itsi 0.1.5 → 0.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Cargo.lock +49 -0
- data/crates/itsi_error/src/lib.rs +1 -1
- data/crates/itsi_server/Cargo.toml +1 -0
- data/crates/itsi_server/src/env.rs +43 -0
- data/crates/itsi_server/src/lib.rs +1 -0
- data/crates/itsi_server/src/server/serve_strategy/single_mode.rs +1 -1
- data/crates/itsi_server/src/server/tls/locked_dir_cache.rs +55 -17
- data/crates/itsi_server/src/server/tls.rs +91 -22
- data/gems/scheduler/ext/itsi_error/src/lib.rs +1 -1
- data/gems/scheduler/ext/itsi_server/Cargo.toml +1 -0
- data/gems/scheduler/ext/itsi_server/src/env.rs +43 -0
- data/gems/scheduler/ext/itsi_server/src/lib.rs +1 -0
- data/gems/scheduler/ext/itsi_server/src/server/serve_strategy/single_mode.rs +1 -1
- data/gems/scheduler/ext/itsi_server/src/server/tls/locked_dir_cache.rs +55 -17
- data/gems/scheduler/ext/itsi_server/src/server/tls.rs +91 -22
- data/gems/scheduler/lib/itsi/scheduler/version.rb +1 -1
- data/gems/server/ext/itsi_error/src/lib.rs +1 -1
- data/gems/server/ext/itsi_server/Cargo.toml +1 -0
- data/gems/server/ext/itsi_server/src/env.rs +43 -0
- data/gems/server/ext/itsi_server/src/lib.rs +1 -0
- data/gems/server/ext/itsi_server/src/server/serve_strategy/single_mode.rs +1 -1
- data/gems/server/ext/itsi_server/src/server/tls/locked_dir_cache.rs +55 -17
- data/gems/server/ext/itsi_server/src/server/tls.rs +91 -22
- data/gems/server/lib/itsi/server/version.rb +1 -1
- data/lib/itsi/version.rb +1 -1
- data/tasks.txt +0 -2
- metadata +9 -12
- data/crates/itsi_server/src/server/itsi_ca/itsi_ca.crt +0 -13
- data/crates/itsi_server/src/server/itsi_ca/itsi_ca.key +0 -5
- data/gems/scheduler/ext/itsi_server/src/server/itsi_ca/itsi_ca.crt +0 -13
- data/gems/scheduler/ext/itsi_server/src/server/itsi_ca/itsi_ca.key +0 -5
- data/gems/server/ext/itsi_server/src/server/itsi_ca/itsi_ca.crt +0 -13
- data/gems/server/ext/itsi_server/src/server/itsi_ca/itsi_ca.key +0 -5
|
@@ -2,21 +2,29 @@ use base64::{engine::general_purpose, Engine as _};
|
|
|
2
2
|
use itsi_error::Result;
|
|
3
3
|
use itsi_tracing::info;
|
|
4
4
|
use locked_dir_cache::LockedDirCache;
|
|
5
|
-
use rcgen::{
|
|
6
|
-
|
|
5
|
+
use rcgen::{
|
|
6
|
+
generate_simple_self_signed, CertificateParams, CertifiedKey, DnType, KeyPair, SanType,
|
|
7
|
+
};
|
|
8
|
+
use rustls::{
|
|
9
|
+
pki_types::{CertificateDer, PrivateKeyDer},
|
|
10
|
+
ClientConfig, RootCertStore,
|
|
11
|
+
};
|
|
7
12
|
use rustls_pemfile::{certs, pkcs8_private_keys};
|
|
8
13
|
use std::{
|
|
9
14
|
collections::HashMap,
|
|
10
|
-
|
|
15
|
+
fs,
|
|
11
16
|
io::{BufReader, Error},
|
|
12
17
|
sync::Arc,
|
|
13
18
|
};
|
|
14
19
|
use tokio::sync::Mutex;
|
|
15
20
|
use tokio_rustls::{rustls::ServerConfig, TlsAcceptor};
|
|
16
21
|
use tokio_rustls_acme::{AcmeAcceptor, AcmeConfig, AcmeState};
|
|
22
|
+
|
|
23
|
+
use crate::env::{
|
|
24
|
+
ITSI_ACME_CACHE_DIR, ITSI_ACME_CA_PEM_PATH, ITSI_ACME_CONTACT_EMAIL, ITSI_ACME_DIRECTORY_URL,
|
|
25
|
+
ITSI_LOCAL_CA_DIR,
|
|
26
|
+
};
|
|
17
27
|
mod locked_dir_cache;
|
|
18
|
-
const ITS_CA_CERT: &str = include_str!("./itsi_ca/itsi_ca.crt");
|
|
19
|
-
const ITS_CA_KEY: &str = include_str!("./itsi_ca/itsi_ca.key");
|
|
20
28
|
|
|
21
29
|
#[derive(Clone)]
|
|
22
30
|
pub enum ItsiTlsAcceptor {
|
|
@@ -28,11 +36,12 @@ pub enum ItsiTlsAcceptor {
|
|
|
28
36
|
),
|
|
29
37
|
}
|
|
30
38
|
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
39
|
+
/// Generates a TLS configuration based on either :
|
|
40
|
+
/// * Input "cert" and "key" options (either paths or Base64-encoded strings) or
|
|
41
|
+
/// * Performs automatic certificate generation/retrieval. Generated certs use an internal self-signed Isti CA.
|
|
42
|
+
///
|
|
43
|
+
/// If a non-local host or optional domain parameter is provided,
|
|
44
|
+
/// an automated certificate will attempt to be fetched using let's encrypt.
|
|
36
45
|
pub fn configure_tls(
|
|
37
46
|
host: &str,
|
|
38
47
|
query_params: &HashMap<String, String>,
|
|
@@ -41,22 +50,55 @@ pub fn configure_tls(
|
|
|
41
50
|
.get("domains")
|
|
42
51
|
.map(|v| v.split(',').map(String::from).collect::<Vec<_>>());
|
|
43
52
|
|
|
44
|
-
if query_params.get("cert").
|
|
53
|
+
if query_params.get("cert").is_some_and(|c| c == "auto") {
|
|
45
54
|
if let Some(domains) = domains {
|
|
46
|
-
let directory_url =
|
|
47
|
-
.unwrap_or_else(|_| "https://acme-v02.api.letsencrypt.org/directory".to_string());
|
|
55
|
+
let directory_url = &*ITSI_ACME_DIRECTORY_URL;
|
|
48
56
|
info!(
|
|
49
57
|
domains = format!("{:?}", domains),
|
|
50
58
|
directory_url, "Requesting acme cert"
|
|
51
59
|
);
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
.
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
60
|
+
|
|
61
|
+
let acme_config = AcmeConfig::new(domains)
|
|
62
|
+
.contact([format!("mailto:{}", (*ITSI_ACME_CONTACT_EMAIL).as_ref().map_err(|_| {
|
|
63
|
+
itsi_error::ItsiError::ArgumentError(
|
|
64
|
+
"ITSI_ACME_CONTACT_EMAIL must be set before you can auto-generate production certificates"
|
|
65
|
+
.to_string(),
|
|
66
|
+
)
|
|
67
|
+
})?)])
|
|
68
|
+
.cache(LockedDirCache::new(&*ITSI_ACME_CACHE_DIR))
|
|
69
|
+
.directory(directory_url);
|
|
70
|
+
|
|
71
|
+
let acme_state = if let Ok(ca_pem_path) = &*ITSI_ACME_CA_PEM_PATH {
|
|
72
|
+
let mut root_cert_store = RootCertStore::empty();
|
|
73
|
+
|
|
74
|
+
let ca_pem = fs::read(ca_pem_path).expect("failed to read CA pem file");
|
|
75
|
+
let mut ca_reader = BufReader::new(&ca_pem[..]);
|
|
76
|
+
let der_certs: Vec<CertificateDer> = certs(&mut ca_reader)
|
|
77
|
+
.collect::<std::result::Result<Vec<CertificateDer>, _>>()
|
|
78
|
+
.map_err(|e| {
|
|
79
|
+
itsi_error::ItsiError::ArgumentError(format!(
|
|
80
|
+
"Invalid ACME CA Pem path {:?}",
|
|
81
|
+
e
|
|
82
|
+
))
|
|
83
|
+
})?;
|
|
84
|
+
root_cert_store.add_parsable_certificates(der_certs);
|
|
85
|
+
|
|
86
|
+
let client_config = ClientConfig::builder()
|
|
87
|
+
.with_root_certificates(root_cert_store)
|
|
88
|
+
.with_no_client_auth();
|
|
89
|
+
acme_config
|
|
90
|
+
.client_tls_config(Arc::new(client_config))
|
|
91
|
+
.state()
|
|
92
|
+
} else {
|
|
93
|
+
acme_config.state()
|
|
94
|
+
};
|
|
95
|
+
|
|
96
|
+
let mut rustls_config = ServerConfig::builder()
|
|
58
97
|
.with_no_client_auth()
|
|
59
98
|
.with_cert_resolver(acme_state.resolver());
|
|
99
|
+
|
|
100
|
+
rustls_config.alpn_protocols = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
|
|
101
|
+
|
|
60
102
|
let acceptor = acme_state.acceptor();
|
|
61
103
|
return Ok(ItsiTlsAcceptor::Automatic(
|
|
62
104
|
acceptor,
|
|
@@ -73,7 +115,7 @@ pub fn configure_tls(
|
|
|
73
115
|
let key = load_private_key(key_path);
|
|
74
116
|
(certs, key)
|
|
75
117
|
} else {
|
|
76
|
-
generate_ca_signed_cert(vec![host.to_owned()])?
|
|
118
|
+
generate_ca_signed_cert(domains.unwrap_or(vec![host.to_owned()]))?
|
|
77
119
|
};
|
|
78
120
|
|
|
79
121
|
let mut config = ServerConfig::builder()
|
|
@@ -145,9 +187,10 @@ pub fn generate_ca_signed_cert(
|
|
|
145
187
|
domains: Vec<String>,
|
|
146
188
|
) -> Result<(Vec<CertificateDer<'static>>, PrivateKeyDer<'static>)> {
|
|
147
189
|
info!("Generating New Itsi CA - Self signed Certificate. Use `itsi ca export` to export the CA certificate for import into your local trust store.");
|
|
190
|
+
let (ca_key_pem, ca_cert_pem) = get_or_create_local_dev_ca()?;
|
|
148
191
|
|
|
149
|
-
let ca_kp = KeyPair::from_pem(
|
|
150
|
-
let ca_cert = CertificateParams::from_ca_cert_pem(
|
|
192
|
+
let ca_kp = KeyPair::from_pem(&ca_key_pem).expect("Failed to load CA key");
|
|
193
|
+
let ca_cert = CertificateParams::from_ca_cert_pem(&ca_cert_pem)
|
|
151
194
|
.expect("Failed to parse embedded CA certificate")
|
|
152
195
|
.self_signed(&ca_kp)
|
|
153
196
|
.expect("Failed to self-sign embedded CA cert");
|
|
@@ -187,3 +230,29 @@ pub fn generate_ca_signed_cert(
|
|
|
187
230
|
PrivateKeyDer::try_from(ee_key.serialize_der()).unwrap(),
|
|
188
231
|
))
|
|
189
232
|
}
|
|
233
|
+
|
|
234
|
+
fn get_or_create_local_dev_ca() -> Result<(String, String)> {
|
|
235
|
+
let ca_dir = &*ITSI_LOCAL_CA_DIR;
|
|
236
|
+
fs::create_dir_all(ca_dir)?;
|
|
237
|
+
|
|
238
|
+
let key_path = ca_dir.join("itsi_dev_ca.key");
|
|
239
|
+
let cert_path = ca_dir.join("itsi_dev_ca.crt");
|
|
240
|
+
|
|
241
|
+
if key_path.exists() && cert_path.exists() {
|
|
242
|
+
// Already have a local CA
|
|
243
|
+
let key_pem = fs::read_to_string(&key_path)?;
|
|
244
|
+
let cert_pem = fs::read_to_string(&cert_path)?;
|
|
245
|
+
|
|
246
|
+
Ok((key_pem, cert_pem))
|
|
247
|
+
} else {
|
|
248
|
+
let subject_alt_names = vec!["dev.itsi.fyi".to_string(), "localhost".to_string()];
|
|
249
|
+
|
|
250
|
+
let CertifiedKey { cert, key_pair } =
|
|
251
|
+
generate_simple_self_signed(subject_alt_names).unwrap();
|
|
252
|
+
|
|
253
|
+
fs::write(&key_path, key_pair.serialize_pem())?;
|
|
254
|
+
fs::write(&cert_path, cert.pem())?;
|
|
255
|
+
|
|
256
|
+
Ok((key_pair.serialize_pem(), cert.pem()))
|
|
257
|
+
}
|
|
258
|
+
}
|
data/lib/itsi/version.rb
CHANGED
data/tasks.txt
CHANGED
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: itsi
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Wouter Coppieters
|
|
8
8
|
bindir: exe
|
|
9
9
|
cert_chain: []
|
|
10
|
-
date: 2025-03-
|
|
10
|
+
date: 2025-03-15 00:00:00.000000000 Z
|
|
11
11
|
dependencies:
|
|
12
12
|
- !ruby/object:Gem::Dependency
|
|
13
13
|
name: itsi-server
|
|
@@ -15,28 +15,28 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - "~>"
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.1.
|
|
18
|
+
version: 0.1.7
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - "~>"
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.1.
|
|
25
|
+
version: 0.1.7
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: itsi-scheduler
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
29
29
|
requirements:
|
|
30
30
|
- - "~>"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: 0.1.
|
|
32
|
+
version: 0.1.7
|
|
33
33
|
type: :runtime
|
|
34
34
|
prerelease: false
|
|
35
35
|
version_requirements: !ruby/object:Gem::Requirement
|
|
36
36
|
requirements:
|
|
37
37
|
- - "~>"
|
|
38
38
|
- !ruby/object:Gem::Version
|
|
39
|
-
version: 0.1.
|
|
39
|
+
version: 0.1.7
|
|
40
40
|
description: Wrapper Gem for both the Itsi server and it's Fiber scheduler
|
|
41
41
|
email:
|
|
42
42
|
- wc@pico.net.nz
|
|
@@ -70,6 +70,7 @@ files:
|
|
|
70
70
|
- crates/itsi_server/src/body_proxy/big_bytes.rs
|
|
71
71
|
- crates/itsi_server/src/body_proxy/itsi_body_proxy.rs
|
|
72
72
|
- crates/itsi_server/src/body_proxy/mod.rs
|
|
73
|
+
- crates/itsi_server/src/env.rs
|
|
73
74
|
- crates/itsi_server/src/lib.rs
|
|
74
75
|
- crates/itsi_server/src/request/itsi_request.rs
|
|
75
76
|
- crates/itsi_server/src/request/mod.rs
|
|
@@ -78,8 +79,6 @@ files:
|
|
|
78
79
|
- crates/itsi_server/src/server/bind.rs
|
|
79
80
|
- crates/itsi_server/src/server/bind_protocol.rs
|
|
80
81
|
- crates/itsi_server/src/server/io_stream.rs
|
|
81
|
-
- crates/itsi_server/src/server/itsi_ca/itsi_ca.crt
|
|
82
|
-
- crates/itsi_server/src/server/itsi_ca/itsi_ca.key
|
|
83
82
|
- crates/itsi_server/src/server/itsi_server.rs
|
|
84
83
|
- crates/itsi_server/src/server/lifecycle_event.rs
|
|
85
84
|
- crates/itsi_server/src/server/listener.rs
|
|
@@ -128,6 +127,7 @@ files:
|
|
|
128
127
|
- gems/scheduler/ext/itsi_server/src/body_proxy/big_bytes.rs
|
|
129
128
|
- gems/scheduler/ext/itsi_server/src/body_proxy/itsi_body_proxy.rs
|
|
130
129
|
- gems/scheduler/ext/itsi_server/src/body_proxy/mod.rs
|
|
130
|
+
- gems/scheduler/ext/itsi_server/src/env.rs
|
|
131
131
|
- gems/scheduler/ext/itsi_server/src/lib.rs
|
|
132
132
|
- gems/scheduler/ext/itsi_server/src/request/itsi_request.rs
|
|
133
133
|
- gems/scheduler/ext/itsi_server/src/request/mod.rs
|
|
@@ -136,8 +136,6 @@ files:
|
|
|
136
136
|
- gems/scheduler/ext/itsi_server/src/server/bind.rs
|
|
137
137
|
- gems/scheduler/ext/itsi_server/src/server/bind_protocol.rs
|
|
138
138
|
- gems/scheduler/ext/itsi_server/src/server/io_stream.rs
|
|
139
|
-
- gems/scheduler/ext/itsi_server/src/server/itsi_ca/itsi_ca.crt
|
|
140
|
-
- gems/scheduler/ext/itsi_server/src/server/itsi_ca/itsi_ca.key
|
|
141
139
|
- gems/scheduler/ext/itsi_server/src/server/itsi_server.rs
|
|
142
140
|
- gems/scheduler/ext/itsi_server/src/server/lifecycle_event.rs
|
|
143
141
|
- gems/scheduler/ext/itsi_server/src/server/listener.rs
|
|
@@ -199,6 +197,7 @@ files:
|
|
|
199
197
|
- gems/server/ext/itsi_server/src/body_proxy/big_bytes.rs
|
|
200
198
|
- gems/server/ext/itsi_server/src/body_proxy/itsi_body_proxy.rs
|
|
201
199
|
- gems/server/ext/itsi_server/src/body_proxy/mod.rs
|
|
200
|
+
- gems/server/ext/itsi_server/src/env.rs
|
|
202
201
|
- gems/server/ext/itsi_server/src/lib.rs
|
|
203
202
|
- gems/server/ext/itsi_server/src/request/itsi_request.rs
|
|
204
203
|
- gems/server/ext/itsi_server/src/request/mod.rs
|
|
@@ -207,8 +206,6 @@ files:
|
|
|
207
206
|
- gems/server/ext/itsi_server/src/server/bind.rs
|
|
208
207
|
- gems/server/ext/itsi_server/src/server/bind_protocol.rs
|
|
209
208
|
- gems/server/ext/itsi_server/src/server/io_stream.rs
|
|
210
|
-
- gems/server/ext/itsi_server/src/server/itsi_ca/itsi_ca.crt
|
|
211
|
-
- gems/server/ext/itsi_server/src/server/itsi_ca/itsi_ca.key
|
|
212
209
|
- gems/server/ext/itsi_server/src/server/itsi_server.rs
|
|
213
210
|
- gems/server/ext/itsi_server/src/server/lifecycle_event.rs
|
|
214
211
|
- gems/server/ext/itsi_server/src/server/listener.rs
|
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
-----BEGIN CERTIFICATE-----
|
|
2
|
-
MIIB9TCCAZugAwIBAgIUMpQtAScU2Ow9c1Xy/0b/kS/BuwcwCgYIKoZIzj0EAwIw
|
|
3
|
-
UDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBEl0c2kxDTALBgNVBAcMBEl0c2kxEDAO
|
|
4
|
-
BgNVBAoMB0l0c2kgQ0ExETAPBgNVBAMMCGl0c2kuZnlpMB4XDTI1MDMwMzIwMjg1
|
|
5
|
-
N1oXDTM1MDMwMTIwMjg1N1owUDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBEl0c2kx
|
|
6
|
-
DTALBgNVBAcMBEl0c2kxEDAOBgNVBAoMB0l0c2kgQ0ExETAPBgNVBAMMCGl0c2ku
|
|
7
|
-
ZnlpMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqGdC9Vi1r7ARvqSkPXkAgiV5
|
|
8
|
-
gn2MMTeEafagrWT7G1onSh/G+Qstxl61kfFNLOTiy6NSgAtKG+gfveCTo0Pcz6NT
|
|
9
|
-
MFEwHQYDVR0OBBYEFN7zzDodmiK2VAzLDydDvb6Er+U+MB8GA1UdIwQYMBaAFN7z
|
|
10
|
-
zDodmiK2VAzLDydDvb6Er+U+MA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwID
|
|
11
|
-
SAAwRQIhAP8q3PiwqTwCbRvYvvetxH39mAce1mfQMosb33ns228VAiBXdb+p9s0o
|
|
12
|
-
5ug5g9/MTvrIPI7GgolXCWZunkouy0LSrw==
|
|
13
|
-
-----END CERTIFICATE-----
|
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
-----BEGIN CERTIFICATE-----
|
|
2
|
-
MIIB9TCCAZugAwIBAgIUMpQtAScU2Ow9c1Xy/0b/kS/BuwcwCgYIKoZIzj0EAwIw
|
|
3
|
-
UDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBEl0c2kxDTALBgNVBAcMBEl0c2kxEDAO
|
|
4
|
-
BgNVBAoMB0l0c2kgQ0ExETAPBgNVBAMMCGl0c2kuZnlpMB4XDTI1MDMwMzIwMjg1
|
|
5
|
-
N1oXDTM1MDMwMTIwMjg1N1owUDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBEl0c2kx
|
|
6
|
-
DTALBgNVBAcMBEl0c2kxEDAOBgNVBAoMB0l0c2kgQ0ExETAPBgNVBAMMCGl0c2ku
|
|
7
|
-
ZnlpMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqGdC9Vi1r7ARvqSkPXkAgiV5
|
|
8
|
-
gn2MMTeEafagrWT7G1onSh/G+Qstxl61kfFNLOTiy6NSgAtKG+gfveCTo0Pcz6NT
|
|
9
|
-
MFEwHQYDVR0OBBYEFN7zzDodmiK2VAzLDydDvb6Er+U+MB8GA1UdIwQYMBaAFN7z
|
|
10
|
-
zDodmiK2VAzLDydDvb6Er+U+MA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwID
|
|
11
|
-
SAAwRQIhAP8q3PiwqTwCbRvYvvetxH39mAce1mfQMosb33ns228VAiBXdb+p9s0o
|
|
12
|
-
5ug5g9/MTvrIPI7GgolXCWZunkouy0LSrw==
|
|
13
|
-
-----END CERTIFICATE-----
|
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
-----BEGIN CERTIFICATE-----
|
|
2
|
-
MIIB9TCCAZugAwIBAgIUMpQtAScU2Ow9c1Xy/0b/kS/BuwcwCgYIKoZIzj0EAwIw
|
|
3
|
-
UDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBEl0c2kxDTALBgNVBAcMBEl0c2kxEDAO
|
|
4
|
-
BgNVBAoMB0l0c2kgQ0ExETAPBgNVBAMMCGl0c2kuZnlpMB4XDTI1MDMwMzIwMjg1
|
|
5
|
-
N1oXDTM1MDMwMTIwMjg1N1owUDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBEl0c2kx
|
|
6
|
-
DTALBgNVBAcMBEl0c2kxEDAOBgNVBAoMB0l0c2kgQ0ExETAPBgNVBAMMCGl0c2ku
|
|
7
|
-
ZnlpMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqGdC9Vi1r7ARvqSkPXkAgiV5
|
|
8
|
-
gn2MMTeEafagrWT7G1onSh/G+Qstxl61kfFNLOTiy6NSgAtKG+gfveCTo0Pcz6NT
|
|
9
|
-
MFEwHQYDVR0OBBYEFN7zzDodmiK2VAzLDydDvb6Er+U+MB8GA1UdIwQYMBaAFN7z
|
|
10
|
-
zDodmiK2VAzLDydDvb6Er+U+MA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwID
|
|
11
|
-
SAAwRQIhAP8q3PiwqTwCbRvYvvetxH39mAce1mfQMosb33ns228VAiBXdb+p9s0o
|
|
12
|
-
5ug5g9/MTvrIPI7GgolXCWZunkouy0LSrw==
|
|
13
|
-
-----END CERTIFICATE-----
|