应对制裁 俄罗斯搞了个新东西
The following article is from 蓝点网 Author 山外的鸭子哥
点击关注公众号,一周多次包邮送书
SSL/TLS 数字证书目前已经被绝大多数网站使用,部署数字证书后可以在用户到服务器间加密数据避免中间人劫持等。现在想要获取免费的数字证书是非常容易的事情,谋智基金会旗下提供免费数字证书并且可以自动验证签发。也有其他中级 CA (证书颁发机构) 提供免费数字证书,不过对企业和政府机构来说更多的还是使用付费的数字证书。
而最近俄罗斯被制裁后无法使用国际金融系统,这导致俄罗斯政府机构和企业证书到期后无法正常续费续期,如果证书过期后不及时续期或更换的话意味着用户访问时会被浏览器直接拦截,这会造成严重的影响。
▲如需下载测试此证书请看文末自己新建下
推出自签名的 TLS 证书颁发机构:
本质上是自签名证书不被浏览器信任:
但Yandex浏览器可以直接信任:
以下为该自签名证书:
#如需测试请复制以下完整内容新建记事本粘贴保存,然后将txt改成cer即可
-----BEGIN CERTIFICATE-----
MIIFwjCCA6qgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwcDELMAkGA1UEBhMCUlUx
PzA9BgNVBAoMNlRoZSBNaW5pc3RyeSBvZiBEaWdpdGFsIERldmVsb3BtZW50IGFu
ZCBDb21tdW5pY2F0aW9uczEgMB4GA1UEAwwXUnVzc2lhbiBUcnVzdGVkIFJvb3Qg
Q0EwHhcNMjIwMzAxMjEwNDE1WhcNMzIwMjI3MjEwNDE1WjBwMQswCQYDVQQGEwJS
VTE/MD0GA1UECgw2VGhlIE1pbmlzdHJ5IG9mIERpZ2l0YWwgRGV2ZWxvcG1lbnQg
YW5kIENvbW11bmljYXRpb25zMSAwHgYDVQQDDBdSdXNzaWFuIFRydXN0ZWQgUm9v
dCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMfFOZ8pUAL3+r2n
qqE0Zp52selXsKGFYoG0GM5bwz1bSFtCt+AZQMhkWQheI3poZAToYJu69pHLKS6Q
XBiwBC1cvzYmUYKMYZC7jE5YhEU2bSL0mX7NaMxMDmH2/NwuOVRj8OImVa5s1F4U
zn4Kv3PFlDBjjSjXKVY9kmjUBsXQrIHeaqmUIsPIlNWUnimXS0I0abExqkbdrXbX
YwCOXhOO2pDUx3ckmJlCMUGacUTnylyQW2VsJIyIGA8V0xzdaeUXg0VZ6ZmNUr5Y
Ber/EAOLPb8NYpsAhJe2mXjMB/J9HNsoFMBFJ0lLOT/+dQvjbdRZoOT8eqJpWnVD
U+QL/qEZnz57N88OWM3rabJkRNdU/Z7x5SFIM9FrqtN8xewsiBWBI0K6XFuOBOTD
4V08o4TzJ8+Ccq5XlCUW2L48pZNCYuBDfBh7FxkB7qDgGDiaftEkZZfApRg2E+M9
G8wkNKTPLDc4wH0FDTijhgxR3Y4PiS1HL2Zhw7bD3CbslmEGgfnnZojNkJtcLeBH
BLa52/dSwNU4WWLubaYSiAmA9IUMX1/RpfpxOxd4Ykmhz97oFbUaDJFipIggx5sX
ePAlkTdWnv+RWBxlJwMQ25oEHmRguNYf4Zr/Rxr9cS93Y+mdXIZaBEE0KS2iLRqa
OiWBki9IMQU4phqPOBAaG7A+eP8PAgMBAAGjZjBkMB0GA1UdDgQWBBTh0YHlzlpf
BKrS6badZrHF+qwshzAfBgNVHSMEGDAWgBTh0YHlzlpfBKrS6badZrHF+qwshzAS
BgNVHRMBAf8ECDAGAQH/AgEEMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsF
AAOCAgEAALIY1wkilt/urfEVM5vKzr6utOeDWCUczmWX/RX4ljpRdgF+5fAIS4vH
tmXkqpSCOVeWUrJV9QvZn6L227ZwuE15cWi8DCDal3Ue90WgAJJZMfTshN4OI8cq
W9E4EG9wglbEtMnObHlms8F3CHmrw3k6KmUkWGoa+/ENmcVl68u/cMRl1JbW2bM+
/3A+SAg2c6iPDlehczKx2oa95QW0SkPPWGuNA/CE8CpyANIhu9XFrj3RQ3EqeRcS
AQQod1RNuHpfETLU/A2gMmvn/w/sx7TB3W5BPs6rprOA37tutPq9u6FTZOcG1Oqj
C/B7yTqgI7rbyvox7DEXoX7rIiEqyNNUguTk/u3SZ4VXE2kmxdmSh3TQvybfbnXV
4JbCZVaqiZraqc7oZMnRoWrXRG3ztbnbes/9qhRGI7PqXqeKJBztxRTEVj8ONs1d
WN5szTwaPIvhkhO3CO5ErU2rVdUr89wKpNXbBODFKRtgxUT70YpmJ46VVaqdAhOZ
D9EUUn4YaeLaS8AjSF/h7UkjOibNc4qVDiPP+rkehFWM66PVnP1Msh93tc+taIfC
EYVMxjh8zNbFuoc7fzvvrFILLe7ifvEIUqSVIC/AzplM/Jxw7buXFeGP1qVCBEHq
391d/9RAfaZ12zkwFsl+IKwE/OZxW8AHa9i1p4GO0YSNuczzEm4=
-----END CERTIFICATE-----
SIG签名信息:
#复制以下内容【删除换行】后到txt里粘贴,将txt改成sig
MIAGCSqGSIb3DQEHAqCAMIACAQExDDAKBggqhQMHAQECAjCABgkqhkiG9w0B
BwEAAKCCB7gwgge0MIIHYaADAgECAgsAybP3lAAAAAAFhjAKBggqhQMHAQED
AjCCASQxHjAcBgkqhkiG9w0BCQEWD2RpdEBtaW5zdnlhei5ydTELMAkGA1UE
BhMCUlUxGDAWBgNVBAgMDzc3INCc0L7RgdC60LLQsDEZMBcGA1UEBwwQ0LMuI
NCc0L7RgdC60LLQsDEuMCwGA1UECQwl0YPQu9C40YbQsCDQotCy0LXRgNGB0
LrQsNGPLCDQtNC+0LwgNzEsMCoGA1UECgwj0JzQuNC90LrQvtC80YHQstGP0L
fRjCDQoNC+0YHRgdC40LgxGDAWBgUqhQNkARINMTA0NzcwMjAyNjcwMTEaMB
gGCCqFAwOBAwEBEgwwMDc3MTA0NzQzNzUxLDAqBgNVBAMMI9Cc0LjQvdC60L
7QvNGB0LLRj9C30Ywg0KDQvtGB0YHQuNC4MB4XDTIxMDUxOTA4MDc1OFoXDT
IyMDgxNzA4MDc1OFowggF4MRowGAYIKoUDA4EDAQESDDAwNzcxMDQ3NDM3NT
EYMBYGBSqFA2QBEg0xMDQ3NzAyMDI2NzAxMUIwQAYJKoZIhvcNAQkCDDPQn9
C+0LTRgdC40YHRgtC10LzQsCDCq9Cg0LXQtdGB0YLRgNGLwrsg0JjQoSDQk9
Cj0KYxLjAsBgkqhkiG9w0BCQEWH2Eua29yemhlbmV2c2theWFAZGlnaXRhbC
5nb3YucnUxOjA4BgNVBAkMMdCf0YDQtdGB0L3QtdC90YHQutCw0Y8g0L3QsN
CxLiwg0LQuIDEwLCDRgdGC0YAuIDIxGTAXBgNVBAcMENCzLiDQnNC+0YHQut
Cy0LAxGDAWBgNVBAgMDzc3INCc0L7RgdC60LLQsDEmMCQGA1UECgwd0JzQuN
C90YbQuNGE0YDRiyDQoNC+0YHRgdC40LgxCzAJBgNVBAYTAlJVMSYwJAYDVQ
QDDB3QnNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuDBmMB8GCCqFAwcBAQ
EBMBMGByqFAwICJAAGCCqFAwcBAQICA0MABECPKzaqApZOrOkwaZWzx4xo/C
sPpTbMMlJuUm2wIrJxpyZPGAdGO7krlWVfWnxPIl+POqsLM1Fq57nK30CAhU
dzo4IEEzCCBA8wFQYDVR0lBA4wDAYKKwYBBAGCNwoDDDAOBgNVHQ8BAf8EBA
MCBPAwXQYFKoUDZG8EVAxS0KHQmtCX0JggwqvQmtGA0LjQv9GC0L7Qn9GA0L
4gQ1NQwrsg0LLQtdGA0YHQuNGPIDQuMCAo0LjRgdC/0L7Qu9C90LXQvdC40L
UgMy1CYXNlKTAnBgNVHSAEIDAeMAgGBiqFA2RxATAIBgYqhQNkcQIwCAYGKo
UDZHEDMB0GA1UdDgQWBBTvvmSAWPkPuWdrcO5mYdM5ixAd/DCCAWUGA1UdIw
SCAVwwggFYgBTCVPG0a9RMt+BtNrQjkPH+wzybBqGCASykggEoMIIBJDEeMB
wGCSqGSIb3DQEJARYPZGl0QG1pbnN2eWF6LnJ1MQswCQYDVQQGEwJSVTEYMB
YGA1UECAwPNzcg0JzQvtGB0LrQstCwMRkwFwYDVQQHDBDQsy4g0JzQvtGB0L
rQstCwMS4wLAYDVQQJDCXRg9C70LjRhtCwINCi0LLQtdGA0YHQutCw0Y8sIN
C00L7QvCA3MSwwKgYDVQQKDCPQnNC40L3QutC+0LzRgdCy0Y/Qt9GMINCg0L
7RgdGB0LjQuDEYMBYGBSqFA2QBEg0xMDQ3NzAyMDI2NzAxMRowGAYIKoUDA4E
DAQESDDAwNzcxMDQ3NDM3NTEsMCoGA1UEAwwj0JzQuNC90LrQvtC80YHQstG
P0LfRjCDQoNC+0YHRgdC40LiCEE5tR4sm8n1lf3aOAlzj05MwgZgGA1UdHwSB
kDCBjTAtoCugKYYnaHR0cDovL3JlZXN0ci1wa2kucnUvY2RwL2d1Y19nb3N0
MTIuY3JsMC2gK6AphidodHRwOi8vY29tcGFueS5ydC5ydS9jZHAvZ3VjX2dv
c3QxMi5jcmwwLaAroCmGJ2h0dHA6Ly9yb3N0ZWxlY29tLnJ1L2NkcC9ndWNf
Z29zdDEyLmNybDBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ2h0dHA6
Ly9yZWVzdHItcGtpLnJ1L2NkcC9ndWNfZ29zdDEyLmNydDCB9QYFKoUDZHAE
geswgegMNNCf0JDQmtCcIMKr0JrRgNC40L/RgtC+0J/RgNC+IEhTTcK7INCy
0LXRgNGB0LjQuCAyLjAMQ9Cf0JDQmiDCq9CT0L7Qu9C+0LLQvdC+0Lkg0YPQ
tNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDRhtC10L3RgtGAwrsMNdCX0LDQ
utC70Y7Rh9C10L3QuNC1IOKEliAxNDkvMy8yLzIvMjMg0L7RgiAwMi4wMy4y
MDE4DDTQl9Cw0LrQu9GO0YfQtdC90LjQtSDihJYgMTQ5LzcvNi8xMDUg0L7R
giAyNy4wNi4yMDE4MAoGCCqFAwcBAQMCA0EAiq8EGuoH/RZ2NPQoW+ZP6tuf
lm4TMrsyT5QMYjVmOJdAXU7HiEqPSLSwH4eEYL6qkdHF8kmQYp2Kwesl86Dc
WjGCA5cwggOTAgEBMIIBNTCCASQxHjAcBgkqhkiG9w0BCQEWD2RpdEBtaW5z
dnlhei5ydTELMAkGA1UEBhMCUlUxGDAWBgNVBAgMDzc3INCc0L7RgdC60LLQ
sDEZMBcGA1UEBwwQ0LMuINCc0L7RgdC60LLQsDEuMCwGA1UECQwl0YPQu9C4
0YbQsCDQotCy0LXRgNGB0LrQsNGPLCDQtNC+0LwgNzEsMCoGA1UECgwj0JzQ
uNC90LrQvtC80YHQstGP0LfRjCDQoNC+0YHRgdC40LgxGDAWBgUqhQNkARINM
TA0NzcwMjAyNjcwMTEaMBgGCCqFAwOBAwEBEgwwMDc3MTA0NzQzNzUxLDAqB
gNVBAMMI9Cc0LjQvdC60L7QvNGB0LLRj9C30Ywg0KDQvtGB0YHQuNC4AgsAy
bP3lAAAAAAFhjAKBggqhQMHAQECAqCCAfkwGAYJKoZIhvcNAQkDMQsGCSqGS
Ib3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjIwMzAyMDgxNDE0WjAvBgkqhkiG9
w0BCQQxIgQgzb9RJkaBTAfbMRIMlNXto6nKufJY5FtfqzLnfcuZ+hMwggGMB
gsqhkiG9w0BCRACLzGCAXswggF3MIIBczCCAW8wCgYIKoUDBwEBAgIEIIF2i
jeXhxSihco1wb5EBZoP1DAnHrpQuB9P656woqXfMIIBPTCCASykggEoMIIBJ
DEeMBwGCSqGSIb3DQEJARYPZGl0QG1pbnN2eWF6LnJ1MQswCQYDVQQGEwJSV
TEYMBYGA1UECAwPNzcg0JzQvtGB0LrQstCwMRkwFwYDVQQHDBDQsy4g0JzQv
tGB0LrQstCwMS4wLAYDVQQJDCXRg9C70LjRhtCwINCi0LLQtdGA0YHQutCw0
Y8sINC00L7QvCA3MSwwKgYDVQQKDCPQnNC40L3QutC+0LzRgdCy0Y/Qt9GMI
NCg0L7RgdGB0LjQuDEYMBYGBSqFA2QBEg0xMDQ3NzAyMDI2NzAxMRowGAYIK
oUDA4EDAQESDDAwNzcxMDQ3NDM3NTEsMCoGA1UEAwwj0JzQuNC90LrQvtC80
YHQstGP0LfRjCDQoNC+0YHRgdC40LgCCwDJs/eUAAAAAAWGMAoGCCqFAwcBA
QEBBEA0eWBz4JnqO6umBiTQK/tkJgTeV0nKAp2SQlJVOlSPwBDx1H5fUZOTQ
DP0/4OtMakDCKhUHd5KS9DNhZErA0UmAAAAAAAA
以下为其他信息:
颁发给:Russian Trusted Root CA
颁发者:Russian Trusted Root CA
有效期:2022年3月2日 5:04:15 到 2032年2月28日 5:04:15
使用者:RU The Ministry of Digital Development and Communications Russian Trusted Root CA
指纹:8ff915ccab7bc16f8c5c8099d53e0e115b3aec2f
推荐阅读
• 3亿人养老靠机器人?这家公司要在2030年实现,有谱• 绝了,火绒最大的痛点,终于解决了!• 如果美国封了DNS,俄罗斯将从网络消失?(文末送书)• 地位稳固,Python仍是全球最流行语言?• 为游戏而生,360出品,必属“精品”......(文末送书)• 万一 Github不让用了,Gitee同步指南请收好• 警惕!英伟达代码签名证书泄露 黑客用来伪造驱动程序
👇更多内容请点击👇