Write-Host "*********************************************************" Write-Host "* Generate user certificates *" Write-Host "* *" Write-Host "* If the signing certificate could not be found: *" Write-Host "* A new signing certificate will be created. *" Write-Host "* *" Write-Host "* ApplicGate Network Security (C) October 2023 *" Write-Host "*********************************************************" $HashFile = "CAsavedHash.txt" # Filename to store hash of signing certificate # to allow execution of this PowerShell scripts: # Set-ExecutionPolicy Unrestricted -Scope Process # or sign this script #See also #https://docs.microsoft.com/en-us/powershell/module/pkiclient/new-selfsignedcertificate?view=win10-ps Try { Write-Host "Try to read saved hash of signing certificate from file" $HashFile "..." $CAhash = Get-Content $HashFile -ErrorAction Stop $SignCertPath = "Cert:\CurrentUser\My\" + $CAhash $SignCert = Get-ChildItem -Path $SignCertPath -ErrorAction Stop } Catch { $xx = Read-Host -Prompt 'Saved hash of CA cannot be found or certificate not found. Generate new CA certificate? [Y/N]' If (!($xx.ToString().ToLower().Equals("y"))){Write-Host "Exit script!"; Return;} Write-Host "Generating CA certificate in certificate store CurrentUser ..." $mySubject = Read-Host -Prompt 'Enter Subject' if($mySubject.Equals("")) {return} $myOrganization = Read-Host -Prompt 'Enter Organization' if($myOrganization.Equals("")) {return} $Subject = "CN=" + $mySubject + ",O=" + $myOrganization $SignCert = New-SelfSignedCertificate -Type Custom -NotAfter (Get-Date).AddYears(15) -TextExtension @("2.5.29.19={critical}{text}ca=1&pathlength=2") -FriendlyName $mySubject -Subject $Subject -KeyUsage DigitalSignature,CertSign -KeyAlgorithm RSA -KeyLength 4096 -CertStoreLocation "Cert:\CurrentUser\My" $SignCert.Thumbprint | Out-File $HashFile $myFilePath = $mySubject.Replace(' ','_') + ".cer" Write-Host "Exporting " $myFilePath " ..." Export-Certificate -Cert $SignCert -FilePath $myFilePath -NoClobber } Write-Host "Following certificate will be used for signing:" $SignCert Write-Host "" Write-Host "Please enter following data to generate the user certificate:" $User = Read-Host -Prompt 'Username' if($User.Equals("")) {Write-Host "No input, exit script!"; return;} $Company = Read-Host -Prompt 'Domain' if($Company.Equals("")) {Write-Host "No input, exit script!"; return;} $myEmail = $User.ToLower().Replace(' ','') + "@" + $Company.ToLower().Replace(' ','') $mySubject = "E=" + $myEmail + ",CN=" + $myEmail + ",O=" + $Company #Subject Alternative Name: $myTextExtensionParam = "2.5.29.17={text}Email=" + $myEmail + "&UPN=" + $myEmail Write-Host "Generating certificate for $mySubject in certificate store CurrentUser\My ..." Write-Host "TextExtension" $myTextExtensionParam $UserCert = New-SelfSignedCertificate -Signer $SignCert -Type Custom -Subject $mySubject -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2",$myTextExtensionParam) -KeyUsage DigitalSignature -KeyAlgorithm RSA -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" -NotAfter (Get-Date).AddYears(3) Write-Host "" Write-Host "Following certificate has been generated:" $UserCert $xx = Read-Host -Prompt 'Export user certificate? [Y/N]' If (!($xx.ToString().ToLower().Equals("y"))){Write-Host "Exit script!"; Return;} $PW = Read-Host -Prompt 'Enter password for .pfx file' if($PW.Equals("")) {Write-Host "No input, exit script!"; return;} $mypwd = ConvertTo-SecureString -String $PW -Force -AsPlainText $myFilePath = $myEmail + ".pfx" Write-Host "Exporting " $myFilePath " ..." #Export-PfxCertificate -Cert $UserCert -ChainOption EndEntityCertOnly -FilePath $myFilePath -Password $mypwd -NoClobber Export-PfxCertificate -Cert $UserCert -ChainOption BuildChain -FilePath $myFilePath -Password $mypwd -NoClobber $myFilePath = $myEmail + ".cer" Write-Host "Exporting " $myFilePath " ..." Export-Certificate -Cert $UserCert -FilePath $myFilePath -NoClobber $xx = Read-Host -Prompt 'Enter Return to exit' # SIG # Begin signature block # MIInCAYJKoZIhvcNAQcCoIIm+TCCJvUCAQExCzAJBgUrDgMCGgUAMGkGCisGAQQB # gjcCAQSgWzBZMDQGCisGAQQBgjcCAR4wJgIDAQAABBAfzDtgWUsITrck0sYpfvNR # AgEAAgEAAgEAAgEAAgEAMCEwCQYFKw4DAhoFAAQUICh7sXq4y/kuEG8hWZH2/1r1 # M8eggiAaMIIFbzCCBFegAwIBAgIQSPyTtGBVlI02p8mKidaUFjANBgkqhkiG9w0B # AQwFADB7MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVy # MRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEh # MB8GA1UEAwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTIxMDUyNTAwMDAw # MFoXDTI4MTIzMTIzNTk1OVowVjELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1NlY3Rp # Z28gTGltaXRlZDEtMCsGA1UEAxMkU2VjdGlnbyBQdWJsaWMgQ29kZSBTaWduaW5n # IFJvb3QgUjQ2MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjeeUEiIE # JHQu/xYjApKKtq42haxH1CORKz7cfeIxoFFvrISR41KKteKW3tCHYySJiv/vEpM7 # fbu2ir29BX8nm2tl06UMabG8STma8W1uquSggyfamg0rUOlLW7O4ZDakfko9qXGr # YbNzszwLDO/bM1flvjQ345cbXf0fEj2CA3bm+z9m0pQxafptszSswXp43JJQ8mTH # qi0Eq8Nq6uAvp6fcbtfo/9ohq0C/ue4NnsbZnpnvxt4fqQx2sycgoda6/YDnAdLv # 64IplXCN/7sVz/7RDzaiLk8ykHRGa0c1E3cFM09jLrgt4b9lpwRrGNhx+swI8m2J # mRCxrds+LOSqGLDGBwF1Z95t6WNjHjZ/aYm+qkU+blpfj6Fby50whjDoA7NAxg0P # OM1nqFOI+rgwZfpvx+cdsYN0aT6sxGg7seZnM5q2COCABUhA7vaCZEao9XOwBpXy # bGWfv1VbHJxXGsd4RnxwqpQbghesh+m2yQ6BHEDWFhcp/FycGCvqRfXvvdVnTyhe # Be6QTHrnxvTQ/PrNPjJGEyA2igTqt6oHRpwNkzoJZplYXCmjuQymMDg80EY2NXyc # uu7D1fkKdvp+BRtAypI16dV60bV/AK6pkKrFfwGcELEW/MxuGNxvYv6mUKe4e7id # FT/+IAx1yCJaE5UZkADpGtXChvHjjuxf9OUCAwEAAaOCARIwggEOMB8GA1UdIwQY # MBaAFKARCiM+lvEH7OKvKe+CpX/QMKS0MB0GA1UdDgQWBBQy65Ka/zWWSC8oQEJw # IDaRXBeF5jAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zATBgNVHSUE # DDAKBggrBgEFBQcDAzAbBgNVHSAEFDASMAYGBFUdIAAwCAYGZ4EMAQQBMEMGA1Ud # HwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0FBQUNlcnRpZmlj # YXRlU2VydmljZXMuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0 # cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBDAUAA4IBAQASv6Hvi3Sa # mES4aUa1qyQKDKSKZ7g6gb9Fin1SB6iNH04hhTmja14tIIa/ELiueTtTzbT72ES+ # BtlcY2fUQBaHRIZyKtYyFfUSg8L54V0RQGf2QidyxSPiAjgaTCDi2wH3zUZPJqJ8 # ZsBRNraJAlTH/Fj7bADu/pimLpWhDFMpH2/YGaZPnvesCepdgsaLr4CnvYFIUoQx # 2jLsFeSmTD1sOXPUC4U5IOCFGmjhp0g4qdE2JXfBjRkWxYhMZn0vY86Y6GnfrDyo # XZ3JHFuu2PMvdM+4fvbXg50RlmKarkUT2n/cR/vfw1Kf5gZV6Z2M8jpiUbzsJA8p # 1FiAhORFe1rYMIIGGjCCBAKgAwIBAgIQYh1tDFIBnjuQeRUgiSEcCjANBgkqhkiG # 9w0BAQwFADBWMQswCQYDVQQGEwJHQjEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVk # MS0wKwYDVQQDEyRTZWN0aWdvIFB1YmxpYyBDb2RlIFNpZ25pbmcgUm9vdCBSNDYw # HhcNMjEwMzIyMDAwMDAwWhcNMzYwMzIxMjM1OTU5WjBUMQswCQYDVQQGEwJHQjEY # MBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMSswKQYDVQQDEyJTZWN0aWdvIFB1Ymxp # YyBDb2RlIFNpZ25pbmcgQ0EgUjM2MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIB # igKCAYEAmyudU/o1P45gBkNqwM/1f/bIU1MYyM7TbH78WAeVF3llMwsRHgBGRmxD # eEDIArCS2VCoVk4Y/8j6stIkmYV5Gej4NgNjVQ4BYoDjGMwdjioXan1hlaGFt4Wk # 9vT0k2oWJMJjL9G//N523hAm4jF4UjrW2pvv9+hdPX8tbbAfI3v0VdJiJPFy/7Xw # iunD7mBxNtecM6ytIdUlh08T2z7mJEXZD9OWcJkZk5wDuf2q52PN43jc4T9OkoXZ # 0arWZVeffvMr/iiIROSCzKoDmWABDRzV/UiQ5vqsaeFaqQdzFf4ed8peNWh1OaZX # nYvZQgWx/SXiJDRSAolRzZEZquE6cbcH747FHncs/Kzcn0Ccv2jrOW+LPmnOyB+t # AfiWu01TPhCr9VrkxsHC5qFNxaThTG5j4/Kc+ODD2dX/fmBECELcvzUHf9shoFvr # n35XGf2RPaNTO2uSZ6n9otv7jElspkfK9qEATHZcodp+R4q2OIypxR//YEb3fkDn # 3UayWW9bAgMBAAGjggFkMIIBYDAfBgNVHSMEGDAWgBQy65Ka/zWWSC8oQEJwIDaR # XBeF5jAdBgNVHQ4EFgQUDyrLIIcouOxvSK4rVKYpqhekzQwwDgYDVR0PAQH/BAQD # AgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwEwYDVR0lBAwwCgYIKwYBBQUHAwMwGwYD # VR0gBBQwEjAGBgRVHSAAMAgGBmeBDAEEATBLBgNVHR8ERDBCMECgPqA8hjpodHRw # Oi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29QdWJsaWNDb2RlU2lnbmluZ1Jvb3RS # NDYuY3JsMHsGCCsGAQUFBwEBBG8wbTBGBggrBgEFBQcwAoY6aHR0cDovL2NydC5z # ZWN0aWdvLmNvbS9TZWN0aWdvUHVibGljQ29kZVNpZ25pbmdSb290UjQ2LnA3YzAj # BggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wDQYJKoZIhvcNAQEM # BQADggIBAAb/guF3YzZue6EVIJsT/wT+mHVEYcNWlXHRkT+FoetAQLHI1uBy/YXK # ZDk8+Y1LoNqHrp22AKMGxQtgCivnDHFyAQ9GXTmlk7MjcgQbDCx6mn7yIawsppWk # vfPkKaAQsiqaT9DnMWBHVNIabGqgQSGTrQWo43MOfsPynhbz2Hyxf5XWKZpRvr3d # MapandPfYgoZ8iDL2OR3sYztgJrbG6VZ9DoTXFm1g0Rf97Aaen1l4c+w3DC+IkwF # kvjFV3jS49ZSc4lShKK6BrPTJYs4NG1DGzmpToTnwoqZ8fAmi2XlZnuchC4NPSZa # PATHvNIzt+z1PHo35D/f7j2pO1S8BCysQDHCbM5Mnomnq5aYcKCsdbh0czchOm8b # kinLrYrKpii+Tk7pwL7TjRKLXkomm5D1Umds++pip8wH2cQpf93at3VDcOK4N7Ew # oIJB0kak6pSzEu4I64U6gZs7tS/dGNSljf2OSSnRr7KWzq03zl8l75jy+hOds9TW # SenLbjBQUGR96cFr6lEUfAIEHVC1L68Y1GGxx4/eRI82ut83axHMViw1+sVpbPxg # 51Tbnio1lB93079WPFnYaOvfGAA0e0zcfF/M9gXr+korwQTh2Prqooq2bYNMvUoU # KD85gnJ+t0smrWrb8dee2CvYZXD5laGtaAxOfy/VKNmwuWuAh9kcMIIGnDCCBQSg # AwIBAgIQFPNtM6KdazAAt8Rk1XcUjTANBgkqhkiG9w0BAQwFADBUMQswCQYDVQQG # EwJHQjEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMSswKQYDVQQDEyJTZWN0aWdv # IFB1YmxpYyBDb2RlIFNpZ25pbmcgQ0EgUjM2MB4XDTIxMTIwMTAwMDAwMFoXDTI0 # MTEzMDIzNTk1OVowfTELMAkGA1UEBhMCQVQxGDAWBgNVBAgMD09iZXLDtnN0ZXJy # ZWljaDEpMCcGA1UECgwgQXBwbGljR2F0ZSBOZXR3b3JrIFNlY3VyaXR5IGUuVS4x # KTAnBgNVBAMMIEFwcGxpY0dhdGUgTmV0d29yayBTZWN1cml0eSBlLlUuMIICIjAN # BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAw/trlbHhQiznhuloCtjRlVXAsuiq # GShZZQYDiMKcdKET5NKptbCLwnuu/GdZbRh5krDLpDEPoyaQ5fb3AN2faLl+fqrT # V8wQS5GbU2tfj7Po3kZgVHfCvI530a2ERkeLAxkhbR/FW/+C0WkSzXqQhGNl9Vzo # v7JxZmGrZIK1YiFTPBjpz7k1RYtBmr5oMjgY3FIN6uUp5yTaK0/EqfgFUpeK/jyd # SqG8WTEoLqmlqtiYrDW4LM93asHko5yuyvJA14K3dWyH419U8V6b0Gyr4mzcdDZx # Ws+Vu6R9RqiOn/01rGRDfP66U2A+rJ62hBrhNKB4+7liBSHZWtANf4sw+VwLYSqv # OubRUSksse9X3wHE/umxvDG0sbLs6nrU9K5G2gYLmQfykw8o56IemNhPIDkFHex+ # pQ+xdTmRvfSL8WxymZV/07KJ9whfQDJHcjJoLu1wMGfIIGMUKTR0QMvUTzRXP8/v # IDdhifeLI5bCH+PW/m/wI/ySkhfU92PegHQVp73FtZZGNr4OygMT9XozwbNjxczm # x5v1VmHBFnrrheDbq8E2od7JeHPqK6Q+75A3c+VlKfMq3DzeYGrRbdsE1SjMjGl4 # KxA30AmvV5GdZmDe4Lrk4HmHZ2fC96tmNmWCpK2ixgG97IxkMLoEytNygeTAkCgL # B5gRhBtiCVTGqQ0CAwEAAaOCAb8wggG7MB8GA1UdIwQYMBaAFA8qyyCHKLjsb0iu # K1SmKaoXpM0MMB0GA1UdDgQWBBTqdAemneQS6/bCnhG0/PC/bQIwvjAOBgNVHQ8B # Af8EBAMCB4AwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcDAzARBglg # hkgBhvhCAQEEBAMCBBAwSgYDVR0gBEMwQTA1BgwrBgEEAbIxAQIBAwIwJTAjBggr # BgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQQBMEkGA1Ud # HwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuc2VjdGlnby5jb20vU2VjdGlnb1B1Ymxp # Y0NvZGVTaWduaW5nQ0FSMzYuY3JsMHkGCCsGAQUFBwEBBG0wazBEBggrBgEFBQcw # AoY4aHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUHVibGljQ29kZVNpZ25p # bmdDQVIzNi5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29t # MCEGA1UdEQQaMBiBFmNvbnRhY3RAYXBwbGljZ2F0ZS5jb20wDQYJKoZIhvcNAQEM # BQADggGBAHzTfvZUnJUtMmfZ5V8l6Bdq429e32lOOXbFmJ1Ui4stTJXzi15JvrSR # cwi5vO3WPtGajQogwGKOlyRItUi68j51NCWE5cDcBgMIiRfQweIV8dp3ZM7hsu0l # p+2xAZ1qRhTi/qBFTwCCxOnzILwgnbflaWKBahqd3Ala3bnldET388WM+86ZFcAp # B/nhmnpx824Z7UodM+Vq8uwROSZ2ECcNrHcrzJeVqXgaaYeBhj97cufFZO9OvzDl # m8IlA51GVlwO9mY4ci9sWHyQg8yDfpO97qpYhVUgJys9o5+G6eLt4Zs5HVCBxC1K # 1yug1/4z9SZVc8aRclhLqeh17tMJolLbgOT908QYHTgPxQXYeh0OgppxO/0faMuu # Ijh5bGNiGnQHqp1rPexwcesINSzZ4Hd1T1QXnWp6PduCKCPkclQle5BMDcOM/qVG # ENFAwjb1YedAAEIZuf8T3p2h1TBOLvePvvxnrmptCtCUkZ7y1wR2IVm00k2Ksgj0 # k3I1YTBNXDCCBuwwggTUoAMCAQICEDAPb6zdZph0fKlGNqd4LbkwDQYJKoZIhvcN # AQEMBQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYD # VQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3Jr # MS4wLAYDVQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 # MB4XDTE5MDUwMjAwMDAwMFoXDTM4MDExODIzNTk1OVowfTELMAkGA1UEBhMCR0Ix # GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEY # MBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMSUwIwYDVQQDExxTZWN0aWdvIFJTQSBU # aW1lIFN0YW1waW5nIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA # yBsBr9ksfoiZfQGYPyCQvZyAIVSTuc+gPlPvs1rAdtYaBKXOR4O168TMSTTL80Vl # ufmnZBYmCfvVMlJ5LsljwhObtoY/AQWSZm8hq9VxEHmH9EYqzcRaydvXXUlNclYP # 3MnjU5g6Kh78zlhJ07/zObu5pCNCrNAVw3+eolzXOPEWsnDTo8Tfs8VyrC4Kd/wN # lFK3/B+VcyQ9ASi8Dw1Ps5EBjm6dJ3VV0Rc7NCF7lwGUr3+Az9ERCleEyX9W4L1G # nIK+lJ2/tCCwYH64TfUNP9vQ6oWMilZx0S2UTMiMPNMUopy9Jv/TUyDHYGmbWApU # 9AXn/TGs+ciFF8e4KRmkKS9G493bkV+fPzY+DjBnK0a3Na+WvtpMYMyou58NFNQY # xDCYdIIhz2JWtSFzEh79qsoIWId3pBXrGVX/0DlULSbuRRo6b83XhPDX8CjFT2SD # AtT74t7xvAIo9G3aJ4oG0paH3uhrDvBbfel2aZMgHEqXLHcZK5OVmJyXnuuOwXhW # xkQl3wYSmgYtnwNe/YOiU2fKsfqNoWTJiJJZy6hGwMnypv99V9sSdvqKQSTUG/xy # pRSi1K1DHKRJi0E5FAMeKfobpSKupcNNgtCN2mu32/cYQFdz8HGj+0p9RTbB942C # +rnJDVOAffq2OVgy728YUInXT50zvRq1naHelUF6p4MCAwEAAaOCAVowggFWMB8G # A1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBQaofhhGSAP # w0F3RSiO0TVfBhIEVTAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIB # ADATBgNVHSUEDDAKBggrBgEFBQcDCDARBgNVHSAECjAIMAYGBFUdIAAwUAYDVR0f # BEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJT # QUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/Bggr # BgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFk # ZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3Qu # Y29tMA0GCSqGSIb3DQEBDAUAA4ICAQBtVIGlM10W4bVTgZF13wN6MgstJYQRsrDb # Kn0qBfW8Oyf0WqC5SVmQKWxhy7VQ2+J9+Z8A70DDrdPi5Fb5WEHP8ULlEH3/sHQf # j8ZcCfkzXuqgHCZYXPO0EQ/V1cPivNVYeL9IduFEZ22PsEMQD43k+ThivxMBxYWj # TMXMslMwlaTW9JZWCLjNXH8Blr5yUmo7Qjd8Fng5k5OUm7Hcsm1BbWfNyW+QPX9F # csEbI9bCVYRm5LPFZgb289ZLXq2jK0KKIZL+qG9aJXBigXNjXqC72NzXStM9r4MG # OBIdJIct5PwC1j53BLwENrXnd8ucLo0jGLmjwkcd8F3WoXNXBWiap8k3ZR2+6rzY # QoNDBaWLpgn/0aGUpk6qPQn1BWy30mRa2Coiwkud8TleTN5IPZs0lpoJX47997FS # kc4/ifYcobWpdR9xv1tDXWU9UIFuq/DQ0/yysx+2mZYm9Dx5i1xkzM3uJ5rloMAM # cofBbk1a0x7q8ETmMm8c6xdOlMN4ZSA7D0GqH+mhQZ3+sbigZSo04N6o+TzmwTC7 # wKBjLPxcFgCo0MR/6hGdHgbGpm0yXbQ4CStJB6r97DDa8acvz7f9+tCjhNknnvsB # Zne5VhDhIG7GrrH5trrINV0zdo7xfCAMKneutaIChrop7rRaALGMq+P5CslUXdS5 # anSevUiumDCCBvUwggTdoAMCAQICEDlMJeF8oG0nqGXiO9kdItQwDQYJKoZIhvcN # AQEMBQAwfTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3Rl # cjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMSUw # IwYDVQQDExxTZWN0aWdvIFJTQSBUaW1lIFN0YW1waW5nIENBMB4XDTIzMDUwMzAw # MDAwMFoXDTM0MDgwMjIzNTk1OVowajELMAkGA1UEBhMCR0IxEzARBgNVBAgTCk1h # bmNoZXN0ZXIxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDEsMCoGA1UEAwwjU2Vj # dGlnbyBSU0EgVGltZSBTdGFtcGluZyBTaWduZXIgIzQwggIiMA0GCSqGSIb3DQEB # AQUAA4ICDwAwggIKAoICAQCkkyhSS88nh3akKRyZOMDnDtTRHOxoywFk5IrNd7Bx # ZYK8n/yLu7uVmPslEY5aiAlmERRYsroiW+b2MvFdLcB6og7g4FZk7aHlgSByIGRB # bMfDCPrzfV3vIZrCftcsw7oRmB780yAIQrNfv3+IWDKrMLPYjHqWShkTXKz856vp # HBYusLA4lUrPhVCrZwMlobs46Q9vqVqakSgTNbkf8z3hJMhrsZnoDe+7TeU9jFQD # kdD8Lc9VMzh6CRwH0SLgY4anvv3Sg3MSFJuaTAlGvTS84UtQe3LgW/0Zux88ahl7 # brstRCq+PEzMrIoEk8ZXhqBzNiuBl/obm36Ih9hSeYn+bnc317tQn/oYJU8T8l58 # qbEgWimro0KHd+D0TAJI3VilU6ajoO0ZlmUVKcXtMzAl5paDgZr2YGaQWAeAzUJ1 # rPu0kdDF3QFAaraoEO72jXq3nnWv06VLGKEMn1ewXiVHkXTNdRLRnG/kXg2b7HUm # 7v7T9ZIvUoXo2kRRKqLMAMqHZkOjGwDvorWWnWKtJwvyG0rJw5RCN4gghKiHrsO6 # I3J7+FTv+GsnsIX1p0OF2Cs5dNtadwLRpPr1zZw9zB+uUdB7bNgdLRFCU3F0wuU1 # qi1SEtklz/DT0JFDEtcyfZhs43dByP8fJFTvbq3GPlV78VyHOmTxYEsFT++5L+wJ # EwIDAQABo4IBgjCCAX4wHwYDVR0jBBgwFoAUGqH4YRkgD8NBd0UojtE1XwYSBFUw # HQYDVR0OBBYEFAMPMciRKpO9Y/PRXU2kNA/SlQEYMA4GA1UdDwEB/wQEAwIGwDAM # BgNVHRMBAf8EAjAAMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMEoGA1UdIARDMEEw # NQYMKwYBBAGyMQECAQMIMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5j # b20vQ1BTMAgGBmeBDAEEAjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLnNl # Y3RpZ28uY29tL1NlY3RpZ29SU0FUaW1lU3RhbXBpbmdDQS5jcmwwdAYIKwYBBQUH # AQEEaDBmMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3Rp # Z29SU0FUaW1lU3RhbXBpbmdDQS5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3Nw # LnNlY3RpZ28uY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBMm2VY+uB5z+8VwzJt3jOR # 63dY4uu9y0o8dd5+lG3DIscEld9laWETDPYMnvWJIF7Bh8cDJMrHpfAm3/j4MWUN # 4OttUVemjIRSCEYcKsLe8tqKRfO+9/YuxH7t+O1ov3pWSOlh5Zo5d7y+upFkiHX/ # XYUWNCfSKcv/7S3a/76TDOxtog3Mw/FuvSGRGiMAUq2X1GJ4KoR5qNc9rCGPcMMk # eTqX8Q2jo1tT2KsAulj7NYBPXyhxbBlewoNykK7gxtjymfvqtJJlfAd8NUQdrVgY # a2L73mzECqls0yFGcNwvjXVMI8JB0HqWO8NL3c2SJnR2XDegmiSeTl9O048P5RNP # WURlS0Nkz0j4Z2e5Tb/MDbE6MNChPUitemXk7N/gAfCzKko5rMGk+al9NdAyQKCx # GSoYIbLIfQVxGksnNqrgmByDdefHfkuEQ81D+5CXdioSrEDBcFuZCkD6gG2UYXvI # brnIZ2ckXFCNASDeB/cB1PguEc2dg+X4yiUcRD0n5bCGRyoLG4R2fXtoT4239xO0 # 7aAt7nMP2RC6nZksfNd1H48QxJTmfiTllUqIjCfWhWYd+a5kdpHoSP7IVQrtKcMf # 3jimwBT7Mj34qYNiNsjDvgCHHKv6SkIciQPc9Vx8cNldeE7un14g5glqfCsIo0j1 # FfwET9/NIRx65fWOGtS5QDGCBlgwggZUAgEBMGgwVDELMAkGA1UEBhMCR0IxGDAW # BgNVBAoTD1NlY3RpZ28gTGltaXRlZDErMCkGA1UEAxMiU2VjdGlnbyBQdWJsaWMg # Q29kZSBTaWduaW5nIENBIFIzNgIQFPNtM6KdazAAt8Rk1XcUjTAJBgUrDgMCGgUA # oHgwGAYKKwYBBAGCNwIBDDEKMAigAoAAoQKAADAZBgkqhkiG9w0BCQMxDAYKKwYB # BAGCNwIBBDAcBgorBgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAjBgkqhkiG9w0B # CQQxFgQUWG4NI2bC7PvZ+wtFADuireML4gUwDQYJKoZIhvcNAQEBBQAEggIAX0s1 # CbsgxRkL+sBHVWhvroHkkiX3CeFJij365jOj31ORltsLGpdDkMAj0noZRc1d0PHi # LWU2YgUw8vcUt+JjB/uyT6Bs02Bl9MAn8TWDJcjKYbt9agmsXE9pq1PJnkpXsBhN # 0wr8vuhar2XePouynbSLcb7astbMvqVYDWpHwAohb+hM/fmCqFgU6Pj/EWEh5Zab # Asoeh1SMrPlNhOCiCCJOZFD/FlSX1M8EP3nZNkHG8MVsMe9GcJaj2oUgO8xVN9Jd # 1aN3Cez63hDpj07shSM7VNqO0CGhe5bHjHlxDNL0VJWLL8AC6LbyySyTmhqsvFdv # ECLGDPYCVSezY4T+VTT7FgkRhi0ZKhzoawkbWARux2OKojUTP+BB9c3AwhlM/hCj # BznEzQT85joQEHR5DTd20wU9x58HPR2/qPJCylas9Z7uni73C4Mz9tOS/D0gM4fv # IWHDM1oEJ7NagtY7vBoXUJyFm0J8v5DEyVvzXlkmuOAl0svYmreOvpYz8SbHvb7S # jWsp+RwHXY1L62ZdI6slaMJoTMC/minmpVr1gtaSIfpSRMKfnK1Y+SnhctGqpOEO # /JlxL4DX9X9PdTTp/fcVBTWdommSsDFJ53LHBGm9nIamCpHvOpDWyVolpcJfcBNY # L/N+be6xcEXOT3GLK++mmK4nLhHbfEW0Zzff7KChggNLMIIDRwYJKoZIhvcNAQkG # MYIDODCCAzQCAQEwgZEwfTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIg # TWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBM # aW1pdGVkMSUwIwYDVQQDExxTZWN0aWdvIFJTQSBUaW1lIFN0YW1waW5nIENBAhA5 # TCXhfKBtJ6hl4jvZHSLUMA0GCWCGSAFlAwQCAgUAoHkwGAYJKoZIhvcNAQkDMQsG # CSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjMxMDA1MTU1MTQ0WjA/BgkqhkiG # 9w0BCQQxMgQwy6PdGQXTU8y1Pm7FD/ROyLdmgb2XOgsHBsCj8rIGufrJFcKyhaVK # 9Xknrskhf7utMA0GCSqGSIb3DQEBAQUABIICAGM5xr4d//q7NqvhG79MwpbAadJM # qFSYPkCX4ufjSqBb8Ipc2cbTlRvOrCDSkjU1fODXUtWq+WvK2M4aBXCt7IBpp4uZ # /vDss5MJVJba454XwOXXkNYi6hc/ts+lTLiAdZe50Brzr0MDL1dwg182WkdWE/wq # pR7R5O5VLCibBLbIcNsqzCkLC/6xZgAhnjKKKFvFCK12ExdgA8jbj/RmhkfLoqQ5 # ABnkuaJaX7Gua+4cS3dt845Na1Z9CuYZT8z4RnfrylfiGc3G/oJdgPzwP6QkZFUe # ZR6j2NZR5Vh3P4DUQTYLdrcRY8A11FaoiNkG6mjkX9LhwPkGh6eA0x4l8wydNlBq # 4p7kWrUlDZN3vMkrY4XIx46pMytJy/G/5XYGAD4UGXvM5nDlScZGLdS04TWbz9GR # MAIcM4tORsqJ3suso+JQiSRK/y/MhcDxxhT88316SmvIm8jgOzDwbbyJxEYezckV # lsMjmrfJJxdSmcXGX+3sFxiidgWI+QTBxeLN1D6pUzqcqqrNb3ltbur9i+EyzxiF # ijJqjZa05Gs2dJXI40q8by5CVsUV8ef3clbFD9kFNUBhikr4Nnb9J335u6stGA8R # GsjgL+qDvGc5Wm3NX9muOVxg9VF0FyFbWrsR9i0fr/4WVVwkocfwtqzHu0tuKyWh # IXdy+tsYmUOvyQCD # SIG # End signature block