logstash-input-tcp 6.0.10-java → 6.2.1-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +16 -0
- data/docs/index.asciidoc +61 -0
- data/lib/logstash/inputs/tcp/decoder_impl.rb +12 -9
- data/lib/logstash/inputs/tcp.rb +53 -27
- data/logstash-input-tcp.gemspec +6 -0
- data/spec/fixtures/encrypted-pkcs5v15.crt +14 -0
- data/spec/fixtures/encrypted-pkcs5v15.key +17 -0
- data/spec/fixtures/encrypted-pkcs8.crt +11 -0
- data/spec/fixtures/encrypted-pkcs8.key +18 -0
- data/spec/fixtures/encrypted_aes256.crt +17 -0
- data/spec/fixtures/encrypted_aes256.key +30 -0
- data/spec/fixtures/encrypted_des.crt +9 -0
- data/spec/fixtures/encrypted_des.key +12 -0
- data/spec/fixtures/encrypted_seed.crt +17 -0
- data/spec/fixtures/encrypted_seed.key +30 -0
- data/spec/fixtures/small.crt +9 -0
- data/spec/fixtures/small.key +9 -0
- data/spec/inputs/tcp_spec.rb +243 -116
- data/vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/{6.0.10/logstash-input-tcp-6.0.10.jar → 6.2.1/logstash-input-tcp-6.2.1.jar} +0 -0
- data/version +1 -1
- metadata +86 -16
- data/lib/logstash/inputs/tcp/compat_ssl_options.rb +0 -147
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 387806978d8a05a020a5f642c6e377a4ebb6b40d73df908a88d99282d0b4e99e
|
4
|
+
data.tar.gz: 670952d23fd233413a074c2447b15fb6f04aef532b311edac6dcfc85d9de7299
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 151d1d001537105d26efbd03cdb603bec2c8e2c5402082b0f66b26bc582c5e601790d5d61e90eea224781b9682b221026daad5d8323bfa1a030e0fbc10c628e7
|
7
|
+
data.tar.gz: b290d05bf1c1f3fcb3ac3bc0e9d7d8cc2523b52cd90f0aad848398971026e4bb2e7eba94a5b27ec56ee4e961d33b1672c27992cf5997ffffc81cc5357af53d2b
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,19 @@
|
|
1
|
+
## 6.2.1
|
2
|
+
- Fix: restore logic to add the Bouncy-Castle security provider at runtime [#181](https://github.com/logstash-plugins/logstash-input-tcp/pull/181)
|
3
|
+
- required to properly read encrypted (legacy) OpenSSL PKCS#5v1.5 keys
|
4
|
+
|
5
|
+
## 6.2.0
|
6
|
+
- Added ECS Compatibility Mode [#165](https://github.com/logstash-plugins/logstash-input-tcp/pull/165)
|
7
|
+
- When operating in an ECS Compatibility mode, metadata about the connection on which we are receiving data is nested in well-named fields under `[@metadata][input][tcp]` instead of at the root level.
|
8
|
+
- Fix: source address is no longer missing when a proxy is present
|
9
|
+
|
10
|
+
## 6.1.1
|
11
|
+
- Changed jar dependencies to reflect newer versions [#179](https://github.com/logstash-plugins/logstash-input-http/pull/179)
|
12
|
+
|
13
|
+
## 6.1.0
|
14
|
+
- Feat: improve SSL error logging/unwrapping [#178](https://github.com/logstash-plugins/logstash-input-tcp/pull/178)
|
15
|
+
- Fix: the plugin will no longer have a side effect of adding the Bouncy-Castle security provider at runtime
|
16
|
+
|
1
17
|
## 6.0.10
|
2
18
|
- bumping dependency commons-io [#174](https://github.com/logstash-plugins/logstash-input-tcp/pull/174)
|
3
19
|
|
data/docs/index.asciidoc
CHANGED
@@ -70,6 +70,52 @@ event timestamp
|
|
70
70
|
}
|
71
71
|
}
|
72
72
|
|
73
|
+
[id="plugins-{type}s-{plugin}-ecs_metadata"]
|
74
|
+
==== Event Metadata and the Elastic Common Schema (ECS)
|
75
|
+
|
76
|
+
In addition to decoding the events, this input will add metadata about the TCP connection itself to each event.
|
77
|
+
This can be helpful when applications are configured to send events directly to this input's TCP listener without including information about themselves.
|
78
|
+
|
79
|
+
Historically, this metadata was added to a variety of non-standard top-level fields, which had the potential to create confusion and schema conflicts downstream.
|
80
|
+
With ECS compatibility mode, we can ensure a pipeline still has access to this metadata throughout the event's lifecycle without polluting the top-level namespace.
|
81
|
+
|
82
|
+
[cols="3,7,5"]
|
83
|
+
|=======================================================================
|
84
|
+
| Metadata Group | ecs: `v1`, `v8` | ecs: `disabled`
|
85
|
+
|
86
|
+
.3+|Source Metadata from the TCP connection
|
87
|
+
on which events are being received, including
|
88
|
+
the sender's name, ip, and outbound port. l|[@metadata][input][tcp][source][name] l|[host]
|
89
|
+
l|[@metadata][input][tcp][source][ip] l|[@metadata][ip_address]
|
90
|
+
l|[@metadata][input][tcp][source][port] l|[port]
|
91
|
+
|
92
|
+
.2+|Proxy Metadata from a proxied TCP connection.
|
93
|
+
Available when receiving events by proxy and
|
94
|
+
`proxy_protocol => true` l|[@metadata][input][tcp][proxy][ip] l|[proxy_host]
|
95
|
+
l|[@metadata][input][tcp][proxy][port] l|[proxy_port]
|
96
|
+
|
97
|
+
.1+|SSL Subject Metadata from a secured TCP
|
98
|
+
connection. Available when `ssl_enable => true`
|
99
|
+
AND `ssl_verify => true` l|[@metadata][input][tcp][ssl][subject] l|[sslsubject]
|
100
|
+
|=======================================================================
|
101
|
+
|
102
|
+
For example, the Elastic Common Schema reserves the https://www.elastic.co/guide/en/ecs/current/ecs-host.html[top-level `host` field] for information about the host on which the event happened.
|
103
|
+
If an event is missing this metadata, it can be copied into place from the source TCP connection metadata that has been added to the event:
|
104
|
+
|
105
|
+
[source,txt]
|
106
|
+
-----
|
107
|
+
filter {
|
108
|
+
if [@metadata][input][tcp][source] and not [host] {
|
109
|
+
mutate {
|
110
|
+
copy {
|
111
|
+
"[@metadata][input][tcp][source][name]" => "[host][name]"
|
112
|
+
"[@metadata][input][tcp][source][ip]" => "[host][ip]"
|
113
|
+
}
|
114
|
+
}
|
115
|
+
}
|
116
|
+
}
|
117
|
+
-----
|
118
|
+
|
73
119
|
[id="plugins-{type}s-{plugin}-options"]
|
74
120
|
==== Tcp Input Configuration Options
|
75
121
|
|
@@ -79,6 +125,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
|
|
79
125
|
|=======================================================================
|
80
126
|
|Setting |Input type|Required
|
81
127
|
| <<plugins-{type}s-{plugin}-dns_reverse_lookup_enabled>> |<<boolean,boolean>>|No
|
128
|
+
| <<plugins-{type}s-{plugin}-ecs_compatibility>> | <<string,string>>|No
|
82
129
|
| <<plugins-{type}s-{plugin}-host>> |<<string,string>>|No
|
83
130
|
| <<plugins-{type}s-{plugin}-mode>> |<<string,string>>, one of `["server", "client"]`|No
|
84
131
|
| <<plugins-{type}s-{plugin}-port>> |<<number,number>>|Yes
|
@@ -108,6 +155,20 @@ It is possible to avoid DNS reverse-lookups by disabling this setting. If disabl
|
|
108
155
|
the address metadata that is added to events will contain the source address as-specified
|
109
156
|
at the TCP layer and IPs will not be resolved to hostnames.
|
110
157
|
|
158
|
+
[id="plugins-{type}s-{plugin}-ecs_compatibility"]
|
159
|
+
===== `ecs_compatibility`
|
160
|
+
|
161
|
+
* Value type is <<string,string>>
|
162
|
+
* Supported values are:
|
163
|
+
** `disabled`: unstructured connection metadata added at root level
|
164
|
+
** `v1`,`v8`: structured connection metadata added under `[@metadata][input][tcp]`
|
165
|
+
* Default value depends on which version of Logstash is running:
|
166
|
+
** When Logstash provides a `pipeline.ecs_compatibility` setting, its value is used as the default
|
167
|
+
** Otherwise, the default value is `disabled`.
|
168
|
+
|
169
|
+
Controls this plugin's compatibility with the https://www.elastic.co/guide/en/ecs/current/index.html[Elastic Common Schema (ECS)].
|
170
|
+
The value of this setting affects the <<plugins-{type}s-{plugin}-ecs_metadata,placement of a TCP connection's metadata>> on events.
|
171
|
+
|
111
172
|
[id="plugins-{type}s-{plugin}-host"]
|
112
173
|
===== `host`
|
113
174
|
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# encoding: utf-8
|
2
2
|
require 'java'
|
3
3
|
|
4
|
-
class DecoderImpl
|
4
|
+
class LogStash::Inputs::Tcp::DecoderImpl
|
5
5
|
|
6
6
|
include org.logstash.tcp.Decoder
|
7
7
|
|
@@ -24,7 +24,7 @@ class DecoderImpl
|
|
24
24
|
end
|
25
25
|
|
26
26
|
def copy
|
27
|
-
|
27
|
+
self.class.new(@codec.clone, @tcp)
|
28
28
|
end
|
29
29
|
|
30
30
|
def flush
|
@@ -41,16 +41,17 @@ class DecoderImpl
|
|
41
41
|
@tcp.logger.error("Invalid proxy protocol header label", :header => pp_hdr)
|
42
42
|
raise IOError.new("Invalid proxy protocol header label #{pp_hdr.inspect}")
|
43
43
|
else
|
44
|
-
@proxy_address = pp_info[3]
|
45
|
-
@proxy_port = pp_info[5]
|
46
|
-
@
|
47
|
-
@
|
44
|
+
@proxy_address = pp_info[3] # layer 3 destination address (proxy's receiving address)
|
45
|
+
@proxy_port = pp_info[5] # TCP destination port (proxy's receiving port)
|
46
|
+
@ip_address = pp_info[2] # layer 3 source address (outgoing ip of sender)
|
47
|
+
@address = extract_host_name(@ip_address)
|
48
|
+
@port = pp_info[4] # TCP source port (outgoing port on sender [probably random])
|
48
49
|
end
|
49
50
|
else
|
50
51
|
filtered = received
|
51
|
-
@ip_address = channel_addr.get_address.get_host_address
|
52
|
-
@address = extract_host_name(channel_addr)
|
53
|
-
@port = channel_addr.get_port
|
52
|
+
@ip_address = channel_addr.get_address.get_host_address # ip address of sender
|
53
|
+
@address = extract_host_name(channel_addr) # name _or_ address of sender
|
54
|
+
@port = channel_addr.get_port # outgoing port of sender (probably random)
|
54
55
|
end
|
55
56
|
@first_read = false
|
56
57
|
filtered
|
@@ -58,6 +59,8 @@ class DecoderImpl
|
|
58
59
|
|
59
60
|
private
|
60
61
|
def extract_host_name(channel_addr)
|
62
|
+
channel_addr = java.net.InetSocketAddress.new(channel_addr, 0) if channel_addr.kind_of?(String)
|
63
|
+
|
61
64
|
return channel_addr.get_host_string unless @tcp.dns_reverse_lookup_enabled?
|
62
65
|
|
63
66
|
channel_addr.get_host_name
|
data/lib/logstash/inputs/tcp.rb
CHANGED
@@ -5,8 +5,7 @@ require "java"
|
|
5
5
|
require "logstash/inputs/base"
|
6
6
|
require "logstash/util/socket_peer"
|
7
7
|
require "logstash-input-tcp_jars"
|
8
|
-
require
|
9
|
-
require "logstash/inputs/tcp/compat_ssl_options"
|
8
|
+
require 'logstash/plugin_mixins/ecs_compatibility_support'
|
10
9
|
|
11
10
|
require "socket"
|
12
11
|
require "openssl"
|
@@ -61,7 +60,13 @@ require "openssl"
|
|
61
60
|
# }
|
62
61
|
class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
63
62
|
|
64
|
-
java_import org.logstash.tcp.InputLoop
|
63
|
+
java_import 'org.logstash.tcp.InputLoop'
|
64
|
+
java_import 'org.logstash.tcp.SslContextBuilder'
|
65
|
+
|
66
|
+
require_relative "tcp/decoder_impl"
|
67
|
+
|
68
|
+
# ecs_compatibility option, provided by Logstash core or the support adapter.
|
69
|
+
include LogStash::PluginMixins::ECSCompatibilitySupport(:disabled, :v1, :v8 => :v1)
|
65
70
|
|
66
71
|
config_name "tcp"
|
67
72
|
|
@@ -103,7 +108,8 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
103
108
|
# Useful when the CA chain is not necessary in the system store.
|
104
109
|
config :ssl_extra_chain_certs, :validate => :array, :default => []
|
105
110
|
|
106
|
-
# Validate client certificates against these authorities. You can define multiple files or paths.
|
111
|
+
# Validate client certificates against these authorities. You can define multiple files or paths.
|
112
|
+
# All the certificates will be read and added to the trust store.
|
107
113
|
config :ssl_certificate_authorities, :validate => :array, :default => []
|
108
114
|
|
109
115
|
# Instruct the socket to use TCP keep alives. Uses OS defaults for keep alive settings.
|
@@ -112,13 +118,6 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
112
118
|
# Option to allow users to avoid DNS Reverse Lookup.
|
113
119
|
config :dns_reverse_lookup_enabled, :validate => :boolean, :default => true
|
114
120
|
|
115
|
-
HOST_FIELD = "host".freeze
|
116
|
-
HOST_IP_FIELD = "[@metadata][ip_address]".freeze
|
117
|
-
PORT_FIELD = "port".freeze
|
118
|
-
PROXY_HOST_FIELD = "proxy_host".freeze
|
119
|
-
PROXY_PORT_FIELD = "proxy_port".freeze
|
120
|
-
SSLSUBJECT_FIELD = "sslsubject".freeze
|
121
|
-
|
122
121
|
# Monkey patch TCPSocket and SSLSocket to include socket peer
|
123
122
|
# @private
|
124
123
|
def self.patch_socket_peer!
|
@@ -133,6 +132,8 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
133
132
|
def initialize(*args)
|
134
133
|
super(*args)
|
135
134
|
|
135
|
+
setup_fields!
|
136
|
+
|
136
137
|
self.class.patch_socket_peer!
|
137
138
|
|
138
139
|
# threadsafe socket bookkeeping
|
@@ -148,10 +149,7 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
148
149
|
fix_streaming_codecs
|
149
150
|
|
150
151
|
if server?
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
@loop = InputLoop.new(@host, @port, DecoderImpl.new(@codec, self), @tcp_keep_alive, ssl_context)
|
152
|
+
@loop = InputLoop.new(@host, @port, DecoderImpl.new(@codec, self), @tcp_keep_alive, java_ssl_context)
|
155
153
|
end
|
156
154
|
end
|
157
155
|
|
@@ -188,8 +186,8 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
188
186
|
proxy_port, tbuf, socket)
|
189
187
|
codec.decode(tbuf) do |event|
|
190
188
|
if @proxy_protocol
|
191
|
-
event.set(
|
192
|
-
event.set(
|
189
|
+
event.set(@field_proxy_host, proxy_address) unless event.get(@field_proxy_host)
|
190
|
+
event.set(@field_proxy_port, proxy_port) unless event.get(@field_proxy_port)
|
193
191
|
end
|
194
192
|
enqueue_decorated(event, client_ip_address, client_address, client_port, socket)
|
195
193
|
end
|
@@ -262,14 +260,24 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
262
260
|
end
|
263
261
|
|
264
262
|
def enqueue_decorated(event, client_ip_address, client_address, client_port, socket)
|
265
|
-
event.set(
|
266
|
-
event.set(
|
267
|
-
event.set(
|
268
|
-
event.set(
|
263
|
+
event.set(@field_host, client_address) unless event.get(@field_host)
|
264
|
+
event.set(@field_host_ip, client_ip_address) unless event.get(@field_host_ip)
|
265
|
+
event.set(@field_port, client_port) unless event.get(@field_port)
|
266
|
+
event.set(@field_sslsubject, socket.peer_cert.subject.to_s) if socket && @ssl_enable && @ssl_verify && event.get(@field_sslsubject).nil?
|
269
267
|
decorate(event)
|
270
268
|
@output_queue << event
|
271
269
|
end
|
272
270
|
|
271
|
+
# setup the field names, with respect to ECS compatibility.
|
272
|
+
def setup_fields!
|
273
|
+
@field_host = ecs_select[disabled: "host", v1: "[@metadata][input][tcp][source][name]" ].freeze
|
274
|
+
@field_host_ip = ecs_select[disabled: "[@metadata][ip_address]", v1: "[@metadata][input][tcp][source][ip]" ].freeze
|
275
|
+
@field_port = ecs_select[disabled: "port", v1: "[@metadata][input][tcp][source][port]" ].freeze
|
276
|
+
@field_proxy_host = ecs_select[disabled: "proxy_host", v1: "[@metadata][input][tcp][proxy][ip]" ].freeze
|
277
|
+
@field_proxy_port = ecs_select[disabled: "proxy_port", v1: "[@metadata][input][tcp][proxy][port]" ].freeze
|
278
|
+
@field_sslsubject = ecs_select[disabled: "sslsubject", v1: "[@metadata][input][tcp][tls][client][subject]"].freeze
|
279
|
+
end
|
280
|
+
|
273
281
|
def server?
|
274
282
|
@mode == "server"
|
275
283
|
end
|
@@ -320,7 +328,7 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
320
328
|
|
321
329
|
socket
|
322
330
|
rescue OpenSSL::SSL::SSLError => e
|
323
|
-
@logger.error("SSL Error", :exception => e, :backtrace => e.backtrace)
|
331
|
+
@logger.error("SSL Error", :message => e.message, :exception => e.class, :backtrace => e.backtrace)
|
324
332
|
# catch all rescue nil on close to discard any close errors or invalid socket
|
325
333
|
socket.close rescue nil
|
326
334
|
sleep(1) # prevent hammering peer
|
@@ -362,15 +370,33 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
362
370
|
@socket_mutex.synchronize{@connection_sockets.keys.dup}
|
363
371
|
end
|
364
372
|
|
365
|
-
def
|
366
|
-
|
367
|
-
.
|
373
|
+
def java_ssl_context
|
374
|
+
SslContextBuilder.new
|
375
|
+
.set_ssl_enabled(@ssl_enable)
|
368
376
|
.set_should_verify(@ssl_verify)
|
369
377
|
.set_ssl_cert(@ssl_cert)
|
370
378
|
.set_ssl_key(@ssl_key)
|
371
|
-
.
|
379
|
+
.set_ssl_key_password(@ssl_key_passphrase.value)
|
372
380
|
.set_ssl_extra_chain_certs(@ssl_extra_chain_certs.to_java(:string))
|
373
381
|
.set_ssl_certificate_authorities(@ssl_certificate_authorities.to_java(:string))
|
374
|
-
.
|
382
|
+
.build_context
|
383
|
+
rescue java.lang.IllegalArgumentException => e
|
384
|
+
@logger.error("SSL configuration invalid", error_details(e))
|
385
|
+
raise LogStash::ConfigurationError, e
|
386
|
+
rescue java.lang.Exception => e
|
387
|
+
@logger.error("SSL configuration failed", error_details(e, true))
|
388
|
+
raise e
|
389
|
+
end
|
390
|
+
|
391
|
+
def error_details(e, trace = false)
|
392
|
+
error_details = { :exception => e.class, :message => e.message }
|
393
|
+
error_details[:backtrace] = e.backtrace if trace || @logger.debug?
|
394
|
+
cause = e.cause
|
395
|
+
if cause && e != cause
|
396
|
+
error_details[:cause] = { :exception => cause.class, :message => cause.message }
|
397
|
+
error_details[:cause][:backtrace] = cause.backtrace if trace || @logger.debug?
|
398
|
+
end
|
399
|
+
error_details
|
375
400
|
end
|
401
|
+
|
376
402
|
end
|
data/logstash-input-tcp.gemspec
CHANGED
@@ -21,6 +21,12 @@ Gem::Specification.new do |s|
|
|
21
21
|
|
22
22
|
# Gem dependencies
|
23
23
|
s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
|
24
|
+
s.add_runtime_dependency 'logstash-mixin-ecs_compatibility_support', '~>1.2'
|
25
|
+
|
26
|
+
s.add_runtime_dependency 'logstash-core', '>= 6.7.0'
|
27
|
+
|
28
|
+
# we depend on bouncycastle's bcpkix-jdk15on being on the class-path
|
29
|
+
s.add_runtime_dependency 'jruby-openssl', '>= 0.10.2', '< 0.12'
|
24
30
|
|
25
31
|
# line vs streaming codecs required for fix_streaming_codecs
|
26
32
|
# TODO: fix_streaming_codecs should be refactored to not
|
@@ -0,0 +1,14 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIICNDCCAZ0CFDeJbri+rGpHPKybNEMIdH/rV8NNMA0GCSqGSIb3DQEBCwUAMFkx
|
3
|
+
CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
|
4
|
+
cm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMTA4
|
5
|
+
MjUxMzAyMzZaFw0yNDEyMDcxMzAyMzZaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQI
|
6
|
+
DApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQx
|
7
|
+
EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
|
8
|
+
v7u9o3mztK8BQ7HiuWs1YJSzpPujs6cYefYDU8AWg6SkDIS/E0SiVoKZmHxcyul+
|
9
|
+
t1QEsF3VYEnkKs0jtJQKE6Av0DCMQWA8lXmuEnXI02mDvtL2Kxh4w5x1D5bSRgJP
|
10
|
+
Ms9ozN06F5wrMtipUBglwIwQ6HHPywToNMnf5BBZUnECAwEAATANBgkqhkiG9w0B
|
11
|
+
AQsFAAOBgQCuh+ytoZKgOEzeLwhfScUvcuDcYJFGkMckO6oUe+/SDTfBN/z5WAhV
|
12
|
+
ogBOLOqate4plaP12ZhjE8DUeRy9oN3zKenpskTtXrMz5XH0mclAn8aBig+eOyEj
|
13
|
+
1QMDysipE11d1sx1SIXiIMSKtv6kLV/Y+4aId9/AJHxOYMHxebwSQg==
|
14
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,17 @@
|
|
1
|
+
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
2
|
+
MIICoTAbBgkqhkiG9w0BBQMwDgQI3TfMa5Qd1D8CAggABIICgFjVn88VPNrjBXiF
|
3
|
+
Hw5W8yFFwvoeSd/vVkDcGUiNhQy9A3ra/QmktEHvv1d/rGGLSkPypmx9zJuTNGz9
|
4
|
+
eJs7TSgIVBsmRG4UtG20qBifG/XVpN1/6pk1Hp9hbIuSBzNIi+EhdhSEty10oZso
|
5
|
+
JwrkTbFS4VAk4ivOWcl0O0HQRkGxlSaKmgYNOebvOLqw4/77BN80AOeZHXBGwYNJ
|
6
|
+
vRf8Og5PWqR5XmTJLVQxtB4BcBSPCSkECgOBoFfAeaeE6ei0W7V+LDBBHC7Ql0Dl
|
7
|
+
rK3KCyvYywd+Ep58jNQRfDsEglgw7jrN2IIaf2jRhfEiPhwbAnEDlQXsMqAIWS/I
|
8
|
+
gwj6NaaZObdX8hDVhz/T7MSnK9O8q2JGM6jhhRQZxo4TUlLB1xnwGZ9uQRljshQy
|
9
|
+
OmtQ3KuLZvRML9G8nMtd73vdQ3f0cFBIjPG8QblUMOews8tJA2OMpBXEAZf0go25
|
10
|
+
+lI+rk4RKdHvX9kVGDmKoe/KN3xo23usTjcfodhapHQYPqHc3QOx8XNxtcio1I49
|
11
|
+
wnS2xICbiEJfnSOBrrjWIivW0wHZG590ZKJ0FnpKEaXXJ2bV8VEyn+mZ4Ef9ITLk
|
12
|
+
9wsOt+68V9xRrsUsvUkkW97POVGZbw0XHf5xZ3ckKiBK41wPuoo2opVc/Qyw+jB0
|
13
|
+
cw2Lr/AUzLWZW9w+jmHL1Qr9cydcf2XKBMIoqBFQpJce35bNLTTm8O8K8ZMXEK8g
|
14
|
+
WhKLaLRfo4j/pFyuUeHw2pQ7QHRdcYtRHT1GqsQ4AQsXqVYJjwpm1E2ZL001Y+6O
|
15
|
+
r/7sJ91jAcv4IwpRS4suaJJydvVQ0qz7xq7B9TvyxZh2f4zbHL+qSe6OQj8Erm1/
|
16
|
+
jHkcaB0=
|
17
|
+
-----END ENCRYPTED PRIVATE KEY-----
|
@@ -0,0 +1,11 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIBqjCCARMCFCWVL+Vfx2IIr8d2/GMqsmfzPLD/MA0GCSqGSIb3DQEBDQUAMBQx
|
3
|
+
EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMTA4MjUxMDUyNTRaFw0yNDEyMDcxMDUy
|
4
|
+
NTRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
|
5
|
+
gYkCgYEA8HAsVcCjcolfzYR0siWOAg+xFG4fIahO6PH2Oi0l3zosa4KX2dlt3nFS
|
6
|
+
2PmgG9MNIDfXwI+BoM6QXB7O7Ch/YUhOz4GGDv3ptCjTYWyA9KZBrgLpiBFsCdt+
|
7
|
+
DiW7JBbt0OnMJGhVEsZa2Byh3HOxYqkvC2y4fET4OXdj2uX56B0CAwEAATANBgkq
|
8
|
+
hkiG9w0BAQ0FAAOBgQAW/tHI3AnyKYsJ9uaqvndUnVTIDHEEPNFE/xMM3mtQiL8f
|
9
|
+
qVYPq4V4C1Z5RD2xBI/skPngaZRWmqFrshEz2EccKe8gzdfyGQG89MQAB8QWn4dJ
|
10
|
+
bXUcnXO4hcSD4y3SiZYXJYNj37I2qJ2DfYBx7pScGYdjzIr/OJNK5EIGZI1Bvg==
|
11
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,18 @@
|
|
1
|
+
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
2
|
+
MIIC1DBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIE3AUYJOvgkYCAggA
|
3
|
+
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECO0VArsmaac3BIICgOpQitrzl0AC
|
4
|
+
uV2AD2kgBfOUvTVe9jVJZ2Pvawo7IRxZZQl/7wMHfm6uB666OVSOVfKEa6nXJhBn
|
5
|
+
JzJYXJHBqzQwgsoGfg25Y6bSvIU8ydkCzwEf2P93cexFCCDJE1B8p1/lxJViEfOq
|
6
|
+
2CujkKgS3YZCet/03qt/ktkx3qBk9dOk6+xCXorUgzjwGL2SzSH7Su1kXoVKTu5/
|
7
|
+
TRCPyD552l8kjtyqNngfOu3xcd0+FFF/e/bUe4qX1bpYNza/Cs/AJAoxHhhGag+O
|
8
|
+
26bZ/LTbsN56fM95PvytRvomyj2rMGFJtz1j56R7iYujLUZu7XgCkxq0/t/3mWgX
|
9
|
+
0VxOy0zvppZO0XRky1uwSLPsaopZlPIN6s61JAJciT0O884Hi4citNA0hskOCnJA
|
10
|
+
vyy0lGa9goZh/cJKjr7W6w2ZkkPwMOKI6YMIup7Fo+7pfG2h0EDxCZyK2JWVl2n0
|
11
|
+
vyKMUNl3yrqDbxTk0vURz9qMx/q2cY6zK6+gi+uvfjvRM4oz3nCREbuVjykvEAXo
|
12
|
+
OhmN69CN6f8QwJ6wF4JNtxwwkHy+70dLoQg/FYKIfSbA3aoxpgXtr/2d/vkZYjya
|
13
|
+
zjcaIrM/WEoPLFvieMHrOmlRZhbVI9BVjhrAyTmT+sQV+GJ7GJirJpmn06VHz5Ln
|
14
|
+
ZNE4+ZSH4ODf+JQdh+LajyI8wQKfh4YMr498i5qHyw/KnKtbPjevbY25uWvEKzce
|
15
|
+
RWv9nt7VsSQhXuR2U85yc6sqFQQ01QM9xUdhcVB9Eu7FvloDrC6pgaFIXy3IVcfH
|
16
|
+
AJPiyRBv1bNad9wdh/+O5MyoKrhAI37YfH2fEKMdR2QKBEnCs94mjFPLy2Kc9kww
|
17
|
+
eVwJJw/VXbE=
|
18
|
+
-----END ENCRYPTED PRIVATE KEY-----
|
@@ -0,0 +1,17 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIICrzCCAZcCFCbPEM/VXTgCksFOQPoLuv1Td9seMA0GCSqGSIb3DQEBCwUAMBQx
|
3
|
+
EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMTA4MjUwOTM1MDBaFw0yNDEyMDcwOTM1
|
4
|
+
MDBaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
5
|
+
ADCCAQoCggEBAOfAL1NL6pXDkpgWNync+LHLWgrrL18gTrpXjaPjmw6HuiX0te6J
|
6
|
+
1xYPjg6xYown6/SJeXi7LS0GFvlQGuz9dh2n6OtqpjBgHIXBXLtT8dXQszdZDaGu
|
7
|
+
U8iTBnjDYADt206Bqe2q3MpKEz6a3D8fHAE/fR/4FM4HAI77W+Bng2XwFKqLYHQC
|
8
|
+
ReKAexjxIExWBh/dvm8tUdvVmWyY/CVABQWucmwRNo+RQqktksiNqZCDHkE6CVgx
|
9
|
+
oXS8UUIWfz6EWNT6UkeIWRJSVUUECcgRYOTVgkYWBE/5BDsBK9E7ZNL+gWqy6j6h
|
10
|
+
9fSPhK/Xv6XMqdCcOExZsNWFV1j+bt9Wun0CAwEAATANBgkqhkiG9w0BAQsFAAOC
|
11
|
+
AQEA5ah44LKyb2LHTr1ePeduoXdVPqwuXik7mL/H6/ZGI1zfSFb0JgjQG822K0s1
|
12
|
+
3QLT15/lndSt8smHCgMTm12i/bO1cwaM93+jpUbOaVILLnfuDprjVMgiBVfz1bdx
|
13
|
+
GBz6ISJXe1xaKLBhurDsy/1dzbISoizVIg5mJ1us5BvvdklMjtQ1ymY5210ZYCsk
|
14
|
+
YcKBVW3hJ6hoZTHrNw7tI99CeBSOpfg0UaxUNMIy1D95+m4RU2aIykoYhAGfmX+u
|
15
|
+
zZR0I16widielJWXNCnh6gXdoNjOgYS0TuNoSfmX2oF7nsC5N1zfynz+tPvoK0ys
|
16
|
+
OMFwnJJ5LrPHbQk/RK907gBf5Q==
|
17
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,30 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
Proc-Type: 4,ENCRYPTED
|
3
|
+
DEK-Info: AES-256-CBC,23BAC38304EB81CEE42C61575CA054CE
|
4
|
+
|
5
|
+
jR1vKTozeVkx4Nyjb38fj/SSj99MZtboUUHSlUyfDYNgWdhDSli3agFuouxtGoGe
|
6
|
+
cWNKcjn73lbxBaAozFGejNo1RQSOaWdKLCXKvvoQTjWg02+9xIL4bQL29Xe4xi7f
|
7
|
+
DlsMbcLOrlJZsdAYeL+11vU61yrtIYyPJJFaRh6WLTbVuHH6vUJPYt0Vg77g0L8I
|
8
|
+
8tJtAvFSLeMzonu1LGEa/gXHwNT5TlWERybXxD6JzoigmHx4mGFNo9fz4ZyTPjkR
|
9
|
+
OWbOZssFDKUeGJVdssRTPYwjaEg8DOUk7JbFTWlRYa7Re/2SEkIte3PrAxJFLFuV
|
10
|
+
LZSIR4Vg/cKmpo4BcNNNHmSyymSS4ZAh3GQiztfqHOqAXxfvBsuO3ZHUYPCIhpqw
|
11
|
+
KwwkDjJb4dRygDRC5n4os/mdQW/dBVD4OIaghE4lQApOqc3fxOoD9V0SIipbPPv0
|
12
|
+
bjaKyt5pEZYyAMrAd3G1UGPQBWcNl2Hu1Shc30uhJZrzthPy/0BTWao0lpA3fIQD
|
13
|
+
Pv4weYOc+5tZsKXSuFQc/Y2fLPF9m1GGTAd+YQlfN8JO9I1GKhl1AL/7eC+Usgl4
|
14
|
+
ugXPjIgh5/5+qYqiaYE1HlaNrNh2XxcIR9SC7+jgbliBMOeouEPQ0bPQyvz/44cg
|
15
|
+
sv3OoIP3F7lqLP/3oR9AiqrqadsO0WMNWwYdMUFshY3EZLWgdWVcH6JyxD02E/IJ
|
16
|
+
tPtZrhIGMADuJWbTj0abQUIxAuYrBm2Vf/+qgY9gKxJcHIZ3nKfrJc100WOILR8P
|
17
|
+
3Ok2WLprASSLiOEkTJ0nvViTtsbgy4DRRhytGNzFEedj50/yRltkb9gdXuVNbmUV
|
18
|
+
M7p9YkY4VkF2m43k6sxGXuoAFxAVCLriAGzHLifWkX/xRuxsh93osNhUsg9sMWRd
|
19
|
+
bgX5Vcmyr2xhe2UEiQp6glQ6DQg7gofi19jes2iKaw7eMG3pelBvmUKqboARI4Ga
|
20
|
+
i8blKaBWZvdmZMBOJ6fx322T+Ii7vvAlCmnWLBxboF5GJ/KiE0i2vrdLTxwI0IZN
|
21
|
+
EHFxgfJF3rlLtuvRD8cW1VId9wyOPWPMi/olgE+FdRVlg7+w35cAb9c7Na52c+jj
|
22
|
+
G2pxqHgjFoSsofY/iWZ13OQvn6RFUncRS/b+QFz6c2Tp5shMwU+i4BXiuwSj8AvB
|
23
|
+
oWfEij7UBpi9o2x4qG3hAeJWM3mg4Nr9MRdv82eEf3tuAPidfXCne/GEN+aIRYeG
|
24
|
+
niBZS+kDXtvFgsixGtCU60T4/IXf7FDTWbZ5lN5o0vD6BClReubGd0cYbHTtH7ax
|
25
|
+
k4/BAM/PF7dT0sR0zNCd2I7Zkub/CF0+HDAcP94vgV1EcB4XdL7inaZXPTntDRmu
|
26
|
+
IZHTVm3satJBt34tAhML1Xqvb8ck02/rhQRdjqWcAOk7gGfKJUwewoH4T558R9uW
|
27
|
+
HHEOYCzXy8ckqiDZxJVJ67iZgrCOadWJWtEQPsr1QFxdxuO1J31u50Zzv/nJlrPb
|
28
|
+
bmm7fUwszWLX+sM0RGoenvdphicht4gmalMade8N05XzEoOIGth8jYQqFw3s8BKJ
|
29
|
+
uZGDC706f0VAGo1dVOvGcNeEOPC3keXkMABbzHFVEzAjH3kfr4rKNCrMx+2Vr/qc
|
30
|
+
-----END RSA PRIVATE KEY-----
|