From 4ab847ab18a88f35b928933779be9a58f84a319e Mon Sep 17 00:00:00 2001
From: Christopher Thompson <cthomp@chromium.org>
Date: Mon, 16 Dec 2019 11:32:44 -0800
Subject: [PATCH 1/2] Add cert chains for blocked/known interceptions tests

---
 .../chain/subdomain-blocked-interception.pem  | 66 +++++++++++++++++++
 .../chain/subdomain-known-interception.pem    | 66 +++++++++++++++++++
 2 files changed, 132 insertions(+)
 create mode 100644 certs/sets/prod/pregen/chain/subdomain-blocked-interception.pem
 create mode 100644 certs/sets/prod/pregen/chain/subdomain-known-interception.pem

diff --git a/certs/sets/prod/pregen/chain/subdomain-blocked-interception.pem b/certs/sets/prod/pregen/chain/subdomain-blocked-interception.pem
new file mode 100644
index 00000000..02d7c877
--- /dev/null
+++ b/certs/sets/prod/pregen/chain/subdomain-blocked-interception.pem
@@ -0,0 +1,66 @@
+-----BEGIN CERTIFICATE-----
+MIIG6DCCBdCgAwIBAgIQAy+cTvRNHskAQmd+2dTfgzANBgkqhkiG9w0BAQsFADBN
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
+aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTkxMjE2MDAwMDAwWhcN
+MjExMjIwMTIwMDAwWjCBgTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju
+aWExFTATBgNVBAcTDFdhbG51dCBDcmVlazEcMBoGA1UEChMTTHVjYXMgR2Fycm9u
+IFRvcnJlczEoMCYGA1UEAxMfYmxvY2tlZC1pbnRlcmNlcHRpb24uYmFkc3NsLmNv
+bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJzEsaaYCncPuak2BJlo
+3A6xXX7vXb/Edem/FtfKBwIQ/jqA8SZCbcLKnedbLnfQO7GlzrSEak/wokqZl/6w
+wl3UDyY66k7W9ZvJh6r8sf+D/TPOW1vVCpToZySjt4aZ3WmSEF9nXAGx0p8Qv3wj
+peG9NJld9Y+LsCK5i+UDuTDUkf8rbBOcACImqCcwf3XEy4UEMTloyXI3cWK32/Vl
+oVU3LpTm5MIuAZCSMtYHXADqG71bYj0yOd4qaDk5tLWzFOkCAG67vWqsDjUr4z6L
+g1FRWWPwv+LzzAAkiCh3j8Zh8ITGIM9oD93mvJwEbf76Utd/HpbC4PhCf/9oK9rz
+W8UCAwEAAaOCA40wggOJMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtni
+MB0GA1UdDgQWBBSpBSJB7fmY8efvJ+EqL8AbHcCu1DBPBgNVHREESDBGgh9ibG9j
+a2VkLWludGVyY2VwdGlvbi5iYWRzc2wuY29tgiN3d3cuYmxvY2tlZC1pbnRlcmNl
+cHRpb24uYmFkc3NsLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRp
+Z2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5k
+aWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG
+/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT
+MAgGBmeBDAECAzB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9v
+Y3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGln
+aWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMB
+Af8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgCkuQmQtBhYFIe7E6LM
+Z3AKPDWYBPkb37jjd80OyA3cEAAAAW8QLk1kAAAEAwBHMEUCIG7cDPHsJlc/uPsh
+ngy6WDmdCVdI3ry0ZWNtAgl4ZPkbAiEAhh4/bgG4J09FBGitBErkyy9o7gBYq/9p
+RfmTAz7tXY0AdgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaBqAAAAW8Q
+Lk0QAAAEAwBHMEUCIQDFKr9PUlkrIWhptiyWsp5Idqa9AZXBGqeY9n6nu50nkQIg
+Rp6oHiJmCKJKsoij5ImgivPgEDVbKj/srZmIhoxd9+oAdgC72d+8H4pxtZOUI5eq
+kntHOFeVCqtS6BqQlmQ2jh7RhQAAAW8QLk1mAAAEAwBHMEUCIQCVECgh0zKtjkE5
+0tXbybinDaoWzPI3Xfw2GpPOcnN3hAIgD0mWrPC0lY0khLpr3dMeZkGnw5R01hDj
+7vqnvZhKYr4wDQYJKoZIhvcNAQELBQADggEBAD10GOoNB2RT3pTqDfqeh43WMjig
+wr4JlhxlMniFbqrKX+rtglEAWCqjX/S6wds9fxn7fqW10U+2Ojak99noSVnI1evU
+yY3YjyrRtRbKOhHE1dqKOHb7VzSmCa5IO8Q9XWLsOlROWdIRGRiIkVpss2t2jO2w
+YcPPg5D3qo2IzpD1FjXdUf9vH9QJt1d0MFS9YaHrvM1n1TzC5Uwm7gjB3h4SEmTs
+2SzWSQEx+LJMSMz5fT5JW7KHXcEJr2Ab7R9tTO6x7KI3nFdy1l6Lq9Q5BaHWtAuj
+nDzPHu1MUdd/sT4VyPhbUSmpFpnREuWhN4ZzRuS5tttIC3WkUdD3pO7lSrE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg
+U2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+ANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83
+nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd
+KpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f
+/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX
+kujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0
+/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY
+aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6
+Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1
+oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD
+QS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v
+d3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh
+xtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB
+CwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl
+5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA
+8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC
+2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit
+c+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0
+j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz
+-----END CERTIFICATE-----
diff --git a/certs/sets/prod/pregen/chain/subdomain-known-interception.pem b/certs/sets/prod/pregen/chain/subdomain-known-interception.pem
new file mode 100644
index 00000000..171eef70
--- /dev/null
+++ b/certs/sets/prod/pregen/chain/subdomain-known-interception.pem
@@ -0,0 +1,66 @@
+-----BEGIN CERTIFICATE-----
+MIIG4zCCBcugAwIBAgIQCJGe4naPjCHscthsRXb7jDANBgkqhkiG9w0BAQsFADBN
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
+aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTkxMjE2MDAwMDAwWhcN
+MjExMjIwMTIwMDAwWjB/MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p
+YTEVMBMGA1UEBxMMV2FsbnV0IENyZWVrMRwwGgYDVQQKExNMdWNhcyBHYXJyb24g
+VG9ycmVzMSYwJAYDVQQDEx1rbm93bi1pbnRlcmNlcHRpb24uYmFkc3NsLmNvbTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMePLRLZJdZX3eNkQGcMywrU
+IWlXk8pTV9Gy92GHpXOsFTkqvDgADL/UhEXMwp9ngWKJ5XQOxAAwGO/e6VuwUz4v
+88EzpsoFXetjbbTqGeDCYDQIkEjsGm85Pw9bDG0db6i6ShPgoFn2uVR9b2Z+coUJ
+ZGIX8alHBVaXf+w72R1Iyy0XooPVTdgBfLqKCdA8lvwUSRi40/Lm4Wdr1eNDqeso
+uiWG0SSQ/jPwzC56j9QU9/6x5X01HVm6CM93EKSPpfCRnh/NfzI0/P+8GjVrr8fY
+Theh36Gj5FtLn27VM+iZ7NtHcPWnmctxHWQ+F7gsLGhp6tk/ebWp7usQl26XrusC
+AwEAAaOCA4swggOHMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0G
+A1UdDgQWBBRlFk4mjUFPtNYzYRdRrn4J32zILDBLBgNVHREERDBCgh1rbm93bi1p
+bnRlcmNlcHRpb24uYmFkc3NsLmNvbYIhd3d3Lmtub3duLWludGVyY2VwdGlvbi5i
+YWRzc2wuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQu
+Y29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0
+LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCow
+KAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EM
+AQIDMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln
+aWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j
+b20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAw
+ggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB3AKS5CZC0GFgUh7sTosxncAo8NZgE
++RvfuON3zQ7IDdwQAAABbxArzXcAAAQDAEgwRgIhAL9Y38tANcfrVqM9M6cVmXiS
+FgBRc7/kgyk6lZpOcOK1AiEAzM2y6Six4YRZd5n9KHVZBkgh5xYYekB4WsJKl76D
+grwAdgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaBqAAAAW8QK83AAAAE
+AwBHMEUCICJ8y7pL4cQPkwxpj+UGowT60j/0JBzfKax74lEGNbL8AiEA1HWwD4iw
+KgvKibm5Cc6Fks0TuRiG7d6aN1iiRBA7Z4cAdwC72d+8H4pxtZOUI5eqkntHOFeV
+CqtS6BqQlmQ2jh7RhQAAAW8QK84YAAAEAwBIMEYCIQDLYO7zkO/b2DkPWD3eQvL2
+1Gjjy3xZVdw1xHZq5NnUnwIhAKGD1j8iW918vBcY+NL8v6V3HB65inziTBS5yCc1
+mSOWMA0GCSqGSIb3DQEBCwUAA4IBAQC75JciLkMR3UJWX9nUDcnJfMZHW6hrF5Sz
+rrNj1mtoF4e1eElooBMTOXaTNLkpRqF+jBfh4ScKRo4e/eJWBhiGmqvh4QPr78Ok
+P+MseprHlV6FhKUeUmPxTkp5RZPTkm32nb6mIDG7kC5xpCdmRPgkUbEDaSyzTOxp
+EMGEkpsqiU4TKRCX3Vk1QCWwh6RWqof0GsUrU1N7y0fUWWThETeGccgYeIRmhlGl
+2Dy4mhDQ1JgpQGqLjj3Go5sJkxn8h3ZFmNLHyLelP/IuxRVZDv4XNkB6NVqnLfXA
+tYCVOjynVEaKoGfpaTWyPJpR71im/21+YRek2B9CiJANWpE+bJCY
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg
+U2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+ANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83
+nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd
+KpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f
+/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX
+kujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0
+/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY
+aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6
+Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1
+oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD
+QS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v
+d3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh
+xtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB
+CwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl
+5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA
+8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC
+2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit
+c+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0
+j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz
+-----END CERTIFICATE-----

From ef1b2c8b758740aaf9d96435c29f8e0093f23dff Mon Sep 17 00:00:00 2001
From: Christopher Thompson <cthomp@chromium.org>
Date: Mon, 16 Dec 2019 12:11:23 -0800
Subject: [PATCH 2/2] Fix hostname for known-interception case

---
 domains/cert/known-interception/index.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/domains/cert/known-interception/index.html b/domains/cert/known-interception/index.html
index ac57b9ef..0dd81956 100644
--- a/domains/cert/known-interception/index.html
+++ b/domains/cert/known-interception/index.html
@@ -1,5 +1,5 @@
 ---
-subdomain: blocked-interception
+subdomain: known-interception
 layout: page
 favicon: gray
 background: gray