From a15cb4f4b08a7eb0773b82774b2c324a8dba5186 Mon Sep 17 00:00:00 2001
From: Vivien Kraus <vivien@planete-kraus.eu>
Date: Sat, 16 Oct 2021 17:38:47 +0200
Subject: Add the CA

---
 vkraus/packages/certs.scm | 95 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 95 insertions(+)
 create mode 100644 vkraus/packages/certs.scm

diff --git a/vkraus/packages/certs.scm b/vkraus/packages/certs.scm
new file mode 100644
index 0000000..10f9269
--- /dev/null
+++ b/vkraus/packages/certs.scm
@@ -0,0 +1,95 @@
+(define-module (vkraus packages certs)
+  #:use-module (guix packages)
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (guix packages)
+  #:use-module (guix build-system trivial)
+  #:export (pk-certificates))
+
+(define pk-certificates
+  (package
+    (name "pk-certificates")
+    (version "0")
+    (build-system trivial-build-system)
+    (source #f)
+    (arguments
+     `(#:builder
+       (let ((out (assoc-ref %outputs "out")))
+         (mkdir out)
+         (mkdir (string-append out "/etc"))
+         (mkdir (string-append out "/etc/ssl"))
+         (mkdir (string-append out "/etc/ssl/certs"))
+         (call-with-output-file (format #f "~a/etc/ssl/certs/planete-kraus.pem" out)
+           (lambda (port)
+             (display "\
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 24 (0x18)
+        Signature Algorithm: ED25519
+        Issuer: C=FR, ST=Corr\\xC3\\x83\\xC2\\xA8ze (19), O=Plan\\xC3\\x83\\xC2\\xA8te Kraus, CN=Plan\\xC3\\x83\\xC2\\xA8te Kraus Root CA/emailAddress=abuse@planete-kraus.eu
+        Validity
+            Not Before: Oct 16 13:31:34 2021 GMT
+            Not After : Oct 16 13:31:34 2022 GMT
+        Subject: C=FR, ST=Corr\\xC3\\x83\\xC2\\xA8ze (19), O=Plan\\xC3\\x83\\xC2\\xA8te Kraus, CN=Plan\\xC3\\x83\\xC2\\xA8te Kraus Root CA/emailAddress=abuse@planete-kraus.eu
+        Subject Public Key Info:
+            Public Key Algorithm: ED25519
+                ED25519 Public-Key:
+                pub:
+                    6b:af:80:67:d4:3a:50:c5:5c:52:2c:2b:76:3f:05:
+                    dc:ab:f5:39:fd:ba:3a:ac:8b:22:d9:29:e4:ea:17:
+                    9a:30
+        X509v3 extensions:
+            X509v3 Subject Key Identifier:
+                C8:D0:01:B4:BA:E2:4A:5F:B2:6C:69:75:58:24:4C:F7:8E:0C:05:F2
+            X509v3 Authority Key Identifier:
+                keyid:C8:D0:01:B4:BA:E2:4A:5F:B2:6C:69:75:58:24:4C:F7:8E:0C:05:F2
+
+            X509v3 Subject Alternative Name:
+                email:abuse@planete-kraus.eu, DNS:planete-kraus.eu
+            X509v3 Issuer Alternative Name:
+                email:abuse@planete-kraus.eu, DNS:planete-kraus.eu
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Key Usage:
+                Certificate Sign, CRL Sign
+            Netscape Cert Type:
+                SSL CA, S/MIME CA, Object Signing CA
+            X509v3 Name Constraints:
+                Permitted:
+                  IP:89.234.140.182/255.255.255.255
+                  IP:2A00:5881:4008:2800:0:0:0:0/FFFF:FFFF:FFFF:FF00:0:0:0:0
+                  email:planete-kraus.eu
+                  DNS:planete-kraus.eu
+
+    Signature Algorithm: ED25519
+         23:b8:04:7f:23:96:1c:7b:64:ee:1e:5e:b8:1d:60:ea:c2:4f:
+         25:23:c7:90:ce:a1:aa:9c:c8:7f:a5:c4:5e:ed:bc:39:f4:0e:
+         1f:43:b7:60:ce:63:2b:97:cc:6e:bb:0f:d1:3c:86:ae:fb:17:
+         0b:35:50:27:30:c5:bd:ff:d3:04
+-----BEGIN CERTIFICATE-----
+MIIDDzCCAsGgAwIBAgIBGDAFBgMrZXAwgYwxCzAJBgNVBAYTAkZSMRgwFgYDVQQI
+DA9Db3Jyw4PCqHplICgxOSkxGTAXBgNVBAoMEFBsYW7Dg8KodGUgS3JhdXMxITAf
+BgNVBAMMGFBsYW7Dg8KodGUgS3JhdXMgUm9vdCBDQTElMCMGCSqGSIb3DQEJARYW
+YWJ1c2VAcGxhbmV0ZS1rcmF1cy5ldTAeFw0yMTEwMTYxMzMxMzRaFw0yMjEwMTYx
+MzMxMzRaMIGMMQswCQYDVQQGEwJGUjEYMBYGA1UECAwPQ29ycsODwqh6ZSAoMTkp
+MRkwFwYDVQQKDBBQbGFuw4PCqHRlIEtyYXVzMSEwHwYDVQQDDBhQbGFuw4PCqHRl
+IEtyYXVzIFJvb3QgQ0ExJTAjBgkqhkiG9w0BCQEWFmFidXNlQHBsYW5ldGUta3Jh
+dXMuZXUwKjAFBgMrZXADIQBrr4Bn1DpQxVxSLCt2PwXcq/U5/bo6rIsi2Snk6hea
+MKOCAUQwggFAMB0GA1UdDgQWBBTI0AG0uuJKX7JsaXVYJEz3jgwF8jAfBgNVHSME
+GDAWgBTI0AG0uuJKX7JsaXVYJEz3jgwF8jAzBgNVHREELDAqgRZhYnVzZUBwbGFu
+ZXRlLWtyYXVzLmV1ghBwbGFuZXRlLWtyYXVzLmV1MDMGA1UdEgQsMCqBFmFidXNl
+QHBsYW5ldGUta3JhdXMuZXWCEHBsYW5ldGUta3JhdXMuZXUwDwYDVR0TAQH/BAUw
+AwEB/zALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMGMGA1UdHgRcMFqg
+WDAKhwhZ6oy2/////zAihyAqAFiBQAgoAAAAAAAAAAAA/////////wAAAAAAAAAA
+ADASgRBwbGFuZXRlLWtyYXVzLmV1MBKCEHBsYW5ldGUta3JhdXMuZXUwBQYDK2Vw
+A0EAI7gEfyOWHHtk7h5euB1g6sJPJSPHkM6hqpzIf6XEXu28OfQOH0O3YM5jK5fM
+brsP0TyGrvsXCzVQJzDFvf/TBA==
+-----END CERTIFICATE-----
+"
+                      port))))))
+    (synopsis "Certificate authority for planete-kraus.eu")
+    (description
+     "This package provides the current certificate authority used by
+the planete-kraus.eu website.")
+    (home-page "https://planete-kraus.eu")
+    (license license:gpl3+)))
-- 
cgit v1.2.3