diff --git a/keys/ca-cert-ecc.der b/keys/ca-cert-ecc.der index e3c0c8e..e79d644 100644 Binary files a/keys/ca-cert-ecc.der and b/keys/ca-cert-ecc.der differ diff --git a/keys/ca-cert-ecc.pem b/keys/ca-cert-ecc.pem index 1d0148d..bcea86d 100644 --- a/keys/ca-cert-ecc.pem +++ b/keys/ca-cert-ecc.pem @@ -1,14 +1,13 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: - 29:bf:2b:cd:bf:55:54:49:85:b3:69:4e:e1:85:37:79:1e:81:f9:c2 + Serial Number: 6 (0x6) Signature Algorithm: ecdsa-with-SHA256 - Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = ca@example.com Validity - Not Before: Feb 15 12:50:24 2022 GMT - Not After : Nov 11 12:50:24 2024 GMT - Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Not Before: Oct 1 05:54:44 2022 GMT + Not After : Sep 28 05:54:44 2032 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = ca@example.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) @@ -25,29 +24,34 @@ Certificate: 56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21 X509v3 Authority Key Identifier: keyid:56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=ca@example.com + serial:06 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: ecdsa-with-SHA256 - 30:44:02:20:78:ed:4c:1c:a7:2d:b3:35:0b:1d:46:a3:37:31: - 0b:8a:05:39:c8:28:31:58:35:f1:98:f7:4b:72:c0:4f:e6:7f: - 02:20:02:f2:09:2b:3a:e1:36:92:bf:58:6a:03:12:2d:79:e6: - bd:06:45:61:b9:0e:39:e1:9c:f0:a8:2e:0b:1e:8c:b2 + 30:45:02:20:18:bc:74:fd:d9:26:f2:f5:c2:f3:f5:cd:99:38: + 9d:85:7d:8b:67:c8:f5:51:4a:5a:88:b6:3f:61:38:6b:9f:11: + 02:21:00:f1:95:08:34:2b:47:32:93:8c:10:4b:4b:fd:6e:22: + f2:48:3b:5d:8a:74:46:24:7d:30:eb:65:15:06:e4:38:e0 -----BEGIN CERTIFICATE----- -MIIClDCCAjugAwIBAgIUKb8rzb9VVEmFs2lO4YU3eR6B+cIwCgYIKoZIzj0EAwIw -gZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT -ZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEY -MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tMB4XDTIyMDIxNTEyNTAyNFoXDTI0MTExMTEyNTAyNFowgZcxCzAJ -BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl -MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UE -AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAtPZbtYBjkXIuZAx5cBM456t -KTiYuhDW6QkqgKkuFyq5ir8zg0bjlQvkd0C1O0NFMw9hU3w3RMHL/IDK6EPqp6Nj -MGEwHQYDVR0OBBYEFFaOmsPwQt4YuUVVbvmTz+rD86UhMB8GA1UdIwQYMBaAFFaO -msPwQt4YuUVVbvmTz+rD86UhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgGGMAoGCCqGSM49BAMCA0cAMEQCIHjtTBynLbM1Cx1GozcxC4oFOcgoMVg18Zj3 -S3LAT+Z/AiAC8gkrOuE2kr9YagMSLXnmvQZFYbkOOeGc8KguCx6Msg== +MIIDJjCCAsygAwIBAgIBBjAKBggqhkjOPQQDAjCBlTELMAkGA1UEBhMCVVMxEzAR +BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dv +bGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTIyMTAwMTA1 +NTQ0NFoXDTMyMDkyODA1NTQ0NFowgZUxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApX +YXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQw +EgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR0w +GwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49 +AwEHA0IABALT2W7WAY5FyLmQMeXATOOerSk4mLoQ1ukJKoCpLhcquYq/M4NG45UL +5HdAtTtDRTMPYVN8N0TBy/yAyuhD6qejggEJMIIBBTAdBgNVHQ4EFgQUVo6aw/BC +3hi5RVVu+ZPP6sPzpSEwgcIGA1UdIwSBujCBt4AUVo6aw/BC3hi5RVVu+ZPP6sPz +pSGhgZukgZgwgZUxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAw +DgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZl +bG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR0wGwYJKoZIhvcNAQkB +Fg5jYUBleGFtcGxlLmNvbYIBBjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE +AwIBhjAKBggqhkjOPQQDAgNIADBFAiAYvHT92Sby9cLz9c2ZOJ2FfYtnyPVRSlqI +tj9hOGufEQIhAPGVCDQrRzKTjBBLS/1uIvJIO12KdEYkfTDrZRUG5Djg -----END CERTIFICATE----- diff --git a/keys/fred-cert.der b/keys/fred-cert.der new file mode 100644 index 0000000..b354f05 Binary files /dev/null and b/keys/fred-cert.der differ diff --git a/keys/fred-cert.pem b/keys/fred-cert.pem new file mode 100644 index 0000000..21998f9 --- /dev/null +++ b/keys/fred-cert.pem @@ -0,0 +1,55 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 7 (0x7) + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = ca@example.com + Validity + Not Before: Oct 1 05:54:44 2022 GMT + Not After : Sep 28 05:54:44 2032 GMT + Subject: C = US, ST = WA, L = Seattle, O = wolfSSL Inc, OU = Development, CN = Fred, emailAddress = fred@example.com + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (256 bit) + pub: + 04:12:dc:16:d1:17:81:a6:02:f0:0f:11:90:bb:32: + 85:66:0e:76:00:62:ac:aa:e3:b9:26:1c:2a:e2:28: + f8:dd:d8:79:3f:c0:02:5e:d1:d1:c5:fe:3c:63:f5: + 1f:ae:13:4b:69:ca:e8:ed:f4:36:ba:62:e0:a1:c8: + 18:10:4b:55:e1 + ASN1 OID: prime256v1 + NIST CURVE: P-256 + X509v3 extensions: + X509v3 Subject Key Identifier: + 9C:AF:03:66:F5:F0:04:FC:22:8F:8E:20:26:40:47:01:CE:D6:7A:8D + X509v3 Authority Key Identifier: + keyid:56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=ca@example.com + serial:06 + + X509v3 Subject Alternative Name: + othername: + Signature Algorithm: ecdsa-with-SHA256 + 30:45:02:21:00:de:95:bb:3a:54:c3:81:6e:f2:89:da:2f:99: + 37:e7:40:13:be:40:5c:93:84:0f:36:2e:80:d6:8a:f5:e3:6a: + 0c:02:20:55:6b:3a:c8:ed:ce:d1:29:15:b5:32:21:3c:a5:0e: + bc:84:08:db:a3:ef:c1:c5:c3:79:1f:07:c9:c0:bb:b0:f5 +-----BEGIN CERTIFICATE----- +MIIDITCCAsegAwIBAgIBBzAKBggqhkjOPQQDAjCBlTELMAkGA1UEBhMCVVMxEzAR +BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dv +bGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTIyMTAwMTA1 +NTQ0NFoXDTMyMDkyODA1NTQ0NFowgYgxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJX +QTEQMA4GA1UEBwwHU2VhdHRsZTEUMBIGA1UECgwLd29sZlNTTCBJbmMxFDASBgNV +BAsMC0RldmVsb3BtZW50MQ0wCwYDVQQDDARGcmVkMR8wHQYJKoZIhvcNAQkBFhBm +cmVkQGV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEtwW0ReB +pgLwDxGQuzKFZg52AGKsquO5Jhwq4ij43dh5P8ACXtHRxf48Y/UfrhNLacro7fQ2 +umLgocgYEEtV4aOCAREwggENMB0GA1UdDgQWBBScrwNm9fAE/CKPjiAmQEcBztZ6 +jTCBwgYDVR0jBIG6MIG3gBRWjprD8ELeGLlFVW75k8/qw/OlIaGBm6SBmDCBlTEL +MAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0 +bGUxEDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYD +VQQDDA93d3cud29sZnNzbC5jb20xHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUu +Y29tggEGMCcGA1UdEQQgMB6gHAYKKwYBBAGCNxQCA6AODAxmcmVkQGV4YW1wbGUw +CgYIKoZIzj0EAwIDSAAwRQIhAN6VuzpUw4Fu8onaL5k350ATvkBck4QPNi6A1or1 +42oMAiBVazrI7c7RKRW1MiE8pQ68hAjbo+/BxcN5HwfJwLuw9Q== +-----END CERTIFICATE----- diff --git a/keys/john-key.der b/keys/fred-key.der similarity index 100% rename from keys/john-key.der rename to keys/fred-key.der diff --git a/keys/john-key.pem b/keys/fred-key.pem similarity index 100% rename from keys/john-key.pem rename to keys/fred-key.pem diff --git a/keys/john-cert.der b/keys/john-cert.der deleted file mode 100644 index a5fc494..0000000 Binary files a/keys/john-cert.der and /dev/null differ diff --git a/keys/john-cert.pem b/keys/john-cert.pem deleted file mode 100644 index 31a286c..0000000 --- a/keys/john-cert.pem +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICSzCCAfGgAwIBAgIQUg79CEuTa/LBX88kspbmFzAKBggqhkjOPQQDAjCBlzEL -MAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0 -bGUxEDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYD -VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wIhgPMjAyMjAyMjYyMjEyMzNaGA8yMDIzMDcxMjIyMTIzM1owgZExCzAJ -BgNVBAYTAlVTMQswCQYDVQQIDAJXQTEQMA4GA1UEBwwHU2VhdHRsZTEUMBIGA1UE -CgwLd29sZlNTTCBJbmMxFDASBgNVBAsMC0RldmVsb3BtZW50MRYwFAYDVQQDDA1K -b2huIFNhZnJhbmVrMR8wHQYJKoZIhvcNAQkBFhBqb2huQHdvbGZzc2wuY29tMFkw -EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEtwW0ReBpgLwDxGQuzKFZg52AGKsquO5 -Jhwq4ij43dh5P8ACXtHRxf48Y/UfrhNLacro7fQ2umLgocgYEEtV4aMfMB0wGwYD -VR0RBBQwEoEQam9obkB3b2xmc3NsLmNvbTAKBggqhkjOPQQDAgNIADBFAiEAtsaS -gxyAAWzJ+nSku+VnVz821mL5tnw2rxTUKnWYg10CIE8/UF6OKGcJMJcUpTPc4G7F -IYffUYF+T1BAhyEwTsxx ------END CERTIFICATE----- diff --git a/keys/renewcerts.cnf b/keys/renewcerts.cnf new file mode 100644 index 0000000..e674688 --- /dev/null +++ b/keys/renewcerts.cnf @@ -0,0 +1,57 @@ +HOME = . +RANDFILE = $ENV::HOME/.rnd + +[ ca ] +default_ca = CA_default # The default ca section + +[ CA_default ] +dir = $HOME +database = $dir/index.txt # database index file. +certs = $dir/ +new_certs_dir = $dir/ +certificate = $dir/ca-cert-ecc.pem +serial = $dir/serial +default_md = default +policy = policy_match +email_in_dn = no +RANDFILE = $dir/.rand + +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = supplied +organizationName = supplied +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ req ] +x509_extensions = v3_ca # The extensions to add to the self signed cert +distinguished_name = req_distinguished_name +prompt = no + +# Extensions for a typical CA +[ v3_ca ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints = critical,CA:true +keyUsage = critical, digitalSignature, keyCertSign, cRLSign + +# Extensions for fred cert +[ v3_fred ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +subjectAltName = @fred_altnames + +[ fred_altnames ] +otherName = msUPN;UTF8:fred@example + +# Extensions for server cert +[ v3_server ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +subjectAltName = DNS:example, IP:127.0.0.1 + + +[ req_distinguished_name ] + diff --git a/keys/renewcerts.sh b/keys/renewcerts.sh new file mode 100755 index 0000000..2aadb71 --- /dev/null +++ b/keys/renewcerts.sh @@ -0,0 +1,19 @@ +touch index.txt + +# renew CA +openssl req -subj '/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=ca@example.com' -key ca-key-ecc.pem -text -out ca-cert-ecc.pem -config renewcerts.cnf -new -nodes -x509 -extensions v3_ca -days 3650 -set_serial 6 +openssl x509 -in ca-cert-ecc.pem -outform DER -out ca-cert-ecc.der + +# renew fred-cert +openssl req -subj '/C=US/ST=WA/L=Seattle/O=wolfSSL Inc/OU=Development/CN=Fred/emailAddress=fred@example.com' -key fred-key.pem -out fred-cert.csr -config renewcerts.cnf -new -nodes + +openssl x509 -req -in fred-cert.csr -days 3650 -extfile renewcerts.cnf -extensions v3_fred -CA ca-cert-ecc.pem -CAkey ca-key-ecc.pem -text -out fred-cert.pem -set_serial 7 +openssl x509 -in fred-cert.pem -outform DER -out fred-cert.der + +# renew server-cert +openssl req -subj '/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=server@example.com' -key server-key.pem -out server-cert.csr -config renewcerts.cnf -new -nodes + +openssl x509 -req -in server-cert.csr -days 3650 -extfile renewcerts.cnf -extensions v3_server -CA ca-cert-ecc.pem -CAkey ca-key-ecc.pem -text -out server-cert.pem -set_serial 8 +openssl x509 -in server-cert.pem -outform DER -out server-cert.der + +rm index.* diff --git a/keys/server-cert.der b/keys/server-cert.der index fcecf41..16fee2e 100644 Binary files a/keys/server-cert.der and b/keys/server-cert.der differ diff --git a/keys/server-cert.pem b/keys/server-cert.pem index 444644b..531d903 100644 --- a/keys/server-cert.pem +++ b/keys/server-cert.pem @@ -1,13 +1,13 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 3 (0x3) + Serial Number: 8 (0x8) Signature Algorithm: ecdsa-with-SHA256 - Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = ca@example.com Validity - Not Before: Dec 20 23:07:25 2021 GMT - Not After : Sep 15 23:07:25 2024 GMT - Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Not Before: Oct 1 05:54:44 2022 GMT + Not After : Sep 28 05:54:44 2032 GMT + Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = server@example.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) @@ -24,34 +24,32 @@ Certificate: 5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30 X509v3 Authority Key Identifier: keyid:56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=ca@example.com + serial:06 - X509v3 Basic Constraints: critical - CA:FALSE - X509v3 Key Usage: critical - Digital Signature, Key Encipherment, Key Agreement - X509v3 Extended Key Usage: - TLS Web Server Authentication - Netscape Cert Type: - SSL Server + X509v3 Subject Alternative Name: + DNS:example, IP Address:127.0.0.1 Signature Algorithm: ecdsa-with-SHA256 - 30:44:02:20:5a:67:b9:ee:02:34:27:1b:d4:c4:35:7b:ed:59: - 8e:63:c4:8a:b7:e9:92:c1:8a:76:b0:8b:cd:24:49:78:ba:ef: - 02:20:29:b8:b6:5f:83:f7:56:6a:f1:4d:d9:9f:52:2a:f9:8f: - 53:14:49:8b:5f:5e:87:af:7f:ca:2e:e0:d8:e7:75:0c + 30:45:02:20:42:d8:a0:95:e7:aa:4e:63:fd:50:6e:6b:f9:98: + 90:be:3d:44:53:68:1b:66:dd:22:a3:12:77:70:94:56:db:82: + 02:21:00:ce:18:b2:10:b2:2d:2a:b9:79:d4:76:64:df:28:91: + 23:8d:93:22:e9:4b:ea:7f:49:4e:eb:65:ce:c8:86:ba:fb -----BEGIN CERTIFICATE----- -MIICoDCCAkegAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR +MIIDGjCCAsCgAwIBAgIBCDAKBggqhkjOPQQDAjCBlTELMAkGA1UEBhMCVVMxEzAR BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dv bGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw -MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx -DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI -hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD +bC5jb20xHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTIyMTAwMTA1 +NTQ0NFoXDTMyMDkyODA1NTQ0NFowgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApX +YXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMQww +CgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEhMB8GCSqGSIb3 +DQEJARYSc2VydmVyQGV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih -f/DPGNqREQI0huggWDMLgDSJ2KOBiTCBhjAdBgNVHQ4EFgQUXV0m76x+NvmbdhUr -SiUCI++yiTAwHwYDVR0jBBgwFoAUVo6aw/BC3hi5RVVu+ZPP6sPzpSEwDAYDVR0T -AQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJ -YIZIAYb4QgEBBAQDAgZAMAoGCCqGSM49BAMCA0cAMEQCIFpnue4CNCcb1MQ1e+1Z -jmPEirfpksGKdrCLzSRJeLrvAiApuLZfg/dWavFN2Z9SKvmPUxRJi19eh69/yi7g -2Od1DA== +f/DPGNqREQI0huggWDMLgDSJ2KOCAQEwgf4wHQYDVR0OBBYEFF1dJu+sfjb5m3YV +K0olAiPvsokwMIHCBgNVHSMEgbowgbeAFFaOmsPwQt4YuUVVbvmTz+rD86UhoYGb +pIGYMIGVMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UE +BwwHU2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1l +bnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEdMBsGCSqGSIb3DQEJARYOY2FA +ZXhhbXBsZS5jb22CAQYwGAYDVR0RBBEwD4IHZXhhbXBsZYcEfwAAATAKBggqhkjO +PQQDAgNIADBFAiBC2KCV56pOY/1Qbmv5mJC+PURTaBtm3SKjEndwlFbbggIhAM4Y +shCyLSq5edR2ZN8okSONkyLpS+p/SU7rZc7Ihrr7 -----END CERTIFICATE-----