Skip to main content

 

Cisco Meraki Documentation

Meraki Authentication Server Certificate Rotation - July 2022

Overview

Due to an approaching certificate expiration Meraki will be rotating the RADIUS server certificate for Meraki Authentication on 29 July 2022.  The following is the expected impact and remediation steps for potential issues.

Meraki Authentication with Sentry Wifi

Users of Meraki Authentication with Systems Manager Sentry Wifi with devices which were online between 1 May 2022 and the rotation date of 29 July 2022 will have no user-visible impact. 

Users with devices which were not online during that period simply need to associate to an SSID which will allow them to check in with dashboard for long enough to allow a check-in cycle to complete (~2 minutes) in order to receive the updated payload and resume normal operation

Meraki Authentication without Sentry Wifi

Users of Meraki Authentication without Sentry Wifi will need to 'trust' the new certificate with the below information upon associating to the Meraki Authentication SSID on or after 29 July 2022.  Some devices may require the SSID to be "forgotten" before they will prompt to accept the new certificate.  

 

Host: radius.meraki.com
Issued: DigiCert TLS RSA SHA256 2020 CA1
Expires: 8 February 2023

Trusted Access

Users of a Trusted Access configuration to an SSID will need to re-download their device's Trusted Access configuration from portal.meraki.com on or after the 29 July 2022 rotation date. 

Certificate Details

Below is a copy of the certificate which users will be required to accept, as well as the plaintext output from reading the certificate with openssl:

meraki$ openssl x509 -noout -text -in ./new.meraki-auth-radius.cert
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:1c:da:90:04:bf:09:11:2d:68:d3:fc:36:3c:13:bf
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1
        Validity
            Not Before: Feb  9 00:00:00 2022 GMT
            Not After : Feb  8 23:59:59 2023 GMT
        Subject: C = US, ST = California, L = San Francisco, O = Meraki LLC, CN = radius.meraki.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (4096 bit)
                Modulus:
                    00:c3:f1:7e:d6:79:02:49:8e:7e:31:4b:0b:f2:6e:
                    08:62:13:42:2f:87:05:e4:24:0e:cd:07:61:5e:eb:
                    d6:39:25:33:d1:9a:b6:e9:39:37:ba:d2:77:ae:7d:
                    c9:c9:e3:e6:27:5d:01:6f:12:92:0b:49:cf:be:33:
                    26:8b:ac:c7:bd:61:33:60:b6:92:03:89:58:c6:ad:
                    63:f1:14:77:81:8e:dc:b3:6a:7a:5b:26:d3:32:ac:
                    3d:a3:94:25:22:a4:93:f3:3e:c8:b8:c1:fa:d1:83:
                    88:aa:97:53:db:7c:c8:33:05:32:a1:2d:1e:75:cd:
                    14:2a:31:31:e1:5a:3d:1a:bd:7e:33:df:e7:09:17:
                    c0:5e:1b:a8:16:1d:ef:05:85:9b:48:cc:4e:c6:7b:
                    1d:70:4b:fc:5e:33:d3:9e:14:af:06:0d:5d:4c:de:
                    f4:7c:33:86:65:ce:92:59:1b:36:2d:bf:a3:f5:8e:
                    49:ed:36:45:fd:9c:66:a1:fe:a7:02:c1:41:4d:d8:
                    41:6b:26:78:21:f0:35:d4:91:79:77:d1:60:0f:e6:
                    a2:ea:01:95:11:09:b8:f9:fd:0d:e8:cf:57:2d:e5:
                    02:85:fe:04:3f:dd:1e:27:de:03:19:65:77:64:25:
                    ef:6b:44:49:d3:10:e2:22:61:ef:30:a7:d4:6f:ca:
                    7c:eb:df:b8:9b:91:ff:6c:20:48:52:50:ab:df:fe:
                    d8:8d:5e:dd:b9:e5:36:b8:05:be:cf:32:d2:bd:04:
                    ef:b4:dd:d9:59:a2:6b:cf:d5:2f:27:6c:42:3f:05:
                    b2:ad:97:29:a7:3d:9e:5a:9e:f3:0c:20:73:da:35:
                    22:c0:99:04:f8:17:66:93:ab:67:18:33:3c:8b:12:
                    60:77:e4:e9:98:62:41:ef:59:0e:e5:80:18:19:01:
                    19:30:8f:00:56:f0:ac:de:04:13:d7:64:67:4d:54:
                    a4:71:3e:68:32:fb:be:a0:d1:ea:78:2a:f5:52:68:
                    48:b6:ce:63:70:40:6d:f0:75:5c:d1:ec:ad:4b:60:
                    10:07:3b:8a:89:ee:5b:b6:a5:47:de:ea:0c:46:d3:
                    0e:7e:bf:6c:85:15:6f:f2:08:28:b5:b1:fd:b2:00:
                    9b:3f:1f:21:77:20:f4:ec:bf:9a:ec:7a:60:9d:fd:
                    e6:d7:eb:8b:2a:12:6b:09:27:10:4d:1d:f1:8b:5f:
                    e7:a1:5d:0c:b3:b8:13:4c:2c:68:4b:05:07:a9:be:
                    c9:0c:fd:7a:f6:95:74:ff:a7:d6:ba:70:e4:88:1e:
                    47:d7:3b:ff:9b:d3:0c:40:f0:9e:4a:95:7d:2f:9a:
                    8f:45:0e:ce:72:97:6c:fd:70:a6:c5:0a:64:18:14:
                    51:47:5d
                      Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier:
                keyid:B7:6B:A2:EA:A8:AA:84:8C:79:EA:B4:DA:0F:98:B2:C5:95:76:B9:F4

            X509v3 Subject Key Identifier:
                1A:40:6A:A1:08:6A:83:BF:96:F6:4F:AE:6D:9E:8D:AB:A4:EE:68:83
            X509v3 Subject Alternative Name:
                DNS:radius.meraki.com
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

                Full Name:
                  URI:http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

            X509v3 Certificate Policies:
                Policy: 2.23.140.1.2.2
                  CPS: http://www.digicert.com/CPS

            Authority Information Access:
                OCSP - URI:http://ocsp.digicert.com
                CA Issuers - URI:http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

            X509v3 Basic Constraints:
                CA:FALSE
            CT Precertificate SCTs:
                Signed Certificate Timestamp:
                    Version   : v1(0)
                    Log ID    : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A:
                                B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A
                    Timestamp : Feb  9 22:21:09.739 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:25:D5:58:88:33:91:63:17:96:27:29:97:
                                1F:EF:E2:C7:06:2A:25:49:2F:BB:4D:A2:FE:C6:4F:D4:
                                B3:7B:F7:DE:02:20:76:16:7D:13:C7:84:44:BE:5D:11:
                                CB:F6:1E:20:E6:5D:BB:C6:9C:E7:31:41:35:CF:E2:FB:
                                CA:0B:20:A0:DB:25
                Signed Certificate Timestamp:
                    Version   : v1(0)
                    Log ID    : 35:CF:19:1B:BF:B1:6C:57:BF:0F:AD:4C:6D:42:CB:BB:
                                B6:27:20:26:51:EA:3F:E1:2A:EF:A8:03:C3:3B:D6:4C
                    Timestamp : Feb  9 22:21:09.729 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:10:99:24:71:3E:9A:DA:8B:8A:90:00:F1:
                                F6:5E:FD:3E:97:93:21:8C:5C:9A:9D:B8:7E:BD:4B:B1:
                                F4:B1:EE:A0:02:21:00:AE:23:5A:00:0B:F1:C3:92:73:
                                B6:70:B1:02:D8:73:A3:40:76:42:30:E5:8D:58:37:6F:
                                24:FF:28:EB:15:CF:52
                Signed Certificate Timestamp:
                    Version   : v1(0)
                    Log ID    : B3:73:77:07:E1:84:50:F8:63:86:D6:05:A9:DC:11:09:
                                4A:79:2D:B1:67:0C:0B:87:DC:F0:03:0E:79:36:A5:9A
                    Timestamp : Feb  9 22:21:09.773 2022 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:B6:9A:78:64:7B:86:40:7D:45:7E:60:
                                07:EF:35:D8:EE:AA:62:D6:30:B3:A1:FD:CD:68:0F:00:
                                BD:D3:C0:02:D1:02:21:00:81:DE:FE:6F:A7:D0:84:C2:
                                C0:71:C4:14:C4:D3:8F:6F:2E:AA:5A:4F:07:4F:35:D2:
                                C2:29:3B:44:B9:6F:E7:D0
    Signature Algorithm: sha256WithRSAEncryption
         ba:53:1f:d4:66:77:76:ce:c0:2f:27:50:79:87:8c:b5:45:aa:
         5a:6b:eb:03:95:77:8f:4e:85:01:f5:f5:f1:61:96:93:a2:98:
         b6:52:40:09:14:cc:4a:3e:1c:5a:3c:57:a9:70:89:4b:43:28:
         b3:bc:14:08:ff:5c:0c:9a:ed:de:92:42:0a:bc:9f:42:d7:44:
         c0:f2:4f:70:c5:c4:a2:d5:da:f4:68:bf:6e:57:27:b4:4b:dc:
         34:15:54:45:ce:89:f1:d2:28:89:52:73:42:73:d5:c9:36:3c:
         1f:46:c4:9d:b1:5c:b5:a9:b9:e4:ed:39:f6:b7:88:d8:7e:68:
         f9:7c:a5:83:e0:a2:f5:0b:c5:06:76:f0:5b:54:29:0b:8f:3d:
         dd:e1:d5:b8:50:56:79:b7:89:18:a7:23:09:04:f0:1e:f4:4f:
         bc:d7:37:b5:9a:28:76:f7:85:34:6c:22:fc:aa:8b:1a:55:76:
         c0:39:dc:bf:05:e0:3c:e3:db:5a:3a:41:49:0d:4f:cd:61:f6:
         3c:82:43:55:7f:98:53:42:79:26:0b:74:91:65:be:d1:94:16:
         e0:0e:8d:a8:80:ae:b1:8f:1c:78:d9:d8:b7:1b:af:f5:94:83:
         9a:3a:cf:1d:e0:f2:85:26:7e:3a:e9:60:af:e6:e9:2b:06:80:
         56:ae:38:2c
#Meraki Authentication Radius Certificate
#Updated 29 July 2022
-----BEGIN CERTIFICATE-----
MIIHtzCCBp+gAwIBAgIQDhzakAS/CREtaNP8NjwTvzANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjAyMDkwMDAwMDBa
Fw0yMzAyMDgyMzU5NTlaMGsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y
bmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMwEQYDVQQKEwpNZXJha2kgTExD
MRowGAYDVQQDExFyYWRpdXMubWVyYWtpLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQAD
ggIPADCCAgoCggIBAMPxftZ5AkmOfjFLC/JuCGITQi+HBeQkDs0HYV7r1jklM9Ga
tuk5N7rSd659ycnj5iddAW8SkgtJz74zJousx71hM2C2kgOJWMatY/EUd4GO3LNq
elsm0zKsPaOUJSKkk/M+yLjB+tGDiKqXU9t8yDMFMqEtHnXNFCoxMeFaPRq9fjPf
5wkXwF4bqBYd7wWFm0jMTsZ7HXBL/F4z054UrwYNXUze9HwzhmXOklkbNi2/o/WO
Se02Rf2cZqH+pwLBQU3YQWsmeCHwNdSReXfRYA/mouoBlREJuPn9DejPVy3lAoX+
BD/dHifeAxlld2Ql72tESdMQ4iJh7zCn1G/KfOvfuJuR/2wgSFJQq9/+2I1e3bnl
NrgFvs8y0r0E77Td2Vmia8/VLydsQj8Fsq2XKac9nlqe8wwgc9o1IsCZBPgXZpOr
ZxgzPIsSYHfk6ZhiQe9ZDuWAGBkBGTCPAFbwrN4EE9dkZ01UpHE+aDL7vqDR6ngq
9VJoSLbOY3BAbfB1XNHsrUtgEAc7ionuW7alR97qDEbTDn6/bIUVb/IIKLWx/bIA
mz8fIXcg9Oy/mux6YJ395tfriyoSawknEE0d8Ytf56FdDLO4E0wsaEsFB6m+yQz9
evaVdP+n1rpw5IgeR9c7/5vTDEDwnkqVfS+aj0UOznKXbP1wpsUKZBgUUUddAgMB
AAGjggNxMIIDbTAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNV
HQ4EFgQUGkBqoQhqg7+W9k+ubZ6Nq6TuaIMwHAYDVR0RBBUwE4IRcmFkaXVzLm1l
cmFraS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjCBjwYDVR0fBIGHMIGEMECgPqA8hjpodHRwOi8vY3JsMy5kaWdpY2Vy
dC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTQuY3JsMECgPqA8hjpo
dHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIw
Q0ExLTQuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0
dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB/BggrBgEFBQcBAQRzMHEwJAYIKwYB
BQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0
cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAy
MENBMS0xLmNydDAJBgNVHRMEAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgA
dQCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAX7gk37rAAAEAwBG
MEQCICXVWIgzkWMXlicplx/v4scGKiVJL7tNov7GT9Sze/feAiB2Fn0Tx4REvl0R
y/YeIOZdu8ac5zFBNc/i+8oLIKDbJQB2ADXPGRu/sWxXvw+tTG1Cy7u2JyAmUeo/
4SrvqAPDO9ZMAAABfuCTfuEAAAQDAEcwRQIgEJkkcT6a2ouKkADx9l79PpeTIYxc
mp24fr1LsfSx7qACIQCuI1oAC/HDknO2cLEC2HOjQHZCMOWNWDdvJP8o6xXPUgB3
ALNzdwfhhFD4Y4bWBancEQlKeS2xZwwLh9zwAw55NqWaAAABfuCTfw0AAAQDAEgw
RgIhALaaeGR7hkB9RX5gB+812O6qYtYws6H9zWgPAL3TwALRAiEAgd7+b6fQhMLA
ccQUxNOPby6qWk8HTzXSwik7RLlv59AwDQYJKoZIhvcNAQELBQADggEBALpTH9Rm
d3bOwC8nUHmHjLVFqlpr6wOVd49OhQH19fFhlpOimLZSQAkUzEo+HFo8V6lwiUtD
KLO8FAj/XAya7d6SQgq8n0LXRMDyT3DFxKLV2vRov25XJ7RL3DQVVEXOifHSKIlS
c0Jz1ck2PB9GxJ2xXLWpueTtOfa3iNh+aPl8pYPgovULxQZ28FtUKQuPPd3h1bhQ
Vnm3iRinIwkE8B70T7zXN7WaKHb3hTRsIvyqixpVdsA53L8F4Dzj21o6QUkNT81h
9jyCQ1V/mFNCeSYLdJFlvtGUFuAOjaiArrGPHHjZ2Lcbr/WUg5o6zx3g8oUmfjrp
YK/m6SsGgFauOCw=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEvjCCA6agAwIBAgIQBtjZBNVYQ0b2ii+nVCJ+xDANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0yMTA0MTQwMDAwMDBaFw0zMTA0MTMyMzU5NTlaME8xCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKTAnBgNVBAMTIERpZ2lDZXJ0IFRMUyBS
U0EgU0hBMjU2IDIwMjAgQ0ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwUuzZUdwvN1PWNvsnO3DZuUfMRNUrUpmRh8sCuxkB+Uu3Ny5CiDt3+PE0J6a
qXodgojlEVbbHp9YwlHnLDQNLtKS4VbL8Xlfs7uHyiUDe5pSQWYQYE9XE0nw6Ddn
g9/n00tnTCJRpt8OmRDtV1F0JuJ9x8piLhMbfyOIJVNvwTRYAIuE//i+p1hJInuW
raKImxW8oHzf6VGo1bDtN+I2tIJLYrVJmuzHZ9bjPvXj1hJeRPG/cUJ9WIQDgLGB
Afr5yjK7tI4nhyfFK3TUqNaX3sNk+crOU6JWvHgXjkkDKa77SU+kFbnO8lwZV21r
eacroicgE7XQPUDTITAHk+qZ9QIDAQABo4IBgjCCAX4wEgYDVR0TAQH/BAgwBgEB
/wIBADAdBgNVHQ4EFgQUt2ui6qiqhIx56rTaD5iyxZV2ufQwHwYDVR0jBBgwFoAU
A95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGG
GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2Nh
Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNydDBCBgNV
HR8EOzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRH
bG9iYWxSb290Q0EuY3JsMD0GA1UdIAQ2MDQwCwYJYIZIAYb9bAIBMAcGBWeBDAEB
MAgGBmeBDAECATAIBgZngQwBAgIwCAYGZ4EMAQIDMA0GCSqGSIb3DQEBCwUAA4IB
AQCAMs5eC91uWg0Kr+HWhMvAjvqFcO3aXbMM9yt1QP6FCvrzMXi3cEsaiVi6gL3z
ax3pfs8LulicWdSQ0/1s/dCYbbdxglvPbQtaCdB73sRD2Cqk3p5BJl+7j5nL3a7h
qG+fh/50tx8bIKuxT8b1Z11dmzzp/2n3YWzW2fP9NsarA4h20ksudYbj/NhVfSbC
EXffPgK2fPOre3qGNm+499iTcc+G33Mw+nur7SpZyEKEOxEXGlLzyQ4UfaJbcme6
ce1XR2bFuAJKZTRei9AqPCCcUZlM51Ke92sRKw2Sfh3oius2FkOH6ipjv3U/697E
A7sKPPcw7+uvTPyLNhBzPvOk
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
-----END CERTIFICATE-----