Add tls related tests

remoting/src/test/java/org/apache/rocketmq/remoting/SimpleClient.java

-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.rocketmq.remoting;
-
-import org.apache.rocketmq.remoting.exception.RemotingConnectException;
-import org.apache.rocketmq.remoting.exception.RemotingSendRequestException;
-import org.apache.rocketmq.remoting.exception.RemotingTimeoutException;
-import org.apache.rocketmq.remoting.netty.NettyClientConfig;
-import org.apache.rocketmq.remoting.protocol.RemotingCommand;
-
-import static org.apache.rocketmq.remoting.TlsTest.getCertsPath;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_AUTHSERVER;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_CERTPATH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_KEYPATH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_TRUSTCERTPATH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_AUTHCLIENT;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_CERTPATH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_KEYPATH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_MODE;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_NEED_CLIENT_AUTH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_TRUSTCERTPATH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_TEST_MODE_ENABLE;
-
-public class SimpleClient {
-    public static void main(String[] args) throws InterruptedException, RemotingTimeoutException, RemotingSendRequestException, RemotingConnectException {
-        System.setProperty(TLS_SERVER_MODE, "enforcing");
-        System.setProperty(TLS_TEST_MODE_ENABLE, "false");
-        System.setProperty(TLS_SERVER_NEED_CLIENT_AUTH, "require");
-
-        System.setProperty(TLS_SERVER_KEYPATH, getCertsPath("server.key"));
-        System.setProperty(TLS_SERVER_CERTPATH, getCertsPath("server.pem"));
-        System.setProperty(TLS_SERVER_AUTHCLIENT, "true");
-        System.setProperty(TLS_SERVER_TRUSTCERTPATH, getCertsPath("ca.pem"));
-
-        System.setProperty(TLS_CLIENT_KEYPATH, getCertsPath("client.key"));
-        System.setProperty(TLS_CLIENT_CERTPATH, getCertsPath("client.pem"));
-        System.setProperty(TLS_CLIENT_AUTHSERVER, "true");
-        System.setProperty(TLS_CLIENT_TRUSTCERTPATH, getCertsPath("ca.pem"));
-        NettyClientConfig clientConfig = new NettyClientConfig();
-        clientConfig.setUseTLS(true);
-        RemotingClient remotingClient = RemotingServerTest.createRemotingClient(clientConfig);
-
-        RequestHeader requestHeader = new RequestHeader();
-        requestHeader.setCount(1);
-        requestHeader.setMessageTitle("Welcome");
-        RemotingCommand request = RemotingCommand.createRequestCommand(0, requestHeader);
-        RemotingCommand response = remotingClient.invokeSync("localhost:8888", request, 1000 * 3);
-        System.out.println(response);
-    }
-}

remoting/src/test/java/org/apache/rocketmq/remoting/SimpleServer.java

-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.rocketmq.remoting;
-
-import static org.apache.rocketmq.remoting.TlsTest.getCertsPath;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_AUTHSERVER;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_CERTPATH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_KEYPATH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_TRUSTCERTPATH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_AUTHCLIENT;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_CERTPATH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_KEYPATH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_MODE;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_NEED_CLIENT_AUTH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_TRUSTCERTPATH;
-import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_TEST_MODE_ENABLE;
-
-public class SimpleServer {
-    public static void main(String[] args) throws InterruptedException {
-        System.setProperty(TLS_SERVER_MODE, "enforcing");
-        System.setProperty(TLS_TEST_MODE_ENABLE, "false");
-        System.setProperty(TLS_SERVER_NEED_CLIENT_AUTH, "require");
-
-        System.setProperty(TLS_SERVER_KEYPATH, getCertsPath("server.key"));
-        System.setProperty(TLS_SERVER_CERTPATH, getCertsPath("server.pem"));
-        System.setProperty(TLS_SERVER_AUTHCLIENT, "true");
-        System.setProperty(TLS_SERVER_TRUSTCERTPATH, getCertsPath("ca.pem"));
-
-        System.setProperty(TLS_CLIENT_KEYPATH, getCertsPath("client.key"));
-        System.setProperty(TLS_CLIENT_CERTPATH, getCertsPath("client.pem"));
-        System.setProperty(TLS_CLIENT_AUTHSERVER, "true");
-        System.setProperty(TLS_CLIENT_TRUSTCERTPATH, getCertsPath("ca.pem"));
-
-        RemotingServer remotingServer = RemotingServerTest.createRemotingServer();
-
-    }
-}

remoting/src/test/java/org/apache/rocketmq/remoting/TlsTest.java

@@ -18,20 +18,24 @@
 package org.apache.rocketmq.remoting;
 
 import java.io.File;
-import org.apache.rocketmq.remoting.exception.RemotingConnectException;
+import java.security.SignatureException;
+import javax.net.ssl.SSLException;
 import org.apache.rocketmq.remoting.exception.RemotingSendRequestException;
-import org.apache.rocketmq.remoting.exception.RemotingTimeoutException;
 import org.apache.rocketmq.remoting.netty.NettyClientConfig;
 import org.apache.rocketmq.remoting.protocol.LanguageCode;
 import org.apache.rocketmq.remoting.protocol.RemotingCommand;
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
+import org.assertj.core.util.Throwables;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Rule;
 import org.junit.Test;
+import org.junit.rules.TestName;
 import org.junit.runner.RunWith;
 import org.mockito.junit.MockitoJUnitRunner;
 
 import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_AUTHSERVER;
 import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_CERTPATH;
+import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_KEYPASSWORD;
 import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_KEYPATH;
 import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_CLIENT_TRUSTCERTPATH;
 import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_AUTHCLIENT;
@@ -42,19 +46,23 @@ import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_NEED
 import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_SERVER_TRUSTCERTPATH;
 import static org.apache.rocketmq.remoting.netty.TlsSystemConfig.TLS_TEST_MODE_ENABLE;
 import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.failBecauseExceptionWasNotThrown;
 import static org.junit.Assert.assertTrue;
 
 @RunWith(MockitoJUnitRunner.class)
 public class TlsTest {
-    private static RemotingServer remotingServer;
-    private static RemotingClient remotingClient;
+    private RemotingServer remotingServer;
+    private RemotingClient remotingClient;
 
-    @BeforeClass
-    public static void setUp() throws InterruptedException {
+    @Rule
+    public TestName name = new TestName();
+
+    @Before
+    public void setUp() throws InterruptedException {
         System.setProperty(TLS_SERVER_MODE, "enforcing");
         System.setProperty(TLS_TEST_MODE_ENABLE, "false");
-        System.setProperty(TLS_SERVER_NEED_CLIENT_AUTH, "require");
 
+        System.setProperty(TLS_SERVER_NEED_CLIENT_AUTH, "require");
         System.setProperty(TLS_SERVER_KEYPATH, getCertsPath("server.key"));
         System.setProperty(TLS_SERVER_CERTPATH, getCertsPath("server.pem"));
         System.setProperty(TLS_SERVER_AUTHCLIENT, "true");
@@ -64,56 +72,142 @@ public class TlsTest {
         System.setProperty(TLS_CLIENT_CERTPATH, getCertsPath("client.pem"));
         System.setProperty(TLS_CLIENT_AUTHSERVER, "true");
         System.setProperty(TLS_CLIENT_TRUSTCERTPATH, getCertsPath("ca.pem"));
-        remotingServer = RemotingServerTest.createRemotingServer();
+        System.setProperty(TLS_CLIENT_KEYPASSWORD, "1234");
+
         NettyClientConfig clientConfig = new NettyClientConfig();
         clientConfig.setUseTLS(true);
+
+        if ("serverRejectsUntrustedClientCert".equals(name.getMethodName())) {
+            // Create a client. Its credentials come from a CA that the server does not trust. The client
+            // trusts both test CAs to ensure the handshake failure is due to the server rejecting the client's cert.
+            System.setProperty(TLS_CLIENT_KEYPATH, getCertsPath("badClient.key"));
+            System.setProperty(TLS_CLIENT_CERTPATH, getCertsPath("badClient.pem"));
+        } else if ("serverAcceptsUntrustedClientCert".equals(name.getMethodName())) {
+            System.setProperty(TLS_CLIENT_KEYPATH, getCertsPath("badClient.key"));
+            System.setProperty(TLS_CLIENT_CERTPATH, getCertsPath("badClient.pem"));
+            System.setProperty(TLS_SERVER_AUTHCLIENT, "false");
+        }
+        else if ("noClientAuthFailure".equals(name.getMethodName())) {
+            //Clear the client cert config to ensure produce the handshake error
+            System.setProperty(TLS_CLIENT_KEYPATH, "");
+            System.setProperty(TLS_CLIENT_CERTPATH, "");
+        } else if ("clientRejectsUntrustedServerCert".equals(name.getMethodName())) {
+            System.setProperty(TLS_SERVER_KEYPATH, getCertsPath("badServer.key"));
+            System.setProperty(TLS_SERVER_CERTPATH, getCertsPath("badServer.pem"));
+        } else if ("clientAcceptsUntrustedServerCert".equals(name.getMethodName())) {
+            System.setProperty(TLS_SERVER_KEYPATH, getCertsPath("badServer.key"));
+            System.setProperty(TLS_SERVER_CERTPATH, getCertsPath("badServer.pem"));
+            System.setProperty(TLS_CLIENT_AUTHSERVER, "false");
+        } else if ("serverNotNeedClientAuth".equals(name.getMethodName())) {
+            System.setProperty(TLS_SERVER_NEED_CLIENT_AUTH, "none");
+            System.clearProperty(TLS_CLIENT_KEYPATH);
+            System.clearProperty(TLS_CLIENT_CERTPATH);
+        } else if ("serverWantClientAuth".equals(name.getMethodName())) {
+            System.setProperty(TLS_SERVER_NEED_CLIENT_AUTH, "optional");
+        } else if ("serverWantClientAuth_ButClientNoCert".equals(name.getMethodName())) {
+            System.setProperty(TLS_SERVER_NEED_CLIENT_AUTH, "optional");
+            System.clearProperty(TLS_CLIENT_KEYPATH);
+            System.clearProperty(TLS_CLIENT_CERTPATH);
+        }
+
+        remotingServer = RemotingServerTest.createRemotingServer();
         remotingClient = RemotingServerTest.createRemotingClient(clientConfig);
     }
 
-    @AfterClass
-    public static void tearDown() {
+    @After
+    public void tearDown() {
         remotingClient.shutdown();
         remotingServer.shutdown();
     }
 
     /**
-     * public static final String TLS_SERVER_MODE = "tls.server.mode";
-     public static final String TLS_ENABLE = "tls.enable";
-     public static final String TLS_CONFIG_FILE = "tls.config.file";
-     public static final String TLS_TEST_MODE_ENABLE = "tls.test.mode.enable";
-
-     public static final String TLS_SERVER_NEED_CLIENT_AUTH = "tls.server.need.client.auth";
-     public static final String TLS_SERVER_KEYPATH = "tls.server.keyPath";
-     public static final String TLS_SERVER_KEYPASSWORD = "tls.server.keyPassword";
-     public static final String TLS_SERVER_CERTPATH = "tls.server.certPath";
-     public static final String TLS_SERVER_AUTHCLIENT = "tls.server.authClient";
-     public static final String TLS_SERVER_TRUSTCERTPATH = "tls.server.trustCertPath";
-
-     public static final String TLS_CLIENT_KEYPATH = "tls.client.keyPath";
-     public static final String TLS_CLIENT_KEYPASSWORD = "tls.client.keyPassword";
-     public static final String TLS_CLIENT_CERTPATH = "tls.client.certPath";
-     public static final String TLS_CLIENT_AUTHSERVER = "tls.client.authServer";
-     public static final String TLS_CLIENT_TRUSTCERTPATH = "tls.client.trustCertPath";
+     * Tests that a client and a server configured using two-way SSL auth can successfully
+     * communicate with each other.
+     */
+    @Test
+    public void basicClientServerIntegrationTest() throws Exception {
+        requestThenAssertResponse();
+    }
+
+    @Test
+    public void serverNotNeedClientAuth() throws Exception {
+        requestThenAssertResponse();
+    }
+
+    @Test
+    public void serverWantClientAuth_ButClientNoCert() throws Exception {
+        requestThenAssertResponse();
+    }
+
+    /**
+     * Tests that a server configured to require client authentication refuses to accept connections
+     * from a client that has an untrusted certificate.
+     */
+    @Test
+    public void serverRejectsUntrustedClientCert() throws Exception {
+        try {
+            RemotingCommand response = remotingClient.invokeSync("localhost:8888", createRequest(), 1000 * 5);
+            failBecauseExceptionWasNotThrown(RemotingSendRequestException.class);
+        } catch (RemotingSendRequestException exception) {
+            assertThat(Throwables.getRootCause(exception)).isInstanceOf(SSLException.class);
+        }
+    }
+
+    @Test
+    public void serverAcceptsUntrustedClientCert() throws Exception {
+        requestThenAssertResponse();
+    }
+
+    /**
+     * Tests that a server configured to require client authentication actually does require client
+     * authentication.
+     */
+    @Test
+    public void noClientAuthFailure() throws Exception {
+        try {
+            RemotingCommand response = remotingClient.invokeSync("localhost:8888", createRequest(), 1000 * 3);
+            failBecauseExceptionWasNotThrown(RemotingSendRequestException.class);
+        } catch (RemotingSendRequestException exception) {
+            assertThat(Throwables.getRootCause(exception)).isInstanceOf(SSLException.class);
+        }
+    }
+
+    /**
+     * Tests that a client configured using GrpcSslContexts refuses to talk to a server that has an
+     * an untrusted certificate.
      */
     @Test
-    public void basicClientServerIntegrationTest() throws InterruptedException, RemotingTimeoutException, RemotingConnectException, RemotingSendRequestException {
+    public void clientRejectsUntrustedServerCert() throws Exception {
+        try {
+            RemotingCommand response = remotingClient.invokeSync("localhost:8888", createRequest(), 1000 * 3);
+            failBecauseExceptionWasNotThrown(RemotingSendRequestException.class);
+        } catch (RemotingSendRequestException exception) {
+            assertThat(Throwables.getRootCause(exception)).isInstanceOf(SignatureException.class);
+        }
+    }
+
+    @Test
+    public void clientAcceptsUntrustedServerCert() throws Exception {
+        requestThenAssertResponse();
+    }
+
+    private static String getCertsPath(String fileName) {
+        File resourcesDirectory = new File("src/test/resources/certs");
+        return resourcesDirectory.getAbsolutePath() + "/" + fileName;
+    }
+
+    private static RemotingCommand createRequest() {
         RequestHeader requestHeader = new RequestHeader();
         requestHeader.setCount(1);
         requestHeader.setMessageTitle("Welcome");
-        RemotingCommand request = RemotingCommand.createRequestCommand(0, requestHeader);
-        RemotingCommand response = remotingClient.invokeSync("localhost:8888", request, 1000 * 3);
-        System.out.println(response);
+        return RemotingCommand.createRequestCommand(0, requestHeader);
+    }
+
+    private void requestThenAssertResponse() throws Exception {
+        RemotingCommand response = remotingClient.invokeSync("localhost:8888", createRequest(), 1000 * 3);
         assertTrue(response != null);
         assertThat(response.getLanguage()).isEqualTo(LanguageCode.JAVA);
         assertThat(response.getExtFields()).hasSize(2);
-
-        remotingClient.shutdown();
-        remotingServer.shutdown();
-    }
-
-    static String getCertsPath(String fileName) {
-        //File resourcesDirectory = new File("src/test/resources/certs");
-        File resourcesDirectory = new File("/Users/zhouxinyu/apache-space/incubator-rocketmq/remoting/src/test/resources/certs/");
-        return resourcesDirectory.getAbsolutePath() + "/" + fileName;
+        assertThat(response.getExtFields().get("messageTitle")).isEqualTo("Welcome");
     }
 }

remoting/src/test/resources/certs/badClient.key

+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIICoTAbBgkqhkiG9w0BBQMwDgQIc2h7vaLYK6gCAggABIICgNrkvD1Xxez79Jgk
+WhRJg06CG8UthncfeuymR4hgp9HIneUzUHOoaf64mpxUbDWe3YOzA29REcBQsjF0
+Rpv+Uyg3cyDG14TmeRoSufOxB3MWLcIenoPPyNNtxe3XXmdkJTXX2YR0j7EOzH2v
+qlmuxmN4A7UonV5RdGxCz0sm7bU7EyZKdLO/DwBNxlX7ukcVLxAAqsc7ondclYj0
+SFJKk1nzfysCsk/Pq+q3PAVVpG6x5RFaLVS7Zt+gU6IEp+0S0eeYukkTjGh9PMPl
+wjCOcRiR3O+g4b3DevmW8TcoBqAZ2cFaf4lGhYlNBfa9PaQ3spJLL8l8xBbRIs8T
+3UnaFIa49r9DO/ZpCwpDeUE+URCx/SpcO6lchWQhdEuFt+DnFKOPYDSCHtHJSWHf
+9Z2bltjcYYPy/8nkPeqsO9vn4/r6jo+l7MYWKyWolLCW+7RYbpx5R2s4SBGtBP6w
+bwQOtOASbpG+mqTf7+ARpffHaZm9cKoKwobXigjDojPeaBCg5DgRuLIS1tO46Pjg
+USJ8sZilXifUwc6qRZ/2KiTSiJYCPMJD2ZTvK2Inkv2qzg6X3kw7CYCaW+iDL9zN
+e3ES7bps1wZ6D8cGq80WUQgrtpaGAXLzIv4FvM5yDoqrre/dh/XDO9l2hYfUmRVv
+rynKdSxjhhyHaK2ei8cX4LGEIlRNiu9ZIxSYeUAy37IJ0rVC7vtBWTh30JTeMRop
+iIPmygBMX2FEhQ2l/eS2lRhiybR0QXA4kCeJkVQas3aMMBGp2ThPNahLpzP82B7V
+f9137okQC95/KXRz/ZLYFsJtY/53206mG7gU/+dYsYI4slLAlnSe8k2sS0D9qkWJ
+VV9F7PM=
+-----END ENCRYPTED PRIVATE KEY-----

remoting/src/test/resources/certs/badClient.pem

+-----BEGIN CERTIFICATE-----
+MIIC8zCCAdsCAQIwDQYJKoZIhvcNAQEFBQAwfDELMAkGA1UEBhMCemgxCzAJBgNV
+BAgMAnpqMQswCQYDVQQHDAJoejEPMA0GA1UECgwGYXBhY2hlMREwDwYDVQQLDAhy
+b2NrZXRtcTEOMAwGA1UEAwwFeXVrb24xHzAdBgkqhkiG9w0BCQEWEHl1a29uQGFw
+YWNoZS5vcmcwHhcNMTcxMjExMDk0NDExWhcNMTgwMTEwMDk0NDExWjCBhjELMAkG
+A1UEBhMCemgxCzAJBgNVBAgMAnpqMQswCQYDVQQHDAJoejEPMA0GA1UECgwGYXBh
+Y2hlMREwDwYDVQQLDAhyb2NrZXRtcTEWMBQGA1UEAwwNZm9vYmFyLmNsaWVudDEh
+MB8GCSqGSIb3DQEJARYSZm9vQGJhci5jbGllbnQuY29tMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQC+3bvrKGF1Y9/kN5UBtf8bXRtxn6L1W6mCRrX6aHBb+vQp
+BEYk3Pwu/OLd7TkOC5zwjCIPIlwV4FaYnWh0KooqpmvXuKJLAQBFa8yGWERYys73
+9a/U31cu6lndnG2lZfb47NTy+KdzDYsqB4GfnASqA7PbxJHDU4Fu7wp7gN3HRQID
+AQABMA0GCSqGSIb3DQEBBQUAA4IBAQBsFroSKr3MbCq1HjWpCLDEz2uS4LQV6L1G
+smNfGNY17ELOcY9uweBBXOsfKVOEizYJJqatbJlz6FmPkIbfsGW2Wospkp1gvYMy
+NGL27vX3rB5vOo5vdFITaaV9/dEu53A0iWdsn3wH/FJnMsqBmynb+/3FY+Lff9d1
+XBaXLr+DeBx4lrE8rWTvhWh8gqDkuNLBTygdH0+g8/xkqhQhLqjIlMCSnrG2cTfj
+LewizVcX/VZ6DNC2M2vjEFbCShclZHocG80N7udl5KNsLEU2jyO1F61Q0yo+VYGS
+7n8dRYgbOKyCjMdu69fAfZvp4aoy1SXqtjMphDh5R7y7mhP60e0A
+-----END CERTIFICATE-----

remoting/src/test/resources/certs/badServer.key

+-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALBvxESq2VvSpJl1
+skv8SzyPYKgU8bZx37hEOCmoeYvd9gWNfeYZuITng2/5mpWX+zuAgKsgPU66YG0v
+++dT5GBQPr0Imb25IMl3xOY2eEiLeMokYiWbnA1C+pw1a27zMqk6pgbcRaMfLdh5
+npusWtqBzZIxqo1TpaOGEmyQTNRlAgMBAAECgYBSigbUZOTIWxObov7lI0MDMsPx
+/dJSGpWhe3CWtHUgJJdKY7XpJlE3A6Nuh+N0ZiQm4ufOpodnxDMGAXOj9ZAZY16Y
+i7I0ayXepcpTqYqo0o0+ze2x7SECAXe26bqvLRuKG2hpUyM59vAmll9gmQM5n8z4
+ZzoAzqRqkRHdo5bTxQJBAOF6SwSSfb8KEtTjWpJ48W1PO/NmKbW3QsNCWuk/w5p7
+E8L2g3nwakJiFmVNCga74rUbcgbCkw7y/lLeM8yC74MCQQDIUgCN/vuHm+eT85xk
+QoVKhDljXzLoog6wTUf5SMtrmUFTbQqyvw5xjHYdp3TWJM/Px8IyLxOr97sSnnft
+l7/3AkEAukYLv6U+GRs7X4DMDIG6AjIZNwXJo4PYtfMVo+i3seHH+6MoDw8c2eaq
+1dmFVPbXXgNkek04rHr2vIMxi90H/QJAAMOfUOtaFkhX986EGDXQwFoExgZE8XI8
+0BtbXO4UKJLrFuBhnBDygyhgAvjyjyaQzGAcs4hOcOd/BTEpj/R2PQJBANUKa9T9
+qWYhDhWN1Uj7qXhC1j2z/vTAzcYuwhpPRjt3RaVl27itI7cqiGquFhwfKZZFaOh5
+pnnWHv63YbGQ2Qc=
+-----END PRIVATE KEY-----

remoting/src/test/resources/certs/badServer.pem

+-----BEGIN CERTIFICATE-----
+MIIC5DCCAcwCAQEwDQYJKoZIhvcNAQEFBQAwfDELMAkGA1UEBhMCemgxCzAJBgNV
+BAgMAnpqMQswCQYDVQQHDAJoejEPMA0GA1UECgwGYXBhY2hlMREwDwYDVQQLDAhy
+b2NrZXRtcTEOMAwGA1UEAwwFeXVrb24xHzAdBgkqhkiG9w0BCQEWEHl1a29uQGFw
+YWNoZS5vcmcwHhcNMTcxMjExMDk0MzE3WhcNMTgwMTEwMDk0MzE3WjB4MQswCQYD
+VQQGEwJ6aDELMAkGA1UECAwCemoxCzAJBgNVBAcMAmh6MQ8wDQYDVQQKDAZhcGFj
+aGUxETAPBgNVBAsMCHJvY2tldG1xMQ8wDQYDVQQDDAZmb29iYXIxGjAYBgkqhkiG
+9w0BCQEWC2Zvb0BiYXIuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCw
+b8REqtlb0qSZdbJL/Es8j2CoFPG2cd+4RDgpqHmL3fYFjX3mGbiE54Nv+ZqVl/s7
+gICrID1OumBtL/vnU+RgUD69CJm9uSDJd8TmNnhIi3jKJGIlm5wNQvqcNWtu8zKp
+OqYG3EWjHy3YeZ6brFragc2SMaqNU6WjhhJskEzUZQIDAQABMA0GCSqGSIb3DQEB
+BQUAA4IBAQAx+0Se3yIvUOe23oQp6UecaHtfXJCZmi1p5WbwJi7jUcYz78JB8oBj
+tVsa+1jftJG+cJJxqgxo2IeIAVbcEteO19xm7dc8tgfH/Bl0rxQz4WEYKb2oF/EQ
+eRgcvj4uZ0d9WuprAvJgA4r0Slu2ZZ0cVkzi06NevTweTBYIKFzHaPShqUWEw8ki
+42V5jAtRve7sT0c4TH/01dd2fs3V4Ul3E2U3LOP6VizIfKckdht0Bh6B6/5L8wvH
+4l1f4ni7w34vXGANpmTP2FGjQQ3kYjKL7GzgMphh3Kozhil6g1GLMhxvp6ccCA9W
+m5g0cPa3RZnjI/FoD0lZ5S1Q5s9qXbLm
+-----END CERTIFICATE-----

remoting/src/test/resources/certs/ca.pem

 -----BEGIN CERTIFICATE-----
-MIID6TCCAtGgAwIBAgIJAOvs64b60b2jMA0GCSqGSIb3DQEBBQUAMIGKMQswCQYD
-VQQGEwJ6aDELMAkGA1UECAwCemoxCzAJBgNVBAcMAmh6MQ8wDQYDVQQKDAZhcGFj
-aGUxETAPBgNVBAsMCHJvY2tldG1xMRwwGgYDVQQDDBNyb2NrZXRtcS5hcGFjaGUu
-b3JnMR8wHQYJKoZIhvcNAQkBFhB5dWtvbkBhcGFjaGUub3JnMB4XDTE3MTIxMDEz
-NDUwM1oXDTE4MDEwOTEzNDUwM1owgYoxCzAJBgNVBAYTAnpoMQswCQYDVQQIDAJ6
-ajELMAkGA1UEBwwCaHoxDzANBgNVBAoMBmFwYWNoZTERMA8GA1UECwwIcm9ja2V0
-bXExHDAaBgNVBAMME3JvY2tldG1xLmFwYWNoZS5vcmcxHzAdBgkqhkiG9w0BCQEW
-EHl1a29uQGFwYWNoZS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQDWQF779Mr00/KOYI7jqpUSdhbz8Pf+mose4wAd8+WPz3TdWCShsyHCZplUY18+
-xneEMB8zE5KHnXRejw/eM4PZtS6ptd9XD744EvKo/VvoD0/lRXsmpny4ZODvhuOz
-QkOlsYGweq5vlQooUHraqYrn6IgR/ibGopFE7oqxsMPFmkV/Y83Z8KMlTf4sj+hM
-LsrhZuenpBoSST/DK5D+W2byKhhZvw8hxHRIA6aNggEdOZvDnS8TCougiQ5vfrdY
-fYUayG9QGt44dbhfJoxGnINckzuWcWUZHDZk/rYKyMpqsDCaLDRk9RQJg9b6KvS6
-adw3fgIRUMMZXTGBPokihhV7AgMBAAGjUDBOMB0GA1UdDgQWBBQl6kKtdAjyc4eW
-vCm+WfHBNuhdXzAfBgNVHSMEGDAWgBQl6kKtdAjyc4eWvCm+WfHBNuhdXzAMBgNV
-HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBrKwdIlyBDWWidESRJO2fw4nHy
-Rq27YZIrO2Ip/EglngAYBPwlqHFyNawzz2Ik6CJLGhbNTknJcqED6fp7vmeh2SVT
-XbRXJ8Ok/qq0KZhK84cUP3SE54nJZYnXNXbXZcq1fJFEs3YY7vpq9pPvZ3GPK8PU
-Li/ZwqKhHVujwiMEaL1P/TOm8P0rhK2bpULLzl/WLHUce+oTljH2wmBTZBLf0PHd
-MnYibG+4vClDqUQcU2SwSRRIrr8rLwHOEqvcGBqrYVue+kU6E64e4nos+4zDnqyu
-fpHsGXUzxJzpM36mlnG/PBad1N/2QQcRWYRT4uRpvSHedoIhWc2PSgg1Bbmg
+MIIDyzCCArOgAwIBAgIJAKzXC2VLdPclMA0GCSqGSIb3DQEBBQUAMHwxCzAJBgNV
+BAYTAnpoMQswCQYDVQQIDAJ6ajELMAkGA1UEBwwCaHoxDzANBgNVBAoMBmFwYWNo
+ZTERMA8GA1UECwwIcm9ja2V0bXExDjAMBgNVBAMMBXl1a29uMR8wHQYJKoZIhvcN
+AQkBFhB5dWtvbkBhcGFjaGUub3JnMB4XDTE3MTIxMTA5MjUxNFoXDTE4MDExMDA5
+MjUxNFowfDELMAkGA1UEBhMCemgxCzAJBgNVBAgMAnpqMQswCQYDVQQHDAJoejEP
+MA0GA1UECgwGYXBhY2hlMREwDwYDVQQLDAhyb2NrZXRtcTEOMAwGA1UEAwwFeXVr
+b24xHzAdBgkqhkiG9w0BCQEWEHl1a29uQGFwYWNoZS5vcmcwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDLUZi/zPj+7sYbfTng/gJeHpvvrWZkiudNwh1t
+5kxAusrJyGBkGm+xmRPJeQPZzbhfwfrz/UiQSbjlyV4K+SEZuNIHBSU80aTnXFWg
+wIgIAKvu3ZwYkcTjSDBvZv1DgbRkuqAB5ExsJ4vovoNqZcsLFLKsqT1G7lTAwRKU
+/FTKgD4g/zvhEoolonzKuk7CPivfKWFzcTpe8zRQlI0O9+j9Pq38F+5yxP7atK/b
+uYw36Efgt8nbkjusWIyXibpDMbAUroJNNYlFnunb+XKLpslkrIrfLGiMUq2Ru940
+ooQaANYWzogRQeIofsMN6H9CCRXtVIzcgJJU3wWXGXPRuNr7AgMBAAGjUDBOMB0G
+A1UdDgQWBBTd3bmAcazOY2/TI/h4zaGhni+nJzAfBgNVHSMEGDAWgBTd3bmAcazO
+Y2/TI/h4zaGhni+nJzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBp
+KRcnYsVtFZJejyt02+7SaMudTNRgh5SexFWsl1O7qWUc+fMVgMHHDzGRbkdevcdZ
+9uKDwUoa6M1wlOeosTTfQlH9b/AwW6QT7KqdpcpMXlmoV/PNCAVt2QeVclmplvqo
+Rx8qUHNckvvzNZt1W6AkBG93P0BLK/3FMJDyYmxkstwnpBPf/3A+t5k2INUI7yQf
+B3Tqzs/4iQ3idCLqz2WhTNUYpZOREtpJMcFaOdMsGNnIF+LvkKGij0MPVd/mwJtL
+UvQXwbOWpCS7A73sWFqPnrSzpi4VwcvAsi8lUYXsc0H064oagb58zvYz3kXqybcb
+KQntj5dP4C3lLHUTTcAV
 -----END CERTIFICATE-----

remoting/src/test/resources/certs/client.key

------BEGIN PRIVATE KEY-----
-MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAJhhmOCebk9a4Uvc
-JYVf1vdpOrRNXb5H6RnGzRTZfzhtcrYIRKWnJwr3O5ZZ4TkdpH8H+fKHM5ytFk26
-EUbYa7mTkpdlplbe8O7Bk7ZRDvdMPsz2CSrhfjHfD96L2X2xGn0Es3gOwE2U7EWz
-UVJTQVxjC4FUCIQU8Gxt39tundqTAgMBAAECgYBGLTxgxdX7idkUPLCy+e5gRwAY
-JUE07p01l86++WOTsyQPHUOwHojmjfHNTlthGHu3XQ8JWKa2UyhgZ36pZ+ZD/Ppv
-LHRMQ/WobYIiZ9foJ2PvhBJkanffAIWpXiy9PCbtRyaKMnwRvhS7AEXP7XYMbJuE
-LzqSd9CuXPo5qt2iwQJBAMd4xyW2rY0xtD+FGbbJ6OLtOdRHdkRtta2H01CUlOTE
-lsqUmvKuNOTnMTnVoeMNwlXgd0Qbax2qpW/I2QJbv+MCQQDDkIHwAeiGKmb6I4MF
-frdTUN8cyXzdA+tjNm6j9/MnzX+lhQZkB1boyyO7wO79ZB57XXuYI4C62tpvluBz
-wxmRAkB4TOImX58ZyYFA0eApOmqG+bVnzlWIfXYVmxYZwhJuShX7RVaRx/jEmJ46
-mBoTWsf6jO7BF5wpfzJZUZN3dagrAkEAiH1W8teiHeGCNZqLW05xTKjozwKhLvAJ
-XRkkZzQqdOEr8a3CJBYrRhZhPi0Nn7Q8wgUgubItqjwMsE0xIhpMwQJBAJt8fOdZ
-rzNBh1mq0ZHGr02P4KB++q1NouqenkBdnlUIBe3UjH5miy/HkPWvcqTTKtADTnGI
-4f4a3Gu5NUW9xkQ=
------END PRIVATE KEY-----
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIICoTAbBgkqhkiG9w0BBQMwDgQI1vtPpDhOYRcCAggABIICgMHwgw0p9fx95R/+
+cWnNdEq8I3ZOOy2wDjammFvPrYXcCJzS3Xg/0GDJ8pdJRKrI7253e4u3mxf5oMuY
+RrvpB3KfdelU1k/5QKqOxL/N0gQafQLViN53f6JelyBEAmO1UxQtKZtkTrdZg8ZP
+0u1cPPWxmgNdn1Xx3taMw+Wo05ysHjnHJhOEDQ2WT3VXigiRmFSX3H567yjYMRD+
+zmvBq+qqR9JPbH9Cn7X1oRXX6c8VsZHWF/Ds0I4i+5zJxsSIuNZxjZw9XXNgXtFv
+7FEFC0HDgDQQUY/FNPUbmjQUp1y0YxoOBjlyIqBIx5FWxu95p2xITS0OimQPFT0o
+IngaSb+EKRDhqpLxxIVEbDdkQrdRqcmmLGJioAysExTBDsDwkaEJGOp44bLDM4QW
+SIA9SB01omuCXgn7RjUyVXb5g0Lz+Nvsfp1YXUkPDO9hILfz3eMHDSW7/FzbB81M
+r8URaTagQxBZnvIoCoWszLDXn3JwEjpZEA6y55Naptps3mMRf7+XMt42lX0e4y9a
+ogNu5Zw/RZD9YcaTjC2z5XeKiMCs1Ymhy9iuzbo+eRGESqzvUE4VirtsiEwxJRci
+JHAvuAl3X4XnpTty4ahOU+DihM9lALxdU68CN9++7mx581pYuvjzrV+Z5+PuptZX
+AjCZmkZLDh8TCHSzWRqvP/Hcvo9BjW8l1Lq6tOa222PefSNCc6gs6Hq+jUghbabZ
+/ux4WuFc0Zd6bfQWAZohSvd78/ixsdJPNGm2OP+LUIrEDKIkLuH1PM0uq4wzJZNu
+Bo7oJ5iFWF67u3MC8oq+BqOVKDNWaCMi7iiSrN2XW8FBo/rpx4Lf/VYREL+Y0mP6
+vzJrZqw=
+-----END ENCRYPTED PRIVATE KEY-----

remoting/src/test/resources/certs/client.pem

 -----BEGIN CERTIFICATE-----
-MIIC8DCCAdgCAQIwDQYJKoZIhvcNAQEFBQAwgYoxCzAJBgNVBAYTAnpoMQswCQYD
-VQQIDAJ6ajELMAkGA1UEBwwCaHoxDzANBgNVBAoMBmFwYWNoZTERMA8GA1UECwwI
-cm9ja2V0bXExHDAaBgNVBAMME3JvY2tldG1xLmFwYWNoZS5vcmcxHzAdBgkqhkiG
-9w0BCQEWEHl1a29uQGFwYWNoZS5vcmcwHhcNMTcxMjEwMTM1MTA0WhcNMTgwMTA5
-MTM1MTA0WjB1MQswCQYDVQQGEwJ6aDELMAkGA1UECAwCemoxCzAJBgNVBAcMAmh6
-MQwwCgYDVQQKDANmb28xDDAKBgNVBAsMA2JhcjEUMBIGA1UEAwwLZm9vQGJhci5j
-b20xGjAYBgkqhkiG9w0BCQEWC2Zvb0BiYXIuY29tMIGfMA0GCSqGSIb3DQEBAQUA
-A4GNADCBiQKBgQCeXhOsBqy7Ij2WswfrhGKhs6w6kAB10PO5TEflXo3ocntfNHK/
-s9i0dNyzfQCpqxVw2bo4X+DhDjrGzd2aX0k2IrgoMiCsYTemgpKwUn86A8Cwwqm+
-kv6vsIgw9maVIHwRJAR8Z3k74yAD7OmJ87FGLFyBpqkG2+amHJk3mxLeXQIDAQAB
-MA0GCSqGSIb3DQEBBQUAA4IBAQCWjvZ2VvfPco3vb8VDqffY+LIm4vM6uwgbaEal
-v28pUEhrsaBnhL4AB1oDKAfLd9eBosvoGGqQKqBzPr6cvOBTbR8K734FH5jd5+hX
-40gUzRhBn2OaSjWCjBFplsZKHmocnlpogOHHmCVqrofpzcvep6t2xAXS7rr1qN63
-CQUPYGeFPo4GnPRUtyirg2QFFS/PHnjKeyGNs0SuVWYR6a0aiy/AGH8LKgnpoFNu
-pWQFlKBJ15SywH7W0ew4I29/zaPfkrGR98OXNt3+9JhYL4j953slw6NnNZwnUgUY
-sqhmYKF1VTFqiZMVyrHCKIgMKROpLv+tx1xDWb9o/dnPnVOf
+MIIC8zCCAdsCAQIwDQYJKoZIhvcNAQEFBQAwfDELMAkGA1UEBhMCemgxCzAJBgNV
+BAgMAnpqMQswCQYDVQQHDAJoejEPMA0GA1UECgwGYXBhY2hlMREwDwYDVQQLDAhy
+b2NrZXRtcTEOMAwGA1UEAwwFeXVrb24xHzAdBgkqhkiG9w0BCQEWEHl1a29uQGFw
+YWNoZS5vcmcwHhcNMTcxMjExMDkyOTUyWhcNMTgwMTEwMDkyOTUyWjCBhjELMAkG
+A1UEBhMCemgxCzAJBgNVBAgMAnpqMQswCQYDVQQHDAJoejEPMA0GA1UECgwGYXBh
+Y2hlMREwDwYDVQQLDAhyb2NrZXRtcTEWMBQGA1UEAwwNZm9vYmFyLmNsaWVudDEh
+MB8GCSqGSIb3DQEJARYSZm9vQGJhci5jbGllbnQuY29tMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDoz5Uo2ZN+1ywSQXORv6kDbDXVQ72ZxBp7a6ltFLh4xdk/
+yz7bBjmryz+cAh759s8DEdngl2cCnSiM0r5NC91zox/12Di4EWt3IPdJVe1s5/VD
+Bqt5zoxbYyDgz47c95cGALgLdTB/itBPgobghQYBanWPVBNLLltw19DLf1gd6QID
+AQABMA0GCSqGSIb3DQEBBQUAA4IBAQDEpVFFcFILdnEXjyDSbgJ8rxXaUYV2aK+a
+lgrYfoHBv83MlEuHbydmHBoTL7BmPIL7JCIfufvRnnyBwcECi0E6qFbvMYNoMy6b
+OUiTq3nAnPSSoOgi2MxFxpGaOE0s2dp4K9U5nV6bXKLIwIZbJAiZT6aPVenNYJbv
+4arzFDe0Yjs/l3VYn2k9TjiiU2fxaW/8Ikx6o9nGWLTKeX/WtXfBNISqOPIL5dPF
+eaf0YKCVzvBQ3dIJiUyanRP1BCJJFrCsrPpyu4xFprbjRmDTnOpYB6CdIas5TMC8
+6HzB1fSFoltNEiCjlnLlfjpb5ueSLSbs6h1A7VH7NUEmLmncSlHf
 -----END CERTIFICATE-----

remoting/src/test/resources/certs/privkey.pem

 -----BEGIN ENCRYPTED PRIVATE KEY-----
-MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIJsho4sqLH9YCAggA
-MBQGCCqGSIb3DQMHBAiy71jmvceeywSCBMgal02N4c3kK/p+mYR6C+I6SJcnTRFX
-cKfkr/8ILSBQrjEVs/wKDbiGX27Qm9A7+T5SDmeuUMsY6N4DJYKiCeeCETTnY0M3
-k66P7ylVHHBYUd41PKt1GH9PVP8/nAX3+nO6O2KrzsZrxIYJwSGo8uXr19HKdtrm
-KDhj9WcPJ9F3FC/ND0gAbJnJ/bBffn0XxL6214meoSqkq3sdRKWLAZcWIyNp6lpo
-Ud7kINW2LDla5WQ2dkAnQ4W+F1F2n2OnP82knP5u0oBkatuiOCYTeZiRaiGPzKda
-hKUa/wrYfsb4TAWgahHUvWjBY05IchxayEw3x4V96cphn2/OMQcdbKgWXH1Wvzvx
-RnnvmurtEcwDjylyGtzaf40okTSxgz9eSzBnZAJQ4VPrZSrNnqRtNcl5GMBAxqjh
-xRlk2yKeawH7fEjCzy7jg4cZ8smDSyDk4WYZIpMu2TrrTuq/vMy9rolUGAmqZo7J
-vQB7chu9YT0JfXVDFfWUOtO/3VdpfG0dPxr4KJwsRDTNah/Dcfle04VtSstaEDU6
-n/8Yw04wa39BkwHiE5pdY/hyV8CmNyyFXR8rcqgFuDjRkm3TyiFdtpl1G7Cnm8t/
-jkDPDtS8JG9hhB+L34pepI8zceW9s2OMOoOYxyjZIeo9GSYUT/4lCuuqQPbqHmRM
-No8qMT1dGkX9U7MIOh+lUaUGrF51m8dyWUuGqRuonr7hWUbYugPm5ojV47oYh23G
-yNviK3cRfBh3WeC4Tz8OA2FnVqPPW2RBDN3E7BNevOSv+kMeihNKZITgHSu/h7zD
-O8l5PoPpy5VL17Yar1KlpSCmrHaKCVkQnflDpPnno5Kan0J8SUODG8+cVHK5uAQP
-T9vsrLNR+1kOmKUrwGe8TDg58dn1yJ5ZmyJ7AWgGo0wsUZzpyCY+ygmaO0JHv700
-qKbNwsr5OLWRKhJ7AGQS1T8DcOKNisiXDHczoVS/9igaycLirrnKzgsVme/gzKHm
-YT7ZXf6r43vQAZoI8jG+EWbSgNG5nVi1Q8SmKOJVPQ/XwooozjyoMRriiceVY8uz
-DUwpQ05nR+zmgBd7FXxJzxlp7P+ZXt5aibULxEtcStQUyDcaTBEmaFuod4XAdwe8
-1moIUHnRZbJn50otYJ6sVBrgZ3NC2AAEgO0aUSay1QqUnKToiUtXjchQ+V6X5dH2
-VLFVk7VIkWslJ5YsA7ecH2KJKnNtWRKs0kVsOnn4XTEe1SIzV2fJwEvxwX3CtPCd
-rBybE11r9gzsKJLLrdDiqCk14auVF6xzORsre+8VW5XN7OLzYNIhfHC8Xp7G8o4h
-5pEWtvT06YXAS6oypLP/JD5eUuPqovYRixHxu9nh3LiBy8GIOZAZ1NPjKuHf7cMW
-8q93WbV50HJXXfTzs8noup87SA6u/Qf9pcqQs1PuLrB3UoigIurCUT9RASNdudXB
-YiXZcXcsNcgv8cUXnNfJStH00NEmj9SDPmoK+8vZfjkgu0CcuqyCXRLP4X9Z14MC
-UuMP2MoJV9svMuqlXTkOGGZZhN/KOsrSkvvxarKd9Dw7/yXHyaw5qDMbKSrINpzQ
-/UEcJL/H016L9WTh+49ntv1vJDBLRIQt4KDUy8VTQ1m7+sAJoEFfKEKDNdDhLUWg
-QQE=
+MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIBTqUKpwFlcUCAggA
+MBQGCCqGSIb3DQMHBAii5M3Oni0WEwSCBMj5amhdPBva0QxgsWWrSBkfvmc3QQbl
+YQE5gHXzL5oaG0lbXCLQe19pr9jFckdDH8uPIi+aRie3WpZXzYLdihjsV0CgE7iy
+90ac9fgzIZbJIk/WQIDgwUZm5dEYo2v+B0WwKiD5IHzlTlXM6HVv+DRdPwKjHjAt
+TCcCSPUgjKVxHWFtQzY7mqo8P8wcNQHGkEfoQQub6tEsUDeesjS0FoK5Z2oYsmhW
+d0PNuGXw3UIMbG109DmC2ILFuTf5WSc7mxI11qL9Z5wTmcFqN7KKb8+MIQEoteni
+HICOFfKQWn8er14lmYw9anQAyaeyF/JnYkmVB8vaHBFYs/5EFZtvznpEIIhLKCuG
+lve8PJQmfWuBlPdwwJhCXHrLvjfwku4jUF8febU0BHZ5HETaB195g8r9RWfdZcrG
+f3fMO4Kq/YoP6oSxKhMP4L2pwj57EMV9N5P87ZyDFNp9BwgIjCawDRUc1Gi9YKak
+rpDNabTCr0I3NW27VGGF9m/mby7BLragc01LgTH7SFWS+1D/61/V2YBDFmWn2yV4
+4eKGeBkR3w0m/nWWfNXko8UzM/hjJ4P7Njq8HXdvEpnbDRZWzwdTGWTEvn/TAI3h
+j7vmWUHdpOQgb0WGlvEUx3V9wi2Fc1rCseHtYZgLf3KdKYHauPAMSON7KBtKaFuU
+6685sUoJbhahN7ILfP3sDxM3VYjSvlPL00lgOdqDT/iO6pNXvnNnQROCCE4kcOQT
+uSnEu+wmFHj+QlC60ftRl6zGVqjBxf1+TGmzTEByAOfZtEQ8V/clzRI4BCxYbCAG
+mJSa+q1RSju8yClBkXGT2zfhUeNqJnXEIaD/uXCPVGg7hfLyCcVVSmL97aw9QAIe
+lBJN/4bdxXLnJaHFKyztRe9N97JAKY9HAPMKKhKtqprWB7LedTIPHtXnpoSjyTrG
+SEtlOTQ38s3v9bUPXqF7TYZb+ytj5bIQpl6+WqF9ZNj3gRyx7rcsILhBBg08olVQ
+WZwr7LlIxUcDlrbYmrwd9lsMz2nOW2CLCD7mVqJQa2Wm35l6vJHQAI0WiQlHnopC
+M2Y49JruWWim2lC8ZzHgTyiU54bIfkXKQxua8G5WGxpW4dDRrM1d0uYe9M1TOqvP
+jFxq+XEIj/LntJpY7XIZs+33wuNLIVvkee9zsap++zYNH+KIGmbXz/HUO6gYeJYw
+EeaBTLfXtNlgHV9TpMjj3Js6p8hMoVDx27kzPOXa3nrFbHiHmUYY39ZSBCE53Wew
+SKIr/FlKtthzJwJkoMNxxsZ1QcI6WgmRANSC4oP9OyM+hPnWlISJZsy9UlXRZNEJ
+1lI8P/FUbdk/hsRN98j4pb/hzI0yyG1tKaj0TBipjdEsxfthKdwS2sE1wG+F2hrg
+A1jG+UOYmreQjCbrzEiq0J0H4wSL6/s/zN7SyXIWBG0UFalWFiehG5242mEOyX03
+0Yi94mPhF/kcqYsWZ/JJo6cq/EqgIeIqEzkbKx+TOsXk13K2y6apgvCxeHDDv3yT
+DqQueRgFicl0319yEK8ARnREFBm8D5oqwMHjJzVzjrqhFGLW1jfQG9HEW5A+s8WF
+d+2OtH1o/jVdAPXoP1DnxdF+G7fNXDI4cyjejC7uhLuxHCOx648UpRE9+mCiI2IO
+LDM=
 -----END ENCRYPTED PRIVATE KEY-----

remoting/src/test/resources/certs/server.key

 -----BEGIN PRIVATE KEY-----
-MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAJhhmOCebk9a4Uvc
-JYVf1vdpOrRNXb5H6RnGzRTZfzhtcrYIRKWnJwr3O5ZZ4TkdpH8H+fKHM5ytFk26
-EUbYa7mTkpdlplbe8O7Bk7ZRDvdMPsz2CSrhfjHfD96L2X2xGn0Es3gOwE2U7EWz
-UVJTQVxjC4FUCIQU8Gxt39tundqTAgMBAAECgYBGLTxgxdX7idkUPLCy+e5gRwAY
-JUE07p01l86++WOTsyQPHUOwHojmjfHNTlthGHu3XQ8JWKa2UyhgZ36pZ+ZD/Ppv
-LHRMQ/WobYIiZ9foJ2PvhBJkanffAIWpXiy9PCbtRyaKMnwRvhS7AEXP7XYMbJuE
-LzqSd9CuXPo5qt2iwQJBAMd4xyW2rY0xtD+FGbbJ6OLtOdRHdkRtta2H01CUlOTE
-lsqUmvKuNOTnMTnVoeMNwlXgd0Qbax2qpW/I2QJbv+MCQQDDkIHwAeiGKmb6I4MF
-frdTUN8cyXzdA+tjNm6j9/MnzX+lhQZkB1boyyO7wO79ZB57XXuYI4C62tpvluBz
-wxmRAkB4TOImX58ZyYFA0eApOmqG+bVnzlWIfXYVmxYZwhJuShX7RVaRx/jEmJ46
-mBoTWsf6jO7BF5wpfzJZUZN3dagrAkEAiH1W8teiHeGCNZqLW05xTKjozwKhLvAJ
-XRkkZzQqdOEr8a3CJBYrRhZhPi0Nn7Q8wgUgubItqjwMsE0xIhpMwQJBAJt8fOdZ
-rzNBh1mq0ZHGr02P4KB++q1NouqenkBdnlUIBe3UjH5miy/HkPWvcqTTKtADTnGI
-4f4a3Gu5NUW9xkQ=
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAOsmp4YtrIRsBdBQ
+LyPImafCRynTJls3NNF4g6nZr9e0efBY830gw9kBebcm603sdZNl95fzRr2+srXi
+5FJbG7Fmq1+F0xLNK/kKWirGtNMT2DubmhVdKyXYJSvInoGRkrQzbOG0MdAyzE6Q
+O6OjjNN+xGkmadWyCyNF6S8YqMJTAgMBAAECgYEAj0OlnOIG0Ube4+N2VN7KfqKm
+qJy0Ka6gx14dGUY/E7Qo9n27GujzaSq09RkJExiVKZBeIH1fBAtC5f2uDV7kpy0l
+uNpTpQkbw0g2EQLxDsVwaUEYbu+t9qVeXoDd1vFeoXHBuRwvI9UW1BrxVtvKODia
+5StU8Lw4yjcm2lQalwECQQD/sKj56thIsIY7D9qBHk7fnFLd8aYzhnP2GsbZX4V/
+T1KHRxr/8MqdNQX53DE5qcyM/Mqu95FIpTAniUtvcBujAkEA62+fAMYFTAEWj4Z4
+vCmcoPqfVPWhBKFR/wo3L8uUARiIzlbYNU3LIqC2s16QO50+bLUd41oVHNw9Y+uM
+fxQpkQJACg/WpncSadHghmR6UchyjCQnsqo2wyJQX+fv2VAD/d2OPtqSem3sW0Fh
+6dI7cax36zhrdXUyl2xAt92URV9hBwJALX93sdWSxnpbWsc449wCydVFH00MnfFz
+AB+ARLtJ0eBk58M+qyZqgDmgtQ8sPmkH3EgwC3SoKdiiAIJPt2s1EQJBAKnISZZr
+qB2F2PfAW2JJbQlrPyVzkxhv9XYdiVNOErmuxLFae3AI7nECgGuFBtvmeqzm2yRj
+7RBMCmzyWG7MF3o=
 -----END PRIVATE KEY-----

remoting/src/test/resources/certs/server.pem

 -----BEGIN CERTIFICATE-----
-MIIC8DCCAdgCAQEwDQYJKoZIhvcNAQEFBQAwgYoxCzAJBgNVBAYTAnpoMQswCQYD
-VQQIDAJ6ajELMAkGA1UEBwwCaHoxDzANBgNVBAoMBmFwYWNoZTERMA8GA1UECwwI
-cm9ja2V0bXExHDAaBgNVBAMME3JvY2tldG1xLmFwYWNoZS5vcmcxHzAdBgkqhkiG
-9w0BCQEWEHl1a29uQGFwYWNoZS5vcmcwHhcNMTcxMjEwMTM0NzQ5WhcNMTgwMTA5
-MTM0NzQ5WjB1MQswCQYDVQQGEwJ6aDELMAkGA1UECAwCemoxCzAJBgNVBAcMAmh6
-MQwwCgYDVQQKDANmb28xDDAKBgNVBAsMA2JhcjEUMBIGA1UEAwwLZm9vQGJhci5j
-b20xGjAYBgkqhkiG9w0BCQEWC2Zvb0BiYXIuY29tMIGfMA0GCSqGSIb3DQEBAQUA
-A4GNADCBiQKBgQCYYZjgnm5PWuFL3CWFX9b3aTq0TV2+R+kZxs0U2X84bXK2CESl
-pycK9zuWWeE5HaR/B/nyhzOcrRZNuhFG2Gu5k5KXZaZW3vDuwZO2UQ73TD7M9gkq
-4X4x3w/ei9l9sRp9BLN4DsBNlOxFs1FSU0FcYwuBVAiEFPBsbd/bbp3akwIDAQAB
-MA0GCSqGSIb3DQEBBQUAA4IBAQA9b/BrjGimboFJBk4I/LheTYRnC+0nYcyqA2BH
-mF5ednGnK76lMl/iXB4iy7yYSn3nES5pWwNrwZPyu0SCD5tTNpRkVmzNkL6Mv/PE
-+Dip6OIprV0NDrubAi5baX8jzPSKquvz7ULlnPwhFQBXlE9zm1GheChOfioGS9ob
-Y7Bwdu/NDGh6JouWSKXRlXArWBMF8sdQ4WSnJgswEO8Kk0Om5bfGJ+NNEeBxbXPd
-VxjA+C4N2JT83SzHFJI/AlUJOo0H3dTzwkOGpdykMDBxS9ajoQIfzjrn6N1dRD4a
-Xyye5YyQnJ2sgAfYdK0kpHlfnqWus1M1ZDoDMLxjImRrO91y
+MIIC5DCCAcwCAQEwDQYJKoZIhvcNAQEFBQAwfDELMAkGA1UEBhMCemgxCzAJBgNV
+BAgMAnpqMQswCQYDVQQHDAJoejEPMA0GA1UECgwGYXBhY2hlMREwDwYDVQQLDAhy
+b2NrZXRtcTEOMAwGA1UEAwwFeXVrb24xHzAdBgkqhkiG9w0BCQEWEHl1a29uQGFw
+YWNoZS5vcmcwHhcNMTcxMjExMDkyNjIwWhcNMTgwMTEwMDkyNjIwWjB4MQswCQYD
+VQQGEwJ6aDELMAkGA1UECAwCemoxCzAJBgNVBAcMAmh6MQ8wDQYDVQQKDAZhcGFj
+aGUxETAPBgNVBAsMCHJvY2tldG1xMQ8wDQYDVQQDDAZmb29iYXIxGjAYBgkqhkiG
+9w0BCQEWC2Zvb0BiYXIuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDr
+JqeGLayEbAXQUC8jyJmnwkcp0yZbNzTReIOp2a/XtHnwWPN9IMPZAXm3JutN7HWT
+ZfeX80a9vrK14uRSWxuxZqtfhdMSzSv5CloqxrTTE9g7m5oVXSsl2CUryJ6BkZK0
+M2zhtDHQMsxOkDujo4zTfsRpJmnVsgsjRekvGKjCUwIDAQABMA0GCSqGSIb3DQEB
+BQUAA4IBAQCmhSgxU5PRhBD2qahj2eWKcmz3FCevXgfyN/EUrwI2dZTU5fXPP+m9
+YBLAYUINI0eYGWt0wlGJ6UFyEgt1fcXP3gqsye9fjECmWoae1kVjvYdaxYGsEXrM
+bxSum1D1bz6yRA+eSOaT5aesfw1ZL74AkIq5aRKQ4cgLGzlbIYeoa62XcAj6GrBo
+V2s/mvKCc1FPrqnpUlTTYFM9eRbEyC7HkOm9c+NAy6FqoLFr3tegH+q8ZxENDw4k
+z9gojQ6t1LDPOAmLGHwvMshHa841CwfOduSvzldtxzjnLVUvYB9cyXS1JXvuC9jj
+Q6BOXIYI+0HVgkJbcPOIYDlgC+g6QJqf
 -----END CERTIFICATE-----