CertificateManagerCertificate

Property	Value
Google Cloud Service Name	Certificate Manager
Google Cloud Service Documentation	/certificate-manager/docs/
Google Cloud REST Resource Name	v1.projects.locations.certificates
Google Cloud REST Resource Documentation	/certificate-manager/docs/reference/certificate-manager/rest/v1/projects.locations.certificates
Config Connector Resource Short Names	gcpcertificatemanagercertificate gcpcertificatemanagercertificates certificatemanagercertificate
Config Connector Service Name	certificatemanager.googleapis.com
Config Connector Resource Fully Qualified Name	certificatemanagercertificates.certificatemanager.cnrm.cloud.google.com
Can Be Referenced by IAMPolicy/IAMPolicyMember	No
Config Connector Default Average Reconcile Interval In Seconds	600

Custom Resource Definition Properties

Spec

Schema

description: string
location: string
managed:
  authorizationAttemptInfo:
  - details: string
    domain: string
    failureReason: string
    state: string
  dnsAuthorizationsRefs:
  - external: string
    name: string
    namespace: string
  domains:
  - string
  issuanceConfigRef:
    external: string
    name: string
    namespace: string
  provisioningIssue:
  - details: string
    reason: string
  state: string
projectRef:
  external: string
  name: string
  namespace: string
resourceID: string
scope: string
selfManaged:
  certificatePem:
    value: string
    valueFrom:
      secretKeyRef:
        key: string
        name: string
  pemCertificate: string
  pemPrivateKey:
    value: string
    valueFrom:
      secretKeyRef:
        key: string
        name: string
  privateKeyPem:
    value: string
    valueFrom:
      secretKeyRef:
        key: string
        name: string

Fields

Fields
`description` Optional	`string` A human-readable description of the resource.
`location` Required	`string` Immutable. The Certificate Manager location. If not specified, "global" is used.
`managed` Optional	`object` Immutable. Configuration and state of a Managed Certificate. Certificate Manager provisions and renews Managed Certificates automatically, for as long as it's authorized to do so.
`managed.authorizationAttemptInfo` Optional	`list (object)` Detailed state of the latest authorization attempt for each domain specified for this Managed Certificate.
`managed.authorizationAttemptInfo[]` Optional	`object`
`managed.authorizationAttemptInfo[].details` Optional	`string` Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use 'failure_reason' field.
`managed.authorizationAttemptInfo[].domain` Optional	`string` Domain name of the authorization attempt.
`managed.authorizationAttemptInfo[].failureReason` Optional	`string` Reason for failure of the authorization attempt for the domain.
`managed.authorizationAttemptInfo[].state` Optional	`string` State of the domain for managed certificate issuance.
`managed.dnsAuthorizationsRefs` Optional	`list (object)`
`managed.dnsAuthorizationsRefs[]` Optional	`object` Authorizations that will be used for performing domain authorization. Either issuanceConfig or dnsAuthorizations should be specified, but not both.
`managed.dnsAuthorizationsRefs[].external` Optional	`string` Allowed value: string of the format `projects/{{project}}/locations/global/dnsAuthorizations/{{value}}`, where {{value}} is the `name` field of a `CertificateManagerDNSAuthorization` resource.
`managed.dnsAuthorizationsRefs[].name` Optional	`string` Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
`managed.dnsAuthorizationsRefs[].namespace` Optional	`string` Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
`managed.domains` Optional	`list (string)` Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
`managed.domains[]` Optional	`string`
`managed.issuanceConfigRef` Optional	`object` Only the `external` field is supported to configure the reference. Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects//locations//certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa. Either issuanceConfig or dnsAuthorizations should be specified, but not both.
`managed.issuanceConfigRef.external` Optional	`string` Allowed value: string of the format `projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}`, where {{value}} is the `name` field of a `CertificateManagerCertificateIssuanceConfig` resource.
`managed.issuanceConfigRef.name` Optional	`string` Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
`managed.issuanceConfigRef.namespace` Optional	`string` Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
`managed.provisioningIssue` Optional	`list (object)` Information about issues with provisioning this Managed Certificate.
`managed.provisioningIssue[]` Optional	`object`
`managed.provisioningIssue[].details` Optional	`string` Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use 'reason' field.
`managed.provisioningIssue[].reason` Optional	`string` Reason for provisioning failures.
`managed.state` Optional	`string` A state of this Managed Certificate.
`projectRef` Required	`object` The project that this resource belongs to.
`projectRef.external` Optional	`string` Allowed value: The `name` field of a `Project` resource.
`projectRef.name` Optional	`string` Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
`projectRef.namespace` Optional	`string` Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
`resourceID` Optional	`string` Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default.
`scope` Optional	`string` Immutable. The scope of the certificate. DEFAULT: Certificates with default scope are served from core Google data centers. If unsure, choose this option. EDGE_CACHE: Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers. ALL_REGIONS: Certificates with ALL_REGIONS scope are served from all GCP regions (You can only use ALL_REGIONS with global certs). see https://cloud.google.com/compute/docs/regions-zones.
`selfManaged` Optional	`object` Immutable. Certificate data for a SelfManaged Certificate. SelfManaged Certificates are uploaded by the user. Updating such certificates before they expire remains the user's responsibility.
`selfManaged.certificatePem` Optional	`object` DEPRECATED. `certificate_pem` is deprecated. Use `pem_certificate` instead. Immutable. The certificate chain in PEM-encoded form. Leaf certificate comes first, followed by intermediate ones if any.
`selfManaged.certificatePem.value` Optional	`string` Value of the field. Cannot be used if 'valueFrom' is specified.
`selfManaged.certificatePem.valueFrom` Optional	`object` Source for the field's value. Cannot be used if 'value' is specified.
`selfManaged.certificatePem.valueFrom.secretKeyRef` Optional	`object` Reference to a value with the given key in the given Secret in the resource's namespace.
`selfManaged.certificatePem.valueFrom.secretKeyRef.key` Required*	`string` Key that identifies the value to be extracted.
`selfManaged.certificatePem.valueFrom.secretKeyRef.name` Required*	`string` Name of the Secret to extract a value from.
`selfManaged.pemCertificate` Optional	`string` Immutable. The certificate chain in PEM-encoded form. Leaf certificate comes first, followed by intermediate ones if any.
`selfManaged.pemPrivateKey` Optional	`object` Immutable. The private key of the leaf certificate in PEM-encoded form.
`selfManaged.pemPrivateKey.value` Optional	`string` Value of the field. Cannot be used if 'valueFrom' is specified.
`selfManaged.pemPrivateKey.valueFrom` Optional	`object` Source for the field's value. Cannot be used if 'value' is specified.
`selfManaged.pemPrivateKey.valueFrom.secretKeyRef` Optional	`object` Reference to a value with the given key in the given Secret in the resource's namespace.
`selfManaged.pemPrivateKey.valueFrom.secretKeyRef.key` Required*	`string` Key that identifies the value to be extracted.
`selfManaged.pemPrivateKey.valueFrom.secretKeyRef.name` Required*	`string` Name of the Secret to extract a value from.
`selfManaged.privateKeyPem` Optional	`object` DEPRECATED. `private_key_pem` is deprecated. Use `pem_private_key` instead. Immutable. The private key of the leaf certificate in PEM-encoded form.
`selfManaged.privateKeyPem.value` Optional	`string` Value of the field. Cannot be used if 'valueFrom' is specified.
`selfManaged.privateKeyPem.valueFrom` Optional	`object` Source for the field's value. Cannot be used if 'value' is specified.
`selfManaged.privateKeyPem.valueFrom.secretKeyRef` Optional	`object` Reference to a value with the given key in the given Secret in the resource's namespace.
`selfManaged.privateKeyPem.valueFrom.secretKeyRef.key` Required*	`string` Key that identifies the value to be extracted.
`selfManaged.privateKeyPem.valueFrom.secretKeyRef.name` Required*	`string` Name of the Secret to extract a value from.

description

Optional

string

A human-readable description of the resource.

location

Required

string

Immutable. The Certificate Manager location. If not specified, "global" is used.

managed

Optional

object

Immutable. Configuration and state of a Managed Certificate. Certificate Manager provisions and renews Managed Certificates automatically, for as long as it's authorized to do so.

managed.authorizationAttemptInfo

Optional

list (object)

Detailed state of the latest authorization attempt for each domain specified for this Managed Certificate.

managed.authorizationAttemptInfo[]

Optional

object

managed.authorizationAttemptInfo[].details

Optional

string

Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use 'failure_reason' field.

managed.authorizationAttemptInfo[].domain

Optional

string

Domain name of the authorization attempt.

managed.authorizationAttemptInfo[].failureReason

Optional

string

Reason for failure of the authorization attempt for the domain.

managed.authorizationAttemptInfo[].state

Optional

string

State of the domain for managed certificate issuance.

managed.dnsAuthorizationsRefs

Optional

list (object)

managed.dnsAuthorizationsRefs[]

Optional

object

Authorizations that will be used for performing domain authorization. Either issuanceConfig or dnsAuthorizations should be specified, but not both.

managed.dnsAuthorizationsRefs[].external

Optional

string

Allowed value: string of the format `projects/{{project}}/locations/global/dnsAuthorizations/{{value}}`, where {{value}} is the `name` field of a `CertificateManagerDNSAuthorization` resource.

managed.dnsAuthorizationsRefs[].name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

managed.dnsAuthorizationsRefs[].namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

managed.domains

Optional

list (string)

Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.

managed.domains[]

Optional

string

managed.issuanceConfigRef

Optional

object

Only the `external` field is supported to configure the reference. Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects/*/locations/*/certificateIssuanceConfigs/*. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa. Either issuanceConfig or dnsAuthorizations should be specified, but not both.

managed.issuanceConfigRef.external

Optional

string

Allowed value: string of the format `projects/{{project}}/locations/{{location}}/certificateIssuanceConfigs/{{name}}`, where {{value}} is the `name` field of a `CertificateManagerCertificateIssuanceConfig` resource.

managed.issuanceConfigRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

managed.issuanceConfigRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

managed.provisioningIssue

Optional

list (object)

Information about issues with provisioning this Managed Certificate.

managed.provisioningIssue[]

Optional

object

managed.provisioningIssue[].details

Optional

string

Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use 'reason' field.

managed.provisioningIssue[].reason

Optional

string

Reason for provisioning failures.

managed.state

Optional

string

A state of this Managed Certificate.

projectRef

Required

object

The project that this resource belongs to.

projectRef.external

Optional

string

Allowed value: The `name` field of a `Project` resource.

projectRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

projectRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

resourceID

Optional

string

Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default.

scope

Optional

string

Immutable. The scope of the certificate. DEFAULT: Certificates with default scope are served from core Google data centers. If unsure, choose this option. EDGE_CACHE: Certificates with scope EDGE_CACHE are special-purposed certificates, served from non-core Google data centers. ALL_REGIONS: Certificates with ALL_REGIONS scope are served from all GCP regions (You can only use ALL_REGIONS with global certs). see https://cloud.google.com/compute/docs/regions-zones.

selfManaged

Optional

object

Immutable. Certificate data for a SelfManaged Certificate. SelfManaged Certificates are uploaded by the user. Updating such certificates before they expire remains the user's responsibility.

selfManaged.certificatePem

Optional

object

DEPRECATED. `certificate_pem` is deprecated. Use `pem_certificate` instead. Immutable. The certificate chain in PEM-encoded form. Leaf certificate comes first, followed by intermediate ones if any.

selfManaged.certificatePem.value

Optional

string

Value of the field. Cannot be used if 'valueFrom' is specified.

selfManaged.certificatePem.valueFrom

Optional

object

Source for the field's value. Cannot be used if 'value' is specified.

selfManaged.certificatePem.valueFrom.secretKeyRef

Optional

object

Reference to a value with the given key in the given Secret in the resource's namespace.

selfManaged.certificatePem.valueFrom.secretKeyRef.key

Required*

string

Key that identifies the value to be extracted.

selfManaged.certificatePem.valueFrom.secretKeyRef.name

Required*

string

Name of the Secret to extract a value from.

selfManaged.pemCertificate

Optional

string

Immutable. The certificate chain in PEM-encoded form. Leaf certificate comes first, followed by intermediate ones if any.

selfManaged.pemPrivateKey

Optional

object

Immutable. The private key of the leaf certificate in PEM-encoded form.

selfManaged.pemPrivateKey.value

Optional

string

Value of the field. Cannot be used if 'valueFrom' is specified.

selfManaged.pemPrivateKey.valueFrom

Optional

object

Source for the field's value. Cannot be used if 'value' is specified.

selfManaged.pemPrivateKey.valueFrom.secretKeyRef

Optional

object

Reference to a value with the given key in the given Secret in the resource's namespace.

selfManaged.pemPrivateKey.valueFrom.secretKeyRef.key

Required*

string

Key that identifies the value to be extracted.

selfManaged.pemPrivateKey.valueFrom.secretKeyRef.name

Required*

string

Name of the Secret to extract a value from.

selfManaged.privateKeyPem

Optional

object

DEPRECATED. `private_key_pem` is deprecated. Use `pem_private_key` instead. Immutable. The private key of the leaf certificate in PEM-encoded form.

selfManaged.privateKeyPem.value

Optional

string

Value of the field. Cannot be used if 'valueFrom' is specified.

selfManaged.privateKeyPem.valueFrom

Optional

object

Source for the field's value. Cannot be used if 'value' is specified.

selfManaged.privateKeyPem.valueFrom.secretKeyRef

Optional

object

Reference to a value with the given key in the given Secret in the resource's namespace.

selfManaged.privateKeyPem.valueFrom.secretKeyRef.key

Required*

string

Key that identifies the value to be extracted.

selfManaged.privateKeyPem.valueFrom.secretKeyRef.name

Required*

string

Name of the Secret to extract a value from.

* Field is required when parent field is specified

Status

Schema

conditions:
- lastTransitionTime: string
  message: string
  reason: string
  status: string
  type: string
observedGeneration: integer

Fields
`conditions`	`list (object)` Conditions represent the latest available observation of the resource's current state.
`conditions[]`	`object`
`conditions[].lastTransitionTime`	`string` Last time the condition transitioned from one status to another.
`conditions[].message`	`string` Human-readable message indicating details about last transition.
`conditions[].reason`	`string` Unique, one-word, CamelCase reason for the condition's last transition.
`conditions[].status`	`string` Status is the status of the condition. Can be True, False, Unknown.
`conditions[].type`	`string` Type is the type of the condition.
`observedGeneration`	`integer` ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource.

Sample YAML(s)

Managed DNS Certificate

# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: certificatemanager.cnrm.cloud.google.com/v1beta1
kind: CertificateManagerCertificate
metadata:
  labels:
    label-one: "value-one"
  name: certificatemanagercertificate-sample-manageddnscertificate
spec:
  location : global
  projectRef:
    # Replace ${PROJECT_ID?} with your project ID.
    external: ${PROJECT_ID?}
  description: sample managed certificate for kcc
  scope: EDGE_CACHE
  managed:
    domains:
    - subdomain1.hashicorptest.com
    - subdomain2.hashicorptest.com
    dnsAuthorizationsRefs:
    - name: certificatemanagercertificate-dep1-manageddnscertificate
    - name: certificatemanagercertificate-dep2-manageddnscertificate
---
apiVersion: certificatemanager.cnrm.cloud.google.com/v1beta1
kind: CertificateManagerDNSAuthorization
metadata:
  name: certificatemanagercertificate-dep1-manageddnscertificate
spec:
  domain: subdomain1.hashicorptest.com
  projectRef:
    # Replace ${PROJECT_ID?} with your project ID.
    external: ${PROJECT_ID?}
---
apiVersion: certificatemanager.cnrm.cloud.google.com/v1beta1
kind: CertificateManagerDNSAuthorization
metadata:
  name: certificatemanagercertificate-dep2-manageddnscertificate
spec:
  domain: subdomain2.hashicorptest.com
  projectRef:
    # Replace ${PROJECT_ID?} with your project ID.
    external: ${PROJECT_ID?}

Self Managed Certificate

# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: certificatemanager.cnrm.cloud.google.com/v1beta1
kind: CertificateManagerCertificate
metadata:
  labels:
    label-one: "value-one"
  name: certificatemanagercertificate-sample-selfmanagedcertificate
spec:
  location : europe-west1
  projectRef:
    # Replace ${PROJECT_ID?} with your project ID.
    external: ${PROJECT_ID?}
  description:  Regional self-managed certificate
  selfManaged:
    pemCertificate: |-
      -----BEGIN CERTIFICATE-----
      MIIDDzCCAfegAwIBAgIUDOiCLH9QNMMYnjPZVf4VwO9blsEwDQYJKoZIhvcNAQEL
      BQAwFjEUMBIGA1UEAwwLZXhhbXBsZS5jb20wIBcNMjIwODI0MDg0MDUxWhgPMzAy
      MTEyMjUwODQwNTFaMBYxFDASBgNVBAMMC2V4YW1wbGUuY29tMIIBIjANBgkqhkiG
      9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOT925GG4lKV9HvAHsbecMhGPAqjhVRC26iZ
      UJC8oSWOu95lWJSX5ZhbiF6Nz192wDGV/VAh3Lxj8RYtcn75eDxQKTcKouDld+To
      CGIStPFWbR6rbysLuZqFVEXVOTvp2QIegInfrvnGC4j7Qpic7zrFB9HzJx+0HpeE
      yO4gkdzJfEK/gMmolUgJrKX59o+0+Rj+Jq3EtcQxL1fVBVJSx0NvpoR1eYpnHMr/
      rJKZkUUZ2xE86hrtpiP6OEYQTi00rmf4GnZF5QfGGD0xuoQXtR7Tu+XhKibXIhxc
      D4RzPLX1QS040PXvmMPLDb4YlUQ6V3Rs42JDvkkDwIMXZvn8awIDAQABo1MwUTAd
      BgNVHQ4EFgQURuo1CCZZAUv7xi02f2nC5tRbf18wHwYDVR0jBBgwFoAURuo1CCZZ
      AUv7xi02f2nC5tRbf18wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC
      AQEAqx3tDxurnYr9EUPhF5/LlDPYM+VI7EgrKdRnuIqUlZI0tm3vOGME0te6dBTC
      YLNaHLW3m/4Tm4M2eg0Kpz6CxJfn3109G31dCi0xwzSDHf5TPUWvqIVhq5WRgMIf
      n8KYBlQSmqdJBRztUIQH/UPFnSbxymlS4s5qwDgTH5ag9EEBcnWsQ2LZjKi0eqve
      MaqAvvB+j8RGZzYY4re94bSJI42zIZ6nMWPtXwRuDc30xl/u+E0jWIgWbPwSd6Km
      3wnJnGiU2ezPGq3zEU+Rc39VVIFKQpciNeYuF3neHPJvYOf58qW2Z8s0VH0MR1x3
      3DoO/e30FIr9j+PRD+s5BPKF2A==
      -----END CERTIFICATE-----
    pemPrivateKey:
      valueFrom:
        secretKeyRef:
          name: certificatemanagercertificate-dep-selfmanagedcertificate
          key: privateKey
---
apiVersion: v1
kind: Secret
metadata:
  name: certificatemanagercertificate-dep-selfmanagedcertificate
stringData:
  privateKey: |
    -----BEGIN PRIVATE KEY-----
    MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC85P3bkYbiUpX0
    e8Aext5wyEY8CqOFVELbqJlQkLyhJY673mVYlJflmFuIXo3PX3bAMZX9UCHcvGPx
    Fi1yfvl4PFApNwqi4OV35OgIYhK08VZtHqtvKwu5moVURdU5O+nZAh6Aid+u+cYL
    iPtCmJzvOsUH0fMnH7Qel4TI7iCR3Ml8Qr+AyaiVSAmspfn2j7T5GP4mrcS1xDEv
    V9UFUlLHQ2+mhHV5imccyv+skpmRRRnbETzqGu2mI/o4RhBOLTSuZ/gadkXlB8YY
    PTG6hBe1HtO75eEqJtciHFwPhHM8tfVBLTjQ9e+Yw8sNvhiVRDpXdGzjYkO+SQPA
    gxdm+fxrAgMBAAECggEAV4/A24TQpV4KFBw/WSTvnRFBeXinB1mhamhztWR6hCrA
    SPcVPKQY632eRI8sJmpGxl3V/Ogl4khT/cA9jfstEl7G++v/WrRsupCaPLSVnlnX
    KdsTNgOauk1WK9P5PMA4rPcuA4Cl91riQpubeWn8KWsxRWg90i+Ak8PB8lBsOaB1
    QzjigWlrRWSpodaw0MBIMZFDL2BYK8HEr+wyATYIyGvDQc9zCnMQIQIZyEPYepLO
    04Dw17YcjgnoJ5gLAFiTvDrCpTMewud1RQzvW5TAvG2piw34sf3QMGPM7aXNrfuZ
    4ZPC/MwVQgq9Nc+jeDsjApQmJKJ+3a8OdIPU89ArTQKBgQDCpHHQe1RzpHmIx47/
    9N5r+NPBhh8flDYmvgi6zPeBfrAaLWhidS8c7Voa6HwvMxbhryDEvc0YqI3vllfy
    xnRF+DfSryozW0gjrkXDGoOzqOJ3EuQwLSJnyX6La2lmufqsRFazwYJ5sxcjoGHK
    /sbwZkIUj1ejuH44ve+ZJQFfpwKBgQD4cLJrJhqImUDhHZRx9jBvxyeHy/RjmHK6
    70xQVDi9ZqeExHwtoSbolhXKLB1RtBnw+t5Csy7IDNBDsbUg9fXU8KyCTIdmsyws
    bDb5hdKsUF76rkKzlpttiXMRVWGS3CMKWahBpnL3lFB3tdtmskemkBTXVn4VgKAH
    xk9XnZ11nQKBgDbQSJ0FnkrSzscOK984/ko50Kh3NNyXyIgwjBTPFASLwNweXX8c
    sR/cV7usLQy9vnvf7cJ6EQAYt5/5Httnt+bceBwE6EV+N1qVAWBoXx6BOQV/dHN8
    wmun+tMYdJ5RUZ6hwCjvHedX3/RQfjnEdhHNOl6/31Zj5mfkVU0zdqeRAoGAcvIh
    erXMfPr7K6y16+xOCMmKHqhc0F/OZXMmSdxNzEPcqe8GzU3MZLxcJIg4oH7FqdtI
    Tm/86w4Spd9owHFMZlNcXYTu+LNZcsw2u0gRayxcZXuO3OyHySxZEuIAHSTBCZ7l
    3EoY0zfJ6zk249MEl6n+GouoFmbGpBI6z3zbR3kCgYEAlCNZVH4uJrP5beTOZTTR
    VJRk7BXvEC6HsM140YtIN7NHy2GtzrgmmY/ZAFB/hX8Ft4ex2MxbIp3hvxroTqGn
    bfu7uv97NoPQqbjtc3Mz8h2IaXTVDUnWYY5gDu6rM2w+Z75/sWIGiTWrsdYX4ohb
    ujngzJ7Ew7GgKSboj6mtlVM=
    -----END PRIVATE KEY-----