logstash-input-tcp 6.0.10-java → 6.2.1-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +16 -0
- data/docs/index.asciidoc +61 -0
- data/lib/logstash/inputs/tcp/decoder_impl.rb +12 -9
- data/lib/logstash/inputs/tcp.rb +53 -27
- data/logstash-input-tcp.gemspec +6 -0
- data/spec/fixtures/encrypted-pkcs5v15.crt +14 -0
- data/spec/fixtures/encrypted-pkcs5v15.key +17 -0
- data/spec/fixtures/encrypted-pkcs8.crt +11 -0
- data/spec/fixtures/encrypted-pkcs8.key +18 -0
- data/spec/fixtures/encrypted_aes256.crt +17 -0
- data/spec/fixtures/encrypted_aes256.key +30 -0
- data/spec/fixtures/encrypted_des.crt +9 -0
- data/spec/fixtures/encrypted_des.key +12 -0
- data/spec/fixtures/encrypted_seed.crt +17 -0
- data/spec/fixtures/encrypted_seed.key +30 -0
- data/spec/fixtures/small.crt +9 -0
- data/spec/fixtures/small.key +9 -0
- data/spec/inputs/tcp_spec.rb +243 -116
- data/vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/{6.0.10/logstash-input-tcp-6.0.10.jar → 6.2.1/logstash-input-tcp-6.2.1.jar} +0 -0
- data/version +1 -1
- metadata +86 -16
- data/lib/logstash/inputs/tcp/compat_ssl_options.rb +0 -147
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 387806978d8a05a020a5f642c6e377a4ebb6b40d73df908a88d99282d0b4e99e
|
4
|
+
data.tar.gz: 670952d23fd233413a074c2447b15fb6f04aef532b311edac6dcfc85d9de7299
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 151d1d001537105d26efbd03cdb603bec2c8e2c5402082b0f66b26bc582c5e601790d5d61e90eea224781b9682b221026daad5d8323bfa1a030e0fbc10c628e7
|
7
|
+
data.tar.gz: b290d05bf1c1f3fcb3ac3bc0e9d7d8cc2523b52cd90f0aad848398971026e4bb2e7eba94a5b27ec56ee4e961d33b1672c27992cf5997ffffc81cc5357af53d2b
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,19 @@
|
|
1
|
+
## 6.2.1
|
2
|
+
- Fix: restore logic to add the Bouncy-Castle security provider at runtime [#181](https://github.com/logstash-plugins/logstash-input-tcp/pull/181)
|
3
|
+
- required to properly read encrypted (legacy) OpenSSL PKCS#5v1.5 keys
|
4
|
+
|
5
|
+
## 6.2.0
|
6
|
+
- Added ECS Compatibility Mode [#165](https://github.com/logstash-plugins/logstash-input-tcp/pull/165)
|
7
|
+
- When operating in an ECS Compatibility mode, metadata about the connection on which we are receiving data is nested in well-named fields under `[@metadata][input][tcp]` instead of at the root level.
|
8
|
+
- Fix: source address is no longer missing when a proxy is present
|
9
|
+
|
10
|
+
## 6.1.1
|
11
|
+
- Changed jar dependencies to reflect newer versions [#179](https://github.com/logstash-plugins/logstash-input-http/pull/179)
|
12
|
+
|
13
|
+
## 6.1.0
|
14
|
+
- Feat: improve SSL error logging/unwrapping [#178](https://github.com/logstash-plugins/logstash-input-tcp/pull/178)
|
15
|
+
- Fix: the plugin will no longer have a side effect of adding the Bouncy-Castle security provider at runtime
|
16
|
+
|
1
17
|
## 6.0.10
|
2
18
|
- bumping dependency commons-io [#174](https://github.com/logstash-plugins/logstash-input-tcp/pull/174)
|
3
19
|
|
data/docs/index.asciidoc
CHANGED
@@ -70,6 +70,52 @@ event timestamp
|
|
70
70
|
}
|
71
71
|
}
|
72
72
|
|
73
|
+
[id="plugins-{type}s-{plugin}-ecs_metadata"]
|
74
|
+
==== Event Metadata and the Elastic Common Schema (ECS)
|
75
|
+
|
76
|
+
In addition to decoding the events, this input will add metadata about the TCP connection itself to each event.
|
77
|
+
This can be helpful when applications are configured to send events directly to this input's TCP listener without including information about themselves.
|
78
|
+
|
79
|
+
Historically, this metadata was added to a variety of non-standard top-level fields, which had the potential to create confusion and schema conflicts downstream.
|
80
|
+
With ECS compatibility mode, we can ensure a pipeline still has access to this metadata throughout the event's lifecycle without polluting the top-level namespace.
|
81
|
+
|
82
|
+
[cols="3,7,5"]
|
83
|
+
|=======================================================================
|
84
|
+
| Metadata Group | ecs: `v1`, `v8` | ecs: `disabled`
|
85
|
+
|
86
|
+
.3+|Source Metadata from the TCP connection
|
87
|
+
on which events are being received, including
|
88
|
+
the sender's name, ip, and outbound port. l|[@metadata][input][tcp][source][name] l|[host]
|
89
|
+
l|[@metadata][input][tcp][source][ip] l|[@metadata][ip_address]
|
90
|
+
l|[@metadata][input][tcp][source][port] l|[port]
|
91
|
+
|
92
|
+
.2+|Proxy Metadata from a proxied TCP connection.
|
93
|
+
Available when receiving events by proxy and
|
94
|
+
`proxy_protocol => true` l|[@metadata][input][tcp][proxy][ip] l|[proxy_host]
|
95
|
+
l|[@metadata][input][tcp][proxy][port] l|[proxy_port]
|
96
|
+
|
97
|
+
.1+|SSL Subject Metadata from a secured TCP
|
98
|
+
connection. Available when `ssl_enable => true`
|
99
|
+
AND `ssl_verify => true` l|[@metadata][input][tcp][ssl][subject] l|[sslsubject]
|
100
|
+
|=======================================================================
|
101
|
+
|
102
|
+
For example, the Elastic Common Schema reserves the https://www.elastic.co/guide/en/ecs/current/ecs-host.html[top-level `host` field] for information about the host on which the event happened.
|
103
|
+
If an event is missing this metadata, it can be copied into place from the source TCP connection metadata that has been added to the event:
|
104
|
+
|
105
|
+
[source,txt]
|
106
|
+
-----
|
107
|
+
filter {
|
108
|
+
if [@metadata][input][tcp][source] and not [host] {
|
109
|
+
mutate {
|
110
|
+
copy {
|
111
|
+
"[@metadata][input][tcp][source][name]" => "[host][name]"
|
112
|
+
"[@metadata][input][tcp][source][ip]" => "[host][ip]"
|
113
|
+
}
|
114
|
+
}
|
115
|
+
}
|
116
|
+
}
|
117
|
+
-----
|
118
|
+
|
73
119
|
[id="plugins-{type}s-{plugin}-options"]
|
74
120
|
==== Tcp Input Configuration Options
|
75
121
|
|
@@ -79,6 +125,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
|
|
79
125
|
|=======================================================================
|
80
126
|
|Setting |Input type|Required
|
81
127
|
| <<plugins-{type}s-{plugin}-dns_reverse_lookup_enabled>> |<<boolean,boolean>>|No
|
128
|
+
| <<plugins-{type}s-{plugin}-ecs_compatibility>> | <<string,string>>|No
|
82
129
|
| <<plugins-{type}s-{plugin}-host>> |<<string,string>>|No
|
83
130
|
| <<plugins-{type}s-{plugin}-mode>> |<<string,string>>, one of `["server", "client"]`|No
|
84
131
|
| <<plugins-{type}s-{plugin}-port>> |<<number,number>>|Yes
|
@@ -108,6 +155,20 @@ It is possible to avoid DNS reverse-lookups by disabling this setting. If disabl
|
|
108
155
|
the address metadata that is added to events will contain the source address as-specified
|
109
156
|
at the TCP layer and IPs will not be resolved to hostnames.
|
110
157
|
|
158
|
+
[id="plugins-{type}s-{plugin}-ecs_compatibility"]
|
159
|
+
===== `ecs_compatibility`
|
160
|
+
|
161
|
+
* Value type is <<string,string>>
|
162
|
+
* Supported values are:
|
163
|
+
** `disabled`: unstructured connection metadata added at root level
|
164
|
+
** `v1`,`v8`: structured connection metadata added under `[@metadata][input][tcp]`
|
165
|
+
* Default value depends on which version of Logstash is running:
|
166
|
+
** When Logstash provides a `pipeline.ecs_compatibility` setting, its value is used as the default
|
167
|
+
** Otherwise, the default value is `disabled`.
|
168
|
+
|
169
|
+
Controls this plugin's compatibility with the https://www.elastic.co/guide/en/ecs/current/index.html[Elastic Common Schema (ECS)].
|
170
|
+
The value of this setting affects the <<plugins-{type}s-{plugin}-ecs_metadata,placement of a TCP connection's metadata>> on events.
|
171
|
+
|
111
172
|
[id="plugins-{type}s-{plugin}-host"]
|
112
173
|
===== `host`
|
113
174
|
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# encoding: utf-8
|
2
2
|
require 'java'
|
3
3
|
|
4
|
-
class DecoderImpl
|
4
|
+
class LogStash::Inputs::Tcp::DecoderImpl
|
5
5
|
|
6
6
|
include org.logstash.tcp.Decoder
|
7
7
|
|
@@ -24,7 +24,7 @@ class DecoderImpl
|
|
24
24
|
end
|
25
25
|
|
26
26
|
def copy
|
27
|
-
|
27
|
+
self.class.new(@codec.clone, @tcp)
|
28
28
|
end
|
29
29
|
|
30
30
|
def flush
|
@@ -41,16 +41,17 @@ class DecoderImpl
|
|
41
41
|
@tcp.logger.error("Invalid proxy protocol header label", :header => pp_hdr)
|
42
42
|
raise IOError.new("Invalid proxy protocol header label #{pp_hdr.inspect}")
|
43
43
|
else
|
44
|
-
@proxy_address = pp_info[3]
|
45
|
-
@proxy_port = pp_info[5]
|
46
|
-
@
|
47
|
-
@
|
44
|
+
@proxy_address = pp_info[3] # layer 3 destination address (proxy's receiving address)
|
45
|
+
@proxy_port = pp_info[5] # TCP destination port (proxy's receiving port)
|
46
|
+
@ip_address = pp_info[2] # layer 3 source address (outgoing ip of sender)
|
47
|
+
@address = extract_host_name(@ip_address)
|
48
|
+
@port = pp_info[4] # TCP source port (outgoing port on sender [probably random])
|
48
49
|
end
|
49
50
|
else
|
50
51
|
filtered = received
|
51
|
-
@ip_address = channel_addr.get_address.get_host_address
|
52
|
-
@address = extract_host_name(channel_addr)
|
53
|
-
@port = channel_addr.get_port
|
52
|
+
@ip_address = channel_addr.get_address.get_host_address # ip address of sender
|
53
|
+
@address = extract_host_name(channel_addr) # name _or_ address of sender
|
54
|
+
@port = channel_addr.get_port # outgoing port of sender (probably random)
|
54
55
|
end
|
55
56
|
@first_read = false
|
56
57
|
filtered
|
@@ -58,6 +59,8 @@ class DecoderImpl
|
|
58
59
|
|
59
60
|
private
|
60
61
|
def extract_host_name(channel_addr)
|
62
|
+
channel_addr = java.net.InetSocketAddress.new(channel_addr, 0) if channel_addr.kind_of?(String)
|
63
|
+
|
61
64
|
return channel_addr.get_host_string unless @tcp.dns_reverse_lookup_enabled?
|
62
65
|
|
63
66
|
channel_addr.get_host_name
|
data/lib/logstash/inputs/tcp.rb
CHANGED
@@ -5,8 +5,7 @@ require "java"
|
|
5
5
|
require "logstash/inputs/base"
|
6
6
|
require "logstash/util/socket_peer"
|
7
7
|
require "logstash-input-tcp_jars"
|
8
|
-
require
|
9
|
-
require "logstash/inputs/tcp/compat_ssl_options"
|
8
|
+
require 'logstash/plugin_mixins/ecs_compatibility_support'
|
10
9
|
|
11
10
|
require "socket"
|
12
11
|
require "openssl"
|
@@ -61,7 +60,13 @@ require "openssl"
|
|
61
60
|
# }
|
62
61
|
class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
63
62
|
|
64
|
-
java_import org.logstash.tcp.InputLoop
|
63
|
+
java_import 'org.logstash.tcp.InputLoop'
|
64
|
+
java_import 'org.logstash.tcp.SslContextBuilder'
|
65
|
+
|
66
|
+
require_relative "tcp/decoder_impl"
|
67
|
+
|
68
|
+
# ecs_compatibility option, provided by Logstash core or the support adapter.
|
69
|
+
include LogStash::PluginMixins::ECSCompatibilitySupport(:disabled, :v1, :v8 => :v1)
|
65
70
|
|
66
71
|
config_name "tcp"
|
67
72
|
|
@@ -103,7 +108,8 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
103
108
|
# Useful when the CA chain is not necessary in the system store.
|
104
109
|
config :ssl_extra_chain_certs, :validate => :array, :default => []
|
105
110
|
|
106
|
-
# Validate client certificates against these authorities. You can define multiple files or paths.
|
111
|
+
# Validate client certificates against these authorities. You can define multiple files or paths.
|
112
|
+
# All the certificates will be read and added to the trust store.
|
107
113
|
config :ssl_certificate_authorities, :validate => :array, :default => []
|
108
114
|
|
109
115
|
# Instruct the socket to use TCP keep alives. Uses OS defaults for keep alive settings.
|
@@ -112,13 +118,6 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
112
118
|
# Option to allow users to avoid DNS Reverse Lookup.
|
113
119
|
config :dns_reverse_lookup_enabled, :validate => :boolean, :default => true
|
114
120
|
|
115
|
-
HOST_FIELD = "host".freeze
|
116
|
-
HOST_IP_FIELD = "[@metadata][ip_address]".freeze
|
117
|
-
PORT_FIELD = "port".freeze
|
118
|
-
PROXY_HOST_FIELD = "proxy_host".freeze
|
119
|
-
PROXY_PORT_FIELD = "proxy_port".freeze
|
120
|
-
SSLSUBJECT_FIELD = "sslsubject".freeze
|
121
|
-
|
122
121
|
# Monkey patch TCPSocket and SSLSocket to include socket peer
|
123
122
|
# @private
|
124
123
|
def self.patch_socket_peer!
|
@@ -133,6 +132,8 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
133
132
|
def initialize(*args)
|
134
133
|
super(*args)
|
135
134
|
|
135
|
+
setup_fields!
|
136
|
+
|
136
137
|
self.class.patch_socket_peer!
|
137
138
|
|
138
139
|
# threadsafe socket bookkeeping
|
@@ -148,10 +149,7 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
148
149
|
fix_streaming_codecs
|
149
150
|
|
150
151
|
if server?
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
@loop = InputLoop.new(@host, @port, DecoderImpl.new(@codec, self), @tcp_keep_alive, ssl_context)
|
152
|
+
@loop = InputLoop.new(@host, @port, DecoderImpl.new(@codec, self), @tcp_keep_alive, java_ssl_context)
|
155
153
|
end
|
156
154
|
end
|
157
155
|
|
@@ -188,8 +186,8 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
188
186
|
proxy_port, tbuf, socket)
|
189
187
|
codec.decode(tbuf) do |event|
|
190
188
|
if @proxy_protocol
|
191
|
-
event.set(
|
192
|
-
event.set(
|
189
|
+
event.set(@field_proxy_host, proxy_address) unless event.get(@field_proxy_host)
|
190
|
+
event.set(@field_proxy_port, proxy_port) unless event.get(@field_proxy_port)
|
193
191
|
end
|
194
192
|
enqueue_decorated(event, client_ip_address, client_address, client_port, socket)
|
195
193
|
end
|
@@ -262,14 +260,24 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
262
260
|
end
|
263
261
|
|
264
262
|
def enqueue_decorated(event, client_ip_address, client_address, client_port, socket)
|
265
|
-
event.set(
|
266
|
-
event.set(
|
267
|
-
event.set(
|
268
|
-
event.set(
|
263
|
+
event.set(@field_host, client_address) unless event.get(@field_host)
|
264
|
+
event.set(@field_host_ip, client_ip_address) unless event.get(@field_host_ip)
|
265
|
+
event.set(@field_port, client_port) unless event.get(@field_port)
|
266
|
+
event.set(@field_sslsubject, socket.peer_cert.subject.to_s) if socket && @ssl_enable && @ssl_verify && event.get(@field_sslsubject).nil?
|
269
267
|
decorate(event)
|
270
268
|
@output_queue << event
|
271
269
|
end
|
272
270
|
|
271
|
+
# setup the field names, with respect to ECS compatibility.
|
272
|
+
def setup_fields!
|
273
|
+
@field_host = ecs_select[disabled: "host", v1: "[@metadata][input][tcp][source][name]" ].freeze
|
274
|
+
@field_host_ip = ecs_select[disabled: "[@metadata][ip_address]", v1: "[@metadata][input][tcp][source][ip]" ].freeze
|
275
|
+
@field_port = ecs_select[disabled: "port", v1: "[@metadata][input][tcp][source][port]" ].freeze
|
276
|
+
@field_proxy_host = ecs_select[disabled: "proxy_host", v1: "[@metadata][input][tcp][proxy][ip]" ].freeze
|
277
|
+
@field_proxy_port = ecs_select[disabled: "proxy_port", v1: "[@metadata][input][tcp][proxy][port]" ].freeze
|
278
|
+
@field_sslsubject = ecs_select[disabled: "sslsubject", v1: "[@metadata][input][tcp][tls][client][subject]"].freeze
|
279
|
+
end
|
280
|
+
|
273
281
|
def server?
|
274
282
|
@mode == "server"
|
275
283
|
end
|
@@ -320,7 +328,7 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
320
328
|
|
321
329
|
socket
|
322
330
|
rescue OpenSSL::SSL::SSLError => e
|
323
|
-
@logger.error("SSL Error", :exception => e, :backtrace => e.backtrace)
|
331
|
+
@logger.error("SSL Error", :message => e.message, :exception => e.class, :backtrace => e.backtrace)
|
324
332
|
# catch all rescue nil on close to discard any close errors or invalid socket
|
325
333
|
socket.close rescue nil
|
326
334
|
sleep(1) # prevent hammering peer
|
@@ -362,15 +370,33 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
362
370
|
@socket_mutex.synchronize{@connection_sockets.keys.dup}
|
363
371
|
end
|
364
372
|
|
365
|
-
def
|
366
|
-
|
367
|
-
.
|
373
|
+
def java_ssl_context
|
374
|
+
SslContextBuilder.new
|
375
|
+
.set_ssl_enabled(@ssl_enable)
|
368
376
|
.set_should_verify(@ssl_verify)
|
369
377
|
.set_ssl_cert(@ssl_cert)
|
370
378
|
.set_ssl_key(@ssl_key)
|
371
|
-
.
|
379
|
+
.set_ssl_key_password(@ssl_key_passphrase.value)
|
372
380
|
.set_ssl_extra_chain_certs(@ssl_extra_chain_certs.to_java(:string))
|
373
381
|
.set_ssl_certificate_authorities(@ssl_certificate_authorities.to_java(:string))
|
374
|
-
.
|
382
|
+
.build_context
|
383
|
+
rescue java.lang.IllegalArgumentException => e
|
384
|
+
@logger.error("SSL configuration invalid", error_details(e))
|
385
|
+
raise LogStash::ConfigurationError, e
|
386
|
+
rescue java.lang.Exception => e
|
387
|
+
@logger.error("SSL configuration failed", error_details(e, true))
|
388
|
+
raise e
|
389
|
+
end
|
390
|
+
|
391
|
+
def error_details(e, trace = false)
|
392
|
+
error_details = { :exception => e.class, :message => e.message }
|
393
|
+
error_details[:backtrace] = e.backtrace if trace || @logger.debug?
|
394
|
+
cause = e.cause
|
395
|
+
if cause && e != cause
|
396
|
+
error_details[:cause] = { :exception => cause.class, :message => cause.message }
|
397
|
+
error_details[:cause][:backtrace] = cause.backtrace if trace || @logger.debug?
|
398
|
+
end
|
399
|
+
error_details
|
375
400
|
end
|
401
|
+
|
376
402
|
end
|
data/logstash-input-tcp.gemspec
CHANGED
@@ -21,6 +21,12 @@ Gem::Specification.new do |s|
|
|
21
21
|
|
22
22
|
# Gem dependencies
|
23
23
|
s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
|
24
|
+
s.add_runtime_dependency 'logstash-mixin-ecs_compatibility_support', '~>1.2'
|
25
|
+
|
26
|
+
s.add_runtime_dependency 'logstash-core', '>= 6.7.0'
|
27
|
+
|
28
|
+
# we depend on bouncycastle's bcpkix-jdk15on being on the class-path
|
29
|
+
s.add_runtime_dependency 'jruby-openssl', '>= 0.10.2', '< 0.12'
|
24
30
|
|
25
31
|
# line vs streaming codecs required for fix_streaming_codecs
|
26
32
|
# TODO: fix_streaming_codecs should be refactored to not
|
@@ -0,0 +1,14 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIICNDCCAZ0CFDeJbri+rGpHPKybNEMIdH/rV8NNMA0GCSqGSIb3DQEBCwUAMFkx
|
3
|
+
CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
|
4
|
+
cm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMTA4
|
5
|
+
MjUxMzAyMzZaFw0yNDEyMDcxMzAyMzZaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQI
|
6
|
+
DApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQx
|
7
|
+
EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
|
8
|
+
v7u9o3mztK8BQ7HiuWs1YJSzpPujs6cYefYDU8AWg6SkDIS/E0SiVoKZmHxcyul+
|
9
|
+
t1QEsF3VYEnkKs0jtJQKE6Av0DCMQWA8lXmuEnXI02mDvtL2Kxh4w5x1D5bSRgJP
|
10
|
+
Ms9ozN06F5wrMtipUBglwIwQ6HHPywToNMnf5BBZUnECAwEAATANBgkqhkiG9w0B
|
11
|
+
AQsFAAOBgQCuh+ytoZKgOEzeLwhfScUvcuDcYJFGkMckO6oUe+/SDTfBN/z5WAhV
|
12
|
+
ogBOLOqate4plaP12ZhjE8DUeRy9oN3zKenpskTtXrMz5XH0mclAn8aBig+eOyEj
|
13
|
+
1QMDysipE11d1sx1SIXiIMSKtv6kLV/Y+4aId9/AJHxOYMHxebwSQg==
|
14
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,17 @@
|
|
1
|
+
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
2
|
+
MIICoTAbBgkqhkiG9w0BBQMwDgQI3TfMa5Qd1D8CAggABIICgFjVn88VPNrjBXiF
|
3
|
+
Hw5W8yFFwvoeSd/vVkDcGUiNhQy9A3ra/QmktEHvv1d/rGGLSkPypmx9zJuTNGz9
|
4
|
+
eJs7TSgIVBsmRG4UtG20qBifG/XVpN1/6pk1Hp9hbIuSBzNIi+EhdhSEty10oZso
|
5
|
+
JwrkTbFS4VAk4ivOWcl0O0HQRkGxlSaKmgYNOebvOLqw4/77BN80AOeZHXBGwYNJ
|
6
|
+
vRf8Og5PWqR5XmTJLVQxtB4BcBSPCSkECgOBoFfAeaeE6ei0W7V+LDBBHC7Ql0Dl
|
7
|
+
rK3KCyvYywd+Ep58jNQRfDsEglgw7jrN2IIaf2jRhfEiPhwbAnEDlQXsMqAIWS/I
|
8
|
+
gwj6NaaZObdX8hDVhz/T7MSnK9O8q2JGM6jhhRQZxo4TUlLB1xnwGZ9uQRljshQy
|
9
|
+
OmtQ3KuLZvRML9G8nMtd73vdQ3f0cFBIjPG8QblUMOews8tJA2OMpBXEAZf0go25
|
10
|
+
+lI+rk4RKdHvX9kVGDmKoe/KN3xo23usTjcfodhapHQYPqHc3QOx8XNxtcio1I49
|
11
|
+
wnS2xICbiEJfnSOBrrjWIivW0wHZG590ZKJ0FnpKEaXXJ2bV8VEyn+mZ4Ef9ITLk
|
12
|
+
9wsOt+68V9xRrsUsvUkkW97POVGZbw0XHf5xZ3ckKiBK41wPuoo2opVc/Qyw+jB0
|
13
|
+
cw2Lr/AUzLWZW9w+jmHL1Qr9cydcf2XKBMIoqBFQpJce35bNLTTm8O8K8ZMXEK8g
|
14
|
+
WhKLaLRfo4j/pFyuUeHw2pQ7QHRdcYtRHT1GqsQ4AQsXqVYJjwpm1E2ZL001Y+6O
|
15
|
+
r/7sJ91jAcv4IwpRS4suaJJydvVQ0qz7xq7B9TvyxZh2f4zbHL+qSe6OQj8Erm1/
|
16
|
+
jHkcaB0=
|
17
|
+
-----END ENCRYPTED PRIVATE KEY-----
|
@@ -0,0 +1,11 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIBqjCCARMCFCWVL+Vfx2IIr8d2/GMqsmfzPLD/MA0GCSqGSIb3DQEBDQUAMBQx
|
3
|
+
EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMTA4MjUxMDUyNTRaFw0yNDEyMDcxMDUy
|
4
|
+
NTRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
|
5
|
+
gYkCgYEA8HAsVcCjcolfzYR0siWOAg+xFG4fIahO6PH2Oi0l3zosa4KX2dlt3nFS
|
6
|
+
2PmgG9MNIDfXwI+BoM6QXB7O7Ch/YUhOz4GGDv3ptCjTYWyA9KZBrgLpiBFsCdt+
|
7
|
+
DiW7JBbt0OnMJGhVEsZa2Byh3HOxYqkvC2y4fET4OXdj2uX56B0CAwEAATANBgkq
|
8
|
+
hkiG9w0BAQ0FAAOBgQAW/tHI3AnyKYsJ9uaqvndUnVTIDHEEPNFE/xMM3mtQiL8f
|
9
|
+
qVYPq4V4C1Z5RD2xBI/skPngaZRWmqFrshEz2EccKe8gzdfyGQG89MQAB8QWn4dJ
|
10
|
+
bXUcnXO4hcSD4y3SiZYXJYNj37I2qJ2DfYBx7pScGYdjzIr/OJNK5EIGZI1Bvg==
|
11
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,18 @@
|
|
1
|
+
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
2
|
+
MIIC1DBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIE3AUYJOvgkYCAggA
|
3
|
+
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECO0VArsmaac3BIICgOpQitrzl0AC
|
4
|
+
uV2AD2kgBfOUvTVe9jVJZ2Pvawo7IRxZZQl/7wMHfm6uB666OVSOVfKEa6nXJhBn
|
5
|
+
JzJYXJHBqzQwgsoGfg25Y6bSvIU8ydkCzwEf2P93cexFCCDJE1B8p1/lxJViEfOq
|
6
|
+
2CujkKgS3YZCet/03qt/ktkx3qBk9dOk6+xCXorUgzjwGL2SzSH7Su1kXoVKTu5/
|
7
|
+
TRCPyD552l8kjtyqNngfOu3xcd0+FFF/e/bUe4qX1bpYNza/Cs/AJAoxHhhGag+O
|
8
|
+
26bZ/LTbsN56fM95PvytRvomyj2rMGFJtz1j56R7iYujLUZu7XgCkxq0/t/3mWgX
|
9
|
+
0VxOy0zvppZO0XRky1uwSLPsaopZlPIN6s61JAJciT0O884Hi4citNA0hskOCnJA
|
10
|
+
vyy0lGa9goZh/cJKjr7W6w2ZkkPwMOKI6YMIup7Fo+7pfG2h0EDxCZyK2JWVl2n0
|
11
|
+
vyKMUNl3yrqDbxTk0vURz9qMx/q2cY6zK6+gi+uvfjvRM4oz3nCREbuVjykvEAXo
|
12
|
+
OhmN69CN6f8QwJ6wF4JNtxwwkHy+70dLoQg/FYKIfSbA3aoxpgXtr/2d/vkZYjya
|
13
|
+
zjcaIrM/WEoPLFvieMHrOmlRZhbVI9BVjhrAyTmT+sQV+GJ7GJirJpmn06VHz5Ln
|
14
|
+
ZNE4+ZSH4ODf+JQdh+LajyI8wQKfh4YMr498i5qHyw/KnKtbPjevbY25uWvEKzce
|
15
|
+
RWv9nt7VsSQhXuR2U85yc6sqFQQ01QM9xUdhcVB9Eu7FvloDrC6pgaFIXy3IVcfH
|
16
|
+
AJPiyRBv1bNad9wdh/+O5MyoKrhAI37YfH2fEKMdR2QKBEnCs94mjFPLy2Kc9kww
|
17
|
+
eVwJJw/VXbE=
|
18
|
+
-----END ENCRYPTED PRIVATE KEY-----
|
@@ -0,0 +1,17 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIICrzCCAZcCFCbPEM/VXTgCksFOQPoLuv1Td9seMA0GCSqGSIb3DQEBCwUAMBQx
|
3
|
+
EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMTA4MjUwOTM1MDBaFw0yNDEyMDcwOTM1
|
4
|
+
MDBaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
5
|
+
ADCCAQoCggEBAOfAL1NL6pXDkpgWNync+LHLWgrrL18gTrpXjaPjmw6HuiX0te6J
|
6
|
+
1xYPjg6xYown6/SJeXi7LS0GFvlQGuz9dh2n6OtqpjBgHIXBXLtT8dXQszdZDaGu
|
7
|
+
U8iTBnjDYADt206Bqe2q3MpKEz6a3D8fHAE/fR/4FM4HAI77W+Bng2XwFKqLYHQC
|
8
|
+
ReKAexjxIExWBh/dvm8tUdvVmWyY/CVABQWucmwRNo+RQqktksiNqZCDHkE6CVgx
|
9
|
+
oXS8UUIWfz6EWNT6UkeIWRJSVUUECcgRYOTVgkYWBE/5BDsBK9E7ZNL+gWqy6j6h
|
10
|
+
9fSPhK/Xv6XMqdCcOExZsNWFV1j+bt9Wun0CAwEAATANBgkqhkiG9w0BAQsFAAOC
|
11
|
+
AQEA5ah44LKyb2LHTr1ePeduoXdVPqwuXik7mL/H6/ZGI1zfSFb0JgjQG822K0s1
|
12
|
+
3QLT15/lndSt8smHCgMTm12i/bO1cwaM93+jpUbOaVILLnfuDprjVMgiBVfz1bdx
|
13
|
+
GBz6ISJXe1xaKLBhurDsy/1dzbISoizVIg5mJ1us5BvvdklMjtQ1ymY5210ZYCsk
|
14
|
+
YcKBVW3hJ6hoZTHrNw7tI99CeBSOpfg0UaxUNMIy1D95+m4RU2aIykoYhAGfmX+u
|
15
|
+
zZR0I16widielJWXNCnh6gXdoNjOgYS0TuNoSfmX2oF7nsC5N1zfynz+tPvoK0ys
|
16
|
+
OMFwnJJ5LrPHbQk/RK907gBf5Q==
|
17
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,30 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
Proc-Type: 4,ENCRYPTED
|
3
|
+
DEK-Info: AES-256-CBC,23BAC38304EB81CEE42C61575CA054CE
|
4
|
+
|
5
|
+
jR1vKTozeVkx4Nyjb38fj/SSj99MZtboUUHSlUyfDYNgWdhDSli3agFuouxtGoGe
|
6
|
+
cWNKcjn73lbxBaAozFGejNo1RQSOaWdKLCXKvvoQTjWg02+9xIL4bQL29Xe4xi7f
|
7
|
+
DlsMbcLOrlJZsdAYeL+11vU61yrtIYyPJJFaRh6WLTbVuHH6vUJPYt0Vg77g0L8I
|
8
|
+
8tJtAvFSLeMzonu1LGEa/gXHwNT5TlWERybXxD6JzoigmHx4mGFNo9fz4ZyTPjkR
|
9
|
+
OWbOZssFDKUeGJVdssRTPYwjaEg8DOUk7JbFTWlRYa7Re/2SEkIte3PrAxJFLFuV
|
10
|
+
LZSIR4Vg/cKmpo4BcNNNHmSyymSS4ZAh3GQiztfqHOqAXxfvBsuO3ZHUYPCIhpqw
|
11
|
+
KwwkDjJb4dRygDRC5n4os/mdQW/dBVD4OIaghE4lQApOqc3fxOoD9V0SIipbPPv0
|
12
|
+
bjaKyt5pEZYyAMrAd3G1UGPQBWcNl2Hu1Shc30uhJZrzthPy/0BTWao0lpA3fIQD
|
13
|
+
Pv4weYOc+5tZsKXSuFQc/Y2fLPF9m1GGTAd+YQlfN8JO9I1GKhl1AL/7eC+Usgl4
|
14
|
+
ugXPjIgh5/5+qYqiaYE1HlaNrNh2XxcIR9SC7+jgbliBMOeouEPQ0bPQyvz/44cg
|
15
|
+
sv3OoIP3F7lqLP/3oR9AiqrqadsO0WMNWwYdMUFshY3EZLWgdWVcH6JyxD02E/IJ
|
16
|
+
tPtZrhIGMADuJWbTj0abQUIxAuYrBm2Vf/+qgY9gKxJcHIZ3nKfrJc100WOILR8P
|
17
|
+
3Ok2WLprASSLiOEkTJ0nvViTtsbgy4DRRhytGNzFEedj50/yRltkb9gdXuVNbmUV
|
18
|
+
M7p9YkY4VkF2m43k6sxGXuoAFxAVCLriAGzHLifWkX/xRuxsh93osNhUsg9sMWRd
|
19
|
+
bgX5Vcmyr2xhe2UEiQp6glQ6DQg7gofi19jes2iKaw7eMG3pelBvmUKqboARI4Ga
|
20
|
+
i8blKaBWZvdmZMBOJ6fx322T+Ii7vvAlCmnWLBxboF5GJ/KiE0i2vrdLTxwI0IZN
|
21
|
+
EHFxgfJF3rlLtuvRD8cW1VId9wyOPWPMi/olgE+FdRVlg7+w35cAb9c7Na52c+jj
|
22
|
+
G2pxqHgjFoSsofY/iWZ13OQvn6RFUncRS/b+QFz6c2Tp5shMwU+i4BXiuwSj8AvB
|
23
|
+
oWfEij7UBpi9o2x4qG3hAeJWM3mg4Nr9MRdv82eEf3tuAPidfXCne/GEN+aIRYeG
|
24
|
+
niBZS+kDXtvFgsixGtCU60T4/IXf7FDTWbZ5lN5o0vD6BClReubGd0cYbHTtH7ax
|
25
|
+
k4/BAM/PF7dT0sR0zNCd2I7Zkub/CF0+HDAcP94vgV1EcB4XdL7inaZXPTntDRmu
|
26
|
+
IZHTVm3satJBt34tAhML1Xqvb8ck02/rhQRdjqWcAOk7gGfKJUwewoH4T558R9uW
|
27
|
+
HHEOYCzXy8ckqiDZxJVJ67iZgrCOadWJWtEQPsr1QFxdxuO1J31u50Zzv/nJlrPb
|
28
|
+
bmm7fUwszWLX+sM0RGoenvdphicht4gmalMade8N05XzEoOIGth8jYQqFw3s8BKJ
|
29
|
+
uZGDC706f0VAGo1dVOvGcNeEOPC3keXkMABbzHFVEzAjH3kfr4rKNCrMx+2Vr/qc
|
30
|
+
-----END RSA PRIVATE KEY-----
|