first: thanks for relayd!
After a few days with relayd I think that:
a) when dealing with a wildcard server certificate relayd fails in
rewriting the cert with the local CA.
b) when dealing with X509v3 Subject Alternative Name(s) relayd fails to
connect to the destination server.
Index:
- examples short (site, cn, subjaltnames, log line)
- relayd.conf
- relayd.block
- examples verbose with certs
examples short:
1) 13.14.0.10 (BAD_CERT_DOMAIN):
CN=*.services.xerox.com
DNS:*.services.xerox.com, DNS:services.xerox.com
10.0.0.1 -> 13.14.0.10:443, done
2) gmx.at (BAD_CERT_DOMAIN):
CN=*.gmx.at
DNS:*.gmx.at
10.0.0.1 -> 82.165.230.18:443, done
3) arbeiterkammer.at (FAIL):
CN=*.arbeiterkammer.at,
DNS:*.arbeiterkammer.at, DNS:arbeiterkammer.at
10.0.0.1 -> 188.65.79.84:443, TLS connect error
4) landestheater.net (FAIL):
CN=www.noe-kulturkarten.at
DNS:www.noe-kulturkarten.at, DNS:geschichte.landesmuseum.net,
[many more skipped]
10.0.0.1 -> 80.120.141.37:443, TLS connect error
my relayd.conf
log all
prefork 5
http protocol "httpsfilter" {
tls ca key "/etc/ssl/private/ca.key" password "almostforgotten"
tls ca cert "/etc/ssl/ca.crt"
return error
block
match request header set "Keep-Alive" value "$TIMEOUT"
match request header set "Connection" value "close"
pass request method HEAD url log
pass request method GET url log
pass request method POST url log
block request url log file "/etc/relayd.block" label "Blockiert!"
}
relay httpsproxy {
listen on 127.0.0.1 port 8443 tls
protocol "httpsfilter"
forward with tls to destination
}
[similiar block for http omitted]
/etc/relayd.block excerpt:
adservingfactory.com/
scorecardresearch.com/
atemda.com/
adrtx.net/
example 1
https://13.14.0.10/
relayd: relay httpsproxy, session 954 (1 active), 0, 10.0.0.20 ->
13.14.0.10:443, done
firefox says: SSL_ERROR_BAD_CERT_DOMAIN
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgIRAOv3mKJUpc1TP1RbkNmrYUAwDQYJKoZIhvcNAQELBQAw
gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
ZXJ2ZXIgQ0EwHhcNMTYwNjI5MDAwMDAwWhcNMTcwNjI5MjM1OTU5WjCCAQ8xCzAJ
BgNVBAYTAlVTMQ4wDAYDVQQREwUwNjg1MDEUMBIGA1UECBMLQ29ubmVjdGljdXQx
EDAOBgNVBAcTB05vcndhbGsxGTAXBgNVBAkTEDQ1IEdsb3ZlciBBdmVudWUxGjAY
BgNVBAoTEVhlcm94IENvcnBvcmF0aW9uMRswGQYDVQQLExJXb3JsZCBIZWFkcXVh
cnRlcnMxNzA1BgNVBAsTLklzc3VlZCB0aHJvdWdoIFhlcm94IENvcnBvcmF0aW9u
IEUtUEtJIE1hbmFnZXIxHDAaBgNVBAsTE1ByZW1pdW1TU0wgV2lsZGNhcmQxHTAb
BgNVBAMMFCouc2VydmljZXMueGVyb3guY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxK3Tae1KHYRAavGfHwVpjkNbnAjJqglSPkukHf/oBAWpnaZT
LFl57ecgRZasXFATpQ5Lrs62sgJwjM7hw5bgV71pVpZGPS+au9y+HXEVEf2BTjHq
2UjzMHy2roamrDVsHuxZeziozl8T58+FvOGRXN52rgSaZT4LZ+toj/wbtzQuvmeh
MuDDwl+X0B/YyQ79b0ToPMZRtcuxNLzudbVIQIN9/h1Xa/R/tgVQ3pJkDOfkFo9o
qYbSAs3S56TilHcovMPZpK/bTkFlsZbaBzafxj7Sce8kta1b/ecNc7DtxMC/bZmM
pxlquJgo/h1l52/vXy7I+ZE6QVIrE/RnO3GhTwIDAQABo4IB8jCCAe4wHwYDVR0j
BBgwFoAUmvMr2s+tT7YvuypISCoStxtCwSQwHQYDVR0OBBYEFOJOK3aWD3d4l9Zs
GLRWBLFZV2yjMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBQBgNVHSAESTBHMDsGDCsGAQQBsjEBAgED
BDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAI
BgZngQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5jb21vZG9jYS5j
b20vQ09NT0RPUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNB
LmNybDCBiwYIKwYBBQUHAQEEfzB9MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LmNv
bW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJl
U2VydmVyQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5j
b20wMwYDVR0RBCwwKoIUKi5zZXJ2aWNlcy54ZXJveC5jb22CEnNlcnZpY2VzLnhl
cm94LmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAru8LU5ITz9eEC4RIi9OoilSfOz87
9DAa0XS8iCoor0hMaXsa4xaPl8l9qxBKcyU6kiOhs9XdsExSfqKQDofh1VfNQsrs
0H6F5i/sLstDqDtzOUf6UF6WawunF/1E6mhd+GYwiJirgQTEpnjltigglljsG3vH
u3Rmy5r13bynYS/gRkXg8eIbXzrPRD9sEQNkOouyixPCOQHAjvJShXT2Vkl9OiGp
mAfCmML3R0k94KTINzt+356Swh0p4vSsIEwgRWDh1eyJcKv0ykQl5u2KGQM31RIz
Xkq/sT2YSJvgtYnfPP1CwFdgq3q2wqXPA2gt6hHI9eyUCmIGS22UnKhHmg==
-----END CERTIFICATE-----
example 2
https://www.gmx.at/
relayd: relay httpsproxy, session 953 (1 active), 0, 10.0.0.1
-> 82.165.230.18:443, done
firefox says: SSL_ERROR_BAD_CERT_DOMAIN
-----BEGIN CERTIFICATE-----
MIIHSzCCBjOgAwIBAgIIaHuA0PKxfPAwDQYJKoZIhvcNAQELBQAwgdkxCzAJBgNV
BAYTAkRFMSUwIwYDVQQKExxULVN5c3RlbXMgSW50ZXJuYXRpb25hbCBHbWJIMR8w
HQYDVQQLExZULVN5c3RlbXMgVHJ1c3QgQ2VudGVyMRwwGgYDVQQIExNOb3Jkcmhl
aW4gV2VzdGZhbGVuMQ4wDAYDVQQREwU1NzI1MDEQMA4GA1UEBxMHTmV0cGhlbjEg
MB4GA1UECRMXVW50ZXJlIEluZHVzdHJpZXN0ci4gMjAxIDAeBgNVBAMTF1RlbGVT
ZWMgU2VydmVyUGFzcyBERS0yMB4XDTE1MDIyNTA4MDcwNVoXDTE4MDMwMjIzNTk1
OVowgZkxCzAJBgNVBAYTAkRFMR4wHAYDVQQKDBUxJjEgTWFpbCAmIE1lZGlhIEdt
YkgxHTAbBgNVBAgTFFJoaW5lbGFuZC1QYWxhdGluYXRlMRIwEAYDVQQHEwlNb250
YWJhdXIxJDAiBgkqhkiG9w0BCQEWFXNlcnZlci1jZXJ0c0AxdW5kMS5kZTERMA8G
A1UEAwwIKi5nbXguYXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz
BhrBQlQ6yXps/pMtVckTVpPAu8e7km/BnaQqiB76QuhjxieCYxYHaLScWPloY9tA
TrMKhVE4Q56niUodO2AncrhyQknn+4+9LtdQnGQdJ0S9O1vfKpLzqHM5q23RUjkf
05xNrpkiHGZ7G3ODjaOSZCjPWortKyNAUyx0cL5pBJaNC4cV5u9v+l5WBmhcwfsb
XTsfPfJtLIcgXE5xw0UXnuuKUL66fgNcEbKDFssDdqHXsm2YP4KdkSwnn/4yUnOM
/hx3DYH3FWSNKKFj0V/1V0KttmJNqWsPtE7nRAjw+3NkLnErkfSIwNVYx72d44ab
xMO0ghWrsWuI7W0f9BBjAgMBAAGjggNTMIIDTzAfBgNVHSMEGDAWgBRUBClvopPG
kDFFwD3eK+IKaYCSXzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
AwIGCCsGAQUFBwMBMB0GA1UdDgQWBBSH23/SgQ4bpg3HhCTIwg+rFOxrFjBZBgNV
HSAEUjBQMEQGCSsGAQQBvUcNAjA3MDUGCCsGAQUFBwIBFilodHRwOi8vd3d3LnRl
bGVzZWMuZGUvc2VydmVycGFzcy9jcHMuaHRtbDAIBgZngQwBAgIwggEhBgNVHR8E
ggEYMIIBFDBFoEOgQYY/aHR0cDovL2NybC5zZXJ2ZXJwYXNzLnRlbGVzZWMuZGUv
cmwvVGVsZVNlY19TZXJ2ZXJQYXNzX0RFLTIuY3JsMIHKoIHHoIHEhoHBbGRhcDov
L2xkYXAuc2VydmVycGFzcy50ZWxlc2VjLmRlL2NuPVRlbGVTZWMlMjBTZXJ2ZXJQ
YXNzJTIwREUtMixvdT1ULVN5c3RlbXMlMjBUcnVzdCUyMENlbnRlcixvPVQtU3lz
dGVtcyUyMEludGVybmF0aW9uYWwlMjBHbWJILGM9ZGU/Y2VydGlmaWNhdGVSZXZv
Y2F0aW9ubGlzdD9iYXNlP2NlcnRpZmljYXRlUmV2b2NhdGlvbmxpc3Q9KjCCATkG
CCsGAQUFBwEBBIIBKzCCAScwMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLnNlcnZl
cnBhc3MudGVsZXNlYy5kZS9vY3NwcjBMBggrBgEFBQcwAoZAaHR0cDovL2NybC5z
ZXJ2ZXJwYXNzLnRlbGVzZWMuZGUvY3J0L1RlbGVTZWNfU2VydmVyUGFzc19ERS0y
LmNlcjCBoQYIKwYBBQUHMAKGgZRsZGFwOi8vbGRhcC5zZXJ2ZXJwYXNzLnRlbGVz
ZWMuZGUvY249VGVsZVNlYyUyMFNlcnZlclBhc3MlMjBERS0yLG91PVQtU3lzdGVt
cyUyMFRydXN0JTIwQ2VudGVyLG89VC1TeXN0ZW1zJTIwSW50ZXJuYXRpb25hbCUy
MEdtYkgsYz1kZT9jQUNlcnRpZmljYXRlMAwGA1UdEwEB/wQCMAAwEwYDVR0RBAww
CoIIKi5nbXguYXQwDQYJKoZIhvcNAQELBQADggEBAIQArV9zHeoBWDZaOAlvL2T2
WYvB6ka2MfXOQIYhm4BEHPh5nGzBdlNYhAe1tSV6xTJkx1nTO4QGtDg7efN3ZJOC
WnhsIwKOc1mN2BIzJsr74qFcfbb+ffeCgyo/0ryWjccfOlzZ6luXWkGUBJmkcpwO
vZFUQIw5L6uWEZw5g0Shdh/cofYnT7NLuKS+A5GNvK3WkxvzfKvDaaqkpWnm/TT1
olz/YIiyuaJbhNT+NzFJfHDnChgpqRS16D0Sjr8ugaCBqiwIV7zI77XjVB5h807G
OnfakOlDktJCsew7dg2imjApVTHlPCTcJp1+DjFLEdru+xIbK51SDVEBUVLv3w0=
-----END CERTIFICATE-----
example 3
https://www.arbeiterkammer.at
relayd: relay httpsproxy, session 951 (1 active), 0, 10.0.0.1 ->
188.65.79.84:443, TLS connect error
firefox says: secure connection failed
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIQMeNC+Q7mS21v8utt2z8kUDANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
UmFwaWRTU0wgU0hBMjU2IENBMB4XDTE2MDMwNDAwMDAwMFoXDTE2MTExNTIzNTk1
OVowHjEcMBoGA1UEAwwTKi5hcmJlaXRlcmthbW1lci5hdDCCAiIwDQYJKoZIhvcN
AQEBBQADggIPADCCAgoCggIBAPD9BMhwJm67MJ8Y8ZxUEL68h+B+Do7tpwrFT0SH
KrCS9NWPoY4FVpDHcYc7EthewXp3md4rf0Slmw6qz3Kr+fs8ytfze4cojVXyH7F5
HDJHMGUS1QaK3po26nYy7iE8cgqMfE0y7DxvaqPDHQPpaSFhFhcC+qutnjpuVbK5
pVhAEz75ap9So2hgDq+MJFZ8T8t23ZYhKIhUDXL50A9m3wR6GOB7M5+DrxCueZ0d
MECg/2PSbje4198YwvWJfXsEhYTk5ioRegd9X/imGmMSXSQnuRBjeXmd3Ux5cEkx
w+PpeGk8IgW6iwCgfpc4vOHhBXzupcA0xX8Q6iKRiBS8wdur6cwc5bupxeBXTcjN
NduNa1Q7M5bau40EF4vCC8ZdEH4vuIxfENh9xu6rNw2T6/sACe8W1Z17jBGdmUbv
TTO701CK/ZNWvEb4gYV/Q6RqdGqnRVRPFM3zbxCSgSVUEAa0HEGd7yVc9hdQit55
GTQk47s57EQK0n+dRvWHzk/0mtlARm+y8FDr16Vq6FHsitQD4k0VGYFv5ab7l1mL
vfuq4osWcKpMGXV9ChNE+4ht35dj6fw3RsYHb3BTbfKH3c8LgPZ+BTbXimyZxWnn
5nTVBNnXOAgHi0QLFacgLRJULKHLvEwLdTiWrujoAifqWYrMRe1unhFf8675ton3
ksRDAgMBAAGjggGJMIIBhTAxBgNVHREEKjAoghMqLmFyYmVpdGVya2FtbWVyLmF0
ghFhcmJlaXRlcmthbW1lci5hdDAJBgNVHRMEAjAAMCsGA1UdHwQkMCIwIKAeoByG
Gmh0dHA6Ly9ncC5zeW1jYi5jb20vZ3AuY3JsMG8GA1UdIARoMGYwZAYGZ4EMAQIB
MFowKgYIKwYBBQUHAgEWHmh0dHBzOi8vd3d3LnJhcGlkc3NsLmNvbS9sZWdhbDAs
BggrBgEFBQcCAjAgDB5odHRwczovL3d3dy5yYXBpZHNzbC5jb20vbGVnYWwwHwYD
VR0jBBgwFoAUl8InUJ7CyewMiDLIfK3ipgFP2m8wDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBXBggrBgEFBQcBAQRLMEkwHwYI
KwYBBQUHMAGGE2h0dHA6Ly9ncC5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6
Ly9ncC5zeW1jYi5jb20vZ3AuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQA5d5I8ucDb
a/vd3leuvARWP3ZMRKbkwDI8TeQ5g8wj+lSdSCZb+SRz11bO2ekSmYK0oiQU34kW
ucVupT5tpkqjUXRTqLhANvMEmouj1nw13aWvnUt+BLQsZtIM8z332HWq/48KW2qJ
5mqxkkPajtmNWoph+nk6tGcp9JvSdBValgympcIl25o1dw+RbAGgtmp2dHihNVVp
k/SFTiPLJUe6KCOgxKWQe14uZoWPH0QmIXDgKTtGQGm0cSeoYYJkcgXcgjdq3w6P
gD1+NiU0cdz9/M/xHC5sbiiWA98btdiPFz3kIHeSn01OpbNBp8N8Mnb+1do1ECSW
PVQgINsDqmuH
-----END CERTIFICATE-----
example 4
https://www.landestheater.net/
relayd: relay httpsproxy, session 974 (1 active), 0, 10.0.0.1 ->
80.120.141.37:443, TLS connect error
firefox says: secure connection failed
-----BEGIN CERTIFICATE-----
MIIH/zCCBuegAwIBAgIRAMVAKzEEruwjKfNB3fBG0RowDQYJKoZIhvcNAQELBQAw
gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
ZXJ2ZXIgQ0EwHhcNMTYwOTA3MDAwMDAwWhcNMTYxMTMwMjM1OTU5WjCBwjELMAkG
A1UEBhMCQVQxDTALBgNVBBETBDMxMDAxGjAYBgNVBAgTEU5pZWRlcm9lc3RlcnJl
aWNoMRQwEgYDVQQHEwtTdC4gUG9lbHRlbjEcMBoGA1UECRMTTmV1ZSBIZXJyZW5n
YXNzZSAxMDElMCMGA1UEChMcTk9lIEt1bHR1cndpcnRzY2hhZnQgR2VzbWJILjEL
MAkGA1UECxMCSVQxIDAeBgNVBAMTF3d3dy5ub2Uta3VsdHVya2FydGVuLmF0MIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyk4ywg87Ds5V8wKo0tqpmrPn
xG3CUm92G5fkkabdWdv2blNvUB9jIbXhJ01TNUUoURWYN4G7SA7PxDdox6qHdusP
CRKWIxr7mVoPzOshc3aXZUGnOFJ0zsPcOA9mQTQkmVPPuMMRUx4SQLqBGceLydl4
HFwAxc1rg6uN88c7vQhhmGn9eLaT3fGDczOy3s8dyheGiKS17y/XluZtHvoViZ7K
PyK6Gk2EirqONf93KAiLZsAjhX3k7XiodvgruiJ8aD7UuvTf/JyIKhfWDHtwgA93
D+/iuGylHtlNjcky/VpVraATVDReBy9L+hBp2c7lAloU8YN3o6X5Z7/LSy6YAwID
AQABo4IEGDCCBBQwHwYDVR0jBBgwFoAUmvMr2s+tT7YvuypISCoStxtCwSQwHQYD
VR0OBBYEFNhHSCITN8f4GainyfIDoyZvzwPxMA4GA1UdDwEB/wQEAwIFoDAMBgNV
HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBQBgNVHSAE
STBHMDsGDCsGAQQBsjEBAgEDBDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3Vy
ZS5jb21vZG8uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0
cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBT3JnYW5pemF0aW9uVmFsaWRh
dGlvblNlY3VyZVNlcnZlckNBLmNybDCBiwYIKwYBBQUHAQEEfzB9MFUGCCsGAQUF
BzAChklodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRp
b25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRw
Oi8vb2NzcC5jb21vZG9jYS5jb20wggJXBgNVHREEggJOMIICSoIXd3d3Lm5vZS1r
dWx0dXJrYXJ0ZW4uYXSCG2dlc2NoaWNodGUubGFuZGVzbXVzZXVtLm5ldIIYc2hv
cC53YWNoYXVrdWx0dXJtZWxrLmF0gg10ZXN0Lm5vZWt1LmF0gg93d3cuYXJ0b3Ro
ZWsuYXSCFXd3dy5iYXJvY2t0YWdlbWVsay5hdIIKd3d3LmJpaC5hdIISd3d3LmJ1
ZWhuZWJhZGVuLmF0ghJ3d3cuYnVlaG5laW1ob2YuYXSCEHd3dy5jYXJudW50dW0u
YXSCFHd3dy5kb25hdWZlc3RpdmFsLmF0ghR3d3cuZmVzdHNwaWVsaGF1cy5hdIIX
d3d3LmdsYXR0dW5kdmVya2VocnQuYXSCEXd3dy5ncmFmZW5lZ2cuY29tghd3d3cu
a2lub2lta2Vzc2VsaGF1cy5hdIIQd3d3LmtsYW5ncmF1bS5hdIIZd3d3Lmt1bHR1
cnZlcm1pdHRsdW5nLm5ldIIRd3d3Lmt1bnN0aGFsbGUuYXSCEnd3dy5rdW5zdG11
c2V1bS5hdIIVd3d3LmxhbmRlc3RoZWF0ZXIubmV0ghp3d3cubGl0ZXJhdHVyaGF1
c2V1cm9wYS5ldYIMd3d3Lm5vZWt1LmF0ghd3d3cuc29tbWVyc3BpZWxlbWVsay5h
dIIVd3d3LnRpc2NobGVyZWltZWxrLmF0ghN3d3cudG9ua3VlbnN0bGVyLmF0ghd3
d3cud2FjaGF1aW5lY2h0emVpdC5hdIIXd3d3LndhY2hhdWt1bHR1cm1lbGsuYXQw
DQYJKoZIhvcNAQELBQADggEBAKcaf1v9qq5qNO0Cq/4jyQRjstXHzLHDVUD79R92
5ukBSzT8E30VQPhrGU9wIkSguR/UzMJy9r0XeB/9IXw/BjN3h06Z8hrMKDkib4Zl
287eUiOA8VNY0Sx6SjHHSGxOfFQ6KjAThD9I3zS0QR6OEZp0aIuXFRrdg0n6Nx0J
Oxw2Bj4s5Rvay1iHkNjA2H70oY3R51+DPs9EWyQvMZLY2/RCERqO7Kp6yzc7BhPm
/YcAQ0qtbsdvFqCL9EVBkjfcOqWSdHafOg+l+MWP1F7MlPHZFTcuqnV46aYNnaXH
tA/fITW47t7ChkSmcSzhNPQxb42W+OiHg0BYARSyY7t0JcI=
-----END CERTIFICATE-----
Marcus
