Ajout : roundcube.
authorJulien Moutinho <julm+heureux-cyclage@autogeree.net>
Sat, 25 May 2013 15:19:32 +0000 (17:19 +0200)
committerJulien Moutinho <julm+heureux-cyclage@autogeree.net>
Fri, 26 Jul 2013 15:05:49 +0000 (17:05 +0200)
100 files changed:
README
etc/dovecot/autoconfig.xml [new file with mode: 0644]
etc/dovecot/dovecot.conf.m4 [new file with mode: 0644]
etc/dovecot/local.conf.m4 [deleted file]
etc/dovecot/sieve/global.d/extension.sieve [new file with mode: 0644]
etc/dovecot/sieve/global.d/list.sieve [new file with mode: 0644]
etc/dovecot/sieve/user.sieve [new file with mode: 0644]
etc/dovecot/transport [new file with mode: 0644]
etc/nginx/site.d/agendav/local.sh
etc/nginx/site.d/autoconfig/local.conf [new file with mode: 0644]
etc/nginx/site.d/autoconfig/site.conf [new file with mode: 0644]
etc/nginx/site.d/roundcube/http.conf [new file with mode: 0644]
etc/nginx/site.d/roundcube/local.conf [new file with mode: 0644]
etc/nginx/site.d/roundcube/local.sh [new file with mode: 0644]
etc/nginx/site.d/roundcube/remote.sh [new file with mode: 0644]
etc/nginx/site.d/roundcube/site.conf [new file with mode: 0644]
etc/nginx/site.d/roundcube/x509_host [new file with mode: 0644]
etc/nginx/site.d/sympa/http.conf [new file with mode: 0644]
etc/nsd3/zone.d/cyclocoop.org.zone.m4
etc/nsd3/zone.d/heureux-cyclage.org.zone.m4
etc/openssl/imap.cyclocoop.org/ca [new symlink]
etc/openssl/imap.cyclocoop.org/host.cfg [new file with mode: 0644]
etc/openssl/imap.cyclocoop.org/user.cfg [new file with mode: 0644]
etc/openssl/imap.heureux-cyclage.org/user.cfg
etc/openssl/roundcube.heureux-cyclage.org/ca [new symlink]
etc/openssl/roundcube.heureux-cyclage.org/host.cfg [new file with mode: 0644]
etc/openssl/roundcube.heureux-cyclage.org/user.cfg [new file with mode: 0644]
etc/openssl/smtp.heureux-cyclage.org/user.cfg
etc/openssl/smtpd.heureux-cyclage.org/host.cfg
etc/openssl/smtpd.heureux-cyclage.org/user.cfg
etc/php5/fpm/php.ini
etc/php5/fpm/pool.d/roundcube/php-fpm.conf [new file with mode: 0644]
etc/postfix/aliases.m4
etc/postfix/main.cf
etc/postfix/master.cf
etc/postgresql/9.1/main/pg_ident.conf
etc/roundcube/debian-db.php [new file with mode: 0644]
etc/roundcube/main.inc.php [new file with mode: 0644]
etc/shorewall/rules
etc/sv/dovecot/local.sh
etc/sv/dovecot/remote.sh
etc/sv/dovecot/transport [new file with mode: 0644]
etc/sv/sympa/local.sh
etc/sympa/virtual_alias
lib/tool/openssl
local/addgroup [new file with mode: 0755]
local/dovecot-user-add [new file with mode: 0755]
local/dovecot-user-del [new file with mode: 0755]
local/network-configure
local/postgresql-database-create
local/postgresql-role-create
local/postgresql-schema-create [new file with mode: 0755]
local/postgresql-user-create
local/roundcube-chpasswd [new file with mode: 0755]
var/pub/x509/imap.cyclocoop.org/ca [new symlink]
var/pub/x509/imap.cyclocoop.org/crl.num [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/crl.num.old [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/crl.pem [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/crl.self-signed.num [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/crl.self-signed.num.old [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/crl.self-signed.pem [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/crt+ca.pem [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/crt+crl.pem [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/crt+crl.self-signed.pem [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/crt.pem [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/crt.pem.asc [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/crt.self-signed.pem [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/crt.self-signed.pem.asc [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/idx.self-signed.txt [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/idx.txt [new file with mode: 0644]
var/pub/x509/imap.cyclocoop.org/req.pem [new file with mode: 0644]
var/pub/x509/imap.heureux-cyclage.org/.gitignore [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/ca [new symlink]
var/pub/x509/roundcube.heureux-cyclage.org/crl.num [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/crl.num.old [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/crl.pem [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/crl.self-signed.num [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/crl.self-signed.num.old [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/crl.self-signed.pem [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/crt+ca.pem [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/crt+crl.pem [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/crt+crl.self-signed.pem [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/crt.pem [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/crt.pem.asc [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/crt.self-signed.pem [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/crt.self-signed.pem.asc [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/idx.self-signed.txt [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/idx.txt [new file with mode: 0644]
var/pub/x509/roundcube.heureux-cyclage.org/req.pem [new file with mode: 0644]
var/pub/x509/smtp.cyclocoop.org [new symlink]
var/pub/x509/smtpd.cyclocoop.org [new symlink]
var/pub/x509/smtpd.heureux-cyclage.org/crl.pem
var/pub/x509/smtpd.heureux-cyclage.org/crl.self-signed.pem
var/pub/x509/smtpd.heureux-cyclage.org/crt+ca.pem
var/pub/x509/smtpd.heureux-cyclage.org/crt+crl.pem
var/pub/x509/smtpd.heureux-cyclage.org/crt+crl.self-signed.pem
var/pub/x509/smtpd.heureux-cyclage.org/crt.pem
var/pub/x509/smtpd.heureux-cyclage.org/crt.pem.asc
var/pub/x509/smtpd.heureux-cyclage.org/crt.self-signed.pem
var/pub/x509/smtpd.heureux-cyclage.org/crt.self-signed.pem.asc

diff --git a/README b/README
index ca4ce74..703c40f 100644 (file)
--- a/README
+++ b/README
@@ -54,6 +54,9 @@ TASK: générer une autorité de certification et des sous-certificats TLS
        % random=/dev/urandom gpg_options="-r $USER@ -r $SOME_OTHER_USER@" lib/tool/openssl/make etc/openssl/heureux-cyclage.org
        % random=/dev/urandom gpg_options="-r $USER@ -r $SOME_OTHER_USER@" lib/tool/openssl/make etc/openssl/*.heureux-cyclage.org
        % lib/tool/openssl/check etc/openssl/*
+TASK: générer un certificat utilisateurice TLS
+       % random=/dev/urandom gpg_options="-r $USER@autogeree.net" lib/tool/openssl/user/req/make etc/openssl/imap.heureux-cyclage.org $USER@heureux-cyclage.org
+       % random=/dev/urandom gpg_options="-r $USER@autogeree.net" lib/tool/openssl/user/make     etc/openssl/imap.heureux-cyclage.org $USER@heureux-cyclage.org
 TASK: gérer gitolite
        % cd etc/gitolite
        % vim conf/gitolite.conf
diff --git a/etc/dovecot/autoconfig.xml b/etc/dovecot/autoconfig.xml
new file mode 100644 (file)
index 0000000..e0e9f48
--- /dev/null
@@ -0,0 +1,39 @@
+<?xml version="1.0"?>
+<clientConfig version="1.1">
+       <emailProvider id="%EMAILDOMAIN%">
+               <!-- <displayName>L’Heureux Cyclage</displayName> -->
+               <!-- <displayShortName>LHC</displayShortName> -->
+               <domain>%EMAILDOMAIN%</domain>
+               <incomingServer type="imap">
+                       <hostname>imap.%EMAILDOMAIN%</hostname>
+                       <port>993</port>
+                       <socketType>SSL</socketType>
+                       <username>%EMAILADDRESS%</username>
+                       <authentication>password-cleartext</authentication>
+                </incomingServer>
+               <!--
+               <incomingServer type="pop3">
+                       <hostname>pop3.%EMAILDOMAIN%</hostname>
+                       <port>995</port>
+                       <socketType>SSL</socketType>
+                       <username>%EMAILADDRESS%</username>
+                       <authentication>password-cleartext</authentication>
+                       <pop3>
+                               <leaveMessagesOnServer>false</leaveMessagesOnServer>
+                               <downloadOnBiff>true</downloadOnBiff>
+                        </pop3>
+                </incomingServer>
+                -->
+               <outgoingServer type="smtp">
+                       <hostname>smtp.%EMAILDOMAIN%</hostname>
+                       <port>465</port>
+                       <socketType>SSL</socketType> <!-- see above -->
+                       <username>%EMAILADDRESS%</username> <!-- if smtp-auth -->
+                       <authentication>password-cleartext</authentication>
+                       <!-- <restriction>client-IP-address</restriction> -->
+                       <addThisServer>true</addThisServer>
+                       <useGlobalPreferredServer>false</useGlobalPreferredServer>
+                </outgoingServer>
+        </emailProvider>
+       <!-- <clientConfigUpdate url="https://www.example.com/config/mozilla.xml" /> -->
+ </clientConfig>
diff --git a/etc/dovecot/dovecot.conf.m4 b/etc/dovecot/dovecot.conf.m4
new file mode 100644 (file)
index 0000000..0ecacf5
--- /dev/null
@@ -0,0 +1,168 @@
+auth_mechanisms = plain
+auth_ssl_require_client_cert = no
+       # NOTE: ne marche pas avec l'auth SASL depuis postfix qui ne fournit pas de certificat utilisateurice
+auth_ssl_username_from_cert = yes
+auth_verbose = yes
+auth_debug = yes
+disable_plaintext_auth = yes
+first_valid_uid = 1000
+lda_mailbox_autocreate = no
+lda_mailbox_autosubscribe = yes
+listen = *
+log_timestamp = "%Y-%m-%d %H:%M:%S "
+local_name imap.LOCAL_DOMAINNAME {
+       ssl_ca   = </etc/dovecot/LOCAL_DOMAINNAME/imap/x509/crt+crl.self-signed.pem
+       ssl_cert = </etc/dovecot/LOCAL_DOMAINNAME/imap/x509/crt+crl.self-signed.pem
+       ssl_key  = </etc/dovecot/LOCAL_DOMAINNAME/imap/x509/key.pem
+ }
+local_name imap.cyclocoop.org {
+       ssl_ca   = </etc/dovecot/cyclocoop.org/imap/x509/crt+crl.self-signed.pem
+       ssl_cert = </etc/dovecot/cyclocoop.org/imap/x509/crt+crl.self-signed.pem
+       ssl_key  = </etc/dovecot/cyclocoop.org/imap/x509/key.pem
+ }
+mail_debug = yes
+mail_home = /home/mail/data/%d/%n
+mail_location = maildir:/home/mail/data/%d/%n/Maildir:INDEX=/var/lib/dovecot-index/%d/%n:CONTROL=/var/lib/dovecot-control/%d/%n
+       # NOTE: INDEX et CONTROL sont sur une partition sans quota comme le demande la doc
+       # VOIR: http://wiki2.dovecot.org/Quota/FS
+namespace inbox {
+       inbox = yes
+       location = 
+       mailbox Drafts {
+               special_use = \Drafts
+        }
+       mailbox Junk {
+               special_use = \Junk
+        }
+       mailbox Sent {
+               special_use = \Sent
+        }
+       mailbox "Sent Messages" {
+               special_use = \Sent
+        }
+       mailbox Trash {
+               special_use = \Trash
+        }
+       prefix = 
+       separator = .
+ }
+namespace {
+       #list = children
+       list = yes
+       location = maildir:/home/mail/data/%%d/%%n/Maildir:INDEX=/var/lib/dovecot-index/%d/%n/Shared/%%n:CONTROL=/var/lib/dovecot-control/%d/%n/Shared/%%n
+       prefix = Shared.%%n.
+       separator = .
+       subscriptions = yes
+       type = shared
+ }
+mail_plugins = $mail_plugins acl quota
+#mail_privileged_group = mail
+#mail_access_groups = mail
+passdb {
+       args = scheme=plain username_format=%n /etc/dovecot/%d/passwd
+       driver = passwd-file
+ }
+plugin {
+       acl = vfile:/etc/dovecot/acl/global.d
+       acl_shared_dict = file:/home/mail/acl/%d/shared.db
+       quota = fs:user
+       recipient_delimiter = +
+       sieve            = /home/mail/data/%d/%n/sieve
+       sieve_after      = /etc/dovecot/sieve/after.d/
+       sieve_before     = /etc/dovecot/sieve/before.d/
+       sieve_dir        = /home/mail/data/%d/%n/sieve.d/
+       sieve_global_dir = /etc/dovecot/sieve/global.d/
+       sieve_max_script_size = 1M
+       sieve_quota_max_scripts = 0
+       sieve_quota_max_storage = 10M
+       sieve_user_log   = /home/mail/log/%d/sieve.%n.log
+ }
+protocol imap {
+       mail_plugins = $mail_plugins imap_acl imap_quota
+ }
+service imap-login {
+       inet_listener imap {
+               address = 127.0.0.1
+               port    = 143
+               ssl     = no
+        }
+       inet_listener imaps {
+               port = 993
+               ssl  = yes
+        }
+ }
+protocol lda {
+       auth_socket_path = /var/run/dovecot/auth-userdb
+       hostname = LOCAL_DOMAINNAME
+       info_log_path =
+       log_path =
+       mail_plugins = $mail_plugins sieve
+       postmaster_address = postmaster+dovecot+lda@LOCAL_DOMAINNAME
+       syslog_facility = mail
+ }
+protocol lmtp {
+       postmaster_address = postmaster+dovecot+lmtp@LOCAL_DOMAINNAME
+       mail_plugins = $mail_plugins sieve
+       #info_log_path = /tmp/dovecot-lmtp.log
+ }
+protocol pop3 {
+ }
+protocol sieve {
+       mail_debug = yes
+       #mail_max_userip_connections = 10
+       #managesieve_implementation_string = Dovecot Pigeonhole
+       managesieve_max_compile_errors = 5
+       #managesieve_max_line_length = 65536
+       #managesieve_notify_capability = mailto
+       #managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
+ }
+protocols = imap lmtp pop3 sieve
+service lmtp {
+       #executable = lmtp -L
+       process_min_avail = 2
+       unix_listener /var/spool/postfix/private/dovecot-lmtp {
+               user  = postfix
+               group = postfix
+               mode  = 0600
+        }
+       #user = mail
+ }
+service auth {
+       user = root
+       unix_listener auth-userdb {
+               user  = dovecot
+               group = root
+               mode  = 0666
+        }
+       unix_listener /var/spool/postfix/private/auth {
+               user  = postfix
+               group = postfix
+               mode  = 0660
+        }
+ }
+service imap {
+       #vsz_limit = 
+               # NOTE: most of the memory goes to mmap()ing files.
+               # You may need to increase this limit if you have huge mailboxes.
+       process_limit = 1024
+ }
+service pop3 {
+       process_limit = 1024
+ }
+ssl = required
+ssl_ca   = </etc/dovecot/LOCAL_DOMAINNAME/imap/x509/crt+crl.self-signed.pem
+ssl_cert = </etc/dovecot/LOCAL_DOMAINNAME/imap/x509/crt+crl.self-signed.pem
+ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
+ssl_key = </etc/dovecot/LOCAL_DOMAINNAME/imap/x509/key.pem
+ssl_verify_client_cert = yes
+userdb {
+       driver = prefetch
+ }
+userdb {
+ # NOTE: this userdb is only used by lda.
+       args = username_format=%n /etc/dovecot/%d/passwd
+       driver = passwd-file
+ }
+verbose_ssl = no
+
+# vim: ft=sh
diff --git a/etc/dovecot/local.conf.m4 b/etc/dovecot/local.conf.m4
deleted file mode 100644 (file)
index 50f3394..0000000
+++ /dev/null
@@ -1,54 +0,0 @@
-auth_ssl_username_from_cert = yes
-listen = *
-log_timestamp = "%Y-%m-%d %H:%M:%S "
-mail_debug = yes
-mail_location = maildir:~/var/mail:INDEX=/var/lib/dovecot-index/%u:CONTROL=/var/lib/dovecot-control/%u
-# NOTE: INDEX et CONTROL sont sur une partition sans quota comme le demande la doc
-# VOIR: http://wiki2.dovecot.org/Quota/FS
-mail_plugins = $mail_plugins quota
-mail_privileged_group = mail
-passdb {
-       args = /home/%u/etc/dovecot/passwd
-       driver = passwd-file
- }
-plugin {
-       quota = fs:user
-       recipient_delimiter = +
-       sieve = ~/etc/mail/filter.sieve
-       sieve_dir = ~/etc/mail/sieve
-       sieve_global_dir = /var/lib/dovecot/sieve/global/
-       sieve_max_script_size = 1M
-       sieve_quota_max_scripts = 0
-       sieve_quota_max_storage = 10M
-       sieve_user_log = ~/var/log/mail/sieve.log
- }
-protocol imap {
-       mail_plugins = $mail_plugins imap_quota
- }
-protocol lda {
-       auth_socket_path = /var/run/dovecot/auth-master
-       hostname = LOCAL_DOMAINNAME
-       info_log_path =
-       log_path =
-       mail_plugins = $mail_plugins sieve
-       postmaster_address = contact+dovecot+lda@LOCAL_DOMAINNAME
-       syslog_facility = mail
- }
-protocols = imap sieve
-service auth {
-       user = root
-       unix_listener /var/spool/postfix/private/auth {
-               mode  = 0660
-               user  = postfix
-               group = postfix
-        }
- }
-ssl_ca = </etc/dovecot/LOCAL_DOMAINNAME/imap/x509/crt+crl.self-signed.pem
-ssl_cert = </etc/dovecot/LOCAL_DOMAINNAME/imap/x509/crt+crl.self-signed.pem
-ssl_cipher_list = AES256-SHA
-ssl_key = </etc/dovecot/LOCAL_DOMAINNAME/imap/x509/key.pem
-ssl_verify_client_cert = yes
-userdb {
-       driver = passwd
- }
-verbose_ssl = no
diff --git a/etc/dovecot/sieve/global.d/extension.sieve b/etc/dovecot/sieve/global.d/extension.sieve
new file mode 100644 (file)
index 0000000..b8579d9
--- /dev/null
@@ -0,0 +1,15 @@
+require
+ [ "envelope"
+ , "fileinto"
+ , "mailbox"
+ , "subaddress"
+ , "variables"
+ ];
+
+if envelope :matches :detail "TO" "*" {
+       set "extension" "${1}";
+ }
+if not string :is "${extension}" "" {
+       fileinto :create "Extensions.${extension}";
+       stop;
+ }
diff --git a/etc/dovecot/sieve/global.d/list.sieve b/etc/dovecot/sieve/global.d/list.sieve
new file mode 100644 (file)
index 0000000..d7ff6e7
--- /dev/null
@@ -0,0 +1,18 @@
+require
+ [ "date"
+ , "fileinto"
+ , "mailbox"
+ , "variables"
+ ];
+
+if currentdate :matches "year"  "*" { set "year"  "${1}"; }
+if currentdate :matches "month" "*" { set "month" "${1}"; }
+
+if exists "List-ID" {
+       if header :matches "List-ID" "*<*.*.*>*" {
+               set "list"   "${2}";
+               set "domain" "${3}";
+        }
+       fileinto :create "Lists.${domain}.${list}.${year}.${month}";
+       stop;
+ }
diff --git a/etc/dovecot/sieve/user.sieve b/etc/dovecot/sieve/user.sieve
new file mode 100644 (file)
index 0000000..87f46ae
--- /dev/null
@@ -0,0 +1,5 @@
+require ["include"];
+
+include :personal "roundcube";
+include :global "list";
+include :global "extension";
diff --git a/etc/dovecot/transport b/etc/dovecot/transport
new file mode 100644 (file)
index 0000000..073f0e9
--- /dev/null
@@ -0,0 +1,2 @@
+dovecot.heureux-cyclage.org lmtp:unix:private/dovecot-lmtp
+dovecot.cyclocoop.org       lmtp:unix:private/dovecot-lmtp
index 2afed4a..3ccb68c 100644 (file)
@@ -4,8 +4,8 @@ sudo adduser php5_"$site" postgres-data
 sudo adduser php5_"$site" log-php5-"$site"
 
 hint="run before: remote/runit-configure nginx -- $site"
-assert "sudo test -f /etc/agendav/config.php" hint
-sudo chgrp php5_$site /etc/agendav/config.php
+assert "sudo test -f /etc/$site/config.php" hint
+sudo chgrp php5_$site /etc/"$site"/config.php
 
 sudo sv start postgres
 while ! sudo -u postgres psql </dev/null
@@ -13,10 +13,6 @@ do sleep 1; done
 
 "$tool"/local/postgresql-user-create     "$site"
 "$tool"/local/postgresql-database-create "$site"
-sudo -u postgres psql -AqtX "$site" <<-EOF
-       \set ON_ERROR_STOP on
-       GRANT USAGE ON SCHEMA pg_catalog TO $site;
-       EOF
 
 eval home="~www-$site"
 if test ! shared = "$(sudo -u postgres psql -AqtX "$site" <<-EOF
@@ -29,15 +25,13 @@ if test ! shared = "$(sudo -u postgres psql -AqtX "$site" <<-EOF
        EOF
  )"
  then
-       sudo -u php5_"$site" psql -f - -U "$site" "$site" <<-EOF
-               \set ON_ERROR_STOP on
-               $(sudo cat "$home"/sql/pgsql.schema.sql)
-               EOF
+       sudo cat "$home"/sql/pgsql.schema.sql |
+       sudo -u php5_"$site" psql -f - -U "$site" --set ON_ERROR_STOP=1 "$site"
  fi
 
 sudo install -d -m 750 -o root -g php5_"$site" \
- /etc/agendav
-sudo find "$tool"/etc/agendav -type f \
+ /etc/"$site"
+sudo find "$tool"/etc/"$site" -type f \
  -not -name config.php \
  -exec install -m 640 -o root -g php5_"$site" \
- -t /etc/agendav/ {} +
+ -t /etc/"$site"/ {} +
diff --git a/etc/nginx/site.d/autoconfig/local.conf b/etc/nginx/site.d/autoconfig/local.conf
new file mode 100644 (file)
index 0000000..56b9f1c
--- /dev/null
@@ -0,0 +1 @@
+listen 80;
diff --git a/etc/nginx/site.d/autoconfig/site.conf b/etc/nginx/site.d/autoconfig/site.conf
new file mode 100644 (file)
index 0000000..1c8578f
--- /dev/null
@@ -0,0 +1,11 @@
+server_name
+ autoconfig.heureux-cyclage.org
+ autoconfig.cyclocoop.org;
+
+location ~ /\. {
+       access_log off;
+       deny all;
+       log_not_found off;
+ }
+
+# vim: ft=sh
diff --git a/etc/nginx/site.d/roundcube/http.conf b/etc/nginx/site.d/roundcube/http.conf
new file mode 100644 (file)
index 0000000..dd5d1ce
--- /dev/null
@@ -0,0 +1,8 @@
+server {
+       listen 80;
+       server_name
+        roundcube.heureux-cyclage.org
+        roundcube.cyclocoop.org;
+       
+       return 301 https://$host$request_uri;
+ }
diff --git a/etc/nginx/site.d/roundcube/local.conf b/etc/nginx/site.d/roundcube/local.conf
new file mode 100644 (file)
index 0000000..a9380df
--- /dev/null
@@ -0,0 +1,5 @@
+listen 443;
+include /etc/nginx/conf.d/ssl.conf;
+ssl_certificate     /etc/nginx/x509.d/roundcube/crt.pem;
+ssl_certificate_key /etc/nginx/x509.d/roundcube/key.pem;
+ssl_session_timeout 5m;
diff --git a/etc/nginx/site.d/roundcube/local.sh b/etc/nginx/site.d/roundcube/local.sh
new file mode 100644 (file)
index 0000000..6920cef
--- /dev/null
@@ -0,0 +1,165 @@
+hint="run before: remote/runit-configure nginx -- $site"
+assert "sudo test -f /etc/nginx/x509.d/\"$site\"/key.pem" hint
+hint="run before: remote/runit-configure nginx -- $site"
+assert "sudo test -f /etc/$site/main.inc.php" hint
+
+sudo install -m 664 -o www -g www \
+ "$tool"/var/pub/x509/"$site"."$local_domainname"/crt+ca.pem \
+ /etc/nginx/x509.d/"$site"/crt.pem
+
+sudo adduser php5_"$site" www-"$site"
+sudo adduser php5_"$site" postgres-data
+sudo adduser php5_"$site" log-php5-"$site"
+
+"$tool"/local/runit-sv-configure postgres
+"$tool"/local/runit-sv-start     postgres
+while ! sudo -u postgres psql </dev/null
+do sleep 1; done
+
+"$tool"/local/postgresql-user-create     "$site"
+"$tool"/local/postgresql-database-create "$site"
+"$tool"/local/postgresql-schema-create   "$site"
+sudo -u postgres psql -AqtX --set ON_ERROR_STOP=1 "$site" <<-EOF
+       GRANT USAGE ON SCHEMA pg_catalog TO $site;
+       EOF
+#sudo -u postgres psql "$site" -a -f - --set ON_ERROR_STOP=1 <<-EOF
+#      -- GRANT USAGE,CREATE ON SCHEMA public TO $site;
+#      EOF
+
+eval home="~www-$site"
+sudo debconf-set-selections <<-EOF || true
+       # Password confirmation:
+       roundcube-core  roundcube/password-confirm      password        
+       # Password of the database's administrative user:
+       roundcube-core  roundcube/mysql/admin-pass      password        
+       # MySQL application password for roundcube:
+       roundcube-core  roundcube/mysql/app-pass        password        
+       # Password confirmation:
+       roundcube-core  roundcube/app-password-confirm  password        
+       # PostgreSQL application password for roundcube:
+       roundcube-core  roundcube/pgsql/app-pass        password        
+       # Password of your database's administrative user:
+       roundcube-core  roundcube/pgsql/admin-pass      password        
+       # Next step for database upgrade:
+       # Choices: abort, retry, retry (skip questions)
+       roundcube-core  roundcube/upgrade-error select  abort
+       # Method for authenticating PostgreSQL user:
+       # Choices: ident, password
+       roundcube-core  roundcube/pgsql/authmethod-user select  ident
+       # Do you want to purge the database for roundcube?
+       roundcube-core  roundcube/purge boolean false
+       # Configure database for roundcube with dbconfig-common?
+       roundcube-core  roundcube/dbconfig-install      boolean true
+       # Default language:
+       # Choices: ar_SA, ast, az_AZ, bg_BG, bn_BD, br, bs_BA, ca_ES, cs_CZ, cy_GB, da_DK, de_CH, de_DE, el_GR, en_GB, en_US, eo, es_AR, es_ES, et_EE, eu_ES, fa, fa_AF, fi_FI, fr_FR, ga_IE, gl_ES, he_IL, hi_IN, hr_HR, hu_HU, hy_AM, id_ID, is_IS, it_IT, ja_JP, ka_GE, kh_KH, ko_KR, ku, lt_LT, lv_LV, mk_MK, mr_IN, ms_MY, nb_NO, ne_NP, nl_BE, nl_NL, nn_NO, pl_PL, ps, pt_BR, pt_PT, ro_RO, ru_RU, si_LK, sk_SK, sl_SI, sq_AL, sr_CS, sv_SE, ta_IN, th_TH, tr_TR, uk_UA, vi_VN, zh_CN, zh_TW
+       roundcube-core  roundcube/language      select  fr_FR
+       # PostgreSQL database name for roundcube:
+       roundcube-core  roundcube/db/dbname     string  roundcube
+       # Host running the PostgreSQL server for roundcube:
+       roundcube-core  roundcube/remote/newhost        string  
+       # Change PostgreSQL configuration automatically?
+       roundcube-core  roundcube/pgsql/changeconf      boolean false
+       # Do you want to back up the database for roundcube before upgrading?
+       roundcube-core  roundcube/upgrade-backup        boolean true
+       # Next step for database installation:
+       # Choices: abort, retry, retry (skip questions), ignore
+       roundcube-core  roundcube/install-error select  retry
+       # Name of the database's administrative user:
+       roundcube-core  roundcube/mysql/admin-user      string  root
+       # IMAP server(s) used with RoundCube:
+       roundcube-core  roundcube/hosts string  imap.heureux-cyclage.org
+       # Method for authenticating the PostgreSQL administrator:
+       # Choices: ident, password
+       roundcube-core  roundcube/pgsql/authmethod-admin        select  ident
+       # Deconfigure database for roundcube with dbconfig-common?
+       roundcube-core  roundcube/dbconfig-remove       boolean 
+       # Name of the database's administrative user:
+       roundcube-core  roundcube/pgsql/admin-user      string  postgres
+       # for internal use.
+       roundcube-core  roundcube/internal/skip-preseed boolean false
+       # PostgreSQL username for roundcube:
+       roundcube-core  roundcube/db/app-user   string  php5_$site
+       # Reinstall database for roundcube?
+       roundcube-core  roundcube/dbconfig-reinstall    boolean false
+       # Connection method for MySQL database of roundcube:
+       # Choices: unix socket, tcp/ip
+       roundcube-core  roundcube/mysql/method  select  unix socket
+       # Next step for database removal:
+       # Choices: abort, retry
+       roundcube-core  roundcube/remove-error  select  abort
+       # Should the webserver(s) be restarted now?
+       roundcube-core  roundcube/restart-webserver     boolean false
+       # Perform upgrade on database for roundcube with dbconfig-common?
+       roundcube-core  roundcube/dbconfig-upgrade      boolean true
+       # Port number for the PostgreSQL service:
+       roundcube-core  roundcube/remote/port   string  
+       # Connection method for PostgreSQL database of roundcube:
+       # Choices: unix socket, tcp/ip, tcp/ip + ssl
+       roundcube-core  roundcube/pgsql/method  select  unix socket
+       # Modifications needed in /etc/postgresql/pg_hba.conf
+       roundcube-core  roundcube/pgsql/manualconf      note    
+       #  storage directory for roundcube:
+       roundcube-core  roundcube/db/basepath   string  
+       # Empty passwords unsupported with PostgreSQL
+       roundcube-core  roundcube/pgsql/no-empty-passwords      error   
+       # Password mismatch
+       roundcube-core  roundcube/passwords-do-not-match        error   
+       # for internal use.
+       roundcube-core  roundcube/internal/reconfiguring        boolean false
+       # Web server(s) to configure automatically:
+       # Choices: apache2, lighttpd
+       roundcube-core  roundcube/reconfigure-webserver multiselect     
+       # Database type to be used by roundcube:
+       # Choices: mysql, pgsql
+       roundcube-core  roundcube/database-type select  pgsql
+       # Host name of the PostgreSQL database server for roundcube:
+       # Choices: 
+       roundcube-core  roundcube/remote/host   select  
+       # Next step:
+       # Choices: abort, retry, ignore
+       roundcube-core  roundcube/missing-db-package-error      select  abort
+       EOF
+sudo install -d -m 755 -o root -g root \
+ /etc/dbconfig-common
+sudo install -m 600 -o root -g root /dev/stdin \
+ /etc/dbconfig-common/"$site".conf <<-EOF
+               dbc_authmethod_admin='ident'
+               dbc_authmethod_user='ident'
+               dbc_basepath=''
+               dbc_dbadmin='postgres'
+               dbc_dbname='$site'
+               dbc_dbpass=''
+               dbc_dbport=''
+               dbc_dbserver='/run/postgresql'
+               dbc_dbtype='pgsql'
+               dbc_dbuser='$site'
+               dbc_install='true'
+               dbc_remove=''
+               dbc_ssl=''
+               dbc_upgrade='true'
+       EOF
+
+! sudo etckeeper unclean ||
+sudo etckeeper commit -m "runit-configure nginx -- $site"
+
+"$tool"/local/apt-get-install \
+ aspell-de \
+ aspell-en \
+ aspell-es \
+ aspell-it \
+ aspell-fr \
+ aspell-pl \
+ roundcube \
+ roundcube-pgsql \
+ roundcube-plugins
+sudo chgrp php5_$site /var/log/roundcube/
+
+sudo install -d -m 750 -o root -g php5_"$site" \
+ /etc/"$site"
+sudo find "$tool"/etc/"$site" -type f \
+ -exec install -m 640 -o root -g php5_"$site" \
+ -t /etc/"$site"/ {} +
+
+sudo install -m 500 -o php5_"$site" -g root \
+  "$tool"/local/roundcube-chpasswd \
+ /usr/local/bin/roundcube-chpasswd
diff --git a/etc/nginx/site.d/roundcube/remote.sh b/etc/nginx/site.d/roundcube/remote.sh
new file mode 100644 (file)
index 0000000..8f4128a
--- /dev/null
@@ -0,0 +1,20 @@
+install -d -m 700 \
+ "$tool"/var/sec \
+ "$tool"/var/sec/"$site"
+if test ! -e "$tool"/var/sec/"$site"/des_key.gpg
+ then gpg --encrypt $gpg_options -o "$tool"/var/sec/"$site"/des_key.gpg <<-EOF
+               $(stdbuf --output 0 tr -d -c '[:alnum:][:punct:]' <"${random:-/dev/urandom}" | tr -d "'" | head -c 24)
+               EOF
+ fi
+
+cat - <<-EOF |
+       <?php
+       \$rcmail_config['des_key'] = '$(gpg --decrypt "$tool"/var/sec/"$site"/des_key.gpg)';
+       EOF
+"$tool"/remote/ssh root@"$local_fqdn" ' \
+       set -efux
+       sudo install -d -m 750 -o root -g php5_'"$site"' \
+        /etc/'"$site"'
+       sudo install -m 640 -o root -g php5_'"$site"' /dev/stdin \
+        /etc/'"$site"'/key.inc.php
+ '
diff --git a/etc/nginx/site.d/roundcube/site.conf b/etc/nginx/site.d/roundcube/site.conf
new file mode 100644 (file)
index 0000000..670b105
--- /dev/null
@@ -0,0 +1,83 @@
+server_name
+ roundcube.heureux-cyclage.org
+ roundcube.cyclocoop.org;
+
+client_body_buffer_size 8k;
+client_max_body_size 10m;
+
+location = / {
+       root /usr/share/roundcube;
+       index index.php;
+ }
+location ~ /\. {
+       access_log off;
+       deny all;
+       log_not_found off;
+ }
+location ~ ^/favicon.ico$ {
+       root /usr/share/roundcube/skins/default/images/;
+       access_log off;
+       expires max;
+       log_not_found off;
+ }
+location = /robots.txt {
+       access_log off;
+       allow all;
+       log_not_found off;
+ }
+location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
+       deny all;
+ }
+location ~ ^/(bin|SQL)/ {
+       deny all;
+ }
+location ~ ^/images/.+(png) {
+       root /home/www/pub/roundcube;
+       access_log off;
+       expires 30d;
+       log_not_found off;
+ }
+location ~* ^.+.(css|gif|html|ico|jpeg|js|jpg|png|txt|xml)$ {
+       root /usr/share/roundcube;
+       access_log off;
+       expires 30d;
+       log_not_found off;
+ }
+location ~* ^.+\.php(|/.*)$ {
+       root /usr/share/roundcube;
+       include /etc/nginx/conf.d/fastcgi.conf;
+       set $no_cache "0";
+       if ($request_method !~ ^(GET|HEAD)$) {
+        # NOTE: if non GET/HEAD, don't cache and mark user as uncacheable for 1 second via cookie.
+               set $no_cache "1";
+        }
+       if ($no_cache = "1") {
+        # NOTE: drop no cache cookie if need be (for some reason, add_header fails if included in prior if-block).
+               add_header Set-Cookie "_mcnc=1; Max-Age=2; Path=/";
+               add_header X-Microcachable "0";
+        }
+       if ($http_cookie ~* "_mcnc") {
+        # NOTE: bypass cache if no-cache cookie is set
+               set $no_cache "1";
+        }
+       fastcgi_cache_bypass $no_cache;
+       fastcgi_cache_use_stale updating;
+       fastcgi_cache_valid 200 10s;
+       fastcgi_cache_valid 404 10m;
+       fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
+       fastcgi_index index.php;
+       fastcgi_split_path_info ^(.+\.php)(/.+)$;
+       fastcgi_param PATH_INFO $fastcgi_path_info;
+       fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
+       fastcgi_param RCMAIL_CONFIG_DIR /etc/roundcube;
+       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+       fastcgi_no_cache $no_cache;
+       fastcgi_param REDIRECT_STATUS 200;
+               # NOTE: PHP only, required if PHP was built with --enable-force-cgi-redirect
+       fastcgi_pass_header Cookie;
+       fastcgi_pass_header Set-Cookie;
+       
+       fastcgi_pass unix:/run/php5/fpm/roundcube;
+ }
+
+# vim: ft=sh
diff --git a/etc/nginx/site.d/roundcube/x509_host b/etc/nginx/site.d/roundcube/x509_host
new file mode 100644 (file)
index 0000000..50b557f
--- /dev/null
@@ -0,0 +1 @@
+roundcube.heureux-cyclage.org
diff --git a/etc/nginx/site.d/sympa/http.conf b/etc/nginx/site.d/sympa/http.conf
new file mode 100644 (file)
index 0000000..17cee03
--- /dev/null
@@ -0,0 +1,9 @@
+server {
+       listen 80;
+       server_name
+        sympa.heureux-cyclage.org
+        sympa.cyclocoop.heureux-cyclage.org
+        sympa.cyclocoop.org;
+       
+       return 301 https://$host$request_uri;
+ }
index d62c16d..91b2537 100644 (file)
@@ -33,6 +33,7 @@ $TTL 1d ; TTL (Time To Live) par défaut pour les enregistrements
 ; ENREGISTREMENTS « A » (DNS -> adresse IPv4)
 @                   A IP4(GRESILLE)
 agendav             A IP4(GRESILLE)
+autoconfig          A IP4(GRESILLE)
 caldavzap           A IP4(GRESILLE)
 burette             A IP4(GRESILLE)
 davical             A IP4(GRESILLE)
@@ -45,6 +46,7 @@ mx                  A IP4(GRESILLE)
 notifications       A IP4(GRESILLE)
 ns                  A IP4(GRESILLE)
 pop                 A IP4(GRESILLE)
+roundcube           A IP4(GRESILLE)
 smtp                A IP4(GRESILLE)
 sql                 A IP4(GRESILLE)
 ssh                 A IP4(GRESILLE)
index e738607..8e045ed 100644 (file)
@@ -37,6 +37,7 @@ $TTL 1d ; TTL (Time To Live) par défaut pour les enregistrements
 @                    A IP4(LAUTRENET)
 agendav              A IP4(GRESILLE)
 ateliers             A IP4(GRESILLE)
+autoconfig           A IP4(GRESILLE)
 bicloud              A IP4(GRESILLE)
 burette              A IP4(GRESILLE)
 burette.cyclocoop    A IP4(GRESILLE)
@@ -58,6 +59,7 @@ ns                   A IP4(GRESILLE)
 questionnaires       A IP4(GRESILLE)
 ra               60  A IP4(GRESILLE)
 remorque             A IP4(GRESILLE)
+roundcube            A IP4(GRESILLE)
 smtp                 A IP4(GRESILLE)
 stats                A IP4(GRESILLE)
 submission           A IP4(GRESILLE)
diff --git a/etc/openssl/imap.cyclocoop.org/ca b/etc/openssl/imap.cyclocoop.org/ca
new file mode 120000 (symlink)
index 0000000..2ef2817
--- /dev/null
@@ -0,0 +1 @@
+../cyclocoop.org
\ No newline at end of file
diff --git a/etc/openssl/imap.cyclocoop.org/host.cfg b/etc/openssl/imap.cyclocoop.org/host.cfg
new file mode 100644 (file)
index 0000000..c1ac980
--- /dev/null
@@ -0,0 +1,70 @@
+       SERVICE     = imap
+       RANDFILE    = var/sec/x509/openssl.rand
+       oid_section = extra_oids
+[ extra_oids ]
+       # NOTE: pour une éventuelle validation étendue (Extended Validation (EV))
+       jurisdictionOfIncorporationLocalityName        = 1.3.6.1.4.1.311.60.2.1.1
+       jurisdictionOfIncorporationStateOrProvinceName = 1.3.6.1.4.1.311.60.2.1.2
+       jurisdictionOfIncorporationCountryName         = 1.3.6.1.4.1.311.60.2.1.3
+[ req ]
+       prompt             = no
+       distinguished_name = distinguished_name
+       string_mask        = pkix
+       #x509_extensions    = root_extensions
+       #req_extensions     = extension
+       #attributes         = req_attributes
+[ distinguished_name ]
+       countryName            = $ENV::x509_country
+       stateOrProvinceName    = $ENV::x509_state_or_province
+       localityName           = $ENV::x509_state_or_province
+       0.organizationName     = $ENV::x509_organization
+       organizationalUnitName = Service IMAP
+       commonName             = $SERVICE.$ENV::x509_host
+       businessCategory                               = $ENV::x509_business_category
+       jurisdictionOfIncorporationLocalityName        = $ENV::x509_state_or_province
+       jurisdictionOfIncorporationStateOrProvinceName = $ENV::x509_state_or_province
+       jurisdictionOfIncorporationCountryName         = $ENV::x509_country
+[ extensions ]
+       basicConstraints       = critical,CA:FALSE
+       keyUsage               = digitalSignature,keyEncipherment
+       subjectAltName         = email:contact+$SERVICE@$ENV::x509_host
+       subjectKeyIdentifier   = hash
+       issuerAltName          = issuer:copy
+       authorityKeyIdentifier = keyid:always,issuer:always
+       authorityInfoAccess    = caIssuers;URI:http://www.$ENV::x509_host/x509/crt.pem
+       crlDistributionPoints  = URI:http://www.$ENV::x509_host/x509/$SERVICE/crl.pem
+       certificatePolicies    = @certificate_policies
+[ self_signed_extensions ]
+       basicConstraints       = critical,CA:TRUE,pathlen:0
+       keyUsage               = keyCertSign,cRLSign,digitalSignature,keyEncipherment
+       subjectAltName         = email:contact+$SERVICE@$ENV::x509_host
+       subjectKeyIdentifier   = hash
+       issuerAltName          = issuer:copy
+       authorityKeyIdentifier = keyid:always,issuer:always
+       authorityInfoAccess    = caIssuers;URI:http://www.$ENV::x509_host/x509/$SERVICE/crt.pem
+       crlDistributionPoints  = URI:http://www.$ENV::x509_host/x509/$SERVICE/crl.self-signed.pem
+[ user_extensions ]
+       basicConstraints       = critical,CA:FALSE,pathlen:0
+       keyUsage               = digitalSignature,keyEncipherment
+       subjectAltName         = email:$ENV::user@$ENV::x509_host
+       subjectKeyIdentifier   = hash
+       issuerAltName          = issuer:copy
+       authorityKeyIdentifier = keyid:always,issuer:always
+       authorityInfoAccess    = caIssuers;URI:http://www.$ENV::x509_host/x509/$SERVICE/crt.pem
+[ certificate_policies ]
+       policyIdentifier = 1.2.250.1.42
+       CPS.1            = https://www.$ENV::x509_host/x509/cps
+[ ca ]
+       private_key      = var/sec/x509/$ENV::x509/key.pem
+       dir              = var/pub/x509/$ENV::x509
+       crl_dir          = $dir
+       crlnumber        = $dir/crl.num
+       crl              = $dir/crl.pem
+       database         = $dir/idx.txt
+[ self_signed_ca ]
+       private_key      = var/sec/x509/$ENV::x509/key.pem
+       dir              = var/pub/x509/$ENV::x509
+       crl_dir          = $dir
+       crlnumber        = $dir/crl.self-signed.num
+       crl              = $dir/crl.self-signed.pem
+       database         = $dir/idx.self-signed.txt
diff --git a/etc/openssl/imap.cyclocoop.org/user.cfg b/etc/openssl/imap.cyclocoop.org/user.cfg
new file mode 100644 (file)
index 0000000..4116009
--- /dev/null
@@ -0,0 +1,16 @@
+       SERVICE  = imap
+       HOME     = .
+       RANDFILE = var/sec/x509/openssl.rand
+[ req ]
+       distinguished_name = user_distinguished_name
+       prompt             = no
+       string_mask        = pkix
+[ user_distinguished_name ]
+       0.organizationName     = $ENV::x509_organization
+       commonName             = $ENV::user@$ENV::x509_host
+       countryName            = $ENV::x509_country
+       localityName           = néant
+       organizationalUnitName = Certificat utilisateurice du service IMAP
+       stateOrProvinceName    = $ENV::x509_state_or_province
+#[ user_extensions ]
+#      subjectAltName         = email:$ENV::user@$ENV::x509_host
index c64ee34..4116009 100644 (file)
@@ -2,15 +2,15 @@
        HOME     = .
        RANDFILE = var/sec/x509/openssl.rand
 [ req ]
-       prompt             = no
        distinguished_name = user_distinguished_name
+       prompt             = no
        string_mask        = pkix
 [ user_distinguished_name ]
+       0.organizationName     = $ENV::x509_organization
+       commonName             = $ENV::user@$ENV::x509_host
        countryName            = $ENV::x509_country
-       stateOrProvinceName    = $ENV::x509_state_or_province
        localityName           = néant
-       0.organizationName     = $ENV::x509_organization
        organizationalUnitName = Certificat utilisateurice du service IMAP
-       commonName             = $ENV::user
+       stateOrProvinceName    = $ENV::x509_state_or_province
 #[ user_extensions ]
-#      subjectAltName         = email:$ENV::user@$ENV::HOST
+#      subjectAltName         = email:$ENV::user@$ENV::x509_host
diff --git a/etc/openssl/roundcube.heureux-cyclage.org/ca b/etc/openssl/roundcube.heureux-cyclage.org/ca
new file mode 120000 (symlink)
index 0000000..6d4a070
--- /dev/null
@@ -0,0 +1 @@
+../heureux-cyclage.org
\ No newline at end of file
diff --git a/etc/openssl/roundcube.heureux-cyclage.org/host.cfg b/etc/openssl/roundcube.heureux-cyclage.org/host.cfg
new file mode 100644 (file)
index 0000000..3b54e5b
--- /dev/null
@@ -0,0 +1,70 @@
+       SERVICE     = roundcube
+       RANDFILE    = var/sec/x509/openssl.rand
+       oid_section = extra_oids
+[ extra_oids ]
+       # NOTE: pour une éventuelle validation étendue (Extended Validation (EV))
+       jurisdictionOfIncorporationLocalityName        = 1.3.6.1.4.1.311.60.2.1.1
+       jurisdictionOfIncorporationStateOrProvinceName = 1.3.6.1.4.1.311.60.2.1.2
+       jurisdictionOfIncorporationCountryName         = 1.3.6.1.4.1.311.60.2.1.3
+[ req ]
+       prompt             = no
+       distinguished_name = distinguished_name
+       string_mask        = pkix
+       #x509_extensions    = root_extensions
+       #req_extensions     = extension
+       #attributes         = req_attributes
+[ distinguished_name ]
+       countryName            = $ENV::x509_country
+       stateOrProvinceName    = $ENV::x509_state_or_province
+       localityName           = $ENV::x509_state_or_province
+       0.organizationName     = $ENV::x509_organization
+       organizationalUnitName = Service Roundcube
+       commonName             = $SERVICE.$ENV::x509_host
+       businessCategory                               = $ENV::x509_business_category
+       jurisdictionOfIncorporationLocalityName        = $ENV::x509_state_or_province
+       jurisdictionOfIncorporationStateOrProvinceName = $ENV::x509_state_or_province
+       jurisdictionOfIncorporationCountryName         = $ENV::x509_country
+[ extensions ]
+       basicConstraints       = critical,CA:TRUE,pathlen:0
+       keyUsage               = keyCertSign,cRLSign,digitalSignature,keyEncipherment
+       subjectAltName         = email:contact+$SERVICE@$ENV::x509_host,DNS:mail.$ENV::x509_host,DNS:courriel.$ENV::x509_host,DNS:$SERVICE.cyclocoop.org,DNS:mail.cyclocoop.org,DNS:courriel.cyclocoop.org
+       subjectKeyIdentifier   = hash
+       issuerAltName          = issuer:copy
+       authorityKeyIdentifier = keyid:always,issuer:always
+       authorityInfoAccess    = caIssuers;URI:http://www.$ENV::x509_host/x509/crt.pem
+       crlDistributionPoints  = URI:http://www.$ENV::x509_host/x509/$SERVICE/crl.pem
+       certificatePolicies    = @certificate_policies
+[ self_signed_extensions ]
+       basicConstraints       = critical,CA:TRUE,pathlen:0
+       keyUsage               = keyCertSign,cRLSign,digitalSignature,keyEncipherment
+       subjectAltName         = email:contact+$SERVICE@$ENV::x509_host,DNS:mail.$ENV::x509_host,DNS:courriel.$ENV::x509_host,DNS:$SERVICE.cyclocoop.org,DNS:mail.cyclocoop.org,DNS:courriel.cyclocoop.org
+       subjectKeyIdentifier   = hash
+       issuerAltName          = issuer:copy
+       authorityKeyIdentifier = keyid:always,issuer:always
+       authorityInfoAccess    = caIssuers;URI:http://www.$ENV::x509_host/x509/$SERVICE/crt.pem
+       crlDistributionPoints  = URI:http://www.$ENV::x509_host/x509/$SERVICE/crl.pem
+[ user_extensions ]
+       basicConstraints       = critical,CA:FALSE,pathlen:0
+       keyUsage               = digitalSignature,keyEncipherment
+       subjectAltName         = email:$ENV::user@$ENV::x509_host
+       subjectKeyIdentifier   = hash
+       issuerAltName          = issuer:copy
+       authorityKeyIdentifier = keyid:always,issuer:always
+       authorityInfoAccess    = caIssuers;URI:http://www.$ENV::x509_host/x509/$SERVICE/crt.pem
+[ certificate_policies ]
+       policyIdentifier = 1.2.250.1.42
+       CPS.1            = https://www.$ENV::x509_host/x509/cps
+[ ca ]
+       private_key      = var/sec/x509/$ENV::x509/key.pem
+       dir              = var/pub/x509/$ENV::x509
+       crl_dir          = $dir
+       crlnumber        = $dir/crl.num
+       crl              = $dir/crl.pem
+       database         = $dir/idx.txt
+[ self_signed_ca ]
+       private_key      = var/sec/x509/$ENV::x509/key.pem
+       dir              = var/pub/x509/$ENV::x509
+       crl_dir          = $dir
+       crlnumber        = $dir/crl.self-signed.num
+       crl              = $dir/crl.self-signed.pem
+       database         = $dir/idx.self-signed.txt
diff --git a/etc/openssl/roundcube.heureux-cyclage.org/user.cfg b/etc/openssl/roundcube.heureux-cyclage.org/user.cfg
new file mode 100644 (file)
index 0000000..8327785
--- /dev/null
@@ -0,0 +1,14 @@
+       SERVICE  = roundcube
+       HOME     = .
+       RANDFILE = var/sec/x509/openssl.rand
+[ req ]
+       prompt             = no
+       distinguished_name = user_distinguished_name
+       string_mask        = pkix
+[ user_distinguished_name ]
+       countryName            = $ENV::x509_country
+       stateOrProvinceName    = $ENV::x509_state_or_province
+       #localityName           =
+       0.organizationName     = $ENV::x509_organization
+       organizationalUnitName = Certificat utilisateurice du service Roundcube
+       commonName             = $ENV::user
index b32265f..ed63a6a 100644 (file)
@@ -2,15 +2,15 @@
        HOME     = .
        RANDFILE = var/sec/x509/openssl.rand
 [ req ]
-       prompt             = no
        distinguished_name = user_distinguished_name
+       prompt             = no
        string_mask        = pkix
 [ user_distinguished_name ]
+       0.organizationName     = $ENV::x509_organization
+       commonName             = $ENV::user@$ENV::x509_host
        countryName            = $ENV::x509_country
-       stateOrProvinceName    = $ENV::x509_state_or_province
        localityName           = néant
-       0.organizationName     = $ENV::x509_organization
        organizationalUnitName = Certificat utilisateurice du service SMTP
-       commonName             = $ENV::user
+       stateOrProvinceName    = $ENV::x509_state_or_province
 [ user_extensions ]
-       subjectAltName         = email:$ENV::user@$ENV::HOST
+       subjectAltName         = email:$ENV::user@$ENV::x509_host
index cbc1301..49540a2 100644 (file)
@@ -27,7 +27,7 @@
 [ extensions ]
        basicConstraints       = critical,CA:TRUE,pathlen:0
        keyUsage               = keyCertSign,cRLSign,digitalSignature,keyEncipherment
-       subjectAltName         = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host,DNS:smtp.$ENV::x509_host,DNS:submission.$ENV::x509_host,DNS:smtps.$ENV::x509_host
+       subjectAltName         = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host,DNS:smtp.$ENV::x509_host,DNS:submission.$ENV::x509_host,DNS:smtps.$ENV::x509_host,DNS:mail.$ENV::x509_host,DNS:$SERVICE.cyclocoop.org,DNS:smtp.cyclocoop.org,DNS:submission.cyclocoop.org,DNS:smtps.cyclocoop.org,DNS:mail.cyclocoop.org
        subjectKeyIdentifier   = hash
        issuerAltName          = issuer:copy
        authorityKeyIdentifier = keyid:always,issuer:always
@@ -37,7 +37,7 @@
 [ self_signed_extensions ]
        basicConstraints       = critical,CA:TRUE,pathlen:0
        keyUsage               = keyCertSign,cRLSign,digitalSignature,keyEncipherment
-       subjectAltName         = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host,DNS:smtp.$ENV::x509_host,DNS:submission.$ENV::x509_host,DNS:smtps.$ENV::x509_host
+       subjectAltName         = email:contact+$SERVICE@$ENV::x509_host,DNS:$SERVICE.$ENV::x509_host,DNS:smtp.$ENV::x509_host,DNS:submission.$ENV::x509_host,DNS:smtps.$ENV::x509_host,DNS:mail.$ENV::x509_host,DNS:$SERVICE.cyclocoop.org,DNS:smtp.cyclocoop.org,DNS:submission.cyclocoop.org,DNS:smtps.cyclocoop.org,DNS:mail.cyclocoop.org
        subjectKeyIdentifier   = hash
        issuerAltName          = issuer:copy
        authorityKeyIdentifier = keyid:always,issuer:always
index 7bbbee0..4ee2887 100644 (file)
@@ -11,6 +11,6 @@
        localityName           = néant
        0.organizationName     = $ENV::x509_organization
        organizationalUnitName = Certificat utilisateurice du service SMTP
-       commonName             = $ENV::user
+       commonName             = $ENV::user@$ENV::x509_host
 [ user_extensions ]
-       subjectAltName         = email:$ENV::user@$ENV::HOST
+       subjectAltName         = email:$ENV::user@$ENV::x509_host
index e91edba..c5f23a9 100644 (file)
@@ -4,7 +4,7 @@ apc.canonicalize = 0
 apc.coredump_unmap = 0
 apc.enable_cli = 0
 apc.enabled = 1
-apc.file_update_protection=2
+apc.file_update_protection = 2
 apc.filters = 
 apc.gc_ttl = 3600
 apc.include_once_override = 0
@@ -16,7 +16,7 @@ apc.mmap_file_mask = /run/shm/tmp/php5/apc.XXXXXX
 apc.num_files_hint = 512
 apc.optimization = 0
 apc.report_autofilter = 0
-apc.rfc1867 = 0
+apc.rfc1867 = 1
 apc.rfc1867_freq = 0
 apc.rfc1867_name = "APC_UPLOAD_PROGRESS"
 apc.rfc1867_prefix = "upload_"
diff --git a/etc/php5/fpm/pool.d/roundcube/php-fpm.conf b/etc/php5/fpm/pool.d/roundcube/php-fpm.conf
new file mode 100644 (file)
index 0000000..da2cafe
--- /dev/null
@@ -0,0 +1,36 @@
+php_admin_value[default_charset] = "UTF-8"
+php_admin_value[display_errors] = Off
+php_admin_value[error_log] = logs/errors
+php_admin_value[error_reporting] = "30711"
+php_admin_value[extension] = intl.so
+php_admin_value[extension] = mcrypt.so
+php_admin_value[extension] = pdo_pgsql.so
+php_admin_value[extension] = pgsql.so
+php_admin_value[extension] = pspell.so
+php_admin_value[file_uploads] = 1
+php_admin_value[log_errors] = On
+php_admin_value[magic_quotes_gpc] = 0
+php_admin_value[magic_quotes_runtime] = 0
+php_admin_value[mbstring.func_overload] = 0
+php_admin_value[memory_limit] = 64M
+php_admin_value[post_max_size] = 6M
+php_admin_value[session.auto_start] = 0
+php_admin_value[session.cookie_path] = /
+php_admin_value[session.gc_divisor] = 500
+php_admin_value[session.gc_maxlifetime] = 21600
+php_admin_value[session.gc_probability] = 1
+php_admin_value[suhosin.session.encrypt] = 0
+php_admin_value[upload_max_filesize] = 5M
+php_admin_value[zend.ze1_compatibility_mode] = 0
+php_admin_value[zlib.output_compression] = Off
+pm.max_children = 15
+pm.max_requests = 200
+pm.max_spare_servers = 5
+pm.min_spare_servers = 1
+pm.process_idle_timeout = 60s
+pm.start_servers = 1
+request_slowlog_timeout = 5s
+request_terminate_timeout = 120s
+rlimit_core = unlimited
+rlimit_files = 131072
+security.limit_extensions = .php
index e13ed0a..bebbdfd 100644 (file)
@@ -1,5 +1,4 @@
 # See man 5 aliases for format
-abuse: root
 admin: root
 backup: root
 contact: root
@@ -16,8 +15,6 @@ abuse-feedback-report: "| /usr/lib/sympa/bin/bouncequeue sympa@LOCAL_DOMAINNAME"
 abuse:                 "| /usr/lib/sympa/bin/bouncequeue sympa@LOCAL_DOMAINNAME"
 bounce+*:              "| /usr/lib/sympa/bin/bouncequeue sympa@LOCAL_DOMAINNAME"
 listmaster:            "| /usr/lib/sympa/bin/queue  listmaster@LOCAL_DOMAINNAME"
-postmaster:    postmaster
-root:          root
 sympa-owner:   postmaster
 sympa-request: postmaster
 sympa:                 "| /usr/lib/sympa/bin/queue       sympa@LOCAL_DOMAINNAME"
index b5d3da3..1b24e31 100644 (file)
@@ -17,16 +17,25 @@ body_checks =
 default_extra_recipient_limit = 5000
 #delay_warning_time = 4h
        # NOTE: uncomment the previous line to generate "delayed mail" warnings
+disable_vrfy_command = yes
+       # NOTE: this stops some techniques used to harvest email addresses.
 duplicate_filter_limit = 5000
+fallback_transport = lmtp:unix:private/dovecot-lmtp
+       # NOTE: passe à dovecot les destinataires de $mydestination qui n'existent pas
 forward_path = $home/etc/mail/forward${recipient_delimiter}${extension}, $home/etc/mail/forward
 header_checks = regexp:/etc/postfix/$mydomain/header_checks
 inet_interfaces = all
 inet_protocols = ipv4
        # NOTE: "all" to activate IPv6
 line_length_limit = 2048
+local_recipient_maps =
+       # NOTE: laisse $fallback_transport vérifier l'existence du destinaire
 #local_header_rewrite_clients =
 mailbox_command = /usr/bin/procmail -t -a "$SENDER" -a "$RECIPIENT" -a "$USER" -a "$EXTENSION" -a "$DOMAIN" -a "$ORIGINAL_RECIPIENT" "$HOME/etc/mail/delivery.procmailrc"
 mailbox_size_limit = 0
+masquerade_classes = envelope_sender, header_sender, header_recipient
+masquerade_domains =
+masquerade_exceptions = root
 maximal_queue_lifetime = 5d
 message_size_limit = 20480000
 mime_header_checks =
@@ -43,6 +52,7 @@ parent_domain_matches_subdomains =
        #qmqpd_authorized_clients
        #smtpd_access_maps
 permit_mx_backup_networks =
+policy-spf_time_limit = 3600s
 propagate_unmatched_extensions = canonical, virtual
 queue_minfree = 0
 readme_directory = no
@@ -84,7 +94,7 @@ smtp_tls_protocols = !SSLv2, !SSLv3
 smtp_tls_scert_verifydepth = 5
 #smtp_tls_secure_cert_match = nexthop, dot-nexthop
 smtp_tls_security_level = may
-smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
+smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
 #smtp_tls_session_cache_timeout = 3600s
 #smtp_tls_verify_cert_match = hostname
 smtpd_authorized_xclient_hosts = 127.0.0.1
@@ -132,11 +142,13 @@ smtpd_recipient_restrictions =
        permit_mynetworks
        permit_tls_clientcerts
        permit_sasl_authenticated
+       reject_unverified_recipient
+               # NOTE: $fallback_transport est garant de l'existence du destinataire
        reject_unauth_destination
                # NOTE: ne pas passer par SPFCheck / Postgrey si le mail n'est pas pour nous ou quelqu'un pour lequel on tient lieu de backup_mx
+       check_policy_service unix:private/spfcheck
        check_policy_service unix:postgrey/socket
                # NOTE: Postgrey (greylisting)
-       check_policy_service unix:private/spfcheck
        permit_auth_destination
                # NOTE: une fois Postgrey passé, on accepte ce qui nous est destiné (voir permit_auth_destination) ; sans doute redondant
        reject
@@ -183,15 +195,16 @@ smtpd_tls_security_level = may
        #  Mandatory TLS encryption: announce STARTTLS support to SMTP clients, and require that clients use TLS
        #  encryption. According to [1720]RFC 2487 this MUST NOT be applied in case of a publicly-referenced
        #  SMTP server. Instead, this option should be used only on dedicated servers.
-smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache
+smtpd_tls_session_cache_database = btree:$data_directory/smtpd_tls_session_cache
 #smtpd_tls_session_cache_timeout = 3600s
 strict_rfc821_envelopes = yes
+       # NOTE: this stops mail from poorly written software.
 sympa_destination_recipient_limit = 1
 sympabounce_destination_recipient_limit = 1
 #tls_high_cipherlist = AES256-SHA
        # NOTE: postconf(5) déconseille de changer ceci
 #tls_random_bytes = 32
-#tls_random_exchange_name = ${data_directory}/prng_exch
+#tls_random_exchange_name = $data_directory/prng_exch
        # NOTE: à ne pas mettre dans la cage chroot
 #tls_random_prng_update_period = 3600s
 #tls_random_reseed_period = 3600s
@@ -200,12 +213,15 @@ sympabounce_destination_recipient_limit = 1
 transport_maps =
        hash:/etc/postfix/$mydomain/transport
        hash:/etc/postfix/$mydomain/transport-pending-transition-from-lautrenet
+       hash:/etc/dovecot/transport
        regexp:/etc/sympa/transport
-#virtual_alias_domains =
+virtual_alias_domains =
+       cyclocoop.org
 virtual_alias_maps =
        hash:/etc/postfix/$mydomain/virtual_alias
        hash:/etc/postfix/$mydomain/virtual_alias-pending-transition-from-lautrenet
        hash:/etc/postfix/cyclocoop.org/virtual_alias
+       hash:/etc/mail/dovecot/virtual_alias
        regexp:/etc/sympa/virtual_alias
        # NOTE: do not specify virtual alias domain names in  the  main.cf
        #       mydestination or relay_domains configuration parameters.
@@ -214,3 +230,5 @@ virtual_alias_maps =
        # accepts  mail  for  known-user@virtual-alias.domain,   and
        # rejects   mail  for  unknown-user@virtual-alias.domain  as
        # undeliverable.
+unverified_recipient_reject_code = 550
+       # NOTE: rejette immédiatement ce que $fallback_transport refuse
index 860b67f..604f9fe 100644 (file)
@@ -7,25 +7,25 @@
 # ==========================================================================
 smtp      inet  n       -       -       -       -       smtpd
 submission inet n       -       -       -       -       smtpd
-  -o smtpd_tls_security_level=encrypt
   -o milter_macro_daemon_name=ORIGINATING
-#  -o smtpd_tls_req_ccert=yes
+  -o smtpd_sasl_auth_enable=yes
   -o smtpd_tls_ask_ccert=yes
-  -o smtpd_tls_loglevel=1
-  -o smtpd_tls_ccert_verifydepth=2
   -o smtpd_tls_auth_only=yes
-  -o smtpd_sasl_auth_enable=yes
-smtps     inet  n       -       -       -       -       smtpd
+  -o smtpd_tls_ccert_verifydepth=2
+  -o smtpd_tls_loglevel=1
+  -o smtpd_tls_req_ccert=yes
   -o smtpd_tls_security_level=encrypt
-  -o smtpd_tls_wrappermode=yes
-  -o smtpd_sasl_auth_enable=yes
-  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+smtps     inet  n       -       -       -       -       smtpd
   -o milter_macro_daemon_name=ORIGINATING
-  -o smtpd_tls_req_ccert=no
+  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+  -o smtpd_sasl_auth_enable=yes
   -o smtpd_tls_ask_ccert=yes
-  -o smtpd_tls_loglevel=1
-  -o smtpd_tls_ccert_verifydepth=2
   -o smtpd_tls_auth_only=yes
+  -o smtpd_tls_ccert_verifydepth=0
+  -o smtpd_tls_loglevel=1
+  -o smtpd_tls_req_ccert=no
+  -o smtpd_tls_security_level=encrypt
+  -o smtpd_tls_wrappermode=yes
 #628      inet  n       -       -       -       -       qmqpd
 pickup    fifo  n       -       -       60      1       pickup
 cleanup   unix  n       -       -       -       0       cleanup
index c270660..0744b33 100644 (file)
@@ -4,5 +4,6 @@ admin      root             postgres
 role       postgres         davical_dba
 role       php5_davical     davical_app
 user       postgres         agendav
+user       root             roundcube
 user       /^php5_(.*)$     \1
 user       /^(.*)$          \1
diff --git a/etc/roundcube/debian-db.php b/etc/roundcube/debian-db.php
new file mode 100644 (file)
index 0000000..cf9f253
--- /dev/null
@@ -0,0 +1,8 @@
+<?php
+$dbuser='roundcube';
+$dbpass='';
+$basepath='';
+$dbname='roundcube';
+$dbserver='unix(/run/postgresql)';
+$dbport='';
+$dbtype='pgsql';
diff --git a/etc/roundcube/main.inc.php b/etc/roundcube/main.inc.php
new file mode 100644 (file)
index 0000000..aa38b8f
--- /dev/null
@@ -0,0 +1,990 @@
+<?php
+
+/*
+ +-----------------------------------------------------------------------+
+ | Main configuration file                                               |
+ |                                                                       |
+ | This file is part of the Roundcube Webmail client                     |
+ | Copyright (C) 2005-2011, The Roundcube Dev Team                       |
+ | Licensed under the GNU GPL                                            |
+ |                                                                       |
+ +-----------------------------------------------------------------------+
+
+*/
+
+$http_host=$_SERVER['HTTP_HOST'];
+if (substr($http_host, 0, strlen("roundcube.")) == "roundcube.") {
+       $http_host = substr($http_host, strlen("roundcube."));
+ }
+
+$rcmail_config = array();
+
+// ----------------------------------
+// LOGGING/DEBUGGING
+// ----------------------------------
+
+// system error reporting: 1 = log; 2 = report (not implemented yet), 4 = show, 8 = trace
+$rcmail_config['debug_level'] = 1;
+
+// log driver:  'syslog' or 'file'.
+$rcmail_config['log_driver'] = 'file';
+
+// date format for log entries
+// (read http://php.net/manual/en/function.date.php for all format characters)  
+$rcmail_config['log_date_format'] = 'd-M-Y H:i:s O';
+
+// Syslog ident string to use, if using the 'syslog' log driver.
+$rcmail_config['syslog_id'] = 'roundcube';
+
+// Syslog facility to use, if using the 'syslog' log driver.
+// For possible values see installer or http://php.net/manual/en/function.openlog.php
+$rcmail_config['syslog_facility'] = LOG_MAIL;
+
+// Log sent messages to <log_dir>/sendmail or to syslog
+$rcmail_config['smtp_log'] = true;
+
+// Log successful logins to <log_dir>/userlogins or to syslog
+$rcmail_config['log_logins'] = false;
+
+// Log session authentication errors to <log_dir>/session or to syslog
+$rcmail_config['log_session'] = false;
+
+// Log SQL queries to <log_dir>/sql or to syslog
+$rcmail_config['sql_debug'] = false;
+
+// Log IMAP conversation to <log_dir>/imap or to syslog
+$rcmail_config['imap_debug'] = false;
+
+// Log LDAP conversation to <log_dir>/ldap or to syslog
+$rcmail_config['ldap_debug'] = false;
+
+// Log SMTP conversation to <log_dir>/smtp or to syslog
+$rcmail_config['smtp_debug'] = false;
+
+// ----------------------------------
+// IMAP
+// ----------------------------------
+
+// the mail host chosen to perform the log-in
+// leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['default_host'] = 'localhost';
+
+// TCP port used for IMAP connections
+$rcmail_config['default_port'] = 143;
+
+// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['imap_auth_type'] = null;
+
+// If you know your imap's folder delimiter, you can specify it here.
+// Otherwise it will be determined automatically
+$rcmail_config['imap_delimiter'] = null;
+
+// If IMAP server doesn't support NAMESPACE extension, but you're
+// using shared folders or personal root folder is non-empty, you'll need to
+// set these options. All can be strings or arrays of strings.
+// Folders need to be ended with directory separator, e.g. "INBOX."
+// (special directory "~" is an exception to this rule)
+// These can be used also to overwrite server's namespaces
+$rcmail_config['imap_ns_personal'] = null;
+$rcmail_config['imap_ns_other']    = null;
+$rcmail_config['imap_ns_shared']   = null;
+
+// By default IMAP capabilities are readed after connection to IMAP server
+// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list
+// after login. Set to True if you've got this case.
+$rcmail_config['imap_force_caps'] = false;
+
+// By default list of subscribed folders is determined using LIST-EXTENDED
+// extension if available. Some servers (dovecot 1.x) returns wrong results
+// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225
+// Enable this option to force LSUB command usage instead.
+$rcmail_config['imap_force_lsub'] = false;
+
+// IMAP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['imap_timeout'] = 0;
+
+// Optional IMAP authentication identifier to be used as authorization proxy
+$rcmail_config['imap_auth_cid'] = null;
+
+// Optional IMAP authentication password to be used for imap_auth_cid
+$rcmail_config['imap_auth_pw'] = null;
+
+// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
+$rcmail_config['imap_cache'] = null;
+
+// Enables messages cache. Only 'db' cache is supported.
+$rcmail_config['messages_cache'] = false;
+
+
+// ----------------------------------
+// SMTP
+// ----------------------------------
+
+// SMTP server host (for sending mails).
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// If left blank, the PHP mail() function is used
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['smtp_server'] = '';
+
+// SMTP port (default is 25; 465 for SSL)
+$rcmail_config['smtp_port'] = 465;
+
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$rcmail_config['smtp_user'] = '';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$rcmail_config['smtp_pass'] = '';
+
+// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['smtp_auth_type'] = '';
+
+// Optional SMTP authentication identifier to be used as authorization proxy
+$rcmail_config['smtp_auth_cid'] = null;
+
+// Optional SMTP authentication password to be used for smtp_auth_cid
+$rcmail_config['smtp_auth_pw'] = null;
+
+// SMTP HELO host 
+// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages 
+// Leave this blank and you will get the server variable 'server_name' or 
+// localhost if that isn't defined. 
+$rcmail_config['smtp_helo_host'] = '';
+
+// SMTP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['smtp_timeout'] = 0;
+
+// ----------------------------------
+// SYSTEM
+// ----------------------------------
+
+// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
+// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
+$rcmail_config['enable_installer'] = false;
+
+// use this folder to store log files (must be writeable for apache user)
+// This is used by the 'file' log driver.
+$rcmail_config['log_dir'] = '/home/www/log/php5/fpm/roundcube/';
+
+// use this folder to store temp files (must be writeable for apache user)
+$rcmail_config['temp_dir'] = 'temp/';
+
+// lifetime of message cache
+// possible units: s, m, h, d, w
+$rcmail_config['message_cache_lifetime'] = '10d';
+
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = true;
+
+// tell PHP that it should work as under secure connection
+// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
+// e.g. when you're running Roundcube behind a https proxy
+$rcmail_config['use_https'] = true;
+
+// Allow browser-autocompletion on login form.
+// 0 - disabled, 1 - username and host only, 2 - username, host, password
+$rcmail_config['login_autocomplete'] = 2;
+
+// If users authentication is not case sensitive this must be enabled.
+// You can also use it to force conversion of logins to lower case.
+// After enabling it all user records need to be updated, e.g. with query:
+// UPDATE users SET username = LOWER(username);
+$rcmail_config['login_lc'] = false;
+
+// automatically create a new Roundcube user when log-in the first time.
+// a new user will be created once the IMAP login succeeds.
+// set to false if only registered users can use this service
+$rcmail_config['auto_create_user'] = true;
+
+// replace Roundcube logo with this image
+// specify an URL relative to the document root of this Roundcube installation
+$http_host=$_SERVER['HTTP_HOST'];
+if (substr($http_host, 0, strlen("roundcube.")) == "roundcube.") {
+       $http_host = substr($http_host, strlen("roundcube."));
+ }
+if (file_exists("/home/www/pub/roundcube/images/logo-$http_host.png")) {
+       $rcmail_config['skin_logo'] = "./images/logo-$http_host.png";
+ }
+else {
+       $rcmail_config['skin_logo'] = null;
+ }
+
+// Includes should be interpreted as PHP files
+$rcmail_config['skin_include_php'] = false;
+
+// Session lifetime in minutes
+// must be greater than 'keep_alive'/60
+$rcmail_config['session_lifetime'] = 10;
+
+// session domain: .example.org
+$rcmail_config['session_domain'] = '';
+
+// session name. Default: 'roundcube_sessid'
+$rcmail_config['session_name'] = null;
+
+// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
+// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+$rcmail_config['session_storage'] = 'db';
+
+// Use these hosts for accessing memcached
+// Define any number of hosts in the form hostname:port
+$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211' );
+
+// check client IP in session authorization
+$rcmail_config['ip_check'] = false;
+
+// check referer of incoming requests
+$rcmail_config['referer_check'] = false;
+
+// X-Frame-Options HTTP header value sent to prevent from Clickjacking.
+// Possible values: sameorigin|deny. Set to false in order to disable sending them
+$rcmail_config['x_frame_options'] = 'sameorigin';
+
+// this key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+// $rcmail_config['des_key'] = 'rcmail-!24ByteDESkey*Str';
+include_once("/etc/roundcube/key.inc.php");
+
+// Automatically add this domain to user names for login
+// Only for IMAP servers that require full e-mail addresses for login
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['username_domain'] = "$http_host";
+
+// This domain will be used to form e-mail addresses of new users
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['mail_domain'] = "$http_host";
+
+// Password charset.
+// Use it if your authentication backend doesn't support UTF-8.
+// Defaults to ISO-8859-1 for backward compatibility
+$rcmail_config['password_charset'] = 'UTF-8';
+
+// How many seconds must pass between emails sent by a user
+$rcmail_config['sendmail_delay'] = 10;
+
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 100; 
+
+// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// If 'max_recipients' is set this value should be less or equal
+$rcmail_config['max_group_members'] = 0; 
+
+// add this user-agent to message headers when sending
+$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION;
+
+// use this name to compose page titles
+$rcmail_config['product_name'] = 'Roundcube Webmail';
+
+// try to load host-specific configuration
+// see http://trac.roundcube.net/wiki/Howto_Config for more details
+$rcmail_config['include_host_config'] = false;
+
+// path to a text file which will be added to each sent message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer'] = '';
+
+// path to a text file which will be added to each sent HTML message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer_html'] = '';
+
+// add a received header to outgoing mails containing the creators IP and hostname
+$rcmail_config['http_received_header'] = false;
+
+// Whether or not to encrypt the IP address and the host name
+// these could, in some circles, be considered as sensitive information;
+// however, for the administrator, these could be invaluable help
+// when tracking down issues.
+$rcmail_config['http_received_header_encrypt'] = false;
+
+// This string is used as a delimiter for message headers when sending
+// a message via mail() function. Leave empty for auto-detection
+$rcmail_config['mail_header_delimiter'] = NULL;
+
+// number of chars allowed for line when wrapping text.
+// text wrapping is done when composing/sending messages
+$rcmail_config['line_length'] = 72;
+
+// send plaintext messages as format=flowed
+$rcmail_config['send_format_flowed'] = true;
+
+// don't allow these settings to be overriden by the user
+$rcmail_config['dont_override'] = array();
+
+// Set identities access level:
+// 0 - many identities with possibility to edit all params
+// 1 - many identities with possibility to edit all params but not email address
+// 2 - one identity with possibility to edit all params
+// 3 - one identity with possibility to edit all params but not email address
+$rcmail_config['identities_level'] = 0;
+
+// Mimetypes supported by the browser.
+// attachments of these types will open in a preview window
+// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf'
+$rcmail_config['client_mimetypes'] = null;  # null == default
+
+// mime magic database
+$rcmail_config['mime_magic'] = '/usr/share/misc/magic';
+
+// path to imagemagick identify binary
+$rcmail_config['im_identify_path'] = null;
+
+// path to imagemagick convert binary
+$rcmail_config['im_convert_path'] = null;
+
+// maximum size of uploaded contact photos in pixel
+$rcmail_config['contact_photo_size'] = 160;
+
+// Enable DNS checking for e-mail address validation
+$rcmail_config['email_dns_check'] = false;
+
+// ----------------------------------
+// PLUGINS
+// ----------------------------------
+
+// List of active plugins (in plugins/ directory)
+$rcmail_config['plugins'] = array(
+       'acl',
+       'jqueryui',
+       'recipient_to_contact',
+       'password',
+       'userinfo',
+       #'hide_blockquote',
+       'markasjunk',
+       'managesieve',
+       'show_additional_headers',
+       #'subscriptions_option',
+ );
+
+// ----------------------------------
+// plugin acl
+// ----------------------------------
+
+// Default look of access rights table
+// In advanced mode all access rights are displayed separately
+// In simple mode access rights are grouped into four groups: read, write, delete, full 
+$rcmail_config['acl_advanced_mode'] = false;
+
+// LDAP addressbook that would be searched for user names autocomplete.
+// That should be an array refering to the $rcmail_config['ldap_public'] array key
+// or complete addressbook configuration array.
+$rcmail_config['acl_users_source'] = '';
+
+// The LDAP attribute which will be used as ACL user identifier
+$rcmail_config['acl_users_field'] = 'mail';
+
+// The LDAP search filter will be &'d with search queries
+$rcmail_config['acl_users_filter'] = '';
+
+// ----------------------------------
+// plugin managesieve
+// ----------------------------------
+
+// managesieve server port
+$rcmail_config['managesieve_port'] = 4190;
+
+// managesieve server address, default is localhost.
+// Replacement variables supported in host name:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['managesieve_host'] = 'localhost';
+
+// authentication method. Can be CRAM-MD5, DIGEST-MD5, PLAIN, LOGIN, EXTERNAL
+// or none. Optional, defaults to best method supported by server.
+$rcmail_config['managesieve_auth_type'] = null;
+
+// Optional managesieve authentication identifier to be used as authorization proxy.
+// Authenticate as a different user but act on behalf of the logged in user.
+// Works with PLAIN and DIGEST-MD5 auth.
+$rcmail_config['managesieve_auth_cid'] = null;
+
+// Optional managesieve authentication password to be used for imap_auth_cid
+$rcmail_config['managesieve_auth_pw'] = null;
+
+// use or not TLS for managesieve server connection
+// it's because I've problems with TLS and dovecot's managesieve plugin
+// and it's not needed on localhost
+$rcmail_config['managesieve_usetls'] = false;
+
+// default contents of filters script (eg. default spam filter)
+$rcmail_config['managesieve_default'] = '/home/mail/sieve/global.d';
+
+// The name of the script which will be used when there's no user script
+$rcmail_config['managesieve_script_name'] = 'roundcube';
+
+// Sieve RFC says that we should use UTF-8 endcoding for mailbox names,
+// but some implementations does not covert UTF-8 to modified UTF-7.
+// Defaults to UTF7-IMAP
+$rcmail_config['managesieve_mbox_encoding'] = 'UTF-8';
+
+// I need this because my dovecot (with listescape plugin) uses
+// ':' delimiter, but creates folders with dot delimiter
+$rcmail_config['managesieve_replace_delimiter'] = '';
+
+// disabled sieve extensions (body, copy, date, editheader, encoded-character,
+// envelope, environment, ereject, fileinto, ihave, imap4flags, index,
+// mailbox, mboxmetadata, regex, reject, relational, servermetadata,
+// spamtest, spamtestplus, subaddress, vacation, variables, virustest, etc.
+// Note: not all extensions are implemented
+$rcmail_config['managesieve_disabled_extensions'] = array();
+
+// Enables debugging of conversation with sieve server. Logs it into <log_dir>/sieve
+$rcmail_config['managesieve_debug'] = true;
+
+// Enables features described in http://wiki.kolab.org/KEP:14
+$rcmail_config['managesieve_kolab_master'] = false;
+
+// Script name extension used for scripts including. Dovecot uses '.sieve',
+// Cyrus uses '.siv'. Doesn't matter if you have managesieve_kolab_master disabled.
+$rcmail_config['managesieve_filename_extension'] = '.sieve';
+
+// List of reserved script names (without extension).
+// Scripts listed here will be not presented to the user.
+$rcmail_config['managesieve_filename_exceptions'] = array();
+
+// ----------------------------------
+// plugin password
+// ----------------------------------
+
+// Password Plugin options
+// -----------------------
+// A driver to use for password change. Default: "sql".
+// See README file for list of supported driver names.
+$rcmail_config['password_driver'] = 'chpasswd';
+
+// Determine whether current password is required to change password.
+// Default: false.
+$rcmail_config['password_confirm_current'] = true;
+
+// Require the new password to be a certain length.
+// set to blank to allow passwords of any length
+$rcmail_config['password_minimum_length'] = 12;
+
+// Require the new password to contain a letter and punctuation character
+// Change to false to remove this check.
+$rcmail_config['password_require_nonalpha'] = true;
+
+// Enables logging of password changes into logs/password
+$rcmail_config['password_log'] = true;
+
+// Comma-separated list of login exceptions for which password change
+// will be not available (no Password tab in Settings)
+$rcmail_config['password_login_exceptions'] = null;
+
+// Array of hosts that support password changing. Default is NULL.
+// Listed hosts will feature a Password option in Settings; others will not.
+// Example:
+//$rcmail_config['password_hosts'] = array('mail.example.com', 'mail2.example.org');
+$rcmail_config['password_hosts'] = null;
+
+// chpasswd Driver options
+// ---------------------
+// Command to use
+$rcmail_config['password_chpasswd_cmd'] = '/usr/local/bin/roundcube-chpasswd';
+
+// ----------------------------------
+// plugin recipient_to_contact
+// ----------------------------------
+
+/**
+ * Defines which address books are used for searching and adding new contacts to.
+ *
+ * Empty array means the plugins uses 'autocomplete_addressbooks' setting from main.inc.php
+ */
+$rcmail_config['recipient_to_contact_addressbooks'] = array('sql');
+
+/**
+ * Whether the plugin is enabled or disabled for users by default.
+ *
+ * If set to true, the plugin is enabled and users can disable it through settings menu.
+ */
+$rcmail_config['recipient_to_contact_enabled_by_default'] = true;
+
+/**
+ * Whether the groups feature is enabled or not.
+ *
+ * If set to true, the contact group dropdown is shown in the dialog.
+ */
+$rcmail_config['recipient_to_contact_use_groups'] = true;
+
+// ----------------------------------
+// USER INTERFACE
+// ----------------------------------
+
+// default messages sort column. Use empty value for default server's sorting, 
+// or 'arrival', 'date', 'subject', 'from', 'to', 'size', 'cc'
+$rcmail_config['message_sort_col'] = '';
+
+// default messages sort order
+$rcmail_config['message_sort_order'] = 'DESC';
+
+// These cols are shown in the message list. Available cols are:
+// subject, from, to, cc, replyto, date, size, status, flag, attachment, 'priority'
+$rcmail_config['list_cols'] = array('subject', 'status', 'from', 'date', 'size', 'flag', 'attachment');
+
+// the default locale setting (leave empty for auto-detection)
+// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
+$rcmail_config['language'] = fr_FR;
+
+// use this format for date display (date or strftime format)
+$rcmail_config['date_format'] = 'Y-m-d';
+
+// give this choice of date formats to the user to select from
+$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y');
+
+// use this format for time display (date or strftime format)
+$rcmail_config['time_format'] = 'H:i';
+
+// give this choice of time formats to the user to select from
+$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A');
+
+// use this format for short date display (derived from date_format and time_format)
+$rcmail_config['date_short'] = 'D H:i';
+
+// use this format for detailed date/time formatting (derived from date_format and time_format)
+$rcmail_config['date_long'] = 'Y-m-d H:i';
+
+// store draft message is this mailbox
+// leave blank if draft messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['drafts_mbox'] = 'Drafts';
+
+// store spam messages in this mailbox
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['junk_mbox'] = 'Junk';
+
+// store sent message is this mailbox
+// leave blank if sent messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['sent_mbox'] = 'Sent';
+
+// move messages to this folder when deleting them
+// leave blank if they should be deleted directly
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['trash_mbox'] = 'Trash';
+
+// display these folders separately in the mailbox list.
+// these folders will also be displayed with localized names
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash');
+
+// automatically create the above listed default folders on first login
+$rcmail_config['create_default_folders'] = false;
+
+// protect the default folders from renames, deletes, and subscription changes
+$rcmail_config['protect_default_folders'] = true;
+
+// if in your system 0 quota means no limit set this option to true 
+$rcmail_config['quota_zero_as_unlimited'] = false;
+
+// Make use of the built-in spell checker. It is based on GoogieSpell.
+// Since Google only accepts connections over https your PHP installatation
+// requires to be compiled with Open SSL support
+$rcmail_config['enable_spellcheck'] = true;
+
+// Enables spellchecker exceptions dictionary.
+// Setting it to 'shared' will make the dictionary shared by all users.
+$rcmail_config['spellcheck_dictionary'] = true;
+
+// Set the spell checking engine. 'googie' is the default. 'pspell' is also available,
+// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here.
+$rcmail_config['spellcheck_engine'] = 'pspell';
+
+// For a locally installed Nox Spell Server, please specify the URI to call it.
+// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72
+// Leave empty to use the Google spell checking service, what means
+// that the message content will be sent to Google in order to check spelling
+$rcmail_config['spellcheck_uri'] = '';
+
+// These languages can be selected for spell checking.
+// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
+// Leave empty for default set of available language.
+$rcmail_config['spellcheck_languages'] = array
+ ( 'de' => 'Deutsch'
+ , 'en' => 'English'
+ , 'es' => 'Español'
+ , 'fr' => 'Français'
+ , 'it' => 'Italiano'
+ , 'pl' => 'Polski'
+ );
+
+// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE)
+$rcmail_config['spellcheck_ignore_caps'] = false;
+
+// Makes that words with numbers will be ignored (e.g. g00gle)
+$rcmail_config['spellcheck_ignore_nums'] = false;
+
+// Makes that words with symbols will be ignored (e.g. g@@gle)
+$rcmail_config['spellcheck_ignore_syms'] = false;
+
+// Use this char/string to separate recipients when composing a new message
+$rcmail_config['recipients_separator'] = ',';
+
+// don't let users set pagesize to more than this value if set
+$rcmail_config['max_pagesize'] = 200;
+
+// Minimal value of user's 'keep_alive' setting (in seconds)
+// Must be less than 'session_lifetime'
+$rcmail_config['min_keep_alive'] = 60;
+
+// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
+// By default refresh time is set to 1 second. You can set this value to true
+// or any integer value indicating number of seconds.
+$rcmail_config['upload_progress'] = true;
+
+// Specifies for how many seconds the Undo button will be available
+// after object delete action. Currently used with supporting address book sources.
+// Setting it to 0, disables the feature.
+$rcmail_config['undo_timeout'] = 0;
+
+// ----------------------------------
+// ADDRESSBOOK SETTINGS
+// ----------------------------------
+
+// This indicates which type of address book to use. Possible choises:
+// 'sql' (default) and 'ldap'.
+// If set to 'ldap' then it will look at using the first writable LDAP
+// address book as the primary address book and it will not display the
+// SQL address book in the 'Address Book' view.
+$rcmail_config['address_book_type'] = 'sql';
+
+// In order to enable public ldap search, configure an array like the Verisign
+// example further below. if you would like to test, simply uncomment the example.
+// Array key must contain only safe characters, ie. a-zA-Z0-9_
+$rcmail_config['ldap_public'] = array();
+
+// If you are going to use LDAP for individual address books, you will need to 
+// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it.
+//
+// The recommended directory structure for LDAP is to store all the address book entries
+// under the users main entry, e.g.:
+//
+//  o=root
+//   ou=people
+//    uid=user@domain
+//  mail=contact@contactdomain
+//
+// So the base_dn would be uid=%fu,ou=people,o=root
+// The bind_dn would be the same as based_dn or some super user login.
+/* 
+ * example config for Verisign directory
+ *
+$rcmail_config['ldap_public']['Verisign'] = array(
+  'name'          => 'Verisign.com',
+  // Replacement variables supported in host names:
+  // %h - user's IMAP hostname
+  // %n - http hostname ($_SERVER['SERVER_NAME'])
+  // %d - domain (http hostname without the first part)
+  // %z - IMAP domain (IMAP hostname without the first part)
+  // For example %n = mail.domain.tld, %d = domain.tld
+  'hosts'         => array('directory.verisign.com'),
+  'port'          => 389,
+  'use_tls'          => false,
+  'ldap_version'  => 3,       // using LDAPv3
+  'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
+  // %fu - The full username provided, assumes the username is an email
+  //       address, uses the username_domain value if not an email address.
+  // %u  - The username prior to the '@'.
+  // %d  - The domain name after the '@'.
+  // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+  // %dn - DN found by ldap search when search_filter/search_base_dn are used
+  'base_dn'       => '',
+  'bind_dn'       => '',
+  'bind_pass'     => '',
+  // It's possible to bind for an individual address book
+  // The login name is used to search for the DN to bind with
+  'search_base_dn' => '',
+  'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+  // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+  'search_bind_dn' => '',
+  'search_bind_pw' => '',
+  // Default for %dn variable if search doesn't return DN value
+  'search_dn_default' => '',
+  // Optional authentication identifier to be used as SASL authorization proxy
+  // bind_dn need to be empty
+  'auth_cid'       => '',
+  // SASL authentication method (for proxy auth), e.g. DIGEST-MD5
+  'auth_method'    => '',
+  // Indicates if the addressbook shall be hidden from the list.
+  // With this option enabled you can still search/view contacts.
+  'hidden'        => false,
+  // Indicates if the addressbook shall not list contacts but only allows searching.
+  'searchonly'    => false,
+  // Indicates if we can write to the LDAP directory or not.
+  // If writable is true then these fields need to be populated:
+  // LDAP_Object_Classes, required_fields, LDAP_rdn
+  'writable'       => false,
+  // To create a new contact these are the object classes to specify
+  // (or any other classes you wish to use).
+  'LDAP_Object_Classes' => array('top', 'inetOrgPerson'),
+  // The RDN field that is used for new entries, this field needs
+  // to be one of the search_fields, the base of base_dn is appended
+  // to the RDN to insert into the LDAP directory.
+  'LDAP_rdn'       => 'mail',
+  // The required fields needed to build a new contact as required by
+  // the object classes (can include additional fields not required by the object classes).
+  'required_fields' => array('cn', 'sn', 'mail'),
+  'search_fields'   => array('mail', 'cn'),  // fields to search in
+  // mapping of contact fields to directory attributes
+  'fieldmap' => array(
+    // Roundcube  => LDAP
+    'name'        => 'cn',
+    'surname'     => 'sn',
+    'firstname'   => 'givenName',
+    'email'       => 'mail',
+    'phone:home'  => 'homePhone',
+    'phone:work'  => 'telephoneNumber',
+    'phone:mobile' => 'mobile',
+    'street'      => 'street',
+    'zipcode'     => 'postalCode',
+    'locality'    => 'l',
+    'country'     => 'c',
+    'organization' => 'o',
+  ),
+  'sort'          => 'cn',    // The field to sort the listing by.
+  'scope'         => 'sub',   // search mode: sub|base|list
+  'filter'        => '(objectClass=inetOrgPerson)',      // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
+  'fuzzy_search'  => true,    // server allows wildcard search
+  'vlv'           => false,   // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
+  'numsub_filter' => '(objectClass=organizationalUnit)',   // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting
+  'sizelimit'     => '0',     // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
+  'timelimit'     => '0',     // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
+  'referrals'     => true|false,  // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
+
+  // definition for contact groups (uncomment if no groups are supported)
+  // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above)
+  // if the groups base_dn is empty, the contact base_dn is used for the groups as well
+  // -> in this case, assure that groups and contacts are separated due to the concernig filters! 
+  'groups'        => array(
+    'base_dn'     => '',
+    'scope'       => 'sub',   // search mode: sub|base|list
+    'filter'      => '(objectClass=groupOfNames)',
+    'object_classes' => array("top", "groupOfNames"),
+    'member_attr'  => 'member',   // name of the member attribute, e.g. uniqueMember
+    'name_attr'    => 'cn',       // attribute to be used as group name
+  ),
+);
+*/
+
+// An ordered array of the ids of the addressbooks that should be searched
+// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
+$rcmail_config['autocomplete_addressbooks'] = array('sql');
+
+// The minimum number of characters required to be typed in an autocomplete field
+// before address books will be searched. Most useful for LDAP directories that
+// may need to do lengthy results building given overly-broad searches
+$rcmail_config['autocomplete_min_length'] = 1;
+
+// Number of parallel autocomplete requests.
+// If there's more than one address book, n parallel (async) requests will be created,
+// where each request will search in one address book. By default (0), all address
+// books are searched in one request.
+$rcmail_config['autocomplete_threads'] = 0;
+
+// Max. numer of entries in autocomplete popup. Default: 15.
+$rcmail_config['autocomplete_max'] = 15;
+
+// show address fields in this order
+// available placeholders: {street}, {locality}, {zipcode}, {country}, {region}
+$rcmail_config['address_template'] = '{street}<br/>{locality} {zipcode}<br/>{country} {region}';
+
+// Matching mode for addressbook search (including autocompletion)
+// 0 - partial (*abc*), default
+// 1 - strict (abc)
+// 2 - prefix (abc*)
+// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode
+$rcmail_config['addressbook_search_mode'] = 0;
+
+// ----------------------------------
+// USER PREFERENCES
+// ----------------------------------
+
+// Use this charset as fallback for message decoding
+$rcmail_config['default_charset'] = 'UTF-8';
+
+// skin name: folder from skins/
+$rcmail_config['skin'] = 'default';
+
+// show up to X items in list view
+$rcmail_config['pagesize'] = 40;
+
+// sort contacts by this col (preferably either one of name, firstname, surname)
+$rcmail_config['addressbook_sort_col'] = 'surname';
+
+// the way how contact names are displayed in the list
+// 0: display name
+// 1: (prefix) firstname middlename surname (suffix)
+// 2: (prefix) surname firstname middlename (suffix)
+// 3: (prefix) surname, firstname middlename (suffix)
+$rcmail_config['addressbook_name_listing'] = 0;
+
+// use this timezone to display date/time
+$rcmail_config['timezone'] = 'auto';
+
+// is daylight saving On? Default: (bool)date('I');
+$rcmail_config['dst_active'] = null;
+
+// prefer displaying HTML messages
+$rcmail_config['prefer_html'] = true;
+
+// display remote inline images
+// 0 - Never, always ask
+// 1 - Ask if sender is not in address book
+// 2 - Always show inline images
+$rcmail_config['show_images'] = 0;
+
+// compose html formatted messages by default
+// 0 - never, 1 - always, 2 - on reply to HTML message only 
+$rcmail_config['htmleditor'] = 2;
+
+// show pretty dates as standard
+$rcmail_config['prettydate'] = true;
+
+// save compose message every 300 seconds (5min)
+$rcmail_config['draft_autosave'] = 300;
+
+// default setting if preview pane is enabled
+$rcmail_config['preview_pane'] = true;
+
+// Mark as read when viewed in preview pane (delay in seconds)
+// Set to -1 if messages in preview pane should not be marked as read
+$rcmail_config['preview_pane_mark_read'] = 0;
+
+// Clear Trash on logout
+$rcmail_config['logout_purge'] = false;
+
+// Compact INBOX on logout
+$rcmail_config['logout_expunge'] = true;
+
+// Display attached images below the message body 
+$rcmail_config['inline_images'] = true;
+
+// Encoding of long/non-ascii attachment names:
+// 0 - Full RFC 2231 compatible
+// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default)
+// 2 - Full 2047 compatible
+$rcmail_config['mime_param_folding'] = 1;
+
+// Set true if deleted messages should not be displayed
+// This will make the application run slower
+$rcmail_config['skip_deleted'] = false;
+
+// Set true to Mark deleted messages as read as well as deleted
+// False means that a message's read status is not affected by marking it as deleted
+$rcmail_config['read_when_deleted'] = true;
+
+// Set to true to never delete messages immediately
+// Use 'Purge' to remove messages marked as deleted
+$rcmail_config['flag_for_deletion'] = false;
+
+// Default interval for keep-alive/check-recent requests (in seconds)
+// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
+$rcmail_config['keep_alive'] = 60;
+
+// If true all folders will be checked for recent messages
+$rcmail_config['check_all_folders'] = true;
+
+// If true, after message delete/move, the next message will be displayed
+$rcmail_config['display_next'] = false;
+
+// 0 - Do not expand threads 
+// 1 - Expand all threads automatically 
+// 2 - Expand only threads with unread messages 
+$rcmail_config['autoexpand_threads'] = 2;
+
+// When replying place cursor above original message (top posting)
+$rcmail_config['top_posting'] = false;
+
+// When replying strip original signature from message
+$rcmail_config['strip_existing_sig'] = true;
+
+// Show signature:
+// 0 - Never
+// 1 - Always
+// 2 - New messages only
+// 3 - Forwards and Replies only
+$rcmail_config['show_sig'] = 1;
+
+// When replying or forwarding place sender's signature above existing message
+$rcmail_config['sig_above'] = false;
+
+// Use MIME encoding (quoted-printable) for 8bit characters in message body
+$rcmail_config['force_7bit'] = false;
+
+// Defaults of the search field configuration.
+// The array can contain a per-folder list of header fields which should be considered when searching
+// The entry with key '*' stands for all folders which do not have a specific list set.
+// Please note that folder names should to be in sync with $rcmail_config['default_imap_folders']
+$rcmail_config['search_mods'] = null;  // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
+
+// Defaults of the addressbook search field configuration.
+$rcmail_config['addressbook_search_mods'] = null;  // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1);
+
+// 'Delete always'
+// This setting reflects if mail should be always deleted
+// when moving to Trash fails. This is necessary in some setups
+// when user is over quota and Trash is included in the quota.
+$rcmail_config['delete_always'] = true;
+
+// Behavior if a received message requests a message delivery notification (read receipt)
+// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask)
+// 3 = send automatically if sender is in addressbook, otherwise ask the user
+// 4 = send automatically if sender is in addressbook, otherwise ignore
+$rcmail_config['mdn_requests'] = 0;
+
+// Return receipt checkbox default state
+$rcmail_config['mdn_default'] = 0;
+
+// Delivery Status Notification checkbox default state
+$rcmail_config['dsn_default'] = 0;
+
+// Place replies in the folder of the message being replied to
+$rcmail_config['reply_same_folder'] = true;
+
+// Sets default mode of Forward feature to "forward as attachment"
+$rcmail_config['forward_attachment'] = false;
+
+// Defines address book (internal index) to which new contacts will be added
+// By default it is the first writeable addressbook.
+// Note: Use '0' for built-in address book.
+$rcmail_config['default_addressbook'] = null;
+
+// Enables spell checking before sending a message.
+$rcmail_config['spellcheck_before_send'] = false;
+
+// Skip alternative email addresses in autocompletion (show one address per contact)
+$rcmail_config['autocomplete_single'] = false;
+
+// end of config file
index 37d70a5..80fcb92 100644 (file)
@@ -29,7 +29,7 @@ Git(ACCEPT)                   net    $FW
 HTTP(ACCEPT)                  net    $FW
 HTTPS(ACCEPT)                 net    $FW
 Iodine(ACCEPT)                net    $FW
-Limit(IMAPS,5,60):info        net    $FW         tcp   imaps
+#Limit(IMAPS,5,60):info        net    $FW         tcp   imaps
 IMAPS(ACCEPT)                 net    $FW
 Fanout(ACCEPT)                net    $FW
 Managesieve(ACCEPT)           net    $FW
index df5aa38..7d11fd2 100644 (file)
@@ -1,28 +1,70 @@
-"$tool"/local/apt-get-install dovecot-imapd dovecot-managesieved dovecot-sieve
+"$tool"/local/apt-get-install dovecot-imapd dovecot-lmtpd dovecot-managesieved dovecot-pop3d dovecot-sieve
 "$tool"/local/insserv-remove  dovecot
 
 hint="run before: remote/runit-configure $sv"
-assert 'sudo test -f /etc/dovecot/$local_domainname/imap/x509/key.pem' hint
+for domain in \
+ "$local_domainname" \
+ cyclocoop.org
+ do
+       assert "sudo test -f /etc/dovecot/$domain/imap/x509/key.pem" hint
+       sudo install -m 400 -o root -g root \
+        "$tool"/var/pub/x509/imap."$domain"/crt+crl.self-signed.pem \
+           /etc/dovecot/"$domain"/imap/x509/crt+crl.self-signed.pem
+ done
 
-sudo install -m 400 -o root -g root \
- "$tool"/var/pub/x509/imap."$local_domainname"/crt+crl.self-signed.pem \
-    /etc/dovecot/"$local_domainname"/imap/x509/crt+crl.self-signed.pem
-sudo install -d -m 770 -o root -g root \
- /etc/skel/etc/mail \
- /etc/skel/etc/sieve
+hint="run before: local/runit-configure nginx -- autoconfig"
+assert "getent passwd www-autoconfig" hint
+sudo install -d -m 750 -o www-autoconfig -g www-autoconfig \
+ ~www-autoconfig/mail/
+sudo install -m 640 -o www-autoconfig -g www-autoconfig \
+ "$tool"/etc/dovecot/autoconfig.xml \
+ ~www-autoconfig/mail/config-v1.1.xml
+
+sudo usermod --home /home/mail mail
+sudo install -d -m 0751 -o mail -g mail \
+ ~mail
+for dir in \
+ /etc/dovecot/acl/global.d \
+ ~mail/data \
+ ~mail/log \
+ /etc/dovecot/sieve \
+ /etc/dovecot/sieve/after.d \
+ /etc/dovecot/sieve/before.d \
+ /etc/dovecot/sieve/global.d
+ do
+       sudo install -d -m 3775 -o root -g root "$dir"
+ done
+for dir in \
+ after.d \
+ before.d \
+ global.d
+ do
+       if sudo test -e "$tool"/etc/dovecot/sieve/"$dir"
+        then
+               sudo find "$tool"/etc/dovecot/sieve/"$dir" \
+                -maxdepth 1 -type f \
+                -name '*.sieve' \
+                -exec install -m 644 -o root -g root \
+                -t /etc/dovecot/sieve/"$dir" {} +
+        fi
+       sudo sievec /etc/dovecot/sieve/"$dir"
+       sudo find   /etc/dovecot/sieve/"$dir" \
+        -maxdepth 1 -type f \
+        -exec chmod 664 {} +
+ done
+
+#sudo install -d -m 770 -o root -g root \
+# /etc/skel/etc/mail \
+# /etc/skel/etc/sieve
 sudo install -d -m 1777 -o root -g root \
  /var/lib/dovecot-control \
  /var/lib/dovecot-index
 m4 \
  --define=LOCAL_DOMAINNAME=$local_domainname \
- <"$tool"/etc/dovecot/local.conf.m4 |
+ <"$tool"/etc/dovecot/dovecot.conf.m4 |
 sudo install -m 644 -o root -g root /dev/stdin \
- /etc/dovecot/local.conf
-sudo install -m 755 -o root -g root /dev/stdin /usr/local/bin/dovecot-passwd <<-EOF
-       #!/bin/sh -efux
-       # DESCRIPTION: permet à un-e utilisateurice d'initialiser ellui-même son mot-de-passe dovecot.
-       install -d -m 770 ~/etc/dovecot
-       install -m 640 /dev/stdin ~/etc/dovecot/passwd <<_EOF
-       \$USER:\$(/usr/bin/doveadm pw -s SHA512-CRYPT):::::::
-       _EOF
-       EOF
+ /etc/dovecot/dovecot.conf
+sudo install -m 640 -o root -g postfix \
+ "$tool"/etc/dovecot/transport \
+        /etc/dovecot/transport
+sudo postmap hash:/etc/dovecot/transport
index 3255de7..41a7891 100644 (file)
@@ -1,14 +1,19 @@
-"$tool"/remote/site-x509-key-decrypt imap."$local_domainname" |
-"$tool"/remote/ssh root@"$local_fqdn" ' \
-       sudo install -d -m 770 -o root -g root \
-        /etc/dovecot/'"$local_domainname"'/ \
-        /etc/dovecot/'"$local_domainname"'/imap \
-        /etc/dovecot/'"$local_domainname"'/imap/x509 ; \
-       sudo install -m 644 -o root -g root /dev/stdin \
-        /etc/dovecot/'"$local_domainname"'/imap/x509/.gitignore <<-EOF
-               key.pem
-               EOF
-       sudo install -m 400 -o root -g root \
-        /dev/stdin \
-        /etc/dovecot/'"$local_domainname"'/imap/x509/key.pem
- '
+for domain in \
+ "$local_domainname" \
+ cyclocoop.org
+ do
+       "$tool"/remote/site-x509-key-decrypt imap."$domain" |
+       "$tool"/remote/ssh root@"$local_fqdn" ' \
+               sudo install -d -m 770 -o root -g root \
+                /etc/dovecot/'"$domain"'/ \
+                /etc/dovecot/'"$domain"'/imap \
+                /etc/dovecot/'"$domain"'/imap/x509 ; \
+               sudo install -m 644 -o root -g root /dev/stdin \
+                /etc/dovecot/'"$domain"'/imap/x509/.gitignore <<-EOF
+                       key.pem
+                       EOF
+               sudo install -m 400 -o root -g root \
+                /dev/stdin \
+                /etc/dovecot/'"$domain"'/imap/x509/key.pem
+        '
+ done
diff --git a/etc/sv/dovecot/transport b/etc/sv/dovecot/transport
new file mode 100644 (file)
index 0000000..ea21a09
--- /dev/null
@@ -0,0 +1 @@
+dovecot.cyclocoop.org lmtp:unix:private/dovecot-lmtp
index ae7c1dc..81ba013 100644 (file)
@@ -5,8 +5,7 @@ home=/home/sympa
 while ! sudo -u postgres psql </dev/null
 do sleep 1; done
 "$tool"/local/postgresql-user-create "$sv"
-sudo -u postgres psql template1 -a -f - <<-EOF
-       \set ON_ERROR_STOP on
+sudo -u postgres psql template1 -a -f - --set ON_ERROR_STOP=1 <<-EOF
        -- NOTE: pour /usr/share/sympa/lib/Upgrade.pm
        --       appelant DBI->tables
        GRANT USAGE  ON SCHEMA pg_catalog                TO $sv;
@@ -138,7 +137,7 @@ sudo install -m 600 -o root -g root /dev/stdin \
                dbc_authmethod_user='ident'
                dbc_basepath=''
                dbc_dbadmin='postgres'
-               dbc_dbname='sympa'
+               dbc_dbname='$sv'
                dbc_dbpass=''
                dbc_dbport=''
                dbc_dbserver='/run/postgresql'
@@ -151,15 +150,14 @@ sudo install -m 600 -o root -g root /dev/stdin \
        EOF
 
 ! sudo etckeeper unclean ||
-sudo etckeeper commit -m "rule_runit_configure $sv"
+sudo etckeeper commit -m "runit-configure $sv"
 
 "$tool"/local/apt-get-install --no-install-recommends sympa
  # NOTE: évite d'installer apache2 ..
 
 "$tool"/local/insserv-remove sympa
 
-sudo -u postgres psql template1 -a -f - <<-EOF
-       \set ON_ERROR_STOP on
+sudo -u postgres psql template1 -a -f - --set ON_ERROR_STOP=1 <<-EOF
        REVOKE ALL ON DATABASE $sv FROM public;
        GRANT ALL PRIVILEGES ON DATABASE $sv TO $sv;
        EOF
index 163eb46..2b4db60 100644 (file)
@@ -1,5 +1,4 @@
-/^cyclocoop\.org$/ handle_this_virtual_domain
 /^(postmaster|root|abuse|sympa-request)@(cyclocoop\.org)$/ $2-$1
 /^(listmaster|sympa)@(cyclocoop\.org)$/ $2-$1
 /^(.*)-(request|editor|owner|subscribe|unsubscribe)@(cyclocoop\.org)$/ $3-$1-$2
-/^(.*)@(cyclocoop\.org)$/ $2-$1
+/^([^+]*)@(cyclocoop\.org)$/ $2-$1
index c10d99c..766e73d 160000 (submodule)
@@ -1 +1 @@
-Subproject commit c10d99ca531aa181b32b438659a4e7d3f7c8b2b8
+Subproject commit 766e73d6e08465c3c9682e5128a09f5c0e49f115
diff --git a/local/addgroup b/local/addgroup
new file mode 100755 (executable)
index 0000000..9c4e99f
--- /dev/null
@@ -0,0 +1,7 @@
+#!/bin/sh -eu
+tool=$(readlink -e "${0%/*}/..")
+. "$tool"/local/lib.sh
+
+group=$1; shift
+getent group "$group" >/dev/null ||
+sudo /usr/sbin/addgroup "$@" "$group"
diff --git a/local/dovecot-user-add b/local/dovecot-user-add
new file mode 100755 (executable)
index 0000000..017faaf
--- /dev/null
@@ -0,0 +1,205 @@
+#!/bin/sh -eu
+tool=$(readlink -e "${0%/*}/..")
+first_valid_uid=30000
+first_valid_gid=30000
+. "$tool"/local/lib.sh
+# SYNTAX: user@domain
+# ENVIRONMENT:
+#   extra_fields
+#   gid
+#   home
+#   mail_access_groups
+#   password
+#   uid
+# DESCRIPTION: outil de création de compte dovecot
+
+IFS=@ read -r user domain <<-EOF
+       $1
+       EOF
+test "${user:+set"}"
+test "${domain:+set"}"
+shift
+
+# setup_nss
+       domain_group=mail-"$(sed -e 's/[^0-9a-z-]/_/g' <<-EOF
+               $domain
+               EOF
+        )"
+       "$tool"/local/addgroup "$domain_group" --system
+# setup_dirs
+       for dir in \
+        /etc/dovecot \
+        ~mail/acl \
+        ~mail/data \
+        ~mail/log \
+        /var/lib/dovecot-control \
+        /var/lib/dovecot-index
+        do
+               # NOTE: postfix est configuré pour transporter "dovecot.$domain" via le LMTP de dovecot.
+               # mais du coup le domaine récupéré par dovecot comporte le préfixe "dovecot."
+               sudo install -d -o mail -g "$domain_group" -m 1770 \
+                "$dir"/dovecot."$domain"
+               sudo ln -fns \
+                dovecot."$domain" \
+                "$dir"/"$domain"
+        done
+       sudo chmod -t ~mail/acl/dovecot."$domain"
+               # NOTE: permet les mv shared.db{.lock,} effectués par dovecot
+       
+       sudo install -d -o mail -g php5_roundcube -m 1770 \
+        /etc/dovecot/dovecot."$domain"
+       sudo install -d -o mail -g postfix -m 750 \
+        /etc/mail/dovecot
+# setup_postfix
+       dir_virtual_alias=/etc/mail/dovecot
+       old_virtual_alias="$dir_virtual_alias"/virtual_alias
+       virtual_alias_entry="$user@$domain $user@dovecot.$domain"
+       virtual_alias=$(sudo cat "$old_virtual_alias")
+       if ! grep -Fqx "$virtual_alias_entry" <<-EOF
+               $virtual_alias
+               EOF
+        then
+               new_virtual_alias=$(sudo TMPDIR= mktemp --tmpdir="$dir_virtual_alias" -t "virtual_alias.XXXXXXXX.tmp")
+               sort -k 1,1 <<-EOF |
+                       $virtual_alias_entry${virtual_alias:+$(printf '\n%s' "$virtual_alias")}
+                       EOF
+               sudo install -o root -g postfix -m 640 /dev/stdin \
+                "$new_virtual_alias"
+               sudo mv -f "$new_virtual_alias" "$old_virtual_alias"
+               sudo postmap hash:/etc/mail/dovecot/virtual_alias
+               sudo postfix reload
+        fi
+# setup_passwd
+       dir_passwd=/etc/dovecot/"$domain"
+       old_passwd="$dir_passwd"/passwd
+       new_passwd=$(sudo TMPDIR= mktemp --tmpdir="$dir_passwd" -t "passwd.XXXXXXXX.tmp")
+       has_done_user=:
+       while IFS=: read <&4 -r \
+        passwd_user \
+        passwd_password \
+        passwd_uid \
+        passwd_gid \
+        passwd_gecos \
+        passwd_home \
+        passwd_shell \
+        passwd_extra_fields
+        do
+               case "$passwd_user" in
+                ("$user"|"!")
+                       $has_done_user
+                       has_done_user=continue
+                       if test "${password:+set}"
+                        then
+                               password=$(/usr/bin/doveadm pw -s SHA512-CRYPT -p "$password")
+                        else
+                               if test "${password+defined}" -o -z "${passwd_password-}"
+                                then
+                                       IFS= read -r password <<-EOF
+                                               $(/usr/bin/doveadm pw -s SHA512-CRYPT)
+                                               EOF
+                                else
+                                       password=$passwd_password
+                                fi
+                        fi
+                       home=${home:-~mail/data/"$domain/$user"}
+                       uid=${uid:-$passwd_uid}
+                       gid=${gid:-$passwd_gid}
+                       if test "$domain" = "$local_domainname" &&
+                               getent passwd "$user"
+                        then
+                               uid=${uid:-$(id -u "$user")}
+                               gid=${gid:-$(id -g "$user")}
+                               sudo adduser "$user" "$domain_group"
+                        else
+                               if sudo test -e "$home"
+                                then
+                                       uid=${uid:-$(sudo stat -c '%u' "$home")}
+                                       gid=${gid:-$(sudo stat -c '%g' "$home")}
+                                fi
+                               sudo touch /etc/dovecot/passwd
+                               if test ! "${uid:+set}"
+                                then uid=$first_valid_uid; while sudo find /etc/dovecot/ \
+                                        -mindepth 1 -maxdepth 2 -type f -name passwd -exec \
+                                               grep -q -x "^[^:]*:[^:]*:$uid:.*" {} +
+                                        do uid=$((uid + 1))
+                                        done
+                                fi
+                               if test ! "${gid:+set}"
+                                then gid=$first_valid_gid; while sudo find /etc/dovecot/ \
+                                        -mindepth 1 -maxdepth 2 -type f -name passwd -exec \
+                                               grep -q -x "^[^:]*:[^:]*:[^:]*:$gid:.*" {} +
+                                        do gid=$((gid + 1))
+                                        done
+                                fi
+                        fi
+                       gecos=${gecos:-${passwd_gecos:-}}
+                       shell=${shell:-${passwd_shell:-/bin/false}}
+                       while IFS='=' read -r name value
+                        do case $name in
+                                ("userdb_gid") : ;;
+                                ("userdb_home") : ;;
+                                ("userdb_mail_access_groups") mail_access_groups=${mail_access_groups-$value};;
+                                ("userdb_uid") : ;;
+                                ('') : ;;
+                                (*) extra_fields="${extra_fields:+$extra_fields }$name=$value";;
+                                esac
+                        done <<-EOF
+                               $(tr ' ' '\n' <<-EOF
+                                       $passwd_extra_fields
+                                       EOF
+                                )
+                               EOF
+                       extra_fields="${extra_fields:+$extra_fields }userdb_uid=$uid"
+                       extra_fields="${extra_fields:+$extra_fields }userdb_gid=$gid"
+                       extra_fields="${extra_fields:+$extra_fields }userdb_home=$home"
+                       extra_fields="${extra_fields:+$extra_fields }userdb_mail_access_groups=${mail_access_groups-$domain_group}"
+                       cat >&3 <<-EOF
+                               $user:$password:$uid:$gid:$gecos:$home:$shell:$extra_fields
+                               EOF
+                       # setup_maildir
+                               welcome_mail=$(sudo test -e "$home" || echo send)
+                               sudo install -d -o "$uid" -g "$gid" -m 2770 \
+                                "$home" \
+                                "$home"/Maildir
+                               sudo install -d -o "$uid" -g "$gid" -m 0700 \
+                                "$home"/acl.d \
+                                "$home"/sieve.d
+                               sudo install -o "$uid" -g "$gid" -m 0600 \
+                                "$tool"/etc/dovecot/sieve/user.sieve \
+                                "$home"/sieve.d/main.sieve
+                               sudo touch  "$home"/sieve.d/roundcube.sieve
+                               if sudo test ! -e "$home"/sieve
+                                then sudo ln -s sieve.d/main.sieve "$home"/sieve
+                                fi
+                       ;;
+                ('') : ;;
+                ('!!')
+                       if test "${welcome_mail:+set}"
+                        then
+                               mail \
+                                -S from=postmaster@"$local_domainname" \
+                                -s "Bienvenue $user@$domain" \
+                                "$user"@"$domain" <<-EOF
+                                       Bienvenue $user@$domain,
+                                       
+                                       pour tout support technique : postmaster@$domain .
+                                       
+                                       -- 
+                                       Le support technique de $domain.
+                                       EOF
+                        fi
+                       ;;
+                (*)
+                       cat >&3 <<-EOF
+                               $passwd_user:$passwd_password:$passwd_uid:$passwd_gid:$passwd_gecos:$passwd_home:$passwd_shell:$passwd_extra_fields
+                               EOF
+                       ;;
+                esac
+        done 4<<-EOF 3>&1 >&2 |
+               $(sudo test ! -e "$old_passwd" || sudo cat "$old_passwd")
+               !
+               !!
+               EOF
+       sort -k 1,1 -t : |
+       sudo install -o php5_roundcube -g php5_roundcube -m 0640 /dev/stdin "$new_passwd"
+       sudo mv -f "$new_passwd" "$old_passwd"
diff --git a/local/dovecot-user-del b/local/dovecot-user-del
new file mode 100755 (executable)
index 0000000..513f7aa
--- /dev/null
@@ -0,0 +1,134 @@
+#!/bin/sh -eu
+tool=$(readlink -e "${0%/*}/..")
+. "$tool"/local/lib.sh
+# SYNTAX: user@domain
+# ENVIRONMENT:
+#   purge
+# DESCRIPTION: outil de suppression de compte dovecot
+
+IFS=@ read -r user domain <<-EOF
+       $1
+       EOF
+test "${user:+set"}"
+test "${domain:+set"}"
+shift
+
+# setup_postfix
+       dir_virtual_alias=/etc/mail/dovecot
+       old_virtual_alias="$dir_virtual_alias"/virtual_alias
+       virtual_alias_entry="$user@$domain $user@dovecot.$domain"
+       virtual_alias=$(sudo cat "$old_virtual_alias" || true)
+       if grep -Fqx "$virtual_alias_entry" <<-EOF
+               $virtual_alias
+               EOF
+        then
+               new_virtual_alias=$(sudo TMPDIR= mktemp --tmpdir="$dir_virtual_alias" -t "virtual_alias.XXXXXXXX.tmp")
+               grep -Fvx "$virtual_alias_entry" <<-EOF |
+                       $virtual_alias
+                       EOF
+               sudo install -o root -g postfix -m 640 /dev/stdin \
+                "$new_virtual_alias"
+               sudo mv -f "$new_virtual_alias" "$old_virtual_alias"
+               sudo postmap hash:/etc/mail/dovecot/virtual_alias
+               sudo postfix reload
+        fi
+# setup_acl
+       if test "${purge:+set}"
+        then
+               if sudo doveadm user "$user@$domain"
+                then
+                       sudo doveadm mailbox list -u "$user@$domain" |
+                       while IFS= read -r mailbox
+                        do sudo doveadm acl get -u "$user@$domain" "$mailbox" |
+                               while IFS=' ' read -r acl_id x
+                                do sudo doveadm acl delete -u "$user@$domain" "$mailbox" "$acl_id"
+                                done
+                        done
+                fi
+        fi
+# setup_passwd
+       dir_passwd=/etc/dovecot/"$domain"
+       old_passwd="$dir_passwd"/passwd
+       new_passwd=$(sudo TMPDIR= mktemp --tmpdir="$dir_passwd" -t "passwd.XXXXXXXX.tmp")
+       if sudo test -e "$old_passwd"
+        then
+               while IFS=: read <&4 -r \
+                passwd_user \
+                passwd_x
+                do
+                       case "$passwd_user" in
+                        ("$user") : ;;
+                        (*)
+                               cat >&3 <<-EOF
+                                       $passwd_user${passwd_x:+:$passwd_x}
+                                       EOF
+                               ;;
+                        esac
+                done 4<<-EOF 3>&1 >&2 |
+                       $(sudo cat "$old_passwd")
+                       EOF
+               sudo install -o php5_roundcube -g php5_roundcube -m 0640 /dev/stdin "$new_passwd"
+               sudo mv -f "$new_passwd" "$old_passwd"
+        fi
+# setup_nss
+       domain_group=mail-"$(printf '%s' "$domain" | sed -e 's/[^0-9a-z-]/_/g')"
+       if test -z "$({ getent group "$domain_group" || printf ":::x"; } | cut -d: -f4)"
+        then
+               if test "$domain" = "$local_domainname" &&
+                       getent passwd "$user"
+                then
+                       sudo deluser "$user" "$domain_group"
+                fi
+               sudo delgroup "$domain_group"
+        fi
+# setup_dirs
+       if test "${purge:+set}"
+        then
+               for dir in \
+                ~mail/data/"$domain"/"$user" \
+                /var/lib/dovecot-control/"$domain"/"$user" \
+                /var/lib/dovecot-index/"$domain"/"$user"
+                do
+                       if sudo test -e "$dir"
+                        then
+                               sudo find "$dir" -type f -exec \
+                                       shred --force --iterations=1 --remove {} +
+                               sudo rm -rf "$dir"
+                        fi
+                done
+        fi
+# setup_roundcube
+       if test "${purge:+set}"
+        then
+               sudo -u php5_roundcube psql -1AqtX --set ON_ERROR_STOP=1 -U roundcube roundcube <<-EOF
+                       DO LANGUAGE plpgsql \$\$
+                               DECLARE uid integer;
+                       BEGIN
+                               SELECT user_id INTO uid
+                                       FROM users
+                                       WHERE username = '$user@$domain';
+                               DELETE
+                                       FROM cache
+                                       WHERE user_id = uid;
+                               DELETE
+                                       FROM contactgroupmembers
+                                       WHERE contactgroup_id
+                                        IN (SELECT contactgroup_id
+                                               FROM contactgroups
+                                               WHERE user_id = uid);
+                               DELETE
+                                       FROM contactgroups
+                                       WHERE user_id = uid;
+                               DELETE
+                                       FROM contacts
+                                       WHERE user_id = uid;
+                               DELETE
+                                       FROM identities
+                                       WHERE user_id = uid;
+                               DELETE
+                                       FROM users
+                                       WHERE user_id = uid;
+                       END;
+                       \$\$;
+                       EOF
+        fi
index be3e4b4..05d6034 100755 (executable)
@@ -18,7 +18,8 @@ sudo install -m 644 -o root -g root /dev/stdin \
 sudo install -m 644 -o root -g root /dev/stdin \
  /etc/resolv.conf <<-EOF
        search ${local_host#*.}
-       nameserver ${local_host_nameserver}
+       nameserver 127.0.0.1
+       #nameserver ${local_host_nameserver}
        EOF
 m4 \
  --define=LOCAL_IPV4=$local_ipv4 \
index d26b80d..6512a16 100755 (executable)
@@ -1,41 +1,22 @@
 #!/bin/sh -eux
 db="$1"
 owner="${2:-$db}"
-sudo -u postgres psql template1 -a -f - <<-EOF
-       \set ON_ERROR_STOP on
-       DO LANGUAGE plpgsql \$\$
-       BEGIN
-               IF NOT EXISTS (
-                SELECT *
-                FROM pg_catalog.pg_user
-                WHERE usename = '$owner'
-                LIMIT 1
-               ) THEN
-                       CREATE ROLE $owner
-                        LOGIN
-                        NOCREATEDB
-                        NOCREATEROLE
-                        NOINHERIT
-                        NOSUPERUSER;
-               END IF;
-       END;
-       \$\$;
-       EOF
 case $(sudo -u postgres psql template1 -t -c \
-       "SELECT datname FROM pg_catalog.pg_database WHERE datname = '$db' LIMIT 1") in
+       "SELECT datname
+               FROM pg_catalog.pg_database
+               WHERE datname = '$db'
+               LIMIT 1"
+ ) in
  (" $db") true;;
  (*)
-       sudo -u postgres psql template1 -a -f - <<-EOF
-               \set ON_ERROR_STOP on
+       sudo -u postgres psql template1 -a -f - --set ON_ERROR_STOP=1 <<-EOF
                CREATE DATABASE $db WITH OWNER=$owner;
                EOF
        ;;
  esac
-sudo -u postgres psql template1 -a -f - <<-EOF
-       \set ON_ERROR_STOP on
+sudo -u postgres psql template1 -a -f - --set ON_ERROR_STOP=1 <<-EOF
        REVOKE ALL ON DATABASE $db FROM public;
        EOF
-sudo -u postgres psql "$db" -a -f - <<-EOF
-       \set ON_ERROR_STOP on
+sudo -u postgres psql "$db" -a -f - --set ON_ERROR_STOP=1 <<-EOF
        GRANT ALL ON SCHEMA public TO $owner WITH GRANT OPTION;
        EOF
index e01f0c4..25d5cf3 100755 (executable)
@@ -1,6 +1,6 @@
 #!/bin/sh -eux
 role="$1"; shift
-sudo -u postgres psql "$@" -a -f - <<-EOF
+sudo -u postgres psql "$@" -a -f - --set ON_ERROR_STOP=1 <<-EOF
        \set ON_ERROR_STOP on
        DO LANGUAGE plpgsql \$\$
        BEGIN
diff --git a/local/postgresql-schema-create b/local/postgresql-schema-create
new file mode 100755 (executable)
index 0000000..64ee80d
--- /dev/null
@@ -0,0 +1,19 @@
+#!/bin/sh -eux
+db="$1"
+schema="${2:-$db}"
+owner="${3:-$schema}"
+sudo -u postgres psql "$db" -a -f - --set ON_ERROR_STOP=1 <<-EOF
+       DO LANGUAGE plpgsql \$\$
+       BEGIN
+               IF NOT EXISTS (
+                SELECT *
+                FROM pg_catalog.pg_namespace
+                WHERE nspname = '$schema'
+                LIMIT 1
+               ) THEN
+                       CREATE SCHEMA $schema
+                        AUTHORIZATION $owner;
+               END IF;
+       END;
+       \$\$;
+       EOF
index 56b37c9..902758b 100755 (executable)
@@ -1,8 +1,7 @@
 #!/bin/sh -eux
 user="$1"
 db="${2-}"
-sudo -u postgres psql "${db-}" -a -f - <<-EOF
-       \set ON_ERROR_STOP on
+sudo -u postgres psql "${db-}" -a -f - --set ON_ERROR_STOP=1 <<-EOF
        DO LANGUAGE plpgsql \$\$
        BEGIN
                IF NOT EXISTS (
diff --git a/local/roundcube-chpasswd b/local/roundcube-chpasswd
new file mode 100755 (executable)
index 0000000..92cf455
--- /dev/null
@@ -0,0 +1,38 @@
+#!/bin/sh -efu
+
+test "$(id -n -u)" = php5_roundcube
+
+IFS=: read -r user password
+IFS=@ read -r user domain <<-EOF
+       $user
+       EOF
+test "${user:+set"}"
+test "${domain:+set"}"
+test "${password:+set"}"
+
+umask 0077
+dir_passwd=/etc/dovecot/"$domain"
+old_passwd="$dir_passwd"/passwd
+new_passwd=$(TMPDIR= /bin/mktemp --tmpdir="$dir_passwd" -t "passwd.XXXXXXXX.tmp")
+return=1
+while IFS=: read <&4 -r passwd_user passwd_password passwd_x
+ do
+       case "$passwd_user" in
+        ("$user")
+               return=0
+               /bin/cat >&3 <<-EOF
+                       $user:$(/usr/bin/doveadm pw -s SHA512-CRYPT -p "$password"):$passwd_x
+                       EOF
+               ;;
+        ('') : ;;
+        (*)
+               /bin/cat >&3 <<-EOF
+                       $passwd_user:$passwd_password:$passwd_x
+                       EOF
+               ;;
+        esac
+ done 3>"$new_passwd" 4<<-EOF
+       $(/bin/cat "$old_passwd")
+       EOF
+/bin/mv -f "$new_passwd" "$old_passwd"
+exit $return
diff --git a/var/pub/x509/imap.cyclocoop.org/ca b/var/pub/x509/imap.cyclocoop.org/ca
new file mode 120000 (symlink)
index 0000000..2ef2817
--- /dev/null
@@ -0,0 +1 @@
+../cyclocoop.org
\ No newline at end of file
diff --git a/var/pub/x509/imap.cyclocoop.org/crl.num b/var/pub/x509/imap.cyclocoop.org/crl.num
new file mode 100644 (file)
index 0000000..8a0f05e
--- /dev/null
@@ -0,0 +1 @@
+01
diff --git a/var/pub/x509/imap.cyclocoop.org/crl.num.old b/var/pub/x509/imap.cyclocoop.org/crl.num.old
new file mode 100644 (file)
index 0000000..4daddb7
--- /dev/null
@@ -0,0 +1 @@
+00
diff --git a/var/pub/x509/imap.cyclocoop.org/crl.pem b/var/pub/x509/imap.cyclocoop.org/crl.pem
new file mode 100644 (file)
index 0000000..81d85b6
--- /dev/null
@@ -0,0 +1,22 @@
+-----BEGIN X509 CRL-----
+MIIDujCCAaICAQEwDQYJKoZIhvcNAQENBQAwggFeMQswCQYDVQQGEwJGUjEjMCEG
+A1UECB4aAM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxIzAhBgNVBAceGgDOAGwA
+ZQAtAGQAZQAtAEYAcgBhAG4AYwBlMRUwEwYDVQQKEwxDeWNsb2ZmaWNpbmUxFTAT
+BgNVBAsTDFNlcnZpY2UgSU1BUDEbMBkGA1UEAxMSaW1hcC5jeWNsb2Nvb3Aub3Jn
+MUswSQYDVQQPHkIAVgAxAC4AMAAsACAAbgBpACAAZABpAGUAdQAgAG4AaQAgAG0A
+YQDuAHQAcgBlACAAbgBpACAAbQBvAHQAZQB1AHIxKzApBgsrBgEEAYI3PAIBAR4a
+AM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxKzApBgsrBgEEAYI3PAIBAh4aAM4A
+bABlAC0AZABlAC0ARgByAGEAbgBjAGUxEzARBgsrBgEEAYI3PAIBAxMCRlIXDTEz
+MDcxNDExMjMyNFoXDTIzMDcxNTExMjMyNFqgDjAMMAoGA1UdFAQDAgEAMA0GCSqG
+SIb3DQEBDQUAA4ICAQCLguCS7fC96JzvS/WQ6RWT8D1bBd2+n8JqdvHhtstBXv7X
+SQBPmpACpeqSF3kmysiQeNeC2NZGQ+O5mULLemMgWZhJppJSfDnxELrPzYh+uPDY
+N0g++oBvZvg2alej1NYdy8RBsHYW86jFK9Zw8sDbIJ7vImusI3PObtuv2ovvUWmm
+i6RlKcMdN8FnEBD9MfAAi8h/pk2/7t4BT4zeyMsG4j/mByQTBz3nubMECkXiqZjz
+vfrxVNvX431P2sBvsShNIb1uitvCENZdUv5VwwVCYh6vywWK93OC+wsv6meuMmhG
+qkNVqav0PGMnahpLUMAWMR9N59z9ZM/Or/j+0jdG/gR/KjeDO5q52zM6GFEegdCt
+srpiD+l6bIQzybuR6Vxz4OZpWz9qtpD/OM7mUxacxhVIcBntUQvrBJ1uNIxUokPJ
+uHAn7o2o09FTrgoeVG4bH4v8Mlod9zmtc1TH/i1ezUMysyeV1tRIV2+oAxLPQ4D1
+5g0/zLLHl47FbjU8HJhgb5DNhYaBzpJcCdERxIiX+aATf8G2EnqXyDcvzl5bEjWD
+AfWvsVnF0RzBds5xE8QgLkjYoIqpRV2130rrbmZcZg5IphAz9xO0y4V6q+58lhHq
+G6rDtvntypjUfM1CNgskJk0xvDELfh5w0aETqVFSzB3VhZUzwpFj8kJyzYRROA==
+-----END X509 CRL-----
diff --git a/var/pub/x509/imap.cyclocoop.org/crl.self-signed.num b/var/pub/x509/imap.cyclocoop.org/crl.self-signed.num
new file mode 100644 (file)
index 0000000..8a0f05e
--- /dev/null
@@ -0,0 +1 @@
+01
diff --git a/var/pub/x509/imap.cyclocoop.org/crl.self-signed.num.old b/var/pub/x509/imap.cyclocoop.org/crl.self-signed.num.old
new file mode 100644 (file)
index 0000000..4daddb7
--- /dev/null
@@ -0,0 +1 @@
+00
diff --git a/var/pub/x509/imap.cyclocoop.org/crl.self-signed.pem b/var/pub/x509/imap.cyclocoop.org/crl.self-signed.pem
new file mode 100644 (file)
index 0000000..bcdcea4
--- /dev/null
@@ -0,0 +1,22 @@
+-----BEGIN X509 CRL-----
+MIIDujCCAaICAQEwDQYJKoZIhvcNAQENBQAwggFeMQswCQYDVQQGEwJGUjEjMCEG
+A1UECB4aAM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxIzAhBgNVBAceGgDOAGwA
+ZQAtAGQAZQAtAEYAcgBhAG4AYwBlMRUwEwYDVQQKEwxDeWNsb2ZmaWNpbmUxFTAT
+BgNVBAsTDFNlcnZpY2UgSU1BUDEbMBkGA1UEAxMSaW1hcC5jeWNsb2Nvb3Aub3Jn
+MUswSQYDVQQPHkIAVgAxAC4AMAAsACAAbgBpACAAZABpAGUAdQAgAG4AaQAgAG0A
+YQDuAHQAcgBlACAAbgBpACAAbQBvAHQAZQB1AHIxKzApBgsrBgEEAYI3PAIBAR4a
+AM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxKzApBgsrBgEEAYI3PAIBAh4aAM4A
+bABlAC0AZABlAC0ARgByAGEAbgBjAGUxEzARBgsrBgEEAYI3PAIBAxMCRlIXDTEz
+MDcxNDExMjMyNVoXDTIzMDcxNTExMjMyNVqgDjAMMAoGA1UdFAQDAgEAMA0GCSqG
+SIb3DQEBDQUAA4ICAQAxtnTBHXUjgDzzT4EwmvhUTrdF/sl85lyQGXGrYJWnY05Z
+fHPuqmkzPtW6+JvpIMo42mUaexw8wiOWTMJwHN7E32ITcq5XbeiyMARAz9LOOgnn
+AkKWn4qXQGp8GAEPXrLLy0NEAuv2khqNMJi02Mx5Zy/kBTzG071JDMIoWqK/vTwg
+xmN8JiUsncspBD+hk0lRRsGr6el79AkrJ+P8Rvc9SSbdWpBVi5+ahNPX+zB6yRHw
+WpRhtqrivICSOtG5duXSwVg8HrrPw730wYvrFK55SSrkyhaIdVM4yOagja4vfe32
+ReF+iyAux/77fZ7+95CfXm6yBdbb+HdTk0FzaMFSZ+Gt61Tf4VLuEsn3wEZklz3v
+4Lw40UnOubLfiXHe1U6xOnB0nmyZxgh7q3AibeZ+WLCd6IOkx6WZNmLDDpdeVuA0
+ceVgj0OxMB98KLwyknjjKfGrvRuKPExuBHSc9qVXDKVmUWfqfHMeks7URfnt1rny
+8/WfJ21igRemu/fJLppxMrU3kmcnt82178KKtQCT8v0G7ZfOu4Nocj288+SWT/fl
+JMOcXSPNcnp3jRNdzlTGaLXco7I8jMypdgjDaua1TtjGD7XEgHhJAD2hfbEWpa5e
+s3lOJPGxR9XigQOwOrpl7z22h/sc3iwUdy8mpK5sBAY8kmyXb9SgSZj58j2kBA==
+-----END X509 CRL-----
diff --git a/var/pub/x509/imap.cyclocoop.org/crt+ca.pem b/var/pub/x509/imap.cyclocoop.org/crt+ca.pem
new file mode 100644 (file)
index 0000000..9ee9ba7
--- /dev/null
@@ -0,0 +1,105 @@
+-----BEGIN CERTIFICATE-----
+MIIJljCCB36gAwIBAgIHIBMHFBMjJDANBgkqhkiG9w0BAQ0FADCCARQxFjAUBgNV
+BAMTDWN5Y2xvY29vcC5vcmcxCzAJBgNVBAYTAkZSMQ4wDAYDVQQrEwVDeWNsbzEV
+MBMGA1UEChMMQ3ljbG9mZmljaW5lMVcwVQYDVQQLHk4AQQBuAHQAaQAtAGEAdQB0
+AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQAaQBvAG4AIABw
+AHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTc1MDIwMSMwIQYDVQQIHhoAzgBsAGUA
+LQBkAGUALQBGAHIAYQBuAGMAZTEfMB0GA1UECRMWMTUsIHJ1ZSBQaWVycmUgQm9u
+bmFyZDEXMBUGA1UEFBMOMDkgNzIgMzUgOTMgMTIwHhcNMTMwNzE0MTEyMzI0WhcN
+MjMwNzE1MTEyMzI0WjCCAV4xCzAJBgNVBAYTAkZSMSMwIQYDVQQIHhoAzgBsAGUA
+LQBkAGUALQBGAHIAYQBuAGMAZTEjMCEGA1UEBx4aAM4AbABlAC0AZABlAC0ARgBy
+AGEAbgBjAGUxFTATBgNVBAoTDEN5Y2xvZmZpY2luZTEVMBMGA1UECxMMU2Vydmlj
+ZSBJTUFQMRswGQYDVQQDExJpbWFwLmN5Y2xvY29vcC5vcmcxSzBJBgNVBA8eQgBW
+ADEALgAwACwAIABuAGkAIABkAGkAZQB1ACAAbgBpACAAbQBhAO4AdAByAGUAIABu
+AGkAIABtAG8AdABlAHUAcjErMCkGCysGAQQBgjc8AgEBHhoAzgBsAGUALQBkAGUA
+LQBGAHIAYQBuAGMAZTErMCkGCysGAQQBgjc8AgECHhoAzgBsAGUALQBkAGUALQBG
+AHIAYQBuAGMAZTETMBEGCysGAQQBgjc8AgEDEwJGUjCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBALCfg1SB9JsAG+ufdpyAVMBBB5bVKF56GFa/WX0zffXk
+UKNicdFyLMiQv6O41tQMuHnALqod9HxwHlwH/S5/msNaGpxyUmYkX1LMNfRdB04l
+1P0IB0h3Y03WJqkM3oS2qNMKxnMb4aJWws7/4Xszwo/lhHLg6GbTQTssVdnFJTff
+Imz0qvAQMQUXtceawNSAMCUtWVNSbQuWfUQe2kuXht+/yFUOHVn5IyA82F3WMYlH
+oLr9ia3Yz0zHvkwrfJ2HYZUWgu5LY1iu0iPdsxpnESKYSaCHSi712z1LgNWDS1Md
+ggeWkr3NCDu/aY5qUdxvh2sR3VxR90HrwvLalEimF92MrzWAXS8yhsYKDGghJPxW
+g53VhDx9w5XTmiC9EIJJQ+oo8IDJOsYYg82wenAxaeIxO8R35gD6O8/r7bU0w2sU
+g/HD943pMPg+K/pVw+aCARoEG8NgqmdtYSVFmltPcAW2T45tnhPQDqy0w74bMru8
+TjEJEBDTc4jYIza8W4eYNuybeIeeYaKZEWZMsadZxUeZh1ac+GfXgh42e1RoXEnZ
+IZCf+OKUi8svsD+KOHy7Y+qsz9E1FYjmwQDjhximULzrjVLg8jStNd3l0U9k14D/
+kyfqMlwJY5FXUmc77P/2x4bnYioA8mTLtZMffm4kq1vmizU1KKMd5vR23UzSq2Br
+AgMBAAGjggKdMIICmTAMBgNVHRMBAf8EAjAAMAsGA1UdDwQEAwIFoDAlBgNVHREE
+HjAcgRpjb250YWN0K2ltYXBAY3ljbG9jb29wLm9yZzAdBgNVHQ4EFgQUEuqVQxNM
+ZmRXD5SQP1B96UkJ/mMwIAYDVR0SBBkwF4EVY29udGFjdEBjeWNsb2Nvb3Aub3Jn
+MIIBTAYDVR0jBIIBQzCCAT+AFKpGmRR+fL0DcTbL7bYt+fVE4IDjoYIBHKSCARgw
+ggEUMRYwFAYDVQQDEw1jeWNsb2Nvb3Aub3JnMQswCQYDVQQGEwJGUjEOMAwGA1UE
+KxMFQ3ljbG8xFTATBgNVBAoTDEN5Y2xvZmZpY2luZTFXMFUGA1UECx5OAEEAbgB0
+AGkALQBhAHUAdABvAHIAaQB0AOkAIABkAGUAIABjAGUAcgB0AGkAZgBpAGMAYQB0
+AGkAbwBuACAAcAByAGkAbQBhAGkAcgBlMQ4wDAYDVQQREwU3NTAyMDEjMCEGA1UE
+CB4aAM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxHzAdBgNVBAkTFjE1LCBydWUg
+UGllcnJlIEJvbm5hcmQxFzAVBgNVBBQTDjA5IDcyIDM1IDkzIDEyggcgEwUBIAgz
+MEEGCCsGAQUFBwEBBDUwMzAxBggrBgEFBQcwAoYlaHR0cDovL3d3dy5jeWNsb2Nv
+b3Aub3JnL3g1MDkvY3J0LnBlbTA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3
+LmN5Y2xvY29vcC5vcmcveDUwOS9pbWFwL2NybC5wZW0wRAYDVR0gBD0wOzA5BgUq
+gXoBKjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5jeWNsb2Nvb3Aub3JnL3g1
+MDkvY3BzMA0GCSqGSIb3DQEBDQUAA4ICAQAy/FNs4TdnMo2Kxq/4IItudHK7/RUQ
+deJ4T0ljRyFzHpPfJF5Rf9dLadKELo0uoYs40F0YSM4OhgUQjILE7S3Cep9nhNKf
+GGmIK6+X+GgqePIcGT0GsQZ6ZAgMg5dXePnh5RNLS0DQTV14WzLpIa8AD/4L/di0
+rF75Fg+cWUOHZ9onOo5vio++HOj1qgbkNcZtIPmxCvkMRxYYj1NxCa9rP7mDWKVG
+XmdcF8UK/7Idx/o+FMndlAAALaSIUWK8/s/VWJlTacYQEd0QMT+J1D0J8DWnb8Wv
+zGartTMepKNv3iOzprLp8YxRbD01BMM7gVrxaTi/E4Cc6cBnzBCVFX/BzH7bmRMM
+ka/ee5o9dN/5hqPvX6G7NnUtcGBTgtEq610PR9SnATGScPj+cpE0+ruvliTu1Pzy
+xv7M/WSJS/9i5oRSkNwFCsu8K/ktuwbIPx/MkEb5Z8qWFLJgMbrkbGOyaofD10lP
+X4Dw8ikeUnVKf3N2qJ605RPLJmPG8yHPxPrTiRAftVtBOzgjGne7B+nQwd5IegXg
+PrBsv8oUxn0FQDJ7CHQ8Us0K6MDQVMFKEKEHAw46NjLuBFWDvSz/nQAAXDXdStDI
+ZZrpvIsyP7XHke+lWIV8zMKkBeh4cHXCl+rZoobgRFKFoPIdTcKs3REwJvoifh29
+n7vyDTAqzsj49g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIJAjCCBuqgAwIBAgIHIBMFASAIMzANBgkqhkiG9w0BAQ0FADCCARQxFjAUBgNV
+BAMTDWN5Y2xvY29vcC5vcmcxCzAJBgNVBAYTAkZSMQ4wDAYDVQQrEwVDeWNsbzEV
+MBMGA1UEChMMQ3ljbG9mZmljaW5lMVcwVQYDVQQLHk4AQQBuAHQAaQAtAGEAdQB0
+AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQAaQBvAG4AIABw
+AHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTc1MDIwMSMwIQYDVQQIHhoAzgBsAGUA
+LQBkAGUALQBGAHIAYQBuAGMAZTEfMB0GA1UECRMWMTUsIHJ1ZSBQaWVycmUgQm9u
+bmFyZDEXMBUGA1UEFBMOMDkgNzIgMzUgOTMgMTIwHhcNMTMwNTAxMTgwODMzWhcN
+MjMwNTAyMTgwODMzWjCCARQxFjAUBgNVBAMTDWN5Y2xvY29vcC5vcmcxCzAJBgNV
+BAYTAkZSMQ4wDAYDVQQrEwVDeWNsbzEVMBMGA1UEChMMQ3ljbG9mZmljaW5lMVcw
+VQYDVQQLHk4AQQBuAHQAaQAtAGEAdQB0AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQBy
+AHQAaQBmAGkAYwBhAHQAaQBvAG4AIABwAHIAaQBtAGEAaQByAGUxDjAMBgNVBBET
+BTc1MDIwMSMwIQYDVQQIHhoAzgBsAGUALQBkAGUALQBGAHIAYQBuAGMAZTEfMB0G
+A1UECRMWMTUsIHJ1ZSBQaWVycmUgQm9ubmFyZDEXMBUGA1UEFBMOMDkgNzIgMzUg
+OTMgMTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCz9IxTpiymRGN5
+bPMSt17OMAIzl2kl0taJHLW/igWJpRczbrB3z52J/qrHIGfmiZeqFUkPjYfHntAU
+ncHlm2Jmkyhz8eng1aFpM37lDTSlpvycs7stcAelh7+vUw6u4M0OUx7b1H34lPRo
+RlEhxzVkYaHl6zB4c0Xlovh26XE931AkYyF/SLmi4e0nR5MYoj/3W0jMrlCYZR1q
+wLGOnYNyH57goVurnIZLl+3yBZ6/z0hZm0/JxLiXH4hAOyOYg7JQcb1Xu4FTLKKg
+BmnMwCZ21S7Ngx04hsq8nL4YGHyr+53jwp0FJ1vxxpYuQjr+u5kQIDqK/F2TREYy
+6V/ESDQOCVFuVYc3uYk4WVj/6VfPW897pfnhr1Zmr8xfGrL78iSRbTd9epMExbbk
+5ctfHeoEHPBkk78O4U5hTJOa74L7P2iqFRx6GpQoaTznmfeh7i+6JLKNZuGsqhdp
+/bEGCxRL/bmqlDkSQB+rU01OpxC3QgU3pZah7+ofgPrcbzZGi3f10GHiTvAXmlV0
+2QzFjdsjcLtGd0+8VK5ob9BGvApY8jLD9nmI/PXj+cPtpRZhnrd15wdQY8P6zh3L
+/Dvsj1yTKzNHCCHsU8h9ySkAVfAfsDFOvP4XMs+Y438yxoPFeYy0HxB+XIQ3ADit
+Sv7ARRS2zHn9KYcPusabwWPOk77xdQIDAQABo4ICUzCCAk8wEgYDVR0TAQH/BAgw
+BgEB/wIBATALBgNVHQ8EBAMCAQYwIAYDVR0RBBkwF4EVY29udGFjdEBjeWNsb2Nv
+b3Aub3JnMB0GA1UdDgQWBBSqRpkUfny9A3E2y+22Lfn1ROCA4zAgBgNVHRIEGTAX
+gRVjb250YWN0QGN5Y2xvY29vcC5vcmcwggFMBgNVHSMEggFDMIIBP4AUqkaZFH58
+vQNxNsvtti359UTggOOhggEcpIIBGDCCARQxFjAUBgNVBAMTDWN5Y2xvY29vcC5v
+cmcxCzAJBgNVBAYTAkZSMQ4wDAYDVQQrEwVDeWNsbzEVMBMGA1UEChMMQ3ljbG9m
+ZmljaW5lMVcwVQYDVQQLHk4AQQBuAHQAaQAtAGEAdQB0AG8AcgBpAHQA6QAgAGQA
+ZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQAaQBvAG4AIABwAHIAaQBtAGEAaQByAGUx
+DjAMBgNVBBETBTc1MDIwMSMwIQYDVQQIHhoAzgBsAGUALQBkAGUALQBGAHIAYQBu
+AGMAZTEfMB0GA1UECRMWMTUsIHJ1ZSBQaWVycmUgQm9ubmFyZDEXMBUGA1UEFBMO
+MDkgNzIgMzUgOTMgMTKCByATBQEgCDMwQQYIKwYBBQUHAQEENTAzMDEGCCsGAQUF
+BzAChiVodHRwOi8vd3d3LmN5Y2xvY29vcC5vcmcveDUwOS9jcnQucGVtMDYGA1Ud
+HwQvMC0wK6ApoCeGJWh0dHA6Ly93d3cuY3ljbG9jb29wLm9yZy94NTA5L2NybC5w
+ZW0wDQYJKoZIhvcNAQENBQADggIBABCPhE2OCxF0kIOTb8mSECJVptuzGgxnipd5
+hhGNqm6LPUGO9CqQjotNnNEhP8fJ1hMSy8wW7vweYI8F2eYFnwnDRsgP+EdHupAx
+C+h89itGNTFP91r7kCXyJw6e6ZJG/gqOSqkxnoT0I1LngI97oGFdREp4GTJ9K8dG
+iVvTn7is72cle5Ufnj/Co1Td2neQjvz/hwWI9wlVtd9je+gcD/3gsdB7TWvyOzK+
+NvgPjxFcbA8qhCpoUkeQiQOuRX5LBszPNDuPtAAQp/T1Tgx4fVFvHCi/pQpmzRq9
+Nyr5wM22obEHHicv046Wd369/VQLZwtdL4Jt3aGEtmjyLYLHgw7oSyTjKxI4Ni/k
+Byeq9eGxjlJIvPJzBShyxx1E0fOBwTjfmWfrZyW2g6rs3D5vHV03pU5tDjEHDzsy
+qkDlxyGN48P950SNcBPNJG2YESilDrWhNT1yLW1f4lwBNFKR6iwwhqhiPFSWhNd6
+uZLOkcgEWwD8ZHNl60vYnKv1428RZquZfDmeXjRtqdqDcZYHYt/vGH6QlxyaEpCb
+Vt+8r5eOUEDdMRxy97I9Q5fE5VRaJjEd3o5u5vx0KeftwTyBSa/99P90d6su5Std
+uQtYL4U/UVYccFjRLicjaLE9dUe4wyW1xjsrD3DYn8IBQsh42AzFp4xVXtAfruA0
+4G7CeZmo
+-----END CERTIFICATE-----
diff --git a/var/pub/x509/imap.cyclocoop.org/crt+crl.pem b/var/pub/x509/imap.cyclocoop.org/crt+crl.pem
new file mode 100644 (file)
index 0000000..a721df1
--- /dev/null
@@ -0,0 +1,76 @@
+-----BEGIN CERTIFICATE-----
+MIIJljCCB36gAwIBAgIHIBMHFBMjJDANBgkqhkiG9w0BAQ0FADCCARQxFjAUBgNV
+BAMTDWN5Y2xvY29vcC5vcmcxCzAJBgNVBAYTAkZSMQ4wDAYDVQQrEwVDeWNsbzEV
+MBMGA1UEChMMQ3ljbG9mZmljaW5lMVcwVQYDVQQLHk4AQQBuAHQAaQAtAGEAdQB0
+AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQAaQBvAG4AIABw
+AHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTc1MDIwMSMwIQYDVQQIHhoAzgBsAGUA
+LQBkAGUALQBGAHIAYQBuAGMAZTEfMB0GA1UECRMWMTUsIHJ1ZSBQaWVycmUgQm9u
+bmFyZDEXMBUGA1UEFBMOMDkgNzIgMzUgOTMgMTIwHhcNMTMwNzE0MTEyMzI0WhcN
+MjMwNzE1MTEyMzI0WjCCAV4xCzAJBgNVBAYTAkZSMSMwIQYDVQQIHhoAzgBsAGUA
+LQBkAGUALQBGAHIAYQBuAGMAZTEjMCEGA1UEBx4aAM4AbABlAC0AZABlAC0ARgBy
+AGEAbgBjAGUxFTATBgNVBAoTDEN5Y2xvZmZpY2luZTEVMBMGA1UECxMMU2Vydmlj
+ZSBJTUFQMRswGQYDVQQDExJpbWFwLmN5Y2xvY29vcC5vcmcxSzBJBgNVBA8eQgBW
+ADEALgAwACwAIABuAGkAIABkAGkAZQB1ACAAbgBpACAAbQBhAO4AdAByAGUAIABu
+AGkAIABtAG8AdABlAHUAcjErMCkGCysGAQQBgjc8AgEBHhoAzgBsAGUALQBkAGUA
+LQBGAHIAYQBuAGMAZTErMCkGCysGAQQBgjc8AgECHhoAzgBsAGUALQBkAGUALQBG
+AHIAYQBuAGMAZTETMBEGCysGAQQBgjc8AgEDEwJGUjCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBALCfg1SB9JsAG+ufdpyAVMBBB5bVKF56GFa/WX0zffXk
+UKNicdFyLMiQv6O41tQMuHnALqod9HxwHlwH/S5/msNaGpxyUmYkX1LMNfRdB04l
+1P0IB0h3Y03WJqkM3oS2qNMKxnMb4aJWws7/4Xszwo/lhHLg6GbTQTssVdnFJTff
+Imz0qvAQMQUXtceawNSAMCUtWVNSbQuWfUQe2kuXht+/yFUOHVn5IyA82F3WMYlH
+oLr9ia3Yz0zHvkwrfJ2HYZUWgu5LY1iu0iPdsxpnESKYSaCHSi712z1LgNWDS1Md
+ggeWkr3NCDu/aY5qUdxvh2sR3VxR90HrwvLalEimF92MrzWAXS8yhsYKDGghJPxW
+g53VhDx9w5XTmiC9EIJJQ+oo8IDJOsYYg82wenAxaeIxO8R35gD6O8/r7bU0w2sU
+g/HD943pMPg+K/pVw+aCARoEG8NgqmdtYSVFmltPcAW2T45tnhPQDqy0w74bMru8
+TjEJEBDTc4jYIza8W4eYNuybeIeeYaKZEWZMsadZxUeZh1ac+GfXgh42e1RoXEnZ
+IZCf+OKUi8svsD+KOHy7Y+qsz9E1FYjmwQDjhximULzrjVLg8jStNd3l0U9k14D/
+kyfqMlwJY5FXUmc77P/2x4bnYioA8mTLtZMffm4kq1vmizU1KKMd5vR23UzSq2Br
+AgMBAAGjggKdMIICmTAMBgNVHRMBAf8EAjAAMAsGA1UdDwQEAwIFoDAlBgNVHREE
+HjAcgRpjb250YWN0K2ltYXBAY3ljbG9jb29wLm9yZzAdBgNVHQ4EFgQUEuqVQxNM
+ZmRXD5SQP1B96UkJ/mMwIAYDVR0SBBkwF4EVY29udGFjdEBjeWNsb2Nvb3Aub3Jn
+MIIBTAYDVR0jBIIBQzCCAT+AFKpGmRR+fL0DcTbL7bYt+fVE4IDjoYIBHKSCARgw
+ggEUMRYwFAYDVQQDEw1jeWNsb2Nvb3Aub3JnMQswCQYDVQQGEwJGUjEOMAwGA1UE
+KxMFQ3ljbG8xFTATBgNVBAoTDEN5Y2xvZmZpY2luZTFXMFUGA1UECx5OAEEAbgB0
+AGkALQBhAHUAdABvAHIAaQB0AOkAIABkAGUAIABjAGUAcgB0AGkAZgBpAGMAYQB0
+AGkAbwBuACAAcAByAGkAbQBhAGkAcgBlMQ4wDAYDVQQREwU3NTAyMDEjMCEGA1UE
+CB4aAM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxHzAdBgNVBAkTFjE1LCBydWUg
+UGllcnJlIEJvbm5hcmQxFzAVBgNVBBQTDjA5IDcyIDM1IDkzIDEyggcgEwUBIAgz
+MEEGCCsGAQUFBwEBBDUwMzAxBggrBgEFBQcwAoYlaHR0cDovL3d3dy5jeWNsb2Nv
+b3Aub3JnL3g1MDkvY3J0LnBlbTA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3
+LmN5Y2xvY29vcC5vcmcveDUwOS9pbWFwL2NybC5wZW0wRAYDVR0gBD0wOzA5BgUq
+gXoBKjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5jeWNsb2Nvb3Aub3JnL3g1
+MDkvY3BzMA0GCSqGSIb3DQEBDQUAA4ICAQAy/FNs4TdnMo2Kxq/4IItudHK7/RUQ
+deJ4T0ljRyFzHpPfJF5Rf9dLadKELo0uoYs40F0YSM4OhgUQjILE7S3Cep9nhNKf
+GGmIK6+X+GgqePIcGT0GsQZ6ZAgMg5dXePnh5RNLS0DQTV14WzLpIa8AD/4L/di0
+rF75Fg+cWUOHZ9onOo5vio++HOj1qgbkNcZtIPmxCvkMRxYYj1NxCa9rP7mDWKVG
+XmdcF8UK/7Idx/o+FMndlAAALaSIUWK8/s/VWJlTacYQEd0QMT+J1D0J8DWnb8Wv
+zGartTMepKNv3iOzprLp8YxRbD01BMM7gVrxaTi/E4Cc6cBnzBCVFX/BzH7bmRMM
+ka/ee5o9dN/5hqPvX6G7NnUtcGBTgtEq610PR9SnATGScPj+cpE0+ruvliTu1Pzy
+xv7M/WSJS/9i5oRSkNwFCsu8K/ktuwbIPx/MkEb5Z8qWFLJgMbrkbGOyaofD10lP
+X4Dw8ikeUnVKf3N2qJ605RPLJmPG8yHPxPrTiRAftVtBOzgjGne7B+nQwd5IegXg
+PrBsv8oUxn0FQDJ7CHQ8Us0K6MDQVMFKEKEHAw46NjLuBFWDvSz/nQAAXDXdStDI
+ZZrpvIsyP7XHke+lWIV8zMKkBeh4cHXCl+rZoobgRFKFoPIdTcKs3REwJvoifh29
+n7vyDTAqzsj49g==
+-----END CERTIFICATE-----
+-----BEGIN X509 CRL-----
+MIIDujCCAaICAQEwDQYJKoZIhvcNAQENBQAwggFeMQswCQYDVQQGEwJGUjEjMCEG
+A1UECB4aAM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxIzAhBgNVBAceGgDOAGwA
+ZQAtAGQAZQAtAEYAcgBhAG4AYwBlMRUwEwYDVQQKEwxDeWNsb2ZmaWNpbmUxFTAT
+BgNVBAsTDFNlcnZpY2UgSU1BUDEbMBkGA1UEAxMSaW1hcC5jeWNsb2Nvb3Aub3Jn
+MUswSQYDVQQPHkIAVgAxAC4AMAAsACAAbgBpACAAZABpAGUAdQAgAG4AaQAgAG0A
+YQDuAHQAcgBlACAAbgBpACAAbQBvAHQAZQB1AHIxKzApBgsrBgEEAYI3PAIBAR4a
+AM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxKzApBgsrBgEEAYI3PAIBAh4aAM4A
+bABlAC0AZABlAC0ARgByAGEAbgBjAGUxEzARBgsrBgEEAYI3PAIBAxMCRlIXDTEz
+MDcxNDExMjMyNFoXDTIzMDcxNTExMjMyNFqgDjAMMAoGA1UdFAQDAgEAMA0GCSqG
+SIb3DQEBDQUAA4ICAQCLguCS7fC96JzvS/WQ6RWT8D1bBd2+n8JqdvHhtstBXv7X
+SQBPmpACpeqSF3kmysiQeNeC2NZGQ+O5mULLemMgWZhJppJSfDnxELrPzYh+uPDY
+N0g++oBvZvg2alej1NYdy8RBsHYW86jFK9Zw8sDbIJ7vImusI3PObtuv2ovvUWmm
+i6RlKcMdN8FnEBD9MfAAi8h/pk2/7t4BT4zeyMsG4j/mByQTBz3nubMECkXiqZjz
+vfrxVNvX431P2sBvsShNIb1uitvCENZdUv5VwwVCYh6vywWK93OC+wsv6meuMmhG
+qkNVqav0PGMnahpLUMAWMR9N59z9ZM/Or/j+0jdG/gR/KjeDO5q52zM6GFEegdCt
+srpiD+l6bIQzybuR6Vxz4OZpWz9qtpD/OM7mUxacxhVIcBntUQvrBJ1uNIxUokPJ
+uHAn7o2o09FTrgoeVG4bH4v8Mlod9zmtc1TH/i1ezUMysyeV1tRIV2+oAxLPQ4D1
+5g0/zLLHl47FbjU8HJhgb5DNhYaBzpJcCdERxIiX+aATf8G2EnqXyDcvzl5bEjWD
+AfWvsVnF0RzBds5xE8QgLkjYoIqpRV2130rrbmZcZg5IphAz9xO0y4V6q+58lhHq
+G6rDtvntypjUfM1CNgskJk0xvDELfh5w0aETqVFSzB3VhZUzwpFj8kJyzYRROA==
+-----END X509 CRL-----
diff --git a/var/pub/x509/imap.cyclocoop.org/crt+crl.self-signed.pem b/var/pub/x509/imap.cyclocoop.org/crt+crl.self-signed.pem
new file mode 100644 (file)
index 0000000..71fc8c9
--- /dev/null
@@ -0,0 +1,78 @@
+-----BEGIN CERTIFICATE-----
+MIIKADCCB+igAwIBAgIHIBMHFBMjJTANBgkqhkiG9w0BAQ0FADCCAV4xCzAJBgNV
+BAYTAkZSMSMwIQYDVQQIHhoAzgBsAGUALQBkAGUALQBGAHIAYQBuAGMAZTEjMCEG
+A1UEBx4aAM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxFTATBgNVBAoTDEN5Y2xv
+ZmZpY2luZTEVMBMGA1UECxMMU2VydmljZSBJTUFQMRswGQYDVQQDExJpbWFwLmN5
+Y2xvY29vcC5vcmcxSzBJBgNVBA8eQgBWADEALgAwACwAIABuAGkAIABkAGkAZQB1
+ACAAbgBpACAAbQBhAO4AdAByAGUAIABuAGkAIABtAG8AdABlAHUAcjErMCkGCysG
+AQQBgjc8AgEBHhoAzgBsAGUALQBkAGUALQBGAHIAYQBuAGMAZTErMCkGCysGAQQB
+gjc8AgECHhoAzgBsAGUALQBkAGUALQBGAHIAYQBuAGMAZTETMBEGCysGAQQBgjc8
+AgEDEwJGUjAeFw0xMzA3MTQxMTIzMjVaFw0yMzA3MTUxMTIzMjVaMIIBXjELMAkG
+A1UEBhMCRlIxIzAhBgNVBAgeGgDOAGwAZQAtAGQAZQAtAEYAcgBhAG4AYwBlMSMw
+IQYDVQQHHhoAzgBsAGUALQBkAGUALQBGAHIAYQBuAGMAZTEVMBMGA1UEChMMQ3lj
+bG9mZmljaW5lMRUwEwYDVQQLEwxTZXJ2aWNlIElNQVAxGzAZBgNVBAMTEmltYXAu
+Y3ljbG9jb29wLm9yZzFLMEkGA1UEDx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBl
+AHUAIABuAGkAIABtAGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0AGUAdQByMSswKQYL
+KwYBBAGCNzwCAQEeGgDOAGwAZQAtAGQAZQAtAEYAcgBhAG4AYwBlMSswKQYLKwYB
+BAGCNzwCAQIeGgDOAGwAZQAtAGQAZQAtAEYAcgBhAG4AYwBlMRMwEQYLKwYBBAGC
+NzwCAQMTAkZSMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsJ+DVIH0
+mwAb6592nIBUwEEHltUoXnoYVr9ZfTN99eRQo2Jx0XIsyJC/o7jW1Ay4ecAuqh30
+fHAeXAf9Ln+aw1oanHJSZiRfUsw19F0HTiXU/QgHSHdjTdYmqQzehLao0wrGcxvh
+olbCzv/hezPCj+WEcuDoZtNBOyxV2cUlN98ibPSq8BAxBRe1x5rA1IAwJS1ZU1Jt
+C5Z9RB7aS5eG37/IVQ4dWfkjIDzYXdYxiUeguv2JrdjPTMe+TCt8nYdhlRaC7ktj
+WK7SI92zGmcRIphJoIdKLvXbPUuA1YNLUx2CB5aSvc0IO79pjmpR3G+HaxHdXFH3
+QevC8tqUSKYX3YyvNYBdLzKGxgoMaCEk/FaDndWEPH3DldOaIL0QgklD6ijwgMk6
+xhiDzbB6cDFp4jE7xHfmAPo7z+vttTTDaxSD8cP3jekw+D4r+lXD5oIBGgQbw2Cq
+Z21hJUWaW09wBbZPjm2eE9AOrLTDvhsyu7xOMQkQENNziNgjNrxbh5g27Jt4h55h
+opkRZkyxp1nFR5mHVpz4Z9eCHjZ7VGhcSdkhkJ/44pSLyy+wP4o4fLtj6qzP0TUV
+iObBAOOHGKZQvOuNUuDyNK013eXRT2TXgP+TJ+oyXAljkVdSZzvs//bHhudiKgDy
+ZMu1kx9+biSrW+aLNTUoox3m9HbdTNKrYGsCAwEAAaOCAr0wggK5MBIGA1UdEwEB
+/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgGmMCUGA1UdEQQeMByBGmNvbnRhY3QraW1h
+cEBjeWNsb2Nvb3Aub3JnMB0GA1UdDgQWBBQS6pVDE0xmZFcPlJA/UH3pSQn+YzAl
+BgNVHRIEHjAcgRpjb250YWN0K2ltYXBAY3ljbG9jb29wLm9yZzCCAZYGA1UdIwSC
+AY0wggGJgBQS6pVDE0xmZFcPlJA/UH3pSQn+Y6GCAWakggFiMIIBXjELMAkGA1UE
+BhMCRlIxIzAhBgNVBAgeGgDOAGwAZQAtAGQAZQAtAEYAcgBhAG4AYwBlMSMwIQYD
+VQQHHhoAzgBsAGUALQBkAGUALQBGAHIAYQBuAGMAZTEVMBMGA1UEChMMQ3ljbG9m
+ZmljaW5lMRUwEwYDVQQLEwxTZXJ2aWNlIElNQVAxGzAZBgNVBAMTEmltYXAuY3lj
+bG9jb29wLm9yZzFLMEkGA1UEDx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBlAHUA
+IABuAGkAIABtAGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0AGUAdQByMSswKQYLKwYB
+BAGCNzwCAQEeGgDOAGwAZQAtAGQAZQAtAEYAcgBhAG4AYwBlMSswKQYLKwYBBAGC
+NzwCAQIeGgDOAGwAZQAtAGQAZQAtAEYAcgBhAG4AYwBlMRMwEQYLKwYBBAGCNzwC
+AQMTAkZSggcgEwcUEyMlMEYGCCsGAQUFBwEBBDowODA2BggrBgEFBQcwAoYqaHR0
+cDovL3d3dy5jeWNsb2Nvb3Aub3JnL3g1MDkvaW1hcC9jcnQucGVtMEcGA1UdHwRA
+MD4wPKA6oDiGNmh0dHA6Ly93d3cuY3ljbG9jb29wLm9yZy94NTA5L2ltYXAvY3Js
+LnNlbGYtc2lnbmVkLnBlbTANBgkqhkiG9w0BAQ0FAAOCAgEADNu2QvW9+2iador2
+N+oedT2JKAglJERhvQqqVJF9e4R3a9HZmGoTPUHnXkDauoQMbOQbqNAQf8T+kkvc
+/5VSJJxQkLcVJq2Yc8Gb4muUXemX8T5kx9Xo+yS830wriVf+9E7IezBjvtRcmLp3
+dUqya+dBV2pDj+0uFgSIgqTu09D1El3lLA/11jQD4iQMJG+0+BDzHbdFmi7THTbZ
+NYWTQynbi/HgsD2DnzWJb6d6fa0T0IlYKP95Dlta7rmJ5yFvMccyARn/gHbmsOoD
+F2ZzlgkTCvyIZFEGf5Lrsfo90nxJlG1scomseDb5zo/6l6TvWM4pUq8sSWaZ97s1
+ZAAL5P+FZMDPyokEB1R537/uPHg43xQsJjIycv6ZP4dtDM3pZ+1gvo/oI0/dJziN
+aduKKPqwCUxJySY0ks8ecrDPaZFGYxxbrscDwj0JELKpV1bpYZx2Ofn+gZMQ88ta
+a/TMdyP/edP9gBHa9cvcxSyy7a08BUcEX5UuMOyMQdzf4Dk0joP9zd021xObvH+H
+k9zrKEbtNskh/1hQBKhfx0RmvhH8KGRNKysQCjxQ28ZpKtdJI9ULQRfN2KD8wyCq
+5ljujyIoDgWZXe5JPu8cIz2oR02wB41bhGfYxEyuDlgn+8POnD99b77Mj3jWSCn9
+MCe0xEsnhkKVCaO3qfIovKFBxE8=
+-----END CERTIFICATE-----
+-----BEGIN X509 CRL-----
+MIIDujCCAaICAQEwDQYJKoZIhvcNAQENBQAwggFeMQswCQYDVQQGEwJGUjEjMCEG
+A1UECB4aAM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxIzAhBgNVBAceGgDOAGwA
+ZQAtAGQAZQAtAEYAcgBhAG4AYwBlMRUwEwYDVQQKEwxDeWNsb2ZmaWNpbmUxFTAT
+BgNVBAsTDFNlcnZpY2UgSU1BUDEbMBkGA1UEAxMSaW1hcC5jeWNsb2Nvb3Aub3Jn
+MUswSQYDVQQPHkIAVgAxAC4AMAAsACAAbgBpACAAZABpAGUAdQAgAG4AaQAgAG0A
+YQDuAHQAcgBlACAAbgBpACAAbQBvAHQAZQB1AHIxKzApBgsrBgEEAYI3PAIBAR4a
+AM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxKzApBgsrBgEEAYI3PAIBAh4aAM4A
+bABlAC0AZABlAC0ARgByAGEAbgBjAGUxEzARBgsrBgEEAYI3PAIBAxMCRlIXDTEz
+MDcxNDExMjMyNVoXDTIzMDcxNTExMjMyNVqgDjAMMAoGA1UdFAQDAgEAMA0GCSqG
+SIb3DQEBDQUAA4ICAQAxtnTBHXUjgDzzT4EwmvhUTrdF/sl85lyQGXGrYJWnY05Z
+fHPuqmkzPtW6+JvpIMo42mUaexw8wiOWTMJwHN7E32ITcq5XbeiyMARAz9LOOgnn
+AkKWn4qXQGp8GAEPXrLLy0NEAuv2khqNMJi02Mx5Zy/kBTzG071JDMIoWqK/vTwg
+xmN8JiUsncspBD+hk0lRRsGr6el79AkrJ+P8Rvc9SSbdWpBVi5+ahNPX+zB6yRHw
+WpRhtqrivICSOtG5duXSwVg8HrrPw730wYvrFK55SSrkyhaIdVM4yOagja4vfe32
+ReF+iyAux/77fZ7+95CfXm6yBdbb+HdTk0FzaMFSZ+Gt61Tf4VLuEsn3wEZklz3v
+4Lw40UnOubLfiXHe1U6xOnB0nmyZxgh7q3AibeZ+WLCd6IOkx6WZNmLDDpdeVuA0
+ceVgj0OxMB98KLwyknjjKfGrvRuKPExuBHSc9qVXDKVmUWfqfHMeks7URfnt1rny
+8/WfJ21igRemu/fJLppxMrU3kmcnt82178KKtQCT8v0G7ZfOu4Nocj288+SWT/fl
+JMOcXSPNcnp3jRNdzlTGaLXco7I8jMypdgjDaua1TtjGD7XEgHhJAD2hfbEWpa5e
+s3lOJPGxR9XigQOwOrpl7z22h/sc3iwUdy8mpK5sBAY8kmyXb9SgSZj58j2kBA==
+-----END X509 CRL-----
diff --git a/var/pub/x509/imap.cyclocoop.org/crt.pem b/var/pub/x509/imap.cyclocoop.org/crt.pem
new file mode 100644 (file)
index 0000000..db7a630
--- /dev/null
@@ -0,0 +1,54 @@
+-----BEGIN CERTIFICATE-----
+MIIJljCCB36gAwIBAgIHIBMHFBMjJDANBgkqhkiG9w0BAQ0FADCCARQxFjAUBgNV
+BAMTDWN5Y2xvY29vcC5vcmcxCzAJBgNVBAYTAkZSMQ4wDAYDVQQrEwVDeWNsbzEV
+MBMGA1UEChMMQ3ljbG9mZmljaW5lMVcwVQYDVQQLHk4AQQBuAHQAaQAtAGEAdQB0
+AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQAaQBvAG4AIABw
+AHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTc1MDIwMSMwIQYDVQQIHhoAzgBsAGUA
+LQBkAGUALQBGAHIAYQBuAGMAZTEfMB0GA1UECRMWMTUsIHJ1ZSBQaWVycmUgQm9u
+bmFyZDEXMBUGA1UEFBMOMDkgNzIgMzUgOTMgMTIwHhcNMTMwNzE0MTEyMzI0WhcN
+MjMwNzE1MTEyMzI0WjCCAV4xCzAJBgNVBAYTAkZSMSMwIQYDVQQIHhoAzgBsAGUA
+LQBkAGUALQBGAHIAYQBuAGMAZTEjMCEGA1UEBx4aAM4AbABlAC0AZABlAC0ARgBy
+AGEAbgBjAGUxFTATBgNVBAoTDEN5Y2xvZmZpY2luZTEVMBMGA1UECxMMU2Vydmlj
+ZSBJTUFQMRswGQYDVQQDExJpbWFwLmN5Y2xvY29vcC5vcmcxSzBJBgNVBA8eQgBW
+ADEALgAwACwAIABuAGkAIABkAGkAZQB1ACAAbgBpACAAbQBhAO4AdAByAGUAIABu
+AGkAIABtAG8AdABlAHUAcjErMCkGCysGAQQBgjc8AgEBHhoAzgBsAGUALQBkAGUA
+LQBGAHIAYQBuAGMAZTErMCkGCysGAQQBgjc8AgECHhoAzgBsAGUALQBkAGUALQBG
+AHIAYQBuAGMAZTETMBEGCysGAQQBgjc8AgEDEwJGUjCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBALCfg1SB9JsAG+ufdpyAVMBBB5bVKF56GFa/WX0zffXk
+UKNicdFyLMiQv6O41tQMuHnALqod9HxwHlwH/S5/msNaGpxyUmYkX1LMNfRdB04l
+1P0IB0h3Y03WJqkM3oS2qNMKxnMb4aJWws7/4Xszwo/lhHLg6GbTQTssVdnFJTff
+Imz0qvAQMQUXtceawNSAMCUtWVNSbQuWfUQe2kuXht+/yFUOHVn5IyA82F3WMYlH
+oLr9ia3Yz0zHvkwrfJ2HYZUWgu5LY1iu0iPdsxpnESKYSaCHSi712z1LgNWDS1Md
+ggeWkr3NCDu/aY5qUdxvh2sR3VxR90HrwvLalEimF92MrzWAXS8yhsYKDGghJPxW
+g53VhDx9w5XTmiC9EIJJQ+oo8IDJOsYYg82wenAxaeIxO8R35gD6O8/r7bU0w2sU
+g/HD943pMPg+K/pVw+aCARoEG8NgqmdtYSVFmltPcAW2T45tnhPQDqy0w74bMru8
+TjEJEBDTc4jYIza8W4eYNuybeIeeYaKZEWZMsadZxUeZh1ac+GfXgh42e1RoXEnZ
+IZCf+OKUi8svsD+KOHy7Y+qsz9E1FYjmwQDjhximULzrjVLg8jStNd3l0U9k14D/
+kyfqMlwJY5FXUmc77P/2x4bnYioA8mTLtZMffm4kq1vmizU1KKMd5vR23UzSq2Br
+AgMBAAGjggKdMIICmTAMBgNVHRMBAf8EAjAAMAsGA1UdDwQEAwIFoDAlBgNVHREE
+HjAcgRpjb250YWN0K2ltYXBAY3ljbG9jb29wLm9yZzAdBgNVHQ4EFgQUEuqVQxNM
+ZmRXD5SQP1B96UkJ/mMwIAYDVR0SBBkwF4EVY29udGFjdEBjeWNsb2Nvb3Aub3Jn
+MIIBTAYDVR0jBIIBQzCCAT+AFKpGmRR+fL0DcTbL7bYt+fVE4IDjoYIBHKSCARgw
+ggEUMRYwFAYDVQQDEw1jeWNsb2Nvb3Aub3JnMQswCQYDVQQGEwJGUjEOMAwGA1UE
+KxMFQ3ljbG8xFTATBgNVBAoTDEN5Y2xvZmZpY2luZTFXMFUGA1UECx5OAEEAbgB0
+AGkALQBhAHUAdABvAHIAaQB0AOkAIABkAGUAIABjAGUAcgB0AGkAZgBpAGMAYQB0
+AGkAbwBuACAAcAByAGkAbQBhAGkAcgBlMQ4wDAYDVQQREwU3NTAyMDEjMCEGA1UE
+CB4aAM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxHzAdBgNVBAkTFjE1LCBydWUg
+UGllcnJlIEJvbm5hcmQxFzAVBgNVBBQTDjA5IDcyIDM1IDkzIDEyggcgEwUBIAgz
+MEEGCCsGAQUFBwEBBDUwMzAxBggrBgEFBQcwAoYlaHR0cDovL3d3dy5jeWNsb2Nv
+b3Aub3JnL3g1MDkvY3J0LnBlbTA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3
+LmN5Y2xvY29vcC5vcmcveDUwOS9pbWFwL2NybC5wZW0wRAYDVR0gBD0wOzA5BgUq
+gXoBKjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5jeWNsb2Nvb3Aub3JnL3g1
+MDkvY3BzMA0GCSqGSIb3DQEBDQUAA4ICAQAy/FNs4TdnMo2Kxq/4IItudHK7/RUQ
+deJ4T0ljRyFzHpPfJF5Rf9dLadKELo0uoYs40F0YSM4OhgUQjILE7S3Cep9nhNKf
+GGmIK6+X+GgqePIcGT0GsQZ6ZAgMg5dXePnh5RNLS0DQTV14WzLpIa8AD/4L/di0
+rF75Fg+cWUOHZ9onOo5vio++HOj1qgbkNcZtIPmxCvkMRxYYj1NxCa9rP7mDWKVG
+XmdcF8UK/7Idx/o+FMndlAAALaSIUWK8/s/VWJlTacYQEd0QMT+J1D0J8DWnb8Wv
+zGartTMepKNv3iOzprLp8YxRbD01BMM7gVrxaTi/E4Cc6cBnzBCVFX/BzH7bmRMM
+ka/ee5o9dN/5hqPvX6G7NnUtcGBTgtEq610PR9SnATGScPj+cpE0+ruvliTu1Pzy
+xv7M/WSJS/9i5oRSkNwFCsu8K/ktuwbIPx/MkEb5Z8qWFLJgMbrkbGOyaofD10lP
+X4Dw8ikeUnVKf3N2qJ605RPLJmPG8yHPxPrTiRAftVtBOzgjGne7B+nQwd5IegXg
+PrBsv8oUxn0FQDJ7CHQ8Us0K6MDQVMFKEKEHAw46NjLuBFWDvSz/nQAAXDXdStDI
+ZZrpvIsyP7XHke+lWIV8zMKkBeh4cHXCl+rZoobgRFKFoPIdTcKs3REwJvoifh29
+n7vyDTAqzsj49g==
+-----END CERTIFICATE-----
diff --git a/var/pub/x509/imap.cyclocoop.org/crt.pem.asc b/var/pub/x509/imap.cyclocoop.org/crt.pem.asc
new file mode 100644 (file)
index 0000000..6432957
--- /dev/null
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+iQIcBAABCgAGBQJR4oosAAoJEF4nGc9w/oqe8EQQAK5TP+kvCu6zh9Ek4lzLnbJg
+MTtIGII8SWyMTi5cRw7ZdUkpsIVtxfYqfIUE9rDxtpNXsx67NUGh17Wv04PfZ7Xl
+Op3BmVBw2hOxjmWgIqdfWZx/OIWBoS/VIo4rRyu3fH886XG2thHzj9FGHRH4d01i
+F3mzqub7Pj/wghxF9FJ3+1EQ5XHeQqXK7ccX1SXF4B7WZVMSGEVw4uLkaqzlz02m
+jv5R5HxSKG93PnXIDsV66ocWIhq+LrDbVKiLHPjGWCCQ0gsk/D+h7vW4MZc43tkq
+9E00nRVCSpYIOIyxaxzQBjxJjFkeyl/OC2HEdY3pl1DknUmR51u0q2Jo19xtLIyR
+K/MKDivPedeFtHbV07KUaIOrzPIPhL6kc6qFok1klh5akSpmlFRkm391d78FUdbN
+LnMp4F1WPmAoamfoTc5dhXG5EW3L6VsTHIr3LNN0SrWaO6M/Sz33aLWz5SZB9qbh
+BZEzCM1M+ZjB4pd3YnXy4YgihaCzoxQI6d7jmUt2KFvYctf9rRxHDAkgWR5piuQx
+hVaXGmKRKpgysteFSEnDf/JAlKGjmG5nlvJMpQ4Ee4v2a+WvPbYwQeO6EOirN7iX
+F42D7NYOeSfcyCkabjzqoGxxpQkXp4H6otXO5QoAos9XXUlSKL0HOznAXfFHm7yh
+pEVxOuTE9sGU2vFGkYoM
+=IpQU
+-----END PGP SIGNATURE-----
diff --git a/var/pub/x509/imap.cyclocoop.org/crt.self-signed.pem b/var/pub/x509/imap.cyclocoop.org/crt.self-signed.pem
new file mode 100644 (file)
index 0000000..c2d687c
--- /dev/null
@@ -0,0 +1,56 @@
+-----BEGIN CERTIFICATE-----
+MIIKADCCB+igAwIBAgIHIBMHFBMjJTANBgkqhkiG9w0BAQ0FADCCAV4xCzAJBgNV
+BAYTAkZSMSMwIQYDVQQIHhoAzgBsAGUALQBkAGUALQBGAHIAYQBuAGMAZTEjMCEG
+A1UEBx4aAM4AbABlAC0AZABlAC0ARgByAGEAbgBjAGUxFTATBgNVBAoTDEN5Y2xv
+ZmZpY2luZTEVMBMGA1UECxMMU2VydmljZSBJTUFQMRswGQYDVQQDExJpbWFwLmN5
+Y2xvY29vcC5vcmcxSzBJBgNVBA8eQgBWADEALgAwACwAIABuAGkAIABkAGkAZQB1
+ACAAbgBpACAAbQBhAO4AdAByAGUAIABuAGkAIABtAG8AdABlAHUAcjErMCkGCysG
+AQQBgjc8AgEBHhoAzgBsAGUALQBkAGUALQBGAHIAYQBuAGMAZTErMCkGCysGAQQB
+gjc8AgECHhoAzgBsAGUALQBkAGUALQBGAHIAYQBuAGMAZTETMBEGCysGAQQBgjc8
+AgEDEwJGUjAeFw0xMzA3MTQxMTIzMjVaFw0yMzA3MTUxMTIzMjVaMIIBXjELMAkG
+A1UEBhMCRlIxIzAhBgNVBAgeGgDOAGwAZQAtAGQAZQAtAEYAcgBhAG4AYwBlMSMw
+IQYDVQQHHhoAzgBsAGUALQBkAGUALQBGAHIAYQBuAGMAZTEVMBMGA1UEChMMQ3lj
+bG9mZmljaW5lMRUwEwYDVQQLEwxTZXJ2aWNlIElNQVAxGzAZBgNVBAMTEmltYXAu
+Y3ljbG9jb29wLm9yZzFLMEkGA1UEDx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBl
+AHUAIABuAGkAIABtAGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0AGUAdQByMSswKQYL
+KwYBBAGCNzwCAQEeGgDOAGwAZQAtAGQAZQAtAEYAcgBhAG4AYwBlMSswKQYLKwYB
+BAGCNzwCAQIeGgDOAGwAZQAtAGQAZQAtAEYAcgBhAG4AYwBlMRMwEQYLKwYBBAGC
+NzwCAQMTAkZSMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsJ+DVIH0
+mwAb6592nIBUwEEHltUoXnoYVr9ZfTN99eRQo2Jx0XIsyJC/o7jW1Ay4ecAuqh30
+fHAeXAf9Ln+aw1oanHJSZiRfUsw19F0HTiXU/QgHSHdjTdYmqQzehLao0wrGcxvh
+olbCzv/hezPCj+WEcuDoZtNBOyxV2cUlN98ibPSq8BAxBRe1x5rA1IAwJS1ZU1Jt
+C5Z9RB7aS5eG37/IVQ4dWfkjIDzYXdYxiUeguv2JrdjPTMe+TCt8nYdhlRaC7ktj
+WK7SI92zGmcRIphJoIdKLvXbPUuA1YNLUx2CB5aSvc0IO79pjmpR3G+HaxHdXFH3
+QevC8tqUSKYX3YyvNYBdLzKGxgoMaCEk/FaDndWEPH3DldOaIL0QgklD6ijwgMk6
+xhiDzbB6cDFp4jE7xHfmAPo7z+vttTTDaxSD8cP3jekw+D4r+lXD5oIBGgQbw2Cq
+Z21hJUWaW09wBbZPjm2eE9AOrLTDvhsyu7xOMQkQENNziNgjNrxbh5g27Jt4h55h
+opkRZkyxp1nFR5mHVpz4Z9eCHjZ7VGhcSdkhkJ/44pSLyy+wP4o4fLtj6qzP0TUV
+iObBAOOHGKZQvOuNUuDyNK013eXRT2TXgP+TJ+oyXAljkVdSZzvs//bHhudiKgDy
+ZMu1kx9+biSrW+aLNTUoox3m9HbdTNKrYGsCAwEAAaOCAr0wggK5MBIGA1UdEwEB
+/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgGmMCUGA1UdEQQeMByBGmNvbnRhY3QraW1h
+cEBjeWNsb2Nvb3Aub3JnMB0GA1UdDgQWBBQS6pVDE0xmZFcPlJA/UH3pSQn+YzAl
+BgNVHRIEHjAcgRpjb250YWN0K2ltYXBAY3ljbG9jb29wLm9yZzCCAZYGA1UdIwSC
+AY0wggGJgBQS6pVDE0xmZFcPlJA/UH3pSQn+Y6GCAWakggFiMIIBXjELMAkGA1UE
+BhMCRlIxIzAhBgNVBAgeGgDOAGwAZQAtAGQAZQAtAEYAcgBhAG4AYwBlMSMwIQYD
+VQQHHhoAzgBsAGUALQBkAGUALQBGAHIAYQBuAGMAZTEVMBMGA1UEChMMQ3ljbG9m
+ZmljaW5lMRUwEwYDVQQLEwxTZXJ2aWNlIElNQVAxGzAZBgNVBAMTEmltYXAuY3lj
+bG9jb29wLm9yZzFLMEkGA1UEDx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBlAHUA
+IABuAGkAIABtAGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0AGUAdQByMSswKQYLKwYB
+BAGCNzwCAQEeGgDOAGwAZQAtAGQAZQAtAEYAcgBhAG4AYwBlMSswKQYLKwYBBAGC
+NzwCAQIeGgDOAGwAZQAtAGQAZQAtAEYAcgBhAG4AYwBlMRMwEQYLKwYBBAGCNzwC
+AQMTAkZSggcgEwcUEyMlMEYGCCsGAQUFBwEBBDowODA2BggrBgEFBQcwAoYqaHR0
+cDovL3d3dy5jeWNsb2Nvb3Aub3JnL3g1MDkvaW1hcC9jcnQucGVtMEcGA1UdHwRA
+MD4wPKA6oDiGNmh0dHA6Ly93d3cuY3ljbG9jb29wLm9yZy94NTA5L2ltYXAvY3Js
+LnNlbGYtc2lnbmVkLnBlbTANBgkqhkiG9w0BAQ0FAAOCAgEADNu2QvW9+2iador2
+N+oedT2JKAglJERhvQqqVJF9e4R3a9HZmGoTPUHnXkDauoQMbOQbqNAQf8T+kkvc
+/5VSJJxQkLcVJq2Yc8Gb4muUXemX8T5kx9Xo+yS830wriVf+9E7IezBjvtRcmLp3
+dUqya+dBV2pDj+0uFgSIgqTu09D1El3lLA/11jQD4iQMJG+0+BDzHbdFmi7THTbZ
+NYWTQynbi/HgsD2DnzWJb6d6fa0T0IlYKP95Dlta7rmJ5yFvMccyARn/gHbmsOoD
+F2ZzlgkTCvyIZFEGf5Lrsfo90nxJlG1scomseDb5zo/6l6TvWM4pUq8sSWaZ97s1
+ZAAL5P+FZMDPyokEB1R537/uPHg43xQsJjIycv6ZP4dtDM3pZ+1gvo/oI0/dJziN
+aduKKPqwCUxJySY0ks8ecrDPaZFGYxxbrscDwj0JELKpV1bpYZx2Ofn+gZMQ88ta
+a/TMdyP/edP9gBHa9cvcxSyy7a08BUcEX5UuMOyMQdzf4Dk0joP9zd021xObvH+H
+k9zrKEbtNskh/1hQBKhfx0RmvhH8KGRNKysQCjxQ28ZpKtdJI9ULQRfN2KD8wyCq
+5ljujyIoDgWZXe5JPu8cIz2oR02wB41bhGfYxEyuDlgn+8POnD99b77Mj3jWSCn9
+MCe0xEsnhkKVCaO3qfIovKFBxE8=
+-----END CERTIFICATE-----
diff --git a/var/pub/x509/imap.cyclocoop.org/crt.self-signed.pem.asc b/var/pub/x509/imap.cyclocoop.org/crt.self-signed.pem.asc
new file mode 100644 (file)
index 0000000..93fc8e2
--- /dev/null
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+iQIcBAABCgAGBQJR4ootAAoJEF4nGc9w/oqe8D4QAKQd2eBKiobmE5xL7hxmsc+k
+LY9NMhjR6WI8MAlS9ZTHXqWluH9XjfarCK4Jcuu46rCmNEx/M1m9FrPuM2y6DkcH
+0CZsChdnvYEu49J1rL0jlm+g9t14jLO8Wr/qf44ROx3LGE8dBueUoD9nbcec9FnM
+hl1O2IJSHrMRYi6t3foDVwYEfSx9f4vBq535L2YkZV4W7PLi6KPNenQcJqL244kp
+U7rypo9tQAYlKXy9FgJRkwgTWrg4tAaLH9lObu/K92OC71UCFTlHXht1cVO56IcS
+QNqqJB/5wCYGuR60VZKXZ4qjNv7xEPQ8yyT0B40jyB+Ue6aUuTGoqL3qAqNkfTXv
+qMt7p+wwlxwqFg4X+oXOiEH0A+oTmFhfhC8z+AaAnHiVhJHSTh9VX7j8TjrdRV+O
+pLg8jwCsS6xCpXRwYCLNwFuwI9m5De4jNm0FmG51wbUN0NcXvYocBgPXBe0joLxI
+BLzJVYvJnZ3CpS19/xOEr2OY8jCj/WDhvhLgDxmJIuWMQDpxHyitp+9GlltK+Yno
+96lIwGa/3utv0Qn20/ReaTzyWO6D06+4Wsbwq3qso+TtQIEaFbWdZJM4D+durI1t
+WlhpRicRmQFyVVm57aoiZrF0lLs+cNQohS0667zYMU2bEWV0yqL3fKKUJFS2GlGV
+0OmWC6IyCFG1U4oi2KN3
+=bN0C
+-----END PGP SIGNATURE-----
diff --git a/var/pub/x509/imap.cyclocoop.org/idx.self-signed.txt b/var/pub/x509/imap.cyclocoop.org/idx.self-signed.txt
new file mode 100644 (file)
index 0000000..e69de29
diff --git a/var/pub/x509/imap.cyclocoop.org/idx.txt b/var/pub/x509/imap.cyclocoop.org/idx.txt
new file mode 100644 (file)
index 0000000..e69de29
diff --git a/var/pub/x509/imap.cyclocoop.org/req.pem b/var/pub/x509/imap.cyclocoop.org/req.pem
new file mode 100644 (file)
index 0000000..c6c450a
--- /dev/null
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIFpTCCA40CAQAwggFeMQswCQYDVQQGEwJGUjEjMCEGA1UECB4aAM4AbABlAC0A
+ZABlAC0ARgByAGEAbgBjAGUxIzAhBgNVBAceGgDOAGwAZQAtAGQAZQAtAEYAcgBh
+AG4AYwBlMRUwEwYDVQQKEwxDeWNsb2ZmaWNpbmUxFTATBgNVBAsTDFNlcnZpY2Ug
+SU1BUDEbMBkGA1UEAxMSaW1hcC5jeWNsb2Nvb3Aub3JnMUswSQYDVQQPHkIAVgAx
+AC4AMAAsACAAbgBpACAAZABpAGUAdQAgAG4AaQAgAG0AYQDuAHQAcgBlACAAbgBp
+ACAAbQBvAHQAZQB1AHIxKzApBgsrBgEEAYI3PAIBAR4aAM4AbABlAC0AZABlAC0A
+RgByAGEAbgBjAGUxKzApBgsrBgEEAYI3PAIBAh4aAM4AbABlAC0AZABlAC0ARgBy
+AGEAbgBjAGUxEzARBgsrBgEEAYI3PAIBAxMCRlIwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQCwn4NUgfSbABvrn3acgFTAQQeW1SheehhWv1l9M3315FCj
+YnHRcizIkL+juNbUDLh5wC6qHfR8cB5cB/0uf5rDWhqcclJmJF9SzDX0XQdOJdT9
+CAdId2NN1iapDN6EtqjTCsZzG+GiVsLO/+F7M8KP5YRy4Ohm00E7LFXZxSU33yJs
+9KrwEDEFF7XHmsDUgDAlLVlTUm0Lln1EHtpLl4bfv8hVDh1Z+SMgPNhd1jGJR6C6
+/Ymt2M9Mx75MK3ydh2GVFoLuS2NYrtIj3bMaZxEimEmgh0ou9ds9S4DVg0tTHYIH
+lpK9zQg7v2mOalHcb4drEd1cUfdB68Ly2pRIphfdjK81gF0vMobGCgxoIST8VoOd
+1YQ8fcOV05ogvRCCSUPqKPCAyTrGGIPNsHpwMWniMTvEd+YA+jvP6+21NMNrFIPx
+w/eN6TD4Piv6VcPmggEaBBvDYKpnbWElRZpbT3AFtk+ObZ4T0A6stMO+GzK7vE4x
+CRAQ03OI2CM2vFuHmDbsm3iHnmGimRFmTLGnWcVHmYdWnPhn14IeNntUaFxJ2SGQ
+n/jilIvLL7A/ijh8u2PqrM/RNRWI5sEA44cYplC8641S4PI0rTXd5dFPZNeA/5Mn
+6jJcCWORV1JnO+z/9seG52IqAPJky7WTH35uJKtb5os1NSijHeb0dt1M0qtgawID
+AQABoAAwDQYJKoZIhvcNAQENBQADggIBAGBDOedu/rAqjTfG0qxJaKEMfs1TxPYc
+6oQx+Q4s5YR2alJunHdRhzUXZV8+weXBgSxWeWIzh/URlHv6IyE+gYIRIlF0Mcne
+N1gn9tZ6CaU10CeE+RpBkMw6eE9H9kKOC6rkWC1hGIETQQUgu6t4Tp4317Ew+oFh
+dDxRSMCQIkPcQZg8budXTQ8OZluw4fAfKb7yry0YP3yvcGmvvdhYl5xcDDzuJDnz
+UpF8g12AfmctM2wDBKHu09xTExxReKFXDvxkXU/mZIYhYOHmsn5+/1NNOx7vBk3R
+Bt179Cu80vZ/2vk3dZqjCvVUFIruXI0d9eBcVDeNq0Bd6/8v1L0ilHx+rSax3my2
+qfIDSeoCRIimmk//9EurUlGAL06F0Ay/6jvcl5MvzCHvVlpvpA/2y56TUlxBQ5Ja
+TDimQBPuZe2w68vaAlbml5IgdvFelldXIN0JkQdkujX8xe7KBtkBex6ElzBYOgmA
+tdyH4qkV/FOia4qdtRKv1Pz0GJ5eLcbU6p5dWnkv32P7c4Q7k0KRgTlYhFreV280
+lvQuDEeJC1Evqdwj5swTFoL3Ry/fZKAPj0PKIBL2Q1C+Bu0ILkq5bvbuRROaZaR0
+wdGPLoPoWOIBSwy2KWYfSW1wE2iSW8aLKFHnYDEQjhN7n+yokJ/w4ThMDGEu+Mat
+sQuzvxnP/7vM
+-----END CERTIFICATE REQUEST-----
diff --git a/var/pub/x509/imap.heureux-cyclage.org/.gitignore b/var/pub/x509/imap.heureux-cyclage.org/.gitignore
new file mode 100644 (file)
index 0000000..f5a0fec
--- /dev/null
@@ -0,0 +1 @@
+user/
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/ca b/var/pub/x509/roundcube.heureux-cyclage.org/ca
new file mode 120000 (symlink)
index 0000000..6d4a070
--- /dev/null
@@ -0,0 +1 @@
+../heureux-cyclage.org
\ No newline at end of file
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crl.num b/var/pub/x509/roundcube.heureux-cyclage.org/crl.num
new file mode 100644 (file)
index 0000000..8a0f05e
--- /dev/null
@@ -0,0 +1 @@
+01
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crl.num.old b/var/pub/x509/roundcube.heureux-cyclage.org/crl.num.old
new file mode 100644 (file)
index 0000000..4daddb7
--- /dev/null
@@ -0,0 +1 @@
+00
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crl.pem b/var/pub/x509/roundcube.heureux-cyclage.org/crl.pem
new file mode 100644 (file)
index 0000000..6b3623b
--- /dev/null
@@ -0,0 +1,23 @@
+-----BEGIN X509 CRL-----
+MIIDvzCCAacCAQEwDQYJKoZIhvcNAQENBQAwggFjMQswCQYDVQQGEwJGUjEfMB0G
+A1UECB4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEfMB0GA1UEBx4WAFIAaAD0AG4A
+ZQAtAEEAbABwAGUAczEaMBgGA1UEChMRTCdIZXVyZXV4IEN5Y2xhZ2UxGjAYBgNV
+BAsTEVNlcnZpY2UgUm91bmRjdWJlMSYwJAYDVQQDEx1yb3VuZGN1YmUuaGV1cmV1
+eC1jeWNsYWdlLm9yZzFLMEkGA1UEDx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBl
+AHUAIABuAGkAIABtAGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0AGUAdQByMScwJQYL
+KwYBBAGCNzwCAQEeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxJzAlBgsrBgEEAYI3
+PAIBAh4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczETMBEGCysGAQQBgjc8AgEDEwJG
+UhcNMTMwNTI1MTYxNzQ2WhcNMjMwNTI2MTYxNzQ2WqAOMAwwCgYDVR0UBAMCAQAw
+DQYJKoZIhvcNAQENBQADggIBADWaW9vhmlzyJZTydmDJDbMmyFp8vqzXrs0TS+DB
+Y4zsUsvn5WDjY7wpuQvmRwqGpGpGNtRty4zO4reJLinY5aaI4lITOwkh701v1s/s
+FggJ2Yoo23TJ8ZxXFf8xgd0xHO+pb8aMzYUm5Xx3iyHIdAsID1xw26uu94cLpYCi
+YBo8e2SUXq8bmyb0i5sFv1uUWTcfKcjAYOTXnGn0oUh12aJTT0tyirI7MR1gs0z1
+aNZgxtemN/qesgUHUeHoEvI5uptASeq9xU9Ra5MTsOIBpMVyq69+iEORWOsk3NGn
+KsrqvumQTjorU1EGqW7gvdKE4L9LHfKq3/jsqh+8fe7miJXmRWRmU5MgCpnfE4Hg
+pLDYVDKPWOwmaJn1o2JB5Rqsv/3sm35Z16wWjQEBnjmfIPYB0FjDKGoulLkRej3M
+gSnhIwGgD9D6/zlSGuh1zd4zYXzOEpmPg8+S/ZdXjy+X6fKypzrrOGGWSpiMPbRN
+rwZwL1qHf2a47qM0HtfHYil8hEXL6AvFoHhAtHSOAM9809DU2avo61iCw3TYx/s6
+j8rE7nDI1y1YIU1CoN+xHHtCTsk/Jslq7Cxr6Wo2UtkMtGo0GszQ52lOtcg0g308
+yPvl/8tv4l7p39ZxGaohKth0l+pTxcelg+vkm6T9PE3FykFzs4p+cmWGWjvqlPqT
+2IZ8
+-----END X509 CRL-----
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crl.self-signed.num b/var/pub/x509/roundcube.heureux-cyclage.org/crl.self-signed.num
new file mode 100644 (file)
index 0000000..8a0f05e
--- /dev/null
@@ -0,0 +1 @@
+01
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crl.self-signed.num.old b/var/pub/x509/roundcube.heureux-cyclage.org/crl.self-signed.num.old
new file mode 100644 (file)
index 0000000..4daddb7
--- /dev/null
@@ -0,0 +1 @@
+00
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crl.self-signed.pem b/var/pub/x509/roundcube.heureux-cyclage.org/crl.self-signed.pem
new file mode 100644 (file)
index 0000000..f1c081a
--- /dev/null
@@ -0,0 +1,23 @@
+-----BEGIN X509 CRL-----
+MIIDvzCCAacCAQEwDQYJKoZIhvcNAQENBQAwggFjMQswCQYDVQQGEwJGUjEfMB0G
+A1UECB4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEfMB0GA1UEBx4WAFIAaAD0AG4A
+ZQAtAEEAbABwAGUAczEaMBgGA1UEChMRTCdIZXVyZXV4IEN5Y2xhZ2UxGjAYBgNV
+BAsTEVNlcnZpY2UgUm91bmRjdWJlMSYwJAYDVQQDEx1yb3VuZGN1YmUuaGV1cmV1
+eC1jeWNsYWdlLm9yZzFLMEkGA1UEDx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBl
+AHUAIABuAGkAIABtAGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0AGUAdQByMScwJQYL
+KwYBBAGCNzwCAQEeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxJzAlBgsrBgEEAYI3
+PAIBAh4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczETMBEGCysGAQQBgjc8AgEDEwJG
+UhcNMTMwNTI1MTYxNzQ3WhcNMjMwNTI2MTYxNzQ3WqAOMAwwCgYDVR0UBAMCAQAw
+DQYJKoZIhvcNAQENBQADggIBAELb+3roerdPtHc8Nhz0UdYdMhX3l+0vcFmuOzS5
+LalaZLDcGTfWMsToGqbYm0TGPRF72r2phNn+rsTZj5JO30UOMoUpJjNA3TeX9Pml
+MgmIKvRYs3ZpNmcaAUCk0vps86mHBpxwiDjk75IvzdN+3jjfWfZZjm/mRxDmFKUX
+xJCvQ7F3m9/4HYB89sUHmW5d0ZSWDO/c+Bi84bqoxBjfbyUKbDHfiiVNxWXB8oJp
+huiWXn1cmxs9ygygr17l+ZaMnjcXuU5c9uFyxS/GbbYKXchrAR3+UQtHCgxA4BLQ
+oTclXmwVH+nFIVr1wlMc9lvRfnRjI45NNQ54+VFhdwLCmob2r4FUTLIbiVBe3k7S
+lGIRJQyPp8BIRqfFXU2lWQqSzAkkyOr8v9V5wGx6KHz4S4Q4CK0PKhYwos2w6WhY
+1z/dEjMUxvI3MNTVTUqaKgPK5qZRPx997YOcEbGKY4E+5j+/UAQ2PZkQ+NqjZQP4
+i8If+DsD6mFR4x/lUtKfRPHHHmk5DJxdBhmnbaMtiCDukbFnre6H5nDk8gvhL6qL
+I17odHlSvadEsr0eGZNlb4V6S0K3dy8EkEIwUAouYD/CMZQJITBM0bF1oFyT2a8/
+F1XuNYxBFdTnIGdKulPs1+8nHrZLt83BtwCgZT4N8HIP6nJiuTEQMBx7k7LNZgfZ
+NFEY
+-----END X509 CRL-----
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crt+ca.pem b/var/pub/x509/roundcube.heureux-cyclage.org/crt+ca.pem
new file mode 100644 (file)
index 0000000..e80d00f
--- /dev/null
@@ -0,0 +1,108 @@
+-----BEGIN CERTIFICATE-----
+MIIKSzCCCDOgAwIBAgIHIBMFJRgXRjANBgkqhkiG9w0BAQ0FADCCARUxHDAaBgNV
+BAMTE2hldXJldXgtY3ljbGFnZS5vcmcxCzAJBgNVBAYTAkZSMQwwCgYDVQQrEwNM
+SEMxGjAYBgNVBAoTEUwnSGV1cmV1eCBDeWNsYWdlMVcwVQYDVQQLHk4AQQBuAHQA
+aQAtAGEAdQB0AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQA
+aQBvAG4AIABwAHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTY5MDAxMR8wHQYDVQQI
+HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQJExYxMCBydWUgU2FpbnQg
+UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0MB4XDTEzMDUyNTE2MTc0NloX
+DTIzMDUyNjE2MTc0NlowggFjMQswCQYDVQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0
+AG4AZQAtAEEAbABwAGUAczEfMB0GA1UEBx4WAFIAaAD0AG4AZQAtAEEAbABwAGUA
+czEaMBgGA1UEChMRTCdIZXVyZXV4IEN5Y2xhZ2UxGjAYBgNVBAsTEVNlcnZpY2Ug
+Um91bmRjdWJlMSYwJAYDVQQDEx1yb3VuZGN1YmUuaGV1cmV1eC1jeWNsYWdlLm9y
+ZzFLMEkGA1UEDx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBlAHUAIABuAGkAIABt
+AGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0AGUAdQByMScwJQYLKwYBBAGCNzwCAQEe
+FgBSAGgA9ABuAGUALQBBAGwAcABlAHMxJzAlBgsrBgEEAYI3PAIBAh4WAFIAaAD0
+AG4AZQAtAEEAbABwAGUAczETMBEGCysGAQQBgjc8AgEDEwJGUjCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBANMsK3kY763cKC5Ddpueeq4qGpr6MZ2aFqxW
+Er7atwwKzbe7xYAS2VGVKmR014qGKU9VoK2bDaBbfuYYiSnX0MFRhhRwLBc8b5PF
+AbWRyMWTyqokbr4LxK4omjAnPHsDni5vbsWapoBy+3FlftlkfxOY2anNEmPeT0ap
+DbiGb7LOzaJXuGZAmIN+s25rvDRXs+BBKp15LiLSlywRAt1AfsaH/BVMTb/I19iy
+L9T88JZpmEg9GckBvWDpgiHvFNEu1e3moFi1M5Tska8gVCu9o7iXHrwc5t0qXX6o
+W0PiMBUgJNyP8ITbmSk6QRVuQZ+svZAunUOSNDSL3a+lCDE7w5o9YGGPOiPnYRIC
+q1fcqx4XVavrbswUsMeVlh1sNEZfQbBPMBrZS8DcIVaszcVAfnwFP/YPpNgnATif
+IKt1iymmghnBTBTSDHq96dTBOBOiv8v+fobwPgU3Z/gylPc6vgSPsKNwwiu8Ac8I
+/bZETSCHdqAoso53xH3Beib/3YIylV7qcAJLlPLN10IiASppInYNnd2CN9VbTHny
+M5Kk0mqedfyTYehxPxbGrsceaxMJO9kKpH4nVtF8RdlV1om+pMCIWLsKYBYkwZnD
+yR+QkQ32gs/VC5mnezX5G1CgQz+QFZRP57feejJoCu/N9JrIW5SuGf+MDBumU5Ap
+hbwrqKlzAgMBAAGjggNMMIIDSDASBgNVHRMBAf8ECDAGAQH/AgEAMAsGA1UdDwQE
+AwIBpjCBrwYDVR0RBIGnMIGkgSVjb250YWN0K3JvdW5kY3ViZUBoZXVyZXV4LWN5
+Y2xhZ2Uub3JnghhtYWlsLmhldXJldXgtY3ljbGFnZS5vcmeCHGNvdXJyaWVsLmhl
+dXJldXgtY3ljbGFnZS5vcmeCF3JvdW5kY3ViZS5jeWNsb2Nvb3Aub3JnghJtYWls
+LmN5Y2xvY29vcC5vcmeCFmNvdXJyaWVsLmN5Y2xvY29vcC5vcmcwHQYDVR0OBBYE
+FOPaVmy2iqkql3t2c0okyPJtkDuyMCYGA1UdEgQfMB2BG2NvbnRhY3RAaGV1cmV1
+eC1jeWNsYWdlLm9yZzCCAU0GA1UdIwSCAUQwggFAgBTQQETok+Fk9woJQMBtg2e8
+t7ntSqGCAR2kggEZMIIBFTEcMBoGA1UEAxMTaGV1cmV1eC1jeWNsYWdlLm9yZzEL
+MAkGA1UEBhMCRlIxDDAKBgNVBCsTA0xIQzEaMBgGA1UEChMRTCdIZXVyZXV4IEN5
+Y2xhZ2UxVzBVBgNVBAseTgBBAG4AdABpAC0AYQB1AHQAbwByAGkAdADpACAAZABl
+ACAAYwBlAHIAdABpAGYAaQBjAGEAdABpAG8AbgAgAHAAcgBpAG0AYQBpAHIAZTEO
+MAwGA1UEERMFNjkwMDExHzAdBgNVBAgeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMx
+HzAdBgNVBAkTFjEwIHJ1ZSBTYWludCBQb2x5Y2FycGUxEzARBgNVBBQeCgBuAOkA
+YQBuAHSCByATAyYJODEwRwYIKwYBBQUHAQEEOzA5MDcGCCsGAQUFBzAChitodHRw
+Oi8vd3d3LmhldXJldXgtY3ljbGFnZS5vcmcveDUwOS9jcnQucGVtMEYGA1UdHwQ/
+MD0wO6A5oDeGNWh0dHA6Ly93d3cuaGV1cmV1eC1jeWNsYWdlLm9yZy94NTA5L3Jv
+dW5kY3ViZS9jcmwucGVtMEoGA1UdIARDMEEwPwYFKoF6ASowNjA0BggrBgEFBQcC
+ARYoaHR0cHM6Ly93d3cuaGV1cmV1eC1jeWNsYWdlLm9yZy94NTA5L2NwczANBgkq
+hkiG9w0BAQ0FAAOCAgEAApLH/QZm5cyCRN5Hq1Y/pafLxn6uteqMeCusXEBx0oOU
+eTZapbf6qpaeHWuqQIGLTHt8qahjldaB1hegbG4WVq4vk/tbytlT5kKs1CBWSe3C
+kZBbK0oDw/1iCvA8JmUP4EIXQ55pk5/fbq3+JhR1shYL4FUIf1guXfxwuFhmjZeH
+4vfTerZ9F3ae4IQD6l2jXwK2XTOfhGXeHWGJ1r/0yio59sn2lSCJ9rVAc4gfTHmg
+qidiolBaHqFADJlPxjBjPgEhH9rEiiskPfSFy6bGPzeXznePPkl2NTlokh/1LeoK
+RjnC/xzMSb3ehhmqBXuqj4Fy/fonoWWlZ2jUZGL70fT2iDjw+tqYBm7Wv18Dh2AD
+HI+zi/2/Zi439nctxsrxRzlXh6VFMvHjPGPZog75jgwZi17P/wEyOpmNP9KsjPIy
++tiw2AgzK04QoTcBZCbyklrJaO5qDMj+OXwgkip2qGqRKTROVTFipMve4FWeCjFm
+vs/lChOxt0YVJbMtGOjwNzvK4E2vkZle2I85eoBS25wWqdobuTh+NcFBIJbq49Mn
+lkdxH2TqAMDyZVzuWHpzqqo+KUpPy0QWD+5GtTn82KEeiEd2GjfIo7+lwzKhYZR3
+giP2cBqjJvGTRQzSCNAOrouOS7WooK9mWXcgfzPmubaG7wyvZWXdVTeR8/uVPpI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIJHTCCBwWgAwIBAgIHIBMDJgk4MTANBgkqhkiG9w0BAQ0FADCCARUxHDAaBgNV
+BAMTE2hldXJldXgtY3ljbGFnZS5vcmcxCzAJBgNVBAYTAkZSMQwwCgYDVQQrEwNM
+SEMxGjAYBgNVBAoTEUwnSGV1cmV1eCBDeWNsYWdlMVcwVQYDVQQLHk4AQQBuAHQA
+aQAtAGEAdQB0AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQA
+aQBvAG4AIABwAHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTY5MDAxMR8wHQYDVQQI
+HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQJExYxMCBydWUgU2FpbnQg
+UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0MB4XDTEzMDMyNjA4MzgzMVoX
+DTIzMDMyNzA4MzgzMVowggEVMRwwGgYDVQQDExNoZXVyZXV4LWN5Y2xhZ2Uub3Jn
+MQswCQYDVQQGEwJGUjEMMAoGA1UEKxMDTEhDMRowGAYDVQQKExFMJ0hldXJldXgg
+Q3ljbGFnZTFXMFUGA1UECx5OAEEAbgB0AGkALQBhAHUAdABvAHIAaQB0AOkAIABk
+AGUAIABjAGUAcgB0AGkAZgBpAGMAYQB0AGkAbwBuACAAcAByAGkAbQBhAGkAcgBl
+MQ4wDAYDVQQREwU2OTAwMTEfMB0GA1UECB4WAFIAaAD0AG4AZQAtAEEAbABwAGUA
+czEfMB0GA1UECRMWMTAgcnVlIFNhaW50IFBvbHljYXJwZTETMBEGA1UEFB4KAG4A
+6QBhAG4AdDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMQW7t6xtjiy
+B++qKw1fetUPyF/LbMHllX4c3pxyRXjN7AnvDbVoTH7RItPoabAkmh5BFInXwP6P
+UtbX2uLyGNsnEh5MueMJcmcZ0woDFZe60An1sVCm0RLnNL2LvZBACZI4ZtnFVczO
+HL+kzUqik2PLyIqt0sicwsAvsY4iJLlRmfjjyp4jbiBhLaj3AgcqHhkf+6csNc+Y
+6LQC+C+9dcPq4RcJ8w939tU1VNth5Llil/jBkUS5SxEmXyo/yuPqkd5FxL0qGkm3
+8gf3AVZYwDwpwOBJPzjSg1lAonjNAuH/JD0AvytvTecPi1TYCJDW6VswB9X54ZJD
+cIuBWF7yCQSH/czAMppuQopuQJ8F6bdVyyDIKWJTXA9SdOQRrAZeIpVFu//8fbyv
+0yhLroTp1xXSRC+s+jEhdjZsOJGsY/0TH1biRQt9JvBTEzhFPww76FczYVa9Bxoq
+ipLjCwfzh68w948nsdOwRnsjMEJkIgv6rVsC4jxgaTc6ay2PnqbLxGmH1YENpHvf
+UuO2nB7aIvakxf6OsH95KBTzgvKSwYnp2QiPCpBTtOihD2RkA2uDPefHLU6058pb
+heXwMMKwUVn18rs9TH8T3N5q5AHpMK1H2Mvn9pskLpT16UKTOKkoktR1jgkJN6vR
+GNzjFB391ZVKfV90eXjtjsckyAcUNTdhAgMBAAGjggJsMIICaDASBgNVHRMBAf8E
+CDAGAQH/AgEBMAsGA1UdDwQEAwIBBjAmBgNVHREEHzAdgRtjb250YWN0QGhldXJl
+dXgtY3ljbGFnZS5vcmcwHQYDVR0OBBYEFNBAROiT4WT3CglAwG2DZ7y3ue1KMCYG
+A1UdEgQfMB2BG2NvbnRhY3RAaGV1cmV1eC1jeWNsYWdlLm9yZzCCAU0GA1UdIwSC
+AUQwggFAgBTQQETok+Fk9woJQMBtg2e8t7ntSqGCAR2kggEZMIIBFTEcMBoGA1UE
+AxMTaGV1cmV1eC1jeWNsYWdlLm9yZzELMAkGA1UEBhMCRlIxDDAKBgNVBCsTA0xI
+QzEaMBgGA1UEChMRTCdIZXVyZXV4IEN5Y2xhZ2UxVzBVBgNVBAseTgBBAG4AdABp
+AC0AYQB1AHQAbwByAGkAdADpACAAZABlACAAYwBlAHIAdABpAGYAaQBjAGEAdABp
+AG8AbgAgAHAAcgBpAG0AYQBpAHIAZTEOMAwGA1UEERMFNjkwMDExHzAdBgNVBAge
+FgBSAGgA9ABuAGUALQBBAGwAcABlAHMxHzAdBgNVBAkTFjEwIHJ1ZSBTYWludCBQ
+b2x5Y2FycGUxEzARBgNVBBQeCgBuAOkAYQBuAHSCByATAyYJODEwRwYIKwYBBQUH
+AQEEOzA5MDcGCCsGAQUFBzAChitodHRwOi8vd3d3LmhldXJldXgtY3ljbGFnZS5v
+cmcveDUwOS9jcnQucGVtMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly93d3cuaGV1
+cmV1eC1jeWNsYWdlLm9yZy94NTA5L2NybC5wZW0wDQYJKoZIhvcNAQENBQADggIB
+AAbK2IQ6dCmvBgB44XZ0g0K1xuJ91vGJfMq78bwamBzWOhSgXws7dbtrUD0oGq93
+I22GccnkjrbdsLVpQyQMEhK3eVgj0r3W+sN3ECqcNT35qqNO82RX2RCdKrC8OsWU
+tFUtyhMgZyjXWFcwZnK8CISxtc1KXm2qrUC/Mh/NFGn8OngLaIu2WbDNeDO6ZUbr
+ET4pIbfbwMGEvCYKx9Owqp5NYa8/JyUzHoihzc+CLam2WFp1BrjveacfU6l0+NwX
+i5uYtSJI/K3iKiy+W+8dkdzRYKh09icOCL+GKPEiioJrxfNYX6/HNTbfV/rJWCqd
+gIIpWxvWs1y8wgg6t+VqMm5OG5nsPkkbZiO1cljUnMDAn8kGrp2sORrxCzVgDAKV
+uhXthAdbKPSombuwjKo2M1rzPCGkYTOcgw9N6iaLcD2J1+h25MsZy96L2bNfWB3h
+1iZxQ8ohe+kUmG5NyH6Q9+lYzPfD3PZotehIYI05legurJnK0WM3K+imUw3ZvPxM
+aD0K2+9m/7WFyf9Di34ZeW9Fe9/dYPosoloAJv0w6YrCz8lu5+Vb8BEdaOIFYlr1
+jDlOO94dlg30hCMsP2UpNB+HA1xJEXkFvTnqjAfBHheke97i3y/4FBho3nLDT8Ee
++VZp12H3/m46pxvVjkU4nWqFutDphHDJqN/G8ferAZgt
+-----END CERTIFICATE-----
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crt+crl.pem b/var/pub/x509/roundcube.heureux-cyclage.org/crt+crl.pem
new file mode 100644 (file)
index 0000000..c9602df
--- /dev/null
@@ -0,0 +1,80 @@
+-----BEGIN CERTIFICATE-----
+MIIKSzCCCDOgAwIBAgIHIBMFJRgXRjANBgkqhkiG9w0BAQ0FADCCARUxHDAaBgNV
+BAMTE2hldXJldXgtY3ljbGFnZS5vcmcxCzAJBgNVBAYTAkZSMQwwCgYDVQQrEwNM
+SEMxGjAYBgNVBAoTEUwnSGV1cmV1eCBDeWNsYWdlMVcwVQYDVQQLHk4AQQBuAHQA
+aQAtAGEAdQB0AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQA
+aQBvAG4AIABwAHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTY5MDAxMR8wHQYDVQQI
+HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQJExYxMCBydWUgU2FpbnQg
+UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0MB4XDTEzMDUyNTE2MTc0NloX
+DTIzMDUyNjE2MTc0NlowggFjMQswCQYDVQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0
+AG4AZQAtAEEAbABwAGUAczEfMB0GA1UEBx4WAFIAaAD0AG4AZQAtAEEAbABwAGUA
+czEaMBgGA1UEChMRTCdIZXVyZXV4IEN5Y2xhZ2UxGjAYBgNVBAsTEVNlcnZpY2Ug
+Um91bmRjdWJlMSYwJAYDVQQDEx1yb3VuZGN1YmUuaGV1cmV1eC1jeWNsYWdlLm9y
+ZzFLMEkGA1UEDx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBlAHUAIABuAGkAIABt
+AGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0AGUAdQByMScwJQYLKwYBBAGCNzwCAQEe
+FgBSAGgA9ABuAGUALQBBAGwAcABlAHMxJzAlBgsrBgEEAYI3PAIBAh4WAFIAaAD0
+AG4AZQAtAEEAbABwAGUAczETMBEGCysGAQQBgjc8AgEDEwJGUjCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBANMsK3kY763cKC5Ddpueeq4qGpr6MZ2aFqxW
+Er7atwwKzbe7xYAS2VGVKmR014qGKU9VoK2bDaBbfuYYiSnX0MFRhhRwLBc8b5PF
+AbWRyMWTyqokbr4LxK4omjAnPHsDni5vbsWapoBy+3FlftlkfxOY2anNEmPeT0ap
+DbiGb7LOzaJXuGZAmIN+s25rvDRXs+BBKp15LiLSlywRAt1AfsaH/BVMTb/I19iy
+L9T88JZpmEg9GckBvWDpgiHvFNEu1e3moFi1M5Tska8gVCu9o7iXHrwc5t0qXX6o
+W0PiMBUgJNyP8ITbmSk6QRVuQZ+svZAunUOSNDSL3a+lCDE7w5o9YGGPOiPnYRIC
+q1fcqx4XVavrbswUsMeVlh1sNEZfQbBPMBrZS8DcIVaszcVAfnwFP/YPpNgnATif
+IKt1iymmghnBTBTSDHq96dTBOBOiv8v+fobwPgU3Z/gylPc6vgSPsKNwwiu8Ac8I
+/bZETSCHdqAoso53xH3Beib/3YIylV7qcAJLlPLN10IiASppInYNnd2CN9VbTHny
+M5Kk0mqedfyTYehxPxbGrsceaxMJO9kKpH4nVtF8RdlV1om+pMCIWLsKYBYkwZnD
+yR+QkQ32gs/VC5mnezX5G1CgQz+QFZRP57feejJoCu/N9JrIW5SuGf+MDBumU5Ap
+hbwrqKlzAgMBAAGjggNMMIIDSDASBgNVHRMBAf8ECDAGAQH/AgEAMAsGA1UdDwQE
+AwIBpjCBrwYDVR0RBIGnMIGkgSVjb250YWN0K3JvdW5kY3ViZUBoZXVyZXV4LWN5
+Y2xhZ2Uub3JnghhtYWlsLmhldXJldXgtY3ljbGFnZS5vcmeCHGNvdXJyaWVsLmhl
+dXJldXgtY3ljbGFnZS5vcmeCF3JvdW5kY3ViZS5jeWNsb2Nvb3Aub3JnghJtYWls
+LmN5Y2xvY29vcC5vcmeCFmNvdXJyaWVsLmN5Y2xvY29vcC5vcmcwHQYDVR0OBBYE
+FOPaVmy2iqkql3t2c0okyPJtkDuyMCYGA1UdEgQfMB2BG2NvbnRhY3RAaGV1cmV1
+eC1jeWNsYWdlLm9yZzCCAU0GA1UdIwSCAUQwggFAgBTQQETok+Fk9woJQMBtg2e8
+t7ntSqGCAR2kggEZMIIBFTEcMBoGA1UEAxMTaGV1cmV1eC1jeWNsYWdlLm9yZzEL
+MAkGA1UEBhMCRlIxDDAKBgNVBCsTA0xIQzEaMBgGA1UEChMRTCdIZXVyZXV4IEN5
+Y2xhZ2UxVzBVBgNVBAseTgBBAG4AdABpAC0AYQB1AHQAbwByAGkAdADpACAAZABl
+ACAAYwBlAHIAdABpAGYAaQBjAGEAdABpAG8AbgAgAHAAcgBpAG0AYQBpAHIAZTEO
+MAwGA1UEERMFNjkwMDExHzAdBgNVBAgeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMx
+HzAdBgNVBAkTFjEwIHJ1ZSBTYWludCBQb2x5Y2FycGUxEzARBgNVBBQeCgBuAOkA
+YQBuAHSCByATAyYJODEwRwYIKwYBBQUHAQEEOzA5MDcGCCsGAQUFBzAChitodHRw
+Oi8vd3d3LmhldXJldXgtY3ljbGFnZS5vcmcveDUwOS9jcnQucGVtMEYGA1UdHwQ/
+MD0wO6A5oDeGNWh0dHA6Ly93d3cuaGV1cmV1eC1jeWNsYWdlLm9yZy94NTA5L3Jv
+dW5kY3ViZS9jcmwucGVtMEoGA1UdIARDMEEwPwYFKoF6ASowNjA0BggrBgEFBQcC
+ARYoaHR0cHM6Ly93d3cuaGV1cmV1eC1jeWNsYWdlLm9yZy94NTA5L2NwczANBgkq
+hkiG9w0BAQ0FAAOCAgEAApLH/QZm5cyCRN5Hq1Y/pafLxn6uteqMeCusXEBx0oOU
+eTZapbf6qpaeHWuqQIGLTHt8qahjldaB1hegbG4WVq4vk/tbytlT5kKs1CBWSe3C
+kZBbK0oDw/1iCvA8JmUP4EIXQ55pk5/fbq3+JhR1shYL4FUIf1guXfxwuFhmjZeH
+4vfTerZ9F3ae4IQD6l2jXwK2XTOfhGXeHWGJ1r/0yio59sn2lSCJ9rVAc4gfTHmg
+qidiolBaHqFADJlPxjBjPgEhH9rEiiskPfSFy6bGPzeXznePPkl2NTlokh/1LeoK
+RjnC/xzMSb3ehhmqBXuqj4Fy/fonoWWlZ2jUZGL70fT2iDjw+tqYBm7Wv18Dh2AD
+HI+zi/2/Zi439nctxsrxRzlXh6VFMvHjPGPZog75jgwZi17P/wEyOpmNP9KsjPIy
++tiw2AgzK04QoTcBZCbyklrJaO5qDMj+OXwgkip2qGqRKTROVTFipMve4FWeCjFm
+vs/lChOxt0YVJbMtGOjwNzvK4E2vkZle2I85eoBS25wWqdobuTh+NcFBIJbq49Mn
+lkdxH2TqAMDyZVzuWHpzqqo+KUpPy0QWD+5GtTn82KEeiEd2GjfIo7+lwzKhYZR3
+giP2cBqjJvGTRQzSCNAOrouOS7WooK9mWXcgfzPmubaG7wyvZWXdVTeR8/uVPpI=
+-----END CERTIFICATE-----
+-----BEGIN X509 CRL-----
+MIIDvzCCAacCAQEwDQYJKoZIhvcNAQENBQAwggFjMQswCQYDVQQGEwJGUjEfMB0G
+A1UECB4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEfMB0GA1UEBx4WAFIAaAD0AG4A
+ZQAtAEEAbABwAGUAczEaMBgGA1UEChMRTCdIZXVyZXV4IEN5Y2xhZ2UxGjAYBgNV
+BAsTEVNlcnZpY2UgUm91bmRjdWJlMSYwJAYDVQQDEx1yb3VuZGN1YmUuaGV1cmV1
+eC1jeWNsYWdlLm9yZzFLMEkGA1UEDx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBl
+AHUAIABuAGkAIABtAGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0AGUAdQByMScwJQYL
+KwYBBAGCNzwCAQEeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxJzAlBgsrBgEEAYI3
+PAIBAh4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczETMBEGCysGAQQBgjc8AgEDEwJG
+UhcNMTMwNTI1MTYxNzQ2WhcNMjMwNTI2MTYxNzQ2WqAOMAwwCgYDVR0UBAMCAQAw
+DQYJKoZIhvcNAQENBQADggIBADWaW9vhmlzyJZTydmDJDbMmyFp8vqzXrs0TS+DB
+Y4zsUsvn5WDjY7wpuQvmRwqGpGpGNtRty4zO4reJLinY5aaI4lITOwkh701v1s/s
+FggJ2Yoo23TJ8ZxXFf8xgd0xHO+pb8aMzYUm5Xx3iyHIdAsID1xw26uu94cLpYCi
+YBo8e2SUXq8bmyb0i5sFv1uUWTcfKcjAYOTXnGn0oUh12aJTT0tyirI7MR1gs0z1
+aNZgxtemN/qesgUHUeHoEvI5uptASeq9xU9Ra5MTsOIBpMVyq69+iEORWOsk3NGn
+KsrqvumQTjorU1EGqW7gvdKE4L9LHfKq3/jsqh+8fe7miJXmRWRmU5MgCpnfE4Hg
+pLDYVDKPWOwmaJn1o2JB5Rqsv/3sm35Z16wWjQEBnjmfIPYB0FjDKGoulLkRej3M
+gSnhIwGgD9D6/zlSGuh1zd4zYXzOEpmPg8+S/ZdXjy+X6fKypzrrOGGWSpiMPbRN
+rwZwL1qHf2a47qM0HtfHYil8hEXL6AvFoHhAtHSOAM9809DU2avo61iCw3TYx/s6
+j8rE7nDI1y1YIU1CoN+xHHtCTsk/Jslq7Cxr6Wo2UtkMtGo0GszQ52lOtcg0g308
+yPvl/8tv4l7p39ZxGaohKth0l+pTxcelg+vkm6T9PE3FykFzs4p+cmWGWjvqlPqT
+2IZ8
+-----END X509 CRL-----
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crt+crl.self-signed.pem b/var/pub/x509/roundcube.heureux-cyclage.org/crt+crl.self-signed.pem
new file mode 100644 (file)
index 0000000..f83c9ca
--- /dev/null
@@ -0,0 +1,85 @@
+-----BEGIN CERTIFICATE-----
+MIILLzCCCRegAwIBAgIHIBMFJRgXRzANBgkqhkiG9w0BAQ0FADCCAWMxCzAJBgNV
+BAYTAkZSMR8wHQYDVQQIHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQH
+HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMRowGAYDVQQKExFMJ0hldXJldXggQ3lj
+bGFnZTEaMBgGA1UECxMRU2VydmljZSBSb3VuZGN1YmUxJjAkBgNVBAMTHXJvdW5k
+Y3ViZS5oZXVyZXV4LWN5Y2xhZ2Uub3JnMUswSQYDVQQPHkIAVgAxAC4AMAAsACAA
+bgBpACAAZABpAGUAdQAgAG4AaQAgAG0AYQDuAHQAcgBlACAAbgBpACAAbQBvAHQA
+ZQB1AHIxJzAlBgsrBgEEAYI3PAIBAR4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEn
+MCUGCysGAQQBgjc8AgECHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMRMwEQYLKwYB
+BAGCNzwCAQMTAkZSMB4XDTEzMDUyNTE2MTc0N1oXDTIzMDUyNjE2MTc0N1owggFj
+MQswCQYDVQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEf
+MB0GA1UEBx4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEaMBgGA1UEChMRTCdIZXVy
+ZXV4IEN5Y2xhZ2UxGjAYBgNVBAsTEVNlcnZpY2UgUm91bmRjdWJlMSYwJAYDVQQD
+Ex1yb3VuZGN1YmUuaGV1cmV1eC1jeWNsYWdlLm9yZzFLMEkGA1UEDx5CAFYAMQAu
+ADAALAAgAG4AaQAgAGQAaQBlAHUAIABuAGkAIABtAGEA7gB0AHIAZQAgAG4AaQAg
+AG0AbwB0AGUAdQByMScwJQYLKwYBBAGCNzwCAQEeFgBSAGgA9ABuAGUALQBBAGwA
+cABlAHMxJzAlBgsrBgEEAYI3PAIBAh4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczET
+MBEGCysGAQQBgjc8AgEDEwJGUjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBANMsK3kY763cKC5Ddpueeq4qGpr6MZ2aFqxWEr7atwwKzbe7xYAS2VGVKmR0
+14qGKU9VoK2bDaBbfuYYiSnX0MFRhhRwLBc8b5PFAbWRyMWTyqokbr4LxK4omjAn
+PHsDni5vbsWapoBy+3FlftlkfxOY2anNEmPeT0apDbiGb7LOzaJXuGZAmIN+s25r
+vDRXs+BBKp15LiLSlywRAt1AfsaH/BVMTb/I19iyL9T88JZpmEg9GckBvWDpgiHv
+FNEu1e3moFi1M5Tska8gVCu9o7iXHrwc5t0qXX6oW0PiMBUgJNyP8ITbmSk6QRVu
+QZ+svZAunUOSNDSL3a+lCDE7w5o9YGGPOiPnYRICq1fcqx4XVavrbswUsMeVlh1s
+NEZfQbBPMBrZS8DcIVaszcVAfnwFP/YPpNgnATifIKt1iymmghnBTBTSDHq96dTB
+OBOiv8v+fobwPgU3Z/gylPc6vgSPsKNwwiu8Ac8I/bZETSCHdqAoso53xH3Beib/
+3YIylV7qcAJLlPLN10IiASppInYNnd2CN9VbTHnyM5Kk0mqedfyTYehxPxbGrsce
+axMJO9kKpH4nVtF8RdlV1om+pMCIWLsKYBYkwZnDyR+QkQ32gs/VC5mnezX5G1Cg
+Qz+QFZRP57feejJoCu/N9JrIW5SuGf+MDBumU5AphbwrqKlzAgMBAAGjggPiMIID
+3jASBgNVHRMBAf8ECDAGAQH/AgEAMAsGA1UdDwQEAwIBpjCBrwYDVR0RBIGnMIGk
+gSVjb250YWN0K3JvdW5kY3ViZUBoZXVyZXV4LWN5Y2xhZ2Uub3JnghhtYWlsLmhl
+dXJldXgtY3ljbGFnZS5vcmeCHGNvdXJyaWVsLmhldXJldXgtY3ljbGFnZS5vcmeC
+F3JvdW5kY3ViZS5jeWNsb2Nvb3Aub3JnghJtYWlsLmN5Y2xvY29vcC5vcmeCFmNv
+dXJyaWVsLmN5Y2xvY29vcC5vcmcwHQYDVR0OBBYEFOPaVmy2iqkql3t2c0okyPJt
+kDuyMIGvBgNVHRIEgacwgaSBJWNvbnRhY3Qrcm91bmRjdWJlQGhldXJldXgtY3lj
+bGFnZS5vcmeCGG1haWwuaGV1cmV1eC1jeWNsYWdlLm9yZ4IcY291cnJpZWwuaGV1
+cmV1eC1jeWNsYWdlLm9yZ4IXcm91bmRjdWJlLmN5Y2xvY29vcC5vcmeCEm1haWwu
+Y3ljbG9jb29wLm9yZ4IWY291cnJpZWwuY3ljbG9jb29wLm9yZzCCAZsGA1UdIwSC
+AZIwggGOgBTj2lZstoqpKpd7dnNKJMjybZA7sqGCAWukggFnMIIBYzELMAkGA1UE
+BhMCRlIxHzAdBgNVBAgeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxHzAdBgNVBAce
+FgBSAGgA9ABuAGUALQBBAGwAcABlAHMxGjAYBgNVBAoTEUwnSGV1cmV1eCBDeWNs
+YWdlMRowGAYDVQQLExFTZXJ2aWNlIFJvdW5kY3ViZTEmMCQGA1UEAxMdcm91bmRj
+dWJlLmhldXJldXgtY3ljbGFnZS5vcmcxSzBJBgNVBA8eQgBWADEALgAwACwAIABu
+AGkAIABkAGkAZQB1ACAAbgBpACAAbQBhAO4AdAByAGUAIABuAGkAIABtAG8AdABl
+AHUAcjEnMCUGCysGAQQBgjc8AgEBHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMScw
+JQYLKwYBBAGCNzwCAQIeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxEzARBgsrBgEE
+AYI3PAIBAxMCRlKCByATBSUYF0cwUQYIKwYBBQUHAQEERTBDMEEGCCsGAQUFBzAC
+hjVodHRwOi8vd3d3LmhldXJldXgtY3ljbGFnZS5vcmcveDUwOS9yb3VuZGN1YmUv
+Y3J0LnBlbTBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vd3d3LmhldXJldXgtY3lj
+bGFnZS5vcmcveDUwOS9yb3VuZGN1YmUvY3JsLnBlbTANBgkqhkiG9w0BAQ0FAAOC
+AgEAYn2rWU12Cbw6TAPsqh0f5La2aND1KUIjA34xhNeg+LtOkVPRKvDmHudR3JyI
+/UUAQP+Ia6Xjir/gvIv4y2UncnjRogoE34Vuc3AF2e01pFlkIHVUqv4hKieEqISM
+LS7bJR7Ma6uOjPYxvwAfUU6hKaXpZ8W28LyDccPyMudhy4uxKYgpIN9HlyTI2Oca
+THL2W+jZqsPAOQjBKt8kelzuAh/kPbFQYxPjq42dg3OPcPeGXbSxNIgziC8xDJS2
+p7zFteKUE7nlKgw/NeS858ufM0v4w3vUtt6cJKkgTgZPesbGsN8B+kNUKC2ncrHj
+lsG3v2PWKubCrWsxwvKt5RLNXCms0dDlioEAeEDhUNte1brgMhxYHiUiZESA976C
+DunUcu4EqrEaIgBBTSTVACKpeWv798oar4IBmP2V16SgiabNpSg475TOVqyxzjjl
+bsjZfZMgyc6Y1xgzHdvtexdsdTUcs43P7Pkgp/MMKHu9ya/2uj3BiKOEyE0cklsa
+hWQgwIXwXuRpqjjh/M5JGmWL2pJs5WtNuvEgEfZ3oyu9uZNROJu20MCSMa+Lemuu
+5Ezc/muyjd0uj1dEOgxA6wa3Ta4ANq+k+l92MfW66pGiIgcrAkR6B19gRLyZADE5
+/fQu8z3YBo5HDaRO6Whg15oS1k13uL3dRRYhlax3cVyEgCE=
+-----END CERTIFICATE-----
+-----BEGIN X509 CRL-----
+MIIDvzCCAacCAQEwDQYJKoZIhvcNAQENBQAwggFjMQswCQYDVQQGEwJGUjEfMB0G
+A1UECB4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEfMB0GA1UEBx4WAFIAaAD0AG4A
+ZQAtAEEAbABwAGUAczEaMBgGA1UEChMRTCdIZXVyZXV4IEN5Y2xhZ2UxGjAYBgNV
+BAsTEVNlcnZpY2UgUm91bmRjdWJlMSYwJAYDVQQDEx1yb3VuZGN1YmUuaGV1cmV1
+eC1jeWNsYWdlLm9yZzFLMEkGA1UEDx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBl
+AHUAIABuAGkAIABtAGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0AGUAdQByMScwJQYL
+KwYBBAGCNzwCAQEeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxJzAlBgsrBgEEAYI3
+PAIBAh4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczETMBEGCysGAQQBgjc8AgEDEwJG
+UhcNMTMwNTI1MTYxNzQ3WhcNMjMwNTI2MTYxNzQ3WqAOMAwwCgYDVR0UBAMCAQAw
+DQYJKoZIhvcNAQENBQADggIBAELb+3roerdPtHc8Nhz0UdYdMhX3l+0vcFmuOzS5
+LalaZLDcGTfWMsToGqbYm0TGPRF72r2phNn+rsTZj5JO30UOMoUpJjNA3TeX9Pml
+MgmIKvRYs3ZpNmcaAUCk0vps86mHBpxwiDjk75IvzdN+3jjfWfZZjm/mRxDmFKUX
+xJCvQ7F3m9/4HYB89sUHmW5d0ZSWDO/c+Bi84bqoxBjfbyUKbDHfiiVNxWXB8oJp
+huiWXn1cmxs9ygygr17l+ZaMnjcXuU5c9uFyxS/GbbYKXchrAR3+UQtHCgxA4BLQ
+oTclXmwVH+nFIVr1wlMc9lvRfnRjI45NNQ54+VFhdwLCmob2r4FUTLIbiVBe3k7S
+lGIRJQyPp8BIRqfFXU2lWQqSzAkkyOr8v9V5wGx6KHz4S4Q4CK0PKhYwos2w6WhY
+1z/dEjMUxvI3MNTVTUqaKgPK5qZRPx997YOcEbGKY4E+5j+/UAQ2PZkQ+NqjZQP4
+i8If+DsD6mFR4x/lUtKfRPHHHmk5DJxdBhmnbaMtiCDukbFnre6H5nDk8gvhL6qL
+I17odHlSvadEsr0eGZNlb4V6S0K3dy8EkEIwUAouYD/CMZQJITBM0bF1oFyT2a8/
+F1XuNYxBFdTnIGdKulPs1+8nHrZLt83BtwCgZT4N8HIP6nJiuTEQMBx7k7LNZgfZ
+NFEY
+-----END X509 CRL-----
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crt.pem b/var/pub/x509/roundcube.heureux-cyclage.org/crt.pem
new file mode 100644 (file)
index 0000000..f83992b
--- /dev/null
@@ -0,0 +1,57 @@
+-----BEGIN CERTIFICATE-----
+MIIKSzCCCDOgAwIBAgIHIBMFJRgXRjANBgkqhkiG9w0BAQ0FADCCARUxHDAaBgNV
+BAMTE2hldXJldXgtY3ljbGFnZS5vcmcxCzAJBgNVBAYTAkZSMQwwCgYDVQQrEwNM
+SEMxGjAYBgNVBAoTEUwnSGV1cmV1eCBDeWNsYWdlMVcwVQYDVQQLHk4AQQBuAHQA
+aQAtAGEAdQB0AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQA
+aQBvAG4AIABwAHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTY5MDAxMR8wHQYDVQQI
+HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQJExYxMCBydWUgU2FpbnQg
+UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0MB4XDTEzMDUyNTE2MTc0NloX
+DTIzMDUyNjE2MTc0NlowggFjMQswCQYDVQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0
+AG4AZQAtAEEAbABwAGUAczEfMB0GA1UEBx4WAFIAaAD0AG4AZQAtAEEAbABwAGUA
+czEaMBgGA1UEChMRTCdIZXVyZXV4IEN5Y2xhZ2UxGjAYBgNVBAsTEVNlcnZpY2Ug
+Um91bmRjdWJlMSYwJAYDVQQDEx1yb3VuZGN1YmUuaGV1cmV1eC1jeWNsYWdlLm9y
+ZzFLMEkGA1UEDx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBlAHUAIABuAGkAIABt
+AGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0AGUAdQByMScwJQYLKwYBBAGCNzwCAQEe
+FgBSAGgA9ABuAGUALQBBAGwAcABlAHMxJzAlBgsrBgEEAYI3PAIBAh4WAFIAaAD0
+AG4AZQAtAEEAbABwAGUAczETMBEGCysGAQQBgjc8AgEDEwJGUjCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBANMsK3kY763cKC5Ddpueeq4qGpr6MZ2aFqxW
+Er7atwwKzbe7xYAS2VGVKmR014qGKU9VoK2bDaBbfuYYiSnX0MFRhhRwLBc8b5PF
+AbWRyMWTyqokbr4LxK4omjAnPHsDni5vbsWapoBy+3FlftlkfxOY2anNEmPeT0ap
+DbiGb7LOzaJXuGZAmIN+s25rvDRXs+BBKp15LiLSlywRAt1AfsaH/BVMTb/I19iy
+L9T88JZpmEg9GckBvWDpgiHvFNEu1e3moFi1M5Tska8gVCu9o7iXHrwc5t0qXX6o
+W0PiMBUgJNyP8ITbmSk6QRVuQZ+svZAunUOSNDSL3a+lCDE7w5o9YGGPOiPnYRIC
+q1fcqx4XVavrbswUsMeVlh1sNEZfQbBPMBrZS8DcIVaszcVAfnwFP/YPpNgnATif
+IKt1iymmghnBTBTSDHq96dTBOBOiv8v+fobwPgU3Z/gylPc6vgSPsKNwwiu8Ac8I
+/bZETSCHdqAoso53xH3Beib/3YIylV7qcAJLlPLN10IiASppInYNnd2CN9VbTHny
+M5Kk0mqedfyTYehxPxbGrsceaxMJO9kKpH4nVtF8RdlV1om+pMCIWLsKYBYkwZnD
+yR+QkQ32gs/VC5mnezX5G1CgQz+QFZRP57feejJoCu/N9JrIW5SuGf+MDBumU5Ap
+hbwrqKlzAgMBAAGjggNMMIIDSDASBgNVHRMBAf8ECDAGAQH/AgEAMAsGA1UdDwQE
+AwIBpjCBrwYDVR0RBIGnMIGkgSVjb250YWN0K3JvdW5kY3ViZUBoZXVyZXV4LWN5
+Y2xhZ2Uub3JnghhtYWlsLmhldXJldXgtY3ljbGFnZS5vcmeCHGNvdXJyaWVsLmhl
+dXJldXgtY3ljbGFnZS5vcmeCF3JvdW5kY3ViZS5jeWNsb2Nvb3Aub3JnghJtYWls
+LmN5Y2xvY29vcC5vcmeCFmNvdXJyaWVsLmN5Y2xvY29vcC5vcmcwHQYDVR0OBBYE
+FOPaVmy2iqkql3t2c0okyPJtkDuyMCYGA1UdEgQfMB2BG2NvbnRhY3RAaGV1cmV1
+eC1jeWNsYWdlLm9yZzCCAU0GA1UdIwSCAUQwggFAgBTQQETok+Fk9woJQMBtg2e8
+t7ntSqGCAR2kggEZMIIBFTEcMBoGA1UEAxMTaGV1cmV1eC1jeWNsYWdlLm9yZzEL
+MAkGA1UEBhMCRlIxDDAKBgNVBCsTA0xIQzEaMBgGA1UEChMRTCdIZXVyZXV4IEN5
+Y2xhZ2UxVzBVBgNVBAseTgBBAG4AdABpAC0AYQB1AHQAbwByAGkAdADpACAAZABl
+ACAAYwBlAHIAdABpAGYAaQBjAGEAdABpAG8AbgAgAHAAcgBpAG0AYQBpAHIAZTEO
+MAwGA1UEERMFNjkwMDExHzAdBgNVBAgeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMx
+HzAdBgNVBAkTFjEwIHJ1ZSBTYWludCBQb2x5Y2FycGUxEzARBgNVBBQeCgBuAOkA
+YQBuAHSCByATAyYJODEwRwYIKwYBBQUHAQEEOzA5MDcGCCsGAQUFBzAChitodHRw
+Oi8vd3d3LmhldXJldXgtY3ljbGFnZS5vcmcveDUwOS9jcnQucGVtMEYGA1UdHwQ/
+MD0wO6A5oDeGNWh0dHA6Ly93d3cuaGV1cmV1eC1jeWNsYWdlLm9yZy94NTA5L3Jv
+dW5kY3ViZS9jcmwucGVtMEoGA1UdIARDMEEwPwYFKoF6ASowNjA0BggrBgEFBQcC
+ARYoaHR0cHM6Ly93d3cuaGV1cmV1eC1jeWNsYWdlLm9yZy94NTA5L2NwczANBgkq
+hkiG9w0BAQ0FAAOCAgEAApLH/QZm5cyCRN5Hq1Y/pafLxn6uteqMeCusXEBx0oOU
+eTZapbf6qpaeHWuqQIGLTHt8qahjldaB1hegbG4WVq4vk/tbytlT5kKs1CBWSe3C
+kZBbK0oDw/1iCvA8JmUP4EIXQ55pk5/fbq3+JhR1shYL4FUIf1guXfxwuFhmjZeH
+4vfTerZ9F3ae4IQD6l2jXwK2XTOfhGXeHWGJ1r/0yio59sn2lSCJ9rVAc4gfTHmg
+qidiolBaHqFADJlPxjBjPgEhH9rEiiskPfSFy6bGPzeXznePPkl2NTlokh/1LeoK
+RjnC/xzMSb3ehhmqBXuqj4Fy/fonoWWlZ2jUZGL70fT2iDjw+tqYBm7Wv18Dh2AD
+HI+zi/2/Zi439nctxsrxRzlXh6VFMvHjPGPZog75jgwZi17P/wEyOpmNP9KsjPIy
++tiw2AgzK04QoTcBZCbyklrJaO5qDMj+OXwgkip2qGqRKTROVTFipMve4FWeCjFm
+vs/lChOxt0YVJbMtGOjwNzvK4E2vkZle2I85eoBS25wWqdobuTh+NcFBIJbq49Mn
+lkdxH2TqAMDyZVzuWHpzqqo+KUpPy0QWD+5GtTn82KEeiEd2GjfIo7+lwzKhYZR3
+giP2cBqjJvGTRQzSCNAOrouOS7WooK9mWXcgfzPmubaG7wyvZWXdVTeR8/uVPpI=
+-----END CERTIFICATE-----
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crt.pem.asc b/var/pub/x509/roundcube.heureux-cyclage.org/crt.pem.asc
new file mode 100644 (file)
index 0000000..9238f8d
--- /dev/null
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+iQIcBAABCgAGBQJRoOQqAAoJEF4nGc9w/oqeSjoP/Rwbqx6cat5GXX/dstFcA2kX
+jFq874nMdDcuCjAz3vY8qEZFtIwIxnOcquM0fDiLVSZwefBunldcMjJwNdWguUGS
+jtXIOjvAu01DrOE3oWCPizJilhZG6KThrZYP+rHbZK8TIqWEWo84QUL07oingM6j
+X9mRRPOsJOSxtZGQTpwITwmLiHEzkKc67wRC644pQWkc1NASUzGCagSIQKOyWJb7
+WxK4J3jpSbvxZfOielHgwUP4Y2gv1NHjH3IxnqngiVdn4MvV35bwfViIOz4KZK/y
+Njja1XGi44jP5DWDunFzjjZKknSYm0PXdVdFz0Y0Sqla8c3Yu4fTDbl4d0jmw98S
++7kcY4vcHQp3k7MqoAZpEhiPJ/UUOdB6/k1nKyZ0wjUf61EfJ5HmKIFTCcQ2rbs0
+atr9MrhhBh7rSqRWXrLFwMyAnyTwnBFeIT+zZncviXlRjwqj5XmxDt7xup4Fwd76
+7g8z+RPJqLfCyi+p+msH7I4faKRjffvUYm3lcm1qSJ8q0ivzMR4hVMhSO4gSt1h3
+bVQLb2h/+Sa5Ckoaw+HmR5Jq+lqZXk0LSALB85qQ4sqdv6C8LqTJ1lrvVLXcGRWj
+al6CqKckjNCKDpMdimCI2vSZZe3h9+htjpQ2spwhrJ1aR8QMU/vBnYrk/xrACJUv
+wrdmdwxOmRnq7D9M2/G/
+=k3Dn
+-----END PGP SIGNATURE-----
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crt.self-signed.pem b/var/pub/x509/roundcube.heureux-cyclage.org/crt.self-signed.pem
new file mode 100644 (file)
index 0000000..a78901d
--- /dev/null
@@ -0,0 +1,62 @@
+-----BEGIN CERTIFICATE-----
+MIILLzCCCRegAwIBAgIHIBMFJRgXRzANBgkqhkiG9w0BAQ0FADCCAWMxCzAJBgNV
+BAYTAkZSMR8wHQYDVQQIHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQH
+HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMRowGAYDVQQKExFMJ0hldXJldXggQ3lj
+bGFnZTEaMBgGA1UECxMRU2VydmljZSBSb3VuZGN1YmUxJjAkBgNVBAMTHXJvdW5k
+Y3ViZS5oZXVyZXV4LWN5Y2xhZ2Uub3JnMUswSQYDVQQPHkIAVgAxAC4AMAAsACAA
+bgBpACAAZABpAGUAdQAgAG4AaQAgAG0AYQDuAHQAcgBlACAAbgBpACAAbQBvAHQA
+ZQB1AHIxJzAlBgsrBgEEAYI3PAIBAR4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEn
+MCUGCysGAQQBgjc8AgECHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMRMwEQYLKwYB
+BAGCNzwCAQMTAkZSMB4XDTEzMDUyNTE2MTc0N1oXDTIzMDUyNjE2MTc0N1owggFj
+MQswCQYDVQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEf
+MB0GA1UEBx4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEaMBgGA1UEChMRTCdIZXVy
+ZXV4IEN5Y2xhZ2UxGjAYBgNVBAsTEVNlcnZpY2UgUm91bmRjdWJlMSYwJAYDVQQD
+Ex1yb3VuZGN1YmUuaGV1cmV1eC1jeWNsYWdlLm9yZzFLMEkGA1UEDx5CAFYAMQAu
+ADAALAAgAG4AaQAgAGQAaQBlAHUAIABuAGkAIABtAGEA7gB0AHIAZQAgAG4AaQAg
+AG0AbwB0AGUAdQByMScwJQYLKwYBBAGCNzwCAQEeFgBSAGgA9ABuAGUALQBBAGwA
+cABlAHMxJzAlBgsrBgEEAYI3PAIBAh4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczET
+MBEGCysGAQQBgjc8AgEDEwJGUjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBANMsK3kY763cKC5Ddpueeq4qGpr6MZ2aFqxWEr7atwwKzbe7xYAS2VGVKmR0
+14qGKU9VoK2bDaBbfuYYiSnX0MFRhhRwLBc8b5PFAbWRyMWTyqokbr4LxK4omjAn
+PHsDni5vbsWapoBy+3FlftlkfxOY2anNEmPeT0apDbiGb7LOzaJXuGZAmIN+s25r
+vDRXs+BBKp15LiLSlywRAt1AfsaH/BVMTb/I19iyL9T88JZpmEg9GckBvWDpgiHv
+FNEu1e3moFi1M5Tska8gVCu9o7iXHrwc5t0qXX6oW0PiMBUgJNyP8ITbmSk6QRVu
+QZ+svZAunUOSNDSL3a+lCDE7w5o9YGGPOiPnYRICq1fcqx4XVavrbswUsMeVlh1s
+NEZfQbBPMBrZS8DcIVaszcVAfnwFP/YPpNgnATifIKt1iymmghnBTBTSDHq96dTB
+OBOiv8v+fobwPgU3Z/gylPc6vgSPsKNwwiu8Ac8I/bZETSCHdqAoso53xH3Beib/
+3YIylV7qcAJLlPLN10IiASppInYNnd2CN9VbTHnyM5Kk0mqedfyTYehxPxbGrsce
+axMJO9kKpH4nVtF8RdlV1om+pMCIWLsKYBYkwZnDyR+QkQ32gs/VC5mnezX5G1Cg
+Qz+QFZRP57feejJoCu/N9JrIW5SuGf+MDBumU5AphbwrqKlzAgMBAAGjggPiMIID
+3jASBgNVHRMBAf8ECDAGAQH/AgEAMAsGA1UdDwQEAwIBpjCBrwYDVR0RBIGnMIGk
+gSVjb250YWN0K3JvdW5kY3ViZUBoZXVyZXV4LWN5Y2xhZ2Uub3JnghhtYWlsLmhl
+dXJldXgtY3ljbGFnZS5vcmeCHGNvdXJyaWVsLmhldXJldXgtY3ljbGFnZS5vcmeC
+F3JvdW5kY3ViZS5jeWNsb2Nvb3Aub3JnghJtYWlsLmN5Y2xvY29vcC5vcmeCFmNv
+dXJyaWVsLmN5Y2xvY29vcC5vcmcwHQYDVR0OBBYEFOPaVmy2iqkql3t2c0okyPJt
+kDuyMIGvBgNVHRIEgacwgaSBJWNvbnRhY3Qrcm91bmRjdWJlQGhldXJldXgtY3lj
+bGFnZS5vcmeCGG1haWwuaGV1cmV1eC1jeWNsYWdlLm9yZ4IcY291cnJpZWwuaGV1
+cmV1eC1jeWNsYWdlLm9yZ4IXcm91bmRjdWJlLmN5Y2xvY29vcC5vcmeCEm1haWwu
+Y3ljbG9jb29wLm9yZ4IWY291cnJpZWwuY3ljbG9jb29wLm9yZzCCAZsGA1UdIwSC
+AZIwggGOgBTj2lZstoqpKpd7dnNKJMjybZA7sqGCAWukggFnMIIBYzELMAkGA1UE
+BhMCRlIxHzAdBgNVBAgeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxHzAdBgNVBAce
+FgBSAGgA9ABuAGUALQBBAGwAcABlAHMxGjAYBgNVBAoTEUwnSGV1cmV1eCBDeWNs
+YWdlMRowGAYDVQQLExFTZXJ2aWNlIFJvdW5kY3ViZTEmMCQGA1UEAxMdcm91bmRj
+dWJlLmhldXJldXgtY3ljbGFnZS5vcmcxSzBJBgNVBA8eQgBWADEALgAwACwAIABu
+AGkAIABkAGkAZQB1ACAAbgBpACAAbQBhAO4AdAByAGUAIABuAGkAIABtAG8AdABl
+AHUAcjEnMCUGCysGAQQBgjc8AgEBHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMScw
+JQYLKwYBBAGCNzwCAQIeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxEzARBgsrBgEE
+AYI3PAIBAxMCRlKCByATBSUYF0cwUQYIKwYBBQUHAQEERTBDMEEGCCsGAQUFBzAC
+hjVodHRwOi8vd3d3LmhldXJldXgtY3ljbGFnZS5vcmcveDUwOS9yb3VuZGN1YmUv
+Y3J0LnBlbTBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vd3d3LmhldXJldXgtY3lj
+bGFnZS5vcmcveDUwOS9yb3VuZGN1YmUvY3JsLnBlbTANBgkqhkiG9w0BAQ0FAAOC
+AgEAYn2rWU12Cbw6TAPsqh0f5La2aND1KUIjA34xhNeg+LtOkVPRKvDmHudR3JyI
+/UUAQP+Ia6Xjir/gvIv4y2UncnjRogoE34Vuc3AF2e01pFlkIHVUqv4hKieEqISM
+LS7bJR7Ma6uOjPYxvwAfUU6hKaXpZ8W28LyDccPyMudhy4uxKYgpIN9HlyTI2Oca
+THL2W+jZqsPAOQjBKt8kelzuAh/kPbFQYxPjq42dg3OPcPeGXbSxNIgziC8xDJS2
+p7zFteKUE7nlKgw/NeS858ufM0v4w3vUtt6cJKkgTgZPesbGsN8B+kNUKC2ncrHj
+lsG3v2PWKubCrWsxwvKt5RLNXCms0dDlioEAeEDhUNte1brgMhxYHiUiZESA976C
+DunUcu4EqrEaIgBBTSTVACKpeWv798oar4IBmP2V16SgiabNpSg475TOVqyxzjjl
+bsjZfZMgyc6Y1xgzHdvtexdsdTUcs43P7Pkgp/MMKHu9ya/2uj3BiKOEyE0cklsa
+hWQgwIXwXuRpqjjh/M5JGmWL2pJs5WtNuvEgEfZ3oyu9uZNROJu20MCSMa+Lemuu
+5Ezc/muyjd0uj1dEOgxA6wa3Ta4ANq+k+l92MfW66pGiIgcrAkR6B19gRLyZADE5
+/fQu8z3YBo5HDaRO6Whg15oS1k13uL3dRRYhlax3cVyEgCE=
+-----END CERTIFICATE-----
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/crt.self-signed.pem.asc b/var/pub/x509/roundcube.heureux-cyclage.org/crt.self-signed.pem.asc
new file mode 100644 (file)
index 0000000..3572565
--- /dev/null
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+iQIcBAABCgAGBQJRoOQrAAoJEF4nGc9w/oqesAIP+QH1/sGwjzPUy8hPe9ouVBJ7
+9Qcz7vZcKYB9fZCzsFcXc4QknpKs20JxT8BImzrfQ4wuzKpHdEE30RCrN2Hh3OwJ
+pwNFRAdpMfA/Lnj2ss3Y0fjhvskpCxArnoWwkxJaBnbCz0eRfrmrvAzS3lf46Pk4
++k8NMZJ0S2wVsyzg+2Q/EMINf4nHy/mLZpZecfukC7cDFgKEuV2KFdcTclyZfT8P
+hqTG5TwVeWi1TyeFtgV9Qbf2ftvuttoayL6wZjxsbvj5rk9ULiBqAqEFZowHWHZK
+EcgAWKcZZkJX1IeBEHTqf+s5SotaYp+9bJ9kUWGIl2k5v8QMzltOK9hjCIa4vUBt
+qZtoNP6ZJAwoITNbbwMD3sBlTvNmtXTkPCBh4lbYQzy+g1i5+VbGSxBJkOm6X8RQ
+w8ayfxynrM4sfN4U/fQuN7Aptf2V4GC87uXWlxHwnwXGzNs8q02aDvA3WbPzjVbN
+rHJXzlIH7Ze02hUq3OPPYgKWM+/SBItdcsfYUHj+Ww+xNjMoEyWgB8Pw2+EWUX2h
+bU1OHK1RCXeCbuu2Ld8OqCOgUmQ1XhWg2JuQyMHH3HPRzkFrFeqzxf5l5hYBDEtP
+fcZdE8Fp9/ZmPmqlH6LQtXBlwFRG2Eq/3thUIWiQWvFEaiHfqDJqqtXKygDLbuBN
+b61phlPLiuv67+GepZZW
+=PS4O
+-----END PGP SIGNATURE-----
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/idx.self-signed.txt b/var/pub/x509/roundcube.heureux-cyclage.org/idx.self-signed.txt
new file mode 100644 (file)
index 0000000..e69de29
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/idx.txt b/var/pub/x509/roundcube.heureux-cyclage.org/idx.txt
new file mode 100644 (file)
index 0000000..e69de29
diff --git a/var/pub/x509/roundcube.heureux-cyclage.org/req.pem b/var/pub/x509/roundcube.heureux-cyclage.org/req.pem
new file mode 100644 (file)
index 0000000..7f6fc4d
--- /dev/null
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIFqjCCA5ICAQAwggFjMQswCQYDVQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0AG4A
+ZQAtAEEAbABwAGUAczEfMB0GA1UEBx4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEa
+MBgGA1UEChMRTCdIZXVyZXV4IEN5Y2xhZ2UxGjAYBgNVBAsTEVNlcnZpY2UgUm91
+bmRjdWJlMSYwJAYDVQQDEx1yb3VuZGN1YmUuaGV1cmV1eC1jeWNsYWdlLm9yZzFL
+MEkGA1UEDx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBlAHUAIABuAGkAIABtAGEA
+7gB0AHIAZQAgAG4AaQAgAG0AbwB0AGUAdQByMScwJQYLKwYBBAGCNzwCAQEeFgBS
+AGgA9ABuAGUALQBBAGwAcABlAHMxJzAlBgsrBgEEAYI3PAIBAh4WAFIAaAD0AG4A
+ZQAtAEEAbABwAGUAczETMBEGCysGAQQBgjc8AgEDEwJGUjCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBANMsK3kY763cKC5Ddpueeq4qGpr6MZ2aFqxWEr7a
+twwKzbe7xYAS2VGVKmR014qGKU9VoK2bDaBbfuYYiSnX0MFRhhRwLBc8b5PFAbWR
+yMWTyqokbr4LxK4omjAnPHsDni5vbsWapoBy+3FlftlkfxOY2anNEmPeT0apDbiG
+b7LOzaJXuGZAmIN+s25rvDRXs+BBKp15LiLSlywRAt1AfsaH/BVMTb/I19iyL9T8
+8JZpmEg9GckBvWDpgiHvFNEu1e3moFi1M5Tska8gVCu9o7iXHrwc5t0qXX6oW0Pi
+MBUgJNyP8ITbmSk6QRVuQZ+svZAunUOSNDSL3a+lCDE7w5o9YGGPOiPnYRICq1fc
+qx4XVavrbswUsMeVlh1sNEZfQbBPMBrZS8DcIVaszcVAfnwFP/YPpNgnATifIKt1
+iymmghnBTBTSDHq96dTBOBOiv8v+fobwPgU3Z/gylPc6vgSPsKNwwiu8Ac8I/bZE
+TSCHdqAoso53xH3Beib/3YIylV7qcAJLlPLN10IiASppInYNnd2CN9VbTHnyM5Kk
+0mqedfyTYehxPxbGrsceaxMJO9kKpH4nVtF8RdlV1om+pMCIWLsKYBYkwZnDyR+Q
+kQ32gs/VC5mnezX5G1CgQz+QFZRP57feejJoCu/N9JrIW5SuGf+MDBumU5Aphbwr
+qKlzAgMBAAGgADANBgkqhkiG9w0BAQ0FAAOCAgEApbLTb8+kjoBX6Alj71fsdSig
+BTNZqu6RRKooETV70dFebWMRo8v6MgJn8CGcPqQTLeFNuxWjAZjEq0nXM+Z8LzSN
+tgOHf9JK398jcWCCA2rzWvaH76y1d51lxIaSUIk/0sCm3SWssIXjwSoAOHoCTT7D
+Dt1Us5aB8Sj/aMoh3YmuIoiZwvvTgl24IzCNSLD0inbcscU7cQARIWzWyBMeA1c2
+odU8Frk7ijQjR5DRrUnkkYD0QouDKCAH5xWgiIjlq36JLg2nv6audhhSTkop3rlm
+ks6gSVNcqfQI8AkGxNqejDI94xIHuhLg+7lCE00NlY7vyXQzlEdsby63xaU+AFxK
+6tda7O/MfRfnad8GGLgQBOLDB0+0d0543Gj1ma/T0MlPLmsKTNZKHyTGZfMNbiQ0
+SA599/r8pZnnsMFEusqT1LCKdjh2O/Rn1lVsg96LV9SarePi9xXNCI8B0bOee4kf
+iQbhO1iy9D929/qW9UG+mrvZlKPFbhJHA5ZpF1CDCOYiyg48ti/8Z918lg2Q1Baw
+mMaMgRanNFsGeEvvnDoxpaLwakAFEon66jgSkJPE1BScQGWfBnCUwPyk4q6BTOau
+gfjCwAZq4TH3t27TAp5wzVpxztXtwjKatHKxatJnGDDsB2W6olbguQjRDXDx7yOt
+y9/D/SlqaUZWH54DtH4=
+-----END CERTIFICATE REQUEST-----
diff --git a/var/pub/x509/smtp.cyclocoop.org b/var/pub/x509/smtp.cyclocoop.org
new file mode 120000 (symlink)
index 0000000..f117528
--- /dev/null
@@ -0,0 +1 @@
+smtp.heureux-cyclage.org
\ No newline at end of file
diff --git a/var/pub/x509/smtpd.cyclocoop.org b/var/pub/x509/smtpd.cyclocoop.org
new file mode 120000 (symlink)
index 0000000..bde2604
--- /dev/null
@@ -0,0 +1 @@
+smtpd.heureux-cyclage.org
\ No newline at end of file
index 617ffdb..a2a31b9 100644 (file)
@@ -7,17 +7,17 @@ dXgtY3ljbGFnZS5vcmcxSzBJBgNVBA8eQgBWADEALgAwACwAIABuAGkAIABkAGkA
 ZQB1ACAAbgBpACAAbQBhAO4AdAByAGUAIABuAGkAIABtAG8AdABlAHUAcjEnMCUG
 CysGAQQBgjc8AgEBHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMScwJQYLKwYBBAGC
 NzwCAQIeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxEzARBgsrBgEEAYI3PAIBAxMC
-RlIXDTEzMDMyNjA4NDQ1NVoXDTIzMDMyNzA4NDQ1NVqgDjAMMAoGA1UdFAQDAgEA
-MA0GCSqGSIb3DQEBDQUAA4ICAQB6r1Of2dPeIgPs+fmt9Zd9vgTvaS3Z8EPg99qS
-E4wt2Wvlgf97dNZfx/QAfrrRs0Ija+YvopCzVQLehAs6WHschzDjxTZAtvhSLtk9
-oPG4nuKz2cUNa170VK0wWiGsdaG0Sp2EZNGMOtg9fBwDCqoixq+EuME0PIeTi6Ue
-wdYSwhQNLSMc3m7Uj/QAFfNmTavPF1fE1iQDWpsuYYPDGaV7WassvaJda/uKU/rq
-I6rJjM/4q3ubjLunQRl9FcnNarPt3VkoAmsAXHtcrB84p/rvhTta1QwtEor/o5TG
-X9vNAgMBmDMxkLSSnRDi8FtUuSs3LL9eVypoZzFUqSYcZB09hOY8X6+rUVy+FiJV
-QhjAqm5pLraaZEGeCxQN8L2vTmWf90wWbSx5xEmH6AQ4MnL7tuRZfMflL7vMrxea
-lVO3n0gmql1EOs7pHCyYqOWpZ48xQQ4VJmu9lR8plX+zWaAChbK6+euPdWGphItU
-HQTRpkgS9/kLU3qK4ifqtkfaJfXPaHeIK2C70hHeuIsEwHcRdYuWhUKsh+QB3pie
-qHofsxF+gnumzQr/59yj5guAlQi1oQobx4Za81vwrx+B8c6FQSoFl1Y5dLeHnayD
-rl18WhjXd4xesaG0rBSef8YofTQEf2IBy1zsjg2mZ/0a0EtEHwbEN8W9kBgg/vbX
-pYCNvg==
+RlIXDTEzMDcxNDExNDUxMVoXDTIzMDcxNTExNDUxMVqgDjAMMAoGA1UdFAQDAgEA
+MA0GCSqGSIb3DQEBDQUAA4ICAQBf1tyViX5KyKr+2IqYjP921V38S+dLqmTBpr7/
+sTVDjOgnZzX+e4hksjoNgkiHrnUjbQJhB+rw5FO9WtqyLiEgRXG5yi3Oab2Osazz
+MfYc47vLYQHMjeik1xO+2jl6XxDtLNW8eMIwyqW+HcOueLCgrwRSW5x2ws/9BK3c
++cocC2az/wf0M5iigpDiwl5ladp6mzvXLazk2WHySJ+yhHSPOZBCFk55/kGk6MTM
+Tx9XJXTSZkluAmpgRIzWma+PAdkYr89JF9hd9EXuRv6y03LIRlmpH1ErNlNVX3tG
+rK+w6R9538avwPvEEea/VzOryE2uMiDdQBRc4K8liWf9roUBcNKQ/TM2127fKOQE
+kEwISvh8+431RxNtQ5ALdD/r6CyqAYKPIM0J+Mt6s0phNTQqjXOcdtO4N26CTdaw
+mIDxrB4LhVFBfcw07suQadHBpprr9NDN6naltC/rGjUmQF592899Bjbs5wjlzu3w
+3M8kRUMV+ZRaf5ooVrgNfoKmKKF5n62wlxd7FYL4lJxGxAseF/cBI4M194vWzJpM
+iDku1pKanHWiJnxNiBsPHg3jRCWij+keYHKMSZWb1GRJ/korj9w0Gc3FdggVIpQ9
+l0KiiJSq9cDABt/zXVnHY6gRACc/0N/ZTalOa29jx1QpGCgtdKTm4BqMGR8s1J+5
+gq6TCw==
 -----END X509 CRL-----
index 6d16f48..e2b1cfd 100644 (file)
@@ -7,17 +7,17 @@ dXgtY3ljbGFnZS5vcmcxSzBJBgNVBA8eQgBWADEALgAwACwAIABuAGkAIABkAGkA
 ZQB1ACAAbgBpACAAbQBhAO4AdAByAGUAIABuAGkAIABtAG8AdABlAHUAcjEnMCUG
 CysGAQQBgjc8AgEBHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMScwJQYLKwYBBAGC
 NzwCAQIeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxEzARBgsrBgEEAYI3PAIBAxMC
-RlIXDTEzMDMyNjA4NDQ1NloXDTIzMDMyNzA4NDQ1NlqgDjAMMAoGA1UdFAQDAgEA
-MA0GCSqGSIb3DQEBDQUAA4ICAQCwGwV/5NUZSFJpKhz+ByIpdwG7bzxxqNEvG73e
-68DjeBtgHmD5qdU7jnRLbVoXB68k1p1s3+YbeajOjjXRv3JXDTR1meweZoWlnJmu
-OfCpvBC74p2+jm/4sZc1a/fMI6pkxWmPpWm9VVhBTFHAuC1p/xi/wJjRkXAc7C0F
-41k2nyF4liMCN1MqNF3LqquvNEpCIdpC4ZaYbnG+6wVXOuXkE+fyZfGnsSOsZYLD
-LpBWukBzWhlNzgwsYzk9b3DoU/+EClJwarHYnZ920kHla9ZfsBRqf3NlL+iZsMOA
-pKVdMW3IKTH2gGsdg7KsYv4sSiMy6Hw0CaivASNaHYQO4R9y941y18ncUX9QCek8
-f82QVW3DmXEFJ2u9D5OcuoPuD1rnrC3BrrGVd7ipmd2dM1jMHnMKcPmB3Wf3a6br
-+Aca1/Q1UqPB5EqgAsZod+/McpgbkmqqNt24SGTUxMpkUB0/zlpXcNNnBuTdfAaq
-ijq5SJjqpupGZzzjhzcYvExYwDqGCDlh2+32vcQ7hk67XtobLZCGrLrUGEQtN+e+
-Y0UxjN8r4jaBwFYIc6zWkfw63HDw7gDRgXXS4F29+uPfs7pAZfQONDXcfyX8cBle
-3LNc1b96xXe04ZSviB9UikabiYOi1f7uSv77YVNvBs+mKPsYvvsAE15uX+b+fkDA
-yACynA==
+RlIXDTEzMDcxNDExNDUxMloXDTIzMDcxNTExNDUxMlqgDjAMMAoGA1UdFAQDAgEA
+MA0GCSqGSIb3DQEBDQUAA4ICAQAp+4js43KcqFoL8F75DsmN05gugMpsA/9Q+Qku
+jS12F0wixoTmIy8SZXSwiXxpS7rZFnHFWLyvo7PkJ0CGP8B4zlZ0R+eTbn295bFb
+58AW7+kaFR6214v9frTutssaIs9rwYjVSPZzsSvjRkr0SY5NsG6/oYtfqBBpsoOG
+TK50nJUA05SDUTESA0E1jnvkNborHwPkEOW94q4kh2Mv+eacTbyKcqBe3Fdtx/BV
+zjQAYC0R34wqWhLLNUq2ux020XWOzKoCQ7kroz1IHHsUsFff6DE+LncguaRx788j
+83Xoq2sE5BbD93O2osCovn/0Gc2yZj2YCPqUrkApIJ1S1mtLcHOPWwlMBZF/eeZp
+sPHFoYPxMnYZaSDVl9Hevqjo0J805O8CBZWRcvA0e/xJcA6iW5zybGksS3h4x0uB
+7SgqbzoKFXhGINn76zRE5C1I1ngQ+E+D1ckRRJzrhLqrKeZUeCUxfgwMibdxBbkd
+a43lCenhkct4SkB2FQVE9cFSZg7OhKOCqgfwYUJ7ap2rj0sS1OmcU3KVmebDnlub
+YBK3BQvT6sO8A7B+MU3ACd1odZg/22Kq5yYiRIWEAlMsMCq/pmLaXFX1o6ZaZ41q
+HzHR7oVxFHos36DPgfkJ0yDFCql6ijARmdCjd3zYCJz5Y9oC0FMNiWAYY/gWsVya
+ZolpHw==
 -----END X509 CRL-----
index 305c82c..1f2c569 100644 (file)
@@ -1,12 +1,12 @@
 -----BEGIN CERTIFICATE-----
-MIIKNzCCCB+gAwIBAgIHIBMDJglEVTANBgkqhkiG9w0BAQ0FADCCARUxHDAaBgNV
+MIIKwDCCCKigAwIBAgIHIBMHFBNFCDANBgkqhkiG9w0BAQ0FADCCARUxHDAaBgNV
 BAMTE2hldXJldXgtY3ljbGFnZS5vcmcxCzAJBgNVBAYTAkZSMQwwCgYDVQQrEwNM
 SEMxGjAYBgNVBAoTEUwnSGV1cmV1eCBDeWNsYWdlMVcwVQYDVQQLHk4AQQBuAHQA
 aQAtAGEAdQB0AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQA
 aQBvAG4AIABwAHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTY5MDAxMR8wHQYDVQQI
 HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQJExYxMCBydWUgU2FpbnQg
-UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0MB4XDTEzMDMyNjA4NDQ1NVoX
-DTIzMDMyNzA4NDQ1NVowggFkMQswCQYDVQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0
+UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0MB4XDTEzMDcxNDExNDUwOFoX
+DTIzMDcxNTExNDUwOFowggFkMQswCQYDVQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0
 AG4AZQAtAEEAbABwAGUAczEfMB0GA1UEBx4WAFIAaAD0AG4AZQAtAEEAbABwAGUA
 czEaMBgGA1UEChMRTCdIZXVyZXV4IEN5Y2xhZ2UxHzAdBgNVBAsTFlNlcnZpY2Ug
 U01UUCAoc2VydmV1cikxIjAgBgNVBAMTGXNtdHBkLmhldXJldXgtY3ljbGFnZS5v
@@ -25,35 +25,38 @@ kH8+JHqBokCk3xhgC6xlG8mBWm6315Uv8EjJO6mPFGcbVuRl9GHanc9dI4URT6C8
 OYtso0+ZoaZAgaSlh0C2giVW1QSc4mms9DJsHHMlOEt9EiY3UQwCtqhlCtg300W4
 yEoxS+JJ6sVbwAhCO82xc+08cm4mZa7e6iqcRK3NsRW9ndQroJWxgixnolFxXomA
 1QtC11MsjDZzaLxW9qhRbPOH8eNFQkZnd9H1XLrnCDkuDRNoh6zjpdY1iMBylo3G
-ITKobi2iwQIDAQABo4IDNzCCAzMwEgYDVR0TAQH/BAgwBgEB/wIBADALBgNVHQ8E
-BAMCAaYwgZ4GA1UdEQSBljCBk4EhY29udGFjdCtzbXRwZEBoZXVyZXV4LWN5Y2xh
-Z2Uub3JnghlzbXRwZC5oZXVyZXV4LWN5Y2xhZ2Uub3JnghhzbXRwLmhldXJldXgt
-Y3ljbGFnZS5vcmeCHnN1Ym1pc3Npb24uaGV1cmV1eC1jeWNsYWdlLm9yZ4IZc210
-cHMuaGV1cmV1eC1jeWNsYWdlLm9yZzAdBgNVHQ4EFgQUmdzYkb/M7UH4d+L9iZf/
-f8tvZ9AwJgYDVR0SBB8wHYEbY29udGFjdEBoZXVyZXV4LWN5Y2xhZ2Uub3JnMIIB
-TQYDVR0jBIIBRDCCAUCAFNBAROiT4WT3CglAwG2DZ7y3ue1KoYIBHaSCARkwggEV
-MRwwGgYDVQQDExNoZXVyZXV4LWN5Y2xhZ2Uub3JnMQswCQYDVQQGEwJGUjEMMAoG
-A1UEKxMDTEhDMRowGAYDVQQKExFMJ0hldXJldXggQ3ljbGFnZTFXMFUGA1UECx5O
-AEEAbgB0AGkALQBhAHUAdABvAHIAaQB0AOkAIABkAGUAIABjAGUAcgB0AGkAZgBp
-AGMAYQB0AGkAbwBuACAAcAByAGkAbQBhAGkAcgBlMQ4wDAYDVQQREwU2OTAwMTEf
-MB0GA1UECB4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEfMB0GA1UECRMWMTAgcnVl
-IFNhaW50IFBvbHljYXJwZTETMBEGA1UEFB4KAG4A6QBhAG4AdIIHIBMDJgk4MTBH
-BggrBgEFBQcBAQQ7MDkwNwYIKwYBBQUHMAKGK2h0dHA6Ly93d3cuaGV1cmV1eC1j
-eWNsYWdlLm9yZy94NTA5L2NydC5wZW0wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDov
-L3d3dy5oZXVyZXV4LWN5Y2xhZ2Uub3JnL3g1MDkvc210cGQvY3JsLnBlbTBKBgNV
-HSAEQzBBMD8GBSqBegEqMDYwNAYIKwYBBQUHAgEWKGh0dHBzOi8vd3d3LmhldXJl
-dXgtY3ljbGFnZS5vcmcveDUwOS9jcHMwDQYJKoZIhvcNAQENBQADggIBAF5xV9UE
-GkW/b/GC05uoz/86j+bICFAU+jL4ex05Qs3tfeG1Aob8qtY2vxKuG2i062Iex4Bz
-jIdRmz9tvILX3I7Q3taR0uxEBkZuu4leb/5dOB2cu5o2U1FnmmDf/roW0UG0CcNk
-oapa5MEEqQ3DDNJUjxnFgsaNSLBSIVnvle9lsyG89TOx68VYgcnjW0dqufV1IZEn
-D3ml6OMhaX2xHpAYDYkpnQmvanXDw/dvnUvnk8hWf2Kt/QQmpBNgk2oAw6GQB9ai
-xmiE+LClBPPMQZ5kFAo3ZqfuhEnPkDCpwll/P3yxJculENRcdgFyZqKpYyVrMTuo
-enGiup16hRcepQomheuEsNcC/xFFuZobAf7RO80/vejEwezgtL5/4HkVRh8v/yM6
-21SFyI3yvGqdj3lVhAcmRIrdYpHZ8HHz5Lhpw1AAm0vo2eBrr/ZsvpVSs2ZibK9N
-KvQeYeaTtgbfBCZoS8U38QmkkdHjZnUzdlzsfDAPu01iiQOK/5d65xe7F9VynBYe
-NWxDYjUXT9AoGnqqexjIgZEB7EH9F1xRDqvTWkEKG7Tra4pgOeTiZAHy6w+/gJV/
-oxNikWYGEsiK8fEt31u9VCk+OaJKIfk+LnZAict7eGpnoTCQpHCm18qvUxI6YbSU
-602EnS3+xY1X5xqKx2A/isSMzoYDPhYn39dH
+ITKobi2iwQIDAQABo4IDwDCCA7wwEgYDVR0TAQH/BAgwBgEB/wIBADALBgNVHQ8E
+BAMCAaYwggEmBgNVHREEggEdMIIBGYEhY29udGFjdCtzbXRwZEBoZXVyZXV4LWN5
+Y2xhZ2Uub3JnghlzbXRwZC5oZXVyZXV4LWN5Y2xhZ2Uub3JnghhzbXRwLmhldXJl
+dXgtY3ljbGFnZS5vcmeCHnN1Ym1pc3Npb24uaGV1cmV1eC1jeWNsYWdlLm9yZ4IZ
+c210cHMuaGV1cmV1eC1jeWNsYWdlLm9yZ4IYbWFpbC5oZXVyZXV4LWN5Y2xhZ2Uu
+b3JnghNzbXRwZC5jeWNsb2Nvb3Aub3JnghJzbXRwLmN5Y2xvY29vcC5vcmeCGHN1
+Ym1pc3Npb24uY3ljbG9jb29wLm9yZ4ITc210cHMuY3ljbG9jb29wLm9yZ4ISbWFp
+bC5jeWNsb2Nvb3Aub3JnMB0GA1UdDgQWBBSZ3NiRv8ztQfh34v2Jl/9/y29n0DAm
+BgNVHRIEHzAdgRtjb250YWN0QGhldXJldXgtY3ljbGFnZS5vcmcwggFNBgNVHSME
+ggFEMIIBQIAU0EBE6JPhZPcKCUDAbYNnvLe57UqhggEdpIIBGTCCARUxHDAaBgNV
+BAMTE2hldXJldXgtY3ljbGFnZS5vcmcxCzAJBgNVBAYTAkZSMQwwCgYDVQQrEwNM
+SEMxGjAYBgNVBAoTEUwnSGV1cmV1eCBDeWNsYWdlMVcwVQYDVQQLHk4AQQBuAHQA
+aQAtAGEAdQB0AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQA
+aQBvAG4AIABwAHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTY5MDAxMR8wHQYDVQQI
+HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQJExYxMCBydWUgU2FpbnQg
+UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0ggcgEwMmCTgxMEcGCCsGAQUF
+BwEBBDswOTA3BggrBgEFBQcwAoYraHR0cDovL3d3dy5oZXVyZXV4LWN5Y2xhZ2Uu
+b3JnL3g1MDkvY3J0LnBlbTBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vd3d3Lmhl
+dXJldXgtY3ljbGFnZS5vcmcveDUwOS9zbXRwZC9jcmwucGVtMEoGA1UdIARDMEEw
+PwYFKoF6ASowNjA0BggrBgEFBQcCARYoaHR0cHM6Ly93d3cuaGV1cmV1eC1jeWNs
+YWdlLm9yZy94NTA5L2NwczANBgkqhkiG9w0BAQ0FAAOCAgEArUoLsfL3fC/XALEh
+0aSHhAzh4fw9Q7yPY7bsNI33jxnIEgayl/kBbenqdCC4xT8R6aR3anslKw0Fuc/1
+K35ql8AmID2z0nmbtG19s5T0EtsG6v/q77sMYi9uqg3mO50atWOsdVvsA3bqTiOR
+VSI7f/ivQrQlZpHyyxPPB7CoaMsJ4/NDPXDVgfMRZ03ejC4uGV6Fei++bTBEWMSt
+G4LrCyPDdCLdvDPL9b3t62MnrKuDJN2cdC3h6DiBCiXoHR4XSW/MsJt0jvg7ix72
+qFJHAi/7CursB04a6luD0sLKPIKAlzTlwe3E5saBtup8L22fD+bj3QfO+2Ocd96I
+3qWwptHpm42smPkfsPHC7X8Z9nsLhcXKOaDd4Qv79144jLv3X/f61G557KG3g8mS
+7qKUJQPDC5mcjjHHjh3v34FUplAsOhcmmeF8KjzqDE9LCGYjag9cnccYLM6z2fdJ
+q27hGAFEpGDMFNskk50SzG22oVnZcX2Mjx2uT1k7sOBXTZbWb1FFcS7h9qSInRBD
+QBRFdTUci0Ok5KFKkRZ5YYxJK4e1/wdKTI17jMa4tBo4b9WX/yRci/zOml17DgVZ
+FGNLanf8vIMRz/6jEj75Co/i13Xj3vI/+FAL8DjObgNftxDdyz25uEIAiM3QEdLD
+EjM1OloNekaag+ufrjp3AhjGLQ8=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIJHTCCBwWgAwIBAgIHIBMDJgk4MTANBgkqhkiG9w0BAQ0FADCCARUxHDAaBgNV
index 9f39e8b..1edaba1 100644 (file)
@@ -1,12 +1,12 @@
 -----BEGIN CERTIFICATE-----
-MIIKNzCCCB+gAwIBAgIHIBMDJglEVTANBgkqhkiG9w0BAQ0FADCCARUxHDAaBgNV
+MIIKwDCCCKigAwIBAgIHIBMHFBNFCDANBgkqhkiG9w0BAQ0FADCCARUxHDAaBgNV
 BAMTE2hldXJldXgtY3ljbGFnZS5vcmcxCzAJBgNVBAYTAkZSMQwwCgYDVQQrEwNM
 SEMxGjAYBgNVBAoTEUwnSGV1cmV1eCBDeWNsYWdlMVcwVQYDVQQLHk4AQQBuAHQA
 aQAtAGEAdQB0AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQA
 aQBvAG4AIABwAHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTY5MDAxMR8wHQYDVQQI
 HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQJExYxMCBydWUgU2FpbnQg
-UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0MB4XDTEzMDMyNjA4NDQ1NVoX
-DTIzMDMyNzA4NDQ1NVowggFkMQswCQYDVQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0
+UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0MB4XDTEzMDcxNDExNDUwOFoX
+DTIzMDcxNTExNDUwOFowggFkMQswCQYDVQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0
 AG4AZQAtAEEAbABwAGUAczEfMB0GA1UEBx4WAFIAaAD0AG4AZQAtAEEAbABwAGUA
 czEaMBgGA1UEChMRTCdIZXVyZXV4IEN5Y2xhZ2UxHzAdBgNVBAsTFlNlcnZpY2Ug
 U01UUCAoc2VydmV1cikxIjAgBgNVBAMTGXNtdHBkLmhldXJldXgtY3ljbGFnZS5v
@@ -25,35 +25,38 @@ kH8+JHqBokCk3xhgC6xlG8mBWm6315Uv8EjJO6mPFGcbVuRl9GHanc9dI4URT6C8
 OYtso0+ZoaZAgaSlh0C2giVW1QSc4mms9DJsHHMlOEt9EiY3UQwCtqhlCtg300W4
 yEoxS+JJ6sVbwAhCO82xc+08cm4mZa7e6iqcRK3NsRW9ndQroJWxgixnolFxXomA
 1QtC11MsjDZzaLxW9qhRbPOH8eNFQkZnd9H1XLrnCDkuDRNoh6zjpdY1iMBylo3G
-ITKobi2iwQIDAQABo4IDNzCCAzMwEgYDVR0TAQH/BAgwBgEB/wIBADALBgNVHQ8E
-BAMCAaYwgZ4GA1UdEQSBljCBk4EhY29udGFjdCtzbXRwZEBoZXVyZXV4LWN5Y2xh
-Z2Uub3JnghlzbXRwZC5oZXVyZXV4LWN5Y2xhZ2Uub3JnghhzbXRwLmhldXJldXgt
-Y3ljbGFnZS5vcmeCHnN1Ym1pc3Npb24uaGV1cmV1eC1jeWNsYWdlLm9yZ4IZc210
-cHMuaGV1cmV1eC1jeWNsYWdlLm9yZzAdBgNVHQ4EFgQUmdzYkb/M7UH4d+L9iZf/
-f8tvZ9AwJgYDVR0SBB8wHYEbY29udGFjdEBoZXVyZXV4LWN5Y2xhZ2Uub3JnMIIB
-TQYDVR0jBIIBRDCCAUCAFNBAROiT4WT3CglAwG2DZ7y3ue1KoYIBHaSCARkwggEV
-MRwwGgYDVQQDExNoZXVyZXV4LWN5Y2xhZ2Uub3JnMQswCQYDVQQGEwJGUjEMMAoG
-A1UEKxMDTEhDMRowGAYDVQQKExFMJ0hldXJldXggQ3ljbGFnZTFXMFUGA1UECx5O
-AEEAbgB0AGkALQBhAHUAdABvAHIAaQB0AOkAIABkAGUAIABjAGUAcgB0AGkAZgBp
-AGMAYQB0AGkAbwBuACAAcAByAGkAbQBhAGkAcgBlMQ4wDAYDVQQREwU2OTAwMTEf
-MB0GA1UECB4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEfMB0GA1UECRMWMTAgcnVl
-IFNhaW50IFBvbHljYXJwZTETMBEGA1UEFB4KAG4A6QBhAG4AdIIHIBMDJgk4MTBH
-BggrBgEFBQcBAQQ7MDkwNwYIKwYBBQUHMAKGK2h0dHA6Ly93d3cuaGV1cmV1eC1j
-eWNsYWdlLm9yZy94NTA5L2NydC5wZW0wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDov
-L3d3dy5oZXVyZXV4LWN5Y2xhZ2Uub3JnL3g1MDkvc210cGQvY3JsLnBlbTBKBgNV
-HSAEQzBBMD8GBSqBegEqMDYwNAYIKwYBBQUHAgEWKGh0dHBzOi8vd3d3LmhldXJl
-dXgtY3ljbGFnZS5vcmcveDUwOS9jcHMwDQYJKoZIhvcNAQENBQADggIBAF5xV9UE
-GkW/b/GC05uoz/86j+bICFAU+jL4ex05Qs3tfeG1Aob8qtY2vxKuG2i062Iex4Bz
-jIdRmz9tvILX3I7Q3taR0uxEBkZuu4leb/5dOB2cu5o2U1FnmmDf/roW0UG0CcNk
-oapa5MEEqQ3DDNJUjxnFgsaNSLBSIVnvle9lsyG89TOx68VYgcnjW0dqufV1IZEn
-D3ml6OMhaX2xHpAYDYkpnQmvanXDw/dvnUvnk8hWf2Kt/QQmpBNgk2oAw6GQB9ai
-xmiE+LClBPPMQZ5kFAo3ZqfuhEnPkDCpwll/P3yxJculENRcdgFyZqKpYyVrMTuo
-enGiup16hRcepQomheuEsNcC/xFFuZobAf7RO80/vejEwezgtL5/4HkVRh8v/yM6
-21SFyI3yvGqdj3lVhAcmRIrdYpHZ8HHz5Lhpw1AAm0vo2eBrr/ZsvpVSs2ZibK9N
-KvQeYeaTtgbfBCZoS8U38QmkkdHjZnUzdlzsfDAPu01iiQOK/5d65xe7F9VynBYe
-NWxDYjUXT9AoGnqqexjIgZEB7EH9F1xRDqvTWkEKG7Tra4pgOeTiZAHy6w+/gJV/
-oxNikWYGEsiK8fEt31u9VCk+OaJKIfk+LnZAict7eGpnoTCQpHCm18qvUxI6YbSU
-602EnS3+xY1X5xqKx2A/isSMzoYDPhYn39dH
+ITKobi2iwQIDAQABo4IDwDCCA7wwEgYDVR0TAQH/BAgwBgEB/wIBADALBgNVHQ8E
+BAMCAaYwggEmBgNVHREEggEdMIIBGYEhY29udGFjdCtzbXRwZEBoZXVyZXV4LWN5
+Y2xhZ2Uub3JnghlzbXRwZC5oZXVyZXV4LWN5Y2xhZ2Uub3JnghhzbXRwLmhldXJl
+dXgtY3ljbGFnZS5vcmeCHnN1Ym1pc3Npb24uaGV1cmV1eC1jeWNsYWdlLm9yZ4IZ
+c210cHMuaGV1cmV1eC1jeWNsYWdlLm9yZ4IYbWFpbC5oZXVyZXV4LWN5Y2xhZ2Uu
+b3JnghNzbXRwZC5jeWNsb2Nvb3Aub3JnghJzbXRwLmN5Y2xvY29vcC5vcmeCGHN1
+Ym1pc3Npb24uY3ljbG9jb29wLm9yZ4ITc210cHMuY3ljbG9jb29wLm9yZ4ISbWFp
+bC5jeWNsb2Nvb3Aub3JnMB0GA1UdDgQWBBSZ3NiRv8ztQfh34v2Jl/9/y29n0DAm
+BgNVHRIEHzAdgRtjb250YWN0QGhldXJldXgtY3ljbGFnZS5vcmcwggFNBgNVHSME
+ggFEMIIBQIAU0EBE6JPhZPcKCUDAbYNnvLe57UqhggEdpIIBGTCCARUxHDAaBgNV
+BAMTE2hldXJldXgtY3ljbGFnZS5vcmcxCzAJBgNVBAYTAkZSMQwwCgYDVQQrEwNM
+SEMxGjAYBgNVBAoTEUwnSGV1cmV1eCBDeWNsYWdlMVcwVQYDVQQLHk4AQQBuAHQA
+aQAtAGEAdQB0AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQA
+aQBvAG4AIABwAHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTY5MDAxMR8wHQYDVQQI
+HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQJExYxMCBydWUgU2FpbnQg
+UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0ggcgEwMmCTgxMEcGCCsGAQUF
+BwEBBDswOTA3BggrBgEFBQcwAoYraHR0cDovL3d3dy5oZXVyZXV4LWN5Y2xhZ2Uu
+b3JnL3g1MDkvY3J0LnBlbTBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vd3d3Lmhl
+dXJldXgtY3ljbGFnZS5vcmcveDUwOS9zbXRwZC9jcmwucGVtMEoGA1UdIARDMEEw
+PwYFKoF6ASowNjA0BggrBgEFBQcCARYoaHR0cHM6Ly93d3cuaGV1cmV1eC1jeWNs
+YWdlLm9yZy94NTA5L2NwczANBgkqhkiG9w0BAQ0FAAOCAgEArUoLsfL3fC/XALEh
+0aSHhAzh4fw9Q7yPY7bsNI33jxnIEgayl/kBbenqdCC4xT8R6aR3anslKw0Fuc/1
+K35ql8AmID2z0nmbtG19s5T0EtsG6v/q77sMYi9uqg3mO50atWOsdVvsA3bqTiOR
+VSI7f/ivQrQlZpHyyxPPB7CoaMsJ4/NDPXDVgfMRZ03ejC4uGV6Fei++bTBEWMSt
+G4LrCyPDdCLdvDPL9b3t62MnrKuDJN2cdC3h6DiBCiXoHR4XSW/MsJt0jvg7ix72
+qFJHAi/7CursB04a6luD0sLKPIKAlzTlwe3E5saBtup8L22fD+bj3QfO+2Ocd96I
+3qWwptHpm42smPkfsPHC7X8Z9nsLhcXKOaDd4Qv79144jLv3X/f61G557KG3g8mS
+7qKUJQPDC5mcjjHHjh3v34FUplAsOhcmmeF8KjzqDE9LCGYjag9cnccYLM6z2fdJ
+q27hGAFEpGDMFNskk50SzG22oVnZcX2Mjx2uT1k7sOBXTZbWb1FFcS7h9qSInRBD
+QBRFdTUci0Ok5KFKkRZ5YYxJK4e1/wdKTI17jMa4tBo4b9WX/yRci/zOml17DgVZ
+FGNLanf8vIMRz/6jEj75Co/i13Xj3vI/+FAL8DjObgNftxDdyz25uEIAiM3QEdLD
+EjM1OloNekaag+ufrjp3AhjGLQ8=
 -----END CERTIFICATE-----
 -----BEGIN X509 CRL-----
 MIIDwDCCAagCAQEwDQYJKoZIhvcNAQENBQAwggFkMQswCQYDVQQGEwJGUjEfMB0G
@@ -64,17 +67,17 @@ dXgtY3ljbGFnZS5vcmcxSzBJBgNVBA8eQgBWADEALgAwACwAIABuAGkAIABkAGkA
 ZQB1ACAAbgBpACAAbQBhAO4AdAByAGUAIABuAGkAIABtAG8AdABlAHUAcjEnMCUG
 CysGAQQBgjc8AgEBHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMScwJQYLKwYBBAGC
 NzwCAQIeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxEzARBgsrBgEEAYI3PAIBAxMC
-RlIXDTEzMDMyNjA4NDQ1NVoXDTIzMDMyNzA4NDQ1NVqgDjAMMAoGA1UdFAQDAgEA
-MA0GCSqGSIb3DQEBDQUAA4ICAQB6r1Of2dPeIgPs+fmt9Zd9vgTvaS3Z8EPg99qS
-E4wt2Wvlgf97dNZfx/QAfrrRs0Ija+YvopCzVQLehAs6WHschzDjxTZAtvhSLtk9
-oPG4nuKz2cUNa170VK0wWiGsdaG0Sp2EZNGMOtg9fBwDCqoixq+EuME0PIeTi6Ue
-wdYSwhQNLSMc3m7Uj/QAFfNmTavPF1fE1iQDWpsuYYPDGaV7WassvaJda/uKU/rq
-I6rJjM/4q3ubjLunQRl9FcnNarPt3VkoAmsAXHtcrB84p/rvhTta1QwtEor/o5TG
-X9vNAgMBmDMxkLSSnRDi8FtUuSs3LL9eVypoZzFUqSYcZB09hOY8X6+rUVy+FiJV
-QhjAqm5pLraaZEGeCxQN8L2vTmWf90wWbSx5xEmH6AQ4MnL7tuRZfMflL7vMrxea
-lVO3n0gmql1EOs7pHCyYqOWpZ48xQQ4VJmu9lR8plX+zWaAChbK6+euPdWGphItU
-HQTRpkgS9/kLU3qK4ifqtkfaJfXPaHeIK2C70hHeuIsEwHcRdYuWhUKsh+QB3pie
-qHofsxF+gnumzQr/59yj5guAlQi1oQobx4Za81vwrx+B8c6FQSoFl1Y5dLeHnayD
-rl18WhjXd4xesaG0rBSef8YofTQEf2IBy1zsjg2mZ/0a0EtEHwbEN8W9kBgg/vbX
-pYCNvg==
+RlIXDTEzMDcxNDExNDUxMVoXDTIzMDcxNTExNDUxMVqgDjAMMAoGA1UdFAQDAgEA
+MA0GCSqGSIb3DQEBDQUAA4ICAQBf1tyViX5KyKr+2IqYjP921V38S+dLqmTBpr7/
+sTVDjOgnZzX+e4hksjoNgkiHrnUjbQJhB+rw5FO9WtqyLiEgRXG5yi3Oab2Osazz
+MfYc47vLYQHMjeik1xO+2jl6XxDtLNW8eMIwyqW+HcOueLCgrwRSW5x2ws/9BK3c
++cocC2az/wf0M5iigpDiwl5ladp6mzvXLazk2WHySJ+yhHSPOZBCFk55/kGk6MTM
+Tx9XJXTSZkluAmpgRIzWma+PAdkYr89JF9hd9EXuRv6y03LIRlmpH1ErNlNVX3tG
+rK+w6R9538avwPvEEea/VzOryE2uMiDdQBRc4K8liWf9roUBcNKQ/TM2127fKOQE
+kEwISvh8+431RxNtQ5ALdD/r6CyqAYKPIM0J+Mt6s0phNTQqjXOcdtO4N26CTdaw
+mIDxrB4LhVFBfcw07suQadHBpprr9NDN6naltC/rGjUmQF592899Bjbs5wjlzu3w
+3M8kRUMV+ZRaf5ooVrgNfoKmKKF5n62wlxd7FYL4lJxGxAseF/cBI4M194vWzJpM
+iDku1pKanHWiJnxNiBsPHg3jRCWij+keYHKMSZWb1GRJ/korj9w0Gc3FdggVIpQ9
+l0KiiJSq9cDABt/zXVnHY6gRACc/0N/ZTalOa29jx1QpGCgtdKTm4BqMGR8s1J+5
+gq6TCw==
 -----END X509 CRL-----
index 4461b13..8fba17c 100644 (file)
@@ -1,5 +1,5 @@
 -----BEGIN CERTIFICATE-----
-MIILCDCCCPCgAwIBAgIHIBMDJglEVjANBgkqhkiG9w0BAQ0FADCCAWQxCzAJBgNV
+MIIMGjCCCgKgAwIBAgIHIBMHFBNFEjANBgkqhkiG9w0BAQ0FADCCAWQxCzAJBgNV
 BAYTAkZSMR8wHQYDVQQIHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQH
 HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMRowGAYDVQQKExFMJ0hldXJldXggQ3lj
 bGFnZTEfMB0GA1UECxMWU2VydmljZSBTTVRQIChzZXJ2ZXVyKTEiMCAGA1UEAxMZ
@@ -7,7 +7,7 @@ c210cGQuaGV1cmV1eC1jeWNsYWdlLm9yZzFLMEkGA1UEDx5CAFYAMQAuADAALAAg
 AG4AaQAgAGQAaQBlAHUAIABuAGkAIABtAGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0
 AGUAdQByMScwJQYLKwYBBAGCNzwCAQEeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMx
 JzAlBgsrBgEEAYI3PAIBAh4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczETMBEGCysG
-AQQBgjc8AgEDEwJGUjAeFw0xMzAzMjYwODQ0NTZaFw0yMzAzMjcwODQ0NTZaMIIB
+AQQBgjc8AgEDEwJGUjAeFw0xMzA3MTQxMTQ1MTJaFw0yMzA3MTUxMTQ1MTJaMIIB
 ZDELMAkGA1UEBhMCRlIxHzAdBgNVBAgeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMx
 HzAdBgNVBAceFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxGjAYBgNVBAoTEUwnSGV1
 cmV1eCBDeWNsYWdlMR8wHQYDVQQLExZTZXJ2aWNlIFNNVFAgKHNlcnZldXIpMSIw
@@ -26,38 +26,44 @@ gVput9eVL/BIyTupjxRnG1bkZfRh2p3PXSOFEU+gvPJ2JbN+qxgpZLqwosXf8WDn
 om0yCsnjw1YQhyu8HKtlJTWgNZ2JPi9ZTfDi985NMTmLbKNPmaGmQIGkpYdAtoIl
 VtUEnOJprPQybBxzJThLfRImN1EMAraoZQrYN9NFuMhKMUviSerFW8AIQjvNsXPt
 PHJuJmWu3uoqnEStzbEVvZ3UK6CVsYIsZ6JRcV6JgNULQtdTLIw2c2i8VvaoUWzz
-h/HjRUJGZ3fR9Vy65wg5Lg0TaIes46XWNYjAcpaNxiEyqG4tosECAwEAAaOCA7kw
-ggO1MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgGmMIGeBgNVHREEgZYw
-gZOBIWNvbnRhY3Qrc210cGRAaGV1cmV1eC1jeWNsYWdlLm9yZ4IZc210cGQuaGV1
-cmV1eC1jeWNsYWdlLm9yZ4IYc210cC5oZXVyZXV4LWN5Y2xhZ2Uub3Jngh5zdWJt
-aXNzaW9uLmhldXJldXgtY3ljbGFnZS5vcmeCGXNtdHBzLmhldXJldXgtY3ljbGFn
-ZS5vcmcwHQYDVR0OBBYEFJnc2JG/zO1B+Hfi/YmX/3/Lb2fQMIGeBgNVHRIEgZYw
-gZOBIWNvbnRhY3Qrc210cGRAaGV1cmV1eC1jeWNsYWdlLm9yZ4IZc210cGQuaGV1
-cmV1eC1jeWNsYWdlLm9yZ4IYc210cC5oZXVyZXV4LWN5Y2xhZ2Uub3Jngh5zdWJt
-aXNzaW9uLmhldXJldXgtY3ljbGFnZS5vcmeCGXNtdHBzLmhldXJldXgtY3ljbGFn
-ZS5vcmcwggGcBgNVHSMEggGTMIIBj4AUmdzYkb/M7UH4d+L9iZf/f8tvZ9ChggFs
-pIIBaDCCAWQxCzAJBgNVBAYTAkZSMR8wHQYDVQQIHhYAUgBoAPQAbgBlAC0AQQBs
-AHAAZQBzMR8wHQYDVQQHHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMRowGAYDVQQK
-ExFMJ0hldXJldXggQ3ljbGFnZTEfMB0GA1UECxMWU2VydmljZSBTTVRQIChzZXJ2
-ZXVyKTEiMCAGA1UEAxMZc210cGQuaGV1cmV1eC1jeWNsYWdlLm9yZzFLMEkGA1UE
-Dx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBlAHUAIABuAGkAIABtAGEA7gB0AHIA
-ZQAgAG4AaQAgAG0AbwB0AGUAdQByMScwJQYLKwYBBAGCNzwCAQEeFgBSAGgA9ABu
-AGUALQBBAGwAcABlAHMxJzAlBgsrBgEEAYI3PAIBAh4WAFIAaAD0AG4AZQAtAEEA
-bABwAGUAczETMBEGCysGAQQBgjc8AgEDEwJGUoIHIBMDJglEVjBNBggrBgEFBQcB
-AQRBMD8wPQYIKwYBBQUHMAKGMWh0dHA6Ly93d3cuaGV1cmV1eC1jeWNsYWdlLm9y
-Zy94NTA5L3NtdHBkL2NydC5wZW0wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL3d3
-dy5oZXVyZXV4LWN5Y2xhZ2Uub3JnL3g1MDkvc210cGQvY3JsLnBlbTANBgkqhkiG
-9w0BAQ0FAAOCAgEAIfqEOWnVs8DoUEOXdj3NQMFbEDPyOSSkLz6FAXXYvrq9LNEL
-v4oS5LMAYV+g34r+zfc4EksefL8ZiV1g4V6YTVWzU4+9L71joeZ9a8CJ2ZiGrTcM
-HryaXdptSpEfWXsN4Njmq4NUqbL/9e5OGh/R2p8s5Sgx+cia/qrHbXKYeAIHQc+W
-qAVC3KrNNAeyOHHJ8UdJ/sMLEwrg4U3sceAw7Zpgkrvjqajs00U2g9BIPPr87qH/
-TCHs2V9A/JS0yT+kEwXdtacl81+w8jtbGA2w1BrK9XomHle9tKpLtlf76xstl8qu
-x/PGbw2EXkMyHR+VMd4Y5Sh5yrCVa/7U/FqnYVqibNFcWcRLdxM5EwGFRJ9bVD8q
-mNOoX3PStnJWzWMYrv9m3Aycbv9y25s+ML6NDskfuhlD0N8Z9RnTXn3SY4ttUFEk
-r0fOzbElAoS4IHciUKZtb3E8vLST1oBiIpQJxf8AZl7rwmz6q8IbXLcTwJgOUMyH
-fjnczi+F6MSbgn8CLjyJAcU202vpkUfLxwAzQdjjpkvchOnakA8b97cPRuQ/4Gto
-888Bf8TqujGp+ax8tAT9h+sP4J18Tqrav9DqlseBjY9qIOHITZQJBujqZ3TdHemj
-NhE4RhFeXx9+yd2e7I6tALdszpVAV4NQ8GIP6VzYMnKJs0IATBm2iLyT9Dg=
+h/HjRUJGZ3fR9Vy65wg5Lg0TaIes46XWNYjAcpaNxiEyqG4tosECAwEAAaOCBMsw
+ggTHMBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgGmMIIBJgYDVR0RBIIB
+HTCCARmBIWNvbnRhY3Qrc210cGRAaGV1cmV1eC1jeWNsYWdlLm9yZ4IZc210cGQu
+aGV1cmV1eC1jeWNsYWdlLm9yZ4IYc210cC5oZXVyZXV4LWN5Y2xhZ2Uub3Jngh5z
+dWJtaXNzaW9uLmhldXJldXgtY3ljbGFnZS5vcmeCGXNtdHBzLmhldXJldXgtY3lj
+bGFnZS5vcmeCGG1haWwuaGV1cmV1eC1jeWNsYWdlLm9yZ4ITc210cGQuY3ljbG9j
+b29wLm9yZ4ISc210cC5jeWNsb2Nvb3Aub3JnghhzdWJtaXNzaW9uLmN5Y2xvY29v
+cC5vcmeCE3NtdHBzLmN5Y2xvY29vcC5vcmeCEm1haWwuY3ljbG9jb29wLm9yZzAd
+BgNVHQ4EFgQUmdzYkb/M7UH4d+L9iZf/f8tvZ9AwggEmBgNVHRIEggEdMIIBGYEh
+Y29udGFjdCtzbXRwZEBoZXVyZXV4LWN5Y2xhZ2Uub3JnghlzbXRwZC5oZXVyZXV4
+LWN5Y2xhZ2Uub3JnghhzbXRwLmhldXJldXgtY3ljbGFnZS5vcmeCHnN1Ym1pc3Np
+b24uaGV1cmV1eC1jeWNsYWdlLm9yZ4IZc210cHMuaGV1cmV1eC1jeWNsYWdlLm9y
+Z4IYbWFpbC5oZXVyZXV4LWN5Y2xhZ2Uub3JnghNzbXRwZC5jeWNsb2Nvb3Aub3Jn
+ghJzbXRwLmN5Y2xvY29vcC5vcmeCGHN1Ym1pc3Npb24uY3ljbG9jb29wLm9yZ4IT
+c210cHMuY3ljbG9jb29wLm9yZ4ISbWFpbC5jeWNsb2Nvb3Aub3JnMIIBnAYDVR0j
+BIIBkzCCAY+AFJnc2JG/zO1B+Hfi/YmX/3/Lb2fQoYIBbKSCAWgwggFkMQswCQYD
+VQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEfMB0GA1UE
+Bx4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEaMBgGA1UEChMRTCdIZXVyZXV4IEN5
+Y2xhZ2UxHzAdBgNVBAsTFlNlcnZpY2UgU01UUCAoc2VydmV1cikxIjAgBgNVBAMT
+GXNtdHBkLmhldXJldXgtY3ljbGFnZS5vcmcxSzBJBgNVBA8eQgBWADEALgAwACwA
+IABuAGkAIABkAGkAZQB1ACAAbgBpACAAbQBhAO4AdAByAGUAIABuAGkAIABtAG8A
+dABlAHUAcjEnMCUGCysGAQQBgjc8AgEBHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBz
+MScwJQYLKwYBBAGCNzwCAQIeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxEzARBgsr
+BgEEAYI3PAIBAxMCRlKCByATBxQTRRIwTQYIKwYBBQUHAQEEQTA/MD0GCCsGAQUF
+BzAChjFodHRwOi8vd3d3LmhldXJldXgtY3ljbGFnZS5vcmcveDUwOS9zbXRwZC9j
+cnQucGVtMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly93d3cuaGV1cmV1eC1jeWNs
+YWdlLm9yZy94NTA5L3NtdHBkL2NybC5wZW0wDQYJKoZIhvcNAQENBQADggIBAEto
+aa2yCu97fiaq67QOr5kuIlMod65FUQ+qLSZEws+Nh7TCIwEc5OuLQVPfDYhGls1Q
+wNquHCOv2DJfE3s7t69PI4x4SO6PPZbj9bNyFAA0FhpGLamD3EWPnijzG1YXG+HX
+hd3HWp2pBGeAY9kgb7bkT7JViLKxUGZ/2G5qGbEZcrnLIbWA108b7+TDMF5jIQGo
+AcLKsvOF30k5B99oU9/p83KvupXw6TFa7PSz14Mr/nbUfuW42IbWryG51VHhYt8u
+v62IrTEm6NBKlrOGmqalgs0TAOm5heBbZTgXkYA5UsJUw+c3ECDn8Ma300seChiB
+rXhQi8zMkxE3oCZ66nXen/u+yMCBh5UImoU66E+c/42VFQZV8OHKgaox66gHGxA+
+DYnX6HTczxrNc5R0xnfhIquUHY9siX9CgD1kfzpMpVR9RfUIN8h5eXMB9duadkc8
+lxrIjMcy3VKXleGDIFw1REmgTqNQJxHGeB7i6DoY2brzNRmsm5hF56d4rl+KfUAm
+p8p3SqZ0c6DlWSW4MSbXpvOTAi6UFZSu3p9WTXD3/xtPx3fCTcJzau/6R639cSnT
+jqQ+GTf68/2Ncj7c4rQX8iYk93BPAv182QGGM8mtPE/qjw1MQG5HqSs7VwSWAU1U
+zYOUhyQ0qiDMRGKpYmJpOaG3MwK+tS+RQ3aN72tT
 -----END CERTIFICATE-----
 -----BEGIN X509 CRL-----
 MIIDwDCCAagCAQEwDQYJKoZIhvcNAQENBQAwggFkMQswCQYDVQQGEwJGUjEfMB0G
@@ -68,17 +74,17 @@ dXgtY3ljbGFnZS5vcmcxSzBJBgNVBA8eQgBWADEALgAwACwAIABuAGkAIABkAGkA
 ZQB1ACAAbgBpACAAbQBhAO4AdAByAGUAIABuAGkAIABtAG8AdABlAHUAcjEnMCUG
 CysGAQQBgjc8AgEBHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMScwJQYLKwYBBAGC
 NzwCAQIeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxEzARBgsrBgEEAYI3PAIBAxMC
-RlIXDTEzMDMyNjA4NDQ1NloXDTIzMDMyNzA4NDQ1NlqgDjAMMAoGA1UdFAQDAgEA
-MA0GCSqGSIb3DQEBDQUAA4ICAQCwGwV/5NUZSFJpKhz+ByIpdwG7bzxxqNEvG73e
-68DjeBtgHmD5qdU7jnRLbVoXB68k1p1s3+YbeajOjjXRv3JXDTR1meweZoWlnJmu
-OfCpvBC74p2+jm/4sZc1a/fMI6pkxWmPpWm9VVhBTFHAuC1p/xi/wJjRkXAc7C0F
-41k2nyF4liMCN1MqNF3LqquvNEpCIdpC4ZaYbnG+6wVXOuXkE+fyZfGnsSOsZYLD
-LpBWukBzWhlNzgwsYzk9b3DoU/+EClJwarHYnZ920kHla9ZfsBRqf3NlL+iZsMOA
-pKVdMW3IKTH2gGsdg7KsYv4sSiMy6Hw0CaivASNaHYQO4R9y941y18ncUX9QCek8
-f82QVW3DmXEFJ2u9D5OcuoPuD1rnrC3BrrGVd7ipmd2dM1jMHnMKcPmB3Wf3a6br
-+Aca1/Q1UqPB5EqgAsZod+/McpgbkmqqNt24SGTUxMpkUB0/zlpXcNNnBuTdfAaq
-ijq5SJjqpupGZzzjhzcYvExYwDqGCDlh2+32vcQ7hk67XtobLZCGrLrUGEQtN+e+
-Y0UxjN8r4jaBwFYIc6zWkfw63HDw7gDRgXXS4F29+uPfs7pAZfQONDXcfyX8cBle
-3LNc1b96xXe04ZSviB9UikabiYOi1f7uSv77YVNvBs+mKPsYvvsAE15uX+b+fkDA
-yACynA==
+RlIXDTEzMDcxNDExNDUxMloXDTIzMDcxNTExNDUxMlqgDjAMMAoGA1UdFAQDAgEA
+MA0GCSqGSIb3DQEBDQUAA4ICAQAp+4js43KcqFoL8F75DsmN05gugMpsA/9Q+Qku
+jS12F0wixoTmIy8SZXSwiXxpS7rZFnHFWLyvo7PkJ0CGP8B4zlZ0R+eTbn295bFb
+58AW7+kaFR6214v9frTutssaIs9rwYjVSPZzsSvjRkr0SY5NsG6/oYtfqBBpsoOG
+TK50nJUA05SDUTESA0E1jnvkNborHwPkEOW94q4kh2Mv+eacTbyKcqBe3Fdtx/BV
+zjQAYC0R34wqWhLLNUq2ux020XWOzKoCQ7kroz1IHHsUsFff6DE+LncguaRx788j
+83Xoq2sE5BbD93O2osCovn/0Gc2yZj2YCPqUrkApIJ1S1mtLcHOPWwlMBZF/eeZp
+sPHFoYPxMnYZaSDVl9Hevqjo0J805O8CBZWRcvA0e/xJcA6iW5zybGksS3h4x0uB
+7SgqbzoKFXhGINn76zRE5C1I1ngQ+E+D1ckRRJzrhLqrKeZUeCUxfgwMibdxBbkd
+a43lCenhkct4SkB2FQVE9cFSZg7OhKOCqgfwYUJ7ap2rj0sS1OmcU3KVmebDnlub
+YBK3BQvT6sO8A7B+MU3ACd1odZg/22Kq5yYiRIWEAlMsMCq/pmLaXFX1o6ZaZ41q
+HzHR7oVxFHos36DPgfkJ0yDFCql6ijARmdCjd3zYCJz5Y9oC0FMNiWAYY/gWsVya
+ZolpHw==
 -----END X509 CRL-----
index 8e50f3c..8687346 100644 (file)
@@ -1,12 +1,12 @@
 -----BEGIN CERTIFICATE-----
-MIIKNzCCCB+gAwIBAgIHIBMDJglEVTANBgkqhkiG9w0BAQ0FADCCARUxHDAaBgNV
+MIIKwDCCCKigAwIBAgIHIBMHFBNFCDANBgkqhkiG9w0BAQ0FADCCARUxHDAaBgNV
 BAMTE2hldXJldXgtY3ljbGFnZS5vcmcxCzAJBgNVBAYTAkZSMQwwCgYDVQQrEwNM
 SEMxGjAYBgNVBAoTEUwnSGV1cmV1eCBDeWNsYWdlMVcwVQYDVQQLHk4AQQBuAHQA
 aQAtAGEAdQB0AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQA
 aQBvAG4AIABwAHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTY5MDAxMR8wHQYDVQQI
 HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQJExYxMCBydWUgU2FpbnQg
-UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0MB4XDTEzMDMyNjA4NDQ1NVoX
-DTIzMDMyNzA4NDQ1NVowggFkMQswCQYDVQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0
+UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0MB4XDTEzMDcxNDExNDUwOFoX
+DTIzMDcxNTExNDUwOFowggFkMQswCQYDVQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0
 AG4AZQAtAEEAbABwAGUAczEfMB0GA1UEBx4WAFIAaAD0AG4AZQAtAEEAbABwAGUA
 czEaMBgGA1UEChMRTCdIZXVyZXV4IEN5Y2xhZ2UxHzAdBgNVBAsTFlNlcnZpY2Ug
 U01UUCAoc2VydmV1cikxIjAgBgNVBAMTGXNtdHBkLmhldXJldXgtY3ljbGFnZS5v
@@ -25,33 +25,36 @@ kH8+JHqBokCk3xhgC6xlG8mBWm6315Uv8EjJO6mPFGcbVuRl9GHanc9dI4URT6C8
 OYtso0+ZoaZAgaSlh0C2giVW1QSc4mms9DJsHHMlOEt9EiY3UQwCtqhlCtg300W4
 yEoxS+JJ6sVbwAhCO82xc+08cm4mZa7e6iqcRK3NsRW9ndQroJWxgixnolFxXomA
 1QtC11MsjDZzaLxW9qhRbPOH8eNFQkZnd9H1XLrnCDkuDRNoh6zjpdY1iMBylo3G
-ITKobi2iwQIDAQABo4IDNzCCAzMwEgYDVR0TAQH/BAgwBgEB/wIBADALBgNVHQ8E
-BAMCAaYwgZ4GA1UdEQSBljCBk4EhY29udGFjdCtzbXRwZEBoZXVyZXV4LWN5Y2xh
-Z2Uub3JnghlzbXRwZC5oZXVyZXV4LWN5Y2xhZ2Uub3JnghhzbXRwLmhldXJldXgt
-Y3ljbGFnZS5vcmeCHnN1Ym1pc3Npb24uaGV1cmV1eC1jeWNsYWdlLm9yZ4IZc210
-cHMuaGV1cmV1eC1jeWNsYWdlLm9yZzAdBgNVHQ4EFgQUmdzYkb/M7UH4d+L9iZf/
-f8tvZ9AwJgYDVR0SBB8wHYEbY29udGFjdEBoZXVyZXV4LWN5Y2xhZ2Uub3JnMIIB
-TQYDVR0jBIIBRDCCAUCAFNBAROiT4WT3CglAwG2DZ7y3ue1KoYIBHaSCARkwggEV
-MRwwGgYDVQQDExNoZXVyZXV4LWN5Y2xhZ2Uub3JnMQswCQYDVQQGEwJGUjEMMAoG
-A1UEKxMDTEhDMRowGAYDVQQKExFMJ0hldXJldXggQ3ljbGFnZTFXMFUGA1UECx5O
-AEEAbgB0AGkALQBhAHUAdABvAHIAaQB0AOkAIABkAGUAIABjAGUAcgB0AGkAZgBp
-AGMAYQB0AGkAbwBuACAAcAByAGkAbQBhAGkAcgBlMQ4wDAYDVQQREwU2OTAwMTEf
-MB0GA1UECB4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEfMB0GA1UECRMWMTAgcnVl
-IFNhaW50IFBvbHljYXJwZTETMBEGA1UEFB4KAG4A6QBhAG4AdIIHIBMDJgk4MTBH
-BggrBgEFBQcBAQQ7MDkwNwYIKwYBBQUHMAKGK2h0dHA6Ly93d3cuaGV1cmV1eC1j
-eWNsYWdlLm9yZy94NTA5L2NydC5wZW0wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDov
-L3d3dy5oZXVyZXV4LWN5Y2xhZ2Uub3JnL3g1MDkvc210cGQvY3JsLnBlbTBKBgNV
-HSAEQzBBMD8GBSqBegEqMDYwNAYIKwYBBQUHAgEWKGh0dHBzOi8vd3d3LmhldXJl
-dXgtY3ljbGFnZS5vcmcveDUwOS9jcHMwDQYJKoZIhvcNAQENBQADggIBAF5xV9UE
-GkW/b/GC05uoz/86j+bICFAU+jL4ex05Qs3tfeG1Aob8qtY2vxKuG2i062Iex4Bz
-jIdRmz9tvILX3I7Q3taR0uxEBkZuu4leb/5dOB2cu5o2U1FnmmDf/roW0UG0CcNk
-oapa5MEEqQ3DDNJUjxnFgsaNSLBSIVnvle9lsyG89TOx68VYgcnjW0dqufV1IZEn
-D3ml6OMhaX2xHpAYDYkpnQmvanXDw/dvnUvnk8hWf2Kt/QQmpBNgk2oAw6GQB9ai
-xmiE+LClBPPMQZ5kFAo3ZqfuhEnPkDCpwll/P3yxJculENRcdgFyZqKpYyVrMTuo
-enGiup16hRcepQomheuEsNcC/xFFuZobAf7RO80/vejEwezgtL5/4HkVRh8v/yM6
-21SFyI3yvGqdj3lVhAcmRIrdYpHZ8HHz5Lhpw1AAm0vo2eBrr/ZsvpVSs2ZibK9N
-KvQeYeaTtgbfBCZoS8U38QmkkdHjZnUzdlzsfDAPu01iiQOK/5d65xe7F9VynBYe
-NWxDYjUXT9AoGnqqexjIgZEB7EH9F1xRDqvTWkEKG7Tra4pgOeTiZAHy6w+/gJV/
-oxNikWYGEsiK8fEt31u9VCk+OaJKIfk+LnZAict7eGpnoTCQpHCm18qvUxI6YbSU
-602EnS3+xY1X5xqKx2A/isSMzoYDPhYn39dH
+ITKobi2iwQIDAQABo4IDwDCCA7wwEgYDVR0TAQH/BAgwBgEB/wIBADALBgNVHQ8E
+BAMCAaYwggEmBgNVHREEggEdMIIBGYEhY29udGFjdCtzbXRwZEBoZXVyZXV4LWN5
+Y2xhZ2Uub3JnghlzbXRwZC5oZXVyZXV4LWN5Y2xhZ2Uub3JnghhzbXRwLmhldXJl
+dXgtY3ljbGFnZS5vcmeCHnN1Ym1pc3Npb24uaGV1cmV1eC1jeWNsYWdlLm9yZ4IZ
+c210cHMuaGV1cmV1eC1jeWNsYWdlLm9yZ4IYbWFpbC5oZXVyZXV4LWN5Y2xhZ2Uu
+b3JnghNzbXRwZC5jeWNsb2Nvb3Aub3JnghJzbXRwLmN5Y2xvY29vcC5vcmeCGHN1
+Ym1pc3Npb24uY3ljbG9jb29wLm9yZ4ITc210cHMuY3ljbG9jb29wLm9yZ4ISbWFp
+bC5jeWNsb2Nvb3Aub3JnMB0GA1UdDgQWBBSZ3NiRv8ztQfh34v2Jl/9/y29n0DAm
+BgNVHRIEHzAdgRtjb250YWN0QGhldXJldXgtY3ljbGFnZS5vcmcwggFNBgNVHSME
+ggFEMIIBQIAU0EBE6JPhZPcKCUDAbYNnvLe57UqhggEdpIIBGTCCARUxHDAaBgNV
+BAMTE2hldXJldXgtY3ljbGFnZS5vcmcxCzAJBgNVBAYTAkZSMQwwCgYDVQQrEwNM
+SEMxGjAYBgNVBAoTEUwnSGV1cmV1eCBDeWNsYWdlMVcwVQYDVQQLHk4AQQBuAHQA
+aQAtAGEAdQB0AG8AcgBpAHQA6QAgAGQAZQAgAGMAZQByAHQAaQBmAGkAYwBhAHQA
+aQBvAG4AIABwAHIAaQBtAGEAaQByAGUxDjAMBgNVBBETBTY5MDAxMR8wHQYDVQQI
+HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQJExYxMCBydWUgU2FpbnQg
+UG9seWNhcnBlMRMwEQYDVQQUHgoAbgDpAGEAbgB0ggcgEwMmCTgxMEcGCCsGAQUF
+BwEBBDswOTA3BggrBgEFBQcwAoYraHR0cDovL3d3dy5oZXVyZXV4LWN5Y2xhZ2Uu
+b3JnL3g1MDkvY3J0LnBlbTBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vd3d3Lmhl
+dXJldXgtY3ljbGFnZS5vcmcveDUwOS9zbXRwZC9jcmwucGVtMEoGA1UdIARDMEEw
+PwYFKoF6ASowNjA0BggrBgEFBQcCARYoaHR0cHM6Ly93d3cuaGV1cmV1eC1jeWNs
+YWdlLm9yZy94NTA5L2NwczANBgkqhkiG9w0BAQ0FAAOCAgEArUoLsfL3fC/XALEh
+0aSHhAzh4fw9Q7yPY7bsNI33jxnIEgayl/kBbenqdCC4xT8R6aR3anslKw0Fuc/1
+K35ql8AmID2z0nmbtG19s5T0EtsG6v/q77sMYi9uqg3mO50atWOsdVvsA3bqTiOR
+VSI7f/ivQrQlZpHyyxPPB7CoaMsJ4/NDPXDVgfMRZ03ejC4uGV6Fei++bTBEWMSt
+G4LrCyPDdCLdvDPL9b3t62MnrKuDJN2cdC3h6DiBCiXoHR4XSW/MsJt0jvg7ix72
+qFJHAi/7CursB04a6luD0sLKPIKAlzTlwe3E5saBtup8L22fD+bj3QfO+2Ocd96I
+3qWwptHpm42smPkfsPHC7X8Z9nsLhcXKOaDd4Qv79144jLv3X/f61G557KG3g8mS
+7qKUJQPDC5mcjjHHjh3v34FUplAsOhcmmeF8KjzqDE9LCGYjag9cnccYLM6z2fdJ
+q27hGAFEpGDMFNskk50SzG22oVnZcX2Mjx2uT1k7sOBXTZbWb1FFcS7h9qSInRBD
+QBRFdTUci0Ok5KFKkRZ5YYxJK4e1/wdKTI17jMa4tBo4b9WX/yRci/zOml17DgVZ
+FGNLanf8vIMRz/6jEj75Co/i13Xj3vI/+FAL8DjObgNftxDdyz25uEIAiM3QEdLD
+EjM1OloNekaag+ufrjp3AhjGLQ8=
 -----END CERTIFICATE-----
index 5d10719..81ab3c7 100644 (file)
@@ -1,17 +1,17 @@
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
-iQIcBAABCgAGBQJRUWAHAAoJEF4nGc9w/oqeB54P/1/+ZIPOxB+wrcOLqtas/cYA
-RboxzYAp0Zi9jcP23JxDR0xc4eiP7NrdVy6TfNfyleVLHPlK+9XumxDD6qPx8FkN
-FghiIEKG6maWwRqhWYWdhRCH1EOR3a6dfZgZbyIORvjhzLqVrVvTEej1k2hxBDd7
-MUQnfTUoE3ilFphz4h6r5D09uyMAOhcukr8gmmt0SIjY6k09YbVfOQNbICPFOwPO
-NRWpxbdAKOfyKZ6s+RHy9135/PVqxxpZhyVF3F1/S3Ch5BIw9pTKjh0DbjVNsV+b
-J+dlv5hfMSBw9MkRFHnGScwE32WyjUBRulqY8y8LDDDikthfOKsQ9kCtc1VwsS6e
-qbnof/oJMf+OPO8Z6U6Km52BQk2KE5YrWEi3gCT9fMyv/tlf2d8CcwuVgI1p8Oys
-fRPq5hRLNhVdpKRbcQmuMLVgcJgBa+H5OG0B0rVIWFas44q4by6FYg9f1i824x/a
-7Jdg+UyZX8196tWwfSkl5Ilb/FQQIRPF0YZ72kb0vUAHAWtjBwjTSm2wsjKoUMaz
-oCphjDI7kmdrR3DWJCj2je+v1n2N5h/8KsPRhntcuPNMZ7k+cfCw0XxSulqNcXeg
-tgVnk5g+UhmIOj7DXgrrAlFD8jqbKI8RiLvMCX7h/VUfCJlrFC40XnjAizjm4Tzt
-yAFnfQNImjoSSWxA17wI
-=k0kV
+iQIcBAABCgAGBQJR4o9EAAoJEF4nGc9w/oqezYgP/2sz1BcdjlCGTYHdN62D5XSm
+GZYTQUo0459IqFpjagcK4ifqCA8SRUv87bsTfM/DhVmqH61NZUNz/ypkS72Iuv+f
+m/L9XKTyo/VP5uhlYrQfGxviHNQt/kcKmVdBF5LMRJczo63FXmMPDzA5EtoC3Epo
+lRqmKy/snEN7FSMymX4ug6+4oamQscERD2dYfr9a+HL/vuGEOjj6+Eh3MXiDYkX5
+KxlvWspOlnj9Gt8q0VjNv8il3kYJ4RxTs/UJN1Y1Rv6RZ5QD/MhcYXiGpOXYUimD
+4hzkUsKVtdEKKRC3WikSD/CGSz/D1M8wN3iwp05yCSvu84SVZoLVLSTn89sWTcvT
+spIqrbV0uY4hcQkZRJXWS8BzwQ7Cz8wqU3Dl8rO/1z2pqxcS3ejou5fkV9HHGjaO
+RwoVPUj3KyNwlmZqyMTgXcedIDV5UPOTORgYuLonCrHJxeYZNfEdK77b0AXNBgnV
++YfUW95d3s0ayrrhd0v9pvc6So+TLrcGVNe0f9bLSiIrrkzeV5ZvnHxKbOo10e5I
+LtTvp3N8qjZcPWjnR9G/6rMA+NlvzbNxGTGQHtutZyuBVA3OxmTehDxh6cPOzXSw
+tUQDk6XnU+juNXyL2eZA6VJj9T//2tH5C2xIdZONVDLQWQp7Bh8RhRi0hDTvC8JV
+8ZhIV2WhsV9u3pBtjSud
+=HGcZ
 -----END PGP SIGNATURE-----
index 7b41ecf..1383df9 100644 (file)
@@ -1,5 +1,5 @@
 -----BEGIN CERTIFICATE-----
-MIILCDCCCPCgAwIBAgIHIBMDJglEVjANBgkqhkiG9w0BAQ0FADCCAWQxCzAJBgNV
+MIIMGjCCCgKgAwIBAgIHIBMHFBNFEjANBgkqhkiG9w0BAQ0FADCCAWQxCzAJBgNV
 BAYTAkZSMR8wHQYDVQQIHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMR8wHQYDVQQH
 HhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMRowGAYDVQQKExFMJ0hldXJldXggQ3lj
 bGFnZTEfMB0GA1UECxMWU2VydmljZSBTTVRQIChzZXJ2ZXVyKTEiMCAGA1UEAxMZ
@@ -7,7 +7,7 @@ c210cGQuaGV1cmV1eC1jeWNsYWdlLm9yZzFLMEkGA1UEDx5CAFYAMQAuADAALAAg
 AG4AaQAgAGQAaQBlAHUAIABuAGkAIABtAGEA7gB0AHIAZQAgAG4AaQAgAG0AbwB0
 AGUAdQByMScwJQYLKwYBBAGCNzwCAQEeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMx
 JzAlBgsrBgEEAYI3PAIBAh4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczETMBEGCysG
-AQQBgjc8AgEDEwJGUjAeFw0xMzAzMjYwODQ0NTZaFw0yMzAzMjcwODQ0NTZaMIIB
+AQQBgjc8AgEDEwJGUjAeFw0xMzA3MTQxMTQ1MTJaFw0yMzA3MTUxMTQ1MTJaMIIB
 ZDELMAkGA1UEBhMCRlIxHzAdBgNVBAgeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMx
 HzAdBgNVBAceFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxGjAYBgNVBAoTEUwnSGV1
 cmV1eCBDeWNsYWdlMR8wHQYDVQQLExZTZXJ2aWNlIFNNVFAgKHNlcnZldXIpMSIw
@@ -26,36 +26,42 @@ gVput9eVL/BIyTupjxRnG1bkZfRh2p3PXSOFEU+gvPJ2JbN+qxgpZLqwosXf8WDn
 om0yCsnjw1YQhyu8HKtlJTWgNZ2JPi9ZTfDi985NMTmLbKNPmaGmQIGkpYdAtoIl
 VtUEnOJprPQybBxzJThLfRImN1EMAraoZQrYN9NFuMhKMUviSerFW8AIQjvNsXPt
 PHJuJmWu3uoqnEStzbEVvZ3UK6CVsYIsZ6JRcV6JgNULQtdTLIw2c2i8VvaoUWzz
-h/HjRUJGZ3fR9Vy65wg5Lg0TaIes46XWNYjAcpaNxiEyqG4tosECAwEAAaOCA7kw
-ggO1MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgGmMIGeBgNVHREEgZYw
-gZOBIWNvbnRhY3Qrc210cGRAaGV1cmV1eC1jeWNsYWdlLm9yZ4IZc210cGQuaGV1
-cmV1eC1jeWNsYWdlLm9yZ4IYc210cC5oZXVyZXV4LWN5Y2xhZ2Uub3Jngh5zdWJt
-aXNzaW9uLmhldXJldXgtY3ljbGFnZS5vcmeCGXNtdHBzLmhldXJldXgtY3ljbGFn
-ZS5vcmcwHQYDVR0OBBYEFJnc2JG/zO1B+Hfi/YmX/3/Lb2fQMIGeBgNVHRIEgZYw
-gZOBIWNvbnRhY3Qrc210cGRAaGV1cmV1eC1jeWNsYWdlLm9yZ4IZc210cGQuaGV1
-cmV1eC1jeWNsYWdlLm9yZ4IYc210cC5oZXVyZXV4LWN5Y2xhZ2Uub3Jngh5zdWJt
-aXNzaW9uLmhldXJldXgtY3ljbGFnZS5vcmeCGXNtdHBzLmhldXJldXgtY3ljbGFn
-ZS5vcmcwggGcBgNVHSMEggGTMIIBj4AUmdzYkb/M7UH4d+L9iZf/f8tvZ9ChggFs
-pIIBaDCCAWQxCzAJBgNVBAYTAkZSMR8wHQYDVQQIHhYAUgBoAPQAbgBlAC0AQQBs
-AHAAZQBzMR8wHQYDVQQHHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBzMRowGAYDVQQK
-ExFMJ0hldXJldXggQ3ljbGFnZTEfMB0GA1UECxMWU2VydmljZSBTTVRQIChzZXJ2
-ZXVyKTEiMCAGA1UEAxMZc210cGQuaGV1cmV1eC1jeWNsYWdlLm9yZzFLMEkGA1UE
-Dx5CAFYAMQAuADAALAAgAG4AaQAgAGQAaQBlAHUAIABuAGkAIABtAGEA7gB0AHIA
-ZQAgAG4AaQAgAG0AbwB0AGUAdQByMScwJQYLKwYBBAGCNzwCAQEeFgBSAGgA9ABu
-AGUALQBBAGwAcABlAHMxJzAlBgsrBgEEAYI3PAIBAh4WAFIAaAD0AG4AZQAtAEEA
-bABwAGUAczETMBEGCysGAQQBgjc8AgEDEwJGUoIHIBMDJglEVjBNBggrBgEFBQcB
-AQRBMD8wPQYIKwYBBQUHMAKGMWh0dHA6Ly93d3cuaGV1cmV1eC1jeWNsYWdlLm9y
-Zy94NTA5L3NtdHBkL2NydC5wZW0wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL3d3
-dy5oZXVyZXV4LWN5Y2xhZ2Uub3JnL3g1MDkvc210cGQvY3JsLnBlbTANBgkqhkiG
-9w0BAQ0FAAOCAgEAIfqEOWnVs8DoUEOXdj3NQMFbEDPyOSSkLz6FAXXYvrq9LNEL
-v4oS5LMAYV+g34r+zfc4EksefL8ZiV1g4V6YTVWzU4+9L71joeZ9a8CJ2ZiGrTcM
-HryaXdptSpEfWXsN4Njmq4NUqbL/9e5OGh/R2p8s5Sgx+cia/qrHbXKYeAIHQc+W
-qAVC3KrNNAeyOHHJ8UdJ/sMLEwrg4U3sceAw7Zpgkrvjqajs00U2g9BIPPr87qH/
-TCHs2V9A/JS0yT+kEwXdtacl81+w8jtbGA2w1BrK9XomHle9tKpLtlf76xstl8qu
-x/PGbw2EXkMyHR+VMd4Y5Sh5yrCVa/7U/FqnYVqibNFcWcRLdxM5EwGFRJ9bVD8q
-mNOoX3PStnJWzWMYrv9m3Aycbv9y25s+ML6NDskfuhlD0N8Z9RnTXn3SY4ttUFEk
-r0fOzbElAoS4IHciUKZtb3E8vLST1oBiIpQJxf8AZl7rwmz6q8IbXLcTwJgOUMyH
-fjnczi+F6MSbgn8CLjyJAcU202vpkUfLxwAzQdjjpkvchOnakA8b97cPRuQ/4Gto
-888Bf8TqujGp+ax8tAT9h+sP4J18Tqrav9DqlseBjY9qIOHITZQJBujqZ3TdHemj
-NhE4RhFeXx9+yd2e7I6tALdszpVAV4NQ8GIP6VzYMnKJs0IATBm2iLyT9Dg=
+h/HjRUJGZ3fR9Vy65wg5Lg0TaIes46XWNYjAcpaNxiEyqG4tosECAwEAAaOCBMsw
+ggTHMBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgGmMIIBJgYDVR0RBIIB
+HTCCARmBIWNvbnRhY3Qrc210cGRAaGV1cmV1eC1jeWNsYWdlLm9yZ4IZc210cGQu
+aGV1cmV1eC1jeWNsYWdlLm9yZ4IYc210cC5oZXVyZXV4LWN5Y2xhZ2Uub3Jngh5z
+dWJtaXNzaW9uLmhldXJldXgtY3ljbGFnZS5vcmeCGXNtdHBzLmhldXJldXgtY3lj
+bGFnZS5vcmeCGG1haWwuaGV1cmV1eC1jeWNsYWdlLm9yZ4ITc210cGQuY3ljbG9j
+b29wLm9yZ4ISc210cC5jeWNsb2Nvb3Aub3JnghhzdWJtaXNzaW9uLmN5Y2xvY29v
+cC5vcmeCE3NtdHBzLmN5Y2xvY29vcC5vcmeCEm1haWwuY3ljbG9jb29wLm9yZzAd
+BgNVHQ4EFgQUmdzYkb/M7UH4d+L9iZf/f8tvZ9AwggEmBgNVHRIEggEdMIIBGYEh
+Y29udGFjdCtzbXRwZEBoZXVyZXV4LWN5Y2xhZ2Uub3JnghlzbXRwZC5oZXVyZXV4
+LWN5Y2xhZ2Uub3JnghhzbXRwLmhldXJldXgtY3ljbGFnZS5vcmeCHnN1Ym1pc3Np
+b24uaGV1cmV1eC1jeWNsYWdlLm9yZ4IZc210cHMuaGV1cmV1eC1jeWNsYWdlLm9y
+Z4IYbWFpbC5oZXVyZXV4LWN5Y2xhZ2Uub3JnghNzbXRwZC5jeWNsb2Nvb3Aub3Jn
+ghJzbXRwLmN5Y2xvY29vcC5vcmeCGHN1Ym1pc3Npb24uY3ljbG9jb29wLm9yZ4IT
+c210cHMuY3ljbG9jb29wLm9yZ4ISbWFpbC5jeWNsb2Nvb3Aub3JnMIIBnAYDVR0j
+BIIBkzCCAY+AFJnc2JG/zO1B+Hfi/YmX/3/Lb2fQoYIBbKSCAWgwggFkMQswCQYD
+VQQGEwJGUjEfMB0GA1UECB4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEfMB0GA1UE
+Bx4WAFIAaAD0AG4AZQAtAEEAbABwAGUAczEaMBgGA1UEChMRTCdIZXVyZXV4IEN5
+Y2xhZ2UxHzAdBgNVBAsTFlNlcnZpY2UgU01UUCAoc2VydmV1cikxIjAgBgNVBAMT
+GXNtdHBkLmhldXJldXgtY3ljbGFnZS5vcmcxSzBJBgNVBA8eQgBWADEALgAwACwA
+IABuAGkAIABkAGkAZQB1ACAAbgBpACAAbQBhAO4AdAByAGUAIABuAGkAIABtAG8A
+dABlAHUAcjEnMCUGCysGAQQBgjc8AgEBHhYAUgBoAPQAbgBlAC0AQQBsAHAAZQBz
+MScwJQYLKwYBBAGCNzwCAQIeFgBSAGgA9ABuAGUALQBBAGwAcABlAHMxEzARBgsr
+BgEEAYI3PAIBAxMCRlKCByATBxQTRRIwTQYIKwYBBQUHAQEEQTA/MD0GCCsGAQUF
+BzAChjFodHRwOi8vd3d3LmhldXJldXgtY3ljbGFnZS5vcmcveDUwOS9zbXRwZC9j
+cnQucGVtMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly93d3cuaGV1cmV1eC1jeWNs
+YWdlLm9yZy94NTA5L3NtdHBkL2NybC5wZW0wDQYJKoZIhvcNAQENBQADggIBAEto
+aa2yCu97fiaq67QOr5kuIlMod65FUQ+qLSZEws+Nh7TCIwEc5OuLQVPfDYhGls1Q
+wNquHCOv2DJfE3s7t69PI4x4SO6PPZbj9bNyFAA0FhpGLamD3EWPnijzG1YXG+HX
+hd3HWp2pBGeAY9kgb7bkT7JViLKxUGZ/2G5qGbEZcrnLIbWA108b7+TDMF5jIQGo
+AcLKsvOF30k5B99oU9/p83KvupXw6TFa7PSz14Mr/nbUfuW42IbWryG51VHhYt8u
+v62IrTEm6NBKlrOGmqalgs0TAOm5heBbZTgXkYA5UsJUw+c3ECDn8Ma300seChiB
+rXhQi8zMkxE3oCZ66nXen/u+yMCBh5UImoU66E+c/42VFQZV8OHKgaox66gHGxA+
+DYnX6HTczxrNc5R0xnfhIquUHY9siX9CgD1kfzpMpVR9RfUIN8h5eXMB9duadkc8
+lxrIjMcy3VKXleGDIFw1REmgTqNQJxHGeB7i6DoY2brzNRmsm5hF56d4rl+KfUAm
+p8p3SqZ0c6DlWSW4MSbXpvOTAi6UFZSu3p9WTXD3/xtPx3fCTcJzau/6R639cSnT
+jqQ+GTf68/2Ncj7c4rQX8iYk93BPAv182QGGM8mtPE/qjw1MQG5HqSs7VwSWAU1U
+zYOUhyQ0qiDMRGKpYmJpOaG3MwK+tS+RQ3aN72tT
 -----END CERTIFICATE-----
index 695c6f3..7deb5d0 100644 (file)
@@ -1,17 +1,17 @@
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
-iQIcBAABCgAGBQJRUWAIAAoJEF4nGc9w/oqeV/IQAIHd+MjeuqGxBfyY+XttBazR
-iPyl4w9J870nhQ6jK3vZrF7YezBfWbZEziJPPhoKyJZttVCqMKyt8wh9yjddlxvh
-Zn4boNIVAWyoW+WzJhlGo2wXGwfn77DdeYMdYD26lfLcBXb4xpojZxm7rf3eKtM+
-fRinER8B06bXPS0ilGMuCbWENy0TGoHaCPsWf+Ux71bqbqfd9r3dGW9C/W8XgAM6
-tm/Jk6Bhntey0fol0qAktew8tNFw23DDjdQr7mHZifWtfVYqjjsQhwmgxIKpQSht
-CyQDU/KtkLpu6CSgXARjzokok7uAW6irgsSz0Ky4Ip27URc/lvdy+pxzRLHf1Vno
-xcRtNUzeYWFBhGY7qppJjCSlttk8DWtYQP0fsfyUtOUa1yRZXMdWaXsQCQU1NCfP
-UaB/nBgwJ7rCXfIQ3AUj0P6G5KQEXKxVYTt3YE3mEBhF12eMAVoILYUiaWtZpFei
-U9cEDtvOobpZPm+NAaBlOWp6MjyTKotg52yaGMRQ4EbmDYOmV3OohVxJJgWLrN/m
-rO1MpeIiPARy9/ft8ccNPPC4nQxthHLEckwN4jJVZAoodPz1wCDWx8dk0QkGbcOn
-C1oHDOlzFqbm7SWzJxOrlO0JJI1bjBt/XIbUpTtrfq+kv6MFeTqR+RSVGM6CSVD+
-+eojgPHVTXbdr8cnF10X
-=hBIv
+iQIcBAABCgAGBQJR4o9IAAoJEF4nGc9w/oqeqSwP/2eCXqUalocqJmAzozmYaYFc
+n9IC6+GMor+ktmFBbHhG4UgBF5Q+KgZS6hrcpafvduRVbsULSCFKBP4lq0PPOCHk
+X37LmBI5Gml/MJutuGF+CsUkHQHKz/TmiuZujSfABTesM+7anUg3jf3pIXdciGO1
+Ba3JFrIgSOBZMVkSPbp0rulu+tee1tlM0onUpRzPIRuIVgOPYlxY1QFAr+Giyyhr
+PXOAhuWpiF/8UdcctH7Xcw+j59QfBxFR+aQsgG/RbVkmBIvZIbBi5OzcY5Wjr0b6
+YHjFn43mMQlecGVAH2ZiId0QvUer6Oe4u6N03oqVoI6ODsIKSIHKye0WzPPuzJJL
+wjI1DP7MXiyhAF8Esbe6UsEmH5GcL92SERRGSWoovlP5RJkI/WV6tE0XLUZNwkUi
+xDohSQPRMJT+uI2BfWfDc8fas0StUQyiXWLEdLR2Cc+FwYNsaMFFYbUpDmxuMZ56
+C0fhTJh3XITjNkJ9MdAxvBJjuckg58w427KrbQBc2hyQcJDQbMcezciVCwil6dT0
+BaNpFPy2NVEcyKWfh2vIla776VQp48GmttcNNi64pi8hkjrUsrYqvFMXz3BxUSUh
+KqTrsXAtMbeLFeE2eqBUsI4i61tIYWAojA7dVnVc1COw/OAUJfDhJBRRdGNHMV/p
+/wu3sRZw7c/h9sn5YH2t
+=AXoA
 -----END PGP SIGNATURE-----