The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.
Description of problem:
pki console adding a CA certificate/Local certificate as an admin user throws
error
Steps to Reproduce:
Login to cosole as an admin user
Select the Configuration tab.
Click on "System Keys and Certificates" in the left navigation menu.
Go to "CA Certificate" tab.
Click Add.
On Introduction, Click Next
On Certificate Selection, Select "UnTrusted CA Certificate Chain", and click
Next.
On Location of Certificate, Select "The certificate is located in the text area
below:", Paste in the CA certificate chain blob (of a different CA, since CA
that issued certs to DRM is already trusted) and click Next.
Actual results:
Error message Imported cert has not been verified to be valid. Please review
the usual validity properties of this certificate before using this as part of
the system.
CA certificate gets added.
Expected results:
Instead of error this should be a warning message.
Additional info:
Same error message is thrown in the Local Certificates tab while adding a
auditSigning cert created using profile caSignedLogCert., the certificate is
added.
DRM debug log:
[19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet:service() uri =
/kra/server
[19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param
name='pkcs10' value='-----BEGIN CERTIFICATE-----
MIID2DCCAsCgAwIBAgIBATANBgkqhkiG9w0BAQsFADBSMR8wHQYDVQQKExZJZG1M
YWJCb3NSZWRoYXQgRG9tYWluMQ8wDQYDVQQLEwZwa2ktY2ExHjAcBgNVBAMTFUNl
cnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzExMDExNTU4MzFaFw0yMTExMDExNTU4
MzFaMFIxHzAdBgNVBAoTFklkbUxhYkJvc1JlZGhhdCBEb21haW4xDzANBgNVBAsT
BnBraS1jYTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2o/oIcSORMF7fWNLjjqFd5eSaCI8tzy
BxUfM5tMwIRyugGWN/nuQY4g02XJpIqPK2NWpslrbw4Wx1BGlZTI/N/mqsC+l3GW
HSqWbh2rehSEWngEetijUxHLX8Iw+dhDLOGecmylJvV/YoT0olLmHNF1stNWTHpr
jE6Iuefwq1/xqziP6Aw3gnNWezousZts0flG/IZCzVAbvkF/LCSDyoRJ467mLSnR
A5MW+LjhAZEd1eBbqfSMonbARHugbhgpDhFM6sHW1O9QlhbgiQdfcJ5XQK6h4Eq0
PriNYfWL6PnyNuQDrP3ZNrRa8NNUOqc5ydgqB/EASInkVCEuHMvkUQIDAQABo4G4
MIG1MB8GA1UdIwQYMBaAFFB4YnXz5UwxeszAd9LeHb1N79jNMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBRQeGJ18+VMMXrMwHfS3h29
Te/YzTBSBggrBgEFBQcBAQRGMEQwQgYIKwYBBQUHMAGGNmh0dHA6Ly9xZS1ibGFk
ZS0wMi5pZG0ubGFiLmJvcy5yZWRoYXQuY29tOjkxODAvY2Evb2NzcDANBgkqhkiG
9w0BAQsFAAOCAQEAS3w8bTmfQ4VTV6l3v/bsvylkOB0+EIhukyoVZBEGKEhsNjkM
4G/Rwb1kfBt4DJHD68zKoVH6EmcfRoMbboRcSPz1GSj2cLQ9oKI15fszAj0F2wsP
w4Z0EFodORZCACAvsDNcuTatRmLezwtEzqvCWlRXg0tSobse3rPFpebdHTvG0sjp
2wuZj7X+r+7K6et0s11DxxDioPQlNSIMUfhgrgW7rEbTcA6pBCj/ht8mFAgq761U
Q3sZtUXtIh3pOI5fsf7Q5seM+SROSdtiG8P5cvh+V8BIeKEo7lNYobmmRyAbHciz
ewMwvh1mlSFNcdSBOsjloywqXHzscAr2gWH+3w==
-----END CERTIFICATE-----'
[19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param
name='nickname' value=
[19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param
name='serverID' value='instanceID'
[19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param
name='RS_ID' value='serverCertChain'
[19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param
name='serverRoot' value=
[19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param
name='pathname' value=*
[19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param
name='OP_SCOPE' value='installCert'
[19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param
name='OP_TYPE' value='OP_MODIFY'
[19/Nov/2013:18:55:22]http-10445-Processor24: Authentication: UID=testadmin1
[19/Nov/2013:18:55:22]http-10445-Processor24: In
LdapBoundConnFactory::getConn()
[19/Nov/2013:18:55:22]http-10445-Processor24: masterConn is connected: true
[19/Nov/2013:18:55:22]http-10445-Processor24: getConn: conn is connected true
[19/Nov/2013:18:55:22]http-10445-Processor24: getConn: mNumConns now 2
[19/Nov/2013:18:55:22]http-10445-Processor24: LdapAnonConnFactory::getConn
[19/Nov/2013:18:55:22]http-10445-Processor24: LdapAnonConnFactory.getConn():
num avail conns now 2
[19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 3
[19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 2
[19/Nov/2013:18:55:22]http-10445-Processor24: In
LdapBoundConnFactory::getConn()
[19/Nov/2013:18:55:22]http-10445-Processor24: masterConn is connected: true
[19/Nov/2013:18:55:22]http-10445-Processor24: getConn: conn is connected true
[19/Nov/2013:18:55:22]http-10445-Processor24: getConn: mNumConns now 3
[19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 4
[19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet: authenticated for
servlet: kraserver.
[19/Nov/2013:18:55:22]http-10445-Processor24: In
LdapBoundConnFactory::getConn()
[19/Nov/2013:18:55:22]http-10445-Processor24: masterConn is connected: true
[19/Nov/2013:18:55:22]http-10445-Processor24: getConn: conn is connected true
[19/Nov/2013:18:55:22]http-10445-Processor24: getConn: mNumConns now 3
[19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 4
[19/Nov/2013:18:55:22]http-10445-Processor24: SignedAuditEventFactory:
create() message=[AuditEvent=AUTH_SUCCESS][SubjectID=testadmin1][Outcome=Succes
s][AuthMgr=passwdUserDBAuthMgr] authentication success
[19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet: About to check
AuthzSubsystem authorization for servlet: kraserver.
[19/Nov/2013:18:55:22]http-10445-Processor24: checkACLS(): ACLEntry
expressions= group="Administrators"
[19/Nov/2013:18:55:22]http-10445-Processor24: evaluating expressions:
group="Administrators"
[19/Nov/2013:18:55:22]http-10445-Processor24: GroupAccessEvaluator: evaluate:
uid=testadmin1 value="Administrators"
[19/Nov/2013:18:55:22]http-10445-Processor24: GroupAccessEvaluator: evaluate:
no gid in authToken
[19/Nov/2013:18:55:22]http-10445-Processor24: In
LdapBoundConnFactory::getConn()
[19/Nov/2013:18:55:22]http-10445-Processor24: masterConn is connected: true
[19/Nov/2013:18:55:22]http-10445-Processor24: getConn: conn is connected true
[19/Nov/2013:18:55:22]http-10445-Processor24: getConn: mNumConns now 3
[19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 4
[19/Nov/2013:18:55:22]http-10445-Processor24: UGSubsystem.isMemberOf() using
new lookup code
[19/Nov/2013:18:55:22]http-10445-Processor24: In
LdapBoundConnFactory::getConn()
[19/Nov/2013:18:55:22]http-10445-Processor24: masterConn is connected: true
[19/Nov/2013:18:55:22]http-10445-Processor24: getConn: conn is connected true
[19/Nov/2013:18:55:22]http-10445-Processor24: getConn: mNumConns now 3
[19/Nov/2013:18:55:22]http-10445-Processor24: authorization search base:
cn=Administrators,ou=groups,dc=nocp3.dsdev.sjc.redhat.com-pki-kra-tpsrec-inst1
[19/Nov/2013:18:55:22]http-10445-Processor24: authorization search filter: (u
niquemember=uid=testadmin1,ou=People,dc=nocp3.dsdev.sjc.redhat.com-pki-kra-tpsr
ec-inst1)
[19/Nov/2013:18:55:22]http-10445-Processor24: authorization result: true
[19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 4
[19/Nov/2013:18:55:22]http-10445-Processor24: evaluated expression:
group="Administrators" to be true
[19/Nov/2013:18:55:22]http-10445-Processor24: DirAclAuthz: authorization
passed
[19/Nov/2013:18:55:22]http-10445-Processor24: authorization succeeded for
servlet: kraserver
[19/Nov/2013:18:55:22]http-10445-Processor24: SignedAuditEventFactory:
create() message=[AuditEvent=AUTHZ_SUCCESS][SubjectID=testadmin1][Outcome=Succe
ss][aclResource=certServer.general.configuration][Op=modify] authorization
success
[19/Nov/2013:18:55:22]http-10445-Processor24: In
LdapBoundConnFactory::getConn()
[19/Nov/2013:18:55:22]http-10445-Processor24: masterConn is connected: true
[19/Nov/2013:18:55:22]http-10445-Processor24: getConn: conn is connected true
[19/Nov/2013:18:55:22]http-10445-Processor24: getConn: mNumConns now 3
[19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 4
[19/Nov/2013:18:55:22]http-10445-Processor24: SignedAuditEventFactory:
create() message=[AuditEvent=ROLE_ASSUME][SubjectID=testadmin1][Outcome=Success
][Role=Administrators] assume privileged role
This issue was migrated from Pagure Issue #812. Originally filed by nkinder (@nkinder) on 2013-12-02 19:40:06:
Description of problem: pki console adding a CA certificate/Local certificate as an admin user throws error
Steps to Reproduce: Login to cosole as an admin user Select the Configuration tab. Click on "System Keys and Certificates" in the left navigation menu. Go to "CA Certificate" tab. Click Add. On Introduction, Click Next On Certificate Selection, Select "UnTrusted CA Certificate Chain", and click Next. On Location of Certificate, Select "The certificate is located in the text area below:", Paste in the CA certificate chain blob (of a different CA, since CA that issued certs to DRM is already trusted) and click Next.
Actual results: Error message Imported cert has not been verified to be valid. Please review the usual validity properties of this certificate before using this as part of the system.
CA certificate gets added.
Expected results: Instead of error this should be a warning message.
Additional info: Same error message is thrown in the Local Certificates tab while adding a auditSigning cert created using profile caSignedLogCert., the certificate is added.
DRM debug log: [19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet:service() uri = /kra/server [19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param name='pkcs10' value='-----BEGIN CERTIFICATE----- MIID2DCCAsCgAwIBAgIBATANBgkqhkiG9w0BAQsFADBSMR8wHQYDVQQKExZJZG1M YWJCb3NSZWRoYXQgRG9tYWluMQ8wDQYDVQQLEwZwa2ktY2ExHjAcBgNVBAMTFUNl cnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzExMDExNTU4MzFaFw0yMTExMDExNTU4 MzFaMFIxHzAdBgNVBAoTFklkbUxhYkJvc1JlZGhhdCBEb21haW4xDzANBgNVBAsT BnBraS1jYTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2o/oIcSORMF7fWNLjjqFd5eSaCI8tzy BxUfM5tMwIRyugGWN/nuQY4g02XJpIqPK2NWpslrbw4Wx1BGlZTI/N/mqsC+l3GW HSqWbh2rehSEWngEetijUxHLX8Iw+dhDLOGecmylJvV/YoT0olLmHNF1stNWTHpr jE6Iuefwq1/xqziP6Aw3gnNWezousZts0flG/IZCzVAbvkF/LCSDyoRJ467mLSnR A5MW+LjhAZEd1eBbqfSMonbARHugbhgpDhFM6sHW1O9QlhbgiQdfcJ5XQK6h4Eq0 PriNYfWL6PnyNuQDrP3ZNrRa8NNUOqc5ydgqB/EASInkVCEuHMvkUQIDAQABo4G4 MIG1MB8GA1UdIwQYMBaAFFB4YnXz5UwxeszAd9LeHb1N79jNMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBRQeGJ18+VMMXrMwHfS3h29 Te/YzTBSBggrBgEFBQcBAQRGMEQwQgYIKwYBBQUHMAGGNmh0dHA6Ly9xZS1ibGFk ZS0wMi5pZG0ubGFiLmJvcy5yZWRoYXQuY29tOjkxODAvY2Evb2NzcDANBgkqhkiG 9w0BAQsFAAOCAQEAS3w8bTmfQ4VTV6l3v/bsvylkOB0+EIhukyoVZBEGKEhsNjkM 4G/Rwb1kfBt4DJHD68zKoVH6EmcfRoMbboRcSPz1GSj2cLQ9oKI15fszAj0F2wsP w4Z0EFodORZCACAvsDNcuTatRmLezwtEzqvCWlRXg0tSobse3rPFpebdHTvG0sjp 2wuZj7X+r+7K6et0s11DxxDioPQlNSIMUfhgrgW7rEbTcA6pBCj/ht8mFAgq761U Q3sZtUXtIh3pOI5fsf7Q5seM+SROSdtiG8P5cvh+V8BIeKEo7lNYobmmRyAbHciz ewMwvh1mlSFNcdSBOsjloywqXHzscAr2gWH+3w== -----END CERTIFICATE-----' [19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param name='nickname' value= [19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param name='serverID' value='instanceID' [19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param name='RS_ID' value='serverCertChain' [19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param name='serverRoot' value= [19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param name='pathname' value=* [19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param name='OP_SCOPE' value='installCert' [19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet::service() param name='OP_TYPE' value='OP_MODIFY' [19/Nov/2013:18:55:22]http-10445-Processor24: Authentication: UID=testadmin1 [19/Nov/2013:18:55:22]http-10445-Processor24: In LdapBoundConnFactory::getConn() [19/Nov/2013:18:55:22]http-10445-Processor24: masterConn is connected: true [19/Nov/2013:18:55:22]http-10445-Processor24: getConn: conn is connected true [19/Nov/2013:18:55:22]http-10445-Processor24: getConn: mNumConns now 2 [19/Nov/2013:18:55:22]http-10445-Processor24: LdapAnonConnFactory::getConn [19/Nov/2013:18:55:22]http-10445-Processor24: LdapAnonConnFactory.getConn(): num avail conns now 2 [19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 3 [19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 2 [19/Nov/2013:18:55:22]http-10445-Processor24: In LdapBoundConnFactory::getConn() [19/Nov/2013:18:55:22]http-10445-Processor24: masterConn is connected: true [19/Nov/2013:18:55:22]http-10445-Processor24: getConn: conn is connected true [19/Nov/2013:18:55:22]http-10445-Processor24: getConn: mNumConns now 3 [19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 4 [19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet: authenticated for servlet: kraserver. [19/Nov/2013:18:55:22]http-10445-Processor24: In LdapBoundConnFactory::getConn() [19/Nov/2013:18:55:22]http-10445-Processor24: masterConn is connected: true [19/Nov/2013:18:55:22]http-10445-Processor24: getConn: conn is connected true [19/Nov/2013:18:55:22]http-10445-Processor24: getConn: mNumConns now 3 [19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 4 [19/Nov/2013:18:55:22]http-10445-Processor24: SignedAuditEventFactory: create() message=[AuditEvent=AUTH_SUCCESS][SubjectID=testadmin1][Outcome=Succes s][AuthMgr=passwdUserDBAuthMgr] authentication success
[19/Nov/2013:18:55:22]http-10445-Processor24: AdminServlet: About to check AuthzSubsystem authorization for servlet: kraserver. [19/Nov/2013:18:55:22]http-10445-Processor24: checkACLS(): ACLEntry expressions= group="Administrators" [19/Nov/2013:18:55:22]http-10445-Processor24: evaluating expressions: group="Administrators" [19/Nov/2013:18:55:22]http-10445-Processor24: GroupAccessEvaluator: evaluate: uid=testadmin1 value="Administrators" [19/Nov/2013:18:55:22]http-10445-Processor24: GroupAccessEvaluator: evaluate: no gid in authToken [19/Nov/2013:18:55:22]http-10445-Processor24: In LdapBoundConnFactory::getConn() [19/Nov/2013:18:55:22]http-10445-Processor24: masterConn is connected: true [19/Nov/2013:18:55:22]http-10445-Processor24: getConn: conn is connected true [19/Nov/2013:18:55:22]http-10445-Processor24: getConn: mNumConns now 3 [19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 4 [19/Nov/2013:18:55:22]http-10445-Processor24: UGSubsystem.isMemberOf() using new lookup code [19/Nov/2013:18:55:22]http-10445-Processor24: In LdapBoundConnFactory::getConn() [19/Nov/2013:18:55:22]http-10445-Processor24: masterConn is connected: true [19/Nov/2013:18:55:22]http-10445-Processor24: getConn: conn is connected true [19/Nov/2013:18:55:22]http-10445-Processor24: getConn: mNumConns now 3 [19/Nov/2013:18:55:22]http-10445-Processor24: authorization search base: cn=Administrators,ou=groups,dc=nocp3.dsdev.sjc.redhat.com-pki-kra-tpsrec-inst1 [19/Nov/2013:18:55:22]http-10445-Processor24: authorization search filter: (u niquemember=uid=testadmin1,ou=People,dc=nocp3.dsdev.sjc.redhat.com-pki-kra-tpsr ec-inst1) [19/Nov/2013:18:55:22]http-10445-Processor24: authorization result: true [19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 4 [19/Nov/2013:18:55:22]http-10445-Processor24: evaluated expression: group="Administrators" to be true [19/Nov/2013:18:55:22]http-10445-Processor24: DirAclAuthz: authorization passed [19/Nov/2013:18:55:22]http-10445-Processor24: authorization succeeded for servlet: kraserver [19/Nov/2013:18:55:22]http-10445-Processor24: SignedAuditEventFactory: create() message=[AuditEvent=AUTHZ_SUCCESS][SubjectID=testadmin1][Outcome=Succe ss][aclResource=certServer.general.configuration][Op=modify] authorization success
[19/Nov/2013:18:55:22]http-10445-Processor24: In LdapBoundConnFactory::getConn() [19/Nov/2013:18:55:22]http-10445-Processor24: masterConn is connected: true [19/Nov/2013:18:55:22]http-10445-Processor24: getConn: conn is connected true [19/Nov/2013:18:55:22]http-10445-Processor24: getConn: mNumConns now 3 [19/Nov/2013:18:55:22]http-10445-Processor24: returnConn: mNumConns now 4 [19/Nov/2013:18:55:22]http-10445-Processor24: SignedAuditEventFactory: create() message=[AuditEvent=ROLE_ASSUME][SubjectID=testadmin1][Outcome=Success ][Role=Administrators] assume privileged role
[19/Nov/2013:18:55:22]http-10445-Processor24: CMSAdminServlet.installCert(): About to try jssSubSystem.importCert: [19/Nov/2013:18:55:22]http-10445-Processor24: CertUtils: verifySystemCertByNickname(): calling isCertValid() [19/Nov/2013:18:55:22]http-10445-Processor24: CertUtils: verifySystemCertByNickname() failed: org.mozilla.jss.crypto.ObjectNotFoundException [19/Nov/2013:18:55:22]http-10445-Processor24: CMSAdminServlet: installCert(): verifySystemCertByNickname() failed: [19/Nov/2013:18:55:22]http-10445-Processor24: SignedAuditEventFactory: create() message=[AuditEvent=CIMC_CERT_VERIFICATION][SubjectID=testadmin1][Outc ome=Failure][CertNickName=] CIMC certificate verification
[19/Nov/2013:18:55:22]http-10445-Processor24: SignedAuditEventFactory: create() message=[AuditEvent=CONFIG_TRUSTED_PUBLIC_KEY][SubjectID=testadmin1][O utcome=Success][ParamNameValPairs=Scope;;installCert+Operation;;OP_MODIFY+Resou rce;;serverCertChain+pkcs10;;-----BEGIN CERTIFICATE----- MIID2DCCAsCgAwIBAgIBATANBgkqhkiG9w0BAQsFADBSMR8wHQYDVQQKExZJZG1M YWJCb3NSZWRoYXQgRG9tYWluMQ8wDQYDVQQLEwZwa2ktY2ExHjAcBgNVBAMTFUNl cnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzExMDExNTU4MzFaFw0yMTExMDExNTU4 MzFaMFIxHzAdBgNVBAoTFklkbUxhYkJvc1JlZGhhdCBEb21haW4xDzANBgNVBAsT BnBraS1jYTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2o/oIcSORMF7fWNLjjqFd5eSaCI8tzy BxUfM5tMwIRyugGWN/nuQY4g02XJpIqPK2NWpslrbw4Wx1BGlZTI/N/mqsC+l3GW HSqWbh2rehSEWngEetijUxHLX8Iw+dhDLOGecmylJvV/YoT0olLmHNF1stNWTHpr jE6Iuefwq1/xqziP6Aw3gnNWezousZts0flG/IZCzVAbvkF/LCSDyoRJ467mLSnR A5MW+LjhAZEd1eBbqfSMonbARHugbhgpDhFM6sHW1O9QlhbgiQdfcJ5XQK6h4Eq0 PriNYfWL6PnyNuQDrP3ZNrRa8NNUOqc5ydgqB/EASInkVCEuHMvkUQIDAQABo4G4 MIG1MB8GA1UdIwQYMBaAFFB4YnXz5UwxeszAd9LeHb1N79jNMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBRQeGJ18+VMMXrMwHfS3h29 Te/YzTBSBggrBgEFBQcBAQRGMEQwQgYIKwYBBQUHMAGGNmh0dHA6Ly9xZS1ibGFk ZS0wMi5pZG0ubGFiLmJvcy5yZWRoYXQuY29tOjkxODAvY2Evb2NzcDANBgkqhkiG 9w0BAQsFAAOCAQEAS3w8bTmfQ4VTV6l3v/bsvylkOB0+EIhukyoVZBEGKEhsNjkM 4G/Rwb1kfBt4DJHD68zKoVH6EmcfRoMbboRcSPz1GSj2cLQ9oKI15fszAj0F2wsP w4Z0EFodORZCACAvsDNcuTatRmLezwtEzqvCWlRXg0tSobse3rPFpebdHTvG0sjp 2wuZj7X+r+7K6et0s11DxxDioPQlNSIMUfhgrgW7rEbTcA6pBCj/ht8mFAgq761U Q3sZtUXtIh3pOI5fsf7Q5seM+SROSdtiG8P5cvh+V8BIeKEo7lNYobmmRyAbHciz ewMwvh1mlSFNcdSBOsjloywqXHzscAr2gWH+3w== -----END CERTIFICATE-----+nickname;;+serverID;;instanceID+serverRoot;;<nu
ll>+pathname;;] certificate database configuration