar05OKXmGAHb465IMAHGd
 PMO91z0AgvrFUGAIx5pcGM7ZVyRyPn6qlWU/xWlFzpcgUO0X5GkHXKJutRVMk7j6
 ETsVM5PN8Zz48NivVx9okG+4FDlbqZV2sclqK0KOGgTmBRzJmJzJ1TCoBmVt2tNy
 Mvc64/L0KYFXt1G3MpOcvujICMj8wEbiqQpIp7JRm/aHySje+c8wn0KXYauKRsit
 iy6BOPtg6t1M/aoWCU1eYyM/usj1Tt5wqKfw+KvfspmYAx776RveVy2kSL28T8sQ
 JBpvDJsNXi+m45fY4/bCFduJ0r33r0cDU4mBP0aO+IoL4oQ7NpkTQFzgEWMCAwEA
 AaOBvDCBuTAMBgNVHRMBAf8EAjAAMDkGA1UdEQQyMDCCFHByb2pla3QubGl0ZXJt
 LmxvY2Fsghh3d3cucHJvamVrdC5saXRlcm0ubG9jYWwwHQYDVR0lBBYwFAYIKwYB
 BQUHAwEGCCsGAQUFBwMDMA8GA1UdDwEB/wQFAwMHqAAwHQYDVR0OBBYEFD5sKmo9
 o/USKTnIH/uThiwivfTOMB8GA1UdIwQYMBaAFCneni96lDEGVhz//SRoGT7+LpOy
 MA0GCSqGSIb3DQEBCwUAA4ICAQCFtiSMsytQfO59FblG4b76/k1K7WD6GzmXfJ58
 w2a5TAuqFDdJPbOdgF94IGNHS1uJgHwknqc7dDtNCGWAfnvqvgKRX9kaG96Sn0U6
 osm8q3IK3mk1QAqWp1Z6Z+0NT2vqjaIdD799nRcrKdizp+NmHWTjy2/jZyWe7u0a
 d4bG8Fiv7lYxrh3zPECTyeOMHIkqGK8er2USq/za8inApQNDtLvRejEb0YSd2prc
 sEsMkz2AhQuT91jMNt7y3fwttfZxkUO6qeT9nDeRPtlF+ztAvxD5Y0Vi5XsNSCb5
 /9acmj1RAZsv6qITV8SEzfZmJhBk9Fd1qvaARGhC6UJgXgnmXmU9NKu1wc5zch7b
 aHdHcaxW6CYzGP4Ss96W4bSXq8qq3nS2u/d6r3k3ckQhCIR+iooFxWV1VYEX57UH
 FbhfZW8UQMqE2KzsdwcSTwzINifxFoTsEqmWL6GeirMs/SCrT9cs1BsgUxdI4EhT
 LAW6cyAMEDne7rLQnibZxH6Kein8mHLVcXEnxygdYEdQp9zW7onYmbhmE3Pb4R61
 MsMtU6SH0OabZ3eHclLxVoaXZ4wCWv6r44nOCCLxTjWPJodZrcrUxKNRYFvBtPee
 8a2IZi5pcf1/laT9wADG4kyRFDC6oDhZU0rFFJ36z7MDoawBWyCOon4IAGpuLZbO
 rh0i1Q==
 -----END CERTIFICATE-----
--- a/Dokumentation/sourcecode/ca/certs/icinga.literm.local.txt
+++ b/Dokumentation/sourcecode/ca/certs/icinga.literm.local.txt
@ -4,11 +4,17 @@ unit = "IT"
 locality = "Karben"
 state = "Hessen"
 country = DE
-cn = "Puppet Zertifikat"
+dc = "literm"
-dc = "bbw"
+dc = "local"
 dn_oid = "2.5.4.9 Am Heroldsrain 1" # Straße
 dn_oid = "2.5.4.17 61184" # Postleitzahl
 activation_date = "2018-03-01 00:00:00 UTC"
 expiration_date = "2028-03-01 00:00:00 UTC"
-ca
+key_agreement
-honor_crq_extensions
+code_signing_key
 signing_key
 tls_www_server
 encryption_key
 cn = "icinga.literm.local"
 dns_name = "icinga.literm.local"
 dns_name = "www.icinga.literm.local"
--- a/Dokumentation/sourcecode/ca/certs/management.literm.local.txt
+++ b/Dokumentation/sourcecode/ca/certs/management.literm.local.txt
@ -0,0 +1,20 @@
 organization = "Berufsbildungswerk Südhessen gGmbH"
 unit = "Kaufmännischer Bereich"
 unit = "IT"
 locality = "Karben"
 state = "Hessen"
 country = DE
 dc = "literm"
 dc = "local"
 dn_oid = "2.5.4.9 Am Heroldsrain 1" # Straße
 dn_oid = "2.5.4.17 61184" # Postleitzahl
 activation_date = "2018-03-01 00:00:00 UTC"
 expiration_date = "2028-03-01 00:00:00 UTC"
 key_agreement
 code_signing_key
 signing_key
 tls_www_server
 encryption_key
 cn = "management.literm.local"
 dns_name = "management.literm.local"
 dns_name = "www.management.literm.local"
--- a/Dokumentation/sourcecode/ca/certs/private/icinga.literm.local.key
+++ b/Dokumentation/sourcecode/ca/certs/private/icinga.literm.local.key
@ -0,0 +1,52 @@
 -----BEGIN PRIVATE KEY-----
 MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDWEX/C60xRo9dd
 a/+FM1Zf3BF1NEDHa1zAOUwYvVJHcmxfsM7FxwvZLZTZpRIRZdDPYDEXHG22few+
 B6qUNsFs2lLdbCwem5kMLx1a0LWhU2zE2O2ud9EWK/lhRlUfQrHLExbI7vqXSngJ
 4uFXAr+FEkyqaRfcWeeJiymOpnI3wnpOWwHt1y7p8tNOuer8QrBtQvy6ecA7Inp9
 exLyEzuxrj5JwJEVQOxToNhluk5MB7gxJaTwMHOmrfxWQpCHXbVMntp1JfBphiq4
 tVlALulqU77HLcmBc75LbF8lgCRuOsXCmt0DvDthyCBUI5YFyR4rt+wKUYKblrxP
 H7vs2RwlSwR6woM+Ruw1lomR6OF6acdRJWl92vCm84lygrJgLQvzn1tzqQWuw1Sf
 nWzm+EduBP7XTMGOIC9LgumjBiAiogf1Q9VIHiQ+LaXkv9EYE7b/2NHGkjGp+v0k
 7rgyhCjULMl72l/ezvR5nAI5FY2uFHvW0rCziVE+V/MIBVohVJKSNYL9OCfhGMhc
 9GXMtmdkH1LWerK9i4oHjbMoxKV0xWhnGO5Pdw8CErOd7dnO1EdUtKgck5PTRbZq
 oLQsrCTt4tpB2unWYFOShegWuOvlRQaIblIJOCxzSWW/FYrFnINp7XXd5UGowBsW
 wDWNzezfwdVyrZ/NLHdufUZMooSXmwIDAQABAoICAQCpbG4euhXMI41HPjuck5YQ
 Bl+20GVYr6tX48FLb0OYkoIddhUgyTmiaIX/f7r+FAQgrPQNY42duqnoKi8iYPfT
 jDO7VWrRyrplv0BPaRHnndxfK4Vp6SCNmL4l9AFY3XNT00bcPvAMH39D69IHCIDF
 9EbDNKwS1QEAhiic4zVQ1lXwf+zV7dIOjQYar+DASJPT1gmqGMRAyTgC6g6Dkx9S
 sCJSQttQ4/Jm+c1rLfncCNwJ4c5Z3y8ZQ2iMaOB0koD0JGGoCB/vlKVpTPZXawmI
 AsHiaGWsVAvPK/Vd+75Zk6CDNggodajV6gtULFoHODbtyQJC5GInfDSLtwUIHok7
 ss8Pt93sVPakXTHDWuh842AeSErAntDa/+kwvhu4wuEIQZkx0BRKXoe5EGGzwbYi
 A/T3KIuqOq67XT5ajLM185Zk/7MPpBvzKfEfHPz80OMLUWyHw9Py0GGrk5aKiUf3
 hHLvdrkedTE8jrRZU7Z1rzCgbaBJofWXfwKzbVuR4EiVG/21kXQSJkl9vHM7qzbn
 LCmumXTZRgsD8yooPp7lwUp6vG2387j9SAvkFc7kHjSF6QI6hQ6aEBgTGQ5FNPD5
 rwzdvX8rEhbLU8CSyE3bTzjln4FjcBlqIX3IlM+2zJAElEkdd1kO7QODi193e8Pu
 WiCElzrIQuOrSRmo9KcKQQKCAQEA1i1jnaaHBBMv5vO5ghk+8y5ED3eDZXis1NmS
 1ijJFsyw8vTWZLyRL+vc4QutCxesKIg6lWGLfhRWtGxjoO/isM1MhiVq5RVCwJgl
 gKgKtM7e76CWa1OCEO94MvtrZHxWyLzxRTPR2R8hSmvDbKlHm/O/lqzldt3OwK92
 3cTHk1gJWH2DofPjv0BkJC2UQ4joS5lnVqcM0JwFnlKsmxAaHf/08Uqv2KM29fxo
 xeHZdMgzKX9rWJJrVQPV8W6RYcQX6wvXNxVDbec0M6tVqaNAY0a0i//HlXc10ZKf
 oknjsBf+o6wvKMim0hgEgYrsw4a4n6fccqLtYB69q6JGmncsOwKCAQEA/96p77GV
 XVY1ttH2SaJBKNa/JuiNTWPUyKzH5zBTwjYQnottH9nlgmGZ7HFk8oM0CzUoKCHx
 Qi3MwUsHo3dHRwgCDvWwqMkjbITt828v0jsHgWn12MyfLycyS/8zBlUXwHWRxoJu
 WKONRurpNaiwQikVhUOhNQIdRL3A11tQEnH1XiPigov2T1dRSuRSOECLopoYRm8g
 nmaqgGlJtnZA7JfDNMzHYxJkPHhKApjWNbHRco9Hexet7B3jQeEiFArWHa2/3BDn
 I/yDTiVyLlR050GfW76j9p4IPnWtsE3jtrebnYFl9vsG+7xIjkLuBMU/7J5Zjzci
 r5ZrE4t74o1sIQKCAQEAyhAMeYHQw7Fucg/jJrC2ySsPHyB8INGXDUEv3UihXxdC
 ohUH6AZXW8TEoLUpTtvImnzb+G8M8agynQndfMqVLoSh+7V1gidq0NU6HIVthGPf
 xGfXQe6JOX0UA9Vb3nPIVJ6dadKX2qYZ/GJq/ys92g4+5OK9okVleDiShmvOdl6K
 gqf39mVoqtkPIWq3BHg34IscCY6U8oMgcdxB6BFq8n63EqaJ/HMPuUeneXm4dQsj
 6bTDC88n4A88WwkbtAcTIbgMFXXEJf4JK+4rZV4VsxPT5nksTQEpD02ruarIWyxo
 Gvapj2quqGvsZGMzOMzzhf0SaDz6gsK94x24SqbAXQKCAQEAtQi00aui05woewaJ
 LEYJtjximMPXHhdxON7OvWs7B+E61wItHmkL8rjdsCX214MvMnLUy7hgO4OuKGDO
 scC2BLLMygrZiEJvtttChId5nVQ4lj8DO/Zi9njUJGMWlfdky74jewFT05E8Zx3U
 DSwiMV1iJZzZFWk+jiF3rKelurc4dPgMznL6vd443TU4WyaH5W8Dl+oOeSSIpDxa
 dCes/fjOm6/7rsQXeZVeQAIlJW5/k39+gsAZRUNMRJNmiim0nuENK0YmVBbYTFVA
 OTl2URzkBISY++eKS671ShWB9QhpqQIhw6KOqVPpPgZq46Mv/Fl5YlQPTY6uifCZ
 oYyQIQKCAQB6ebblAQGtNyBco1PEGtrFqxsrj6Cf0jWeU8rXv84r5g6+hSD/xisb
 uBzd7jcWpaVP8h4yoJjA91TZObQe2DJBKuUj0kFXN9+8mfT1MWJJyTI1XVYqsCMo
 vSAJeGjEv0so7PfNlXuVRLC/nYEvVACGP2mfyNhQjomBDHc1JC+HUuFGSOtXTE1k
 j8QfbmfcngNFuKe5qLEjKFL/j2LsYBbKuWlbdzG3oYWPZnrPRkvrDLbgM+3bmXrf
 g1cfTgDQNSVNWHmt1vPWXgDFsz9RiXXpjc4koWX2BtDOm7qqoy0EQrAEK3S+GdAo
 /sG4mUie+fo/dKr+DddPpUUkjoDp71x3
 -----END PRIVATE KEY-----
--- a/Dokumentation/sourcecode/ca/certs/private/management.literm.local.key
+++ b/Dokumentation/sourcecode/ca/certs/private/management.literm.local.key
@ -0,0 +1,52 @@
 -----BEGIN PRIVATE KEY-----
 MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDERdZc8MbYSVBQ
 IWhANOblywhVAT8s9RNiAmWQVuuQAu3h5nELUi4ti4tAh7Xc2c9IFiw18/ZWICyo
 ICiCPEOCOxYX2CtJNIz6LXXv4vm3SgEeJp1XZVjhYnLFdcLXO+is0JqO6n2AUC29
 Ux37qChhECgjTB7Hj73b8M+liP05rS+yfJD1t+iQ1AKhfiXTmwf66fCbj8a61dYZ
 yT2xsEqUQA1ePHh+NGuZbytweeCoHHEnO9QcaNnHG6//DY439jc23xPuCWYWglyQ
 EmosrfOBzFnmMVPXidapKuvqIioEKUbuPDcr7svn+gX4xDCt75qwDnSEFHIgCGW+
 8gVdZ6GZ0ApgfZs1XbjcKT/wAOM/XX7FZPNzalWMAB4pnmvPe+6pO17+dXEb9rAM
 RmWjJWiY1c3UdiO6AeuA4L4m/o7cWPzSlquK1isVcrLKA8OUKq+G8rK63zufvHNS
 iu1V/SQ/179voO/j33ON46c05SsJgMdtfjk9TuTjCNo/zK+oZ4vW7s9ysaPx1Vd/
 Ko9q5Dmhet8G2dWjHBTjKVaZt8dwa5P5cCamCvo43CQa3Fg/nX/DGJmVZoJOvJnV
 bGL9D9j7sZQ8xSdz/62jw/mzgvoJiY+JrFJ6eQPfugabO3HAUW9W3iKWsOz1LjBk
 mBaliUGK6c1sfsvIW7qn88jtFUIFKQIDAQABAoICAGpHIqca3aE6OZnaLRgvTSP7
 B5z32tyeLAuzHonE9zL40xSycl3d9xFEcXfUxH49FseC8heY7bd/Ho8/MpAqz6dS
 FUl+DRpLsVa6jRUDQ5KjKO3JnQM45qLMazdO590iHICPSFHA2YpEYDAXNLITQSIl
 3IYYbsZCqFzTDa0l+3BiveQZHWlgVzctBeuqYhMt7GlKibXCaaq7pX47AQQZYJjc
 AiEX/2rfObBQiSYTaLm/BOpotBdaEyqEbI1gKrVUxlsY+jK3tibUGgkNX56n5qZP
 IBLMfQjGI41gp3QVYcj1DOptgrZwTMtlEBy/J1jX2Fwix6bJZ26+/VEivhLwzYiI
 X7Sy3frlOGpabJbFJMqlmzMLF+AOAYvsUqrpFiQcu4FvIBZ2/iyQU8EBhukSmJv4
 RELO3rSEv7N7KmEe69B86NJKJLluTJXxw97++/7tYqyq3HMnrDY7S3MshwU61AbU
 Fi7GzIginsRPW/AdlYkEaaxTpy99v4h9Ay7Ku49TXMgHJ4S7Sixvn/nxd3nfr1gl
 IlqfGE6u9OGj+waHzmFJt5Nol5BxnywCbi1S+Hx3Z/mde52ktwFrQGnI6TzJ6wVR
 7pIvrbjyuKGmMeH2tJeDCCcW0G+qcW16XVqsydvowiucg0A/hMjIiUNrJgy0TGJO
 9amPS1qSra9+ZvMq18UtAoIBAQDiwAfPoHdTvRTQZED0TkD/FOC2eJZs6HbN/nsC
 nICuDP/fn1wr7Sjn37rk+SRZiS7C1j3OHIPDaKLeWtP5vX78rXtJ/LxfFHZlG/zx
 qG1e8MZQXXdu2Uozm+NbJjRF2IDo3ZBSEBEgN1q8zIuwmgbWe6av8MlfDn5rkIHi
 J0a9ZG/cPDY/YHJGotOUAPkoIjvmcwf4pDzQTLMz0w9SCA0bkv5oyTjberm2Apjy
 H30UQMJYTzLvG27vjgE8BnQqzuVSrjZJDWKGYip7fKpkUxW0QO4PseQo/3zJaHEg
 2EfLzwDKNNmxF1WzdaeOGH+RTFExuwfp2KMhUBZauDoLyVs3AoIBAQDdl1q3jfy2
 RWR7TDoBYciZxVMsxkE2sWf/fC1YKEo7RM0VluvtGcOO0KeQJ/dO7EIcJD33tZVt
 rm4sTUMYdjbIV9v01O2JCy2kA8w4dIwEydNQdE/eIG20ZsOcdhIdCCO5nV64Zaur
 DSTcMDqa6aaNGoHpHXT55LuJv3lp2TaC+XJ8RPdNamtWm38wxbjVd+YDRGZ2AIM1
 HJ8w+SjjZJX17pO1vzmnvgPb4HRHkjHegQ2nTMdblmm1GOSa/Xb9F4ojzY/mlkXX
 9XH6CmBpN+SMt0YKaXgseTk5LwqHEGE8/SeqdIDHgDVGIBKSRknZGndsoQXG5kba
 G9W7jxcUu5KfAoIBABoXSI7OgwyCpEN6VbMG0hnH2DeG1qA/e3QmhRb+1Rux6Ttd
 BekUB/HuX337YQBgdZ37su7lfw/cGWmGf/+rm1IN0DLqPu6d1yW5O7i+zZ7wC5Gx
 v41kuVII7PdPBRLIX8TrwbB/osjXNbyluKkggArr/XkfNryWWVudLCTOqigex3RL
 BV7zhRK1p6zPE9xXXBcfQ1qL42eAe9pJveiNfpyepGGATeeLTpUv5VNu5iCPdw1c
 R5sVyAUOjPvQLkvCtMZ3v01WmfCmmQbOiHi0yrmMAxiROpSxGTW/q8zAtjowXoHl
 5OqoqbbVoesKzJr2ch1LzRROVi7+HSRhMGSsza8CggEBAKXrntGyT3drnkF0YjqG
 rV32ksED8fCyBd0XbhyEjpCyg52W1DFFCVj2g4E9a8B8x0OrH3tLTAhEg9pIP+Uh
 HwQERX6dsP7cj+Avt8rN+cncFY44iVUZkwtxpyaQgh+a6KUjYLlR56i8vszgkAFO
 0pb1MjELDXvP+Vy7Mn4/VsHbZg4G1eXxuU2wQRyT8EJm9KOdo9rXp2ctd0WES0l5
 F5B+g7ui49jmPp11A5xTq2Of3klXBC9gAObJLOOgxmfcKGOGmClgfAuojR9chbRD
 Va7HzHofXwxt+JsIzikz6ptwMzM+6O544WsQuNcuKj2Vw7ZjG6BC7OqDzRYTnoS3
 rqECggEAKWJO/2GtpqFQlIb2Upwb80eloSECV8O1lj5ajXQXMzV8UoPFIdsP25nk
 mn3IwUaYKZZpp6yxxzjfE8laz5jAuOqrbn9VL4jyzyrxL3JENmnLzcOg9DFt98Lq
 sX+pAxnsRzHiGwbfqlR3TMwUS7Jz7Ya/lhOhHGA4ywMHlJwON7PC0smLXsivk3mY
 YtwPzQl3lnbXM4C+VxgM8wEDshT9OTlmfgXU0vU7EozQVe3gGUcl118lKs8KmBXE
 JA2PzuHze60JnYMqpJMQTtCHkus0/Z3SfLZ7wJ5WerdIr/DJLA2CTADOENi+likX
 QIyHuoTt03fJN2W023aysHgCfQmkcQ==
 -----END PRIVATE KEY-----
--- a/Dokumentation/sourcecode/ca/certs/private/projekt.literm.local.key
+++ b/Dokumentation/sourcecode/ca/certs/private/projekt.literm.local.key
@ -0,0 +1,52 @@
 -----BEGIN PRIVATE KEY-----
 MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDCHycDtsi0Sqeh
 abHxgCsm6Fo2zwH3H7c1F1TkySJ91Ec5abmJKJLywbZ9MPH46iGL/lhtWM3rPpDc
 nVjnaVFKUkzDbCF3tsrtojzNDM+6JtNxrWFCV3Xqh4BFcBcIcFyx57Qzd/1tzCz8
 prpJUkph/eyXwwasVWzqHePUao7MFn4SKILUtObp9zCdYMbHlpFks0V+JyXjhS5P
 T9hMq1e307NRCZxlNC7knY4P0IudRp41Gj4Mnft3EM5DsKAicOyiGy3tHDgcPqrw
 9pwW2n4QrvwAPJXEpJxfW+oe3l1ki0sWL2SoVU2do7HquHntwUa9lF0qUAGxHj35
 iEqNPUuIcUZWJZqvTk4peYYAdvjrkgwAcZ08w73XPQCC+sVQYAjHmlwYztlXJHI+
 fqqVZT/FaUXOlyBQ7RfkaQdcom61FUyTuPoROxUzk83xnPjw2K9XH2iQb7gUOVup
 lXaxyWorQo4aBOYFHMmYnMnVMKgGZW3a03Iy9zrj8vQpgVe3Ubcyk5y+6MgIyPzA
 RuKpCkinslGb9ofJKN75zzCfQpdhq4pGyK2LLoE4+2Dq3Uz9qhYJTV5jIz+6yPVO
 3nCop/D4q9+ymZgDHvvpG95XLaRIvbxPyxAkGm8Mmw1eL6bjl9jj9sIV24nSvfev
 RwNTiYE/Ro74igvihDs2mRNAXOARYwIDAQABAoICAE6mgo8tqqnpqXtrsI4RiOpN
 r+eO/dPbhMY8+sdres8Sh/0KCgM5bjhvJfoZL6DTc94dokRDe8L5aYYJNnEkKax8
 Jd/z2qd/Zz7awdmufCeG/ZqMTeCsQPlSBzWbEan4pIXsRAWqcwLee8et4cI9VifX
 0tk2Smjef69nhtyUg+DKqC/BPCjkVr6qyYaqJD/PkH8FZ32SbPZ/CmFWD2QY9ARm
 ALwvsa8LcohsEZf0vexuJUGMrWE9TRpTs86XLHpn2GhhrLzp9w3ykh3pPRrBUdx+
 mVmbMm8m5rh4LCZvn9VR3o1RjG3rifP50+cu8S/UZE4BY7H2EolpoGCOyO3qzMP5
 uDE/7TMvSxwEeVEQv9W7DIEiEq86sxTXsab+iUT/qJ4FYDlWaloXn5KaYlhL9DcX
 sNX9COycGzOrDPAX1pJFwdV1QF/6SlrLNlggQBkERQ9dbMTVDyAMooyyA3aaPyGT
 pfOYNEhbP+5wePBsNtT7sxRycp4PHqzLBmtY1dAr+sW0CAKhnBEx3CyuQyakuAtw
 3L39ARMxg4Vt32fgfXiBO77dB/GQIwzcEVFCQcMxkwaqLKIzXF2uduowHdY6qGUL
 12sn5IWUYUajWf+LT1wbmqoF0JzUExezsPZS3DURakfvSa+DlB3ZkF3BP0topXXi
 R/2fpj3mrCQf5uWowEqBAoIBAQDkJ0LEAdEbonfV6I8Fn/lCYgX/GdCzE8fSM+Ak
 qnu8xYR0bdDZAso4Cra+ewdXqZ1jomB+vZp8Ce8pV513+BNh4p+8YHKaLzr5VWmd
 gdVngs3dB6ba+UAAqdA6e2qxl0ECHYeqLfrROcgjfwdfAdpxrtYcMgn+nHmevCAh
 es5QKmIi1859dt4BUYntJDeVorhHW5V/BivAParCULGhUEMCx2Y5xRxS3cNVjmfr
 DWhlzfmNlxGQhOreHIa3RoOJ40OZexkpo16KtjVmwCpWNTm1YkBJnat9wRyrpVzn
 n1Uv+NZcW5JVDVI884zpzTje4h2DBn4ZFgV5M1qihEqcSwtBAoIBAQDZ0I8VwYX8
 nq9gopYWgpAAhxDvNoqG+hECl/hDp25iji+zv7odRe3dam4Yn8BbgD3eoZd54I+x
 mn0gwIVXOvFLZ5uzz7knhfvKBPXN43rsh/Jo+HfMadxouIviPp1kr22JYREEf/Fj
 F8kkhifTpHGr4X5aORuGPUqzDmmUm5nxAahfvvIUxZhIwm63w/fr2BO3qfBuAlwz
 R29fgphf8kc2Z+IzCjC/zvNY4nlZDRkTl4LwYthdiMs0WrpWRVHlQHh0vL937Bsg
 hc4x9sNsPrvIOK/LO+V2h8eqmdvlGNzb5wUwy6kQsetNLISIkR6SWzIUOvSFME/l
 9dUUNtg3ISejAoIBAG4d4OSXd+SdmrccgoMVfgmjI//G5uq3nlb/AKzRt90Ze99x
 7T4AUbeQvDjdSmLuE2+2PFqPipNZfBv5FKCFlF1HMw+JgWaXayBSMCJ8OpK2GEQY
 4FiJunFXhI/lZ06FkTPDKuphPNBk0gsH0XfyfgsmdmKvaBGCVlTduahPDGq2uhzV
 Ce2WRHpgb3CMbWOEYOrX8iSXxuAHI3ab2c/g3CboNJenYg9Ax3lwvQk+tGeGbW8A
 PdMBxBYlsIOevff8P3FBb5igKA5M+SM5lnV7RPodjKe7OLz+SqcxrdCBH22C7Xsw
 G0V/o3SVnCpwCYXRnqrRpGTZMxUXSyRrM1OSCMECggEAdB4lSZnjzirioAfNL67n
 CgD3XC+dZhvGGbXemmKWDGB0ucTKeXSgPFvS2bnAmIcjdJ583HKE6E/NyToZW8mG
 fYZ8kT16HcHl22sNh3dwPsyyxJdBdm4xHHrVyAVNbzG+mXBv3BBBJWy2xIvoi4Gt
 P850x7COJeBjBFX4n0rcpIkXtANdlwlIB/HviHQmpUqKKG2mSV9ku8mnbCl5Bh1p
 LW3wPvl9x6OSQ55oxrqe1bz+Bx0K78JPYlfD4t4NrMPT85f0EwCB7bKnnCdLQ1em
 UDU4MoZ569iy7xYbDmVUyL6+G6dXOBlBseC7vvpua+PGLNbJKH/6+EM4FxCt76Xz
 NQKCAQEAqAOZmtqT/vqDUC7FfN/59/5sSqztRbP51eak4BG1ZSTnU4DF8dW04JNx
 lHAlh2yjzAashDbrB2YyS7uUwMV/5O1pqKYzL1fEhrnhsU+ZBa+jXq7xpJuaLjmY
 T7B70TaJuW+PeJXMgTk7b7Ea3XGso5JZTUGzaML5bCYZCah/z65Etz88pIPThJ1C
 lUC9kYUd+h2W8yzYcILpDb1yuNxCgrJYqhXvT3hZpTaxNUH0CWobwNRCWmJXEwvu
 OBxu5DbdEy4tmsXTw3OJm4kKN0SotIwCCDnsnJ7kxKSONfBD2uWcWJ+Jb6AgVAuN
 4UdOLwLHwElprBPFDd+pkoXyIstc2A==
 -----END PRIVATE KEY-----
--- a/Dokumentation/sourcecode/ca/certs/projekt.literm.local.txt
+++ b/Dokumentation/sourcecode/ca/certs/projekt.literm.local.txt
@ -0,0 +1,20 @@
 organization = "Berufsbildungswerk Südhessen gGmbH"
 unit = "Kaufmännischer Bereich"
 unit = "IT"
 locality = "Karben"
 state = "Hessen"
 country = DE
 dc = "literm"
 dc = "local"
 dn_oid = "2.5.4.9 Am Heroldsrain 1" # Straße
 dn_oid = "2.5.4.17 61184" # Postleitzahl
 activation_date = "2018-03-01 00:00:00 UTC"
 expiration_date = "2028-03-01 00:00:00 UTC"
 key_agreement
 code_signing_key
 signing_key
 tls_www_server
 encryption_key
 cn = "projekt.literm.local"
 dns_name = "projekt.literm.local"
 dns_name = "www.projekt.literm.local"
--- a/Dokumentation/sourcecode/ca/gencrt
+++ b/Dokumentation/sourcecode/ca/gencrt
@ -5,5 +5,5 @@ if [ -z "$1" ]; then
    exit 1
 fi
 sed "s/DOMAIN/$1/g" normcert.txt >$crtdir/$1.txt
-certtool -p --null-password --bits=$laenge --$typ --outfile=$crtdir/$1.key -8
+certtool -p --bits=$laenge --$typ --outfile=$crtdir/private/$1.key -8
-certtool -c --null-password --load-ca-privkey=ca.key --load-ca-certificate=ca.pem --load-privkey=$crtdir/$1.key --outfile=$crtdir/$1.pem --template=$crtdir/$1.txt
+certtool -c --load-ca-privkey=ca.key --load-ca-certificate=ca.pem --load-privkey=$crtdir/private/$1.key --outfile=$crtdir/certs/$1.crt --template=$crtdir/$1.txt
--- a/Dokumentation/sourcecode/ca/genpuppet
+++ b/Dokumentation/sourcecode/ca/genpuppet
@ -1,4 +0,0 @@
 #!/bin/bash
 source ./config
 certtool -p --null-password --bits=$laenge --$typ --outfile=puppet.key -8
 certtool -c --null-password --load-ca-privkey=ca.key --load-ca-certificate=ca.pem --load-privkey=puppet.key --outfile=puppet.pem --template=puppet.txt
--- a/Dokumentation/sourcecode/ca/normcert.txt
+++ b/Dokumentation/sourcecode/ca/normcert.txt
@ -4,11 +4,15 @@ unit = "IT"
 locality = "Karben"
 state = "Hessen"
 country = DE
-dc = "bbw"
+dc = "literm"
 dc = "local"
 dn_oid = "2.5.4.9 Am Heroldsrain 1" # Straße
 dn_oid = "2.5.4.17 61184" # Postleitzahl
 activation_date = "2018-03-01 00:00:00 UTC"
 expiration_date = "2028-03-01 00:00:00 UTC"
 key_agreement
 code_signing_key
 signing_key
 tls_www_server
 encryption_key
 cn = "DOMAIN"
--- a/Dokumentation/sourcecode/site.pp
+++ b/Dokumentation/sourcecode/site.pp
@ -1,134 +0,0 @@
 mod "oxc-dovecot", "1.0.1"
 mod "pcfens-ca_cert", "1.7.1"
 class { "ca_cert": }
 ca_cert::ca { "GlobalSign-OrgSSL-Intermediate":
  ensure => "trusted",
  source => "puppet:///module/bbwmodul/bbwca.crt",
 }
 class {"apt":
  update => {
    frequency => "daily",
  },
 }
 class { "apt::backports":}
 node "zeus", "hades" {
    apt::source { "fusiondirectory":
        location => "http://repos.fusiondirectory.org/fusiondirectory-current/debian-jessie/",
        release => "stable",
        repos => "main",
        key => {
            "id" => "D744D55EACDA69FF",
            "server" => "pgp.mit.edu",
        },
        include => {
            "deb" => true,
        },
    }
 }
 node "zeus" {
    class { "postgresql::globals":
        encoding => "UTF-8",
        locale   => "de_DE.UTF-8",
    }
    class { "postgresql::server":
    }
    postgresql::server::db { "icinga":
        user => "icinga",
        password => postgresql_password("icinga", ""),
    }
    postgresql::server::db { "sogo":
        user => "sogo",
        password => postgresql_password("sogo", ""),
    }
    postgresql::server::role { "tobieseb":
        password_hash => postgresql_password("tobieseb", "mypasswd"),
        superuser => true,
    }
    postgresql::server::pg_hba_rule { "sogo access rule":
        description => "Gibt sogo zugriff auf die datenbank",
        type        => "host",
        database    => "sogo",
        user        => "sogo",
        address     => "10.x.x.3",
        auth_method => "md5",
    }
    postgresql::server::pg_hba_rule { "icinga access rule":
        description => "Gibt Icinga zugriff auf die datenbank",
        type        => "host",
        database    => "icinga",
        user        => "icinga",
        address     => "10.x.x.3",
        auth_method => "md5",
    }
    postgresql::server::pg_hba_rule { "tobieseb access rule":
        description => "Gibt dem Superuser Zugriff auf die datenbank",
        type        => "host",
        user        => "tobieseb",
        address     => "172.16.34.0/23",
        auth_method => "md5",
    }
    file { "/etc/dovecot/private/dovecot-ldap.conf":
        mode => 000,
        owner => "",
        group => "",
        source => "puppet:///modules/bbwmodul/dovecot-ldap.conf",
    }
    class { "dovecot":
        "plugins" => [ "imap" ],
        "config" => {
            "protocols" => "imap",
            "listen" => "*, ::",
        },
        "configs" => {
            "auth-ldap" => {
                "passdb" => {
                    "driver" => "ldap",
                    "args" => "/etc/dovecot/private/dovecot-ldap.conf",
                },
                "userdb" => {
                    "driver" => "ldap",
                    "args" => "/etc/dovecot/private/dovecot-ldap.conf",
                },
            },
        },
    }
 }
 node "poseidon" {
 }
 node "hades" {
    class { "apache": }
    class { "apache::mod::ssl": }
    apache2::vhost { "sogo.bbw http":
        "port" => "80",
        redirect_status => "permanent",
        redirect_dest   => "https://sogo.bbw/",
        "servername" => "sogo.bbw",
        "ssl" => false,
    }
    apache2::vhost { "sogo.bbw https":
        "port" => "443",
        "docroot" => "",
        "servername" => "sogo.bbw",
        "ssl" => true,
    }
    apache2::vhost { "management.bbw http":
        "port" => "80",
        redirect_status => "permanent",
        redirect_dest   => "https://management.bbw/",
        "servername" => "management.bbw",
        "ssl" => false,
    }
    apache2::vhost { "management.bbw https":
        "port" => "80",
        "docroot" => "",
        "servername" => "management.bbw",
        "ssl" => true,
    }
 }