Add v2.3.1

devk-insurance · Feb 27, 2020 · 3cafb17 · 3cafb17
1 parent 060410f
commit 3cafb17
Show file tree

Hide file tree

Showing 258 changed files with 9,025 additions and 2,364 deletions.
diff --git a/unzip/add-on/aws-ad-with-rdgw-ad-connector.template b/unzip/add-on/aws-ad-with-rdgw-ad-connector.template
@@ -1,15 +1,16 @@
-# Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#  Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. 
 #
-# Licensed under the Amazon Software License (the "License").
-# You may not use this file except in compliance with the License.
-# A copy of the License is located at
+#  Licensed under the Apache License Version 2.0 (the "License"). You may not 
+#  use this file except in compliance with the License. A copy of the License is 
+#  located at                                                           
 #
-# http://aws.amazon.com/asl/
+#      http://www.apache.org/licenses/
+#
+#  or in the "license" file accompanying this file. This file is distributed on  
+#  an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or 
+#  implied. See the License for the specific language governing permissions and  
+#  limitations under the License.      
 #
-# or in the "license" file accompanying this file. This file is distributed
-# on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
-# express or implied. See the License for the specific language governing
-# permissions and limitations under the License.
 AWSTemplateFormatVersion: '2010-09-09'
 Description: AWS Managed AD and Directory Connector for AWS SSO - Add-On Product
 
@@ -204,7 +205,7 @@ Mappings:
     SourceBucketName:
       Name: solutions-reference
     SourceKeyName:
-      Name: aws-landing-zone/v2.3.0/add-on/aws-ad-with-rdgw-ad-connector.zip
+      Name: aws-landing-zone/v2.3.1/add-on/aws-ad-with-rdgw-ad-connector.zip
     DestinationKeyName:
       Name: aws-landing-zone-configuration.zip
   LambdaFunction:
@@ -220,7 +221,7 @@ Resources:
           log_level: !FindInMap [LambdaFunction, Logging, Level]
       Code:
         S3Bucket: !Sub solutions-${AWS::Region}
-        S3Key: aws-landing-zone/v2.3.0/aws-landing-zone-add-on-config-deployer.zip
+        S3Key: aws-landing-zone/v2.3.1/aws-landing-zone-add-on-config-deployer.zip
       Description: AWS Landing Zone Add-On Deployment Lambda
       Handler: add_on_config_deployer.lambda_handler
       MemorySize: '512'

diff --git a/...with-rdgw-ad-connector/templates/core_accounts/aws-landing-zone-aws-ad-connector.template b/...with-rdgw-ad-connector/templates/core_accounts/aws-landing-zone-aws-ad-connector.template
@@ -181,7 +181,7 @@ Resources:
           sm_arn_handshake_sm: !Ref HandshakeStateMachine
       Code:
         S3Bucket: !Sub solutions-${AWS::Region}
-        S3Key: aws-landing-zone/v2.3.0/aws-landing-zone-avm-cr.zip
+        S3Key: aws-landing-zone/v2.3.1/aws-landing-zone-avm-cr.zip
       Description: AWS Lambda-backed Custom Resources for AVM
       FunctionName: LandingZoneADConnector
       Handler: lambda_custom_resource.lambda_handler
@@ -201,7 +201,7 @@ Resources:
           log_level: 'info'
       Code:
         S3Bucket: !Sub solutions-${AWS::Region}
-        S3Key: aws-landing-zone/v2.3.0/aws-landing-zone-state-machine.zip
+        S3Key: aws-landing-zone/v2.3.1/aws-landing-zone-state-machine.zip
       Description: AWS Landing Zone State Machine Handler
       FunctionName: LandingZoneStateMachineLambdaADConnector
       Handler: state_machine_router.lambda_handler
@@ -623,7 +623,7 @@ Resources:
           wait_time: 15
       Code:
         S3Bucket: !Sub solutions-${AWS::Region}
-        S3Key: aws-landing-zone/v2.3.0/aws-landing-zone-handshake-state-machine.zip
+        S3Key: aws-landing-zone/v2.3.1/aws-landing-zone-handshake-state-machine.zip
       Description: AWS Lambda-backed Custom Resources for Handshake Mechanism
       FunctionName: LandingZoneHandshakeSMLambdaADConnector
       Handler: handshake_sm_router.lambda_handler

diff --git a/...d-on/aws-ad-with-rdgw-ad-connector/templates/core_accounts/aws-landing-zone-rdgw.template b/...d-on/aws-ad-with-rdgw-ad-connector/templates/core_accounts/aws-landing-zone-rdgw.template
@@ -198,7 +198,7 @@
         "S3KeyPrefix": {
             "AllowedPattern": "^[0-9a-zA-Z-/.]*$",
             "ConstraintDescription": "Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/).",
-            "Default": "aws-landing-zone/v2.3.0/scripts/",
+            "Default": "aws-landing-zone/v2.3.1/scripts/",
             "Description": "S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/).",
             "Type": "String"
         },
@@ -868,6 +868,7 @@
                 }
             },
             "Properties": {
+                "AssociatePublicIpAddress": True,
                 "ImageId": {
                     "Ref": "LatestRdgwAmiId"
                 },
@@ -913,6 +914,18 @@
                                     "Ref": "AWS::Region"
                                 },
                                 "\n",
+                                "# Signal the status from cfn-init\n",
+                                "cfn-signal -e $? ",
+                                "         --stack ",
+                                {
+                                    "Ref": "AWS::StackName"
+                                },
+                                "         --resource RDGWAutoScalingGroup ",
+                                "         --region ",
+                                {
+                                    "Ref": "AWS::Region"
+                                },
+                                "\n",
                                 "</script>\n"
                             ]
                         ]
@@ -994,3 +1007,4 @@
         }
     }
 }
+
diff --git a/...gging-solution/templates/aws_baseline/aws-landing-zone-centralized-logging-spoke.template b/...gging-solution/templates/aws_baseline/aws-landing-zone-centralized-logging-spoke.template
@@ -100,10 +100,13 @@ Mappings:
   InstanceMap:
     send-data: {"SendAnonymousData": "Yes"}
 
+  # Lambda source code mapping
+  # Centralized Version v3.0.0 for helper Lambda, v3.0.1 for log streamer
+  # for Node.js updates
   SourceCode:
     General:
       S3Bucket: "solutions"
-      KeyPrefix: "centralized-logging/v3.0.0"
+      KeyPrefix: "centralized-logging"
 
   # CloudWatch logs pattern mapping
   FilterPatternLookup:
@@ -176,8 +179,8 @@ Resources:
       Role: !Sub ${LogStreamerRole.Arn}
       Code:
         S3Bucket: !Join ["-", [!FindInMap ["SourceCode", "General", "S3Bucket"], Ref: "AWS::Region"]]
-        S3Key: !Join ["/", [!FindInMap ["SourceCode", "General", "KeyPrefix"],  "clog-indexing-service.zip"]]
-      Runtime: nodejs8.10
+        S3Key: !Join ["/", [!FindInMap ["SourceCode", "General", "KeyPrefix"],  "v3.0.1/clog-indexing-service.zip"]]
+      Runtime: nodejs12.x
       Timeout: 300
 
   LogStreamerInvokePermission:
@@ -215,47 +218,52 @@ Resources:
   # Solution Helper resources
   # [SolutionHelperRole, SolutionHelper, SendingAnonymousData, CreateUniqueID]
   #
+  SolutionHelper:
+    Type: 'AWS::Lambda::Function'
+    Properties:
+      Description: Centralized Logging - Lambda function to generate a unique ID
+      Environment:
+        Variables:
+          # V56536055 - 10/08/2018 - better logging capabilities
+          LOG_LEVEL: 'INFO' #change to WARN, ERROR or DEBUG as needed
+      Handler: index.handler
+      Runtime: nodejs12.x
+      Timeout: 300
+      Role: !GetAtt SolutionHelperRole.Arn
+      Code:
+        S3Bucket: !Join ["-", [!FindInMap ["SourceCode", "General", "S3Bucket"], Ref: "AWS::Region"]]
+        S3Key: !Join ["/", [!FindInMap ["SourceCode", "General", "KeyPrefix"],  "v3.0.0/clog-auth.zip"]]
+
   SolutionHelperRole:
     Type: AWS::IAM::Role
     Properties:
       AssumeRolePolicyDocument:
-        Version: 2012-10-17
+        Version: '2012-10-17'
         Statement:
         - Effect: Allow
           Principal:
-            Service: lambda.amazonaws.com
-          Action: sts:AssumeRole
-      Path: /
+            Service:
+            - lambda.amazonaws.com
+          Action:
+          - sts:AssumeRole
+      Path: "/"
       Policies:
-      - PolicyName: Custom_Lambda_Loader_Permissions
+      - PolicyName: root
         PolicyDocument:
-          Version: 2012-10-17
+          Version: '2012-10-17'
           Statement:
           - Effect: Allow
             Action:
             - logs:CreateLogGroup
             - logs:CreateLogStream
             - logs:PutLogEvents
-            Resource: !Sub arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/*
-
-  SolutionHelper:
-    Type: AWS::Lambda::Function
-    Properties:
-      Handler: solution-helper.lambda_handler
-      Role: !Sub ${SolutionHelperRole.Arn}
-      Description: EFS Backup - This function is a CloudFormation custom lambda resource that generates UUID for each deployment.
-      Code:
-       S3Bucket: !Sub solutions-${AWS::Region}
-       S3Key: library/solution-helper/v3/solution-helper.zip
-      Runtime: python2.7
-      Timeout: 300
+            Resource: !Sub 'arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/${AWS::StackName}-*'
 
   CreateUniqueID:
     Type: Custom::LoadLambda
     Properties:
-      ServiceToken: !Sub ${SolutionHelper.Arn}
-      Region: !Sub ${AWS::Region}
-      CreateUniqueID: true
+      ServiceToken: !GetAtt SolutionHelper.Arn
+      Resource: UUID
 
 Outputs:
   LambdaArn:

diff --git a/...ng-solution/templates/core_accounts/aws-landing-zone-centralized-logging-primary.template b/...ng-solution/templates/core_accounts/aws-landing-zone-centralized-logging-primary.template
@@ -136,10 +136,12 @@ Mappings:
       Large: '6'
 
   # Lambda source code mapping
+  # Centralized Version v3.0.0 for helper Lambda, v3.0.1 for log streamer
+  # for Node.js updates
   SourceCode:
     General:
       S3Bucket: "solutions"
-      KeyPrefix: "centralized-logging/v3.0.0"
+      KeyPrefix: "centralized-logging"
 
 Conditions:
   DemoData: !Equals [!Ref DemoTemplate, 'Yes']
@@ -339,12 +341,12 @@ Resources:
           # V56536055 - 10/08/2018 - better logging capabilities
           LOG_LEVEL: 'INFO' #change to WARN, ERROR or DEBUG as needed
       Handler: index.handler
-      Runtime: nodejs8.10
+      Runtime: nodejs12.x
       Timeout: 300
       Role: !GetAtt LambdaESCognitoRole.Arn
       Code:
         S3Bucket: !Join ["-", [!FindInMap ["SourceCode", "General", "S3Bucket"], Ref: "AWS::Region"]]
-        S3Key: !Join ["/", [!FindInMap ["SourceCode", "General", "KeyPrefix"],  "clog-auth.zip"]]
+        S3Key: !Join ["/", [!FindInMap ["SourceCode", "General", "KeyPrefix"],  "v3.0.0/clog-auth.zip"]]
 
   LambdaESCognitoRole:
     Type: AWS::IAM::Role
@@ -774,8 +776,8 @@ Resources:
       Role: !Sub ${LogStreamerRole.Arn}
       Code:
         S3Bucket: !Join ["-", [!FindInMap ["SourceCode", "General", "S3Bucket"], Ref: "AWS::Region"]]
-        S3Key: !Join ["/", [!FindInMap ["SourceCode", "General", "KeyPrefix"],  "clog-indexing-service.zip"]]
-      Runtime: nodejs8.10
+        S3Key: !Join ["/", [!FindInMap ["SourceCode", "General", "KeyPrefix"],  "v3.0.1/clog-indexing-service.zip"]]
+      Runtime: nodejs12.x
       Timeout: 300
 
   LogStreamerInvokePermission:

diff --git a/unzip/add-on/aws-centralized-logging-soution.template b/unzip/add-on/aws-centralized-logging-soution.template
@@ -1,15 +1,16 @@
-# Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#  Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. 
 #
-# Licensed under the Amazon Software License (the "License").
-# You may not use this file except in compliance with the License.
-# A copy of the License is located at
+#  Licensed under the Apache License Version 2.0 (the "License"). You may not 
+#  use this file except in compliance with the License. A copy of the License is 
+#  located at                                                           
 #
-# http://aws.amazon.com/asl/
+#      http://www.apache.org/licenses/
+#
+#  or in the "license" file accompanying this file. This file is distributed on  
+#  an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or 
+#  implied. See the License for the specific language governing permissions and  
+#  limitations under the License.      
 #
-# or in the "license" file accompanying this file. This file is distributed
-# on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
-# express or implied. See the License for the specific language governing
-# permissions and limitations under the License.
 AWSTemplateFormatVersion: '2010-09-09'
 Description: AWS Centralized Logging Solution - Add-On Product
 
@@ -125,7 +126,7 @@ Mappings:
     SourceBucketName:
       Name: solutions-reference
     SourceKeyName:
-      Name: aws-landing-zone/v2.3.0/add-on/aws-centralized-logging-solution.zip
+      Name: aws-landing-zone/v2.3.1/add-on/aws-centralized-logging-solution.zip
     DestinationKeyName:
       Name: aws-landing-zone-configuration.zip
   LambdaFunction:
@@ -141,7 +142,7 @@ Resources:
           log_level: !FindInMap [LambdaFunction, Logging, Level]
       Code:
         S3Bucket: !Sub solutions-${AWS::Region}
-        S3Key: aws-landing-zone/v2.3.0/aws-landing-zone-add-on-config-deployer.zip
+        S3Key: aws-landing-zone/v2.3.1/aws-landing-zone-add-on-config-deployer.zip
       Description: AWS Landing Zone Add-On Deployment Lambda
       Handler: add_on_config_deployer.lambda_handler
       MemorySize: '512'

diff --git a/unzip/aws-landing-zone-add-on-config-deployer/add_on_config_deployer.py b/unzip/aws-landing-zone-add-on-config-deployer/add_on_config_deployer.py
@@ -1,14 +1,14 @@
-######################################################################################################################
-#  Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.                                           #
-#                                                                                                                    #
-#  Licensed under the Amazon Software License (the "License"). You may not use this file except in compliance        #
-#  with the License. A copy of the License is located at                                                             #
-#                                                                                                                    #
-#      http://aws.amazon.com/asl/                                                                                    #
-#                                                                                                                    #
-#  or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES #
-#  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions    #
-#  and limitations under the License.                                                                                #
+###################################################################################################################### 
+#  Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.                                           # 
+#                                                                                                                    # 
+#  Licensed under the Apache License Version 2.0 (the "License"). You may not use this file except in compliance     # 
+#  with the License. A copy of the License is located at                                                             # 
+#                                                                                                                    # 
+#      http://www.apache.org/licenses/                                                                               # 
+#                                                                                                                    # 
+#  or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES # 
+#  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions    # 
+#  and limitations under the License.                                                                                # 
 ######################################################################################################################
 
 # !/bin/python
@@ -167,7 +167,6 @@ def config_deployer(event, previous_event, RequestType = 'Create'):
                     lzconfig_add_on_path = lzconfig_extract_path + "/" + "aws-landing-zone-configuration/add-on"
 
                 make_dir(lzconfig_add_on_path)
-                shutil.copyfile(output_path + "/" + add_on_zip_file_name, lzconfig_add_on_path + "/" + add_on_zip_file_name)
 
                 # if previous_event exists - delete the old zip file from the landing zone config zip
                 if previous_event is not None:
@@ -183,6 +182,10 @@ def config_deployer(event, previous_event, RequestType = 'Create'):
                         logger.info("Found the old add-on zip file in the ALZ config zip, deleting the file")
                         os.remove(lzconfig_add_on_path + "/" + previous_add_on_zip_file_name)
 
+                # copy the latest add-on zip into the ALZ config
+                shutil.copyfile(output_path + "/" + add_on_zip_file_name,
+                                lzconfig_add_on_path + "/" + add_on_zip_file_name)
+
                 zip_function(destination_key_name, lzconfig_extract_path, output_path)
                 # Upload the file in the customer S3 bucket
                 local_file = output_path + "/" + destination_key_name

diff --git a/unzip/aws-landing-zone-add-on-config-deployer/certifi/__init__.py b/unzip/aws-landing-zone-add-on-config-deployer/certifi/__init__.py
@@ -1,3 +1,3 @@
 from .core import where
 
-__version__ = "2019.09.11"
+__version__ = "2019.11.28"
diff --git a/unzip/aws-landing-zone-add-on-config-deployer/certifi/cacert.pem b/unzip/aws-landing-zone-add-on-config-deployer/certifi/cacert.pem
@@ -4556,3 +4556,47 @@ L5/ndtFhKvshuzHQqp9HpLIiyhY6UFfEW0NnxWViA0kB60PZ2Pierc+xYw5F9KBa
 LJstxabArahH9CdMOA0uG0k7UvToiIMrVCjU8jVStDKDYmlkDJGcn5fqdBb9HxEG
 mpv0
 -----END CERTIFICATE-----
+
+# Issuer: CN=Entrust Root Certification Authority - G4 O=Entrust, Inc. OU=See www.entrust.net/legal-terms/(c) 2015 Entrust, Inc. - for authorized use only
+# Subject: CN=Entrust Root Certification Authority - G4 O=Entrust, Inc. OU=See www.entrust.net/legal-terms/(c) 2015 Entrust, Inc. - for authorized use only
+# Label: "Entrust Root Certification Authority - G4"
+# Serial: 289383649854506086828220374796556676440
+# MD5 Fingerprint: 89:53:f1:83:23:b7:7c:8e:05:f1:8c:71:38:4e:1f:88
+# SHA1 Fingerprint: 14:88:4e:86:26:37:b0:26:af:59:62:5c:40:77:ec:35:29:ba:96:01
+# SHA256 Fingerprint: db:35:17:d1:f6:73:2a:2d:5a:b9:7c:53:3e:c7:07:79:ee:32:70:a6:2f:b4:ac:42:38:37:24:60:e6:f0:1e:88
+-----BEGIN CERTIFICATE-----
+MIIGSzCCBDOgAwIBAgIRANm1Q3+vqTkPAAAAAFVlrVgwDQYJKoZIhvcNAQELBQAw
+gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
+Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
+MjAxNSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw
+BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0
+MB4XDTE1MDUyNzExMTExNloXDTM3MTIyNzExNDExNlowgb4xCzAJBgNVBAYTAlVT
+MRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1
+c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNSBFbnRydXN0LCBJ
+bmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAwBgNVBAMTKUVudHJ1c3Qg
+Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0MIICIjANBgkqhkiG9w0B
+AQEFAAOCAg8AMIICCgKCAgEAsewsQu7i0TD/pZJH4i3DumSXbcr3DbVZwbPLqGgZ
+2K+EbTBwXX7zLtJTmeH+H17ZSK9dE43b/2MzTdMAArzE+NEGCJR5WIoV3imz/f3E
+T+iq4qA7ec2/a0My3dl0ELn39GjUu9CH1apLiipvKgS1sqbHoHrmSKvS0VnM1n4j
+5pds8ELl3FFLFUHtSUrJ3hCX1nbB76W1NhSXNdh4IjVS70O92yfbYVaCNNzLiGAM
+C1rlLAHGVK/XqsEQe9IFWrhAnoanw5CGAlZSCXqc0ieCU0plUmr1POeo8pyvi73T
+DtTUXm6Hnmo9RR3RXRv06QqsYJn7ibT/mCzPfB3pAqoEmh643IhuJbNsZvc8kPNX
+wbMv9W3y+8qh+CmdRouzavbmZwe+LGcKKh9asj5XxNMhIWNlUpEbsZmOeX7m640A
+2Vqq6nPopIICR5b+W45UYaPrL0swsIsjdXJ8ITzI9vF01Bx7owVV7rtNOzK+mndm
+nqxpkCIHH2E6lr7lmk/MBTwoWdPBDFSoWWG9yHJM6Nyfh3+9nEg2XpWjDrk4JFX8
+dWbrAuMINClKxuMrLzOg2qOGpRKX/YAr2hRC45K9PvJdXmd0LhyIRyk0X+IyqJwl
+N4y6mACXi0mWHv0liqzc2thddG5msP9E36EYxr5ILzeUePiVSj9/E15dWf10hkNj
+c0kCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
+VR0OBBYEFJ84xFYjwznooHFs6FRM5Og6sb9nMA0GCSqGSIb3DQEBCwUAA4ICAQAS
+5UKme4sPDORGpbZgQIeMJX6tuGguW8ZAdjwD+MlZ9POrYs4QjbRaZIxowLByQzTS
+Gwv2LFPSypBLhmb8qoMi9IsabyZIrHZ3CL/FmFz0Jomee8O5ZDIBf9PD3Vht7LGr
+hFV0d4QEJ1JrhkzO3bll/9bGXp+aEJlLdWr+aumXIOTkdnrG0CSqkM0gkLpHZPt/
+B7NTeLUKYvJzQ85BK4FqLoUWlFPUa19yIqtRLULVAJyZv967lDtX/Zr1hstWO1uI
+AeV8KEsD+UmDfLJ/fOPtjqF/YFOOVZ1QNBIPt5d7bIdKROf1beyAN/BYGW5KaHbw
+H5Lk6rWS02FREAutp9lfx1/cH6NcjKF+m7ee01ZvZl4HliDtC3T7Zk6LERXpgUl+
+b7DUUH8i119lAg2m9IUe2K4GS0qn0jFmwvjO5QimpAKWRGhXxNUzzxkvFMSUHHuk
+2fCfDrGA4tGeEWSpiBE6doLlYsKA2KSD7ZPvfC+QsDJMlhVoSFLUmQjAJOgc47Ol
+IQ6SwJAfzyBfyjs4x7dtOvPmRLgOMWuIjnDrnBdSqEGULoe256YSxXXfW8AKbnuk
+5F6G+TaU33fD6Q3AOfF5u0aOq0NZJ7cguyPpVkAh7DE9ZapD8j3fcEThuk0mEDuY
+n/PIjhs4ViFqUZPTkcpG2om3PVODLAgfi49T3f+sHw==
+-----END CERTIFICATE-----