From 53708868f323027a3b245d2c00afd676d3ffa181 Mon Sep 17 00:00:00 2001 From: leefine02 Date: Mon, 11 Dec 2023 14:54:53 +0000 Subject: [PATCH 01/38] Initial Version --- GcpCertManager/Jobs/Management.cs | 31 +++++++++++++++++++++++++++++++ GcpCertManager/manifest.json | 4 ++-- 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/GcpCertManager/Jobs/Management.cs b/GcpCertManager/Jobs/Management.cs index 8281836..c4d9283 100644 --- a/GcpCertManager/Jobs/Management.cs +++ b/GcpCertManager/Jobs/Management.cs @@ -1,5 +1,6 @@ using System; using System.Collections.Generic; +using System.Drawing; using System.IO; using System.Linq; using System.Text; @@ -24,6 +25,9 @@ public class Management : IManagementJobExtension private static readonly string certStart = "-----BEGIN CERTIFICATE-----\n"; private static readonly string certEnd = "\n-----END CERTIFICATE-----"; + private const int OPERATION_MAX_WAIT_MILLISECONDS = 300000; + private const int OPERATION_INTERVAL_WAIT_MILLISECONDS = 5000; + private static readonly Func Pemify = ss => ss.Length <= 64 ? ss : ss.Substring(0, 64) + "\n" + Pemify(ss.Substring(64)); @@ -596,6 +600,33 @@ private bool CheckForDuplicate(string path, string alias, CertificateManagerServ } } + private void WaitForOperation(CertificateManagerService client, string operationName) + { + _logger.MethodEntry(); + + DateTime endTime = DateTime.Now.AddMilliseconds(OPERATION_MAX_WAIT_MILLISECONDS); + Operation operation = new Operation(); + ProjectsResource.LocationsResource.OperationsResource.GetRequest getRequest = client.Projects.Locations.Operations.Get(operationName); + + while (DateTime.Now < endTime) + { + _logger.LogTrace($"Attempting WAIT for {operationName} at {DateTime.Now.ToString()}."); + operation = getRequest.Execute(); + + if (operation.Done == true) + { + _logger.LogDebug($"End WAIT for {operationName}. Task DONE."); + _logger.MethodExit(); + return; + } + + System.Threading.Thread.Sleep(OPERATION_INTERVAL_WAIT_MILLISECONDS); + } + + _logger.MethodExit(); + throw new Exception($"{operationName} was still processing after the {OPERATION_MAX_WAIT_MILLISECONDS.ToString()} millisecond maximum wait time."); + } + private string GetMapSettingsFromAlias(string alias, string nameType) { try diff --git a/GcpCertManager/manifest.json b/GcpCertManager/manifest.json index 9321730..e728639 100644 --- a/GcpCertManager/manifest.json +++ b/GcpCertManager/manifest.json @@ -1,11 +1,11 @@ { "extensions": { "Keyfactor.Orchestrators.Extensions.IOrchestratorJobExtension": { - "CertStores.GcpCertManager.Inventory": { + "CertStores.GcpCertMgr.Inventory": { "assemblypath": "GcpCertManager.dll", "TypeFullName": "Keyfactor.Extensions.Orchestrator.GcpCertManager.Jobs.Inventory" }, - "CertStores.GcpCertManager.Management": { + "CertStores.GcpCertMgr.Management": { "assemblypath": "GcpCertManager.dll", "TypeFullName": "Keyfactor.Extensions.Orchestrator.GcpCertManager.Jobs.Management" } From 920436ffd7c3d5bff6f53573fd0ad8c7755709a2 Mon Sep 17 00:00:00 2001 From: leefine02 Date: Mon, 11 Dec 2023 21:44:53 +0000 Subject: [PATCH 02/38] Initial Version --- GcpCertManager/Jobs/Management.cs | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/GcpCertManager/Jobs/Management.cs b/GcpCertManager/Jobs/Management.cs index c4d9283..faa1492 100644 --- a/GcpCertManager/Jobs/Management.cs +++ b/GcpCertManager/Jobs/Management.cs @@ -384,6 +384,7 @@ private X509Certificate ReplaceCertificate(Certificate gCertificate, var replaceCertificateRequest = svc.Projects.Locations.Certificates.Create(gCertificate, storePath); replaceCertificateRequest.CertificateId = gCertificate.Name; var replaceCertificateResponse = replaceCertificateRequest.Execute(); + WaitForOperation(svc, replaceCertificateResponse.Name); _logger.LogTrace( $"Certificate Created in Google Cert Manager with Name {replaceCertificateResponse.Name}"); @@ -435,6 +436,7 @@ private void DeleteCertificate(string certificateName, var deleteCertificateMapEntryResponse = deleteCertificateMapEntryRequest.Execute(); _logger.LogTrace( $"Delete Certificate Response Json {JsonConvert.SerializeObject(deleteCertificateMapEntryResponse)}"); + WaitForOperation(svc, deleteCertificateMapEntryResponse.Name); _logger.LogTrace( $"Deleted {deleteCertificateMapEntryResponse.Name} Certificate Map Entry During Replace Procedure"); @@ -453,6 +455,7 @@ private void DeleteCertificate(string certificateName, svc.Projects.Locations.Certificates.Delete(storePath + $"/certificates/{certificateName}"); var deleteCertificateResponse = deleteCertificateRequest.Execute(); + WaitForOperation(svc, deleteCertificateResponse.Name); _logger.LogTrace( $"deleteCertificateResponse Json {JsonConvert.SerializeObject(deleteCertificateResponse)}"); @@ -493,6 +496,7 @@ private CertificateMap CreateMap(string mapName, CertificateManagerService clien certificateMapCreateRequest.CertificateMapId = mapName; var certificateMapCreateResponse = certificateMapCreateRequest.Execute(); + WaitForOperation(client, certificateMapCreateResponse.Name); _logger.LogTrace( $"certificateMapCreateResponse Json {JsonConvert.SerializeObject(certificateMapCreateResponse)}"); @@ -544,6 +548,7 @@ private CertificateMapEntry CreateMapEntry(CertificateMapEntry mapEntry, Certifi certificateMapEntryCreateRequest.CertificateMapEntryId = mapEntry.Name; var certificateMapEntryCreateResponse = certificateMapEntryCreateRequest.Execute(); + WaitForOperation(client, certificateMapEntryCreateResponse.Name); _logger.LogTrace( $"certificateMapEntryCreateResponse Json {JsonConvert.SerializeObject(certificateMapEntryCreateResponse)}"); From 881f3d4115a9af7d3df6aaa314f30da45e4df0c9 Mon Sep 17 00:00:00 2001 From: leefine02 Date: Wed, 13 Dec 2023 19:46:39 +0000 Subject: [PATCH 03/38] Initial Version --- GcpCertManager/GcpCertManager.csproj | 1 + GcpCertManager/Jobs/Inventory.cs | 163 ++++++------------ GcpCertManager/Jobs/Management.cs | 69 ++++---- .../{StorePath.cs => StoreProperties.cs} | 9 +- 4 files changed, 94 insertions(+), 148 deletions(-) rename GcpCertManager/{StorePath.cs => StoreProperties.cs} (54%) diff --git a/GcpCertManager/GcpCertManager.csproj b/GcpCertManager/GcpCertManager.csproj index cb347ff..b1efea7 100644 --- a/GcpCertManager/GcpCertManager.csproj +++ b/GcpCertManager/GcpCertManager.csproj @@ -1,6 +1,7 @@ + false netcoreapp3.1 Keyfactor.Extensions.Orchestrator.GcpCertManager true diff --git a/GcpCertManager/Jobs/Inventory.cs b/GcpCertManager/Jobs/Inventory.cs index 398d676..353d3bf 100644 --- a/GcpCertManager/Jobs/Inventory.cs +++ b/GcpCertManager/Jobs/Inventory.cs @@ -22,7 +22,7 @@ public Inventory(ILogger logger) _logger = logger; } - public string ExtensionName => "GcpCertManager"; + public string ExtensionName => ""; public JobResult ProcessJob(InventoryJobConfiguration jobConfiguration, SubmitInventoryUpdate submitInventoryUpdate) @@ -44,21 +44,20 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven try { _logger.MethodEntry(LogLevel.Debug); - _logger.LogTrace($"Inventory Config {JsonConvert.SerializeObject(config)}"); - _logger.LogTrace( - $"Client Machine: {config.CertificateStoreDetails.ClientMachine} ApiKey: {config.ServerPassword}"); - var storeProps = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, + StoreProperties storeProperties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, new JsonSerializerSettings {DefaultValueHandling = DefaultValueHandling.Populate}); - _logger.LogTrace($"Store Properties: {JsonConvert.SerializeObject(storeProps)}"); + _logger.LogTrace($"Store Properties:"); + _logger.LogTrace($" Location: {storeProperties.Location}"); + _logger.LogTrace($" Project Id: {storeProperties.ProjectId}"); + _logger.LogTrace($" Project Number: {storeProperties.ProjectNumber}"); + _logger.LogTrace($" Service Account Json Key: {(string.IsNullOrEmpty(storeProperties.JsonKey) ? "Value exists" : "Value not present")}"); - var client = new GcpCertificateManagerClient(); _logger.LogTrace("Getting Credentials from Google..."); - var svc = client.GetGoogleCredentials(config.CertificateStoreDetails.ClientMachine); + var svc = string.IsNullOrEmpty(storeProperties.JsonKey) ? new CertificateManagerService() : new GcpCertificateManagerClient().GetGoogleCredentials(storeProperties.JsonKey); _logger.LogTrace("Got Credentials from Google"); - var warningFlag = false; var sb = new StringBuilder(); sb.Append(""); @@ -66,52 +65,48 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven var nextPageToken = string.Empty; //todo support labels - if (storeProps != null) - foreach (var location in storeProps.Location.Split(',')) - { - var storePath = $"projects/{config.CertificateStoreDetails.StorePath}/locations/{location}"; - do - { - var certificatesRequest = - svc.Projects.Locations.Certificates.List(storePath); - certificatesRequest.Filter = "pemCertificate!=\"\""; - certificatesRequest.PageSize = 100; - if (nextPageToken?.Length > 0) certificatesRequest.PageToken = nextPageToken; + var storePath = $"projects/{storeProperties.ProjectId}/locations/{storeProperties.Location}"; - var certificatesResponse = certificatesRequest.Execute(); - _logger.LogTrace( - $"certificatesResponse: {JsonConvert.SerializeObject(certificatesResponse)}"); - nextPageToken = null; - //Debug Write Certificate List Response from Google Cert Manager - if (certificatesResponse?.Certificates != null) - inventoryItems.AddRange(certificatesResponse.Certificates.Select( - c => - { - try - { - _logger.LogTrace( - $"Building Cert List Inventory Item Alias: {c.Name} Pem: {c.PemCertificate} Private Key: dummy (from PA API)"); - return BuildInventoryItem(c.Name, c.PemCertificate, - true, storePath, svc, - storeProps - .ProjectNumber); //todo figure out how to see if private key exists not in Google Api return - } - catch - { - _logger.LogWarning( - $"Could not fetch the certificate: {c?.Name} associated with description {c?.Description}."); - sb.Append( - $"Could not fetch the certificate: {c?.Name} associated with issuer {c?.Description}.{Environment.NewLine}"); - warningFlag = true; - return new CurrentInventoryItem(); - } - }).Where(acsii => acsii?.Certificates != null).ToList()); - - if (certificatesResponse?.NextPageToken?.Length > 0) - nextPageToken = certificatesResponse.NextPageToken; - } while (nextPageToken?.Length > 0); - } + do + { + var certificatesRequest = + svc.Projects.Locations.Certificates.List(storePath); + certificatesRequest.Filter = "pemCertificate!=\"\""; + certificatesRequest.PageSize = 100; + if (nextPageToken?.Length > 0) certificatesRequest.PageToken = nextPageToken; + + var certificatesResponse = certificatesRequest.Execute(); + _logger.LogTrace( + $"certificatesResponse: {JsonConvert.SerializeObject(certificatesResponse)}"); + + nextPageToken = null; + //Debug Write Certificate List Response from Google Cert Manager + if (certificatesResponse?.Certificates != null) + inventoryItems.AddRange(certificatesResponse.Certificates.Select( + c => + { + try + { + _logger.LogTrace( + $"Building Cert List Inventory Item Alias: {c.Name} Pem: {c.PemCertificate} Private Key: dummy (from PA API)"); + return BuildInventoryItem(c.Name, c.PemCertificate, + true, storePath, svc, + storeProperties.ProjectNumber); + } + catch + { + _logger.LogWarning( + $"Could not fetch the certificate: {c?.Name} associated with description {c?.Description}."); + sb.Append( + $"Could not fetch the certificate: {c?.Name} associated with issuer {c?.Description}.{Environment.NewLine}"); + warningFlag = true; + return new CurrentInventoryItem(); + } + }).Where(acsii => acsii?.Certificates != null).ToList()); + + nextPageToken = certificatesResponse.NextPageToken; + } while (nextPageToken?.Length > 0); _logger.LogTrace("Submitting Inventory To Keyfactor via submitInventory.Invoke"); submitInventory.Invoke(inventoryItems); @@ -166,16 +161,8 @@ protected virtual CurrentInventoryItem BuildInventoryItem(string alias, string c //1. Look up certificate map entries based on certificate name var certAttributes = GetCertificateAttributes(storePath); var modAlias = alias.Split('/')[5]; - var mapSettings = GetMapSettings(storePath, modAlias, svc, projectNumber); - _logger.LogTrace($"Got modAlias: {modAlias}, certAttributes and mapSettings"); - - if (mapSettings != null && mapSettings.ContainsKey("Certificate Map Name") && - mapSettings["Certificate Map Name"]?.Length > 0) - modAlias = mapSettings["Certificate Map Name"] + "/" + mapSettings["Certificate Map Entry Name"] + - "/" + modAlias; - - _logger.LogTrace($"Got modAlias after map additions: {modAlias}"); + _logger.LogTrace($"Got modAlias: {modAlias}"); var acsi = new CurrentInventoryItem { @@ -220,57 +207,5 @@ protected Dictionary GetCertificateAttributes(string storePath) throw; } } - - - protected Dictionary GetMapSettings(string storePath, string certificateName, - CertificateManagerService svc, string projectNumber) - { - try - { - _logger.MethodEntry(); - var locationName = storePath.Split('/')[3]; - var siteSettingsDict = new Dictionary(); - var certName = $"projects/{projectNumber}/locations/{locationName}/certificates/{certificateName}"; - - _logger.LogTrace($"certName: {certName}"); - - //Loop through list of maps and map entries until you find the certificate - var mapListRequest = - svc.Projects.Locations.CertificateMaps.List(storePath); - - var mapListResponse = mapListRequest.Execute(); - _logger.LogTrace( - $"mapListResponse: {JsonConvert.SerializeObject(mapListResponse)}"); - - if (mapListResponse?.CertificateMaps != null) - foreach (var map in mapListResponse.CertificateMaps) - { - var mapEntryListRequest = - svc.Projects.Locations.CertificateMaps.CertificateMapEntries.List(map.Name); - mapEntryListRequest.Filter = $"certificates:\"{certName}\""; - var mapEntryListResponse = mapEntryListRequest.Execute(); - _logger.LogTrace( - $"mapEntryListResponse: {JsonConvert.SerializeObject(mapEntryListResponse)}"); - - if (mapEntryListResponse?.CertificateMapEntries?.Count > 0) - { - var mapEntry = mapEntryListResponse.CertificateMapEntries[0]; - _logger.LogTrace($"mapEntry: {mapEntry}"); - siteSettingsDict.Add("Certificate Map Name", map.Name.Split('/')[5]); - siteSettingsDict.Add("Certificate Map Entry Name", mapEntry.Name.Split('/')[7]); - _logger.MethodExit(); - return siteSettingsDict; - } - } - - _logger.MethodExit(); - return siteSettingsDict; - } - catch (Exception e) - { - _logger.LogError($"Error Occurred in Inventory.GetMapSettings: {LogHandler.FlattenException(e)}"); - throw; - } - } } } \ No newline at end of file diff --git a/GcpCertManager/Jobs/Management.cs b/GcpCertManager/Jobs/Management.cs index faa1492..990c822 100644 --- a/GcpCertManager/Jobs/Management.cs +++ b/GcpCertManager/Jobs/Management.cs @@ -17,6 +17,7 @@ using Org.BouncyCastle.OpenSsl; using Org.BouncyCastle.Pkcs; using Org.BouncyCastle.X509; +using static Org.BouncyCastle.Math.EC.ECCurve; namespace Keyfactor.Extensions.Orchestrator.GcpCertManager.Jobs { @@ -40,27 +41,21 @@ public Management(ILogger logger) protected internal virtual AsymmetricKeyEntry KeyEntry { get; set; } - protected internal string MapName { get; set; } - - protected internal string MapEntryName { get; set; } - protected internal string CertificateName { get; set; } - public string ExtensionName => "GcpCertManager"; + public string ExtensionName => ""; public JobResult ProcessJob(ManagementJobConfiguration jobConfiguration) { try { - _logger.MethodEntry(); - MapName = GetMapSettingsFromAlias(jobConfiguration.JobCertificate.Alias, "map"); - _logger.LogTrace($"MapName: {MapName}"); - MapEntryName = GetMapSettingsFromAlias(jobConfiguration.JobCertificate.Alias, "mapentry"); - _logger.LogTrace($"MapEntryName: {MapEntryName}"); - CertificateName = GetMapSettingsFromAlias(jobConfiguration.JobCertificate.Alias, "certificate"); - _logger.LogTrace($"CertificateName: {CertificateName}"); - _logger.MethodExit(); + _logger.MethodEntry(LogLevel.Debug); + + _logger.LogTrace("Getting Credentials from Google..."); + var svc = string.IsNullOrEmpty(storeProperties.JsonKey) ? new CertificateManagerService() : new GcpCertificateManagerClient().GetGoogleCredentials(storeProperties.JsonKey); + _logger.LogTrace("Got Credentials from Google"); + return PerformManagement(jobConfiguration); } catch (Exception e) @@ -75,6 +70,16 @@ private JobResult PerformManagement(ManagementJobConfiguration config) try { _logger.MethodEntry(); + + StoreProperties storeProperties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, + new JsonSerializerSettings { DefaultValueHandling = DefaultValueHandling.Populate }); + + _logger.LogTrace($"Store Properties:"); + _logger.LogTrace($" Location: {storeProperties.Location}"); + _logger.LogTrace($" Project Id: {storeProperties.ProjectId}"); + _logger.LogTrace($" Project Number: {storeProperties.ProjectNumber}"); + _logger.LogTrace($" Service Account Json Key: {(string.IsNullOrEmpty(storeProperties.JsonKey) ? "Value exists" : "Value not present")}"); + var complete = new JobResult { Result = OrchestratorJobStatusJobResult.Failure, @@ -124,16 +129,13 @@ private JobResult PerformRemoval(ManagementJobConfiguration config) { _logger.MethodEntry(); - _logger.LogTrace( - $"Credentials JSON: Url: {config.CertificateStoreDetails.ClientMachine} Password: {config.ServerPassword}"); - var storeProps = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, new JsonSerializerSettings {DefaultValueHandling = DefaultValueHandling.Populate}); _logger.LogTrace($"Store Properties: {JsonConvert.SerializeObject(storeProps)}"); if (storeProps != null) { var location = storeProps.Location; - var storePath = $"projects/{config.CertificateStoreDetails.StorePath}/locations/{location}"; + var storePath = $"projects/{storeProperties.ProjectId}/locations/{location}"; var client = new GcpCertificateManagerClient(); _logger.LogTrace("Getting Credentials from Google..."); var svc = client.GetGoogleCredentials(config.CertificateStoreDetails.ClientMachine); @@ -180,9 +182,6 @@ private JobResult PerformAddition(ManagementJobConfiguration config) { _logger.MethodEntry(); - _logger.LogTrace( - $"Credentials JSON: Url: {config.CertificateStoreDetails.ClientMachine} Password: {config.ServerPassword}"); - var storeProps = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, new JsonSerializerSettings {DefaultValueHandling = DefaultValueHandling.Populate}); _logger.LogTrace($"Store Properties: {JsonConvert.SerializeObject(storeProps)}"); @@ -190,7 +189,7 @@ private JobResult PerformAddition(ManagementJobConfiguration config) if (storeProps != null) { var location = storeProps.Location; - var storePath = $"projects/{config.CertificateStoreDetails.StorePath}/locations/{location}"; + var storePath = $"projects/{storeProperties.ProjectId}/locations/{location}"; var client = new GcpCertificateManagerClient(); _logger.LogTrace("Getting Credentials from Google..."); var svc = client.GetGoogleCredentials(config.CertificateStoreDetails.ClientMachine); @@ -205,7 +204,6 @@ private JobResult PerformAddition(ManagementJobConfiguration config) _logger.LogTrace("Either not a duplicate or overwrite was chosen...."); if (!string.IsNullOrWhiteSpace(config.JobCertificate.PrivateKeyPassword)) // This is a PFX Entry { - _logger.LogTrace($"Found Private Key {config.JobCertificate.PrivateKeyPassword}"); if (string.IsNullOrWhiteSpace(config.JobCertificate.Alias)) _logger.LogTrace("No Alias Found"); @@ -241,14 +239,12 @@ private JobResult PerformAddition(ManagementJobConfiguration config) if (KeyEntry == null) throw new Exception("Unable to retrieve private key"); var privateKey = KeyEntry.Key; - _logger.LogTrace($"privateKey = {privateKey}"); var keyPair = new AsymmetricCipherKeyPair(publicKey, privateKey); pemWriter.WriteObject(keyPair.Private); streamWriter.Flush(); privateKeyString = Encoding.ASCII.GetString(memoryStream.GetBuffer()).Trim() .Replace("\r", "").Replace("\0", ""); - _logger.LogTrace($"Got Private Key String {privateKeyString}"); memoryStream.Close(); streamWriter.Close(); _logger.LogTrace("Finished Extracting Private Key..."); @@ -379,10 +375,21 @@ private X509Certificate ReplaceCertificate(Certificate gCertificate, //DEFAULT or EDGE_CACHE //todo add labels //Path does not support cert and private key replacement so delete and insert instead - if (overwrite) DeleteCertificate(gCertificate.Name, svc, storePath); - var replaceCertificateRequest = svc.Projects.Locations.Certificates.Create(gCertificate, storePath); - replaceCertificateRequest.CertificateId = gCertificate.Name; + + + + //if (overwrite) DeleteCertificate(gCertificate.Name, svc, storePath); + + //var replaceCertificateRequest = svc.Projects.Locations.Certificates.Create(gCertificate, storePath); + //replaceCertificateRequest.CertificateId = gCertificate.Name; + var replaceCertificateRequest = svc.Projects.Locations.Certificates.Patch(gCertificate, storePath + $"/certificates/{CertificateName}"); + replaceCertificateRequest.UpdateMask = "SelfManaged.PemCertificate,SelfManaged.PemPrivateKey"; + + + + + var replaceCertificateResponse = replaceCertificateRequest.Execute(); WaitForOperation(svc, replaceCertificateResponse.Name); @@ -432,7 +439,7 @@ private void DeleteCertificate(string certificateName, var deleteCertificateMapEntryRequest = svc.Projects.Locations.CertificateMaps.CertificateMapEntries.Delete(storePath + $"/certificateMaps/{MapName}/certificateMapEntries/{MapEntryName}"); - + var deleteCertificateMapEntryResponse = deleteCertificateMapEntryRequest.Execute(); _logger.LogTrace( $"Delete Certificate Response Json {JsonConvert.SerializeObject(deleteCertificateMapEntryResponse)}"); @@ -455,9 +462,9 @@ private void DeleteCertificate(string certificateName, svc.Projects.Locations.Certificates.Delete(storePath + $"/certificates/{certificateName}"); var deleteCertificateResponse = deleteCertificateRequest.Execute(); - WaitForOperation(svc, deleteCertificateResponse.Name); _logger.LogTrace( $"deleteCertificateResponse Json {JsonConvert.SerializeObject(deleteCertificateResponse)}"); + WaitForOperation(svc, deleteCertificateResponse.Name); _logger.LogTrace($"Deleted {deleteCertificateResponse.Name} Certificate During Replace Procedure"); } @@ -496,9 +503,9 @@ private CertificateMap CreateMap(string mapName, CertificateManagerService clien certificateMapCreateRequest.CertificateMapId = mapName; var certificateMapCreateResponse = certificateMapCreateRequest.Execute(); - WaitForOperation(client, certificateMapCreateResponse.Name); _logger.LogTrace( $"certificateMapCreateResponse Json {JsonConvert.SerializeObject(certificateMapCreateResponse)}"); + WaitForOperation(client, certificateMapCreateResponse.Name); if (certificateMapCreateResponse?.Name?.Length > 0) { @@ -548,9 +555,9 @@ private CertificateMapEntry CreateMapEntry(CertificateMapEntry mapEntry, Certifi certificateMapEntryCreateRequest.CertificateMapEntryId = mapEntry.Name; var certificateMapEntryCreateResponse = certificateMapEntryCreateRequest.Execute(); - WaitForOperation(client, certificateMapEntryCreateResponse.Name); _logger.LogTrace( $"certificateMapEntryCreateResponse Json {JsonConvert.SerializeObject(certificateMapEntryCreateResponse)}"); + WaitForOperation(client, certificateMapEntryCreateResponse.Name); if (certificateMapEntryCreateResponse?.Name?.Length > 0) { diff --git a/GcpCertManager/StorePath.cs b/GcpCertManager/StoreProperties.cs similarity index 54% rename from GcpCertManager/StorePath.cs rename to GcpCertManager/StoreProperties.cs index 8e7e023..2ea3aeb 100644 --- a/GcpCertManager/StorePath.cs +++ b/GcpCertManager/StoreProperties.cs @@ -3,12 +3,15 @@ namespace Keyfactor.Extensions.Orchestrator.GcpCertManager { - internal class StorePath + internal class StoreProperties { - [JsonProperty("Location")] [DefaultValue("global")] public string Location { get; set; } - [JsonProperty("Project Number")] public string ProjectNumber { get; set; } + public string ProjectId { get; set; } + + public string ProjectNumber { get; set; } + + public string JsonKey { get; set; } } } \ No newline at end of file From 2adbb9346165c529c61065825b784d81fcc6eb62 Mon Sep 17 00:00:00 2001 From: leefine02 Date: Wed, 13 Dec 2023 20:56:03 +0000 Subject: [PATCH 04/38] Initial Version --- GcpCertManager/Jobs/Inventory.cs | 6 ++-- GcpCertManager/Jobs/Management.cs | 52 ++++++++++++++----------------- GcpCertManager/StoreProperties.cs | 2 -- 3 files changed, 25 insertions(+), 35 deletions(-) diff --git a/GcpCertManager/Jobs/Inventory.cs b/GcpCertManager/Jobs/Inventory.cs index 353d3bf..3e731d1 100644 --- a/GcpCertManager/Jobs/Inventory.cs +++ b/GcpCertManager/Jobs/Inventory.cs @@ -51,7 +51,6 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven _logger.LogTrace($"Store Properties:"); _logger.LogTrace($" Location: {storeProperties.Location}"); _logger.LogTrace($" Project Id: {storeProperties.ProjectId}"); - _logger.LogTrace($" Project Number: {storeProperties.ProjectNumber}"); _logger.LogTrace($" Service Account Json Key: {(string.IsNullOrEmpty(storeProperties.JsonKey) ? "Value exists" : "Value not present")}"); _logger.LogTrace("Getting Credentials from Google..."); @@ -91,8 +90,7 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven _logger.LogTrace( $"Building Cert List Inventory Item Alias: {c.Name} Pem: {c.PemCertificate} Private Key: dummy (from PA API)"); return BuildInventoryItem(c.Name, c.PemCertificate, - true, storePath, svc, - storeProperties.ProjectNumber); + true, storePath, svc); } catch { @@ -151,7 +149,7 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven } protected virtual CurrentInventoryItem BuildInventoryItem(string alias, string certPem, bool privateKey, - string storePath, CertificateManagerService svc, string projectNumber) + string storePath, CertificateManagerService svc) { try { diff --git a/GcpCertManager/Jobs/Management.cs b/GcpCertManager/Jobs/Management.cs index 990c822..a1c2a09 100644 --- a/GcpCertManager/Jobs/Management.cs +++ b/GcpCertManager/Jobs/Management.cs @@ -52,10 +52,6 @@ public JobResult ProcessJob(ManagementJobConfiguration jobConfiguration) { _logger.MethodEntry(LogLevel.Debug); - _logger.LogTrace("Getting Credentials from Google..."); - var svc = string.IsNullOrEmpty(storeProperties.JsonKey) ? new CertificateManagerService() : new GcpCertificateManagerClient().GetGoogleCredentials(storeProperties.JsonKey); - _logger.LogTrace("Got Credentials from Google"); - return PerformManagement(jobConfiguration); } catch (Exception e) @@ -77,9 +73,14 @@ private JobResult PerformManagement(ManagementJobConfiguration config) _logger.LogTrace($"Store Properties:"); _logger.LogTrace($" Location: {storeProperties.Location}"); _logger.LogTrace($" Project Id: {storeProperties.ProjectId}"); - _logger.LogTrace($" Project Number: {storeProperties.ProjectNumber}"); _logger.LogTrace($" Service Account Json Key: {(string.IsNullOrEmpty(storeProperties.JsonKey) ? "Value exists" : "Value not present")}"); + _logger.LogTrace("Getting Credentials from Google..."); + var svc = string.IsNullOrEmpty(storeProperties.JsonKey) ? new CertificateManagerService() : new GcpCertificateManagerClient().GetGoogleCredentials(storeProperties.JsonKey); + _logger.LogTrace("Got Credentials from Google"); + + var storePath = $"projects/{storeProperties.ProjectId}/locations/{storeProperties.Location}"; + var complete = new JobResult { Result = OrchestratorJobStatusJobResult.Failure, @@ -88,17 +89,18 @@ private JobResult PerformManagement(ManagementJobConfiguration config) "Invalid Management Operation" }; - if (config.OperationType.ToString() == "Add") + switch (config.OperationType) { - _logger.LogTrace("Adding..."); - _logger.LogTrace($"Add Config Json {JsonConvert.SerializeObject(config)}"); - complete = PerformAddition(config); - } - else if (config.OperationType.ToString() == "Remove") - { - _logger.LogTrace("Removing..."); - _logger.LogTrace($"Remove Config Json {JsonConvert.SerializeObject(config)}"); - complete = PerformRemoval(config); + case CertStoreOperationType.Add: + _logger.LogTrace("Adding..."); + complete = PerformAddition(svc, config, storeProperties); + break; + case CertStoreOperationType.Remove: + _logger.LogTrace("Removing..."); + complete = PerformRemoval(svc, config, storeProperties); + break; + default: + return complete; } _logger.MethodExit(); @@ -123,27 +125,19 @@ private JobResult PerformManagement(ManagementJobConfiguration config) } - private JobResult PerformRemoval(ManagementJobConfiguration config) + private JobResult PerformRemoval(CertificateManagerService svc, ManagementJobConfiguration config, StoreProperties storeProperties) { try { _logger.MethodEntry(); - var storeProps = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, - new JsonSerializerSettings {DefaultValueHandling = DefaultValueHandling.Populate}); - _logger.LogTrace($"Store Properties: {JsonConvert.SerializeObject(storeProps)}"); - if (storeProps != null) + do { - var location = storeProps.Location; - var storePath = $"projects/{storeProperties.ProjectId}/locations/{location}"; - var client = new GcpCertificateManagerClient(); - _logger.LogTrace("Getting Credentials from Google..."); - var svc = client.GetGoogleCredentials(config.CertificateStoreDetails.ClientMachine); - _logger.LogTrace($"Got Credentials from Google"); - - DeleteCertificate(CertificateName, svc, storePath); + var certificateMapListRequest = svc.Projects.Locations.CertificateMaps.List(storeProperties.ProjectId + $"/certificateMaps/{MapName}"); } + DeleteCertificate(CertificateName, svc, storePath); + _logger.MethodExit(); return new JobResult { @@ -175,7 +169,7 @@ private JobResult PerformRemoval(ManagementJobConfiguration config) } - private JobResult PerformAddition(ManagementJobConfiguration config) + private JobResult PerformAddition(CertificateManagerService svc, ManagementJobConfiguration config, StoreProperties storeProperties) { //Temporarily only performing additions try diff --git a/GcpCertManager/StoreProperties.cs b/GcpCertManager/StoreProperties.cs index 2ea3aeb..f8591c4 100644 --- a/GcpCertManager/StoreProperties.cs +++ b/GcpCertManager/StoreProperties.cs @@ -10,8 +10,6 @@ internal class StoreProperties public string ProjectId { get; set; } - public string ProjectNumber { get; set; } - public string JsonKey { get; set; } } } \ No newline at end of file From e8d27841ef1521f381f9d9fa73ad47afdbda94ee Mon Sep 17 00:00:00 2001 From: leefine02 Date: Thu, 14 Dec 2023 16:06:09 +0000 Subject: [PATCH 05/38] Initial Version --- GcpCertManager/Jobs/Inventory.cs | 8 +- GcpCertManager/Jobs/Management.cs | 455 ++++++++---------------------- GcpCertManager/StoreProperties.cs | 2 +- 3 files changed, 123 insertions(+), 342 deletions(-) diff --git a/GcpCertManager/Jobs/Inventory.cs b/GcpCertManager/Jobs/Inventory.cs index 3e731d1..7486b7c 100644 --- a/GcpCertManager/Jobs/Inventory.cs +++ b/GcpCertManager/Jobs/Inventory.cs @@ -47,14 +47,15 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven StoreProperties storeProperties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, new JsonSerializerSettings {DefaultValueHandling = DefaultValueHandling.Populate}); + storeProperties.ProjectId = config.CertificateStoreDetails.ClientMachine; _logger.LogTrace($"Store Properties:"); _logger.LogTrace($" Location: {storeProperties.Location}"); _logger.LogTrace($" Project Id: {storeProperties.ProjectId}"); - _logger.LogTrace($" Service Account Json Key: {(string.IsNullOrEmpty(storeProperties.JsonKey) ? "Value exists" : "Value not present")}"); + _logger.LogTrace($" Service Account Key Path: {storeProperties.ServiceAccountKey}"); _logger.LogTrace("Getting Credentials from Google..."); - var svc = string.IsNullOrEmpty(storeProperties.JsonKey) ? new CertificateManagerService() : new GcpCertificateManagerClient().GetGoogleCredentials(storeProperties.JsonKey); + var svc = string.IsNullOrEmpty(storeProperties.ServiceAccountKey) ? new CertificateManagerService() : new GcpCertificateManagerClient().GetGoogleCredentials(storeProperties.ServiceAccountKey); _logger.LogTrace("Got Credentials from Google"); var warningFlag = false; @@ -66,7 +67,6 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven //todo support labels var storePath = $"projects/{storeProperties.ProjectId}/locations/{storeProperties.Location}"; - do { var certificatesRequest = @@ -132,7 +132,7 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven } catch (GoogleApiException e) { - var googleError = e.Error.ErrorResponseContent; + var googleError = e.Error?.ErrorResponseContent + " " + LogHandler.FlattenException(e); return new JobResult { Result = OrchestratorJobStatusJobResult.Failure, diff --git a/GcpCertManager/Jobs/Management.cs b/GcpCertManager/Jobs/Management.cs index a1c2a09..4a54e3b 100644 --- a/GcpCertManager/Jobs/Management.cs +++ b/GcpCertManager/Jobs/Management.cs @@ -69,17 +69,19 @@ private JobResult PerformManagement(ManagementJobConfiguration config) StoreProperties storeProperties = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, new JsonSerializerSettings { DefaultValueHandling = DefaultValueHandling.Populate }); + storeProperties.ProjectId = config.CertificateStoreDetails.ClientMachine; _logger.LogTrace($"Store Properties:"); _logger.LogTrace($" Location: {storeProperties.Location}"); _logger.LogTrace($" Project Id: {storeProperties.ProjectId}"); - _logger.LogTrace($" Service Account Json Key: {(string.IsNullOrEmpty(storeProperties.JsonKey) ? "Value exists" : "Value not present")}"); + _logger.LogTrace($" Service Account Key Path: {storeProperties.ServiceAccountKey}"); _logger.LogTrace("Getting Credentials from Google..."); - var svc = string.IsNullOrEmpty(storeProperties.JsonKey) ? new CertificateManagerService() : new GcpCertificateManagerClient().GetGoogleCredentials(storeProperties.JsonKey); + var svc = string.IsNullOrEmpty(storeProperties.ServiceAccountKey) ? new CertificateManagerService() : new GcpCertificateManagerClient().GetGoogleCredentials(storeProperties.ServiceAccountKey); _logger.LogTrace("Got Credentials from Google"); var storePath = $"projects/{storeProperties.ProjectId}/locations/{storeProperties.Location}"; + CertificateName = config.JobCertificate.Alias; var complete = new JobResult { @@ -93,11 +95,11 @@ private JobResult PerformManagement(ManagementJobConfiguration config) { case CertStoreOperationType.Add: _logger.LogTrace("Adding..."); - complete = PerformAddition(svc, config, storeProperties); + complete = PerformAddition(svc, config, storePath); break; case CertStoreOperationType.Remove: _logger.LogTrace("Removing..."); - complete = PerformRemoval(svc, config, storeProperties); + complete = PerformRemoval(svc, config, storePath); break; default: return complete; @@ -108,7 +110,7 @@ private JobResult PerformManagement(ManagementJobConfiguration config) } catch (GoogleApiException e) { - var googleError = e.Error.ErrorResponseContent; + var googleError = e.Error?.ErrorResponseContent + " " + LogHandler.FlattenException(e); return new JobResult { Result = OrchestratorJobStatusJobResult.Failure, @@ -125,17 +127,12 @@ private JobResult PerformManagement(ManagementJobConfiguration config) } - private JobResult PerformRemoval(CertificateManagerService svc, ManagementJobConfiguration config, StoreProperties storeProperties) + private JobResult PerformRemoval(CertificateManagerService svc, ManagementJobConfiguration config, string storePath) { try { _logger.MethodEntry(); - do - { - var certificateMapListRequest = svc.Projects.Locations.CertificateMaps.List(storeProperties.ProjectId + $"/certificateMaps/{MapName}"); - } - DeleteCertificate(CertificateName, svc, storePath); _logger.MethodExit(); @@ -148,7 +145,7 @@ private JobResult PerformRemoval(CertificateManagerService svc, ManagementJobCon } catch (GoogleApiException e) { - var googleError = e.Error.ErrorResponseContent; + var googleError = e.Error?.ErrorResponseContent + " " + LogHandler.FlattenException(e); return new JobResult { Result = OrchestratorJobStatusJobResult.Failure, @@ -163,169 +160,119 @@ private JobResult PerformRemoval(CertificateManagerService svc, ManagementJobCon { Result = OrchestratorJobStatusJobResult.Failure, JobHistoryId = config.JobHistoryId, - FailureMessage = $"PerformRemoval: {LogHandler.FlattenException(e)}" + FailureMessage = $"Management/Remove: {LogHandler.FlattenException(e)}" }; } } - private JobResult PerformAddition(CertificateManagerService svc, ManagementJobConfiguration config, StoreProperties storeProperties) + private JobResult PerformAddition(CertificateManagerService svc, ManagementJobConfiguration config, string storePath) { //Temporarily only performing additions try { _logger.MethodEntry(); - var storeProps = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties, - new JsonSerializerSettings {DefaultValueHandling = DefaultValueHandling.Populate}); - _logger.LogTrace($"Store Properties: {JsonConvert.SerializeObject(storeProps)}"); + var client = new GcpCertificateManagerClient(); + + var duplicate = CheckForDuplicate(storePath, CertificateName, svc); + _logger.LogTrace($"Duplicate? = {duplicate}"); - if (storeProps != null) + //Check for Duplicate already in Google Certificate Manager, if there, make sure the Overwrite flag is checked before replacing + if (duplicate && config.Overwrite || !duplicate) { - var location = storeProps.Location; - var storePath = $"projects/{storeProperties.ProjectId}/locations/{location}"; - var client = new GcpCertificateManagerClient(); - _logger.LogTrace("Getting Credentials from Google..."); - var svc = client.GetGoogleCredentials(config.CertificateStoreDetails.ClientMachine); - _logger.LogTrace($"Got Credentials from Google"); - - var duplicate = CheckForDuplicate(storePath, CertificateName, svc); - _logger.LogTrace($"Duplicate? = {duplicate}"); - - //Check for Duplicate already in Google Certificate Manager, if there, make sure the Overwrite flag is checked before replacing - if (duplicate && config.Overwrite || !duplicate) + _logger.LogTrace("Either not a duplicate or overwrite was chosen...."); + if (!string.IsNullOrWhiteSpace(config.JobCertificate.PrivateKeyPassword)) // This is a PFX Entry { - _logger.LogTrace("Either not a duplicate or overwrite was chosen...."); - if (!string.IsNullOrWhiteSpace(config.JobCertificate.PrivateKeyPassword)) // This is a PFX Entry - { - if (string.IsNullOrWhiteSpace(config.JobCertificate.Alias)) - _logger.LogTrace("No Alias Found"); + if (string.IsNullOrWhiteSpace(config.JobCertificate.Alias)) + _logger.LogTrace("No Alias Found"); - // Load PFX - var pfxBytes = Convert.FromBase64String(config.JobCertificate.Contents); - Pkcs12Store p; - using (var pfxBytesMemoryStream = new MemoryStream(pfxBytes)) - { - p = new Pkcs12Store(pfxBytesMemoryStream, - config.JobCertificate.PrivateKeyPassword.ToCharArray()); - } + // Load PFX + var pfxBytes = Convert.FromBase64String(config.JobCertificate.Contents); + Pkcs12Store p; + using (var pfxBytesMemoryStream = new MemoryStream(pfxBytes)) + { + p = new Pkcs12Store(pfxBytesMemoryStream, + config.JobCertificate.PrivateKeyPassword.ToCharArray()); + } - _logger.LogTrace( - $"Created Pkcs12Store containing Alias {config.JobCertificate.Alias} Contains Alias is {p.ContainsAlias(config.JobCertificate.Alias)}"); + _logger.LogTrace( + $"Created Pkcs12Store containing Alias {config.JobCertificate.Alias} Contains Alias is {p.ContainsAlias(config.JobCertificate.Alias)}"); - // Extract private key - string alias; - string privateKeyString; - using (var memoryStream = new MemoryStream()) + // Extract private key + string alias; + string privateKeyString; + using (var memoryStream = new MemoryStream()) + { + using (TextWriter streamWriter = new StreamWriter(memoryStream)) { - using (TextWriter streamWriter = new StreamWriter(memoryStream)) - { - _logger.LogTrace("Extracting Private Key..."); - var pemWriter = new PemWriter(streamWriter); - _logger.LogTrace("Created pemWriter..."); - alias = p.Aliases.Cast().SingleOrDefault(a => p.IsKeyEntry(a)); - _logger.LogTrace($"Alias = {alias}"); - var publicKey = p.GetCertificate(alias).Certificate.GetPublicKey(); - _logger.LogTrace($"publicKey = {publicKey}"); - KeyEntry = p.GetKey(alias); - _logger.LogTrace($"KeyEntry = {KeyEntry}"); - if (KeyEntry == null) throw new Exception("Unable to retrieve private key"); - - var privateKey = KeyEntry.Key; - var keyPair = new AsymmetricCipherKeyPair(publicKey, privateKey); - - pemWriter.WriteObject(keyPair.Private); - streamWriter.Flush(); - privateKeyString = Encoding.ASCII.GetString(memoryStream.GetBuffer()).Trim() - .Replace("\r", "").Replace("\0", ""); - memoryStream.Close(); - streamWriter.Close(); - _logger.LogTrace("Finished Extracting Private Key..."); - } + _logger.LogTrace("Extracting Private Key..."); + var pemWriter = new PemWriter(streamWriter); + _logger.LogTrace("Created pemWriter..."); + alias = p.Aliases.Cast().SingleOrDefault(a => p.IsKeyEntry(a)); + _logger.LogTrace($"Alias = {alias}"); + var publicKey = p.GetCertificate(alias).Certificate.GetPublicKey(); + _logger.LogTrace($"publicKey = {publicKey}"); + KeyEntry = p.GetKey(alias); + _logger.LogTrace($"KeyEntry = {KeyEntry}"); + if (KeyEntry == null) throw new Exception("Unable to retrieve private key"); + + var privateKey = KeyEntry.Key; + var keyPair = new AsymmetricCipherKeyPair(publicKey, privateKey); + + pemWriter.WriteObject(keyPair.Private); + streamWriter.Flush(); + privateKeyString = Encoding.ASCII.GetString(memoryStream.GetBuffer()).Trim() + .Replace("\r", "").Replace("\0", ""); + memoryStream.Close(); + streamWriter.Close(); + _logger.LogTrace("Finished Extracting Private Key..."); } + } - var pubCertPem = - Pemify(Convert.ToBase64String(p.GetCertificate(alias).Certificate.GetEncoded())); - _logger.LogTrace($"Public cert Pem {pubCertPem}"); + var pubCertPem = + Pemify(Convert.ToBase64String(p.GetCertificate(alias).Certificate.GetEncoded())); + _logger.LogTrace($"Public cert Pem {pubCertPem}"); - var certPem = privateKeyString + certStart + pubCertPem + certEnd; + var certPem = privateKeyString + certStart + pubCertPem + certEnd; - _logger.LogTrace($"Got certPem {certPem}"); + _logger.LogTrace($"Got certPem {certPem}"); + pubCertPem = $"-----BEGIN CERTIFICATE-----\r\n{pubCertPem}\r\n-----END CERTIFICATE-----"; - if (MapName.Length > 0 && MapEntryName.Length > 0) - { - var mapCreated = CreateMap(MapName, svc, storePath); - if (mapCreated == null) - return new JobResult - { - Result = OrchestratorJobStatusJobResult.Failure, - JobHistoryId = config.JobHistoryId, - FailureMessage = $"Could not create the certificate map Named: {MapName}" - }; - _logger.LogTrace($"Certificate Map Created with Name {mapCreated.Name}"); - } + _logger.LogTrace($"Public Cert Pem: {pubCertPem}"); - pubCertPem = $"-----BEGIN CERTIFICATE-----\r\n{pubCertPem}\r\n-----END CERTIFICATE-----"; + //Create the certificate in Google + var gCertificate = new Certificate + { + SelfManaged = new SelfManagedCertificate + {PemCertificate = pubCertPem, PemPrivateKey = privateKeyString}, + Name = CertificateName, + Description = CertificateName, + Scope = "DEFAULT" //Scope does not come back in inventory so just hard code it for now + }; - _logger.LogTrace($"Public Cert Pem: {pubCertPem}"); + _logger.LogTrace( + $"Created Google Certificate Object: {JsonConvert.SerializeObject(gCertificate)}"); - //2. Create the certificate in Google - var gCertificate = new Certificate - { - SelfManaged = new SelfManagedCertificate - {PemCertificate = pubCertPem, PemPrivateKey = privateKeyString}, - Name = CertificateName, - Description = CertificateName, - Scope = "DEFAULT" //Scope does not come back in inventory so just hard code it for now - }; - - _logger.LogTrace( - $"Created Google Certificate Object: {JsonConvert.SerializeObject(gCertificate)}"); - - X509Certificate replaceCertificateResponse; - if (duplicate && config.Overwrite) - replaceCertificateResponse = ReplaceCertificate(gCertificate, svc, storePath, true); - else - replaceCertificateResponse = - ReplaceCertificate(gCertificate, svc, storePath, false); - - _logger.LogTrace( - $"Certificate Created with SubjectDn {replaceCertificateResponse.SubjectDN}"); - - if (MapName.Length > 0 && MapEntryName.Length > 0) - { - _logger.LogTrace("Found Map Entry and Map..."); - //Get the host name to be passed into the create map call - var subject = GetCommonNameFromSubject(replaceCertificateResponse.SubjectDN.ToString()); - _logger.LogTrace($"Got Subject: {subject}"); - - var createCertificateMapEntryBody = new CertificateMapEntry - { - Name = MapEntryName, - Description = MapEntryName, - Hostname = subject, - Certificates = new List {$"{storePath}/certificates/{gCertificate.Name}"} - }; - - _logger.LogTrace( - $"Created Certificate Map Entry Body: {JsonConvert.SerializeObject(createCertificateMapEntryBody)}"); - - //4. Check for Existing Map with the same name if matches the Entry Param then use it if not create new - var mapEntryCreated = CreateMapEntry(createCertificateMapEntryBody, svc, - storePath + "/certificateMaps/" + MapName); - _logger.LogTrace($"Certificate Map Entry Created with Name {mapEntryCreated.Name}"); - } + X509Certificate replaceCertificateResponse; + if (duplicate && config.Overwrite) + replaceCertificateResponse = ReplaceCertificate(gCertificate, svc, storePath, true); + else + replaceCertificateResponse = + ReplaceCertificate(gCertificate, svc, storePath, false); - //5. Return success from job - return new JobResult - { - Result = OrchestratorJobStatusJobResult.Success, - JobHistoryId = config.JobHistoryId, - FailureMessage = "" - }; - } + _logger.LogTrace( + $"Certificate Created with SubjectDn {replaceCertificateResponse.SubjectDN}"); + + //Return success from job + return new JobResult + { + Result = OrchestratorJobStatusJobResult.Success, + JobHistoryId = config.JobHistoryId, + FailureMessage = "" + }; } } @@ -340,7 +287,7 @@ private JobResult PerformAddition(CertificateManagerService svc, ManagementJobCo } catch (GoogleApiException e) { - var googleError = e.Error.ErrorResponseContent; + var googleError = e.Error?.ErrorResponseContent + " " + LogHandler.FlattenException(e); return new JobResult { Result = OrchestratorJobStatusJobResult.Failure, @@ -363,50 +310,36 @@ private JobResult PerformAddition(CertificateManagerService svc, ManagementJobCo private X509Certificate ReplaceCertificate(Certificate gCertificate, CertificateManagerService svc, string storePath, bool overwrite) { - try - { - _logger.MethodEntry(); - //DEFAULT or EDGE_CACHE - //todo add labels - //Path does not support cert and private key replacement so delete and insert instead - - - + _logger.MethodEntry(); - //if (overwrite) DeleteCertificate(gCertificate.Name, svc, storePath); + //if (overwrite) DeleteCertificate(gCertificate.Name, svc, storePath); - //var replaceCertificateRequest = svc.Projects.Locations.Certificates.Create(gCertificate, storePath); - //replaceCertificateRequest.CertificateId = gCertificate.Name; - var replaceCertificateRequest = svc.Projects.Locations.Certificates.Patch(gCertificate, storePath + $"/certificates/{CertificateName}"); - replaceCertificateRequest.UpdateMask = "SelfManaged.PemCertificate,SelfManaged.PemPrivateKey"; + //var replaceCertificateRequest = svc.Projects.Locations.Certificates.Create(gCertificate, storePath); + //replaceCertificateRequest.CertificateId = gCertificate.Name; + var replaceCertificateRequest = svc.Projects.Locations.Certificates.Patch(gCertificate, storePath + $"/certificates/{CertificateName}"); + replaceCertificateRequest.UpdateMask = "SelfManaged"; - var replaceCertificateResponse = replaceCertificateRequest.Execute(); - WaitForOperation(svc, replaceCertificateResponse.Name); + var replaceCertificateResponse = replaceCertificateRequest.Execute(); + WaitForOperation(svc, replaceCertificateResponse.Name); - _logger.LogTrace( - $"Certificate Created in Google Cert Manager with Name {replaceCertificateResponse.Name}"); + _logger.LogTrace( + $"Certificate Created in Google Cert Manager with Name {replaceCertificateResponse.Name}"); - var pemString = gCertificate.SelfManaged.PemCertificate; - pemString = pemString.Replace("-----BEGIN CERTIFICATE-----", "") - .Replace("-----END CERTIFICATE-----", ""); - var buffer = Convert.FromBase64String(pemString); - var parser = new X509CertificateParser(); - var cert = parser.ReadCertificate(buffer); + var pemString = gCertificate.SelfManaged.PemCertificate; + pemString = pemString.Replace("-----BEGIN CERTIFICATE-----", "") + .Replace("-----END CERTIFICATE-----", ""); + var buffer = Convert.FromBase64String(pemString); + var parser = new X509CertificateParser(); + var cert = parser.ReadCertificate(buffer); - _logger.LogTrace($"X509 Serialized: {cert}"); + _logger.LogTrace($"X509 Serialized: {cert}"); - _logger.MethodExit(); - return cert; - } - catch (Exception e) - { - _logger.LogError($"Error occured in Management.CreateCertificate: {LogHandler.FlattenException(e)}"); - throw; - } + _logger.MethodExit(); + return cert; } private void DeleteCertificate(string certificateName, @@ -415,34 +348,6 @@ private void DeleteCertificate(string certificateName, try { _logger.MethodEntry(); - if (MapName.Length > 0) - { - //See if map entry exists, if so delete it - var certificateMapEntryListRequest = - svc.Projects.Locations.CertificateMaps.CertificateMapEntries.List(storePath + - $"/certificateMaps/{MapName}"); - certificateMapEntryListRequest.Filter = - $"name=\"{storePath}/certificateMaps/{MapName}/certificateMapEntries/{MapEntryName}\""; - - var certificateMapEntryListResponse = certificateMapEntryListRequest.Execute(); - _logger.LogTrace( - $"Map Entry Response Json {JsonConvert.SerializeObject(certificateMapEntryListResponse)}"); - - if (certificateMapEntryListResponse?.CertificateMapEntries?.Count > 0) - { - var deleteCertificateMapEntryRequest = - svc.Projects.Locations.CertificateMaps.CertificateMapEntries.Delete(storePath + - $"/certificateMaps/{MapName}/certificateMapEntries/{MapEntryName}"); - - var deleteCertificateMapEntryResponse = deleteCertificateMapEntryRequest.Execute(); - _logger.LogTrace( - $"Delete Certificate Response Json {JsonConvert.SerializeObject(deleteCertificateMapEntryResponse)}"); - WaitForOperation(svc, deleteCertificateMapEntryResponse.Name); - - _logger.LogTrace( - $"Deleted {deleteCertificateMapEntryResponse.Name} Certificate Map Entry During Replace Procedure"); - } - } var certificatesRequest = svc.Projects.Locations.Certificates.List(storePath); certificatesRequest.Filter = $"name=\"{storePath}/certificates/{certificateName}\""; @@ -462,117 +367,18 @@ private void DeleteCertificate(string certificateName, _logger.LogTrace($"Deleted {deleteCertificateResponse.Name} Certificate During Replace Procedure"); } - - _logger.MethodExit(); - } - catch (Exception e) - { - _logger.LogError($"Error occured in Management.DeleteCertificate: {LogHandler.FlattenException(e)}"); - throw; - } - } - - private CertificateMap CreateMap(string mapName, CertificateManagerService client, string parent) - { - try - { - _logger.MethodEntry(); - var certificateMapListRequest = client.Projects.Locations.CertificateMaps.List(parent); - var mapFilter = $"{parent}/certificateMaps/{mapName}"; - certificateMapListRequest.Filter = $"name=\"{mapFilter}\""; - - var certificateMapListResponse = certificateMapListRequest.Execute(); - _logger.LogTrace( - $"certificateMapListResponse Json {JsonConvert.SerializeObject(certificateMapListResponse)}"); - - if (certificateMapListResponse?.CertificateMaps?.Count > 0) - { - _logger.MethodExit(); - return certificateMapListResponse.CertificateMaps[0]; - } - - var certificateMapBody = new CertificateMap {Name = mapName, Description = mapName}; - var certificateMapCreateRequest = - client.Projects.Locations.CertificateMaps.Create(certificateMapBody, parent); - certificateMapCreateRequest.CertificateMapId = mapName; - - var certificateMapCreateResponse = certificateMapCreateRequest.Execute(); - _logger.LogTrace( - $"certificateMapCreateResponse Json {JsonConvert.SerializeObject(certificateMapCreateResponse)}"); - WaitForOperation(client, certificateMapCreateResponse.Name); - - if (certificateMapCreateResponse?.Name?.Length > 0) - { - var certificateMapRequest = - client.Projects.Locations.CertificateMaps.Get(mapFilter); - - var certificateMapResponse = certificateMapRequest.Execute(); - _logger.LogTrace( - $"certificateMapResponse Json {JsonConvert.SerializeObject(certificateMapResponse)}"); - - _logger.MethodExit(); - return certificateMapResponse; - } - - _logger.MethodExit(); - return null; - } - catch (Exception e) - { - _logger.LogError($"Error occured in Management.CreateMap: {LogHandler.FlattenException(e)}"); - throw; - } - } - - private CertificateMapEntry CreateMapEntry(CertificateMapEntry mapEntry, CertificateManagerService client, - string parent) - { - try - { - _logger.MethodEntry(); - var certificateMapEntryListRequest = - client.Projects.Locations.CertificateMaps.CertificateMapEntries.List(parent); - certificateMapEntryListRequest.Filter = $"name=\"{mapEntry.Name}\""; - - var certificateMapEntryListResponse = certificateMapEntryListRequest.Execute(); - _logger.LogTrace( - $"certificateMapEntryListResponse Json {JsonConvert.SerializeObject(certificateMapEntryListResponse)}"); - - if (certificateMapEntryListResponse?.CertificateMapEntries?.Count > 0) - { - _logger.MethodExit(); - return certificateMapEntryListResponse.CertificateMapEntries[0]; - } - - var certificateMapEntryCreateRequest = - client.Projects.Locations.CertificateMaps.CertificateMapEntries.Create(mapEntry, parent); - certificateMapEntryCreateRequest.CertificateMapEntryId = mapEntry.Name; - - var certificateMapEntryCreateResponse = certificateMapEntryCreateRequest.Execute(); - _logger.LogTrace( - $"certificateMapEntryCreateResponse Json {JsonConvert.SerializeObject(certificateMapEntryCreateResponse)}"); - WaitForOperation(client, certificateMapEntryCreateResponse.Name); - - if (certificateMapEntryCreateResponse?.Name?.Length > 0) + else { - var certificateMapEntryRequest = - client.Projects.Locations.CertificateMaps.CertificateMapEntries.Get(parent + - "/certificateMapEntries/" + mapEntry.Name); - - var certificateMapEntryResponse = certificateMapEntryRequest.Execute(); - _logger.LogTrace( - $"certificateMapEntryResponse Json {JsonConvert.SerializeObject(certificateMapEntryResponse)}"); - - _logger.MethodExit(); - return certificateMapEntryResponse; + string msg = $"Certificate {certificateName} not found for {storePath}."; + _logger.LogWarning(msg); + throw new Exception(msg); } _logger.MethodExit(); - return null; } catch (Exception e) { - _logger.LogError($"Error occured in Management.CreateMapEntry: {LogHandler.FlattenException(e)}"); + _logger.LogError($"Error occured in Management.DeleteCertificate: {LogHandler.FlattenException(e)}"); throw; } } @@ -633,31 +439,6 @@ private void WaitForOperation(CertificateManagerService client, string operation throw new Exception($"{operationName} was still processing after the {OPERATION_MAX_WAIT_MILLISECONDS.ToString()} millisecond maximum wait time."); } - private string GetMapSettingsFromAlias(string alias, string nameType) - { - try - { - _logger.MethodEntry(); - //alias should be in format MapName/MapEntryName/CertificateName - _logger.LogTrace($"nameType: {nameType} alias: {alias}"); - var aliasComponents = alias.Split('/'); - if (aliasComponents.Length == 3 && nameType == "map") return aliasComponents[0].ToLower(); - if (aliasComponents.Length == 3 && nameType == "mapentry") return aliasComponents[1].ToLower(); - if (aliasComponents.Length == 3 && nameType == "certificate") return aliasComponents[2].ToLower(); - if (aliasComponents.Length == 1 && nameType == "certificate" && aliasComponents[0].Length > 0) - return aliasComponents[0].ToLower(); - - _logger.MethodExit(); - return ""; - } - catch (Exception e) - { - _logger.LogError( - $"Error in Management.GetMapSettingsFromAlias {LogHandler.FlattenException(e)}"); - throw; - } - } - private string GetCommonNameFromSubject(string subject) { try diff --git a/GcpCertManager/StoreProperties.cs b/GcpCertManager/StoreProperties.cs index f8591c4..d905a53 100644 --- a/GcpCertManager/StoreProperties.cs +++ b/GcpCertManager/StoreProperties.cs @@ -10,6 +10,6 @@ internal class StoreProperties public string ProjectId { get; set; } - public string JsonKey { get; set; } + public string ServiceAccountKey { get; set; } } } \ No newline at end of file From cef9e19c35651c8703985e435f1ae8f4c9604c9d Mon Sep 17 00:00:00 2001 From: leefine02 Date: Thu, 14 Dec 2023 16:26:45 +0000 Subject: [PATCH 06/38] Initial Version --- GcpCertManager/Jobs/Management.cs | 49 ++++++++++++------------------- 1 file changed, 19 insertions(+), 30 deletions(-) diff --git a/GcpCertManager/Jobs/Management.cs b/GcpCertManager/Jobs/Management.cs index 4a54e3b..7b499c8 100644 --- a/GcpCertManager/Jobs/Management.cs +++ b/GcpCertManager/Jobs/Management.cs @@ -247,7 +247,7 @@ private JobResult PerformAddition(CertificateManagerService svc, ManagementJobCo var gCertificate = new Certificate { SelfManaged = new SelfManagedCertificate - {PemCertificate = pubCertPem, PemPrivateKey = privateKeyString}, + { PemCertificate = pubCertPem, PemPrivateKey = privateKeyString }, Name = CertificateName, Description = CertificateName, Scope = "DEFAULT" //Scope does not come back in inventory so just hard code it for now @@ -256,15 +256,12 @@ private JobResult PerformAddition(CertificateManagerService svc, ManagementJobCo _logger.LogTrace( $"Created Google Certificate Object: {JsonConvert.SerializeObject(gCertificate)}"); - X509Certificate replaceCertificateResponse; if (duplicate && config.Overwrite) - replaceCertificateResponse = ReplaceCertificate(gCertificate, svc, storePath, true); + ReplaceCertificate(gCertificate, svc, storePath); else - replaceCertificateResponse = - ReplaceCertificate(gCertificate, svc, storePath, false); + AddCertificate(gCertificate, svc, storePath); - _logger.LogTrace( - $"Certificate Created with SubjectDn {replaceCertificateResponse.SubjectDN}"); + _logger.MethodExit(); //Return success from job return new JobResult @@ -275,14 +272,13 @@ private JobResult PerformAddition(CertificateManagerService svc, ManagementJobCo }; } } - _logger.MethodExit(); return new JobResult { Result = OrchestratorJobStatusJobResult.Failure, JobHistoryId = config.JobHistoryId, FailureMessage = - $"Duplicate alias {config.JobCertificate.Alias} found in Google Certificate Manager, to overwrite use the overwrite flag." + $"Duplicate alias {config.JobCertificate.Alias} found in Google Certificate Manager. To overwrite use the overwrite flag." }; } catch (GoogleApiException e) @@ -307,39 +303,32 @@ private JobResult PerformAddition(CertificateManagerService svc, ManagementJobCo } } - private X509Certificate ReplaceCertificate(Certificate gCertificate, - CertificateManagerService svc, string storePath, bool overwrite) + private void AddCertificate(Certificate gCertificate, CertificateManagerService svc, string storePath) { - _logger.MethodEntry(); + var addCertificateRequest = svc.Projects.Locations.Certificates.Create(gCertificate, storePath + $"/certificates"); + addCertificateRequest.CertificateId = gCertificate.Name; - //if (overwrite) DeleteCertificate(gCertificate.Name, svc, storePath); - - //var replaceCertificateRequest = svc.Projects.Locations.Certificates.Create(gCertificate, storePath); - //replaceCertificateRequest.CertificateId = gCertificate.Name; - var replaceCertificateRequest = svc.Projects.Locations.Certificates.Patch(gCertificate, storePath + $"/certificates/{CertificateName}"); - replaceCertificateRequest.UpdateMask = "SelfManaged"; + var addCertificateResponse = addCertificateRequest.Execute(); + WaitForOperation(svc, addCertificateResponse.Name); + _logger.LogTrace($"Certificate Created in Google Cert Manager with Name {addCertificateResponse.Name}"); + _logger.MethodExit(); + } + private void ReplaceCertificate(Certificate gCertificate, CertificateManagerService svc, string storePath) + { + _logger.MethodEntry(); + var replaceCertificateRequest = svc.Projects.Locations.Certificates.Patch(gCertificate, storePath + $"/certificates/{CertificateName}"); + replaceCertificateRequest.UpdateMask = "SelfManaged"; var replaceCertificateResponse = replaceCertificateRequest.Execute(); WaitForOperation(svc, replaceCertificateResponse.Name); - _logger.LogTrace( - $"Certificate Created in Google Cert Manager with Name {replaceCertificateResponse.Name}"); - - var pemString = gCertificate.SelfManaged.PemCertificate; - pemString = pemString.Replace("-----BEGIN CERTIFICATE-----", "") - .Replace("-----END CERTIFICATE-----", ""); - var buffer = Convert.FromBase64String(pemString); - var parser = new X509CertificateParser(); - var cert = parser.ReadCertificate(buffer); - - _logger.LogTrace($"X509 Serialized: {cert}"); + _logger.LogTrace($"Certificate Replaced in Google Cert Manager with Name {replaceCertificateResponse.Name}"); _logger.MethodExit(); - return cert; } private void DeleteCertificate(string certificateName, From 6d11f32384640983c9c411c49aa4f44943b17082 Mon Sep 17 00:00:00 2001 From: leefine02 Date: Thu, 14 Dec 2023 20:39:07 +0000 Subject: [PATCH 07/38] Initial Version --- GcpCertManager/Jobs/Management.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/GcpCertManager/Jobs/Management.cs b/GcpCertManager/Jobs/Management.cs index 7b499c8..6399280 100644 --- a/GcpCertManager/Jobs/Management.cs +++ b/GcpCertManager/Jobs/Management.cs @@ -305,7 +305,7 @@ private JobResult PerformAddition(CertificateManagerService svc, ManagementJobCo private void AddCertificate(Certificate gCertificate, CertificateManagerService svc, string storePath) { - var addCertificateRequest = svc.Projects.Locations.Certificates.Create(gCertificate, storePath + $"/certificates"); + var addCertificateRequest = svc.Projects.Locations.Certificates.Create(gCertificate, storePath); addCertificateRequest.CertificateId = gCertificate.Name; var addCertificateResponse = addCertificateRequest.Execute(); From 868a29f8223e8f33865c042cf3fd94e9b4960bae Mon Sep 17 00:00:00 2001 From: leefine02 Date: Mon, 18 Dec 2023 16:25:55 +0000 Subject: [PATCH 08/38] Initial Version --- integration-manifest.json | 81 ++++++++++++++++++++++++++++++--- readme_source.md | 94 +++++++++------------------------------ 2 files changed, 97 insertions(+), 78 deletions(-) diff --git a/integration-manifest.json b/integration-manifest.json index 35133f0..7509586 100644 --- a/integration-manifest.json +++ b/integration-manifest.json @@ -1,7 +1,76 @@ { - "$schema": "https://keyfactor.github.io/integration-manifest-schema.json", - "integration_type": "orchestrator", - "name": "Google Cloud Provider Certificate Manager", - "status": "pilot", - "description": "Google Certificate Manager Orchestrator for Add, Remove and Inventory." -} + "$schema": "https://keyfactor.github.io/integration-manifest-schema.json", + "integration_type": "orchestrator", + "name": "Google Cloud Provider Certificate Manager", + "status": "pilot", + "description": "Google Certificate Manager Orchestrator for Add, Remove and Inventory.", + "about": { + "orchestrator": { + "UOFramework": "10.4.1", + "pam_support": false, + "win": { + "supportsCreateStore": false, + "supportsDiscovery": false, + "supportsManagementAdd": true, + "supportsManagementRemove": true, + "supportsReenrollment": false, + "supportsInventory": true, + "platformSupport": "Unused" + }, + "linux": { + "supportsCreateStore": false, + "supportsDiscovery": false, + "supportsManagementAdd": true, + "supportsManagementRemove": true, + "supportsReenrollment": false, + "supportsInventory": true, + "platformSupport": "Unused" + }, + "store_types": { + "GcpCertMgr": { + "Name": "GCP Certificate Manager", + "ShortName": "GcpCertMgr", + "Capability": "GcpCertMgr", + "ServerRequired": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", + "PowerShell": false, + "PrivateKeyAllowed": "Required", + "StorePathType": "", + "StorePathValue": "n/a", + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "PasswordOptions": { + "Style": "Default", + "EntrySupported": false, + "StoreRequired": false + }, + "Properties": [ + { + "Name": "Location", + "DisplayName": "Location", + "Type": "String", + "DependsOn": "", + "DefaultValue": "global", + "Required": true + }, + { + "Name": "ServiceAccountKey", + "DisplayName": "Service Account Key File Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": null, + "Required": false + } + ], + "EntryParameters": [] + } + } + } + } +} \ No newline at end of file diff --git a/readme_source.md b/readme_source.md index b967f18..d675187 100644 --- a/readme_source.md +++ b/readme_source.md @@ -2,19 +2,19 @@ **Overview** -The GCP Certificate Manager Orchestrator remotely manages certificates on the Google Cloud Platform Certificate Manager Product +The GCP Certificate Manager Orchestrator Extension remotely manages certificates on the Google Cloud Platform Certificate Manager Product -This agent implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this AnyAgent. It supports adding certificates with or without private keys. +This orchestrator extension implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this Orchestrator Extension. It supports adding certificates with or without private keys. **Google Cloud Configuration** 1. Read up on [Google Certificate Manager](https://cloud.google.com/certificate-manager/docs) and how it works. -2. A Google Service Account is needed with the following permissions (Note: Workload Identity Management Should be used but at the time of the writing it was not available in the .net library yet) +2. Either a Google Service Account is needed with the following permissions (Note: Workload Identity Management Should be used but at the time of the writing it was not available in the .net library yet), or the virtual machine running the Keyfactor Orchestrator Service must reside within Google Cloud. ![](images/ServiceAccountSettings.gif) 3. The following Api Access is needed: ![](images/ApiAccessNeeded.gif) -4. Dowload the Json Credential file as shown below: +4. If authenticating via service account, download the Json Credential file as shown below: ![](images/GoogleKeyJsonDownload.gif) **1. Create the New Certificate Store Type for the GCP Certificate Manager Orchestrator** @@ -26,18 +26,19 @@ SETTING TAB | CONFIG ELEMENT | DESCRIPTION ------|-----------|------------------ Basic |Name |Descriptive name for the Store Type. Google Cloud Certificate Manager can be used. Basic |Short Name |The short name that identifies the registered functionality of the orchestrator. Must be GcpCertMgr -Basic |Custom Capability|Checked with Name GcpCertManager +Basic |Custom Capability|Checked with Name GcpCertMgr Basic |Job Types |Inventory, Add, and Remove are the supported job types. -Basic |Needs Server |Must be checked +Basic |Needs Server |Unchecked Basic |Blueprint Allowed |Unchecked -Basic |Requires Store Password |Determines if a store password is required when configuring an individual store. This must be unchecked. -Basic |Supports Entry Password |Determined if an individual entry within a store can have a password. This must be unchecked. -Advanced |Store Path Type| Determines how the user will enter the store path when setting up the cert store. Freeform -Advanced |Supports Custom Alias |Determines if an individual entry within a store can have a custom Alias. This must be Required -Advanced |Private Key Handling |Determines how the orchestrator deals with private keys. Required -Advanced |PFX Password Style |Determines password style for the PFX Password. Default -Custom Fields|Google Cloud Platform Project Location|Name:Location Display Name:Location Type:String Default Value:global Required:True -Custom Fields|Google Cloud Platform Project Number|Name:Project Number Display Name:Project Number Type:String Default Value:N/A Required:True +Basic |Requires Store Password |Unchecked. +Basic |Supports Entry Password |Unchecked. +Advanced |Store Path Type| Fixed +Advanced |Store Path Type Value (the textbox that shows when Store Path Type is set to "Fixed" |n/a +Advanced |Supports Custom Alias |Required +Advanced |Private Key Handling |Required +Advanced |PFX Password Style |Default +Custom Fields|Google Cloud Platform Project Location/Region|Name:Location, Display Name:Location, Type:String, Default Value:global, Required:False +Custom Fields|The file name of the Google Cloud Service Account Key File installed in the same folder as the orchestrator extension. Empty if the orchestrator server resides in GCP and you are not using a service account key |Name:Service Account Key File Name, Type:String, Default Value:, Required:True Entry Parameters|N/A| There are no Entry Parameters **Basic Settings:** @@ -62,8 +63,7 @@ See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your **3. Create a GCP Certificate Manager Certificate Store within Keyfactor Command** In Keyfactor Command create a new Certificate Store similar to the one below -![](images/CertStoreSettings-1.gif) -![](images/CertStoreSettings-2.gif) +![](images/CertStoreSettings.gif) ![](images/GoogleCloudProjectInfo.gif) #### STORE CONFIGURATION @@ -72,64 +72,14 @@ CONFIG ELEMENT |DESCRIPTION Category |The type of certificate store to be configured. Select category based on the display name configured above "GCP Certificate Manager". Container |This is a logical grouping of like stores. This configuration is optional and does not impact the functionality of the store. Client Machine |The name of the Google Certificate Manager Credentials File. This file should be stored in the same directory as the Orchestrator binary. Sample is "favorable-tree-346417-feb22d67de35.json". -Store Path |This will be the ProjectId of the Google Cloud Project. Sample here is "favorable-tree-346417". See above image. -Location|global is the default but could be another region based on the project. -Project Number| As shown in the above image, this can be obtained from the project information in Google Cloud. +Store Path |This is not used and should be defaulted to n/a per the certificate store type set up. Orchestrator |This is the orchestrator server registered with the appropriate capabilities to manage this certificate store type. -Inventory Schedule |The interval that the system will use to report on what certificates are currently in the store. +Location|**global** is the default but could be another region based on the project. +Service Account Key File Name | The name of the file containing the GCP Service Account JSON formatted key previously downloaded. Keep this optional field blank if the Keyfactor Orchestrator Service is running from an authenticated VM within Google Cloud. +Update Server User Name |Click and select No Value. +Update Server Password |Click and select No Value. Use SSL |This should be checked. -User |This is not necessary. -Password |This is not necessary. - -*** - -#### Usage - -**Adding New Certificate No Map Entry** - -![](images/AddCertificateNoMapEntry.gif) - -*** - -**Adding New Certificate With Map Entry** - -![](images/AddCertificateWithMapEntry.gif) - -*** - -**Replace Certficate With Map Entry** - -![](images/ReplaceCertificateMapEntry.gif) - -*** - -**Replace Certficate No Map Entry** - -![](images/ReplaceCertificateNoMapEntry.gif) - -*** - -**Replace Certficate With Map Entry** - -![](images/ReplaceCertificateMapEntry.gif) - -*** - -**Replace Certficate No Map Entry** - -![](images/ReplaceCertificateNoMapEntry.gif) - -*** - -**Remove Certificate Map Entry** - -![](images/RemoveCertifcateMapEntry.gif) - -*** - -**Remove Certficate No Map Entry** - -![](images/RemoveCertificateNoMapEntry.gif) +Inventory Schedule |The interval that the system will use to report on what certificates are currently in the store. #### TEST CASES From bc5143e0f5227dcaf9c51aef54504ada7a3524b7 Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Mon, 18 Dec 2023 16:31:34 +0000 Subject: [PATCH 09/38] Add files via upload --- images/CertStoreSettings.gif | Bin 0 -> 18732 bytes images/CertStoreType-Advanced.gif | Bin 15485 -> 16683 bytes images/CertStoreType-Basic.gif | Bin 19302 -> 23303 bytes images/CertStoreType-CustomFields.gif | Bin 13949 -> 19975 bytes 4 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 images/CertStoreSettings.gif diff --git a/images/CertStoreSettings.gif b/images/CertStoreSettings.gif new file mode 100644 index 0000000000000000000000000000000000000000..7347fb85f35f3b56373767a0776c67c6d33a3019 GIT binary patch literal 18732 zcmV)8K*qmENk%w1VUhtB19t!bA^8LV00000EC2ui0FnU~1Bd_r{{R4f03?VAHG2S6 zr2u7w0Cl|pb^ic;#sh-J6@dRBAsQedBP2LuA!)4#0{|x~Jvf2OFOL5?3vxLOh&l|m zI}FE20#Z35c{v}6IWe3$F2*@HwmdsKJU>f3Ie0rffH_H|IZw<#Qgu01tUqIhJZPFd zYqdFN);x8wIe6PVfww%7%sZIkN(>l2I*&g-CO|@GLQRA}QIi>la)#rTvwJd`{_l0R3J zJZ+L;c$9dQk%Ewvhklfnvy-~rlgId<404$aq@OOxqb_osNdTWya+hX2o@R5Pb3vYS zgqV6AzOkWHJfT!Vre0d5f@q_Nfuh3Hq|o=R+y1U&1gmC0 zuaKavx16rO;kQz9x@&T?bv?F*Qn!m{wUL3Zq_VWW)3d~)w9mb>&(pKx{<$u4xjwYN zafQNq&bWg-zM6);zQVuf{KbBI#eoCDmubtFq{^m)%(Jt_zSzvdpTp7K%XxCp(9_QL z{nU$g(UU#Tlvmc1iqxcY(yoNix|h+stI*K2)YR15+uhxrh~A`G;JLHfyTRV|{^qBQ z>$Gy^w36)7!s6oM=KcNezl!p|u<_BV?d|OM%98l^_WMFY`dV80baefZk^G^d{JgvW z(Ukt#ru*2y{nF6==+*w{wf_0y{r%DZ|NjX70KLHjK(L^}g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(u_MNT9z%*8NwTELlPFWFT*_3NS-`dN7{toCXir@PFA#u z{g`o~T!mK1eX>jw+~-O1jAN-m&V;vZ4C&8>3$H_rSTO*`i5**nOu4vag_$?+3)e1c9usG*V}deD2&6=^1Xl!<#OxD#+nnWs92S{$ip z{utjM@SMXgjK~CAZ#nVZ(P)N~^;#>eJK@tFW+QLa<~YH|9dlgC@Q(rjWaN{Rc#!2VBLp%QyOdvkbwBv+IP#+t zQM$c5KD>rP@NhHQhI~{9#P4i9Oam$A+eK?Ovk-mALQ<0X0exmCzk>iQIuB#R<|gpJ z01hyF%)^O(^s}DG)M{L{@D|LrH>mDmtREpH;6l!EGH#_n9hef1jN11;?V%|jwvk{$ zB-XB1NoIfk^}!*xpo1-i?86u*LsSrRc#!9$CxQhLBDXY9#0=JigTHa!;Yw65GmYms z1tFmb0YIdL5NvP>VaLgMP`!@%0ft&wU+qL!FVdOrhSj-4<(Q*`_OQb?K%8BJCIEsq za*PfbT%lyZ5X9<$p@}U61{4W0$U+(tkygyfZtzqP;NXFaALNn;aU{mel`$bgBten1 zWe0KyQHKeM;qm4OKOWh!mIiuSBJ&}Lt`!7@xZ_`Vm~**@w4)Cg1Q{b|m&;;`2u+h5 z<`^>xl(pjkao<$6~#jva{_74#>tQwia=#`L>dw2}z7*XK_rF zM)z<8WZ<)wu#-#%_z;Pcogf{NdC)O-alid#6g@;mM%q-=Q$L{*oRmp|4{vANqk~Ul{m9cBoSvCiOF@1_7C5=(RKV zzRk0JmTVyF?Av0lPU$sjUX7QE}=DZ6$Y=tFQi__V;Ze<(+jQ;Ja z;4uza%%M`~*aa`r0^3!gh7SizNIzg32}(o_A+(i6B+}4|N9|)5rodolD8ZxL?$%+u zI7WM{n;l|BVh(92#iQyM2|n;59k8|3bg`A&<&Gkedtk+56_%3s^(+_9( zEFtYp!+Tvz-~t=?zz9yTf)~u-20Qq{5RR~fCrsfATlm5l&aj3z%;64u_`@I$v4}@Z z;u4$q#3)X&idW3y7Q6VxFpjZ|XH4T7+xW&f&asYn%;O&W_{TsFvXF;N*DZ!w`7!G<+8=;zn1oGp5MKm@EB`6(mm;uDHb_ z2yzcT>zW|=I07}Sp~G;npdYdLB&$(;YBc|b3&4N}E@nOJ5{Tm3qKL+?0nlr8Y&+P) z)*(N*&RinMGXLA7o->+c;vZL9OWfQ zp~`o*0xRG!W_&nd2GnQ=8kVqxO2FgJd7cEH{fvY__Zyb)_<%P42Y%zV5F{KscnHc# z4rG2LVhKvXf|U*84^`BeR8XZ*0)Y{Zw#g--Z;iI#!mLKoBix)PrKUJ&i1yu{q1m%yWHna_qyBt z?s(6;-uG_yV|b$_d=I?f2T%CI8~*T!PrTySz7lUN{_&8HyyPcO`N|Le?_$z3gXC`_&)g^|jBv?sw1o!{7cSu^`XrIQ^|$`d{qE--`y1Ujq!vIc)$v+n1(hwK>rT(ApU0OMk36ggFm=k8$9p}(|`*zAb`1m13fSab^v#w zum)|{4P^iV0yuWt-~=WR4c?c5&If)XA%0`G3?9%2WY-L)Fm|{Q10^^Os}KW~pbZi@ zcA-#!Wv2}_@C5?c3{H>*ZRdgl$PFb34O~zO)1V71@^+n|gKP(Z9pHZ^*Z~))flz3C z92gQF2!TjwcFn+oXUBtMrwv*-c2stefWoFsDF8;2QSzRPk;nGP=XMs22XH>QP_%ZCkerK43f}yxR-X?U;{#U zcDKNYTlj*3D1%-20r;1QhMgS3E$#$Y}ew%j;IM4y2P z5?GSVXo)BpjVqazWv2^BpafTtmEJg(WeJim*$gr;3+L#J+;9juFa>b%lTR3wa4DBJ z$%V{_kvKq>N^k=!(3DR(nSIxgIAEE|7m*#|fjeme6PT7+n2TEZnPwM;SXct2DUC)s z4bB*pD|ra4NR&c|l`yG;&48L|_mbVQq_({KwqV1k5+fhj4Q(?FXpniY;nKc8rj4H^2im8z`c!N0zj!4)H@rRaN*qUrPjn!z6 zc5sXF#|?C8jNxdH!}yI^i3>}}nv9r}!Wj)f8HDmV4fOd3`M8gP*pJ*e4YKeHk_ny9 z$&gfucACi%ocWEbV196hfn&#h?$?pwDTe#k0sS|2pr`~^pnhnXk2sJ8?5UD>ID~pw zf(MA0{3^W8XQTLLRHmOyD4`Q7eiynC z8A_#h=L{a23pJ^wVCr^Psu5WlrgO)BWa*=3x~5QBooxE1aB6sCnh|9hr*?X$a5twI zQKxv?r+!L{!1t$uI;j3@r>7Uer-YiQY-*?$ae9jSsDFxiCZTzdTB&zRdMV+kmb$5C zDyb;Jsh}FBV27xoTB_6McP}AyT(_#M+N!Sls<0ZXvO24@>UX6Fbhw(Uy1J{p+N-|$ ztH2tp!aA(PTCB!;tjLPQF>ZPw1?-9sPv8MnKn>@hW^DFxW>yDMPy;$NXHsx;Tb2mM zQ?3=`Y6nqsc*75F01V@%9`~jW;tFX1AZhw~W&i+g{%~n6rD^xJY6eRf2x}1c@NNWA z40yl~X22ueCjPFlCTsfo2;iZz)KF`;_6n62vK7;82T`(@fwDBqZG6^k;}&hx7PB+E zvRj62qJRuJtFzLQZtF$^>7WV=+ps~~vO{aKl}2p-AhW-*vh!ANeDSnUTPFo~a6G~f zhmZqF(5@>hwCcbQg)joYunY>va7Y`rwlr}S2M=a@wt_pjgj=|Vd$@?3xQe^D3*ipm z5S_Iexsp4%lv}x$d%09M4NLP9-*60c!nk6g7spUvEHMq93c6+Ccq{P@r;EC&OS&ha zd9GU+n0gXaGP{J44zODi(?G7c3l{J&4X^jRgu$p4VZ6k9705dg%bUDZ(Yz4>z0MmI z()$qA{yV)+alH+pz1X`H+`ACp+r3B;z6n9T;)@e|ASdY{2?t@m?R&mdAqo$`00WW^ z4DbM=U=Z%BzwkR1_B+3OaliD-zrfeO{wu%&EGGc4zXid-1{@Rr3&05Bzzh7q{<{DJ zJi)_j!BTO%<-5TgtQ8bY!6AGTBV58F48kaE6(_vH%B#XIJQWn&yD>}^!HW_eT*FbJ zyO~GAI@}VqYrC!c!%5){yL%F*OT*R1|#=N%z!Qa z=HLOsfe$yJS_|QCo#Y6=LdPEAtzq(I=>WFAOLJgb5a!SUV@43x&;f?55Qyv~j2sf@ zny@k(wAru(tC$vp1_w`|12tCzIUpS7kON#m7vuH@5_GR?R&UwxXMwiLtxOJi?5^;N z7k7rr0vE~;F|q|Q%q#m2$6>M7kURc>3YL(^24M~>Pz?JM4%;k26l<}d1^|#Y%@-F7 z*Ide60I@G*4!P40x1emw9IlQ=$_~4-#jtA`8wKj%Z}4yn>5N(gA!hIJ0?}Xyi{NiB z%L4zb&zdYj{~XX+djjsD3cq5r^V|?TOUd_44Y%M0*!Euj4A9tY$t+OKQULyO#8$M@ z#?agL&|yN-r5v}tW@c)DZP=R84I#CUOtmvj4emS;CO6Unoz1fra35E)@HT7sHV*v^ z(K6l9a%&9&w+|qz(*=>XRp!jp;Ac``1>ix{0Dub~088=~x5Sok3pZwdMrGtc)LbpM z{g4YeAO$jq)p(uPdcD_t-PeANWUAW5f<4%TUD$?Abzb)pVP~q0-HNDMx{V##uGn~z zUD;4L#3Dhdmc7~B7sRH=*`U3Bm@Sc^UD~JWrly_R!Z*UI-P*&)+O8ejx(C~`UE8up z+qRwCs)yTXM}Vn0cF=GJYY?G37=U+Il4wbH%`k@^-~$tw3oHn5_5RlZcNmE`@O~4> z4QNo^f_Q#rsM{Ne+WD7)Xy*(N>YO|1m2-#OGdg$LkOU>D-8zX2H}HiN=mh?U3njn{ z-S7!C@C(~;29SA%`)!X-(30TIe7FsuO1T3)d6-u4226RAP1%Wn2!USUhdj^<+Q5cx zNOm$QfD{R&K?sUCfCU1`-Z1#z-4F^&&~X^J3?+~VFYwzm=?kDR3(-h+`VHVtpa{U7 zn09arcj%4Zn2`yt;MJ*@0$72S;EbUOq-8MS2%44kc#jZRi210KBgzeD0Oa)TfHHo! zo2cD7sN%RVlb;Zr-Ovd-34&94c7KV4L1~i?D3AD;k4RXO{@Snve{c-You5fge7M~W zXON?)>6;ARjZ{wDy6KjDuHH-84Tzuz|Cy9zr{cws0@N6P(5Rdu*^_6t4DPpy6u9H8 z*^D5GikONcj26u?u^cS4+*M?=uf<1`~WLb!17Ya#P=ewDdcn*fJId&z93j_(I z2R`dk=%%+Q3N{dbijL_==M z;fT;OBa2zwy*h*-4cO) z*uMY!z#sgWo7jI{{KkL$$e;Ymzx>SK{LcRW{Lml$(m(ywU;Wb34sf6ZIe<)|F>?>$ z4~l`N9;0h&O5!eh5*MM(a0??F}$?2~U_+SK!{K~OB*8q_N z$r^S39MzeEj9;Q9Ia~pN2*BSXU=Z)Upq6dP6CLhy-N=E*T!}jzqJ<9^3H8yrVfBps?TJ&hrZo>(tXz(w9z=Q9N5EWb0!^KD=zB}3P z(`B;&%xMO|x%6=2#f=|F9`hX*qwtEc7#t3WRHuXe5n7!t<=}|sR&3@S^*8wB<;|Z* zpI#@tZE$cb>0=a^2R8k3;TTxZb~{9l32Ln8eO*iGVQ%@7EtIE@6fsfsDr)g&1X|{PIhbi9pSY(-JhE-K7 z)xCHckEgli+JYbcp5~L7X(qbpHA(i#WSv*oSmQ#j4SHy!r=~hgq?y>)X<|BS{b zXQ#b(+i%A`cingA-NqDMp>#xT?d+oR9 zzI*S#2S0rA$0xsh^Up^=ef8I8zkT=Lhd=(7+DSwT_zrW4JDRr1>ZN{|L5chXh@O#T z1s>U$K>+?+qCc5n1||#~U<8X}5ZXYb7+^36LKM;;hh$I+HE@tdo{$A~06-f!kU|fT z@sW^>BoSHIM<|v6LVu{D1`e^0K>lM5E5Ly*5(FY$E}}r+2*wdnsbN+25e1s_MC z#yfOS!fObDA7;o3I*{Q&v=}8H58($FkTDpgh@~^u*g*+{xW>2)F(qhm%@hGtktGz<~!hMBxiU0HZIDSWRHmAsjX~(k=clLqaa5=n(+o6Y_T^Cvc^){!39I6#u153!6F^xNLu>D95OIqHcnz4ssLb#gQ=rA zmi{6Ya==4700;*Q$|4@kl!YyatcY}|bH-WL(waJ5mLLTyWF=E2SsQ?6}nIq zx#Jtt=v_o5I#G&N)S?$f(lowtsnC4m7{_F2NCA+JV|+tSuoG!W0ri=0pfsf_HR+-# z_fmj@jxOH-DNSFRj+oA68af3k0DdZ~pz3s{G&yQft(jDrFjc9JbSg}u`qVW})g@M? zssyphlC5S{fL&DySiK5Au|}ks<+&{#U&U zl&^iQX{Z1@(7z70pM^E-QU#mXe+WjkBi*4DPS?U6<~%39v`*0;X}Zg7P=T;dkjxW`3q za+SMW<~G;4&xLMur8`~fR#!w2yb1r1`5o(?54$ySAOPUeUGD}60PR475_rIsY~bJt zUm!;eXLuPFibON~=uZqD;z1CSH+%ZKN=4oQMRUk;9OU?-RmAwmBwED{hIE7zq3GZ1 z>CZa?iiIU^p%{n+a*&1mqa_cs7IG4i!qT%acl(jy4W}fP@K_}<{8Bnw{M1XoaH=cBk6WDsvR$zg=fr?o>b4sL#f$9>jqYNF0fntBCIC8M9ZEoLUk>7l+rr2KLASU~FV7o7v8eNWI&c!Ni-^=^ z2hrKl?jg0WokMMRyN1*%>A0K7(sgNc-A4rJ&B0agqFFSfOZ#^W8QL?`7(C%A6ll-j zS@9R*^J_ihP>9mm@|VYa<}qsL$9LZIp9g*DML&Adm;T=Lr$>G2Rlj=Hx8C)y7ic@+ zpoAQ7vnJu-u1$*Zf&Rtie?(-EImkW}e>B3$Qg8)6u*k>-GGdnZIDxAF9LB%ELmQHu z$)sr##y5arE({#cI*ed%;+t2z{LCLCJW!Q;N1xL8FapsR(hx9mK@U_Ygkroio*X`b zApKZ|jqpB|2!|bbhXnE_4tfaml7jU*uk>=jFoV8D>LHG(p&P28-*^WjpbY>NK<601 z0}LPrsw3f;KZn?kN0@{UsE7%aul@=nJ&*z!n1yy3KoKG#{}KwKFp8w^kvIeP z^Npow3Oo?ONz#hOkb*aKg%Yd}BwM%I0ES|Sr3p;1FbcxID2AnYq9~H1DxxsF&~O~bdWRg~g1 zpD?nwvcMoJj0TFl!XOl|9^*sb@WRdj$1%LGGB~3Flt`;6gBXA}5`4#}zz&GWDef?b z4v4-X+lqZWNG2pE@?sD7xS#Xt4=EssFp~&W*ft}Riu+K4|H}o(h>VC!%1lh4E)%B* z%mH+IKq<4gWvGEAn1ql7#j3!k?ue%{%poa=O2n8-J8Z?56iWZVB>lOD=)c zMQSi7c4|l1gNqg8Fu-IHe0VQlB+SHA%*ABP#@rk?)4a%(%*mw8jM}I>`zY;m%(;j> zKif>vU_8(IOwuqsx(Fwm6fhiOoU^Gr{bSWoE`5cqs7zTyWxSWe^IgFU#;X6OT5=+OQlPh@C@ z_5^@!=ukeW2oCj7mRJWq=!QKYzjpY~J$Q)f>`-oUQBx?P6U8I^JO@4yh5u9pcrXS% z08mUa&}P6-0WpRS?f%XZ#iKpwy#Em#NuW`wuuvQIQZOyjJuroB z_)ipd(Jx&nY!lI<&W^Q zV+B)N-Gf%JP!-(+QP9wT-O`+eS&R*-znZi{eTM+;QxrwgKhV~wHP@#F$n6+bdDYIU zt=2KE)^Ej6lBEW6MNe}D00X_%VwHsa)CN9aS(UI^frVJ8-41<)2yNH{>1qfRE^~} zCoNn4lRaDb)V>8(*mTl`?gRjIhz2}T+K^RMoMqL@USfF&Wl_G9ap+@HM&-*graorn z%F7W~E|VRZ23XGIP3A3lfa6SVWi6THV@Bp=R_0}9W=GDIUhd<0aEDnotRzH-CFX`3 zsggndhHg%WZwBXZ7Uyv$=W;gZb4KTMR_AqQ=XQ2ya_;7q%9I;%h9y2_YW@Z+VUFW@ zfT(R2EpToRCBT6%hz55s=z~V+gjVQ=yt#&hL-4wrs#^c=!?eaj815H9^}25 zhB%goX~yTf66SPRVrLMQe@+L3UL{u$W^J&9B$Vlyrs6uPOnTBY-yy>3y>7NGb zpcd+(ChDFx=x=VRy{Ts<)`w}PWnr#|Oit-W0VzbLSP~)l z3XUG|p@?97!1EdG6zSaB9ga={UxQM)3x!PQr-TK|1w82g^kv^o{QjOevxw{)j^(RZHtl3J34& zhi5p$CWH!!h%mx{qJ9XAG;E@cu?zL>HT-U^0OKibTLz0qX#>W1Ni2cnYK#kF9tI6+1-` zDe0tMYI!Jb$Nuf)M!e#lWnm=7*f7Qb;*6a3$JhWR=7WfEfH*vg0;6b$RX_p^az=Vp6|j8t1Pp~_$YJUS zqabj?C?)a21&G^+61omxfJk5BYosVKZR89K*NmL(G4cBTU=De2Kv`nuHg2yfX>Ta; z$!_eF_{sO+CjO91qXfgG>`Sez@uh2-C9nephl6!;>$HrF2tUXHDUbs(@@_(}C0K$= zh;j;<@@ZINE6;PPn(`8d@{ro|K0onl{%tB(VvR}%5nrhH=5r z7x;lE_<{#`c6aq*fA^V)_Ia>}lu-6+pLSk%_Grg-F`kEd!1ZL`cmR<2j?cP|=XdMz z_dGNBlSlcKSNWA+ckycXMPGPmuLpaW_lU^&YUlTA_vDO6;#)srjbDj)p9gyQVw}f! zp(lEe$9GzXo|1l1h*ZYHa`Gm*%KTnBjKVpcWhq8BjrT6%*R|&ND z_?i!VX4m&)4|-;IhqbRByWjiF*Zj?|`u@JZ`k3E$X7^+%k%xyr{AzcHWw&^?$9J~3 z{KrRpkAMBK*LWl*c~F1#f9L$&=Y6TSdUwzIdxwZ+AAQ8n`Dd^AdMNwY5B%9@{n(H9 zpdWewSoX`ueO1@}-q-%^FZkbw`QT^xXQu~xQ2ysX{-8Jg)&~H4aDL-Q{`N2b^>=*f z!F=ww|NBRG?^k&6m-(!VhtdZK008RM8%R$e0D1-W=|iY+U_pce_rX^a+nkA-jwZJVWl;}>Vd?y%nI{|9ByGX(H>?{!Gx0y7j-L&cw zAxMGp;-M~BFP=hr@e10L7klmosnf{JBJ!GHJ%M ziBo51pFkfMl}h1G+r2xPkkjY10yTL3E^*%}K0A7QW4@ys^M2>gpc;Vf3q&oSQ2k`G zop$>12MAC1so)nF@C-9S2+?4(U@$!m)zuFGfCCo*$?SCD1n8;99%TRk7$P+QWJX|i zo*m^*Xw;E*U2_;+)R9O2yAec?jrQy~5|1VQcu_+(3N&Pn64|p4bWJ+>q;t}VR$Xb> zwU{4w@BLJcg78!`K@ji|qYh^uLPptSJyk#sI!+~+CYBSl;1?eKXfnYD`M1-3i7~D_YhfPoKd!<&365IV!28ntCd! zQc`D~Rh&-6;)UXU=iq&cQUFXoO}w&?n;@20R!?{2q>n6JWrdVk+wHfHAR>?nCOo!i z22VCvE-T2JJW%)GPYvSphQoP_rUk*|_Ry zjH6YFD!>5?Jn;Uhs@C+ct9-^vmpEF~N)0?lMlqU}^iv7|%-oyuzAyG0PpAYt z{WR23n`AJRG`hOxmpi$_)qR0#3lBC>DaMztU2_^HRv$~#7*A|X`s$|nvE9?wJhfnF zPZS`NPt6v)(hs(WVhRsYVj~q5ni9ja&mc#$=;{Rgg8Hx2m0Nx}lvJ~7Wp;q=1MUy% zV1seXJAI{38xUVCG<#*I$&(1=j70&VwRDYT?K_Excgnas+EbVhhOoC5mV7<|2YUYS zGIx2hL;l2}fO(|o>g(-wD*)%9rzzx}Dm^)kn2SF?`6+3Ru&dlMg)`|1-aJO|Joyai zna6I$69tOQ4AWTlCmWRBcomtbbY)uA+D-u7Gyw`!A}567!~{qX4F?WJTu32TSJ*Nk z=5at>4SLW{d?ubC*lBwPOd4pwCn~8K$y6;Y9}Hg-lPPTu0NuMG4s)o(9rCb;KK!8% zB_|`wRc<(@GGYvqXucV)3VlF)A{3)2#VJy;CqndB_=-4^BW_WNUM$J^tX9P_lCg|t zgyI#MM#Sb2t|UGRl0=L|kbU?FM3#sYpbo z{;_G!(Z@U@c^rY*BOa1G2x{mt4|*`E9+C89Mcin~dD!Mi^MK7MapcKUie!+k^we|= z*{Vg-vX-_C;`fG_#pRSTA@OjBM|ug5R_ddddCUzk0no}g3bU23!6Y$zDVr|7Qi)-l zL!2z@6>AgPdgkkmElH0VhuYR!t)P@^`zX%9K-9DA7bBkn{gPY;UHi2n5cp)U<; zOl3;ZSX%U+IDINqt(Z$JcC;lNaY#eL$(w>)HA%xkqE;Q^(v#AoBbA(|QpIP_w6fK5 zDb!_ETk_0?I+PwOou)u~^PAwjlq7Z~2wuM$kxD9LHE3;X<<^SW#S-kTRE3U0y9mmSKLuCV(pI#sO>J#+ zyTqkAQn$Vp*l2$%T#}r&x5GVd=58BTVZ?L$4`P*IC-?A5wja$?TUB8upMx7Dk&0DE?ANsv1}ws31Llg5|X-!V?#hf zk7R13m>#yUbSn&F)nb@Ao30LnM>7#>;ul zcf%?WXVRvq&WxvfQIeX^0u{^3d@qw-AXjChvSZe zfCQ;SE%Vf5ED?TiAuHNQ^q|=wkarlNTTokcqpgct`?{o$Z~pFSit&u%TMN}BM$BWU zP5KZ}hkDGZ#fK4$GU`MuAqR;jwH~NYh(!p*94k;qHkR;&EX>6kR)B-p0ALMO1Hd1Q zutYl&A%z$u`W;V@0uTO%iyUkl9bD*EI95>ZR9J#qIC#PrX69{h_u~^eSVAZmU0vRi zStUk#NLLe*>y3mmuMO$yM-Gd`zf#<+xFI$njUCr)+@J)em{~tmkr;ls0U4xDG_3m( zi$%Oc2XncG5X8NMxgccRt8R5Wy7i7Dq(c=($pz!w!yPmChboeQ417R=8s@M$ z0ImT9op&1uNV$f>bL;4q)aEu3nX6rgiuSq|=Qy4`{${T)QqY0G#yE2ZxtM84W_X}u z6*jO0KB^$-Vl09mW=IjKr+x%#5MChoh=MwNE)i?sz|cuZbU(I131}QX7HbgnJ7nN$ z0EB}D_`m|;tqqS`P#XaFSiH~u@d#j4JM6U`JK2$RksTrAvb=Y%V82TwH*)s(cqgu? zPZEw4yki8Sc)loHVfYk@n+?`z&@H?G{ZWuZ@;xWFKxD4!bu1np+eiev0e}uxY+D_# zUj`fQu>!)czV)xCM(k%_`&cvFyvMJu$eF}DV8Q+r0}J>AAt+lq0KoLES`L&N0GNZ< zrG>zOpFntDxjBMSOy2?mz&oTsI-p!ESb{(Pph671fo#a`=*1-eV z@t+F)A9Tr=`N07WEJ2_FKsz8pp{;>BG+?=*!nGYmHdLM!&>jX>A4#l37wmx^EM7Ax zffP)EE2P^JNWmA(ML3wi%oIZs`Wq4i92BO-C*Z&oB%BS-77ij8fW_e#;T|2*)*Rkp z64{|1u2vrQVfpYOAU0X@4dNcknsFH-eHEf21|lLhTq7dZA4XzgJ)-|nB3rFhRBa+B z>Qs#gpM(wHa)cr#B3}U75GST0PI)48?1Pt0neb)VlYv<&!jj${k}Bq+KCvQm$U}Px zM4IInEyi6fo`fdqA~NC=FV3Qpm{k6Oq10u8R)W!4F^1eNUQ{w>V=XP?X}IDzQI>|0 z(w!j(h`m^nR3l0pqc*PNB5~ts_#!Z3*^hmOn+cX`V3KUG7&@k7g|VYQCXzeW+F&_U zcZrozA(WJT**>a-I{u?WR#8A&RXoiDXhjx5jg>vZ89)tVH8$i!ek2-A)vPs%F9u`p zi4;pY7&%rNNG;?Nonpek3Q^dPQqZIVNyb!w#Z~yv#Z16ggiQa?MY5oUTCjy>z=d4U zg2{p(Eeb|TEOu(}E$B96S zfIN=197wi&M_b$qQfOsi&c_{~L+TjjX2yX!I7SO>gchJjK9I*?_@tgd&&zbs|11!A zI0mP%B}=#>J%Cn1nv-kP6<1Z9#L=ZO_Tyd3WOwulm$=NANXoNVjMu;in<&s=#>t=5 z$(=Y)@AwJxkj|D!jL}HNnzRW|e5V4@3xM>SUq}o#7!S7WM3~e<%?M2(z)E1Y2yLM1__pv2=ydU;;9X12t5G5TJ|d@WcjS+o8B7pDf6x zNR=S6L_yZsj&PTb1ZnZ<8C`m0PaLRCF6jIK4TLsli)akT(SIBX>mNKDp9X~!t$#&pb_jEOC5jVqK)VfI9gZpdeB1SsU_Va%pTCZd485|V}| zIb_WQY)x^NPG5x0XXFIg)X(d*2-@5ZP|OXO0KnT^=h~=9XLJo)ClFsR*&hvaoV7g9=#Ln#0 z4x|P}?x2YNrNE7qBJ1yD%TC;idF(`t5`*jz0quy%wPtHAP{7dJ<@t-{cs@`U;@-5Bhu{oqXegwV5;jZor`{=7&~mIb>a!-Gmj z0f7us91s8@tODJ~{OpAD3@rZ;fyIhNSA>Cvpa`sfWmx9xjs6E(js*%?BCX9Uy$UBt zwk#0Ur^=E~y}B&Tb`Q+PENjWcYQ)1hI8n|1><#hDIM9SV@F~vLsyFPcIHW_PI2F)7 zZM?#WI1ufU9jzBh$tlGHI56$uK&{u(CsL%tH-H08%tO^$Ez)8`*?vQ#WmuB=Qr1A)3N+`jFA(!@B}?cK`k3{At%&O?>-t=~#V))uYc4sOnR!!&RM zbu=B{DlXK%2s%&)GfczdLauFz?KDh78*N{y6EgWi^H)4ncr zz(YD@Z9F)G=d$hL*sdeW#55cOGf;;-=)>;?I2^<1wl4N&FL1@~@KP>ySQ0zv!#)@W`?jz9zAya7ul&w0{noGj-Y@>z?>^`Q zJLoP=FoXAc?yQP$W5vYu9>Xy>ga4i{12?b(KQIJGumn#q1y`^IUoZw|umj73GyWiO z?+!2l4~+Cm?(k0T&T23Ur?3jIFblWv1K-1DV?wj z2eA+jF%fGpLCpg=jKlDHumIyk4cqVyyTc5TFcXii=XwJcXR#JcN3tYOG9_2CC0{ZoXR;=5GADPkAs@0EEArFeFw=&HBM&kv zr?M)qGAp+-Dq}I*(y%D+VH}sTDWfqi=dv#EGB5WsE`LKTBXT0oa%16e{!B0}GAFY# zFEcYYvok+4G)J>EPct=Fvo&AyO*ru|6Z0q=vlM?bIES-1k25)!vpJtLI;XQbuQNNh zGdpVqH&;{s&NDsNvpwH4KId~hr6?AL`X*<3m9IvpaU`>AnmcZ#KM=K1&qYVqv{ReJO)r{1I6@`x z+&k!7S{NNk^n*BjLJasbS9>)uH1$)LwLn0fvXNfS^+Pkf0S_SlgE^D{^ofE>ON0TE zgaMMZS(kM<>>L9kLZx(I>G4C=9YqIL8@HuJEUK?5NKTT8*g8T4qEb`h3Ap-Dl`MYe0dHf+bXY|l1r*S2lnHg4y(Ztpg4 z_qK2UHgE^Ga1S?e7q@XAH*zPpaxXV?H@9=^7BCEf0vvz>41qsGjW>vb9>{?nh=Mmf zcQuBA1h~S?kb^5o0LMPfF6_ZH0FygR!yfDcc$Z=r41quZgC+R$5Ty4@8(Iw%S{97T zE{K9jh=P10gg-RGYD)pCNyJUhH;e&;1ONazNWcMHxCH*pj09ZwS?k}Zc*7o`#2$Qi zhjVyIJUE0;*bpR|gK-ftPr6 zWZM(iTtDxF5H5itq(zTE0rLn9_rZ^+ICCigIRJx;XE`vCg94BQM8BL&r$~;gg9NI_ zErgp%=z%_xggfW~f-}N`{|zsgIUe+LIABUYJVOL}T|b;Tl{41?0DvWAxr--8pwBq% zHDCkgxI1XI2V(U}$bm{ox{*snJBUIn6ayRdvpJXm^`)G$UG<+Mmz85Vp&!7OcR8Ym zIjiURRI35>5e-VHIZCuSf_wO?(Ev3R+@|YaJFEf{fWiK&$NH!r*NOu`i@W%Q$GDf% zI72611nT(pO@vSvxR9R&k>5IpTiXTpI)BWCPfzQ_k>rtvTL}BfB8%=Lk%p! zBSbVM=sF2y_b7#)%Shpw?OQ-(+qfl zAGpHbp?H%wg`YQn6U=(IcUZtT#aH|tM)!1Aw}}%>c5iog>$}Leyvx5l%*VXU&pgf7 zyv^S{&gZ<&?>x`{!Nr)%2d~Z6x0A4;KLJmKo#uz!6N|?2L2R$!jDrl^&wkY3j{w1p|b`4;FBAY zJGQ|g9HaT%>RCbqc0SM5{ixhM1h$~;8O1xC06CO-pVzq~B*y)%z1EreraJ<)Nj?A+ z!;}L6$(h{DKwV<&Lo`ga?Jr)<-CWMe;Maw|s*V2iHGkH%HtIvk-Q&29hr`wtL!CJK zRkJ%ajCt#?S_(jP2^QYH5m(>+-92EPkxyUaxn2~6G^~mKEs*}<)&Jw2K0p8vIFMjL zg9i~NRJf2~Lx&F`MwB>_VnvG=EBbo`{*0d)Y5?w?P}i}WM}Lmgh*DWfBQO9RsfAQ` z@|D1MDOw6Nm*U!vgyB-WqoHnKPMEj6s1!9S-A0`(09a!K0NyQ2N0X`?MGj+EuV2B2 z6+4z}*@rD*f)v>=))b#n!3f+(&ZtM30Kx$Q(C-$ToG;77s5$T*7OwD$vGAwL5`cZt z>QXZY1m0e**7U-=2GyDn$AzwXoLspdSF@*4r&hh1b!)U9)e<%5!Ii*%xpGLsLM<}C zLL-3P#(`wbOs4{itspuO-ZnTmmh|Du?@*2;t|G(BhC_-Km;FBBm=X#qJ~TP3ya`QB zJ9qD`;m4OhpML$+Y!}(rzn_2pfB*km!{>=FmIKhh0})J6!37y?(7^{Gj8MV}DXh@K z3o*=4!wos?(8CWwgwLICra8vM6H!c2#T8j>(Zv^Gj8VmDzHukS8*!xXn`6?cEJual zN#~evek{^RvZnFo$cDU`X2~a^l;|5Jqg2QnBCE_&%YocEX3K<*vGL0>m;5FjG7U-x zOElTMaT*`nq{_)S>Fm(UIsv#7&pj>FlTJVR3=~2@+ay%bLlra>O+^uH^gl))>W7{Bd|dv(!L0JJ+T*No6y$&(# zuelvtRkG1W=*>FenKSLT1wxumHQ}zi%R0lXyY4CDyi#wylVr2WzyIE`M=gUKl5oOD zEK$bCA&*>g$o^>*bMebD&s_7(Iq%%_&p{7e^wCK#-SpE@PhIuZS#RC-*I|!c_StE# z-S*pY&t3Q3dGFo#-+>Qa_~D5!-uUB@PhR=unQz|t=b?{Y`ssI{!20X4&tCiOx$oY4 z?+f}~{PD>zpLzhxPhWlY!*6hc^Z#34{`t9YpTYOx?~nfd_qTsR{PVXT{ta+_{!m zaR)PqU_CqlfE^P+fjY`@y$z^?9kqeS5BC8G_E~Tt>~KR8j9`c5z{3_4aLG%w&=`S~ z!&r{d{sj_wP@8gmAPHS$f;y@ZmxZ7(g{fIz1*l<gp6f8 z%^Asojyqy62=E|=I>0f3AOJuba70EvqS#0J0TPi-c%mjFa1IT8gdbvZy}=7;bI;t&Ud!g7$HQUdXZAS`jt z{PdC9$^eV26okzHV9bGRa*X_h5C2LjjTusZixy}d8t8^bZDWfn?n4)kg@P7)YELk7F$qUN z#!~gFLK1e6vHoFdYB91}){6Cjur;G>DcD;5*%mdp%`I&o$lFi)mVvtE&udSGI}zd* z7q}oyE?JhlK;sJVxzLU70H>=TIbQXym%Z(E?|b1J bU-{0LzV)^5ees)L{q9$9aN;l70s;U#nmQew literal 0 HcmV?d00001 diff --git a/images/CertStoreType-Advanced.gif b/images/CertStoreType-Advanced.gif index 402feb43e58e20062600d7ab4face4d0e4f0889a..9e1f0626409c731113db048050bcd1d87589b999 100644 GIT binary patch literal 16683 zcmXVW1yt0}7w?x|LRfm~?q*R!K)OL%T0mG4NkvLx>0P>E=}zemX^>b_Kw461Dg9Bh z&;NUG&YUx6?wvDp@8^Ez%$+%-uBj#^ZI_H)hy5S${|XcUU;uyu05kw#0096HfC2(A zKmY{@paB64U;+RpP{0HRn4ka?G+=@O-~a%J0&o}rM*(m&0LK7T08j-5s$f7B3aCN@ zRTy9a02ZLY0t{F{0Sjng0rPKe00RXuFaU!BFlYetuLD2I zDgc8Dpr8V1r~n3P0zgfmP!kx`1O+ugLrpMHH~@u1p>P-!j)KC`P&fu!1wgBy&?*?T z3I(k~L#r^*1pvALg)YFL3n=IU8oGdiVgM)x3dO*n7!(wPhGPEN@y~5241mD^6bwNB zGYcjFzyzQ$0T@gG1rtES1TZiY0A>P(nZRHsD3}QvW`cpi0T>(#gTr8O6bz1r!7;EZ z09FNsRl#6YC|DI5R)v8r0I&rpYyk#aK*1K!umubZ1Hdp)7zPHzpkNp@4D%0ye~3d- z01O47PyqTLA}9d>B>+VUz)%7xlmHqffI*o6C=)2k1cov}p-j*y6ATItpx{sx9EO6U zP;fK~jzLucs46I`3Wlmep{mfRDhz4?KrKK~3oz6I3blYnEnrX>0EK~~FfbGbg~Fgw zn1AU13pNxDz|a5+4WR!811$ic1)yjF7+L^@7C@r~FlZA1Z30D`z|bZrv=mjWx0ft^cp%>8T1q>PkpfON1 z28PC<&=@otgZUp3{zc;-B>(LCr~F3+0RSTa#R$MK0w|0C8Y6(gm;e|PD8>YaF+pKW z&=?a81`c50Pz)S~fuk^RGzN~rQ~{VOD5eUAsX}3@(3mO=W&yw~Krst2%mNCtfW|ER zZ?S(w`xothkpJ`h|1SRjdH=6ryTQc*fO|mjf1>~G2>^rv()d=@>kInBK$QGeqxFS@ zQD6?O9F2ye;TQt}`A^K`ON3*GHGFyt4BFxm? zb}C;XjEG6Axnj0h^K?2I2ioO@ z-fo~fF4uH)X8oCUJDcAm-%9bvsQvnS@U8yUgj>b)*i0kPrC299Q4zO)V%%KJ4?_Wi zou(84o~P5TnPNl4bMJ-A+LY0xeho`gxn1!Q17^DzRy}u$m&jXx-(>c&0rIY8-s?FKGzp0 zOWZ=(nLP*VMU}mXW(U7}(>7{ss;&g8CwdEk)meyz5J}2`LS|70v9t%pOz~^h75JWF zMNWoDNUIZ@k0&GVUh0iL5B}RnMQo8|TH;h0!9;H)2gR`$a3;mCax%d1o%ITQMIgQ- zFD@8on#m7OFD!z>@0(zyEKrJ-d_8iFrn}3}_-tvA6lEn)}bJC4hT9XdHNu%Zv z+Jzg!j3PU8t)BhVP{9S0dKmgz`p@;|gxn@3FbObO*dM_T{-feip^-R zMtkWEeJ#nZxW->e7VONLH5Sc%o3RlsZG3;a;FlC#1*xcA)eo;7U$JWgJz8du$viZw zrw@}yzG_h#(6a1TX?0rff1O~*p0v|Y8OtW*;A_Xbb;2Jz{+e=BbZVA$r6fP9DU*%Z zfO|+gCd>H9H!`s;Q_4@@XZ*#kl%CCv(p8JC09=lq%7(bS-l$~a=Pc#fvcs#IkCwL* zX20IIYf@#ree?k{Iskcvm<3%xrw3n>TFpk+=QCmV(-%32TYQgtx#Q&I$DJ%0_ygOz zisYq>Fph4m5L`U5So&<(h4>lVa+~{3)DklQ8Z1l@&$y&|iN7FvAvy*NwjbKnE8_;D zU(?~Jn9;j9$lkA4=<~8|=Iwj-MUn`HJc4TU_k>jtlt#VRh|X#|RE`WjIgPNXock5v z!-Z^)ej-r?j>Kat-|5%Bt^pwDwYL?LWGwGTFuAJ<2zAfZ7zpKpH=Hf|)LzLDoQP65g1%psh zmhI#bHNmqB6gx!#rZOdiW@_> zOrEO*DdUGRyQZYdk$Wt9u_Zo?`8vSWW`2AnJ}PMW#A2@{6`{Rs+8Wz=TA?Q~*_H51 zK8=q_a8y+O$of2I-aG7wlBMna+~4rTbaDo(A&nfcC7RVor*lTrvQ;IrR99s&Ws1}4 zdV_scg$2X@Zs?k#wUH3T zC26mS;u(=k$upe^eFfM=YSe;bFVUN!;jsS}OuyFt z9`MsjxVJ3rr5qs%=Zm7e{UY|d{O>bR#`Mu!YH$u*d2o4D@8`W=j;=Xous@$#q5WrN zU}as%OKO6r+ON#}UsI$Oc=}14FLitS4cQbEh?$X++pCO@Ib?6&+Umuc@fFiLZbqW9y0>XXG6%p3=ZOjT)(^rr z-Y0L z<}NycIH>=5(1>O4{r>l^KVPRGdOr64JtOG4+Ifzt&+mP>_G!7eoDMGQ?Zp7R#+S5k zT#&_oFW{hxr$-rZ5|A?H8yw8bwM`pB<@=bxECd2!AkGY7%w!~63Sr%+!{9(dIW_2M z%|dy3>F&zOZwo-cS?IqTg%$zjU?O239*Z+A1&7)PGDWgv00-~@=JzO$fiMwXAif0L z31ER5!r5j+)j+`45%OCFJhcjAJ`fcPggjbbS|}5cZ6~&sqPPO^fj;MfdTbwnvI`DK zUxP0Tuee;t~u%rC1)dkslXe1FS&r#j{yaGJ%?C9g%yws?$slqe1b`~Q7GdZ7hmt55IDuG4!-0Z&kO&0u z=%csr018GEaFa+Z&O*g2$ZiqwyX1s-ARJI)4Dl@KgcPF9EW&`DWRo}k0tov$LaG1( zK8nXA|4Vq=iADBxPJp-}-BmFN)6LsM6qSfE2^AnPz#cinaH)XjX&e2yknEy?)VqQ#ob^Tb zJ~)sNSI8{>Mi~#pDsG{lObQ4G@sU)ik|Y%%BgYcP3qVCqnMu;=&a5Q-eb6-o-v9vQ zIc7CylJ}p*5VEBNHzMFSJQqo1rhOR#V6Mmxw&Mb1BLtw8j>OxFv1U&>7LB~o$9r3m z1A;RI@*$cN1)oKc-`ZvzZxh7Rk=RybhiKw?l#m7KOKSH76xJFUW1mFyRJIMN2bK3Ya&D$fuTcM)+Kw*`1(7qR6th4P_^@qEtW9z-po z#r95xgoSYpO4+-91mw=IiSMSRr4TE>?to6-ZqlEN-4A zGY%#p3iCND_85pVNrf$Lh2zMu1OZ`KfL5eN3I1$Z8=?gKyF^hRd~6%VCtdO(EAF{} zjG|T?Wjnb6ksukLvw#PV6oCKr3E58s&S%f^JCAZp8J=h`;GRgx(ZSXaPn~X#i6eXz zEy|ql3*e0<^rGSf0HVFKtl+uQI}lM2gsJH|@{wouz_sAPSOu^ta5t0lxglkfuTqsi zTgw@&6J1K9AAu3`z?mSz3DnBt;Yv{wPoOl8Q80<1ipc57dS(KaErUGGiLNFpCVPXZ zun=`sv8Y8x*S7I~O0EJC^nH>9aC)!v&-m-E=pU(6RZA84F!_cO-y-551jqUnuZaxQ zqthCf$*bx9oohwQyg6@p37vV1huDgOhl{{mVcnaB!HpmgEBGfA9ApNTwusTG5WL$g z);*B1AIEN2Bp%Ex--VRXcGW-m2sR-y7Rdf&8vUtU6_kJ=j}~nXo@<=GYMdLx-ZO1( zv5i$fN?n$U4AaWSd&?27knfq*_^v9Kz~ECSpyftnAf+AZj9A0BrN$rka#PfV ziYRd<6l1_mh(yZ#cg=upm*sJWJTE58Mn1dJPmHf5ew7*dPz)MlFDjhLAQRP2E+Aym zVrArH`Hzn41i=3kP42bN<7F1l^ENAvxJ{?4rfgp~nxQiOCV$vJ$8ohO$)X}kyd<=p zv{@r6bd-28sgu4Tr9G>rcPZz(I6Hob6p*excmsBMn|YiShi}XCrss?qkym7`joq|<$zvS1RvdfIh6{mX zmAQ;pbdOh}$7^%OYZxc$WGCul$6Ev^+GQtdW3h_v{WBSX z#2U{*PpzT*1JJWM|AdnRjFXFkxJokY87Tq~$rvCnM-|2qML*y}ZMu^WNzAtOP zdpz|Kf9m3RYT(mkGkP5DGX6~#-D)*G;WB*}i`$wr-Rd$?nKQj|KV2<2Lo_+_?S7{E z6UpBF)C0}5{7-iv$^-KGHQoB`vFwx^i3gjIcmaG0#X3u8Jx3ik$C*2uBtFG+=$<7y z$8j=6DK{-8G)49KD-`28H$F4V^~mE{+$>AYtlIh%)|c6&?WrM;DTdEew4bNwT|Kmz z7MOJx3{Pgy?%h8wE?E6tuwh!Xm0Ps8UUUdtgyk+eeO`24Uv&Aq=*INTL+;x<>u+A` z?+egit{Rfluk+8=zp)E6!t7|0l1cChh{pQ94JDGm|9-`8SfUUDCs8b?<`QCJaffo2 z$I;Wj?`Iy>Ok%Gu-&##F7c8UKmiuEThjS+Hb0&v$mc}|}=U-!8Y4Xp$HOMXV zjDN%4lJ7ZLN@`pR(_KxpUW*T0Yt3D27UD~AUBVV4i5FUjB`rP6UHw+G8uWQRaD9Dh zeJPY_RX1=A%CtO~J+sO)xiojO9(}SJ8@LXeT}=s`3;Meekh|0uw|@HSJA!HLmT9#w zZYhXqdFJyseCF?K5M48CABXLSmVzncs7p9ZGBWpvMv$msfN&#iwRmmfl zwAt0@As5Ko)d^zysI#!Ezd^3dyk{H_=CRrPm!N9r?HN35TRrRz^RU^<{~++(b;#SZ z4Emw+u;Z-v!)W7&s@o3_(!DqGKc!Fiyr*{E^M1+(?FH!VeR%jO8vm29Q1bZ`{7~j` zcX|Aj0&r}Qr{#UJgimY?5N~!29$?k)vOP$jaz@(tW8zMtI;z&TuE4Rs=WVp}_dK$s{pw{^}NDZHMDhjdVk+=m~lp&%}f7 zzE8tmN4VsKhN(C+`XG0ObWuJvDGw3v<70>ae#`}d38pK=0KVDtLlvtdl)QEX*x_>K zC5X^?;GuzG02IP^to^=WBj}v4fq1Owl;!9dWv?irqRtW zg$AY|c?uE*Q8F-f(gjPaM`ZuwODV?F6Da3;AB@MTW9zNH;-5x zt!5ZdZjB#bl4kPa-#{`^&%rHVf}0sUk^JlDug~myjRYC3EbIHynuympNWR1;F4`TF znhH5$S_+>JeSN|d&`-M52=Yz@_t%%JeByW_em)d}`rL5kA$S+!^KsVZF5}0q$N^HZ zvo;~V;i_L8S75>l`@yU_*GJ;`*Fjg?YOEyRrf#&JHSY$?+}j)gAsqAap#uX5at-}0 zrN~E2^5GDJZIx(hA)BF0gB`VaCb=M7I>TL!WG>xk##R>=vAC2`Sw`i9U3AQ)N5xus z-Hbw(T;KyPz45+&k!l>Xs+PgBykq_oJ$rH!=Xo{FkEhs0`rp~}Og{(VF_<2kH9Ahp zaJHuInb%+1?;^@R@K|-qRIVI@?!@(_(_E=;KJ$7;p3!`bb#Ek7*YS2sqwDvPT+6ltwF$Tn2A|nV z>TsqdibXxoO4@E=Ed5y&vvuc-6>2eCaH#c1@6*-KJ_H!+0N;z9$qe;io50)Sjdh>k zI=P^a*T45x%Y$DA2R(c{zxz(s_wa+VUIClzo~$3BW)xKQfA{nbd{lg;m|Og5dB_EjqY`h!Q<~vLt^So5!G($EWx;Qk0)}7 z8#Oo*a!AxTGaMSnKD&5{Yw?wnRIBsX4T)=K3BJa&QfDHt9eK4Iec@zd2lL z39N=gr#OsKoAjRgFkb4({bz+SXc4}_m6+Mx_#{XvF_g$j`S_fOE1sCWoi)BT)^J2$ zg_>Hzh)Kwjs#u4+QWvEuJ|+;)`ow@Ym33R{@Tj+h1L$N-Ynks*DVE~e#|=L`*lhU z7g}#-^3tgdwX?-JU5Rn7BZ|@HBLlw84ENH$*Q$zo;x%nC{i-Pf{B zSQ2ArH^5j+WJ374oya|yihNn@q#}7UVQlsU!l5f;SoF#sbCR%5Pz~s76#v3_qMPc7 zVsdoEL5oG8Z$BG}H%A8sD@yk&2{%e;Y5g@V%g_>M=Iif?oFr*%$zJ&pBDU8{YVS8t zOsrRS4y<3AWJWneFSLLuc*F(HsB-cYCX5GuoZ4*dh{*Os&#RL+ybiYWh|b{|=6mbila5&8)l zA3{SziqluO5JSH*-qSyEn7UNVVS4k~adkJaeHYz}&Lzzk@BWkkk{I$o&R>@2c*Nd2I?_%yvfOXK8$d{j zP}#nMl;Bff)dYC3u~C|noPr;d#`in^8Q4Q_{asQyajLzh(9cv!$0#=8hvFXLl>1MgJimh%fCoO_>ST zn-i_lNqvh1BwqY27-<(7i3kvqWgfJJgoH@Be>gJIIPpF2P+dAV^22pF3Fjr3JPixD z1+Dy@FQ=f^ONeKRjr?!hNjy7X+*EXRe0Q;2N%!5bi&IP{+aIUuca^gl^o4Y);&zOY zU=B+MD!MPu_W6E)V(ONI>$9sE;P(rKfM~%G zLFtm0_y1`}YlUn79WZ;uQ>tlq=1js*m!-ZF+Ld#rgl`YGP$5GlC_@arNEOW_;tRT2 zhw$v_KNphkvqiSsLg`iBGU>6Ow|AK91U$l8QZmiby>HmTw^zW~-bZxM$rhJhyb515 zZY1@deO1BxJ71iAR>tonjJ!l8r-L*ZEE9S4eueUl>YfZa;i8}=afhk(_RJ^8aBQBB zLRvQG{@)UDjXi6l9Enq(Z1YDTqU*iH7Pz-59+^mc@Wyf>Ug;KT4tb{w_BU&kl1AWn ziH#d19?~1C5HHO6FSex8&AoMex{8`lYi%1AQlrYY-1w8uUhv!1BknJpU0_SVO4 z?;KYd_ny$U^?h*j640_bFnv)w+T!M|`9jie`|S=#sl3FZ&D6S114*PRlIW5sQ;s;)hq0|~ z5|E_~P^Q;MKpD4)-a`hNdg>z;ySKm}&4yUi&XFcA_B0tw!<>=l2*;dlnlG6nB6;W0 zo&m2Ij@rLGo)Sy+W87uB%N%_s+?W_A>%c9tJf;=-F1a+;fuCi0TsQt*TEm*HzLypU z=D0@3iA46tw;5$hn;sC{JrX9~)*+Fx1@iM7gh_t8fqE>0LK!F?`K&BY=d+Ed@C{hU z^1dnvR=aZASNw^n=*UDyN)-4FrZSk9%q5L9JNP5X<(|oW%}*yOW*bQZ z%Cw>%k-t0&BYFc0BVy$t14#(u6O8_78a|5Kpk+IX>2&A&Ex5fq8;>xpY3*mr zRFegK%sto=&cvTjK$7fzo-b+5_wtW+2ZOk)KWOFPMFygZYui)8ZvBY8zpW#!!2=oo z_vp2x_l)WeUvpdFJ{{YYYRRd0=dZ!N-ZbyLqaL3aJ^Ja0A0Iboi@cklyT3xo?zbp= zvf`+i&-L=3D!1n?k3P%WizX8)-LdkUU|_tYnQhxbV#Q4b2lnT@1O-2Bw58I%9c_I(cCL{?D_2D`hPuty4vJ^1^>ERBl~_mtlo2$!V>TU=ljjji-&jvk(=&} zjaweJv)?T&$usWX??`8*|NJ-n{roWD`#tIf{+H?AhXCT-zrTVtuD37`W7EA?&8^Sw zy7Gf3QnD~-b-fr$*?UTb^VMGL-KY8<^_j{FI9|Q@63_Gtq8u}OBr>BbAvhox8GAE) zClA>ONLZBzLQMlF%9cKQFr?8Q;kOwI8${SC^h+diJff;|FpKP+0ns2pOb#G_v+y>) z%Is0XfBCO)W`EW-B+!hZ`fFJss!Yk3j~*?gThU3z31SWa30mc9C=>^7D!n(a2yjx2 z?~9IJiq5hO&&rnPyDy!RINP7qbf#W}hOGQ=Da#(78 zjb*b$@1BH}@xHok7Ab!pqO?EAI78UW7cO}Qq1#0Iok18!aj~)K?bx0^iKQmJ>SJ8% zr`}Dcrpm)QtSrCD^<*0uu}iZ}#G<9bmrw0qc*E++2D-e-O{{{G8IXm{D$BSVWjXpk$qw~WQpmREj^$j zqk^s^`6yd!t?0py&YrG7e^mK(fLdUolDx7iqF}J2ovl5SAnzh3f&%sFx@vJYE0`S> zWlIo}sj*KUmViNqCu)CHgh1q_p5SaxeFQ_I74ja1zqKQ+9$h}Acox%mhzbv3>?JJ^;?jJ#R z({KkSXT@&98LY-OU7p&r>h6$qFEXm`UCFHP>i+!HwN*m!J7ua#Sr6W=*ZFGdq~z&- ztk$nj7|BByy>o|-V~H+oEV5J9gg^JBe|)E}t)_n$Jil&!PC=e@KQ#SUg8bng{P%bo z`1>3qn1n?=gRQC$Jf6YR)yFoO!IzsM2n7Evn7Oae2P$Wxopg^RrXQ_Mo*nDI=9mWm zmAT?HsCzrPEjt^FGfn+j=Fm!+Ht;cJ+H5`!o^bVSe(@}$bq5t5(!qmKOjI-3EEZ8f zpaajFu>wIa5j9Kn)a=a6A5zHvBHlM-*y$U_&qO(eg2W^;0}y#g+b{7>QAJ{zy!Kjr zj>(I$2BD(_bcx0A6#@%?8b(A+G$&(|SC*m-mDmzCBLWAlh|pY)KyV^f>~gGm=^twx z;1AHHx6i8Z%TPT>^S`&E{iVn?LKkVXoZT{R_&7Ih_X=S(6w*A83b$Ylh2XbWjqM7 zd^WLwKyyY#T9u2D0^;h3>j;$C#PKFqMey!wSk=&6^yk$|aTKr7!~NB#kQ}8|G)m5u z%0*G~S$Qn6rW|i(lM-2wibk#rC`WNzBVN-SheDw}q;5pcxtRJp=K)RsY@3q>+mei@ zH4yRW?8OeOFqIriia{?vV-wXdjrA8Sr*sAhXO(8nJUnwDPXo=HLd?x432EMO-}lEx zbAkMA!zYl;Dsf?XRHZh7rg@F!t=J_ALtj+Qvh2*G6in!R*Ncv&&6$>G*O&e_rv(b3F zzV#c^^hStqRwi|kh-8l%=Z9R3qg3dgbm;TP8=aZ!iG6})@U;FV8~c5mPN`5M1B9+w z+7TBCM2N885Y)dyJwW&sftdR)Hm}jH%-^{23Htbti9nUXaR>%{iVD2*z0dfO-uZUlnMnr~6+DSzbBX6RBDSE`2c z0)i~El2s!!A|y5IBFm~#w_s+OXi?v>BI@FbN+zsa{USe}D6DZMLKzvx@nfFao*J#G zcpuX5D>m?;3zEgtiiB^VWw^7g5T0>am42iBNm#5vPGJ&Ot2LXbyc)X=<2!3aZ4$-~ z61t^ZASrEPp{R=}^y8O+6aO;LfKw>TKhb(FR9TV~p0Qvzb7!5z%N_+UR@$WgR;g_> zO7y*OIU-zLI<7Q~lk4vd0}hcEB5^XRzM$9`ad41_Gj2AtoR?KIyiT~)Qon3#38MFB z+cU`fQOWkPpNQL@*KQ_6c{1ASuW~LSbGx5j78=7mZ~RL$+-3f+hnazinjVk4TT=Izf%+&NLR|MAsqs3Q9|`{(SF!jyt}e5gvKE z@IuwB!k>Kh#Z+0%%LSFXCae8i)cl1D4H5dhPVW^RUY7|Fav&+(5ENAQH5HhMtl}s; zHfEs#ZeNn0S)Xy-HM@F+xG}C%8mE`ASsO~dan1X(q zM?&l~9TE8IMMX|ae8#BJ)TwaC`X54ud*>lxF{(!H=R>JB_`H!+a%Y7nZP~4!dcni}S8j)7bh_d6(A8*}}`?WMj1SCijZ%~(F zHjFZoVH2Bmo}FtktH5hpY(HCC1|b0%tECQm#|A4NuZVDpvcanUuGt)Bqxcp*hUExm zEizb5W?<8VglU4poG%W>BkdwI^EiAnt+w|(XHRU#hkri$(M}iEsmf47+U9qC8j8TG zQ++!d339Y8n_2)ptP|X|65oxu=MKHim)h*Ptv)P6)aV&q<0FCQbV~e}H52Z5WZ#i9 zMMWM|c?kSV>NBiz3!Hqyn>)k;d(D%-L}b(3jb@Qwqf_q}&Pt^EsJ;nHzw*Q=ozd0_ z>(4|0j^L*xBYo~B1Nqg0C$i?UAU_ zIAMRoBUYj-y>lR$&T78=y-3RmJH!V~y80_)XC=FOo$Anv%rKHLjgty4H%1%9u%?c@ zYlEB@$4e{eAEs;xS$-jW(=>G#Q8vbf^~P*{T*rZcS_CMv?IiQ1Ykwk%og`OI7^u{5 zpU;$QRV9M{bs$QK{tI>1q3C+_9h1*E>y^ScgiHX9-+7V$79)ZwQU}1xCC{9XJoM$y zf)Qd4zMIo;71|odamLd{YHCDY&lcF@7d73m@$JumAGx%s}87b=Mz(%{z{Y+6tDam;qH z>>AXJ{OS|?Eno>dnbuGfqHNP1@~k;P?3%YUG|RzBk!6>9w&6Cyw$g2j(MJX3N*Ru{MbStotqM8>SY zqkr7Qu+{tll)(CLhIAaq z{rg%}9U?2E$%{MJNZlJE(wqew1%spA^rUyzsd1z+l^#C9? zW7Ua_9D&SocI?{dMYADEkCD>cD90>KO0k*w6e=AjeThgP7o^y0-s5{wu!s?U@rXjd zPDeuO-PH)K*6l7Ao7PP%ri_e(cQVEC>E7>*9Yr_2d61&I3{NcS?6I_d!Lbf%I=cI; zW18J7(3w|D@x*Y!i_#iADgG?^>J=`pwe5GuzgYbh#reo+$Wy!MmDh{`Ld6M?h(E)b z^$K8t1Jr`WN1;{+=OVHIF{ENr=|{pBGu1dr^tv6PhGp!Xp6C=DML#A1H)OE5Kap3U zVa7}wWkfaKJD;)%x1L)sEZt(Yfox%qF^3|}jstEgMGdZH3kof&kL@VSsFqiCLWRcz z9Iy8Fp7PcI6vuBIHJGG?wTey1LMP1#OVBRj5!s2Hf20W*Uzv}ruza|6=pbd>l`FG- zI(sleN(w`@pt~tJnwl>cHn4QLKF#l?>@}1q;ati38@6fl{$i&=R^72nysc@o2w1LV z-YB1Tx>L}dpC_VUKIs0+_g1vQK>M=}C#QflbSLiVgRgr12jY|f3i9`+Nw{M;P!X@v zyUIG=XA@OUU9%h`jpn3Y%VWws#(qi}96UC@Vul&z8$Pp5+YOOb7Sz=ygIbk}PyaX_ zB`Ahdm8^Gh(Pkgssa$n$_~dnKG{#lAT)q0LZ6Ub374s};auu`qHARPs-79B3i12+_ z7=ms6H9Zr@BEzfPI4t&8mWXq;jg?teF+nw7i1dWwQU;%zM$5VYplq z;E91vdEBLRdZI95slIUE(efcKaWT0e1#~2DltL(IM8~9Ln~E#6w`M3re4-w$&^emy z^SB`vCi|*2l1=W(@Gj3~r7q3Hu3Bhc14q)jE{TyraY6IbZYM%rN35AeW>EjIS$~F-FZXlI^LA`r@LHh z4LKcnk&=(8y>fVl!$0HetVB01wWmN?rSDF}N$+CCtHMFAs~?M3Nb#9hEsT)C-vwIC z{MSk7t&>4wa&t+Mj*%STJeSrekwT^Fp#6&ft2hxZJy|ZF-uv5jJ1ba;%wInJ8a$%F z5{U{mxvCb#tWk-0OXbnco`7{@I_0F3c?6v0UV)r&#q*7{aT*q3HU)1D(k@C)Q|-|s zantffYLr$4pN9BP9;aCCwR*>&KO9I$xC+>ZNi+DbU2%+y z&yj#(nj;=qRH3SRUI?`W)lF7>VxmDyeZxY!xH#cBMPxp(VE$l?AXgKmx}QljH|~g2 zjO>{ClppSyLEiyVL;e*K`hNH|X7ePZH<>awoieOG-bCU}j6Ny6h0I@2*>V1nvFK2u zpkF_+zENY!Nrl%EXMf>~8;X%!k{0Bpo+b+tM>xQo&?K#FNZ%Ft^2e2bn4a9v9;u2g zQSPKz>eBJ2u^LCkMg0gnV9P4#70Iua?D{pPaOMHuq>UAU9B-8vgM=Hi0OeS%Ev=SX zZ|L-;v*JL?aEvgc8j0OzBQ5?cf*hqECQnaZVX@Y4)xGL!jrBHhE*CAl7fSkaja<_%tOR0AX ziEEMr<{TXXF*l2!Da1nQV(&(Ea#q;;jVVi*#!5#Ud@Yg$ zNW=GHX$FIZiW2Oue{Vm@N61^+E3wpgYzD_SyLKQGV)w+#4(|W3s-E3dqPm4 z|J0hl8Ba4#?5=91W`PnhV*SAKT$$M>nqJ&CaVZsqCg5**+ zF{~}D%v%Me3CgTLrYe*)-zg09;7A7l8{3C{XelY+=kSfis8Nwu_vQ;&-djt5@uTmN_KOBTe{Wihhl-a<0GN-#6F zHNg;cQ6G3MBt8ZQcNI{_1-!|7Jx;J-cOv`W)041~1}weKoR|>X#08g^T^-3Ik8>7E z^)JG4lZ@%?^k2@B-~!mw>k1l?j+-BKagSMtR`E<{1qZmPUN-D2XEv~CsSxF@;r&U< zE2z)Kinjc(a%gI6oZLg*>eF!Gc~m7*F?}CrMHIiNQ1NIPl$yG7x0|oXx_(qoUfiN; z3>r)+=&wu64b#^kSsQlB)pDrN!5Z1@@J#M)!2J?vYEb8q<6OTcU%>`x-BL$yj#w)g zs|*@nlbf;PDGEj~oNj4Jr05C`a;B*;&NDho87ea}vTzrv_Z6}~DdN3J=1|*~P)y=9 zW#_*sGP1$ZZs>3Yto7 zb3CI7m;1w^Kr z_D<<#451v({@ZVAVI;|AZ(;UtM}8dnal6WFyKHdJ9~8T3*}MJuG5m8HA?+=_@_1Vxr}|dy zH$5(kFCaViIdN^-`H>NuZZWj)NOG}xXqHlKZv0)@uxVbGvH3fH_G-9uB;a- zPhqEVS9?>h$d@LQ=4$iilX+#j_^Ma`>kMq#jL0|omE0(|%H+Jtl>V};!{y9YK0Qai zoRM$YQ*U&1D|4gGa(^6XJ?6_FcoF?@;BIVCUNG{)kA~m=5qA-GMx1b!(OyMy>q4O# zf1~DflA*Is15eqLv>V`{?9ezW$hp(Js)BtLke= zX2iH+gJ0f3x}w&9_0yj!O*Y>8apPLjx3cF|4avq0+yYOR`J4Rb8|B~1^j9?p85fwo zRU;2;4drXarxJsQwt5R_1ctWSRJCuXv_>9vz^K}tL(6Nc703q_bve3MQUU_rezuu! zt9sj`lrrC)^|rT%Qp^dv7vDuGNkFW-x_>35o91|+bF~lqcre{)aPDZRjIzTSyUj+h zw^ZN@K2`hp(U(78dn}GegT9KU9*vzEjnxXuM;woIx=5B*kBuKcb`*rI2tG0SG_|qX zH{#OU2%jMpnx(0kWfq#_uK8C1$k3d;(7c-K{1YLKGneVpuz6U`qI1pHctYY54DNuI z%V(k!l0+fmQ3c{0SK?8C_>&NE>d9(V%}Qg<>VWHV(aBn?(CSLfT9MHDY0ZpxO=f`W z0t}mL{&&jfs?vvB)TGzu7*Te0T!zZUd%1(~9UH3_cPOH>^*$jzx6KoF%{16u26c^rT zJo!!|^5eEY9dK^xjDY9B7 zLhKPTQzmlTQDog-r^s5+slUgs*$~tcg~-aO`<|M}h1TiLM$L}f>3L}VMRfg66@=72)Dl=2#N5-^XEXh7*`8E}KRO#j^gja3jtZBDTWX)N4>Y3-w(JZ9Z0(x9YE1 zHosLQ}i%aA<`%UyoDc8s;?*=2$m!@)CqOCQ=ZY<2Q&YX1-J64I^|rBYEX^S0%pM=}rYb zr6*C5xC;H<+9!^C-dG~S+|-u}!XajDVB7Tg3wwVr?zW77snCoQOoz+*F_F!7S=2~8 z_vBKsS(*5{0CGmiXA~~+(N<;jtfNzyP2k;H-WiGhfa6RUwa%F6(uMpIHnA_5wP5IJ zloI%D?QxdG@so?0mG_tr8H(LY@>fck=t0p}UW|;|&sc^mwg@FI-L$T7)zjRF?%YN0 zL}bZMQa?2);(BJbDRTU|zwQA~< z%CpELube&hJod0s{wCZ}rs)(c>p{l+9#C8u+LNh!<7? z+aJEC&FvIIRtznx>F&GiHK+8h-ac*u+8++fguLoTlvr@zt+-rAO5UamNxrT99_e$W zCITw=!ci9fttPf^FG85m=A7E5czn>*Q+I*i`mwr(z>@m(c1ldP_xFsN@GY~)_a|hRJ-pr{&F(9#vAm=>U1G&a+8b^JwE+) z$oa;JbyWDvo8F`F7wiFV3)1+#xH(DaM6x%_HM1L&-&4_I4YN}H<>A} zs}q3l`Yw4Xy04Fuylz{tm(ybKM6pvWw@7!g^HNb5RI`s$qelBR#U!IXSI4Hpn|jU^`QUJ5;DVX@WX!qC0K0J9W7^fWkR@ z-aCfLJdw{x01H7B06RI6Nlv0dPlrKQlt*WzL2Iy108dOnLQF!2NJn8#QA|r*UQ1zw zNpZqVgUdvWu}-AoRt$1H452&>%1|K;Ukrp^A97YVj9f}aT1R_aU0hyWNLpuqSC7kD zov~M<*<&LKX*DBcJaS?}j9XQfX<$%aUtnNmfnH;&Vt9#Qd#7TBzha=*YzPHv403No z6>UO0Y)MOMv*vINnsOs_buR#NJ#KM3k#=K^b#--jcd2iTuy2iyZl&CGw(56WR()hV zeSdv=o6C8u*M|TAiYNqzHgbbP4}*hbfrf8^fq{*hu7bGfjSPH@KmdwBQ;tP(jAKcO zV`7YGhl+xyiJy&&wc3rz^pzrVk32k*Jy?-EYm!ntky<;GlarRN(2~*qnpj+$b4#0k zWu2dcpu5(kO#q`*PNY~9qgZpLY^1A*M5K|Vrk%c`(DtU||FAG}tYSU1Y$vT_TdrS=4 zk(0WSdA+^Dx?_jIZgR+acf);>$A=i!lbakznj6=>BQyx&2WRsjBL)1 zKF_9g%&C^mvb55@w#m(_(9qM%&)U)O{m%aW)R8>XmVwilTG+Cj*S^Hq*x1_I<B0T*(f$3^{{8I!{{9I507VEKNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2Ax$)e&am7-qT*({Vj%bvZuHSOEDbL-yCo2~8Mz=I1PPF(fx;>eRLU(USm z@#fH@OP@}C>htQ@vuocT`#SgU;KTllkL-QC`Sa-0PsNM)YkBqXa2aJI6!(xjZwm@WqOvcxb zClEq-UsMxPxZhULET$EPNOt&Ph$E(>VIub!i9#9*TICNiU82x~Eo5;?NmN`ev0pnm zYG_7|cA6z8S$KB&=0AVxWoDZwDB0wq@l|=Bqh2kcWma6KG0vr!2Kc3j{{%XxnP^_M zriLtVLe4qb%#vddHHuXzi2i5ZGpY>S_%lx&DCm*qScQgl=p@^WgN-Q~>e}mE{x~&` zH97u~>8^}MJ6@GhO8J!ylVZgsnOfCF&ONY>_>Vp3LU= z(F0Gfi5cimE-3W*Prg(UsA<3_4NPZ-b5b>LR`cYjt5i3hNGQTpEsT}D>j6mbmN_O2 zmbd6eby9-TmdqQq)?SwgG%O4(z zWX(6{yy4CV$EsC38Mdf|fJnFKG>1@2O*MyBV?D0s8}<-PKU*W2M%yCZV-M{b{%jSj zD4YS!uDp{;Jclg6`Hz?!>iRp9!c*F@xx}8%GmA?^-DZV?clog7`~vK^cNI4jiH24*~LCBIuzF z773w$5|kCcN(GM_#X$zq7?s3&mMCt#!+{X&Air90i0ooS| zSRjfHx+6sXw0d6ffRV!$ws2f8+*nm?7Qm>8i3LaORE}2RJrqpBhez^I!ybq_W}(1& zzx`rG+%@gJy)vQ47yy73f7#O?3mBm}r%{8qljy8Ps8)GRQ=3 zy$nVCAjiK9q%KxXtcgtY*gxj61}I)-MJ*CSs|r=fv|Ue3j-=D|q(VtcYHO7LfK{k; zCUIW5tO;^I83ZNTcs7g;0pSok48|i920cVr(-*bKk+{_K4qAXs zL$>}~rxV=-v~$&MN$q@RJUMmBCLV1XC43~AGANaPWY2p+pk_5|L98I|@}dr^)}u7) zl?!FakW>lO9g)ezIWjY3f!YJ)`oS+mtzw&3(kF?$$*)0zDSV2m3JEo|x^(I@e29Xj zsN6v`CB)-TIBl0h`xTFW+URv{5-L@UNy?Anv_=fI5x;Ek4qUYzq zQ~hYjmW&E9=;roE#YSkvY<5^aqI>O|`6!hqNI zfl(_YRFYy7x;+%M(WysUY-8*2*d?O!A1qbcJ5CB%kSz!5faX>eMDVZjfYrtM7)qOz17WWWry8@RqZc?nY8e}ST1JzcDDOW0Z zLaa=w+m(JKqqC`#>~lpr6)x!tvruP3$@5k>SMFX4JwwXq54p^* zlKqlkg_$w8ZSqi{P{7!p+OLH=WM3JS=++Qv=m&M^DFR>j14PuK4#kpH{)OioA~5SA zkTnIT?55nlds2c+KoEsEXptlB!phC}2owwOPzy-psFv8x6AHk5PxYp<&2`X~pzEw5 zKo|(U=^b>T56$KBewM%*@>ms7(7x4aZ>M2U1uYuq=q0<_H2;nA(PT&}c^X)Vq`Ko& z^u|2oJ{3u5ps;jps5HdKb~IW;bGr(VkkmYV6}wi@ zMuDaGIoM@i8wJ_6oWCOfpdy*6llyJ7f|3PW2K zd2N@w-br)zz59id)J9uY{Z4q!^u6$UQSlvmSe2Fg0^*2|ylCPs`N~@!JBPo#<~Ki_ z%ya(ppuY`0C?ERLn_f1fKfUT#KbzFE{`Igwjq77i``T}2_O{Qx?hi!z-TVIcdci&L zhfn;u2*3EqPkvgCul(ja|0~RYzVxSGvEEbv`pSfzcv?7`TBMXn`E~f%2h&AUJ{{=z%17g5n{9D7b4_)AgZ{ZK%5C8s21!9TBGm*pd||w z5C9pVPW+$=D?kE4zzzKn2y@~O)er>%5CNJv7JRq`rH}w0rVB-g08yX;sDJ=RR1Z7A z1?|uUMJNH- zit#Xz1sMeA0EPkJhW#K5DIfrI2wH)F2Q+B`*+7#O&@S~T73jzhvQUr}f{yw?lMo;Y zX2_64umUA8Pi2vhQsIic@RS-r4@&8V%CG>kPyvDfivA!B%or6!8INz!l>Zoz=QsqC z5CxP#m;k9xWtaz1AOJ$}43Vh;u*eG}paKV(kVW{4{(za92_t2gn3Q0Y2Dw}}c!yJw zkL)mtLumu?;19a+inwqC&lU{{IVbWE0WDMy6(WwW;F0Pu0e*Oi0j(uqXwPFqta65sZ0oAAmS*Z{57&xNF=fQX&@AO`@-4|0H=ptXqSPznmb4f-GluxSsq zPz%LCr`&)Jyh$R9-~s-`2&eyW52E-6Z$k)6(43)Sjb>q=XZoP|`HEuNF77ClpO~9R z)1aMtre7F_0YC|9h!0H~6=_(i2k?ezSPv(lQurvUuPCFQs-h~Y53Z>Wr}~z1xL&&` zl&k56=*X$LS%$M{pOi3;#u^pKijMz@nmeeaQIU`O;01nI4{U$|Mj!@E$qOTZgz=D@ zoT?Ut7yu?v3!%UUhX|?57!T^O0hC}44p5qlAOJ|D_9zv!0W$f-~2sSty)l!^`oumT>t0u(^1W*C@u%=2Hr;O;e zCcp*&+M0^0i1`|*g}SDO`VU0P1egLKiHfTJDxz7DjoU~dK#Gbu>$PK;si?TALwm8H zDz+sn54%dK^02C?ii$^L4i5mWV9~O)nz-Spq5%5<*?_r#36Bkhv0NLprf8;7vARM# zC%IV_we zP_k~Cq0OL;`cNVGAOgBO7M}aEwVJ^9AiDO+0e|_HsLQOx3%jiw!#sP2#Hx_~Pzta~ zA{Y0CIv^`L3{Ds4tOY!?zZMo0t2M3Y5m0yV-84ta$03Am$^gj@TLi5ReBD>aA*d#hojvZuq%{ zyv3sX58XSDr~8EU(8NzHl&kE-KpVS63tF7KmQkS&6mS3tS<53Ll!Ls)KUlSo!EoOa zI8AXh;s6Zi@D3eE%nUGjBo0o%l1eb z!hFtCQM2kC8tL55@(=)H+RmTx&h&iGpkdGWywA6ni~Ri0{S43ojT`zr&<4#I1%1#8 zJs1hS&<@RH{`?mpFwqoU(H4Et7@g4?z0n-q(HZ^F#n;et;n5^r(k6Y<91Z@`#3z7D z!4oL`(l8y<8Qsz}UDGyw(>R^eI=$08-P1hb6)f%3FCo)JUDPKn)JUDwO1;!f-PBI~ z)GYzj5v|fxy%!=~)mXh2SDn>dZ5CVI)nFYKUmezD%@t!^)@WTXQ=Qgq-4$ou)@}XP zaGln2J=bMj*LEG&c%9c>z1Mu5)qefgRUO!ZtD*bjZ!h`rE?z1Roc*p5BWkR90o zO#^F9*=Rl4n7z-Mz1jEN*`D3bpdH%h?0Ka9*DTlC|G*4w^bhMG1N$A~-|}$Z=ZN5-MG6HT+#fsKXo%otPT-3^=9fN;@}T9iDdmoix8m&$68gHM z-sh$F=SQv;@?hfnEt`Uls_otA`w`q%5G6z~>zlscB=QMHFa~~*=VU(M>rLvu{^+x~ z4{gv1`rrmN*OP~%yupiQn?96cL+P-?MZWV+sn_TF>K+p~OzyjQG4^K`aQ4X+< zE}K)!4^k)<@;;&M{_Z(|-SM97F>br{Km=7V>r-C-CU%afR&Ye~knaC(dCwi)woTmu zQw?IUCb7PAfW|8U#6y&AHKOQ>#+Tz`5pxZ15f_N(#i+qmy(4|}7{7?ZdH zuq5|$-+p^v*f!Vqf^FJ>U)6#?_$poahX2rrpZE*C_>6zhj{o=r9r= z`@CO=zW@6_82rM&gT!C_H+cNWKZDA@{4f64{La6E&>#ILIQ`T=f{RZNzOV`0?+Z<4 z8QRbNo8bL~5&qr({nrm4h(8X8pbh1MDu*x*o5B9>{}1pl|A9gO@2?H{zm8&7MV@R_$7u=Zb-)cW9;`J9YgqJe1HO)v@`6{7f4cWL}GWEz-N!^<_+u zf&h?B+AfB07T#JG6zKYxiaCjO=Tv7e?i756!!WVj__wyj;ih8Y}&PLpLGk? zmo|EI>)NHK?N{NdJ1_Ym6Kvn3D@JZLtjFg{l4$j?tSHm1o*OJlp6i=qs7$%=Vt)MM zQ>7!w-5`Y%x43xS-+rDbEpPt(A3HZ!%*}FS0qX*n=}&#_-87Z{Bzb8d!)x zVwDH`xx|n$h|uF6(EeHH3Na|MNFB@yo8b{GfZ&ERUW`yLp3SzK?z!lui{>^RcjU20 zAAbb0$K1Z!~4UFW$l$iwYyr>Bp5$KK$^(J(UVnCSV^DmRgup zZ9|4Jjco{7X@?!R+m^mfsvJuwp=Jqa9fa`FaUErB9UVYJHZpV-^t7Z#A-n`Dd}>&1 zU5Auq)>&I8rnq8@FOC)0u8KU8S38vacB*hU%Lj%{PTs^8d1gR)lW6Xpw%TjC&DPTo zKN8d!sA9hdF7X%b?&VM8|Uu3{>dA@o!ZsM5hTX= zqoR5G8)K4tp#5jNBfQ&oshZPoOs$k2#KL}C(cTD6n}gcsH^n*5YgUt- z=R_wh&6!Siw$qf(bZ0!}dCPUq)1LQSWIge@Pk#PUpZ_3-Hi|J&f)>=E2SsQ?6}nJ{ zHq@aHg=j=2I#G&N)S?%~Xht= zI#Zg~)TTGZX-;*zQ=azJr#}U1P=z{Fq88PtM@4EwI#sGx)v8y; zYF4$nRjzi`t6v?eQ^#UXDT39kXGLpT)w));w$-g~&8b+!V$Nc~)vkBNYhLxb{#U;C zb*kaqN;L!OSHc$7u!lu#Vil{@lY*t1i-l}tB|BNlR+g=E1*}Z!YFW;9*0Y}lZD?DX zS#5%4v!X?9YE`>h)}EELEuo=lTRU6Y*4DPS)#+;+qg#)h7Pr3zZg7R$S>Aet9>u+g zZ-={F<~G;4a7FG#jw{>eR@b`M#coxjdzkGuM7h}oZ+OK!UYT~cA=CZJcgee6_O_R~ z<|T-E)$3mR*4MtNg)e%>05*T4T&Y<}enU;-D|zX26UhWJ!nE( z)TCy)az7Ql=tL%((T|4o9vvNNN>^HmleToGHO)MMZranIULK}FJ!(?ZO4OxBb*kss zWmUJ@)re;Gt7SdwG{&0Nx5l+}ZJldg)B4oC26nK|yK7+=d(^)+cCuxSY-Kk))y#Hw zv_VY*VoTfF{4}R3sDJ`)cbf{TxOTYR32lq0q7GGd2s!EiZjb)V;}Jwy0U2!J5pRU+ zEBxREypte4arYaOhcGV{&}|WNP{AYSFajkK(~dTzAu;AyPrb$B4_9Dn9*&UGN9vKC z@^Rc8GWeRmMNUR?I|KzSIr&BEQ3a_uBp*g#iNwQZ@2=pa6I;ng50;YirSJn9BL{jJ zF<{=5f28ORF$bo0;tDS4Vg)PExi^@Q?-h`!DOb3{8CnFMT0CthmJmXVE;0}4WMSU& zc=`$qk@il=qd_$2MHN=Cgo-o;-e*8XRrJA}E8s8af3H}{8*+4v5S~sn_l6DPA#-oQ zz(#Ih37QhK4s+o|3n8yZ8& z{Ztx+ncr0_K@F)l#V?P0^4CiDgue*-lm4}89i{lgLViA0utJFtVGn>3jVp3+{Ow7k z3O>O;>@z*nQxM=mK8KJve5(Q@;J5N~z#ln3l*5RXYq^GaxtMDd<3qkaS(}^aABT9V zf1m~%sFsYghyWbD0pvbi03KKPzL~QKoT$JDq`}*WK#)K`-buKHYq-SlhGn@2nLEBt zpp)_A2Vn4!4-69`D2?)Ig9MR>AIK4Z5Qm*({sC?npDVlv6|6fJ{D;4JjlEKFhoRD!%UP7-7~j=1E_TqBcss7QLGK!`v-0FJ#PE9 zBf^Ic*^@cI3R0BC*Dysq;s;PL0x?K}d7H&vY>is<#b7k0P7}sr^d(?4#$?PSWK_mx zlq6#&8@XW&?q8G{kjEXkCNm1RIlm2^oTfykGXNgaX4 ze&B^Ga09bzjeX#R7V-#pc!a0$yO!_=Yv{nRK)V-w5aKz?nG82*q=qz6l}HG=vmhUk z0EZwLoN1UHrqG3(n>be(1EtdzIdaOUw6&t>%J_kx4e1aJ(GU(vjP2--GBE@zxQ;S7 zhmCLp5{V2y0g69SihSsgU2FylNrVfkf-|Uym3f3J5Q1LF50xu|abN_nTuPT^us3ROziG+LZrF!D1d!S+6>+Fa(Zn@uw1;PKgTKI+BJvmT z)B&@h7HjzsXu*dcfCir=&b~<>SI~o>5Y7RLj5Xnl%}@4y6pm;6M# z?di+}dCsW3hk8hr3cb+lJkVKV#yrV5&XEV(Or3sc9cp6ngh=^#82K)+hIGwE!PJvXbvd>4S$#h3^D|t&#@KfIF|cc9Lk^u0qzDYHJl=% zie^!m{d?c<1z&IBl+=OVnIT}{p&Ig(ne%j8Ye0l-P>Q8>2wf3hUkMqsdkO|*;D%5Z zzvx2u6-?0$8&6r`%E$p1RuKHn-x%6o=Cug&4VQcXxpXn$$Sq*dKwvLX;Mlu_JV5># zP6*xQeUoqLTRJQP?`?@dX+900*~i;wQ#o;SAmQ zrQtR{8BTa(tleS#^+?d^TFJT8VIhUv4F+tHUNYfb%=q1S2;Sip!Ghrj8F^sX@|Dop z2~BXt(?}5ArCzEL(%76(hPebi#o~{so8F*Yy@8Kv@f2!s_%YhyeQIh5%bD=tG*B1HnaG3z`NZ7=yNz5m|uSs<256(z+;aACU0njKw;6 zON_uhTh3^p2SQvtRoqXG2X+_(Nhky|hT!vRTIpd3UzS=}jOH=Wy7JK7H)L zp9boL6zZW4$D%gsZba&&&c>x?>S}cAr;f&`mg;7t>Z(r0tH$bL)atDc#;*42UIgo~ zmc_9q>rpi8v(Ch{R_iom>$axBw}xv6lT+r#U;{=2>AYoPP%zZN-YG>MgM zA(ypUjF<;e$XS|kgBi>UZCO>tD4Q_^S;1~6!Y+=f)#1ec6q>sT{?Nc=uaIn6^@@g( zThGR9ak6Q#FpN%d%ru}13a$)9VTUVNk#1mzDu4lsxDo1zLEgNbh6s@ni55&z2{bM3 zIa$;yP&^FrgS%}A{_qa~kz?qVZnb6GiCt}J((K518hKz+k-3zLVCCD)6rJFURvFUJ z0FOS9%F4hLO-b&lP`a>*2#IKpVCV-V>^@0J-Z248E4gj}|J!cp-HJ%$?zSevb`rxj zj0I*sA+-lu;Dl=}RH8h6+mC#D>aAHL`lEFd6r0g((Z8sagY;O+)G@d??X9R*ndJ-CPz z4~85~3|0=^3?=Y>4qdMS5gP~dWD;|*;R`wmakb5YP2hv7SUE&dAr`s`ZqW!lsRj(v zAQol;=fiWGG=oEk(@5rz{jqL9e_-uiWo%UulHdzUKCB z2kdVL_rVtTaql;4H+NJ+_jD&UbX8Y+o#{7v_f7t&*Nd4~dXIN@cUP3;=z{gvklxpk zrj>pdczs76gjHxCVrYg9)Rqw0h;=#c&QGy8XpGfZJ_HGmEs9O~ijSU&fxsb?U09W6 zK-HEB#D-alHh3os44}2ys0Hnh&{?zW*cEo0+q=coOL zo4r)d77LTVh>~7;mPZS{y$H*lc(4`QS0vkF?&h>z+f{GoXXXsl)!ci)ZqIB9skaEP ztzzf^T&*A6!mSW(NnE>Z4##B<$o=TuFl8jETt9y8)XChE4eHUyn)S_~C5OPv0KB-@*@@`8D3&mx}vs{IF>4vf$q~@!v23U?Rqr zGCpFgX*nfsmj&){Wua!Akzj(U;G5Cn431C>p3Q#nU=SYV{@oRiG2u8_*&1$POo8Jp z?`IBg;5%mgg;s6E+eRR706G-qMwLJ!PQTq2UUyXj4f;p6@qu-@Gn>KQi zNYS9fkRtzWIyX|}xlJL}*@zdiUXgAf5$^H$&)XY$Iqv=I=c*G(i1b|TxyO!*%z-CE zmKmYxgeR zyn6TY?d$h1;J|_h6BbObSm9sV;%fU-=zjaxuX}RYQ z9As*59P-mTv7pkpiWxh0*iVxlp8Fi_*{nIUO`Q8IKMa$UAViG62hLoon4X`gcKpz5 z{J5v9)v8&?}rJRTYCpDzA*gw^5@g9Z~s32{PzzRrgtbVb=Qfs z8xmI70vkb<6>^0Ui6H3DG(?PHNLKyGV#FAQK-Ld07@olmS+T+8AAt0T#1Ao7TtS8{ zJSoVagZ?zL!X9VU6X{xyOHCrvV*=oBjx81^et+(NdJ1)89noAeB=c>CdyY0FwEMo7=R8a?#u;n8@luIg%rVFzi(K%* zBb$6O%I21wGRrNy9PP?4%RDp9uEtz5&N=J6=FL0%{4>yoeH=8=MH|gm&qpi0bkIpN z{WR1wI~_IERgXNi)mdvju{J|*{WaJcV;wfxW#2ot*=ei2F4}9m{dTu)!#y|MFng_+ zJTQ#G;3W6tJqF-tuu}yq4(-E8Z?;*2#28fsF{OSsg~W~+SResNJpMQXd1SBE{W;Nc z|Kp@SZgk>gNb3O6O<1LcWYcLaMeg}O_y94bKf?qgdFK>?{=3hjI~i6^kckx54XPhx zo9FrT(Ed#|S5(oGg-E!8Mt6=NaRngx_`o_dP5iUZAi)r5#DN(3K}Im_xN(IU#5sgd z44n4^3lT_!^3^}yiSk-K_;7_JL<4vRe3|f!SGv=!0B~c#UQaXu1K+*wHL>dlFifM1 zJ>cU8rV&Rx%#ntF_yZW;VZ}c9@I8D8;T)czjAbz5Abot{Bl08RjFJEhmw3cGS&~N! zC&G_LP$VD5IUo{ICcFmn&2PpNi9Xt3goZ?Babs`;ndU(YQ842T`1k=dc=8W*(13GY z#0L{#!3uArAs<0-$v>D;lh^2kc@%VrKiu&NBkb-q=E#9Rh~g1^?4&1ZOd=vhmcWsq z{?0bI$wv))ClcFngCDwBjXh>j1qjXq6jjI#K5T%B(`~^MtjLE9;3!9%)UhYD8woQm z@){aGBPJe^#|+f6i2^3FmtwnHUK%;NCprWi{KEH`e8Gl?(bNwGx=$RX<}0_1$+I%P(N z7iKs_AKsvkM_l27@tB7I#{dWo?!+ftFr4-b#Ls`Y4+(j=p+Bl22F77dMl`A&3n*ff zdAx57eUm3jAtpL;sbdLZOest;w$g6(!xKrkV@z`jF%|$*r#}6uUuFu_q3Trrs6;&~ zN{x!tr6y9TOns^WoeI^d)=jEZy{g-+iq)-_O{-k}>ejpp*0EAetYkgw(#(q1wT7;z zY<;WRx(3&|(oL%L@P%4@QLIPZHLrW6D`21H)Ki7(5TjxgVN<0I!v?mo&QhwN2xX{$ zAgU^QyFwNwk<5`)Z-jI4$UZpnQn>KxB$X9OC--&-&dDXTqjfB7_v2Q*6zNFQQPLsy z>Ld<<<|J*Yi$@@`St9)hF1Z!SI(|SAf2@Ola}jQAqbu9O_(B`dkq&jN)1)W%BNGh? z-~gjh4=k*p4BcSI6|k_no2*7r68Qyr%^R2M(k3MBImuZR#SiUqZ@m8H?Z){IR2f5v z;RnCqLlrzL-37~Ows~oabe=L5m26ie)X+gSi_;C^`U8Yl5nq1A65QUxr6h5oibI^Y zypV*r6CxyG28CNwZ)PTrrD^Ai8LZJY7M!RC zWLiAp;f{pJB@T&-@!MXpkdbr3b)za3qLi}$YR6`-Rgdoi;RsK-p53JcE_E3V;nMIH zGK%t+$1)M<#>K>NL2>`Sqh%7lrIVk$$Cp#-5IKT`%%wUrq>cI<+ajqtwJ9=dc=45X zzVjhjK_x-f5#@)5N6*3dt!x$p7wy_pxg=ai5W3+FQj2Gr{r)3jTe`WK%Zzz7Wrp;Q zCy{2m)D|k7Vp2sKI0iCk)*&P6?)TF`}Vn~wyNXrq1oXkhQS4#W18od#8?Lmd`Qr5(v>=`C>m3>H+1U6rE}tEzqv zyy5h*>#sHutVj(DSbudm#^qyyduP1k2~z{dJuY&A4I$(sKl#3djq;U8Osy<`IksF5 z^O@U?<~H}2%x|u9W95A3K8M%OgYK@L3%%%kHM!A~t}LP}z3FXYy3?bsAGu1s>eGU{ z)w3QStZTjNLi0M^PKm&=RdFW z(2L&Yq%ZxPsQ9_kN0B4UiNgSz3p@F5ZvqD_Pp=C>wgb?)C+(3qA$Mj zIgkA0TYmY>hrIKjulVRopYS87ef70Y{p|03``oX)9kBm>se6C?a3_KI&ENF$t3U1R zZ-3d}5C5>sfBs&tzx}nJ{`~(O|NO7I|NURo1)u<~-~JV#%~2f!^4$S0Ak4L%1HKgm zM&MdaAO)V41zzA-WuOLr6$f_UR(&7{UX=*`j^I?4pb0(|3Z~#vtsn~?l?%S$P{p7O z{uB+?U{N(74$|8V?jTI{pbsXM4hEr_0U;6kk`W$ZQw^aKE?5#aArd_y6h;*jP9bbb zp%sD-7G`1HC?FTo+!lTz+=QVRW>poIAzYCm8m5gJu3=Z5p&O!A8^$5n%po0y6&&6n zSlOW-S`8oeVOixNAY#=Y4&u`kq9LZ0ASNPIAtEChjUzr{TS;QWMIt5sj3r*;&Sat{ z<_srxV$FOaC`!#Dj-pSAqA9uzDyAaKtRgF-j2FIQY`LN=UQH?1qCC+eE`p3M?&8Mu zqAz9)Fb3m1-6An2(J&rk%Ne6GQeplx(p54(qrya^G$IT&RwKb&BQ^?*Hf|%%F{3w* zAvlJk8ImJeb)z|+%{Zo`*`Omk(u+I3*CS_KpW$r~`)}Uo>CTDV{WX1{#V5VP^V`rA8X*T9(!b)h;)@X*~X};!b zrsk`xW?p2b48kUEcBX8)3T@(rZN6Y`24`jNW~cOKgAJx$2&ZyJrbrm)q&R0?{3Z)7 zCv`3+aXzPLB4=JyCwCs^bxI0!qDyOfV|Q}rcScHh&c#$}XIymV6SRnFyu%8~Kg@y^SV0&Zh(pwa6D&bUOoO8Jgd!}LJJdmf z{()8~LJ=gW6|BNO{=h+wEk%0Dg>Bs7q03F!;ka_yF!8!xHpEg${^_(nX27 z9edtIXC}gmD&`YJ!#w1tB9y5;H~|VYfj>w?kN)Uso@bIi=}3g=E#yMtOv4$(L2qE` zWk>-|0jidc=t*=bkA10Kbfyaw5Iu;)eAeij+9-~y=zXGTkN!h|-ot=;W{{plKU4x0 zjYK+RMLM{EOH9KX(CF?|C_7B(>u{)tg6Njc1)}!Kcy6O{ zYJmE~rSgLzsb-Nm%J?IcSGk!4yEKs*+GH#K0N^>Y#S3;nb>J+$xcbYc+Nz zCD_A!z5qA4gP7hYu^MZQ2IxGnDZH8{oepVH{KGuN!7U&|4q%y%?(6u(0SZLvH^@Mh zDgmK-E5WvBb}A~Da;6M~k*2-_9Yn*LA|{%a>94*kfC?yqGOK|isDj#pv@VJ(?SaWs ziJ+3ug=Q!`VClVnsI=beL&1f?j>L(YV0l(&xH?MLip1BBVAxXU*fvVpq8ZKBY}yLv z+A@<$+d9PAf?(V#=iKT^-TuSfc3|Ght-KcJ%)V`V25xTdZJhM&-)bP@Chp*3CuZWe%77gpZ?s3YlMA9zM z#IEhm1@7jqm-24#Y_9Jr%X$Vc0s$}a9?R|?Z>?CD^3n`F49a9RuPTm1KmY(cuvU#4 diff --git a/images/CertStoreType-Basic.gif b/images/CertStoreType-Basic.gif index 03e4377a8103c25d1605046a6127dd161f953e48..227fd38c8cc7a9315a512c4649fdd7d25268608d 100644 GIT binary patch literal 23303 zcmXVWbyU>P7xss)C8S)DmXZZrSW3DZq?YbjIt4@pUAjAD>5ipS6hT_RrCCb4r9?`^ zuk7pZec$HGzx~s zz|c4t7Jy-4Ff0OwMZvHb7#0V^0Wcg4hC{$`C>Ra{!~OH)U)V4NfIt8!1c3SH76Jkw zATR_3fqL%;z99EN}+5O5R%jzPe22qb_&!VpLV0*OK(F$g3Mfd&w07y^wz zpiu}k27$&QumA!JLtqgIEDC|eAh0+D4nW{w2pj@|Lm_Y&1nwUM{}6|v00as^p#aQ3 zL{Ja_1%aU;2owZ`f?!Y(910Gg;4l;%fr6t@a108LLm>ea5{5z|P)HOCi9sQ8C^UdV z!%%1h3XMXcF(@<+g#}Pp7z&F(VNob728G3;Z~zJiL*Wo8914ZQpm6`t|3@|q10XN} z3IkyNk%55#7zhjlL0}*#3PYD0m z_y@^9zy2BjNdW@jATS&RfrFrM5DX52!@&U@9EO78~u*ap+D$+}(bUW@N-j|vO&Bu>}6JP3ZVe0qPjHIPDQ`zGIcbbqQ$yGXD5 z>+P^C3aD+{E{hICWVGGx%OsD&cW$TcKZb{4tt#f`kPV- zGRAa7T!L;v14M<6t}VPTZ*@xJG%leIE>vN1hwD%icJlZ)0~_CK3Vh2SAEM5i+_-Zr z;=>}c^1`d0Jtp-%Q>oU*RRAZp-Ro0ZibrFUF=>Y<11wCWmv zp7La+w@jVMeZtt)Xs8?UB0jV#ecYEZX-jR)FqhM1f3ihW-wAWeS94_Uz$s-R(;cJv)MTMNo+v*J5pwh6~$HC5|px`$MCW zkHzmp?k8pZ^?B28$4(K6{jeX9V1}?X!#N?lEkfO`{v70-Hqk4|q@^MS50>Q^P3qGx zH9dKaHb@Ju?peKb4?5E3jM;0hcs>4AW|b*|{vikPV>zwpq_Qv22B^H*iEhHU5=9?Z zmcW-#Z3E#tqwVxQ)mp(vg7EG8>Ol;Yu2xWbF1MKarc8xngQVx>tx8OKIR8G$%s408 zc>78_(qUFa9O8uoD>^ewLry4N^W3rTOWURVpzm?I@XE@Zj->p5aTFdHLyIaig=pRG zL(8}_rh)hz`Ju-@vnjWhDC>42`1d?ygqY_Gl%fRH#dV+I>nzHFf`s?))q1D%m%zFR z#UGeaSW00Qsp4MfjD66R;;JFxDf@lTb8S4I+df;Ql@RjGnzG=})VET}r?oM%7x@BH zo9c5lVj|g*PIkF5xR1t)b;3%-pYSay)b49=Zk?CVqD?2aE?dp;XZ74%Rn$r(qIE|a zorv<-#8HGD*)`)ub4zR#v=uoz`9ekI+okP1RZVykWfX?Bk3T2F`*Hg;1ZFS|f=3pq z(BIq%tVw5d+*XH%VvP0rntwMs6Qw4MvYqS&XVncC0^gVK+12E_x<9TM=u{nTGUISe zXMJlr>t0V=hca`o9449m$j=A&1dD@)iYbH<7hpF(CpK-4?A&gR297-}L(^64m#?;eG&5To7F(tm0E(}lm zpA~dyrq8(8YgbaIh*6ev8u0OjAJq8xVH-wd^}8q7iP?^8d@EZj0$p<}EPF4}oZUhu zv!+WvNg|!7u|BTh;%T)+ds;H1?>gh{x@k40Rc~HfKl{PBIIe^XVrw$A05wX)B_{v+ zJj2aW?Nnpy!uq~aB=(2wucNB-yI-H4wKuTIr}ygHiP@T+WbKyoB>Gfrequj;Vx6Jw z0Ay*w9fOyk<-{XnqQ|T&@ z&&4qPDc`f^Y-49V?_?BYG4?@z#FCPS5f|Nlh0E){Ql9om+`w5w^^v%lSG~xbnDrS^ z+V79ueoT}8RN`-u;~jKw+)cjZhJkp5$uRd!3f#wynFeW`>e^?YIgr{eICakG=xpha z@)sV(#^Rm$onm?f!9F!vxL0QdUotMX7OMAZc$1;8)bCWnmRToos)l2$8pZuM|Zz^ zUEYncf0-Y6BYQLQ>@H2u?8K|o`u9|dTnc#>agTZoD>AL;+Ti`<-_zH)KO5AaZ@xUc zJI}-Yckt}Fs9Bh=EX49n=p28IHzPdmsvPZa5!I1IDcoj zz+$-2O*j-BAtD(eY8D|L93hz#A=McnvltKZK+(`laGwqoY3TlAG zx0)-yDcU_YAW?}ZC^$qrhy4N?9Ym@;uSgw_1YBZSZuMjEeT9E-ki4*CtGI|-{u#3f zqqd-lSrn$WVvj?0#!i-y=73pJ?eM0A;}1(nEx|0gBXN^y)W%TWhS->&eN;mWF>60# zhSFn6p}dzg(74?MVNp3ZdsgclGGq1xHD#jleb(RlM0K$i@e1)~5iY+sqP94w35o@S zjc7lzC#@VL?WM(zNU~sW63xmIIq!iAN1||Et_hpM)L-~$+wEd6n@HWkfUm+63*Qvq zV(J8BR8~cdY0isp_drY46lCmyb^w5PM%+jm&)G~7%?J8J3Rn}wrxizkL!=NqP)?vB z5I!TYZA~FbmG(YhIk8Kcx|hVZ8GpnHVt+v3$4>1L8*mH|fXI~lkidhul&<1vSuE8N zAMI+as3i@7q}^lHQ9<_{f=Uf)dmuezgr!=8+c=e&;sNj?H5#xZ9ID25ok}h*!%qp8 zNamy6O-+)hNn;C3GaI2o2B%TkrQiYN0p{5QG+Dwl{C!Q)Y#AW+5AVEw18K-8C|P<< zb!27^8OkoDl@sJ}Mm$JEhDRffyQu~xK!w`QfUjpU@=&nlRN%J~>PUt73mRaul$4zt z1kjLFZ1a@65q7KUT69wPB6G`)h*C(&az?14%SnSfDg3IbEvCe}ka?T-srQXC$Ij!e zZv;}(sZA7gAx%Q%Pa(&?02>_$uSuvcHI+LoY1uII7$_XSiQS0xfo$dJ&gDb@ZmZ?YwhIKJ@k1NE0B?&oI7V@jk) zoQ37B_)VH6e~KxVUzSXLPwpd%{m)Eg5Fqd0h*}{d;oVH}>qNy!vb=RIcmstrx@9+4 z5FHtoaT{b|YN#jNh;ZI~)EghDZ%3(?H0%Y=N;&(elz%57UXoZ#%2f<-VLniwH^ue= zc=UU57gOaYb}^=%C5)-DU)m|k7n9W;$#3^uB&PhO z-PMO^yeX$Yy=5DGwBfh+`jBz`Q>E^=_l{{|0zZ~0HkJF0H zQk8F@mfE8fIH)gxI534jE?&t^`hpgKr#@*ME%!bsGkRY7KDXB4mELANfkkocOlc33EP(5m#8tc-7}#>I<8LX+3<@{Rqor8C=}!lkP5^V^`+>Rqj3T~+2st;S#T z&E2ar$g8_QmLM%EJb2o*NmCS3895+809FX zZS%s*CZMKXou78~wh`qaquND%)Ra(OMpQmR@w}82Ngn;~i61*GzjXj{_2(NcXPQzc;GXB{ATyR%7jNZ1J+0AdM`HkTUeG$?vI0MLk2pm+(m0_BOEWRh{f zkO;N;_ta)?vQ4J?Fmj;W>~nFvXwFS_;KTOq$4LV;Ib(zQpP=YU(th@(hAo2_>mXMR zJInXiqeFUdqH?VJI;uzg^eTJg0g+yJ9Kit&D*?~^7ZffG8Uw(CXJlb%BFGZZoE13XXV8)ih+Ash1rNLe0#AB^ zPeZ^zm?vZW9_)d@^UUMRI^#DwAfNY>sMPVaK1{|>@Hc^R9A*Ltok~ud0wqlydrmEY zCTRsH>Hki}7)-3|OpO+gujD^iup0lpGVbXzi3u6U0o_yVtK(NPwaqC&h&{?U1S()xxxz$;Pzq3j#b1JfPYSwcap>tXVb2=yBT}4c#4yM~`tg~(m z-u<<{?rUY@*9K;6NeE*xFz=vyf3z56UjVZAns+XkU&$YT^98en3G)3r$sIrb7`9-i z3wlU7znIAQs(>*zZ2|H3K2mnxmvX`5-h5;lV^J!jOTm0`)BG56-i>1^^yJ0!uyL2Z zpf_EN`SlBL{w|fWESGmLJrA4rxwnY6Ui4mF4zn(O9mbezJ@qDGA&_z+IcYq8eBMrW zCWG=pQs_iA%K{>lF-dkYQ+LI_dpucoDOGSud(3wwwSK8#e7V+obun~x*=u#BV0E>7 zb&X|hLw0T5dTq;VZ6|c?uwd;tY3(#=waM#6i_H3^_4;+_`c1+5ZTI?rtLt}v*8$cI zVSKp_LYocZHyfmd8{|D3ptTLEyA2xFO>OO^S zu?gf;Ar{Ry5()a*Yz7oo53Q{9MK90pbg-+P(!cp(o zA3Ix4ajUW_`}q@u=j@Vo?o27}|7jv6$)@%=O)13gb&KiEwe3euahsl|Sc!oG1onTv z*uDiwD~Gs(dbZVC_bxWnC+IArebcGjH6rwOTGLVSYserQ+5oCP#d#{p4Fz&fZhK#X zCh1*`R&6&L;(WaWjr-9GF!vH6WSJ0cnvGJsLYXbej&!8#ZPWJM$lfhsRvhBP5pLm# z&3-@FMkUSeI3YD*e2mDfpK9Lbi0Tz#W4LBQQ{u$kv1P;dW_)HzmB6Q7Q@a)l2`J=5 zh}aFee>?TvYmMs1qukxKw;2k=5IwTLdJ#JNkCUKhq(x`spU*(+XH>W|nnJdpwDLdc zZGSSp{R#eoOz|9LP8nrg|H+Q~nUg=7rgNU`d7hMb{;=qrd;OgE$GHIRT!igH^z*rR zPvOoOO4N$TI-i8xJzZWD^2PvqbFB7&#p{; zuJjtO%zj+vG*6ExJrC#wR$k)+@JGcv2hZ zob2;9dP5=sAiPj88%QN9?j`-2N}c!l`&i5GF8%BaeU~EJw-)$$mh5DlsNcE413|GL_O=b zeYo3(E`GMF0jQQ7XHAr_ z{miG|{*`)p(jHrvs0-d_#j;6^s#?b1^(&PMh@)O*R*8iEsk0f%g&&zTSdl0lF_|2j zwK$I#s^*!TSaf);_C!52J+=B6c(OK>XX>*UHg@d}-~08$u0M*BO)cN-r^9d(iv*RG z9F=vky5?T>bL*i*M#lRHLKfzLu|do{H4Tf;OT1jTapx$7i&K^$BWd9-rQVw zPh&sFu-V=reg(F=6x>%MLK3)TTeGN90Kmwm{7YiysW4nisk%JC-1)5TB_bA4WKCP` z`wr}%N=Vh}{!?Edw3?<^sdmp`6OV4+v03&0eaMdn`xbH@B+V}rZ)WJ_5)mGYApJ&W zkXGAaKf|vy^(dNe1{}%FiyVeUxbx<%%upJBZ8p_pur`}K;M<}Bum(5lz$OPFO506L z!kD^cvJLgRod>;xFSkCqs|dBvxTJv{NDbbR&?|041Kx{H1tgbCID9}Mu(_At{%%n5 zOHhC8CP4kjz<$8>_P-0YTD8P53=7%gKy^(AeU2FN1wT71!CcefjE?dgiO~Ztj+O#J z&s4=P_hzU1NkvmsJGvfx%gZ2o+B`!PULRf8^bFJ(em-K*ex}bRm_Ik9&ULh+4rbV| z@n_TcWls`D{w++IO)VfZh6uvoXUL}1c{xAM@^{3Eh-FE0gO;?^o`kfPKF%17M=WGu z^Qr)AY9Gp3(`p0Rx8F39H`Wn%O3O=_ZrD0)JMYCKK}K)Z?u5PcSfBmHveE>wNy<4l0z1?Ad3hW(QqF1oQv9RL$(PRPt$&V5D znTLb=it4H|#}9pbM_I5b(xiH78-;&l6cVAvRv(oD>I1Am{HHnJRNNV!_WFbA7p%O# z`4o9At+t?voN7;dE|%!xR>riOo6%B`f*->Vj*93OOivl^9;W$Obn5g3S9K>UE~862 z_`xDo!^`pdd#E?+{NjosE3OTbW1cJfRqJir*ACKb{BLejSfK$UH2BHSn`7=#`Isu+ zs~@WfZwak6VVE&Ly5^8$4ixa)^=rf zzP*rHzkB+JbcNJJPe%p-KcSBgAIR!tDk+K2q$T@3yqgnG6a*&VDT7Wt6pk7nGIcVF z2%Y)5`hSgfrW$5esW?AcDtia7oXKkREa#0N)wY;VkEsly5c2w|#tL)Gbb7)92;FCwu5YP`GT|{V0^@3@)3x2Ou@yvgie4CrWaqXm`MEgoVUSP0< zoRUxOmpM(aNO{3cd6j%z$wZ_|`C|jkG4%@0nN&IFavs6Q8t=kqve233g0eN*=C_8q z6LXa!LvA`1GrGRlb5-(0?)p(u#-)tdYIRk2!>o_SmEzc%XHo9P6;g1t2^Nhr9db8m z{|Ijg!q(and6*4JnY3hM>s(YlEU+I7F|U>h4T zB=@cM6_o{I1^Ok|lF9GY(d}+Drs(dv)KpbHb zW*see_7Fr(B+k^OF~B8~7Pn5kI4J1Q6c>aSd1yh_J)Igu)gQBRMPAk|-6GWG(7R;; zZ5SFDPtC9q01+LQvGS^&heY?0GRNXkG4Kn_QyFmBuh_K~Fgz@~{g}e1JqAD5B4FxF z-F*CPN>f2-VSAWngzNp%xKH%+{9PFrsRi89#EaqQg;$?k{;@6)_CP~%#%(eQF*g;p zR{a#BH5ut-Je`v5Qch>6=giJE#i*!J$x`a3=d(OpKzvoD%HnRAvOHIzc2xr}a5rgO z#@0t))jG3ySWGU@w+~;{2NrnP{8(P-CcbX8t{?9PmM6ck>e-Ty8aYW=iVrqWv=zvn zENVy#P22Ibw|nJ!wnp)PBYy8ySMb&MU7q-=3B@-|_vvi)H>cxh3HS7$?`(&^traM~ zu%LPA^Tu&_HE{IBXQGC8FSTjqsSZ=@M@v%xO4qOUX(UmLL`ZTwZZOdKv$vh)tTj^| zEUskN{bi<%?F9cBEhjA|w(1GgO=d*~SE&tAAGG$w6Cy5|Vq@w62zCo)AivKtD(gxq zNCfclppwRXx5N?9QAZ-ES!1*V`>-@fo8q`#uiiG3F-(c3Tp-oj;3%lc z<=hpNXTlM92bc@;BOA$V5;WEREWT|O+Badn;P-7Yl&0b8985k?4+zO+tO;sGe-9`4 z{OJB>;ZK-UxP!JkN%_0QPrsf%UlF*PFIv%R<1URFJqz5n1fYQgU{bvVOxMHmppw#2 z!Q@DAc?dKC!oIL8}Z|h&l>qpG=3kG};icD|@^Fl#N z&RyDxy=Qz5U}Cj_>R0ix(RKsL7S+jGRgu9}F?_snxdSTO%95GYc{4ScOe#5?gUX_V zDs?saN`tBbD(appiis*}#wwb1Dq4|)+94_lA_IDtgU<+u^y!BTxP}Zxhm2H)jE#rj zPD3UEL#B~KW|>3gR*~qJsf5g=1jKC+_G9ws*AQkJH96r(7kl~&qa16# zJbQgfYaNKa#v}WjC(TX59S3w)=8-H)35?(3JwK5XW#ER}#~_i(mt4|8jQ-r(tU*16mx1{_i~I_szs>Y=H4-)IZiav+*F>dcUaqb;K8R|F5LvsH^f z_#dOmrWt)dJ#o!>$MT!{s{h`9TEc_<&0%g&LaT}XWTdm)6L>{a$8s+M)RmHPOlNOS zSXKf_0TJ_Ze90KRXIHM#)G~4t*AjB}gvLB=H@pdTITGOXZg4p&j+r=2LrwJS6H3nJ ze5W!0$9Z|4YSc?aul%yMZ#A29M{n#2?>`cXb`)V5RZD3jC$bcJS<>>5ZnSQZ$U>9& zu)mQkoS?^|Ub0%K;%PYJfM#zZp}jDnzQ%AfJ;c5j7e-Vvj6a+9CqDYoZ1H})wor}^ z&SGpRvdJJ#W2!BJb)ea~7h1O&ZiIx^2@tZ?jxs)n_O#LPkw>#QVw&+Ad9(>MUqVE| z1g^e1!ZZ=1^aQ4()Sb5}o`mY}2jjoFx3r>2ghvR!p0f+}5;AXuw@#C2k~TwQ?<*^4 zFdr}yTxeWq!J^z!$Gddh%f>#$3U^yRb9pWNaU<$W;^d#f$^Ygi|L#oQT|OHp1t}d> zB`b+W6pM;u_(HdM2n45;VO7XwK27B*Ie}PmI4Q-@6a{t)v^zz4HAO`x;AIL#O}eLrg&TrvHieVSgHN%%R^SEM$zkLQWG$VkW5!{^-x|(@HGz(>zVv+gL?xPQ`gn zHPBc!YECU_PCaW*t71<3Uzw!cSa)bn_sUpNtYZmkC`Ji-rC?}CWNgfBJ?i ztau8I4qiO-3NC(+jhKZXVW_F0iAO7B-j;`Jml+{CZgm4lt(q7@_@ zfg}nZrp|oCMuO2V>x~>n7DB9vjabZ{b}w)^&pz9oi-IpkpUlNLo5cn$##SuGwVTBa zEyj;8CSVtncNbGw40Wr?7XeX@&;|G^mJ_}p9%^VTwv;Y7^G4M?r(g--HhkB;lwZHp zvuK`wVqQ?ORNTH)#BEWsYhHF`UQV=J0$(n5Uape0sMfWpv0kojU#{t1Mh`95W0xBO zm+SsoG*DVLdM&q9EH~GiO5^@2jj>}RxuYes%q6VNv$+jX*xAl2Q?;RQX0l7+CkrO^ zB;M%@ZR4iS!7-NB(GlYduPaPLz2LzomPWgkAr|CI>GEr-3Z14-DyD5Fspt1p6Z zkxSElLHJj(#jlj0aZ1oc!NLej?3AiChGk`xNOXeRY{+_5dUxSVlIhbdE9c^sB?c>T zXX^pgl?cJb7hWr&EUR12@NdrWxht#9)zxs-wS8{0DX%rF3hP%{Yscf(SUB-;5_~^& z_2eXB^UCHx(00RXb?5KOqL+|v3prR8!@DGjBCOU>n`;mv4#v*fwGGWx+Y?wR-EG-imHo`bj>(rH)(B*=n$I> zL7SYq_8+4*84EY>tJyR4*grJcWZK(gKHX%w-ef1<;>fn=5OUx&v3#WGz%@V1Cbz|F zU}FdyYn|PR4RhdTUP4yq)#soK1wB&6Ax?3!N<+ z{tcI;Wz|05rbra{`f3+P1nBKiL%S?@4%uFg(kFILD!&D(u1f~)Otl*+QZ1V4Ew0r& zh^tzY5<3N9vE5!qUX|bESXb!REPDf;7;J39t+zh6Z*+0bc*JB#s`&kE1CpPFB76x)+7;m1~Xb7~>7*6QgzhJeG5L#OCT3O%4 zB6^J8jUz<4-DOo>Z77{WD_v{5U3Ucy{olAHSGt;6@6ue`(%ZPduz|Zr!xe>GOQT&E zlgz7d6PCtFhkTXp;`95#6Ykc5)(y$l5_j$tR37(uY+D-Ot=EqA(RS_g@S1s#%X)WE z&!PGJ;Rm(FhK8*_tMKME4>s2Cg+XrCl*cbwJv-(P?j`T_EPn2GCCS|*&r_p#zU(9_ z>x5)6{O@FwE_=^}Wl`K44rjqe78n^P8D)7NdfDtJHSC97dlj)7uL<`4qvURgsYTG|oo9bQGzj^0esnhFu3e6jdA zc_)XVs8Hz9;OuohbbvIw8|+Yqe!D$Dy~iH%8v>`2#UUs1X@+Bk;6_nq%tgDBS}qAq8K zyaIRKZrUwTEtqY?2`<{W zoc4F`Ih$O44YXZZyPV4Uc6Smunq*|h8z}v5DOt$k^I#5*J6qDVUV8yX4_HHmLHb)tRsP56CblKVIIH)o=qRXVP|r^dnh zPB$fWe@2A||MylAG0HSs#bbD5=3_ewD(4&#k=c0H3)|E*Q_+&MK;!u5Fse~7{n z&0d3O*wkz1-pKyXe|k*+lOj3m)eolH|1%-)JD`4IqYxr!vt1?ky@f4Svd7V^$o$yZ zC*0(c{q!3$+SPetGlcTWpy1`lAxjZ?i@9}6GB$g3<7}v2=%Xyt)ds{;kC&D60e+(w zAHuCYDYVPxN679=XSw6qAK#DF?ffcV?a3e6f4MEU{UNm$`t2QdxyV)Z$>q!SA0MbG z?5Y3DKl#;jKUQwxZ1VHl0TNQJF)lAdanE#~hzx~$Mtl0{JPu!(4eJ(!arfjv6z6=t@$Aqdar6RA!;`{Q=n@e<@=^jd14QFu57D{_)CDzn!s>I8u z2z~v2Ry7%~`%WqJP@iWePcwz7Lc^$Lu9&{8f5$wkLoS#02O?th#+(I)r|G zz-y0w%V5bOYjCmmS^NQsP}dLf)0K}eE>62&+a$PlzkKj>)$$M;PPGa*Zb-bJUxwnT z(CqZLQ;Zo{i!{DY+x?oKAp);kNCjVMrf*C|X#C_9&dA^?A;T7wjb`F*FC-#!)~j^l z?jg*O3Y5WihPrTLJJXci%Uq{mYi^VgIp;xYB(>h6Q4|w@#%7pfpyY-n6BAEKR3jOf zGkUkaqf{?C^nf!aUChB0q1W}Ok8ne%73-EyDT(2K+m6iyS0EDaA%n}o$y~IJK27Zvj6C+dx=d$)U=54q}){0u0IAVK%jx`+_} zU_lYlw@~k?Aau2qK9>~gncH4pood~EGNP5k%I0W4#f9oJ>dEhxE@^+ZyE*DeaWdcV z>7=(=dFO-6)~aDEz9Gg3%l_JUK_}>(^5*1-`R-$B_Ax3Y)I*x>&z-vLU$V28GP$-< zR3qhhhJ+s0oD|PENivIcsGsLabCAD=C7OCBz2e z@oN(S2a;VUgxc-+GrNhBxr>rBY|BYQaa9_Y(YnmU=ePt36CINH%6JO^T0IwK5m7Qj5%@|LpqVDT2~W7(+Iz z;@Uwk(vp_BnYR=W#pK068EU!0!B|7eqNKH(SU+u2qD9nNbS5C~m^sB9Ryx94+9*io zp#R{PgTNz%T9TN(K8t$wz>>zO$?G(R`w>d2y_W{5Mq1npv3!sRs?BP3Ater-!C(X} zM8o8dy|WEi<>OyyVzl|LanJ`D-r*S-G%;;*D_DZ0CKdu!vgKiVJV{6Eo&r^wvB=G$ zFMi+#XWkiQ^5|#m*fG*U>Qxx4t8L1w6Mpsq5n^6XWTXxK|Kc9o}KThd%t@* z;16d;5Qk}4=6}xbUggkd|UD@u@^`p`%~8!QT}03&Hy(IMyW8A!14gG#Pkgys;%a$DxWQ_OS!;l@wn=o-2|X2XTKb9E+xw%QaPOk+}m%{FxmK3>mS zW|$T}_0;XWsb8}G_Iz;>6WACR>gh<*wOD`~4{Rl?h1(j|cLfP&8!^?Ngf6O9eClZc zHMf`eT^)vGT^>!5j}3pBn0Frp9@@)}3H*G@(;+jyrI~l7F>;fL?%`UWvV-T21tKgU z&L9&O@-fzH%WBrU#QselgYCU8??*#uxIm{$qYQ)DdV7!)y23bKd9OJ6LqaFBO-E?e z&!n)R3YsE`OfQeF0l8s>a1(wflfi`OFuge6UnNx1I#!gRUDTmWe4FQR#6?@VW830j zo8ld19_wH&s@&}UM|e`4KhM@IzUAm2{-A>Pj>PO4o`*Px4&D&P?VT~_K?#Z1U*Co> ziAQ|p`l8YN;njfj%8L;P866^$Y-+g_JZ7UE9+9Jb?z6+Is5tGF;0&a|M!~|Ejjw$1>rR! zqxga&c;jKf#bH(SpZL$8-Wo_<{wJQu3PBi^V*a8`beJz0vb zg?qpX_lbtPpSB*@$o(oEt)M|zNS-=AgjBy;Qx=)fQx&w>LiPrDQ4pHkBY7>3cZyExR=lx+G zkxW}=o-X?9^-y$0Q=;9tcb8>hl$Gzp!uf-hr%Br1YuN8DXGVopQ8#oK!P&n~XfgD8 z6>b>^efE%1CNag?T8SnM)0r!n|YpH(Z3yjen*x_IB|>5Usc7I=1?sg35Zt-fTZrauh_ANv%1EMn94XFOziGmdSo3Gf^g!zAZJs z{WP~s`r1LxeOvCZO#1ebSh9mc$F?N7lj7R8*xojIlq1iXqjLNse*QB4c}``}jzKRc zKR*Fqbh$<{mu7akW+9hWWw}-Zmv%?Fb`O`%aJkL|m+pMI?i!cgUb)^W*R$*LXLnrs z#1;Bf+y;yl2CUqMJQapQ+(zORMsnQ7Y8A$M+;Ec$xDB@nqQbd7m!n}~%qO!uGf!ng9!m@|kYPiB`g4=q&!g`I{X0O8Ll-u^Y!uF2aj=0i}ipQR@ z(w>#afv3{p9|+==j&eLs=R4pHik?J8CmS9FqVkhYxbr!&%W1Tnh7xEHpmJ5pujZ28 z>2=$ShE^kdb_niAD)}5Jb0k)J4fnFRR(hZAX|*8zZV=uF1Drsg7e*O871uF70IsX_ zBPH-VCzh7s^}!I_hw{1#g?pY?26^*p;=A|+?|U5#FgjKJ{jTgeujy{FFIT?r8ISjJ z0>SZ#_r(Nns0dT=>2T=G9(5g$*WTW%2?bGo7amVMx3NkjEgzK=udGVH>s_x1?l=M& zt;jRjOF0NID^!Cc72UR?p^=K99e_up%3E^ZOTaZk&NY&e&*ySqj&wh2ZCL0(1&??H zs9Z6hYk+eD3I22tzNG+ObPXkT3tg-7rg&*wV4@73h;wqt-Y^SiH- zYmQKO&vE~As(}ddnqv1VpF;xn4Q=0Jg0$=dXk-}3swV$bS-P6Xb2!e|Td5+NH)w(& zzr!`e&?O&vD0hsX*}&_U&hM?ln@hVd(^**+tyI}@z{&37tA>6#hIrMBcK1W?2{9|8 zXsCMV<3GOU=pr`ERS9{h1%ZZ14I9DDPlp!dem=gpN`C?|Z_pModS1z|+9Q~$|M7AEdqj1HI6qZy*ehB{ zpAb(A|DiXM%bSpZM!?Na4qe@IC=(l2;q6`}?_%QT0Apzn^Rfz5k|0zeTy~jle0Z4?-N@c`e~bVd{p6%OHM5!X5v) zN#oTkq4&ft*LOQI3a4&k5g%+CZ&H(={LXItUHIg-vhlXz$)AqKKRr+W8*cn>;>q9n z#=mP%?)Dn*PM_ee8*z6&HspB3q)QJI*z63BR zv27Ev3zWpCiR1;8^lcMq43sRTiR>Meyr_x13QEz~MDZR9`rHKi0;Qa6qFjJdt^48; zK&gKN=W${@4z{P=2Laes&9{)7(Yt|mywb}vmSWSbyHWh z{G3bSdpVVW1=AtR6a~ddZ+BaZ@=>(EQbhes16LC|I=SzYRHfWvcpK|scN?JEc#)rd zI8Htw`{YDu@ghY_2@LiIlV0#x@#n>RM!Un#b5mdTJ})?k01HICBv%i3(-3y3@KMgC z!_Z@!xVlNLW-+;TP7Cd^ENE4Fo~I(B`W~tEM4(CPDuMP3d_lyi!7l+{31W2lv~2%5 zlM7$lp_jrJIq0z*X+swR@(9c~lzt$GIc)prVQkx|93aBCt|l`1+&-laYE``|qO^7Q z)9!us=(7m|8cB~Wo~uHK!>`_AqU&mMbJ|=KG5oEgEr;J9^Id7pUU@|ZI3|mJU~(7x zijb}rg=z~G9EZQ=uW{`+^M1ye)iM!#B1aM1{4ch7 zB1UI;YF1KtbdDm(-y47BZ@ue|d`$?l6j&vW;C4RcCw z+h^^!JQ`s5^y?L)`bfVk(~3S%&Yl#gew#Q#;n|h-5k*9q`!~HWl&TVI{{B8~7r7wu zVC4g2$BXA8!NKl9Hl|e`6a%yI-}iYMf^Yq;N=3YWca&&PR=MAJm7=-m; z{&8=(_L{H*l%}>Y+<+L2foulDh312n-}TVa?$i!vd zapsP%ATKYCfALCAtk|MDtGBwVzdEePx~$JSt=GD(-#V`6x~}g!ulKsI|2nV-yRZ*C zu@}3sA3L%qyRt9;JF_>tvp+kuN4vC7JGGbPJdpPCvN7)N@$&j~8^7_XKk=LFvTiVf zCf}}I^9G<_FJS-1s7tYX_eQ(lE{y+1xZkdRuc&%YaXZ{QFVA^yBm*NLy6wh`KG3aU z);mV~JGKUMf)?jz?`9?U2E72dFvRx_46|#Is8*lQ!CUxa#yfAwahtH`*aEn2)PkSm zr9SNYbTa(H&UT*CCoaF{kiRmN(u2ynmZ~y3Bh|u7<}!dc)!Vd=(utnufKlJ<*hZ<3!n6;FK{hMt(YNKq z^9DWqH=DHo`?#Wg)rV$=`m;S-sGg$1a*q9j61s8IX5VW<7=%HV-aysw!rDK5)N4Fu z4*iG%JcM?t=bHO%sC;n0tO)@(=essu`=z0tJDtP)ZHPE-)Pl5j0W>^%VDNa?a{-E~ zW|42|RHOJ^r}(@!bX?{;Xu7;{5Poovr)x|2bMom`gEvu^DeZfBQ$P4s54hC2wp|AU z@5?6V>t@yuM-Z?{v!3oK&jT66$u7`IG90+i;b?_a6MnjEU*>4~h>B(?P;@XjaEl%_xomiG*47!4 zCT*L1dGli-b6gt|IP-nLp+TL>kY09%leb!A$F#Eh^Zx-9OP|I#O7A1AkmBnmq1==I z2r!HES;n%sKx^kEi-d74!lo|TC5GGr3^Bx$3S0@Kr7BwlBI)$0r!a%~#)j`R&)=e*q3y;DHG) z*x-W^PFUfE8E)9&harww;)yA)*y4*Z&RFA(Iqulwk3kMu8GKNTI#8(uG;FW zvCdlSt-0>n>#xBM`|B~J^>qxf(N4S3NzUGgZH_pLA%;%R+vV2EB#|43!qo1YX%;*J z{H;Y!-6s-B$=ij$1la;~CXU(xEyvOj_uKNA1?MR9i-3!am@{h&=2m^SfU>|v8$z8P z&@XSD<;^vMU7tdPy+|KPFjXTiE;0!t1{`ckhHx=l+vNvIf)ieD-Dz69vO<1fl(U%h zyCH@f^0q#d-*UiYix{G>j2F3oh~%hw#OMq}*V&&K_KaYkM+QbyLqSdMgZWBxw~P=fOIQrU z4;mu53c)dQEFqFp#=8 zc9$0E04gSLV2LBAmxePiWfwun2tCsGJ0MOk3>sR*hbR(*IQ)h!6j{i7)>bW$I9k z`c$PJRjO5W>Q$|pRjh7Rt6k;lSG^imu#Q!%WhLub&6-xUu2rpVW$Rnr>Qs|4hSH13)uYLdZ>t6vISiugKu!S}3VG)~H#V(eyjdko}Aq!bvRrHToJ673(1IT$) zlm(;&;ed9sktcC&O^~y|6X{_h-2@`EAvBOi)}yrnh4i)UV~4Uhf}1C{gIa1)qizb3 z8%2%;lN-5R`T!`h*%qj`9@)i9)K?j(kYygS$;dERM-kN72cn1>F2RP8S>2H6Bh@ub zcf;~rP2Ho)I2tNnEh2|5}jdBMNprImd1QB{Ump-=a!UtkNo*fGjib_$Be`w%S!FWa60&@gG(mlnG zhTNAM%Sp?IK!X@Q)Z{TdLnvfo#0~VqiyPozeUX5JbVP%oc@PeOIV7EaFpR!1fM&~L zKtnSPcH54S*CRMNZ(qo?=eVS=LZ)&|m1nobO$AejcP@%v^b8s@NdgWd4$Ti3ZATny zxgbILAi-A5ko$IID!T~IJZK3TUi3veN_+~0ewZPK5Thi%OT&IaV~z-`p)vx@5oso5 z688RUK%O zjSpUK zdP$O;ZKvSgJGYMH!hTLYoCoAWYl4)8MGyrg=s`wsP05gAy8PmC(5LA7Nk}MT5zs(8 zy01Rc&R}}(F%++g?CB2RLg64HQDWpN79uI2gC$JO=(J7h%wm&3&q44*fZ&Na+QC+e zA_iy(@oplBB4X?a2H$q&>^j2DoQ@?L1P*|ZIb4MOf(|2uf!O>BRm23KAmS1CDk&n)f>B)$YDAVg0xMHR(>HH2YKz6~Qt5w4{ku_MP7SVuJ*dkFZ(MSAAszA|Au=K*av~|RA}#VFF)|}Haw9pCA<3p}+NLA(@on5DB#|N#_j9*Dx2Pi?I?orLga>!g3=n|7davrppGf>VGGt!Cewx{afmYHXB_LsdE}?H z4rIvKVgZe^b&#?o5Xmg&CmDPv%z84qwrtNpA(>JLBDUfv;^q+}qI(uaAA}*G1_~pF zlGxq?$EpM{tY-#L@&;xA8j_4Ajz?||Y%kxS81)2Gn6fI5<|;9wyKeH~5NwOs&V$Ns zbvOuBcren264#i*CG14vqUkZV0L@~Oj3h3X_Q97xuQX02GAV+2YDfhyWPmyJAtn{` zX+{VTN{A(D(t4IBGPVLDnusURuS3}B4MgREcEQC`2l$Z4ICtnvFikexA{g9>CTM8e zMocqr1Syj2+;0DqY8Z10sSs1rpqg%H3-*Q~gl7`tqAx>^D{?6AY^V14ERS?jH@1L< zrtKy6Q-{)MHG$GQ@nXC7;VrfpMxhw$qO38*AT??zs%$8AV0fX6UhY!ek(_YgErv@ZUN_?qniF z7%XT27PkELBG{BvXM6Gy_0V2cO`&Wz6_0SDyP2N;3c*i2L(P5rzK%$(xPzU^zB7RkB-(#kdr z&Nk8XLT%N6ZCS!?xh-ysr^xCS2YAe7|8u5hcIi??Df5n?_F=;3b5Fkp6hC8Bxb0(y7N zFCteAsuv-y7cjDSds9SpafWqStq`EAO1w_l!mfp2aQ{x>3@7+g=#wLOsGjnJCaCW! z%#sn(q9+=YV3~s+2%~?gh$p@U!sdYtE@2al;^7+NDC8`B9;AEKqhc|l^Ym*z49)1^ z!iWtaKK4t8Q9?ZA&T)6bIk2P3|Cne(=Pm~H0g_Saf-{VAS*oG(K8&P>?AEp~`v!_-+t0hywcFxWu0H{AjBn4E1rGBN!>4kAN(LLt_#g}{U5(70#RxFvpo;K(=J`ly|C0SGS-dV;VvBYFjSDKgNFSa|8Q|-FP{c28 zFN6662${J)r10yKPA~qVS+2Lrs*EbhGmaqWD0pv!&R8;Ij3Q7-*DiBN3T~KpW@4w# zm^DI?F3IuC3w@2SS)ADl|38UCwxWV~LcC}KM0BDdG-LN}lqU3PYd%fAaz1{o0;XA(Nd%o$rzU}+I@jJiud%yX+zyJMvX*esu1$@8> zoU;S~ehNIn6@0;c<-ccx!67`tD++$HC7T=^ELflgSU?6^fWtkU1!e%mMcl(Xyu(F2 z#6z6KKODtJyu?@h#5df{01tU$xf z{8!Rk!^?cledWwqAkF8T%@4cIGn~wQ#m*1g%dG{>!#r>@+{w9o%DG&|4IRr>9MQ8} z%9-56LmbenMbHObb69{2_FT@}e9nEP)A=0E)qKbE+|Kzt!~gS~&hy;IXS~8Moh+Pu z$FF?RnY_iVT+*k!$#H$rAwAPeT+^ML(x1iBUmd|0eaB54SU8*o=(3Csn}J&3DB9sy zlw}@BiG+4M#HYo{KfS@F=p%+<48&jtK!g!`E6OYuz{WiepR{RnKn%zr8WNFAi#;sZ zoX=(83Y@%GX21$KyjNVn47s2MC_xzxfdvAdApoHTB*Y3r93pI?+wxq)Wx(J09Lm>x z(S_ZuShW4qt=t8kG|!#fDR4nY zSb&CXA;Znk_2^;Gx&7X?UCz1v&%eDy=w~h30d+wB$p28~DE1YzJE$t8&!;@s z8{1;vd>KZbIo8|^Wk6Ymp|gVc5GR{ntL{q;v8$K{;LgS^Ahp5*r-7VPg=x^3az z+$Na}N-P^OiBX~hlctHoE{~{Q{3CvYX7yyC=kbU~B#M!rRUYAhp1|mer z>)^wQ6IoEah%uwajT}3A{0K6n$dM#VnmmazrOK5oTe^G+GbRfbGg!!A(S=0|7FT4n zkYVMfPD;@b>g#o|mrfQs_O)YSWFNhmEJ97x7s#d+n?HZzv^ldTMT;BTjo~6j%|2c_ ziXv<`1KJh0`)oPXHw^6 znxjmn(CH^0 ze*=z4Vu>c67~+KZ-Q*r>&ADjZd=G+!;D+(tl#^%8tu~zuAciL*ib4)aWRXUyhQipgi6e*THuoYd)bV3nN5&9qaG4l+n%XfvY8nTH5kAy!5E0g7p+nr`~o zOm0$@B%)P%2<1)Fp@*83sMaUknpZA$TAtqR$!V>&-ij-PIO>FLPL! z)<<0n9p+aNXwE(hZM4!(ODnF{UW;wE+HT8jx88mWZn)x(OK!R5o{Mg}>aNRfyY9XV zZ@lu(OK-jQ-ivR(`tHkbzyAIUaKHke4@_{u1|N)Y!U`|UaKjEi3~|H~PfT&e7GJ!W zGQ@yFOeVx=GK?l2kL+>DB%f?@$|$d_a?32g>~hR7&n$DzG~aA<&N%O^bI&~g>~qjS z4=r@jL?3N*(ny~SvdA7cP0YwnM-4T|A4^S4$RBHswZ~hFZ1vP4YYlbRRFgf-)lX*) gHrH!=T{YTm&;51Xaf=;t-c2jx^(Rp)qf9^mJ15k0t^fc4 literal 19302 zcmV(08OR=U#RVp7au4> zAV+N*N{uHUCm;X-F91?0Dq9>_rzp7vH2?rL05mEY05K>kFj|o_alJT@2XISX<) z4ud%io;(c7IW53DI43+iJ3BazJ3&!BPi#C+qd8W)JYj=7W~@AOg*$Y#JB7+QkJ3K? z07V-JM<*veF&sZYZbVRxK5Vo_hsHgT&P@PLPzVW61~N%PQB6i_Oi@`(U0_ULjZ12$ zOLW3crQ=b3%33iWS2c=UU0PaXdRvBxRhH6a00Ceka%D0AT|qlwKz3eENoGqtb(=XjtqK?IWdYmaf&~fk46BFK2?uMaE@Fxi)K-fVRVIKhJ$sejDl>1 zg{zN^(u>IWkvu$+JZq0&K$e7sl#8^Nmw%L(mXw*Zl(nmovDTZ;!IaA9kIsFcB~r=_l^wXECuvQ~1nWOK7+0J32hv~fJOie$8llDVE_vb4>$ zxZ1SAw6^B`y>>3UbUVF$LA!EV!IE;lqnW;@vb(Izy}rV_)9k+T|HX25$AtjJhib&b z$HmK{%ZC@qi#W@SO3#~%%cXVAyxGypwa(Ab)8o0%`To+4a?_DK*q~b5orKw_Zqloj z)U=neayL{r>B$m>&&;9+^{{8Fz{{9I50NuGuN6neRg9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlNqU{6PPZYy?-!c%A85Frp=o;bL!m5v!~CWK!XY$ zO0=laqezn~UCOkn)2C3Q4z<_P9krKIvufSSwX4^!V8e(^gZ!=6pMw(Z+AW#it>ySH!4x_=8FPP{nX;Kq|HU(TGS zyPMB@B5zK;x^>&)w0xuPue{E_{om|bw9kaE#rw|iF!O;i z!M{KM6QtOrj~*rj@((}2(D7YQ{=|cbeQB)44<&RPR6Q)*4J_#j@F1Fd6joZN~-48t8>4W;F2^o$zKbbtkexHhhiAinL}>p&om~$@Qpw6prNEuX9C3!A%ND= z5;w5$_r*M&O65;Ig_3(OPwkpe?@!g@8&j~f77UuLxaPX6PQKz)PpOAuqN#!Hp70E%{(T!0Ke|Ba z=uG6wgCc+Og6pIb%TQs$6%YpUX@TQFIDzFDlOhF$B6VCo6@o~&B5YvYVZxoxe2}bMGZ@pvw3vSFUbOY)bBL0jcylV7^=+Xwq zJ(;b^-nVd04GTDO{>%SVd@+O?!_;rxG>r+N65ko>AItu^TyxC+&0O=-phDO}G5vI# z;ulR5sZZtp!SJz6Lz>WqlpF8uIUFgL`48m%W&L@IqUZEA(;XweF{n(`13KV|ySh2t zau>fC-9YKeYfV13z{c~?H*zV)b-X09(-r4Z4>zncv7WO01$oo#&BC;frdcbV#4|0K zv!AH;yc~!--8`7YO7er-?c4C8VX2{Yc#b|^QK@g#!+j=zAGazcrFuL_clI*Ji0B}t zRUuG;`&)%Q8pJwFy^cRHScOX#2!jSbka#h<-Ln9diK zY-qe5G6rG(^2wE6@V2Ga6=O(Jz>z*C);BPmpoPe?Nz9&z6Mv9xbVmB0lYD@qGv#lA zU&>#)>(NG%m;^e^io%~(VCJ5?J4=UlYHP&m2bYLYeYOxJg!8%34kugd)U+38CnOi9fLv z%?!crM-sKkAbp9^3FWU`-SR=E)U+aXy3{W1{6|c4^iDg)vnHP;9f2rz&rx1-NHI8? zOcrPYPC~B@#R%vh2Rh4w*7BeorOC2>#g9^{@uHAJf>EEh3Z5*~QdnJ+OkO4hXeJb* zTHR__ugS)55>Ta}I@N)^snKu}Xp=^Lgiv3~SF^xKM#-X2*L0G}ywM~dnj(}vsTjqY z_(PjYTADr>p~0vY3X%eCD?z>WR3atKk3+R=8ZmUH&z|xo{Qw5)GUOz%V)L^tO#b11 zvSwM+0%fE{0@NQ^$TYg%EU_>$0R;O>+`43kaL1KSO?!1yn)uUo{tzBd8Jkam-3&!u zKu-uSzfT&dvvHss}3MIJQt> z1z!8HXnpNLJ{AqImzKS6e)nrTY}ONW5PTUr`Oz(aPO%f^DhGUv%i*?6YbGD2>GBR+ zL(&Y` z;rYitO3e_)DwPf*clK8RhR`PFk!VBra#H>I-#V13vk=4NdX`%&szG=uMGI{~YlauA zndNGk;C77}eOV76R6eF{4N#*Vw6X`2Nq#V+oUBv@dg{RpRAk~A_BaPFoFSqDs@lir|$4{g?-7h+S zx>o8zi#CY7T>O^0*6$Mat$Y3Jv*|k6$4>Urh`sD+Py1z@VUH23{q1nq4BOov_qyAi zF>}AW-uIsKw)6e(fd5P015fzE%VqF}PrTyCg80Qd{_$C9Jme=&`J_m`@|e&3PcEE#>E{o|fP)V(02sCt^pF8C_!Rfx0S|Bk z9O!{w5rPhQ4Fg~x{(uY+AT~J>4nSZOE7*i7^Z}mGD>X=iGq@D@po2RBhCk7PiE|AF z5NS=}557PKK^PQ6Xbg1-F658_VW?5lvMN~75B|)+CgGwK)}R2_Z~%KHhgB$oMnMk| zu!iIDfiq!+MKOlZxPvmmi9I2S|F92JK!#D_iF>$t4Jd|w=qUIg z1VCU9?N9|Rhyc0Z59%NUEjR<;a1SM*hy36QEm#0HClvc&21|esC2$8ZK@K?(02d$% z3eXN3FoV%Z2K{gf8SnrWKw3e72~F?-8xULfu#N*z2hU;!EbszB;t%2g0s$}syg-RW z;Sapf0L+tya;Oi9zyd6=Gc5Q3IyjE{XaP`!2W}t+4{!n8K#>>VEV4+78^{l*fROef ziW`^@6j=e7AcOuu4hZQ2&j=K!I1}%X{s6zAj~rkR3#o(BzyPOk0eR4b{?H2xfFrEv zic2t#<#>)}l8#Lf2}Ws-=;#Jbu#eRcl^l>bzkra(gb%FwlO*sR;-H$I=$`f>nlP~sGRUL`U`H~@pD~IQ zH;98C$eu__o|KpmtoaWm>MT9zf5CGocm-IlIOVOE4n2SrWk#d-x_)vo+ zSph^42RbOExQV12g9jCWkSwqR3Q(jmaic*2kc&AJqUwSD@C!RY0QO;p-uVw9$f`#Q ziyOJ4tndy5fT}Ez0ZS@_thl21kOdTQrbe-=EJ}r*=%pFbj~Ixe>q&*^A_krcs^1`_ zo%*SvT7#@wr1ua2#tH(Lilphfu1g@KwR)@ep@4qsDEg2G3xE#E_zxJUsNfgu0&?VuQ7cD68WSeFptabEe#i;w&<(MW0VL24C9oa*UnT6oOg^}Qjdib{fES8S} zAOhSdnqpvH01)}KM#{1rJESqYf%-rRAyAJ2vZ5sU02MF?GFYoGya8S) z6j|zmItaWU9KtSo4G&Pi4m%V05WoX0q)9Bm;0nD?%c?lc0xapg8DN=HT*X3q4;>7a z;hPlILLTKJ4*+K@0ZRbQEWUUg6!cJ$e7eW} zLP*DeJjkGtfP{R=bz#VeyvT5&$c+5RX5q+?Jjr1p$&`G_Tw%$Wyvb3KdmZq}pd8Ag zJj$e8%BFnEpUlae?8&Iy%C7v%qpZrC%*wD_%eG9)D3Qy$yvw}Y%f9@}z#PoNJj}$r z5z-;ZHgU_!yv)Vi%+CDG&>YRuJk8Wx%_ecodMwM@+{nnh&ECw-+5FAoEEbwP&gKjr z-F(jK>=os_&h9)D?flO29MAIX&h%W*>U_`mY|i?;&*I$A{_M>F9nji5&;+f@27S=8 zoX!f}(AezI5G@o59np_G(GMD7}Yg zx6=FU3@zZ%G+_%)kRncC3ob3t41E)}zy=}a4s3waNQ|m3zy;$5jcUNVIjw!o=LEgx z4o*N5_|Q_qXayQe6XJld;s68lun$SS)auuKCV&%Tjl?arrbUo~G!YKks!-42)k+Q4 z(p;t+xWMQ9n>;j(KKG;H4Py*o#Q$# z(?I^uJ3i$9j0-|;{^oEV=W;&hbYACju3Sm}f&<*Ku6wW{l2LBIhArRKJ z^P^`E0+AO*A>{*M^}p8*6@MQt-}PSq^0m4)$;Vd-NmG z?|v0^?|W&1_lO?#dyjg4&xe8Udz9YNfM58Kclhs~_=?YZgP%Nw5)A7Y056biL~*q} zLJ1&Xj%=%@tC+m`!TFxQ6V82x_+W;8(*!P%3hJ&CczD&0m4Ry*jXV4Jd%^gBKNHh= z0dmR=n#eGqPZP*E+VGGAU!eIuQM8O%0>=K2{5s*Qph&fu5d11UQ7lM?eSG`4PZ*KE zc`*6E&h?RA%$W4(0`)Q}FB}C^kgP0xkQE@0G7*iy%A7Yt2_X3$ocNL?S&x*Eya2J! z%#wcv|M@GZFA<9hbqY#jkmv%R3>ARn3&P45hzdUL3HbK!o)s1@B8jxJq5>Iz8#~VH zcZx*_FY^o@EEVEFNPoOSfb^%%%8m`B{$X@uC4`8OBUO?~n5Y5|M{zm8&7MV@R_$80ZQZ_w8&~dJx^?Z|9qa6^Gk1F1`YqVgfmnaNNX+wh&Fj4l zxsDDw`EKVwdLANSWYupEL4JFn8vguPEG*{E1pD=}v30OWkODcEQt*|vXt0_&d)`{W zC_g+WG5ae;@Z&eej`Ml(2g)ct4Xl6@EKK6x=^HnJM=^8fAHE=?K=SJY?cX~C-|`8O zGEX2&<&>NED|NUfNZbE9LzSi*?|%OM{r?9rKmi9NP(Z-g;_E=Q4g_v6;2wZ*3GP@a z2s2(*`^TCF;QNfX%QCuWf{-YS&7gOz0t+*G$}8w2Xrx(fIC>@DZvt+Wr1PJ%O0fgtnzkd=1`V4=_*P@HYFjNY*kGc$){ z^s7ig6M(jx1}&6@L%%UI$lv%Jj!%R9Ax8%nv=AZ^BJT+x(-k71FtFgb<0QM`{J|!K zQ!~o)IZ{nUH4;1_CDc%m%zQIhWtU~PS!dZ)a6vi$0_&a+w3Bs-EQQPkS!*2N5XjzC zv=c1XtP_%zdsr;;QIKXFangd$9hF4c9$L-QAwdP{!kf5rY@aDq<?2n!B4orrr^ zf{-Tcb=DvP9@tATzabMWWS`}@V~;-ux#MWlN^nlF600DPgS7cTRl^WdY@XsCi)^yW z0xhkebu4YMgqr;RfhPxTGs^k2)UJumpJQ4ZXgb*Ly~k(7f?gu$e|A<)+&k>~RJbr3 zJIafDG!RW-f|u|oI-BxwY*aq!dBAIoCxbYnJIVgXZ208!<-5&v7H#8@2PeF6!w-jR zWVA}AHY|9=cpv~7+K#EvBt{&mq>~PsCIl9u7&uFXDq!LA(I^4ofelm^osvRp%3F*I zUJ%8qe8gbk1xm_23U$?0zDlanLoyTB5N2p+U%64z+#hi;Z~=-`DGQ;6Z({OX2A+xB z=L`ym>j#+%c4Z}Ew4aZD`q8PfYV_f=Mm&D`=cgZJ#m{0K!TtCdal-ol|3^K(5)R%0 z(0~U-U;_U8b3d~vUC<;WJP%M`t40h0i9|R#-B$$_J=`VyQL}3b5 zxWW#OP%QadiwjveLmJl5hBx$&3`JPN7~;@}KLlbBh1kG2>Chn5u*VRUxI`v4v4i%Y zMiJf84R<)vidV#97CGjQZb-2$>8PR>#W+SXmXSa1NQW02XGS)*(T#5uVd8kW7Bs@q zj(5ak6R9XiBi@9Ic?4u21*yV4@-Z%bafdsSI7mh|(vgL;MtL zPIl6hp9EznML9}RmeQ1`L}e;fxk^^H(v`1-Wh`YmOIp^_mbb)ZE_K;SYIGxwb8!YS z`u_MxViwbwCv=8AhIve8Hq)8%OXf14IZbL-lUdQUW;V6CO^#uco8JUyI1A)WahB7Z z=cJ@E(Ya1`wljk2bZ0!}c}{Z9)1LRVWhybFH#B*jym-p;fO*Uu;7J__CP%PP{b38&^Dpg)u0$ni$3Jw{(><) zV@y5$$2G{n4^W(BA8IH@RZoIbon9mjsuHU|*kKcF5F{Mw$;TBOBUpc&!mw&Mm|aEN zPrRz79_Cns4`^!BaF78XN%)Fj89SYv-lV3K;XyIP8o*kpLK`4$ZQjBVlGf&93$fkY zXq9`<(yoOceDK6=&+1wj#Fh-RovlHnD~=b)!4sJ+2Cje$m3<6%y7+hjCe(`wx-Qqf z?rd&Z{E>{!fmgb%?MGqrhFI*@R=YOkM<`g}34BzSGUF94aR-ZtwuSM%4`ye4%c752 zVBrZKJ#ayS3soabmA0ZWstZ1o;dxoX6aG*J6eToaq2-i5A61H)U zb^I5i?%2maPF#6_a+3dnVI}?g~9%i9CJ!*u4+GM0g^&<(L z=?JFU)rdCr8ecu@I}(}&p$>~bg3*M?yLi=z;ORy- zVpKa$9v0q^u23Kt8imL$v0B{$QfS9{0lU6;V78mupt+XYBxJWf#dbrb(09GygDr!Y zPfH5h3D)D4cW(3D@~0j&<^yw$l&!2~YWsM|M=k{Ic>WvQBY^nI`5}ySJ)TH#liRuY z@wBa9-u9Z0A*=Humd8bIas`?9?a6_5t!oI(*s-3~Ar|aKd!=*YbS;`9m9-g5CM$zc|06fByGR;LmZ7fBw@? z|J(1s07RVsV~b4_zyma#PfNckaxesRz>m4Kzo;^|ShNSUz>aw|?%RtC&wgF~Ji=LB4Ra6_mmKkh4jO3n&8%EIYFuW5d*DpK%=UoZkJ zP`;{~1G&-!ra~$%IfPX#2(oG_;)((-zyj0Bhqx+&lu|0D(w+ljtn%UpEO3D>@P*H~ z2b0>xB0Iho1&hsrvum=cH7$OqB5 zhwA!8o1h2Ps;P7wu3VHEld{Koq{m()jAOV*5^Jq^^ef=Ysr+i2d#Higx~*0`$V;q; z-ukWSnwR0~hjPe-Y8Wo*BFJLM$eeO9j_e0hxQr{{8IT0BKfFj9yDzAyhYG6+#$w49 zdCA&}N&m8sYfKTP6fc}iFjs(zdvF4b0kDD`%3>%=UHrvh_yMLwvQj)nn}DlGpa;Gg zESu;DSMY?{5(ltCHkbsdR-}v`fW;(e2LrpUaHvLc_<^f*F?yH*i^NDE(8zDVhsw+w zKH!1&lFJ{XGB$KSMuY-KG)4X+-~u@ygK&HTE%+H^5V2(>0xXy@!u&9>n8eq#L=;mo z7CWo7`o^Zv0!;9Ovs9|MLITlPOBd4z&lHVo0LIX4N|7v_;KGZ(#764eF-7DU?6eDf zc!K!jPSLc^@&rWhL{BtS&-EO`_H@rLgipNC!6LNJ`^3-u)X)9o&mcU)mO4bcXtPC% z&q}Mo23$aA5y1i-wH90uBnZ&CSWpISPy~%3Lx@mHqEKi{G;zpKxTwGleYFY29}I04 z2Nh9HOTid|&}K2f6iqb+%sjdP2NST-8@16l_y=%668eMDS0lisJu8*(o_r5w{TJ@g$GNK((P=uD@C;|ZPF+G2Y4`n6A+Cr z{ku`wwO$j&v=BC8i&L^dHk@F(d2zN&6jSD6(ze*reh>s4y-_et(rUZ5Y}+=qFum;v zw_}UBp))tQNw+@r(*%u+EuD@*#Zf~&)OU+Fg9yHF7(RT1kHia%!05MsW4Is?ID+el zgIkz`@Cl$03ZgIyq)-ZgbBdJ+jL!L-fe9Xb+lq+r3QH9vG6hsK-PA%o)1@S$jVr%V z@i>qZxm+bZlS4VMP`Qw3Ir9*Lo|-%C&<^hKj&A@D@gNUyO^@|Rj^${M@vs@osE_-| z4X#2~KvGt={?Jt58&tz818DtJoDe#qlaMbtI>TE!W^ zjc@@JF|ilH$yYqu*R|+Z;7iGU2-r5w5IZTmXOow-TRX65yG(&Qh^0GQ0g7B9AM^Q@ zQ%RLS@eoWg7EYPgkFB*oZHplt3w(%yDt)193A}9apTaAMq&rn~S-cdn*hobigku)KxEZU#8nslh#PyURc9aW%{`4_c~BI>zMlN&k3gB3bx=2#^C+@PY7<{DV)y^*1iu0;oB485x%?9k@* zvrZ?l(1LIWCkTssAOc712W2pw01<~TxT!P_i!wfAuvp`>sK_|>C+jqUvUp@fhT{QA zWVA43vAE>1sN}L(WJXpsM~38-a{))REx@|daHxS;D2W+6t5ja)uYdcf-(Nwk^ltg!el~@2Yj&P9Yv;IO7f254+ zY6&GkjD9<0;7j9pHV%3|D|y}rc3x(ic&^P6hZ!hi(@}>a5Dk5%hw8!yioS|r=w>DQ z=4>QX9TjKmIEQ-!D|CKGeAceY++@nMhm;-@)!O7lKCFW|N>4bfY$N2_FylLo>3L{r z&g52LL}i#Tg*(V(WUFc5GllPh=8k5fk0y(ePPxxSX{gxbnat`IaEG1N>K;vGd~ku+ z)B-KA0@rfpOy=po^lIzb>Pzh8j4pW3eV{vxbU%@B<=10?>qNi2~)RW;@x~ zhct*TQ%>oi2I?MlX_%%AnFj0X$gEHWFM$qd`{-%NeoDq(=)fRL{%nZLq<+WB_C;q7 zY#);9a6TDikO9BK6_dILglvbiKInDEYJ`SodCmueo@pDf2cv==e&A?-a0P!33KJ96 zSI7lYK}dq0=X(CVgf2!XJRZeDDmgN_q)G?B6GkGAEaE zBBSyuug)mPawy+&%e(R}*Rd}La~o@}4lwgGNAomS^EGGlHh1$khx0g>^Es#UI=AyX z$MZbb^F8PDKKJuK2lPM}^g$=|LO1k5kKZxpIx$!D2OG^shhZazbU5@2A3@^wD7b`yXBxy^P_+xCJGAcOu`_GWN*e5?z9CC$b#)OOpg4fbQjbk%^P9ob*9ZtT$$ufpQ9$#c*&ymS^s!^M=P~bf}`A= zip+;Nc!CEn$8DSjD>wqyS%al#&ZUZivpfh_U_3VR_qV;#fgedSAO~QKRyWavXUv1#BaL5?S9xPy$Z zBA=)Apcne|xM_Mw4dadken14#z=z|iNd9~Lshr*plcLOTFz#~2dN=a-9VJw-7Ypz@ zEaOnhqd=^ujBJ~4CWeRm8vzmzV)hbcHpebu+o>Hv7O z5C?HR27*BU4?Bjsu{-@<!VbU86*EA88M8vjQtL|0lTTP=HSAI6aNQP=-r}6k=irJ6!^@s90OPV zckjrRmbL>Qbz9b#$bE2%{lkZZaa4oiSp0xq{5^b|dx3XzKKSOn7M>SI%6El)K5B?n z14Z;u79WBMzQ>to2Fc^pXoWpy-D3P8Lf28SP4^K!1pZ@EV6JHKgF#ps#E*Lls<`5C z$K_SeGc)lM<4w{{Rh?n}9{$tL8c%5Pn|B?p7gauM7=c7fZqJ|=kj>8EgRIx4Al?E?m= zpb}OptF1oysH>X!^Ggw=#Cj{Px$3$ruf47atFOTdJ1nuq8hh-pz#_XWv&}mDEVR+e zq^z{nT6-ZqFAU7_$>8iUfyNh<)F1+!|J1@O7y<0E7`Rco` zwfFM-FTeo{9IO7n0~>rW!U-2wu)+;H{4m7!1{E>I6R<&{|9#kHHdAnmoL&a`lDU4l8CP?TMh&C`5gul;sU49*lG z-DSsYm)bM6jgvpxXz>ITo%E#7ZzsncQ{Oi2lZKB^(6JOYT6%4_OnBF{P(xTGG38~Z z6$6`Hh+7(Q)I{AU)897nL&+Bu>7&TlH%)fB#*3>yH|rT0q|SeVHFvqtnNv-Z=z(FQ zBW9wLUjEnZ9jA^^<1w{fQ-{#eLxUe%k@Lh8UQkr$6GeEE4;C(L@y+bz)3veg)URIC z^Vq<|5kGc55lCR<7!m$FW@Q8{#Eu>_pa@(%(Y_+IWFKmn0~Znjr|caJb1~5z^5ldM z{Vb3!`G~_4kU*a8`2h>(*+>-P5C{Pha3H722nju>4fp+{gC2Qc`OcTV^>J)^NSPno z%HTFP9it-&F`z~;MG+9?gFN?u!8~r~k5hz44bb3N{C>zg>-o+l`r(K;w&IU%aOFVk zm`CLT=nFEyr6riM2NiD!4F@KPK!&Luz$};$49+BZ{#YIys|XDXkp~|W$sS5N5)ScQ z{zVFEB!lx{NFca~L>xDmq9EzW6#_-ChkHvK5D{{{nItkMZn4NnCen{`WTF}wxt&Cu zf=c*ZZFe_$UVgs85d$sL z9!~hiI#~mj_gyTD@4RIfuR@~f$ioo?^yNXo=@J5wBsTyR=vQ9TMQi|}hzW~kUyj$u z)1;<67sRqeV7x7^Q{d}}| z7ZmB%CgjX-nDrk=*^WQD!%{^WF|2DG=U8Y8gu0?Nr<7?b?jF|De@tyAR!gjN1V=c- zxg~Ij;({BsfC)eRQy+ZbK{4udC&(%+N}y9nn;e&hhG=1OWFbR4K&S;g^@#}K`^K#P zgr|BEY9w}=ZJxTg7RwX3|gsx=2+WdC6Jn|8c_8ObO{6e=b932d!B3R~*R-Kgb zENDH6HoN=`Xl~8hW|(FIJZg#`lOX89mS!}nqL)RBtuMOh(L((4muLQ;>@R==T(SEK zxWESXn7IzD-~|Vazzlvcgvs^a2vfMi;Bv5qGpu1;VR*wH{;=N03*r%zxK|x6F^W^n ztqH5R#V%gciC-+^89R!_G`=y8HRFs;h&abS{;^%0!G<0KxyVMoNsN!I$%S+OPwv805m7q!q0}@vyE+H3pOkVA?{#9p=F|vSy+JuP}l@~95}?- zvcLsnIPIZBovcLH#0iZ~h&!AhlY3Ypb~~~HafhR6gxrG&hW_h^GCoJjX^3P@BJnJH zMJ?=Ck(wqZsL8Pt;#ngaL?1LF&a4j-4(4HLjnpyXgNChbcO|$d$)3r#4R0|kVTK^ZO~{P+d<=r9mTuz&?K;6uU1DG5(3 z1Q3c~!3%7~T!^PaOz+0*wlj{GsD(Qw9rp(^(i4-pdSneP2?r0flZKY0kt)w1w~_&_7%fFeKm5W7EumgMqyw#K9GUoy)i*`QI? zKR)gY(uAYnEYOcH?jY`{go88-@q`1fs1{S8UEgdI{*cX)a*l^<2_NM4$asJb^s}E` zGWyA-K{S029zb2{hOaTzJ&x>{h~t0=*`PbBnHVe(sO$<^I6hq9qr_N&4AIudDG)V> z|HS=>DIZi~2FHSWTYK+AU%1~HqoY}`BMwAR)Zue)6OJ!FA^ETZ(je~&u_wgxLO~GNA_%0znaZP=Ye_ zc&0zjp%LSs9psGU$1uDf7-U$^Kcj;_$jLyA{85Ea0vX880Q$lg*aKB8VD>f12GNz$ z1rRoX7C!Kg%ZcCkWn9#l+DxR{Of*!bU7Az=z(X7y!4vEj{lOltVFBUT%IE#o=>4DD z1Wp{}oM-5REc_3~aRm!320i>>I=mhPvQ?c>oPg*c4-U}=ZeY|b+Nqrtq>YPzC|?s^ zVL||!prs0-eM>*U!WI1yQehz(9t59BiwPcq5in92w&5AJAsk}M8^$3Wl1#DHAs*t( z9OfY(8p|H`As`0J9|j^J>dGJ%A|krVAtoXtj>;l7A|%30;&lKeR-z?dA|_^{CT=1p zcA_VKA}EHUD2^g2mZB-1A}Xe$Dy||cwxTP(A}q$DEY2b=#v?O)XhiId&sWG}hgC3S2#y zX>Cnv{TMjF6F_EIKjKC8?9r#FpM^=)L*iJKuop-{SVJbq>cB(Sl-E6S#WPVylWfLL zA%wXZfooX|MgElaK#oI*5Lbv?+B9EGn2ss20P&5JWtc_0T%=>2*Gx=D;3ZT~JdTe5 ziU!_9N={DlU=P_bTeWN?-`odioB(-%WR0+ZhxjB#`4UA zlJL#&Bm`K7h!!{=Pv(VJw*CuH%0xyMAG1BrQCgKR#F}0BM@#qvSw1CA*oYju<4~wg zmDnRrY!4-9iBH;4ZGezWj!BuE$vmjT|D2FyFp#n-0u4D31W8am5ylh7a7Pr6bWudCzlKa zbxwnIZbfiHK{beGL>+=~5`hujrc5g4wNND}5yoSJN=P2WIi*1)m<1-u5h0bwAsvW; z)B_w`kvvQZIj{f{{v^(Xrky4=hCjGMBq-5`XvrcirMAGPYBj_Y=o(biW=2$~A+e>0 zz-Nm}#crs^KgDJ9g#%0g)`5rv5S(Zv0235IgKf}*BT>a2P|{n3LU*pqcfw_O#>9Aj zL>L7I89}KU-N8MOKmeVQdoD#_&Kf=}28uGNlfqDxhTV@E#D|6`MbxQn;OHSmr5uKU zKgtbig$iRap(#ZLJ%CnKpi_#b#Y*G?ZA=DSNF?LPgDeoi`AkGI!G?GggL!IrN@J)6Tlgxl3abqet95*}CpjB2}-Dov111g0u^aEMoc#Y&w>tQyg*R&1>TM-a-WPVOq4*oNH&0~z2$4Fv0M z^u||g!m(BdykzO)G3%BP7cw;z0ky1e%tJlQLVKp=zBwveoNUUj?2__^Zy=_)#gxY~ z#>IX`#yTv?Fs4sDWIxbIP@UhahQjI*R&7{SckHMS*u!#=gUI27qWsZdUC3FHr%PZ* zk|6$7KO6Db%Ie`hEqGlC zJ_JwTr9mgiRBZu@Y&zaGc!;4OilP+B5pV%_%1c7d#PHU{J)EHAP=vVwR{|$WME;Pb z7O)}QB1DlK30;I=HX-n#aIha`@AiJfxi&9!v8A6LsMQVyJc5eNLRdWlO@rn|TjEzf z8cp$1m@@z>BmOWu8e$D6F%!4Q5;rjvV+MjoF%?Vk6IU@7`@|GyF&As`6?ZWh*Tfcw zF&T^T7nd;_8^;-^F&U3B8?$k_1n(O|@ifjcA=a@S10o*hF(2+RALF4P|1li~vLM4D zAs2EP9x@_hp&~DG6E?CVj~^sQa_&tsB^#b4Uo!dKp(dkaCU^3-Y2lzn8Yt)D6Ea#% zJQ^t<1U`5j#PwU6#NAb40mQ9jDbH93M&Ut#AY67I`oY(V#9gA2M?L(){utgQBV3U_ zB=d*d-7RY*Co7)$_40nW0!^}r%~8cbvW~vZ8b9drGb>p6fm_vd-&*MIFBDv6UYvH2 zW(wLvV5$eX;X@G=gP~NKOg5Y%?8(EuK*hNY$^kR^6i#_~of~)^8Dx(GX~GTmz?HxQ zJ_iGVfFAe+N;p5wI9FXc3knhB0zHV&9}$StJ%eFPh5Q+ieY!wPaEU!2L(y?X3qS+W zX~gC(T?M+$T67v6EQkNS1to~xtj(H2rvXS~gP9JVt>{A{)Idv9rutPGaDjlL;CDiU+c_YCxlf`Hc~KdS~m#zDQ<0)lsM1;B{1A1 zT*Aw_-C1iN;9<5wl&(vF)-?#G{t2~cyWL&qHS_3$0j@S{N3(19USLm2NqZ4MVIV!g zfI9$#M)X4{h@D!o6*jN{WxBLR&_hh4b~bjf1s*Sv+tdtnQ+h!KEd@emIeOrmSLpDJ*c!os2hlq2U<@Y zYe3&yC<86K02{^@3R*PCvB!)5KwYOMML;wQB!NWF1B#{1-i#V8R0YMAC z^p8h%xAjDzjWWFCgTU3$PZxPqTlc^iiVGeA215CqNjaAH;wNu;n{~ODrx}=sd6|tl znS+^`pShN$xtdcMo42`>y*ZpK*~iqPo!>d0=eeHmIiL5rpZ__a2fCpD`7O?QGRnE3 z7a5`_x|L};qwBGwKYAZWx}*a#rC0hOUpl56vZil(B6qr{Gcu@$`Xi4zsY|k{pL!*m z`VD_d4xeMI2My>3<6=!PD-ZEH+PY-mI<13xMFQ2lGV%Ve2VSrr`jIE7-xPavAV&FI zc~1%gQIK!Ks=gI23= zQi5=Nboo0izz@y6E4xgzoIY5>w%g80 zrYXG=JYXI?aU{IR*t<)DdyS-rSfOXTG4OWs_R~s-Z;HHHtY^?tNP`sT`s{<9)XELb z!TJ!W+mKF%p28EP-&>fcb+{msgu@cl(8|G7eD;V;n&$dMFK6b>!iPIjAj2{Du8#uf zaOx-46T!$UeZ@Wy6g+|YxC6_BuwTZ|dE7(#c>aNDM$iP!-h28$J@CBG=MM_A6Y=BQ<{5mFbyQ#+ZO;rIZI{ z@B=7R(f_pspGx1wJDVJR=@?0rJ`_Xs-GdPn{WW-=zP0H$lqiN0zQP|q!{4MFcp8la zNu9n<(u#!ev*}`J((PD&QAnS)t~)d!l1GgNfZM026ntQse%hh_HmE-9Ly_ylzU&v$ z@ke$U6$tKcyy3$W;_n-?7r`cg>r2F}$&;sI!oRfk0JS;?Hz-Q>G!hieH9MOWs%Qt`LG7%$G{*2xXcM1KusxvPkzm3>5ZRs~D7d?auU3nU4 z@mQpU_H6*`n?QKLtZ9`&c|&Ch*hiWRMAZcR>lKoW){voh*GdN;Tx z{OU4cznC-s;hcA`$FrVj9bU~!#w%8|`{3kaTQDI+i4-kj)X32zNRc{C7DK6$C0Up< z3HqyfGiOrEmoaD7yxE~Md(Jj5ZR+!B*PwF6)tJ}skQ+>|H>v&S&zGmLGv#Vk*!nf5 zP4nu_qNuaywHs>j!O(e4AVIG(dSfyTHz77D^YW>QD$fy?FSE`0DU!<{GCPI7#k!Sb zo@29+Y1&L%nR9*n_wnbS&D1IW)T8|P@I1&^A0@m$TJT;_1IGoKFQ>hO}`gmjL|aBK+{aL{!9Z(u6|6R3!4o2 znTMZ4Y~m*r+dygP9w)xZEyEv65|X6%;__ljSIEF;hSfl^X&>#-%Evi>KGKk{*^as6 zAATk&rXG?KEAt-J?qLBTdRUO+AvmJK2Z?XcqDM8a=#$aVLlL#?M$-HX%AaK9%jXJ? zNSKGVt%zKcl1Nx9a#Ote{1YuLrF_iHod(p6EV%HoqJ=Xb+7L}O*>n@mjpU@$POtLZ zGgLsG6O<%+3Qg45W9|N|Pep&U&D|+x|L$mbUDME!Ab{JwUB-Vyv zi!r8lV}7HW}rW;f~uUWjO=KguC&+8wFVFqm5&^0S{d8!SAy>Z@l-e&%mX_S94Nmn&s_7(InQiyg&L2W9`B;<-1O6lsvPyzS#RC-*I|!ccKuYJ z-S*pY&t3Q3d8hre-hmHZ_~D5!e)HOmPhR=unQz|to{)cD`st~!-uld=zh3+8x$oY4 z%(DMp{PD>zU;6OPPhb7@*@qqd_Ti6T{`psapZ@#t&tLx;f8XE#{{a}lo!C!+1vKCR zxko?*E|7r@ES>@#7(oe6(0%=*-~}<5LDoS~gB|qX2NA_V5RQ<9B?O-ZO_)Lzt}rRi z=thlL7(*G(urny6;SF&JLJ{VWhdl(~4t*FzA<7SkLp0(M$yY=qE|H1WQ(_aL7)9kh zQHoWx{vz+FcttI4v4Sw<;upc#J7+|~i(xe58Dr-Rca#y0ZFFPjoY4t3zLAb~99$gd zXh%Kn5m|WT;~xQOEI$U4kcG_8APt#FMP3Gxi*)28gOWu^PV$YCq~s;dXh}?Na*LYe zTx%4Fs<@8?WtP7{98q~mBrdg3JKIh$ur zbgt8Q>SX6TgXd0o&Qo{tq~|?nXHR_Y({=jf=RZ&9Pk=7*a0NB!K@plzg(8$E3w7xJ zLm{eA{^fC?n2hK}G5XMkn$83ht>`H;8d8xSZlj&+XbWxl(M^t&r6DaT=T3?gfvQx9 zEwyPxU%I)N9%ZI9_2Er{y3m|zZl^}+sZV(rRHYttsF^EjQI3jK94?ird26cWo|?Lp zO7)Rd_3Bk8m(`&}m8&!KYE{81Ik5`Gg%mBTAu)=ARoG)T@*u?BRA7-$oFEtc5Cq;L z;g433#2$qm2S(GnCSY9Q3P^CvO-wMYe}Lm<3K2w9{IQNcFqRIh5kwCddj(QFg>ODt zYb3Y&)F47ayZ z)@d-eC;BMEGx#&vE})?))-6Up8s!lGVpqF~?QUwnOGu2W0JGG%>uslN1AEww4F1?_ zF7zP?-u|Po_8^q3tD*NevB8FaOWJkUesySZ5qdz)^j30v3?Uo^4&SZrgTLFK=# zYpal80GG9K~>j+~_>hug_huJQ)5yvgyU`KNh$i*T9mypKBP`Ogm(bD)!1 z=tEC%(T%QJq$jo_D?Po$r13``-Z{c)<^z@P#-0;SryB#V?-mjd%Rx ZAs>0kPoDCXxBTTXpZUd8!|ee906T-BYy|)S diff --git a/images/CertStoreType-CustomFields.gif b/images/CertStoreType-CustomFields.gif index 1b8abadafb15354d9b79f6ac117cb27478916bb1..9aa24fa04255189da789273f3e4917d11e52edf2 100644 GIT binary patch literal 19975 zcmV(`K-0fRNk%w1VT=N;0(SraA^8LW00000EC2ui0E_~y0*C(q{{R31001ul0a^e6 zg8>;<02qM)9xnhYSOF|~06&BPPHF&Er2<)#0D8g_NK6(1Ru~d@7%qGmIgAifj2T*@ z8F#)O001EXI3Nrf9~Mp{BQPN=P$WokDHZ@ID?BMUT_{_QD7ghN097{$gEuUODLg$d zeZe{a06PF5I16$&8(KLxLODBKJ3Ev)O{O|xu{~+OHgmE#ip)g-G*SRULI8wB3voLZ zjX*9UK0i1>LqkAEazagGL0XbRVR1o;$WH)LN*GW|a-~RexJ-J-O_0q|01{IJcvNk) zR*S?P-(vt$S{MLY7+qEvF@PW1ZpL6Z98#jMF4GXacymlaCx9{ik5GQsBMtDXqMJ$rs8L= z>vJ$UawdLrJWFspk8?^UaZNmRp2T#k;c~e1d>BxCDs6mjl7EG2dZN{Y00DvkGlKw8 zfEYJ`Hvot^a)mz@fKhdZSt){EUUh9*gNuxZpS**f%Z0h(4U zHJf*Fo_}bYfQFcnn4O@an#S&%+x@0j0H$?GqKt~AnnI+-Qol;pbCRdpZ{)m# z=g6$=*0AtdS@N`O>%Nli-Nx_m_42lX^1HG4)t&hG`1t<#`$9tdNlE-#TKsc!{fvzL zprHM=wf)J3{mjh%;;i}N+Wz&#{`=nk{{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ASrHz|lPFWFT*y?JfCCF2EV3V=D#i>Nw$e%|JaFJtviqx(9XQH_Gi$E8*a~8T zof%t%hfIa()2EA=G#Ia&iWl1ct>ZN-qQ7NgP@D19ksmKs1J`9T{h}BzU#nxn!xlz& z?U(9qpq{Q`&F1Ua9hS4g-E-o9p{xEpr%0N5>f{7lzt-08)B1nWU3^El4v={jYS2S0 zA0u{o9F6(oifKIf@Q4ZkUc_H)6Zun`d1+{~U`o;5XPR}{WvF36;ThARf~C3OOEx5y z7}-JU!6u*zSC|yvdF3ad@K~dQeE;n8g$jxM!%m1WPBh^}75Weh zHN<2hoqS84#7>FSxc9<{Bx1JVm)V8Z9e1CB_})T~{gYyBmJRe`Ujq_ZkUzDQut`B_ zD)iWrkDd4q5;#29r$KunWEpx@4peADbiU>cLF;HzTcQFjiV!?r{$uGvjl#fSM3!Yr z&}3kidX|`ECP`jtuq70aIsSs2wnZ-M`E!g4MV!+GY9x&3rgZrkL~5nj#HvCGW{jsR z39$_4gLJ3C=GqI?*oWFC(=zy~l&1LroIvZ0(p36-EOj4KlY`O%MC6(`cJy2vFk2DoyL|hr1o7Q&5yF=W||AW-X^gNhkR=4#$Jh8 zCPwA8dQgw|sd#IyyPnqToJex|;B=-4q$_IA(yPt1)lP@)d+|sEEoyqeqfW}G$!9Kc z+O+obX+g8*qiKgEdGvblbhET+ErMt5#Lg&9UDJ%#qJpOaMYr-mJ_qWWdGQLwk9*U- zpeo07TjlZGNHVNYr}rmCPJFqJI9k*WW_eNQVeG@T?Qcdo!0X z2{j~&4FfflPYX^q%}BRNHtb~k&&)|=0}ns6P6E$4Ukrg9KfOqo$d#UhzWR_`P`=K; zfgbcW&9R)w``EslvuhH<)2c$u{6Y=-?7&BVL-Apc&0u>huC^i(H=AZVJFuHZzJouq zGTArwsaE&=b`vsYsu`7cpBnM_c($58G8wL11hBbPPkspjU$ER}pCZjHW|b<<|<9D6o~T@M876N1y$YoSV{EOH^1>vP1&;50O3=>gMbf# z2$|UyVnIeSHf(lX_}`K$2&meuiH4WLhQvxBiH3>Lh2U|IlgikvGaY0$#=@F}@CZkO zxTXXivJV{w0=_+#aX2E|q31pYxFUrtHmVy)Id0IawMl}Hu-H|RoJh*0bm&8)VU@;k zI3O^tNsID(lR;J#$%Ck)aQBG;8r6tL3ckmJZp_v??jR@DSj{w5kQj^ZsDj50(?S7b z2tSsAOH)kfnWOwwpsKe>a1rx9(d^44aX3jCbu*J?E1W5wb{`Ct@|{INB`R0tM}&!u z2+96=<;e&*#DetCG)X*&I|^5YD)tQ#yByCNf7wPXuE(4^bPxHIIHW5u)0y^h!QKoi ziB%>fa@Dz}A`2270C6)o8Qo|VJKDVx!UqW?Foo3+DG+pWv6IL&DBtb`&z=fpJNRRy z{kW6Oywy`tEfa`7w`V7}*=5mF)^W2u101>?E@^`U;2u74Vwerml(AhRCR~=)i~;Gk#odI$)bq{xgVn8VzE3 zda{9Aw4Q_F6rUMr2P5K(LtD(6ng<6-#Ici!1K1xMnkuj2qoR3JDQdt150aS0I%0vG zczlD>8|DR#7Q&8c@In(b(h)qU@o7A4;#2$}Ml4o2xI;u{(!1pc85soYSCNIIKzJSt#|rXV5=$~#zwYB33ch+rYC>` z^YaU`F$_o-!=wI~#-l@h=ytoiZZcZ3xVQc8dfS_BIIi)rl4R3+`}^NtVxMV>I&Xj* z{NUJG4y5N+YlJ)e;Si6w#3xSiid+2R7|*!IH_q{nd;H@d54p(xM^5sRoBZS`Pr1rh z&hnPK{N*r@xy)xy^P1cI<~Yx}&Ueo9p8NdgKo7dmhfegO8~x}=PrA~V&h(}`{pnDT zy40sm^{QL_>R8XZ*0;{}u6zCKU=O?4$4>ULoBix)PrKUJ&i1yu{q1m%yWHna_qyBt z?s(6;-uKS;zWe>}faeq{0zmixbf7UcNk;%I0A9oHK@lw3M-UK?5q}IL5?Y8FODtWA z&UZc*?Dz)W{Lza|DA)3ZuKeH&9{?t7q#t`I`~kK=@4)-SAE_ZINRZQ~#@eU`HSAOIdfct3yzgr@|yMuITHi16?ZU_f{UkO=Xhisvu}gm(ZJkbdPr zigg%&4MBvAvxR3q# z56MsfG4qU^5D&Kye(`V(iQo^O;Ck@@{tfuZ2yy5SzyN?2;SaY^f{L+%jtGg~AOMFz z446O!(*OwqfCjz*3`toGx{v})ppyZx1;ap#LqH5;pa9`Ef&y>`p0^3>Kz{2GfkSx- z1;7c6IF<-7l#tMR;}-(O&;VRdNR3@6jm~I)A4z{9 zIg-?)kBA9*$$$W@fRbm4k`53L?;r$?(GP);fIs*smzkNHDUu}l5C0gDw?&Ucw0eZ6 z07=4r&qxQ!L6G^-j2w{puSP?qOnmyTwkH`tp00C+K5E<|g4;wgsC!jFEpa9_T3Ju^4BdC?}5Dh$8DVA7x z4Ui4wR}LxAO`2&0j7Xnrz!&>~1s?eaA>a!Vk`cJaeTsmCMF@m^Ifz_XkO}yUvd4!w z)PKY|OB7n1|3Hu#DuuUje*%#XQrMaQ(4hkXqVZ6n^hX1*iJHQxRMDWG(XatK@B?Gu zdhZ|y8PEZ>L692C5x3BcD9M8&+MAH)4PAH(jJKXLN~6Pxp*T3C0x=E;ume;YeTvYd z$Vnd1Pyi07ia*H-{-6vfP=~YNo!Hl(ai}KIfB>^#o)R*iUBjO9F@o)>f0EC^1d!kCErRoeQN`E-2qbw?s?N@*pDFKh-50%h<6{(T3Nt+sx zo7@)wb?^>@h@i|_415rc?O?0#lB<|%oLQOC!%01o+in|+9Wd=aRr(0c0k5Wc9Wq^Y2d zI*7Q+1W2k}lR6N~daKTgq7B=uoVuZWL6ElKp#;&H@o=#Q(W;da4I0U!M7W;DC#?>P zjA>vJ`Je*EK>m;%d5{UYkP(p%0zj7>=>WLuDJzKrkVkwbFs&vlvCm4RD5;VxshKdi z55SR|H7N{{T6wP^09sHCPKg2vKn;};ewjD`oS+V}YAQ$+ODVw8e&-q6krVYA_>mGi01$X;pY#!aEtt)3W))z{MUX0+nM`N1DpU4$e9iY z0F4~7fFC-o2RpPuTe&Ezp|ZIGb-R)mPbC0%w{;30 zEBFq&7yv_%w<|~v-RqY9x|+Pm5CzJ59yx!f`U;DOocq89zDtmUohFgh%FX(tk>vhW@2Kn%~e z4&cBS{E&kD(89qX#FbL7L;xG7x4IFSxdYsFeD#f)$O z-L%DE9L8ci#$;T^W_-qIoW^Rr#%$ciZhUAW5XW*n$8=oBc6`TpoX2{+$9&w!b^ONu zMCZqXJjjGx$cFsKfIJmcyU2{($d3HTkQ~X9Jjs+?$(DS{m<-8>yvdy0$%mZDpd8Ag zJj$e8%BFnEsGQ2GyvnTH%9N}Tt{lsn$+mpUxJ<{iyvw}Y%f9@}z#PoN{K|=3 z%*K4o$ehf|yv)qp%+CDG&>YRuJk8Wx&DMO)*qqJUyv^L)&E8yf!yL}yJkI1?&gOj1 z=$y{#yw0Kw%aifW@Ep(bJkRu8&-Q%J_?*xBywCjH&;I<+03FZ*JR^e9WBxrLDD+?(?A{6LOs+(UDO)Q(-+~>M!nQb-PBI~ z)KERsNNo{H9o1HS)mWX?TD{fyJk=FZ)fWv8?7YaALC=tJ)@Ys9YQ5HM-PUfc*7p3? zay{2{?bcj<*La=R_3YIY0oE4n*C`Fyq2khIEzgC`(ub|rioMuZ&DRql*b@!eCN0>B zt+dFOBwLQ-rzvrl+YsU02+iT| z3=LL51>MaKcQ*6%#y04?8pUDn_r z3zxCqHD2WMOyoCy+y|cEOb*r1VB+*_4rbsC^c>+BF3+z(2LP?%58>ek?d1{93ZS6n zBo5{4;0TGJ;v>!u(E#Q99OL@T<3?^7I;`W9A?N<=DY{4&%)I*Z)ioen}3VQs(gdNM-@?7;g+1Wl(BI^3>imu0G*0W2(cbiJ;E3MqTCM1lAq`oe13fSaB+lTRzz@36 zgg)@%Ru0{}1J7B$<&$2~9^Ma*pyk=k37Y=lK+x%v@#+06>iE3sxIP)hkm@^r>#R=P z_RQz7F6e=N>Vt0MgN3v$?&l8cc77!$zt4I;&wQQ@eopW6 zKF@@%ZpKj&!tPByt4&^YHZ$9yn?a$C4^5HHY8_y2wAPOn| z@o4MfBk%70Z0~PY_}uhKKhhh`;oHvf*-j2Sz#U|8-RzLv+r98_{`RA8>-Rn0>5kc8 z-{X`I&$`aUWi9LZefgj-`nQhcpMUn9ANQ<((>fpNJumKKJ{jfk_m3XXapq)R`_BGgu?Dyum`~bmD z;6Q=k2p&Y3P~k#`4GlJg7*XOxiWMzh#F$azMvfglegx^U*gujbO`b$~vRKH8D_Mqg ziSXgek24S2q{$IyPM$q|{sbCS=un{}QyxY7FXqstL?t#IxYMaag;J+3w0c$RR<2#W ze&uO2>DZD`ftm%&4sF)2R@r)en^x{zx^?Y_C7W02RB*EV{skOZ@LhLbH{#w_{nX3m{GfBt4DRxeVtpiQ4fom%y3)~H2~PFcG3Y}&PL-^QJL z;A_|_b^it)T=;O}K6&>pTU_~a=FOe!K8}3vbL!QtU&lT*I`U%Oy?+NEUi^6S<;|Z* zpI-fX_U+xjhaX@5eERk6-^ZU{|9<}c^-GT}DA}?jus{P3{A|141_X&g1RsPjLJ5CT z5H<%znlM8RH{_6`3P-!JqYyhJu|yLM{7|nEH(K#T7hi-?xD@khF{2t|#4$%5Pn(gf z8!!5CMTzI{%OsK806yrZg{TRS&^SR- zG@(4b+Y_R7h&fauL#5&pr$G|}R3mH-(dHm({>oIMY!H>R%cJash{1J2A*0q>H!%pC zGG>v8pItVw$k#Gh8OR(wc!e=igp{$>);UUj^dn^tnzdOna9wCtEet^xqHoMF<{VAB zWyhRIfF0t14Ug+C! z$0f+uG@xaNnT#L)9*AOwK&F-yV+djfW_G@bWM_hAnipM%3rZ+rrvx6j;Lt2>d7xdk zFvjL}dZ|@kU$wxOj7hYic;2#&nblopz@C_1GMwI+opWd<;}Cbm_{TfK|EeH z;}F!CMkxLU2)F~1?SRdIUMSp0jb1p7I-m2J$@o{QxJ7S*y@=okE!eq%e9nIYQD5H> zsK9K1Fc#U!9|d>Ty4S^Sc4jEXF#6^we<1>eyE2C)ib0KLfGc>zGZx$=s6UFRyM7@$zdmnQQm1bqbg#;(@aJ}%Y` zUGthl7hOgT7^1-#=5QT5u<XeF=5vP5=UQbaFvn>Tk-bTN4NzNcCxdXxH9Q8W9Y0@;GhOI zzWy<;Bcf|#q?DH_3uQEds0)fwtYRoZ7qvqE>KvJP-Mn}=JVnj|8+fQAQPv2cHYVha z15uw57gh#b39V;oxE`=b*FB8&au?e)T+klpD>KMqW=S&yz95;gBu>(s)*{0*o3lxF zbkbM&gq$tsH3?}TRH2n zqagcf(*JRgR=c_;@JjYn;vG$wW@L;}bHmV1YE>3E(<#Exx)`-SDWiq@A~@Q|{zt|9 zt$0@zq#s9$OK|CuUEEVeR$U3mS-g~hbL}fZo_G*`a;|40l_$1soeQeLuNGz#U${1>zf9$n6XWLMYW1n-9;L)k=1IAu$s*S99RQc)kqdpm(erb z(s<|`wl=S~9E^nD^a?!z{%yG=OeJfx;aXxTl2}ma}a8`mNl)b0(2Ix zHOqagG{Y>2im}FWv~Sx37SrhYvx-j9kUSGGuPPc)G7R)+#>Lr&zsI=#iL@1VFpFMC zH&H4XUlgMiw$+6N;=6o>SC%3U>CuvAtMt0fxBlAID#^godUZI&X{#qYdW<_#feOoN zGf0kW#m-VC%?#A&mpMdHIuOJ38*BdE_#~{R)H4dN@-^09;;<0Hr(EE7DJ zFwh^1N}>%dvWXCF(DHI!BXQEmQz8U|eOi@N{H*AQ9ooU6qFw&i3Ek_4cf2#y?&S1Z z-uK2gg6K`Kcjw#R|8CB{r$Zrt7u?{=5x7zhqVR(^+~HSAc)uS$af&BsVD%<=#WlWh z&LrGF9|w8JMLu$pm)zthM|sLszVee_oM0~33pijtbDG!O<~PTA&ULiy zg{~%;3!FwnM|#qgzI3KH-RVz0ee7(9d)(zdce>Yo>tgpg+3mh}zW3ele>Xeclj4tN7{c&}N4((=5f3B* z-tmuzeB>p6cejsaRBvg~O?x8C)yhkfJ) zf0WXnek}b^J?n4ZhgQ%j9?UqsHyptD*mGSSSL-}ikW!TBgj z1{20I4hKws>9bEs?a6}s)strYyr+{tP@#x_zyluM*ZMnxaEgD#;~Jdk2l`Foe)!wH z`qw{+?AyNX>%XA`Ka>!^+si%k+r8c^33Z499q54Gi-&0VfE*YCZRiI_*ntdK1Ao8; z4=@2X;J$y@hd3|+4&a1;=m$O^gAQDS0u;J@7y0cS{u3Rt~q(1v|r1rrQ{R#3k%bbx+nghXh=R%pRG_=kKT z0RSAsovXkL=m1h-LG()o8Cbm_1|lQ=`9NJ9o(LkIi^?qfWEsDwmVKVB?6S>U}s z97YGohY47{c(4T~$iLqEzg+A&c=!fPzyL+K#w*l5aSX@*OU6U|L~UfceBi`BG)F`H zhj*|6XAnRWv_6061yUFWR3t!k%(-3uEQww`ieG${^Akp5EJ9B}MtH2hTYyFRfeh?IEg*wE{0C^rfD_pG_l+XEOI_ms~%VP+B$h^&?&;In!|HL`_B)r5U zP(zpm;sZtiRnP@xP!Lhie{9eQmCy;Lx{K4h1f|dn)zJ8~&zZZ>4F%B<4ZRM1P!ToJ z6J10Sbvc3#`{A7szRKq*<(?8ug>fA|`aL+yk)I&woyHr%tW6y!a zPNE}=<4eBf>kZ*UP`!u;R2TqZyt(Ex2{9ap39!Aq=!d@y%pFjKcenv#sK$6OIg+K}Hy@#DZdvv~hFiI@U zfeHYJ9Na-^bpUEj)`2b9OnugWXorQpK{ljV0i;)ZEs1E&2Lf=0XdqaP4Z#r{hXs&> z9OwXc&AE7eS&rpF9|S^cbU_#_LR>h)BurNqUDv&IS7IHDMtnq*>;yxE%2wEiAXq_5 z^#@O=gA!y#fh`7j@P=0WTBUqhKLE!)FhoEk#aYN&6O>ywv_)sgMvK*kSA>UtU<7bf z*>QLPC}7C56zwGmes~yCbMZb99R)2^Ecu+q!aK>?H0BxYg zapXDvs)a<3q(pMO#6wKPO%%)2Y+4b0TH!QQq~JzxOjQ@C$U4Zzplk&=bO!Ew&gh)n zWKDx|kusZ<6i z2LwPoQ^-c>V}e@%f@c)PWMx4<*cQV>1mero0|?9<*i?%2SOi7LuccnS6+r9_+&}yS zgKfbKHiQlKL}0K01kK*_%?AcPJX0uNlV}G~AB#CT@hio+22M_}K6I-+`2IwnUei%;j{njOLN*0t`p)^5b z@ZGzuzTmsq>s`OCj9wFT0-3ypGhV%Y;DQ0L;H5N)^BvwTw&4|KJjn&uA|~CPyW)n_ z%0A#qC6>yt>_pgwVhxqzcCB5M=*-Wg)OSF^9oQK!_SiaTBb%;?qQ&`J^?gkz}%T> zzCld*fkGGq?UPK(yx&OHxlsm9(Y=MyEX~Y3O{VSS5dCCfJ>as?#;;{a8U8#@l1R>X zhUXFu$Y4c@o_yCa%!eFE-7%!s?+j0Vj?j1}R4S%thL&hw%~QY0Pd>%aiPmU4ebYEa zyaT1vjTUJ(O;hd|>60dDf3~>~Md_AS(2`ydmzL=*h3U4N>6@O?njQ@%#p#}I(HKS2 zpcd+(ChDR#>Z3;Lq*m&sX6mMZ``;tk&wS=IXBY>aPatuommF zChM{`>$67dv{vi2X6v?g>$isMxOVGZb3dq->$}G5yw>Zz=Ig%p>%RuHMersYtS7n6dyx4{?Hcf(I)NEHto~a zQ9hDtSzw3D){D%37^x09Qee5-w(Z--?cCPw-RAAyPPx?kITlNAyHj^hIa%Mt5{X*K6rT(>rwc1oS%x^mv7H?$iMlga`S#)LfPr-9_kQ>He+T%0 z7kEl1wF!@E>VEK3pKp0cHP;^0lPJ`T7UgJgL`a-mtaZb!?b_k9=XOv zKWLa>&5Z}cP1_bc&q8EfXV6^EO-h&dhS2Q?p-f~rEI!k;&(--EZ{z^$lCzEJ12iN!>kqq*uqLmj{Fo@}v;_r#C}@K8dNX z;?eNL1#aL6zJ&+|0`>EO!&5yY2Kka$N&e?E2TUl~7d|{hK>N)6;a(EraD02-%UQ%L zz{l5N!!rehB#9EVe9YH|zX$wW6nw%rbHhjT&3^C1_t}7k=n6%ONrt{Gwm~lT;&uRI z`ZL@jtVD9ohiWZCV30mEUdlfv2{bN!CPqmAZRKlR$ABy9!_7F)P59ie?NnEbk+~kk3wUZ z4E;CGfl#3T)J3tW$063NTDNlT{_6E>L5LD%{=1lQe=+L4^lP+!g zH0so)77xLl6@)kFS_qcHE$(3zi&dimw*3Yho6EAN3IP&Dmmow)JTk`DPw=EQoGlobwA%zl7GLm-%YPcbX9eVg7YX`2!n}XE6=U`y{fw&@z zExPz(hayV%)qxF?D42@=FzUD?k3IUBnv4l{RpX4H<@h6#Nh-M{lLQ5c;#NconPQVw zT6raw96os?S5iXx7dTmpIVPE9BDdvqxyeIJG1O%9CY*7~IVYWU+Ic6QdFr_*pMCoI zC!m1}Iw+xq8hR+Ai7L7%qm4THD4^67LyUSw4!K};mIfB4nVow2DX0cws+guxjw+9h zq8%A3tF5~FDVj8%nrdjPzIrRJxh5HFiE7enq^`jVJ1mU6UTPw$rT%3rvCTUB?0Cj@ zIjgdMF$*oW*=pOGw5B5a>w^(iIPM`BdbTaP>8g8Lw_170THrQ%Ec}0P{R)ftX0GXbM;OTr;v1w$AYmmP&p$6l^V!m(rj})IP(>B%1NuX@R^kc~fEkFX*m{ng*P}W=LOqC8D zv@*^DasW{h+G>-N!vQcT{W@w)8|3sqP;Vx+%v+UoK?jE@`d06aEi0Gpr;7$#M7Gia9FfQvx`Rc)ZUn=_DV|G~iTHM?Z~#(8@bEI5Up((4P=b zGStU&%lz>GgSnWy_x^kEx<+TSS<|7HT7k5d7j_BUUtTH5l7xYXqdyJifK1#=|+P>2^#DNnnk@*fm@*%?WeMy`lu zA{R4@MmXXTkcfmNCP9fx^th5@5~Lhb(1H~Nsf>*DfD?7I$>aV34Fx>U76mQI1{_Ds zgIHn%mMf)|`bidmqJ=7JF(BsNf>628Wu7*r=cz`NCI)G$l@593K5r`2q5i1;p7(s1 zE78ahqB6CqE;8yWx#ZJ@3@k%Vy((4<1l4bqN?!D$SAOagFOj z_cAM7pEYE!G))v~s=u6-?RV=LQ6Ns3aWy6j=O zid(*H*0a9-tz(n5+r8lRx5mwDaKS~T<1%-$$u%rrird`jUiG=d)r)kgtKFemH?)1p z?smf~&+fu&t!$-Gx!x+?^=6g43-Rh#?_;mAvbVlOb+5y?Qq`&1x4-^3#jned`ctJA z#9&PsNIbJrG#&J9BMWY@KtBS(e(WJ5IpCUC6zWun2-v9rei}ZLs?VivMk)wKX;ykD z5P$5V6)LV>i+B0J1CJvC66T7An|j2&mG#553-N$QT;SiBxPgHDfDS?+kauJubPr2M z0-hXYtPOO+Cf;V_GOCjg3~nSjW-2Z`U;;Lf&U7H#S?4hPMITSqAV4KC%!>S!eRM$} z=J1I*Q}`fUWS|3^_#L19tPmN)j=~wyfdm8sKW@rTc`f-eQFrVV1U7JwOaPwnhzCYC z19>5D9&(9))<9&^fj8oFXD4#@plJ+313&Wzt6fd#*EOXi4E|sT5?N>ia3pge&7>bg zu_|ehotX(-B*_Zb3|h#FHmzmsw3`V`5CeOUAl{IkKYB5R4y<`;5DFSM-lK5}nvZ{G7-$XvODJm&X>_{e6y^XuBYwLCBS zbb;S<03#y>vt zldt^cGr#%He?Ii1Fa7CLzxvj{{_hO~4r)~Dx)VH=Y{D=8@sq#&=089B)35&Zv%mfB ze?R==FaP<|zy9{WKmPNt|NZm7|Nj3!|Fzw*s0jcTpaC8r0w$mWE+7LopaVW21V-Qj z3gEOD2KPxI24z)LRZuNEJ!gJ0-Ll6HI&wDwV(^WAPmN!49*}8 z)}RgU$qGu!q!dFjP@uOQ#t9Nb3i4nM7NHRyArdB`5-uSVHlY(fArwZT6iy)(R-qMM zAr@w#7H%OIcA*!3AsB|C7>?l-@*ociArJasltczKkb)V$Asoh`9L^yf)}bBVAs*(T z9_}F@_MspCAs_~#APyoS7NQ{@A|fWDA}%5$HliX@!+OwDeH=z9=%5OcAtq*`CT=1p zcA_VKA}EHUD2^g2f}t6%U^d7?eK6Z+O=2m$NfF+lEY2b=)}k%mA};3Qqr~EyfP*Tw zo@lXyEYKb?7Nap9BQhqVGA<)CHlzMCJ|i?nqclz!{V(YJGP@cz9T%wqdd+dJ=UW=-XlKdqdx82$x%jSU=RjAgr86nB~>!XRBolH7{>TD!Ttr*IMnajs@zz-BQF zL;az{I;>)IlE-tBCS=6sY|bA#xCsenr*Uj2cN(W}#-BK_iE@$Wa+qgmnjmt%-!sSp zdyc1j4hMW{CSd>}b-v#*l!ASVr}yP&YwYJ`@+L8;W&6zoDF|qrw5Nd%=UYxFZx%y( zw%;}ksDw^vc~+=}{+cHIi9<112WWaIb0BDf)`xe-UpI6piaIBVhUoSY!(_tWJrrn+ zs)mZL==L3_{JF!4?r3uKC}f)8X~y3?tixRr>1h~gV|J%((&qTl0xhK9JUk_HI%#5= zUW_W}HjG~=NXV6)kBlo>79Bho5JRl%0oD)LMaHSEXcy6lERIipFI?+p>iH^IVo;Pia2b;qeiL_ z3ZbN`LZzDDJz#34uIZ){>4L~+q}t~tPD-g#>G`>Xs;+8YKKmdWoJfkK<^q;3 zr>>d?uSV(qtL7kO6r*CGLLdLb) zhwV+Go)Uwk9>bj0sknMYwJK|L)`nx4D-g0PDah%d4r#nbKyf}mQe zzy2$$1}wwcQ*_2=F-R(BGVjqB87r2x}>*f~}e#u3~J)!lc7yY{yRQ$Eu&P zmMmV(tATbbyOsj6qF{M`%)aW(daId+tIL9g&hG4C&aAtd>B0srR}3xD=BuRg z>-o_s&N3|1#%#f=EW)PWrIIYwl55H0#*b3$sg~c?Ds5L(Ezv5f%Bli`p5Miqt$MX8 z+(P~=8?J50mS4-xZBR9=*`_SC+ANcD?XjY5x$>-}`t14Ltl+LH;TCSuw(GaT>$Enm zg+`~-mIBn8pVTg{ol>sj=Ig;GtmY=I*?Ml}Uai<_?bI5o>6R<%e(czi-`nbK>z?km z+HLxcEbV%&-qP*u{%zvstpm{#zANW?DEFSOaZ;@4l5O-(==j=h*dA=`j-T*$?Z)=;b)o-FaaN~`H4d|1hD+_E&cxBxs;u&G$tJN9d$1*7n^VxUrN2A>;C2^6bmfw!R;HTvGjs59pCXB-?94Iu^xwU9``Z-@-ZNv@E;Fy za~858<0c{}@@g(JBZsCVKk{WpvLrVqC0DXwUNR=*r6zB3TXwQ1lO-sJ@>Y&ADMzI# zpK?*Aa)0T=J-jk3--A9B2R{IYE6=h++_EJLGH%`j`OSkYw}w6_CSdsT{ykuYG4C=O zd#EqhLo6?)JkUdHB=cWT^FmnjUb3=%Ve>!e18vswYH;&ji1R>@^I2+heTg$S!-GEP z12|`eF8>2Q1oP~)^E-EQJ;;MI<8m&?GCvmtKe+QhU~@p%vN?+~FT18V!vj6c13M7J zFv|u#{IfwAb3`WwJ`}`7M>8(_vTPi4F4KefWwb_9={(B=NO!YIAGBAZGkcLUHM4_A z*8@#sG&1Y+Jk*0dq9>8vqSI$ZQ8><*n>#-G(;yxO^Y;0>jPBh zvs5dy1T!;AI|MZ^r9BXYFFQ0>C&pLXQ$B;VSA#WEKJ-EJ13jDm^;Va&Je0LZgS0Qx zbz-D+HYfCI!gO5E13lcxS&wx+6a+N`wqS2HOGET454JtgLtqocU^8@N4}@c9GGCLX zUmr6+%ymV_^=Fs0TywT(8@6JDHdg2ZG=KC!T%~9a^j5pJY3ns7XLe|AwmhRYY}58= z&vtIpb~3Z{Rmw&^T=j4J_EqZjVpF9{ua`Lg^f6QQYwz}0EB97Q_h%pTK~uFeFD7;8 z_G>4zY^ybIf3j_BrZ_KUVcXL@%mYcQv^?B1dHXgzwD)^^b9{eybr-}^f;2qXgL@AI zejoFH2RM9}_c@>UWj1px-$PTUbUp*~D<}0$TQ^8YI4u5CIBXmBLR_U{zA`kY^i@iD zL&x=qzjBFB^;;wKGEb;Sk6%69Gd|qybo=&v%QKCubzZZ~YA1$BOS1;8wqnNhe@iqq zFZWIX+YKc0Hn(`Wa)ZAz%lNZa#Iu0EH9SDMVZSm(7sNbc`9OO&LAZ6QO8Gy4IXly{ zn76cot1{!Jxtg;so42_Yw>X^V?3>TI^47VX*Rh=Ec?8QXpARpd<0X^7GCruLYn-`3 z$akhHd3e3JY`C|gpN2UPGlIu?R=c=9$8tW`xTNd$jnD9&yC*iYLq2D@X_zyT>-nV{ zC^u8{Ei?H$v$H^J^oomlK--2cyE;D;b*7uTlh`vrulW9y|1&$w_p85hq@y0AZx=WB z_h^f>Sa)+%bM&X{H-5W!aHI4^d$*%k`bJOmK(GU18-z%MGdl=5KN~Z&KeS9PyLK@+ zEJHI%`!YRn_)pU`PtQAQyLwee^J&xcQa5!w7qzex#JvYKNiXF;bGLxgX1(XTT-STS z!=AfSm!nJcJ2x}C4@6qawOC{Gk(YK|!?sYj_Kvf3$HTT*cQ%k)wp0JZrt?Nvv$Z~N zyiHd8bisRLGo`-M_P9&-XhG;0uGH~3(uy6EA2 zb2a-~>-U(K_I!hUYSI9EMtCwF#py?Bd# zwhR41+r5qdLqj(PWD~?yc6Wo%vekQD+#i=ZC;d~Sz2o=xc=tBhbG<=e_uo_XJ@|b$ zi~Zg6Q_3&2Rd9{eE8Y5 zZqK;*y>^e+C6Q0NzrX$0v$jK!fB4lnLq|K|-))TdHt2hQTMl}IzcZp&IY8VKsPA9F zg6ss|BdAZIL3jxn%DeZEAwh!`3qmxw{;}XgjT{T=v&hk7LUgPZWlNVYVaAj> zlV(kuH*wZ1mUH7yozmoaD7991&S&YMAp7CoADX|SJVqBgynb!*qJS*wOA8+L8mw{hoAOWP%H z-M@kv`W431d?bw5JTEd zFM38g&_BHjJWsFqNZO9hi+E%wFE-ONQ@p&M%5Y5X%A`|Hz2+I|Q0@x+XVC8Sp2?GW2oONdXkT>GzTx$dE z4&sSbviK#N+anZZIz8rjXmc+HNgqJx?GEUmAC&nrn5C}TC7KNy>rO#+?wVqD7H*iz zh8A48p%aVlSM7?U&N{q$>|C4e{mk~!YRIU*Tknmq4(VpTbN<-tm7JnjNQ(Ye3GKnx z9?@r%7Q*tLE%NujO`_^)vc^akYKgtAf~$zrA{rTYOH_O)qh*_Cm(A?a-rC`>R;{ z^n$Bu#T*(VG(o`W1a-TkA2t;fS zG)x0s7(*G(Fexyk;SF(^L(kMlhduP+4_jhGAP$j;4isV$k(k809Z`u*bYiub_(UmA zkwsCY{^Av}h#f0tu{JuA(&oMyEU?gjASKjEH^2TJPJW-B1@b6-XZn7osUfD{ZOe>m*ISXH)8OfBeLsYeDl&2*5CR!m=CBSM@J!W;Q za5l@E#4;B7)TFHH@sFG5Y$wXld8%6VvYM{s2{ro}7-EuzDJR-ix7^hvf&HsguA1fk z-|Qt1(q+pa3`H55^5u||CGVgOP3YhD6~BN^)1M<<%~Djw9gCbOY#ZSioietvmSK_} zBU8@wFsZVQJ;-Evgkwu9nzMQUPLC%2XGx99nx(BuZZ=CA*XZ=Lpi%6RIEyOO3`h~C zfsb)cwJORkmdKEfLBeL961J~EV3bw49&CDRn<&*;b>T{uc z6J4V3U%Am-Y;>fSGl0 zdkC!A60sw{9ro~tK^$Tci#WX4S)obzrovGw$44h_AxKE5s4QuTgFiaqCqJm9<*cwg z5fmXmOB`e&51GhCHu8~?oMa_0naNFd@{^$)WhqaY%2l@Vm9d;^PAxuXF1QA&ULo)o$;J!J@1*%efIO80sb9mK@XbHg*Nn| z5uIp7FPhPfcJ!km9cf8Vn$nfF^rbPKX-#jM)1CJ8r$HTRQIDF`r8f1cQJrd4ubS1Z zcJ-@a9cx+7n%1?p^{sK8YhCY}*S+@juYnzGVGo=Z(VcE}ubbWNcK5sC9dCKho8I-d_r39* zZ+-8Z-~IOYzX2X_fe)PE1vmJ?5uR{`FPz~Gclg609&w3JoZ=O?_{A}vagA@B;~n?- z$3Y%)k&m3@B{%uWQJ!*@ubkyAclpa<9&?$`oaQyR`OR^j{&SeCfag8;`OkqKbfFKO z=tSp8(UG2Xr7vCQjamBBp$_$<8%709PfXOYo^_#5Jup?b`eC#l_ONpuFkb(9*TtT8 zsc*#We`)*K{i1fcE1m3ahdbKmp7*V@o$7ZlyWRo+^SZ~~?`{wL;otstyC}Z!ZNYjG zv~d!4ECUHVPsBgmp@JC1qZ>Vcfi}!x3N66{9{ixh+6}^ZgT%uekDvk-(x8ok#G@7@ zFh)W4(FINzq#ZLLRxVy&g<1Tg9VMv3@skjbYOLWUs&BknqK*S?=pzgyK*T!kpaSW` z!ylBufid{e1)j4Z9H4@UZ?^SaNh;n7o_*}cf;lX z;T+(g75Z-@maqAquP&l*`oz!YmLML2K^r>n0gplZj6olC5B;=m{S2c1ZVx1^p$OE$ z1!S-OM!^M~f%tq68I%Ad3eX@9&?THN0l@<6)Zireffp+8`}6?`S|R+TFY`99^LCH) zO7HZZjsy7*24s&T`e6|`q5Bkp{=5JjT%iSfPYPWS2ac}_u0Z*iPX=jlF0#%A5MlV% zp$mpk1t?GjqL32a&M3^WtF|K(F%7Fa5Ai390_@16QvWxUdSS!1ny`AKn28$Y2GFzy*EJ z0K-rb8PV~eE(WxL@<<>N;^7yx!5z}?4ZjZ_%8%zVaRcj6CED-(;359b!3#dnA6$V6 zO7S18K?QtoAO5c(&cO``uoYqO6(2jszw__TXXi)F2*^q370c2`Higi;(n8 z5A_OS23gPbU{4$PaQ^tu1(q=d|G^(>p%wW7_^3emh%XeqQ2C7S_&kvl!*MGR@9-ef z@gfrXCKB)}k}bgTBBdfDHL@7(&Le9OB=c?~*P0Sz7k0suQY>#fEB literal 13949 zcmV-@HiF4VNk%w1VUYr~0(SraA^8LW00000EC2ui0FeT;0*C(q{{R31001Tc8Z!e9 zase}S08L~7Po@BM#Q=xL1OP=3Hi;8VoF5xH9X357LTw#TgBU@V7+a+v00Scz03RYy zECoa*8zm`PoGf<1D2mD`xdku)GABDbF+yWJ03Sa9XE_XVHvkVmClov@BRe}sJUcu) zL0~#Gi#a=)IYO{GHpo0nc{xm^JXwo8XrwuN-bnxeHvmsZ7gs|U1wTV{Jy@ncXtF|a ztUGtNJ%PtVlFv>6PfY+QO$KyVCnrTcM@BwZM{K}La*s)WyGwV*PNv~O3zIwy$5I#& zR8@*rXslO<%UTX`UmP4-DF9a|8d^L%Upz=#MF!Jf{v_-qm6~R=#30~i8^wZ zTqKic0FIojjIz^=$MuyWa*{Xzi%$=mSUitkJ&$!wl#Gm%ikO^4F`h{Pl}U1*Wju{+ zgq?C$o^(y4dsd;vC^L#i-xc!r9#3-17P5rB33ijp(_X>d~j^)V=BW`|q}A@5P<(@b&o4lJ?uT^yS9! z?cVkI`u)d-``)Pj^3wnM!~Xl_{{Qv<|NjX70MkKxcC4Vmg9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTC#jL)D6gof{*%a<@?%A85Frp=o;bL!m5v!~CWK!XY$ zO0=laqezn~UCOkn)2Bi4K^xc-s@1DlvufSSwX4^!V8e({Vhu8vK+w(Z-EXXD<@ySMMQx_=8FPP{nGc{P#m3~s!+ z^XIL*Rlzb-`W1LOnTx%bt~++C{ks0Mb6083Ewg)oUrNiu<* zJWbel$AnG}mE@8?`2!`5C}4OcRz4CL!iXl8>70wyp}E{KI3AAAgK!IpLB% z0!fpQ^`Rh1cj5RlVG0la^yNP|0_o3?Elh(?J#vJQ2T_Omw2ve8Num-sw$zsgK9xe{ zPn;5l@JF0gnW^ea9PyRCYhZA}D;OL(}_YC+Sh889!2cCopRv$p6RCaYhH0O`_qZGa%rnU|AsDGb4B~wP@1rx% zI*w_~f#c?UAI~<)>yp&uo{R!CnA)Lnf-w4Xj>vsV612W#H`XeP{rAq>G1`dDKy28F2_jz*sU9snb}cKZYatY1zCpcD7HkqCm&+ z#M?0qpQgf7;Lvf05X(K_@OK3?!a~T-oj0Yv#DHE$Iw{~gtCUVQQJxA<$&B0+4v06X zguc3+`Uy`z=g855G<^OspgpNfJbwAvdfb>i=Qh}}>sR+tgy%*@K2rrSey*6`Ir!58 zbtG*}!Fb>R6$hf&u}(?WtIq=4F(Fu#ECiBJo`LFfq%Co*AEi1{?`B9Cez7NQ0OOm8 zq=6$QqzY30vQn7ycJ(8BnJyMKN!sd47lH}`E?6%))cg9Oi)mr!eeQ@7+j500Y4`&< zze2%-4wXd^zT|Ep5Qe>0__RWiQHwB6>t2$mj)mX_>L}T`>_(qF z0M2hO;gb(($jH9fuwU8vmrar+JmL+{cy)w{t^OfIB<9J8EDVygP!I`Yn9>*pbDXpu zCdI^2(Te|B*&Jzd4?)#O37RO98ozWwMYQ6SxqzeI-r=sb zN}m4Yl{F{yhago^Or-!EE0gJxDORyc=<`Q5p(&Gn^shdGLjf{Ds8BIU3MU$>PwaTP zP!fI9iqG_DMa4A8p6&6BYpZDH-j~QK3IQF)RGmlFNz=EesYULLk0fitO_PSeMvAj% zCyAIhP4dSE)w@=~EJ?gNs1lY;B4{`L^GbxuGMi+INx3G3v-nL^nb{115|~PdI*>vq zuNx6Z$28M!`Y@yr3hP*zYSs_h@s&bQ*^gSn(t`FcocyUIQ|*w{ni`fYC{hvHaJruD z=@g!9g9#8zy2+t_(q4w!ohIo(3Vd{QPpgDcD`i#HD<*E9GK3H|wK*&wNR*ROMgFZ$ z`r(Vz`cbX1oe&aHDygI~^dGYA$u&ziAx-GEpox3QWbaW$4<7cpagokqUn1Ri<}jYu zsv_wwR;uRZ^GE&|8wV*=sEjHJjbQkW*A(%$&_*$t;Wa2M-&eBx71S2z+R^I5_|^Dg z3W|zb1;rp_xId`(9P|-Fv*3%5k^$JE6Z7p%9V{$+2>2$$wVZtvjNB#`%4jUSAj=r^ z2k}Dp#9y(POjL}MSP`idT8dH#h9@}hs!O|baI8$~u{p8QL2#eyhv7(>iw%9xy+JL~ z9P*Glsvgv|vMQI1hbQAnB*_NAc!n>c^jaLDV9EF(R*`%OiV1NTCQ`P~{#a!kf+Kku z%-1UtmFv?_36o3AC?K<$*%il=k}Irc>}GvvtkEkzR0*xf1=wth;zswy#Wc!~j@TRm z7I5{RLquSG@+cFhjqa?_vc`ls)Ly8nYi=zNhbx~v)nQQ@h4`3sh+d1lCR$L;ZCvBl z`UL7)S5VgXDKQg&dof(w2Wr;zvvTS4+mb0^)Grejh!G?RJEh4!jM0j2d%N4f zIMzLk!HP&g;~v{+#e>ET3|$o{7p?GIP0*bSM6@Cp;vIJ`6cKK6fx{TVxYjmU(e8ev z8$R1O%(X+l4G6~-us>Rz7PK0 zfiL{xyPf#PPkz>sul(j4o%zm>zN4Wp{pvrL`qt0BIB=ffks7*me~85C9$+00RIYW6=+lpa8oi6YFpQeD)N~kN`(f z55>R+Z4g0Qv2EWLZ~FiZE9ef9&{qHO4#2R2L(zdB7yty|gF>+mMfd=Wrh#ukd--sL zE>R9K5C%HI4^Ci(O+gP65C9rL6DcT!P0@ly(GShgg$~e#5rBj=!4G?|1C$a2MHm2B zPz?%TN8~~d1aN{Ea}5Q+hC~sCfEW|k0EavghW-~*4FtexPtgyx;08_@6i_II>S78m zm=g(CSV%z)2Y?L=z=nvZ6=XOR{?H8pa0T4c4HnQ(dXp_K;f98IG3l^&>F_Nwp${<- zi;9DB;h|o7xLf@&5BT7R9>qmQA&5CKiaQaC{2&He2o?Qc3Puo#Krx9P6^&oG5310G z51>Z&fC(mG0^7q6fS^p?FaiNk0eBb`ZfFGh@Bw=865~Jv0RREFZ~*3D0lVdfVW5rN zxJx{+2wjklc|;EbIRN8g4pCqNCm=)qa19h7051RumnanWum=(#EaBx3>#&FaQ3)9U z59L6Q0q_FRpamYd0Mam$9#{ZJLJu*}{sA6n0Ey6r1wb*lsEZuAhi2G?C22vw*bl_u zfdeoFe`pVu;DH1n2}Oa7FtH8{a0~R9k*1)O)4&W8pb8MM2h(^l!=QpM!Hmx6j{(q) zoD`5yFbQO7mimB}0e}PA00jY%k?PV6;rIg6K#m@$f@XM^+k}>r@QvZ9V;X3UE|Cu$ zuq5k{1M^c0Do6_%a532+4dl2a@lXLsv_ zF8~eNPzA2=3o!rzuHX(au$0CAzy-kxlLXKTw_t>l&G8~pq%6|0Ym_u zTo97K*q$$N47d;jH+c<984kBV1Y)QYP8pU00Ezsd1y(qU%s>D~l7a)m4_Oe8VF{N0 zpoqfInvVFIF~FGrV4;rLEIr_#FbPQX&;yeon;L)}JrKr6!{P^8MKve~25=n{sBC|zKM`fvsg5Cm#)g#FM9BM^e{P??^J z6u8)x!Mddzs)GCg2YSG%vs$aSIt`p!tneU>FhPzE5RN7=0tX-t<@gd^3KTi1En@nS zAt?`B5CDd%4rofDio*pvU=AMur*euY>R9=@P3sQ}$2@M)0H3iWEwysOm5bPl|}ufB@LQmoF=+5<8_TSfzEmC%*{(5*kQ51p`xiKK(dDX!R2Ah$39Sa6X$FpM6_Ni?tnZ^}vWN~iRii}p$Y zuRse0@CtDP4}iK02S6hJT8!G@1%f(+lo+Adfv{X!kx>{86Z@24nMgw$vz+>ws#&z3 zx+ImU4HFWuiBg%un$cOvq#7cNYoFspaGtGnVGqnK>@mlE2#o7 z3Hh+5GYgisIRaJ)x{Z6WMq8V=i72|6qH5$1+dv}g5S(}91;uHc*{Lbp@CZ0c4jh05 z_uvgN{y?UOa8~-jt{15R>0k~q@B%zk3wKzyaXP2-8bxYLF3Ncg0+3$)Pz+-8i|#8R z=THVWIS#1kuarx$ee1B5`?R$Av=s@u9q_sU3^Acgw7mO~yUVE=TaKoyq5A*~mH4$2 zd_@+ls-&wfr^~r2+Y>}clsGUT`p^X(V6pOW1|47mCG4sGaE|G?jy}<*5c-OHpaC&V zj}MRu2RpSMb;2p!tj~&w1_^?b5+NvT0`TDv%@C0;K#@k_4rTCx?+Xw0P_7?HrjPJ} z!D+eypa7&WlphG9?`pQ_Tc_)roO`$rUF?AhU|_$9lpja|H)*{exC8&06C-Suj4G}E z^gsgxPzqgI4FPb&ej5`)Y_ZR}$V7~>+v=(Na0?{BkOI@5M>xrqd;$qmxGUVkB@Dt` zH!9nJ48nqL!JrQ5@E{Vgi(kPg-Y zJ-|?lWD&Ei8W5JY0BbnS8;H%?Jb==?&EEWg-TcksJb~dn&gOi9 z<$TWSoXzXp&Wh2@?i|lW0newg0rq^)_?*xBywCjH&;I<+03FZ*tGz1D((c zz0eHZ&;(u3ow0Q%G0_w~5)OUQ7@g4$UC|uf(H{NLARW>oJrdT{Vk3RhBdz|?D!tMy zozE!!(l8y(=*}IKt0s1deB6D)K($XNX^qqz0^6~ z)J_f2P#x9sJk?a~&Q^WZ>zvhEea>9n)#LotVExS!UDIZL)@Ys9YQ5HM-PUe>5jSlU z$1o3cUDtMf*La=RdcD_t-PeBo*MJ?^f<4%TUD$?w*od9jioMv3-Pn%(*pMCBl0Dg! z{n+I!(UqOqn!VYa-PxY~*`OWTqCMKAUD}|1+2K6broGy%-P*4G+OQqlvOU|hZP{^M z6RKU?y1m=H-P^wX+rS;%qmA0xA>77&+{m5W%Dvpo9ooblAI%-z(*8Z&)Lq@y-P_OI zV%NRh+}+*Y{oUXl*x4N;p`8u{5z^0)4tpIZ?A_k({oe2m-+Ue4^j+Wf-QMAy-}=4Z zo;}`j9oo-8+UBj->Mh^|-r5Du-wM9q4360TjoZ#$+PQt#2`<_dZr2xX;0?av9Nyu1 z{oph);hinwr+wfWj@KDJ+9~egEZ*Yb4dOu^;iOICbiLx8z2Y_w+BxpxJl^Bd4dXIF zhKPvVAp+qap|xP z<#cg>j^-nW;Z5G?j_%j>fCe3F0yPi|gk23gpx5`{3~IoT1}5IO9pWvetXb-nEBVC;c@=hL3oO8)5B&gAuA2CJUe_s|QBu-BNb*TmogUG5HOAnSnrW9_@4u4uKx*^DyjwUF>)5><4cQ$pGzk z&F}}$>=9q>5>MgTp79#L?cI*o_wb0~p6Pl$=3XBDEbAWXF<#<+Z4Z19n1&GU^{(&S zp6|jA@_c>keSPMqq~;WF5A9~~2;bKVU-5Q*4zQr}h%WI+&+H73=ccsib$#s`KlL5X z@mL-TCQt%az(a-*j=^#cXM_|ne!hfnpAzvNbb50`+7^Uw@7 zpynWN4~M|-=>F>C?hX;8*O4CXCm%`0t@3@%3qY_QYGCDeKM&&oNP55T{ci2J4)D)T z@dOX-h0ps!kNDL-ZVylK^Pu#|PwkNJ@00%j{2Xre^f2%AZU~d`@#_BUAV2PWo#iH< z`i}+OtiRW#zUm*}wW?0n<{$;(PV?Vb>o@QGcMbT9@9Vk_^uk}~y1($%p6u|j_y93) z-aAqP1>OUu&Y(ep3=1w?m=5AZiWMzh#F$azMvfglegqj(x{vAb{ROvCJN}V1(hSFnHjM#F(Y>7ggp(KmLn3!XdL-+=FOcyht64a%u81kHnSnO7M6MCTHkv;&*waMW*62o zgoCeb-AkLchss)lms?Rl7hi-iMj4~~5Izw>tk1I?dpi+2 z75!^*Mj?kJvPdJ*8WE}*b=#4%CO_-(xgYxr@<=PM#4<}0lMHc5+?aa?x-coKva>1o zD^p7~*JQIzk-WqW&fSQCW?!+@sJ@@3ZPd|-8F&$_ICA3gO4@ERlMWI}@t*efQ;ep=aymv0s4)CV1a}k=?amg%@V{ z)`LgHm!yarrnq8@iF_ExfG_5_V~;VW7hxzrCb?vj_scldgimIj2pwbc zifJ2Hup&4}d+f{;Y^Fo1a%w!Q2I`kS%**JWV(4C|tzak<2%T2c7D#KZJF`+KxW!-eLzAuOhJBA4Hw=PLufBGa{3DE0N`R|`ziLAG=N z&{k0Xc|7kP&d8pEnvpz#xI+qgpp5B&utRwG?;gF-PzkJfniIV4 z1dFg<4a8@UQBd&@`BN1F75F_el1B=E;Kd27X95KksE;NH!XF`sz9z0F3TSkPA+|^g zbZF89$pfQ?6m$<>sE#~n_`_+g@CgltFN20K<@dr@JL3kom|zINC zvX2P!AjS#)kj_KaN|1-s=UMp43q~FT7eKfIL?uemKTMK|7A%k}xI#FjFGIG*W z9xp2CnxSyi3LXV1I7D#*MI-~4ru*tIqA*W)x&n+~=%f{(p^ZL>uQ%I_RyUnQ{z;V1 z<_23~!a1T~1;=$!j{->`DemXBRvg0+Oh|_+RHsU;B#;rrbOAIzp}Ko)qZPo=h605L z4-I}UC^+aO@NS0#i$-sdL7D7NiD$~&xxlfiB?fEP7Qt|0;s)BVYJo6;1#w^kc#L)I z@OFAipDH(m3prs5M_9slxaAmavqV7#n_w_NATePJ#^a9AM`W$`eQe9@{k}Ge`FhL!5vOuaj;N6dMG) zB6g7N90Dxa`N?Slff1t(igivKjzvDRwHvXlg(nOPQpU0yHE2bNHD^-(p#1kSo*NIj)2tWexEY2H}TbeCV=8&DYK1Ggb%^~d|o$LAU+1C z@H9ifgnC5yTHL)LvZfs2hxHs{b)2@7I55&@S^c%t|!n6o} zJujWy&=A&MZMJVHg|5pS%NdSr`Zc5MMDhBDXr2rPXZ~)NiRU5>4M&koX0E^v&mCAW ze+6eG&mO8kyClRMR!L{5& z`rp5xXJ8Zz!XW>Ho4kPrtjWIunjh@ztnOQ(d5FLC%OGILrg;blx1hilbH4*b2MZKG z3~UVWql^_whi5oI(7-Du(JPqI3lP@BKx=ocN-k`;^-^YJFl zXa_{Nz==SQ*J~LYOhN-Q2xm})^4mfB;}1PL4T!Y>TN&&a|} z5yHJ1!!%SwV$r%z;kq@1!#HG>Hbjap1PMEo!#vc(BcVfDv79{w#6ZlH;8U4D6vRVB zL_Q=$nHj!Bbi_v#kUk`lMufylv_$8SL_C~|OXS2(l#fMZL3t6yQ6$AuG{sXy#Z*+q zRb<6hbj4HzMcm+$S-g#Tpv7Cn#az_IUF5}H^u=EU#$Xi2VI;<4G{$2@#$;4RTFk^{ z3=wC9#%PqrX{5$#w8m@1#%$C^ZEVJ6G?r}y$8Z$KaU{obG{IdjHuOviVG z$9R;-d8EgB1jlYvMt8KwedNb}^v8ex1W0(q$7IyUfHcU1M973x$c2QMb=-{+sRvE) zgNdZbiu8lBvJr;V$c^O4j`T==9LU?ShfS!kig1TbkcMda$dzQtmUPLNM8=SO3VHa0 z5&4EmP)V57$(`iMp5#fHbc%MUNf7x4M#xF{SO)~)#dejtNV@JV>w2izlp`T7TW zkOZZm2N0NssMJViFoLJh2OsE4-QWj7hy}02Mxay*p|nY(WRej{N?y!|15k&5utl{z zM}HWG41kA!um?m?hq+V=e9+5<1WU0b%l0_Sv^-2|WXq&*OQM8JSp*TnJc@o$g$f{n z6#55!ID-zTfJyL&b|QfVmLq5s(0NXiVyq#>hm9$%K!hJj(XKOn;~b4SQfJT!-|u&kXp7b+Aj`3`_Qe#(Fq|0k8sCIEuLhPpBNrX@F1y-A|{)Nq*Ra z>7-C`Tu|EFP9xw4|NP7?hz0OWOMQ^heE^31G=(r&&lL4Whg=E}fzS4k&$zryr96uM zgvx)2hXXJN2DnS4i2le(xCW&}(8i>NFgOZ*I06tw(!}&pXS9c3fP(bo(8c^v!UW5F zfYN{H2U9@NFwI8&L{S7?(+IdrzBGalJ&MG12ThQKVQ^8jlv9EP(oPZ5p^VSUWXB^# z3MD;?CN&2NW~ zYNXSnuv1p0R6XU>e^^u0+=osWRL6`}Vsy`=7*gFRQp-e2Bt431a8Ui^&q0_@0L=$V zoy#jl%O)jIW_{3A4OU{zRPt<29*6~0{mkTCRepej=`>MT?N(_F(FbkO{+v!5ol$X( z(O4h{1o%s^{_N3q4aQ;phhn{rV{KHV9Dofe1 z?mPnrr~sn`&o3~63Lwv^WC1qtf?us!U<6o!eF}no$fbSEbT|rrhy!4iT4n5qC|w5! z&Dv~iT16#NMvdC9jY{*3BXBj_WUPlpa)I1jTgW`rIs_4#v`L&a(zw;zz2#eS1lW-* zN!CNj`Rv=mHQdAfQOZ$A5Q#{OblgZthKxkq$)()N^+kYXTFcek&E;Ie&8x-D$Icbq z(bZi3%>BiJB;C|i-9k0p%U#{qg@>b2hM#op}I-tFby?)Bd91z+#g-Cg9}-!N#o9&R_I2NSRNq`=-}j~8`ZdS+#l`ux-~Hv^wVYe1Xvh8)-~oO|%xzr9tw@aY zTmoj`2EN9>B}t4p$&}1n2e#k~jz)mBTcX5UWX0eQ2H|21+qYcc5H{fx&fouiM)+`A zr-0fZz089h+B|>{zTANk>4#i^TV}A!swGq|>DQ&5N)xEcl*LM|gHT%r`Xx<=lbS zjLq59)v#>apb>+gn4ZO zVc-WDrDR<8;yR881&D=1Ud%-1)GV0JYe;}cR@Xw%16sCaVd&5>wNMPzP>_x0G>y;^ zC4&+@QB<~FRW??#g<*r$kP1MfxztZj<kdMpt$1W}seOp>|=S24JJ!P$YfLj{R7k?EvlhOXq}6Sn!8k7yv9l z3NSrT8HfdcAchObPJXsnu6Aibh-B;g%+T~}vZl_GJz1-yhm~#F{)GlMg6tz?Vf1V4q)yEZvn<`W(@E0Mq}?zT=Q1%_8sq8 zEZ_Bp@7@jG@TKqiw(tAK@BG&9{pRof_V51&aQ$xY_$KfH9`FK3aQi**1ZQyeM(+lP z@DN_`2&eFGe((y%aOb}84CnCkR@{c{@DNw<4HxkeH{S_2@f0sy6j$*Uk6RXZ@fep~ z5|{BB=Uf=K@f;sj9M|z4Pf;HC@gRRpAQ$o?k4hpp@+8mxT^d*NCT~|Hck(FjNGO-` zDqlz{xAH7ENG#X#F7HP!_wq2OM=%%jGB02zH}f=SNitXSHV;QOck?*+-w($TIk)pE zNAo+^^M8c%J@@mN%=14Nbb0LaK{xc%4fI1-biYmXMR)XVEc8d0bPz8eN}u#gzsE+$ z^i5CiBm!Md2X(onbLtNDQisM!H}y+L^;DPiRcCcaclB3S^jMd5L#Opx7xY`lbwAhj zUDxwo_jNl5_F#|mVJG%BH}+#s^JG`{GH3Q?5A$b-_AZz9Y0vU%xArQ>_H2*xZRhqT z_x5j3@^BaTA}9B95At(I_a0aGbC{`j`w)*2KkWR z?vW??>Nfe4XYQ0&`PydrmWS(?hk1#X`I$%Mnzwl+#`&B-;hpDs3D@+WFZQ4pdSoa1 zqF?r-M|x*h`lXNdrgwU3hx(|$_Nk|OZMXWX@Aj{{=vNwBn zNBgvY_qAtxd3XD_ulKl@dwi$+y5IM^$9sR*`@IkNzV~~A2mHW4_`xT9g*W`eZ}`Ml ze28cK#-I4dhkT2d{K?Pw%C~%u$NbFy`2Nl3e3AG3&oBAV7k!i`{nB6g(?@-mSN+wG z`PO%Rnuq<^zxmmxeVw=c+wb|@*L|QL_2usUzyJLT4t^K+`Qo44<469(RsQ8)ao%_S z25$c7-`nY@{uhV->lg3r*Zw8u{_Y>~;rC$h&v5G}|D`qm^B>vtSN|vf{`N;-_J{vi zmH+u?-S@YD->v`r_tE|5e+mVNWB&#cENJkUK!XYgCS2(7A;gFhCsM3v@gl~I8aHz6 z=JJrOKExXVR=`^Cr%mI(PEy`4J{Wmn(e|Eo$^A(xgh4 zGHsd>=tH3`ol>o8^(xk^TDQ)G{_0R_M6X=Ok}YfYEZVdp#VQ0FR4v@Na_7>mtCa0Q zyae^y?d$h1;J|+QG9*k`Fyh3D7c=g8*lpCtk|$HHY&qm(!*InrG^%uV>S)ZM$Rau(x;f?%g~0Ti?Qm6CVvca`EKKmnS~{l{xh2($zX& zcz8PY?Amu$Z@c|F`0zTr9~5u?JbIGk3tms}{=NJ4d*RcsZ=YdB$j|Td?;l=1e*OtK zU~~Zf(;k5dDrlO42rl>_gqAfJA%zu|Hlc+XYFHVD8+!PmU>$-uB8hT|SR#rkj&-7n zExPCwi!aJJBT+HZcq5MfHQAUWk3E*OqmMxfxe<^<8hNB{FKLD(lT9YM(vnU}Ipu-* zMM))=M;4hSmoskJC73FH877${j#(y}8lIUZn-Q+rCY%Yr87H0n%~>a&^xc^!pXlw` zC!pZ{87QIH4O%Fo%pIC2qr@%RD5ShS8Y!i;Ol{*tp{~LLRw{4I*?o=9z20Ip>{w{yFHO zi#|H(rJH^_>Zz-~I_s^w{yOZj%RW2pwc9@XzLejrpYAL3-h0Wv1OKt`!)IK)@e?DT ze8bB#fBvxZ&j%d6^!-v_J-*jtKd<)NyW73@>VhABx#N=`uKDM4o4)$kvfnQ5T3J_NWEFi58h(K5=aDl99paW3_!3dISf)oUm1uw{{ z3~CTl9PA*aJ_tfciExCBDxnDxg~AjPYK1HWlnY67338BeE2JUmhR8(T z{%w(r)SDw8*|$ha5^$8Pwt{r80GAM?2;KTRgxcw6KM3DeUovX-MR;L5Zw0hw6rY*dhcfNQO09>IQ%OgB>A& zfj_v>QY1{H9!OBfGOo&6htxw3k{C!m%n*y;E<*`NVD3M}%LLvwLKyzxwShYR(T`;m z;U4`hh;s1@5$8q)y2~6YBl@8Wm>xkI^?*faD_jpBgun>?SjKtN+tkK>c)tqa#~WU8 z3O5Xd8+VWci+ih&Blxx;y+!bHoBLP5zE!9ykcNPtk=gHl7zX$dZx}lJ+0dRBwfImi zQP-=GeNbW&3mL}^;K2?R1ehCckOz%>%MRTdB(ya+ZgO)R5e9$7!N_Fl5?rB<4~L)> z`yhmdL$CrZ@7cQ{Rxd#gOJyq?q#vGOF+avoiu`Vu8z~S+f496_8y}b;3D&Vx-CWG7 zYIw8$u&jVR3tCtx`OhPkvOzvv1clW0%v5N?ZM`gDUASNj!v4^Qt;<~Lfn0jcJLa)S zhB^s*WOlRen678_tPbyj7atoAfvK6=*nhP55Ac;kES8}Ig3#l>vi^rXtJ#N=^BIZ;&3 z9+LCY<#2_$Ph`Fqn&;ByXvKL?bY2*i2ixag1v*cJejuLP(&$G=^;+LebdEUPt4QC8 z(#tBzs$2EyI>|cIXUTOy4`l48-fGyVei^N+Jw$15jk~Gd4tL40eeQ#iyWLfV_q;b} z?|gUr-(%_b!2hN0gtyh;4==04E1oXLcm_TipCEiZBOTC)yyX3Z4``%g9_e_-?Lsg5 z(UZRPrawLEQ?L5fv%dANPhI8bA^X|WzV^1iJ??X_``z=t_rCu<@PjY>;S<03#y>vt Xldt^cGr#%He?Ii1Fa7B=KOg`*K$tra From 32970b3952d4edf169f6a229186f23743ccf46a7 Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Mon, 18 Dec 2023 11:32:38 -0500 Subject: [PATCH 10/38] Delete images/AddCertificateNoMapEntry.gif --- images/AddCertificateNoMapEntry.gif | Bin 9238 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 images/AddCertificateNoMapEntry.gif diff --git a/images/AddCertificateNoMapEntry.gif b/images/AddCertificateNoMapEntry.gif deleted file mode 100644 index d6c4c96e67aab26c066ee561e54618082f274910..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 9238 zcmV+xB@ z4?A}kJ&P4jgBt)97cY+;QIjDTJsTTMB{y^9@99BF$ST#yrJZ4%ygIZLhU0z;aWRhKOa9Vt!U4ye=hlO5`!d$H5Wi2{oEdXmX z8)HL5XHPF=X-8mSsbQhdb2kHNIz4euCu>YRZ&^obWm|El)oZioay@l#JdtdSv2?-s ze*#W;OgeySVSs*}c$T_GXTsoU% zJd}P+mzSxKsK=4M-km)Fn?F3Cmv@_xs+`2$oYM5CPynS>QlwcSrfWc`YgDIvQl+Gz zs;;!B#iypj-=*ICsahARVTP-*#;3&2u~u@nctx>`YPXM{wXLzX$JVmY=(OARx9I-5 zDss9xa=K8;zH5xXbrZaEFT#>tyRC-4tFF1I$+oq(yuie{&aJ-I=)mUd$AtjLhd0EF zLc*kS#;26VsJq0(#>oHC%yo6pl0(j-XUwjv&Ay?~(A3P+vC!k=%=Z4%jdIkea@o$s z*xKFJ=-rn>1=-k%rw`%RUbnVQn?%l-g?(6UI_V>t!^v;?1 z+^qHI()suJ{^hIx`^o! z@aNEpdyG9>+JZ_jc098KV}rQbXWIU7KvS&^2`B>heVTCsk3fIPR?Ik~rBUrh|LoOa zaUu`z5fv0ck9zF6_tGL!2{g|l1pyb`gAhuF5Ox1ZgTQx&e9+E5hU8J(5A@WdLK^?n zBZ4p-lE|TM=v?>@JVDrJTR*I*Qep_TP?+LBE4s8u04zi`4+{Y>IFN%8CaL5}#Z~9P zKNM1T-#_{oQ45t;)}w(q0=>h)Jf)Dxqis_TbRUIUa`}&!^t3c2kn_A5Btb|nY3H2? zHCf@4QOY)Dl~)3aP60C%io^if*p?od$dQx83}nPe;h=@iaHyIr$w}m#bmHmhry%Jm z4WGtIsVJaW*78mQ%MHX&nEs2(c$<|})<@y0t>W}1oCehi>aP)sO6qK;;)g1rJN~1N zF#oj3C5*D#b0Uwn%9c;E%f>V$rwsz@EvUjmS*o9>(u%5jCdl9fm+;9)pRE3%BVVNW zy|V%h-+hwqy1FLV?Y98i>1%5P2W)U@1*ewq!3=*UaKjJ_w=lvHSIpYPq+x9F#(fp0 zWMUkL%o$%1Y9;c?lhLK5$|$$on8uvJ?DEWEnfxHhH0Rux&ClVi^UrwARFh$;@#K@g zKqq|{I}2sx^wUsB?es=dhXs50A+HAM&_S6qL*G;oTjH9T1~3Ao|!qAyDmFpq|a{qVYT0`dtbTl?z>&R|1SJm z!4Ge|Sj8W&{8q^??>tq_KQDb!(NAwZQPp3seNNeL@4ZXie=mMY;g4@VN#&of{zvJr z?|wn;L#a?WEcwGun;`Wwzd-n$bCUk}8;Jfm62Ow^&wnt%hdBax!1p<(efHQw048_< z8>K`aYQT?2{K1VNOfUc&h{iTFWRiP$K@$Xt;0Fz0L667-7xb{l6#CE)WCWlBFc8y6 z{Gkq7>~I_Y0e}Mj-T?v$6wrZ!N#8xzfB|6qLmsZ+ftvbpL@E-*9|^*s2K#}u7X^U_ z!Qdeqpg;{0Lg|PG@drIjh(duZv58Nl#0S{b#eSf}1H$0PGNPf6IrM=a-GIhG{Kduh zAOi*X!(u`F0Yn$^!xjNBqJoZyw0RWJiUcX-714-9p_DIP6KLT;;<1JaVjvj*Af+k8 zm<|s<00vRGM+Wghi3uv8g*A)-rt-l^4XH8!r{qT~(1Q<7q@f?l0KpA8&_+`_Vq!~q|!Fl98TF~J42Lz)4g=0F%3PutKTq%wdfn#8M4|poRs4fsb9xQ6R!ZMl4v4JAD9$leVQd2eq*#Y1KqOeg zmLM9)FhDBGK?ww`bEY-@z&UK8fL!FNqC>f;1;lX=2?lf)8O$p>E&z_y#_IyrDEMQGzS|Bc}!Ig*CW<9*68FbYmf1-!Sq5$`}G8*no!gro#<3ctZzNp`m{*Hi-3YVeNFNNuw`5Zl?-R+fYC!~?`Y z;xXX0h6-SoKzKRA;a(WQ$K^yE%DCJUz6Twl97sO$K@9;|fy87;MRl)>N9}5NsP6!; zYCVt(k)AibJ^ry6g52B-gd?E`fGi5+p;BzXB9#68?>)NwWda-c9S9aN{)xpf2530= z!PqO|8V-;Oq3(hJxiAC@+9AvjutU#${^&Zu8bdDF78%}oq7w%Kqq&NajD7}mpU=?> z5Zwc;=-4koV=&=2I#C{SOh#{o`il@*_rQGQ?vagY4=Nn=g)|oClQo2nQRAc3RTc+2 z0^ovq9CEmQDA5r3t0DioK$gKSsw!j}41VmwvWVuAJb)og1H(DACsE-94L}MnZresM z`ZfoZ8GsDDv=R4^LjXp=&v|z6gCSIIxC6k#czrMcY1l_XCn$gk=f|}4hG;83D8(V? zCkO&ygsQnaRDV!|+&u7x6i$EyUejaO2XHgN)%0F*=%Wpq@GlDf=CKO_Q~?A64Rfzc zesY1zW8Wh{fH2a%ZgW=q+HwA$Ij{kZ0P>?83v?CG+vE>-u)`d~&4c~gG(ZFvWPtP& zDgu8V^t`&`8|QGxat1h$sta)ERWJHCq7FcTxMP6}^hesYZuYU`v>f4ZhyRK`_p3)e zy!2C~)UE!Fqtl~*X0LnS7s!urm?Iq9NOaS!{#l%J4=MVFfEbXFVv+gd9V)Ow8!`|F z$4e!CD$!#sWYJWP`6C{&h=m|M?-bCp-g>Toz4T%)d*{)<_R70G?v1DW-3zbxzV}`3 zQb7FT8~^yoPrmY(&-~^)|M}35zVxS0{pvqI_#hd+^|$`d{qB4J```~h^s&#rf{6e8 z=uf};*Kd8Px&Qs}kH7rqPyhNm4JO)Wzy9~n|Nd{^{s0(&0yuyKSbz|Lf8@75z?Xot zvw#ffIu7`NsuO_{XgU;FfueJP80a|~xPh9}fgVUVAQ*yjGlC=tHzs(3Zj(C(*n%$j zf-o3^GB|@YSc3tGfOJ9+I=F*8*n>X!gFqOBLO6s(ScFD+gh-f#O1Okf*o02_gisiT zQaFWFsDwCpBvqJ&TDXN=*o9vBg9Ovhj^HWdbo#oIEQt}hkzJ}f;fnTScp34hyI3`h>Ey~jM#`#h=`6DiIO;plvs$6 z_=9%CQJT1koY;w;_=%txif~~`l~{_Vc#3a$i9T2pd)O1G_=>O?i(IIRJ-9%8Xp6F# zi@LarM@Wl2h>Lm%jJ!CE#K?=jxP!uohsjus%-D>jc#Jx@jCLrE&RC7sn269w55hPP z-5?9i;0vBb59;8J&Cm?Mz>T!9gY%#cxX=#tFc0ofj=0cs>zIx^*hB2F4CUAi?O2P~ z_>TZ-h}pP}*KiK+*hAvjbL!ZQ2Kjfs(2n)!juH7n?)Z+&01f!S3>Eo<)EJN+`H^in zkUcmL1*wA+sSXOMgCyw-z;KYbpphB5{*l}W4Krzy?HH3m*pVQ)lRWu_BFTd!X^{0O zj^t>LBxw#exeVW+k@7$b8!3+IxDM&KjxC7~%Rr9(_=`Qcm0SsiKe>?J=nKE#jwlI~ z1?dgIAeHRElupTm2#F8Aa1L;3kT?m1I@y(YnU_iUl`2_~R;iF>sg4CH53=A37zvXa zxsddz4#0qrf0vkcsh5&DnR56NESQrcS&|f)kY;%f^RNszsgV(RkZnm1glU*MSeG10 znXK8GWoVfVf|;F3nnbye=U9@A`Ir(JkNilJ3z?NxiIq>Ojjmao#>q+K6PuBFi^tiV zl*yNQc$dyOod5})%1E8qxs}%bd56-Oo!&`|+c}NjIiA%Cn>h%Ctf+^sNS^HJjM>$V33{rhGk^!f`Htj3sFZ4{cIuTldWJ+uax)+Z?&uD%fCIn) zsOL})W2utn(5hXhlDmMYJgBHLPz2)Os(LD^#Oi}u=c<-^tnVnSGFhke;11ychj*C{ zUBIgJunvn*3!_@9?`RI(`i`X7b**};%34#h+N}*qsjyn9!GNu^x`hd<4qbo-GT9C! z7pQ4*=Y5Ur*e3KdHV@8}J6pr;H= z4mJR>GLQr32>z(yunRU|2YOlr2DuK3pr<&H3T_y#0lSgw0I4#t1JRHUZJ?(+(31Ah z1!NGg?4YnFTc`3WktnMQ>HxGyn+&Qt2;7je5!;genuQ69vYOz71^co*a1QAp17?6$ ze}Dz&Kn^m%1i7FLT@VM}pa?jC30tbDP0+LAdIsY<58S{6xNx^ZE3Rem3(6n{qyV>s zOSf_Grv|IG&cF*cKnfg-1G!KRyr8jd$f*=-1AI_w?w|~9a0R%a4s(D5qhJkxK&VN3 z1DNm&aJ#nN(6$>HwWjF`H;@ajkhtE^23Pc(4xt`;LH$y_C8Hm)gCl z+NbRx556D^&Jaa!o3Gq!zsy^O37QTz0Kh>`qPOzrt zOoZ}K#i!0e&Aau;Sbg@TdN=@`)~+KFdIAK58a?9`rrjh&1%dA?pzrm-@BR+(0>2#S zQ1Ay|4++2UBBx!0!0_R9?fW1JSK{vka3%a88~OkS8ddYhjt&W+;4u;8 zO#kyiZv;bM^hclc5uf)?f8bJo1XOSJSZ^lmzV%(dCSM=+{xJ3jfe&Vn_7yT4=&<&` z<@Ruo_XyuAbZ_^|uJZyBRJ?Uep910(PNKu`}KfIrkO4G)0f6`&h7za0DU z2`mYc8)qeUhMEg*G`M00@yWjgW@cU^W{PIuy#*h5U&-?`8`~Xp4 z#*7gUfYkdy@83Uk4WvC7IHE$HfAtu&`?v2=nuQ%begqj(T5 zLWwp!y6UD3y6;1p+J~z63C_$19=;+xZ{$0 zWVwHudoH@77Lw4qrLx=3GO4}`Z@lu(OOGuQ+xzFe_yQ!(KKx)*k3ata>}WW=+9|L% zAAbZgNFjggC^#XHL^4Swmt?X@C!d58N+K6BGD<72#4<}Qx8$a`|4@ET5Eeln&QAZzz zG&e>grLO+1r$LHd<+?^$1#Ouf^6_YqRCH+e^3gHe7KN z1$SI?&-D~0bk}7!&~n>_H{LPdmA77dqonswUw;1uSWWtLwS)@7Jy=2T{y zZ?4p4oOgCqXP$rlKGbKRhbFXPqK^(%Xrz~(Q)#B3cGGF7r#4e+s;}MT{e%5HX=O)u_y6-m0ZoKynNpHUYUdV62`4)U|ybCv+ zZp0IZdvV6ucKmU)BbS_P$}0!^a?H8bd~>Wj_nd0bLx*~F(wR2>bfi;PooLou2l{o` zd6s>4oNKq8X54d!d3WAf_WgI1gBPA;;)@6Qc;q=&etC?Wcb;PCqlb8U>K(TJdWEys z-eB&#C-{5t0TzFJe#z`s?pFe*E{oe}8lP_g~2L7r?mz zkbvDX-~s+iHb4cgErAWB)&n7!G6qg?Y!b9!voM&!mQ|30Tif6VwdFw(ijIUOEZqrF zh&mOnaCI$oq3d86!`RJ`hP1Qc4R4o29qNvUJ?z~Nfe1Vy4sm!zG@|j4n8f5Qk%`Q6 z;uD`2MJY;;idC%M6|smtEpBmpUG$>&z!=8xjggGxGvgW0mqsBtBJPooNA%+#l^94tHj$8pgyJC)IYmV-(u$3AWELSANiI&3l3xUlGc>tL zPIl6hp9EznML9}RmeQ1`L}e;fxk^^H(v`1-Wh`YmOIoV3SC<4NE=L9?U2cq*y}Z~j zf&Mu$VGi?Q#Wd!^keSScEt8oAbLKMx7ENjXi<;G}7&axTO=WVklHP14I58V|$veTOGd?!4!DNi@j^Iq4qr?>E#Pj2m#pV;!}KO-p6cmw4xRjAV$L#QH^$rqaEGUM?w0nk@mBs3q0wyM4D1at(2ubd+D@X z8dGxpiyhyM^g)uCZkSZyj8Sa(=2cCh1NWtCyQzQI+6X|=2N!bVaZmJe*Cl~4W9#S8Sh{#U)~ z07g#|Ygp~Nr*XjMBk6chlmbhz#p-cS`*4INL}HH@@I|o`YwXLM84o~+K@5TzjE~Uq z1A4@R6oi4SWJ5w(%bElpGPuh>wvh+3=!7Mi{TFUmwoG{JfG_?a2N7D^8-FMS9*JE^ zYA0LSlk~$Cci;h5X8RAh-ZnS;Fa=sNA_oU}OSicUiCMIJp2Qe@~82+FJX-A^m)iT#4^$iDVWSa+m zY(g0Lc!e0eFo?A5!U}CbLpu@-qwk7jAB1RxWwO&90@bOQ6z>q5R;X9f*FKrBT+>9WCJoX3!k3tI)27`pPCP6S1WIN;uSNOug zu*{F^L0W%cL&|akZW3gG1D)*S6Eipg9u^{v1yBM5kpO`S4w46Hw3u5j-X%%wA!Cow zm>&4`$1eJy4>({1!Hv+z9{8dUFq}gd%J_kg#lhsAEZIO~UI;&4VOx?^`6E{@iFjLN z-!5CYAKeheGn`xxB1D5EVnW9S_)-tr8iFJHFa$-UK>)OzIK^}JbG86&NE1t#yxiFX zIKUtdd*I*_*Sd5{sceo;f#|*6CS=hE( z7}Su@J$@V*UVwPYRPqQvO2Lti)I$T71qwa-ybxozCE3_o_Q!Zj1o8maw?}#IkoV!_ zu~H zUFe^A__ZRQ$h+p1uY2|Dm2j==iu9V`>L8Ef3DF0+D*pY?Pj8o)(!Az2f5HSZ(2&yo zv5gg=*YwIpJ-a3kuiZ0JUcJ|S?$-tU;R_#K#6Q0A&xQQuE8kpkeHdMxKd!Yt%&j#f zt63d}*0xIi$lnw8J~Z!#vc(J>{#6T3pK_tXNG{i$h z#6(oYMP$TAbi@>h!$_3GNu0fn2YEPxM(77)I070_1-yCzc$7zav`0*A zMSSF|V3>!}Is$(z$AG*>ewc)IAcwuG0da^&hukZQ+(n6G#T3)VeBefS%maVW28{$r zfs}_d=m%nuM}FwWcsxmnOvy`}NT7VjlI(|K7{_uv$99Z@oZQKte8_x6MwMJelq^bt z%m;e-$6<&`ZFm7407;P~$s;gHy|PMMq)JshOOq@|ncT=1P=#;2#)EtTg`~@}yhfr# zOQBpz>e@!A)T^$1%aJ6=7f?rSY{z%Z#(d}pZD2`l49QirMr!=U$)wC)w9L!Q#mv;q sTI9^moW;)s&4}d7(Hut6G|d#fw8Ydr&9r1qT|C9ul+D>(mVf{NJLbu%J^%m! From 266cc81d5f5fb1e09593dcec6fd478de3b3a171c Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Mon, 18 Dec 2023 11:32:52 -0500 Subject: [PATCH 11/38] Delete images/AddCertificateWithMapEntry.gif --- images/AddCertificateWithMapEntry.gif | Bin 12156 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 images/AddCertificateWithMapEntry.gif diff --git a/images/AddCertificateWithMapEntry.gif b/images/AddCertificateWithMapEntry.gif deleted file mode 100644 index fe579702929d26436f30ee54a0e5b3e414934cff..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 12156 zcmV-?FN4rWNk%w1VPpac0(SraA^8LW00000EC2ui0AvCQ0*C(q{{R30001rk8&m=& zVE`Y70X=U3N1Omsr~qS)0BN}ag2xR5PXQV%5jaQ-KZh4LI~OmH7ihH?7zY~_NF5+w zA31XuM~EK)9U~?^AX1YeT&E-l03{qFDIUMcZ!9f$%dt>hrQv6$NG*8a*HwmjYlkrL0FGS&W?|ei?hd=Jv)#(Z<0&|no=K+ zTRN0uLXySimxEQGmv@|;nV_Jkp|i`O%-)^S^`}n&r&=GVSXHBLN3F2AroGjv#;2~> z!l>Z>u3&+!Ydx)jRIiJ8t*dXcQ*yR#DYSMywt7gmi&?sco3*opw#C)9(BZb%?zias zx+-$IIdZyC%D#0M!jxdZs)o6!$-KbC#B>0`cQ40>0>p(n#io|OtFy?+%E$l5%XD|k zl~K!_Y0jy3&bg}7%CpPu;Lz&#)BOI>kwVj_aM`(v)x@0A($3M*)ZFC7-KbmQvwGjQ z;NQKo;>MWY(ze^&-rMN2({VjqjjB{w(Q%ubIY`Snz!!Xz=Qvd?OV9<0m<-F$OifqA_jCg(36h{TKtpG39<0gM~^~Qw+)Q{Op`-|<86Y; zKlqFgii`gUNn{_@VU$MzAB@<}2LYHk5Q;07X{KcF{lm)w|4`|og#YX_L@062iBAOP z{X-4{>|~Oqgm4ZdA(eOLxo2n=eaU4zigrm5nP)~SX<%ut*=BfeMpq}Da)z=^11*HA zLIJ^OT4i*DGSeUvOH%o1sQxXCn&(B0g6Zg^ljf@HVU@D!W^-_Mx+ysa%=%A1eiDdk zbo$I0CxlcIYwSjfE@}{@yJo9xSiN5AT&5EW+o_cTRTIlUM<(-+IZI0TAKZH4w*2t{Fuxz*KBh`G$WSt%{=$q8gV`cE%Za6y++#5 zNGEMjWv^wX^wUT?#+uYnSMBr8gkf#<){;7X8eUw7U9;Dofi3pgE=z?CIEY3@4>((` zh4$Pj(`3_7c;~J6{@z0swHV!i2QK*Fgcol3;fN=$_~MK=?)c-7M=tr~lvi%~<(Ox# z`R1H=?)m4A!wt>oq?c~`>8Pi!`s%E=?)vMn$1eNqwAXI??YQTz`|iB=?)&e+2QNJ8 zD7B+jRiGyyxK_$H4>*AcwEg|~Hd9aj`7oQ0{`x1Y z&;I-Ux)1;SyUI`h{gK*_|NbiK&;S44@gD#OcpL!|@PNNDAOaUC8wE1(fvIsI1SeQF z3R*P;*VtnzzCrs2L~h|z8)qHg!&l61zz!wd2oUT>N=JT`;k3= zjOZU#6bK;=!Y&&m!ynclgAs-?MM0vG9*Go49{2bUbvR;*hBSyjq+x+r^y3%F*hd+{ z_zPH&h#>x0i$8V&g3yE#mTp8+KQs{lItm1N1Ucj{+eQ!ZEfSV>v}5}qGD->ZN|vll}=Kr;Rr zfPjY3jRL3+I+`c}a9~jYX`sh48bE>o3;+|56e3FLv5rOzu>}SQQaA%J&Rs%)17}pG z%Q)D^bBd63>~MqzUg3-}fFP+$Z7K+^K?Wf}Lz~{@f*^Wf0a&mj6_wm&EpfR4Z77wg zPGyHC;yF)q=s*$ASOo+0xr}ob1RXkv1U-mRf>@wK1XuvZDk^Y^b!gQZPYA;`=DCkP z*x;&gxW*q~v5r0%K^>aV04(sTSH9k>jRY{m29m*5Gk^db#ZZJcJiCkmSmGFl$o^4k zSKHTK5Wo}Ha6|!O!Bww<6&ac^fG1=q)R7T&83ss(K7<$mgeI{~(zw7eo;%75w4$%a zazs`Yp@|Dnf)bLb0G*DdiLrik1J|H#bb-s(G)U1rnJg+g+q4V<1fmj?SV0`n;evCK zG8X$tVt^ym))I`jN~BnU6`WuKde9Oa^}TO?vqN9&>L3tg2m>lk+YB$b01VEgq%!=` ziw1Z2!xXrLBL<|W7Xa70;3e!@i<>@XN`nEB7zjB^@QE!bk(53Du?0+l-F|2niHc~% z0I0y^C43eYIUR^PrFab=3xt&Ht&$F35pGIzTjy6kYFo@aQ2cr0v$<{RN#TMT0;kZ&+vg^E#_I*xKe z#t+2rw*He_L2UQ{q1|7GT#sXSGq6$@|T4C z=1)IJ(69dXZ$y0|h`;>jPyhPc|Ni*Tzy9~n|Ni^`{{R?(0?2>vhaB)XfC!j?3b=p_ z*nke$e+5`T1@V9sSb-LJffzV|e6xWZ*nuASfgl)yA~=F1Sb`>af|EYPg1M*oJQChCDbXj53FG zSci6ahj^HWdbo#t*oS`jhkzJ}f;fnTScryri2jI}h>Ey~jM#{d_=u1giFg=?ts#k) zc!`*piJG{HoY;w;_=%txilQh?Awhc#F80 zi@Laryr_q=NQ=D~jKVmK#8`~Rc#L!Si^#Z)%-D?1_>9nKh{_m^)L4zyc#YU-i_>_A zaHAOB_>JHgj^a3ux0 z_>TY?koc&Nbm)()XpjP#kP5kw&q$DSh>)rXkqkMJ6j_nD=#Y#ek*KJV7TJ*=`H`Q9 zky>Ggzt9Pt@C(D$4%J|iCix2OfRgCQ{wT)KMU3(cCD{qDfR4s+33ONup1=+_*$KIj z4EqR@MtPJ-iHRbKkf_8cJ_!!h01I_kl0?}KKuMEN>6F98MOFEdUWE%Wd50XClw?_! zX1Rw;Ns?8`MNlb~bodLu;F2oY31G<%xX_jDU<^{Jmy8l_;9!?w36Ezvn1orFb(oe@ zS(Q(@k}TLc?~IP3@&+lUCsg^+LmaO@f$-qUe1ekV-m#rj| zub`Reh?{t*o4r|`)|ri_IfqUD$(AbVmfA^_REe8esgjn7oNg(dVtJkFxt{Boos80y zeW3n^qdxkh!`P!hI;2GEpd(?5MVh2aYNR58q)YmwPRB zzxak)x}{v&rC$1_U>c@dDx_Chre=DGWO}A*x~6@YrfmAAaGH!$I*V~yr*?XWZhEJB zTBUiqr+%uWefp<@3Z(vlI;e)4qlLad@N_zhIapPk^He8`n`II1|>iVA8Bd5{NzpsI>Ela2YRt-5@fN}*}` z4Wtk%N)Rexpbe^E1IRE6JP-?js0u-Vm+4?3doYLUa0e}r2D)m8%5CtvZ0)p@jcYv*k_zeaEE7$s}%2B{dQsGH3Y1?(zWu%NCHYdiwV zC}DZ9bm*=P`~D58z^xg{kMqi`7E7`Bim#Tsht?1USrC}$c&x}EuIx1uWpijcQuP`Ew2 zvsVDJ;6MzgE4qCvyRL8xQxFNJi@H1u4nUg&zjKcal z!0k}L-s!IJ8n&WZlDWVMjx@9F@WEKHzv@Y*(}1o39JI*lwD4NP2>b{k%)pEitzq!7 z{E-FMK*8(~tUkcD89WMFoWwB84xA9e0qjWaK*DkGu|XUJEDVU(APFrH1~Y66-`WoT z)tUt-EC^Of#jx_fjN+~`a9^FEn(AO6Rsgt1Os{L)#!P&jWU9At+?P4oxyX;S&8Jr4zONSQA#%?UdBV58e8wN!&I+(hMx~W4k`N%;K z4eMIFFdN4dJjhlF%A!mDa0wzzw1DuJ zzA#)@?8eaGy4Z@e&&tXPjE<|otwak4*l-Mg@Cvou#>V=_xf};p+XGU04V7@Ro2Z-j z>cG7 z@B(uy!s2?!)x6HN8!B-SldKF5>EH*`n$yK#uA#!MF&(%j{m-}@$0+=^umS}3n$UbW z)S==?Uq!W&3oBs&4j8S`Q0)TMjJ}VM#_X^P@ajlA8@9!u%_!ZQeQJ{hs}+N1vuquY zG!c_V!6?Vj){N555}ViY_zk&W6bE|^jf{?S9kW`oHi|*lUHJ@uO}BOHhuBb(qzaV# zX{xDeuy`5Qc4!nh%GgFhvDYw^g?-p*ozgiQsil3hiMpG=oZ4@?+O8ejrFq)2UE8|} z+qRwC6p7oq-P;Mt+rAy#zImj;Dcr_=l)!!5%AJnMz1+@Sjae$D(*8Z&)Lq@yecjky zhQBC=+`WYR(%s!nhTt9E-#y-6DBk9M-sPR%R*2s0-QMf{-c9J<@;%@2jS%Lr0@$?? z`)~rr(%;ik5dFXk%m)$Zz_uCSY6F1}9N-*Pa~{uazJ7efB>_y4@eMmAHm}u5#&K`5JO(% z5#bLH0N^kT z8K43-wMj(rT0Ut03yx;?0AO@D+0+_Bz79wrd zp$Qhg3rD~U&XErnFfF^Z2boaizt9X=J`l@*0Liow8N%m|4(NhT=!TBy=CKWn-spbb zBXSbylO8AjJ?f<{D4X8tpC0Pc&SLs->d#aV{-Ek@!s@Q>Be5>vnn3Hej_b3s>%DI0 z2!ZFKRO^WJB+U{F+n@m1B?sHEZzYB<8a3~TGz0)P1oVysp#b39&|tfiB?Lm`YBE*{ z&w835>Wgr1QhqN3kq@Mv1uISi$}sNRkO1SV0zqK@9@2mV?I7<^lIvAM20bnkUak-H zF7WrB@B2Pt{k{$VF7p9D@CASH{vGiPPY`4N@Kz!86WkPjY!3~8WANbBO__1I3hwl%GFXW8x z_>k`$+aUR9Uip{rJ z`gwl>!7v9`kO<}v2)z(0H$wYWLjLBT2!MbN1n>s$e+g6^bEz*4pwa>)&;Uk|4*;=& z-oJm_7Vv7&q6LQxasJ^$pzI&NLShJB#F$azMvesiWs>8smJoXAhJ+HSrIwM87XRrx zq0Hbvkt9uq+82|ct|K{v&AF0DD4<>n#qgUG>L0Ho6M+g%1PC30H&8E)QaA{sL1_tF zkZ52epFn~J5h`Tp5TZniE<3)38&~dJx^?Z|#hX{}UcP<({*?5r2Pr*m+ap+aDWZB%sjmDMtvYrC=DGi;|)J$`pE=`i^!=UmSqY+rVuCpTCl+fm5Ok}3NOsivJJKLa0n1Z z{D(vtQ(Upd7gbx6MjLTF{&K?}f2>nTB3m%hK9GWoh{-DpB(zXN4@ERlMKe0^q68O( zG*U??rLo)l)9 zZ^k)i0BzQ}XPX{BREdTFPh4!LQlr>1&hsjJ31>u|5ux@)he z<@#%}$1XN(vd=~vSF_V*yX}{Sb~|plZ(VzCyYG&)ZoK#A8)CTo20ZY*{}#M(!~I6^ zaK#tjnQ+D*hx{(RBd6T($t%aa@5?ji-0sag2fgjjLnoc=(Mw0Y>(f(bo$A$FhkfbS zW2c?y*=xtW=i77Vo#x$p2fpRsgD2kP;fqK98r=S+v~IE z-rDWE2S3{H!zW+a@ykbl*z?n8f7kWfhu_xsXiuAMM72%gfEwYb`T}0m(!AL$ajuCuiG$Z%Wm`3cak&V=I;~SwDM>#T& zj&(%d9q~v!J?;^Bee@&m02xT!4U&+wGvpy*mqCmNuN_E%BC1U3$)zy<{OT zf&LjcVGdJtzceNdk(taJE|Zx$bmlXA7)@yck($*U;x(~pL~U*}iQV)j6TunICytYx zQZ(l|tC&u8Vv(Kg+~Pao=|y?YGmQ1LCmHdX&ol0mpKA2yKie2kfx?lX1)bwT5o*W5 z~U0|iVCQ9J8D1NF%Ebfl^*YS z$5O4@)K5KiZc%kdJl@fccCf=9@UTZa=n;>4wDlhJn1?;y(N>*ubx~f8+fmEv{tj=v zLmuD|Ydq`$4s{fDt@V({JnHd|wHns0iNdSf^vVvtj^iEL2uC-#VGnJ90~}LHHV@)f&!NorfiL6__osR<+910Ua0|+Q0@h8vG3Y8b3qEGNv&w zbZiWF+_<_K2JuGdAyv|nbshp1@=-+`Ke5CsS;)e0_&E0Q(NX64tP6P3&SDYt+6F z7sfFj^Si!GV+KRRU7uyKnfu(^&$dIc@n|eu>roD}{$eqj4S#VIc9OIxbymtGp zdDnZU_)eF;sZrkZI(WV9eQ$i{TVHP&93%61M@Mk#?zXxE;RsiFud!=ym=grn;Al5D zUThD}%9k6^crArxE8}@%Slh`ynaH2PV3Q+P!b-QWH*Wp(jKE{WNpADa#h&7-rg^J# z@w(5M{bJ{~RUBM?ZCkl9^`$d+u`X{i%3RFl8P|BxItB)hZ4G3Zhl9`=(W|f(K6WLa zcIRB@h(8RE^H?_=+=#BRjeYzskAqt82j;t%{~qSStNxWEQDyAY6JHLUTiPD)l`}oy z(N=i8S*e7UygW`nHn02}*SOJ-b~#dee~#U%4o@qV(_%g9JbJo&@ZX%Qzi)W(mtS3no@`IG^6r5uG7EA`#JQRKX^&ERNJ|aTN!TiHcERy;v+Z6>%SobwomiF zZg>}pi#KP(hIzw=Yx69s;=T?;t*H7yu|u;9^el>#K(pgOeuBUFSha7iihC7FFn8G5w{s`$qv$6BREo3~1Q>Psqm!W#A@LMr0 zOf#M1Kg2sKc;GZEWHu!11`SL>*}?|o8o4KYtr1kNW8*)oV#6#P2&-bNHf#qXBeE_` z!{ZYfp^C5$iz`H=yob{;y)rx@G{Sa3LYixvOkhJIV{Y%G?612Ae8vUXfNtJ=aJ1jNPE5xpubM1#WPQZQ!=OcQ*U z-71G1jKz@Q%j255dXO#lYOwy4%R^7}M5BYk{e#7!ay)9pMaOK+xu8UGz%d$AE<3bC z_Nv2_i>;CKO!xaj(L^xvqA_vkF{`TwQdGJavqMj$JGt9B{*o%hLdM!OzsJk9qteLc zOD}i0hJ7>7t6ML36FTEOC%w#;UKG#F12bTtG5f1A`m`~`#LXdtGb6J(#f-RDG&2M{ z$M{?{`K(Vzb2_}NCik?KhP2Gxl+X3EOuti5_PoewEJ}c^Mk~Wcx8g=y{6^jT&g3gl zV4P5Nv`8HkP5D#5S_?*b@iOQG%_}@Gjr2zW1W7;}NVY1-qPnz9E72O9wG#zKbX><8 zZO;~6yWhK)2qaQpB>qNwLrIk^MV4H(qLN3L{J@!niyp*4e<3#v4JQYE&|TEYhrGd@ zJ4-ShP3D5FC``d>tB0(7v90V%O$5u`+eNg*z@2PUC0)`*?9RsoMBDU1r#!vn>`Q1+ zF2H;)!F)D4EX>L}O#J)OpfprNRn+&3I_?BjSR748Gfiv|2b6=a)tpW{bj{a-&F`Gd zP-R9%WEorx$64hsMjg53Y)-p`PF3wo-;BHGTF`BiRR;AYGc6kU6u!&@Jp8oJX8^qX zyiVQAHzZwAaQzEqB^uj|QWcR}%`VLfuq?ZA^d-*p9$gaEUQsaH)rdSd{_>M@v?h0f$_0 zI!O`GTfMnaIWTOr8X6-{6mT3hjlQ#gU9b=sz_0i)#$o2}WTofTqmh>e(rK|vI% zy&12KC7&G-ejo&`*ob^U0n+GNq5)f1`mc1r11g{bI8YA%kOmx}hjfU9ydYb%)d;jz zTevWX7D$qRScW*@heL1;yJ%aPXNQ2EahcAeM9MOm8 zU4mGUj3Ur5&pq3;m5c0+2IeJ*!|ew~hy{M&1S*IEhv)}YP=YUj190dC_D!7r(1$0O z05RbQI#7|m;0HeVU5=234&VT@ZQuv43w$U5iKyTU9+2Suq{!Ocz$J$uU(_-+#!5Dp-=b^E6_^2II0F^X0Es|{GVl?Hh~O*uf)$tn22p4Q99Rc7P=*?&VJE3!bhwg!*o4LH2qn%4(1iUrOGG9DrwY@PJ*0kW7oCI}!lW*>;@ znAYHCF5Ay#;f74G9Kmg4hQn zaE*G-;HB7VujcCQc;I|!=xvaYG&zZ|-VQFQh=1sXxDM+KhKZrZhX^1I$hc!V_UMT? zL zS{g3hYfc5N5aL+qhvv{>Ob~5H$%uO9>dQES%3XmLU;^6>Yr{6%dNv0;Mr+;HZG0GI zg=hf=2nDzvh`Ofh%_xWi$ObYZGoS)1*aLbfU=YJvj@a6`sOHj` z=4;jmJa~gVn1Wb1U%ABs0ybdV4wAI)>LbvH&De(~7=+*+>#|+|k#GszR%_dU3Cx9V zxprrSrtYyugTe-B7Jmuq?&*2HZNfJ1!v@~;j+Lc-+NX{F+C|Z79g)~ineHs{)cK%5%R_d0vK}A z=8wdlB(ZIlCf{<~ppXvmZQ$kuHg;nqp5yJt4G>4}5;>6>P!Tad34d6I4)}p=@Ns-F z=+cm2MepMl$mB;j5ezx*i7yrS^D^U3VD4R z`S9`hlHVni?d4sC?=z;m0M;mC6TAc?SfA@Lj@vNX{D56K6 zc3^m;2OgwX`r>H^l>PUn=N)i}&?B|_tH=7R*ZQsJ`mXo-uLt|E7yGd%`?5Ftvq$^1 zSNpYR`?hy`FO&MXm;1S=`?|OLyT|*y*ZaNa`@Z-4y$ON97yQ8|{K7Z;1~YkC;s9$e&PT9bvgd!Xa43V{^VB| z=a>HJKYr*>7wX6U>~~u0M;Gn){^{rbbNT-9Xa4Xf7xG8{;y3?sN&of_{`D6Z_m}^s zh5vAwfBCO}a4CMRfJQ0;XF|SL&Xy)aL_!98aJN! z=kX)RkRnHtENSv2%9JWsvTW({CCr#IXVR=`^Cr%mI(PDn$x$Q5jiD5(8CdX!KUpVO zB+EF+AFHL9{4t~mG~>^WJ-2f0{_6EB*sx;9k}Yd?Y}SidErxnnk)Xk(7yBWiH_jr8 zWEHJi44T&B*}#Ga6E1A{Fyh2z{|@?xkls8(6vg-x1{bMPrt`G;n+3F=(ik}>HM6j8wPN9*Y0f9ymZ>HInL)xUsU6EAN3IP&DmVGFIu6k%LhV(1Aw zQG*^cyn1DeRx4bf^6=uvlP_bX{xypfFqj From dfea84cdac1df1baf9da72d91ce90da7895fe34a Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Mon, 18 Dec 2023 11:34:14 -0500 Subject: [PATCH 12/38] Delete images/CertStoreSettings-1.gif --- images/CertStoreSettings-1.gif | Bin 15043 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 images/CertStoreSettings-1.gif diff --git a/images/CertStoreSettings-1.gif b/images/CertStoreSettings-1.gif deleted file mode 100644 index 441d2f44a5804dc1efdc1918e98cd327e38f3fef..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 15043 zcmV;!Iy}WkNk%w1VL1Z(0e1iZA^8LW00000EC2ui067Bt0f+wp{{R30001xmJ8u9_ zPXJA&0C&a@08axQGz$e85Il?vX}BK%02(4m8dIPbf5$NZTPGI)7YB4D86zhkKsOgx zCnq-~Fk2@-XCGg$D|*8(FfTa^ay=s#IWdzzJR>|jJv=;WJwZ@8NufMXiaAfYJYt(X zcdj{p&O4CKLkn9yCnZKfenC@nKvI)KWPU~4SVBTzKYUqDqFGp1USD5XV|h_$t6XY`S#Z@`d#hguFJL2aV?JbI zPexs3qhXG^Vy4?^40LZ70Bu7bXG?=@SV3%WVPt>AY>kv{j;&^z#B8VKYqREU44iWj zLw6){Y$A+tJdbclOK@CTbZ3ut!uod?AACG(dqX>VKU0BKeS26#e0_6ylgE0UyLzhA zeYNU`05FFDO^+V{gefV7Gzo-iWQBdSfPsU7fuMzttc8-Zg{#Ym&Hj!IbdL;!k0OJN zFE@%QbdM^(9qM*`2N$8JJOL? z(~xr2m4nx+Y|yZP(Y~6|$gR=PyxiN|6- z?Ctc|y#3FP`q-xa=CJZN}Wozs@1DlvufSSwJXhgPw##6O17-ovuM+*UCY+&H-Tf@ z%AHHMuHCzM^X7ajRejGh%bsl$-zQ`-ZR4i-nzrxXz)RaBB&EvkmiR15nNo{4 z+~CloORtQNxRm0@lV4wc9A@w7;KTllzspbgcH{rFpYQ(i`}p_p<9k(qeab28*U=k( zF2BG3|5eeq-Fh{-M^ilQv=fh2{wT;+gAM{H;e<#DNMM2d-QX zvd4)3`16hr9vY#|A?$Hg-G?05u*WzQ=BT4j7V3v#UpMg+42?9#fTK_EfEW!+Npj!^ zOZKqnp&Tq4f#Od|da$HVQ4;B)2e|3;1qYezXy%zO^%!GJ2D-%0CLX%rOM>6H;$aL| z?v&-0U6$#OH5`mEjz9Rc!9f~A?dj8-9x8HDogN}8CYfkfx}$~pt=V3NGyUly8hQG2 z4hJW?gy4b){-Y>M@u2F@H2xe|$&x>)x};K`vnE(8lS;yLD@|P@>JmJqPFm(mzjm5u zvM(Xn4z89)I~k@I?gu1I_>3t7wEpA?PlsP((h@%%qQQ(09!U8iGWxKH%&0}S)8UgW z;REM~rT){;xgXjf?xZyCW-pET!qlY~G4*rrhx87N@0Cf8&`gKII_zP=@MJ+_8AnR% zabp77haYy%T{}~g$95WymmDDc54kj^OC-DQ!uw$i@;V9Sm_!j zG4TV5hgU%JlEOqj*=5g1Hu)iK)*OWJp`ag!omhDTq9>q_-f47gJ+S8#C1LeIp%tah& zkD-0Y1dqBlAaYzh>aeKDvoMdKxIf*nh{T9Zj&OO0nM29>KckMYrM)hT?R#L=RZHI# zn*P&fim-y+DXd7(3aAk;ci6kCz5dfTZvG4@tKrmxX)22G;0Tqccy_<#s=O+1@WLKa zaip=ldf(EhZD)BL`qT@W`*HU``}_ZQu}2(8<`V5Nr(}qc$*Tg@v7~hf2D~ta1bJa6 zL2<7otGZr_v^OHdEwFsKv6F|mKnM<$07r^ipa()BK?%wNM8*3DJ9eS5FNJALeqvsp z`c|fh9Z7}$ENtNm!NfHph$4mnOrl(LlbhT8D1kD8R}2fqvM-I}g7Mpu2D2Bd4$g~< zvVsW}Yg9uMqOez7tRe@RV-tJa%S!MAW1gt^Bp=RdNNQ}34$0M5SXreR_ z$>ETQltUq|I4_rE&|MqsV)UHk4_$Dec`jia8wYkm^QFj=97tp$k=T-c3`tONv?M02 zH>Nr=a8{rcB_em@4|d2xN=EvlE*}#}Q+g<6EwP6jkReBzV9}G-gJdzem%A-xl7q7v zRVP=Ky9Uz4AJkxDOBRSq9I~XEj`UD-?D)-B+Qc8>nA$ualjk7W8SlG|%!){Jl@eBdDyA4HL-rm3WUW(`!qECjdU70;brl5gIW$3szs zj}DcOobTiSM4=>6q7Abp@MEV+2jk9veC|U;z=OJ)(+?36ffu^~7u^~eOcqr^3_(*S zG`WXP53xWFGF4KOuHXxAh_I7g`YA$J#sLz9Vi$ObR7_s#AtK13jC5NX3Gk4HdoaU8 zBtWW%Y`{j47PYEZ&FZ0i$$=~2v_oxMsb2rm()6$|PRFUKm&7$mda(p*9zsHwus2km zzV$;MXpTS5>ZML1mIFvg5mjk4QZfD&M5%Dz*9Jvd$Z8X$n)MPyf94^=?)9~pQU04v z+R=<%Afg#-!bdY?5emp{vl+Z#Pd}Og3djw&894ICI*g&X6alw8@z`x|=V%O2G$S7D zFotjSMcnQFBf7Rl?rdv&2wr$MMeEpwDLTdv>7ExK+JzQ)Z)?qV7(*8Hg{^+?(%1d^ z_rGZAFMtP3;H(I^zz9yTQVy)(20Iui41TbLCv1}lQ~1IdW{HI}%;5)bxWgbu@P|W8 z;{T4g#3+94iBrsCcCNU^F!tk%V@%`U&A7%m_SjpT0mU5qc(31Z29JMCWEDHZWJON0 zE^n;lCijQQPLA?;pe*GoONYu<&hl@ttmQ7phRa?KvueOB<}#0l%w|qA{%6pv<~9RT zwlWd2oaapEI@|fqc+Rt)_sr)$`}xm+4z!>LP3S@!`p}3@w4xWy=tevG(RkhqoZU=m z;IO&Um{!cCGtFtiY`W8+*2||uP3pRgy2S*6w5nIl>Q)o_BojI{isQj!aoGCSxX!h% zcg^cw`})_w4z{p|P3&SD``Ek=@~-3~YZAxf8_15fw5Lt&YFqo-!v4mx;qw+f^tjT` z#Fy54p(x_q}m$E8NT=AGyj` zKJJpgr`a7&Im>5Gb7Z@G$|oRQ=ZMpoP?P;HY1BgAd~9#uHM(j!xjf z5L56)u$hsHUlSt)eYZ6?K+p$~13f$u?guBl&_PQeJw?PAMT?tm>viOz3%AyW-jRLv ztoK?ST7Y}pwSWq-lilpMw)_z)pNGQxIvXdzbvj@G4R$mm*zDkh>w8TM5UgGtxhK58 z4WVyaf5Q;DK0J6LJdYFLiXX6$f)o7Uk8C(02TwwW)XV-bqJF^Q22#*N3jVPVOXT1N zG}VM2rceo&<--NmTqotlQ4G}QS{-@7!42BpjV%nJ1z;x*+~5Q_Fa=tW3Z2Ieu+Vjw zhik8(1G;8<_@{r4(s|-gcC`l!A`k^+V1MF}4IX%F#n5$46LwP&2YTQHBESXS@C3au z1R_8Ly?}Lbw*@!=fa_ohQQ!n}deV79M&= zP=N;sdVQA;Sf`2NpoyKA4G@@nV`ppZUduviOBqhk>294hJX>-rx)B0Ct*~dxdw4RhNsnMhs>!31im^I#3CP#|zDw@a15J3OnHb6$FdJx z5D)pt67!G(`2a%Lpau$q8~xA6QB57-|x04!~in@l5 zQkRa&_hd)raW*jzs|1Ldr4MzWkE4KxX7CAkDGC6&8v|L8C~}YqDUc_S4dVxiujhfV z*OIojkszszjVY2>cMNw>1%^~IHxmzXVJn}!g8 z=a`0QnU(>EWI3UDF2fHcsSI=epfCA|hl}tJ^B{=b0+%dN4up6Ml81za3av19>yVUFDT>CodA4SHuRwUpsF)p@mAc2GvG;)Dcmg3B zc=LB_XvmJb=8n-JbVRotp`{OmU zZyAxlmUdD%byYWkVpxMX@B#rifJT>zSf_wE5Cv6WqLl}AMhA8hn15lafl)vRW~YD~ zh^GPyd}T_N`w7ZfT++7C`bmwSPUSb1K&WXar%s7 zmkvBho3Q|;V<4Qsr+ZH)sgyOxOQz9tUV{GB-p3MI-P8(X1$87 z;<|FQ8XPdkVc|Ni>Y8!oYH2wqX6d@F^6GHyx@GSgX7M_&`bu#1>Ko^pVfz}eBX_Ld znr8VXun6mL-_Q;O+inT_um#tz{(7%r7H$xGvGN9R0f!6)t7aC9u^>xs8tbj4Mr*|v zvM4KU$_60o*8Z_>mTImRvobrgtp;ln@)rEyvZc1OZ$@!E`?H?WvOqhuYjzK*ptD4q zv@AujO53!e_O3J=wNg8^R9m%Hd$m}bwOT7^l7_5K`?a3Nv|u~7ZSk*Ud$tfJwrIPy zWMQ^!`?fdXwjD+gLAJGad$*1TZ47&}YTISB77tJnWB2g4EZetP77yY;WQ6k{a!X-| zn`DdIu%ITfBu2Tjv13T$5BFdQFM+*h*0;?EE$Dy)TW|#v>j#m41ir9k2m!DGfqM@d5CGoW5(4}gZ}^BW;g%y(4w*H+{}6|G zD0%omhjv)MeE5jr33+p%h|(LtFowVdED#B7z%J3iL94d&SdYrkk4-QR1IZHPpavP7 zBIlu-PyTU8Hz5n3Coxyyo1cx+i!$GXW`xuvV3B)*zkeYCp zc$o@E%uY_cS16pqFfqoP@x0e*h!#x2;914q35VO6kXrl?IgG2bA`f9Ke>H}{EPTfP zyqgn4H$YPmTK`bKL(l~{a>I5khe(P9)j_02TE}f&6h% z*2$MayADRm1BS|P_PO9X%Awq5s{CKEJQ=2Zy{=5Morbz7rpvNX%L*2{N;bN<%xRsg zWW~&JhFfK`3|q@A8NRGwk6UDsJItLH%|15G)LhNZ0Jt&0!OCgwBvbC17AYE)L8*AHK&{p=bA)Wrx!#1+& z)+#0~WhkxEG7W4j&1^31urr<05qGmU-DwA_(?ETW>HKm%&1pe>)V{{DMg6)+-PG-< z)IQ79PVLmqOv@%axl>KmQ2o+Qmakb2vQ_QOOP#x4jnrYyOJm);Wqs6V?HJk?)nx5- zb{CG==98xQmA>|N(#EAjK&EKN2}o#b%n%3vcdhGS2dJkGPS6Jsc(_&!1?YKb zhu60@*oAFt+Ij<`_t%BD4ur6+joo#S?U7_@ifY%_V3!UXD0RPQYi->aZ_U+BmU6Sl zt<`4NAsKkR_L|1#4Wb};P5FU2K!e=S0(!R&rf_Sp(1FmP*up1*9{%W+yzO+B{fTm* zce0rZpq<<*>Djs0fVyJG#|aeQVtSgG6u)v#^7-#|;@N4wl#l zVCpExNd{kcg;^+t_Fa2lNs&>|0@Xc$E9ebcKn6tc3ka^@wkCu`sB513rDCwCl6cy; z$PH%a4W}@bl?MmAS9d?C2-TX%z;_2^u!F^V*r`a0Vmbw5&i>@A%weYEdAq-cqKcZ<((iJv%|cTkGhC=SlJi!%xiB3YvsINV_Qg<9Y! zUY_C1h~=+sim>p1ddCi>pa=@*kP0<<-XB7ryAwz>4~fisg9dz_;eeeSsS|1VSzjvCSCTRt2=JWVVfZ-QWqK zu#xl!fgj458%f=^wv|>%s-O4-#~_m2fRc4*lDCGTS(odk*a@hRlLHFogwB)M5RM6G z2XxI1NC*p^ihAcQp}9ugyMB^fo}4H-<=3j;dC;j<=$Ih@cI;3IrAY0!U8?*&+{Aus z-0-QPAb2eB)QlSs*)Zx!R_f4j+`drmV|R6n>gqlCmBl%ZhdQ9PE|S@>oVIxiMHk_| z{(%f%nW(@Crg@tP&IRUO2d7{MYdQoV0Dz_7dR}?{3Iy17AQ0i_%?(+Y@z0QylWCiY z@bbx-nccvHxTX$c@O$aLqV@-pET4qo{-P7#oYr04UPVV9ZXnC(}$c_|n1T@TwINTF`Z4JGL8lx=}${_X;r=TjNpx(4h2X?(SJ2cJFY z+|cPa-`SEbmB6NZ1W$Alyp-WNA%l`mU;?T8i8t0y;^j{{5Aw zst2QLf?Wp#{eIwEAa$Ls*@?QSnmzhaAgG#ZsAvaus-5#RXoXQwfNtvc%UIe+f9Y%5 zrvHrtIDmPB*V<8l3F!a=#6NaDe&hPRs*C ziZnX!#88Md$*ECkNy?2{|Mu0<6XnLJdRs(Xk@<5B5{Tt;G#TfQTa+y_Qtq>qgKa-e zdZai(Yqm<9!YNm-ZQE7zX3iX$Uj79gTJ&hrrJZK&oLV*4uOo^2Q-*e;SvCG{WpZ05 z+FP7r<Bk@agm8F)4t^Y@)-sWqMwjy#fy1jV5dKPcJT!pHS&pJr~%zd zjy9Nx8RfqGaC5Ii4<|}5L=i_Mk)aPyWUsZb44dtxv+`--6B$3Lg}7*qW)tK;~cqqIPKph1H{;HozNEl~H6d*e5xly8RhNKfGchIu2pIEB!WDHglo1&ILD;%^* zw-N)DtVw@0N~A}JCALwJfJN4$N|R-_SxJR0Hd<-XJJwliDO&bgZMO|C9%rnaHe7M7 z`o@_2^DV~;-uIph-)7P(}TPewUqiAYwtWtU%ud0m!crnzRD zZ;lu~oOkBAXP>?P()nkhhbEfnnTzJxA8o{Vf(T6hd1uen;KAdGC-(3aqkb9*DkFck z!RZ_sDvBCuvm-kC?3#ZDO)vjM(D{OYmDe<>#i~KCzwC~$r@^@)h;@1!eM@= z1Yh4Fq3RK$`3Ik>ZNQCj$9w9>l^~kXV^4mn4kELhl-T>9ei)IXiQ+)d44y2WsN##T ztu`VhbE?223mNXQ#s(JrC|mL;C>I>+Aex5!aGniUUgf^ipeXT_rhy(Goa_-|9O?a` z{vT`jvKxiIal^-rhUR z4j<=hp3VN4m%x+t%}f)Cn>nEOwNQ9t4FZIS1pDELphRsSP>{(q*as2msgG-J0U<<0 z7&pC%FegHghXmWlzdx0Yf)*5DKOljLz%dYJ3-n>hN+^*Crr~-2fX5Fo_zw+okc24E zhX+70MNo)tAEYxOPNGP~DzcDk!QcWFMG?aZ`mJv@6kjl)mqZLI4G%6TT@YOcL^*|$(M@i_;yz^e4!ps{c4g#WNv-sjS^-`vsx3L7D#)%;ShLGVjwejyv{`q4=lKvuc&4*dfCo;W!=?a3aGq{^J}rKtkDC`N~*|PZm~FrYT=WM{WKrCMtYjH^m92QjYU* z`ly4|%Fsh|wzDYQbZ0!}X-as`)1LP{Ts`r*Pk#PPpZx@AKx6h#ffm%DB_rrT6}nK1 zC6u8Lh3LT+I53J<)S?%~Xht=(>F`f3*r&7AS3BGCwDxSTg{_BVOIzNK#d+_cL*WyE^mK}wBV8i8+=g-B65Tj;Oqkqe=7-4{t?}X z!ZjT*xG#3Ki{9=oBpWBFiZ?_d5N;45!`aBe6WGg*7WhIO>oCPYU_l1{`{ow}eIQ6N z?AzM`7ml+;Q3iq`QkT2PLmzO6!V8oH7cPuLA8|-B0)fLEH6TVVh0+BGa!?C$OlAv6 zTIiy>F$571;TW@sf)g;z4Hw*Z9e3!1I`V*n8_1U(cOb(QP{E8S41omfCB_uejA8D2 zw;TO!L4Zl@1QBq-8(JU(5q@##C?r}S{2js-GHj4^m>9oe7|t))(FzoiQ zzgm!QyuCZ`Q=1#z+l2*uUCfSBC_)`7zOy0TTjv+YArq2zNUG5E@=8tYvFgX*7uCBsd5QyKm8=eToE3{jTb+-Zy>1eY+ zbY5tIc*7Hjm<5QlE0BX9qr2Pyu{fxU34+-B;46+gby4w(Qmez$1}QN#vT@z3v%?P8 z6$dxg3k&VmTxHdBt}7#d4OEx{h7xLpwzVh!K4*vsRv+Sjux3K zl-kf>u`k$B3GE&{)IiVh&^runRIsDn>E3YDyPJ&`82-ZahByV3C2e&T*SqwmM+GOU zaQZ_~nhTre?kVhmgFb_x1*j-RsdMiH-VXr;l9o7$|7`J#2eH5%@y9Yaw2vnsgC_i_ z15Wbs>rw4P48}fW;Thw{mp_~F7@9WC?Q3sw==|+b05Ll#@$GOE9rN{8`ntu@?suo+ z;4XHEf?z%N`akukH~sqt03FOCSWm_y=qd0X2v@^qV|{2$?LFg_`oO#{x5>)1}9*FP!k9$?62@*hgsk~J=?BW z7=rRTuLo>Bao{r?m;wb9hYEx{ZUC?hoVB5OzT66r-O9i|go-;9nmp9Q@8Cl}G(?5~ zM1SJIK_tXObi}DhM4u5vMof)De8fu}h)C?2Nu)&1utZF}L`__tMeIaH0mV~<6uT=$ z@Ib{@L z$cY3lgQUodBrS`?NQ!uuav8{v1WAFh5`&>9joe6x@RoSEhf=(Ulq^YyJjsZN2XTl- zag0cl#K@U6N1MFGn4E}S94w&38Hr@bb{I!w42hofNr=Ekb-V|fbUvJboJg~5Dz%&=w1h~u{3*Cp8L@Ohq~M25;Ri|( zowd}6YuJH`;0Hk1%Zl*Jnv%Dfsj%JVte^>>yh)&!D zt8XySu$Ysd$c%b8fi{5%mUFpr7*8JYyS>v93M0^n08st(kNDhyd{6*mtA-t*Oo(s? z0|1~;5QV}VP?wrclQGZ(Es6jczaeW-O%R=sLp;EkQ0uEu;J{E9m52?6hCW%0(IAPC0l_})`!yh?42D3*o$grwL3lNKPb>hkhu97a)Tr*i*wSP#Imy zh{#Quz|&Rq(~tqwSY3*V*atfR0T3{O+oZ%>1({scRfr(g3{@*EJ=T9nRy18!Sk={M z%~a=O)?*D+M$FbgyjERp%5!|mSKZcyG)i?$N^6zYX;nvR?HFTiR-M#Foz<^9Vmfy*odW0h?UriEmn%P z*o?&(ch%UA-B^sJ2!s{cktNxZHQAFz*?l=FkoDM>T^Npa*_dS*n3dU@Wfuc|Mw`{y zcCiwy+}WQ+mc)F>j!fC2?Z=T^Dz~Iaeq~9Qyh)!uNqfabd~Ha2MM$Z=*M*HNrF}?t zg($DxSgs{kt&PQVty+EkR&xy3sD#>!wA#~p+no_wdj#9BW_<#%G5EBi6Imm}!{Z$6o0el$U70`j(v{N;Ohb{Qr&^4W60D%>N0m$hG z;1yoT;fGQP-rGGJ#BCVGMYad?8g`1Xy&(q>Krjd8h|6`SNFfIe_)lzjiF~L4VeteBLp)+2OQV}yqGYwxD2*{2-ti9XvnfHiwJTs13N$q z^6U>B!Qd^>fx!^rE~AVX=!p>aBPJ8p=2;ISg`{z)hQ-VW4oIGB5T$*{0?6?PQt1AJ zRjA(r9vnX5(|H(ybWl?bmC}9a0R-Y=1Y*xDE}98`*$P(7oKQBg=!tn?5$*h7?#PYe z$UZ=kuoPB5fU-D%Us#1R7y}S! zfbPs^%4K3m$7NrfX1_b!k2&iPYz=B1f2qR^OB>2@25CER|R8w_}ATTzV*6AWu(~t{M zwIO4Lf!-D=3(9rlKB?n38B>*j(qjJLGqHo4;D0fPO z<$djxK-JAX)j&u9*kuu<8ET0#W1`^R&bsb?>h7D(?v6l*92j0k{O)}^Z*=Kfc}(wn zYVU1X?{|Ffd7AHZ32(nWT*S)RW{q3Q>hGKB+5djWwAIG7J=(k$8iVGZ#W-wgiP>t zT<{U+@O30`aLw?ot@DH2^T8VQmf3P(tZ#ct^klKC{XW)3mnTREmH^jRN$*}dFLZOX z^mf{GNjY>}?DTO8^_a@;eqe^>Dz02!OpUlpjlhTFBHW8OQ4@XAeURy2rD{&NZ8WHl z00<|4knLZE0i3vo27uj{xP~mI%`Ez6{k`ElEgF#-{l8RfOezyh{hD?RTrq% zn)P`oU$^jq+w^Pnl??#>-;{t2T6T*~8PID8fJXjSi6tfX9&R2(`0#r$grCIp6&Z?i z1~xrtvJH*`yoh1jgo$h*3^R$o95_vTV9j`Fj46nQcOVSgBr?1p;Uyz@eCKqGIMI5b zfaxpuh$vD2@aBAw0C1oKm(~Xrh@*I~0v`Cwl;4Mw_aQ?FfDL%ed)R;g=yzHD_t#L* z;Ly9bXbY_V2X^=k%5@M<+0Hp2If(cMc^FSk;E=2ThjRE!UYld{RC@Flc>INEH(Xp;p&1^#Y$3BIdP)pl=@7l03-_j{L!;A{X9xP)@w zhnDsa2#5wYwG$BdfVYqLcOC$6_}Oh1Ot4}^v!v2b`W3yFA(LNDEHh)Ujl$@)R&{d zC;X5tellsbGr{(+Mo*_V(;5T_HUIwklUI;nt5Nx4$m_QW*}sM3{>@84(IUS(5c3fk zx9`owfg(qeENSv2%9JWsvTW({B}!*0-5L0&kH?OG`+S5Phz}yaL2CT1$~n+o0eRRI zL>oAd!?*pR(Zng{_6EB*sv_`ZP;+nq)f4D*Ro~%?cTj_VEZwPB4x@i zs~`uW!x5#+xQYYG3G`R&hLkHFElH8mMIOINEucLlXs(K8JJ*x0W$a?gw`z>A%zJ}SfP3jVz?oPE?w9mi1U3IVs{#ncp`}Mp}69F zDzaFfi7(2Spg3pEcw>0}_lSezcro($qkZwj10<2C30dTJJ|ekfc_T9UBuP#}`I3@T zTB%w*J6^eEN#YF2CKcI_iy}l6oqt zsYdvgIGU>ZDy*>zSSfh2+IlOl>zVq`q`mt3E3m-|J1nuq8hb3V$tt@nv(5hM(yqBm zJ1w=|Wm+w^*=h^zwcC38t+&yFJ1)7Rid!za>C$74k5O z(nREZg5d{aZjd-P1@9l%$bl0&kb!#;BLW)`NI5|8f%BOVg=9#|Kls6hMW9253YbXt ztYe4(m}MYj2>|mt=e(5cBMa5jNe#&Gfd-r+g%+U+KmH&E5KKUQvx!In(9r<|FeD#L z009OdQjZm&afDzQViEsw#3T-cbp&$VKgdD5ek5cexWk4T9I_E81m*;|Q-(kUvk#3# z{-h)GIKem!h(LW1P$c}wg9y&hn|aWX9rAeO9}`Kt#?7H0lpq~HII+RKLu{K_+*ITAY#2#VSLTKw&vf|&B@RFDRs7CQ@;(@3bg&Z0nia_x32~iZICPBQ;28bBcI4aTpJS?e) z51#nNs>}w9fY8cp##zpq%;R(fA;m9NfrRU^rI|w&7_W{tx0i^oFpj$jIsiJqPq6h9 z$jInLD3VYEF7$P#L#0cisYjOZT-YM$+S{} z5U-`HfI(XmLDSdx036iQhYD)pk7W3CnK=q75y2W(qprlITbT$`dE!*4@a`MFY%1A*C@CTrQ^xdWF3!CiBRf`ilLq@2Au&)sNH7t7U{fSZ%}G-Yz>lX&$0I#x3Q}%c z6MfjADgGGJm*#=Pu9ii$tG$_yn3fXc@@^o?@XSE$0f)w@4z8SOUuZ@XSF30NxV4ML z7NUSSzW4<&a5W5K6l0SyU{Hhq$c6}{a0yrH#1c7>LT>UTU*hF40XNNt1whaOtu%)s z0sxL-T0jUUlombMLCZ+;0p4=#z?2(d$UH_#j8bZXbQb;xB8zI01~Xv;7f_vtxf0uP z%(le-z{Uhb5Qn7XqXR#z#~E>Rk8BV}1b*$Rjc*LH8tFJchyLa2*yzb1?V!{uCUpnx zl;H<~M(3aIj&Th($42_AO$5; zL!?#FL@A_#D1|))&{pxYD{yB=+uCSz|eLsKF7v2L^skV3L z?s=Ej-up%Ox)Z+e)H%E16JL15E57kkXT0Mh&vD30zVd9_)!#F(`OR~_^Pc}a=tG|` zZgJi6ra%2aD3AKpw@dY`e?7Te5Bu3~OZK$CJ+*9)``zD4_q_l8t5_9t;1fSxv>JZ# zlMgQ6E5G@dV!rdE|Ea-CzxvvOzV)*|_tI;>`_sa{_rp&l@Qc6vrJ}z1({C>HtH1r5 zBES3NzajX`zy1)Szy0&yI`-?o|4`?@|NWdP1OW#WpaC8r0w$mWE+7Lo-~k4KDVW3n zIv@pBpan7@1bzkn1)!{$f(=|C2!>z<+CT*Uj)Vt_APT170g|9sY#;~13IVF145DBV zkVFj5AP!n!4PuHjAm0m)O%4X31(Jji7GVRnpfhma4=SAzHemu1p%X?S2ecpnE+O4W zVH83k78)THDxnpg+!i*W7KULEcA*b`Vat$V5ssl6&Y&5hA=78FoFSQf-u7!gLvS9+205agtJ-~wx6ktx^LnU$mA_hYN z{=hiALjfuRAL0TKEFucrgCJ7i9pd57i6B6ogAaH>El?r{q`^SI0|x+=HO3=279dB8ggJcULSl*+He}YMAQYs+M1Ue8LV`PTKtUEH2Owk$f+RKe zVgdqzKl;Ev?qW(R0qIb~C%Pm88f7jjq$=9v8R8_m%pf5~f@%1JM)rd*kY!PFV?ByQ z1LC709^h2?gb$>o4>03D$o|7S5F;oaq*^BAOEMrsdL`S4U>f*?A9?^X@WZgBVkzQc zLcJqaHljT)ATi=Y9U!AT*h6AwVmt-|T?!@cSfk}+qd#n8Hx?jGZl$%{q+q6D2zr1o z@L?{f<4Ce&I?5wV;+jW-AX5HeB+Ah`AlNznp+9~mGXBF}isE|>Lrf0DOpXLT93fY> z=DXD)4)&&X*5qn-C3SvFcCO_>e5VQqW_RX{cpl|so+ockXL$mldVXYjzNdClNfovy zxya{wvL${FA$!^<(d;LG>L-APV}JUmYYwP%3MhguAbA>SyDVseh9`tFXn{H?!`$G6 z8sH9!1cqiP2W%*P*RrOCj>`#pC_p602Z?kS)4sh|ES zpa!a-4l1D*s-Ye#q9&@MF6yF+1DUERq(-WwPAa8Vs-<2kre><9ZYrmCs;7P`sD`Sj Zjw-2^s;QnTs-~){t}3gxDy9Ym06SNZcX Date: Mon, 18 Dec 2023 11:34:24 -0500 Subject: [PATCH 13/38] Delete images/CertStoreSettings-2.gif --- images/CertStoreSettings-2.gif | Bin 19517 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 images/CertStoreSettings-2.gif diff --git a/images/CertStoreSettings-2.gif b/images/CertStoreSettings-2.gif deleted file mode 100644 index eac6177ef929325db435d5b9f0522742b7fbe7d0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 19517 zcmV({K+?ZQNk%w1VL$=`0(SraA^8LW00000EC2ui06+o)0*C(q|0M@WDlLF83Sl`6 zaXJsZJUc!~CVn_DmN!1PI!l^3O3gV}t2|tKIaj+mXV*Ppm^^T^ICtATd#yW=&p4jt zLP}~xZNWZq(L0L7NeyB~5kf{nUrSF{Pg`_GX0lLa)J=P>Pmah?Hhoh|NKRReS#pd} zddgCs;9FZ(_abY7Tmhre=|#B`g_ zdJ1HGE^>N2XL~KW_@F$cy(`jdwqO}aC?W6fR&?rld*oJ(0;7cdb8_< zAzOewJB4Feg?e;?fSZJbtAxk*iVSgn49R~IlZqokiYai9D#eUKR)GCQ1B#F=C~ znq5_!VQraWiI{khopxTCe|(#txthJxoyF&(405I`E2Jtyp($3WEODhl%BN0LrdK_s za#W{`WTT9Gp^J*Cl$fHRqN%sjttn@&Im)S3a;;p1s9&+KV{@!(%Bgs1tbCEKd$zBc zjjNl#t*)}Fw4AQY+^^U7xGy=jY>BaSJh6LGwSH%|dwaNminWVRv!=1RDsjFtP`WvC zx>kz3l3Ko$WxJDsz>$-^qkFr$yT8E0ywl;s=Jvr&alu+#!fkQIajeRAcgTv4#gIG2 zo_EKilESF2$FPXWvy;fVrq9r@)i*-RZI9HLzRaFw%%q&os(Z}L$aD8dsO9Lti0a0j<;1_~)wJQ|=J9uU?TU%*m6!0f^6bOy?%Buh=ho}&?e|t!^S-n8 z()aq~w);Xt_-k(WpP%{9jrq`|{M*d_{{9I50JjMoNU)$maDj9cM5xf9!-o(fN}Ncs zqQ#3CGit1O3(3ZhASZ&W1t(-iWDQNKgb1#Z$U&qQ!dywy;WI2XbLz~({Vj%brcUw(Z-v8?%E3F<0*2z=I1PPQ1AB25 zjwh8?+C!$7Wdj2aEm{L89R7xV!ziF%Fp5N>n5oKYX0nzFC=N2N!>A#g7He!`o<a+)>_OCuGstu=na(|#_qu2-Y_em zF_6M7DbAGIgR?NeYS^Tej(oAdKNmvs(U!_c4?EMB)i+Z3(6ju2Sfr_j5?d3uFqwdNcW^-fU?&>k4 zBhTZE6P+vm#$eG197839Ejeyo2= ztynfk$KVE$+aNxC@=(4Ol%H};&W1@FCf9lYk=d|V;*L^#te-I zq6lLcDWy6UB1U0LyBG=!qrwe}ZB&5*L-i6y#0%m;jG}PGBrMgt!)SvNN86PU-H4c8 z5$kOkRO71fs7F3ljt7M3qZB8}qz@^^Ly|Pi?-=7eEOy9TzWUWJ%y<|ynoyA`oZLK4 z;k}ft!)J^G)Tu_et5t>)X`XCM4?#CbRz?g+I9nkG8^+38cJ3QKYt#-Y$xQWZaxuM1 zf@6kugD+U~nqP1VDGg)F&RsB-QM+L57E?5@L2Z`mx*!a&dCk#9#+Kq5s&!+YMy68lTq%n8wp(%1Fba-8E-HQ zM71TmQ+|_;lk=SSGKG*r5YjL-q$8_}`maKL!wo5OUfX&VJ0Y@zY^zbnpE$@;r2>qH zSRI=?Nrp3%(e$m`vFS|%WzAW6vsz#f1ttEJyrlAwQD10-A<}r%ib_pjg8G6FS*0o% zfFT#Skc2Gb)T_V}3$Z#Nge!aqvc$kIP&}v=E-R{oHk1vsiXE-nT>8;)X_m9<%>Jt@ z{)9ug+Lk(U?T`;sM9iWmxSc;Nz9*7MTur8KdQ^iTRFpy^VO7%;{tgTWv z@Y+1EraI)7D!Yd%>%|}!sEE<6Qa-({dZm+F#()DCt{{XcdZ!InP=XN3p%^aaOS)o& zA{XqK2QKnU4{W$XyZe>Wd+!Ti#MGA(qS!`#8+ynu4l3m;TX{-UzOt69{NycrImli9vY2rk<}sUDy=6YL{+el;<~6&S znQeZvoE;dVuWZ9Be#x_*_sr)$`}xm+4z!>LP3S_Cg*Rv64L$zB=tevG(U6X`q$f@3 zN?ZEUn9j7OH_hozd-~I$4z;L9P3lsc`qZdSwW?Q5k2{y;&Wm2PtY=N@THE^8xX!h% zcg^cw`+Cy!;LUY@P3&SD``E}%wz8MaY-1a#+0c%*w5Lt&YFqo-ntnF6x6SQtd;8nq z4!5MWE$(ug``qYGx4K15?sdES-SCdLyr-Q-E%1UH z{NMVG@KJ=zL{pqDf z`VB^5@|&OB<&$PQq~{?JcAWcS42yTHp-y&vBi-sa$9mTLjcK+kLo32y@KAD{>4 zUk`1&!~F_`0S7TaZwOPDp75V;{p$ZgkISC``mkSo<7xiSeRQ8a=aYX(9&&MMV8C6P zj}H6?hhO;@MjGs1mvpP+^!~8R-~N-v2NC3+cYG{C0f_f#@z-cvH-KB`e$V%41xRTN zNPwv~ebi@wtcQR95PNC|f8CdX-WGXD7k304_I#ad&+(cmj>~4PNMXDQAJymxFOfcN!Rn)5d{D z_i}7UX~w4qm1caQcL9qg4{6wUdiW1A7ghH^NI%_enJhj!pM zZg)6o<`;>32zLyi3zc_yzUU8XfB-@B59@$}s#u7pqKqg=iN@yxUN;XvNB}*UiJj+& ze~^mUhYv!adX8W(~9=!C$yXn~iGtoMVR7kkKP7&&MN|MYgJ z;&o+Mg4fc9aOZLsn296!583bnazKj?iEL8ma#BZpjK*{_xQ&x$cfQDI>Cl9g=XJ4W zeh#o`GMJG6V19#_iC0K{m)C=_H;9b3{tn^zdaZ1uAoPY2ZJgXj(9m~twS%KQuXm)v&mG^*7IhWKog>sh%fvK6Y$A>zQ zj9l58zE*Nq_h>ek1Kam#Au@iJ_LIMemTK9KC(GRd7O>bk%kC&erSE^CzRCwS)CVvnrhdXObMDXD4IbDcO%euNV%E+K$_>Lm9F`o zvxafR$8lykmb)lvX^D-y*>h>>i@k_-k0_j?Nt{C2na-(~t4IJhPy`IxphmEXdHH)A zDQSl}or^aD4Vs~4^LyP%nS+;~7@DCBiUr=unJ5^ZMJbnN7=k~rX!OvD=_z}O=qGUp zf$({w(Z+Pu2X_$4kx{UD>}a8w_oc}0ASz>lCXG` zSgQt0Y?SASfe3fo*sJ|Xu5Orlsp_GzmJZ1ZcO{USdy07~NNE?9g>SfMmO7OSivR&w zd2I=I%zB0RQ2w$3_^xCMtbL~oPq_}+ig|1Lq!-JuvwE;T8*%q(Y4cDFlaNd` z>Ocu#AU;T2366HQu8_8C%X-D&3S(Qgjn=k=pm9^XwUeN>L(8}Hpbfr}i1lT+?)kHh zJ8KC`Z1lhi5SpKY`M8*ixphW<)E2CHM64K@xuWZ{W>F*6wvLzwhNHW>q#Lx+HneR} z1aI58tXsRS8M(HbyShtjxVyW)`@5vpyTCiV#G7rdTfE4dyqqSy%GATy}%2- z(p$Z`{!6{qo4uopz1rKoj?2B?8@{y)zT#WHHyR?kz`5qTzP3xg?EAj77$V@HzVKVW z-}?~rYrp#Yv+_&7`}@B*>b?Lxz)cq-h2XygoWKq#zzW>JBgeoF9KjU_!4h1-4oATj zoWTc&!5ZAb07rR-7Q!Mt!X#Y6CVavuoWgREX&mgqE}U;I{K7IUZ!tW>HoR^%e8W0y zZaKWeKKyMx48I1W!bB_==P13K`@@jN4!HmgfWbUa9K}*R#Z+9yR(!=+oW)wa#auiX zP7GktTe=AB!%W=8W_-qIoW^Rr#)ARI%^Sq!yBlmg$8=oBcC5vTtGsY5zS45Xe*DM& zfV{?IJiW(j!*>?Qh@8lZOvSvR$Avt@U9rfLJjs9z7>@jbO5Dekyvdv_$d^1GN?ehh zJj$fZ#e?j-d+fcMT*|E6%20gDyPL}0yUMOy%cKm;x+}}tOUt(0%an}E*ZasGOA9G5 z111oqqJ|DPX8<>6qoT{pPz(*XU;`bH0ww@GXuOc5aK+z%2RG*d??MX`V8+S71ceaA z#9#v{&;dN43s;;C$d?RF5Y8Q70$qRwfDFv-E6kH73?eY5Za}-BMh|t+vj+>!Ui=6U z(8oZP#@cMf*)Rj<7!AkZ0&pPCq^MD3=U~?8AkxW1ZI6!y=t#PP;m;9gr^neCbkOCxt zm-wL0C1B7Qh|tlH4K8rbQ49@&&;cai1A~zbUC;p>usjq!10CQ2Pml!tC4LyhoT7VDB z{SOq54^CjV1xdn@BjSBdD)g>_Bd3mWB^ppa-bH19`CL{)9je7(SITkPI-e3;fUk zd%owTAmSvRa^nyIvjF42&Eg_J4u*c{RLy->?cQPi0y{3{KCS@sE#yS*-`d;>i$$ z3JrO5x;+jrZ5TC;m-K)NIRN9y&1hby=tj8Wc76aZN8FWn-1so)+J3%PoC?A|7`HG2 zq|ge|P2JFd2H2g|+8qttZRDgd3v-RQP#n<{UD0744e+ksJ`m+o?(Xib>4U-1+YAjK zeGKm271FZnBhBCDOzHrx>kxp&Y;NFEEa%Tm=aDA<51ruG$INKYP|dja=Zr=U959GG zmjp*Q;@#eJ!Vm$8SO-l_0wnsRO^^aP00-!9#pztlCh+iG{ncUp1Y~X2$AH#3(A|5@ z+0~5LQQXZpH}ug^*Gmu9T~7jkJ@I|r0f24m%|p#8(9X@{*C~K}SDp+{U;&~)<{5w4 zXPwrCz|}e6@izzO44&-xVQtmk?2%5ofQ$=+f$+Xu%1%thBA>as+-dzV)3J8=2Mx$> zz0MQe_?{p6noIH>Y}KA$`gRQZk30F+OZukY`kwr}qOZZM@A|ZF#;AY4nEb=DU;DhD z#kbGDv7f=a-}}T5`GTJyq5Kb#T>Q+h#g_gI`?>GKhur+sZ^exa{h*xu!(aWq|NFon z{baoT-0%8%jQz@<{QpqKEnU8Z z8B^v=nl)|S#A!37%7Qt4{sbCS=uo0XjRM`ta~sQ}O`Sf48dd64suPp)WLj10R<2#W zeg(Vm>PoA*%$`M?R_$80ZQZ_w8&~dJx^?Z|#hX{}UcP<({skOZ@L zjU7LRyb*EF$dxT$#++H|?5VCj)5h&_ zTeQNxeg9?~ZCmcIwuv9-$SxN&XwjTMhaO$}bn4ZuU&o$Z`*!Zundf4MT&r>MiaY`j{3jOx7i6$O2YEx#D9+4^ zkic#BdoV){H^dH_;VKl$KoHA|215={L{Y=$Mhr?s7LQXfMHy#g(7qREa`8soVx+N0 zAK9}}N0@RHQZ^ocL^8?if-JHnBAaCGNF}GF5<)0xdh*KDq^z<_ADPs0B+d!}vmttD zNnr*PN+F3JIGggu98V9##| zd5&9eF*P6y=(^#cSw_{Bj#=owS)-C@l6fKvdhNv*-sf~pRxg^ujPfDYjPsO8Xbn}Gn^WSYnV8bLZB!Ox?C@Su>ONeDL@R6ICTPpkdRCSwlZ zfbJF&Ixqnl7l6?77*?Zp4o?zvz;?Q9Uf44m7)GI+Q7ojh8*fsO5v31*84ZEbM|?&? zX{McS0*IBLU9=C#8HLU4)tQSbR8MLUtzD37sDTMfN0_YB6yLt3s1;)DuC2&y(*~QRwHG|>pL?}FvVGt$DD-|*ZVFgG~s}&(& z)B>AOKaYF?J+eR$_K7(2%@&g>g=o~M`Ejq`b8!ZZlzhrRX zd(ZHe94|$;0QxHx5QxsZ$VbHqSW$h>aUkRp8I5OH(1;|-5=HRA1wEjG2YJ9GA?RVk z5yl`HFxUk@8h}YmmLiA=v7PXq00a=Guwy+m87E;#4@;6#laD;ek(hP9LO|mYWPE|& zr2gleDxxY|z5M0Y*hsfNJ;MT1faVn5pt2OeL45$EMFXNag-Z0n1kwD$C^%&T=rHOH zTSJ2hc+|7oKPXcdGPR*vWy`_XP7e#>JnAYP{5wl z$EXyX@reQSLHlAF4fUbod*R#KsS1dT=vAlX$j4z6jgeYg z=AP&ojagW=oC1uNHgv(jXgF|h#+bpZoP$=iR`8$*1&Kl(B9BhYAfL2*Mmlf6{w7Y^ zj94SgSPGILJRf>ghSZo7KA=zqFSr1fKP0Tl@|uFZ!qug{?1TrrV1qL@BVCJHTGQ@j zOlV|wv*OD^*7gLbV{{>%l{*FrEZ{d-*);`MC=n#m$u>$E3Q>y6YTInk0T0+~s#+Bw zzSL?!btx{N`D@(bqR|Zl7@$)~pssZ}wOq@=wIg!%?qay)CGw`|g5ed52G5ILs*Jb1 z@72(H*_%uC&et;Tg>QaqWM7Sdm%m%VuYLvGANkJLzyGaDfCs!_AR+i7oDoHV9b6Oz zGuXo1kuZ7>JmIKR_`)Av5{ENLpA3r_C?x`Mio3HS6GvpjEk4SHR6OJU?05*q5P9*9 zDNJJ?SEt0`&9RP$f}S21**O9dvO^~H<0RLF$VR4de45M<(=d6;Gf@t6p#0(Qu=L6a zs_&P#vK!!(+029yj+m(&W;M6j%{dA3o8>&`{<4|QcgAx_;+$tb_nE#V_H&>GEfN2o z+0chZbfOi#Xht{M(T_Ith?QdHL04MGd$x3@r;KS$clySh_H?K@3~EuAn!ltrb*h1E zXH~bU4KFxAtYtlGTF;sQZSZodjl^nQha?J7hz2_(I&5MWd)VxV#;ws?7u-ZA|gfp~y!iX+rp9@b21gP226=LwCgXZOi zMaM<|p^f5+j&upZ#}h2@xe>~p?mOT5m%Aqg zVg@NZNaG)mcajIoEvgXTST&q1_bFZpvLxNVE@v{oHSV z@JaW-gJ3v^V+eX6gVy7`0OUOqqcmsRw}IVZjdWZs8 ztF&3br7N0cagFiv^Mhua)Z;pENYqzC4_O?se9pPWi4^hA2NkjxB#?__~Q zK+VrAMbb3S^Q6VoL``KFf&thDsoV(Hu#Ax7Co=8-cFo!Cg z(mlT~HVA+rcu~)U1u&RS0w@4vp$A}?z{nGW ze{%rPp@(Z|fmg*SF|faXFb5F$hjRG0RsDw6^9KUhRdbNQV)eIG1qK3$13H<9Ojy-~ zcm@ezJWN9UCcn&_TPk(g|afnoG$Om}chWg~!dJx!XAXslOScI+5E#*>|AUvj% zxlN^qPUToKtpYqC(F5>>Qq{_Oa0g!aH#tyN0#Mmg+y#GN0s`29ZK#8m1-MesRsw*N zWq8@I1G|6V1)S|Wq1D-c@P(9JS!T7?Y9IgvFa&X6R)CWLdUyo_NPw4}R&nq*ZncE5 zL{s)G*BR~9Ve1I_9MC&$hkbPp9o>etJlnc_PmjdQ5@C+C4F~2xN^6J)Y{1dH-CG=m z$v#C&e)U_v9nfe9+zpjXbd8CNZMvt6x}94Xs(TnHfD=KJD2~W!ZTcg8=;pU}ynAfJPKmhE4c`ur*iBtyqjO+eInVyKN4?ti*R%l)*i=xush? z^uq8`?t;Q z)HkRF5>)`vHG$9FfJQ*md2mp0rfq>#WH4*IiP$-@brC{74!BnEN9ey}Ggh)Ih+NA6ow7%P1I3Na3 zRe(_#0v@0QQu2Z!=!FVahAoJLl{Lj9&;^V#gVpu7W7S7Jpoc?H_*R;I(KOdtb$L{V56gf8F#kgbBxO=2bXH;_2CDW+TJ(4Z>b!6JR) z^W9?W(4gv=MKh-#ZEPZYv9-jK!z>w0Z<^*2p)nH zMNxfF(NkQ2oik(?zFmLt*%W35diaJz&e`3yhjI21o#K;KW+d1HC z$>A%$mR#maOGOc&hfEj%1SkY&&;TSL1`Q}t6F}ksIDk#yh6<*}VBH0C(8m;VRX~2^ z6xLdQ109ro zKw<`FCL&Qh-)z6+Q*^=dW$gDqsVd4gdw91T+W$vxWn*p>u%Jl0Jd_{z&>~h_JGT`cv>`FFeMX}`LGO%8;J!|9!N9l&^+EMTJ zcJCb2iON(sS;X%0-tO)eNl6Cpz7tFQ-pVrAfbvG@S9A&WF1O_lzG3qRX!ObVp6>Xr zZV$x9`nKN9^zUdy-Tfwj^!!=?7w`dx#mM+c?BoiL^t5fH@UY!XKHh@RTu~RT;6w;; z>&5PCgba#w2VyI6`98RQO!0CJPn_;%uXIxsg;N>_acnI9342_}gIH3dWV&;VUUQHK zXhckecyfeT@SMB{R03jg;K_X*OrebOeVFnp-`6f@MjpR6lKk;cHB%us$$+e2Qy^C) zKW}X$31g&7bo>Xn3{1y-#)QmB$y7*VEcC{7M7gZTa$LxE7*52TheD4_LB~mjtVw-1 z^ou-1HkY@PMCkG!)eDctoZd(A)@@Nwa()~MO03SEeDwx>NaUnWiHg$WlulXK!P#tw zgyqS!jCI|7NV}}{zN`nFF!4_N$~Py|`>x>cjzv_LUJu7}1ujW&)OFkxc8Q`++muap zsE2rv%?Qo*1*J>kZ0>gGb^jdqZJ*BO^mcXtcX9rwhX`fjL5%PW98G2~QD;X}XjerI zFwG91@vyD&lf?E6CAJ9t(I5>{fdF?&ZPbsH#&eMOwB6U695&b-P(ba`wsv@ih4^~t z(~mSxzV2)7RKoM*cM|pY@yu{kgz+~m_;Nk?uT1U+{ZWZRP>4U+fE5V7m3T;%RQgbd zv~^GkRreAxS%Fy8w*7gL-v*&~`jfx+@AC9_Tho^R&K3XK76-T@AI~E<_*DnX@ifE5m^?@_YNXv)|`?cG5vW)57y z1yK+MN`QRJ&VyCp>}_@jj7L#!SOrqb1OCW&d{JP0Eu&=}*NS7KO}vy%wsqTg4Scxo z(cLKA`2B(G6b3v_Y^(xk^TDNlT{_6EB*ry{!vP%jrSH_D23rg}8?jhWU5hqf#h*2ZQ zp=0TV?W>jS%)mR!ya@hH)eoM-=wIg=hup@DNV*6X?EZpAu-JAO=CvQWyAb1`r3{5kaK(x+3e zZv8s;?Ao_;@9zCO`0W|TlfP)5G{GuUy!=6U+MzN;bLP+4gT~90Dh2ZhG~b&1c;N{+ zAamvUcOZfZDtO+42a47pgbM;VAXLchq#SJ-YPcbX9YU6vS=GGtUPH>5Lf;&SsECLu zru4!JHbE7~mxr9~bt8`cIqJA0k3IS*n}!zJBnpN#8hIp=Np3inI_;2H;)y7($f7CA zSZO6U;>-i2l9~PZC78z57G{qf=As~TU8=bzn{8f2k38d6GZ*z+>p4^w^WnJ#1D-D5#-|dgMI&%t>cL z+%#fC3az@@1RZ?(smy8a*fZ*8A|+~-NcHTq7fY31ifc-r5_>GN$!lK>z^@JTU&j0dG(Szs@SsLcR?<{BXQj>64HoibKd0)`=}DWioU_Y3|HE-Y9@my~J}XG zGuoF1Uj7d|>g02dIr+o`?3kOzqy3HbIPduNxa*#7Seti#ezLKv--05nn|}HL@ykEI z{HU|A`qx{iKXz5%@AY@?tcMus!DD=iA=x&n7mop2s(B!(o;ScDJdX&jaORL((xNv# z2?{Sq+Cy6hN5Vak5YU1C(;Risr$S}zZ*1&iT^RtzHTu!8hVeTc3ruk}Sm>{X59^-+ z$MUzbRIefMcn9=qBBum8QD@UvmPY&Zba4PlRTf&~%qh%cxF z{&0aa`CAn8;fq2KM!}fBmtB4ihBmyw)(&<^@Etq}nKhz;4UC;~k|9GSG%%`B zj)GH@pzIb$NZCbq_#|V{P~|zSkq>cnL{4L22Lv@q(`YPl8zGxy7uykyYBJIOm2%|D zKKrRu4*e5eqPvvst=)CQ|Q+k+QNsu~G~t zB^BpKw;?y2Xi{Wj^#)9#A&yhkV}b9KWG4AKNsq`ZA@6YOJ&QUiuOzi4DB7kzz^iZgv8c^%^EApz+C1*sBwu#FxGAg)e^F`;otT!@mCUoUeZOo6oH@ zmL=q%KuPe?1U=BEvX{kds5Hx2czG7I{(#pG{!tA%T$lh(kki-7Ft7nwK@wS004277 zgllMEex)!6ytMF-W$eNqzU{kOm6@z-@&Z8F!asuQEU<$oLVx? zx`|C+3cQj7n*z(*HSzySvHV+JYk0CBs~0UMZL7pRbNKSmH-YGmLa&*;DmdcYTQ zG@uJVpa(5FkOMDR7Q*SfmyZchVGhHq0K2e<9PFWpg}#Ryz5bBlh}{4R=E@HX>S%G3 zhdW{4mIDR<2(qjF(SlUN%g4kPa)(_F<6W2|4&YD%0Se)a76^>Qk-#+zvfHnAa06Zy z_-v{r@DFL+%gn?tP+iO_?EK|(6D$-A`fB5_#eQ4Hiqd@4bS@G0`ySD z06w6Loex3-0YEV&@?hNnKtK|SaF4Srfen9{A=R#){&1Pk8xtM98{T(*_r94Dn49jT z?!m#4E&+ZOau^`8aH!2O+>neI&;u1opwT?gfZPN#eiNg}z{4FK2FlYz;HW6AgHe7g zl~b7IwK2!U`qhh02+RbLAlUo}po2>I&J1xNvb>0E5_2$25A-;M?-#-J+@FN^LKf{3 zN-+;JbXgq)XtEAM5shzbA$}$J0wpHF0s)A<3SIa^%u%I?T)_S9?KU%+Zq)De=cw*J zn)hwke{!wpStSCun4kZFju-?t8(pvfanXY@bU_L1g2IV{rrCipWI*F>-oP=Q=Yd|S zi5{+K*3!WX1<->fghJ{$3pbdK2@Hb3@Bk?OcpX(O06jEA%f-uPCEJZ19W(q^v%%dA zx}dzQpm*^FNzjAvJ>LK%z&6mr{2+iRJOYVLLLLkO_XR>P(AsI#L)ds$HJl&%$)6Qo z;f}1|6;?+5rNsT!1{x3-KJXtql!Swo;XjPS$5Dd;ST&(E~P6TO`uMFX)0Zv{(p0!yg2I4~PONYybi1M;8Qu25dt3JxMsc zgFP$(74ph}Wy)iONlIWL_E_O@2%i2`eBnQ&0~Az&7cky4v`P+?0;sjh4Fp#|Z~$@f z!vSdGGmroY_`s&!A*hkSsOjMzf=a&J9*B8hBM6KDSOFdc0128P62y}_C_%8j+?YUO zX_Z9KO_+@F0=yWTvNhXDES=D8BD}0%vN24v%>yTtp-61o4t#`1*g}g%KrYlmz+3?( zG(o@&KoJarFR+g5#2thIUYB&?JJuvt+)HXX%ghxM{WO(N+KW|b&HcFKyojE;tO-rp zq*6Wwy=cI!g&3}B4ORUlRRX0A;gAmX3lGW8QYuMOb|qMG_Pa4Kb~oQll((P%ifBLYU1s%Rt%Y zZJH;3evWh!j9ZdOF~+A;xMxkkCxG@7J$z?e)Msw5qFeDz3sQJ$QsqJnE0? z>91CX`pwAxvHruWE-SnEshr)LvwF#mOlz}FtFol1o)Rjyb}M%Js<$Rfj)W_@ZpO8i zE4rpDSe~o8wyV3M9J{`&yw0l~#VftuE50_3z2+;w_A9RJtG@=Uz^Vzr4y?f*>|uf{ z!Y(YsW=O#{EW}3a94V~CR;V(S*?#mLcNic3zpsnJ9tmFQ} z%3j-KnZD4~%GUV|oq<8HCZxH|% zKwc(%mq|QBg^|rwKrZHP?9`~+6e55jfMSmQ18=DtyXBxg_}0^XPU_YR3d(~MxEwuz zq9)32Xf5CD@>XaCLkl2)HZsB_%1iGy%;COg@P6&oQ~=V+%iHO}mnGXmIvw-WbVsD-A%DsZ`p6%tfZ^?>{?r8%cP?*y(FOGrkaQ@YA zx-@Up?63U3TD|ly0UrVZa9ACR!vVuDDa!8$r*FQj?|@41)Q$}e(B3C@uo>7d3LJfEf&-4)C2)Ncy5>Z!(_eiv#HxZ3>yOzapT?# z3i?BLiJ3jr*z4+8%b}q1rtm)m10a^~AWyLatMBh#aUBb<)F1#UK%OQrG7Hvka7C}~ zmIMexj0n%m>gpgiWY`pzBCK^70h~Z2+b-mtLMpEtAeY1i+6xV9XeX;}{@)hz-)=G; z7qiMvZsm6DGBfi8A2Z)3^Bm``G^eaHQ*(_*b2ewOHCMCYDl;~JbI5LUICpb7oAbw_ z^Eh8~;IcEwYOT|9?Mcux(%LgT+XTwW^T#%=(?TuN9&JD`?b-TQMltKfy9yL?b20cKkP^f8BPxX-m zD^y>IoDzsuZ#7qUwO4;NSckP(k2P7BwOOAvS`Ubmwy83 zH+YA)c#k)jST}i}H+rYHde`>JdiHw1H+;vpd{Z{d%9nf3H-6{0e($$ioA+KsH-HDY zfDbr<7r22RID&gMW_ve(H@Jg8IE0Ude@8flSGa|9_k{jmxQ1^yhqE_>cQ}ZLxQL^6 zhL5<3pE!#9b&01qc!NfQgEdDSwu`?wSI4+|uQ-cqH*l9Kbr<)O0``t?>u~#cdgFMG zUpH-w0T2xD^EYnmb&`Mgl8d*IAGvZjxsv~QUQ@Y~TRD_}xRgWrjqmk+dpUVWd6)b4 zlaKdf-}RY;cbbPcnU^_lPd9n@HD1ekc+>foPX?U3xsZo9JA}Dh=R%)z_n(hBm+!fD z1NxZfwW7PZq3b!KWB7YF`dd@_cUwAkzj>s`Hl|-Xqks8$Yx<_QcBe~vXM=j4C&#EK z`lNq)kw3bsr(ZXGT3fF}A;{l6)WQ@SthGf*QG z_y9Z5LKcWbI_SVItOI`VfB|*`4-A47cziZMK@K1RJA6a5@PIDR1IQ186&Qg5&Vwra z9H^Q5UKj%qNWm4b!^@BS%8olg#Ls)pn)M6L)jN#=f!(o=Rx5S1v{jG z0W7>oc)Jyr`Z_?|NUQ@BPyw}%0@r^UvdcpqOhFEiz{Rfv3^aWN7{d%$z|%`(4#<5v z*gy_=fYn=}-KPNF>pkDogWn%FxPMx?7fvS_g42gYGi1R$0D?BALlpQt#e*7h0sA_v zLDS28H~7Fd&^&UjgUpYFJm5hNxIxR)13K)!Ht2px&_eH<`#f0xJp6%e&4VB)J=4=e z?9cig+AeC?(laZ)=&`TF%S3!Ao;;3Y~ z4#qB(5!e-^Cr?c&l{ldNF+^|ONRAvUPE2|cp~s_7p+=QDHP<$)SFbvi+U*CuW^fMD zGBmG~A$)6grAtX~-l|eu4}PTwx7*rzstm!Uhpq>^W=R&#L&nC(Hn9oyer@YhrH^!d z!x~!G#^z&oT-SkNdU$GQ&!0gz)Vffoupn$v$(fg$o-i#3*WuV@I_^MJS%^|1bjzU5 z&{2~{oTza0Z-&JgeyfR)rcK(-UDom0y!p+X2GLD8IPVXsK1i4vrx)BJaq;KTKdp)t zEApdo<1wJj9h`I`r-2Mhndg`;JQzy69f#}D$1Q(bk3Fk^)CfMX*}n^jNtE0dY;K)EreFFa-AY}LC1%Sw7Kj}x#F9L9qxvjM-a)@?54sW z<^hDUHo44{OCUu=t;Cp`5n;PFX=AGoAPhQPYGV%2LaNjG00T@c6oj(RpgI z6*unkr~(q)RMNpFdO-e6M~5~`GO)TLTgu=iBx7`fRVEEu=Z0h3#1tKz&WklXj9x7_ zDlgfKCQOIMj4Ui;5Bi3UDW)jI&A7l?2MS~5m4XLd?u88sD-i+*6e*^t!YE^anBt0U z`eUnChizJC-YW1IYM6%en3O0y=zU{cb4dn`Q-f#|vKbOY9j1dEiWsR>f;eb&7!xAt z!c~$f5-lOME*d6_c?wjiLL}ItB@RZ5wTTvDk=5uKAZ+l!-XWbk4LWJ1YtiYKy}&7* z8A?dYh8%JLYnT+!Ciu#cn<`mu(W0r_?z*>GcW#Cv+}rQJKhqoVSGD3SGj^TTK}A#~1YBmOY~; zy>#0()x162dG8%`&VBC^F{IgQ^R6k@N_0^`j>U(KA`GlO_$`5-9xC0lvR?b`spsCu z(THjI3xM~^!Af4~yxtHM+}f>Gfx_0D6Xgc^lvX z510$MArLC;;9o=5ajTIjkbzTiUq1C{3A4RjzV}sAT0UVHr#Pxl%NbwB;>vnM+;nl9#>o{&0Ny?I$&2;AUX!%TOPLrDDie@#jnN4km=9=5|<~PCFkxhn^oaHQMH_e$& zb;c5%>vZQkM@c_*!IPf#EM+e4b~h~Alb`*pWIO#CP=THhpaV7NK?7J&gf5h!+EZx$ zLm?Vb(LGe66}9NxD0)$iZj^fC^lu5(*>0fT%?^>QRxJRHZJJsYW$ID1tiFrcRZrRaNR!3D{Dg zZq+lPxPeu{8dj>_0ICV`s#wvQR-=-&Gd|@iP^GF?xr)^Y3W@7n@k-UYQe~2yeCtm0 z8rZ5TM6iWrYFh)j&%ZAAD28<`QVIK5$-R32I5$QTZthz;N4|E}2Y&e0ar;!JDVK9_a5S0e}fx&RML6LcQLI%>Mh%*Kv z3##^ZbHH7#SO?+^C*Xh-*WfO(vH^pERD-B8*o8V|u#I5I)w)LA0Xx9a1{fTH9oIPT zE-o_O@UjIEFeq;~Vqge%6l1?M;)H^Y8sGWyRkilLtXR83U89y)9b>UWdA|#T(*z^I z3+An9mpYaXAN9e^*oAV!t0;M-;lmHMuu*%QVtUATs`TBRi!m!!8jOS;+BmL&=@E

a;fax$|(YQBNb?ojAeMPM`t6F5~1<`%Il(HSG!4Ihc$|t+;6}e27u|t zdEt=WMX}f6e;yA-)bZ@p4*K73-K}iN{c^Ob+J`OQs>~T2{&SpzmF9}IIZt;!?n(!J z%`1=g&w)zxqPJG*Jn#3Fkq-2xTUFvyhwRf=9d(>qeXu&`dQyA-Tdgzn>wzA6*_Rsj zu>%(EY4>{DiK_Os-}J6FsBF)USSfs%QP{edl`E&z^L$ zr~U0KXM5c5es8+x{qN1?d*Ba$Q&)sW9EqQN(Xr!$J**q@l^^}Tu>)^cj0QB2nSJeV zpZneS{`bKje({f={Ck8(46m4e^{=1(?RWqC;U9lv`OlyJ^|$~1@t=SF@1Otu_y7L^ zFaQN`012=F4e$UFFaZ^C0U59X9q<7mFajlT0x7TpE${*{FatGk139n*J@5lTFa$+# g1WB+2P4EO!Fa=d`1zE5KUGN2AFa~9?{Q?32J0^pcTmS$7 From 79924f1bb764a15ad23223a6a63ea3090bf8ab4c Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Mon, 18 Dec 2023 11:36:01 -0500 Subject: [PATCH 14/38] Delete images/RemoveCertifcateMapEntry.gif --- images/RemoveCertifcateMapEntry.gif | Bin 13844 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 images/RemoveCertifcateMapEntry.gif diff --git a/images/RemoveCertifcateMapEntry.gif b/images/RemoveCertifcateMapEntry.gif deleted file mode 100644 index 7f99d85fc160e5c6f0da6051c0196d87a07a5f17..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 13844 zcmV+vHtWepNk%w1VXFd|0e1iZA^8LW00000EC2ui0ILF+0f+wp{{R30001fg06zc# zga;!(03ureFMb0@XaG*70AGgye8vR;6$lj?00&nMJAn^Zp#x{O6bMZhFMk_2L={4l z7a?LJD>oki0wN(tAXS`T6BV2d6!y-x>=9RU8>z}2`yqM0BSuXUrb43VwPfcxnzQ=W3%#WEOKo^ zK53uPZ>8gHv*dagPi-#=aXgT4Np^2iLUm+fb!UukY)x>Bk#@!Xc|bdMJ#c$}d3%YQ ze2lPrpwNc^1%&`jiYhaHBXWo(0E#~Wfl)hxy5@<*@sAA3i!U9JEoq84Z;L`3jYx5e zW=@cHm5z^(jjia4t<91@SCvyBk6S&DVR?*vXOWDmmyeH?mzS8T&XvpNkk9>}KscdS zAe@0&mJD*GLCU320HR2Pq+&;>ZbGJtlBAr5rJA9qxYDN1?Wa?6tzvShUxTW9RIG?^ zu9H))nsBeEv8}d~tla#wV;Z+|I<g~YC#&yO$8lvBsA zuh7xd&F1#i`Tf(4kkgSo*_?&br*PGzn%BIf)4aXe#k1GV!`a*3(BHSz{?OT!#NDS= z->qldtEb+(huh1Y-r(isrA_6qk>e{vMxpM8!o$J!Y@aEj_@b&q|hxE#-`Qpd$ z`}_XVkNx1J``@wt_QC$|*8cq8{{Qs;{{9I50M!W`NU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*({VjlQu28w(Z-vbL-yCyZ2k#zJm)NPQ1AB^{i1M4Xkt~&oCsK2t|yC*#pTWmG$$BiGQHthc%(~^GuB;MuFppOg7n9 zi2sae;*=@mKxA+BFk+$#oovRUi&T~v284Y1!%PY~u;mXjDX3t}KmKU5B_AaoBAA(I zlDQW@u7p`)8~6CbP6{;W;^d)-{x;xUQnuk>HPJXCrk=M6nt}(m-1FdOEtbedH4aiE zX$pY)g=d;@%1Hx}{j`#T6#n zEQ#*IdFBg-8i}M0$GBAwiG6^X!XNVVS)!G0`O}TdD)8tn$#3=3rw%Ie^P`DeTnQIE zND_Jsn@2>mh6)kiyd{rq@uTGzqo#m{I>VR<vs0*_Tp|KJtYlGPYJcR zVUGEa)vZ%`gR`X*YV=&FQ>i-ZCbm80+uzDfW!up{i~mc?tgEibC;kIuhA{755O|%hbWA z6fEx_z5@f1W>lwn{OE!r`<68lhqiy%;}ZOXOFzQ#BO0tC9P`^1sP2)$4R(!m$jjM0 z>@ljM-9t|PcY_PNa5WciAy9!LY~ZCP;UK?NsT%l#n>FOo4ca+M9V@$=@3;^+dHl$8 zE6c$#$i@v4xj`OI%mEZJNFvYu;~r(STwK^?qA0AQTAJz_0v}Yve{hg=G2|5u+sGC; z(ux&{;{xGshKT<;ayX+Sf*mG_q(k(pR8^CdowA6dR;5r_*FaqX-I6$<%}RBbyhj$h zlr|6W4sUQ%(fokc7Ev;?Lr8`d>nF)T6!H_QmHIWDzTAxyOo+^X+kX}D~q~TmDFxLZp%Ks3x(^{b-c6{8=d3L`!p~pqr%pX5x-;C4W@w zk@)`P&FK6DMiQlg761k49#SwSXx7qI#sj4;DK;pQu?tp~a+9}I;D>zUm{UK@(|je)kw4=@cB zO_7%ai_!vxAe4(dqJhHumD8hm11U!6>zvZ(TwO$XaRH}xyCq;wU{{Lu~YR@H`qqYJMUPQ{%l{woLQU?rAF zugGhs2{Z9Z>dLaO`U2vb0Su_^!VbnIh8>|GIOY=RKpiby9BIo8Ssh;kf8U}kd!b1@ zH`4bEA=T1OtG3otJ$j<=;*VZYuD13Vj!aIdp=KxNIKga)I%oJwDt zHZ@{Ki=rbb{)=gwQ>f!KjZQ`2>j})d_XOipp*gDRwYxAiEs=idhdCKRm87T3C z8niey-r@n!Q{Uqow15OHhykIy6QiEq$h%wkPWYPfJrjAS)ZJ;}^W%9#6_D3^xEQY{ zz-xZ*w8(tf@P2B4@O>3jrN-gyau0BbH50_(>fZxD_`<9Hd8QBj7&*T=(pT;Fjt_n0 zYX*4Ot0VEHfBYChp9$mJg&%;2gdbLqQfjE8@o;+l@bUiU`OSyk`J{|K>`zYj@`H%i z=1;%+*Dn_+vH$(>zpeY@PyhOdZvOVqzy6zq|NZ;_{{hl}062gII3EI7fC!j?=W&1v z*nke09Srz@5;%e6fqoQtff(p97MOt?*n!9qfgTuwBDfkLID#g4f}T-=D7b#sPdbo#t*oRYMhjxgEemIDPScrxgCjNj}hk|&BjM#{d=!S`yhKu-!lvs(D zh=`Ghg_C%RoY;wnn2DOWhIrwLq*#iB2#Qy@iKe)UtVoBbIEAX%in2J1Tlk8wD2jKn zg)DFl$iM^lP(FxY4_{^tWHS$CWDE5$CCF$ZzPJmB;16WedbG2P(fC8c^9SlcHuCTa z)EJH0;EQDAN3C!O;Yc>|04uuyj?st=%lIn97%Q_yI?2cb^Pnd8&=0%tKG7HtHKGEN zKsFNc3glQw_rQ-vFh;R*4kV(E;@FL3qYeHDklUC%wg`o>SR%XFi-D31B@&EO04wqE zG@gSE?N}lu*^C}(LDs+zgOHJaq5_C;{trj;0<6Ffqri(((u@}LRwUw*DbS2MX(G!A zk|KEz*pLD%@M!%Y3PPETCh3$^!UO(*4OBpr3Yh{v2{iGbC0(FORG^c~V-HP$lgv1k zRmloh=_eKWgcpgGyy%Pg;wr(&1iB!MR8o>DaFX}njCQ$`?BJ8i^NUmhm_NCf9mx+& z>61Wdm`%9?b(u6Jq6Ge+4A%IRP3b2-FqL8Alb*nmCL)=<5R{0(4~amQC6bv(*@bJ# zgl(CTzSs*q8H{6DK9^aWg~^xwSeFiY58LpW{=f@^`DoF&4PeQWZpkLMsg7jBj`gsM zv{@pKX%9?b3;a+cC8>|*Xd)~A5F-Wo3MS%`N$GVgz?;P>mcmIk+pwK)6c64>k*kS> zt@)OF2`lv=o7eE1c?p&I$&7oMl5J9#V~Lzp0-C`opoJNZ6M38^vY5M|jLmtUVd9H& zBALi}o%%^7P{0Yn!VMUSli@ifxbUAZ#N zD5!)vsVPvYkZB@gN~V+H7ia3C(`KAf@Q%hv1=x8H$Pkg{SPCi7Nc*TIyV;vtf{of( zqSZ*8hWP@R+LL6dq_x?q#mEgsdZdLZC)Wv$**R?x1dRy_mPm~}3WVvpuJF2w?TW5tS{Lzpuj@LmJov8o+OL(UuRF-E{yMOX z2(Up|uXI7M3fqYWdxHYIun@b44QqoB8?hD}hZ9?a6??H9YlaysgLEJRC_o^5(Xl4m zhaVe*)-Vs-K>o5R`?6hy7V_Y-Fk7?#V}&-Gv+^OcG^?{dizqAGvOhbti4w9SOSDMK ze+ZkjOsgL_+q6)-A4?mxRQn!JTeVor99NsQTq` z$(t+7OD6uX4N0H{U~moD;01MH21h_yzMBN+g$`z*1zxZRy08y&pd#_xx%P0t=LILY zU?=%N1cp)$KJX4jPzPF21hN#lX0TKJKnZ-X1w-I2{a^}1fWVNO1Sd=;0bB=%(7EXA z3Hz`Ie4qtMFup9M1w(KK}p6n1e*pY!f*via0vTL!~e^< z0-P-LU9c!*2r05E8$~{13@|4fqhs&8!4(@wv_X%-hTl zmVitcJigf6%u~R*#^V;{O9{xV%-fwC6$ zKqUA81>TG*|J)B5>=yLEy8hq|_YlAQK+m;oU;@24rjW|A+aQ??NpGuE(LnwOM=%fR z8_h~AzWNZn!R*WJyE&Q*%l|OJZxGXjvkdC24^J=-u22g-0L#|Pxo_Yz=T*_Ji_^8F zxhcHVq3qIaLCriI!8uJt+Kj!h?9(C=ylwHhQQa2wa0It&4xo!S;)}k>1k?Zw&GHPo zO&!5r9VKAh4~}rbN=?>1;JQ2f4+Ran+B*(;jZ)E&3C0k?+UyETUDG*@19}&~_%KSr zoYdIM({NJPB`q8;xDR^J3AmunNWISZPy?HA+MB=%?EBOYjMX|_+Nhn{q+|-TfChw3 z)PSAVvrGwifZCie*URkDQVk){Yt=YSziqMAh62mD@CCljJYr1=QvQ9`X}!*DEg}w0 zyX=38XQ+Tpu3Z9_N zlrX-m?7A9mEpWnB0FE1*Y~KtVG21W%T95{Bz0Ohc2uZL7{%)keNq`3q><_{)1Y3X! z7@p^QK5F@Z1#dzRHDD+tez`Ne1!*usDPA+daK>$nNmUKa`alOs;01+M`(Ow} za11HF#anO&n)k#}e2*$j#GL-u`#S_?VCP5P7WrTXI4};Y&cCg$c{8j9t_H=FZs`+a z4nr^nfnDmw9zJyt37DYFr_RBXUg>Vp$6K%kYkchwtmltx(-YIjiGB~3jLB`TwgOHp zR)*H=-hyj;AN1hJ7aZ>=IPdtr?|7l_{QmEA;qL%H@ORkm1b^^@A@B(Q?+U;0``+*l zAMX$!@ohfw6u;RPfAN`|@fv@;9N+PZ`|%)OxFSFP@_ze*YGD>Ce-)r&^6+W!ZZWv( zP>Co$LkNQEPz~m>MmWE(Fu(KYQ4RO>^Arp7j_VysZ}jhQiyudxPC z^y)DWJU{g^$bgig9`~^HTJM2e?;crwV*AB6_5_Sxa~Yd?W#uO4t8_f^>T zbwLjVpzegx52PTOw-5oJli;0E_jccab1xTq&-a7j_u_01mG=+pkO1<_7>0lN37GhC zvH0tN0FMv@Bl`$200M6U3<~fFE`S5ZKnE=l0zq>MGT;IUwGBWZ1745?;tUK6@DIH! z107Jn@6ZAbz`^?~12KRDjK3FrQ1tV_2XOvz`IujTnhzJ8ZvfFm3J(xUq(B1y01VmR z4}_orp+pF3;19QuJo)RJ{kdEL$&VL&5C9)gEdVj^ zLjXSi4E`&2P~k#`4IMs&7*XOxiWMzh#F$azMvfglegqj({zm8&7MV@RxR0-^SoAkyYOYqnN6GKWD1m?02zH_NYK@Dsobg1a?tI;|->n`r-Ld-j&VsFf`JCWh z(2vm6-T!3HF85$Izf~dyW^E|l`F{TW{r?A$Ip|n|h&r0AYYjV}nBwP@3uM57Jb$(U zLIy9gK<^)Ts*s@w#s1N!3<^A%u)-M*87U=)^b4>>7hi-iMj0m>@FEsxBoId(cjU20 zA3>|pq8opNXh{+l;6h;?SI@8aw|4G*Bt=geV+!)Kn)NK^JAT(HUuh zR8BdGoYYZEFU1rsLLpMe&olMRG*nSX-E31%J@vAhLrG<|RaZ?i6(YCPndi+X@0mxP zV)lHsS6_dvDAtI=siqiXk3}|FWtU~PS!bVxHdrnzRD zZ^k+2l^^aiC0ix_20G|K6`rSBp^rwo&Vq|hx@o8R{1+ospQgI%DD$P&YOS|EGT(4` zC#QUI$}h*|bk$LZT%yufhn?%x zW2asA*7K}Acd=)mNFIz=)yN-tfPd&7V#A@yALKC_o*~~=)kvP@K~kQ0>CM(X`;T~s zh@V`96Ap~oGU5l6DI#iz4DbzLMIS2=xyYYoM6lI+@B=tve24m><`{o)slYYh;RL=s zfG81(2QmJzrx1OR!2sm>2R}$L0IO)vg4??tL|(@be>6h?ZBWNO(1C?F7{ni7!_`9W z@uu>f&mi(JTLUWq9(Pni1mbv~3BlHoTFviG9sHm=`mv25!0#WmQlUK>p@e(XV-@$9 zh6b(?k0%<0A3sClKgU=PAn3T~kbM+l z1ZL|;GcXW<0kq*B_Nat#4A2P>1(E?VctADGcaLrSAOH*yp9#w$0q~p=MDNSv9{UJI z5nSVccT8UZ1ONm28KjPPJP1wdp}qiUz#969gA4?a1>y9d85)p> zxT6YTm`6LTfTDl+BOCGoM1M>aUp-{p)N5D~8N|(j7UJA4=&7 z#yAu~6{;{q1;lX$`0-Lwrygg1QDvUaUp1|PD)g`ARw zl{muu=F^BURAMsu5CUQq%UJUr69roUusSO`$x8l%Chj|gd?VNh&Vm#d(FLs!O=(A4 z-NQT-0Pq&lu-ewX_M@?#Z3v8ETM)$ot+1e^Z{LA|{|0!tWe~$L1JDEhcm%EFFOoyIDSW0uh8m48kND(M^AR zOV|%KA0$L#uty;rz>0j>_?FQGMRcd@ zoP(Az)wttbj)u4$?U63cb(o|OD%ffD26o-;*WShZz;rD6+iA7j#D?!i`2rN@xZY>!1G-= zY#wx*E97}9f8p;cI=y~W!y3(ldbNV?b5$+xdN-e*2@UlVt{9IdL{~@84Q%zQhkfRs zEur$L^+Mu}ymL}+$ge%(4|8lF31--Cuj)tvEx^FwZZ{oXMdA;4KtTL{S$zyq8U07SqA{1OFZzz3uf2ZX>0yb}Uc2m_?R46MMCy9f-_zz-x6 z2?W6roDmTu!4tF+3p@x9M8OtJK@Pkd7nDIJQ9*-X!5PFscB#RCU>pDQ!5;*|AQZwO zB*G#z!Xre&Bt#a^*_F0%!Y72nD3rn}q{1q+{=zH7!YtInE#$&3^ujL$!!Q)XF(kt> zG{ZAQ!!%UGHDtp!G(*zC3^$a+Ii$lnw8J~Z!#vc(J>hM1(lS zRb<6hbj4SM#a2wkPmIM{w8dM*#az_IGn_>#w3wL##$Xi2VI;<4G{$?Pm0eWEWn{)? zbVe-fMJY^1M4ZNFw8m@1#%w&rXpF+INknhd#&8tJaU{n>`!M9QSpMA2zUlZ3)}xXF3whGUQinsmZ= zCUf5j08!oln1k{N{gfhi7d*ZVavo+%*C8Tx6~DR97KA2N`}Ias0>Y^{LIT7%3>Hx&J@kI2+PkD$&V~e zfK<)k6wcv%Le_-LNIc7@B+ZAk%&UaS!h1;0#K@TR%aN4Lp*&2NB+l*R&eJqblZ#B? zbk4bq$YZffm~2kY)JTrJN}e1_!%WETl+XE8%J1yJe>BQ(q|g22&w{ki7!1$+L`1ag z&jK~jY|NO}Bv3wF&;xbQ2i3*@^v3{=PyK|@3&l`nl+eP#&k7yT3Pm#JWfx<(H`~Dqjbw~Xw4rb(jsL?bpVIa z*-=$A(k6A%atw!PSpJ0}ebOqm(p(IOXE+8bz0xlAQdZ2;EnQM2B-1iA(=$cWG*#0z zWz+l%hi;hCG5yjxrBhc#QY8gX%jxZ~7MCDl^(MIFsk9^K9wHPuRF)jmZQ zIbGFOHN{uu(@>4PQC&=1rBz1c)jGx10@T&E0EblI13s7pi_FQV1BdM7!kqL>d!U7} z#6oHHOo-HzMy%0zFxEbxRx`{=(fL*?wANnrP%8|~lxquW-~@H>ohJ>}3mjH?5Qe^( zfh&-K8t5$|{x}A7xPms&LU_OeM0mnrkO5(83uk~3XN^LEJ%lF|h8gGtZM{N&m4PAX ziz5h!T(GGzG+4-xfg^BMdoTomby#!NPAqH(eEoyA$OU1F*oke@cwNC^-G-3;$aY|Z zFxUoum4{;R%X{j^WE5C}bwYzZk(40Wg*8bO9iEgpSwl$)tgJ?5;~`RMB||h8oa?lyHV2cvy%8N0K#JEO=O~rBzn_ScIL2m!-&Jm`1xL zTNb5R8`RaUt$}Nu2Xo-plXV9}=!+VdSa`UCEx=cawOAPdgK7NOj%y(ASGR1$)Iz(hXf&$%PuYgTuYt zBDmJHUE7HI*Xy#^LvRN@=nEV$2Go7sx4l~|Y}_N51=!tNVOrgXga&-Y+^3V>84%qN zjn!0TQgStfj(tMKJqCxh2UDm4fr?mwyMh|v1ZpsZ9RP<|kbyL~PPCnY;bjHGy#voh zhb@={aDaswIN)5Efl2s=P~d{ot$|74U+-nz{N3OF9i{-T2L8=lJ#0{mEdov;Ohd@v za0rGO@PlHQg@4^!8Tf)6V}l(i25{ioqC{SZ6b83-h9cNYL%@Nwx&k7`U=0T0UakJo zZE#z6*x8ie+wXOUI`D&PXxleP2Q1hpXgGt~JqT3TJ=mu!%wiCR!!9 zl3A#w+msN7BCrNT?q)*{husC)PR_$ul?P~GgTocu=LOi5_+Cv0U674uX8wj@NEu6c zFxV}igM2-PR4(Li7UN58(3LF$NC^cQXjxj;DnpooI>1+m3g6eA1Ybtg`#jVrj9Dji zIyI)-m2Cr!35Qj-24`-IwCz`XwW&EihEqV;5jq4megh{QXmA#1ImUr<#(`DPn6tIr zE5uq(?u1GA1zBNo=+%ABTyBdB zMrRQHgcZYSIZ@dfCuecf7k?Si({1%=|8Zi~|e16asyVFp>>j&GbD z?u-UdJ;lOs_=aNeM&EH)tCa_o%U0=0Mxg~upmoU%5Ah7A25RAOl=~VG2gw#U6c;ZV za7b*mGB9r@ZtPblvT%1CGIU3&Mx_Kh7ztpQ3{wgO2yzI2cm`+Bh<>Qo7(jsn;|Z9Epn7!y9MGSA zhy!Sv4im72Y=Ddy7yxN6iDEzYWMB5cYIcZ#c6I*02x^xBYsYp{&~|>{c5goja2I!a zAa`^3i*$dRV!w$A!Pj9s2x*uKjxdkkQ22ul_WfCeE}Dpb7>3zE_|(8xe~*!2KL~t~ zB9c&ch1iF9e+b{;2q&V6cQ^`zC`H6s~ zxOj-K0uJ~Mv-hNBNPCLF2OYSGl(&VkzlnTU0`e$_01Ej=htaN(2z-cv2B3j!m+ke+S8@e9JEn%-4MB@BGgX{c9L~$&~@qKM2%Ueb#q<*kAk@nEigJ{o8*C-RFJZ z2Y!7Jeukij;y?c6clPCP{)hpHbqMIR&>%}j22cLB$%s+m+CPD8Vj!@^Z&kSk{(vd@ z_b(q3UH|au_y-Kdl@>=%#jv1jVZ(m`&J#^ zVs_(Jd#l$jy#&|#5xduql$v)B{rOU|PY|MyOKgGc)U@znrocwr^S5llzCgD2!AVMw z2HU1NBMScaPQx|NBqDO|2a2iNez;;h5ZTWZqI^`Y(R&a|h6~taDcK4PF?3Ro>ss%v zF4s9>!-y5fZu~fMzR8s@YuC)#GicGIO`~pmI1g)xuVXKpy{`7{x4L=z1}>bqamXpR z4|C3uC0bk4rDh$24LbNBgb_+O;adup6ipGUUv6zlmx1kQ!U;$HDB{UJli?%NPXBo%CYc>^UI%%MmdX{Nxo9@%;r_DP1EVR)k z2$qw8x`Rq4&42~yfk}mEBZ)S8(vOfPb>!xp*JcaWoF6eUSWe)2ByK;^L}Cn{z4A#? zQ>C?)PoseXqlW&Qn}!&rpB=&3uCxt%l;xM!b=g+L*9rDcZ~TzbQHbm4d8)ulxQVeY z8n;TPouUa83CocbQx$5qs#ZkHncVqB%ab%CgAAUw62obkryq73WGEx#;7%&&yy^9B<1 z&@mK!bkYed-SpGfL_M{`g&Tf&!+=)1KzO$3w(VGp??h)v{ECgP$df%Tw!84^)GkQ6 z_);W1E0)c&ElV{eNS{9%fJe)$6pUcjVMT7%)nOwJZ85!9yw}7Y{SKFNut)ZIACF<-G+X@flDE9oJx@HUlAhSA=NasYMtj`zUaizNmivg0e2wwQ`P`De z^|kL`!-1dta6!Me*e@yg+Z_s1sKUJ{4nZLTSw`aXj}JivQ16%keU7KP%c+VZFl3jE zMnEIi;LtM>mlP z6AV90QG_~VL4Kql+&}bDh6{k;5Fb%h8rRrHlWgG%$q^ia=urh3451CkYfCm7K!O+s z{%RT*kO2{P#E+-Qpa@UglQ0^Bf*pAfB5C9q7#37Q*H|Dr{V0SF_ECkzxa3pL$s-%x z2uC^6(T;9{ zA~v(B!WMc9O2I$@Cd#la1WW`4SG?6WjKYN=J#kK$>&G|4$*x^0=RJW+rwrEl4|tft z3w2o0j|N#tc$8#Mr+6e7?op32fKphhf?orM!Yz6jMVYwdi8dnyMq-$8E@bRzMnfvn zk&?8eCOs(%xz(^PqO_$F+9*i*;un|Fw5B$_DNb{GIF(9^r8@m-TVVR2j{>#+s75_1 zQj@CGr84y`LUj;Pn<~|*Qnjj9y((7a@>DL(G^<|yDpcu7W)*ViT)au@crUd|fPLBP-d- z;7>w5B~RYE!G))v~s=u6-?RV=LR)(zdp?y)ABY zt6SGvmM)K_EO3J>+~FRsw;nYtag(duTjxI$y3p1Mv}5^f=tUPA(U%=Gqaz(@NBdUMlD;&YDScc> zW4hCL)--f2?def(8PwQKF{x8+XH(yp)2e=TseO!PRKvQ~Vg6<{kX>!-T@M-8N!B&5 zgDqoUM;X|{KDLU94Pa3tyV(?0HiDV$>}f9;+83rawyQ1cFB?1C-Y&4UrTy)3%QxKJ zCO5k2OXF%ldD-VqH@w$tZd%8?-uj*Qi|ws%`r^Bc`~G)(``vDU6MVP=FF3-xd+>xa zoVp8dIK-Fx@Q71fxD&59#wC04jB`A(8}B&C0sHZglbpxfHZ#3Tu5!DMeB~}zYs+6Q z^RUKz<~GM_&2O&rspfp=K38hbe=hW*27Ty8$7#`zu5_0sed$go^U2%%?x#~-q)o3n z*1dT3taE*LTkks9*+Bs<(C^!B*Zy+L!YJKpVb_q_8x WE_?4g;63v9!1sOdgwK0G00296fvFDw From c492a868f8c4277414ff5208e215faa690a6bb8d Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Mon, 18 Dec 2023 11:36:09 -0500 Subject: [PATCH 15/38] Delete images/RemoveCertificateNoMapEntry.gif --- images/RemoveCertificateNoMapEntry.gif | Bin 13433 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 images/RemoveCertificateNoMapEntry.gif diff --git a/images/RemoveCertificateNoMapEntry.gif b/images/RemoveCertificateNoMapEntry.gif deleted file mode 100644 index a0418369a94bd9d3ef93827536e3dc192c27a966..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 13433 zcmV-|5IlPqI+YbnoE8WR7c_$>2Q4QgF(ETO zB{gv;LvJTZktA82FBd;6BU3dUj3!~JEp@&piODFr1up{+FE24PKt(rSXD(WcIsgDU z3vw?R06ZfZIU%+|IT}4PCpk5gJUl!)J6}CJvphp|H%6d3NL@Kf%REnhJzSGJTCF^4 zqCIZ2Id$4Pjm|#+OGh0%JS2fZM|4PBVMl1dLW8?Rkb@PlaP9ykB^UssoRk~Sd~#5kX=BJVR@92vzL~YlB~^?%IJ{K{hvQOp;jQLS3jO& zGnsl?r9sN2P5`1vgQa6jtA=T#lwqcpd#1P1rpM-}Q*y0ha;RT}uxAIdaX+ehQ@4zO ztcsJasj;cCm95tHr{Daxd`PvLp}4-FxX|6W<@~uSa=JNkx;ebRatOY4Fu8JgyoXY~ zjA6W`f4#EHyuZV})2_YP?8kC)%W{OlZqCPq0L6wl$bfpqn`FeDkjaWY(2t1BlTFZ_ zV9}^@#;>o?(A3T5_SX6R(~&&bn}6D(j@Y@0*1V+DySv%NwAjm^*UiJ(+uqpUwAB94 z*_6cGs%6=zr`oc2-r(ipq)z3qk?68z=EI!o+qdkwcJ0ob?9#>X=G^b__4LZB`0&T@ z`}_LFg8kK&{NS+u>%0E#)&Bh7{{Qs;{{9I50M!W`NU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*ZsTet7uz=I1PPMk3B;>eRLU(USw z=;O|#OP@}?x^?K*vuoeZy}N1b-oyTjA5Xr#YtX&Tt6$H){dDl|x7hd%U?jd1?d zlZJ;asG`|C&~*5r4Jr~Q4med-#o0oQYZZI!Tlc7=s#*ssYfqHE zGPrJ;4L;gdzU#irR=0BXBc`>#%0i~Cd;aU}wDV-UFk9;8D)D8z{?qHfUEcbmiznEC z%v$wyxQCS|^f8Z|9yYm_Ki-h+!z6Zgny^~^$a%wv{NVUu7EZPm565{TBc>3to^Wu> zAi}H`KT&dFsE1{!1I>pmka;bhC$xd+Jqm98;>T)*d_pR6*03b4+*GR$${(Kbv(fM( z?V%6o{v!|D)z;GL{)g7GO!B#y)|}_e8v+ft-$~mzbkRruU3Wjya2z7I6IU)+#TTz7 zaGu!QI47!N&$;BNoX(l0K7pJt2U}vVIq#J+5U$qSR13YN-e+E!Ww=p_&g8IcZSLt@ zo?i(%&}IjTw%T}~;C6=x=e}f}re5hO)_iB%eQoaN-m7GgxSO8V=Hzcbr`GCw z7{iC8TP}ZLn0M%Fne23U^O-)xm~*u~5?c#&agXYiOdWCZ(um&Hg&xf#7UQA^j&268 zF40PGG60)BE+MKn^m_M(18#<0lApwAx+T39#7-hJ)|)vw}>kTl%rPv zmWCr*{X=a2bVJbHs-+8erHxke@J8wcr4F%?>1|m+27_?ahkJzV2FTzVH##(jc??ko zMf}Ixs`!t4Y!PlY4AqC6kP2lviiSQ&g$X;l^;rS37tw3rckg3H2){FaFM z8S*oKnv0TJAcsbBj1I4>)2|FgE+^6~RHU<2Hatf`n%OKH)k9Szt#~TdNr3~hE1k7A z*GWzSPjEM5;p)oNrA}J1Tv3W2Tt+!b75=b8g{+{P%5=mL?So!n1LOpO=O}n3h*aSU zRh{1Dxgfj}N4jJSKY#=xbRjH{%hcQ_Svjm~UQ<+obdo=$b;x%1rGBETqS(wZi+a`* z4=4V}(k(%iPcY%B1=(O>8~*jrU5IN`t=dl%RuSVZCVB zNhMiLn^6h^<>uMYS>RKj&|6t8!BotD9Pv3TQCT`w~+NpW=*LuH>Eyn zy)>rKTPt1vWxyYBEKBcNtLOkqmuev= zd@05b)u55MZKOOE%g?m_GaIj)tfEl)kJq)KdWDp$6LO2&7}d2}BWfySf{Rg9`n61e z<&|QeOIx_S?Y7L7!*0qbxE)A_kz8R(QNGxu&c0*Be0@%W(Gtdrh)F)Uof9o{m_C>Uerao#J zhGnasahc0r1}7e&S>t0cfJ!SB(Rb@#7kqFeaVg2w>be0n{YP3%ROa(i`(I2S}V5x!MbhA{o0+uwitwa z^p2-d&CJTKuqGqEB$X|-L)nC{;cPBZyXHBY4F8bL|J-81PRkoN4N@6;*77B#2-2qf z5F+*sSu_ScWj(t3hj#bo6*lh#N*gRUl|C$fxI9Z*w|U1sz9g8zmt@lR^~o7rF@9KM z7OO6kJn9Lydw^pWk(dPme`SqgsPh|wU(4Q$k*&Q4e(>eGyWE%d4O|31?-E@+nEpD=sQ+;g;|EYPg19IEEcqhHMyzayW-{ zScf0th8hTmcDRRp*oS_&BzTyCdiaNgScrybhW>%bgEc4@huDaY_=r}Rh!r@9kXVV9 z_=l26fs}ZOoY;wRn28g(iJmx$q}Ya_2!x9m7p1t0tk{L8h>Baa7gneQ*^mr6a1Yp% z2>gI^*uXXPutl{{59A|^9&(GkkO=<3HLI68w5W{tAUz&33F^Q#^Uw;-sEpfii(F$z ztAGgG$TjjXD!ibL%9sqn=pj$gi==W!z9ft~Ko4MY5BD2g6Ji?(Pd%HScoCC0amAGYJDVd6UJslquqrbK;N-2$4@&i?`@5 zp`wdPU{Hnwl1TX>BDsqm5|!+rl|e!SxVR*AIg=-#i_934IH{AoFpOylmrHU4{;&+s z_>o7+mLIYMfQFZT$q6U6<&Ln8Udwx0p7DDJE^no}$wPnouj;lakaKB-WXm+gOeA zc>)NkpbZJ01sIy;8JMec5BxBgYnha_APkFF_~6M6!6xt{mQ3r<#%(n+BF8JLO* zqDw+9_(_b)nUtb~oP9~4l3A1|P?^T~qGL&*bK;}liJ=6jp%WRH&bf;jxsfx(mWEl8 zFaVpT370`&l8lg|d&!l^36n_rmqx=vN6MOj$&*w1lje{Op_2$iS)gHl_4{e$oZw3sXG4Em{EpvhfErPPO6te376^Uivziw_aG)U0*<7xmt_QwQ6ihr z2zJwW4-%@K2sx8Nd5>xOmwIWSk1CKx%9>}QoXNl`nduXorhpy`Su5!q(_O}V)+7|G7ub3#W@}~~<$`<(guj{I>@n;M6 zFbIbb2QDxJTxAyk+pu#eumfALIDifGkPZtAu^6i#1Um?cFc$N0u^Ah(^RclV8yX^e zviL!=9t*N4+y1iUv9S|du`KJdH0vE3d$0*Rvo*W3+3`Xg>li#6wBg~iB?}uud$ij@ zv_OlrOiLY6*tAfa8c!RwR7)CDTeVob8CRRNTx%Iy+qGaD8DAT=WP2E6TefH`7&FiZ z{CW;HfC@UBwsN}}?@$O(Ko95e0*DZ|bKAFG3lDm74mh9=eCxM{E4J^D2DTu$gnPJ- zs~PkFxVyl(g*#Zoa0O$q1+L z1c>6g-gO0V@VaeL4^u+Bg|R(761(?c50793v>-@y!Mftd7RdX!ol&=UOSyaD577Vx zX<-jb{^k~=YZtuR7TKE@rF*)edl>nEL)$B2ffK&h@(P@A7vEdHg5eM9TPA7oz5Fl^ zbuqrlyB7G%yqvMNZ9BM?`!CHvz5h}TMQ{aOkPX_f1$i(AbLLWyfCWWhHSRD5SFim1bJ`;HV|ExI|c*Q50sz>SWpG`(+{QK z0zgm;{V)tgAj4X+zl-##Fal&y4mEtkp6d_Qa0LjgCG88u zLQKOpTm?#1Cc{t#K!6BX9K;Fy4@4YM@Gu55&;?*@#buJkTO2%ItTjK3xiehFp<@B=C`#~K{MWC9N{ zpt}647ZhA;wr05fyK}_qtHieO53Q^q z_)E;rx)NllBQM%c@&E2fd{9p;eR3`Cz&hQKcY`i;b(Y};$%k1pVb`sBQ zu@0Dp7SSw^(@Y7;)z7B;z4*(}c7hi5&?E8C1lh2^56#W@0}rz658rSP_{;tek8sPk zOT&dE%({Far5qS0I1k;x201_v@%znJtiJkSywc0erkh8h>&yS(!EW%=gA@(>tPf03 z4y-^6Lg35a%f@a{Gv)jb_^<=CYt%Fox-^{C2+h-KA&r~dE5@r9 zr5o02;m*8k%p=SR@Ec4{t-#(q(5Bnf9Q@W66W9IV2s4A#b=)!tRU7yt<@f*zc`c+6ePXM9KK3jCWJlHfYE~my9uwb&sNRPoRAMSa0r=j z+qF>Du4~jtP20AO+nQ4fvrq<;O$?A-)>lmldvM#Cpb3I~&AUL?TK=upu^rn;%-ht> z)_da1ufPS&jS0Xr*OVaEIdIoQkk@<7D<0jwavj)h&B5LM-Q_ginxovz?c9w`(T|&Cp*`BqOuN3#+z_YQd?A7U01JGb2D@<1uY3-~wMDy)LjORo%JL>&^TikMI3Tlz_qjEz+Fp z&D!t<;bIAA{mbY~zB~TV;j%8@yAD4d(S?-H`|Q~MObr0d-uwOBOwJGM0_A0b7SVv? zI=&}Xe%u!g(Ee}@G)yM?klF7%=1Zd>{19EGFx%vN=ffP`{^85wc2p+MN8xvIf%aeu z7Oc5-Y{6#W*RpLfj{pQ%Kt}Gs21S6uyWkJcPz6|^2P*F9kbY`MT?FNf4>7POHSW1T zTm)EP2A#9xDvB&gw}L!C0{1?ykXx00f*&)CrTwpMDSU@B^eQ=yY+m0di&SaNY#Zeg+R9@lXV! zzVHm+uM%JJZPD-+pSBpE@nyU593QqG|M6WL@*gv+n_yBwsF^hHmEN52;8a1H8l z4T1jjOc?e5F!k(l4eW&V=c@GqoE>8i_H!qJ+tMEDV83P`_SBjeUY{XU-}dbq^^f5m z_fYn9Pj_}NA9}y{uO)$hUmb%F_*fj1L$1KmY>|82vB`hUp3n zfGO=j-I(F{k3T<={}z*9`G0Zw@@x;O_YdoE084)updb2{Gx}~(`s+{tkFWw4U<{V9 z0v1rt%wPbPkODSv3~`VG7=Sac-~ud=R@MHn1S7BoXdutbfB?m12`)eZbJh+iAONL~ z#mrvO;1BknM*!hz z$3J`uZ2gNz<;Xu~2>z`*^Ut20h3gL7``1oFwtwdyaQqii}Wtiq-3vko^{M8rm{tQ!4I#4tk*H(V+{`fB>nzO3HjNM)XZ2_rM1>mLCr}W zO&_(?R$qSwmP;ss(sj{mMh!MuWp5o8K4a9ON6|U&p+_BKE?qWTZ4Jehr*W<^CR}mH zCAVC2&qX&~b=PIL+-pqTHePx6>~>yz@5PtNdh_MCUw_lv_g{erCb+PG3r09$h2d*< zVTT`vn9hbHrnusW54JdCjqk;HV~;;hwquY-CK*+cOGY{6MNgio)NikWIcAw>rnzRD zZ^k)iop9X{DEDx@o7M9-3vQER9xWtFQi2YA)f$x@)he z)cPNKxc<6qvo#ER*R$7VyFIO;Z98tchtql-Z0E*1Z^P=AR&T%m9&h4G0VllhqO?}q zaK#sw7)_rNXFPJrM?!pZ%Pp_`a?Kadd~?qM@BDMo@eX}-)7dWlbk)C3eRbEZcC}SO zA%DGglv}qwcaL$`z4wZF_dR%rffv5`f{CYT9+;8+$)9U(;=B;}9& zX`btgvL1Tx`!@b`#jrKv`@ek7AIIB>F(Z01omGevBdkcq!lN&NmW&OhW)?P{%#G zQ3X0!=Wf&@$vqSWKlz1Z9^}KI0d(0aTUJwldhzLPU@WGJ4kWtv;2e$liw>g%? zf+0-V2t{HKLU@3D{SZb30&qeof?e8+W8X zKnjwO)964p66iR4F`U#*7k_>=BkSTylh6IBFI6yY~0gM2AFn|Wwg+9RG0`=wK9`6uDH$~ZvNiHA- zQ$%J0+Hl1Mpa7M4yqX@J2?n}&Zych6hX&ek4Phi;6VYgZD#TF<17HIf14xB9KtX^< zLg5`tfC4?-A%+(Iqkj${VEz)3&wciD6QC3&Fg(D=4CuleXn3bK=`s?2_)wOO7{WWy zfP-tCR0!$-S33LGtNbI5-notKdET9Wv1oWX1ooGdO1O_1VfDYQk zLJv5h4@e;69WccpO`ov=TeyP{<8TKPwJC&akn;=ir~)GHL5&yKVj2oSDm<|!{?DmS zF&Y8{=|A?N1}J!92qB3_4>nPW!)7D~4TZ-9%rJ{gpkW8qiv~t7CW2mo<^{E*@mJAl*Ko&y8m2%>emv4$61K>@WmhZrL}*~(sao?QS% z2ZSMkTxgXauwVfesNjLo?k^uzsKq-BA%ZJ};0y40L0Mo6+6EkA7O3cf8v?7>cnU5j zw6lpSXIKd#+#-}5Yy=bLsSheFz`$5AgKP0SMNraK9kxA&g+;Q~Yrq1N!QDkW2>fCG1kbY#=a}RW z68q5xq~fI14Pt+Ts*7rPw;kcdFBF;~03dw$qxWU6)%beEHi(jbLZC(h_6Ls*Y(jye zoQ4E;k=b3Oh@tVjksH`zjOyfYhwn(PYcILwE>FXkEgh*Kya~T|9ub8~?13g4A%uJQ z101ppB5aR9j}n*Iw&Wm0DEVQG(Y6pD8>mG)#F*wax0#;y5X5iup;#vZ`OHDKK_Y}uUj)t!g?l_B0s;sC zHb+v*L*h?=!5-up?h%hks?U!&Uf(-8_=@!fV1V#2fdC?)fKC2rlr7YRfG}q3XkVgR zeL8%F0IsmcT5wwcbZ|Dbr9ICtlrRU`7&RvnvVau?0M!J-?m0p*0u%_K;MAC;y1&2= zL;m{KxGouAMKTX@7y}z3@rOLPSC?-giy!wKhn=&LJu<$_g3=Sm^{iJtl`~Iyg<>U}?a;uqie$47qha}Ruc319iohko>>KmFdf%lg;H ze)hG$eeQSP``-tD_{Bed@|WLS&ZmC*)xUoB58wRnhkyL#KY#ky-~RUx|LK{({|)J% z|NplT{{z4QTn_;xzyqY4#S5JbThWEjWk2@_<&7#xh!!M_@`!5hTE9Mr)b zG{ZAQ!!%UGHDtp!bi*P9!#7xx0P2|K*^u#e-#D8eSPb9@sG{sXyMM@0C zQ8W&hfw@N;&I$XzdbjNpu z$3RTSrwB)Rcok!q1!SOydAP@L!3KN�IC}M}6GKZx9z~;m3e%3Vs|1YZw=Wbc%M2 z$BCrKicG_Kj7Z~<2US?eS!lXq7)E>K$ff{?eB4KqJV|{#Ag6eTRG`SfuOP+j8 zmuyVKd`V+S1$9tN$ZX2DY)JlvoJ?!H%+_?xa?H%Gd_hcP&A^mQeJsqO}^F&Wb4A0s8%G%6B^Gwh9lutpd8Rl%p`NYrsG{p7f3CLkZ zaKMD76Nln#!jfc4fkZqCB|>|^&V{6!K!i_uXw^L!O)Mqjp*C2;co>63XbfR+0bz2AX9!nYjSsj& zgvJ<#7uWK8!U;{6xhH{+;V{prRvPN7~S9X00cO8o(jXQc;n?YFq12kiolAK*y1!UAyB zSASL5U_{uPqK9+<*BWTLZgqhXVA_2&1<;5ARjAm%6_R_ch8Vb8%hlI?lvmJL*rGkc zqpgAdo;+I6c!6552Uq|N$Ay+#_<=Zx0c6-M(7*v_6^5#9ii&N6cX$NJMTB=)1JJO6 zT&M!h)!MKvLil`#Lg<21=v;a@+sv&6dZ-3)RoJHc+!uJ1#u_^8;Hr=wOVe?+Gj9=wKN19xCUZ~;Z$hg2d-e{UEU@`gblNb+ z#apleWH?)Tpa#w5*)d37K~C6rZMwRA2F>kSh&ALyMq1d$5GEE#GprSHYbPAz0)4b>nq~V_lHjM|dne7Fi(3gT_UK72;Sx z*4kmP;X-C(8yE*r2<7Na!$_Tn-4fSHo@1xjWL?N)#!c8i7UUN&uU(x7cm6ekIB)?| zc34#2W>sEgnLNUZEdf@6?(vA$OCY7;_DR>O?XCL4hdh5kBxl_rXyoSsMs@* znQ@3%L0)E=b&A|Y2E=uNn=fQfCf+_MA(ECrsX|u7XLpMjUR~7hu<+PGrPw>-5!yd05(HrU#k! zW@W|(YH;0ofQI2L=Ob)h^}Pmg@LzYPDV=%&r1FL}DA-J{*wFO`{-i?cr)XFX7G!?* zf^i^hnU-pSF2d%O;h4eSpPpr8$lTpr16<|M&Lg-H3kSz>B+7U3*|-e;Y@ub_|ISDwRB?KQIT+u^ z3cshLWbwA`%R9A9Q+4w4>`n;}?&I|GFMrQ4|Lp@Eb2DdiG~e<|ZSy#vPce^BIk$5+ z=SnWW^F6moI)__62lUqT^Y9JyLf^|lPgFx!biPb;2>tU#hjf}m^emxq8oRu;H`1@j68c#vtgf$EruXd(z6 zumx?HjTIOT!60^HFA8KI342)fns9b#=Lu;KjcWcEiEGdH(Af4pvIB3&2XGg6&>(ka zSDbgZsAlkXU>1@l(i34{js;2zb>E|Qr-|?giYmegctDGgScegyj_x3|e{cs0N}wx< zCVWVNauUSQ2VVX zeYb~uxz7f=M+k7m`+DE|zW@8cAN<1S2)z#t#g~l6-x0`{e9E_c8NmEs+I(i;2hWe2 z!KVNgzyWDOeEG2lKfr<)Fa*AD18Z3R=>Q34_<%jJ`uceK3YrU-7o}e~0(%$)v_}G4 z7>h*e2lXEXx?l!BVtNFi`+We2KeqniYmx0A!hWOb{9AY6AU+7${59Lr(8Ilcp1vUL z*zXk!2fP0D`;GLPhpa^Sb>sKt}s4o#G z{yJiBP@;eOkl4~kWE07w3OO>v{zwr4PFwqO7UW5CVMCisDOy~IQ6tBmA485Tc{1h7 zmM>$@BziL^!kt0~6E1A{Fyh3D7c*|`vmMNT-?F*QxY3>;H)k0Vd?+}rS;wMBlkTYQ zG-`Fm7+>?by0Bk&nKZdN(r*!`eNuMedvMTSQDxBJ%o=0yYMrLan-H!T!7aN2vL$t z8iyQ03NmNQIt57br6k6%;etUCp5+9Xn3UrO7hq~KjSDW|_m?h!RNw*&5nON#6Fk*K zP81`!uz~;vnb-~iq47u*l1eh!5CTsU=xn>wq?J%$-mih3o0z}x2x|9jxQmQS)urcJ+|@l4u`7_f z@X9;gsMgi{&%OB~v~N%S{u^+XDG_X(!9C5V@T1WB{4>ypwPVv{O}(6rv78aLuvAD~ z7&O#B(K9vG^c0EMkR4qe6jA(?VniNR;Ot7GS*lUN28c*Spx0oFeVh?h>_uNZON=l= z8#{KSO#~m1dfhY>xbQ4r#Mwn?I}e0U1B&+}$PW8V;YK@| zr`Yw^VUJz5RA;BX_Cal%4!7Je(QP;0dLzWQ-zxhP_~3=}bGQqM%f&bgj`wt_*OOOX zB3YtG{r)`k&-z1+;5cOSJL0>Th&!@3S>nPAYDW)!)l_e7Sk?%gKR)~IyZ=7?@ykCy z{VtY2_4$2romj&{5w9`mTjJ;pJMg^}VF11ZQsUeS;GOCli?smMj{ z{?L$v0VE?MDalEC(2*8IBqcMc$xRN>l0ktaCqpU9QAW>`KmjEwQ>n^T+V6fCJS8Ss zDa%>XQZc6d2`X!;%U$mBmOjZPFM}yeQu?wdz#JwrlPSq!cI24Kd?qvt=}Hl*FPhf8 zW+0h~5NBeuo8H8sHvhrRZ<4c|CJg5|&8g0HN)Vl~WG6i13Bha7v!2&@B`)77&wcVU zfbLXaKLaXI|NV1>13f50+gH$PCbXdr1=>RS_t1$_l!nt}p*}0B(Ty%9qWI(}NJH8Y zkBYRUCJhQnPpZ3P90`bpDI;dMs=!IWo1>bs?||ub*o<0WLLi`)<}kRtY#%-SW)R-B)D`1sajKLDN7=3N#UjwVyAQqOehuvmk7b{sD zHg>R&6=!58tJxP;*09u+=w?H!!_HndouWN$2TA+c%c8cm4pc2h0qWY>mJqf!lr3#@ z%R$@zFtfV-?Era;MBDU}SZ*b7Va!neM=l5algYv29Gx3Y(&buWJdtQh?M z62JmJaA64SSN$Tm!2|a1Y8@=$(I^-)N>zKSe?y+}&3}oyIdC1Z&vXPmK Date: Mon, 18 Dec 2023 11:36:18 -0500 Subject: [PATCH 16/38] Delete images/ReplaceCertificateMapEntry.gif --- images/ReplaceCertificateMapEntry.gif | Bin 10241 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 images/ReplaceCertificateMapEntry.gif diff --git a/images/ReplaceCertificateMapEntry.gif b/images/ReplaceCertificateMapEntry.gif deleted file mode 100644 index 225dcb75a028cae67846086b1d4fca047437e29c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 10241 zcmV+cDE`++Nk%w1Vch{80(SraA^8LW00000EC2ui0Nnu{0*C(q{{R30001cf07C#5 z9{?9x03k#GB3uA3TLCq205*yMPiFv2lK@Pm0Aq~-fyMv;6aXJK3S_es3{M6Gdz=|K3l0hYNS1KvN?9!I*rUiP>(`li9~9OK!dnKkj+g1PEQv{ zM;`!1A1F&R3rQ(VQAYquNn1%-T2Q6pR~J7~247Y^f>%+aPiS*gbe2(#$6o+1UjRQ^ z8W>z509PR_TsTQ!QI1(!a9eb5Uy6%ZiMv?<0BkQ8Wi2{qF92gYJ!L{bU0q&gXGULS zl4gIGU3#iwjlN-_&tkCXasW_kJtAsOJ8EfMW_o~avEp+OZFd(JcNb4@J!)@0d2u|E zaZyZujcRs|k#oTKg*;MtJaTOBDkIeg$DsqrL zYL7s8mrNO#i-nh$mzS5qlBdU))cKh|H?-LTlivQ~1nYa_LDJ+*vEwv1f2 zkDs-zvA4z6v(V|c-r1-BM5PCsz4wOn%F_InfjN@EB2}r<8^aE!A8M$fm39Q#lg1F^d=?z`~DEAPDY z)@$#*_~xtczWny<@4o;CEbzbt7i{ps2q&!Y!VEX;@WT*CEb+t?S8Vac7-y{U#vFI- z@y8&CEb_=Cmu&LMD5tFQ$}G3+@@Vax6V1#t*KG66IOnYM&OG<*^Uddc`0~&p&l62M z^W@`jKJ&B_%{)X$-Eqto2QBs07teDJ#^*qd_16(cqp{dvm(6fHLR*Zs*=!@+wZ>Yv zEjPi@D4lUWWY4X){=a!=-1pvq9O@H)(`$gh0dDu)=o!bi;xTVvrGu<~7xm1`QkBQ4$CnJk|X3G9Kc!K=T|@knFU# zFD>f0DqwfVn;}IL7@jcfZf2Lw^5=#|y5vI#?h@A1TPi?SwN4 z0^$!whX?=-yfzOS1VDWQVW0a(h%EU1!x|4DN$PHgJ&7OzKQGjW1poz)2FxQBpA*jJ zS~w8wO;CpZG;F}PPBRY{XmB1K3;+wx_YV=0@QK4RAqrK9ITmitg)q!TItXBcF4lko z=(wT|85jwFlw%1t2!r(|xWz8o;ERBAQ4uxh!6mK_ig=us6jL}sE7oKmFT`RElhY3z zGH-{QvqvEJvBuO5l2~(8A`=DT#5`K^G<&2X6xjq!t)oCP)+2(#X=D_d zRY6cf>qSMhqd_Wp$y$mglYP7#Cl?vW;cUPLKd?^prdK^OMo$E3v|e^(fCJ%G;+Me` z77{f>OIupAGu2F3Hm}LeJ8o>7-3%u<4K~hjUbCEZGp9O7gU*4qbDepto5t`4&w6&| zZ5jTHn?3hwkhNvZpZp9cCC4Vvg8oCFRhy(i?MbzY;d7w^H5$_F#xSNiO`#CwXUu-a z(T;lbqaL+dMn_80lA83SC{3wKSIW|sy7Z+mjj2p$O4FL!^rkq?sZIfhwsZLOr$7y= zP=`v?q8jz6NKL9zm&(+pI`yegjjB|qO4X`b^{QCSYEy~WwWRIztJZ27SjSo|v6A(y z(b^hX*NUuZvh}URLKI-_$?l&*L^jau`{*V62@uYd*3Ujs|n%?!4%h$YBj6Pwt@ zGPbaeeQaPOE7`tMwz7G>EN1Dd+0DYWvz}!uXhVzE(UO*|radiKQ@b9Yrj0Zna{iq` z`r%rE;N!KPiETmr@zWuOhPSvq4L;718Q`kcUaYML7XrZC1klAa`!GXIZ0C&^FgE}n z5C=EvHyV3*K|KOd?sXCH+|Ar$7w)h}7u3Rx09;@RIpmB#)=>=kaw7mo&=fpCAOYVV z_g$&A#~CnSjDOrC7SUAEqLSl}^F?>M{ZOa^e;^Kjm}3rD*e*+S(;0uz!@J-WFo6yH z3hp-8ApS_l2ms^^aqI&PYWc=A2ExP>lY|*1(3Fj*a$f}Y;}rquFZz5t$$1PhAHI$7 zZvFdT7@0Q36F^Eq6T?md7U0OwBS7YvAF{yqv*KPp=p zK(FYHbK(#^5CmWY8Bhv;tDLzC|f@zrJ3@3O8vz-lXbd_Onkgk2nj*(eY@4BF-U*taSU%0I*|`=wBQ*18w0&L(29GY z0TSlu0vy=k=zUD$2iZ;pIx;a0c8KB#WB$N2>ap*B{~Od7phNxsws8SMe|1iYRdV6&=t7EmXk){rva@=iV+lp3d}XxZ62!(C|M%eD7nkg&P;p`YM)i2YuW? zlq-HQ=g@FHc(*`5!checpl}9r<5<;kr^Vc%$Bn2r;SqBf!!L5I4my}%4IIFQhW$|u zb65WI1i!dPbYS+ZZ=D0YaCgv&Et(YD+aoPV`gB$7^x2O<>PMR$yaR0^X2$!ch$Tb9dR1cYNo4j%E)YNNc;GVLxVW z&gTv|NEiG-gzYyD=@0-eFc0)+24tZRE1-Ywz<*&DhGXb$00IoUR)QyJ3_qrT3m7BG zb#(EkCSTe}|}RhKPu85QlRpBdkRdGBXX|LR-Y;5I(gU z?+`QWUq=`DeOoO;uu@& z$P)L+743)}>qw9RNf5V15?+&#>lifon2@qzkPb-?{SY(lzzrr?6t(q_(MX5U!Vjr% z0cyYm!xuIF01qJm1$3YR!P1e&GL5Iv{twPT3$*}rEyFsrKnpYGlE(s*Jjqf%`I9OY zltPJ8L|K$3b(Ba+QcAg$8P$|dxln_J0#sR*R(X|JnUz|(m0a1CUip<^8J1!>mSkC$ zUm2AHF_mVymTcLUZuypQ8JA#*mI9%ca(S0{nU{LGmt+Z2e)*Sx8JL1On1orFhRIQ+ zVV8Wln2gz&j%k*M8JUtfnUqQtJh8BVB~ zn%uOStZ7ZI`I@y9o3d$1v{{>Ybep*OM1ysizWJNL8Jxm7oWxn2#(A7GlbHnZG)UB( z&iS0s8J*HOozz*K)_I-SnVs7Hxt-kEo!ac z@EM=-IiK`dpY}PboWxu5*mpZ@uu02-hII-mL3L<4%D2%4Y@x}Xf&pxRlW%;}&K zI-wL=p%!|f4>}sXiJ=_Yp&t67AZniw8logxq9%HxDEgcuI-O|KqAvQPFdCyWI-@k| zqA7Z#IGUpvx}wpEGz{vaIvS)xI;8)}qtFSY3W}sex};3nq~~d* ycDy2?ZrB-^S z)d{7}Nu>kIrC9op-Z^ z`KFjU5BNX~f65MXN~b?}UhdGGErt)zkgC#orji<~vMQmJDy5f-M5wx{&-o3+aHw>; z3$4nku8Kt8fT=QutLP=HEIO;q+N=~>tCsqy>!7K2il_4c4d;-o&TtN`dJm;qsE10b zg_@`M;0$)^sATG_>bkB73az^er^HYUsj92a2@UNK4#q&L@6fH^N~eb!s^S2!pxUa- z%B}``u>0w*^%}4(R;ZlXoR@kJwLlEhAgs#ToW%;R;ySRydZY;Zu^P&XBAGOa7{^I<2lMvBdDH7u%yDd$Tx;pBlP81-r0?+6r`9t$BK@>_DyrI}d@{ zs3@zaj#{qg+Od_Ivr;>?87dkZ`l<~It5mzSQaiECpkRBp zY}>49+of$Aw;}ts0=l+xd$(yysam5|SB1BJyRLfsw}Lyk;~BVwd$@?3orasZjN7;> zy0gpaxRN`$(z&>ld%1rLp~$(poZGpc`?;VSx|?gcm|MDWOS-0;x?+pEs@u9#%et-` zyK@V<>nXdod$zE9ySnSFxx2f*8>_whyTY5dw5y+z+f~Ecw!tg5$eX;lTf7E(yw0n< z&>NxF{<#jba0rOttKVP>?(hyv+nu4h3!hr3wGh73$qwZEoZw5L%}br(a0zy>3FTX! z&`=BbTMNZ-o$6b^)4QOHiw~;MMNrU1Z_p0G0CBOv1IM79!BBzDDGz9H1CY?1_dp0X za0l604y5Otl*Ygl`o7UgX*O^JU33GTaKUgep7>A+Zq!9^0JTU|4j|0I==;A1YPk3i z3^$-7pc)K3zzYdH4(uSW%}HD~i$o9Hu@Y>x zA`G4CU;{Cn#g~8!D(sv=lf+sh!z~QKJKVuY3#2sMz*lUyI9#8GYYu2I1|6HK35>x0 z!GsUj;6`JBspW73bu$HAZjYtThTfT`?&!8V`+KzVZlnm_fXH1$%6HtZ)oY!H>fXut!e01kw}z!Izjo521H1^ou$ zJkGI#3L<;0EEG24lbuve3iRP|zNY(AS*9*<798K+(_X&F2sdKJckD+|!fX z!dQU75d6+>0L0S(#L{rjplYtWAPhPn#Qp4?91O{n7S-O2skp2N=HLa2fJ804!WDg; z_<#+b%+TU+#?#Er^PtCfu-0w8!%IEGJn*nB{K7WC$M--CwGa&mHV$(<4`WTqSP;|$ zYPjk^!QK1=fP4;>>_*Fc#ZWEPOsvk}P|w2*(s%F`FTBjn*~0Bilk$2GF8&+_xg1Q74cf6V z*_0iihAR(*Kw-_%jnTLu!FO=Md^```@YTQ&*3F6C zX06#n+}>%R*6IvYc6^=|-Q374-9T^-!aWZ~4aoow2gnVo!tlbj?B!s7=Xw6pX70hC zuIb}I&xc*qgj&{bUZf*_o#y}zMvSyw)5S={4)N-v?C7d#oW-|}MCb6S?nvyu9t~QK z#97?yxbCW59PL0F>{_GjGW_J&8K~#m+|axx8U}>G1Bhv(C8mUhlIi@A}^Fw0iIU9`Gf~?*d=&l@0I)pYRt-@Cx7X_sQ@M zAMx@D@e*J0?Md+#pYi3XxuVo6pqgikT3ZpLHR9l`I%o0o8S4L@Ap72 zARu4@`QySNkUx_k`03DJ-LL^NfQ#v{0CfIv1kE%2E|kjMBN0d64-3r#awr_ApaC}E z3Dy7wX%Gk4Zv)yN7@lkbe70M!u=Ujt1=jFC9>5|$1_^=h58t2;oIeoTAY{h!Jpf@M z4!=q^LJXV~=-{zm8&7MUo_T0~CVf{t@cMsP;dsA|yd+@KHs6gpTxFdRkAp?qX>Duj>i>{Ph z`$(p9LC@*NmHZkhwicOT zVOp|p6&enWS1(_`fU5~kM>y`>(1{l}e$4q5WtNx!Wu~`T@^sIj?fxXq!gSKqtJAf9 z9h)I-+xl?-b&o0c+9vmq0XPMo8;wP0r_z|Q-h6+%upH!l-hl+9jyN#)I6p%1K zuKx2UzyS-)<-i1YTW}oV92_#j38SbGL=7vmZnX~=3UNfBOynxX6@gl(K}&r(L=O%HWZ|%eq4$8N%%e+jyfF6#g~E}{h3BDasGLyVfyB+_uhQ>#n9hs z04{W3dmA&@9)wB$Qdr`KpIz7^^WK}TIVOF> z)rIQOX@kU_j`*H}Y=A@Yk*$(Zh?U^s;FxWAoJ8~c!XCS9#m>$y?X}xp5^mEw`lwdB z@z$H~mHY;LHN9vr+@8a2czh+sK?>gExF)ascB(Vqx_RfHAFJ!Hp{Krj>#xT?d+o88 zetYk~2S0rA$M?Q_^3O*9|U0tML0qdme7PJL}3b5 zxIz}T(1kCAVGLzBLmJl5hBw4v4t40lvq+GGKLlbBx8_437SV`D#19dXxI`v4(OnpH zVict~#W_KdidV#95tW!lE_N}2Tl8WW#kfB(j?s)~Y+o7CxJEXHPmOJaV;rmZMmg5e zj_so39rd`!Hsz6ze*|P&{1`|=7V?SwF=QeYDM%|W(vgqs${-;*NjplCl9z0wB{8{4 zGis8PpX{P1K{-k)ijtJ4Y@#Vqxk@9dl9jLgp(|lIOAE@9mbZ*xBXPM)C)$#izZ9S^ zf&Mv6GU}3;$K0SWk-1FxDU+GcOrJBMIZg3NlbYAuo;9(#O#&K|o8P=3BEdP%{ArV% z=UkUL(Ya3hd6S**bfY`rIZy4Wlb-ivq&V@pPwvT+pa0C7JpnpU_xY2c2W_W55xUTH z36!A&b?8I?8BvMulcE*9=S49(PmON$ogMY)IzbxJbB>gx<230>znM~%Zj+@gz2-|{ zI!&3*^qDoa=`wMe(_`+Gr^EE=Pk$Lyq3)8XMZM)wkvdDIF7=g7b?Pdi8r4%ym8zq( z>Qz6PRjqE4t6jb1SHU_-v5xhTWi{&}(VEsou9dBYbn9CK8CSXfk*;;!<6ZH3{ztv; zwT^xDYa9U^*i0Ifupc$-VMUr)#g>$@jYa8WA-ht^PS&NBwQNi=n^~G}ma{kY>}Pcv zTG95Dw50{=X;C{=)vng4t#xfuVH;bf&X%@Mwe4-Cnp@pgmAAdc>TiL&RpAcTtHm{L zSdp7tvM!goXLas#)f!#tww1coh3j>(J6G*)*RI|5ZeGC~UcQc(yni+Cc?FwZ^%hp4 z?Un6&;agkz&KI}!weN26n_u7Vm%qXF?|+FKU;!VOzy((Bff3wX1uq!74R-K!Ask`r zPME^kweW?x%b#d;*ux(Nafn4cViK3w#3x2^idDQ~7Pr{NFNSf9Wjtg48rRsyH^woG zd#GVnc8$lN^zn~58Dt@2lE_7-gtYRN0hwhj^O4J4 z*5jAKT*)yrxy%nfvy{^;;Wbye%@uw#mg9`!Id8en8@{ub^ZeaCi?`2V{xhHhP3A$P zx6pDF^Px+r==Cz%y^daEq9L8iNk_WUXq5D&kC4+&jD?2W}Ac4(<8W{>1_?RquPKpcef+WZ9x8FTis}khOz^h4{V3z7BlF%_(?-CzlJ9*hoLvR4BgBb$@OJS-64_d~zW3b; zfg4idsRfHX450=!B*JC)Nrw>VA&*w1#o`zz$H_Df1KWWm9yU19HtxV8(U|4qaQr!I zzXFdQtjr(f7y_H}qilGH?kq3=hc;j^gB#7f=68xk9a6Ipo&Q7LX9+r4_;H2?T_;z( zX~~6b{(?xX#2RN8OFeMVqj<1gPGNtoS6HNWe*hy6@!0y_?_miwfI%_)*ux>%5DU;y zfp4>cM-dDGho-B84o^s&J^Y}Cy%9xEdcXKS@X&95U;h0oH9AMexPFIzfZ`bVP=y-2 z013SW0}5(LTs1ylr#9JR3m|Ba#ZB+>MYJ6(=@0=3j4%AN=;Lb0SN`4K-4(ej9Ueg7 z2PhO%kBPt{Tl?U{F~C2UrZWTzf#^ppJOPikmB0M_2*viR;0}DO4D{b0eZPnAm2IeG z8=}*>);orKFb0kYzj#nNe~1Qps6Sn@1_!VN8R!9N@BwtXb^pHhzE?o39P^i+?|`qj&w)>RR9S%XbBK7fg|XMKTrZE5S_OW0&VDp;yVq8 zxSL720&^*d6$rQoe1!|B0RgaqQvgCCj1#=W{v{==KA*TgdYFyA3xs`O1E$!9NZ5xy zkdS?_5npHq9OQ#>C_fC*obuBL(dh?R=(+n_2+=FOe~7uT*gLv#Jgi_n*P9Af=mpoS zhapHAulO2k;E{9ri*tzse}ILa(1#Sr1r7uPdLWATAi)XQ2uBXKnj4|km55&j?eQ-E zj0VV##4twZkVLG|3S(5rW3UHI^a*{ifF9`=dicboxElDNLO8L)`0@&P7y`aIx)214 ztUChu(7uHjwrgC7bf6ThkjFO+M~?Uc3Gs(vW0-TiIGiFmky3)u%txIIOn2cD#h zCr}K1&;h;?O3kr{G)Ovm*gXC<-~@WmJ;mXQgzE|f42v46xxJ%Gk1Pa0xCDH>Op?pJ z-Gi5(a7%%q5rc_Ew4}m)ILHZkfD)mM;RMJe`H6J6ON$gj=irDer~@8hiQ;oky4XuB zc@MWM!IUgWmYlx$VK~y;Hy?0KtZ78BbV!b=2ax24v(!XRtOieffR1EN;v`O8%no^& z3+k-Myj+Ap$Or5!kpSqJSM*N-^#@)&mxx&hhAhuwT*)_SNm`;f3W`qv6-%`#OZ@D> z52Q)v6wLn&%cdC|8|Z<@tIj_02W}7nA3%rjbiST@#T9Kq8#qGvsD!-v0SP%tesF{h zsFw|OlMbb?Gjh`N-2RGtFh^Zk2EmxpDh(eeg{2RjpeSY1tkH)JNKyFV())r^k4w)n zI#VxdQ~gTQLV8nF@=^$jH$tMfH5H?6BP4f2#xqK{KnhgHWTQE~B17#jH1bm~V>d#T zwmKcPMs-v+GB#xUx;0`pXOq-PZKGWSwoe6BUlTTByESbqRVjkhQw=9oWujDN)%kJN zSB;-omDMz=RV1R-TUDQ2)m8N2)m|l^Uj^1`8rC2Z)?)phV@1|%T2@nQ)?|9tREyRO zI)_W0)(1kiYo(xh*i>y*AZ7K|=V`WZg`jaIR|mp2Znf5P9iV30p?8JXc$L?ArPq43 z*L%g+e7zxd{^i$x_1Av|*nkz-fhE|2HCQ7;frM4qg=N@=b=Zf6*oc+biKWp;Hy<2)f1{lbJaX8#a@CRy`I$U75!7bdwE!vwETE*4B zd04srsk2+Wja;_v2TGs^a^SZa5C_8LTz(T>s0H1iZQHkvTX~QQYH(cCm0Zf5#AGPk ze%Rg4Mcms3+S(Odd65O|H@x)+^o0Rj=!dzrT+E#T01n*lW!wA( z-}}W~uhZS`y@P!4U#j!mzI9u`6 Date: Mon, 18 Dec 2023 11:36:58 -0500 Subject: [PATCH 17/38] Delete images/ReplaceCertificateNoMapEntry.gif --- images/ReplaceCertificateNoMapEntry.gif | Bin 10259 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 images/ReplaceCertificateNoMapEntry.gif diff --git a/images/ReplaceCertificateNoMapEntry.gif b/images/ReplaceCertificateNoMapEntry.gif deleted file mode 100644 index d45d361543e3df7e9ce00c3f481b81c1b997b826..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 10259 zcmV+uDD2lqNk%w1VSWN20(SraA^8LW00000EC2ui0Db}>0*C(q{{R3000Slf6Da@> zQ~)DW03%@lGH(DVi2zAy08OL-Wsv}4vH*3(0*A)}AU6&Z4GIK97b0L6GK&>DMHE4G z6-J916GI^Gz&M1#IRF4T2oO07aybl=ISk4=BqKR0qB1QoIX1aJIUPJaJv%#JIX-qgN_9P4 zi8)@JK3uCgcH2CS%u57KK@==YGYdUNUqDKVK5C>tak5E?t3HLkPz7>NM*vJqU`SkH zL~4pcf5J+X%}%D`Q4axE7eiAQ6HYTzS5c!(RZCZ8i(ddQS^xl9AR$j5H(5M^UQUf& zUS3^fZB~Z8T9nIMsNG~N0B|K2WGy^mIy_)ML}){3XG}3>XGULSt6qGIVxG-nvG8&L zP;EpbYfD0GjkRTv!fdVJY_#Wa403lDPjfwTaXgT1VOMaa({;l6dpJ^uOA~lZI&y4V ze`;cTeSLbf+J^uDhX5~!08NT70Ejmhhd}^^bzp^meS(N-dy$xipR$LosffGZiN^Sj z404Y*FN;1>hDM)T!_B_4mev^~bXI zMr7{{Qy={{9I50RIUbNU)&6ga7)u0~Uppz9H)d^6NzG z-#$Cvt~nC84^26W0^#xa7fwz>U!*Q(+-MO^M1kgbbo}K=BuSI~P}Uon@K!CGHwoGV znv>K(l@>And$_LTNuvUb{sUUFpHG21B~m1c66wEdCIwC;rcXyie_+QFluA`j$Fmv- zGCk_@A6iF9=aw8>bnd`=xlm~vX)|ljT2X!Bc{!CZ&!RT(a;%H6vgON|Gi%<=xwGfb zphJruO}ez{)0@o=k!MzGMU}qNWSTANW5vcni^7&oo3TDAy5#69LNhl?csORyCe~J{ zm zmKWkpz9^}8R2jtd1I=^D(RW)y+w_41VndZjicLB3mWe2gp{C)69Cqm8haiS1qKEp_ zg%%V2tYXwX!>FYaJWPm(&pK#%VHY+dh4aNf{8W+>Mli~lVTv`>!jB|2RD@kuT2SYY zI=BTjkWKs4QIS4P9;H;3)WLHdPAIwO%SLUX6^B4Gx>n_tO;(B6K4l;_UV$oFWMzAa zkqIAroydvLT6MBGk)PEGxEDo5rMTiS0!C<2mQM~8=|A-hK@XKyF4ZJZLH?6wnj?lP z>ZqiaYU-(`^%KnQHirfwF7V4?Y-g>mFpI}rnn=jIOnYM&OG<*^UtT|gD22L7j5*> zNGGlI(oBQc4=z)9(QwmLS8esxSZA&E)?9b(_19pBE%w-Cmu>dhXs50A+HAM&_S8Ph3qB`VI!_4cj$1eNqwAXI??YQTzd+gMZ1EuP~2j8_i z%&0?8K5^$m5AnYX@BH&hv!1u_&{uE0&(iBn{q@{;PbxEggYW(Lk7p?|(t!3*Y|+*uMbs&42_%-XsXY z3I>mY{ZK^{KE#he;N=QoDM(I2XetU?@PwzspawbUL4S-RL+)82s!WK&8j4PZ8+673 zD)E9GY{L!yFYv%OI+zABY(Nd#AcF>&AQno{U;}uF3N&6ogEUyd5gpt}JIwGzIphQb z8?Y2VoCw9!`~iOSKm-77$VSxR@E^`Vzz_-XfpzeM5bOy=3h1E^66{DHEFcCy3bCU> znuHy4oQevt=s`tM3Iw&t;06a-$U=}XG=B&{3>rp{7zE%C1fgLYN13@dI>P}8S)nAe zXptVg$(8k(0KMR$fDEodEFNT~L>jrmSk6)b@B>XJHA#e+r$divW~T@ zW=$*K@YlEfsr9XRdtcw=2iLmNO?`aBt6lf{HnOJ8uY3(`*0MJ}^a=K`XCtiLwujip zCboFTOWyK|=h(`kjdiZuon|-7+0O2+cZRjBXh%!h(wg?Ps7C%iFD4ECyo*~Nde_T1^|JT9h?^gL=Sw)_(f7WAvoC)4%QteE zm%jjBY=8$WU;-OBZt^{_g4vef1v~g`4SukM#TMZSTexc#zOaU|mf;P1xM>~!u!xZs z;t`t|XeBO~-mwCEERc49Apl@Lz`#JW4>7O=A-GZj{+I(G#B0>C zGi8>}KfJtV1B|&c?tle7?R0zcIM?2cU1Zce3Q;-%R#l#>TN?ZCL?f}J` zLv4_Jn1cg?oW?iyF$O;cR)r~onYy>Dt$Km~*j zx8`~ba0`6n$HB$NCp;jGZGb@pTIaggMSzYl5P=-gaKgRC(1>ePU>NxL#jE+j3TLmy z&Fa{C*T0SrgYzii@#w)O$N`NAK&9&J>~a(ukq>Q{fEe{4K^MjW4GE;e9b;%jJFcLH zaY*9cg%AQcw($mZTw)mRCv4GFZNj&5&*v$e4abvT|FwNC{) z_P_&r@ZR^2M}`4n;SNe1faPzG`v=s)iUh<0p;EUT)!qI+?0E;E<7T#tIV|9f@RQpD z$(TLD*S-l>RNxe+2!#aXM0dNp$Ia+4|MB4@n_G+Z2YOLmJu*iyZH+`&71oSWuSMUYqAOS)L4?R$8m3C>(_W{WOjXV+z z^gxGGVTTlmhY2SSP@o3%a1XHHYU@C4fLKS*I57OcjkITV<`4jYC<5*v26;d!CJ>41 zIEnM1kNh|bZYM~-@O-*R9lS_wJQ#|Z!)0@(ZUImL{sIqbHj&$Lkp(~sxWaG(00C=< z7hi?}CpR@|wq|WsM-~ZY8~IafCIDZ+{tt))?&@paKKH z2;oS9>$h-VHU!(?1QhTC_DB!)XaJwMlRfzoCOB+l;0S-_Y`!1>Q-A?MM}z<9fnE8P z1V9S+Ukq?HsJi+v1dHHbf5M)uIU+?ff#zSQE;17@~5ShuC>M)w32_>Sb znFOI^cJU{kqMDs~KJ?(4o^lqmX*^2iJJ29R31OJHiG6e_Id%yeGD!hj@B?31IpmfB zN#F(<5Ou@pImKyZ({Ku}Ae@l?;}7ltf0s6$p;MjU>5$?%o<&%m<|%dPnVylhp6t0} z?)jcK7N7DtV-Yq2_?e&jxu5*mpZ@uu02-hII-mqvpay!N2%4Y+TAzY*p9=b*5E`Kp zI-wL=p#;jHf#aYSx}hA}p&t672r4H7mUaDYV8m0y|rer!`5jLc1x~6Q}rf&MCa2ls_I;V7sJ4G5w#gwOd zx~F{Fr+)gUfEuWRI;j4HTBwG4sEC@Vin^$b+Nh5DsE`_|k~*oBTB(+LshA3=cRCQv zkg1;fsh}FFqB^RiTB@dcs;HW(s@kZVDiEEzs<0ZXvO24@TC28ttGJr0f7+`5@T$7{ ztH2tp!aA(PTCBzjsl4i|$GWV{+N{p{tk4>*i<+#`TCLW4t=O8a+G?uQx~<;&t>7B2 z;<~Nf>Zj*(uIQSs>bkD%+OF=3uHzc7@;a~d8m;BZr^a)u`C701+OPiluc~^ld%CZ+ zO0WQXun3#53OlW)k*0rYu(JxW3p=qCTd@f%uzD)7v8u5a+p!+|vEGWYdCIY?O0pn( zvM8If#VWGJWd5-DFb%H|v)4xt=Mb|oD-16i3wp{8sIU&jlnyZa3c^rK+%OAzdJeJh zvNp>MKAW*B`?OFSwZF=;l&PmL`whi}v@|;mRtvLOTbt9+vot%iW4jLT01Hj~vT(Ny zP1~m?E46SNw{nZARO_co0C$I5OnJ5rgxj|G zI=7G;xsp4nb-Slmo3%Pyvo?#f(?AZ{`Lg7|w(dZ-S!=YTOSD6)v@y%H13S5{`?|0@ zsFmBbHX95+ySH7d4u?Cs>L9wLOS49MwU^tt4;#D2d%UqbyL~HcYMZruTTEB$4l%p7 zj9a+S{(EewtF^Uhy>5%V-uu0BtGw5XwP$;~&kMHS@Um!2yhz)$?Tfe53%%U?xZqpA z_ItA8i@ul}xSM;qytuth3$(Am48qX1_`nTld%a8RxK(?<4*b9ho4*kY!4zD<{VKt- z`nDFl!5nO_4GTcUtFIkA!X#|17`(A1oWd%+tS1bs8oa_V9K!+o!FXz}xcb5}oWnW{ zs#GgK;YD3L9K=G*tu)N3Lwv+Ye6dCBs!80$PE4;o{KQf`#n2kXRD8u)Jgion#a!IQ zwVJGT8pdKg#$;T^W_-qIjK*8+#cbThr@F>&9LI8;sc<~Uc6`T=TE}?2$9!Cts`p1G?$bC%6hMdTDjL3@I$ZgEXl8eKRJjrys#J#$~l1#~(Ou3esQ2KtJNpXf8>rIzwRy_Qz^cLcunmat2a7Pvj(Wg0E3|`J z%c4xhTYL|{fK5|?O>m$NzaV<05Cp_fsBs4odO8ndKm*sJxO_kZ3`3~ma0BOy57S)D zy85=6Mgu^AO*PO6?;r{0=&1Kl3F(AQi_xdzK+W_p&cJ-kNNmM%2hKhlcQ+sm(fkeW zV7t(Jn0%^a(EAJ6oTu7M14Hn&;(*V63$g0ZwEhgyip$W@Yp}Gbs&Cs41Wo=A?r;gS za1ZjVr@qs@wdv4%TF=<5%;em%`?}B7{L!Ec&?Icd?Jx#j;JAz%&Cr}v_>c|h)CE|Z z(S3kTI1mh_;Lb){Och-NM!U}7tkR+2&fWY&*yPmWPyMn_$b@T-Zh3 z4rGu9W56&U0}I?x2{`Z#L!Ab}pbTY@3aZW8hP~D_@CM8P4DXz2H~s(%;{XgmaMh-& z&Q)ClZ;-mJz1rt61~-5T(!d8eKn#No1dAXHqg~pk-L^LEv+vLfHV_Q0K-}9v23^1n zp-=IU(V&3X5vDS)L1(YDvr|kY|*GH$>Z?V{%R1<<_Hb^tkQho1-N}J z=6vT`ou~DD1B~DbuVB0HV9#7o<4fMtIsN8PF2q*6*EyA^?|`!jjte*t3&NG!mmc90 z?zr0A=i5CC+KdP9@ZR(Q4F@giitXklp44)_jCJnXy#ri79jR}7Wq2zILr@Mctqmi- zjBcO?DQ@VZPU^u0-;C|JgwV0miJG{jiJ?f*!2Q@$oC$0?yJ>zxl=BOUc zG!5qFn9&#g>XDAx_y7##jP7rs4(D(Q?0xCEe&W0i2=7n|X|2+(pxC7PwoLs7!7vW3 z-RF|f1>`W)T`&yq0Nsx8?8Suci=pm%8sB<~4rIXoFqtOWHxLZ!fa_i0?cXltg8J9# zMAvZ_=Lwy1=~M%NVCvi+;p>3zG|=J|ZjSD72iNlI{d~_hfbm(5*2BQ^x}MMjAJ^$5 z1pgeWZ#&=jjB5CR3p7yfz;Mrb&GF~h3OT>?ieBwj8}?N%+}qp*+5qq^@A5ee$9p*q zBHfwGv#;ZT_xZ{?O&inr&qU5`QISkr_8I^3|6=Z6|MMSD_;3I8zyBw8{{Zn% z;6Q=}4IV_8P~k#`4IMs&7*XOxiWMzh#F$azMvfglegqj(q)2iFnKg_T!vryo`;2@e z=n`haey(Oxl;?)V1~2pm)>F|$AU{hqUIsP);We8W( z(pUywGgQwJq5KMcamsDxz9>iXJpP5CVC}zsRUC~BJecd@!U+>Err7wgs>uKNO|E=7 z^XAT`t)An#f=|Fo*ZM}fq!ZG!q7nuKT0%0eBnoEFgphHux(KLk6i*cJg8g8 zysyU@8W-e{e%TL~Q6>cWamvtvl(Qsc7^-ukZHmhq4cp}G=chI z1rWjdnWi1l1`4M;k@|s7y7R8fZoBTj3vaygMoe$L_TG~Tz!&Np=)U~+>+iq$W)zS> z0}nz_K?WWC2SN#*s_?=LHx#HtpOk|#N-3wL5+vpXa*ig!{;_8k_=sVr0jEC6gPjl7 z@#h&7#M`jTFV$OYpC@XO{)rtF=%KK-p%nYa84-N46Hivw=m(UhTw;kJeT?!#pn7yz zhe&o7XvL@@k}`*f)Es4!pD37B=W)gBX2I z_=Yxt^kLzfQk{~f+izQQP$o`(golAz7bCKtc?GIhpCFR*#~D5C^CS;`BEi>K0u~Fb ziG8y8rrCO!WCwx6K-!dBZ^0FpTyu*|cU_I&{VLv<_Wh^cd;1hhUwRqv7hr)AEBN4q z#aq}ZRUC#`Vu~&Pt~O|)hbDTYYqJGXumw|~N1h&PS+EIYn1Jluki}fO>8Ig!*obNb zNh1@nHMxeW>1?eGY_T)Zq@Ds4SvwV9sQQtu2Fw|NsuCVxLZ1(w4AYqhsKQ`__a;s% zyMaSh8X2aYhMK{ts|HzJtR2^y&XT+SI_$B_rs3?H`B8gpx8W9BZn_By6K}ow_8ag9 z1Si~ZXA>u6@uGL0(+02Z-=Ge>19PrRXj0?x9wf!<<$He1_i=L!q-^- zCu;21;fD^`)UhuT0~;oYNPZx3>y!5;-17EeC77w7lJFt_og*z8UX|jHuSfD0V-Du2 z$$2{aAD#ZD7ps?C?;qJ)8IipAK=6rAAmpo&`E(|ffvAstV|t&?27|cyUF>%!L}3c6 z6gQPLo81IwIK?T;qp8E3 z=R{{Z)wxb~w$q*Ogl9bEIZt}l)1LRlXFm10Pk#2(pZ^4CKm|Hbf)>=E?cB&W$GK33 zHnfupb!bE-I#FesgrXP4Xhx|8QH^%gqaXbUM?pGLl9tpVA~k7BRcca{uGFP3#b`@m zI#ZgCQ>Hb=X-=zoQ=RtIr^n>!PlYM@8x?jha-ZHuaNBb!t?ldP1m9)v8ww zT2-;SRjx)!t6c?aSoQK%v6j`WAtCEo)w_jla&Zg`6ZUh$TE4e1Fx9H0(S9>{TpNc8S9tEHMZ}K zaV%dQ@7TRP_OW__9AxtjnaJWb@{zrpWF>2t$xXKIlc6kKDNotCRkpHnv7BY&Zkfx% z_41c}8)h-&zHo*&+~E(0c*G?>af(;m;uptw#x=fi zj(6PS1wZhS>czGC)q|ULt@oDeUC-^;!CqUjk3F_! zH+yT*p7zwPo$aM{``besce!_#?sd=X-SJ*oz3)A;efN7~0U!9p4xaFZHT>ZNn|Q_d zmGO*FC`SIJL4u9dg^UNgV-&5ybBUjMwALm&3hr~bM0WIsKdQ-Ai=zuBScAO|%* zK6~0Cgk%hzJX8C>t!cnu7-%fC+yPhafN^jPM7a zfQL7d2owB=Y+!*Fh!_=Q!2|IHE`XFKc@OoI{sLM-eaHfqFb5`p2PHU!FDSxza04K)qItN3EuaEo@P}() z8rNXJeV7CKgTN<52z}6kYS5s6h(Uhn1Y)>{R@egnaEf0@0yltzbwEV%`$B`@hd?-u zeYgUvaHdntHJS65!+?h&z{JJS2c*CS1KEcH@d`3yoX^R4PT6h5cG#`h{hwy79Sh~8n}VQIFAj$ zgGX8bP_O_=hz=%bhd6MCE=(p^v^81&1VVzSMS8eHGR%X0Km&le21nQjJAjFY`G#BA z1s-U~ZxBXh#K?Mhqkgyr8k|M}sm5zWL58>u1EE8f=tg4bhiw=IYRE)?0mp>M7IT;Y zn8-)VzzoZH4`(0%FG1j%dE2PR|)7fgZ;d_hZ`j!e9Uo|p$;{D*tU1vlsd56lwEag>_m z7X_e)ptKED>>z$bCV!kY9Sj1N@IfAQiYPRrTf`ouoC$NFfiF13w7f{IG^2gcf*vFv zY0N?fB#3*MiLneqLGpzVf(QOcNl9Ngjb?-(`5*<)#1i`eOr^*hs+a+b@ynkKOriWf zhRDDT?7)GDhZ^{ieXxYH!~=SW$|8w^#i$1xV2R7jOfmq%oY(>`Xast=h9wX`gYZ9u zhzBD~h?5+Meb56^NXZOT1WYJ{UtB{DBt`E8uz^6IGh&k7{7aw|%wr-4N52?A%F?LJj4)~!V2xj z3+1N&+$I%OwE)E=7QH4IB{dhlBpIzH8}&3ARUsUmCLYB!9Zex0eI_B5G$2Kx^z$h8 zL(y#_hXbW3@>^1E^8P-Jno@H!QWPT66OB?Sz0y#UzAfd_<*THav+haa3Z9PA$Q#rfSw#(Bx+f%sfQ#||AxeL@i8&tb1R69M?Kuc6bT~tDA zR7ZW(LyJ^Nom54uR7<_oMzg|9^{e0GRKfDpPhC7w4J_g#RlhRTQ`IZ-qlYt9)w(h# za*)+orPW%s)mz2YT-DWG<<(yG)n5hHU=`M3CDvj!)?-E1WL4H>W!7eO)@Oy*XqDDn zebs8U)@#MqY}M9n<<@TX)^7#ZaP_PaAlGs=*KD?OzsXU(tPEl8xU_l3m)( zUipiI`{mul?cBFrTe+oMul?F)I1SoWUjshiPQu!!?O+f7V5JRVO&VbmE@4bM;iOGr z6<%SYZQ)CLVHl3#6q;e6tzjF!;hoK46xv}P?&070VVw=)A~xb9M&cw^;w5I{CUzC# ZCx+rEmf|U<;wrY{E5_n1#-)G&06U*S{8Rt{ From 48f70d760314ae764272414aeda63d6808ec4b7d Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Mon, 18 Dec 2023 16:39:54 +0000 Subject: [PATCH 18/38] Add files via upload --- .../workflows/keyfactor-merge-store-types.yml | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .github/workflows/keyfactor-merge-store-types.yml diff --git a/.github/workflows/keyfactor-merge-store-types.yml b/.github/workflows/keyfactor-merge-store-types.yml new file mode 100644 index 0000000..c70659f --- /dev/null +++ b/.github/workflows/keyfactor-merge-store-types.yml @@ -0,0 +1,27 @@ +name: Keyfactor Merge Cert Store Types +on: [workflow_dispatch] + +jobs: + get-manifest-properties: + runs-on: windows-latest + outputs: + update_catalog: ${{ steps.read-json.outputs.update_catalog }} + integration_type: ${{ steps.read-json.outputs.integration_type }} + steps: + - uses: actions/checkout@v3 + - name: Store json + id: read-json + shell: pwsh + run: | + $json = Get-Content integration-manifest.json | ConvertFrom-Json + $myvar = $json.update_catalog + echo "update_catalog=$myvar" | Out-File -FilePath $Env:GITHUB_OUTPUT -Encoding utf8 -Append + $myvar = $json.integration_type + echo "integration_type=$myvar" | Out-File -FilePath $Env:GITHUB_OUTPUT -Encoding utf8 -Append + + call-update-store-types-workflow: + needs: get-manifest-properties + if: needs.get-manifest-properties.outputs.integration_type == 'orchestrator' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') + uses: Keyfactor/actions/.github/workflows/update-store-types.yml@main + secrets: + token: ${{ secrets.UPDATE_STORE_TYPES }} From d850ab58464cb3a6d54764b035b4f03f62ec37cd Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Mon, 18 Dec 2023 11:42:02 -0500 Subject: [PATCH 19/38] Update keyfactor-starter-workflow.yml --- .../workflows/keyfactor-starter-workflow.yml | 43 ++++++++++--------- 1 file changed, 22 insertions(+), 21 deletions(-) diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml index 4715a85..0040565 100644 --- a/.github/workflows/keyfactor-starter-workflow.yml +++ b/.github/workflows/keyfactor-starter-workflow.yml @@ -1,26 +1,27 @@ name: Starter Workflow -on: [workflow_dispatch, push, pull_request] +on: [workflow_dispatch] jobs: - call-create-github-release-workflow: - uses: Keyfactor/actions/.github/workflows/github-release.yml@main + get-manifest-properties: + runs-on: windows-latest + outputs: + update_catalog: ${{ steps.read-json.outputs.update_catalog }} + integration_type: ${{ steps.read-json.outputs.integration_type }} + steps: + - uses: actions/checkout@v3 + - name: Store json + id: read-json + shell: pwsh + run: | + $json = Get-Content integration-manifest.json | ConvertFrom-Json + $myvar = $json.update_catalog + echo "update_catalog=$myvar" | Out-File -FilePath $Env:GITHUB_OUTPUT -Encoding utf8 -Append + $myvar = $json.integration_type + echo "integration_type=$myvar" | Out-File -FilePath $Env:GITHUB_OUTPUT -Encoding utf8 -Append - call-dotnet-build-and-release-workflow: - needs: [call-create-github-release-workflow] - uses: Keyfactor/actions/.github/workflows/dotnet-build-and-release.yml@main - with: - release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }} - release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }} - release_dir: GcpCertManager/bin/Release/netcoreapp3.1 # TODO: set build output directory to upload as a release, relative to checkout workspace + call-update-store-types-workflow: + needs: get-manifest-properties + if: needs.get-manifest-properties.outputs.integration_type == 'orchestrator' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') + uses: Keyfactor/actions/.github/workflows/update-store-types.yml@main secrets: - token: ${{ secrets.PRIVATE_PACKAGE_ACCESS }} - - call-generate-readme-workflow: - if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' - uses: Keyfactor/actions/.github/workflows/generate-readme.yml@main - - call-update-catalog-workflow: - if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' - uses: Keyfactor/actions/.github/workflows/update-catalog.yml@main - secrets: - token: ${{ secrets.SDK_SYNC_PAT }} + token: ${{ secrets.UPDATE_STORE_TYPES }} From 946840f0870725e805896ca0bda0a3a1ba7bed61 Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Tue, 19 Dec 2023 09:06:44 -0500 Subject: [PATCH 20/38] Initial Version --- .../workflows/keyfactor-starter-workflow.yml | 50 +++++++++++-------- 1 file changed, 28 insertions(+), 22 deletions(-) diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml index 0040565..b779b53 100644 --- a/.github/workflows/keyfactor-starter-workflow.yml +++ b/.github/workflows/keyfactor-starter-workflow.yml @@ -1,27 +1,33 @@ name: Starter Workflow -on: [workflow_dispatch] +on: [workflow_dispatch, push, pull_request] jobs: - get-manifest-properties: - runs-on: windows-latest - outputs: - update_catalog: ${{ steps.read-json.outputs.update_catalog }} - integration_type: ${{ steps.read-json.outputs.integration_type }} - steps: - - uses: actions/checkout@v3 - - name: Store json - id: read-json - shell: pwsh - run: | - $json = Get-Content integration-manifest.json | ConvertFrom-Json - $myvar = $json.update_catalog - echo "update_catalog=$myvar" | Out-File -FilePath $Env:GITHUB_OUTPUT -Encoding utf8 -Append - $myvar = $json.integration_type - echo "integration_type=$myvar" | Out-File -FilePath $Env:GITHUB_OUTPUT -Encoding utf8 -Append + call-create-github-release-workflow: + uses: Keyfactor/actions/.github/workflows/github-release.yml@main - call-update-store-types-workflow: - needs: get-manifest-properties - if: needs.get-manifest-properties.outputs.integration_type == 'orchestrator' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') - uses: Keyfactor/actions/.github/workflows/update-store-types.yml@main + call-assign-from-json-workflow: + uses: Keyfactor/actions/.github/workflows/assign-env-from-json.yml@main + + call-dotnet-build-and-release-workflow: + needs: [call-create-github-release-workflow, call-assign-from-json-workflow] + uses: Keyfactor/actions/.github/workflows/dotnet-build-and-release.yml@main + with: + release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }} + release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }} + release_dir: ${{ needs.call-assign-from-json-workflow.outputs.release_dir }} + + secrets: + token: ${{ secrets.PRIVATE_PACKAGE_ACCESS }} + + call-generate-readme-workflow: + if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' + uses: Keyfactor/actions/.github/workflows/generate-readme.yml@main + secrets: + token: ${{ secrets.APPROVE_README_PUSH }} + + call-update-catalog-workflow: + needs: call-assign-from-json-workflow + if: needs.call-assign-from-json-workflow.outputs.update_catalog == 'True' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') + uses: Keyfactor/actions/.github/workflows/update-catalog.yml@main secrets: - token: ${{ secrets.UPDATE_STORE_TYPES }} + token: ${{ secrets.SDK_SYNC_PAT }} From ab8fa2c52133e311bd43155f6d8ddb2645bda670 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Tue, 19 Dec 2023 14:07:11 +0000 Subject: [PATCH 21/38] Update generated README --- README.md | 132 +++++++++++++++++++++++------------------------------- 1 file changed, 56 insertions(+), 76 deletions(-) diff --git a/README.md b/README.md index bfd7362..44f139f 100644 --- a/README.md +++ b/README.md @@ -4,38 +4,68 @@ Google Certificate Manager Orchestrator for Add, Remove and Inventory. #### Integration status: Pilot - Ready for use in test environments. Not for use in production. -## About the Keyfactor Universal Orchestrator Capability -This repository contains a Universal Orchestrator Capability which is a plugin to the Keyfactor Universal Orchestrator. Within the Keyfactor Platform, Orchestrators are used to manage “certificate stores” — collections of certificates and roots of trust that are found within and used by various applications. +## About the Keyfactor Universal Orchestrator Extension -The Universal Orchestrator is part of the Keyfactor software distribution and is available via the Keyfactor customer portal. For general instructions on installing Capabilities, see the “Keyfactor Command Orchestrator Installation and Configuration Guide” section of the Keyfactor documentation. For configuration details of this specific Capability, see below in this readme. +This repository contains a Universal Orchestrator Extension which is a plugin to the Keyfactor Universal Orchestrator. Within the Keyfactor Platform, Orchestrators are used to manage “certificate stores” — collections of certificates and roots of trust that are found within and used by various applications. + +The Universal Orchestrator is part of the Keyfactor software distribution and is available via the Keyfactor customer portal. For general instructions on installing Extensions, see the “Keyfactor Command Orchestrator Installation and Configuration Guide” section of the Keyfactor documentation. For configuration details of this specific Extension see below in this readme. + +The Universal Orchestrator is the successor to the Windows Orchestrator. This Orchestrator Extension plugin only works with the Universal Orchestrator and does not work with the Windows Orchestrator. + + +## Support for Google Cloud Provider Certificate Manager + +Google Cloud Provider Certificate Manager + +###### To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab. -The Universal Orchestrator is the successor to the Windows Orchestrator. This Capability plugin only works with the Universal Orchestrator and does not work with the Windows Orchestrator. --- +## Keyfactor Version Supported + +The minimum version of the Keyfactor Universal Orchestrator Framework needed to run this version of the extension is 10.4.1 + +## Platform Specific Notes + +The Keyfactor Universal Orchestrator may be installed on either Windows or Linux based platforms. The certificate operations supported by a capability may vary based what platform the capability is installed on. The table below indicates what capabilities are supported based on which platform the encompassing Universal Orchestrator is running. +| Operation | Win | Linux | +|-----|-----|------| +|Supports Management Add|✓ |✓ | +|Supports Management Remove|✓ |✓ | +|Supports Create Store| | | +|Supports Discovery| | | +|Supports Renrollment| | | +|Supports Inventory|✓ |✓ | + + + + + --- + **Google Cloud Platform Certificate Manager** **Overview** -The GCP Certificate Manager Orchestrator remotely manages certificates on the Google Cloud Platform Certificate Manager Product +The GCP Certificate Manager Orchestrator Extension remotely manages certificates on the Google Cloud Platform Certificate Manager Product -This agent implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this AnyAgent. It supports adding certificates with or without private keys. +This orchestrator extension implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this Orchestrator Extension. It supports adding certificates with or without private keys. **Google Cloud Configuration** 1. Read up on [Google Certificate Manager](https://cloud.google.com/certificate-manager/docs) and how it works. -2. A Google Service Account is needed with the following permissions (Note: Workload Identity Management Should be used but at the time of the writing it was not available in the .net library yet) +2. Either a Google Service Account is needed with the following permissions (Note: Workload Identity Management Should be used but at the time of the writing it was not available in the .net library yet), or the virtual machine running the Keyfactor Orchestrator Service must reside within Google Cloud. ![](images/ServiceAccountSettings.gif) 3. The following Api Access is needed: ![](images/ApiAccessNeeded.gif) -4. Dowload the Json Credential file as shown below: +4. If authenticating via service account, download the Json Credential file as shown below: ![](images/GoogleKeyJsonDownload.gif) **1. Create the New Certificate Store Type for the GCP Certificate Manager Orchestrator** @@ -47,18 +77,19 @@ SETTING TAB | CONFIG ELEMENT | DESCRIPTION ------|-----------|------------------ Basic |Name |Descriptive name for the Store Type. Google Cloud Certificate Manager can be used. Basic |Short Name |The short name that identifies the registered functionality of the orchestrator. Must be GcpCertMgr -Basic |Custom Capability|Checked with Name GcpCertManager +Basic |Custom Capability|Checked with Name GcpCertMgr Basic |Job Types |Inventory, Add, and Remove are the supported job types. -Basic |Needs Server |Must be checked +Basic |Needs Server |Unchecked Basic |Blueprint Allowed |Unchecked -Basic |Requires Store Password |Determines if a store password is required when configuring an individual store. This must be unchecked. -Basic |Supports Entry Password |Determined if an individual entry within a store can have a password. This must be unchecked. -Advanced |Store Path Type| Determines how the user will enter the store path when setting up the cert store. Freeform -Advanced |Supports Custom Alias |Determines if an individual entry within a store can have a custom Alias. This must be Required -Advanced |Private Key Handling |Determines how the orchestrator deals with private keys. Required -Advanced |PFX Password Style |Determines password style for the PFX Password. Default -Custom Fields|Google Cloud Platform Project Location|Name:Location Display Name:Location Type:String Default Value:global Required:True -Custom Fields|Google Cloud Platform Project Number|Name:Project Number Display Name:Project Number Type:String Default Value:N/A Required:True +Basic |Requires Store Password |Unchecked. +Basic |Supports Entry Password |Unchecked. +Advanced |Store Path Type| Fixed +Advanced |Store Path Type Value (the textbox that shows when Store Path Type is set to "Fixed" |n/a +Advanced |Supports Custom Alias |Required +Advanced |Private Key Handling |Required +Advanced |PFX Password Style |Default +Custom Fields|Google Cloud Platform Project Location/Region|Name:Location, Display Name:Location, Type:String, Default Value:global, Required:False +Custom Fields|The file name of the Google Cloud Service Account Key File installed in the same folder as the orchestrator extension. Empty if the orchestrator server resides in GCP and you are not using a service account key |Name:Service Account Key File Name, Type:String, Default Value:, Required:True Entry Parameters|N/A| There are no Entry Parameters **Basic Settings:** @@ -83,8 +114,7 @@ See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your **3. Create a GCP Certificate Manager Certificate Store within Keyfactor Command** In Keyfactor Command create a new Certificate Store similar to the one below -![](images/CertStoreSettings-1.gif) -![](images/CertStoreSettings-2.gif) +![](images/CertStoreSettings.gif) ![](images/GoogleCloudProjectInfo.gif) #### STORE CONFIGURATION @@ -93,64 +123,14 @@ CONFIG ELEMENT |DESCRIPTION Category |The type of certificate store to be configured. Select category based on the display name configured above "GCP Certificate Manager". Container |This is a logical grouping of like stores. This configuration is optional and does not impact the functionality of the store. Client Machine |The name of the Google Certificate Manager Credentials File. This file should be stored in the same directory as the Orchestrator binary. Sample is "favorable-tree-346417-feb22d67de35.json". -Store Path |This will be the ProjectId of the Google Cloud Project. Sample here is "favorable-tree-346417". See above image. -Location|global is the default but could be another region based on the project. -Project Number| As shown in the above image, this can be obtained from the project information in Google Cloud. +Store Path |This is not used and should be defaulted to n/a per the certificate store type set up. Orchestrator |This is the orchestrator server registered with the appropriate capabilities to manage this certificate store type. -Inventory Schedule |The interval that the system will use to report on what certificates are currently in the store. +Location|**global** is the default but could be another region based on the project. +Service Account Key File Name | The name of the file containing the GCP Service Account JSON formatted key previously downloaded. Keep this optional field blank if the Keyfactor Orchestrator Service is running from an authenticated VM within Google Cloud. +Update Server User Name |Click and select No Value. +Update Server Password |Click and select No Value. Use SSL |This should be checked. -User |This is not necessary. -Password |This is not necessary. - -*** - -#### Usage - -**Adding New Certificate No Map Entry** - -![](images/AddCertificateNoMapEntry.gif) - -*** - -**Adding New Certificate With Map Entry** - -![](images/AddCertificateWithMapEntry.gif) - -*** - -**Replace Certficate With Map Entry** - -![](images/ReplaceCertificateMapEntry.gif) - -*** - -**Replace Certficate No Map Entry** - -![](images/ReplaceCertificateNoMapEntry.gif) - -*** - -**Replace Certficate With Map Entry** - -![](images/ReplaceCertificateMapEntry.gif) - -*** - -**Replace Certficate No Map Entry** - -![](images/ReplaceCertificateNoMapEntry.gif) - -*** - -**Remove Certificate Map Entry** - -![](images/RemoveCertifcateMapEntry.gif) - -*** - -**Remove Certficate No Map Entry** - -![](images/RemoveCertificateNoMapEntry.gif) +Inventory Schedule |The interval that the system will use to report on what certificates are currently in the store. #### TEST CASES From edf9ba24cc3a066d30544cfb499c6163cd7a04a8 Mon Sep 17 00:00:00 2001 From: leefine02 Date: Tue, 19 Dec 2023 14:10:27 +0000 Subject: [PATCH 22/38] Initial Version --- integration-manifest.json | 1 + 1 file changed, 1 insertion(+) diff --git a/integration-manifest.json b/integration-manifest.json index 7509586..c208917 100644 --- a/integration-manifest.json +++ b/integration-manifest.json @@ -3,6 +3,7 @@ "integration_type": "orchestrator", "name": "Google Cloud Provider Certificate Manager", "status": "pilot", + "update_catalog": true, "description": "Google Certificate Manager Orchestrator for Add, Remove and Inventory.", "about": { "orchestrator": { From 6eafa0f0b4ea60d573279e4f20063a3931eee58f Mon Sep 17 00:00:00 2001 From: leefine02 Date: Tue, 19 Dec 2023 15:13:21 +0000 Subject: [PATCH 23/38] initial version --- integration-manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integration-manifest.json b/integration-manifest.json index c208917..b99d39b 100644 --- a/integration-manifest.json +++ b/integration-manifest.json @@ -3,7 +3,7 @@ "integration_type": "orchestrator", "name": "Google Cloud Provider Certificate Manager", "status": "pilot", - "update_catalog": true, + "update_catalog": false, "description": "Google Certificate Manager Orchestrator for Add, Remove and Inventory.", "about": { "orchestrator": { From fa0c47068eef1619b863a8d69a694f5bcce1df54 Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Tue, 19 Dec 2023 15:28:20 +0000 Subject: [PATCH 24/38] Add files via upload --- images/CertStoreType-CustomField-Location.gif | Bin 0 -> 8717 bytes ...rtStoreType-CustomField-ServiceAccountKey.gif | Bin 0 -> 8624 bytes 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 images/CertStoreType-CustomField-Location.gif create mode 100644 images/CertStoreType-CustomField-ServiceAccountKey.gif diff --git a/images/CertStoreType-CustomField-Location.gif b/images/CertStoreType-CustomField-Location.gif new file mode 100644 index 0000000000000000000000000000000000000000..136eb2f3cd5bf6f69c765e616d68c0b1808b6a85 GIT binary patch literal 8717 zcmV+oBJ$lwNk%w1VUPjV0e1iZA^8LW00000EC2ui0FVLJ0f+wp{{R34004skBvJq> zivT!&09B;`VS)gD#0&sA7%Wd1Fnbt+#vcFxA|oOpBsnK9J|#Y7HvmOB0021*ayblq zHw%b445T?2S2-mnIU|5MHJv*;IXgLkIy#j-L1Q^eqdZY}JX4i9R;@f|emrHEJ8QH& zdW}1JvO0vxJd(~r098IbR6jm>L_j$}Nl!seia}$jL35=}J!wu%P)k&7N?Tz{Vu?d| zut;~uQUDlI08v;Ba#cK%Q+%pYe#%jZv{aMJQlsTv003GTIaxeaT}gglN|RYvR$g6# zSYmcubdp$eyIYCQV+@96J7{7;J6>I*UtwTjV~%5Yqh*49W|zZeo7`(Ub!SCWYfUL_ zfuUxKwri*2ZL;Qa44Q8Ya&jhqbv$%*JCkoiba7ZybAo?*n6hu1%yOmWcO`OsJv@O@ zKYUYnd}UC9U|)G>jDBj8e2BSwl9hg(!G5aKe5~Ysxa@-g0E04eh(mINWIBX|tAdAf zgU9=fBYTiNag0qVicLm~X;zA7aEpR#l7pX-jEahm)RdKVjIqy(wBwG#@s7v)l?-x{ z42hIHRg^q!ls-F?KSGsaJdj~Tlz3c|nwXT#`j{nhm_z`ZO>vuKahrF8nwy%LnXa3q z$eOg|nZeYY$MdFE1EEwsqHRB=a!>p6W$EU`|%Eiyq#^a^N=lse0{>*TM$&EnHmsZN9 zdeG3*(}{J{lswt0#nG>X*0H0}znIX)tkKT2(9p%#*V@?P?bY@E)|Z3Xlce0LZ{MSe z-M+ft;o;%+{^g`m<+76F=IHDE{_C`J?5v6I!iw?ArRvks@6)>S=Hu<{?fb}w`_{hx z&zJq(r2XN)|LC;-@!bCS$^QM^{`~a*{{9I50O<)FNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlN5)kT*hqt`qezn~UCOkn)2C3QN}Wozs@1DlvufSSwX4^!S^a?>OSY`pvuM+*UCXwu+qZDz z%AHHMuHCzM^XlEpx3Ay7fCCF2Ot`S&!-x|rUd*_$(`_8y-Ctbscb2$82g*I4z|DFu!A$bErm8x;<&N;J4T_o zbLTl!EA=Oi!iaGG;YEI}So9Ayf9`K|uv_=t9pt=5TUh zhTSpP;acU$M2M<&5Tb9FHHoU!>-Xr2e^L2Ds_@Xp$;QUqV> zFs!4*X`-9+S(tIWp3NKMnaxcB$ICCrv8O$+iVzDu@!+!XzN_Ydb1)QWpbIz|ZfHVl z1NU5Tg83M!B6~+XGfy`aa`DYNcm}NqJ?W}J!O_ny3<5FqXtQtybd6Cc-;ij{wNBlQTV)SC!+8~8#1&NgnX%wPq!y9w-<9rkJ5nJmrv%4@cku; zMrC=j;hBw@_{vrd2sg|!XAL%@pVR%|?SEztZqm9^pWv6xMF9$&mr5xz1s+(wPv%#! z(>mm{YgzepZ^tcnC){W9 zsL5Hu@NZojo+10FM|wbMQWOw@dM<@6pREc6Ls}${g0TqcNUxDnDjnung|vJyXik+( zVVp3@!nXZ`U|#~}QIItrz75D$|B#2%4rofrq$WP(lnSxV!w&F~3l%ZsS@-leEk=0h zV`l!uf^%?yoqTz~5QK2fbtFlF7K)pyQP=;6o>3ScgdR0DjV3p~mny z#th2CYZaivCs3hJVDhb3M#|+U2$#ch>TsRU0T=kpBTsPggF(${A1Gr8tPdK+na|Mx zsjlM>b(zPZ=W9;-{E-cwKFOjO?cy|#m`RRql8K89>Yh#-PKlZ4jV?vm6LaCevcf_a zv+_nN;!rMmsE7j{z#-Rvh4rC%iG@i_P4+du5gD-+~OMdxX4Yea+k~8<~sMe(2cHir%T=HTKBrx z&8~L0%iZpJ_q*T?uXx8x-twCFyy#7@de_U|_PY1I@Qts0=S$!E+V{Tr&F^daAqg)W zZ;JOpi6A7nsGryc zAY?oSX#C?E{?$j5rQrvo=pzay4l;IA?4LE5VTLxwu^5=_WGMTm$+Osk{wLPFSS^c} z%l~MH3uZWrD)S=}WPWm#o7|2YUkbBs_AZ?LF^w7G;|+7@!xQpsW+_9%AJm|M6sEAt zKwJ9Kn9j7OH_hozd-~I$4mD)x@eO7W<Q=k@)k9&%Hx$*DQlEp?q6RKK z&LQizRO1`DM(#JNu@)NzJGsV23q6=|Y~?Zo*JSy|Ihvi^a{&7+&!#qVmyMQTXgj&y zK1;a2ZQOB}#oXi`F1p9E?sNmU-Cu#XyL&6|u9&+YqyREk_%VqCUxNVFocCzz&6RuS zyDR*_LzVYYX@Q%D;9D`czK`+_C~)8d_Po?7IKTlPU?&?Ej{qkA_#ue~KtKiQFo0?* ze({VK;{bzjfdc&N@XSD5D-uUaJur|Pd=SA8_)YCfEY|e<^NE=%N_m?{NP7s_*4PE_Yo+5sg!^G zC_6t?)Q|o!vEM20Z@+Nj&lLL0|26hkO8)QvaI|Eb|FXqxXCZ9>C|lO1Y|K`Gu=Rff zcx?(;PRW)QzxIHpG;FoT47Wys@v>{Z<`$%8YOof9A~=F1Sb`>af;%B=(58Vb*n%$j zf-o3^GB|@YSc5irgE*LjI=F*8*n>X!gFqOBxYZAnU;|Qs1X~~>H8ych(GDs=740Ab zbmtGVa9~1c8E^&1}15VZtreH@#(GDk2Wd3D{2@Z0EB>*4Summ2)1-5_$FyLhQ zFbGmm1Dkh-eF10wfd#z)W$z$#{$N_|fC8=24r`c)@*pAipksshEJpx&PN)xCNQH`s z4d_5rrVnILcARJzo~RF?2xavE1G|)m|A0BYkca!A44<$J ze71%*h7@_&4lO_oW+)Gy01DLbgpJl@dUj>4QDarMjC)JP z2}URdNoW*Mc8U72k0-E)H&7dS_zrC_2ZaEL{!s*0$a!GcWth+p$*=^6;06+TW)!K1 zMwmuIsTkB474?vkX?Y)O=@kBO3pKEjZ+Vw^nU{LGm-6_5DEOCv8JL1On1mS~7#!$;YB7O}=@=HM77-YkjZv9pA%K?o7z|hz1h|=xae&ySn4pOmnt5)e2^sr` z6swtZxh#d-4`c; zCw;k>a*6k#jCY_33V#cVpGdKv{dtg`_j#e`o{UGJVfS{a7oi)P6!+<%I>&Rd2XyF3 zd$vcS6{>RZsiMD!pe@Rp9g1(qhkV-Ea?$C0{Q!LwN`2OcebC9Hs`sP%*P&AC7x!7E zeQ~8&x))lyrFqe%UV0Z`8m4t2o1ICfc5#}~Hf?B%7ouqvYTBlAai-Dcm~t8ym}wS} zd8cqOnZ<^Iq{*ja(U|^k;g^MZsEC@Vin^#eahQVosE`_|k~*oBTB(+LshFCnn!2f+ z+NqxUse$$m`r!gb7$~3$7@l~lfstbVPzzmua8b$*?1rN9?1&ZK>_4*Zp z*a!gQkpo*7_&{RPk*W#%un-%u5=(=I%BU85u^5}NC+Mgbn1K^}6okqad-}0T;iqVk zrzDFMC<_*Gn*Op$L8oBxnJ&u|Z(0^GJF`a7vhjwq94c-++Z1EUvq6iqLp!rU%MW|d z009sI_H+-Gm=yOQ0a^K}W6BSjz+xfR0?!bovtnARI;QwA1o4Pq91s95fC=ev0G40@ z&Tw`BY6eh{0VUvM%aH*tPz7S^rH4ST>u?AzN~O*@0CdnOs+SH4U`GJD3izM{?UQi+ zl@0}fhZ8WiQhEsi-~fKI4h|3io&cmiJ21+i1r4A8_Efmom$-?GpZ%Z-G$(pks=1fD z4zP>4o@*92w-2|F0F7X}s)4#^ho7$Ny05#r4nVy0`VU2G6bUB;y!$L}`@0Uhx~-db zUV09j{u{ef`ngN7a~R?e?H~cG(7e9Ot_KIXl1sV6OS{=?yG{WQNxQW6#1DZ00auWn z>x-Icu@6Indy|^HTcHnozyU500KK#Q#9K=FA7({4ZY$)WuV)c34{rLeLLz)eo~^M}kbpGsI&) z#)O!P$h?59sh0wdjATldXLYOsj(i-!s1LyyPM)9&wcuZ${CQv&k5?wJd`gcdunv$g z2N?+pxL9Mq7|Ec_4wNh@wGaf}`gBsb52m2YULeWrkY>jWXqI}#iYN`XI+Dp;XVr*j z80KX4=*+OJ#Y#~RH2?($+YT`)4cMH{aW=_*Hj;--l=^X$mtqS>NCnT}$cL6_i{=l> zAZdj#$xlcQE)WD`R0_Wu&|7c_dw|Uf&CoLhX_7{1Lmbi~J<=py(k9(oF>L5zFZ`HxID^~&Amdci&1(_0bL9X!-5d(=8y)LgOC6U*LQk-|1jY%mR|F3f8+ofawG()zvM z{2iDtebN9P-~vA21YY0D z&(Z_R`ppRIjHkSL)e5fe7$;OF$^Ebi{o#ZISxiZ>&PXBV{#@pgo+`}5Y|Ly1t`>=r zYZeP~PUnUAgxTl@x@u*hSmb@qj(-l~w$zp6=?t?(E*~ z?*8uZ9`Eu#@AO{p_I~g99`DUyYWJNO`=0LrAMgS{@C0A*27mAfFYwIJ43fzV3IFgA zAMp}D@f2V2@!o-oK@Y=V@f_dr9{=$mAM)is3>X~#7^NoiD4+5wzw#{4?ii043*YiG zKl3zS^ANx9i?Q)GzwbWrZePy*rJ4Q${8f&cEwz;Tps1=&ypim(k& zAPVc=4Qt>7TSyq4VeN_>f->)Q|+6FYnx-3-rznYd`~x5AmW; z`sBX&%^>=_AMe0V?%t3K&7k?SpYEQ|0lxm<`=#IZr{DEozxwIE4Ny=A=8pHdp7_;J z3nx$sHZTLTpAF<+3n(D&$uMF{pbFK%{WReHir)gtfcfLD3}t`>dtVLRUhB|5R?3q>TR<2#W zegzv=?AWh|hV>kFDC@9)ZQZ_w8&~dJxA!iDn`u+tdQZtYRO=K7Ewt{2wQ%s3ITI(&%_Tb*UZcpA2wu9qaZ)t8^_tY#To`@XJaJ^Q<;|Z* zpZ@D54mA7@qru@4TE6w|$F+-BuHO4^{r<(J3>Rw1E*ls~`luPoszC-MZq}$nvd74C z=)jmdqN#}Nl4(I8Q$(Z5rk<#Q$R*qsd?+HBa3YR37hE_lM3}NMBBBGg$s)U%lHs7o z9<5l;CIb;nt|SP#VZ(bjZ&OWkhkd6>TE4vJWnS zVz+EKfD;Lp9;~B545{2SNKxE`vrm$Yj4+!b=qRePERd)IiaPRy5+_jkG&Dz>9^0*?uVPc}Y~ogjh@!xn@j#(g>J(x`l-2cC6CVZMn*`np<9oG}a~|jIt%1_RTe6g%_S_ zOD?ry3s{NU$_ESzF2?xcG=NpM+#=3Mh#Hn$Ye*SYV$=2o(qgj=GtJo8&Eye((^jaL zN;}Pz)K+T^X5lFQp$bsdPEmASMvG#`T}N}%IU$)#gQCN%670!Sl8-tWx(I*fz>1qO zg;hl6e8!q#v(Hu!zFyawxNW!N>bNIm+;D*d0;?K?1|*gsY{8NQk)fjnlQBq%lL^wB z@0kD#yf8tiLJEnyO)_W+fpj`(T{m7(qL88su8f8xMy1-{5L&ZDZ^MBDTC37!gc9++ z3Da7+NUO0$?^a(WI93s5R~&8OhYzbut|ERr`HABuzWKAaDPmsdr>DMpERk0}`!Jce zzWek5vjHpb$0xu1hP6k(Kkm(EzkT=LCm;Lt=Z719`|rm;e}?6!zyE*M*IxhyIKTn& z&wuj+AOZdrxIhMa&wvL+A2T-9KnhmSf@o_7Gaz`tZzS!49|U0tuf&XRY|wx7NT3K+ zxIz&QgB~XIUk6z@LmH}(gfKi{25Y!O9xhOVIE3Igh9SWo7SV|8%iu6d2t)|dqk~<7 zVict~MJiU&idV#97PYuVE_Tt2Uj$^Kg zj(5ak9`(3KKK9X%e*|P81vyAU7SfQ1L}VfrxkyGf(vgpZWF#dyNlI4Il9$9}CN;T9 zPIl6hp9EznML9}RmeQ1`L}e;fxk^^H(v`1-Wh`YmOIp^_mbb)ZE_Jy}UiQ+Leymu= zF#dLze0+gezeHv-g>}rh1k(b{OlCB7Nv396i~=QihBURAOEUEX5pD@41x&yWzVu@f zHjqLVWROjX@k0=+2-7{rxlMZVF+crq1O@gI&UuzI62$VyG*CcJiKVeW@+4?I6>7)) zxI>s1>!&}Dc@Gaj10Q9O!VR+7k7Lk43Vj%7J5D_aqY{#CxR zk(&Q-=sfvTpQdI36I3OEClu=mVyv|-ZdEE%*SR^&jyd=wK!K zk9WWT8u~Z_UH!2Rst%N@Ax%M7XA#$4=wq(`K&@(7+YZ-Om9xLy;4+JKtgrs_AO4WW zUf_XIDJY_=F)hS6`B8}%OkoeSwJlx$v0N!M_qiU8u2q3M-t>j@p&OguUdg-OP^y=` z?}cxCeQAbskk`z|HoIASamMpQ=e)-{+gW*e2DFyl(&s!9 z+RttaG@$paM?)WaVo&}7I{fjEc?g3C7rVoDDUbtplmlZMUTkqKlK6CA7{xvrPa*0;Dr1H&#h%K4)5mEQ--8$bjx{$UR=aN5%g zr@$yqt@cdx9NbqPx;u(qa*qGQ8sjV`H1eT_G?XI+Q!lxhGLGz&cl~WyzCyY)U208p z8XMt&$E70<<{pv@(~6**gFjQ7JOT@P8Y79p886T zHad=5>BL6^W1LR75XL_HpI=+(yzhOhUo8i8+&!W0*nl^_pxu7BV%NPk!mk0Vd14z| z*hV-4c8ZJYvp%^%Gk3T=201wlayb}UI4LJN zFrGO%JUTXmJWp~tOrSYdt~_OgJ!PXkX~R5yjy!U)IE2bOlFdN?06{q*LPSDANLxWk zhDHl=N-QZ!Iyp&3QcYG_NoSc#dB#bL#ZH{sQ2@SzKR)Sz%^hWT#(cn^}s>WJ-}?R7zi9Ut(sAWPX%r zex+oQ#9@@yU6it8uJ39*b7@04XhK$PO(|%LglVVbZL;Tb44rQba%vTTbu|EXJacqA zl67S~a#&M!esy?_m~)KAZk*n7rq_0`<#`wld@FK(JUn|)cX?rCduWb)eXDwhw|l(v zg8%@G404Ay5QAJ^hH7SkiEx9O#)7KSgtoPX#{G~}DUM@0j%QSif^3S5t&EV4jGNnr zsKSc2*p0vMk_?HKC3BNKLXtddmR>%bgO-zyc$1Zslgs*>404%FahrF8o12-Pm#&c0|$I8azrN-y{#QXltaD>p% z)6)0;)0I5YmRQq}bJmrE)u))%vVqpLr_#HY)Vt2n&b`;y+S!w&-=Dgw&}`~K^*aq+%`@caGr%d7mzhW*Z%{n(xR z+qeJXr~T%||LeB>@!kIX%KrV{{`~a*{{9I50RIUbNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2AVZ2ANwTELlPFWFT*#s4q~IUIxozQI*u6J9lFb z`kNcKE=9Fi&Jx7C_M*RJBmxT-{DZ4Of7wW|sOFE|r(+TK6$3MP3S^;w2Wu|u`0_%3 z<4CNihH&335>*V_T^$dL>%3_H@r}aPVrI>RRTD(4xY|BWz5S8PaUz<+c9n1kmZN*( zZxV7$-d6s@9q`2rL5n7R&@}4itK9z@SYSJHXut*4$l@qL$FXrq;OT591{$k%JG>17^Z5q<_2Z`keA9(~1? z1|SKM6toX8DU9-vTkQ>0;9(*zRO3KyeT7hF9U63FL2dyFA$KyulzeXbN#cI;24RXtPFODG&l6l1Z+1 zp@tdp$S979DYuxTTzUznK>lZzn2@7szUNz(fi>YK355VQSe^MKr`ZX$`KcUkpyIgb zLA3s}kFQ?3s9l8noQUjzp@ubTlTMP5g&yFB8_GZTbh!d9jSchXs##Wd&M+jLkjgna z$_U&G^)lOTt-a-w9~WQwqsW&$SmC8}5MOCp~H1xrGm z3N`zWn*NdiFr@9x*k_k1LaNT6E*h%|rt(p!ovex;J0`8qktvYTk+9q#c3eAX^H?}D zS*oufha8G`5<_Y${>j6EP0&8cJv!^YdiPeXU{rv@=Zs$y4fvSy`1!N5@{uWAyhKAv zcgP~sYU~!VgdX~)sSRngftXH+?b}q1SDs(X`Y4~^OYbdo-^_Yo|Cr-x^042DGRACXclf!gnWmAAqfzLDFCIfFhkqQVL~Gs&+Nlc z)ydKd?9+~p-D!B3%90C<=N6;=Ku7riPKj=qyc`a2X*`70zPvL=85M&qEW6Dd4AYMM z)C`GK(PDR22a%l(rZ9&iK?oS(iHu#5E5_0S9y0hhXeH2oQ)Eo4Qosm32xc+H^1&yH zA*eYRaRr^2!aKx-14gtdFs__f^C}lW=-m;D)Fa$H@6MWEr`HwSrH~jAo2P zq%?OZwnyc|T7$XdKjJ7DvjIsP852wh3IRvph;vGdiPWYBBQfm+rZ@r%XJF!>BRT?b zX}5b!z62(@ZFk%yA3RIW!iyz>ztMp@%rJ;}*D(N0cx+ zkbD$_5uPc{H*RqWkTyp$dSFB<+;P#2LdqPTs3?DMRE|r4qFyLXspA^TohZe^GZ!^R zzFvyap+c%09F-_V^^l5s<--`yP>p{sp@)+pHKYp7s#dqk)vkK=t6&YQSjS4%vYPd* zXickH*UHwmy7jGajjLSeO4qvD^{#l$t6ulY*S`AouYe7#UJbB@n)bESqyEGV z+{aqi!uGcPs01cdfR@_k;}lY`0r&K=hCx692eHV56UwkOY(U`(PrEH+BOH`q@k^00g)~gRTkj5Hjkd1wpaR`Cn zLzd~aEOliQhBvhKyYjHd8pvbcf8bZY)u4qIJVD``2Dq{V{s%m4&{|sb;UD~a6H2pP>!;cr%dH4TlvaZ&a#%b%;he7`O9DqvzW(B<}#c4%xH$H{=!(|WOPJx z$!L`aI-UUzl~AM3aK0-zsDTpoW+*$ABn(#05-tM7qQ|3Zzc#n zj&OiefutTdAPqeTAdP?YgB1)=@v1q}YGxCJAAk_SJN&T?9OSMc`M9=1(g6Vse7GdT zE_S%Rdw^mud(-Il?-BZ25Llyt1B3jBG8%x04SZk~0-?vfmEnNq?f?ZUV2iuqZ5U_= zf!~JN$0<;N0xHHM3@ErkigNt#fd2y@Lcn)FNMQtdH$V|JsDK&%>QMs$*gzBEP6q|> z?W~2HAT|1CdCbpUk!EiM)W-*L!?`|b1)00tcI-;C!w1k!*=>+^f{ z8*hET;ZAJWKfn-x&^p{rzWfNRV)A`R2kn0k{F01XHPmMW@PGhA1$q8Jda^JBN9O?P zM-T%zROt`^5-5QJa0vEbdypav7hrlF$9m|OcCOcc;TLZBuml}v4>@3N1hEVYpaw?A zfBlzka5n;jwp%J_Yd&^0aUkuO2>3Q_;i5KfjhWyeusJ&aBN!V4_xPU zU?+BD=YwCT4@mG~_Mimnmv15{4e|hcbLWIy(GIm?4>S;dFc=ZRhY_RJ4zV_CRRe1r zume6o8a)VYohO782XF$H2z7Xe^e_Uxr(pxI3jPYma1IA?66bGzxHQaQ0ydxpYS4x3 zCk_072pmubZ>MxCr*L)H0S-xkMcN=^hl3%hG^xOkNUWe{Me8F z_>TY?kODc71X+*2sH z6&Y3!Vz4#-kZTzU5%7Qlt+g~C8Io0z{$U#C0`Gud{U8iIa0T=P4=o@FSI`2+k&^eI z2vWcUnqUt@P;C8B3g4z-FyLM;sR_b?1y^u~4yFalx=E1n$6;pqG>bk&*aNk{&6QYH42RWewm32Hmv`bkGm3 zur>OC2TmlGH$j$WX$JIw1HO=#8X01}kdph*44>c(_7x8_xeVxKnHr`7zVMRy;0d6> z3<^kMBW4Ew6)^nem^&epZdsH0l@G80U2A!n>y?p9$vx^Y1l7O~lpqS+<$wxkUMkQA znt%^9<`2Zsnm6{E^`HWoKw+N#5SFw#6B(usCFx*hun%TZ3Yx%{UvZnjSqW@WV*hXr zD1c(h2`iR>0!Qfrq>+-YX=5SAa`@PtH4%}nL6HK1UqdMcSO75a00WBP1U`TkDX9*5 z&JSDs zzyaJteOhn@9KZ$4-~<{VpZuCxz)BD}#|k>fb4M6;K{s@lCw=mebXDkdQ1^5BwHq2p ziuv|+7Z(R)2>yku0Ci+IuIVsz8a4sF;H!~G3;??{c87O*w={jH8nrqQ`kHYgD|G`w zeUZQly_SB6$rkkB0Wa$ZT1O8U&~fwt0=;mwC3{&DI}n3cc!!sG(WhaK2YIlHf6~{n z`Bt`#moJ#QHPk8%2Uv;%5qc~q5ObSv6Ce#TOM7RBv&e@5B48MrN)NcFd)2^ug-EFr zXaq&ub#BY5<(Cg?AOpTye&u&@ws&@!r?;$HSzjv&b*{=jiLrUN!01?#rCs~5epyM357y8rNhN$Up!NPq=lfC#9OmN&c)h!B%ksR7`4 z8b}Zqn75b6w|={RDF?V2C%BF`i2a3vDmV}<=z;~&yqvoVXBWQ*0lUjk05x!_wx zTYU}Oz!1Dyrz z3&d8d!fOQnKoGU6a;rdw1a*dKc)*XUYtU=78LNZb0=vg%sWXSchv2=P>%=ZBv8YH8 za42hox=ny+hj_StAO;9~c*4*6hk-~W2bjiZTzc8sh>6&(V$5*iDjQ?K0V=QvJq*D9 z_y!LqkOC@LtK=39ptu8~2rHyux33zykt@b+{A?QRUtDNj8nC??++W{odvr*~T#Tk! zrHb14!CWPaj%tji+^0pc%B(yTuKdbD5zDgt6XZ*#wcHbDIuc)+%RM2cBcY|f+!I~u zrA|7`H-V)h0j0=n6I0q}NlK2*JQ7Wsj!ssj*qqJUyv^L)&0cn-(;Uv?JkI1?&gOj1 z=$y{#yw2?0&hGrq@Ep(bY*!Uz13T6Q^Sl%?na@c6#95(7pLD?1z$`5(BoB&q-q$mXY*OiioMd9S!~yBOL?8 z00hRiUV1wNJgJ?Yz|bkJ5*elscc20qM+p^e3D0Q-#TFztEfX!a4Dy#-#>E5iwhnH9 zppYQVMST(=4J$A`)jnYlylK^qiPc{H)nFag^W3A}T-IiN)@Ys9W(LmU7|mk+5Y?O# z%>337@yyP6%ybPA%KQ<+oYxdl%!#&WeoYa;EE2dp*buSHB0;_#P0NT45sv-Xw%Emz zU5uYr*)e$82?1+hoFc%+C~+IskxhQlHf_}w4ZI5}w<_9{Z4kps5F}@E$Cm(#kO9!p z#AI*T<c-VUtcY3JKE0NmLv&gdZ6BCgpYu@Cl9{(Ro&VenJ!zUi8kp(KL1My&zJ(3s-B(xCY2$7L}iFt%fem-pwkp9@VNt6A+49_(O{!j}$ z&;yb1TfsG44OUwjiR!A}D0bY;<@baKwi^!US18EzTgTnCj*%tU-MOCtHtby?(9S>1`bS^ z1my{-unhUd>#u%b>=v8Be$_MS4wV20+8GLc>0POzVCD|%=?;?7ehpPS8vB3>^KJ&% zE@9efVN?B`d})}Nvcpno?U+ei#fF~E9^>?I15P0RxAG_N*S-cH&+PI^p50CfJB9@W z>MXXfV-%U`FeYQs$qYOo1&e_0?`Z=r%}=F3Ew!Kpm(T_e4~0Gd^V6ndJjR`VKJ`>z z^;UoNSl?J|9_L)&^%4Tj}7^VE%}2@`F?Hrd5!sW zt@&@w`C{$)tli{ve#=oV*?RvGbZ_T&&(~Uh=W;*yY@hbA?-69aSK{LcRW{Lml$(m(ywU;Wm9{ZIkuGyf4WDi__5 z2Us8lXoT33F60`~{XlXJG0@w@;I4ih>aj}dSKvyyRnP~0HecDE#f1e%*>X4F^8hi! z-?ko5d_?<~5FeOc3IFvgrKw+~H&|@YahOr#Mvfglegqj(qo24L{0zpS(50gr#?Kr^sQO-FJ26J%WnF+HbWm9Y5&?GOb9Q=yNt_b z@cd_QNVS(`&7MV@R_$80ZPUhdNYj_Ar2pv2fcp>L4180#`dfBrD%pB5`f;kemtP=A zTr+BQoX{)W!EP;I#++I6X3i<|>i%`%t`Zzir9|`#f=}|m{*+`O@J}_eAkas&!3w3RjTXmAMCA8|3MX~T`%o~P-Bqw zM{Miw;K<#-haX?QNa;PWVA+CopDp|OCk}#whdJc==N?7uBSaqV-r47r8?abphW((x zA`9NW>n0Ei3*m~r`91_OL=oltY(x`JL@`AbKPquW7hi-iMj2EsZzgcqEV81ldj7 zppfE`HNRN|3MjPxn0OdBoKOLhZxq>~2QQd$Va=O!UXzv<1aaa9LRQ8a;6~y#CX-b+ zd%4|r5r(s7Hk)Ar{{3;*GTTPW_pM+3fpuYGR+gcI}V7 zy$9Vr?tQIoyG`iZa5GPMdNx^)I`q-cK75Pnmzta`s8GZX3H5zz7*zK=>AMBMeZm_!m21|2^KtT#o z;JK&i%w#?Lncf`KywTOd21Kw$)BNTJoVn0?*aKk@d9|cC2~b4C6JipTh%6H>(TPu- zlMzFNL?~8KiBbd+6|K0%4`T5{TI6CFYv;xJfKiNR#2OjplPff~k#@j>(W~4z$Ccgc zMWUi(9#h6D8Oc$Pf25ZkV{|A$7Sddlsu7ylXh=p5i%>X1l9I$UNlI4Il9$9}CN;T9 zFOjKLMgnChML9}RmeQ1`L}e;fxk^^H(v`1-Wh`YmOIp^_mbb)ZE_Jy}UiQ+LzXWD5 zh5k8AViwbw$3$i_mAOo2Hq)8Ugl06QIZbL-)0)@BW;RPnzyd-`o8SD=_&8!daF$a? zze`B)%(>1Oq4OW=Ob#XNa|I&g#w7U&L|sHun8>ixpC552JT(FrsEB|-DDg*0`1wzU zdL*Ej^GIImae`{t!wp!70z&%1j0Y`ZD|<eDLKU<) zL_+up(tiZC5=H@zUB=cAt728FE@diAoywxG>Vr9YX+di|aSXHO^rs;mX(gl0wJAM+r=3*<2lXPw|3>llSU^z4s)Yy!k#&WJzCfrlnE zAr6l5$1Fl1lVzQ69An$ZFbW+7qK+d4g>FI-(~dETrBGU^7ch5^8M(3OaibO8Ak{(t!Yks8sH)^@d*fVjCi9#&U6Mh2{h5?olk-U=5Fz= z|ABFhznd)Bkh8q2aSuC`f#fFFH$>mr?=rvK(=HCey(6yYH#=M$)mR6cfo^Myb7b8b zNwmrf?dmfSCJA_u!M%SF^>$IcBmcHKi8CIKB!qwt{`iHpYaNL`FIvy7Xfv&YUiOXn zBiFnBK|9hQlW%oF>EFQy3EuVV=P=vZQg6Amt?q9ShpWI5e^Ij>{4ot@$=TaRDA3@) zqvwfNJj)*uG@%Xs4x}GcDJN)0+sii#NK3j2l>SG`SH9^>H^B<_Wc=ti^5rKB9X@z} zIrW`v{r6xW;MzYj_ub?DX@lR$;zthoL2dpYqyISSCo}tf?0)0GzsvH+G5w2Ue=6hu z#`-4?{$n!#dochU4gn-G0(3DBQ$Vtlz6XTB2$aAHq`(Tazzf8{4Aj64 Date: Tue, 19 Dec 2023 15:31:34 +0000 Subject: [PATCH 25/38] initial version --- readme_source.md | 42 ++++++++++++++++++------------------------ 1 file changed, 18 insertions(+), 24 deletions(-) diff --git a/readme_source.md b/readme_source.md index d675187..c8ac27d 100644 --- a/readme_source.md +++ b/readme_source.md @@ -1,4 +1,4 @@ -**Google Cloud Platform Certificate Manager** +## Google Cloud Platform Certificate Manager **Overview** @@ -10,13 +10,19 @@ This orchestrator extension implements three job types – Inventory, Management **Google Cloud Configuration** 1. Read up on [Google Certificate Manager](https://cloud.google.com/certificate-manager/docs) and how it works. + 2. Either a Google Service Account is needed with the following permissions (Note: Workload Identity Management Should be used but at the time of the writing it was not available in the .net library yet), or the virtual machine running the Keyfactor Orchestrator Service must reside within Google Cloud. ![](images/ServiceAccountSettings.gif) + 3. The following Api Access is needed: ![](images/ApiAccessNeeded.gif) + 4. If authenticating via service account, download the Json Credential file as shown below: ![](images/GoogleKeyJsonDownload.gif) + +## Keyfactor Command Configuration + **1. Create the New Certificate Store Type for the GCP Certificate Manager Orchestrator** In Keyfactor Command create a new Certificate Store Type similar to the one below: @@ -24,21 +30,21 @@ In Keyfactor Command create a new Certificate Store Type similar to the one belo #### STORE TYPE CONFIGURATION SETTING TAB | CONFIG ELEMENT | DESCRIPTION ------|-----------|------------------ -Basic |Name |Descriptive name for the Store Type. Google Cloud Certificate Manager can be used. -Basic |Short Name |The short name that identifies the registered functionality of the orchestrator. Must be GcpCertMgr -Basic |Custom Capability|Checked with Name GcpCertMgr -Basic |Job Types |Inventory, Add, and Remove are the supported job types. +Basic |Name |Descriptive name for the Store Type. Example: Google Cloud Certificate Manager +Basic |Short Name |The name that identifies the registered functionality of the orchestrator. Must be GcpCertMgr +Basic |Custom Capability|Unchecked +Basic |Job Types |Inventory, Add, and Remove are the supported job types Basic |Needs Server |Unchecked Basic |Blueprint Allowed |Unchecked -Basic |Requires Store Password |Unchecked. -Basic |Supports Entry Password |Unchecked. +Basic |Requires Store Password |Unchecked +Basic |Supports Entry Password |Unchecked Advanced |Store Path Type| Fixed -Advanced |Store Path Type Value (the textbox that shows when Store Path Type is set to "Fixed" |n/a +Advanced |Store Path Type Value (the textbox that appears below Store Path Type when Store Path Type is set to "Fixed") |n/a Advanced |Supports Custom Alias |Required Advanced |Private Key Handling |Required Advanced |PFX Password Style |Default Custom Fields|Google Cloud Platform Project Location/Region|Name:Location, Display Name:Location, Type:String, Default Value:global, Required:False -Custom Fields|The file name of the Google Cloud Service Account Key File installed in the same folder as the orchestrator extension. Empty if the orchestrator server resides in GCP and you are not using a service account key |Name:Service Account Key File Name, Type:String, Default Value:, Required:True +Custom Fields|The file name of the Google Cloud Service Account Key File installed in the same folder as the orchestrator extension. Empty if the orchestrator server resides in GCP and you are not using a service account key |Name:Service Account Key File Name, Type:String, Default Value: (leave blank), Required:True Entry Parameters|N/A| There are no Entry Parameters **Basic Settings:** @@ -52,6 +58,8 @@ Entry Parameters|N/A| There are no Entry Parameters **Custom Fields:** ![](images/CertStoreType-CustomFields.gif) +![](images/CertStoreType-CustomFields-Location.gif) +![](images/CertStoreType-CustomFields-ServiceAccountKey.gif) **Entry Params:** @@ -71,7 +79,7 @@ CONFIG ELEMENT |DESCRIPTION ----------------|--------------- Category |The type of certificate store to be configured. Select category based on the display name configured above "GCP Certificate Manager". Container |This is a logical grouping of like stores. This configuration is optional and does not impact the functionality of the store. -Client Machine |The name of the Google Certificate Manager Credentials File. This file should be stored in the same directory as the Orchestrator binary. Sample is "favorable-tree-346417-feb22d67de35.json". +Client Machine |The name of the Google Certificate Manager Credentials File saved in the same directory as the GCP Certificate Manager Orchestrator Extension binaries. Sample is "favorable-tree-346417-feb22d67de35.json". Store Path |This is not used and should be defaulted to n/a per the certificate store type set up. Orchestrator |This is the orchestrator server registered with the appropriate capabilities to manage this certificate store type. Location|**global** is the default but could be another region based on the project. @@ -82,17 +90,3 @@ Use SSL |This should be checked. Inventory Schedule |The interval that the system will use to report on what certificates are currently in the store. -#### TEST CASES -Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed -------------|---------|----------------|--------------|----------|----------------|-------------- -1|Fresh Add with New Map and Entry|Will create new map, map entry and cert|False|map12/mentry12/cert12|New Map will be created, New Map Entry Created, New Cert Created|True -1a|Try Replace without Overwrite|If user does not use overwrite flag, should error out on same entry replace|False|map12/mentry12/cert12|Error Occurs Saying to Use Overwrite Flag|True -1b|Try Replace with Overwrite|Should delete and re-insert mapentry and certificate|True|map12/mentry12/cert12|Replaced Cert Map Entry and Certificate|True -2|Fresh Add with Cert Only (No Map)|Will create cert that is not tied to map|False|cert40|Created Certificate with alias cert40|True -2a|Try Replace without Overwrite|If user does not use overwrite flag, should error out on same entry replace|False|Cert40|Error Occurs Saying to Use Overwrite Flag|True -2b|Try Replace with Overwrite|If user uses overwrite will replace cert|True|cert40|Certificate with be replaced with alias of cert40|True -3|Fresh Add with new entry to existing map|Will create cert where entry is tied to an existing map|False|map12/mentry50/cert50|Created Certificate with alias map12/mentry50/cert50|True -3a|Try Replace without Overwrite|If user does not use overwrite flag, should error out on same entry replace|False|map12/mentry50/cert50|Error Occurs Saying to Use Overwrite Flag|True -4|Remove Cert In Map|Try to remove cert in existing map. Should leave map and delete cert map entry and cert.|N/A|map12/mentry50/cert50|Cert cert50 and map entry mentry50 should be deleted.|True -4a|Remove Standalone cert (No Map)|Try to remove cert without a map entry or map.|N/A|cert40|Cert cert40 should be deleted.|True - From c96715da6a69246f5b57e3956a30bf67623330e8 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Tue, 19 Dec 2023 15:32:13 +0000 Subject: [PATCH 26/38] Update generated README --- README.md | 42 ++++++++++++++++++------------------------ 1 file changed, 18 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 44f139f..97a76ae 100644 --- a/README.md +++ b/README.md @@ -49,7 +49,7 @@ The Keyfactor Universal Orchestrator may be installed on either Windows or Linux --- -**Google Cloud Platform Certificate Manager** +## Google Cloud Platform Certificate Manager **Overview** @@ -61,13 +61,19 @@ This orchestrator extension implements three job types – Inventory, Management **Google Cloud Configuration** 1. Read up on [Google Certificate Manager](https://cloud.google.com/certificate-manager/docs) and how it works. + 2. Either a Google Service Account is needed with the following permissions (Note: Workload Identity Management Should be used but at the time of the writing it was not available in the .net library yet), or the virtual machine running the Keyfactor Orchestrator Service must reside within Google Cloud. ![](images/ServiceAccountSettings.gif) + 3. The following Api Access is needed: ![](images/ApiAccessNeeded.gif) + 4. If authenticating via service account, download the Json Credential file as shown below: ![](images/GoogleKeyJsonDownload.gif) + +## Keyfactor Command Configuration + **1. Create the New Certificate Store Type for the GCP Certificate Manager Orchestrator** In Keyfactor Command create a new Certificate Store Type similar to the one below: @@ -75,21 +81,21 @@ In Keyfactor Command create a new Certificate Store Type similar to the one belo #### STORE TYPE CONFIGURATION SETTING TAB | CONFIG ELEMENT | DESCRIPTION ------|-----------|------------------ -Basic |Name |Descriptive name for the Store Type. Google Cloud Certificate Manager can be used. -Basic |Short Name |The short name that identifies the registered functionality of the orchestrator. Must be GcpCertMgr -Basic |Custom Capability|Checked with Name GcpCertMgr -Basic |Job Types |Inventory, Add, and Remove are the supported job types. +Basic |Name |Descriptive name for the Store Type. Example: Google Cloud Certificate Manager +Basic |Short Name |The name that identifies the registered functionality of the orchestrator. Must be GcpCertMgr +Basic |Custom Capability|Unchecked +Basic |Job Types |Inventory, Add, and Remove are the supported job types Basic |Needs Server |Unchecked Basic |Blueprint Allowed |Unchecked -Basic |Requires Store Password |Unchecked. -Basic |Supports Entry Password |Unchecked. +Basic |Requires Store Password |Unchecked +Basic |Supports Entry Password |Unchecked Advanced |Store Path Type| Fixed -Advanced |Store Path Type Value (the textbox that shows when Store Path Type is set to "Fixed" |n/a +Advanced |Store Path Type Value (the textbox that appears below Store Path Type when Store Path Type is set to "Fixed") |n/a Advanced |Supports Custom Alias |Required Advanced |Private Key Handling |Required Advanced |PFX Password Style |Default Custom Fields|Google Cloud Platform Project Location/Region|Name:Location, Display Name:Location, Type:String, Default Value:global, Required:False -Custom Fields|The file name of the Google Cloud Service Account Key File installed in the same folder as the orchestrator extension. Empty if the orchestrator server resides in GCP and you are not using a service account key |Name:Service Account Key File Name, Type:String, Default Value:, Required:True +Custom Fields|The file name of the Google Cloud Service Account Key File installed in the same folder as the orchestrator extension. Empty if the orchestrator server resides in GCP and you are not using a service account key |Name:Service Account Key File Name, Type:String, Default Value: (leave blank), Required:True Entry Parameters|N/A| There are no Entry Parameters **Basic Settings:** @@ -103,6 +109,8 @@ Entry Parameters|N/A| There are no Entry Parameters **Custom Fields:** ![](images/CertStoreType-CustomFields.gif) +![](images/CertStoreType-CustomFields-Location.gif) +![](images/CertStoreType-CustomFields-ServiceAccountKey.gif) **Entry Params:** @@ -122,7 +130,7 @@ CONFIG ELEMENT |DESCRIPTION ----------------|--------------- Category |The type of certificate store to be configured. Select category based on the display name configured above "GCP Certificate Manager". Container |This is a logical grouping of like stores. This configuration is optional and does not impact the functionality of the store. -Client Machine |The name of the Google Certificate Manager Credentials File. This file should be stored in the same directory as the Orchestrator binary. Sample is "favorable-tree-346417-feb22d67de35.json". +Client Machine |The name of the Google Certificate Manager Credentials File saved in the same directory as the GCP Certificate Manager Orchestrator Extension binaries. Sample is "favorable-tree-346417-feb22d67de35.json". Store Path |This is not used and should be defaulted to n/a per the certificate store type set up. Orchestrator |This is the orchestrator server registered with the appropriate capabilities to manage this certificate store type. Location|**global** is the default but could be another region based on the project. @@ -133,18 +141,4 @@ Use SSL |This should be checked. Inventory Schedule |The interval that the system will use to report on what certificates are currently in the store. -#### TEST CASES -Case Number|Case Name|Case Description|Overwrite Flag|Alias Name|Expected Results|Passed -------------|---------|----------------|--------------|----------|----------------|-------------- -1|Fresh Add with New Map and Entry|Will create new map, map entry and cert|False|map12/mentry12/cert12|New Map will be created, New Map Entry Created, New Cert Created|True -1a|Try Replace without Overwrite|If user does not use overwrite flag, should error out on same entry replace|False|map12/mentry12/cert12|Error Occurs Saying to Use Overwrite Flag|True -1b|Try Replace with Overwrite|Should delete and re-insert mapentry and certificate|True|map12/mentry12/cert12|Replaced Cert Map Entry and Certificate|True -2|Fresh Add with Cert Only (No Map)|Will create cert that is not tied to map|False|cert40|Created Certificate with alias cert40|True -2a|Try Replace without Overwrite|If user does not use overwrite flag, should error out on same entry replace|False|Cert40|Error Occurs Saying to Use Overwrite Flag|True -2b|Try Replace with Overwrite|If user uses overwrite will replace cert|True|cert40|Certificate with be replaced with alias of cert40|True -3|Fresh Add with new entry to existing map|Will create cert where entry is tied to an existing map|False|map12/mentry50/cert50|Created Certificate with alias map12/mentry50/cert50|True -3a|Try Replace without Overwrite|If user does not use overwrite flag, should error out on same entry replace|False|map12/mentry50/cert50|Error Occurs Saying to Use Overwrite Flag|True -4|Remove Cert In Map|Try to remove cert in existing map. Should leave map and delete cert map entry and cert.|N/A|map12/mentry50/cert50|Cert cert50 and map entry mentry50 should be deleted.|True -4a|Remove Standalone cert (No Map)|Try to remove cert without a map entry or map.|N/A|cert40|Cert cert40 should be deleted.|True - From cdc930f475346618c172dced60e6b1e2fea4bac1 Mon Sep 17 00:00:00 2001 From: leefine02 Date: Tue, 19 Dec 2023 16:11:07 +0000 Subject: [PATCH 27/38] initial version --- readme_source.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/readme_source.md b/readme_source.md index c8ac27d..f63f03f 100644 --- a/readme_source.md +++ b/readme_source.md @@ -4,7 +4,7 @@ The GCP Certificate Manager Orchestrator Extension remotely manages certificates on the Google Cloud Platform Certificate Manager Product -This orchestrator extension implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this Orchestrator Extension. It supports adding certificates with or without private keys. +This orchestrator extension implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this Orchestrator Extension. It supports adding certificates with private keys only. The GCP Certificate Manager Orchestrator Extension supports the the replacement of unbound certificates as well as certificates bound to existing map entries, but it does **not** support specifying map entry bindings when adding new certificates. **Google Cloud Configuration** @@ -58,8 +58,8 @@ Entry Parameters|N/A| There are no Entry Parameters **Custom Fields:** ![](images/CertStoreType-CustomFields.gif) -![](images/CertStoreType-CustomFields-Location.gif) -![](images/CertStoreType-CustomFields-ServiceAccountKey.gif) +![](images/CertStoreType-CustomField-Location.gif) +![](images/CertStoreType-CustomField-ServiceAccountKey.gif) **Entry Params:** From 492bb1bd14843ea526616d69b04155a714791a32 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Tue, 19 Dec 2023 16:11:45 +0000 Subject: [PATCH 28/38] Update generated README --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 97a76ae..da998f8 100644 --- a/README.md +++ b/README.md @@ -55,7 +55,7 @@ The Keyfactor Universal Orchestrator may be installed on either Windows or Linux The GCP Certificate Manager Orchestrator Extension remotely manages certificates on the Google Cloud Platform Certificate Manager Product -This orchestrator extension implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this Orchestrator Extension. It supports adding certificates with or without private keys. +This orchestrator extension implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this Orchestrator Extension. It supports adding certificates with private keys only. The GCP Certificate Manager Orchestrator Extension supports the the replacement of unbound certificates as well as certificates bound to existing map entries, but it does **not** support specifying map entry bindings when adding new certificates. **Google Cloud Configuration** @@ -109,8 +109,8 @@ Entry Parameters|N/A| There are no Entry Parameters **Custom Fields:** ![](images/CertStoreType-CustomFields.gif) -![](images/CertStoreType-CustomFields-Location.gif) -![](images/CertStoreType-CustomFields-ServiceAccountKey.gif) +![](images/CertStoreType-CustomField-Location.gif) +![](images/CertStoreType-CustomField-ServiceAccountKey.gif) **Entry Params:** From 1fa76fe6226909e3681f5263d2bf0fba7d432a60 Mon Sep 17 00:00:00 2001 From: leefine02 Date: Tue, 19 Dec 2023 16:34:54 +0000 Subject: [PATCH 29/38] initial version --- readme_source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme_source.md b/readme_source.md index f63f03f..bb95f30 100644 --- a/readme_source.md +++ b/readme_source.md @@ -4,7 +4,7 @@ The GCP Certificate Manager Orchestrator Extension remotely manages certificates on the Google Cloud Platform Certificate Manager Product -This orchestrator extension implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this Orchestrator Extension. It supports adding certificates with private keys only. The GCP Certificate Manager Orchestrator Extension supports the the replacement of unbound certificates as well as certificates bound to existing map entries, but it does **not** support specifying map entry bindings when adding new certificates. +This orchestrator extension implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this Orchestrator Extension. It supports adding certificates with private keys only. The GCP Certificate Manager Orchestrator Extension supports the replacement of unbound certificates as well as certificates bound to existing map entries, but it does **not** support specifying map entry bindings when adding new certificates. **Google Cloud Configuration** From d70d550627e713667b1bf24d43ae6f75c49237b9 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Tue, 19 Dec 2023 16:35:38 +0000 Subject: [PATCH 30/38] Update generated README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index da998f8..1c51bd0 100644 --- a/README.md +++ b/README.md @@ -55,7 +55,7 @@ The Keyfactor Universal Orchestrator may be installed on either Windows or Linux The GCP Certificate Manager Orchestrator Extension remotely manages certificates on the Google Cloud Platform Certificate Manager Product -This orchestrator extension implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this Orchestrator Extension. It supports adding certificates with private keys only. The GCP Certificate Manager Orchestrator Extension supports the the replacement of unbound certificates as well as certificates bound to existing map entries, but it does **not** support specifying map entry bindings when adding new certificates. +This orchestrator extension implements three job types – Inventory, Management Add, and Management Remove. Below are the steps necessary to configure this Orchestrator Extension. It supports adding certificates with private keys only. The GCP Certificate Manager Orchestrator Extension supports the replacement of unbound certificates as well as certificates bound to existing map entries, but it does **not** support specifying map entry bindings when adding new certificates. **Google Cloud Configuration** From f82ebc191708e34ceab9e5471c4b3dfc4edbc3ac Mon Sep 17 00:00:00 2001 From: Lee Fine <50836957+leefine02@users.noreply.github.com> Date: Tue, 19 Dec 2023 11:47:11 -0500 Subject: [PATCH 31/38] initial version --- images/GoogleCloudProjectInfo.gif | Bin 13973 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 images/GoogleCloudProjectInfo.gif diff --git a/images/GoogleCloudProjectInfo.gif b/images/GoogleCloudProjectInfo.gif deleted file mode 100644 index f0ac69721a50f8193f5521505712db7fea1c9cac..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 13973 zcmV;GHfqU7Nk%w1VIKmR0e1iZA^8LW00000EC2ui03QOF0f+wp{{R300018V08#)D zfdCsY03J^OJBa{Rr2&D(05FUg04Nv$IT#ov7%Wm4H-i{Wdl*%a7*nAdbLblY03iTU zAwFm+7yuVUam>uQYq#Hh{xI z7$HL#eL^sdMUCuAAplErq(+w4Q2+u{09sQ3fl@3OR#sM3Rfbhnr&V2YRb`}AY>8ER zv{{GUR*u3{sNY%|Oj;gZR%g~*Yt~zRs8^WnT{|OXRaIqGgJ)N+U|MBobbn`dlV*mu zVw1;UqSR{`Icp?iXGKzRR)=k8m~Cg)Y=oO=t?O;C^KUZ%a!Mm|R#tUrRd0x>bD6nx ztJ`p_@OU>EerK$BY}SBxvV41|f`YDmjl+7Zt9`5Aey{R^004vlQiK>vg)=mTOBjer zA%a(~hK7cNq{o4-yoI>tgU0@hFhYtp0E#vkkW&DQRaT8xt%+MMjANyUZB~wG)`xOu zi+rJog;R-%iHV`Hj;F+o!o!Ta^N-H_mS=>KX_1t5X_b6@l7g&{kB^SR>!58poOKwT zg@KfS)}xErnVFfFuHBln#+$_SrBwi(SDmF=8l-8YrfyE9b9APJQKp1yqkOHUrKG97 zysF31rOx)H;{K{tRjpc!uXR0#FJ*l zl!C~W*1o8S$EVuH#pBQM{LYCr&7fe;qlV3_mCdx0&b_o z*3_nE)TVUS*4EvcMB%1V+NoF8rKR1lbKbIm-?)_9yWQU2-q-ip<6mFs%BJV%=kj)T z?XYO;wb|;xiSERX@bU5Xl9KnDn)j!t_Oi0_xp?!Ov- z&fWansQl-@`sCsM_{jYB+5Z35{r&6y{{9I50M!W`NU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#3CGiuz(v7^V2ARkT`NwTELlPFWFT*Ut9z8sr}@nn7gkR%eE! zaiF~Zq2#Sj6zh@CYZ8+8582k@xsU$e9udEPm>gy$mL4EN?ii;Is*C^s@fgj#V& zreQ*MpV3Wc952!3Mw@^0$yA>_mB5!3GP?x<6*AtDXB&82m=qgv|GlK1JQ9+mK`ZJy1e|!$wPI3qqF9($ zaKkAjUrZgyBhP^vzIdX5CPCO=hcTL@B3C!+=AujbwGsps$jC#*j}@ZCg*?cxCyP8$ zvUKD~(W!$aaQ`&vq+KfH)}KqK$wEktBe^C^B_Wd3K_$G15(F2+P1z_Ryg-^#CI94^ zQiohX*qx6P;AfJmjf$eqef}B*n4*j$d1>NET=1d}FN7S5Uv8@Y8Y-(3lxiQUs_Dp! zl7s}&fhfGlBH^>qMv9ZExk*^yKh~18=SWn@qoj`96*&R9L{>7A2Fi6O&v8H&JESbE z@d9F_uWG<9cj{!g9fa7b6NJ6;FhbIf@-(S}y+lSyA%x}*+S7Ry(>haqFs8&VZw{6j z-k}~7DV?T4@CYnQ(J?yRe4-F3%bkH@XYrUNw+JwVT$04%nc1~$TyW}qiJo~QwJgue z+zD!&sY?EHC!N_^Szxy{f%lx%-Jujm#3k)0iVFIv>owR#?x?16@OpQo3fr}!!mcI7 zQAr2-nK7`y^)aWy{Fd+q)a8EI~^jKpGh{izrIPeba4DoNWxelCUmX+R<1C5n#>`Tgw)q$u}J z(D%0`0jJ~y?%^j7e0*2uW~v1XF55`mn*cJz6F`+XPB@W+isee88(p<7H#M@Ha`H5~ zN&RPZr#lXdM7JHMxsD~-fsnP-bDY~9PdyGgoyBBkCVDvsMzfg!+>XaUT8S`u&*_}x zYNW&F0VR9>x!E27@sz3t%8w+nV2(QGH#jAVM}6MemVMwyk~#6lem=^dkd&k=DhO_2 zCL7KGhv>akAuxeYDbzm>b&}}FrbB9!;XknCK5j)vQ~{b&E1cG@IZX`zOiFMBWs(jMDTA`{=6ywxBD$RJGZQIh4XVIj$hJlxsy zS`q%LV-I1OuaO+deBm1(_`b)Vfwr=4jq1=0O~7Nz?}h4I2I8Iv_c+Q5?o3iDno{i8NVN$#GiWHeP6+?8Jrep5rqZd8 zwVcUGFfs5r&TQ%JGFcJ`^)!d^yys7E60$RO^j%X3!j7W1qe_rXYz+G91iY4<=Kv{O z4GjV^qBkdGP$4-)ywlt&(XWWEi$cyi9P5sAQ2{b%l_$+8M?3makcJdJIJuEJn#F}3 zWo;y&k_UTyCLuLi%8KgJKyY|*sUbmAfTSDPNl#Lr^O@0h;)&gX-p129M#^zErT!ig z(`nQfp3Zn0@R?MnTC5hWmU&E-YC2^yJu|^14nsN`ZE{<#N`#Mn=?Y&T-zC5b32BPB z8j?B;W>c6I$*z#K5)~G@qv7;btwgeyx&&L;WM&0WylKTB+m##1R?%cmJCq8rC6C~I z)^NMwg&;}tPDK%duCo2l9^b{V`4#7WK`4xy`4^n!IZo;V<*NS52yM(nr}hlWDS4gNu;>S3}F0b{*2eGl1VwJ zP*t8u2V|qNne0tt|6}t=z}PT7`*|fBh7_RG{O3X&+AOTq4HFN|=thsl$2E4eq$f@3 zN?ZEUn9j7OH_hozd-~I$4z;L9P3lsc`qZdSwW?Rm>Q=k@)v%7WtY=N@THE^8xX!h% zSHg;3`})_w4z{p|P3&SD``E}%wz8Ma>}EUr+0c%*w5Lt&YFqo-*v_`Lx2^15c>CMn z4!5|+P404=``qYGx4PHO?smKT-SCdLyys2tdfWTn_|CV!_s#EhN8{fB54gYwPVj;o z{NM;rxWX6C@P<45;Si6w#3xSiid+2R7|*!IH_q{nGaMWs54p(xM^5sRoBZS`Pr1rh z&hnPK{N*r@xy)xy^P1cI<~Yx}&Ueo9p8LGzR8XZ*0;{}u6zCKP7jIL$4>ULoBix)PrKUJ&i1yG-AZteyWHna_qyBt z?s(6;-uKS;zWe>}fDgRj2T%CI8~*T!PrTw6&-lhW{_&8HyyPcO`N~`V@|e%O<~Psz z&U^mzpbx$1M^F0FoBs5uPrd3_&-&K8{`Ihrz3gXC``X+7_PEcz?sw1o-uwRdzz@Fg zhfn1zYfeA&3hc$bmHQ z3|FuO&hYv$w1Vtzh{vZrBKnc;1 z3r4^Q{%{S^@CVOL*NQ<}t1SP0> z8TbbOmJ2m#j58pO{{{`TXp6Y0ivn1SGe8N>ppI(zgC&TAQpktq2ZmQD58W7W>VShX z2!>)fj?vHzSfB)d_<>AlCC(TPt00iqV1jUXj_vr4yBLowAc5$Bhv{Gh-uMiApag(8 zdg1p0MtBM(Ac6Y82RYya+d+#aDS_X>{sE#8iS5?Z2dddIcB{fl&E{5U38tXoR=`gm8C) zTXTW}*m)V4mQUD)8M%$}AeDC5mdGHL2vdvKm<>mO1vbbHHE;z|I0JvsmGY1dHGlsdke3_Cf06ltU3iC?8Iqot zltd|$R&s!|a0*p2iX1SMKskRkS&5Q(4n8m^iD-(h2%EBLfE-|y_~(IqK$5TNnx3~0 ziir+nDG%8Yo$?S54{0SCn3cu;=nud^g=VRh^*5F!Sc}@&op70XYblly_?B`voh4|U z(n+205RucF3#a*jgFp&_`3cv^omzkkiMg2Ac?WQy2_OlX?CF(FXeHc$1L2?vTM&2I zu$d64AMP2I^hpE7FavkOp2{!-cBq;nnVjdxlm2iE_XnFmDSjMK1}K?-2nc}qhkzx+ zi9dOip-77;+M2VloW_}mg}|CSIVYZ%4nUZmA4r{Ym!09cpzu%wchU`b7?#+mq!}m) zMu0GCshD|)g2w2Bt&pT}DW+wahST{BPjDyjKm^gCpW+w|T$+KcU<--af&nU*2)dc3 z`Ix2W%on1(%bH}7&xu9T} zg0`@rRI001Vuh#ad0DuDS^$3;NsiF~mf|UQy84C!IGy2O3lXXeI*^`ksjc$R4GtQH zSLuzzc$K^;3@i{1;+mj)8kd-9f>WuPf(nPzYN&1)g9%!luYd(LAfS*Msj}Ldhe!=E zS^|Gqk{mD#G&za7S&}FDo5VS=1q*)%h>C?6gaLbiuE=@GDg(9FcBq&-=RW@`+tS(G~I12rnEWc#R>#|<_BaKIR$Pdb;lV3oYOvhKPF(K)Qq z8h6wRdPr&u+8CK~SGej~mstv$d3mIFum~g=w8-#)i|_=zfV3)GnQ7S#8yJw1Ntyfj zZ^aOuRa>Z@xw+@qxsRy{9*YdlNtoyWrD0pElsJfmc!=mXlqsoxiMRxydXfuEi#F-0 zgP4gm{@RJ3ScvqOyl}U?t@)!e$%@D8c@IdK@^G@mhzmC$jqo_2B)gzr$h(B;xGfvG zpO>`X*{lF(jvu(bxmc0xn2r?*vga!U5h}XhnvkeVuK(7LD*J%>sJ{ehkcIiN1Dck# zTcHvuz!)5zG>C`R(1*Xc2bDX#nzw-D_cRa-cRtxB>_>iW620~}qxx3{f9QVzn3gMS zB`u7%mP$J;$^i}Nc{CWJaXFRzPz*>oizC~laaRrTs<_1JvXZN^c*(OqNR~;w#1qKH zHrpm^dM5~+fjfe_V4Achcm-mZgJwvJRr!Yxc$yj9nMOE-N%+N}Ii-5Yhk@X?Cj7_# zfE>tzJjjGx$cB8#h@8lZyvU5)$d3HTkQ~X9Jjs+?$(DS{n4HO)yvdy0$)5blpd8Ag zJj$e8%BFnEsGQ2GyvnTH%C7v%upG;>Jj=9P%eH*WxSY$nyvw}Y%a0eMz#PoNJj}#g z%*K4o$ehf>?90sTdCL6E&>YRuJk7$~%+{=V{g%zzyv^L)&EEXY;2h4}{Bz`7&O3L_ z=$y{#yw2?0&hGrq@Ep(bJkRu8&-Q%J_?*xBywCjH&;I<+03FZ*J z)7PEdAq5Xs5C9qQ+;rX9ZZO>&=-Vxw4FRy;>+Jv_>C*6U0wH75_7DPc5K{S21rPuV z^d;VIP2T1$1L)1t*)RZb@NJwx0TR&MLv0TMaNjX)4g)X>{ypBkeOS^x-I93jpCs?cgT<(ji{qagE%{&D{TR+qli(ys_fCu@7gE0RK?npkM_P{tvYn z0|DRw5t|KQ++5DY6I02lxv zIL_WbZskla03$F9EDqfleptXQ+{7K{!oA@YW8=Aj<2s%V{sPbdHQ)!thzSLt1-q~c zAYcMUj^swZ0wVwl%}@mg03rQ=2?lWBoUi~Ms1ENC0N2GET<+j9zyiCF3oC#C{8Heq zvgIIv0iX~IYhVB(-sW6w+dg;%xslw{J>WHd=84_{J1zi8o*VB_;v>EQ*?r_m?hlq= z>WMxD|1j((o(x&usu|`=8@sk?FM(w>-q5N z6mH}G;0p?XEjaE0R<7tr?(DhI4|I?K@jmam!4JE@9bDcU*KXqW!0l&_4Lc&qN)T?cpzK4x8!@jN2M_fxzvU{w zmKX7F5>@A?`L4|BhT;-zZ#eVFH&hL?~8_p0M=3wl)feq9C^ilV0hyPXWPx zaGs!p#RkrUoqvq^DzFM`h+j`K|bU~e(%AK<`kgj?*!zyAmtXo z2v8mj7l8auFZ>8k{6?PUYo7ed|Iny?Sk0g7R2}>5|JtHI-C#e}M@|Lx58Hk};{fqb z;6Q=}4IV_8@Si_tjRuTT7*XOxiWMzh#F$azMvff?$^#iv=RujUGjsROwQKG@U+$8dd64s#I-O+{JU}5vEyR_V)1Y-=8>NKlJ+e{r?|mKLL&F&o6(j0Wd-E24s-70*~6~i~uHd zU=o)ofHTkD*~`!78$Fn{;|%SvBo619ic7n8lvpLkC7Fw7Sn}1M7GxncQEH$XH3~tN)`6H6=vsLzo_5E6FqxvvZ3#A*QgO*`m`;diK1GafJAB%O_ zNpc-_+r64SceZZl{W9Hiuf2ESi~4=`;D<+E#Nt^$K6&RKUw-xG;p(RpBcJy#dg(cT zYn(o0ID!$6s=xjq?`1%u6^gVG{~v8;kaM7X?jRWZ>$E3*dWq0U!pMC(sRU50hmdsi z??|0kl|=s7ClGDOfNcWdh79UwKfvHGf7}yG_2NgVH$bTqGLV8SD%K1v)Zh)+!p9zJ z5C~4lf_w`hVGSmw!GWZMO#c{%3Qy>dU{GQYgCNCDbRZ9H1VRtj<3}kZK`?wE0)&9m z0SRxAKnjAzf|}ExLh^x!@(pAkhEQKV4q>EjC;?d32-+7#h>t6{aDZi$2R{(F#V!g2 z9zZyiFyg>NC0xsW?PFgs0{9Pj=pY>}5~GpOF+_aKU{&z&LLIBPlq+T~iwU9QKhhyY zd8C6V5R3y2k8}xS*pOJHa3eBAc}RTFppHCDAU=i|3@R?reLKJhnfxIPQE-D`*rKB> zFaGqxN#d@Okh>&8GTEjf9fg2pI@SXrf{k z`2YhE33fgixKfxI8(=ZXa!kY}^C11$#0G`w$$@ZV3!>ZyDdF+SYo?Nz0!iWqZ3xRu zg>xXb)JBWYu?22SDx#D!U@(UWPf5!2DDQ(W!c^s!S2=V7*gV!-_OB`|yO33WzPmnuoD8J1kO~XoM_uw6Ze0?87qq zS=faZVxuK(>P#zI$EMb`oLQ~9Q2W};#a6bhrR{5Ni>uk@wsE_?Rd0REHQ?GwxWjE& zaqDzk%eqkzzoik9m}L9^9p_ckKt>5s6nG z@i4D>(W_nxvbRBesR?}JYhHHvk-pBeFN5%F6aDU&zyAHN@B%!b0h8kz1~%|I^pW1M z9H=jqOR#Jfyq~Mo1RT+TFoY#c;fnBzLKec1hA1*JqhL70M%gfj!SN6NkdWiUArA3~ zGoq&zP4FiyE{cm^{F4~ZM;+<_2V1TIVjPFK9uvOEyLQy0AC-+r{yP`I*wnTuRq0Cb z+ESOG%gOce{p1>U^oKU82tLrzGMC8rNQ_u0>Vjz^#cJ?KHZ z!_bFD^r73q4n{ZH(T!e5JtSR^a!i`iaf(;m;^i)fx+5~S zcung?^|BYf^aU?|?VCrj?wh~=hT$ExI{*k6hqw|xn8Uc^;y1^6&UL*n}} zghi~4b&R?ovlg(XMKUs*JmoE;TEGWhaDpIw<^(xRfqTAnu6Nz*U#Ex04H9&njk;%v z0-Df>7OA6IYUm_q8kT-xf<2X)W&f_43v#_{ehMQ52x0ZBe*`%7_UAJxxu||Dq;hi{$O{%x&EwbY|a9|o6tV@$47qhAuf(-MB^IZ=zVuRLU`e8hWIwd zwDPsTeeRd{6|9KGE}{W_-+RP!psT)Vu78bfbl?5&Z@eoOA&F0ffBez^efqmYd~jT2 z7t?^h0DQP!Aix4Nzyn0U1XRETbcF_Vzz1x=hm$`^pg&d+zvsh0{j(2tK{Eeig;(f> ziCe%CB*7Adz!P-9O;EuVWI+~8gcpRt7>q$caDy7O!5hTE9Mr)b)ImV-!5;*|AQZwO zT!clS!5S>WBBViclfU_+Kl{7C^3y>0Sifk9{)JDF1SQ_g?^uZ(q!!Q)XF(kt> zG{ZAQ!!%4o3S`4Jbi+4qBzDzx)G4 z>JY>wBg9R_LOsmHS)|2U#6(ZT#az_IUF5}H^u=Gq#aIx=VI;<4G{$2@Mr7QDWn{)? zbVgyj0GJ2yT($~M(FE3-%~|zWJTh$iT>-ycVxzVgvf}L z$cem1ezeGo#K?@)$c^O4j0A^|1j&#T$&n<qT)+Zx@`qx$0uwsOAwvwOWXi-;%*8xPr*zE6gv`j4%*mw8%CyYO#LUdJF(qTN zd9X@>6hG(V#;v3Xe&8t_0t5ad*`+d|EPTMDzT?6en^GunWpH}v-RjOc|fvga0Y6O#F!LKt^C7_c&9&dpHD!9w*ov`f)e_aA3xZt zbSQ&uQW4-Jh;i7>g%}1|SkQq$hcZwRKM>3*%9u;|gc5?zfv|=_V$cR1j|OwaVGPgF z%utLlO%ck6JzxYr0{*;iSOTCLQ3aKO84#y^&>9u31|fAH^ifb7ol#2ZO-gYj6i@Pq5wQ1)4-bV!-D5(CdFyg4n>I<-@V}~RHVrz zEsDOhQ8PUiDy5Xy?1rEbqq*FvdPTe z*ow(f@!=u2T-IW{SNh-_ldwt03EAvu4Sp?I;yT&rV6K%loR;Me+=AKPlG*2Y*_thm zn?;VC)!EqK*`B4@pG~fyC6J*dTIVv_-|*R_RllV@Hl%gh7=hZTo!Z)}+S+K^t96d7 zbr7lL+63|1uMJz99orHC+p^7`vqf9AWm&dGjjeTC$AH_^klVRsjJhq1Kx>_}?F$RT zTer|#!e9sOnl9Gx+Y^zH6H~vTE@%!HLtrRk*>$3w0>m^4hNJw9~lYF&1%= zrHecMN_hc@;D=i97|X>v%#9dzXom=!Fle1IxRA1w^ARAKyt82(ErXlPa{wx_k^q>S z&s(z%(HOX4-2idjy !g|Kuxvf6zMPXjee_!Cj%nNmxVQ`4kWa~f77UE@97f#|p8 zHN56Ui-l}IpK}N5b&GcU6?h{SV==mZsW*HZU&$@sGVuWPWnT5I85?WgCfhw~^$M~h z8+xHPdkFxMqprxslH)aBA7fnsUS9_*;BadP1p5jFR+@|{I(l2(g7FxU+20B7-{b}0 z^u=JS=)esYHy!)nGhi5b*%?yvnPX9dpc$H?X}hGs7#&ezh}eflDB(U8>tja-WJu1rbgN`rk)CBsV?*QPYRk4x_GIOou25bM8o^{u_G55cZ4Xx|ubLP2Cn7=(dMGqe5;j>%BL+5$+Oa_cVCjKNv@QgwP z&WOFbg7$F{xq7B|rm?s+K6*yJ1#CbUOoSt>K_C=EA9RBd9Jhef=P2yPj!>$l2-Ja& zhz;F{z#Pm;C`#JF zQ9Dx4`l4wK?mmTf1%^(99`xzAj%)hU#9vHCXrxeSXtGUkgLRHc4BTs^m?m_1H(ZEP zWmuJcP}P(QR%Bq)t*HhZZBjluqo8pnn1Y8Spssh)20TI(LlB|v9`Ew@?t|z{al(f& zcp*y7(F96V8J$!{t(aUWZS0BL{@VrL*15Ef?X_-b8+7ZpCdJ#PMPLNK-EPOwyvJo^ z1^+fMR{#Vfyy!f=W{H?4>2s!mBBVx9&x%?m%3_~D%?DU@CVtY-fdKFJQE_P^sCbf} zJCK2)`r#L9r2AYcO(N6!uA^L%r~UT8S9s&9wC4cd1Q>MwXacY8pT2F}zD3)vzPy5+h*G(tqZHQ)BM5~c zddn79%Q~NhP2ve7hy_l{55%|RLDkc``)EDWo;XAuxT_zBNRdd2WkY* zZ7HAfcC7M_{7J@~%KwWmt6b+uZ0DqAifO8bIJl5$vW8IbgjWyoEyyH)u!TV?aXClv z7FlW*-zZxu(_dc*&t|55pmD8W1a!g{_VHDo09J-Y?H4VkvJS^Wq(HdV^eE?aV{C8- zhe#_AO2)L#$8@l00Kj<=hnE!YVZ`tZw+LtQ2W9?fQ(<5tBVZfohSyBOr{*?=IDa=Z zVsx0|2VMAX9Jml$B6x#ec*??cjNNkfXP>C8QT8$xix#aPt}<=>v_Yi;a4xmLEoCc8{{#I~B)H_jHm6^-w=~lu!A> zn92#=#Fv-JXqZ-lUaYuXNPeV9ncPW}CwH{>+@n2GVLa+9zXpDm`&UL=mHfyn*ZaNa z`{e@rBqhkrEd1}74a8hZzVCbNoJxz#%Km~xvdO1>2cb^jDn5`D%EyFX&`(G+W@4#y zOp&--)t4&PH;a88iP)EY!lM1W!2R4Op55pD#P$8r0RG?~eo-#|h!Otd&y3`+jOAy3 z-*JBDjeg>oe(JCOUB3PS&VKFRekO+g?q7`W&tUP_4f5xH^T!SJul?{>|G!{=@PB`D zj{m7xNT9_3{MY~e=l}lq|NjRFZ~_MsENJi`!h{MJGHmGZAw+o+CsM3v@gl~I8aHz6 z=GLO0m?no3Eo$^A(xgdI z25su}Db%P^r&6t2Qz_Q0TDNlT{(3T{)v#j6k}Yf2tk<+^*RoB^^eo)Ca_7=5+x9Nr zym~vnt?TzM;J|`c?k#Niu-d+Z7c*|`I4I)Ck|z&U{P;5F%$X^3?(F%ZWzC{Tla~AW zG-}DAOS5k6`f2Levhl8dZTmLvnX`BE=2|;9@Zh$46EAM`xA5f3Hydy693=AP(x(T0 zZv8sO=+w7!Ka2hQckSKBlb;Iy{B!Z;*R%JD{(W)v?dQ{{3IG0X`SthnSBd|BYWnpz zV0!=>=$U{~QNzI~E9nyj2N9Mbk4g(hn1d`W`NKzq5pqGHg&h|1k3NxHh>S|-bjU#t zypR~hhz>&7VF?ue6Jm${AN=EwF+Xrnf+#FKxMGB}sEFc@r_}f$7dw9ABL^R{q+*9H zzDQ$`PC{4$BQD*;K_MFwiK0G`oaoOfL`E6hfo)Ef;8SAmAR{5<9P>ksHj6(&qfQJo82A;r&C`};;W`Gs&tPJa_C7Rt)Fh#WRf*fljlk*7Avixvi{R7 zrb3zv6Ph||>I43~{@gc@WpD@NL}BuaF>W~Lyf*5)D7^acp<~V~8B8yl9mpf=sSNfjBdZ#Y zS}z9+@9eSE4Yv!iidMRW^n#=GoAfBnCd@&W9y^<|!z+1uGTPj-{5D%I1EtRwTog^= z(i;Lzuf0NZNF$0ke$ei$N*+yQlS`Mo;=+Xs%y89>?;ADLMAi!LH(x|J#itCfnD~ql znk=^2%zpfLgkc)~63EHH{kmIV!PU2l4d%@U&U|+q=(dNJI<$>pmjg=Z#>_)cr#i$$I(epFmd!oyiW08U+B_=IOZ& z`5_|=xu##_+kDObHVx?023D|xb#8K1L(9Ce2fysF{~vi2+pii59?v? z949nXB};~;J7D3Yw;)ES<4KQW7?O(j5AE%63dtfE!^%JoONDQ34=TYiprJ#yoo|F@ zEXw+NLdCJkVMr3PQHU_4A(XiUM}I2OiLBQWH+qPVKk8h-rspFdy+mQpOX3eF_@oGJ z{-JYI>mP}D<&SS{sY^Se#vn7)z7CPeOe~5b2;FwZQIaH$1Ult%NU2JZm=cw)6y+*o zxsg`BvX-xrB`!5WOIz}iG`akxMRwWCVPXcD#{3E~lewK^8dI3cd}ei+`AcU)vzl~~ z<}^!a&26>@o4KSWH^Vs=Z{iZ1;yfo+$SF&6qO+Z_QRgbz>CSon1fKEKCOz|67kjEw zp8EW!P54Ple*(0iF%jq}32M-VvIL=LR479k>QFO6G@=Hb=m;xnQGjApgeZXsNJA>p zk&?8eCOs)iQ>xOHmb9bk)96O^=~DE;G^X^NDeP)$Q+ML@bvoTCI(rJYp8{3>oI-sY zQH#pWqp~ciO0_0aSLW2GLNlt~nkrS5Y1M9FHLJwjs++p%)n0B@kWzW7oU(C$IQfpClx~SDE@1K61N;3}hhK!OpX=hQ()2c9Gb{ zwk96Lg9|^R$XLQS7CmW{tYUNG4{O9A01ntfP4EE&%{Ij!v@n!Sd{I4|$W|rxKmdiX zk%7&&q_dudtWH2n*_vP@0w~Hy7ho$B)v^{YwbjXUZ(Bg#`p386X{B&&vX3-m${r-3 z5I(FB01H%tCD{l7dgU!%A!<_Pw z2MUOIr`EkLaCeejnlRTT`Cx*{;K73it)#~0c)%?Dp$!SR%M#z^2PQo5-vh`(9yiYM zj{iHSWJo|A`&ff|lW}BB80xtzNrnmJv5z{ai^^8UvXpJ>;12)89s-ENKi+`?Wb~sB zhQh}RcHr7M;Umg1eQ|hV{F1~Hy3mFW?M!NX-T>fM8~RmAGFreA=E9c>2A%_tcVr25 z?KcI;c&?+rENR*HBMm(6aH)Bmj|_QPCB=1-L{hC1Hb-~O9{zUlKF}}!hQ`aR77zJLG{f8YeGBpoYouuAq3;Q}OqT>_3giY$-Y zeXwD}XFs{F_iF_KSfC0iUa Date: Tue, 19 Dec 2023 16:47:21 +0000 Subject: [PATCH 32/38] initial version --- readme_source.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/readme_source.md b/readme_source.md index bb95f30..b0d5003 100644 --- a/readme_source.md +++ b/readme_source.md @@ -72,14 +72,13 @@ See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your In Keyfactor Command create a new Certificate Store similar to the one below ![](images/CertStoreSettings.gif) -![](images/GoogleCloudProjectInfo.gif) #### STORE CONFIGURATION CONFIG ELEMENT |DESCRIPTION ----------------|--------------- Category |The type of certificate store to be configured. Select category based on the display name configured above "GCP Certificate Manager". Container |This is a logical grouping of like stores. This configuration is optional and does not impact the functionality of the store. -Client Machine |The name of the Google Certificate Manager Credentials File saved in the same directory as the GCP Certificate Manager Orchestrator Extension binaries. Sample is "favorable-tree-346417-feb22d67de35.json". +Client Machine |Your GCP Project ID for your account. Store Path |This is not used and should be defaulted to n/a per the certificate store type set up. Orchestrator |This is the orchestrator server registered with the appropriate capabilities to manage this certificate store type. Location|**global** is the default but could be another region based on the project. From d3d0dcdea61ffcd9ec77d57ee73d6df871fb99e1 Mon Sep 17 00:00:00 2001 From: Keyfactor Date: Tue, 19 Dec 2023 16:48:05 +0000 Subject: [PATCH 33/38] Update generated README --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 1c51bd0..4329eea 100644 --- a/README.md +++ b/README.md @@ -123,14 +123,13 @@ See Keyfactor InstallingKeyfactorOrchestrators.pdf Documentation. Get from your In Keyfactor Command create a new Certificate Store similar to the one below ![](images/CertStoreSettings.gif) -![](images/GoogleCloudProjectInfo.gif) #### STORE CONFIGURATION CONFIG ELEMENT |DESCRIPTION ----------------|--------------- Category |The type of certificate store to be configured. Select category based on the display name configured above "GCP Certificate Manager". Container |This is a logical grouping of like stores. This configuration is optional and does not impact the functionality of the store. -Client Machine |The name of the Google Certificate Manager Credentials File saved in the same directory as the GCP Certificate Manager Orchestrator Extension binaries. Sample is "favorable-tree-346417-feb22d67de35.json". +Client Machine |Your GCP Project ID for your account. Store Path |This is not used and should be defaulted to n/a per the certificate store type set up. Orchestrator |This is the orchestrator server registered with the appropriate capabilities to manage this certificate store type. Location|**global** is the default but could be another region based on the project. From 8030a5e7f53cae4169a7a83f890e5b1af512817c Mon Sep 17 00:00:00 2001 From: leefine02 Date: Tue, 19 Dec 2023 17:16:53 +0000 Subject: [PATCH 34/38] initial version --- integration-manifest.json | 1 + 1 file changed, 1 insertion(+) diff --git a/integration-manifest.json b/integration-manifest.json index b99d39b..5b48083 100644 --- a/integration-manifest.json +++ b/integration-manifest.json @@ -4,6 +4,7 @@ "name": "Google Cloud Provider Certificate Manager", "status": "pilot", "update_catalog": false, + "release_dir": "GcpCertManager\bin\release", "description": "Google Certificate Manager Orchestrator for Add, Remove and Inventory.", "about": { "orchestrator": { From 8a86f3c636f2926a269c65d5bac8e7bc500deb6a Mon Sep 17 00:00:00 2001 From: leefine02 Date: Tue, 19 Dec 2023 18:42:49 +0000 Subject: [PATCH 35/38] initial version --- integration-manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integration-manifest.json b/integration-manifest.json index 5b48083..f5a40a4 100644 --- a/integration-manifest.json +++ b/integration-manifest.json @@ -4,7 +4,7 @@ "name": "Google Cloud Provider Certificate Manager", "status": "pilot", "update_catalog": false, - "release_dir": "GcpCertManager\bin\release", + "release_dir": "GcpCertManager/bin/release", "description": "Google Certificate Manager Orchestrator for Add, Remove and Inventory.", "about": { "orchestrator": { From 674a2fb399f7d464c20e8d5b82c2dc34b3d94184 Mon Sep 17 00:00:00 2001 From: leefine02 Date: Tue, 19 Dec 2023 18:55:01 +0000 Subject: [PATCH 36/38] initial version --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 CHANGELOG.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..791df4e --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,2 @@ +v1.0.2 +- Initial Version \ No newline at end of file From 35e7e462302fe4e5981e08359c317332ca18e931 Mon Sep 17 00:00:00 2001 From: leefine02 Date: Wed, 27 Dec 2023 14:24:57 +0000 Subject: [PATCH 37/38] initial version --- GcpCertManager.sln | 10 +- .../GcpCertManagerTestConsole.csproj | 20 --- GcpCertManagerTestConsole/Program.cs | 122 ------------------ 3 files changed, 2 insertions(+), 150 deletions(-) delete mode 100644 GcpCertManagerTestConsole/GcpCertManagerTestConsole.csproj delete mode 100644 GcpCertManagerTestConsole/Program.cs diff --git a/GcpCertManager.sln b/GcpCertManager.sln index 9be5e1f..17b5932 100644 --- a/GcpCertManager.sln +++ b/GcpCertManager.sln @@ -1,7 +1,7 @@  Microsoft Visual Studio Solution File, Format Version 12.00 -# Visual Studio Version 16 -VisualStudioVersion = 16.0.30717.126 +# Visual Studio Version 17 +VisualStudioVersion = 17.3.32929.385 MinimumVisualStudioVersion = 10.0.40219.1 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "GcpCertManager", "GcpCertManager\GcpCertManager.csproj", "{33FBC5A1-3466-4F10-B9A6-7186F804A65A}" EndProject @@ -13,8 +13,6 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "images", "images", "{6302034E-DF8C-4B65-AC36-CED24C068999}" EndProject -Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "GcpCertManagerTestConsole", "GcpCertManagerTestConsole\GcpCertManagerTestConsole.csproj", "{FFF21E91-1820-4090-922B-A78D5CC38D7B}" -EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Any CPU = Debug|Any CPU @@ -25,10 +23,6 @@ Global {33FBC5A1-3466-4F10-B9A6-7186F804A65A}.Debug|Any CPU.Build.0 = Debug|Any CPU {33FBC5A1-3466-4F10-B9A6-7186F804A65A}.Release|Any CPU.ActiveCfg = Release|Any CPU {33FBC5A1-3466-4F10-B9A6-7186F804A65A}.Release|Any CPU.Build.0 = Release|Any CPU - {FFF21E91-1820-4090-922B-A78D5CC38D7B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {FFF21E91-1820-4090-922B-A78D5CC38D7B}.Debug|Any CPU.Build.0 = Debug|Any CPU - {FFF21E91-1820-4090-922B-A78D5CC38D7B}.Release|Any CPU.ActiveCfg = Release|Any CPU - {FFF21E91-1820-4090-922B-A78D5CC38D7B}.Release|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE diff --git a/GcpCertManagerTestConsole/GcpCertManagerTestConsole.csproj b/GcpCertManagerTestConsole/GcpCertManagerTestConsole.csproj deleted file mode 100644 index bef3be2..0000000 --- a/GcpCertManagerTestConsole/GcpCertManagerTestConsole.csproj +++ /dev/null @@ -1,20 +0,0 @@ - - - - Exe - netcoreapp3.1 - - - - - - - - - - - - - - - diff --git a/GcpCertManagerTestConsole/Program.cs b/GcpCertManagerTestConsole/Program.cs deleted file mode 100644 index 022dd8a..0000000 --- a/GcpCertManagerTestConsole/Program.cs +++ /dev/null @@ -1,122 +0,0 @@ -using System; -using System.Collections.Generic; -using Keyfactor.Extensions.Orchestrator.GcpCertManager.Jobs; -using Keyfactor.Orchestrators.Common.Enums; -using Keyfactor.Orchestrators.Extensions; -using Microsoft.Extensions.Logging; -using Newtonsoft.Json; - -namespace GcpCertManagerTestConsole -{ - internal class Program - { - private static void Main(string[] args) - { - if (args.Length != 0) return; - // Display message to user to provide parameters. - Console.WriteLine("Please enter parameter values. Inventory or Management"); - var input = Console.ReadLine(); - Console.WriteLine("Enter Client Machine Json File Name freshcertman-9ff09dc4ff67.json"); - var clientMachine = Console.ReadLine(); - Console.WriteLine("Enter Google Cloud Store Path freshcertman"); - var storePath = Console.ReadLine(); - - switch (input) - { - case "Inventory": - ILoggerFactory invLoggerFactory = new LoggerFactory(); - var invLogger = invLoggerFactory.CreateLogger(); - - var inv = new Inventory(invLogger); - - var invJobConfig = GetInventoryJobConfiguration(clientMachine, storePath); - - SubmitInventoryUpdate sui = GetItems; - inv.ProcessJob(invJobConfig, sui); - Console.Write("Successful Inventory!"); - break; - case "Management": - Console.WriteLine("Select Management Type Add or Remove"); - var mgmtType = Console.ReadLine(); - Console.WriteLine("Overwrite? Enter true or false"); - var overWrite = Console.ReadLine(); - Console.WriteLine("Alias Enter Alias Name"); - var alias = Console.ReadLine(); - Console.WriteLine("Enter Location global or another region"); - var location = Console.ReadLine(); - Console.WriteLine("Enter Google Cloud Project Number 210777491775"); - var projectNumber = Console.ReadLine(); - - if (mgmtType == "Add") - { - ILoggerFactory loggerFactory = new LoggerFactory(); - var logger = loggerFactory.CreateLogger(); - - var mgmt = new Management(logger); - - var jobConfiguration = GetJobConfiguration(clientMachine, storePath, projectNumber, - overWrite, - alias, location); - - var result = mgmt.ProcessJob(jobConfiguration); - - if (result.Result == OrchestratorJobStatusJobResult.Success) Console.Write("Success"); - } - - if (mgmtType == "Remove") - { - ILoggerFactory loggerFactory = new LoggerFactory(); - var logger = loggerFactory.CreateLogger(); - - var mgmt = new Management(logger); - var jobConfig = GetRemoveJobConfiguration(clientMachine, storePath, projectNumber, - overWrite, alias, location); - var result = mgmt.ProcessJob(jobConfig); - - if (result.Result == OrchestratorJobStatusJobResult.Success) Console.Write("Success"); - } - - break; - } - } - - - public static bool GetItems(IEnumerable items) - { - return true; - } - - public static ManagementJobConfiguration GetJobConfiguration(string clientMachineJson, string storePath, - string projectNumber, string overWrite, - string alias, string location) - { - var privateKeyConfig = - $"{{\"LastInventory\":[],\"CertificateStoreDetails\":{{\"ClientMachine\":\"{clientMachineJson}\",\"StorePath\":\"{storePath}\",\"StorePassword\":null,\"Properties\":\"{{\\\"Location\\\":\\\"{location}\\\",\\\"Project Number\\\":\\\"{projectNumber}\\\"}}\",\"Type\":6110}},\"OperationType\":2,\"Overwrite\":{overWrite},\"JobCertificate\":{{\"Thumbprint\":null,\"Contents\":\"MIIQBAIBAzCCD74GCSqGSIb3DQEHAaCCD68Egg+rMIIPpzCCBXwGCSqGSIb3DQEHAaCCBW0EggVpMIIFZTCCBWEGCyqGSIb3DQEMCgECoIIE+jCCBPYwKAYKKoZIhvcNAQwBAzAaBBQjKuelAgS1AAggM3aEeVVFDDVloAICBAAEggTI6rtj2M9oj2kY9wtzEPyr6dadLZIZ4TLdDNuu0csb5toHlV7eRhZV96IhUoN6b+NXwpr5De+5n9eGQTvUja5pV/31uvUhp9FTYUtntLi4RYKAy0HI1p+nngt7E94BZYCxW8BEpn0FhZBaLyAHXuNqr44GMUs7oWFUETXxGeVfG2U1solJRsfPaBfC5yrdxW7/8DMk0vUcpCRuAHLNAeKLhLLClYmUoum1SJUJLoH44j++UOx8BQvSit1pxv9V/ifCzIVCiolgBWtZylywMQnsaloeMZzGOG8gdsH9Q3C4w+QU1/wK9brnsxXvFcvd79kchBbRnnaG/xYnKFpSpSS+uruMEUUpd68XkXZ5PfO38qM4OKvhTh0lwXWh1kXXM3gQ9O+Ywkfe3IXtGdfgOSf+T3evqVIBn2e1rtuap0t2i8tYYn3zXixgk0rH3hpdifeuda21sTVwqZ2C3yqxq6x7tnIxk4fDgReT6oVB0U0/GRTuaGasJDo+7zv06tAT/0i0BA+e5hy3c5AUctm/V+c+4B3+MUCmzauPhPM1XlQwOrQqAZfJv9iq59rHXk2Q/7FLLPjCAMKwnEDcPswMnZqLqavhnRn+Re4R2Nhf4X4aFm/tOiPbKsGkUfJ3gF5uNYjcp2U4U0qJefBCMiYiQMogI9mhyuZ2/3MLe3IuS2+2hDiV4DjFlz1ktjnW3M++jTTSps+g95jHnZm+lIUqhIkauzmi/YGXbvZ/I0lsZjMTaRfoqNp2lSfclso7/uHLUvqygX6iFvk1vjb9JkJEgiEcR7Sqz3oFThhGQtpPk4ImmoVz5YGJmYaKkpiMVCyugJ9TuXoxPtaN9TFdFhEu4u7/i0HWi38JKGljj45oWHEh0qx6I5BNB/xohRjxUG8NCNLFxfBHNwQTG9c3HuSfrDdZSYzKlvw94XTv3o5etvZadgJbMV1khXcSeMURfP7fV4rtYIGdGBKaa6NnYXh/YnrHo+r87sDP9cO+Jilg5J1iyla7wU2IMbYoGIxV0SZ6u5mKil0auP6yIW1A/jCBXtmbrbk4Ij3Zxvx5nytq2Y1xsHR/qJqaF6XYVu5cuwnHkYOdM+Shhvu54MR4B0yENw/YA8eDwZ8XIJX8l+0Dedgf1Wg74B7bErrjI8o4hKfjKhvLf+b8qbwuPlyZ2bYpLpfrdcdN23OtE/QSAcMsyOxmyDb2/4FsMDdifo2wSlDnX6ph32xBixkC5tApaWnZZZOjYatu8Dj3Pl1z1VNhQL+FvPq7Vn41bUK5qIwSs5Eu12vL1nlfoGQDt4VcY6Ma+Kj1LIKOg6MleJFTg+8rZ1A0Idd/mHAluOSDGWqAl12GRmptvJh4L23QJ6nxYMipym2K2H1M8eVfo3jaR1KvZsLgBQ5CH69ggnDrnkPENKdPZNnb5fazXDfS3vrx3BdnLIxid1POHfa3+qfwpd8XR4UPL3P67hbLqWp/uDnoGEu8k5h3vLsRjZ36ahVB9ELwSz19tFIIOmUTyT3k3OH0+Sj7dJDIZJUH3uh1TzW0P10MAlXOIvxMlD4rL69AUkokIz9JqifRkfQ40MbCKeFj6yU416O4Hphv82s63sHZTFlTJpuPyyz9PowNCGsv1lrZejJbbl+D1IG6A0GLMVQwIwYJKoZIhvcNAQkVMRYEFEAZowZV9X7PyjIMGXRnlx4cJoubMC0GCSqGSIb3DQEJFDEgHh4AdwB3AHcALgBjAGUAcgB0ADEAMAAwAC4AYwBvAG0wggojBgkqhkiG9w0BBwagggoUMIIKEAIBADCCCgkGCSqGSIb3DQEHATAoBgoqhkiG9w0BDAEGMBoEFAnpceubGzk5VadPy0pZhAfcbHijAgIEAICCCdBg4+IyfxouvjAE6AFxIeZodv9Mu7O8bdMDbgwGZW+0Bts5ypav5Ii8gbTI9kJFu7yfL4w3d8eWIjzzLDcRB48FjgH2wQdrKZjGFN89B79RV1HLEe2+rt7TgXZ2KVYMTCACyLQQiT1IsZLgDq5V+Cc7zdp9QQ1+DvGG0AX580+k37T063U1BNmrHxNAL3e5kO+Q18zNx7rCmNPa1mP0QnIVFSGp1nKi+DAXTvFY/oo5F4tATQm/ngPYfgNZP1oes88uKMo3hWjpNEYjqBp4s8eIE9NR2QeEvGacWMYMRQ+y2QsrrhgTEf7Ib5TOP/laT0mWs1SyvQXsaBH54h1QQNwFZFODuBB5ujiyo6eTm8XY9hlBFIXZC57gp9DcQJQl7H8uGM8FkcshDPujXiXtCHVaoHTt5Zp+mVDcD5Ugd+mHk1QFTmoleIZK/1sDxTQxqiUt3QU3x/nPh72mA5MKE19VjM2GGpX/oLuYq3m/3shqhLlUT7jfgk7/C9nmMsWqrskjPAL9f6JW+DY1JuCdL0WKEx186zGNl3/l4QOsexuSQkZNrOxlMontJyv5SMXCKkH2JL4h3eimBrIN4zaJGcTILN7hATzH0CDwaLlar79SFHg0zyJEw1uKb7nj43ZSvHI4nLJsZQNVpO2DdWxmfb2Sa/xMarEm8FiH0Xne3SO0PXVyIWbNYHZRDPDS+gn3sWBT7AuO7xcti25Xur6D77v6rsvCWxGoI28aoP5YocEb6d+NSnPWEaZr9looNmp1p/hQXnAGMB2budLv1F2Z781DAh6JmyKoL0VidEBdd+RdtmJ6Z0e4m4PKaWSIMwQW0uyrSaUeZc4Dd7VfKItWFJ08F2il2abqp4SnOWBdPyKapwAyvdn4uRKP4VP2K61ikWVRZjASk1PEdGIDXLQW/1g/e/3PuZMEBQf2t02hxeW3xDy0vwAS+MQZ/NSYvX5t2Ah+3CvDRpfux2RUFgNUCS9zXlNwk67/pxK7QTxr9yHcz5LTIOeweY/esV6eOTrcGe7MvFE5HfaXkzeVXfvafkAACLLghIlJGlrlWSr3y7tDOEzGlrEcfQST1Iqdnj2i5caJZGl94I2iXLoeIB0xjGd2hL/XtOf51+kOdgglFFiEcVMKYWHKkZPRW+KTo5+yXOh7Z7qPbaEPwCFJKUbNM9oOHMrJSZVFISdhpcT7Dx3K2USPmqYAz7QEjQ5rdeQd29wXdgan8ucRy17jgCyuRioBXNHfLY0b13Pl1629HWuouKtDz1yUCitsY3vnvksOWO72gzSIkrl+dTvxroshXroAZQw9Afr27Tek3hS74UsbglYudbLVaItcyDZEBoaew3fyfZXbkQJ1k3peChFY2E9tJKcU+7laQ7gl1JW4btloM+66WQiEHnoF9+X14c0ikjVVRJVqSidt8TA7/6WjZbiU1r4tpmdqcD8adhtDPmZ1xSkQOwp/vMcgTx3s0/cHMdyXUY9BKqxiGfnoKn3j2IpZ6fe1Hz2uUydGvn9CjXYF+Ggj5ssOGaXOBh+yFYCsrnFOMhTEovpzeApejFZUpp8OcHqwDH9kMGujRibHa2EVVtFI/6nRLtzP9RybYlYdwHybzgOa6swz6U45t6yAETIMG22PVNUm5X6QxGttXSlD7lhcJDKFYN17R+mw9S7yILvrJxoatCFTXNw/5Mc0eYYdtbVophBxyjaSXh1yxVHb6HCUsEi1C2m6uSsjBbEkRQt0mkOY/9+EVRkHKr5K+2rMkl2OSWyTDJvLr9HDb5933FfL8+iqudRn0kVWc/yYATFgWCzDNR2l8IYFKLOH1/iBjpiO9AxlWQgOkBv9Jf5RpQJRqOp7xL9VX+xfdN3wyOS8H1SS5UpOIekUnRoSA7oc/CtDSrOrIK34QLDkM5DFEtcJRT7bUdCca4JcNp7J+8MrBz4IcLc1m+FjOx7UiCwVbwnIdiop/Y+qR+ILuXC8cSEqkHPOl/WLY592PGb5xV0iK9b2SpkUZg4X6yE9VlE2TkZ4/ZGcffK89W/xDcldgczCK8sbLdX9aKCaLJ3kBKv8YFy9FUn100O7wioYjuvnwXH7gk1VD/hGYNKNmWQXGlcZQis5I+8aiVfmLIaLMe9FxPNDFRNvXPXfC/P1iM0gKVD/5uMHJIbLUzVt4bbe/LzZX8Gl2TNsrRCt8/xymsY9/xNVpNmJ3l8p2fCZK9BF2kKox+A/DiIUcdH+CVi9w98X6iQ6UXA7ua03s+CTZCZGeyNPKt/l6sJHj+DoSkl5qWU5BI+MQdd4HzRmQWOXySkp3fx+cuYzgDEJLmw2Cq9+aDwQ9Kn5dyqP89Eym5TRR43X2U4q+YyW9PuAKulKg/x/kb9R8l8zi3vfRz1hl9+cnp/ods4D4fjKe1vr73aZXKr1chapQ/u0hu3Owx36PrtAQ6gLxlEut9vDEZw2NYjtWzeKwg3I0N05qDLDNJNWGoDOIYv6WyA+OzGvNUbnIdRFVmWOxzfES1i7UyQCRz9MEw6T+Gj2tdg1uQPfNw7L0JkITCmjxT/xBxNlrWTlf553JfSdojr3bhBOJcemCjW2aalIzFA1NlbOusr2G8UN6h8//G7Tb3iDGc4XjVOWP+dE/Waa5mh7oGiNpmtDFcwXWsapP/QC59pd0LTgcL3z5Zi4v8TToKk6n1mvNM68liPoEz+8Kz6y2qz1U6Ph1/Lwp4KSC3/vkSuoRjGRgaiMEVitAaQYTNgBGwl1Hr8lm+EAEzd2tjWV9Di8MlCrQlI7bBEwHfoODNlGx5D5rY0IAF2Szebpft4SLeBbjCNusHWTqr7V4P6RPwnMjjdCquhmCTuIoLIvMWmumcxNVLbz1AgnJwXmVL5gutnHHTLKjNAFqqB+KBOqBFz9JEJmvP6ZHSJdEUtfqJKIlI5lcWtxqKS+evutnkFP3ygfToxXj4u9FRM2mEsQLg9XmlREMqycJw1hmrHFArH3uQrhWnzaQ17A7lO21xwyZWuCjpVn6ddCL9YRXhA8x8SvnxD1JWheaeBc3WI9gegIN/Nkl0z9ObvP6/+4iOLr8M8E1AsxXy6nftHtqFKIhkCBHtfO0c+3JLx944rfA49RJdBYXPxv77FAPy+Mum+8gxpPYuBboDDOZojzIjEFbVSpemRA86enbAPL8hzgfJPE5h2jHGWsXWHLai3BMjyaBLtYzKJ/tBNK+kIrzzq+xqE4mtxzzv8SQy3ILja/Y2Myax3HHXTfXkYN1eY/NcnOcY1JM7dLZU+A7PLqKUKM5v8izoNPvsJa4mfesmNdedNQGRKMbi63rncDP2dRHBeAnil0UuieSf1EIYLjO5i0Y6ST6pM5d3/4emLCL25LhQqd4dJeUPreMD0wITAJBgUrDgMCGgUABBSy3pbCenwAlMILvNuXcgtGFGymQQQUygr4LE2tvYpDmlkRBwzS6o0HHoQCAgQA\",\"Alias\":\"{alias}\",\"PrivateKeyPassword\":\"zsvkW2cyfc4w\"}},\"JobCancelled\":false,\"ServerError\":null,\"JobHistoryId\":362893,\"RequestStatus\":1,\"ServerUsername\":null,\"ServerPassword\":null,\"UseSSL\":true,\"JobProperties\":{{}},\"JobTypeId\":\"00000000-0000-0000-0000-000000000000\",\"JobId\":\"6f4f5268-bf51-4ca0-870b-94c3c8a82fe3\",\"Capability\":\"CertStores.GcpCertManager.Management\"}}"; - - var jobConfigString = privateKeyConfig; - - var result = JsonConvert.DeserializeObject(jobConfigString); - return result; - } - - public static InventoryJobConfiguration GetInventoryJobConfiguration(string clientMachineJson, string storePath) - { - var jobConfigString = - "{\"LastInventory\":[{\"Alias\":\"cert12\",\"PrivateKeyEntry\":true,\"Thumbprints\":[\"8C70C6EFBDDB09627DFECC6761B46CC6EF0C578D\"]},{\"Alias\":\"cert20\",\"PrivateKeyEntry\":true,\"Thumbprints\":[\"C97D508D9192872D7349A79F7AEE13201443F844\"]},{\"Alias\":\"cert27\",\"PrivateKeyEntry\":true,\"Thumbprints\":[\"7FE8827A8626307BD635D50EF8EE2A64D91DF9F7\"]},{\"Alias\":\"map30/me30/cert30\",\"PrivateKeyEntry\":true,\"Thumbprints\":[\"480E773F01F188E3731D6E921ED83E53C0D1F08D\"]}],\"CertificateStoreDetails\":{\"ClientMachine\":\"" + - clientMachineJson + "\",\"StorePath\":\"" + storePath + - "\",\"StorePassword\":\"\",\"Properties\":\"{\\\"Location\\\":\\\"global\\\",\\\"Project Number\\\":\\\"210777491775\\\"}\",\"Type\":6110},\"JobCancelled\":false,\"ServerError\":null,\"JobHistoryId\":362890,\"RequestStatus\":1,\"ServerUsername\":null,\"ServerPassword\":null,\"UseSSL\":true,\"JobProperties\":null,\"JobTypeId\":\"00000000-0000-0000-0000-000000000000\",\"JobId\":\"e131894b-1bbf-4743-8a01-534dc89d409b\",\"Capability\":\"CertStores.GcpCertManager.Inventory\"}"; - var result = JsonConvert.DeserializeObject(jobConfigString); - return result; - } - - public static ManagementJobConfiguration GetRemoveJobConfiguration(string clientMachineJson, string storePath, - string projectNumber, string overWrite, - string alias, string location) - { - var jobConfigString = - $"{{\"LastInventory\":[],\"CertificateStoreDetails\":{{\"ClientMachine\":\"{clientMachineJson}\",\"StorePath\":\"{storePath}\",\"StorePassword\":null,\"Properties\":\"{{\\\"Location\\\":\\\"{location}\\\",\\\"Project Number\\\":\\\"{projectNumber}\\\"}}\",\"Type\":6110}},\"OperationType\":3,\"Overwrite\":{overWrite},\"JobCertificate\":{{\"Thumbprint\":null,\"Contents\":\"\",\"Alias\":\"{alias}\",\"PrivateKeyPassword\":null}},\"JobCancelled\":false,\"ServerError\":null,\"JobHistoryId\":362897,\"RequestStatus\":1,\"ServerUsername\":null,\"ServerPassword\":null,\"UseSSL\":true,\"JobProperties\":{{}},\"JobTypeId\":\"00000000-0000-0000-0000-000000000000\",\"JobId\":\"bcc9031a-8c37-4def-8de9-3bafe4afd0c1\",\"Capability\":\"CertStores.GcpCertManager.Management\"}}"; - var result = JsonConvert.DeserializeObject(jobConfigString); - return result; - } - } -} \ No newline at end of file From dfb0dc87a5d8674256109c655846af7b0606ea08 Mon Sep 17 00:00:00 2001 From: leefine02 Date: Tue, 21 May 2024 16:50:34 +0000 Subject: [PATCH 38/38] initial-version --- .../Client/GcpCertificateManagerClient.cs | 51 ++++++++++++++++--- GcpCertManager/GcpCertManager.csproj | 3 +- GcpCertManager/Jobs/Inventory.cs | 4 +- GcpCertManager/Jobs/Management.cs | 6 ++- integration-manifest.json | 2 +- 5 files changed, 54 insertions(+), 12 deletions(-) diff --git a/GcpCertManager/Client/GcpCertificateManagerClient.cs b/GcpCertManager/Client/GcpCertificateManagerClient.cs index c7f287b..5155204 100644 --- a/GcpCertManager/Client/GcpCertificateManagerClient.cs +++ b/GcpCertManager/Client/GcpCertificateManagerClient.cs @@ -3,6 +3,14 @@ using Google.Apis.Auth.OAuth2; using Google.Apis.CertificateManager.v1; using Google.Apis.Services; +using Google.Apis.Iam.v1; +using Google.Apis.Iam.v1.Data; +using System.Text; +using System; + +using Keyfactor.Logging; +using Microsoft.Extensions.Logging; + namespace Keyfactor.Extensions.Orchestrator.GcpCertManager.Client { @@ -10,16 +18,29 @@ public class GcpCertificateManagerClient { public CertificateManagerService GetGoogleCredentials(string credentialFileName) { + ILogger _logger = LogHandler.GetClassLogger(); + //Credentials file needs to be in the same location of the executing assembly - var strExeFilePath = Assembly.GetExecutingAssembly().Location; - var strWorkPath = Path.GetDirectoryName(strExeFilePath); - var strSettingsJsonFilePath = Path.Combine(strWorkPath ?? string.Empty, credentialFileName); + GoogleCredential credentials; - var stream = new FileStream(strSettingsJsonFilePath, - FileMode.Open - ); + if (!string.IsNullOrEmpty(credentialFileName)) + { + _logger.LogDebug("Has credential file name"); + var strExeFilePath = Assembly.GetExecutingAssembly().Location; + var strWorkPath = Path.GetDirectoryName(strExeFilePath); + var strSettingsJsonFilePath = Path.Combine(strWorkPath ?? string.Empty, credentialFileName); - var credentials = GoogleCredential.FromStream(stream); + var stream = new FileStream(strSettingsJsonFilePath, + FileMode.Open + ); + + credentials = GoogleCredential.FromStream(stream); + } + else + { + _logger.LogDebug("No credential file name"); + credentials = GoogleCredential.GetApplicationDefaultAsync().Result; + } var service = new CertificateManagerService(new BaseClientService.Initializer { @@ -28,5 +49,21 @@ public CertificateManagerService GetGoogleCredentials(string credentialFileName) return service; } + + public ServiceAccountKey CreateServiceAccountKey(string serviceAccountEmail) + { + GoogleCredential credential = GoogleCredential.GetApplicationDefault().CreateScoped(IamService.Scope.CloudPlatform); + IamService service = new IamService(new IamService.Initializer + { + HttpClientInitializer = credential + }); + + var key = service.Projects.ServiceAccounts.Keys.Create(new CreateServiceAccountKeyRequest(), "projects/-/serviceAccounts/" + serviceAccountEmail).Execute(); + + byte[] valueBytes = System.Convert.FromBase64String(key.PrivateKeyData); + string jsonKeyContent = Encoding.UTF8.GetString(valueBytes); + + return key; + } } } \ No newline at end of file diff --git a/GcpCertManager/GcpCertManager.csproj b/GcpCertManager/GcpCertManager.csproj index b1efea7..e9e15de 100644 --- a/GcpCertManager/GcpCertManager.csproj +++ b/GcpCertManager/GcpCertManager.csproj @@ -19,12 +19,11 @@ - + - diff --git a/GcpCertManager/Jobs/Inventory.cs b/GcpCertManager/Jobs/Inventory.cs index 7486b7c..64ca851 100644 --- a/GcpCertManager/Jobs/Inventory.cs +++ b/GcpCertManager/Jobs/Inventory.cs @@ -55,7 +55,7 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven _logger.LogTrace($" Service Account Key Path: {storeProperties.ServiceAccountKey}"); _logger.LogTrace("Getting Credentials from Google..."); - var svc = string.IsNullOrEmpty(storeProperties.ServiceAccountKey) ? new CertificateManagerService() : new GcpCertificateManagerClient().GetGoogleCredentials(storeProperties.ServiceAccountKey); + var svc = new GcpCertificateManagerClient().GetGoogleCredentials(storeProperties.ServiceAccountKey); _logger.LogTrace("Got Credentials from Google"); var warningFlag = false; @@ -133,6 +133,8 @@ private JobResult PerformInventory(InventoryJobConfiguration config, SubmitInven catch (GoogleApiException e) { var googleError = e.Error?.ErrorResponseContent + " " + LogHandler.FlattenException(e); + + _logger.LogError($"PerformInventory Error: {LogHandler.FlattenException(e)}"); return new JobResult { Result = OrchestratorJobStatusJobResult.Failure, diff --git a/GcpCertManager/Jobs/Management.cs b/GcpCertManager/Jobs/Management.cs index 6399280..c08cb83 100644 --- a/GcpCertManager/Jobs/Management.cs +++ b/GcpCertManager/Jobs/Management.cs @@ -77,7 +77,7 @@ private JobResult PerformManagement(ManagementJobConfiguration config) _logger.LogTrace($" Service Account Key Path: {storeProperties.ServiceAccountKey}"); _logger.LogTrace("Getting Credentials from Google..."); - var svc = string.IsNullOrEmpty(storeProperties.ServiceAccountKey) ? new CertificateManagerService() : new GcpCertificateManagerClient().GetGoogleCredentials(storeProperties.ServiceAccountKey); + var svc = new GcpCertificateManagerClient().GetGoogleCredentials(storeProperties.ServiceAccountKey); _logger.LogTrace("Got Credentials from Google"); var storePath = $"projects/{storeProperties.ProjectId}/locations/{storeProperties.Location}"; @@ -284,6 +284,8 @@ private JobResult PerformAddition(CertificateManagerService svc, ManagementJobCo catch (GoogleApiException e) { var googleError = e.Error?.ErrorResponseContent + " " + LogHandler.FlattenException(e); + _logger.LogError($"PerformManagement Error: {LogHandler.FlattenException(e)}"); + return new JobResult { Result = OrchestratorJobStatusJobResult.Failure, @@ -294,6 +296,8 @@ private JobResult PerformAddition(CertificateManagerService svc, ManagementJobCo } catch (Exception e) { + _logger.LogError($"PerformManagement Error: {LogHandler.FlattenException(e)}"); + return new JobResult { Result = OrchestratorJobStatusJobResult.Failure, diff --git a/integration-manifest.json b/integration-manifest.json index f5a40a4..c08a2e2 100644 --- a/integration-manifest.json +++ b/integration-manifest.json @@ -2,7 +2,7 @@ "$schema": "https://keyfactor.github.io/integration-manifest-schema.json", "integration_type": "orchestrator", "name": "Google Cloud Provider Certificate Manager", - "status": "pilot", + "status": "production", "update_catalog": false, "release_dir": "GcpCertManager/bin/release", "description": "Google Certificate Manager Orchestrator for Add, Remove and Inventory.",