Certificate and CA Requests
The XML Interface enables you to:
Export the public portion of a certificate (see CertificateExportRequest)
Export the public portion of a certificate used as a key (see KeyCertificateExportRequest)
Export a certificate authority (see CAExportRequest)
Create an SSL certificate signing request (see CSRCreateRequest)
Sign an SSL certificate with a local certificate authority (CA) (see CertificateSignRequest)
SSL certificates signed through the XML interface can also be viewed in the console. See Certificate Authority for information on viewing certificates signed by a local CA.
CertificateExportRequest
Export a certificate.
This element has the following structure:
<CertificateExportRequest>
<ID>...</ID>
<CertificateName>...</CertificateName>
</CertificateExportRequest>
Element | Description |
---|---|
ID | Contains the user-specified request ID. |
CertificateName | Contains the Certificate ID/Name of the certificate to be exported. |
This API is only applied to Device SSL certificates.
CertificateExportResponse
Server response to a CertificateExportRequest.
<CertificateExportResponse
<ID>...</ID>
<Success>true</Success>
<CertificateName>...</CertificateName>
<CertificateData>-----BEGIN CERTIFICATE-----
... # Certificate
-----END CERTIFICATE-----
</CertificateData>
</CertificateExportResponse>
Element | Description |
---|---|
ID | Contains the user-specified request ID. |
Success | Indicates if the operation was successful. true indicates success. false indicates failure. When the operation is successful, the response element will contain the CertificateName, and CertificateData elements described below. When the operation fails, the response element contains the FatalError and ErrorString elements to illustrate why the failure occurred and help you troubleshoot. For a list of possible error IDs and strings, see Error Messages. |
CertificateName | Contains the Certificate ID/Name of the certificate. |
CertificateData | Contains the ASCII-encoded certificate. |
Export a Certificate
<CertificateExportRequest>
<ID>XMLID317</ID>
<CertificateName>...</CertificateName>
</CertificateExportRequest>
<CertificateExportResponse>
<ID>XMLID317</ID>
<Success>true</Success>
<CertificateName>...</CertificateName>
<CertificateData>-----BEGIN CERTIFICATE-----
MIIDGjCCAgKgAwIBAgICCzgwDQYJKoZIhvcNAQELBQAwfzELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAkNBMREwDwYDVQQHEwhSZWR3b29kQzEMMAoGA1UEChMDRGV2MQsw
CQYDVQQLEwJRQTEQMA4GA1UEAxMHSW5ncmlhbjEjMCEGCSqGSIb3DQEJARYUaGtv
ZWtzYWxAaW5ncmlhbi5jb20wHhcNMTEwMjIxMjMwOTIzWhcNMTIwMjIxMjMwOTIz
WjCBgjELMAkGA1UEBhMCR0IxCzAJBgNVBAgTAlVTMQswCQYDVQQHEwJDQTEVMBMG
A1UEChMMUmVkd29vZCBDaXR5MRAwDgYDVQQLEwdTYWZlTmV0MQswCQYDVQQDEwJE
djEjMCEGCSqGSIb3DQEJARYUaGtvZWtzYWxAaW5ncmlhbi5jb20wgZ8wDQYJKoZI
hvcNAQEBBQADgY0AMIGJAoGBANn9stz8zh2yv1QBvv1mgS+G+7Pez66O0/wGlqP6
RfZVGn6zPvXsS3Zk93LQV5d4PQjOt9kOIVE6A3iDqQvDsaayr/U7EsZixd70SJvN
ulhuYYNyH2A7y+gLdWRSBGxheB/byaKo+F9xzcNxtlEVTYcZ+DcC39s9bBgxlWNP
FUl9AgMBAAGjIDAeMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgeAMA0GCSqG
SIb3DQEBCwUAA4IBAQCqpXLb4RMgj7BkepV55tPDiKDCBYc2rHk4Zs1b6UhTGspH
wKC7qBkoSJTXSUHmSTFqkadhpw9qEwP8N0kiUsH0pVqBJ/mqW/Lq99AkVHEjp//P
kCXGJA9ZLnxTGe27UNec6fxfnqR8CzDChwaaw+orKSJI1G0GrUbitlYd21mOvWG5
kCMv38NRxKi8PnCJKeVJnakCnYyuUnbGnhtHMBu3krPVwxv+QjD/5uPP52UXvnf2
SzI/tXoY5chnDgr6gIzau+pgqJ27spbY43EGyIP0u9VtX49c7rtSvb1RP9aLAYAA
0AmBHzEWkg7xqGi1l+LFsrt6VyIhp9MTWBLEhmwv
-----END CERTIFICATE-----
</CertificateData>
</CertificateExportResponse>
KeyCertificateExportRequest
Export a key certificate.
<KeyCertificateExportRequest>
<ID>...</ID><KeyName>...</KeyName>
</KeyCertificateExportRequest>
Element | Description |
---|---|
ID | Contains the user-specified request ID. |
KeyName | Name of the key certificate. |
KeyCertificateExportResponse
Server response to a
<KeyCertificateExportResponse>
<ID>...</ID>
<Success>...</Success>
<KeyName>...</KeyName>
<CertificateData>...</CertificateData>
</KeyCertificateExportResponse>
Element | Description |
---|---|
ID | Contains the user-specified request ID. |
Success | Indicates if the operation was successful. true indicates success. false indicates failure. When the operation is successful, the response element will contain the elements described below. When the operation fails, the response element contains the FatalError and ErrorString elements to illustrate why the failure occurred and help you troubleshoot. For a list of possible error IDs and strings, see Error Messages. |
KeyName | Name of the key certificate. |
CertificateData | The certificate. |
Export a Key Certificate
<KeyCertificateExportRequest>
<ID>XMLID317</ID>
<KeyName>cert_key_1</KeyName>
</KeyCertificateExportRequest>
<KeyCertificateExportResponse>
<ID>XMLID317</ID>
<Success>true</Success>
<KeyName>cert_key_1</KeyName>
<CertificateData>-----BEGIN CERTIFICATE-----
MIIDGjCCAgKgAwIBAgICC0swDQYJKoZIhvcNAQELBQAwfzELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAkNBMREwDwYDVQQHEwhSZWR3b29kQzEMMAoGA1UEChMDRGV2MQsw
CQYDVQQLEwJRQTEQMA4GA1UEAxMHSW5ncmlhbjEjMCEGCSqGSIb3DQEJARYUaGtv
ZWtzYWxAaW5ncmlhbi5jb20wHhcNMTEwMjE2MDUyNDQzWhcNMTIwMjE2MDUyNDQz
WjCBgjELMAkGA1UEBhMCR0IxCzAJBgNVBAgTAlVTMQswCQYDVQQHEwJDQTEVMBMG
A1UEChMMUmVkd29vZCBDaXR5MRAwDgYDVQQLEwdTYWZlTmV0MQswCQYDVQQDEwJE
djEjMCEGCSqGSIb3DQEJARYUaGtvZWtzYWxAaW5ncmlhbi5jb20wgZ8wDQYJKoZI
hvcNAQEBBQADgY0AMIGJAoGBAM3k3NdpSo4x8PeiJDnF3++7oA/mC99SIWZ0W6cn
BNNbKDNpBDl1UI3o5zJ/0dDDEDC9hhZFu0SDliCMse7GSnzJJm6ZuNVmYlUVatVp
EMZ7ZnoNO01ML6daS4ma8OKJpBKLPQkuKx+7zQmeydbYcX/nzselPJTRA94bfUbD
mxJjAgMBAAGjIDAeMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgeAMA0GCSqG
SIb3DQEBCwUAA4IBAQCLJHonkoR3lEn/Q9v3o58t/rTFuCBgEAnhDFfYJuYil2ue
XD+2AVjIo2EiPCUTC18uPbD1PCdtmdDtMHm+jCIbpBUkbaK5vc1U2Os6Zdc+GMNh
C51qqPhXW9zT2ZlLqwyBJknwGarSLp8eSQfIJD7qwJcJt3umEQjFs/BO6Jv6sVWq
MqJqtWqwUWbWLR4/OWC2hYL0CMOFezjslIPLye1lfpQk6CSoF3faguMJPgtz0jtj
hfpW+cxi8N0Jwo6bLZk4wWobDYFbDp/SShMOebwbW+MUiHIjmD+zj8ZoXhjc8dqi
tBEBXwcVndSfF0mllp8yM2VQh05p+YXlgVz3eqcO
-----END CERTIFICATE-----
</CertificateData>
</KeyCertificateExportResponse>
CAExportRequest
Export a certificate authority.
<CAExportRequest>
<ID>...</ID>
<CAName>...</CAName>
</CAExportRequest>
Note
To run the CAExportRequest
request, the user must be part of either admin
or CA Admins
group.
Element | Description |
---|---|
ID | Contains the user-specified request ID. |
CAName | ID/Name of the certificate authority. |
CAExportResponse
Server response to a CAExportRequest.
<CAExportResponse>
<ID>...</ID>
<Success>...</Success>
<CAName>...</CAName>
<CertificateData>...</CertificateData>
</CAExportResponse>
Element | Description |
---|---|
ID | Contains the user-specified request ID. |
Success | Indicates if the operation was successful. true indicates success. false indicates failure. When the operation is successful, the response element will contain the elements described below. When the operation fails, the response element contains the FatalError and ErrorString elements to illustrate why the failure occurred and help you troubleshoot. For a list of possible error IDs and strings, see Error Messages. |
CAName | ID/Name of the certificate authority. |
CertificateData | The certificate. |
Export a Certificate Authority
<CAExportRequest>
<ID>XMLID477</ID>
<CAName>CA1</CAName>
</CAExportRequest>
<CAExportResponse>
<ID>XMLID477</ID>
<Success>true</Success>
<CAName>CA1</CAName>
<CertificateData>-----BEGIN CERTIFICATE---- -
MIIEVTCCAz2gAwIBAgIBADANBgkqhkiG9w0BAQsFADB+MQswCQYDVQQGEwJVUzEL
MAkGA1UECBMCQ0ExDDAKBgNVBAcTA1JXQzEMMAoGA1UEChMDREVWMRAwDgYDVQQL
LmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQB88W4dC8kE
rBV6VgEsvmDQSNJyC/AvZFqWa8uHz8pTzhbsC6sJRiwZHGpkHFOC2d3hNGlDePTh
y91Y85o9gbW2ga+wsvSjrxDWPgz7CCgzypELFukQ2A+ew6SYWOVgb3YZrWwWvHoz
Q4o3x5qPEpNzo+2TWpSkgEp7+3FXaCbBSXRzO8y8n2iXwgiQmuRLI3nT4Ol13jKZ
XgZMuF5YInOh3ZIP1fC9rJRkmxL/krkxyshEgGg2m/0W+FPp1JKFaPteNG+sWU/5
+f3dohneSDGYH44q2774d+UaTM3rwih/7Odeqwv+Q/tj0W1msORT2CTfi5qaV3qH
6Ya+oFQ8zPNB
-----END CERTIFICATE-----
</CertificateData>
</CAExportResponse>
CSRCreateRequest
Create an SSL Certificate Signing Request (CSR).
This element has the following structure.
<CSRCreateRequest>
<ID>...</ID>
<KeyName>...</KeyName>
<CommonName>...</CommonName>
<OrganizationName>...</OrganizationName> #optional
<OrganizationalUnitName>...</OrganizationalUnitName> #optional
<Locality>...</Locality> #optional
<StateProvinceName>...</StateProvinceName> #optional
<CountryName>...</CountryName> #optional
<EmailAddr>...</EmailAddr> #optional
<SignatureAlgorithm>...</SignatureAlgorithm> #optional
<ExtensionList> #optional
<SubjectAlternativeName> #optional
<DNS>...</DNS> #optional
<IpAddr>...</IpAddr> #optional
</SubjectAlternativeName> #optional
<KeyUsages> #optional
<Usage>...</Usage> #optional
</KeyUsages> #optional
<ExtendedKeyUsages> #optional
<Usage>...</Usage> #optional
</ExtendedKeyUsages> #optional
<SubjectKeyIdentifierHash/> #optional
<BasicConstraintsCA>...</BasicConstraintsCA> #optional
<BasicConstraintsMaxPathLength>...</BasicConstraintsMaxPathLength> #optional
</ExtensionList>
</CSRCreateRequest>
Element | Description |
---|---|
ID | Contains the user-specified request ID. |
KeyName | Contains the key name for an existing asymmetric key. |
CommonName | Contains the common name for the certificate. This value is exported when the certificate is exported. This value must be between 1 and 128 characters inclusive. |
OrganizationName | Contains the name of your organization. |
OrganizationalUnitName | Contains the name of your organizational unit. |
Locality | Contains your city or town. |
StateProvinceName | Contains your state or province. |
CountryName | Contains your country. This value must be two characters long. |
EmailAddr | Contains your email address. This value must be 128 or fewer characters. This element is optional. |
SignatureAlgorithm | Contains the Signature algorithm to create a CSR. Permitted values for RSA Keys: • sha512WithRSA • sha384WithRSA • sha256WithRSA (default) • sha1WithRSA. Permitted values for EC keys: • ecdsaWithSHA512 • ecdsaWithSHA384 • ecdsaWithSHA256 (default) • and ecdsaWithSHA1 |
ExtensionList | Contains extensions. This tag is optional. |
SubjectAlternativeName | Contains alternative common names for the certificate.This tag is mandatory if you input an |
KeyUsages | Contains Usage tags with key usages. |
ExtendedKeyUsages | Contains Usage tags with key usages. |
Usage | Contains the KeyUsages or ExtendedKeyUsages elements. Permitted key usages: • digitalSignature • contentCommitment • keyEncipherment • dataEncipherment • keyAgreement • keyCertSign • crlSign • encipherOnly • decipherOnly Permitted extended key usages: • serverAuth • clientAuth • codeSigning • emailProtection • ipsecEndSystem • ipsecTunnel • ipsecUser • timeStamping • ocspSigning • microsoftServerGatedCrypto • netscapeServerGatedCrypto • microsoftCommercialCodeSigning • microsoftKernelCodeSigning |
SubjectKeyIdentifierHash | Sets the Subject Key Identifier extension as the hash of the public key. |
BasicConstraintsCA | Contains the boolean value for basic constraints CA extension. |
BasicConstraintsMaxPathLength | Contains the integer value for basic constraints CA path length extension. |
DNS | Contains DNS address. |
IpAddr | Contains IP address. |
CSRCreateResponse
Server response to
<CSRCreateResponse>
<ID>...</ID>
<Success>...</Success>
<CSRData>
</CSRData>
</CSRCreateResponse>
Element | Description |
---|---|
ID | Contains the user-specified request ID. |
Success | Indicates if the operation was successful. true indicates success. false indicates failure. When the operation is successful, the response element will contain the CSRData element described below. When the operation fails, the response element contains the FatalError and ErrorString elements to illustrate why the failure occurred and help you troubleshoot. For a list of possible error IDs and strings, see Error Messages. |
CSRData | Contains the certificate signing request data. |
Creating a CSR Example
<CSRCreateRequest>
<ID>1</ID>
<KeyName>test_key</KeyName>
<CommonName>itest</CommonName>
<OrganizationName>Organization</OrganizationName>
<OrganizationalUnitName>OrganizationalUnit</OrganizationalUnitName>
<Locality>City</Locality>
<StateProvinceName>State</StateProvinceName>
<CountryName>US</CountryName>
<EmailAddr>safe-net@gmail.com</EmailAddr>
<ExtensionList>
<SubjectAlternativeName>
<DNS>www.safe-net.com</DNS>
<DNS>www.safe-net.org</DNS>
<DNS>www.safe-net.net</DNS>
<IpAddr>192.168.0.1</IpAddr>
<IpAddr>192.168.0.2</IpAddr>
</SubjectAlternativeName>
</ExtensionList>
</CSRCreateRequest>
<CSRCreateResponse>
<ID>1</ID>
<Success>true</Success>
<CSRData>-----BEGIN CERTIFICATE REQUEST-----
MIIDODCCAiACAQAwgZMxDjAMBgNVBAMTBWl0ZXN0MRUwEwYDVQQKEwxPcmdhbml6
YXRpb24xGzAZBgNVBAsTEk9yZ2FuaXphdGlvbmFsVW5pdDENMAsGA1UEBxMEQ2l0
eTEOMAwGA1UECBMFU3RhdGUxCzAJBgNVBAYTAlVTMSEwHwYJKoZIhvcNAQkBFhJz
YWZlLW5ldEBnbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD0K4dKRfI+e4xAjYSjO9q9891Em5NxEpmYbPUlLDd03sAg2E4wjfCjFMrVLjGC
UHbx1aI8rg7ktYzkTn4EpmUcObDHjO1KLk+h3a7TFJ3Ywd9rtBHzPizJoJlAXA1K
vTijNekJ7Y6UCfCAqht5wxbG61eQK4x8STbMglxUS10v60txCw8gjqA5O8h7QKkK
CQNa94JAt5Tsvhxsev3J1lEsLV0VR8teW233LfzzmhJacAMy2amtVMyE2qyk0w7c
s0C00MiN2M1lqFkwSpxFLTtlEqziWXwivByxyfdAJ6DWiM7ONxUT8+V04mNEU9Lm
vtvjjRtgucK9TRwm81Tl1TX3AgMBAAGgXzBdBgkqhkiG9w0BCQ4xUDBOMEwGA1Ud
EQRFMEKCEHd3dy5zYWZlLW5ldC5jb22CEHd3dy5zYWZlLW5ldC5vcmeCEHd3dy5z
YWZlLW5ldC5uZXSHBKwUCryHBKwUCrRRMA0GCSqGSIb3DQEBCwUAA4IBAQBNzW5K
IMQpC17Bg2dyA13YQRDzLLYrNEWj3HyQa4w/XB0rHQlr+6eyJ3h0LRAk79bDpT3Q
pvVDQxKVZ7eu8ALlilgfYT241zdQoQ+Q7CyPtKHK9YLEpgIA2CTnShdY08YnYacO
Z1hpaI90PqrVeePJhhrDhmO5/OGxHBZ/o2aJ6yYNUspBA16W2jN17lQaXU3zJDg2
m1A9M05FYyTrB7QJTy6DbjmibB/R105LOy1kuIze9ms05qsG8bwJNr2PcawtxiC0
XqUsy28Xw3GL856Cz0AmYaQYg00XqBGTxbpq/ZQ/Ngs/RDg1Kqozasq4+bU0bH7u
6hitFULJ6FfjKhtg
-----END CERTIFICATE REQUEST-----
</CSRData>
</CSRCreateResponse>
CertificateSignRequest
Sign an SSL certificate with an existing local certificate authority (CA).
This element has the following structure.
<CertificateSignRequest>
<ID>...</ID>
<CAName>...</CAName>
<CertificateUsage>...</CertificateUsage>
<CertificateExpiry>...</CertificateExpiry>
<CSRData>
</CSRData>
</CertificateSignRequest>
Element | Description |
---|---|
ID | Contains the user-specified request ID. |
CAName | Contains the ID/Name of the Certificate Authority (CA) that signs the certificate. This must be an existing Local CA on the CipherTrust Manager. |
CertificateUsage | Indicates whether the certificate is used for a Client, the Server, or an Intermediate CA. |
CertificateExpiry | Contains the certificate expiry time in days. For example, a value of 365 indicates that the certificate expires 365 days from the creation date. |
CSRData | Contains the certificate signing request data. |
CertificateSignResponse
Server response to CertificateSignRequest.
<CertificateSignResponse>
<ID>...</ID>
<Success>...</Success>
<CertificateData>
</CertificateData>
</CertificateSignResponse>
Element | Description |
---|---|
ID | Contains the user-specified request ID. |
Success | Indicates if the operation was successful. true indicates success. false indicates failure. When the operation is successful, the response element will contain the CertificateData element described below. When the operation fails, the response element contains the FatalError and ErrorString elements to illustrate why the failure occurred and help you troubleshoot. For a list of possible error IDs and strings, see Error Messages. Once a certificate is successfully signed, it can be viewed on the signing local CA's page in the console, as described in Certificate Authority. |
CertificateData | Contains the certificate data. |
Signing an SSL certificate with a Local CA example
<CertificateSignRequest>
<ID>1</ID>
<CAName>testCA</CAName>
<CertificateUsage>Client</CertificateUsage>
<CertificateExpiry>365</CertificateExpiry>
<CSRData>-----BEGIN CERTIFICATE REQUEST-----
MIIDODCCAiACAQAwgZMxDjAMBgNVBAMTBWl0ZXN0MRUwEwYDVQQKEwxPcmdhbml6
YXRpb24xGzAZBgNVBAsTEk9yZ2FuaXphdGlvbmFsVW5pdDENMAsGA1UEBxMEQ2l0
eTEOMAwGA1UECBMFU3RhdGUxCzAJBgNVBAYTAlVTMSEwHwYJKoZIhvcNAQkBFhJz
YWZlLW5ldEBnbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD0K4dKRfI+e4xAjYSjO9q9891Em5NxEpmYbPUlLDd03sAg2E4wjfCjFMrVLjGC
UHbx1aI8rg7ktYzkTn4EpmUcObDHjO1KLk+h3a7TFJ3Ywd9rtBHzPizJoJlAXA1K
vTijNekJ7Y6UCfCAqht5wxbG61eQK4x8STbMglxUS10v60txCw8gjqA5O8h7QKkK
CQNa94JAt5Tsvhxsev3J1lEsLV0VR8teW233LfzzmhJacAMy2amtVMyE2qyk0w7c
s0C00MiN2M1lqFkwSpxFLTtlEqziWXwivByxyfdAJ6DWiM7ONxUT8+V04mNEU9Lm
vtvjjRtgucK9TRwm81Tl1TX3AgMBAAGgXzBdBgkqhkiG9w0BCQ4xUDBOMEwGA1Ud
EQRFMEKCEHd3dy5zYWZlLW5ldC5jb22CEHd3dy5zYWZlLW5ldC5vcmeCEHd3dy5z
YWZlLW5ldC5uZXSHBKwUCryHBKwUCrRRMA0GCSqGSIb3DQEBCwUAA4IBAQBNzW5K
IMQpC17Bg2dyA13YQRDzLLYrNEWj3HyQa4w/XB0rHQlr+6eyJ3h0LRAk79bDpT3Q
pvVDQxKVZ7eu8ALlilgfYT241zdQoQ+Q7CyPtKHK9YLEpgIA2CTnShdY08YnYacO
Z1hpaI90PqrVeePJhhrDhmO5/OGxHBZ/o2aJ6yYNUspBA16W2jN17lQaXU3zJDg2
m1A9M05FYyTrB7QJTy6DbjmibB/R105LOy1kuIze9ms05qsG8bwJNr2PcawtxiC0
XqUsy28Xw3GL856Cz0AmYaQYg00XqBGTxbpq/ZQ/Ngs/RDg1Kqozasq4+bU0bH7u
6hitFULJ6FfjKhtg
-----END CERTIFICATE REQUEST-----
</CSRData>
</CertificateSignRequest>
<CertificateSignResponse>
<ID>1</ID>
<Success>true</Success>
<CertificateData>-----BEGIN CERTIFICATE-----
MIID7jCCAtagAwIBAgICW+cwDQYJKoZIhvcNAQELBQAwcDELMAkGA1UEBhMCQ0Ex
EDAOBgNVBAgTB09udGFyaW8xDzANBgNVBAcTBk90dGF3YTENMAsGA1UEChMEc2Zu
dDENMAsGA1UECxMEc2ZudDEPMA0GA1UEAxMGdGVzdENBMQ8wDQYJKoZIhvcNAQkB
FgAwHhcNMTQxMTAyMTYwMTAxWhcNMTUxMTAzMTYwMTAxWjCBkzELMAkGA1UEBhMC
VVMxDjAMBgNVBAgTBVN0YXRlMQ0wCwYDVQQHEwRDaXR5MRUwEwYDVQQKEwxPcmdh
bml6YXRpb24xGzAZBgNVBAsTEk9yZ2FuaXphdGlvbmFsVW5pdDEOMAwGA1UEAxMF
aXRlc3QxITAfBgkqhkiG9w0BCQEWEnNhZmUtbmV0QGdtYWlsLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQrh0pF8j57jECNhKM72r3z3USbk3ES
mZhs9SUsN3TewCDYTjCN8KMUytUuMYJQdvHVojyuDuS1jOROfgSmZRw5sMeM7Uou
T6HdrtMUndjB32u0EfM+LMmgmUBcDUq9OKM16QntjpQJ8ICqG3nDFsbrV5ArjHxJ
NsyCXFRLXS/rS3ELDyCOoDk7yHtAqQoJA1r3gkC3lOy+HGx6/cnWUSwtXRVHy15b
bfct/POaElpwAzLZqa1UzITarKTTDtyzQLTQyI3YzWWoWTBKnEUtO2USrOJZfCK8
HLHJ90AnoNaIzs43FRPz5XTiY0RT0ua+2+ONG2C5wr1NHCbzVOXVNfcCAwEAAaNu
MGwwCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCB4AwTAYDVR0RBEUwQoIQd3d3
LnNhZmUtbmV0LmNvbYIQd3d3LnNhZmUtbmV0Lm9yZ4IQd3d3LnNhZmUtbmV0Lm5l
dIcErBQKvIcErBQKtFEwDQYJKoZIhvcNAQELBQADggEBAIOWj0InbbZfMIFrBJSN
klnBGrIycdofjQ+TrlTMgsE3uNGUg/XjQ9mTUVox5MBcTuo5Y6zWxjFDMb4O6si9
bU4dbGUMzineFSw8GzPZabDHk4yUonLSplK6FM58h5XpCjywKedwZe5ffTc3nQHl
1HiXsztatUuntecFFnBQGcn2vv/UQBFOUHLOag9R7oRdCo7m90rCwTXqB1TUA0jy
EWNHpr14vtzQSefeVblNVOQzWTKrhtoOvVBWixPht7/m4FCl2VFUbT3/80spqFsW
XYAHr9XR2v3lzte1RUaTJuSCua/a8IzA/E9vTTLhmta1jDs2iqFUFutUvOdkxo7E
d88=
-----END CERTIFICATE-----
</CertificateData>
</CertificateSignResponse>