Regenerate the long-lived test certificates to use SHA-256

BUG=401365

Review URL: https://codereview.chromium.org/515813002

Cr-Commit-Position: refs/heads/master@{#297061}

chrome/common/net/x509_certificate_model_unittest.cc

@@ -26,7 +26,7 @@ TEST(X509CertificateModelTest, GetCertNameOrNicknameAndGetTitle) {
 
   scoped_refptr<net::X509Certificate> punycode_cert(
       net::ImportCertFromFile(net::GetTestCertsDirectory(),
-                              "punycodetest.der"));
+                              "punycodetest.pem"));
   ASSERT_TRUE(punycode_cert.get());
   EXPECT_EQ("xn--wgv71a119e.com (日本語.com)",
             x509_certificate_model::GetCertNameOrNickname(
@@ -87,8 +87,8 @@ TEST(X509CertificateModelTest, GetExtensions) {
 
     EXPECT_EQ("Certificate Subject Key ID", extensions[1].name);
     EXPECT_EQ(
-        "notcrit\nKey ID: 2B 88 93 E1 D2 54 50 F4 B8 A4 20 BD B1 79 E6 0B\nAA "
-        "EB EC 1A",
+        "notcrit\nKey ID: BC F7 30 D1 3C C0 F2 79 FA EF 9F C9 6C 5C 93 F3\n8A "
+        "68 AB 83",
         extensions[1].value);
 
     EXPECT_EQ("Certificate Key Usage", extensions[2].name);
@@ -381,22 +381,22 @@ TEST(X509CertificateModelTest, ProcessSubjectPublicKeyInfo) {
     ASSERT_TRUE(cert.get());
     EXPECT_EQ(
         "Modulus (2048 bits):\n"
-        "  AB A3 84 16 05 AE F4 80 85 81 A7 A8 59 FA BB 0E\n"
-        "5E 7B 04 DC C4 44 7A 41 05 37 9D 45 A1 6B DE E8\n"
-        "FE 0F 89 D3 39 78 EB 68 01 4F 15 C0 4B 13 A4 4C\n"
-        "25 95 ED A4 BB D9 AD F7 54 0C F1 33 4E D7 25 88\n"
-        "B0 28 5E 64 01 F0 33 7C 4D 3B D8 5C 48 04 AF 77\n"
-        "52 6F EA 99 B0 07 E6 6D BB 63 9E 33 AD 18 94 30\n"
-        "96 46 F4 41 D6 69 E3 EE 55 DE FA C3 D4 36 D3 D1\n"
-        "71 87 28 3B B8 FC 4B 2D BF 3C E2 FB 8C E8 FA 99\n"
-        "44 0C BD 5D CB E3 A9 F6 0D 3D 1C EB B6 80 1E BE\n"
-        "A5 51 B5 60 04 77 72 47 96 17 0D 8E 44 EE FA C4\n"
-        "5F AB 31 16 DC 68 9A 9F 9A 79 94 04 B9 0F 14 DF\n"
-        "C1 9A FA 37 AB 7F 70 B8 80 DD 48 25 ED BD 43 67\n"
-        "01 C1 32 9D 76 A1 FE C1 64 D8 00 77 73 D1 3F 21\n"
-        "86 92 72 E8 91 36 45 84 8B B7 14 5E B0 32 5C A3\n"
-        "ED 30 DA 36 45 DB DF 55 41 18 CF FE 36 37 ED BB\n"
-        "D3 09 1F D6 D6 91 D2 D8 5F 73 02 52 D3 AA 0D 23\n"
+        "  B6 49 41 E3 42 01 51 A8 7F 3C 7A 71 D3 FB CD 91\n"
+        "35 17 84 1A 8E F6 36 C7 D1 70 1D FA 86 F3 6E BB\n"
+        "76 6F E8 32 2E 37 FD 38 92 3D 68 E4 8A 7D 42 33\n"
+        "14 46 1B DC 04 F6 91 6E 54 40 C4 0A 09 FD EC 2D\n"
+        "62 E2 5E E1 BA 2C 9C C1 B1 60 4C DA C7 F8 22 5C\n"
+        "82 20 65 42 1E 56 77 75 4F EB 90 2C 4A EA 57 0E\n"
+        "22 8D 6C 95 AC 11 EA CC D7 EE F6 70 0D 09 DD A6\n"
+        "35 61 5D C9 76 6D B0 F2 1E BF 30 86 D8 77 52 36\n"
+        "95 97 0E D1 46 C5 ED 81 3D 1B B0 F2 61 95 3C C1\n"
+        "40 38 EF 5F 5D BA 61 9F EF 2B 9C 9F 85 89 74 70\n"
+        "63 D5 76 E8 35 7E CE 01 E1 F3 11 11 90 1C 0D F5\n"
+        "FD 8D CE 10 6C AD 7C 55 1A 21 6F D7 2D F4 78 15\n"
+        "EA 2F 38 BD 91 9E 3C 1D 07 46 F5 43 C1 82 8B AF\n"
+        "12 53 65 19 8A 69 69 66 06 B2 DA 0B FA 2A 00 A1\n"
+        "2A 15 84 49 F1 01 BF 9B 30 06 D0 15 A0 1F 9D 51\n"
+        "91 47 E1 53 5F EF 5E EC C2 61 79 C2 14 9F C4 E3\n"
         "\n"
 #if defined(USE_OPENSSL)
         "  Public Exponent (17 bits):\n"
@@ -412,11 +412,11 @@ TEST(X509CertificateModelTest, ProcessSubjectPublicKeyInfo) {
         net::GetTestCertsDirectory(), "prime256v1-ecdsa-intermediate.pem"));
     ASSERT_TRUE(cert.get());
     EXPECT_EQ(
-        "04 D1 35 14 53 74 2F E1 E4 9B 41 9E 42 9D 10 6B\n"
-        "0B F4 16 8F BC A7 C7 A4 39 09 73 34 CB 87 DF 2F\n"
-        "7E 4A 5F B1 B5 E4 DC 49 41 4E A8 81 34 B5 DA 7D\n"
-        "27 7D 05 C1 BD 0A 29 6D AD A3 5D 37 7B 56 B7 1B\n"
-        "60",
+        "04 DB 98 07 BC 61 DD 2D E6 B3 CC F7 D5 EA F7 A1\n"
+        "0D 28 DE F2 7C 26 97 CA EB D1 DB A3 1E C1 8F E9\n"
+        "E0 1E FE 31 BB AA 4A 5C 85 37 A6 FF 9E 2E 96 23\n"
+        "22 B8 30 5F 8F 22 AE B9 8B 6D 4F BD 4E F3 52 12\n"
+        "D4",
         x509_certificate_model::ProcessSubjectPublicKeyInfo(
             cert->os_cert_handle()));
   }
@@ -427,22 +427,22 @@ TEST(X509CertificateModelTest, ProcessRawBitsSignatureWrap) {
       net::GetTestCertsDirectory(), "root_ca_cert.pem"));
   ASSERT_TRUE(cert.get());
   EXPECT_EQ(
-      "A8 58 42 E4 7C B1 46 11 EE 56 B7 09 08 FB 06 44\n"
-      "F0 A9 60 03 F0 05 23 09 3C 36 D6 28 1B E5 D6 61\n"
-      "15 A0 6F DE 69 AC 28 58 05 F1 CE 9B 61 C2 58 B0\n"
-      "5D ED 6C 75 44 E2 68 01 91 59 B1 4F F3 51 F2 23\n"
-      "F6 47 42 41 57 26 4F 87 1E D2 9F 94 3A E2 D0 4E\n"
-      "6F 02 D2 92 76 2C 0A DD 58 93 E1 47 B9 02 A3 3D\n"
-      "75 B4 BA 24 70 87 32 87 CF 76 4E A0 41 8B 86 42\n"
-      "18 55 ED A5 AE 5D 6A 3A 8C 28 70 4C F1 C5 36 6C\n"
-      "EC 01 A9 D6 51 39 32 31 30 24 82 9F 88 D9 F5 C1\n"
-      "09 6B 5A 6B F1 95 D3 9D 3F E0 42 63 FC B7 32 90\n"
-      "55 56 F2 76 1B 71 38 BD BD FB 3B 23 50 46 4C 2C\n"
-      "4E 49 48 52 EA 05 5F 16 F2 98 51 AF 2F 79 36 2A\n"
-      "A0 BA 36 68 1B 29 8B 7B E8 8C EA 73 31 E5 86 D7\n"
-      "2C D8 56 06 43 D7 72 D2 F0 27 4E 64 0A 2B 27 38\n"
-      "36 CD BE C1 33 DB 74 4B 4E 74 BE 21 BD F6 81 66\n"
-      "D2 FD 2B 7F F4 55 36 C0 ED A7 44 CA B1 78 1D 0F",
+      "57 07 29 FB 7F E8 FF B0 E6 D8 58 6A C3 90 A1 38\n"
+      "1C B4 F3 68 B1 EC E8 89 23 24 D7 A8 F2 21 C3 60\n"
+      "E4 A4 49 5C 00 BF DF C7 82 78 80 2B 18 F7 AD DD\n"
+      "D0 62 5E A7 B0 CC F0 AA B4 CE 70 12 59 65 67 76\n"
+      "05 00 18 9A FF C4 2A 17 E3 F1 55 D8 BE 5C 5E EB\n"
+      "CA CB 53 87 10 D5 09 32 36 A7 5E 41 F4 53 DA 7E\n"
+      "56 60 D2 7E 4E 9A A5 08 5F 5D 75 E9 E7 30 CB 22\n"
+      "E9 EF 19 49 83 A5 23 A1 F8 60 4C E5 36 D5 39 78\n"
+      "18 F1 5E BF CE AA 0B 53 81 2C 78 A9 0A 6B DB 13\n"
+      "10 21 14 7F 1B 70 3D 89 1A 40 8A 06 2C 5D 50 19\n"
+      "62 F9 C7 45 89 F2 3D 66 05 3D 7D 75 5B 55 1E 80\n"
+      "42 72 A1 9A 7C 6D 0A 74 F6 EE A6 21 6C 3A 98 FB\n"
+      "77 82 5F F2 6B 56 E6 DD 9B 8E 50 F0 C6 AE FD EA\n"
+      "A6 05 07 A9 26 06 56 B3 B2 D9 B2 37 A0 21 3E 79\n"
+      "06 1F B9 51 BE F4 B1 49 4D 90 B5 33 E5 0E C7 5E\n"
+      "5B 40 C5 6A 04 D1 43 7A 94 6A A4 4F 61 FC 82 E0",
       x509_certificate_model::ProcessRawBitsSignatureWrap(
           cert->os_cert_handle()));
 }

net/cert/cert_verify_proc.cc

@@ -581,8 +581,8 @@ bool CertVerifyProc::HasNameConstraintsViolation(
     // Not a real certificate - just for testing. This is the SPKI hash of
     // the keys used in net/data/ssl/certificates/name_constraint_*.crt.
     {
-      {0x15, 0x45, 0xd7, 0x3b, 0x58, 0x6b, 0x47, 0xcf, 0xc1, 0x44,
-       0xa2, 0xc9, 0xaa, 0xab, 0x98, 0x3d, 0x21, 0xcc, 0x42, 0xde},
+      {0x61, 0xec, 0x82, 0x8b, 0xdb, 0x5c, 0x78, 0x2a, 0x8f, 0xcc,
+       0x4f, 0x0f, 0x14, 0xbb, 0x85, 0x31, 0x93, 0x9f, 0xf7, 0x3d},
       kDomainsTest,
     },
   };

net/cert/cert_verify_proc_unittest.cc

@@ -558,7 +558,7 @@ TEST_F(CertVerifyProcTest, NameConstraintsOk) {
   ScopedTestRoot test_root(ca_cert_list[0].get());
 
   CertificateList cert_list = CreateCertificateListFromFile(
-      GetTestCertsDirectory(), "name_constraint_ok.crt",
+      GetTestCertsDirectory(), "name_constraint_good.pem",
       X509Certificate::FORMAT_AUTO);
   ASSERT_EQ(1U, cert_list.size());
 
@@ -593,7 +593,7 @@ TEST_F(CertVerifyProcTest, NameConstraintsFailure) {
   ScopedTestRoot test_root(ca_cert_list[0].get());
 
   CertificateList cert_list = CreateCertificateListFromFile(
-      GetTestCertsDirectory(), "name_constraint_bad.crt",
+      GetTestCertsDirectory(), "name_constraint_bad.pem",
       X509Certificate::FORMAT_AUTO);
   ASSERT_EQ(1U, cert_list.size());
 
@@ -1150,53 +1150,6 @@ TEST_F(CertVerifyProcTest, CybertrustGTERoot) {
 #endif
 
 #if defined(USE_NSS) || defined(OS_IOS) || defined(OS_WIN) || defined(OS_MACOSX)
-static const uint8 kCRLSetLeafSPKIBlocked[] = {
-  0x8e, 0x00, 0x7b, 0x22, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x3a,
-  0x30, 0x2c, 0x22, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70,
-  0x65, 0x22, 0x3a, 0x22, 0x43, 0x52, 0x4c, 0x53, 0x65, 0x74, 0x22, 0x2c, 0x22,
-  0x53, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65, 0x22, 0x3a, 0x30, 0x2c, 0x22,
-  0x44, 0x65, 0x6c, 0x74, 0x61, 0x46, 0x72, 0x6f, 0x6d, 0x22, 0x3a, 0x30, 0x2c,
-  0x22, 0x4e, 0x75, 0x6d, 0x50, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x73, 0x22, 0x3a,
-  0x30, 0x2c, 0x22, 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x53, 0x50, 0x4b,
-  0x49, 0x73, 0x22, 0x3a, 0x5b, 0x22, 0x43, 0x38, 0x4d, 0x4a, 0x46, 0x55, 0x55,
-  0x5a, 0x38, 0x43, 0x79, 0x54, 0x2b, 0x4e, 0x57, 0x64, 0x68, 0x69, 0x7a, 0x51,
-  0x68, 0x54, 0x49, 0x65, 0x46, 0x49, 0x37, 0x76, 0x41, 0x77, 0x7a, 0x64, 0x54,
-  0x79, 0x52, 0x59, 0x45, 0x6e, 0x78, 0x6c, 0x33, 0x62, 0x67, 0x3d, 0x22, 0x5d,
-  0x7d,
-};
-
-static const uint8 kCRLSetLeafSerialBlocked[] = {
-  0x60, 0x00, 0x7b, 0x22, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x3a,
-  0x30, 0x2c, 0x22, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70,
-  0x65, 0x22, 0x3a, 0x22, 0x43, 0x52, 0x4c, 0x53, 0x65, 0x74, 0x22, 0x2c, 0x22,
-  0x53, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65, 0x22, 0x3a, 0x30, 0x2c, 0x22,
-  0x44, 0x65, 0x6c, 0x74, 0x61, 0x46, 0x72, 0x6f, 0x6d, 0x22, 0x3a, 0x30, 0x2c,
-  0x22, 0x4e, 0x75, 0x6d, 0x50, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x73, 0x22, 0x3a,
-  0x31, 0x2c, 0x22, 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x53, 0x50, 0x4b,
-  0x49, 0x73, 0x22, 0x3a, 0x5b, 0x5d, 0x7d, 0x0f, 0x87, 0xe4, 0xc7, 0x75, 0xea,
-  0x46, 0x7e, 0xf3, 0xfd, 0x82, 0xb7, 0x46, 0x7b, 0x10, 0xda, 0xc5, 0xbf, 0xd8,
-  0xd1, 0x29, 0xb2, 0xc6, 0xac, 0x7f, 0x51, 0x42, 0x15, 0x28, 0x51, 0x06, 0x7f,
-  0x01, 0x00, 0x00, 0x00,  // number of serials
-  0x01, 0xed,  // serial 0xed
-};
-
-static const uint8 kCRLSetQUICSerialBlocked[] = {
-  0x60, 0x00, 0x7b, 0x22, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x3a,
-  0x30, 0x2c, 0x22, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70,
-  0x65, 0x22, 0x3a, 0x22, 0x43, 0x52, 0x4c, 0x53, 0x65, 0x74, 0x22, 0x2c, 0x22,
-  0x53, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65, 0x22, 0x3a, 0x30, 0x2c, 0x22,
-  0x44, 0x65, 0x6c, 0x74, 0x61, 0x46, 0x72, 0x6f, 0x6d, 0x22, 0x3a, 0x30, 0x2c,
-  0x22, 0x4e, 0x75, 0x6d, 0x50, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x73, 0x22, 0x3a,
-  0x31, 0x2c, 0x22, 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x53, 0x50, 0x4b,
-  0x49, 0x73, 0x22, 0x3a, 0x5b, 0x5d, 0x7d,
-  // Issuer SPKI SHA-256 hash:
-  0xe4, 0x3a, 0xa3, 0xdb, 0x98, 0x31, 0x61, 0x05, 0xdd, 0x57, 0x6d, 0xc6, 0x2f,
-  0x71, 0x26, 0xba, 0xdd, 0xf4, 0x98, 0x3e, 0x62, 0x22, 0xf8, 0xf9, 0xe4, 0x18,
-  0x62, 0x77, 0x79, 0xdb, 0x9b, 0x31,
-  0x01, 0x00, 0x00, 0x00,  // number of serials
-  0x01, 0x03,  // serial 3
-};
-
 // Test that CRLSets are effective in making a certificate appear to be
 // revoked.
 TEST_F(CertVerifyProcTest, CRLSet) {
@@ -1219,11 +1172,13 @@ TEST_F(CertVerifyProcTest, CRLSet) {
   EXPECT_EQ(OK, error);
   EXPECT_EQ(0U, verify_result.cert_status);
 
-  // First test blocking by SPKI.
-  base::StringPiece crl_set_bytes(
-      reinterpret_cast<const char*>(kCRLSetLeafSPKIBlocked),
-      sizeof(kCRLSetLeafSPKIBlocked));
   scoped_refptr<CRLSet> crl_set;
+  std::string crl_set_bytes;
+
+  // First test blocking by SPKI.
+  EXPECT_TRUE(base::ReadFileToString(
+      GetTestCertsDirectory().AppendASCII("crlset_by_leaf_spki.raw"),
+      &crl_set_bytes));
   ASSERT_TRUE(CRLSetStorage::Parse(crl_set_bytes, &crl_set));
 
   error = Verify(cert.get(),
@@ -1236,9 +1191,10 @@ TEST_F(CertVerifyProcTest, CRLSet) {
 
   // Second, test revocation by serial number of a cert directly under the
   // root.
-  crl_set_bytes =
-      base::StringPiece(reinterpret_cast<const char*>(kCRLSetLeafSerialBlocked),
-                        sizeof(kCRLSetLeafSerialBlocked));
+  crl_set_bytes.clear();
+  EXPECT_TRUE(base::ReadFileToString(
+      GetTestCertsDirectory().AppendASCII("crlset_by_root_serial.raw"),
+      &crl_set_bytes));
   ASSERT_TRUE(CRLSetStorage::Parse(crl_set_bytes, &crl_set));
 
   error = Verify(cert.get(),
@@ -1288,9 +1244,10 @@ TEST_F(CertVerifyProcTest, CRLSetLeafSerial) {
 
   // Test revocation by serial number of a certificate not under the root.
   scoped_refptr<CRLSet> crl_set;
-  base::StringPiece crl_set_bytes =
-      base::StringPiece(reinterpret_cast<const char*>(kCRLSetQUICSerialBlocked),
-                        sizeof(kCRLSetQUICSerialBlocked));
+  std::string crl_set_bytes;
+  ASSERT_TRUE(base::ReadFileToString(
+      GetTestCertsDirectory().AppendASCII("crlset_by_intermediate_serial.raw"),
+      &crl_set_bytes));
   ASSERT_TRUE(CRLSetStorage::Parse(crl_set_bytes, &crl_set));
 
   error = Verify(leaf.get(),

net/cert/nss_cert_database_unittest.cc

@@ -569,7 +569,7 @@ TEST_F(CertDatabaseNSSTest, DISABLED_ImportServerCert) {
 
 TEST_F(CertDatabaseNSSTest, ImportServerCert_SelfSigned) {
   CertificateList certs;
-  ASSERT_TRUE(ReadCertIntoList("punycodetest.der", &certs));
+  ASSERT_TRUE(ReadCertIntoList("punycodetest.pem", &certs));
 
   NSSCertDatabase::ImportCertFailureList failed;
   EXPECT_TRUE(cert_db_->ImportServerCert(certs, NSSCertDatabase::TRUST_DEFAULT,
@@ -600,7 +600,7 @@ TEST_F(CertDatabaseNSSTest, ImportServerCert_SelfSigned) {
 
 TEST_F(CertDatabaseNSSTest, ImportServerCert_SelfSigned_Trusted) {
   CertificateList certs;
-  ASSERT_TRUE(ReadCertIntoList("punycodetest.der", &certs));
+  ASSERT_TRUE(ReadCertIntoList("punycodetest.pem", &certs));
 
   NSSCertDatabase::ImportCertFailureList failed;
   EXPECT_TRUE(cert_db_->ImportServerCert(certs, NSSCertDatabase::TRUSTED_SSL,

net/data/ssl/certificates/1024-rsa-ee-by-1024-rsa-intermediate.pem

@@ -1,50 +1,49 @@
 Certificate:
     Data:
         Version: 1 (0x0)
-        Serial Number: 237 (0xed)
-        Signature Algorithm: sha1WithRSAEncryption
+        Serial Number: 2 (0x2)
+    Signature Algorithm: sha256WithRSAEncryption
         Issuer: CN=1024 rsa Test intermediate CA
         Validity
-            Not Before: Dec 12 22:47:53 2011 GMT
-            Not After : Dec  9 22:47:53 2021 GMT
+            Not Before: Aug 14 02:47:20 2014 GMT
+            Not After : Aug 11 02:47:20 2024 GMT
         Subject: C=US, ST=California, L=Mountain View, O=Test CA, CN=127.0.0.1
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:de:52:f9:7c:4e:29:e3:35:24:63:74:83:70:5b:
-                    90:75:75:53:65:cb:74:a1:8e:b8:5a:bf:17:d0:0d:
-                    a5:73:af:13:08:94:e4:ad:c3:d3:5c:bd:fd:b0:f7:
-                    0b:97:55:bd:7b:4d:87:54:d3:6b:0f:3f:1c:b9:fc:
-                    3b:65:20:29:4e:18:f0:77:fe:13:bb:b3:25:30:e4:
-                    3e:04:fa:49:4a:45:d0:80:a0:de:ba:1c:c9:be:ca:
-                    83:cc:94:18:f9:16:ab:3d:0f:43:28:b2:2c:d9:cf:
-                    43:17:17:48:9a:8e:6f:7a:53:46:4e:aa:ff:89:7b:
-                    a8:0e:e4:04:41:b8:45:a5:4f
+                Public-Key: (1024 bit)
+                Modulus:
+                    00:b8:47:d6:b7:60:88:5f:94:b2:17:9b:e5:21:74:
+                    97:70:b1:32:fb:23:73:84:f4:32:eb:25:87:2e:33:
+                    f4:25:08:5d:c9:1c:6b:ee:98:bc:dd:69:89:41:df:
+                    38:13:7c:ed:16:ee:f0:7a:51:33:23:5f:ae:e4:5f:
+                    3e:11:54:9f:68:f9:39:c7:6e:1c:76:c8:bd:73:ce:
+                    a1:6c:61:5a:70:88:0e:6f:07:85:f2:be:a6:f0:3c:
+                    49:5b:f4:bd:28:bb:0e:90:d6:00:1f:3f:5b:00:81:
+                    91:64:2e:e6:48:48:5a:e5:99:84:87:44:6f:b5:cc:
+                    f5:a6:ed:7a:d5:99:a4:33:41
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Subject Alternative Name: 
                 IP Address:127.0.0.1
-    Signature Algorithm: sha1WithRSAEncryption
-        99:ed:12:d1:1c:a1:a4:f6:88:30:23:40:69:af:14:ba:7b:e9:
-        24:ef:01:a9:6f:b0:77:78:91:49:f7:84:17:84:ca:63:e1:71:
-        8c:52:50:b7:20:06:fc:58:c9:20:d4:fa:78:89:5f:da:0b:2d:
-        88:c9:41:ed:a6:52:c6:f8:dc:c9:1a:11:c7:ab:0a:ae:80:e4:
-        7c:15:41:ac:64:63:3e:93:e5:ad:dc:de:e8:dc:d6:ca:0a:fd:
-        01:01:d7:4d:4a:dd:c6:93:7c:52:ad:61:18:09:8c:29:ae:6b:
-        42:d1:3a:98:d8:14:45:e4:d7:e1:b2:1e:12:92:99:65:6c:13:
-        03:46
+    Signature Algorithm: sha256WithRSAEncryption
+         28:af:b5:69:46:f0:db:43:d1:d1:df:74:6a:52:ef:40:a5:16:
+         e5:a5:6b:cf:e8:5d:1f:bb:40:2c:74:7f:e5:a4:a4:92:d3:08:
+         de:c4:8f:4d:ad:0f:db:93:89:5b:39:31:67:6c:f1:10:c9:0f:
+         8b:e8:8c:9b:80:fd:2f:b7:a0:87:d2:a8:e3:23:db:63:6c:66:
+         81:41:e7:84:dc:27:d0:7d:27:b5:57:5d:cb:d0:36:e6:91:ce:
+         e7:ce:0b:28:62:e4:f1:3b:ca:9a:46:ed:9d:50:77:d3:d9:c5:
+         83:88:23:b0:49:c3:13:36:82:4e:ca:0f:18:b1:06:38:37:5e:
+         ec:16
 -----BEGIN CERTIFICATE-----
-MIICDTCCAXYCAgDtMA0GCSqGSIb3DQEBBQUAMCgxJjAkBgNVBAMMHTEwMjQgcnNh
-IFRlc3QgaW50ZXJtZWRpYXRlIENBMB4XDTExMTIxMjIyNDc1M1oXDTIxMTIwOTIy
-NDc1M1owYDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNV
-BAcMDU1vdW50YWluIFZpZXcxEDAOBgNVBAoMB1Rlc3QgQ0ExEjAQBgNVBAMMCTEy
-Ny4wLjAuMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3lL5fE4p4zUkY3SD
-cFuQdXVTZct0oY64Wr8X0A2lc68TCJTkrcPTXL39sPcLl1W9e02HVNNrDz8cufw7
-ZSApThjwd/4Tu7MlMOQ+BPpJSkXQgKDeuhzJvsqDzJQY+RarPQ9DKLIs2c9DFxdI
-mo5velNGTqr/iXuoDuQEQbhFpU8CAwEAAaMTMBEwDwYDVR0RBAgwBocEfwAAATAN
-BgkqhkiG9w0BAQUFAAOBgQCZ7RLRHKGk9ogwI0BprxS6e+kk7wGpb7B3eJFJ94QX
-hMpj4XGMUlC3IAb8WMkg1Pp4iV/aCy2IyUHtplLG+NzJGhHHqwqugOR8FUGsZGM+
-k+Wt3N7o3NbKCv0BAddNSt3Gk3xSrWEYCYwprmtC0TqY2BRF5Nfhsh4SkpllbBMD
-Rg==
+MIICDDCCAXUCAQIwDQYJKoZIhvcNAQELBQAwKDEmMCQGA1UEAwwdMTAyNCByc2Eg
+VGVzdCBpbnRlcm1lZGlhdGUgQ0EwHhcNMTQwODE0MDI0NzIwWhcNMjQwODExMDI0
+NzIwWjBgMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UE
+BwwNTW91bnRhaW4gVmlldzEQMA4GA1UECgwHVGVzdCBDQTESMBAGA1UEAwwJMTI3
+LjAuMC4xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4R9a3YIhflLIXm+Uh
+dJdwsTL7I3OE9DLrJYcuM/QlCF3JHGvumLzdaYlB3zgTfO0W7vB6UTMjX67kXz4R
+VJ9o+TnHbhx2yL1zzqFsYVpwiA5vB4XyvqbwPElb9L0ouw6Q1gAfP1sAgZFkLuZI
+SFrlmYSHRG+1zPWm7XrVmaQzQQIDAQABoxMwETAPBgNVHREECDAGhwR/AAABMA0G
+CSqGSIb3DQEBCwUAA4GBACivtWlG8NtD0dHfdGpS70ClFuWla8/oXR+7QCx0f+Wk
+pJLTCN7Ej02tD9uTiVs5MWds8RDJD4vojJuA/S+3oIfSqOMj22NsZoFB54TcJ9B9
+J7VXXcvQNuaRzufOCyhi5PE7yppG7Z1Qd9PZxYOII7BJwxM2gk7KDxixBjg3XuwW
 -----END CERTIFICATE-----