Paul van Brouwershaven vanbroup

## pem-to-p7b.go
package main

import (
	"crypto/x509"
	"encoding/pem"
	"fmt"
	"log"

	"go.mozilla.org/pkcs7"
)

## ca-hierarchy-ocsp-test.go
// certutil -urlcache * delete
// certutil -verify -user -urlfetch "Server Certificate.cer"
package main

import (
	"crypto"
	"crypto/rand"
	"crypto/rsa"
	"crypto/tls"
	"crypto/x509"

## ocsp-request-get-to-post.sh
echo MFIwUKADAgEAMEkwRzBFMAkGBSsOAwIaBQAEFNHxtXb57sDBD3r8fDEkqcNiXXxhBBTqTnzUgC3lFYGGJoyCbcCYpM+XDwIMPVGgldv/1vnVuWtZ | base64 --decode > ocsp.req

# Print OCSP request
openssl ocsp -text -reqin ocsp.req

# Make OCSP request
curl -v -o ocsp.resp --data-binary @ocsp.req -H "Content-Type: application/ocsp-request" --url http://ocsp.example.com/ca1 --header "Host: ocsp.example.com"

# Print OCSP response
openssl ocsp -noverify -text -respin ocsp.resp

## ocsp-request-serial.sh
# Make an OCSP request with CURL using the issuer certificate and serial number
openssl ocsp -noverify -no_nonce -respout ocsp.resp -reqout ocsp.req -issuer issuer.pem -serial "0x11219f92c6b10baba606ac6c7eb0474898f6"  -text -url http://ocsp.example.com -header 'Host=ocsp.example.com'

# Replay the OCSP request via CURL showing request and response headers for debugggin
curl -v -o curl.resp --data-binary @ocsp.req -H "Content-Type: application/ocsp-request" --url http://ocsp.example.com/ca1 --header "Host=ocsp.example.com"

## ocsp-request-script.sh
#!/bin/bash

if [ "$#" -ne 1 ]; then
    echo
    echo "No hostname given to obtain certificate status"
    echo "\tuse: $0 www.example.com"
    echo
    exit 1
fi

## create-cache-config-crl.sh
# make sure that this script runs with the time zone GMT
export TZ=GMT

config="crl-cache-headers.conf"

# swap the root directy every reload to make sure that
# the config alines with the files actually served
curdir=`cat lastroot.txt`
newdir=`expr $curdir + 1`
olddir=`expr $curdir - 1`

## OrderByDNS.php
<?php
/*
 * Just a quick and dirty API example for DNS verification
 */
error_reporting(E_ALL);

/*
 * Create a Private key
 */
$dn = array(
	package main

	import (
	"crypto/x509"
	"encoding/pem"
	"fmt"
	"log"

	"go.mozilla.org/pkcs7"
	)
	// certutil -urlcache * delete
	// certutil -verify -user -urlfetch "Server Certificate.cer"
	package main

	import (
	"crypto"
	"crypto/rand"
	"crypto/rsa"
	"crypto/tls"
	"crypto/x509"
	echo MFIwUKADAgEAMEkwRzBFMAkGBSsOAwIaBQAEFNHxtXb57sDBD3r8fDEkqcNiXXxhBBTqTnzUgC3lFYGGJoyCbcCYpM+XDwIMPVGgldv/1vnVuWtZ \| base64 --decode > ocsp.req

	# Print OCSP request
	openssl ocsp -text -reqin ocsp.req

	# Make OCSP request
	curl -v -o ocsp.resp --data-binary @ocsp.req -H "Content-Type: application/ocsp-request" --url http://ocsp.example.com/ca1 --header "Host: ocsp.example.com"

	# Print OCSP response
	openssl ocsp -noverify -text -respin ocsp.resp
	# Make an OCSP request with CURL using the issuer certificate and serial number
	openssl ocsp -noverify -no_nonce -respout ocsp.resp -reqout ocsp.req -issuer issuer.pem -serial "0x11219f92c6b10baba606ac6c7eb0474898f6" -text -url http://ocsp.example.com -header 'Host=ocsp.example.com'

	# Replay the OCSP request via CURL showing request and response headers for debugggin
	curl -v -o curl.resp --data-binary @ocsp.req -H "Content-Type: application/ocsp-request" --url http://ocsp.example.com/ca1 --header "Host=ocsp.example.com"
	#!/bin/bash

	if [ "$#" -ne 1 ]; then
	echo
	echo "No hostname given to obtain certificate status"
	echo "\tuse: $0 www.example.com"
	echo
	exit 1
	fi
	# make sure that this script runs with the time zone GMT
	export TZ=GMT

	config="crl-cache-headers.conf"

	# swap the root directy every reload to make sure that
	# the config alines with the files actually served
	curdir=`cat lastroot.txt`
	newdir=`expr $curdir + 1`
	olddir=`expr $curdir - 1`
	<?php
	/*
	* Just a quick and dirty API example for DNS verification
	*/
	error_reporting(E_ALL);

	/*
	* Create a Private key
	*/
	$dn = array(