hilfe mein git ist komisch

etc/dovecot/conf.d/10-plesk-security.conf

@@ -0,0 +1,13 @@
+##
+## Default values for security settings tunable by 
+## pci_compliance_resolver Plesk utility.
+##
+
+# PLEASE DON'T EDIT ANYTHING IN THIS FILE! ANY CHANGES WILL BE LOST ON UPGRADE.
+
+# If 'no', disables the LOGIN command and all other cleartext authentication
+# unless SSL/TLS is used (LOGINDISABLED capability) or the connection is secured.
+# Note that if the remote IP matches the local IP (ie. you're connecting from the same computer),
+# the connection is considered secure and plaintext authentication is allowed.
+# See also ssl=required setting.
+auth_allow_cleartext = yes

etc/dovecot/conf.d/11-plesk-security-ssl.conf

@@ -0,0 +1,7 @@
+ssl_server_dh_file=/opt/psa/etc/dhparams2048.pem
+ssl_min_protocol=TLSv1.2
+ssl_cipher_list=EECDH+AESGCM:EECDH+AESCCM:EECDH+CHACHA20:EECDH+ARIAGCM
+ssl_server_prefer_ciphers=client
+ssl=yes
+ssl_server_cert_file=/etc/dovecot/private/dovecot.pem
+ssl_server_key_file=/etc/dovecot/private/dovecot.pem

etc/dovecot/conf.d/15-plesk-auth.conf

@@ -0,0 +1,28 @@
+##
+## Authentication for Plesk mail users.
+##
+
+# PLEASE DON'T EDIT ANYTHING IN THIS FILE! ANY CHANGES WILL BE LOST ON UPGRADE.
+
+service auth { # applies when blocking=no
+  user =
+  group =
+}
+
+service auth-worker { # applies when blocking=yes
+  user =
+  group =
+}
+
+
+passdb plesk {
+}
+
+sql_driver = sqlite
+sqlite_path = /var/lib/plesk/mail/userdb/userdb.db
+
+userdb sql {
+  query = SELECT quota AS quota_storage_size, 'popuser' AS uid, 'popuser' AS gid, domain_name AS domain FROM mailbox_quota WHERE mailbox_name = '%{user | username}' AND domain_name = '%{user | domain}';
+}
+
+# vim:ts=2 sts=2 sw=2 et:

etc/dovecot/conf.d/20-plesk-quota-warning.conf

@@ -0,0 +1,21 @@
+#ATTENTION!
+#
+#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
+#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
+
+quota user {
+  warning warn-plesk-95-quota {
+    quota_storage_percentage = 95
+    execute quota-warning {
+      args = %{user}
+    }
+  }
+}
+
+service quota-warning {
+    executable = script /usr/lib/plesk-9.0/send-quota-warning
+    user = popuser
+    unix_listener quota-warning {
+        user = popuser
+    }
+}

etc/dovecot/conf.d/90-plesk-sieve.conf

@@ -0,0 +1,41 @@
+##
+## ManageSieve service and Sieve interpreter settings.
+##
+
+# PLEASE DON'T EDIT ANYTHING IN THIS FILE! ANY CHANGES WILL BE LOST ON UPGRADE.
+
+# See example configuration files:
+#   /usr/share/doc/dovecot/example-config/conf.d/20-managesieve.conf
+#   /usr/share/doc/dovecot/example-config/conf.d/90-sieve.conf
+
+protocols {
+  sieve = yes
+}
+
+protocol sieve {
+}
+
+protocol lda {
+  mail_plugins {
+    sieve = yes
+  }
+}
+
+sieve_script plesk {
+  path = ~/sieve
+  active_path = ~/.dovecot.sieve
+}
+
+# ToDo. Horde webmail (Ingo sieve backend) is not aware of RFC 'imap4flags' and
+# 'enotify' extensions. Don't know what we going to do with it
+# I've checked 'notify' and 'imapflags' and dovecot doesn't fails on start,
+# however it doesn't on any random string actually. So likely it just ignores unknown extensions.
+sieve_extensions {
+  enotify = yes
+  imap4flags = yes
+}
+
+# Log format compatible with Plesk statistics collector.
+managesieve_logout_format = "rcvd=%{input}, sent=%{output}"
+
+# vim:ts=2 sts=2 sw=2 et:

etc/dovecot/conf.d/92-plesk-service-anvil.conf

@@ -0,0 +1,8 @@
+#ATTENTION!
+#
+#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
+#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
+
+service anvil {
+    client_limit = 2252
+}

etc/dovecot/conf.d/92-plesk-service-auth.conf

@@ -0,0 +1,8 @@
+#ATTENTION!
+#
+#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
+#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
+
+service auth {
+    client_limit = 2252
+}

etc/dovecot/conf.d/92-plesk-service-imap-login.conf

@@ -0,0 +1,9 @@
+#ATTENTION!
+#
+#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
+#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
+
+service imap-login {
+    service_restart_request_count = 1
+    process_limit = 1024
+}

etc/dovecot/conf.d/92-plesk-service-imap.conf

@@ -0,0 +1,9 @@
+#ATTENTION!
+#
+#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
+#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
+
+service imap {
+    service_restart_request_count = 1
+    process_limit = 1024
+}

etc/dovecot/conf.d/92-plesk-service-pop-login.conf

@@ -0,0 +1,9 @@
+#ATTENTION!
+#
+#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
+#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
+
+service pop3-login {
+    service_restart_request_count = 1
+    process_limit = 1024
+}

etc/dovecot/conf.d/92-plesk-service-pop.conf

@@ -0,0 +1,9 @@
+#ATTENTION!
+#
+#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
+#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
+
+service pop3 {
+    service_restart_request_count = 1
+    process_limit = 1024
+}

etc/dovecot/conf.d/92-plesk-userip_connections.conf

@@ -0,0 +1,6 @@
+#ATTENTION!
+#
+#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
+#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
+
+mail_max_userip_connections = 10

etc/dovecot/dovecot.conf

@@ -0,0 +1,161 @@
+## Dovecot configuration file
+
+# PLEASE DON'T EDIT ANYTHING IN THIS FILE! ANY CHANGES WILL BE LOST ON UPGRADE.
+# Instead add your custom configuration to /etc/dovecot/conf.d/
+# See the end of this file for details on customization.
+
+# See example configuration files in /usr/share/doc/dovecot/example-config/
+# See stock configuration files in /usr/share/doc/plesk-dovecot/dist-config/
+
+# Dovecot storage file format version. It specifies the oldest Dovecot version
+# that must be able to read files written by this Dovecot instance. The
+# intention is that when upgrading Dovecot cluster, this setting is first kept
+# as the old Dovecot version. Once the cluster is fully upgraded to a new
+# version and there is no intention to rollback to the old version anymore,
+# this version number can be increased.
+dovecot_config_version = 2.4.1
+
+# Dovecot storage file format version. It specifies the oldest Dovecot version
+# that must be able to read files written by this Dovecot instance. The
+# intention is that when upgrading Dovecot cluster, this setting is first kept
+# as the old Dovecot version. Once the cluster is fully upgraded to a new
+# version and there is no intention to rollback to the old version anymore,
+# this version number can be increased.
+dovecot_storage_version = 2.4.1
+
+
+# Space separated list of wanted authentication mechanisms.
+# NOTE: See also auth_allow_cleartext setting.
+auth_mechanisms = plain login digest-md5 cram-md5 apop
+
+# Valid UID range should include popuser.
+first_valid_uid = 30
+
+# List of allowed characters in username. "'&" is added here to the default list.
+auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890&.-_@'
+
+# Weak schemas are disabled by default, so we have to enable them.
+auth_allow_weak_schemes = yes
+
+# Plesk Maildirs layout.
+mail_home = /var/qmail/mailnames/%{user | domain | lower}/%{user | username | lower}
+mail_driver = maildir
+mail_path = /var/qmail/mailnames/%{user | domain | lower}/%{user | username | lower}/Maildir
+mailbox_list_utf8 = yes
+
+# Enable Maildir++ quota support.
+mail_plugins {
+  quota = yes
+}
+
+quota user {
+  driver = maildir
+  quota_storage_grace = 0
+}
+
+
+service auth {
+  # Allow userdb lookups for popuser.
+  unix_listener auth-userdb {
+    mode = 0600
+    user = popuser
+    group = popuser
+  }
+}
+
+service stats {
+  unix_listener stats-writer {
+    user = popuser
+  }
+}
+
+# PEM encoded X.509 SSL/TLS certificate and private key.
+ssl_server_cert_file = /etc/dovecot/private/ssl-cert-and-key.pem
+ssl_server_key_file =  /etc/dovecot/private/ssl-cert-and-key.pem
+
+
+# Protocols support.
+
+protocols = imap pop3
+
+protocol imap {
+  mail_plugins {
+    imap_quota = yes
+  }
+}
+
+protocol pop3 {
+  # POP3 UIDL format similar to the one used by Courier-IMAP.
+  pop3_uidl_format = UID%{uid}-%{uidvalidity}
+}
+
+# Applicable workarounds for various client bugs.
+imap_client_workarounds = delay-newmail
+pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
+
+
+# Default private namespace setup compatible with Courier-IMAP.
+
+namespace inbox {
+  separator = .
+  prefix = INBOX.
+  inbox = yes
+
+  mailbox Sent {
+    auto = subscribe # autocreate and autosubscribe the Sent mailbox
+    special_use = \Sent
+  }
+  mailbox Spam {
+    auto = create # autocreate Spam, but don't autosubscribe
+    special_use = \Junk
+  }
+  mailbox Drafts {
+    auto = create
+    special_use = \Drafts
+  }
+  mailbox Trash {
+    auto = create
+    special_use = \Trash
+  }
+}
+
+
+# Logging verbosity and debugging.
+
+# Log unsuccessful authentication attempts and the reasons why they failed.
+#auth_verbose = yes
+
+# In case of password mismatches, log the attempted password. Valid values are
+# no, plain and sha1. sha1 can be useful for detecting brute force password
+# attempts vs. user simply trying the same password over and over again.
+#auth_verbose_passwords = no
+
+# Even more verbose logging for debugging purposes.
+#auth_debug = yes
+
+# In case of password mismatches, log the passwords and used scheme so the
+# problem can be debugged. Enabling this also enables auth_debug.
+#auth_debug_passwords = yes
+
+# Enable mail process debugging. This can help you figure out why Dovecot
+# isn't finding your mails.
+#mail_debug = yes
+
+# Show protocol level SSL errors.
+#verbose_ssl = yes
+
+
+# Log format compatible with Plesk statistics collector.
+mail_log_prefix = "service=%{protocol}, user=%{user}, ip=[%{remote_ip }]. "
+pop3_logout_format = "rcvd=%{input}, sent=%{output}, top=%{top_count}/%{top_bytes}, retr=%{retr_count}/%{retr_bytes}, del=%{deleted_count}/%{deleted_bytes}, size=%{message_bytes}"
+imap_logout_format = "rcvd=%{input}, sent=%{output}"
+
+# Customizable part of configuration gets included below. The filenames are
+# first sorted by their ASCII value and parsed in that order. The 00-prefixes
+# in filenames are intended to make it easier to understand the ordering.
+#
+# Prefixes 10 through 20 and 90 through 95 (inclusive) are reserved for Plesk. 
+# Please do not occupy them or edit files with these prefixes!
+!include conf.d/*.conf
+
+# vim:ts=2 sts=2 sw=2 et:

etc/dovecot/private/dovecot.pem

@@ -0,0 +1,50 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCtuaJBe4w0y48i
+hb5SA5pWeUmg1uqtabsE+MNtQtG6Iev5m/+46v2ugpwLfsuPz9fcCoe+fBbSPyGr
+Ul32f4VcgqggIJ15is3VYaxar4mDgHnwqpSuMdT1DccwWCL52as/yGFg8ge8si/c
+LiIi6NCJJfGhzgRbTz6TtS5+qQoXKYc1b9ltFNjvXHuyhEblJee1wixH9ObpH4Ny
+ymxYnn5IlxCaf5j4Hiwn94XLHapL9dbvL2gU82Sf85wtTFTG6QJaPVXad3SCdMgn
+ddSYNeSXLmRs+QbfT7SdecQAGE/ZgeVAsELv0AF9RY3IjqhtjNhoVht5YQOzpy/P
+SS+7CJ8hAgMBAAECggEAA7MY3eRxUaZiPCzRRwyIZ9oX0bfy9eYDDXvFWGdKaWh/
+lqRyPGo9dFb35xEkaVHWo9MR9Yodp60AUOZZXbqE7OGzzjGYnewJNq+glqqvYtpw
+ilntHjWtpnl0bAK7/bJzZJGONJT56gRoy1Nsjt4SsxGAsxqUtlu2YkmS8a/EkSY8
+VXazVqc84AsTseiUbRPdBtOxTAYEyZ4y13RKPOaF01X/ZDxgJhJKtHny2W1dGUfg
+MY7xXt2OdM434GbsIxDpLZK9awCttDh+SZX8EmCCmUnJ3IC1xdBJ/Lq47s0iY214
+hb+a26s5vbIwY7pj5FbmB4nqiG/X9n60BzofkqIpwQKBgQDlHhPtM9QKGij9ANs0
+OOJbCK8ZIZRwUQmfu42LXuQX9ZfuTNal/8y8KPpJPOrE8MWs0ZElfji4Osdgd5mn
+PQ5L44mC2CY+cS7lHGalsO46U044M+jV7omq1+NjQj7KClbCpT4vpOHHxnwjydfy
+p94SfFkmBfl21Bf908yEzCx14QKBgQDCG8FHdBQwpRhN2oryZTmNBPy4TYVB9z8D
+WJDS+ixbj/d5bxGtke/iXtXscCtnsy4bDWxKHCsAy+2iYLMW08iWyosVEpEwZlXK
+uYW0eX7qTPnXmTeTySXeetfHnFhK8lxO7W/MIWLpnHpaY+nncb8NpyrakkhqNOh3
+zlkIo8LRQQKBgDef+MiC57zYIxFhrtZb5SCi2Bfq3iXylrqQB0pJ7GiguJUjVI2S
+r/sSm8lCH+FWbzeI3YtTvKOFqbgS8Vv358um31DD92z7f54iKg2aCgxhA0GD4Mhn
+lEbFCTCk+aeFoRC6m4Fnr2UYHDV4IJSKCtFEHUSs+KbP0U9Pp3yqMTUhAoGBAL2K
+kqpuTATQQbJMNB/L/m2YsBpcAELQ5uQiiJCrn8LtCu+2KGH/vmmix2vwgEHrsprR
++atIZCmL+Ij1ugsRVK8CKtux3LqRQzcI/+miNe8eqV0BDUcvRN5BwBD3tzPAA6lC
+q0d+VnLdzJAVPmM1LCVt1ifGbhXfghzzDvejyWnBAoGBAONWF61wobm+cvZ/Pnl3
+TT5DLHJYtjzmWhxhzq2afb0k7Vk8qgAFMJCpjKVxfxoUbK2WAV4crmW3FLQnl04E
+1mifCWO/RnslPK4aslUBhCN768UNA8YDJD9vX2t/Exlce8beOsc9Mht2+3fsGbe3
+1vkqyY5aXIhTyR0s7e7PguiL
+-----END PRIVATE KEY-----
+
+-----BEGIN CERTIFICATE-----
+MIIDejCCAmKgAwIBAgIEaNfhvzANBgkqhkiG9w0BAQsFADBjMQswCQYDVQQGEwJD
+SDEVMBMGA1UEBwwMU2NoYWZmaGF1c2VuMQ4wDAYDVQQKDAVQbGVzazEOMAwGA1UE
+AwwFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMB4XDTI1MDky
+NzEzMDgxNVoXDTI2MDkyNzEzMDgxNVowYzELMAkGA1UEBhMCQ0gxFTATBgNVBAcM
+DFNjaGFmZmhhdXNlbjEOMAwGA1UECgwFUGxlc2sxDjAMBgNVBAMMBVBsZXNrMR0w
+GwYJKoZIhvcNAQkBFg5pbmZvQHBsZXNrLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAK25okF7jDTLjyKFvlIDmlZ5SaDW6q1puwT4w21C0boh6/mb
+/7jq/a6CnAt+y4/P19wKh758FtI/IatSXfZ/hVyCqCAgnXmKzdVhrFqviYOAefCq
+lK4x1PUNxzBYIvnZqz/IYWDyB7yyL9wuIiLo0Ikl8aHOBFtPPpO1Ln6pChcphzVv
+2W0U2O9ce7KERuUl57XCLEf05ukfg3LKbFiefkiXEJp/mPgeLCf3hcsdqkv11u8v
+aBTzZJ/znC1MVMbpAlo9Vdp3dIJ0yCd11Jg15JcuZGz5Bt9PtJ15xAAYT9mB5UCw
+Qu/QAX1FjciOqG2M2GhWG3lhA7OnL89JL7sInyECAwEAAaM2MDQwEwYDVR0lBAww
+CgYIKwYBBQUHAwEwHQYDVR0OBBYEFF107ch49jn4v5U0c5wR8FTmwllkMA0GCSqG
+SIb3DQEBCwUAA4IBAQCEsP09rtiXyBo4tGC1JV368VZTyQv2JVXYJyvcttXb1+GT
+Q9cr9MnQW4SUViP5/PDGtCpY/m7J8mLnHbP1Xh3wtDQspKc9SzdNXtvXpQewG2Uq
+y7HMcY9UPTMzWiKG2ULncjR+BtBeoPSKHu8rO/4u8grC9c5eF6lwZ5K7ITthN/GW
+zwrvH+ud5OPcwpk15U0s3NF3+ppCTRMx5FQKBHyfY0yfc9l1MRaG6pxl4HdgXcAw
+aPyZWjuG2UJhnzEOfEbFfDqoWWtvNXRY6J0Ji78pEqMpbvSP8xV7FV+XBhzLsk9k
+Ehs/8md3cEAWex/rRV9ol4zgyOmZ81YOJeCd43+5
+-----END CERTIFICATE-----

etc/dovecot/private/ssl-cert-and-key.pem

@@ -0,0 +1,50 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCtuaJBe4w0y48i
+hb5SA5pWeUmg1uqtabsE+MNtQtG6Iev5m/+46v2ugpwLfsuPz9fcCoe+fBbSPyGr
+Ul32f4VcgqggIJ15is3VYaxar4mDgHnwqpSuMdT1DccwWCL52as/yGFg8ge8si/c
+LiIi6NCJJfGhzgRbTz6TtS5+qQoXKYc1b9ltFNjvXHuyhEblJee1wixH9ObpH4Ny
+ymxYnn5IlxCaf5j4Hiwn94XLHapL9dbvL2gU82Sf85wtTFTG6QJaPVXad3SCdMgn
+ddSYNeSXLmRs+QbfT7SdecQAGE/ZgeVAsELv0AF9RY3IjqhtjNhoVht5YQOzpy/P
+SS+7CJ8hAgMBAAECggEAA7MY3eRxUaZiPCzRRwyIZ9oX0bfy9eYDDXvFWGdKaWh/
+lqRyPGo9dFb35xEkaVHWo9MR9Yodp60AUOZZXbqE7OGzzjGYnewJNq+glqqvYtpw
+ilntHjWtpnl0bAK7/bJzZJGONJT56gRoy1Nsjt4SsxGAsxqUtlu2YkmS8a/EkSY8
+VXazVqc84AsTseiUbRPdBtOxTAYEyZ4y13RKPOaF01X/ZDxgJhJKtHny2W1dGUfg
+MY7xXt2OdM434GbsIxDpLZK9awCttDh+SZX8EmCCmUnJ3IC1xdBJ/Lq47s0iY214
+hb+a26s5vbIwY7pj5FbmB4nqiG/X9n60BzofkqIpwQKBgQDlHhPtM9QKGij9ANs0
+OOJbCK8ZIZRwUQmfu42LXuQX9ZfuTNal/8y8KPpJPOrE8MWs0ZElfji4Osdgd5mn
+PQ5L44mC2CY+cS7lHGalsO46U044M+jV7omq1+NjQj7KClbCpT4vpOHHxnwjydfy
+p94SfFkmBfl21Bf908yEzCx14QKBgQDCG8FHdBQwpRhN2oryZTmNBPy4TYVB9z8D
+WJDS+ixbj/d5bxGtke/iXtXscCtnsy4bDWxKHCsAy+2iYLMW08iWyosVEpEwZlXK
+uYW0eX7qTPnXmTeTySXeetfHnFhK8lxO7W/MIWLpnHpaY+nncb8NpyrakkhqNOh3
+zlkIo8LRQQKBgDef+MiC57zYIxFhrtZb5SCi2Bfq3iXylrqQB0pJ7GiguJUjVI2S
+r/sSm8lCH+FWbzeI3YtTvKOFqbgS8Vv358um31DD92z7f54iKg2aCgxhA0GD4Mhn
+lEbFCTCk+aeFoRC6m4Fnr2UYHDV4IJSKCtFEHUSs+KbP0U9Pp3yqMTUhAoGBAL2K
+kqpuTATQQbJMNB/L/m2YsBpcAELQ5uQiiJCrn8LtCu+2KGH/vmmix2vwgEHrsprR
++atIZCmL+Ij1ugsRVK8CKtux3LqRQzcI/+miNe8eqV0BDUcvRN5BwBD3tzPAA6lC
+q0d+VnLdzJAVPmM1LCVt1ifGbhXfghzzDvejyWnBAoGBAONWF61wobm+cvZ/Pnl3
+TT5DLHJYtjzmWhxhzq2afb0k7Vk8qgAFMJCpjKVxfxoUbK2WAV4crmW3FLQnl04E
+1mifCWO/RnslPK4aslUBhCN768UNA8YDJD9vX2t/Exlce8beOsc9Mht2+3fsGbe3
+1vkqyY5aXIhTyR0s7e7PguiL
+-----END PRIVATE KEY-----
+
+-----BEGIN CERTIFICATE-----
+MIIDejCCAmKgAwIBAgIEaNfhvzANBgkqhkiG9w0BAQsFADBjMQswCQYDVQQGEwJD
+SDEVMBMGA1UEBwwMU2NoYWZmaGF1c2VuMQ4wDAYDVQQKDAVQbGVzazEOMAwGA1UE
+AwwFUGxlc2sxHTAbBgkqhkiG9w0BCQEWDmluZm9AcGxlc2suY29tMB4XDTI1MDky
+NzEzMDgxNVoXDTI2MDkyNzEzMDgxNVowYzELMAkGA1UEBhMCQ0gxFTATBgNVBAcM
+DFNjaGFmZmhhdXNlbjEOMAwGA1UECgwFUGxlc2sxDjAMBgNVBAMMBVBsZXNrMR0w
+GwYJKoZIhvcNAQkBFg5pbmZvQHBsZXNrLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAK25okF7jDTLjyKFvlIDmlZ5SaDW6q1puwT4w21C0boh6/mb
+/7jq/a6CnAt+y4/P19wKh758FtI/IatSXfZ/hVyCqCAgnXmKzdVhrFqviYOAefCq
+lK4x1PUNxzBYIvnZqz/IYWDyB7yyL9wuIiLo0Ikl8aHOBFtPPpO1Ln6pChcphzVv
+2W0U2O9ce7KERuUl57XCLEf05ukfg3LKbFiefkiXEJp/mPgeLCf3hcsdqkv11u8v
+aBTzZJ/znC1MVMbpAlo9Vdp3dIJ0yCd11Jg15JcuZGz5Bt9PtJ15xAAYT9mB5UCw
+Qu/QAX1FjciOqG2M2GhWG3lhA7OnL89JL7sInyECAwEAAaM2MDQwEwYDVR0lBAww
+CgYIKwYBBQUHAwEwHQYDVR0OBBYEFF107ch49jn4v5U0c5wR8FTmwllkMA0GCSqG
+SIb3DQEBCwUAA4IBAQCEsP09rtiXyBo4tGC1JV368VZTyQv2JVXYJyvcttXb1+GT
+Q9cr9MnQW4SUViP5/PDGtCpY/m7J8mLnHbP1Xh3wtDQspKc9SzdNXtvXpQewG2Uq
+y7HMcY9UPTMzWiKG2ULncjR+BtBeoPSKHu8rO/4u8grC9c5eF6lwZ5K7ITthN/GW
+zwrvH+ud5OPcwpk15U0s3NF3+ppCTRMx5FQKBHyfY0yfc9l1MRaG6pxl4HdgXcAw
+aPyZWjuG2UJhnzEOfEbFfDqoWWtvNXRY6J0Ji78pEqMpbvSP8xV7FV+XBhzLsk9k
+Ehs/8md3cEAWex/rRV9ol4zgyOmZ81YOJeCd43+5
+-----END CERTIFICATE-----