How to install OpenJDK on CentOS/RHEL

OpenJDK (Open Java Development Kit) is a free and open source implementation of the Java Platform, Standard Edition (Java SE).[1] It is the result of an effort Sun Microsystems began in 2006. The implementation is licensed under the GNU General Public License (GNU GPL) with a linking exception. Were it not for the GPL linking exception, components that linked to the Java class library would be subject to the terms of the GPL license.

Currently, there is supported OpenJDK6, OpenJDK7, OpenJDK8. This article will show you how to install these.

Find out which version is available

[root@localhost Desktop]# yum search openjdk

Output

[root@localhost ~]# yum search openjdk
Loaded plugins: fastestmirror, refresh-packagekit, security
base                                                     | 3.7 kB     00:00
base/primary_db                                          | 3.6 MB     00:00
extras                                                   | 3.4 kB     00:00
extras/primary_db                                        |  29 kB     00:00
updates                                                  | 3.4 kB     00:00
updates/primary_db                                       | 2.6 MB     00:01
============================= N/S Matched: openjdk =============================
java-1.6.0-openjdk.i686 : OpenJDK Runtime Environment
java-1.6.0-openjdk-demo.i686 : OpenJDK Demos
java-1.6.0-openjdk-devel.i686 : OpenJDK Development Environment
java-1.6.0-openjdk-javadoc.i686 : OpenJDK API Documentation
java-1.6.0-openjdk-src.i686 : OpenJDK Source Bundle
java-1.7.0-openjdk.i686 : OpenJDK Runtime Environment
java-1.7.0-openjdk-demo.i686 : OpenJDK Demos
java-1.7.0-openjdk-devel.i686 : OpenJDK Development Environment
java-1.7.0-openjdk-javadoc.noarch : OpenJDK API Documentation
java-1.7.0-openjdk-src.i686 : OpenJDK Source Bundle
java-1.8.0-openjdk.i686 : OpenJDK Runtime Environment
java-1.8.0-openjdk-demo.i686 : OpenJDK Demos
java-1.8.0-openjdk-devel.i686 : OpenJDK Development Environment
java-1.8.0-openjdk-headless.i686 : OpenJDK Runtime Environment
java-1.8.0-openjdk-javadoc.noarch : OpenJDK API Documentation
java-1.8.0-openjdk-src.i686 : OpenJDK Source Bundle
icedtea-web.i686 : Additional Java components for OpenJDK - Java browser plug-in
                 : and Web Start implementation

  Name and summary matches only, use "search all" for everything.

Installing OpenJDK 6

In your terminal, type this command to install OpenJDK 6 and OpenJRE 6 respectively

[root@localhost Desktop]# yum install java-1.6.0-openjdk-devel java-1.6.0-openjdk

After installation finished, check your machine that has been installed OpenJDK6

[root@localhost Desktop]# java -version

Output

[root@localhost ~]# java -version
java version "1.6.0_35"
OpenJDK Runtime Environment (IcedTea6 1.13.7) (rhel-1.13.7.1.el6_6-i386)
OpenJDK Client VM (build 23.25-b01, mixed mode)

OpenJDK is installed in /usr/lib/jvm/java, therefore, you can set your JAVA_HOME with this path

# export JAVA_HOME=/usr/lib/jvm/java

Installing OpenJDK 7

Type this command to install OpenJDK 7 and OpenJRE 7 respectively

[root@localhost Desktop]# yum install java-1.7.0-openjdk-devel java-1.7.0-openjdk

After installation finished, check your machine that has been installed OpenJDK 7

[root@localhost Desktop]# java -version

Output

[root@localhost ~]# java -version
java version "1.7.0_79"
OpenJDK Runtime Environment (rhel-2.5.5.1.el6_6-i386 u79-b14)
OpenJDK Client VM (build 24.79-b02, mixed mode, sharing)

OpenJDK is installed in /usr/lib/jvm/java, therefore, you can set your JAVA_HOME with this path

# export JAVA_HOME=/usr/lib/jvm/java

Installing OpenJDK 8

Type this command to install OpenJDK 8 and OpenJRE 8 respectively

[root@localhost Desktop]# yum install java-1.8.0-openjdk-devel java-1.8.0-openjdk

After installation finished, check your machine that has been installed OpenJDK 8

[root@localhost Desktop]# java -version

Output

[root@localhost ~]# java -version
openjdk version "1.8.0_45"
OpenJDK Runtime Environment (build 1.8.0_45-b13)
OpenJDK Server VM (build 25.45-b02, mixed mode)

OpenJDK is installed in /usr/lib/jvm/java, therefore, you can set your JAVA_HOME with this path

# export JAVA_HOME=/usr/lib/jvm/java

Read more »

chkconfig run levels explained

A runlevel is one of the modes that a Unix -based operating system will run in. Each runlevel has a certain number of services stopped or started, giving the user control over the behavior of the machine. Conventionally, seven runlevels exist, numbered from zero to six.

After the Linux kernel has booted, the init program reads the /etc/inittab file to determine the behavior for each runlevel. Unless the user specifies another value as a kernel boot parameter, the system will attempt to enter (start) the default runlevel.

Run Level	Mode	Action
0	Halt	Shuts down system
1	Single-User Mode	Does not configure network interfaces, start daemons, or allow non-root logins
2	Multi-User Mode	Does not configure network interfaces or start daemons.
3	Multi-User Mode with Networking	Starts the system normally.
4	Undefined	Not used/User-definable
5	X11	As runlevel 3 + display manager(X)
6	Reboot	Reboots the system

Most Linux servers lack a graphical user interface and therefore start in runlevel 3. Servers with a GUI and desktop Unix systems start runlevel 5. When a server is issued a reboot command, it enters runlevel 6.

Init scripts

Init (short for initialization) is the program on Unix and Unix-like systems that spawns all other processes. It runs as a daemon and typically has PID 1.
The /etc/inittab file is used to set the default run level for the system. This is the runlevel that a system will start up on upon reboot. The applications that are started by init are located in the /etc/rc.d folder. Within this directory there is a separate folder for each run level, eg rc0.d, rc1.d, and so on.

chkconfig

The chkconfig tool is used in Red Hat based systems (like CentOS) to control what services are started at which runlevels. Running the command chkconfig –list will display a list of services whether they are enabled or disabled for each runlevel.

 # chkconfig --list
filelimits 0:off 1:off 2:on 3:on 4:on 5:on 6:off
syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off
cpanel 0:off 1:off 2:off 3:on 4:on 5:on 6:off
kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off
ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
netplugd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off
ipchains 0:off 1:off 2:on 3:on 4:on 5:on 6:off
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off
cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off
xfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off
xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
httpd 0:off 1:off 2:off 3:on 4:off 5:on 6:off

Single User mode is a mode that a multi-user system (like a Linux server) can be booted into the operating system as a superuser. Booting a system into this mode does not start networking, but can be used to make changes to any configuration files on the server. One of the most common usages for single-user mode is to change the root password for a server on which the current password is unknown.

Runlevels are an important part of the core of the Linux operating system. While not something the average administrator will work with on a daily basis, understanding runlevels gives the administrator another layer of control and flexibility over the servers they manage.

References

• http://www.liquidweb.com/kb/linux-runlevels-explained/

Read more »

Base64 encode/decode with Javascript

Javascript supports you to base64 encode and decode with sample APIs. Now, let see what it can do

function myFunction() {
    var str = "www.it-4shared.com";
    var enc = window.btoa(str);
    var dec = window.atob(enc);
}

output should be

d3d3Lml0LTRzaGFyZWQuY29t
www.it-4shared.com

NOTE: atob() method is supported in IE10 and later

Sample

Read more »

How to install Jboss 5.1.0 GA on CentOS/RHEL

What is JBoss ? JBoss Application Server (or JBoss AS) is a free software/open-source Java EE-based application server. An important distinction for this class of software is that it not only implements a server that runs on Java, but it actually implements the Java EE part of Java. Because it is Java-based, the JBoss application server operates cross-platform: usable on any operating system that supports Java. JBoss AS was developed by JBoss, now a division of Red Hat.
This article will show you how to install and configure JBoss on CentOS 6.6.

What thing to do?

1. Download and install Java Development Kit (JDK)
2. Download and config JBoss 5.1.0 GA-jdk6
3. Set JAVA_HOME and JBOSS_HOME as variables environment
4. Config JBoss run as service (can start/stop/restart)
5. Change password of JBoss Admin Console
6. Set memory parameters for JBoss using JAVA_OPTS
7. Configure JBoss to run on port 80

Download and install Java Development Kit (JDK)

It's recommended to use JDK 6 with JBoss 5.1.0 GA so to install JDK 6, please refer this post: How to install JDK 6 on CentOS

Download and config JBoss 5.1.0 GA-jdk6

You can download JBoss 5.1.0 GA at http://sourceforge.net/projects/jboss/files/JBoss/JBoss-5.1.0.GA. You should download jboss-5.1.0.GA-jdk6.zip, it's optimized for JDK6.

Create folder for JBoss

# mkdir /opt/server/

Move jboss-5.1.0.GA-jdk6.zip to newly created folder and unzip it

# mv jboss-5.1.0.GA-jdk6.zip /opt/server/
# cd /opt/server/
# unzip jboss-5.1.0.GA-jdk6.zip

Now your JBoss is located in /opt/server/jboss-5.1.0.GA, this is JBOSS_HOME which is set in next step for variables environment.

Set JAVA_HOME and JBOSS_HOME as variables environment

Add the following lines in .bashrc or .bash_profile

# vi ~/.bashrc

JAVA_HOME=/usr/java/latest
export JAVA_HOME
PATH=$JAVA_HOME/bin:$PATH
export PATH
JBOSS_HOME=/opt/server/jboss-5.1.0.GA
export JBOSS_HOME

Once finished, you have to log in current user again to verify that the JAVA_HOME and JBOSS_HOME are set correctly. This tutorial using root to config and run jboss therefore you have to log out and log in again with root account.
To verify variables set

# echo $JBOSS_HOME
# echo $JAVA_HOME

Output

/usr/java/latest
/opt/server/jboss-5.1.0.GA

Config JBoss run as service (can start/stop/restart)

JBoss 5.1.0 GA supports a script allow to run as service. Copy jboss_init_redhat.sh located in /opt/server/jboss-5.1.0.GA/bin paste it in etc/init.d and rename to jboss

# cp /opt/server/jboss-5.1.0.GA/bin/jboss_init_redhat.sh /etc/init.d/jboss

In jboss script, make the following changes:

Add lines 3,4 and 5

# description: JBoss Start Stop Restart
# processname: jboss
# chkconfig: 234 20 80

Line 21, Set the JBOSS_HOME to where we unzip JBoss:

JBOSS_HOME=${JBOSS_HOME:-"/opt/server/jboss-5.1.0.GA"}

Line 27. Set the JAVA_HOME to where we installed the JDK

JAVAPTH=${JAVAPTH:-"/usr/java/latest"}

Add line 33, which sets the JBOSS_HOST to 0.0.0.0, allowing JBoss to bind to any IP.

JBOSS_HOST="0.0.0.0"

There is complete jboss script after changed

#!/bin/sh
#
# description: JBoss Start Stop Restart
# processname: jboss
# chkconfig: 234 20 80
# $Id: jboss_init_redhat.sh 81068 2008-11-14 15:14:35Z dimitris@jboss.org $
#
# JBoss Control Script
#
# To use this script run it as root - it will switch to the specified user
#
# Here is a little (and extremely primitive) startup/shutdown script
# for RedHat systems. It assumes that JBoss lives in /usr/local/jboss,
# it's run by user 'jboss' and JDK binaries are in /usr/local/jdk/bin.
# All this can be changed in the script itself. 
#
# Either modify this script for your requirements or just ensure that
# the following variables are set correctly before calling the script.

#define where jboss is - this is the directory containing directories log, bin, conf etc
JBOSS_HOME=${JBOSS_HOME:-"/opt/server/jboss-5.1.0.GA"}

#define the user under which jboss will run, or use 'RUNASIS' to run as the current user
JBOSS_USER=${JBOSS_USER:-"root"}

#make sure java is in your path
JAVAPTH=${JAVAPTH:-"/usr/java/latest"}

#configuration to use, usually one of 'minimal', 'default', 'all'
JBOSS_CONF=${JBOSS_CONF:-"default"}

#if JBOSS_HOST specified, use -b to bind jboss services to that address
JBOSS_HOST="0.0.0.0"
JBOSS_BIND_ADDR=${JBOSS_HOST:+"-b $JBOSS_HOST"}


#define the classpath for the shutdown class
JBOSSCP=${JBOSSCP:-"$JBOSS_HOME/bin/shutdown.jar:$JBOSS_HOME/client/jnet.jar"}

#define the script to use to start jboss
JBOSSSH=${JBOSSSH:-"$JBOSS_HOME/bin/run.sh -c $JBOSS_CONF $JBOSS_BIND_ADDR"}

if [ "$JBOSS_USER" = "RUNASIS" ]; then
  SUBIT=""
else
  SUBIT="su - $JBOSS_USER -c "
fi

if [ -n "$JBOSS_CONSOLE" -a ! -d "$JBOSS_CONSOLE" ]; then
  # ensure the file exists
  touch $JBOSS_CONSOLE
  if [ ! -z "$SUBIT" ]; then
    chown $JBOSS_USER $JBOSS_CONSOLE
  fi 
fi

if [ -n "$JBOSS_CONSOLE" -a ! -f "$JBOSS_CONSOLE" ]; then
  echo "WARNING: location for saving console log invalid: $JBOSS_CONSOLE"
  echo "WARNING: ignoring it and using /dev/null"
  JBOSS_CONSOLE="/dev/null"
fi

#define what will be done with the console log
JBOSS_CONSOLE=${JBOSS_CONSOLE:-"/dev/null"}

JBOSS_CMD_START="cd $JBOSS_HOME/bin; $JBOSSSH"
JBOSS_CMD_STOP=${JBOSS_CMD_STOP:-"java -classpath $JBOSSCP org.jboss.Shutdown --shutdown"}

if [ -z "`echo $PATH | grep $JAVAPTH`" ]; then
  export PATH=$PATH:$JAVAPTH
fi

if [ ! -d "$JBOSS_HOME" ]; then
  echo JBOSS_HOME does not exist as a valid directory : $JBOSS_HOME
  exit 1
fi

echo JBOSS_CMD_START = $JBOSS_CMD_START

case "$1" in
start)
    cd $JBOSS_HOME/bin
    if [ -z "$SUBIT" ]; then
        eval $JBOSS_CMD_START >${JBOSS_CONSOLE} 2>&1 &
    else
        $SUBIT "$JBOSS_CMD_START >${JBOSS_CONSOLE} 2>&1 &" 
    fi
    ;;
stop)
    if [ -z "$SUBIT" ]; then
        $JBOSS_CMD_STOP
    else
        $SUBIT "$JBOSS_CMD_STOP"
    fi 
    ;;
restart)
    $0 stop
    $0 start
    ;;
*)
    echo "usage: $0 (start|stop|restart|help)"
esac

Now make jboss script executable

# chmod +x jboss

And make it run when every boot

# chkconfig jboss on

Check it

# chkconfig --list | grep jboss
jboss           0:off 1:off 2:on 3:on 4:on 5:on 6:off

By default, jboss script will be set at level 2345
Now you can start jboss as service

# service jboss start
JBOSS_CMD_START = cd /usr/share/jboss-5.1.0.GA/bin; /usr/share/jboss-5.1.0.GA/bin/run.sh -c default -b 0.0.0.0

Stop jboss

# service jboss stop
JBOSS_CMD_START = cd /usr/share/jboss-5.1.0.GA/bin; /usr/share/jboss-5.1.0.GA/bin/run.sh -c default -b 0.0.0.0  
Shutdown message has been posted to the server.  
Server shutdown may take a while - check logfiles for completion

Or restart

# service jboss restart

Make sure jboss has been started at http://localhost:8080 or http://yourIP:8080

Change password of JBoss Admin Console

The default user name and password for the JBoss Admin Console is admin/admin. To change the password, go to /usr/share/jboss-5.1.0.GA/server/default/conf/props and ddit the jmx-console-users.properties file as below

# A sample users.properties file for use with the UsersRolesLoginModule
admin=admin

Username is left and password is right. Change whatever you want

Set memory parameters for JBoss using JAVA_OPTS
You could set the memory parameters for JBoss using JAVA_OPTS. Edit .bashrc or .bash_profile where you set variables environment above

# Setup JBoss specific properties
JAVA_OPTS="-Dprogram.name=$PROGNAME $JAVA_OPTS"
JAVA_OPTS="$JAVA_OPTS -Xms128m -Xmx256m"

You should set this to whatever is appropriate to your server and application.

Configure JBoss to run on port 80

By default, JBoss uses port 8080, you could change this to others ports as you want.
Open file server.xml located in /opt/server/jboss-5.1.0.GA/server/default/deploy/jbossweb.sar
Find

<connector address="${jboss.bind.address}" connectiontimeout="20000" port="8080" protocol="HTTP/1.1" redirectport="8443">
</connector>

And change

<connector address="${jboss.bind.address}" connectiontimeout="20000" port="80" protocol="HTTP/1.1" redirectport="443">
</connector>

Now restart your JBoss to apply change
Another way, you don't need to change server.xml, just add the following to your IP tables

# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080

and then restart iptables service

# service iptables restart

Done.

Reference

• http://davidghedini.blogspot.com/2011/03/install-jboss-51-on-centos.html

Read more »

How to convert java.uitl.Date to XMLGregorianCalendar

The following code sample will show you how to convert Date object to XMLGregorianCalendar object. XMLGregorianCalendar is often meet when you write a client service application that invoke server's API with Date as parameter.

DateFormat df = new SimpleDateFormat("MMM dd, yyyy h:mm a");
Date effect_to = df.parse("Jun 20, 2015 9:30 AM");
GregorianCalendar c = new GregorianCalendar();
c.setTime(effect_to);
XMLGregorianCalendar date = DatatypeFactory.newInstance().newXMLGregorianCalendar(c);

Done! Hope this will help you.

Read more »

How to convert java.util.Date to java.sql.Date

java.sql.Date is usually used in communication between Java application and MySQL. Specifically, It is used when you want to store DateTime into database, the problem is you usually use java.util.Date to present DateTime in application layer. This post will show you how to convert java.util.Date to java.sql.Date for storing into database

java.util.Date utilDate = new java.util.Date();
java.sql.Date sqlDate = new java.sql.Date(utilDate.getTime());

Done!

Read more »

Create CMS Signature using Bouncy Castle

This post today will show you guys how to generate Cryptographic Message Syntax (CMS) signature. CMS is the IETF's standard for cryptographically protected messages. It can be used to digitally sign, digest, authenticate or encrypt any form of digital data. CMS is based on the syntax of PKCS#7 standard.
In this tutorial, I will use Bouncy Castle (BC) library. BC is a strong cryptographic library in Java, it has enough API to do this. The version of BC I am going to use is 1.47, you can download and use this version or higher at bouncycastle.org.

Keystore is used in this post is in PKCS#12 format

String passwordP12 = "p12KeystorePass";
String pathToP12 = "/path/to/your.p12";

OK, there is complete sample

package com.it4shared.pkcs7;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.List;

import javax.xml.bind.DatatypeConverter;

import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSTypedData;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.bouncycastle.util.Store;
import org.bouncycastle.util.encoders.Base64;

public final class PKCS7Signer {

    public PKCS7Signer() {
    }

    public KeyStore loadKeyStore(String path, String password) throws Exception {

        KeyStore keystore = KeyStore.getInstance("PKCS12");
        InputStream is = new FileInputStream(path);
        keystore.load(is, password.toCharArray());
        return keystore;
    }

    public CMSSignedDataGenerator setUpProvider(final KeyStore keystore, String pkcs12Password, String algorithm) throws Exception {
     
     Enumeration e = keystore.aliases();
     String aliasName="";
        while(e.hasMoreElements())
        {
         aliasName = e.nextElement().toString();
        }
     
     Security.addProvider(new BouncyCastleProvider());

        Certificate[] certchain = (Certificate[]) keystore.getCertificateChain(aliasName);
        
        final List certlist = new ArrayList();

        for (int i = 0, length = certchain == null ? 0 : certchain.length; i < length; i++) {
            certlist.add(certchain[i]);
        }

        Store certstore = new JcaCertStore(certlist);

        Certificate cert = keystore.getCertificate(aliasName);
        
        ContentSigner signer = new JcaContentSignerBuilder(algorithm).setProvider("BC").
                build((PrivateKey)(keystore.getKey(aliasName, pkcs12Password.toCharArray())));
        CMSSignedDataGenerator generator = new CMSSignedDataGenerator();

        generator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").
                build()).build(signer, (X509Certificate) cert));

        generator.addCertificates(certstore);

        return generator;
    }

    public String SignData(final byte[] content, final CMSSignedDataGenerator generator) throws Exception {

        CMSTypedData cmsdata = new CMSProcessableByteArray(content);
        CMSSignedData signeddata = generator.generate(cmsdata, true);
        return new String(Base64.encode(signeddata.getEncoded()));
    }

    public static void main(String[] args) throws Exception {
        String passwordP12 = "p12KeystorePass";
        String pathToP12 = "/path/to/your.p12";
        String algorithm = "SHA1withRSA";
        
        PKCS7Signer signer = new PKCS7Signer();
        KeyStore keyStore = signer.loadKeyStore(pathToP12, passwordP12);
        
        CMSSignedDataGenerator signatureGenerator = signer.setUpProvider(keyStore, passwordP12, algorithm);
        String content = "signdata";
        String signedData = signer.SignData(content.getBytes("UTF-8"), signatureGenerator);
        System.out.println(signedData);
    }

To create detached signature

CMSSignedData signeddata = generator.generate(cmsdata, false);

Output:

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIAwggXnMIIDz6ADAgECAhBUAUaOqeOECSoJbx0JktP7MA0GCSqGSIb3DQEBBQUAMGkxCzAJBgNVBAYTAlZOMRMwEQYDVQQKEwpWTlBUIEdyb3VwMR4wHAYDVQQLExVWTlBULUNBIFRydXN0IE5ldHdvcmsxJTAjBgNVBAMTHFZOUFQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTUwMTEzMDIwODE5WhcNMTUwNDEzMDIwODE5WjCBzDELMAkGA1UEBhMCVk4xEjAQBgNVBAgMCUjDoCBO4buZaTEVMBMGA1UEBwwMQ+G6p3UgR2nhuqV5MR0wGwYDVQQKDBRDw5RORyBUWSBDUCBBQkMgVEVTVDEbMBkGA1UECwwSTVNUOjAxMDA2OTE1NDQtOTk5MR0wGwYDVQQMDBRHacOhbSDEkOG7kWMgLSDEkERQTDEYMBYGA1UEAwwPVGVzdF9WTlBUX1N0YWZmMR0wGwYKCZImiZPyLGQBAQwNQ01ORDoxMjM0NTY3ODCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArhYOQZvOwyp5Wy0V9BQXcvUgJBRdJlqXq1wkryBw1BUg9toUPPvARF6gSOUhPncPVJPvp7/5iC6Ko70mpbf4QgryArgSiUAnmnmkFz4Apya5VJztE3gqMl7TS3JljbJoC9kDFSzbdbR52leFEy6TYhcjK2KRMZzHcNDawfvH1dMCAwEAAaOCAakwggGlMHAGCCsGAQUFBwEBBGQwYjAyBggrBgEFBQcwAoYmaHR0cDovL3B1Yi52bnB0LWNhLnZuL2NlcnRzL3ZucHRjYS5jZXIwLAYIKwYBBQUHMAGGIGh0dHA6Ly9vY3NwLnZucHQtY2Eudm4vcmVzcG9uZGVyMB0GA1UdDgQWBBTbCqu+GX/5vruQxa7Wn2AA7TXx4jAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFAZpwNXVAooVjUZ96XziaApVrGqvMGoGA1UdIARjMGEwXwYMKwYBBAGB7QMBAwQCME8wJgYIKwYBBQUHAgIwGh4YAE8ASQBEAC0AVAAxAC4AMAAtADAAMwBtMCUGCCsGAQUFBwIBFhlodHRwOi8vcHViLnZucHQtY2Eudm4vcnBhMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly9jcmwudm5wdC1jYS52bi92bnB0Y2EuY3JsMA4GA1UdDwEB/wQEAwIE8DA0BgNVHSUELTArBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwwGCSqGSIb3LwEBBTANBgkqhkiG9w0BAQUFAAOCAgEAQLNC6MCCDfDU3q1vHuWJMNYX3JDIf/oKJL8PNHGlHQiv3XNBdQxNDXtSQNIfq+MMYP/vg17hARVRxaApe7nM1Je+La8719e4QdywPOPKzczqDJnkWE0zEoXd/piMKtprdGLm9iOZxoPBMv8MSKeve0uE2S76PZVdH2+77wS2zsBcxtFMyXzer7L5bjgWAgNyht3JSfcY7+EgZ6a8FAtjm77YOONEqJoW5q4DRWxBb0oic4bqpaTWd8xps75tJaERPvc+OpBdqNYTLf52rRquxZQEc3mhytpNoqDCc+/H30kFuPLSjWREMUEABaegEZsb9eO7zTHXdDXxAKwH6LiP574oA5bnm/hrHNzFcePe5Tii0ULbZAmrwmxoo7kyju9MPGAEiguVWolAilU+8UjvEA0Q1+pSixBJC4TOqD6wm7xH01B/uV0STkXwjg8oxoNGGka1MK/E2mJ6czm7dsqVZN7neHakZVPMDC/oPIJweVYCiD1uh0wGSbLIcNHOFl7fyS+uoeL94+IS/3cSYpqFWUw6Y3AfJ6v+fLoc5+w7icsK8dsmu+kR/hvZe5YtSxvPqJL678xvj9SVrzqYfDjL90OO/MgU4QODtX07zs+nlGOXfup2OUqUowIg7YyonyAxd3FQ3RwHRjjz9lgZKh+XY5try3U2U6jqsccIcjlvQnYwggWDMIIEa6ADAgECAgphBQ3SAAAAAAAEMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlZOMTMwMQYDVQQKEypNaW5pc3RyeSBvZiBJbmZvcm1hdGlvbiBhbmQgQ29tbXVuaWNhdGlvbnMxGzAZBgNVBAsTEk5hdGlvbmFsIENBIENlbnRlcjEdMBsGA1UEAxMUTUlDIE5hdGlvbmFsIFJvb3QgQ0EwHhcNMDkxMjE2MDY0ODA4WhcNMTkxMjE2MDY1ODA4WjBpMQswCQYDVQQGEwJWTjETMBEGA1UEChMKVk5QVCBHcm91cDEeMBwGA1UECxMVVk5QVC1DQSBUcnVzdCBOZXR3b3JrMSUwIwYDVQQDExxWTlBUIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAz1soRmhDyFiEGHv/MCqevpwfC3vXpAPDU9PjC+hUt7GZT+E4jHM5bz2hG8y9dMHEtMta67alVvnbqmiaLNVWR0dSVwCh2uaZA7f5PWxU8Zqw3fNuak6Xi35sRYYpOb/ulZTM31op+PCgjIkjbO61NmOzqvDOE+dE7MVQwoyAtUmxBH0ROA9cdC9/gimEZ/qEJKTIWJNz52k12A8ORRsLdUUzo4wMSvOVOCzjd9qMXlXCKRlVsQE24+SBG+dJyHkOVfcAyp0cvLMRJmqLoaVEr1OIhW54+g4AwU5PdCs/ZbESLCzZRwrRiFFUcsAKGUmAWh1KqX3jOUNxLYLhpiJmrdzgBk6FAFrwbTQKz+SNOKKNbBMj7Bnjc8F0e7c1KpHtsTnWT+ojSWsDxHoSnKeBZ697YE9MWuYUL5VyBeVlNTK/OtCz9332Ril8lUjk2AO+CykHs07A9SDYhaKhktR7170CgNXkzakYFOwGmsgkWNi6yoanx9D2fZ7pMTwfVM+g1DUIO5/hXSxkUF2rmg5+auiQFPYzndbxPTZTAb6bEYZtqxs22fS0Te2IY3KAHi3Od5F63nryIuha3bdJre80hrvaw8YfE/8cZ3XHUI7/ZBVRZ4pPKMUbsArpjh7IRHuJ2QTrHSmz+K6TseDazUoJpnHtb1EmicqeN7149cfMm/sCAwEAAaOCARYwggESMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFAZpwNXVAooVjUZ96XziaApVrGqvMAsGA1UdDwQEAwIBhjAQBgkrBgEEAYI3FQEEAwIBADAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAfBgNVHSMEGDAWgBTNYnHkYb3+PeyyQGDTgXXdOqxrxjA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vcHVibGljLnJvb3RjYS5nb3Yudm4vY3JsL21pY25yY2EuY3JsMEcGCCsGAQUFBwEBBDswOTA3BggrBgEFBQcwAoYraHR0cDovL3B1YmxpYy5yb290Y2EuZ292LnZuL2NydC9taWNucmNhLmNydDANBgkqhkiG9w0BAQUFAAOCAQEALsebDDr4xgKXfz3Qj+0hASr7l1/iN3ZNHw0PyxaJbAGLkBafwoxnOcWebtSMqirCSP7ublQYfm8yfZ2xpTSB2pYANgCgdZwufiKkVtqokT3zlXYblvpziruCqaskPrqI+vNCz8Q/PCkKzpxSKQce3b8rnY320948gZGdCSWK0QCmINvwKiii5QQKYkYKE8N7Agiu0+MTnShkiGVf2Ub+1YhkUfxSdSlcFykVa3BHUfw1F3+P0Qx65wmC7EuSZxm+H1NGzB7752ZxyYXi4tX+XJRIXmmm8lcOebssBlVmhzZqtV3/PZqFDa8JEOyBi4BdRvglXvRa9xtO/k83O5leDTCCA9cwggK/oAMCAQICEBvkc4ofPsCPR5+mzzXFmCIwDQYJKoZIhvcNAQEFBQAwfjELMAkGA1UEBhMCVk4xMzAxBgNVBAoTKk1pbmlzdHJ5IG9mIEluZm9ybWF0aW9uIGFuZCBDb21tdW5pY2F0aW9uczEbMBkGA1UECxMSTmF0aW9uYWwgQ0EgQ2VudGVyMR0wGwYDVQQDExRNSUMgTmF0aW9uYWwgUm9vdCBDQTAeFw0wODA1MTYwMTEyNDlaFw00MDA1MTYwMTIwMzJaMH4xCzAJBgNVBAYTAlZOMTMwMQYDVQQKEypNaW5pc3RyeSBvZiBJbmZvcm1hdGlvbiBhbmQgQ29tbXVuaWNhdGlvbnMxGzAZBgNVBAsTEk5hdGlvbmFsIENBIENlbnRlcjEdMBsGA1UEAxMUTUlDIE5hdGlvbmFsIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChP1lRDv4w/2HblngUi9tDPDa+Ya/ctT9gHtMNAUGt+MmKQo7I7TKGR8X+tffq1kQ3EBLDSAhRULrlV+nONcmOHHMJhTNM4bs4rI6ttxMELmaBVy3M+xr9LpyL/QlA8GAXm3FFbX3j2yrSu5rd68xe5ADf1WwwhZu9V38t1CTTgPvgKFG+sNZhB8zloEfnkW0vh1jotK3BsUaz3FodOAnZ+7UnmJ5e/PH0SP/ooTv/UDPZJquymWKdzHvIUk2eXEKLb3R+/JQT3grS8LVq+JZMUJzmIY7B5ZcBTs2fsEAZfBtZb1w4GZo32tGBORYy74GtsCFrEZfCwQi9byNcBA/TAgMBAAGjUTBPMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTNYnHkYb3+PeyyQGDTgXXdOqxrxjAQBgkrBgEEAYI3FQEEAwIBADANBgkqhkiG9w0BAQUFAAOCAQEATJ3NfiMggBwoz/Dxyd8RyrJpU6PyXwyzZZwvVOEcUCrgVRfEF76ok1FGqobtJGQvTxOOsLQUnHxDvi1OY1Js29ZwF1lHW6Jas8eWerYN9S0N2WQ6r9BUOtETaLb6OA4F6+D8MPdMm1/i7md7+GLqdK9yVEzU+l6L7Ou4J4EsmI73yqBRlnPGF4n59FOXP1fD21UoSXNPSjcqZ4TFE77Gye4JR2K/qLLqfOVfJNs7uHQ1sOGFj4qXSI7neGeJy+WkAuxbV6G5x5a3wenlXY6Zpqclmh2wztY7azPyvknhLdaHgbl2rqf8zbPGdjKvTVBSbC0Nsr3XUOXTdWOfXc0KmQAAMYIBgjCCAX4CAQEwfTBpMQswCQYDVQQGEwJWTjETMBEGA1UEChMKVk5QVCBHcm91cDEeMBwGA1UECxMVVk5QVC1DQSBUcnVzdCBOZXR3b3JrMSUwIwYDVQQDExxWTlBUIENlcnRpZmljYXRpb24gQXV0aG9yaXR5AhBUAUaOqeOECSoJbx0JktP7MAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNTA0MDExNTE5MDhaMCMGCSqGSIb3DQEJBDEWBBRwCR6OXkUq2jgegMlAi7p84cfDqzANBgkqhkiG9w0BAQEFAASBgBdoX52mvjCJKldJSp2Wy6hcTIrrr8ecnNgWuyxz+uhDEGXv/eo3/iiZozj3S992HJcWSUeCyB3aR4eYpQVGS/QZ/qPy6xRI7TJUJFsKchrr+WlI6zxxAF288GOgnXk+Ro4kpJqen4zgUYwGNnfNi5LH9QZZviC/QUSf7FOyY7OBAAAAAAAA

Read more »