Merge pull request 'fix: install ca certificates' (#20) from feat/ai_code_review into develop

Reviewed-on: #20

.amazonq/rules/triage-findings.md

@@ -0,0 +1,14 @@
+# Triage Findings
+
+When the task is to triage review findings, follow this workflow:
+
+1. Merge all findings into one list.
+2. Remove duplicates.
+3. Sort by severity: `critical` -> `warning` -> `info`.
+4. Renumber from 1 after sorting.
+5. Fix real issues with the smallest safe change.
+6. Add false positives to `.gitea/ai-review/exclusions.json`, preserving the original wording, language, and semantics as much as possible.
+7. Add or update tests when behavior changes.
+8. Re-check the issue after each fix.
+
+Use the repo-local `triage-findings` skill for the same workflow when running in Codex.

.claude/skills/triage-findings/SKILL.md

@@ -0,0 +1,30 @@
+---
+name: triage-findings
+description: Triage findings, fix real issues, and exclude false positives.
+---
+
+# Triage Findings
+
+## Use
+
+直接輸入：`triage-findings 問題原始檔(文字或截圖)`
+
+## Workflow
+
+1. Merge all findings.
+2. Sort by severity:
+   - critical
+   - warning
+   - info
+3. Renumber from 1.
+4. Fix real issues.
+5. Put false positives into `.gitea/ai-review/exclusions.json` as a top-level JSON array, preserving the original wording, language, and semantics as much as possible. Do not wrap the array in `exclusions` or `excluded_findings`.
+6. Add tests when behavior changes.
+
+## Output Rules
+
+- Keep the final list short.
+- Keep numbering contiguous.
+- Preserve file path, location, and fix.
+- When writing exclusions, always output a top-level JSON array.
+- When writing exclusions, prefer the original issue text over paraphrased rewrites.

.codex/skills/triage-findings/SKILL.md

@@ -0,0 +1,46 @@
+---
+name: triage-findings
+description: Merge code-review findings, sort and renumber them by severity, resolve real issues, and move false positives into exclusions.
+---
+
+# Triage Findings
+
+## When To Use
+
+Use this skill when you receive multiple review findings, screenshots, comments, or issue lists that need to become one final triaged list.
+It is also used when some findings are false positives and should be moved into the exclusions list.
+
+## Workflow
+
+1. Collect all findings into one list.
+2. Merge duplicates into a single finding when they describe the same issue.
+3. Sort the final list by severity:
+   - critical
+   - warning
+   - info
+4. Renumber the sorted list from 1 upward.
+5. Rewrite each finding concisely so the final list reads cleanly and consistently.
+6. If a finding is a false positive, do not keep it in the final list.
+7. Add false positives to the exclusions list as a top-level JSON array in `.gitea/ai-review/exclusions.json`, and preserve the original finding wording as much as possible, including language and semantics. Do not wrap the array in `exclusions` or `excluded_findings`.
+
+## Resolution Flow
+
+After the list is merged and ordered, resolve the remaining findings one by one.
+
+1. Start from the highest severity item.
+2. Identify the root cause in the relevant file or context.
+3. Apply the smallest safe change that fixes the issue.
+4. Add or update tests when behavior changes.
+5. Re-check the issue after the change.
+6. If the item is confirmed false positive, move it to exclusions instead of changing code.
+7. Continue until the list is either fixed or explicitly excluded.
+
+## Output Rules
+
+- Keep the final findings list in severity order, then by any stable secondary order needed to make it readable.
+- Keep numbering contiguous after filtering and merging.
+- Preserve useful details like file path, location, and suggested fix.
+- Keep exclusions entries minimal and consistent with the project schema.
+- When writing exclusions, always output a top-level JSON array.
+- When writing exclusions, prefer the original issue text and language; only paraphrase if needed to fit the schema.
+- If the source already provides a severity or title, keep it unless it conflicts with the final ordering.

.codex/skills/triage-findings/agents/openai.yaml

@@ -0,0 +1,4 @@
+interface:
+  display_name: "Triage Findings"
+  short_description: "Triage, sort, fix, and exclude review findings"
+  default_prompt: "Use $triage-findings to merge review findings, sort and renumber them by severity, resolve real issues one by one, and add false positives to `.gitea/ai-review/exclusions.json` as a top-level JSON array."

.gemini/skills/triage-findings/SKILL.md

@@ -0,0 +1,30 @@
+---
+name: triage-findings
+description: Triage findings, fix real issues, and exclude false positives.
+---
+
+# Triage Findings
+
+## Use
+
+直接輸入：`triage-findings 問題原始檔(文字或截圖)`
+
+## Workflow
+
+1. Merge all findings.
+2. Sort by severity:
+   - critical
+   - warning
+   - info
+3. Renumber from 1.
+4. Fix real issues.
+5. Put false positives into `.gitea/ai-review/exclusions.json` as a top-level JSON array, preserving the original wording, language, and semantics as much as possible. Do not wrap the array in `exclusions` or `excluded_findings`.
+6. Add tests when behavior changes.
+
+## Output Rules
+
+- Keep the final list short.
+- Keep numbering contiguous.
+- Preserve file path, location, and fix.
+- When writing exclusions, always output a top-level JSON array.
+- When writing exclusions, prefer the original issue text over paraphrased rewrites.

.gitea/ai-review/exclusions.json

@@ -0,0 +1,56 @@
+[
+  {
+    "level": "critical",
+    "role": "Maya",
+    "location": "Dockerfile 或 entrypoint.sh",
+    "suggestion": "此 Git Diff 引入了 Dockerfile 和 entrypoint.sh 的重要變更，但沒有包含任何整合測試或端到端測試來驗證 Docker 映像檔的行為。應建立一個測試套件，能夠建構此 Docker 映像檔，並在容器中執行 `entrypoint.sh`，透過設定不同的環境變數來驗證其輸出、日誌和退出碼是否符合預期。這是確保整個系統功能正確運作的關鍵。"
+  },
+  {
+    "level": "critical",
+    "role": "Maya",
+    "location": "entrypoint.sh",
+    "suggestion": "此 Git Diff 引入了多項邏輯改動，但未見任何新增或修改的測試檔案。對於核心的 `entrypoint.sh` 腳本，應引入一個專用的測試框架（例如 Bats 或 shUnit2），並建立一套全面的單元測試與整合測試，以確保所有功能按預期運作，特別是對於錯誤處理和邊界條件的驗證。"
+  },
+  {
+    "level": "warning",
+    "role": "Zara",
+    "location": "entrypoint.sh:56",
+    "suggestion": "目前的健康檢查機制中，`curl` 的最大等待時間 (`--max-time 60`) 和重試間隔 (`sleep 60`) 都固定為 60 秒。這導致每次檢查失敗後，至少需要 120 秒才能進行下一次嘗試，大幅降低了健康檢查的響應速度。建議將這些時間參數設定為可配置的環境變數 (例如 `CURL_TIMEOUT` 和 `RETRY_INTERVAL`)，以便根據實際應用場景調整。對於需要快速偵測服務狀態變化的情境，應考慮縮短這些時間。"
+  },
+  {
+    "level": "warning",
+    "role": "Rex",
+    "location": "Dockerfile:10",
+    "suggestion": "Dockerfile 中複製了 `rootCA.pem` 和 `jsc.idv.me+4.pem` 到容器中。請確保這些檔案僅包含公開的憑證資料，不包含任何私鑰或其他敏感資訊。若這些檔案包含私鑰，則會構成嚴重的安全漏洞。建議在 CI/CD 流程中增加檢查，確保這些檔案的內容符合預期。"
+  },
+  {
+    "level": "warning",
+    "role": "Leo",
+    "location": "entrypoint.sh",
+    "suggestion": "建議在檔案末尾添加一個空行。這是一個常見的 Unix 慣例，可以避免某些工具在處理檔案時產生非預期的行為。"
+  },
+  {
+    "level": "warning",
+    "role": "Aria",
+    "location": "Dockerfile:15",
+    "suggestion": "檔案末尾應包含一個空行，以符合 POSIX 規範並避免某些工具處理時產生問題。"
+  },
+  {
+    "level": "info",
+    "role": "Rex",
+    "location": "entrypoint.sh:70",
+    "suggestion": "將變數寫入 `$GITHUB_OUTPUT` 時，雖然此處 `status_code` 為數字，風險較低，但一般而言，應確保寫入的內容經過適當的清理或編碼，以防止潛在的命令注入風險。如果變數內容來自不受信任的輸入或包含特殊字元（例如換行符），可能會被 GitHub Actions 解釋為新的輸出變數或指令。"
+  },
+  {
+    "level": "info",
+    "role": "Leo",
+    "location": "Dockerfile",
+    "suggestion": "在 Dockerfile 中，部分描述性註解被移除。雖然指令本身清晰且符合 Dockerfile 簡潔的趨勢，但對於不熟悉此映像檔用途或 Dockerfile 最佳實踐的開發者來說，簡潔的註解（例如說明為何複製特定憑證或更新 CA 證書的目的）可以提高首次閱讀時的理解性。建議考慮在關鍵步驟旁添加簡要註解，以平衡簡潔性與可讀性。"
+  },
+  {
+    "level": "info",
+    "role": "Maya",
+    "location": "Dockerfile",
+    "suggestion": "雖然 Dockerfile 本身不是應用程式程式碼，但其建置過程和最終映像檔的品質對整體系統至關重要。建議導入 Docker 映像檔建置測試工具（例如 Hadolint 進行靜態分析，或 Container Structure Test 進行運行時驗證），以確保映像檔的安全性、效率和正確性，例如檢查是否安裝了所有必要的工具，以及證書是否正確配置。"
+  }
+]

.gitea/ai-review/findings.json

@@ -0,0 +1 @@
+[]

.gitea/workflows/master.yaml

@@ -1,10 +1,11 @@
+name: CD
 on:
   push:
     branches:
     - master
 jobs:
   version:
-    name: "CD > 計算版本號"
+    name: 計算版本號
     runs-on: ubuntu
     outputs:
       version: ${{ steps.version.outputs.version }}
@@ -13,14 +14,14 @@ jobs:
       id: version
       uses: https://gitea.jsc.idv.tw/actions/calculate-version@${{ vars.ACTION_CALCULATE_VERSION }}
   release:
-    name: "CD > 發布專案"
+    name: 發布專案
     runs-on: ubuntu
     needs: version
     steps:
     - name: 發布專案
       uses: akkuman/gitea-release-action@${{ vars.ACTION_RELEASE_VERSION }}
       with:
-        tag_name: "v${{ needs.version.outputs.version }}"
+        tag_name: v${{ needs.version.outputs.version }}
     - name: 清理成品
       uses: https://gitea.jsc.idv.tw/actions/cleanup-release@${{ vars.ACTION_CLEANUP_RELEASE_VERSION }}
       with:

.gitea/workflows/review.yaml

@@ -0,0 +1,23 @@
+name: AI
+on:
+  pull_request:
+    branches-ignore:
+      - master
+    types: [opened, synchronize]
+jobs:
+  code-review:
+    name: Code Review
+    runs-on: ubuntu
+    steps:
+    - name: AI Code Review
+      uses: https://gitea.jsc.idv.tw/actions/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
+      with:
+        GITEA_TOKEN: ${{ secrets.RUNNER_TOKEN }}
+        GITEA_COMMENT_TOKEN: ${{ secrets.GITEA_TOKEN }}
+        GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }},${{ secrets.GEMINI_API_KEY_1 }},${{ secrets.GEMINI_API_KEY_2 }},${{ secrets.GEMINI_API_KEY_3 }},${{ secrets.GEMINI_API_KEY_4 }},${{ secrets.GEMINI_API_KEY_5 }},${{ secrets.GEMINI_API_KEY_6 }},${{ secrets.GEMINI_API_KEY_7 }},${{ secrets.GEMINI_API_KEY_8 }},${{ secrets.GEMINI_API_KEY_9 }},${{ secrets.GEMINI_API_KEY_10 }},${{ secrets.GEMINI_API_KEY_11 }},${{ secrets.GEMINI_API_KEY_12 }},${{ secrets.GEMINI_API_KEY_13 }},${{ secrets.GEMINI_API_KEY_14 }},${{ secrets.GEMINI_API_KEY_15 }},${{ secrets.GEMINI_API_KEY_16 }},${{ secrets.GEMINI_API_KEY_17 }},${{ secrets.GEMINI_API_KEY_18 }},${{ secrets.GEMINI_API_KEY_19 }}
+        GEMINI_BASE_URL: https://generativelanguage.googleapis.com/v1beta
+        GEMINI_MODEL: ${{ vars.GEMINI_MODEL }}
+    permissions:
+      contents: write
+      pull-requests: write
+      issues: write

.github/copilot-instructions.md

@@ -0,0 +1,14 @@
+# Triage Findings
+
+Use the triage-finding workflow for review issue lists:
+
+1. Merge findings into one list.
+2. Remove duplicates.
+3. Sort by severity: `critical` -> `warning` -> `info`.
+4. Renumber from 1.
+5. Fix real issues with the smallest safe change.
+6. Put false positives into `.gitea/ai-review/exclusions.json`, preserving the original wording, language, and semantics as much as possible.
+7. Add or update tests when behavior changes.
+8. Re-check after each fix.
+
+The full reusable skill lives in `.claude/skills/triage-findings/SKILL.md`.

.github/skills/triage-findings/SKILL.md

@@ -0,0 +1,14 @@
+# Triage Findings
+
+Use the triage-finding workflow for review issue lists:
+
+1. Merge findings into one list.
+2. Remove duplicates.
+3. Sort by severity: `critical` -> `warning` -> `info`.
+4. Renumber from 1.
+5. Fix real issues with the smallest safe change.
+6. Put false positives into `.gitea/ai-review/exclusions.json` as a top-level JSON array, preserving the original wording, language, and semantics as much as possible. Do not wrap the array in `exclusions` or `excluded_findings`.
+7. Add or update tests when behavior changes.
+8. Re-check after each fix.
+
+The reusable skill lives in `.gemini/skills/triage-findings/SKILL.md`.

CLAUDE.md

@@ -0,0 +1,16 @@
+# Triage Findings
+
+When the task is to triage review findings, follow this workflow:
+
+1. Merge all findings into one list.
+2. Remove duplicates.
+3. Sort by severity: `critical` -> `warning` -> `info`.
+4. Renumber from 1 after sorting.
+5. Fix real issues with the smallest safe change.
+6. Add false positives to `.gitea/ai-review/exclusions.json`, preserving the original wording, language, and semantics as much as possible.
+7. Add or update tests when behavior changes.
+8. Re-check the issue after each fix.
+
+Use the repo-local `triage-findings` skill for the same workflow when running in Codex.
+
+Trigger it with `/triage-findings`.

Dockerfile

@@ -1,10 +1,15 @@
-FROM alpine:latest
+FROM ubuntu:24.04
+
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends curl ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY rootCA.pem /usr/local/share/ca-certificates/rootCA.crt
+COPY jsc.idv.me+4.pem /usr/local/share/ca-certificates/jsc.idv.me+4.crt
 
-# 安裝必要的工具
-RUN apk add --no-cache --no-check-certificate bash curl coreutils
-    
 COPY entrypoint.sh /entrypoint.sh
 
+RUN update-ca-certificates
 RUN chmod +x /entrypoint.sh
 
-ENTRYPOINT ["/entrypoint.sh"]
+ENTRYPOINT ["/entrypoint.sh"]

GEMINI.md

@@ -0,0 +1,14 @@
+# Triage Findings
+
+Use the triage-finding workflow for review issue lists:
+
+1. Merge findings into one list.
+2. Remove duplicates.
+3. Sort by severity: `critical` -> `warning` -> `info`.
+4. Renumber from 1.
+5. Fix real issues with the smallest safe change.
+6. Put false positives into `.gitea/ai-review/exclusions.json`, preserving the original wording, language, and semantics as much as possible.
+7. Add or update tests when behavior changes.
+8. Re-check after each fix.
+
+The reusable skill lives in `.gemini/skills/triage-findings/SKILL.md`.

action.yaml

@@ -8,6 +8,9 @@ inputs:
   HEALTH_CODE:
     description: '健康碼'
     default: '200'
+outputs:
+  status_code:
+    description: '服務的狀態碼'
 runs:
   using: 'docker'
   image: 'Dockerfile'

entrypoint.sh

@@ -1,38 +1,80 @@
 #!/bin/bash
+set -u
 
-echo "=================================================="
+timestamp() {
+	date -u +"%Y-%m-%dT%H:%M:%SZ"
+}
 
-echo "參數檢查"
+log() {
+	printf '[%s] %s\n' "$(timestamp)" "$1"
+}
 
-echo "--------------------------------------------------"
+section() {
+	printf '\n==================================================\n'
+	printf '%s\n' "$1"
+	printf '%s\n' '--------------------------------------------------'
+}
 
-# 顯示 CHECK_URL 參數，並檢查是否為空或 "null"，如果是則輸出錯誤訊息並退出
-echo "CHECK_URL=$CHECK_URL" && ([ -z "$CHECK_URL" ] || [ "$CHECK_URL" = "null" ]) && exit 1
+fail() {
+	log "[ERROR] $1"
+	exit 1
+}
 
-# 顯示 HEALTH_CODE 參數，並檢查是否為空或 "null"，如果是則輸出錯誤訊息並退出
-echo "HEALTH_CODE=$HEALTH_CODE" && ([ -z "$HEALTH_CODE" ] || [ "$HEALTH_CODE" = "null" ]) && exit 1
+# 當 workflow 被取消時，立即結束，避免健康檢查持續重試。
+on_terminate() {
+	log "[WARN] 收到取消訊號，停止健康檢查。"
+	exit 130
+}
 
-echo "=================================================="
+trap on_terminate TERM INT
 
-echo "取得狀態碼"
+HEALTH_CODE="${HEALTH_CODE:-200}"
 
-echo "--------------------------------------------------"
+section "參數檢查"
+if [ -z "${CHECK_URL:-}" ] || [ "$CHECK_URL" = "null" ]; then
+	fail "CHECK_URL 不可為空。"
+fi
+
+if [ -z "$HEALTH_CODE" ] || [ "$HEALTH_CODE" = "null" ]; then
+	fail "HEALTH_CODE 不可為空。"
+fi
+
+case "$CHECK_URL" in
+	http://*|https://*) ;;
+	*)
+		fail "CHECK_URL 只允許 http:// 或 https://。"
+		;;
+esac
+
+log "[INFO] CHECK_URL=$CHECK_URL"
+log "[INFO] HEALTH_CODE=$HEALTH_CODE"
+
+section "取得狀態碼"
+log "[INFO] 開始檢查：$CHECK_URL"
 
-# 使用無窮迴圈持續嘗試，直到成功取得有效狀態碼
 while true; do
-    # 使用 curl 取得狀態碼，並將結果輸出到環境變數 STATUS_CODE
-	STATUS_CODE=$(curl -s -o /dev/null -w "%{http_code}" "$CHECK_URL") && echo "STATUS_CODE=$STATUS_CODE"
+	printf '[%s] [INFO] GET %s ... ' "$(timestamp)" "$CHECK_URL"
 
-	# curl 無法連線時常見為 000，持續重試
-	if [ "$STATUS_CODE" != "000" ]; then
+	status_code="$(curl -sS --proto '=http,https' --proto-redir '=http,https' --max-time 60 --url "$CHECK_URL" -o /dev/null -w '%{http_code}' || true)"
+	if [ -z "$status_code" ]; then
+		status_code="000"
+	fi
+
+	printf '%s\n' "$status_code"
+
+	if [ "$status_code" = "$HEALTH_CODE" ]; then
+		log "[OK] 狀態碼符合預期：$status_code"
 		break
 	fi
 
-    # 休息 60 秒後重試
+	log "[WARN] 目前狀態碼 $status_code，預期 $HEALTH_CODE，60 秒後重試。"
 	sleep 60
 done
 
-# 將狀態碼輸出到環境變數
-echo "status_code=$STATUS_CODE" >> "$GITHUB_OUTPUT"
-
-echo "=================================================="
+section "完成"
+log "[INFO] 輸出 status_code=$status_code"
+if [ -n "${GITHUB_OUTPUT:-}" ]; then
+	echo "status_code=$status_code" >> "$GITHUB_OUTPUT"
+else
+	log "[WARN] GITHUB_OUTPUT 未設定，略過寫入輸出檔。"
+fi

jsc.idv.me+4.pem

@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEdzCCAt+gAwIBAgIQWiFE9btAuOMh5NCtqdOF8zANBgkqhkiG9w0BAQsFADCB
+gzEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSwwKgYDVQQLDCNzaHVv
+Y2hlbkB2bS1kb2NrZXIgKFNIVU8tQ0hFTiBKSUFOKTEzMDEGA1UEAwwqbWtjZXJ0
+IHNodW9jaGVuQHZtLWRvY2tlciAoU0hVTy1DSEVOIEpJQU4pMB4XDTI1MDQyNTA5
+MTcyMFoXDTI3MDcyNTA5MTcyMFowVzEnMCUGA1UEChMebWtjZXJ0IGRldmVsb3Bt
+ZW50IGNlcnRpZmljYXRlMSwwKgYDVQQLDCNzaHVvY2hlbkB2bS1kb2NrZXIgKFNI
+VU8tQ0hFTiBKSUFOKTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANa+
+STqRYlaMjhvjxBFbseGGudxXCef0+vPTmrBVLiUKjjVDkjDYvIOkSJioZL5qIpRY
+hy2vMFrAi/ZlugBZW3POjPWMyYJNjc2uZDDdYSRQPv/weVXeGE1e/uT5yxPysep6
+lL6b+oJjCHVF93HCFUgbTeTNvi6DBkhdOgJv13482ddEITtmB3PQMsVdHCYOAYvY
+RpMKebU+Q4hf9jwbF8Rugt1287fhcuEs82XDih1a8/90Gwsjh8ag7iHWMB2BTZjX
+hluZ2O0Yy00y4JeXRInV2YhzYVEU9QRx+Umbhzikq5eMrxwU2AZ2jaQTtiGb2itr
+29LSWU3uUdBT4KlG5ZMCAwEAAaOBkTCBjjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0l
+BAwwCgYIKwYBBQUHAwEwHwYDVR0jBBgwFoAUAij2DW/P4hUAsOzil/bOvAcSJfQw
+RgYDVR0RBD8wPYIKanNjLmlkdi5tZYIMKi5qc2MuaWR2Lm1lgglsb2NhbGhvc3SH
+BH8AAAGHEAAAAAAAAAAAAAAAAAAAAAEwDQYJKoZIhvcNAQELBQADggGBADylkrW0
+Tx5U8UMh2AvH6wZwX4w5Qm2IVu2CKyR9g7CJmgmCMziR2a/XmTEqOfDjVyBGMwR+
+A0inhzivKII11HM/jlDhteBl+sho93f0lPfWRBgCaO8UXBkH/gudpSjZ6NEI5W1j
+J4cnhV5aPWboSWlwrRYxDYETCeLluu6njDlcsERbF5OcLXopOEeCVeQwaHN3nu3O
+0DLSr78Ztio+PZGlpznmrOtWRm9lgoKe9ugYdJOY+NtNcSpsaoXqZVgqf4UCCyu6
++p8x8Kc8yj24lwSdEbiUYiI8fKk5kGrmBT0IShwR5Jds2B32dspeS92YfmIQHr+h
+qRHXeCts7bmX4z4GqeT6dbBFwFKIBhWXl1M53GQvZpYWAiOjXkMt+FkbQL8zofnp
+gLkpVqUZ6uBb/NZc7x7vtipzIswrJGjxqzpiqlfHTcn+3rwbD43NpNpNsI/Kqd81
+M3AuIAj00Nv7+EBH66SjN/YQSauYSdZJrFndMMPxAvPKfkhyee0ewLkWFw==
+-----END CERTIFICATE-----

rootCA.pem

@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIE1zCCAz+gAwIBAgIQa4BGxgsUBBsGn5Lx+ryQmDANBgkqhkiG9w0BAQsFADCB
+gzEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSwwKgYDVQQLDCNzaHVv
+Y2hlbkB2bS1kb2NrZXIgKFNIVU8tQ0hFTiBKSUFOKTEzMDEGA1UEAwwqbWtjZXJ0
+IHNodW9jaGVuQHZtLWRvY2tlciAoU0hVTy1DSEVOIEpJQU4pMB4XDTI1MDQyNTA5
+MTY0OFoXDTM1MDQyNTA5MTY0OFowgYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9w
+bWVudCBDQTEsMCoGA1UECwwjc2h1b2NoZW5Adm0tZG9ja2VyIChTSFVPLUNIRU4g
+SklBTikxMzAxBgNVBAMMKm1rY2VydCBzaHVvY2hlbkB2bS1kb2NrZXIgKFNIVU8t
+Q0hFTiBKSUFOKTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAL0gzICC
+R2s7us7tpzFRSyG7HGrqu25fjd49/aESzYMk9ztCj5Zm5uIT3O7xqfj2y2UsQcuw
+xL0FzsECQUeQx7PQwWOMnZfyYFrlkBFbDZa9nVHltsC8t/C1IP0oOH1d+iKKkxRy
+7ynFp5HlhLueECd8wPTjHRo8idTNyKnNpzsL6rkPjx90cuBlLMna1fBzIN8BPpVK
+4x3dNktRiDUU/uIZLtvb6w41+mD6gIFalds1P4kG/nYC8GWSe6ZCp2vqJVIGr7/q
+wx38q6owzwPect7+ENEES2QcnHK/PcR/5uCOqrX1ZhVEtduV8n7EPMD6Onp8c9H/
+JxMoV9TT4UERbbXYxKMp0vGxR5q0a29yajKN0ub0Qq/LI+uISFgnYfbqxMWr0i7t
+tWswUMmvxQ4gOXtgnffzHOrLucr+k0jkx6dU6Yn/TAokF1YsMoyi9LgEfkz3XRwk
+26Eaf7+3mFJdBneHetld4D0pO8bwUuqi4zhYTqei7FeKiMPeYNLwaR9FHwIDAQAB
+o0UwQzAOBgNVHQ8BAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E
+FgQUAij2DW/P4hUAsOzil/bOvAcSJfQwDQYJKoZIhvcNAQELBQADggGBAJb9jRZi
+uiYmeeMZK/4P2AM+nvBEAuQMtPPizkt+l9i4A4HB/xFAwbPyF5rtK39SRyvRaEyp
+IuJ3y6wGEhB3jauhU2NtY8Q9YiYlwOHTFPkTIGW4XdcRLB/7CVGEZrhEDAthIPxn
+KSIircf5rTz2+SjtlIfFamSyyPmf+qpydOZ4PEKTPQyiwdKf8gy1Dyr3Ci7cU5Ze
+Pgt0dlK2h7UrLcr60PHM5PbewEl2Llg0WCtApikd0rwL+CseEiyNkIgdGW/4HADo
+S7fnmu4D7Tm7aSgmCF+8dGQIYhGlYXcDhDvJyoP1eZulVUYvLIGXoSiBUkqvLm8S
+INlsFNxl4RZyChDSLunVhl7oDfFEJ2YNGGwK9qnkxCHSnz7SIi/VE7zAc4UunSn6
+bwSF9tA77Nh96zAE06UNGx78369hrOn16oAKBBeFKoWnmLhFIBoKgSY2l6fDjyGm
+yHdDhcU60u7sD4vme3KBgraGk6wQMYVK9rOCfx8fqM7Z2mbp1MQa/ps1og==
+-----END CERTIFICATE-----