Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Hotfix for secure app update |
|---|---|
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: | 7db359029c846eabbb86fe6dd4f4a41f24591a39 |
| User & Date: | kevin 2017-04-07 22:31:42 |
Context
|
2017-04-08
| ||
| 01:53 | Hotfix for tls issues on macOS check-in: 5124af622e user: kevin tags: trunk | |
|
2017-04-07
| ||
| 22:31 | Hotfix for secure app update check-in: 7db359029c user: kevin tags: trunk | |
|
2017-04-03
| ||
| 10:09 | Update ssl bits check-in: 6ae661a85d user: kevin tags: trunk | |
Changes
Deleted maclibs/tcltls1.7.11/pkgIndex.tcl.
1 -if {[package vsatisfies [package present Tcl] 8.5]} { 2 - package ifneeded tls 1.7.11 [list apply {{dir} { 3 - if {{shared} eq "static"} { 4 - load {} Tls 5 - } else { 6 - load [file join $dir tcltls.dylib] Tls 7 - } 8 - 9 - set tlsTclInitScript [file join $dir tls.tcl] 10 - if {[file exists $tlsTclInitScript]} { 11 - source $tlsTclInitScript 12 - } 13 - }} $dir] 14 -} elseif {[package vsatisfies [package present Tcl] 8.4]} { 15 - package ifneeded tls 1.7.11 [list load [file join $dir tcltls.dylib] Tls] 16 -}
Deleted maclibs/tcltls1.7.11/tcltls.dylib.
cannot compute difference between binary files
Added scriptlibs/softwareupdate/curl/BUILD-HOMEPAGE.url.
1 +[InternetShortcut] 2 +URL=https://github.com/vszakats/harbour-deps
Added scriptlibs/softwareupdate/curl/BUILD-README.txt.
1 +Visit the project page for details about these builds and the list of changes: 2 + 3 + https://github.com/vszakats/harbour-deps 4 + 5 +Please donate to support maintaining these builds: 6 + 7 + PayPal: 8 + https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=2DZM6WAGRJWT6 9 + 10 +Thank you!
Added scriptlibs/softwareupdate/curl/CHANGES.txt.
1 + _ _ ____ _ 2 + ___| | | | _ \| | 3 + / __| | | | |_) | | 4 + | (__| |_| | _ <| |___ 5 + \___|\___/|_| \_\_____| 6 + 7 + Changelog 8 + 9 +Version 7.53.1 (24 Feb 2017) 10 + 11 +Daniel Stenberg (24 Feb 2017) 12 +- release: 7.53.1 13 + 14 +- Revert "tests: use consistent environment variables for setting charset" 15 + 16 + This reverts commit ecd1d020abdae3c3ce3643ddab3106501e62e7c0. 17 + 18 + That commit caused test failures on my Debian Linux machine for all 19 + changed test cases. We need to reconsider how that should get done. 20 + 21 +Dan Fandrich (23 Feb 2017) 22 +- tests: use consistent environment variables for setting charset 23 + 24 + Character set in POSIX is set by the locale defined (in decreasing order 25 + of precedence) by the LC_ALL, LC_CTYPE and LANG environment variables (I 26 + believe CHARSET is only historic). LC_ALL is cleared to ensure that 27 + LC_CTYPE takes effect, but LC_ALL is not used to set the locale to 28 + ensure that other parts of the locale aren't overriden, if set. Since 29 + there doesn't seem to be a cross-platform way of specifying a UTF-8 30 + locale, and not all systems may support UTF-8, a <precheck> is used 31 + (where relevant) to skip the test if UTF-8 isn't in use. Test 1035 was 32 + also converted to UTF-8 for consistency, as the actual character set 33 + used there is irrelevant to the test. 34 + 35 +Jay Satiro (23 Feb 2017) 36 +- url: Default the CA proxy bundle location to CURL_CA_BUNDLE 37 + 38 + If the compile-time CURL_CA_BUNDLE location is defined use it as the 39 + default value for the proxy CA bundle location, which is the same as 40 + what we already do for the regular CA bundle location. 41 + 42 + Ref: https://github.com/curl/curl/pull/1257 43 + 44 +Daniel Stenberg (23 Feb 2017) 45 +- [Sergii Pylypenko brought this change] 46 + 47 + rand: added missing #ifdef HAVE_FCNTL_H around fcntl.h header 48 + 49 + Closes #1285 50 + 51 +- TODO: "OPTIONS *" 52 + 53 + Closes #1280 54 + 55 +- RELEASE-NOTES: synced with 443e5b03a7d441 56 + 57 +- THANKS-filter: shachaf 58 + 59 +- [İsmail Dönmez brought this change] 60 + 61 + tests: Set CHARSET & LANG to UTF-8 in 1035, 2046 and 2047 62 + 63 + Closes #1283 64 + Fixes #1277 65 + 66 +- bump: 7.53.1 coming up 67 + 68 + synced with df665f4df0f7a352 69 + 70 +- formdata: check for EOF when reading from stdin 71 + 72 + Reported-by: shachaf@users.noreply.github.com 73 + 74 + Fixes #1281 75 + 76 +Jay Satiro (22 Feb 2017) 77 +- docs: gitignore curl.1 78 + 79 + curl.1 is generated by the cmdline-opts script since 4c49b83. 80 + 81 +Daniel Stenberg (22 Feb 2017) 82 +- TODO: HTTP Digest using SHA-256 83 + 84 +- TODO: brotli is deployed widely now 85 + 86 +Jay Satiro (21 Feb 2017) 87 +- [Viktor Szakats brought this change] 88 + 89 + urldata: include curl_sspi.h when Windows SSPI is enabled 90 + 91 + f77dabe broke builds in Windows using Windows SSPI but not Windows SSL. 92 + 93 + Bug: https://github.com/curl/curl/issues/1276 94 + Reported-by: jveazey@users.noreply.github.com 95 + 96 +- url: Improve CURLOPT_PROXY_CAPATH error handling 97 + 98 + - Change CURLOPT_PROXY_CAPATH to return CURLE_NOT_BUILT_IN if the option 99 + is not supported, which is the same as what we already do for 100 + CURLOPT_CAPATH. 101 + 102 + - Change the curl tool to handle CURLOPT_PROXY_CAPATH error 103 + CURLE_NOT_BUILT_IN as a warning instead of as an error, which is the 104 + same as what we already do for CURLOPT_CAPATH. 105 + 106 + - Fix CAPATH docs to show that CURLE_NOT_BUILT_IN is returned when the 107 + respective CAPATH option is not supported by the SSL library. 108 + 109 + Ref: https://github.com/curl/curl/pull/1257 110 + 111 +- cyassl: fix typo 112 + 113 +Version 7.53.0 (22 Feb 2017) 114 + 115 +Daniel Stenberg (22 Feb 2017) 116 +- release: 7.53.0 117 + 118 +- cookie: fix declaration of 'dup' shadows a global declaration 119 + 120 +- TLS: make SSL_VERIFYSTATUS work again 121 + 122 + The CURLOPT_SSL_VERIFYSTATUS option was not properly handled by libcurl 123 + and thus even if the status couldn't be verified, the connection would 124 + be allowed and the user would not be told about the failed verification. 125 + 126 + Regression since cb4e2be7c6d42ca 127 + 128 + CVE-2017-2629 129 + Bug: https://curl.haxx.se/docs/adv_20170222.html 130 + 131 + Reported-by: Marcus Hoffmann 132 + 133 +Jay Satiro (21 Feb 2017) 134 +- digest_sspi: Handle 'stale=TRUE' directive in HTTP digest 135 + 136 + - If the server has provided another challenge use it as the replacement 137 + input token if stale=TRUE. Otherwise previous credentials have failed 138 + so return CURLE_LOGIN_DENIED. 139 + 140 + Prior to this change the stale directive was ignored and if another 141 + challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING. 142 + 143 + Ref: https://tools.ietf.org/html/rfc2617#page-10 144 + 145 + Bug: https://github.com/curl/curl/issues/928 146 + Reported-by: tarek112@users.noreply.github.com 147 + 148 +Daniel Stenberg (20 Feb 2017) 149 +- smb: use getpid replacement for windows UWP builds 150 + 151 + Source: https://github.com/Microsoft/vcpkg/blob/7676b8780db1e1e591c4fc7eba4f96f73c428cb4/ports/curl/0002_fix_uwp.patch 152 + 153 +- TODO: CURLOPT_RESOLVE for any port number 154 + 155 + Closes #1264 156 + 157 +- RELEASE-NOTES: synced with af30f1152d43dcdb 158 + 159 +- [Jean Gressmann brought this change] 160 + 161 + sftp: improved checks for create dir failures 162 + 163 + Since negative values are errors and not only -1. This makes SFTP upload 164 + with --create-dirs work (again). 165 + 166 + Closes #1269 167 + 168 +Jay Satiro (20 Feb 2017) 169 +- [Max Khon brought this change] 170 + 171 + digest_sspi: Fix nonce-count generation in HTTP digest 172 + 173 + - on the first invocation: keep security context returned by 174 + InitializeSecurityContext() 175 + 176 + - on subsequent invocations: use MakeSignature() instead of 177 + InitializeSecurityContext() to generate HTTP digest response 178 + 179 + Bug: https://github.com/curl/curl/issues/870 180 + Reported-by: Andreas Roth 181 + 182 + Closes https://github.com/curl/curl/pull/1251 183 + 184 +- examples/multi-uv: checksrc compliance 185 + 186 +Michael Kaufmann (19 Feb 2017) 187 +- string formatting: fix 4 printf-style format strings 188 + 189 +Dan Fandrich (18 Feb 2017) 190 +- tests: removed the obsolete name parameter 191 + 192 +Michael Kaufmann (18 Feb 2017) 193 +- speed caps: update the timeouts if the speed is too low/high 194 + 195 + Follow-up to 4b86113 196 + 197 + Fixes https://github.com/curl/curl/issues/793 198 + Fixes https://github.com/curl/curl/issues/942 199 + 200 +- docs: fix timeout handling in multi-uv example 201 + 202 +- proxy: fix hostname resolution and IDN conversion 203 + 204 + Properly resolve, convert and log the proxy host names. 205 + Support the "--connect-to" feature for SOCKS proxies and for passive FTP 206 + data transfers. 207 + 208 + Follow-up to cb4e2be 209 + 210 + Reported-by: Jay Satiro 211 + Fixes https://github.com/curl/curl/issues/1248 212 + 213 +Jay Satiro (17 Feb 2017) 214 +- [Isaac Boukris brought this change] 215 + 216 + http: fix missing 'Content-Length: 0' while negotiating auth 217 + 218 + - While negotiating auth during PUT/POST if a user-specified 219 + Content-Length header is set send 'Content-Length: 0'. 220 + 221 + This is what we do already in HTTPREQ_POST_FORM and what we did in the 222 + HTTPREQ_POST case (regression since afd288b). 223 + 224 + Prior to this change no Content-Length header would be sent in such a 225 + case. 226 + 227 + Bug: https://curl.haxx.se/mail/lib-2017-02/0006.html 228 + Reported-by: Dominik Hölzl 229 + 230 + Closes https://github.com/curl/curl/pull/1242 231 + 232 +Daniel Stenberg (16 Feb 2017) 233 +- [Simon Warta brought this change] 234 + 235 + winbuild: add note on auto-detection of MACHINE in Makefile.vc 236 + 237 + Closes #1265 238 + 239 +- RELEASE-PROCEDURE: update the upcoming release calendar 240 + 241 +- TODO: consider file name from the redirected URL with -O ? 242 + 243 + It isn't easily solved, but with some thinking someone could probably 244 + come up with a working approach? 245 + 246 + Closes #1241 247 + 248 +Jay Satiro (15 Feb 2017) 249 +- tool_urlglob: Allow a glob range with the same start and stop 250 + 251 + For example allow ranges like [1-1] and [a-a] etc. 252 + 253 + Regression since 5ca96cb. 254 + 255 + Bug: https://github.com/curl/curl/issues/1238 256 + Reported-by: R. Dennis Steed 257 + 258 +Daniel Stenberg (15 Feb 2017) 259 +- axtls: adapt to API changes 260 + 261 + Builds with axTLS 2.1.2. This then also breaks compatibility with axTLS 262 + < 2.1.0 (the older API) 263 + 264 + ... and fix the session_id mixup brought in 04b4ee549 265 + 266 + Fixes #1220 267 + 268 +- RELEASE-NOTES: synced with 690935390c29c 269 + 270 +- [Nick Draffen brought this change] 271 + 272 + curl: fix typo in time condition warning message 273 + 274 + The warning message had a typo. The argument long form is --time-cond 275 + not --timecond 276 + 277 + Closes #1263 278 + 279 +- smb: code indent 280 + 281 +Jay Satiro (14 Feb 2017) 282 +- configure: Allow disabling pthreads, fall back on Win32 threads 283 + 284 + When the threaded resolver option is specified for configure the default 285 + thread library is pthreads. This change makes it possible to 286 + --disable-pthreads and then configure can fall back on Win32 threads for 287 + native Windows builds. 288 + 289 + Closes https://github.com/curl/curl/pull/1260 290 + 291 +Daniel Stenberg (13 Feb 2017) 292 +- http2: fix memory-leak when denying push streams 293 + 294 + Reported-by: zelinchen@users.noreply.github.com 295 + Fixes #1229 296 + 297 +Jay Satiro (11 Feb 2017) 298 +- tool_operate: Show HTTPS-Proxy options on CURLE_SSL_CACERT 299 + 300 + When CURLE_SSL_CACERT occurs the tool shows a lengthy error message to 301 + the user explaining possible solutions such as --cacert and --insecure. 302 + 303 + This change appends to that message similar options --proxy-cacert and 304 + --proxy-insecure when there's a specified HTTPS proxy. 305 + 306 + Closes https://github.com/curl/curl/issues/1258 307 + 308 +Daniel Stenberg (10 Feb 2017) 309 +- cmdline-opts/page-footer: ftp.sunet.se is no longer an FTP mirror 310 + 311 +- URL: only accept ";options" in SMTP/POP3/IMAP URL schemes 312 + 313 + Fixes #1252 314 + 315 +Jay Satiro (9 Feb 2017) 316 +- cmdline-opts/socks*: Mention --preproxy in --socks* opts 317 + 318 + - Document in --socks* opts they're still mutually exclusive of --proxy. 319 + 320 + Partial revert of 423a93c; I had misinterpreted the SOCKS proxy + 321 + HTTP/HTTPS proxy combination. 322 + 323 + - Document in --socks* opts that --preproxy can be used to specify a 324 + SOCKS proxy at the same time --proxy is used with an HTTP/HTTPS proxy. 325 + 326 +Daniel Stenberg (9 Feb 2017) 327 +- CURLOPT_SSL_VERIFYPEER.3: also the https proxy version 328 + 329 +Kamil Dudka (9 Feb 2017) 330 +- nss: make FTPS work with --proxytunnel 331 + 332 + If the NSS code was in the middle of a non-blocking handshake and it 333 + was asked to finish the handshake in blocking mode, it unexpectedly 334 + continued in the non-blocking mode, which caused a FTPS connection 335 + over CONNECT to fail with "(81) Socket not ready for send/recv". 336 + 337 + Bug: https://bugzilla.redhat.com/1420327 338 + 339 +Daniel Stenberg (9 Feb 2017) 340 +- examples/multithread.c: link to our multi-thread docs 341 + 342 + ... instead of the OpenSSL mutex page. 343 + 344 +- http_proxy: avoid freeing static memory 345 + 346 + Follow up to 7fe81ec298e0: make sure 'host' is either NULL or malloced. 347 + 348 +- [Cameron MacMinn brought this change] 349 + 350 + http_proxy: Fix tiny memory leak upon edge case connecting to proxy 351 + 352 + Fixes #1255 353 + 354 +Michael Kaufmann (8 Feb 2017) 355 +- polarssl, mbedtls: Fix detection of pending data 356 + 357 + Reported-by: Dan Fandrich 358 + Bug: https://curl.haxx.se/mail/lib-2017-02/0032.html 359 + 360 +Dan Fandrich (7 Feb 2017) 361 +- test1139: Added the --manual keyword since the manual is required 362 + 363 +Daniel Stenberg (7 Feb 2017) 364 +- RELEASE-NOTES: synced with 102454459dd688c 365 + 366 +- THANKS-filter: polish some recent contributors 367 + 368 +- http2: reset push header counter fixes crash 369 + 370 + When removing an easy handler from a multi before it completed its 371 + transfer, and it had pushed streams, it would segfault due to the pushed 372 + counted not being cleared. 373 + 374 + Fixed-by: zelinchen@users.noreply.github.com 375 + Fixes #1249 376 + 377 +- [Markus Westerlind brought this change] 378 + 379 + transfer: only retry nobody-requests for HTTP 380 + 381 + Using sftp to delete a file with CURLOPT_NOBODY set with a reused 382 + connection would fail as curl expected to get some data. Thus it would 383 + retry the command again which fails as the file has already been 384 + deleted. 385 + 386 + Fixes #1243 387 + 388 +Jay Satiro (7 Feb 2017) 389 +- [Daniel Gustafsson brought this change] 390 + 391 + telnet: Fix typos 392 + 393 + Ref: https://github.com/curl/curl/pull/1245 394 + 395 +- [Daniel Gustafsson brought this change] 396 + 397 + test552: Fix typos 398 + 399 + Closes https://github.com/curl/curl/pull/1245 400 + 401 +- [Daniel Gustafsson brought this change] 402 + 403 + darwinssl: Avoid parsing certificates when not in verbose mode 404 + 405 + The information extracted from the server certificates in step 3 is only 406 + used when in verbose mode, and there is no error handling or validation 407 + performed as that has already been done. Only run the certificate 408 + information extraction when in verbose mode and libcurl was built with 409 + verbose strings. 410 + 411 + Closes https://github.com/curl/curl/pull/1246 412 + 413 +- [JDepooter brought this change] 414 + 415 + schannel: Remove incorrect SNI disabled message 416 + 417 + - Remove the SNI disabled when host verification disabled message 418 + since that is incorrect. 419 + 420 + - Show a message for legacy versions of Windows <= XP that connections 421 + may fail since those versions of WinSSL lack SNI, algorithms, etc. 422 + 423 + Bug: https://github.com/curl/curl/pull/1240 424 + 425 +Daniel Stenberg (7 Feb 2017) 426 +- CHANGES: spell fix, use correct path to script 427 + 428 +- CHANGES.0: removed 429 + 430 + This is the previously manually edited changelog, not touched since Aug 431 + 2015. Still present in git for those who wants it. 432 + 433 +Dan Fandrich (6 Feb 2017) 434 +- cmdline-opts: Fixed build and test in out of source tree builds 435 + 436 +Viktor Szakats (6 Feb 2017) 437 +- use *.sourceforge.io and misc URL updates 438 + 439 + Ref: https://sourceforge.net/blog/introducing-https-for-project-websites/ 440 + Closes: https://github.com/curl/curl/pull/1247 441 + 442 +Jay Satiro (6 Feb 2017) 443 +- docs: Add more HTTPS proxy documentation 444 + 445 + - Document HTTPS proxy type. 446 + 447 + - Document --write-out %{proxy_ssl_verify_result}. 448 + 449 + - Document SOCKS proxy + HTTP/HTTPS proxy combination. 450 + 451 + HTTPS proxy support was added in 7.52.0 for OpenSSL, GnuTLS and NSS. 452 + 453 + Ref: https://github.com/curl/curl/commit/cb4e2be 454 + 455 +- OS400: Fix symbols 456 + 457 + - s/CURLOPT_SOCKS_PROXY/CURLOPT_PRE_PROXY 458 + Follow-up to 7907a2b and 845522c. 459 + 460 + - Fix incorrect id for CURLOPT_PROXY_PINNEDPUBLICKEY. 461 + 462 + - Add id for CURLOPT_ABSTRACT_UNIX_SOCKET. 463 + 464 + Bug: https://github.com/curl/curl/issues/1237 465 + Reported-by: jonrumsey@users.noreply.github.com 466 + 467 +- [Sean Burford brought this change] 468 + 469 + cmake: Support curl --xattr when built with cmake 470 + 471 + - Test for and set HAVE_FSETXATTR when support for extended file 472 + attributes is present. 473 + 474 + Closes https://github.com/curl/curl/pull/1176 475 + 476 +- [Adam Langley brought this change] 477 + 478 + openssl: Don't use certificate after transferring ownership 479 + 480 + SSL_CTX_add_extra_chain_cert takes ownership of the given certificate 481 + while, despite the similar name, SSL_CTX_add_client_CA does not. Thus 482 + it's best to call SSL_CTX_add_client_CA before 483 + SSL_CTX_add_extra_chain_cert, while the code still has ownership of the 484 + argument. 485 + 486 + Closes https://github.com/curl/curl/pull/1236 487 + 488 +Daniel Stenberg (29 Jan 2017) 489 +- [Antoine Aubert brought this change] 490 + 491 + mbedtls: implement CTR-DRBG and HAVEGE random generators 492 + 493 + closes #1227 494 + 495 +- docs: we no longer ship HTML versions of man pages 496 + 497 + ... refer to the web site for the web versions. 498 + 499 +- [railsnewbie257 brought this change] 500 + 501 + docs: proofread README.netware README.win32 502 + 503 + Closes #1231 504 + 505 +- RELEASE-NOTES; synced with ab08d82648 506 + 507 +Michael Kaufmann (28 Jan 2017) 508 +- mbedtls: disable TLS session tickets 509 + 510 + SSL session reuse with TLS session tickets is not supported yet. 511 + Use SSL session IDs instead. 512 + 513 + See https://github.com/curl/curl/issues/1109 514 + 515 +- gnutls: disable TLS session tickets 516 + 517 + SSL session reuse with TLS session tickets is not supported yet. 518 + Use SSL session IDs instead. 519 + 520 + Fixes https://github.com/curl/curl/issues/1109 521 + 522 +- polarssl: fix hangs 523 + 524 + This bugfix is similar to commit c111178bd4. 525 + 526 +Daniel Stenberg (27 Jan 2017) 527 +- cookies: do not assume a valid domain has a dot 528 + 529 + This repairs cookies for localhost. 530 + 531 + Non-PSL builds will now only accept "localhost" without dots, while PSL 532 + builds okeys everything not listed as PSL. 533 + 534 + Added test 1258 to verify. 535 + 536 + This was a regression brought in a76825a5efa6b4 537 + 538 +- TODO: remove "Support TLS v1.3" 539 + 540 + Support is trickling in already. 541 + 542 +- [railsnewbie257 brought this change] 543 + 544 + INTERNALS.md: language improvements 545 + 546 + Closes #1226 547 + 548 +- telnet: fix windows compiler warnings 549 + 550 + Thumbs-up-by: Jay Satiro 551 + 552 + Closes #1225 553 + 554 +- VC: remove the makefile.vc6 build infra 555 + 556 + The winbuild/ build files is now the single MSVC makefile build choice. 557 + 558 + Closes #1215 559 + 560 +- [Jay Satiro brought this change] 561 + 562 + cmdline-opts/gen.pl: Open input files in CRLF mode 563 + 564 + On Windows it's possible to have input files with CRLF line endings and 565 + a perl that defaults to LF line endings (eg msysgit). Currently that 566 + results in generator output of mixed line endings of CR, LF and CRLF. 567 + 568 + This change fixes that issue in the most succinct way by opening the 569 + files in :crlf text mode even when the perl being used does not default 570 + to that mode. (On operating systems that don't have a separate text mode 571 + it's essentially a no-op.) The output continues to be in the perl's 572 + native line ending. 573 + 574 +- docs/curl.1: generate from the cmdline-opts script 575 + 576 +- vtls: source indentation fix 577 + 578 +- contri*.sh: cut off parentheses from names too 579 + 580 +- RELEASE-NOTES: synced with 01ab7c30bba6f 581 + 582 +- vtls: fix PolarSSL non-blocking handling 583 + 584 + A regression brought in cb4e2be 585 + 586 + Reported-by: Michael Kaufmann 587 + Bug: https://github.com/curl/curl/issues/1174#issuecomment-274018791 588 + 589 +- [Antoine Aubert brought this change] 590 + 591 + vtls: fix mbedtls multi non blocking handshake. 592 + 593 + When using multi, mbedtls handshake is in non blocking mode. vtls must 594 + set wait for read/write flags for the socket. 595 + 596 + Closes #1223 597 + 598 +- [Richy Kim brought this change] 599 + 600 + CURLOPT_BUFFERSIZE: support enlarging receive buffer 601 + 602 + Replace use of fixed macro BUFSIZE to define the size of the receive 603 + buffer. Reappropriate CURLOPT_BUFFERSIZE to include enlarging receive 604 + buffer size. Upon setting, resize buffer if larger than the current 605 + default size up to a MAX_BUFSIZE (512KB). This can benefit protocols 606 + like SFTP. 607 + 608 + Closes #1222 609 + 610 +- sws: use SOCKERRNO, not errno 611 + 612 + Reported-by: Gisle Vanem 613 + 614 +Michael Kaufmann (19 Jan 2017) 615 +- KNOWN_BUGS: HTTP/2 server push enabled when no pushes can be accepted 616 + 617 + This has been implemented with commit 9ad034e. 618 + 619 +Viktor Szakats (19 Jan 2017) 620 +- *.rc: escape non-ASCII/non-UTF-8 character for clarity 621 + 622 + Closes https://github.com/curl/curl/pull/1217 623 + 624 +Kamil Dudka (19 Jan 2017) 625 +- docs: non-blocking SSL handshake is now supported with NSS 626 + 627 + Implemented since curl-7_36_0-130-g8868a22 628 + 629 + Reported-by: Fahim Chandurwala 630 + 631 +Michael Kaufmann (18 Jan 2017) 632 +- CURLOPT_CONNECT_TO: Fix compile warnings 633 + 634 + Fix compile warnings that appeared only when curl has been configured 635 + with '--disable-verbose'. 636 + 637 +Daniel Stenberg (18 Jan 2017) 638 +- usercertinmem.c: improve the short description 639 + 640 +- parseurl: move back buffer to function scope 641 + 642 + Regression since 1d4202ad, which moved the buffer into a more narrow 643 + scope, but the data in that buffer was used outside of that more narrow 644 + scope. 645 + 646 + Reported-by: Dan Fandrich 647 + Bug: https://curl.haxx.se/mail/lib-2017-01/0093.html 648 + 649 +Jay Satiro (17 Jan 2017) 650 +- openssl: Fix random generation 651 + 652 + - Fix logic error in Curl_ossl_random. 653 + 654 + Broken a few days ago in 807698d. 655 + 656 +Daniel Stenberg (17 Jan 2017) 657 +- TODO: share OpenSSL contexts 658 + 659 + By supporting this, subsequent connects would load a lot less data from 660 + disk. 661 + 662 + Closes #1110 663 + 664 +- bump: next release will be 7.53.0 665 + 666 +Kamil Dudka (15 Jan 2017) 667 +- nss: use the correct lock in nss_find_slot_by_name() 668 + 669 +Alessandro Ghedini (15 Jan 2017) 670 +- http2: disable server push if not requested 671 + 672 + Ref: https://github.com/curl/curl/pull/1160 673 + 674 +Daniel Stenberg (14 Jan 2017) 675 +- [railsnewbie257 brought this change] 676 + 677 + docs: improved language in README.md HISTORY.md CONTRIBUTE.md 678 + 679 + Closes #1211 680 + 681 +Alessandro Ghedini (14 Jan 2017) 682 +- http: print correct HTTP string in verbose output when using HTTP/2 683 + 684 + Before: 685 + ``` 686 + % src/curl https://sigsegv.ninja/ -v --http2 687 + ... 688 + > GET / HTTP/1.1 689 + > Host: sigsegv.ninja 690 + > User-Agent: curl/7.52.2-DEV 691 + > Accept: */* 692 + > 693 + ... 694 + ``` 695 + 696 + After: 697 + ``` 698 + % src/curl https://sigsegv.ninja/ -v --http2 699 + ... 700 + > GET / HTTP/2 701 + > Host: sigsegv.ninja 702 + > User-Agent: curl/7.52.2-DEV 703 + > Accept: */* 704 + > 705 + ``` 706 + 707 +Daniel Stenberg (14 Jan 2017) 708 +- TODO: send only part of --data 709 + 710 + Closes #1200 711 + 712 +- TODO: implemened "--fail-fast to exit on first transfer fail" 713 + 714 + Even though it is called --fail-early 715 + 716 +- TODO: Chunked transfer multipart formpost 717 + 718 + Closes #1139 719 + 720 +- TODO: Improve formpost API, not just add an easy argument 721 + 722 +- addrinfo: fix compiler warning on offsetof() use 723 + 724 + curl_addrinfo.c:519:20: error: conversion to ‘curl_socklen_t {aka 725 + unsigned int}’ from ‘long unsigned int’ may alter its value 726 + [-Werror=conversion] 727 + 728 + Follow-up to 1d786faee1046f 729 + 730 +- THANKS-filter: Jiri Malak 731 + 732 +- RELEASE-NOTES: synced with a7c73ae309c 733 + 734 +Peter Wu (13 Jan 2017) 735 +- [Isaac Boukris brought this change] 736 + 737 + unix_socket: add support for abstract unix domain socket 738 + 739 + In addition to unix domain sockets, Linux also supports an 740 + abstract namespace which is independent of the filesystem. 741 + 742 + In order to support it, add new CURLOPT_ABSTRACT_UNIX_SOCKET 743 + option which uses the same storage as CURLOPT_UNIX_SOCKET_PATH 744 + internally, along with a flag to specify abstract socket. 745 + 746 + On non-supporting platforms, the abstract address will be 747 + interpreted as an empty string and fail gracefully. 748 + 749 + Also add new --abstract-unix-socket tool parameter. 750 + 751 + Signed-off-by: Isaac Boukris <iboukris@gmail.com> 752 + Reported-by: Chungtsun Li (typeless) 753 + Reviewed-by: Daniel Stenberg 754 + Reviewed-by: Peter Wu 755 + Closes #1197 756 + Fixes #1061 757 + 758 +Daniel Stenberg (13 Jan 2017) 759 +- write-out.d: 'time_total' is not always shown with ms precision 760 + 761 + We have higher resolution since 7.52.0 762 + 763 +- next.d: --trace and --trace-ascii are also global 764 + 765 +- [Isaac Boukris brought this change] 766 + 767 + curl: reset the easy handle at --next 768 + 769 + So that only "global" options (verbose mostly) survive into the next 770 + transfer, and the others have to be set again unless default is fine. 771 + 772 +- [Frank Gevaerts brought this change] 773 + 774 + docs: Add note about libcurl copying strings to CURLOPT_* manpages 775 + 776 + Closes #1169 777 + 778 +- [Frank Gevaerts brought this change] 779 + 780 + CURLOPT_PREQUOTE.3: takes a struct curl_slist*, not a char* 781 + 782 +- IDN: Use TR46 non-transitional 783 + 784 + Assisted-by: Tim Rühsen 785 + 786 +- IDN: revert use of the transitional option 787 + 788 + It made the german ß get converted to ss, IDNA2003 style, and we can't 789 + have that for the .de TLD - a primary reason for our switch to IDNA2008. 790 + 791 + Test 165 verifies. 792 + 793 +- [Tim Rühsen brought this change] 794 + 795 + IDN: Fix compile time detection of linidn2 TR46 796 + 797 + Follow-up to f30cbcac1 798 + 799 + Closes #1207 800 + 801 +- [ERAMOTO Masaya brought this change] 802 + 803 + url: --noproxy option overrides NO_PROXY environment variable 804 + 805 + Under condition using http_proxy env var, noproxy list was the 806 + combination of --noproxy option and NO_PROXY env var previously. Since 807 + this commit, --noproxy option overrides NO_PROXY environment variable 808 + even if use http_proxy env var. 809 + 810 + Closes #1140 811 + 812 +- [ERAMOTO Masaya brought this change] 813 + 814 + url: Refactor detect_proxy() 815 + 816 + If defined CURL_DISABLE_HTTP, detect_proxy() returned NULL. If not 817 + defined CURL_DISABLE_HTTP, detect_proxy() checked noproxy list. 818 + 819 + Thus refactor to set proxy to NULL instead of calling detect_proxy() if 820 + define CURL_DISABLE_HTTP, and refactor to call detect_proxy() if not 821 + define CURL_DISABLE_HTTP and the host is not in the noproxy list. 822 + 823 +- [ERAMOTO Masaya brought this change] 824 + 825 + url: Fix NO_PROXY env var to work properly with --proxy option. 826 + 827 + The combination of --noproxy option and http_proxy env var works well 828 + both for proxied hosts and non-proxied hosts. 829 + 830 + However, when combining NO_PROXY env var with --proxy option, 831 + non-proxied hosts are not reachable while proxied host is OK. 832 + 833 + This patch allows us to access non-proxied hosts even if using NO_PROXY 834 + env var with --proxy option. 835 + 836 +- [Tim Rühsen brought this change] 837 + 838 + IDN: Use TR46 'transitional' for toASCII translations 839 + 840 + References: http://unicode.org/faq/idn.html 841 + http://unicode.org/reports/tr46 842 + 843 + Closes #1206 844 + 845 +- [railsnewbie257 brought this change] 846 + 847 + docs: FAQ MAIL-ETIQUETTE language fixes 848 + 849 + Closes #1194 850 + 851 +- [Marcus Hoffmann brought this change] 852 + 853 + gnutls: check for alpn and ocsp in configure 854 + 855 + Check for presence of gnutls_alpn_* and gnutls_ocsp_* functions during 856 + configure instead of relying on the version number. GnuTLS has options 857 + to turn these features off and we ca just work with with such builds 858 + like we work with older versions. 859 + 860 + Signed-off-by: Marcus Hoffmann <m.hoffmann@cartelsol.com> 861 + 862 + Closes #1204 863 + 864 +Jay Satiro (12 Jan 2017) 865 +- url: Fix parsing for when 'file' is the default protocol 866 + 867 + Follow-up to 3463408. 868 + 869 + Prior to 3463408 file:// hostnames were silently stripped. 870 + 871 + Prior to this commit it did not work when a schemeless url was used with 872 + file as the default protocol. 873 + 874 + Ref: https://curl.haxx.se/mail/lib-2016-11/0081.html 875 + Closes https://github.com/curl/curl/pull/1124 876 + 877 + Also fix for drive letters: 878 + 879 + - Support --proto-default file c:/foo/bar.txt 880 + 881 + - Support file://c:/foo/bar.txt 882 + 883 + - Fail when a file:// drive letter is detected and not MSDOS/Windows. 884 + 885 + Bug: https://github.com/curl/curl/issues/1187 886 + Reported-by: Anatol Belski 887 + Assisted-by: Anatol Belski 888 + 889 +Daniel Stenberg (12 Jan 2017) 890 +- rand: make it work without TLS backing 891 + 892 + Regression introduced in commit f682156a4fc6c4 893 + 894 + Reported-by: John Kohl 895 + Bug: https://curl.haxx.se/mail/lib-2017-01/0055.html 896 + 897 +Jay Satiro (12 Jan 2017) 898 +- STARTTLS: Don't print response character in denied messages 899 + 900 + Both IMAP and POP3 response characters are used internally, but when 901 + appended to the STARTTLS denial message likely could confuse the user. 902 + 903 + Closes https://github.com/curl/curl/pull/1203 904 + 905 +- smtp: Fix STARTTLS denied error message 906 + 907 + - Format the numeric denial code as an integer instead of a character. 908 + 909 +Daniel Stenberg (11 Jan 2017) 910 +- http2_send: avoid unsigned integer wrap around 911 + 912 + ... when checking for a too large request. 913 + 914 +Jay Satiro (9 Jan 2017) 915 +- [Jiri Malak brought this change] 916 + 917 + cmake: Fix passing _WINSOCKAPI_ macro to compiler 918 + 919 + Define _WINSOCKAPI_ blank rather than to 1 in order to match the value 920 + used by Microsoft's winsock header files. 921 + 922 + Closes https://github.com/curl/curl/pull/1195 923 + 924 +Daniel Stenberg (9 Jan 2017) 925 +- sws: retry send() on EWOULDBLOCK 926 + 927 + Fixes spurious test 1060 and 1061 failures on OpenBSD, Solaris and more. 928 + 929 + Bug: https://curl.haxx.se/mail/lib-2017-01/0009.html 930 + Reported-by: Christian Weisgerber 931 + 932 +- RELEASE-NOTES: synced with a41e8592d6b3e58 933 + 934 +- examples: make the C++ examples follow our code style too 935 + 936 + At least mostly, not counting // comments. 937 + 938 +- [Aulddays brought this change] 939 + 940 + asiohiper: improved socket handling 941 + 942 + libcurl requires CURLMOPT_SOCKETFUNCTION to KEEP watching socket events 943 + and notify back. Modify event_cb() to continue watching events when 944 + fired. 945 + 946 + Fixes #1191 947 + Closes #1192 948 + Fixed-by: Mingliang Zhu 949 + 950 +- [Jiří Malák brought this change] 951 + 952 + lib506: fix build for Open Watcom 953 + 954 + Rename symbol lock to locks to not clash with OW CRTL function name. 955 + 956 + Closes #1196 957 + 958 +- ROADMAP: 2017 cleanup 959 + 960 + Removed items already fixed, clarified a few others. 961 + 962 +- COPYING: update the generic copyright year range 963 + 964 +- docs/silent: mention --show-error in --silent description 965 + 966 + Reported in #1190 967 + Reported-by: Dan Jacobson 968 + 969 +- docs/page-header: mention how to disable the progress meter 970 + 971 + curl.1 is regenerated 972 + 973 + Fixes #1190 974 + 975 +Dan Fandrich (7 Jan 2017) 976 +- wolfssl: display negotiated SSL version and cipher 977 + 978 +- wolfssl: support setting cipher list 979 + 980 +Patrick Monnerat (6 Jan 2017) 981 +- CIPHERS.md: document GSKit ciphers 982 + 983 +Jay Satiro (5 Jan 2017) 984 +- [peterpih brought this change] 985 + 986 + TheArtOfHttpScripting: grammar 987 + 988 +Nick Zitzmann (3 Jan 2017) 989 +- darwinssl: --insecure overrides --cacert if both settings are in use 990 + 991 + Fixes #1184 992 + 993 +Jay Satiro (2 Jan 2017) 994 +- docs/libcurl: TCP_KEEPALIVE start and interval default to 60 995 + 996 + Since the TCP keep-alive options were added in 705f0f7 the start and 997 + interval default values have been 60, but that wasn't documented. 998 + 999 + Bug: https://curl.haxx.se/mail/lib-2017-01/0000.html 1000 + Reported-by: Praveen Pvs 1001 + 1002 +Daniel Stenberg (29 Dec 2016) 1003 +- curl.h: CURLE_FUNCTION_NOT_FOUND is no longer in use 1004 + 1005 + This error code was once introduced when some library was dynamically 1006 + loaded and a funciton within said library couldn't be found. 1007 + 1008 +- content_encoding: change return code on a failure 1009 + 1010 + Failure to decompress is now a write error instead of the weird 1011 + "function not found". 1012 + 1013 +- page-footer: error 36 is protocol agnostic! 1014 + 1015 +Jay Satiro (28 Dec 2016) 1016 +- tool_operate: Fix --remote-time incorrect times on Windows 1017 + 1018 + - Use Windows API SetFileTime to set the file time instead of utime. 1019 + 1020 + Avoid utime on Windows if possible because it may apply a daylight 1021 + saving time offset to our UTC file time. 1022 + 1023 + Bug: https://curl.haxx.se/mail/archive-2016-11/0033.html 1024 + Reported-by: Tim 1025 + 1026 + Closes https://github.com/curl/curl/pull/1121 1027 + 1028 +Daniel Stenberg (29 Dec 2016) 1029 +- [Max Khon brought this change] 1030 + 1031 + digest_sspi: copy terminating NUL as well 1032 + 1033 + Curl_auth_decode_digest_http_message(): copy terminating NUL as later 1034 + Curl_override_sspi_http_realm() expects a NUL-terminated string. 1035 + 1036 + Fixes #1180 1037 + 1038 +- curl_formadd.3: CURLFORM_CONTENTSLENGTH not needed when chunked 1039 + 1040 + Mentioned in #1013 1041 + 1042 +- [Kyselgov E.N brought this change] 1043 + 1044 + cmake: use crypt32.lib when building with OpenSSL on windows 1045 + 1046 + Reviewed-by: Peter Wu 1047 + Closes #1149 1048 + Fixes #1147 1049 + 1050 +- [Chris Araman brought this change] 1051 + 1052 + darwinssl: fix CFArrayRef leak 1053 + 1054 + Reviewed-by: Nick Zitzmann 1055 + Closes #1173 1056 + 1057 +- [Chris Araman brought this change] 1058 + 1059 + darwinssl: fix iOS build 1060 + 1061 + Reviewed-by: Nick Zitzmann 1062 + Fixes #1172 1063 + 1064 +- curl: remove superfluous include file 1065 + 1066 + The <netinet/tcp.h> is a leftover from the past when TCP socket options 1067 + were set in this file. This include causes build issues on AIX 4.3. 1068 + 1069 + Reported-by: Kim Minjoong 1070 + 1071 + Closes #1178 1072 + 1073 +- RELEASE-NOTES: synced with a7b38c9dc98481e 1074 + 1075 +- vtls: s/SSLEAY/OPENSSL 1076 + 1077 + Fixed an old leftover use of the USE_SSLEAY define which would make a 1078 + socket get removed from the applications sockets to monitor when the 1079 + multi_socket API was used, leading to timeouts. 1080 + 1081 + Bug: #1174 1082 + 1083 +- docs/ciphers: link to our own new page about ciphers 1084 + 1085 + ... as the former ones always go stale! 1086 + 1087 +- cmdline-opts/page-footer: add three more exit codes 1088 + 1089 + ... and regenerated curl.1 1090 + 1091 +- formdata: use NULL, not 0, when returning pointers 1092 + 1093 +- ftp: failure to resolve proxy should return that error code 1094 + 1095 +- configure: accept --with-libidn2 instead 1096 + 1097 + ... which the help text already implied since we switched to libidn2 1098 + from libidn in commit 9c91ec778104ae3b back in October 2016. 1099 + 1100 + Reported-by: Christian Weisgerber 1101 + Bug: https://curl.haxx.se/mail/lib-2016-12/0110.html 1102 + 1103 +- test1282: verify the ftp-gss check 1104 + 1105 +- ftp-gss: check for init before use 1106 + 1107 + To avoid dereferencing a NULL pointer. 1108 + 1109 + Reported-by: Daniel Romero 1110 + 1111 +Jay Satiro (24 Dec 2016) 1112 +- build-wolfssl: Sync config with wolfSSL 3.10 1113 + 1114 + wolfSSL configure script relevant changes from 3.9 to 3.10: 1115 + 1116 + - DES3 no longer enabled by default 1117 + - Shamir no longer enabled by default 1118 + - Extended master secret enabled by default 1119 + - RSA and ECC timing protections enabled by default 1120 + 1121 + For backwards compatibility I enabled DES3 and ECC shamir config options 1122 + (ie no change from 3.9), and the other changes are included. 1123 + 1124 +- cyassl: use time_t instead of long for timeout 1125 + 1126 +Daniel Stenberg (23 Dec 2016) 1127 +- bump: toward next release 1128 + 1129 +- http: remove "Curl_http_done: called premature" message 1130 + 1131 + ... it only confuses people. 1132 + 1133 +- openssl-random: check return code when asking for random 1134 + 1135 + and fail appropriately if it returns error 1136 + 1137 +- gnutls-random: check return code for failed random 1138 + 1139 +Version 7.52.1 (22 Dec 2016) 1140 + 1141 +Daniel Stenberg (22 Dec 2016) 1142 +- RELEASE-NOTES: curl 7.52.1 1143 + 1144 +- lib557.c: use a shorter MAXIMIZE representation 1145 + 1146 + Since several compilers had problems with the previous one 1147 + 1148 + Reported-by: Ray Satiro 1149 + Bug: https://curl.haxx.se/mail/lib-2016-12/0098.html 1150 + 1151 +- runtests: remove the valgrind parser 1152 + 1153 + Old legacy parsing that 1) hid problems for us and 2) probably isn't 1154 + needed anymore. 1155 + 1156 +- [Kamil Dudka brought this change] 1157 + 1158 + randit: store the value in the buffer 1159 + 1160 +- tests/Makefile: run checksrc on debug builds 1161 + 1162 + ... just like we already do in src/ and lib/ 1163 + 1164 +- lib557: move the "enable LONGLINE" to allow more long lines 1165 + 1166 + This file is riddled with them... 1167 + 1168 +- bump: toward next release 1169 + 1170 +Marcel Raad (21 Dec 2016) 1171 +- lib: fix MSVC compiler warnings 1172 + 1173 + Visual C++ complained: 1174 + warning C4267: '=': conversion from 'size_t' to 'long', possible loss of data 1175 + warning C4701: potentially uninitialized local variable 'path' used 1176 + 1177 +Version 7.52.0 (20 Dec 2016) 1178 + 1179 +Daniel Stenberg (20 Dec 2016) 1180 +- THANKS: 13 new contributors from 7.52.0 1181 + 1182 +- RELEASE-NOTES: 7.52.0 1183 + 1184 +- ssh: inhibit coverity warning with (void) 1185 + 1186 + CID 1397391 (#1 of 1): Unchecked return value (CHECKED_RETURN) 1187 + 1188 +- Curl_recv_has_postponed_data: silence compiler warnings 1189 + 1190 + Follow-up to d00f2a8f2 1191 + 1192 +Jay Satiro (19 Dec 2016) 1193 +- tests: checksrc compliance 1194 + 1195 +- http_proxy: Fix proxy CONNECT hang on pending data 1196 + 1197 + - Check for pending data before waiting on the socket. 1198 + 1199 + Bug: https://github.com/curl/curl/issues/1156 1200 + Reported-by: Adam Langley 1201 + 1202 +Daniel Stenberg (19 Dec 2016) 1203 +- cmdline-opts/tlsv1.d: rephrased 1204 + 1205 +- [Dan McNulty brought this change] 1206 + 1207 + schannel: fix wildcard cert name validation on Win CE 1208 + 1209 + Fixes a few issues in manual wildcard cert name validation in 1210 + schannel support code for Win32 CE: 1211 + - when comparing the wildcard name to the hostname, the wildcard 1212 + character was removed from the cert name and the hostname 1213 + was checked to see if it ended with the modified cert name. 1214 + This allowed cert names like *.com to match the connection 1215 + hostname. This violates recommendations from RFC 6125. 1216 + - when the wildcard name in the certificate is longer than the 1217 + connection hostname, a buffer overread of the connection 1218 + hostname buffer would occur during the comparison of the 1219 + certificate name and the connection hostname. 1220 + 1221 +- printf: fix floating point buffer overflow issues 1222 + 1223 + ... and add a bunch of floating point printf tests 1224 + 1225 +- config-amigaos.h: (embarrassed) made the line shorter 1226 + 1227 +- config-amigaos.h: fix bug report email reference 1228 + 1229 +- RELEASE-NOTES: synced with 4517158abfeba 1230 + 1231 +- CIPHERS.md: backtick the names to show underscores fine 1232 + 1233 +- form-string.d: fix format mistake 1234 + 1235 + and regenerated curl.1 1236 + 1237 + Reported-by: Gisle Vanem 1238 + 1239 +Michael Kaufmann (18 Dec 2016) 1240 +- openssl: simplify expression in Curl_ossl_version 1241 + 1242 +- curl_easy_recv: Improve documentation and example program 1243 + 1244 + Follow-up to 82245ea: Fix the example program sendrecv.c (handle 1245 + CURLE_AGAIN, handle incomplete send). Improve the documentation 1246 + for curl_easy_recv() and curl_easy_send(). 1247 + 1248 + Reviewed-by: Frank Meier 1249 + Assisted-by: Jay Satiro 1250 + 1251 + See https://github.com/curl/curl/pull/1134 1252 + 1253 +- [Isaac Boukris brought this change] 1254 + 1255 + Curl_getconnectinfo: avoid checking if the connection is closed 1256 + 1257 + It doesn't benefit us much as the connection could get closed at 1258 + any time, and also by checking we lose the ability to determine 1259 + if the socket was closed by reading zero bytes. 1260 + 1261 + Reported-by: Michael Kaufmann 1262 + 1263 + Closes https://github.com/curl/curl/pull/1134 1264 + 1265 +Daniel Stenberg (18 Dec 2016) 1266 +- CIPHERS.md: attempt to document TLS cipher names 1267 + 1268 + As the official docs seems really hard to keep track of and link to over 1269 + time 1270 + 1271 +- curl.1: generated after 6cce4dbf830 1272 + 1273 +- cmdline-opts/post30X.d: fix the RFC references 1274 + 1275 +- curl.1: regenerated 1276 + 1277 + Fixed trailing whitespace and numerous formatting glitches 1278 + 1279 +- cmdline-opts: formatting fixes 1280 + 1281 +- curl_easy_setopt.3: removed CURLOPT_SOCKS_PROXYTYPE 1282 + 1283 +- tool_getparam.c: make comments use the up-to-date option names 1284 + 1285 +- manpage-scan.pl: allow deprecated options to get removed from curl.1 1286 + 1287 + --krb4, --ftp-ssl and --ftp-ssl-reqd no longer need to be documented in the 1288 + man page 1289 + 1290 +- cmdline-opts/gen.pl: trim off trailing spaces 1291 + 1292 +- cmdline-opts/proxy-tlsuser.d: remove trailing .d 1293 + 1294 +- curl_easy_setopt.3: CURLOPT_PRE_PROXY instead of CURLOPT_SOCKS_PROXY 1295 + 1296 +- symbols: removed two, added one 1297 + 1298 +- cmdline-opts: include the man page split up files in the dist 1299 + 1300 +- curl.1: generated with gen.pl 1301 + 1302 + This is the first time we replace the manually edited curt.1 with the 1303 + generated one created by gen.pl and the individual option documentation 1304 + pages. 1305 + 1306 + Do not edit this file, edit the individual pages and regenerate this 1307 + output. 1308 + 1309 + This file will be generated by the build system soon and then removed 1310 + from git. 1311 + 1312 +- cmdline-opts: added some missing info 1313 + 1314 +- CURLINFO_SSL_VERIFYRESULT.3: language 1315 + 1316 +- HTTPS-PROXY docs: update/polish 1317 + 1318 +- cmdline-opts/page-header: mention it is generated 1319 + 1320 + ... to avoid people from trying to edit the pending curl.1 version that 1321 + gets generated by gen.pl 1322 + 1323 +- preproxy: renamed what was added as SOCKS_PROXY 1324 + 1325 + CURLOPT_SOCKS_PROXY -> CURLOPT_PRE_PROXY 1326 + 1327 + Added the corresponding --preroxy command line option. Sets a SOCKS 1328 + proxy to connect to _before_ connecting to a HTTP(S) proxy. 1329 + 1330 +- curl: normal socks proxies still use CURLOPT_PROXY 1331 + 1332 + ... the newly introduced CURLOPT_SOCKS_PROXY is special and should be 1333 + asked for specially. (Needs new code.) 1334 + 1335 + Unified proxy type to a single variable in the config struct. 1336 + 1337 +- CURLOPT_SOCKS_PROXYTYPE: removed 1338 + 1339 + This was added as part of the SOCKS+HTTPS proxy merge but there's no 1340 + need to support this as we prefer to have the protocol specified as a 1341 + prefix instead. 1342 + 1343 +- curl_multi_socket.3: fix typo 1344 + 1345 +- checksrc: warn for assignments within if() expressions 1346 + 1347 + ... they're already frowned upon in our source code style guide, this 1348 + now enforces the rule harder. 1349 + 1350 +- checksrc: stricter no-space-before-paren enforcement 1351 + 1352 + In order to make the code style more uniform everywhere 1353 + 1354 +- ISSUE_TEMPLATE: try mentioning known bugs/todo in new issue template 1355 + 1356 +- RELEASE-NOTES: synced with 71a55534fa6 1357 + 1358 +- [Adam Langley brought this change] 1359 + 1360 + openssl: don't use OpenSSL's ERR_PACK. 1361 + 1362 + ERR_PACK is an internal detail of OpenSSL. Also, when using it, a 1363 + function name must be specified which is overly specific: the test will 1364 + break whenever OpenSSL internally change things so that a different 1365 + function creates the error. 1366 + 1367 + Closes #1157 1368 + 1369 +Dan Fandrich (5 Dec 2016) 1370 +- test2032: Mark test as flaky 1371 + 1372 +Jay Satiro (3 Dec 2016) 1373 +- [Jeremy Pearson brought this change] 1374 + 1375 + libcurl-multi.3: typo 1376 + 1377 + Closes https://github.com/curl/curl/pull/1153 1378 + 1379 +Dan Fandrich (2 Dec 2016) 1380 +- test1281: added http as a required feature 1381 + 1382 +Daniel Stenberg (2 Dec 2016) 1383 +- curl: support zero-length argument strings in config files 1384 + 1385 + ... like 'user-agent = ""' 1386 + 1387 + Adjusted test 71 to verify. 1388 + 1389 +- http_proxy: simplify CONNECT response reading 1390 + 1391 + Since it now reads responses one byte a time, a loop could be removed 1392 + and it is no longer limited to get the whole response within 16K, it is 1393 + now instead only limited to 16K maximum header line lengths. 1394 + 1395 +- tests: fix CONNECT test cases to be more strict 1396 + 1397 + ... as they broke with the cleaned up CONNECT handling 1398 + 1399 +- CONNECT: read responses one byte at a time 1400 + 1401 + ... so that it doesn't read data that is actually coming from the 1402 + remote. 2xx responses have no body from the proxy, that data is from the 1403 + peer. 1404 + 1405 + Fixes #1132 1406 + 1407 +- CONNECT: reject TE or CL in 2xx responses 1408 + 1409 + A server MUST NOT send any Transfer-Encoding or Content-Length header 1410 + fields in a 2xx (Successful) response to CONNECT. (RFC 7231 section 1411 + 4.3.6) 1412 + 1413 + Also fixes the three test cases that did this. 1414 + 1415 +- URL parser: reject non-numerical port numbers 1416 + 1417 + Test 1281 added to verify 1418 + 1419 +Dan Fandrich (30 Nov 2016) 1420 +- runtests: made Servers: output be more consistent by removing OFF 1421 + 1422 +- cyassl: fixed typo introduced in 4f8b1774 1423 + 1424 +Michael Kaufmann (30 Nov 2016) 1425 +- CURLOPT_CONNECT_TO: Skip non-matching "connect-to" entries properly 1426 + 1427 + If a port number in a "connect-to" entry does not match, skip this 1428 + entry instead of connecting to port 0. 1429 + 1430 + If a port number in a "connect-to" entry matches, use this entry 1431 + and look no further. 1432 + 1433 + Reported-by: Jay Satiro 1434 + Assisted-by: Jay Satiro, Daniel Stenberg 1435 + 1436 + Closes #1148 1437 + 1438 +Daniel Stenberg (29 Nov 2016) 1439 +- BUGS: describe bug handling process 1440 + 1441 +- RELEASE-NOTES: synced with 19613fb3 1442 + 1443 +Jay Satiro (28 Nov 2016) 1444 +- http2: check nghttp2_session_set_local_window_size exists 1445 + 1446 + The function only exists since nghttp2 1.12.0. 1447 + 1448 + Bug: https://github.com/curl/curl/commit/a4d8888#commitcomment-19985676 1449 + Reported-by: Michael Kaufmann 1450 + 1451 +Daniel Stenberg (28 Nov 2016) 1452 +- [Anders Bakken brought this change] 1453 + 1454 + http2: Fix crashes when parent stream gets aborted 1455 + 1456 + Closes #1125 1457 + 1458 +- cmdline-docs: more options converted and fixed 1459 + 1460 + Now all options are in the new system. 1461 + 1462 +- gen: include footer in mainpage output 1463 + 1464 +Jay Satiro (28 Nov 2016) 1465 +- lib1536: checksrc compliance 1466 + 1467 +Daniel Stenberg (28 Nov 2016) 1468 +- cmdline-opts: more command line options documented 1469 + 1470 + Moved over to the new format 1471 + 1472 +- curl: remove --proxy-ssl* options 1473 + 1474 + There's mostly likely no need to allow setting SSLv2/3 version for HTTPS 1475 + proxy. Those protocols are insecure by design and deprecated. 1476 + 1477 +- CURLOPT_PROXY_*.3: polished some proxy option man pages 1478 + 1479 +Patrick Monnerat (26 Nov 2016) 1480 +- os400: support CURLOPT_PROXY_PINNEDPUBLICKEY 1481 + 1482 + Also define it in ILE/RPG binding. 1483 + 1484 +Daniel Stenberg (26 Nov 2016) 1485 +- [Okhin Vasilij brought this change] 1486 + 1487 + curl_version_info: add CURL_VERSION_HTTPS_PROXY 1488 + 1489 + Closes #1142 1490 + 1491 +- [Frank Gevaerts brought this change] 1492 + 1493 + tests: Add some testcases for recent new features. 1494 + 1495 + Add missing tests for CURLINFO_SCHEME, CURLINFO_PROTOCOL, %{scheme}, 1496 + and %{http_version} 1497 + 1498 + closes #1143 1499 + 1500 +- [Frank Gevaerts brought this change] 1501 + 1502 + curl_easy_reset: clear info for CULRINFO_PROTOCOL and CURLINFO_SCHEME 1503 + 1504 +- CURLOPT_PROXY_CAINFO.3: clarify proxy use 1505 + 1506 +- CURLOPT_PROXY_CRLFILE.3: clarify https proxy and availability 1507 + 1508 +- curl_easy_setopt.3: add CURLOPT_PROXY_PINNEDPUBLICKEY 1509 + 1510 + Follow-up to 4f8b17743d7c55a 1511 + 1512 +- docs: include all opts man pages in dist 1513 + 1514 + Sorted the lists too. 1515 + 1516 + ... and include the new ones in the PDF and HTML generation targets 1517 + 1518 +- [Thomas Glanzmann brought this change] 1519 + 1520 + HTTPS Proxy: Implement CURLOPT_PROXY_PINNEDPUBLICKEY 1521 + 1522 +- [Thomas Glanzmann brought this change] 1523 + 1524 + url: proxy: Use 443 as default port for https proxies 1525 + 1526 +- TODO: removed "HTTPS proxy" 1527 + 1528 +- [Jan-E brought this change] 1529 + 1530 + winbuild: add config option ENABLE_NGHTTP2 1531 + 1532 + Closes #1141 1533 + 1534 +Jay Satiro (24 Nov 2016) 1535 +- tool_urlglob: Improve sanity check in glob_range 1536 + 1537 + Prior to this change we depended on errno if strtol could not perform a 1538 + conversion. POSIX says EINVAL *may* be set. Some implementations like 1539 + Microsoft's will not set it if there's no conversion. 1540 + 1541 + Ref: https://github.com/curl/curl/commit/ee4f7660#commitcomment-19658189 1542 + 1543 +- tool_help: Change description for --retry-connrefused 1544 + 1545 + Ref: https://github.com/curl/curl/pull/1064#issuecomment-260052409 1546 + 1547 +Patrick Monnerat (25 Nov 2016) 1548 +- os400: sync ILE/RPG binding 1549 + 1550 +Jay Satiro (24 Nov 2016) 1551 +- test1135: Fix curl_easy_duphandle prototype for code style 1552 + 1553 + Follow-up to dbadaeb which changed the style. 1554 + 1555 +- x509asn1: Restore the parameter check in Curl_getASN1Element 1556 + 1557 + - Restore the removed parts of the parameter check. 1558 + 1559 + Follow-up to 945f60e which altered the parameter check. 1560 + 1561 +Daniel Stenberg (25 Nov 2016) 1562 +- RELEASE-NOTES: update option counters 1563 + 1564 +- [Frank Gevaerts brought this change] 1565 + 1566 + add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme} 1567 + 1568 + Adds access to the effectively used protocol/scheme to both libcurl and 1569 + curl, both in string and numeric (CURLPROTO_*) form. 1570 + 1571 + Note that the string form will be uppercase, as it is just the internal 1572 + string. 1573 + 1574 + As these strings are declared internally as const, and all other strings 1575 + returned by curl_easy_getinfo() are de-facto const as well, string 1576 + handling in getinfo.c got const-ified. 1577 + 1578 + Closes #1137 1579 + 1580 +- RELEASE-NOTES: synced with 63198a4750aeb 1581 + 1582 +- curl.1: the new --proxy options ship in 7.52.0 1583 + 1584 +- checksrc: move open braces to comply with function declaration style 1585 + 1586 +- checksrc: detect wrongly placed open braces in func declarations 1587 + 1588 +- checksrc: white space edits to comply to stricter checksrc 1589 + 1590 +- checksrc: verify ASTERISKNOSPACE 1591 + 1592 + Detects (char*) and 'char*foo' uses. 1593 + 1594 +- checksrc: code style: use 'char *name' style 1595 + 1596 +- checksrc: add ASTERISKSPACE 1597 + 1598 + Verifies a 'char *name' style, with no space after the asterisk. 1599 + 1600 +- openssl: remove dead code 1601 + 1602 + Coverity CID 1394666 1603 + 1604 +- [Okhin Vasilij brought this change] 1605 + 1606 + HTTPS-proxy: fixed mbedtls and polishing 1607 + 1608 +- darwinssl: adopted to the HTTPS proxy changes 1609 + 1610 + It builds and runs all test cases. No adaptations for actual HTTPS proxy 1611 + support has been made. 1612 + 1613 +- gtls: fix indent to silence compiler warning 1614 + 1615 + vtls/gtls.c: In function ‘Curl_gtls_data_pending’: 1616 + vtls/gtls.c:1429:3: error: this ‘if’ clause does not guard... [-Werror=misleading-indentation] 1617 + if(conn->proxy_ssl[connindex].session && 1618 + ^~ 1619 + vtls/gtls.c:1433:5: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘if’ 1620 + return res; 1621 + 1622 +- [Thomas Glanzmann brought this change] 1623 + 1624 + mbedtls: Fix compile errors 1625 + 1626 +- [Alex Rousskov brought this change] 1627 + 1628 + proxy: Support HTTPS proxy and SOCKS+HTTP(s) 1629 + 1630 + * HTTPS proxies: 1631 + 1632 + An HTTPS proxy receives all transactions over an SSL/TLS connection. 1633 + Once a secure connection with the proxy is established, the user agent 1634 + uses the proxy as usual, including sending CONNECT requests to instruct 1635 + the proxy to establish a [usually secure] TCP tunnel with an origin 1636 + server. HTTPS proxies protect nearly all aspects of user-proxy 1637 + communications as opposed to HTTP proxies that receive all requests 1638 + (including CONNECT requests) in vulnerable clear text. 1639 + 1640 + With HTTPS proxies, it is possible to have two concurrent _nested_ 1641 + SSL/TLS sessions: the "outer" one between the user agent and the proxy 1642 + and the "inner" one between the user agent and the origin server 1643 + (through the proxy). This change adds supports for such nested sessions 1644 + as well. 1645 + 1646 + A secure connection with a proxy requires its own set of the usual SSL 1647 + options (their actual descriptions differ and need polishing, see TODO): 1648 + 1649 + --proxy-cacert FILE CA certificate to verify peer against 1650 + --proxy-capath DIR CA directory to verify peer against 1651 + --proxy-cert CERT[:PASSWD] Client certificate file and password 1652 + --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) 1653 + --proxy-ciphers LIST SSL ciphers to use 1654 + --proxy-crlfile FILE Get a CRL list in PEM format from the file 1655 + --proxy-insecure Allow connections to proxies with bad certs 1656 + --proxy-key KEY Private key file name 1657 + --proxy-key-type TYPE Private key file type (DER/PEM/ENG) 1658 + --proxy-pass PASS Pass phrase for the private key 1659 + --proxy-ssl-allow-beast Allow security flaw to improve interop 1660 + --proxy-sslv2 Use SSLv2 1661 + --proxy-sslv3 Use SSLv3 1662 + --proxy-tlsv1 Use TLSv1 1663 + --proxy-tlsuser USER TLS username 1664 + --proxy-tlspassword STRING TLS password 1665 + --proxy-tlsauthtype STRING TLS authentication type (default SRP) 1666 + 1667 + All --proxy-foo options are independent from their --foo counterparts, 1668 + except --proxy-crlfile which defaults to --crlfile and --proxy-capath 1669 + which defaults to --capath. 1670 + 1671 + Curl now also supports %{proxy_ssl_verify_result} --write-out variable, 1672 + similar to the existing %{ssl_verify_result} variable. 1673 + 1674 + Supported backends: OpenSSL, GnuTLS, and NSS. 1675 + 1676 + * A SOCKS proxy + HTTP/HTTPS proxy combination: 1677 + 1678 + If both --socks* and --proxy options are given, Curl first connects to 1679 + the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS 1680 + proxy. 1681 + 1682 + TODO: Update documentation for the new APIs and --proxy-* options. 1683 + Look for "Added in 7.XXX" marks. 1684 + 1685 +Patrick Monnerat (24 Nov 2016) 1686 +- Declare endian read functions argument as a const pointer. 1687 + This is done for all functions of the form Curl_read[136][624]_[lb]e. 1688 + 1689 +- Limit ASN.1 structure sizes to 256K. Prevent some allocation size overflows. 1690 + See CRL-01-006. 1691 + 1692 +Jay Satiro (22 Nov 2016) 1693 +- url: Fix conn reuse for local ports and interfaces 1694 + 1695 + - Fix connection reuse for when the proposed new conn 'needle' has a 1696 + specified local port but does not have a specified device interface. 1697 + 1698 + Bug: https://curl.haxx.se/mail/lib-2016-11/0137.html 1699 + Reported-by: bjt3[at]hotmail.com 1700 + 1701 +Daniel Stenberg (21 Nov 2016) 1702 +- rand: pass in number of randoms as an unsigned argument 1703 + 1704 +Jay Satiro (20 Nov 2016) 1705 +- rand: Fix potentially uninitialized result warning 1706 + 1707 +Marcel Raad (19 Nov 2016) 1708 +- vtls: fix build warnings 1709 + 1710 + Fix warnings about conversions from long to time_t in openssl.c and 1711 + schannel.c. 1712 + 1713 + Follow-up to de4de4e3c7c 1714 + 1715 +Daniel Stenberg (18 Nov 2016) 1716 +- [Marcel Raad brought this change] 1717 + 1718 + lib: fix compiler warnings after de4de4e3c7c 1719 + 1720 + Visual C++ now complains about implicitly casting time_t (64-bit) to 1721 + long (32-bit). Fix this by changing some variables from long to time_t, 1722 + or explicitly casting to long where the public interface would be 1723 + affected. 1724 + 1725 + Closes #1131 1726 + 1727 +Peter Wu (17 Nov 2016) 1728 +- [Isaac Boukris brought this change] 1729 + 1730 + Don't mix unix domain sockets with regular ones 1731 + 1732 + When reusing a connection, make sure the unix domain 1733 + socket option matches. 1734 + 1735 +Jay Satiro (17 Nov 2016) 1736 +- tests: Fix HTTP2-Settings header for huge window size 1737 + 1738 + Follow-up to a4d8888. Changing the window size in that commit resulted 1739 + in a different HTTP2-Settings upgrade header, causing test 1800 to fail. 1740 + 1741 +- http2: Use huge HTTP/2 windows 1742 + 1743 + - Improve performance by using a huge HTTP/2 window size. 1744 + 1745 + Bug: https://github.com/curl/curl/issues/1102 1746 + Reported-by: afrind@users.noreply.github.com 1747 + Assisted-by: Tatsuhiro Tsujikawa 1748 + 1749 +Daniel Stenberg (16 Nov 2016) 1750 +- cmdline-docs: more conversion 1751 + 1752 +- gen: support 'protos' 1753 + 1754 + and warn on unrecognized lines 1755 + 1756 +- gen: support 'single' to make an individual page man page 1757 + 1758 +- cmdline-docs: more options converted over 1759 + 1760 +- gen: support 'redirect' 1761 + 1762 + ... and warn for too long --help lines 1763 + 1764 +- cmdline/gen: replace options in texts better 1765 + 1766 +Jay Satiro (16 Nov 2016) 1767 +- http2: Fix address sanitizer memcpy warning 1768 + 1769 + - In Curl_http2_switched don't call memcpy when src is NULL. 1770 + 1771 + Curl_http2_switched can be called like: 1772 + 1773 + Curl_http2_switched(conn, NULL, 0); 1774 + 1775 + .. and prior to this change memcpy was then called like: 1776 + 1777 + memcpy(dest, NULL, 0) 1778 + 1779 + .. causing address sanitizer to warn: 1780 + 1781 + http2.c:2057:3: runtime error: null pointer passed as argument 2, which 1782 + is declared to never be null 1783 + 1784 +- tool_help: Clarify --dump-header only writes received headers 1785 + 1786 +- curl.1: Clarify --dump-header only writes received headers 1787 + 1788 +Daniel Stenberg (15 Nov 2016) 1789 +- [Alex Chan brought this change] 1790 + 1791 + docs: Spelling fixes 1792 + 1793 +Kamil Dudka (15 Nov 2016) 1794 +- docs: the next release will be 7.52.0 1795 + 1796 +Daniel Stenberg (15 Nov 2016) 1797 +- cmdline-opts: support generating the --help output 1798 + 1799 +- [David Schweikert brought this change] 1800 + 1801 + darwinssl: fix SSL client certificate not found on MacOS Sierra 1802 + 1803 + Reviewed-by: Nick Zitzmann 1804 + 1805 + Closes #1105 1806 + 1807 +- curl: add --fail-early to help output 1808 + 1809 + Fixes test 1139 failures 1810 + 1811 + Follow-up to f82bbe01c8835 1812 + 1813 +- glob: fix [a-c] globbing regression 1814 + 1815 + Brought in ee4f76606cf 1816 + 1817 + Added test case 1280 to verify 1818 + 1819 + Reported-by: Dave Reisner 1820 + 1821 + Bug: https://github.com/curl/curl/commit/ee4f76606cfa4ee068bf28edd37c8dae7e8db317#commitcomment-19823146 1822 + 1823 +- curl: add --fail-early 1824 + 1825 + Exit with an error on the first transfer error instead of continuing to 1826 + do the rest of the URLs. 1827 + 1828 + Discussion: https://curl.haxx.se/mail/archive-2016-11/0038.html 1829 + 1830 +- Curl_rand: fixed and moved to rand.c 1831 + 1832 + Now Curl_rand() is made to fail if it cannot get the necessary random 1833 + level. 1834 + 1835 + Changed the proto of Curl_rand() slightly to provide a number of ints at 1836 + once. 1837 + 1838 + Moved out from vtls, since it isn't a TLS function and vtls provides 1839 + Curl_ssl_random() for this to use. 1840 + 1841 + Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html 1842 + 1843 +- cmdline-opts: first test version of a new man page generator kit 1844 + 1845 + See MANPAGE.md for the description of how this works. Each command line 1846 + option is now described in a separate .d file. 1847 + 1848 +- time_t fix: follow-up to de4de4e3c7c 1849 + 1850 + Blah, I accidentally wrote size_t instead of time_t for two variables. 1851 + 1852 + Reported-by: Dave Reisner 1853 + 1854 +- timeval: prefer time_t to hold seconds instead of long 1855 + 1856 + ... as long is still 32bit on modern 64bit windows machines, while 1857 + time_t is generally 64bit. 1858 + 1859 +Dan Fandrich (12 Nov 2016) 1860 +- tests: fixed variable might be clobbered warning 1861 + 1862 + This stops the compiler from potentially making invalid assumptions 1863 + about the immutability of sdp and sap across the longjmp boundary. 1864 + 1865 +Daniel Stenberg (12 Nov 2016) 1866 +- RELEASE-NOTES: synced with 346340808c 1867 + 1868 +- URL-parser: for file://[host]/ URLs, the [host] must be localhost 1869 + 1870 + Previously, the [host] part was just ignored which made libcurl accept 1871 + strange URLs misleading users. like "file://etc/passwd" which might've 1872 + looked like it refers to "/etc/passwd" but is just "/passwd" since the 1873 + "etc" is an ignored host name. 1874 + 1875 + Reported-by: Mike Crowe 1876 + Assisted-by: Kamil Dudka 1877 + 1878 +- test558: adapt to 0649433da 1879 + 1880 +- openssl: make sure to fail in the unlikely event that PRNG seeding fails 1881 + 1882 +- openssl: avoid unnecessary seeding if already done 1883 + 1884 + 1.1.0+ does more of this by itself so we can avoid extra processing this 1885 + way. 1886 + 1887 +- openssl: RAND_status always exists in OpenSSL >= 0.9.7 1888 + 1889 + and remove RAND_screen from configure since nothing is using that 1890 + function 1891 + 1892 +- Curl_pgrsUpdate: use dedicated function for time passed 1893 + 1894 +- realloc: use Curl_saferealloc to avoid common mistakes 1895 + 1896 + Discussed: https://curl.haxx.se/mail/lib-2016-11/0087.html 1897 + 1898 +- [Daniel Hwang brought this change] 1899 + 1900 + curl: Add --retry-connrefused 1901 + 1902 + to consider ECONNREFUSED as a transient error. 1903 + 1904 + Closes #1064 1905 + 1906 +- openssl: raise the max_version to 1.3 if asked for 1907 + 1908 + Now I've managed to negotiate TLS 1.3 with https://enabled.tls13.com/ when 1909 + using boringssl. 1910 + 1911 +Jay Satiro (9 Nov 2016) 1912 +- vtls: Fail on unrecognized param for CURLOPT_SSLVERSION 1913 + 1914 + - Fix GnuTLS code for CURL_SSLVERSION_TLSv1_2 that broke when the 1915 + TLS 1.3 support was added in 6ad3add. 1916 + 1917 + - Homogenize across code for all backends the error message when TLS 1.3 1918 + is not available to "<backend>: TLS 1.3 is not yet supported". 1919 + 1920 + - Return an error when a user-specified ssl version is unrecognized. 1921 + 1922 + --- 1923 + 1924 + Prior to this change our code for some of the backends used the 1925 + 'default' label in the switch statement (ie ver unrecognized) for 1926 + ssl.version and treated it the same as CURL_SSLVERSION_DEFAULT. 1927 + 1928 + Bug: https://curl.haxx.se/mail/lib-2016-11/0048.html 1929 + Reported-by: Kamil Dudka 1930 + 1931 +Daniel Stenberg (9 Nov 2016) 1932 +- [Isaac Boukris brought this change] 1933 + 1934 + SPNEGO: Fix memory leak when authentication fails 1935 + 1936 + If SPNEGO fails, cleanup the negotiate handle right away. 1937 + 1938 + Fixes #1115 1939 + 1940 + Signed-off-by: Isaac Boukris <iboukris@gmail.com> 1941 + Reported-by: ashman-p 1942 + 1943 +- CODE_STYLE.md: link to INTERNALS.md correctly 1944 + 1945 +- bump: next version will be 7.52.0 1946 + 1947 +- RELEASE-NOTES: synced with dfcdaaba371e9a3 1948 + 1949 +- examples/fileupload.c: fclose the file as well 1950 + 1951 +- printf: fix ".*f" handling 1952 + 1953 + It would always use precision 1 instead of reading it from the argument 1954 + list as intended. 1955 + 1956 + Reported-by: Ray Satiro 1957 + 1958 + Bug: #1113 1959 + 1960 +- curl_formadd.3: *_FILECONTENT and *_FILE need the file to be kept 1961 + 1962 + Reported-by: Frank Gevaerts 1963 + 1964 +Kamil Dudka (7 Nov 2016) 1965 +- nss: silence warning 'SSL_NEXT_PROTO_EARLY_VALUE not handled in switch' 1966 + 1967 + ... with nss-3.26.0 and newer 1968 + 1969 + Reported-by: Daniel Stenberg 1970 + 1971 +Daniel Stenberg (7 Nov 2016) 1972 +- openssl: initial TLS 1.3 adaptions 1973 + 1974 + BoringSSL supports TLSv1.3 already, but these changes don't seem to be anough 1975 + to get it working. 1976 + 1977 +- ssh: check md5 fingerprints case insensitively (regression) 1978 + 1979 + Revert the change from ce8d09483eea but use the new function 1980 + 1981 + Reported-by: Kamil Dudka 1982 + Bug: https://github.com/curl/curl/commit/ce8d09483eea2fcb1b50e323e1a8ed1f3613b2e3#commitcomment-19666146 1983 + 1984 +Kamil Dudka (7 Nov 2016) 1985 +- curl: introduce the --tlsv1.3 option to force TLS 1.3 1986 + 1987 + Fully implemented with the NSS backend only for now. 1988 + 1989 + Reviewed-by: Ray Satiro 1990 + 1991 +- vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3 1992 + 1993 + Fully implemented with the NSS backend only for now. 1994 + 1995 + Reviewed-by: Ray Satiro 1996 + 1997 +- nss: map CURL_SSLVERSION_DEFAULT to NSS default 1998 + 1999 + ... but make sure we use at least TLSv1.0 according to libcurl API 2000 + 2001 + Reported-by: Cure53 2002 + Reviewed-by: Ray Satiro 2003 + 2004 +Daniel Stenberg (7 Nov 2016) 2005 +- s/cURL/curl 2006 + 2007 + We're mostly saying just "curl" in lower case these days so here's a big 2008 + cleanup to adapt to this reality. A few instances are left as the 2009 + project could still formally be considered called cURL. 2010 + 2011 +Jay Satiro (7 Nov 2016) 2012 +- [Tatsuhiro Tsujikawa brought this change] 2013 + 2014 + http2: Don't send header fields prohibited by HTTP/2 spec 2015 + 2016 + Previously, we just ignored "Connection" header field. But HTTP/2 2017 + specification actually prohibits few more header fields. This commit 2018 + ignores all of them so that we don't send these bad header fields. 2019 + 2020 + Bug: https://curl.haxx.se/mail/archive-2016-10/0033.html 2021 + Reported-by: Ricki Hirner 2022 + 2023 + Closes https://github.com/curl/curl/pull/1092 2024 + 2025 +Daniel Stenberg (7 Nov 2016) 2026 +- curl.1: explain the SMTP data expected for -T 2027 + 2028 + Fixes #1107 2029 + 2030 + Reported-by: Adam Piggott 2031 + 2032 +Peter Wu (6 Nov 2016) 2033 +- cmake: disable poll for macOS 2034 + 2035 + Mirrors the autotools behavior introduced with curl-7_50_3-83-ga34c7ce. 2036 + 2037 + Fixes #1089 2038 + 2039 +Jay Satiro (5 Nov 2016) 2040 +- easy: Initialize info variables on easy init and duphandle 2041 + 2042 + - Call Curl_initinfo on init and duphandle. 2043 + 2044 + Prior to this change the statistical and informational variables were 2045 + simply zeroed by calloc on easy init and duphandle. While zero is the 2046 + correct default value for almost all info variables, there is one where 2047 + it isn't (filetime initializes to -1). 2048 + 2049 + Bug: https://github.com/curl/curl/issues/1103 2050 + Reported-by: Neal Poole 2051 + 2052 +Daniel Stenberg (5 Nov 2016) 2053 +- [Mauro Rappa brought this change] 2054 + 2055 + curl -w: added more decimal digits to timing counters 2056 + 2057 + Now showing microsecond resolution. 2058 + 2059 + Closes #1106 2060 + 2061 +Jakub Zakrzewski (4 Nov 2016) 2062 +- dist: add CMakeLists.txt to the tarball 2063 + 2064 +Daniel Stenberg (4 Nov 2016) 2065 +- mbedtls: fix build with mbedtls versions < 2.4.0 2066 + 2067 + Regression added in 62a8095e714 2068 + 2069 + Reported-by: Tony Kelman 2070 + 2071 + Discussed in #1087 2072 + 2073 +- configure: verify that compiler groks -Werror=partial-availability 2074 + 2075 + Reported-by: bemoody 2076 + 2077 + Fixes #1104 2078 + 2079 +- docs: shorten and simplify the top comment in multi-uv.c 2080 + 2081 + and change URL to use https 2082 + 2083 +- [Andrei Sedoi brought this change] 2084 + 2085 + docs: handle CURL_POLL_INOUT in multi-uv example 2086 + 2087 +- [Andrei Sedoi brought this change] 2088 + 2089 + docs: multi-uv: don't use CURLMsg after cleanup 2090 + 2091 +- [Andrei Sedoi brought this change] 2092 + 2093 + docs: remove unused variables in multi-uv example 2094 + 2095 +- bump: start working on 7.51.1 2096 + 2097 +- winbuild: remove strcase.obj from curl build 2098 + 2099 + Reported-by: Bruce Stephens 2100 + 2101 + Fixes #1098 2102 + 2103 +Dan Fandrich (2 Nov 2016) 2104 +- msvc: removed a straggling reference to strequal.c 2105 + 2106 + Follow-up to 502acba2 2107 + 2108 +Version 7.51.0 (2 Nov 2016) 2109 + 2110 +Daniel Stenberg (2 Nov 2016) 2111 +- THANKS: synced with 7.51.0 2112 + 2113 +- RELEASE-NOTES: 7.51.0 2114 + 2115 +- ftp_done: don't clobber the passed in error code 2116 + 2117 + Coverity CID 1374359 pointed out the unused result value. 2118 + 2119 +- ftp: remove dead code in ftp_done 2120 + 2121 + Coverity CID 1374358 2122 + 2123 +Jay Satiro (1 Nov 2016) 2124 +- generate.bat: Include include/curl in libcurl VS projects 2125 + 2126 + .. because including those headers helps Visual Studio's Intellisense. 2127 + 2128 +- generate.bat: Remove strcase.[ch] from curl tool VS projects 2129 + 2130 + ..because they're no longer needed in the tool build. strcase is still 2131 + built by the libcurl project and exports curl_str(n)equal which is used 2132 + by the curl tool. 2133 + 2134 + Bug: https://github.com/curl/curl/commit/9363f1a#all_commit_comments 2135 + 2136 +Daniel Stenberg (2 Nov 2016) 2137 +- metalink: simplify the hex parsing function 2138 + 2139 + ... and now it avoids using the libcurl toupper() function 2140 + 2141 +Michael Kaufmann (1 Nov 2016) 2142 +- file: fix compiler warning 2143 + 2144 + follow-up to 46133aa5 2145 + 2146 +Dan Fandrich (1 Nov 2016) 2147 +- strcase: fixed Metalink builds by redefining checkprefix() 2148 + 2149 + ...to use the public function curl_strnequal(). This isn't ideal because 2150 + it adds extra overhead to any internal calls to checkprefix. 2151 + 2152 + follow-up to 95bd2b3e 2153 + 2154 +Daniel Stenberg (1 Nov 2016) 2155 +- curl.1: typo 2156 + 2157 +- curl.1: expand on how multiple uses of -o looks 2158 + 2159 + Suggested-by: Dan Jacobson 2160 + Issue: https://github.com/curl/curl/issues/1097 2161 + 2162 +- tests/util: get a private strncasecompare clone 2163 + 2164 + ... since the curlx_* code no longer provides one and we don't link 2165 + libcurl to these test servers. 2166 + 2167 +- strcase: make the tool use curl_str[n]equal instead 2168 + 2169 + As they are after all part of the public API. Saves space and reduces 2170 + complexity. Remove the strcase defines from the curlx_ family. 2171 + 2172 + Suggested-by: Dan Fandrich 2173 + Idea: https://curl.haxx.se/mail/lib-2016-10/0136.html 2174 + 2175 +Kamil Dudka (31 Oct 2016) 2176 +- gskit, nss: do not include strequal.h 2177 + 2178 + follow-up to 811a693b80 2179 + 2180 +Dan Fandrich (31 Oct 2016) 2181 +- strcasecompare: include curl.h in strcase.c 2182 + 2183 + This should fix the "warning: 'curl_strequal' redeclared without 2184 + dllimport attribute: previous dllimport ignored" message and subsequent 2185 + link error on Windows because of the missing CURL_EXTERN on the 2186 + prototype. 2187 + 2188 +Daniel Stenberg (31 Oct 2016) 2189 +- strcase: fix the remaining rawstr users 2190 + 2191 +- msvc builds: s/rawstr/strcase 2192 + 2193 + Follow-up to 811a693b 2194 + 2195 +Dan Fandrich (31 Oct 2016) 2196 +- strcasecompare: replaced remaining rawstr.h with strcase.h 2197 + 2198 + This is a followup to commit 811a693b 2199 + 2200 +Marcel Raad (31 Oct 2016) 2201 +- digest_sspi: fix include 2202 + 2203 + Fix compile break from 811a693b80 2204 + 2205 +Dan Fandrich (31 Oct 2016) 2206 +- libauthretry: use the external function curl_strequal 2207 + 2208 + The internal version strcasecompare isn't available outside libcurl 2209 + 2210 +Daniel Stenberg (31 Oct 2016) 2211 +- RELEASE-NOTES: synced with d14538d2501ef0da 2212 + 2213 +- configure: raise the default minimum version for macos to 10.8 2214 + 2215 + follow-up to 4f8d0b6f02aa7043. Since the darwinssl code breaks 2216 + otherwise. If you build without darwinssl 10.5 works fine. 2217 + 2218 +- unit1301: keep testing curl_strequal 2219 + 2220 + as that is still part of the API, fix from 8fe4bd084412f30 2221 + 2222 +- ldap: fix include 2223 + 2224 + Fix bug from 811a693b80 2225 + 2226 +- url: remove unconditional idn2.h include 2227 + 2228 + Mistake brought by 9c91ec778104a 2229 + 2230 +- curl_strequal: part of public API/ABI, needs to be kept 2231 + 2232 + These two public functions have been mentioned as deprecated since a 2233 + very long time but since they are still part of the API and ABI we need 2234 + to keep them around. 2235 + 2236 +- strcase: s/strequal/strcasecompare 2237 + 2238 + some more follow-ups to 811a693b80 2239 + 2240 +- ldap: fix strcase use 2241 + 2242 + follow-up to 811a693b80 2243 + 2244 +- test165: adapted to the libidn2 use and IDNA2008 fix 2245 + 2246 +- cookie: replace use of fgets() with custom version 2247 + 2248 + ... that will ignore lines that are too long to fit in the buffer. 2249 + 2250 + CVE-2016-8615 2251 + 2252 + Bug: https://curl.haxx.se/docs/adv_20161102A.html 2253 + Reported-by: Cure53 2254 + 2255 +- strcasecompare: all case insensitive string compares ignore locale now 2256 + 2257 + We had some confusions on when each function was used. We should not act 2258 + differently on different locales anyway. 2259 + 2260 +- strcasecompare: is the new name for strequal() 2261 + 2262 + ... to make it less likely that we forget that the function actually 2263 + does case insentive compares. Also replaced several invokes of the 2264 + function with a plain strcmp when case sensitivity is not an issue (like 2265 + comparing with "-"). 2266 + 2267 +- ftp: check for previous patch must be case sensitive! 2268 + 2269 + ... otherwise example.com/PATH and example.com/path would be assumed to 2270 + be the same and they usually aren't! 2271 + 2272 +- SSH: check md5 fingerprint case sensitively 2273 + 2274 +- connectionexists: use case sensitive user/password comparisons 2275 + 2276 + CVE-2016-8616 2277 + 2278 + Bug: https://curl.haxx.se/docs/adv_20161102B.html 2279 + Reported-by: Cure53 2280 + 2281 +- base64: check for integer overflow on large input 2282 + 2283 + CVE-2016-8617 2284 + 2285 + Bug: https://curl.haxx.se/docs/adv_20161102C.html 2286 + Reported-by: Cure53 2287 + 2288 +- krb5: avoid realloc(0) 2289 + 2290 + If the requested size is zero, bail out with error instead of doing a 2291 + realloc() that would cause a double-free: realloc(0) acts as a free() 2292 + and then there's a second free in the cleanup path. 2293 + 2294 + CVE-2016-8619 2295 + 2296 + Bug: https://curl.haxx.se/docs/adv_20161102E.html 2297 + Reported-by: Cure53 2298 + 2299 +- aprintf: detect wrap-around when growing allocation 2300 + 2301 + On 32bit systems we could otherwise wrap around after 2GB and allocate 0 2302 + bytes and crash. 2303 + 2304 + CVE-2016-8618 2305 + 2306 + Bug: https://curl.haxx.se/docs/adv_20161102D.html 2307 + Reported-by: Cure53 2308 + 2309 +- range: reject char globs with missing end like '[L-]' 2310 + 2311 + ... which previously would lead to out of boundary reads. 2312 + 2313 + Reported-by: Luật Nguyễn 2314 + 2315 +- glob_next_url: make sure to stay within the given output buffer 2316 + 2317 +- range: prevent negative end number in a glob range 2318 + 2319 + CVE-2016-8620 2320 + 2321 + Bug: https://curl.haxx.se/docs/adv_20161102F.html 2322 + Reported-by: Luật Nguyễn 2323 + 2324 +- parsedate: handle cut off numbers better 2325 + 2326 + ... and don't read outside of the given buffer! 2327 + 2328 + CVE-2016-8621 2329 + 2330 + bug: https://curl.haxx.se/docs/adv_20161102G.html 2331 + Reported-by: Luật Nguyễn 2332 + 2333 +- escape: avoid using curl_easy_unescape() internally 2334 + 2335 + Since the internal Curl_urldecode() function has a better API. 2336 + 2337 +- unescape: avoid integer overflow 2338 + 2339 + CVE-2016-8622 2340 + 2341 + Bug: https://curl.haxx.se/docs/adv_20161102H.html 2342 + Reported-by: Cure53 2343 + 2344 +- cookies: getlist() now holds deep copies of all cookies 2345 + 2346 + Previously it only held references to them, which was reckless as the 2347 + thread lock was released so the cookies could get modified by other 2348 + handles that share the same cookie jar over the share interface. 2349 + 2350 + CVE-2016-8623 2351 + 2352 + Bug: https://curl.haxx.se/docs/adv_20161102I.html 2353 + Reported-by: Cure53 2354 + 2355 +- TODO: remove IDNA2008 2356 + 2357 +- idn: switch to libidn2 use and IDNA2008 support 2358 + 2359 + CVE-2016-8625 2360 + 2361 + Bug: https://curl.haxx.se/docs/adv_20161102K.html 2362 + Reported-by: Christian Heimes 2363 + 2364 +- test1246: verify URL parsing with host name ending with '#' 2365 + 2366 +- urlparse: accept '#' as end of host name 2367 + 2368 + 'http://example.com#@127.0.0.1/x.txt' equals a request to example.com 2369 + for the '/' document with the rest of the URL being a fragment. 2370 + 2371 + CVE-2016-8624 2372 + 2373 + Bug: https://curl.haxx.se/docs/adv_20161102J.html 2374 + Reported-by: Fernando Muñoz 2375 + 2376 +Jay Satiro (31 Oct 2016) 2377 +- INTERNALS: better markdown (follow-up) 2378 + 2379 + - Wrap more words with underscores in backticks. 2380 + 2381 + Follow-up to 13f4913. 2382 + 2383 +Daniel Stenberg (30 Oct 2016) 2384 +- INTERNALS: better markdown 2385 + 2386 + words with underscore need to be within `these` 2387 + 2388 + Bug: https://github.com/curl/curl-www/issues/19 2389 + Reported-by : Jay Satiro 2390 + 2391 +Jay Satiro (30 Oct 2016) 2392 +- mk-ca-bundle.vbs: Fix UTF-8 output 2393 + 2394 + - Change initial message box to mention delay when downloading/parsing. 2395 + 2396 + Since there is no progress meter it was somewhat unexpected that after 2397 + choosing a filename nothing appears to happen, when actually the cert 2398 + data is in the process of being downloaded and parsed. 2399 + 2400 + - Warn if OpenSSL is not present. 2401 + 2402 + - Use a UTF-8 stream to make the ca-bundle data. 2403 + 2404 + - Save the UTF-8 ca-bundle stream as binary so that no BOM is added. 2405 + 2406 + --- 2407 + 2408 + This is a follow-up to d2c6d15 which switched mk-ca-bundle.vbs output to 2409 + ANSI due to corrupt UTF-8 output, now fixed. 2410 + 2411 + This change completes making the default certificate bundle output of 2412 + mk-ca-bundle.vbs as close as possible to that of mk-ca-bundle.pl, which 2413 + should make it easier to review any difference between their output. 2414 + 2415 + Ref: https://github.com/curl/curl/pull/1012 2416 + 2417 +Daniel Stenberg (28 Oct 2016) 2418 +- BINDINGS: converted to markdown 2419 + 2420 + To make it render better on the web site, at the price of it becoming 2421 + slightly less readable as text. 2422 + 2423 +Jay Satiro (27 Oct 2016) 2424 +- CURLMOPT_MAX_PIPELINE_LENGTH.3: Clarify it's not for HTTP/2 2425 + 2426 + - Clarify that this option is only for HTTP/1.1 pipelining. 2427 + 2428 + Bug: https://github.com/curl/curl/issues/1059 2429 + Reported-by: Jeroen Ooms 2430 + 2431 + Assisted-by: Daniel Stenberg 2432 + 2433 +Daniel Stenberg (27 Oct 2016) 2434 +- KNOWN_BUGS: HTTP/2 server push enabled when no pushes can be accepted 2435 + 2436 + Closes #927 2437 + 2438 +- KNOWN_BUGS: c-ares deviates from stock resolver on http://1346569778 2439 + 2440 + Closes #893 2441 + 2442 +Michael Osipov (27 Oct 2016) 2443 +- configure.in: Fix test syntax 2444 + 2445 + Some versions of test allow == for equality, but others (such as the HP-UX 2446 + version) do not. Use a single = for correctness. 2447 + 2448 + Error output: 2449 + checking for monotonic clock_gettime... ./configure[20445]: ==: A test command parameter is not valid. 2450 + 2451 +Daniel Stenberg (27 Oct 2016) 2452 +- SECURITY: minor updates 2453 + 2454 + - we allow the security push up to 48 hours before the release 2455 + 2456 + - add a mention about possible pre-notifications 2457 + 2458 + - lower case the 'curl-security' title 2459 + 2460 +- [Andrei Sedoi brought this change] 2461 + 2462 + docs: fix req->data in multi-uv example 2463 + 2464 + Closes #1088 2465 + 2466 +- mbedtls: stop using deprecated include file 2467 + 2468 + Reported-by: wyattoday 2469 + Fixes #1087 2470 + 2471 +Kamil Dudka (25 Oct 2016) 2472 +- [Martin Frodl brought this change] 2473 + 2474 + nss: fix tight loop in non-blocking TLS handhsake over proxy 2475 + 2476 + ... in case the handshake completes before entering 2477 + CURLM_STATE_PROTOCONNECT 2478 + 2479 + Bug: https://bugzilla.redhat.com/1388162 2480 + 2481 +Jay Satiro (25 Oct 2016) 2482 +- mk-ca-bundle: Update the vbscript version 2483 + 2484 + Bring the VBScript version more in line with the perl version: 2485 + 2486 + - Change timestamp to UTC. 2487 + 2488 + - Change URL retrieval to HTTPS-only by default. 2489 + 2490 + - Comment out the options that disabled SSL cert checking by default. 2491 + 2492 + - Assume OpenSSL is present, get SHA256. And add a flag to toggle it. 2493 + 2494 + - Fix cert issuer name output. 2495 + 2496 + The cert issuer output is now ansi, converted from UTF-8. Prior to this 2497 + it was corrupt UTF-8. It turns out though we can work with UTF-8 the 2498 + FSO object that writes ca-bundle can't write UTF-8, so there will have 2499 + to be some alternative if UTF-8 is needed (like an ADODB.Stream). 2500 + 2501 + - Disable the certificate text info feature. 2502 + 2503 + The certificate text info doesn't work properly with any recent OpenSSL. 2504 + 2505 +Daniel Stenberg (24 Oct 2016) 2506 +- TODO: indent code to make it render properly 2507 + 2508 +- TODO: Remove the generated include file 2509 + 2510 +- TODO: add "--retry should resume" 2511 + 2512 + See #1084 2513 + 2514 +- mk-ca-bundle.1: document -k 2515 + 2516 + Brought in 1ad2bdcf110266c. Now does HTTPS by default and needs -k to 2517 + fall back to plain HTTP. 2518 + 2519 +- [Jay Satiro brought this change] 2520 + 2521 + mk-ca-bundle: Change URL retrieval to HTTPS-only by default 2522 + 2523 + - Change all predefined Mozilla URLs to HTTPS (Gregory Szorc). 2524 + 2525 + - New option -k to allow URLs other than HTTPS and enable HTTP fallback. 2526 + 2527 + Prior to this change the default URL retrieval mode was to fall back to 2528 + HTTP if HTTPS didn't work. 2529 + 2530 + Reported-by: Gregory Szorc 2531 + 2532 + Closes #1012 2533 + 2534 +- RELEASE-NOTES: synced with 50ee3aaf1a9b22d 2535 + 2536 +Dan Fandrich (23 Oct 2016) 2537 +- INSTALL.md: Updated minimum file sizes for 7.50.3 2538 + 2539 +Daniel Stenberg (22 Oct 2016) 2540 +- multi: force connections to get closed in close_all_connections 2541 + 2542 + Several independent reports on infinite loops hanging in the 2543 + close_all_connections() function when closing a multi handle, can be 2544 + fixed by first marking the connection to get closed before calling 2545 + Curl_disconnect. 2546 + 2547 + This is more fixing-the-symptom rather than the underlying problem 2548 + though. 2549 + 2550 + Bug: https://curl.haxx.se/mail/lib-2016-10/0011.html 2551 + Bug: https://curl.haxx.se/mail/lib-2016-10/0059.html 2552 + 2553 + Reported-by: Dan Fandrich, Valentin David, Miloš Ljumović 2554 + 2555 +- [Anders Bakken brought this change] 2556 + 2557 + curl_multi_remove_handle: fix a double-free 2558 + 2559 + In short the easy handle needs to be disconnected from its connection at 2560 + this point since the connection still is serving other easy handles. 2561 + 2562 + In our app we can reliably reproduce a crash in our http2 stress test 2563 + that is fixed by this change. I can't easily reproduce the same test in 2564 + a small example. 2565 + 2566 + This is the gdb/asan output: 2567 + 2568 + ==11785==ERROR: AddressSanitizer: heap-use-after-free on address 0xe9f4fb80 at pc 0x09f41f19 bp 0xf27be688 sp 0xf27be67c 2569 + READ of size 4 at 0xe9f4fb80 thread T13 (RESOURCE_HTTP) 2570 + #0 0x9f41f18 in curl_multi_remove_handle /path/to/source/3rdparty/curl/lib/multi.c:666 2571 + 2572 + 0xe9f4fb80 is located 0 bytes inside of 1128-byte region [0xe9f4fb80,0xe9f4ffe8) 2573 + freed by thread T13 (RESOURCE_HTTP) here: 2574 + #0 0xf7b1b5c2 in __interceptor_free /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_malloc_linux.cc:45 2575 + #1 0x9f7862d in conn_free /path/to/source/3rdparty/curl/lib/url.c:2808 2576 + #2 0x9f78c6a in Curl_disconnect /path/to/source/3rdparty/curl/lib/url.c:2876 2577 + #3 0x9f41b09 in multi_done /path/to/source/3rdparty/curl/lib/multi.c:615 2578 + #4 0x9f48017 in multi_runsingle /path/to/source/3rdparty/curl/lib/multi.c:1896 2579 + #5 0x9f490f1 in curl_multi_perform /path/to/source/3rdparty/curl/lib/multi.c:2123 2580 + #6 0x9c4443c in perform /path/to/source/src/net/resourcemanager/ResourceManagerCurlThread.cpp:854 2581 + #7 0x9c445e0 in ... 2582 + #8 0x9c4cf1d in ... 2583 + #9 0xa2be6b5 in ... 2584 + #10 0xf7aa5780 in asan_thread_start /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_interceptors.cc:226 2585 + #11 0xf4d3a16d in __clone (/lib/i386-linux-gnu/libc.so.6+0xe716d) 2586 + 2587 + previously allocated by thread T13 (RESOURCE_HTTP) here: 2588 + #0 0xf7b1ba27 in __interceptor_calloc /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_malloc_linux.cc:70 2589 + #1 0x9f7dfa6 in allocate_conn /path/to/source/3rdparty/curl/lib/url.c:3904 2590 + #2 0x9f88ca0 in create_conn /path/to/source/3rdparty/curl/lib/url.c:5797 2591 + #3 0x9f8c928 in Curl_connect /path/to/source/3rdparty/curl/lib/url.c:6438 2592 + #4 0x9f45a8c in multi_runsingle /path/to/source/3rdparty/curl/lib/multi.c:1411 2593 + #5 0x9f490f1 in curl_multi_perform /path/to/source/3rdparty/curl/lib/multi.c:2123 2594 + #6 0x9c4443c in perform /path/to/source/src/net/resourcemanager/ResourceManagerCurlThread.cpp:854 2595 + #7 0x9c445e0 in ... 2596 + #8 0x9c4cf1d in ... 2597 + #9 0xa2be6b5 in ... 2598 + #10 0xf7aa5780 in asan_thread_start /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_interceptors.cc:226 2599 + #11 0xf4d3a16d in __clone (/lib/i386-linux-gnu/libc.so.6+0xe716d) 2600 + 2601 + SUMMARY: AddressSanitizer: heap-use-after-free /path/to/source/3rdparty/curl/lib/multi.c:666 in curl_multi_remove_handle 2602 + Shadow bytes around the buggy address: 2603 + 0x3d3e9f20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 2604 + 0x3d3e9f30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 2605 + 0x3d3e9f40: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 2606 + 0x3d3e9f50: fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa 2607 + 0x3d3e9f60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 2608 + =>0x3d3e9f70:[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 2609 + 0x3d3e9f80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 2610 + 0x3d3e9f90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 2611 + 0x3d3e9fa0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 2612 + 0x3d3e9fb0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 2613 + 0x3d3e9fc0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 2614 + Shadow byte legend (one shadow byte represents 8 application bytes): 2615 + Addressable: 00 2616 + Partially addressable: 01 02 03 04 05 06 07 2617 + Heap left redzone: fa 2618 + Heap right redzone: fb 2619 + Freed heap region: fd 2620 + Stack left redzone: f1 2621 + Stack mid redzone: f2 2622 + Stack right redzone: f3 2623 + Stack partial redzone: f4 2624 + Stack after return: f5 2625 + Stack use after scope: f8 2626 + Global redzone: f9 2627 + Global init order: f6 2628 + Poisoned by user: f7 2629 + Container overflow: fc 2630 + Array cookie: ac 2631 + Intra object redzone: bb 2632 + ASan internal: fe 2633 + Left alloca redzone: ca 2634 + Right alloca redzone: cb 2635 + ==11785==ABORTING 2636 + 2637 + Thread 14 "RESOURCE_HTTP" received signal SIGABRT, Aborted. 2638 + [Switching to Thread 0xf27bfb40 (LWP 12324)] 2639 + 0xf7fd8be9 in __kernel_vsyscall () 2640 + (gdb) bt 2641 + #0 0xf7fd8be9 in __kernel_vsyscall () 2642 + #1 0xf4c7ee89 in __GI_raise (sig=6) at ../sysdeps/unix/sysv/linux/raise.c:54 2643 + #2 0xf4c803e7 in __GI_abort () at abort.c:89 2644 + #3 0xf7b2ef2e in __sanitizer::Abort () at /opt/toolchain/src/gcc-6.2.0/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cc:122 2645 + #4 0xf7b262fa in __sanitizer::Die () at /opt/toolchain/src/gcc-6.2.0/libsanitizer/sanitizer_common/sanitizer_common.cc:145 2646 + #5 0xf7b21ab3 in __asan::ScopedInErrorReport::~ScopedInErrorReport (this=0xf27be171, __in_chrg=<optimized out>) at /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_report.cc:689 2647 + #6 0xf7b214a5 in __asan::ReportGenericError (pc=166993689, bp=4068206216, sp=4068206204, addr=3925146496, is_write=false, access_size=4, exp=0, fatal=true) at /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_report.cc:1074 2648 + #7 0xf7b21fce in __asan::__asan_report_load4 (addr=3925146496) at /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_rtl.cc:129 2649 + #8 0x09f41f19 in curl_multi_remove_handle (multi=0xf3406080, data=0xde582400) at /path/to/source3rdparty/curl/lib/multi.c:666 2650 + #9 0x09f6b277 in Curl_close (data=0xde582400) at /path/to/source3rdparty/curl/lib/url.c:415 2651 + #10 0x09f3354e in curl_easy_cleanup (data=0xde582400) at /path/to/source3rdparty/curl/lib/easy.c:860 2652 + #11 0x09c6de3f in ... 2653 + #12 0x09c378c5 in ... 2654 + #13 0x09c48133 in ... 2655 + #14 0x09c4d092 in ... 2656 + #15 0x0a2be6b6 in ... 2657 + #16 0xf7aa5781 in asan_thread_start (arg=0xf2d22938) at /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_interceptors.cc:226 2658 + #17 0xf5de52b5 in start_thread (arg=0xf27bfb40) at pthread_create.c:333 2659 + #18 0xf4d3a16e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:114 2660 + 2661 + Fixes #1083 2662 + 2663 +- testcurl.1: fix the URL to the autobuild summary 2664 + 2665 +- testcurl.1: update URLs 2666 + 2667 +- INSTALL: converted to markdown => INSTALL.md 2668 + 2669 + Also heavily edited for content. Removed lots of old cruft that we added 2670 + like 10+ years ago that is likely incorrect by now. 2671 + 2672 + Also removed INSTALL.devcpp for same reason. 2673 + 2674 +- [Martin Storsjo brought this change] 2675 + 2676 + configure: Check for other variants of the -m*os*-version-min flags 2677 + 2678 + In addition to -miphoneos-version-min, the same version can be set 2679 + using -mios-version-min. And for WatchOS and TvOS, there's 2680 + -mwatchos-version-min and -mtvos-version-min. 2681 + 2682 +- configure: set min version flags for builds on mac 2683 + 2684 + This helps building binaries that can work on multiple macOS versions. 2685 + 2686 + Help-by: Martin Storsjö 2687 + 2688 + Fixes #1069 2689 + 2690 +- curl_multi_add_handle: set timeouts in closure handles 2691 + 2692 + The closure handle only ever has default timeouts set. To improve the 2693 + state somewhat we clone the timeouts from each added handle so that the 2694 + closure handle always has the same timeouts as the most recently added 2695 + easy handle. 2696 + 2697 + Fixes #739 2698 + 2699 +- configure/CURL_CHECK_FUNC_POLL: disable poll completely on mac 2700 + 2701 + ... so that the same libcurl build easier can run on any version. 2702 + 2703 + Follow-up to issue #1057 2704 + 2705 +- RELEASE-NOTES: synced with f36f8c14551efc6772 2706 + 2707 +- test14xx: fixed --libcurl output tests again after 8e8afa82cbb 2708 + 2709 +- s/cURL/curl 2710 + 2711 + The tool was never called cURL, only the project. But even so, we have 2712 + more and more over time switched to just use lower case. 2713 + 2714 +- polarssl: indented code, removed unused variables 2715 + 2716 +- polarssl: reduce #ifdef madness with a macro 2717 + 2718 +- polarssl: fix unaligned SSL session-id lock 2719 + 2720 +- Curl_polarsslthreadlock_thread_setup: clear array at init 2721 + 2722 + ... since if it fails to init the entire array and then tries to clean 2723 + it up, it would attempt to work on an uninitialized pointer. 2724 + 2725 +- curl: set INTERLEAVEDATA too 2726 + 2727 + As otherwise the callback could be called with a NULL pointer when RTSP 2728 + data is provided. 2729 + 2730 +- gopher: properly return error for poll failures 2731 + 2732 +- select: switch to macros in uppercase 2733 + 2734 + Curl_select_ready() was the former API that was replaced with 2735 + Curl_select_check() a while back and the former arg setup was provided 2736 + with a define (in order to leave existing code unmodified). 2737 + 2738 + Now we instead offer SOCKET_READABLE and SOCKET_WRITABLE for the most 2739 + common shortcuts where only one socket is checked. They're also more 2740 + visibly macros. 2741 + 2742 +- select: use more proper macro-looking names 2743 + 2744 + ... so that it becomes more obvious in the code what is what. Also added 2745 + a typecast for one of the calculations. 2746 + 2747 +- Curl_socket_check: add extra check to avoid integer overflow 2748 + 2749 +- maketgz: make it support "only" generating version info 2750 + 2751 + ... to allow you to update the local repository with the given version 2752 + number data. 2753 + 2754 +Jay Satiro (17 Oct 2016) 2755 +- url: skip to-be-closed connections when pipelining (follow-up) 2756 + 2757 + - Change back behavior so that pipelining is considered possible for 2758 + connections that have not yet reached the protocol level. 2759 + 2760 + This is a follow-up to e5f0b1a which had changed the behavior of 2761 + checking if pipelining is possible to ignore connections that had 2762 + 'bits.close' set. Connections that have not yet reached the protocol 2763 + level also have that bit set, and we need to consider pipelining 2764 + possible on those connections. 2765 + 2766 +Daniel Stenberg (17 Oct 2016) 2767 +- HTTP2: mention the tool's limited support 2768 + 2769 +- RELEASE-NOTES: synced with a1a5cd04877fd6fd 2770 + 2771 +- [David Woodhouse brought this change] 2772 + 2773 + curl: do not set CURLOPT_SSLENGINEDEFAULT automatically 2774 + 2775 + There were bugs in the PKCS#11 engine, and fixing them triggers bugs in 2776 + OpenSSL. Just don't get involved; there's no need to be making the 2777 + engine methods the default anyway. 2778 + 2779 + https://github.com/OpenSC/libp11/pull/108 2780 + https://github.com/openssl/openssl/pull/1639 2781 + 2782 + Merges #1042 2783 + 2784 +- KNOWN_BUGS: two more existing problems 2785 + 2786 +Marcel Raad (16 Oct 2016) 2787 +- win: fix Universal Windows Platform build 2788 + 2789 + This fixes a merge error in commit 7f3df80 caused by commit 332e8d6. 2790 + 2791 + Additionally, this changes Curl_verify_windows_version for Windows App 2792 + builds to assume to always be running on the target Windows version. 2793 + There seems to be no way to determine the Windows version from a 2794 + UWP app. Neither GetVersion(Ex), nor VerifyVersionInfo, nor the 2795 + Version Helper functions are supported. 2796 + 2797 + Bug: https://github.com/curl/curl/pull/820#issuecomment-250889878 2798 + Reported-by: Paul Joyce 2799 + 2800 + Closes https://github.com/curl/curl/pull/1048 2801 + 2802 +Daniel Stenberg (16 Oct 2016) 2803 +- KNOWN_BUGS: minor formatting edit 2804 + 2805 +Jay Satiro (14 Oct 2016) 2806 +- [Rider Linden brought this change] 2807 + 2808 + url: skip to-be-closed connections when pipelining 2809 + 2810 + No longer attempt to use "doomed" to-be-closed connections when 2811 + pipelining. Prior to this change connections marked for deletion (e.g. 2812 + timeout) would be erroneously used, resulting in sporadic crashes. 2813 + 2814 + As originally reported and fixed by Carlo Wood (origin unknown). 2815 + 2816 + Bug: https://github.com/curl/curl/issues/627 2817 + Reported-by: Rider Linden 2818 + 2819 + Closes https://github.com/curl/curl/pull/1075 2820 + Participation-by: nopjmp@users.noreply.github.com 2821 + 2822 +Daniel Stenberg (13 Oct 2016) 2823 +- vtls: only re-use session-ids using the same scheme 2824 + 2825 + To make it harder to do cross-protocol mistakes 2826 + 2827 +Jay Satiro (11 Oct 2016) 2828 +- [Torben Dannhauer brought this change] 2829 + 2830 + dist: add missing cmake modules to the tarball 2831 + 2832 + Closes https://github.com/curl/curl/pull/1070 2833 + 2834 +Daniel Stenberg (11 Oct 2016) 2835 +- configure: detect the broken poll() in macOS 10.12 2836 + 2837 + Fixes #1057 2838 + 2839 +- dist: remove PDF and HTML converted docs from the releases 2840 + 2841 +- [Remo E brought this change] 2842 + 2843 + cmake: add nghttp2 support 2844 + 2845 + Closes #922 2846 + 2847 +- [Andreas Streichardt brought this change] 2848 + 2849 + resolve: add error message when resolving using SIGALRM 2850 + 2851 + Closes #1066 2852 + 2853 +- GIT-INFO: remove the Mac 10.1-specific details 2854 + 2855 + There shouldn't be many devs out there anymore using such outdated macOS 2856 + versions. And it removes the dead link. 2857 + 2858 + Closes #1049 2859 + 2860 +- RELEASE-NOTES: spellfix 2861 + 2862 +- RELEASE-NOTES: synced with 82720490628cb53a 2863 + 2864 + 5 more fixes, 2 more contributors 2865 + 2866 +- [Tobias Stoeckmann brought this change] 2867 + 2868 + smb: properly check incoming packet boundaries 2869 + 2870 + Not all reply messages were properly checked for their lengths, which 2871 + made it possible to access uninitialized memory (but this does not lead 2872 + to out of boundary accesses). 2873 + 2874 + Closes #1052 2875 + 2876 +- test557: verify printf() with 128 and 129 arguments 2877 + 2878 +- mprintf: return error on too many arguments 2879 + 2880 + 128 arguments should be enough for everyone 2881 + 2882 +- ftp: fix Curl_ftpsendf() 2883 + 2884 + ... it no longer takes printf() arguments since it was only really taken 2885 + advantage by one user and it was not written and used in a safe 2886 + way. Thus the 'f' is removed from the function name and the proto is 2887 + changed. 2888 + 2889 + Although the current code wouldn't end up in badness, it was a risk that 2890 + future changes could end up springf()ing too large data or passing in a 2891 + format string inadvertently. 2892 + 2893 +- formpost: avoid silent snprintf() truncation 2894 + 2895 + The previous use of snprintf() could make libcurl silently truncate some 2896 + input data and not report that back on overly large input, which could 2897 + make data get sent over the network in a bad format. 2898 + 2899 + Example: 2900 + 2901 + $ curl --form 'a=b' -H "Content-Type: $(perl -e 'print "A"x4100')" 2902 + 2903 +- TODO: build: Enable PIE and RELRO by default 2904 + 2905 +- TODO: Support better than MD5 hostkey hash (for ssh) 2906 + 2907 +- [Daniel Gustafsson brought this change] 2908 + 2909 + tests: Fix a small typo in the tests README (#1060) 2910 + 2911 + The subdirectory for logs in tests/ is named log/ without an 's' 2912 + at the end. 2913 + 2914 +- TODO: Introduce --fail-fast to exit on first transfer fail 2915 + 2916 + See #1054 2917 + 2918 +- TODO: Leave secure cookies alone 2919 + 2920 +- [Rainer Müller brought this change] 2921 + 2922 + CURLOPT_DEBUGFUNCTION.3: unused argument warning (#1056) 2923 + 2924 + The 'userp' argument is unused in this example code. 2925 + 2926 +- TODO: TCP Fast Open for windows 2927 + 2928 +- RELEASE-NOTES: synced with 8fd2a754f0de 2929 + 2930 +- CURLOPT_KEEP_SENDING_ON_ERROR.3: mention when it is added 2931 + 2932 +- memdup: use 'void *' as return and source type 2933 + 2934 +- TODO: Add easy argument to formpost functions 2935 + 2936 +- formpost: trying to attach a directory no longer crashes 2937 + 2938 + The error path would previously add a freed entry to the linked list. 2939 + 2940 + Reported-by: Toby Peterson 2941 + 2942 + Fixes #1053 2943 + 2944 +- [Sergei Kuzmin brought this change] 2945 + 2946 + cookies: same domain handling changed to match browser behavior 2947 + 2948 + Cokie with the same domain but different tailmatching property are now 2949 + considered different and do not replace each other. If header contains 2950 + following lines then two cookies will be set: Set-Cookie: foo=bar; 2951 + domain=.foo.com; expires=Thu Mar 3 GMT 8:56:27 2033 Set-Cookie: foo=baz; 2952 + domain=foo.com; expires=Thu Mar 3 GMT 8:56:27 2033 2953 + 2954 + This matches Chrome, Opera, Safari, and Firefox behavior. When sending 2955 + stored tokens to foo.com Chrome, Opera, Firefox store send them in the 2956 + stored order, while Safari pre-sort the cookies. 2957 + 2958 + Closes #1050 2959 + 2960 +- [Stephen Brokenshire brought this change] 2961 + 2962 + FAQ: Fix typos in section 5.14 (#1047) 2963 + 2964 + Type required for YourClass::func C++ function (using size_t in line 2965 + with the documentation for CURLOPT_WRITEFUNCTION) and missing second 2966 + colon when specifying the static function for CURLOPT_WRITEFUNCTION. 2967 + 2968 +- [Sebastian Mundry brought this change] 2969 + 2970 + KNOWN_BUGS: Fix typos in section 5.8. 2971 + 2972 + Closes #1046 2973 + 2974 +- [mundry brought this change] 2975 + 2976 + CONTRIBUTE.md: Fix typo in 'About pull requests' section. (#1045) 2977 + 2978 +- curl.1: --trace supports % for sending to stderr! 2979 + 2980 +- KNOWN_BUGS: 5.8 configure finding libs in wrong directory 2981 + 2982 +Dan Fandrich (24 Sep 2016) 2983 +- configure: Fixed builds with libssh2 in a custom location 2984 + 2985 + A libssh2 library in the standard system location was being used in 2986 + preference to the desired one while linking. 2987 + 2988 +Daniel Stenberg (23 Sep 2016) 2989 +- SECURITY: remove the top ascii logo 2990 + 2991 +Michael Kaufmann (22 Sep 2016) 2992 +- New libcurl option to keep sending on error 2993 + 2994 + Add the new option CURLOPT_KEEP_SENDING_ON_ERROR to control whether 2995 + sending the request body shall be completed when the server responds 2996 + early with an error status code. 2997 + 2998 + This is suitable for manual NTLM authentication. 2999 + 3000 + Reviewed-by: Jay Satiro 3001 + 3002 + Closes https://github.com/curl/curl/pull/904 3003 + 3004 +Kamil Dudka (22 Sep 2016) 3005 +- nss: add chacha20-poly1305 cipher suites if supported by NSS 3006 + 3007 +- nss: add cipher suites using SHA384 if supported by NSS 3008 + 3009 +- nss: fix typo in ecdhe_rsa_null cipher suite string 3010 + 3011 + As it seems to be a rarely used cipher suite (for securely established 3012 + but _unencrypted_ connections), I believe it is fine not to provide an 3013 + alias for the misspelled variant. 3014 + 3015 +Jay Satiro (21 Sep 2016) 3016 +- docs: Remove that --proto is just used for initial retrieval 3017 + 3018 + .. and add that --proto-redir and CURLOPT_REDIR_PROTOCOLS do not 3019 + override protocols denied by --proto and CURLOPT_PROTOCOLS. 3020 + 3021 + - Add a test to enforce: --proto deny must override --proto-redir allow 3022 + 3023 + Closes https://github.com/curl/curl/pull/1031 3024 + 3025 +Daniel Stenberg (21 Sep 2016) 3026 +- dist: add CurlSymbolHiding.cmake to the tarball 3027 + 3028 + Follow-up to 6140dfcf3e784 3029 + 3030 + Reported-by: Alexander Sinditskiy 3031 + 3032 +- curl_global_cleanup.3: don't unload the lib with sub threads running 3033 + 3034 + Discussed in #997 3035 + 3036 + Assisted-by: Jay Satiro 3037 + 3038 +- MAIL-ETIQUETTE: language 3039 + 3040 +Jay Satiro (20 Sep 2016) 3041 +- easy: Reset all statistical session info in curl_easy_reset 3042 + 3043 + Bug: https://github.com/curl/curl/issues/1017 3044 + Reported-by: Jeroen Ooms 3045 + 3046 +Daniel Stenberg (19 Sep 2016) 3047 +- RELEASE-NOTES: synced with 79607eec51055 3048 + 3049 +Jay Satiro (19 Sep 2016) 3050 +- [Daniel Gustafsson brought this change] 3051 + 3052 + darwinssl: Fix typo in comment 3053 + 3054 + Closes https://github.com/curl/curl/pull/1028 3055 + 3056 +Daniel Stenberg (19 Sep 2016) 3057 +- [Bernard Spil brought this change] 3058 + 3059 + libressl: fix version output 3060 + 3061 + LibreSSL defines `OPENSSL_VERSION_NUMBER` as `0x20000000L` for all 3062 + versions returning `LibreSSL/2.0.0` for any LibreSSL version. 3063 + 3064 + This change provides a local OpenSSL_version_num function replacement 3065 + returning LIBRESSL_VERSION_NUMBER instead. 3066 + 3067 + Closes #1029 3068 + 3069 +- [rugk brought this change] 3070 + 3071 + TODO: Add PINNEDPUBLICKEY - HPKP compatibility, HSTS & HPKP 3072 + 3073 + Closes #1025 3074 + Closes #1026 3075 + Closes #1027 3076 + 3077 +- openssl: don't call ERR_remote_thread_state on >= 1.1.0 3078 + 3079 + Follow-up fix to d9321562 3080 + 3081 +- openssl: don’t call CRYTPO_cleanup_all_ex_data 3082 + 3083 + The OpenSSL function CRYTPO_cleanup_all_ex_data() cannot be called 3084 + multiple times without crashing - and other libs might call it! We 3085 + basically cannot call it without risking a crash. The function is a 3086 + no-op since OpenSSL 1.1.0. 3087 + 3088 + Not calling this function only risks a small memory leak with OpenSSL < 3089 + 1.1.0. 3090 + 3091 + Bug: https://curl.haxx.se/mail/lib-2016-09/0045.html 3092 + Reported-by: Todd Short 3093 + 3094 +- TODO: Support SSLKEYLOGFILE 3095 + 3096 +Jay Satiro (18 Sep 2016) 3097 +- CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting 3098 + 3099 +Nick Zitzmann (18 Sep 2016) 3100 +- darwinssl: disable RC4 cipher-suite support 3101 + 3102 + RC4 was a nice alternative to CBC back in the days of BEAST, but it's insecure and obsolete now. 3103 + 3104 +- configure: change "iOS/Mac OS X native" to "Apple OS native" 3105 + 3106 + Since I first wrote that text, Apple introduced tvOS and watchOS, and renamed "Mac OS X" to "macOS." Let's make the text a little more inclusive, since curl can be built for all four operating systems. 3107 + 3108 +Jay Satiro (18 Sep 2016) 3109 +- test2048: fix url 3110 + 3111 +- examples/imap-append: Set size of data to be uploaded 3112 + 3113 + Prior to this commit this example failed with error 3114 + 'Cannot APPEND with unknown input file size'. 3115 + 3116 + Bug: https://github.com/curl/curl/issues/1008 3117 + Reported-by: lukaszgn@users.noreply.github.com 3118 + 3119 + Closes https://github.com/curl/curl/pull/1011 3120 + 3121 +Daniel Stenberg (16 Sep 2016) 3122 +- [Tony Kelman brought this change] 3123 + 3124 + LICENSE-MIXING.md: update with mbedTLS dual licensing 3125 + 3126 + Recent versions of mbedTLS are available under either Apache 2.0 or GPL 3127 + 2.0, see https://tls.mbed.org/how-to-get 3128 + 3129 + Closes #1019 3130 + 3131 +- KNOWN_BUGS: chunked-encoded requests with HTTP/2 is fixed 3132 + 3133 +- http2: debug ouput sent HTTP/2 request headers 3134 + 3135 +- http: accept "Transfer-Encoding: chunked" for HTTP/2 as well 3136 + 3137 + ... but don't send the actual header over the wire as it isn't accepted. 3138 + Chunked uploading is still triggered using this method. 3139 + 3140 + Fixes #1013 3141 + Fixes #662 3142 + 3143 +- openssl: fix per-thread memory leak usiong 1.0.1 or 1.0.2 3144 + 3145 + OpenSSL 1.0.1 and 1.0.2 build an error queue that is stored per-thread 3146 + so we need to clean it when easy handles are freed, in case the thread 3147 + will be killed in which the easy handle was used. All OpenSSL code in 3148 + libcurl should extract the error in association with the error already 3149 + so clearing this queue here should be harmless at worst. 3150 + 3151 + Fixes #964 3152 + 3153 +- RELEASE-NOTES: reset and go toward 7.51.0 (again) 3154 + 3155 +Version 7.50.3 (14 Sep 2016) 3156 + 3157 +Daniel Stenberg (14 Sep 2016) 3158 +- THANKS: updated with curl 7.50.3 contributors 3159 + 3160 +- RELEASE-NOTES: curl 7.50.3 3161 + 3162 +- test1605: verify negative input lengths to (un)escape functions 3163 + 3164 +- curl_easy_unescape: deny negative string lengths as input 3165 + 3166 + CVE-2016-7167 3167 + 3168 + Bug: https://curl.haxx.se/docs/adv_20160914.html 3169 + 3170 +- curl_easy_escape: deny negative string lengths as input 3171 + 3172 + CVE-2016-7167 3173 + 3174 + Bug: https://curl.haxx.se/docs/adv_20160914.html 3175 + 3176 +- curl: make --create-dirs on windows grok both forward and backward slashes 3177 + 3178 + Reported-by: Ryan Scott 3179 + 3180 + Fixes #1007 3181 + 3182 +- RELEASE-NOTES: synced with 665694979b6 3183 + 3184 +- [Tony Kelman brought this change] 3185 + 3186 + mbedtls: switch off NTLM in build if md4 isn't available 3187 + 3188 + NTLM support with mbedTLS was added in 497e7c9 but requires that mbedTLS 3189 + is built with the MD4 functions available, which it isn't in default 3190 + builds. This now adapts if the funtion isn't there and builds libcurl 3191 + without NTLM support if so. 3192 + 3193 + Fixes #1004 3194 + 3195 +Jay Satiro (12 Sep 2016) 3196 +- CODE_STYLE: fix long-line guideline 3197 + 3198 + - Change maximum allowed line length from 80 to 79. 3199 + 3200 +- CODE_STYLE: add column alignment section 3201 + 3202 + Note that since the added examples are for column alignment I had to 3203 + encapsulate with ~~~c markdown to preserve their alignment. 3204 + 3205 +Peter Wu (11 Sep 2016) 3206 +- cmake: fix curl-config --static-libs 3207 + 3208 + The `curl-config --static-libs` command should not output paths like 3209 + -l/usr/lib/libssl.so, instead print the absolute path without `-l`. 3210 + 3211 + This also removes the confusing message "Static linking is broken" which 3212 + was printed because curl-config --static-libs was disfunctional even 3213 + though the static libcurl.a library works properly. 3214 + 3215 + Fixes https://github.com/curl/curl/issues/841 3216 + 3217 +Daniel Stenberg (11 Sep 2016) 3218 +- http: refuse to pass on response body with NO_NODY was set 3219 + 3220 + ... like when a HTTP/0.9 response comes back without any headers at all 3221 + and just a body this now prevents that body from being sent to the 3222 + callback etc. 3223 + 3224 + Adapted test 1144 to verify. 3225 + 3226 + Fixes #973 3227 + 3228 + Assisted-by: Ray Satiro 3229 + 3230 +- RELEASE-NOTES: synced with 257bf3ac67eb6 3231 + 3232 +Jakub Zakrzewski (10 Sep 2016) 3233 +- CMake: Don't build unit tests if private symbols are hidden 3234 + 3235 + This only excludes building unit tests from default build ( 'all' Make 3236 + target or "Build Solution" in VisualStudio). The projects and Make 3237 + targets will still be generated and shown in supporting IDEs. 3238 + 3239 + Fixes https://github.com/curl/curl/issues/981 3240 + Reported-by: Randy Armstrong 3241 + 3242 + Closes https://github.com/curl/curl/pull/990 3243 + 3244 +- CMake: Try to (un-)hide private library symbols 3245 + 3246 + Detect support for compiler symbol visibility flags and apply those 3247 + according to CURL_HIDDEN_SYMBOLS option. 3248 + It should work true to the autotools build except it tries to unhide 3249 + symbols on Windows when requested and prints warning if it fails. 3250 + 3251 + Ref: https://github.com/curl/curl/issues/981#issuecomment-242665951 3252 + Reported-by: Daniel Stenberg 3253 + 3254 +Daniel Stenberg (9 Sep 2016) 3255 +- openssl: fix bad memory free (regression) 3256 + 3257 + ... by partially reverting f975f06033b1. The allocation could be made by 3258 + OpenSSL so the free must be made with OPENSSL_free() to avoid problems. 3259 + 3260 + Reported-by: Harold Stuart 3261 + Fixes #1005 3262 + 3263 +- http2: support > 64bit sized uploads 3264 + 3265 + ... by making sure we don't count down the "upload left" counter when the 3266 + uploaded size is unknown and then it can be allowed to continue forever. 3267 + 3268 + Fixes #996 3269 + 3270 +Jay Satiro (7 Sep 2016) 3271 +- errors: new alias CURLE_WEIRD_SERVER_REPLY (8) 3272 + 3273 + Since we're using CURLE_FTP_WEIRD_SERVER_REPLY in imap, pop3 and smtp as 3274 + more of a generic "failed to parse" introduce an alias without FTP in 3275 + the name. 3276 + 3277 + Closes https://github.com/curl/curl/pull/975 3278 + 3279 +Daniel Stenberg (7 Sep 2016) 3280 +- bump: toward 7.51.0 3281 + 3282 +- HISTORY: remove ascii logo to render nicer on web 3283 + 3284 +- curl: whitelist use of strtok() in non-threaded context 3285 + 3286 +- checksrc: detect strtok() use 3287 + 3288 + ... as that function slipped through once before. 3289 + 3290 +GitHub (7 Sep 2016) 3291 +- [Viktor Szakats brought this change] 3292 + 3293 + mk-ca-bundle.pl: use SHA256 instead of SHA1 3294 + 3295 + This hash is used to verify the original downloaded certificate bundle 3296 + and also included in the generated bundle's comment header. Also 3297 + rename related internal symbols to algorithm-agnostic names. 3298 + 3299 +Version 7.50.2 (7 Sep 2016) 3300 + 3301 +Daniel Stenberg (7 Sep 2016) 3302 +- RELEASE-NOTES: curl 7.50.2 release 3303 + 3304 +- THANKS: updated for 7.50.2 3305 + 3306 +Jay Satiro (6 Sep 2016) 3307 +- [Gaurav Malhotra brought this change] 3308 + 3309 + openssl: fix CURLINFO_SSL_VERIFYRESULT 3310 + 3311 + CURLINFO_SSL_VERIFYRESULT does not get the certificate verification 3312 + result when SSL_connect fails because of a certificate verification 3313 + error. 3314 + 3315 + This fix saves the result of SSL_get_verify_result so that it is 3316 + returned by CURLINFO_SSL_VERIFYRESULT. 3317 + 3318 + Closes https://github.com/curl/curl/pull/995 3319 + 3320 +Daniel Stenberg (6 Sep 2016) 3321 +- [Daniel Gustafsson brought this change] 3322 + 3323 + darwinssl: test for errSecSuccess in PKCS12 import rather than noErr (#993) 3324 + 3325 + While noErr and errSecSuccess are defined as the same value, the API 3326 + documentation states that SecPKCS12Import() returns errSecSuccess if 3327 + there were no errors in importing. Ensure that a future change of the 3328 + defined value doesn't break (however unlikely) and be consistent with 3329 + the API docs. 3330 + 3331 +- [Daniel Gustafsson brought this change] 3332 + 3333 + docs: Fix link to CONTRIBUTE in Github contribution guidelines (#994) 3334 + 3335 +- [Marcel Raad brought this change] 3336 + 3337 + openssl: Fix compilation with OPENSSL_API_COMPAT=0x10100000L 3338 + 3339 + With OPENSSL_API_COMPAT=0x10100000L (OpenSSL 1.1 API), the cleanup 3340 + functions are unavailable (they're no-ops anyway in OpenSSL 1.1). The 3341 + replacements for SSL_load_error_strings, SSLeay_add_ssl_algorithms, and 3342 + OpenSSL_add_all_algorithms are called automatically [1][2]. SSLeay() is 3343 + now called OpenSSL_version_num(). 3344 + 3345 + [1]: https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html 3346 + [2]: https://www.openssl.org/docs/man1.1.0/crypto/OPENSSL_init_crypto.html 3347 + 3348 + Closes #992 3349 + 3350 +- RELEASE-NOTES: synced with 3d4c0c8b9bc1d 3351 + 3352 +- http2: return EOF when done uploading without known size 3353 + 3354 + Fixes #982 3355 + 3356 +- http2: skip the content-length parsing, detect unknown size 3357 + 3358 +- http2: minor white space edit 3359 + 3360 +- http2: use named define instead of magic constant in read callback 3361 + 3362 +- [Craig Davison brought this change] 3363 + 3364 + configure: make the cpp -P detection not clobber CPPFLAGS 3365 + 3366 + CPPPFLAGS is now CPPPFLAG. Fixes CURL_CHECK_DEF. 3367 + 3368 + Fixes #958 3369 + 3370 +- [Olivier Brunel brought this change] 3371 + 3372 + speed caps: not based on average speeds anymore 3373 + 3374 + Speed limits (from CURLOPT_MAX_RECV_SPEED_LARGE & 3375 + CURLOPT_MAX_SEND_SPEED_LARGE) were applied simply by comparing limits 3376 + with the cumulative average speed of the entire transfer; While this 3377 + might work at times with good/constant connections, in other cases it 3378 + can result to the limits simply being "ignored" for more than "short 3379 + bursts" (as told in man page). 3380 + 3381 + Consider a download that goes on much slower than the limit for some 3382 + time (because bandwidth is used elsewhere, server is slow, whatever the 3383 + reason), then once things get better, curl would simply ignore the limit 3384 + up until the average speed (since the beginning of the transfer) reached 3385 + the limit. This could prove the limit useless to effectively avoid 3386 + using the entire bandwidth (at least for quite some time). 3387 + 3388 + So instead, we now use a "moving starting point" as reference, and every 3389 + time at least as much as the limit as been transferred, we can reset 3390 + this starting point to the current position. This gets a good limiting 3391 + effect that applies to the "current speed" with instant reactivity (in 3392 + case of sudden speed burst). 3393 + 3394 + Closes #971 3395 + 3396 +- HISTORY.md: the multi socket was put in the wrong year! 3397 + 3398 +- [Mark Hamilton brought this change] 3399 + 3400 + tool_helpers.c: fix comment typo (#989) 3401 + 3402 +- [Mark Hamilton brought this change] 3403 + 3404 + libtest/test.h: fix typo (#988) 3405 + 3406 +- CURLMOPT_PIPELINING.3: language 3407 + 3408 +- CURLMOPT_PIPELINING.3: extended and clarified 3409 + 3410 + Especially in regards to the multiplexing part. 3411 + 3412 +Steve Holme (31 Aug 2016) 3413 +- curl_sspi.c: Updated function description comments 3414 + 3415 + * Added description to Curl_sspi_free_identity() 3416 + * Added parameter and return explanations to Curl_sspi_global_init() 3417 + * Added parameter explaination to Curl_sspi_global_cleanup() 3418 + 3419 +- README: Corrected the supported Visual Studio versions 3420 + 3421 + Missed from commit 8356022d17. 3422 + 3423 +- KNOWN_BUGS: Move the Visual Studio project shortcomings from local README 3424 + 3425 +- KNOWN_BUGS: Expand 6.4 to include Kerberos V5 3426 + 3427 + ...and discuss a possible solution. 3428 + 3429 +Daniel Stenberg (30 Aug 2016) 3430 +- connect: fix #ifdefs for debug versions of conn/streamclose() macros 3431 + 3432 + CURLDEBUG is for the memory debugging 3433 + 3434 + DEBUGBUILD is for the extra debug stuff 3435 + 3436 + Pointed-out-by: Steve Holme 3437 + 3438 +- KNOWN_BUGS: mention some cmake "support gaps" 3439 + 3440 +Nick Zitzmann (28 Aug 2016) 3441 +- darwinssl: add documentation stating that the --cainfo option is intended for backward compatibility only 3442 + 3443 + In other news, I changed one other reference to "Mac OS X" in the documentation (that I previously wrote) to say "macOS" instead. 3444 + 3445 +Daniel Stenberg (28 Aug 2016) 3446 +- http2: return CURLE_HTTP2_STREAM for unexpected stream close 3447 + 3448 + Follow-up to c3e906e9cd0f, seems like a more appropriate error code 3449 + 3450 + Suggested-by: Jay Satiro 3451 + 3452 +- [Tatsuhiro Tsujikawa brought this change] 3453 + 3454 + http2: handle closed streams when uploading 3455 + 3456 + Fixes #986 3457 + 3458 +- http2: make sure stream errors don't needlessly close the connection 3459 + 3460 + With HTTP/2 each transfer is made in an indivial logical stream over the 3461 + connection, making most previous errors that caused the connection to get 3462 + forced-closed now instead just kill the stream and not the connection. 3463 + 3464 + Fixes #941 3465 + 3466 +- Curl_verify_windows_version: minor edit to avoid compiler warnings 3467 + 3468 + ... instead of if() before the switch(), add a default to the switch so 3469 + that the compilers don't warn on "warning: enumeration value 3470 + 'PLATFORM_DONT_CARE' not handled in switch" anymore. 3471 + 3472 +Steve Holme (27 Aug 2016) 3473 +- RELEASE-NOTES: Added missing fix from commit 15592143f 3474 + 3475 +Jay Satiro (26 Aug 2016) 3476 +- schannel: Disable ALPN for Wine since it is causing problems 3477 + 3478 + - Disable ALPN on Wine. 3479 + 3480 + - Don't pass input secbuffer when ALPN is disabled. 3481 + 3482 + When ALPN support was added a change was made to pass an input secbuffer 3483 + to initialize the context. When ALPN is enabled the buffer contains the 3484 + ALPN information, and when it's disabled the buffer is empty. In either 3485 + case this input buffer caused problems with Wine and connections would 3486 + not complete. 3487 + 3488 + Bug: https://github.com/curl/curl/issues/983 3489 + Reported-by: Christian Fillion 3490 + 3491 +Kamil Dudka (26 Aug 2016) 3492 +- [Peter Wang brought this change] 3493 + 3494 + nss: work around race condition in PK11_FindSlotByName() 3495 + 3496 + Serialise the call to PK11_FindSlotByName() to avoid spurious errors in 3497 + a multi-threaded environment. The underlying cause is a race condition 3498 + in nssSlot_IsTokenPresent(). 3499 + 3500 + Bug: https://bugzilla.mozilla.org/1297397 3501 + 3502 + Closes #985 3503 + 3504 +- nss: refuse previously loaded certificate from file 3505 + 3506 + ... when we are not asked to use a certificate from file 3507 + 3508 +Daniel Stenberg (26 Aug 2016) 3509 +- ftp_done: remove dead code 3510 + 3511 +- TLS: random file/egd doesn't have to match for conn reuse 3512 + 3513 +- test161: add comment for the exit code 3514 + 3515 +Dan Fandrich (26 Aug 2016) 3516 +- test219: Add http as a required feature 3517 + 3518 +Daniel Stenberg (25 Aug 2016) 3519 +- [Michael Kaufmann brought this change] 3520 + 3521 + HTTP: stop parsing headers when switching to unknown protocols 3522 + 3523 + - unknown protocols probably won't send more headers (e.g. WebSocket) 3524 + - improved comments and moved them to the correct case statements 3525 + 3526 + Closes #899 3527 + 3528 +- openssl: make build with 1.1.0 again 3529 + 3530 + synced with OpenSSL git master commit cc06906707 3531 + 3532 +- INTERNALS: fix title 3533 + 3534 +- configure: detect zlib with our pkg-config macros 3535 + 3536 + ... instead of relying on the pkg-config autoconf macros to be present. 3537 + 3538 + Fixes #972 (again...) 3539 + 3540 +Jay Satiro (25 Aug 2016) 3541 +- http2: Remove incorrect comments 3542 + 3543 + .. also remove same from scp 3544 + 3545 +Daniel Stenberg (23 Aug 2016) 3546 +- [Ales Novak brought this change] 3547 + 3548 + ftp: fix wrong poll on the secondary socket 3549 + 3550 + When we're uploading using FTP and the server issues a tiny pause 3551 + between opening the connection to the client's secondary socket, the 3552 + client's initial poll() times out, which leads to second poll() which 3553 + does not wait for POLLIN on the secondary socket. So that poll() also 3554 + has to time out, creating a long (200ms) pause. 3555 + 3556 + This patch adds the correct flag to the secondary socket, making the 3557 + second poll() correctly wait for the connection there too. 3558 + 3559 + Signed-off-by: Ales Novak <alnovak@suse.cz> 3560 + 3561 + Closes #978 3562 + 3563 +- RELEASE-NOTES: synced with 95ded2c56 3564 + 3565 +- configure: make it work without PKG_CHECK_MODULES 3566 + 3567 + With commit c2f9b78 we added a new dependency on pkg-config for 3568 + developers which may be unwanted. This change make the configure script 3569 + still work as before if pkg-config isn't installed, it'll just use the 3570 + old zlib detection logic without pkg-config. 3571 + 3572 + Reported-by: Marc Hörsken 3573 + 3574 + Fixes #972 3575 + 3576 +Marc Hoersken (21 Aug 2016) 3577 +- Revert "KNOWN_BUGS: SOCKS proxy not working via IPv6" 3578 + 3579 + This reverts commit 9cb1059f92286a6eb5d28c477fdd3f26aed1d554. 3580 + 3581 + As discussed in #835 SOCKS5 supports IPv6 proxies and destinations. 3582 + 3583 +Daniel Stenberg (21 Aug 2016) 3584 +- [Marco Deckel brought this change] 3585 + 3586 + win: Basic support for Universal Windows Platform apps 3587 + 3588 + Closes #820 3589 + 3590 +Steve Holme (21 Aug 2016) 3591 +- sasl: Don't use GSSAPI authentication when domain name not specified 3592 + 3593 + Only choose the GSSAPI authentication mechanism when the user name 3594 + contains a Windows domain name or the user is a valid UPN. 3595 + 3596 + Fixes #718 3597 + 3598 +- vauth: Added check for supported SSPI based authentication mechanisms 3599 + 3600 + Completing commit 00417fd66c and 2708d4259b. 3601 + 3602 +- http.c: Remove duplicate (authp->avail & CURLAUTH_DIGEST) check 3603 + 3604 + From commit 2708d4259b. 3605 + 3606 +Marc Hoersken (20 Aug 2016) 3607 +- socks.c: display the hostname returned by the SOCKS5 proxy server 3608 + 3609 + Instead of displaying the requested hostname the one returned 3610 + by the SOCKS5 proxy server is used in case of connection error. 3611 + The requested hostname is displayed earlier in the connection sequence. 3612 + 3613 + The upper-value of the port is moved to a temporary variable and 3614 + replaced with a 0-byte to make sure the hostname is 0-terminated. 3615 + 3616 +Steve Holme (20 Aug 2016) 3617 +- urldata.h: Corrected comment for httpcode which is also populated by SMTP 3618 + 3619 + As of 7.25.0 and commit 5430007222. 3620 + 3621 +Marc Hoersken (20 Aug 2016) 3622 +- socks.c: use Curl_printable_address in SOCKS5 connection sequence 3623 + 3624 + Replace custom string formatting with Curl_printable_address. 3625 + Add additional debug and error output in case of failures. 3626 + 3627 +- socks.c: align SOCKS4 connection sequence with SOCKS5 3628 + 3629 + Calling sscanf is not required since the raw IPv4 address is 3630 + available and the protocol can be detected using ai_family. 3631 + 3632 +Steve Holme (20 Aug 2016) 3633 +- http.c: Corrected indentation change from commit 2708d4259b 3634 + 3635 + Made by Visual Studio's auto-correct feature and missed by me in my own 3636 + code reviews! 3637 + 3638 +- http: Added calls to Curl_auth_is_<mechansism>_supported() 3639 + 3640 + Hooked up the HTTP authentication layer to query the new 'is mechanism 3641 + supported' functions when deciding what mechanism to use. 3642 + 3643 + As per commit 00417fd66c existing functionality is maintained for now. 3644 + 3645 +Marc Hoersken (20 Aug 2016) 3646 +- socks.c: improve verbose output of SOCKS5 connection sequence 3647 + 3648 +- configure.ac: add missing quotes to PKG_CHECK_MODULES 3649 + 3650 +Steve Holme (20 Aug 2016) 3651 +- sasl: Added calls to Curl_auth_is_<mechansism>_supported() 3652 + 3653 + Hooked up the SASL authentication layer to query the new 'is mechanism 3654 + supported' functions when deciding what mechanism to use. 3655 + 3656 + For now existing functionality is maintained. 3657 + 3658 +Daniel Stenberg (19 Aug 2016) 3659 +- [Miroslav Franc brought this change] 3660 + 3661 + spnego_sspi: fix memory leak in case *outlen is zero (#970) 3662 + 3663 +- CURLMOPT_MAX_TOTAL_CONNECTIONS.3: mention it can also multiplex 3664 + 3665 +Steve Holme (18 Aug 2016) 3666 +- vauth: Introduced Curl_auth_is_<mechansism>_supported() functions 3667 + 3668 + As Windows SSPI authentication calls fail when a particular mechanism 3669 + isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5 3670 + and Negotiate to allow both HTTP and SASL authentication the opportunity 3671 + to query support for a supported mechanism before selecting it. 3672 + 3673 + For now each function returns TRUE to maintain compatability with the 3674 + existing code when called. 3675 + 3676 +Daniel Stenberg (18 Aug 2016) 3677 +- test1144: verify HEAD with body-only response 3678 + 3679 +Steve Holme (17 Aug 2016) 3680 +- RELEASE-PROCEDURE: Added some more future release dates 3681 + 3682 + ...and removed some old ones 3683 + 3684 +Daniel Stenberg (17 Aug 2016) 3685 +- [David Woodhouse brought this change] 3686 + 3687 + curl: allow "pkcs11:" prefix for client certificates 3688 + 3689 + RFC7512 provides a standard method to reference certificates in PKCS#11 3690 + tokens, by means of a URI starting 'pkcs11:'. 3691 + 3692 + We're working on fixing various applications so that whenever they would 3693 + have been able to use certificates from a file, users can simply insert 3694 + a PKCS#11 URI instead and expect it to work. This expectation is now a 3695 + part of the Fedora packaging guidelines, for example. 3696 + 3697 + This doesn't work with cURL because of the way that the colon is used 3698 + to separate the certificate argument from the passphrase. So instead of 3699 + 3700 + curl -E 'pkcs11:manufacturer=piv_II;id=%01' … 3701 + 3702 + I instead need to invoke cURL with the colon escaped, like this: 3703 + 3704 + curl -E 'pkcs11\:manufacturer=piv_II;id=%01' … 3705 + 3706 + This is suboptimal because we want *consistency* — the URI should be 3707 + usable in place of a filename anywhere, without having strange 3708 + differences for different applications. 3709 + 3710 + This patch therefore disables the processing in parse_cert_parameter() 3711 + when the string starts with 'pkcs11:'. It means you can't pass a 3712 + passphrase with an unescaped PKCS#11 URI, but there's no need to do so 3713 + because RFC7512 allows a PIN to be given as a 'pin-value' attribute in 3714 + the URI itself. 3715 + 3716 + Also, if users are already using RFC7512 URIs with the colon escaped as 3717 + in the above example — even providing a passphrase for cURL to handling 3718 + instead of using a pin-value attribute, that will continue to work 3719 + because their string will start 'pkcs11\:' and won't match the check. 3720 + 3721 + What *does* break with this patch is the extremely unlikely case that a 3722 + user has a file which is in the local directory and literally named 3723 + just "pkcs11", and they have a passphrase on it. If that ever happened, 3724 + the user would need to refer to it as './pkcs11:<passphrase>' instead. 3725 + 3726 +- nss: make the global variables static 3727 + 3728 +- openssl: use regular malloc instead of OPENSSL_malloc 3729 + 3730 + This allows for better memmory debugging and torture tests. 3731 + 3732 +- proxy: fix tests as follow-up to 93b0d907d5 3733 + 3734 + This fixes tests that were added after 113f04e664b as the tests would 3735 + fail otherwise. 3736 + 3737 + We bring back "Proxy-Connection: Keep-Alive" now unconditionally to fix 3738 + regressions with old and stupid proxies, but we could possibly switch to 3739 + using it only for CONNECT or only for NTLM in a future if we want to 3740 + gradually reduce it. 3741 + 3742 + Fixes #954 3743 + 3744 + Reported-by: János Fekete 3745 + 3746 +- Revert "Proxy-Connection: stop sending this header by default" 3747 + 3748 + This reverts commit 113f04e664b16b944e64498a73a4dab990fe9a68. 3749 + 3750 +- CURLOPT_PROXY.3: unsupported schemes cause errors now 3751 + 3752 + Follow-up to a96319ebb9 (document the new behavior) 3753 + 3754 +- tests/README: mention nghttpx for HTTP/2 tests 3755 + 3756 +- README.md: add our CII Best Practices badge 3757 + 3758 +- proxy: polished the error message for unsupported schemes 3759 + 3760 + Follow up to a96319ebb93 3761 + 3762 +- test219: verify unsupported scheme for proxies get rejected 3763 + 3764 +- proxy: reject attempts to use unsupported proxy schemes 3765 + 3766 + I discovered some people have been using "https://example.com" style 3767 + strings as proxy and it "works" (curl doesn't complain) because curl 3768 + ignores unknown schemes and then assumes plain HTTP instead. 3769 + 3770 + I think this misleads users into believing curl uses HTTPS to proxies 3771 + when it doesn't. Now curl rejects proxy strings using unsupported 3772 + schemes instead of just ignoring and defaulting to HTTP. 3773 + 3774 +- RELEASE-NOTES: synced with b7ee5316c2fd5b 3775 + 3776 +Marc Hoersken (14 Aug 2016) 3777 +- socks.c: Correctly calculate position of port in response packet 3778 + 3779 + Third commit to fix issue #944 regarding SOCKS5 error handling. 3780 + 3781 + Reported-by: David Kalnischkies 3782 + 3783 +- socks.c: Do not modify and invalidate calculated response length 3784 + 3785 + Second commit to fix issue #944 regarding SOCKS5 error handling. 3786 + 3787 + Reported-by: David Kalnischkies 3788 + 3789 +- socks.c: Move error output after reading the whole response packet 3790 + 3791 + First commit to fix issue #944 regarding SOCKS5 error handling. 3792 + 3793 + Reported-by: David Kalnischkies 3794 + 3795 +Daniel Stenberg (13 Aug 2016) 3796 +- [Ronnie Mose brought this change] 3797 + 3798 + MANUAL: Remove invalid link to LDAP documentation (#962) 3799 + 3800 + The server developer.netscape.com does not resolve into any 3801 + ip address and can be removed. 3802 + 3803 +Jay Satiro (13 Aug 2016) 3804 +- openssl: accept subjectAltName iPAddress if no dNSName match 3805 + 3806 + Undo change introduced in d4643d6 which caused iPAddress match to be 3807 + ignored if dNSName was present but did not match. 3808 + 3809 + Also, if iPAddress is present but does not match, and dNSName is not 3810 + present, fail as no-match. Prior to this change in such a case the CN 3811 + would be checked for a match. 3812 + 3813 + Bug: https://github.com/curl/curl/issues/959 3814 + Reported-by: wmsch@users.noreply.github.com 3815 + 3816 +Daniel Stenberg (12 Aug 2016) 3817 +- [Dambaev Alexander brought this change] 3818 + 3819 + configure.ac: add zlib search with pkg-config 3820 + 3821 + Closes #956 3822 + 3823 +- rtsp: ignore whitespace in session id 3824 + 3825 + Follow-up to e577c43bb to fix test case 569 brekage: stop the parser at 3826 + whitespace as well. 3827 + 3828 + Help-by: Erik Janssen 3829 + 3830 +- HTTP: retry failed HEAD requests too 3831 + 3832 + Mark's new document about HTTP Retries 3833 + (https://mnot.github.io/I-D/httpbis-retry/) made me check our code and I 3834 + spotted that we don't retry failed HEAD requests which seems totally 3835 + inconsistent and I can't see any reason for that separate treatment. 3836 + 3837 + So, no separate treatment for HEAD starting now. A HTTP request sent 3838 + over a reused connection that gets cut off before a single byte is 3839 + received will be retried on a fresh connection. 3840 + 3841 + Made-aware-by: Mark Nottingham 3842 + 3843 +- mk-ca-bundle.1: document -m, added in 1.26 3844 + 3845 +- RELEASE-NOTES: synced with e577c43bb5 3846 + 3847 +- [Erik Janssen brought this change] 3848 + 3849 + rtsp: accept any RTSP session id 3850 + 3851 + Makes libcurl work in communication with gstreamer-based RTSP 3852 + servers. The original code validates the session id to be in accordance 3853 + with the RFC. I think it is better not to do that: 3854 + 3855 + - For curl the actual content is a don't care. 3856 + 3857 + - The clarity of the RFC is debatable, is $ allowed or only as \$, that 3858 + is imho not clear 3859 + 3860 + - Gstreamer seems to url-encode the session id but % is not allowed by 3861 + the RFC 3862 + 3863 + - less code 3864 + 3865 + With this patch curl will correctly handle real-life lines like: 3866 + Session: biTN4Kc.8%2B1w-AF.; timeout=60 3867 + 3868 + Bug: https://curl.haxx.se/mail/lib-2016-08/0076.html 3869 + 3870 +- symbols-in-versions: add CURL_STRICTER 3871 + 3872 + Added in 5fce88aa8c12564 3873 + 3874 +- [Simon Warta brought this change] 3875 + 3876 + winbuild: Allow changing C compiler via environment variable CC (#952) 3877 + 3878 + This makes it possible to use specific compilers or a cache. 3879 + 3880 + Sample use for clcache: 3881 + set CC=clcache.bat 3882 + nmake /f Makefile.vc DEBUG=no MODE=static VC=14 GEN_PDB=no 3883 + 3884 +- LICENSE-MIXING.md: switched to markdown 3885 + 3886 +- docs-make: have markdown files use .md 3887 + 3888 +- curl.h: make CURL_NO_OLDIES define CURL_STRICTER 3889 + 3890 +- HISTORY.md: use markdown extension 3891 + 3892 +- SSLCERTS.md: renamed to markdown extension 3893 + 3894 +- INTERNALS.md: use markdown extension for markdown content 3895 + 3896 +- CONTRIBUTE.md: markdown extension 3897 + 3898 +- CONTRIBUTE: changed to markdown 3899 + 3900 +- CONTRIBUTE: refreshed 3901 + 3902 +- TODO: added an SSH section and two SFTP things to do 3903 + 3904 +- TODO: remove the 1.22 duplicated item 3905 + 3906 +- TODO: move "CURLOPT_MAIL_CLIENT" to SMTP section 3907 + 3908 +- TODO: API for URL parsing/splitting 3909 + 3910 +- TODO: move QUIC to the HTTP section 3911 + 3912 +- [Simon Warta brought this change] 3913 + 3914 + winbuild: Free name $(CC) in Makefile (#950) 3915 + 3916 + In the old line number 290, CC and CURL_CC had the same value. After 3917 + that, /DCURL_STATICLIB was added to CC but not CURL_CC (intended?). 3918 + 3919 + This gets rid of the CC variable entirely. It is a first step to make it 3920 + possible to manualyl set a CC variable in order to be able to change the 3921 + compiler. 3922 + 3923 +- TODO: Use huge HTTP/2 windows 3924 + 3925 +- [Simon Warta brought this change] 3926 + 3927 + winbuild: Avoid setting redundant CFLAGS to compile commands (#949) 3928 + 3929 + $(CURL_CC) is always used with $(CURL_CFLAGS) appended, so before this, 3930 + all arguments in CURL_CFLAGS have been added twice. 3931 + 3932 +Jay Satiro (8 Aug 2016) 3933 +- cmake: Enable win32 threaded resolver by default 3934 + 3935 + - Turn on USE_THREADS_WIN32 in Windows if ares isn't on 3936 + 3937 + This change is similar to what we already do in the autotools build. 3938 + 3939 +- cmake: Enable win32 large file support by default 3940 + 3941 + All compilers used by cmake in Windows should support large files. 3942 + 3943 + - Add test SIZEOF_OFF_T 3944 + - Remove outdated test SIZEOF_CURL_OFF_T 3945 + - Turn on USE_WIN32_LARGE_FILES in Windows 3946 + - Check for 'Largefile' during the features output 3947 + 3948 +Daniel Stenberg (7 Aug 2016) 3949 +- TODO: added several ideas, removed SPDY 3950 + 3951 +- http2: always wait for readable socket 3952 + 3953 + Since the server can at any time send a HTTP/2 frame to us, we need to 3954 + wait for the socket to be readable during all transfers so that we can 3955 + act on incoming frames even when uploading etc. 3956 + 3957 + Reminded-by: Tatsuhiro Tsujikawa 3958 + 3959 +- RELEASE-NOTES: synced with 7b4bf37a44791 3960 + 3961 +- [Thomas Glanzmann brought this change] 3962 + 3963 + mbedtls: set debug threshold to 4 (verbose) when MBEDTLS_DEBUG is defined 3964 + 3965 + In order to make MBEDTLS_DEBUG work, the debug threshold must be unequal 3966 + to 0. This patch also adds a comment how mbedtls must be compiled in 3967 + order to make debugging work, and explains the possible debug levels. 3968 + 3969 +- CURLOPT_TCP_NODELAY: now enabled by default 3970 + 3971 + After a few wasted hours hunting down the reason for slowness during a 3972 + TLS handshake that turned out to be because of TCP_NODELAY not being 3973 + set, I think we have enough motivation to toggle the default for this 3974 + option. We now enable TCP_NODELAY by default and allow applications to 3975 + switch it off. 3976 + 3977 + This also makes --tcp-nodelay unnecessary, but --no-tcp-nodelay can be 3978 + used to disable it. 3979 + 3980 + Thanks-to: Tim Rühsen 3981 + Bug: https://curl.haxx.se/mail/lib-2016-06/0143.html 3982 + 3983 +- [Serj Kalichev brought this change] 3984 + 3985 + TFTP: Fix upload problem with piped input 3986 + 3987 + When input stream for curl is stdin and input stream is not a file but 3988 + generated by a script then curl can truncate data transfer to arbitrary 3989 + size since a partial packet is treated as end of transfer by TFTP. 3990 + 3991 + Fixes #857 3992 + 3993 +- mk-ca-bundle.pl: -m keeps ca cert meta data in output 3994 + 3995 + Makes the script pass on comments holding meta data to the output 3996 + file. Like fingerprinters, issuer, date ranges etc. 3997 + 3998 + Closes #937 3999 + 4000 +- multi: make Curl_expire() work with 0 ms timeouts 4001 + 4002 + Previously, passing a timeout of zero to Curl_expire() was a magic code 4003 + for clearing all timeouts for the handle. That is now instead made with 4004 + the new Curl_expire_clear() function and thus a 0 timeout is fine to set 4005 + and will trigger a timeout ASAP. 4006 + 4007 + This will help removing short delays, in particular notable when doing 4008 + HTTP/2. 4009 + 4010 +- transfer: return without select when the read loop reached maxcount 4011 + 4012 + Regression added in 790d6de48515. The was then added to avoid one 4013 + particular transfer to starve out others. But when aborting due to 4014 + reading the maxcount, the connection must be marked to be read from 4015 + again without first doing a select as for some protocols (like SFTP/SCP) 4016 + the data may already have been read off the socket. 4017 + 4018 + Reported-by: Dan Donahue 4019 + Bug: https://curl.haxx.se/mail/lib-2016-07/0057.html 4020 + 4021 +Steve Holme (3 Aug 2016) 4022 +- [Bill Nagel brought this change] 4023 + 4024 + mbedtls: Added support for NTLM 4025 + 4026 +Daniel Stenberg (3 Aug 2016) 4027 +- [Sergei Nikulov brought this change] 4028 + 4029 + travis: removed option to rebuild autotool from source 4030 + 4031 + Fixes #943 4032 + 4033 +- bump: start working toward 7.50.2 4034 + 4035 +Version 7.50.1 (3 Aug 2016) 4036 + 4037 +Daniel Stenberg (3 Aug 2016) 4038 +- THANKS: 7 new contributors from the 7.50.1 release 4039 + 4040 +- RELEASE-NOTES: 7.50.1 4041 + 4042 +- TLS: only reuse connections with the same client cert 4043 + 4044 + CVE-2016-5420 4045 + Bug: https://curl.haxx.se/docs/adv_20160803B.html 4046 + 4047 +- TLS: switch off SSL session id when client cert is used 4048 + 4049 + CVE-2016-5419 4050 + Bug: https://curl.haxx.se/docs/adv_20160803A.html 4051 + Reported-by: Bru Rom 4052 + Contributions-by: Eric Rescorla and Ray Satiro 4053 + 4054 +- curl_multi_cleanup: clear connection pointer for easy handles 4055 + 4056 + CVE-2016-5421 4057 + Bug: https://curl.haxx.se/docs/adv_20160803C.html 4058 + Reported-by: Marcelo Echeverria and Fernando Muñoz 4059 + 4060 +- KNOWN_BUGS: SOCKS proxy not working via IPv6 4061 + 4062 + Closes #835 4063 + 4064 +- KNOWN_BUGS: CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM 4065 + 4066 + Closes #768 4067 + 4068 +- KNOWN_BUGS: transfer-encoding: chunked in HTTP/2 4069 + 4070 + Closes #662 4071 + 4072 +- TODO: Provide cmake config-file 4073 + 4074 + Closes #885 4075 + 4076 +Patrick Monnerat (2 Aug 2016) 4077 +- os400: define BUILDING_LIBCURL in make script. 4078 + 4079 +Daniel Stenberg (1 Aug 2016) 4080 +- RELEASE-NOTES: synced with aa9f536a18b 4081 + 4082 +Jay Satiro (1 Aug 2016) 4083 +- [Thomas Glanzmann brought this change] 4084 + 4085 + mbedtls: Fix debug function name 4086 + 4087 + This patch is necessary so that curl compiles if MBEDTLS_DEBUG is 4088 + defined. 4089 + 4090 + Bug: https://curl.haxx.se/mail/lib-2016-08/0001.html 4091 + 4092 +Daniel Stenberg (1 Aug 2016) 4093 +- [Sergei Nikulov brought this change] 4094 + 4095 + travis: fix OSX build by re-installing libtool 4096 + 4097 + Apparently due to a broken homebrew install 4098 + 4099 + fixes #934 4100 + Closes #939 4101 + 4102 +- [Martin Vejnár brought this change] 4103 + 4104 + win32: fix a potential memory leak in Curl_load_library 4105 + 4106 + If a call to GetSystemDirectory fails, the `path` pointer that was 4107 + previously allocated would be leaked. This makes sure that `path` is 4108 + always freed. 4109 + 4110 + Closes #938 4111 + 4112 +- include: revert 9adf3c4 and make public types void * again 4113 + 4114 + Many applications assume the actual contents of the public types and use 4115 + that do for example forward declarations (saving them from including our 4116 + public header) which then breaks when we switch from void * to a struct 4117 + *. 4118 + 4119 + I'm not convinced we were wrong, but since this practise seems 4120 + widespread enough I'm willing to (partly) step down. 4121 + 4122 + Now libcurl uses the struct itself when it is built and it allows 4123 + applications to use the struct type if CURL_STRICTER is defined at the 4124 + time of the #include. 4125 + 4126 + Reported-by: Peter Frühberger 4127 + Fixes #926 4128 + 4129 +Jay Satiro (28 Jul 2016) 4130 +- [Yonggang Luo brought this change] 4131 + 4132 + cmake: Fix for schannel support 4133 + 4134 + The check_library_exists_concat do not check crypt32 library properly. 4135 + So include it directly. 4136 + 4137 + Bug: https://github.com/curl/curl/pull/917 4138 + Reported-by: Yonggang Luo 4139 + 4140 + Bug: https://github.com/curl/curl/issues/935 4141 + Reported-by: Alain Danteny 4142 + 4143 +- Revert "travis: Install libtool for OS X builds" 4144 + 4145 + Didn't work. 4146 + 4147 + This reverts commit 50723585ed380744358de054e2a55dccee65dfd7. 4148 + 4149 +- travis: Install libtool for OS X builds 4150 + 4151 + CI is failing due to missing libtoolize, so I'm trying this. 4152 + 4153 +Daniel Stenberg (26 Jul 2016) 4154 +- [Viktor Szakats brought this change] 4155 + 4156 + TODO: minor typo in last commit 4157 + 4158 + merged #931 4159 + 4160 +- TODO: Timeout idle connections from the pool 4161 + 4162 +Patrick Monnerat (25 Jul 2016) 4163 +- os400: minimum supported OS version: V6R1M0. 4164 + Do not log compilation informational messages. 4165 + 4166 +Jay Satiro (24 Jul 2016) 4167 +- tests: Fix for http/2 feature 4168 + 4169 + Bug: https://curl.haxx.se/mail/lib-2016-07/0070.html 4170 + Reported-by: Paul Howarth 4171 + 4172 +Steve Holme (23 Jul 2016) 4173 +- README: Mention wolfSSL in the 'Dependencies' section 4174 + 4175 +- vauth.h: No need to query HAVE_GSSAPI || USE_WINDOWS_SSPI for SPNEGO 4176 + 4177 + As SPNEGO is only defined when these pre-processor variables are defined 4178 + there is no need to query them explicitly. 4179 + 4180 +- spnego: Corrected miss-placed * in Curl_auth_spnego_cleanup() declaration 4181 + 4182 + Typo introduced in commit ad5e9bfd5d. 4183 + 4184 +Daniel Stenberg (22 Jul 2016) 4185 +- SECURITY: mention how to get windows-specific CVEs 4186 + 4187 + ... and make the distros link a proper link 4188 + 4189 +Dan Fandrich (21 Jul 2016) 4190 +- test558: fix test by stripping file paths from FD lines 4191 + 4192 +Kamil Dudka (21 Jul 2016) 4193 +- tests: distribute the http2-server.pl script, too 4194 + 4195 +- docs: distribute the CURLINFO_HTTP_VERSION(3) man page, too 4196 + 4197 +Daniel Stenberg (21 Jul 2016) 4198 +- bump: start working on 7.50.1 4199 + 4200 +Version 7.50.0 (21 Jul 2016) 4201 + 4202 +Daniel Stenberg (21 Jul 2016) 4203 +- RELEASE-NOTES: version 7.50.0 ready 4204 + 4205 +- THANKS: 13 new contributors from the 7.50.0 release 4206 + 4207 +Jay Satiro (21 Jul 2016) 4208 +- winbuild: fix embedded manifest option 4209 + 4210 + Embedded manifest option didn't work due to typo. 4211 + 4212 + Reported-by: Stefan Kanthak 4213 + 4214 +- vauth: Fix memleak by freeing credentials if out of memory 4215 + 4216 + This is a follow up to the parent commit dcdd4be which fixes one leak 4217 + but creates another by failing to free the credentials handle if out of 4218 + memory. Also there's a second location a few lines down where we fail to 4219 + do same. This commit fixes both of those issues. 4220 + 4221 +Daniel Stenberg (20 Jul 2016) 4222 +- [Saurav Babu brought this change] 4223 + 4224 + vauth: Fixed memory leak due to function returning without free 4225 + 4226 + This patch allocates memory to "output_token" only when it is required 4227 + so that memory is not leaked if function returns. 4228 + 4229 +- test558: updated after ipv6-check move 4230 + 4231 + Follow-up commit to c50980807c5 to make this test pass. 4232 + 4233 +Jay Satiro (20 Jul 2016) 4234 +- connect: disable TFO on Linux when using SSL 4235 + 4236 + - Linux TFO + TLS is not implemented yet. 4237 + 4238 + Bug: https://github.com/curl/curl/issues/907 4239 + 4240 +Daniel Stenberg (19 Jul 2016) 4241 +- ROADMAP: QUIC and TLS 1.3 4242 + 4243 +- RELEASE-NOTES: synced with c50980807c5 4244 + 4245 +Jay Satiro (18 Jul 2016) 4246 +- [Brian Prodoehl brought this change] 4247 + 4248 + curl_global_init: Check if IPv6 works 4249 + 4250 + - Curl_ipv6works() is not thread-safe until after the first call, so 4251 + call it once during global init to avoid a possible race condition. 4252 + 4253 + Bug: https://github.com/curl/curl/issues/915 4254 + PR: https://github.com/curl/curl/pull/918 4255 + 4256 +- [Timothy Polich brought this change] 4257 + 4258 + CURLMOPT_SOCKETFUNCTION.3: fix typo 4259 + 4260 + Closes https://github.com/curl/curl/pull/914 4261 + 4262 +- [Miroslav Franc brought this change] 4263 + 4264 + library: Fix memory leaks found during static analysis 4265 + 4266 + Closes https://github.com/curl/curl/pull/913 4267 + 4268 +- [Viktor Szakats brought this change] 4269 + 4270 + cookie.c: Fix misleading indentation 4271 + 4272 + Closes https://github.com/curl/curl/pull/911 4273 + 4274 +- FAQ: Update FTP directory listing section for MLSD command 4275 + 4276 + Explain how some FTP servers support the machine readable listing 4277 + format MLSD from RFC 3659 and compare it to LIST. 4278 + 4279 + Ref: https://github.com/curl/curl/issues/906 4280 + 4281 +Daniel Stenberg (1 Jul 2016) 4282 +- [Sergei Nikulov brought this change] 4283 + 4284 + Appveyor: Updates for options - CURL_STATICLIB/BUILD_TESTING 4285 + 4286 + Closes #892 4287 + 4288 +- TODO: 17.4 also brings more HTTP/2 support 4289 + 4290 +- TODO: try next proxy if one doesn't work 4291 + 4292 + Closes #896 4293 + 4294 +- conn: don't free easy handle data in handler->disconnect 4295 + 4296 + Reported-by: Gou Lingfeng 4297 + Bug: https://curl.haxx.se/mail/lib-2016-06/0139.html 4298 + 4299 +- test1244: test different proxy ports same URL 4300 + 4301 +- curl_global_init.3: improved formatting of the flags 4302 + 4303 +- curl_global_init.3: expand on the SSL and WIN32 bits purpose 4304 + 4305 + Reported-by: Richard Gray 4306 + Bug: https://curl.haxx.se/mail/lib-2016-06/0136.html 4307 + 4308 +- [Michael Kaufmann brought this change] 4309 + 4310 + cleanup: minor code cleanup in Curl_http_readwrite_headers() 4311 + 4312 + - the expression of an 'if' was always true 4313 + - a 'while' contained a condition that was always true 4314 + - use 'if(k->exp100 > EXP100_SEND_DATA)' instead of 'if(k->exp100)' 4315 + - fixed a typo 4316 + 4317 + Closes #889 4318 + 4319 +- SFTP: set a generic error when no SFTP one exists... 4320 + 4321 + ... as otherwise we could get a 0 which would count as no error and we'd 4322 + wrongly continue and could end up segfaulting. 4323 + 4324 + Bug: https://curl.haxx.se/mail/lib-2016-06/0052.html 4325 + Reported-by: 暖和的和暖 4326 + 4327 +- ROADMAP: http2 tests are merged, mention http2 perf 4328 + 4329 +- docs/README.md: to render nicer pages on github 4330 + 4331 + ... as previously the README.cmake would be picked and put at the bottom 4332 + of the docs page there and it wasn't very representative! 4333 + 4334 +- README.md: change host name for the svg logo 4335 + 4336 + rawgit.com asks to use the domain cdn.rawgit.com for production 4337 + 4338 + See #900 4339 + 4340 +- [Viktor Szakats brought this change] 4341 + 4342 + README.md: use the SVG logo 4343 + 4344 +- README.md: logo on top! 4345 + 4346 +- KNOWN_BUGS: 3.4 POP3 expects "CRLF.CRLF" eob for some 4347 + 4348 + Closes #740 4349 + 4350 +- RELEASE-NOTES: synced with d61c80515aa8 4351 + 4352 +- [Michael Osipov brought this change] 4353 + 4354 + acinclude.m4: improve autodetection of CA bundle on FreeBSD 4355 + 4356 + The FreeBSD Port security/ca_root_nss installs the Mozilla NSS CA bundle 4357 + to /usr/local/share/certs/ca-root-nss.crt. Use this bundle in the 4358 + discovery process. 4359 + 4360 + This change also removes the former FreeBSD path that has been obsolete 4361 + for 8 years since this FreeBSD ports commit: 4362 + https://svnweb.freebsd.org/ports/head/security/?view=revision&revision=215953 4363 + 4364 + Closes #894 4365 + 4366 +- configure: don't specify .lib for libs on windows 4367 + 4368 + Another follow up for crypt32.lib linking with winssl 4369 + 4370 +- configure: fix winssl LIBS change typo 4371 + 4372 + follow-up from 120bf29e 4373 + 4374 +- TODO: "TCP Fast Open" is done, add monitor pool connections 4375 + 4376 +- configure: add crypt32.lib for winssl builds 4377 + 4378 + Necessary since 6cabd78531f 4379 + 4380 +- Makefile.vc: link with crypt32.lib for winssl builds 4381 + 4382 + Necessary since 6cabd78531f 4383 + 4384 + Fixes #853 4385 + 4386 +- [Joel Depooter brought this change] 4387 + 4388 + VC: Add crypt32.lib to Visual Sudio project template files 4389 + 4390 + Closes #854 4391 + 4392 +- vc: fix the build for schannel certinfo support 4393 + 4394 + Broken since 6cabd785, which adds use of the Curl_extract_certinfo 4395 + function from the x509asn1.c file. 4396 + 4397 +- typedefs: use the full structs in internal code... 4398 + 4399 + ... and save the typedef'ed names for headers and external APIs. 4400 + 4401 +- internals: rename the SessionHandle struct to Curl_easy 4402 + 4403 +- headers: forward declare CURL, CURLM and CURLSH as structs 4404 + 4405 + Instead of typedef'ing to void, typedef to their corresponding actual 4406 + struct names to allow compilers to type-check. 4407 + 4408 + Assisted-by: Reinhard Max 4409 + 4410 +Jay Satiro (22 Jun 2016) 4411 +- vtls: Only call add/getsession if session id is enabled 4412 + 4413 + Prior to this change we called Curl_ssl_getsessionid and 4414 + Curl_ssl_addsessionid regardless of whether session ID reusing was 4415 + enabled. According to comments that is in case session ID reuse was 4416 + disabled but then later enabled. 4417 + 4418 + The old way was not intuitive and probably not something users expected. 4419 + When a user disables session ID caching I'd guess they don't expect the 4420 + session ID to be cached anyway in case the caching is later enabled. 4421 + 4422 +Daniel Stenberg (22 Jun 2016) 4423 +- curl.1: the used progress meter suffix is k in lower case 4424 + 4425 + Closes #883 4426 + 4427 +- [Sergei Nikulov brought this change] 4428 + 4429 + cmake: now using BUILD_TESTING=ON/OFF 4430 + 4431 + CMake build now using BUILD_TESTING=ON/OFF (default is OFF) to build 4432 + tests and enabling CTest integration. Options BUILD_CURL_TESTS and 4433 + BUILD_DASHBOARD_REPORTS was removed. 4434 + 4435 + Closes #882 4436 + 4437 + Reviewed-by: Brad King 4438 + 4439 +- [Michael Kaufmann brought this change] 4440 + 4441 + cleanup: fix method names in code comments 4442 + 4443 + Closes #887 4444 + 4445 +Kamil Dudka (21 Jun 2016) 4446 +- curl-compilers.m4: improve detection of GCC's -fvisibility= flag 4447 + 4448 + Some builds of GCC produce output on both stdout and stderr when --help 4449 + --verbose is used. The 2>&1 redirection caused them to be arbitrarily 4450 + interleaved with each other because of stream buffering. Consequently, 4451 + grep failed to match the fvisibility= string in the mixed output, even 4452 + though the string was present in GCC's standard output. 4453 + 4454 + This led to silently disabling symbol hiding in some builds of curl. 4455 + 4456 +Daniel Stenberg (19 Jun 2016) 4457 +- tests: fix the HTTP/2 tests 4458 + 4459 + The HTTP/2 tests brought with commit bf05606ef1f were using the internal 4460 + name 'http2' for the HTTP/2 server, while in fact that name was already 4461 + used for the second instance of the HTTP server. This made tests using 4462 + the second instance (like test 2050) fail after a HTTP/2 test had run. 4463 + 4464 + The server is now known as HTTP/2 internally and within the <server> 4465 + section in test cases. 1700, 1701 and 1702 were updated accordingly. 4466 + 4467 +- openssl: use more 'const' to fix build warnings with 1.1.0 branch 4468 + 4469 +- curl.1: missed 'T' in the progress unit suffixes 4470 + 4471 +- curl.1: mention the unix for the progress meter 4472 + 4473 +Patrick Monnerat (16 Jun 2016) 4474 +- os400: add new definitions to ILE/RPG binding. 4475 + 4476 +Daniel Stenberg (16 Jun 2016) 4477 +- openssl: fix cert check with non-DNS name fields present 4478 + 4479 + Regression introduced in 5f5b62635 (released in 7.48.0) 4480 + 4481 + Reported-by: Fabian Ruff 4482 + Fixes #875 4483 + 4484 +Dan Fandrich (16 Jun 2016) 4485 +- axtls: Use Curl_wait_ms instead of the less-portable usleep 4486 + 4487 +- axtls: Fixed compile after compile 31c521b0 4488 + 4489 +- tests: Added HTTP proxy keywords to tests 1141 & 1142 4490 + 4491 +Jay Satiro (15 Jun 2016) 4492 +- [Sergei Nikulov brought this change] 4493 + 4494 + cmake: Fix build with winldap 4495 + 4496 + Bug: https://github.com/curl/curl/pull/874 4497 + Reported-by: Sergei Nikulov 4498 + 4499 +- CURLOPT_POSTFIELDS.3: Clarify what happens when set empty 4500 + 4501 + When CURLOPT_POSTFIELDS is set to an empty string libcurl will send a 4502 + zero-byte POST. Prior to this change it was documented as sending data 4503 + from the read callback. 4504 + 4505 + This also changes the wording of what happens when empty or NULL so that 4506 + it's hopefully easier to understand for people whose primary language 4507 + isn't English. 4508 + 4509 + Bug: https://github.com/curl/curl/issues/862 4510 + Reported-by: Askar Safin 4511 + 4512 +- [Michael Wallner brought this change] 4513 + 4514 + curl_multi_socket_action.3: Fix rewording 4515 + 4516 + - Remove some erroneous text. 4517 + 4518 + Closes https://github.com/curl/curl/pull/865 4519 + 4520 +- [Luo Jinghua brought this change] 4521 + 4522 + resolve: enable protocol family logic for synthesized IPv6 4523 + 4524 + - Enable protocol family logic for IPv6 resolves even when support 4525 + for synthesized addresses is enabled. 4526 + 4527 + This is a follow up to the parent commit that added support for 4528 + synthesized IPv6 addresses from IPv4 on iOS/OS X. The protocol family 4529 + logic needed for IPv6 was inadvertently excluded if support for 4530 + synthesized addresses was enabled. 4531 + 4532 + Bug: https://github.com/curl/curl/issues/863 4533 + Ref: https://github.com/curl/curl/pull/866 4534 + Ref: https://github.com/curl/curl/pull/867 4535 + 4536 +Daniel Stenberg (7 Jun 2016) 4537 +- [Luo Jinghua brought this change] 4538 + 4539 + resolve: add support for IPv6 DNS64/NAT64 Networks on OS X + iOS 4540 + 4541 + Use getaddrinfo() to resolve the IPv4 address literal on iOS/Mac OS X. 4542 + If the current network interface doesn’t support IPv4, but supports 4543 + IPv6, NAT64, and DNS64. 4544 + 4545 + Closes #866 4546 + Fixes #863 4547 + 4548 +- tests: two more HTTP/2 tests 4549 + 4550 + 1701 and 1702 4551 + 4552 +- runtests: don't display logs when http2 server fails to start 4553 + 4554 +- runtests: make stripfile work on stdout as well 4555 + 4556 + ... and have test 1700 use that to strip out the nghttpx server: headers 4557 + 4558 +- http2-tests: test1700 is the first real HTTP/2 test 4559 + 4560 + It requires that 'nghttpx' is in the PATH, and it will run the tests 4561 + using nghttpx as a front-end proxy in front of the standard HTTP/1 test 4562 + server. This uses HTTP/2 over plain TCP. 4563 + 4564 + If you like me have nghttpx installed in a custom path, you can run test 1700 4565 + like this: 4566 + 4567 + $ PATH=$PATH:$HOME/build-nghttp2/bin/ ./runtests.pl 1700 4568 + 4569 +- RELEASE-NOTES: synced with 34855feeb4c299 4570 + 4571 +Steve Holme (6 Jun 2016) 4572 +- schannel: Disable ALPN on Windows < 8.1 4573 + 4574 + Calling QueryContextAttributes with SECPKG_ATTR_APPLICATION_PROTOCOL 4575 + fails on Windows < 8.1 so we need to disable ALPN on these OS versions. 4576 + 4577 + Inspiration provide by: Daniel Seither 4578 + 4579 + Closes #848 4580 + Fixes #840 4581 + 4582 +Jay Satiro (5 Jun 2016) 4583 +- checksrc: Add LoadLibrary to the banned functions list 4584 + 4585 + LoadLibrary was supplanted by Curl_load_library for security 4586 + reasons in 6df916d. 4587 + 4588 +- http: Fix HTTP/2 connection reuse 4589 + 4590 + - Change the parser to not require a minor version for HTTP/2. 4591 + 4592 + HTTP/2 connection reuse broke when we changed from HTTP/2.0 to HTTP/2 4593 + in 8243a95 because the parser still expected a minor version. 4594 + 4595 + Bug: https://github.com/curl/curl/issues/855 4596 + Reported-by: Andrew Robbins, Frank Gevaerts 4597 + 4598 +Steve Holme (4 Jun 2016) 4599 +- connect.c: Fixed compilation warning from commit 332e8d6164 4600 + 4601 + connect.c:952:5: warning: suggest explicit braces to avoid ambiguous 'else' 4602 + 4603 +- win32: Used centralised verify windows version function 4604 + 4605 + Closes #845 4606 + 4607 +- win32: Added verify windows version functionality 4608 + 4609 +- win32: Introduced centralised verify windows version function 4610 + 4611 +Kamil Dudka (3 Jun 2016) 4612 +- tool_urlglob: fix off-by-one error in glob_parse() 4613 + 4614 + ... causing SIGSEGV while parsing URL with too many globs. 4615 + Minimal example: 4616 + 4617 + $ curl $(for i in $(seq 101); do printf '{a}'; done) 4618 + 4619 + Reported-by: Romain Coltel 4620 + Bug: https://bugzilla.redhat.com/1340757 4621 + 4622 +Daniel Stenberg (1 Jun 2016) 4623 +- [Benjamin Kircher brought this change] 4624 + 4625 + libcurl-multi.3: fix small typo 4626 + 4627 + Closes #850 4628 + 4629 +- [Viktor Szakats brought this change] 4630 + 4631 + makefile.m32: add crypt32 for winssl builds 4632 + 4633 + Dependency added by 6cabd78 4634 + 4635 + Closes #849 4636 + 4637 +- [Ivan Avdeev brought this change] 4638 + 4639 + vtls: fix ssl session cache race condition 4640 + 4641 + Sessionid cache management is inseparable from managing individual 4642 + session lifetimes. E.g. for reference-counted sessions (like those in 4643 + SChannel and OpenSSL engines) every session addition and removal 4644 + should be accompanied with refcount increment and decrement 4645 + respectively. Failing to do so synchronously leads to a race condition 4646 + that causes symptoms like use-after-free and memory corruption. 4647 + This commit: 4648 + - makes existing session cache locking explicit, thus allowing 4649 + individual engines to manage lock's scope. 4650 + - fixes OpenSSL and SChannel engines by putting refcount management 4651 + inside this lock's scope in relevant places. 4652 + - adds these explicit locking calls to other engines that use 4653 + sessionid cache to accommodate for this change. Note, however, 4654 + that it is unknown whether any of these engines could also have 4655 + this race. 4656 + 4657 + Bug: https://github.com/curl/curl/issues/815 4658 + Fixes #815 4659 + Closes #847 4660 + 4661 +- [Andrew Kurushin brought this change] 4662 + 4663 + schannel: add CURLOPT_CERTINFO support 4664 + 4665 + Closes #822 4666 + 4667 +- RELEASE-NOTES: synced with 142ee9fa15002315 4668 + 4669 +- openssl: rename the private SSL_strerror 4670 + 4671 + ... to make it not look like an OpenSSL function 4672 + 4673 +- [Michael Kaufmann brought this change] 4674 + 4675 + openssl: Use correct buffer sizes for error messages 4676 + 4677 + Closes #844 4678 + 4679 +- curl: fix -q [regression] 4680 + 4681 + This broke in 7.49.0 with commit e200034425a7625 4682 + 4683 + Fixes #842 4684 + 4685 +- URL parser: allow URLs to use one, two or three slashes 4686 + 4687 + Mostly in order to support broken web sites that redirect to broken URLs 4688 + that are accepted by browsers. 4689 + 4690 + Browsers are typically even more leniant than this as the WHATWG URL 4691 + spec they should allow an _infinite_ amount. I tested 8000 slashes with 4692 + Firefox and it just worked. 4693 + 4694 + Added test case 1141, 1142 and 1143 to verify the new parser. 4695 + 4696 + Closes #791 4697 + 4698 +- [Renaud Lehoux brought this change] 4699 + 4700 + cmake: Added missing mbedTLS support 4701 + 4702 + Closes #837 4703 + 4704 +- [Renaud Lehoux brought this change] 4705 + 4706 + mbedtls: removed unused variables 4707 + 4708 + Closes #838 4709 + 4710 +- [Frank Gevaerts brought this change] 4711 + 4712 + http: add CURLINFO_HTTP_VERSION and %{http_version} 4713 + 4714 + Adds access to the effectively used http version to both libcurl and 4715 + curl. 4716 + 4717 + Closes #799 4718 + 4719 +- bump: start the journey toward 7.50.0 4720 + 4721 +- [Marcel Raad brought this change] 4722 + 4723 + openssl: fix build with OPENSSL_NO_COMP 4724 + 4725 + With OPENSSL_NO_COMP defined, there is no function 4726 + SSL_COMP_free_compression_methods 4727 + 4728 + Closes #836 4729 + 4730 +- [Gisle Vanem brought this change] 4731 + 4732 + memdebug: fix MSVC crash with -DMEMDEBUG_LOG_SYNC 4733 + 4734 + Fixes #828 4735 + 4736 +- [Jonathan brought this change] 4737 + 4738 + README.md: polish 4739 + 4740 + Closes #834 4741 + 4742 +- RELEASE-NOTES: fix vuln link 4743 + 4744 +Version 7.49.1 (30 May 2016) 4745 + 4746 +Daniel Stenberg (30 May 2016) 4747 +- RELEASE-NOTES: 7.49.1 4748 + 4749 +- [Steve Holme brought this change] 4750 + 4751 + loadlibrary: Only load system DLLs from the system directory 4752 + 4753 + Inspiration provided by: Daniel Stenberg and Ray Satiro 4754 + 4755 + Bug: https://curl.haxx.se/docs/adv_20160530.html 4756 + 4757 + Ref: Windows DLL hijacking with curl, CVE-2016-4802 4758 + 4759 +- ssh: fix version number check typo 4760 + 4761 +Jay Satiro (29 May 2016) 4762 +- curl_share_setopt.3: Add min ver needed for ssl session lock 4763 + 4764 + Bug: https://github.com/curl/curl/issues/826 4765 + Reported-by: Michael Wallner 4766 + 4767 +Daniel Stenberg (29 May 2016) 4768 +- ssh: fix build for libssh2 before 1.2.6 4769 + 4770 + The statvfs functionality was added to libssh2 in that version, so we 4771 + switch off that functionality when built with older libraries. 4772 + 4773 + Fixes #831 4774 + 4775 +- mbedtls: fix includes so snprintf() works 4776 + 4777 + Regression from the previous *printf() rearrangements, this file missed to 4778 + include the correct header to make sure snprintf() works universally. 4779 + 4780 + Reported-by: Moti Avrahami 4781 + Bug: https://curl.haxx.se/mail/lib-2016-05/0196.html 4782 + 4783 +Steve Holme (23 May 2016) 4784 +- checksrc.pl: Added variants of strcat() & strncat() to banned function list 4785 + 4786 + Added support for checking the tchar, unicode and mbcs variants of 4787 + strcat() and strncat() in the banned function list. 4788 + 4789 +Daniel Stenberg (23 May 2016) 4790 +- smtp: minor ident (white space) fixes 4791 + 4792 +- THANKS: updated after script fixes 4793 + 4794 + Now giving credit properly to github user names, fixed some UTF-8 issues 4795 + and added names discovered when contrithanks was improved. 4796 + 4797 +- THANKS-filter: more name cleanups 4798 + 4799 +- contrithanks.sh: exclude existing names case insensitively 4800 + 4801 +- contrithanks.sh: use same grep pattern and -a flag as contributors.sh 4802 + 4803 +- contributors.sh: better grep pattern, use grep -a 4804 + 4805 +- THANKS-filter: fix more names 4806 + 4807 +- contrithanks.sh: do the same github fix as contributors.sh 4808 + 4809 + from 1577bfa35ba 4810 + 4811 +Jay Satiro (23 May 2016) 4812 +- contributors: Show GitHub username if real name unknown 4813 + 4814 + Prior to this change if a GitHub contributor's real name was unknown 4815 + they would be omitted from the list. 4816 + 4817 + Bug: https://github.com/curl/curl/issues/824 4818 + 4819 +Daniel Stenberg (21 May 2016) 4820 +- RELEASE-NOTES: synced with 3caaeffbe8ded4 4821 + 4822 +Jay Satiro (20 May 2016) 4823 +- openssl: cleanup must free compression methods 4824 + 4825 + - Free compression methods if OpenSSL 1.0.2 to avoid a memory leak. 4826 + 4827 + Bug: https://github.com/curl/curl/issues/817 4828 + Reported-by: jveazey@users.noreply.github.com 4829 + 4830 +Daniel Stenberg (20 May 2016) 4831 +- [Gisle Vanem brought this change] 4832 + 4833 + curl_multibyte: fix compiler error 4834 + 4835 + While compiling lib/curl_multibyte.c with '-DUSE_WIN32_IDN' etc. I was 4836 + getting: 4837 + 4838 + f:\mingw32\src\inet\curl\lib\memdebug.h(38): error C2054: expected '(' 4839 + to follow 'CURL_EXTERN' 4840 + 4841 + f:\mingw32\src\inet\curl\lib\memdebug.h(38): error C2085: 4842 + 'curl_domalloc': not in formal parameter list 4843 + 4844 +- THANKS-filter: make Jan-E get proper credit 4845 + 4846 +- [Jan-E brought this change] 4847 + 4848 + winbuild/Makefile.vc: Fix check on SSL, MBEDTLS, WINSSL exclusivity 4849 + 4850 + Closes #818 4851 + 4852 +- [Alexander Traud brought this change] 4853 + 4854 + libcurl.m4: Avoid obsolete warning 4855 + 4856 + Closes #821 4857 + 4858 +Jay Satiro (20 May 2016) 4859 +- [Michael Kaufmann brought this change] 4860 + 4861 + CURLOPT_CONNECT_TO.3: user must not free the list prematurely 4862 + 4863 + The connect-to list isn't copied so as long as the handle may be used 4864 + for a transfer the list must be valid. 4865 + 4866 + Bug: https://github.com/curl/curl/pull/819 4867 + Reported-by: Michael Kaufmann 4868 + 4869 +Daniel Stenberg (19 May 2016) 4870 +- RELEASE-NOTES: synced with 48114a8634242c 4871 + 4872 +- openssl: ERR_remove_thread_state() is deprecated in latest 1.1.0 4873 + 4874 + See OpenSSL commit 21e001747d4a 4875 + 4876 +- http2: use HTTP/2 in the HTTP/1.1-alike header 4877 + 4878 + ... when generating them, not "2.0" as the protocol is called just 4879 + HTTP/2 and nothing else. 4880 + 4881 +Jay Satiro (19 May 2016) 4882 +- dist: include curl_multi_socket_all.3 4883 + 4884 + Closes https://github.com/curl/curl/pull/816 4885 + 4886 +Steve Holme (18 May 2016) 4887 +- bump: Start work on 7.49.1 4888 + 4889 +Daniel Stenberg (18 May 2016) 4890 +- curlbuild.h.dist: check __LP64__ as well to fix MIPS build 4891 + 4892 + The preprocessor check that sets up the 32bit defines for non-configure 4893 + builds didn't work properly for MIPS systems as __mips__ is defined for 4894 + both 32bit and 64bit. Now __LP64__ is also checked and indicates 64bit. 4895 + 4896 + Reported-by: Tomas Jakobsson 4897 + Fixes #813 4898 + 4899 +- [Marcel Raad brought this change] 4900 + 4901 + schannel: fix compile break with MSVC XP toolset 4902 + 4903 + For the Windows XP toolset of Visual C++ 2013/2015, the old Windows SDK 4904 + 7.1 is used. In this case, _USING_V110_SDK71_ is defined. 4905 + 4906 + Closes #812 4907 + 4908 +- dist: include CHECKSRC.md 4909 + 4910 + Reported-by: Paul Howarth 4911 + Bug: https://curl.haxx.se/mail/lib-2016-05/0116.html 4912 + 4913 +- test/Makefile.am: include manpage-scan.pl and nroff-scan.pl in dist 4914 + 4915 + Reported-by: Ray Satiro 4916 + Bug: https://curl.haxx.se/mail/lib-2016-05/0113.html 4917 + 4918 +Version 7.49.0 (17 May 2016) 4919 + 4920 +Daniel Stenberg (17 May 2016) 4921 +- THANKS: 24 new names from 7.49.0 release notes 4922 + 4923 +- RELEASE-NOTES: 7.49.0 4924 + 4925 +- mbedtls/polarssl: set "hostname" unconditionally 4926 + 4927 + ...as otherwise the TLS libs will skip the CN/SAN check and just allow 4928 + connection to any server. curl previously skipped this function when SNI 4929 + wasn't used or when connecting to an IP address specified host. 4930 + 4931 + CVE-2016-3739 4932 + 4933 + Bug: https://curl.haxx.se/docs/adv_20160518A.html 4934 + Reported-by: Moti Avrahami 4935 + 4936 +- [Frank Gevaerts brought this change] 4937 + 4938 + CURLOPT_RESOLVE.3: fix typo 4939 + 4940 + Closes #811 4941 + 4942 +- docs: CURLOPT_RESOLVE overrides CURLOPT_IPRESOLVE 4943 + 4944 +- KNOWN_BUGS: GnuTLS backend skips really long certificate fields 4945 + 4946 + Closes #762 4947 + 4948 +- CURLOPT_HTTPPOST.3: the data needs to be around while in use 4949 + 4950 +- openssl: get_cert_chain: fix NULL dereference 4951 + 4952 + CID 1361815: Explicit null dereferenced (FORWARD_NULL) 4953 + 4954 +- openssl: get_cert_chain: avoid NULL dereference 4955 + 4956 + CID 1361811: Explicit null dereferenced (FORWARD_NULL) 4957 + 4958 +- dprintf_formatf: fix (false?) Coverity warning 4959 + 4960 + CID 1024412: Memory - illegal accesses (OVERRUN). Claimed to happen when 4961 + we run over 'workend' but the condition says <= workend and for all I 4962 + can see it should be safe. Compensating for the warning by adding a byte 4963 + margin in the buffer. 4964 + 4965 + Also, removed the extra brace level indentation in the code and made it 4966 + so that 'workend' is only assigned once within the function. 4967 + 4968 +- RELEASE-NOTES: synced with 2dcb5adc72d6 4969 + 4970 +- THANKS-filter: fixed Jonathan Cardoso 4971 + 4972 +Jay Satiro (15 May 2016) 4973 +- ftp: fix incorrect out-of-memory code in Curl_pretransfer 4974 + 4975 + - Return value type must match function type. 4976 + 4977 + s/CURLM_OUT_OF_MEMORY/CURLE_OUT_OF_MEMORY/ 4978 + 4979 + Caught by Travis CI 4980 + 4981 +Daniel Stenberg (15 May 2016) 4982 +- ftp wildcard: segfault due to init only in multi_perform 4983 + 4984 + The proper FTP wildcard init is now more properly done in Curl_pretransfer() 4985 + and the corresponding cleanup in Curl_close(). 4986 + 4987 + The previous place of init/cleanup code made the internal pointer to be NULL 4988 + when this feature was used with the multi_socket() API, as it was made within 4989 + the curl_multi_perform() function. 4990 + 4991 + Reported-by: Jonathan Cardoso Machado 4992 + Fixes #800 4993 + 4994 +Jay Satiro (13 May 2016) 4995 +- libcurl-tlibcurl-thread: Update OpenSSL links 4996 + 4997 + Because the old OpenSSL link now redirects to their master documentation 4998 + (currently 1.1.0), which does not document the required actions for 4999 + OpenSSL <= 1.0.2. 5000 + 5001 +Daniel Stenberg (13 May 2016) 5002 +- [Viktor Szakats brought this change] 5003 + 5004 + darwinssl.c: fix OS X codename typo in comment 5005 + 5006 +- RELEASE-NOTES: synced with 68701e51c1f7 5007 + 5008 + Added 8 bug fixes and 5 more contrbutors 5009 + 5010 +- [Jay Satiro brought this change] 5011 + 5012 + mprintf: Fix processing of width and prec args 5013 + 5014 + Prior to this change a width arg could be erroneously output, and also 5015 + width and precision args could not be used together without crashing. 5016 + 5017 + "%0*d%s", 2, 9, "foo" 5018 + 5019 + Before: "092" 5020 + After: "09foo" 5021 + 5022 + "%*.*s", 5, 2, "foo" 5023 + 5024 + Before: crash 5025 + After: " fo" 5026 + 5027 + Test 557 is updated to verify this and more 5028 + 5029 +- [Michael Kaufmann brought this change] 5030 + 5031 + ConnectionExists: follow-up fix for proxy re-use 5032 + 5033 + Follow-up commit to 5823179 5034 + 5035 + Closes #648 5036 + 5037 +- [Per Malmberg brought this change] 5038 + 5039 + darwinssl: fix certificate verification disable on OS X 10.8 5040 + 5041 + The new way of disabling certificate verification doesn't work on 5042 + Mountain Lion (OS X 10.8) so we need to use the old way in that version 5043 + too. I've tested this solution on versions 10.7.5, 10.8, 10.9, 10.10.2 5044 + and 10.11. 5045 + 5046 + Closes #802 5047 + 5048 +- [Cory Benfield brought this change] 5049 + 5050 + http2: Add space between colon and header value 5051 + 5052 + curl's representation of HTTP/2 responses involves transforming the 5053 + response to a format that is similar to HTTP/1.1. Prior to this change, 5054 + curl would do this by separating header names and values with only a 5055 + colon, without introducing a space after the colon. 5056 + 5057 + While this is technically a valid way to represent a HTTP/1.1 header 5058 + block, it is much more common to see a space following the colon. This 5059 + change introduces that space, to ensure that incautious tools are safely 5060 + able to parse the header block. 5061 + 5062 + This also ensures that the difference between the HTTP/1.1 and HTTP/2 5063 + response layout is as minimal as possible. 5064 + 5065 + Bug: https://github.com/curl/curl/issues/797 5066 + 5067 + Closes #798 5068 + Fixes #797 5069 + 5070 +Kamil Dudka (12 May 2016) 5071 +- openssl: fix compile-time warning in Curl_ossl_check_cxn() 5072 + 5073 + ... introduced in curl-7_48_0-293-g2968c83: 5074 + 5075 + Error: COMPILER_WARNING: 5076 + lib/vtls/openssl.c: scope_hint: In function ‘Curl_ossl_check_cxn’ 5077 + lib/vtls/openssl.c:767:15: warning: conversion to ‘int’ from ‘ssize_t’ 5078 + may alter its value [-Wconversion] 5079 + 5080 +Jay Satiro (11 May 2016) 5081 +- openssl: stricter connection check function 5082 + 5083 + - In the case of recv error, limit returning 'connection still in place' 5084 + to EINPROGRESS, EAGAIN and EWOULDBLOCK. 5085 + 5086 + This is an improvement on the parent commit which changed the openssl 5087 + connection check to use recv MSG_PEEK instead of SSL_peek. 5088 + 5089 + Ref: https://github.com/curl/curl/commit/856baf5#comments 5090 + 5091 +Daniel Stenberg (11 May 2016) 5092 +- [Anders Bakken brought this change] 5093 + 5094 + TLS: SSL_peek is not a const operation 5095 + 5096 + Calling SSL_peek can cause bytes to be read from the raw socket which in 5097 + turn can upset the select machinery that determines whether there's data 5098 + available on the socket. 5099 + 5100 + Since Curl_ossl_check_cxn only tries to determine whether the socket is 5101 + alive and doesn't actually need to see the bytes SSL_peek seems like 5102 + the wrong function to call. 5103 + 5104 + We're able to occasionally reproduce a connect timeout due to this 5105 + bug. What happens is that Curl doesn't know to call SSL_connect again 5106 + after the peek happens since data is buffered in the SSL buffer and thus 5107 + select won't fire for this socket. 5108 + 5109 + Closes #795 5110 + 5111 +Jay Satiro (9 May 2016) 5112 +- [Daniel Stenberg brought this change] 5113 + 5114 + TLS: move the ALPN/NPN enable bits to the connection 5115 + 5116 + Only protocols that actually have a protocol registered for ALPN and NPN 5117 + should try to get that negotiated in the TLS handshake. That is only 5118 + HTTPS (well, http/1.1 and http/2) right now. Previously ALPN and NPN 5119 + would wrongly be used in all handshakes if libcurl was built with it 5120 + enabled. 5121 + 5122 + Reported-by: Jay Satiro 5123 + 5124 + Fixes #789 5125 + 5126 +Daniel Stenberg (8 May 2016) 5127 +- libcurl-thread.3: openssl 1.1.0 is safe, and so is boringssl 5128 + 5129 +- [Antonio Larrosa brought this change] 5130 + 5131 + connect: fix invalid "Network is unreachable" errors 5132 + 5133 + Sometimes, in systems with both ipv4 and ipv6 addresses but where the 5134 + network doesn't support ipv6, Curl_is_connected returns an error 5135 + (intermittently) even if the ipv4 socket connects successfully. 5136 + 5137 + This happens because there's a for-loop that iterates on the sockets but 5138 + the error variable is not resetted when the ipv4 is checked and is ok. 5139 + 5140 + This patch fixes this problem by setting error to 0 when checking the 5141 + second socket and not having a result yet. 5142 + 5143 + Fixes #794 5144 + 5145 +Jay Satiro (5 May 2016) 5146 +- FAQ: refer to thread safety guidelines 5147 + 5148 +Daniel Stenberg (3 May 2016) 5149 +- connections: non-HTTP proxies on different ports aren't reused either 5150 + 5151 + Reported-by: Oleg Pudeyev and fuchaoqun 5152 + 5153 + Fixes #648 5154 + 5155 +- http: make sure a blank header overrides accept_decoding 5156 + 5157 + Reported-by: rcanavan 5158 + Assisted-by: Isaac Boukris 5159 + Closes #785 5160 + 5161 +- CHECKSRC.md: clarified, explained the whitelist file 5162 + 5163 +- nroff-scan.pl: verify that references are made with \fI 5164 + 5165 +- docs: unified man page references to use \fI 5166 + 5167 +- TODO: 17.14 --fail without --location should treat 3xx as a failure 5168 + 5169 + Closes #727 5170 + 5171 +- RELEASE-NOTES: synced with 7987f5cb14d 5172 + 5173 +- [Isaac Boukris brought this change] 5174 + 5175 + CURLOPT_ACCEPT_ENCODING.3: Follow-up clarification 5176 + 5177 + Mention possible content-length mismatch with sum of bytes reported 5178 + by write callbacks when auto decoding is enabled. 5179 + 5180 + See #785 5181 + 5182 +- test1140: run nroff-scan to verify man pages 5183 + 5184 +- nroff-scan.pl: verify the .BR references as well 5185 + 5186 +- CURLOPT_CONV_TO_NETWORK_FUNCTION.3: fix bad man page reference 5187 + 5188 +- CURLOPT_BUFFERSIZE.3: fix reference to CURLOPT_MAX_RECV_SPEED_LARGE 5189 + 5190 +- curl_easy_pause.3: fix man page reference 5191 + 5192 +Jay Satiro (1 May 2016) 5193 +- tool_cb_hdr: Fix --remote-header-name with schemeless URL 5194 + 5195 + - Move the existing scheme check from tool_operate. 5196 + 5197 + In the case of --remote-header-name we want to parse Content-disposition 5198 + for a filename, but only if the scheme is http or https. A recent 5199 + adjustment 0dc4d8e was made to account for schemeless URLs however it's 5200 + not 100% accurate. To remedy that I've moved the scheme check to the 5201 + header callback, since at that point the library has already determined 5202 + the scheme. 5203 + 5204 + Bug: https://github.com/curl/curl/issues/760 5205 + Reported-by: Kai Noda 5206 + 5207 +Daniel Stenberg (1 May 2016) 5208 +- tls: make setting pinnedkey option fail if not supported 5209 + 5210 + to make it obvious to users trying to use the feature with TLS backends 5211 + not supporting it. 5212 + 5213 + Discussed in #781 5214 + Reported-by: Travis Burtrum 5215 + 5216 +- nroff-scan.pl: verifies nroff pages 5217 + 5218 + ... not used by any test yet but can be used stand-alone. 5219 + 5220 +- opts: fix broken/bad references 5221 + 5222 +- [Michael Kaufmann brought this change] 5223 + 5224 + docs: fix bugs in CURLOPT_HTTP_VERSION.3 and CURLOPT_PIPEWAIT.3 5225 + 5226 + Closes #786 5227 + 5228 +- CURLOPT_ACCEPT_ENCODING.3: clarified 5229 + 5230 + As discussed in #785 5231 + 5232 +- curl.1: --mail-rcpt can be used multiple times 5233 + 5234 + Reported-by: mgendre 5235 + Closes #784 5236 + 5237 +- [Karlson2k brought this change] 5238 + 5239 + tests: Use 'pathhelp' for paths conversions in secureserver.pl 5240 + 5241 + Closes #675 5242 + 5243 +- [Karlson2k brought this change] 5244 + 5245 + tests: Use 'pathhelp' for paths conversions in sshserver.pl 5246 + 5247 +- [Karlson2k brought this change] 5248 + 5249 + tests: Use 'pathhelp' for current path in runtests.pl 5250 + 5251 +- [Karlson2k brought this change] 5252 + 5253 + tests: pathhelp.pm to process paths on Msys/Cygwin 5254 + 5255 +- lib: include curl_printf.h as one of the last headers 5256 + 5257 + curl_printf.h defines printf to curl_mprintf, etc. This can cause 5258 + problems with external headers which may use 5259 + __attribute__((format(printf, ...))) markers etc. 5260 + 5261 + To avoid that they cause problems with system includes, we include 5262 + curl_printf.h after any system headers. That makes the three last 5263 + headers to always be, and we keep them in this order: 5264 + 5265 + curl_printf.h 5266 + curl_memory.h 5267 + memdebug.h 5268 + 5269 + None of them include system headers, they all do funny #defines. 5270 + 5271 + Reported-by: David Benjamin 5272 + 5273 + Fixes #743 5274 + 5275 +- memdebug.h: remove inclusion of other headers 5276 + 5277 + Mostly because they're not needed, because memdebug.h is always included 5278 + last of all headers so the others already included the correct ones. 5279 + 5280 + But also, starting now we don't want this to accidentally include any 5281 + system headers, as the header included _before_ this header may add 5282 + defines and other fun stuff that we won't want used in system includes. 5283 + 5284 +- [Jay Satiro brought this change] 5285 + 5286 + curl -J: make it work even without http:// scheme on URL 5287 + 5288 + It does open up a miniscule risk that one of the other protocols that 5289 + libcurl could use would send back a Content-Disposition header and then 5290 + curl would act on it even if not HTTP. 5291 + 5292 + A future mitigation for this risk would be to allow the callback to ask 5293 + libcurl which protocol is being used. 5294 + 5295 + Verified with test 1312 5296 + 5297 + Closes #760 5298 + 5299 +- manpage-scan.pl: also verify the command line option docs 5300 + 5301 + This script now also scans src/tool_getparam.c, docs/curl.1 and 5302 + src/tool_help.c and will warn if any of them lists a command line option 5303 + not mentioned in one of the other places. 5304 + 5305 +- curl: show the long option version of -q in the -h list 5306 + 5307 +- curl: remove "--socks" as "--socks5" turned 8 5308 + 5309 + In commit 2e42b0a2524 (Jan 2008) we made the option "--socks" deprecated 5310 + and it has not been documented since. The more explicit socks options 5311 + (like --socks4 or --socks5) should be used. 5312 + 5313 +- curl.1: document the deprecated --ftp-ssl option 5314 + 5315 +- curl: remove --http-request 5316 + 5317 + It was mentioned as deprecated already in commit ae1912cb0d4 from 5318 + 1999. It has not been documented in this millennium. 5319 + 5320 +- curl: mention --ntlm-wb in -h list 5321 + 5322 +- curl: -h output lacked --proxy-header 5323 + 5324 +- curl.1: document --ntlm-wb 5325 + 5326 +- curl.1: document the long format of -q: --disable 5327 + 5328 +- curl.1: mention the deprecated --krb4 option 5329 + 5330 +- curl.1: document --ftp-ssl-reqd 5331 + 5332 + Even if deprecated, document it so that people will find it as old 5333 + scripts may still use it. 5334 + 5335 +- curl: use --telnet-option as documented 5336 + 5337 + The code said "telnet-options" but no documentation ever said so. It 5338 + worked fine since the code is fine with a unique match of the first 5339 + part. 5340 + 5341 +- getparam: remove support for --ftpport 5342 + 5343 + It has been deprecated and undocumented since commit ad5ead8bed7 (Dec 5344 + 2003). --ftp-port is the proper long option name. 5345 + 5346 +- curl: make --disable work as long form of -q 5347 + 5348 + To make the aliases list reflect reality. 5349 + 5350 +- aliases: remove trailing space from capath string 5351 + 5352 +- cmdline parse: only single letter options have single-letter strings 5353 + 5354 + ... moved around options so that parsing the code to find all 5355 + single-letter options easier. 5356 + 5357 +Jay Satiro (28 Apr 2016) 5358 +- CURLINFO_TLS_SSL_PTR.3: Clarify SSL pointer availability 5359 + 5360 + Bug: https://curl.haxx.se/mail/lib-2016-04/0126.html 5361 + Reported-by: Bru Rom 5362 + 5363 +Daniel Stenberg (28 Apr 2016) 5364 +- curl_easy_getinfo.3: remove superfluous blank lines 5365 + 5366 +- test1139: verifies libcurl option man page presence 5367 + 5368 + - checks that each option has its own man page present 5369 + 5370 + - checks that each option is mentioned in its corresponding index man 5371 + page 5372 + 5373 +- curl_easy_getinfo.3: added missing mention of CURLINFO_TLS_SESSION 5374 + 5375 + ... although it is deprecated. 5376 + 5377 +Jay Satiro (28 Apr 2016) 5378 +- mbedtls: Fix session resume 5379 + 5380 + This also fixes PolarSSL session resume. 5381 + 5382 + Prior to this change the TLS session information wasn't properly 5383 + saved and restored for PolarSSL and mbedTLS. 5384 + 5385 + Bug: https://curl.haxx.se/mail/lib-2016-01/0070.html 5386 + Reported-by: Thomas Glanzmann 5387 + 5388 + Bug: https://curl.haxx.se/mail/lib-2016-04/0095.html 5389 + Reported-by: Moti Avrahami 5390 + 5391 +Daniel Stenberg (27 Apr 2016) 5392 +- RELEASE-NOTES: synced with f4298fcc6d2 5393 + 5394 +- [Michael Kaufmann brought this change] 5395 + 5396 + opts: Fix some syntax errors in example code fragments 5397 + 5398 + Fixes #779 5399 + 5400 +- openssl: avoid BN_print a NULL bignum 5401 + 5402 + OpenSSL 1.1.0-pre seems to return NULL(?) for a whole lot of those 5403 + numbers so make sure the function handles this. 5404 + 5405 + Reported-by: Linus Nordberg 5406 + 5407 +- [Marcel Raad brought this change] 5408 + 5409 + CONNECT_ONLY: don't close connection on GSS 401/407 reponses 5410 + 5411 + Previously, connections were closed immediately before the user had a 5412 + chance to extract the socket when the proxy required Negotiate 5413 + authentication. 5414 + 5415 + This regression was brought in with the security fix in commit 5416 + 79b9d5f1a42578f 5417 + 5418 + Closes #655 5419 + 5420 +- CURLINFO_TLS_SESSION.3: clarify TLS library support before 7.48.0 5421 + 5422 +- mbedtls.c: silly spellfix of a comment 5423 + 5424 +- KNOWN_BUGS: 1.10 Strips trailing dot from host name 5425 + 5426 + Closes #716 5427 + 5428 +- test1322: verify stripping of trailing dot from host name 5429 + 5430 + While being debated (in #716) and a violation of RFC 7230 section 5.4, 5431 + this test verifies that the existing functionality works as intended. It 5432 + strips the dot from the host name and uses the host without dot 5433 + throughout the internals. 5434 + 5435 +- multi: accidentally used resolved host name instead of proxy 5436 + 5437 + Regression introduced in 09b5a998 5438 + 5439 + Bug: https://curl.haxx.se/mail/lib-2016-04/0084.html 5440 + Reported-by: BoBo 5441 + 5442 +- symbols-in-versions: added new CURLSSLBACKEND_ symbols 5443 + 5444 +- test148: fixed after the --ftp-create-dirs retry change 5445 + 5446 + follow-up commit to 3c1e84f569 as it made curl try a little harder 5447 + 5448 +- curl.h: clarify curl_sslbackend for openssl clones and renames 5449 + 5450 +- [Karlson2k brought this change] 5451 + 5452 + url.c: fixed DEBUGASSERT() for WinSock workaround 5453 + 5454 + If buffer is allocated, but nothing is received during prereceive 5455 + stage, than number of processed bytes must be zero. 5456 + 5457 + Closes #778 5458 + 5459 +- KNOWN_BUGS: --interface for ipv6 binds to unusable IP address 5460 + 5461 + Closes #686 for now. 5462 + 5463 +- TODO: 1.17 Add support for IRIs 5464 + 5465 + Adding support for IRIs is a mouthful, but is probably interesting at 5466 + least for areas and countries where the use of such "URLs" are growing 5467 + popularity. 5468 + 5469 + Closes #776 5470 + 5471 +- THANKS-filter: Travis Burtrum 5472 + 5473 +- lib1517: checksrc compliance 5474 + 5475 +- [moparisthebest brought this change] 5476 + 5477 + PolarSSL: Implement public key pinning 5478 + 5479 +Patrick Monnerat (22 Apr 2016) 5480 +- os400: upgrade ILE/RPG binding 5481 + 5482 +- curl.h: CURLOPT_CONNECT_TO sets a struct slist *, not a string 5483 + 5484 +Daniel Stenberg (22 Apr 2016) 5485 +- contributors.sh: make --releasenotes implied 5486 + 5487 + It got too annoying to type =) 5488 + 5489 +- RELEASE-NOTES: synced with 3c1e84f5693d8093 5490 + 5491 +- curl: make --ftp-create-dirs retry on failure 5492 + 5493 + The underlying libcurl option used for this feature is 5494 + CURLOPT_FTP_CREATE_MISSING_DIRS which has the ability to retry the dir 5495 + creation, but it was never set to do that by the command line tool. 5496 + 5497 + Now it does. 5498 + 5499 + Bug: https://curl.haxx.se/mail/archive-2016-04/0021.html 5500 + Reported-by: John Wanghui 5501 + Help-by: Leif W 5502 + 5503 +- [Henrik Gaßmann brought this change] 5504 + 5505 + winbuild: add mbedtls support 5506 + 5507 + Add WITH_MBEDTLS option. Make WITH_SSL, WITH_MBEDTLS and ENABLE_WINSSL 5508 + options mutual exclusive. 5509 + 5510 + Closes #606 5511 + 5512 +- KNOWN_BUGS: fixed "5.6 Improper use of Autoconf cache variables" 5513 + 5514 + As of commit d9f3b365a3 5515 + 5516 +- [Irfan Adilovic brought this change] 5517 + 5518 + configure: ac_cv_ -> curl_cv_ for write-only vars 5519 + 5520 + These configure vars are modified in a curl-specific way but never 5521 + evaluated or loaded from cache, even though they are designated as 5522 + _cv_. We could either implement proper AC_CACHE_CHECKs for them, or 5523 + remove them completely. 5524 + 5525 + Fixes #603 as ac_cv_func_gethostbyname is no longer clobbered, and 5526 + AC_CHECK_FUNC(gethostbyname...) will no longer spuriously succeed after 5527 + the first configure run with caching. 5528 + 5529 + `ac_cv_func_strcasecmp` is curious, see #770. 5530 + 5531 + `eval "ac_cv_func_$func=yes"` can still cause problems as it works in 5532 + tandem with AC_CHECK_FUNCS and then potentially modifies its result. It 5533 + would be best to rewrite this test to use a new CURL_CHECK_FUNCS macro, 5534 + which works the same as AC_CHECK_FUNCS but relies on caching the values 5535 + of curl_cv_func_* variables, without modifiying ac_cv_func_*. 5536 + 5537 +- [Irfan Adilovic brought this change] 5538 + 5539 + configure: ac_cv_ -> curl_cv_ for r/w vars 5540 + 5541 + These configure vars are modified in a curl-specific way and modified by 5542 + the configure process, but are never loaded from cache, even though they 5543 + are designated as _cv_. We should implement proper AC_CACHE_CHECKs for 5544 + them eventually. 5545 + 5546 +- [Irfan Adilovic brought this change] 5547 + 5548 + configure: ac_cv_func_clock_gettime -> curl_... 5549 + 5550 + This variable must not be cached in its current form, as any cached 5551 + information will prevent the next configure run from determining the 5552 + correct LIBS needed for the function. Thus, rename prefix `ac_cv_` to 5553 + just `curl_`. 5554 + 5555 +- [Irfan Adilovic brought this change] 5556 + 5557 + configure: ac_cv_ -> curl_cv_ for all cached vars 5558 + 5559 + This was automated by: 5560 + 5561 + sed -b -i -f <(ack -A1 AC_CACHE_CHECK | \ 5562 + ack -o 'ac_cv_.*?\b' | \ 5563 + sort -u | xargs -n1 bash -c \ 5564 + 'echo "s/$0/curl_cv_${0#ac_cv_}/g"') \ 5565 + $(git ls-files) 5566 + 5567 + This only changed the prefix for 16 variables actually checked with 5568 + AC_CACHE_CHECK. 5569 + 5570 +- openssl: builds with OpenSSL 1.1.0-pre5 5571 + 5572 + The RSA, DSA and DH structs are now opaque and require use of new APIs 5573 + 5574 + Fixes #763 5575 + 5576 +Steve Holme (20 Apr 2016) 5577 +- url.c: Prefer we don't use explicit NULLs in conditions 5578 + 5579 + Fixed commit fa5fa65a30 to not use NULLs in if condition. 5580 + 5581 +Daniel Stenberg (20 Apr 2016) 5582 +- [Isaac Boukris brought this change] 5583 + 5584 + NTLM: check for NULL pointer before deferencing 5585 + 5586 + At ConnectionExists, both check->proxyuser and check->proxypasswd 5587 + could be NULL, so make sure to check first. 5588 + 5589 + Fixes #765 5590 + 5591 +- [Karlson2k brought this change] 5592 + 5593 + tests: added test1517 5594 + 5595 + ... for checking ability to receive full HTTP response when POST request 5596 + is used with slow read callback function. 5597 + 5598 + This test checks for bug #657 and verifies the work-around from 5599 + 72d5e144fbc6. 5600 + 5601 + Closes #720 5602 + 5603 +- [Karlson2k brought this change] 5604 + 5605 + sendf.c: added ability to call recv() before send() as workaround 5606 + 5607 + WinSock destroys recv() buffer if send() is failed. As result - server 5608 + response may be lost if server sent it while curl is still sending 5609 + request. This behavior noticeable on HTTP server short replies if 5610 + libcurl use several send() for request (usually for POST request). 5611 + To workaround this problem, libcurl use recv() before every send() and 5612 + keeps received data in intermediate buffer for further processing. 5613 + 5614 + Fixes: #657 5615 + Closes: #668 5616 + 5617 +Kamil Dudka (19 Apr 2016) 5618 +- connect: make sure that rc is initialized in singleipconnect() 5619 + 5620 + This commit fixes a Clang warning introduced in curl-7_48_0-190-g8f72b13: 5621 + 5622 + Error: CLANG_WARNING: 5623 + lib/connect.c:1120:11: warning: The right operand of '==' is a garbage value 5624 + 1118| } 5625 + 1119| 5626 + 1120|-> if(-1 == rc) 5627 + 1121| error = SOCKERRNO; 5628 + 1122| } 5629 + 5630 +Daniel Stenberg (19 Apr 2016) 5631 +- make/checksrc: use $srcdir, not $top_srcdir 5632 + 5633 +- src/checksrc.whitelist: removed 5634 + 5635 +- tool_operate: switch to inline checksrc ignore 5636 + 5637 +- lib/checksrc.whitelist: not needed anymore 5638 + 5639 + ... as checksrc now skips comments 5640 + 5641 +- vtls.h: remove a space before semicolon 5642 + 5643 + ... that the new checksrc detected 5644 + 5645 +- darwinssl: removed commented out code 5646 + 5647 +- http_chunks: removed checksrc disable 5648 + 5649 + ... since checksrc now skips comments 5650 + 5651 +- imap: inlined checksrc disable instead of whitelist edit 5652 + 5653 +- checksrc: taught to skip comments 5654 + 5655 + ... but output non-stripped version of the line, even if that then can 5656 + make the script identify the wrong position in the line at 5657 + times. Showing the line stripped (ie without comments) is just too 5658 + surprising. 5659 + 5660 +- opts/Makefile.am: list all docs file one by one 5661 + 5662 + ... to make it easier to add lines in patches that won't just break all 5663 + other patches trying to add lines too. 5664 + 5665 +- curl_easy_setopt.3: mention CURLOPT_TCP_FASTOPEN 5666 + 5667 +- RELEASE-NOTES: synced with 03de4e4b219 5668 + 5669 + (since we just merged two major features) 5670 + 5671 +- [Alessandro Ghedini brought this change] 5672 + 5673 + connect: implement TCP Fast Open for Linux 5674 + 5675 + Closes #660 5676 + 5677 +- [Alessandro Ghedini brought this change] 5678 + 5679 + tool: add --tcp-fastopen option 5680 + 5681 +- [Alessandro Ghedini brought this change] 5682 + 5683 + connect: implement TCP Fast Open for OS X 5684 + 5685 +- [Alessandro Ghedini brought this change] 5686 + 5687 + url: add CURLOPT_TCP_FASTOPEN option 5688 + 5689 +- checksrc: pass on -D so the whitelists are found correctly 5690 + 5691 +- configure: remove check for libresolve 5692 + 5693 + 'strncasecmp' was once provided by libresolv (no trailing e) for SunOS, 5694 + but this check is broken and most likely adds nothing useful. Removing 5695 + now. 5696 + 5697 + Reported-by: Irfan Adilovic 5698 + 5699 + Discussed in #770 5700 + 5701 +- scripts/make: use $(EXEEXT) for executables 5702 + 5703 + Reported-by: bodop 5704 + 5705 + Fixes #771 5706 + 5707 +- includes: avoid duplicate memory callback typdefs even harder 5708 + 5709 +- checksrc/makefile.am: use $top_srcdir to find source files 5710 + 5711 + ... to properly support out of source tree builds. 5712 + 5713 +- RELEASE-NOTES: synced with 26ec93dd6aeba8dfb5 5714 + 5715 +- opts: fix option references missing (section) 5716 + 5717 +- [Michael Kaufmann brought this change] 5718 + 5719 + news: CURLOPT_CONNECT_TO and --connect-to 5720 + 5721 + Makes curl connect to the given host+port instead of the host+port found 5722 + in the URL. 5723 + 5724 +- makefile.vc6: use d suffix on debug object 5725 + 5726 + To allow both release and debug builds in parallel. 5727 + 5728 + Reported-by: Rod Widdowson 5729 + 5730 + Fixes #769 5731 + 5732 +Jay Satiro (12 Apr 2016) 5733 +- http2: Use size_t type for data drain count 5734 + 5735 + Ref: https://github.com/curl/curl/issues/659 5736 + Ref: https://github.com/curl/curl/pull/663 5737 + 5738 +- http2: Improve header parsing 5739 + 5740 + - Error if a header line is larger than supported. 5741 + 5742 + - Warn if cumulative header line length may be larger than supported. 5743 + 5744 + - Allow spaces when parsing the path component. 5745 + 5746 + - Make sure each header line ends in \r\n. This fixes an out of bounds. 5747 + 5748 + - Disallow header continuation lines until we decide what to do. 5749 + 5750 + Ref: https://github.com/curl/curl/issues/659 5751 + Ref: https://github.com/curl/curl/pull/663 5752 + 5753 +- http2: Add Curl_http2_strerror for HTTP/2 error codes 5754 + 5755 + Ref: https://github.com/curl/curl/issues/659 5756 + Ref: https://github.com/curl/curl/pull/663 5757 + 5758 +- [Tatsuhiro Tsujikawa brought this change] 5759 + 5760 + http2: Don't increment drain when one header field is received 5761 + 5762 + Sicne we write header field in temporary location, not in the memory 5763 + that upper layer provides, incrementing drain should not happen. 5764 + 5765 + Ref: https://github.com/curl/curl/issues/659 5766 + Ref: https://github.com/curl/curl/pull/663 5767 + 5768 +- [Tatsuhiro Tsujikawa brought this change] 5769 + 5770 + http2: Ensure that http2_handle_stream_close is called 5771 + 5772 + This commit ensures that streams which was closed in on_stream_close 5773 + callback gets passed to http2_handle_stream_close. Previously, this 5774 + might not happen. To achieve this, we increment drain property to 5775 + forcibly call recv function for that stream. 5776 + 5777 + To more accurately check that we have no pending event before shutting 5778 + down HTTP/2 session, we sum up drain property into 5779 + http_conn.drain_total. We only shutdown session if that value is 0. 5780 + 5781 + With this commit, when stream was closed before reading response 5782 + header fields, error code CURLE_HTTP2_STREAM is returned even if 5783 + HTTP/2 level error is NO_ERROR. This signals the upper layer that 5784 + stream was closed by error just like TCP connection close in HTTP/1. 5785 + 5786 + Ref: https://github.com/curl/curl/issues/659 5787 + Ref: https://github.com/curl/curl/pull/663 5788 + 5789 +- [Tatsuhiro Tsujikawa brought this change] 5790 + 5791 + http2: Process paused data first before tear down http2 session 5792 + 5793 + This commit ensures that data from network are processed before HTTP/2 5794 + session is terminated. This is achieved by pausing nghttp2 whenever 5795 + different stream than current easy handle receives data. 5796 + 5797 + This commit also fixes the bug that sometimes processing hangs when 5798 + multiple HTTP/2 streams are multiplexed. 5799 + 5800 + Ref: https://github.com/curl/curl/issues/659 5801 + Ref: https://github.com/curl/curl/pull/663 5802 + 5803 +- [Tatsuhiro Tsujikawa brought this change] 5804 + 5805 + http2: Check session closure early in http2_recv 5806 + 5807 + Ref: https://github.com/curl/curl/issues/659 5808 + Ref: https://github.com/curl/curl/pull/663 5809 + 5810 +- [Tatsuhiro Tsujikawa brought this change] 5811 + 5812 + http2: Add handling stream level error 5813 + 5814 + Previously, when a stream was closed with other than NGHTTP2_NO_ERROR 5815 + by RST_STREAM, underlying TCP connection was dropped. This is 5816 + undesirable since there may be other streams multiplexed and they are 5817 + very much fine. This change introduce new error code 5818 + CURLE_HTTP2_STREAM, which indicates stream error that only affects the 5819 + relevant stream, and connection should be kept open. The existing 5820 + CURLE_HTTP2 means connection error in general. 5821 + 5822 + Ref: https://github.com/curl/curl/issues/659 5823 + Ref: https://github.com/curl/curl/pull/663 5824 + 5825 +Daniel Stenberg (11 Apr 2016) 5826 +- http2: drain the socket better... 5827 + 5828 + ... but ignore EAGAIN if the stream has ended so that we don't end up in 5829 + a loop. This is a follow-up to c8ab613 in order to avoid the problem 5830 + d261652 was made to fix. 5831 + 5832 + Reported-by: Jay Satiro 5833 + Clues-provided-by: Tatsuhiro Tsujikawa 5834 + 5835 + Discussed in #750 5836 + 5837 +- KNOWN_BUGS: added info for "Hangs with PolarSSL" 5838 + 5839 +- KNOWN_BUGS: 1.9 HTTP/2 frames while in the connection pool kill reuse 5840 + 5841 + Closes #750 5842 + 5843 +- build: include scripts/ in the dist 5844 + 5845 +Steve Holme (9 Apr 2016) 5846 +- CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAME 5847 + 5848 + As these two options provide identical functionality, the former for 5849 + SOCK5 proxies and the latter for HTTP proxies, merged the two options 5850 + together. 5851 + 5852 + As such CURLOPT_SOCKS5_GSSAPI_SERVICE is marked as deprecated as of 5853 + 7.49.0. 5854 + 5855 +- urldata: Use bool for socks5_gssapi_nec as it is a flag 5856 + 5857 + This value is set to TRUE or FALSE so should be a bool and not a long. 5858 + 5859 +- url: Ternary operator code style changes 5860 + 5861 +- CODE_STYLE: Added ternary operator example to 'Space around operators' 5862 + 5863 + Following conversation on the libcurl mailing list. 5864 + 5865 +- sasl: Fixed compilation errors from commit 9d89a0387 5866 + 5867 + ...when GSS-API or Windows SSPI are not used. 5868 + 5869 +- url: Corrected comments following 9d89a0387 5870 + 5871 +- docs: Added clarification following commit 9d89a0387 5872 + 5873 +- Makefile: Fixed echo of checksrc check 5874 + 5875 +- checksrc: Fix issue with the autobuilds not picking up the whitelist 5876 + 5877 +- checksrc: Added missing vauth and vtls directories 5878 + 5879 +- ftp/imap/pop3/smtp: Allow the service name to be overridden 5880 + 5881 + Allow the service name to be overridden for DIGIST-MD5 and Kerberos 5 5882 + authentication in FTP, IMAP, POP3 and SMTP. 5883 + 5884 +- http_negotiate: Calculate service name and proxy service name locally 5885 + 5886 + Calculate the service name and proxy service names locally, rather than 5887 + in url.c which will allow for us to support overriding the service name 5888 + for other protocols such as FTP, IMAP, POP3 and SMTP. 5889 + 5890 +- ROADMAP: Updated following the move of the authentication code 5891 + 5892 +Patrick Monnerat (8 Apr 2016) 5893 +- KNOWN_BUGS: openldap hangs. TODO: binary SASL. 5894 + 5895 +Daniel Stenberg (8 Apr 2016) 5896 +- KNOWN_BUGS: 5.6 Improper use of Autoconf cache variables 5897 + 5898 + Closes #603 5899 + 5900 +- KNOWN_BUGS: 11.2 error buffer not set... 5901 + 5902 + Closes #544 5903 + 5904 +- KNOWN_BUGS: 11.1 Curl leaks .onion hostnames in DNS 5905 + 5906 + Closes #543 5907 + 5908 +- KNOWN_BUGS: 1.8 DNS timing is wrong for HTTP redirects 5909 + 5910 + Closes #522 5911 + 5912 +- TODO: HTTP/2 "prior knowledge" is implemented! 5913 + 5914 +- [Damien Vielpeau brought this change] 5915 + 5916 + mbedtls: fix MBEDTLS_DEBUG builds 5917 + 5918 +- mbedtls: implement and provide *_data_pending() 5919 + 5920 + ... as otherwise we might get stuck thinking there's no more data to 5921 + handle. 5922 + 5923 + Reported-by: Damien Vielpeau 5924 + 5925 + Fixes #737 5926 + 5927 +- mbedtls: follow-up for the previous commit 5928 + 5929 +- mbedtls.c: name space pollution fix, Use 'Curl_' 5930 + 5931 +- mbedtls.c: changed private prefix to mbed_ 5932 + 5933 + mbedtls_ is the prefix used by the mbedTLS library itself so we should 5934 + avoid using that for our private functions. 5935 + 5936 +- mbedtls.h: fix compiler warnings 5937 + 5938 +- Revert "winbuild: trying to set some files eol=crlf for git" 5939 + 5940 + This reverts commit 9c08b4f1e7eced5a4d3782a3e0daa484c9d77d21. 5941 + 5942 + Didn't help. Caused problems. 5943 + 5944 + Fixes #756 5945 + 5946 +- curl.1: use example.com more 5947 + 5948 + Make (most) example snippets use the example.com domain instead of the 5949 + random ones picked and used before. Some of those were probably 5950 + legitimate sites and some not. example.com is designed for this purpose. 5951 + 5952 +- [Michael Kaufmann brought this change] 5953 + 5954 + HTTP2: Add a space character after the status code 5955 + 5956 + The space character after the status code is mandatory, even if the 5957 + reason phrase is empty (see RFC 7230 section 3.1.2) 5958 + 5959 + Closes #755 5960 + 5961 +- [Viktor Szakats brought this change] 5962 + 5963 + URLs: change http to https in many places 5964 + 5965 + Closes #754 5966 + 5967 +- winbuild: trying to set some files eol=crlf for git 5968 + 5969 + Thinking it might help to apply patches etc with git. 5970 + 5971 +- [Theodore Dubois brought this change] 5972 + 5973 + curl.1: change example for -F 5974 + 5975 + It's a bad idea to send your passwords anywhere, especially over HTTP. 5976 + Modified example to send a picture instead. 5977 + 5978 + Fixes #752 5979 + 5980 +- KNOWN_BUGS: reorganized and cleaned up 5981 + 5982 + Now sorted into categories and organized in the same style we do the 5983 + TODO document. It will make each issue linked properly on the 5984 + https://curl.haxx.se/docs/knownbugs.html web page. 5985 + 5986 + The sections should make it easier to find issues and issues related to 5987 + areas of the reader's specific interest. 5988 + 5989 +Jay Satiro (6 Apr 2016) 5990 +- KNOWN_BUGS: #95 curl in Windows can't handle Unicode arguments 5991 + 5992 +Steve Holme (6 Apr 2016) 5993 +- KNOWN_BUGS: Use https://curl.haxx.se URL for github based issues 5994 + 5995 +- CHECKSRC.md: Corrected some typos 5996 + 5997 +- RELEASE-NOTES: Corrected last updated 5998 + 5999 + Included a summary of the checksrc.bat updates and combined two krb5 6000 + changes as they should have been implemented at the same time. 6001 + 6002 +- vauth: Corrected a number of typos in comments 6003 + 6004 + Reported-by: Michael Osipov 6005 + 6006 +Jay Satiro (5 Apr 2016) 6007 +- KNOWN_BUGS: #94 IMAP custom requests use the LIST handler 6008 + 6009 + Bug: https://github.com/curl/curl/issues/536 6010 + Reported-by: eXeC64@users.noreply.github.com 6011 + 6012 +Daniel Stenberg (5 Apr 2016) 6013 +- KNOWN_BUGS: remove 68, 70 and 72. 6014 + 6015 + Due to their age (we don't fully know if they actually remain) and lack 6016 + of detail - very few people will bother to find out what they're about 6017 + or work on them. If people truly still suffer from any of these, I 6018 + assume they will be reported again and then we'll deal with them. 6019 + 6020 + 72. "Pausing pipeline problems." 6021 + https://curl.haxx.se/mail/lib-2009-07/0214.html 6022 + 6023 + 70. Problem re-using easy handle after call to curl_multi_remove_handle 6024 + https://curl.haxx.se/mail/lib-2009-07/0249.html 6025 + 6026 + 68. "More questions about ares behavior". 6027 + https://curl.haxx.se/mail/lib-2009-08/0012.html 6028 + 6029 +- KNOWN_BUGS: remove 92 and 88, fixed 6030 + 6031 +- http2: fix connection reuse when PING comes after last DATA 6032 + 6033 + It turns out the google GFE HTTP/2 servers send a PING frame immediately 6034 + after a stream ends and its last DATA has been received by curl. So if 6035 + we don't drain that from the socket, it makes the socket readable in 6036 + subsequent checks and libcurl then (wrongly) assumes the connection is 6037 + dead when trying to reuse the connection. 6038 + 6039 + Reported-by: Joonas Kuorilehto 6040 + 6041 + Discussed in #750 6042 + 6043 +- multi: remove trailing space in debug output 6044 + 6045 +- RELEASE-NOTES: synced with 86e97b642fb 6046 + 6047 +- CHECKSRC.md: mention cmdline options, fix the bullet list 6048 + 6049 +- docs/CHECKSRC.md: initial version 6050 + 6051 +Steve Holme (3 Apr 2016) 6052 +- checksrc.bat: Added support for the examples 6053 + 6054 +Daniel Stenberg (3 Apr 2016) 6055 +- lib/src: fix the checksrc invoke 6056 + 6057 + ... now works correctly when invoke from the root makefile
Added scriptlibs/softwareupdate/curl/COPYING-libssh2.txt.
1 +/* Copyright (c) 2004-2007 Sara Golemon <sarag@libssh2.org> 2 + * Copyright (c) 2005,2006 Mikhail Gusarov <dottedmag@dottedmag.net> 3 + * Copyright (c) 2006-2007 The Written Word, Inc. 4 + * Copyright (c) 2007 Eli Fant <elifantu@mail.ru> 5 + * Copyright (c) 2009-2014 Daniel Stenberg 6 + * Copyright (C) 2008, 2009 Simon Josefsson 7 + * All rights reserved. 8 + * 9 + * Redistribution and use in source and binary forms, 10 + * with or without modification, are permitted provided 11 + * that the following conditions are met: 12 + * 13 + * Redistributions of source code must retain the above 14 + * copyright notice, this list of conditions and the 15 + * following disclaimer. 16 + * 17 + * Redistributions in binary form must reproduce the above 18 + * copyright notice, this list of conditions and the following 19 + * disclaimer in the documentation and/or other materials 20 + * provided with the distribution. 21 + * 22 + * Neither the name of the copyright holder nor the names 23 + * of any other contributors may be used to endorse or 24 + * promote products derived from this software without 25 + * specific prior written permission. 26 + * 27 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND 28 + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, 29 + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 30 + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 31 + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 32 + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 33 + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 34 + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 35 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 36 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 37 + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 38 + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 39 + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY 40 + * OF SUCH DAMAGE. 41 + */ 42 +
Added scriptlibs/softwareupdate/curl/COPYING-nghttp2.txt.
1 +The MIT License 2 + 3 +Copyright (c) 2012, 2014, 2015, 2016 Tatsuhiro Tsujikawa 4 +Copyright (c) 2012, 2014, 2015, 2016 nghttp2 contributors 5 + 6 +Permission is hereby granted, free of charge, to any person obtaining 7 +a copy of this software and associated documentation files (the 8 +"Software"), to deal in the Software without restriction, including 9 +without limitation the rights to use, copy, modify, merge, publish, 10 +distribute, sublicense, and/or sell copies of the Software, and to 11 +permit persons to whom the Software is furnished to do so, subject to 12 +the following conditions: 13 + 14 +The above copyright notice and this permission notice shall be 15 +included in all copies or substantial portions of the Software. 16 + 17 +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 18 +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 19 +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 20 +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 21 +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 22 +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 23 +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Added scriptlibs/softwareupdate/curl/COPYING-zlib.txt.
1 +ZLIB DATA COMPRESSION LIBRARY 2 + 3 +zlib 1.2.11 is a general purpose data compression library. All the code is 4 +thread safe. The data format used by the zlib library is described by RFCs 5 +(Request for Comments) 1950 to 1952 in the files 6 +http://tools.ietf.org/html/rfc1950 (zlib format), rfc1951 (deflate format) and 7 +rfc1952 (gzip format). 8 + 9 +All functions of the compression library are documented in the file zlib.h 10 +(volunteer to write man pages welcome, contact zlib@gzip.org). A usage example 11 +of the library is given in the file test/example.c which also tests that 12 +the library is working correctly. Another example is given in the file 13 +test/minigzip.c. The compression library itself is composed of all source 14 +files in the root directory. 15 + 16 +To compile all files and run the test program, follow the instructions given at 17 +the top of Makefile.in. In short "./configure; make test", and if that goes 18 +well, "make install" should work for most flavors of Unix. For Windows, use 19 +one of the special makefiles in win32/ or contrib/vstudio/ . For VMS, use 20 +make_vms.com. 21 + 22 +Questions about zlib should be sent to <zlib@gzip.org>, or to Gilles Vollant 23 +<info@winimage.com> for the Windows DLL version. The zlib home page is 24 +http://zlib.net/ . Before reporting a problem, please check this site to 25 +verify that you have the latest version of zlib; otherwise get the latest 26 +version and check whether the problem still exists or not. 27 + 28 +PLEASE read the zlib FAQ http://zlib.net/zlib_faq.html before asking for help. 29 + 30 +Mark Nelson <markn@ieee.org> wrote an article about zlib for the Jan. 1997 31 +issue of Dr. Dobb's Journal; a copy of the article is available at 32 +http://marknelson.us/1997/01/01/zlib-engine/ . 33 + 34 +The changes made in version 1.2.11 are documented in the file ChangeLog. 35 + 36 +Unsupported third party contributions are provided in directory contrib/ . 37 + 38 +zlib is available in Java using the java.util.zip package, documented at 39 +http://java.sun.com/developer/technicalArticles/Programming/compression/ . 40 + 41 +A Perl interface to zlib written by Paul Marquess <pmqs@cpan.org> is available 42 +at CPAN (Comprehensive Perl Archive Network) sites, including 43 +http://search.cpan.org/~pmqs/IO-Compress-Zlib/ . 44 + 45 +A Python interface to zlib written by A.M. Kuchling <amk@amk.ca> is 46 +available in Python 1.5 and later versions, see 47 +http://docs.python.org/library/zlib.html . 48 + 49 +zlib is built into tcl: http://wiki.tcl.tk/4610 . 50 + 51 +An experimental package to read and write files in .zip format, written on top 52 +of zlib by Gilles Vollant <info@winimage.com>, is available in the 53 +contrib/minizip directory of zlib. 54 + 55 + 56 +Notes for some targets: 57 + 58 +- For Windows DLL versions, please see win32/DLL_FAQ.txt 59 + 60 +- For 64-bit Irix, deflate.c must be compiled without any optimization. With 61 + -O, one libpng test fails. The test works in 32 bit mode (with the -n32 62 + compiler flag). The compiler bug has been reported to SGI. 63 + 64 +- zlib doesn't work with gcc 2.6.3 on a DEC 3000/300LX under OSF/1 2.1 it works 65 + when compiled with cc. 66 + 67 +- On Digital Unix 4.0D (formely OSF/1) on AlphaServer, the cc option -std1 is 68 + necessary to get gzprintf working correctly. This is done by configure. 69 + 70 +- zlib doesn't work on HP-UX 9.05 with some versions of /bin/cc. It works with 71 + other compilers. Use "make test" to check your compiler. 72 + 73 +- gzdopen is not supported on RISCOS or BEOS. 74 + 75 +- For PalmOs, see http://palmzlib.sourceforge.net/ 76 + 77 + 78 +Acknowledgments: 79 + 80 + The deflate format used by zlib was defined by Phil Katz. The deflate and 81 + zlib specifications were written by L. Peter Deutsch. Thanks to all the 82 + people who reported problems and suggested various improvements in zlib; they 83 + are too numerous to cite here. 84 + 85 +Copyright notice: 86 + 87 + (C) 1995-2017 Jean-loup Gailly and Mark Adler 88 + 89 + This software is provided 'as-is', without any express or implied 90 + warranty. In no event will the authors be held liable for any damages 91 + arising from the use of this software. 92 + 93 + Permission is granted to anyone to use this software for any purpose, 94 + including commercial applications, and to alter it and redistribute it 95 + freely, subject to the following restrictions: 96 + 97 + 1. The origin of this software must not be misrepresented; you must not 98 + claim that you wrote the original software. If you use this software 99 + in a product, an acknowledgment in the product documentation would be 100 + appreciated but is not required. 101 + 2. Altered source versions must be plainly marked as such, and must not be 102 + misrepresented as being the original software. 103 + 3. This notice may not be removed or altered from any source distribution. 104 + 105 + Jean-loup Gailly Mark Adler 106 + jloup@gzip.org madler@alumni.caltech.edu 107 + 108 +If you use the zlib library in a product, we would appreciate *not* receiving 109 +lengthy legal documents to sign. The sources are provided for free but without 110 +warranty of any kind. The library has been entirely written by Jean-loup 111 +Gailly and Mark Adler; it does not include third-party code. 112 + 113 +If you redistribute modified sources, we would appreciate that you include in 114 +the file ChangeLog history information documenting your changes. Please read 115 +the FAQ for more information on the distribution of modified source versions.
Added scriptlibs/softwareupdate/curl/COPYING.txt.
1 +COPYRIGHT AND PERMISSION NOTICE 2 + 3 +Copyright (c) 1996 - 2017, Daniel Stenberg, <daniel@haxx.se>, and many 4 +contributors, see the THANKS file. 5 + 6 +All rights reserved. 7 + 8 +Permission to use, copy, modify, and distribute this software for any purpose 9 +with or without fee is hereby granted, provided that the above copyright 10 +notice and this permission notice appear in all copies. 11 + 12 +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 13 +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 14 +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN 15 +NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, 16 +DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR 17 +OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE 18 +OR OTHER DEALINGS IN THE SOFTWARE. 19 + 20 +Except as contained in this notice, the name of a copyright holder shall not 21 +be used in advertising or otherwise to promote the sale, use or other dealings 22 +in this Software without prior written authorization of the copyright holder.
Added scriptlibs/softwareupdate/curl/LICENSE-openssl.txt.
1 + 2 + LICENSE ISSUES 3 + ============== 4 + 5 + The OpenSSL toolkit stays under a dual license, i.e. both the conditions of 6 + the OpenSSL License and the original SSLeay license apply to the toolkit. 7 + See below for the actual license texts. 8 + 9 + OpenSSL License 10 + --------------- 11 + 12 +/* ==================================================================== 13 + * Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved. 14 + * 15 + * Redistribution and use in source and binary forms, with or without 16 + * modification, are permitted provided that the following conditions 17 + * are met: 18 + * 19 + * 1. Redistributions of source code must retain the above copyright 20 + * notice, this list of conditions and the following disclaimer. 21 + * 22 + * 2. Redistributions in binary form must reproduce the above copyright 23 + * notice, this list of conditions and the following disclaimer in 24 + * the documentation and/or other materials provided with the 25 + * distribution. 26 + * 27 + * 3. All advertising materials mentioning features or use of this 28 + * software must display the following acknowledgment: 29 + * "This product includes software developed by the OpenSSL Project 30 + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 31 + * 32 + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 33 + * endorse or promote products derived from this software without 34 + * prior written permission. For written permission, please contact 35 + * openssl-core@openssl.org. 36 + * 37 + * 5. Products derived from this software may not be called "OpenSSL" 38 + * nor may "OpenSSL" appear in their names without prior written 39 + * permission of the OpenSSL Project. 40 + * 41 + * 6. Redistributions of any form whatsoever must retain the following 42 + * acknowledgment: 43 + * "This product includes software developed by the OpenSSL Project 44 + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 45 + * 46 + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 47 + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 48 + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 49 + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 50 + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 51 + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 52 + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 53 + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 54 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 55 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 56 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 57 + * OF THE POSSIBILITY OF SUCH DAMAGE. 58 + * ==================================================================== 59 + * 60 + * This product includes cryptographic software written by Eric Young 61 + * (eay@cryptsoft.com). This product includes software written by Tim 62 + * Hudson (tjh@cryptsoft.com). 63 + * 64 + */ 65 + 66 + Original SSLeay License 67 + ----------------------- 68 + 69 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 70 + * All rights reserved. 71 + * 72 + * This package is an SSL implementation written 73 + * by Eric Young (eay@cryptsoft.com). 74 + * The implementation was written so as to conform with Netscapes SSL. 75 + * 76 + * This library is free for commercial and non-commercial use as long as 77 + * the following conditions are aheared to. The following conditions 78 + * apply to all code found in this distribution, be it the RC4, RSA, 79 + * lhash, DES, etc., code; not just the SSL code. The SSL documentation 80 + * included with this distribution is covered by the same copyright terms 81 + * except that the holder is Tim Hudson (tjh@cryptsoft.com). 82 + * 83 + * Copyright remains Eric Young's, and as such any Copyright notices in 84 + * the code are not to be removed. 85 + * If this package is used in a product, Eric Young should be given attribution 86 + * as the author of the parts of the library used. 87 + * This can be in the form of a textual message at program startup or 88 + * in documentation (online or textual) provided with the package. 89 + * 90 + * Redistribution and use in source and binary forms, with or without 91 + * modification, are permitted provided that the following conditions 92 + * are met: 93 + * 1. Redistributions of source code must retain the copyright 94 + * notice, this list of conditions and the following disclaimer. 95 + * 2. Redistributions in binary form must reproduce the above copyright 96 + * notice, this list of conditions and the following disclaimer in the 97 + * documentation and/or other materials provided with the distribution. 98 + * 3. All advertising materials mentioning features or use of this software 99 + * must display the following acknowledgement: 100 + * "This product includes cryptographic software written by 101 + * Eric Young (eay@cryptsoft.com)" 102 + * The word 'cryptographic' can be left out if the rouines from the library 103 + * being used are not cryptographic related :-). 104 + * 4. If you include any Windows specific code (or a derivative thereof) from 105 + * the apps directory (application code) you must include an acknowledgement: 106 + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 107 + * 108 + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 109 + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 110 + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 111 + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 112 + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 113 + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 114 + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 115 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 116 + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 117 + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 118 + * SUCH DAMAGE. 119 + * 120 + * The licence and distribution terms for any publically available version or 121 + * derivative of this code cannot be changed. i.e. this code cannot simply be 122 + * copied and put under another distribution licence 123 + * [including the GNU Public Licence.] 124 + */ 125 +
Added scriptlibs/softwareupdate/curl/README.txt.
1 + _ _ ____ _ 2 + ___| | | | _ \| | 3 + / __| | | | |_) | | 4 + | (__| |_| | _ <| |___ 5 + \___|\___/|_| \_\_____| 6 + 7 +README 8 + 9 + Curl is a command line tool for transferring data specified with URL 10 + syntax. Find out how to use curl by reading the curl.1 man page or the 11 + MANUAL document. Find out how to install Curl by reading the INSTALL 12 + document. 13 + 14 + libcurl is the library curl is using to do its job. It is readily 15 + available to be used by your software. Read the libcurl.3 man page to 16 + learn how! 17 + 18 + You find answers to the most frequent questions we get in the FAQ document. 19 + 20 + Study the COPYING file for distribution terms and similar. If you distribute 21 + curl binaries or other binaries that involve libcurl, you might enjoy the 22 + LICENSE-MIXING document. 23 + 24 +CONTACT 25 + 26 + If you have problems, questions, ideas or suggestions, please contact us 27 + by posting to a suitable mailing list. See https://curl.haxx.se/mail/ 28 + 29 + All contributors to the project are listed in the THANKS document. 30 + 31 +WEB SITE 32 + 33 + Visit the curl web site for the latest news and downloads: 34 + 35 + https://curl.haxx.se/ 36 + 37 +GIT 38 + 39 + To download the very latest source off the GIT server do this: 40 + 41 + git clone https://github.com/curl/curl.git 42 + 43 + (you'll get a directory named curl created, filled with the source code) 44 + 45 +NOTICE 46 + 47 + Curl contains pieces of source code that is Copyright (c) 1998, 1999 48 + Kungliga Tekniska Högskolan. This notice is included here to comply with the 49 + distribution terms.
Added scriptlibs/softwareupdate/curl/RELEASE-NOTES.txt.
1 +Curl and libcurl 7.53.1 2 + 3 + Public curl releases: 164 4 + Command line options: 205 5 + curl_easy_setopt() options: 244 6 + Public functions in libcurl: 61 7 + Contributors: 1507 8 + 9 +This release includes the following bugfixes: 10 + 11 + o cyassl: fix typo 12 + o url: Improve CURLOPT_PROXY_CAPATH error handling [1] 13 + o urldata: include curl_sspi.h when Windows SSPI is enabled [2] 14 + o formdata: check for EOF when reading from stdin [3] 15 + o tests: Set CHARSET & LANG to UTF-8 in 1035, 2046 and 2047 [4] 16 + o url: Default the proxy CA bundle location to CURL_CA_BUNDLE [5] 17 + o rand: added missing #ifdef HAVE_FCNTL_H around fcntl.h header [6] 18 + 19 +This release includes the following known bugs: 20 + 21 + o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html) 22 + 23 +This release would not have looked like this without help, code, reports and 24 +advice from friends like these: 25 + 26 + Dan Fandrich, Daniel Stenberg, İsmail Dönmez, jveazey on github, Ray Satiro, 27 + Sergii Pylypenko, Shachaf Ben-Kiki, Viktor Szakáts, 28 + (8 contributors) 29 + 30 + Thanks! (and sorry if I forgot to mention someone) 31 + 32 +References to bug reports and discussions on issues: 33 + 34 + [1] = https://curl.haxx.se/bug/?i=1257 35 + [2] = https://curl.haxx.se/bug/?i=1276 36 + [3] = https://curl.haxx.se/bug/?i=1281 37 + [4] = https://curl.haxx.se/bug/?i=1277 38 + [5] = https://curl.haxx.se/bug/?i=1257 39 + [6] = https://curl.haxx.se/bug/?i=1285
Added scriptlibs/softwareupdate/curl/bin/curl-ca-bundle.crt.
1 +## 2 +## Bundle of CA Root Certificates 3 +## 4 +## Certificate data from Mozilla as of: Wed Jan 18 04:12:05 2017 GMT 5 +## 6 +## This is a bundle of X.509 certificates of public Certificate Authorities 7 +## (CA). These were automatically extracted from Mozilla's root certificates 8 +## file (certdata.txt). This file can be found in the mozilla source tree: 9 +## https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt 10 +## 11 +## It contains the certificates in PEM format and therefore 12 +## can be directly used with curl / libcurl / php_curl, or with 13 +## an Apache+mod_ssl webserver for SSL client authentication. 14 +## Just configure this file as the SSLCACertificateFile. 15 +## 16 +## Conversion done with mk-ca-bundle.pl version 1.27. 17 +## SHA256: dffa79e6aa993f558e82884abf7bb54bf440ab66ee91d82a27a627f6f2a4ace4 18 +## 19 + 20 + 21 +GlobalSign Root CA 22 +================== 23 +-----BEGIN CERTIFICATE----- 24 +MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UEBhMCQkUx 25 +GTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkds 26 +b2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAwMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNV 27 +BAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYD 28 +VQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa 29 +DuaZjc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6sc 30 +THAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4bwY8iGlb 31 +Kk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVtbNV4FpWi6cgKOOvyJBNP 32 +c1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrX 33 +gzT/LCrBbBlDSgeF59N89iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV 34 +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUF 35 +AAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOzyj1hTdNGCbM+w6Dj 36 +Y1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE38NflNUVyRRBnMRddWQVDf9VMOyG 37 +j/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymPAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhH 38 +hm4qxFYxldBniYUr+WymXUadDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveC 39 +X4XSQRjbgbMEHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== 40 +-----END CERTIFICATE----- 41 + 42 +GlobalSign Root CA - R2 43 +======================= 44 +-----BEGIN CERTIFICATE----- 45 +MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4GA1UECxMXR2xv 46 +YmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2Jh 47 +bFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxT 48 +aWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2ln 49 +bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6 50 +ErPLv4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8eoLrvozp 51 +s6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklqtTleiDTsvHgMCJiEbKjN 52 +S7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzdC9XZzPnqJworc5HGnRusyMvo4KD0L5CL 53 +TfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pazq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6C 54 +ygPCm48CAwEAAaOBnDCBmTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E 55 +FgQUm+IHV2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9i 56 +YWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG3lm0mi3f3BmGLjAN 57 +BgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4GsJ0/WwbgcQ3izDJr86iw8bmEbTUsp 58 +9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu 59 +01yiPqFbQfXf5WRDLenVOavSot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG7 60 +9G+dwfCMNYxdAfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 61 +TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== 62 +-----END CERTIFICATE----- 63 + 64 +Verisign Class 3 Public Primary Certification Authority - G3 65 +============================================================ 66 +-----BEGIN CERTIFICATE----- 67 +MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQswCQYDVQQGEwJV 68 +UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv 69 +cmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl 70 +IG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNh 71 +dGlvbiBBdXRob3JpdHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQsw 72 +CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy 73 +dXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhv 74 +cml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkg 75 +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC 76 +ggEBAMu6nFL8eB8aHm8bN3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1 77 +EUGO+i2tKmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGukxUc 78 +cLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBmCC+Vk7+qRy+oRpfw 79 +EuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJXwzw3sJ2zq/3avL6QaaiMxTJ5Xpj 80 +055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWuimi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA 81 +ERSWwauSCPc/L8my/uRan2Te2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5f 82 +j267Cz3qWhMeDGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC 83 +/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565pF4ErWjfJXir0 84 +xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGtTxzhT5yvDwyd93gN2PQ1VoDa 85 +t20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== 86 +-----END CERTIFICATE----- 87 + 88 +Entrust.net Premium 2048 Secure Server CA 89 +========================================= 90 +-----BEGIN CERTIFICATE----- 91 +MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChMLRW50cnVzdC5u 92 +ZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBpbmNvcnAuIGJ5IHJlZi4gKGxp 93 +bWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNV 94 +BAMTKkVudHJ1c3QubmV0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQx 95 +NzUwNTFaFw0yOTA3MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3 96 +d3d3LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTEl 97 +MCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5u 98 +ZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A 99 +MIIBCgKCAQEArU1LqRKGsuqjIAcVFmQqK0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOL 100 +Gp18EzoOH1u3Hs/lJBQesYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSr 101 +hRSGlVuXMlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVTXTzW 102 +nLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/HoZdenoVve8AjhUi 103 +VBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH4QIDAQABo0IwQDAOBgNVHQ8BAf8E 104 +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJ 105 +KoZIhvcNAQEFBQADggEBADubj1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPy 106 +T/4xmf3IDExoU8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf 107 +zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5bu/8j72gZyxKT 108 +J1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+bYQLCIt+jerXmCHG8+c8eS9e 109 +nNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/ErfF6adulZkMV8gzURZVE= 110 +-----END CERTIFICATE----- 111 + 112 +Baltimore CyberTrust Root 113 +========================= 114 +-----BEGIN CERTIFICATE----- 115 +MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJRTESMBAGA1UE 116 +ChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3li 117 +ZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoXDTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMC 118 +SUUxEjAQBgNVBAoTCUJhbHRpbW9yZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFs 119 +dGltb3JlIEN5YmVyVHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKME 120 +uyKrmD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjrIZ3AQSsB 121 +UnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeKmpYcqWe4PwzV9/lSEy/C 122 +G9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSuXmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9 123 +XbIGevOF6uvUA65ehD5f/xXtabz5OTZydc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjpr 124 +l3RjM71oGDHweI12v/yejl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoI 125 +VDaGezq1BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB 126 +BQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT929hkTI7gQCvlYpNRh 127 +cL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3WgxjkzSswF07r51XgdIGn9w/xZchMB5 128 +hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsa 129 +Y71k5h+3zvDyny67G7fyUIhzksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9H 130 +RCwBXbsdtTLSR9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp 131 +-----END CERTIFICATE----- 132 + 133 +AddTrust Low-Value Services Root 134 +================================ 135 +-----BEGIN CERTIFICATE----- 136 +MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML 137 +QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRU 138 +cnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMwMTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQsw 139 +CQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBO 140 +ZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEB 141 +AQUAA4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ulCDtbKRY6 142 +54eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6ntGO0/7Gcrjyvd7ZWxbWr 143 +oulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyldI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1 144 +Zmne3yzxbrww2ywkEtvrNTVokMsAsJchPXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJui 145 +GMx1I4S+6+JNM3GOGvDC+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8w 146 +HQYDVR0OBBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8EBTAD 147 +AQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBlMQswCQYDVQQGEwJT 148 +RTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEw 149 +HwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxt 150 +ZBsfzQ3duQH6lmM0MkhHma6X7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0Ph 151 +iVYrqW9yTkkz43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY 152 +eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJlpz/+0WatC7xr 153 +mYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOAWiFeIc9TVPC6b4nbqKqVz4vj 154 +ccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk= 155 +-----END CERTIFICATE----- 156 + 157 +AddTrust External Root 158 +====================== 159 +-----BEGIN CERTIFICATE----- 160 +MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEUMBIGA1UEChML 161 +QWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYD 162 +VQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEw 163 +NDgzOFowbzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRU 164 +cnVzdCBFeHRlcm5hbCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0Eg 165 +Um9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvtH7xsD821 166 ++iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9uMq/NzgtHj6RQa1wVsfw 167 +Tz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzXmk6vBbOmcZSccbNQYArHE504B4YCqOmo 168 +aSYYkKtMsE8jqzpPhNjfzp/haW+710LXa0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy 169 +2xSoRcRdKn23tNbE7qzNE0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv7 170 +7+ldU9U0WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYDVR0P 171 +BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0Jvf6xCZU7wO94CTL 172 +VBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEmMCQGA1UECxMdQWRk 173 +VHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsxIjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENB 174 +IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZl 175 +j7DYd7usQWxHYINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 176 +6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvCNr4TDea9Y355 177 +e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEXc4g/VhsxOBi0cQ+azcgOno4u 178 +G+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5amnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= 179 +-----END CERTIFICATE----- 180 + 181 +AddTrust Public Services Root 182 +============================= 183 +-----BEGIN CERTIFICATE----- 184 +MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEUMBIGA1UEChML 185 +QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSAwHgYDVQQDExdBZGRU 186 +cnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAxMDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJ 187 +BgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5l 188 +dHdvcmsxIDAeBgNVBAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEF 189 +AAOCAQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV6tsfSlbu 190 +nyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nXGCwwfQ56HmIexkvA/X1i 191 +d9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnPdzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSG 192 +Aa2Il+tmzV7R/9x98oTaunet3IAIx6eH1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAw 193 +HM+A+WD+eeSI8t0A65RF62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0G 194 +A1UdDgQWBBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB 195 +/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDELMAkGA1UEBhMCU0Ux 196 +FDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRUcnVzdCBUVFAgTmV0d29yazEgMB4G 197 +A1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4 198 +JNojVhaTdt02KLmuG7jD8WS6IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL 199 ++YPoRNWyQSW/iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao 200 +GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh4SINhwBk/ox9 201 +Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQmXiLsks3/QppEIW1cxeMiHV9H 202 +EufOX1362KqxMy3ZdvJOOjMMK7MtkAY= 203 +-----END CERTIFICATE----- 204 + 205 +AddTrust Qualified Certificates Root 206 +==================================== 207 +-----BEGIN CERTIFICATE----- 208 +MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEUMBIGA1UEChML 209 +QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSMwIQYDVQQDExpBZGRU 210 +cnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcx 211 +CzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQ 212 +IE5ldHdvcmsxIzAhBgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG 213 +9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwqxBb/4Oxx 214 +64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G87B4pfYOQnrjfxvM0PC3 215 +KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i2O+tCBGaKZnhqkRFmhJePp1tUvznoD1o 216 +L/BLcHwTOK28FSXx1s6rosAx1i+f4P8UWfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GR 217 +wVY18BTcZTYJbqukB8c10cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HU 218 +MIHRMB0GA1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/ 219 +BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6FrpGkwZzELMAkGA1UE 220 +BhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRUcnVzdCBUVFAgTmV0d29y 221 +azEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlmaWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQAD 222 +ggEBABmrder4i2VhlRO6aQTvhsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxG 223 +GuoYQ992zPlmhpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X 224 +dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3P6CxB9bpT9ze 225 +RXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9YiQBCYz95OdBEsIJuQRno3eDB 226 +iFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5noxqE= 227 +-----END CERTIFICATE----- 228 + 229 +Entrust Root Certification Authority 230 +==================================== 231 +-----BEGIN CERTIFICATE----- 232 +MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMCVVMxFjAUBgNV 233 +BAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0Lm5ldC9DUFMgaXMgaW5jb3Jw 234 +b3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMWKGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsG 235 +A1UEAxMkRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0 236 +MloXDTI2MTEyNzIwNTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMu 237 +MTkwNwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSByZWZlcmVu 238 +Y2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNVBAMTJEVudHJ1c3QgUm9v 239 +dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB 240 +ALaVtkNC+sZtKm9I35RMOVcF7sN5EUFoNu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYsz 241 +A9u3g3s+IIRe7bJWKKf44LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOww 242 +Cj0Yzfv9KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGIrb68 243 +j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi94DkZfs0Nw4pgHBN 244 +rziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOBsDCBrTAOBgNVHQ8BAf8EBAMCAQYw 245 +DwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAigA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1 246 +MzQyWjAfBgNVHSMEGDAWgBRokORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DH 247 +hmak8fdLQ/uEvW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA 248 +A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9tO1KzKtvn1ISM 249 +Y/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6ZuaAGAT/3B+XxFNSRuzFVJ7yVTa 250 +v52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTS 251 +W3iDVuycNsMm4hH2Z0kdkquM++v/eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0 252 +tHuu2guQOHXvgR1m0vdXcDazv/wor3ElhVsT/h5/WrQ8 253 +-----END CERTIFICATE----- 254 + 255 +GeoTrust Global CA 256 +================== 257 +-----BEGIN CERTIFICATE----- 258 +MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVTMRYwFAYDVQQK 259 +Ew1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9iYWwgQ0EwHhcNMDIwNTIxMDQw 260 +MDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5j 261 +LjEbMBkGA1UEAxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 262 +CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjo 263 +BbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDviS2Aelet 264 +8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU1XupGc1V3sjs0l44U+Vc 265 +T4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagU 266 +vTLrGAMoUgRx5aszPeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTAD 267 +AQH/MB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVk 268 +DBF9qn1luMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKInZ57Q 269 +zxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfStQWVYrmm3ok9Nns4 270 +d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcFPseKUgzbFbS9bZvlxrFUaKnjaZC2 271 +mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Unhw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6p 272 +XE0zX5IJL4hmXXeXxx12E6nV5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvm 273 +Mw== 274 +-----END CERTIFICATE----- 275 + 276 +GeoTrust Global CA 2 277 +==================== 278 +-----BEGIN CERTIFICATE----- 279 +MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN 280 +R2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFsIENBIDIwHhcNMDQwMzA0MDUw 281 +MDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5j 282 +LjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw 283 +ggEKAoIBAQDvPE1APRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/ 284 +NTL8Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hLTytCOb1k 285 +LUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL5mkWRxHCJ1kDs6ZgwiFA 286 +Vvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7S4wMcoKK+xfNAGw6EzywhIdLFnopsk/b 287 +HdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQF 288 +MAMBAf8wHQYDVR0OBBYEFHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNH 289 +K266ZUapEBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6tdEPx7 290 +srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv/NgdRN3ggX+d6Yvh 291 +ZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywNA0ZF66D0f0hExghAzN4bcLUprbqL 292 +OzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkC 293 +x1YAzUm5s2x7UwQa4qjJqhIFI8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqF 294 +H4z1Ir+rzoPz4iIprn2DQKi6bA== 295 +-----END CERTIFICATE----- 296 + 297 +GeoTrust Universal CA 298 +===================== 299 +-----BEGIN CERTIFICATE----- 300 +MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN 301 +R2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVyc2FsIENBMB4XDTA0MDMwNDA1 302 +MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu 303 +Yy4xHjAcBgNVBAMTFUdlb1RydXN0IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIP 304 +ADCCAgoCggIBAKYVVaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9t 305 +JPi8cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTTQjOgNB0e 306 +RXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFhF7em6fgemdtzbvQKoiFs 307 +7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2vc7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d 308 +8Lsrlh/eezJS/R27tQahsiFepdaVaH/wmZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7V 309 +qnJNk22CDtucvc+081xdVHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3Cga 310 +Rr0BHdCXteGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZf9hB 311 +Z3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfReBi9Fi1jUIxaS5BZu 312 +KGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+nhutxx9z3SxPGWX9f5NAEC7S8O08 313 +ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0 314 +XG0D08DYj3rWMB8GA1UdIwQYMBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIB 315 +hjANBgkqhkiG9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc 316 +aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fXIwjhmF7DWgh2 317 +qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzynANXH/KttgCJwpQzgXQQpAvvL 318 +oJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0zuzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsK 319 +xr2EoyNB3tZ3b4XUhRxQ4K5RirqNPnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxF 320 +KyDuSN/n3QmOGKjaQI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2 321 +DFKWkoRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9ER/frslK 322 +xfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQtDF4JbAiXfKM9fJP/P6EU 323 +p8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/SfuvmbJxPgWp6ZKy7PtXny3YuxadIwVyQD8vI 324 +P/rmMuGNG2+k5o7Y+SlIis5z/iw= 325 +-----END CERTIFICATE----- 326 + 327 +GeoTrust Universal CA 2 328 +======================= 329 +-----BEGIN CERTIFICATE----- 330 +MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN 331 +R2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVyc2FsIENBIDIwHhcNMDQwMzA0 332 +MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3Qg 333 +SW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUA 334 +A4ICDwAwggIKAoICAQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0 335 +DE81WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUGFF+3Qs17 336 +j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdqXbboW0W63MOhBW9Wjo8Q 337 +JqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxLse4YuU6W3Nx2/zu+z18DwPw76L5GG//a 338 +QMJS9/7jOvdqdzXQ2o3rXhhqMcceujwbKNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2 339 +WP0+GfPtDCapkzj4T8FdIgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP 340 +20gaXT73y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRthAAn 341 +ZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgocQIgfksILAAX/8sgC 342 +SqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4Lt1ZrtmhN79UNdxzMk+MBB4zsslG 343 +8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2 344 ++/CfXGJx7Tz0RzgQKzAfBgNVHSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8E 345 +BAMCAYYwDQYJKoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z 346 +dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQL1EuxBRa3ugZ 347 +4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgrFg5fNuH8KrUwJM/gYwx7WBr+ 348 +mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSoag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpq 349 +A1Ihn0CoZ1Dy81of398j9tx4TuaYT1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpg 350 +Y+RdM4kX2TGq2tbzGDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiP 351 +pm8m1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJVOCiNUW7d 352 +FGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH6aLcr34YEoP9VhdBLtUp 353 +gn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwXQMAJKOSLakhT2+zNVVXxxvjpoixMptEm 354 +X36vWkzaH6byHCx+rgIW0lbQL1dTR+iS 355 +-----END CERTIFICATE----- 356 + 357 +Visa eCommerce Root 358 +=================== 359 +-----BEGIN CERTIFICATE----- 360 +MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBrMQswCQYDVQQG 361 +EwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2Ug 362 +QXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2 363 +WhcNMjIwNjI0MDAxNjEyWjBrMQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMm 364 +VmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv 365 +bW1lcmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h2mCxlCfL 366 +F9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4ElpF7sDPwsRROEW+1QK8b 367 +RaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdVZqW1LS7YgFmypw23RuwhY/81q6UCzyr0 368 +TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI 369 +/k4+oKsGGelT84ATB+0tvz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzs 370 +GHxBvfaLdXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG 371 +MB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUFAAOCAQEAX/FBfXxc 372 +CLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcRzCSs00Rsca4BIGsDoo8Ytyk6feUW 373 +YFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pz 374 +zkWKsKZJ/0x9nXGIxHYdkFsd7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBu 375 +YQa7FkKMcPcw++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt 376 +398znM/jra6O1I7mT1GvFpLgXPYHDw== 377 +-----END CERTIFICATE----- 378 + 379 +Certum Root CA 380 +============== 381 +-----BEGIN CERTIFICATE----- 382 +MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQK 383 +ExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBDQTAeFw0wMjA2MTExMDQ2Mzla 384 +Fw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8u 385 +by4xEjAQBgNVBAMTCUNlcnR1bSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6x 386 +wS7TT3zNJc4YPk/EjG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdL 387 +kKWoePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GIULdtlkIJ 388 +89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapuOb7kky/ZR6By6/qmW6/K 389 +Uz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUgAKpoC6EahQGcxEZjgoi2IrHu/qpGWX7P 390 +NSzVttpd90gzFFS269lvzs2I1qsb2pY7HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkq 391 +hkiG9w0BAQUFAAOCAQEAuI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+ 392 +GXYkHAQaTOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTgxSvg 393 +GrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1qCjqTE5s7FCMTY5w/ 394 +0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5xO/fIR/RpbxXyEV6DHpx8Uq79AtoS 395 +qFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs6GAqm4VKQPNriiTsBhYscw== 396 +-----END CERTIFICATE----- 397 + 398 +Comodo AAA Services root 399 +======================== 400 +-----BEGIN CERTIFICATE----- 401 +MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS 402 +R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg 403 +TGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAw 404 +MFoXDTI4MTIzMTIzNTk1OVowezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hl 405 +c3RlcjEQMA4GA1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV 406 +BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC 407 +ggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQuaBtDFcCLNSS1UY8y2bmhG 408 +C1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe3M/vg4aijJRPn2jymJBGhCfHdr/jzDUs 409 +i14HZGWCwEiwqJH5YZ92IFCokcdmtet4YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszW 410 +Y19zjNoFmag4qMsXeDZRrOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjH 411 +Ypy+g8cmez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQUoBEK 412 +Iz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wewYDVR0f 413 +BHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNl 414 +cy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29tb2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2Vz 415 +LmNybDANBgkqhkiG9w0BAQUFAAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm 416 +7l3sAg9g1o1QGE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz 417 +Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2G9w84FoVxp7Z 418 +8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsil2D4kF501KKaU73yqWjgom7C 419 +12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== 420 +-----END CERTIFICATE----- 421 + 422 +Comodo Secure Services root 423 +=========================== 424 +-----BEGIN CERTIFICATE----- 425 +MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS 426 +R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg 427 +TGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAw 428 +MDAwMFoXDTI4MTIzMTIzNTk1OVowfjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFu 429 +Y2hlc3RlcjEQMA4GA1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAi 430 +BgNVBAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP 431 +ADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPMcm3ye5drswfxdySRXyWP 432 +9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3SHpR7LZQdqnXXs5jLrLxkU0C8j6ysNstc 433 +rbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rC 434 +oznl2yY4rYsK7hljxxwk3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3V 435 +p6ea5EQz6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNVHQ4E 436 +FgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w 437 +gYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1NlY3VyZUNlcnRpZmlj 438 +YXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRwOi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlm 439 +aWNhdGVTZXJ2aWNlcy5jcmwwDQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm 440 +4J4oqF7Tt/Q05qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj 441 +Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtIgKvcnDe4IRRL 442 +DXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJaD61JlfutuC23bkpgHl9j6Pw 443 +pCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDlizeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1H 444 +RR3B7Hzs/Sk= 445 +-----END CERTIFICATE----- 446 + 447 +Comodo Trusted Services root 448 +============================ 449 +-----BEGIN CERTIFICATE----- 450 +MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS 451 +R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg 452 +TGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEw 453 +MDAwMDBaFw0yODEyMzEyMzU5NTlaMH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1h 454 +bmNoZXN0ZXIxEDAOBgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUw 455 +IwYDVQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0BAQEFAAOC 456 +AQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWWfnJSoBVC21ndZHoa0Lh7 457 +3TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMtTGo87IvDktJTdyR0nAducPy9C1t2ul/y 458 +/9c3S0pgePfw+spwtOpZqqPOSC+pw7ILfhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6 459 +juljatEPmsbS9Is6FARW1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsS 460 +ivnkBbA7kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0GA1Ud 461 +DgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB 462 +/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21vZG9jYS5jb20vVHJ1c3RlZENlcnRp 463 +ZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRodHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENl 464 +cnRpZmljYXRlU2VydmljZXMuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8Ntw 465 +uleGFTQQuS9/HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32 466 +pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxISjBc/lDb+XbDA 467 +BHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+xqFx7D+gIIxmOom0jtTYsU0l 468 +R+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/AtyjcndBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O 469 +9y5Xt5hwXsjEeLBi 470 +-----END CERTIFICATE----- 471 + 472 +QuoVadis Root CA 473 +================ 474 +-----BEGIN CERTIFICATE----- 475 +MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJCTTEZMBcGA1UE 476 +ChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 477 +eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAz 478 +MTkxODMzMzNaFw0yMTAzMTcxODMzMzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRp 479 +cyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQD 480 +EyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF 481 +AAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Ypli4kVEAkOPcahdxYTMuk 482 +J0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2DrOpm2RgbaIr1VxqYuvXtdj182d6UajtL 483 +F8HVj71lODqV0D1VNk7feVcxKh7YWWVJWCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeL 484 +YzcS19Dsw3sgQUSj7cugF+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWen 485 +AScOospUxbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCCAk4w 486 +PQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVvdmFkaXNvZmZzaG9y 487 +ZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREwggENMIIBCQYJKwYBBAG+WAABMIH7 488 +MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNlIG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmlj 489 +YXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJs 490 +ZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh 491 +Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYIKwYBBQUHAgEW 492 +Fmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3TKbkGGew5Oanwl4Rqy+/fMIGu 493 +BgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rqy+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkw 494 +FwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0 495 +aG9yaXR5MS4wLAYDVQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6 496 +tlCLMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSkfnIYj9lo 497 +fFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf87C9TqnN7Az10buYWnuul 498 +LsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1RcHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2x 499 +gI4JVrmcGmD+XcHXetwReNDWXcG31a0ymQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi 500 +5upZIof4l/UO/erMkqQWxFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi 501 +5nrQNiOKSnQ2+Q== 502 +-----END CERTIFICATE----- 503 + 504 +QuoVadis Root CA 2 505 +================== 506 +-----BEGIN CERTIFICATE----- 507 +MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoT 508 +EFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0wNjExMjQx 509 +ODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM 510 +aW1pdGVkMRswGQYDVQQDExJRdW9WYWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4IC 511 +DwAwggIKAoICAQCaGMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6 512 +XJxgFyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55JWpzmM+Yk 513 +lvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bBrrcCaoF6qUWD4gXmuVbB 514 +lDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp+ARz8un+XJiM9XOva7R+zdRcAitMOeGy 515 +lZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt 516 +66/3FsvbzSUr5R/7mp/iUcw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1Jdxn 517 +wQ5hYIizPtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og/zOh 518 +D7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UHoycR7hYQe7xFSkyy 519 +BNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuIyV77zGHcizN300QyNQliBJIWENie 520 +J0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1Ud 521 +DgQWBBQahGK8SEwzJQTU7tD2A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGU 522 +a6FJpEcwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT 523 +ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2fBluornFdLwUv 524 +Z+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzng/iN/Ae42l9NLmeyhP3ZRPx3 525 +UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2BlfF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodm 526 +VjB3pjd4M1IQWK4/YY7yarHvGH5KWWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK 527 ++JDSV6IZUaUtl0HaB0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrW 528 +IozchLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPRTUIZ3Ph1 529 +WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWDmbA4CD/pXvk1B+TJYm5X 530 +f6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0ZohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II 531 +4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8 532 +VCLAAVBpQ570su9t+Oza8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u 533 +-----END CERTIFICATE----- 534 + 535 +QuoVadis Root CA 3 536 +================== 537 +-----BEGIN CERTIFICATE----- 538 +MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoT 539 +EFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMzAeFw0wNjExMjQx 540 +OTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM 541 +aW1pdGVkMRswGQYDVQQDExJRdW9WYWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4IC 542 +DwAwggIKAoICAQDMV0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNgg 543 +DhoB4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUrH556VOij 544 +KTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd8lyyBTNvijbO0BNO/79K 545 +DDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9CabwvvWhDFlaJKjdhkf2mrk7AyxRllDdLkgbv 546 +BNDInIjbC3uBr7E9KsRlOni27tyAsdLTmZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwp 547 +p5ijJUMv7/FfJuGITfhebtfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8 548 +nT8KKdjcT5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDtWAEX 549 +MJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZc6tsgLjoC2SToJyM 550 +Gf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A4iLItLRkT9a6fUg+qGkM17uGcclz 551 +uD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYDVR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHT 552 +BgkrBgEEAb5YAAMwgcUwgZMGCCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmlj 553 +YXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 554 +aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVudC4wLQYIKwYB 555 +BQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2NwczALBgNVHQ8EBAMCAQYwHQYD 556 +VR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4GA1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4 557 +ywLQoUmkRzBFMQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UE 558 +AxMSUXVvVmFkaXMgUm9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZV 559 +qyM07ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSemd1o417+s 560 +hvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd+LJ2w/w4E6oM3kJpK27z 561 +POuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2 562 +Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadNt54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp 563 +8kokUvd0/bpO5qgdAm6xDYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBC 564 +bjPsMZ57k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6szHXu 565 +g/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0jWy10QJLZYxkNc91p 566 +vGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeTmJlglFwjz1onl14LBQaTNx47aTbr 567 +qZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK4SVhM7JZG+Ju1zdXtg2pEto= 568 +-----END CERTIFICATE----- 569 + 570 +Security Communication Root CA 571 +============================== 572 +-----BEGIN CERTIFICATE----- 573 +MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMP 574 +U0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEw 575 +HhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMP 576 +U0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEw 577 +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw 578 +8yl89f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJDKaVv0uM 579 +DPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9Ms+k2Y7CI9eNqPPYJayX 580 +5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/NQV3Is00qVUarH9oe4kA92819uZKAnDfd 581 +DJZkndwi92SL32HeFZRSFaB9UslLqCHJxrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2 582 +JChzAgMBAAGjPzA9MB0GA1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYw 583 +DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vGkl3g 584 +0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfrUj94nK9NrvjVT8+a 585 +mCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5Bw+SUEmK3TGXX8npN6o7WWWXlDLJ 586 +s58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJUJRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ 587 +6rBK+1YWc26sTfcioU+tHXotRSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAi 588 +FL39vmwLAw== 589 +-----END CERTIFICATE----- 590 + 591 +Sonera Class 2 Root CA 592 +====================== 593 +-----BEGIN CERTIFICATE----- 594 +MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEPMA0GA1UEChMG 595 +U29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAxMDQwNjA3Mjk0MFoXDTIxMDQw 596 +NjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNVBAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJh 597 +IENsYXNzMiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3 598 +/Ei9vX+ALTU74W+oZ6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybT 599 +dXnt5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s3TmVToMG 600 +f+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2EjvOr7nQKV0ba5cTppCD8P 601 +tOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu8nYybieDwnPz3BjotJPqdURrBGAgcVeH 602 +nfO+oJAjPYok4doh28MCAwEAAaMzMDEwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITT 603 +XjwwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt 604 +0jSv9zilzqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/3DEI 605 +cbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvDFNr450kkkdAdavph 606 +Oe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6Tk6ezAyNlNzZRZxe7EJQY670XcSx 607 +EtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLH 608 +llpwrN9M 609 +-----END CERTIFICATE----- 610 + 611 +UTN USERFirst Hardware Root CA 612 +============================== 613 +-----BEGIN CERTIFICATE----- 614 +MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UE 615 +BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl 616 +IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAd 617 +BgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgx 618 +OTIyWjCBlzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0 619 +eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVz 620 +ZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdhcmUwggEiMA0GCSqGSIb3 621 +DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlI 622 +wrthdBKWHTxqctU8EGc6Oe0rE81m65UJM6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFd 623 +tqdt++BxF2uiiPsA3/4aMXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8 624 +i4fDidNdoI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqIDsjf 625 +Pe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9KsyoUhbAgMBAAGjgbkw 626 +gbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFKFyXyYbKJhDlV0HN9WF 627 +lp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNF 628 +UkZpcnN0LUhhcmR3YXJlLmNybDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUF 629 +BwMGBggrBgEFBQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM 630 +//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28GpgoiskliCE7/yMgUsogW 631 +XecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gECJChicsZUN/KHAG8HQQZexB2 632 +lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kn 633 +iCrVWFCVH/A7HFe7fRQ5YiuayZSSKqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67 634 +nfhmqA== 635 +-----END CERTIFICATE----- 636 + 637 +Camerfirma Chambers of Commerce Root 638 +==================================== 639 +-----BEGIN CERTIFICATE----- 640 +MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEnMCUGA1UEChMe 641 +QUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1i 642 +ZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAx 643 +NjEzNDNaFw0zNzA5MzAxNjEzNDRaMH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZp 644 +cm1hIFNBIENJRiBBODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3Jn 645 +MSIwIAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0BAQEFAAOC 646 +AQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtbunXF/KGIJPov7coISjlU 647 +xFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0dBmpAPrMMhe5cG3nCYsS4No41XQEMIwRH 648 +NaqbYE6gZj3LJgqcQKH0XZi/caulAGgq7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jW 649 +DA+wWFjbw2Y3npuRVDM30pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFV 650 +d9oKDMyXroDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIGA1Ud 651 +EwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5jaGFtYmVyc2lnbi5v 652 +cmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p26EpW1eLTXYGduHRooowDgYDVR0P 653 +AQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hh 654 +bWJlcnNpZ24ub3JnMCcGA1UdEgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYD 655 +VR0gBFEwTzBNBgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz 656 +aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEBAAxBl8IahsAi 657 +fJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZdp0AJPaxJRUXcLo0waLIJuvvD 658 +L8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wN 659 +UPf6s+xCX6ndbcj0dc97wXImsQEcXCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/n 660 +ADydb47kMgkdTXg0eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1 661 +erfutGWaIZDgqtCYvDi1czyL+Nw= 662 +-----END CERTIFICATE----- 663 + 664 +Camerfirma Global Chambersign Root 665 +================================== 666 +-----BEGIN CERTIFICATE----- 667 +MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEnMCUGA1UEChMe 668 +QUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1i 669 +ZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYx 670 +NDE4WhcNMzcwOTMwMTYxNDE4WjB9MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJt 671 +YSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEg 672 +MB4GA1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUAA4IBDQAw 673 +ggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0Mi+ITaFgCPS3CU6gSS9J 674 +1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/sQJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8O 675 +by4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpVeAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl 676 +6DJWk0aJqCWKZQbua795B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c 677 +8lCrEqWhz0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0TAQH/ 678 +BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1iZXJzaWduLm9yZy9j 679 +aGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4wTcbOX60Qq+UDpfqpFDAOBgNVHQ8B 680 +Af8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBj 681 +aGFtYmVyc2lnbi5vcmcwKgYDVR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9y 682 +ZzBbBgNVHSAEVDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh 683 +bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0BAQUFAAOCAQEA 684 +PDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUMbKGKfKX0j//U2K0X1S0E0T9Y 685 +gOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXiryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJ 686 +PJ7oKXqJ1/6v/2j1pReQvayZzKWGVwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4 687 +IBHNfTIzSJRUTN3cecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREes 688 +t2d/AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== 689 +-----END CERTIFICATE----- 690 + 691 +XRamp Global CA Root 692 +==================== 693 +-----BEGIN CERTIFICATE----- 694 +MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UE 695 +BhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2Vj 696 +dXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB 697 +dXRob3JpdHkwHhcNMDQxMTAxMTcxNDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMx 698 +HjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkg 699 +U2VydmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp 700 +dHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS638eMpSe2OAtp87ZOqCwu 701 +IR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCPKZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMx 702 +foArtYzAQDsRhtDLooY2YKTVMIJt2W7QDxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FE 703 +zG+gSqmUsE3a56k0enI4qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqs 704 +AxcZZPRaJSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNViPvry 705 +xS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1Ud 706 +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASsjVy16bYbMDYGA1UdHwQvMC0wK6Ap 707 +oCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMC 708 +AQEwDQYJKoZIhvcNAQEFBQADggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc 709 +/Kh4ZzXxHfARvbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt 710 +qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLaIR9NmXmd4c8n 711 +nxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSyi6mx5O+aGtA9aZnuqCij4Tyz 712 +8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQO+7ETPTsJ3xCwnR8gooJybQDJbw= 713 +-----END CERTIFICATE----- 714 + 715 +Go Daddy Class 2 CA 716 +=================== 717 +-----BEGIN CERTIFICATE----- 718 +MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMY 719 +VGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRp 720 +ZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkG 721 +A1UEBhMCVVMxITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28g 722 +RGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQAD 723 +ggENADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCAPVYYYwhv 724 +2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6wwdhFJ2+qN1j3hybX2C32 725 +qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXiEqITLdiOr18SPaAIBQi2XKVlOARFmR6j 726 +YGB0xUGlcmIbYsUfb18aQr4CUWWoriMYavx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmY 727 +vLEHZ6IVDd2gWMZEewo+YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0O 728 +BBYEFNLEsNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h/t2o 729 +atTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMu 730 +MTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwG 731 +A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wim 732 +PQoZ+YeAEW5p5JYXMP80kWNyOO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKt 733 +I3lpjbi2Tc7PTMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ 734 +HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mERdEr/VxqHD3VI 735 +Ls9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5CufReYNnyicsbkqWletNw+vHX/b 736 +vZ8= 737 +-----END CERTIFICATE----- 738 + 739 +Starfield Class 2 CA 740 +==================== 741 +-----BEGIN CERTIFICATE----- 742 +MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzElMCMGA1UEChMc 743 +U3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZpZWxkIENsYXNzIDIg 744 +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQwNjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBo 745 +MQswCQYDVQQGEwJVUzElMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAG 746 +A1UECxMpU3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqG 747 +SIb3DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf8MOh2tTY 748 +bitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN+lq2cwQlZut3f+dZxkqZ 749 +JRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVm 750 +epsZGD3/cVE8MC5fvj13c7JdBmzDI1aaK4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSN 751 +F4Azbl5KXZnJHoe0nRrA1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HF 752 +MIHCMB0GA1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fRzt0f 753 +hvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNo 754 +bm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBDbGFzcyAyIENlcnRpZmljYXRpb24g 755 +QXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGs 756 +afPzWdqbAYcaT1epoXkJKtv3L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLM 757 +PUxA2IGvd56Deruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl 758 +xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynpVSJYACPq4xJD 759 +KVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEYWQPJIrSPnNVeKtelttQKbfi3 760 +QBFGmh95DmK/D5fs4C8fF5Q= 761 +-----END CERTIFICATE----- 762 + 763 +StartCom Certification Authority 764 +================================ 765 +-----BEGIN CERTIFICATE----- 766 +MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMN 767 +U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu 768 +ZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0 769 +NjM2WhcNMzYwOTE3MTk0NjM2WjB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRk 770 +LjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMg 771 +U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw 772 +ggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZkpMyONvg45iPwbm2xPN1y 773 +o4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rfOQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/ 774 +Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/CJi/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/d 775 +eMotHweXMAEtcnn6RtYTKqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt 776 +2PZE4XNiHzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMMAv+Z 777 +6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w+2OqqGwaVLRcJXrJ 778 +osmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/ 779 +untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVc 780 +UjyJthkqcwEKDwOzEmDyei+B26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT 781 +37uMdBNSSwIDAQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE 782 +FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9jZXJ0LnN0YXJ0 783 +Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3JsLnN0YXJ0Y29tLm9yZy9zZnNj 784 +YS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFMBgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUH 785 +AgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRw 786 +Oi8vY2VydC5zdGFydGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYg 787 +U3RhcnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlhYmlsaXR5 788 +LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2YgdGhlIFN0YXJ0Q29tIENl 789 +cnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFpbGFibGUgYXQgaHR0cDovL2NlcnQuc3Rh 790 +cnRjb20ub3JnL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilT 791 +dGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOC 792 +AgEAFmyZ9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8jhvh 793 +3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUWFjgKXlf2Ysd6AgXm 794 +vB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJzewT4F+irsfMuXGRuczE6Eri8sxHk 795 +fY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3 796 +fsNrarnDy0RLrHiQi+fHLB5LEUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZ 797 +EoalHmdkrQYuL6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq 798 +yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuCO3NJo2pXh5Tl 799 +1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6Vum0ABj6y6koQOdjQK/W/7HW/ 800 +lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkyShNOsF/5oirpt9P/FlUQqmMGqz9IgcgA38coro 801 +g14= 802 +-----END CERTIFICATE----- 803 + 804 +Taiwan GRCA 805 +=========== 806 +-----BEGIN CERTIFICATE----- 807 +MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/MQswCQYDVQQG 808 +EwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4X 809 +DTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1owPzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dv 810 +dmVybm1lbnQgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQAD 811 +ggIPADCCAgoCggIBAJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qN 812 +w8XRIePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1qgQdW8or5 813 +BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKyyhwOeYHWtXBiCAEuTk8O 814 +1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAtsF/tnyMKtsc2AtJfcdgEWFelq16TheEfO 815 +htX7MfP6Mb40qij7cEwdScevLJ1tZqa2jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wov 816 +J5pGfaENda1UhhXcSTvxls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7 817 +Q3hub/FCVGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHKYS1t 818 +B6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoHEgKXTiCQ8P8NHuJB 819 +O9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThNXo+EHWbNxWCWtFJaBYmOlXqYwZE8 820 +lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1UdDgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNV 821 +HRMEBTADAQH/MDkGBGcqBwAEMTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg2 822 +09yewDL7MTqKUWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ 823 +TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyfqzvS/3WXy6Tj 824 +Zwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaKZEk9GhiHkASfQlK3T8v+R0F2 825 +Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFEJPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlU 826 +D7gsL0u8qV1bYH+Mh6XgUmMqvtg7hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6Qz 827 +DxARvBMB1uUO07+1EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+Hbk 828 +Z6MmnD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WXudpVBrkk 829 +7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44VbnzssQwmSNOXfJIoRIM3BKQ 830 +CZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDeLMDDav7v3Aun+kbfYNucpllQdSNpc5Oy 831 ++fwC00fmcc4QAu4njIT/rEUNE1yDMuAlpYYsfPQS 832 +-----END CERTIFICATE----- 833 + 834 +Swisscom Root CA 1 835 +================== 836 +-----BEGIN CERTIFICATE----- 837 +MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQG 838 +EwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2VydGlmaWNhdGUgU2Vy 839 +dmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3QgQ0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4 840 +MTgyMjA2MjBaMGQxCzAJBgNVBAYTAmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGln 841 +aXRhbCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIIC 842 +IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9m2BtRsiM 843 +MW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdihFvkcxC7mlSpnzNApbjyF 844 +NDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/TilftKaNXXsLmREDA/7n29uj/x2lzZAe 845 +AR81sH8A25Bvxn570e56eqeqDFdvpG3FEzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkC 846 +b6dJtDZd0KTeByy2dbcokdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn 847 +7uHbHaBuHYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNFvJbN 848 +cA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo19AOeCMgkckkKmUp 849 +WyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjCL3UcPX7ape8eYIVpQtPM+GP+HkM5 850 +haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJWbjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNY 851 +MUJDLXT5xp6mig/p/r+D5kNXJLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYw 852 +HQYDVR0hBBYwFDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j 853 +BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzcK6FptWfUjNP9 854 +MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzfky9NfEBWMXrrpA9gzXrzvsMn 855 +jgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7IkVh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQ 856 +MbFamIp1TpBcahQq4FJHgmDmHtqBsfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4H 857 +VtA4oJVwIHaM190e3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtl 858 +vrsRls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ipmXeascCl 859 +OS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HHb6D0jqTsNFFbjCYDcKF3 860 +1QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksfrK/7DZBaZmBwXarNeNQk7shBoJMBkpxq 861 +nvy5JMWzFYJ+vq6VK+uxwNrjAWALXmmshFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCy 862 +x/yP2FS1k2Kdzs9Z+z0YzirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMW 863 +NY6E0F/6MBr1mmz0DlP5OlvRHA== 864 +-----END CERTIFICATE----- 865 + 866 +DigiCert Assured ID Root CA 867 +=========================== 868 +-----BEGIN CERTIFICATE----- 869 +MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQG 870 +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQw 871 +IgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzEx 872 +MTEwMDAwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQL 873 +ExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0Ew 874 +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7cJpSIqvTO 875 +9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYPmDI2dsze3Tyoou9q+yHy 876 +UmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW 877 +/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpy 878 +oeb6pNnVFzF1roV9Iq4/AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whf 879 +GHdPAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRF 880 +66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzANBgkq 881 +hkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRCdWKuh+vy1dneVrOfzM4UKLkNl2Bc 882 +EkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTffwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38Fn 883 +SbNd67IJKusm7Xi+fT8r87cmNW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i 884 +8b5QZ7dsvfPxH2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe 885 ++o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== 886 +-----END CERTIFICATE----- 887 + 888 +DigiCert Global Root CA 889 +======================= 890 +-----BEGIN CERTIFICATE----- 891 +MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQG 892 +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAw 893 +HgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAw 894 +MDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3 895 +dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkq 896 +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOn 897 +TjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5 898 +BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H 899 +4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y 900 +7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQAB 901 +o2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm 902 +8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEF 903 +BQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmr 904 +EbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIt 905 +tep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886 906 +UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk 907 +CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= 908 +-----END CERTIFICATE----- 909 + 910 +DigiCert High Assurance EV Root CA 911 +================================== 912 +-----BEGIN CERTIFICATE----- 913 +MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQG 914 +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSsw 915 +KQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAw 916 +MFoXDTMxMTExMDAwMDAwMFowbDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZ 917 +MBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFu 918 +Y2UgRVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm+9S75S0t 919 +Mqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTWPNt0OKRKzE0lgvdKpVMS 920 +OO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEMxChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3 921 +MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFBIk5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQ 922 +NAQTXKFx01p8VdteZOE3hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUe 923 +h10aUAsgEsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMB 924 +Af8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSY 925 +JhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3NecnzyIZgYIVyHbIUf4KmeqvxgydkAQ 926 +V8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6zeM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFp 927 +myPInngiK3BD41VHMWEZ71jFhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkK 928 +mNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe 929 +vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9K 930 +-----END CERTIFICATE----- 931 + 932 +Certplus Class 2 Primary CA 933 +=========================== 934 +-----BEGIN CERTIFICATE----- 935 +MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UE 936 +BhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFzcyAyIFByaW1hcnkgQ0EwHhcN 937 +OTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2Vy 938 +dHBsdXMxGzAZBgNVBAMTEkNsYXNzIDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP 939 +ADCCAQoCggEBANxQltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR 940 +5aiRVhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyLkcAbmXuZ 941 +Vg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCdEgETjdyAYveVqUSISnFO 942 +YFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yasH7WLO7dDWWuwJKZtkIvEcupdM5i3y95e 943 +e++U8Rs+yskhwcWYAqqi9lt3m/V+llU0HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRME 944 +CDAGAQH/AgEKMAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJ 945 +YIZIAYb4QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMuY29t 946 +L0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/AN9WM2K191EBkOvD 947 +P9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8yfFC82x/xXp8HVGIutIKPidd3i1R 948 +TtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMRFcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+ 949 +7UCmnYR0ObncHoUW2ikbhiMAybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW 950 +//1IMwrh3KWBkJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7 951 +l7+ijrRU 952 +-----END CERTIFICATE----- 953 + 954 +DST Root CA X3 955 +============== 956 +-----BEGIN CERTIFICATE----- 957 +MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/MSQwIgYDVQQK 958 +ExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4X 959 +DTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVowPzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1 960 +cmUgVHJ1c3QgQ28uMRcwFQYDVQQDEw5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQAD 961 +ggEPADCCAQoCggEBAN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmT 962 +rE4Orz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEqOLl5CjH9 963 +UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9bxiqKqy69cK3FCxolkHRy 964 +xXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40d 965 +utolucbY38EVAjqr2m7xPi71XAicPNaDaeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0T 966 +AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQ 967 +MA0GCSqGSIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69ikug 968 +dB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXrAvHRAosZy5Q6XkjE 969 +GB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZzR8srzJmwN0jP41ZL9c8PDHIyh8bw 970 +RLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubS 971 +fZGL+T0yjWW06XyxV3bqxbYoOb8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ 972 +-----END CERTIFICATE----- 973 + 974 +DST ACES CA X6 975 +============== 976 +-----BEGIN CERTIFICATE----- 977 +MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBbMQswCQYDVQQG 978 +EwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QxETAPBgNVBAsTCERTVCBBQ0VT 979 +MRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0wMzExMjAyMTE5NThaFw0xNzExMjAyMTE5NTha 980 +MFsxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UE 981 +CxMIRFNUIEFDRVMxFzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOC 982 +AQ8AMIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPuktKe1jzI 983 +DZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7gLFViYsx+tC3dr5BPTCa 984 +pCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZHfAjIgrrep4c9oW24MFbCswKBXy314pow 985 +GCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4aahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPy 986 +MjwmR/onJALJfh1biEITajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1Ud 987 +EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rkc3Qu 988 +Y29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjtodHRwOi8vd3d3LnRy 989 +dXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMtaW5kZXguaHRtbDAdBgNVHQ4EFgQU 990 +CXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZIhvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V2 991 +5FYrnJmQ6AgwbN99Pe7lv7UkQIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6t 992 +Fr8hlxCBPeP/h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq 993 +nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpRrscL9yuwNwXs 994 +vFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf29w4LTJxoeHtxMcfrHuBnQfO3 995 +oKfN5XozNmr6mis= 996 +-----END CERTIFICATE----- 997 + 998 +SwissSign Gold CA - G2 999 +====================== 1000 +-----BEGIN CERTIFICATE----- 1001 +MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkNIMRUw 1002 +EwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2lnbiBHb2xkIENBIC0gRzIwHhcN 1003 +MDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBFMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dp 1004 +c3NTaWduIEFHMR8wHQYDVQQDExZTd2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0B 1005 +AQEFAAOCAg8AMIICCgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUq 1006 +t2/876LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+bbqBHH5C 1007 +jCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c6bM8K8vzARO/Ws/BtQpg 1008 +vd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqEemA8atufK+ze3gE/bk3lUIbLtK/tREDF 1009 +ylqM2tIrfKjuvqblCqoOpd8FUrdVxyJdMmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvR 1010 +AiTysybUa9oEVeXBCsdtMDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuend 1011 +jIj3o02yMszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69yFGkO 1012 +peUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPiaG59je883WX0XaxR 1013 +7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxMgI93e2CaHt+28kgeDrpOVG2Y4OGi 1014 +GqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUw 1015 +AwEB/zAdBgNVHQ4EFgQUWyV7lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64 1016 +OfPAeGZe6Drn8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov 1017 +L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe645R88a7A3hfm 1018 +5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczOUYrHUDFu4Up+GC9pWbY9ZIEr 1019 +44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOf 1020 +Mke6UiI0HTJ6CVanfCU2qT1L2sCCbwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6m 1021 +Gu6uLftIdxf+u+yvGPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxp 1022 +mo/a77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCChdiDyyJk 1023 +vC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid392qgQmwLOM7XdVAyksLf 1024 +KzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEppLd6leNcG2mqeSz53OiATIgHQv2ieY2Br 1025 +NU0LbbqhPcCT4H8js1WtciVORvnSFu+wZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6Lqj 1026 +viOvrv1vA+ACOzB2+httQc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ 1027 +-----END CERTIFICATE----- 1028 + 1029 +SwissSign Silver CA - G2 1030 +======================== 1031 +-----BEGIN CERTIFICATE----- 1032 +MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCQ0gxFTAT 1033 +BgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMB4X 1034 +DTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0NlowRzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3 1035 +aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG 1036 +9w0BAQEFAAOCAg8AMIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644 1037 +N0MvFz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7brYT7QbNHm 1038 ++/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieFnbAVlDLaYQ1HTWBCrpJH 1039 +6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH6ATK72oxh9TAtvmUcXtnZLi2kUpCe2Uu 1040 +MGoM9ZDulebyzYLs2aFK7PayS+VFheZteJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5h 1041 +qAaEuSh6XzjZG6k4sIN/c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5 1042 +FZGkECwJMoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRHHTBs 1043 +ROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTfjNFusB3hB48IHpmc 1044 +celM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb65i/4z3GcRm25xBWNOHkDRUjvxF3X 1045 +CO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOBrDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ 1046 +BAUwAwEB/zAdBgNVHQ4EFgQUF6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRB 1047 +tjpbO8tFnb0cwpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0 1048 +cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBAHPGgeAn0i0P 1049 +4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShpWJHckRE1qTodvBqlYJ7YH39F 1050 +kWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L 1051 +3XWgwF15kIwb4FDm3jH+mHtwX6WQ2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx 1052 +/uNncqCxv1yL5PqZIseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFa 1053 +DGi8aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2Xem1ZqSqP 1054 +e97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQRdAtq/gsD/KNVV4n+Ssuu 1055 +WxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJ 1056 +DIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ub 1057 +DgEj8Z+7fNzcbBGXJbLytGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u 1058 +-----END CERTIFICATE----- 1059 + 1060 +GeoTrust Primary Certification Authority 1061 +======================================== 1062 +-----BEGIN CERTIFICATE----- 1063 +MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQG 1064 +EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMoR2VvVHJ1c3QgUHJpbWFyeSBD 1065 +ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjExMjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgx 1066 +CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQ 1067 +cmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 1068 +CgKCAQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9AWbK7hWN 1069 +b6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjAZIVcFU2Ix7e64HXprQU9 1070 +nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE07e9GceBrAqg1cmuXm2bgyxx5X9gaBGge 1071 +RwLmnWDiNpcB3841kt++Z8dtd1k7j53WkBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGt 1072 +tm/81w7a4DSwDRp35+MImO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTAD 1073 +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJKoZI 1074 +hvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ16CePbJC/kRYkRj5K 1075 +Ts4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl4b7UVXGYNTq+k+qurUKykG/g/CFN 1076 +NWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6KoKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHa 1077 +Floxt/m0cYASSJlyc1pZU8FjUjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG 1078 +1riR/aYNKxoUAT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk= 1079 +-----END CERTIFICATE----- 1080 + 1081 +thawte Primary Root CA 1082 +====================== 1083 +-----BEGIN CERTIFICATE----- 1084 +MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCBqTELMAkGA1UE 1085 +BhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 1086 +aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhv 1087 +cml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3 1088 +MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwg 1089 +SW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMv 1090 +KGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMT 1091 +FnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs 1092 +oPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ 1093 +1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGc 1094 +q/gcfomk6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/K 1095 +aAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR32HuHUETVPm4p 1096 +afs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYD 1097 +VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUF 1098 +AAOCAQEAeRHAS7ORtvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE 1099 +uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX 1100 +xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2/qxAeeWsEG89 1101 +jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVH 1102 +z7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA== 1103 +-----END CERTIFICATE----- 1104 + 1105 +VeriSign Class 3 Public Primary Certification Authority - G5 1106 +============================================================ 1107 +-----BEGIN CERTIFICATE----- 1108 +MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE 1109 +BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO 1110 +ZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVk 1111 +IHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRp 1112 +ZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCB 1113 +yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln 1114 +biBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBh 1115 +dXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmlt 1116 +YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw 1117 +ggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKz 1118 +j/i5Vbext0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhD 1119 +Y2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/ 1120 +Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNHiDxpg8v+R70r 1121 +fk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/ 1122 +BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2Uv 1123 +Z2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy 1124 +aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqG 1125 +SIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzEp6B4Eq1iDkVwZMXnl2YtmAl+ 1126 +X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKE 1127 +KQsTb47bDN0lAtukixlE0kF6BWlKWE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiC 1128 +Km0oHw0LxOXnGiYZ4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vE 1129 +ZV8NhnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq 1130 +-----END CERTIFICATE----- 1131 + 1132 +SecureTrust CA 1133 +============== 1134 +-----BEGIN CERTIFICATE----- 1135 +MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBIMQswCQYDVQQG 1136 +EwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xFzAVBgNVBAMTDlNlY3VyZVRy 1137 +dXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIzMTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAe 1138 +BgNVBAoTF1NlY3VyZVRydXN0IENvcnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCC 1139 +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQX 1140 +OZEzZum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO0gMdA+9t 1141 +DWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIaowW8xQmxSPmjL8xk037uH 1142 +GFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b 1143 +01k/unK8RCSc43Oz969XL0Imnal0ugBS8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmH 1144 +ursCAwEAAaOBnTCBmjATBgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/ 1145 +BAUwAwEB/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCegJYYj 1146 +aHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQAwDQYJ 1147 +KoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt36Z3q059c4EVlew3KW+JwULKUBRSu 1148 +SceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHf 1149 +mbx8IVQr5Fiiu1cprp6poxkmD5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZ 1150 +nMUFdAvnZyPSCPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR 1151 +3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= 1152 +-----END CERTIFICATE----- 1153 + 1154 +Secure Global CA 1155 +================ 1156 +-----BEGIN CERTIFICATE----- 1157 +MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQG 1158 +EwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBH 1159 +bG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkxMjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEg 1160 +MB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwg 1161 +Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jx 1162 +YDiJiQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa/FHtaMbQ 1163 +bqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJjnIFHovdRIWCQtBJwB1g 1164 +8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnIHmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYV 1165 +HDGA76oYa8J719rO+TMg1fW9ajMtgQT7sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi 1166 +0XPnj3pDAgMBAAGjgZ0wgZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1Ud 1167 +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCswKaAn 1168 +oCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsGAQQBgjcVAQQDAgEA 1169 +MA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0LURYD7xh8yOOvaliTFGCRsoTciE6+ 1170 +OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXOH0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cn 1171 +CDpOGR86p1hcF895P4vkp9MmI50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/5 1172 +3CYNv6ZHdAbYiNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc 1173 +f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW 1174 +-----END CERTIFICATE----- 1175 + 1176 +COMODO Certification Authority 1177 +============================== 1178 +-----BEGIN CERTIFICATE----- 1179 +MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCBgTELMAkGA1UE 1180 +BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgG 1181 +A1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNVBAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1 1182 +dGhvcml0eTAeFw0wNjEyMDEwMDAwMDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEb 1183 +MBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFD 1184 +T01PRE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 1185 +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3UcEbVASY06m/weaKXTuH 1186 ++7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI2GqGd0S7WWaXUF601CxwRM/aN5VCaTww 1187 +xHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV 1188 +4EajcNxo2f8ESIl33rXp+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA 1189 +1KGzqSX+DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5OnKVI 1190 +rLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW/zAOBgNVHQ8BAf8E 1191 +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vY3JsLmNvbW9k 1192 +b2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOC 1193 +AQEAPpiem/Yb6dc5t3iuHXIYSdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CP 1194 +OGEIqB6BCsAvIC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ 1195 +RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4zJVSk/BwJVmc 1196 +IGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5ddBA6+C4OmF4O5MBKgxTMVBbkN 1197 ++8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IBZQ== 1198 +-----END CERTIFICATE----- 1199 + 1200 +Network Solutions Certificate Authority 1201 +======================================= 1202 +-----BEGIN CERTIFICATE----- 1203 +MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQG 1204 +EwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydOZXR3b3Jr 1205 +IFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMx 1206 +MjM1OTU5WjBiMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu 1207 +MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0G 1208 +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwzc7MEL7xx 1209 +jOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPPOCwGJgl6cvf6UDL4wpPT 1210 +aaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rlmGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXT 1211 +crA/vGp97Eh/jcOrqnErU2lBUzS1sLnFBgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc 1212 +/Qzpf14Dl847ABSHJ3A4qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMB 1213 +AAGjgZcwgZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIBBjAP 1214 +BgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwubmV0c29sc3NsLmNv 1215 +bS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3JpdHkuY3JsMA0GCSqGSIb3DQEBBQUA 1216 +A4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc86fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q 1217 +4LqILPxFzBiwmZVRDuwduIj/h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/ 1218 +GGUsyfJj4akH/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv 1219 +wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHNpGxlaKFJdlxD 1220 +ydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey 1221 +-----END CERTIFICATE----- 1222 + 1223 +WellsSecure Public Root Certificate Authority 1224 +============================================= 1225 +-----BEGIN CERTIFICATE----- 1226 +MIIEvTCCA6WgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoM 1227 +F1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYw 1228 +NAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcN 1229 +MDcxMjEzMTcwNzU0WhcNMjIxMjE0MDAwNzU0WjCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dl 1230 +bGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYD 1231 +VQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0G 1232 +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDub7S9eeKPCCGeOARBJe+rWxxTkqxtnt3CxC5FlAM1 1233 +iGd0V+PfjLindo8796jE2yljDpFoNoqXjopxaAkH5OjUDk/41itMpBb570OYj7OeUt9tkTmPOL13 1234 +i0Nj67eT/DBMHAGTthP796EfvyXhdDcsHqRePGj4S78NuR4uNuip5Kf4D8uCdXw1LSLWwr8L87T8 1235 +bJVhHlfXBIEyg1J55oNjz7fLY4sR4r1e6/aN7ZVyKLSsEmLpSjPmgzKuBXWVvYSV2ypcm44uDLiB 1236 +K0HmOFafSZtsdvqKXfcBeYF8wYNABf5x/Qw/zE5gCQ5lRxAvAcAFP4/4s0HvWkJ+We/SlwxlAgMB 1237 +AAGjggE0MIIBMDAPBgNVHRMBAf8EBTADAQH/MDkGA1UdHwQyMDAwLqAsoCqGKGh0dHA6Ly9jcmwu 1238 +cGtpLndlbGxzZmFyZ28uY29tL3dzcHJjYS5jcmwwDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBQm 1239 +lRkQ2eihl5H/3BnZtQQ+0nMKajCBsgYDVR0jBIGqMIGngBQmlRkQ2eihl5H/3BnZtQQ+0nMKaqGB 1240 +i6SBiDCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRww 1241 +GgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMg 1242 +Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCAQEwDQYJKoZIhvcNAQEFBQADggEBALkVsUSRzCPI 1243 +K0134/iaeycNzXK7mQDKfGYZUMbVmO2rvwNa5U3lHshPcZeG1eMd/ZDJPHV3V3p9+N701NX3leZ0 1244 +bh08rnyd2wIDBSxxSyU+B+NemvVmFymIGjifz6pBA4SXa5M4esowRBskRDPQ5NHcKDj0E0M1NSlj 1245 +qHyita04pO2t/caaH/+Xc/77szWnk4bGdpEA5qxRFsQnMlzbc9qlk1eOPm01JghZ1edE13YgY+es 1246 +E2fDbbFwRnzVlhE9iW9dqKHrjQrawx0zbKPqZxmamX9LPYNRKh3KL4YMon4QLSvUFpULB6ouFJJJ 1247 +tylv2G0xffX8oRAHh84vWdw+WNs= 1248 +-----END CERTIFICATE----- 1249 + 1250 +COMODO ECC Certification Authority 1251 +================================== 1252 +-----BEGIN CERTIFICATE----- 1253 +MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTELMAkGA1UEBhMC 1254 +R0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UE 1255 +ChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBB 1256 +dXRob3JpdHkwHhcNMDgwMzA2MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0Ix 1257 +GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR 1258 +Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRo 1259 +b3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSRFtSrYpn1PlILBs5BAH+X 1260 +4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0JcfRK9ChQtP6IHG4/bC8vCVlbpVsLM5ni 1261 +wz2J+Wos77LTBumjQjBAMB0GA1UdDgQWBBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8E 1262 +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VG 1263 +FAkK+qDmfQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdvGDeA 1264 +U/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= 1265 +-----END CERTIFICATE----- 1266 + 1267 +Security Communication EV RootCA1 1268 +================================= 1269 +-----BEGIN CERTIFICATE----- 1270 +MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDElMCMGA1UEChMc 1271 +U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMhU2VjdXJpdHkgQ29tbXVuaWNh 1272 +dGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIzMloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UE 1273 +BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNl 1274 +Y3VyaXR5IENvbW11bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC 1275 +AQoCggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSERMqm4miO 1276 +/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gOzXppFodEtZDkBp2uoQSX 1277 +WHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4z 1278 +ZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDFMxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4 1279 +bepJz11sS6/vmsJWXMY1VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK 1280 +9U2vP9eCOKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqG 1281 +SIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HWtWS3irO4G8za+6xm 1282 +iEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZq51ihPZRwSzJIxXYKLerJRO1RuGG 1283 +Av8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDbEJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnW 1284 +mHyojf6GPgcWkuF75x3sM3Z+Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEW 1285 +T1MKZPlO9L9OVL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490 1286 +-----END CERTIFICATE----- 1287 + 1288 +OISTE WISeKey Global Root GA CA 1289 +=============================== 1290 +-----BEGIN CERTIFICATE----- 1291 +MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCBijELMAkGA1UE 1292 +BhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHlyaWdodCAoYykgMjAwNTEiMCAG 1293 +A1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBH 1294 +bG9iYWwgUm9vdCBHQSBDQTAeFw0wNTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYD 1295 +VQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIw 1296 +IAYDVQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5 1297 +IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0+zAJs9 1298 +Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxRVVuuk+g3/ytr6dTqvirdqFEr12bDYVxg 1299 +Asj1znJ7O7jyTmUIms2kahnBAbtzptf2w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbD 1300 +d50kc3vkDIzh2TbhmYsFmQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ 1301 +/yxViJGg4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t94B3R 1302 +LoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw 1303 +AwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQwEAYJKwYBBAGCNxUBBAMCAQAwDQYJ 1304 +KoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOxSPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vIm 1305 +MMkQyh2I+3QZH4VFvbBsUfk2ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4 1306 ++vg1YFkCExh8vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa 1307 +hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZiFj4A4xylNoEY 1308 +okxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ/L7fCg0= 1309 +-----END CERTIFICATE----- 1310 + 1311 +Microsec e-Szigno Root CA 1312 +========================= 1313 +-----BEGIN CERTIFICATE----- 1314 +MIIHqDCCBpCgAwIBAgIRAMy4579OKRr9otxmpRwsDxEwDQYJKoZIhvcNAQEFBQAwcjELMAkGA1UE 1315 +BhMCSFUxETAPBgNVBAcTCEJ1ZGFwZXN0MRYwFAYDVQQKEw1NaWNyb3NlYyBMdGQuMRQwEgYDVQQL 1316 +EwtlLVN6aWdubyBDQTEiMCAGA1UEAxMZTWljcm9zZWMgZS1Temlnbm8gUm9vdCBDQTAeFw0wNTA0 1317 +MDYxMjI4NDRaFw0xNzA0MDYxMjI4NDRaMHIxCzAJBgNVBAYTAkhVMREwDwYDVQQHEwhCdWRhcGVz 1318 +dDEWMBQGA1UEChMNTWljcm9zZWMgTHRkLjEUMBIGA1UECxMLZS1Temlnbm8gQ0ExIjAgBgNVBAMT 1319 +GU1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB 1320 +AQDtyADVgXvNOABHzNuEwSFpLHSQDCHZU4ftPkNEU6+r+ICbPHiN1I2uuO/TEdyB5s87lozWbxXG 1321 +d36hL+BfkrYn13aaHUM86tnsL+4582pnS4uCzyL4ZVX+LMsvfUh6PXX5qqAnu3jCBspRwn5mS6/N 1322 +oqdNAoI/gqyFxuEPkEeZlApxcpMqyabAvjxWTHOSJ/FrtfX9/DAFYJLG65Z+AZHCabEeHXtTRbjc 1323 +QR/Ji3HWVBTji1R4P770Yjtb9aPs1ZJ04nQw7wHb4dSrmZsqa/i9phyGI0Jf7Enemotb9HI6QMVJ 1324 +PqW+jqpx62z69Rrkav17fVVA71hu5tnVvCSrwe+3AgMBAAGjggQ3MIIEMzBnBggrBgEFBQcBAQRb 1325 +MFkwKAYIKwYBBQUHMAGGHGh0dHBzOi8vcmNhLmUtc3ppZ25vLmh1L29jc3AwLQYIKwYBBQUHMAKG 1326 +IWh0dHA6Ly93d3cuZS1zemlnbm8uaHUvUm9vdENBLmNydDAPBgNVHRMBAf8EBTADAQH/MIIBcwYD 1327 +VR0gBIIBajCCAWYwggFiBgwrBgEEAYGoGAIBAQEwggFQMCgGCCsGAQUFBwIBFhxodHRwOi8vd3d3 1328 +LmUtc3ppZ25vLmh1L1NaU1ovMIIBIgYIKwYBBQUHAgIwggEUHoIBEABBACAAdABhAG4A+gBzAO0A 1329 +dAB2AOEAbgB5ACAA6QByAHQAZQBsAG0AZQB6AOkAcwDpAGgAZQB6ACAA6QBzACAAZQBsAGYAbwBn 1330 +AGEAZADhAHMA4QBoAG8AegAgAGEAIABTAHoAbwBsAGcA4QBsAHQAYQB0APMAIABTAHoAbwBsAGcA 1331 +4QBsAHQAYQB0AOEAcwBpACAAUwB6AGEAYgDhAGwAeQB6AGEAdABhACAAcwB6AGUAcgBpAG4AdAAg 1332 +AGsAZQBsAGwAIABlAGwAagDhAHIAbgBpADoAIABoAHQAdABwADoALwAvAHcAdwB3AC4AZQAtAHMA 1333 +egBpAGcAbgBvAC4AaAB1AC8AUwBaAFMAWgAvMIHIBgNVHR8EgcAwgb0wgbqggbeggbSGIWh0dHA6 1334 +Ly93d3cuZS1zemlnbm8uaHUvUm9vdENBLmNybIaBjmxkYXA6Ly9sZGFwLmUtc3ppZ25vLmh1L0NO 1335 +PU1pY3Jvc2VjJTIwZS1Temlnbm8lMjBSb290JTIwQ0EsT1U9ZS1Temlnbm8lMjBDQSxPPU1pY3Jv 1336 +c2VjJTIwTHRkLixMPUJ1ZGFwZXN0LEM9SFU/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdDtiaW5h 1337 +cnkwDgYDVR0PAQH/BAQDAgEGMIGWBgNVHREEgY4wgYuBEGluZm9AZS1zemlnbm8uaHWkdzB1MSMw 1338 +IQYDVQQDDBpNaWNyb3NlYyBlLVN6aWduw7MgUm9vdCBDQTEWMBQGA1UECwwNZS1TemlnbsOzIEhT 1339 +WjEWMBQGA1UEChMNTWljcm9zZWMgS2Z0LjERMA8GA1UEBxMIQnVkYXBlc3QxCzAJBgNVBAYTAkhV 1340 +MIGsBgNVHSMEgaQwgaGAFMegSXUWYYTbMUuE0vE3QJDvTtz3oXakdDByMQswCQYDVQQGEwJIVTER 1341 +MA8GA1UEBxMIQnVkYXBlc3QxFjAUBgNVBAoTDU1pY3Jvc2VjIEx0ZC4xFDASBgNVBAsTC2UtU3pp 1342 +Z25vIENBMSIwIAYDVQQDExlNaWNyb3NlYyBlLVN6aWdubyBSb290IENBghEAzLjnv04pGv2i3Gal 1343 +HCwPETAdBgNVHQ4EFgQUx6BJdRZhhNsxS4TS8TdAkO9O3PcwDQYJKoZIhvcNAQEFBQADggEBANMT 1344 +nGZjWS7KXHAM/IO8VbH0jgdsZifOwTsgqRy7RlRw7lrMoHfqaEQn6/Ip3Xep1fvj1KcExJW4C+FE 1345 +aGAHQzAxQmHl7tnlJNUb3+FKG6qfx1/4ehHqE5MAyopYse7tDk2016g2JnzgOsHVV4Lxdbb9iV/a 1346 +86g4nzUGCM4ilb7N1fy+W955a9x6qWVmvrElWl/tftOsRm1M9DKHtCAE4Gx4sHfRhUZLphK3dehK 1347 +yVZs15KrnfVJONJPU+NVkBHbmJbGSfI+9J8b4PeI3CVimUTYc78/MPMMNz7UwiiAc7EBt51alhQB 1348 +S6kRnSlqLtBdgcDPsiBDxwPgN05dCtxZICU= 1349 +-----END CERTIFICATE----- 1350 + 1351 +Certigna 1352 +======== 1353 +-----BEGIN CERTIFICATE----- 1354 +MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNVBAYTAkZSMRIw 1355 +EAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4XDTA3MDYyOTE1MTMwNVoXDTI3 1356 +MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwI 1357 +Q2VydGlnbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7q 1358 +XOEm7RFHYeGifBZ4QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyH 1359 +GxnygQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbwzBfsV1/p 1360 +ogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q130yGLMLLGq/jj8UEYkg 1361 +DncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKf 1362 +Irjxwo1p3Po6WAbfAgMBAAGjgbwwgbkwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQ 1363 +tCRZvgHyUtVF9lo53BEwZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJ 1364 +BgNVBAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzjAQ/J 1365 +SP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG9w0BAQUFAAOCAQEA 1366 +hQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8hbV6lUmPOEvjvKtpv6zf+EwLHyzs+ 1367 +ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFncfca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1klu 1368 +PBS1xp81HlDQwY9qcEQCYsuuHWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY 1369 +1gkIl2PlwS6wt0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw 1370 +WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== 1371 +-----END CERTIFICATE----- 1372 + 1373 +Deutsche Telekom Root CA 2 1374 +========================== 1375 +-----BEGIN CERTIFICATE----- 1376 +MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEcMBoGA1UEChMT 1377 +RGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2VjIFRydXN0IENlbnRlcjEjMCEG 1378 +A1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENBIDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5 1379 +MjM1OTAwWjBxMQswCQYDVQQGEwJERTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0G 1380 +A1UECxMWVC1UZWxlU2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBS 1381 +b290IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEUha88EOQ5 1382 +bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhCQN/Po7qCWWqSG6wcmtoI 1383 +KyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1MjwrrFDa1sPeg5TKqAyZMg4ISFZbavva4VhY 1384 +AUlfckE8FQYBjl2tqriTtM2e66foai1SNNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aK 1385 +Se5TBY8ZTNXeWHmb0mocQqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTV 1386 +jlsB9WoHtxa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAPBgNV 1387 +HRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAlGRZrTlk5ynr 1388 +E/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756AbrsptJh6sTtU6zkXR34ajgv8HzFZMQSy 1389 +zhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpaIzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8 1390 +rZ7/gFnkm0W09juwzTkZmDLl6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4G 1391 +dyd1Lx+4ivn+xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU 1392 +Cm26OWMohpLzGITY+9HPBVZkVw== 1393 +-----END CERTIFICATE----- 1394 + 1395 +Cybertrust Global Root 1396 +====================== 1397 +-----BEGIN CERTIFICATE----- 1398 +MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYGA1UEChMPQ3li 1399 +ZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBSb290MB4XDTA2MTIxNTA4 1400 +MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQD 1401 +ExZDeWJlcnRydXN0IEdsb2JhbCBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA 1402 ++Mi8vRRQZhP/8NN57CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW 1403 +0ozSJ8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2yHLtgwEZL 1404 +AfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iPt3sMpTjr3kfb1V05/Iin 1405 +89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNzFtApD0mpSPCzqrdsxacwOUBdrsTiXSZT 1406 +8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAYXSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAP 1407 +BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2 1408 +MDSgMqAwhi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3JsMB8G 1409 +A1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUAA4IBAQBW7wojoFRO 1410 +lZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMjWqd8BfP9IjsO0QbE2zZMcwSO5bAi 1411 +5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUxXOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2 1412 +hO0j9n0Hq0V+09+zv+mKts2oomcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+T 1413 +X3EJIrduPuocA06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW 1414 +WL1WMRJOEcgh4LMRkWXbtKaIOM5V 1415 +-----END CERTIFICATE----- 1416 + 1417 +ePKI Root Certification Authority 1418 +================================= 1419 +-----BEGIN CERTIFICATE----- 1420 +MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQG 1421 +EwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0ZC4xKjAoBgNVBAsMIWVQS0kg 1422 +Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMx 1423 +MjdaMF4xCzAJBgNVBAYTAlRXMSMwIQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEq 1424 +MCgGA1UECwwhZVBLSSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0B 1425 +AQEFAAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAHSyZbCUNs 1426 +IZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAhijHyl3SJCRImHJ7K2RKi 1427 +lTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3XDZoTM1PRYfl61dd4s5oz9wCGzh1NlDiv 1428 +qOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX 1429 +12ruOzjjK9SXDrkb5wdJfzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0O 1430 +WQqraffAsgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uUWH1+ 1431 +ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLSnT0IFaUQAS2zMnao 1432 +lQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pHdmX2Os+PYhcZewoozRrSgx4hxyy/ 1433 +vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJipNiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXi 1434 +Zo1jDiVN1Rmy5nk3pyKdVDECAwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/Qkqi 1435 +MAwGA1UdEwQFMAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH 1436 +ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGBuvl2ICO1J2B0 1437 +1GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6YlPwZpVnPDimZI+ymBV3QGypzq 1438 +KOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkPJXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdV 1439 +xrsStZf0X4OFunHB2WyBEXYKCrC/gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEP 1440 +NXubrjlpC2JgQCA2j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+r 1441 +GNm65ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUBo2M3IUxE 1442 +xJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS/jQ6fbjpKdx2qcgw+BRx 1443 +gMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2zGp1iro2C6pSe3VkQw63d4k3jMdXH7Ojy 1444 +sP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTEW9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmOD 1445 +BCEIZ43ygknQW/2xzQ+DhNQ+IIX3Sj0rnP0qCglN6oH4EZw= 1446 +-----END CERTIFICATE----- 1447 + 1448 +T\xc3\x9c\x42\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1 - S\xC3\xBCr\xC3\xBCm 3 1449 +============================================================================================================================= 1450 +-----BEGIN CERTIFICATE----- 1451 +MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRSMRgwFgYDVQQH 1452 +DA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJpbGltc2VsIHZlIFRla25vbG9q 1453 +aWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSwVEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ry 1454 +b25payB2ZSBLcmlwdG9sb2ppIEFyYcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNV 1455 +BAsMGkthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUg 1456 +S8O2ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAeFw0wNzA4 1457 +MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIxGDAWBgNVBAcMD0dlYnpl 1458 +IC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmlsaW1zZWwgdmUgVGVrbm9sb2ppayBBcmHF 1459 +n3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBUQUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZl 1460 +IEtyaXB0b2xvamkgQXJhxZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2Ft 1461 +dSBTZXJ0aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7ZrIFNl 1462 +cnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIBIjANBgkqhkiG9w0B 1463 +AQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4hgb46ezzb8R1Sf1n68yJMlaCQvEhO 1464 +Eav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yKO7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1 1465 +xnnRFDDtG1hba+818qEhTsXOfJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR 1466 +6Oqeyjh1jmKwlZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL 1467 +hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQIDAQABo0IwQDAd 1468 +BgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF 1469 +MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmPNOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4 1470 +N5EY3ATIZJkrGG2AA1nJrvhY0D7twyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLT 1471 +y9LQQfMmNkqblWwM7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYh 1472 +LBOhgLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5noN+J1q2M 1473 +dqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUsyZyQ2uypQjyttgI= 1474 +-----END CERTIFICATE----- 1475 + 1476 +certSIGN ROOT CA 1477 +================ 1478 +-----BEGIN CERTIFICATE----- 1479 +MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYTAlJPMREwDwYD 1480 +VQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTAeFw0wNjA3MDQxNzIwMDRa 1481 +Fw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UE 1482 +CxMQY2VydFNJR04gUk9PVCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7I 1483 +JUqOtdu0KBuqV5Do0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHH 1484 +rfAQUySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5dRdY4zTW2 1485 +ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQOA7+j0xbm0bqQfWwCHTD 1486 +0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwvJoIQ4uNllAoEwF73XVv4EOLQunpL+943 1487 +AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B 1488 +Af8EBAMCAcYwHQYDVR0OBBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IB 1489 +AQA+0hyJLjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecYMnQ8 1490 +SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ44gx+FkagQnIl6Z0 1491 +x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6IJd1hJyMctTEHBDa0GpC9oHRxUIlt 1492 +vBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNwi/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7Nz 1493 +TogVZ96edhBiIL5VaZVDADlN9u6wWk5JRFRYX0KD 1494 +-----END CERTIFICATE----- 1495 + 1496 +CNNIC ROOT 1497 +========== 1498 +-----BEGIN CERTIFICATE----- 1499 +MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJDTjEOMAwGA1UE 1500 +ChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2MDcwOTE0WhcNMjcwNDE2MDcw 1501 +OTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1Qw 1502 +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzD 1503 +o+/hn7E7SIX1mlwhIhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tiz 1504 +VHa6dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZOV/kbZKKT 1505 +VrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrCGHn2emU1z5DrvTOTn1Or 1506 +czvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gNv7Sg2Ca+I19zN38m5pIEo3/PIKe38zrK 1507 +y5nLAgMBAAGjczBxMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscC 1508 +wQ7vptU7ETAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991S 1509 +lgrHAsEO76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnKOOK5 1510 +Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvHugDnuL8BV8F3RTIM 1511 +O/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7HgviyJA/qIYM/PmLXoXLT1tLYhFHxUV8 1512 +BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fLbuXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2 1513 +G8kS1sHNzYDzAgE8yGnLRUhj2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5m 1514 +mxE= 1515 +-----END CERTIFICATE----- 1516 + 1517 +ApplicationCA - Japanese Government 1518 +=================================== 1519 +-----BEGIN CERTIFICATE----- 1520 +MIIDoDCCAoigAwIBAgIBMTANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJKUDEcMBoGA1UEChMT 1521 +SmFwYW5lc2UgR292ZXJubWVudDEWMBQGA1UECxMNQXBwbGljYXRpb25DQTAeFw0wNzEyMTIxNTAw 1522 +MDBaFw0xNzEyMTIxNTAwMDBaMEMxCzAJBgNVBAYTAkpQMRwwGgYDVQQKExNKYXBhbmVzZSBHb3Zl 1523 +cm5tZW50MRYwFAYDVQQLEw1BcHBsaWNhdGlvbkNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 1524 +CgKCAQEAp23gdE6Hj6UG3mii24aZS2QNcfAKBZuOquHMLtJqO8F6tJdhjYq+xpqcBrSGUeQ3DnR4 1525 +fl+Kf5Sk10cI/VBaVuRorChzoHvpfxiSQE8tnfWuREhzNgaeZCw7NCPbXCbkcXmP1G55IrmTwcrN 1526 +wVbtiGrXoDkhBFcsovW8R0FPXjQilbUfKW1eSvNNcr5BViCH/OlQR9cwFO5cjFW6WY2H/CPek9AE 1527 +jP3vbb3QesmlOmpyM8ZKDQUXKi17safY1vC+9D/qDihtQWEjdnjDuGWk81quzMKq2edY3rZ+nYVu 1528 +nyoKb58DKTCXKB28t89UKU5RMfkntigm/qJj5kEW8DOYRwIDAQABo4GeMIGbMB0GA1UdDgQWBBRU 1529 +WssmP3HMlEYNllPqa0jQk/5CdTAOBgNVHQ8BAf8EBAMCAQYwWQYDVR0RBFIwUKROMEwxCzAJBgNV 1530 +BAYTAkpQMRgwFgYDVQQKDA/ml6XmnKzlm73mlL/lupwxIzAhBgNVBAsMGuOCouODl+ODquOCseOD 1531 +vOOCt+ODp+ODs0NBMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADlqRHZ3ODrs 1532 +o2dGD/mLBqj7apAxzn7s2tGJfHrrLgy9mTLnsCTWw//1sogJhyzjVOGjprIIC8CFqMjSnHH2HZ9g 1533 +/DgzE+Ge3Atf2hZQKXsvcJEPmbo0NI2VdMV+eKlmXb3KIXdCEKxmJj3ekav9FfBv7WxfEPjzFvYD 1534 +io+nEhEMy/0/ecGc/WLuo89UDNErXxc+4z6/wCs+CZv+iKZ+tJIX/COUgb1up8WMwusRRdv4QcmW 1535 +dupwX3kSa+SjB1oF7ydJzyGfikwJcGapJsErEU4z0g781mzSDjJkaP+tBXhfAx2o45CsJOAPQKdL 1536 +rosot4LKGAfmt1t06SAZf7IbiVQ= 1537 +-----END CERTIFICATE----- 1538 + 1539 +GeoTrust Primary Certification Authority - G3 1540 +============================================= 1541 +-----BEGIN CERTIFICATE----- 1542 +MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UE 1543 +BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA4IEdlb1RydXN0 1544 +IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFy 1545 +eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIz 1546 +NTk1OVowgZgxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAo 1547 +YykgMjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNVBAMT 1548 +LUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZI 1549 +hvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz+uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5j 1550 +K/BGvESyiaHAKAxJcCGVn2TAppMSAmUmhsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdE 1551 +c5IiaacDiGydY8hS2pgn5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3C 1552 +IShwiP/WJmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exALDmKu 1553 +dlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZChuOl1UcCAwEAAaNC 1554 +MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMR5yo6hTgMdHNxr 1555 +2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IBAQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9 1556 +cr5HqQ6XErhK8WTTOd8lNNTBzU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbE 1557 +Ap7aDHdlDkQNkv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD 1558 +AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUHSJsMC8tJP33s 1559 +t/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2Gspki4cErx5z481+oghLrGREt 1560 +-----END CERTIFICATE----- 1561 + 1562 +thawte Primary Root CA - G2 1563 +=========================== 1564 +-----BEGIN CERTIFICATE----- 1565 +MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDELMAkGA1UEBhMC 1566 +VVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMpIDIwMDcgdGhhd3RlLCBJbmMu 1567 +IC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3Qg 1568 +Q0EgLSBHMjAeFw0wNzExMDUwMDAwMDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEV 1569 +MBMGA1UEChMMdGhhd3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBG 1570 +b3IgYXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAt 1571 +IEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/BebfowJPDQfGAFG6DAJS 1572 +LSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6papu+7qzcMBniKI11KOasf2twu8x+qi5 1573 +8/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU 1574 +mtgAMADna3+FGO6Lts6KDPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUN 1575 +G4k8VIZ3KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41oxXZ3K 1576 +rr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg== 1577 +-----END CERTIFICATE----- 1578 + 1579 +thawte Primary Root CA - G3 1580 +=========================== 1581 +-----BEGIN CERTIFICATE----- 1582 +MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCBrjELMAkGA1UE 1583 +BhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 1584 +aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhv 1585 +cml6ZWQgdXNlIG9ubHkxJDAiBgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0w 1586 +ODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh 1587 +d3RlLCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYD 1588 +VQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEkMCIG 1589 +A1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A 1590 +MIIBCgKCAQEAsr8nLPvb2FvdeHsbnndmgcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2At 1591 +P0LMqmsywCPLLEHd5N/8YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC 1592 ++BsUa0Lfb1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS99irY 1593 +7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2SzhkGcuYMXDhpxwTW 1594 +vGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUkOQIDAQABo0IwQDAPBgNVHRMBAf8E 1595 +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJ 1596 +KoZIhvcNAQELBQADggEBABpA2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweK 1597 +A3rD6z8KLFIWoCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu 1598 +t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7cKUGRIjxpp7sC 1599 +8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fMm7v/OeZWYdMKp8RcTGB7BXcm 1600 +er/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZuMdRAGmI0Nj81Aa6sY6A= 1601 +-----END CERTIFICATE----- 1602 + 1603 +GeoTrust Primary Certification Authority - G2 1604 +============================================= 1605 +-----BEGIN CERTIFICATE----- 1606 +MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDELMAkGA1UEBhMC 1607 +VVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA3IEdlb1RydXN0IElu 1608 +Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBD 1609 +ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1 1610 +OVowgZgxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg 1611 +MjAwNyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNVBAMTLUdl 1612 +b1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjB2MBAGByqGSM49AgEG 1613 +BSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcLSo17VDs6bl8VAsBQps8lL33KSLjHUGMc 1614 +KiEIfJo22Av+0SbFWDEwKCXzXV2juLaltJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYD 1615 +VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+ 1616 +EVXVMAoGCCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGTqQ7m 1617 +ndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBuczrD6ogRLQy7rQkgu2 1618 +npaqBA+K 1619 +-----END CERTIFICATE----- 1620 + 1621 +VeriSign Universal Root Certification Authority 1622 +=============================================== 1623 +-----BEGIN CERTIFICATE----- 1624 +MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCBvTELMAkGA1UE 1625 +BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO 1626 +ZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVk 1627 +IHVzZSBvbmx5MTgwNgYDVQQDEy9WZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9u 1628 +IEF1dGhvcml0eTAeFw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJV 1629 +UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv 1630 +cmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl 1631 +IG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNhbCBSb290IENlcnRpZmljYXRpb24gQXV0 1632 +aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj 1633 +1mCOkdeQmIN65lgZOIzF9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGP 1634 +MiJhgsWHH26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+HLL72 1635 +9fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN/BMReYTtXlT2NJ8I 1636 +AfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPTrJ9VAMf2CGqUuV/c4DPxhGD5WycR 1637 +tPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0G 1638 +CCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2O 1639 +a8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud 1640 +DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4sAPmLGd75JR3 1641 +Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+seQxIcaBlVZaDrHC1LGmWazx 1642 +Y8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTx 1643 +P/jgdFcrGJ2BtMQo2pSXpXDrrB2+BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+P 1644 +wGZsY6rp2aQW9IHRlRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4 1645 +mJO37M2CYfE45k+XmCpajQ== 1646 +-----END CERTIFICATE----- 1647 + 1648 +VeriSign Class 3 Public Primary Certification Authority - G4 1649 +============================================================ 1650 +-----BEGIN CERTIFICATE----- 1651 +MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjELMAkGA1UEBhMC 1652 +VVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3 1653 +b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVz 1654 +ZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmlj 1655 +YXRpb24gQXV0aG9yaXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjEL 1656 +MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBU 1657 +cnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRo 1658 +b3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5 1659 +IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8 1660 +Utpkmw4tXNherJI9/gHmGUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGz 1661 +rl0Bp3vefLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUwAwEB 1662 +/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEw 1663 +HzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24u 1664 +Y29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMWkf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMD 1665 +A2gAMGUCMGYhDBgmYFo4e1ZC4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIx 1666 +AJw9SDkjOVgaFRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA== 1667 +-----END CERTIFICATE----- 1668 + 1669 +NetLock Arany (Class Gold) Főtanúsítvány 1670 +======================================== 1671 +-----BEGIN CERTIFICATE----- 1672 +MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQGEwJIVTERMA8G 1673 +A1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610 1674 +dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBB 1675 +cmFueSAoQ2xhc3MgR29sZCkgRsWRdGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgx 1676 +MjA2MTUwODIxWjCBpzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxO 1677 +ZXRMb2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlmaWNhdGlv 1678 +biBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbFkXRhbsO6 1679 +c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCRec75LbRTDofTjl5Bu 1680 +0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrTlF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw 1681 +/HpYzY6b7cNGbIRwXdrzAZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAk 1682 +H3B5r9s5VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRGILdw 1683 +fzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2BJtr+UBdADTHLpl1 1684 +neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAGAQH/AgEEMA4GA1UdDwEB/wQEAwIB 1685 +BjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2MU9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwW 1686 +qZw8UQCgwBEIBaeZ5m8BiFRhbvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTta 1687 +YtOUZcTh5m2C+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC 1688 +bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2FuLjbvrW5Kfna 1689 +NwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2XjG4Kvte9nHfRCaexOYNkbQu 1690 +dZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= 1691 +-----END CERTIFICATE----- 1692 + 1693 +Staat der Nederlanden Root CA - G2 1694 +================================== 1695 +-----BEGIN CERTIFICATE----- 1696 +MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJOTDEeMBwGA1UE 1697 +CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFhdCBkZXIgTmVkZXJsYW5kZW4g 1698 +Um9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oXDTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMC 1699 +TkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5l 1700 +ZGVybGFuZGVuIFJvb3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ 1701 +5291qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8SpuOUfiUtn 1702 +vWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPUZ5uW6M7XxgpT0GtJlvOj 1703 +CwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvEpMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiil 1704 +e7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCR 1705 +OME4HYYEhLoaJXhena/MUGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpI 1706 +CT0ugpTNGmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy5V65 1707 +48r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv6q012iDTiIJh8BIi 1708 +trzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEKeN5KzlW/HdXZt1bv8Hb/C3m1r737 1709 +qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMB 1710 +AAGjgZcwgZQwDwYDVR0TAQH/BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcC 1711 +ARYxaHR0cDovL3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV 1712 +HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqGSIb3DQEBCwUA 1713 +A4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLySCZa59sCrI2AGeYwRTlHSeYAz 1714 ++51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwj 1715 +f/ST7ZwaUb7dRUG/kSS0H4zpX897IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaN 1716 +kqbG9AclVMwWVxJKgnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfk 1717 +CpYL+63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxLvJxxcypF 1718 +URmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkmbEgeqmiSBeGCc1qb3Adb 1719 +CG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvkN1trSt8sV4pAWja63XVECDdCcAz+3F4h 1720 +oKOKwJCcaNpQ5kUQR3i2TtJlycM33+FCY7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoV 1721 +IPVVYpbtbZNQvOSqeK3Zywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm 1722 +66+KAQ== 1723 +-----END CERTIFICATE----- 1724 + 1725 +Hongkong Post Root CA 1 1726 +======================= 1727 +-----BEGIN CERTIFICATE----- 1728 +MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsxFjAUBgNVBAoT 1729 +DUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAxMB4XDTAzMDUx 1730 +NTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkGA1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25n 1731 +IFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEF 1732 +AAOCAQ8AMIIBCgKCAQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1 1733 +ApzQjVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEnPzlTCeqr 1734 +auh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjhZY4bXSNmO7ilMlHIhqqh 1735 +qZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9nnV0ttgCXjqQesBCNnLsak3c78QA3xMY 1736 +V18meMjWCnl3v/evt3a5pQuEF10Q6m/hq5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNV 1737 +HRMBAf8ECDAGAQH/AgEDMA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7i 1738 +h9legYsCmEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI37pio 1739 +l7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clBoiMBdDhViw+5Lmei 1740 +IAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJsEhTkYY2sEJCehFC78JZvRZ+K88ps 1741 +T/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpOfMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilT 1742 +c4afU9hDDl3WY4JxHYB0yvbiAmvZWg== 1743 +-----END CERTIFICATE----- 1744 + 1745 +SecureSign RootCA11 1746 +=================== 1747 +-----BEGIN CERTIFICATE----- 1748 +MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDErMCkGA1UEChMi 1749 +SmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoGA1UEAxMTU2VjdXJlU2lnbiBS 1750 +b290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSsw 1751 +KQYDVQQKEyJKYXBhbiBDZXJ0aWZpY2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1 1752 +cmVTaWduIFJvb3RDQTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvL 1753 +TJszi1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8h9uuywGO 1754 +wvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOVMdrAG/LuYpmGYz+/3ZMq 1755 +g6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rP 1756 +O7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitA 1757 +bpSACW22s293bzUIUPsCh8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZX 1758 +t94wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAKCh 1759 +OBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xmKbabfSVSSUOrTC4r 1760 +bnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQX5Ucv+2rIrVls4W6ng+4reV6G4pQ 1761 +Oh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWrQbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01 1762 +y8hSyn+B/tlr0/cR7SXf+Of5pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061 1763 +lgeLKBObjBmNQSdJQO7e5iNEOdyhIta6A/I= 1764 +-----END CERTIFICATE----- 1765 + 1766 +ACEDICOM Root 1767 +============= 1768 +-----BEGIN CERTIFICATE----- 1769 +MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UEAwwNQUNFRElD 1770 +T00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00xCzAJBgNVBAYTAkVTMB4XDTA4 1771 +MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEWMBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoG 1772 +A1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEF 1773 +AAOCAg8AMIICCgKCAgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHk 1774 +WLn709gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7XBZXehuD 1775 +YAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5PGrjm6gSSrj0RuVFCPYew 1776 +MYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAKt0SdE3QrwqXrIhWYENiLxQSfHY9g5QYb 1777 +m8+5eaA9oiM/Qj9r+hwDezCNzmzAv+YbX79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbk 1778 +HQl/Sog4P75n/TSW9R28MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTT 1779 +xKJxqvQUfecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI2Sf2 1780 +3EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyHK9caUPgn6C9D4zq9 1781 +2Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEaeZAwUswdbxcJzbPEHXEUkFDWug/Fq 1782 +TYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz 1783 +4SsrSbbXc6GqlPUB53NlTKxQMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU 1784 +9QHnc2VMrFAwRAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv 1785 +bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWImfQwng4/F9tqg 1786 +aHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3gvoFNTPhNahXwOf9jU8/kzJP 1787 +eGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKeI6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1Pwk 1788 +zQSulgUV1qzOMPPKC8W64iLgpq0i5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1 1789 +ThCojz2GuHURwCRiipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oI 1790 +KiMnMCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZo5NjEFIq 1791 +nxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6zqylfDJKZ0DcMDQj3dcE 1792 +I2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacNGHk0vFQYXlPKNFHtRQrmjseCNj6nOGOp 1793 +MCwXEGCSn1WHElkQwg9naRHMTh5+Spqtr0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3o 1794 +tkYNbn5XOmeUwssfnHdKZ05phkOTOPu220+DkdRgfks+KzgHVZhepA== 1795 +-----END CERTIFICATE----- 1796 + 1797 +Microsec e-Szigno Root CA 2009 1798 +============================== 1799 +-----BEGIN CERTIFICATE----- 1800 +MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYDVQQGEwJIVTER 1801 +MA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jv 1802 +c2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o 1803 +dTAeFw0wOTA2MTYxMTMwMThaFw0yOTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UE 1804 +BwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUt 1805 +U3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTCCASIw 1806 +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvPkd6mJviZpWNwrZuuyjNA 1807 +fW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tccbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG 1808 +0IMZfcChEhyVbUr02MelTTMuhTlAdX4UfIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKA 1809 +pxn1ntxVUwOXewdI/5n7N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm 1810 +1HxdrtbCxkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1+rUC 1811 +AwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTLD8bf 1812 +QkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAbBgNVHREE 1813 +FDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqGSIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0o 1814 +lZMEyL/azXm4Q5DwpL7v8u8hmLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfX 1815 +I/OMn74dseGkddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 1816 +tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c2Pm2G2JwCz02 1817 +yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5tHMN1Rq41Bab2XD0h7lbwyYIi 1818 +LXpUq3DDfSJlgnCW 1819 +-----END CERTIFICATE----- 1820 + 1821 +GlobalSign Root CA - R3 1822 +======================= 1823 +-----BEGIN CERTIFICATE----- 1824 +MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4GA1UECxMXR2xv 1825 +YmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2Jh 1826 +bFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxT 1827 +aWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2ln 1828 +bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWt 1829 +iHL8RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsTgHeMCOFJ 1830 +0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmmKPZpO/bLyCiR5Z2KYVc3 1831 +rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zdQQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjl 1832 +OCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZXriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2 1833 +xmmFghcCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE 1834 +FI/wS3+oLkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZURUm7 1835 +lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMpjjM5RcOO5LlXbKr8 1836 +EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK6fBdRoyV3XpYKBovHd7NADdBj+1E 1837 +bddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQXmcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18 1838 +YIvDQVETI53O9zJrlAGomecsMx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7r 1839 +kpeDMdmztcpHWD9f 1840 +-----END CERTIFICATE----- 1841 + 1842 +Autoridad de Certificacion Firmaprofesional CIF A62634068 1843 +========================================================= 1844 +-----BEGIN CERTIFICATE----- 1845 +MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UEBhMCRVMxQjBA 1846 +BgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2 1847 +MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEyMzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIw 1848 +QAYDVQQDDDlBdXRvcmlkYWQgZGUgQ2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBB 1849 +NjI2MzQwNjgwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDD 1850 +Utd9thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQMcas9UX4P 1851 +B99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefGL9ItWY16Ck6WaVICqjaY 1852 +7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15iNA9wBj4gGFrO93IbJWyTdBSTo3OxDqqH 1853 +ECNZXyAFGUftaI6SEspd/NYrspI8IM/hX68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyI 1854 +plD9amML9ZMWGxmPsu2bm8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctX 1855 +MbScyJCyZ/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirjaEbsX 1856 +LZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/TKI8xWVvTyQKmtFLK 1857 +bpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF6NkBiDkal4ZkQdU7hwxu+g/GvUgU 1858 +vzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVhOSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1Ud 1859 +EwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNH 1860 +DhpkLzCBpgYDVR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp 1861 +cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBvACAAZABlACAA 1862 +bABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBlAGwAbwBuAGEAIAAwADgAMAAx 1863 +ADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx 1864 +51tkljYyGOylMnfX40S2wBEqgLk9am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qk 1865 +R71kMrv2JYSiJ0L1ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaP 1866 +T481PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS3a/DTg4f 1867 +Jl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5kSeTy36LssUzAKh3ntLFl 1868 +osS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF3dvd6qJ2gHN99ZwExEWN57kci57q13XR 1869 +crHedUTnQn3iV2t93Jm8PYMo6oCTjcVMZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoR 1870 +saS8I8nkvof/uZS2+F0gStRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTD 1871 +KCOM/iczQ0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQBjLMi 1872 +6Et8Vcad+qMUu2WFbm5PEn4KPJ2V 1873 +-----END CERTIFICATE----- 1874 + 1875 +Izenpe.com 1876 +========== 1877 +-----BEGIN CERTIFICATE----- 1878 +MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4MQswCQYDVQQG 1879 +EwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5jb20wHhcNMDcxMjEz 1880 +MTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMu 1881 +QS4xEzARBgNVBAMMCkl6ZW5wZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ 1882 +03rKDx6sp4boFmVqscIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAK 1883 +ClaOxdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6HLmYRY2xU 1884 ++zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFXuaOKmMPsOzTFlUFpfnXC 1885 +PCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQDyCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxT 1886 +OTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbK 1887 +F7jJeodWLBoBHmy+E60QrLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK 1888 +0GqfvEyNBjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8Lhij+ 1889 +0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIBQFqNeb+Lz0vPqhbB 1890 +leStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+HMh3/1uaD7euBUbl8agW7EekFwID 1891 +AQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2luZm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+ 1892 +SVpFTlBFIFMuQS4gLSBDSUYgQTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBG 1893 +NjIgUzgxQzBBBgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx 1894 +MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O 1895 +BBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUAA4ICAQB4pgwWSp9MiDrAyw6l 1896 +Fn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWblaQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbga 1897 +kEyrkgPH7UIBzg/YsfqikuFgba56awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8q 1898 +hT/AQKM6WfxZSzwoJNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Cs 1899 +g1lwLDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCTVyvehQP5 1900 +aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGkLhObNA5me0mrZJfQRsN5 1901 +nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJbUjWumDqtujWTI6cfSN01RpiyEGjkpTHC 1902 +ClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZo 1903 +Q0iy2+tzJOeRf1SktoA+naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1Z 1904 +WrOZyGlsQyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== 1905 +-----END CERTIFICATE----- 1906 + 1907 +Chambers of Commerce Root - 2008 1908 +================================ 1909 +-----BEGIN CERTIFICATE----- 1910 +MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYDVQQGEwJFVTFD 1911 +MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNv 1912 +bS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMu 1913 +QS4xKTAnBgNVBAMTIENoYW1iZXJzIG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEy 1914 +Mjk1MFoXDTM4MDczMTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNl 1915 +ZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQF 1916 +EwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJl 1917 +cnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC 1918 +AQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW928sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKA 1919 +XuFixrYp4YFs8r/lfTJqVKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorj 1920 +h40G072QDuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR5gN/ 1921 +ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfLZEFHcpOrUMPrCXZk 1922 +NNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05aSd+pZgvMPMZ4fKecHePOjlO+Bd5g 1923 +D2vlGts/4+EhySnB8esHnFIbAURRPHsl18TlUlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331 1924 +lubKgdaX8ZSD6e2wsWsSaR6s+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ 1925 +0wlf2eOKNcx5Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj 1926 +ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAxhduub+84Mxh2 1927 +EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNVHQ4EFgQU+SSsD7K1+HnA+mCI 1928 +G8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJ 1929 +BgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNh 1930 +bWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENh 1931 +bWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDiC 1932 +CQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUH 1933 +AgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAJASryI1 1934 +wqM58C7e6bXpeHxIvj99RZJe6dqxGfwWPJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH 1935 +3qLPaYRgM+gQDROpI9CF5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbU 1936 +RWpGqOt1glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaHFoI6 1937 +M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2pSB7+R5KBWIBpih1 1938 +YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MDxvbxrN8y8NmBGuScvfaAFPDRLLmF 1939 +9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QGtjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcK 1940 +zBIKinmwPQN/aUv0NCB9szTqjktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvG 1941 +nrDQWzilm1DefhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg 1942 +OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZd0jQ 1943 +-----END CERTIFICATE----- 1944 + 1945 +Global Chambersign Root - 2008 1946 +============================== 1947 +-----BEGIN CERTIFICATE----- 1948 +MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYDVQQGEwJFVTFD 1949 +MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNv 1950 +bS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMu 1951 +QS4xJzAlBgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMx 1952 +NDBaFw0zODA3MzExMjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUg 1953 +Y3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJ 1954 +QTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD 1955 +aGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMDf 1956 +VtPkOpt2RbQT2//BthmLN0EYlVJH6xedKYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXf 1957 +XjaOcNFccUMd2drvXNL7G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0 1958 +ZJJ0YPP2zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4ddPB 1959 +/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyGHoiMvvKRhI9lNNgA 1960 +TH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2Id3UwD2ln58fQ1DJu7xsepeY7s2M 1961 +H/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3VyJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfe 1962 +Ox2YItaswTXbo6Al/3K1dh3ebeksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSF 1963 +HTynyQbehP9r6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh 1964 +wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsogzCtLkykPAgMB 1965 +AAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQWBBS5CcqcHtvTbDprru1U8VuT 1966 +BjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDprru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UE 1967 +BhMCRVUxQzBBBgNVBAcTOk1hZHJpZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJm 1968 +aXJtYS5jb20vYWRkcmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJm 1969 +aXJtYSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiCCQDJzdPp 1970 +1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0 1971 +dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAICIf3DekijZBZRG 1972 +/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZUohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6 1973 +ReAJ3spED8IXDneRRXozX1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/s 1974 +dZ7LoR/xfxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVza2Mg 1975 +9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yydYhz2rXzdpjEetrHH 1976 +foUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMdSqlapskD7+3056huirRXhOukP9Du 1977 +qqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9OAP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETr 1978 +P3iZ8ntxPjzxmKfFGBI/5rsoM0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVq 1979 +c5iJWzouE4gev8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z 1980 +09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B 1981 +-----END CERTIFICATE----- 1982 + 1983 +Go Daddy Root Certificate Authority - G2 1984 +======================================== 1985 +-----BEGIN CERTIFICATE----- 1986 +MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT 1987 +B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMu 1988 +MTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 1989 +MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 1990 +b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8G 1991 +A1UEAxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI 1992 +hvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKDE6bFIEMBO4Tx5oVJnyfq 1993 +9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD 1994 ++qK+ihVqf94Lw7YZFAXK6sOoBJQ7RnwyDfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutd 1995 +fMh8+7ArU6SSYmlRJQVhGkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMl 1996 +NAJWJwGRtDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEAAaNC 1997 +MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDqahQcQZyi27/a9 1998 +BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmXWWcDYfF+OwYxdS2hII5PZYe096ac 1999 +vNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r 2000 +5N9ss4UXnT3ZJE95kTXWXwTrgIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYV 2001 +N8Gb5DKj7Tjo2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO 2002 +LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI4uJEvlz36hz1 2003 +-----END CERTIFICATE----- 2004 + 2005 +Starfield Root Certificate Authority - G2 2006 +========================================= 2007 +-----BEGIN CERTIFICATE----- 2008 +MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT 2009 +B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9s 2010 +b2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVsZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0 2011 +eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAw 2012 +DgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQg 2013 +VGVjaG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZpY2F0ZSBB 2014 +dXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3twQP89o/8ArFv 2015 +W59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMgnLRJdzIpVv257IzdIvpy3Cdhl+72WoTs 2016 +bhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNk 2017 +N3mSwOxGXn/hbVNMYq/NHwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7Nf 2018 +ZTD4p7dNdloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0HZbU 2019 +JtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC 2020 +AQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0GCSqGSIb3DQEBCwUAA4IBAQARWfol 2021 +TwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjUsHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx 2022 +4mcujJUDJi5DnUox9g61DLu34jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUw 2023 +F5okxBDgBPfg8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K 2024 +pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1mMpYjn0q7pBZ 2025 +c2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 2026 +-----END CERTIFICATE----- 2027 + 2028 +Starfield Services Root Certificate Authority - G2 2029 +================================================== 2030 +-----BEGIN CERTIFICATE----- 2031 +MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT 2032 +B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9s 2033 +b2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRl 2034 +IEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNV 2035 +BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxT 2036 +dGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2VydmljZXMg 2037 +Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC 2038 +AQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20pOsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2 2039 +h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm28xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4Pa 2040 +hHQUw2eeBGg6345AWh1KTs9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLP 2041 +LJGmpufehRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk6mFB 2042 +rMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAwDwYDVR0TAQH/BAUw 2043 +AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMA0GCSqG 2044 +SIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMIbw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPP 2045 +E95Dz+I0swSdHynVv/heyNXBve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTy 2046 +xQGjhdByPq1zqwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd 2047 +iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn0q23KXB56jza 2048 +YyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCNsSi6 2049 +-----END CERTIFICATE----- 2050 + 2051 +AffirmTrust Commercial 2052 +====================== 2053 +-----BEGIN CERTIFICATE----- 2054 +MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UEBhMCVVMxFDAS 2055 +BgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBDb21tZXJjaWFsMB4XDTEw 2056 +MDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmly 2057 +bVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEF 2058 +AAOCAQ8AMIIBCgKCAQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6Eqdb 2059 +DuKPHx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yrba0F8PrV 2060 +C8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPALMeIrJmqbTFeurCA+ukV6 2061 +BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1yHp52UKqK39c/s4mT6NmgTWvRLpUHhww 2062 +MmWd5jyTXlBOeuM61G7MGvv50jeuJCqrVwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNV 2063 +HQ4EFgQUnZPGU4teyq8/nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC 2064 +AQYwDQYJKoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYGXUPG 2065 +hi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNjvbz4YYCanrHOQnDi 2066 +qX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivtZ8SOyUOyXGsViQK8YvxO8rUzqrJv 2067 +0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9gN53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0kh 2068 +sUlHRUe072o0EclNmsxZt9YCnlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= 2069 +-----END CERTIFICATE----- 2070 + 2071 +AffirmTrust Networking 2072 +====================== 2073 +-----BEGIN CERTIFICATE----- 2074 +MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UEBhMCVVMxFDAS 2075 +BgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBOZXR3b3JraW5nMB4XDTEw 2076 +MDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmly 2077 +bVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEF 2078 +AAOCAQ8AMIIBCgKCAQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SE 2079 +Hi3yYJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbuakCNrmreI 2080 +dIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRLQESxG9fhwoXA3hA/Pe24 2081 +/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gb 2082 +h+0t+nvujArjqWaJGctB+d1ENmHP4ndGyH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNV 2083 +HQ4EFgQUBx/S55zawm6iQLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC 2084 +AQYwDQYJKoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfOtDIu 2085 +UFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzuQY0x2+c06lkh1QF6 2086 +12S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZLgo/bNjR9eUJtGxUAArgFU2HdW23 2087 +WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4uolu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9 2088 +/ZFvgrG+CJPbFEfxojfHRZ48x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= 2089 +-----END CERTIFICATE----- 2090 + 2091 +AffirmTrust Premium 2092 +=================== 2093 +-----BEGIN CERTIFICATE----- 2094 +MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UEBhMCVVMxFDAS 2095 +BgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVzdCBQcmVtaXVtMB4XDTEwMDEy 2096 +OTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRy 2097 +dXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A 2098 +MIICCgKCAgEAxBLfqV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtn 2099 +BKAQJG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ+jjeRFcV 2100 +5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrSs8PhaJyJ+HoAVt70VZVs 2101 ++7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmd 2102 +GPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d770O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5R 2103 +p9EixAqnOEhss/n/fauGV+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NI 2104 +S+LI+H+SqHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S5u04 2105 +6uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4IaC1nEWTJ3s7xgaVY5 2106 +/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TXOwF0lkLgAOIua+rF7nKsu7/+6qqo 2107 ++Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYEFJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB 2108 +/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByv 2109 +MiPIs0laUZx2KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg 2110 +Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B8OWycvpEgjNC 2111 +6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQMKSOyARiqcTtNd56l+0OOF6S 2112 +L5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK 2113 ++4w1IX2COPKpVJEZNZOUbWo6xbLQu4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmV 2114 +BtWVyuEklut89pMFu+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFg 2115 +IxpHYoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8GKa1qF60 2116 +g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaORtGdFNrHF+QFlozEJLUb 2117 +zxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6eKeC2uAloGRwYQw== 2118 +-----END CERTIFICATE----- 2119 + 2120 +AffirmTrust Premium ECC 2121 +======================= 2122 +-----BEGIN CERTIFICATE----- 2123 +MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMCVVMxFDASBgNV 2124 +BAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQcmVtaXVtIEVDQzAeFw0xMDAx 2125 +MjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1U 2126 +cnVzdDEgMB4GA1UEAwwXQWZmaXJtVHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQA 2127 +IgNiAAQNMF4bFZ0D0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQ 2128 +N8O9ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0GA1UdDgQW 2129 +BBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAK 2130 +BggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/VsaobgxCd05DhT1wV/GzTjxi+zygk8N53X 2131 +57hG8f2h4nECMEJZh0PUUd+60wkyWs6Iflc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKM 2132 +eQ== 2133 +-----END CERTIFICATE----- 2134 + 2135 +Certum Trusted Network CA 2136 +========================= 2137 +-----BEGIN CERTIFICATE----- 2138 +MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBMMSIwIAYDVQQK 2139 +ExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlv 2140 +biBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBUcnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIy 2141 +MTIwNzM3WhcNMjkxMjMxMTIwNzM3WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBU 2142 +ZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 2143 +MSIwIAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC 2144 +AQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rHUV+rpDKmYYe2bg+G0jAC 2145 +l/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LMTXPb865Px1bVWqeWifrzq2jUI4ZZJ88J 2146 +J7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVUBBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4 2147 +fOQtf/WsX+sWn7Et0brMkUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0 2148 +cvW0QM8xAcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNVHRMB 2149 +Af8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNVHQ8BAf8EBAMCAQYw 2150 +DQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15ysHhE49wcrwn9I0j6vSrEuVUEtRCj 2151 +jSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfLI9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1 2152 +mS1FhIrlQgnXdAIv94nYmem8J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5aj 2153 +Zt3hrvJBW8qYVoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI 2154 +03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= 2155 +-----END CERTIFICATE----- 2156 + 2157 +Certinomis - Autorité Racine 2158 +============================ 2159 +-----BEGIN CERTIFICATE----- 2160 +MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjETMBEGA1UEChMK 2161 +Q2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAkBgNVBAMMHUNlcnRpbm9taXMg 2162 +LSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkG 2163 +A1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYw 2164 +JAYDVQQDDB1DZXJ0aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQAD 2165 +ggIPADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jYF1AMnmHa 2166 +wE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N8y4oH3DfVS9O7cdxbwly 2167 +Lu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWerP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw 2168 +2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92N 2169 +jMD2AR5vpTESOH2VwnHu7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9q 2170 +c1pkIuVC28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6lSTC 2171 +lrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1Enn1So2+WLhl+HPNb 2172 +xxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB0iSVL1N6aaLwD4ZFjliCK0wi1F6g 2173 +530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql095gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna 2174 +4NH4+ej9Uji29YnfAgMBAAGjWzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G 2175 +A1UdDgQWBBQNjLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ 2176 +KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9sov3/4gbIOZ/x 2177 +WqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZMOH8oMDX/nyNTt7buFHAAQCva 2178 +R6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40 2179 +nJ+U8/aGH88bc62UeYdocMMzpXDn2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1B 2180 +CxMjidPJC+iKunqjo3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjv 2181 +JL1vnxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG5ERQL1TE 2182 +qkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWqpdEdnV1j6CTmNhTih60b 2183 +WfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZbdsLLO7XSAPCjDuGtbkD326C00EauFddE 2184 +wk01+dIL8hf2rGbVJLJP0RyZwG71fet0BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/ 2185 +vgt2Fl43N+bYdJeimUV5 2186 +-----END CERTIFICATE----- 2187 + 2188 +TWCA Root Certification Authority 2189 +================================= 2190 +-----BEGIN CERTIFICATE----- 2191 +MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJ 2192 +VEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlmaWNh 2193 +dGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMzWhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQG 2194 +EwJUVzESMBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NB 2195 +IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK 2196 +AoIBAQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFEAcK0HMMx 2197 +QhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HHK3XLfJ+utdGdIzdjp9xC 2198 +oi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeXRfwZVzsrb+RH9JlF/h3x+JejiB03HFyP 2199 +4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/zrX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1r 2200 +y+UPizgN7gr8/g+YnzAx3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIB 2201 +BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkqhkiG 2202 +9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeCMErJk/9q56YAf4lC 2203 +mtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdlsXebQ79NqZp4VKIV66IIArB6nCWlW 2204 +QtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62Dlhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVY 2205 +T0bf+215WfKEIlKuD8z7fDvnaspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocny 2206 +Yh0igzyXxfkZYiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== 2207 +-----END CERTIFICATE----- 2208 + 2209 +Security Communication RootCA2 2210 +============================== 2211 +-----BEGIN CERTIFICATE----- 2212 +MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDElMCMGA1UEChMc 2213 +U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNh 2214 +dGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoXDTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMC 2215 +SlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3Vy 2216 +aXR5IENvbW11bmljYXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB 2217 +ANAVOVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGrzbl+dp++ 2218 ++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVMVAX3NuRFg3sUZdbcDE3R 2219 +3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQhNBqyjoGADdH5H5XTz+L62e4iKrFvlNV 2220 +spHEfbmwhRkGeC7bYRr6hfVKkaHnFtWOojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1K 2221 +EOtOghY6rCcMU/Gt1SSwawNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8 2222 +QIH4D5csOPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB 2223 +CwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpFcoJxDjrSzG+ntKEj 2224 +u/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXcokgfGT+Ok+vx+hfuzU7jBBJV1uXk 2225 +3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6q 2226 +tnRGEmyR7jTV7JqR50S+kDFy1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29 2227 +mvVXIwAHIRc/SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 2228 +-----END CERTIFICATE----- 2229 + 2230 +EC-ACC 2231 +====== 2232 +-----BEGIN CERTIFICATE----- 2233 +MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB8zELMAkGA1UE 2234 +BhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2VydGlmaWNhY2lvIChOSUYgUS0w 2235 +ODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYD 2236 +VQQLEyxWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UE 2237 +CxMsSmVyYXJxdWlhIEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMT 2238 +BkVDLUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQGEwJFUzE7 2239 +MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8gKE5JRiBRLTA4MDExNzYt 2240 +SSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZl 2241 +Z2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQubmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJh 2242 +cnF1aWEgRW50aXRhdHMgZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUND 2243 +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R85iK 2244 +w5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm4CgPukLjbo73FCeT 2245 +ae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaVHMf5NLWUhdWZXqBIoH7nF2W4onW4 2246 +HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNdQlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0a 2247 +E9jD2z3Il3rucO2n5nzbcc8tlGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw 2248 +0JDnJwIDAQABo4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E 2249 +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4opvpXY0wfwYD 2250 +VR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBodHRwczovL3d3dy5jYXRjZXJ0 2251 +Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5l 2252 +dC92ZXJhcnJlbCAwDQYJKoZIhvcNAQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJ 2253 +lF7W2u++AVtd0x7Y/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNa 2254 +Al6kSBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhyRp/7SNVe 2255 +l+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOSAgu+TGbrIP65y7WZf+a2 2256 +E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xlnJ2lYJU6Un/10asIbvPuW/mIPX64b24D 2257 +5EI= 2258 +-----END CERTIFICATE----- 2259 + 2260 +Hellenic Academic and Research Institutions RootCA 2011 2261 +======================================================= 2262 +-----BEGIN CERTIFICATE----- 2263 +MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1IxRDBCBgNVBAoT 2264 +O0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9y 2265 +aXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25z 2266 +IFJvb3RDQSAyMDExMB4XDTExMTIwNjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYT 2267 +AkdSMUQwQgYDVQQKEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25z 2268 +IENlcnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNo 2269 +IEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB 2270 +AKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPzdYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI 2271 +1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJfel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa 2272 +71HFK9+WXesyHgLacEnsbgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u 2273 +8yBRQlqD75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSPFEDH 2274 +3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNVHRMBAf8EBTADAQH/ 2275 +MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp5dgTBCPuQSUwRwYDVR0eBEAwPqA8 2276 +MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQub3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQu 2277 +b3JnMA0GCSqGSIb3DQEBBQUAA4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVt 2278 +XdMiKahsog2p6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 2279 +TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7dIsXRSZMFpGD 2280 +/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8AcysNnq/onN694/BtZqhFLKPM58N 2281 +7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXIl7WdmplNsDz4SgCbZN2fOUvRJ9e4 2282 +-----END CERTIFICATE----- 2283 + 2284 +Actalis Authentication Root CA 2285 +============================== 2286 +-----BEGIN CERTIFICATE----- 2287 +MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCSVQxDjAM 2288 +BgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzEnMCUGA1UE 2289 +AwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDky 2290 +MjExMjIwMlowazELMAkGA1UEBhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlz 2291 +IFMucC5BLi8wMzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 2292 +IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNvUTufClrJ 2293 +wkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX4ay8IMKx4INRimlNAJZa 2294 +by/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9KK3giq0itFZljoZUj5NDKd45RnijMCO6 2295 +zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1f 2296 +YVEiVRvjRuPjPdA1YprbrxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2 2297 +oxgkg4YQ51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2Fbe8l 2298 +EfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxeKF+w6D9Fz8+vm2/7 2299 +hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4Fv6MGn8i1zeQf1xcGDXqVdFUNaBr8 2300 +EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbnfpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5 2301 +jF66CyCU3nuDuP/jVo23Eek7jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLY 2302 +iDrIn3hm7YnzezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt 2303 +ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQALe3KHwGCmSUyI 2304 +WOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70jsNjLiNmsGe+b7bAEzlgqqI0 2305 +JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDzWochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKx 2306 +K3JCaKygvU5a2hi/a5iB0P2avl4VSM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+ 2307 +Xlff1ANATIGk0k9jpwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC 2308 +4yyXX04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+OkfcvHlXHo 2309 +2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7RK4X9p2jIugErsWx0Hbhz 2310 +lefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btUZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXem 2311 +OR/qnuOf0GZvBeyqdn6/axag67XH/JJULysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9 2312 +vwGYT7JZVEc+NHt4bVaTLnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== 2313 +-----END CERTIFICATE----- 2314 + 2315 +Trustis FPS Root CA 2316 +=================== 2317 +-----BEGIN CERTIFICATE----- 2318 +MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQG 2319 +EwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQLExNUcnVzdGlzIEZQUyBSb290 2320 +IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTExMzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNV 2321 +BAoTD1RydXN0aXMgTGltaXRlZDEcMBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJ 2322 +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQ 2323 +RUN+AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihHiTHcDnlk 2324 +H5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjjvSkCqPoc4Vu5g6hBSLwa 2325 +cY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zt 2326 +o3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlBOrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEA 2327 +AaNTMFEwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAd 2328 +BgNVHQ4EFgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01GX2c 2329 +GE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmWzaD+vkAMXBJV+JOC 2330 +yinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP41BIy+Q7DsdwyhEQsb8tGD+pmQQ9P 2331 +8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZEf1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHV 2332 +l/9D7S3B2l0pKoU/rGXuhg8FjZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYl 2333 +iB6XzCGcKQENZetX2fNXlrtIzYE= 2334 +-----END CERTIFICATE----- 2335 + 2336 +StartCom Certification Authority 2337 +================================ 2338 +-----BEGIN CERTIFICATE----- 2339 +MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMN 2340 +U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu 2341 +ZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0 2342 +NjM3WhcNMzYwOTE3MTk0NjM2WjB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRk 2343 +LjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMg 2344 +U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw 2345 +ggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZkpMyONvg45iPwbm2xPN1y 2346 +o4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rfOQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/ 2347 +Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/CJi/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/d 2348 +eMotHweXMAEtcnn6RtYTKqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt 2349 +2PZE4XNiHzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMMAv+Z 2350 +6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w+2OqqGwaVLRcJXrJ 2351 +osmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/ 2352 +untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVc 2353 +UjyJthkqcwEKDwOzEmDyei+B26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT 2354 +37uMdBNSSwIDAQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD 2355 +VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFulF2mHMMo0aEPQ 2356 +Qa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCCATgwLgYIKwYBBQUHAgEWImh0 2357 +dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu 2358 +c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENv 2359 +bW1lcmNpYWwgKFN0YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0 2360 +aGUgc2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0aWZpY2F0 2361 +aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93d3cuc3RhcnRzc2wuY29t 2362 +L3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBG 2363 +cmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5 2364 +fPGFf59Jb2vKXfuM/gTFwWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWm 2365 +N3PH/UvSTa0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst0OcN 2366 +Org+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNcpRJvkrKTlMeIFw6T 2367 +tn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKlCcWw0bdT82AUuoVpaiF8H3VhFyAX 2368 +e2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVFP0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA 2369 +2MFrLH9ZXF2RsXAiV+uKa0hK1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBs 2370 +HvUwyKMQ5bLmKhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE 2371 +JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ8dCAWZvLMdib 2372 +D4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnmfyWl8kgAwKQB2j8= 2373 +-----END CERTIFICATE----- 2374 + 2375 +StartCom Certification Authority G2 2376 +=================================== 2377 +-----BEGIN CERTIFICATE----- 2378 +MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMN 2379 +U3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg 2380 +RzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UE 2381 +ChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3Jp 2382 +dHkgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8O 2383 +o1XJJZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsDvfOpL9HG 2384 +4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnooD/Uefyf3lLE3PbfHkffi 2385 +Aez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/Q0kGi4xDuFby2X8hQxfqp0iVAXV16iul 2386 +Q5XqFYSdCI0mblWbq9zSOdIxHWDirMxWRST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbs 2387 +O+wmETRIjfaAKxojAuuKHDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8H 2388 +vKTlXcxNnw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM0D4L 2389 +nMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/iUUjXuG+v+E5+M5iS 2390 +FGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9Ha90OrInwMEePnWjFqmveiJdnxMa 2391 +z6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHgTuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8E 2392 +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJ 2393 +KoZIhvcNAQELBQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K 2394 +2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfXUfEpY9Z1zRbk 2395 +J4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl6/2o1PXWT6RbdejF0mCy2wl+ 2396 +JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG 2397 +/+gyRr61M3Z3qAFdlsHB1b6uJcDJHgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTc 2398 +nIhT76IxW1hPkWLIwpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/Xld 2399 +blhYXzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5lIxKVCCIc 2400 +l85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoohdVddLHRDiBYmxOlsGOm 2401 +7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulrso8uBtjRkcfGEvRM/TAXw8HaOFvjqerm 2402 +obp573PYtlNXLfbQ4ddI 2403 +-----END CERTIFICATE----- 2404 + 2405 +Buypass Class 2 Root CA 2406 +======================= 2407 +-----BEGIN CERTIFICATE----- 2408 +MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU 2409 +QnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3MgQ2xhc3MgMiBSb290IENBMB4X 2410 +DTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1owTjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1 2411 +eXBhc3MgQVMtOTgzMTYzMzI3MSAwHgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIw 2412 +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1 2413 +g1Lr6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPVL4O2fuPn 2414 +9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC911K2GScuVr1QGbNgGE41b 2415 +/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHxMlAQTn/0hpPshNOOvEu/XAFOBz3cFIqU 2416 +CqTqc/sLUegTBxj6DvEr0VQVfTzh97QZQmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeff 2417 +awrbD02TTqigzXsu8lkBarcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgI 2418 +zRFo1clrUs3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLiFRhn 2419 +Bkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRSP/TizPJhk9H9Z2vX 2420 +Uq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN9SG9dKpN6nIDSdvHXx1iY8f93ZHs 2421 +M+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxPAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD 2422 +VR0OBBYEFMmAd+BikoL1RpzzuvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF 2423 +AAOCAgEAU18h9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s 2424 +A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3tOluwlN5E40EI 2425 +osHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo+fsicdl9sz1Gv7SEr5AcD48S 2426 +aq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYd 2427 +DnkM/crqJIByw5c/8nerQyIKx+u2DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWD 2428 +LfJ6v9r9jv6ly0UsH8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0 2429 +oyLQI+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK75t98biGC 2430 +wWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h3PFaTWwyI0PurKju7koS 2431 +CTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPzY11aWOIv4x3kqdbQCtCev9eBCfHJxyYN 2432 +rJgWVqA= 2433 +-----END CERTIFICATE----- 2434 + 2435 +Buypass Class 3 Root CA 2436 +======================= 2437 +-----BEGIN CERTIFICATE----- 2438 +MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU 2439 +QnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3MgQ2xhc3MgMyBSb290IENBMB4X 2440 +DTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFowTjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1 2441 +eXBhc3MgQVMtOTgzMTYzMzI3MSAwHgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIw 2442 +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRH 2443 +sJ8YZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3EN3coTRiR 2444 +5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9tznDDgFHmV0ST9tD+leh 2445 +7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX0DJq1l1sDPGzbjniazEuOQAnFN44wOwZ 2446 +ZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH 2447 +2xc519woe2v1n/MuwU8XKhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV 2448 +/afmiSTYzIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvSO1UQ 2449 +RwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D34xFMFbG02SrZvPA 2450 +Xpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgPK9Dx2hzLabjKSWJtyNBjYt1gD1iq 2451 +j6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD 2452 +VR0OBBYEFEe4zf/lb+74suwvTg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF 2453 +AAOCAgEAACAjQTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV 2454 +cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXSIGrs/CIBKM+G 2455 +uIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2HJLw5QY33KbmkJs4j1xrG0aG 2456 +Q0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsaO5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8 2457 +ZORK15FTAaggiG6cX0S5y2CBNOxv033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2 2458 +KSb12tjE8nVhz36udmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz 2459 +6MkEkbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg413OEMXbug 2460 +UZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvDu79leNKGef9JOxqDDPDe 2461 +eOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq4/g7u9xN12TyUb7mqqta6THuBrxzvxNi 2462 +Cp/HuZc= 2463 +-----END CERTIFICATE----- 2464 + 2465 +T-TeleSec GlobalRoot Class 3 2466 +============================ 2467 +-----BEGIN CERTIFICATE----- 2468 +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoM 2469 +IlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBU 2470 +cnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgx 2471 +MDAxMTAyOTU2WhcNMzMxMDAxMjM1OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lz 2472 +dGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBD 2473 +ZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0GCSqGSIb3 2474 +DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN8ELg63iIVl6bmlQdTQyK 2475 +9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/RLyTPWGrTs0NvvAgJ1gORH8EGoel15YU 2476 +NpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZF 2477 +iP0Zf3WHHx+xGwpzJFu5ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W 2478 +0eDrXltMEnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGjQjBA 2479 +MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1A/d2O2GCahKqGFPr 2480 +AyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOyWL6ukK2YJ5f+AbGwUgC4TeQbIXQb 2481 +fsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzT 2482 +ucpH9sry9uetuUg/vBa3wW306gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7h 2483 +P0HHRwA11fXT91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml 2484 +e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4pTpPDpFQUWw== 2485 +-----END CERTIFICATE----- 2486 + 2487 +EE Certification Centre Root CA 2488 +=============================== 2489 +-----BEGIN CERTIFICATE----- 2490 +MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQG 2491 +EwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1czEoMCYGA1UEAwwfRUUgQ2Vy 2492 +dGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYGCSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIw 2493 +MTAxMDMwMTAxMDMwWhgPMjAzMDEyMTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlB 2494 +UyBTZXJ0aWZpdHNlZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRy 2495 +ZSBSb290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IB 2496 +DwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUyeuuOF0+W2Ap7kaJjbMeM 2497 +TC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvObntl8jixwKIy72KyaOBhU8E2lf/slLo2 2498 +rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIwWFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw 2499 +93X2PaRka9ZP585ArQ/dMtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtN 2500 +P2MbRMNE1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYDVR0T 2501 +AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/zQas8fElyalL1BSZ 2502 +MEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEF 2503 +BQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEFBQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+Rj 2504 +xY6hUFaTlrg4wCQiZrxTFGGVv9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqM 2505 +lIpPnTX/dqQGE5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u 2506 +uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIWiAYLtqZLICjU 2507 +3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/vGVCJYMzpJJUPwssd8m92kMfM 2508 +dcGWxZ0= 2509 +-----END CERTIFICATE----- 2510 + 2511 +TURKTRUST Certificate Services Provider Root 2007 2512 +================================================= 2513 +-----BEGIN CERTIFICATE----- 2514 +MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOcUktUUlVTVCBF 2515 +bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGEwJUUjEP 2516 +MA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUg 2517 +QmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4X 2518 +DTA3MTIyNTE4MzcxOVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxl 2519 +a3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMCVFIxDzAN 2520 +BgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp 2521 +bGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7Fni4gKGMpIEFyYWzEsWsgMjAwNzCCASIw 2522 +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9N 2523 +YvDdE3ePYakqtdTyuTFYKTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQv 2524 +KUmi8wUG+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveGHtya 2525 +KhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6PIzdezKKqdfcYbwnT 2526 +rqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M733WB2+Y8a+xwXrXgTW4qhe04MsC 2527 +AwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHkYb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAP 2528 +BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/s 2529 +Px+EnWVUXKgWAkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I 2530 +aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5mxRZNTZPz/OO 2531 +Xl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsaXRik7r4EW5nVcV9VZWRi1aKb 2532 +BFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZqxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAK 2533 +poRq0Tl9 2534 +-----END CERTIFICATE----- 2535 + 2536 +D-TRUST Root Class 3 CA 2 2009 2537 +============================== 2538 +-----BEGIN CERTIFICATE----- 2539 +MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQK 2540 +DAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTAe 2541 +Fw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NThaME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxE 2542 +LVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIw 2543 +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOAD 2544 +ER03UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42tSHKXzlA 2545 +BF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9RySPocq60vFYJfxLLHLGv 2546 +KZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsMlFqVlNpQmvH/pStmMaTJOKDfHR+4CS7z 2547 +p+hnUquVH+BGPtikw8paxTGA6Eian5Rp/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUC 2548 +AwEAAaOCARowggEWMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ 2549 +4PGEMA4GA1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVjdG9y 2550 +eS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUyMENBJTIwMiUyMDIw 2551 +MDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3QwQ6BBoD+G 2552 +PWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAw 2553 +OS5jcmwwDQYJKoZIhvcNAQELBQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm 2554 +2H6NMLVwMeniacfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 2555 +o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4KzCUqNQT4YJEV 2556 +dT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8PIWmawomDeCTmGCufsYkl4ph 2557 +X5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3YJohw1+qRzT65ysCQblrGXnRl11z+o+I= 2558 +-----END CERTIFICATE----- 2559 + 2560 +D-TRUST Root Class 3 CA 2 EV 2009 2561 +================================= 2562 +-----BEGIN CERTIFICATE----- 2563 +MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQK 2564 +DAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAw 2565 +OTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUwNDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQK 2566 +DAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAw 2567 +OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfS 2568 +egpnljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM03TP1YtHh 2569 +zRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6ZqQTMFexgaDbtCHu39b+T 2570 +7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lRp75mpoo6Kr3HGrHhFPC+Oh25z1uxav60 2571 +sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure35 2572 +11H3a6UCAwEAAaOCASQwggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyv 2573 +cop9NteaHNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFwOi8v 2574 +ZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xhc3MlMjAzJTIwQ0El 2575 +MjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRp 2576 +b25saXN0MEagRKBChkBodHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xh 2577 +c3NfM19jYV8yX2V2XzIwMDkuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+ 2578 +PPoeUSbrh/Yp3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 2579 +nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNFCSuGdXzfX2lX 2580 +ANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7naxpeG0ILD5EJt/rDiZE4OJudA 2581 +NCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqXKVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVv 2582 +w9y4AyHqnxbxLFS1 2583 +-----END CERTIFICATE----- 2584 + 2585 +PSCProcert 2586 +========== 2587 +-----BEGIN CERTIFICATE----- 2588 +MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1dG9yaWRhZCBk 2589 +ZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9sYW5vMQswCQYDVQQGEwJWRTEQ 2590 +MA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlzdHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lz 2591 +dGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBl 2592 +cmludGVuZGVuY2lhIGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUw 2593 +IwYJKoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEwMFoXDTIw 2594 +MTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHByb2NlcnQubmV0LnZlMQ8w 2595 +DQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGExKjAoBgNVBAsTIVByb3ZlZWRvciBkZSBD 2596 +ZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZp 2597 +Y2FjaW9uIEVsZWN0cm9uaWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIw 2598 +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo97BVC 2599 +wfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74BCXfgI8Qhd19L3uA 2600 +3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38GieU89RLAu9MLmV+QfI4tL3czkkoh 2601 +RqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmO 2602 +EO8GqQKJ/+MMbpfg353bIdD0PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG2 2603 +0qCZyFSTXai20b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH 2604 +0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/6mnbVSKVUyqU 2605 +td+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1mv6JpIzi4mWCZDlZTOpx+FIyw 2606 +Bm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvp 2607 +r2uKGcfLFFb14dq12fy/czja+eevbqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/ 2608 +AgEBMDcGA1UdEgQwMC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAz 2609 +Ni0wMB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFDgBStuyId 2610 +xuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0b3JpZGFkIGRlIENlcnRp 2611 +ZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xhbm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQH 2612 +EwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5h 2613 +Y2lvbmFsIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5k 2614 +ZW5jaWEgZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkqhkiG 2615 +9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQDAgEGME0GA1UdEQRG 2616 +MESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0wMDAwMDKgGwYFYIZeAgKgEgwQUklG 2617 +LUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEagRKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52 2618 +ZS9sY3IvQ0VSVElGSUNBRE8tUkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNy 2619 +YWl6LnN1c2NlcnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v 2620 +Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsGAQUFBwIBFh5o 2621 +dHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcNAQELBQADggIBACtZ6yKZu4Sq 2622 +T96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmN 2623 +g7+mvTV+LFwxNG9s2/NkAZiqlCxB3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4q 2624 +uxtxj7mkoP3YldmvWb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1 2625 +n8GhHVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHmpHmJWhSn 2626 +FFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXzsOfIt+FTvZLm8wyWuevo 2627 +5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bEqCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq 2628 +3TNWOByyrYDT13K9mmyZY+gAu0F2BbdbmRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5 2629 +poLWccret9W6aAjtmcz9opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3Y 2630 +eMLEYC/HYvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km 2631 +-----END CERTIFICATE----- 2632 + 2633 +China Internet Network Information Center EV Certificates Root 2634 +============================================================== 2635 +-----BEGIN CERTIFICATE----- 2636 +MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCQ04xMjAwBgNV 2637 +BAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyMUcwRQYDVQQDDD5D 2638 +aGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMg 2639 +Um9vdDAeFw0xMDA4MzEwNzExMjVaFw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAG 2640 +A1UECgwpQ2hpbmEgSW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMM 2641 +PkNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRpZmljYXRl 2642 +cyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z7r07eKpkQ0H1UN+U8i6y 2643 +jUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV 2644 +98YPjUesWgbdYavi7NifFy2cyjw1l1VxzUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2H 2645 +klY0bBoQCxfVWhyXWIQ8hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23 2646 +KzhmBsUs4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54ugQEC 2647 +7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oYNJKiyoOCWTAPBgNV 2648 +HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUfHJLOcfA22KlT5uqGDSSosqD 2649 +glkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd5