<# Azure AD application generator for CubeBackup Version: 1.0 Updated: 2022.01.05 Created by: CubeBackup Inc. For more information, see https://www.cubebackup.com/docs/user_guide/initial_config_windows/#step-3-create-azure-app #> Function GenRequiredPermissions([string] $apiName, [string]$permissions) { $sp = Get-AzureADServicePrincipal -Filter "DisplayName eq '$apiName'" $requiredAccess = New-Object Microsoft.Open.AzureAD.Model.RequiredResourceAccess $requiredAccess.ResourceAppId = $sp.AppId $requiredAccess.ResourceAccess = New-Object System.Collections.Generic.List[Microsoft.Open.AzureAD.Model.ResourceAccess] foreach ($permission in $permissions.Trim().Split("|")) { foreach ($role in $sp.AppRoles) { if ($role.Value -eq $permission) { $resourceAccess = New-Object Microsoft.Open.AzureAD.Model.ResourceAccess $resourceAccess.Type = "Role" $resourceAccess.Id = $role.Id $requiredAccess.ResourceAccess.Add($resourceAccess) } } } return $requiredAccess } if ([System.Environment]::OSVersion.Version.Major -lt 10) { Write-Host -ForegroundColor Red "This Powershell script can only run on Windows 10 or Windows Server 2016 and above." Exit } $modules = @() if ($null -eq (Get-Module -ListAvailable -Name "AzureAD")) { $modules += "AzureAD" } if ($null -eq (Get-Module -ListAvailable -Name "PSPKI")) { $modules += "PSPKI" } if ($modules.Length -gt 0) { Write-Host "Installing dependent modules..." foreach ( $module in $modules ) { Install-Module -Scope CurrentUser $module } } Import-Module "AzureAD" Import-Module "PSPKI" 3>$null Write-Host "Connecting to Azure AD..." try { $global:azure = Connect-AzureAD } catch { Write-Host -ForegroundColor Red "Failed to connect to AzureAD: $_" exit } Write-Host "Registering an Azure AD application for CubeBackup..." $appName = "CubeBackup for Microsoft 365" $app = New-AzureADApplication -DisplayName $appName Write-Host "Generating an application certificate..." $cert = New-SelfSignedCertificate -Subject CN=$appName ` -CertStoreLocation "Cert:\CurrentUser\My" ` -KeyExportPolicy Exportable ` -NotAfter (Get-Date).AddYears(100) ` -KeySpec Signature $pwd = Get-Location $certPath = "$($pwd)\cert.key" $count = 1 while(Test-Path $certPath) { $certPath = "$($pwd)\cert ($($count)).key" $count += 1 } Convert-PfxToPem -Certificate $cert -Outputfile $certPath >$null Write-Host "Uploading the application certificate..." $key = New-AzureADApplicationKeyCredential -ObjectId $app.ObjectId ` -Type AsymmetricX509Cert ` -Usage Verify ` -Value $([System.Convert]::ToBase64String($cert.GetRawCertData())) ` -StartDate $cert.NotBefore ` -EndDate $cert.NotAfter $owner = Get-AzureADApplicationOwner -ObjectId $app.ObjectId if (!$owner) { $user = Get-AzureADUser -ObjectId $azure.Account.Id Add-AzureADApplicationOwner -ObjectId $app.ObjectId -RefObjectId $user.ObjectId } Write-Host "Adding API permissions..." $requiredResourcesAccess = New-Object System.Collections.Generic.List[Microsoft.Open.AzureAD.Model.RequiredResourceAccess] $requiredAccess = GenRequiredPermissions -apiName "Microsoft Graph" -permissions "Directory.ReadWrite.All|User.ReadWrite.All|Group.ReadWrite.All|Calendars.ReadWrite|Contacts.ReadWrite|Files.ReadWrite.All|Mail.ReadWrite|Sites.FullControl.All" $requiredResourcesAccess.Add($requiredAccess) $requiredAccess = GenRequiredPermissions -apiName "Office 365 SharePoint Online" -permissions "Sites.FullControl.All|TermStore.ReadWrite.All" $requiredResourcesAccess.Add($requiredAccess) $requiredAccess = GenRequiredPermissions -apiName "Office 365 Exchange Online" -permissions "full_access_as_app" $requiredResourcesAccess.Add($requiredAccess) Set-AzureADApplication -ObjectId $app.ObjectId -RequiredResourceAccess $requiredResourcesAccess Write-Host "`r`nAzure AD application has been successfully created. Please fill in the following information in the CubeBackup setup wizard." Write-Host "------------------------------------------------------" Write-Host "Application ID:" Write-Host -ForegroundColor Yellow $app.AppId Write-Host "Directory ID:" Write-Host -ForegroundColor Yellow $azure.Tenant.Id Write-Host "Private key file:" Write-Host -ForegroundColor Yellow $certPath Write-Host "------------------------------------------------------" Write-Host "`r`nBefore proceeding to the next step in the wizard, please click the 'Grant admin consent' button to authorize the API permissions in the web page that will open for you. If the page is blocked from opening automatically, please paste the following URL into a web browser and click the 'Grand admin consent' button.`r`n" $url = "https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/CallAnAPI/appId/" + $app.AppId + "/objectId/" + $app.ObjectId + "/isMSAApp/" Write-Host -ForegroundColor Yellow $url if (!$psISE) { Write-Host "`r`nPress any key to exit the script..." $x = $host.ui.RawUI.ReadKey("NoEcho,IncludeKeyDown") } # SIG # Begin signature block # MIInywYJKoZIhvcNAQcCoIInvDCCJ7gCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCVnBcw2N23fQ6B # a5Yxi/2oRTk7Ew2+Mx0MZFeQKMasOqCCErQwggXYMIIEwKADAgECAhEA5CcElfaM # kdbQ7HtJTqTfHDANBgkqhkiG9w0BAQsFADB+MQswCQYDVQQGEwJQTDEiMCAGA1UE # ChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENl # cnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBO # ZXR3b3JrIENBMB4XDTE4MDkxMTA5MjY0N1oXDTIzMDkxMTA5MjY0N1owfDELMAkG # A1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYD # VQQKDA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0 # aWZpY2F0aW9uIEF1dGhvcml0eSBSU0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw # ggIKAoICAQD5D92jK33L0Cr+7GeFpucuG7p34eP1r6Ts+kpdkcRXR2sYd2t28v2T # 5D0PwhaeC2bDVpSeF4OFzlbv8hb9AGL1IglU6GUXTkG54E9Gl6obyLhuYl5psV/b # KgJ+/GzK80HY7dDo/D9hSO2wAxQdEA5LGeC7TuyGZf82815nAgudhlVh/Xo47f7i # GQC3b6FQYnV0PKD6yCWStG56Isf4HqHjst2RMasrHQT/pUoEN+mFpDMr/eLWVTR8 # GaRKaMeyqNO3yqGTiOvBl7yM+R3ZIoQkdMcEPWqpKZPM67hb4f5fJao0WMjBI1Sd # G5gRwzicfj2GbKUPQIZ8AvRcAk8oy65xnw86yDP+ESU16vy6xWA92XwY1bKp03V4 # A3IiyjrDH+8s5S6p+p4stlFG/a8D1upgaOqFFjZrhekewLPdxCTcgCqBQW2UPsjg # yYFBAJ5ev3/FCJiiGCxCQLP5bzgnS06A9D2BR+CIfOoczrV1XFEuHCt/GnIo5wC1 # 0XTG1+SfrQeTtlM1Nfw35MP2XRa+IXPekgr4oGNqvJaSaj74vGVVm971DYkmBPwl # GqYlacvCbcp84llfl6zr7y7IvNcbWTwrzPIZyJNrJ2MZz/zpJvjKcZt/k/40Z4RO # mev8s3gJM3C6ZqZ27Rtz6xqlDcQiEyCUVgpOLGxOsf3PnAm6ojPthwIDAQABo4IB # UTCCAU0wEgYDVR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQU3QQJB6L1en1SUxKS # le44gCUNplkwHwYDVR0jBBgwFoAUCHbNywf/JPbFze27kLzihDdGdfcwDgYDVR0P # AQH/BAQDAgEGMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9zc2xjb20uY3JsLmNl # cnR1bS5wbC9jdG5jYS5jcmwwcwYIKwYBBQUHAQEEZzBlMCkGCCsGAQUFBzABhh1o # dHRwOi8vc3NsY29tLm9jc3AtY2VydHVtLmNvbTA4BggrBgEFBQcwAoYsaHR0cDov # L3NzbGNvbS5yZXBvc2l0b3J5LmNlcnR1bS5wbC9jdG5jYS5jZXIwOgYDVR0gBDMw # MTAvBgRVHSAAMCcwJQYIKwYBBQUHAgEWGWh0dHBzOi8vd3d3LmNlcnR1bS5wbC9D # UFMwDQYJKoZIhvcNAQELBQADggEBAB+VmiNU7oXC89RvuekEj0Z/LPcywKdDrAcA # 7eCpRS39F+HtAEDIr5is9cAZrRuglzBAbOxb+6OTToyJYht88Dpfp0LPWMp1ZZwi # TL92e5iTnBWDM7EO3FE4h3yVnBJplB4AeHR+3MAGd7pwLYcs12id47qFrUnzj2S0 # FQaDksaXpECTi63xZ5S0uVpnVDyoG9kFz+Sk+YgSAAaIJYXUXu7zk1fWgfgsrvf1 # UUirtmI6edvsLvI/FFY6yNnLpKJPJajRm6stMCBQBxpv8fGUHTmDY+gf/UnQ6B1G # skaCJr2cneGiaEFIUW56/DWW9FTSvCtE5UfXd4KlSqtflzOrJBEwggZeMIIERqAD # AgECAhAo5vfRgCuR6OzkT6IERg7dMA0GCSqGSIb3DQEBCwUAMHgxCzAJBgNVBAYT # AlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjERMA8GA1UECgwI # U1NMIENvcnAxNDAyBgNVBAMMK1NTTC5jb20gQ29kZSBTaWduaW5nIEludGVybWVk # aWF0ZSBDQSBSU0EgUjEwHhcNMjIwMzE4MTA0MjUzWhcNMjUwMzE3MTA0MjUzWjBn # MQswCQYDVQQGEwJVUzERMA8GA1UECAwIRGVsYXdhcmUxDzANBgNVBAcMBk5ld2Fy # azEZMBcGA1UECgwQQ3ViZWJhY2t1cCwgSW5jLjEZMBcGA1UEAwwQQ3ViZWJhY2t1 # cCwgSW5jLjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAKuSfR1SJA4P # D/b1dE0lGxAaAsD0Qo62ygR4Y2kSIbMx/HyZzZ528OuJtdE290OZf4X+2gCN3yys # GUeMynF9aGwbLuEQHpbbmuBD3shDqCUSsjqoPkVElEXWLK/nm5ltTNp2584eeUW3 # jhOKI8xDQe8E5uorCHqYlE0k9AbnfDyfaz6LoY1G4XCSHHxdzFJBFqgwWI39/W7z # h5ZnXXrCQ+KzTXwCsBt0YbNivMIhSxAI9XLlvchel19W+tVQLuWqASOKWsXHVTYr # La2JGYxn7g9hMu62jZrq1cmzDjuHIUPAeIJlw3SJVSQIzxHajVNr+bamt11Zv3hb # u4W6eQu6M6KT+JMoCIifROzUVREUx2gE9qKvolHs11kM2A1yCYXKTiuOJ1o18Hrt # RNvmvodqDLOg0n4Kx1oCnQp9QBZLj1T3g9JjjTcftTSIC3k2O3EO6hbdMCl7lCCn # ZIlfo+Fbma3w6Zd4sI2FbkNVxpg3a9aNrsvBDLnWu2hpYSrnob3xkQIDAQABo4IB # czCCAW8wDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBRUwv4QlQCTzWr158DX2bJL # uI8M4zBYBggrBgEFBQcBAQRMMEowSAYIKwYBBQUHMAKGPGh0dHA6Ly9jZXJ0LnNz # bC5jb20vU1NMY29tLVN1YkNBLUNvZGVTaWduaW5nLVJTQS00MDk2LVIxLmNlcjBR # BgNVHSAESjBIMAgGBmeBDAEEATA8BgwrBgEEAYKpMAEDAwEwLDAqBggrBgEFBQcC # ARYeaHR0cHM6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5MBMGA1UdJQQMMAoGCCsG # AQUFBwMDME0GA1UdHwRGMEQwQqBAoD6GPGh0dHA6Ly9jcmxzLnNzbC5jb20vU1NM # Y29tLVN1YkNBLUNvZGVTaWduaW5nLVJTQS00MDk2LVIxLmNybDAdBgNVHQ4EFgQU # +f10+WOxMApDRUZE7CXu+S6abSwwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEB # CwUAA4ICAQBtfnENpaoxxvqSDCOfxnavCgxi2MBzRGWn+UdUQ23MnqE+xoOeHoNm # JwGU062ujQu8hgm54AkIVcIq48WHuL8Ryd38M5+u5dA005rW7RK/hrcXts6IDGcu # NX2LvrXl0GHbUZ7NvnSrRbwmkynFHOZq4kikkt/S2WJsSUunByEVyYO/wgDIzB+w # GAiFtvzJtINansRHE38z6jcNtC6zZzLMig0zOTRAbdmngaqeqIalw6DCc2LOZ+cA # rwZ3EsHwAAna/YRg+V1eS85RblBpZW03YgKUjXLYgcOZUEeGQzh6mBQuBCfKDI9w # h4NqJ7au+9DgekiT3Jlk/kG4vwmobRVTj5Y/iB6YRy7pLvlpBRzQSNXiXs88+RWw # 9wMIh98APXsK7CmgJ1c6cRAshCU7X/JmGP5SeE4GJ8MHLcZPyt+7y9ACWhL9s0wx # 70nakz53JzmKfFuWmUaYMSB0vxwXhX6ju3n4FRFqeHZIr9mWJ/mGFTWFueH7cF8s # u+7umRnBcfNw1QtmA2yqyVwzoxqfvyVc8369nBQ/JcI2r1a85qrr9B2F6+OZHsld # Tq4DXVTTSy1qm87aeKJMl7y4/58elyK0u3rYMdQ4/PS7V2AgFBRw/2n6HujJYcrI # Ys2LLL3tCiQWFc/dHYUOEfgrpsiJYfdya0a4RRBKMVj2zLAdTyghzDCCBnIwggRa # oAMCAQICCGQzUdPHOJ8IMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMQ4w # DAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENv # cnBvcmF0aW9uMTEwLwYDVQQDDChTU0wuY29tIFJvb3QgQ2VydGlmaWNhdGlvbiBB # dXRob3JpdHkgUlNBMB4XDTE2MDYyNDIwNDQzMFoXDTMxMDYyNDIwNDQzMFoweDEL # MAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMREw # DwYDVQQKDAhTU0wgQ29ycDE0MDIGA1UEAwwrU1NMLmNvbSBDb2RlIFNpZ25pbmcg # SW50ZXJtZWRpYXRlIENBIFJTQSBSMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC # AgoCggIBAJ+DE3OqsMZtIcvbi3qHdNBx3I6Xcprku4g0tN2AA8YvRaR0mr8eD1Dq # nm1485/6USapPZ3RspRXPvs5iRuRK1bvZ8vmC+MOOYzGNfSMPd0l6QGsF0J9WBZA # 3PnVKEQdlWQwYTpk8pfXc0x9eyMCbfN161U9b6otxK++dKxd/mq2/OpceekPQ5y1 # UgUP7z6xsY/QSa2m40IZVD/zLw6hy3z+E/kjOdolHLg+AEo6bzIwN2Qex651B9hV # 0hjJDoq8o1zwfAqnhYHCDq+PmVzTYCW8g1ppHCUTzXL165yAm9wsZ8TdyQmY1XPr # xCGj5TKOPi9SmMZgN2SMsm9KVHIYzCeH+s11omMhTLU9ZP0rpptVryZMYLS5XP6r # Q72t0BNmUB8L0omm/9eABvHDEQIzM2EX91Yfji87aOcV8XdWSimeA9rCKyZhMlug # VuVJKY02p/XHUqJWAyAvOHiAvfYGrkE0y5RFvZvHiRgfC7r/qa5qQJkT3e9Q3wG6 # 8gTW0DHfNDheV1vIOB5W1KxIpu3/+bjBO+3CJL5EYKd3zdU9mFm0Q+qqYH3NwuUv # 8ev11CDVlzRuXQRrBRHS05KMCSdE7U81MUZ+dBkFYuyJ4+ojcJjk0S/UihMYRpNl # 5Vhz00w9J3oiP8P4o1W3+eaHguxFHsVuOnyxTrmraPebY9WRQbypAgMBAAGjgfsw # gfgwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTdBAkHovV6fVJTEpKV7jiA # JQ2mWTAwBggrBgEFBQcBAQQkMCIwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5z # c2wuY29tMBEGA1UdIAQKMAgwBgYEVR0gADATBgNVHSUEDDAKBggrBgEFBQcDAzA7 # BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Jscy5zc2wuY29tL3NzbC5jb20tcnNh # LVJvb3RDQS5jcmwwHQYDVR0OBBYEFFTC/hCVAJPNavXnwNfZsku4jwzjMA4GA1Ud # DwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEA9Q8mh3CvmaLK9dbJ8I1mPTmC # 04gj2IK/j1SEJ7bTgwfXnieJTYSOVNEg7mBD21dCPMewlfa+zOqjPY5PBsYrWYZ/ # 63MbyuVAJuA9b8z2vXHGzX0OIEA51gXSr5QIv3/CUbcrtXuDIfBj2uWc4WkudR1O # y2Ee9aUz3wKdFdntaZNXukZFLoC8Zb7nEj7eR/+QnBCt9laypNT61vwuvJchs3aD # 0pH6BlDRsYAogP7brQ9n7fh93NlwW3q6aLWzSmYXj+fw51fdaf68XuHVjJ8Tu5Wa # Fft5K4XVbT5nR24bB1z7VEUPFhEuEcOwvLVuHDNXlB7+QjRGjjFQTtszV5X6OOTm # EturWC5Ft9kiyvRaR0ksKOhPjEI8ZGjp5kOsGZGpxxOCX/xxCje3nVB7PF33olKC # NeS159MKb2v+jfmk19UdS+d9Ygj42desmUnbtYRBFC72LmCXU0ua/vGIenS6nnXp # 4NqnycwsO3tMCnjPlPc2YLaDPIpUy04NaCqUEXUmFOogN8zreRd2VXhxbeJJODM3 # 2+RsWccjYua8zi5US/1eAyrI3R5LcUTQdT4xYmWLKabtJOF6HYQ0f6QXfLSsfT81 # WMvDvxrdn1RWbUXlU/OIiisxo8o+UNEANOwnCMNnxlzoaL/PLhZluDxm/zuylaua # jZ3MlPDteFB/7GRHo50xghRtMIIUaQIBATCBjDB4MQswCQYDVQQGEwJVUzEOMAwG # A1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xETAPBgNVBAoMCFNTTCBDb3Jw # MTQwMgYDVQQDDCtTU0wuY29tIENvZGUgU2lnbmluZyBJbnRlcm1lZGlhdGUgQ0Eg # UlNBIFIxAhAo5vfRgCuR6OzkT6IERg7dMA0GCWCGSAFlAwQCAQUAoHwwEAYKKwYB # BAGCNwIBDDECMAAwGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGC # NwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEILOULctR59EgNqPt # 89NHbsldkuE5aE3vSlmKWM0zFSyaMA0GCSqGSIb3DQEBAQUABIIBgFiRWrv8+RTA # ZxpETZux/RU15TtOAu7xthn4GBaScMza22YQsiH4rUSnKT6CDMDYS3T0E/3A4mEg # xychJjL9FmxlrhqNoOv+Hx3QN0kIWRXjyk/a2OfVwlq7P2WgkPatRfI8WNZhOw97 # /4HnM63b7+otfuwNwvOK27ZRfdCq8AygSQZt8C05UrYyWfSbG3ckTwFwYg6ksX75 # 4emmHAf/BRsoyHk9e9wRPj+F6p31oCbEVCrHqSW4iYHthvfzziLV6tW4WrtnJAQg # CNNqsCldgXMbulTbLGVSkKIXV+ErbIxvsTIwpZMydkoYw8zQq8qZpkWpPNdrigLQ # ZR+5ZazewVYq4F144Ya7XEPo35eYXPp4ruqzi6QbQLEaDZe0SPO/QPLfzMf02yYc # MyM4MVo1n/o1QeVcmdw966lxp5a87uaOCn93vo9iqp68G/XBSJqB8HLBE9QSMPmC # ThUYwMSg2v4Z9TImY6fw8O4Fv3PJiC/Vtjcp9jLyEVbntalT1EkLQaGCEbMwghGv # BgorBgEEAYI3AwMBMYIRnzCCEZsGCSqGSIb3DQEHAqCCEYwwghGIAgEDMQ8wDQYJ # YIZIAWUDBAIBBQAweAYLKoZIhvcNAQkQAQSgaQRnMGUCAQEGCWCGSAGG/WwHATAx # MA0GCWCGSAFlAwQCAQUABCCgry8qyopAxqum4+mGsUBZdDjAFL5yFmTGm9Sfdrxu # hQIRAO4TpNfiDXq0DGtHRrAZj2kYDzIwMjIwNTA3MDkwNjM2WqCCDXwwggbGMIIE # rqADAgECAhAKekqInsmZQpAGYzhNhpedMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNV # BAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjE7MDkGA1UEAxMyRGlnaUNl # cnQgVHJ1c3RlZCBHNCBSU0E0MDk2IFNIQTI1NiBUaW1lU3RhbXBpbmcgQ0EwHhcN # MjIwMzI5MDAwMDAwWhcNMzMwMzE0MjM1OTU5WjBMMQswCQYDVQQGEwJVUzEXMBUG # A1UEChMORGlnaUNlcnQsIEluYy4xJDAiBgNVBAMTG0RpZ2lDZXJ0IFRpbWVzdGFt # cCAyMDIyIC0gMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALkqliOm # XLxf1knwFYIY9DPuzFxs4+AlLtIx5DxArvurxON4XX5cNur1JY1Do4HrOGP5PIhp # 3jzSMFENMQe6Rm7po0tI6IlBfw2y1vmE8Zg+C78KhBJxbKFiJgHTzsNs/aw7ftwq # HKm9MMYW2Nq867Lxg9GfzQnFuUFqRUIjQVr4YNNlLD5+Xr2Wp/D8sfT0KM9CeR87 # x5MHaGjlRDRSXw9Q3tRZLER0wDJHGVvimC6P0Mo//8ZnzzyTlU6E6XYYmJkRFMUr # DKAz200kheiClOEvA+5/hQLJhuHVGBS3BEXz4Di9or16cZjsFef9LuzSmwCKrB2N # O4Bo/tBZmCbO4O2ufyguwp7gC0vICNEyu4P6IzzZ/9KMu/dDI9/nw1oFYn5wLOUr # sj1j6siugSBrQ4nIfl+wGt0ZvZ90QQqvuY4J03ShL7BUdsGQT5TshmH/2xEvkgMw # zjC3iw9dRLNDHSNQzZHXL537/M2xwafEDsTvQD4ZOgLUMalpoEn5deGb6GjkagyP # 6+SxIXuGZ1h+fx/oK+QUshbWgaHK2jCQa+5vdcCwNiayCDv/vb5/bBMY38ZtpHlJ # rYt/YYcFaPfUcONCleieu5tLsuK2QT3nr6caKMmtYbCgQRgZTu1Hm2GV7T4LYVrq # PnqYklHNP8lE54CLKUJy93my3YTqJ+7+fXprAgMBAAGjggGLMIIBhzAOBgNVHQ8B # Af8EBAMCB4AwDAYDVR0TAQH/BAIwADAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCDAg # BgNVHSAEGTAXMAgGBmeBDAEEAjALBglghkgBhv1sBwEwHwYDVR0jBBgwFoAUuhbZ # bU2FL3MpdpovdYxqII+eyG8wHQYDVR0OBBYEFI1kt4kh/lZYRIRhp+pvHDaP3a8N # MFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdp # Q2VydFRydXN0ZWRHNFJTQTQwOTZTSEEyNTZUaW1lU3RhbXBpbmdDQS5jcmwwgZAG # CCsGAQUFBwEBBIGDMIGAMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy # dC5jb20wWAYIKwYBBQUHMAKGTGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9E # aWdpQ2VydFRydXN0ZWRHNFJTQTQwOTZTSEEyNTZUaW1lU3RhbXBpbmdDQS5jcnQw # DQYJKoZIhvcNAQELBQADggIBAA0tI3Sm0fX46kuZPwHk9gzkrxad2bOMl4IpnENv # AS2rOLVwEb+EGYs/XeWGT76TOt4qOVo5TtiEWaW8G5iq6Gzv0UhpGThbz4k5HXBw # 2U7fIyJs1d/2WcuhwupMdsqh3KErlribVakaa33R9QIJT4LWpXOIxJiA3+5Jlbez # zMWn7g7h7x44ip/vEckxSli23zh8y/pc9+RTv24KfH7X3pjVKWWJD6KcwGX0ASJl # x+pedKZbNZJQfPQXpodkTz5GiRZjIGvL8nvQNeNKcEiptucdYL0EIhUlcAZyqUQ7 # aUcR0+7px6A+TxC5MDbk86ppCaiLfmSiZZQR+24y8fW7OK3NwJMR1TJ4Sks3Kkzz # XNy2hcC7cDBVeNaY/lRtf3GpSBp43UZ3Lht6wDOK+EoojBKoc88t+dMj8p4Z4A2U # KKDr2xpRoJWCjihrpM6ddt6pc6pIallDrl/q+A8GQp3fBmiW/iqgdFtjZt5rLLh4 # qk1wbfAs8QcVfjW05rUMopml1xVrNQ6F1uAszOAMJLh8UgsemXzvyMjFjFhpr6s9 # 4c/MfRWuFL+Kcd/Kl7HYR+ocheBFThIcFClYzG/Tf8u+wQ5KbyCcrtlzMlkI5y2S # oRoR/jKYpl0rl+CL05zMbbUNrkdjOEcXW28T2moQbh9Jt0RbtAgKh1pZBHYRoad3 # AhMcMIIGrjCCBJagAwIBAgIQBzY3tyRUfNhHrP0oZipeWzANBgkqhkiG9w0BAQsF # ADBiMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQL # ExB3d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJv # b3QgRzQwHhcNMjIwMzIzMDAwMDAwWhcNMzcwMzIyMjM1OTU5WjBjMQswCQYDVQQG # EwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xOzA5BgNVBAMTMkRpZ2lDZXJ0 # IFRydXN0ZWQgRzQgUlNBNDA5NiBTSEEyNTYgVGltZVN0YW1waW5nIENBMIICIjAN # BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxoY1BkmzwT1ySVFVxyUDxPKRN6mX # UaHW0oPRnkyibaCwzIP5WvYRoUQVQl+kiPNo+n3znIkLf50fng8zH1ATCyZzlm34 # V6gCff1DtITaEfFzsbPuK4CEiiIY3+vaPcQXf6sZKz5C3GeO6lE98NZW1OcoLevT # sbV15x8GZY2UKdPZ7Gnf2ZCHRgB720RBidx8ald68Dd5n12sy+iEZLRS8nZH92GD # Gd1ftFQLIWhuNyG7QKxfst5Kfc71ORJn7w6lY2zkpsUdzTYNXNXmG6jBZHRAp8By # xbpOH7G1WE15/tePc5OsLDnipUjW8LAxE6lXKZYnLvWHpo9OdhVVJnCYJn+gGkcg # Q+NDY4B7dW4nJZCYOjgRs/b2nuY7W+yB3iIU2YIqx5K/oN7jPqJz+ucfWmyU8lKV # EStYdEAoq3NDzt9KoRxrOMUp88qqlnNCaJ+2RrOdOqPVA+C/8KI8ykLcGEh/FDTP # 0kyr75s9/g64ZCr6dSgkQe1CvwWcZklSUPRR8zZJTYsg0ixXNXkrqPNFYLwjjVj3 # 3GHek/45wPmyMKVM1+mYSlg+0wOI/rOP015LdhJRk8mMDDtbiiKowSYI+RQQEgN9 # XyO7ZONj4KbhPvbCdLI/Hgl27KtdRnXiYKNYCQEoAA6EVO7O6V3IXjASvUaetdN2 # udIOa5kM0jO0zbECAwEAAaOCAV0wggFZMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD # VR0OBBYEFLoW2W1NhS9zKXaaL3WMaiCPnshvMB8GA1UdIwQYMBaAFOzX44LScV1k # TN8uZz/nupiuHA9PMA4GA1UdDwEB/wQEAwIBhjATBgNVHSUEDDAKBggrBgEFBQcD # CDB3BggrBgEFBQcBAQRrMGkwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2lj # ZXJ0LmNvbTBBBggrBgEFBQcwAoY1aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29t # L0RpZ2lDZXJ0VHJ1c3RlZFJvb3RHNC5jcnQwQwYDVR0fBDwwOjA4oDagNIYyaHR0 # cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VHJ1c3RlZFJvb3RHNC5jcmww # IAYDVR0gBBkwFzAIBgZngQwBBAIwCwYJYIZIAYb9bAcBMA0GCSqGSIb3DQEBCwUA # A4ICAQB9WY7Ak7ZvmKlEIgF+ZtbYIULhsBguEE0TzzBTzr8Y+8dQXeJLKftwig2q # KWn8acHPHQfpPmDI2AvlXFvXbYf6hCAlNDFnzbYSlm/EUExiHQwIgqgWvalWzxVz # jQEiJc6VaT9Hd/tydBTX/6tPiix6q4XNQ1/tYLaqT5Fmniye4Iqs5f2MvGQmh2yS # vZ180HAKfO+ovHVPulr3qRCyXen/KFSJ8NWKcXZl2szwcqMj+sAngkSumScbqyQe # JsG33irr9p6xeZmBo1aGqwpFyd/EjaDnmPv7pp1yr8THwcFqcdnGE4AJxLafzYeH # JLtPo0m5d2aR8XKc6UsCUqc3fpNTrDsdCEkPlM05et3/JWOZJyw9P2un8WbDQc1P # tkCbISFA0LcTJM3cHXg65J6t5TRxktcma+Q4c6umAU+9Pzt4rUyt+8SVe+0KXzM5 # h0F4ejjpnOHdI/0dKNPH+ejxmF/7K9h+8kaddSweJywm228Vex4Ziza4k9Tm8heZ # Wcpw8De/mADfIBZPJ/tgZxahZrrdVcA6KYawmKAr7ZVBtzrVFZgxtGIJDwq9gdkT # /r+k0fNX2bwE+oLeMt8EifAAzV3C+dAjfwAL5HYCJtnwZXZCpimHCUcr5n8apIUP # /JiW9lVUKx+A+sDyDivl1vupL0QVSucTDh3bNzgaoSv27dZ8/DGCA3YwggNyAgEB # MHcwYzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMTswOQYD # VQQDEzJEaWdpQ2VydCBUcnVzdGVkIEc0IFJTQTQwOTYgU0hBMjU2IFRpbWVTdGFt # cGluZyBDQQIQCnpKiJ7JmUKQBmM4TYaXnTANBglghkgBZQMEAgEFAKCB0TAaBgkq # hkiG9w0BCQMxDQYLKoZIhvcNAQkQAQQwHAYJKoZIhvcNAQkFMQ8XDTIyMDUwNzA5 # MDYzNlowKwYLKoZIhvcNAQkQAgwxHDAaMBgwFgQUhQjzhlFcs9MHfba0t8B/G0pe # Qd4wLwYJKoZIhvcNAQkEMSIEIPO3tzGxSLkMGuTtp9dQtgo8aN896nEmLS9cujtj # VwGeMDcGCyqGSIb3DQEJEAIvMSgwJjAkMCIEIJ2mkBXDScbBiXhFujWCrXDIj6Qp # O9tqvpwr0lOSeeY7MA0GCSqGSIb3DQEBAQUABIICAIitdDI+pwgNysZLe1ZTb6X7 # J+DD5aqjyk1zaIzuXoDBoXZr3KC86HgLfgGvxFU9yXLM5KYZAxmit/LQK4e2o68h # AiQWfNf45WGsizTJv7+I/axv6sasaWKLYQEcg82bXssMjIrouHHEFOndjrioZjR5 # ygTnh7tXc9Nln/ytF9s31+UIZsJGSmzBlsDa8pXBiYuGLN2P3dUZTFL1DiljXOx6 # j/ywdmlC6jH5C40ZFY82zSm2erXPBxYundjeanCDXuAkna8uOFTKsxmAvu1h0zxX # 5w5QzWEGyWa7BZrQmqB8f0bHTopQ9L/k+JMlGmivsduDB9hkcqJG8U0gkfaetxvH # GHZVoaDClkRGla3DfoUHda93oEDbKxjokNZdYCtdSoAfY3Asx8ikpyyaLbc3ZUg9 # 2sJYYALIBIGgQgZX4Be/UC/UCHK4cNctwWzlmsPrMZhwZg3rCI3xbO86O4dO0sO3 # rRsQeZH9DkAS30DbtDY7yYxKCfG6mJFG+Thep+K1ssysYEAtFWMJ6nwZGign5tAh # 7rBg52rQf6aEyoNhF8lDKixNO1GyDuTvIy4L2yVjABm0QgAznF+bu7pEKvFtEcQl # SNT4seMPPljfHp72s6X8joSGcAf/UxxLpUAes7sj0oQI7Tc8eongR2W6aXbJ0lae # F007dl+0X7YlQulIsiDr # SIG # End signature block