logstash-integration-logstash 0.0.3-java → 0.0.5-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d00baaa86ceb845df51e6a51e7690b675849c78c71a60f5a7a8e1419085a20fb
-  data.tar.gz: 1b7f3c00680fd4872dd4ecb23cb99f6fe31534c67214aea873da3e7a91ffa3ab
+  metadata.gz: d2356a1818605024fd59bb87dc1a39e885baa0c1d094856439bf847089caf578
+  data.tar.gz: 4dfb606fe58d91b7eb6ffec86e2b7c7dafeb6d6cbadde4a33a33977d276595ac
 SHA512:
-  metadata.gz: 766dbd186c6f11110fa26dd7434bc11b5c9267fdfe371b9e5cf86c134988f25f2fdb3a140447a23a36d135489fdd2c309ed815879f991ef5b6b7768cc1e02260
-  data.tar.gz: deb1117264de1d90453b5407751d7d8cd40add339d3de8b3bfd0f6b5f33aa87e99c28da96c8e2ea62a40f1b03b2efa3f3462d88d057370d79de5359343761e1f
+  metadata.gz: a50d9995c7860240d7797c791c4b182e8fba72823114ebf353adb7c8d84ca47e4ad4ae681383c125dbd5f633f3aa4b95674c209c9b30b7183273ef7dcb053b3e
+  data.tar.gz: 86fb9974fa179341535ba91ad68dca33124c0bb3c990d62984fccd778ff8b40cca6b6261f9bffb4847c18abc5747d974c2e725373176abab70069934b0bc9a8d

data/CHANGELOG.md

@@ -1,5 +1,13 @@
+## 0.0.5
+  - [DOC] Fixes to link formatting [#15](https://github.com/logstash-plugins/logstash-integration-logstash/pull/15)
+
+## 0.0.4
+  - Simplify configuration [#13](https://github.com/logstash-plugins/logstash-integration-logstash/pull/13)
+    - Introduce a default `port` of `9800` for both input and output plugins
+    - BREAKING: Introduce `hosts` config to output plugin, _replacing_ its separate `host` and `port` configurations
+
 ## 0.0.3
-  - Doc: Minor doc changes and version bump to facilitate adding integration files to doc build [#14](https://github.com/logstash-plugins/logstash-integration-logstash/pull/14)
+  - [DOC] Minor doc changes and version bump to facilitate adding integration files to doc build [#14](https://github.com/logstash-plugins/logstash-integration-logstash/pull/14)
 
 ## 0.0.2
   - Enable data compression [#10](https://github.com/logstash-plugins/logstash-integration-logstash/pull/10)

data/VERSION

@@ -1 +1 @@
-0.0.3
+0.0.5

data/docs/index.asciidoc

@@ -23,8 +23,8 @@ include::{include_path}/plugin_header.asciidoc[]
 
 The Logstash Integration Plugin provides integrated plugins for sending events from one Logstash to another:
 
-* {logstash-ref}/plugins-outputs-logstash.html[Logstash Output Plugin]
-* {logstash-ref}/plugins-inputs-logstash.html[Logstash Input Plugin]
+* {logstash-ref}/plugins-outputs-logstash.html[Logstash output plugin]
+* {logstash-ref}/plugins-inputs-logstash.html[Logstash input plugin]
 
 [id="plugins-{type}s-{plugin}-concepts"]
 ===== High-level concepts
@@ -40,7 +40,7 @@ NOTE: You will need a TCP route from the upstream pipeline to the interface that
 ----
 input {
   logstash {
-    port => 8080
+    port => 9800
 
     # SSL IDENTITY <1>
     ssl_keystore_path      => "/path/to/identity.p12"
@@ -53,12 +53,13 @@ input {
 Once the downstream pipeline is configured and running, you may send events from any number of upstream pipelines by adding a `logstash` output plugin that points to the downstream input.
 You may need to configure SSL to trust the certificates presented by the downstream input plugin.
 
+NOTE: Single host endpoint is supported for `hosts`. Multi-host support is coming soon.
+
 [source]
 ----
 output {
   logstash {
-    host => "10.0.0.123"
-    port => 8080
+    hosts => "10.0.0.123:9800"
 
     # SSL TRUST <1>
     ssl_truststore_path => "/path/to/truststore.p12"

data/docs/input-logstash.asciidoc

@@ -22,8 +22,8 @@ include::{include_path}/plugin_header-integration.asciidoc[]
 
 ==== Description
 
-Listen for events that are sent by a <<plugins-outputs-logstash>> in a pipeline that may be in another process or on another host.
-The upstream output must have a TCP route to the port on an interface that this plugin is bound to.
+Listen for events that are sent by a {logstash-ref}/plugins-outputs-logstash.html[Logstash output plugin] in a pipeline that may be in another process or on another host.
+The upstream output must have a TCP route to the port (defaults to 9800) on an interface that this plugin is bound to.
 
 NOTE: Sending events to this input by _any_ means other than `plugins-outputs-logstash` is neither advised nor supported.
 We will maintain cross-compatibility with any two supported versions of output/input pair and reserve the right to change details such as protocol and encoding.
@@ -40,7 +40,6 @@ We will maintain cross-compatibility with any two supported versions of output/i
 ----
 input {
   logstash {
-    port => 8080
     ssl_keystore_path
          => "/path/to/logstash.p12"
     ssl_keystore_password
@@ -55,7 +54,6 @@ input {
 ----
 input {
   logstash {
-    port        => 8080
     ssl_enabled => false
   }
 }
@@ -93,7 +91,7 @@ NOTE: Client-certificate verification does _not_ verify identity claims on the p
 ===== Security: Credentials
 
 You can also configure this plugin to require a specific username/password be provided by configuring <<plugins-{type}s-{plugin}-username>> and <<plugins-{type}s-{plugin}-password>>.
-Doing so requires connecting <<plugins-outputs-logstash>> clients to provide matching <<plugins-outputs-{plugin}-username>> and <<plugins-outputs-{plugin}-password>>.
+Doing so requires connecting `logstash-output` plugin clients to provide matching `username` and `password`. 
 
 NOTE: when SSL is disabled, data and credentials will be received in clear-text.
 
@@ -107,7 +105,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 |Setting                            |Input type        |Required
 | <<plugins-{type}s-{plugin}-host>> |<<string,string>> |No
 | <<plugins-{type}s-{plugin}-password>> |<<password,password>>|No
-| <<plugins-{type}s-{plugin}-port>> |<<number,number>> |Yes
+| <<plugins-{type}s-{plugin}-port>> |<<number,number>> |No
 | <<plugins-{type}s-{plugin}-ssl_certificate>> | <<path,path>>|No
 | <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> |<<array,array>>|No
 | <<plugins-{type}s-{plugin}-ssl_client_authentication>> | <<string,string>>, one of `["none", "optional", "required"]`|No
@@ -146,7 +144,7 @@ Requires <<plugins-{type}s-{plugin}-username>>.
 ===== `port`
 
 * Value type is a <<number,number>> port
-* There is no default value
+* Default value is 9800
 
 Specify which port to listen on.
 
@@ -242,7 +240,7 @@ A password or passphrase of the <<plugins-{type}s-{plugin}-ssl_key>>.
 * There is no default value for this setting.
 
 Username for password-based authentication.
-When this input plugin is configured with a `username`, it also requires a <<plugins-{type}s-{plugin}-password>>, and any upstream <<plugins-outputs-logstash>> must also be configured with a matching `username`/`password` pair.
+When this input plugin is configured with a `username`, it also requires a `password`, and any upstream `logstash-output` plugin must also be configured with a matching `username`/`password` pair.
 
 NOTE: when SSL is disabled, credentials will be transmitted in clear-text.
 

data/docs/output-logstash.asciidoc

@@ -22,10 +22,10 @@ include::{include_path}/plugin_header-integration.asciidoc[]
 
 ==== Description
 
-Send events to a <<plugins-inputs-logstash>> in a pipeline that may be in another process or on another host.
-You must have a TCP route to the port on an interface that the downstream input is bound to.
+Send events to a {logstash-ref}/plugins-inputs-logstash.html[Logstash input plugin] in a pipeline that may be in another process or on another host.
+You must have a TCP route to the port (defaults to 9800) on an interface that the downstream input is bound to.
 
-NOTE: Sending events to _any_ destination other than <<plugins-inputs-logstash>> is neither advised nor supported.
+NOTE: Sending events to _any_ destination other than a `logstash-input` plugin is neither advised nor supported.
       We will maintain cross-compatibility with any two supported versions of output/input pair and reserve the right to change details such as protocol and encoding.
 
 [id="plugins-{type}s-{plugin}-minimum-config"]
@@ -40,8 +40,7 @@ NOTE: Sending events to _any_ destination other than <<plugins-inputs-logstash>>
 ----
 output {
   logstash {
-    host => "10.0.0.123"
-    port => 8080
+    hosts => "10.0.0.123:9801"
   }
 }
 ----
@@ -52,8 +51,7 @@ output {
 ----
 output {
   logstash {
-    host => "10.0.0.123"
-    port => 8080
+    hosts => "10.0.0.123:9801"
     ssl_enabled
          => false
   }
@@ -65,15 +63,15 @@ output {
 [id="plugins-{type}s-{plugin}-config-connecting"]
 ===== Configuration Concepts
 
-This output plugin needs to be configured to connect to a <<plugins-inputs-logstash>> by specifying its <<plugins-{type}s-{plugin}-host>> and <<plugins-{type}s-{plugin}-port>>.
-Depending on the downstream plugin's configuration, you may need to also configure SSL and/or credentials.
+Configure this output plugin to connect to a {logstash-ref}/plugins-inputs-logstash.html[Logstash input plugin] by specifying its `hosts`.
+Depending on the downstream plugin's configuration, you may need to also configure the target port, SSL, and/or credentials.
 
 [id="plugins-{type}s-{plugin}-config-ssl-trust"]
 ===== Security: SSL Trust
 
 When communicating over SSL, this plugin establishes trust of the server it connects to before transmitting credentials or events.
 
-It does so by ensuring that the server presents a currently-valid certificate with identity claims matching the <<plugins-{type}s-{plugin}-host>> we are configured to connect to, signed by a trusted signing authority, along with proof-of-possession of the associated private key material.
+It does so by ensuring that the responding server presents a currently-valid certificate with identity claims matching host it is connecting to, signed by a trusted signing authority, along with proof-of-possession of the associated private key material.
 
 The system trust store is used by default.
 You can provide an _alternate_ source of trust with _ONE OF_:
@@ -92,7 +90,7 @@ If the downstream input plugin is configured to request or require client authen
 [id="plugins-{type}s-{plugin}-config-credentials"]
 ===== Security: Credentials
 
-If the downstream <<plugins-inputs-logstash>> is configured to require <<plugins-inputs-logstash-username>> and <<plugins-inputs-logstash-password>>,
+If the downstream `logstash-input` plugin is configured to require `username` and `password`,
 you will need to configure this output with a matching <<plugins-{type}s-{plugin}-username>> and <<plugins-{type}s-{plugin}-password>>.
 
 NOTE: when SSL is disabled, data and credentials will be transmitted in clear-text.
@@ -105,9 +103,8 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 [cols="<,<,<",options="header",]
 |=======================================================================
 |Setting                            |Input type        |Required
-| <<plugins-{type}s-{plugin}-host>> |<<string,string>> |Yes
+| <<plugins-{type}s-{plugin}-hosts>> |<<string,string>> |Yes
 | <<plugins-{type}s-{plugin}-password>> |<<password,password>>|No
-| <<plugins-{type}s-{plugin}-port>> |<<number,number>> |Yes
 | <<plugins-{type}s-{plugin}-ssl_enabled>> |<<boolean,boolean>>|No
 | <<plugins-{type}s-{plugin}-ssl_certificate>> | <<path,path>>|No
 | <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> |list of <<path,path>>|No
@@ -125,23 +122,39 @@ output plugins.
 
 &nbsp;
 
-[id="plugins-{type}s-{plugin}-host"]
-===== `host`
+[id="plugins-{type}s-{plugin}-hosts"]
+===== `hosts`
 
-* Value type is a <<string,string>> ip address or hostname
-* There is no default value
+* Value type is <<string,string>>
+* There is no default value for this setting.
+* Constraints:
+** When using IPv6, IP address must be in an enclosed in brackets.
+** When a port is not provided, the default `9800` is used.
 
-Specify which host to connect to by providing its ip address or resolvable hostname.
+A downstream input {ls} host or IP address to connect.
 
-NOTE: when using SSL, the server that responds must present a certificated with identity claim matching this host name or ip address.
+NOTE: Single host endpoint is supported for `hosts`. Multi-host support is coming soon.
 
-[id="plugins-{type}s-{plugin}-port"]
-===== `port`
+Host can be any of IPv4, IPv6 (in enclosed bracket) or host name, examples:
 
-* Value type is a <<number,number>> port
-* There is no default value
+* `"127.0.0.1"`
+* `"127.0.0.1:9801"`
+* `"ds.example.com"`
+* `"ds.example:9802"`
+* `"[::1]"`
+* `"[::1]:9803"`
+* `"[2001:0db8:85a3:0000:0000:8a2e:0370:7334]"`
+* `"[2001:0db8:85a3:0000:0000:8a2e:0370:7334]:9804"`
 
-Specify which port to connect to.
+When connecting, communication to downstream input {ls} is secured with SSL unless configured otherwise.
+
+[WARNING]
+.Disabling SSL is dangerous
+============
+The security of this plugin relies on SSL to avoid leaking credentials and to avoid running illegitimate ingest pipeline definitions.
+============
+
+NOTE: when using SSL, the server that responds must present a certificated with identity claim matching this host name or ip address.
 
 [id="plugins-{type}s-{plugin}-password"]
 ===== `password`
@@ -244,7 +257,7 @@ Password for the <<plugins-{type}s-{plugin}-ssl_truststore_path>>
 
 * Value type is <<string,string>>
 * The supported modes are:
-** `full`: verifies that a certificate provided by the client has an identity claim matching <<plugins-{type}s-{plugin}-host>>, is signed by a trusted authority (CA), is within its valid date range, and that the client has possession of the associated key.
+** `full`: verifies that a certificate provided by the client has an identity claim matching <<plugins-{type}s-{plugin}-hosts>>, is signed by a trusted authority (CA), is within its valid date range, and that the client has possession of the associated key.
 ** `none`: performs no validation of the presented certificate
 
 * The default value is `full`.

data/lib/logstash/inputs/logstash.rb

@@ -13,7 +13,7 @@ class LogStash::Inputs::Logstash < LogStash::Inputs::Base
   config_name "logstash"
 
   config :host,     :validate => :string,   :default => "0.0.0.0"
-  config :port,     :validate => :number,   :required => true
+  config :port,     :validate => :number,   :default => 9800
 
   # optional username/password credentials
   config :username, :validate => :string,   :required => false

data/lib/logstash/outputs/logstash.rb

@@ -4,14 +4,28 @@ require 'logstash/outputs/base'
 require 'logstash/namespace'
 
 require "logstash/plugin_mixins/plugin_factory_support"
+require "logstash/plugin_mixins/validator_support/required_host_optional_port_validation_adapter"
 
 class LogStash::Outputs::Logstash < LogStash::Outputs::Base
+  extend LogStash::PluginMixins::ValidatorSupport::RequiredHostOptionalPortValidationAdapter
+
   include LogStash::PluginMixins::PluginFactorySupport
 
   config_name "logstash"
 
-  config :host,     :validate => :string,   :required => true
-  config :port,     :validate => :number,   :required => true
+  # Sets the host of the downstream Logstash instance.
+  # Host can be any of IPv4, IPv6 (requires to be in enclosed bracket) or host name, the forms:
+  #     `"127.0.0.1"`
+  #     `"127.0.0.1:9800"`
+  #     `"foo-bar.com"`
+  #     `"foo-bar.com:9800"`
+  #     `"[::1]"`
+  #     `"[::1]:9000"`
+  #     `"[2001:0db8:85a3:0000:0000:8a2e:0370:7334]"`
+  #
+  # NOTE: `hosts` naming is intentional and multi-host support is planned.
+  #
+  config :hosts, :validate => :required_host_optional_port, :required => true
 
   # optional username/password credentials
   config :username, :validate => :string,   :required => false
@@ -31,7 +45,7 @@ class LogStash::Outputs::Logstash < LogStash::Outputs::Base
   config :ssl_verification_mode,       :validate => %w(full none), :default => 'full'
 
   # SSL:TRUST:SOURCE ca file
-  config :ssl_certificate_authorities, :validate => :path,         :list => true
+  config :ssl_certificate_authorities, :validate => :path, :list => true
 
   # SSL:TRUST:SOURCE truststore
   config :ssl_truststore_path,         :validate => :path
@@ -83,10 +97,12 @@ class LogStash::Outputs::Logstash < LogStash::Outputs::Base
     logger.debug('inner HTTP output plugin has been closed')
   end
 
+  DEFAULT_PORT = 9800.freeze
+
   def inner_http_output_options
     @_inner_http_output_options ||= begin
       http_options = {
-        'url' => "#{@ssl_enabled ? 'https' : 'http'}://#{@host}:#{@port}",
+        'url'                  => construct_host_uri.to_s,
         'http_method'          => 'post',
         'retry_non_idempotent' => 'true',
 
@@ -119,6 +135,15 @@ class LogStash::Outputs::Logstash < LogStash::Outputs::Base
     end
   end
 
+  def construct_host_uri
+    scheme = @ssl_enabled ? 'https'.freeze : 'http'.freeze
+    host_port_pair = @hosts # Struct(:host, :port)
+    uri = LogStash::Util::SafeURI.new(host_port_pair[:host])
+    uri.port = host_port_pair[:port].nil? ? DEFAULT_PORT : host_port_pair[:port]
+    uri.update(:scheme, scheme)
+    uri.freeze
+  end
+
   def ssl_identity_options
     if @ssl_certificate && @ssl_keystore_path
       fail(LogStash::ConfigurationError, 'SSL identity can be configured with EITHER `ssl_certificate` OR `ssl_keystore_*`, but not both')

data/logstash-integration-logstash.gemspec

@@ -25,6 +25,7 @@ Gem::Specification.new do |s|
 
   s.add_runtime_dependency "logstash-core-plugin-api", ">= 2.1.12", "<= 2.99"
   s.add_runtime_dependency "logstash-mixin-plugin_factory_support", "~> 1.0"
+  s.add_runtime_dependency "logstash-mixin-validator_support", "~> 1.1"
   s.add_runtime_dependency "logstash-codec-json_lines", "~> 3.1"
 
   s.add_runtime_dependency "logstash-input-http", ">= 3.7.0"  # some params not available in older versions because they are renamed, such as `cacert` to `ssl_certificate_authorities`

data/spec/fixtures/certs/generated/client_from_root.key.pem

@@ -1,52 +1,52 @@
 -----BEGIN PRIVATE KEY-----
-MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQDLuw56wRPNi/Jg
-biecPioyhkKX0MbgLha08uvUfo+rWr22+3/gK8CO9FlOmiXvjuQEibLUcgy9pxgU
-8SKtnUj7u+kTO4/CUTe4DglyMrb/Ayuzh+B4jRzNQycI7Hgku34OyCb0Po5Ne8fv
-0GOQsBpL+Fvviouql3km71gcXQg1eD29hlE+bES0f7wDSGuVdBFOwiG0ugJUD3SE
-CnsTNntQAC/+uUCdfAMGVlJjJaXx1irGIJZsiZdYbsmwh49qJx5aKj2y156UOFwj
-jVrZXjSsyVQ8uIEkac0j+cCxrtZ/SfzhyInNUPvKdP6Y+vlGRzOcJjnYcf96Z1uf
-E+kVIIWAv8/0kDelr6Wd7AnLh8Zm9jJGQ2QGTt2nGs6c+g5scm5FEDO8IiEKmc4z
-YYz4uXaGdunHOju31JtK7+TDjyTNlMp0t1oRuTkL9VNf/JDsVIqFZiNP8gUVWLfd
-jfR4VNuhWOur+etMuyf+TtGk6ZOfnHWqbw8unzhlXHVifgSv9sS7YQCdiyN94d45
-DLZxFjeddeyf3/ARZZdPJ1/sbapxyqRWyCe+kc/LZXT9P9cHOIjVWpe2dAwR6QLL
-90NLWvRqG3RCHKIriXqUrzAYXKJetKXa4QNJFBXIXHztlrSNSrJy4bQA4KJWrvCC
-sL+V27tPKC5Zrez2adhoEmZBI8bZbwIDAQABAoICACZb6HyFaQidDnxIkU2ySLit
-ndE+3ossMltMl8mxMLTXR3wx+2BGbKGd8UjC7lyeH2GZWaH1fV+iG/8pbdmZkTnQ
-pjBYWReBukd94Rpu4RS/0JUjgsi/7Qna2HkuKOrloHUBC5CWTK3bHgiRyIVgGvtt
-3kWKZQSwM3/4tbLVc2u54YoTRa3GreL8X/aQRq1jprSZCcag9TpFlK8d2BGEgxBL
-kL3ZvIhKZrllPGrtlkKkC/a1AQ2blHLynSgPRhn7FpRseqR3Q6Ttva91+IKP4cQc
-vi8WoD4ua5EX/8eUv09FK4eJfiS52EbE44EDVDb+xgFjEyYlRLCT0GTx10OClZAT
-zXTrSUP10GMGWY6hZ9s2ADmnk71wIbIqp441AyDb99/GUyZEXEI3fweFSAPGBxEx
-uqwG0qbcV1m7CI+apxuGZXU1Vy5cBq4dUsDSJm/qtecf7o57ckViaRORW0ewGYY3
-XVSN6WBk8kQVRaLzHwFRJFatuArkGPl5TbQm1g6PZYZB+Jf5Tc2lSQe4yC+AFSvJ
-QYwBAXQH5dik9sQWB0+RGct9Q1rSV+mKybpJHBVH5o9gwh1ZOaKT35thdGCAEd/o
-PbYGoVPqPNSnqPxWvoAT09icV9yh5B6XjRcFkjzmKk9FF33G/QbpkbwH5PZUsfab
-wyh4cttWtm+n90MlC/aZAoIBAQDlSwzHlirVvx99d4iQD2OiaZzG4Zq8mJWnK6Tj
-a11/OPdA6tmrztlZt8LG2hIKL5+citGALnzPO5zma0/Vx0JfbhaP8bniUI1NOFCw
-Lg/QxWjNF0TdmE7+0ddmuh3nGB6Y0bHGoeJTKpl9gKg88iRkToV6PiWRNPQwBgYW
-Zai0lyiGLWctrasUZJILaVoctbghzjsgRBl7/U4IQQFjJpsM1Gz12JpuzuwbOvq9
-LXMWvOKBHJKIuVEr+uYSXCF9d1Abp9zOTM6SdzK5p5hARh74kJ0N6u9cHPbHPf1/
-pmfUsc8IOgzHtRggJkmAUHzSVRzjxXHIpk1bndmHF5WJugO5AoIBAQDjdcwk/Wbp
-iTNjKLxLEvqzIrK4/MLlQ08U+gNvb1R4Gs5HDh5bVwECfI2fPdaoP0sqfwnxuIzl
-kK5psKpq4KBJZE0Vdtnfnu9/BS4BSg7FEAUbIivL+SiiJgw+YlH6I8R03R6YSBeH
-MGXv6aexGkH3dmOOrXFSum8f0Ujpp7vODGL447+VcvDUyN9N5hFWIEbD90f+PmVH
-uFhX4n5FpPK1nB4/Fe5mRMmy/YBfKF9X2swZW/oeXBUdH9A2gOfR93bWPa+qEQ4D
-X3pjXzxjyyG333/QndKk4UrqKDLD/eG8g99kyG3uUVZcvHoSIk+OEPQbO6ncmOSg
-nAlSw8VfaypnAoIBAF+NcgruknU2y3muyZM3Ro8VMgdTVveHIr5imrlHMdRluews
-sn89mSghQyM5F1F1XS+QThP7y3lU32LKj5+IBSndp7tewdcFOI1YjY+N8ntO+QiW
-zNUHtsvMSNZ/cxyt2XpX0Jz1M2rzErnRVsrnIbFHY6p4oZEsnyIwMHM+9Bol7/ZS
-j2/isqux6Yal5a6XL9+uoMcmefRIsC8SX/Cg0vZ6w9mD5X+N7ai/YGRbv11XY5Do
-hkxB5gjM6vn1uOMfSJvtzT+PlHpHADWMGQ+X6SouobR+Fjetvk1zkOOURirF2oAU
-KOVEm4QyUGkPoaTJYVuuGWfDnfMzCcaZVnDpuskCggEAcuT9yXF2mmCDZIMfGYzs
-ta/BN0/14nitaZsgQRmrQT/JEns/OkQobmkb4GQMGdBe14h0LXVbNlpuv1RNwM7W
-KDxR85WlWB+gOjkTk/MkosYEzj/kf5PLwpwVcy2W2xNWGPHYknNX7yGzXAxaeEsb
-JzTV9SwHIhKqLxg4DE59vwbit3XTQFpe7BzLLz4XY7nKBRLTeslpv2COv1XZErTP
-JI1HefZKBb6ZY6BJR8fM4UPT9LtRDCTXRW7cbauPba/ihzWBlhYnTezclXV1u7LP
-xWFP3sDZtg9XGBBWFEoZzG+QWAgl/0t2pEFQJ/jM1qYZp+frVVKlqbsnunbJK/ml
-4QKCAQAyetifmOjcx3nzX/j+v0JYtZ4tUcPOVcUvKxg9lCaKCpx4z5+9uNi6oIT+
-0YoBsOAXPXJ6+Wvvp0SH55E/gN+OSNnIcr5Wl6B+HLPYxFGoGVAdoaD7y4R7Szea
-dpjx6Mj0tk1jPCEcckhylHobrV4X22QfjU7v1Ha6R0qrtEK9+XHtckKCApqJzcI9
-+/eNCSl1maOzotu0rhQ11aivkdDzlfOK70qUjZLskYU0Gmw5A2mh57KYAdVeVmwW
-caiFH4LFJ9UZEsMj+EA333Tk4MPaEDi3NqxuKgrfvrT5rNXhgy/HgyaXUMYloFCz
-xUKu1zX8CNNJGBd63eLC0TC4pzXG
+MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQC15LH55xzmUkMJ
+NyTxWOT2UQNX+3MRXt5oyvRlnbQEtw+ZMRbKKBv4499WOnKJYxVTOgMYmBdXpAE0
+yUdt/LRaIU7GPIHC0BPAI85QTgVIo3e/YpAB/iZQfgSgzSbERlrrHoyq/cnX4L9j
+PahJNf3DRrvz/Xs+TVN78lUNJPpDh4jzcPrMIBjOOBYQNLXhSlcDGQtMZqEIQKVm
+JT8ZuWXp/ysPbs4H/wiubDB5MlAhmavf98lS4YW0UDyzUk1K9CjFzgj6VuFTRp4n
+1b4Vu/rmaSncmrcVSL6KMZti2kcQkrFfE+Ay6x3bK/EL9nfSlMFU+JriKN8l7HjB
+AwZhqB/PU6Erm3K78lAbgvE4BxTMCwI5d6nWCDmXTaCzHAKLXivDxt4ACx1pQOQ4
+snV//L4dNiBBXnB8XwZ9ZXNYqQGDAEIaK879UNBlCsPABpurjBVPo65HuecegbTh
+GrAM645BbuYOHk2TUQPH31Anw5AUhpZT8h80nQagK416IoxrOIH7kU1y7nLWxmsG
+8WBooCWSETiJpszUiPT775EguxVVwbmzh1t6FDg5t8fQwGQvw5SuOe5QyOpgGy+c
+YHYw1vJfyGf6iLorQ21gxXawu+xU88XgZYRzR3GuCD4aF8nPEwK2bg0Z5EOmN1YN
+udCmvw2OiXR9czCC4vMnmHFMTkuNEwIDAQABAoICABDud2S4TzffW28dq3ot2K5X
+DzUe6nCpAJIHpmVZHzs7ISAU8jaiMixiZdU8fpHsX71ODqC4859MXHJh9By4Y79q
+D0+jrT6JqPT/QEK4aISA9vIhRh9xXXarrFmdjyjBFdCCGP0Hv8SxHo+p2yLpfDQz
+vuYw58p+XzGP9rvQ/9zOXoCuuSHMMRLtJJygk3ejuGLI74TOntnKTrsp52xJFkQI
+ZSU8HsCezFuUJZT6inv+NoIUKjDlXlFREL1ugVRjUvJKwgovkSzzy2AQ5O9X/rx4
++JUY78by7Q2nHXw/rlLMHOepTXrf6PkQZ5FCAZhgEXkL5Tr9K/x3PSxWUD9B66f0
+MmI/PSKSIOvmDUoYY5Ln/NwFclYgdVsntPl8vBTCFaoU6YVRrQIPmewFL/BTgx/i
+QZijgtddmO0SIgWI2+5psjjeo4gl9AbSU8mEvyx5AuU8X80CzJgc5s+a+hv5jsFe
+vyD3F5w9vL4eebfJl7tC8Tcn1x1hMp1qwUWI0sjPcU4+FGlymedDM/xm2EUFm7K4
+ICeRUkoHFJqUr7vUkMRGUT2wx9mfJfeftbwuoppV71AbMA3HQGs550QHXtQb4G2i
+DJe0x1CFMlI0PSuyBRVAwG9F1JYb3s9u+2nDAbXNX3ukP7250ictmOOn6yhnX5ZP
+l25X6cO0dEXFFzcE5QoJAoIBAQDKQ+wZ4aw5UqNOfk7dEi+asgBNhVnQhmZmedtq
+4Ch0D0uiAhichaTWGrGIU+GsK6Uf51vIv3wMTC+DVsOaNYjnSXZBhz9+td0EdMAK
+7Ui0m4jHMNDlVuIWBgdOosptBjYXqDOUGWQ8fG532juCqWO8o+geu047foDuJ1vq
+fITT10OI70kTPWUXwYMumbntaTPDads7/6wTwh9NkPmleNCKk8PmuqMr6SytrOCa
+/7aUPzx5u+gTuFafgzmywAzwkEMz20xMynifIH04xRFy2NXHBvjU8J4rfTDfJETV
+QMeaIYnM/P9fqHLWNV8tQQWkSE6Q4pvKG7VxzgPwJf4FH+WbAoIBAQDmN0XxQhf1
+GoHg7t2YeQU9nCgH0nbFWXJdIJ+ut/IRJAlrWpU82h9+syKdYvSYJLeanmleEbuh
+i2G1apX8awd6iAcaNP4cHtIzpVjMS8hy/7xb6Vuc1MQ8j5ZkI/bTmnLNaWHXv+4l
+zCelnabKWkkxqVDyE0yc06bqB6qa1NnxAoUyyWaZKf5h4QdC7SB3lCHiLPHf/cIn
+1Tvg3r+xsQwgHALjTpg2sYHsEKlWb6hvPQULKJHnRVy/JsaRTtjm7V42alKR1dXp
+cTvRX3BcqVvj44RUjeBLW0Q0FLQHKF+n0ziEIkEEZBowzbV1zbOBHtsVIxQw/1VF
+AAiuMNJyNWnpAoIBAFUQX7k6yZ2J/ZhDUpNy1IZwmeQAUxd5jpNGaFr4TssQq7RE
+wWkCY6KPs14sONqZuGZEfLtenKLnX4wS70xpe1wZ7xv7714wyfTXzPRLeqpKRynO
+g+wPsCGnA2e02wEi/ZjRam+8hgVSJ3tMUn7PEl0BaduS1oH63+pIr0VcfNhCzepH
+CCqJRXzKK4trp2ALQHPMjyEak5nzqAqNEBDhUIMXRepBT+JlvB6GeCd3p6eNOLfR
+qPayLewD2j4susRpR3oFnn8lH7l8hm1bo8zzGGUNr5SOZVbQ3b7amAA/sDJILJYD
+SLtIMpOX+qEjmWXP6wrP4skLAjIMfGeA8uXg1kUCggEAa2KZA4Ka/j/RGYUSZI7+
+/NAcdBmeQUwJ5prTIYK4LXqr0iG8v1fXnRgeK1//TADEjCEccT7AUQhdGWyQbd/W
+6zcMaRMS/Tb7Qg/8rb8jz1CvIghmLW+p4b3wnuGPvwCqUFq5wxPKGGN0kvJI3Nbk
+kX+zPFf4QqcPktbko7hpuNw+GYSMkSFfgXSgGH3XyS+V5pSkdqE9sarrdWcx78bw
+KwIl7rW4lrqSKfVTp/gJj2ndMmlINaLLMnb55MnsrztF2QgbX99pGq0xA+cK2I4/
+SLvV/EL5vuzhkZGesEAK7pO+JxR7U3sGJIGwBTVgZ/hmpSNpxbk0oyzy353ybEey
+EQKCAQBoJNxLd+bgBlFh1LpbtEYhmrAYv2u6TFr87VbImjP0YUzYhIDuls3Q9ht3
+fhZ1pjoba06Ue5SqIdsb4aCb0Cb2kuHwoBmKNIJ3YJeLPbKLUNvc/kdDsivJoYIV
+5XheKMy5PFYaSXLSX7y9g+Q71NTaYZoo6IlMksaqO8+JpTO7vbSFyG3ciqA3O4Sm
+czfIoc4JY1kdRdvNWizoXFmtdNq9TKT78zXHwhRkCJK+3AIODW/3UBFgiJPBCRul
+o85vgtUpoDEC4Hj2ubCT2p0yThuL/VZJYUYBxgmIt0uyf89jti+lbmJxr0lj9cgQ
+iVHqvHuLE1aHdMHMcqvtmq1K3uKG
 -----END PRIVATE KEY-----

data/spec/fixtures/certs/generated/client_from_root.key.pkcs8.pem

@@ -1,54 +1,54 @@
 -----BEGIN ENCRYPTED PRIVATE KEY-----
-MIIJrTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQITfIrh7WizjwCAggA
-MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBDH7sVEv2qKzCN5iDQmMlQhBIIJ
-UMnezMJbNyZ/LH/Gyf8bMOg6LdV68MjReNgNrJEnCK1GYUaMbAhwS1xtC0QkG30Y
-Yk0ZM24UaoUxTXTrH8chtyj7QeolaVibtG7yQHrncYcgbZc/WF2hh+vIfwgwxHZU
-XkFWS6vKZ6NshZvrBU8mV8y2O6YRLPDcUvBudIUcxv+mXJ9EXNA4G1qzg1yIi3Wc
-ycUfQkGP3yGmlS2n5DaOeB7xyw4wWVhkuyrQZbFR9H/NBWRrbEtshs9Da+iVJeMY
-09+NL1qudKOM4u0bI5VPicwg5pjKZe9/yeuFNr01lZ+2IRqz5qRUMvE4KF8XsVUx
-jzNy9sfb/kzHiySQtVL5Ll/4SZyqgc4nAgv2IDWrPoPWu0WN7oJD/BSZoAKIH30L
-YHY5yjjGzL6LheFQwGtViDCsVTkob/TVZNabI+VlXPqmJ2L0UM9nkEy/rHGZJ4Af
-TcpCvYH4t7KEJ/IoaxCSFedMQGBSGDwvMY8tduRvgx/SQWud4en1UVulLsscHFbP
-+eatj3J82toU3MsreNQc43alKK4C1PylJsEOFvv77gMoucce1sAAxYACrutjwgcm
-sH8vNgyzt0fQNDQUwjEfbR297n8cNWd1jHiNCOUuVpGETGg/ef47+PKm0+mQxfdD
-74aLESuGmooihcQGFnScyuLWbr5TgaxD6cCf3sa6qi5/ycJa4W7ePWrq0vWA8rBn
-x8UpAmgBrMMZwfPlNFSn0YStKqSs/c8A76DeGbOE1Hm0w2G4w/CA3DwXNY3EasQC
-D65k2i3dmzObJUoxaBiPaZ9dFPQJff2o/m7agL3PemvPYoAiae7H5phukI+ZJnTH
-0yc2V3z4Pt5427AIsU5jZKFmae08vFwgyYdEvmQnxQt5HvvDYdWlGom/+jVqajKu
-YukyuTZLjw6nMoWtuCEjpEqWrvJWEsmTIaeT+7zCpkIraK1Yqq8WI3wK9JMH1vEz
-It1iLQ+DDQEdqJtuZlF4mD82/Mvx0+08NgzcJUTxeBzjTcNFjMohR9AGrCIb+Fi+
-cti35/lW91PZmUfXNLKCLjcVO2PREU2j7o5feQ0LJ5I+Qea5m2DVIu2weVoev2c/
-lcWojHUIv0DD+2xDVtnFkNPRXXTPH0lAQb5D2W4G1sOY52qHJFf3CgNkV+4ABtSw
-ncRus4dpUY/LJd0PffdIB1DHtfC4FF7opvkFqEFZD182ct0E8wv6J4UMF13k1nVH
-PHAVeRX8h+zH6S75POp0qfIX6MwHh700AhAIX/zF0iB+wAupoK6fuvXyudhUJ6rN
-tsvwMUMrSlEMcT2llHXXKiCJ6K6z72RejYEY9IuDJT/kqWwi5F+fZ+z+Zh363VpF
-UOGRUFXCzGxbBOETkWzEpc+e5hg1FhtRL0P5Aemq28Q/ceZLJr32ul74W+bnrNV4
-ZEgFXgKOZT6Ty6gGuRBJSF2QfwDw629O6DvfQ05O8YDga+P1LkBV7fx474CwkiVn
-K1gXEiUPJQ/5yeDsfw85WGD/FCLew2HL4ael9pPwRPI0siXFTvZ/0yTls+vqws6n
-mtmKRMiV1DKgVkU/GEFEojnbGhy9vHtNQcIfWzWg1e0QsZzI+KoeqhHvFabvGoo0
-t/2heEo8MziAVKbDnfJCUSnxRCtW1WUuXbYKe8WAqIMbPVDOcztnMn3fxUwiw9bp
-bFdi3/fLGKsKBaZ1UFe+NMqP0yjnvrOj1VNkZ38Oj/QTUS+7uVqZxsQullt+HTfi
-rdsIjF9spJpfQ1W67fq39iuFZWVMvYkU6/BQzbSCc58/VTf1kyfmoPAEZjDH5dzp
-gpMcXknGBHDUK+74PiDjMFGxnPFW7BiSCx0tmDbUxzxOEMv4V7SDz2Xf3w+VLD58
-vU4YVtIqaVzOBsK9mS+mpjVRmUJNfqbryDy4drMw94jfBiKaCJG6qmu7x9LiiIzg
-zADX1MPXCPkEst4OksIoISOH//kjpo29ft+UrxAZYXZRljuiRjeT22iiY4OIy0jx
-YjWyZvFNqLB90RmbAV7euFobJuTX4QAljRPT8d7tfWK8ZiHJnfs0AsLGoaGDRovg
-6G/yodoqhM9zpqWF4BFAHbIElkz2wpHsj+6fYuZmPKvlLktvnh+TpARPjqmYb69j
-zzHTxQeAoNHOqWBhwRFoqvVob+OgdMOyxvbenpfyE93PvItRnGMXX6HDZrcJGGsg
-Flgg6yhjMrcdh+D/I5necoyCsyaRN+SwyEQRPuqm/PowWQdkVRgIqiOUfISGWFed
-N10NF8EsVy2EsyBmNJNBxcXNsBxPCkxjktNj0r1A2MJ1GFj9PdH6nhMrpL2DlSwB
-eS0WuX/3Q/917C/OSiSZEDFKoq9O8M1MN3ixhCBOuDyGOW+fB/eSoXFiYgE3nVii
-80YMvOUq4ltKf8XTuuvJerIFY8ojYG5X2ubA78zT8I/ysY6Wyl2IeiHa+drUXroG
-Oqr2kjjZXeEWuBP3cD9thnzKSWrYCCsN7cSaUc3WEWL49N4MXJx3+WW+1y110oY5
-XjLzGfYGagWsgpZD967ful7akUFmemcz8afb7fC2ZY8vBTRrwd6R3vcSv1TmQK5S
-WyTk+Mk8xEB1YQCfwuyNMby1G3FEgbJi3D1TjsT2ZgF8s+tUJnYb4wkJ7hTA4Ta0
-mdMB7eNjTyHCRDdM3h2t+8vKkD9T4mVqrboM16A/DVVVru8eHqpKc7P4ijQQSDei
-VhT8wxNVSkJGpSss+pHdT8O3sRbhs1UIG+BuO4aeZ7MeNNW5NKocLzykLfwDF2Dn
-yJn67jWShoe4ygchzm70D7z8VVC6503zPdKis7kf44NZaV9TKzSj+NCiLuUKqDBr
-5SEToNMyhmdQCSnEcRLtKYRk2z3g38tnHvaaA+06cujn2NrDpQd3ZMO+UjIz7tRv
-BpBRGH+xTJlfiDbOChVwcC9R6kX82zP301Tpuwf68z5cMSAfpdt7U6dBfnc9Jwth
-gZP/LGcdsN7pescJIMpmlzh9FQoaUr/cvKXzfGTl1gecq+ivfra88S1gXhnfkXSM
-/URC9X+jmZ/sXkFklPpIKMN36rTgTZKTmXYqMZrTlX+RmOttmq6NeAYIJa4vS0+P
-N0uhkHZMwMNoyzKwg2I3xSrC5Oyz6x80mD2n4kZb8ql5QKBILDINakF4LSCFzEbo
-VpzrYuTN7PJB9rDkYDsqxW7KEUBvpbPsh3/PMn9bR9i5
+MIIJrTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIyQD6iSY/IC8CAggA
+MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBARG+J0wVGDeqPFfWeTE87MBIIJ
+UODUFjcz9gKRkGZoO6u2QKu7NqA+XuikojWxikYjHdKUj59RzWhz63ChgRhPjg6W
+GAan9rNj3cRpAw6rdHdGd7NJMPfr8C50BqAOpPwaBcQKRIyC2Y6SM7f2G/gMFZmS
+Ck1nQ5nxUN3b6p+vUvZ2nMT3WVVuTbgYlrxpQbU12wqIvZac2SWaL++0PaunQnLt
+MMAb6v87kbVzk8o1izJpls3F4LNHoEU5gTFBd9zBH3fpx9WEqjwC9gK4CEqHq6Jm
+ZYzLpiJ8fLHliiHYJNSCmwwQoRo04k6yirgKXXQWMearYp1niv4ba4Vh0jCv+zmU
+d+e0vPc+sPy4OWxu5bVxCHHiVTIm7B79eDV9wmbVG3NZ80IWhjk4SC6vntpvL6oK
+OOQp8VkZK+lFXljr7JHPKx3oOPE7NNKn9q887GN/2yW3onWM2lhkTqA2RK7BzpeC
+4M1Q5IDmClJLdgapYYmJVvPFLFICsrT4ylxWEha2PP+i8sqkCn3l6OLd2PY5yn2L
+HbH2eiQFovuAEioQytIhVlSuPdGgNhFL+hRgyFWUEIMhWJ6hGwQ2rWqhQ7sAU3VS
+/SLxTRmBwc8leCl+mXr8Y4YDmRpQFVvYzubGK73wdi8ARz6wSIHYyAULkja3L+VK
+2/CQdJG0TNv4AzzREiTRA2wugtxFt1P0tnZGQt8wfBM+IlPywf2MBjZcKm/KAxNK
+tnP1m1+NjKDqPjOzimFDUi0DnjZrWRTmozPfSfpEPCta2hQ4aMVwoXfWbcpW1HhQ
+B9BL1jqhOTYjI3FBrBqz+I5dZF4IY1iMS3t+LEdhtJIrmnKvLABHTFKpB3MOMJ/W
+qEcdrEgEmKAD0x2CAjQyd4cYXJQV3wfcaJOQssO4X0Aq3M2BLZGnaSlrUex1D1dr
+xJoBPteBK1gHAynaxeaEywa5LS0tHDY20PnT8Cpb1WS4hhDuoOXAl/NBDnXAZGth
+aBZVdaeN1VctBkQx+xxmT0wMFdog5/OwvfmMbIAnxbhy4bQQ1aP6am9KX87sMfnl
+OrvKBjLtN/9YcN6Cwt87VrF8SfyeDfTxs0osBvhYbEWBnuglIZFeeDxoUDMxYwXD
+OJJQGLhWuXNfqA820ZZ2FI2eDk75aod6DoOlHdxr/yOo5B3PPMZKpyuCBYT70P3i
+JKef6RORPVcoJ4Ap1TMknoMai1nIkRH7XpCth5WsFWemGMsK9ixdPE4deFtyRjx/
+eWur6GubgCnuzL4fiWxuxFT+UyYuyFlyGOChK7YmXhm9hziXDHjuGRFYBdx5yTpx
+7IcosICCSlHBvYPHXLS8NQ7S8tRtn6QID8N17d5NHeU0ZcuQ1bw+e0EAQ+quWWQf
+c/WGPsoJFQhmp5RSA96zArJhQIREUAMPr8KEPS+hMyFXhUgnjTU4qQuLj85LNmHk
+jFg3X6NQMERo0RMLsO5G//EmRfsP8wjpxq9J9xdl9j705qxFH+k71xPGOVzp281D
++q8+OphVaAO1d1QNlmEa3mI+BZwcjXUgYbwCSKo1PJofmM0nIjcOBMnlzmEwpPH/
+wPcmdbUA8eICCmiiRU75z0kiA7LSj951A6ELjvfeVgL3zUKFdH+98/6BoVQkondY
+EQlBnW9cZYs7X92h1BLGIb6K4OprsBo0xiIOUa0ei9pfv2KiLdFWLrFLpyRCpFg6
+/TjD4DBZVQTZFYO1HUeq0ezdLgVQJs5dE6b39yHMD6SaSuf10yfAo3V+aCoqiOAf
+SQSFNsHXv84QhA0zH+ePOZZZvhFFrBzyhVoZF3gXRUkeCPG38veabBosBF6m6Nc4
+FF5OTdXG9LG3eWj9GAJNEQyaLxs5rRGRBSF8JOYZrZxbxzM+Sad57WVUUJOzuffa
+vP/kanHmM3E3ZjRlu5sYZ+BlbkvlrOEQF50gJDhvEEj2RwHOCpr5xhcVPLiZrSPN
+PD5c1sUu7XmM1x7OOG2eVzpY5VsB4kLkIiqaiMMfUqqyB2AbMtFBuZswroQru/3a
+rrJXj2JaRFxwRa3e3XZojdDcGtQaB4gaquAMWrimaaut/4l3rIbQxdnRVimN4jmO
+BnMAwlpdwv145Mrp+DtWy2lX1nDRineLr6kTt+0AnKjINe3bYamusH+F8hsJrevN
+OVUD5olwiIgLbdgwzsafL2CkxyQ3XMRXLn7IEk8iQ+47tefLPEn6EZcuRQAmyH8x
+8PKNAm+PYzFwmIjEdfA4hGw1c0X6l6BKvDXigB+NMuK1B3KdmAlazKeHZYGfc6c3
+7BZH88NwPQyuZBfw1LDvI4MYLJE6xFX6/EXC1GChq8Q8OVXkfuWx2bnbHY53MoJP
+dJJKFZ6PUNKkw9Mu+6MKfvEaDl8KSk9bk69Bd0SiSSdZOQqXr0ynwFurDYgHVFMf
+hdhWDnvo2Vc9BAWIgh1DdNT3jCb8v/1PlM7u7wz0Jtfw98BGmz2JjzKiYysDfAfh
+vMCsnTQzZQ8BN+mze6jvEatI+nbYEAO36Ash8Pzly7HZ9lQtCTYbfG8JQo+XeVeB
+QcPfAWDn6hGN7iC6Eh0kIr37zT2ji3BjReqnKiRXdPCcEYo9AvxtsPJfR796SE8d
+qThSpKDcxOVL05a1Aqk8HS81wemYXRJUd0EqqlMB9AWeXjAU2vYxYsFjNUjcUdgF
+Jzbcs0jTFF1l0i72ElFYb6tke9G68ZiOv0cQkkvdhg+jN4FwDTChjfgmlcPvBSUA
+aRK9V7qb93xhLZLLakPdtKgb1lIFFIkTzzOKJgmx9wwx9nX7I9YAbmo+u5jJwQao
+4Aa/hKus1rJ/lf+yIlI3IJG1uv66A28wBId18819sR0lh5HNbKvr13Di9rVFJUJg
+LcVhFpdgi+KvUvoNW9JeI5rJdWWdBuK7CbSotmaE7n1zPT6ZEVT9zUU0rB5JZISp
+ugP2JBiv8I1OzAGUU+S71YfG9SbKjmtjjBW5J4g1W2wrAqHkLLeFDM2EBbQL9h/G
+zkiskNJiU4jRFEjkyeTVjiEaSlfUZpdPopV1bEXDxUc6zNcE/jZARwDu8zIYB9f5
+4DCHOVMdHczlVe3fVS61jT4TulBPke8/dt3etIHyhHssCtE9JP/dW7deEzUaVWyM
+W1ylv0L+94wlm3Zs0rk3EZIjCM/Bdlqh/yYfsMkF0VdRjKg3jofPfwl4qJn+YJmq
+OxxWw1zpmKd3UZzuKIfa05geshrIwrpBE+DlHCZnnUGJ
 -----END ENCRYPTED PRIVATE KEY-----