cpusoft · September 15, 2020 04:33
diff --git a/golang x509 验证子证书 b/golang x509 验证子证书
 https://play.golang.org/p/1BNLthzu5Tz
 https://stackoverflow.com/questions/59383823/how-to-verify-a-certificate-against-an-issuing-chain-in-go

 package main

 import (
 	"crypto/x509"
 	"encoding/pem"
 	"log"
 	"time"
 )

 func main() {
 	block, _ := pem.Decode(leaf)
 	if block == nil {
 		log.Fatal("Cannot decode leaf")
 	}

 	leafCert, err := x509.ParseCertificate(block.Bytes)
 	if err != nil {
 		log.Fatal("Cannot parse leaf:", err)
 	}

 	interPool := x509.NewCertPool()
 	if !interPool.AppendCertsFromPEM(inter1) {
 		log.Fatal("Cannot append inter1")
 	}
 	if !interPool.AppendCertsFromPEM(inter2) {
 		log.Fatal("Cannot append inter2")
 	}

 	rootPool := x509.NewCertPool()
 	if !rootPool.AppendCertsFromPEM(root) {
 		log.Fatal("Cannot append root")
 	}

 	chains, err := leafCert.Verify(x509.VerifyOptions{
 		Intermediates: interPool,
 		Roots:         rootPool,
 		KeyUsages:     []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},

 		// WARNING: Necessary on Playground. Remove in productive code!
 		CurrentTime: time.Date(2019, 12, 18, 0, 0, 0, 0, time.UTC),
 	})
 	if err != nil {
 		log.Fatal("Verify:", err)
 	}

 	log.Println(len(chains))
 }

 var leaf = []byte(`
 -----BEGIN CERTIFICATE-----
 MIIEvzCCA6egAwIBAgIUJN/WE3Hk2tAQ6NdpylQpzl+p2PQwDQYJKoZIhvcNAQEL
 BQAwSjELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21pdGgsIEluYy4xIDAe
 BgNVBAMTF0ZsZWV0c21pdGggSXNzdWluZyBDQSAxMB4XDTE5MDkwMzE4NTEwMFoX
 DTI0MDkwMTE4NTEwMFowcjELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21p
 dGgsIEluYy4xGTAXBgNVBAsTEHVrZ294dnU0dGMzZW1zNXAxLTArBgNVBAMTJDMw
 MDdlNzUwLWU3NjktNDQwYi05MDc1LTQxZGMyYjViMTc4NzCCAiIwDQYJKoZIhvcN
 AQEBBQADggIPADCCAgoCggIBAOW4/sK8lPA4c/VgE7pMBkxcBD8bvLPZaqlrHxYz
 8Q0UxHt4/osUNQTmOMeQkJo5hQyI0Y7Luvtp4OR6hU3IC2qkrwo6qUyu2xBhZVXX
 e9UAuDjsR6KQVGvVH/v9ferJuisvEl9G+/Mh8P0hQ1Q10x7iuaQLuY8lcpr++sDK
 a6tC183NqWH+NZR4UeOJq57ne0PmTxc3hOAgWZX8HZURB+IK3JewaHBLrjoNV+2h
 9u7LbXwXVRPU6YT5M/WyFq88YZ9oQdaNLzMbRiI6yxL36bCMumJG6I8DWYDj0Tca
 +sokW70eoAJbnGRPfH8eJzVTv/19lDtpZy1QjD4xFuKCVJyzHfsDWIfMVeqeLrpA
 Djb3YWRlMg51YZDRWZwdnDsg4QbDxqA4CH/JMK9/7CEFMH1rg6tJ1dXzpZJm/x9M
 4ZrTP/PQSIlLwLXPdMsX80l5g7PDPaPabdWcMi/iIlbllhdhjCuAkGwSAG/mmhWh
 x4r6r1VbnF017XASNDjfCMGpQNOWB01CreVsxBLNPdi04dlk5gijb4qBDmoTOu5J
 AAhORyHuRHN5BrKYmg5BD3SjTa+/WxdB0a+watHYynkSW/5uc1hulYTDr1uK3CSH
 Osa8r2TwYOMYR2tvzjcG/rXK8sTNfamjQbBAnPrC9nK02Hw85BMFBqd3UtdeNkEA
 Cpa1AgMBAAGjdTBzMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD
 AjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRGNrny9ZloTqCW4P4uOQ+6NJV3jTAf
 BgNVHSMEGDAWgBShyPmlTZv0tPOe0Sm6gDaz5KxPATANBgkqhkiG9w0BAQsFAAOC
 AQEADmA6wIuyCjtJ5o93tycidD63lRdxK62SSso5ilbtbRfyYfm7z8zxh3fRdkey
 AMvkHe6P3ytJ9ZnGmp1g7wqTRO7qt4lyyqryeGkgXReaJBdWVow+bncmhutEjP91
 KHQPo9y7MAZ38sgKO1AgH1KCPcMkDX/Wk6t+m8lw4+nVCbajdo5XLTboyyrSaIzr
 JPbYIpEP2yqcJwzCjYVUUXoAfs2Ccgtj89nrlODq5cyUdEq4oe0ugrHDdI+5V+F+
 hif61y0kJPiWj1IC6qS+rb4lmTM85ZTYkPuH++EXOje9SaGIM69L5g461GuB6K4A
 TyF2XS4a4JLQAz1FM6sYLkJvKw==
 -----END CERTIFICATE-----
 `)

 var inter1 = []byte(`
 -----BEGIN CERTIFICATE-----
 MIIDjTCCAnWgAwIBAgIUVxI93nd8iCjE3etGEVykEASw3YswDQYJKoZIhvcNAQEL
 BQAwTzELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21pdGgsIEluYy4xJTAj
 BgNVBAMTHEZsZWV0c21pdGggSW50ZXJtZWRpYXRlIENBIDEwHhcNMTYxMTAyMTEz
 MzAwWhcNMjExMTAxMTEzMzAwWjBKMQswCQYDVQQGEwJVUzEZMBcGA1UEChMQRmxl
 ZXRzbWl0aCwgSW5jLjEgMB4GA1UEAxMXRmxlZXRzbWl0aCBJc3N1aW5nIENBIDEw
 ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd1zSGt+bQq9nMYR6nPmkT
 YImZ9O7GRBW0qea6sHCTs3+64gksRwZlVcXCIPGJID1L/i+FvLvQfkmoIeSRfRr2
 2y9jPa2oFSNM67h6zUU72Kn2/IVlRk/BCsup7UM6ahxTxPOpNNdAnH0bBVMnjUYu
 DvEdth2POFu48kkLLjxmdUtU9g+BAdv7cVUIVSh8SgDfHGpHpFFjDPtfZMwkjdme
 78u4tnF/KIbYLUYu5qMGBOwCSYTSQQjpw7UYnGE0OCzWZZaHNN4OXDHA8w4aD0Ki
 iIjZ+SFGdG5i2M2w+/JwgYXVR9/tofNBsAjGy5OQn4e58JeDw3yv+u9NelXcPKx5
 AgMBAAGjZjBkMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
 A1UdDgQWBBShyPmlTZv0tPOe0Sm6gDaz5KxPATAfBgNVHSMEGDAWgBS9a+jlEgq0
 YhuAsuLlOVugKGaXMzANBgkqhkiG9w0BAQsFAAOCAQEAOUc8aa4pVeXOhgKglhrA
 7gWnh6NkvSxl1ud3BU2aLbsytkt13dlCkaf4XQJj4SgEFwS62ASrgNORDG845MdI
 lHr6PZVO6JDzhXCYiKQZ++53KVXNOEcrCEH5eME2oBnNxkc5Ta2MKFWJTDUw/7Qy
 5U0bGeeYLgg4dHY3JC2dUplsKC9dk5M1RNMOfhgGCa4qCN9snhKtd5A3/a4GxNMO
 hbmU6bWwQxSyNbhRB0prI6jhUgi5dsEii3Gvb6aanC6S0AlchcAaVhlScyg9afSP
 TDlUaHBytfWvEhXYIpFIZDyfM9PiH2+zgyE9lt5IPwT+UPmF/wpDiq/wqKvBqtY/
 Eg==
 -----END CERTIFICATE-----
 `)

 var inter2 = []byte(`
 -----BEGIN CERTIFICATE-----
 MIIDijCCAnKgAwIBAgIUE9W4aUwxqAI3FLJx1Qz9Fg7FvdIwDQYJKoZIhvcNAQEL
 BQAwRzELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21pdGgsIEluYy4xHTAb
 BgNVBAMTFEZsZWV0c21pdGggUm9vdCBDQSAxMB4XDTE2MTEwMjExMzMwMFoXDTI2
 MTAzMTExMzMwMFowTzELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21pdGgs
 IEluYy4xJTAjBgNVBAMTHEZsZWV0c21pdGggSW50ZXJtZWRpYXRlIENBIDEwggEi
 MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrhP5GewicATqom0dxKrUYfpS6
 C9EwYUA2O7kyeUvcNuk9IDBeV+9sev+xomIOuDBPEABgpwQ/Z8Rr7YD41h40wLFn
 o+O4TBI7I+xISXxefQj1JcaG4JtU8EdSDhoF20yS/PmxMdeo0sQ38YcpyiDr+HCJ
 sHi2uIkq7KtlQhZMvSri2xvfRzMZMbjULK7fQahEGokgOJPj6qVDKKWS2lLmae2q
 d+wlnTWgNWfXfuAz0nLOUoEVdQclFCDdHQmWh/zQ1hoK0YQAZIQveNr09Qo9We5f
 HtCWw8Qj02dS3Vg5UTbzAMqId3hqicDnM7FT1+/qIGpgHmY2Kmua+6Z4/xNzAgMB
 AAGjZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMB0GA1Ud
 DgQWBBS9a+jlEgq0YhuAsuLlOVugKGaXMzAfBgNVHSMEGDAWgBR67t7Ph7ojYQjm
 t693apEsx33mSTANBgkqhkiG9w0BAQsFAAOCAQEATRpl3FCqJP/SgRUiB5BuKu8F
 d6SnPAaFEmuriOyOYSbSL4wy2lHc8s9F5QUj3H8ikKIduGGyJi6+OMXJ1C0Ce559
 pfpQNBCM4n8/euSfLqSo7sGqfFdPYskw0ePO9V3CLeikqU8dvfniY83xj38QLZ5h
 anq1kcT0qTuuA3UH/0Q5qYclZL/+TpTdLkiUiwNrfYNYQuGwiTAJsE7kpNSVpcYO
 zRFF70e+ZNSDiHM/Xe/apwo+C+DWp/pzqFPxyW7NTqIPdno2excbg/rwaJSLo0Ng
 CvSxGsBOt1gpd0HrBqp+xmJ+klOJbKb/fzW0Q4LB2qRwCs7ltaSMuHh5TH9sVQ==
 -----END CERTIFICATE-----
 `)

 var root = []byte(`
 -----BEGIN CERTIFICATE-----
 MIIDXjCCAkagAwIBAgIUAfESodHjgRMnmQz84hDi/7zyknwwDQYJKoZIhvcNAQEL
 BQAwRzELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21pdGgsIEluYy4xHTAb
 BgNVBAMTFEZsZWV0c21pdGggUm9vdCBDQSAxMB4XDTE2MTEwMjExMzMwMFoXDTI2
 MTAzMTExMzMwMFowRzELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21pdGgs
 IEluYy4xHTAbBgNVBAMTFEZsZWV0c21pdGggUm9vdCBDQSAxMIIBIjANBgkqhkiG
 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiKuYl9JwUmzqiMuDcArJK8rJSkf/1L8Er6o
 2l9Gh8CKOvKg8loepbZWJngFbiSlaKialbWD6cP1oQOYWClauXIFaSjDBgHIIwPE
 ca1tMZoUaxvTW3XERSkxiSMP3GKXmgV6wYonKB6h+C+xswR1g9mIRoahdqK55Q5I
 9hAlvmRusz6q9Ry2woilrBTtWBgeZjw9nRk8P9ERDARmxKyzbpw2kxideWB/nB3F
 47KEEdv5923QkaHFAxaJkpo9bbFrNAwArN40Dk+N+BzlNUY3CQiPdqYC5sqmBLOk
 2Cqr9BtbLtqXF9dyhRyAVNg9POh6OR7axL5uf+UJY6j3G2QkfwIDAQABo0IwQDAO
 BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUeu7ez4e6
 I2EI5revd2qRLMd95kkwDQYJKoZIhvcNAQELBQADggEBAIQmXtSIwn2AgURa+L5g
 Y9H0CThxRkxpabBPn7rUAZo/BggXf6SKFIg8JZwiHMLBvhEn0WxlOhrEq8MtPVBg
 nOv5kUWelT087uaGmH2o6Pfd5vK0aHAPKRzD46GLpvNRlM7amiYrwWuA8Fve0q5J
 Uo03hUFSZvFoXO13II5zOTrutVCO+CNpO9uirfLZRWJkSatW83Ic+92xHwI/GkkB
 8sp7SW9wvGu3jAJYqNu3oWV6aqSCD+Oic6Dxbi7P/qSh7XZnZZXILAO+rpRBfUZg
 iYvzyQJ+TnLfZBejhdIcCR+4PlwsbMHkoDjwLnV/XmYG/yvIe4XWpAgciMM5Lgk1
 wBo=
 -----END CERTIFICATE-----
 `)
	https://play.golang.org/p/1BNLthzu5Tz
	https://stackoverflow.com/questions/59383823/how-to-verify-a-certificate-against-an-issuing-chain-in-go

	package main

	import (
	"crypto/x509"
	"encoding/pem"
	"log"
	"time"
	)

	func main() {
	block, _ := pem.Decode(leaf)
	if block == nil {
	log.Fatal("Cannot decode leaf")
	}

	leafCert, err := x509.ParseCertificate(block.Bytes)
	if err != nil {
	log.Fatal("Cannot parse leaf:", err)
	}

	interPool := x509.NewCertPool()
	if !interPool.AppendCertsFromPEM(inter1) {
	log.Fatal("Cannot append inter1")
	}
	if !interPool.AppendCertsFromPEM(inter2) {
	log.Fatal("Cannot append inter2")
	}

	rootPool := x509.NewCertPool()
	if !rootPool.AppendCertsFromPEM(root) {
	log.Fatal("Cannot append root")
	}

	chains, err := leafCert.Verify(x509.VerifyOptions{
	Intermediates: interPool,
	Roots: rootPool,
	KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},

	// WARNING: Necessary on Playground. Remove in productive code!
	CurrentTime: time.Date(2019, 12, 18, 0, 0, 0, 0, time.UTC),
	})
	if err != nil {
	log.Fatal("Verify:", err)
	}

	log.Println(len(chains))
	}

	var leaf = []byte(`
	-----BEGIN CERTIFICATE-----
	MIIEvzCCA6egAwIBAgIUJN/WE3Hk2tAQ6NdpylQpzl+p2PQwDQYJKoZIhvcNAQEL
	BQAwSjELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21pdGgsIEluYy4xIDAe
	BgNVBAMTF0ZsZWV0c21pdGggSXNzdWluZyBDQSAxMB4XDTE5MDkwMzE4NTEwMFoX
	DTI0MDkwMTE4NTEwMFowcjELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21p
	dGgsIEluYy4xGTAXBgNVBAsTEHVrZ294dnU0dGMzZW1zNXAxLTArBgNVBAMTJDMw
	MDdlNzUwLWU3NjktNDQwYi05MDc1LTQxZGMyYjViMTc4NzCCAiIwDQYJKoZIhvcN
	AQEBBQADggIPADCCAgoCggIBAOW4/sK8lPA4c/VgE7pMBkxcBD8bvLPZaqlrHxYz
	8Q0UxHt4/osUNQTmOMeQkJo5hQyI0Y7Luvtp4OR6hU3IC2qkrwo6qUyu2xBhZVXX
	e9UAuDjsR6KQVGvVH/v9ferJuisvEl9G+/Mh8P0hQ1Q10x7iuaQLuY8lcpr++sDK
	a6tC183NqWH+NZR4UeOJq57ne0PmTxc3hOAgWZX8HZURB+IK3JewaHBLrjoNV+2h
	9u7LbXwXVRPU6YT5M/WyFq88YZ9oQdaNLzMbRiI6yxL36bCMumJG6I8DWYDj0Tca
	+sokW70eoAJbnGRPfH8eJzVTv/19lDtpZy1QjD4xFuKCVJyzHfsDWIfMVeqeLrpA
	Djb3YWRlMg51YZDRWZwdnDsg4QbDxqA4CH/JMK9/7CEFMH1rg6tJ1dXzpZJm/x9M
	4ZrTP/PQSIlLwLXPdMsX80l5g7PDPaPabdWcMi/iIlbllhdhjCuAkGwSAG/mmhWh
	x4r6r1VbnF017XASNDjfCMGpQNOWB01CreVsxBLNPdi04dlk5gijb4qBDmoTOu5J
	AAhORyHuRHN5BrKYmg5BD3SjTa+/WxdB0a+watHYynkSW/5uc1hulYTDr1uK3CSH
	Osa8r2TwYOMYR2tvzjcG/rXK8sTNfamjQbBAnPrC9nK02Hw85BMFBqd3UtdeNkEA
	Cpa1AgMBAAGjdTBzMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD
	AjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRGNrny9ZloTqCW4P4uOQ+6NJV3jTAf
	BgNVHSMEGDAWgBShyPmlTZv0tPOe0Sm6gDaz5KxPATANBgkqhkiG9w0BAQsFAAOC
	AQEADmA6wIuyCjtJ5o93tycidD63lRdxK62SSso5ilbtbRfyYfm7z8zxh3fRdkey
	AMvkHe6P3ytJ9ZnGmp1g7wqTRO7qt4lyyqryeGkgXReaJBdWVow+bncmhutEjP91
	KHQPo9y7MAZ38sgKO1AgH1KCPcMkDX/Wk6t+m8lw4+nVCbajdo5XLTboyyrSaIzr
	JPbYIpEP2yqcJwzCjYVUUXoAfs2Ccgtj89nrlODq5cyUdEq4oe0ugrHDdI+5V+F+
	hif61y0kJPiWj1IC6qS+rb4lmTM85ZTYkPuH++EXOje9SaGIM69L5g461GuB6K4A
	TyF2XS4a4JLQAz1FM6sYLkJvKw==
	-----END CERTIFICATE-----
	`)

	var inter1 = []byte(`
	-----BEGIN CERTIFICATE-----
	MIIDjTCCAnWgAwIBAgIUVxI93nd8iCjE3etGEVykEASw3YswDQYJKoZIhvcNAQEL
	BQAwTzELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21pdGgsIEluYy4xJTAj
	BgNVBAMTHEZsZWV0c21pdGggSW50ZXJtZWRpYXRlIENBIDEwHhcNMTYxMTAyMTEz
	MzAwWhcNMjExMTAxMTEzMzAwWjBKMQswCQYDVQQGEwJVUzEZMBcGA1UEChMQRmxl
	ZXRzbWl0aCwgSW5jLjEgMB4GA1UEAxMXRmxlZXRzbWl0aCBJc3N1aW5nIENBIDEw
	ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd1zSGt+bQq9nMYR6nPmkT
	YImZ9O7GRBW0qea6sHCTs3+64gksRwZlVcXCIPGJID1L/i+FvLvQfkmoIeSRfRr2
	2y9jPa2oFSNM67h6zUU72Kn2/IVlRk/BCsup7UM6ahxTxPOpNNdAnH0bBVMnjUYu
	DvEdth2POFu48kkLLjxmdUtU9g+BAdv7cVUIVSh8SgDfHGpHpFFjDPtfZMwkjdme
	78u4tnF/KIbYLUYu5qMGBOwCSYTSQQjpw7UYnGE0OCzWZZaHNN4OXDHA8w4aD0Ki
	iIjZ+SFGdG5i2M2w+/JwgYXVR9/tofNBsAjGy5OQn4e58JeDw3yv+u9NelXcPKx5
	AgMBAAGjZjBkMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
	A1UdDgQWBBShyPmlTZv0tPOe0Sm6gDaz5KxPATAfBgNVHSMEGDAWgBS9a+jlEgq0
	YhuAsuLlOVugKGaXMzANBgkqhkiG9w0BAQsFAAOCAQEAOUc8aa4pVeXOhgKglhrA
	7gWnh6NkvSxl1ud3BU2aLbsytkt13dlCkaf4XQJj4SgEFwS62ASrgNORDG845MdI
	lHr6PZVO6JDzhXCYiKQZ++53KVXNOEcrCEH5eME2oBnNxkc5Ta2MKFWJTDUw/7Qy
	5U0bGeeYLgg4dHY3JC2dUplsKC9dk5M1RNMOfhgGCa4qCN9snhKtd5A3/a4GxNMO
	hbmU6bWwQxSyNbhRB0prI6jhUgi5dsEii3Gvb6aanC6S0AlchcAaVhlScyg9afSP
	TDlUaHBytfWvEhXYIpFIZDyfM9PiH2+zgyE9lt5IPwT+UPmF/wpDiq/wqKvBqtY/
	Eg==
	-----END CERTIFICATE-----
	`)

	var inter2 = []byte(`
	-----BEGIN CERTIFICATE-----
	MIIDijCCAnKgAwIBAgIUE9W4aUwxqAI3FLJx1Qz9Fg7FvdIwDQYJKoZIhvcNAQEL
	BQAwRzELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21pdGgsIEluYy4xHTAb
	BgNVBAMTFEZsZWV0c21pdGggUm9vdCBDQSAxMB4XDTE2MTEwMjExMzMwMFoXDTI2
	MTAzMTExMzMwMFowTzELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21pdGgs
	IEluYy4xJTAjBgNVBAMTHEZsZWV0c21pdGggSW50ZXJtZWRpYXRlIENBIDEwggEi
	MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrhP5GewicATqom0dxKrUYfpS6
	C9EwYUA2O7kyeUvcNuk9IDBeV+9sev+xomIOuDBPEABgpwQ/Z8Rr7YD41h40wLFn
	o+O4TBI7I+xISXxefQj1JcaG4JtU8EdSDhoF20yS/PmxMdeo0sQ38YcpyiDr+HCJ
	sHi2uIkq7KtlQhZMvSri2xvfRzMZMbjULK7fQahEGokgOJPj6qVDKKWS2lLmae2q
	d+wlnTWgNWfXfuAz0nLOUoEVdQclFCDdHQmWh/zQ1hoK0YQAZIQveNr09Qo9We5f
	HtCWw8Qj02dS3Vg5UTbzAMqId3hqicDnM7FT1+/qIGpgHmY2Kmua+6Z4/xNzAgMB
	AAGjZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMB0GA1Ud
	DgQWBBS9a+jlEgq0YhuAsuLlOVugKGaXMzAfBgNVHSMEGDAWgBR67t7Ph7ojYQjm
	t693apEsx33mSTANBgkqhkiG9w0BAQsFAAOCAQEATRpl3FCqJP/SgRUiB5BuKu8F
	d6SnPAaFEmuriOyOYSbSL4wy2lHc8s9F5QUj3H8ikKIduGGyJi6+OMXJ1C0Ce559
	pfpQNBCM4n8/euSfLqSo7sGqfFdPYskw0ePO9V3CLeikqU8dvfniY83xj38QLZ5h
	anq1kcT0qTuuA3UH/0Q5qYclZL/+TpTdLkiUiwNrfYNYQuGwiTAJsE7kpNSVpcYO
	zRFF70e+ZNSDiHM/Xe/apwo+C+DWp/pzqFPxyW7NTqIPdno2excbg/rwaJSLo0Ng
	CvSxGsBOt1gpd0HrBqp+xmJ+klOJbKb/fzW0Q4LB2qRwCs7ltaSMuHh5TH9sVQ==
	-----END CERTIFICATE-----
	`)

	var root = []byte(`
	-----BEGIN CERTIFICATE-----
	MIIDXjCCAkagAwIBAgIUAfESodHjgRMnmQz84hDi/7zyknwwDQYJKoZIhvcNAQEL
	BQAwRzELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21pdGgsIEluYy4xHTAb
	BgNVBAMTFEZsZWV0c21pdGggUm9vdCBDQSAxMB4XDTE2MTEwMjExMzMwMFoXDTI2
	MTAzMTExMzMwMFowRzELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEEZsZWV0c21pdGgs
	IEluYy4xHTAbBgNVBAMTFEZsZWV0c21pdGggUm9vdCBDQSAxMIIBIjANBgkqhkiG
	9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiKuYl9JwUmzqiMuDcArJK8rJSkf/1L8Er6o
	2l9Gh8CKOvKg8loepbZWJngFbiSlaKialbWD6cP1oQOYWClauXIFaSjDBgHIIwPE
	ca1tMZoUaxvTW3XERSkxiSMP3GKXmgV6wYonKB6h+C+xswR1g9mIRoahdqK55Q5I
	9hAlvmRusz6q9Ry2woilrBTtWBgeZjw9nRk8P9ERDARmxKyzbpw2kxideWB/nB3F
	47KEEdv5923QkaHFAxaJkpo9bbFrNAwArN40Dk+N+BzlNUY3CQiPdqYC5sqmBLOk
	2Cqr9BtbLtqXF9dyhRyAVNg9POh6OR7axL5uf+UJY6j3G2QkfwIDAQABo0IwQDAO
	BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUeu7ez4e6
	I2EI5revd2qRLMd95kkwDQYJKoZIhvcNAQELBQADggEBAIQmXtSIwn2AgURa+L5g
	Y9H0CThxRkxpabBPn7rUAZo/BggXf6SKFIg8JZwiHMLBvhEn0WxlOhrEq8MtPVBg
	nOv5kUWelT087uaGmH2o6Pfd5vK0aHAPKRzD46GLpvNRlM7amiYrwWuA8Fve0q5J
	Uo03hUFSZvFoXO13II5zOTrutVCO+CNpO9uirfLZRWJkSatW83Ic+92xHwI/GkkB
	8sp7SW9wvGu3jAJYqNu3oWV6aqSCD+Oic6Dxbi7P/qSh7XZnZZXILAO+rpRBfUZg
	iYvzyQJ+TnLfZBejhdIcCR+4PlwsbMHkoDjwLnV/XmYG/yvIe4XWpAgciMM5Lgk1
	wBo=
	-----END CERTIFICATE-----
	`)