Amateur Radio Certificate Authority V2.
|
|
Amateur Radio Certificate Authority V2. |
|
Running some kind software on the latest Microsoft Windows-7, 8 or 10 systems (64bit) will need a certificates for
code signing. Installing a driver on the system will need a signed driver package!
A developer will need a user certificate for the code signing, a user only need to install the ROOT certificate.
Buying a certificate by the developer, that can be used for code signing, will cost some money! Making a own ROOT certificate authority need some initial installation for every end user PC. This certificate authority will supply a Ham Radio Amateur (or a small company that is selling Radio Amateur devices) with a code signing certificate. The users of the software can be asked to install the ROOT certificate.
Running the Si570 controlled SoftRock40 SDR receivers (Tony KB9YIG) on a Windows-7, 8, 10 64bit system will need the installation of the singed USB driver that is signed by this ROOT certificate.
The SoftRock firmware can be controlled from the PC to set the requested RX (or TX) frequency (and other parameters).
The PC software is using the LibUSB-Win32 driver "libusb0.sys" to speak to the firmware.
The libusb0.sys driver is a kernel-mode driver, on a Window-7, 8, 10 64bit system kernel-mode drivers can only be installed if the
driver is signed by a certificate from Microsoft (or a derivative certificate). The LibUSB-Win32 open-source group did
managed to get the driver (.sys) signed, the driver can now be used without special tricks.
The SoftRock firmware driver package that is using the libusb0.sys (and libusb0.dll) driver (.cat/.inf) is also signed with
a other certificate to make a smooth installation of the package possible. The certificate used for that signing is signed by a ROOT
certificate from the (Amateur Radio Certificate Authority V2).
For user smooth installation install first the ROOT certificate and then install the USB device.
Installing the ROOT certificate will mean that you trust the software that is signed by that certificate or the derivative developer certificates!
Other Radio Amateurs (with a valid call sign) may request a certificate on there own that is signed with this ROOT certificate, please send a email for that to my call at gmail.com. The list of signed certificates (call's) will be published on this web-page.
Installing the ROOT certificate will show the MD5 and/or SHA1 fingerprint, check that with the code on this site for security reasons.
MD5 Fingerprint=B3:75:FF:2A:15:BE:DF:03:39:E5:97:6A:CD:60:5C:FE SHA1 Fingerprint=09:58:92:1F:5E:9D:75:C7:29:A0:1F:5E:90:07:07:C3:CD:D3:7F:94
To install the certificate in a easy way there is a program ARCA-Install-Root-Cert-V2.exe that can be downloaded by the user. Run the program and hit the "Install Cert" button. The program need Administrator privilege to install the certificate in the Microsoft Certificate store.
The certificate file can be downloaded by the user that want to examen it or install it by hand. It is available in some different file formats, the certificate is always the same.
The Amateur Radio Certificate Authority V2 .crt or the .pem file. To use the certificate revocation list the .crl file can be used (it is most of the time not needed).
To install the certificate on your system it must be installed as a Local Machine certificate, otherwise it will not work for installing devices.
Take the next steps to install the certificate as a Trusted Root certificate on Local Machine.
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
80:51:9a:b3:eb:5b:5f:45:d3:d3:a7:ab:d5:78:99:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Amateur Radio Root Certificaat V2, OU=ARCA, O=Amateur Radio PE0FKO, C=NL
Validity
Not Before: Feb 15 11:55:00 2019 GMT
Not After : Feb 15 11:55:00 2039 GMT
Subject: CN=Amateur Radio Root Certificaat V2, OU=ARCA, O=Amateur Radio PE0FKO, C=NL
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (4096 bit)
Modulus:
00:b0:c6:84:69:8d:1c:8a:63:3f:ef:7c:bb:91:50:
4c:8c:19:96:bf:7a:a7:d9:fc:15:e0:e0:86:97:2a:
cb:af:7a:93:a2:a5:99:e2:3e:0e:51:ca:a0:90:64:
bb:eb:cb:af:de:0b:78:b6:77:75:32:4e:f6:a0:86:
cf:c0:71:fa:a8:dc:05:f0:26:85:30:6b:c2:83:83:
61:33:dd:52:8d:11:9d:1c:18:0f:3d:7e:6b:83:be:
74:e0:72:7d:6f:4c:ae:2d:ec:42:36:35:ff:2b:a8:
09:78:4a:1e:99:16:f3:89:27:dd:d5:90:25:24:48:
39:a3:48:62:af:54:0e:1a:c4:22:a3:57:13:4d:90:
16:fc:7a:51:70:82:a0:b5:05:7b:90:53:40:0b:69:
79:d3:b0:7e:bf:6a:94:76:a6:2b:d3:57:17:6f:3a:
bf:87:a4:8e:0c:1d:f9:6a:2b:48:a8:d3:f6:df:ea:
58:2c:e6:57:a6:2b:1f:ac:b8:3b:a8:1d:b5:16:0f:
84:db:94:65:74:35:4b:06:bc:25:e7:a5:33:72:d1:
cb:ee:92:30:65:33:28:d5:19:c3:60:f8:8e:f2:0e:
8d:53:7d:46:1d:15:1e:30:2f:8e:82:50:1f:c0:72:
1a:92:76:e2:52:8b:56:3d:79:51:a5:3e:49:e6:06:
fc:8c:b0:3f:80:41:f3:91:16:99:53:c0:2a:d2:b8:
74:f6:18:c2:94:2e:f3:25:27:ee:85:02:a0:a9:89:
7f:67:49:46:33:d8:96:a7:89:06:c7:ff:76:d5:53:
ee:1f:eb:36:6b:cd:24:7c:4d:18:f9:de:fc:eb:e6:
e0:25:d7:77:a0:f4:65:5c:dc:8c:80:a3:6d:d7:98:
06:d2:78:9e:01:0d:eb:90:05:47:0f:52:eb:d1:18:
d2:89:37:65:0c:43:3b:cd:9f:0e:e9:ac:58:ba:47:
ca:2f:cb:48:03:1f:54:0d:2f:30:f2:e5:92:81:b6:
68:bf:77:a0:6d:57:99:34:78:54:ab:dd:82:c0:a4:
ee:06:34:84:a0:90:15:0a:bd:d7:18:cd:af:e2:b6:
74:5f:98:59:92:30:1c:a3:4a:66:a7:cc:b3:ab:2e:
83:f2:f2:1b:30:62:fc:08:a5:9d:6c:0a:a2:c8:46:
e5:64:3b:81:b0:28:73:71:b2:1e:53:97:90:28:aa:
53:b7:83:6f:72:db:5c:b8:8f:7d:f2:0e:44:b0:33:
22:7d:c2:60:3d:25:03:a1:91:6b:09:f8:64:9a:f6:
7f:52:77:71:d6:7f:6f:3f:e7:00:49:a8:b0:00:c0:
5c:7a:f1:19:cf:94:a7:d8:c4:11:4f:81:21:16:64:
ac:f5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:3
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Subject Key Identifier:
C2:82:C8:BF:27:F6:7C:CE:D3:72:EA:31:F6:1A:54:B9:0B:D6:71:45
X509v3 Subject Alternative Name:
email:[email protected]
X509v3 Authority Key Identifier:
keyid:C2:82:C8:BF:27:F6:7C:CE:D3:72:EA:31:F6:1A:54:B9:0B:D6:71:45
X509v3 Issuer Alternative Name:
email:[email protected]
Authority Information Access:
CA Issuers - URI:http://pe0fko.nl/arca/ARCA_V2.pem
X509v3 CRL Distribution Points:
Full Name:
URI:http://pe0fko.nl/arca/ARCA_V2.crl
Signature Algorithm: sha256WithRSAEncryption
04:69:8f:3f:18:6c:d9:f9:8a:ee:d2:f7:28:85:7c:c3:15:59:
cb:44:95:96:01:86:6d:66:c4:4d:f8:e5:55:70:ef:c8:e9:ae:
c2:3d:cf:15:71:31:26:38:68:cd:56:18:29:ae:34:ae:5a:06:
98:77:5a:f6:d8:25:a2:a8:da:12:d7:ff:c5:34:6d:00:99:5b:
b3:66:04:0d:91:36:d2:ef:d7:84:a0:4b:e8:79:a8:9a:94:91:
f2:f6:86:c9:c5:9d:9e:70:41:c3:2b:75:d6:4f:cd:2e:31:f3:
66:55:36:08:35:0e:74:a2:40:e2:93:21:9c:eb:8a:ff:d3:df:
e5:f8:f8:bb:bb:13:57:11:0e:51:8a:13:7a:45:84:3b:10:79:
f6:4b:e7:f1:9c:2c:2d:bd:03:3d:98:b4:df:64:af:eb:75:09:
b4:5b:35:32:82:7a:e7:2b:aa:dc:71:c4:ac:70:52:56:be:b7:
17:73:bf:25:94:57:7e:7d:b3:d2:f1:df:7f:37:c3:26:8b:79:
94:70:2b:70:58:d3:01:10:06:d2:32:77:12:c5:18:86:30:4a:
2b:5a:07:99:41:ba:ce:96:66:2c:fb:82:28:9a:a4:7d:9a:cf:
a6:6d:96:fb:23:41:e7:9f:7c:c9:16:e0:0b:b9:e7:ba:7c:00:
39:21:2f:c5:ce:d7:95:10:a1:d0:ad:69:9a:58:20:38:95:86:
8c:53:4a:b8:ae:8e:b7:16:9f:e9:b4:35:08:24:09:b4:08:4a:
92:56:46:84:47:d2:96:f3:cf:cb:a2:75:28:97:e0:03:81:36:
67:99:ad:60:3e:05:12:a0:f4:ff:3a:19:fe:9c:a0:e3:3e:e4:
f1:ec:88:cc:2d:ce:b1:e4:5a:f9:8e:f1:00:fa:42:11:c4:7f:
b0:76:85:5c:ee:33:6b:fb:8d:ee:71:fc:00:bf:f2:a7:3f:27:
3f:c9:42:02:d3:d2:67:00:73:06:9d:d1:1a:9b:d9:9f:32:8f:
63:11:2e:92:7b:5f:e4:61:99:b0:a9:37:77:d3:a1:d3:51:79:
26:72:bc:f7:cc:7e:a2:88:fe:dd:a6:68:08:31:ca:62:08:30:
84:c2:65:90:a3:40:4c:d0:38:65:03:d1:57:68:3a:b2:fa:ed:
ba:69:17:e1:4a:a8:65:86:13:19:75:76:e3:bc:8a:d8:bc:71:
95:b5:a6:ad:4e:04:5e:21:88:a2:d3:ba:0e:9d:38:00:e7:d9:
c1:6b:f3:54:37:d2:d0:43:e9:7e:d3:3a:11:a4:8d:4f:d6:3e:
ff:83:d1:52:fa:d4:a6:86:3e:b9:66:2b:f9:18:c6:96:35:f7:
e8:2d:c0:6b:82:0f:8a:35
-----BEGIN CERTIFICATE-----
MIIGcDCCBFigAwIBAgIRAIBRmrPrW19F09Onq9V4mVEwDQYJKoZIhvcNAQELBQAw
ZzEqMCgGA1UEAwwhQW1hdGV1ciBSYWRpbyBSb290IENlcnRpZmljYWF0IFYyMQ0w
CwYDVQQLDARBUkNBMR0wGwYDVQQKDBRBbWF0ZXVyIFJhZGlvIFBFMEZLTzELMAkG
A1UEBhMCTkwwHhcNMTkwMjE1MTE1NTAwWhcNMzkwMjE1MTE1NTAwWjBnMSowKAYD
VQQDDCFBbWF0ZXVyIFJhZGlvIFJvb3QgQ2VydGlmaWNhYXQgVjIxDTALBgNVBAsM
BEFSQ0ExHTAbBgNVBAoMFEFtYXRldXIgUmFkaW8gUEUwRktPMQswCQYDVQQGEwJO
TDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALDGhGmNHIpjP+98u5FQ
TIwZlr96p9n8FeDghpcqy696k6KlmeI+DlHKoJBku+vLr94LeLZ3dTJO9qCGz8Bx
+qjcBfAmhTBrwoODYTPdUo0RnRwYDz1+a4O+dOByfW9Mri3sQjY1/yuoCXhKHpkW
84kn3dWQJSRIOaNIYq9UDhrEIqNXE02QFvx6UXCCoLUFe5BTQAtpedOwfr9qlHam
K9NXF286v4ekjgwd+WorSKjT9t/qWCzmV6YrH6y4O6gdtRYPhNuUZXQ1Swa8Jeel
M3LRy+6SMGUzKNUZw2D4jvIOjVN9Rh0VHjAvjoJQH8ByGpJ24lKLVj15UaU+SeYG
/IywP4BB85EWmVPAKtK4dPYYwpQu8yUn7oUCoKmJf2dJRjPYlqeJBsf/dtVT7h/r
NmvNJHxNGPne/Ovm4CXXd6D0ZVzcjICjbdeYBtJ4ngEN65AFRw9S69EY0ok3ZQxD
O82fDumsWLpHyi/LSAMfVA0vMPLlkoG2aL93oG1XmTR4VKvdgsCk7gY0hKCQFQq9
1xjNr+K2dF+YWZIwHKNKZqfMs6sug/LyGzBi/AilnWwKoshG5WQ7gbAoc3GyHlOX
kCiqU7eDb3LbXLiPffIORLAzIn3CYD0lA6GRawn4ZJr2f1J3cdZ/bz/nAEmosADA
XHrxGc+Up9jEEU+BIRZkrPVjAgMBAAGjggEVMIIBETASBgNVHRMBAf8ECDAGAQH/
AgEDMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUwoLIvyf2fM7Tcuox9hpUuQvW
cUUwGwYDVR0RBBQwEoEQcGUwZmtvQGdtYWlsLmNvbTAfBgNVHSMEGDAWgBTCgsi/
J/Z8ztNy6jH2GlS5C9ZxRTAbBgNVHRIEFDASgRBwZTBma29AZ21haWwuY29tMD0G
CCsGAQUFBwEBBDEwLzAtBggrBgEFBQcwAoYhaHR0cDovL3BlMGZrby5ubC9hcmNh
L0FSQ0FfVjIucGVtMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9wZTBma28ubmwv
YXJjYS9BUkNBX1YyLmNybDANBgkqhkiG9w0BAQsFAAOCAgEABGmPPxhs2fmK7tL3
KIV8wxVZy0SVlgGGbWbETfjlVXDvyOmuwj3PFXExJjhozVYYKa40rloGmHda9tgl
oqjaEtf/xTRtAJlbs2YEDZE20u/XhKBL6HmompSR8vaGycWdnnBBwyt11k/NLjHz
ZlU2CDUOdKJA4pMhnOuK/9Pf5fj4u7sTVxEOUYoTekWEOxB59kvn8ZwsLb0DPZi0
32Sv63UJtFs1MoJ65yuq3HHErHBSVr63F3O/JZRXfn2z0vHffzfDJot5lHArcFjT
ARAG0jJ3EsUYhjBKK1oHmUG6zpZmLPuCKJqkfZrPpm2W+yNB5598yRbgC7nnunwA
OSEvxc7XlRCh0K1pmlggOJWGjFNKuK6Otxaf6bQ1CCQJtAhKklZGhEfSlvPPy6J1
KJfgA4E2Z5mtYD4FEqD0/zoZ/pyg4z7k8eyIzC3OseRa+Y7xAPpCEcR/sHaFXO4z
a/uN7nH8AL/ypz8nP8lCAtPSZwBzBp3RGpvZnzKPYxEukntf5GGZsKk3d9Oh01F5
JnK898x+ooj+3aZoCDHKYggwhMJlkKNATNA4ZQPRV2g6svrtumkX4UqoZYYTGXV2
47yK2LxxlbWmrU4EXiGIotO6Dp04AOfZwWvzVDfS0EPpftM6EaSNT9Y+/4PRUvrU
poY+uWYr+RjGljX36C3Aa4IPijU=
-----END CERTIFICATE-----
|
File last modified on Friday, 29-Nov-2019 15:31:54 CET My BitCoin address: 1MqQWXdaBAmYFNqXnQLd5cxG6KkvLj9LPK |
|
|