Certificates renewed

2021-12-27 14:11:32 +01:00
parent 886579a0b3
commit 4a1279948f
10 changed files with 110 additions and 104 deletions
--- a/docker/README.md
+++ b/docker/README.md
@@ -7,6 +7,10 @@ Guide for seting up a local development environment for the backend.
 ```
 127.0.0.1       okupamicoche-keycloak okupamicoche-synapse
 ```
+3.  Create docker network okupamicoche
+```
+docker network create okupamicoche
+```
 3. Run dockerized Keycloak
 ```
 cd docker/keycloak
@@ -16,7 +20,7 @@ docker run --name okupamicoche-keycloak -p 8080:8080 -p 8443:8443 -v $(pwd)/http
 ```
 4. Go to https://localhost:8443/auth/admin/master/console and login with user=admin pass=admin
 5. In Clients -> synapse -> Credentials push Regenerate Secret and copy the secret
-6. Open docker/synapse/data/homeserver.yaml and paste the secret to client_secret variable (inside oidc_providers section)
+6. Open docker/synapse/homeserver.yaml and paste the secret to client_secret variable (inside oidc_providers section)
 7. Build Synapse container
 ```
 cd docker/synape
@@ -41,7 +45,7 @@ docker run --name okupamicoche-synapse -p 8008:8008 --mount type=volume,src=syna
 Some clients (Quaternion, Nheko) fail with self-signed certificates. You can install the root certificate
 (docker/synape/keycloak-root.crt) in you local machine. For example, in Linux:
 ```
-sudo cp docker/synape/keycloak-root.crt /usr/local/share/ca-certificates/
+sudo cp docker/synapse/keycloak-root.crt /usr/local/share/ca-certificates/
 sudo update-ca-certificates
 ``` 

@@ -51,3 +55,15 @@ sudo update-ca-certificates

 ## Inspect containter
 `docker exec -t -i okupamicoche-synapse /bin/bash`
+
+# Renew/create SSL certificates for development
+1. Install mkcert from https://github.com/FiloSottile/mkcert
+2. Create and install CA root certificate
+
+`mkcert -install`
+3. Create certificate for Keycloak
+
+`mkcert okupamicoche-keycloak localhost 127.0.0.1 ::1`
+4. Copy okupamicoche-keycloak+3.pem to docker/keycloak/https/tls.crt
+5. Copy okupamicoche-keycloak+3-key.pem to docker/keycloak/https/tls.key
+6. Copy /usr/local/share/ca-certificates/mkcert_development_CA_*.crt to docker/synapse/keycloak-root.crt
--- a/docker/keycloak/https/tls.crt
+++ b/docker/keycloak/https/tls.crt
@@ -1,38 +1,25 @@
 -----BEGIN CERTIFICATE-----
-MIIDMzCCAhugAwIBAgIEJ7Mx8DANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDEwJj
-YTAeFw0yMTA0MjIxNjI1MjlaFw0yMTA3MjExNjI1MjlaMBMxETAPBgNVBAMTCGtl
-eWNsb2FrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjviXNH4OBjNG
-U9L0Jpg3a+WqpiyXFxLom8pe+QTE0pVyjgAMOSBnTaBJUwhFkYjCIqP2hvTWPUYJ
-X9K0oTbfPp4QheViNYvDZ1sz/naUAXleTYhgSuPqTzwSZ4k8f+xQHWK1ECL3JmkI
-1czJ3LEjNKryWILYbvsyoG1HmbKcIZIKzUKvrgqC9SIEqa0wlZtC+ASi16Jqv1kC
-DtGTc2gcNmeudQASfDqbYiPLqXec1GWXSViezhwBO0mrs1NEaN8810h3PRRDWkhC
-dZijCjvLC6AqtZRjdHf7m3Cit6kzJ50q27COGNtwCVVaFutOJCiMjNcsjPh8HD1c
-uuyI5Q/SnQIDAQABo4GUMIGRMB0GA1UdDgQWBBTNiaKtvdBOTQo+6N/SrVQ3lPA/
-vzAOBgNVHQ8BAf8EBAMCBaAwIAYDVR0RBBkwF4IVb2t1cGFtaWNvY2hlLWtleWNs
-b2FrMB8GA1UdIwQYMBaAFAPs8gs/h4KDpMOESTBnAuI0Bv2DMB0GA1UdJQQWMBQG
-CCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAMBi43gTMU/Sp
-No++b4CQt5HlMXw3tKScKEUvMB6iFm7L25tkDHB/Kq+UG57GMAsOloTqq41a+u7x
-RGXGkOZxM12X7RTntU+6bheDkftuLD44eaAsfBhV+ZL7tU1gyx+qQ6xqgRWwilji
-+hR/ycrjDSoozkJknIpNBM2puUc4ahAKo68rPufGrrnWSCs/EDre2peAnhi3qqVI
-6wqVJp3gdY5F4q96pDVdY5DBkOqdOFdE/Sp12Ybkt9EID0CyZFBF7eefVbS7IVpu
-aSfHe8z9GjJz1Yh/iHX8ERsSDt+YnaXk4J/Si0G5xVzd/ApPc7XpEwKXU9CcQdkg
-WxsaAmyUfg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-MIIC/DCCAeSgAwIBAgIEY8cv5jANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRy
-b290MB4XDTIxMDQyMjE2MjUyMVoXDTIxMDcyMTE2MjUyMVowDTELMAkGA1UEAxMC
-Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrabUOthTKjjoV+5Bj
-2OVtdNqBYeGNAvxH4Ae0GNx8axuu2O5oyItkYvhTg2HSoBUSK+jL5FT000z+8k+v
-wL2HZd7lZhF6xeUFBhkPYepsK62I6w7f6Zg+d7ccnRcA+9Jt3Xok4vaPnYhjvUB5
-Z25VEZZa6/35YZJ7wEdyhFuONnnVM3+1tajq1GVanwSK0y3qhmX2jLy2neMXx1zY
-J2neDElHwzYtsmVek9T8TlxLhNJiFcHEscmWrT5NOntfcTYaZosWyH+Nm/+EJuAb
-UTTscG6YdAL7p4zvOiZ1j+QKb3UCrtSSi+XUZi/uNS3Ky4asgiaUNCbHc3D0a3G0
-HsmbAgMBAAGjYjBgMB0GA1UdDgQWBBQD7PILP4eCg6TDhEkwZwLiNAb9gzANBgNV
-HREEBjAEggJjYTAPBgNVHRMECDAGAQH/AgEAMB8GA1UdIwQYMBaAFORJiEeDfjQa
-MvoMZkmv3bWw8/8NMA0GCSqGSIb3DQEBCwUAA4IBAQCFPmXAOgth6wMD6XoPvfw4
-xg0Qr5ky1pUhJj37ocr6aCNbW3dr0jUFcHHkdhyg4uEoUGbPYyKMCjp6DpPq+Sks
-Nx+xWXaTeNIiHzXsY1TuQdvvC+rrANmHatYj8/kGNg5tcNvMn7PPBfy9lEYWCSL9
-ql3yim0GuGZ9CyNS/ZCmM2X/pKc3yiZK57iywlHJ7Sp1z5bmjFHE2l6NrkLYLwh6
-5V+JkeHvzgGAiuh9cIbA4XvB0UWD8GAiwyrLhTD3ZzQDe+kXskgMzNj7OYqey3dA
-BDnxnTQel4PnYQQ78JeOwCVZurRL4Nph8icY8iQEeXEFp3H9hRpRe+rPs8+9ZnUT
+MIIEQzCCAqugAwIBAgIQP8YUKLJIkSt+rdx8XntwITANBgkqhkiG9w0BAQsFADBj
+MR4wHAYDVQQKExVta2NlcnQgZGV2ZWxvcG1lbnQgQ0ExHDAaBgNVBAsME2VuZWtv
+QGVuZWtvIChFbmVrbykxIzAhBgNVBAMMGm1rY2VydCBlbmVrb0BlbmVrbyAoRW5l
+a28pMB4XDTIxMTIyNjE0MDE1OVoXDTI0MDMyNjE0MDE1OVowRzEnMCUGA1UEChMe
+bWtjZXJ0IGRldmVsb3BtZW50IGNlcnRpZmljYXRlMRwwGgYDVQQLDBNlbmVrb0Bl
+bmVrbyAoRW5la28pMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRvc
+rk9QWGx2SyqNZhWN7r/+9lKZTG0mQDwnPkiTr02PDAcVaVaVoYTFuBRdDCFvjIIN
+07SfogkzNTKAL+YaGTDIauqcEins0/3jUdBhy80ujoyouW6+YBUNIExT03VFmyRL
+Etmt+08pP7rlSqq5m2WyLcMhrCcq5U7Q1w0rDnkxM9JGKfyQIPRqnyp+6C/m9gMM
+mCe7KzqlFXOsAAmDUfW1yAk2evOWbauwMbd5nwAq13yUdCtJKNfUeWv45+nP/B1w
+mBinQqYmFYI2srm1R5vtcFgeEh0DiIloZputQhmYVLEXqKOtZsOcQB8l7BSO9s8J
+9KcfSmroxJZgT+cTQwIDAQABo4GOMIGLMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSsH2h4QtygW++i5NrI4ZLgj1PG/DBD
+BgNVHREEPDA6ghVva3VwYW1pY29jaGUta2V5Y2xvYWuCCWxvY2FsaG9zdIcEfwAA
+AYcQAAAAAAAAAAAAAAAAAAAAATANBgkqhkiG9w0BAQsFAAOCAYEAIVtjxGfI7q5B
+pp7OL5dm0WKjqEyewrj8xd2DBXLMYncO8CcrwazRumNR/JWa9TUog0+RzQBoDcVp
+oTipybeMFOu5MuiVVdwqk/0q+JSHJ6SbZO5Yrh6NukXfzPM+k/5JLc/4a9yv1JG9
+IgQ9zwAQuyewr+AsG3fy48U1D9EZABXks0L3rMX7u4lBqqQz4whAyDTv7+mzoInR
+M4y8f1Ztvlp9Ss389Pz+1/wmnjzOhJ3Z350rXLv6Ax/pnf9pmOELfx6IuYmIQi6j
+vpCwEVcoBBU/gQqSsJLTJj3TFnNDFCxSyIg0jY+6UOBEGVI5QZK1MdB4RvygDJcn
+Udaep4E+JKBS+O5kAo21QDWvNds2/CRPhK8RB3M32BFU1JB8VPN0t5zSAPBpcQoL
+07oGVWF2Xd/A51SCtFqOxtZOTRgBSmTmsPinzlOMS4shqgQB4cjDqZ1RNHI7MbJ8
+Tbq3LN8/8hTM0hy78rdxuzedirkWq6sf4daTnCZ3sMTYMVgXdHwz
 -----END CERTIFICATE-----
--- a/docker/keycloak/https/tls.key
+++ b/docker/keycloak/https/tls.key
@@ -1,32 +1,28 @@
-Bag Attributes
-    friendlyName: keycloak
-    localKeyID: 54 69 6D 65 20 31 36 31 39 31 31 30 39 34 33 35 33 33 
-Key Attributes: <No Attributes>
 -----BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCO+Jc0fg4GM0ZT
-0vQmmDdr5aqmLJcXEuibyl75BMTSlXKOAAw5IGdNoElTCEWRiMIio/aG9NY9Rglf
-0rShNt8+nhCF5WI1i8NnWzP+dpQBeV5NiGBK4+pPPBJniTx/7FAdYrUQIvcmaQjV
-zMncsSM0qvJYgthu+zKgbUeZspwhkgrNQq+uCoL1IgSprTCVm0L4BKLXomq/WQIO
-0ZNzaBw2Z651ABJ8OptiI8upd5zUZZdJWJ7OHAE7SauzU0Ro3zzXSHc9FENaSEJ1
-mKMKO8sLoCq1lGN0d/ubcKK3qTMnnSrbsI4Y23AJVVoW604kKIyM1yyM+HwcPVy6
-7IjlD9KdAgMBAAECggEAeci1fAhYR93LbUHHqUyGAQm8iBp5hTUdIP+MUNBIHB0j
-XGQcBVldxZjgfLMSF3sH61wBdkn+aGlNOOuR47WLCpq39mZDdtsb0uG0c3BseKj6
-tE6Tv5dPErlX8AvNliYkxDM9ioZOQtC7rurnlG7rT0TCdLTYSgj9wfv0Pq8PIeQv
-LwtnOjZsG1p6LYEMPCWyNHolbV0saRf5ZEowvE7EPoGrFucOcxWYgnIC8Qa83ODD
-02vBSI/MMXEn/HdcwwyRDALTd8pGvIsheIHnaKtZxG0KBRuXrJ2OzLaDfYFk9QEg
-fH+iB3lcX1+tftD0Q68m4+Uti+GpJTwpj9xE4/yH4QKBgQDOAS6B+aKlLY15tJAE
-UFVrMj/n5qRjoYXMK8MUi0qOi4Ytzs63u8MR/owuZ7KstUpEGmgkSTJUCWy6C5gn
-iOW80wFheWMG9ZqUYFEx79a1Yna46SIEpowM+gunEqW0NIUHeuiOsgkZn3slnaxA
-lNT5s81nZvWHZRmnc9xy7pT0xQKBgQCxqzXCQMJS09qIZhHAQblIfDA4iwCUGZAn
-wcsfI9e4CxJ4m5SnJTTpe8G9680xXpR2tVhl2FrarNxWMMZUGWxqBn0Ug6dDmSwX
-SpBZ5q/bpbphRoRQvlVjkhX0prX+lB9yFcyH0qnDchoW/CPgnKaYndE+eBPMnjSO
-n8ZuM2iz+QKBgAC96Fj3eSp3G4dQqyQY1fXo3GoNXpItRroRfkZYqhARWI5ZrEzl
-FDLAY+jW3sHYdUgBgFaBHPlIf2e8GvQpfgpMCDk9oqmnwMLABgrT/kXw8NSBomm5
-3888J0aWvpoDhmccfjHlWjsJY/wisTgaURoFF7xDlqbCKnF77VNMoKSxAoGBAIef
-JONKocuuMlQKbiRvRytguUKAQQnMVbEzioUTzDiOIyRzxs6sZS6RrLv4QuMbyoKv
-PXJI7FmeuHcGtm4+Ffb9Sv+c29KLGxAQeA5YPQeTA6n7tUcZc38VZbMiiyxxD2v7
-3ewUUEiEUgwXnp93lOhNGAvyh1KbtYzlxAgdMCCpAoGABEqs4vSc2vmaUKf6uek6
-M1r3Qv6/NW3IBTY/eSaihszTxG3uVaZUK8iiORd3ELFiMWZKDk3kCW8PcmFIu96k
-VNoaawwZY7+AQzTg7pN2uF8CqQaMNjAi9MxcJK6cdXj9T4uP8yxahlt6TveoMGRd
-Y3uBGHr9qoVnbFnvr71DF0s=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQClG9yuT1BYbHZL
+Ko1mFY3uv/72UplMbSZAPCc+SJOvTY8MBxVpVpWhhMW4FF0MIW+Mgg3TtJ+iCTM1
+MoAv5hoZMMhq6pwSKezT/eNR0GHLzS6OjKi5br5gFQ0gTFPTdUWbJEsS2a37Tyk/
+uuVKqrmbZbItwyGsJyrlTtDXDSsOeTEz0kYp/JAg9GqfKn7oL+b2AwyYJ7srOqUV
+c6wACYNR9bXICTZ685Ztq7Axt3mfACrXfJR0K0ko19R5a/jn6c/8HXCYGKdCpiYV
+gjayubVHm+1wWB4SHQOIiWhmm61CGZhUsReoo61mw5xAHyXsFI72zwn0px9KaujE
+lmBP5xNDAgMBAAECggEBAJUxFvi/HHe6Ei4blkdfRLAu9yD3RCRmIIE8ma1TAXgP
+WinhILzdizm28r5CUE3MzLInNn1NIk3ViFsSdfhSMNUAWqkZs8tJ7QEl0km0RRpW
+HjKa8T8VzZqeiwzbS4ew2SO16MxwvCBwyHIY3GXa3PqJKzbkssGPZthrnpQkBvr8
+ng+oueLSKbPploUs/0YjMB0SMtiYgRWwdCeRonQg93AAId5hg9GDUclXEJK0LGER
+vWHjXjRB0KmSnHTdCxSIqml0689cie4RKlUzn9GdN1oH1Ck7Z6hyPLpmQZQlTgJr
+gJToT/AU+v7eyuSFSod6klAmjTxwKl/0uL1Tp+I12tECgYEAyQnVqV6M472QJxfk
+MtV7VikqsmfWlR5aPJRjiGfcYsxC4JZhWes8O20ADR43rGzSQdmqBmZNoy77vpMZ
+bdOOoxSsaBN5UPyv48zWDoO9eUG+snj1o4ycq6aj7JDAZP0CH/30/1/2rTHGN+Wd
+b4f2/44X/4rvZFw/nVRnRE45/fsCgYEA0j9oaCkZ4MyZA8QgWBpskgJtNE/iyRJd
+SRtHyKZGoCcdVDMbR19VVOMbRd2yccPNIFKG9ZTbqzWcM3iKDwWONlT1FtWbV2LQ
+FNKBVFzoXudTgDB0Ikp+Y3lJJi3Q3QTeL9QTDkQUsvckeO3rBNyta3cLzraXOy2r
+FzVSOmAxpVkCgYBtqXywL9BApnXMrV6gUA1AOaJ9wOCvZOgqJXOJw8XW6r8MTVt7
+NjMb42Bkx3ftCUtD+lyhswpkmktecFUtsHodATjuaLkDcWLsqx6Uuk4Pp8pDBnJP
+rXMEuxiuAWPBcrXHB7ut1gX0AbOzaAASB6O3USZMEdh18VAOHS1beCRwIwKBgAC/
+Wvar1ry23YBm7RqDFYm7WnoKIqtGVnCRGUM8XBnrqa4H9HvfeeUwXYN1E1JWON95
+i6NJ4TINob2JGyyMf4Hv8WMgZUn9PvIkAXO0VNsphWF6Sp9olmRyJPFuzkRK5SNU
+ZLDzSwOL32RSrDg7NJ6iMLeObKE4O1h8xwsQFn0ZAoGAPchxDGNsWs9P0SLjNmJI
+92hkB4g54EYgFmPlsUYucjgYbGSsDd4bjrUSLT5/xX3nn2MNvRsEVdJWrvH97Isn
+qbE+LKH+i1T/4EDjgFYMsdx1sh5Vec1Yxm1oDsvBoUQzUqOMxZoQyQlEm/MIvISS
+4NjyOn2zOmWANHbQ/G8Ru5c=
 -----END PRIVATE KEY-----
--- a/docker/synapse/homeserver.yaml
+++ b/docker/synapse/homeserver.yaml
@@ -26,10 +26,10 @@ oidc_providers:
  - idp_id: keycloak
    idp_name: Keycloak
    issuer: "https://okupamicoche-keycloak:8443/auth/realms/okupamicoche"
-    client_id: "okupamicoche-frontend-angular"
-    client_secret: "PUBLIC-CLIENT-WITH-NO-PASSWORD"
-#    client_id: "synapse"
-#    client_secret: "2d2b51cf-09ab-44a3-97d8-b7c3c5289c87"
+#    client_id: "okupamicoche-frontend-angular"
+#    client_secret: "PUBLIC-CLIENT-WITH-NO-PASSWORD"
+    client_id: "synapse"
+    client_secret: "0967315b-626c-461c-b190-4db9891b5ff3"
    scopes: [ "openid", "profile" ]
    user_mapping_provider:
      config:
--- a/docker/synapse/keycloak-root.crt
+++ b/docker/synapse/keycloak-root.crt
@@ -1,18 +1,27 @@
 -----BEGIN CERTIFICATE-----
-MIICzjCCAbagAwIBAgIEe23PhzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDEwRy
-b290MB4XDTIxMDQyMjE2MjUxN1oXDTQ4MDkwNzE2MjUxN1owDzENMAsGA1UEAxME
-cm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJQVKfh+JUYHcrfn
-+LJb04FBxnAVaHzbJmEgRtZhSPyF45JtjEsepj7R6IDnd2hymyISh8JPO2W35kwE
-7wRTMOiqim/BoInS7iRbc7GZaSXFyF/tCWdaYE4mQVDkttMZIlZxVoqGI9/JupSW
-Shk8rX3h3Eg4RHK0Jxjygo5UtzdWM3LpQkdioXZ+ixBS9f1RP+wZEyuWGJvM6kUq
-599ntFOUN0RZ4ZCq1MxfFGzGhtyPMBCPAA7IVdlhQXz+2dkkttcuGDXDCEh3KvT/
-FjkwCahTJmCBEO0gVFI+3TkBrbmQbD0mpEYP2ba2wBn8avajF1L/HjS5mHvfbQIr
-jyiM8JECAwEAAaMyMDAwHQYDVR0OBBYEFORJiEeDfjQaMvoMZkmv3bWw8/8NMA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFyfKpi1PteOgPYM5nmx
-PtmSE7EUuPD3COPRlZKX3Tr1dNj1oXgSSFxeDRtNc603Mbhyb/vT5mGmll6SI9Wn
-OHZtzeU94MkDZwa0+4PdBe5sSwBF8kIJBn05H8Iy75AY/9uD0pFII+wMXuNgGPQU
-lm+WXdPAoqc34W/IkCl0L9vrW/ZKE46PmEmHDrwcQ3FI+N8aAx34YyUzmarJGHYS
-G9XrHtaO8eJf7dfmY/fkBFxdw8aYS3uoOEu/AD0gsryQ0rEk3t1uSiBZMJ7LCap+
-vwAQH2Y8S2IF1skz4NQSHtMY4i7Y/SILFEIg5dj00+0qU4r+Ea0S51IrVu92wOjL
-GaA=
+MIIElTCCAv2gAwIBAgIQBi3ZVqJiORvrJIo554aoHzANBgkqhkiG9w0BAQsFADBj
+MR4wHAYDVQQKExVta2NlcnQgZGV2ZWxvcG1lbnQgQ0ExHDAaBgNVBAsME2VuZWtv
+QGVuZWtvIChFbmVrbykxIzAhBgNVBAMMGm1rY2VydCBlbmVrb0BlbmVrbyAoRW5l
+a28pMB4XDTIxMTIyNjEzNTgzM1oXDTMxMTIyNjEzNTgzM1owYzEeMBwGA1UEChMV
+bWtjZXJ0IGRldmVsb3BtZW50IENBMRwwGgYDVQQLDBNlbmVrb0BlbmVrbyAoRW5l
+a28pMSMwIQYDVQQDDBpta2NlcnQgZW5la29AZW5la28gKEVuZWtvKTCCAaIwDQYJ
+KoZIhvcNAQEBBQADggGPADCCAYoCggGBAKjoNBECRJZyqJe39ijNkHoVeqENGgwK
+jmmzqgkVq3BR4p+hOtNXDWKQrakkIpyw4NLLoAbctFaHSctWb9G/UWJLOLTzkp8E
+0rYkxayLVfqRhO5Hl5ZA2CAFafoMYgNmPQFUzobg3k8jTLdCMJ2sYSHdu4TYqWwY
+5+e+vWgB0wU0z8mdiLlE1ampikjvGtVgWIOM5vTKfsUhYxKMJwLMmyAt/GKeq6Hc
+8tYdh/ZeNfeITgIQY9zHVB7xsyxi/JiubaKKoTnglznWwmbogvHZ6sjyzfgWSXEu
+N7GHGcxVN1yH9RadmrY2KesQ6yv6PI5tKZf0kt8F3XgLsRG9UFpBw7VNrlGwgT05
+O8JogpnZ6tnOxL+8vuLgzJ9lD5dk/ZKxkUx6IYhblbuE4p3ZlrId0WlMgUwN1Ppx
+U0K2mExQat5Zy+LLUZ/vjReObvdNyWYYDRWzM6iFmLDpnqMDNbx0kH8Ok/Pi1zvk
+Ho5VcAhpiU11VSKs0RJDVCTNA02/AiDIMwIDAQABo0UwQzAOBgNVHQ8BAf8EBAMC
+AgQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUrB9oeELcoFvvouTayOGS
+4I9TxvwwDQYJKoZIhvcNAQELBQADggGBADXTUSQ3u5vxFXUdgpRhvPf4H6z4qWuK
+wH0rIzIf5QGMe/UUgElRnUcMnRcaGafjshDiQnPAlFT7FwkxqxdvEnGMhziF6xn1
+yvKZAbKfMJEPlgZ39vdeMiWL2NVqzdcbD/I6hJZML9/OUqZGEq5oed46f6rY/Rnp
+9/V66bXl0Z1iermnObcyUmgGwNzEI6GhVAALylaHdOBEI5PRsGE3lQ5dCrvXq7LV
+NVzuj3bpRhINPO6Ry9r1ZJnRqwVdw319MUqTwIxokx1Q07B/1dXf+g6KkmL1nILT
+zowiTF+Mr0Q13DXKn6u67WpAIXsmzTu0shNPxpWzXykqY7RhUZ9bFMeeTb8ib6g4
+xUVhUZuq6dqrltMhNKlNZCSdOzAlxZrjJrdTb/+EUXIls6N58moMlHnKlI9eWhIu
+nMifCG7fX2em7fI6lnuZQXN/X9T3LLHbjp00Garxm28y2RWOIezuam0ALFS7IV8X
+lJlVtLS5yuOrbHb2QdmwqKM3+kVLtCGo/Q==
 -----END CERTIFICATE-----