logstash-input-http 3.4.5-java → 3.6.0-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/VERSION +1 -1
- data/docs/index.asciidoc +47 -14
- data/lib/logstash/inputs/http/tls.rb +2 -1
- data/lib/logstash/inputs/http.rb +62 -29
- data/lib/logstash-input-http_jars.rb +1 -1
- data/logstash-input-http.gemspec +1 -1
- data/spec/fixtures/certs/generate.sh +40 -0
- data/spec/fixtures/certs/generated/README.txt +2 -0
- data/spec/fixtures/certs/generated/client_from_root.crt +35 -0
- data/spec/fixtures/certs/generated/client_from_root.jks +0 -0
- data/spec/fixtures/certs/generated/client_from_root.key +51 -0
- data/spec/fixtures/certs/generated/client_from_root.key.pkcs8 +52 -0
- data/spec/fixtures/certs/generated/client_from_root.p12 +0 -0
- data/spec/fixtures/certs/generated/root.crt +32 -0
- data/spec/fixtures/certs/generated/root.key +51 -0
- data/spec/fixtures/certs/generated/root.key.pkcs8 +52 -0
- data/spec/fixtures/certs/generated/server_from_root.crt +37 -0
- data/spec/fixtures/certs/generated/server_from_root.key +51 -0
- data/spec/fixtures/certs/generated/server_from_root.key.pkcs8 +52 -0
- data/spec/fixtures/certs/openssl.cnf +47 -0
- data/spec/inputs/http_spec.rb +243 -29
- data/vendor/jar-dependencies/org/logstash/plugins/input/http/logstash-input-http/{3.4.5/logstash-input-http-3.4.5.jar → 3.6.0/logstash-input-http-3.6.0.jar} +0 -0
- metadata +31 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: aa318266e4bda14335b9ff0a9334d984e0a52cecaefa7037a064aef4e8df7015
|
|
4
|
+
data.tar.gz: efe4a565498fda944f2b2e9a91813a2ecc70ed9b4a89bae7ba2730221eef8549
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b52359e3a884877733f41ce7885bba97dc578db0c4fbdf708a498a13cc06a38efc319b2e72f5f788d6287f0c8a33f419a811e01776661e1eea313682948439d7
|
|
7
|
+
data.tar.gz: e953789900e9f5d98593c3d83ad1d100b83433abf109a708c90c2eb04291d18f1339419a6f498a830103ba894bac03a02944094495873260a9cfab9c1c8ae666
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,12 @@
|
|
|
1
|
+
## 3.6.0
|
|
2
|
+
- Feat: review and deprecate ssl protocol/cipher related settings [#151](https://github.com/logstash-plugins/logstash-input-http/pull/151)
|
|
3
|
+
|
|
4
|
+
## 3.5.1
|
|
5
|
+
- Fix: codecs provided with `additional_codecs` now correctly run in the pipeline's context, which means that they respect the `pipeline.ecs_compatibility` setting [#152](https://github.com/logstash-plugins/logstash-input-http/pull/152)
|
|
6
|
+
|
|
7
|
+
## 3.5.0
|
|
8
|
+
- Feat: TLSv1.3 support [#146](https://github.com/logstash-plugins/logstash-input-http/pull/146)
|
|
9
|
+
|
|
1
10
|
## 3.4.5
|
|
2
11
|
- Build: do not package log4j-api dependency [#149](https://github.com/logstash-plugins/logstash-input-http/pull/149).
|
|
3
12
|
Logstash provides the log4j framework and the dependency is not needed except testing and compiling.
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
3.
|
|
1
|
+
3.6.0
|
data/docs/index.asciidoc
CHANGED
|
@@ -104,9 +104,11 @@ This plugin supports the following configuration options plus the <<plugins-{typ
|
|
|
104
104
|
| <<plugins-{type}s-{plugin}-ssl>> |<<boolean,boolean>>|No
|
|
105
105
|
| <<plugins-{type}s-{plugin}-ssl_certificate>> |a valid filesystem path|No
|
|
106
106
|
| <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> |<<array,array>>|No
|
|
107
|
+
| <<plugins-{type}s-{plugin}-ssl_cipher_suites>> |<<array,array>>|No
|
|
107
108
|
| <<plugins-{type}s-{plugin}-ssl_handshake_timeout>> |<<number,number>>|No
|
|
108
109
|
| <<plugins-{type}s-{plugin}-ssl_key>> |a valid filesystem path|No
|
|
109
110
|
| <<plugins-{type}s-{plugin}-ssl_key_passphrase>> |<<password,password>>|No
|
|
111
|
+
| <<plugins-{type}s-{plugin}-ssl_supported_protocols>> |<<array,array>>|No
|
|
110
112
|
| <<plugins-{type}s-{plugin}-ssl_verify_mode>> |<<string,string>>, one of `["none", "peer", "force_peer"]`|No
|
|
111
113
|
| <<plugins-{type}s-{plugin}-threads>> |<<number,number>>|No
|
|
112
114
|
| <<plugins-{type}s-{plugin}-tls_max_version>> |<<number,number>>|No
|
|
@@ -134,17 +136,20 @@ and no codec for the request's content-type is found
|
|
|
134
136
|
===== `cipher_suites`
|
|
135
137
|
|
|
136
138
|
* Value type is <<array,array>>
|
|
137
|
-
*
|
|
139
|
+
* This option is deprecated
|
|
140
|
+
|
|
141
|
+
The list of cipher suites to use, listed by priorities.
|
|
138
142
|
|
|
139
|
-
|
|
143
|
+
NOTE: This option is deprecated and it will be removed in the next major version of Logstash.
|
|
144
|
+
Use `ssl_cipher_suites` instead.
|
|
140
145
|
|
|
141
146
|
[id="plugins-{type}s-{plugin}-ecs_compatibility"]
|
|
142
147
|
===== `ecs_compatibility`
|
|
143
148
|
|
|
144
|
-
* Value type is <<string,string>>
|
|
145
|
-
* Supported values are:
|
|
146
|
-
** `disabled`: unstructured connection metadata added at root level
|
|
147
|
-
** `v1`,`v8`: headers added under `[@metadata][http][header]`. Some are copied to structured ECS fields `http`, `url`, `user_agent` and `host`
|
|
149
|
+
* Value type is <<string,string>>
|
|
150
|
+
* Supported values are:
|
|
151
|
+
** `disabled`: unstructured connection metadata added at root level
|
|
152
|
+
** `v1`,`v8`: headers added under `[@metadata][http][header]`. Some are copied to structured ECS fields `http`, `url`, `user_agent` and `host`
|
|
148
153
|
|
|
149
154
|
Controls this plugin's compatibility with the
|
|
150
155
|
{ecs-ref}[Elastic Common Schema (ECS)].
|
|
@@ -342,6 +347,17 @@ be read and added to the trust store. You need to configure the `ssl_verify_mode
|
|
|
342
347
|
to `peer` or `force_peer` to enable the verification.
|
|
343
348
|
|
|
344
349
|
|
|
350
|
+
[id="plugins-{type}s-{plugin}-ssl_cipher_suites"]
|
|
351
|
+
===== `ssl_cipher_suites`
|
|
352
|
+
|
|
353
|
+
* Value type is <<array,array>>
|
|
354
|
+
* Default value is `['TLS_AES_256_GCM_SHA384', 'TLS_AES_128_GCM_SHA256', 'TLS_CHACHA20_POLY1305_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384', 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384', 'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256', 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256', 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384', 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384', 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256']`
|
|
355
|
+
|
|
356
|
+
The list of cipher suites to use, listed by priorities.
|
|
357
|
+
This default list applies for OpenJDK 11.0.14 and higher.
|
|
358
|
+
For older JDK versions, the default list includes only suites supported by that version.
|
|
359
|
+
For example, the ChaCha20 family of ciphers is not supported in older versions.
|
|
360
|
+
|
|
345
361
|
[id="plugins-{type}s-{plugin}-ssl_handshake_timeout"]
|
|
346
362
|
===== `ssl_handshake_timeout`
|
|
347
363
|
|
|
@@ -357,7 +373,7 @@ Time in milliseconds for an incomplete ssl handshake to timeout
|
|
|
357
373
|
* There is no default value for this setting.
|
|
358
374
|
|
|
359
375
|
SSL key to use.
|
|
360
|
-
NOTE: This key need to be in the PKCS8 format, you can convert it with https://www.openssl.org/docs/man1.1.
|
|
376
|
+
NOTE: This key need to be in the PKCS8 format, you can convert it with https://www.openssl.org/docs/man1.1.1/man1/openssl-pkcs8.html[OpenSSL]
|
|
361
377
|
for more information.
|
|
362
378
|
|
|
363
379
|
[id="plugins-{type}s-{plugin}-ssl_key_passphrase"]
|
|
@@ -368,6 +384,23 @@ for more information.
|
|
|
368
384
|
|
|
369
385
|
SSL key passphrase to use.
|
|
370
386
|
|
|
387
|
+
[id="plugins-{type}s-{plugin}-ssl_supported_protocols"]
|
|
388
|
+
===== `ssl_supported_protocols`
|
|
389
|
+
|
|
390
|
+
* Value type is <<array,array>>
|
|
391
|
+
* Allowed values are: `'TLSv1.1'`, `'TLSv1.2'`, `'TLSv1.3'`
|
|
392
|
+
* Default depends on the JDK being used. With up-to-date Logstash, the default is `['TLSv1.2', 'TLSv1.3']`.
|
|
393
|
+
`'TLSv1.1'` is not considered secure and is only provided for legacy applications.
|
|
394
|
+
|
|
395
|
+
List of allowed SSL/TLS versions to use when establishing a connection to the HTTP endpoint.
|
|
396
|
+
|
|
397
|
+
For Java 8 `'TLSv1.3'` is supported only since **8u262** (AdoptOpenJDK), but requires that you set the
|
|
398
|
+
`LS_JAVA_OPTS="-Djdk.tls.client.protocols=TLSv1.3"` system property in Logstash.
|
|
399
|
+
|
|
400
|
+
NOTE: If you configure the plugin to use `'TLSv1.1'` on any recent JVM, such as the one packaged with Logstash,
|
|
401
|
+
the protocol is disabled by default and needs to be enabled manually by changing `jdk.tls.disabledAlgorithms` in
|
|
402
|
+
the *$JDK_HOME/conf/security/java.security* configuration file. That is, `TLSv1.1` needs to be removed from the list.
|
|
403
|
+
|
|
371
404
|
[id="plugins-{type}s-{plugin}-ssl_verify_mode"]
|
|
372
405
|
===== `ssl_verify_mode`
|
|
373
406
|
|
|
@@ -396,19 +429,19 @@ Number of threads to use for both accepting connections and handling requests
|
|
|
396
429
|
===== `tls_max_version`
|
|
397
430
|
|
|
398
431
|
* Value type is <<number,number>>
|
|
399
|
-
*
|
|
432
|
+
* This option is deprecated
|
|
400
433
|
|
|
401
|
-
The maximum TLS version allowed for the encrypted connections.
|
|
402
|
-
1.
|
|
434
|
+
The maximum TLS version allowed for the encrypted connections.
|
|
435
|
+
The value must be the one of the following: 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLSv1.3
|
|
403
436
|
|
|
404
437
|
[id="plugins-{type}s-{plugin}-tls_min_version"]
|
|
405
438
|
===== `tls_min_version`
|
|
406
439
|
|
|
407
440
|
* Value type is <<number,number>>
|
|
408
|
-
*
|
|
441
|
+
* This option is deprecated
|
|
409
442
|
|
|
410
|
-
The minimum TLS version allowed for the encrypted connections.
|
|
411
|
-
1.
|
|
443
|
+
The minimum TLS version allowed for the encrypted connections.
|
|
444
|
+
The value must be one of the following: 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLSv1.3
|
|
412
445
|
|
|
413
446
|
[id="plugins-{type}s-{plugin}-user"]
|
|
414
447
|
===== `user`
|
|
@@ -427,7 +460,7 @@ Username for basic authorization
|
|
|
427
460
|
|
|
428
461
|
Set the client certificate verification method. Valid methods: none, peer, force_peer
|
|
429
462
|
|
|
430
|
-
|
|
463
|
+
NOTE: This option is deprecated and it will be removed in the next major version of Logstash.
|
|
431
464
|
Use `ssl_verify_mode` instead.
|
|
432
465
|
|
|
433
466
|
|
data/lib/logstash/inputs/http.rb
CHANGED
|
@@ -30,6 +30,7 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
30
30
|
require "logstash/inputs/http/tls"
|
|
31
31
|
|
|
32
32
|
java_import "io.netty.handler.codec.http.HttpUtil"
|
|
33
|
+
java_import 'org.logstash.plugins.inputs.http.util.SslSimpleBuilder'
|
|
33
34
|
|
|
34
35
|
config_name "http"
|
|
35
36
|
|
|
@@ -86,16 +87,11 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
86
87
|
# Time in milliseconds for an incomplete ssl handshake to timeout
|
|
87
88
|
config :ssl_handshake_timeout, :validate => :number, :default => 10000
|
|
88
89
|
|
|
89
|
-
# The minimum TLS version allowed for the encrypted connections. The value must be one of the following:
|
|
90
|
-
# 1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2
|
|
91
|
-
config :tls_min_version, :validate => :number, :default => TLS.min.version
|
|
92
|
-
|
|
93
|
-
# The maximum TLS version allowed for the encrypted connections. The value must be the one of the following:
|
|
94
|
-
# 1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2
|
|
95
|
-
config :tls_max_version, :validate => :number, :default => TLS.max.version
|
|
96
|
-
|
|
97
90
|
# The list of ciphers suite to use, listed by priorities.
|
|
98
|
-
config :
|
|
91
|
+
config :ssl_cipher_suites, :validate => SslSimpleBuilder::SUPPORTED_CIPHERS.to_a,
|
|
92
|
+
:default => SslSimpleBuilder.getDefaultCiphers, :list => true
|
|
93
|
+
|
|
94
|
+
config :ssl_supported_protocols, :validate => ['TLSv1.1', 'TLSv1.2', 'TLSv1.3'], :default => ['TLSv1.2', 'TLSv1.3'], :list => true
|
|
99
95
|
|
|
100
96
|
# Apply specific codecs for specific content types.
|
|
101
97
|
# The default codec will be applied only after this list is checked
|
|
@@ -118,14 +114,25 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
118
114
|
config :max_content_length, :validate => :number, :required => false, :default => 100 * 1024 * 1024
|
|
119
115
|
|
|
120
116
|
config :response_code, :validate => [200, 201, 202, 204], :default => 200
|
|
117
|
+
|
|
121
118
|
# Deprecated options
|
|
122
119
|
|
|
123
120
|
# The JKS keystore to validate the client's certificates
|
|
124
121
|
config :keystore, :validate => :path, :deprecated => "Set 'ssl_certificate' and 'ssl_key' instead."
|
|
125
122
|
config :keystore_password, :validate => :password, :deprecated => "Set 'ssl_key_passphrase' instead."
|
|
126
123
|
|
|
127
|
-
config :verify_mode, :validate => ['none', 'peer', 'force_peer'], :default => 'none',
|
|
128
|
-
|
|
124
|
+
config :verify_mode, :validate => ['none', 'peer', 'force_peer'], :default => 'none', :deprecated => "Set 'ssl_verify_mode' instead."
|
|
125
|
+
config :cipher_suites, :validate => :array, :default => [], :deprecated => "Set 'ssl_cipher_suites' instead."
|
|
126
|
+
|
|
127
|
+
# The minimum TLS version allowed for the encrypted connections. The value must be one of the following:
|
|
128
|
+
# 1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLS 1.3
|
|
129
|
+
config :tls_min_version, :validate => :number, :default => TLS.min.version, :deprecated => "Set 'ssl_supported_protocols' instead."
|
|
130
|
+
|
|
131
|
+
# The maximum TLS version allowed for the encrypted connections. The value must be the one of the following:
|
|
132
|
+
# 1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLS 1.3
|
|
133
|
+
config :tls_max_version, :validate => :number, :default => TLS.max.version, :deprecated => "Set 'ssl_supported_protocols' instead."
|
|
134
|
+
|
|
135
|
+
attr_reader :codecs
|
|
129
136
|
|
|
130
137
|
public
|
|
131
138
|
def register
|
|
@@ -140,7 +147,7 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
140
147
|
@codecs = Hash.new
|
|
141
148
|
|
|
142
149
|
@additional_codecs.each do |content_type, codec|
|
|
143
|
-
@codecs[content_type] =
|
|
150
|
+
@codecs[content_type] = initialize_codec(codec)
|
|
144
151
|
end
|
|
145
152
|
|
|
146
153
|
require "logstash/inputs/http/message_handler"
|
|
@@ -231,24 +238,45 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
231
238
|
@logger.warn("SSL Certificate will not be used") if @ssl_certificate
|
|
232
239
|
@logger.warn("SSL Key will not be used") if @ssl_key
|
|
233
240
|
@logger.warn("SSL Java Key Store will not be used") if @keystore
|
|
234
|
-
|
|
241
|
+
return # code bellow assumes `ssl => true`
|
|
242
|
+
end
|
|
243
|
+
|
|
244
|
+
if !(ssl_key_configured? || ssl_jks_configured?)
|
|
235
245
|
raise LogStash::ConfigurationError, "Certificate or JKS must be configured"
|
|
236
246
|
end
|
|
237
247
|
|
|
238
|
-
if
|
|
239
|
-
|
|
248
|
+
if original_params.key?("verify_mode") && original_params.key?("ssl_verify_mode")
|
|
249
|
+
raise LogStash::ConfigurationError, "Both `ssl_verify_mode` and (deprecated) `verify_mode` were set. Use only `ssl_verify_mode`."
|
|
240
250
|
elsif original_params.key?("verify_mode")
|
|
241
251
|
@ssl_verify_mode_final = @verify_mode
|
|
242
|
-
elsif original_params.key?("ssl_verify_mode")
|
|
243
|
-
@ssl_verify_mode_final = @ssl_verify_mode
|
|
244
252
|
else
|
|
245
253
|
@ssl_verify_mode_final = @ssl_verify_mode
|
|
246
254
|
end
|
|
247
255
|
|
|
248
|
-
if
|
|
249
|
-
raise LogStash::ConfigurationError, "
|
|
250
|
-
elsif
|
|
251
|
-
|
|
256
|
+
if original_params.key?('cipher_suites') && original_params.key?('ssl_cipher_suites')
|
|
257
|
+
raise LogStash::ConfigurationError, "Both `ssl_cipher_suites` and (deprecated) `cipher_suites` were set. Use only `ssl_cipher_suites`."
|
|
258
|
+
elsif original_params.key?('cipher_suites')
|
|
259
|
+
@ssl_cipher_suites_final = @cipher_suites
|
|
260
|
+
else
|
|
261
|
+
@ssl_cipher_suites_final = @ssl_cipher_suites
|
|
262
|
+
end
|
|
263
|
+
|
|
264
|
+
if original_params.key?('tls_min_version') && original_params.key?('ssl_supported_protocols')
|
|
265
|
+
raise LogStash::ConfigurationError, "Both `ssl_supported_protocols` and (deprecated) `tls_min_ciphers` were set. Use only `ssl_supported_protocols`."
|
|
266
|
+
elsif original_params.key?('tls_max_version') && original_params.key?('ssl_supported_protocols')
|
|
267
|
+
raise LogStash::ConfigurationError, "Both `ssl_supported_protocols` and (deprecated) `tls_max_ciphers` were set. Use only `ssl_supported_protocols`."
|
|
268
|
+
else
|
|
269
|
+
if original_params.key?('tls_min_version') || original_params.key?('tls_max_version')
|
|
270
|
+
@ssl_supported_protocols_final = TLS.get_supported(tls_min_version..tls_max_version).map(&:name)
|
|
271
|
+
else
|
|
272
|
+
@ssl_supported_protocols_final = @ssl_supported_protocols
|
|
273
|
+
end
|
|
274
|
+
end
|
|
275
|
+
|
|
276
|
+
if require_certificate_authorities? && !client_authentication?
|
|
277
|
+
raise LogStash::ConfigurationError, "Using `ssl_verify_mode` (or `verify_mode`) set to PEER or FORCE_PEER, requires the configuration of `ssl_certificate_authorities`"
|
|
278
|
+
elsif !require_certificate_authorities? && client_authentication?
|
|
279
|
+
raise LogStash::ConfigurationError, "The configuration of `ssl_certificate_authorities` requires setting `ssl_verify_mode` (or `verify_mode`) to PEER or FORCE_PEER"
|
|
252
280
|
end
|
|
253
281
|
end
|
|
254
282
|
|
|
@@ -266,7 +294,7 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
266
294
|
begin
|
|
267
295
|
ssl_builder = org.logstash.plugins.inputs.http.util.SslSimpleBuilder
|
|
268
296
|
.new(@ssl_certificate, @ssl_key, @ssl_key_passphrase.nil? ? nil : @ssl_key_passphrase.value)
|
|
269
|
-
.setCipherSuites(
|
|
297
|
+
.setCipherSuites(normalized_cipher_suites)
|
|
270
298
|
rescue java.lang.IllegalArgumentException => e
|
|
271
299
|
@logger.error("SSL configuration invalid", error_details(e))
|
|
272
300
|
raise LogStash::ConfigurationError, e
|
|
@@ -298,19 +326,15 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
298
326
|
|
|
299
327
|
private
|
|
300
328
|
|
|
301
|
-
def
|
|
302
|
-
@
|
|
303
|
-
end
|
|
304
|
-
|
|
305
|
-
def convert_protocols
|
|
306
|
-
TLS.get_supported(@tls_min_version..@tls_max_version).map(&:name)
|
|
329
|
+
def normalized_cipher_suites
|
|
330
|
+
@ssl_cipher_suites_final.map(&:upcase)
|
|
307
331
|
end
|
|
308
332
|
|
|
309
333
|
def new_ssl_handshake_provider(ssl_builder)
|
|
310
334
|
begin
|
|
311
335
|
ssl_handler_provider = org.logstash.plugins.inputs.http.util.SslHandlerProvider.new(ssl_builder.build())
|
|
312
336
|
ssl_handler_provider.setVerifyMode(@ssl_verify_mode_final.upcase)
|
|
313
|
-
ssl_handler_provider.setProtocols(
|
|
337
|
+
ssl_handler_provider.setProtocols(@ssl_supported_protocols_final)
|
|
314
338
|
ssl_handler_provider.setHandshakeTimeoutMilliseconds(@ssl_handshake_timeout)
|
|
315
339
|
ssl_handler_provider
|
|
316
340
|
rescue java.lang.IllegalArgumentException => e
|
|
@@ -333,4 +357,13 @@ class LogStash::Inputs::Http < LogStash::Inputs::Base
|
|
|
333
357
|
error_details
|
|
334
358
|
end
|
|
335
359
|
|
|
360
|
+
def initialize_codec(codec_name)
|
|
361
|
+
codec_klass = LogStash::Plugin.lookup("codec", codec_name)
|
|
362
|
+
if defined?(::LogStash::Plugins::Contextualizer)
|
|
363
|
+
::LogStash::Plugins::Contextualizer.initialize_plugin(execution_context, codec_klass)
|
|
364
|
+
else
|
|
365
|
+
codec_klass.new
|
|
366
|
+
end
|
|
367
|
+
end
|
|
368
|
+
|
|
336
369
|
end # class LogStash::Inputs::Http
|
data/logstash-input-http.gemspec
CHANGED
|
@@ -2,7 +2,7 @@ HTTP_INPUT_VERSION = File.read(File.expand_path(File.join(File.dirname(__FILE__)
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = 'logstash-input-http'
|
|
5
|
-
s.version
|
|
5
|
+
s.version = HTTP_INPUT_VERSION
|
|
6
6
|
s.licenses = ['Apache License (2.0)']
|
|
7
7
|
s.summary = "Receives events over HTTP or HTTPS"
|
|
8
8
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
# warning: do not use the certificates produced by this tool in production.
|
|
2
|
+
# This is for testing purposes only
|
|
3
|
+
set -e
|
|
4
|
+
|
|
5
|
+
rm -rf generated
|
|
6
|
+
mkdir generated
|
|
7
|
+
cd generated
|
|
8
|
+
|
|
9
|
+
echo "GENERATED CERTIFICATES FOR TESTING ONLY." >> ./README.txt
|
|
10
|
+
echo "DO NOT USE THESE CERTIFICATES IN PRODUCTION" >> ./README.txt
|
|
11
|
+
|
|
12
|
+
# certificate authority
|
|
13
|
+
openssl genrsa -out root.key 4096
|
|
14
|
+
openssl req -new -x509 -days 1826 -extensions ca -key root.key -out root.crt -subj "/C=LS/ST=NA/L=Http Input/O=Logstash/CN=root" -config ../openssl.cnf
|
|
15
|
+
|
|
16
|
+
# server certificate from root
|
|
17
|
+
openssl genrsa -out server_from_root.key 4096
|
|
18
|
+
openssl req -new -key server_from_root.key -out server_from_root.csr -subj "/C=LS/ST=NA/L=Http Input/O=Logstash/CN=server" -config ../openssl.cnf
|
|
19
|
+
openssl x509 -req -extensions server_cert -extfile ../openssl.cnf -days 1096 -in server_from_root.csr -CA root.crt -CAkey root.key -set_serial 03 -out server_from_root.crt
|
|
20
|
+
|
|
21
|
+
# client certificate from root
|
|
22
|
+
openssl genrsa -out client_from_root.key 4096
|
|
23
|
+
openssl req -new -key client_from_root.key -out client_from_root.csr -subj "/C=LS/ST=NA/L=Http Input/O=Logstash/CN=client" -config ../openssl.cnf
|
|
24
|
+
openssl x509 -req -extensions client_cert -extfile ../openssl.cnf -days 1096 -in client_from_root.csr -CA root.crt -CAkey root.key -set_serial 04 -out client_from_root.crt
|
|
25
|
+
|
|
26
|
+
# verify :allthethings
|
|
27
|
+
openssl verify -CAfile root.crt server_from_root.crt
|
|
28
|
+
|
|
29
|
+
# create pkcs8 versions of all keys
|
|
30
|
+
openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in client_from_root.key -out client_from_root.key.pkcs8
|
|
31
|
+
openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in server_from_root.key -out server_from_root.key.pkcs8
|
|
32
|
+
|
|
33
|
+
# create pkcs12 keystores (pass:12345678)
|
|
34
|
+
openssl pkcs12 -export -in client_from_root.crt -inkey client_from_root.key -out client_from_root.p12 -name "client_from_root" -passout 'pass:12345678'
|
|
35
|
+
|
|
36
|
+
# use java keytool to convert all pkcs12 keystores to jks-format keystores (pass:12345678)
|
|
37
|
+
keytool -importkeystore -srckeystore client_from_root.p12 -srcstoretype pkcs12 -srcstorepass 12345678 -destkeystore client_from_root.jks -deststorepass 12345678 -alias client_from_root
|
|
38
|
+
|
|
39
|
+
# cleanup csr, we don't need them
|
|
40
|
+
rm -rf *.csr
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIGATCCA+mgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBRMQswCQYDVQQGEwJMUzEL
|
|
3
|
+
MAkGA1UECAwCTkExEzARBgNVBAcMCkh0dHAgSW5wdXQxETAPBgNVBAoMCExvZ3N0
|
|
4
|
+
YXNoMQ0wCwYDVQQDDARyb290MB4XDTIxMTEyNDEwMjEzMloXDTI0MTEyNDEwMjEz
|
|
5
|
+
MlowUzELMAkGA1UEBhMCTFMxCzAJBgNVBAgMAk5BMRMwEQYDVQQHDApIdHRwIElu
|
|
6
|
+
cHV0MREwDwYDVQQKDAhMb2dzdGFzaDEPMA0GA1UEAwwGY2xpZW50MIICIjANBgkq
|
|
7
|
+
hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzz7tc52SXN84bP8/009HnfkDMGhqvNgi
|
|
8
|
+
oO+kza7PT1O7jcA3i0hh1r2N4xUIllc3cSvcfFK/sw8mAFPGE6lMIPAWHnsFipd1
|
|
9
|
+
6rrk7jIVEgBE7ZUYuqWRRQ7ULV1a3LTxCn7XUrtk1bbrLgPRcoUev81L19AQZQ6R
|
|
10
|
+
DGv9MyFE2X71lvchj09eLh4RcR7/5Myj6ODtz5mYOIn8hqAaYCa6Zu0A54WbQd4p
|
|
11
|
+
xc/iuEQqpUJNcXdVJyNAzhDQq/oMImWgWs/nuMIrCV0WXttGsOnztxsftytsNtnP
|
|
12
|
+
SOBuULhRdDrkV16u7zMftANBWdoWIcdbc6ipr17ZrqySmioSWHk5YcsRwP6Em9Hq
|
|
13
|
+
SHgNXSDkb3+TPQX/XG2cmaPI+a8yTvgV1igMbzDYEznfqOhNG/28jTGo36iMt+R1
|
|
14
|
+
ZrDWoIxRqSKq7WAiGmnKZKiy4xV4Ze3zekx7xse/S/OxmWvOCYN0+aLFgxNuizX5
|
|
15
|
+
PpY6PhwJ/+I5JpbH2pXwuPsFMAyt5vwmcrS6k7O3vvUml7mwHQVQTqrNEvPHDwxe
|
|
16
|
+
H6n2LiW7Bbana12rkdMU5mXwBMMTVz1sjOZnzM1M+JEoce3UXfGuflhG7amOhPJf
|
|
17
|
+
Aj7vMR6kilzATFjmx1hdqqHzNARkeuxLhUzpdgKnk3nEmYPKx1MB7Y4FvpSEoTPV
|
|
18
|
+
K3rPkMHQm6UCAwEAAaOB4TCB3jAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIF
|
|
19
|
+
oDAzBglghkgBhvhCAQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQgQ2xpZW50IENlcnRp
|
|
20
|
+
ZmljYXRlMB0GA1UdDgQWBBTXHNdFAtzeVD56PI6/Mu/wVzDCyzAfBgNVHSMEGDAW
|
|
21
|
+
gBSn18dv3u0R/O/LDPC7h+wHlcpFqDAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYw
|
|
22
|
+
FAYIKwYBBQUHAwIGCCsGAQUFBwMEMBoGA1UdEQQTMBGCCWxvY2FsaG9zdIcEfwAA
|
|
23
|
+
ATANBgkqhkiG9w0BAQsFAAOCAgEAE23qZ7HfFubCXYCzGxTq+zzMAId5rUn8Cnav
|
|
24
|
+
9eEGdofjkRRHJnW1yM8AmblbwxM8fs6SrQtujhGNFWEsGuXDoFFG6ID06eFsC1yC
|
|
25
|
+
RpKme0PRsKruBn8Na5Z2jeZ0SWKvW+1ZlvosMhQQh6QaNf7VTNVizJD+J34QxFeH
|
|
26
|
+
N66/Fh8/sh0ZooFy791japEtec8HJIBHNPrJprqYnzosKTRnYSLJpiCP9ksordMS
|
|
27
|
+
rTHWGDRnUXu1ggWanopt5wZfICG92gi8rROEk4fwFUy93E+WEzv8XCXpRxZqhdJf
|
|
28
|
+
V+jPoUHo4ZOnM8uFna5Y/o+DiVOdPXgn9xspe5qhEvU8upsvKRVNlfAXVGWjiG13
|
|
29
|
+
ZdR3PvGITplFhNkBAuPIf1Z/xTF0e8JzQSSC2CtThGuCJz9uSB6zpnxjODKxAqFX
|
|
30
|
+
IbbH8Tnf8q6nEJm0RbMOyAc/HvX2eei1TV1XD9StL/M/2n0bCn/+s4peT4/qOy2T
|
|
31
|
+
zqQYTe45RknishUiMiv00//W5LNImjb0THHxQ1kQxi7Tlk0dZ5CPUjMfBVCt+Gdo
|
|
32
|
+
EQMjeGjvjfRvKtGzhtMDmkA3Oc8iOiaaR7mSU+ZjslDlRYnPKicbls673ttL3rx8
|
|
33
|
+
R//PwWeZcBWkbowOYNJnjaiySpoO3WVEGMA8mUw4SEtlga6760cN4+e4pKnzo1sR
|
|
34
|
+
P1W1gRQ=
|
|
35
|
+
-----END CERTIFICATE-----
|
|
Binary file
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
|
2
|
+
MIIJKAIBAAKCAgEAzz7tc52SXN84bP8/009HnfkDMGhqvNgioO+kza7PT1O7jcA3
|
|
3
|
+
i0hh1r2N4xUIllc3cSvcfFK/sw8mAFPGE6lMIPAWHnsFipd16rrk7jIVEgBE7ZUY
|
|
4
|
+
uqWRRQ7ULV1a3LTxCn7XUrtk1bbrLgPRcoUev81L19AQZQ6RDGv9MyFE2X71lvch
|
|
5
|
+
j09eLh4RcR7/5Myj6ODtz5mYOIn8hqAaYCa6Zu0A54WbQd4pxc/iuEQqpUJNcXdV
|
|
6
|
+
JyNAzhDQq/oMImWgWs/nuMIrCV0WXttGsOnztxsftytsNtnPSOBuULhRdDrkV16u
|
|
7
|
+
7zMftANBWdoWIcdbc6ipr17ZrqySmioSWHk5YcsRwP6Em9HqSHgNXSDkb3+TPQX/
|
|
8
|
+
XG2cmaPI+a8yTvgV1igMbzDYEznfqOhNG/28jTGo36iMt+R1ZrDWoIxRqSKq7WAi
|
|
9
|
+
GmnKZKiy4xV4Ze3zekx7xse/S/OxmWvOCYN0+aLFgxNuizX5PpY6PhwJ/+I5JpbH
|
|
10
|
+
2pXwuPsFMAyt5vwmcrS6k7O3vvUml7mwHQVQTqrNEvPHDwxeH6n2LiW7Bbana12r
|
|
11
|
+
kdMU5mXwBMMTVz1sjOZnzM1M+JEoce3UXfGuflhG7amOhPJfAj7vMR6kilzATFjm
|
|
12
|
+
x1hdqqHzNARkeuxLhUzpdgKnk3nEmYPKx1MB7Y4FvpSEoTPVK3rPkMHQm6UCAwEA
|
|
13
|
+
AQKCAgBbiP2zvPryTh1L9wknubJ2EY/ZB6VtN0FEN9RgjD9AWElUeHuP5y5ffGV4
|
|
14
|
+
0Md0L51rPOYrexj0a1JrfpTUBkh7m88JM2jlJ7SLMnT+x9wKkVfgX6QGfC5HhB8u
|
|
15
|
+
0jbZmImGCzPrdJ06z4ncTw9pN2a3bGN9NIapO9/QzrmMpbsVHUA3p3uJIpMEZ39o
|
|
16
|
+
qTp4wfH7X61prftPrZJ9m6VKppBZ+YAWwioq04c7uW/31xPG3hv6a6yOlsF+wmqI
|
|
17
|
+
Ku7FGoHS2lUMg6Yigpzo1IzKguqEC1TcwC8Rou4s0AOpX1+KqKBF/qnhOIFeLrnk
|
|
18
|
+
h7CSxsybrvkTXh9jSRGPSdnEffZbcZtw9XagD+fg6mYrqQH95Tfp83pDEAMtoe5e
|
|
19
|
+
cSGoLbt9c1Et9rtWcosFTxzLTWSOjme5qomsDZxlZpFt5YML14aCgMafMnWLGhwB
|
|
20
|
+
hX9NfdYGJ1Sqit5CM1MCoLAvWfW+5OeR28Wn9n5P3gBsvw+2aPLrdD6EeCJHMq9k
|
|
21
|
+
jDJXJsuWQhbZqapnIGn6kiOqHpQxPf2Q4VkkA6zDbtcy9e9QsKNFFcP4z1p2crBg
|
|
22
|
+
QhVvdLw3tOqoleJZV5Nn7wv0tzHSV4ccyoFl2j3CNFl6qG39J3Xtkm+ecWQyaZYt
|
|
23
|
+
vAF4hK7LsoLbJi2EYLRXsQj9H/LocD7D1AHLgwT0mK0ZwEfRAQKCAQEA7MWkosMJ
|
|
24
|
+
MITK0nsQStNq2UV+BI2Hfou1q65KAQQOgrOgSFmb/rijSSkZknlU20iEBWaJebep
|
|
25
|
+
i9fCzDdJLkjZ6ISzMyxIfhS0//mlYE4Xcz0APcT54tnhQ8n38qId1CkC7K3sViY7
|
|
26
|
+
3ufwr6ALExrRZ/0paNtuLA0bvIIyPXA28DbGThdpjPGS5rCwMWAnT81RWN7uvEyO
|
|
27
|
+
0dt4oCunLgjrP+22NpQbnQvVN6kgW8tPVl8p2w3fRY3JINjRlJDZeACzV1zQ/tVy
|
|
28
|
+
ZlbLsfoMUOsR93Dt+lCZua4Tdt3DCiB3C0yJt05FYqS8ZFJwq0Yoynrdo1bxi9Rt
|
|
29
|
+
dp8S5N+0nu3RIQKCAQEA4BNzZMNYhTO+nNv8/9TIO+lSBFNwVtKB95vlA7OpX0I8
|
|
30
|
+
0W+0eOqy1nf7Df60B58kZ3Dop+VAzIooGmeVkW1+9BVn1b929XwUcvEjhBdWDran
|
|
31
|
+
XMg5ai/JKbrTw2bAPdFcIRDTQZgDz4DlOEQIsbFHIPxumloVXVv824qfLolhgFpS
|
|
32
|
+
y7uYGJ9/tsncdWtbPJNIKCTOxmp7KZyAsaVLpjjK9MVv8poHwTrFv5ziJyoo460/
|
|
33
|
+
hD8L3E4uzXe6ydTzgtYpTfyFwVyvLathx4aVjGWGtdWcvApB6rivFaP6ZRdZGU2n
|
|
34
|
+
9g34mQAumkJzg0XlVJzZulSgVEpkw2prvaG6TezGBQKCAQBi/Z7/jZth9aL2rQz6
|
|
35
|
+
u7mIbU1qieGEPtUNmijGk/OdIYx5sz1NGdTq2YwfeSrJI2BPAbeoc+km1mZTCypF
|
|
36
|
+
d5/jXtetJW6JiA7ElpNV2FBllbNsH9Z5ya4ssVxAzRa7hQn7+hs9SW7umvo98yOu
|
|
37
|
+
MSAr4eRWOqetMy3NeoGWvju54qy2KYOvsbBBUs3XVuQYsTa5eTtG7psnkiK0lIuo
|
|
38
|
+
64GvkKsF1pZU6oWSZ9tnhXD+I3tUYlBevBDC8uNswcKqMWDJvbyDTqotr0wqdOiB
|
|
39
|
+
TEaOtWBJrzkWMHli0QSiT0B2MOHDCa5ot4csSmtgsEyNmyDfEZKba4z4czlrBzx0
|
|
40
|
+
1ekBAoIBABxGmBMpC2yToQQORpjJ8xKMWMsu9EggfEIQrA+Rhlf89cu/+tgfVb32
|
|
41
|
+
mfmkIHetv1xGRTWamli1PmZGl/soBBMs+FNiu9IyfCoc/8xVXYixx+DPa19Y9FuN
|
|
42
|
+
tdc8ihnC54tMojvuwNxYeZRmEWrK4hzpfdOAdp23U+soTPoEYAdgXn5TB9hjmCwq
|
|
43
|
+
wOUYTQUR2NMoAefL3AreMuc34pnxJLtKhtvoT/40Omv5khg7G7nPTOqVQhvkyccn
|
|
44
|
+
yqxZcPkbqU6sBPzngzuSGt6gvxJeZWdgs0yPRs4lzAJBFQHYtmeZAw7rqGk2OqtA
|
|
45
|
+
o273TP8mY9s9fpXkZV67eSkO1YGr1TkCggEBAIQ3aI6TqDd5Wp52IM/beSxhg5+A
|
|
46
|
+
Vt+hI4Gdc0mNLJTm8/l3nd+uQpPVmuVBosfaXQK+IWDLDP4II6qBFUfOD95eK76O
|
|
47
|
+
Y4LJNvO3urQOh56bujnZ1ZgeKeUU36itgtp+YbYUHMSUA9BFlUr0n00POovili/M
|
|
48
|
+
BfHy8pcAB0EvY/B2k00v/Uj8kwbBvu1NNhUDzhUCVQM06b6SqLIA7/UeDHUYnYMJ
|
|
49
|
+
s3w6Eqo8yaHQJkY5DlJfO4JoXe1pZQNm3d2bAQG4vzIbyHFk2yShXTQuV5YNIATh
|
|
50
|
+
cKLW7xpRoDIciZVu6m4aiYw1kABty9UTSk0jKu86RjM0Epb/LnUG1qtSpPI=
|
|
51
|
+
-----END RSA PRIVATE KEY-----
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
-----BEGIN PRIVATE KEY-----
|
|
2
|
+
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDPPu1znZJc3zhs
|
|
3
|
+
/z/TT0ed+QMwaGq82CKg76TNrs9PU7uNwDeLSGHWvY3jFQiWVzdxK9x8Ur+zDyYA
|
|
4
|
+
U8YTqUwg8BYeewWKl3XquuTuMhUSAETtlRi6pZFFDtQtXVrctPEKftdSu2TVtusu
|
|
5
|
+
A9FyhR6/zUvX0BBlDpEMa/0zIUTZfvWW9yGPT14uHhFxHv/kzKPo4O3PmZg4ifyG
|
|
6
|
+
oBpgJrpm7QDnhZtB3inFz+K4RCqlQk1xd1UnI0DOENCr+gwiZaBaz+e4wisJXRZe
|
|
7
|
+
20aw6fO3Gx+3K2w22c9I4G5QuFF0OuRXXq7vMx+0A0FZ2hYhx1tzqKmvXtmurJKa
|
|
8
|
+
KhJYeTlhyxHA/oSb0epIeA1dIORvf5M9Bf9cbZyZo8j5rzJO+BXWKAxvMNgTOd+o
|
|
9
|
+
6E0b/byNMajfqIy35HVmsNagjFGpIqrtYCIaacpkqLLjFXhl7fN6THvGx79L87GZ
|
|
10
|
+
a84Jg3T5osWDE26LNfk+ljo+HAn/4jkmlsfalfC4+wUwDK3m/CZytLqTs7e+9SaX
|
|
11
|
+
ubAdBVBOqs0S88cPDF4fqfYuJbsFtqdrXauR0xTmZfAEwxNXPWyM5mfMzUz4kShx
|
|
12
|
+
7dRd8a5+WEbtqY6E8l8CPu8xHqSKXMBMWObHWF2qofM0BGR67EuFTOl2AqeTecSZ
|
|
13
|
+
g8rHUwHtjgW+lIShM9Ures+QwdCbpQIDAQABAoICAFuI/bO8+vJOHUv3CSe5snYR
|
|
14
|
+
j9kHpW03QUQ31GCMP0BYSVR4e4/nLl98ZXjQx3QvnWs85it7GPRrUmt+lNQGSHub
|
|
15
|
+
zwkzaOUntIsydP7H3AqRV+BfpAZ8LkeEHy7SNtmYiYYLM+t0nTrPidxPD2k3Zrds
|
|
16
|
+
Y300hqk739DOuYyluxUdQDene4kikwRnf2ipOnjB8ftfrWmt+0+tkn2bpUqmkFn5
|
|
17
|
+
gBbCKirThzu5b/fXE8beG/prrI6WwX7Caogq7sUagdLaVQyDpiKCnOjUjMqC6oQL
|
|
18
|
+
VNzALxGi7izQA6lfX4qooEX+qeE4gV4uueSHsJLGzJuu+RNeH2NJEY9J2cR99ltx
|
|
19
|
+
m3D1dqAP5+DqZiupAf3lN+nzekMQAy2h7l5xIagtu31zUS32u1ZyiwVPHMtNZI6O
|
|
20
|
+
Z7mqiawNnGVmkW3lgwvXhoKAxp8ydYsaHAGFf0191gYnVKqK3kIzUwKgsC9Z9b7k
|
|
21
|
+
55Hbxaf2fk/eAGy/D7Zo8ut0PoR4Ikcyr2SMMlcmy5ZCFtmpqmcgafqSI6oelDE9
|
|
22
|
+
/ZDhWSQDrMNu1zL171Cwo0UVw/jPWnZysGBCFW90vDe06qiV4llXk2fvC/S3MdJX
|
|
23
|
+
hxzKgWXaPcI0WXqobf0nde2Sb55xZDJpli28AXiErsuygtsmLYRgtFexCP0f8uhw
|
|
24
|
+
PsPUAcuDBPSYrRnAR9EBAoIBAQDsxaSiwwkwhMrSexBK02rZRX4EjYd+i7WrrkoB
|
|
25
|
+
BA6Cs6BIWZv+uKNJKRmSeVTbSIQFZol5t6mL18LMN0kuSNnohLMzLEh+FLT/+aVg
|
|
26
|
+
ThdzPQA9xPni2eFDyffyoh3UKQLsrexWJjve5/CvoAsTGtFn/Slo224sDRu8gjI9
|
|
27
|
+
cDbwNsZOF2mM8ZLmsLAxYCdPzVFY3u68TI7R23igK6cuCOs/7bY2lBudC9U3qSBb
|
|
28
|
+
y09WXynbDd9Fjckg2NGUkNl4ALNXXND+1XJmVsux+gxQ6xH3cO36UJm5rhN23cMK
|
|
29
|
+
IHcLTIm3TkVipLxkUnCrRijKet2jVvGL1G12nxLk37Se7dEhAoIBAQDgE3Nkw1iF
|
|
30
|
+
M76c2/z/1Mg76VIEU3BW0oH3m+UDs6lfQjzRb7R46rLWd/sN/rQHnyRncOin5UDM
|
|
31
|
+
iigaZ5WRbX70FWfVv3b1fBRy8SOEF1YOtqdcyDlqL8kputPDZsA90VwhENNBmAPP
|
|
32
|
+
gOU4RAixsUcg/G6aWhVdW/zbip8uiWGAWlLLu5gYn3+2ydx1a1s8k0goJM7Gansp
|
|
33
|
+
nICxpUumOMr0xW/ymgfBOsW/nOInKijjrT+EPwvcTi7Nd7rJ1POC1ilN/IXBXK8t
|
|
34
|
+
q2HHhpWMZYa11Zy8CkHquK8Vo/plF1kZTaf2DfiZAC6aQnODReVUnNm6VKBUSmTD
|
|
35
|
+
amu9obpN7MYFAoIBAGL9nv+Nm2H1ovatDPq7uYhtTWqJ4YQ+1Q2aKMaT850hjHmz
|
|
36
|
+
PU0Z1OrZjB95KskjYE8Bt6hz6SbWZlMLKkV3n+Ne160lbomIDsSWk1XYUGWVs2wf
|
|
37
|
+
1nnJriyxXEDNFruFCfv6Gz1Jbu6a+j3zI64xICvh5FY6p60zLc16gZa+O7nirLYp
|
|
38
|
+
g6+xsEFSzddW5BixNrl5O0bumyeSIrSUi6jrga+QqwXWllTqhZJn22eFcP4je1Ri
|
|
39
|
+
UF68EMLy42zBwqoxYMm9vINOqi2vTCp06IFMRo61YEmvORYweWLRBKJPQHYw4cMJ
|
|
40
|
+
rmi3hyxKa2CwTI2bIN8RkptrjPhzOWsHPHTV6QECggEAHEaYEykLbJOhBA5GmMnz
|
|
41
|
+
EoxYyy70SCB8QhCsD5GGV/z1y7/62B9VvfaZ+aQgd62/XEZFNZqaWLU+ZkaX+ygE
|
|
42
|
+
Eyz4U2K70jJ8Khz/zFVdiLHH4M9rX1j0W4211zyKGcLni0yiO+7A3Fh5lGYRasri
|
|
43
|
+
HOl904B2nbdT6yhM+gRgB2BeflMH2GOYLCrA5RhNBRHY0ygB58vcCt4y5zfimfEk
|
|
44
|
+
u0qG2+hP/jQ6a/mSGDsbuc9M6pVCG+TJxyfKrFlw+RupTqwE/OeDO5Ia3qC/El5l
|
|
45
|
+
Z2CzTI9GziXMAkEVAdi2Z5kDDuuoaTY6q0CjbvdM/yZj2z1+leRlXrt5KQ7VgavV
|
|
46
|
+
OQKCAQEAhDdojpOoN3lannYgz9t5LGGDn4BW36EjgZ1zSY0slObz+Xed365Ck9Wa
|
|
47
|
+
5UGix9pdAr4hYMsM/ggjqoEVR84P3l4rvo5jgsk287e6tA6Hnpu6OdnVmB4p5RTf
|
|
48
|
+
qK2C2n5hthQcxJQD0EWVSvSfTQ86i+KWL8wF8fLylwAHQS9j8HaTTS/9SPyTBsG+
|
|
49
|
+
7U02FQPOFQJVAzTpvpKosgDv9R4MdRidgwmzfDoSqjzJodAmRjkOUl87gmhd7Wll
|
|
50
|
+
A2bd3ZsBAbi/MhvIcWTbJKFdNC5Xlg0gBOFwotbvGlGgMhyJlW7qbhqJjDWQAG3L
|
|
51
|
+
1RNKTSMq7zpGMzQSlv8udQbWq1Kk8g==
|
|
52
|
+
-----END PRIVATE KEY-----
|
|
Binary file
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIFkzCCA3ugAwIBAgIUaxaJxbTdJbY8LgQDDEur7n4wqoUwDQYJKoZIhvcNAQEL
|
|
3
|
+
BQAwUTELMAkGA1UEBhMCTFMxCzAJBgNVBAgMAk5BMRMwEQYDVQQHDApIdHRwIElu
|
|
4
|
+
cHV0MREwDwYDVQQKDAhMb2dzdGFzaDENMAsGA1UEAwwEcm9vdDAeFw0yMTExMjQx
|
|
5
|
+
MDIxMjlaFw0yNjExMjQxMDIxMjlaMFExCzAJBgNVBAYTAkxTMQswCQYDVQQIDAJO
|
|
6
|
+
QTETMBEGA1UEBwwKSHR0cCBJbnB1dDERMA8GA1UECgwITG9nc3Rhc2gxDTALBgNV
|
|
7
|
+
BAMMBHJvb3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCwVfl113eq
|
|
8
|
+
oUSLcw0Xrp1H0UoRLrQoo4h88HtspnJwuTok2PiEIbhUebufzK0nF2ZybVJYiC0Z
|
|
9
|
+
JJuSqicMCm9VpznJVRNNT/a7gMcF4j0lYdT2Yuxw2yaCZcvCffVIRU0LIUjj2bXa
|
|
10
|
+
83ibuuphfwcm+C3bJ5xWN65F0Txe7mCh8PQ+X0v0peNjkdGHt1LFP3qFV67ssNtx
|
|
11
|
+
jeVB35rmKL/OD8gr9fNHFF5B5A8DXniLpohJZLrVFLw455Fyhx+GS+ZQpaHxfneI
|
|
12
|
+
hMfftflfabXZNO/pzbSHJShKhIboAfM/bXX5cnilIeLBwko/WPtO81M13rX+e3VF
|
|
13
|
+
UFxtXor2z1MhoV01+PfVtTem0iinkYJUtulfrGvolgaQhV+UhgoOuvmYQkj7pmd/
|
|
14
|
+
41pRarhxKp5jRjz3TEfY6PZjGV7vF2Q9IAk2yAUvAhY8qER+eGZe5krUKBV1gLww
|
|
15
|
+
zOplQMerG3+Jrm1Fk6sDGw0wJIQUCu3P3nhQTqyqx8z5Sk5dWPMQBkbJMtUIdFOD
|
|
16
|
+
/JxJWb171xkH1VNH9zXJfAzHVpk1cgVruF1VtepceQh0rW6E7Lc+Avbg23Zr06fj
|
|
17
|
+
kklKNaKabScl7uE7LiGhSpV6N2MJURtJB9jI9oRdYDCBhLihDbn33MrdseOzuWgd
|
|
18
|
+
uWZtvUzPKWuzTLpFnnF3krwgUm8TZW81MQIDAQABo2MwYTAdBgNVHQ4EFgQUp9fH
|
|
19
|
+
b97tEfzvywzwu4fsB5XKRagwHwYDVR0jBBgwFoAUp9fHb97tEfzvywzwu4fsB5XK
|
|
20
|
+
RagwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL
|
|
21
|
+
BQADggIBAEC17d/UJpmABMNmV9PMbt5NjiD+dDi8rnE05zXQXhJWm2vZh0nLC3sc
|
|
22
|
+
QAJCep5xEHRzOSYSrOihzHF/Pk1Zdl4ly0SZHPtNdipphqWE/Vl9GaQahq8HZg1Y
|
|
23
|
+
CjGQvr0MFe4ikOGRkGw9Vp8lR4XXUJxv4VegpX3BRy2+hTgi21kV4X0a5eZ17Li9
|
|
24
|
+
MTljj22vxlypRIu0Jw4BPT0iayc8DivPI4vshUUFc+MLB/1h8OdY19KtoscMaIjk
|
|
25
|
+
90xDyAeL6/xxL4ZWDrXEUsxxoakt4vRJaCQ2hCLSVk8isQfzJhkSDqEkK5Ypo+D0
|
|
26
|
+
qDn8eL3w06qA1SvvtxVvKOAHHBLlb8ENoRUtBjTzBNQa2t/zDULogwTQbcY7JpwH
|
|
27
|
+
FAVXBfqKQ0pLuVuPeTaE6K7eE0p0/upE78FFOsmfoOL34ziw6imTyOgnmYNsmY19
|
|
28
|
+
Q8rE4n3hKCd4S/Vl2In9Ly8XAQpj5BYLRqxuMkx57oYQ4byr1vVas7iUIXAZSRIi
|
|
29
|
+
W9f+9wZ+L99tgXVIKWaA2xD24lGKfr6WKnazUJYRRJifBE3VFgydbewVePRmPbMC
|
|
30
|
+
P4OAVX4ERUZXuP6zpfm5rZvgesoe0ZCDIPT2U+im8OnUq1saODBuh8Frx3BXIGVx
|
|
31
|
+
zUQzkIYc5+zF5a4LGN2AlCr3kTEJuE3rgEKwA/gGFqYBw3CfOrhH
|
|
32
|
+
-----END CERTIFICATE-----
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
|
2
|
+
MIIJKQIBAAKCAgEAsFX5ddd3qqFEi3MNF66dR9FKES60KKOIfPB7bKZycLk6JNj4
|
|
3
|
+
hCG4VHm7n8ytJxdmcm1SWIgtGSSbkqonDApvVac5yVUTTU/2u4DHBeI9JWHU9mLs
|
|
4
|
+
cNsmgmXLwn31SEVNCyFI49m12vN4m7rqYX8HJvgt2yecVjeuRdE8Xu5gofD0Pl9L
|
|
5
|
+
9KXjY5HRh7dSxT96hVeu7LDbcY3lQd+a5ii/zg/IK/XzRxReQeQPA154i6aISWS6
|
|
6
|
+
1RS8OOeRcocfhkvmUKWh8X53iITH37X5X2m12TTv6c20hyUoSoSG6AHzP211+XJ4
|
|
7
|
+
pSHiwcJKP1j7TvNTNd61/nt1RVBcbV6K9s9TIaFdNfj31bU3ptIop5GCVLbpX6xr
|
|
8
|
+
6JYGkIVflIYKDrr5mEJI+6Znf+NaUWq4cSqeY0Y890xH2Oj2Yxle7xdkPSAJNsgF
|
|
9
|
+
LwIWPKhEfnhmXuZK1CgVdYC8MMzqZUDHqxt/ia5tRZOrAxsNMCSEFArtz954UE6s
|
|
10
|
+
qsfM+UpOXVjzEAZGyTLVCHRTg/ycSVm9e9cZB9VTR/c1yXwMx1aZNXIFa7hdVbXq
|
|
11
|
+
XHkIdK1uhOy3PgL24Nt2a9On45JJSjWimm0nJe7hOy4hoUqVejdjCVEbSQfYyPaE
|
|
12
|
+
XWAwgYS4oQ2599zK3bHjs7loHblmbb1Mzylrs0y6RZ5xd5K8IFJvE2VvNTECAwEA
|
|
13
|
+
AQKCAgEAhPqhINQ4A26QsZU3B2gAZluXvrN427jPwmDcw0gWv5mAFq+lYofHabVP
|
|
14
|
+
4CfLYNKNyLdWxTsUv4RS6lz1C2iHI5HzyzgkUUZ/bFGmRXKi6CEKKDDb3BP4y5eW
|
|
15
|
+
/PpeUn0op78XJ/VT5mV7y/0+qf3Q1/uLIV2S0ZY2D6LGI1UjfJyopKzbLAk6HSmn
|
|
16
|
+
WPDQM742WH6ShR6ursjyXiYRu4Z5dx2BuF1HdJAQsSIajFDfGXmiB682EmELvOIt
|
|
17
|
+
VrA9/toYOzNdmC/mVwbDcJrcD685my8Hykr93HkSFHgzAJ4P4gJbWJ2SC/4s8i/i
|
|
18
|
+
LDmfc5+eXd6xYtOZ0YbT3QrSQ2SAbHiWKbtCxCFeSwyMgM03NZ3gcFCofmq7HKnS
|
|
19
|
+
Y0MIvJbpYmraGV7yizNZzMk1qEn9CCEMlByEtc25tKg++MUh0u3DwtAOlCxj9SPI
|
|
20
|
+
TMvRKjDrzAqTj7GSuoF/Fdrg9QZmOCe0290PuPEnCAh0Pcg/FjInmfiY4YYy3FOx
|
|
21
|
+
suj4KfbaoIKMM84QROYjHeqme1RBaPHYnKZkBpPt7E1k6XcD4Tz3R7Y9x7T6vzjc
|
|
22
|
+
Y8GDUuXN/XhsjPSL9NYhl/vCx8i1CCCvwf2qRV1cbdv19tfGA9Kjp8JRHWFoGzXF
|
|
23
|
+
bSybhD7ConFKHo9SSRvPUrPODqsC2n9SdnZqVaXtgH/Mz1B01gECggEBANs4LRe3
|
|
24
|
+
oHrUyDN5xJx/WT4EoKP+CsbJ+cZzfE5gpY4zHDovVDgyJfk0zLByCP263bFgdIVr
|
|
25
|
+
nzEUu0DMJv96Am0gPzAEg6Z47/mYAICzFvUSCdg8kksREOf1EJmRKaAou3ywsTDS
|
|
26
|
+
l/9Fwx/aW+1hXxbrIDeQN9MbTlYo5zyKAt4qX035HNj4bdfQgkSPPoLGvvk9Yg7I
|
|
27
|
+
XEDZuywHzDTTl9iM/BdnCPv1J/nE3ohblOyir4qbRi9Pxrw4OtNwn9P9k5xbCR9S
|
|
28
|
+
iNoeC6bnxnD5aVvsUX0+K1BQYfQWRzhbdMvuoTsKCBkZJ7NmDgwSZgvBIotQ7+wQ
|
|
29
|
+
MeipchBrnalwvZECggEBAM3r4SDLMIooYJ9meLNc9gchPrgTiTUEOcY8XszO5hjr
|
|
30
|
+
4CZ4w45yoI/njqrmL1LwDmZOnC7e/WMfRwag8BdSRm2R6wX86Fw4RT2GRyJF6Ph9
|
|
31
|
+
Nx3GwcYEJ3X6hNyMzneJLloc56q81LWPvLTfTtQsLrh4FGH0V2d5z8IgB6NyWsfb
|
|
32
|
+
e7jL1IOYhiTWXWaoCsVdvcFqzBTgdEAE6Pp6Vf8eUb0Iv8b1lPT9cJ7SQENONNze
|
|
33
|
+
xq18YDwt6+BjQI2nnn6DbmBNkRV0CO2EiRvUJa2xQdSBN6dj8Hu95GRRYtnt0lH1
|
|
34
|
+
2AyuxbWSfM5NFWc/JyANK5FVP6r4ANQ2/8KS7GwdraECggEBAL/w8dqAVyz1Pc2E
|
|
35
|
+
Ype8EUFx/81W08y2b9JIr6BYktxs99wiMJV7ozAOAOLFFgZDJXT3RU7Eqn/o7QOR
|
|
36
|
+
PNwX0iQGRg0fBr4tycA6TMZjCEjP4HrKnjTH3ouaUUyEg3PN9kr40kwzOA604GH1
|
|
37
|
+
aOPxi7afbHf5+EcI85ARBFZHaLdpVkUJRy7aZiK+WDD7UvpiVjgYfNEAsXW+rlmh
|
|
38
|
+
AjWGxr8+wkMjXgRt5PCWZVnzBfQjhZvQ1KT8LsACY89aHzcYIbSXKOeZ9mU0RXOA
|
|
39
|
+
IIoudwebZMZKNtZ9ayayku1PdnZQnC77W5fOJKq5QrdjLKJCGqLs3QVOMMTMCClE
|
|
40
|
+
cKk5I2ECggEAT7YEYqZk9sYkiO+ov323uxDSb30Yes5U8vjBlbRte64rCZlr0cNr
|
|
41
|
+
hekT3/HU1d0ZJd8+NCKboXglDVrVNaHio119xcadx7z8iJFnDcxUH4SRBlS/A8Dt
|
|
42
|
+
6Yx9S8ax0bHnoHhZ8UzBZjrqyHU81YL43u2UrkpgXyzXEIVHj6yfmYfLv8AfVoV/
|
|
43
|
+
P9k/NJLOAJKF9s45i8dLGNENwpACpAv/hhZR7ll4PNGye7hVqfgnHGycKeHgessn
|
|
44
|
+
6KdjALKm9sA3xM2h4NUW86J/VKdtomvgWLtgaMqV98CNHYwnoMafyJxK8rXg0KWQ
|
|
45
|
+
7GcIZvwaUBzpBYwjZjI0V/GmVZJ8NGnUoQKCAQA1DZMysw+8VtnbRSP/XTyhLkOU
|
|
46
|
+
8VGJQ8Ho8dRv6ePooP1Fb7po+Gw3FqzxC9mUYfSErbIBPbpdQ4/SVgV41K1ob8zt
|
|
47
|
+
CJTMO+DEVS8lUtk8LhTWalV/xQ8ySwWbgm2epuLgpXamehbZj1/RMEWKgsWxqbck
|
|
48
|
+
sibB/g+qx7+Sx2CGFzRQRYrGCL5JKzT5Z4A3sV+REeD074kQzMqsCI1uSEMtfzWT
|
|
49
|
+
BAgZ5svGWum9xp6qWpqrB7dSx0hIJmF8Nd7GShcPq13/IpQc5IQqOezGScuV+f0q
|
|
50
|
+
UxJQyuTkXFOVcOyIZR7oATf2GTDVROBTz5WaobE/3TzrUxRxeKj1yWy7s+iZ
|
|
51
|
+
-----END RSA PRIVATE KEY-----
|