From 7ed6c055f69f357fc06459b44a914383274a9ab2 Mon Sep 17 00:00:00 2001 From: Ryar Nyah Date: Mon, 15 Nov 2021 22:23:48 +0100 Subject: [PATCH] Add tests on ZK mTLS & fix zk tls load config --- library/kafka_acl.py | 4 + library/kafka_acls.py | 4 + library/kafka_lib.py | 8 + library/kafka_quotas.py | 8 + library/kafka_topic.py | 8 + library/kafka_topics.py | 8 + module_utils/kafka_lib_commons.py | 12 +- module_utils/kafka_manager.py | 2 +- molecule/default/molecule.yml | 35 +++-- molecule/default/tests/ansible_utils.py | 52 ++++++- molecule/default/tests/test_ssl_default.py | 71 ++++++++- molecule/default/tls/ca/ca.cert.pem | 34 ++--- molecule/default/tls/ca/ca.key.pem | 50 +++--- molecule/default/tls/ca/index.txt | 2 +- molecule/default/tls/ca/newcerts/1000.pem | 30 ++-- molecule/default/tls/cacert.pem | 64 ++++---- molecule/default/tls/client/client.cert.pem | 32 ++-- molecule/default/tls/client/client.csr.pem | 28 ++-- molecule/default/tls/client/client.key.pem | 50 +++--- molecule/default/tls/generate.sh | 27 +++- molecule/default/tls/intermediate/index.txt | 5 +- .../default/tls/intermediate/index.txt.old | 3 +- .../tls/intermediate/intermediate.cert.pem | 30 ++-- .../tls/intermediate/intermediate.csr.pem | 24 +-- .../tls/intermediate/intermediate.key.pem | 50 +++--- .../tls/intermediate/newcerts/1000.pem | 28 ++-- .../tls/intermediate/newcerts/1001.pem | 37 ++--- .../tls/intermediate/newcerts/1002.pem | 20 +++ molecule/default/tls/intermediate/serial | 2 +- molecule/default/tls/intermediate/serial.old | 2 +- .../default/tls/keystore/server-keystore.jks | Bin 0 -> 4236 bytes .../default/tls/keystore/server-keystore.p12 | Bin 4604 -> 4604 bytes .../tls/keystore/server-truststore.jks | Bin 0 -> 1022 bytes .../tls/keystore/server-truststore.p12 | Bin 1258 -> 0 bytes molecule/default/tls/keystore/zk-keystore.jks | Bin 0 -> 4204 bytes molecule/default/tls/keystore/zk-keystore.p12 | Bin 0 -> 4572 bytes .../default/tls/keystore/zk-truststore.jks | Bin 0 -> 1022 bytes .../default/tls/openssl-intermediate-ca.cnf | 2 +- molecule/default/tls/server.pem | 142 +++++++++--------- molecule/default/tls/server/server.cert.pem | 28 ++-- molecule/default/tls/server/server.csr.pem | 24 +-- molecule/default/tls/server/server.key.pem | 50 +++--- molecule/default/tls/zk.pem | 93 ++++++++++++ molecule/default/tls/zk/server.cert.pem | 21 +++ molecule/default/tls/zk/server.csr.pem | 18 +++ molecule/default/tls/zk/server.key.pem | 27 ++++ molecule/default/zoo-tls.cfg | 19 +++ 47 files changed, 771 insertions(+), 383 deletions(-) create mode 100644 molecule/default/tls/intermediate/newcerts/1002.pem create mode 100644 molecule/default/tls/keystore/server-keystore.jks create mode 100644 molecule/default/tls/keystore/server-truststore.jks delete mode 100644 molecule/default/tls/keystore/server-truststore.p12 create mode 100644 molecule/default/tls/keystore/zk-keystore.jks create mode 100644 molecule/default/tls/keystore/zk-keystore.p12 create mode 100644 molecule/default/tls/keystore/zk-truststore.jks create mode 100644 molecule/default/tls/zk.pem create mode 100644 molecule/default/tls/zk/server.cert.pem create mode 100644 molecule/default/tls/zk/server.csr.pem create mode 100644 molecule/default/tls/zk/server.key.pem create mode 100644 molecule/default/zoo-tls.cfg diff --git a/library/kafka_acl.py b/library/kafka_acl.py index 7971ee7b..465431d1 100644 --- a/library/kafka_acl.py +++ b/library/kafka_acl.py @@ -26,6 +26,10 @@ log.addHandler(logging.StreamHandler(sys.stdout)) log.setLevel(logging.INFO) +log = logging.getLogger('kazoo.client') +log.addHandler(logging.StreamHandler(sys.stdout)) +log.setLevel(logging.INFO) + ANSIBLE_METADATA = {'metadata_version': '1.0'} diff --git a/library/kafka_acls.py b/library/kafka_acls.py index f19e8ef8..f81815f8 100644 --- a/library/kafka_acls.py +++ b/library/kafka_acls.py @@ -26,6 +26,10 @@ log.addHandler(logging.StreamHandler(sys.stdout)) log.setLevel(logging.INFO) +log = logging.getLogger('kazoo.client') +log.addHandler(logging.StreamHandler(sys.stdout)) +log.setLevel(logging.INFO) + ANSIBLE_METADATA = {'metadata_version': '1.0'} diff --git a/library/kafka_lib.py b/library/kafka_lib.py index 94eaadcc..7a882b0b 100644 --- a/library/kafka_lib.py +++ b/library/kafka_lib.py @@ -25,6 +25,10 @@ log.addHandler(logging.StreamHandler(sys.stdout)) log.setLevel(logging.INFO) +log = logging.getLogger('kazoo.client') +log.addHandler(logging.StreamHandler(sys.stdout)) +log.setLevel(logging.INFO) + ANSIBLE_METADATA = {'metadata_version': '1.0'} @@ -109,6 +113,10 @@ description: - 'when zookeeper is configured to use authentication, value used to ' - 'connect.' + zookeeper_use_ssl: + description: + - 'force using ssl for zookeeper connection.' + default: False zookeeper_ssl_check_hostname: description: - 'when using ssl for zookeeper, check if certificate for hostname is ' diff --git a/library/kafka_quotas.py b/library/kafka_quotas.py index c976de81..072d7e33 100644 --- a/library/kafka_quotas.py +++ b/library/kafka_quotas.py @@ -24,6 +24,10 @@ log.addHandler(logging.StreamHandler(sys.stdout)) log.setLevel(logging.INFO) +log = logging.getLogger('kazoo.client') +log.addHandler(logging.StreamHandler(sys.stdout)) +log.setLevel(logging.INFO) + ANSIBLE_METADATA = {'metadata_version': '1.0'} @@ -58,6 +62,10 @@ description: - 'when zookeeper is configured to use authentication, value used to ' - 'connect.' + zookeeper_use_ssl: + description: + - 'force using ssl for zookeeper connection.' + default: False zookeeper_ssl_check_hostname: description: - 'when using ssl for zookeeper, check if certificate for hostname is ' diff --git a/library/kafka_topic.py b/library/kafka_topic.py index e93d35f7..6460eb8f 100644 --- a/library/kafka_topic.py +++ b/library/kafka_topic.py @@ -24,6 +24,10 @@ log.addHandler(logging.StreamHandler(sys.stdout)) log.setLevel(logging.INFO) +log = logging.getLogger('kazoo.client') +log.addHandler(logging.StreamHandler(sys.stdout)) +log.setLevel(logging.INFO) + ANSIBLE_METADATA = {'metadata_version': '1.0'} @@ -73,6 +77,10 @@ description: - 'when zookeeper is configured to use authentication, value used to ' - 'connect.' + zookeeper_use_ssl: + description: + - 'force using ssl for zookeeper connection.' + default: False zookeeper_ssl_check_hostname: description: - 'when using ssl for zookeeper, check if certificate for hostname is ' diff --git a/library/kafka_topics.py b/library/kafka_topics.py index 5eb4579d..941a3036 100644 --- a/library/kafka_topics.py +++ b/library/kafka_topics.py @@ -24,6 +24,10 @@ log.addHandler(logging.StreamHandler(sys.stdout)) log.setLevel(logging.INFO) +log = logging.getLogger('kazoo.client') +log.addHandler(logging.StreamHandler(sys.stdout)) +log.setLevel(logging.INFO) + ANSIBLE_METADATA = {'metadata_version': '1.0'} @@ -58,6 +62,10 @@ description: - 'when zookeeper is configured to use authentication, value used to ' - 'connect.' + zookeeper_use_ssl: + description: + - 'force using ssl for zookeeper connection.' + default: False zookeeper_ssl_check_hostname: description: - 'when using ssl for zookeeper, check if certificate for hostname is ' diff --git a/module_utils/kafka_lib_commons.py b/module_utils/kafka_lib_commons.py index b9879f3e..ca4d7a94 100644 --- a/module_utils/kafka_lib_commons.py +++ b/module_utils/kafka_lib_commons.py @@ -158,6 +158,8 @@ zookeeper_sleep_time=dict(type='int', required=False, default=5), zookeeper_max_retries=dict(type='int', required=False, default=5), + + zookeeper_use_ssl=dict(type='bool', required=False, default=False), ) module_commons = dict( @@ -323,10 +325,12 @@ def get_zookeeper_configuration(params): zookeeper_ssl_cafile, zookeeper_ssl_certfile, zookeeper_ssl_keyfile ) - zookeeper_use_ssl = bool( - zookeeper_ssl_files['keyfile']['path'] is not None and - zookeeper_ssl_files['certfile']['path'] is not None - ) + zookeeper_use_ssl = params.get('zookeeper_use_ssl', bool( + ( + zookeeper_ssl_files['keyfile']['path'] is not None and + zookeeper_ssl_files['certfile']['path'] is not None + ) or zookeeper_ssl_files['cafile']['path'] is not None + )) zookeeper_auth = [] if zookeeper_auth_value != '': diff --git a/module_utils/kafka_manager.py b/module_utils/kafka_manager.py index 62669b15..02c2a24a 100644 --- a/module_utils/kafka_manager.py +++ b/module_utils/kafka_manager.py @@ -100,7 +100,7 @@ def init_zk_client(self): self.zk_client.start() except Exception as e: raise ZookeeperBroken( - msg='Error while initializing Zookeeper client : ' + 'Error while initializing Zookeeper client : ' '%s. Is your Zookeeper server available and ' 'running on \'%s\'?' % (e, self.zk_configuration['hosts']) ) diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 0b823da5..8fcc0bf1 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -16,7 +16,7 @@ platforms: /bin/bash -c '/usr/local/bin/python -m pip install -r /src/requirements.txt && trap : TERM INT; sleep infinity & wait' volumes: - ${MOLECULE_PROJECT_DIRECTORY}:/src - - ${MOLECULE_SCENARIO_DIRECTORY}/tls:/opt/kafka/tls + - ${MOLECULE_SCENARIO_DIRECTORY}/tls:/opt/tls groups: - executors networks: @@ -53,10 +53,10 @@ platforms: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: PLAIN KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true" KAFKA_OPTS: -Djava.security.auth.login.config=/opt/kafka/jaas/kafka_server_jaas.conf - KAFKA_SSL_KEYSTORE_LOCATION: /opt/kafka/tls/keystore/server-keystore.p12 + KAFKA_SSL_KEYSTORE_LOCATION: /opt/kafka/tls/keystore/server-keystore.jks KAFKA_SSL_KEYSTORE_PASSWORD: password KAFKA_SSL_KEY_PASSWORD: password - KAFKA_SSL_TRUSTSTORE_LOCATION: /opt/kafka/tls/keystore/server-truststore.p12 + KAFKA_SSL_TRUSTSTORE_LOCATION: /opt/kafka/tls/keystore/server-truststore.jks KAFKA_SSL_TRUSTSTORE_PASSWORD: password KAFKA_SSL_CLIENT_AUTH: required published_ports: @@ -89,10 +89,10 @@ platforms: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: PLAIN KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true" KAFKA_OPTS: -Djava.security.auth.login.config=/opt/kafka/jaas/kafka_server_jaas.conf - KAFKA_SSL_KEYSTORE_LOCATION: /opt/kafka/tls/keystore/server-keystore.p12 + KAFKA_SSL_KEYSTORE_LOCATION: /opt/kafka/tls/keystore/server-keystore.jks KAFKA_SSL_KEYSTORE_PASSWORD: password KAFKA_SSL_KEY_PASSWORD: password - KAFKA_SSL_TRUSTSTORE_LOCATION: /opt/kafka/tls/keystore/server-truststore.p12 + KAFKA_SSL_TRUSTSTORE_LOCATION: /opt/kafka/tls/keystore/server-truststore.jks KAFKA_SSL_TRUSTSTORE_PASSWORD: password KAFKA_SSL_CLIENT_AUTH: required published_ports: @@ -136,10 +136,10 @@ platforms: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: PLAIN KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true" KAFKA_OPTS: -Djava.security.auth.login.config=/opt/kafka/jaas/kafka_server_jaas.conf - KAFKA_SSL_KEYSTORE_LOCATION: /opt/kafka/tls/keystore/server-keystore.p12 + KAFKA_SSL_KEYSTORE_LOCATION: /opt/kafka/tls/keystore/server-keystore.jks KAFKA_SSL_KEYSTORE_PASSWORD: password KAFKA_SSL_KEY_PASSWORD: password - KAFKA_SSL_TRUSTSTORE_LOCATION: /opt/kafka/tls/keystore/server-truststore.p12 + KAFKA_SSL_TRUSTSTORE_LOCATION: /opt/kafka/tls/keystore/server-truststore.jks KAFKA_SSL_TRUSTSTORE_PASSWORD: password KAFKA_SSL_CLIENT_AUTH: required published_ports: @@ -172,10 +172,10 @@ platforms: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: PLAIN KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true" KAFKA_OPTS: -Djava.security.auth.login.config=/opt/kafka/jaas/kafka_server_jaas.conf - KAFKA_SSL_KEYSTORE_LOCATION: /opt/kafka/tls/keystore/server-keystore.p12 + KAFKA_SSL_KEYSTORE_LOCATION: /opt/kafka/tls/keystore/server-keystore.jks KAFKA_SSL_KEYSTORE_PASSWORD: password KAFKA_SSL_KEY_PASSWORD: password - KAFKA_SSL_TRUSTSTORE_LOCATION: /opt/kafka/tls/keystore/server-truststore.p12 + KAFKA_SSL_TRUSTSTORE_LOCATION: /opt/kafka/tls/keystore/server-truststore.jks KAFKA_SSL_TRUSTSTORE_PASSWORD: password KAFKA_SSL_CLIENT_AUTH: required published_ports: @@ -192,16 +192,21 @@ platforms: - kafka # 2.6.0 - name: zookeeper-260 - image: zookeeper:3.4 + image: zookeeper:3.6 command: "bin/zkServer.sh start-foreground" published_ports: - "2181" + - "2281" networks: - name: molecule aliases: - zookeeper-260 + volumes: + - ${MOLECULE_SCENARIO_DIRECTORY}/zoo-tls.cfg:/conf/zoo.cfg + - ${MOLECULE_SCENARIO_DIRECTORY}/tls:/opt/zookeeper/tls groups: - zookeeper + - zookeeper-tls - name: kafka1-260 hostname: kafka1-260 image: wurstmeister/kafka:2.13-2.6.0 @@ -219,10 +224,10 @@ platforms: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: PLAIN KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true" KAFKA_OPTS: -Djava.security.auth.login.config=/opt/kafka/jaas/kafka_server_jaas.conf - KAFKA_SSL_KEYSTORE_LOCATION: /opt/kafka/tls/keystore/server-keystore.p12 + KAFKA_SSL_KEYSTORE_LOCATION: /opt/kafka/tls/keystore/server-keystore.jks KAFKA_SSL_KEYSTORE_PASSWORD: password KAFKA_SSL_KEY_PASSWORD: password - KAFKA_SSL_TRUSTSTORE_LOCATION: /opt/kafka/tls/keystore/server-truststore.p12 + KAFKA_SSL_TRUSTSTORE_LOCATION: /opt/kafka/tls/keystore/server-truststore.jks KAFKA_SSL_TRUSTSTORE_PASSWORD: password KAFKA_SSL_CLIENT_AUTH: required published_ports: @@ -238,6 +243,7 @@ platforms: groups: - kafka - kafka1 + - kafka1_zk_tls - name: kafka2-260 hostname: kafka2-260 image: wurstmeister/kafka:2.13-2.6.0 @@ -255,10 +261,10 @@ platforms: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: PLAIN KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true" KAFKA_OPTS: -Djava.security.auth.login.config=/opt/kafka/jaas/kafka_server_jaas.conf - KAFKA_SSL_KEYSTORE_LOCATION: /opt/kafka/tls/keystore/server-keystore.p12 + KAFKA_SSL_KEYSTORE_LOCATION: /opt/kafka/tls/keystore/server-keystore.jks KAFKA_SSL_KEYSTORE_PASSWORD: password KAFKA_SSL_KEY_PASSWORD: password - KAFKA_SSL_TRUSTSTORE_LOCATION: /opt/kafka/tls/keystore/server-truststore.p12 + KAFKA_SSL_TRUSTSTORE_LOCATION: /opt/kafka/tls/keystore/server-truststore.jks KAFKA_SSL_TRUSTSTORE_PASSWORD: password KAFKA_SSL_CLIENT_AUTH: required published_ports: @@ -293,6 +299,7 @@ provisioner: instance_suffix: "111" - protocol_version: "2.6.0" instance_suffix: "260" + zk_tls: true topic_defaut_configuration: state: 'present' replica_factor: 1 diff --git a/molecule/default/tests/ansible_utils.py b/molecule/default/tests/ansible_utils.py index ec75751f..bf7711c6 100644 --- a/molecule/default/tests/ansible_utils.py +++ b/molecule/default/tests/ansible_utils.py @@ -68,20 +68,30 @@ def get_consumer_group(): 'security_protocol': 'SASL_SSL', 'sasl_plain_username': 'admin', 'sasl_plain_password': 'admin-secret', - 'ssl_cafile': '/opt/kafka/tls/cacert.pem' + 'ssl_cafile': '/opt/tls/cacert.pem' } ssl_default_configuration = { 'security_protocol': 'SSL', - 'ssl_certfile': '/opt/kafka/tls/client/client.cert.pem', - 'ssl_keyfile': '/opt/kafka/tls/client/client.key.pem', - 'ssl_cafile': '/opt/kafka/tls/cacert.pem' + 'ssl_certfile': '/opt/tls/client/client.cert.pem', + 'ssl_keyfile': '/opt/tls/client/client.key.pem', + 'ssl_cafile': '/opt/tls/cacert.pem' } +zk_ssl_default_configuration = { + 'zookeeper_ssl_certfile': '/opt/tls/client/client.cert.pem', + 'zookeeper_ssl_keyfile': '/opt/tls/client/client.key.pem', + 'zookeeper_ssl_cafile': '/opt/tls/cacert.pem', + 'zookeeper_use_ssl': True +} + + env_no_sasl = [] env_sasl = [] env_sasl_ssl = [] +env_sasl_ssl_zk_tls = [] env_ssl = [] +env_ssl_zk_tls = [] host_protocol_version = {} @@ -95,6 +105,7 @@ def get_consumer_group(): for supported_version in ansible_kafka_supported_versions: protocol_version = supported_version['protocol_version'] instance_suffix = supported_version['instance_suffix'] + zk_tls = supported_version.get('zk_tls', False) zk = testinfra.get_host( 'zookeeper-' + instance_suffix, connection='ansible', @@ -104,6 +115,9 @@ def get_consumer_group(): zk_addr = "%s:2181" % (zk.ansible.get_variables() ['ansible_eth0']['ipv4'] ['address']['__ansible_unsafe']) + zk_tls_addr = "%s:2281" % (zk.ansible.get_variables() + ['ansible_eth0']['ipv4'] + ['address']['__ansible_unsafe']) kfk1 = testinfra.get_host( 'kafka1-' + instance_suffix, connection='ansible', @@ -132,12 +146,26 @@ def get_consumer_group(): 'kfk_addr': 'kafka1-%s:%d,kafka2-%s:%d' % ( instance_suffix, 9095, instance_suffix, 9095) }) + if zk_tls: + env_sasl_ssl_zk_tls.append({ + 'protocol_version': protocol_version, + 'zk_addr': zk_tls_addr, + 'kfk_addr': 'kafka1-%s:%d,kafka2-%s:%d' % ( + instance_suffix, 9095, instance_suffix, 9095) + }) env_ssl.append({ 'protocol_version': protocol_version, 'zk_addr': zk_addr, 'kfk_addr': 'kafka1-%s:%d,kafka2-%s:%d' % ( instance_suffix, 9096, instance_suffix, 9096) }) + if zk_tls: + env_ssl_zk_tls.append({ + 'protocol_version': protocol_version, + 'zk_addr': zk_tls_addr, + 'kfk_addr': 'kafka1-%s:%d,kafka2-%s:%d' % ( + instance_suffix, 9096, instance_suffix, 9096) + }) env_no_sasl.append({ 'protocol_version': protocol_version, 'zk_addr': zk_addr, @@ -221,9 +249,13 @@ def call_kafka_lib( elif ('security_protocol' in args and args['security_protocol'] == 'SASL_SSL'): envs = env_sasl_ssl + if 'zookeeper_use_ssl' in args: + envs = env_sasl_ssl_zk_tls elif ('security_protocol' in args and args['security_protocol'] == 'SSL'): envs = env_ssl + if 'zookeeper_use_ssl' in args: + envs = env_ssl_zk_tls else: envs = env_no_sasl for env in envs: @@ -254,9 +286,13 @@ def call_kafka_topic_with_zk( elif ('security_protocol' in args and args['security_protocol'] == 'SASL_SSL'): envs = env_sasl_ssl + if 'zookeeper_use_ssl' in args: + envs = env_sasl_ssl_zk_tls elif ('security_protocol' in args and args['security_protocol'] == 'SSL'): envs = env_ssl + if 'zookeeper_use_ssl' in args: + envs = env_ssl_zk_tls else: envs = env_no_sasl for env in envs: @@ -364,9 +400,13 @@ def call_kafka_quotas( elif ('security_protocol' in args and args['security_protocol'] == 'SASL_SSL'): envs = env_sasl_ssl + if 'zookeeper_use_ssl' in args: + envs = env_sasl_ssl_zk_tls elif ('security_protocol' in args and args['security_protocol'] == 'SSL'): envs = env_ssl + if 'zookeeper_use_ssl' in args: + envs = env_ssl_zk_tls else: envs = env_no_sasl for env in envs: @@ -432,9 +472,13 @@ def call_kafka_acl( elif ('security_protocol' in args and args['security_protocol'] == 'SASL_SSL'): envs = env_sasl_ssl + if 'zookeeper_use_ssl' in args: + envs = env_sasl_ssl_zk_tls elif ('security_protocol' in args and args['security_protocol'] == 'SSL'): envs = env_ssl + if 'zookeeper_use_ssl' in args: + envs = env_ssl_zk_tls else: envs = env_no_sasl for env in envs: diff --git a/molecule/default/tests/test_ssl_default.py b/molecule/default/tests/test_ssl_default.py index e238824b..32edd80e 100644 --- a/molecule/default/tests/test_ssl_default.py +++ b/molecule/default/tests/test_ssl_default.py @@ -12,7 +12,8 @@ ssl_default_configuration, ensure_kafka_quotas, get_entity_name, check_configured_quotas_kafka, ensure_idempotency, - check_configured_quotas_zookeeper + check_configured_quotas_zookeeper, + zk_ssl_default_configuration ) runner = testinfra.utils.ansible_runner.AnsibleRunner( @@ -35,6 +36,22 @@ ): zookeeper_hosts[host] = host.ansible.get_variables() +kafka_zk_tls_hosts = dict() +for host in testinfra.get_hosts( + ['kafka1_zk_tls'], + connection='ansible', + ansible_inventory=os.environ['MOLECULE_INVENTORY_FILE'] +): + kafka_zk_tls_hosts[host] = host.ansible.get_variables() + +zookeeper_tls_hosts = dict() +for host in testinfra.get_hosts( + ['zookeeper-tls'], + connection='ansible', + ansible_inventory=os.environ['MOLECULE_INVENTORY_FILE'] +): + zookeeper_tls_hosts[host] = host.ansible.get_variables() + def test_quotas_create_sasl_ssl(host): """ @@ -193,3 +210,55 @@ def test_quotas_create_ssl_full_text(host): check_configured_quotas_zookeeper(host, test_quotas_configuration, zk_addr) + + +def test_quotas_create_sasl_ssl_zk_ssl(host): + """ + Check if can create quotas + """ + # Given + test_quotas_configuration = quotas_default_configuration.copy() + test_quotas_configuration.update({ + 'entries': [{ + 'entity': { + 'client': get_entity_name(), + 'user': get_entity_name() + }, + 'quotas': { + 'producer_byte_rate': 104101 + } + }] + }) + test_quotas_configuration.update(sasl_ssl_default_configuration) + test_quotas_configuration.update(zk_ssl_default_configuration) + ensure_kafka_quotas( + host, + test_quotas_configuration + ) + time.sleep(0.3) + # When + test_quotas_configuration['entries'][0].update({ + 'quotas': { + 'producer_byte_rate': 104101, + 'consumer_byte_rate': 104101 + } + }) + ensure_idempotency( + ensure_kafka_quotas, + host, + test_quotas_configuration + ) + time.sleep(0.3) + # Then + for host, host_vars in kafka_zk_tls_hosts.items(): + kfk_addr = "%s:9094" % \ + host_vars['ansible_eth0']['ipv4']['address']['__ansible_unsafe'] + check_configured_quotas_kafka(host, + test_quotas_configuration, + kfk_addr) + for host, host_vars in zookeeper_tls_hosts.items(): + zk_addr = "%s:2181" % \ + host_vars['ansible_eth0']['ipv4']['address']['__ansible_unsafe'] + check_configured_quotas_zookeeper(host, + test_quotas_configuration, + zk_addr) diff --git a/molecule/default/tls/ca/ca.cert.pem b/molecule/default/tls/ca/ca.cert.pem index 0531e5a9..e82ddf16 100644 --- a/molecule/default/tls/ca/ca.cert.pem +++ b/molecule/default/tls/ca/ca.cert.pem @@ -1,23 +1,23 @@ -----BEGIN CERTIFICATE----- -MIIDxzCCAq+gAwIBAgIUU5AWUWDeCMM1C5AfLqmOxDAmskswDQYJKoZIhvcNAQEL +MIIDxzCCAq+gAwIBAgIUdICn5V4KV+7fQEytfEUS/UF/oqgwDQYJKoZIhvcNAQEL BQAwajELMAkGA1UEBhMCRlIxDzANBgNVBAgMBkZyYW5jZTEOMAwGA1UEBwwFUGFy aXMxEjAQBgNVBAoMCUFsaWNlIEx0ZDESMBAGA1UECwwJQWxpY2UgTHRkMRIwEAYD -VQQDDAlBbGljZSBMdGQwIBcNMjEwODI0MTM0NDMzWhgPMjEyMTA3MzExMzQ0MzNa +VQQDDAlBbGljZSBMdGQwIBcNMjExMTE1MjA0MzA3WhgPMjEyMTEwMjIyMDQzMDda MGoxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZGcmFuY2UxDjAMBgNVBAcMBVBhcmlz MRIwEAYDVQQKDAlBbGljZSBMdGQxEjAQBgNVBAsMCUFsaWNlIEx0ZDESMBAGA1UE -AwwJQWxpY2UgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oio -edaI5iwalkJ9NCFMi6slfgMAeMSYtTYY+kgszpd2GLcEhPF9sxdi8Yz4UleGqQoQ -FqGbi1lZ6OemACM5Tql1/UOn9/d9QrgOWVUPISJxCvYYM95btDa9glvphBHdSlOV -skg9AddZdyA+aA9XkUJJ34PVzCMsWQN4R9Kb9FWmaTircZdi1zeQpV1DiNwZC3RR -lTsuCmqlG9cRJBBM3ece04EyzHC+upQUUcYhm/+aVnUCCtl9S/+74u8b2F6FWbFL -kfLRiQ2YMUhKKHc8BMF9ilMcm4/V66Mj53dsjVTjA3O2I0wc97IeVjVMA1fGeVFQ -2WYAEB81FikW2YHB3QIDAQABo2MwYTAdBgNVHQ4EFgQUOKpZgZH9PPDeBWbf0AgO -9/LB9LkwHwYDVR0jBBgwFoAUOKpZgZH9PPDeBWbf0AgO9/LB9LkwDwYDVR0TAQH/ -BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAJeNDE++ -PgMI0p8SiBz0lEgHFoaduBatko+EEpiVCGChcRyLGxymt+XVTjHoDsnUCGynAq2m -sxkXkmyLHeGqou6aI/HGSFpitTEK5S9FkK74iDoOPaDEq+Ip4msAfFulbQFcBZke -GO4Z59XD5rpMrk7E6D7t/QUx04sjbpOJ0KRIxCJnjzc+ahQK/qIcZAjjJX50+2xi -fiTJTMWrsRzpTDYjXI0JgaaD8SCEdYe7sUigFbyPe/srMtp6tqvvM+9uKOUxuVJW -kcUeWbjaezbZHB1OZzBouQjOv5hLcVliwtWHF4PVigRvogVw4y4VP8FTX9IcvtSG -OiNsHQoCEeHVuho= +AwwJQWxpY2UgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Oig +g/gTrTcWmJUaMwCce+ehBudWCZdehEfh47sF8j7o8rRzbd/9DqsC5aorIsab2YyK +XXAPAy1FmUE/DT6Tx+iCLPsb+uGV2t6MxS6dKehBtm2yrS7RpULT2NjH3kNboanB +9L4tE9Gpg7kx2Dt+RhaV6e61h6BR7hYcrpmqJ3dvuQ+rOgeOyZ6FDfZm9qlLkdqd +HSFk+j7axfPUUcCGlFG2HSaqDcsqaaV0n4qZ2/j2kUGXiFG/TJFST4qw7dlS7VIX +tm4031E80rjRvKquJosrzp55gH50g0oflbt5KFdLHOXUswyuxLwJUUJAoSRK1tNY +WWvxBKVmWmcmP/l9OwIDAQABo2MwYTAdBgNVHQ4EFgQU+QVwdQU7Y1ho92NJRhYT +nLmvSqowHwYDVR0jBBgwFoAU+QVwdQU7Y1ho92NJRhYTnLmvSqowDwYDVR0TAQH/ +BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAF1J8exK +4eTw0ruE8+HjcSkMqQu6k/BjxdCtq+aYXiydtMFMhDROpGEbyCGBaAlmxElNsQ+R +BAf7NZFyb8aoFd8O+gEZyHh2tEj2gWpT3P58imQqeYynWXtYR7p5Z3FmTFZtOmOJ +kn+62QrBmbDxsqBLUHK1JECGgpW6m4lzMXRH4p6CwJECmsQK0H25uB6knhYbk145 +lZqccIeyqbGT8c68ZC9vdL9wcPQh1VQtUKoDfH1fWcCyZUqla/TNlIOano9V34Ke +bvdBcdJYf1MaxBbJvGzckeclawRqKuY+bljKjwREpuDfnMfE1UOJbaoibPWbqxW9 +2/4UmKLTbSDz/wU= -----END CERTIFICATE----- diff --git a/molecule/default/tls/ca/ca.key.pem b/molecule/default/tls/ca/ca.key.pem index 2a5dbed3..cd418ada 100644 --- a/molecule/default/tls/ca/ca.key.pem +++ b/molecule/default/tls/ca/ca.key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA6oioedaI5iwalkJ9NCFMi6slfgMAeMSYtTYY+kgszpd2GLcE -hPF9sxdi8Yz4UleGqQoQFqGbi1lZ6OemACM5Tql1/UOn9/d9QrgOWVUPISJxCvYY -M95btDa9glvphBHdSlOVskg9AddZdyA+aA9XkUJJ34PVzCMsWQN4R9Kb9FWmaTir -cZdi1zeQpV1DiNwZC3RRlTsuCmqlG9cRJBBM3ece04EyzHC+upQUUcYhm/+aVnUC -Ctl9S/+74u8b2F6FWbFLkfLRiQ2YMUhKKHc8BMF9ilMcm4/V66Mj53dsjVTjA3O2 -I0wc97IeVjVMA1fGeVFQ2WYAEB81FikW2YHB3QIDAQABAoIBACZkSG/pVm+XOKLw -L16hNM6ILZL7GtCqHfVL7brKpcsLsCFLlEnO3iy63097LAsOmNSC+S87NSMSdU1S -3jGXkoH164KR2KUWtkJ9rpug+OELqkWJE10qQQi3DT6RnSApbHgGRrLwcEwk3FhL -xutx13vHxh/4jL7l4xSPJNlc+Hp+Wnwno2c+o45AX71sD8JTW0F0bHIRPvVXwqCa -+ylOqR4FpZEwjXF93FNukCL8fU1kqW+rHuTJGGld/Vc6gwynootaPp76VjvOCXax -qk1rICY4GKd7ZgP19qHp9ekZTX72iCH39cNBJ/GIOiyMVf/3XLtaNacglCG/iW66 -scx1smECgYEA/6FL+CdEiuwwvzhqOxPeMXwAMvCokmKSDCxfSHgwU9+PIHE3bWi+ -rZOQfHWxkUbQ1piIwT+ZgWq7G5JNzmaMvHZ3GYHfuDyWqCphrf4Sx8M+LDKtqSyG -a5u6SsBP+PAhAzvt7tD/arQN7mV0nwcquMzBca+fDUoHkPfsImrx+cMCgYEA6t+L -u4aZmfLzZNrRgGHTxdjEiigo0twvE61IKMioXLlEPr7rsFdmI9R5rTQqs5rQrX5v -PxP75g7uj2QbCzis9a2pEA2R7KwBN0/ANwJdQgQ6OqKS/jwpbMv7XrYooWyeCZM2 -j4BVNew0OuYZALBCg2VhdV8UwjqlZ9WYxCdd+98CgYBw8rbbbZZGf7fGNcoSUmQB -n1WDLHx/OZhoUo7DOX+4/3WBEyU3bWmazjGwHFyZ4R1TRFBgepZ77UnBE/LW+M7E -Ut+q4IyWHgc/RIKmWzW3GBh3dOjwb+Dw2P0GHFT5nDgp8qfdtnC0l9vz8tYFkigZ -QTdT4RI4z/Xp4vFt/6zs+wKBgQDCZcH+tTo+3IItcJtD+jRQpciOXQzk8Y8ZZyu5 -bdND46ejk1v5+Wy1rTAEdo/9Vd7wKhyjhcPRN3ymPAHSONeXBGRQwBqOXBMpl52N -KizL7jnPvC2TtXHH9dEZJAXfDcqEPE9FWL+uQNE+CqKZGkoC/Q88GTVSST4MAhNO -DxNP2wKBgGKJn4CwR97huD/Qzk57ZkGdFhKp5W6S6xs4xbNdIh164ezYRJI4kolR -ozQqJrIR1WCP6HkX39cY4BQ3ky5kI9b6XtKmqfgCBqDM2Rc5O5eZ3z32XXGOKHTT -6UFXSKDlUVKARw+0rXlnV3I+go9TUIs0ocqUCpCU+4nytdML+JOS +MIIEowIBAAKCAQEA0Oigg/gTrTcWmJUaMwCce+ehBudWCZdehEfh47sF8j7o8rRz +bd/9DqsC5aorIsab2YyKXXAPAy1FmUE/DT6Tx+iCLPsb+uGV2t6MxS6dKehBtm2y +rS7RpULT2NjH3kNboanB9L4tE9Gpg7kx2Dt+RhaV6e61h6BR7hYcrpmqJ3dvuQ+r +OgeOyZ6FDfZm9qlLkdqdHSFk+j7axfPUUcCGlFG2HSaqDcsqaaV0n4qZ2/j2kUGX +iFG/TJFST4qw7dlS7VIXtm4031E80rjRvKquJosrzp55gH50g0oflbt5KFdLHOXU +swyuxLwJUUJAoSRK1tNYWWvxBKVmWmcmP/l9OwIDAQABAoIBAG7RiByZY262U1E7 +fvthLqF3vO7ZlsVdu7C2JPjWBBB+GLpuyPCXKjk2tEG6ZEl9S706lUd9oykPQeVL +PDQ9Zs1b5HoR9sS+F+1Tsx8CXDKX1wv74xWFSYa+DXzxegzIdHosgAvhOi5SQPb0 +LaHD5XcukfXXQAqjG/MNXcetEhr+haX3+GQ2Dz/2b/n1/SEtd/soooOT+PD8/mfw +cCwzIwze3cRjbmizhS2LZJvou64tbH/fjjrUbiSx5R1sXQKdKmgG3OYFTXeNr0zI +nvcsRB8W+V9BVF0aR1sE4X8xWKVdaFBvBpj4wGXnBVgBof/sOURuO+4LW5WkhzJ6 +uwycX4ECgYEA93nYVHwWAFftD8EWw24saVE2pKEumXnt08kxaE4+WncsQVn1Hrj/ +rPfrwo1S/V7nlz5XZ3yKqbXYxoiNpWSK5lD7qqDaMfdI3gwZvtVqkrBDNv+RikL0 +nbHW7MAwl8EQmNPNLENDUvqR/FJvxRXDMPVQCR15TOW8rq2GYdoFhcECgYEA2Bq1 +qTMcpUOe4ygkwQu2YO0UaswP7AjTZjGHcewNf+QT+i8Zor81aSgdBDQ2igkj0iTx +UKRzzP8HHk5HWWhu8TzE55hx4l372HkF41eve0LypON460aIPOJ1XfhnTrhX0cgH +njkjRFa6NWop1qT3c8mGjAFFggMPAK/FwM1fmfsCgYEAxH2e8P2Q7nbhh6e07jiU +1I4iB7bebAdueMB/FSVCxstmfQDy6ZDTmD9ElrVlFj17Pg/GkClHY5Y55vBXHuHk +kxfrqj+K3y9LUNpkuqtyscN3qrxij1e4J1kjn9i8/FDTX7STbDh/xOuka6X8joxH +7aBpCsO3IwIpvLuUPi9AQUECgYA3RmWu2Jb8IpaybaMxCYjls95kDrwH2J4R5ptJ +ZWJykukVNhTtjtDfi9YYLC7DEeFqr+5VfSrthVHRy53uXYr7A1suDc0bZIS1cwcx +hk0pTw93Y4ObUlgokpgIqC/sb7RuwSZJrz25DiHk5bm74Eg3ApX6m5ymy5d7ynnf +feh1HwKBgCAz3Vqm748wHR5Z/svqlxoPy26OndrdT0VXRXtEg73mqa4Um/vvafnz +quhlBEnvYk18Ck/5jPrkSuaIcuWu8DoRgIDw9ncfkjUnpmp12xwQg1aG3XaBxLVB +hIYQYK2SvQF/CVla5al5ZrCNn9t4UZA2wdb3w9DE6St5go8vBK46 -----END RSA PRIVATE KEY----- diff --git a/molecule/default/tls/ca/index.txt b/molecule/default/tls/ca/index.txt index 2de1acc9..31a7276b 100644 --- a/molecule/default/tls/ca/index.txt +++ b/molecule/default/tls/ca/index.txt @@ -1 +1 @@ -V 21210731134434Z 1000 unknown /C=FR/ST=France/O=Alice Ltd/OU=Alice Ltd/CN=Intermediate Alice Ltd +V 21211022204307Z 1000 unknown /C=FR/ST=France/O=Alice Ltd/OU=Alice Ltd/CN=Intermediate Alice Ltd diff --git a/molecule/default/tls/ca/newcerts/1000.pem b/molecule/default/tls/ca/newcerts/1000.pem index 7d49fecf..0a3540fe 100644 --- a/molecule/default/tls/ca/newcerts/1000.pem +++ b/molecule/default/tls/ca/newcerts/1000.pem @@ -2,21 +2,21 @@ MIIDtTCCAp2gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwajELMAkGA1UEBhMCRlIx DzANBgNVBAgMBkZyYW5jZTEOMAwGA1UEBwwFUGFyaXMxEjAQBgNVBAoMCUFsaWNl IEx0ZDESMBAGA1UECwwJQWxpY2UgTHRkMRIwEAYDVQQDDAlBbGljZSBMdGQwIBcN -MjEwODI0MTM0NDM0WhgPMjEyMTA3MzExMzQ0MzRaMGcxCzAJBgNVBAYTAkZSMQ8w +MjExMTE1MjA0MzA3WhgPMjEyMTEwMjIyMDQzMDdaMGcxCzAJBgNVBAYTAkZSMQ8w DQYDVQQIDAZGcmFuY2UxEjAQBgNVBAoMCUFsaWNlIEx0ZDESMBAGA1UECwwJQWxp Y2UgTHRkMR8wHQYDVQQDDBZJbnRlcm1lZGlhdGUgQWxpY2UgTHRkMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XeZnyipMPDS6BYwHl+aYYJ4pHX8Qqz1 -GyHQSzeq2WyMkYPaNEREJ9vLHrU4VTtxWBdoGo6ox5zqe8/0OxHo/+yijhBAegh0 -Z3HGaRvIXRZBYmGdcjnesfmFCn07lUeslYr56juyiXuFXLlHBllp/shWzp1cjGWu -0fWrRF7YicpKUzWZ2A8bBvkV02KdKfDpNvAdDaMKvVsQTZNrg3Kyt4c+4SkyRdbr -cND1aLrhy/xdiVXUS4uFi+u84skZhE/8+7PWMtpGC/KlnwPSPzwNFVsw+vgWefNC -bbM92z1tqN3sX2bzxIdFJhlPmE9Rh9uZoNCNN+UHq8INvOB7XQkfbQIDAQABo2Yw -ZDAdBgNVHQ4EFgQUeQ004NyxMkINfOVA/MSw6xCcQbIwHwYDVR0jBBgwFoAUOKpZ -gZH9PPDeBWbf0AgO9/LB9LkwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E -BAMCAYYwDQYJKoZIhvcNAQELBQADggEBAJuv0J6kji/8sFltqUH3rp7JDFMHIkqE -jUrvpe4Rugshzzst0ketYM8xn4CfCK2zRShS9pMxYLudGXKlTNnpo1zCgGoQm4mp -j7yyOzceTtzbG4+XcEn3GdDi9V1+Vm2JkLhQN/rsCMbxNY8uInEVXlMVP9yZH6hh -4m/OJ+1xwPsEoc97Jh7kZMA5QhuyDPMhX0Qc+ppyYI6xCQUQPbbnab67zXwIWVB1 -6g+QSryDWyu1SZaEOAstYJ+37IfUlzD1KajfHEEtqszRQk4qViIQLNWBJEMXd+bd -za/56ju6A9OH/T7xeEyhTA8rdYUD1nITtfB0NqO28aZuICO+jIDkpmg= +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+f9pr/Lw2QRYUIUpc93Sd6XQ9xfWoXY +gozfKnfO+KyftkTBzBgiGDA1SrS+0QXTLoaE7gf9+sDpb2eokAL+lNi9UuNbAKjb +ldKPIPwyI+739qEk3TRyzFI7qctr7CXvR/xiTzWxgjF6u/sG5w6YqKdbPGqLUML0 +U5Ji4HjzgGcryo2ORw11/Fgo93qraQKt+SfvaW4+f/ZS0bDk7moJYv0oKwu/zJfR +e2Uo5e8w6Ri5j9853ohdD/R0RLnVWLcigadT/a7imuZySnRivpmGr6NsN0NJOxTv +H1Rnua/+WCJVgiiBX2zUmuW5JgHoBhLf4fWM8N6AvJNhUNvwr5gJNwIDAQABo2Yw +ZDAdBgNVHQ4EFgQUGZeCqP9qTIc4b658ZXDFcLIsEpQwHwYDVR0jBBgwFoAU+QVw +dQU7Y1ho92NJRhYTnLmvSqowEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E +BAMCAYYwDQYJKoZIhvcNAQELBQADggEBAFeKYe5zSAlguaaaSSk2csmTzIFLUtIS +7KQ9iv3f3v+0HU+Wc4yQGb8WlWnVbMoFlRjSvmJQbAcBYFRoWfJHmbBl8ul8o1fW +hL2Om21Hz8GSRKM1ndeaKiPr1i6ABJL2Im04e0ypJzDaRRuZCxQpU7JNx3eoPqZB +It1j9Odny5K+VnpanQ6hOqcG2b8gwJvwQs5u/lqk8MaRQne6A2YoynEHAOa2xCsv +3QFfODN21hv26ODwdks0ISflad740WogoOAz/UWJpgr9G60DDWdTSHO5BPUrJrNV +vv1Z0Z4+E1fElGEHGLdduGKqryIPy+8lPN8priwPtFGL0sSoskMEyBY= -----END CERTIFICATE----- diff --git a/molecule/default/tls/cacert.pem b/molecule/default/tls/cacert.pem index d09362c5..1051d263 100644 --- a/molecule/default/tls/cacert.pem +++ b/molecule/default/tls/cacert.pem @@ -2,44 +2,44 @@ MIIDtTCCAp2gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwajELMAkGA1UEBhMCRlIx DzANBgNVBAgMBkZyYW5jZTEOMAwGA1UEBwwFUGFyaXMxEjAQBgNVBAoMCUFsaWNl IEx0ZDESMBAGA1UECwwJQWxpY2UgTHRkMRIwEAYDVQQDDAlBbGljZSBMdGQwIBcN -MjEwODI0MTM0NDM0WhgPMjEyMTA3MzExMzQ0MzRaMGcxCzAJBgNVBAYTAkZSMQ8w +MjExMTE1MjA0MzA3WhgPMjEyMTEwMjIyMDQzMDdaMGcxCzAJBgNVBAYTAkZSMQ8w DQYDVQQIDAZGcmFuY2UxEjAQBgNVBAoMCUFsaWNlIEx0ZDESMBAGA1UECwwJQWxp Y2UgTHRkMR8wHQYDVQQDDBZJbnRlcm1lZGlhdGUgQWxpY2UgTHRkMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XeZnyipMPDS6BYwHl+aYYJ4pHX8Qqz1 -GyHQSzeq2WyMkYPaNEREJ9vLHrU4VTtxWBdoGo6ox5zqe8/0OxHo/+yijhBAegh0 -Z3HGaRvIXRZBYmGdcjnesfmFCn07lUeslYr56juyiXuFXLlHBllp/shWzp1cjGWu -0fWrRF7YicpKUzWZ2A8bBvkV02KdKfDpNvAdDaMKvVsQTZNrg3Kyt4c+4SkyRdbr -cND1aLrhy/xdiVXUS4uFi+u84skZhE/8+7PWMtpGC/KlnwPSPzwNFVsw+vgWefNC -bbM92z1tqN3sX2bzxIdFJhlPmE9Rh9uZoNCNN+UHq8INvOB7XQkfbQIDAQABo2Yw -ZDAdBgNVHQ4EFgQUeQ004NyxMkINfOVA/MSw6xCcQbIwHwYDVR0jBBgwFoAUOKpZ -gZH9PPDeBWbf0AgO9/LB9LkwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E -BAMCAYYwDQYJKoZIhvcNAQELBQADggEBAJuv0J6kji/8sFltqUH3rp7JDFMHIkqE -jUrvpe4Rugshzzst0ketYM8xn4CfCK2zRShS9pMxYLudGXKlTNnpo1zCgGoQm4mp -j7yyOzceTtzbG4+XcEn3GdDi9V1+Vm2JkLhQN/rsCMbxNY8uInEVXlMVP9yZH6hh -4m/OJ+1xwPsEoc97Jh7kZMA5QhuyDPMhX0Qc+ppyYI6xCQUQPbbnab67zXwIWVB1 -6g+QSryDWyu1SZaEOAstYJ+37IfUlzD1KajfHEEtqszRQk4qViIQLNWBJEMXd+bd -za/56ju6A9OH/T7xeEyhTA8rdYUD1nITtfB0NqO28aZuICO+jIDkpmg= +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+f9pr/Lw2QRYUIUpc93Sd6XQ9xfWoXY +gozfKnfO+KyftkTBzBgiGDA1SrS+0QXTLoaE7gf9+sDpb2eokAL+lNi9UuNbAKjb +ldKPIPwyI+739qEk3TRyzFI7qctr7CXvR/xiTzWxgjF6u/sG5w6YqKdbPGqLUML0 +U5Ji4HjzgGcryo2ORw11/Fgo93qraQKt+SfvaW4+f/ZS0bDk7moJYv0oKwu/zJfR +e2Uo5e8w6Ri5j9853ohdD/R0RLnVWLcigadT/a7imuZySnRivpmGr6NsN0NJOxTv +H1Rnua/+WCJVgiiBX2zUmuW5JgHoBhLf4fWM8N6AvJNhUNvwr5gJNwIDAQABo2Yw +ZDAdBgNVHQ4EFgQUGZeCqP9qTIc4b658ZXDFcLIsEpQwHwYDVR0jBBgwFoAU+QVw +dQU7Y1ho92NJRhYTnLmvSqowEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E +BAMCAYYwDQYJKoZIhvcNAQELBQADggEBAFeKYe5zSAlguaaaSSk2csmTzIFLUtIS +7KQ9iv3f3v+0HU+Wc4yQGb8WlWnVbMoFlRjSvmJQbAcBYFRoWfJHmbBl8ul8o1fW +hL2Om21Hz8GSRKM1ndeaKiPr1i6ABJL2Im04e0ypJzDaRRuZCxQpU7JNx3eoPqZB +It1j9Odny5K+VnpanQ6hOqcG2b8gwJvwQs5u/lqk8MaRQne6A2YoynEHAOa2xCsv +3QFfODN21hv26ODwdks0ISflad740WogoOAz/UWJpgr9G60DDWdTSHO5BPUrJrNV +vv1Z0Z4+E1fElGEHGLdduGKqryIPy+8lPN8priwPtFGL0sSoskMEyBY= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIDxzCCAq+gAwIBAgIUU5AWUWDeCMM1C5AfLqmOxDAmskswDQYJKoZIhvcNAQEL +MIIDxzCCAq+gAwIBAgIUdICn5V4KV+7fQEytfEUS/UF/oqgwDQYJKoZIhvcNAQEL BQAwajELMAkGA1UEBhMCRlIxDzANBgNVBAgMBkZyYW5jZTEOMAwGA1UEBwwFUGFy aXMxEjAQBgNVBAoMCUFsaWNlIEx0ZDESMBAGA1UECwwJQWxpY2UgTHRkMRIwEAYD -VQQDDAlBbGljZSBMdGQwIBcNMjEwODI0MTM0NDMzWhgPMjEyMTA3MzExMzQ0MzNa +VQQDDAlBbGljZSBMdGQwIBcNMjExMTE1MjA0MzA3WhgPMjEyMTEwMjIyMDQzMDda MGoxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZGcmFuY2UxDjAMBgNVBAcMBVBhcmlz MRIwEAYDVQQKDAlBbGljZSBMdGQxEjAQBgNVBAsMCUFsaWNlIEx0ZDESMBAGA1UE -AwwJQWxpY2UgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oio -edaI5iwalkJ9NCFMi6slfgMAeMSYtTYY+kgszpd2GLcEhPF9sxdi8Yz4UleGqQoQ -FqGbi1lZ6OemACM5Tql1/UOn9/d9QrgOWVUPISJxCvYYM95btDa9glvphBHdSlOV -skg9AddZdyA+aA9XkUJJ34PVzCMsWQN4R9Kb9FWmaTircZdi1zeQpV1DiNwZC3RR -lTsuCmqlG9cRJBBM3ece04EyzHC+upQUUcYhm/+aVnUCCtl9S/+74u8b2F6FWbFL -kfLRiQ2YMUhKKHc8BMF9ilMcm4/V66Mj53dsjVTjA3O2I0wc97IeVjVMA1fGeVFQ -2WYAEB81FikW2YHB3QIDAQABo2MwYTAdBgNVHQ4EFgQUOKpZgZH9PPDeBWbf0AgO -9/LB9LkwHwYDVR0jBBgwFoAUOKpZgZH9PPDeBWbf0AgO9/LB9LkwDwYDVR0TAQH/ -BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAJeNDE++ -PgMI0p8SiBz0lEgHFoaduBatko+EEpiVCGChcRyLGxymt+XVTjHoDsnUCGynAq2m -sxkXkmyLHeGqou6aI/HGSFpitTEK5S9FkK74iDoOPaDEq+Ip4msAfFulbQFcBZke -GO4Z59XD5rpMrk7E6D7t/QUx04sjbpOJ0KRIxCJnjzc+ahQK/qIcZAjjJX50+2xi -fiTJTMWrsRzpTDYjXI0JgaaD8SCEdYe7sUigFbyPe/srMtp6tqvvM+9uKOUxuVJW -kcUeWbjaezbZHB1OZzBouQjOv5hLcVliwtWHF4PVigRvogVw4y4VP8FTX9IcvtSG -OiNsHQoCEeHVuho= +AwwJQWxpY2UgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Oig +g/gTrTcWmJUaMwCce+ehBudWCZdehEfh47sF8j7o8rRzbd/9DqsC5aorIsab2YyK +XXAPAy1FmUE/DT6Tx+iCLPsb+uGV2t6MxS6dKehBtm2yrS7RpULT2NjH3kNboanB +9L4tE9Gpg7kx2Dt+RhaV6e61h6BR7hYcrpmqJ3dvuQ+rOgeOyZ6FDfZm9qlLkdqd +HSFk+j7axfPUUcCGlFG2HSaqDcsqaaV0n4qZ2/j2kUGXiFG/TJFST4qw7dlS7VIX +tm4031E80rjRvKquJosrzp55gH50g0oflbt5KFdLHOXUswyuxLwJUUJAoSRK1tNY +WWvxBKVmWmcmP/l9OwIDAQABo2MwYTAdBgNVHQ4EFgQU+QVwdQU7Y1ho92NJRhYT +nLmvSqowHwYDVR0jBBgwFoAU+QVwdQU7Y1ho92NJRhYTnLmvSqowDwYDVR0TAQH/ +BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAF1J8exK +4eTw0ruE8+HjcSkMqQu6k/BjxdCtq+aYXiydtMFMhDROpGEbyCGBaAlmxElNsQ+R +BAf7NZFyb8aoFd8O+gEZyHh2tEj2gWpT3P58imQqeYynWXtYR7p5Z3FmTFZtOmOJ +kn+62QrBmbDxsqBLUHK1JECGgpW6m4lzMXRH4p6CwJECmsQK0H25uB6knhYbk145 +lZqccIeyqbGT8c68ZC9vdL9wcPQh1VQtUKoDfH1fWcCyZUqla/TNlIOano9V34Ke +bvdBcdJYf1MaxBbJvGzckeclawRqKuY+bljKjwREpuDfnMfE1UOJbaoibPWbqxW9 +2/4UmKLTbSDz/wU= -----END CERTIFICATE----- diff --git a/molecule/default/tls/client/client.cert.pem b/molecule/default/tls/client/client.cert.pem index f1f0c9c1..fd8c2c25 100644 --- a/molecule/default/tls/client/client.cert.pem +++ b/molecule/default/tls/client/client.cert.pem @@ -1,20 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDRTCCAi0CAhABMA0GCSqGSIb3DQEBCwUAMGcxCzAJBgNVBAYTAkZSMQ8wDQYD +MIIDRDCCAiwCAhACMA0GCSqGSIb3DQEBCwUAMGcxCzAJBgNVBAYTAkZSMQ8wDQYD VQQIDAZGcmFuY2UxEjAQBgNVBAoMCUFsaWNlIEx0ZDESMBAGA1UECwwJQWxpY2Ug -THRkMR8wHQYDVQQDDBZJbnRlcm1lZGlhdGUgQWxpY2UgTHRkMCAXDTIxMDgyNDEz -NDQzNFoYDzIxMjEwNzMxMTM0NDM0WjBnMQswCQYDVQQGEwJGUjEPMA0GA1UECAwG +THRkMR8wHQYDVQQDDBZJbnRlcm1lZGlhdGUgQWxpY2UgTHRkMCAXDTIxMTExNTIw +NDMwN1oYDzIxMjExMDIyMjA0MzA3WjBmMQswCQYDVQQGEwJGUjEPMA0GA1UECAwG RnJhbmNlMQ4wDAYDVQQHDAVQYXJpczESMBAGA1UECgwJQWxpY2UgTHRkMRIwEAYD -VQQLDAlBbGljZSBMdGQxDzANBgNVBAMMBmNsaWVudDCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAMdJWk+M7geUsBwL3LFKvZkedost38hvnf8tzD8guiYK -TSRYHfhqpZ+r7SqAdidJ6z90ZEUAgf2858KgRviaBSEYits8KmUExwAqsE/5HS2e -KNIM34na7AlVSMDOVW677A01CmvnzMxe4z1XPhBbh6chW6c2biWwJocn8T05OSIo -JF6DXvCBnMTuWL1agBjCY9UIBQHHQAwOv1JIsD0bi2vHnDPCa81/e7Ttq9s5By+j -nv5aSrbdQf+H35zKfbyEfg0MzguCsBiYpqt/SRQXgfC4jpiWnfPkXUj2NTimqmhq -fvtdvodbwIDbCXsH3AGyN0ZU+Rk3sn+ggbTSgWb/5wECAwEAATANBgkqhkiG9w0B -AQsFAAOCAQEAF6bKMLMydOrEKS0mnr+Y/IcSjCUzXZlc3B3EEAdU1YCfoaOWECOu -8uZu3qMhRkbYVGnOhb1msmntBKyVD8AooOGr4yrQS6nc0w48XV18uJmg8Sgx7gPt -HXh4WCis9s2SejAWg3j1fcc1TVkMFdAWvd2A9uxr1ZpQc4wLCuNVCbwUiZR4Llw+ -mwzfjlCqFqtE0Rb4PJDt+vUQKZMw0DiWI6Q4mJdBqlE64+K9UjP52BisaqTAeqvX -ppsehPOdGmEBCfua7C3/CAj8JLC81o62WsdFIiFQQh2oyv3oJTNAG483gKF6bEE2 -RsqNz/YWsFURJ3I0SSAVOBJwkcwt0E+fwA== +VQQLDAlBbGljZSBMdGQxDjAMBgNVBAMMBWFkbWluMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAtLIfk65qRZz+oZfXd/cbeC+/fnWYGZn6fzLNfKslsYvt +vJsdTWTcNVeKg3xIn68dTPIJebLRG22Iky61f0yuGNuRh+nUADy3p72pAjBnKhaZ +996dkCdPVdDpIKCW6EriUZ3ER1tFjD2xP+U1ImW96y9EgqNYsbfLchm+INLXfGsO +KQDm5iPcAyvkfxeBFknjON/rnOyD6zhS5dIZBywoKQO3zKe0YvviuWQYhYsjZgcm +MrktG+NuUlZWx69WT0hPN01XYA36Fa0IHsdUkfjGbGEbVT+/xUr7s4IHtydycxJ8 +TB05vqxgILwre3msJR1Uk6wPFsSPS9uG3VxPIY9MPQIDAQABMA0GCSqGSIb3DQEB +CwUAA4IBAQAd9i56ad9j7pHz7pPNdivgPSjLiwVbbKbD8OWB/U2t2vyPOQw2Graj +INnzkSE5HYU3YvDYfoykA1nKLjSixSBo8v/d0uglV+iXaCSRYaWaxg4CBKTZg14X +S8+GUOdCqB+zcGbvZmqP+uP1O7PyBUO1sZmdcgohFF5Z5FR2vAuTiHRV2747UN9w +NOkS3nSzT7DPDMSXxrcdOfYa2yhveUXIbpP8/yMYXHwWOQeRALM7zXBOmKmRaYR5 +NUj/nA1fNoErgnYTBSRJiinRFsZQlCdPyvKhCQiRfJzJu2aEByNxtF8zOkffpxck +8YayNRCHeljnk3Pm2xV3qBeza6m3DRqS -----END CERTIFICATE----- diff --git a/molecule/default/tls/client/client.csr.pem b/molecule/default/tls/client/client.csr.pem index c46df05f..10250c3e 100644 --- a/molecule/default/tls/client/client.csr.pem +++ b/molecule/default/tls/client/client.csr.pem @@ -1,17 +1,17 @@ -----BEGIN CERTIFICATE REQUEST----- -MIICrDCCAZQCAQAwZzELMAkGA1UEBhMCRlIxDzANBgNVBAgMBkZyYW5jZTEOMAwG +MIICqzCCAZMCAQAwZjELMAkGA1UEBhMCRlIxDzANBgNVBAgMBkZyYW5jZTEOMAwG A1UEBwwFUGFyaXMxEjAQBgNVBAoMCUFsaWNlIEx0ZDESMBAGA1UECwwJQWxpY2Ug -THRkMQ8wDQYDVQQDDAZjbGllbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQDHSVpPjO4HlLAcC9yxSr2ZHnaLLd/Ib53/Lcw/ILomCk0kWB34aqWfq+0q -gHYnSes/dGRFAIH9vOfCoEb4mgUhGIrbPCplBMcAKrBP+R0tnijSDN+J2uwJVUjA -zlVuu+wNNQpr58zMXuM9Vz4QW4enIVunNm4lsCaHJ/E9OTkiKCReg17wgZzE7li9 -WoAYwmPVCAUBx0AMDr9SSLA9G4trx5wzwmvNf3u07avbOQcvo57+Wkq23UH/h9+c -yn28hH4NDM4LgrAYmKarf0kUF4HwuI6Ylp3z5F1I9jU4pqpoan77Xb6HW8CA2wl7 -B9wBsjdGVPkZN7J/oIG00oFm/+cBAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEA -say+y9aZZOTLx0rQV46qQR7/MImSLO8cll1hCX9NClOM93iSz3j0P0ISQLErXs0b -jnLykhA/TqrPLB9aTu5ym7+TA0oGfWKebB68ecjBWPy0oU/fD7XTuKhbaO1VvrUS -tJVXTMw3UCiG5FWfoO6g3yPSjxVW9dgWHp7L7z6pLdsHCBLpMjf4IkuMUhIofst0 -SvK1dzg7nRoNZ1I69Up9Exn2+9/gPAOrYUWzjbq+FzflNwk3V7fjioLP6JfVoRK2 -hh5ioJwX3Aq/YckP+9bH4VQIWoT/ISrkCQy8fiuMo5evWzVBmqK0ebHXwvrD7Ydy -tDQ0k/z8Bu1M+472OEHRog== +THRkMQ4wDAYDVQQDDAVhZG1pbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBALSyH5OuakWc/qGX13f3G3gvv351mBmZ+n8yzXyrJbGL7bybHU1k3DVXioN8 +SJ+vHUzyCXmy0RttiJMutX9MrhjbkYfp1AA8t6e9qQIwZyoWmffenZAnT1XQ6SCg +luhK4lGdxEdbRYw9sT/lNSJlvesvRIKjWLG3y3IZviDS13xrDikA5uYj3AMr5H8X +gRZJ4zjf65zsg+s4UuXSGQcsKCkDt8yntGL74rlkGIWLI2YHJjK5LRvjblJWVsev +Vk9ITzdNV2AN+hWtCB7HVJH4xmxhG1U/v8VK+7OCB7cncnMSfEwdOb6sYCC8K3t5 +rCUdVJOsDxbEj0vbht1cTyGPTD0CAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAF +tcQPKNBJ3AnynE6dF8RILi3+2hipJUlhswG7JpcRDmZQe7/DwvebHoxXSyDIyBMU +WYf8WH4kZrnAPqyn5c4Buyow1h7hXLywMArJm9dDrkCXP0GomJWNqhDUd57bkL2C +s7SKgjXpdjx4mLAPbBPz/LwhB517RAmOh/uTV6Xd8cMPWICRQTaE2AI0rcLsuH4I +3pXUZFYmybIYfJh0mfp6PKZc/dsqjw+VOhasiUqJiiqtkzUJvBrfdfNcIDZSMc47 +TCxLvpHl9+tw8Bm6XeZ/H0FMCBaPChIivd6M3ycLgEelM7gR1FNFXmYGGn+223MY +AtTLM7pqNn2H5hpqvwyf -----END CERTIFICATE REQUEST----- diff --git a/molecule/default/tls/client/client.key.pem b/molecule/default/tls/client/client.key.pem index 2f98b4b1..7139470b 100644 --- a/molecule/default/tls/client/client.key.pem +++ b/molecule/default/tls/client/client.key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAx0laT4zuB5SwHAvcsUq9mR52iy3fyG+d/y3MPyC6JgpNJFgd -+Gqln6vtKoB2J0nrP3RkRQCB/bznwqBG+JoFIRiK2zwqZQTHACqwT/kdLZ4o0gzf -idrsCVVIwM5VbrvsDTUKa+fMzF7jPVc+EFuHpyFbpzZuJbAmhyfxPTk5IigkXoNe -8IGcxO5YvVqAGMJj1QgFAcdADA6/UkiwPRuLa8ecM8JrzX97tO2r2zkHL6Oe/lpK -tt1B/4ffnMp9vIR+DQzOC4KwGJimq39JFBeB8LiOmJad8+RdSPY1OKaqaGp++12+ -h1vAgNsJewfcAbI3RlT5GTeyf6CBtNKBZv/nAQIDAQABAoIBAQCWQNP6joMY7B4r -xzXJ5lQ1EibGoPvMn3s8XkdUgVRYQgQPlvBhz+a4EGRsWxa6YJ0h5puC+vMHYFpM -/5MC9P1RCrQGv8InEAcKNSVh5qz9K/YTCOmxgoHcN5T26Zq4Nq+u9YK6ALcEj7Y9 -FX4RzzDj7d6wn/VELR+fX5ofUvmkqdK46M0HR9XCa55QOCUS2ZeejbFeYr6MNlJ8 -x3vzUMA975vuixvoCVdYGh95PPOXoKKtTW9hByX6hsPlAboBakI0k7pIRP6oJKFK -cfn30okLBjORCcpmYsU8i+5Ir01uyIH+t9aDvoQAyvvZv2MhFHxjAQxZ3hLI8rXo -GyDN/lbBAoGBAOZBuP1GlTITwq1n/m48B3F+14hKdqJWFWiTjrpv0uL8curP+3xg -KRjiaZa4KaIcQMpWvKLBzZP4i6OhLG+ptIzkCCpTJakbIAYs5fkZ9fl8ReGwuLCo -8Ajk3g+L6uHWmsw9+83A1ef7KYtB+AePLdlTd5kodjNhqCgUw0G2p2A1AoGBAN2R -OAVG6/81DJR0jovI930PeSpmrakij8y60fRWM6V6azW9rnf1luGk2qCB2SLHDzgj -pYxceu4d9srKiQaI1RqtBKU7pt8XUT6UbLvLEJjmw4vwMNhsUEMRy18zWLaSEhfK -59nLiFrLiZi5iDWZAMOJ+YAMDqB3coW18D3MFB0dAoGAZkya4MREMvx+iMZkTxuS -fwVIwv+6V4OBfXXZetGF010vvU1sQSUD/U9SdCkcLi75RixlILaUHILXn3pTIMU4 -N0R0sEFCwTAQ+U1nW1YCZ7aj4ZK/a5WTF5B/bE7Qq0fKfKWpQw/CuY9oNLu5c7pU -N3MS9tP4N/nSWQRof8Cj+mUCgYASKIOZ0x0mNjfItuCzzg2SX0FD21RiJyX31lu8 -lY/4ANdmeRwiUqtB5NvSCbI86mlx5WH85dthRm1iY0TllzM303QtAn2DjQqogUuD -/HlovojKIC4wnnfZd0zeiXu8wq3e608jB04uer3VGWdzVQ29+MHM37AXMJLfKHD+ -74m6dQKBgQCuA2POjZ+yLxZiqo8Oryfq+FxKCoC5utI8Yh/N5YNNLxgjcKoaEDWi -TZvH25536TO3iW8bwEz0jcZfKGwj8cYcyZbhHO8vQ+is0zre25ht4BZyYU2UBUQ5 -grsYIbGoD36RVZPIOO+FBQHDvleEnBCDy3ZMHmjfRTS9xJx1AXi/vw== +MIIEowIBAAKCAQEAtLIfk65qRZz+oZfXd/cbeC+/fnWYGZn6fzLNfKslsYvtvJsd +TWTcNVeKg3xIn68dTPIJebLRG22Iky61f0yuGNuRh+nUADy3p72pAjBnKhaZ996d +kCdPVdDpIKCW6EriUZ3ER1tFjD2xP+U1ImW96y9EgqNYsbfLchm+INLXfGsOKQDm +5iPcAyvkfxeBFknjON/rnOyD6zhS5dIZBywoKQO3zKe0YvviuWQYhYsjZgcmMrkt +G+NuUlZWx69WT0hPN01XYA36Fa0IHsdUkfjGbGEbVT+/xUr7s4IHtydycxJ8TB05 +vqxgILwre3msJR1Uk6wPFsSPS9uG3VxPIY9MPQIDAQABAoIBAHAW5runwEi6oMIA +/Spv4Vxm0jVSIS4QdHGfRBUH3fQLR0huOHkgDfIRAd2apTpZWKW4puQVZt3KzqPu +n6v+FylYWyiihl43S/4ECulOuVBEgPJf6AHaQL6NP3B77eDfQxE5+t4A4l2ij2eB +ebqCvpM72RXo2kY0K0H2chjOcdm9S4eQneDpEaWs6BGFsKJb3TzLXoyMFY0BF2xP +SFR6I4+C+lQ/Br68rXq8ruO5Le1/x0HCxGiOt4llOUA6ON5hq/OlB8GZAHFrR8/M +58PsbPD/YduE+LNCg/YcAgGu6upo5oL3TxAD64nMSgm7INK1gO9Q8AhUw8m5P64B +m0egYUkCgYEA6CYOYonpVR63D5XUbR5UfXXa+qeZmCBk2CtE5NltlECmjz4LYiKD +tjjHkD0DehWzj7DUxcLKyRyHpVqpnUxp8rKa7I/OONl4g0+UFjTGzGhGHwvuwwSe +p4UKaTMMyMi0glMf8VJkcd1QOJRpT1cmk2CwwsXjBJHyziDGppabRm8CgYEAx0LC +udmvWJ32uoyO+A9ODMFXKNnz9gZA6B/t9c07pj8yXV50dGvL9f+1v4F+F5IbdsK2 +vInnY6hB9nHmSyYxDVS+vO+AtwGRnn6X76IYpPwBYFc6RCWlF5ZhmqBcBbUSvwVB +1RP3DebH2VLpjoB4bPb4u6b7VXZ2EZ4paqxBDhMCgYEA5kgp6NGJJiirysgDyqJV +iYaJTC9JC0DHCDATzTdpnbBsCJexTw2Rvgag35HGiypPzm/JAMtzwP+OBxbiPej5 +CAjn6VXVaUtAYnFkIosD0Ox28oExvT4t61rrsuMzAVEmzkiK3SWwActZsmZ1+IAp +AfTeIreNtJDaXGLi64lmSf0CgYBI1Jv79hbjGwmdcdan0GBExT4oTlGfMPX0YgdF ++ne88ghknCuQif4IsigqERiXYO3s4IqOKxGKGWvSuhrkiNcQ+lKlGB1Bxq8E8Vxz +WBoN45ZVMky3r9LB5lNSgx5fb6mkbDV9vkhkql+NjYKUdVyO505OuF/RAvVwxxB4 +TvGQRQKBgF/Z8ytONu3oJ0CdJkd7QAlP44DyP8/C0ssPV8NFNa3ZzIqvHOb7Hon6 +WRECRU4Z5AovfZTGtEGTg4jb3NKoXBaX3b/UjjWA7ab6gwumBCHYy1bg6TnGVvkB +gOJLSSq0/TfnGae4JcfepAiRg//hrETtCX3VwhfeGTz0Yq5RI9KC -----END RSA PRIVATE KEY----- diff --git a/molecule/default/tls/generate.sh b/molecule/default/tls/generate.sh index 57119b20..853ce5bd 100755 --- a/molecule/default/tls/generate.sh +++ b/molecule/default/tls/generate.sh @@ -1,7 +1,7 @@ #!/bin/bash rm -fr ca intermediate server client keystore cacert.pem server.pem client.pem -mkdir -p ca/newcerts intermediate/newcerts server client keystore +mkdir -p ca/newcerts intermediate/newcerts server client keystore zk touch ca/index.txt echo 1000 > ca/serial @@ -42,6 +42,19 @@ openssl ca -batch -config openssl-intermediate-ca.cnf \ -in server/server.csr.pem \ -out server/server.cert.pem +openssl genrsa -out zk/server.key.pem 2048 +chmod 400 zk/server.key.pem +openssl req -config openssl-intermediate-ca.cnf -extensions server_cert \ + -subj '/C=FR/ST=France/L=Paris/O=Alice Ltd/OU=Alice Ltd/CN=zk' \ + -addext "subjectAltName = DNS:zookeeper-01103,DNS:zookeeper-111,DNS:zookeeper-260" \ + -key zk/server.key.pem \ + -new -sha256 \ + -out zk/server.csr.pem +openssl ca -batch -config openssl-intermediate-ca.cnf \ + -days 36500 -notext -md sha256 \ + -in zk/server.csr.pem \ + -out zk/server.cert.pem + openssl genrsa -out client/client.key.pem 2048 chmod 400 client/client.key.pem openssl req -config openssl-intermediate-ca.cnf -extensions usr_cert \ @@ -60,4 +73,14 @@ cat cacert.pem >> server.pem openssl pkcs12 -export -in server.pem -out keystore/server-keystore.p12 -name server -noiter -nomaciter -passout pass:password -keytool -import -noprompt -storepass password -keystore keystore/server-truststore.p12 -alias intermediate -file intermediate/intermediate.cert.pem +keytool -importkeystore -deststorepass password -destkeypass password -destkeystore keystore/server-keystore.jks -deststoretype JKS -srckeystore keystore/server-keystore.p12 -srcstoretype PKCS12 -srcstorepass password -alias server +keytool -import -noprompt -storepass password -keystore keystore/server-truststore.jks -alias intermediate -file intermediate/intermediate.cert.pem -storetype JKS + +cat zk/server.key.pem > zk.pem +cat zk/server.cert.pem >> zk.pem +cat cacert.pem >> zk.pem + +openssl pkcs12 -export -in zk.pem -out keystore/zk-keystore.p12 -name server -noiter -nomaciter -passout pass:password + +keytool -importkeystore -deststorepass password -destkeypass password -destkeystore keystore/zk-keystore.jks -deststoretype JKS -srckeystore keystore/zk-keystore.p12 -srcstoretype PKCS12 -srcstorepass password -alias server +keytool -import -noprompt -storepass password -keystore keystore/zk-truststore.jks -alias intermediate -file intermediate/intermediate.cert.pem -storetype JKS diff --git a/molecule/default/tls/intermediate/index.txt b/molecule/default/tls/intermediate/index.txt index 5a4dcb8a..799f8c58 100644 --- a/molecule/default/tls/intermediate/index.txt +++ b/molecule/default/tls/intermediate/index.txt @@ -1,2 +1,3 @@ -V 21210731134434Z 1000 unknown /C=FR/ST=France/L=Paris/O=Alice Ltd/OU=Alice Ltd/CN=server -V 21210731134434Z 1001 unknown /C=FR/ST=France/L=Paris/O=Alice Ltd/OU=Alice Ltd/CN=client +V 21211022204307Z 1000 unknown /C=FR/ST=France/L=Paris/O=Alice Ltd/OU=Alice Ltd/CN=server +V 21211022204307Z 1001 unknown /C=FR/ST=France/L=Paris/O=Alice Ltd/OU=Alice Ltd/CN=zk +V 21211022204307Z 1002 unknown /C=FR/ST=France/L=Paris/O=Alice Ltd/OU=Alice Ltd/CN=admin diff --git a/molecule/default/tls/intermediate/index.txt.old b/molecule/default/tls/intermediate/index.txt.old index c18777ee..05d6b9e4 100644 --- a/molecule/default/tls/intermediate/index.txt.old +++ b/molecule/default/tls/intermediate/index.txt.old @@ -1 +1,2 @@ -V 21210731134434Z 1000 unknown /C=FR/ST=France/L=Paris/O=Alice Ltd/OU=Alice Ltd/CN=server +V 21211022204307Z 1000 unknown /C=FR/ST=France/L=Paris/O=Alice Ltd/OU=Alice Ltd/CN=server +V 21211022204307Z 1001 unknown /C=FR/ST=France/L=Paris/O=Alice Ltd/OU=Alice Ltd/CN=zk diff --git a/molecule/default/tls/intermediate/intermediate.cert.pem b/molecule/default/tls/intermediate/intermediate.cert.pem index 7d49fecf..0a3540fe 100644 --- a/molecule/default/tls/intermediate/intermediate.cert.pem +++ b/molecule/default/tls/intermediate/intermediate.cert.pem @@ -2,21 +2,21 @@ MIIDtTCCAp2gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwajELMAkGA1UEBhMCRlIx DzANBgNVBAgMBkZyYW5jZTEOMAwGA1UEBwwFUGFyaXMxEjAQBgNVBAoMCUFsaWNl IEx0ZDESMBAGA1UECwwJQWxpY2UgTHRkMRIwEAYDVQQDDAlBbGljZSBMdGQwIBcN -MjEwODI0MTM0NDM0WhgPMjEyMTA3MzExMzQ0MzRaMGcxCzAJBgNVBAYTAkZSMQ8w +MjExMTE1MjA0MzA3WhgPMjEyMTEwMjIyMDQzMDdaMGcxCzAJBgNVBAYTAkZSMQ8w DQYDVQQIDAZGcmFuY2UxEjAQBgNVBAoMCUFsaWNlIEx0ZDESMBAGA1UECwwJQWxp Y2UgTHRkMR8wHQYDVQQDDBZJbnRlcm1lZGlhdGUgQWxpY2UgTHRkMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XeZnyipMPDS6BYwHl+aYYJ4pHX8Qqz1 -GyHQSzeq2WyMkYPaNEREJ9vLHrU4VTtxWBdoGo6ox5zqe8/0OxHo/+yijhBAegh0 -Z3HGaRvIXRZBYmGdcjnesfmFCn07lUeslYr56juyiXuFXLlHBllp/shWzp1cjGWu -0fWrRF7YicpKUzWZ2A8bBvkV02KdKfDpNvAdDaMKvVsQTZNrg3Kyt4c+4SkyRdbr -cND1aLrhy/xdiVXUS4uFi+u84skZhE/8+7PWMtpGC/KlnwPSPzwNFVsw+vgWefNC -bbM92z1tqN3sX2bzxIdFJhlPmE9Rh9uZoNCNN+UHq8INvOB7XQkfbQIDAQABo2Yw -ZDAdBgNVHQ4EFgQUeQ004NyxMkINfOVA/MSw6xCcQbIwHwYDVR0jBBgwFoAUOKpZ -gZH9PPDeBWbf0AgO9/LB9LkwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E -BAMCAYYwDQYJKoZIhvcNAQELBQADggEBAJuv0J6kji/8sFltqUH3rp7JDFMHIkqE -jUrvpe4Rugshzzst0ketYM8xn4CfCK2zRShS9pMxYLudGXKlTNnpo1zCgGoQm4mp -j7yyOzceTtzbG4+XcEn3GdDi9V1+Vm2JkLhQN/rsCMbxNY8uInEVXlMVP9yZH6hh -4m/OJ+1xwPsEoc97Jh7kZMA5QhuyDPMhX0Qc+ppyYI6xCQUQPbbnab67zXwIWVB1 -6g+QSryDWyu1SZaEOAstYJ+37IfUlzD1KajfHEEtqszRQk4qViIQLNWBJEMXd+bd -za/56ju6A9OH/T7xeEyhTA8rdYUD1nITtfB0NqO28aZuICO+jIDkpmg= +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+f9pr/Lw2QRYUIUpc93Sd6XQ9xfWoXY +gozfKnfO+KyftkTBzBgiGDA1SrS+0QXTLoaE7gf9+sDpb2eokAL+lNi9UuNbAKjb +ldKPIPwyI+739qEk3TRyzFI7qctr7CXvR/xiTzWxgjF6u/sG5w6YqKdbPGqLUML0 +U5Ji4HjzgGcryo2ORw11/Fgo93qraQKt+SfvaW4+f/ZS0bDk7moJYv0oKwu/zJfR +e2Uo5e8w6Ri5j9853ohdD/R0RLnVWLcigadT/a7imuZySnRivpmGr6NsN0NJOxTv +H1Rnua/+WCJVgiiBX2zUmuW5JgHoBhLf4fWM8N6AvJNhUNvwr5gJNwIDAQABo2Yw +ZDAdBgNVHQ4EFgQUGZeCqP9qTIc4b658ZXDFcLIsEpQwHwYDVR0jBBgwFoAU+QVw +dQU7Y1ho92NJRhYTnLmvSqowEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E +BAMCAYYwDQYJKoZIhvcNAQELBQADggEBAFeKYe5zSAlguaaaSSk2csmTzIFLUtIS +7KQ9iv3f3v+0HU+Wc4yQGb8WlWnVbMoFlRjSvmJQbAcBYFRoWfJHmbBl8ul8o1fW +hL2Om21Hz8GSRKM1ndeaKiPr1i6ABJL2Im04e0ypJzDaRRuZCxQpU7JNx3eoPqZB +It1j9Odny5K+VnpanQ6hOqcG2b8gwJvwQs5u/lqk8MaRQne6A2YoynEHAOa2xCsv +3QFfODN21hv26ODwdks0ISflad740WogoOAz/UWJpgr9G60DDWdTSHO5BPUrJrNV +vv1Z0Z4+E1fElGEHGLdduGKqryIPy+8lPN8priwPtFGL0sSoskMEyBY= -----END CERTIFICATE----- diff --git a/molecule/default/tls/intermediate/intermediate.csr.pem b/molecule/default/tls/intermediate/intermediate.csr.pem index 1eb25134..6834218e 100644 --- a/molecule/default/tls/intermediate/intermediate.csr.pem +++ b/molecule/default/tls/intermediate/intermediate.csr.pem @@ -2,16 +2,16 @@ MIICvDCCAaQCAQAwdzELMAkGA1UEBhMCRlIxDzANBgNVBAgMBkZyYW5jZTEOMAwG A1UEBwwFUGFyaXMxEjAQBgNVBAoMCUFsaWNlIEx0ZDESMBAGA1UECwwJQWxpY2Ug THRkMR8wHQYDVQQDDBZJbnRlcm1lZGlhdGUgQWxpY2UgTHRkMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XeZnyipMPDS6BYwHl+aYYJ4pHX8Qqz1GyHQ -Szeq2WyMkYPaNEREJ9vLHrU4VTtxWBdoGo6ox5zqe8/0OxHo/+yijhBAegh0Z3HG -aRvIXRZBYmGdcjnesfmFCn07lUeslYr56juyiXuFXLlHBllp/shWzp1cjGWu0fWr -RF7YicpKUzWZ2A8bBvkV02KdKfDpNvAdDaMKvVsQTZNrg3Kyt4c+4SkyRdbrcND1 -aLrhy/xdiVXUS4uFi+u84skZhE/8+7PWMtpGC/KlnwPSPzwNFVsw+vgWefNCbbM9 -2z1tqN3sX2bzxIdFJhlPmE9Rh9uZoNCNN+UHq8INvOB7XQkfbQIDAQABoAAwDQYJ -KoZIhvcNAQELBQADggEBACfSMGAgqW6Vc0qZIQudRsCrQlTiAKy81W/Brr3u84kd -pv3veKu7I/vxFwLme/Rx3DwNy1CESUcOrUMJDY1YgjOP6vrMfSbNxaoKjQxp38xR -bMkQdf1sHQX8spQXL1AgjjJCMRgtH3F4I/gGHmCkQ9/YBiL1kjEoMU0pUTtkd01R -z7WUs03pA5MQ0YAoPDzrlikH4U7vRrOZaPOPd80/Okc0gwYAnMrNiaZTZ1uAciXE -enLPVB6B13n+gqK33MFErQKLkhYJq44xjBc9R+KGAAOY63WcuTWPeneRGQBmQKjm -xlL7ebb5moPjtwKevsTC8nLrwEVXB22lw1oTfWGdr1E= +9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+f9pr/Lw2QRYUIUpc93Sd6XQ9xfWoXYgozf +KnfO+KyftkTBzBgiGDA1SrS+0QXTLoaE7gf9+sDpb2eokAL+lNi9UuNbAKjbldKP +IPwyI+739qEk3TRyzFI7qctr7CXvR/xiTzWxgjF6u/sG5w6YqKdbPGqLUML0U5Ji +4HjzgGcryo2ORw11/Fgo93qraQKt+SfvaW4+f/ZS0bDk7moJYv0oKwu/zJfRe2Uo +5e8w6Ri5j9853ohdD/R0RLnVWLcigadT/a7imuZySnRivpmGr6NsN0NJOxTvH1Rn +ua/+WCJVgiiBX2zUmuW5JgHoBhLf4fWM8N6AvJNhUNvwr5gJNwIDAQABoAAwDQYJ +KoZIhvcNAQELBQADggEBAGPEbeciXvmnkB59ukm9Tbf9ympycfa1J3RxILWJFmQS +8fmSHHv0957Lynfex9F3rUrt8ucmTTSw9ONXGTW1O8tjSFyQCYMM2YIbdBhVHmsj +1xOIFqulyH/wn4y379LdMq14GWXt0cSjhTpNZIDZAF8jO6wbLfM0wv0sLzSwdW+g +eRidGjHLY0lkQ2Z9kpZD0nA44ypjvyZG6oHojLRnq3qxKJ/Uw9/gZ4G4uqJY44F0 +57b8B6vFDufBWc7u8oX/SvWiwdaHgI145rvwuzeQtUARGOTv/vpo4PghJfbGXqNa +dyJtVsuzEH+ZCkklPGd31lxkYHNZarARSaJbSf34cTc= -----END CERTIFICATE REQUEST----- diff --git a/molecule/default/tls/intermediate/intermediate.key.pem b/molecule/default/tls/intermediate/intermediate.key.pem index b9d2b4e2..3f0dc24f 100644 --- a/molecule/default/tls/intermediate/intermediate.key.pem +++ b/molecule/default/tls/intermediate/intermediate.key.pem @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA6XeZnyipMPDS6BYwHl+aYYJ4pHX8Qqz1GyHQSzeq2WyMkYPa -NEREJ9vLHrU4VTtxWBdoGo6ox5zqe8/0OxHo/+yijhBAegh0Z3HGaRvIXRZBYmGd -cjnesfmFCn07lUeslYr56juyiXuFXLlHBllp/shWzp1cjGWu0fWrRF7YicpKUzWZ -2A8bBvkV02KdKfDpNvAdDaMKvVsQTZNrg3Kyt4c+4SkyRdbrcND1aLrhy/xdiVXU -S4uFi+u84skZhE/8+7PWMtpGC/KlnwPSPzwNFVsw+vgWefNCbbM92z1tqN3sX2bz -xIdFJhlPmE9Rh9uZoNCNN+UHq8INvOB7XQkfbQIDAQABAoIBAFKX9igBSYG/4M0s -dE96gPI4Jxf/iYPJDllP6BGEGxQaO8yK+dn9wKLdNgmiENDOW7XPagvjJkCf+bBd -jEiNeIF5pLRfeX/yl8O0032Bz6tm4TC92eZ8JJWP8YoZbcfM+HhbFzjPb8UFhtOb -1E2hukbhdxxXPVOJ8YPjxnhEmZR86DoFFFAMf+FPzGqxZwRQd+8zZQiMb+7YKxFO -Pj4vbg+KWfG1H5Cwjd+8NbouX3+GBcefGeMISi6QiWp8cHpIwYTWsAGTk1kCW/ip -KmShz/z4IaAPFH4gJu+xROcdokFFFs2z6rRfdsKM9EfB4761yyxBIXLhsNTzXpKD -7tdCGf0CgYEA99bRi9gjsIvBNDKMKbOLOXLd4Y9saa/SBUJvKTHjlWQMZ4pci+Fi -a6kupphUwazBMDzhRj7pjCpsPnO0wUQTlzNp6sup1wTqSrWy/AjBd28WjQ30ALg9 -3sFFtzR0DfdUe7nYmZBmAryls6XkYO50jVRCSclIKAbXRHxmGl9vnRcCgYEA8Seh -yOOFyiXkZg5ZumLN1BMMXeCT+DwCJgvM+uK3P4W29RtLnVRMw+GgBGOjSd8bUYqL -LG3MClTTSfmTfUmeZOdNaRCa/HbVEScz2hc06odiJeUJPxJ4jKDuZbAiCK/EM+Xj -PGCD79qCihANM7QeB/WLXNxdbn5eXTMoASLdohsCgYBYrxLegqIKu4eQAQJsraWF -EhhZbTPzAYoafbI/QG3aeCmEJ1uEZksMkUZzMJErmICsnSxTMZHqqQeAtXCZs516 -/lfJP8Vvfn/D6g645v0rmqGsKbEFTOg+vFQRAYEBul4Nw+vAz43hLtXwWc1F7i3g -oKTzuEXMpN4E0KrMhxfuUwKBgBAe4xzHwODTiaIc4XipNDMyFsiLw7h7YnViopA+ -6ZsQeDuIWJSq1vrdMVI5yuecR3o69bTBnjsuknVGfsqISlNadv1IA+ROmU2tPjUd -CgeHh1MbLXQO6woTk/wuOwgzn70MaBVYKlm1VLaf/hHvv3YuvuM1Q/Wn8uzuB4WT -7BbzAoGBAKKnO8xZmExV7ioMzciZKVgrrDt3xu1lh524yPM1J6lLWzdeiqkVqHDN -48pQNsNzKgHhx3vWR4a79Bbqt2YKb2xPXY4im0usg9b7yZWGB8dL32+zSjiY7YZl -jDljWA6NxiCa5R10mgxjltdRdTXorFJVWNkaeSqxypoCw5TaK+Rp +MIIEpAIBAAKCAQEA5+f9pr/Lw2QRYUIUpc93Sd6XQ9xfWoXYgozfKnfO+KyftkTB +zBgiGDA1SrS+0QXTLoaE7gf9+sDpb2eokAL+lNi9UuNbAKjbldKPIPwyI+739qEk +3TRyzFI7qctr7CXvR/xiTzWxgjF6u/sG5w6YqKdbPGqLUML0U5Ji4HjzgGcryo2O +Rw11/Fgo93qraQKt+SfvaW4+f/ZS0bDk7moJYv0oKwu/zJfRe2Uo5e8w6Ri5j985 +3ohdD/R0RLnVWLcigadT/a7imuZySnRivpmGr6NsN0NJOxTvH1Rnua/+WCJVgiiB +X2zUmuW5JgHoBhLf4fWM8N6AvJNhUNvwr5gJNwIDAQABAoIBAQDH6R2olCekDOxK +iftgoEK1xBNjpWHxl/X3PFbYtiUOC0k2h3kEZj1l2pDmEH95kmrk7YND6lHPymKw +7YvKcTpit6AlBuaY3/dC5RsLFTxn64WH7ovnwGHBrpXOHhSvolfuFyvsGl4l3F9w +Esp1fgitQm+M2k+0VArozAU+eiV2plVVHTduvNdKuDpKYd6k/G3ZmWham8mSFbmM +H8qP/ozJXhhCs+z5lQIJqW5azmT96V601TMueaLOZsK3JGRI5QkKD70iKcrpHMjF +R4B3cOsmyLIlIWdLMbB1HAvdJWpOSra4zF69Mm1vUdFIE62RRmXUbxck8I4qtO0d +XVpg/yMJAoGBAPjcSlZ3GVMClG2z4QY5ltRi14dFqZEHnzJ4CThMZ5ZFMLzaLcBG +jU364ONmIba2/RQuEruPfJWmbkh8b+NVFVNR7pN8eOCM5NNb9M8mC288rYGnKriP +WLE3q/j0jI/5M2JppBV65W2VngbihB/RCUcSB8pGVRl0CnoDRDkglR4DAoGBAO6P +LsrqHwDXwRb0IyQAPYNKompzXaIjP7SSeOvJn1Fafy8BE/Dqq1xvGuKeeN0nsFAm +hjmtlJNJol6GcDzyvyjKFFWuu8YcDhLVuDTPEyXv7XO0qWLMCiDvzr7ezF4nhOWx +tYMN9Dhz7Q/E3w8GEegwZu5oShYI3AcieqGckku9AoGAAd1MpUcxJmEPkZ7WYcCO +s7ql2LqZ4Z9H/w3NK+HOqN6N1exgiV898caeZrW+LOtEDCGoPEV/7nMXwm1EPVTG +2x/zBKHbGfuUP00iEWc8kLHIrv78n/Na+8DqBex3HSEF1IfsFckc7OxBCdYqnT5o +rmKhMk/ClXU8GtvpZ/ApjdcCgYEAw2JqBK9z7RDIiLA0B8xalSmPlHggfCc6if5d +I2DjJ5JjEHBlkK/i4bXt4yXAAAH9meezj5HnWiq43YpmasS2ZAX+WZ7fFAbuT+bT +FA11tWCorleNU+mhchB22EVKRONBKY8/BrNrDsGDq6KmvntON0lNRH4OD7X5364R +mkPOXlECgYB6glOT7pIh7Z5akL73YiTDPIW4tXA8nSkNW732SrgaEhxhJo20E7V+ +4ssX7eTP7hx3v708NgZFzH8m9B0WTXCZVvR90WtO8APyHaSxIYcUl/AMJOgKnGOt +3JyO0V4NRIrQOaV8MKbTlyjUrobwhuLSTuaX15VU+uG13k7A4KZEkw== -----END RSA PRIVATE KEY----- diff --git a/molecule/default/tls/intermediate/newcerts/1000.pem b/molecule/default/tls/intermediate/newcerts/1000.pem index a6691b8a..f39429cc 100644 --- a/molecule/default/tls/intermediate/newcerts/1000.pem +++ b/molecule/default/tls/intermediate/newcerts/1000.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- MIIDpTCCAo2gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwZzELMAkGA1UEBhMCRlIx DzANBgNVBAgMBkZyYW5jZTESMBAGA1UECgwJQWxpY2UgTHRkMRIwEAYDVQQLDAlB -bGljZSBMdGQxHzAdBgNVBAMMFkludGVybWVkaWF0ZSBBbGljZSBMdGQwIBcNMjEw -ODI0MTM0NDM0WhgPMjEyMTA3MzExMzQ0MzRaMGcxCzAJBgNVBAYTAkZSMQ8wDQYD +bGljZSBMdGQxHzAdBgNVBAMMFkludGVybWVkaWF0ZSBBbGljZSBMdGQwIBcNMjEx +MTE1MjA0MzA3WhgPMjEyMTEwMjIyMDQzMDdaMGcxCzAJBgNVBAYTAkZSMQ8wDQYD VQQIDAZGcmFuY2UxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlBbGljZSBMdGQx EjAQBgNVBAsMCUFsaWNlIEx0ZDEPMA0GA1UEAwwGc2VydmVyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwUZ2aTYrZ6fOb3frbHs79g9EcBYpuE8kqwM -AwVboBARxZfbad4ZVZoWFc2Y9elUUYhMns7lOcQcxFlL+li26t+W4NB0GQNRXqEw -OJPiuXranWunjKgo8fiHaq69D+su0E5QyixoNvH4zGsoJS5rjWJH3a8gUhrrJNJ/ -E1AxLfa854wOWPZ30hJFsHQVoTY9qJT0aLzh2JhHEyJEd/KMlAB0ffM75lPzV2b9 -a8QK2yanP8qgvalvIxHWBUF6Q6TAbaO2NwufbP2Q4S9LsxLeRVTPWbFD7EgjENKi -xfia0avxGU22kwTqgTxr3pSGNz7n1sfEwIKAXtHnEyZwo7nImQIDAQABo1kwVzBV +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAEdUo8UjCd+OPqhUhpC5Yahcs2380r4zsBF +7LKGb7oRRS1+xT5uS2MHEE+61fX3uWSSfV+leGu2B0JkWoO4FYvOivBsKq43b8Ec +WXcubSraCNYbip0L3W//DNoF8MxIvowEn6OeRKZNidC4XGkzS0B/L8QWbYKYhlZ0 +v+j/DhnPFsBadc6gyU2xebo8WB1ON/TkyhggVaS0Ji0lz+I/zoQj14eg4eVSfgkO +vwp6fHDhfnFYBh3qRV8TP6m2f5aET9YhNWHkS63kVzpJNEdzghhbgkrENm9fBMuE +y/noXeE1JhHCoCN6HjJur2Na/tDw7GL/en5qoUQy+B3SlP8WjQIDAQABo1kwVzBV BgNVHREETjBMggxrYWZrYTEtMDExMDOCDGthZmthMi0wMTEwM4IKa2Fma2ExLTEx MYIKa2Fma2EyLTExMYIKa2Fma2ExLTI2MIIKa2Fma2EyLTI2MDANBgkqhkiG9w0B -AQsFAAOCAQEARHaMeSl1kDR0/V1E2+NPxcdQOXXSVnq1JSn5kW2wAOwMeHRDSU33 -8RAuiHdC54VjM8q6tn+0nHyCAgmP+WqsIx8Z/auUeVod6q18yJUfkfJfmOXlECnC -IYmcuzD4uCJDwKzubsRMjexfNTPhsMuYKqInAOt65IQ6wka8kHdm6qUGIi3ifXpb -Rh2TrPtGxTEnd3/fF65Xofxug6LGlFKtWZW4PtD5jz8UHAUnJDn4ts/6Rdb4FbXB -QNF0VAGVCntYaNbd/KHQav2JZmI9vWXdFFtWpo/0w+UN+nVd4VcIjyHb27NSDkHi -hKnojPccZKZL4TcJwNtr8KX8LtxO0gmZHg== +AQsFAAOCAQEATdb225R9+O7NcS/Ds0yeUfiSLHlSzYP1rfZUpPVf02heXDxnmnTm +/hMazNhB6xYJC3HZWYlf9e72BkLAz2APIAHNWhS2Ri3gShcvC/xuCqNjnAPtSNiS +CJURHj4LSYGYwS/XYRS77OHYK1rodMht9DPWowPRNNmtMKdOQRqZnJqAWeUixL9u +AC5oIq6kmIjEvO7W7vl6viSSyRB6HKxkltU2DPx31zPWdkcb4HqWvnEWZd9jyHSC +tZesyeosZ0auPlMTX1ePA7BNekJG0wnsDsap4L7PB2lwbzgerk3hzUBpdk4FfYG+ +8h5PTTRYzjRI9ABDYmgogA5/Go3B3aWRKQ== -----END CERTIFICATE----- diff --git a/molecule/default/tls/intermediate/newcerts/1001.pem b/molecule/default/tls/intermediate/newcerts/1001.pem index f1f0c9c1..dbd20e0b 100644 --- a/molecule/default/tls/intermediate/newcerts/1001.pem +++ b/molecule/default/tls/intermediate/newcerts/1001.pem @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDRTCCAi0CAhABMA0GCSqGSIb3DQEBCwUAMGcxCzAJBgNVBAYTAkZSMQ8wDQYD -VQQIDAZGcmFuY2UxEjAQBgNVBAoMCUFsaWNlIEx0ZDESMBAGA1UECwwJQWxpY2Ug -THRkMR8wHQYDVQQDDBZJbnRlcm1lZGlhdGUgQWxpY2UgTHRkMCAXDTIxMDgyNDEz -NDQzNFoYDzIxMjEwNzMxMTM0NDM0WjBnMQswCQYDVQQGEwJGUjEPMA0GA1UECAwG -RnJhbmNlMQ4wDAYDVQQHDAVQYXJpczESMBAGA1UECgwJQWxpY2UgTHRkMRIwEAYD -VQQLDAlBbGljZSBMdGQxDzANBgNVBAMMBmNsaWVudDCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAMdJWk+M7geUsBwL3LFKvZkedost38hvnf8tzD8guiYK -TSRYHfhqpZ+r7SqAdidJ6z90ZEUAgf2858KgRviaBSEYits8KmUExwAqsE/5HS2e -KNIM34na7AlVSMDOVW677A01CmvnzMxe4z1XPhBbh6chW6c2biWwJocn8T05OSIo -JF6DXvCBnMTuWL1agBjCY9UIBQHHQAwOv1JIsD0bi2vHnDPCa81/e7Ttq9s5By+j -nv5aSrbdQf+H35zKfbyEfg0MzguCsBiYpqt/SRQXgfC4jpiWnfPkXUj2NTimqmhq -fvtdvodbwIDbCXsH3AGyN0ZU+Rk3sn+ggbTSgWb/5wECAwEAATANBgkqhkiG9w0B -AQsFAAOCAQEAF6bKMLMydOrEKS0mnr+Y/IcSjCUzXZlc3B3EEAdU1YCfoaOWECOu -8uZu3qMhRkbYVGnOhb1msmntBKyVD8AooOGr4yrQS6nc0w48XV18uJmg8Sgx7gPt -HXh4WCis9s2SejAWg3j1fcc1TVkMFdAWvd2A9uxr1ZpQc4wLCuNVCbwUiZR4Llw+ -mwzfjlCqFqtE0Rb4PJDt+vUQKZMw0DiWI6Q4mJdBqlE64+K9UjP52BisaqTAeqvX -ppsehPOdGmEBCfua7C3/CAj8JLC81o62WsdFIiFQQh2oyv3oJTNAG483gKF6bEE2 -RsqNz/YWsFURJ3I0SSAVOBJwkcwt0E+fwA== +MIIDhDCCAmygAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwZzELMAkGA1UEBhMCRlIx +DzANBgNVBAgMBkZyYW5jZTESMBAGA1UECgwJQWxpY2UgTHRkMRIwEAYDVQQLDAlB +bGljZSBMdGQxHzAdBgNVBAMMFkludGVybWVkaWF0ZSBBbGljZSBMdGQwIBcNMjEx +MTE1MjA0MzA3WhgPMjEyMTEwMjIyMDQzMDdaMGMxCzAJBgNVBAYTAkZSMQ8wDQYD +VQQIDAZGcmFuY2UxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlBbGljZSBMdGQx +EjAQBgNVBAsMCUFsaWNlIEx0ZDELMAkGA1UEAwwCemswggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQC/+r3SwGFLA8DLI5IsX8hUQVfVo0z2CgKRPW129u7g +ofgPA3EjDj738BsbkicysLKSnV8GKPG0UZj7KYcO4IeG3PE4mkdNjn6F5eUeyy1N +NYLvfkZfuFIbOM6tBTcWTcRQWRgnZfrN6GYsTzxTDwL2l85WCS+yA3KryixcQ5Vo +xRdtKmPDxq9JW1r1NdvVFGiEtIrTDH/fLQg1FnToJmygWYUlaynb4v1f2WAA0HjP +LP/Rkq4w5HfktEYb5sccny0JmZq1uYT/k4L93LlZimHHwmz9R+Yc8Y1xhmxlon3X +R0GdmsFXFzylbBfAtgFntqKgiZnElqaG4l5YgmEpfMJ3AgMBAAGjPDA6MDgGA1Ud +EQQxMC+CD3pvb2tlZXBlci0wMTEwM4INem9va2VlcGVyLTExMYINem9va2VlcGVy +LTI2MDANBgkqhkiG9w0BAQsFAAOCAQEATylJ5imvb7sF2TtCN1+C74+LRRrY0xW1 +QqZt5QuQw+NureG0YrK/FRkxxoVHsQSAqA6EJV7+48vzmk69ww+MmMyDrUpcvQZj +nB9VHa5G65YBuRGVg2GzkQ+CoG51AwG7yAhPtRsqf2zqX9mTIDCVtf+KnQ3lGMKR +op21NVZTBiFRfIpFWolvFmApZ/BJbHOnx0TXubgALr9KjzsSqoE6lC/yvYRmjY95 +2FLT6sTnvkWHBYNHZvVCbKOSDT0/rLtIBUnR9PQ/mp3mxNTgXFs/bGjpfSMSXtat +kyPo+4aBtG3FhjY2ORMw5cyfVsdIpcTeD67QEMj9Gn1NKbcjL/PW7A== -----END CERTIFICATE----- diff --git a/molecule/default/tls/intermediate/newcerts/1002.pem b/molecule/default/tls/intermediate/newcerts/1002.pem new file mode 100644 index 00000000..fd8c2c25 --- /dev/null +++ b/molecule/default/tls/intermediate/newcerts/1002.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDRDCCAiwCAhACMA0GCSqGSIb3DQEBCwUAMGcxCzAJBgNVBAYTAkZSMQ8wDQYD +VQQIDAZGcmFuY2UxEjAQBgNVBAoMCUFsaWNlIEx0ZDESMBAGA1UECwwJQWxpY2Ug +THRkMR8wHQYDVQQDDBZJbnRlcm1lZGlhdGUgQWxpY2UgTHRkMCAXDTIxMTExNTIw +NDMwN1oYDzIxMjExMDIyMjA0MzA3WjBmMQswCQYDVQQGEwJGUjEPMA0GA1UECAwG +RnJhbmNlMQ4wDAYDVQQHDAVQYXJpczESMBAGA1UECgwJQWxpY2UgTHRkMRIwEAYD +VQQLDAlBbGljZSBMdGQxDjAMBgNVBAMMBWFkbWluMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAtLIfk65qRZz+oZfXd/cbeC+/fnWYGZn6fzLNfKslsYvt +vJsdTWTcNVeKg3xIn68dTPIJebLRG22Iky61f0yuGNuRh+nUADy3p72pAjBnKhaZ +996dkCdPVdDpIKCW6EriUZ3ER1tFjD2xP+U1ImW96y9EgqNYsbfLchm+INLXfGsO +KQDm5iPcAyvkfxeBFknjON/rnOyD6zhS5dIZBywoKQO3zKe0YvviuWQYhYsjZgcm +MrktG+NuUlZWx69WT0hPN01XYA36Fa0IHsdUkfjGbGEbVT+/xUr7s4IHtydycxJ8 +TB05vqxgILwre3msJR1Uk6wPFsSPS9uG3VxPIY9MPQIDAQABMA0GCSqGSIb3DQEB +CwUAA4IBAQAd9i56ad9j7pHz7pPNdivgPSjLiwVbbKbD8OWB/U2t2vyPOQw2Graj +INnzkSE5HYU3YvDYfoykA1nKLjSixSBo8v/d0uglV+iXaCSRYaWaxg4CBKTZg14X +S8+GUOdCqB+zcGbvZmqP+uP1O7PyBUO1sZmdcgohFF5Z5FR2vAuTiHRV2747UN9w +NOkS3nSzT7DPDMSXxrcdOfYa2yhveUXIbpP8/yMYXHwWOQeRALM7zXBOmKmRaYR5 +NUj/nA1fNoErgnYTBSRJiinRFsZQlCdPyvKhCQiRfJzJu2aEByNxtF8zOkffpxck +8YayNRCHeljnk3Pm2xV3qBeza6m3DRqS +-----END CERTIFICATE----- diff --git a/molecule/default/tls/intermediate/serial b/molecule/default/tls/intermediate/serial index 7d802a3e..baccd039 100644 --- a/molecule/default/tls/intermediate/serial +++ b/molecule/default/tls/intermediate/serial @@ -1 +1 @@ -1002 +1003 diff --git a/molecule/default/tls/intermediate/serial.old b/molecule/default/tls/intermediate/serial.old index dd117240..7d802a3e 100644 --- a/molecule/default/tls/intermediate/serial.old +++ b/molecule/default/tls/intermediate/serial.old @@ -1 +1 @@ -1001 +1002 diff --git a/molecule/default/tls/keystore/server-keystore.jks b/molecule/default/tls/keystore/server-keystore.jks new file mode 100644 index 0000000000000000000000000000000000000000..7bc7a6e3d53649eff508b6f72785b604c4a1de1c GIT binary patch literal 4236 zcmd6p2T)YmwuU>=NCv@{ASfUi;gAG{Aw!e1Bqer}Lz59CHi&>IL(WMuDkw^nI77}L z8Ofo+K{73%z-{k%XRKHEm9Jjidi74#uCvy^_o=ha+UHwqpM5&}1OkB|gaQ8NfP30_ z_}F+5+&~V)F&Yqv2m)YXX8Ko6{?! zYjc!J$@=+Qofh{(@7`M;51%vJP7Q+&L11K!F)I(zku_HW_;(Jep9%a{Cn-WRGh(1F zMlA0oXg$%2VQyDraSAQbAN;uC-j?ninba=Q6?*mX-5av>ab_XgiP^`#g_3Q~QOMho zJ@#Z7ay=)<@GrwNAI6LjM>Dz>YZwWPLN$o%81%OE5sCgDP4hL5yswy(*K zQ1WrYg%tTBKM;~M%e9GU>pbz-!uO8o4H5I1o(^)`EbuQU%E}8t&*=+&-*h^0WRYRX z!;|I}9x;hX4pxauB4P#F)9e$4Pb{-STeUWIG@dx8e8v{yTz==tzG4u-leB+israyT zz@K?phs^r)9>iTUUbZQVJ9`Q<1+VGm>R*c{Udg-8_@*(WHkkpP?b_jVVf#V+Ao`Lq zm9ONS%g|~TTh@!!e7Ccioc6TR9IZTu_w)2-Br|uKGngrW4#uPW*VefFM!zt23^DzT zstZMjOuEc=B3?lg#}ui859^bU)$yQkKZHV1`feT9+nvypkj(vz9`*l2GpM}w^yLKK{d>pto zQ^Rn)?u;s`X2=?K6J>7px3c&$ronoo<1KdomDddNvhqo~b+Jg<9nY>tX*7pI@b%(? z3V(E1i_}?Esu?o$0rfqx@rsYyk&*RcIK{r@Hp3z2gKiwB#U5!uNft$c5Ay!r0$O?K zjWIa&OmhR3v)Rz>tR(WK3|sumoZ&t{(lOeXx+7CYpubhV@;vjM0K=5(^z)XWsa*#g zNiY6nl3k@IU3aIR;qZ39 zbPOs*FBvYFfHo7&Ib%?{C`zL~S;YGK)vQq3e`e=i8*&j;fRAoc%nNH2x%b0S>16EPWaF{ztPLjn1 zb27ql9QQ@EP~i?y-Q};;1&y4ab@!gG&)&^k$a$@^_C^Xpv!nlzrEt1AIFU5w`bWja z(PWJ}(^JeFA+PEuyr^+@;a<OO@zt_ z1rZqwhyk|!7ugf~JZ;xh#pOhyC(?1abw5;*h@3{DGC z))S&4%oCgo(cVE(oaN{&!<^|JAB zu|YdndD&e1>mlIUWeQ;-!X+jQh>8H>ru0<8LIeR27XB{$G!#mJ{M##t$%%BVJRCg# z6~<3P`~FQ(^6w1;z=GL+Oaq}uK(Syd5J4w}V8LKe8<<%ymM(@XNa7?zo`ZF;9I+HPVjV7=kJ$LnT`Vw^O; z<+A&;2)kCGOwWdPHm%S7gBZ%}Y(@!sD2o|Ij>*V-8^W8b9Q9|#gM_bHPoi^DBET)t({ zlIj|`-;}Oe`No3UWkIs9uB7>>Oz0<-$@mLNG%V6&s-dZ^f)iGB?=}}F`ApZnx?B!K z#`B@WqEjz{Vl6qww9NDnlU261W>=7aJzIG}YGhl(*7(-3f7A8&ZfgH4FVM+jH_5;H zPKb>AAek2YlbhTTHuI=1FKkuHi|&v7cFN__`m`2CvCvnV{_@K2Nj51vN*9_2i5=W9 z5-jDKi~X_=K3YV9p-p=%+M1%q1EMMiAO&lC?hwjg#wV?_g>gK8Gh0Vswu-=P)_=>a z<4>6V--7a;b?6UV{|B)Bk5!PLVT;3^7B%<&j;67arz;%vRh>&w_+VlBa1t9c&+9vI z^dhHPv9*t$jUEtFd)qWj^j;t$e2e(>q-6tRSMn?5EOD|?Z}~2$WF~1O_S#or_N~wO zyz8@~9({U}rM*s@9NWmR*4kpPu|oduzQA#msU^jCr5qpY{C1!pZ@qATKg5o&=gCtf zh4)uu?$7?u9Uw1{xwai#rGxQ$!>?Ah97(KCx%tSN`%;D<*l@3I0~_>pvGcd)BF(4{ zycFxkjBD6Ji}g>-m(tff)V!>l(jqGIoy8SYCF!=W8raoUoEfv-!E%RMIFF{U)^UQ@ z;TPu@4`X)bLK+gRbY^xcQc1-B#MTx-|FaY`Q^F81I))T%$+@G(BMD4-fQ?(bTP6R+ zMBwT-s@Y-m03w9$n8?kWND^gi{~4vKjG)b|t57QgE`D1;3kILVE&y=C4FU!cPSpgB z>YD~5^pc2w$FNbf)t09UiDg|;x+>32kM4xNP<6eLi<ijU7t5MR=Vkw6Tp$D% zk7sj{c%V_r1xzb3rIFF`=vQiX`j$u+$+69%4sdq8@lA&QrdgDEw~OIZ&DUBocH{?K z&rAz;I^yJg>!G&XJ?_MywdyuL!CA0{gow{L6MlVR$46b1m21^u?r7NYTJD0#sZvxC z=_%7oD21KAif0|{kdO1tou*Th;cRJIqqamVV)`1hTI;e3Hmcrj4yk#ba(=3}x{pWN zN-7m#U5LLK?j2?}+xK*Z1Cfy3C(aK8LK9@v(JeOvOZ- zxluuHD5c5CP)H|qu4DPXFr6$WP0z)&3uN)E%T>Enz7!ZPlz%@t**T|hH?Oqypy>wf zaA{bb(4=ILG9qbXtLjm%?iS)od0H8lFQ$&_`EBB--PsQ*@V59;^|)lx^mP0F zsBTL{qHZ-aXBkB=uS20%PITJL5k5{XB~rIpBTi2{`qif?y-#|Vt6fFsb)`mXha1Yu zIUn;4Wc!5#d4;K6O?v0YZKQr>b@UB+d0PXCuDopCb+z&L#wJd?utHl?J5HJ7K*>MB zMgdkofc-n+gK8go`Ft(a zoImSrt46q}R)G~$7i*|JiEW#z=4+}r81WaeI1fxm$)$P96EH*9eV?}~_)tgv4`%_< zXkNdVVv`5P$a+6JcUuiZm)oeQ_~7~}($=(ByOp`>Iv!QmWh1aj^%+r~LSD$FY-~#$ zB)yGvD6p=Ur63!@lwf`?W-+0E^MbH(88pp(nhV& z>7YL`EIm8+&OA2T^|PG&h;gt!V;iEo!TCcRj>8G&$h#)(YTOeGQ!HAT&+Kd)Q;2dY sV{<;tcz&sI=8P`&*?X63`{zV80un1cNdgL+-l8%`9e1Jf__ZQ`S`)$syy)2elDmDL75E|1q>LFi4poRVG94ORSAn>xPuR|oY z9*F33qUj*QcsJ%nCp$tRoc#sXN6EH25ZI}L7rv{hA(mN8k1FhLa?|;4UM^r+4;kBj}z>@Lc4gzSoZ&ILmrT`pHPFnc7d|Ear%Fj?YVq>H&lU+EgZON zL$j_|{`#BBz$a(v?|*`S$N8d;Uc&vS=oT|f(eg?5ntzHJB5SZ!01?NX0fp3}eKn7k zwi(z(Wq!2Jz~c{9A6GX`pssPg^AjaPVch^#DmFz=fnjbCxwSjSi9PDaIOXTi%g)gdLvv3@wsu%GTndRg@_{pFnqaRylG@xQZK`Pztx~7*EtiM zJUr%m&VQyrMd`jqVoyY!+qXE^+Y-;t{wivGS4*47ZvP98d!eZn&q|HMW(vvE=U3@*b+ye#FBLcsl z=uPqc#!0v76G_XS#D9LWD>u)6pVn^BJ&@%j27f_`%YL~J?!HX}%>T)&I&F9wTVug3 z_OkB`r;o0$0t2)%mI=Oo+83Q?N9`_lUZ1E5Ee>1s+EOvz-(WC~1A>L~kx^Eon|wr) zNR;fZG^G>{=V_7i1g7IU&mEaTGQMM8aMUDRj|_YqEO8i&tS#|PzfGbThLMUzGV7zCfVfA(HShSo79fZ#UT5%pRdOVdOCWf4X?s$9eVPDLUIlmjN;!0Xbc_iW9@bsP20?Z3HGFRI68%Xv)GJ;Y01$@h5lQjA@D%eMrT_{a7>vsjk`q=99XFP4w!M(&{Id_Bt!1eM zQNbPpJV%q^DLp?!_5`6+ly6JF+a4F1Z}s(hE&-hPu2(2QIWMsS)Hp8lx(1ee&dhP8 zGMg(t;_n{QiO-QA3TVFmfq%VKLG~P_3WHxKP|C-bM8}WP2%639%rfXu|0VxEQ`p^% zyNV_pFpxUVvd!-5%?SP+OqUgfJ#M24s$xg!=R)lq-5$f@O`(tc#4T_j`iS#q!00>2(oigp6f{^(+Pt^x;WmA;vWzCSLpv(a({R)EX@)8YC!_Tl0)e5}u!J??rPjg#IRbpXvq~Z?g7#*6v zRE-x&vC~Z;t`Q|gijiwTA1azyqsN)VG(X5Ehb6+b@8TO6MT2HHI*6>`T#If@P;X&A z@;;q=rFI>4RNA`okADt({SY{`pIn?0c9Hs47KAOsU0$=wBh%ay^Aneg@yLThh8Msu zV5rE7wtXsb#&5)nHxp=Z(tYQl&K&NeK;uGI&^!+1pv4Ff_wsOuYl7RZGU^0_1n&NaU*uKYogk;3+b{GR`%|fRi|?8r}Qyw?~Euqf_0U`^B_*iLt3*L2)&!FUnnp+P}V$aOza4Z`X}@gv45{TCa)Llm-av6NaKIZJyac!QY~X~ zM)@+$)rP*i3d*iGj(KF{vE>PFT`Scb_g0m}}7pkE%5eF;7p0P`|?*f?AC_>GJ#L=W(!c zXn!AyqWiH^UTyOndJY69}a!3dn)791hTQ(r`b& zvoe2iQ2fIYQ^s{`aVauPr@qSGSJwcIQ*u=n15CNn^a?Q>v1!Vl1)FD+59%Vvh{#x6L3~qnHt#8coUkDVyzRatb0x#$^p&Ca(Q1Ky=fZg` z^9@R1dCbpg73eV`-}ma_q(Ox}ZjrZfOW_WtbRT1~i@gKKNr^&r{wH+@1>kfn3V&(; zVXEaqR+!WYK4fjN43x)Lb0GT~xfxS%%WedO&{6TU{*!lKT*G;3*rju!e7v($G4zJL z#5F3t=nbD7{2V|>7%7<47b|z)X2IS37}>s!gd_e-My(f1P+(cgfMmA@&_&gZdRGFw zC6pXM2`(dQGk_G|sty#af!%gG0BiZoRWiTiVs z!`=HIsM57+oABKp$=Dw2&0Dq{@2>*9?VG$pjB7R> z!zWl1eYMT8BK64gc-0T0>@sj$*6$-EgR zV7!oV8Op7z;#b_T1_5s$=jfHPdJ??%Z^jG6f9>6$B7cg<%4*evSdl$r+v0JRmr2P? z<)$~=TbUGUM_R@G&tQe&W)^u!OpBtEsyJ819d#^+&;84g6xp8k*GnKLA0VGSky3k0 zDt}Y+ot1hoox8tW1mxut{yr4ysBo*+qMq(>^WC#k^sW@YoZ4Ksi{_EOn?u@8N}LpHk_`6U=mLW?fV~)xCCwJOl z9RyIsh$VN3sc1qW%^(Qxy{@O>^Fs_`Lw~jLI!(<_)`DwIXED2sF(<06F`C zqhmY-W0%*v)qiJ5UJz8zdAWo&z(q7ZuzjmwzT$cl6v)2Pd`F&?Pz%tuwd#CKZ+|tj zjQEpxN>oGTQND?FrZy{IWUWD>J3*RPfGTq(qrPa z#07D)Q^Cy;PCOv7cl+Vney0`7-q)SSW2}q%o7p@2$H^3+r-R$18Z><^FmM(0TmRJ) zCaS9=w&0unGOW(*4THc9J+{PfbbqTiDFUETRGPs}E&}dc@!yn;K}j(%BBRhx@^g&R zU!hgj_@kT>xt2Cma5Q;jh&N|Bgq)JeV2ksr*T1u=Gjn+lkzDu~H12Pu_OO-SeRb=t zziAZ&#-YgiRY>zd>*@brbw+ilw%lqPt4#%dPz3`uopgl=rt@wqGvtDgJbz~11|e;n z^(Fo4wrd5pENNvKMjmX0H7`d;%6X=~8q#$jm!VbYgtU>*QV$P+1qfx1w>F7EdkA9s zpFr_5HmCE~-k|4b`P-1lZ2fQKC)6zUpdiX04qUJ8^0)IovFuuYm1FUi&)QSXL;5?u zsWBFHlj!;vRL?{Mpsijz^v#U-ps)@foOL{oDk5Z!>A#Dd2KxS9lN$=@cXDbc z&P#&so)hFAB8SRc`O~?6L9dOjGg5Q(5!tgJchDd*=Xb1+D%U0aCbgH}}WM z8Mn>#OgX|01zVGe5impaJwj2hq-eQat0Y$Q=rifle$VVMEifT42?hl#4g&%j1povT h1V#{$TAVHz=$yqeA^d4(n?N_m1PC-e`~gI&Tw24_pL_rS delta 4443 zcmV-h5v1tvVg8$?YO@gQQc z3naiUeV(ueGx>%h3OTJ0GTv<2#U(X0=IA^6S$UF%B9yZr@TwH^yhnBDpq;oKWY2He z7u&qD8h`*D+JETQ2|#oWwygDrg@C$Flg8i|a+ArQ2o3Q8NqveT0`uZLic=`k+M%3w z1F_=brzIdp7yhaM`m_qwLw*lQq$+00?d1$|+EB?yRz-T`TM~(dU)88sP;-Unj~$!U zJ3{){&ClD@OLxq)iC6ME!gt)^ZLLy`AJd2)l9t`WMSq|pmlb6cYkxh$h7lJyG10m0 zHT2=6RZG37W1UJJGMYI4ua;v~^&Og2c;92_=(&+!?(>YylS*kS@;;NSK?YLVEsdt@ zKd(XUWvCnV)SI`!AnMZkL^LW^Wc)vhQ43|CG9s8-I2E`t3xMt@0j223hYUct44)z? zv;tov(|_@r?ur*gwu%8#mYl`vp=VueO=M4MFwC*acW&$&HW@yIrcP{3LL2pC1U*Dt zUuZbU+s#dBXbHD`G3;O@2ymn<)@Qb(8OGK)72{gm+!-~{svOuue!-P^tBLFqhuUTA z>`>i?$#XL+!2BLO5(x1RDf9ju+{FglbqaA=`hOY+@4ymEo2U!ssR;y1E>UmTnYmT2OIA&U14)L2cQO zQhzpwPR~^*a2ACL{$Hfeov)@lS2?2nAKd{=C>!8Q-mw2u0^yo^GUD~D3=mil^Wu_v zd_{_JcLjGFmsSM@P}Lym$n^FYN&d)ydO<(G8S`-f8`F z8BIInuW5W?zAtZYlO>!^mdwc}xtz#i1nktN{DX$hZudbd4K;Q_frK$52c>t{yr36r zJVFcPJ74FxZ;3Zv@ds(%B;&r-pMR@Vr!m&bh`4@-xFQ+5?6YU3oQDYyf30Lp!HUco{I}84dxx~n*<6>P71p^M8JAhCDF;>ENQpFIDhWd2J3_w z@0kuS3AxNeA+UO&esp;J)NR2)J*NbWOn;Tbkc7C!s1<*rhyeGb!61Ezn3s!}|9cX` z8*Mm+DU6k_4pFG~h2fkzrwhdkP_(dCM%-4211;z%z=jnDV?Wqt_O<#U3EwA$uWEN9 z?V5V8l@i|&?KtKS_y5YVAAg1oR8GgYBQx<1*u$a z$_fn=)OR2BRaJvjR2SK?HO-hO@%Khi6CAlUxhcl_Yd9Jfk2^Re@_&+L(2CDl>{I+6 zJ|wX_M;w*`^XLCOLuF19JcN~A8pB;&PP@ zc^_yh>bxb6%I4ZmgWrcZ7{shwQ&ui4YudXjPd|hOG*esu9vAIpY~;YQyUe7S2PPK- zn+h2#?PC3Ixp%01E`Ri_0wjyT{xeo-GrOUCzs1a}0$DvWFkR^Y6%q!Hd+gmrv7b3v zmvB@PYB8TBC62LqX=7<~SMY=@m1CM{Eg3=Y6||I*g6p47w78b?mC9zRhd<8d-e$VW!SH;}<+T;{p1BBYK9@ zVMbYO*Ucd1HGh_Otbvu~n)DA^7u%Dfk(|=1Zr-c|-To}Ca1MrxWvco=h zRcvk}!^QS`1uby6ZNO&zgSz)%5he=_r zh>{L~<{P25?Leh+bTV8wJ8VGAyR*b=f>OT za!=~@$}?c{7x*|_y;Z9JgI!p`OEK?Z`E&s(41bw!?QI_$u>}R5@{N*tbY`H?H_I&n zSA=`5_Z!T4LFmvbk*u8vmY~VbMQFRM{U`lx?pS{2wolHgcxr=(BT3%kbMBQv?^ZA= z94uXD?2|BS-lbuOpM;&?+!+!JdqthFE+lGu$A~A>kIe|>(f2qDk4)OV1co|pdl{6f z$bYI0cb`}iJC-PkDMJm;mdR!Mq2GALcDt{zLUtLj?XL*n$^T&B2jKSIgyhRZ4mU>_ zA4z4u14Y~xFH-)bIv3#+{Wuw z7bFHBvS&!yZ)D|G8aO%1m+$}4 z%$}ul>e9X5n179dlAA#Xs_2l6q6&Faw{F`9Yb=;E;8j;LdqCDujInqJBcpDVAex>; z_ha#8A7ZVI`I=Y{WTDaeDeDe;%ys;0S|S5&yYS5|8Q-+mTOUfS+Vqx4$2P*sUw;Si z`e~<{#ekaKX}0m1D3KDxdGHOLEPv|0De9@+a< z96Ji?{k`ODxfzpcXcP_ca{Ltt$Z~@q`VADIz1_wT``N+n*BQ8qvldjLa_Lz}pX7mu zqNWe>3TC^=y_PS=l%tz0zAg%P&41u~E+rh>W0^2A_ehC3zm9@A;_PbGWuaRLiaO^z z2i}&aoq{)q=ZkrI0n$uCIR;kk!Ojr+MYUeJ)c-G@1pgZIn;5&a7m9p>azFqXJRumz zV1xK*A2g$=8@n<5SFCufP*rChA4EBvx7-iQDN)a5*k$)V2pb_7a6^)fO@9K4o(Ymd z1;{&72y~p9OS3AQ`h2pBkF*OLB4{YRb&HUaM>Uk^q~xW>ZIC1bD;Sv(h&jGVZ>IiW zywRkVkXcU)xKKjlive%D1F0r*PF;Ddhg)hQvLXDCMoNOc8ww&Z`IdM|m^xeY!kp<* zI(nE@d2A=jdiT~JY*BM6t0(?BDeBKG(5!1UsidLzZWP|gq8Ktpkvn**PS^wwX@6x>{=S?1&Oo>VGxmiVkoJt4 zp$Kr%>9!;a7@j<$<(P|Pt2PuRKAp=JwG|*i9<4u1v)@{@4m9zaOh)zAX0ztorJj)X zWGikWvW_|qr_K~-DR;^X=${?+kTj;bVzEv|RW}!)PTe$ItIRYmAbd?VOp5y*6InuX z@s3|TiGN&m9peL={KBuTK6Ge5g-imqsm)ewWU72dwYKXV^$(xfR0oB$F}T*U6953l zD8@&pM53d(25f|XVTEV3m+v0-27`J=%%T`Iffx@-gs`jn80~;8B3&^VS)p<+tpEtE zGUX86#+lfT>g^r!N5iR~khgs!-A>eySyPKxd`OpI%jIgf%2Z2+IWfi;MEay=?>wvLOd zxf=yPAH)H&r(`Pw$y(WwUCdHyZAob)tuP?YCdE-il`(M?1ieCcX(M4NL8}#xsvWO0 zJb#tRrSOhqgbo)Qn_ZbW8JEF{m6$}L0$L_(IA}K*stkL^q_Yjz>fN?h`M&edmb$;4E-jo^(Edpyp zbL1~GPo}QQYAVhE4|PiQ>200o>n?9l_Zv3Dk^_rp9%6G8^;_J0s=DShS7_u zT*f%OuCCPuw>gb9WAw-TW7nU9T;L*U%cCkp*rVioiX~D^rnK}fhs5tJ~9z{9zG9*wh0a1AnQ=J1+>SlIVJ+k6QLvZ&dNWQvRBo$3!Dat0vZO z6P@O$9bX;oi9KxW>>I~O1iq#|3QI&7pt*= zamR#7C!{`#FCROk()jkSWDfM$#W{i}I$sV-M3Gx4#ZtRcg$yiei0y)ePKb-z7=Vpj z`vojW=_!xxDSQ(#ZT;wLBVg_x1^uIxJLeyguA*B|7s@T)n%EEMEQd&z$PU&FP(m=g z|2_OWp|fb3zD!QeR*xj6de}(>NgiDjkt=5at>l!l^Qp6K*ZUvb=`mKYJ}P68Y?IER zeI^zPs6+o+_8pUn5imn+XN)>ST<^@5Gy0+)@$2D=Ln8YyEifT42?hl#4g&%j1povT hOeZEfKq0t-A`ch>a4}cO{1PEbZ-i8v(mwTybVV?j1 diff --git a/molecule/default/tls/keystore/server-truststore.jks b/molecule/default/tls/keystore/server-truststore.jks new file mode 100644 index 0000000000000000000000000000000000000000..33ccc9286de016d7fdff36d44722b5517555d5bf GIT binary patch literal 1022 zcmezO_TO6u1_mY|W(3nbnRz9tMY*XdnTaK-K*3tou&ZqhtPy&q29^vA%sUO5n70}< zG0k1T%*4pV#3aCAz{|#|)#lOmotKf3o0Y*J%aGfElZ`o)g-w{rEy$1`C=cXt@UXcR zCFUik8uA(NfCSiiSOXG^GK&p`3m>4$}F=iw&0|jwjBSRoC zH8L+vN>pL9S%x5%WX}9|gFR4VoC0kVArzm4Ug5 zk)Hu5&c)Qk$jI>g`QK&xPajSZOmq@idcNHA-gM_X@lmZentJYQm7n{uX8typgJ&d^ zBn(Www(PsedRecn~g6^l!?Iy+Mzo8CKk$dZ}OGkCF1b@81@x+%+jW z6J)*eboLw7_wIj^{7pAD8CLE7&Gwvc#){?9Hd);PhrR?)N_tT7xglNqRBxX1 zjqg>fGnv-@RDYkDXIK9%=;DSa@3J_P{%UA*?>{sBVs)y<)At51C3g1Tx4hR8%m1as zW#`q1?MjWyga593H0xQBS4q;onQiMA=a@TtT8q4w4@uv-{$GSrXp=@`e9o0wPj{*@ zzF-r&|L|+ihkFfsCMO2m{;+-qr#TZdBLm~&G=mgyK+5v5h_Q%BPH$TAKg*}xB7a>? zYQfQhO*%qT4CH~~EUU~SVIbBZ@{_fol+`*pBIA3qr<<7YoSo~vRv8F^6bLgi{%7GZ zU;|Q2j0^^RATfTB7z;36wjsv^Fiiquf{`J-EAd^i2WP_0WwSgr&5BM=KGWzObV=yV z65Fo7_wW7RBI`e`xMzaoezB>US94CWPL;T{FDW30oiQOKBl45`%nhlZUe+uQzt*z1 zZ+5Qx`Gb>O7Msq!K1)ma^)FN_UgL zJWoG8XG!HO_chn)@NWt1zI0^8CTErtVk*L)Vt(Y=^D5WdESFmF L{^x;zcYgx_LZy5N literal 0 HcmV?d00001 diff --git a/molecule/default/tls/keystore/server-truststore.p12 b/molecule/default/tls/keystore/server-truststore.p12 deleted file mode 100644 index ef219d91646db947a349916513515f4c36612e62..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1258 zcmV8Duzgg_YDCD0ic2ekOYDRj4*-(h%kZ#ga!#JhDe6@ z4FLxRpn?Q-FoFbe0s#Opf&^*?2`Yw2hW8Bt2LUiC1_~;MNQUNteP7}13;W>R29IHJ^xEZbpnxg z+#eVNKpE&A(aX=e$hoX7;FQv;cbPL@Lm05@W;?HEsomiXw;#Xu9}6zG6}i%zx4nC= z>8*eZ)fISkj8ujG)wypmgisR6Xql5F2ZrS zQ!3jm1D;oJ5k^rHB1gqul{e*jDXY zk@OhNj%7cr0V&g_`&`wBUSB(4(S3NyB&3-wE)v5SPX3WzOQ+r1rE}*A93miTH6_Qo zv5|_$OoZvBO_EnuZeUr=^-SRfzZ|5&!u6>%vqE}3$-^-L(|EIa(@js?m@`rSk9#*U zOFd(mBJf7qvQ#z=o|iwT@_9h30|MCj>}T7-D;6T^UCT?MR!-e49syC#aM9WR8OYEf z>dGUj^%~;pEs7kdBbI7Ymo^^YGEZ#A$jVi-vE;Bek~hF24^ZU;i zU+~-<)g%(k2-gBJy0}u>^x;v3Y4ub8kW*Ap^g-p@7m=EC2ui diff --git a/molecule/default/tls/keystore/zk-keystore.jks b/molecule/default/tls/keystore/zk-keystore.jks new file mode 100644 index 0000000000000000000000000000000000000000..3addae9a29839423fb0fc5e531ff5a6eb8de1675 GIT binary patch literal 4204 zcmd6pcTiK!8pc!U5CxEzYGF_Ae09Ftx@@7`~oq4 zlrT)tYFr%zf;Pb*q7$P6!@#1D!(cER1jE6;Eb&XCNmY;6R*z`32`D-dg%95t zBtlwG(u9)p1JjEO6ljo92&D&dwVWZO02uRHM4=J>Ma*Jv$A-(uV6TV1X{$7Wx{kkg zZ!uR-mfw5^=5Nn+G~O1Kjk~-Qd+GFMO5mmC&nb|jQ*_4HH02pO3*?gNPrL{xx*$cB zF}~5JWh;eYqX7u&UE6$4G?Q49K>_VV4Q|~&MpoVF)Po_RB*HKQh-sM20cfJIOaKl4SbcrfEwJg_0 z!k2EYSJ1@?Yp7jS^f&H3(~DsO@EbrXgC38KK= zwDZT>vx#T%8zo63i`PibvQfUlrtvF>$sby%BkyshUf`{-k0|wnc49mN$tiE0Z#2y;g{Wf9o*rJ>D#2gGGoE6h8G2I5{Yg#^Qtg!0LX)6s z?osTK5H(D~hxOK*)Sb@J&^1*t4c+sz3p2H>h_2aN?;6zn?&I&lQx_8d)ZN*Y21BDuCs{5)m2~)9*0JOS)-UxMV@2Q3X^d5)7&szk4AH&N z9;xQ8#8D4-D^)|r%7UP_<>b)M(Pc*fjgA(qo0ce{E^vZYppi7NeNsr!e1BbE$e-&J zhm`-@(iPic!gM1<7@DQF%+V*!*D#`92W`KjP$Wu!?g zFan9*34f*GJ1*?73x)O`**`K-$=Qb*!y7w#*@hpNuzz_)J5Ex*jq7{uh6Zee~45o*J02gU`fR+ks38P|x=$c6* zDDNo&4Fi>~AKJ?iBh3sP`XSIU&}w?RIb!$>1DyWU=zrFDfnz`VK^fTey#g?PSd5b! zIsn7>*GB*!JEM#=<&u{Hztg7$Os|1*tW zruN4Kp$w3#9smw3@UsP!0|JTzBR~|L4uS)NL0!8YBi-n;(C+@@cyUypg{Jjbso@qK zBwY;~xV17{yp4eR9%oYjw#Lnk7nZrxh|fn+iL5u7W`9SKUbm$1W`J z^h+4Y<5t6UQ4h?xl?LkJifl$i6I%{p%{wC9M^75`&)aRvzZqk7jcH08Wr&!Oppj<__$cIAWE(5!fqe6xjGDXz8oDwlelU!` z4a^74H|cUO_8u*ipv}o`Cd3?M;K)-1+eCElLr=2a;?eaK-#AZ9N!Tkr&HUURYj)Lg zPxkKnV3+$PMF}~?n-y{I?QL*qWaz^n2owwgm#PBFfD*;*V~1hVfD{gK)!W+xgYm)m zNdS~3lf^OqEl`&9=TJrg_}O2|7NhtJ1{ovu7m*F#ZSYAIEkzV=H7!YpYhv_BvsMLm zf&TiVIj{P6O%9D+M>wUQ#OmFJMOHDz2-@$@^>5^!>v)7n&VC+UZ*ZZ5%JCMj<+0nk zUv7d4hclzm_tFu#BCpF(a9baZaWl7Qgy(0}WCkCQ*?f?g&$z(xFuf$dS>DQ=ir+Le zQO7R9o9zCrH-C}%a`wV`4NuokVaJ*6$LlkWfBYU7)r5T1z31q zXw`eBoH&iRJ#?s#%oS#YY&kBqF~0OSk^~Bp%@ic_|3nh>55EBS{}Km(pbY&9+y8*d z|5<_f6`3DCkSn_SA2}UHYq6FO2I)^{X-}c-VkdCPGonEQ+jWKaPxn0M5a0mh4VpTK z;iHmqF)P&M-R@7`E>+hd`!^;!%;wI6s@`Odr19;^9AEjiRea*DoZoXZmFj+vCBap_ zJqKg?yEy5qZQrRrFlAR&o>z5GGI>Zc$2-hk*@$!zdzO-_$9Q?qM&#SoS~p1jj_|6R zmwLpO+3=nD6?a+(vWOUc*Ym955RAyeD)5PekT!F2`r1VVDd03=%%(*ks?wZ%`+e@B zpFw~_XHHy0si&g0z6$FquZ0VtVc$l;5+@Rc@_d=QKoA0dq+*_Vx0$>)9oe3NHhHtw zkWH)jJDJXa({Gjb7!!;Q#>$z6t2%Huj92o$9g6XJ?9(XDd;{S90q$`a2f!A|x&!yQ z3|DcqasB3~ugk`Ai_lIZP zUhzLedx=nytB+Lhdz$e)>a5ua^HP~wB6()|py`Ymo^A*j?l64X)=*ZmlP(~N?GyVkF zrkKz@%TBWGaDh6DHSq?Tnxp071BaRh0Yv|*py~|rwm726G--rb)u;{YWBZ%oehS0A z6owmqXP7l0vU0(m&U$6$lwp0S4l`LZqNM5{4*s7}{lBa+zXE&cV^Q=rOT8jnb|#lB z=vK&wVyX{Tv|08sdhh1i;9u20er@u{&XAdEAqzEP0#EWLlM^rcAfOUDIhq=b>KVNs zapK>(ci&~co=$!&nUDOac^}(YFF9PUH99fTJFR`bxVnebDZw&a9Zis)Pzl#%%lx#` z9A9L*!glm_PK|JoHvv(rOr83)AeM2-uODx`H0_SNVS4|VPz__h zs9SkJVPejk?X7gptZSxShUsR;iFcMK&6dsB?|aG3n5vFE7;dk*EtDiSP!Jp$9uRH7 zo7omDVtw}L!pnOMw~6hvrdp?pPZ*4k+Sq!m!^)lQT!b`s!c=|-+Yvzj1opq>_LpEI z{sJ2gKq)N$Csbe5UtcnKH@`O07PIkg&KJp0P2ZZa=Jc|Y!E||0LN?_BOttfZ%sr}GIC(+>KO4|?{z1CnC zUuQ!rtg>SQKB9G!t|#ZtdSlU96TjvYr{Zv#t$7Ll(gAw!3vk`(kX$0&P#EC>PgwyQ zcZU7R%-mZ(@r~7YGu8*%ous@2x_o>{{9_gpCNzk(Uh)sk!7m@90yXRE;2SE>*yXd02m(8;@*y)PdnOnWYG3^9wjezH7UhR>NH~XyF gC8JorjRQE>yi7=o$>YfmRSP-xX&RD(n@8xs0F)f0Bme*a literal 0 HcmV?d00001 diff --git a/molecule/default/tls/keystore/zk-keystore.p12 b/molecule/default/tls/keystore/zk-keystore.p12 new file mode 100644 index 0000000000000000000000000000000000000000..3e29093dd36e0ead6235cd71877d71ed394376b7 GIT binary patch literal 4572 zcmY+Ibx;%xw}*Gxr5mI>7LjhG8(cc2OG3I!rMtUfX%LW-M(J8gN@_t6SUROa>b~F1 z{pP**k8{q<^P4$;o|)(Hgc2^H06{#Vge7R0Y>{swZ*YO=z@kvXG;k2|M2rFi{4;R=O@KU9XjuQd0SAc2gA2y6R)Nztw|9-90D-}w*y~Rxl9UGy zz8`Mt%PDU)8lOnuqkjJRrXD!DzMLY%$CUv=TSbWrOkXWA1SScMutodp&xn;qzY1%7 zp3BW6yPDPc!YI=@kPutD&4m2sX8T)1}CXosEXYDRrHK_~?OUO?N z-3ou$YAV|4%rmQQXRT_lrzx<&mLuoSe!giSUFkGmcieiH&neaTB96fdtsmBp$zPg0 zuTEQN60gUYU|btFVMw?8-3(x!SP_R7Deke&X4`$L+Nvd zBw5IdDm6P@f@biHTu9aN#DdU%gcqZc0Np247}o%EhVPo7x2I3;Yg5NfBMUxeh6C4Tp2BqC>8=9{`^6L8R)6p%fY4sYYvg>j`l6;ne(B>0w88 z+f~?V`&Z9${!a(vm!1R=M!8MHlbTVx+xAhu;h-ghtw#=Ss}4-9*mjDZI>o7Tx-w+A zAHqT@?_%8wPxgg|E85>~K1X%4pKry%s^iXX$@dz?w<6_|*5|{I$>YrjQC8k?Wyxn1 zGjzV?L@l<_GSG_a`k`WIk~LfWbc@>@i!d2-doho~c)1Lxi4R-F8zpH*RUG3xF~d;2 z63~+NW=7-nD^Sw68O8oU52T@OiJAi=_(x5NVw~2`aOIOC zwJuMbM=yo+S1ka8BBumnqli|01l=$4of9>S%#EFNAq2Tp)~~k9K6vO}$ht=DL_@W; zt-;8Lcck}y4#ph|$QMpb*hluSSs({4oUCN{xk!fEQ+MAjRs*zzczmRxVJUc!*5=M(pK#W0T0eUUhx_JP{_rYT^ zb#WYOS^0Jub80_|f8}|*!z=GMQ*JZgP}fQinRKQIvW>}UvBntLWX+52{e>x*{3O|o zFM_lNT)yOOT0 zVP6w&Kg{q1e!!pfnr6(nILj6EkB@R@a2?=DVj4e_Ii}~wjoMj%zqs z)&6lX+JTq~7u<BV6-l2U|s=B^8m#A%0uDmc1zKfC35z_o6HJ3FZt%2;e?&%B*+n$_zgoc5J@hVrl*ac-s0juyp`+5#%PQ9 zpy*E0e-Wo^?ubmjm-wJrGFCt4Rlmfh-Gr5WmcKE(hWYPc+_3=J&lzv(z}vI496}8# zkB#sF6OFV?)VnU(@(J)7)f#QILRx;veg9sbsKTLs^~TdE)(sut3oAMbUr09#yjdX?YMy$qiebUjoA-UmxPBR zY$IxMD_0`QSISRY&soS;ijK^mBKllzk)p;lCc(zQqzG9}%3rzWF`Asq@ylIg1&t)) znlf)nw2PC*?}R}#-h9<^k*SwiA{3Z%Oi1`u^UGnqW`6{(SU<&P@gGGgp!&357T&7c z*>uS@VLquODVEIS1d=%RkLRA7{)Ypej$jtdA#rkuNhTkM#s|}!$Py`@i!;5=S0;}= zqeMnzh31io{7aV(L$3+R#|PC&L!_--K`tfH1_$rCg@i|X+lLl8%Pm3>{i$f6hw)F}Er5 z6dfbpi9{}tygWiyo^#OzVHt@OlNRu4E%CWhw$&zea_7HA!#RD4^@`*b|ej zi*6XJ>YfZ(=c}-($YnVDv*329~S=<7xuY9=m{IW^?RfKmu%lEj~0V4HR-+akB4zvfjtY!%($md!HJCY02^FHd2 z-ml|D>FFTxmxa{$RyAiJ4bLUr(x0W>0e1W94ar$GUxw{^WYl!)0*_U*X3L;S7>OmO zzD~oJrN=4X9_%lF3z29=r1moYX)u&K&TeCFxe>~)kaVX)a1TtP+DQ?dzwN$Rt-pXd z)Y{xQD0JOpyi{iJ*lzYZ$l4Uf?HL{sDr=h{Xzb!%&bGO(EDiBBK7L_~zIVX?DEI$OA6NO%dp16C7ZPp^l#3cuEL3!rDXsB8 z6^=d1N40tnumi9%lQNb;auXqW)W6S9)^qd8jFE>E>sW-bTT2RJ2wZYebSfW&0QK&+ z>ELUbx-{YO0yc3FXp%|XF3e9<24c7T4j-?eQFL}QM7|icTV}1uLlp~SmK*#fP*&i5 zVru28wVAE{SJuc7lt$GX*#sv$ce>2w0;}g8+XaG{>KP34t9ava5b){?dz|*&(qg>i zPM1TnwngXNzF|ls)7^GLG5M+Zw0L@iDyz6l3x`iLPAW3+l0T!*jC>3Ii&R>;pzf(R zOi??gvkMp+Q;_Dk3*^!{mnc-i-Bm#?NILudb@olkn4CaK?KjhcLaq4{hSOr%mbRbG zS>6l-;U6|~MJc1$9_3=4rwc|)XlB!i&AIumJlGBQP04jCM8F1dA@BH8M?=JL!W&kS zZk;muHWomnZ8+{!Rp~D4w~joasHXqN2Z};b)xn{t%Ku=+e@Ye&`@eR81w<(d1t0T- zg7^QQG=Tmi4P1Fygs>+`n}4JM910$hwK*ZOP#|fZn1?O=lLELCY>(yWcl~tJn#g|)}Q{eeNv@~kDTA)(g_PvA-#5s zqW`E8wDlz7Tz$S0OC|0ZUr7Q%V6mpIaX{0bOau?D8irp99L!R2qh)6-Dj#O(9L=nM zhN#so$#OgUDT7PSvvD5`&F*i8C#Lq8ad2W<&<5Wi+@obbR9jNt)$klxbsi76va35}t^ooe-|Ih;HznOml9 zA+g<0V%HP0CC%&{{+LqQ3lzt*KXz=2+rBC}EKUCu%B{-xs+?y6zr7IIh_RT%?XO%F zmDD;xm=b|$9IY>E2|oww=lg#R(IRkq+_e#x!s%M&v*{1CfWLvRL9I_4c92w3ATSPWtcS^HCfW;WSNX%o#Ug#C+C8eup|}70aVj`k$$V5&t&d>0{3aM9kJ-bw2Bzr%lU7~6KOk_l7Fa)2B$8VsrnQ*6DS3AUF zoId+{R~60iGiq$CTf_?%t1D8wVHNkEMA=2*Vlehk*CCVHs4sEb$ZaibQ?j=NTr z^0H{mywWa4CA={${B}-$btjW4_L0#PLs0|*MFS?CFU+KL$!FN%EC@d$79&n%s>ybkx4-dOG`r$`i_oY8{p zYHh*6!$3k>H&?qe`-6oD(e^a$oTDa1l0MK*==(}I3bs4aDcf5;z%6-?j*EcaJ1qB3 zfv}oUzAyEMlZF8hl3yryVM##2+}M;DW*Fl@iD|CTsBQ zqdjA%a!-zpd%aaLE~1^lT8ijCn8M20m>UuK%7#CPNv7N*BHI;l#M+Y zjFnX5h1ak|bDPy>>G4*=ckPnB@(~(uk3K?HFElSuLt#&oK#ipuOn}MC;3as?fAzAU zQC;`3H07Q2z5Z7sr%k2uqFUU{Cj%!vdwKk2$3NZ6`;d=x>ca*t`JiuSv z&-2wl&sT`jvq~jPC@2e|!&B+xH-w&tL(>J?JDz)L2 z{pZyE_rrquf)|e#2jB^?0eAp>{?mDw{tZcZNx?4;D`s;|A}iF0yBLkLQKU z!^y+IgNcU9jt4@aLf_! zVw$^vnTe5!iAjLLfR~L^tIebBJ1-+6H!FidmLazRCmVAp3!5;LTaY0?P#(zP;9+ws zO3X`6HRLnk0SU14um&U+WfmI>83=&*Ts)kPIho0+3O*$%Ffnc{V$4Wl1`6W5MutFO zYGhzyY+xQG!Ea;;6fiI{f(jU<6L1Z&w#ysHf?UbWBj$+|J_>Lr8#FO0A%_GbD+6;A zBR>OBoQtW6k&)r~^S{gXpFW%-nCK+3^nAJJz3I+(;-gw`H1*uqDnIvQ&HQaH2hT_- zNf?-VZP|B`^|D@D%RBbJzYe_2PhT;C>EDzadxIWFGpx8h^-{mWA0y>=-@h$Xxoc8% zCdhi_>FhVE@7@0-`I~NRGOXJDo9#K@j1|kHZL+!p4t)upl=PtDb3?lJsop+!-qJr2 z8sDo{XELq*ss27Q&#wMk(8Uc;-eqwn{ngOs-hXEL#p+azr|%73O6=^vZ+WjHmj6qM z%g(D2+m#xZ2mf97Xx6hLuacyFGuzfL&M|lPv=(_UACkUv{l5sM&?b$>_?#=Vp6*m* ze8DDk|KZo35BD1OOim2A{bBtKPID$^Mh3>kX$C3afRyE95n~aNoZhtJf0j?XMgF>) z)Pkc0n{{>anA(F{bExyujZU$ohor@Us6C0J7YpfM&u{=nHy3+y{uUreywG1 z-|SrX^9LunEH<5ceU_H;>uY)qER((|lkf5J6?V%UmF^~g zd7gfH(!Q{&sJVO#t(LRh+^=w8_6MhPdHQ6K8{kWK=u;795U)RoMTz{q4GV`Vfdlc_v`Kqn9IdtFO$cyvr zgu{