From 6e409edd540fb7e2bb6a66f14adeb72e550669c1 Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Wed, 2 Jul 2014 16:02:45 +0200
Subject: added support for splitting authnrequest &signrequest

---
 .../src/main/webapp/jsp/editMOAConfig.jsp          |   3 +-
 .../auth/src/main/webapp/WEB-INF/urlrewrite.xml    |   4 +-
 id/server/auth/src/main/webapp/WEB-INF/web.xml     |  13 +-
 .../moa/id/auth/AuthenticationServer.java          |  44 +-
 .../moa/id/auth/data/AuthenticationSession.java    |  57 +-
 .../moa/id/auth/servlet/PEPSConnectorServlet.java  |   8 +-
 .../PEPSConnectorWithLocalSigningServlet.java      | 790 +++++++++++++++++++++
 .../gv/egovernment/moa/id/config/stork/CPEPS.java  |  20 +-
 .../moa/id/config/stork/STORKConfig.java           |   2 +-
 .../id/protocols/stork2/AuthenticationRequest.java |  46 +-
 .../SignedDocAttributeRequestProvider.java         |   8 +-
 .../src/main/resources/config/moaid_config_2.0.xsd |   9 +-
 12 files changed, 947 insertions(+), 57 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java

diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index 6f266f865..4589a3381 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -249,10 +249,11 @@
 								labelposition="left" />
 							<h4><%=LanguageHelper.getGUIString("webpages.moaconfig.stork.pepslist", request) %></h4>
                             <table id="stork_pepslist">
-								<tr><th>Country Shortcode</th><th>PEPS URL</th>
+								<tr><th>Country Shortcode</th><th>PEPS URL</th><th>Supports XMLSignatures</th>
 								<s:iterator value="storkconfig.cpepslist" status="stat">
 								  <tr><td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].countryCode" value="%{countryCode}" cssClass="textfield_short"/></td>
 								      <td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].URL" value="%{URL}" cssClass="textfield_long"/></td>
+								      <td><s:checkbox name="storkconfig.cpepslist[%{#stat.index}].supportsXMLSignature" value="%{supportsXMLSignature}" /></td>
 								      <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr>
 								</s:iterator>
                                 <s:if test="%{storkconfig.cpepslist == null}">
diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
index 23737452a..54debca81 100644
--- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
+++ b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
@@ -86,8 +86,8 @@
         <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
     </rule>
     <rule match-type="regex">
-        <from>^/stork2/SendPEPSAuthnRequest$</from>
-        <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
+        <from>^/stork2/SendPEPSAuthnRequestWithoutSignedDoc$</from>
+        <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest1&amp;%{query-string}</to>
     </rule>
     <rule match-type="regex">
         <from>^/stork2/RetrieveMandate$</from>
diff --git a/id/server/auth/src/main/webapp/WEB-INF/web.xml b/id/server/auth/src/main/webapp/WEB-INF/web.xml
index 4efda0c79..42085b01e 100644
--- a/id/server/auth/src/main/webapp/WEB-INF/web.xml
+++ b/id/server/auth/src/main/webapp/WEB-INF/web.xml
@@ -107,6 +107,14 @@
 		<servlet-class>
 			at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet</servlet-class>
 	</servlet>
+	<servlet>
+		<servlet-name>PEPSConnectorWithLocalSigningServlet</servlet-name>
+		<display-name>PEPSConnectorWithLocalSigningServlet</display-name>
+		<description>Servlet receiving STORK SAML Response Messages from
+			different C-PEPS</description>
+		<servlet-class>
+			at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet</servlet-class>
+	</servlet>
 
 	<!-- Dispatcher servlets 
 	<servlet>
@@ -219,7 +227,10 @@
 		<servlet-name>PEPSConnectorServlet</servlet-name>
 		<url-pattern>/PEPSConnector</url-pattern>
 	</servlet-mapping>
-
+<servlet-mapping>
+		<servlet-name>PEPSConnectorWithLocalSigningServlet</servlet-name>
+		<url-pattern>/PEPSConnectorWithLocalSigning</url-pattern>
+	</servlet-mapping>
 	<!-- Filters -->
 	<!-- <filter> <filter-name>DispatcherDecoratorFilter</filter-name> <filter-class>at.gv.egovernment.moa.id.sso.DispatcherDecoratorFilter</filter-class> 
 		</filter> -->
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index a8cf5014f..c2eefa3d8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -76,6 +76,7 @@ import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
 import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
 import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
 import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet;
+import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet;
 import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
 import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator;
 import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
@@ -1795,12 +1796,37 @@ public class AuthenticationServer implements MOAIDAuthConstants {
         PersonalAttribute newAttribute = new PersonalAttribute();
         newAttribute.setName("signedDoc");
         List<String> value = new ArrayList<String>();
-        value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im  Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
-                "application/xhtml+xml",
-                moasession.getCcc()));
-        newAttribute.setValue(value);
-        attributeList.add(newAttribute);
-
+        
+        Logger.debug("PEPS supports XMLSignatures:"+cpeps.isXMLSignatureSupported());
+        if(cpeps.isXMLSignatureSupported())//Send SignRequest to PEPS
+        {
+        	value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im  Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
+                "application/xhtml+xml", moasession.getCcc()));
+        	newAttribute.setValue(value);
+        	attributeList.add(newAttribute);
+        }
+        else//Process SignRequest locally with MOCCA
+        {
+        	String target = moasession.getTarget();
+        	moasession.setTarget("AT");
+        	String signedDoc = (generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im  Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
+                    "application/xhtml+xml", "AT"));//moasession.getCcc()
+        	moasession.setTarget(target);
+        	Logger.warn("signedDoc to store:"+signedDoc);
+            //attributeList.add(newAttribute);
+        	
+            //store SignRequest for later...
+            moasession.setSignedDoc(signedDoc);
+            
+            acsURL = issuerValue + PEPSConnectorWithLocalSigningServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;
+            try {
+				AuthenticationSessionStoreage.storeSession(moasession);
+			} catch (MOADatabaseException e) {
+				// TODO Auto-generated catch block
+				e.printStackTrace();
+			}
+            
+        }
 
         if (Logger.isDebugEnabled()) {
             Logger.debug("The following attributes are requested for this OA:");
@@ -1817,7 +1843,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
         //generate AuthnRquest
         STORKAuthnRequest authnRequest = new STORKAuthnRequest();
         authnRequest.setDestination(destination);
-        authnRequest.setAssertionConsumerServiceURL(acsURL);
+        authnRequest.setAssertionConsumerServiceURL(acsURL);//PEPSConnectorWithLocalSigning
         authnRequest.setProviderName(providerName);
         authnRequest.setIssuer(issuerValue);
         authnRequest.setQaa(oaParam.getQaaLevel());
@@ -1834,7 +1860,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
         authnRequest.setCitizenCountryCode(moasession.getCcc());
 
-
         Logger.debug("STORK AuthnRequest succesfully assembled.");
 
         STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing");
@@ -1842,7 +1867,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
         if (samlEngine == null) {
             Logger.error("Could not initalize STORK SAML engine.");
             throw new MOAIDException("stork.00", null);
-        	
         }
         
         try {
@@ -1905,7 +1929,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
             idGenerator = new SecureRandomIdentifierGenerator();
 
             DocumentType doc = new DocumentType();
-            doc.setBase64XML(text.getBytes());
+            doc.setBase64XML(text.getBytes("UTF-8"));
             doc.setID(idGenerator.generateIdentifier());
 
             SignRequest request = new SignRequest();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 8726c1618..26c22fb4a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -51,6 +51,7 @@ import org.w3c.dom.Element;
 
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
 import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
 import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
 import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20SessionObject;
@@ -291,9 +292,58 @@ public class AuthenticationSession implements Serializable {
 	private boolean isForeigner;
 
 	private IPersonalAttributeList storkAttributes;
-
+	
+	
+	//Temporary store SignRequest for local processing
+	private String signedDoc;
+	//Temporary store SAMLResponse for processing after user signed signedDoc locally
+	private String SAMLResponse;
+	//
+	private StringBuffer returnURL;
+	private IPersonalAttributeList authnResponseGetPersonalAttributeList;
+	private String authnContextClassRef;
 	// private String requestedProtocolURL = null;
 	
+	public String getAuthnContextClassRef() {
+		return authnContextClassRef;
+	}
+
+	public void setAuthnContextClassRef(String authnContextClassRef) {
+		this.authnContextClassRef = authnContextClassRef;
+	}
+
+	public IPersonalAttributeList getAuthnResponseGetPersonalAttributeList() {
+		return authnResponseGetPersonalAttributeList;
+	}
+
+	public void setAuthnResponseGetPersonalAttributeList(IPersonalAttributeList authnResponseGetPersonalAttributeList) {
+		this.authnResponseGetPersonalAttributeList = authnResponseGetPersonalAttributeList;
+	}
+
+	public String getSAMLResponse() {
+		return SAMLResponse;
+	}
+
+	public void setSAMLResponse(String samlResponse) {
+		SAMLResponse = samlResponse;
+	}
+
+	public StringBuffer getReturnURL() {
+		return returnURL;
+	}
+
+	public void setReturnURL(StringBuffer returnURL) {
+		this.returnURL = returnURL;
+	}
+
+	public String getSignedDoc() {
+		return signedDoc;
+	}
+
+	public void setSignedDoc(String signedDoc) {
+		this.signedDoc = signedDoc;
+	}
+
 	public String getModul() {
 		return modul;
 	}
@@ -1060,9 +1110,6 @@ public class AuthenticationSession implements Serializable {
 	 */
 	public Date getSessionCreated() {
 		return sessionCreated;
-	}
-
-	
-	
+	}	
 	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index a82a51d07..0ba144b80 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -23,16 +23,17 @@
 package at.gv.egovernment.moa.id.auth.servlet;
 
 import iaik.x509.X509Certificate;
+
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.StringWriter;
 import java.util.ArrayList;
+
 import javax.activation.DataSource;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 import javax.xml.bind.JAXBContext;
 import javax.xml.bind.JAXBElement;
 import javax.xml.transform.stream.StreamSource;
@@ -50,18 +51,15 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.stork.STORKException;
 import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.ModulUtils;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.HTTPUtils;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
 import at.gv.egovernment.moa.id.util.VelocityProvider;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.StringUtils;
@@ -188,7 +186,6 @@ public class PEPSConnectorServlet extends AuthServlet {
 			
 			//load MOASession from database
 			AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID);
-			
 			//change MOASessionID
 			moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
 			
@@ -248,6 +245,7 @@ public class PEPSConnectorServlet extends AuthServlet {
 			String citizenSignature = null;
 			try {
 				String signatureInfo = authnResponse.getPersonalAttributeList().get("signedDoc").getValue().get(0);
+								 
 				SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(signatureInfo)));
 				
 				// fetch signed doc
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
new file mode 100644
index 000000000..ee0ae4b87
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
@@ -0,0 +1,790 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ * 
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+package at.gv.egovernment.moa.id.auth.servlet;
+
+import iaik.x509.X509Certificate;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+
+import javax.activation.DataSource;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.Source;
+import javax.xml.transform.TransformerConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactoryConfigurationError;
+import javax.xml.transform.stream.StreamSource;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+import org.opensaml.saml2.core.StatusCode;
+import org.w3c.dom.Element;
+import org.xml.sax.SAXException;
+
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.IdentityLink;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.exception.BKUException;
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.exception.ParseException;
+import at.gv.egovernment.moa.id.auth.exception.ServiceException;
+import at.gv.egovernment.moa.id.auth.stork.STORKException;
+import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.ModulUtils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
+import at.gv.egovernment.moa.id.util.HTTPUtils;
+import at.gv.egovernment.moa.id.util.VelocityProvider;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.SignatureVerificationService;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.util.StringUtils;
+import at.gv.util.xsd.xmldsig.SignatureType;
+import at.gv.util.xsd.xmldsig.X509DataType;
+import eu.stork.oasisdss.api.ApiUtils;
+import eu.stork.oasisdss.api.LightweightSourceResolver;
+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
+import eu.stork.oasisdss.api.exceptions.UtilsException;
+import eu.stork.oasisdss.profile.SignRequest;
+import eu.stork.oasisdss.profile.SignResponse;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+//import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
+
+/**
+ * Endpoint for receiving STORK response messages
+ */
+public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
+	private static final long serialVersionUID = 1L;
+
+	public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnectorWithLocalSigning";
+
+	private String oasisDssWebFormURL = "http://testvidp.buergerkarte.at/oasis-dss/DSSWebFormServlet";//TODO load from config
+
+
+	/**
+	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
+	 */
+	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+		super.doGet(request, response);
+	}
+
+	/**
+	 * Handles the reception of a STORK response message
+	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
+	 */
+	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException 
+	{
+		String moaSessionID1 = request.getParameter("moaSessionID");	
+		String signResponse = request.getParameter("signresponse");	
+		Logger.info("moaSessionID1:"+moaSessionID1);
+		Logger.info("signResponse:"+signResponse);
+		if(moaSessionID1!=null)
+		{
+			if(signResponse!=null)
+			{
+				//redirect from oasis with signresponse
+				handleSignResponse(request, response);
+			}
+			else
+			{
+				//should not occur
+				throw new IOException("should not occur");
+			}
+		}
+		else
+		{
+			if(signResponse!=null)
+			{
+				//should not occur
+				throw new IOException("should not occur");
+			}
+			else
+			{
+				//normal saml response
+				handleSAMLResponse(request, response);
+			}
+		}
+		return;
+	}
+
+	private void handleSignResponse(HttpServletRequest request, HttpServletResponse response) {
+		Logger.info("handleSignResponse started");
+		String moaSessionID = request.getParameter("moaSessionID");	
+		String signResponse = request.getParameter("signresponse");	
+		Logger.info("moaSessionID:"+moaSessionID);
+		Logger.info("signResponse:"+signResponse);
+		String pendingRequestID = null;
+		try{
+
+
+			//load MOASession from database
+			AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID);
+			//change MOASessionID
+			moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
+
+			pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
+			Logger.info("pendingRequestID:"+pendingRequestID);
+			String signResponseString = new String(Base64.decodeBase64(signResponse), "UTF8");
+			Logger.info("RECEIVED signresponse:"+signResponseString);
+			//create SignResponse object
+			Source response1 = new StreamSource(new java.io.StringReader(signResponseString));
+			SignResponse dssSignResponse = ApiUtils.unmarshal(response1, SignResponse.class);
+
+			//			SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(Base64.signResponse)));
+
+			String citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse);
+
+			// memorize signature into authblock
+			moaSession.setAuthBlock(citizenSignature);
+
+			X509Certificate cert = getSignerCertificate(citizenSignature);
+			moaSession.setSignerCertificate(cert);	
+			VerifyXMLSignatureResponse xMLVerifySignatureResponse = verifyXMLSignature(citizenSignature);
+			at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse tmp = convert(xMLVerifySignatureResponse);
+			
+			
+			moaSession.setXMLVerifySignatureResponse(tmp);
+			try{
+				IPersonalAttributeList personalAttributeList = moaSession.getAuthnResponseGetPersonalAttributeList();
+				//Add signResponse
+				List<String> values = new ArrayList<String>();
+				//values.add(signResponseString);
+				values.add(citizenSignature);
+				Logger.debug("Assembling signedDoc attribute");
+				PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values,
+						"Available");
+				personalAttributeList.add(signedDocAttribute);
+				
+				String authnContextClassRef = moaSession.getAuthnContextClassRef();
+				SZRGInsertion(moaSession, personalAttributeList, authnContextClassRef);
+			} catch (STORKException e) {
+				// this is really nasty but we work against the system here. We are supposed to get the gender attribute from
+				// stork. If we do not, we cannot register the person in the ERnP - we have to have the
+				// gender for the represented person. So here comes the dirty hack. 
+				if(e.getCause() instanceof STORKException && e.getCause().getMessage().equals("gender not found in response")) {
+					try {
+						Logger.trace("Initialize VelocityEngine...");
+
+						VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+						Template template = velocityEngine.getTemplate("/resources/templates/fetchGender.html");
+						VelocityContext context = new VelocityContext();
+						context.put("SAMLResponse", request.getParameter("SAMLResponse"));
+						context.put("action", request.getRequestURL());
+
+						StringWriter writer = new StringWriter();
+						template.merge(context, writer);
+
+						response.getOutputStream().write(writer.toString().getBytes());
+					} catch (Exception e1) {
+						Logger.error("Error sending gender retrival form.", e1);
+						//						httpSession.invalidate();
+						throw new MOAIDException("stork.10", null);
+					}
+
+					return;
+				}
+
+				Logger.error("Error connecting SZR Gateway", e);
+				throw new MOAIDException("stork.10", null);
+			}	
+
+			Logger.debug("Add full STORK AuthnResponse to MOA session");
+			moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));//TODO ask Florian/Thomas authnResponse?
+
+			//session is implicit stored in changeSessionID!!!!
+			String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
+
+			Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID);
+
+			//redirect
+			String redirectURL = null;
+			redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(), 
+					ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID);
+			redirectURL = response.encodeRedirectURL(redirectURL);
+
+			response.setContentType("text/html");
+			response.setStatus(302);
+			response.addHeader("Location", redirectURL);
+			Logger.info("REDIRECT TO: " + redirectURL);
+
+		} catch (AuthenticationException e) {
+			handleError(null, e, request, response, pendingRequestID);
+
+		} catch (MOAIDException e) {
+			handleError(null, e, request, response, pendingRequestID);
+
+		} catch (Exception e) {
+			Logger.error("PEPSConnector has an interal Error.", e);
+		}
+
+		finally {
+			ConfigurationDBUtils.closeSession();
+		}	
+	}
+
+	private void handleSAMLResponse(HttpServletRequest request, HttpServletResponse response) {
+		Logger.info("handleSAMLResponse started");	
+		String pendingRequestID = null;
+
+		try {
+			Logger.info("PEPSConnector Servlet invoked, expecting C-PEPS message.");
+			Logger.debug("This ACS endpoint is: " + HTTPUtils.getBaseURL(request));
+
+			super.setNoCachingHeadersInHttpRespone(request, response);
+			Logger.trace("No Caching headers set for HTTP response");
+
+			//check if https or only http
+			super.checkIfHTTPisAllowed(request.getRequestURL().toString());
+
+			Logger.debug("Beginning to extract SAMLResponse out of HTTP Request");
+
+			//extract STORK Response from HTTP Request
+			//Decodes SAML Response
+			byte[] decSamlToken;
+			try {
+				decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse"));
+				Logger.debug("SAMLResponse: " + new String(decSamlToken));
+
+			} catch(NullPointerException e) {
+				Logger.error("Unable to retrieve STORK Response", e);
+				throw new MOAIDException("stork.04", null);
+			}		
+
+			//Get SAMLEngine instance
+			STORKSAMLEngine engine = STORKSAMLEngine.getInstance("outgoing");
+
+			STORKAuthnResponse authnResponse = null;
+			try {
+				//validate SAML Token
+				Logger.debug("Starting validation of SAML response");
+				authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, (String) request.getRemoteHost());
+				Logger.info("SAML response succesfully verified!");
+			}catch(STORKSAMLEngineException e){
+				Logger.error("Failed to verify STORK SAML Response", e);
+				throw new MOAIDException("stork.05", null);
+			}
+
+			Logger.info("STORK SAML Response message succesfully extracted");
+			Logger.debug("STORK response: ");
+			Logger.debug(authnResponse.toString());
+
+			Logger.debug("Trying to find MOA Session-ID ...");			
+			//String moaSessionID = request.getParameter(PARAM_SESSIONID);
+			//first use SAML2 relayState 
+			String moaSessionID = request.getParameter("RelayState");
+
+			// escape parameter strings
+			moaSessionID= StringEscapeUtils.escapeHtml(moaSessionID);
+
+			//check if SAML2 relaystate includes a MOA sessionID
+			if (StringUtils.isEmpty(moaSessionID)) {
+				//if relaystate is emtpty, use SAML response -> inResponseTo element as session identifier
+
+				moaSessionID = authnResponse.getInResponseTo();
+				moaSessionID= StringEscapeUtils.escapeHtml(moaSessionID);
+
+				if (StringUtils.isEmpty(moaSessionID)) {				
+					//No authentication session has been started before
+					Logger.error("MOA-SessionID was not found, no previous AuthnRequest had been started");
+					Logger.debug("PEPSConnectorURL was: " + request.getRequestURL());
+					throw new AuthenticationException("auth.02", new Object[] { moaSessionID });
+
+				} else 
+					Logger.trace("Use MOA SessionID " + moaSessionID + " from AuthnResponse->inResponseTo attribute.");
+
+			} else 
+				//Logger.trace("MOA SessionID " + moaSessionID + " is found in http GET parameter.");
+				Logger.trace("MOA SessionID " + moaSessionID + " is found in SAML2 relayState.");
+
+			/*INFO!!!!
+			 * SAML message IDs has an different format then MOASessionIDs
+			 * This is only a workaround because many PEPS does not support SAML2 relayState or
+			 * MOASessionID as AttributConsumerServiceURL GET parameter
+			 */
+			//	         if (!ParamValidatorUtils.isValidSessionID(moaSessionID))
+			//	             throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");
+
+			pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
+
+			//load MOASession from database
+			AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID);
+			//change MOASessionID
+			moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
+
+			Logger.info("Found MOA sessionID: " + moaSessionID);
+
+
+
+			String statusCodeValue = authnResponse.getStatusCode();
+
+			if (!statusCodeValue.equals(StatusCode.SUCCESS_URI)) {
+				Logger.error("Received ErrorResponse from PEPS: " + statusCodeValue);
+				throw new MOAIDException("stork.06", new Object[] { statusCodeValue });
+			}
+
+			Logger.info("Got SAML response with authentication success message.");
+
+			Logger.debug("MOA session is still valid");
+
+			STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest();
+
+			if (storkAuthnRequest == null) {
+				Logger.error("Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
+				throw new MOAIDException("stork.07", null);
+			}
+
+			Logger.debug("Found a preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
+
+			////////////// incorporate gender from parameters if not in stork response
+
+			IPersonalAttributeList attributeList = authnResponse.getPersonalAttributeList();
+
+			// but first, check if we have a representation case
+			if(STORKResponseProcessor.hasAttribute("mandateContent", attributeList) || STORKResponseProcessor.hasAttribute("representative", attributeList) || STORKResponseProcessor.hasAttribute("represented", attributeList)) {
+				// in a representation case...
+				moaSession.setUseMandate("true");
+
+				// and check if we have the gender value
+				PersonalAttribute gender = attributeList.get("gender");
+				if(null == gender) {
+					String gendervalue = (String) request.getParameter("gender");
+					if(null != gendervalue) {
+						gender = new PersonalAttribute();
+						gender.setName("gender");
+						ArrayList<String> tmp = new ArrayList<String>();
+						tmp.add(gendervalue);
+						gender.setValue(tmp);
+
+						authnResponse.getPersonalAttributeList().add(gender);
+					}
+				}
+			}
+
+			//////////////////////////////////////////////////////////////////////////
+
+			Logger.debug("Starting extraction of signedDoc attribute");
+			//extract signed doc element and citizen signature
+			String citizenSignature = null;
+			try {
+				PersonalAttribute signedDoc = authnResponse.getPersonalAttributeList().get("signedDoc");
+				String signatureInfo = null;
+				if(signedDoc!=null)
+				{
+					signatureInfo = signedDoc.getValue().get(0);
+					//should not occur
+				}
+				else
+				{
+
+					//store SAMLResponse
+					moaSession.setSAMLResponse(request.getParameter("SAMLResponse"));
+					//store authnResponse
+
+					//moaSession.setAuthnResponse(authnResponse);//not serializable
+					moaSession.setAuthnResponseGetPersonalAttributeList(authnResponse.getPersonalAttributeList());
+
+					String authnContextClassRef = null;
+					try {
+						authnContextClassRef = authnResponse.getAssertions().get(0).getAuthnStatements().get(0).getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef();	
+					} catch (Throwable e) {
+						Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level");
+					}
+
+					moaSession.setAuthnContextClassRef(authnContextClassRef);
+					moaSession.setReturnURL(request.getRequestURL());
+
+					//load signedDoc
+					String signRequest = moaSession.getSignedDoc();
+
+					//session is implicit stored in changeSessionID!!!!
+					String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
+
+					//set return url to PEPSConnectorWithLocalSigningServlet and add newMOASessionID 
+					//signRequest
+
+					String issuerValue = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
+					String acsURL = issuerValue + PEPSConnectorWithLocalSigningServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;
+
+					String url = acsURL+"?moaSessionID="+newMOASessionID;
+					//redirect to OASIS module and sign there
+					performRedirect(url,request,response,signRequest);
+
+					return;
+				}
+				SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(signatureInfo)));
+
+				citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse);
+
+				// memorize signature into authblock
+				moaSession.setAuthBlock(citizenSignature);
+
+				X509Certificate cert = getSignerCertificate(citizenSignature);
+				moaSession.setSignerCertificate(cert);	
+
+
+			} catch (Throwable e) {
+				Logger.error("Could not extract citizen signature from C-PEPS", e);
+				throw new MOAIDException("stork.09", null);
+			}
+
+			try{
+				SZRGInsertion(moaSession, authnResponse.getPersonalAttributeList(), authnResponse.getAssertions().get(0).getAuthnStatements().get(0).getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef());
+			} catch (STORKException e) {
+				// this is really nasty but we work against the system here. We are supposed to get the gender attribute from
+				// stork. If we do not, we cannot register the person in the ERnP - we have to have the
+				// gender for the represented person. So here comes the dirty hack. 
+				if(e.getCause() instanceof STORKException && e.getCause().getMessage().equals("gender not found in response")) {
+					try {
+						Logger.trace("Initialize VelocityEngine...");
+
+						VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+						Template template = velocityEngine.getTemplate("/resources/templates/fetchGender.html");
+						VelocityContext context = new VelocityContext();
+						context.put("SAMLResponse", request.getParameter("SAMLResponse"));
+						context.put("action", request.getRequestURL());
+
+						StringWriter writer = new StringWriter();
+						template.merge(context, writer);
+
+						response.getOutputStream().write(writer.toString().getBytes());
+					} catch (Exception e1) {
+						Logger.error("Error sending gender retrival form.", e1);
+						//						httpSession.invalidate();
+						throw new MOAIDException("stork.10", null);
+					}
+
+					return;
+				}
+
+				Logger.error("Error connecting SZR Gateway", e);
+				throw new MOAIDException("stork.10", null);
+			}	
+
+			Logger.debug("Add full STORK AuthnResponse to MOA session");
+			moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));//TODO ask Florian/Thomas authnResponse?
+
+			//session is implicit stored in changeSessionID!!!!
+			String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
+
+			Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID);
+
+			//redirect
+			String redirectURL = null;
+			redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(), 
+					ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID);
+			redirectURL = response.encodeRedirectURL(redirectURL);
+
+			response.setContentType("text/html");
+			response.setStatus(302);
+			response.addHeader("Location", redirectURL);
+			Logger.info("REDIRECT TO: " + redirectURL);
+
+		} catch (AuthenticationException e) {
+			handleError(null, e, request, response, pendingRequestID);
+
+		} catch (MOAIDException e) {
+			handleError(null, e, request, response, pendingRequestID);
+
+		} catch (Exception e) {
+			Logger.error("PEPSConnector has an interal Error.", e);
+		}
+
+		finally {
+			ConfigurationDBUtils.closeSession();
+		}	
+
+	}
+
+	private void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, String signRequestString)
+			throws MOAIDException {
+
+		try {
+			Logger.trace("Initialize VelocityEngine...");
+
+			VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+			Template template = velocityEngine.getTemplate("/resources/templates/oasis_dss_webform_binding.vm");
+			VelocityContext context = new VelocityContext();
+
+			Logger.debug("performRedirect, signrequest:"+signRequestString);
+			Source signDoc = new StreamSource(new java.io.StringReader(signRequestString));
+			SignRequest signRequest = ApiUtils.unmarshal(signDoc, SignRequest.class);
+			signRequest.setReturnURL("TODO");
+			signRequestString = IOUtils.toString(ApiUtils.marshalToInputStream(signRequest));
+			context.put("signrequest", Base64.encodeBase64String(signRequestString.getBytes("UTF8")));
+			context.put("clienturl", url);
+			context.put("action", oasisDssWebFormURL );
+
+			StringWriter writer = new StringWriter();
+			template.merge(context, writer);
+
+			resp.getOutputStream().write(writer.toString().getBytes());
+		} catch (Exception e) {
+			Logger.error("Error sending DSS signrequest.", e);
+			throw new MOAIDException("stork.11", null);
+		}
+	}
+
+	private String getCitizienSignatureFromSignResponseFromSAML(STORKAuthnResponse authnResponse) throws ApiUtilsException, IllegalArgumentException, TransformerConfigurationException, UtilsException, TransformerException, TransformerFactoryConfigurationError, IOException, MOAIDException
+	{
+		PersonalAttribute signedDoc = authnResponse.getPersonalAttributeList().get("signedDoc");
+		String signatureInfo = null;
+		if(signedDoc==null)
+		{
+			Logger.error("SignedDoc = null, failed to extract Signresponse from authnResponse");
+			throw new MOAIDException("stork.09", null);
+		}
+		signatureInfo = signedDoc.getValue().get(0);
+
+		SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(signatureInfo)));
+		String citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse);
+		return citizenSignature;
+
+	}
+
+	private String getCitizienSignatureFromSignResponse(SignResponse dssSignResponse) throws IllegalArgumentException, TransformerConfigurationException, UtilsException, TransformerException, TransformerFactoryConfigurationError, IOException, ApiUtilsException
+	{
+		// fetch signed doc
+		DataSource ds = LightweightSourceResolver.getDataSource(dssSignResponse);
+		if(ds == null){
+			throw new ApiUtilsException("No datasource found in response");
+		}				
+
+		InputStream incoming  = ds.getInputStream();
+		String citizenSignature = IOUtils.toString(incoming);
+		incoming.close();
+
+		return citizenSignature;
+	}
+
+	private X509Certificate getSignerCertificate(String citizenSignature) throws CertificateException, JAXBException
+	{
+		JAXBContext ctx = JAXBContext.newInstance(SignatureType.class.getPackage().getName());
+		SignatureType root = ((JAXBElement<SignatureType>) ctx.createUnmarshaller().unmarshal(IOUtils.toInputStream(citizenSignature))).getValue();
+
+		// extract certificate
+		for(Object current : root.getKeyInfo().getContent())
+			if(((JAXBElement<?>) current).getValue() instanceof X509DataType) {
+				for(Object currentX509Data : ((JAXBElement<X509DataType>) current).getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName()) {
+					JAXBElement<?> casted = ((JAXBElement<?>) currentX509Data);
+					if(casted.getName().getLocalPart().equals("X509Certificate")) {
+						return new X509Certificate(((String)casted.getValue()).getBytes());
+					}
+				}
+			}
+		return null;
+	}
+
+	private void SZRGInsertion(AuthenticationSession moaSession, IPersonalAttributeList personalAttributeList, String authnContextClassRef) throws STORKException, MOAIDException
+	{
+		Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)");
+		Logger.debug("Citizen signature will be verified by SZR Gateway!");
+
+		Logger.debug("fetching OAParameters from database");
+
+		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix());
+		if (oaParam == null)
+			throw new AuthenticationException("auth.00", new Object[] { moaSession.getPublicOAURLPrefix() });
+
+		// retrieve target
+		//TODO: check in case of SSO!!!
+		String targetType = null;
+		String targetValue = null;
+		if(oaParam.getBusinessService()) {
+			String id = oaParam.getIdentityLinkDomainIdentifier();
+			if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
+				targetValue = id.substring(AuthenticationSession.REGISTERANDORDNR_PREFIX_.length());
+			else
+				targetValue = moaSession.getDomainIdentifier();
+			targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_;
+		} else {
+			targetType = AuthenticationSession.TARGET_PREFIX_;
+			targetValue = oaParam.getTarget();
+		}
+
+		Logger.debug("Starting connecting SZR Gateway");
+		//contact SZR Gateway
+		IdentityLink identityLink = null;
+
+		identityLink = STORKResponseProcessor.connectToSZRGateway(personalAttributeList,
+				oaParam.getFriendlyName(), 
+				targetType, targetValue, 
+				oaParam.getMandateProfiles());
+		Logger.debug("SZR communication was successfull");
+
+		if (identityLink == null) {
+			Logger.error("SZR Gateway did not return an identity link.");
+			throw new MOAIDException("stork.10", null);	
+		}
+		Logger.info("Received Identity Link from SZR Gateway");
+		moaSession.setIdentityLink(identityLink);
+
+		Logger.debug("Adding addtional STORK attributes to MOA session");
+		moaSession.setStorkAttributes(personalAttributeList);
+
+		//We don't have BKUURL, setting from null to "Not applicable"
+		moaSession.setBkuURL("Not applicable (STORK Authentication)");
+
+		// free for single use
+		moaSession.setAuthenticatedUsed(false);
+
+		// stork did the authentication step
+		moaSession.setAuthenticated(true);
+
+		//TODO: found better solution, but QAA Level in response could be not supported yet
+		try {
+			if(authnContextClassRef==null)
+				authnContextClassRef = PVPConstants.STORK_QAA_PREFIX + oaParam.getQaaLevel();
+			moaSession.setQAALevel(authnContextClassRef);
+
+		} catch (Throwable e) {
+			Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level");
+			moaSession.setQAALevel(PVPConstants.STORK_QAA_PREFIX + oaParam.getQaaLevel());
+
+		}
+
+	}
+
+	private VerifyXMLSignatureResponse verifyXMLSignature(String signature) throws AuthenticationException, ParseException, BKUException, BuildException, ConfigurationException, ServiceException, UnsupportedEncodingException, SAXException, IOException, ParserConfigurationException, MOAException
+	{
+		//Based on MOA demo client
+		    // Factory und Service instanzieren
+		    SPSSFactory spssFac = SPSSFactory.getInstance();
+		    SignatureVerificationService sigVerifyService = SignatureVerificationService.getInstance();
+		    
+		    Content sigDocContent1 = spssFac.createContent(IOUtils.toInputStream(signature, "UTF-8"), null);
+		    
+		    // Position der zu prüfenden Signatur im Dokument angeben
+		    // (Nachdem im XPath-Ausdruck ein NS-Präfix verwendet wird, muss in einer Lookup-Tabelle
+		    // der damit bezeichnete Namenraum mitgegeben werden)
+		    HashMap nSMap = new HashMap();
+		    nSMap.put("dsig", "http://www.w3.org/2000/09/xmldsig#");
+		    VerifySignatureLocation sigLocation = spssFac.createVerifySignatureLocation("//dsig:Signature", nSMap);
+		    
+		    // Zu prüfendes Dokument und Signaturposition zusammenfassen
+		   
+		    VerifySignatureInfo sigInfo = spssFac.createVerifySignatureInfo(sigDocContent1, sigLocation);
+		    
+		    // Prüfrequest zusammenstellen
+		    VerifyXMLSignatureRequest verifyRequest = spssFac.createVerifyXMLSignatureRequest(
+		      null,    // Wird Prüfzeit nicht angegeben, wird aktuelle Zeit verwendet 
+		      sigInfo, 
+		      null,    // Keine Ergänzungsobjekte notwendig
+		      null,    // Signaturmanifest-Prüfung soll nicht durchgeführt werden
+		      false,   // Hash-Inputdaten, d.h. tatsächlich signierte Daten werden nicht zurückgeliefert
+		      "MOAIDBuergerkartePersonenbindungMitTestkarten");//TODO load from config
+		      //"Test-Signaturdienste");  // ID des verwendeten Vertrauensprofils
+		    
+		    VerifyXMLSignatureResponse verifyResponse = null;
+		    try
+		    {
+		      // Aufruf der Signaturprüfung
+		      verifyResponse = sigVerifyService.verifyXMLSignature(verifyRequest);
+		    }
+		    catch (MOAException e)
+		    {
+		      // Service liefert Fehler
+		      System.err.println("Die Signaturprüfung hat folgenden Fehler geliefert:");
+		      System.err.println("Fehlercode: " + e.getMessageId());
+		      System.err.println("Fehlernachricht: " + e.getMessage());
+		      throw e;
+		    }
+		    
+//		    // Auswertung der Response
+//		    System.out.println();
+//		    System.out.println("Ergebnisse der Signaturprüfung:");
+//		    System.out.println();
+//		    
+//		    // Besondere Eigenschaften des Signatorzertifikats
+//		    SignerInfo signerInfo = verifyResponse.getSignerInfo();
+//		    System.out.println("*** Ist Zertifikat des Signators qualifiziert? " + ((signerInfo.isQualifiedCertificate()) ? "ja" : "nein"));
+//		    System.out.println("*** Ist Zertifikat des Signators von einer Behörde? " + ((signerInfo.isPublicAuthority()) ? "ja" : "nein"));
+//		    
+//		    // Ergebnisse von Signatur- und Zertifikatsprüfung
+//		    System.out.println();
+//		    System.out.println("Ergebniscode der Signaturprüfung: " + verifyResponse.getSignatureCheck().getCode());
+//		    System.out.println("Ergebniscode der Zertifikatsprüfung: " + verifyResponse.getCertificateCheck().getCode());
+//		    
+//		    // Signatorzertifikat
+//		    System.out.println();
+//		    System.out.println("*** Zertifikat des Signators:");
+//		    System.out.println("Aussteller: " + signerInfo.getSignerCertificate().getIssuerDN());
+//		    System.out.println("Subject: " + signerInfo.getSignerCertificate().getSubjectDN());
+//		    System.out.println("Seriennummer: " + signerInfo.getSignerCertificate().getSerialNumber());
+		  return verifyResponse;
+	}
+
+	private at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse convert(VerifyXMLSignatureResponse xMLVerifySignatureResponse) {
+		at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse response = new at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse();
+		response.setCertificateCheckCode(xMLVerifySignatureResponse.getCertificateCheck().getCode());
+		response.setPublicAuthority(xMLVerifySignatureResponse.getSignerInfo().isPublicAuthority());
+//		response.setPublicAuthorityCode(publicAuthorityCode)
+		response.setQualifiedCertificate(xMLVerifySignatureResponse.getSignerInfo().isQualifiedCertificate());
+		response.setSignatureCheckCode(xMLVerifySignatureResponse.getSignatureCheck().getCode());
+		response.setSignatureManifestCheckCode(xMLVerifySignatureResponse.getSignatureManifestCheck().getCode());
+//		response.setSigningDateTime()
+//		response.setX509certificate(x509certificate)
+		response.setXmlDSIGManifestCheckCode(xMLVerifySignatureResponse.getSignatureManifestCheck().getCode());
+//		response.setXmlDSIGManigest(xMLVerifySignatureResponse.getSignatureManifestCheck())
+//		response.setXmlDsigSubjectName(xmlDsigSubjectName)	
+		return response;
+	}
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/CPEPS.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/CPEPS.java
index 6e67b4219..3f4be5093 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/CPEPS.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/CPEPS.java
@@ -45,6 +45,8 @@ public class CPEPS {
 	/**  URL of C-PEPS */
 	private URL pepsURL;
 	
+	private Boolean isXMLSignatureSupported;
+
 	/** Specific attributes to be requested for this C-PEPS */
 	private List<RequestedAttribute> countrySpecificRequestedAttributes = new ArrayList<RequestedAttribute>();
 	
@@ -53,10 +55,11 @@ public class CPEPS {
 	 * @param countryCode ISO Country Code of C-PEPS
 	 * @param pepsURL URL of C-PEPS
 	 */
-	public CPEPS(String countryCode, URL pepsURL) {
+	public CPEPS(String countryCode, URL pepsURL, Boolean isXMLSignatureSupported) {
 		super();
 		this.countryCode = countryCode;
 		this.pepsURL = pepsURL;
+		this.isXMLSignatureSupported = isXMLSignatureSupported;
 	}
 
 	/**
@@ -91,6 +94,21 @@ public class CPEPS {
 		this.pepsURL = pepsURL;
 	}
 
+	/**
+	 * Returns weather the C-PEPS supports XMl Signatures or not (important for ERnB)
+	 */
+	public Boolean isXMLSignatureSupported() {
+		return isXMLSignatureSupported;
+	}
+
+	/**
+	 * Sets weather the C-PEPS supports XMl Signatures or not (important for ERnB)
+	 * @param isXMLSignatureSupported C-PEPS XML Signature support
+	 */
+	public void setXMLSignatureSupported(boolean isXMLSignatureSupported) {
+		this.isXMLSignatureSupported = isXMLSignatureSupported;
+	}
+	
 	/**
 	 * Gets the country specific attributes of this C-PEPS
 	 * @return List of country specific attributes
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
index 2e243b3ae..136b40295 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
@@ -81,7 +81,7 @@ public class STORKConfig {
 			for(at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS cpep : cpeps) {
 
 				try {
-					CPEPS moacpep = new CPEPS(cpep.getCountryCode(), new URL(cpep.getURL()));
+					CPEPS moacpep = new CPEPS(cpep.getCountryCode(), new URL(cpep.getURL()), cpep.isSupportsXMLSignature());
 
 					cpepsMap.put(cpep.getCountryCode(), moacpep);
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index a5690a883..b62e6de32 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -75,7 +75,7 @@ public class AuthenticationRequest implements IAction {
 
         this.authData = authData;
 
-        if ((req instanceof MOASTORKRequest) && ( ((MOASTORKRequest) req).getCitizenCountryCode() == null || ((MOASTORKRequest) req).getCitizenCountryCode().equals("AT") )) {
+        if ((req instanceof MOASTORKRequest)) { // && ( ((MOASTORKRequest) req).getCitizenCountryCode() == null || ((MOASTORKRequest) req).getCitizenCountryCode().equals("AT") )) {
 
             this.moaStorkRequest = (MOASTORKRequest) req;
 
@@ -134,10 +134,10 @@ public class AuthenticationRequest implements IAction {
 
             return (new AttributeCollector()).processRequest(container, httpReq, httpResp, authData, oaParam);
         }
-        // check if we are getting request for citizen of some other country
-        else if (req instanceof MOASTORKRequest) {
-            return handleMOAStorkRequest("VIDP", (MOASTORKRequest) req, httpReq.getRemoteAddr(), httpResp);
-        }
+//        // check if we are getting request for citizen of some other country
+//        else if (req instanceof MOASTORKRequest) {
+//            return handleMOAStorkRequest("VIDP", (MOASTORKRequest) req, httpReq.getRemoteAddr(), httpResp);
+//        }
 
         // Check if we got the response from PEPS
         // If so then process it and forward to SP
@@ -390,24 +390,24 @@ public class AuthenticationRequest implements IAction {
 
     public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
 
-        // authentication is not needed if we have authentication request from SP for citizen of configured PEPS country
-        if (req instanceof MOASTORKRequest) {
-            MOASTORKRequest moastorkRequest = (MOASTORKRequest) req;
-            if (moastorkRequest.getStorkAuthnRequest() != null) {
-                String citizenCountryCode = moastorkRequest.getStorkAuthnRequest().getCitizenCountryCode();
-                // check if citizen country is configured in the system
-                try {
-                    if (AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode)) {
-                        return false;
-                    }
-                } catch (MOAIDException e) {
-                    Logger.error("Could not initialize AuthConfigurationProvider");
-                }
-            }
-            // authentication is not required if received authentication response
-        } else if (req instanceof MOASTORKResponse) {
-            return false;
-        }
+//        // authentication is not needed if we have authentication request from SP for citizen of configured PEPS country
+//        if (req instanceof MOASTORKRequest) {
+//            MOASTORKRequest moastorkRequest = (MOASTORKRequest) req;
+//            if (moastorkRequest.getStorkAuthnRequest() != null) {
+//                String citizenCountryCode = moastorkRequest.getStorkAuthnRequest().getCitizenCountryCode();
+//                // check if citizen country is configured in the system
+//                try {
+//                    if (AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode)) {
+//                        return false;
+//                    }
+//                } catch (MOAIDException e) {
+//                    Logger.error("Could not initialize AuthConfigurationProvider");
+//                }
+//            }
+//            // authentication is not required if received authentication response
+//        } else if (req instanceof MOASTORKResponse) {
+//            return false;
+//        }
 
         return true;
     }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java
index 72274bada..af973475b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java
@@ -104,8 +104,7 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider {
 	public SignedDocAttributeRequestProvider(String oasisDssWebFormURL, String attributes) {
 		super(attributes);
 		this.oasisDssWebFormURL = oasisDssWebFormURL;
-		//TODO load dtlUrl from config
-		
+
 		Properties props = new Properties();
 		try {
 			props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties"));
@@ -144,11 +143,10 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider {
 	 * .servlet.http.HttpServletRequest)
 	 */
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException {
-		Logger.debug("Beginning to extract OASIS-DSS response out of HTTP Request2");
+		Logger.debug("Beginning to extract OASIS-DSS response out of HTTP Request");
 
 		try {
-			String base64 = httpReq.
-					getParameter("signresponse");
+			String base64 = httpReq.getParameter("signresponse");
 			Logger.debug("signresponse url: " + httpReq.getRequestURI().toString());
 			Logger.debug("signresponse querystring: " + httpReq.getQueryString());
 			Logger.debug("signresponse method: " + httpReq.getMethod());
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index 2d5542b98..5b3075c68 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -821,10 +821,13 @@
 		</xsd:annotation>
 		<xsd:complexType>
 			<xsd:sequence>
-				<xsd:element name="AttributeValue" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+				<xsd:element name="AttributeValue" type="xsd:string"
+					minOccurs="0" maxOccurs="unbounded" />
 			</xsd:sequence>
-			<xsd:attribute name="countryCode" type="CountryCodeType" use="required"/>
-			<xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
+			<xsd:attribute name="countryCode" type="CountryCodeType"
+				use="required" />
+			<xsd:attribute name="URL" type="xsd:anyURI" use="required" />
+			<xsd:attribute name="supportsXMLSignature" type="xsd:boolean" default="true"></xsd:attribute>
 		</xsd:complexType>
 	</xsd:element>
 	<xsd:element name="STORK">
-- 
cgit v1.2.3


From 79aeebd55d548326a3892465c441c77589e0e37d Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Fri, 4 Jul 2014 14:48:19 +0200
Subject: refactored logging statements

---
 .../moa/id/configuration/struts/action/EditGeneralConfigAction.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index 0a308a354..ad465e0d8 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -555,10 +555,10 @@ public class EditGeneralConfigAction extends BasicAction {
                 }
 
                 try{
-                   log.error("CPEPS LIST: " + storkconfig.getCpepslist().size() );
-                    log.error("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL());
+                   log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() );
+                    log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL());
                 }   catch (Exception ex) {
-                    ex.printStackTrace();
+                    log.info("CPEPS LIST is null");
                 }
 			}
 		}
-- 
cgit v1.2.3


From 35993eab38db2aa67137d674baa31031266c2b2e Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Fri, 4 Jul 2014 14:41:55 +0200
Subject: fix: overwrite single config instead of deleting old one

---
 .../struts/action/EditGeneralConfigAction.java     | 73 ++++------------------
 .../moa/id/commons/db/ConfigurationDBRead.java     |  4 +-
 2 files changed, 14 insertions(+), 63 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index ad465e0d8..ec261335d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -237,20 +237,8 @@ public class EditGeneralConfigAction extends BasicAction {
         } catch (Exception ex) {
             ex.printStackTrace();
         }
-
-		MOAIDConfiguration oldconfig = ConfigurationDBRead.getMOAIDConfiguration();
-		AuthComponentGeneral oldauth = null;
-		if (oldconfig != null) {
-			oldauth = oldconfig.getAuthComponentGeneral();
-		}
-		
-//		MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration();	
-//		if (dbconfig == null) {
-//			dbconfig = new MOAIDConfiguration();
-//			isnewconfig = true;
-//		}
 		
-		MOAIDConfiguration dbconfig = new MOAIDConfiguration();
+		MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration();
 		
 		AuthComponentGeneral dbauth = dbconfig.getAuthComponentGeneral();
 		if (dbauth == null) {
@@ -486,23 +474,6 @@ public class EditGeneralConfigAction extends BasicAction {
 		
 		dbchainingmodes.setSystemDefaultMode(
 				ChainingModeType.fromValue(moaconfig.getDefaultchainigmode()));
-		if (oldconfig != null) {
-			ChainingModes oldchainigmodes = oldconfig.getChainingModes();
-			if (oldchainigmodes != null) {
-				List<TrustAnchor> oldtrustanchor = oldchainigmodes.getTrustAnchor();
-				if (oldtrustanchor != null) {
-					List<TrustAnchor> trustanchor = new ArrayList<TrustAnchor>();
-					for (TrustAnchor oldel : oldtrustanchor) {
-						TrustAnchor TAel = new TrustAnchor();
-						TAel.setX509IssuerName(oldel.getX509IssuerName());
-						TAel.setX509SerialNumber(oldel.getX509SerialNumber());
-						TAel.setMode(oldel.getMode());
-						trustanchor.add(TAel);
-					}
-					dbchainingmodes.setTrustAnchor(trustanchor);
-				}
-			}
-		}
 		
 		IdentityLinkSigners idlsigners = dbauth.getIdentityLinkSigners();
 		if (idlsigners == null) {
@@ -525,31 +496,28 @@ public class EditGeneralConfigAction extends BasicAction {
 			forcon.setURL(moaconfig.getSzrgwURL());
 		}
 		
-		//TODO: Set STORK Config!!!
-		if (oldauth != null) {
-            ForeignIdentities oldforeign = oldauth.getForeignIdentities();
-			if (oldforeign != null) {
-				STORK oldstork = oldforeign.getSTORK();
-				if (oldstork == null)
-					oldstork = new STORK();
+            ForeignIdentities foreign = dbauth.getForeignIdentities();
+			if (foreign != null) {
+				STORK stork = foreign.getSTORK();
+				if (stork == null)
+					stork = new STORK();
 
                 try {
                 log.error("QAAAA " + storkconfig.getDefaultQaa());
-				oldstork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa());
+				stork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa());
 				
 				if (storkconfig.getAttributes() != null)
-					oldstork.setAttributes(storkconfig.getAttributes());
+					stork.setAttributes(storkconfig.getAttributes());
 				
 				else
-					oldstork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>()));
+					stork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>()));
 				
 				if (storkconfig.getCpepslist() != null)
-					oldstork.setCPEPS(storkconfig.getCpepslist());
+					stork.setCPEPS(storkconfig.getCpepslist());
 				
 				else
-					oldstork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>()));
+					stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>()));
 				
-				dbforeign.setSTORK(oldstork);
                 } catch (Exception e) {
                     e.printStackTrace();
                 }
@@ -561,7 +529,6 @@ public class EditGeneralConfigAction extends BasicAction {
                     log.info("CPEPS LIST is null");
                 }
 			}
-		}
 
 		if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) {
 			OnlineMandates dbmandate = dbauth.getOnlineMandates();
@@ -604,7 +571,7 @@ public class EditGeneralConfigAction extends BasicAction {
 		}
 		moaauth.setTrustProfileID(moaconfig.getMoaspssAuthTrustProfile());
 			
-		moaauth.setVerifyTransformsInfoProfileID(moaconfig.getAuthTransformList());
+		moaauth.getVerifyTransformsInfoProfileID().set(0, moaconfig.getAuthTransformList().get(0));
 		
 		SecurityLayer seclayertrans = dbauth.getSecurityLayer();
 		if (seclayertrans == null) {
@@ -621,19 +588,6 @@ public class EditGeneralConfigAction extends BasicAction {
 				elem.setTransformation(moatrans.get(key));
 				trans.add(elem);
 			}
-		} else {
-			if (oldauth != null) {
-				SecurityLayer oldsectrans = oldauth.getSecurityLayer();
-				if (oldsectrans != null) {
-					List<TransformsInfoType> oldtranslist = oldsectrans.getTransformsInfo();
-					for (TransformsInfoType oldel : oldtranslist) {
-						TransformsInfoType elem = new TransformsInfoType();
-						elem.setFilename(oldel.getFilename());
-						elem.setTransformation(oldel.getTransformation());
-						trans.add(elem);
-					}	
-				}
-			}
 		}
 		if (trans.size() > 0)
 			seclayertrans.setTransformsInfo(trans);
@@ -660,9 +614,6 @@ public class EditGeneralConfigAction extends BasicAction {
 			
 			ConfigurationDBUtils.save(dbconfig);
 			
-			if (oldconfig != null)
-				ConfigurationDBUtils.delete(oldconfig);			
-			
 		} catch (MOADatabaseException e) {
 			log.warn("MOAID Configuration can not be stored in Database", e);
 			return LanguageHelper.getErrorString("error.db.oa.store", request);
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
index 88220cded..e890e2145 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
@@ -147,8 +147,8 @@ public class ConfigurationDBRead {
         Logger.trace("Found entries: " + result.size());
 
         if (result.size() == 0) {
-            Logger.trace("No entries found.");
-            return null;
+            Logger.trace("No entries found. Create fresh instance.");
+            return new MOAIDConfiguration();
         }
 
         return (MOAIDConfiguration) result.get(0);
-- 
cgit v1.2.3


From 27c5460e2138fbb7de64214a7538b98effb5a7a6 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Fri, 4 Jul 2014 14:44:26 +0200
Subject: fix: CPEPS list is now edited in place instead of clean and refill

---
 .../id/configuration/validation/moaconfig/StorkConfigValidator.java   | 4 ++++
 id/ConfigWebTool/src/main/webapp/js/common.js                         | 1 +
 id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp                | 3 ++-
 .../at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java     | 2 +-
 4 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
index 8bc916e5a..4a5676fd6 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
@@ -28,6 +28,10 @@ public class StorkConfigValidator {
 		
 		if (form.getCpepslist() != null) {
 			for(CPEPS current : form.getCpepslist()) {
+				// if an existing record got deleted
+				if(null == current)
+					continue;
+				
 				// check country code
 				String check = current.getCountryCode();
 				if (MiscUtil.isNotEmpty(check)) {
diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js
index 32e79bb66..a86b9fede 100644
--- a/id/ConfigWebTool/src/main/webapp/js/common.js
+++ b/id/ConfigWebTool/src/main/webapp/js/common.js
@@ -230,6 +230,7 @@ function newPeps() {
         var lastindex = 1;
     }
 	var nextindex = lastindex + 1;
+	clone.innerHTML = clone.innerHTML.replace(/<input.*type="hidden".*>/, '');
 	clone.innerHTML = clone.innerHTML.replace(/name="storkconfig.cpepslist\[\d/g, 'name="storkconfig.cpepslist[' + nextindex);
 	clone.innerHTML = clone.innerHTML.replace(/(.*" value=").*?(".*)/g, '$1$2');
 	target.parentNode.appendChild(clone);
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index 6f266f865..9b94bcef5 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -251,7 +251,8 @@
                             <table id="stork_pepslist">
 								<tr><th>Country Shortcode</th><th>PEPS URL</th>
 								<s:iterator value="storkconfig.cpepslist" status="stat">
-								  <tr><td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].countryCode" value="%{countryCode}" cssClass="textfield_short"/></td>
+								  <tr><td><s:hidden name="storkconfig.cpepslist[%{#stat.index}].hjid" property="%{hjid}"/>
+								  	      <s:textfield name="storkconfig.cpepslist[%{#stat.index}].countryCode" value="%{countryCode}" cssClass="textfield_short"/></td>
 								      <td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].URL" value="%{URL}" cssClass="textfield_long"/></td>
 								      <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr>
 								</s:iterator>
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java
index 6bd987f96..cdb19340d 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java
@@ -154,7 +154,7 @@ public final class ConfigurationDBUtils {
 		
 		  	synchronized (session) {
 		  		tx.begin();
-	  			session.persist(dbo);
+	  			session.merge(dbo);
 		  		tx.commit();
 		  		
 		  		//session.clear();
-- 
cgit v1.2.3


From b2c1ca665aaaa3246671ef2ec933e29b8ff87b25 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Fri, 4 Jul 2014 16:09:36 +0200
Subject: made country code readonly

---
 .../struts/action/EditGeneralConfigAction.java     | 15 ++++++++--
 .../validation/moaconfig/StorkConfigValidator.java | 34 ++++++++++++----------
 id/ConfigWebTool/src/main/webapp/js/common.js      |  4 ++-
 .../src/main/webapp/jsp/editMOAConfig.jsp          |  2 +-
 4 files changed, 35 insertions(+), 20 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index ec261335d..ef0672e99 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -512,9 +512,20 @@ public class EditGeneralConfigAction extends BasicAction {
 				else
 					stork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>()));
 				
-				if (storkconfig.getCpepslist() != null)
+				if (storkconfig.getCpepslist() != null) {
+
+					// make CountryCode "readonly"
+					for(CPEPS newone : storkconfig.getCpepslist()) {
+						for(CPEPS current : stork.getCPEPS()) {
+							if(current.getHjid().equals(newone.getHjid())) {
+								newone.setCountryCode(current.getCountryCode());
+								break;
+							}
+						}
+					}
+
 					stork.setCPEPS(storkconfig.getCpepslist());
-				
+				}
 				else
 					stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>()));
 				
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
index 4a5676fd6..5ec3af519 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
@@ -32,27 +32,29 @@ public class StorkConfigValidator {
 				if(null == current)
 					continue;
 				
-				// check country code
-				String check = current.getCountryCode();
-				if (MiscUtil.isNotEmpty(check)) {
-					if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
-						log.warn("CPEPS config countrycode contains potentail XSS characters: " + check);
-						errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
-								new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
-					}
-					if(!check.toLowerCase().matches("^[a-z][a-z]$")) {
-							log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check);
+				if(null == current.getHjid()) {
+					// check country code
+					String check = current.getCountryCode();
+					if (MiscUtil.isNotEmpty(check)) {
+						if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+							log.warn("CPEPS config countrycode contains potentail XSS characters: " + check);
 							errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
-									new Object[] {check}, request ));
+									new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+						}
+						if(!check.toLowerCase().matches("^[a-z][a-z]$")) {
+								log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check);
+								errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
+										new Object[] {check}, request ));
+						}
+					} else {
+						log.warn("CPEPS config countrycode is empty : " + check);
+						errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+								new Object[] {check}, request ));
 					}
-				} else {
-					log.warn("CPEPS config countrycode is empty : " + check);
-					errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
-							new Object[] {check}, request ));
 				}
 	
 				// check url
-				check = current.getURL();
+				String check = current.getURL();
 				if (MiscUtil.isNotEmpty(check)) {
 					if (!ValidationHelper.validateURL(check)) {
 						log.info("CPEPS config URL is invalid : " + check);
diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js
index a86b9fede..f7ef2c415 100644
--- a/id/ConfigWebTool/src/main/webapp/js/common.js
+++ b/id/ConfigWebTool/src/main/webapp/js/common.js
@@ -230,7 +230,9 @@ function newPeps() {
         var lastindex = 1;
     }
 	var nextindex = lastindex + 1;
-	clone.innerHTML = clone.innerHTML.replace(/<input.*type="hidden".*>/, '');
+
+	clone.innerHTML = clone.innerHTML.replace(/[A-Z]{2}</, '<');
+	clone.innerHTML = clone.innerHTML.replace(/<input.*type="hidden".*>/, '<div id="wwgrp_loadGeneralConfig_storkconfig_cpepslist_0__countryCode" class="wwgrp">	<div id="wwctrl_loadGeneralConfig_storkconfig_cpepslist_0__countryCode" class="wwctrl">	<input id="loadGeneralConfig_storkconfig_cpepslist_0__countryCode" class="textfield_short" type="text" value="IT" name="storkconfig.cpepslist[0].countryCode">	</div>	</div>');
 	clone.innerHTML = clone.innerHTML.replace(/name="storkconfig.cpepslist\[\d/g, 'name="storkconfig.cpepslist[' + nextindex);
 	clone.innerHTML = clone.innerHTML.replace(/(.*" value=").*?(".*)/g, '$1$2');
 	target.parentNode.appendChild(clone);
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index 9b94bcef5..21ba246c1 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -252,7 +252,7 @@
 								<tr><th>Country Shortcode</th><th>PEPS URL</th>
 								<s:iterator value="storkconfig.cpepslist" status="stat">
 								  <tr><td><s:hidden name="storkconfig.cpepslist[%{#stat.index}].hjid" property="%{hjid}"/>
-								  	      <s:textfield name="storkconfig.cpepslist[%{#stat.index}].countryCode" value="%{countryCode}" cssClass="textfield_short"/></td>
+								  	      <s:property value="%{countryCode}" /></td>
 								      <td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].URL" value="%{URL}" cssClass="textfield_long"/></td>
 								      <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr>
 								</s:iterator>
-- 
cgit v1.2.3


From bab51d46c3d57ac1fe32f184d5fd8acef53ad618 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 7 Jul 2014 09:11:42 +0200
Subject: check for peps country code uniqueness

---
 .../id/configuration/data/GeneralStorkConfig.java  | 20 ++++++++++
 .../struts/action/EditGeneralConfigAction.java     | 13 +------
 .../validation/moaconfig/StorkConfigValidator.java | 45 +++++++++++++---------
 .../resources/applicationResources_de.properties   |  1 +
 .../resources/applicationResources_en.properties   |  1 +
 5 files changed, 49 insertions(+), 31 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
index 9e5ba684c..b1e268fef 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
@@ -25,12 +25,14 @@ package at.gv.egovernment.moa.id.configuration.data;
 import java.util.ArrayList;
 import java.util.List;
 
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
 import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
 import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS;
 import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
 import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
 import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
 import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
+
 import org.apache.log4j.Logger;
 
 public class GeneralStorkConfig {
@@ -88,6 +90,24 @@ public class GeneralStorkConfig {
 	}
 
 	public List<CPEPS> getCpepslist() {
+		if (null == cpepslist)
+			return null;
+
+		MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration();
+
+		List<CPEPS> cpepss = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS();
+
+		// make CountryCode "readonly"
+		for (CPEPS newone : cpepslist) {
+			for (CPEPS current : cpepss) {
+				if (null != newone)
+					if (current.getHjid().equals(newone.getHjid())) {
+						newone.setCountryCode(current.getCountryCode());
+						break;
+					}
+			}
+		}
+
 		return cpepslist;
 	}
 
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index ef0672e99..0f1673c3a 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -512,20 +512,9 @@ public class EditGeneralConfigAction extends BasicAction {
 				else
 					stork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>()));
 				
-				if (storkconfig.getCpepslist() != null) {
-
-					// make CountryCode "readonly"
-					for(CPEPS newone : storkconfig.getCpepslist()) {
-						for(CPEPS current : stork.getCPEPS()) {
-							if(current.getHjid().equals(newone.getHjid())) {
-								newone.setCountryCode(current.getCountryCode());
-								break;
-							}
-						}
-					}
+				if (storkconfig.getCpepslist() != null)
 
 					stork.setCPEPS(storkconfig.getCpepslist());
-				}
 				else
 					stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>()));
 				
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
index 5ec3af519..f7d61653d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
@@ -32,29 +32,27 @@ public class StorkConfigValidator {
 				if(null == current)
 					continue;
 				
-				if(null == current.getHjid()) {
-					// check country code
-					String check = current.getCountryCode();
-					if (MiscUtil.isNotEmpty(check)) {
-						if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
-							log.warn("CPEPS config countrycode contains potentail XSS characters: " + check);
+				// check country code
+				String check = current.getCountryCode();
+				if (MiscUtil.isNotEmpty(check)) {
+					if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+						log.warn("CPEPS config countrycode contains potentail XSS characters: " + check);
+						errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
+								new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+					}
+					if(!check.toLowerCase().matches("^[a-z][a-z]$")) {
+							log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check);
 							errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
-									new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
-						}
-						if(!check.toLowerCase().matches("^[a-z][a-z]$")) {
-								log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check);
-								errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
-										new Object[] {check}, request ));
-						}
-					} else {
-						log.warn("CPEPS config countrycode is empty : " + check);
-						errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
-								new Object[] {check}, request ));
+									new Object[] {check}, request ));
 					}
+				} else {
+					log.warn("CPEPS config countrycode is empty : " + check);
+					errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty",
+							new Object[] {check}, request ));
 				}
-	
+
 				// check url
-				String check = current.getURL();
+				check = current.getURL();
 				if (MiscUtil.isNotEmpty(check)) {
 					if (!ValidationHelper.validateURL(check)) {
 						log.info("CPEPS config URL is invalid : " + check);
@@ -66,6 +64,15 @@ public class StorkConfigValidator {
 							new Object[] {check}, request ));
 				}
 			}
+
+			// ensure uniqueness of country code
+			for (CPEPS one : form.getCpepslist())
+				for (CPEPS another : form.getCpepslist())
+					if (null != one && null != another)
+						if (!one.equals(another) && one.getCountryCode().equals(another.getCountryCode())) {
+							errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.duplicate", request));
+							break;
+						}
 		}
 
 		// check qaa
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
index e4e7a0b63..2c71d86a5 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
@@ -453,6 +453,7 @@ validation.general.testcredentials.oid.valid=Die Testdaten OID {0} ist ung\u00FC
 validation.stork.cpeps.cc=CPEPS L\u00E4ndercode folgt nicht ISO 3166-2
 validation.stork.cpeps.empty=CPEPS Konfiguration ist unvollst\u00E4ndig
 validation.stork.cpeps.url=CPEPS URL ist ung\u00FCltig
+validation.stork.cpeps.duplicate=L\u00E4ndercodes sind nicht eindeutig
 validation.stork.requestedattributes=STORK Attribute sind fehlerhaft. Bsp.: attr1, attr2
 validation.stork.qaa.outofrange=G\u00FCltige QAA Werte sind 1, 2, 3, und 4
 validation.stork.attributes.empty=Es muss mindestens ein Attribut definiert sein
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
index dcf36103b..a494ef089 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
@@ -450,6 +450,7 @@ validation.general.testcredentials.oid.valid=The OID {0} for test credentials is
 validation.stork.cpeps.cc=CPEPS country code is not based on 3166-2
 validation.stork.cpeps.empty=CPEPS configuration is incomplete
 validation.stork.cpeps.url=CPEPS URL is invalid
+validation.stork.cpeps.duplicate=Country codes are not unique
 validation.stork.requestedattributes=STORK attributes are incorrect. Example: attr1, attr2
 validation.stork.qaa.outofrange=Valid QAA values are 1, 2, 3, and 4
 validation.stork.attributes.empty=Only one attribute can be provided
-- 
cgit v1.2.3


From 5e77090ce5f718f5d6c50e4d2e2a2337a92e91a6 Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 7 Jul 2014 09:19:40 +0200
Subject: many-to-many around cpeps list handling

---
 .../src/main/resources/config/bindings.xjb           | 20 ++++++++++++++++++++
 .../src/main/resources/config/moaid_config_2.0.xsd   |  2 ++
 2 files changed, 22 insertions(+)

diff --git a/id/server/moa-id-commons/src/main/resources/config/bindings.xjb b/id/server/moa-id-commons/src/main/resources/config/bindings.xjb
index cf04319c8..43fe21465 100644
--- a/id/server/moa-id-commons/src/main/resources/config/bindings.xjb
+++ b/id/server/moa-id-commons/src/main/resources/config/bindings.xjb
@@ -2,6 +2,8 @@
 	xmlns:jaxb="http://java.sun.com/xml/ns/jaxb"
 	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
 	xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc"
+	xmlns:hj="http://hyperjaxb3.jvnet.org/ejb/schemas/customizations"
+	xmlns:orm="http://java.sun.com/xml/ns/persistence/orm"
 	jaxb:extensionBindingPrefixes="hj">
 	
 	<jaxb:bindings schemaLocation="moaid_config_2.0.xsd" node="/xsd:schema">
@@ -12,4 +14,22 @@
                       adapter="com.sun.tools.xjc.runtime.ZeroOneBooleanAdapter"/>
 		</jaxb:globalBindings>
 	</jaxb:bindings>
+	
+	<jaxb:bindings  schemaLocation="moaid_config_2.0.xsd" node="/xsd:schema/xsd:element[@name='C-PEPS']//xsd:element[@ref='OA_STORK']">
+  	<hj:many-to-many name="OA_STORK">
+    	<orm:join-table name="OA_C-PEPS">
+      	<orm:join-column name="aid" referenced-column-name="hjid" />
+        <orm:inverse-join-column name="bid" referenced-column-name="hjid" />
+      </orm:join-table>
+		</hj:many-to-many>
+	</jaxb:bindings>
+	
+	<jaxb:bindings  schemaLocation="moaid_config_2.0.xsd" node="/xsd:schema/xsd:element[@name='OA_STORK']//xsd:element[@ref='C-PEPS']">
+		<hj:many-to-many name="C-PEPS" mappedBy="OA_STORK">
+    	 <hj:cascade>
+      	 <hj:cascade-persist/>
+       </hj:cascade>
+		</hj:many-to-many>	
+	</jaxb:bindings>
+	
 </jaxb:bindings>
\ No newline at end of file
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index 8bc532236..f99304dcc 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -803,6 +803,7 @@
 		<xsd:annotation>
 			<xsd:documentation>Name zum Key eines KeyStores, der den privaten
 				Schlüssel zum Erstellen einer Signatur darstellt
+
 			</xsd:documentation>
 		</xsd:annotation>
 		<xsd:complexType>
@@ -822,6 +823,7 @@
 		<xsd:complexType>
 			<xsd:sequence>
 				<xsd:element name="AttributeValue" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+				<xsd:element ref="OA_STORK" minOccurs="0" maxOccurs="unbounded"/>
 			</xsd:sequence>
 			<xsd:attribute name="countryCode" type="CountryCodeType" use="required"/>
 			<xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
-- 
cgit v1.2.3


From f595cb0d46358e44fad838dd01a449e40c52e18b Mon Sep 17 00:00:00 2001
From: Florian Reimair <florian.reimair@iaik.tugraz.at>
Date: Mon, 7 Jul 2014 10:33:51 +0200
Subject: fixed many-to-many sql syntax hibernate problem with linux
 mysqlserver

---
 id/server/moa-id-commons/src/main/resources/config/bindings.xjb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/id/server/moa-id-commons/src/main/resources/config/bindings.xjb b/id/server/moa-id-commons/src/main/resources/config/bindings.xjb
index 43fe21465..21714849b 100644
--- a/id/server/moa-id-commons/src/main/resources/config/bindings.xjb
+++ b/id/server/moa-id-commons/src/main/resources/config/bindings.xjb
@@ -17,7 +17,7 @@
 	
 	<jaxb:bindings  schemaLocation="moaid_config_2.0.xsd" node="/xsd:schema/xsd:element[@name='C-PEPS']//xsd:element[@ref='OA_STORK']">
   	<hj:many-to-many name="OA_STORK">
-    	<orm:join-table name="OA_C-PEPS">
+    	<orm:join-table name="OA_CPEPS">
       	<orm:join-column name="aid" referenced-column-name="hjid" />
         <orm:inverse-join-column name="bid" referenced-column-name="hjid" />
       </orm:join-table>
@@ -25,7 +25,7 @@
 	</jaxb:bindings>
 	
 	<jaxb:bindings  schemaLocation="moaid_config_2.0.xsd" node="/xsd:schema/xsd:element[@name='OA_STORK']//xsd:element[@ref='C-PEPS']">
-		<hj:many-to-many name="C-PEPS" mappedBy="OA_STORK">
+		<hj:many-to-many name="CPEPS" mappedBy="OA_STORK">
     	 <hj:cascade>
       	 <hj:cascade-persist/>
        </hj:cascade>
-- 
cgit v1.2.3


From 8b8ea32ebd30b542a9b4ea1c797078377443f251 Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Mon, 7 Jul 2014 17:14:55 +0200
Subject: Encoding fix, getAttributeValue now optionally returns null instead
 of throwing an exception

---
 .../moa/id/auth/AuthenticationServer.java          |  7 ++-
 .../auth/builder/StartAuthenticationBuilder.java   |  2 +-
 .../moa/id/auth/servlet/GetForeignIDServlet.java   |  1 -
 .../moa/id/auth/servlet/PEPSConnectorServlet.java  |  4 +-
 .../PEPSConnectorWithLocalSigningServlet.java      | 10 ++--
 .../servlet/VerifyAuthenticationBlockServlet.java  |  4 +-
 .../moa/id/auth/stork/STORKResponseProcessor.java  | 56 ++++++++++++----------
 .../gv/egovernment/moa/id/moduls/SSOManager.java   |  2 +-
 .../moa/id/protocols/pvp2x/MetadataAction.java     |  2 +-
 .../pvp2x/builder/attributes/EIDAuthBlock.java     |  2 +-
 .../builder/attributes/EIDIdentityLinkBuilder.java |  2 +-
 .../pvp2x/builder/attributes/EIDSTORKTOKEN.java    |  2 +-
 .../pvp2x/verification/SAMLVerifierMOASP.java      |  2 +-
 .../id/protocols/stork2/AuthenticationRequest.java |  4 +-
 .../moa/id/protocols/stork2/ConsentEvaluator.java  |  4 +-
 .../MandateAttributeRequestProvider.java           |  2 +-
 .../SignedDocAttributeRequestProvider.java         | 45 ++++++++++++++++-
 .../StorkAttributeRequestProvider.java             |  2 +-
 18 files changed, 102 insertions(+), 51 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index c2eefa3d8..8d2684c9b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -11,6 +11,7 @@ import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
 import java.math.BigInteger;
 import java.security.NoSuchAlgorithmException;
 import java.security.Principal;
@@ -1663,7 +1664,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	    	SZRGWClient client = new SZRGWClient(connectionParameters);
 	    	 	    	
 	    	CreateIdentityLinkRequest request = new CreateIdentityLinkRequest();
-	    	request.setSignature(citizenSignature.getBytes());
+	    	request.setSignature(citizenSignature.getBytes("UTF-8"));
 	
             PEPSData data = new PEPSData();
             data.setDateOfBirth(PEPSDateOfBirth);
@@ -1711,6 +1712,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	    catch (ConfigurationException e) {
 	    	Logger.warn(e);
 	    	Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null ));
+		} catch (UnsupportedEncodingException e) {
+			Logger.warn(e);
 		}
 	    
 	    return null;
@@ -1912,7 +1915,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
             template.merge(context, writer);
 
             resp.setContentType("text/html;charset=UTF-8");            
-            resp.getOutputStream().write(writer.toString().getBytes());
+            resp.getOutputStream().write(writer.toString().getBytes("UTF-8"));
 
         } catch (Exception e) {
             Logger.error("Error sending STORK SAML AuthnRequest.", e);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java
index 9f2d5b641..484fe1f9e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java
@@ -56,7 +56,7 @@ public class StartAuthenticationBuilder {
 		  
 	    STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig();
 	    
-	    Logger.info("Starting authentication for a citizen of country: " + (StringUtils.isEmpty(moasession.getCcc()) ? "AT" : moasession.getCcc()));    
+	    Logger.info("Starting authentication for a citizen of country: " + (StringUtils.isEmpty(moasession.getCcc()) ? "AT" : moasession.getCcc()));
 	    // STORK or normal authentication
 	    if (storkConfig.isSTORKAuthentication(moasession.getCcc())) {
 	    	//STORK authentication
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
index f11489dd2..bbc704f22 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java
@@ -161,7 +161,6 @@ public class GetForeignIDServlet extends AuthServlet {
 	    AuthenticationSession session = null;
 	    try {
 	    	String xmlCreateXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE);
-	    	
           // check parameter
           if (!ParamValidatorUtils.isValidSessionID(sessionID))
              throw new WrongParametersException("GetForeignID", PARAM_SESSIONID, "auth.12");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 0ba144b80..2d49eb809 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -270,7 +270,7 @@ public class PEPSConnectorServlet extends AuthServlet {
 						for(Object currentX509Data : ((JAXBElement<X509DataType>) current).getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName()) {
 							JAXBElement<?> casted = ((JAXBElement<?>) currentX509Data);
 							if(casted.getName().getLocalPart().equals("X509Certificate")) {
-								moaSession.setSignerCertificate(new X509Certificate(((String)casted.getValue()).getBytes()));
+								moaSession.setSignerCertificate(new X509Certificate(((String)casted.getValue()).getBytes("UTF-8")));
 								break;
 							}
 						}
@@ -339,7 +339,7 @@ public class PEPSConnectorServlet extends AuthServlet {
 						StringWriter writer = new StringWriter();
 						template.merge(context, writer);
 						
-						response.getOutputStream().write(writer.toString().getBytes());
+						response.getOutputStream().write(writer.toString().getBytes("UTF-8"));
 					} catch (Exception e1) {
 						Logger.error("Error sending gender retrival form.", e1);
 //						httpSession.invalidate();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
index ee0ae4b87..dfb2753ec 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
@@ -233,7 +233,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 						StringWriter writer = new StringWriter();
 						template.merge(context, writer);
 
-						response.getOutputStream().write(writer.toString().getBytes());
+						response.getOutputStream().write(writer.toString().getBytes("UTF-8"));
 					} catch (Exception e1) {
 						Logger.error("Error sending gender retrival form.", e1);
 						//						httpSession.invalidate();
@@ -505,7 +505,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 						StringWriter writer = new StringWriter();
 						template.merge(context, writer);
 
-						response.getOutputStream().write(writer.toString().getBytes());
+						response.getOutputStream().write(writer.toString().getBytes("UTF-8"));
 					} catch (Exception e1) {
 						Logger.error("Error sending gender retrival form.", e1);
 						//						httpSession.invalidate();
@@ -576,7 +576,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 			StringWriter writer = new StringWriter();
 			template.merge(context, writer);
 
-			resp.getOutputStream().write(writer.toString().getBytes());
+			resp.getOutputStream().write(writer.toString().getBytes("UTF-8"));
 		} catch (Exception e) {
 			Logger.error("Error sending DSS signrequest.", e);
 			throw new MOAIDException("stork.11", null);
@@ -615,7 +615,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 		return citizenSignature;
 	}
 
-	private X509Certificate getSignerCertificate(String citizenSignature) throws CertificateException, JAXBException
+	private X509Certificate getSignerCertificate(String citizenSignature) throws CertificateException, JAXBException, UnsupportedEncodingException
 	{
 		JAXBContext ctx = JAXBContext.newInstance(SignatureType.class.getPackage().getName());
 		SignatureType root = ((JAXBElement<SignatureType>) ctx.createUnmarshaller().unmarshal(IOUtils.toInputStream(citizenSignature))).getValue();
@@ -626,7 +626,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 				for(Object currentX509Data : ((JAXBElement<X509DataType>) current).getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName()) {
 					JAXBElement<?> casted = ((JAXBElement<?>) currentX509Data);
 					if(casted.getName().getLocalPart().equals("X509Certificate")) {
-						return new X509Certificate(((String)casted.getValue()).getBytes());
+						return new X509Certificate(((String)casted.getValue()).getBytes("UTF-8"));
 					}
 				}
 			}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
index 98edf1fe4..e7fa9cbd7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
@@ -207,7 +207,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 					
 					//System.out.println("IDL: " + s);
 					
-					byte[] idl = s.getBytes();
+					byte[] idl = s.getBytes("UTF-8");
 					
 					// redirect url
 					// build redirect(to the GetMISSessionIdSerlvet)
@@ -238,7 +238,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet {
 			        String oaFriendlyName = oaParam.getFriendlyName();
 			        String mandateReferenceValue = session.getMandateReferenceValue();
 			        byte[] cert = session.getEncodedSignerCertificate();
-			        byte[] authBlock = session.getAuthBlock().getBytes();
+			        byte[] authBlock = session.getAuthBlock().getBytes("UTF-8");
 			        
 			        //TODO: check in case of SSO!!!
 			        String targetType = null;  
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
index 2c8b44404..46fd06741 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
@@ -105,13 +105,19 @@ public class STORKResponseProcessor {
 	 * @throws STORKException the sTORK exception
 	 */
 	private static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList) throws STORKException {
+		return getAttributeValue(attributeName, attributeList, true);
+	}
+	private static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList, boolean throwException) throws STORKException {
 		try {
 			String result = attributeList.get(attributeName).getValue().get(0);
 			Logger.trace(attributeName + " : " + result);
 			return result;
-		} catch(NullPointerException e) {
+		} catch(Exception e) {
 			Logger.error(attributeName + " not found in response");
-			throw new STORKException(attributeName + " not found in response");
+			if(throwException)
+				throw new STORKException(attributeName + " not found in response");
+			else
+				return null;
 		}
 	}
 
@@ -137,29 +143,29 @@ public class STORKResponseProcessor {
 
 			// if there is no signedDoc attribute, we cannot go on
 			String citizenSignature = getAttributeValue("signedDoc", attributeList);
-			String fiscalNumber = getAttributeValue("fiscalNumber", attributeList);
+			String fiscalNumber = getAttributeValue("fiscalNumber", attributeList, false);
 			
 			// if we have a signedDoc we test for a representation case
 			// - according to stork samlengine and commons
 			if(hasAttribute("mandate", attributeList)) {
 				// we have a representation case
-				String mandate = getAttributeValue("mandate", attributeList);
+				String mandate = getAttributeValue("mandate", attributeList, false);
 				
 				if(!hasAttribute("dateOfBirth", attributeList)) {
 					// if we get here, we have a natural person representing a legal person
-					String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList);
-					String organizationType = getAttributeValue("translateableType", attributeList);
+					String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList, false);
+					String organizationType = getAttributeValue("translateableType", attributeList, false);
 					
 					identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, null, null, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber);
 				} else {
 					// if we get here, we have a natural person representing another natural person
-					String eIdentifier = getAttributeValue("eIdentifier", attributeList);
-					String givenName = getAttributeValue("givenName", attributeList);
-					String lastName = getAttributeValue("surname", attributeList);
-					String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+					String eIdentifier = getAttributeValue("eIdentifier", attributeList, false);
+					String givenName = getAttributeValue("givenName", attributeList, false);
+					String lastName = getAttributeValue("surname", attributeList, false);
+					String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false);
 					
 					// gender attribute is mandatory here because of some legal stuff
-					String gender = getAttributeValue("gender", attributeList);
+					String gender = getAttributeValue("gender", attributeList, false);
 					
 					if (!StringUtils.isEmpty(dateOfBirth))
 						dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
@@ -172,25 +178,25 @@ public class STORKResponseProcessor {
 			// - according to stork spec
 			else if(hasAttribute("mandateContent", attributeList) || hasAttribute("representative", attributeList) || hasAttribute("represented", attributeList)) {
 				// we have a representation case
-				String representative = getAttributeValue("representative", attributeList);
-				String represented = getAttributeValue("represented", attributeList);
-				String mandate = getAttributeValue("mandateContent", attributeList);
+				String representative = getAttributeValue("representative", attributeList, false);
+				String represented = getAttributeValue("represented", attributeList, false);
+				String mandate = getAttributeValue("mandateContent", attributeList, false);
 				
 				if(!hasAttribute("dateOfBirth", attributeList)) {
 					// if we get here, we have a natural person representing a legal person
-					String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList);
-					String organizationType = getAttributeValue("translateableType", attributeList);
+					String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList, false);
+					String organizationType = getAttributeValue("translateableType", attributeList, false);
 									
 					identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, representative, represented, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber);
 				} else {
 					// if we get here, we have a natural person representing another natural person
-					String eIdentifier = getAttributeValue("eIdentifier", attributeList);
-					String givenName = getAttributeValue("givenName", attributeList);
-					String lastName = getAttributeValue("surname", attributeList);
-					String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+					String eIdentifier = getAttributeValue("eIdentifier", attributeList, false);
+					String givenName = getAttributeValue("givenName", attributeList, false);
+					String lastName = getAttributeValue("surname", attributeList, false);
+					String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false);
 			
 					// gender attribute is mandatory here because of some legal stuff
-					String gender = getAttributeValue("gender", attributeList);
+					String gender = getAttributeValue("gender", attributeList, false);
 					
 					if (!StringUtils.isEmpty(dateOfBirth))
 						dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
@@ -201,10 +207,10 @@ public class STORKResponseProcessor {
 				}
 			} else {
 				// we do not have a representation case
-				String eIdentifier = getAttributeValue("eIdentifier", attributeList);
-				String givenName = getAttributeValue("givenName", attributeList);
-				String lastName = getAttributeValue("surname", attributeList);
-				String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+				String eIdentifier = getAttributeValue("eIdentifier", attributeList, false);
+				String givenName = getAttributeValue("givenName", attributeList, false);
+				String lastName = getAttributeValue("surname", attributeList, false);
+				String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false);
 				if (!StringUtils.isEmpty(dateOfBirth))
 					dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
 				identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, fiscalNumber);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index cb12bc5bd..ca3117a79 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -342,7 +342,7 @@ public class SSOManager {
 
 		
 		httpResp.setContentType("text/html;charset=UTF-8");            
-		httpResp.getOutputStream().write(writer.toString().getBytes());
+		httpResp.getOutputStream().write(writer.toString().getBytes("UTF-8"));
 		
 	}
 	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
index fec8e3b98..dbf54951f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
@@ -165,7 +165,7 @@ public class MetadataAction implements IAction {
 			Logger.debug("METADATA: " + metadataXML);
 						
 			httpResp.setContentType("text/xml");
-			httpResp.getOutputStream().write(metadataXML.getBytes());
+			httpResp.getOutputStream().write(metadataXML.getBytes("UTF-8"));
 
 			httpResp.getOutputStream().close();
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java
index ded9e7166..4f3aff469 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java
@@ -46,7 +46,7 @@ public class EIDAuthBlock implements IPVPAttributeBuilder {
 			String authblock = authData.getAuthBlock();
 			if (MiscUtil.isNotEmpty(authblock)) {
 				return g.buildStringAttribute(EID_AUTH_BLOCK_FRIENDLY_NAME, EID_AUTH_BLOCK_NAME,
-						Base64Utils.encode(authblock.getBytes()));
+						Base64Utils.encode(authblock.getBytes("UTF-8")));
 			}
 			
 		}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDIdentityLinkBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDIdentityLinkBuilder.java
index 531369e9a..e8aeb8fcd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDIdentityLinkBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDIdentityLinkBuilder.java
@@ -43,7 +43,7 @@ public class EIDIdentityLinkBuilder implements IPVPAttributeBuilder {
 			ilAssertion = authData.getIdentityLink().getSerializedSamlAssertion();
 			
 			return g.buildStringAttribute(EID_IDENTITY_LINK_FRIENDLY_NAME,
-					EID_IDENTITY_LINK_NAME, Base64Utils.encode(ilAssertion.getBytes()));
+					EID_IDENTITY_LINK_NAME, Base64Utils.encode(ilAssertion.getBytes("UTF-8")));
 			
 		} catch (IOException e) {
 			Logger.warn("IdentityLink serialization error.", e);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSTORKTOKEN.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSTORKTOKEN.java
index 04cc59b10..5e723baab 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSTORKTOKEN.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSTORKTOKEN.java
@@ -54,7 +54,7 @@ public class EIDSTORKTOKEN implements IPVPAttributeBuilder  {
 			} else {				
 				try {
 					return g.buildStringAttribute(EID_STORK_TOKEN_FRIENDLY_NAME, EID_STORK_TOKEN_NAME, 
-							Base64Utils.encode(storkResponse.getBytes()));
+							Base64Utils.encode(storkResponse.getBytes("UTF-8")));
 					
 				} catch (IOException e) {
 					Logger.warn("Encode AuthBlock BASE64 failed.", e);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java
index 8dfebc06c..4de783323 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java
@@ -70,7 +70,7 @@ public class SAMLVerifierMOASP implements ISAMLVerifier {
 
 				// builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
 				Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
-						.build(XMLUtil.printXML(request.getDOM()).getBytes(),
+						.build(XMLUtil.printXML(request.getDOM()).getBytes("UTF-8"),
 								trustProfileID);
 
 				Logger.trace("VerifyXMLSignatureRequest for MOA-SP succesfully built");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index b62e6de32..c64c5b488 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -318,7 +318,7 @@ public class AuthenticationRequest implements IAction {
             Logger.debug("Sending html content: " + writer.getBuffer().toString());
             Logger.debug("Sending html content2  : " + new String(writer.getBuffer()));
 
-            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes());
+            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8"));
 
         } catch (IOException e) {
             Logger.error("Velocity IO error: " + e.getMessage());
@@ -380,7 +380,7 @@ public class AuthenticationRequest implements IAction {
             Logger.debug("Sending html content: " + writer.getBuffer().toString());
             Logger.debug("Sending html content2  : " + new String(writer.getBuffer()));
 
-            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes());
+            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8"));
 
         } catch (Exception e) {
             Logger.error("Velocity error: " + e.getMessage());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
index 2b00f15e2..3159574fe 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
@@ -142,7 +142,7 @@ public class ConsentEvaluator implements IAction {
 
 			StringWriter writer = new StringWriter();
 			template.merge(context, writer);
-			response.getOutputStream().write(writer.getBuffer().toString().getBytes());
+			response.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8"));
 
 		} catch (Exception e) {
 			Logger.error("Velocity error: " + e.getMessage());
@@ -209,7 +209,7 @@ public class ConsentEvaluator implements IAction {
             Logger.debug("Sending html content: " + writer.getBuffer().toString());
             Logger.debug("Sending html content2  : " + new String(writer.getBuffer()));
 
-            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes());
+            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8"));
 
         } catch (Exception e) {
             Logger.error("Velocity error: " + e.getMessage());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java
index 8df3c00aa..07e5b70ba 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java
@@ -192,7 +192,7 @@ public class MandateAttributeRequestProvider extends AttributeProvider {
             StringWriter writer = new StringWriter();
             template.merge(context, writer);
 
-            resp.getOutputStream().write(writer.toString().getBytes());
+            resp.getOutputStream().write(writer.toString().getBytes("UTF-8"));
         } catch (Exception e) {
             Logger.error("Error sending STORK SAML AttrRequest.", e);
             throw new MOAIDException("stork.11", null);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java
index af973475b..2aa10b9dd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java
@@ -217,6 +217,49 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider {
 					{
 						//No document service used?
 						// do nothing....
+						//TODO temporary fix because document is deleted after fetching => SP can't download Doc
+						//Add doc to Signresponse
+
+						DocumentWithSignature documentWithSignature = new DocumentWithSignature();
+						DocumentType value = new DocumentType();
+						if(signResponse.getProfile().toLowerCase().contains("xades"))
+						{
+							value.setBase64XML(data);
+						}
+						else
+						{
+							Base64Data base64data = new Base64Data();
+							base64data.setValue(data);
+							base64data.setMimeType(dataSource.getContentType());
+							value.setBase64Data(base64data);
+						}
+						documentWithSignature.setDocument(value);
+						if(signResponse.getOptionalOutputs()!=null)
+						{
+							//signResponse.getOptionalOutputs().getAny().add(documentWithSignature);
+							for(Object o :signResponse.getOptionalOutputs().getAny())
+							{
+								if(o instanceof DocumentWithSignature)
+								{
+									signResponse.getOptionalOutputs().getAny().remove(o);
+									signResponse.getOptionalOutputs().getAny().add(documentWithSignature);
+									break;
+								}
+							}
+						}
+						else
+						{
+							AnyType anytype = new AnyType();
+							anytype.getAny().add(documentWithSignature);
+							signResponse.setOptionalOutputs(anytype );
+						}
+
+//						System.out.println("overwriting:"+signResponse.getResult().getResultMessage()+" with DTL url:"+dtlUrl);
+						InputStream istr = ApiUtils.marshalToInputStream(signResponse);
+						StringWriter writer = new StringWriter();
+						IOUtils.copy(istr, writer, "UTF-8");
+						signResponseString = writer.toString();
+						Logger.info("SignResponse overwritten:"+signResponseString);
 					}
 			}
 			else
@@ -335,7 +378,7 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider {
 			StringWriter writer = new StringWriter();
 			template.merge(context, writer);
 
-			resp.getOutputStream().write(writer.toString().getBytes());
+			resp.getOutputStream().write(writer.toString().getBytes("UTF-8"));
 		} catch (Exception e) {
 			Logger.error("Error sending DSS signrequest.", e);
 			throw new MOAIDException("stork.11", null);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/StorkAttributeRequestProvider.java
index d7e2cdf58..cb3a33c69 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/StorkAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/StorkAttributeRequestProvider.java
@@ -172,7 +172,7 @@ public class StorkAttributeRequestProvider extends AttributeProvider {
 			StringWriter writer = new StringWriter();
 			template.merge(context, writer);
 
-			resp.getOutputStream().write(writer.toString().getBytes());
+			resp.getOutputStream().write(writer.toString().getBytes("UTF-8"));
 		} catch (Exception e) {
 			Logger.error("Error sending STORK SAML AttrRequest.", e);
 			throw new MOAIDException("stork.11", null);
-- 
cgit v1.2.3


From 625ad07c6fb159cecd59b532ccfc35ce6b8b3e31 Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Mon, 7 Jul 2014 17:34:33 +0200
Subject: added missing catch block

---
 .../moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java      | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java
index 4de783323..885de6805 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java
@@ -22,6 +22,8 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.pvp2x.verification;
 
+import java.io.UnsupportedEncodingException;
+
 import org.opensaml.saml2.core.RequestAbstractType;
 import org.opensaml.security.SAMLSignatureProfileValidator;
 import org.opensaml.xml.validation.ValidationException;
@@ -123,6 +125,10 @@ public class SAMLVerifierMOASP implements ISAMLVerifier {
 			String msg = "Unable to invoke MOA-SP.";
 			Logger.error(msg, e);
 			throw new SecurityException(msg, e);
+		} catch (UnsupportedEncodingException e) {
+			String msg = "Unsupported Encoding.";
+			Logger.error(msg, e);
+			throw new SecurityException(msg, e);
 		}
 
 	}
-- 
cgit v1.2.3


From 9d07e7a6dcd66c0ebff241e4f0113b787fcbcffb Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Mon, 7 Jul 2014 17:42:03 +0200
Subject: copied changes from "set correct target type element" to
 PEPSConnectorWithLocalSigningServlet

---
 .../PEPSConnectorWithLocalSigningServlet.java      | 29 +++++++++++-----------
 1 file changed, 14 insertions(+), 15 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
index dfb2753ec..129494cbe 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
@@ -213,7 +213,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 				PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values,
 						"Available");
 				personalAttributeList.add(signedDocAttribute);
-				
+
 				String authnContextClassRef = moaSession.getAuthnContextClassRef();
 				SZRGInsertion(moaSession, personalAttributeList, authnContextClassRef);
 			} catch (STORKException e) {
@@ -646,19 +646,18 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 
 		// retrieve target
 		//TODO: check in case of SSO!!!
-		String targetType = null;
-		String targetValue = null;
-		if(oaParam.getBusinessService()) {
-			String id = oaParam.getIdentityLinkDomainIdentifier();
-			if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
-				targetValue = id.substring(AuthenticationSession.REGISTERANDORDNR_PREFIX_.length());
-			else
-				targetValue = moaSession.getDomainIdentifier();
-			targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_;
-		} else {
-			targetType = AuthenticationSession.TARGET_PREFIX_;
-			targetValue = oaParam.getTarget();
-		}
+        String targetType = null;
+        if(oaParam.getBusinessService()) {
+        	String id = oaParam.getIdentityLinkDomainIdentifier();
+        	if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
+        		targetType = id;
+        	else
+        		targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_ + moaSession.getDomainIdentifier();
+        } else {
+        	targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget();
+        }
+        
+		
 
 		Logger.debug("Starting connecting SZR Gateway");
 		//contact SZR Gateway
@@ -666,7 +665,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 
 		identityLink = STORKResponseProcessor.connectToSZRGateway(personalAttributeList,
 				oaParam.getFriendlyName(), 
-				targetType, targetValue, 
+				targetType, null, 
 				oaParam.getMandateProfiles());
 		Logger.debug("SZR communication was successfull");
 
-- 
cgit v1.2.3


From 45727ed45e3deec0fff835a26f9b87adcfd0c6ba Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 8 Jul 2014 09:38:37 +0200
Subject: fix exception if attribute is not provided

---
 .../moa/id/auth/stork/STORKResponseProcessor.java  | 30 +++++++++++++---------
 1 file changed, 18 insertions(+), 12 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
index 2c8b44404..2f1e50a05 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
@@ -136,8 +136,10 @@ public class STORKResponseProcessor {
 			Logger.trace("Starting call...");
 
 			// if there is no signedDoc attribute, we cannot go on
+			String fiscalNumber = null;
 			String citizenSignature = getAttributeValue("signedDoc", attributeList);
-			String fiscalNumber = getAttributeValue("fiscalNumber", attributeList);
+			if (hasAttribute("fiscalNumber", attributeList))
+				fiscalNumber = getAttributeValue("fiscalNumber", attributeList);
 			
 			// if we have a signedDoc we test for a representation case
 			// - according to stork samlengine and commons
@@ -156,14 +158,15 @@ public class STORKResponseProcessor {
 					String eIdentifier = getAttributeValue("eIdentifier", attributeList);
 					String givenName = getAttributeValue("givenName", attributeList);
 					String lastName = getAttributeValue("surname", attributeList);
-					String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+					String dateOfBirth = null;
+					if (hasAttribute("dateOfBirth", attributeList)) {
+						dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+						dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
+					}
 					
 					// gender attribute is mandatory here because of some legal stuff
 					String gender = getAttributeValue("gender", attributeList);
 					
-					if (!StringUtils.isEmpty(dateOfBirth))
-						dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
-
 					identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, 
 							givenName, lastName, dateOfBirth, gender, citizenSignature, null,
 							null, mandate, targetType, targetValue, oaFriendlyName, filters, fiscalNumber);
@@ -187,14 +190,15 @@ public class STORKResponseProcessor {
 					String eIdentifier = getAttributeValue("eIdentifier", attributeList);
 					String givenName = getAttributeValue("givenName", attributeList);
 					String lastName = getAttributeValue("surname", attributeList);
-					String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+					String dateOfBirth = null;
+					if (hasAttribute("dateOfBirth", attributeList)) {
+						dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
+						dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
+					}
 			
 					// gender attribute is mandatory here because of some legal stuff
 					String gender = getAttributeValue("gender", attributeList);
-					
-					if (!StringUtils.isEmpty(dateOfBirth))
-						dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
-
+				
 					identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, 
 							givenName, lastName, dateOfBirth, gender, citizenSignature, representative,
 							represented, mandate, targetType, targetValue, oaFriendlyName, filters, fiscalNumber);
@@ -204,9 +208,11 @@ public class STORKResponseProcessor {
 				String eIdentifier = getAttributeValue("eIdentifier", attributeList);
 				String givenName = getAttributeValue("givenName", attributeList);
 				String lastName = getAttributeValue("surname", attributeList);
-				String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
-				if (!StringUtils.isEmpty(dateOfBirth))
+				String dateOfBirth = null;
+				if (hasAttribute("dateOfBirth", attributeList)) {
+					dateOfBirth = getAttributeValue("dateOfBirth", attributeList);
 					dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);
+				}
 				identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, fiscalNumber);
 			}
 	    	
-- 
cgit v1.2.3


From 49daddb4b7296311aa68fc717dfcb35005e16b3e Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 8 Jul 2014 09:39:15 +0200
Subject: change Version to  MOA-ID-Auth 2.1.1-Snapshot  MOA-ID-Configuration
 1.1.1-Snapshot

---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 2888425d1..52e2c8570 100644
--- a/pom.xml
+++ b/pom.xml
@@ -12,10 +12,10 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         
         <moa-commons-version>2.0.0</moa-commons-version>
-				<moa-id-version>2.1.0</moa-id-version>
+				<moa-id-version>2.1.1-Snapshot</moa-id-version>
 				<moa-id-proxy-version>2.0.0</moa-id-proxy-version>
         <moa-spss-version>2.0.1</moa-spss-version>
-				<configtool-version>1.1.0</configtool-version>
+				<configtool-version>1.1.1-Snapshot</configtool-version>
 				<demo-oa-version>2.0.2</demo-oa-version>
     </properties>
 
-- 
cgit v1.2.3


From 5f01c76acc4bcb0539f3de39b3e38e0bd25e336f Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Tue, 8 Jul 2014 14:58:58 +0200
Subject: szrg connector now extracts signature form Signresponse

---
 .../PEPSConnectorWithLocalSigningServlet.java      |  8 +--
 .../moa/id/auth/stork/STORKResponseProcessor.java  | 78 ++++++++++++++++------
 2 files changed, 61 insertions(+), 25 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
index 129494cbe..bf2df9d7a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
@@ -205,15 +205,15 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 			moaSession.setXMLVerifySignatureResponse(tmp);
 			try{
 				IPersonalAttributeList personalAttributeList = moaSession.getAuthnResponseGetPersonalAttributeList();
-				//Add signResponse
+				//Add SignResponse   TODO Add signature (extracted from signResponse)?
 				List<String> values = new ArrayList<String>();
-				//values.add(signResponseString);
-				values.add(citizenSignature);
+				values.add(signResponseString);
+//				values.add(citizenSignature);
 				Logger.debug("Assembling signedDoc attribute");
 				PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values,
 						"Available");
 				personalAttributeList.add(signedDocAttribute);
-
+				
 				String authnContextClassRef = moaSession.getAuthnContextClassRef();
 				SZRGInsertion(moaSession, personalAttributeList, authnContextClassRef);
 			} catch (STORKException e) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
index 46fd06741..5d7eefe0a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
@@ -26,28 +26,19 @@
 package at.gv.egovernment.moa.id.auth.stork;
 
 import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
 import java.util.List;
 import java.util.Vector;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.namespace.QName;
+import javax.activation.DataSource;
+import javax.xml.transform.Source;
+import javax.xml.transform.TransformerConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactoryConfigurationError;
+import javax.xml.transform.stream.StreamSource;
 
-import org.opensaml.common.binding.BasicSAMLMessageContext;
-import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
-import org.opensaml.saml2.core.Assertion;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.ws.transport.http.HTTPInTransport;
-import org.opensaml.ws.transport.http.HTTPOutTransport;
-import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
-import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.schema.XSAny;
-import org.opensaml.xml.schema.XSString;
-import org.opensaml.xml.util.Base64;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
+import org.apache.commons.io.IOUtils;
 
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
@@ -57,12 +48,16 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.exception.ParseException;
 import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
 import at.gv.egovernment.moa.id.client.SZRGWClientException;
-import at.gv.egovernment.moa.id.util.XMLUtil;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Constants;
 import at.gv.egovernment.moa.util.DateTimeUtils;
 import at.gv.egovernment.moa.util.StringUtils;
 import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
+import eu.stork.oasisdss.api.ApiUtils;
+import eu.stork.oasisdss.api.LightweightSourceResolver;
+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
+import eu.stork.oasisdss.api.exceptions.UtilsException;
+import eu.stork.oasisdss.profile.SignResponse;
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 
@@ -142,7 +137,13 @@ public class STORKResponseProcessor {
 			Logger.trace("Starting call...");
 
 			// if there is no signedDoc attribute, we cannot go on
-			String citizenSignature = getAttributeValue("signedDoc", attributeList);
+			String signResponseString = getAttributeValue("signedDoc", attributeList);
+			
+			//Extract signature from SIgnResponse
+			Source response1 = new StreamSource(new java.io.StringReader(signResponseString));
+			SignResponse dssSignResponse = ApiUtils.unmarshal(response1, SignResponse.class);
+			String citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse);
+			
 			String fiscalNumber = getAttributeValue("fiscalNumber", attributeList, false);
 			
 			// if we have a signedDoc we test for a representation case
@@ -235,7 +236,27 @@ public class STORKResponseProcessor {
 		} catch (ParseException e) {
 			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
 			throw new MOAIDException("auth.25", null, e);
-			
+		} catch (ApiUtilsException e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
+		} catch (IllegalArgumentException e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
+		} catch (TransformerConfigurationException e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
+		} catch (UtilsException e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
+		} catch (TransformerException e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
+		} catch (TransformerFactoryConfigurationError e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
+		} catch (IOException e) {
+			Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+			throw new MOAIDException("auth.25", null, e);
 		} 
     		    
     	return identityLink;
@@ -272,5 +293,20 @@ public class STORKResponseProcessor {
 		
 		return moaExtendedSAMLAttributeList;
 	}
+	
+	private static String getCitizienSignatureFromSignResponse(SignResponse dssSignResponse) throws IllegalArgumentException, TransformerConfigurationException, UtilsException, TransformerException, TransformerFactoryConfigurationError, IOException, ApiUtilsException
+	{
+		// fetch signed doc
+		DataSource ds = LightweightSourceResolver.getDataSource(dssSignResponse);
+		if(ds == null){
+			throw new ApiUtilsException("No datasource found in response");
+		}				
+
+		InputStream incoming  = ds.getInputStream();
+		String citizenSignature = IOUtils.toString(incoming);
+		incoming.close();
+
+		return citizenSignature;
+	}
 
 }
-- 
cgit v1.2.3


From 2c08cd2206340912411e092a99c6874be179d211 Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Tue, 8 Jul 2014 15:00:05 +0200
Subject: attribute provider fix If one attribute failed all followings were
 skipped

---
 .../gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index c64c5b488..3bd827667 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -455,8 +455,12 @@ public class AuthenticationRequest implements IAction {
 
         try {
             for (PersonalAttribute personalAttribute : attrLst) {
+            	 try {
                 Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired());
                 moaAttributeProvider.populateAttribute(attributeList, personalAttribute);
+            	 } catch (Exception e) {
+                     Logger.error("Exception, attributes: " + e.getMessage());
+                 }
             }
         } catch (Exception e) {
             Logger.error("Exception, attributes: " + e.getMessage());
-- 
cgit v1.2.3


From 8594d17a97f1e53a81719141ce70f55d6269553e Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Tue, 8 Jul 2014 15:35:03 +0200
Subject: pass signature to szrg connector and only try to parse it there from
 SignedDoc if it is missing

---
 .../moa/id/auth/servlet/PEPSConnectorServlet.java      |  2 +-
 .../servlet/PEPSConnectorWithLocalSigningServlet.java  |  8 ++++----
 .../moa/id/auth/stork/STORKResponseProcessor.java      | 18 +++++++++++-------
 3 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 5a2fda67f..ee1d1728a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -318,7 +318,7 @@ public class PEPSConnectorServlet extends AuthServlet {
 				identityLink = STORKResponseProcessor.connectToSZRGateway(authnResponse.getPersonalAttributeList(),
 																		  oaParam.getFriendlyName(), 
 																		  targetType, null, 
-																		  oaParam.getMandateProfiles());
+																		  oaParam.getMandateProfiles(), citizenSignature);
 			} catch (STORKException e) {
 				// this is really nasty but we work against the system here. We are supposed to get the gender attribute from
 				// stork. If we do not, we cannot register the person in the ERnP - we have to have the
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
index bf2df9d7a..e2f6e50b1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
@@ -215,7 +215,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 				personalAttributeList.add(signedDocAttribute);
 				
 				String authnContextClassRef = moaSession.getAuthnContextClassRef();
-				SZRGInsertion(moaSession, personalAttributeList, authnContextClassRef);
+				SZRGInsertion(moaSession, personalAttributeList, authnContextClassRef, citizenSignature);
 			} catch (STORKException e) {
 				// this is really nasty but we work against the system here. We are supposed to get the gender attribute from
 				// stork. If we do not, we cannot register the person in the ERnP - we have to have the
@@ -487,7 +487,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 			}
 
 			try{
-				SZRGInsertion(moaSession, authnResponse.getPersonalAttributeList(), authnResponse.getAssertions().get(0).getAuthnStatements().get(0).getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef());
+				SZRGInsertion(moaSession, authnResponse.getPersonalAttributeList(), authnResponse.getAssertions().get(0).getAuthnStatements().get(0).getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef(),citizenSignature);
 			} catch (STORKException e) {
 				// this is really nasty but we work against the system here. We are supposed to get the gender attribute from
 				// stork. If we do not, we cannot register the person in the ERnP - we have to have the
@@ -633,7 +633,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 		return null;
 	}
 
-	private void SZRGInsertion(AuthenticationSession moaSession, IPersonalAttributeList personalAttributeList, String authnContextClassRef) throws STORKException, MOAIDException
+	private void SZRGInsertion(AuthenticationSession moaSession, IPersonalAttributeList personalAttributeList, String authnContextClassRef, String citizenSignature) throws STORKException, MOAIDException
 	{
 		Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)");
 		Logger.debug("Citizen signature will be verified by SZR Gateway!");
@@ -666,7 +666,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 		identityLink = STORKResponseProcessor.connectToSZRGateway(personalAttributeList,
 				oaParam.getFriendlyName(), 
 				targetType, null, 
-				oaParam.getMandateProfiles());
+				oaParam.getMandateProfiles(),citizenSignature);
 		Logger.debug("SZR communication was successfull");
 
 		if (identityLink == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
index 5d7eefe0a..7113dcf70 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
@@ -124,11 +124,12 @@ public class STORKResponseProcessor {
 	 * @param targetType the target type
 	 * @param targetValue the target value
 	 * @param filters the filters
+	 * @param citizenSignature2 
 	 * @return Identity Link
 	 * @throws STORKException the sTORK exception
 	 * @throws MOAIDException 
 	 */
-	public static IdentityLink connectToSZRGateway(IPersonalAttributeList attributeList, String oaFriendlyName, String targetType, String targetValue, List<String> filters) throws STORKException, MOAIDException {
+	public static IdentityLink connectToSZRGateway(IPersonalAttributeList attributeList, String oaFriendlyName, String targetType, String targetValue, List<String> filters, String citizenSignature) throws STORKException, MOAIDException {
 		Logger.trace("Calling SZR Gateway with the following attributes:");
 
 		CreateIdentityLinkResponse identityLinkResponse = null;
@@ -137,12 +138,15 @@ public class STORKResponseProcessor {
 			Logger.trace("Starting call...");
 
 			// if there is no signedDoc attribute, we cannot go on
-			String signResponseString = getAttributeValue("signedDoc", attributeList);
-			
-			//Extract signature from SIgnResponse
-			Source response1 = new StreamSource(new java.io.StringReader(signResponseString));
-			SignResponse dssSignResponse = ApiUtils.unmarshal(response1, SignResponse.class);
-			String citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse);
+			if(citizenSignature==null || citizenSignature.length()==0)
+			{
+				String signResponseString = getAttributeValue("signedDoc", attributeList);
+				
+				//Extract signature from SIgnResponse
+				Source response1 = new StreamSource(new java.io.StringReader(signResponseString));
+				SignResponse dssSignResponse = ApiUtils.unmarshal(response1, SignResponse.class);
+				citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse);
+			}
 			
 			String fiscalNumber = getAttributeValue("fiscalNumber", attributeList, false);
 			
-- 
cgit v1.2.3


From 640ed79e8f7596d14fad4770f7483f39f614c371 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 8 Jul 2014 15:36:04 +0200
Subject: add default configuration

---
 .../transforms/TransformsInfoAuthBlockTable_DE.xml | 161 +++++++++++++++++++++
 .../transforms/TransformsInfoAuthBlockTable_EN.xml | 161 +++++++++++++++++++++
 .../C2556DADDF68A9EEF7F5C14A24CA33BCA930B201       | Bin 0 -> 1385 bytes
 .../E1201A308CC10323C27D9084B048996E44B8F710       | Bin 0 -> 806 bytes
 .../D44EED7580C7792242D73E267A89C7DB25E4BD08       | Bin 0 -> 1314 bytes
 .../7E691392F741B7E4B4AA9A76D75851BDE18BE5A7       | Bin 0 -> 864 bytes
 .../9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726       | Bin 0 -> 1383 bytes
 .../08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9       | Bin 0 -> 991 bytes
 .../0F843FB1E0C626540BE638B79A2987E2611CE630       | Bin 0 -> 1018 bytes
 .../69F21C82DC9A7A940ACEC414593E59C9E61E522F       | Bin 0 -> 990 bytes
 .../FC72939DC06EDDF8C51549ECF00AC92BF2B39F35       | Bin 0 -> 1087 bytes
 .../341F53B3B17518213B1856BFAB3CEFBE948AFC0D       | Bin 0 -> 1070 bytes
 .../3A24040C01D5C9A4980575BFF99A25E534A056CB       | Bin 0 -> 1070 bytes
 .../FB356CEF4406D1F135E3FC59026B338D3F518F9A       | Bin 0 -> 886 bytes
 .../BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330       | Bin 0 -> 995 bytes
 .../E7340D1FB627D8917A9C0D23F21515C441BF1214       | Bin 0 -> 1292 bytes
 .../2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D       | Bin 0 -> 820 bytes
 .../386C1663C6390BC288DC171522439210AF361958       | Bin 0 -> 1000 bytes
 .../9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2       | Bin 0 -> 1151 bytes
 .../49969819654C230ECDF779ABB9629A211FCC43D6       | Bin 0 -> 1353 bytes
 .../D0AF386E182F00983637F97C0A5F4708F9F641A7       | Bin 0 -> 1157 bytes
 .../6814C7316CEA7191C9CB3BE58199B4A957210D9C       | Bin 0 -> 704 bytes
 .../5F06F65C714047E3B282AEC427C35AB703E49D8E       | Bin 0 -> 1169 bytes
 .../D45360060761812D33DE294EAC1573F6DE12A208       | Bin 0 -> 1169 bytes
 .../C529469053D9F95810A8F7F2DB9A6596A7655732       | Bin 0 -> 913 bytes
 .../D3C063F219ED073E34AD5D750B327629FFD59AF2       | Bin 0 -> 979 bytes
 .../1C43C0BA36CC8DE659180B2FAC9A6F54430D5941       | Bin 0 -> 991 bytes
 .../AC36A78C66FEC87CC0FD2C32B49214C65676E0C5       | Bin 0 -> 919 bytes
 .../C92238A7178A6C61F8BACA22D6CF7E50772BA9F0       | Bin 0 -> 1018 bytes
 .../DFAE695342AC81A521025904406884399822B233       | Bin 0 -> 987 bytes
 .../12B06E039F1A36D8238AFC508009E1ADF88BF66F       | Bin 0 -> 1253 bytes
 .../0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38       | Bin 0 -> 704 bytes
 .../D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D       | Bin 0 -> 914 bytes
 .../88D6151358A5E3C81D7AE1A536121DC03011BC03       | Bin 0 -> 1205 bytes
 .../35A40EF932B1F23980E2C672FC939E91EEBD0317       | Bin 0 -> 1262 bytes
 .../B1D0BC027906A3B7E7518C93ACB26D978233ED27       | Bin 0 -> 1171 bytes
 .../75F792DE2CF544007F470F1B924961C2BD2EF517       | Bin 0 -> 802 bytes
 .../08BBE8E906397158FA4BF4058BBBDB5EA11BAE82       | Bin 0 -> 979 bytes
 .../66AB66128A44574873E54E6584E450C4EB3B9A1E       | Bin 0 -> 1170 bytes
 .../65698A39E03FF00FD552D4AD99FB290C2B9D4BEA       | Bin 0 -> 1018 bytes
 .../04CF0318BA0B54DD76E1DE143445210BDD32E299       | Bin 0 -> 865 bytes
 .../0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F       | Bin 0 -> 861 bytes
 .../51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE       | Bin 0 -> 865 bytes
 .../9E0512DD61DA5949D1D8631C3F19D75F496C3733       | Bin 0 -> 864 bytes
 .../E6E6FC88719177C9B7421825757C5E47BCAC85F6       | Bin 0 -> 860 bytes
 .../C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E       | Bin 0 -> 1298 bytes
 .../A2F138CD16AD04BC3F145E3780BFA169BFDA263B       | Bin 0 -> 1505 bytes
 .../C5AC86EC5B771BEBDF8B6E040F109A1186E229B9       | Bin 0 -> 1234 bytes
 .../23E594945195F2414803B4D564D2A3A3F5D88B8C       | Bin 0 -> 791 bytes
 .../6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A       | Bin 0 -> 1256 bytes
 .../65EF37033859C2F709A64086D3A5BD1B8F1A85A4       | Bin 0 -> 1045 bytes
 .../07298E24461954E4696D2ED9FFB7D52B57F325B3       | Bin 0 -> 1279 bytes
 .../B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15       | Bin 0 -> 1273 bytes
 .../3A77E9B577661D99F9BBA5A352B29C7FF58A3D26       | Bin 0 -> 914 bytes
 .../84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E       | Bin 0 -> 1747 bytes
 .../9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA       | Bin 0 -> 1391 bytes
 .../C23FC1895966021249B35412C0C8C56D107732DE       | Bin 0 -> 1563 bytes
 .../51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4       | Bin 0 -> 1130 bytes
 .../F5F2456D79490C268569970E900C68FD1C7DC8E5       | Bin 0 -> 1264 bytes
 .../B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F       | Bin 0 -> 1188 bytes
 .../620127A8E5886A4805403977C3EF7D5EAF881526       | Bin 0 -> 870 bytes
 .../FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830       | Bin 0 -> 1141 bytes
 .../4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9       | Bin 0 -> 984 bytes
 .../6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B       | Bin 0 -> 1159 bytes
 .../341EA32E448659125A67DD04177FD17468FCFCB1       | Bin 0 -> 1366 bytes
 .../069519EC949AC6B91D4C33A3F3665441F0220D20       | Bin 0 -> 1313 bytes
 .../2F5EBA5055E9F7444852ADCEEB769E5DE157A03D       | Bin 0 -> 1352 bytes
 .../334710B9169BCD20687A6302EEB16AEB97F288CD       | Bin 0 -> 825 bytes
 .../D031945D982820B92FADBC7F71F6D1D9DFFDA2C9       | Bin 0 -> 1213 bytes
 .../CA80A13D41116E24CB1479E970CDC1C030C5907C       | Bin 0 -> 1272 bytes
 .../7A2CFA69FCA284D4627012A7A55662594C803B2A       | Bin 0 -> 901 bytes
 .../ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B       | Bin 0 -> 901 bytes
 .../53CB69CF933C2D28FB9DF91F2852A99EC3352EA0       | Bin 0 -> 1546 bytes
 .../00845B74CA13FE0A9056E6C0B5126FECF73B0D8C       | Bin 0 -> 740 bytes
 .../474BC41135FB88BF58B5A8D976A1D5583378D85E       | Bin 0 -> 1133 bytes
 .../6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01       | Bin 0 -> 1171 bytes
 .../FDC348410699803DE7D8276813BC2232EA99A878       | Bin 0 -> 835 bytes
 .../BF648929E7DAABD8D97B3202F48D6C4A19C78F6C       | Bin 0 -> 990 bytes
 .../FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22       | Bin 0 -> 1147 bytes
 .../6DCD5118D1542E6C205C580775C5420B7509506B       | Bin 0 -> 1076 bytes
 .../3B8484BF1370941BF03F206B5C4958DA4E1559BB       | Bin 0 -> 1065 bytes
 .../6DD653FB8FE2614249924274043E834664EBE980       | Bin 0 -> 1065 bytes
 .../C0EF3E7A54B4C501295F77974B1995E36B25C92B       | Bin 0 -> 1066 bytes
 .../D29172D3F501A2D7A47F702633044F519A3A5F0B       | Bin 0 -> 1066 bytes
 .../842B3870A64001CDD90978D0E554DAF94D9ABDFE       | Bin 0 -> 947 bytes
 .../679A4F81FC705DDEC419778DD2EBD875F4C242C6       | Bin 0 -> 975 bytes
 .../82096E6D9B1248321625323D52858642CB0B748E       | Bin 0 -> 975 bytes
 .../53A6B611F8CEE0315BCCE5D59898931ED390E400       | Bin 0 -> 761 bytes
 .../A149EE01A250491C07D5A279D3B58A646288DA22       | Bin 0 -> 1185 bytes
 .../AD8ECBB67B9DC59406F92A296A38192297A4F169       | Bin 0 -> 1191 bytes
 .../45B43346251FDF9E95DCB7F36928785D46D63913       | Bin 0 -> 1136 bytes
 .../E33619C88426E4FE956041E6751ADDEC9C10F0BC       | Bin 0 -> 1136 bytes
 .../35202B14F69409EAA51CD8AB547AC0CD5E993F3F       | Bin 0 -> 1053 bytes
 .../41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA       | Bin 0 -> 1165 bytes
 .../79B21E2743A879AFF5403ECEA09EAC2084EF4799       | Bin 0 -> 1014 bytes
 .../3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6       | Bin 0 -> 1030 bytes
 .../9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B       | Bin 0 -> 932 bytes
 .../A562C4B99E2847251CB4A1F05DA1FF43E7296F0B       | Bin 0 -> 999 bytes
 .../9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C       | Bin 0 -> 997 bytes
 .../9F0E0FBB25F66FF88C8E033EFF358923C84A2926       | Bin 0 -> 930 bytes
 .../C87D1855227D995C332C4C9072A2E2053F2CC623       | Bin 0 -> 1028 bytes
 .../42AD1897A4643D2AA634D980F16349E6694F3B1B       | Bin 0 -> 1237 bytes
 .../FE7891B6ED7B178F528A28B21478299F865889BD       | Bin 0 -> 1333 bytes
 .../3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B       | Bin 0 -> 1201 bytes
 .../8784ED81F5A22779EB0B081945FD151992557FBE       | Bin 0 -> 1159 bytes
 .../88583DB03975127CB488CA7DDE303A1646CEA97B       | Bin 0 -> 1159 bytes
 .../0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8       | Bin 0 -> 1058 bytes
 .../20CAECDCA766243AAD6FA1327618FC81BA65DC0F       | Bin 0 -> 1057 bytes
 .../96D5D179016A5A6546973BA63733617EE1F1540D       | Bin 0 -> 1058 bytes
 .../CF236CF66379EA506F967D21F0E25E87529D9687       | Bin 0 -> 1058 bytes
 .../FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76       | Bin 0 -> 1057 bytes
 .../266FCA0265A576548425BDAE15448665EE8BB889       | Bin 0 -> 1076 bytes
 .../D4D1370FD1D9EAA46412008FF3E59E114BCF724A       | Bin 0 -> 1111 bytes
 .../DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A       | Bin 0 -> 1110 bytes
 .../E619D25B380B7B13FDA33E8A58CD82D8A88E0515       | Bin 0 -> 1111 bytes
 .../F825578F8F5484DFB40F81867C392D6CB0012B92       | Bin 0 -> 1110 bytes
 .../A9D28607928FA8615E2615CC9D71B535C5D0D419       | Bin 0 -> 734 bytes
 .../4D523730501ADB80A76B0B473A4D21C7D86F8374       | Bin 0 -> 1167 bytes
 .../7AC3EFA52DE27A930EC8754DB5E061476948E914       | Bin 0 -> 1028 bytes
 .../8944AF64790FA467C02424CB22523A068C3B72DB       | Bin 0 -> 1073 bytes
 .../36B41A8B411985ED1032DBD85A154207164A9B85       | Bin 0 -> 1069 bytes
 .../AA94FD422AEB8F5B6E8508314CE0DC68BCD53305       | Bin 0 -> 1339 bytes
 .../07A6DEED70213CCF598F278789680DA4C04A0331       | Bin 0 -> 1266 bytes
 .../A5A00B223EF24AED92D03F652CFE367CA9D1B200       | Bin 0 -> 958 bytes
 .../BD78039E45BA4E4B13ADECC58124520ACE83B6A7       | Bin 0 -> 1614 bytes
 .../7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2       | Bin 0 -> 920 bytes
 .../D1474E7D99512D05B98DD37B3FE86496A03D088D       | Bin 0 -> 922 bytes
 .../9766A5ED03482991DA91BB763ECDCD9417394100       | Bin 0 -> 1169 bytes
 .../BB97947C31BBF3364A2909F9876DBD3B87B5B62A       | Bin 0 -> 1169 bytes
 .../60B7181FD8BCA00B84961BF31DB08C50376CCF44       | Bin 0 -> 1068 bytes
 .../74801529B4E8E5764FFC4D8E6577E1F84E8101CE       | Bin 0 -> 1067 bytes
 .../7B7B60B748C82B34EE71A3CEA729C477083F0BDA       | Bin 0 -> 1068 bytes
 .../EBB80BE34C78814AE659BBA3A2394E4D9857123D       | Bin 0 -> 1068 bytes
 .../7BE0C8E441786C69A3CB35BDBEF235F8B5310E04       | Bin 0 -> 700 bytes
 .../42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA       | Bin 0 -> 975 bytes
 .../51C01567BCB22968EF5A297B7EA84E195594E0E8       | Bin 0 -> 975 bytes
 .../DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE       | Bin 0 -> 823 bytes
 .../844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA       | Bin 0 -> 1159 bytes
 .../B38C775A18C1195D01658D75FBDA3258B6DF018B       | Bin 0 -> 1159 bytes
 .../6955D95F6B0799F7D96F4FC28E6E6C64758C1240       | Bin 0 -> 1224 bytes
 .../F96FE4F59166EFA9000B21A16EF22CF14468890C       | Bin 0 -> 944 bytes
 .../7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E       | Bin 0 -> 1159 bytes
 .../A79681CBDD69EC741214136F128923A574E26F03       | Bin 0 -> 1159 bytes
 .../C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED       | Bin 0 -> 406 bytes
 .../7666A8BD2C2513DE489C06D08D566F177ECE84AA       | Bin 0 -> 1260 bytes
 .../02A0E6456442E35198532ACFFB6FEE3B606D9FA3       | Bin 0 -> 1366 bytes
 .../7D60E314AA6AEF548A614A9354C5068192051A29       | Bin 0 -> 2278 bytes
 .../C6658C25AFB8A9D738F2BC591775D167549FFD3A       | Bin 0 -> 1264 bytes
 .../8AB0A3519AFA7F3C04074522678BAA1CB3DC734F       | Bin 0 -> 930 bytes
 .../DF47B3040E7632614464BD2EC4ECD1B8030F53E3       | Bin 0 -> 933 bytes
 .../E117479B4A41D7F3223FCAE50560B0D57B22217D       | Bin 0 -> 997 bytes
 .../07976A2A16EC182670161B46886B05E1FEAC16B1       | Bin 0 -> 1209 bytes
 .../52ED0FAFBD38A868C678174D7EB03D266ADB221C       | Bin 0 -> 994 bytes
 .../8BA5C0847597612C7E16970EAE55EF58D32E9CF3       | Bin 0 -> 1202 bytes
 .../18585FC53A283488E4BA84867980E9B1F2B28ADA       | Bin 0 -> 1313 bytes
 .../27337257493B86B9BFF78D569F938D692A430EAE       | Bin 0 -> 1218 bytes
 .../4832F0A28C3724A92F6CB3314F747D0E74FC7344       | Bin 0 -> 1217 bytes
 .../6352302A5072DBFB769D4FF4C70C86432C4C1683       | Bin 0 -> 1218 bytes
 .../EE886B907E31667D622677F665F25C54AF9A7F65       | Bin 0 -> 1218 bytes
 .../698563ECEE29232C5304487D972310F86650C3A6       | Bin 0 -> 1185 bytes
 .../B4B77C83465979E3679E3A33F972F48EE3730A18       | Bin 0 -> 924 bytes
 .../3AAD23B00CA10E54E6368DF7952E3F4B5108B65C       | Bin 0 -> 606 bytes
 .../14E59C02A6877B0EBD2C4203886BA25959C1D267       | Bin 0 -> 1020 bytes
 .../ED5608CE67EA5CB79AC024CEA7445F9BCBE48703       | Bin 0 -> 1067 bytes
 .../F3AE9FEA4DECEE5330770A2520BD86909929E7BE       | Bin 0 -> 758 bytes
 .../16D8270DE51B034E77B7CDAF1DEE623916243DDC       | Bin 0 -> 1068 bytes
 .../3D3F25C5CD9F932037D91B7D102EDB58EC7C8239       | Bin 0 -> 1068 bytes
 .../40B51EEF4E709FBD47935DDD83A1F640D0CC378A       | Bin 0 -> 1067 bytes
 .../D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537       | Bin 0 -> 1068 bytes
 .../CAF84A42305615AC2C582F6412BDA3E36DAC3D25       | Bin 0 -> 786 bytes
 .../D7EDAF7381F7FC93B4C28FA372190D7A59CFA696       | Bin 0 -> 660 bytes
 .../EC988340526163D5B7AC80481B2AC76828EDDC6C       | Bin 0 -> 1157 bytes
 .../C2556DADDF68A9EEF7F5C14A24CA33BCA930B201       | Bin 0 -> 1385 bytes
 .../E1201A308CC10323C27D9084B048996E44B8F710       | Bin 0 -> 806 bytes
 .../D44EED7580C7792242D73E267A89C7DB25E4BD08       | Bin 0 -> 1314 bytes
 .../7E691392F741B7E4B4AA9A76D75851BDE18BE5A7       | Bin 0 -> 864 bytes
 .../9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726       | Bin 0 -> 1383 bytes
 .../08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9       | Bin 0 -> 991 bytes
 .../0F843FB1E0C626540BE638B79A2987E2611CE630       | Bin 0 -> 1018 bytes
 .../69F21C82DC9A7A940ACEC414593E59C9E61E522F       | Bin 0 -> 990 bytes
 .../FC72939DC06EDDF8C51549ECF00AC92BF2B39F35       | Bin 0 -> 1087 bytes
 .../341F53B3B17518213B1856BFAB3CEFBE948AFC0D       | Bin 0 -> 1070 bytes
 .../3A24040C01D5C9A4980575BFF99A25E534A056CB       | Bin 0 -> 1070 bytes
 .../FB356CEF4406D1F135E3FC59026B338D3F518F9A       | Bin 0 -> 886 bytes
 .../BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330       | Bin 0 -> 995 bytes
 .../E7340D1FB627D8917A9C0D23F21515C441BF1214       | Bin 0 -> 1292 bytes
 .../2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D       | Bin 0 -> 820 bytes
 .../386C1663C6390BC288DC171522439210AF361958       | Bin 0 -> 1000 bytes
 .../9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2       | Bin 0 -> 1151 bytes
 .../49969819654C230ECDF779ABB9629A211FCC43D6       | Bin 0 -> 1353 bytes
 .../D0AF386E182F00983637F97C0A5F4708F9F641A7       | Bin 0 -> 1157 bytes
 .../6814C7316CEA7191C9CB3BE58199B4A957210D9C       | Bin 0 -> 704 bytes
 .../5F06F65C714047E3B282AEC427C35AB703E49D8E       | Bin 0 -> 1169 bytes
 .../D45360060761812D33DE294EAC1573F6DE12A208       | Bin 0 -> 1169 bytes
 .../C529469053D9F95810A8F7F2DB9A6596A7655732       | Bin 0 -> 913 bytes
 .../D3C063F219ED073E34AD5D750B327629FFD59AF2       | Bin 0 -> 979 bytes
 .../1C43C0BA36CC8DE659180B2FAC9A6F54430D5941       | Bin 0 -> 991 bytes
 .../AC36A78C66FEC87CC0FD2C32B49214C65676E0C5       | Bin 0 -> 919 bytes
 .../C92238A7178A6C61F8BACA22D6CF7E50772BA9F0       | Bin 0 -> 1018 bytes
 .../DFAE695342AC81A521025904406884399822B233       | Bin 0 -> 987 bytes
 .../12B06E039F1A36D8238AFC508009E1ADF88BF66F       | Bin 0 -> 1253 bytes
 .../0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38       | Bin 0 -> 704 bytes
 .../D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D       | Bin 0 -> 914 bytes
 .../88D6151358A5E3C81D7AE1A536121DC03011BC03       | Bin 0 -> 1205 bytes
 .../35A40EF932B1F23980E2C672FC939E91EEBD0317       | Bin 0 -> 1262 bytes
 .../B1D0BC027906A3B7E7518C93ACB26D978233ED27       | Bin 0 -> 1171 bytes
 .../75F792DE2CF544007F470F1B924961C2BD2EF517       | Bin 0 -> 802 bytes
 .../08BBE8E906397158FA4BF4058BBBDB5EA11BAE82       | Bin 0 -> 979 bytes
 .../66AB66128A44574873E54E6584E450C4EB3B9A1E       | Bin 0 -> 1170 bytes
 .../65698A39E03FF00FD552D4AD99FB290C2B9D4BEA       | Bin 0 -> 1018 bytes
 .../04CF0318BA0B54DD76E1DE143445210BDD32E299       | Bin 0 -> 865 bytes
 .../0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F       | Bin 0 -> 861 bytes
 .../51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE       | Bin 0 -> 865 bytes
 .../9E0512DD61DA5949D1D8631C3F19D75F496C3733       | Bin 0 -> 864 bytes
 .../E6E6FC88719177C9B7421825757C5E47BCAC85F6       | Bin 0 -> 860 bytes
 .../C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E       | Bin 0 -> 1298 bytes
 .../A2F138CD16AD04BC3F145E3780BFA169BFDA263B       | Bin 0 -> 1505 bytes
 .../C5AC86EC5B771BEBDF8B6E040F109A1186E229B9       | Bin 0 -> 1234 bytes
 .../23E594945195F2414803B4D564D2A3A3F5D88B8C       | Bin 0 -> 791 bytes
 .../6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A       | Bin 0 -> 1256 bytes
 .../65EF37033859C2F709A64086D3A5BD1B8F1A85A4       | Bin 0 -> 1045 bytes
 .../07298E24461954E4696D2ED9FFB7D52B57F325B3       | Bin 0 -> 1279 bytes
 .../B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15       | Bin 0 -> 1273 bytes
 .../3A77E9B577661D99F9BBA5A352B29C7FF58A3D26       | Bin 0 -> 914 bytes
 .../84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E       | Bin 0 -> 1747 bytes
 .../9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA       | Bin 0 -> 1391 bytes
 .../C23FC1895966021249B35412C0C8C56D107732DE       | Bin 0 -> 1563 bytes
 .../51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4       | Bin 0 -> 1130 bytes
 .../F5F2456D79490C268569970E900C68FD1C7DC8E5       | Bin 0 -> 1264 bytes
 .../B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F       | Bin 0 -> 1188 bytes
 .../620127A8E5886A4805403977C3EF7D5EAF881526       | Bin 0 -> 870 bytes
 .../FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830       | Bin 0 -> 1141 bytes
 .../4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9       | Bin 0 -> 984 bytes
 .../6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B       | Bin 0 -> 1159 bytes
 .../341EA32E448659125A67DD04177FD17468FCFCB1       | Bin 0 -> 1366 bytes
 .../069519EC949AC6B91D4C33A3F3665441F0220D20       | Bin 0 -> 1313 bytes
 .../2F5EBA5055E9F7444852ADCEEB769E5DE157A03D       | Bin 0 -> 1352 bytes
 .../334710B9169BCD20687A6302EEB16AEB97F288CD       | Bin 0 -> 825 bytes
 .../D031945D982820B92FADBC7F71F6D1D9DFFDA2C9       | Bin 0 -> 1213 bytes
 .../CA80A13D41116E24CB1479E970CDC1C030C5907C       | Bin 0 -> 1272 bytes
 .../7A2CFA69FCA284D4627012A7A55662594C803B2A       | Bin 0 -> 901 bytes
 .../ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B       | Bin 0 -> 901 bytes
 .../53CB69CF933C2D28FB9DF91F2852A99EC3352EA0       | Bin 0 -> 1546 bytes
 .../00845B74CA13FE0A9056E6C0B5126FECF73B0D8C       | Bin 0 -> 740 bytes
 .../474BC41135FB88BF58B5A8D976A1D5583378D85E       | Bin 0 -> 1133 bytes
 .../6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01       | Bin 0 -> 1171 bytes
 .../FDC348410699803DE7D8276813BC2232EA99A878       | Bin 0 -> 835 bytes
 .../BF648929E7DAABD8D97B3202F48D6C4A19C78F6C       | Bin 0 -> 990 bytes
 .../FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22       | Bin 0 -> 1147 bytes
 .../6DCD5118D1542E6C205C580775C5420B7509506B       | Bin 0 -> 1076 bytes
 .../3B8484BF1370941BF03F206B5C4958DA4E1559BB       | Bin 0 -> 1065 bytes
 .../6DD653FB8FE2614249924274043E834664EBE980       | Bin 0 -> 1065 bytes
 .../C0EF3E7A54B4C501295F77974B1995E36B25C92B       | Bin 0 -> 1066 bytes
 .../D29172D3F501A2D7A47F702633044F519A3A5F0B       | Bin 0 -> 1066 bytes
 .../842B3870A64001CDD90978D0E554DAF94D9ABDFE       | Bin 0 -> 947 bytes
 .../679A4F81FC705DDEC419778DD2EBD875F4C242C6       | Bin 0 -> 975 bytes
 .../82096E6D9B1248321625323D52858642CB0B748E       | Bin 0 -> 975 bytes
 .../53A6B611F8CEE0315BCCE5D59898931ED390E400       | Bin 0 -> 761 bytes
 .../A149EE01A250491C07D5A279D3B58A646288DA22       | Bin 0 -> 1185 bytes
 .../AD8ECBB67B9DC59406F92A296A38192297A4F169       | Bin 0 -> 1191 bytes
 .../45B43346251FDF9E95DCB7F36928785D46D63913       | Bin 0 -> 1136 bytes
 .../E33619C88426E4FE956041E6751ADDEC9C10F0BC       | Bin 0 -> 1136 bytes
 .../35202B14F69409EAA51CD8AB547AC0CD5E993F3F       | Bin 0 -> 1053 bytes
 .../41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA       | Bin 0 -> 1165 bytes
 .../79B21E2743A879AFF5403ECEA09EAC2084EF4799       | Bin 0 -> 1014 bytes
 .../3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6       | Bin 0 -> 1030 bytes
 .../9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B       | Bin 0 -> 932 bytes
 .../A562C4B99E2847251CB4A1F05DA1FF43E7296F0B       | Bin 0 -> 999 bytes
 .../9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C       | Bin 0 -> 997 bytes
 .../9F0E0FBB25F66FF88C8E033EFF358923C84A2926       | Bin 0 -> 930 bytes
 .../C87D1855227D995C332C4C9072A2E2053F2CC623       | Bin 0 -> 1028 bytes
 .../42AD1897A4643D2AA634D980F16349E6694F3B1B       | Bin 0 -> 1237 bytes
 .../FE7891B6ED7B178F528A28B21478299F865889BD       | Bin 0 -> 1333 bytes
 .../3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B       | Bin 0 -> 1201 bytes
 .../8784ED81F5A22779EB0B081945FD151992557FBE       | Bin 0 -> 1159 bytes
 .../88583DB03975127CB488CA7DDE303A1646CEA97B       | Bin 0 -> 1159 bytes
 .../0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8       | Bin 0 -> 1058 bytes
 .../20CAECDCA766243AAD6FA1327618FC81BA65DC0F       | Bin 0 -> 1057 bytes
 .../96D5D179016A5A6546973BA63733617EE1F1540D       | Bin 0 -> 1058 bytes
 .../CF236CF66379EA506F967D21F0E25E87529D9687       | Bin 0 -> 1058 bytes
 .../FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76       | Bin 0 -> 1057 bytes
 .../266FCA0265A576548425BDAE15448665EE8BB889       | Bin 0 -> 1076 bytes
 .../D4D1370FD1D9EAA46412008FF3E59E114BCF724A       | Bin 0 -> 1111 bytes
 .../DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A       | Bin 0 -> 1110 bytes
 .../E619D25B380B7B13FDA33E8A58CD82D8A88E0515       | Bin 0 -> 1111 bytes
 .../F825578F8F5484DFB40F81867C392D6CB0012B92       | Bin 0 -> 1110 bytes
 .../A9D28607928FA8615E2615CC9D71B535C5D0D419       | Bin 0 -> 734 bytes
 .../4D523730501ADB80A76B0B473A4D21C7D86F8374       | Bin 0 -> 1167 bytes
 .../7AC3EFA52DE27A930EC8754DB5E061476948E914       | Bin 0 -> 1028 bytes
 .../8944AF64790FA467C02424CB22523A068C3B72DB       | Bin 0 -> 1073 bytes
 .../36B41A8B411985ED1032DBD85A154207164A9B85       | Bin 0 -> 1069 bytes
 .../AA94FD422AEB8F5B6E8508314CE0DC68BCD53305       | Bin 0 -> 1339 bytes
 .../07A6DEED70213CCF598F278789680DA4C04A0331       | Bin 0 -> 1266 bytes
 .../A5A00B223EF24AED92D03F652CFE367CA9D1B200       | Bin 0 -> 958 bytes
 .../BD78039E45BA4E4B13ADECC58124520ACE83B6A7       | Bin 0 -> 1614 bytes
 .../7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2       | Bin 0 -> 920 bytes
 .../D1474E7D99512D05B98DD37B3FE86496A03D088D       | Bin 0 -> 922 bytes
 .../9766A5ED03482991DA91BB763ECDCD9417394100       | Bin 0 -> 1169 bytes
 .../BB97947C31BBF3364A2909F9876DBD3B87B5B62A       | Bin 0 -> 1169 bytes
 .../60B7181FD8BCA00B84961BF31DB08C50376CCF44       | Bin 0 -> 1068 bytes
 .../74801529B4E8E5764FFC4D8E6577E1F84E8101CE       | Bin 0 -> 1067 bytes
 .../7B7B60B748C82B34EE71A3CEA729C477083F0BDA       | Bin 0 -> 1068 bytes
 .../EBB80BE34C78814AE659BBA3A2394E4D9857123D       | Bin 0 -> 1068 bytes
 .../7BE0C8E441786C69A3CB35BDBEF235F8B5310E04       | Bin 0 -> 700 bytes
 .../42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA       | Bin 0 -> 975 bytes
 .../51C01567BCB22968EF5A297B7EA84E195594E0E8       | Bin 0 -> 975 bytes
 .../DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE       | Bin 0 -> 823 bytes
 .../844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA       | Bin 0 -> 1159 bytes
 .../B38C775A18C1195D01658D75FBDA3258B6DF018B       | Bin 0 -> 1159 bytes
 .../6955D95F6B0799F7D96F4FC28E6E6C64758C1240       | Bin 0 -> 1224 bytes
 .../F96FE4F59166EFA9000B21A16EF22CF14468890C       | Bin 0 -> 944 bytes
 .../7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E       | Bin 0 -> 1159 bytes
 .../A79681CBDD69EC741214136F128923A574E26F03       | Bin 0 -> 1159 bytes
 .../C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED       | Bin 0 -> 406 bytes
 .../7666A8BD2C2513DE489C06D08D566F177ECE84AA       | Bin 0 -> 1260 bytes
 .../02A0E6456442E35198532ACFFB6FEE3B606D9FA3       | Bin 0 -> 1366 bytes
 .../7D60E314AA6AEF548A614A9354C5068192051A29       | Bin 0 -> 2278 bytes
 .../C6658C25AFB8A9D738F2BC591775D167549FFD3A       | Bin 0 -> 1264 bytes
 .../8AB0A3519AFA7F3C04074522678BAA1CB3DC734F       | Bin 0 -> 930 bytes
 .../DF47B3040E7632614464BD2EC4ECD1B8030F53E3       | Bin 0 -> 933 bytes
 .../E117479B4A41D7F3223FCAE50560B0D57B22217D       | Bin 0 -> 997 bytes
 .../07976A2A16EC182670161B46886B05E1FEAC16B1       | Bin 0 -> 1209 bytes
 .../52ED0FAFBD38A868C678174D7EB03D266ADB221C       | Bin 0 -> 994 bytes
 .../8BA5C0847597612C7E16970EAE55EF58D32E9CF3       | Bin 0 -> 1202 bytes
 .../18585FC53A283488E4BA84867980E9B1F2B28ADA       | Bin 0 -> 1313 bytes
 .../27337257493B86B9BFF78D569F938D692A430EAE       | Bin 0 -> 1218 bytes
 .../4832F0A28C3724A92F6CB3314F747D0E74FC7344       | Bin 0 -> 1217 bytes
 .../6352302A5072DBFB769D4FF4C70C86432C4C1683       | Bin 0 -> 1218 bytes
 .../EE886B907E31667D622677F665F25C54AF9A7F65       | Bin 0 -> 1218 bytes
 .../698563ECEE29232C5304487D972310F86650C3A6       | Bin 0 -> 1185 bytes
 .../B4B77C83465979E3679E3A33F972F48EE3730A18       | Bin 0 -> 924 bytes
 .../3AAD23B00CA10E54E6368DF7952E3F4B5108B65C       | Bin 0 -> 606 bytes
 .../14E59C02A6877B0EBD2C4203886BA25959C1D267       | Bin 0 -> 1020 bytes
 .../ED5608CE67EA5CB79AC024CEA7445F9BCBE48703       | Bin 0 -> 1067 bytes
 .../F3AE9FEA4DECEE5330770A2520BD86909929E7BE       | Bin 0 -> 758 bytes
 .../16D8270DE51B034E77B7CDAF1DEE623916243DDC       | Bin 0 -> 1068 bytes
 .../3D3F25C5CD9F932037D91B7D102EDB58EC7C8239       | Bin 0 -> 1068 bytes
 .../40B51EEF4E709FBD47935DDD83A1F640D0CC378A       | Bin 0 -> 1067 bytes
 .../D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537       | Bin 0 -> 1068 bytes
 .../CAF84A42305615AC2C582F6412BDA3E36DAC3D25       | Bin 0 -> 786 bytes
 .../D7EDAF7381F7FC93B4C28FA372190D7A59CFA696       | Bin 0 -> 660 bytes
 .../EC988340526163D5B7AC80481B2AC76828EDDC6C       | Bin 0 -> 1157 bytes
 342 files changed, 322 insertions(+)
 create mode 100644 id/server/data/deploy/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE.xml
 create mode 100644 id/server/data/deploy/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_EN.xml
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696
 create mode 100644 id/server/data/deploy/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696
 create mode 100644 id/server/doc/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C

diff --git a/id/server/data/deploy/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE.xml b/id/server/data/deploy/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE.xml
new file mode 100644
index 000000000..1165d8b32
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE.xml
@@ -0,0 +1,161 @@
+<sl10:TransformsInfo>
+	<dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+		<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+			<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
+				<xsl:output method="xml" xml:space="default"/>
+				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+					<html>
+						<head>
+							<title>Signatur der Anmeldedaten</title>
+							<style type="text/css" media="screen">
+              					.normalstyle { font-size: medium; } 
+              					.italicstyle { font-size: medium; font-style: italic; }
+								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
+								.h4style{ font-size: large; }                                                                                      
+              				</style>
+						</head>
+						<body>
+							<h4 class="h4style">Anmeldedaten:</h4>
+							<p class="titlestyle">Daten zur Person</p>
+							<table class="parameters">
+								<xsl:if test="normalize-space(//@Issuer)">
+									<tr>
+										<td class="italicstyle">Name:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//@Issuer"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
+									<tr>
+										<td class="italicstyle">Geburtsdatum:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
+											<xsl:text>.</xsl:text>
+											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
+											<xsl:text>.</xsl:text>
+											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+									<tr>
+										<td class="italicstyle">Rolle:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+									<tr>
+										<td class="italicstyle">Vollmacht:</td>
+										<td class="normalstyle">
+											<xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text>
+										</td>
+									</tr>
+								</xsl:if>
+							</table>
+							<p class="titlestyle">Daten zur Anwendung</p>
+							<table class="parameters">
+								<tr>
+									<td class="italicstyle">Name:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
+									</td>
+								</tr>
+								<tr>
+									<td class="italicstyle">Staat:</td>
+									<td class="normalstyle">Österreich</td>
+								</tr>
+							</table>
+							<p class="titlestyle">Technische Parameter</p>
+							<table class="parameters">
+								<tr>
+									<td class="italicstyle">URL:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
+									</td>
+								</tr>
+								<xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
+									<tr>
+										<td class="italicstyle">Bereich:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+									<tr>
+										<td class="italicstyle">
+											Vollmachten-Referenz:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
+									<tr>
+										<td class="italicstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
+									<tr>
+										<td class="italicstyle">Identifikator:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+									<tr>
+										<td class="italicstyle">OID:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='HPI']">
+									<tr>
+										<td class="italicstyle">HPI:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<tr>
+									<td class="italicstyle">Datum:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="substring(//@IssueInstant,9,2)"/>
+										<xsl:text>.</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,6,2)"/>
+										<xsl:text>.</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,1,4)"/>
+									</td>
+								</tr>
+								<tr>
+									<td class="italicstyle">Uhrzeit:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="substring(//@IssueInstant,12,2)"/>
+										<xsl:text>:</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,15,2)"/>
+										<xsl:text>:</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
+									</td>
+								</tr>
+							</table>
+						</body>
+					</html>
+				</xsl:template>
+			</xsl:stylesheet>
+		</dsig:Transform>
+		<dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+	</dsig:Transforms>
+	<sl10:FinalDataMetaInfo>
+		<sl10:MimeType>application/xhtml+xml</sl10:MimeType>
+	</sl10:FinalDataMetaInfo>
+</sl10:TransformsInfo>
diff --git a/id/server/data/deploy/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_EN.xml b/id/server/data/deploy/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_EN.xml
new file mode 100644
index 000000000..e220b8f82
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_EN.xml
@@ -0,0 +1,161 @@
+<sl10:TransformsInfo>
+	<dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+		<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+			<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
+				<xsl:output method="xml" xml:space="default"/>
+				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+					<html>
+						<head>
+							<title>Signing the authentication data</title>
+							<style type="text/css" media="screen">
+              					.normalstyle { font-size: medium; } 
+              					.italicstyle { font-size: medium; font-style: italic; }
+								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
+								.h4style{ font-size: large; }                                                                                      
+              				</style>
+						</head>
+						<body>
+							<h4 class="h4style">Authentication Data:</h4>
+							<p class="titlestyle">Personal Data</p>
+							<table class="parameters">
+								<xsl:if test="normalize-space(//@Issuer)">
+									<tr>
+										<td class="italicstyle">Name:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//@Issuer"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
+									<tr>
+										<td class="italicstyle">Date of Birth:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
+											<xsl:text>.</xsl:text>
+											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
+											<xsl:text>.</xsl:text>
+											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+									<tr>
+										<td class="italicstyle">Role:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+									<tr>
+										<td class="italicstyle">Mandate:</td>
+										<td class="normalstyle">
+											<xsl:text>I log in as representative. In the next step a list of available mandates is shown. Here I select one mandate.</xsl:text>
+										</td>
+									</tr>
+								</xsl:if>
+							</table>
+							<p class="titlestyle">Application Data</p>
+							<table class="parameters">
+								<tr>
+									<td class="italicstyle">Name:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
+									</td>
+								</tr>
+								<tr>
+									<td class="italicstyle">Country:</td>
+									<td class="normalstyle">Austria</td>
+								</tr>
+							</table>
+							<p class="titlestyle">Technical Parameters</p>
+							<table class="parameters">
+								<tr>
+									<td class="italicstyle">URL:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
+									</td>
+								</tr>
+								<xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
+									<tr>
+										<td class="italicstyle">Sector:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+									<tr>
+										<td class="italicstyle">
+											Mandate Reference:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
+									<tr>
+										<td class="italicstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
+									<tr>
+										<td class="italicstyle">Identifier:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+									<tr>
+										<td class="italicstyle">OID:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='HPI']">
+									<tr>
+										<td class="italicstyle">HPI:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<tr>
+									<td class="italicstyle">Date:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="substring(//@IssueInstant,9,2)"/>
+										<xsl:text>.</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,6,2)"/>
+										<xsl:text>.</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,1,4)"/>
+									</td>
+								</tr>
+								<tr>
+									<td class="italicstyle">Time:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="substring(//@IssueInstant,12,2)"/>
+										<xsl:text>:</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,15,2)"/>
+										<xsl:text>:</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
+									</td>
+								</tr>
+							</table>
+						</body>
+					</html>
+				</xsl:template>
+			</xsl:stylesheet>
+		</dsig:Transform>
+		<dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+	</dsig:Transforms>
+	<sl10:FinalDataMetaInfo>
+		<sl10:MimeType>application/xhtml+xml</sl10:MimeType>
+	</sl10:FinalDataMetaInfo>
+</sl10:TransformsInfo>
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201 b/id/server/data/deploy/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201
new file mode 100644
index 000000000..592c96230
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710 b/id/server/data/deploy/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710
new file mode 100644
index 000000000..a7948e488
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08 b/id/server/data/deploy/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08
new file mode 100644
index 000000000..73434134e
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7 b/id/server/data/deploy/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7
new file mode 100644
index 000000000..8c434777e
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726 b/id/server/data/deploy/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726
new file mode 100644
index 000000000..3af27c013
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9 b/id/server/data/deploy/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9
new file mode 100644
index 000000000..cac44093a
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630 b/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630
new file mode 100644
index 000000000..29d93550e
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F b/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F
new file mode 100644
index 000000000..2a88295a7
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35 b/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35
new file mode 100644
index 000000000..84a1690d2
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D b/id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D
new file mode 100644
index 000000000..3250c6adc
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB b/id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB
new file mode 100644
index 000000000..3848a2b82
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A b/id/server/data/deploy/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A
new file mode 100644
index 000000000..04c6ea363
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330 b/id/server/data/deploy/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330
new file mode 100644
index 000000000..32893db7f
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214 b/id/server/data/deploy/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214
new file mode 100644
index 000000000..fd23a38d6
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D b/id/server/data/deploy/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D
new file mode 100644
index 000000000..1a3106742
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958 b/id/server/data/deploy/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958
new file mode 100644
index 000000000..a5e651f86
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2 b/id/server/data/deploy/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2
new file mode 100644
index 000000000..28cb48bb0
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6 b/id/server/data/deploy/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6
new file mode 100644
index 000000000..bdfcb7ab1
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7 b/id/server/data/deploy/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7
new file mode 100644
index 000000000..eaac3518b
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C b/id/server/data/deploy/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C
new file mode 100644
index 000000000..4dd2c49bf
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E b/id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E
new file mode 100644
index 000000000..39e377edf
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208 b/id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208
new file mode 100644
index 000000000..0a1fcff85
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732 b/id/server/data/deploy/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732
new file mode 100644
index 000000000..13abede5c
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 b/id/server/data/deploy/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2
new file mode 100644
index 000000000..33e776369
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941 b/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941
new file mode 100644
index 000000000..d2e7db667
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5 b/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5
new file mode 100644
index 000000000..f2f1c6562
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0 b/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0
new file mode 100644
index 000000000..476a3efb2
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233 b/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233
new file mode 100644
index 000000000..5c88b668a
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F b/id/server/data/deploy/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F
new file mode 100644
index 000000000..4d1852203
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38 b/id/server/data/deploy/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38
new file mode 100644
index 000000000..69a8e4872
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D b/id/server/data/deploy/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D
new file mode 100644
index 000000000..807fa786c
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03 b/id/server/data/deploy/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03
new file mode 100644
index 000000000..376d0753f
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317 b/id/server/data/deploy/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317
new file mode 100644
index 000000000..73553b996
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27 b/id/server/data/deploy/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27
new file mode 100644
index 000000000..5171276f4
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517 b/id/server/data/deploy/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517
new file mode 100644
index 000000000..f8a8957ac
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82 b/id/server/data/deploy/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82
new file mode 100644
index 000000000..167c36411
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E b/id/server/data/deploy/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E
new file mode 100644
index 000000000..ed5ba194c
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA b/id/server/data/deploy/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA
new file mode 100644
index 000000000..836ba3767
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299 b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299
new file mode 100644
index 000000000..8d33015f9
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F
new file mode 100644
index 000000000..69de75609
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE
new file mode 100644
index 000000000..efa28178e
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733 b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733
new file mode 100644
index 000000000..289fc2198
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6 b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6
new file mode 100644
index 000000000..b7d4b08a6
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E b/id/server/data/deploy/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E
new file mode 100644
index 000000000..b2beddaa5
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B b/id/server/data/deploy/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B
new file mode 100644
index 000000000..414123ece
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9 b/id/server/data/deploy/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9
new file mode 100644
index 000000000..54893c9d6
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C b/id/server/data/deploy/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C
new file mode 100644
index 000000000..8588ce58a
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A b/id/server/data/deploy/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A
new file mode 100644
index 000000000..141b05ef4
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4 b/id/server/data/deploy/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4
new file mode 100644
index 000000000..6e17b9db5
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3 b/id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3
new file mode 100644
index 000000000..33e1ee94b
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15 b/id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15
new file mode 100644
index 000000000..694e6828b
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26 b/id/server/data/deploy/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26
new file mode 100644
index 000000000..55707d69f
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E b/id/server/data/deploy/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E
new file mode 100644
index 000000000..3be7b6a06
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA b/id/server/data/deploy/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA
new file mode 100644
index 000000000..4e18de8d7
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE b/id/server/data/deploy/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE
new file mode 100644
index 000000000..c4d97cda3
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4 b/id/server/data/deploy/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4
new file mode 100644
index 000000000..9b2ee0fc6
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5 b/id/server/data/deploy/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5
new file mode 100644
index 000000000..b2a1e145f
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F b/id/server/data/deploy/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F
new file mode 100644
index 000000000..5dd9558d0
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526 b/id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526
new file mode 100644
index 000000000..da38ce028
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830 b/id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830
new file mode 100644
index 000000000..7e9fd5b0b
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9 b/id/server/data/deploy/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9
new file mode 100644
index 000000000..640918641
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B b/id/server/data/deploy/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B
new file mode 100644
index 000000000..b15880c29
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1 b/id/server/data/deploy/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1
new file mode 100644
index 000000000..6da18c620
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20 b/id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20
new file mode 100644
index 000000000..8b501d747
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D b/id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D
new file mode 100644
index 000000000..b4b128903
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD b/id/server/data/deploy/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD
new file mode 100644
index 000000000..c19647ad8
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9 b/id/server/data/deploy/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9
new file mode 100644
index 000000000..39f88d881
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C b/id/server/data/deploy/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C
new file mode 100644
index 000000000..277b6083a
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A b/id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A
new file mode 100644
index 000000000..ad13d7b28
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B b/id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B
new file mode 100644
index 000000000..d361d919f
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0 b/id/server/data/deploy/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0
new file mode 100644
index 000000000..89cfe44fd
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C b/id/server/data/deploy/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C
new file mode 100644
index 000000000..cc8b505ec
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E b/id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E
new file mode 100644
index 000000000..c9da41583
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01 b/id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01
new file mode 100644
index 000000000..28fbdf42f
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878 b/id/server/data/deploy/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878
new file mode 100644
index 000000000..424f849a1
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C b/id/server/data/deploy/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C
new file mode 100644
index 000000000..4989f3e73
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 b/id/server/data/deploy/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22
new file mode 100644
index 000000000..a699436ca
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B b/id/server/data/deploy/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B
new file mode 100644
index 000000000..06b40aa67
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB b/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB
new file mode 100644
index 000000000..6f97837a2
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980 b/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980
new file mode 100644
index 000000000..d7799119f
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B b/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B
new file mode 100644
index 000000000..508f7f076
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B b/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B
new file mode 100644
index 000000000..c0feb0d0e
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE b/id/server/data/deploy/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE
new file mode 100644
index 000000000..a0e3fdda1
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6 b/id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6
new file mode 100644
index 000000000..36a442b89
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E b/id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E
new file mode 100644
index 000000000..54f809962
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400 b/id/server/data/deploy/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400
new file mode 100644
index 000000000..6c0216239
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22 b/id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22
new file mode 100644
index 000000000..7c6adedf5
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169 b/id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169
new file mode 100644
index 000000000..70f5b7c91
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913 b/id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913
new file mode 100644
index 000000000..f3cf5e676
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC b/id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC
new file mode 100644
index 000000000..fc5bd433b
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F b/id/server/data/deploy/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F
new file mode 100644
index 000000000..3beb4529a
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA b/id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA
new file mode 100644
index 000000000..8ddc7d79b
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799 b/id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799
new file mode 100644
index 000000000..c9fd41f7f
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6 b/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6
new file mode 100644
index 000000000..781d1e4f2
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B b/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B
new file mode 100644
index 000000000..8286cabbc
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B b/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B
new file mode 100644
index 000000000..a0148f63b
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C b/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C
new file mode 100644
index 000000000..61d346a8f
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926 b/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926
new file mode 100644
index 000000000..9ae7ffa0c
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623 b/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623
new file mode 100644
index 000000000..a68ae2db7
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B b/id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B
new file mode 100644
index 000000000..f1d7b6a28
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD b/id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD
new file mode 100644
index 000000000..c1b90c0f4
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B b/id/server/data/deploy/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B
new file mode 100644
index 000000000..e27a87038
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE b/id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE
new file mode 100644
index 000000000..cc35ba691
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B b/id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B
new file mode 100644
index 000000000..783dd271a
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8 b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8
new file mode 100644
index 000000000..41dc7c553
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F
new file mode 100644
index 000000000..b596d82e3
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D
new file mode 100644
index 000000000..4adc3b7ec
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687 b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687
new file mode 100644
index 000000000..1e4f22777
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76 b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76
new file mode 100644
index 000000000..fe561ad6a
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889 b/id/server/data/deploy/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889
new file mode 100644
index 000000000..3754de603
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A b/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A
new file mode 100644
index 000000000..3c7775b6e
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A b/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A
new file mode 100644
index 000000000..b6f39e354
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515 b/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515
new file mode 100644
index 000000000..f9fef65fc
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92 b/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92
new file mode 100644
index 000000000..f9f27442b
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419 b/id/server/data/deploy/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419
new file mode 100644
index 000000000..10a1f7141
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374 b/id/server/data/deploy/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374
new file mode 100644
index 000000000..61a7ccb15
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914 b/id/server/data/deploy/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914
new file mode 100644
index 000000000..911640d0e
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB b/id/server/data/deploy/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB
new file mode 100644
index 000000000..a95605e5a
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85 b/id/server/data/deploy/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85
new file mode 100644
index 000000000..a365a465b
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305 b/id/server/data/deploy/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305
new file mode 100644
index 000000000..ea3512e3d
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331 b/id/server/data/deploy/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331
new file mode 100644
index 000000000..46dd968f0
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200 b/id/server/data/deploy/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200
new file mode 100644
index 000000000..05a8b86f9
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7 b/id/server/data/deploy/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7
new file mode 100644
index 000000000..815f53d95
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2 b/id/server/data/deploy/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2
new file mode 100644
index 000000000..63ba5cce5
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D b/id/server/data/deploy/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D
new file mode 100644
index 000000000..0bab77032
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100 b/id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100
new file mode 100644
index 000000000..882753986
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A b/id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A
new file mode 100644
index 000000000..f28aa4b8e
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44 b/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44
new file mode 100644
index 000000000..08d7b28e2
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE b/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE
new file mode 100644
index 000000000..e47d2b8ba
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA b/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA
new file mode 100644
index 000000000..5168e1af0
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D b/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D
new file mode 100644
index 000000000..c5bcc42e2
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04 b/id/server/data/deploy/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04
new file mode 100644
index 000000000..0a8de4bb9
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA b/id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA
new file mode 100644
index 000000000..ab9e0cd7d
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8 b/id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8
new file mode 100644
index 000000000..01965769d
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE b/id/server/data/deploy/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE
new file mode 100644
index 000000000..6428b8256
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA b/id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA
new file mode 100644
index 000000000..bc5ed1e62
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B b/id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B
new file mode 100644
index 000000000..cb519b7eb
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240 b/id/server/data/deploy/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240
new file mode 100644
index 000000000..f11bd6247
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C b/id/server/data/deploy/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C
new file mode 100644
index 000000000..348257122
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E b/id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E
new file mode 100644
index 000000000..b9fe1280c
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03 b/id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03
new file mode 100644
index 000000000..ea1585a6e
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED b/id/server/data/deploy/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED
new file mode 100644
index 000000000..a3f8a7409
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA b/id/server/data/deploy/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA
new file mode 100644
index 000000000..3c1f2f8a2
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3 b/id/server/data/deploy/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3
new file mode 100644
index 000000000..5026d395f
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29 b/id/server/data/deploy/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29
new file mode 100644
index 000000000..afe6fdf09
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A b/id/server/data/deploy/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A
new file mode 100644
index 000000000..f6df0f4fd
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F b/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F
new file mode 100644
index 000000000..c34d0f380
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3 b/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3
new file mode 100644
index 000000000..d894e92ca
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D b/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D
new file mode 100644
index 000000000..380486f65
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1 b/id/server/data/deploy/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1
new file mode 100644
index 000000000..22d64fb5f
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C b/id/server/data/deploy/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C
new file mode 100644
index 000000000..42a64da07
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3 b/id/server/data/deploy/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3
new file mode 100644
index 000000000..010c5d5b6
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA
new file mode 100644
index 000000000..d53dce92b
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE
new file mode 100644
index 000000000..5375c57c3
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344 b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344
new file mode 100644
index 000000000..7085c5ac9
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683 b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683
new file mode 100644
index 000000000..97dc187db
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65 b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65
new file mode 100644
index 000000000..ad5d7dea1
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6 b/id/server/data/deploy/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6
new file mode 100644
index 000000000..ebfbce9a0
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18 b/id/server/data/deploy/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18
new file mode 100644
index 000000000..6225c0ca7
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C b/id/server/data/deploy/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C
new file mode 100644
index 000000000..a3aa0000d
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267 b/id/server/data/deploy/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267
new file mode 100644
index 000000000..332aa817a
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703 b/id/server/data/deploy/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703
new file mode 100644
index 000000000..069640ffc
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE b/id/server/data/deploy/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE
new file mode 100644
index 000000000..c3fc91352
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC b/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC
new file mode 100644
index 000000000..87d8b52d4
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239 b/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239
new file mode 100644
index 000000000..91acd396a
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A b/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A
new file mode 100644
index 000000000..b5f5fa6ca
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537 b/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537
new file mode 100644
index 000000000..abeb964dd
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25 b/id/server/data/deploy/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25
new file mode 100644
index 000000000..83aeb1fce
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696 b/id/server/data/deploy/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696
new file mode 100644
index 000000000..5631441a9
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696 differ
diff --git a/id/server/data/deploy/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C b/id/server/data/deploy/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C
new file mode 100644
index 000000000..585047fa2
Binary files /dev/null and b/id/server/data/deploy/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201 b/id/server/doc/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201
new file mode 100644
index 000000000..592c96230
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710 b/id/server/doc/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710
new file mode 100644
index 000000000..a7948e488
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08 b/id/server/doc/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08
new file mode 100644
index 000000000..73434134e
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7 b/id/server/doc/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7
new file mode 100644
index 000000000..8c434777e
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726 b/id/server/doc/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726
new file mode 100644
index 000000000..3af27c013
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9 b/id/server/doc/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9
new file mode 100644
index 000000000..cac44093a
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630 b/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630
new file mode 100644
index 000000000..29d93550e
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F b/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F
new file mode 100644
index 000000000..2a88295a7
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35 b/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35
new file mode 100644
index 000000000..84a1690d2
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D b/id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D
new file mode 100644
index 000000000..3250c6adc
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB b/id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB
new file mode 100644
index 000000000..3848a2b82
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A b/id/server/doc/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A
new file mode 100644
index 000000000..04c6ea363
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330 b/id/server/doc/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330
new file mode 100644
index 000000000..32893db7f
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214 b/id/server/doc/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214
new file mode 100644
index 000000000..fd23a38d6
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D b/id/server/doc/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D
new file mode 100644
index 000000000..1a3106742
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958 b/id/server/doc/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958
new file mode 100644
index 000000000..a5e651f86
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2 b/id/server/doc/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2
new file mode 100644
index 000000000..28cb48bb0
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6 b/id/server/doc/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6
new file mode 100644
index 000000000..bdfcb7ab1
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7 b/id/server/doc/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7
new file mode 100644
index 000000000..eaac3518b
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C b/id/server/doc/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C
new file mode 100644
index 000000000..4dd2c49bf
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E b/id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E
new file mode 100644
index 000000000..39e377edf
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208 b/id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208
new file mode 100644
index 000000000..0a1fcff85
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732 b/id/server/doc/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732
new file mode 100644
index 000000000..13abede5c
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 b/id/server/doc/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2
new file mode 100644
index 000000000..33e776369
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941 b/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941
new file mode 100644
index 000000000..d2e7db667
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5 b/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5
new file mode 100644
index 000000000..f2f1c6562
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0 b/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0
new file mode 100644
index 000000000..476a3efb2
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233 b/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233
new file mode 100644
index 000000000..5c88b668a
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F b/id/server/doc/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F
new file mode 100644
index 000000000..4d1852203
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38 b/id/server/doc/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38
new file mode 100644
index 000000000..69a8e4872
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D b/id/server/doc/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D
new file mode 100644
index 000000000..807fa786c
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03 b/id/server/doc/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03
new file mode 100644
index 000000000..376d0753f
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317 b/id/server/doc/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317
new file mode 100644
index 000000000..73553b996
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27 b/id/server/doc/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27
new file mode 100644
index 000000000..5171276f4
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517 b/id/server/doc/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517
new file mode 100644
index 000000000..f8a8957ac
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82 b/id/server/doc/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82
new file mode 100644
index 000000000..167c36411
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E b/id/server/doc/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E
new file mode 100644
index 000000000..ed5ba194c
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA b/id/server/doc/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA
new file mode 100644
index 000000000..836ba3767
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299 b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299
new file mode 100644
index 000000000..8d33015f9
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F
new file mode 100644
index 000000000..69de75609
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE
new file mode 100644
index 000000000..efa28178e
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733 b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733
new file mode 100644
index 000000000..289fc2198
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6 b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6
new file mode 100644
index 000000000..b7d4b08a6
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E b/id/server/doc/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E
new file mode 100644
index 000000000..b2beddaa5
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B b/id/server/doc/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B
new file mode 100644
index 000000000..414123ece
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9 b/id/server/doc/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9
new file mode 100644
index 000000000..54893c9d6
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C b/id/server/doc/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C
new file mode 100644
index 000000000..8588ce58a
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A b/id/server/doc/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A
new file mode 100644
index 000000000..141b05ef4
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4 b/id/server/doc/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4
new file mode 100644
index 000000000..6e17b9db5
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3 b/id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3
new file mode 100644
index 000000000..33e1ee94b
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15 b/id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15
new file mode 100644
index 000000000..694e6828b
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26 b/id/server/doc/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26
new file mode 100644
index 000000000..55707d69f
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E b/id/server/doc/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E
new file mode 100644
index 000000000..3be7b6a06
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA b/id/server/doc/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA
new file mode 100644
index 000000000..4e18de8d7
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE b/id/server/doc/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE
new file mode 100644
index 000000000..c4d97cda3
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4 b/id/server/doc/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4
new file mode 100644
index 000000000..9b2ee0fc6
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5 b/id/server/doc/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5
new file mode 100644
index 000000000..b2a1e145f
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F b/id/server/doc/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F
new file mode 100644
index 000000000..5dd9558d0
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526 b/id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526
new file mode 100644
index 000000000..da38ce028
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830 b/id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830
new file mode 100644
index 000000000..7e9fd5b0b
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9 b/id/server/doc/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9
new file mode 100644
index 000000000..640918641
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B b/id/server/doc/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B
new file mode 100644
index 000000000..b15880c29
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1 b/id/server/doc/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1
new file mode 100644
index 000000000..6da18c620
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20 b/id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20
new file mode 100644
index 000000000..8b501d747
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D b/id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D
new file mode 100644
index 000000000..b4b128903
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD b/id/server/doc/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD
new file mode 100644
index 000000000..c19647ad8
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9 b/id/server/doc/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9
new file mode 100644
index 000000000..39f88d881
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C b/id/server/doc/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C
new file mode 100644
index 000000000..277b6083a
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A b/id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A
new file mode 100644
index 000000000..ad13d7b28
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B b/id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B
new file mode 100644
index 000000000..d361d919f
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0 b/id/server/doc/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0
new file mode 100644
index 000000000..89cfe44fd
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C b/id/server/doc/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C
new file mode 100644
index 000000000..cc8b505ec
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E b/id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E
new file mode 100644
index 000000000..c9da41583
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01 b/id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01
new file mode 100644
index 000000000..28fbdf42f
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878 b/id/server/doc/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878
new file mode 100644
index 000000000..424f849a1
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C b/id/server/doc/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C
new file mode 100644
index 000000000..4989f3e73
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 b/id/server/doc/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22
new file mode 100644
index 000000000..a699436ca
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B b/id/server/doc/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B
new file mode 100644
index 000000000..06b40aa67
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB b/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB
new file mode 100644
index 000000000..6f97837a2
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980 b/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980
new file mode 100644
index 000000000..d7799119f
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B b/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B
new file mode 100644
index 000000000..508f7f076
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B b/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B
new file mode 100644
index 000000000..c0feb0d0e
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE b/id/server/doc/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE
new file mode 100644
index 000000000..a0e3fdda1
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6 b/id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6
new file mode 100644
index 000000000..36a442b89
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E b/id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E
new file mode 100644
index 000000000..54f809962
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400 b/id/server/doc/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400
new file mode 100644
index 000000000..6c0216239
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22 b/id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22
new file mode 100644
index 000000000..7c6adedf5
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169 b/id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169
new file mode 100644
index 000000000..70f5b7c91
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913 b/id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913
new file mode 100644
index 000000000..f3cf5e676
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC b/id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC
new file mode 100644
index 000000000..fc5bd433b
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F b/id/server/doc/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F
new file mode 100644
index 000000000..3beb4529a
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA b/id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA
new file mode 100644
index 000000000..8ddc7d79b
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799 b/id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799
new file mode 100644
index 000000000..c9fd41f7f
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6 b/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6
new file mode 100644
index 000000000..781d1e4f2
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B b/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B
new file mode 100644
index 000000000..8286cabbc
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B b/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B
new file mode 100644
index 000000000..a0148f63b
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C b/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C
new file mode 100644
index 000000000..61d346a8f
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926 b/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926
new file mode 100644
index 000000000..9ae7ffa0c
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623 b/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623
new file mode 100644
index 000000000..a68ae2db7
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B b/id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B
new file mode 100644
index 000000000..f1d7b6a28
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD b/id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD
new file mode 100644
index 000000000..c1b90c0f4
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B b/id/server/doc/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B
new file mode 100644
index 000000000..e27a87038
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE b/id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE
new file mode 100644
index 000000000..cc35ba691
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B b/id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B
new file mode 100644
index 000000000..783dd271a
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8 b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8
new file mode 100644
index 000000000..41dc7c553
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F
new file mode 100644
index 000000000..b596d82e3
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D
new file mode 100644
index 000000000..4adc3b7ec
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687 b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687
new file mode 100644
index 000000000..1e4f22777
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76 b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76
new file mode 100644
index 000000000..fe561ad6a
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889 b/id/server/doc/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889
new file mode 100644
index 000000000..3754de603
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A b/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A
new file mode 100644
index 000000000..3c7775b6e
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A b/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A
new file mode 100644
index 000000000..b6f39e354
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515 b/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515
new file mode 100644
index 000000000..f9fef65fc
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92 b/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92
new file mode 100644
index 000000000..f9f27442b
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419 b/id/server/doc/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419
new file mode 100644
index 000000000..10a1f7141
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374 b/id/server/doc/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374
new file mode 100644
index 000000000..61a7ccb15
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914 b/id/server/doc/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914
new file mode 100644
index 000000000..911640d0e
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB b/id/server/doc/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB
new file mode 100644
index 000000000..a95605e5a
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85 b/id/server/doc/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85
new file mode 100644
index 000000000..a365a465b
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305 b/id/server/doc/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305
new file mode 100644
index 000000000..ea3512e3d
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331 b/id/server/doc/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331
new file mode 100644
index 000000000..46dd968f0
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200 b/id/server/doc/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200
new file mode 100644
index 000000000..05a8b86f9
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7 b/id/server/doc/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7
new file mode 100644
index 000000000..815f53d95
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2 b/id/server/doc/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2
new file mode 100644
index 000000000..63ba5cce5
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D b/id/server/doc/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D
new file mode 100644
index 000000000..0bab77032
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100 b/id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100
new file mode 100644
index 000000000..882753986
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A b/id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A
new file mode 100644
index 000000000..f28aa4b8e
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44 b/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44
new file mode 100644
index 000000000..08d7b28e2
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE b/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE
new file mode 100644
index 000000000..e47d2b8ba
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA b/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA
new file mode 100644
index 000000000..5168e1af0
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D b/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D
new file mode 100644
index 000000000..c5bcc42e2
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04 b/id/server/doc/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04
new file mode 100644
index 000000000..0a8de4bb9
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA b/id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA
new file mode 100644
index 000000000..ab9e0cd7d
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8 b/id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8
new file mode 100644
index 000000000..01965769d
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE b/id/server/doc/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE
new file mode 100644
index 000000000..6428b8256
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA b/id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA
new file mode 100644
index 000000000..bc5ed1e62
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B b/id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B
new file mode 100644
index 000000000..cb519b7eb
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240 b/id/server/doc/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240
new file mode 100644
index 000000000..f11bd6247
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C b/id/server/doc/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C
new file mode 100644
index 000000000..348257122
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E b/id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E
new file mode 100644
index 000000000..b9fe1280c
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03 b/id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03
new file mode 100644
index 000000000..ea1585a6e
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED b/id/server/doc/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED
new file mode 100644
index 000000000..a3f8a7409
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA b/id/server/doc/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA
new file mode 100644
index 000000000..3c1f2f8a2
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3 b/id/server/doc/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3
new file mode 100644
index 000000000..5026d395f
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29 b/id/server/doc/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29
new file mode 100644
index 000000000..afe6fdf09
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A b/id/server/doc/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A
new file mode 100644
index 000000000..f6df0f4fd
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F b/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F
new file mode 100644
index 000000000..c34d0f380
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3 b/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3
new file mode 100644
index 000000000..d894e92ca
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D b/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D
new file mode 100644
index 000000000..380486f65
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1 b/id/server/doc/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1
new file mode 100644
index 000000000..22d64fb5f
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C b/id/server/doc/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C
new file mode 100644
index 000000000..42a64da07
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3 b/id/server/doc/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3
new file mode 100644
index 000000000..010c5d5b6
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA
new file mode 100644
index 000000000..d53dce92b
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE
new file mode 100644
index 000000000..5375c57c3
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344 b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344
new file mode 100644
index 000000000..7085c5ac9
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683 b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683
new file mode 100644
index 000000000..97dc187db
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65 b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65
new file mode 100644
index 000000000..ad5d7dea1
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6 b/id/server/doc/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6
new file mode 100644
index 000000000..ebfbce9a0
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18 b/id/server/doc/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18
new file mode 100644
index 000000000..6225c0ca7
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C b/id/server/doc/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C
new file mode 100644
index 000000000..a3aa0000d
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267 b/id/server/doc/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267
new file mode 100644
index 000000000..332aa817a
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703 b/id/server/doc/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703
new file mode 100644
index 000000000..069640ffc
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE b/id/server/doc/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE
new file mode 100644
index 000000000..c3fc91352
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC b/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC
new file mode 100644
index 000000000..87d8b52d4
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239 b/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239
new file mode 100644
index 000000000..91acd396a
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A b/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A
new file mode 100644
index 000000000..b5f5fa6ca
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537 b/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537
new file mode 100644
index 000000000..abeb964dd
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25 b/id/server/doc/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25
new file mode 100644
index 000000000..83aeb1fce
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696 b/id/server/doc/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696
new file mode 100644
index 000000000..5631441a9
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696 differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C b/id/server/doc/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C
new file mode 100644
index 000000000..585047fa2
Binary files /dev/null and b/id/server/doc/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C differ
-- 
cgit v1.2.3


From 8f0153f4c6e2fd63dab1f3820b1f61521d1c2220 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 9 Jul 2014 10:49:32 +0200
Subject: use country code from certificate as default

---
 .../id/auth/builder/AuthenticationDataBuilder.java | 48 +++++++++++-----------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 9af2f5ee5..3fd83bbe6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -238,6 +238,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 			} else {
 				
 				//TODO: check if response include attributes and map this attributes to requested attributes
+				//TODO: insert code to parse Attributes from AuthnRespones for USP --> Zustelldienst
 				
 				//get PVP 2.1 attributes from protocol specific requested attributes
 				attributs = req.getRequestedAttributes();
@@ -504,33 +505,33 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 		authData.setQAALevel(session.getQAALevel());
 
 		if (session.isForeigner()) {
-			if (authData.getStorkAuthnRequest() != null) {
-				authData.setCcc(authData.getStorkAuthnRequest()
-						.getCitizenCountryCode());
-				
-			} else {
-
-				try {
-					//TODO: replace with TSL lookup when TSL is ready!
-					X509Certificate certificate = new X509Certificate(authData.getSignerCertificate());
-
-					if (certificate != null) {
-
-						LdapName ln = new LdapName(certificate.getIssuerDN()
-								.getName());
-						for (Rdn rdn : ln.getRdns()) {
-							if (rdn.getType().equalsIgnoreCase("C")) {
-								Logger.info("C is: " + rdn.getValue());
-								authData.setCcc(rdn.getValue().toString());
-								break;
-							}
+			try {
+				//TODO: replace with TSL lookup when TSL is ready!
+				X509Certificate certificate = new X509Certificate(authData.getSignerCertificate());
+				if (certificate != null) {
+					LdapName ln = new LdapName(certificate.getIssuerDN()
+							.getName());
+					for (Rdn rdn : ln.getRdns()) {
+						if (rdn.getType().equalsIgnoreCase("C")) {
+							Logger.info("C is: " + rdn.getValue());
+							authData.setCcc(rdn.getValue().toString());
+							break;
 						}
 					}
-					
-				} catch (Exception e) {
-					Logger.error("Failed to extract country code from certificate", e);
+				}
+				
+			} catch (Exception e) {
+				Logger.error("Failed to extract country code from certificate", e);
+				
+			}
+			
+			if (MiscUtil.isEmpty(authData.getCcc())) {
+				if (authData.getStorkAuthnRequest() != null) {
+					authData.setCcc(authData.getStorkAuthnRequest().getCitizenCountryCode());
+					Logger.info("Can not extract country from certificate -> Use country from STORK request.");
 					
 				}
+								
 			}
 			
 		} else {
@@ -539,7 +540,6 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 		}
 		
 		try {
-
 			authData.setSsoSession(AuthenticationSessionStoreage.isSSOSession(session.getSessionID()));
 			
 			//set max. SSO session time
-- 
cgit v1.2.3


From df1bce487e003b50e403730069ed7343df4f86fc Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 9 Jul 2014 10:50:09 +0200
Subject: set foreigner to true

---
 .../at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java | 4 +++-
 .../moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java   | 6 ++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index ee1d1728a..64447b20e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -354,7 +354,9 @@ public class PEPSConnectorServlet extends AuthServlet {
 			if (identityLink == null) {
 				Logger.error("SZR Gateway did not return an identity link.");
 				throw new MOAIDException("stork.10", null);	
-			}
+			}			
+			moaSession.setForeigner(true);
+			
 			Logger.info("Received Identity Link from SZR Gateway");
 			moaSession.setIdentityLink(identityLink);
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
index e2f6e50b1..62e15a379 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
@@ -249,7 +249,8 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 
 			Logger.debug("Add full STORK AuthnResponse to MOA session");
 			moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));//TODO ask Florian/Thomas authnResponse?
-
+			moaSession.setForeigner(true);
+			
 			//session is implicit stored in changeSessionID!!!!
 			String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
 
@@ -479,7 +480,8 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 
 				X509Certificate cert = getSignerCertificate(citizenSignature);
 				moaSession.setSignerCertificate(cert);	
-
+				moaSession.setForeigner(true);
+				
 
 			} catch (Throwable e) {
 				Logger.error("Could not extract citizen signature from C-PEPS", e);
-- 
cgit v1.2.3


From f4d530a433dcf32d12d435de45e53bac9e1c3287 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 10 Jul 2014 10:57:52 +0200
Subject: fix typo

---
 .../at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java
index c83bb20ca..97f26812f 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java
@@ -40,7 +40,7 @@ import org.hibernate.annotations.DynamicUpdate;
 
 @Entity
 @DynamicUpdate(value=true)
-@Table(name = "statisiclog")
+@Table(name = "statisticlog")
 @NamedQueries({
     @NamedQuery(name="getAllEntriesNotBeforeTimeStamp", query = "select statisiclog from StatisticLog statisiclog where statisiclog.timestamp > :timeout")
 })
-- 
cgit v1.2.3


From 29b736fb8e31f8f5592c5617e92c03e5f90149f0 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 10 Jul 2014 10:59:15 +0200
Subject: update handbook   - add network connections which are required

---
 id/readme_2.1.0.txt                               | 188 ++++++++++++++++++++++
 id/server/doc/handbook/additional/additional.html |  58 +++++++
 spss/handbook/handbook/faq/faq.html               |  48 +++++-
 3 files changed, 292 insertions(+), 2 deletions(-)
 create mode 100644 id/readme_2.1.0.txt

diff --git a/id/readme_2.1.0.txt b/id/readme_2.1.0.txt
new file mode 100644
index 000000000..9b5c7d05d
--- /dev/null
+++ b/id/readme_2.1.0.txt
@@ -0,0 +1,188 @@
+===============================================================================
+MOA ID Version Release 2.1.0 - Wichtige Informationen zur Installation
+===============================================================================
+
+-------------------------------------------------------------------------------
+A. Neuerungen/Änderungen
+-------------------------------------------------------------------------------
+
+Mit MOA ID Version 2.0.1 wurden folgende Neuerungen eingeführt, die jetzt 
+erstmals in der Veröffentlichung enthalten sind (siehe auch history.txt im 
+gleichen Verzeichnis):
+
+- Neuerungen:
+  - IDP Interfederation für Single Sign-On
+  - MOA-ID Truststore wird auch für Bezug PVP 2.1 metadaten über https verwendet.
+  - Definition neuer Fehlercodes
+  - Single LogOut Unterstützung für PVP 2.1 (SAML2) als Feature mit Betastatus
+   
+- Änderungen
+  - Anpassung VIDP Code für STORK
+  - MOA-ID-Konfigurationstool mit überarbeiteter Online-Applikationskonfiguration
+  - Anpassung der protokollspezifischen Fehlerrückgabe
+  - Anpassungen für die Verwendung von Oracle Datenbanksystemen 
+  - Kleinere Bug-Fixes
+    
+-------------------------------------------------------------------------------
+B. Durchführung eines Updates
+-------------------------------------------------------------------------------
+
+Es wird generell eine Neuinstallation lt. Handbuch empfohlen! Dennoch ist auch
+eine Aktualisierung bestehender Installationen möglich.
+
+...............................................................................
+B.1 Durchführung eines Updates von Version 2.0.1 
+...............................................................................
+ 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird.
+   Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an.
+
+2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.0.zip) in
+   ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST 
+   bezeichnet.
+
+3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth
+   beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps,
+   wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation 
+   für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als 
+   auch das komplette Verzeichnis moa-id-auth.
+
+4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach
+   CATALINA_HOME_ID/webapps.
+   
+5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach
+   CATALINA_HOME_ID/webapps.   
+
+6. Update der STORK Konfiguration
+     a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork
+         in das Verzeichnis CATALINA_HOME\conf\moa-id\stork.
+     b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration ->   
+         2.4 Konfiguration des SamlEngines an.
+         
+7. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Configuration Konfigurationsdatei
+   CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties     
+     a.) general.ssl.certstore=certs/certstore
+     b.) general.ssl.truststore=certs/truststore
+ 
+8. Kopieren des folgenden zusätzlichen Ordners  MOA_ID_AUTH_INST/conf/moa-id-configuration/certs
+   nach CATALINA_HOME\conf\moa-id-configuration\
+   
+9. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei
+   CATALINA_HOME\conf\moa-id\moa-id.properties und Anpassung an das zu verwendeten Schlüsselpaar.     
+     a.) protocols.pvp2.idp.ks.assertion.encryption.alias=pvp_assertion
+         protocols.pvp2.idp.ks.assertion.encryption.keypassword=password
+ 
+10. Kopieren der folgenden zusätzlichen Ordner aus MOA_ID_AUTH_INST/conf/moa-id/
+    nach CATALINA_HOME\conf\moa-id\
+      a.) MOA_ID_AUTH_INST/conf/moa-id/SLTemplates -> CATALINA_HOME\conf\moa-id\    
+      b.) MOA_ID_AUTH_INST/conf/moa-id/htmlTemplates/slo_template.html ->
+          CATALINA_HOME/conf/moa-id/htmlTemplates/slo_template.html
+      
+11. Neuinitialisieren des Datenbank Schema für die MOA-Session. Hierfür stehen 
+    zwei Varianten zur Verfügung.
+      a.) Ändern Sie in der Konfigurationsdatei für das Modul MOA-ID-Auth 
+          CATALINA_HOME\conf\moa-id\moa-id.properties die Zeile 
+               moasession.hibernate.hbm2ddl.auto=update
+          zu
+               moasession.hibernate.hbm2ddl.auto=create
+          Danach werden die Tabellen beim nächsten Startvorgang neu generiert.
+               
+      b.) Löschen Sie alle Tabellen aus dem Datenbank Schema für die MOA-Sessixson 
+          Informationen per Hand. Alle Tabellen werden beim nächsten Start autmatisch neu generiert.   
+       
+12 . Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im
+   Logging von MOA ID beim Einlesen der Konfiguration.
+
+
+...............................................................................
+B.2 Durchführung eines Updates von Version 2.0-RC1 
+...............................................................................
+
+1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird.
+   Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an.
+
+2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.0.1.zip) in
+   ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST 
+   bezeichnet.
+   Für MOA ID Proxy:
+   Entpacken Sie die Distribution von MOA-ID-Proxy (moa-id-proxy-2.0.1.zip) in
+   ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_PROXY_INST 
+   bezeichnet.
+
+3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth
+   beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps,
+   wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation 
+   für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als 
+   auch das komplette Verzeichnis moa-id-auth.
+
+4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach
+   CATALINA_HOME_ID/webapps.
+
+5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach
+   CATALINA_HOME_ID/webapps.  
+
+6. Update des Cert-Stores.
+   Kopieren Sie den Inhalt des Verzeichnisses
+   MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis
+   CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie 
+   vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann 
+   bejahen sie das.
+
+7. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen 
+   wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile 
+   beibehalten wollen, dann gehen Sie vor, wie in Punkt b).
+
+   a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen:
+
+    1)  Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles.
+    2)  Kopieren Sie das Verzeichnis 
+        MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis 
+        CATALINA_HOME\conf\moa-spss.
+
+   b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie 
+      folgt vor, um die Profile auf den aktuellen Stand zu bringen:
+
+    1)  Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den 
+        entsprechenden Profilen im Verzeichnis 
+        MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren 
+        Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt 
+        der einzelnen Profile aus der Distribution 
+        (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden 
+        Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) 
+        kopieren und dabei die vorhandenen gleichnamigen Zertifikate 
+        überschreiben), also z.B: Kopieren des Inhalts von 
+        MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\
+        MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach 
+        CATALINA_HOME\conf\moa-spss\trustProfiles\
+        MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw.
+           
+8. Update der Default html-Templates für die Bürgerkartenauswahl.
+
+     a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates
+         in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates.         
+     b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates
+         in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. 
+
+9. Update der STORK Konfiguration
+     a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork
+         in das Verzeichnis CATALINA_HOME\conf\moa-id\stork.
+     b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration ->   
+         2.4 Konfiguration des SamlEngines an.
+         
+10. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei
+   CATALINA_HOME\conf\moa-id\moa-id.properties
+     
+     a.) configuration.validation.certificate.QC.ignore=false
+     b.) protocols.pvp2.assertion.encryption.active=false          
+                                    
+11. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im
+   Logging von MOA ID beim Einlesen der Konfiguration.
+
+   
+...............................................................................
+B.3 Durchführung eines Updates von Version <= 1.5.1
+...............................................................................
+
+Bitte führen Sie eine Neuinstallation von MOA ID laut Handbuch durch und passen
+Sie die mitgelieferte Musterkonfiguration entsprechend Ihren Bedürfnissen unter 
+Zuhilfenahme Ihrer bisherigen Konfiguration an.
+
diff --git a/id/server/doc/handbook/additional/additional.html b/id/server/doc/handbook/additional/additional.html
index 97c7794cf..fb4e76733 100644
--- a/id/server/doc/handbook/additional/additional.html
+++ b/id/server/doc/handbook/additional/additional.html
@@ -30,6 +30,7 @@
         <li><a href="#statisticdata">Logging von Statistikdaten</a></li>
       </ol>
     </li>
+    <li><a href="#networkconnections">Ben&ouml;tigte Netzwerkverbindungen (incoming / outgoing)</a></li>
   </ol>
 <hr/>
   <h1><a name="allgemeines"></a>1 Datenmanagement</h1>
@@ -191,6 +192,63 @@
     <td width="757" valign="top"><p>Fehlermeldung in textueller Form    (max. 255 Zeichen lang)</p></td>
   </tr>
 </table>
+<p>&nbsp;</p>
+<h1><a name="networkconnections" id="networkconnections"></a>2 Ben&ouml;tigte Netzwerkverbindungen (incoming / outgoing)</h1>
+<p>F&uuml;r die Betrieb des Modules MOA-ID-Auth werden Netzwerkverbindungen zu externen Service ben&ouml;tigt. Die nachfolgende Tabelle gibt eine Aufstellung der ben&ouml;tigten Verbindungen und eine kurze Beschreibung &uuml;ber deren Funktion.</p>
+<table border="1" cellpadding="0" cellspacing="0">
+  <tr>
+    <td width="105" height="34" valign="middle"><strong>Service</strong></td>
+    <td width="275" valign="middle"><strong>URL</strong></td>
+    <td width="63" valign="middle"><strong>Port</strong></td>
+    <td width="87" valign="middle"><strong>Richtung</strong></td>
+    <td width="702" valign="middle"><strong>Beschreibung</strong></td>
+  </tr>
+  <tr>
+    <td valign="middle"><p>MOA-ID-Auth</p></td>
+    <td align="center" valign="middle">*</td>
+    <td align="center" valign="middle">80, 443</td>
+    <td align="center" valign="middle">eingehend</td>
+    <td valign="middle"><p>Front-Channel und Back-Channel Verbinding zum IDP</p></td>
+  </tr>
+  <tr>
+    <td valign="middle"><p>MOA-ID-Auth</p></td>
+    <td align="center" valign="middle">*</td>
+    <td align="center" valign="middle">80, 443</td>
+    <td align="center" valign="middle">ausgehend</td>
+    <td valign="middle">Abholen von Template oder PVP 2.1 Metadaten</td>
+  </tr>
+  <tr>
+    <td height="26" valign="middle">LDAP</td>
+    <td align="center" valign="middle">*</td>
+    <td align="center" valign="middle">389, 636</td>
+    <td align="center" valign="middle">ausgehend</td>
+    <td valign="middle">Zertifikatspr&uuml;fung</td>
+  </tr>
+  <tr>
+    <td width="105" valign="middle"><p>OSCP / CRL</p></td>
+    <td width="275" align="center" valign="middle">*</td>
+    <td width="63" align="center" valign="middle">80, 443</td>
+    <td width="87" align="center" valign="middle">ausgehend</td>
+    <td width="702" valign="middle"><p>Zertifikatspr&uuml;fung</p></td>
+  </tr>
+  <tr>
+    <td valign="middle">OVS</td>
+    <td align="center" valign="middle"><p><strong>Prod:</strong> <a href="https://vollmachten.stammzahlenregister.gv.at/mis/">vollmachten.stammzahlenregister.gv.at</a><br>
+        <strong>Test:</strong> <a href="https://vollmachten.egiz.gv.at/mis-test/">vollmachten.egiz.gv.at</a></p></td>
+    <td align="center" valign="middle">443</td>
+    <td align="center" valign="middle">ausgehend</td>
+    <td valign="middle">Online-Vollmachten Service (MIS) via SOAP Service</td>
+  </tr>
+  <tr>
+    <td height="46" valign="middle">SZR-Gateway</td>
+    <td align="left" valign="middle"><strong>Prod: </strong><a href="https://gateway.stammzahlenregister.gv.at/">gateway.stammzahlenregister.gv.at</a><br>
+    <strong>Test:</strong> <a href="http://szrgw.egiz.gv.at/">szrgw.egiz.gv.at</a></td>
+    <td align="center" valign="middle">443</td>
+    <td align="center" valign="middle">ausgehend</td>
+    <td valign="middle">Stammzahlenregister Gateway via SOAP Service</td>
+  </tr>
+</table>
+<p>&nbsp;</p>
 <p align="left">&nbsp;</p>
 <p>&nbsp;</p>
   <p>&nbsp;</p>
diff --git a/spss/handbook/handbook/faq/faq.html b/spss/handbook/handbook/faq/faq.html
index 4e9ff77a3..fc3f98d44 100644
--- a/spss/handbook/handbook/faq/faq.html
+++ b/spss/handbook/handbook/faq/faq.html
@@ -44,8 +44,9 @@
     <li>Ich m&ouml;chte ein Zertifikat (z.B. einer Zwischen-Zertifizierungsstelle) manuell in den internen Zertifikatsspeicher von MOA SP importieren. Wie funktioniert das? [<a href="#konfiguration_2">Zur Antwort</a>]</li>
     <li>Meine bestehende Konfigurationsdatei funktioniert mit MOA SP/SS 1.3 oder h&ouml;her nicht mehr. Was ist passiert?
       [<a href="#konfiguration_3">Zur Antwort</a>]</li>
+    <li>Welche Netzwerkverbindungen  (incoming / outgoing)  werden durch MOA SP/SS ben&ouml;tigt? [<a href="#konfiguration_4">Zur Antwort</a>]</li>
   </ol>
-  <h2>Verwendung</h2>
+<h2>Verwendung</h2>
   <ol>
     <li>Bei der Pr&uuml;fung einer Signatur liefert die Pr&uuml;fung des Zertifikatsstatus den Code 1. Was kann der Fehler sein? [<a href="#verwendung_1">Zur Antwort</a>]  </li>
   </ol>
@@ -103,8 +104,51 @@ http.nonProxyHosts=&quot;&lt;exceptionhosts&gt;&quot;</pre>
 	    dem Sie Ihre Konfigurationsdatei vom bisherigen auf das neue Format migrieren k&ouml;nnen.</p>
 		<p>Informationen zur Verwendung des Werkzeugs finden Sie in <a href="../config/config.html#&#252;bersicht_zentraledatei_aktualisierung">Abschnitt 1.2.1</a> des Konfigurationshandbuchs. </p>
 	</li>
+	<li class="faq">
+    	<div class="faq-question"><a name="konfiguration_4" id="konfiguration_4"></a>Welche Netzwerkverbindungen (incoming / outgoing) werden durch MOA SP/SS ben&ouml;tigt?</div>
+        <p> Die nachfolgende Tabelle gibt eine Aufstellung der ben&ouml;tigten Netzberbindungen und eine kurze Beschreibung &uuml;ber deren Funktion.</p>
+        <table border="1" cellpadding="0" cellspacing="0">
+          <tr>
+            <td width="105" height="34" valign="middle"><strong>Service</strong></td>
+            <td width="275" valign="middle"><strong>URL</strong></td>
+            <td width="63" valign="middle"><strong>Port</strong></td>
+            <td width="87" valign="middle"><strong>Richtung</strong></td>
+            <td width="702" valign="middle"><strong>Beschreibung</strong></td>
+          </tr>
+          <tr>
+            <td valign="middle"><p>MOA-SP/SS</p></td>
+            <td align="center" valign="middle">*</td>
+            <td align="center" valign="middle">80, 443</td>
+            <td align="center" valign="middle">eingehend</td>
+            <td valign="middle"><p>Verbindungen zum Signature-Creation und Signature-Verification Service </p></td>
+          </tr>
+          <tr>
+            <td valign="middle"><p>Referenzen / TSL</p></td>
+            <td align="center" valign="middle">*</td>
+            <td align="center" valign="middle">80, 443</td>
+            <td align="center" valign="middle">ausgehend</td>
+            <td valign="middle">Zum Aufl&ouml;sen von externen Referenzen, welche in den Requests enthalten sind und zum Download der Trust-Status Listen (TSL).<br>
+              <strong>Hinweis: </strong>Werden externe Referenzen &uuml;ber andere Protokolle bezogen m&uuml;ssen die jeweiligen Ports ebenfalls freigeschalten werden.</td>
+          </tr>
+          <tr>
+            <td height="26" valign="middle">LDAP</td>
+            <td align="center" valign="middle">*</td>
+            <td align="center" valign="middle">389, 636</td>
+            <td align="center" valign="middle">ausgehend</td>
+            <td valign="middle">Zertifikatspr&uuml;fung</td>
+          </tr>
+          <tr>
+            <td width="105" valign="middle"><p>OSCP / CRL</p></td>
+            <td width="275" align="center" valign="middle">*</td>
+            <td width="63" align="center" valign="middle">80, 443</td>
+            <td width="87" align="center" valign="middle">ausgehend</td>
+            <td width="702" valign="middle"><p>Zertifikatspr&uuml;fung</p></td>
+          </tr>
+        </table>
+        <br>
+    </li>
   </ol>
-  <h2>Verwendung</h2>
+<h2>Verwendung</h2>
   <ol>
     <li class="faq"><div class="faq-question"><a name="verwendung_1" id="verwendung_1"></a>Bei der Pr&uuml;fung einer Signatur liefert die Pr&uuml;fung des Zertifikatsstatus den Code 1. Was kann der Fehler sein? </div>
 	<p>Dieser Fehlercode bedeutet: Es konnte keine formal korrekte Zertifikatskette vom Signatorzertifikat zu einem vertrauensw&uuml;rdigen Wurzelzertifikat konstruiert werden. Das kann grunds&auml;tzlich eine der beiden folgenden Ursachen haben:</p>
-- 
cgit v1.2.3


From fd0c34ddeb83f1b8e88837837e513491d66e8f2f Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 10 Jul 2014 11:28:13 +0200
Subject: fix problem with extended SAML1 attributes and STORK authentication

---
 .../egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java  | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 3fd83bbe6..17d6898ee 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -50,6 +50,7 @@ import eu.stork.peps.auth.commons.PersonalAttributeList;
 
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
@@ -116,7 +117,10 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 		if (protocolRequest instanceof SAML1RequestImpl) {
 			//request is SAML1
 			SAML1AuthenticationData saml1authdata = new SAML1AuthenticationData();
-			saml1authdata.setExtendedSAMLAttributesOA(session.getExtendedSAMLAttributesOA());
+			if (session.getExtendedSAMLAttributesOA() == null)
+				saml1authdata.setExtendedSAMLAttributesOA(new ArrayList<ExtendedSAMLAttribute>());
+			else
+				saml1authdata.setExtendedSAMLAttributesOA(session.getExtendedSAMLAttributesOA());
 			
 			authdata = saml1authdata;
 						
-- 
cgit v1.2.3


From 31e11e635b2dc72542ea2af1e302d83c6a8c7c13 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 10 Jul 2014 12:26:21 +0200
Subject: set default TrustManagerRevocationCheck value

---
 .../egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java   | 3 ++-
 .../java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java | 2 +-
 .../egovernment/moa/id/config/auth/AuthConfigurationProvider.java   | 6 +++---
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index 681641834..f29780f05 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -159,7 +159,8 @@ public class GeneralMOAIDConfig {
 				if (authgen != null) {
 					alternativeSourceID = authgen.getAlternativeSourceID();
 					certStoreDirectory = authgen.getCertStoreDirectory();
-					trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking();
+					if (authgen.isTrustManagerRevocationChecking() != null)
+						trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking();
 					
 					publicURLPrefix = authgen.getPublicURLPreFix();
 					
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
index 88ed7885f..24def1e02 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
@@ -124,7 +124,7 @@ public class ConfigurationProvider {
 
 	protected String certstoreDirectory;
 	
-	protected boolean trustmanagerrevoationchecking;
+	protected boolean trustmanagerrevoationchecking = true;
 	
 	/**
 		 * Returns the main configuration file directory used to configure MOA-ID
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index 6fc1d28c1..ccf390153 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -1038,11 +1038,11 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
   private void setTrustManagerRevocationChecking() throws ConfigurationException {
 	  AuthComponentGeneral auth = getAuthComponentGeneral();
 	  
-	  if (auth.getGeneralConfiguration() != null)		  
+	  if (auth.getGeneralConfiguration() != null &&
+			  auth.getGeneralConfiguration().isTrustManagerRevocationChecking() != null)		  
 		  trustmanagerrevoationchecking = auth.getGeneralConfiguration().isTrustManagerRevocationChecking();
 	  else {
-		  Logger.warn("Error in MOA-ID Configuration. No CertStoreDirectory defined.");
-		  throw new ConfigurationException("config.02", null);
+		  Logger.warn("No info found in MOA-ID Configuration. Set TrustManagerRevocationCheck to TRUE.");
 	  } 
   }
   
-- 
cgit v1.2.3


From 34ac95193f76a30f3bc96761c5bb02c5048f5a69 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 10 Jul 2014 12:26:43 +0200
Subject: solve problem with empty configuration

---
 .../id/configuration/data/GeneralStorkConfig.java  | 35 ++++++++++++++--------
 .../src/main/webapp/jsp/editMOAConfig.jsp          |  2 +-
 2 files changed, 23 insertions(+), 14 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
index b1e268fef..5e177655d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java
@@ -80,7 +80,7 @@ public class GeneralStorkConfig {
 					}
 					
 					if (cpepslist.isEmpty())
-						cpepslist.add(new CPEPS());
+						cpepslist = null;
 					
 					if(attributes.isEmpty())
 						attributes.add(new StorkAttribute());
@@ -94,21 +94,30 @@ public class GeneralStorkConfig {
 			return null;
 
 		MOAIDConfiguration dbconfig = ConfigurationDBRead.getMOAIDConfiguration();
-
-		List<CPEPS> cpepss = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS();
-
-		// make CountryCode "readonly"
-		for (CPEPS newone : cpepslist) {
-			for (CPEPS current : cpepss) {
-				if (null != newone)
-					if (current.getHjid().equals(newone.getHjid())) {
-						newone.setCountryCode(current.getCountryCode());
-						break;
+		
+		try {
+			List<CPEPS> cpepss = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS();
+
+			if (cpepss != null) {
+				// make CountryCode "readonly"
+				for (CPEPS newone : cpepslist) {
+					for (CPEPS current : cpepss) {
+						if (null != newone)
+							if (current.getHjid().equals(newone.getHjid())) {
+								newone.setCountryCode(current.getCountryCode());
+								break;
+							}
 					}
+				}
 			}
-		}
 
-		return cpepslist;
+			return cpepslist;
+			
+		} catch (NullPointerException e) {
+			return null;
+			
+		}
+			
 	}
 
 	public void setCpepslist(List<CPEPS> list) {
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
index 1e8e36d4e..bf5625419 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp
@@ -257,7 +257,7 @@
 								      <td><s:checkbox name="storkconfig.cpepslist[%{#stat.index}].supportsXMLSignature" value="%{supportsXMLSignature}" /></td>
 								      <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr>
 								</s:iterator>
-                                <s:if test="%{storkconfig.cpepslist == null}">
+                     						<s:if test="%{storkconfig.cpepslist == null || storkconfig.cpepslist.isEmpty}">
                                     <tr><td><s:textfield name="storkconfig.cpepslist[0].countryCode" value="CC" cssClass="textfield_short"/></td>
                                         <td><s:textfield name="storkconfig.cpepslist[0].URL" value="http://" cssClass="textfield_long"/></td>
                                         <td><input type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td></tr>
-- 
cgit v1.2.3


From 62b8a5dd94c29c8bd551dfb86c390e1dd992c7bc Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 10 Jul 2014 12:56:17 +0200
Subject: set default TrustManagerRevocationCheck value

---
 .../egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java   | 3 +--
 .../java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java | 2 +-
 .../egovernment/moa/id/config/auth/AuthConfigurationProvider.java   | 6 +++---
 .../gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java  | 2 ++
 4 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index f29780f05..681641834 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -159,8 +159,7 @@ public class GeneralMOAIDConfig {
 				if (authgen != null) {
 					alternativeSourceID = authgen.getAlternativeSourceID();
 					certStoreDirectory = authgen.getCertStoreDirectory();
-					if (authgen.isTrustManagerRevocationChecking() != null)
-						trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking();
+					trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking();
 					
 					publicURLPrefix = authgen.getPublicURLPreFix();
 					
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
index 24def1e02..88ed7885f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
@@ -124,7 +124,7 @@ public class ConfigurationProvider {
 
 	protected String certstoreDirectory;
 	
-	protected boolean trustmanagerrevoationchecking = true;
+	protected boolean trustmanagerrevoationchecking;
 	
 	/**
 		 * Returns the main configuration file directory used to configure MOA-ID
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index ccf390153..6fc1d28c1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -1038,11 +1038,11 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
   private void setTrustManagerRevocationChecking() throws ConfigurationException {
 	  AuthComponentGeneral auth = getAuthComponentGeneral();
 	  
-	  if (auth.getGeneralConfiguration() != null &&
-			  auth.getGeneralConfiguration().isTrustManagerRevocationChecking() != null)		  
+	  if (auth.getGeneralConfiguration() != null)		  
 		  trustmanagerrevoationchecking = auth.getGeneralConfiguration().isTrustManagerRevocationChecking();
 	  else {
-		  Logger.warn("No info found in MOA-ID Configuration. Set TrustManagerRevocationCheck to TRUE.");
+		  Logger.warn("Error in MOA-ID Configuration. No CertStoreDirectory defined.");
+		  throw new ConfigurationException("config.02", null);
 	  } 
   }
   
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 864be253a..9067d8fc4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -155,6 +155,8 @@ public class BuildFromLegacyConfig {
 	    	if (genericConfiguration.containsKey(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY))
 	    		authGeneral.setCertStoreDirectory(
 	    				(String)genericConfiguration.get(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY));
+	    	else
+	    		authGeneral.setTrustManagerRevocationChecking(true);
 	    		
 	    	
 	    	//Load Assertion and Session timeouts
-- 
cgit v1.2.3


From 7212f4902eb4c2b3cf8026075ee04dd4506965ce Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 10 Jul 2014 13:45:12 +0200
Subject: update SAML1 attribute builder for STORK2 attributes

---
 .../moa/id/auth/builder/AuthenticationAssertionBuilder.java      | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
index 35109dfea..89f42ab7d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
@@ -92,6 +92,15 @@ public class AuthenticationAssertionBuilder {
         String namespace = extendedSAMLAttribute.getNameSpace();
         if (value instanceof String) {
           sb.append(MessageFormat.format( SAML_ATTRIBUTE, new Object[] {name, namespace, value}));
+          
+        } else if (value instanceof List<?>) {
+        	if (!((List<?>)value).isEmpty()) {
+        		Object firstEl = ((List<?>)value).get(0);
+        		if (firstEl instanceof String) {
+        			sb.append(MessageFormat.format( SAML_ATTRIBUTE, new Object[] {name, namespace, ((String)firstEl)}));
+        		}
+        	}
+        	        	
         } else if (value instanceof Element) {
           try {
             String serializedValue = DOMUtils.serializeNode((Element)(value));
-- 
cgit v1.2.3


From 1e368ef5077cbc7ebacf2a0034de23c027e93eb3 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 11 Jul 2014 09:03:40 +0200
Subject: update general configuration DB representation

---
 .../struts/action/EditGeneralConfigAction.java     | 52 ++++++++++++++++------
 1 file changed, 38 insertions(+), 14 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
index 0f1673c3a..32ffd2ba3 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java
@@ -308,14 +308,36 @@ public class EditGeneralConfigAction extends BasicAction {
 			legprot = new LegacyAllowed();
 			dbprotocols.setLegacyAllowed(legprot);
 		}
-				
-		List<String> el = new ArrayList<String>();
-		if (moaconfig.isLegacy_pvp2())
-			el.add(Constants.MOA_CONFIG_PROTOCOL_PVP2);
-		if (moaconfig.isLegacy_saml1())
-			el.add(Constants.MOA_CONFIG_PROTOCOL_SAML1);
-		legprot.setProtocolName(el);
 		
+		List<String> el = legprot.getProtocolName();
+		if (el == null) {
+			el = new ArrayList<String>();
+			legprot.setProtocolName(el);
+			
+		}
+
+		//Workaround for DB cleaning is only needed for one or the releases (insert in 2.1.1) 
+		if (el.size() > 2)
+			el.clear();
+		
+		if (el.contains(Constants.MOA_CONFIG_PROTOCOL_PVP2)) {		
+			if (!moaconfig.isLegacy_pvp2())
+				el.remove(Constants.MOA_CONFIG_PROTOCOL_PVP2);
+			
+		} else {
+			if (moaconfig.isLegacy_pvp2())
+				el.add(Constants.MOA_CONFIG_PROTOCOL_PVP2);
+		}
+		
+		if (el.contains(Constants.MOA_CONFIG_PROTOCOL_SAML1)) {		
+			if (!moaconfig.isLegacy_saml1())
+				el.remove(Constants.MOA_CONFIG_PROTOCOL_SAML1);
+			
+		} else {
+			if (moaconfig.isLegacy_saml1())
+				el.add(Constants.MOA_CONFIG_PROTOCOL_SAML1);
+		}
+				
 		SAML1 saml1= dbprotocols.getSAML1();
 		if (saml1 == null) {
 			saml1 = new SAML1();
@@ -385,15 +407,17 @@ public class EditGeneralConfigAction extends BasicAction {
 			cont.setGivenName(StringHelper.getUTF8String(
 					moaconfig.getPvp2Contact().getGivenname()));
 		
-		//TODO: change to list if required
-		if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getMail()))
+		if (cont.getMail() != null && cont.getMail().size() > 0)
+			cont.getMail().set(0, moaconfig.getPvp2Contact().getMail());			
+		else
 			cont.setMail(Arrays.asList(moaconfig.getPvp2Contact().getMail()));
-		if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getPhone()))
+			
+		if (cont.getPhone() != null && cont.getPhone().size() > 0)
+			cont.getPhone().set(0, moaconfig.getPvp2Contact().getPhone());			
+		else
 			cont.setPhone(Arrays.asList(moaconfig.getPvp2Contact().getPhone()));
-		
-		if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getSurname()))
-			cont.setSurName(StringHelper.getUTF8String(
-					moaconfig.getPvp2Contact().getSurname()));
+			
+		cont.setSurName(StringHelper.getUTF8String(moaconfig.getPvp2Contact().getSurname()));
 		if (MiscUtil.isNotEmpty(moaconfig.getPvp2Contact().getType()))
 			cont.setType(moaconfig.getPvp2Contact().getType());
 		
-- 
cgit v1.2.3


From c599f3bdc249c9b5bfcfcdc2a3e290734077aa8c Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 11 Jul 2014 09:58:46 +0200
Subject: remove unused class

---
 .../moa/id/protocols/pvp2x/PVPProcessor.java       | 34 ----------------------
 1 file changed, 34 deletions(-)
 delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPProcessor.java

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPProcessor.java
deleted file mode 100644
index 7509c51d8..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPProcessor.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.gv.egovernment.moa.id.protocols.pvp2x;
-
-import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
-
-public class PVPProcessor extends AuthServlet {
-
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = 4102075202310068260L;
-
-}
-- 
cgit v1.2.3


From ecbe783def54f0548c67290065dbd2047d1ea375 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 14 Jul 2014 08:56:00 +0200
Subject: load default value if no configuration is found

---
 .../gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
index 681641834..f29780f05 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralMOAIDConfig.java
@@ -159,7 +159,8 @@ public class GeneralMOAIDConfig {
 				if (authgen != null) {
 					alternativeSourceID = authgen.getAlternativeSourceID();
 					certStoreDirectory = authgen.getCertStoreDirectory();
-					trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking();
+					if (authgen.isTrustManagerRevocationChecking() != null)
+						trustmanagerrevocationcheck = authgen.isTrustManagerRevocationChecking();
 					
 					publicURLPrefix = authgen.getPublicURLPreFix();
 					
-- 
cgit v1.2.3


From 6fbab2eede4c6cf54d2b6f34fcccc246d5183667 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 14 Jul 2014 12:00:24 +0200
Subject: add requested PVP2.1 attributes

---
 .../at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java   | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
index 18c91cfdc..eecb691c0 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
@@ -70,7 +70,9 @@ public class AttributeListBuilder implements PVPConstants{
 		requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_BIRTHDATE_NAME, MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME, false));
 		requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_BPK_NAME, MANDATE_NAT_PER_BPK_FRIENDLY_NAME, false));
 		requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_FAMILY_NAME_NAME, MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME, false));
-		requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_GIVEN_NAME_NAME, MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_GIVEN_NAME_NAME, MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME, false));		
+		requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_SOURCE_PIN_NAME, MANDATE_NAT_PER_SOURCE_PIN_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(MANDATE_NAT_PER_SOURCE_PIN_TYPE_NAME, MANDATE_NAT_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME, false));
 		
 		requestedAttributes.add(buildReqAttribute(MANDATE_REFERENCE_VALUE_NAME, MANDATE_REFERENCE_VALUE_FRIENDLY_NAME, false));
 		requestedAttributes.add(buildReqAttribute(MANDATE_PROF_REP_OID_NAME, MANDATE_PROF_REP_OID_FRIENDLY_NAME, false));
-- 
cgit v1.2.3


From 92db89befcaa7bb0a94bc9488574fe108e0202f5 Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Mon, 14 Jul 2014 14:04:03 +0200
Subject: SignedDocAttrributeProvider - check if attribute is accessable

---
 .../attributeproviders/SignedDocAttributeRequestProvider.java     | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java
index 2aa10b9dd..13b14b0be 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java
@@ -131,6 +131,14 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider {
 		}
 		
 		requestedAttribute = attribute;
+		try
+		{
+			 String tmp = requestedAttribute.getValue().get(0);
+		}catch(Exception e)
+		{
+			Logger.info("SignedDocAttributeProvide failed:"+e.toString());
+			throw new UnsupportedAttributeException();
+		}
 
 		throw new ExternalAttributeRequestRequiredException(this);
 	}
-- 
cgit v1.2.3


From a2b550988cf86a41be95ff9ad50e62d2adf7ce1c Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Mon, 14 Jul 2014 14:05:50 +0200
Subject: do not send empty PEPSData

---
 .../moa/id/auth/AuthenticationServer.java          | 3604 ++++++++++----------
 1 file changed, 1804 insertions(+), 1800 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 8d2684c9b..33fed945b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -156,1434 +156,1434 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException;
  */
 public class AuthenticationServer implements MOAIDAuthConstants {
 
-    /**
-     * single instance
-     */
-    private static AuthenticationServer instance;
-
-    /**
-     * time out in milliseconds used by {@link cleanup} for session store
-     */
-    private long sessionTimeOutCreated = 15 * 60 * 1000; // default 10 minutes
-    private long sessionTimeOutUpdated = 10 * 60 * 1000; // default 10 minutes
-    /**
-     * time out in milliseconds used by {@link cleanup} for authentication data
-     * store
-     */
-    private long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes
-
-    /**
-     * Returns the single instance of <code>AuthenticationServer</code>.
-     *
-     * @return the single instance of <code>AuthenticationServer</code>
-     */
-    public static AuthenticationServer getInstance() {
-        if (instance == null)
-            instance = new AuthenticationServer();
-        return instance;
-    }
-
-    /**
-     * Constructor for AuthenticationServer.
-     */
-    public AuthenticationServer() {
-        super();
-    }
-
-
-    /**
-     * Processes the beginning of an authentication session.
-     * <ul>
-     * <li>Starts an authentication session</li>
-     * <li>Creates an <code>&lt;InfoboxReadRequest&gt;</code></li>
-     * <li>Creates an HTML form for querying the identity link from the security
-     * layer implementation. <br>
-     * Form parameters include
-     * <ul>
-     * <li>the <code>&lt;InfoboxReadRequest&gt;</code></li>
-     * <li>the data URL where the security layer implementation sends it
-     * response to</li>
-     * </ul>
-     * </ul>
-     *
-     * @param authURL            URL of the servlet to be used as data URL
-     * @param target             "Gesch&auml;ftsbereich" of the online application requested
-     * @param targetFriendlyName Friendly name of the target if the target is configured via
-     *                           configuration
-     * @param oaURL              online application URL requested
-     * @param bkuURL             URL of the "B&uuml;rgerkartenumgebung" to be used; may be
-     *                           <code>null</code>; in this case, the default location will be
-     *                           used
-     * @param useMandate         Indicates if mandate is used or not
-     * @param templateURL        URL providing an HTML template for the HTML form generated
-     * @param templateMandteURL  URL providing an HTML template for the HTML form generated
-     *                           (for signing in mandates mode)
-     * @param req                determines the protocol used
-     * @param sourceID
-     * @return HTML form
-     * @throws AuthenticationException
-     * @see GetIdentityLinkFormBuilder
-     * @see InfoboxReadRequestBuilder
-     */
-    public String startAuthentication(AuthenticationSession session, HttpServletRequest req) throws WrongParametersException,
-            AuthenticationException, ConfigurationException, BuildException {
-
-        if (session == null) {
-            throw new AuthenticationException("auth.18", new Object[]{});
-        }
-
-        //load OnlineApplication configuration
-        OAAuthParameter oaParam =
-                AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-        if (oaParam == null)
-            throw new AuthenticationException("auth.00", new Object[]{session.getPublicOAURLPrefix()});
-
-        //load Template
-        String template = null;
-        if (session.getTemplateURL() != null) {
-            try {
-
-                template = new String(FileUtils.readURL(session.getTemplateURL()));
-            } catch (IOException ex) {
-                throw new AuthenticationException("auth.03", new Object[]{
-                        session.getTemplateURL(), ex.toString()}, ex);
-            }
-        }
-
-        String infoboxReadRequest = "";
-
-        String domainIdentifier = AuthConfigurationProvider.getInstance().getSSOTagetIdentifier().trim();
-        if (MiscUtil.isEmpty(domainIdentifier) && session.isSsoRequested()) {
-            //do not use SSO if no Target is set
-            Log.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!");
-            session.setSsoRequested(false);
-
-        }
-
-        if (session.isSsoRequested()) {
-            Log.info("SSO Login requested");
-            //load identityLink with SSO Target
-            boolean isbuisness = false;
-
-            if (domainIdentifier.startsWith(PREFIX_WPBK)) {
-
-                isbuisness = true;
-
-            } else {
-                isbuisness = false;
-
-            }
-
-            //build ReadInfobox request
-            infoboxReadRequest = new InfoboxReadRequestBuilder().build(
-                    isbuisness, domainIdentifier);
-
-        } else {
-            Log.info("Non-SSO Login requested");
-                //build ReadInfobox request
-                infoboxReadRequest = new InfoboxReadRequestBuilder().build(
-                        oaParam.getBusinessService(), oaParam
-                        .getIdentityLinkDomainIdentifier());
-
-        }
-
-
-        String dataURL = new DataURLBuilder().buildDataURL(
-                session.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, session
-                .getSessionID());
-
-        //removed in MOAID 2.0
-        String pushInfobox = "";
-
-//		VerifyInfoboxParameters verifyInfoboxParameters = oaParam
-//				.getVerifyInfoboxParameters();
-//		if (verifyInfoboxParameters != null) {
-//			pushInfobox = verifyInfoboxParameters.getPushInfobox();
-//			session.setPushInfobox(pushInfobox);
-//		}
+	/**
+	 * single instance
+	 */
+	private static AuthenticationServer instance;
+
+	/**
+	 * time out in milliseconds used by {@link cleanup} for session store
+	 */
+	private long sessionTimeOutCreated = 15 * 60 * 1000; // default 10 minutes
+	private long sessionTimeOutUpdated = 10 * 60 * 1000; // default 10 minutes
+	/**
+	 * time out in milliseconds used by {@link cleanup} for authentication data
+	 * store
+	 */
+	private long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes
+
+	/**
+	 * Returns the single instance of <code>AuthenticationServer</code>.
+	 *
+	 * @return the single instance of <code>AuthenticationServer</code>
+	 */
+	public static AuthenticationServer getInstance() {
+		if (instance == null)
+			instance = new AuthenticationServer();
+		return instance;
+	}
+
+	/**
+	 * Constructor for AuthenticationServer.
+	 */
+	public AuthenticationServer() {
+		super();
+	}
+
+
+	/**
+	 * Processes the beginning of an authentication session.
+	 * <ul>
+	 * <li>Starts an authentication session</li>
+	 * <li>Creates an <code>&lt;InfoboxReadRequest&gt;</code></li>
+	 * <li>Creates an HTML form for querying the identity link from the security
+	 * layer implementation. <br>
+	 * Form parameters include
+	 * <ul>
+	 * <li>the <code>&lt;InfoboxReadRequest&gt;</code></li>
+	 * <li>the data URL where the security layer implementation sends it
+	 * response to</li>
+	 * </ul>
+	 * </ul>
+	 *
+	 * @param authURL            URL of the servlet to be used as data URL
+	 * @param target             "Gesch&auml;ftsbereich" of the online application requested
+	 * @param targetFriendlyName Friendly name of the target if the target is configured via
+	 *                           configuration
+	 * @param oaURL              online application URL requested
+	 * @param bkuURL             URL of the "B&uuml;rgerkartenumgebung" to be used; may be
+	 *                           <code>null</code>; in this case, the default location will be
+	 *                           used
+	 * @param useMandate         Indicates if mandate is used or not
+	 * @param templateURL        URL providing an HTML template for the HTML form generated
+	 * @param templateMandteURL  URL providing an HTML template for the HTML form generated
+	 *                           (for signing in mandates mode)
+	 * @param req                determines the protocol used
+	 * @param sourceID
+	 * @return HTML form
+	 * @throws AuthenticationException
+	 * @see GetIdentityLinkFormBuilder
+	 * @see InfoboxReadRequestBuilder
+	 */
+	public String startAuthentication(AuthenticationSession session, HttpServletRequest req) throws WrongParametersException,
+	AuthenticationException, ConfigurationException, BuildException {
+
+		if (session == null) {
+			throw new AuthenticationException("auth.18", new Object[]{});
+		}
+
+		//load OnlineApplication configuration
+		OAAuthParameter oaParam =
+				AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+		if (oaParam == null)
+			throw new AuthenticationException("auth.00", new Object[]{session.getPublicOAURLPrefix()});
+
+		//load Template
+		String template = null;
+		if (session.getTemplateURL() != null) {
+			try {
+
+				template = new String(FileUtils.readURL(session.getTemplateURL()));
+			} catch (IOException ex) {
+				throw new AuthenticationException("auth.03", new Object[]{
+						session.getTemplateURL(), ex.toString()}, ex);
+			}
+		}
+
+		String infoboxReadRequest = "";
+
+		String domainIdentifier = AuthConfigurationProvider.getInstance().getSSOTagetIdentifier().trim();
+		if (MiscUtil.isEmpty(domainIdentifier) && session.isSsoRequested()) {
+			//do not use SSO if no Target is set
+			Log.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!");
+			session.setSsoRequested(false);
+
+		}
+
+		if (session.isSsoRequested()) {
+			Log.info("SSO Login requested");
+			//load identityLink with SSO Target
+			boolean isbuisness = false;
+
+			if (domainIdentifier.startsWith(PREFIX_WPBK)) {
+
+				isbuisness = true;
+
+			} else {
+				isbuisness = false;
+
+			}
+
+			//build ReadInfobox request
+			infoboxReadRequest = new InfoboxReadRequestBuilder().build(
+					isbuisness, domainIdentifier);
+
+		} else {
+			Log.info("Non-SSO Login requested");
+			//build ReadInfobox request
+			infoboxReadRequest = new InfoboxReadRequestBuilder().build(
+					oaParam.getBusinessService(), oaParam
+					.getIdentityLinkDomainIdentifier());
+
+		}
+
+
+		String dataURL = new DataURLBuilder().buildDataURL(
+				session.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, session
+				.getSessionID());
+
+		//removed in MOAID 2.0
+		String pushInfobox = "";
+
+		//		VerifyInfoboxParameters verifyInfoboxParameters = oaParam
+		//				.getVerifyInfoboxParameters();
+		//		if (verifyInfoboxParameters != null) {
+		//			pushInfobox = verifyInfoboxParameters.getPushInfobox();
+		//			session.setPushInfobox(pushInfobox);
+		//		}
 
 		//build CertInfo request
 		//removed in MOA-ID 2.0
-//		String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder()
-//				.build();
-//		String certInfoDataURL = new DataURLBuilder()
-//				.buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION,
-//						session.getSessionID());
-
-        //get Applet Parameters
-        String appletwidth = req.getParameter(PARAM_APPLET_WIDTH);
-        String appletheigth = req.getParameter(PARAM_APPLET_HEIGTH);
-        appletheigth = StringEscapeUtils.escapeHtml(appletheigth);
-        appletwidth = StringEscapeUtils.escapeHtml(appletwidth);
-
-    	
-    	//TODO: cleanup before MOA-ID 2.1 release
-        try {
-        	String htmlForm = new GetIdentityLinkFormBuilder().build(template,
-        			session.getBkuURL(), infoboxReadRequest, dataURL, null,
-        			null, pushInfobox, oaParam, appletheigth, appletwidth);
-        	
-        	   return htmlForm;
-               	
-        } catch (BuildException e) {
-        	throw new BuildException("builder.07", null, e);
-        	
-        }     
-    }
-
-    /**
-     * Processes an <code>&lt;InfoboxReadResponse&gt;</code> sent by the
-     * security layer implementation.<br>
-     * <ul>
-     * <li>Validates given <code>&lt;InfoboxReadResponse&gt;</code></li>
-     * <li>Parses identity link enclosed in
-     * <code>&lt;InfoboxReadResponse&gt;</code></li>
-     * <li>Verifies identity link by calling the MOA SP component</li>
-     * <li>Checks certificate authority of identity link</li>
-     * <li>Stores identity link in the session</li>
-     * <li>Verifies all additional infoboxes returned from the BKU</li>
-     * <li>Creates an authentication block to be signed by the user</li>
-     * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
-     * containg the authentication block, meant to be returned to the security
-     * layer implementation</li>
-     * </ul>
-     *
-     * @param sessionID                     ID of associated authentication session data
-     * @param infoboxReadResponseParameters The parameters from the response returned from the BKU
-     *                                      including the <code>&lt;InfoboxReadResponse&gt;</code>
-     * @return String representation of the
-     * <code>&lt;CreateXMLSignatureRequest&gt;</code>
-     * @throws BKUException
-     */
-    public String verifyIdentityLink(AuthenticationSession session,
-                                     Map<String, String> infoboxReadResponseParameters) throws AuthenticationException,
-            BuildException, ParseException, ConfigurationException,
-            ValidateException, ServiceException, BKUException {
-
-        if (session == null)
-            throw new AuthenticationException("auth.10", new Object[]{
-                    REQ_VERIFY_IDENTITY_LINK, PARAM_SESSIONID});
-
-        String xmlInfoboxReadResponse = (String) infoboxReadResponseParameters
-                .get(PARAM_XMLRESPONSE);
-
-        if (isEmpty(xmlInfoboxReadResponse))
-            throw new AuthenticationException("auth.10", new Object[]{
-                    REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE});
-
-        AuthConfigurationProvider authConf = AuthConfigurationProvider
-                .getInstance();
-
-        // check if an identity link was found
-        // Errorcode 2911 von Trustdesk BKU (nicht spezifikationskonform
-        // (SL1.2))
-        // CharSequence se = "ErrorCode>2911".substring(0);
-        // boolean b = xmlInfoboxReadResponse.contains(se);
-        String se = "ErrorCode>2911";
-        int b = xmlInfoboxReadResponse.indexOf(se);
-        if (b != -1) { // no identity link found
-            Logger
-                    .info("Es konnte keine Personenbindung auf der Karte gefunden werden. Versuche Anmeldung als auslaendische eID.");
-            return null;
-        }
-        // spezifikationsgemaess (SL1.2) Errorcode
-        se = "ErrorCode>4002";
-        // b = xmlInfoboxReadResponse.contains(se);
-        b = xmlInfoboxReadResponse.indexOf(se);
-        if (b != -1) { // Unbekannter Infoboxbezeichner
-            Logger
-                    .info("Unbekannter Infoboxbezeichner. Versuche Anmeldung als auslaendische eID.");
-            return null;
-        }
-
-        // parses the <InfoboxReadResponse>
-        IdentityLink identityLink = new InfoboxReadResponseParser(
-                xmlInfoboxReadResponse).parseIdentityLink();
-        // validates the identity link
-        IdentityLinkValidator.getInstance().validate(identityLink);
-        // builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
-        Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
-                .build(identityLink, authConf
-                        .getMoaSpIdentityLinkTrustProfileID());
-
-        // invokes the call
-        Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
-                .verifyXMLSignature(domVerifyXMLSignatureRequest);
-        // parses the <VerifyXMLSignatureResponse>
-        VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
-                domVerifyXMLSignatureResponse).parseData();
-
-        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-                .getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-
-        // validates the <VerifyXMLSignatureResponse>
-        VerifyXMLSignatureResponseValidator.getInstance().validate(
-                verifyXMLSignatureResponse,
-                authConf.getIdentityLinkX509SubjectNames(),
-                VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK,
-                oaParam);
-
-        session.setIdentityLink(identityLink);
-        // now validate the extended infoboxes
-
-        //Removed in MOA-ID 2.0
-        //verifyInfoboxes(session, infoboxReadResponseParameters, false);
-
-        return "found!";
-    }
-
-    /**
-     * Processes an <code>&lt;InfoboxReadResponse&gt;</code> sent by the
-     * security layer implementation.<br>
-     * <ul>
-     * <li>Validates given <code>&lt;InfoboxReadResponse&gt;</code></li>
-     * <li>Parses identity link enclosed in
-     * <code>&lt;InfoboxReadResponse&gt;</code></li>
-     * <li>Verifies identity link by calling the MOA SP component</li>
-     * <li>Checks certificate authority of identity link</li>
-     * <li>Stores identity link in the session</li>
-     * <li>Verifies all additional infoboxes returned from the BKU</li>
-     * <li>Creates an authentication block to be signed by the user</li>
-     * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
-     * containg the authentication block, meant to be returned to the security
-     * layer implementation</li>
-     * </ul>
-     *
-     * @param sessionID                     ID of associated authentication session data
-     * @param infoboxReadResponseParameters The parameters from the response returned from the BKU
-     *                                      including the <code>&lt;InfoboxReadResponse&gt;</code>
-     * @return String representation of the
-     * <code>&lt;CreateXMLSignatureRequest&gt;</code>
-     */
-    public String verifyCertificate(AuthenticationSession session,
-                                    X509Certificate certificate) throws AuthenticationException,
-            BuildException, ParseException, ConfigurationException,
-            ValidateException, ServiceException, MOAIDException {
-
-        if (session == null)
-            throw new AuthenticationException("auth.10", new Object[]{
-                    REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID});
-
-        // check if person is a Organwalter
-        // if true - don't show bPK in AUTH Block
-        try {
-            for (ObjectID OWid : MOAIDAuthConstants.OW_LIST) {
-                if (certificate.getExtension(OWid) != null) {
-                    session.setOW(true);
-                }
-
-            }
-
-        } catch (X509ExtensionInitException e) {
-            Logger.warn("Certificate extension is not readable.");
-            session.setOW(false);
-        }
-
-        AuthConfigurationProvider authConf = AuthConfigurationProvider
-                .getInstance();
-
-        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-                .getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-
-        String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session,
-                authConf, oaParam);
-
-        return returnvalue;
-    }
-
-    /**
-     * Processes an <code>Mandate</code> sent by the MIS.<br>
-     * <ul>
-     * <li>Validates given <code>Mandate</code></li>
-     * <li>Verifies Mandate by calling the MOA SP component</li>
-     * <li>Creates an authentication block to be signed by the user</li>
-     * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
-     * containg the authentication block, meant to be returned to the security
-     * layer implementation</li>
-     * </ul>
-     *
-     * @param sessionID                     ID of associated authentication session data
-     * @param infoboxReadResponseParameters The parameters from the response returned from the BKU
-     *                                      including the <code>&lt;InfoboxReadResponse&gt;</code>
-     * @return String representation of the
-     * <code>&lt;CreateXMLSignatureRequest&gt;</code>
-     */
-    public void verifyMandate(AuthenticationSession session, MISMandate mandate)
-            throws AuthenticationException, BuildException, ParseException,
-            ConfigurationException, ValidateException, ServiceException {
-
-        if (session == null)
-            throw new AuthenticationException("auth.10", new Object[]{
-                    GET_MIS_SESSIONID, PARAM_SESSIONID});
-
-        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-                .getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-
-        try {
-            // sets the extended SAML attributes for OID (Organwalter)
-            setExtendedSAMLAttributeForMandatesOID(session, mandate, oaParam
-                    .getBusinessService());
-
-            validateExtendedSAMLAttributeForMandates(session, mandate, oaParam.getBusinessService());
-
-
-        } catch (SAXException e) {
-            throw new AuthenticationException("auth.15",
-                    new Object[]{GET_MIS_SESSIONID}, e);
-        } catch (IOException e) {
-            throw new AuthenticationException("auth.15",
-                    new Object[]{GET_MIS_SESSIONID}, e);
-        } catch (ParserConfigurationException e) {
-            throw new AuthenticationException("auth.15",
-                    new Object[]{GET_MIS_SESSIONID}, e);
-        } catch (TransformerException e) {
-            throw new AuthenticationException("auth.15",
-                    new Object[]{GET_MIS_SESSIONID}, e);
-        }
-
-    }
-
-    /**
-     * @param session
-     * @param authConf
-     * @param oaParam
-     * @return
-     * @throws ConfigurationException
-     * @throws BuildException
-     * @throws ValidateException
-     */
-    public String getCreateXMLSignatureRequestAuthBlockOrRedirect(
-            AuthenticationSession session, AuthConfigurationProvider authConf,
-            OAAuthParameter oaParam) throws ConfigurationException,
-            BuildException, ValidateException {
-
-//        // check for intermediate processing of the infoboxes
-//        if (session.isValidatorInputPending())
-//            return "Redirect to Input Processor";
-
-        if (authConf == null)
-            authConf = AuthConfigurationProvider.getInstance();
-        if (oaParam == null)
-            oaParam = AuthConfigurationProvider.getInstance()
-                    .getOnlineApplicationParameter(
-                            session.getPublicOAURLPrefix());
-
-        // builds the AUTH-block
-        String authBlock = buildAuthenticationBlock(session, oaParam);
-
-        // builds the <CreateXMLSignatureRequest>
-        List<String> transformsInfos = authConf.getTransformsInfos();
-        
-        String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder()
-                .build(authBlock, oaParam.getKeyBoxIdentifier(),
-                        transformsInfos);
-        return createXMLSignatureRequest;
-    }
-
-    /**
-     * Returns an CreateXMLSignatureRequest for signing the ERnP statement.<br>
-     * <ul>
-     * <li>Creates an CreateXMLSignatureRequest to be signed by the user</li>
-     * </ul>
-     *
-     * @param sessionID ID of associated authentication session data
-     * @param cert      The certificate from the user
-     * @return String representation of the
-     * <code>&lt;CreateXMLSignatureRequest&gt;</code>
-     */
-    public String createXMLSignatureRequestForeignID(AuthenticationSession session,
-                                                     X509Certificate cert) throws AuthenticationException,
-            BuildException, ParseException, ConfigurationException,
-            ValidateException, ServiceException {
-
-        if (session == null)
-            throw new AuthenticationException("auth.10", new Object[]{
-                    REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID});
-
-        AuthConfigurationProvider authConf = AuthConfigurationProvider
-                .getInstance();
-
-        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-                .getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-
-        return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam,
-                cert);
-    }
-
-    public String getCreateXMLSignatureRequestForeigID(
-            AuthenticationSession session, AuthConfigurationProvider authConf,
-            OAAuthParameter oaParam, X509Certificate cert)
-            throws ConfigurationException {
-
-//        // check for intermediate processing of the infoboxes
-//        if (session.isValidatorInputPending())
-//            return "Redirect to Input Processor";
-
-        if (authConf == null)
-            authConf = AuthConfigurationProvider.getInstance();
-        if (oaParam == null)
-            oaParam = AuthConfigurationProvider.getInstance()
-                    .getOnlineApplicationParameter(
-                            session.getPublicOAURLPrefix());
-
-        Principal subject = cert.getSubjectDN();
-
-        String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder()
-                .buildForeignID(subject.toString(), oaParam, session);
-        return createXMLSignatureRequest;
-    }
-
-    /**
-     * Processes an <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
-     * security layer implementation.<br>
-     * <ul>
-     * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-     * <li>Parses response enclosed in
-     * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-     * <li>Verifies signature by calling the MOA SP component</li>
-     * <li>Returns the signer certificate</li>
-     * </ul>
-     *
-     * @param sessionID                            ID of associated authentication session data
-     * @param createXMLSignatureResponseParameters The parameters from the response returned from the BKU
-     *                                             including the <code>&lt;CreateXMLSignatureResponse&gt;</code>
-     * @throws BKUException
-     */
-    public X509Certificate verifyXMLSignature(String sessionID,
-                                              Map<String, String> createXMLSignatureResponseParameters)
-            throws AuthenticationException, BuildException, ParseException,
-            ConfigurationException, ValidateException, ServiceException, BKUException {
-
-        if (isEmpty(sessionID))
-            throw new AuthenticationException("auth.10", new Object[]{
-                    REQ_GET_FOREIGN_ID, PARAM_SESSIONID});
-
-        String xmlCreateXMLSignatureResponse = (String) createXMLSignatureResponseParameters
-                .get(PARAM_XMLRESPONSE);
-
-        if (isEmpty(xmlCreateXMLSignatureResponse))
-            throw new AuthenticationException("auth.10", new Object[]{
-                    REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE});
-
-        AuthConfigurationProvider authConf = AuthConfigurationProvider
-                .getInstance();
-
-        // parses the <CreateXMLSignatureResponse>
-        CreateXMLSignatureResponseParser p = new CreateXMLSignatureResponseParser(
-                xmlCreateXMLSignatureResponse);
-        CreateXMLSignatureResponse createXMLSignatureResponse = p
-                .parseResponseDsig();
-
-        // builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
-        Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
-                .buildDsig(createXMLSignatureResponse, authConf
-                        .getMoaSpAuthBlockTrustProfileID());
-
-        // invokes the call
-        Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
-                .verifyXMLSignature(domVerifyXMLSignatureRequest);
-
-        // parses the <VerifyXMLSignatureResponse>
-        VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
-                domVerifyXMLSignatureResponse).parseData();
-
-        return verifyXMLSignatureResponse.getX509certificate();
-
-    }
-
-    /**
-     * Processes an <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
-     * security layer implementation.<br>
-     * <ul>
-     * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-     * <li>Parses response enclosed in
-     * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-     * <li>Verifies signature by calling the MOA SP component</li>
-     * <li>Returns the signer certificate</li>
-     * </ul>
-     *
-     * @param sessionID                     ID of associated authentication session data
-     * @param readInfoboxResponseParameters The parameters from the response returned from the BKU
-     *                                      including the <code>&lt;ReadInfoboxResponse&gt;</code>
-     * @throws BKUException
-     */
-    public X509Certificate getCertificate(String sessionID,
-                                          Map<String, String> readInfoboxResponseParameters) throws AuthenticationException,
-            BuildException, ParseException, ConfigurationException,
-            ValidateException, ServiceException, BKUException {
-
-        if (isEmpty(sessionID))
-            throw new AuthenticationException("auth.10", new Object[]{
-                    REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID});
-
-        String xmlReadInfoboxResponse = (String) readInfoboxResponseParameters
-                .get(PARAM_XMLRESPONSE);
-
-        if (isEmpty(xmlReadInfoboxResponse))
-            throw new AuthenticationException("auth.10", new Object[]{
-                    REQ_VERIFY_CERTIFICATE, PARAM_XMLRESPONSE});
-
-        // parses the <CreateXMLSignatureResponse>
-        InfoboxReadResponseParser p = new InfoboxReadResponseParser(
-                xmlReadInfoboxResponse);
-        X509Certificate cert = p.parseCertificate();
-
-        return cert;
-
-    }
-
-    /**
-     * Builds an authentication block <code>&lt;saml:Assertion&gt;</code> from
-     * given session data.
-     *
-     * @param session authentication session
-     * @return <code>&lt;saml:Assertion&gt;</code> as a String
-     * @throws BuildException If an error occurs on serializing an extended SAML attribute
-     *                        to be appended to the AUTH-Block.
-     */
-    private String buildAuthenticationBlock(AuthenticationSession session,
-                                            OAAuthParameter oaParam) throws BuildException {
-
-        IdentityLink identityLink = session.getIdentityLink();
-        String issuer = identityLink.getName();
-        String gebDat = identityLink.getDateOfBirth();
-
-        String identificationValue = null;
-        String identificationType = null;
-
-        //set empty AuthBlock BPK in case of OW or SSO or bpk is not requested
-        if (session.isOW() || session.isSsoRequested() || oaParam.isRemovePBKFromAuthBlock()) {
-            identificationType = "";
-            identificationValue = "";
-
-        } else if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
-
-            if (oaParam.getBusinessService()) {
-
-                String bpkBase64 = new BPKBuilder().buildWBPK(identityLink
-                        .getIdentificationValue(), oaParam.getIdentityLinkDomainIdentifier());
-                identificationValue = bpkBase64;
-
-                if (oaParam.getIdentityLinkDomainIdentifier().startsWith(Constants.URN_PREFIX_WBPK + "+"))
-                    identificationType = oaParam.getIdentityLinkDomainIdentifier();
-                else
-                    identificationType = Constants.URN_PREFIX_WBPK + "+" + oaParam.getIdentityLinkDomainIdentifier();
-
-            } else {
-                String bpkBase64 = new BPKBuilder().buildBPK(identityLink
-                        .getIdentificationValue(), session.getTarget());
-                identificationValue = bpkBase64;
-                identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget();
-            }
-
-
-        } else {
-            identificationValue = identityLink.getIdentificationValue();
-            identificationType = identityLink.getIdentificationType();
-
-        }
-
-        String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar
-                .getInstance());
-        session.setIssueInstant(issueInstant);
-        String authURL = session.getAuthURL();
-        String target = session.getTarget();
-        String targetFriendlyName = session.getTargetFriendlyName();
-
-        // Bug #485
-        // (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105)
-        // String oaURL = session.getPublicOAURLPrefix();
-
-        List<ExtendedSAMLAttribute> extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH();
-
-
-        if (session.isSsoRequested()) {
-            String oaURL = new String();
-            try {
-                oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
-
-                if (MiscUtil.isNotEmpty(oaURL))
-                    oaURL = oaURL.replaceAll("&", "&amp;");
-
-            } catch (ConfigurationException e) {
-            }
-            String authBlock = new AuthenticationBlockAssertionBuilder()
-                    .buildAuthBlockSSO(issuer, issueInstant, authURL, target,
-                            targetFriendlyName, identificationValue,
-                            identificationType, oaURL, gebDat,
-                            extendedSAMLAttributes, session, oaParam);
-            return authBlock;
-
-        } else {
-            String oaURL = session.getPublicOAURLPrefix().replaceAll("&", "&amp;");
-            String authBlock = new AuthenticationBlockAssertionBuilder()
-                    .buildAuthBlock(issuer, issueInstant, authURL, target,
-                            targetFriendlyName, identificationValue,
-                            identificationType, oaURL, gebDat,
-                            extendedSAMLAttributes, session, oaParam);
-            return authBlock;
-        }
-    }
-
-
-    /**
-     * Verifies the infoboxes (except of the identity link infobox) returned by
-     * the BKU by calling appropriate validator classes.
-     *
-     * @param session The actual authentication session.
-     * @param mandate The Mandate from the MIS
-     * @throws AuthenticationException
-     * @throws ConfigurationException
-     * @throws TransformerException
-     * @throws ParserConfigurationException
-     * @throws IOException
-     * @throws SAXException
-     */
-    private void validateExtendedSAMLAttributeForMandates(
-            AuthenticationSession session, MISMandate mandate,
-            boolean business)
-            throws ValidateException, ConfigurationException, SAXException,
-            IOException, ParserConfigurationException, TransformerException {
-
-        ExtendedSAMLAttribute[] extendedSAMLAttributes = addExtendedSamlAttributes(
-                mandate, business, false);
-
-        int length = extendedSAMLAttributes.length;
-        for (int i = 0; i < length; i++) {
-            ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i];
-
-            verifySAMLAttribute(samlAttribute, i, "MISService",
-                    "MISService");
-
-        }
-    }
-
-    /**
-     * Verifies the infoboxes (except of the identity link infobox) returned by
-     * the BKU by calling appropriate validator classes.
-     *
-     * @param session The actual authentication session.
-     * @param mandate The Mandate from the MIS
-     * @throws AuthenticationException
-     * @throws ConfigurationException
-     * @throws TransformerException
-     * @throws ParserConfigurationException
-     * @throws IOException
-     * @throws SAXException
-     */
-    private void setExtendedSAMLAttributeForMandatesOID(
-            AuthenticationSession session, MISMandate mandate, boolean business)
-            throws ValidateException, ConfigurationException, SAXException,
-            IOException, ParserConfigurationException, TransformerException {
-
-        ExtendedSAMLAttribute[] extendedSamlAttributes = addExtendedSamlAttributesOID(
-                mandate, business);
-
-        AddAdditionalSAMLAttributes(session, extendedSamlAttributes,
-                "MISService", "MISService");
-
-    }
-
-    /**
-     * Adds given SAML Attributes to the current session. They will be appended
-     * to the final SAML Assertion or the AUTH block. If the attributes are
-     * already in the list, they will be replaced.
-     *
-     * @param session                The current session
-     * @param extendedSAMLAttributes The SAML attributes to add
-     * @param identifier             The infobox identifier for debug purposes
-     * @param friendlyNam            The friendly name of the infobox for debug purposes
-     */
-    private static void AddAdditionalSAMLAttributes(
-            AuthenticationSession session,
-            ExtendedSAMLAttribute[] extendedSAMLAttributes, String identifier,
-            String friendlyName) throws ValidateException {
-        if (extendedSAMLAttributes == null)
-            return;
-        List<ExtendedSAMLAttribute> oaAttributes = session.getExtendedSAMLAttributesOA();
-        if (oaAttributes == null)
-            oaAttributes = new Vector<ExtendedSAMLAttribute>();
-        List<ExtendedSAMLAttribute> authAttributes = session.getExtendedSAMLAttributesAUTH();
-        if (authAttributes == null)
-            authAttributes = new Vector<ExtendedSAMLAttribute>();
-        int length = extendedSAMLAttributes.length;
-        for (int i = 0; i < length; i++) {
-            ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i];
-
-            Object value = verifySAMLAttribute(samlAttribute, i, identifier,
-                    friendlyName);
-
-            if ((value instanceof String) || (value instanceof Element)) {
-                switch (samlAttribute.getAddToAUTHBlock()) {
-                    case ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY:
-                        replaceExtendedSAMLAttribute(authAttributes, samlAttribute);
-                        break;
-                    case ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK:
-                        replaceExtendedSAMLAttribute(authAttributes, samlAttribute);
-                        replaceExtendedSAMLAttribute(oaAttributes, samlAttribute);
-                        break;
-                    case ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK:
-                        replaceExtendedSAMLAttribute(oaAttributes, samlAttribute);
-                        break;
-                    default:
-                        Logger
-                                .info("Invalid return value from method \"getAddToAUTHBlock()\" ("
-                                        + samlAttribute.getAddToAUTHBlock()
-                                        + ") in SAML attribute number "
-                                        + (i + 1)
-                                        + " for infobox " + identifier);
-                        throw new ValidateException("validator.47", new Object[]{
-                                friendlyName, String.valueOf((i + 1))});
-                }
-            } else {
-                Logger
-                        .info("The type of SAML-Attribute number "
-                                + (i + 1)
-                                + " returned from "
-                                + identifier
-                                + "-infobox validator is not valid. Must be either \"java.Lang.String\""
-                                + " or \"org.w3c.dom.Element\"");
-                throw new ValidateException("validator.46", new Object[]{
-                        identifier, String.valueOf((i + 1))});
-            }
-        }
-        session.setExtendedSAMLAttributesAUTH(authAttributes);
-        session.setExtendedSAMLAttributesOA(oaAttributes);
-    }
-
-    /**
-     * Adds the AUTH block related SAML attributes to the validation result.
-     * This is needed always before the AUTH block is to be signed, because the
-     * name of the mandator has to be set
-     *
-     * @throws ParserConfigurationException
-     * @throws IOException
-     * @throws SAXException
-     * @throws TransformerException
-     */
-
-    protected static ExtendedSAMLAttribute[] addExtendedSamlAttributes(
-            MISMandate mandate, boolean business, boolean provideStammzahl)
-            throws SAXException, IOException, ParserConfigurationException,
-            TransformerException {
-        Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>();
-
-        extendedSamlAttributes.clear();
-
-        // Name
-        Element domMandate = mandateToElement(mandate);
-        Element nameSpaceNode = domMandate.getOwnerDocument().createElement(
-                "NameSpaceNode");
-        nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX,
-                Constants.PD_NS_URI);
-        nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX,
-                SZRGWConstants.MANDATE_NS);
-
-        Element mandator = (Element) XPathAPI.selectSingleNode(domMandate,
-                "//md:Mandate/md:Mandator", nameSpaceNode);
-
-        // Mandate
-        extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
-                EXT_SAML_MANDATE_RAW, domMandate,
-                SZRGWConstants.MANDATE_NS,
-                ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
-
-        // (w)bpk
-        String wbpk = ParepUtils.extractMandatorWbpk(mandator);
-        if (!ParepUtils.isEmpty(wbpk)) {
-            if (!ParepUtils.isPhysicalPerson(mandator)) {
-                String idType = ParepUtils
-                        .extractMandatorIdentificationType(mandator);
-                if (!ParepUtils.isEmpty(idType)
-                        && idType.startsWith(Constants.URN_PREFIX_BASEID)) {
-                    extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
-                            EXT_SAML_MANDATE_CB_BASE_ID,
-                            ParepUtils.getRegisterString(idType) + ": " + wbpk,
-                            SZRGWConstants.MANDATE_NS,
-                            ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
-                }
-            } else if (business) {
-                extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
-                        EXT_SAML_MANDATE_WBPK, wbpk,
-                        SZRGWConstants.MANDATE_NS,
-                        ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
-            }
-        }
-
-        ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes
-                .size()];
-        extendedSamlAttributes.copyInto(ret);
-        Logger.debug("ExtendedSAML Attributes: " + ret.length);
-        return ret;
-
-    }
-
-    /**
-     * Adds the AUTH block related SAML attributes to the validation result.
-     * This is needed always before the AUTH block is to be signed, because the
-     * name of the mandator has to be set
-     *
-     * @throws ParserConfigurationException
-     * @throws IOException
-     * @throws SAXException
-     * @throws TransformerException
-     */
-    private static ExtendedSAMLAttribute[] addExtendedSamlAttributesOID(
-            MISMandate mandate, boolean business) throws SAXException,
-            IOException, ParserConfigurationException, TransformerException {
-
-        Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>();
-
-        extendedSamlAttributes.clear();
-
-        // RepresentationType
-        extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
-                EXT_SAML_MANDATE_REPRESENTATIONTYPE,
-                EXT_SAML_MANDATE_REPRESENTATIONTEXT,
-                SZRGWConstants.MANDATE_NS,
-                ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
-
-        String oid = mandate.getProfRep();
-
-        if (oid != null) {
-            extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
-                    EXT_SAML_MANDATE_OID, oid,
-                    SZRGWConstants.MANDATE_NS,
-                    ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
-            String oidDescription = mandate.getTextualDescriptionOfOID();
-            extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
-                    EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION,
-                    oidDescription, SZRGWConstants.MANDATE_NS,
-                    ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
-
-        }
-
-        ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes
-                .size()];
-        extendedSamlAttributes.copyInto(ret);
-        Logger.debug("ExtendedSAML Attributes: " + ret.length);
-        return ret;
-
-    }
-
-    /**
-     * @param mandate
-     * @return
-     * @throws ParserConfigurationException
-     * @throws IOException
-     * @throws SAXException
-     */
-    private static Element mandateToElement(MISMandate mandate)
-            throws SAXException, IOException, ParserConfigurationException {
-        ByteArrayInputStream bais = new ByteArrayInputStream(mandate
-                .getMandate());
-        Document doc = DOMUtils.parseDocumentSimple(bais);
-        return doc.getDocumentElement();
-    }
-
-    protected static void replaceExtendedSAMLAttribute(List<ExtendedSAMLAttribute> attributes,
-                                                       ExtendedSAMLAttribute samlAttribute) {
-        if (null == attributes) {
-            attributes = new Vector<ExtendedSAMLAttribute>();
-        } else {
-            String id = samlAttribute.getName();
-            int length = attributes.size();
-            for (int i = 0; i < length; i++) {
-                ExtendedSAMLAttribute att = (ExtendedSAMLAttribute) attributes
-                        .get(i);
-                if (id.equals(att.getName())) {
-                    // replace attribute
-                    attributes.set(i, samlAttribute);
-                    return;
-                }
-            }
-            attributes.add(samlAttribute);
-        }
-    }
-
-    /**
-     * Processes a <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
-     * security layer implementation.<br>
-     * <ul>
-     * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-     * <li>Parses <code>&lt;CreateXMLSignatureResponse&gt;</code> for error
-     * codes</li>
-     * <li>Parses authentication block enclosed in
-     * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-     * <li>Verifies authentication block by calling the MOA SP component</li>
-     * <li>Creates authentication data</li>
-     * <li>Creates a corresponding SAML artifact</li>
-     * <li>Stores authentication data in the authentication data store indexed
-     * by the SAML artifact</li>
-     * <li>Deletes authentication session</li>
-     * <li>Returns the SAML artifact, encoded BASE64</li>
-     * </ul>
-     *
-     * @param sessionID                         session ID of the running authentication session
-     * @param xmlCreateXMLSignatureReadResponse String representation of the
-     *                                          <code>&lt;CreateXMLSignatureResponse&gt;</code>
-     * @return SAML artifact needed for retrieving authentication data, encoded
-     * BASE64
-     * @throws BKUException
-     */
-    public String verifyAuthenticationBlock(AuthenticationSession session,
-                                            String xmlCreateXMLSignatureReadResponse)
-            throws AuthenticationException, BuildException, ParseException,
-            ConfigurationException, ServiceException, ValidateException, BKUException {
-
-        if (session == null)
-            throw new AuthenticationException("auth.10", new Object[]{
-                    REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID});
-        if (isEmpty(xmlCreateXMLSignatureReadResponse))
-            throw new AuthenticationException("auth.10", new Object[]{
-                    REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE});
-
-        AuthConfigurationProvider authConf = AuthConfigurationProvider
-                .getInstance();
-        // parses <CreateXMLSignatureResponse>
-        CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser(
-                xmlCreateXMLSignatureReadResponse).parseResponse();
-
-        try {
-            String serializedAssertion = DOMUtils.serializeNode(csresp
-                    .getSamlAssertion());
-            session.setAuthBlock(serializedAssertion);
-        } catch (TransformerException e) {
-            throw new ParseException("parser.04", new Object[]{
-                    REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE});
-        } catch (IOException e) {
-            throw new ParseException("parser.04", new Object[]{
-                    REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE});
-        }
-        // validates <CreateXMLSignatureResponse>
-        if (session.isSsoRequested())
-            new CreateXMLSignatureResponseValidator().validateSSO(csresp, session);
-        else
-            new CreateXMLSignatureResponseValidator().validate(csresp, session);
-
-        // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
-        List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
-        String tpid = authConf.getMoaSpAuthBlockTrustProfileID();
-        Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp,
-                vtids, tpid);
-        // debug output
-
-        Element domVsresp = null;
-        
-//        try {
-        	// invokes the call
-        	domVsresp = new SignatureVerificationInvoker()
-        		.verifyXMLSignature(domVsreq);
-        	// debug output
-        	
-//        } catch ( ServiceException e) {
-//        	Logger.error("Signature verification error. ", e);
-//        	Logger.error("Signed Data: " + session.getAuthBlock());
-//        	try {        		
-//				Logger.error("VerifyRequest: " + DOMUtils.serializeNode(domVsreq));
-//			} catch (TransformerException e1) {
-//				e1.printStackTrace();
-//				
-//			} catch (IOException e1) {
-//				e1.printStackTrace();
-//				
-//			}
-//        	
-//        	throw e; 
-//        }
-
-        
-        // parses the <VerifyXMLSignatureResponse>
-        VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(
-                domVsresp).parseData();
-
-        if (Logger.isTraceEnabled()) {
-            if (domVsresp != null) {
-                try {
-                    String xmlVerifyXMLSignatureResponse = DOMUtils
-                            .serializeNode(domVsresp, true);
-                    Logger.trace(new LogMsg(xmlCreateXMLSignatureReadResponse));
-                    Logger.trace(new LogMsg(xmlVerifyXMLSignatureResponse));
-                } catch (Throwable t) {
-                    t.printStackTrace();
-                    Logger.info(new LogMsg(t.getStackTrace()));
-                }
-            }
-        }
-
-        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-                .getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-        
-        // validates the <VerifyXMLSignatureResponse>
-        VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp,
-                null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK,
-                oaParam);
-
-        // Compare AuthBlock Data with information stored in session, especially
-        // date and time
-        CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp);
-
-        try {        
-        	// compares the public keys from the identityLink with the AuthBlock
-        	VerifyXMLSignatureResponseValidator.getInstance().validateCertificate(
-        			vsresp, session.getIdentityLink());
-        	
-        } catch ( ValidateException e) {
-        	Logger.error("Signature verification error. ", e);
-        	Logger.error("Signed Data: " + session.getAuthBlock());
-        	try {        		
+		//		String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder()
+		//				.build();
+		//		String certInfoDataURL = new DataURLBuilder()
+		//				.buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION,
+		//						session.getSessionID());
+
+		//get Applet Parameters
+		String appletwidth = req.getParameter(PARAM_APPLET_WIDTH);
+		String appletheigth = req.getParameter(PARAM_APPLET_HEIGTH);
+		appletheigth = StringEscapeUtils.escapeHtml(appletheigth);
+		appletwidth = StringEscapeUtils.escapeHtml(appletwidth);
+
+
+		//TODO: cleanup before MOA-ID 2.1 release
+		try {
+			String htmlForm = new GetIdentityLinkFormBuilder().build(template,
+					session.getBkuURL(), infoboxReadRequest, dataURL, null,
+					null, pushInfobox, oaParam, appletheigth, appletwidth);
+
+			return htmlForm;
+
+		} catch (BuildException e) {
+			throw new BuildException("builder.07", null, e);
+
+		}     
+	}
+
+	/**
+	 * Processes an <code>&lt;InfoboxReadResponse&gt;</code> sent by the
+	 * security layer implementation.<br>
+	 * <ul>
+	 * <li>Validates given <code>&lt;InfoboxReadResponse&gt;</code></li>
+	 * <li>Parses identity link enclosed in
+	 * <code>&lt;InfoboxReadResponse&gt;</code></li>
+	 * <li>Verifies identity link by calling the MOA SP component</li>
+	 * <li>Checks certificate authority of identity link</li>
+	 * <li>Stores identity link in the session</li>
+	 * <li>Verifies all additional infoboxes returned from the BKU</li>
+	 * <li>Creates an authentication block to be signed by the user</li>
+	 * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
+	 * containg the authentication block, meant to be returned to the security
+	 * layer implementation</li>
+	 * </ul>
+	 *
+	 * @param sessionID                     ID of associated authentication session data
+	 * @param infoboxReadResponseParameters The parameters from the response returned from the BKU
+	 *                                      including the <code>&lt;InfoboxReadResponse&gt;</code>
+	 * @return String representation of the
+	 * <code>&lt;CreateXMLSignatureRequest&gt;</code>
+	 * @throws BKUException
+	 */
+	public String verifyIdentityLink(AuthenticationSession session,
+			Map<String, String> infoboxReadResponseParameters) throws AuthenticationException,
+			BuildException, ParseException, ConfigurationException,
+			ValidateException, ServiceException, BKUException {
+
+		if (session == null)
+			throw new AuthenticationException("auth.10", new Object[]{
+					REQ_VERIFY_IDENTITY_LINK, PARAM_SESSIONID});
+
+		String xmlInfoboxReadResponse = (String) infoboxReadResponseParameters
+				.get(PARAM_XMLRESPONSE);
+
+		if (isEmpty(xmlInfoboxReadResponse))
+			throw new AuthenticationException("auth.10", new Object[]{
+					REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE});
+
+		AuthConfigurationProvider authConf = AuthConfigurationProvider
+				.getInstance();
+
+		// check if an identity link was found
+		// Errorcode 2911 von Trustdesk BKU (nicht spezifikationskonform
+		// (SL1.2))
+		// CharSequence se = "ErrorCode>2911".substring(0);
+		// boolean b = xmlInfoboxReadResponse.contains(se);
+		String se = "ErrorCode>2911";
+		int b = xmlInfoboxReadResponse.indexOf(se);
+		if (b != -1) { // no identity link found
+			Logger
+			.info("Es konnte keine Personenbindung auf der Karte gefunden werden. Versuche Anmeldung als auslaendische eID.");
+			return null;
+		}
+		// spezifikationsgemaess (SL1.2) Errorcode
+		se = "ErrorCode>4002";
+		// b = xmlInfoboxReadResponse.contains(se);
+		b = xmlInfoboxReadResponse.indexOf(se);
+		if (b != -1) { // Unbekannter Infoboxbezeichner
+			Logger
+			.info("Unbekannter Infoboxbezeichner. Versuche Anmeldung als auslaendische eID.");
+			return null;
+		}
+
+		// parses the <InfoboxReadResponse>
+		IdentityLink identityLink = new InfoboxReadResponseParser(
+				xmlInfoboxReadResponse).parseIdentityLink();
+		// validates the identity link
+		IdentityLinkValidator.getInstance().validate(identityLink);
+		// builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
+		Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
+		.build(identityLink, authConf
+				.getMoaSpIdentityLinkTrustProfileID());
+
+		// invokes the call
+		Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
+		.verifyXMLSignature(domVerifyXMLSignatureRequest);
+		// parses the <VerifyXMLSignatureResponse>
+		VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
+				domVerifyXMLSignatureResponse).parseData();
+
+		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+
+		// validates the <VerifyXMLSignatureResponse>
+		VerifyXMLSignatureResponseValidator.getInstance().validate(
+				verifyXMLSignatureResponse,
+				authConf.getIdentityLinkX509SubjectNames(),
+				VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK,
+				oaParam);
+
+		session.setIdentityLink(identityLink);
+		// now validate the extended infoboxes
+
+		//Removed in MOA-ID 2.0
+		//verifyInfoboxes(session, infoboxReadResponseParameters, false);
+
+		return "found!";
+	}
+
+	/**
+	 * Processes an <code>&lt;InfoboxReadResponse&gt;</code> sent by the
+	 * security layer implementation.<br>
+	 * <ul>
+	 * <li>Validates given <code>&lt;InfoboxReadResponse&gt;</code></li>
+	 * <li>Parses identity link enclosed in
+	 * <code>&lt;InfoboxReadResponse&gt;</code></li>
+	 * <li>Verifies identity link by calling the MOA SP component</li>
+	 * <li>Checks certificate authority of identity link</li>
+	 * <li>Stores identity link in the session</li>
+	 * <li>Verifies all additional infoboxes returned from the BKU</li>
+	 * <li>Creates an authentication block to be signed by the user</li>
+	 * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
+	 * containg the authentication block, meant to be returned to the security
+	 * layer implementation</li>
+	 * </ul>
+	 *
+	 * @param sessionID                     ID of associated authentication session data
+	 * @param infoboxReadResponseParameters The parameters from the response returned from the BKU
+	 *                                      including the <code>&lt;InfoboxReadResponse&gt;</code>
+	 * @return String representation of the
+	 * <code>&lt;CreateXMLSignatureRequest&gt;</code>
+	 */
+	public String verifyCertificate(AuthenticationSession session,
+			X509Certificate certificate) throws AuthenticationException,
+			BuildException, ParseException, ConfigurationException,
+			ValidateException, ServiceException, MOAIDException {
+
+		if (session == null)
+			throw new AuthenticationException("auth.10", new Object[]{
+					REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID});
+
+		// check if person is a Organwalter
+		// if true - don't show bPK in AUTH Block
+		try {
+			for (ObjectID OWid : MOAIDAuthConstants.OW_LIST) {
+				if (certificate.getExtension(OWid) != null) {
+					session.setOW(true);
+				}
+
+			}
+
+		} catch (X509ExtensionInitException e) {
+			Logger.warn("Certificate extension is not readable.");
+			session.setOW(false);
+		}
+
+		AuthConfigurationProvider authConf = AuthConfigurationProvider
+				.getInstance();
+
+		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+
+		String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session,
+				authConf, oaParam);
+
+		return returnvalue;
+	}
+
+	/**
+	 * Processes an <code>Mandate</code> sent by the MIS.<br>
+	 * <ul>
+	 * <li>Validates given <code>Mandate</code></li>
+	 * <li>Verifies Mandate by calling the MOA SP component</li>
+	 * <li>Creates an authentication block to be signed by the user</li>
+	 * <li>Creates and returns a <code>&lt;CreateXMLSignatureRequest&gt;</code>
+	 * containg the authentication block, meant to be returned to the security
+	 * layer implementation</li>
+	 * </ul>
+	 *
+	 * @param sessionID                     ID of associated authentication session data
+	 * @param infoboxReadResponseParameters The parameters from the response returned from the BKU
+	 *                                      including the <code>&lt;InfoboxReadResponse&gt;</code>
+	 * @return String representation of the
+	 * <code>&lt;CreateXMLSignatureRequest&gt;</code>
+	 */
+	public void verifyMandate(AuthenticationSession session, MISMandate mandate)
+			throws AuthenticationException, BuildException, ParseException,
+			ConfigurationException, ValidateException, ServiceException {
+
+		if (session == null)
+			throw new AuthenticationException("auth.10", new Object[]{
+					GET_MIS_SESSIONID, PARAM_SESSIONID});
+
+		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+
+		try {
+			// sets the extended SAML attributes for OID (Organwalter)
+			setExtendedSAMLAttributeForMandatesOID(session, mandate, oaParam
+					.getBusinessService());
+
+			validateExtendedSAMLAttributeForMandates(session, mandate, oaParam.getBusinessService());
+
+
+		} catch (SAXException e) {
+			throw new AuthenticationException("auth.15",
+					new Object[]{GET_MIS_SESSIONID}, e);
+		} catch (IOException e) {
+			throw new AuthenticationException("auth.15",
+					new Object[]{GET_MIS_SESSIONID}, e);
+		} catch (ParserConfigurationException e) {
+			throw new AuthenticationException("auth.15",
+					new Object[]{GET_MIS_SESSIONID}, e);
+		} catch (TransformerException e) {
+			throw new AuthenticationException("auth.15",
+					new Object[]{GET_MIS_SESSIONID}, e);
+		}
+
+	}
+
+	/**
+	 * @param session
+	 * @param authConf
+	 * @param oaParam
+	 * @return
+	 * @throws ConfigurationException
+	 * @throws BuildException
+	 * @throws ValidateException
+	 */
+	public String getCreateXMLSignatureRequestAuthBlockOrRedirect(
+			AuthenticationSession session, AuthConfigurationProvider authConf,
+			OAAuthParameter oaParam) throws ConfigurationException,
+			BuildException, ValidateException {
+
+		//        // check for intermediate processing of the infoboxes
+		//        if (session.isValidatorInputPending())
+		//            return "Redirect to Input Processor";
+
+		if (authConf == null)
+			authConf = AuthConfigurationProvider.getInstance();
+		if (oaParam == null)
+			oaParam = AuthConfigurationProvider.getInstance()
+			.getOnlineApplicationParameter(
+					session.getPublicOAURLPrefix());
+
+		// builds the AUTH-block
+		String authBlock = buildAuthenticationBlock(session, oaParam);
+
+		// builds the <CreateXMLSignatureRequest>
+		List<String> transformsInfos = authConf.getTransformsInfos();
+
+		String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder()
+		.build(authBlock, oaParam.getKeyBoxIdentifier(),
+				transformsInfos);
+		return createXMLSignatureRequest;
+	}
+
+	/**
+	 * Returns an CreateXMLSignatureRequest for signing the ERnP statement.<br>
+	 * <ul>
+	 * <li>Creates an CreateXMLSignatureRequest to be signed by the user</li>
+	 * </ul>
+	 *
+	 * @param sessionID ID of associated authentication session data
+	 * @param cert      The certificate from the user
+	 * @return String representation of the
+	 * <code>&lt;CreateXMLSignatureRequest&gt;</code>
+	 */
+	public String createXMLSignatureRequestForeignID(AuthenticationSession session,
+			X509Certificate cert) throws AuthenticationException,
+			BuildException, ParseException, ConfigurationException,
+			ValidateException, ServiceException {
+
+		if (session == null)
+			throw new AuthenticationException("auth.10", new Object[]{
+					REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID});
+
+		AuthConfigurationProvider authConf = AuthConfigurationProvider
+				.getInstance();
+
+		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+
+		return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam,
+				cert);
+	}
+
+	public String getCreateXMLSignatureRequestForeigID(
+			AuthenticationSession session, AuthConfigurationProvider authConf,
+			OAAuthParameter oaParam, X509Certificate cert)
+					throws ConfigurationException {
+
+		//        // check for intermediate processing of the infoboxes
+		//        if (session.isValidatorInputPending())
+		//            return "Redirect to Input Processor";
+
+		if (authConf == null)
+			authConf = AuthConfigurationProvider.getInstance();
+		if (oaParam == null)
+			oaParam = AuthConfigurationProvider.getInstance()
+			.getOnlineApplicationParameter(
+					session.getPublicOAURLPrefix());
+
+		Principal subject = cert.getSubjectDN();
+
+		String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder()
+		.buildForeignID(subject.toString(), oaParam, session);
+		return createXMLSignatureRequest;
+	}
+
+	/**
+	 * Processes an <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
+	 * security layer implementation.<br>
+	 * <ul>
+	 * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+	 * <li>Parses response enclosed in
+	 * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+	 * <li>Verifies signature by calling the MOA SP component</li>
+	 * <li>Returns the signer certificate</li>
+	 * </ul>
+	 *
+	 * @param sessionID                            ID of associated authentication session data
+	 * @param createXMLSignatureResponseParameters The parameters from the response returned from the BKU
+	 *                                             including the <code>&lt;CreateXMLSignatureResponse&gt;</code>
+	 * @throws BKUException
+	 */
+	public X509Certificate verifyXMLSignature(String sessionID,
+			Map<String, String> createXMLSignatureResponseParameters)
+					throws AuthenticationException, BuildException, ParseException,
+					ConfigurationException, ValidateException, ServiceException, BKUException {
+
+		if (isEmpty(sessionID))
+			throw new AuthenticationException("auth.10", new Object[]{
+					REQ_GET_FOREIGN_ID, PARAM_SESSIONID});
+
+		String xmlCreateXMLSignatureResponse = (String) createXMLSignatureResponseParameters
+				.get(PARAM_XMLRESPONSE);
+
+		if (isEmpty(xmlCreateXMLSignatureResponse))
+			throw new AuthenticationException("auth.10", new Object[]{
+					REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE});
+
+		AuthConfigurationProvider authConf = AuthConfigurationProvider
+				.getInstance();
+
+		// parses the <CreateXMLSignatureResponse>
+		CreateXMLSignatureResponseParser p = new CreateXMLSignatureResponseParser(
+				xmlCreateXMLSignatureResponse);
+		CreateXMLSignatureResponse createXMLSignatureResponse = p
+				.parseResponseDsig();
+
+		// builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
+		Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
+		.buildDsig(createXMLSignatureResponse, authConf
+				.getMoaSpAuthBlockTrustProfileID());
+
+		// invokes the call
+		Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
+		.verifyXMLSignature(domVerifyXMLSignatureRequest);
+
+		// parses the <VerifyXMLSignatureResponse>
+		VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
+				domVerifyXMLSignatureResponse).parseData();
+
+		return verifyXMLSignatureResponse.getX509certificate();
+
+	}
+
+	/**
+	 * Processes an <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
+	 * security layer implementation.<br>
+	 * <ul>
+	 * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+	 * <li>Parses response enclosed in
+	 * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+	 * <li>Verifies signature by calling the MOA SP component</li>
+	 * <li>Returns the signer certificate</li>
+	 * </ul>
+	 *
+	 * @param sessionID                     ID of associated authentication session data
+	 * @param readInfoboxResponseParameters The parameters from the response returned from the BKU
+	 *                                      including the <code>&lt;ReadInfoboxResponse&gt;</code>
+	 * @throws BKUException
+	 */
+	public X509Certificate getCertificate(String sessionID,
+			Map<String, String> readInfoboxResponseParameters) throws AuthenticationException,
+			BuildException, ParseException, ConfigurationException,
+			ValidateException, ServiceException, BKUException {
+
+		if (isEmpty(sessionID))
+			throw new AuthenticationException("auth.10", new Object[]{
+					REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID});
+
+		String xmlReadInfoboxResponse = (String) readInfoboxResponseParameters
+				.get(PARAM_XMLRESPONSE);
+
+		if (isEmpty(xmlReadInfoboxResponse))
+			throw new AuthenticationException("auth.10", new Object[]{
+					REQ_VERIFY_CERTIFICATE, PARAM_XMLRESPONSE});
+
+		// parses the <CreateXMLSignatureResponse>
+		InfoboxReadResponseParser p = new InfoboxReadResponseParser(
+				xmlReadInfoboxResponse);
+		X509Certificate cert = p.parseCertificate();
+
+		return cert;
+
+	}
+
+	/**
+	 * Builds an authentication block <code>&lt;saml:Assertion&gt;</code> from
+	 * given session data.
+	 *
+	 * @param session authentication session
+	 * @return <code>&lt;saml:Assertion&gt;</code> as a String
+	 * @throws BuildException If an error occurs on serializing an extended SAML attribute
+	 *                        to be appended to the AUTH-Block.
+	 */
+	private String buildAuthenticationBlock(AuthenticationSession session,
+			OAAuthParameter oaParam) throws BuildException {
+
+		IdentityLink identityLink = session.getIdentityLink();
+		String issuer = identityLink.getName();
+		String gebDat = identityLink.getDateOfBirth();
+
+		String identificationValue = null;
+		String identificationType = null;
+
+		//set empty AuthBlock BPK in case of OW or SSO or bpk is not requested
+		if (session.isOW() || session.isSsoRequested() || oaParam.isRemovePBKFromAuthBlock()) {
+			identificationType = "";
+			identificationValue = "";
+
+		} else if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
+
+			if (oaParam.getBusinessService()) {
+
+				String bpkBase64 = new BPKBuilder().buildWBPK(identityLink
+						.getIdentificationValue(), oaParam.getIdentityLinkDomainIdentifier());
+				identificationValue = bpkBase64;
+
+				if (oaParam.getIdentityLinkDomainIdentifier().startsWith(Constants.URN_PREFIX_WBPK + "+"))
+					identificationType = oaParam.getIdentityLinkDomainIdentifier();
+				else
+					identificationType = Constants.URN_PREFIX_WBPK + "+" + oaParam.getIdentityLinkDomainIdentifier();
+
+			} else {
+				String bpkBase64 = new BPKBuilder().buildBPK(identityLink
+						.getIdentificationValue(), session.getTarget());
+				identificationValue = bpkBase64;
+				identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget();
+			}
+
+
+		} else {
+			identificationValue = identityLink.getIdentificationValue();
+			identificationType = identityLink.getIdentificationType();
+
+		}
+
+		String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar
+				.getInstance());
+		session.setIssueInstant(issueInstant);
+		String authURL = session.getAuthURL();
+		String target = session.getTarget();
+		String targetFriendlyName = session.getTargetFriendlyName();
+
+		// Bug #485
+		// (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105)
+		// String oaURL = session.getPublicOAURLPrefix();
+
+		List<ExtendedSAMLAttribute> extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH();
+
+
+		if (session.isSsoRequested()) {
+			String oaURL = new String();
+			try {
+				oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
+
+				if (MiscUtil.isNotEmpty(oaURL))
+					oaURL = oaURL.replaceAll("&", "&amp;");
+
+			} catch (ConfigurationException e) {
+			}
+			String authBlock = new AuthenticationBlockAssertionBuilder()
+			.buildAuthBlockSSO(issuer, issueInstant, authURL, target,
+					targetFriendlyName, identificationValue,
+					identificationType, oaURL, gebDat,
+					extendedSAMLAttributes, session, oaParam);
+			return authBlock;
+
+		} else {
+			String oaURL = session.getPublicOAURLPrefix().replaceAll("&", "&amp;");
+			String authBlock = new AuthenticationBlockAssertionBuilder()
+			.buildAuthBlock(issuer, issueInstant, authURL, target,
+					targetFriendlyName, identificationValue,
+					identificationType, oaURL, gebDat,
+					extendedSAMLAttributes, session, oaParam);
+			return authBlock;
+		}
+	}
+
+
+	/**
+	 * Verifies the infoboxes (except of the identity link infobox) returned by
+	 * the BKU by calling appropriate validator classes.
+	 *
+	 * @param session The actual authentication session.
+	 * @param mandate The Mandate from the MIS
+	 * @throws AuthenticationException
+	 * @throws ConfigurationException
+	 * @throws TransformerException
+	 * @throws ParserConfigurationException
+	 * @throws IOException
+	 * @throws SAXException
+	 */
+	private void validateExtendedSAMLAttributeForMandates(
+			AuthenticationSession session, MISMandate mandate,
+			boolean business)
+					throws ValidateException, ConfigurationException, SAXException,
+					IOException, ParserConfigurationException, TransformerException {
+
+		ExtendedSAMLAttribute[] extendedSAMLAttributes = addExtendedSamlAttributes(
+				mandate, business, false);
+
+		int length = extendedSAMLAttributes.length;
+		for (int i = 0; i < length; i++) {
+			ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i];
+
+			verifySAMLAttribute(samlAttribute, i, "MISService",
+					"MISService");
+
+		}
+	}
+
+	/**
+	 * Verifies the infoboxes (except of the identity link infobox) returned by
+	 * the BKU by calling appropriate validator classes.
+	 *
+	 * @param session The actual authentication session.
+	 * @param mandate The Mandate from the MIS
+	 * @throws AuthenticationException
+	 * @throws ConfigurationException
+	 * @throws TransformerException
+	 * @throws ParserConfigurationException
+	 * @throws IOException
+	 * @throws SAXException
+	 */
+	private void setExtendedSAMLAttributeForMandatesOID(
+			AuthenticationSession session, MISMandate mandate, boolean business)
+					throws ValidateException, ConfigurationException, SAXException,
+					IOException, ParserConfigurationException, TransformerException {
+
+		ExtendedSAMLAttribute[] extendedSamlAttributes = addExtendedSamlAttributesOID(
+				mandate, business);
+
+		AddAdditionalSAMLAttributes(session, extendedSamlAttributes,
+				"MISService", "MISService");
+
+	}
+
+	/**
+	 * Adds given SAML Attributes to the current session. They will be appended
+	 * to the final SAML Assertion or the AUTH block. If the attributes are
+	 * already in the list, they will be replaced.
+	 *
+	 * @param session                The current session
+	 * @param extendedSAMLAttributes The SAML attributes to add
+	 * @param identifier             The infobox identifier for debug purposes
+	 * @param friendlyNam            The friendly name of the infobox for debug purposes
+	 */
+	private static void AddAdditionalSAMLAttributes(
+			AuthenticationSession session,
+			ExtendedSAMLAttribute[] extendedSAMLAttributes, String identifier,
+			String friendlyName) throws ValidateException {
+		if (extendedSAMLAttributes == null)
+			return;
+		List<ExtendedSAMLAttribute> oaAttributes = session.getExtendedSAMLAttributesOA();
+		if (oaAttributes == null)
+			oaAttributes = new Vector<ExtendedSAMLAttribute>();
+		List<ExtendedSAMLAttribute> authAttributes = session.getExtendedSAMLAttributesAUTH();
+		if (authAttributes == null)
+			authAttributes = new Vector<ExtendedSAMLAttribute>();
+		int length = extendedSAMLAttributes.length;
+		for (int i = 0; i < length; i++) {
+			ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i];
+
+			Object value = verifySAMLAttribute(samlAttribute, i, identifier,
+					friendlyName);
+
+			if ((value instanceof String) || (value instanceof Element)) {
+				switch (samlAttribute.getAddToAUTHBlock()) {
+				case ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY:
+					replaceExtendedSAMLAttribute(authAttributes, samlAttribute);
+					break;
+				case ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK:
+					replaceExtendedSAMLAttribute(authAttributes, samlAttribute);
+					replaceExtendedSAMLAttribute(oaAttributes, samlAttribute);
+					break;
+				case ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK:
+					replaceExtendedSAMLAttribute(oaAttributes, samlAttribute);
+					break;
+				default:
+					Logger
+					.info("Invalid return value from method \"getAddToAUTHBlock()\" ("
+							+ samlAttribute.getAddToAUTHBlock()
+							+ ") in SAML attribute number "
+							+ (i + 1)
+							+ " for infobox " + identifier);
+									throw new ValidateException("validator.47", new Object[]{
+											friendlyName, String.valueOf((i + 1))});
+				}
+			} else {
+				Logger
+				.info("The type of SAML-Attribute number "
+						+ (i + 1)
+						+ " returned from "
+						+ identifier
+						+ "-infobox validator is not valid. Must be either \"java.Lang.String\""
+						+ " or \"org.w3c.dom.Element\"");
+				throw new ValidateException("validator.46", new Object[]{
+						identifier, String.valueOf((i + 1))});
+			}
+		}
+		session.setExtendedSAMLAttributesAUTH(authAttributes);
+		session.setExtendedSAMLAttributesOA(oaAttributes);
+	}
+
+	/**
+	 * Adds the AUTH block related SAML attributes to the validation result.
+	 * This is needed always before the AUTH block is to be signed, because the
+	 * name of the mandator has to be set
+	 *
+	 * @throws ParserConfigurationException
+	 * @throws IOException
+	 * @throws SAXException
+	 * @throws TransformerException
+	 */
+
+	protected static ExtendedSAMLAttribute[] addExtendedSamlAttributes(
+			MISMandate mandate, boolean business, boolean provideStammzahl)
+					throws SAXException, IOException, ParserConfigurationException,
+					TransformerException {
+		Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>();
+
+		extendedSamlAttributes.clear();
+
+		// Name
+		Element domMandate = mandateToElement(mandate);
+		Element nameSpaceNode = domMandate.getOwnerDocument().createElement(
+				"NameSpaceNode");
+		nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX,
+				Constants.PD_NS_URI);
+		nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX,
+				SZRGWConstants.MANDATE_NS);
+
+		Element mandator = (Element) XPathAPI.selectSingleNode(domMandate,
+				"//md:Mandate/md:Mandator", nameSpaceNode);
+
+		// Mandate
+		extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
+				EXT_SAML_MANDATE_RAW, domMandate,
+				SZRGWConstants.MANDATE_NS,
+				ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+
+		// (w)bpk
+		String wbpk = ParepUtils.extractMandatorWbpk(mandator);
+		if (!ParepUtils.isEmpty(wbpk)) {
+			if (!ParepUtils.isPhysicalPerson(mandator)) {
+				String idType = ParepUtils
+						.extractMandatorIdentificationType(mandator);
+				if (!ParepUtils.isEmpty(idType)
+						&& idType.startsWith(Constants.URN_PREFIX_BASEID)) {
+					extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
+							EXT_SAML_MANDATE_CB_BASE_ID,
+							ParepUtils.getRegisterString(idType) + ": " + wbpk,
+							SZRGWConstants.MANDATE_NS,
+							ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
+				}
+			} else if (business) {
+				extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
+						EXT_SAML_MANDATE_WBPK, wbpk,
+						SZRGWConstants.MANDATE_NS,
+						ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));
+			}
+		}
+
+		ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes
+		                                                        .size()];
+		extendedSamlAttributes.copyInto(ret);
+		Logger.debug("ExtendedSAML Attributes: " + ret.length);
+		return ret;
+
+	}
+
+	/**
+	 * Adds the AUTH block related SAML attributes to the validation result.
+	 * This is needed always before the AUTH block is to be signed, because the
+	 * name of the mandator has to be set
+	 *
+	 * @throws ParserConfigurationException
+	 * @throws IOException
+	 * @throws SAXException
+	 * @throws TransformerException
+	 */
+	private static ExtendedSAMLAttribute[] addExtendedSamlAttributesOID(
+			MISMandate mandate, boolean business) throws SAXException,
+			IOException, ParserConfigurationException, TransformerException {
+
+		Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>();
+
+		extendedSamlAttributes.clear();
+
+		// RepresentationType
+		extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
+				EXT_SAML_MANDATE_REPRESENTATIONTYPE,
+				EXT_SAML_MANDATE_REPRESENTATIONTEXT,
+				SZRGWConstants.MANDATE_NS,
+				ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+
+		String oid = mandate.getProfRep();
+
+		if (oid != null) {
+			extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
+					EXT_SAML_MANDATE_OID, oid,
+					SZRGWConstants.MANDATE_NS,
+					ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+			String oidDescription = mandate.getTextualDescriptionOfOID();
+			extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(
+					EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION,
+					oidDescription, SZRGWConstants.MANDATE_NS,
+					ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+
+		}
+
+		ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes
+		                                                        .size()];
+		extendedSamlAttributes.copyInto(ret);
+		Logger.debug("ExtendedSAML Attributes: " + ret.length);
+		return ret;
+
+	}
+
+	/**
+	 * @param mandate
+	 * @return
+	 * @throws ParserConfigurationException
+	 * @throws IOException
+	 * @throws SAXException
+	 */
+	private static Element mandateToElement(MISMandate mandate)
+			throws SAXException, IOException, ParserConfigurationException {
+		ByteArrayInputStream bais = new ByteArrayInputStream(mandate
+				.getMandate());
+		Document doc = DOMUtils.parseDocumentSimple(bais);
+		return doc.getDocumentElement();
+	}
+
+	protected static void replaceExtendedSAMLAttribute(List<ExtendedSAMLAttribute> attributes,
+			ExtendedSAMLAttribute samlAttribute) {
+		if (null == attributes) {
+			attributes = new Vector<ExtendedSAMLAttribute>();
+		} else {
+			String id = samlAttribute.getName();
+			int length = attributes.size();
+			for (int i = 0; i < length; i++) {
+				ExtendedSAMLAttribute att = (ExtendedSAMLAttribute) attributes
+						.get(i);
+				if (id.equals(att.getName())) {
+					// replace attribute
+					attributes.set(i, samlAttribute);
+					return;
+				}
+			}
+			attributes.add(samlAttribute);
+		}
+	}
+
+	/**
+	 * Processes a <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
+	 * security layer implementation.<br>
+	 * <ul>
+	 * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+	 * <li>Parses <code>&lt;CreateXMLSignatureResponse&gt;</code> for error
+	 * codes</li>
+	 * <li>Parses authentication block enclosed in
+	 * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+	 * <li>Verifies authentication block by calling the MOA SP component</li>
+	 * <li>Creates authentication data</li>
+	 * <li>Creates a corresponding SAML artifact</li>
+	 * <li>Stores authentication data in the authentication data store indexed
+	 * by the SAML artifact</li>
+	 * <li>Deletes authentication session</li>
+	 * <li>Returns the SAML artifact, encoded BASE64</li>
+	 * </ul>
+	 *
+	 * @param sessionID                         session ID of the running authentication session
+	 * @param xmlCreateXMLSignatureReadResponse String representation of the
+	 *                                          <code>&lt;CreateXMLSignatureResponse&gt;</code>
+	 * @return SAML artifact needed for retrieving authentication data, encoded
+	 * BASE64
+	 * @throws BKUException
+	 */
+	public String verifyAuthenticationBlock(AuthenticationSession session,
+			String xmlCreateXMLSignatureReadResponse)
+					throws AuthenticationException, BuildException, ParseException,
+					ConfigurationException, ServiceException, ValidateException, BKUException {
+
+		if (session == null)
+			throw new AuthenticationException("auth.10", new Object[]{
+					REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID});
+		if (isEmpty(xmlCreateXMLSignatureReadResponse))
+			throw new AuthenticationException("auth.10", new Object[]{
+					REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE});
+
+		AuthConfigurationProvider authConf = AuthConfigurationProvider
+				.getInstance();
+		// parses <CreateXMLSignatureResponse>
+		CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser(
+				xmlCreateXMLSignatureReadResponse).parseResponse();
+
+		try {
+			String serializedAssertion = DOMUtils.serializeNode(csresp
+					.getSamlAssertion());
+			session.setAuthBlock(serializedAssertion);
+		} catch (TransformerException e) {
+			throw new ParseException("parser.04", new Object[]{
+					REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE});
+		} catch (IOException e) {
+			throw new ParseException("parser.04", new Object[]{
+					REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE});
+		}
+		// validates <CreateXMLSignatureResponse>
+		if (session.isSsoRequested())
+			new CreateXMLSignatureResponseValidator().validateSSO(csresp, session);
+		else
+			new CreateXMLSignatureResponseValidator().validate(csresp, session);
+
+		// builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
+		List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
+		String tpid = authConf.getMoaSpAuthBlockTrustProfileID();
+		Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp,
+				vtids, tpid);
+		// debug output
+
+		Element domVsresp = null;
+
+		//        try {
+		// invokes the call
+		domVsresp = new SignatureVerificationInvoker()
+		.verifyXMLSignature(domVsreq);
+		// debug output
+
+		//        } catch ( ServiceException e) {
+		//        	Logger.error("Signature verification error. ", e);
+		//        	Logger.error("Signed Data: " + session.getAuthBlock());
+		//        	try {        		
+		//				Logger.error("VerifyRequest: " + DOMUtils.serializeNode(domVsreq));
+		//			} catch (TransformerException e1) {
+		//				e1.printStackTrace();
+		//				
+		//			} catch (IOException e1) {
+		//				e1.printStackTrace();
+		//				
+		//			}
+		//        	
+		//        	throw e; 
+		//        }
+
+
+		// parses the <VerifyXMLSignatureResponse>
+		VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(
+				domVsresp).parseData();
+
+		if (Logger.isTraceEnabled()) {
+			if (domVsresp != null) {
+				try {
+					String xmlVerifyXMLSignatureResponse = DOMUtils
+							.serializeNode(domVsresp, true);
+					Logger.trace(new LogMsg(xmlCreateXMLSignatureReadResponse));
+					Logger.trace(new LogMsg(xmlVerifyXMLSignatureResponse));
+				} catch (Throwable t) {
+					t.printStackTrace();
+					Logger.info(new LogMsg(t.getStackTrace()));
+				}
+			}
+		}
+
+		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+
+		// validates the <VerifyXMLSignatureResponse>
+		VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp,
+				null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK,
+				oaParam);
+
+		// Compare AuthBlock Data with information stored in session, especially
+		// date and time
+		CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp);
+
+		try {        
+			// compares the public keys from the identityLink with the AuthBlock
+			VerifyXMLSignatureResponseValidator.getInstance().validateCertificate(
+					vsresp, session.getIdentityLink());
+
+		} catch ( ValidateException e) {
+			Logger.error("Signature verification error. ", e);
+			Logger.error("Signed Data: " + session.getAuthBlock());
+			try {        		
 				Logger.error("VerifyRequest: " + DOMUtils.serializeNode(domVsreq));
 				Logger.error("VerifyResponse: " + DOMUtils.serializeNode(domVsresp));				
 			} catch (TransformerException e1) {
 				e1.printStackTrace();
-				
+
 			} catch (IOException e1) {
 				e1.printStackTrace();
-				
+
 			}
-        	
-        	throw e; 
-        }        	
-
-//        // post processing of the infoboxes
-//        Iterator iter = session.getInfoboxValidatorIterator();
-//        boolean formpending = false;
-//        if (iter != null) {
-//            while (!formpending && iter.hasNext()) {
-//                Vector infoboxValidatorVector = (Vector) iter.next();
-//                String identifier = (String) infoboxValidatorVector.get(0);
-//                String friendlyName = (String) infoboxValidatorVector.get(1);
-//                InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector
-//                        .get(2);
-//                InfoboxValidationResult infoboxValidationResult = null;
-//                try {
-//                    infoboxValidationResult = infoboxvalidator.validate(csresp
-//                            .getSamlAssertion());
-//                } catch (ValidateException e) {
-//                    Logger.error("Error validating " + identifier + " infobox:"
-//                            + e.getMessage());
-//                    throw new ValidateException("validator.44",
-//                            new Object[]{friendlyName});
-//                }
-//                if (!infoboxValidationResult.isValid()) {
-//                    Logger.info("Validation of " + identifier
-//                            + " infobox failed.");
-//                    throw new ValidateException("validator.40", new Object[]{
-//                            friendlyName,
-//                            infoboxValidationResult.getErrorMessage()});
-//                }
-//                String form = infoboxvalidator.getForm();
-//                if (ParepUtils.isEmpty(form)) {
-//                    AddAdditionalSAMLAttributes(
-//                            session,
-//                            infoboxValidationResult.getExtendedSamlAttributes(),
-//                            identifier, friendlyName);
-//                } else {
-//                    return "Redirect to Input Processor";
-//                }
-//            }
-//        }
-
-        session.setXMLVerifySignatureResponse(vsresp);
-        session.setSignerCertificate(vsresp.getX509certificate());
-        vsresp.setX509certificate(null);
-        session.setForeigner(false);
-
-        if (session.getUseMandate()) {
-            // mandate mode
-            return null;
-
-        } else {
-
-            session.setAuthenticatedUsed(false);
-            session.setAuthenticated(true);
-
-            //set QAA Level four in case of card authentifcation
-            session.setQAALevel(PVPConstants.STORK_QAA_1_4);
-
-
-            String oldsessionID = session.getSessionID();
-
-            //Session is implicte stored in changeSessionID!!!
-            String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-
-            Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
-            Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
-
-            return newMOASessionID;
-        }
-    }
-
-    /**
-     * Processes a <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
-     * security layer implementation.<br>
-     * <ul>
-     * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-     * <li>Parses <code>&lt;CreateXMLSignatureResponse&gt;</code> for error
-     * codes</li>
-     * <li>Parses authentication block enclosed in
-     * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
-     * <li>Verifies authentication block by calling the MOA SP component</li>
-     * <li>Creates authentication data</li>
-     * <li>Creates a corresponding SAML artifact</li>
-     * <li>Stores authentication data in the authentication data store indexed
-     * by the SAML artifact</li>
-     * <li>Deletes authentication session</li>
-     * <li>Returns the SAML artifact, encoded BASE64</li>
-     * </ul>
-     *
-     * @param sessionID                         session ID of the running authentication session
-     * @param xmlCreateXMLSignatureReadResponse String representation of the
-     *                                          <code>&lt;CreateXMLSignatureResponse&gt;</code>
-     * @return SAML artifact needed for retrieving authentication data, encoded
-     * BASE64
-     */
-
-    protected Element createIdentificationBPK(Element mandatePerson,
-                                              String baseid, String target) throws BuildException {
-        Element identificationBpK = mandatePerson.getOwnerDocument()
-                .createElementNS(Constants.PD_NS_URI, "Identification");
-        Element valueBpK = mandatePerson.getOwnerDocument().createElementNS(
-                Constants.PD_NS_URI, "Value");
-
-        String bpkBase64 = new BPKBuilder().buildBPK(baseid, target);
-        valueBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode(
-                bpkBase64));
-        Element typeBpK = mandatePerson.getOwnerDocument().createElementNS(
-                Constants.PD_NS_URI, "Type");
-        typeBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode(
-                "urn:publicid:gv.at:cdid+bpk"));
-        identificationBpK.appendChild(valueBpK);
-        identificationBpK.appendChild(typeBpK);
-
-        return identificationBpK;
-
-    }
-
-    protected String getBaseId(Element mandatePerson)
-            throws TransformerException, IOException {
-        NodeList list = mandatePerson.getElementsByTagNameNS(
-                Constants.PD_NS_URI, "Identification");
-        for (int i = 0; i < list.getLength(); i++) {
-            Element identification = (Element) list.item(i);
-            Element type = (Element) identification.getElementsByTagNameNS(
-                    Constants.PD_NS_URI, "Type").item(0);
-            if (type.getTextContent().compareToIgnoreCase(
-                    "urn:publicid:gv.at:baseid") == 0) {
-                Element value = (Element) identification
-                        .getElementsByTagNameNS(Constants.PD_NS_URI, "Value")
-                        .item(0);
-                return value.getTextContent();
-            }
-        }
-        return null;
-
-    }
-
-    /**
-     * Gets the foreign authentication data.<br>
-     * <ul>
-     * <li>Creates authentication data</li>
-     * <li>Creates a corresponding SAML artifact</li>
-     * <li>Stores authentication data in the authentication data store indexed
-     * by the SAML artifact</li>
-     * <li>Deletes authentication session</li>
-     * <li>Returns the SAML artifact, encoded BASE64</li>
-     * </ul>
-     *
-     * @param sessionID session ID of the running authentication session
-     * @return SAML artifact needed for retrieving authentication data, encoded
-     * BASE64
-     */
-    public String getForeignAuthenticationData(AuthenticationSession session)
-            throws AuthenticationException, BuildException, ParseException,
-            ConfigurationException, ServiceException, ValidateException {
-
-        if (session == null)
-            throw new AuthenticationException("auth.10", new Object[]{
-                    REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID});
-
-//        // post processing of the infoboxes
-//        Iterator iter = session.getInfoboxValidatorIterator();
-//        boolean formpending = false;
-//        if (iter != null) {
-//            while (!formpending && iter.hasNext()) {
-//                Vector infoboxValidatorVector = (Vector) iter.next();
-//                String identifier = (String) infoboxValidatorVector.get(0);
-//                String friendlyName = (String) infoboxValidatorVector.get(1);
-//                InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector
-//                        .get(2);
-//                InfoboxValidationResult infoboxValidationResult = null;
-//                try {
-//                    infoboxValidationResult = infoboxvalidator.validate(session
-//                            .getIdentityLink().getSamlAssertion());
-//                } catch (ValidateException e) {
-//                    Logger.error("Error validating " + identifier + " infobox:"
-//                            + e.getMessage());
-//                    throw new ValidateException("validator.44",
-//                            new Object[]{friendlyName});
-//                }
-//                if (!infoboxValidationResult.isValid()) {
-//                    Logger.info("Validation of " + identifier
-//                            + " infobox failed.");
-//                    throw new ValidateException("validator.40", new Object[]{
-//                            friendlyName,
-//                            infoboxValidationResult.getErrorMessage()});
-//                }
-//                String form = infoboxvalidator.getForm();
-//                if (ParepUtils.isEmpty(form)) {
-//                    AddAdditionalSAMLAttributes(
-//                            session,
-//                            infoboxValidationResult.getExtendedSamlAttributes(),
-//                            identifier, friendlyName);
-//                } else {
-//                    return "Redirect to Input Processor";
-//                }
-//            }
-//        }
-
-        VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse();
-        X509Certificate cert = session.getSignerCertificate();
-        vsresp.setX509certificate(cert);
-
-        session.setAuthenticatedUsed(false);
-        session.setAuthenticated(true);
-
-
-        session.setXMLVerifySignatureResponse(vsresp);
-        session.setSignerCertificate(vsresp.getX509certificate());
-        vsresp.setX509certificate(null);
-        session.setForeigner(true);
-
-        //TODO: regenerate MOASession ID!
-        return "new Session";
-    }
-
-    /**
-     * Retrieves a session from the session store.
-     *
-     * @param id session ID
-     * @return <code>AuthenticationSession</code> stored with given session ID,
-     * <code>null</code> if session ID unknown
-     */
-    public static AuthenticationSession getSession(String id)
-            throws AuthenticationException {
-        AuthenticationSession session;
-        try {
-            session = AuthenticationSessionStoreage.getSession(id);
-
-            if (session == null)
-                throw new AuthenticationException("auth.02", new Object[]{id});
-            return session;
-
-        } catch (MOADatabaseException e) {
-        	throw new AuthenticationException("auth.02", new Object[]{id});
-            
-        } catch (Exception e) {
-        	throw new AuthenticationException("parser.04", new Object[]{id});
-        }
-    }
-
-    /**
-     * Cleans up expired session and authentication data stores.
-     */
-    public void cleanup() {
-        long now = new Date().getTime();
-
-        //clean AuthenticationSessionStore
-
-        AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated);
-
-        //clean AssertionStore
-        AssertionStorage assertionstore = AssertionStorage.getInstance();
-        assertionstore.clean(now, authDataTimeOut);
-
-        //clean ExeptionStore
-        DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore();
-        exstore.clean(now, authDataTimeOut);
-
-    }
-
-    /**
-     * Sets the sessionTimeOut.
-     *
-     * @param seconds Time out of the session in seconds
-     */
-    public void setSecondsSessionTimeOutCreated(long seconds) {
-        sessionTimeOutCreated = seconds * 1000;
-    }
-
-    public void setSecondsSessionTimeOutUpdated(long seconds) {
-        sessionTimeOutUpdated = seconds * 1000;
-    }
-
-    /**
-     * Sets the authDataTimeOut.
-     *
-     * @param seconds Time out for signing AuthData in seconds
-     */
-    public void setSecondsAuthDataTimeOut(long seconds) {
-        authDataTimeOut = seconds * 1000;
-    }
-
-    /**
-     * Checks a parameter.
-     *
-     * @param param parameter
-     * @return true if the parameter is null or empty
-     */
-    private boolean isEmpty(String param) {
-        return param == null || param.length() == 0;
-    }
-
-    /**
-     * Checks the correctness of SAML attributes and returns its value.
-     *
-     * @param param        samlAttribute
-     * @param i            the number of the verified attribute for messages
-     * @param identifier   the infobox identifier for messages
-     * @param friendlyname the friendly name of the infobox for messages
-     * @return the SAML attribute value (Element or String)
-     */
-    protected static Object verifySAMLAttribute(
-            ExtendedSAMLAttribute samlAttribute, int i, String identifier,
-            String friendlyName) throws ValidateException {
-        String name = samlAttribute.getName();
-
-        if (name == null) {
-            Logger.info("The name of SAML-Attribute number " + (i + 1)
-                    + " returned from " + identifier
-                    + "-infobox validator is null.");
-            throw new ValidateException("validator.45", new Object[]{
-                    friendlyName, "Name", String.valueOf((i + 1)), "null"});
-        }
-        if (name == "") {
-            Logger.info("The name of SAML-Attribute number " + (i + 1)
-                    + " returned from " + identifier
-                    + "-infobox validator is empty.");
-            throw new ValidateException("validator.45", new Object[]{
-                    friendlyName, "Name", String.valueOf((i + 1)), "leer"});
-        }
-        if (samlAttribute.getNameSpace() == null) {
-            Logger.info("The namespace of SAML-Attribute number " + (i + 1)
-                    + " returned from " + identifier
-                    + "-infobox validator is null.");
-            throw new ValidateException("validator.45",
-                    new Object[]{friendlyName, "Namespace",
-                            String.valueOf((i + 1)), "null"});
-        }
-        Object value = samlAttribute.getValue();
-        if (value == null) {
-            Logger.info("The value of SAML-Attribute number " + (i + 1)
-                    + " returned from " + identifier
-                    + "-infobox validator is null.");
-            throw new ValidateException("validator.45", new Object[]{
-                    friendlyName, "Wert", String.valueOf((i + 1)), "null"});
-        }
-        
-        return value;
-    }
-	
+
+			throw e; 
+		}        	
+
+		//        // post processing of the infoboxes
+		//        Iterator iter = session.getInfoboxValidatorIterator();
+		//        boolean formpending = false;
+		//        if (iter != null) {
+		//            while (!formpending && iter.hasNext()) {
+		//                Vector infoboxValidatorVector = (Vector) iter.next();
+		//                String identifier = (String) infoboxValidatorVector.get(0);
+		//                String friendlyName = (String) infoboxValidatorVector.get(1);
+		//                InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector
+		//                        .get(2);
+		//                InfoboxValidationResult infoboxValidationResult = null;
+		//                try {
+		//                    infoboxValidationResult = infoboxvalidator.validate(csresp
+		//                            .getSamlAssertion());
+		//                } catch (ValidateException e) {
+		//                    Logger.error("Error validating " + identifier + " infobox:"
+		//                            + e.getMessage());
+		//                    throw new ValidateException("validator.44",
+		//                            new Object[]{friendlyName});
+		//                }
+		//                if (!infoboxValidationResult.isValid()) {
+		//                    Logger.info("Validation of " + identifier
+		//                            + " infobox failed.");
+		//                    throw new ValidateException("validator.40", new Object[]{
+		//                            friendlyName,
+		//                            infoboxValidationResult.getErrorMessage()});
+		//                }
+		//                String form = infoboxvalidator.getForm();
+		//                if (ParepUtils.isEmpty(form)) {
+		//                    AddAdditionalSAMLAttributes(
+		//                            session,
+		//                            infoboxValidationResult.getExtendedSamlAttributes(),
+		//                            identifier, friendlyName);
+		//                } else {
+		//                    return "Redirect to Input Processor";
+		//                }
+		//            }
+		//        }
+
+		session.setXMLVerifySignatureResponse(vsresp);
+		session.setSignerCertificate(vsresp.getX509certificate());
+		vsresp.setX509certificate(null);
+		session.setForeigner(false);
+
+		if (session.getUseMandate()) {
+			// mandate mode
+			return null;
+
+		} else {
+
+			session.setAuthenticatedUsed(false);
+			session.setAuthenticated(true);
+
+			//set QAA Level four in case of card authentifcation
+			session.setQAALevel(PVPConstants.STORK_QAA_1_4);
+
+
+			String oldsessionID = session.getSessionID();
+
+			//Session is implicte stored in changeSessionID!!!
+			String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
+
+			Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
+			Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
+
+			return newMOASessionID;
+		}
+	}
+
+	/**
+	 * Processes a <code>&lt;CreateXMLSignatureResponse&gt;</code> sent by the
+	 * security layer implementation.<br>
+	 * <ul>
+	 * <li>Validates given <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+	 * <li>Parses <code>&lt;CreateXMLSignatureResponse&gt;</code> for error
+	 * codes</li>
+	 * <li>Parses authentication block enclosed in
+	 * <code>&lt;CreateXMLSignatureResponse&gt;</code></li>
+	 * <li>Verifies authentication block by calling the MOA SP component</li>
+	 * <li>Creates authentication data</li>
+	 * <li>Creates a corresponding SAML artifact</li>
+	 * <li>Stores authentication data in the authentication data store indexed
+	 * by the SAML artifact</li>
+	 * <li>Deletes authentication session</li>
+	 * <li>Returns the SAML artifact, encoded BASE64</li>
+	 * </ul>
+	 *
+	 * @param sessionID                         session ID of the running authentication session
+	 * @param xmlCreateXMLSignatureReadResponse String representation of the
+	 *                                          <code>&lt;CreateXMLSignatureResponse&gt;</code>
+	 * @return SAML artifact needed for retrieving authentication data, encoded
+	 * BASE64
+	 */
+
+	protected Element createIdentificationBPK(Element mandatePerson,
+			String baseid, String target) throws BuildException {
+		Element identificationBpK = mandatePerson.getOwnerDocument()
+				.createElementNS(Constants.PD_NS_URI, "Identification");
+		Element valueBpK = mandatePerson.getOwnerDocument().createElementNS(
+				Constants.PD_NS_URI, "Value");
+
+		String bpkBase64 = new BPKBuilder().buildBPK(baseid, target);
+		valueBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode(
+				bpkBase64));
+		Element typeBpK = mandatePerson.getOwnerDocument().createElementNS(
+				Constants.PD_NS_URI, "Type");
+		typeBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode(
+				"urn:publicid:gv.at:cdid+bpk"));
+		identificationBpK.appendChild(valueBpK);
+		identificationBpK.appendChild(typeBpK);
+
+		return identificationBpK;
+
+	}
+
+	protected String getBaseId(Element mandatePerson)
+			throws TransformerException, IOException {
+		NodeList list = mandatePerson.getElementsByTagNameNS(
+				Constants.PD_NS_URI, "Identification");
+		for (int i = 0; i < list.getLength(); i++) {
+			Element identification = (Element) list.item(i);
+			Element type = (Element) identification.getElementsByTagNameNS(
+					Constants.PD_NS_URI, "Type").item(0);
+			if (type.getTextContent().compareToIgnoreCase(
+					"urn:publicid:gv.at:baseid") == 0) {
+				Element value = (Element) identification
+						.getElementsByTagNameNS(Constants.PD_NS_URI, "Value")
+						.item(0);
+				return value.getTextContent();
+			}
+		}
+		return null;
+
+	}
+
+	/**
+	 * Gets the foreign authentication data.<br>
+	 * <ul>
+	 * <li>Creates authentication data</li>
+	 * <li>Creates a corresponding SAML artifact</li>
+	 * <li>Stores authentication data in the authentication data store indexed
+	 * by the SAML artifact</li>
+	 * <li>Deletes authentication session</li>
+	 * <li>Returns the SAML artifact, encoded BASE64</li>
+	 * </ul>
+	 *
+	 * @param sessionID session ID of the running authentication session
+	 * @return SAML artifact needed for retrieving authentication data, encoded
+	 * BASE64
+	 */
+	public String getForeignAuthenticationData(AuthenticationSession session)
+			throws AuthenticationException, BuildException, ParseException,
+			ConfigurationException, ServiceException, ValidateException {
+
+		if (session == null)
+			throw new AuthenticationException("auth.10", new Object[]{
+					REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID});
+
+		//        // post processing of the infoboxes
+		//        Iterator iter = session.getInfoboxValidatorIterator();
+		//        boolean formpending = false;
+		//        if (iter != null) {
+		//            while (!formpending && iter.hasNext()) {
+		//                Vector infoboxValidatorVector = (Vector) iter.next();
+		//                String identifier = (String) infoboxValidatorVector.get(0);
+		//                String friendlyName = (String) infoboxValidatorVector.get(1);
+		//                InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector
+		//                        .get(2);
+		//                InfoboxValidationResult infoboxValidationResult = null;
+		//                try {
+		//                    infoboxValidationResult = infoboxvalidator.validate(session
+		//                            .getIdentityLink().getSamlAssertion());
+		//                } catch (ValidateException e) {
+		//                    Logger.error("Error validating " + identifier + " infobox:"
+		//                            + e.getMessage());
+		//                    throw new ValidateException("validator.44",
+		//                            new Object[]{friendlyName});
+		//                }
+		//                if (!infoboxValidationResult.isValid()) {
+		//                    Logger.info("Validation of " + identifier
+		//                            + " infobox failed.");
+		//                    throw new ValidateException("validator.40", new Object[]{
+		//                            friendlyName,
+		//                            infoboxValidationResult.getErrorMessage()});
+		//                }
+		//                String form = infoboxvalidator.getForm();
+		//                if (ParepUtils.isEmpty(form)) {
+		//                    AddAdditionalSAMLAttributes(
+		//                            session,
+		//                            infoboxValidationResult.getExtendedSamlAttributes(),
+		//                            identifier, friendlyName);
+		//                } else {
+		//                    return "Redirect to Input Processor";
+		//                }
+		//            }
+		//        }
+
+		VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse();
+		X509Certificate cert = session.getSignerCertificate();
+		vsresp.setX509certificate(cert);
+
+		session.setAuthenticatedUsed(false);
+		session.setAuthenticated(true);
+
+
+		session.setXMLVerifySignatureResponse(vsresp);
+		session.setSignerCertificate(vsresp.getX509certificate());
+		vsresp.setX509certificate(null);
+		session.setForeigner(true);
+
+		//TODO: regenerate MOASession ID!
+		return "new Session";
+	}
+
+	/**
+	 * Retrieves a session from the session store.
+	 *
+	 * @param id session ID
+	 * @return <code>AuthenticationSession</code> stored with given session ID,
+	 * <code>null</code> if session ID unknown
+	 */
+	public static AuthenticationSession getSession(String id)
+			throws AuthenticationException {
+		AuthenticationSession session;
+		try {
+			session = AuthenticationSessionStoreage.getSession(id);
+
+			if (session == null)
+				throw new AuthenticationException("auth.02", new Object[]{id});
+			return session;
+
+		} catch (MOADatabaseException e) {
+			throw new AuthenticationException("auth.02", new Object[]{id});
+
+		} catch (Exception e) {
+			throw new AuthenticationException("parser.04", new Object[]{id});
+		}
+	}
+
+	/**
+	 * Cleans up expired session and authentication data stores.
+	 */
+	public void cleanup() {
+		long now = new Date().getTime();
+
+		//clean AuthenticationSessionStore
+
+		AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated);
+
+		//clean AssertionStore
+		AssertionStorage assertionstore = AssertionStorage.getInstance();
+		assertionstore.clean(now, authDataTimeOut);
+
+		//clean ExeptionStore
+		DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore();
+		exstore.clean(now, authDataTimeOut);
+
+	}
+
+	/**
+	 * Sets the sessionTimeOut.
+	 *
+	 * @param seconds Time out of the session in seconds
+	 */
+	public void setSecondsSessionTimeOutCreated(long seconds) {
+		sessionTimeOutCreated = seconds * 1000;
+	}
+
+	public void setSecondsSessionTimeOutUpdated(long seconds) {
+		sessionTimeOutUpdated = seconds * 1000;
+	}
+
+	/**
+	 * Sets the authDataTimeOut.
+	 *
+	 * @param seconds Time out for signing AuthData in seconds
+	 */
+	public void setSecondsAuthDataTimeOut(long seconds) {
+		authDataTimeOut = seconds * 1000;
+	}
+
+	/**
+	 * Checks a parameter.
+	 *
+	 * @param param parameter
+	 * @return true if the parameter is null or empty
+	 */
+	private boolean isEmpty(String param) {
+		return param == null || param.length() == 0;
+	}
+
+	/**
+	 * Checks the correctness of SAML attributes and returns its value.
+	 *
+	 * @param param        samlAttribute
+	 * @param i            the number of the verified attribute for messages
+	 * @param identifier   the infobox identifier for messages
+	 * @param friendlyname the friendly name of the infobox for messages
+	 * @return the SAML attribute value (Element or String)
+	 */
+	protected static Object verifySAMLAttribute(
+			ExtendedSAMLAttribute samlAttribute, int i, String identifier,
+			String friendlyName) throws ValidateException {
+		String name = samlAttribute.getName();
+
+		if (name == null) {
+			Logger.info("The name of SAML-Attribute number " + (i + 1)
+					+ " returned from " + identifier
+					+ "-infobox validator is null.");
+			throw new ValidateException("validator.45", new Object[]{
+					friendlyName, "Name", String.valueOf((i + 1)), "null"});
+		}
+		if (name == "") {
+			Logger.info("The name of SAML-Attribute number " + (i + 1)
+					+ " returned from " + identifier
+					+ "-infobox validator is empty.");
+			throw new ValidateException("validator.45", new Object[]{
+					friendlyName, "Name", String.valueOf((i + 1)), "leer"});
+		}
+		if (samlAttribute.getNameSpace() == null) {
+			Logger.info("The namespace of SAML-Attribute number " + (i + 1)
+					+ " returned from " + identifier
+					+ "-infobox validator is null.");
+			throw new ValidateException("validator.45",
+					new Object[]{friendlyName, "Namespace",
+					String.valueOf((i + 1)), "null"});
+		}
+		Object value = samlAttribute.getValue();
+		if (value == null) {
+			Logger.info("The value of SAML-Attribute number " + (i + 1)
+					+ " returned from " + identifier
+					+ "-infobox validator is null.");
+			throw new ValidateException("validator.45", new Object[]{
+					friendlyName, "Wert", String.valueOf((i + 1)), "null"});
+		}
+
+		return value;
+	}
+
 	/**
 	 * Does the request to the SZR-GW.
 	 *
@@ -1595,7 +1595,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	public CreateIdentityLinkResponse getIdentityLink(Element signature) throws SZRGWClientException, ConfigurationException {
 		return getIdentityLink(null, null, null, null, XMLHelper.nodeToString(signature), null);
 	}
-    
+
 	/**
 	 * Does the request to the SZR-GW.
 	 *
@@ -1611,396 +1611,400 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature, String PEPSFiscalNumber) throws SZRGWClientException {
 		return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, null, signature, null, null, null, null, null, null, null, PEPSFiscalNumber);
 	}
-	
- 	/**
-	  * SZR-GW Client interface.
-	  *
-	  * @param eIdentifier the e identifier
-	  * @param givenName the given name
-	  * @param lastName the last name
-	  * @param dateOfBirth the date of birth
-	  * @param citizenSignature the citizen signature
-	  * @param representative the representative
-	  * @param represented the represented
-	  * @param mandate the mandate
-	  * @return the identity link
-	  * @throws SZRGWClientException the sZRGW client exception
-	  */
-	 public CreateIdentityLinkResponse getIdentityLink(String eIdentifier,
- 			String givenName, String lastName, String dateOfBirth, String gender,
- 			String citizenSignature, String representative, String represented,
- 			String mandate, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException {
- 		return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender,
- 				citizenSignature, representative, represented, mandate, null,
- 				null, targetType, targetValue, oaFriendlyName, filters, PEPSFiscalNumber);
- 	}
-	
-		/**
-		 * Gets the identity link.
-		 *
-		 * @param citizenSignature the citizen signature
-		 * @param representative the representative
-		 * @param represented the represented
-		 * @param mandate the mandate
-		 * @param organizationAddress the organization address
-		 * @param organizationType the organization type
-		 * @return the identity link
-		 * @throws SZRGWClientException 
-		 */
-		public CreateIdentityLinkResponse getIdentityLink(String citizenSignature,
-				String representative, String represented, String mandateContent,
-				String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException {
-			return getIdentityLink(null, null, null, null, null,
-					citizenSignature, represented, representative, mandateContent, organizationAddress,
-					organizationType, targetType, targetValue, oaFriendlyName, filters, PEPSFiscalNumber);
-		}	 
-	 
-    public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException {
+
+	/**
+	 * SZR-GW Client interface.
+	 *
+	 * @param eIdentifier the e identifier
+	 * @param givenName the given name
+	 * @param lastName the last name
+	 * @param dateOfBirth the date of birth
+	 * @param citizenSignature the citizen signature
+	 * @param representative the representative
+	 * @param represented the represented
+	 * @param mandate the mandate
+	 * @return the identity link
+	 * @throws SZRGWClientException the sZRGW client exception
+	 */
+	public CreateIdentityLinkResponse getIdentityLink(String eIdentifier,
+			String givenName, String lastName, String dateOfBirth, String gender,
+			String citizenSignature, String representative, String represented,
+			String mandate, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException {
+		return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender,
+				citizenSignature, representative, represented, mandate, null,
+				null, targetType, targetValue, oaFriendlyName, filters, PEPSFiscalNumber);
+	}
+
+	/**
+	 * Gets the identity link.
+	 *
+	 * @param citizenSignature the citizen signature
+	 * @param representative the representative
+	 * @param represented the represented
+	 * @param mandate the mandate
+	 * @param organizationAddress the organization address
+	 * @param organizationType the organization type
+	 * @return the identity link
+	 * @throws SZRGWClientException 
+	 */
+	public CreateIdentityLinkResponse getIdentityLink(String citizenSignature,
+			String representative, String represented, String mandateContent,
+			String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException {
+		return getIdentityLink(null, null, null, null, null,
+				citizenSignature, represented, representative, mandateContent, organizationAddress,
+				organizationType, targetType, targetValue, oaFriendlyName, filters, PEPSFiscalNumber);
+	}	 
+
+	public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List<String> filters, String PEPSFiscalNumber) throws SZRGWClientException {
 
 		try {
-	    	AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
-	    	ConnectionParameter connectionParameters = authConf.getForeignIDConnectionParameter();
-
-	    	SZRGWClient client = new SZRGWClient(connectionParameters);
-	    	 	    	
-	    	CreateIdentityLinkRequest request = new CreateIdentityLinkRequest();
-	    	request.setSignature(citizenSignature.getBytes("UTF-8"));
-	
-            PEPSData data = new PEPSData();
-            data.setDateOfBirth(PEPSDateOfBirth);
-            data.setFamilyname(PEPSFamilyname);
-            data.setFirstname(PEPSFirstname);
-            data.setIdentifier(PEPSIdentifier);
-
-            data.setRepresentative(representative);
-            data.setRepresented(represented);
-            data.setMandateContent(mandateContent);
-
-            data.setLegalPersonCanonicalRegisteredAddress(organizationAddress);
-            data.setLegalPersonTranslatableType(organizationType);
-
-            if (null != mandateContent) {
-                MISType mis = new MISType();
-
-                Target targetObject = new Target();
-                targetObject.setType(targetType);
-                targetObject.setValue(targetValue);
-                mis.setTarget(targetObject);
-
-                mis.setOAFriendlyName(oaFriendlyName);
-
-                Filters filterObject = new Filters();
-                MandateIdentifiers mandateIds = new MandateIdentifiers();
-		        for(String current : filters)
-		        	mandateIds.getMandateIdentifier().add(current.trim());
-		    	filterObject.setMandateIdentifiers(mandateIds);
-		    	mis.setFilters(filterObject);
-
-                request.setMIS(mis);
-            }
-
-            if (MiscUtil.isEmpty(connectionParameters.getUrl())) {
-            	Logger.warn("SZR-Gateway Service URL is empty");
-            	throw new SZRGWClientException("service.07");
-            }
-            
-            Logger.info("Starte Kommunikation mit dem Stammzahlenregister Gateway(" + connectionParameters.getUrl() + ")...");
-            CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request, connectionParameters.getUrl());
-            return response;
-            
-	    }
-	    catch (ConfigurationException e) {
-	    	Logger.warn(e);
-	    	Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null ));
+			AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
+			ConnectionParameter connectionParameters = authConf.getForeignIDConnectionParameter();
+
+			SZRGWClient client = new SZRGWClient(connectionParameters);
+
+			CreateIdentityLinkRequest request = new CreateIdentityLinkRequest();
+			request.setSignature(citizenSignature.getBytes("UTF-8"));
+
+			if(PEPSDateOfBirth!=null || PEPSFamilyname!=null || PEPSFirstname!=null || PEPSIdentifier!=null || representative!=null || represented!=null || mandateContent!=null || organizationAddress!=null || organizationType!=null)
+			{
+				PEPSData data = new PEPSData();
+				data.setDateOfBirth(PEPSDateOfBirth);
+				data.setFamilyname(PEPSFamilyname);
+				data.setFirstname(PEPSFirstname);
+				data.setIdentifier(PEPSIdentifier);
+
+				data.setRepresentative(representative);
+				data.setRepresented(represented);
+				data.setMandateContent(mandateContent);
+
+				data.setLegalPersonCanonicalRegisteredAddress(organizationAddress);
+				data.setLegalPersonTranslatableType(organizationType);
+
+				request.setPEPSData(data);
+			}
+			if (null != mandateContent) {
+				MISType mis = new MISType();
+
+				Target targetObject = new Target();
+				targetObject.setType(targetType);
+				targetObject.setValue(targetValue);
+				mis.setTarget(targetObject);
+
+				mis.setOAFriendlyName(oaFriendlyName);
+
+				Filters filterObject = new Filters();
+				MandateIdentifiers mandateIds = new MandateIdentifiers();
+				for(String current : filters)
+					mandateIds.getMandateIdentifier().add(current.trim());
+				filterObject.setMandateIdentifiers(mandateIds);
+				mis.setFilters(filterObject);
+
+				request.setMIS(mis);
+			}
+
+			if (MiscUtil.isEmpty(connectionParameters.getUrl())) {
+				Logger.warn("SZR-Gateway Service URL is empty");
+				throw new SZRGWClientException("service.07");
+			}
+
+			Logger.info("Starte Kommunikation mit dem Stammzahlenregister Gateway(" + connectionParameters.getUrl() + ")...");
+			CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request, connectionParameters.getUrl());
+			return response;
+
+		}
+		catch (ConfigurationException e) {
+			Logger.warn(e);
+			Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null ));
 		} catch (UnsupportedEncodingException e) {
 			Logger.warn(e);
 		}
-	    
-	    return null;
-	
-  }
-
-    /**
-     * Starts a MOA-ID authentication process using STORK
-     *
-     * @param req                HttpServletRequest
-     * @param resp               HttpServletResponse
-     * @param ccc                Citizen country code
-     * @param oaURL              URL of the online application
-     * @param target             Target parameter
-     * @param targetFriendlyName Friendly Name of Target
-     * @param authURL            Authentication URL
-     * @param sourceID           SourceID parameter
-     * @throws MOAIDException
-     * @throws AuthenticationException
-     * @throws WrongParametersException
-     * @throws ConfigurationException
-     */
-    public static void startSTORKAuthentication(
-            HttpServletRequest req,
-            HttpServletResponse resp,
-            AuthenticationSession moasession) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException {
-
-        if (moasession == null) {
-            throw new AuthenticationException("auth.18", new Object[]{});
-        }
-
-        //read configuration paramters of OA
-        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
-        if (oaParam == null)
-            throw new AuthenticationException("auth.00", new Object[]{moasession.getPublicOAURLPrefix()});
-
-        //Start of STORK Processing
-        STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig();
-
-        CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc());
-
-        Logger.debug("Preparing to assemble STORK AuthnRequest with the following values:");
-        String destination = cpeps.getPepsURL().toExternalForm();
-        Logger.debug("C-PEPS URL: " + destination);
-
-       
-        String issuerValue = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
-//        String acsURL = new DataURLBuilder().buildDataURL(issuerValue, 
-//    			PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN, moasession.getSessionID());
-        
-        //solve Problem with sessionIDs 
-        String acsURL = issuerValue + PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;
-        
-        Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL);
-
-        String providerName = oaParam.getFriendlyName();
-        Logger.debug("Issuer value: " + issuerValue);
-
-        // prepare collection of required attributes
-        // - attributes for online application
-        List<OAStorkAttribute> attributesFromConfig = oaParam.getRequestedAttributes();
-
-        // - prepare attribute list
-        PersonalAttributeList attributeList = new PersonalAttributeList();
-
-        // - fill container
-        for (OAStorkAttribute current : attributesFromConfig) {
-            PersonalAttribute newAttribute = new PersonalAttribute();
-            newAttribute.setName(current.getName());
-
-            boolean globallyMandatory = false;
-            for (StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes())
-                if (current.getName().equals(currentGlobalAttribute.getName())) {
-                    globallyMandatory = currentGlobalAttribute.isMandatory();
-                    break;
-                }
-
-            newAttribute.setIsRequired(current.isMandatory() || globallyMandatory);
-            attributeList.add(newAttribute);
-        }
-
-        // add sign request
-        PersonalAttribute newAttribute = new PersonalAttribute();
-        newAttribute.setName("signedDoc");
-        List<String> value = new ArrayList<String>();
-        
-        Logger.debug("PEPS supports XMLSignatures:"+cpeps.isXMLSignatureSupported());
-        if(cpeps.isXMLSignatureSupported())//Send SignRequest to PEPS
-        {
-        	value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im  Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
-                "application/xhtml+xml", moasession.getCcc()));
-        	newAttribute.setValue(value);
-        	attributeList.add(newAttribute);
-        }
-        else//Process SignRequest locally with MOCCA
-        {
-        	String target = moasession.getTarget();
-        	moasession.setTarget("AT");
-        	String signedDoc = (generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im  Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
-                    "application/xhtml+xml", "AT"));//moasession.getCcc()
-        	moasession.setTarget(target);
-        	Logger.warn("signedDoc to store:"+signedDoc);
-            //attributeList.add(newAttribute);
-        	
-            //store SignRequest for later...
-            moasession.setSignedDoc(signedDoc);
-            
-            acsURL = issuerValue + PEPSConnectorWithLocalSigningServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;
-            try {
+
+		return null;
+
+	}
+
+	/**
+	 * Starts a MOA-ID authentication process using STORK
+	 *
+	 * @param req                HttpServletRequest
+	 * @param resp               HttpServletResponse
+	 * @param ccc                Citizen country code
+	 * @param oaURL              URL of the online application
+	 * @param target             Target parameter
+	 * @param targetFriendlyName Friendly Name of Target
+	 * @param authURL            Authentication URL
+	 * @param sourceID           SourceID parameter
+	 * @throws MOAIDException
+	 * @throws AuthenticationException
+	 * @throws WrongParametersException
+	 * @throws ConfigurationException
+	 */
+	public static void startSTORKAuthentication(
+			HttpServletRequest req,
+			HttpServletResponse resp,
+			AuthenticationSession moasession) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException {
+
+		if (moasession == null) {
+			throw new AuthenticationException("auth.18", new Object[]{});
+		}
+
+		//read configuration paramters of OA
+		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+		if (oaParam == null)
+			throw new AuthenticationException("auth.00", new Object[]{moasession.getPublicOAURLPrefix()});
+
+		//Start of STORK Processing
+		STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig();
+
+		CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc());
+
+		Logger.debug("Preparing to assemble STORK AuthnRequest with the following values:");
+		String destination = cpeps.getPepsURL().toExternalForm();
+		Logger.debug("C-PEPS URL: " + destination);
+
+
+		String issuerValue = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
+		//        String acsURL = new DataURLBuilder().buildDataURL(issuerValue, 
+		//    			PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN, moasession.getSessionID());
+
+		//solve Problem with sessionIDs 
+		String acsURL = issuerValue + PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;
+
+		Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL);
+
+		String providerName = oaParam.getFriendlyName();
+		Logger.debug("Issuer value: " + issuerValue);
+
+		// prepare collection of required attributes
+		// - attributes for online application
+		List<OAStorkAttribute> attributesFromConfig = oaParam.getRequestedAttributes();
+
+		// - prepare attribute list
+		PersonalAttributeList attributeList = new PersonalAttributeList();
+
+		// - fill container
+		for (OAStorkAttribute current : attributesFromConfig) {
+			PersonalAttribute newAttribute = new PersonalAttribute();
+			newAttribute.setName(current.getName());
+
+			boolean globallyMandatory = false;
+			for (StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes())
+				if (current.getName().equals(currentGlobalAttribute.getName())) {
+					globallyMandatory = currentGlobalAttribute.isMandatory();
+					break;
+				}
+
+			newAttribute.setIsRequired(current.isMandatory() || globallyMandatory);
+			attributeList.add(newAttribute);
+		}
+
+		// add sign request
+		PersonalAttribute newAttribute = new PersonalAttribute();
+		newAttribute.setName("signedDoc");
+		List<String> value = new ArrayList<String>();
+
+		Logger.debug("PEPS supports XMLSignatures:"+cpeps.isXMLSignatureSupported());
+		if(cpeps.isXMLSignatureSupported())//Send SignRequest to PEPS
+		{
+			value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im  Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
+					"application/xhtml+xml", moasession.getCcc()));
+			newAttribute.setValue(value);
+			attributeList.add(newAttribute);
+		}
+		else//Process SignRequest locally with MOCCA
+		{
+			String target = moasession.getTarget();
+			moasession.setTarget("AT");
+			String signedDoc = (generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im  Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
+					"application/xhtml+xml", "AT"));//moasession.getCcc()
+			moasession.setTarget(target);
+			Logger.warn("signedDoc to store:"+signedDoc);
+			//attributeList.add(newAttribute);
+
+			//store SignRequest for later...
+			moasession.setSignedDoc(signedDoc);
+
+			acsURL = issuerValue + PEPSConnectorWithLocalSigningServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;
+			try {
 				AuthenticationSessionStoreage.storeSession(moasession);
 			} catch (MOADatabaseException e) {
 				// TODO Auto-generated catch block
 				e.printStackTrace();
 			}
-            
-        }
-
-        if (Logger.isDebugEnabled()) {
-            Logger.debug("The following attributes are requested for this OA:");
-            for (OAStorkAttribute logReqAttr : attributesFromConfig)
-                Logger.debug("OA specific requested attribute: " + logReqAttr.getName() + ", isRequired: " + logReqAttr.isMandatory());
-        }
-
-        //TODO: check Target in case of SSO!!
-        String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget();
-        String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
-        String spApplication = spInstitution;
-        String spCountry = "AT";
-
-        //generate AuthnRquest
-        STORKAuthnRequest authnRequest = new STORKAuthnRequest();
-        authnRequest.setDestination(destination);
-        authnRequest.setAssertionConsumerServiceURL(acsURL);//PEPSConnectorWithLocalSigning
-        authnRequest.setProviderName(providerName);
-        authnRequest.setIssuer(issuerValue);
-        authnRequest.setQaa(oaParam.getQaaLevel());
-        authnRequest.setSpInstitution(spInstitution);
-        authnRequest.setCountry(spCountry);
-        authnRequest.setSpApplication(spApplication);
-        authnRequest.setSpSector(spSector);
-        authnRequest.setPersonalAttributeList(attributeList);
-
-        //TODO change
-        authnRequest.setEIDCrossBorderShare(true);
-        authnRequest.setEIDCrossSectorShare(true);
-        authnRequest.setEIDSectorShare(true);
-
-        authnRequest.setCitizenCountryCode(moasession.getCcc());
-
-        Logger.debug("STORK AuthnRequest succesfully assembled.");
-
-        STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing");
-        
-        if (samlEngine == null) {
-            Logger.error("Could not initalize STORK SAML engine.");
-            throw new MOAIDException("stork.00", null);
-        }
-        
-        try {
-            authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest);
-        } catch (STORKSAMLEngineException e) {
-            Logger.error("Could not sign STORK SAML AuthnRequest.", e);
-            throw new MOAIDException("stork.00", null);
-        }
-
-        Logger.info("STORK AuthnRequest successfully signed!");
-
-        //validate AuthnRequest
-        try {
-            samlEngine.validateSTORKAuthnRequest(authnRequest.getTokenSaml());
-        } catch (STORKSAMLEngineException e) {
-            Logger.error("STORK SAML AuthnRequest not valid.", e);
-            throw new MOAIDException("stork.01", null);
-        }
-
-        Logger.debug("STORK AuthnRequest successfully internally validated.");
-
-        //send
-        moasession.setStorkAuthnRequest(authnRequest);
-
-        AuthenticationSessionStoreage.changeSessionID(moasession, authnRequest.getSamlId());
-        
-        
-        Logger.info("Preparing to send STORK AuthnRequest.");
-        Logger.info("prepared STORKAuthnRequest: ");
-        Logger.info(new String(authnRequest.getTokenSaml()));
-
-        try {
-            Logger.trace("Initialize VelocityEngine...");
-
-            VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
-            Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm");
-            VelocityContext context = new VelocityContext();
-            context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authnRequest.getTokenSaml()));
-            context.put("RelayState", moasession.getSessionID());
-            context.put("action", destination);
-
-            StringWriter writer = new StringWriter();
-            template.merge(context, writer);
-
-            resp.setContentType("text/html;charset=UTF-8");            
-            resp.getOutputStream().write(writer.toString().getBytes("UTF-8"));
-
-        } catch (Exception e) {
-            Logger.error("Error sending STORK SAML AuthnRequest.", e);
-            throw new MOAIDException("stork.02", new Object[]{destination});
-            
-        }
-
-        Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination());
-    }
-
-    private static String generateDssSignRequest(String text, String mimeType, String citizenCountry) {
-        IdentifierGenerator idGenerator;
-        try {
-            idGenerator = new SecureRandomIdentifierGenerator();
-
-            DocumentType doc = new DocumentType();
-            doc.setBase64XML(text.getBytes("UTF-8"));
-            doc.setID(idGenerator.generateIdentifier());
-
-            SignRequest request = new SignRequest();
-            request.setInputDocuments(ApiUtils.createInputDocuments(doc));
-
-            String id = idGenerator.generateIdentifier();
-            request.setRequestID(id);
-            request.setDocUI(id);
-
-            request.setProfile(Profiles.XADES_BES.toString());
-            request.setNumberOfSigners(BigInteger.ONE);
-            request.setTargetCountry(citizenCountry);
-
-            // no, no todo. PEPS will alter this value anyhow.
-            request.setReturnURL("http://invalid_return");
-
-            AnyType required = new AnyType();
-            required.getAny().add(ApiUtils.createSignatureType(SignatureTypes.XMLSIG_RFC3275.toString()));
-            required.getAny().add(ApiUtils.createAdditionalProfile(AdditionalProfiles.XADES.toString()));
-            required.getAny().add(ApiUtils.createQualityRequirements(QualityLevels.QUALITYLEVEL_QUALIFIEDSIG));
-            required.getAny().add(ApiUtils.createIncludeObject(doc));
-            request.setOptionalInputs(required);
-
-            return IOUtils.toString(ApiUtils.marshalToInputStream(request));
-        } catch (NoSuchAlgorithmException e) {
-            Logger.error("Cannot generate id", e);
-            throw new RuntimeException(e);
-        } catch (ApiUtilsException e) {
-            Logger.error("Could not create SignRequest", e);
-            throw new RuntimeException(e);
-        } catch (DOMException e) {
-            Logger.error("Could not create SignRequest", e);
-            throw new RuntimeException(e);
-        } catch (IOException e) {
-            Logger.error("Could not create SignRequest", e);
-            throw new RuntimeException(e);
-        }
-    }
-
-    /**
-     * Extracts an X509 Certificate out of an XML signagture element
-     *
-     * @param signedXML XML signature element
-     * @return X509Certificate
-     * @throws CertificateException
-     */
-    public static X509Certificate getCertificateFromXML(Element signedXML) throws CertificateException {
-
-        NodeList nList = signedXML.getElementsByTagNameNS(Constants.DSIG_NS_URI, "X509Certificate");
-
-        String base64CertString = XMLUtil.getFirstTextValueFromNodeList(nList);
-
-        if (StringUtils.isEmpty(base64CertString)) {
-            String msg = "XML does not contain a X509Certificate element.";
-            Logger.error(msg);
-            throw new CertificateException(msg);
-        }
-
-        InputStream is = new ByteArrayInputStream(Base64.decode(base64CertString));
-
-        X509Certificate cert;
-        try {
-            cert = new X509Certificate(is);
-            return cert;
-
-        } catch (Throwable e) {
-            throw new CertificateException(e);
-        }
-    }
+
+		}
+
+		if (Logger.isDebugEnabled()) {
+			Logger.debug("The following attributes are requested for this OA:");
+			for (OAStorkAttribute logReqAttr : attributesFromConfig)
+				Logger.debug("OA specific requested attribute: " + logReqAttr.getName() + ", isRequired: " + logReqAttr.isMandatory());
+		}
+
+		//TODO: check Target in case of SSO!!
+		String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget();
+		String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
+		String spApplication = spInstitution;
+		String spCountry = "AT";
+
+		//generate AuthnRquest
+		STORKAuthnRequest authnRequest = new STORKAuthnRequest();
+		authnRequest.setDestination(destination);
+		authnRequest.setAssertionConsumerServiceURL(acsURL);//PEPSConnectorWithLocalSigning
+		authnRequest.setProviderName(providerName);
+		authnRequest.setIssuer(issuerValue);
+		authnRequest.setQaa(oaParam.getQaaLevel());
+		authnRequest.setSpInstitution(spInstitution);
+		authnRequest.setCountry(spCountry);
+		authnRequest.setSpApplication(spApplication);
+		authnRequest.setSpSector(spSector);
+		authnRequest.setPersonalAttributeList(attributeList);
+
+		//TODO change
+		authnRequest.setEIDCrossBorderShare(true);
+		authnRequest.setEIDCrossSectorShare(true);
+		authnRequest.setEIDSectorShare(true);
+
+		authnRequest.setCitizenCountryCode(moasession.getCcc());
+
+		Logger.debug("STORK AuthnRequest succesfully assembled.");
+
+		STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing");
+
+		if (samlEngine == null) {
+			Logger.error("Could not initalize STORK SAML engine.");
+			throw new MOAIDException("stork.00", null);
+		}
+
+		try {
+			authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest);
+		} catch (STORKSAMLEngineException e) {
+			Logger.error("Could not sign STORK SAML AuthnRequest.", e);
+			throw new MOAIDException("stork.00", null);
+		}
+
+		Logger.info("STORK AuthnRequest successfully signed!");
+
+		//validate AuthnRequest
+		try {
+			samlEngine.validateSTORKAuthnRequest(authnRequest.getTokenSaml());
+		} catch (STORKSAMLEngineException e) {
+			Logger.error("STORK SAML AuthnRequest not valid.", e);
+			throw new MOAIDException("stork.01", null);
+		}
+
+		Logger.debug("STORK AuthnRequest successfully internally validated.");
+
+		//send
+		moasession.setStorkAuthnRequest(authnRequest);
+
+		AuthenticationSessionStoreage.changeSessionID(moasession, authnRequest.getSamlId());
+
+
+		Logger.info("Preparing to send STORK AuthnRequest.");
+		Logger.info("prepared STORKAuthnRequest: ");
+		Logger.info(new String(authnRequest.getTokenSaml()));
+
+		try {
+			Logger.trace("Initialize VelocityEngine...");
+
+			VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+			Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm");
+			VelocityContext context = new VelocityContext();
+			context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authnRequest.getTokenSaml()));
+			context.put("RelayState", moasession.getSessionID());
+			context.put("action", destination);
+
+			StringWriter writer = new StringWriter();
+			template.merge(context, writer);
+
+			resp.setContentType("text/html;charset=UTF-8");            
+			resp.getOutputStream().write(writer.toString().getBytes("UTF-8"));
+
+		} catch (Exception e) {
+			Logger.error("Error sending STORK SAML AuthnRequest.", e);
+			throw new MOAIDException("stork.02", new Object[]{destination});
+
+		}
+
+		Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination());
+	}
+
+	private static String generateDssSignRequest(String text, String mimeType, String citizenCountry) {
+		IdentifierGenerator idGenerator;
+		try {
+			idGenerator = new SecureRandomIdentifierGenerator();
+
+			DocumentType doc = new DocumentType();
+			doc.setBase64XML(text.getBytes("UTF-8"));
+			doc.setID(idGenerator.generateIdentifier());
+
+			SignRequest request = new SignRequest();
+			request.setInputDocuments(ApiUtils.createInputDocuments(doc));
+
+			String id = idGenerator.generateIdentifier();
+			request.setRequestID(id);
+			request.setDocUI(id);
+
+			request.setProfile(Profiles.XADES_BES.toString());
+			request.setNumberOfSigners(BigInteger.ONE);
+			request.setTargetCountry(citizenCountry);
+
+			// no, no todo. PEPS will alter this value anyhow.
+			request.setReturnURL("http://invalid_return");
+
+			AnyType required = new AnyType();
+			required.getAny().add(ApiUtils.createSignatureType(SignatureTypes.XMLSIG_RFC3275.toString()));
+			required.getAny().add(ApiUtils.createAdditionalProfile(AdditionalProfiles.XADES.toString()));
+			required.getAny().add(ApiUtils.createQualityRequirements(QualityLevels.QUALITYLEVEL_QUALIFIEDSIG));
+			required.getAny().add(ApiUtils.createIncludeObject(doc));
+			request.setOptionalInputs(required);
+
+			return IOUtils.toString(ApiUtils.marshalToInputStream(request));
+		} catch (NoSuchAlgorithmException e) {
+			Logger.error("Cannot generate id", e);
+			throw new RuntimeException(e);
+		} catch (ApiUtilsException e) {
+			Logger.error("Could not create SignRequest", e);
+			throw new RuntimeException(e);
+		} catch (DOMException e) {
+			Logger.error("Could not create SignRequest", e);
+			throw new RuntimeException(e);
+		} catch (IOException e) {
+			Logger.error("Could not create SignRequest", e);
+			throw new RuntimeException(e);
+		}
+	}
+
+	/**
+	 * Extracts an X509 Certificate out of an XML signagture element
+	 *
+	 * @param signedXML XML signature element
+	 * @return X509Certificate
+	 * @throws CertificateException
+	 */
+	public static X509Certificate getCertificateFromXML(Element signedXML) throws CertificateException {
+
+		NodeList nList = signedXML.getElementsByTagNameNS(Constants.DSIG_NS_URI, "X509Certificate");
+
+		String base64CertString = XMLUtil.getFirstTextValueFromNodeList(nList);
+
+		if (StringUtils.isEmpty(base64CertString)) {
+			String msg = "XML does not contain a X509Certificate element.";
+			Logger.error(msg);
+			throw new CertificateException(msg);
+		}
+
+		InputStream is = new ByteArrayInputStream(Base64.decode(base64CertString));
+
+		X509Certificate cert;
+		try {
+			cert = new X509Certificate(is);
+			return cert;
+
+		} catch (Throwable e) {
+			throw new CertificateException(e);
+		}
+	}
 
 }
-- 
cgit v1.2.3


From 0265338e3f2553d9f6926c930561d29a65035847 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 15 Jul 2014 11:05:19 +0200
Subject: solve problems with Target configuration

---
 .../data/oa/OATargetConfiguration.java             | 26 ++++++++++++++++++----
 .../webapp/jsp/snippets/OA/targetConfiguration.jsp |  4 ++--
 2 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java
index e988cc292..150cd959e 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java
@@ -82,9 +82,7 @@ public class OATargetConfiguration implements IOnlineApplicationData {
 	 */
 	@Override
 	public List<String> parse(OnlineApplication dbOA,
-			AuthenticatedUser authUser, HttpServletRequest request) {
-        subTargetSet = MiscUtil.isNotEmpty(getTarget_subsector());
-		
+			AuthenticatedUser authUser, HttpServletRequest request) {		
 		String target_full = dbOA.getTarget();
 		if (MiscUtil.isNotEmpty(target_full)) {
 			if (TargetValidator.isValidTarget(target_full)) {
@@ -95,8 +93,10 @@ public class OATargetConfiguration implements IOnlineApplicationData {
 				
 				if (TargetValidator.isValidTarget(target_split[0])) {
 					target = target_split[0];
-					if (target_split.length > 1)
+					if (target_split.length > 1) {
 						target_subsector = target_split[1];
+						subTargetSet = true;
+					}
 					
 				} else {
 					target = "";
@@ -367,4 +367,22 @@ public class OATargetConfiguration implements IOnlineApplicationData {
     public void setDeaktivededBusinessService(boolean deaktivededBusinessService) {
         this.deaktivededBusinessService = deaktivededBusinessService;
     }
+
+
+	/**
+	 * @return the subTargetSet
+	 */
+	public boolean isSubTargetSet() {
+		return subTargetSet;
+	}
+
+
+	/**
+	 * @param subTargetSet the subTargetSet to set
+	 */
+	public void setSubTargetSet(boolean subTargetSet) {
+		this.subTargetSet = subTargetSet;
+	}
+    
+    
 }
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp
index 261966a86..b8bd1dc02 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp
@@ -46,8 +46,8 @@
 								</s:select>
 							</s:else>
 							
-							<s:checkbox name="subTargetSet" 
-								value="%{subTargetSet}"
+							<s:checkbox name="targetConfig.subTargetSet" 
+								value="%{targetConfig.subTargetSet}"
 								labelposition="left"
 								key="webpages.oaconfig.general.target.subsector.checkbox"
 								cssClass="checkbox"
-- 
cgit v1.2.3


From d2b55c814089cd667115c6c2e46daf14c8c2611c Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Wed, 16 Jul 2014 17:04:17 +0200
Subject: iFrame leaving problem fixed, redirect code changed

---
 .../moa/id/auth/servlet/PEPSConnectorServlet.java  |  7 ++--
 .../PEPSConnectorWithLocalSigningServlet.java      | 38 +++++++++++++++++-----
 .../templates/stork2_postbinding_template.html     |  2 +-
 3 files changed, 35 insertions(+), 12 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 64447b20e..397eebd9b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -399,9 +399,10 @@ public class PEPSConnectorServlet extends AuthServlet {
 						ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID);
 	    		redirectURL = response.encodeRedirectURL(redirectURL);
 	    	
-	    	response.setContentType("text/html");
-	    	response.setStatus(302);
-	    	response.addHeader("Location", redirectURL);
+//	    	response.setContentType("text/html");
+//	    	response.setStatus(302);
+//	    	response.addHeader("Location", redirectURL);
+	    		response.sendRedirect(redirectURL);
 	    	Logger.info("REDIRECT TO: " + redirectURL);
 			
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
index 62e15a379..cd7427913 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
@@ -24,7 +24,6 @@ package at.gv.egovernment.moa.id.auth.servlet;
 
 import iaik.x509.X509Certificate;
 
-import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.StringWriter;
@@ -42,7 +41,6 @@ import javax.servlet.http.HttpServletResponse;
 import javax.xml.bind.JAXBContext;
 import javax.xml.bind.JAXBElement;
 import javax.xml.bind.JAXBException;
-import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.transform.Source;
 import javax.xml.transform.TransformerConfigurationException;
@@ -57,7 +55,6 @@ import org.apache.velocity.Template;
 import org.apache.velocity.VelocityContext;
 import org.apache.velocity.app.VelocityEngine;
 import org.opensaml.saml2.core.StatusCode;
-import org.w3c.dom.Element;
 import org.xml.sax.SAXException;
 
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
@@ -73,6 +70,7 @@ import at.gv.egovernment.moa.id.auth.exception.ServiceException;
 import at.gv.egovernment.moa.id.auth.stork.STORKException;
 import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -86,7 +84,7 @@ import at.gv.egovernment.moa.spss.MOAException;
 import at.gv.egovernment.moa.spss.api.SPSSFactory;
 import at.gv.egovernment.moa.spss.api.SignatureVerificationService;
 import at.gv.egovernment.moa.spss.api.common.Content;
-import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
@@ -117,7 +115,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 
 	public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnectorWithLocalSigning";
 
-	private String oasisDssWebFormURL = "http://testvidp.buergerkarte.at/oasis-dss/DSSWebFormServlet";//TODO load from config
+	private String oasisDssWebFormURL = "https://testvidp.buergerkarte.at/oasis-dss/DSSWebFormServlet";//TODO load from config
 
 
 	/**
@@ -262,9 +260,10 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 					ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID);
 			redirectURL = response.encodeRedirectURL(redirectURL);
 
-			response.setContentType("text/html");
-			response.setStatus(302);
-			response.addHeader("Location", redirectURL);
+//			response.setContentType("text/html");
+//			response.setStatus(302);
+//			response.addHeader("Location", redirectURL);
+			response.sendRedirect(redirectURL);
 			Logger.info("REDIRECT TO: " + redirectURL);
 
 		} catch (AuthenticationException e) {
@@ -467,6 +466,29 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 
 					String url = acsURL+"?moaSessionID="+newMOASessionID;
 					//redirect to OASIS module and sign there
+					
+					boolean found = false;
+					try{
+					List<AttributeProviderPlugin> aps = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()).getStorkAPs();
+					for(AttributeProviderPlugin ap : aps)
+					{
+						if(ap.getAttributes().equalsIgnoreCase("signedDoc"))
+						{
+							oasisDssWebFormURL = ap.getUrl();
+							found = true;
+							Logger.info("Loaded signedDoc attribute provider url from config:"+oasisDssWebFormURL);
+							break;
+						}
+					}
+					}catch(Exception e)
+					{
+						e.printStackTrace();
+						Logger.error("Loading the signedDoc attribute provider url from config failed");
+					}
+					if(!found)
+					{
+						Logger.error("Failed to load the signedDoc attribute provider url from config");
+					}
 					performRedirect(url,request,response,signRequest);
 
 					return;
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/stork2_postbinding_template.html b/id/server/idserverlib/src/main/resources/resources/templates/stork2_postbinding_template.html
index f655caee0..f901351a2 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/stork2_postbinding_template.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/stork2_postbinding_template.html
@@ -23,7 +23,7 @@
 -->
 </style>
 
-	<form action="${action}" method="post" target="_parent">
+	<form action="${action}" method="post" target="_self">
 		<div>
 			#if($RelayState)<input type="hidden" name="RelayState"
 				value="${RelayState}" />#end #if($SAMLRequest)<input type="hidden"
-- 
cgit v1.2.3


From 7e42dd36309d1113ce85d26fde15303059743b90 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Thu, 17 Jul 2014 16:13:37 +0200
Subject: todo

---
 .../gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java  | 2 +-
 .../moa/id/protocols/stork2/MandateRetrievalRequest.java          | 8 +++++---
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 64447b20e..40c358b7e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -244,7 +244,7 @@ public class PEPSConnectorServlet extends AuthServlet {
 			//extract signed doc element and citizen signature
 			String citizenSignature = null;
 			try {
-				String signatureInfo = authnResponse.getPersonalAttributeList().get("signedDoc").getValue().get(0);
+				String signatureInfo = authnResponse.getPersonalAttributeList().get("signedDoc").getValue().get(0); // TODO ERROR HANDLING
 								 
 				SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(signatureInfo)));
 				
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
index 139c438f9..ba849f959 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
@@ -71,6 +71,7 @@ public class MandateRetrievalRequest implements IAction {
         httpResp.reset();
         this.representingIdentityLink = authData.getIdentityLink();
 
+
         OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(req.getOAURL());
         if (oaParam == null)
             throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()});
@@ -96,7 +97,7 @@ public class MandateRetrievalRequest implements IAction {
         MandateContainer mandateContainer = null;
 
         try {
-            mandateContainer = new CorporateBodyMandateContainer(new String(authData.getMISMandate().getMandate(), "UTF-8"));
+            mandateContainer = new CorporateBodyMandateContain  er(new String(authData.getMISMandate().getMandate(), "UTF-8"));
         } catch (Exception ex) {
             try {
                 mandateContainer = new PhyPersonMandateContainer(new String(authData.getMISMandate().getMandate(), "UTF-8"));
@@ -449,7 +450,8 @@ public class MandateRetrievalRequest implements IAction {
         }
 
         if (!mandateContainer.getPhysicalRepresentativeIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
-            Logger.error("Incorrect identity link (MIS): identification type is not correct! Got: " + this.representingIdentityLink.getIdentificationType());
+            Logger.error("Incorrect identity link (MIS): identification type is not correct! Got: " + this.representingIdentityLink.getIdentificationType() + " (representingIdentityLink) and " + mandateContainer.getPhysicalRepresentativeIdentificationType() + " (mandateContainer.phyRepresentative)");
+            Logger.debug("mandatecontainervalue: " + mandateContainer.getPhysicalRepresentativeIdentificationValue() +  ", representingidentitylinkvalue: " + this.representingIdentityLink.getIdentificationValue());
             throw new MOAIDException("stork.20", new Object[]{}); // TODO
         }
 
@@ -491,7 +493,7 @@ public class MandateRetrievalRequest implements IAction {
             represented.setType(getCompanyType(corporateBodyMandateContainer.corpMandatorFullName, corporateBodyMandateContainer.corpMandatorIdentificationType, sourceAttribute));
         } else if (mandateContainer instanceof PhyPersonMandateContainer) {
             PhyPersonMandateContainer phyPersonMandateContainer = (PhyPersonMandateContainer) mandateContainer;
-            represented.setEIdentifier(getRepresentedStorkeIdentifier(mandateContainer)); // TODO CALCULATE
+            represented.setEIdentifier(getRepresentedStorkeIdentifier(mandateContainer));
             represented.setGivenName(phyPersonMandateContainer.getPhyPersMandatorGivenName());
             represented.setSurname(phyPersonMandateContainer.getPhyPersMandatorFamilyName());
             represented.setDateOfBirth(phyPersonMandateContainer.getPhyPersMandatorBirthDate());
-- 
cgit v1.2.3


From 708009bbfc5433c3338278b95e9f150b424d2a03 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Thu, 17 Jul 2014 16:18:30 +0200
Subject: typo

---
 .../gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
index ba849f959..baa91a854 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
@@ -97,7 +97,7 @@ public class MandateRetrievalRequest implements IAction {
         MandateContainer mandateContainer = null;
 
         try {
-            mandateContainer = new CorporateBodyMandateContain  er(new String(authData.getMISMandate().getMandate(), "UTF-8"));
+            mandateContainer = new CorporateBodyMandateContainer(new String(authData.getMISMandate().getMandate(), "UTF-8"));
         } catch (Exception ex) {
             try {
                 mandateContainer = new PhyPersonMandateContainer(new String(authData.getMISMandate().getMandate(), "UTF-8"));
-- 
cgit v1.2.3


From 078c7784e9e278bd5fdd96465a38558776cacb04 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 4 Aug 2014 12:57:39 +0200
Subject: MOA federation with USP   - add some initial methodes

---
 .../id/auth/builder/AuthenticationDataBuilder.java | 72 ++++++++++++----------
 .../moa/id/entrypoints/DispatcherServlet.java      |  2 +-
 .../pvp2x/utils/AssertionAttributeExtractor.java   | 14 +++++
 3 files changed, 54 insertions(+), 34 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 17d6898ee..ddcc6e1d1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -39,6 +39,7 @@ import org.opensaml.saml2.core.Attribute;
 import org.opensaml.saml2.core.AttributeQuery;
 import org.opensaml.saml2.core.AttributeStatement;
 import org.opensaml.saml2.core.Response;
+import org.opensaml.saml2.core.StatusResponseType;
 import org.opensaml.ws.soap.common.SOAPException;
 import org.opensaml.xml.XMLObject;
 import org.opensaml.xml.security.SecurityException;
@@ -76,6 +77,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExt
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.MOASAMLSOAPClient;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngine;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory;
@@ -239,11 +241,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 				attributs = reqQueryAttr;
 				
 			//IDP is a service provider IDP and request interfederated IDP to collect attributes				
-			} else {
-				
-				//TODO: check if response include attributes and map this attributes to requested attributes
-				//TODO: insert code to parse Attributes from AuthnRespones for USP --> Zustelldienst
-				
+			} else {												
 				//get PVP 2.1 attributes from protocol specific requested attributes
 				attributs = req.getRequestedAttributes();
 				
@@ -255,44 +253,52 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 				Logger.error("No AttributeQueryURL for interfederationIDP " + oaParam.getPublicURLPrefix());
 				throw new ConfigurationException("No AttributeQueryURL for interfederationIDP " + oaParam.getPublicURLPrefix(), null);
 			}
+
+			
+			//TODO: check if response include attributes and map this attributes to requested attributes
+			//TODO: insert code to parse Attributes from AuthnRespones for USP --> Zustelldienst
+			Response intfResp = (Response) req.getInterfederationResponse().getResponse();
+			AssertionAttributeExtractor extractor = 
+					new AssertionAttributeExtractor(intfResp);			
 						
-			//build attributQuery request
-			AttributeQuery query = 
-					AttributQueryBuilder.buildAttributQueryRequest(interfIDP.getUserNameID(), endpoint, attributs);
+			if (!extractor.containsAllRequiredAttributes()) {			
+				//build attributQuery request
+				AttributeQuery query = 
+						AttributQueryBuilder.buildAttributQueryRequest(interfIDP.getUserNameID(), endpoint, attributs);
 			
-			//build SOAP request				
-			List<XMLObject> xmlObjects = MOASAMLSOAPClient.send(endpoint, query);
+				//build SOAP request				
+				List<XMLObject> xmlObjects = MOASAMLSOAPClient.send(endpoint, query);
 			
-			if (xmlObjects.size() == 0) {
-				Logger.error("Receive emptry AttributeQuery response-body.");
-				throw new AttributQueryException("Receive emptry AttributeQuery response-body.", null);
+				if (xmlObjects.size() == 0) {
+					Logger.error("Receive emptry AttributeQuery response-body.");
+					throw new AttributQueryException("Receive emptry AttributeQuery response-body.", null);
 				
-			}
+				}
 			
-			if (xmlObjects.get(0) instanceof Response) {
-				Response intfResp = (Response) xmlObjects.get(0);
+				if (xmlObjects.get(0) instanceof Response) {
+					intfResp = (Response) xmlObjects.get(0);
 				
-				//validate PVP 2.1 response
-				try {
-					SAMLVerificationEngine engine = new SAMLVerificationEngine();
-					engine.verifyResponse(intfResp, TrustEngineFactory.getSignatureKnownKeysTrustEngine());
+					//validate PVP 2.1 response
+					try {
+						SAMLVerificationEngine engine = new SAMLVerificationEngine();
+						engine.verifyResponse(intfResp, TrustEngineFactory.getSignatureKnownKeysTrustEngine());
 				
-					SAMLVerificationEngine.validateAssertion(intfResp, false);
+						SAMLVerificationEngine.validateAssertion(intfResp, false);
 					
-				} catch (Exception e) {
-					Logger.warn("PVP 2.1 assertion validation FAILED.", e);
-					throw new AssertionValidationExeption("PVP 2.1 assertion validation FAILED.", null, e);
-				}
-				
-				//parse response information to authData
-				buildAuthDataFormInterfederationResponse(authdata, session, intfResp);
-								
-			} else {
-				Logger.error("Receive AttributeQuery response-body include no PVP 2.1 response");
-				throw new AttributQueryException("Receive AttributeQuery response-body include no PVP 2.1 response.", null);
+					} catch (Exception e) {
+						Logger.warn("PVP 2.1 assertion validation FAILED.", e);
+						throw new AssertionValidationExeption("PVP 2.1 assertion validation FAILED.", null, e);
+					}
+												
+				} else {
+					Logger.error("Receive AttributeQuery response-body include no PVP 2.1 response");
+					throw new AttributQueryException("Receive AttributeQuery response-body include no PVP 2.1 response.", null);
 				
+				}
 			}
-										 						
+			//parse response information to authData
+			buildAuthDataFormInterfederationResponse(authdata, session, intfResp);			
+			
 		} catch (SOAPException e) {
 			throw new BuildException("builder.06", null, e);
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 0d34fcb87..1e38bd4ff 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -269,7 +269,7 @@ public class DispatcherServlet extends AuthServlet{
 							info = ModulStorage.getModuleByPath(protocolRequest.requestedModule());
 							moduleAction = info.getAction(protocolRequest.requestedAction());
 
-							//create interfederated mOASession
+							//create interfederated MOASession
 							String sessionID = 
 									AuthenticationSessionStoreage.createInterfederatedSession(protocolRequest, true, ssoId);
 							req.getParameterMap().put(PARAM_SESSIONID, sessionID);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
index ee0088576..9aadfdc28 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
@@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.utils;
 import java.util.List;
 
 import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.Attribute;
 import org.opensaml.saml2.core.AuthnContextClassRef;
 import org.opensaml.saml2.core.AuthnStatement;
 import org.opensaml.saml2.core.Response;
@@ -54,6 +55,19 @@ public class AssertionAttributeExtractor {
 			throw new AssertionAttributeExtractorExeption();		
 	}
 
+	public boolean containsAllRequiredAttributes() {
+		//TODO: add default attribute list
+		return containsAllRequiredAttributes(null);
+		
+	}
+	
+	public boolean containsAllRequiredAttributes(List<Attribute> attributs) {		
+		//TODO: add validation		
+		return false;
+		
+	}
+	
+	
 	public String getNameID() throws AssertionAttributeExtractorExeption {		
 		if (assertion.getSubject() != null) {
 			Subject subject = assertion.getSubject();
-- 
cgit v1.2.3


From 90b7f4418ac35fe07a0bccd8aa069a8173881237 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 7 Aug 2014 07:20:27 +0200
Subject: Fix possible classloader problems with TSL library   - exclude sub
 librarys in maven pom file

---
 spss/server/serverlib/pom.xml | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml
index f762ecdf6..3ee362890 100644
--- a/spss/server/serverlib/pom.xml
+++ b/spss/server/serverlib/pom.xml
@@ -144,7 +144,21 @@
 		
 		<dependency>
 			<groupId>iaik</groupId>
-			<artifactId>iaik_tsl</artifactId>			
+			<artifactId>iaik_tsl</artifactId>
+			<exclusions>
+				<exclusion>
+					<artifactId>iaik_pki_module</artifactId>
+					<groupId>iaik</groupId>
+				</exclusion>
+				<exclusion>
+					<artifactId>iaik_ecc_signed</artifactId>
+					<groupId>iaik</groupId>
+				</exclusion>
+				<exclusion>
+					<artifactId>iaik_jce_eval_signed</artifactId>
+					<groupId>iaik</groupId>
+				</exclusion>
+			</exclusions>			
 		</dependency>
 		<dependency>
 			<groupId>iaik</groupId>
-- 
cgit v1.2.3


From 2f4f5750cf0d3fc83793a31017daee331410015a Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 11 Aug 2014 15:31:57 +0200
Subject: Update iaik-TSL library (ETSI TS119612 V1.2.1)

* change Version to 2.0.2
---
 .../java/at/gv/egovernment/moa/util/Constants.java |  6 +--
 pom.xml                                            | 22 ++++++-----
 spss/server/history.txt                            |  6 +++
 spss/server/readme.update.txt                      | 44 ++++++++++++++++++----
 spss/server/serverlib/pom.xml                      |  4 +-
 spss/server/serverws/pom.xml                       |  4 +-
 6 files changed, 63 insertions(+), 23 deletions(-)

diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java
index ed75768ba..8d71f2e84 100644
--- a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java
+++ b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java
@@ -346,7 +346,7 @@ public interface Constants {
 
   /** Local location of the TSL schema definition. */
   public static final String TSL_SCHEMA_LOCATION =
-    SCHEMA_ROOT + "ts_102231v030102_xsd.xsd";	
+    SCHEMA_ROOT + "ts_119612v010201_xsd.xsd";	
 
   /** URI of the TSL SIE namespace. */
   public static final String TSL_SIE_NS_URI =
@@ -357,7 +357,7 @@ public interface Constants {
 
   /** Local location of the TSL SIE schema definition. */
   public static final String TSL_SIE_SCHEMA_LOCATION =
-    SCHEMA_ROOT + "ts_102231v030102_sie_xsd.xsd";
+    SCHEMA_ROOT + "ts_119612v010201_sie_xsd.xsd";
   
   /** URI of the TSL additional types namespace. */
   public static final String TSL_ADDTYPES_NS_URI =
@@ -368,7 +368,7 @@ public interface Constants {
 
   /** Local location of the TSL additional types schema definition. */
   public static final String TSL_ADDTYPES_SCHEMA_LOCATION =
-    SCHEMA_ROOT + "ts_102231v030102_additionaltypes_xsd.xsd";
+    SCHEMA_ROOT + "ts_ts_119612v010201_additionaltypes_xsd.xsd";
   
   /** URI of the XML Encryption namespace. */
   public static final String XENC_NS_URI =
diff --git a/pom.xml b/pom.xml
index 52e2c8570..8d428f062 100644
--- a/pom.xml
+++ b/pom.xml
@@ -14,7 +14,7 @@
         <moa-commons-version>2.0.0</moa-commons-version>
 				<moa-id-version>2.1.1-Snapshot</moa-id-version>
 				<moa-id-proxy-version>2.0.0</moa-id-proxy-version>
-        <moa-spss-version>2.0.1</moa-spss-version>
+        <moa-spss-version>2.0.2</moa-spss-version>
 				<configtool-version>1.1.1-Snapshot</configtool-version>
 				<demo-oa-version>2.0.2</demo-oa-version>
     </properties>
@@ -403,14 +403,23 @@
                 <type>dll</type>
                 <scope>runtime</scope>
             </dependency>
+
+		<dependency>
+			<groupId>javax.xml.bind</groupId>
+    		<artifactId>jaxb-api</artifactId>
+    		<version>2.2.11</version>
+		</dependency>
             
             <!--  TSL  -->
    <dependency>
 			<groupId>iaik</groupId>
 			<artifactId>iaik_tsl</artifactId>
-			<version>1.0</version>
+			<version>1.1</version>
 		</dependency>
-		<dependency>
+		
+
+		
+<!-- 		<dependency>
 			<groupId>iaik</groupId>
 			<artifactId>iaik_util</artifactId>
 			<version>0.23</version>
@@ -420,11 +429,6 @@
 			<artifactId>iaik_xsect_eval</artifactId>
 			<version>1.1709142</version>
 		</dependency>
-		<dependency>
-			<groupId>javax.xml.bind</groupId>
-    		<artifactId>jaxb-api</artifactId>
-    		<version>2.2.11</version>
-		</dependency>
 		<dependency>
 			<groupId>com.sun.xml.bind</groupId>
 			<artifactId>jaxb-impl</artifactId>
@@ -439,7 +443,7 @@
 			<groupId>iaik</groupId>
 		  	<artifactId>iaik_jsse</artifactId>
   			<version>4.4</version>
-		</dependency>
+		</dependency> -->
 		
             <dependency>
                 <groupId>xerces</groupId>
diff --git a/spss/server/history.txt b/spss/server/history.txt
index 2e549f37a..5be2029b4 100644
--- a/spss/server/history.txt
+++ b/spss/server/history.txt
@@ -1,3 +1,9 @@
+##############
+2.0.2
+##############
+- Libraries aktuallisert
+  - iaik-tsl Version 1.1 (Implementiert ETSI TS119612 V1.2.1)
+
 ##############
 2.0.1
 ##############
diff --git a/spss/server/readme.update.txt b/spss/server/readme.update.txt
index c7e6cd9d1..299cbb7b9 100644
--- a/spss/server/readme.update.txt
+++ b/spss/server/readme.update.txt
@@ -1,8 +1,38 @@
+-------------------------------------------------------------------------------
+  Update einer bestehenden MOA-SPSS-Installation auf Version 2.0.2
+-------------------------------------------------------------------------------
+Der Updateprozess auf die MOA-SPSS Version 2.0.2 unterscheidet sich, 
+je nach dem welche welche MOA-SPSS Version aktuell verwendet wird.
 
-======================================================================
-  Update einer bestehenden MOA-SPSS-Installation auf Version 2.0.1
-======================================================================
+--------------------------
+Update von Version 2.0.1
+--------------------------
+1.)	Erstellen Sie eine Sicherungskopie des kompletten Tomcat-Verzeichnisses
+	Ihrer MOA-SPSS-Installation.
+	
+2.)	Entpacken Sie die Datei "moa-spss-2.0.2.zip" in das Verzeichnis MOA_SPSS_INST.
 
+3.) Loeschen Sie das Verzeichnis CATALINA_HOME\webapps\moa-spss.
+
+4.) Ersetzen Sie die Datei CATALINA_HOME\webapps\moa-spss.war durch die Datei 
+	MOA_SPSS_INST\moa-spss.war.
+		
+5.) Loeschen Sie das Verzeichnis CATALINA_HOME\work.
+
+--------------------------
+Update von einer Version < 2.0.1
+--------------------------
+1.) Führen Sie ein Update laut der Beschreibung 
+    "Update einer bestehenden MOA-SPSS-Installation auf Version 2.0.1" durch.
+
+2.) Führen Sie das Update auf die Version 2.0.2 laut 
+    "Update von Version 2.0.1" durch.
+
+
+
+-------------------------------------------------------------------------------
+  Update einer bestehenden MOA-SPSS-Installation auf Version 2.0.1
+-------------------------------------------------------------------------------
 Es gibt zwei Moeglichkeiten (im Folgenden als "Update Variante A" und 
 "Update Variante B" bezeichnet), das Update von MOA-SPSS auf Version
 2.0.1 durchzufuehren. Update Variante A geht dabei den Weg ueber eine 
@@ -18,9 +48,9 @@ CATALINA_HOME bezeichnet das Wurzelverzeichnis der Tomcat-Installation
 MOA_SPSS_INST bezeichnet das Verzeichnis, in das Sie die Datei
 moa-spss-2.0.1.zip entpackt haben.
 
-=================
+--------------------------
 Update Variante A 
-=================
+--------------------------
 
 1.)	Erstellen Sie eine Sicherungskopie des kompletten Tomcat-Verzeichnisses
 	Ihrer MOA-SPSS-Installation.
@@ -46,9 +76,9 @@ Update Variante A
 	Details dazufinden Sie im MOA-SPSS-Installationshandbuch.
 	
 	
-=================
+--------------------------
 Update Variante B 
-=================
+--------------------------
 
 1.)	Erstellen Sie eine Sicherungskopie des kompletten Tomcat-Verzeichnisses
 	Ihrer MOA-SPSS-Installation.
diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml
index 3ee362890..4ba4aa708 100644
--- a/spss/server/serverlib/pom.xml
+++ b/spss/server/serverlib/pom.xml
@@ -160,7 +160,7 @@
 				</exclusion>
 			</exclusions>			
 		</dependency>
-		<dependency>
+<!-- 		<dependency>
 			<groupId>iaik</groupId>
 			<artifactId>iaik_util</artifactId>
 		</dependency>
@@ -183,7 +183,7 @@
 		<dependency>
 			<groupId>iaik</groupId>
 		  	<artifactId>iaik_jsse</artifactId>
-  		</dependency>
+  		</dependency> -->
 		
 		 
 		 
diff --git a/spss/server/serverws/pom.xml b/spss/server/serverws/pom.xml
index 9159242ef..79a16cbb5 100644
--- a/spss/server/serverws/pom.xml
+++ b/spss/server/serverws/pom.xml
@@ -115,7 +115,7 @@
 			<groupId>log4j</groupId>
 			<artifactId>log4j</artifactId>
 		</dependency>
-		<dependency>
+<!-- 		<dependency>
 			<groupId>iaik</groupId>
 			<artifactId>iaik_util</artifactId>
 		</dependency>
@@ -138,7 +138,7 @@
 		<dependency>
 			<groupId>iaik</groupId>
 		  	<artifactId>iaik_jsse</artifactId>
-  		</dependency>	
+  		</dependency>	 -->
 		
         <!-- transitive dependencies we don't want to include into the war -->
         <dependency>
-- 
cgit v1.2.3


From 296ebbfb36ef207abe4611cb8d3727d2f86a692b Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 19 Aug 2014 15:00:17 +0200
Subject: update PVP 2.1 SAML2 bindings

---
 .../id/protocols/pvp2x/binding/PostBinding.java    | 20 ++++++++-------
 .../protocols/pvp2x/binding/RedirectBinding.java   | 20 ++++++++++-----
 .../id/protocols/pvp2x/binding/SoapBinding.java    | 30 +++++++++++++++++++---
 3 files changed, 51 insertions(+), 19 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
index 7f73b1ed7..1a268c812 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
@@ -147,20 +147,22 @@ public class PostBinding implements IDecoder, IEncoder {
 		messageContext
 				.setInboundMessageTransport(new HttpServletRequestAdapter(req));
 		try {
-			decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService()));
-			
+			//set metadata descriptor type
+			if (isSPEndPoint) {
+				messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
+				decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSOPostService()));
+				
+			} else {
+				messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+				decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService()));
+			}
+						
 		} catch (ConfigurationException e) {
 			throw new SecurityException(e);
 		}
 							
 		messageContext.setMetadataProvider(MOAMetadataProvider.getInstance());
-		
-		//set metadata descriptor type
-		if (isSPEndPoint)
-			messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
-		else
-			messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
-		
+				
 		decode.decode(messageContext);
 		
 		InboundMessage msg = null;		
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
index 26f6f3a62..f11561c14 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
@@ -135,18 +135,26 @@ public class RedirectBinding implements IDecoder, IEncoder {
 		HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder(
 				new BasicParserPool());
 		
+		BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
+		messageContext
+				.setInboundMessageTransport(new HttpServletRequestAdapter(req));
+		
 		try {
-			decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSORedirectService()));
+			//set metadata descriptor type
+			if (isSPEndPoint) {
+				messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
+				decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSOPostService()));
+				
+			} else {
+				messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+				decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService()));
+			}
 		
 		} catch (ConfigurationException e) {
 			throw new SecurityException(e);
 			
 		}
-		
-		BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
-		messageContext
-				.setInboundMessageTransport(new HttpServletRequestAdapter(req));
-					
+							
 		messageContext.setMetadataProvider(MOAMetadataProvider.getInstance());
 				
 		SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule(
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
index f0eafe272..a2583c706 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
@@ -33,6 +33,7 @@ import org.opensaml.common.xml.SAMLConstants;
 import org.opensaml.saml2.binding.encoding.HTTPSOAP11Encoder;
 import org.opensaml.saml2.core.RequestAbstractType;
 import org.opensaml.saml2.core.StatusResponseType;
+import org.opensaml.saml2.metadata.SPSSODescriptor;
 import org.opensaml.ws.message.decoder.MessageDecodingException;
 import org.opensaml.ws.message.encoder.MessageEncodingException;
 import org.opensaml.ws.soap.client.BasicSOAPMessageContext;
@@ -52,9 +53,11 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.BindingNotSupportedEx
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessageInterface;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
 import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider;
 import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 public class SoapBinding implements IDecoder, IEncoder {
 
@@ -66,8 +69,10 @@ public class SoapBinding implements IDecoder, IEncoder {
 				new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
 		messageContext
 				.setInboundMessageTransport(new HttpServletRequestAdapter(
-						req));
-		
+						req));		
+		//messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+		messageContext.setMetadataProvider(MOAMetadataProvider.getInstance());
+				
 		soapDecoder.decode(messageContext);
 		
 		Envelope inboundMessage = (Envelope) messageContext
@@ -78,8 +83,25 @@ public class SoapBinding implements IDecoder, IEncoder {
 		
 			if (!xmlElemList.isEmpty()) {
 				SignableXMLObject attrReq = (SignableXMLObject) xmlElemList.get(0);			
-				MOARequest request = new MOARequest(attrReq, getSAML2BindingName());
-				request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
+				MOARequest request = new MOARequest(attrReq, getSAML2BindingName());				
+				
+				if (messageContext.getPeerEntityMetadata() != null)
+					request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
+				
+				else if (attrReq instanceof RequestAbstractType) {
+					RequestAbstractType attributeRequest = (RequestAbstractType) attrReq;
+					try {						
+						if (MiscUtil.isNotEmpty(attributeRequest.getIssuer().getValue()) && 
+								MOAMetadataProvider.getInstance().getRole(
+										attributeRequest.getIssuer().getValue(), 
+										SPSSODescriptor.DEFAULT_ELEMENT_NAME) != null)
+							request.setEntityID(attributeRequest.getIssuer().getValue());
+						
+					} catch (Exception e) {
+						Logger.warn("No Metadata found with EntityID " + attributeRequest.getIssuer().getValue());
+					}					
+				} 
+				
 				request.setVerified(false);			
 				return request;
 						
-- 
cgit v1.2.3


From 1ab0f1d4d991464b906c34befefe2ecaf485d485 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 19 Aug 2014 15:03:42 +0200
Subject: add interfederation without attributequery request which use
 encrypted bPKs  (this functionality is required for federation with USP)

---
 .../at/gv/egovernment/moa/util/Base64Utils.java    |  36 ++-
 .../at/gv/egovernment/moa/util/KeyStoreUtils.java  |  27 +-
 .../id/auth/builder/AuthenticationDataBuilder.java | 355 +++++++++++++--------
 .../moa/id/auth/builder/BPKBuilder.java            |  94 ++++++
 .../exception/DatabaseEncryptionException.java     |  46 +++
 .../id/config/auth/AuthConfigurationProvider.java  |  11 +
 .../moa/id/config/auth/IOAAuthParameters.java      |   4 +
 .../moa/id/config/auth/OAAuthParameter.java        |  36 +++
 .../config/auth/data/BPKDecryptionParameters.java  | 127 ++++++++
 .../config/auth/data/DynamicOAAuthParameters.java  |  10 +
 .../moa/id/data/AuthenticationData.java            |  21 +-
 .../gv/egovernment/moa/id/data/EncryptedbPK.java   |  33 ++
 .../at/gv/egovernment/moa/id/data/IAuthData.java   |   3 +
 .../attributes/EncryptedBPKAttributeBuilder.java   |  70 ++++
 .../MandateFullMandateAttributeBuilder.java        |   7 +-
 .../pvp2x/utils/AssertionAttributeExtractor.java   |  89 +++++-
 .../protocols/saml1/SAML1AuthenticationServer.java |   5 +-
 .../id/storage/AuthenticationSessionStoreage.java  |   4 +-
 .../moa/id/util/AbstractEncrytionUtil.java         | 157 +++++++++
 .../moa/id/util/ConfigurationEncrytionUtil.java    |  71 +++++
 .../moa/id/util/SessionEncrytionUtil.java          | 132 +++-----
 .../moa/id/util/client/mis/simple/MISMandate.java  |  14 +
 .../id/util/client/mis/simple/MISSimpleClient.java |   2 +
 .../src/main/resources/config/moaid_config_2.0.xsd |  28 +-
 24 files changed, 1132 insertions(+), 250 deletions(-)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/DatabaseEncryptionException.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/BPKDecryptionParameters.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/EncryptedbPK.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EncryptedBPKAttributeBuilder.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ConfigurationEncrytionUtil.java

diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java b/common/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java
index 27f12ab0f..66bf50316 100644
--- a/common/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java
+++ b/common/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java
@@ -50,12 +50,12 @@ public class Base64Utils {
    * @return byte[] The raw bytes contained in the <code>base64String</code>.
    * @throws IOException Failed to read the Base64 data.
    */
-  public static byte[] decode(String base64String, boolean ignoreInvalidChars)
+  public static byte[] decode(String base64String, boolean ignoreInvalidChars, String encoding)
     throws IOException {
 
     Base64InputStream in =
       new Base64InputStream(
-        new ByteArrayInputStream(base64String.getBytes("UTF-8")),
+        new ByteArrayInputStream(base64String.getBytes(encoding)),
         ignoreInvalidChars);
     ByteArrayOutputStream out = new ByteArrayOutputStream();
     byte[] bytes = new byte[256];
@@ -64,10 +64,15 @@ public class Base64Utils {
     while ((bytesRead = in.read(bytes)) > 0) {
       out.write(bytes, 0, bytesRead);
     }
-
+    in.close();
+    
     return out.toByteArray();
   }
 
+  public static byte[] decode(String base64String, boolean ignoreInvalidChars) throws IOException {
+	  return decode(base64String, ignoreInvalidChars, "UTF-8");
+  }
+  
   /**
    * Read the bytes encoded in a Base64 encoded <code>String</code> and provide
    * them via an <code>InputStream</code>.
@@ -80,11 +85,12 @@ public class Base64Utils {
    */
   public static InputStream decodeToStream(
     String base64String,
-    boolean ignoreInvalidChars) {
+    boolean ignoreInvalidChars,
+    String encoding) {
 
     try {
       ByteArrayInputStream bin = 
-        new ByteArrayInputStream(base64String.getBytes("UTF-8"));
+        new ByteArrayInputStream(base64String.getBytes(encoding));
       Base64InputStream in = new Base64InputStream(bin, ignoreInvalidChars);
       
       return in;
@@ -94,6 +100,13 @@ public class Base64Utils {
     }
   }
 
+  public static InputStream decodeToStream(
+		    String base64String,
+		    boolean ignoreInvalidChars) {
+	  return decodeToStream(base64String, ignoreInvalidChars, "UTF-8");
+	  
+  }
+  
   /**
    * Convert a byte array to a Base64 encoded <code>String</code>.
    * 
@@ -102,9 +115,16 @@ public class Base64Utils {
    * @throws IOException Failed to write the bytes as Base64 data.
    */
   public static String encode(byte[] bytes) throws IOException {
-    return encode(new ByteArrayInputStream(bytes));
+    return encode(new ByteArrayInputStream(bytes), "UTF-8");
   }
 
+  public static String encode(byte[] bytes, String encoding) throws IOException {
+	    return encode(new ByteArrayInputStream(bytes), encoding);
+	  }
+  
+  public static String encode(InputStream inputStream) throws IOException {
+	  return encode(inputStream, "UTF-8");
+  }
   /**
    * Convert the data contained in the given stream to a Base64 encoded
    * <code>String</code>.
@@ -114,7 +134,7 @@ public class Base64Utils {
    * <code>String</code>.
    * @throws IOException Failed to convert the data in the stream.
    */
-  public static String encode(InputStream inputStream) throws IOException {
+  public static String encode(InputStream inputStream, String encoding) throws IOException {
     ByteArrayOutputStream byteStream = new ByteArrayOutputStream();
     Base64OutputStream base64Stream = new Base64OutputStream(byteStream, "\n".getBytes());
     byte[] bytes = new byte[256];
@@ -127,7 +147,7 @@ public class Base64Utils {
     base64Stream.close();
     inputStream.close();
 
-    return byteStream.toString("UTF-8");
+    return byteStream.toString(encoding);
   }
 
 }
diff --git a/common/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java
index 9db3ca6e3..3d28f4f2b 100644
--- a/common/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java
+++ b/common/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java
@@ -36,9 +36,7 @@ import java.net.URL;
 import java.security.GeneralSecurityException;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
 import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
 
 /**
  * Utility for creating and loading key stores.
@@ -187,16 +185,29 @@ public class KeyStoreUtils {
 		//InputStream is = new FileInputStream(keyStorePath);
 	  	URL keystoreURL = new URL(keyStorePath);
 	    InputStream in = keystoreURL.openStream();
-		InputStream isBuffered = new BufferedInputStream(in);		
+		InputStream isBuffered = new BufferedInputStream(in);				
+		return loadKeyStore(isBuffered, password);
 		
-		isBuffered.mark(1024*1024);
+	}
+	
+	/**
+	 * Loads a keyStore without knowing the keyStore type
+	 * @param in input stream
+	 * @param password Password protecting the keyStore
+	 * @return keyStore loaded
+	 * @throws KeyStoreException thrown if keyStore cannot be loaded
+	 * @throws FileNotFoundException 
+	 * @throws IOException 
+	 */
+public static KeyStore loadKeyStore(InputStream is, String password) throws KeyStoreException, IOException{		
+		is.mark(1024*1024);
 		KeyStore ks = null;
 		try {
 			try {				
-				ks = loadKeyStore(KEYSTORE_TYPE_PKCS12, isBuffered, password);
+				ks = loadKeyStore(KEYSTORE_TYPE_PKCS12, is, password);
 			} catch (IOException e2) {
-				isBuffered.reset();				
-				ks = loadKeyStore(KEYSTORE_TYPE_JKS, isBuffered, password);
+				is.reset();				
+				ks = loadKeyStore(KEYSTORE_TYPE_JKS, is, password);
 			}
 		} catch(Exception e) {			
 			e.printStackTrace();
@@ -205,7 +216,7 @@ public class KeyStoreUtils {
 		return ks;	
 						
 	}
-	
+  
 	
 
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index ddcc6e1d1..3c029f261 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -24,31 +24,35 @@ package at.gv.egovernment.moa.id.auth.builder;
 
 import iaik.x509.X509Certificate;
 
+import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.security.PrivateKey;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Date;
-import java.util.GregorianCalendar;
 import java.util.List;
 
 import javax.naming.ldap.LdapName;
 import javax.naming.ldap.Rdn;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
 
-import org.opensaml.saml2.core.Assertion;
 import org.opensaml.saml2.core.Attribute;
 import org.opensaml.saml2.core.AttributeQuery;
-import org.opensaml.saml2.core.AttributeStatement;
 import org.opensaml.saml2.core.Response;
-import org.opensaml.saml2.core.StatusResponseType;
 import org.opensaml.ws.soap.common.SOAPException;
 import org.opensaml.xml.XMLObject;
 import org.opensaml.xml.security.SecurityException;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 
-import eu.stork.peps.auth.commons.PersonalAttribute;
-import eu.stork.peps.auth.commons.PersonalAttributeList;
-
+import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate;
+import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator;
+import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType;
+import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType;
+import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType.Value;
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
@@ -151,7 +155,6 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 					
 				}				
 			}
-			
 		}
 				
 		InterfederationSessionStore interfIDP = AuthenticationSessionStoreage.searchInterfederatedIDPFORAttributeQueryWithSessionID(session);
@@ -295,9 +298,13 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 					throw new AttributQueryException("Receive AttributeQuery response-body include no PVP 2.1 response.", null);
 				
 				}
+				
+				//create assertion attribute extractor from AttributeQuery response
+				extractor = new AssertionAttributeExtractor(intfResp);
+				
 			}
 			//parse response information to authData
-			buildAuthDataFormInterfederationResponse(authdata, session, intfResp);			
+			buildAuthDataFormInterfederationResponse(authdata, session, extractor, oaParam);			
 			
 		} catch (SOAPException e) {
 			throw new BuildException("builder.06", null, e);
@@ -320,146 +327,242 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 		}
 	}
 	
-	private static void buildAuthDataFormInterfederationResponse(AuthenticationData authData, AuthenticationSession session, 
-			Response intfResp) throws BuildException, AssertionAttributeExtractorExeption {
+	private static void buildAuthDataFormInterfederationResponse(
+			AuthenticationData authData, 
+			AuthenticationSession session, 
+			AssertionAttributeExtractor extractor,
+			IOAAuthParameters oaParam) 
+					throws BuildException, AssertionAttributeExtractorExeption {
 		
 		Logger.debug("Build AuthData from assertion starts ....");
 		
-		Assertion assertion = intfResp.getAssertions().get(0);
+		authData.setFamilyName(extractor.getAttribute(PVPConstants.PRINCIPAL_NAME_NAME));		
+		authData.setGivenName(extractor.getAttribute(PVPConstants.GIVEN_NAME_NAME));		
+		authData.setDateOfBirth(extractor.getAttribute(PVPConstants.BIRTHDATE_NAME));
+		authData.setBPKType(extractor.getAttribute(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME));
+		authData.setCcc(extractor.getAttribute(PVPConstants.EID_ISSUING_NATION_NAME));		
+		authData.setBkuURL(extractor.getAttribute(PVPConstants.EID_CCS_URL_NAME));
+		authData.setIdentificationValue(extractor.getAttribute(PVPConstants.EID_SOURCE_PIN_NAME));		
+		authData.setIdentificationType(extractor.getAttribute(PVPConstants.EID_SOURCE_PIN_TYPE_NAME));
 		
-		if (assertion.getAttributeStatements().size() == 0) {
-			Logger.warn("Can not build AuthData from Assertion. NO Attributes included.");
-			throw new AssertionAttributeExtractorExeption("Can not build AuthData from Assertion. NO Attributes included.", null);
-			
+		if (extractor.containsAttribute(PVPConstants.BPK_NAME)) {
+			String pvpbPK = extractor.getAttribute(PVPConstants.BPK_NAME);				
+			authData.setBPK(pvpbPK.split(":")[1]);
 		}
 		
-		AttributeStatement attrStat = assertion.getAttributeStatements().get(0);
-		for (Attribute attr : attrStat.getAttributes()) {
-			
-			if (attr.getName().equals(PVPConstants.PRINCIPAL_NAME_NAME))
-				authData.setFamilyName(attr.getAttributeValues().get(0).getDOM().getTextContent());
-			
-			if (attr.getName().equals(PVPConstants.GIVEN_NAME_NAME))
-				authData.setGivenName(attr.getAttributeValues().get(0).getDOM().getTextContent());
-			
-			if (attr.getName().equals(PVPConstants.BIRTHDATE_NAME))
-				authData.setDateOfBirth(attr.getAttributeValues().get(0).getDOM().getTextContent());
-			
-			if (attr.getName().equals(PVPConstants.BPK_NAME)) {
-				String pvpbPK = attr.getAttributeValues().get(0).getDOM().getTextContent();				
-				authData.setBPK(pvpbPK.split(":")[1]);
-			}
-			
-			if (attr.getName().equals(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME))
-				authData.setBPKType(attr.getAttributeValues().get(0).getDOM().getTextContent());
-			
-			if (attr.getName().equals(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME))
-				authData.setQAALevel(PVPConstants.STORK_QAA_PREFIX +  
-						attr.getAttributeValues().get(0).getDOM().getTextContent());
-			
-			if (attr.getName().equals(PVPConstants.EID_ISSUING_NATION_NAME))
-				authData.setCcc(attr.getAttributeValues().get(0).getDOM().getTextContent());
+		if (extractor.containsAttribute(PVPConstants.ENC_BPK_LIST_NAME)) {
+			List<String> encbPKList = Arrays.asList(
+					extractor.getAttribute(PVPConstants.ENC_BPK_LIST_NAME).split(";"));							
+			authData.setEncbPKList(encbPKList);			
+			for (String fullEncbPK : encbPKList) {
+				int index = fullEncbPK.indexOf("|");								 
+				if (index >= 0) {
+					String encbPK = fullEncbPK.substring(index+1);
+					String second = fullEncbPK.substring(0, index);					
+					int secIndex = second.indexOf("+");
+					if (secIndex >= 0) {
+						if (oaParam.getTarget().equals(second.substring(secIndex+1))) {
+							Logger.debug("Found encrypted bPK for online-application " 
+									+ oaParam.getPublicURLPrefix()
+									+ " Start decryption process ...");
+							PrivateKey privKey = oaParam.getBPKDecBpkDecryptionKey();
+							if (privKey != null) {
+								try {
+									String bPK = BPKBuilder.decryptBPK(encbPK, oaParam.getTarget(), privKey);
+									if (MiscUtil.isNotEmpty(bPK)) {
+										if (MiscUtil.isEmpty(authData.getBPK())) {
+											authData.setBPK(bPK);
+											authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget());
+											Logger.info("bPK decryption process finished successfully.");
+										}
+																				
+									} else {
+										Logger.error("bPK decryption FAILED.");
+									
+									}
+								} catch (BuildException e) {
+									Logger.error("bPK decryption FAILED.", e);
+									
+								}
+								
+							} else {
+								Logger.info("bPK decryption FAILED, because no valid decryption key is found.");
+								
+							}							
+							
+						} else {
+							Logger.info("Found encrypted bPK but " +
+									"encrypted bPK target does not match to online-application target"); 
+							
+						}
+					}					
+				}							
+			}						
+		}
+		
+		if (MiscUtil.isEmpty(authData.getBPK()) && authData.getEncbPKList().size() == 0) {
+			Logger.error("Federated assertion include no bPK or encrypted bPK");
+			throw new AssertionAttributeExtractorExeption("No " + PVPConstants.BPK_FRIENDLY_NAME
+					+ " or " + PVPConstants.ENC_BPK_LIST_FRIENDLY_NAME);
 			
-			if (attr.getName().equals(PVPConstants.EID_CCS_URL_NAME))
-				authData.setBkuURL(attr.getAttributeValues().get(0).getDOM().getTextContent());
+		}
+		
+		if (extractor.containsAttribute(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME))
+			authData.setQAALevel(PVPConstants.STORK_QAA_PREFIX +  
+					extractor.getAttribute(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME));
+		
+		if (extractor.containsAttribute(PVPConstants.EID_AUTH_BLOCK_NAME)) {
+			try {
+				byte[] authBlock = Base64Utils.decode(extractor.getAttribute(PVPConstants.EID_AUTH_BLOCK_NAME), false);				
+				authData.setAuthBlock(new String(authBlock, "UTF-8"));
 			
-			if (attr.getName().equals(PVPConstants.EID_AUTH_BLOCK_NAME)) {
-				try {
-					byte[] authBlock = Base64Utils.decode(attr.getAttributeValues().get(0).getDOM().getTextContent(), false);				
-					authData.setAuthBlock(new String(authBlock, "UTF-8"));
+			} catch (IOException e) {
+				Logger.error("Received AuthBlock is not valid", e);
 				
-				} catch (IOException e) {
-					Logger.error("Received AuthBlock is not valid", e);
-					
-				}
-			}
-			
-			if (attr.getName().equals(PVPConstants.EID_SIGNER_CERTIFICATE_NAME)) {
-				try {
-					authData.setSignerCertificate(Base64Utils.decode(
-							attr.getAttributeValues().get(0).getDOM().getTextContent(), false));
-					
-				} catch (IOException e) {
-					Logger.error("Received SignerCertificate is not valid", e);
-					
-				}				
-			}
-			
-			if (attr.getName().equals(PVPConstants.EID_SOURCE_PIN_NAME))
-				authData.setIdentificationValue(attr.getAttributeValues().get(0).getDOM().getTextContent());
-			
-			if (attr.getName().equals(PVPConstants.EID_SOURCE_PIN_TYPE_NAME))
-				authData.setIdentificationType(attr.getAttributeValues().get(0).getDOM().getTextContent());
-			
-			if (attr.getName().equals(PVPConstants.EID_IDENTITY_LINK_NAME)) {
-				try {
-					InputStream idlStream = Base64Utils.decodeToStream(attr.getAttributeValues().get(0).getDOM().getTextContent(), false);				
-					IdentityLink idl = new IdentityLinkAssertionParser(idlStream).parseIdentityLink();				
-					authData.setIdentityLink(idl);
-					
-				} catch (ParseException e) {
-					Logger.error("Received IdentityLink is not valid", e);
-					
-				} catch (Exception e) {
-					Logger.error("Received IdentityLink is not valid", e);
-					
-				}
 			}
-							
-			if (attr.getName().equals(PVPConstants.MANDATE_REFERENCE_VALUE_NAME))
-				authData.setMandateReferenceValue(attr.getAttributeValues().get(0).getDOM().getTextContent());
-			
-			
-			if (attr.getName().equals(PVPConstants.MANDATE_FULL_MANDATE_NAME)) {
-				try {
-					byte[] mandate = Base64Utils.decode(
-							attr.getAttributeValues().get(0).getDOM().getTextContent(), false);
-					
-					if (authData.getMISMandate() == null)
-						authData.setMISMandate(new MISMandate());
-					authData.getMISMandate().setMandate(mandate);
+		}
+		
+		if (extractor.containsAttribute(PVPConstants.EID_SIGNER_CERTIFICATE_NAME)) {
+			try {
+				authData.setSignerCertificate(Base64Utils.decode(
+						extractor.getAttribute(PVPConstants.EID_SIGNER_CERTIFICATE_NAME), false));
+				
+			} catch (IOException e) {
+				Logger.error("Received SignerCertificate is not valid", e);
+				
+			}				
+		}
+				
+		if (extractor.containsAttribute(PVPConstants.EID_IDENTITY_LINK_NAME)) {
+			try {
+				InputStream idlStream = Base64Utils.decodeToStream(extractor.getAttribute(PVPConstants.EID_IDENTITY_LINK_NAME), false);				
+				IdentityLink idl = new IdentityLinkAssertionParser(idlStream).parseIdentityLink();				
+				authData.setIdentityLink(idl);
+				
+			} catch (ParseException e) {
+				Logger.error("Received IdentityLink is not valid", e);
+				
+			} catch (Exception e) {
+				Logger.error("Received IdentityLink is not valid", e);
 				
-					authData.setUseMandate(true);
-					
-				} catch (Exception e) {
-					Logger.error("Received Mandate is not valid", e);
-					throw new AssertionAttributeExtractorExeption(PVPConstants.MANDATE_FULL_MANDATE_NAME);
-					
-				}				
 			}
-			
-			if (attr.getName().equals(PVPConstants.MANDATE_PROF_REP_OID_NAME)) {
+		}
+		
+		
+		// set mandate attributes
+		authData.setMandateReferenceValue(extractor.getAttribute(PVPConstants.MANDATE_REFERENCE_VALUE_NAME));
+				
+		if (extractor.containsAttribute(PVPConstants.MANDATE_FULL_MANDATE_NAME)) {
+			try {
+				byte[] mandate = Base64Utils.decode(
+						(extractor.getAttribute(PVPConstants.MANDATE_FULL_MANDATE_NAME)), false);
+				
 				if (authData.getMISMandate() == null)
 					authData.setMISMandate(new MISMandate());
-				authData.getMISMandate().setProfRep(
-						attr.getAttributeValues().get(0).getDOM().getTextContent());
+				authData.getMISMandate().setMandate(mandate);
+				authData.getMISMandate().setFullMandateIncluded(true);				
+				authData.setUseMandate(true);
+								
+			} catch (Exception e) {
+				Logger.error("Received Mandate is not valid", e);
+				throw new AssertionAttributeExtractorExeption(PVPConstants.MANDATE_FULL_MANDATE_NAME);
+				
+			}				
+		}
+
+		//TODO: build short mandate if full mandate is no included.
+		if (authData.getMISMandate() == null && 
+				(extractor.containsAttribute(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME) 
+					|| extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_BPK_NAME)
+					|| extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_NAME)) ) {
+			Logger.info("Federated assertion contains no full mandate. Start short mandate generation process ... ");
+			
+			MISMandate misMandate = new MISMandate();
+			misMandate.setFullMandateIncluded(false);
+			
+			Mandate mandateObject = new Mandate();
+			Mandator mandator = new Mandator();
+			mandateObject.setMandator(mandator);
+			
+			//build legal person short mandate
+			if (extractor.containsAttribute(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME) &&
+					extractor.containsAttribute(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME) &&
+					extractor.containsAttribute(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME)) {				
+				CorporateBodyType legalperson = new CorporateBodyType();
+				IdentificationType legalID = new IdentificationType();
+				Value idvalue = new Value();
+				legalID.setValue(idvalue );
+				legalperson.getIdentification().add(legalID );
+				mandator.setCorporateBody(legalperson );
+				
+				legalperson.setFullName(extractor.getAttribute(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME));
+				legalID.setType(extractor.getAttribute(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME));
+				idvalue.setValue(extractor.getAttribute(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME));
+							
+			//build natural person short mandate
+			} else if ( (extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_NAME) || 
+						extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_BPK_NAME)) &&
+					extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_BIRTHDATE_NAME) &&
+					extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_FAMILY_NAME_NAME) && 
+					extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_GIVEN_NAME_NAME)) {
+				throw new AssertionAttributeExtractorExeption("Federation with short mandates for natural persons are not supported!", null);
+				
+				
+				
+			} else {
+				Logger.error("Short mandate could not generated. Assertion contains not all attributes which are necessary.");
+				throw new AssertionAttributeExtractorExeption("Assertion contains not all attributes which are necessary for mandate generation", null);
 				
-			}
-						
-			if (attr.getName().equals(PVPConstants.EID_STORK_TOKEN_NAME)) {				
-				authData.setStorkAuthnResponse(attr.getAttributeValues().get(0).getDOM().getTextContent());				
-				authData.setForeigner(true);
 			}
 			
-			if (attr.getName().startsWith(PVPConstants.STORK_ATTRIBUTE_PREFIX)) {	
+			try {
+				JAXBContext jc = JAXBContext.newInstance("at.gv.e_government.reference.namespace.mandates._20040701_");
+				Marshaller m = jc.createMarshaller();
+				ByteArrayOutputStream stream = new ByteArrayOutputStream();
+				m.marshal(mandateObject, stream);				
+				misMandate.setMandate(Base64Utils.encode(stream.toByteArray()).getBytes());
+				stream.close();
 				
-				if (authData.getStorkAttributes() == null)
-					authData.setStorkAttributes(new PersonalAttributeList());					
+			} catch (JAXBException e) {
+				Logger.error("Failed to parse short mandate", e);
+				throw new AssertionAttributeExtractorExeption();
+				
+			} catch (IOException e) {				
+				Logger.error("Failed to parse short mandate", e);
+				throw new AssertionAttributeExtractorExeption();
 
-				List<String> storkAttrValues = new ArrayList<String>();
-				storkAttrValues.add(attr.getAttributeValues().get(0).getDOM().getTextContent());
-				PersonalAttribute storkAttr = new PersonalAttribute(attr.getName(), 
-						false, storkAttrValues , "Available");
-				authData.getStorkAttributes().put(attr.getName(), storkAttr );
-				authData.setForeigner(true);
-			}
-						
+			}			
+			authData.setUseMandate(true);
+			
 		}
 		
+
+		if (extractor.containsAttribute(PVPConstants.MANDATE_PROF_REP_OID_NAME)) {
+			if (authData.getMISMandate() == null)
+				authData.setMISMandate(new MISMandate());
+			authData.getMISMandate().setProfRep(
+					extractor.getAttribute(PVPConstants.MANDATE_PROF_REP_OID_NAME));
+			
+		}
+			
+	
+		//set STORK attributes
+		if (extractor.containsAttribute(PVPConstants.EID_STORK_TOKEN_NAME)) {				
+			authData.setStorkAuthnResponse(extractor.getAttribute(PVPConstants.EID_STORK_TOKEN_NAME));				
+			authData.setForeigner(true);
+			
+		}
+	
+		if (!extractor.getSTORKAttributes().isEmpty()) {
+			authData.setStorkAttributes(extractor.getSTORKAttributes());
+			authData.setForeigner(true);
+			
+		}
+				
 		authData.setSsoSession(true);
 		
-		if (assertion.getConditions() != null && assertion.getConditions().getNotOnOrAfter() != null)
-			authData.setSsoSessionValidTo(assertion.getConditions().getNotOnOrAfter().toDate());
+		if (extractor.getFullAssertion().getConditions() != null && extractor.getFullAssertion().getConditions().getNotOnOrAfter() != null)
+			authData.setSsoSessionValidTo(extractor.getFullAssertion().getConditions().getNotOnOrAfter().toDate());
 		
 		//only for SAML1
 		if (PVPConstants.STORK_QAA_1_4.equals(authData.getQAALevel()))
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
index 20641ca7c..b122ba17e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
@@ -46,13 +46,27 @@
 
 package at.gv.egovernment.moa.id.auth.builder;
 
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.MiscUtil;
 
+import java.io.UnsupportedEncodingException;
+import java.security.InvalidKeyException;
 import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
 
 /**
  * Builder for the bPK, as defined in
@@ -135,6 +149,58 @@ public class BPKBuilder {
         }
     }
 
+	public static String encryptBPK(String bpk, String target, PublicKey publicKey) throws BuildException {
+		MiscUtil.assertNotNull(bpk, "BPK");
+		MiscUtil.assertNotNull(publicKey, "publicKey");
+		
+		SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss");
+		if (target.startsWith(Constants.URN_PREFIX_CDID + "+"))
+			target = target.substring((Constants.URN_PREFIX_CDID + "+").length());
+		
+		String input = "V1::urn:publicid:gv.at:cdid+" + target + "::"
+		    + bpk + "::"
+		    + sdf.format(new Date());
+		System.out.println(input);
+		byte[] result;
+		try {
+			byte[] inputBytes = input.getBytes("ISO-8859-1");
+			result = encrypt(inputBytes, publicKey);
+			return new String(Base64Utils.encode(result, "ISO-8859-1")).replaceAll("\r\n", "");
+			
+		} catch (Exception e) {
+			throw new BuildException("bPK encryption FAILED", null, e);
+		}		
+	}
+
+	public static String decryptBPK(String encryptedBpk, String target, PrivateKey privateKey) throws BuildException {
+		MiscUtil.assertNotEmpty(encryptedBpk, "Encrypted BPK");
+		MiscUtil.assertNotNull(privateKey, "Private key");
+		String decryptedString;
+		try {
+			byte[] encryptedBytes = Base64Utils.decode(encryptedBpk, false, "ISO-8859-1");
+			byte[] decryptedBytes = decrypt(encryptedBytes, privateKey);
+			decryptedString = new String(decryptedBytes, "ISO-8859-1");
+			
+		} catch (Exception e) {
+			throw new BuildException("bPK decryption FAILED", null, e);
+		}
+		String tmp = decryptedString.substring(decryptedString.indexOf('+') + 1);
+		String sector = tmp.substring(0, tmp.indexOf("::"));
+		tmp = tmp.substring(tmp.indexOf("::") + 2);
+		String bPK = tmp.substring(0, tmp.indexOf("::"));
+
+		if (target.startsWith(Constants.URN_PREFIX_CDID + "+"))
+			target = target.substring((Constants.URN_PREFIX_CDID + "+").length());
+		
+		if (target.equals(sector))
+			return bPK;
+		
+		else {
+			Logger.error("Decrypted bPK does not match to request bPK target.");
+			return null;
+		}		
+	}
+    
     /**
      * Builds the storkeid from the given parameters.
      *
@@ -214,6 +280,34 @@ public class BPKBuilder {
             throw new BuildException("builder.00", new Object[]{"storkid", ex.toString()}, ex);
         }
     }
+    
+	private static byte[] encrypt(byte[] inputBytes, PublicKey publicKey) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
+		byte[] result;
+		Cipher cipher = null;
+		try {
+			cipher = Cipher.getInstance("RSA/ECB/OAEPPadding"); // try with bouncycastle
+		} catch(NoSuchAlgorithmException e) {
+			cipher = Cipher.getInstance("RSA/ECB/OAEP"); // try with iaik provider
+		}
+		cipher.init(Cipher.ENCRYPT_MODE, publicKey);
+		result = cipher.doFinal(inputBytes);
+		
+		return result;
+	}
+
+	private static byte[] decrypt(byte[] encryptedBytes, PrivateKey privateKey) 
+			throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException{
+		byte[] result;
+		Cipher cipher = null;
+		try {
+			cipher = Cipher.getInstance("RSA/ECB/OAEPPadding"); // try with bouncycastle
+		} catch(NoSuchAlgorithmException e) {
+			cipher = Cipher.getInstance("RSA/ECB/OAEP"); // try with iaik provider
+		}
+		cipher.init(Cipher.DECRYPT_MODE, privateKey);
+		result = cipher.doFinal(encryptedBytes);
+		return result;
+	}
 
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/DatabaseEncryptionException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/DatabaseEncryptionException.java
new file mode 100644
index 000000000..69802d7e6
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/DatabaseEncryptionException.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.exception;
+
+/**
+ * @author tlenz
+ *
+ */
+public class DatabaseEncryptionException extends MOAIDException {
+
+	/**
+	 * 
+	 */
+	private static final long serialVersionUID = 6387519847869308880L;
+
+	/**
+	 * @param messageId
+	 * @param parameters
+	 * @param wrapped
+	 */
+	public DatabaseEncryptionException(String messageId, Object[] parameters,
+			Throwable wrapped) {
+		super(messageId, parameters, wrapped);
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index 6fc1d28c1..a62de27fc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -961,6 +961,17 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
 		  return prop;
   }
   
+  /**
+   * @return
+   */
+  public String getMOAConfigurationEncryptionKey() {
+	  String prop = props.getProperty("configuration.moaconfig.key");  
+	  if (MiscUtil.isEmpty(prop))
+		  return null;
+	  else
+		  return prop;
+  }
+  
   public boolean isIdentityLinkResigning() {
 	  String prop = props.getProperty("configuration.resignidentitylink.active", "false");
 	  return Boolean.valueOf(prop);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java
index 6398de34f..4c6519b57 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java
@@ -22,6 +22,7 @@
  */
 package at.gv.egovernment.moa.id.config.auth;
 
+import java.security.PrivateKey;
 import java.util.List;
 import java.util.Map;
 
@@ -31,6 +32,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
 import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
+import at.gv.egovernment.moa.id.config.auth.data.BPKDecryptionParameters;
 
 /**
  * @author tlenz
@@ -149,4 +151,6 @@ public interface IOAAuthParameters {
 
 	List<String> getTestCredentialOIDs();
 	
+	PrivateKey getBPKDecBpkDecryptionKey();
+	
 }
\ No newline at end of file
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index f58fe2495..673d23373 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -46,11 +46,15 @@
 
 package at.gv.egovernment.moa.id.config.auth;
 
+import java.security.PrivateKey;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
+import org.apache.commons.lang.SerializationUtils;
+
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
 import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
 import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType;
@@ -71,6 +75,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TestCredentials;
 import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
 import at.gv.egovernment.moa.id.config.ConfigurationUtils;
 import at.gv.egovernment.moa.id.config.OAParameter;
+import at.gv.egovernment.moa.id.config.auth.data.BPKDecryptionParameters;
+import at.gv.egovernment.moa.id.data.EncryptedData;
+import at.gv.egovernment.moa.id.util.ConfigurationEncrytionUtil;
 import at.gv.egovernment.moa.id.util.FormBuildUtils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -555,4 +562,33 @@ public List<String> getTestCredentialOIDs() {
 		return null;	
 }
 
+
+/* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBPKDecBpkDecryptionParameters()
+ */
+@Override
+public PrivateKey getBPKDecBpkDecryptionKey() {
+
+	try {		
+		EncryptedData encdata = new EncryptedData(
+			oa_auth.getEncBPKInformation().getBPKDecryption().getKeyInformation(), 
+			oa_auth.getEncBPKInformation().getBPKDecryption().getIv());
+		byte[] serializedData = ConfigurationEncrytionUtil.getInstance().decrypt(encdata);
+		BPKDecryptionParameters data = 
+				(BPKDecryptionParameters) SerializationUtils.deserialize(serializedData);
+		
+		return data.getPrivateKey();
+				
+	} catch (BuildException e) {
+		// TODO Auto-generated catch block
+		Logger.error("Can not decrypt key information for bPK decryption", e);
+		
+	} catch (NullPointerException e) {
+		Logger.error("No keyInformation found for bPK decryption");
+		
+	}	
+	return null;
+	
+}
+
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/BPKDecryptionParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/BPKDecryptionParameters.java
new file mode 100644
index 000000000..787a480f0
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/BPKDecryptionParameters.java
@@ -0,0 +1,127 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.auth.data;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.Serializable;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.Certificate;
+
+import org.apache.commons.lang.SerializationUtils;
+
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.KeyStoreUtils;
+
+
+/**
+ * @author tlenz
+ *
+ */
+public class BPKDecryptionParameters implements Serializable{
+
+	private static final long serialVersionUID = 1L;
+	
+	private byte[] keyStore = null;
+	private String keyStorePassword = null;
+	private String keyAlias = null;
+	private String keyPassword = null;
+	
+	/**
+	 * @return
+	 */
+	public PrivateKey getPrivateKey() {		
+		try {
+			InputStream in = new ByteArrayInputStream(keyStore);
+			KeyStore store = KeyStoreUtils.loadKeyStore(in , keyStorePassword);
+			
+		    char[] chPassword = " ".toCharArray();
+		    if (keyPassword != null)
+		      chPassword = keyPassword.toCharArray();
+		    
+//		    Certificate test = store.getCertificate(keyAlias);
+//		    Base64Utils.encode(test.getPublicKey().getEncoded());
+		    
+			return (PrivateKey) store.getKey(keyAlias, chPassword);
+			
+			
+		} catch (KeyStoreException e) {
+			Logger.error("Can not load private key from keystore.", e);
+			
+		} catch (IOException e) {
+			Logger.error("Can not load private key from keystore.", e);
+			
+		} catch (UnrecoverableKeyException e) {
+			Logger.error("Can not load private key from keystore.", e);
+
+		} catch (NoSuchAlgorithmException e) {
+			Logger.error("Can not load private key from keystore.", e);
+			
+		}
+		
+		return null;		
+	}
+	
+	public byte[] serialize() {
+		return SerializationUtils.serialize(this);
+		
+	}
+
+	/**
+	 * @param keyStore the keyStore to set
+	 */
+	public void setKeyStore(byte[] keyStore) {
+		this.keyStore = keyStore;
+	}
+
+	/**
+	 * @param keyStorePassword the keyStorePassword to set
+	 */
+	public void setKeyStorePassword(String keyStorePassword) {
+		this.keyStorePassword = keyStorePassword;
+	}
+
+	/**
+	 * @param keyAlias the keyAlias to set
+	 */
+	public void setKeyAlias(String keyAlias) {
+		this.keyAlias = keyAlias;
+	}
+
+	/**
+	 * @param keyPassword the keyPassword to set
+	 */
+	public void setKeyPassword(String keyPassword) {
+		this.keyPassword = keyPassword;
+	}
+	
+	
+	
+	
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
index eddf605a6..7dbdcfa52 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
@@ -22,6 +22,7 @@
  */
 package at.gv.egovernment.moa.id.config.auth.data;
 
+import java.security.PrivateKey;
 import java.util.List;
 import java.util.Map;
 
@@ -399,6 +400,15 @@ public class DynamicOAAuthParameters implements IOAAuthParameters {
 		return null;
 	}
 
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBPKDecBpkDecryptionParameters()
+	 */
+	@Override
+	public PrivateKey getBPKDecBpkDecryptionKey() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
 	
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
index 5685977bc..6fd327add 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
@@ -27,6 +27,7 @@ import java.text.DateFormat;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
 import java.util.Date;
+import java.util.List;
 
 import org.w3c.dom.Element;
 
@@ -126,7 +127,9 @@ public class AuthenticationData  implements IAuthData, Serializable {
 	  private byte[] signerCertificate = null;
 	  	  
 	  private String authBlock = null; 
-
+	  private List<String> encbPKList = null;
+	  
+	  
 	  private boolean useMandate = false;
 	  private MISMandate mandate = null;
 	  private String mandateReferenceValue = null;
@@ -672,6 +675,22 @@ public class AuthenticationData  implements IAuthData, Serializable {
 		this.ssoSessionValidTo = ssoSessionValidTo;
 	}
 
+	/**
+	 * @return the encbPKList
+	 */
+	public List<String> getEncbPKList() {
+		return encbPKList;
+	}
+
+	/**
+	 * @param encbPKList the encbPKList to set
+	 */
+	public void setEncbPKList(List<String> encbPKList) {
+		this.encbPKList = encbPKList;
+	}
+	
+	
+
 	
 
 	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/EncryptedbPK.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/EncryptedbPK.java
new file mode 100644
index 000000000..da6840fd7
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/EncryptedbPK.java
@@ -0,0 +1,33 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.data;
+
+/**
+ * @author tlenz
+ *
+ */
+public class EncryptedbPK {
+	private String vkz = null;
+	private String target = null;
+	private String encbPK = null;
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java
index 7e421da0f..8ce33021d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java
@@ -23,6 +23,7 @@
 package at.gv.egovernment.moa.id.data;
 
 import java.util.Date;
+import java.util.List;
 
 import org.w3c.dom.Element;
 
@@ -62,6 +63,8 @@ public interface IAuthData {
 	 
 	 String getBkuURL();
 
+	 List<String> getEncbPKList();
+	 
 	 IdentityLink getIdentityLink();
 	 byte[] getSignerCertificate();
 	 String getAuthBlock();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EncryptedBPKAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EncryptedBPKAttributeBuilder.java
new file mode 100644
index 000000000..b3256ac9a
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EncryptedBPKAttributeBuilder.java
@@ -0,0 +1,70 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes;
+
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.data.IAuthData;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.Constants;
+
+public class EncryptedBPKAttributeBuilder implements IPVPAttributeBuilder {
+	
+	public String getName() {
+		return ENC_BPK_LIST_NAME;
+	}
+	
+	public <ATT> ATT build(OAAuthParameter oaParam, IAuthData authData,
+			IAttributeGenerator<ATT> g) throws AttributeException {
+
+		if (authData.getEncbPKList() != null &&
+				authData.getEncbPKList().size() > 0) {
+			String value = authData.getEncbPKList().get(0);
+			for (int i=1; i<authData.getEncbPKList().size(); i++)
+				value += ";"+authData.getEncbPKList().get(i);			
+			
+			return g.buildStringAttribute(ENC_BPK_LIST_FRIENDLY_NAME, ENC_BPK_LIST_NAME, 
+					value);
+			
+		} 
+		
+		throw new UnavailableAttributeException(ENC_BPK_LIST_NAME);
+		
+//		String encbpk = "XXX01234567890XXX";
+//		String type = "Bereich";
+//		String vkz = "Verfahrenskennzeichen";
+//		
+//		//TODO: implement encrypted bPK support
+//		
+//		Logger.trace("Authenticate user with encrypted bPK " + vkz + "+" + type + "|" + encbpk);
+//		
+//		return g.buildStringAttribute(ENC_BPK_LIST_FRIENDLY_NAME, ENC_BPK_LIST_NAME, 
+//				vkz + "+" + type + "|" + encbpk);
+	}
+	
+	public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+		return g.buildEmptyAttribute(ENC_BPK_LIST_FRIENDLY_NAME, ENC_BPK_LIST_NAME);
+	}
+	
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateFullMandateAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateFullMandateAttributeBuilder.java
index 670398ff6..790c1e8ca 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateFullMandateAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateFullMandateAttributeBuilder.java
@@ -31,6 +31,7 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.DOMUtils;
@@ -44,7 +45,9 @@ public class MandateFullMandateAttributeBuilder implements IPVPAttributeBuilder
 	public <ATT> ATT build(OAAuthParameter oaParam, IAuthData authData,
 			IAttributeGenerator<ATT> g) throws AttributeException {
 		if (authData.isUseMandate()) {
-			if (authData.getMandate() != null) {
+			//only provide full mandate if it is included. 
+			//In case of federation only a short mandate could be include 
+			if (authData.getMandate() != null && authData.getMISMandate().isFullMandateIncluded()) {
 				String fullMandate;
 				try {
 					fullMandate = DOMUtils.serializeNode(authData
@@ -57,6 +60,8 @@ public class MandateFullMandateAttributeBuilder implements IPVPAttributeBuilder
 					Logger.error("Failed to generate Full Mandate", e);
 				}
 			}
+			throw new NoMandateDataAttributeException();
+			
 		}
 		return null;
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
index 9aadfdc28..1c12e7398 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
@@ -22,16 +22,25 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.pvp2x.utils;
 
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 
 import org.opensaml.saml2.core.Assertion;
 import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.AttributeStatement;
 import org.opensaml.saml2.core.AuthnContextClassRef;
 import org.opensaml.saml2.core.AuthnStatement;
 import org.opensaml.saml2.core.Response;
 import org.opensaml.saml2.core.StatusResponseType;
 import org.opensaml.saml2.core.Subject;
 
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -39,6 +48,14 @@ import at.gv.egovernment.moa.util.MiscUtil;
 public class AssertionAttributeExtractor {
 	
 	private Assertion assertion = null;
+	private Map<String, String> attributs = new HashMap<String, String>();
+	private PersonalAttributeList storkAttributes = new PersonalAttributeList();
+		
+	private final List<String> minimalAttributeNameList = Arrays.asList(
+			PVPConstants.PRINCIPAL_NAME_NAME, 
+			PVPConstants.GIVEN_NAME_NAME,
+			PVPConstants.BIRTHDATE_NAME);
+	
 	
 	public AssertionAttributeExtractor(StatusResponseType samlResponse) throws AssertionAttributeExtractorExeption {
 		if (samlResponse != null && samlResponse instanceof Response) {
@@ -49,24 +66,80 @@ public class AssertionAttributeExtractor {
 			else if (assertions.size() > 1)
 				Logger.warn("Found more then ONE PVP2.1 assertions. Only the First is used.");
 			
-			assertion = assertions.get(0);			
-					
+			assertion = assertions.get(0);
+
+			if (assertion.getAttributeStatements() != null &&
+					assertion.getAttributeStatements().size() > 0) {
+				AttributeStatement attrStat = assertion.getAttributeStatements().get(0);
+				for (Attribute attr : attrStat.getAttributes()) {
+					if (attr.getName().startsWith(PVPConstants.STORK_ATTRIBUTE_PREFIX)) {							
+						List<String> storkAttrValues = new ArrayList<String>();
+						storkAttrValues.add(attr.getAttributeValues().get(0).getDOM().getTextContent());
+						PersonalAttribute storkAttr = new PersonalAttribute(attr.getName(), 
+								false, storkAttrValues , "Available");
+						storkAttributes.put(attr.getName(), storkAttr );
+						
+					} else 					
+						attributs.put(attr.getName(), attr.getAttributeValues().get(0).getDOM().getTextContent());
+			}
+				
+			}
+			
+			attributs.put(PVPConstants.ENC_BPK_LIST_NAME, "Test+BF|sKWq790t2mn1Uw7xTMQTu1LNYD1xbhjOpZ7/dO+zvzSZB8eClH0HIoH71YLxktykMor268y0IEG7UgLfs9Zviy/naprdeRhJxgxCFpQJdIlqc1qv4ll8q7Z55Qhge1he8ZYibqylaa7GSOXeoEBcto5LeWd0e6QnI4JgFqwalZlTVY0+2xH2G3cAMX0OGIw5bqqrjL+wl0DztDD610I4oxTtxPzvIX8Jk9wg0Of2RvDfxxj+SSibNS+8+/QOavrQ+iaghOxtPzZQWvW26O1BrFenszCn5J/IrrylKIK6kAi/raBzVnzgKlgmNhaqYZIKeP1Urc2wgXMJGov1R9P6tw==");
+			
 		} else 
 			throw new AssertionAttributeExtractorExeption();		
 	}
 
+	/**
+	 * check attributes from assertion with minimal required attribute list
+	 * @return
+	 */
 	public boolean containsAllRequiredAttributes() {
-		//TODO: add default attribute list
-		return containsAllRequiredAttributes(null);
+		return containsAllRequiredAttributes(minimalAttributeNameList);
 		
 	}
 	
-	public boolean containsAllRequiredAttributes(List<Attribute> attributs) {		
-		//TODO: add validation		
+	/**
+	 * check attributes from assertion with attributeNameList
+	 * bPK or enc_bPK is always needed
+	 * 
+	 * @param List of attributes which are required
+	 * 
+	 * @return
+	 */
+	public boolean containsAllRequiredAttributes(List<String> attributeNameList) {		
+		
+		//first check if a bPK or an encrypted bPK is available
+		if (attributs.containsKey(PVPConstants.ENC_BPK_LIST_NAME) || 
+				(attributs.containsKey(PVPConstants.BPK_NAME) && attributs.containsKey(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME))) {
+			boolean flag = true;
+			for (String attr : attributeNameList) {
+				if (!attributs.containsKey(attr))
+					flag = false;
+			}
+			
+			return flag;
+			
+		}			
 		return false;
 		
 	}
 	
+	public boolean containsAttribute(String attributeName) {
+		return attributs.containsKey(attributeName);
+		
+	}
+	
+	public String getAttribute(String attributeName) {
+		return attributs.get(attributeName);
+		
+	}
+	
+	public PersonalAttributeList getSTORKAttributes() {
+		return storkAttributes;
+	}
+	
 	
 	public String getNameID() throws AssertionAttributeExtractorExeption {		
 		if (assertion.getSubject() != null) {
@@ -113,6 +186,10 @@ public class AssertionAttributeExtractor {
 		throw new AssertionAttributeExtractorExeption("AuthnContextClassRef");		
 	}
 	
+	public Assertion getFullAssertion() {
+		return assertion;
+	}
+	
 	private AuthnStatement getAuthnStatement() throws AssertionAttributeExtractorExeption {
 		List<AuthnStatement> authnList = assertion.getAuthnStatements();
 		if (authnList.size() == 0)
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 08f40f888..fe0d27804 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -208,7 +208,10 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 			if (authData.isUseMandate()) {
 				List<ExtendedSAMLAttribute> oaAttributes = authData.getExtendedSAMLAttributesOA();
 				
-				if (saml1parameter.isProvideFullMandatorData()) {
+				//only provide full mandate if it is included. 
+				//In case of federation only a short mandate could be include 
+				if (saml1parameter.isProvideFullMandatorData() 
+						&& authData.getMISMandate().isFullMandateIncluded()) {
 					
 					try {
 															
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 350c4e9da..a9f5ed60a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -898,7 +898,7 @@ public class AuthenticationSessionStoreage {
 	private static void encryptSession(AuthenticationSession session, AuthenticatedSessionStore dbsession) throws BuildException {
 		byte[] serialized = SerializationUtils.serialize(session);
 		
-		EncryptedData encdata = SessionEncrytionUtil.encrypt(serialized);
+		EncryptedData encdata = SessionEncrytionUtil.getInstance().encrypt(serialized);
 		dbsession.setSession(encdata.getEncData());
 		dbsession.setIv(encdata.getIv());
 	}
@@ -906,7 +906,7 @@ public class AuthenticationSessionStoreage {
 	private static AuthenticationSession decryptSession(AuthenticatedSessionStore dbsession) throws BuildException {
 		EncryptedData encdata = new EncryptedData(dbsession.getSession(),
 				dbsession.getIv());
-		byte[] decrypted = SessionEncrytionUtil.decrypt(encdata);
+		byte[] decrypted = SessionEncrytionUtil.getInstance().decrypt(encdata);
 				
 		return (AuthenticationSession) SerializationUtils.deserialize(decrypted);
 		
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java
new file mode 100644
index 000000000..f246c55e1
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java
@@ -0,0 +1,157 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.util;
+
+import iaik.security.cipher.PBEKey;
+import iaik.security.spec.PBEKeyAndParameterSpec;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.SecureRandom;
+import java.security.spec.InvalidKeySpecException;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.SecretKeySpec;
+
+
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.auth.exception.DatabaseEncryptionException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.data.EncryptedData;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public abstract class AbstractEncrytionUtil {
+	protected static final String CIPHER_MODE = "AES/CBC/PKCS5Padding";
+	protected static final String KEYNAME = "AES";
+
+	private SecretKey secret = null;
+	
+	public AbstractEncrytionUtil() throws DatabaseEncryptionException {
+		initialize(getKey(), getSalt());
+	}
+	
+	protected abstract String getSalt();
+	protected abstract String getKey();
+
+	protected void initialize(String key, String salt) throws DatabaseEncryptionException {
+		try {
+			if (MiscUtil.isNotEmpty(key)) {			
+				if (MiscUtil.isEmpty(salt))
+					salt = "TestSalt";
+			
+				PBEKeySpec keySpec = new PBEKeySpec(key.toCharArray());
+				SecretKeyFactory factory = SecretKeyFactory.getInstance("PKCS#5", "IAIK");
+				PBEKey pbeKey = (PBEKey)factory.generateSecret(keySpec);
+							
+				SecureRandom random = new SecureRandom();
+				KeyGenerator pbkdf2 = KeyGenerator.getInstance("PBKDF2", "IAIK");
+				
+				PBEKeyAndParameterSpec parameterSpec =
+						   new PBEKeyAndParameterSpec(pbeKey.getEncoded(),
+								   					  salt.getBytes(),
+						                              2000,
+						                              16);
+					
+				pbkdf2.init(parameterSpec, random);
+				SecretKey derivedKey = pbkdf2.generateKey();
+				
+				SecretKeySpec spec = new SecretKeySpec(derivedKey.getEncoded(), KEYNAME);
+				SecretKeyFactory kf = SecretKeyFactory.getInstance(KEYNAME, "IAIK");
+				secret = kf.generateSecret(spec);
+				
+			} else {
+				Logger.error("Database encryption can not initialized. No key found!");
+				
+			}
+						
+		} catch (NoSuchAlgorithmException e) {
+			Logger.error("Database encryption can not initialized", e);
+			throw new DatabaseEncryptionException("Database encryption can not initialized", null, e);
+
+		} catch (NoSuchProviderException e) {
+			Logger.error("Database encryption can not initialized", e);
+			throw new DatabaseEncryptionException("Database encryption can not initialized", null, e);
+			
+		} catch (InvalidKeySpecException e) {
+			Logger.error("Database encryption can not initialized", e);
+			throw new DatabaseEncryptionException("Database encryption can not initialized", null, e);
+			
+		} catch (InvalidAlgorithmParameterException e) {
+			Logger.error("Database encryption can not initialized", e);
+			throw new DatabaseEncryptionException("Database encryption can not initialized", null, e);
+			
+		}		
+	}
+	
+	public EncryptedData encrypt(byte[] data) throws BuildException {
+		Cipher cipher;
+		
+		if (secret != null) {
+			try {
+				cipher = Cipher.getInstance(CIPHER_MODE, "IAIK");
+			    cipher.init(Cipher.ENCRYPT_MODE, secret);
+				
+			    Logger.debug("Encrypt MOASession");
+			    
+			    byte[] encdata = cipher.doFinal(data);
+			    byte[] iv = cipher.getIV();
+			    
+			    return new EncryptedData(encdata, iv);
+			    
+			} catch (Exception e) {
+				Logger.warn("MOASession is not encrypted",e);
+				throw new BuildException("MOASession is not encrypted", new Object[]{}, e);
+			}
+		} else
+			return new EncryptedData(data, null);
+	}
+	
+	public byte[] decrypt(EncryptedData data) throws BuildException {
+		Cipher cipher;
+		
+		if (secret != null) {
+			try {
+				IvParameterSpec iv = new IvParameterSpec(data.getIv());
+				
+				cipher = Cipher.getInstance(CIPHER_MODE, "IAIK");
+			    cipher.init(Cipher.DECRYPT_MODE, secret, iv);
+				
+			    Logger.debug("Decrypt MOASession");
+			    return cipher.doFinal(data.getEncData());
+			    
+			} catch (Exception e) {
+				Logger.warn("MOASession is not decrypted",e);
+				throw new BuildException("MOASession is not decrypted", new Object[]{}, e);
+			}
+		} else
+		return data.getEncData();
+	}
+	
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ConfigurationEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ConfigurationEncrytionUtil.java
new file mode 100644
index 000000000..10221604c
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ConfigurationEncrytionUtil.java
@@ -0,0 +1,71 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.util;
+
+import at.gv.egovernment.moa.id.auth.exception.DatabaseEncryptionException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.logging.Logger;
+
+public class ConfigurationEncrytionUtil extends AbstractEncrytionUtil {
+	
+	private static ConfigurationEncrytionUtil instance = null;	
+	private static String key = null;
+	
+	public static ConfigurationEncrytionUtil getInstance() {
+		if (instance == null) {
+			try {
+				key = AuthConfigurationProvider.getInstance().getMOAConfigurationEncryptionKey();			
+				instance =  new ConfigurationEncrytionUtil();
+								
+			} catch (Exception e) {
+				Logger.warn("MOAConfiguration encryption initialization FAILED.", e);
+				
+			}					
+		}
+		return instance;
+	}
+
+	/**
+	 * @throws DatabaseEncryptionException
+	 */
+	private ConfigurationEncrytionUtil() throws DatabaseEncryptionException {
+		super();
+	}
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getSalt()
+	 */
+	@Override
+	protected String getSalt() {
+		return "Configuration-Salt";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getKey()
+	 */
+	@Override
+	protected String getKey() {
+		return key;
+	}
+	
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
index acc2a7273..8660f7c09 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
@@ -22,110 +22,50 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.util;
 
-import iaik.security.cipher.PBEKey;
-import iaik.security.spec.PBEKeyAndParameterSpec;
-
-import java.security.SecureRandom;
-import java.security.spec.KeySpec;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.auth.exception.DatabaseEncryptionException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.data.EncryptedData;
 import at.gv.egovernment.moa.logging.Logger;
 
-public class SessionEncrytionUtil {
-
-	private static final String CIPHER_MODE = "AES/CBC/PKCS5Padding";
-	private static final String KEYNAME = "AES";
-	
-	static private SecretKey secret = null;
+public class SessionEncrytionUtil extends AbstractEncrytionUtil {
 	
-	static {
-		try {
-			String key = AuthConfigurationProvider.getInstance().getMOASessionEncryptionKey();
-			
-			if (key != null) {
-
-					PBEKeySpec keySpec = new PBEKeySpec(key.toCharArray());
-					SecretKeyFactory factory = SecretKeyFactory.getInstance("PKCS#5", "IAIK");
-					PBEKey pbeKey = (PBEKey)factory.generateSecret(keySpec);
-					
-					
-					SecureRandom random = new SecureRandom();
-					KeyGenerator pbkdf2 = KeyGenerator.getInstance("PBKDF2", "IAIK");
-					
-					PBEKeyAndParameterSpec parameterSpec =
-							   new PBEKeyAndParameterSpec(pbeKey.getEncoded(),
-									   					  "TestSALT".getBytes(),
-							                              2000,
-							                              16);
-						
-					pbkdf2.init(parameterSpec, random);
-					SecretKey derivedKey = pbkdf2.generateKey();
-					
-					SecretKeySpec spec = new SecretKeySpec(derivedKey.getEncoded(), KEYNAME);
-					SecretKeyFactory kf = SecretKeyFactory.getInstance(KEYNAME, "IAIK");
-					secret = kf.generateSecret(spec);
-					
-			} else {
-				Logger.warn("MOASession encryption is deaktivated.");
-			}
-			
-		} catch (Exception e) {
-			Logger.warn("MOASession encryption can not be inizialized.", e);
-		}
-		
-	}
+	private static SessionEncrytionUtil instance = null;	
+	private static String key = null;
 	
-	public static EncryptedData encrypt(byte[] data) throws BuildException {
-		Cipher cipher;
-		
-		if (secret != null) {
+	public static SessionEncrytionUtil getInstance() {
+		if (instance == null) {
 			try {
-				cipher = Cipher.getInstance(CIPHER_MODE, "IAIK");
-			    cipher.init(Cipher.ENCRYPT_MODE, secret);
-				
-			    Logger.debug("Encrypt MOASession");
-			    
-			    byte[] encdata = cipher.doFinal(data);
-			    byte[] iv = cipher.getIV();
-			    
-			    return new EncryptedData(encdata, iv);
-			    
+				key = AuthConfigurationProvider.getInstance().getMOASessionEncryptionKey();			
+				instance =  new SessionEncrytionUtil();
+								
 			} catch (Exception e) {
-				Logger.warn("MOASession is not encrypted",e);
-				throw new BuildException("MOASession is not encrypted", new Object[]{}, e);
-			}
-		} else
-			return new EncryptedData(data, null);
+				Logger.warn("MOASession encryption can not be inizialized.", e);
+				
+			}					
+		}
+		return instance;
+	}
+
+	/**
+	 * @throws DatabaseEncryptionException
+	 */
+	private SessionEncrytionUtil() throws DatabaseEncryptionException {
+		super();
 	}
 	
-	public static byte[] decrypt(EncryptedData data) throws BuildException {
-		Cipher cipher;
-		
-		if (secret != null) {
-			try {
-				IvParameterSpec iv = new IvParameterSpec(data.getIv());
-				
-				cipher = Cipher.getInstance(CIPHER_MODE, "IAIK");
-			    cipher.init(Cipher.DECRYPT_MODE, secret, iv);
-				
-			    Logger.debug("Decrypt MOASession");
-			    return cipher.doFinal(data.getEncData());
-			    
-			} catch (Exception e) {
-				Logger.warn("MOASession is not decrypted",e);
-				throw new BuildException("MOASession is not decrypted", new Object[]{}, e);
-			}
-		} else
-		return data.getEncData();
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getSalt()
+	 */
+	@Override
+	protected String getSalt() {
+		return "Session-Salt";
 	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getKey()
+	 */
+	@Override
+	protected String getKey() {
+		return key;
+	}
+	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISMandate.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISMandate.java
index f7785d2c2..20cabaf4d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISMandate.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISMandate.java
@@ -70,6 +70,7 @@ public class MISMandate implements Serializable{
 	private String oid = null;
 	private byte[] mandate = null;
 	private String owBPK = null;
+	private boolean isFullMandateIncluded = false;
 	
 	public String getProfRep() {
   	return oid;
@@ -109,5 +110,18 @@ public class MISMandate implements Serializable{
 		}
 		
 	}
+	/**
+	 * @return the isFullMandateIncluded
+	 */
+	public boolean isFullMandateIncluded() {
+		return isFullMandateIncluded;
+	}
+	/**
+	 * @param isFullMandateIncluded the isFullMandateIncluded to set
+	 */
+	public void setFullMandateIncluded(boolean isFullMandateIncluded) {
+		this.isFullMandateIncluded = isFullMandateIncluded;
+	}
 
+	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
index aaf793987..15b2a89b5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java
@@ -145,6 +145,8 @@ public class MISSimpleClient {
 				
 				//misMandate.setMandate(Base64.decodeBase64(DOMUtils.getText(mandate)));
 				misMandate.setMandate(Base64.decodeBase64(DOMUtils.getText(mandate).getBytes()));
+				misMandate.setFullMandateIncluded(true);
+				
 				foundMandates.add(misMandate);
 			}
 			return foundMandates;
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
index 066967b44..f2f1949cc 100644
--- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
+++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd
@@ -551,6 +551,7 @@
 						<xsd:element ref="OA_SAML1" minOccurs="0"/>
 						<xsd:element ref="OA_PVP2" minOccurs="0"/>
 						<xsd:element ref="OA_OAUTH20" minOccurs="0"/>
+						<xsd:element ref="EncBPKInformation" minOccurs="0" maxOccurs="1"/>
 					</xsd:sequence>
 					<!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" 
 						maxOccurs="1"/ -->
@@ -558,6 +559,31 @@
 			</xsd:element>
 		</xsd:sequence>
 	</xsd:complexType>
+	<xsd:element name="EncBPKInformation">
+		<xsd:complexType>
+			<xsd:sequence>
+				<xsd:element name="bPKDecryption" minOccurs="0" maxOccurs="1">
+					<xsd:complexType>
+						<xsd:sequence>
+							<xsd:element name="keyInformation" type="xsd:base64Binary" minOccurs="1" maxOccurs="1"/>
+							<xsd:element name="iv" type="xsd:base64Binary" minOccurs="1" maxOccurs="1"/>
+							<xsd:element name="keyStoreFileName" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+							<xsd:element name="keyAlias" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+						</xsd:sequence>
+					</xsd:complexType>
+				</xsd:element>
+				<xsd:element name="bPKEncryption" minOccurs="0" maxOccurs="unbounded">
+					<xsd:complexType>
+						<xsd:sequence>
+							<xsd:element name="publicKey" type="xsd:base64Binary" minOccurs="1" maxOccurs="1"/>
+							<xsd:element name="target" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+							<xsd:element name="vkz" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+						</xsd:sequence>
+					</xsd:complexType>
+				</xsd:element>
+			</xsd:sequence>		
+		</xsd:complexType>
+	</xsd:element>
 	<xsd:complexType name="ConnectionParameterServerAuthType">
 		<xsd:sequence>
 			<xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0">
@@ -827,7 +853,7 @@
 			</xsd:sequence>
 			<xsd:attribute name="countryCode" type="CountryCodeType" use="required"/>
 			<xsd:attribute name="URL" type="xsd:anyURI" use="required"/>
-			<xsd:attribute name="supportsXMLSignature" type="xsd:boolean" default="true"></xsd:attribute>
+			<xsd:attribute name="supportsXMLSignature" type="xsd:boolean" default="true"/>
 		</xsd:complexType>
 	</xsd:element>
 	<xsd:element name="STORK">
-- 
cgit v1.2.3


From d4fa369126019a1e41543e99a6beaf8180d3e9d4 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 19 Aug 2014 15:05:01 +0200
Subject: add new OA specific configuration for bPK decryption

---
 .../moa/id/configuration/Constants.java            |   1 +
 .../config/ConfigurationProvider.java              |   5 +
 .../id/configuration/data/oa/OABPKEncryption.java  | 370 +++++++++++++++++++++
 .../configuration/struts/action/EditOAAction.java  |  18 +
 .../utils/ConfigurationEncryptionUtils.java        |  79 +++++
 .../resources/applicationResources_de.properties   |  18 +
 .../resources/applicationResources_en.properties   |  23 +-
 .../src/main/webapp/jsp/editOAGeneral.jsp          |   4 +-
 .../main/webapp/jsp/snippets/OA/bPKDecryption.jsp  |  75 +++++
 9 files changed, 590 insertions(+), 3 deletions(-)
 create mode 100644 id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
 create mode 100644 id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java
 create mode 100644 id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/bPKDecryption.jsp

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
index 567978cae..2f4d700a2 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
@@ -60,6 +60,7 @@ public class Constants {
 	public static final String SESSION_BKUSELECTIONTEMPLATE = "bkuSelectionTemplate";
 	public static final String SESSION_SENDASSERTIONTEMPLATE = "sendAssertionTemplate";
 	public static final String SESSION_SLTRANSFORMATION = "slTransformation";
+	public static final String SESSION_BPKENCRYPTIONDECRYPTION = "bPKEncDec";
 	
 	public static final String SESSION_SLOERROR = "sloerrormessage";
 	public static final String SESSION_SLOSUCCESS = "slosuccessmessage";
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
index bea6220ff..957479b29 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java
@@ -457,6 +457,11 @@ public class ConfigurationProvider {
 		
 	}
 	
+	public String getConfigurationEncryptionKey() {
+		return props.getProperty("general.moaconfig.key");
+				
+	}
+	
 	private void initalPVP2Login() throws ConfigurationException {
 		try {
 					
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
new file mode 100644
index 000000000..6782987e5
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
@@ -0,0 +1,370 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.data.oa;
+
+import java.io.File;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.lang.SerializationUtils;
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.BPKDecryption;
+import at.gv.egovernment.moa.id.commons.db.dao.config.EncBPKInformation;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.auth.data.BPKDecryptionParameters;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.utils.ConfigurationEncryptionUtils;
+import at.gv.egovernment.moa.id.configuration.validation.oa.OAFileUploadValidation;
+import at.gv.egovernment.moa.id.data.EncryptedData;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class OABPKEncryption implements IOnlineApplicationData {
+
+	private static final Logger log = Logger.getLogger(OABPKEncryption.class);
+	
+	private static final String MODULENAME = "bPKEncryptionDecryption";
+	
+	private String keyStorePassword = null;
+	private String keyAlias = null;
+	private String keyPassword = null;
+	
+	private Map<String, byte[]> keyStoreForm = new HashMap<String, byte[]>();
+	
+	private List<File> keyStoreFileUpload = null;
+	private List<String> keyStoreFileUploadContentType = null;
+	private List<String> keyStoreFileUploadFileName  = new ArrayList<String>();;
+	private boolean deletekeyStore = false;
+	private boolean validationError = false;
+	
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#getName()
+	 */
+	@Override
+	public String getName() {
+		// TODO Auto-generated method stub
+		return MODULENAME;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#parse(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+	 */
+	@Override
+	public List<String> parse(OnlineApplication dbOA,
+			AuthenticatedUser authUser, HttpServletRequest request) {
+		AuthComponentOA oaAuth = dbOA.getAuthComponentOA();
+		if (oaAuth != null) {
+			EncBPKInformation bPKEncDec = oaAuth.getEncBPKInformation();
+			if (bPKEncDec != null) {
+				BPKDecryption bPKDec = bPKEncDec.getBPKDecryption();
+				if (bPKDec != null) {
+					keyAlias = bPKDec.getKeyAlias();
+					if (bPKDec.getKeyStoreFileName() != null)
+						keyStoreFileUploadFileName.add(bPKDec.getKeyStoreFileName());
+					
+				}				
+			}						
+		}
+				
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#store(at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+	 */
+	@Override
+	public String store(OnlineApplication dbOA, AuthenticatedUser authUser,
+			HttpServletRequest request) {
+		AuthComponentOA oaAuth = dbOA.getAuthComponentOA();
+		if (oaAuth == null) {
+			oaAuth = new AuthComponentOA();
+			dbOA.setAuthComponentOA(oaAuth);
+			
+		}		
+		EncBPKInformation bPKEncDec = oaAuth.getEncBPKInformation();
+		if (bPKEncDec == null) {
+			bPKEncDec = new EncBPKInformation();
+			oaAuth.setEncBPKInformation(bPKEncDec);
+			
+		}
+				
+		BPKDecryption bPKDec = bPKEncDec.getBPKDecryption();
+		if (bPKDec == null) {
+			bPKDec = new BPKDecryption();
+			bPKEncDec.setBPKDecryption(bPKDec);
+		}
+		
+		if (isDeletekeyStore()) {
+			bPKDec.setIv(null);
+			bPKDec.setKeyAlias(null);
+			bPKDec.setKeyInformation(null);
+			bPKDec.setKeyStoreFileName(null);
+			
+		}
+		
+		BPKDecryptionParameters keyInfo = new BPKDecryptionParameters();
+		if (keyStoreForm != null && keyStoreForm.size() > 0) {			
+			keyInfo.setKeyAlias(keyAlias);
+			keyInfo.setKeyPassword(keyPassword);
+			keyInfo.setKeyStorePassword(keyStorePassword);
+			
+            Iterator<String> interator = keyStoreForm.keySet().iterator();
+            bPKDec.setKeyStoreFileName(interator.next());
+            bPKDec.setKeyAlias(keyAlias);            
+            keyInfo.setKeyStore(keyStoreForm.get(
+                    bPKDec.getKeyStoreFileName()));
+
+            //encrypt key information
+            byte[] serKeyInfo = SerializationUtils.serialize(keyInfo);            
+            try {
+				EncryptedData encryptkeyInfo = ConfigurationEncryptionUtils.getInstance().encrypt(serKeyInfo);
+				bPKDec.setIv(encryptkeyInfo.getIv());
+				bPKDec.setKeyInformation(encryptkeyInfo.getEncData());				
+				
+			} catch (BuildException e) {
+				log.error("Configuration encryption FAILED.", e);
+				return LanguageHelper.getErrorString("error.general.text", request);
+				
+			}
+		}
+		
+		request.getSession().setAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION, null);
+		
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData#validate(at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig, at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser, javax.servlet.http.HttpServletRequest)
+	 */
+	@Override
+	public List<String> validate(OAGeneralConfig general,
+			AuthenticatedUser authUser, HttpServletRequest request) {
+		HttpSession session = request.getSession();
+		List<String> errors = new ArrayList<String>();		
+		
+		String check = null;
+		
+		OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation();		
+        //validate BKU-selection template
+        List<String> templateError = valiator_fileUpload.validate(getKeyStoreFileUploadFileName()
+                , getKeyStoreFileUpload(), "validation.bPKDec.keyStore", keyStoreForm, request);
+        if (templateError != null && templateError.size() == 0) {
+            if (keyStoreForm != null && keyStoreForm.size() > 0) {
+                session.setAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION, keyStoreForm);
+                
+            } else
+            	keyStoreForm = (Map<String, byte[]>) session.getAttribute(Constants.SESSION_BPKENCRYPTIONDECRYPTION);
+
+        } else {
+            errors.addAll(templateError);
+
+        }
+        
+        if (keyStoreForm != null && keyStoreForm.size() > 0) {
+    		check = getKeyStorePassword();
+    		if (MiscUtil.isEmpty(check)) {
+    			log.info("bPK decryption keystore password is empty");
+    			errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.empty", request));
+    			
+    		} else {
+    			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+    				log.warn("bPK decryption keystore password contains potentail XSS characters: " + check);
+    				errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.valid", 
+    						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+    				
+    			}			
+    		}
+    		
+    		check = getKeyAlias();
+    		if (MiscUtil.isEmpty(check)) {
+    			log.info("bPK decryption key alias is empty");
+    			errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.empty", request));
+    			
+    		} else {
+    			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+    				log.warn("bPK decryption key alias contains potentail XSS characters: " + check);
+    				errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.valid", 
+    						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+    				
+    			}			
+    		}
+    		
+    		check = getKeyPassword();
+    		if (MiscUtil.isNotEmpty(check)) {
+    			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+    				log.warn("bPK decryption key password contains potentail XSS characters: " + check);
+    				errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyPassword.valid", 
+    						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+    				
+    			}			
+    		}
+        	        	
+        	BPKDecryptionParameters keyInfo = new BPKDecryptionParameters();
+        	keyInfo.setKeyAlias(keyAlias);
+        	keyInfo.setKeyPassword(keyPassword);
+        	keyInfo.setKeyStorePassword(keyStorePassword);    			
+        	Iterator<String> interator = keyStoreForm.keySet().iterator();
+        	String fileName = interator.next();            
+        	keyInfo.setKeyStore(keyStoreForm.get(fileName));                
+        	if (keyInfo.getPrivateKey() == null) {
+        		log.info("Open keyStore FAILED.");
+        		errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStore.file.valid", request));
+        	
+        	}        	
+        }
+		
+        if (errors.size() > 0) {
+        	validationError = true;
+        	
+        }
+        
+		return errors;
+		
+	}
+
+	/**
+	 * @return the keyStorePassword
+	 */
+	public String getKeyStorePassword() {
+		return keyStorePassword;
+	}
+
+	/**
+	 * @param keyStorePassword the keyStorePassword to set
+	 */
+	public void setKeyStorePassword(String keyStorePassword) {
+		this.keyStorePassword = keyStorePassword;
+	}
+
+	/**
+	 * @return the keyAlias
+	 */
+	public String getKeyAlias() {
+		return keyAlias;
+	}
+
+	/**
+	 * @param keyAlias the keyAlias to set
+	 */
+	public void setKeyAlias(String keyAlias) {
+		this.keyAlias = keyAlias;
+	}
+
+	/**
+	 * @return the keyPassword
+	 */
+	public String getKeyPassword() {
+		return keyPassword;
+	}
+
+	/**
+	 * @param keyPassword the keyPassword to set
+	 */
+	public void setKeyPassword(String keyPassword) {
+		this.keyPassword = keyPassword;
+	}
+
+	/**
+	 * @return the keyStoreFileUpload
+	 */
+	public List<File> getKeyStoreFileUpload() {
+		return keyStoreFileUpload;
+	}
+
+	/**
+	 * @param keyStoreFileUpload the keyStoreFileUpload to set
+	 */
+	public void setKeyStoreFileUpload(List<File> keyStoreFileUpload) {
+		this.keyStoreFileUpload = keyStoreFileUpload;
+	}
+
+	/**
+	 * @return the keyStoreFileUploadContentType
+	 */
+	public List<String> getKeyStoreFileUploadContentType() {
+		return keyStoreFileUploadContentType;
+	}
+
+	/**
+	 * @param keyStoreFileUploadContentType the keyStoreFileUploadContentType to set
+	 */
+	public void setKeyStoreFileUploadContentType(
+			List<String> keyStoreFileUploadContentType) {
+		this.keyStoreFileUploadContentType = keyStoreFileUploadContentType;
+	}
+
+	/**
+	 * @return the keyStoreFileUploadFileName
+	 */
+	public List<String> getKeyStoreFileUploadFileName() {
+		return keyStoreFileUploadFileName;
+	}
+
+	/**
+	 * @param keyStoreFileUploadFileName the keyStoreFileUploadFileName to set
+	 */
+	public void setKeyStoreFileUploadFileName(
+			List<String> keyStoreFileUploadFileName) {
+		this.keyStoreFileUploadFileName = keyStoreFileUploadFileName;
+	}
+
+	/**
+	 * @return the deletekeyStore
+	 */
+	public boolean isDeletekeyStore() {
+		return deletekeyStore;
+	}
+
+	/**
+	 * @param deletekeyStore the deletekeyStore to set
+	 */
+	public void setDeletekeyStore(boolean deletekeyStore) {
+		this.deletekeyStore = deletekeyStore;
+	}
+
+	/**
+	 * @return the validationError
+	 */
+	public boolean isValidationError() {
+		return validationError;
+	}
+	
+	
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
index 9509f9712..3d96cc1e5 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java
@@ -57,6 +57,9 @@ public class EditOAAction extends BasicOAAction {
 		OAAuthenticationData authOA = new OAAuthenticationData();
 		formList.put(authOA.getName(), authOA);
 
+		OABPKEncryption bPKEncDec = new OABPKEncryption();
+		formList.put(bPKEncDec.getName(), bPKEncDec);
+		
 		OASSOConfig ssoOA = new OASSOConfig();
 		formList.put(ssoOA.getName(), ssoOA);
 
@@ -472,4 +475,19 @@ public class EditOAAction extends BasicOAAction {
 		formList.put(formOA.getName(), formOA);
 	}
 
+	/**
+	 * @return the bPK encryption/decryption form
+	 */
+	public OABPKEncryption getBPKEncDecr() {
+		return (OABPKEncryption) formList.get(new OABPKEncryption().getName());
+	}
+
+	/**
+	 * @param bPK encryption/decryption form
+	 *            the bPK encryption/decryption form to set
+	 */
+	public void setBPKEncDecr(OABPKEncryption formOA) {
+		formList.put(formOA.getName(), formOA);
+	}
+	
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java
new file mode 100644
index 000000000..08cd7c59d
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/ConfigurationEncryptionUtils.java
@@ -0,0 +1,79 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.configuration.utils;
+
+import at.gv.egovernment.moa.id.auth.exception.DatabaseEncryptionException;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.util.AbstractEncrytionUtil;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ConfigurationEncryptionUtils extends AbstractEncrytionUtil {
+
+	private static ConfigurationEncryptionUtils instance = null;	
+	private static String key = null;
+	
+	public static ConfigurationEncryptionUtils getInstance() {
+		if (instance == null) {
+			try {
+				key = ConfigurationProvider.getInstance().getConfigurationEncryptionKey();
+				instance =  new ConfigurationEncryptionUtils();
+								
+			} catch (Exception e) {
+				Logger.warn("MOAConfiguration encryption initialization FAILED.", e);
+				
+			}					
+		}
+		return instance;
+	}
+	
+	/**
+	 * @throws DatabaseEncryptionException
+	 */
+	public ConfigurationEncryptionUtils() throws DatabaseEncryptionException {
+		super();
+		
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getSalt()
+	 */
+	@Override
+	protected String getSalt() {
+		return "Configuration-Salt";
+		
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.util.AbstractEncrytionUtil#getKey()
+	 */
+	@Override
+	protected String getKey() {
+		return key;
+		
+	}
+
+}
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
index 2c71d86a5..35ae19f90 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
@@ -200,6 +200,15 @@ webpages.oaconfig.general.bku.sendassertion.header=Send-Assertion Template
 webpages.oaconfig.general.bku.sendassertion.filename=Dateiname
 webpages.oaconfig.general.bku.sendassertion.upload=Neues Template hochladen
 
+webpages.oaconfig.bPKEncDec.header=Fremd-bPK Konfiguration
+webpages.oaconfig.bPKEncDec.keystore.header=KeyStore Konfiguration
+webpages.oaconfig.bPKEncDec.filename=Dateiname
+webpages.oaconfig.bPKEncDec.delete=L\u00F6schen
+webpages.oaconfig.bPKEncDec.upload=KeyStore hochladen
+webpages.oaconfig.bPKEncDec.keyStorePassword=KeyStore Password
+webpages.oaconfig.bPKEncDec.keyAlias=Schl\u00FCsselname
+webpages.oaconfig.bPKEncDec.keyPassword=Schl\u00FCsselpassword
+
 webpages.oaconfig.general.identification=Eindeutiger Identifikatior (PublicURLPrefix)
 webpages.oaconfig.general.mandate.header=Vollmachten
 webpages.oaconfig.general.mandate.profiles=Profile
@@ -449,6 +458,15 @@ validation.general.sendassertion.file.valid=Das Send-Assertion Templates konnte
 validation.general.sendassertion.file.selected=Es kann nur EIN Send-Assertion Template angegeben werden.
 validation.general.testcredentials.oid.valid=Die Testdaten OID {0} ist ung\u00FCltig.
 
+validation.bPKDec.keyStorePassword.empty=Das Password f\u00FCr den KeyStore ist leer.
+validation.bPKDec.keyStorePassword.valid=Das Password f\u00FCr den KeyStore enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.bPKDec.keyAlias.empty=Der Schl\u00FCsselname ist leer.
+validation.bPKDec.keyAlias.valid=Der Schl\u00FCsselname enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.bPKDec.keyPassword.empty=Das Password f\u00FCr den privaten Schl\u00FCssel ist leer.
+validation.bPKDec.keyPassword.valid=Das Password f\u00FCr den privaten Schl\u00FCssel enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.bPKDec.keyStore.filename.valid=Der Dateiname des KeyStores enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.bPKDec.keyStore.file.valid=Der KeyStore konnte nicht geladen oder ge\u00F6ffnet werden. Eventuell sind das Passwort oder der Schl\u00FCsselname nicht korrekt.
+validation.bPKDec.keyStore.file.selected=Es kann nur EIN KeyStore angegeben werden.
 
 validation.stork.cpeps.cc=CPEPS L\u00E4ndercode folgt nicht ISO 3166-2
 validation.stork.cpeps.empty=CPEPS Konfiguration ist unvollst\u00E4ndig
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
index a494ef089..22b063099 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
@@ -196,12 +196,21 @@ webpages.oaconfig.general.testing.oids=Use special test credential OIDs
 
 webpages.oaconfig.general.bku.delete=Remove
 webpages.oaconfig.general.bku.bkuselection.header=CCE-Selection Template
-webpages.oaconfig.general.bku.bkuselection.filename=File name
+webpages.oaconfig.general.bku.bkuselection.filename=Filename
 webpages.oaconfig.general.bku.bkuselection.upload=Upload new template
 webpages.oaconfig.general.bku.sendassertion.header=Send-Assertion Template
-webpages.oaconfig.general.bku.sendassertion.filename=File name
+webpages.oaconfig.general.bku.sendassertion.filename=Filename
 webpages.oaconfig.general.bku.sendassertion.upload=Upload new template
 
+webpages.oaconfig.bPKEncDec.header=Foreign-bPK Configuration
+webpages.oaconfig.bPKEncDec.keystore.header=Keystore configuration
+webpages.oaconfig.bPKEncDec.filename=Filename
+webpages.oaconfig.bPKEncDec.delete=Remove
+webpages.oaconfig.bPKEncDec.upload=Upload new keystore
+webpages.oaconfig.bPKEncDec.keyStorePassword=Keystore password
+webpages.oaconfig.bPKEncDec.keyAlias=Key alias
+webpages.oaconfig.bPKEncDec.keyPassword=Key password
+
 webpages.oaconfig.general.identification=Unique identifier (PublicURLPrefix)
 webpages.oaconfig.general.mandate.header=Mandates
 webpages.oaconfig.general.mandate.profiles=Profile
@@ -447,6 +456,16 @@ validation.general.sendassertion.file.valid=Send-Assertion Templates could not b
 validation.general.sendassertion.file.selected=Only one Send-Assertion Template can be provided.
 validation.general.testcredentials.oid.valid=The OID {0} for test credentials is not a valid.
 
+validation.bPKDec.keyStorePassword.empty=KeyStore password is blank.
+validation.bPKDec.keyStorePassword.valid=The keyStore password contains forbidden characters. The following characters are not allowed\: {0}
+validation.bPKDec.keyAlias.empty=Key alias is blank.
+validation.bPKDec.keyAlias.valid=The key alias contains forbidden characters. The following characters are not allowed\: {0}
+validation.bPKDec.keyPassword.empty=Key password is blank.
+validation.bPKDec.keyPassword.valid=The key password contains forbidden characters. The following characters are not allowed\: {0}
+validation.bPKDec.keyStore.filename.valid=The keyStore filename contains forbidden characters. The following characters are not allowed\: {0}
+validation.bPKDec.keyStore.file.valid=KeyStore can not loaded. Maybe keyStore password or key alias are wrong. 
+validation.bPKDec.keyStore.file.selected=Only one keyStore can be provided.
+
 validation.stork.cpeps.cc=CPEPS country code is not based on 3166-2
 validation.stork.cpeps.empty=CPEPS configuration is incomplete
 validation.stork.cpeps.url=CPEPS URL is invalid
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
index a3541c9a7..c56ad4847 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp
@@ -39,6 +39,8 @@
 					<s:include value="snippets/OA/targetConfiguration.jsp"></s:include>
 		
 					<s:include value="snippets/OA/authentication.jsp"></s:include>
+		
+					<s:include value="snippets/OA/bPKDecryption.jsp"></s:include>
 					
 					<s:include value="snippets/OA/sso.jsp"></s:include>
 					
@@ -82,7 +84,7 @@
 					</div>
 
 					<s:include value="snippets/OA/formCustomization.jsp"></s:include>
-					
+										
 					<s:hidden name="formID" 
 							value="%{formID}"></s:hidden>
 					
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/bPKDecryption.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/bPKDecryption.jsp
new file mode 100644
index 000000000..9f506e7da
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/bPKDecryption.jsp
@@ -0,0 +1,75 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="s" uri="/struts-tags" %>
+
+<html>
+	<div class="oa_config_block">
+		<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.bPKEncDec.header", request) %></h3>
+				
+<!-- 		<div class="oa_protocol_area"> -->
+			<%-- <h4><%=LanguageHelper.getGUIString("webpages.oaconfig.bPKEncDec.keystore.header", request) %></h4> --%>
+			<s:iterator value="%{BPKEncDecr.keyStoreFileUploadFileName}" var="fileNameBKU">
+				<div class="floatClass">
+					<s:label 	key="webpages.oaconfig.bPKEncDec.filename" 
+										value="%{fileNameBKU}"/>									
+					<s:label 	key="webpages.oaconfig.bPKEncDec.keyAlias" 
+										value="%{BPKEncDecr.keyAlias}"/>									
+					<s:checkbox key="webpages.oaconfig.bPKEncDec.delete"
+											labelposition="left"														
+											cssClass="checkbox"
+											name="BPKEncDecr.deletekeyStore"></s:checkbox>
+				</div>
+				<s:if test="BPKEncDecr.validationError">
+ 				<div id="pvp2_certificate_upload">
+					<s:file name="BPKEncDecr.keyStoreFileUpload" key="webpages.oaconfig.bPKEncDec.upload" cssClass="textfield_long"></s:file>					
+						<s:password 	name="BPKEncDecr.keyStorePassword" 												 
+													labelposition="left"
+													key="webpages.oaconfig.bPKEncDec.keyStorePassword"
+													cssClass="textfield_long"
+													showPassword="false">
+						</s:password>
+		
+						<s:textfield 	name="BPKEncDecr.keyAlias" 
+													value="%{BPKEncDecr.keyAlias}" 
+													labelposition="left"
+													key="webpages.oaconfig.bPKEncDec.keyAlias"
+													cssClass="textfield_long">
+						</s:textfield>
+		
+						<s:password 	name="BPKEncDecr.keyPassword" 													 
+													labelposition="left"
+													key="webpages.oaconfig.bPKEncDec.keyPassword"
+													cssClass="textfield_long"
+													showPassword="false">
+						</s:password>
+					</div>
+				</s:if>
+			</s:iterator>
+			<s:if test="BPKEncDecr.keyStoreFileUploadFileName.size() == 0">
+					<div id="pvp2_certificate_upload">
+					<s:file name="BPKEncDecr.keyStoreFileUpload" key="webpages.oaconfig.bPKEncDec.upload" cssClass="textfield_long"></s:file>
+										
+					<s:password 	name="BPKEncDecr.keyStorePassword"  
+												labelposition="left"
+												key="webpages.oaconfig.bPKEncDec.keyStorePassword"
+												cssClass="textfield_long">
+					</s:password>
+		
+					<s:textfield name="BPKEncDecr.keyAlias" 
+												value="%{BPKEncDecr.keyAlias}" 
+												labelposition="left"
+												key="webpages.oaconfig.bPKEncDec.keyAlias"
+												cssClass="textfield_long">
+					</s:textfield>
+		
+					<s:password 	name="BPKEncDecr.keyPassword" 
+												labelposition="left"
+												key="webpages.oaconfig.bPKEncDec.keyPassword"
+												cssClass="textfield_long">
+					</s:password>
+				</div>
+			</s:if>
+<!-- 		</div> -->
+				
+	</div>				
+</html>
\ No newline at end of file
-- 
cgit v1.2.3


From a3e490800378eaaa4d9189bc1d1d606caa8fb41d Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 19 Aug 2014 15:21:50 +0200
Subject: remove debug code

---
 .../moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java     | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
index 1c12e7398..a16fed9cd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
@@ -84,9 +84,7 @@ public class AssertionAttributeExtractor {
 			}
 				
 			}
-			
-			attributs.put(PVPConstants.ENC_BPK_LIST_NAME, "Test+BF|sKWq790t2mn1Uw7xTMQTu1LNYD1xbhjOpZ7/dO+zvzSZB8eClH0HIoH71YLxktykMor268y0IEG7UgLfs9Zviy/naprdeRhJxgxCFpQJdIlqc1qv4ll8q7Z55Qhge1he8ZYibqylaa7GSOXeoEBcto5LeWd0e6QnI4JgFqwalZlTVY0+2xH2G3cAMX0OGIw5bqqrjL+wl0DztDD610I4oxTtxPzvIX8Jk9wg0Of2RvDfxxj+SSibNS+8+/QOavrQ+iaghOxtPzZQWvW26O1BrFenszCn5J/IrrylKIK6kAi/raBzVnzgKlgmNhaqYZIKeP1Urc2wgXMJGov1R9P6tw==");
-			
+						
 		} else 
 			throw new AssertionAttributeExtractorExeption();		
 	}
-- 
cgit v1.2.3


From 9331771b24160e0ee04324576d9f35caf6ac4d79 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 19 Aug 2014 15:23:07 +0200
Subject: Update handbook, demo-configuration and history.txt

---
 id/history.txt                                     |  20 +-
 id/readme_2.1.1.txt                                | 220 +++++++++++++++++++++
 .../moa-id-configtool.properties                   |   2 +
 .../data/deploy/conf/moa-id/moa-id.properties      |   1 +
 .../moa-id-configtool.properties                   |   2 +
 id/server/doc/conf/moa-id/moa-id.properties        |   1 +
 .../doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml |  61 ++++--
 id/server/doc/handbook/config/config.html          |  12 ++
 8 files changed, 296 insertions(+), 23 deletions(-)
 create mode 100644 id/readme_2.1.1.txt

diff --git a/id/history.txt b/id/history.txt
index 8321e2085..a3146066b 100644
--- a/id/history.txt
+++ b/id/history.txt
@@ -1,7 +1,16 @@
 Dieses Dokument zeigt die Veränderungen und Erweiterungen
 von MOA-ID auf.
 
-History MOA-ID:
+Version MOA-ID Release 2.1.1: Änderungen seit Version MOA-ID 2.1.0
+- Neuerungen:
+  - Verarbeitung von verschlüsselten bPKs auf Seiten von MOA-ID-Auth
+   
+- Änderungen
+  - Anpassung VIDP Code für STORK
+  - Anpassung des Codes für IDP Interfederation
+  - Kleinere Bug-Fixes
+
+
 Version MOA-ID Release 2.1.0: Änderungen seit Version MOA-ID 2.0.1
 - Änderungen
   - Anpassung VIDP Code für STORK
@@ -14,6 +23,7 @@ Version MOA-ID Release 2.1.0: 
   - MOA-ID Truststore wird auch für Bezug PVP 2.1 metadaten über https verwendet.
   - Definition neuer Fehlercodes   
 
+
 Version MOA-ID Release 2.0.1: Änderungen seit Version MOA-ID 2.0.0
 - Änderungen:
   - Anpassungen VIDP Code für STORK
@@ -570,7 +580,7 @@ Version MOA-ID 1.2.0d3: 
 Verbesserungen/Erweiterungen:
 - Umstellung von vPK auf bPK; von ZMR auf Stammzahl.
   https://forge.cio.gv.at/bugzilla/show_bug.cgi?id=70
- 
+ 
 - Anpassbare JSP Errorpage und Messagepage für Proxy und Auth 
   Damit die Formatierungen der Benutzermeldungen an die Kundenwünsche 
   und das CI der Kunden angepasst werden können, wird JSP 
@@ -586,7 +596,7 @@ Verbesserungen/Erweiterungen:
   Durch die Angabe des Attributs ‚keyBoxIdentifier’ im Element 
   OnlineApplication eine Auswahl des Schlüsselpaars erfolgen.
   https://forge.cio.gv.at/bugzilla/show_bug.cgi?id=105
- 
+ 
 - Anpassbare JSP Errorpage für MOA-ID Proxy und MOA-ID Auth 
   https://forge.cio.gv.at/bugzilla/show_bug.cgi?id=70
 
@@ -595,8 +605,8 @@ Verbesserungen/Erweiterungen:
   
 - Ergänzung der mitgelieferten Konfiguration 
   (certstore, trustprofiles auch für Testbürgerkarten)
-  https://forge.cio.gv.at/bugzilla/show_bug.cgi?id=120 
- 
+  https://forge.cio.gv.at/bugzilla/show_bug.cgi?id=120 
+ 
 Fixes:
 - Daten die aus MOA-ID-PROXY an eine OA mittels der 
   Authentisierungsvariante ParamAuth weitergegeben werden,  
diff --git a/id/readme_2.1.1.txt b/id/readme_2.1.1.txt
new file mode 100644
index 000000000..44f591bed
--- /dev/null
+++ b/id/readme_2.1.1.txt
@@ -0,0 +1,220 @@
+===============================================================================
+MOA ID Version Release 2.1.1 - Wichtige Informationen zur Installation
+===============================================================================
+
+-------------------------------------------------------------------------------
+A. Neuerungen/Änderungen
+-------------------------------------------------------------------------------
+
+Mit MOA ID Version 2.1.1 wurden folgende Neuerungen eingeführt, die jetzt 
+erstmals in der Veröffentlichung enthalten sind (siehe auch history.txt im 
+gleichen Verzeichnis):
+
+- Neuerungen:
+  - Verarbeitung von verschlüsselten bPKs auf Seiten von MOA-ID-Auth
+   
+- Änderungen
+  - Anpassung VIDP Code für STORK
+  - Anpassung des Codes für IDP Interfederation
+  - Kleinere Bug-Fixes
+    
+-------------------------------------------------------------------------------
+B. Durchführung eines Updates
+-------------------------------------------------------------------------------
+
+Es wird generell eine Neuinstallation lt. Handbuch empfohlen! Dennoch ist auch
+eine Aktualisierung bestehender Installationen möglich. Je nachdem von welcher
+MOA-ID Version ausgegangen wird ergibt sich eine Kombination der nachfolgend angebebenen Updateschritte.
+
+...............................................................................
+B.1 Durchführung eines Updates von Version 2.1.0 auf Version 2.1.1 
+...............................................................................
+ 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird.
+   Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an.
+
+2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.0.zip) in
+   ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST 
+   bezeichnet.
+
+3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth
+   beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps,
+   wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation 
+   für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als 
+   auch das komplette Verzeichnis moa-id-auth.
+
+4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach
+   CATALINA_HOME_ID/webapps.
+   
+5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach
+   CATALINA_HOME_ID/webapps.
+   
+6. Hinzufügen der zusätzlichen Konfigurationsparameter in der 
+   MOA-ID-Configuration Konfigurationsdatei
+   CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties     
+     a.) general.moaconfig.key=.....         (Passwort zum Ver- und 
+         Entschlüsseln von Konfigurationsparametern in der Datenbank)
+
+7. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth
+   Konfigurationsdatei CATALINA_HOME\conf\moa-id\moa-id.properties     
+     a.) configuration.moaconfig.key=.....   (Passwort zum Ver- und 
+         Entschlüsseln von Konfigurationsparametern in der Datenbank)
+        
+8 . Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im
+   Logging von MOA ID beim Einlesen der Konfiguration.
+
+...............................................................................
+B.2 Durchführung eines Updates von Version 2.0.1 auf Version 2.1.0 
+...............................................................................
+ 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird.
+   Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an.
+
+2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.0.zip) in
+   ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST 
+   bezeichnet.
+
+3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth
+   beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps,
+   wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation 
+   für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als 
+   auch das komplette Verzeichnis moa-id-auth.
+
+4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach
+   CATALINA_HOME_ID/webapps.
+   
+5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach
+   CATALINA_HOME_ID/webapps.   
+
+6. Update der STORK Konfiguration
+     a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork
+         in das Verzeichnis CATALINA_HOME\conf\moa-id\stork.
+     b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration ->   
+         2.4 Konfiguration des SamlEngines an.
+         
+7. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Configuration Konfigurationsdatei
+   CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties     
+     a.) general.ssl.certstore=certs/certstore
+     b.) general.ssl.truststore=certs/truststore
+ 
+8. Kopieren des folgenden zusätzlichen Ordners  MOA_ID_AUTH_INST/conf/moa-id-configuration/certs
+   nach CATALINA_HOME\conf\moa-id-configuration\
+   
+9. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei
+   CATALINA_HOME\conf\moa-id\moa-id.properties und Anpassung an das zu verwendeten Schlüsselpaar.     
+     a.) protocols.pvp2.idp.ks.assertion.encryption.alias=pvp_assertion
+         protocols.pvp2.idp.ks.assertion.encryption.keypassword=password
+ 
+10. Kopieren der folgenden zusätzlichen Ordner aus MOA_ID_AUTH_INST/conf/moa-id/
+    nach CATALINA_HOME\conf\moa-id\
+      a.) MOA_ID_AUTH_INST/conf/moa-id/SLTemplates -> CATALINA_HOME\conf\moa-id\    
+      b.) MOA_ID_AUTH_INST/conf/moa-id/htmlTemplates/slo_template.html ->
+          CATALINA_HOME/conf/moa-id/htmlTemplates/slo_template.html
+      
+11. Neuinitialisieren des Datenbank Schema für die MOA-Session. Hierfür stehen 
+    zwei Varianten zur Verfügung.
+      a.) Ändern Sie in der Konfigurationsdatei für das Modul MOA-ID-Auth 
+          CATALINA_HOME\conf\moa-id\moa-id.properties die Zeile 
+               moasession.hibernate.hbm2ddl.auto=update
+          zu
+               moasession.hibernate.hbm2ddl.auto=create
+          Danach werden die Tabellen beim nächsten Startvorgang neu generiert.
+               
+      b.) Löschen Sie alle Tabellen aus dem Datenbank Schema für die MOA-Sessixson 
+          Informationen per Hand. Alle Tabellen werden beim nächsten Start autmatisch neu generiert.   
+       
+12 . Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im
+   Logging von MOA ID beim Einlesen der Konfiguration.
+
+
+...............................................................................
+B.3 Durchführung eines Updates von Version 2.0-RC1  auf Version 2.0.1
+...............................................................................
+
+1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird.
+   Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an.
+
+2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.0.1.zip) in
+   ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST 
+   bezeichnet.
+   Für MOA ID Proxy:
+   Entpacken Sie die Distribution von MOA-ID-Proxy (moa-id-proxy-2.0.1.zip) in
+   ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_PROXY_INST 
+   bezeichnet.
+
+3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth
+   beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps,
+   wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation 
+   für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als 
+   auch das komplette Verzeichnis moa-id-auth.
+
+4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach
+   CATALINA_HOME_ID/webapps.
+
+5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach
+   CATALINA_HOME_ID/webapps.  
+
+6. Update des Cert-Stores.
+   Kopieren Sie den Inhalt des Verzeichnisses
+   MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis
+   CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie 
+   vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann 
+   bejahen sie das.
+
+7. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen 
+   wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile 
+   beibehalten wollen, dann gehen Sie vor, wie in Punkt b).
+
+   a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen:
+
+    1)  Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles.
+    2)  Kopieren Sie das Verzeichnis 
+        MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis 
+        CATALINA_HOME\conf\moa-spss.
+
+   b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie 
+      folgt vor, um die Profile auf den aktuellen Stand zu bringen:
+
+    1)  Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den 
+        entsprechenden Profilen im Verzeichnis 
+        MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren 
+        Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt 
+        der einzelnen Profile aus der Distribution 
+        (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden 
+        Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) 
+        kopieren und dabei die vorhandenen gleichnamigen Zertifikate 
+        überschreiben), also z.B: Kopieren des Inhalts von 
+        MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\
+        MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach 
+        CATALINA_HOME\conf\moa-spss\trustProfiles\
+        MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw.
+           
+8. Update der Default html-Templates für die Bürgerkartenauswahl.
+
+     a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates
+         in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates.         
+     b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates
+         in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. 
+
+9. Update der STORK Konfiguration
+     a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork
+         in das Verzeichnis CATALINA_HOME\conf\moa-id\stork.
+     b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration ->   
+         2.4 Konfiguration des SamlEngines an.
+         
+10. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei
+   CATALINA_HOME\conf\moa-id\moa-id.properties
+     
+     a.) configuration.validation.certificate.QC.ignore=false
+     b.) protocols.pvp2.assertion.encryption.active=false          
+                                    
+11. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im
+   Logging von MOA ID beim Einlesen der Konfiguration.
+
+   
+...............................................................................
+B.4 Durchführung eines Updates von Version <= 1.5.1
+...............................................................................
+
+Bitte führen Sie eine Neuinstallation von MOA ID laut Handbuch durch und passen
+Sie die mitgelieferte Musterkonfiguration entsprechend Ihren Bedürfnissen unter 
+Zuhilfenahme Ihrer bisherigen Konfiguration an.
+
diff --git a/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties b/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties
index db158ed23..7c71fadcb 100644
--- a/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties
+++ b/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties
@@ -13,6 +13,8 @@ general.defaultlanguage=de
 general.ssl.certstore=certs/certstore
 general.ssl.truststore=certs/truststore
 
+general.moaconfig.key=ConfigurationEncryptionKey
+
 ##Mail
 general.mail.host=smtp.localhost...
 #general.mail.host.port=
diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties
index e8a75c348..4290b1985 100644
--- a/id/server/data/deploy/conf/moa-id/moa-id.properties
+++ b/id/server/data/deploy/conf/moa-id/moa-id.properties
@@ -17,6 +17,7 @@ protocols.pvp2.assertion.encryption.active=false
 ##General MOA-ID 2.0 operations
 #MOA-ID 2.0 session information encryption key (PassPhrase)
 configuration.moasession.key=SessionEncryptionKey
+configuration.moaconfig.key=ConfigurationEncryptionKey
 
 #MOA-ID 2.0 Monitoring Servlet
 configuration.monitoring.active=false
diff --git a/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties b/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties
index db158ed23..7c71fadcb 100644
--- a/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties
+++ b/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties
@@ -13,6 +13,8 @@ general.defaultlanguage=de
 general.ssl.certstore=certs/certstore
 general.ssl.truststore=certs/truststore
 
+general.moaconfig.key=ConfigurationEncryptionKey
+
 ##Mail
 general.mail.host=smtp.localhost...
 #general.mail.host.port=
diff --git a/id/server/doc/conf/moa-id/moa-id.properties b/id/server/doc/conf/moa-id/moa-id.properties
index e8a75c348..4290b1985 100644
--- a/id/server/doc/conf/moa-id/moa-id.properties
+++ b/id/server/doc/conf/moa-id/moa-id.properties
@@ -17,6 +17,7 @@ protocols.pvp2.assertion.encryption.active=false
 ##General MOA-ID 2.0 operations
 #MOA-ID 2.0 session information encryption key (PassPhrase)
 configuration.moasession.key=SessionEncryptionKey
+configuration.moaconfig.key=ConfigurationEncryptionKey
 
 #MOA-ID 2.0 Monitoring Servlet
 configuration.monitoring.active=false
diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
index 5aff0d1fa..ef5dc23d2 100644
--- a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
+++ b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
@@ -23,10 +23,7 @@
 
 	<!--Only HTTP-POST binding is only supported for inter PEPS-->
 	<!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
-	<entry key="protocolBinding">HTTP-POST</entry>
-	
-	
-	
+	<entry key="protocolBinding">HTTP-POST</entry>	
 	
 	<!--URI representing the classification of the identifier
 		Allow values: 'entity'.
@@ -36,25 +33,26 @@
 	-->
 	
 	
-	
 	<!-- A friendly name for the attribute that can be displayed to a user -->
 	<entry key="friendlyName">false</entry>
 	
 	<!-- A friendly name for the attribute that can be displayed to a user -->
 	<entry key="isRequired">true</entry>
 	
-	<!--PEPS in the Service Provider's country-->
-	<entry key="requester">http://S-PEPS.gov.xx</entry>
+        <!--PEPS in the Service Provider's country-->
+        <entry key="requester">https://testvidp.buergerkarte.at/moa-id-auth/stork2/SendPEPSAuthnRequest</entry>
 
-	<!--PEPS in the citizen's origin country-->
-	<entry key="responder">http://C-PEPS.gov.xx</entry>
+        <!--PEPS in the citizen's origin country-->
+        <entry key="responder">https://testvidp.buergerkarte.at/moa-id-auth/stork2/SendPEPSAuthnRequest</entry>
 
 	<!--Subject cannot be confirmed on or after this seconds time (positive number)-->
-	<entry key="timeNotOnOrAfter">300</entry>
+	<entry key="timeNotOnOrAfter">600</entry>
 	
 	<!--Validation IP of the response-->
 	<entry key="ipAddrValidation">false</entry>
-	
+
+        <!--One time use-->
+        <entry key="oneTimeUse">true</entry>	
 	
 	<!--Subject Attribute Definitions-->
 	<entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
@@ -73,7 +71,6 @@
 	<entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
 	<entry key="age">http://www.stork.gov.eu/1.0/age</entry>
 	<entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
-  <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
 
 	<entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
 	<entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
@@ -86,10 +83,38 @@
 	
 	<entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
 	<entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
-	<entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
-	<entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
-	<entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
-	<entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
-        <entry key="mandateType">http://www.stork.gov.eu/1.0/mandateType</entry>
-	
+        <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+
+
+        <entry key="diplomaSupplement">http://www.stork.gov.eu/1.0/diplomaSupplement</entry>
+        <entry key="currentStudiesSupplement">http://www.stork.gov.eu/1.0/currentStudiesSupplement</entry>
+        <entry key="isStudent">http://www.stork.gov.eu/1.0/isStudent</entry>
+        <entry key="isAcademicStaff">http://www.stork.gov.eu/1.0/isAcademicStaff</entry>
+        <entry key="isTeacherOf">http://www.stork.gov.eu/1.0/isTeacherOf</entry>
+        <entry key="isCourseCoordinator">http://www.stork.gov.eu/1.0/isCourseCoordinator</entry>
+        <entry key="isAdminStaff">http://www.stork.gov.eu/1.0/isAdminStaff</entry>
+        <entry key="habilitation">http://www.stork.gov.eu/1.0/habilitation</entry>
+        <entry key="Title">http://www.stork.gov.eu/1.0/Title</entry>
+        <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+        <entry key="hasAccountInBank">http://www.stork.gov.eu/1.0/hasAccountInBank</entry>
+        <entry key="isHealthCareProfessional">http://www.stork.gov.eu/1.0/isHealthCareProfessional</entry>
+
+        <entry key="eLPIdentifier">http://www.stork.gov.eu/1.0/eLPIdentifier</entry>
+        <entry key="legalName">http://www.stork.gov.eu/1.0/legalName</entry>
+        <entry key="alternativeName">http://www.stork.gov.eu/1.0/alternativeName</entry>
+        <entry key="type">http://www.stork.gov.eu/1.0/type</entry>
+        <entry key="translatableType">http://www.stork.gov.eu/1.0/translatableType</entry>
+        <entry key="status">http://www.stork.gov.eu/1.0/status</entry>
+        <entry key="activity">http://www.stork.gov.eu/1.0/activity</entry>
+        <entry key="registeredAddress">http://www.stork.gov.eu/1.0/registeredAddress</entry>
+        <entry key="registeredCanonicalAddress">http://www.stork.gov.eu/1.0/registeredCanonicalAddress</entry>
+        <entry key="contactInformation">http://www.stork.gov.eu/1.0/contactInformation</entry>
+        <entry key="LPFiscalNumber">http://www.stork.gov.eu/1.0/LPFiscalNumber</entry>
+        <entry key="mandate">http://www.stork.gov.eu/1.0/mandate</entry>
+	<entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry>
+
+        <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+        <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
+        <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
+
 </properties>
diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html
index 24e80c588..e21aaf421 100644
--- a/id/server/doc/handbook/config/config.html
+++ b/id/server/doc/handbook/config/config.html
@@ -216,6 +216,12 @@
     <td>certs/truststore</td>
     <td>TrustedCACertificates enth&auml;lt das Verzeichnis (relativ zur MOA-ID-Auth Basiskonfigurationsdatei), das jene Zertifikate enth&auml;lt, die als vertrauensw&uuml;rdig betrachtet werden. Im Zuge der &Uuml;berpr&uuml;fung der TLS-Serverzertifikate wird die Zertifikatspfaderstellung an einem dieser Zertifikate beendet. Dieses Verzeichnis wird zur Pr&uuml;fung der SSL Serverzertifikate beim Download von PVP 2.1 Metadaten verwendet.</td>
   </tr>
+  <tr>
+    <td>general.moaconfig.key</td>
+    <td>ConfigurationEncryptionKey</td>
+    <td><p>Passwort zum Verschl&uuml;sseln von Konfigurationsteilen welche in der Datenbank abgelegt werden. Hierbei kann jede beliebige Zeichenfolge aus Buchstaben, Zahlen und Sonderzeichen verwendet werden.</p>
+    <p><strong>Hinweis:</strong> Dieses Passwort muss identisch zu dem im <a href="#basisconfig_moa_id_auth_param_general">Modul MOA-ID-Auth</a> hinterlegten Passwort sein.</p></td>
+  </tr>
   <tr>
     <td>general.userrequests.cleanup.delay</td>
     <td>18</td>
@@ -570,6 +576,12 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-configuration/secure/usermanagementInit
       <td>aX.J47s#bh7</td>
       <td>Passwort zum Verschl&uuml;sseln von personenbezogenen Session Daten die w&auml;hrend eines Anmeldevorgangs und f&uuml;r Single Sign-On in der Datenbank abgelegt werden. Hierbei kann jede beliebige Zeichenfolge aus Buchstaben, Zahlen und Sonderzeichen verwendet werden.</td>
     </tr>
+    <tr>
+      <td>configuration.moaconfig.key</td>
+      <td>ConfigurationEncryptionKey</td>
+      <td><p>Passwort zum Verschl&uuml;sseln von Konfigurationsteilen welche in der Datenbank abgelegt werden. Hierbei kann jede beliebige Zeichenfolge aus Buchstaben, Zahlen und Sonderzeichen verwendet werden.</p>
+      <p><strong>Hinweis:</strong> Dieses Passwort muss identisch zu dem im Modul <a href="#moa_id_config_parameters_generel">MOA-ID-Configuration</a> hinterlegten Passwort sein.</p></td>
+    </tr>
     <tr>
       <td>configuration.monitoring.active</td>
       <td>true / false</td>
-- 
cgit v1.2.3


From 3993a8fab1cc23ac1f5e82da88b7e09e27cac563 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 20 Aug 2014 11:18:52 +0200
Subject: update attribute builder

---
 .../protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java  | 9 ++++++++-
 .../pvp2x/builder/attributes/EIDIdentityLinkBuilder.java         | 5 +++++
 .../pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java | 8 +++++++-
 .../moa/id/protocols/pvp2x/builder/attributes/EIDSourcePIN.java  | 4 ++++
 4 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java
index 3dd1dd064..a38446826 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java
@@ -25,8 +25,10 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 public class BPKAttributeBuilder implements IPVPAttributeBuilder {
 	
@@ -39,9 +41,14 @@ public class BPKAttributeBuilder implements IPVPAttributeBuilder {
 		String bpk = authData.getBPK();
 		String type = authData.getBPKType();
 		
+		if (MiscUtil.isEmpty(bpk))
+			throw new UnavailableAttributeException(BPK_NAME);
+			
 		if (type.startsWith(Constants.URN_PREFIX_WBPK))
 			type = type.substring((Constants.URN_PREFIX_WBPK + "+").length());
-		else if (type.startsWith(Constants.URN_PREFIX_CDID)) type = type.substring((Constants.URN_PREFIX_CDID + "+").length());
+		
+		else if (type.startsWith(Constants.URN_PREFIX_CDID)) 
+			type = type.substring((Constants.URN_PREFIX_CDID + "+").length());
 		
 		if (bpk.length() > BPK_MAX_LENGTH) {
 			bpk = bpk.substring(0, BPK_MAX_LENGTH);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDIdentityLinkBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDIdentityLinkBuilder.java
index e8aeb8fcd..29d6df040 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDIdentityLinkBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDIdentityLinkBuilder.java
@@ -27,6 +27,7 @@ import java.io.IOException;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 
@@ -40,6 +41,10 @@ public class EIDIdentityLinkBuilder implements IPVPAttributeBuilder {
 			IAttributeGenerator<ATT> g) throws AttributeException {
 		try {
 			String ilAssertion = null;
+			
+			if (authData.getIdentityLink() == null)
+				throw new UnavailableAttributeException(EID_IDENTITY_LINK_NAME);
+			
 			ilAssertion = authData.getIdentityLink().getSerializedSamlAssertion();
 			
 			return g.buildStringAttribute(EID_IDENTITY_LINK_FRIENDLY_NAME,
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java
index 7f52e1d47..463658a3d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSectorForIDAttributeBuilder.java
@@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 public class EIDSectorForIDAttributeBuilder implements IPVPAttributeBuilder {
 
@@ -33,8 +35,12 @@ public class EIDSectorForIDAttributeBuilder implements IPVPAttributeBuilder {
 	}
 
 	public <ATT> ATT build(OAAuthParameter oaParam, IAuthData authData,
-			IAttributeGenerator<ATT> g) throws AttributeException {
+			IAttributeGenerator<ATT> g) throws AttributeException {		
 		String bpktype = authData.getBPKType();
+		
+		if (MiscUtil.isEmpty(authData.getBPKType()))
+			throw new UnavailableAttributeException(EID_SECTOR_FOR_IDENTIFIER_NAME);
+				
 		return g.buildStringAttribute(EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME,
 				EID_SECTOR_FOR_IDENTIFIER_NAME, bpktype);
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSourcePIN.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSourcePIN.java
index a8b703fc2..16de43e11 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSourcePIN.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSourcePIN.java
@@ -27,6 +27,7 @@ import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributePolicyException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 public class EIDSourcePIN implements IPVPAttributeBuilder  {
 
@@ -41,6 +42,9 @@ public class EIDSourcePIN implements IPVPAttributeBuilder  {
 			throw new AttributePolicyException(EID_SOURCE_PIN_NAME);
 		
 		else {
+			if (MiscUtil.isEmpty(authData.getIdentificationValue()))
+				throw new UnavailableAttributeException(EID_SOURCE_PIN_NAME);
+			
 			return g.buildStringAttribute(EID_SOURCE_PIN_FRIENDLY_NAME, EID_SOURCE_PIN_NAME, authData.getIdentificationValue());
 		}
 	}
-- 
cgit v1.2.3


From 4e18f04f6956db297e4902fc5c55e920816ef903 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 20 Aug 2014 11:20:20 +0200
Subject: add build process for natural person short mandates in case of IDP
 federation

---
 .../id/auth/builder/AuthenticationDataBuilder.java | 54 ++++++++++++++++++++--
 1 file changed, 49 insertions(+), 5 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 3c029f261..ed2cd3ecb 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -31,7 +31,10 @@ import java.security.PrivateKey;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Date;
+import java.util.Iterator;
 import java.util.List;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
 import javax.naming.ldap.LdapName;
 import javax.naming.ldap.Rdn;
@@ -53,6 +56,9 @@ import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator;
 import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType;
 import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType;
 import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType.Value;
+import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType.FamilyName;
+import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType;
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
@@ -487,7 +493,8 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 			//build legal person short mandate
 			if (extractor.containsAttribute(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME) &&
 					extractor.containsAttribute(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME) &&
-					extractor.containsAttribute(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME)) {				
+					extractor.containsAttribute(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME)) {
+				Logger.debug("Build short mandate for legal person ...");
 				CorporateBodyType legalperson = new CorporateBodyType();
 				IdentificationType legalID = new IdentificationType();
 				Value idvalue = new Value();
@@ -505,10 +512,47 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 					extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_BIRTHDATE_NAME) &&
 					extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_FAMILY_NAME_NAME) && 
 					extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_GIVEN_NAME_NAME)) {
-				throw new AssertionAttributeExtractorExeption("Federation with short mandates for natural persons are not supported!", null);
-				
-				
-				
+				Logger.debug("Build short mandate for natural person ...");
+				PhysicalPersonType physPerson = new PhysicalPersonType();
+				PersonNameType persName = new PersonNameType();				
+				mandator.setPhysicalPerson(physPerson );				
+				physPerson.setName(persName );
+				FamilyName familyName = new FamilyName();
+				persName.getFamilyName().add(familyName );
+				IdentificationType persID = new IdentificationType();
+				physPerson.getIdentification().add(persID );
+				Value idValue = new Value();
+				persID.setValue(idValue );
+				
+				String[] pvp2GivenName = extractor.getAttribute(PVPConstants.MANDATE_NAT_PER_GIVEN_NAME_NAME).split(" ");
+				for(int i=0; i<pvp2GivenName.length; i++)
+					persName.getGivenName().add(pvp2GivenName[i]);				
+				familyName.setValue(extractor.getAttribute(PVPConstants.MANDATE_NAT_PER_FAMILY_NAME_NAME));			
+				physPerson.setDateOfBirth(extractor.getAttribute(PVPConstants.MANDATE_NAT_PER_BIRTHDATE_NAME));
+				
+				if (extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_NAME)) {
+					persID.setType(Constants.URN_PREFIX_BASEID);
+					idValue.setValue(extractor.getAttribute(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_NAME));
+					
+				} else {
+					String[] pvp2bPK = extractor.getAttribute(PVPConstants.MANDATE_NAT_PER_BPK_NAME).split(":");
+					if (pvp2bPK.length == 2) {
+						idValue.setValue(pvp2bPK[1]);
+						
+						Pattern pattern = Pattern.compile(MOAIDAuthConstants.REGEX_PATTERN_TARGET);
+						Matcher matcher = pattern.matcher(pvp2bPK[0]);
+						if (matcher.matches())
+							persID.setType(Constants.URN_PREFIX_CDID + "+" +  pvp2bPK[0]);							
+						else
+							persID.setType(Constants.URN_PREFIX_WBPK + "+" +  pvp2bPK[0]);
+						
+					} else {
+						Logger.warn("Receive mandator bPK from federation with an unsupported format. " + extractor.getAttribute(PVPConstants.MANDATE_NAT_PER_BPK_NAME));
+						throw new AssertionAttributeExtractorExeption("Receive mandator bPK from federation with an unsupported format.");
+						
+					}					
+				}
+										
 			} else {
 				Logger.error("Short mandate could not generated. Assertion contains not all attributes which are necessary.");
 				throw new AssertionAttributeExtractorExeption("Assertion contains not all attributes which are necessary for mandate generation", null);
-- 
cgit v1.2.3


From 1d813a6b91f22fdf53098cc1f0ba59b81f3c5c98 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 20 Aug 2014 11:21:11 +0200
Subject: add SAML1 'PersonData' attribute builder if no identitylink is
 available

---
 .../moa/id/auth/MOAIDAuthConstants.java            |  1 +
 .../protocols/saml1/SAML1AuthenticationServer.java | 93 ++++++++++++++++++----
 2 files changed, 78 insertions(+), 16 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
index 4cec99b9a..db8b4dd80 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
@@ -164,5 +164,6 @@ public interface MOAIDAuthConstants {
 				}
 			});	
   
+  public static final String REGEX_PATTERN_TARGET = "^[A-Za-z]{2}(-.*)?$";
   
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index fe0d27804..7d3c72630 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -22,15 +22,22 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.saml1;
 
+import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.util.List;
 
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.Marshaller;
+import javax.xml.namespace.QName;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.transform.TransformerException;
 
 import org.w3c.dom.Element;
 import org.xml.sax.SAXException;
 
+import com.sun.xml.bind.marshaller.NamespacePrefixMapper;
+
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
 import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
@@ -60,6 +67,11 @@ import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.Constants;
 import at.gv.egovernment.moa.util.DOMUtils;
 import at.gv.egovernment.moa.util.StringUtils;
+import at.gv.util.xsd.persondata.IdentificationType;
+import at.gv.util.xsd.persondata.IdentificationType.Value;
+import at.gv.util.xsd.persondata.PersonNameType;
+import at.gv.util.xsd.persondata.PersonNameType.FamilyName;
+import at.gv.util.xsd.persondata.PhysicalPersonType;
 
 public class SAML1AuthenticationServer extends AuthenticationServer {
 	
@@ -185,26 +197,75 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 			//set prPersion
 			boolean provideStammzahl = saml1parameter.isProvideStammzahl() 
 					|| oaParam.getBusinessService();
-			String prPerson = new PersonDataBuilder().build(authData.getIdentityLink(),
-					provideStammzahl);
 			
-			//set Authblock
-			String authBlock = saml1parameter.isProvideAUTHBlock() ? authData
-					.getAuthBlock() : "";
-					
-			//set IdentityLink for assortion
+			String prPerson = "";
 			String ilAssertion = "";
-			if (saml1parameter.isProvideIdentityLink()) {		
-				ilAssertion = authData.getIdentityLink().getSerializedSamlAssertion();
-					
-				if (!provideStammzahl)
-					ilAssertion = StringUtils.replaceAll(ilAssertion, authData.getIdentityLink()
-							.getIdentificationValue(), "");					
-			}
-
+			if (authData.getIdentityLink() != null) {
+				prPerson = new PersonDataBuilder().build(authData.getIdentityLink(),			
+						provideStammzahl);
 
-			String samlAssertion;
+				//set IdentityLink for assortion				
+				if (saml1parameter.isProvideIdentityLink()) {		
+					ilAssertion = authData.getIdentityLink().getSerializedSamlAssertion();
+						
+					if (!provideStammzahl)
+						ilAssertion = StringUtils.replaceAll(ilAssertion, authData.getIdentityLink()
+								.getIdentificationValue(), "");					
+				}			 
+			} else {
+				Logger.info("No IdentityLink available! Build attribute 'PersonDate' from givenname, familyname and dateofbirth. ");
+				PhysicalPersonType person = new PhysicalPersonType();
+				PersonNameType name = new PersonNameType();
+				person.setName(name);				
+				FamilyName familyName = new FamilyName();
+				name.getFamilyName().add(familyName );
+				IdentificationType id = new IdentificationType();
+				person.getIdentification().add(id );
+				Value value = new Value();
+				id.setValue(value  );
+				
+				id.setType(Constants.URN_PREFIX_BASEID);
+				value.setValue("");				
+				familyName.setValue(authData.getFamilyName());
+				familyName.setPrimary("undefined");
+				name.getGivenName().add(authData.getGivenName());
+				person.setDateOfBirth(authData.getFormatedDateOfBirth());
+							
+				JAXBContext jc = JAXBContext.newInstance("at.gv.util.xsd.persondata");
+				Marshaller m = jc.createMarshaller();
+				m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
+				
+				m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() {
+		            public String getPreferredPrefix(String arg0, String arg1, boolean arg2) {
+		            	if (Constants.PD_NS_URI.equals(arg0))
+		            		return Constants.PD_PREFIX;
+		            	else
+		            		return arg1;
+		            }
+		        });
+				
+				ByteArrayOutputStream stream = new ByteArrayOutputStream();
+				m.marshal(
+						new JAXBElement<PhysicalPersonType>(new QName(Constants.PD_NS_URI,"Person"), PhysicalPersonType.class, person), 
+						stream);				
+				prPerson = StringUtils.removeXMLDeclaration(new String(stream.toByteArray(), "UTF-8"));
+				stream.close();
+				
+				
+				
+			}
+			
+			//set Authblock
+			String authBlock = "";
+			if (authData.getAuthBlock() != null) {
+				authBlock = saml1parameter.isProvideAUTHBlock() ? authData.getAuthBlock() : "";
+				
+			} else {
+				Logger.info("\"provideAuthBlock\" is \"true\", but no authblock available");
+				
+			}
 			
+			String samlAssertion;			
 			if (authData.isUseMandate()) {
 				List<ExtendedSAMLAttribute> oaAttributes = authData.getExtendedSAMLAttributesOA();
 				
-- 
cgit v1.2.3


From 7af9d603860dab1b618de7981ae3f0a27ea130db Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 20 Aug 2014 16:47:11 +0200
Subject: solve SLO bug

---
 .../moa/id/demoOA/servlet/pvp2/SingleLogOut.java   | 26 ++++++----------------
 .../protocols/pvp2x/binding/RedirectBinding.java   |  8 +++----
 2 files changed, 11 insertions(+), 23 deletions(-)

diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java
index 11cc020ff..b87865989 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java
@@ -43,6 +43,7 @@ import org.opensaml.common.binding.BasicSAMLMessageContext;
 import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 import org.opensaml.common.xml.SAMLConstants;
 import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
+import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder;
 import org.opensaml.saml2.core.AuthnContextClassRef;
 import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
 import org.opensaml.saml2.core.AuthnRequest;
@@ -163,7 +164,7 @@ public class SingleLogOut extends HttpServlet {
 					idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleLogoutServices()) {
 				
 				//Get the service address for the binding you wish to use
-				if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { 
+				if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { 
 					redirectEndpoint = sss;  
 				}  
 			}
@@ -182,28 +183,15 @@ public class SingleLogOut extends HttpServlet {
 			signer.setSigningCredential(authcredential);
 			sloReq.setSignature(signer);
 
-			//generate Http-POST Binding message
-			VelocityEngine engine = new VelocityEngine();
-			engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
-			engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
-			engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
-			engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
-			engine.setProperty("classpath.resource.loader.class",
-					"org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
-			engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
-					"org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
-			engine.init();
-
-			HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
-					"templates/pvp_postbinding_template.html");
+			HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
 			HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
-					response, true);
+					response
+					, true);
 			BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
 			SingleSignOnService service = new SingleSignOnServiceBuilder()
 					.buildObject();
-			service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
-			service.setLocation(redirectEndpoint.getLocation());;
-			
+			service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+			service.setLocation(redirectEndpoint.getLocation());
 			context.setOutboundSAMLMessageSigningCredential(authcredential);
 			context.setPeerEntityEndpoint(service);
 			context.setOutboundSAMLMessage(sloReq);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
index f11561c14..587d8e935 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
@@ -143,11 +143,11 @@ public class RedirectBinding implements IDecoder, IEncoder {
 			//set metadata descriptor type
 			if (isSPEndPoint) {
 				messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
-				decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSOPostService()));
+				decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSORedirectService()));
 				
 			} else {
 				messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
-				decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService()));
+				decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSORedirectService()));
 			}
 		
 		} catch (ConfigurationException e) {
@@ -206,8 +206,8 @@ public class RedirectBinding implements IDecoder, IEncoder {
 	}
 
 	public boolean handleDecode(String action, HttpServletRequest req) {
-		return (action.equals(PVP2XProtocol.REDIRECT) && req.getMethod()
-				.equals("GET"));
+		return ((action.equals(PVP2XProtocol.REDIRECT) || action.equals(PVP2XProtocol.SINGLELOGOUT)) 
+				&& req.getMethod().equals("GET"));
 	}
 	
 	public String getSAML2BindingName() {
-- 
cgit v1.2.3


From 559437f6cf63836f0698ea74f003f481eb7bf29d Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 20 Aug 2014 16:47:39 +0200
Subject: update SecurityLayer Template

---
 id/server/auth/src/main/webapp/template_localBKU.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/id/server/auth/src/main/webapp/template_localBKU.html b/id/server/auth/src/main/webapp/template_localBKU.html
index f197d2c5c..88fad25ae 100644
--- a/id/server/auth/src/main/webapp/template_localBKU.html
+++ b/id/server/auth/src/main/webapp/template_localBKU.html
@@ -11,7 +11,7 @@
 		</script>
 	</head>
 	<body onLoad="onAnmeldeSubmit()">	   
-		<form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">
+		<form target=<REDIRECTTARGET> name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">
 			Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier: 
      		<input class="button" type="submit" value="Starte Anmeldung" name="Senden">
 			<input type="hidden" name="XMLRequest" value="<XMLRequest>">
-- 
cgit v1.2.3


From f9d3790bf9f53fe8b441aa58377101ddcad2597c Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 20 Aug 2014 16:48:09 +0200
Subject: update handbook and defaultconfig

---
 .../conf/moa-id-oa/keys/Metadata_Signing.cer       |  24 +++
 id/server/data/deploy/tomcat/unix/tomcat-start.sh  |   2 +-
 id/server/data/deploy/tomcat/win32/startTomcat.bat |   4 +-
 .../transforms/TransformsInfoAuthBlockTable_DE.xml | 161 +++++++++++++++++++++
 .../transforms/TransformsInfoAuthBlockTable_EN.xml | 161 +++++++++++++++++++++
 5 files changed, 349 insertions(+), 3 deletions(-)
 create mode 100644 id/server/data/deploy/conf/moa-id-oa/keys/Metadata_Signing.cer
 create mode 100644 id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE.xml
 create mode 100644 id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_EN.xml

diff --git a/id/server/data/deploy/conf/moa-id-oa/keys/Metadata_Signing.cer b/id/server/data/deploy/conf/moa-id-oa/keys/Metadata_Signing.cer
new file mode 100644
index 000000000..bd9640b37
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id-oa/keys/Metadata_Signing.cer
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
+BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
+MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
+CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
+MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
+ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
+tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
+O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
+zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
+ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
+BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
+ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
+dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
+TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
++uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
+p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
+oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
+tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
+Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/tomcat/unix/tomcat-start.sh b/id/server/data/deploy/tomcat/unix/tomcat-start.sh
index 10bade1bd..59cf2d0a9 100644
--- a/id/server/data/deploy/tomcat/unix/tomcat-start.sh
+++ b/id/server/data/deploy/tomcat/unix/tomcat-start.sh
@@ -18,7 +18,7 @@ PROXY_OPT=-Dmoa.id.proxy.configuration=$CATALINA_BASE/conf/moa-id-proxy/MOAIDCon
 #TRUST_STORE_PASS_OPT=-Djavax.net.ssl.trustStorePassword=changeit
 #TRUST_STORE_TYPE_OPT=-Djavax.net.ssl.trustStoreType=jks
 
-export CATALINA_OPTS="$CONFIG_OPT $LOGGING_OPT $SPSS_OPT $TRUST_STORE_OPT $TRUST_STORE_PASS_OPT $TRUST_STORE_TYPE_OPT $CONFIGTOOL_OPT $DEMOOA_OPT $STORK_OPT $PROXY_OPT"
+export CATALINA_OPTS="$CONFIG_OPT $LOGGING_OPT $SPSS_OPT $TRUST_STORE_OPT $TRUST_STORE_PASS_OPT $TRUST_STORE_TYPE_OPT $CONFIGTOOL_OPT $DEMOOA_OPT $STORK_OPT $PROXY_OPT -Xms512m -Xmx1536m -XX:PermSize=256m"
 
 echo CATALINA_HOME: $CATALINA_HOME
 echo CATALINA_BASE: $CATALINA_BASE
diff --git a/id/server/data/deploy/tomcat/win32/startTomcat.bat b/id/server/data/deploy/tomcat/win32/startTomcat.bat
index 7730137c5..8d6d670bc 100644
--- a/id/server/data/deploy/tomcat/win32/startTomcat.bat
+++ b/id/server/data/deploy/tomcat/win32/startTomcat.bat
@@ -17,8 +17,8 @@ set CONFIGTOOL_OPT=-Dmoa.id.webconfig=%CATALINA_HOME%/conf/moa-id-configuration/
 set DEMOOA_OPT=-Dmoa.id.demoOA=%CATALINA_HOME%/conf/moa-id-oa/oa.properties
 set STORK_OPT=-Deu.stork.samlengine.config.location=%CATALINA_HOME%/conf/moa-id/stork/
 set PROXY_OPT=-Dmoa.id.proxy.configuration=%CATALINA_HOME%/conf/moa-id-proxy/MOAIDConfiguration.xml
-
-set PARAMS_MOA=%CONFIG_OPT_SPSS% %CONFIG_OPT_ID% %LOGGING_OPT% %CONFIGTOOL_OPT% %DEMOOA_OPT% %STORK_OPT% %PROXY_OPT%
+ 
+set PARAMS_MOA=%CONFIG_OPT_SPSS% %CONFIG_OPT_ID% %LOGGING_OPT% %CONFIGTOOL_OPT% %DEMOOA_OPT% %STORK_OPT% %PROXY_OPT% -Xms512m -Xmx1536m -XX:PermSize=256m
 
 rem set PARAM_TRUST_STORE=-Djavax.net.ssl.trustStore=truststore.jks
 rem set PARAM_TRUST_STORE_PASS=-Djavax.net.ssl.trustStorePassword=changeit
diff --git a/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE.xml b/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE.xml
new file mode 100644
index 000000000..1165d8b32
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE.xml
@@ -0,0 +1,161 @@
+<sl10:TransformsInfo>
+	<dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+		<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+			<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
+				<xsl:output method="xml" xml:space="default"/>
+				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+					<html>
+						<head>
+							<title>Signatur der Anmeldedaten</title>
+							<style type="text/css" media="screen">
+              					.normalstyle { font-size: medium; } 
+              					.italicstyle { font-size: medium; font-style: italic; }
+								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
+								.h4style{ font-size: large; }                                                                                      
+              				</style>
+						</head>
+						<body>
+							<h4 class="h4style">Anmeldedaten:</h4>
+							<p class="titlestyle">Daten zur Person</p>
+							<table class="parameters">
+								<xsl:if test="normalize-space(//@Issuer)">
+									<tr>
+										<td class="italicstyle">Name:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//@Issuer"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
+									<tr>
+										<td class="italicstyle">Geburtsdatum:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
+											<xsl:text>.</xsl:text>
+											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
+											<xsl:text>.</xsl:text>
+											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+									<tr>
+										<td class="italicstyle">Rolle:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+									<tr>
+										<td class="italicstyle">Vollmacht:</td>
+										<td class="normalstyle">
+											<xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text>
+										</td>
+									</tr>
+								</xsl:if>
+							</table>
+							<p class="titlestyle">Daten zur Anwendung</p>
+							<table class="parameters">
+								<tr>
+									<td class="italicstyle">Name:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
+									</td>
+								</tr>
+								<tr>
+									<td class="italicstyle">Staat:</td>
+									<td class="normalstyle">Österreich</td>
+								</tr>
+							</table>
+							<p class="titlestyle">Technische Parameter</p>
+							<table class="parameters">
+								<tr>
+									<td class="italicstyle">URL:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
+									</td>
+								</tr>
+								<xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
+									<tr>
+										<td class="italicstyle">Bereich:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+									<tr>
+										<td class="italicstyle">
+											Vollmachten-Referenz:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
+									<tr>
+										<td class="italicstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
+									<tr>
+										<td class="italicstyle">Identifikator:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+									<tr>
+										<td class="italicstyle">OID:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='HPI']">
+									<tr>
+										<td class="italicstyle">HPI:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<tr>
+									<td class="italicstyle">Datum:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="substring(//@IssueInstant,9,2)"/>
+										<xsl:text>.</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,6,2)"/>
+										<xsl:text>.</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,1,4)"/>
+									</td>
+								</tr>
+								<tr>
+									<td class="italicstyle">Uhrzeit:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="substring(//@IssueInstant,12,2)"/>
+										<xsl:text>:</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,15,2)"/>
+										<xsl:text>:</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
+									</td>
+								</tr>
+							</table>
+						</body>
+					</html>
+				</xsl:template>
+			</xsl:stylesheet>
+		</dsig:Transform>
+		<dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+	</dsig:Transforms>
+	<sl10:FinalDataMetaInfo>
+		<sl10:MimeType>application/xhtml+xml</sl10:MimeType>
+	</sl10:FinalDataMetaInfo>
+</sl10:TransformsInfo>
diff --git a/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_EN.xml b/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_EN.xml
new file mode 100644
index 000000000..e220b8f82
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_EN.xml
@@ -0,0 +1,161 @@
+<sl10:TransformsInfo>
+	<dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+		<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+			<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
+				<xsl:output method="xml" xml:space="default"/>
+				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+					<html>
+						<head>
+							<title>Signing the authentication data</title>
+							<style type="text/css" media="screen">
+              					.normalstyle { font-size: medium; } 
+              					.italicstyle { font-size: medium; font-style: italic; }
+								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
+								.h4style{ font-size: large; }                                                                                      
+              				</style>
+						</head>
+						<body>
+							<h4 class="h4style">Authentication Data:</h4>
+							<p class="titlestyle">Personal Data</p>
+							<table class="parameters">
+								<xsl:if test="normalize-space(//@Issuer)">
+									<tr>
+										<td class="italicstyle">Name:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//@Issuer"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
+									<tr>
+										<td class="italicstyle">Date of Birth:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
+											<xsl:text>.</xsl:text>
+											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
+											<xsl:text>.</xsl:text>
+											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+									<tr>
+										<td class="italicstyle">Role:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+									<tr>
+										<td class="italicstyle">Mandate:</td>
+										<td class="normalstyle">
+											<xsl:text>I log in as representative. In the next step a list of available mandates is shown. Here I select one mandate.</xsl:text>
+										</td>
+									</tr>
+								</xsl:if>
+							</table>
+							<p class="titlestyle">Application Data</p>
+							<table class="parameters">
+								<tr>
+									<td class="italicstyle">Name:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
+									</td>
+								</tr>
+								<tr>
+									<td class="italicstyle">Country:</td>
+									<td class="normalstyle">Austria</td>
+								</tr>
+							</table>
+							<p class="titlestyle">Technical Parameters</p>
+							<table class="parameters">
+								<tr>
+									<td class="italicstyle">URL:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
+									</td>
+								</tr>
+								<xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
+									<tr>
+										<td class="italicstyle">Sector:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+									<tr>
+										<td class="italicstyle">
+											Mandate Reference:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
+									<tr>
+										<td class="italicstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
+									<tr>
+										<td class="italicstyle">Identifier:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+									<tr>
+										<td class="italicstyle">OID:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<xsl:if test="//saml:Attribute[@AttributeName='HPI']">
+									<tr>
+										<td class="italicstyle">HPI:</td>
+										<td class="normalstyle">
+											<xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
+										</td>
+									</tr>
+								</xsl:if>
+								<tr>
+									<td class="italicstyle">Date:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="substring(//@IssueInstant,9,2)"/>
+										<xsl:text>.</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,6,2)"/>
+										<xsl:text>.</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,1,4)"/>
+									</td>
+								</tr>
+								<tr>
+									<td class="italicstyle">Time:</td>
+									<td class="normalstyle">
+										<xsl:value-of select="substring(//@IssueInstant,12,2)"/>
+										<xsl:text>:</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,15,2)"/>
+										<xsl:text>:</xsl:text>
+										<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
+									</td>
+								</tr>
+							</table>
+						</body>
+					</html>
+				</xsl:template>
+			</xsl:stylesheet>
+		</dsig:Transform>
+		<dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+	</dsig:Transforms>
+	<sl10:FinalDataMetaInfo>
+		<sl10:MimeType>application/xhtml+xml</sl10:MimeType>
+	</sl10:FinalDataMetaInfo>
+</sl10:TransformsInfo>
-- 
cgit v1.2.3


From 23047d5e2c28ce74eb7e76e3a13977f5ab31ec34 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 21 Aug 2014 10:50:11 +0200
Subject: fix typo

---
 .../src/main/resources/applicationResources_de.properties             | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
index 35ae19f90..39bfcd36b 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
@@ -8,8 +8,8 @@ config.04=OpenSAML (PVP2 Login) can not be initialized
 config.05=Configuration file not defined
 
 error.title=Fehler:
-error.login.internal=W\u00E4hrend der Verarbeitung ist ein interner Fehler auftetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator.
-error.general.text=W\u00E4hrend der Verarbeitung ist ein interner Fehler auftetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator.
+error.login.internal=W\u00E4hrend der Verarbeitung ist ein interner Fehler aufgetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator.
+error.general.text=W\u00E4hrend der Verarbeitung ist ein interner Fehler aufgetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator.
 errors.listOAs.noOA=Es wurden keine Online-Applikationen in der Datenbank gefunden.
 errors.listIDPs.noIDP=Es wurden kein IdentityProvider f\u00FCr Interfederation in der Datenbank gefunden.
 errors.edit.oa.oaid=Es wurde keine g\u00FCtige Online-Applikations-ID \u00FCbergeben.
-- 
cgit v1.2.3


From 537e9f394e0eb0ac1c395fcd6d6d8e202a0ad5dc Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 21 Aug 2014 10:51:19 +0200
Subject: add active user-session cleanup process

---
 .../moa/id/configuration/Constants.java            |  2 ++
 .../id/configuration/auth/AuthenticatedUser.java   | 23 ++++++++++++++--------
 .../configuration/auth/AuthenticationManager.java  | 15 ++++++++++++++
 .../id/configuration/auth/IActiveUserStorage.java  |  4 ++++
 .../auth/MemoryActiveUserStorageImpl.java          | 19 ++++++++++++++++++
 .../auth/pvp2/servlets/SLOBasicServlet.java        |  1 -
 .../configuration/filter/AuthenticationFilter.java |  8 ++++++--
 .../id/configuration/helper/FormDataHelper.java    |  4 +++-
 .../configuration/struts/action/IndexAction.java   | 20 +++++++++++++++----
 .../id/configuration/utils/UserRequestCleaner.java |  7 ++++++-
 10 files changed, 86 insertions(+), 17 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
index 2f4d700a2..f549db9f3 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
@@ -116,4 +116,6 @@ public class Constants {
 
         BUSINESSSERVICENAMES = Collections.unmodifiableMap(tmp);
 	}
+	
+	public static final long ONE_MINUTE_IN_MILLIS=60000;//millisecs
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
index 036acf1f6..3bfe409c0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
@@ -42,6 +42,7 @@ public class AuthenticatedUser {
 	private String institute;
 	private String userName;
 	private Date lastLogin;
+	private Date sessionExpired; 
 	
 	private boolean onlyBusinessService = false;
 	private String businessServiceType;
@@ -54,7 +55,7 @@ public class AuthenticatedUser {
 		
 	}
 	
-	public static AuthenticatedUser generateDefaultUser() {
+	public static AuthenticatedUser generateDefaultUser(Date sessionExpired) {
 		
 		AuthenticatedUser user = new AuthenticatedUser();		
 		user.familyName = "TestUser";
@@ -67,12 +68,13 @@ public class AuthenticatedUser {
 		user.isMandateUser = false;
 		user.isPVP2Login = false;
 		user.lastLogin = new Date();
+		user.sessionExpired = sessionExpired;
 		
 		return user;
 	}
 	
 	public static AuthenticatedUser generateUserRequestUser(UserDatabaseFrom form, 
-			String nameID, String nameIDFormat) {
+			String nameID, String nameIDFormat, Date sessionExpired) {
 		
 		AuthenticatedUser user = new AuthenticatedUser();		
 		user.familyName = form.getFamilyName();
@@ -85,6 +87,7 @@ public class AuthenticatedUser {
 		user.isMandateUser = form.isIsmandateuser();
 		user.isPVP2Login = form.isPVPGenerated();
 		user.lastLogin = new Date();
+		user.sessionExpired = sessionExpired;
 		
 		user.nameID = nameID;
 		user.nameIDFormat = nameIDFormat;
@@ -93,7 +96,7 @@ public class AuthenticatedUser {
 	}
 	
 	public AuthenticatedUser(UserDatabase userdb, boolean isAuthenticated, boolean isMandateUser, 
-			boolean isPVP2Login, String nameID, String nameIDFormat) {
+			boolean isPVP2Login, String nameID, String nameIDFormat, Date sessionExpired) {
 		
 		this.familyName = userdb.getFamilyname();
 		this.givenName = userdb.getGivenname();
@@ -105,6 +108,7 @@ public class AuthenticatedUser {
 		this.isMandateUser = isMandateUser;
 		this.isPVP2Login = isPVP2Login;
 		this.lastLogin = new Date();
+		this.sessionExpired = sessionExpired;
 		
 		this.nameID = nameID;
 		this.nameIDFormat = nameIDFormat;
@@ -250,10 +254,13 @@ public class AuthenticatedUser {
 	public String getNameIDFormat() {
 		return nameIDFormat;
 	}
-	
-	
-	
-	
-	
+
+	/**
+	 * @return the sessionExpired
+	 */
+	public Date getSessionExpired() {
+		return sessionExpired;
+	}
+
 
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticationManager.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticationManager.java
index 6d3afffc9..58142b398 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticationManager.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticationManager.java
@@ -22,6 +22,9 @@
  */
 package at.gv.egovernment.moa.id.configuration.auth;
 
+import java.util.Date;
+import java.util.Iterator;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -81,4 +84,16 @@ public class AuthenticationManager {
 		activeUsers.removeUser(authUser.getNameID());
 		
 	}
+	
+	public void removeAllUsersAfterTimeOut() {
+		Iterator<AuthenticatedUser> expiredUsers = activeUsers.getUserWithSessionTimeOut(new Date());
+		while (expiredUsers.hasNext()) {
+			AuthenticatedUser user = expiredUsers.next();
+			activeUsers.removeUser(user.getNameID());
+			log.info("LogOut user with ID" + user.getNameID() + " after SessionTimeOut.");
+			
+		}
+		
+	}
+
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/IActiveUserStorage.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/IActiveUserStorage.java
index c52fee140..80730c6e0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/IActiveUserStorage.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/IActiveUserStorage.java
@@ -22,6 +22,9 @@
  */
 package at.gv.egovernment.moa.id.configuration.auth;
 
+import java.util.Date;
+import java.util.Iterator;
+
 /**
  * @author tlenz
  *
@@ -31,5 +34,6 @@ public interface IActiveUserStorage {
 	public AuthenticatedUser getUser(String nameID);
 	public void setUser(String nameID, AuthenticatedUser authUser);
 	public void removeUser(String nameID);
+	public Iterator<AuthenticatedUser> getUserWithSessionTimeOut(Date date);
 	
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/MemoryActiveUserStorageImpl.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/MemoryActiveUserStorageImpl.java
index 145da2c35..186a2b931 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/MemoryActiveUserStorageImpl.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/MemoryActiveUserStorageImpl.java
@@ -22,7 +22,12 @@
  */
 package at.gv.egovernment.moa.id.configuration.auth;
 
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Date;
 import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
 import java.util.Map;
 
 /**
@@ -68,4 +73,18 @@ public class MemoryActiveUserStorageImpl implements IActiveUserStorage {
 
 	}
 
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.configuration.auth.IActiveUserStorage#getUserWithSessionTimeOut(java.util.Date)
+	 */
+	@Override
+	public Iterator<AuthenticatedUser> getUserWithSessionTimeOut(Date date) {
+		List<AuthenticatedUser> expiredUsers =  new ArrayList<AuthenticatedUser>();
+		for (AuthenticatedUser user : store.values()) {
+			if (date.after(user.getSessionExpired()))
+				expiredUsers.add(user);
+			
+		}				
+		return expiredUsers.iterator();
+	}
+
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
index 38c858918..00d6850d3 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
@@ -127,7 +127,6 @@ public class SLOBasicServlet extends HttpServlet {
 			HttpSession session = request.getSession(false);
 			if (session != null)
 				session.invalidate();
-			
 			return createSLOResponse(sloReq, StatusCode.SUCCESS_URI, request);
 			
 		} else {
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
index 1f631afea..d13696d51 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
@@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.configuration.filter;
 
 import java.io.IOException;
 import java.util.ArrayList;
+import java.util.Date;
 import java.util.StringTokenizer;
 import java.util.regex.Pattern;
 
@@ -153,8 +154,11 @@ public class AuthenticationFilter implements Filter{
 				log.warn("Authentication is deaktivated. Dummy authentication-information are used!");
 							
 				if (authuser == null) {
-
-					authuser = AuthenticatedUser.generateDefaultUser();
+					int sessionTimeOut = session.getMaxInactiveInterval();
+					Date sessionExpired = new Date(new Date().getTime() + 
+							(sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS)); 
+					
+					authuser = AuthenticatedUser.generateDefaultUser(sessionExpired);
 					authManager.setActiveUser(authuser);
 					
 					//authuser = new AuthenticatedUser(1, "Max", "TestUser", true, false);
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
index cd6c699b9..dc97dd2c8 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/FormDataHelper.java
@@ -23,6 +23,7 @@
 package at.gv.egovernment.moa.id.configuration.helper;
 
 import java.util.ArrayList;
+import java.util.Date;
 import java.util.List;
 
 import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
@@ -88,7 +89,8 @@ public class FormDataHelper {
 			userlist.add(new AuthenticatedUser(dbuser, 
 					dbuser.isIsActive(), 
 					ismandate,
-					false, null, null));
+					false, null, null, new Date())
+					);
 		}
 		return userlist;
 	}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
index 4762f1518..f4a3d0c75 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
@@ -215,12 +215,17 @@ public class IndexAction extends BasicAction {
 			if (dbuser.isIsMandateUser() != null)
 				ismandateuser = dbuser.isIsMandateUser();
 			
+			int sessionTimeOut = session.getMaxInactiveInterval();
+			Date sessionExpired = new Date(new Date().getTime() + 
+					(sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS));
+			
 			AuthenticatedUser authuser = new AuthenticatedUser(dbuser, 
 					true, 
 					ismandateuser,
 					false,
 					dbuser.getHjid()+"dbID",
-					"username/password");
+					"username/password",
+					sessionExpired);
 			
 			//store user as authenticated user
 			AuthenticationManager authManager = AuthenticationManager.getInstance();
@@ -390,6 +395,10 @@ public class IndexAction extends BasicAction {
 						
 						String bpkwbpk = nameID.getNameQualifier() + "+" + nameID.getValue();
 						
+						int sessionTimeOut = session.getMaxInactiveInterval();
+						Date sessionExpired = new Date(new Date().getTime() + 
+								(sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS));
+						
 						//search user
 						UserDatabase dbuser = ConfigurationDBRead.getUserWithUserBPKWBPK(bpkwbpk);
 						if (dbuser == null) {
@@ -434,7 +443,8 @@ public class IndexAction extends BasicAction {
 							//create AuthUser data element
 							authUser = AuthenticatedUser.generateUserRequestUser(user,
 									nameID.getValue(), 
-									nameID.getFormat());
+									nameID.getFormat(),
+									sessionExpired);
 							
 							//store user as authenticated user
 							AuthenticationManager authManager = AuthenticationManager.getInstance();
@@ -464,7 +474,8 @@ public class IndexAction extends BasicAction {
 											dbuser.isIsMandateUser(),
 											true,
 											nameID.getValue(),
-											nameID.getFormat());
+											nameID.getFormat(),
+											sessionExpired);
 									
 									//store user as authenticated user
 									AuthenticationManager authManager = AuthenticationManager.getInstance();
@@ -491,7 +502,8 @@ public class IndexAction extends BasicAction {
 									ismandateuser,
 									true,
 									nameID.getValue(),
-									nameID.getFormat());
+									nameID.getFormat(),
+									sessionExpired);
 							
 							//store user as authenticated user
 							AuthenticationManager authManager = AuthenticationManager.getInstance();
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java
index 9ec8db858..a75f8307d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/utils/UserRequestCleaner.java
@@ -31,6 +31,7 @@ import org.apache.log4j.Logger;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticationManager;
 import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
 import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
 import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper;
@@ -40,13 +41,14 @@ public class UserRequestCleaner implements Runnable {
 
 	private static final Logger log = Logger.getLogger(UserRequestCleaner.class);
 	
-	private static final long SESSION_CLEANUP_INTERVAL = 60 * 60; // 60 min
+	private static final long SESSION_CLEANUP_INTERVAL = 5 * 60; // 5 min
 		
 	public void run() {
 		 while (true) {
 			 try {
 				ConfigurationProvider config = ConfigurationProvider.getInstance();
 				
+				//clean up user request storage
 				List<UserDatabase> userrequests = ConfigurationDBRead.getAllOpenUsersRequests();
 				if (userrequests != null) {
 					Calendar cal = Calendar.getInstance();
@@ -63,6 +65,9 @@ public class UserRequestCleaner implements Runnable {
 					
 					}					
 				}
+				
+				//clean up active user storage
+				AuthenticationManager.getInstance().removeAllUsersAfterTimeOut();
 
 				Thread.sleep(SESSION_CLEANUP_INTERVAL * 1000);
 				
-- 
cgit v1.2.3


From 99d482d088850f5641d98b12de04cd1eefc030c0 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 21 Aug 2014 10:51:38 +0200
Subject: change sessiontimeout to 45 minutes

---
 id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml b/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml
index a6fe50269..d247faa1e 100644
--- a/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml
+++ b/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml
@@ -120,6 +120,10 @@
 		<url-pattern>/*</url-pattern>
 	</filter-mapping>
   	
+ 	<session-config>
+    <session-timeout>45</session-timeout>
+  </session-config>  	
+  	
   
 	<welcome-file-list>
     	<welcome-file>/index.action</welcome-file>
-- 
cgit v1.2.3


From 5df1984c62b3f214ce9ed368beb9473bce0183e5 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 21 Aug 2014 12:09:00 +0200
Subject: fix some problems with Single LogOut

---
 .../auth/pvp2/servlets/SLOBasicServlet.java           | 17 +++++++++++++----
 .../moa/id/moduls/AuthenticationManager.java          |  7 ++++---
 .../moa/id/protocols/pvp2x/SingleLogOutAction.java    | 19 ++++++++++++++-----
 .../protocols/pvp2x/builder/SingleLogOutBuilder.java  | 17 ++++++++++++-----
 .../moa/id/commons/db/ConfigurationDBRead.java        |  2 +-
 5 files changed, 44 insertions(+), 18 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
index 00d6850d3..dfcde4624 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/servlets/SLOBasicServlet.java
@@ -197,11 +197,20 @@ public class SLOBasicServlet extends HttpServlet {
 			
 			
 		} else if (sloResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
-			log.info("Single LogOut process complete.");
-			request.getSession().setAttribute(Constants.SESSION_SLOSUCCESS, 
-					LanguageHelper.getErrorString("webpages.slo.success", request));
 			
-
+			if (sloResp.getStatus().getStatusCode().getStatusCode() != null && 
+					!sloResp.getStatus().getStatusCode().getStatusCode().equals(StatusCode.PARTIAL_LOGOUT_URI)) {			
+				log.info("Single LogOut process complete.");
+				request.getSession().setAttribute(Constants.SESSION_SLOSUCCESS, 
+						LanguageHelper.getErrorString("webpages.slo.success", request));
+				
+			} else {
+				log.warn("Single LogOut process is not completed.");
+				request.getSession().setAttribute(Constants.SESSION_SLOERROR, 
+						LanguageHelper.getErrorString("webpages.slo.error", request));
+				
+			}
+			
 		} else {
 			log.warn("Single LogOut response sends an unsupported statustype " + sloResp.getStatus().getStatusCode().getValue());
 			request.getSession().setAttribute(Constants.SESSION_SLOERROR, 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 8f9417096..daa70efce 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -49,6 +49,7 @@ import org.opensaml.saml2.core.NameID;
 import org.opensaml.saml2.core.NameIDPolicy;
 import org.opensaml.saml2.core.NameIDType;
 import org.opensaml.saml2.core.RequestedAuthnContext;
+import org.opensaml.saml2.core.StatusCode;
 import org.opensaml.saml2.core.Subject;
 import org.opensaml.saml2.metadata.EntityDescriptor;
 import org.opensaml.saml2.metadata.SingleLogoutService;
@@ -252,8 +253,8 @@ public class AuthenticationManager extends AuthServlet {
 				
 		        VelocityContext context = new VelocityContext();
 		        context.put("redirectURLs", sloReqList);
-		        context.put("$timeoutURL", timeOutURL);
-		        context.put("$timeout", SLOTIMEOUT);
+		        context.put("timeoutURL", timeOutURL);
+		        context.put("timeout", SLOTIMEOUT);
 		        ssomanager.printSingleLogOutInfo(context, httpResp);
 				
 								
@@ -284,7 +285,7 @@ public class AuthenticationManager extends AuthServlet {
 			Logger.error("MOA AssertionDatabase ERROR", e);
 			if (pvpReq != null) {
 				SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq);
-				LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq);
+				LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
 				SingleLogOutBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, inboundRelayState);
 				
 			}else {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
index 46e02d048..b22941216 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
@@ -135,7 +135,7 @@ public class SingleLogOutAction implements IAction {
 					if (MiscUtil.isEmpty(ssoID)) {
 						Logger.warn("Can not find active Session. Single LogOut not possible!");
 						SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq);
-						LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq);
+						LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
 						SingleLogOutBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState());
 						return null;
 						
@@ -147,7 +147,7 @@ public class SingleLogOutAction implements IAction {
 						} catch (MOADatabaseException e) {
 							Logger.warn("Can not find active Session. Single LogOut not possible!");
 							SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq);
-							LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq);
+							LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
 							SingleLogOutBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState());
 							return null;
 							
@@ -162,7 +162,9 @@ public class SingleLogOutAction implements IAction {
 					((MOAResponse)pvpReq.getRequest()).getResponse() instanceof LogoutResponse) {
 				Logger.debug("Process Single LogOut response");
 				LogoutResponse logOutResp = (LogoutResponse) ((MOAResponse)pvpReq.getRequest()).getResponse();
-														
+
+				Transaction tx = null;
+				
 				try {					
 					String relayState = pvpReq.getRequest().getRelayState();
 					if (MiscUtil.isEmpty(relayState)) {
@@ -179,7 +181,7 @@ public class SingleLogOutAction implements IAction {
 					//TODO: add counter to prevent deadlock
 					
 					while (!storageSuccess) {
-						Transaction tx = session.beginTransaction();
+						tx = session.beginTransaction();
 						
 						List result;
 						Query query = session.getNamedQuery("getAssertionWithArtifact");
@@ -235,7 +237,7 @@ public class SingleLogOutAction implements IAction {
 								try {
 									session.delete(element);
 									tx.commit();
-
+									
 								} catch(HibernateException e) {
 									tx.rollback();								
 									Logger.error("SLOContainter could not deleted from database. ");
@@ -292,7 +294,14 @@ public class SingleLogOutAction implements IAction {
 					Logger.error("Finale SLO redirct not possible.", e);
 					throw new AuthenticationException("pvp2.13", new Object[]{});
 
+				} finally {
+					if (tx != null && !tx.wasCommitted()) {
+						tx.commit();
+						
+					}
 				}
+				
+				
 							
 			} else {
 				Logger.error("Process SingleLogOutAction but request is NOT of type LogoutRequest or LogoutResponse.");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java
index eeb1dd104..01139d95c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java
@@ -213,12 +213,13 @@ public class SingleLogOutBuilder {
 			
 		}			
 
-		
+		DateTime now = new DateTime();
 		Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);		
 		issuer.setValue(PVPConfiguration.getInstance().getIDPPublicPath());
 		issuer.setFormat(NameID.ENTITY);
 		sloReq.setIssuer(issuer);		
-		sloReq.setIssueInstant(new DateTime());
+		sloReq.setIssueInstant(now);
+		sloReq.setNotOnOrAfter(now.plusMinutes(5));
 		
 		sloReq.setDestination(sloInfo.getServiceURL());
 		
@@ -230,14 +231,17 @@ public class SingleLogOutBuilder {
 		return sloReq;		
 	}
 	
-	public static LogoutResponse buildSLOErrorResponse(SingleLogoutService sloService, PVPTargetConfiguration spRequest) throws ConfigurationException, MOAIDException {
+	public static LogoutResponse buildSLOErrorResponse(SingleLogoutService sloService, PVPTargetConfiguration spRequest, String firstLevelStatusCode) throws ConfigurationException, MOAIDException {
 		LogoutResponse sloResp = buildBasicResponse(sloService, spRequest);
 		
 		Status status = SAML2Utils.createSAMLObject(Status.class);
 		StatusCode statusCode = SAML2Utils.createSAMLObject(StatusCode.class);
 		StatusMessage statusMessage = SAML2Utils.createSAMLObject(StatusMessage.class);
-		statusCode.setValue(StatusCode.PARTIAL_LOGOUT_URI);
+		statusCode.setValue(firstLevelStatusCode);
 		statusMessage.setMessage(MOAIDMessageProvider.getInstance().getMessage("pvp2.18", null));
+		StatusCode secondLevelCode = SAML2Utils.createSAMLObject(StatusCode.class);
+		secondLevelCode.setValue(StatusCode.PARTIAL_LOGOUT_URI);
+		statusCode.setStatusCode(secondLevelCode);
 		status.setStatusCode(statusCode);
 		status.setStatusMessage(statusMessage);
 		sloResp.setStatus(status);
@@ -255,8 +259,11 @@ public class SingleLogOutBuilder {
 			status = SAML2Utils.createSAMLObject(Status.class);
 			StatusCode statusCode = SAML2Utils.createSAMLObject(StatusCode.class);
 			StatusMessage statusMessage = SAML2Utils.createSAMLObject(StatusMessage.class);
-			statusCode.setValue(StatusCode.PARTIAL_LOGOUT_URI);
+			statusCode.setValue(StatusCode.SUCCESS_URI);			
 			statusMessage.setMessage(MOAIDMessageProvider.getInstance().getMessage("pvp2.18", null));
+			StatusCode secondLevelCode = SAML2Utils.createSAMLObject(StatusCode.class);
+			secondLevelCode.setValue(StatusCode.PARTIAL_LOGOUT_URI);
+			statusCode.setStatusCode(secondLevelCode);
 			status.setStatusCode(statusCode);
 			status.setStatusMessage(statusMessage);
 			
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
index e890e2145..848f4ee07 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
@@ -65,7 +65,7 @@ public class ConfigurationDBRead {
 
         List result;
         EntityManager session = ConfigurationDBUtils.getCurrentSession();
-
+        
         javax.persistence.Query query = session.createQuery(QUERIES.get("getActiveOnlineApplicationWithID"));
         //query.setParameter("id", id+"%");
         query.setParameter("id", StringEscapeUtils.escapeHtml(id));
-- 
cgit v1.2.3


From a3fe7879ad2363d1bb37588485b6256bfe848d92 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 22 Aug 2014 12:28:35 +0200
Subject: saml1 target parameter update

---
 .../parser/StartAuthentificationParameterParser.java   |   4 +++-
 repository/iaik/iaik_tsl/1.1/iaik_tsl-1.1.jar          | Bin 0 -> 605175 bytes
 2 files changed, 3 insertions(+), 1 deletion(-)
 create mode 100644 repository/iaik/iaik_tsl/1.1/iaik_tsl-1.1.jar

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index ff5e62d96..e3f32d59d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -133,7 +133,9 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{
 		    String targetConfig = oaParam.getTarget();
 			String targetFriendlyNameConfig = oaParam.getTargetFriendlyName();
 			 			
-			if (StringUtils.isEmpty(targetConfig)) {
+			if (StringUtils.isEmpty(targetConfig)
+					|| (module.equals(SAML1Protocol.PATH) && 
+							!StringUtils.isEmpty(target))) {
 			    	// no target attribut is given in OA config
 			    	// target is used from request
 			    	// check parameter
diff --git a/repository/iaik/iaik_tsl/1.1/iaik_tsl-1.1.jar b/repository/iaik/iaik_tsl/1.1/iaik_tsl-1.1.jar
new file mode 100644
index 000000000..6fa0fef7c
Binary files /dev/null and b/repository/iaik/iaik_tsl/1.1/iaik_tsl-1.1.jar differ
-- 
cgit v1.2.3


From 30bd1dd3de38c29af4fbeef8ef87be7ecbecfd53 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 25 Aug 2014 18:03:32 +0200
Subject: resolving build issues

---
 pom.xml                       |  6 +++++-
 spss/server/serverlib/pom.xml | 10 ++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 8d428f062..3457751f7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -416,8 +416,12 @@
 			<artifactId>iaik_tsl</artifactId>
 			<version>1.1</version>
 		</dependency>
-		
 
+            <dependency>
+                <groupId>iaik</groupId>
+                <artifactId>iaik_xsect_eval</artifactId>
+                <version>1.1709142</version>
+            </dependency>
 		
 <!-- 		<dependency>
 			<groupId>iaik</groupId>
diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml
index 4ba4aa708..cd9518d53 100644
--- a/spss/server/serverlib/pom.xml
+++ b/spss/server/serverlib/pom.xml
@@ -160,6 +160,16 @@
 				</exclusion>
 			</exclusions>			
 		</dependency>
+                <dependency>
+                        <groupId>iaik</groupId>
+                        <artifactId>iaik_xsect_eval</artifactId>
+                </dependency>
+		<dependency>
+		  <groupId>org.xerial</groupId>
+		  <artifactId>sqlite-jdbc</artifactId>
+		  <version>3.7.8-SNAPSHOT</version>
+		</dependency>
+
 <!-- 		<dependency>
 			<groupId>iaik</groupId>
 			<artifactId>iaik_util</artifactId>
-- 
cgit v1.2.3


From 7d5c3f516ca56afcbee5b886557a5d682cadadcf Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Tue, 26 Aug 2014 16:14:56 +0200
Subject: fixing spcountry issue

---
 .../main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 33fed945b..d06298efa 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1845,7 +1845,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget();
 		String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
 		String spApplication = spInstitution;
-		String spCountry = "AT";
+		String spCountry = "AT";  // intentionally set AT - the flow is limited on that use case only
 
 		//generate AuthnRquest
 		STORKAuthnRequest authnRequest = new STORKAuthnRequest();
@@ -1855,7 +1855,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		authnRequest.setIssuer(issuerValue);
 		authnRequest.setQaa(oaParam.getQaaLevel());
 		authnRequest.setSpInstitution(spInstitution);
-		authnRequest.setCountry(spCountry);
+		authnRequest.setSpCountry(spCountry);
 		authnRequest.setSpApplication(spApplication);
 		authnRequest.setSpSector(spSector);
 		authnRequest.setPersonalAttributeList(attributeList);
-- 
cgit v1.2.3


From c109c1e86a228bd3b3ed49b97e182b3cd2136d00 Mon Sep 17 00:00:00 2001
From: Bojan Suzic <bojan.suzic@iaik.tugraz.at>
Date: Mon, 1 Sep 2014 14:53:36 +0200
Subject: todo gender question

---
 .../at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 40c358b7e..0ee003e4f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -223,7 +223,7 @@ public class PEPSConnectorServlet extends AuthServlet {
 				moaSession.setUseMandate("true");
 				
 				// and check if we have the gender value
-			PersonalAttribute gender = attributeList.get("gender");
+			PersonalAttribute gender = attributeList.get("gender");     // TODO Do we need to check gender value if there is no representation case?
 			if(null == gender) {
 				String gendervalue = (String) request.getParameter("gender");
 				if(null != gendervalue) {
-- 
cgit v1.2.3


From 33b76e7bb23d8772b3a2533aadd0c3313af4b29f Mon Sep 17 00:00:00 2001
From: Alexander Marsalek <amarsalek@iaik.tugraz.at>
Date: Thu, 4 Sep 2014 13:34:40 +0200
Subject: added comments

---
 .../moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java  | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
index cd7427913..3bc79f8bd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java
@@ -115,7 +115,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 
 	public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnectorWithLocalSigning";
 
-	private String oasisDssWebFormURL = "https://testvidp.buergerkarte.at/oasis-dss/DSSWebFormServlet";//TODO load from config
+	private String oasisDssWebFormURL = "https://testvidp.buergerkarte.at/oasis-dss/DSSWebFormServlet";//load from config below
 
 
 	/**
@@ -260,9 +260,6 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 					ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID);
 			redirectURL = response.encodeRedirectURL(redirectURL);
 
-//			response.setContentType("text/html");
-//			response.setStatus(302);
-//			response.addHeader("Location", redirectURL);
 			response.sendRedirect(redirectURL);
 			Logger.info("REDIRECT TO: " + redirectURL);
 
@@ -470,8 +467,10 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet {
 					boolean found = false;
 					try{
 					List<AttributeProviderPlugin> aps = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()).getStorkAPs();
+					Logger.info("Found AttributeProviderPlugins:"+aps.size());
 					for(AttributeProviderPlugin ap : aps)
 					{
+						Logger.info("Found AttributeProviderPlugin attribute:"+ap.getAttributes());
 						if(ap.getAttributes().equalsIgnoreCase("signedDoc"))
 						{
 							oasisDssWebFormURL = ap.getUrl();
-- 
cgit v1.2.3


From e9bcc578b0501bc171fe1b6795c57249e9107ae1 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 10 Sep 2014 11:09:58 +0200
Subject: remove SAML1 start authentication target parameter

---
 .../moa/id/auth/parser/StartAuthentificationParameterParser.java     | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index e3f32d59d..a3bf4af11 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -134,8 +134,9 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{
 			String targetFriendlyNameConfig = oaParam.getTargetFriendlyName();
 			 			
 			if (StringUtils.isEmpty(targetConfig)
-					|| (module.equals(SAML1Protocol.PATH) && 
-							!StringUtils.isEmpty(target))) {
+//					|| (module.equals(SAML1Protocol.PATH) && 
+//							!StringUtils.isEmpty(target)) 
+				) {
 			    	// no target attribut is given in OA config
 			    	// target is used from request
 			    	// check parameter
-- 
cgit v1.2.3


From 077054b6e3016e4cfeb6bae501eb52fc62f58208 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 10 Sep 2014 11:10:43 +0200
Subject: add metadata provider info message if not online-application is found

---
 .../moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java         | 4 ++++
 .../at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java     | 5 ++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index a57fb5717..cba64e080 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -261,6 +261,10 @@ public class MOAMetadataProvider implements MetadataProvider {
 		
 		List<OnlineApplication> oaList = ConfigurationDBRead
 				.getAllActiveOnlineApplications();
+		
+		if (oaList.size() == 0)
+			Logger.info("No Online-Application configuration found. PVP 2.1 metadata provider initialization failed!");
+		
 		Iterator<OnlineApplication> oaIt = oaList.iterator();
 		while (oaIt.hasNext()) {
 			HTTPMetadataProvider httpProvider = null;
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
index 848f4ee07..46d3ca558 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
@@ -31,6 +31,8 @@ import org.apache.commons.lang.StringEscapeUtils;
 
 import javax.persistence.EntityManager;
 import javax.persistence.PersistenceException;
+
+import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -221,7 +223,8 @@ public class ConfigurationDBRead {
 
         if (result.size() == 0) {
             Logger.trace("No entries found.");
-            return null;
+            result = new ArrayList<OnlineApplication>();
+            
         }
         return result;
     }
-- 
cgit v1.2.3


From fb63a316cf16d84ff357df87b4ed2ddba063044a Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 10 Sep 2014 11:16:09 +0200
Subject: remove dependency entries

---
 pom.xml                       |  6 ------
 spss/server/serverlib/pom.xml | 11 +----------
 2 files changed, 1 insertion(+), 16 deletions(-)

diff --git a/pom.xml b/pom.xml
index 3457751f7..02a25375d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -416,12 +416,6 @@
 			<artifactId>iaik_tsl</artifactId>
 			<version>1.1</version>
 		</dependency>
-
-            <dependency>
-                <groupId>iaik</groupId>
-                <artifactId>iaik_xsect_eval</artifactId>
-                <version>1.1709142</version>
-            </dependency>
 		
 <!-- 		<dependency>
 			<groupId>iaik</groupId>
diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml
index cd9518d53..cc96d411a 100644
--- a/spss/server/serverlib/pom.xml
+++ b/spss/server/serverlib/pom.xml
@@ -160,16 +160,7 @@
 				</exclusion>
 			</exclusions>			
 		</dependency>
-                <dependency>
-                        <groupId>iaik</groupId>
-                        <artifactId>iaik_xsect_eval</artifactId>
-                </dependency>
-		<dependency>
-		  <groupId>org.xerial</groupId>
-		  <artifactId>sqlite-jdbc</artifactId>
-		  <version>3.7.8-SNAPSHOT</version>
-		</dependency>
-
+		
 <!-- 		<dependency>
 			<groupId>iaik</groupId>
 			<artifactId>iaik_util</artifactId>
-- 
cgit v1.2.3


From b6f41b7108fa96427ddaaf32b0ada5d519b89089 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 10 Sep 2014 18:07:52 +0200
Subject: update SAML1 error messages if no OA is found

---
 .../gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java  | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 9c8c52e87..8f7f17e2e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -33,6 +33,7 @@ import org.apache.commons.lang.StringEscapeUtils;
 
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
@@ -102,7 +103,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 		
 		if (!AuthConfigurationProvider.getInstance().getAllowedProtocols().isSAML1Active()) {
 			Logger.info("SAML1 is deaktivated!");
-			throw new ProtocolNotActiveException("auth.22", new Object[] { NAME });
+			throw new ProtocolNotActiveException("auth.22", new Object[] { "SAML 1" });
 			
 		}
 			
@@ -145,14 +146,14 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 				.getOnlineApplicationParameter(oaURL);
 		
 		if (oaParam == null)
-			throw new AuthenticationException("auth.00",
-					new Object[] { oaURL });
+			throw new InvalidProtocolRequestException("auth.00",
+					new Object[] { null });
 				
 		OASAML1 saml1 = oaParam.getSAML1Parameter();
 		if (saml1 == null || !(saml1.isIsActive() != null && saml1.isIsActive()) ) {
 			Logger.info("Online-Application " + oaURL + " can not use SAML1 for authentication.");
-			throw new AuthenticationException("auth.00",
-					new Object[] { oaURL });
+			throw new InvalidProtocolRequestException("auth.00",
+					new Object[] { null });
 		}
 		
 		config.setSourceID(sourceID);		
-- 
cgit v1.2.3


From daa29a7c602c092da50fd901aac26f3f712fae86 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 10 Sep 2014 18:08:34 +0200
Subject: Fix SAML1 assertion date formate

---
 .../moa/id/auth/builder/AuthenticationDataAssertionBuilder.java   | 8 ++++----
 .../egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java   | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
index ba4440bf8..fc04fa9a7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
@@ -278,7 +278,7 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
     		assertion = MessageFormat.format(AUTH_DATA, new Object[] {
     		        authData.getAssertionID(), 
     		        authData.getIssuer(), 
-    		        authData.getIssueInstant(), 
+    		        authData.getIssueInstantString(), 
     		        pkType,
     		        pkValue, 
     		        StringUtils.removeXMLDeclaration(xmlAuthBlock), 
@@ -303,7 +303,7 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
     		assertion = MessageFormat.format(AUTH_DATA_WITH_CONDITIONS, new Object[] {
     		        authData.getAssertionID(), 
     		        authData.getIssuer(), 
-    		        authData.getIssueInstant(), 
+    		        authData.getIssueInstantString(), 
     		        notBefore,
     		        notOnOrAfter,
     		        pkType,
@@ -401,7 +401,7 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
     		assertion = MessageFormat.format(AUTH_DATA_MANDATE, new Object[] {
     		        authData.getAssertionID(), 
     		        authData.getIssuer(), 
-    		        authData.getIssueInstant(), 
+    		        authData.getIssueInstantString(), 
     		        pkType,
     		        pkValue, 
     		        StringUtils.removeXMLDeclaration(xmlAuthBlock), 
@@ -427,7 +427,7 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
     		assertion = MessageFormat.format(AUTH_DATA_MANDATE_WITH_CONDITIONS, new Object[] {
     		        authData.getAssertionID(), 
     		        authData.getIssuer(), 
-    		        authData.getIssueInstant(),
+    		        authData.getIssueInstantString(),
     		        notBefore,
     		        notOnOrAfter,
     		        pkType,
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java
index 3acf20a41..3b4beb7b7 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java
@@ -215,7 +215,7 @@ public class SAMLResponseParserTest extends UnitTestCase {
     assertEquals(0, authData.getMinorVersion());
     assertEquals("-4633313027464114584", authData.getAssertionID());
     assertEquals("http://localhost:8080/moa-id-auth/", authData.getIssuer());
-    assertEquals("2003-04-02T14:55:42+02:00", authData.getIssueInstant());
+    assertEquals("2003-04-02T14:55:42+02:00", authData.getIssueInstantString());
     assertEquals("123456789012", authData.getIdentificationValue());
     assertEquals("MTk2OC0xMC0yMmdi", authData.getBPK());
     assertEquals("Hermann", authData.getGivenName());
-- 
cgit v1.2.3


From a860c3d448cc136e8733d0827a0e46b72cd431e7 Mon Sep 17 00:00:00 2001
From: Samuel Weiser <samuel.weiser@student.tugraz.at>
Date: Wed, 10 Sep 2014 16:48:19 +0200
Subject: TokenResponse Audience "aud" claim added

---
 .../attributes/OAuth20AttributeBuilder.java        |  1 +
 .../attributes/OpenIdAudiencesAttribute.java       | 47 ++++++++++++++++++++++
 2 files changed, 48 insertions(+)
 create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
index 3b0d07ce1..583120a86 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
@@ -115,6 +115,7 @@ public final class OAuth20AttributeBuilder {
 		buildersOpenId.add(new OpenIdExpirationTimeAttribute());
 		buildersOpenId.add(new OpenIdIssueInstantAttribute());
 		buildersOpenId.add(new OpenIdAuthenticationTimeAttribute());
+		buildersOpenId.add(new OpenIdAudiencesAttribute());
 		
 		// profile
 		buildersProfile.add(new ProfileGivenNameAttribute());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java
new file mode 100644
index 000000000..404eb1b44
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java
@@ -0,0 +1,47 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.protocols.oauth20.attributes;
+
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.data.IAuthData;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.IAttributeBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.IAttributeGenerator;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+
+public class OpenIdAudiencesAttribute implements IAttributeBuilder {
+	
+	public String getName() {
+		return "aud";
+	}
+	
+	public <ATT> ATT build(OAAuthParameter oaParam, IAuthData authData,
+			IAttributeGenerator<ATT> g) throws AttributeException { 
+		return g.buildStringAttribute(this.getName(), "", oaParam.getPublicURLPrefix());
+	}
+	
+	public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+		return g.buildEmptyAttribute(this.getName(), "");
+	}
+	
+}
+
-- 
cgit v1.2.3


From 7008b0cb31761563c268ebcb53b13e32333fd931 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 11 Sep 2014 07:51:25 +0200
Subject: add exact timeout validation for SSO sessions

---
 .../id/auth/servlet/IDPSingleLogOutServlet.java    | 33 +++++++++++-----------
 .../gv/egovernment/moa/id/moduls/SSOManager.java   | 16 +++++++++--
 2 files changed, 30 insertions(+), 19 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
index a7ec4dcb6..c08d77f12 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
@@ -97,32 +97,31 @@ public class IDPSingleLogOutServlet extends AuthServlet {
 			
 			return;			
 					
-		} else if (MiscUtil.isNotEmpty(ssoid)) {			
-			if (ssomanager.isValidSSOSession(ssoid, null)) {
+		} else if (MiscUtil.isNotEmpty(ssoid)) {
+			try {
+				if (ssomanager.isValidSSOSession(ssoid, null)) {
 				
-				AuthenticationManager authmanager = AuthenticationManager.getInstance();
-				String moaSessionID = AuthenticationSessionStoreage.getMOASessionSSOID(ssoid);
+					AuthenticationManager authmanager = AuthenticationManager.getInstance();
+					String moaSessionID = AuthenticationSessionStoreage.getMOASessionSSOID(ssoid);
 
-				if (MiscUtil.isNotEmpty(moaSessionID)) {
-					AuthenticationSession authSession;
-					try {
-						authSession = AuthenticationSessionStoreage
+					if (MiscUtil.isNotEmpty(moaSessionID)) {					
+						AuthenticationSession authSession = AuthenticationSessionStoreage
 								.getSession(moaSessionID);
 						if(authSession != null) {
 							authmanager.performSingleLogOut(req, resp, authSession, null);
 							return;
 							
 						}
-						
-					} catch (MOADatabaseException e) {
-						//TODO: insert error Handling
-						
-					} catch (MOAIDException e) {
-						// TODO Auto-generated catch block
-						e.printStackTrace();
 					}
-				}				
-			}
+				}
+			} catch (MOADatabaseException e) {
+				//TODO: insert error Handling
+				e.printStackTrace();
+				
+			} catch (MOAIDException e) {
+				// TODO Auto-generated catch block
+				e.printStackTrace();
+			}				
 			
 		} else if (restartProcessObj != null && restartProcessObj instanceof String) {
 			String restartProcess = (String) restartProcessObj;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index ca3117a79..ff294dc3d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -31,6 +31,7 @@ import java.io.InputStreamReader;
 import java.io.Reader;
 import java.io.StringWriter;
 import java.net.URI;
+import java.util.Date;
 import java.util.List;
 
 import javax.servlet.http.Cookie;
@@ -132,7 +133,7 @@ public class SSOManager {
 	}
 	
 	
-	public boolean isValidSSOSession(String ssoSessionID, IRequest protocolRequest) {
+	public boolean isValidSSOSession(String ssoSessionID, IRequest protocolRequest) throws ConfigurationException {
 		
 		// search SSO Session
 		if (ssoSessionID == null) {
@@ -144,8 +145,19 @@ public class SSOManager {
 		
 		if (storedSession == null)
 			return false;
-		
+			
 		else {
+			
+			//check if session is out of lifetime
+			Date now = new Date();
+			long maxSSOSessionTime = AuthConfigurationProvider.getInstance().getTimeOuts().getMOASessionCreated().longValue() * 1000;		
+			Date ssoSessionValidTo = new Date(storedSession.getCreated().getTime() + maxSSOSessionTime);
+			if (now.after(ssoSessionValidTo)) {
+				Logger.info("Found outdated SSO session information. Start reauthentication process ... ");
+				return false;
+			}
+						
+			//check if request starts an interfederated SSO session
 			if (protocolRequest != null && 
 					protocolRequest instanceof RequestImpl &&
 					storedSession.isInterfederatedSSOSession() &&
-- 
cgit v1.2.3


From 4ec4effa4d5e89f088252891b096d0588904c54c Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 11 Sep 2014 09:38:48 +0200
Subject: change OpenIDConnect error message

---
 .../src/main/resources/resources/properties/id_messages_de.properties   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index 0536cfae1..9bfa14a7c 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -252,7 +252,7 @@ pvp2.21=Die Signature des Requests konnte nicht g\u00FCltig validiert werden.
 pvp2.22=Der Request konnte nicht g\u00FCltig validiert werden (Fehler\={0}).
 
 oauth20.01=Fehlerhafte redirect url
-oauth20.02=Fehlender Parameter "{0}"
+oauth20.02=Fehlender oder ung\u00FCltiger Parameter "{0}"
 oauth20.03=Angeforderter response_type ist nicht erlaubt
 oauth20.04=Die Art der Anmeldung wird nicht unterstuetzt
 oauth20.05=Der angegebene Benutzer ist nicht berechtigt
-- 
cgit v1.2.3


From 71eabf1848871783bac88c3254e660fb2199c233 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 11 Sep 2014 10:40:56 +0200
Subject: use SecurityLayer-Template from general configuration if legacy
 request and OA configuration define no template

---
 .../auth/parser/StartAuthentificationParameterParser.java  | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index a3bf4af11..c912b4620 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -231,14 +231,22 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{
 	    if (MiscUtil.isEmpty(templateURL)) {
 	    	
 	    	List<TemplateType> templateURLList = oaParam.getTemplateURL();
-	    	
+	    	List<String> defaulTemplateURLList = 
+	    			AuthConfigurationProvider.getInstance().getSLRequestTemplates();
+	    		    	
 	    	if ( templateURLList != null && templateURLList.size() > 0 
 	    			&& MiscUtil.isNotEmpty(templateURLList.get(0).getURL()) ) {	    	
 	    		templateURL = FileUtils.makeAbsoluteURL(
 	    				oaParam.getTemplateURL().get(0).getURL(),
 	    				AuthConfigurationProvider.getInstance().getRootConfigFileDir());
-	    		Log.info("No SL-Template in request, load SL-Template from OA config (URL: " + templateURL + ")");
-	    		
+	    		Log.info("No SL-Template in request, load SL-Template from OA configuration (URL: " + templateURL + ")");
+
+	    	} else if ( (defaulTemplateURLList.size() > 0) && MiscUtil.isNotEmpty(defaulTemplateURLList.get(0))) {
+	    		templateURL = FileUtils.makeAbsoluteURL(
+	    				defaulTemplateURLList.get(0),
+	    				AuthConfigurationProvider.getInstance().getRootConfigFileDir());
+	    		Log.info("No SL-Template in request, load SL-Template from general configuration (URL: " + templateURL + ")");	
+	    			    		
 	    	} else {
 	    		Logger.error("NO SL-Tempalte found in OA config");
 	    		throw new WrongParametersException("StartAuthentication", PARAM_TEMPLATE, "auth.12");
-- 
cgit v1.2.3


From f7783c20bf00995a87bb1815cbeb995239c2afff Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 11 Sep 2014 11:17:15 +0200
Subject: update MOA-SPSS certstore and truststore

---
 ...0240701.SerNo144ddd(SecureSignatureKeypair).cer | 26 +++++++
 ...0240701.SerNo144de4(SecureSignatureKeypair).cer | 23 ++++++
 ...0240701.SerNo144df5(SecureSignatureKeypair).cer | 23 ++++++
 ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer | 21 ++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer | 23 ++++++
 ...a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer | 26 +++++++
 ...0240701.SerNo144ddd(SecureSignatureKeypair).cer | 26 +++++++
 ...0240701.SerNo144de4(SecureSignatureKeypair).cer | 23 ++++++
 ...0240701.SerNo144df5(SecureSignatureKeypair).cer | 23 ++++++
 ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer | 21 ++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer | 23 ++++++
 ...0240701.SerNo144ddd(SecureSignatureKeypair).cer | 26 +++++++
 ...0240701.SerNo144de4(SecureSignatureKeypair).cer | 23 ++++++
 ...0240701.SerNo144df5(SecureSignatureKeypair).cer | 23 ++++++
 ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer | 21 ++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer | 23 ++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer | 23 ++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer | 23 ++++++
 .../doc/conf/moa-id-oa/keys/Metadata_Signing.cer   | 24 +++++++
 .../moa-spss/SampleMOASPSSConfiguration (2).xml    | 83 ----------------------
 ...0240701.SerNo144ddd(SecureSignatureKeypair).cer | 26 +++++++
 ...0240701.SerNo144de4(SecureSignatureKeypair).cer | 23 ++++++
 ...0240701.SerNo144df5(SecureSignatureKeypair).cer | 23 ++++++
 ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer | 21 ++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer | 23 ++++++
 ...a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer | 26 +++++++
 ...0240701.SerNo144ddd(SecureSignatureKeypair).cer | 26 +++++++
 ...0240701.SerNo144de4(SecureSignatureKeypair).cer | 23 ++++++
 ...0240701.SerNo144df5(SecureSignatureKeypair).cer | 23 ++++++
 ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer | 21 ++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer | 23 ++++++
 ...0240701.SerNo144ddd(SecureSignatureKeypair).cer | 26 +++++++
 ...0240701.SerNo144de4(SecureSignatureKeypair).cer | 23 ++++++
 ...0240701.SerNo144df5(SecureSignatureKeypair).cer | 23 ++++++
 ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer | 21 ++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer | 23 ++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer | 23 ++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer | 23 ++++++
 38 files changed, 864 insertions(+), 83 deletions(-)
 create mode 100644 id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 id/server/doc/conf/moa-id-oa/keys/Metadata_Signing.cer
 delete mode 100644 id/server/doc/conf/moa-spss/SampleMOASPSSConfiguration (2).xml
 create mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
 create mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
 create mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
 create mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
 create mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
 create mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
 create mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
 create mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
 create mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
 create mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
 create mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
 create mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
 create mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
 create mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer

diff --git a/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..eb051dc4d
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
+VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
+IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
+bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
+GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
+LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
+AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
+cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
+ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
+SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
+YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
+fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
+lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
+x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
+rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
+X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
+lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
+6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
+kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
+qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
+TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
+46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
+KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
+C016YgTrrQ==
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..be29fb6ac
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
+Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
+q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
+ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
+ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
+833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
+5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
+CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
+MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
+kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
+BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
+pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
+9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
+2dMmiMQ7gGhWX9X6gWLd
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..e1100c7fc
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
+Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
+JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
+hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
+L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
++XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
+U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
+o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
+jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
++7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
+BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
+drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
+rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
+VxCuPLXx/4sCfANQtvuY
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
new file mode 100644
index 000000000..e90f5f2a6
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
+MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
+FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
+MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
+BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
+jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
+2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
+tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
+8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
+1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
+AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
+A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
+sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
+C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
+/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
+PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
+NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
+xw==
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer b/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
new file mode 100644
index 000000000..04627da98
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEdzCCA1+gAwIBAgIDFLT9MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwNDIw
+NVoXDTI0MDcyMzA4NDIwNVowgYcxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxFjAUBgNVBAsMDWEtc2lnbi1TU0wtMDMxFjAUBgNVBAMMDWEt
+c2lnbi1TU0wtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjPM6
+PqgdPBPV4Efudpytt2Y4GZJfjeRdZo5SCuULDvvL+23xxBWnR3scFvfE1ekHN/YK
+k+2/qhU2B2ntoSNJSyDchNM8YPc9Lx67zZyhQTZgbBzh3IZAVb/hwuRRRV68JCBj
+r3r6v7IbwjH5XcVISdB4szx0z93aAQyKW9QkV+tD5a1vWFETvdHsZeVmDzfqcdsG
+AznPJw+9HrImCsswCWYUgPcFRkPNjj2r2NoyckVN781aWmNTAqJPf/Ckj9l9pUIt
+Vjhy8XNJW4iVDBkkykBXcGSkIau0ypJrRjsD1jKqUTIRZ/y2HlyltmwWi8OuyBLd
+LaHDbjc0b6JmqoivAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQD6h02K0A90wEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEG
+MIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQv
+b3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJl
+dm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1
+dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAbHQvTl94ommGFln3s6wmd/tr6r5R
+3FR3A7O/uiGEAqm/7B84KGkTmKHhChGMiCiMcBSGtMx1IaO+t7gimLtRL57wgeIf
+k6nsgcbBioh0nO12XDagdtj75Dr7buEFyQvFdfydi5cAwScLW+YYxtwDni9/debd
+ypFKeCRxdCX12n0oFQDPJf8YvE4CaDitBJCQrZdJBDpB6muF8mpNq8CIuyTPIBZX
+RPKJNfIraKq/Xi7tuLkvWVGVsSqJeTvP++05Tvv/44+XBpCp3sUrjsb0G0Mj90PG
+SnAapsrgzDzLO/LQ8vrB9H2oRM4iYfUxu/dKSOBVXa3WQzsLBL0/9zZ30g==
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..eb051dc4d
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
+VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
+IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
+bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
+GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
+LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
+AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
+cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
+ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
+SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
+YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
+fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
+lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
+x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
+rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
+X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
+lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
+6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
+kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
+qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
+TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
+46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
+KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
+C016YgTrrQ==
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..be29fb6ac
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
+Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
+q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
+ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
+ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
+833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
+5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
+CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
+MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
+kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
+BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
+pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
+9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
+2dMmiMQ7gGhWX9X6gWLd
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..e1100c7fc
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
+Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
+JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
+hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
+L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
++XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
+U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
+o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
+jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
++7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
+BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
+drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
+rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
+VxCuPLXx/4sCfANQtvuY
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
new file mode 100644
index 000000000..e90f5f2a6
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
+MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
+FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
+MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
+BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
+jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
+2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
+tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
+8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
+1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
+AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
+A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
+sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
+C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
+/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
+PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
+NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
+xw==
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..eb051dc4d
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
+VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
+IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
+bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
+GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
+LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
+AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
+cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
+ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
+SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
+YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
+fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
+lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
+x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
+rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
+X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
+lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
+6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
+kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
+qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
+TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
+46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
+KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
+C016YgTrrQ==
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..be29fb6ac
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
+Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
+q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
+ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
+ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
+833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
+5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
+CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
+MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
+kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
+BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
+pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
+9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
+2dMmiMQ7gGhWX9X6gWLd
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..e1100c7fc
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
+Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
+JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
+hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
+L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
++XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
+U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
+o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
+jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
++7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
+BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
+drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
+rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
+VxCuPLXx/4sCfANQtvuY
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
new file mode 100644
index 000000000..e90f5f2a6
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
+MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
+FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
+MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
+BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
+jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
+2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
+tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
+8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
+1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
+AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
+A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
+sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
+C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
+/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
+PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
+NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
+xw==
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-oa/keys/Metadata_Signing.cer b/id/server/doc/conf/moa-id-oa/keys/Metadata_Signing.cer
new file mode 100644
index 000000000..bd9640b37
--- /dev/null
+++ b/id/server/doc/conf/moa-id-oa/keys/Metadata_Signing.cer
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
+BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
+MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
+CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
+MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
+ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
+tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
+O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
+zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
+ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
+BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
+ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
+dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
+TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
++uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
+p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
+oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
+tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
+Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/SampleMOASPSSConfiguration (2).xml b/id/server/doc/conf/moa-spss/SampleMOASPSSConfiguration (2).xml
deleted file mode 100644
index 14acd54f2..000000000
--- a/id/server/doc/conf/moa-spss/SampleMOASPSSConfiguration (2).xml	
+++ /dev/null
@@ -1,83 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--MOA SPSS 1.3 Configuration File created by MOA SPSS Configuration Mapper-->
-<cfg:MOAConfiguration xmlns:cfg="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-	<cfg:SignatureVerification>
-		<cfg:CertificateValidation>
-			<cfg:PathConstruction>
-				<cfg:AutoAddCertificates>true</cfg:AutoAddCertificates>
-				<cfg:UseAuthorityInformationAccess>true</cfg:UseAuthorityInformationAccess>
-				<cfg:CertificateStore>
-					<cfg:DirectoryStore>
-						<cfg:Location>certstore</cfg:Location>
-					</cfg:DirectoryStore>
-				</cfg:CertificateStore>
-			</cfg:PathConstruction>
-			<cfg:PathValidation>
-				<cfg:ChainingMode>
-					<cfg:DefaultMode>pkix</cfg:DefaultMode>
-					<cfg:TrustAnchor>
-						<cfg:Identification>
-							<dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
-							<dsig:X509SerialNumber>536</dsig:X509SerialNumber>
-						</cfg:Identification>
-						<cfg:Mode>chaining</cfg:Mode>
-					</cfg:TrustAnchor>
-				</cfg:ChainingMode>
-				<cfg:TrustProfile>
-					<cfg:Id>MOAIDBuergerkartePersonenbindung</cfg:Id>
-					<cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten</cfg:TrustAnchorsLocation>
-				</cfg:TrustProfile>
-				<cfg:TrustProfile>
-					<cfg:Id>MOAIDBuergerkarteAuthentisierungsDaten</cfg:Id>
-					<cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten</cfg:TrustAnchorsLocation>
-				</cfg:TrustProfile>
-				<cfg:TrustProfile>
-					<cfg:Id>MOAIDBuergerkartePersonenbindungMitTestkarten</cfg:Id>
-					<cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten</cfg:TrustAnchorsLocation>
-				</cfg:TrustProfile>
-				<cfg:TrustProfile>
-					<cfg:Id>MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten</cfg:Id>
-					<cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten</cfg:TrustAnchorsLocation>
-				</cfg:TrustProfile>
-				<cfg:TrustProfile>
-					<cfg:Id>C-PEPS-Test</cfg:Id>
-					<cfg:TrustAnchorsLocation>trustProfiles/C-PEPS-Test</cfg:TrustAnchorsLocation>
-				</cfg:TrustProfile>
-				<cfg:TrustProfile>
-					<cfg:Id>C-PEPS</cfg:Id>
-					<cfg:TrustAnchorsLocation>trustProfiles/C-PEPS</cfg:TrustAnchorsLocation>
-				</cfg:TrustProfile>
-			</cfg:PathValidation>
-			<cfg:RevocationChecking>
-				<cfg:EnableChecking>true</cfg:EnableChecking>
-				<cfg:MaxRevocationAge>0</cfg:MaxRevocationAge>
-				<cfg:ServiceOrder>
-					<cfg:Service>CRL</cfg:Service>
-					<cfg:Service>OCSP</cfg:Service>
-				</cfg:ServiceOrder>
-				<cfg:Archiving>
-					<cfg:EnableArchiving>false</cfg:EnableArchiving>
-					<cfg:ArchiveDuration>365</cfg:ArchiveDuration>
-					<cfg:Archive>
-						<cfg:DatabaseArchive>
-							<cfg:JDBCURL>jdbc:url</cfg:JDBCURL>
-							<cfg:JDBCDriverClassName>fully.qualified.classname</cfg:JDBCDriverClassName>
-						</cfg:DatabaseArchive>
-					</cfg:Archive>
-				</cfg:Archiving>
-			</cfg:RevocationChecking>
-		</cfg:CertificateValidation>
-				<cfg:VerifyTransformsInfoProfile>
-			<cfg:Id>MOAIDTransformAuthBlockTable_DE_2.0</cfg:Id>
-			<cfg:Location>profiles/MOAIDTransformAuthBlockTable_DE_2.0.xml</cfg:Location>
-		</cfg:VerifyTransformsInfoProfile>
-		<cfg:VerifyTransformsInfoProfile>
-			<cfg:Id>MOAIDTransformAuthBlockTable_DE</cfg:Id>
-			<cfg:Location>profiles/MOAIDTransformAuthBlockTable_DE.xml</cfg:Location>
-		</cfg:VerifyTransformsInfoProfile>
-		<cfg:VerifyTransformsInfoProfile>
-			<cfg:Id>MOAIDTransformAuthBlockTable_EN</cfg:Id>
-			<cfg:Location>profiles/MOAIDTransformAuthBlockTable_EN.xml</cfg:Location>
-		</cfg:VerifyTransformsInfoProfile>
-	</cfg:SignatureVerification>
-</cfg:MOAConfiguration>
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..eb051dc4d
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
+VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
+IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
+bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
+GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
+LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
+AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
+cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
+ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
+SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
+YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
+fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
+lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
+x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
+rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
+X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
+lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
+6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
+kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
+qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
+TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
+46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
+KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
+C016YgTrrQ==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..be29fb6ac
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
+Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
+q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
+ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
+ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
+833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
+5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
+CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
+MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
+kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
+BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
+pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
+9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
+2dMmiMQ7gGhWX9X6gWLd
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..e1100c7fc
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
+Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
+JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
+hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
+L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
++XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
+U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
+o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
+jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
++7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
+BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
+drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
+rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
+VxCuPLXx/4sCfANQtvuY
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
new file mode 100644
index 000000000..e90f5f2a6
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
+MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
+FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
+MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
+BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
+jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
+2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
+tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
+8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
+1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
+AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
+A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
+sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
+C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
+/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
+PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
+NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
+xw==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
new file mode 100644
index 000000000..04627da98
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEdzCCA1+gAwIBAgIDFLT9MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwNDIw
+NVoXDTI0MDcyMzA4NDIwNVowgYcxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxFjAUBgNVBAsMDWEtc2lnbi1TU0wtMDMxFjAUBgNVBAMMDWEt
+c2lnbi1TU0wtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjPM6
+PqgdPBPV4Efudpytt2Y4GZJfjeRdZo5SCuULDvvL+23xxBWnR3scFvfE1ekHN/YK
+k+2/qhU2B2ntoSNJSyDchNM8YPc9Lx67zZyhQTZgbBzh3IZAVb/hwuRRRV68JCBj
+r3r6v7IbwjH5XcVISdB4szx0z93aAQyKW9QkV+tD5a1vWFETvdHsZeVmDzfqcdsG
+AznPJw+9HrImCsswCWYUgPcFRkPNjj2r2NoyckVN781aWmNTAqJPf/Ckj9l9pUIt
+Vjhy8XNJW4iVDBkkykBXcGSkIau0ypJrRjsD1jKqUTIRZ/y2HlyltmwWi8OuyBLd
+LaHDbjc0b6JmqoivAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQD6h02K0A90wEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEG
+MIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQv
+b3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJl
+dm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1
+dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAbHQvTl94ommGFln3s6wmd/tr6r5R
+3FR3A7O/uiGEAqm/7B84KGkTmKHhChGMiCiMcBSGtMx1IaO+t7gimLtRL57wgeIf
+k6nsgcbBioh0nO12XDagdtj75Dr7buEFyQvFdfydi5cAwScLW+YYxtwDni9/debd
+ypFKeCRxdCX12n0oFQDPJf8YvE4CaDitBJCQrZdJBDpB6muF8mpNq8CIuyTPIBZX
+RPKJNfIraKq/Xi7tuLkvWVGVsSqJeTvP++05Tvv/44+XBpCp3sUrjsb0G0Mj90PG
+SnAapsrgzDzLO/LQ8vrB9H2oRM4iYfUxu/dKSOBVXa3WQzsLBL0/9zZ30g==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..eb051dc4d
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
+VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
+IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
+bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
+GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
+LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
+AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
+cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
+ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
+SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
+YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
+fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
+lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
+x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
+rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
+X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
+lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
+6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
+kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
+qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
+TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
+46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
+KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
+C016YgTrrQ==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..be29fb6ac
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
+Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
+q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
+ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
+ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
+833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
+5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
+CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
+MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
+kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
+BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
+pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
+9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
+2dMmiMQ7gGhWX9X6gWLd
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..e1100c7fc
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
+Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
+JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
+hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
+L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
++XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
+U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
+o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
+jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
++7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
+BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
+drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
+rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
+VxCuPLXx/4sCfANQtvuY
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
new file mode 100644
index 000000000..e90f5f2a6
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
+MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
+FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
+MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
+BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
+jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
+2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
+tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
+8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
+1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
+AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
+A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
+sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
+C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
+/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
+PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
+NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
+xw==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..eb051dc4d
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
+VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
+IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
+bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
+GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
+LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
+AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
+cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
+ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
+SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
+YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
+fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
+lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
+x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
+rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
+X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
+lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
+6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
+kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
+qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
+TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
+46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
+KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
+C016YgTrrQ==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..be29fb6ac
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
+Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
+q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
+ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
+ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
+833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
+5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
+CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
+MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
+kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
+BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
+pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
+9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
+2dMmiMQ7gGhWX9X6gWLd
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..e1100c7fc
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
+Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
+JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
+hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
+L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
++XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
+U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
+o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
+jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
++7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
+BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
+drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
+rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
+VxCuPLXx/4sCfANQtvuY
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
new file mode 100644
index 000000000..e90f5f2a6
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
+MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
+FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
+MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
+BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
+jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
+2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
+tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
+8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
+1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
+AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
+A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
+sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
+C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
+/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
+PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
+NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
+xw==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
-- 
cgit v1.2.3


From da297f4c36783f4f1e4c0771ab7b071e2660a868 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 11 Sep 2014 12:09:03 +0200
Subject: change assembly process

---
 id/assembly-auth.xml                               |   8 +
 id/server/doc/conf/Catalina/localhost/proxy.xml    |  25 -
 .../60916A7AFE1F0EA965ECC9375BE974971B5DC1E6       | Bin 1549 -> 0 bytes
 .../C200667FF6D7CD3CD371EB2FD6A8E741D5D3EA28       | Bin 880 -> 0 bytes
 .../D3C063F219ED073E34AD5D750B327629FFD59AF2       | Bin 979 -> 0 bytes
 .../0BB438D6E2D13BE3FD8CF0807BD560D3CB5C4A98       | Bin 1156 -> 0 bytes
 .../FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22       | Bin 1147 -> 0 bytes
 .../BECE82B2F908174E2379652769C6942AF1F0CC5E       | Bin 982 -> 0 bytes
 .../certs/truststore/A-Trust-nQual-03.crt          |  23 -
 .../certs/truststore/IAIKTestRootCA.crt            |  21 -
 .../htmlTemplates/loginFormFull.html               | 846 ---------------------
 .../htmlTemplates/sendAssertionFormFull.html       | 617 ---------------
 .../keys/application[password].p12                 | Bin 7885 -> 0 bytes
 .../conf/moa-id-configuration/keys/assertion.crt   |  24 -
 .../conf/moa-id-configuration/keys/encryption.crt  |  24 -
 .../conf/moa-id-configuration/keys/metadata.crt    |  24 -
 .../doc/conf/moa-id-configuration/keys/moa_idp.crt |  24 -
 .../keys/moa_idp[password].p12                     | Bin 7885 -> 0 bytes
 .../doc/conf/moa-id-configuration/keys/request.crt |  24 -
 .../mail/activation_template.html                  |  39 -
 .../moa-id-configuration/mail/admin_template.html  |  40 -
 .../mail/oa_activation_template.html               |  37 -
 .../mail/rejected_template.html                    |  37 -
 .../mail/verification_template.html                |  43 --
 .../moa-id-configtool.properties                   |  86 ---
 .../transforms/TransformsInfoAuthBlockTable_DE.xml | 161 ----
 .../TransformsInfoAuthBlockTable_DE_2.0.xml        |   7 -
 .../transforms/TransformsInfoAuthBlockTable_EN.xml | 161 ----
 .../doc/conf/moa-id-oa/keys/Metadata_Signing.cer   |  24 -
 .../conf/moa-id-oa/keys/application[password].p12  | Bin 7885 -> 0 bytes
 id/server/doc/conf/moa-id-oa/keys/assertion.crt    |  24 -
 id/server/doc/conf/moa-id-oa/keys/encryption.crt   |  24 -
 id/server/doc/conf/moa-id-oa/keys/metadata.crt     |  24 -
 id/server/doc/conf/moa-id-oa/keys/moa_idp.crt      |  24 -
 id/server/doc/conf/moa-id-oa/oa.properties         |  27 -
 .../doc/conf/moa-id-proxy/MOAIDConfiguration.xml   |  67 --
 .../errorpages/errorpage-auth_debug.jsp            |  53 --
 .../errorpages/errorpage-auth_empty.jsp            |  13 -
 .../errorpages/errorpage-proxy_debug.jsp           |  53 --
 .../errorpages/errorpage-proxy_empty.jsp           |  13 -
 id/server/doc/conf/moa-id/MOAIdentities.xsd        |  59 --
 .../conf/moa-id/SLTemplates/template_handyBKU.html |  38 -
 .../conf/moa-id/SLTemplates/template_localBKU.html |  30 -
 .../moa-id/SLTemplates/template_onlineBKU.html     |  37 -
 id/server/doc/conf/moa-id/SampleIdentities.xml     |  34 -
 .../moa-id/certs/ca-certs/A-Trust-nQual-03.cer     | Bin 979 -> 0 bytes
 .../conf/moa-id/certs/ca-certs/a-sign-SSL-03.cer   | Bin 1147 -> 0 bytes
 .../ca-certs/gateway.stammzahlenregister.gv.at.cer | Bin 1356 -> 0 bytes
 .../moa-id/certs/ca-certs/szrgw.egiz.gv.at.crt     |  33 -
 .../C2556DADDF68A9EEF7F5C14A24CA33BCA930B201       | Bin 1385 -> 0 bytes
 .../E1201A308CC10323C27D9084B048996E44B8F710       | Bin 806 -> 0 bytes
 .../D44EED7580C7792242D73E267A89C7DB25E4BD08       | Bin 1314 -> 0 bytes
 .../7E691392F741B7E4B4AA9A76D75851BDE18BE5A7       | Bin 864 -> 0 bytes
 .../9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726       | Bin 1383 -> 0 bytes
 .../08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9       | Bin 991 -> 0 bytes
 .../0F843FB1E0C626540BE638B79A2987E2611CE630       | Bin 1018 -> 0 bytes
 .../69F21C82DC9A7A940ACEC414593E59C9E61E522F       | Bin 990 -> 0 bytes
 .../FC72939DC06EDDF8C51549ECF00AC92BF2B39F35       | Bin 1087 -> 0 bytes
 .../341F53B3B17518213B1856BFAB3CEFBE948AFC0D       | Bin 1070 -> 0 bytes
 .../3A24040C01D5C9A4980575BFF99A25E534A056CB       | Bin 1070 -> 0 bytes
 .../FB356CEF4406D1F135E3FC59026B338D3F518F9A       | Bin 886 -> 0 bytes
 .../BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330       | Bin 995 -> 0 bytes
 .../E7340D1FB627D8917A9C0D23F21515C441BF1214       | Bin 1292 -> 0 bytes
 .../2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D       | Bin 820 -> 0 bytes
 .../386C1663C6390BC288DC171522439210AF361958       | Bin 1000 -> 0 bytes
 .../9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2       | Bin 1151 -> 0 bytes
 .../49969819654C230ECDF779ABB9629A211FCC43D6       | Bin 1353 -> 0 bytes
 .../D0AF386E182F00983637F97C0A5F4708F9F641A7       | Bin 1157 -> 0 bytes
 .../6814C7316CEA7191C9CB3BE58199B4A957210D9C       | Bin 704 -> 0 bytes
 .../5F06F65C714047E3B282AEC427C35AB703E49D8E       | Bin 1169 -> 0 bytes
 .../D45360060761812D33DE294EAC1573F6DE12A208       | Bin 1169 -> 0 bytes
 .../C529469053D9F95810A8F7F2DB9A6596A7655732       | Bin 913 -> 0 bytes
 .../D3C063F219ED073E34AD5D750B327629FFD59AF2       | Bin 979 -> 0 bytes
 .../1C43C0BA36CC8DE659180B2FAC9A6F54430D5941       | Bin 991 -> 0 bytes
 .../AC36A78C66FEC87CC0FD2C32B49214C65676E0C5       | Bin 919 -> 0 bytes
 .../C92238A7178A6C61F8BACA22D6CF7E50772BA9F0       | Bin 1018 -> 0 bytes
 .../DFAE695342AC81A521025904406884399822B233       | Bin 987 -> 0 bytes
 .../12B06E039F1A36D8238AFC508009E1ADF88BF66F       | Bin 1253 -> 0 bytes
 .../0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38       | Bin 704 -> 0 bytes
 .../D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D       | Bin 914 -> 0 bytes
 .../88D6151358A5E3C81D7AE1A536121DC03011BC03       | Bin 1205 -> 0 bytes
 .../35A40EF932B1F23980E2C672FC939E91EEBD0317       | Bin 1262 -> 0 bytes
 .../B1D0BC027906A3B7E7518C93ACB26D978233ED27       | Bin 1171 -> 0 bytes
 .../75F792DE2CF544007F470F1B924961C2BD2EF517       | Bin 802 -> 0 bytes
 .../08BBE8E906397158FA4BF4058BBBDB5EA11BAE82       | Bin 979 -> 0 bytes
 .../66AB66128A44574873E54E6584E450C4EB3B9A1E       | Bin 1170 -> 0 bytes
 .../65698A39E03FF00FD552D4AD99FB290C2B9D4BEA       | Bin 1018 -> 0 bytes
 .../04CF0318BA0B54DD76E1DE143445210BDD32E299       | Bin 865 -> 0 bytes
 .../0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F       | Bin 861 -> 0 bytes
 .../51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE       | Bin 865 -> 0 bytes
 .../9E0512DD61DA5949D1D8631C3F19D75F496C3733       | Bin 864 -> 0 bytes
 .../E6E6FC88719177C9B7421825757C5E47BCAC85F6       | Bin 860 -> 0 bytes
 .../C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E       | Bin 1298 -> 0 bytes
 .../A2F138CD16AD04BC3F145E3780BFA169BFDA263B       | Bin 1505 -> 0 bytes
 .../C5AC86EC5B771BEBDF8B6E040F109A1186E229B9       | Bin 1234 -> 0 bytes
 .../23E594945195F2414803B4D564D2A3A3F5D88B8C       | Bin 791 -> 0 bytes
 .../6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A       | Bin 1256 -> 0 bytes
 .../65EF37033859C2F709A64086D3A5BD1B8F1A85A4       | Bin 1045 -> 0 bytes
 .../07298E24461954E4696D2ED9FFB7D52B57F325B3       | Bin 1279 -> 0 bytes
 .../B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15       | Bin 1273 -> 0 bytes
 .../3A77E9B577661D99F9BBA5A352B29C7FF58A3D26       | Bin 914 -> 0 bytes
 .../84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E       | Bin 1747 -> 0 bytes
 .../9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA       | Bin 1391 -> 0 bytes
 .../C23FC1895966021249B35412C0C8C56D107732DE       | Bin 1563 -> 0 bytes
 .../51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4       | Bin 1130 -> 0 bytes
 .../F5F2456D79490C268569970E900C68FD1C7DC8E5       | Bin 1264 -> 0 bytes
 .../B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F       | Bin 1188 -> 0 bytes
 .../620127A8E5886A4805403977C3EF7D5EAF881526       | Bin 870 -> 0 bytes
 .../FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830       | Bin 1141 -> 0 bytes
 .../4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9       | Bin 984 -> 0 bytes
 .../6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B       | Bin 1159 -> 0 bytes
 .../341EA32E448659125A67DD04177FD17468FCFCB1       | Bin 1366 -> 0 bytes
 .../069519EC949AC6B91D4C33A3F3665441F0220D20       | Bin 1313 -> 0 bytes
 .../2F5EBA5055E9F7444852ADCEEB769E5DE157A03D       | Bin 1352 -> 0 bytes
 .../334710B9169BCD20687A6302EEB16AEB97F288CD       | Bin 825 -> 0 bytes
 .../D031945D982820B92FADBC7F71F6D1D9DFFDA2C9       | Bin 1213 -> 0 bytes
 .../CA80A13D41116E24CB1479E970CDC1C030C5907C       | Bin 1272 -> 0 bytes
 .../7A2CFA69FCA284D4627012A7A55662594C803B2A       | Bin 901 -> 0 bytes
 .../ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B       | Bin 901 -> 0 bytes
 .../53CB69CF933C2D28FB9DF91F2852A99EC3352EA0       | Bin 1546 -> 0 bytes
 .../00845B74CA13FE0A9056E6C0B5126FECF73B0D8C       | Bin 740 -> 0 bytes
 .../474BC41135FB88BF58B5A8D976A1D5583378D85E       | Bin 1133 -> 0 bytes
 .../6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01       | Bin 1171 -> 0 bytes
 .../FDC348410699803DE7D8276813BC2232EA99A878       | Bin 835 -> 0 bytes
 .../BF648929E7DAABD8D97B3202F48D6C4A19C78F6C       | Bin 990 -> 0 bytes
 .../FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22       | Bin 1147 -> 0 bytes
 .../6DCD5118D1542E6C205C580775C5420B7509506B       | Bin 1076 -> 0 bytes
 .../3B8484BF1370941BF03F206B5C4958DA4E1559BB       | Bin 1065 -> 0 bytes
 .../6DD653FB8FE2614249924274043E834664EBE980       | Bin 1065 -> 0 bytes
 .../C0EF3E7A54B4C501295F77974B1995E36B25C92B       | Bin 1066 -> 0 bytes
 .../D29172D3F501A2D7A47F702633044F519A3A5F0B       | Bin 1066 -> 0 bytes
 .../842B3870A64001CDD90978D0E554DAF94D9ABDFE       | Bin 947 -> 0 bytes
 .../679A4F81FC705DDEC419778DD2EBD875F4C242C6       | Bin 975 -> 0 bytes
 .../82096E6D9B1248321625323D52858642CB0B748E       | Bin 975 -> 0 bytes
 .../53A6B611F8CEE0315BCCE5D59898931ED390E400       | Bin 761 -> 0 bytes
 .../A149EE01A250491C07D5A279D3B58A646288DA22       | Bin 1185 -> 0 bytes
 .../AD8ECBB67B9DC59406F92A296A38192297A4F169       | Bin 1191 -> 0 bytes
 .../45B43346251FDF9E95DCB7F36928785D46D63913       | Bin 1136 -> 0 bytes
 .../E33619C88426E4FE956041E6751ADDEC9C10F0BC       | Bin 1136 -> 0 bytes
 .../35202B14F69409EAA51CD8AB547AC0CD5E993F3F       | Bin 1053 -> 0 bytes
 .../41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA       | Bin 1165 -> 0 bytes
 .../79B21E2743A879AFF5403ECEA09EAC2084EF4799       | Bin 1014 -> 0 bytes
 .../3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6       | Bin 1030 -> 0 bytes
 .../9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B       | Bin 932 -> 0 bytes
 .../A562C4B99E2847251CB4A1F05DA1FF43E7296F0B       | Bin 999 -> 0 bytes
 .../9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C       | Bin 997 -> 0 bytes
 .../9F0E0FBB25F66FF88C8E033EFF358923C84A2926       | Bin 930 -> 0 bytes
 .../C87D1855227D995C332C4C9072A2E2053F2CC623       | Bin 1028 -> 0 bytes
 .../42AD1897A4643D2AA634D980F16349E6694F3B1B       | Bin 1237 -> 0 bytes
 .../FE7891B6ED7B178F528A28B21478299F865889BD       | Bin 1333 -> 0 bytes
 .../3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B       | Bin 1201 -> 0 bytes
 .../8784ED81F5A22779EB0B081945FD151992557FBE       | Bin 1159 -> 0 bytes
 .../88583DB03975127CB488CA7DDE303A1646CEA97B       | Bin 1159 -> 0 bytes
 .../0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8       | Bin 1058 -> 0 bytes
 .../20CAECDCA766243AAD6FA1327618FC81BA65DC0F       | Bin 1057 -> 0 bytes
 .../96D5D179016A5A6546973BA63733617EE1F1540D       | Bin 1058 -> 0 bytes
 .../CF236CF66379EA506F967D21F0E25E87529D9687       | Bin 1058 -> 0 bytes
 .../FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76       | Bin 1057 -> 0 bytes
 .../266FCA0265A576548425BDAE15448665EE8BB889       | Bin 1076 -> 0 bytes
 .../D4D1370FD1D9EAA46412008FF3E59E114BCF724A       | Bin 1111 -> 0 bytes
 .../DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A       | Bin 1110 -> 0 bytes
 .../E619D25B380B7B13FDA33E8A58CD82D8A88E0515       | Bin 1111 -> 0 bytes
 .../F825578F8F5484DFB40F81867C392D6CB0012B92       | Bin 1110 -> 0 bytes
 .../A9D28607928FA8615E2615CC9D71B535C5D0D419       | Bin 734 -> 0 bytes
 .../4D523730501ADB80A76B0B473A4D21C7D86F8374       | Bin 1167 -> 0 bytes
 .../7AC3EFA52DE27A930EC8754DB5E061476948E914       | Bin 1028 -> 0 bytes
 .../8944AF64790FA467C02424CB22523A068C3B72DB       | Bin 1073 -> 0 bytes
 .../36B41A8B411985ED1032DBD85A154207164A9B85       | Bin 1069 -> 0 bytes
 .../AA94FD422AEB8F5B6E8508314CE0DC68BCD53305       | Bin 1339 -> 0 bytes
 .../07A6DEED70213CCF598F278789680DA4C04A0331       | Bin 1266 -> 0 bytes
 .../A5A00B223EF24AED92D03F652CFE367CA9D1B200       | Bin 958 -> 0 bytes
 .../BD78039E45BA4E4B13ADECC58124520ACE83B6A7       | Bin 1614 -> 0 bytes
 .../7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2       | Bin 920 -> 0 bytes
 .../D1474E7D99512D05B98DD37B3FE86496A03D088D       | Bin 922 -> 0 bytes
 .../9766A5ED03482991DA91BB763ECDCD9417394100       | Bin 1169 -> 0 bytes
 .../BB97947C31BBF3364A2909F9876DBD3B87B5B62A       | Bin 1169 -> 0 bytes
 .../60B7181FD8BCA00B84961BF31DB08C50376CCF44       | Bin 1068 -> 0 bytes
 .../74801529B4E8E5764FFC4D8E6577E1F84E8101CE       | Bin 1067 -> 0 bytes
 .../7B7B60B748C82B34EE71A3CEA729C477083F0BDA       | Bin 1068 -> 0 bytes
 .../EBB80BE34C78814AE659BBA3A2394E4D9857123D       | Bin 1068 -> 0 bytes
 .../7BE0C8E441786C69A3CB35BDBEF235F8B5310E04       | Bin 700 -> 0 bytes
 .../42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA       | Bin 975 -> 0 bytes
 .../51C01567BCB22968EF5A297B7EA84E195594E0E8       | Bin 975 -> 0 bytes
 .../DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE       | Bin 823 -> 0 bytes
 .../844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA       | Bin 1159 -> 0 bytes
 .../B38C775A18C1195D01658D75FBDA3258B6DF018B       | Bin 1159 -> 0 bytes
 .../6955D95F6B0799F7D96F4FC28E6E6C64758C1240       | Bin 1224 -> 0 bytes
 .../F96FE4F59166EFA9000B21A16EF22CF14468890C       | Bin 944 -> 0 bytes
 .../7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E       | Bin 1159 -> 0 bytes
 .../A79681CBDD69EC741214136F128923A574E26F03       | Bin 1159 -> 0 bytes
 .../C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED       | Bin 406 -> 0 bytes
 .../7666A8BD2C2513DE489C06D08D566F177ECE84AA       | Bin 1260 -> 0 bytes
 .../02A0E6456442E35198532ACFFB6FEE3B606D9FA3       | Bin 1366 -> 0 bytes
 .../7D60E314AA6AEF548A614A9354C5068192051A29       | Bin 2278 -> 0 bytes
 .../C6658C25AFB8A9D738F2BC591775D167549FFD3A       | Bin 1264 -> 0 bytes
 .../8AB0A3519AFA7F3C04074522678BAA1CB3DC734F       | Bin 930 -> 0 bytes
 .../DF47B3040E7632614464BD2EC4ECD1B8030F53E3       | Bin 933 -> 0 bytes
 .../E117479B4A41D7F3223FCAE50560B0D57B22217D       | Bin 997 -> 0 bytes
 .../07976A2A16EC182670161B46886B05E1FEAC16B1       | Bin 1209 -> 0 bytes
 .../52ED0FAFBD38A868C678174D7EB03D266ADB221C       | Bin 994 -> 0 bytes
 .../8BA5C0847597612C7E16970EAE55EF58D32E9CF3       | Bin 1202 -> 0 bytes
 .../18585FC53A283488E4BA84867980E9B1F2B28ADA       | Bin 1313 -> 0 bytes
 .../27337257493B86B9BFF78D569F938D692A430EAE       | Bin 1218 -> 0 bytes
 .../4832F0A28C3724A92F6CB3314F747D0E74FC7344       | Bin 1217 -> 0 bytes
 .../6352302A5072DBFB769D4FF4C70C86432C4C1683       | Bin 1218 -> 0 bytes
 .../EE886B907E31667D622677F665F25C54AF9A7F65       | Bin 1218 -> 0 bytes
 .../698563ECEE29232C5304487D972310F86650C3A6       | Bin 1185 -> 0 bytes
 .../B4B77C83465979E3679E3A33F972F48EE3730A18       | Bin 924 -> 0 bytes
 .../3AAD23B00CA10E54E6368DF7952E3F4B5108B65C       | Bin 606 -> 0 bytes
 .../14E59C02A6877B0EBD2C4203886BA25959C1D267       | Bin 1020 -> 0 bytes
 .../ED5608CE67EA5CB79AC024CEA7445F9BCBE48703       | Bin 1067 -> 0 bytes
 .../F3AE9FEA4DECEE5330770A2520BD86909929E7BE       | Bin 758 -> 0 bytes
 .../16D8270DE51B034E77B7CDAF1DEE623916243DDC       | Bin 1068 -> 0 bytes
 .../3D3F25C5CD9F932037D91B7D102EDB58EC7C8239       | Bin 1068 -> 0 bytes
 .../40B51EEF4E709FBD47935DDD83A1F640D0CC378A       | Bin 1067 -> 0 bytes
 .../D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537       | Bin 1068 -> 0 bytes
 .../CAF84A42305615AC2C582F6412BDA3E36DAC3D25       | Bin 786 -> 0 bytes
 .../D7EDAF7381F7FC93B4C28FA372190D7A59CFA696       | Bin 660 -> 0 bytes
 .../EC988340526163D5B7AC80481B2AC76828EDDC6C       | Bin 1157 -> 0 bytes
 .../conf/moa-id/htmlTemplates/loginFormFull.html   | 846 ---------------------
 .../htmlTemplates/sendAssertionFormFull.html       | 617 ---------------
 .../conf/moa-id/htmlTemplates/slo_template.html    | 451 -----------
 id/server/doc/conf/moa-id/keys/assertion.crt       |  24 -
 id/server/doc/conf/moa-id/keys/encryption.crt      |  24 -
 id/server/doc/conf/moa-id/keys/metadata.crt        |  24 -
 .../doc/conf/moa-id/keys/moa_idp[password].p12     | Bin 5346 -> 0 bytes
 id/server/doc/conf/moa-id/keys/storkDemoKeys.jks   | Bin 9023 -> 0 bytes
 id/server/doc/conf/moa-id/log4j.properties         |  27 -
 id/server/doc/conf/moa-id/moa-id.properties        | 127 ----
 .../moa-id/monitoring/MOA-ID-Auth_Monitoring.crt   |  18 -
 .../doc/conf/moa-id/monitoring/monitoring_idl.xml  |  87 ---
 .../doc/conf/moa-id/oa/BasicOAConfiguration.xml    |   9 -
 .../doc/conf/moa-id/oa/HeaderOAConfiguration.xml   |  10 -
 .../doc/conf/moa-id/oa/ParamOAConfiguration.xml    |  10 -
 .../doc/conf/moa-id/oa/SampleOAConfiguration.xml   |   9 -
 .../conf/moa-id/oa/SamplewbPKOAConfiguration.xml   |   9 -
 id/server/doc/conf/moa-id/stork/SamlEngine.xml     |  70 --
 .../doc/conf/moa-id/stork/SignModule_incoming.xml  |  12 -
 .../conf/moa-id/stork/SignModule_incoming_attr.xml |  12 -
 .../doc/conf/moa-id/stork/SignModule_outgoing.xml  |  12 -
 .../doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml | 120 ---
 .../conf/moa-id/stork/StorkSamlEngine_incoming.xml |  94 ---
 .../moa-id/stork/StorkSamlEngine_incoming_attr.xml |  94 ---
 .../conf/moa-id/stork/StorkSamlEngine_outgoing.xml |  94 ---
 .../doc/conf/moa-id/stork/storkDemoKeysPT.jks      | Bin 3013 -> 0 bytes
 .../moa-id/stork/storkDemoKeys_minividp_old.jks    | Bin 4592 -> 0 bytes
 .../transforms/TransformsInfoAuthBlockTable_DE.xml | 161 ----
 .../TransformsInfoAuthBlockTable_DE_2.0.xml        |   7 -
 .../transforms/TransformsInfoAuthBlockTable_EN.xml | 161 ----
 .../conf/moa-spss/SampleMOASPSSConfiguration.xml   |  83 --
 .../C2556DADDF68A9EEF7F5C14A24CA33BCA930B201       | Bin 1385 -> 0 bytes
 .../08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9       | Bin 991 -> 0 bytes
 .../BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330       | Bin 995 -> 0 bytes
 .../D3C063F219ED073E34AD5D750B327629FFD59AF2       | Bin 979 -> 0 bytes
 .../88D6151358A5E3C81D7AE1A536121DC03011BC03       | Bin 1205 -> 0 bytes
 .../35A40EF932B1F23980E2C672FC939E91EEBD0317       | Bin 1262 -> 0 bytes
 .../B1D0BC027906A3B7E7518C93ACB26D978233ED27       | Bin 1171 -> 0 bytes
 .../84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E       | Bin 1747 -> 0 bytes
 .../CA80A13D41116E24CB1479E970CDC1C030C5907C       | Bin 1272 -> 0 bytes
 .../7A2CFA69FCA284D4627012A7A55662594C803B2A       | Bin 901 -> 0 bytes
 .../ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B       | Bin 901 -> 0 bytes
 .../FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22       | Bin 1147 -> 0 bytes
 .../679A4F81FC705DDEC419778DD2EBD875F4C242C6       | Bin 975 -> 0 bytes
 .../82096E6D9B1248321625323D52858642CB0B748E       | Bin 975 -> 0 bytes
 .../D4D1370FD1D9EAA46412008FF3E59E114BCF724A       | Bin 1111 -> 0 bytes
 .../DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A       | Bin 1110 -> 0 bytes
 .../E619D25B380B7B13FDA33E8A58CD82D8A88E0515       | Bin 1111 -> 0 bytes
 .../F825578F8F5484DFB40F81867C392D6CB0012B92       | Bin 1110 -> 0 bytes
 .../4D523730501ADB80A76B0B473A4D21C7D86F8374       | Bin 1167 -> 0 bytes
 .../7AC3EFA52DE27A930EC8754DB5E061476948E914       | Bin 1028 -> 0 bytes
 .../42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA       | Bin 975 -> 0 bytes
 .../51C01567BCB22968EF5A297B7EA84E195594E0E8       | Bin 975 -> 0 bytes
 .../7D60E314AA6AEF548A614A9354C5068192051A29       | Bin 2278 -> 0 bytes
 .../698563ECEE29232C5304487D972310F86650C3A6       | Bin 1185 -> 0 bytes
 ...0240701.SerNo144ddd(SecureSignatureKeypair).cer |  26 -
 ...0240701.SerNo144de4(SecureSignatureKeypair).cer |  23 -
 ...0240701.SerNo144df5(SecureSignatureKeypair).cer |  23 -
 ...-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer | Bin 1485 -> 0 bytes
 ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer |  21 -
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer |  23 -
 ...rust-nQual-03.20050817-20150817.SerNo016c1e.cer | Bin 979 -> 0 bytes
 ...a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer |  26 -
 .../moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer | Bin 1147 -> 0 bytes
 .../toBeAdded/atrust_OCSP_Responder_03-1.crt       | Bin 1185 -> 0 bytes
 .../profiles/MOAIDTransformAuthBlockTable_DE.xml   | 159 ----
 .../MOAIDTransformAuthBlockTable_DE_2.0.xml        |   7 -
 .../profiles/MOAIDTransformAuthBlockTable_EN.xml   | 159 ----
 .../moa-spss/sslKeys/customer1/moa-ssl-kunde1.der  | Bin 1076 -> 0 bytes
 .../customer1/moa-ssl-kunde1[pwd=kunde1].p12       | Bin 4893 -> 0 bytes
 .../customer1/trustedServers[pwd=servers].keystore | Bin 1202 -> 0 bytes
 .../moa-spss/sslKeys/customer2/moa-ssl-kunde2.der  | Bin 1076 -> 0 bytes
 .../customer2/moa-ssl-kunde2[pwd=kunde2].p12       | Bin 4893 -> 0 bytes
 .../customer2/trustedServers[pwd=servers].keystore | Bin 1202 -> 0 bytes
 .../moa-spss/sslKeys/server/moa-ssl-server.der     | Bin 1115 -> 0 bytes
 .../sslKeys/tomcat/tomcat[pwd=server].keystore     | Bin 4481 -> 0 bytes
 .../tomcat/trustedClients[pwd=clients].keystore    | Bin 1078 -> 0 bytes
 .../trustProfiles/C-PEPS-Test/ES_C-PEPS_Test.cer   |  16 -
 .../trustProfiles/C-PEPS-Test/IT_C-PEPS_Test.cer   |  21 -
 .../trustProfiles/C-PEPS-Test/PT_C-PEPS_Test.cer   |  32 -
 .../trustProfiles/C-PEPS-Test/SI_C-PEPS_Test.cer   |  31 -
 .../moa-spss/trustProfiles/C-PEPS/ES_C-PEPS.cer    |  43 --
 .../moa-spss/trustProfiles/C-PEPS/IT_C-PEPS.cer    |  21 -
 .../moa-spss/trustProfiles/C-PEPS/PT_C-PEPS.cer    |  33 -
 .../moa-spss/trustProfiles/C-PEPS/SI_C-PEPS.cer    |  31 -
 ...0240701.SerNo144ddd(SecureSignatureKeypair).cer |  26 -
 ...-20041130.SerNo01f6(SecureSignatureKeypair).cer | Bin 901 -> 0 bytes
 ...-20041215.SerNo021e(SecureSignatureKeypair).cer | Bin 901 -> 0 bytes
 ...-20050207.SerNo0291(SecureSignatureKeypair).cer | Bin 1110 -> 0 bytes
 ...-20050207.SerNo210d(SecureSignatureKeypair).cer | Bin 1110 -> 0 bytes
 ...-20141201.SerNoE243(SecureSignatureKeypair).cer | Bin 1111 -> 0 bytes
 ...rust-Qual-01b.20041201-20141201.SerNo01C854.cer | Bin 1111 -> 0 bytes
 ...0240701.SerNo144de4(SecureSignatureKeypair).cer |  23 -
 ...-20141203.SerNoE248(SecureSignatureKeypair).cer | Bin 975 -> 0 bytes
 ...rust-Qual-02b.20041203-20141203.SerNo01C857.cer | Bin 975 -> 0 bytes
 ...0240701.SerNo144df5(SecureSignatureKeypair).cer |  23 -
 ...-20180425.SerNoe694(SecureSignatureKeypair).cer | Bin 975 -> 0 bytes
 ...rust-Qual-03b.20080424-20180424.SerNo041D14.cer | Bin 975 -> 0 bytes
 ...-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer | Bin 1485 -> 0 bytes
 ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer |  21 -
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer |  23 -
 ...rust-nQual-03.20050817-20150817.SerNo016c1e.cer | Bin 979 -> 0 bytes
 ...band oesterr. Sozialvers.,CN=Root-CA 1-2045.der | Bin 1747 -> 0 bytes
 ...IZ_Test_CA_-_User.20070829-20140101.SerNo00.cer | Bin 1262 -> 0 bytes
 ...m-Test-Sig-02.20041227-20141201.SerNo00b5ac.cer | Bin 1028 -> 0 bytes
 ...TEST-Qual-01a.20041117-20141117.SerNo00da88.cer | Bin 991 -> 0 bytes
 ...EST-nQual-01a.20041117-20080630.SerNo00da8b.cer | Bin 995 -> 0 bytes
 ...0240701.SerNo144ddd(SecureSignatureKeypair).cer |  26 -
 ...-20041130.SerNo01f6(SecureSignatureKeypair).cer | Bin 901 -> 0 bytes
 ...-20041215.SerNo021e(SecureSignatureKeypair).cer | Bin 901 -> 0 bytes
 ...-20050207.SerNo0291(SecureSignatureKeypair).cer | Bin 1110 -> 0 bytes
 ...-20050207.SerNo210d(SecureSignatureKeypair).cer | Bin 1110 -> 0 bytes
 ...-20141201.SerNoE243(SecureSignatureKeypair).cer | Bin 1111 -> 0 bytes
 ...rust-Qual-01b.20041201-20141201.SerNo01C854.cer | Bin 1111 -> 0 bytes
 ...0240701.SerNo144de4(SecureSignatureKeypair).cer |  23 -
 ...-20141203.SerNoE248(SecureSignatureKeypair).cer | Bin 975 -> 0 bytes
 ...rust-Qual-02b.20041203-20141203.SerNo01C857.cer | Bin 975 -> 0 bytes
 ...0240701.SerNo144df5(SecureSignatureKeypair).cer |  23 -
 ...-20180425.SerNoe694(SecureSignatureKeypair).cer | Bin 975 -> 0 bytes
 ...rust-Qual-03b.20080424-20180424.SerNo041D14.cer | Bin 975 -> 0 bytes
 ...-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer | Bin 1485 -> 0 bytes
 ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer |  21 -
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer |  23 -
 ...rust-nQual-03.20050817-20150817.SerNo016c1e.cer | Bin 979 -> 0 bytes
 ...band oesterr. Sozialvers.,CN=Root-CA 1-2045.der | Bin 1747 -> 0 bytes
 ...A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer | Bin 2278 -> 0 bytes
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer |  23 -
 ...rust-nQual-03.20050817-20150817.SerNo016c1e.cer | Bin 979 -> 0 bytes
 ..._-_Signaturdienst.20070829-20140101.SerNo02.cer | Bin 1272 -> 0 bytes
 ...Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer | Bin 1205 -> 0 bytes
 ...traut_Kotschy.20070119-20120119.SerNo02DE1C.cer | Bin 1385 -> 0 bytes
 .../a-sign-corporate-light-02.cer                  | Bin 1167 -> 0 bytes
 ...rate-light-03-20051114-20151114.SerNo01AAED.cer | Bin 1171 -> 0 bytes
 ...A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer | Bin 2278 -> 0 bytes
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer |  23 -
 ...rust-nQual-03.20050817-20150817.SerNo016c1e.cer | Bin 979 -> 0 bytes
 ...Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer | Bin 1205 -> 0 bytes
 ...traut_Kotschy.20070119-20120119.SerNo02DE1C.cer | Bin 1385 -> 0 bytes
 .../a-sign-corporate-light-02.cer                  | Bin 1167 -> 0 bytes
 ...rate-light-03-20051114-20151114.SerNo01AAED.cer | Bin 1171 -> 0 bytes
 359 files changed, 8 insertions(+), 7025 deletions(-)
 delete mode 100644 id/server/doc/conf/Catalina/localhost/proxy.xml
 delete mode 100644 id/server/doc/conf/moa-id-configuration/certs/certstore/0ED5CDAFA436F005D3F8351F242765C0B56DE4A3/60916A7AFE1F0EA965ECC9375BE974971B5DC1E6
 delete mode 100644 id/server/doc/conf/moa-id-configuration/certs/certstore/1BC54FCD10AC931CD35BDBDCD622330B06FF615E/C200667FF6D7CD3CD371EB2FD6A8E741D5D3EA28
 delete mode 100644 id/server/doc/conf/moa-id-configuration/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2
 delete mode 100644 id/server/doc/conf/moa-id-configuration/certs/certstore/844A1479AD61EA2C122DA87572364FDB6EFF5F81/0BB438D6E2D13BE3FD8CF0807BD560D3CB5C4A98
 delete mode 100644 id/server/doc/conf/moa-id-configuration/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22
 delete mode 100644 id/server/doc/conf/moa-id-configuration/certs/certstore/C15B362B586F7D6FE99A08C386E6DEAC7C0B93BC/BECE82B2F908174E2379652769C6942AF1F0CC5E
 delete mode 100644 id/server/doc/conf/moa-id-configuration/certs/truststore/A-Trust-nQual-03.crt
 delete mode 100644 id/server/doc/conf/moa-id-configuration/certs/truststore/IAIKTestRootCA.crt
 delete mode 100644 id/server/doc/conf/moa-id-configuration/htmlTemplates/loginFormFull.html
 delete mode 100644 id/server/doc/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html
 delete mode 100644 id/server/doc/conf/moa-id-configuration/keys/application[password].p12
 delete mode 100644 id/server/doc/conf/moa-id-configuration/keys/assertion.crt
 delete mode 100644 id/server/doc/conf/moa-id-configuration/keys/encryption.crt
 delete mode 100644 id/server/doc/conf/moa-id-configuration/keys/metadata.crt
 delete mode 100644 id/server/doc/conf/moa-id-configuration/keys/moa_idp.crt
 delete mode 100644 id/server/doc/conf/moa-id-configuration/keys/moa_idp[password].p12
 delete mode 100644 id/server/doc/conf/moa-id-configuration/keys/request.crt
 delete mode 100644 id/server/doc/conf/moa-id-configuration/mail/activation_template.html
 delete mode 100644 id/server/doc/conf/moa-id-configuration/mail/admin_template.html
 delete mode 100644 id/server/doc/conf/moa-id-configuration/mail/oa_activation_template.html
 delete mode 100644 id/server/doc/conf/moa-id-configuration/mail/rejected_template.html
 delete mode 100644 id/server/doc/conf/moa-id-configuration/mail/verification_template.html
 delete mode 100644 id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties
 delete mode 100644 id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE.xml
 delete mode 100644 id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml
 delete mode 100644 id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_EN.xml
 delete mode 100644 id/server/doc/conf/moa-id-oa/keys/Metadata_Signing.cer
 delete mode 100644 id/server/doc/conf/moa-id-oa/keys/application[password].p12
 delete mode 100644 id/server/doc/conf/moa-id-oa/keys/assertion.crt
 delete mode 100644 id/server/doc/conf/moa-id-oa/keys/encryption.crt
 delete mode 100644 id/server/doc/conf/moa-id-oa/keys/metadata.crt
 delete mode 100644 id/server/doc/conf/moa-id-oa/keys/moa_idp.crt
 delete mode 100644 id/server/doc/conf/moa-id-oa/oa.properties
 delete mode 100644 id/server/doc/conf/moa-id-proxy/MOAIDConfiguration.xml
 delete mode 100644 id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_debug.jsp
 delete mode 100644 id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_empty.jsp
 delete mode 100644 id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_debug.jsp
 delete mode 100644 id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_empty.jsp
 delete mode 100644 id/server/doc/conf/moa-id/MOAIdentities.xsd
 delete mode 100644 id/server/doc/conf/moa-id/SLTemplates/template_handyBKU.html
 delete mode 100644 id/server/doc/conf/moa-id/SLTemplates/template_localBKU.html
 delete mode 100644 id/server/doc/conf/moa-id/SLTemplates/template_onlineBKU.html
 delete mode 100644 id/server/doc/conf/moa-id/SampleIdentities.xml
 delete mode 100644 id/server/doc/conf/moa-id/certs/ca-certs/A-Trust-nQual-03.cer
 delete mode 100644 id/server/doc/conf/moa-id/certs/ca-certs/a-sign-SSL-03.cer
 delete mode 100644 id/server/doc/conf/moa-id/certs/ca-certs/gateway.stammzahlenregister.gv.at.cer
 delete mode 100644 id/server/doc/conf/moa-id/certs/ca-certs/szrgw.egiz.gv.at.crt
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696
 delete mode 100644 id/server/doc/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C
 delete mode 100644 id/server/doc/conf/moa-id/htmlTemplates/loginFormFull.html
 delete mode 100644 id/server/doc/conf/moa-id/htmlTemplates/sendAssertionFormFull.html
 delete mode 100644 id/server/doc/conf/moa-id/htmlTemplates/slo_template.html
 delete mode 100644 id/server/doc/conf/moa-id/keys/assertion.crt
 delete mode 100644 id/server/doc/conf/moa-id/keys/encryption.crt
 delete mode 100644 id/server/doc/conf/moa-id/keys/metadata.crt
 delete mode 100644 id/server/doc/conf/moa-id/keys/moa_idp[password].p12
 delete mode 100644 id/server/doc/conf/moa-id/keys/storkDemoKeys.jks
 delete mode 100644 id/server/doc/conf/moa-id/log4j.properties
 delete mode 100644 id/server/doc/conf/moa-id/moa-id.properties
 delete mode 100644 id/server/doc/conf/moa-id/monitoring/MOA-ID-Auth_Monitoring.crt
 delete mode 100644 id/server/doc/conf/moa-id/monitoring/monitoring_idl.xml
 delete mode 100644 id/server/doc/conf/moa-id/oa/BasicOAConfiguration.xml
 delete mode 100644 id/server/doc/conf/moa-id/oa/HeaderOAConfiguration.xml
 delete mode 100644 id/server/doc/conf/moa-id/oa/ParamOAConfiguration.xml
 delete mode 100644 id/server/doc/conf/moa-id/oa/SampleOAConfiguration.xml
 delete mode 100644 id/server/doc/conf/moa-id/oa/SamplewbPKOAConfiguration.xml
 delete mode 100644 id/server/doc/conf/moa-id/stork/SamlEngine.xml
 delete mode 100644 id/server/doc/conf/moa-id/stork/SignModule_incoming.xml
 delete mode 100644 id/server/doc/conf/moa-id/stork/SignModule_incoming_attr.xml
 delete mode 100644 id/server/doc/conf/moa-id/stork/SignModule_outgoing.xml
 delete mode 100644 id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
 delete mode 100644 id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming.xml
 delete mode 100644 id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml
 delete mode 100644 id/server/doc/conf/moa-id/stork/StorkSamlEngine_outgoing.xml
 delete mode 100644 id/server/doc/conf/moa-id/stork/storkDemoKeysPT.jks
 delete mode 100644 id/server/doc/conf/moa-id/stork/storkDemoKeys_minividp_old.jks
 delete mode 100644 id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE.xml
 delete mode 100644 id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml
 delete mode 100644 id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_EN.xml
 delete mode 100644 id/server/doc/conf/moa-spss/SampleMOASPSSConfiguration.xml
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer
 delete mode 100644 id/server/doc/conf/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt
 delete mode 100644 id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE.xml
 delete mode 100644 id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE_2.0.xml
 delete mode 100644 id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml
 delete mode 100644 id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1.der
 delete mode 100644 id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1[pwd=kunde1].p12
 delete mode 100644 id/server/doc/conf/moa-spss/sslKeys/customer1/trustedServers[pwd=servers].keystore
 delete mode 100644 id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2.der
 delete mode 100644 id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2[pwd=kunde2].p12
 delete mode 100644 id/server/doc/conf/moa-spss/sslKeys/customer2/trustedServers[pwd=servers].keystore
 delete mode 100644 id/server/doc/conf/moa-spss/sslKeys/server/moa-ssl-server.der
 delete mode 100644 id/server/doc/conf/moa-spss/sslKeys/tomcat/tomcat[pwd=server].keystore
 delete mode 100644 id/server/doc/conf/moa-spss/sslKeys/tomcat/trustedClients[pwd=clients].keystore
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/ES_C-PEPS_Test.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/IT_C-PEPS_Test.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/PT_C-PEPS_Test.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/SI_C-PEPS_Test.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/ES_C-PEPS.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/IT_C-PEPS.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/PT_C-PEPS.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/SI_C-PEPS.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/EGIZ_Test_CA_-_User.20070829-20140101.SerNo00.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Premium-Test-Sig-02.20041227-20141201.SerNo00b5ac.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-Qual-01a.20041117-20141117.SerNo00da88.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-nQual-01a.20041117-20080630.SerNo00da8b.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/EGIZ_Test_CA_-_Signaturdienst.20070829-20140101.SerNo02.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-02.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-02.cer
 delete mode 100644 id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer

diff --git a/id/assembly-auth.xml b/id/assembly-auth.xml
index 370fbc32b..3e50bb300 100644
--- a/id/assembly-auth.xml
+++ b/id/assembly-auth.xml
@@ -15,6 +15,7 @@
 			<outputDirectory>/</outputDirectory>
 			<excludes>
 				<exclude>**/conf/Catalina/**</exclude>
+				<exclude>${basedir}/id/server/data/deploy/conf/moa-id-proxy/**</exclude>
 			</excludes>
 		</fileSet>
 		<fileSet>
@@ -38,6 +39,13 @@
 				<exclude>${basedir}/id/server/doc/proxy/**</exclude>
 			</excludes>
 		</fileSet>
+		<fileSet>
+			<directory>${basedir}/id/server/data/deploy/conf</directory>
+			<outputDirectory>/doc/conf</outputDirectory>
+			<excludes>
+				<exclude>${basedir}/id/server/data/deploy/conf/moa-id-proxy/**</exclude>
+			</excludes>
+		</fileSet>				
 		<fileSet>
 			<directory>${basedir}/id</directory>
 			<outputDirectory>/</outputDirectory>
diff --git a/id/server/doc/conf/Catalina/localhost/proxy.xml b/id/server/doc/conf/Catalina/localhost/proxy.xml
deleted file mode 100644
index eef60b953..000000000
--- a/id/server/doc/conf/Catalina/localhost/proxy.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<!--
-
-    Context configuration file for the MOA-Proxy App
-
-    aus einer Tomcat 4.x.xx server.xml Datei:
-    <Context path="" docBase="../moa-id-proxy.war" debug="0"/>
-
--->
-<Context path="" docBase="${catalina.base}/webappsProxy/moa-id-proxy.war" privileged="true"
-
-         antiResourceLocking="false" antiJARLocking="false">
-
-<!--
-<ResourceLink name="users" global="UserDatabase"
-                type="org.apache.catalina.UserDatabase"/>
--->
-
-  <!-- Uncomment this Valve to limit access to the Admin app to localhost
-   for obvious security reasons. Allow may be a comma-separated list of
-   hosts (or even regular expressions).
-  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
-    allow="127.0.0.1"/>
-  -->
-
-</Context>
diff --git a/id/server/doc/conf/moa-id-configuration/certs/certstore/0ED5CDAFA436F005D3F8351F242765C0B56DE4A3/60916A7AFE1F0EA965ECC9375BE974971B5DC1E6 b/id/server/doc/conf/moa-id-configuration/certs/certstore/0ED5CDAFA436F005D3F8351F242765C0B56DE4A3/60916A7AFE1F0EA965ECC9375BE974971B5DC1E6
deleted file mode 100644
index dfe7072c1..000000000
Binary files a/id/server/doc/conf/moa-id-configuration/certs/certstore/0ED5CDAFA436F005D3F8351F242765C0B56DE4A3/60916A7AFE1F0EA965ECC9375BE974971B5DC1E6 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id-configuration/certs/certstore/1BC54FCD10AC931CD35BDBDCD622330B06FF615E/C200667FF6D7CD3CD371EB2FD6A8E741D5D3EA28 b/id/server/doc/conf/moa-id-configuration/certs/certstore/1BC54FCD10AC931CD35BDBDCD622330B06FF615E/C200667FF6D7CD3CD371EB2FD6A8E741D5D3EA28
deleted file mode 100644
index 38c2de589..000000000
Binary files a/id/server/doc/conf/moa-id-configuration/certs/certstore/1BC54FCD10AC931CD35BDBDCD622330B06FF615E/C200667FF6D7CD3CD371EB2FD6A8E741D5D3EA28 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id-configuration/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 b/id/server/doc/conf/moa-id-configuration/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2
deleted file mode 100644
index 33e776369..000000000
Binary files a/id/server/doc/conf/moa-id-configuration/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id-configuration/certs/certstore/844A1479AD61EA2C122DA87572364FDB6EFF5F81/0BB438D6E2D13BE3FD8CF0807BD560D3CB5C4A98 b/id/server/doc/conf/moa-id-configuration/certs/certstore/844A1479AD61EA2C122DA87572364FDB6EFF5F81/0BB438D6E2D13BE3FD8CF0807BD560D3CB5C4A98
deleted file mode 100644
index e13546c72..000000000
Binary files a/id/server/doc/conf/moa-id-configuration/certs/certstore/844A1479AD61EA2C122DA87572364FDB6EFF5F81/0BB438D6E2D13BE3FD8CF0807BD560D3CB5C4A98 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id-configuration/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 b/id/server/doc/conf/moa-id-configuration/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22
deleted file mode 100644
index a699436ca..000000000
Binary files a/id/server/doc/conf/moa-id-configuration/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id-configuration/certs/certstore/C15B362B586F7D6FE99A08C386E6DEAC7C0B93BC/BECE82B2F908174E2379652769C6942AF1F0CC5E b/id/server/doc/conf/moa-id-configuration/certs/certstore/C15B362B586F7D6FE99A08C386E6DEAC7C0B93BC/BECE82B2F908174E2379652769C6942AF1F0CC5E
deleted file mode 100644
index c3363a922..000000000
Binary files a/id/server/doc/conf/moa-id-configuration/certs/certstore/C15B362B586F7D6FE99A08C386E6DEAC7C0B93BC/BECE82B2F908174E2379652769C6942AF1F0CC5E and /dev/null differ
diff --git a/id/server/doc/conf/moa-id-configuration/certs/truststore/A-Trust-nQual-03.crt b/id/server/doc/conf/moa-id-configuration/certs/truststore/A-Trust-nQual-03.crt
deleted file mode 100644
index 23ddad0bd..000000000
--- a/id/server/doc/conf/moa-id-configuration/certs/truststore/A-Trust-nQual-03.crt
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDzzCCAregAwIBAgIDAWweMA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
-dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTA1MDgxNzIyMDAw
-MFoXDTE1MDgxNzIyMDAwMFowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
-dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
-ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
-EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
-lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
-znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
-2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
-k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
-2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
-VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
-AQEAVdRU0VlIXLOThaq/Yy/kgM40ozRiPvbY7meIMQQDbwvUB/tOdQ/TLtPAF8fG
-KOwGDREkDg6lXb+MshOWcdzUzg4NCmgybLlBMRmrsQd7TZjTXLDR8KdCoLXEjq/+
-8T/0709GAHbrAvv5ndJAlseIOrifEXnzgGWovR/TeIGgUUw3tKZdJXDRZslo+S4R
-FGjxVJgIrCaSD96JntT6s3kr0qN51OyLrIdTaEJMUVF0HhsnLuP1Hyl0Te2v9+GS
-mYHovjrHF1D2t8b8m7CKa9aIA5GPBnc6hQLdmNVDeD/GMBWsm2vLV7eJUYs66MmE
-DNuxUCAKGkq6ahq97BvIxYSazQ==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-configuration/certs/truststore/IAIKTestRootCA.crt b/id/server/doc/conf/moa-id-configuration/certs/truststore/IAIKTestRootCA.crt
deleted file mode 100644
index 765d61e8e..000000000
--- a/id/server/doc/conf/moa-id-configuration/certs/truststore/IAIKTestRootCA.crt
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDbDCCAlSgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMRowGAYDVQQDExFJQUlL
-IFRlc3QgUm9vdCBDQTENMAsGA1UEChMESUFJSzENMAsGA1UEBxMER3JhejELMAkG
-A1UEBhMCQVQwHhcNMDgwMTE0MTc1MzA3WhcNMTgwMTE0MTc1MzA3WjBHMRowGAYD
-VQQDExFJQUlLIFRlc3QgUm9vdCBDQTENMAsGA1UEChMESUFJSzENMAsGA1UEBxME
-R3JhejELMAkGA1UEBhMCQVQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQC6KO6ltDC+smJsFFYz8cjB3BwFg97ZSi/xplSPYRAc/UJfWmXMUksIQ/74mMtr
-XvZCykYckiZTU19pFPf+GzHesp8PgQPScfEHVpLbXAeMrg5zZLInz0dhwBRkeZUb
-4wFcn4kaQODoGqi9gxpCqDQEc/lZp2rULgxwZWu9WYTmXps+wl7EPAUkCF3vI6jp
-8ZvEZ3uUtZycee5biRbzSs25/vtUyumrPKBGNiK1nSIoHmWpXWUZvRP44Wxmen6k
-AT9UV3SVUt1mPDb2ofsVbUtUoUE6QgiMNfhr66cXL6fZpS8/+h6T9oZncsEXz7ii
-4ZiezsSS/8ZwYelsjMoZOyhnAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBxjAPBgNV
-HRMBAf8EBTADAQH/MB0GA1UdDgQWBBSQlsST3+0l+oqAodh9XJCXAonZdDAfBgNV
-HSMEGDAWgBSQlsST3+0l+oqAodh9XJCXAonZdDANBgkqhkiG9w0BAQUFAAOCAQEA
-hjb8n4zLRS8KVANvTj5P0RfzFsXHsJFWoHv5lH5HETi5tkX/YD1AdDTLfV6GihmL
-Wn5hDT4owhw6moz8Q1H1X1N+3FZyzIrP96T1hoXbUTxcmc3Vt7wl+IsUA4fg5kfn
-WXn+93NFYQMd/iZOz/ByhEIiG022eRsSYkzm+Fl674k/eukPZCeCETlIMjpUGkEO
-ASws3KB98GyLG8SJ+7nssdol6rlL8agnz8iqTxGrqgYjkzb8uTKPMrxZ8tCUskSP
-uJHuDXdUJXACgOdZqTU6hdV+S/m2BeIj7+q8B7XWaivnsla5q/RWA1EoyAfWW54x
-iBGgBJ14RnNU0QKr0o9m8A==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-configuration/htmlTemplates/loginFormFull.html b/id/server/doc/conf/moa-id-configuration/htmlTemplates/loginFormFull.html
deleted file mode 100644
index ef070b8eb..000000000
--- a/id/server/doc/conf/moa-id-configuration/htmlTemplates/loginFormFull.html
+++ /dev/null
@@ -1,846 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
-
-   <!-- MOA-ID 2.x BKUSelection Layout CSS -->               
-    <style type="text/css">
-			@media screen and (min-width: 650px) {
-			
-				body {
-					margin:0;
-					padding:0;
-					color : #000;
-					background-color : #fff;
-			  	text-align: center;
-			  	background-color: #6B7B8B;
-				}
-				
-        #localBKU p {
-          font-size: 0.7em;
-        } 
-        
-        #localBKU input{
-          font-size: 0.7em;
-          /*border-radius: 5px;*/
-        }
-        
-         #bkuselectionarea input[type=button] {
-          font-size: 0.85em;
-          /*border-radius: 7px;*/
-          margin-bottom: 25px;
-          min-width: 80px;
-         }
-        
-        #mandateLogin {
-          font-size: 0.85em;
-        }
-        
-        #bku_header h2 {
-          font-size: 0.8em;
-        } 
-        
-        
-			  #page {
-			    display: block;
-			    border: 2px solid rgb(0,0,0);
-			    width: 650px;
-			    height: 460px;
-			    margin: 0 auto;
-			    margin-top: 5%;
-			    position: relative;
-			    border-radius: 25px;
-			    background: rgb(255,255,255);
-			  }
-			  
-			  #page1 {
-			    text-align: center;
-			  }
-			  
-			  #main {
-			    /*	clear:both; */
-				  position:relative;
-			    margin: 0 auto;
-			    width: 250px;
-			    text-align: center;
-			  }
-			  
-			  .OA_header {
-			/*	  background-color: white;*/
-			    font-size: 20pt;
-			    margin-bottom: 25px;
-			    margin-top: 25px;
-			  }
-			
-			  #leftcontent {
-			    /*float:left; */
-				  width:250px;
-				  margin-bottom: 25px;
-			    text-align: left;
-			    border: 1px solid rgb(0,0,0);
-			  }
-			  			  
-			  #selectArea {
-				 font-size: 15px;
-				 padding-bottom: 65px;
-			  }
-			
-			  #leftcontent {
-				 width: 300px;
-				 margin-top: 30px;
-			  }
-			
-        #bku_header {
-          height: 5%;
-          padding-bottom: 3px;
-          padding-top: 3px;
-        }
-      
-        #bkulogin {
-				  overflow:hidden;	
-          min-width: 190px;
-          min-height: 180px;
-          /*height: 260px;*/	
-			  }
-      
-        h2#tabheader{
-				  font-size: 1.1em; 
-          padding-left: 2%;
-          padding-right: 2%;
-          position: relative;
-			  }
-      	
-        #stork h2 {
-          font-size: 1.0em;
-          margin-bottom: 2%;
-        }
-        		  
-			  .setAssertionButton_full {
-			  	background: #efefef;
-				  cursor: pointer;
-				  margin-top: 15px;
-			    width: 100px;
-			    height: 30px
-			  }
-			
-			  #leftbutton  {
-				 width: 30%; 
-				 float:left; 
-				 margin-left: 40px;
-			  }
-			
-			  #rightbutton {
-				 width: 30%; 
-				 float:right; 
-				 margin-right: 45px; 
-				 text-align: right;
-			  }
-        
-        button {
-          height: 25px;
-          width: 75px;
-          margin-bottom: 10px;
-        }
-        
-       #validation {
-        position: absolute;
-        bottom: 0px;
-        margin-left: 270px;
-        padding-bottom: 10px;
-      }
-			
-			}
-
-      @media screen and (max-width: 205px) {
-        #localBKU p {
-          font-size: 0.6em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.6em;
-          min-width: 60px;
-         /* max-width: 65px; */
-          min-height: 1.0em;
-         /* border-radius: 5px; */
-        }
-        
-        #bkuselectionarea input[type=button] {
-          font-size: 0.7em;
-          min-width: 55px;
-          /*min-height: 1.1em;
-          border-radius: 5px;*/
-          margin-bottom: 2%
-        }
-        
-        #mandateLogin {
-          font-size: 0.65em;
-        }
-        
-        #bku_header h2 {
-          font-size: 0.8em;
-          margin-top: -0.4em;
-          padding-top: 0.4em;
-        }
-        
-        #bkulogin {
-        min-height: 150px;
-        } 
-      }
-
-      @media screen and (max-width: 249px) and (min-width: 206px) {
-        #localBKU p {
-          font-size: 0.7em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.7em;
-          min-width: 70px;
-       /*    max-width: 75px;    */
-          min-height: 0.95em;
-        /*  border-radius: 6px;    */
-        }
-        
-        #bkuselectionarea input[type=button] {
-          font-size: 0.75em;
-          min-width: 60px;
-      /*    min-height: 0.95em;
-          border-radius: 6px;    */
-          margin-bottom: 5%
-        }
-        
-        #mandateLogin {
-          font-size: 0.75em;
-        }
-        
-        #bku_header h2 {
-          font-size: 0.9em;
-          margin-top: -0.45em;
-          padding-top: 0.45em;
-        }
-        
-        #bkulogin {
-          min-height: 180px;
-        }  
-      }
-
-      @media screen and (max-width: 299px) and (min-width: 250px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.8em;
-          min-width: 70px;
-       /*    max-width: 75px;      */
-      /*    border-radius: 6px;  */
-        }
-        
-        #bkuselectionarea input[type=button] {
-          font-size: 0.85em;
-     /*     min-height: 1.05em;
-          border-radius: 7px;        */
-          margin-bottom: 10%;
-        }
-        
-        #mandateLogin {
-          font-size: 1em;
-        }
-        
-        #bku_header h2 {
-          font-size: 1.0em;
-          margin-top: -0.50em;
-          padding-top: 0.50em;
-        } 
-      }
-
-      @media screen and (max-width: 399px) and (min-width: 300px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.8em;
-          min-width: 70px;
-      /*     max-width: 75px;     */
-      /*    border-radius: 6px;       */
-        }
-        
-        #bkuselectionarea input[type=button] {
-          font-size: 0.9em;
-   /*       min-height: 1.2em;
-          border-radius: 8px;          */
-          margin-bottom: 10%;
-          max-width: 80px;
-        }
-        
-        #mandateLogin {
-          font-size: 1em;
-        }
-        
-        #bku_header h2 {
-          font-size: 1.1em;
-          margin-top: -0.55em;
-          padding-top: 0.55em;
-        } 
-      }
-      
-      @media screen and (max-width: 649px) and (min-width: 400px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.8em;
-          min-width: 70px;
-      /*     max-width: 80px;       */
-     /*     border-radius: 6px;          */
-        }
-        
-        #bkuselectionarea input[type=button] {
-          font-size: 1.0em;
-     /*      min-height: 1.3em;
-         border-radius: 10px;         */
-          margin-bottom: 10%;
-          max-width: 85px;
-        }
-        
-        #mandateLogin {
-          font-size: 1.2em;
-        }
-        
-        #bku_header h2 {
-          font-size: 1.3em;
-          margin-top: -0.65em;
-          padding-top: 0.65em;
-        } 
-      }
-
-
-			
-			@media screen and (max-width: 649px) {
-				
-        body {
-					margin:0;
-					padding:0;
-					color : #000;
-			  	text-align: center;
-          font-size: 100%;
-			  	background-color: #MAIN_BACKGOUNDCOLOR#;
-				}
-        				
-			  #page {
-			     visibility: hidden;
-			     margin-top: 0%;
-			  }
-			  
-			  #page1 {
-			    visibility: hidden;
-			  }
-			  
-			  #main {
-			    visibility: hidden;
-			  }
-        
-        #validation {
-          visibility: hidden;
-          display: none;
-        }
-			  
-			  .OA_header {
-			    margin-bottom: 0px;
-			    margin-top: 0px;
-			    font-size: 0pt;
-			    visibility: hidden;
-			  }
-			
-			  #leftcontent {
-			    visibility: visible;
-			    margin-bottom: 0px;
-			    text-align: left;
-			    border:none;
-          vertical-align: middle;
-          min-height: 173px;
-          min-width: 204px;
-          
-			  }
-			  
-        #bku_header {
-          height: 10%;
-          min-height: 1.2em;
-          margin-top: 1%;
-        }
-        
-        h2#tabheader{
-          padding-left: 2%;
-          padding-right: 2%;
-          position: relative;
-          top: 50%;
-			  }
-        
-        #stork h2 {
-          font-size: 0.9em;
-          margin-bottom: 2%;
-        }
-        
-       	#bkulogin {	
-          min-width: 190px;
-          min-height: 155px;	
-			 }
-        
-			 .setAssertionButton_full {
-			     	background: #efefef;
-				    cursor: pointer;
-				    margin-top: 15px;
-			      width: 70px;
-			      height: 25px;
-			 }
-       
-        input[type=button] {
-/*          height: 11%;  */
-          width: 70%;
-        }
-			}
-			      
-			* {
-				margin: 0;
-				padding: 0;
-        font-family: #FONTTYPE#;
-			}
-							      			
-			#selectArea {
-				padding-top: 10px;
-				padding-bottom: 55px;
-				padding-left: 10px;
-			}
-			
-			.setAssertionButton {
-				background: #efefef;
-				cursor: pointer;
-				margin-top: 15px;
-			  width: 70px;
-			  height: 25px;
-			}
-			
-			#leftbutton  {
-				width: 35%; 
-				float:left; 
-				margin-left: 15px;
-			}
-			
-			#rightbutton {
-				width: 35%; 
-				float:right; 
-				margin-right: 25px; 
-				text-align: right;
-			}
-			
-			#stork {
-			    /*margin-bottom: 10px;*/
-			   /* margin-top: 5px; */
-			}
-      			
-      #mandateLogin {
-        padding-bottom: 4%;
-        padding-top: 4%;
-        height: 10%;
-        position: relative;
-        text-align: center;
-			}
-      
-      .verticalcenter {
-        vertical-align: middle;
-      }
-      
-      #mandateLogin div {
-        clear: both;
-        margin-top: -1%;
-        position: relative;
-        top: 50%;
-      }
-      
-      #bkuselectionarea {
-          position: relative;
-          display: block;
-      }
-      
-      #localBKU {
-        padding-left: 5%;
-        padding-right: 2%;
-        padding-bottom: 4%;
-        /*padding-top: 4%;*/
-        position: relative;
-        clear: both;        
-			}
-          			
-			#bkukarte {
-				float:left;
-				text-align:center;
-				width:40%;
-        min-height: 70px;
-        padding-left: 5%;
-        padding-top: 2%;
-			}
-			
-			#bkuhandy {
-				float:right;
-				text-align:center;
-				width:40%;
-        min-height: 90px;
-        padding-right: 5%;
-        padding-top: 2%;
-			}
-			
-      .bkuimage {
-        width: 90%;
-        height: auto;
-      }
-      
-			#mandate{
-				text-align:center;
-				padding : 5px 5px 5px 5px;
-			}
-      
-/*		input[type=button], .sendButton {
-				background: #BUTTON_BACKGROUNDCOLOR#;
-        color: #BUTTON_COLOR#;
-/*				border:1px solid #000;  */
-/*				cursor: pointer;
-/*        box-shadow: 3px 3px 3px #222222;  */
-/*			}
-			
-/*      button:hover, button:focus, button:active, 
-      .sendButton:hover , .sendButton:focus, .sendButton:active,
-      #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active {
-				background: #BUTTON_BACKGROUNDCOLOR_FOCUS#;
-        color: #BUTTON_COLOR#;
-/*				border:1px solid #000;                */
-/*				cursor: pointer;
-/*        box-shadow: -1px -1px 3px #222222;  */
-/*			}
-      
-*/      
-			input {
-				/*border:1px solid #000;*/
-				cursor: pointer;
-			}
-      
-      #localBKU input {
-/*        color: #BUTTON_COLOR#;  */
-        border: 0px;
-        display: inline-block;
-        
-      }
-			
-      #localBKU input:hover, #localBKU input:focus, #localBKU input:active {
-        text-decoration: underline;
-      }
-      
-			#installJava, #BrowserNOK {
-				clear:both;
-				font-size:0.8em;
-				padding:4px;
-			}
-						
-			.selectText{
-			
-			}
-			
-			.selectTextHeader{
-			
-			}
-			
-			.sendButton {
-        width: 30%;
-        margin-bottom: 1%;	
-			}
-			
-			#leftcontent a {
-				text-decoration:none; 
-				color: #000;
-			/*	display:block;*/
-				padding:4px;	
-			}
-			
-			#leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active {
-				text-decoration:underline;
-				color: #000;	
-			}
-						
-			.infobutton {
-				background-color: #005a00;
-				color: white;
-				font-family: serif;
-				text-decoration: none;
-				padding-top: 2px;
-				padding-right: 4px;
-				padding-bottom: 2px;
-				padding-left: 4px;
-				font-weight: bold;
-			}
-			
-			.hell {
-				background-color : #MAIN_BACKGOUNDCOLOR#;
-        color: #MAIN_COLOR#;	
-			}
-			
-			.dunkel {
-				background-color: #HEADER_BACKGROUNDCOLOR#;
-        color: #HEADER_COLOR#;
-			}
-			      
-			.main_header {
-			   color: black;
-			    font-size: 32pt;
-			    position: absolute;
-			    right: 10%;
-			    top: 40px;
-				
-			}
-      			                        
-    </style>       
-<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions-->
-<script type="text/javascript">
-		function isIE() {
-			return (/MSIE (\d+\.\d+);/.test(navigator.userAgent));
-		}
-		function isFullscreen() {
-			try {
-				return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height));
-			} catch (e) {
-				return false;
-			}
-		}
-		function isActivexEnabled() {
-			var supported = null;
-			try {
-				supported = !!new ActiveXObject("htmlfile");
-			} catch (e) {
-				supported = false;
-			}
-			return supported;
-		}
-		function isMetro() {
-			if (!isIE())
-				return false;
-			return !isActivexEnabled() && isFullscreen();
-		}
-		window.onload=function() {
-			document.getElementById("localBKU").style.display="block";
-			return;
-		}
-    function bkuLocalClicked() {
-       setMandateSelection();
-    }
-    
-		function bkuOnlineClicked() {
-			if (isMetro())
-				document.getElementById("metroDetected").style.display="block";
-			document.getElementById("localBKU").style.display="block";
-/* 			if (checkMandateSSO())
-				return; */
-			
-			setMandateSelection();
-/* 			setSSOSelection(); */
-						
-			var iFrameURL = "#AUTH_URL#" + "?";
-			iFrameURL += "bkuURI=" + "#ONLINE#";
-			iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
-/* 			iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
-			iFrameURL += "&MODUL=" + "#MODUL#";
-			iFrameURL += "&ACTION=" + "#ACTION#";
-			iFrameURL += "&MOASessionID=" + "#SESSIONID#";
-			generateIFrame(iFrameURL);
-		}
-		function bkuHandyClicked() {
-			document.getElementById("localBKU").style.display="none";
-/* 			if (checkMandateSSO())
-				return; */
-			
-			setMandateSelection();
-/* 			setSSOSelection(); */
-			
-			var iFrameURL = "#AUTH_URL#" + "?";
-			iFrameURL += "bkuURI=" + "#HANDY#";
-			iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
-/* 			iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
-			iFrameURL += "&MODUL=" + "#MODUL#";
-			iFrameURL += "&ACTION=" + "#ACTION#";
-			iFrameURL += "&MOASessionID=" + "#SESSIONID#";
-			generateIFrame(iFrameURL);
-		}
-		function storkClicked() {
-			document.getElementById("localBKU").style.display="none"; 
-/* 			if (checkMandateSSO())
-				return; */
-			
-			setMandateSelection();
-/* 			setSSOSelection(); */
-			
-			var ccc = "AT";
-			var countrySelection = document.getElementById("cccSelection");
-			if (countrySelection !=  null) {
-				ccc = document.getElementById("cccSelection").value;
-			}
-			var iFrameURL = "#AUTH_URL#" + "?";
-			iFrameURL += "bkuURI=" + "#ONLINE#";
-			iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
-			iFrameURL += "&CCC=" + ccc;
-/* 			iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
-			iFrameURL += "&MODUL=" + "#MODUL#";
-			iFrameURL += "&ACTION=" + "#ACTION#";
-			iFrameURL += "&MOASessionID=" + "#SESSIONID#";
-			generateIFrame(iFrameURL);
-		}
-		function generateIFrame(iFrameURL) {
-			var el = document.getElementById("bkulogin");
-      var width = el.clientWidth;
-      var heigth = el.clientHeight - 20;
-			var parent = el.parentNode;
-            
-      iFrameURL += "&heigth=" + heigth;
-      iFrameURL += "&width=" + width;
-      
-			var iframe = document.createElement("iframe");
-			iframe.setAttribute("src", iFrameURL);
-			iframe.setAttribute("width", el.clientWidth - 1);
-			iframe.setAttribute("height", el.clientHeight - 1);
-			iframe.setAttribute("frameborder", "0");
-			iframe.setAttribute("scrolling", "no");
-			iframe.setAttribute("title", "Login");
-			parent.replaceChild(iframe, el);
-		}
-		function setMandateSelection() {
-			document.getElementById("moaidform").action = "#AUTH_URL#";
-			document.getElementById("useMandate").value = "false";
-			var checkbox = document.getElementById("mandateCheckBox");
-			if (checkbox !=  null) {
-				if (document.getElementById("mandateCheckBox").checked) {
-					document.getElementById("useMandate").value = "true";
-				}
-			}
-		}
-		function onChangeChecks() {
-      if (top.innerWidth < 650) {
-         document.getElementById("moaidform").setAttribute("target","_parent");
-      } else {
-         document.getElementById("moaidform").removeAttribute("target");
-      }
-      
-    }
-/* 		function setSSOSelection() {
-			document.getElementById("useSSO").value = "false";
-			var checkbox = document.getElementById("SSOCheckBox");
-			if (checkbox !=  null) {
-				if (document.getElementById("SSOCheckBox").checked) {
-					document.getElementById("useSSO").value = "true";
-				}
-			}
-		} */
-		
-/* 		function checkMandateSSO() {
-			var sso = document.getElementById("SSOCheckBox");
-			var mandate = document.getElementById("mandateCheckBox");
-			
-			
-			if (sso.checked && mandate.checked) {
-				alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!")
-				mandate.checked = false;
-				sso.checked = false;
-				return true;
-			} else {
-				return false;
-			}
-		} */
-	</script>
-<title>Anmeldung mittels Bürgerkarte oder Handy-Signatur</title>
-</head>
-<body onload="onChangeChecks();" onresize="onChangeChecks();">
-	<div id="page">
-		<div id="page1" class="case selected-case" role="main">
-			<h2 class="OA_header" role="heading">Anmeldung an: #OAName#</h2>
-			<div id="main">
-				<div id="leftcontent" class="hell" role="application">
-					<div id="bku_header" class="dunkel">
-						<h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2>
-					</div>
-					<div id="bkulogin" class="hell" role="form">
-						<div id="mandateLogin" style="">
-							<div>
-								<input tabindex="1" type="checkbox" name="Mandate"
-									id="mandateCheckBox" class="verticalcenter" role="checkbox"
-									onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'#MANDATECHECKED#>
-								<label for="mandateCheckBox" class="verticalcenter">in
-									Vertretung anmelden</label>
-								<!--a      href="info_mandates.html" 
-                        target="_blank"
-                        class="infobutton verticalcenter" 
-                        tabindex="5">i</a-->
-							</div>
-						</div>
-						<div id="bkuselectionarea">
-							<div id="bkukarte">
-								<img class="bkuimage" src="#CONTEXTPATH#/img/online-bku.png"
-									alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button"
-									onClick="bkuOnlineClicked();" tabindex="2" role="button"
-									value="Karte" />
-							</div>
-							<div id="bkuhandy">
-								<img class="bkuimage" src="#CONTEXTPATH#/img/mobile-bku.png"
-									alt="HandyBKU" /> <input name="bkuButtonHandy" type="button"
-									onClick="bkuHandyClicked();" tabindex="3" role="button"
-									value="HANDY" />
-							</div>
-						</div>
-						<div id="localBKU">
-							<form method="get" id="moaidform" action="#AUTH_URL#"
-								class="verticalcenter" target="_parent">
-								<input type="hidden" name="bkuURI" value="#LOCAL#"> <input
-									type="hidden" name="useMandate" id="useMandate"> <input
-									type="hidden" name="SSO" id="useSSO"> <input
-									type="hidden" name="CCC" id="ccc"> <input type="hidden"
-									name="MODUL" value="#MODUL#"> <input type="hidden"
-									name="ACTION" value="#ACTION#"> <input type="hidden"
-									name="MOASessionID" value="#SESSIONID#"> 
-                  <input type="submit" value=">lokale Bürgerkartenumgebung" tabindex="4"
-									role="button" class="hell"
-                  onclick="setMandateSelection();"
-                  >
-								<!--p>
-                    <small>Alternativ können Sie eine lokal installierte BKU verwenden.</small>								                                  
-                  </p-->								                                  
-                </form>								                                                          
-              </div>
-              
-              <div id="stork" align="center" style="#STORKVISIBLE#">
-                <h2 id="tabheader" class="dunkel">Home Country Selection</h2>
-                <p>
-                  <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" >
-                    #PEPSLIST#
-                  </select>
-                  <button name="bkuButton" type="button" onClick="storkClicked();">Proceed</button>
-                  <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a>
-                </p>
-              </div>
-
-						<div id="metroDetected" style="display: none">
-							<p>Anscheinend verwenden Sie Internet Explorer im
-								Metro-Modus. Wählen Sie bitte "Auf dem Desktop anzeigen" aus den
-								Optionen um die Karten-Anmeldung starten zu können.</p>
-						</div>
-					</div>
-				</div>
-			</div>
-		</div>
-		<div id="validation">
-			<a href="http://validator.w3.org/check?uri="> <img
-				style="border: 0; width: 88px; height: 31px"
-				src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" />
-			</a> <a href="http://jigsaw.w3.org/css-validator/"> <img
-				style="border: 0; width: 88px; height: 31px"
-				src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
-				alt="CSS ist valide!" />
-			</a>
-		</div>
-	</div>
-</body>
-</html>
diff --git a/id/server/doc/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html b/id/server/doc/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html
deleted file mode 100644
index b80d654cc..000000000
--- a/id/server/doc/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html
+++ /dev/null
@@ -1,617 +0,0 @@
-<!DOCTYPE html> 
-<html>
-<head>
-	<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
-    <!-- MOA-ID 2.x BKUSelection Layout CSS -->               
-    <style type="text/css">
-			@media screen and (min-width: 650px) {
-			
-				body {
-					margin:0;
-					padding:0;
-					color : #000;
-					background-color : #fff;
-			  	text-align: center;
-			  	background-color: #6B7B8B;
-				}
-				
-        #localBKU p {
-          font-size: 0.7em;
-        } 
-        
-        #localBKU input{
-          font-size: 0.7em;
-          border-radius: 5px;
-        }
-        
-         #bkuselectionarea button {
-          font-size: 0.85em;
-          border-radius: 7px;
-          margin-bottom: 25px;
-         }
-        
-        #mandateLogin {
-          font-size: 0.85em;
-        }
-        
-        #bku_header h2 {
-          font-size: 0.8em;
-        } 
-        
-        
-			  #page {
-			    display: block;
-			    border: 2px solid rgb(0,0,0);
-			    width: 650px;
-			    height: 440px;
-			    margin: 0 auto;
-			    margin-top: 5%;
-			    position: relative;
-			    border-radius: 25px;
-			    background: rgb(255,255,255);
-			  }
-			  
-			  #page1 {
-			    text-align: center;
-			  }
-			  
-			  #main {
-			    /*	clear:both; */
-				  position:relative;
-			    margin: 0 auto;
-			    width: 250px;
-			    text-align: center;
-			  }
-			  
-			  .OA_header {
-			/*	  background-color: white;*/
-			    font-size: 20pt;
-			    margin-bottom: 25px;
-			    margin-top: 25px;
-			  }
-			
-			  #leftcontent {
-        	width: 300px;
-				  margin-top: 30px;
-          padding-bottom: 15px;
-				  margin-bottom: 25px;
-			    text-align: left;
-			    border: 1px solid rgb(0,0,0);
-			  }
-			  			  
-			  #selectArea {
-				 font-size: 15px;
-				 padding-bottom: 65px;
-			  }
-			 
-        #selectArea h3 {
-          margin-bottom: 25px;
-        }
-      
-        #bku_header {
-          height: 5%;
-          padding-bottom: 3px;
-          padding-top: 3px;
-        }
-      
-        #bkulogin {
-				  overflow:hidden;	
-          min-width: 190px;
-          min-height: 180px;
-          /*height: 260px;*/	
-			  }
-      
-        h2#tabheader{
-				  font-size: 1.1em; 
-          padding-left: 2%;
-          padding-right: 2%;
-          position: relative;
-			  }
-      			  
-			  .setAssertionButton_full {
-				  margin-top: 15px;
-			    width: 100px;
-			    height: 30px;
-          font-size: 1.3em;
-          min-height: 1.3em;
-/*          border-radius: 10px;*/
-			  }
-			
-			  #leftbutton  {
-				 width: 30%; 
-				 float:left; 
-				 margin-left: 40px;
-			  }
-			
-			  #rightbutton {
-				 width: 30%; 
-				 float:right; 
-				 margin-right: 45px; 
-				 text-align: right;
-			  }
-        
-        button {
-          height: 25px;
-          width: 90px;
-          margin-bottom: 10px;
-        }
-        
-       #validation {
-        position: absolute;
-        bottom: 0px;
-        margin-left: 270px;
-        padding-bottom: 10px;
-      }
-			
-			}
-
-      @media screen and (max-width: 205px) {
-        #localBKU p {
-          font-size: 0.6em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.7em;
-          min-width: 70px;
-          min-height: 1.2em;
-          border-radius: 5px;
-        }
-        
-        #bkuselectionarea button, .setAssertionButton_full {
-          font-size: 0.8em;
-          min-width: 65px;
-          min-height: 1.3em;
-  /*        border-radius: 5px;         */
-          margin-bottom: 2%
-        }
-        
-        #mandateLogin {
-          font-size: 0.65em;
-        }
-        
-        #bku_header h2, #selectArea h3 {
-          font-size: 0.8em;
-          margin-top: -0.4em;
-        } 
-      }
-
-      @media screen and (max-width: 249px) and (min-width: 206px) {
-        #localBKU p {
-          font-size: 0.7em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.85em;
-          min-width: 80px;
-          min-height: 0.95em;
-          border-radius: 6px;
-        }
-        
-        #bkuselectionarea button, .setAssertionButton_full {
-          font-size: 0.85em;
-          min-width: 70px;
-          min-height: 0.95em;
-  /*        border-radius: 6px;        */
-          margin-bottom: 2%
-        }
-        
-        #mandateLogin {
-          font-size: 0.75em;
-        }
-        
-        #bku_header h2, #selectArea h3 {
-          font-size: 0.9em;
-          margin-top: -0.45em;
-        } 
-      }
-
-      @media screen and (max-width: 299px) and (min-width: 250px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.9em;
-          min-width: 100px;
-          border-radius: 6px;
-        }
-        
-        #bkuselectionarea button, .setAssertionButton_full {
-          font-size: 1.0em;
-          min-height: 1.05em;
- /*         border-radius: 7px;          */
-          margin-bottom: 5%;
-        }
-        
-        #mandateLogin {
-          font-size: 1em;
-        }
-        
-        #bku_header h2, #selectArea h3 {
-          font-size: 1.0em;
-          margin-top: -0.50em;
-        } 
-      }
-
-      @media screen and (max-width: 399px) and (min-width: 300px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.9em;
-          min-width: 100px;
-          border-radius: 6px;
-        }
-        
-        #bkuselectionarea button, .setAssertionButton_full {
-          font-size: 1.1em;
-          min-height: 1.2em;
-  /*        border-radius: 8px;     */
-          margin-bottom: 5%;
-        }
-        
-        #mandateLogin {
-          font-size: 1em;
-        }
-        
-        #bku_header h2, #selectArea h3 {
-          font-size: 1.1em;
-          margin-top: -0.55em;
-        } 
-      }
-      
-      @media screen and (max-width: 649px) and (min-width: 400px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.9em;
-          min-width: 100px;
-          border-radius: 6px;
-        }
-        
-        #bkuselectionarea button, .setAssertionButton_full {
-          font-size: 1.3em;
-          min-height: 1.3em;
-/*          border-radius: 10px;  */
-          margin-bottom: 5%;
-        }
-        
-        #mandateLogin {
-          font-size: 1.2em;
-        }
-        
-        #bku_header h2, #selectArea h3 {
-          font-size: 1.3em;
-          margin-top: -0.65em;
-        } 
-      }
-
-
-			
-			@media screen and (max-width: 649px) {
-				
-        body {
-					margin:0;
-					padding:0;
-					color : #000;
-			  	text-align: center;
-          font-size: 100%;
-			  	background-color: #MAIN_BACKGOUNDCOLOR#;
-				}
-        				
-			  #page {
-			     visibility: hidden;
-			     margin-top: 0%;
-			  }
-			  
-			  #page1 {
-			    visibility: hidden;
-			  }
-			  
-			  #main {
-			    visibility: hidden;
-			  }
-        
-        #validation {
-          visibility: hidden;
-          display: none;
-        }
-			  
-			  .OA_header {
-			    margin-bottom: 0px;
-			    margin-top: 0px;
-			    font-size: 0pt;
-			    visibility: hidden;
-			  }
-			
-			  #leftcontent {
-			    visibility: visible;
-			    margin-bottom: 0px;
-			    text-align: left;
-			    border:none;
-          min-width: 190px;
-/*          min-height: 190px;  */
-          vertical-align: middle;
-          
-			  }
-			  
-        #bku_header {
-          height: 10%;
-          min-height: 1.2em;
-          margin-top: 1%;
-        }
-        
-        h2#tabheader{
-          padding-left: 2%;
-          padding-right: 2%;
-          padding-top: 1%;
-          position: relative;
-          top: 50%;
-			  }
-        
-       	#bkulogin {	
-          min-width: 190px;
-          min-height: 150px;	
-			 }
-        
-			 .setAssertionButton_full {
-				    margin-top: 15px;
-			      width: 70%;
-			      height: 11%;
-            min-width: 60px;
-            min-height: 25px;
-			 }
-       
-       #selectArea h3 {
-          margin-top: 2%;
-       }
-       
-        button {
-          height: 11%;
-          width: 70%;
-        }
-			}
-			      
-			* {
-				margin: 0;
-				padding: 0;
-/*				border: 0;  */
-        font-family: #FONTTYPE#;
-			}
-							      			
-			#selectArea {
-				padding-top: 10px;
-				padding-bottom: 55px;
-				padding-left: 10px;
-			}
-			
-			.setAssertionButton {
-				background: #efefef;
-				cursor: pointer;
-				margin-top: 15px;
-			  width: 70px;
-			  height: 25px;
-			}
-			
-			#leftbutton  {
-				width: 35%; 
-				float:left; 
-				margin-left: 15px;
-			}
-			
-			#rightbutton {
-				width: 35%; 
-				float:right; 
-				margin-right: 25px; 
-				text-align: right;
-			}
-			
-			#stork {
-			    margin-bottom: 10px;
-			    margin-top: 5px;
-			}
-			
-      #mandateLogin {
-        padding-bottom: 2%;
-        padding-top: 2%;
-        height: 10%;
-        position: relative;
-        text-align: center;
-			}
-      
-      .verticalcenter {
-        vertical-align: middle;
-      }
-      
-      #mandateLogin > div {
-        clear: both;
-        margin-top: -1%;
-        position: relative;
-        top: 50%;
-      }
-      
-      #bkuselectionarea {
-          position: relative;
-          display: block;
-      }
-      
-      #localBKU {
-        padding-left: 5%;
-        padding-right: 2%;
-        padding-bottom: 2%;
-        position: relative;
-        clear: both;        
-			}
-          			
-			#bkukarte {
-				float:left;
-				text-align:center;
-				width:40%;
-        min-height: 70px;
-        padding-left: 5%;
-        padding-top: 2%;
-			}
-			
-			#bkuhandy {
-				float:right;
-				text-align:center;
-				width:40%;
-        min-height: 90px;
-        padding-right: 5%;
-        padding-top: 2%;
-			}
-			
-      .bkuimage {
-        width: 90%;
-        height: auto;
-      }
-      
-			#mandate{
-				text-align:center;
-				padding : 5px 5px 5px 5px;
-			}
-			
-			button, .sendButton {
-/*				background: #BUTTON_BACKGROUNDCOLOR#;
-        color: #BUTTON_COLOR#;  */
-        cursor: pointer;
-        
-/*				border:1px solid #000;
-        box-shadow: 3px 3px 3px #222222; */
-			}
-			
-      button:hover, button:focus, button:active, 
-      .sendButton:hover , .sendButton:focus, .sendButton:active,
-      #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active {
-/*				background: #BUTTON_BACKGROUNDCOLOR_FOCUS#;
-        color: #BUTTON_COLOR#;  */        
-        cursor: pointer;
-        
-/*				border:1px solid #000;
-        box-shadow: -1px -1px 3px #222222;  */
-			}
-      			
-			#installJava, #BrowserNOK {
-				clear:both;
-				font-size:0.8em;
-				padding:4px;
-			}
-						
-			.selectText{
-			
-			}
-			
-			.selectTextHeader{
-			
-			}
-						
-			#leftcontent a {
-				text-decoration:none; 
-				color: #000;
-			/*	display:block;*/
-				padding:4px;	
-			}
-			
-			#leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active {
-				text-decoration:underline;
-				color: #000;	
-			}
-						
-			.infobutton {
-				background-color: #005a00;
-				color: white;
-				font-family: serif;
-				text-decoration: none;
-				padding-top: 2px;
-				padding-right: 4px;
-				padding-bottom: 2px;
-				padding-left: 4px;
-				font-weight: bold;
-			}
-			
-			.hell {
-				background-color : #MAIN_BACKGOUNDCOLOR#;
-        color: #MAIN_COLOR#;	
-			}
-			
-			.dunkel {
-				background-color: #HEADER_BACKGROUNDCOLOR#;
-        color: #HEADER_COLOR#;
-			}
-			      
-			.main_header {
-			   color: black;
-			    font-size: 32pt;
-			    position: absolute;
-			    right: 10%;
-			    top: 40px;
-				
-			}
-      			                        
-    </style>
-    
-    
-    <title>Anmeldung an Online-Applikation</title>   
-</head>
-
-
-<body>
-		<div id="page">
-
-			<div id="page1" class="case selected-case" role="main">
-
-<!-- 					<h2 class="OA_header">Anmeldung an: #OAName#</h2> -->
-
-					<div id="main">
-					<div id="leftcontent" class="hell">
-            <div id="bku_header" class="dunkel">
-						  <h2 id="tabheader" class="dunkel" role="heading">
-							 Anmeldeinformationen:							  
-						  </h2>
-            </div>
-					
-						<div id="selectArea" class="hell" role="application">
-							<h3>Anmeldung an: #OAName#</h3>
-					
-<!-- 						<div class="hell"> -->
-							<div id="leftbutton">
-									<form method="post" id="moaidform_yes" action="#URL#">
-										<input type="hidden" name="value" value="true">
-										<input type="hidden" name="mod" value="#MODUL#">
-								    <input type="hidden" name="action" value="#ACTION#">
-                    <input type="hidden" name="identifier" value="#ID#">
-										<input type="submit" value="Ja" class="setAssertionButton_full sendButton" role="button">
-									</form>
-							</div>
-							<div id="rightbutton">
-										<form method="post" id="moaidform_no" action="#URL#">
-										<input type="hidden" name="value" value="false">
-										<input type="hidden" name="mod" value="#MODUL#">
-								    <input type="hidden" name="action" value="#ACTION#">
-                    <input type="hidden" name="identifier" value="#ID#">
-										<input type="submit" value="Nein" class="setAssertionButton_full sendButton" role="button">
-									</form>
-							</div>
-						
-						</div>												
-					</div>
-				</div>
-		</div>
-    <div id="validation">
-        <a href="http://validator.w3.org/check?uri=">
-          <img   style="border:0;width:88px;height:31px"
-                 src="#CONTEXTPATH#/img/valid-html5-blue.png"
-                 alt="HTML5 ist valide!" />
-        </a>
-        <a href="http://jigsaw.w3.org/css-validator/">
-          <img   style="border:0;width:88px;height:31px"
-                 src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
-                 alt="CSS ist valide!" />
-        </a>
-    </div>
-	</div>
-</body>
-</html>
diff --git a/id/server/doc/conf/moa-id-configuration/keys/application[password].p12 b/id/server/doc/conf/moa-id-configuration/keys/application[password].p12
deleted file mode 100644
index 78cab1e89..000000000
Binary files a/id/server/doc/conf/moa-id-configuration/keys/application[password].p12 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id-configuration/keys/assertion.crt b/id/server/doc/conf/moa-id-configuration/keys/assertion.crt
deleted file mode 100644
index aa4e23cb1..000000000
--- a/id/server/doc/conf/moa-id-configuration/keys/assertion.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEDDCCAvSgAwIBAgIJAI6ivoxdit5XMA0GCSqGSIb3DQEBBQUAMGExCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMTEUFzc2VydGlvbiBTaWduaW5nMB4XDTE0
-MDIwNDEwNDEzOVoXDTI0MDIwMjEwNDEzOVowYTELMAkGA1UEBhMCQVQxEzARBgNV
-BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
-ZDEaMBgGA1UEAxMRQXNzZXJ0aW9uIFNpZ25pbmcwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQD5tysT9qt3zoIf6GZJP0qCO0wuAD9lS0v6IzF6lKmY2sts
-2OHjC2KX2CQWruLmA2bdxeVSX21JrcCJrLh3qzpEkBGrcaqJz2AeJ6jRamYgWa/y
-+4AADlPHJntdX3w+H/z6quCgvuylGcOhEo5Eoaef0U1cn3AR5Cu1yAtSMhnhrBU8
-upiHfpRvGx+UA55zQpctlhB8vw2i+6zvFI2MGV5cmJ56dF7IlDa+Yp6udlUhUAEn
-SKVLSiEifvnYD3F5F/yHg08zxvjU0Q2Yx/dp+gYK7obZvDtsmPRd24oo+CThhdf9
-8PHtfHew4cwUXyUiMzDYC0i4m8a4FsViryPBnjL9AgMBAAGjgcYwgcMwHQYDVR0O
-BBYEFCx2GmAN2fE3EdGbt/9tQZZFKGR6MIGTBgNVHSMEgYswgYiAFCx2GmAN2fE3
-EdGbt/9tQZZFKGR6oWWkYzBhMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29tZS1T
-dGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRowGAYDVQQD
-ExFBc3NlcnRpb24gU2lnbmluZ4IJAI6ivoxdit5XMAwGA1UdEwQFMAMBAf8wDQYJ
-KoZIhvcNAQEFBQADggEBAPIKVBFv+lGInuACtVTVfkhHp9OJWQxDaf6vxYjvqmDl
-DZ6XMQgglNRTrF1iXxWGWU+JQQWITAWFeGJ83KhFcP7jycsW3cUmwoQDmI34Zv/b
-crS0/NFug/n8hITUCBfZwpyrBXUnJrIqtPdfPXYJNN4D/XHZBJ8NeaQWg8SApJ60
-LuUIAZcFSyTiOC0qI9VlBmSpqp5rJwLnvoadNECubwuHlws0e0lTtRBNOuq0mId3
-0isb3ct7x4628JIWTH1GjuFa05YG1d6Tt0mkyfNXK2I9OYx44b9UrJIpfIDdE6E5
-ljapkxheZJuBZWjH01dgo5/Fl3OLczcWQKdSHdHREfo=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-configuration/keys/encryption.crt b/id/server/doc/conf/moa-id-configuration/keys/encryption.crt
deleted file mode 100644
index c9d94f9b6..000000000
--- a/id/server/doc/conf/moa-id-configuration/keys/encryption.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIJAMC/5DRgVin3MA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxEzARBgNVBAMTCkVuY3J5cHRpb24wHhcNMTQwMjA0MTA0
-MjA2WhcNMjQwMjAyMTA0MjA2WjBaMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29t
-ZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYD
-VQQDEwpFbmNyeXB0aW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-qgKWs3IW4giGsbAUm/wRH+lcggVpOPkNqqtNA48Qfwkq/lSWdeHp0+xXOwR1Oull
-TpmfbqJouUoHf6jCt1EXqlQR2oQ1oYYjLncVMhZ9ajXVFJEBl6tw9Em4aCzkkTdL
-HfWoh21iDnYOXTgP23/59xpuvy85O39hKnysXIcniqeb1uHthMiN25R8g4bPOQNb
-OfoMXpXdVbHxM77ZDSbk88BMRsq8SnlPdelaf8HsZomtnLKXvSDLivTZloxtHjBa
-aJNS/H1zr3HI+lq4S4VH+8ilj53OeWHjstGCFiTRtZy2hZvG2PegNIL7shMN/h4i
-h+OCn/ImAW9Kf599wve5iQIDAQABo4G/MIG8MB0GA1UdDgQWBBQzMzOrGfjN+Tnz
-zbFTyLPgHS4FkjCBjAYDVR0jBIGEMIGBgBQzMzOrGfjN+TnzzbFTyLPgHS4FkqFe
-pFwwWjELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoT
-GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDETMBEGA1UEAxMKRW5jcnlwdGlvboIJ
-AMC/5DRgVin3MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAADZoknf
-lcG0O9sL8CALO6UmPy1+ZlOXndoqqNu3uvzj7hvjT5RPY4hTyfrkUn5EqlHwLSCf
-C7rOxcGvRHT3/REwOef8H3MGdSV81esa5EbrRfGWjLOXoQFrIOhz5bxqoU0B7Obh
-3IUA2yCGz4SlXjMdMWN670ETglnthdY4z2Ot8n4E2YNXlRSubowat7ylkqjKvyaB
-Iz/RVgDxblkOK+bqPSKaNWvadItnMyh7Y8C3LD3tQpwYViJ0QOJ9BMujULma7Tb8
-lVIhmx3y2cU8nCqG0VPSTE6AMnuONuQjJTGFsRdDREFrALtjUpsUOXU6+19ywYSi
-LYiLYskPglktuck=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-configuration/keys/metadata.crt b/id/server/doc/conf/moa-id-configuration/keys/metadata.crt
deleted file mode 100644
index bd9640b37..000000000
--- a/id/server/doc/conf/moa-id-configuration/keys/metadata.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
-MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
-CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
-MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
-ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
-tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
-O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
-zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
-ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
-BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
-ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
-dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
-TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
-+uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
-p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
-oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
-tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
-Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-configuration/keys/moa_idp.crt b/id/server/doc/conf/moa-id-configuration/keys/moa_idp.crt
deleted file mode 100644
index bd9640b37..000000000
--- a/id/server/doc/conf/moa-id-configuration/keys/moa_idp.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
-MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
-CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
-MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
-ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
-tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
-O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
-zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
-ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
-BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
-ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
-dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
-TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
-+uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
-p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
-oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
-tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
-Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-configuration/keys/moa_idp[password].p12 b/id/server/doc/conf/moa-id-configuration/keys/moa_idp[password].p12
deleted file mode 100644
index 78cab1e89..000000000
Binary files a/id/server/doc/conf/moa-id-configuration/keys/moa_idp[password].p12 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id-configuration/keys/request.crt b/id/server/doc/conf/moa-id-configuration/keys/request.crt
deleted file mode 100644
index aa4e23cb1..000000000
--- a/id/server/doc/conf/moa-id-configuration/keys/request.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEDDCCAvSgAwIBAgIJAI6ivoxdit5XMA0GCSqGSIb3DQEBBQUAMGExCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMTEUFzc2VydGlvbiBTaWduaW5nMB4XDTE0
-MDIwNDEwNDEzOVoXDTI0MDIwMjEwNDEzOVowYTELMAkGA1UEBhMCQVQxEzARBgNV
-BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
-ZDEaMBgGA1UEAxMRQXNzZXJ0aW9uIFNpZ25pbmcwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQD5tysT9qt3zoIf6GZJP0qCO0wuAD9lS0v6IzF6lKmY2sts
-2OHjC2KX2CQWruLmA2bdxeVSX21JrcCJrLh3qzpEkBGrcaqJz2AeJ6jRamYgWa/y
-+4AADlPHJntdX3w+H/z6quCgvuylGcOhEo5Eoaef0U1cn3AR5Cu1yAtSMhnhrBU8
-upiHfpRvGx+UA55zQpctlhB8vw2i+6zvFI2MGV5cmJ56dF7IlDa+Yp6udlUhUAEn
-SKVLSiEifvnYD3F5F/yHg08zxvjU0Q2Yx/dp+gYK7obZvDtsmPRd24oo+CThhdf9
-8PHtfHew4cwUXyUiMzDYC0i4m8a4FsViryPBnjL9AgMBAAGjgcYwgcMwHQYDVR0O
-BBYEFCx2GmAN2fE3EdGbt/9tQZZFKGR6MIGTBgNVHSMEgYswgYiAFCx2GmAN2fE3
-EdGbt/9tQZZFKGR6oWWkYzBhMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29tZS1T
-dGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRowGAYDVQQD
-ExFBc3NlcnRpb24gU2lnbmluZ4IJAI6ivoxdit5XMAwGA1UdEwQFMAMBAf8wDQYJ
-KoZIhvcNAQEFBQADggEBAPIKVBFv+lGInuACtVTVfkhHp9OJWQxDaf6vxYjvqmDl
-DZ6XMQgglNRTrF1iXxWGWU+JQQWITAWFeGJ83KhFcP7jycsW3cUmwoQDmI34Zv/b
-crS0/NFug/n8hITUCBfZwpyrBXUnJrIqtPdfPXYJNN4D/XHZBJ8NeaQWg8SApJ60
-LuUIAZcFSyTiOC0qI9VlBmSpqp5rJwLnvoadNECubwuHlws0e0lTtRBNOuq0mId3
-0isb3ct7x4628JIWTH1GjuFa05YG1d6Tt0mkyfNXK2I9OYx44b9UrJIpfIDdE6E5
-ljapkxheZJuBZWjH01dgo5/Fl3OLczcWQKdSHdHREfo=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-configuration/mail/activation_template.html b/id/server/doc/conf/moa-id-configuration/mail/activation_template.html
deleted file mode 100644
index adac14f56..000000000
--- a/id/server/doc/conf/moa-id-configuration/mail/activation_template.html
+++ /dev/null
@@ -1,39 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-15" />
-<title>Benachrichtigung</title>
-<style type="text/css">
-body {
-  line-height: 1;
-  color: black;
-  background: white;
-  min-height: 101%;
-  font-size: 0.8em;
-  font-family: Verdana, Arial, Helvetica, sans-serif;
-}
-</style>
-
-</head>
-
-<body>
-<div style="width: 708px; border: 1px solid #bbbbbb">
-    <p>Sehr geehrte(r) #GIVENNAME# #FAMILYNAME#,</p>
-    <p>&nbsp;</p>
-    <p>Ihr Benutzeraccount f&uuml;r das MOA-ID 2.x Verwaltungs- und Konfigurationstool wurde soeben durch den Administrator freigegeben.</p>
-    <p>Sie k&ouml;nnen Sich ab nun unter folgendem Link am Konfigurationstool anmelden und Ihre Online-Applikationen verwalten. 
-      <a href="#MANDATE_SERVICE_LINK#">#MANDATE_SERVICE_LINK#</a>.</p>
-    
-	<p>&nbsp;</p>
-	<p>Graz, #TODAY_DATE#</p>
-	<p align="right">E-Government Innovationszentrum <br />
-	  Inffeldgasse 16a<br />
-	  8010 Graz<br />
-	  <br />
-	  Telefon: +43 (316) 873-5514 <br />
-	  Fax: +43 (316) 873-5520 <br />
-	  E-Mail: <a href="mailto:moa-id-configuration@egiz.gv.at" target="_blank" title="E-Mail an: ">moa-id-configuration@egiz.gv.at</a>
-	</p>
-</div>
-</body>
-</html>
diff --git a/id/server/doc/conf/moa-id-configuration/mail/admin_template.html b/id/server/doc/conf/moa-id-configuration/mail/admin_template.html
deleted file mode 100644
index dd5872514..000000000
--- a/id/server/doc/conf/moa-id-configuration/mail/admin_template.html
+++ /dev/null
@@ -1,40 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-15" />
-<title>Benachrichtigung</title>
-<style type="text/css">
-body {
-  line-height: 1;
-  color: black;
-  background: white;
-  min-height: 101%;
-  font-size: 0.8em;
-  font-family: Verdana, Arial, Helvetica, sans-serif;
-}
-</style>
-
-</head>
-
-<body>
-<div style="width: 708px; border: 1px solid #bbbbbb">
-    <p>Sehr geehrte(r) Administrator(in),</p>
-    <p>&nbsp;</p>
-    <p>Am MOA-ID 2.x Verwaltungs- und Konfigurationstool liegen offene Antr&auml;ge vor.</p>
-    
-    <p>Aktuell warten #NUMBER_USERSS# neue Benutzeraccount(s) und #NUMBER_OAS# neue Online-Applikation(en) 
-      auf eine Freigabe durch einen Administrator.</p>       
-        
-	<p>&nbsp;</p>
-	<p>Graz, #TODAY_DATE#</p>
-	<p align="right">E-Government Innovationszentrum <br />
-	  Inffeldgasse 16a<br />
-	  8010 Graz<br />
-	  <br />
-	  Telefon: +43 (316) 873-5514 <br />
-	  Fax: +43 (316) 873-5520 <br />
-	  E-Mail: <a href="mailto:moa-id-configuration@egiz.gv.at" target="_blank" title="E-Mail an: ">moa-id-configuration@egiz.gv.at</a>
-	</p>
-</div>
-</body>
-</html>
diff --git a/id/server/doc/conf/moa-id-configuration/mail/oa_activation_template.html b/id/server/doc/conf/moa-id-configuration/mail/oa_activation_template.html
deleted file mode 100644
index e809de743..000000000
--- a/id/server/doc/conf/moa-id-configuration/mail/oa_activation_template.html
+++ /dev/null
@@ -1,37 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-15" />
-<title>Benachrichtigung</title>
-<style type="text/css">
-body {
-  line-height: 1;
-  color: black;
-  background: white;
-  min-height: 101%;
-  font-size: 0.8em;
-  font-family: Verdana, Arial, Helvetica, sans-serif;
-}
-</style>
-
-</head>
-
-<body>
-<div style="width: 708px; border: 1px solid #bbbbbb">
-    <p>Sehr geehrte(r) #GIVENNAME# #FAMILYNAME#,</p>
-    <p>&nbsp;</p>
-    <p>Ihre Online-Applikation mit der ID #OANAME# wurde soeben durch den Administrator freigegeben.</p>
-    
-	<p>&nbsp;</p>
-	<p>Graz, #TODAY_DATE#</p>
-	<p align="right">E-Government Innovationszentrum <br />
-	  Inffeldgasse 16a<br />
-	  8010 Graz<br />
-	  <br />
-	  Telefon: +43 (316) 873-5514 <br />
-	  Fax: +43 (316) 873-5520 <br />
-	  E-Mail: <a href="mailto:moa-id-configuration@egiz.gv.at" target="_blank" title="E-Mail an: ">moa-id-configuration@egiz.gv.at</a>
-	</p>
-</div>
-</body>
-</html>
diff --git a/id/server/doc/conf/moa-id-configuration/mail/rejected_template.html b/id/server/doc/conf/moa-id-configuration/mail/rejected_template.html
deleted file mode 100644
index b5abff125..000000000
--- a/id/server/doc/conf/moa-id-configuration/mail/rejected_template.html
+++ /dev/null
@@ -1,37 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-15" />
-<title>Benachrichtigung</title>
-<style type="text/css">
-body {
-  line-height: 1;
-  color: black;
-  background: white;
-  min-height: 101%;
-  font-size: 0.8em;
-  font-family: Verdana, Arial, Helvetica, sans-serif;
-}
-</style>
-
-</head>
-
-<body>
-<div style="width: 708px; border: 1px solid #bbbbbb">
-    <p>Sehr geehrte(r) #GIVENNAME# #FAMILYNAME#,</p>
-    <p>&nbsp;</p>
-    <p>Ihr Benutzeraccount f&uuml;r das MOA-ID 2.x Verwaltungs- und Konfigurationstool wurde soeben durch einen Administrator gel&ouml;scht.</p>
-    
-	<p>&nbsp;</p>
-	<p>Graz, #TODAY_DATE#</p>
-	<p align="right">E-Government Innovationszentrum <br />
-	  Inffeldgasse 16a<br />
-	  8010 Graz<br />
-	  <br />
-	  Telefon: +43 (316) 873-5514 <br />
-	  Fax: +43 (316) 873-5520 <br />
-	  E-Mail: <a href="mailto:moa-id-configuration@egiz.gv.at" target="_blank" title="E-Mail an: ">moa-id-configuration@egiz.gv.at</a>
-	</p>
-</div>
-</body>
-</html>
diff --git a/id/server/doc/conf/moa-id-configuration/mail/verification_template.html b/id/server/doc/conf/moa-id-configuration/mail/verification_template.html
deleted file mode 100644
index fb4a3f2c4..000000000
--- a/id/server/doc/conf/moa-id-configuration/mail/verification_template.html
+++ /dev/null
@@ -1,43 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-15" />
-<title>Benachrichtigung</title>
-<style type="text/css">
-body {
-  line-height: 1;
-  color: black;
-  background: white;
-  min-height: 101%;
-  font-size: 0.8em;
-  font-family: Verdana, Arial, Helvetica, sans-serif;
-}
-</style>
-
-</head>
-
-<body>
-<div style="width: 708px; border: 1px solid #bbbbbb">
-    <p>Sehr geehrte(r) #GIVENNAME# #FAMILYNAME#,</p>
-    <p>&nbsp;</p>
-    <p>Sie haben einen Benutzeraccount f&uuml;r das MOA-ID 2.x Verwaltungs- und Konfigurationstool beantragt.</p>
-    <p>Um Ihren Antrag abzuschließen &ouml;ffnen Sie bitte den folgenden Link in Ihrem Browser.<br>
-      <a href="#MANDATE_SERVICE_LINK#">#MANDATE_SERVICE_LINK#</a>.<br>
-    Anschließend wird Ihre Antrag an den zust&auml;ndigen Administrator weitergeleitet. 
-    Sie erhalten danach eine weitere Best&auml;tigung sobald Ihr Benutzeraccount freigeschalten wurde.</p> 
-	  
-    <p>Sollten Sie keinen Account beantragt haben k&ouml;nnen Sie dieses Mail ignorieren.</p>
-    
-	<p>&nbsp;</p>
-	<p>Graz, #TODAY_DATE#</p>
-	<p align="right">E-Government Innovationszentrum <br />
-	  Inffeldgasse 16a<br />
-	  8010 Graz<br />
-	  <br />
-	  Telefon: +43 (316) 873-5514 <br />
-	  Fax: +43 (316) 873-5520 <br />
-	  E-Mail: <a href="mailto:moa-id-configuration@egiz.gv.at" target="_blank" title="E-Mail an: ">moa-id-configuration@egiz.gv.at</a>
-	</p>
-</div>
-</body>
-</html>
diff --git a/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties b/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties
deleted file mode 100644
index 7c71fadcb..000000000
--- a/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties
+++ /dev/null
@@ -1,86 +0,0 @@
-********
-*
-*$PATH_TO_CONFIG$ muss durch den eigentlichen Pfad ersetzt werden!
-*
-******
-
-#General config
-general.login.deaktivate=false
-general.publicURLContext=https://localhost:8443/moa-id-configuration
-general.moaid.instance.url=https://localhost:8443/moa-id-auth
-
-general.defaultlanguage=de 
-general.ssl.certstore=certs/certstore
-general.ssl.truststore=certs/truststore
-
-general.moaconfig.key=ConfigurationEncryptionKey
-
-##Mail
-general.mail.host=smtp.localhost...
-#general.mail.host.port=
-#general.mail.host.username=
-#general.mail.host.password=
-
-general.mail.from.name=MOA-ID 2.x Konfigurationstool
-general.mail.from.address=no-reply@localhost
-
-general.mail.useraccountrequest.verification.subject=MOA-ID 2.x - Benutzerverifikation
-general.mail.useraccountrequest.verification.template=mail/verification_template.html
-
-general.mail.useraccountrequest.isactive.subject=MOA-ID 2.x - Benutzeraktivierung
-general.mail.useraccountrequest.isactive.template=mail/activation_template.html
-general.mail.useraccountrequest.rejected.template=mail/rejected_template.html
-
-general.mail.createOArequest.isactive.subject=MOA-ID 2.x - Online-Applikationsaktivierung
-general.mail.createOArequest.isactive.template=mail/oa_activation_template.html
-
-general.mail.admin.adress=admin@localhost
-general.mail.admin.subject=MOA-ID 2.x - Statusmeldung
-general.mail.admin.adresses.template=mail/admin_template.html
-
-
-##PVP2 Authentication
-general.login.pvp2.isactive=true
-
-general.login.pvp2.idp.metadata.url=https://localhost:8443/moa-id-auth/pvp2/metadata
-general.login.pvp2.idp.metadata.certificate=$PATH_TO_CONFIG$/conf/moa-id-configuration/keys/moa_idp.crt
-general.login.pvp2.idp.metadata.entityID=https://localhost:8443/moa-id-auth
-general.login.pvp2.idp.sso.logout.url=https://localhost:8443/moa-id-auth/LogOut?redirect=
-
-general.login.pvp2.metadata.entities.name=MOA-ID 2.x Configuration Tool
-general.login.pvp2.keystore.url=$PATH_TO_CONFIG$/conf/moa-id-configuration/keys/application[password].p12
-general.login.pvp2.keystore.password=password
-general.login.pvp2.keystore.type=PKCS12
-
-general.login.pvp2.keystore.metadata.key.alias=pvp_metadata
-general.login.pvp2.keystore.metadata.key.password=password
-
-general.login.pvp2.keystore.authrequest.encryption.key.alias=pvp_encryption
-general.login.pvp2.keystore.authrequest.encryption.key.password=password
-
-general.login.pvp2.keystore.authrequest.key.alias=pvp_request
-general.login.pvp2.keystore.authrequest.key.password=password
-
-#UserRequestCleanUP time in hours
-general.userrequests.cleanup.delay=18
-
-##Hibnerate configuration for MOA-ID 2.0 configuration
-hibernate.dialect=org.hibernate.dialect.MySQLDialect
-hibernate.connection.url=jdbc:mysql://localhost/moa-id-config?charSet=utf-8&autoReconnect=true
-hibernate.connection.charSet=utf-8
-hibernate.connection.driver_class=com.mysql.jdbc.Driver
-hibernate.connection.username=
-hibernate.connection.password=
-
-hibernate.hbm2ddl.auto=update
-hibernate.current_session_context_class=thread
-hibernate.transaction.flush_before_completion=true
-hibernate.transaction.auto_close_session=true
-hibernate.show_sql=false
-hibernate.format_sql=true
-hibernate.c3p0.acquire_increment=3
-hibernate.c3p0.idle_test_period=300
-hibernate.c3p0.timeout=300
-hibernate.c3p0.max_size=20
-hibernate.c3p0.max_statements=0
-hibernate.c3p0.min_size=3
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE.xml b/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE.xml
deleted file mode 100644
index 1165d8b32..000000000
--- a/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE.xml
+++ /dev/null
@@ -1,161 +0,0 @@
-<sl10:TransformsInfo>
-	<dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-		<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
-			<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
-				<xsl:output method="xml" xml:space="default"/>
-				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
-					<html>
-						<head>
-							<title>Signatur der Anmeldedaten</title>
-							<style type="text/css" media="screen">
-              					.normalstyle { font-size: medium; } 
-              					.italicstyle { font-size: medium; font-style: italic; }
-								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
-								.h4style{ font-size: large; }                                                                                      
-              				</style>
-						</head>
-						<body>
-							<h4 class="h4style">Anmeldedaten:</h4>
-							<p class="titlestyle">Daten zur Person</p>
-							<table class="parameters">
-								<xsl:if test="normalize-space(//@Issuer)">
-									<tr>
-										<td class="italicstyle">Name:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//@Issuer"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
-									<tr>
-										<td class="italicstyle">Geburtsdatum:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
-											<xsl:text>.</xsl:text>
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
-											<xsl:text>.</xsl:text>
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
-									<tr>
-										<td class="italicstyle">Rolle:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
-									<tr>
-										<td class="italicstyle">Vollmacht:</td>
-										<td class="normalstyle">
-											<xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text>
-										</td>
-									</tr>
-								</xsl:if>
-							</table>
-							<p class="titlestyle">Daten zur Anwendung</p>
-							<table class="parameters">
-								<tr>
-									<td class="italicstyle">Name:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
-									</td>
-								</tr>
-								<tr>
-									<td class="italicstyle">Staat:</td>
-									<td class="normalstyle">Österreich</td>
-								</tr>
-							</table>
-							<p class="titlestyle">Technische Parameter</p>
-							<table class="parameters">
-								<tr>
-									<td class="italicstyle">URL:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
-									</td>
-								</tr>
-								<xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
-									<tr>
-										<td class="italicstyle">Bereich:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
-									<tr>
-										<td class="italicstyle">
-											Vollmachten-Referenz:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
-									<tr>
-										<td class="italicstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
-									<tr>
-										<td class="italicstyle">Identifikator:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
-											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
-									<tr>
-										<td class="italicstyle">OID:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='HPI']">
-									<tr>
-										<td class="italicstyle">HPI:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<tr>
-									<td class="italicstyle">Datum:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="substring(//@IssueInstant,9,2)"/>
-										<xsl:text>.</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,6,2)"/>
-										<xsl:text>.</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,1,4)"/>
-									</td>
-								</tr>
-								<tr>
-									<td class="italicstyle">Uhrzeit:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="substring(//@IssueInstant,12,2)"/>
-										<xsl:text>:</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,15,2)"/>
-										<xsl:text>:</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
-									</td>
-								</tr>
-							</table>
-						</body>
-					</html>
-				</xsl:template>
-			</xsl:stylesheet>
-		</dsig:Transform>
-		<dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
-	</dsig:Transforms>
-	<sl10:FinalDataMetaInfo>
-		<sl10:MimeType>application/xhtml+xml</sl10:MimeType>
-	</sl10:FinalDataMetaInfo>
-</sl10:TransformsInfo>
diff --git a/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml b/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml
deleted file mode 100644
index e225ca6e0..000000000
--- a/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<sl10:TransformsInfo><dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml"><xsl:output method="xml" xml:space="default"/><xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"><html><head><title>Signatur der Anmeldedaten</title><style type="text/css" media="screen">
-              					.normalstyle { font-size: medium; } 
-              					.italicstyle { font-size: medium; font-style: italic; }
-								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
-								.h4style{ font-size: large; }                                                                                      
-              </style></head><body><h4 class="h4style">Anmeldedaten:</h4><xsl:if test="string(//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue)"><p class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue"/></p></xsl:if><p class="titlestyle">Daten zur Person</p><table class="parameters"><xsl:if test="normalize-space(//@Issuer)"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//@Issuer"/></td></tr></xsl:if><xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)"><tr><td class="italicstyle">Geburtsdatum:</td><td class="normalstyle"><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">Rolle:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">Vollmacht:</td><td class="normalstyle"><xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text></td></tr></xsl:if></table><p class="titlestyle">Daten zur Anwendung</p><table class="parameters"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/></td></tr><tr><td class="italicstyle">Staat:</td><td class="normalstyle">Österreich</td></tr></table><p class="titlestyle">Technische Parameter</p><table class="parameters"><tr><td class="italicstyle">URL:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr><xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']"><tr><td class="italicstyle">Bereich:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">
-											Vollmachten-Referenz:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"><tr><td class="italicstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']"><tr><td class="italicstyle">Identifikator:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">OID:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='HPI']"><tr><td class="italicstyle">HPI:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='UniqueTokken']"><tr><td class="italicstyle">SessionTokken:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='UniqueTokken']/saml:AttributeValue"/></td></tr></xsl:if><tr><td class="italicstyle">Datum:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,1,4)"/></td></tr><tr><td class="italicstyle">Uhrzeit:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,12,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,15,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,18,2)"/></td></tr></table></body></html></xsl:template></xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><sl10:FinalDataMetaInfo><sl10:MimeType>application/xhtml+xml</sl10:MimeType></sl10:FinalDataMetaInfo></sl10:TransformsInfo>
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_EN.xml b/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_EN.xml
deleted file mode 100644
index e220b8f82..000000000
--- a/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_EN.xml
+++ /dev/null
@@ -1,161 +0,0 @@
-<sl10:TransformsInfo>
-	<dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-		<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
-			<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
-				<xsl:output method="xml" xml:space="default"/>
-				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
-					<html>
-						<head>
-							<title>Signing the authentication data</title>
-							<style type="text/css" media="screen">
-              					.normalstyle { font-size: medium; } 
-              					.italicstyle { font-size: medium; font-style: italic; }
-								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
-								.h4style{ font-size: large; }                                                                                      
-              				</style>
-						</head>
-						<body>
-							<h4 class="h4style">Authentication Data:</h4>
-							<p class="titlestyle">Personal Data</p>
-							<table class="parameters">
-								<xsl:if test="normalize-space(//@Issuer)">
-									<tr>
-										<td class="italicstyle">Name:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//@Issuer"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
-									<tr>
-										<td class="italicstyle">Date of Birth:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
-											<xsl:text>.</xsl:text>
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
-											<xsl:text>.</xsl:text>
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
-									<tr>
-										<td class="italicstyle">Role:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
-									<tr>
-										<td class="italicstyle">Mandate:</td>
-										<td class="normalstyle">
-											<xsl:text>I log in as representative. In the next step a list of available mandates is shown. Here I select one mandate.</xsl:text>
-										</td>
-									</tr>
-								</xsl:if>
-							</table>
-							<p class="titlestyle">Application Data</p>
-							<table class="parameters">
-								<tr>
-									<td class="italicstyle">Name:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
-									</td>
-								</tr>
-								<tr>
-									<td class="italicstyle">Country:</td>
-									<td class="normalstyle">Austria</td>
-								</tr>
-							</table>
-							<p class="titlestyle">Technical Parameters</p>
-							<table class="parameters">
-								<tr>
-									<td class="italicstyle">URL:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
-									</td>
-								</tr>
-								<xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
-									<tr>
-										<td class="italicstyle">Sector:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
-									<tr>
-										<td class="italicstyle">
-											Mandate Reference:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
-									<tr>
-										<td class="italicstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
-									<tr>
-										<td class="italicstyle">Identifier:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
-											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
-									<tr>
-										<td class="italicstyle">OID:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='HPI']">
-									<tr>
-										<td class="italicstyle">HPI:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<tr>
-									<td class="italicstyle">Date:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="substring(//@IssueInstant,9,2)"/>
-										<xsl:text>.</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,6,2)"/>
-										<xsl:text>.</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,1,4)"/>
-									</td>
-								</tr>
-								<tr>
-									<td class="italicstyle">Time:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="substring(//@IssueInstant,12,2)"/>
-										<xsl:text>:</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,15,2)"/>
-										<xsl:text>:</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
-									</td>
-								</tr>
-							</table>
-						</body>
-					</html>
-				</xsl:template>
-			</xsl:stylesheet>
-		</dsig:Transform>
-		<dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
-	</dsig:Transforms>
-	<sl10:FinalDataMetaInfo>
-		<sl10:MimeType>application/xhtml+xml</sl10:MimeType>
-	</sl10:FinalDataMetaInfo>
-</sl10:TransformsInfo>
diff --git a/id/server/doc/conf/moa-id-oa/keys/Metadata_Signing.cer b/id/server/doc/conf/moa-id-oa/keys/Metadata_Signing.cer
deleted file mode 100644
index bd9640b37..000000000
--- a/id/server/doc/conf/moa-id-oa/keys/Metadata_Signing.cer
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
-MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
-CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
-MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
-ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
-tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
-O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
-zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
-ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
-BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
-ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
-dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
-TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
-+uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
-p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
-oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
-tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
-Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-oa/keys/application[password].p12 b/id/server/doc/conf/moa-id-oa/keys/application[password].p12
deleted file mode 100644
index 78cab1e89..000000000
Binary files a/id/server/doc/conf/moa-id-oa/keys/application[password].p12 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id-oa/keys/assertion.crt b/id/server/doc/conf/moa-id-oa/keys/assertion.crt
deleted file mode 100644
index aa4e23cb1..000000000
--- a/id/server/doc/conf/moa-id-oa/keys/assertion.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEDDCCAvSgAwIBAgIJAI6ivoxdit5XMA0GCSqGSIb3DQEBBQUAMGExCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMTEUFzc2VydGlvbiBTaWduaW5nMB4XDTE0
-MDIwNDEwNDEzOVoXDTI0MDIwMjEwNDEzOVowYTELMAkGA1UEBhMCQVQxEzARBgNV
-BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
-ZDEaMBgGA1UEAxMRQXNzZXJ0aW9uIFNpZ25pbmcwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQD5tysT9qt3zoIf6GZJP0qCO0wuAD9lS0v6IzF6lKmY2sts
-2OHjC2KX2CQWruLmA2bdxeVSX21JrcCJrLh3qzpEkBGrcaqJz2AeJ6jRamYgWa/y
-+4AADlPHJntdX3w+H/z6quCgvuylGcOhEo5Eoaef0U1cn3AR5Cu1yAtSMhnhrBU8
-upiHfpRvGx+UA55zQpctlhB8vw2i+6zvFI2MGV5cmJ56dF7IlDa+Yp6udlUhUAEn
-SKVLSiEifvnYD3F5F/yHg08zxvjU0Q2Yx/dp+gYK7obZvDtsmPRd24oo+CThhdf9
-8PHtfHew4cwUXyUiMzDYC0i4m8a4FsViryPBnjL9AgMBAAGjgcYwgcMwHQYDVR0O
-BBYEFCx2GmAN2fE3EdGbt/9tQZZFKGR6MIGTBgNVHSMEgYswgYiAFCx2GmAN2fE3
-EdGbt/9tQZZFKGR6oWWkYzBhMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29tZS1T
-dGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRowGAYDVQQD
-ExFBc3NlcnRpb24gU2lnbmluZ4IJAI6ivoxdit5XMAwGA1UdEwQFMAMBAf8wDQYJ
-KoZIhvcNAQEFBQADggEBAPIKVBFv+lGInuACtVTVfkhHp9OJWQxDaf6vxYjvqmDl
-DZ6XMQgglNRTrF1iXxWGWU+JQQWITAWFeGJ83KhFcP7jycsW3cUmwoQDmI34Zv/b
-crS0/NFug/n8hITUCBfZwpyrBXUnJrIqtPdfPXYJNN4D/XHZBJ8NeaQWg8SApJ60
-LuUIAZcFSyTiOC0qI9VlBmSpqp5rJwLnvoadNECubwuHlws0e0lTtRBNOuq0mId3
-0isb3ct7x4628JIWTH1GjuFa05YG1d6Tt0mkyfNXK2I9OYx44b9UrJIpfIDdE6E5
-ljapkxheZJuBZWjH01dgo5/Fl3OLczcWQKdSHdHREfo=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-oa/keys/encryption.crt b/id/server/doc/conf/moa-id-oa/keys/encryption.crt
deleted file mode 100644
index c9d94f9b6..000000000
--- a/id/server/doc/conf/moa-id-oa/keys/encryption.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIJAMC/5DRgVin3MA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxEzARBgNVBAMTCkVuY3J5cHRpb24wHhcNMTQwMjA0MTA0
-MjA2WhcNMjQwMjAyMTA0MjA2WjBaMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29t
-ZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYD
-VQQDEwpFbmNyeXB0aW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-qgKWs3IW4giGsbAUm/wRH+lcggVpOPkNqqtNA48Qfwkq/lSWdeHp0+xXOwR1Oull
-TpmfbqJouUoHf6jCt1EXqlQR2oQ1oYYjLncVMhZ9ajXVFJEBl6tw9Em4aCzkkTdL
-HfWoh21iDnYOXTgP23/59xpuvy85O39hKnysXIcniqeb1uHthMiN25R8g4bPOQNb
-OfoMXpXdVbHxM77ZDSbk88BMRsq8SnlPdelaf8HsZomtnLKXvSDLivTZloxtHjBa
-aJNS/H1zr3HI+lq4S4VH+8ilj53OeWHjstGCFiTRtZy2hZvG2PegNIL7shMN/h4i
-h+OCn/ImAW9Kf599wve5iQIDAQABo4G/MIG8MB0GA1UdDgQWBBQzMzOrGfjN+Tnz
-zbFTyLPgHS4FkjCBjAYDVR0jBIGEMIGBgBQzMzOrGfjN+TnzzbFTyLPgHS4FkqFe
-pFwwWjELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoT
-GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDETMBEGA1UEAxMKRW5jcnlwdGlvboIJ
-AMC/5DRgVin3MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAADZoknf
-lcG0O9sL8CALO6UmPy1+ZlOXndoqqNu3uvzj7hvjT5RPY4hTyfrkUn5EqlHwLSCf
-C7rOxcGvRHT3/REwOef8H3MGdSV81esa5EbrRfGWjLOXoQFrIOhz5bxqoU0B7Obh
-3IUA2yCGz4SlXjMdMWN670ETglnthdY4z2Ot8n4E2YNXlRSubowat7ylkqjKvyaB
-Iz/RVgDxblkOK+bqPSKaNWvadItnMyh7Y8C3LD3tQpwYViJ0QOJ9BMujULma7Tb8
-lVIhmx3y2cU8nCqG0VPSTE6AMnuONuQjJTGFsRdDREFrALtjUpsUOXU6+19ywYSi
-LYiLYskPglktuck=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-oa/keys/metadata.crt b/id/server/doc/conf/moa-id-oa/keys/metadata.crt
deleted file mode 100644
index bd9640b37..000000000
--- a/id/server/doc/conf/moa-id-oa/keys/metadata.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
-MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
-CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
-MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
-ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
-tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
-O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
-zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
-ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
-BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
-ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
-dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
-TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
-+uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
-p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
-oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
-tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
-Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-oa/keys/moa_idp.crt b/id/server/doc/conf/moa-id-oa/keys/moa_idp.crt
deleted file mode 100644
index bd9640b37..000000000
--- a/id/server/doc/conf/moa-id-oa/keys/moa_idp.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
-MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
-CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
-MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
-ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
-tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
-O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
-zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
-ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
-BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
-ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
-dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
-TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
-+uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
-p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
-oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
-tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
-Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-oa/oa.properties b/id/server/doc/conf/moa-id-oa/oa.properties
deleted file mode 100644
index f247dcea6..000000000
--- a/id/server/doc/conf/moa-id-oa/oa.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-********
-*
-*$PATH_TO_CONFIG$ muss durch den eigentlichen Pfad ersetzt werden!
-*
-******
-
-general.publicURLContext=https://localhost:8443/moa-id-oa
-
-general.login.pvp2.idp.metadata.url=https://localhost:8443/moa-id-auth/pvp2/metadata
-general.login.pvp2.idp.metadata.certificate=$PATH_TO_CONFIG$/conf/moa-id-oa/keys/moa_idp.crt
-general.login.pvp2.idp.metadata.entityID=https://localhost:8443/moa-id-auth
-
-general.login.pvp2.OA.metadata.entities.name=MOA-ID 2.x Demo-Application
-
-general.login.pvp2.OA.keystore.url=$PATH_TO_CONFIG$/conf/moa-id-oa/keys/application[password].p12
-general.login.pvp2.OA.keystore.password=password
-general.login.pvp2.OA.keystore.type=PKCS12
-
-general.login.pvp2.OA.keystore.metadata.sign.key.alias=pvp_metadata
-general.login.pvp2.OA.keystore.metadata.sign.key.password=password
-
-general.login.pvp2.keystore.authrequest.sign.key.alias=pvp_request
-general.login.pvp2.keystore.authrequest.sign.key.password=password
-
-general.login.pvp2.keystore.assertion.encryption.key.alias=pvp_encryption
-general.login.pvp2.keystore.assertion.encryption.key.password=password
-
diff --git a/id/server/doc/conf/moa-id-proxy/MOAIDConfiguration.xml b/id/server/doc/conf/moa-id-proxy/MOAIDConfiguration.xml
deleted file mode 100644
index 51b36a1da..000000000
--- a/id/server/doc/conf/moa-id-proxy/MOAIDConfiguration.xml
+++ /dev/null
@@ -1,67 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Beispielkonfiguration fuer MOA-ID -->
-<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">	
-	<!-- Konfiguration fuer MOA-ID-PROXY -->
-	<ProxyComponent>
-		<!-- URL und akzeptierte TLS-Server-Zertifikate des MOA-ID-AUTH Web Service -->
-		<AuthComponent>
-			<ConnectionParameter URL="http://labda.iaik.tugraz.at:8080/moa-id-auth/services/GetAuthenticationData">
-				<AcceptedServerCertificates>certs/server-certs</AcceptedServerCertificates>
-				<!--	<ClientKeyStore password="Keystore Pass">file_to_clientkeystore</ClientKeyStore> -->
-			</ConnectionParameter>
-		</AuthComponent>
-	</ProxyComponent>
-	
-  <!-- Eintragung fuer jede Online-Applikation -->
-	<!-- Demo Online-Applikation: Zugriff auf www.digitales.oesterreich.gv.at ueber MOA-ID-PROXY -->
-	<OnlineApplication type="businessService" publicURLPrefix="https://proxy.gv.at" friendlyName="Test Application">
-		<!-- fuer MOA-ID-PROXY -->
-		<ProxyComponent configFileURL="oa/BasicOAConfiguration.xml" sessionTimeOut="600" 
-        loginParameterResolverImpl="at.gv.egiz.moa.id.proxy.MySQLLoginParameterResolver" 
-        loginParameterResolverConfiguration="/var/lib/tomcat6/webapps/moa-id-proxy-umgmt/WEB-INF/classes/hibernate.cfg.xml"
-			  connectionBuilderImpl="at.gv.egovernment.moa.id.proxy.EnhancedConnectionBuilder"
-        errorRedirectURL="https://proxy.gv.at/oa2">
-
-			<!-- URL und akzeptierte TLS-Server-Zertifikate der Online-Applikation -->
-			<ConnectionParameter URL="https://proxy.gv.at/oa">
-				 <AcceptedServerCertificates>certs/server-certs</AcceptedServerCertificates>
-				<!--	<ClientKeyStore password="Keystore Pass">file_to_clientkeystore</ClientKeyStore> -->
-			</ConnectionParameter>
-		</ProxyComponent>
-	</OnlineApplication>
-  
-	<!-- Eintragung fuer jede Online-Applikation -->
-	<!-- Demo Online-Applikation: Zugriff auf www.digitales.oesterreich.gv.at ueber MOA-ID-PROXY -->
-	<OnlineApplication type="businessService" publicURLPrefix="https://proxy.gv.at" friendlyName="Test Application">
-		<!-- fuer MOA-ID-PROXY -->
-		<ProxyComponent configFileURL="oa/BasicOAConfiguration.xml" sessionTimeOut="600" 
-        errorRedirectURL="https://proxy.gv.at/oa2">
-
-			<!-- URL und akzeptierte TLS-Server-Zertifikate der Online-Applikation -->
-			<ConnectionParameter URL="https://proxy.gv.at/oa">
-				 <AcceptedServerCertificates>certs/server-certs</AcceptedServerCertificates>
-				<!--	<ClientKeyStore password="Keystore Pass">file_to_clientkeystore</ClientKeyStore> -->
-			</ConnectionParameter>
-		</ProxyComponent>
-	</OnlineApplication>
-		
-	<!-- ChainingModes fuer die Zertifikatspfadueberpruefug der TLS-Zertifikate -->
-	<ChainingModes systemDefaultMode="pkix">
-  </ChainingModes>
-	<!-- fuer MOA-ID-AUTH:  CA-Zertifikat des Servers MOA-SP, falls dieses Service ueber HTTPS angesprochen wird 
-       fuer MOA-ID-PROXY: CA-Zertifikat des Servers MOA-ID-AUTH, falls dieses Service ueber HTTPS angesprochen wird 
-       zusaeztlich: CA-Zertifikat aller Online-Applikationen, die ueber HTTPS angesprochen werden -->
-	<TrustedCACertificates>certs/ca-certs</TrustedCACertificates>
-	<!-- Cache-Verzeichnis fuer-Zertifikate -->
-	<!-- Hinweis: wenn TC in linux oder unix betrieben wird vollstaendigen pfad fuer DirectoryCertStoreParameters.RootDir verwenden -->
-	<GenericConfiguration name="DirectoryCertStoreParameters.RootDir" value="/etc/tomcat6/moa-id/certs/certstore"/>
-	<!-- Time-Out fuer die Anmeldung von Beginn bis zum Anlegen der Anmeldedaten, in Sekunden -->
-	<GenericConfiguration name="AuthenticationSession.TimeOut" value="600"/>
-	<!-- Time-Out fuer die Anmeldung vom Anlegen bis zum Abholen der Anmeldedaten, in Sekunden -->
-	<GenericConfiguration name="AuthenticationData.TimeOut" value="120"/>
-	<!-- Alternatives Data URL prefix (falls Webserver vorgeschaltet wird) -->
-	<!--GenericConfiguration name="FrontendServlets.DataURLPrefix" value="https://<your_webserver>/moa-id-auth/"/ -->
-	<!-- HTTP Verbindung auf Frontend Servlets zulassen / verbieten (falls Webserver vorgeschaltet wird) -->
-	<!-- GenericConfiguration name="FrontendServlets.EnableHTTPConnection" value="true"/ -->
-	<!-- URL Liste der vertrauenwürdigen Bürgekartenumgebungen -->
-</MOA-IDConfiguration>
diff --git a/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_debug.jsp b/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_debug.jsp
deleted file mode 100644
index 0cb4e8fea..000000000
--- a/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_debug.jsp
+++ /dev/null
@@ -1,53 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<%@ page contentType="text/html; charset=UTF-8" %>
-<html>
-<head>
-<title>Ein Fehler ist aufgetreten</title>
-</head>
-<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown");
-   String errorMessage = (String)request.getAttribute("ErrorMessage");
-   String wrongParameters = (String)request.getAttribute("WrongParameters");
-   String logLevel = (String)request.getAttribute("LogLevel");
-%>
-
-<body>
-<h1>Fehler bei der Anmeldung</h1>
-<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
-
-<% if (logLevel != null) { %>
-<% if (errorMessage != null) { %>
-<p>
-<%= errorMessage%><br>
-</p>
-<% } %>
-<% if (exceptionThrown != null) { %>
-<p> 
-<%= exceptionThrown.getMessage()%>
-</p>
-<% } %>
-<% if (wrongParameters != null) { %>
-<p>Die Angabe der Parameter ist unvollst&auml;ndig.<br></p>
-<b> <%= wrongParameters %> </b><br>
-<p>
-   Beispiele f&uuml;r korrekte Links zur MOA-ID Authentisierung sind:
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-Im Falle einer Applikation aus dem privatwirtschaftlichen Bereich (type="businessService") entf&auml;llt die Angabe des <i>Target</i> Parameters:
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>Die Angabe der Parameter <tt>&quot;Template&quot;</tt> und <tt>&quot;BKUSelectionTemplate&quot;</tt> ist optional.</p>
-<% } %>
-<% } %>
-</body>
-</html>
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_empty.jsp b/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_empty.jsp
deleted file mode 100644
index 0b3992bfd..000000000
--- a/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_empty.jsp
+++ /dev/null
@@ -1,13 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<%@ page contentType="text/html; charset=UTF-8" %>
-<html>
-<head>
-<title>Ein Fehler ist aufgetreten</title>
-</head>
-
-<body>
-<h1>Fehler bei der Anmeldung</h1>
-<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
-
-</body>
-</html>
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_debug.jsp b/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_debug.jsp
deleted file mode 100644
index 0cb4e8fea..000000000
--- a/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_debug.jsp
+++ /dev/null
@@ -1,53 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<%@ page contentType="text/html; charset=UTF-8" %>
-<html>
-<head>
-<title>Ein Fehler ist aufgetreten</title>
-</head>
-<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown");
-   String errorMessage = (String)request.getAttribute("ErrorMessage");
-   String wrongParameters = (String)request.getAttribute("WrongParameters");
-   String logLevel = (String)request.getAttribute("LogLevel");
-%>
-
-<body>
-<h1>Fehler bei der Anmeldung</h1>
-<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
-
-<% if (logLevel != null) { %>
-<% if (errorMessage != null) { %>
-<p>
-<%= errorMessage%><br>
-</p>
-<% } %>
-<% if (exceptionThrown != null) { %>
-<p> 
-<%= exceptionThrown.getMessage()%>
-</p>
-<% } %>
-<% if (wrongParameters != null) { %>
-<p>Die Angabe der Parameter ist unvollst&auml;ndig.<br></p>
-<b> <%= wrongParameters %> </b><br>
-<p>
-   Beispiele f&uuml;r korrekte Links zur MOA-ID Authentisierung sind:
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-Im Falle einer Applikation aus dem privatwirtschaftlichen Bereich (type="businessService") entf&auml;llt die Angabe des <i>Target</i> Parameters:
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>Die Angabe der Parameter <tt>&quot;Template&quot;</tt> und <tt>&quot;BKUSelectionTemplate&quot;</tt> ist optional.</p>
-<% } %>
-<% } %>
-</body>
-</html>
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_empty.jsp b/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_empty.jsp
deleted file mode 100644
index 0b3992bfd..000000000
--- a/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_empty.jsp
+++ /dev/null
@@ -1,13 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<%@ page contentType="text/html; charset=UTF-8" %>
-<html>
-<head>
-<title>Ein Fehler ist aufgetreten</title>
-</head>
-
-<body>
-<h1>Fehler bei der Anmeldung</h1>
-<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
-
-</body>
-</html>
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-id/MOAIdentities.xsd b/id/server/doc/conf/moa-id/MOAIdentities.xsd
deleted file mode 100644
index e075ead5e..000000000
--- a/id/server/doc/conf/moa-id/MOAIdentities.xsd
+++ /dev/null
@@ -1,59 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) -->
-<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" elementFormDefault="qualified" attributeFormDefault="unqualified">
-	<xs:element name="MOAIdentities">
-		<xs:annotation>
-			<xs:documentation>MOAIdentities provides a mapping from identities to parameters used in the XMLLoginParameterResolver of MOA-ID</xs:documentation>
-		</xs:annotation>
-		<xs:complexType>
-			<xs:sequence maxOccurs="unbounded">
-				<xs:element name="Mapping">
-					<xs:complexType>
-						<xs:sequence>
-							<xs:element name="Identity">
-								<xs:complexType>
-									<xs:choice>
-										<xs:element name="NamedIdentity" type="tns:NamedIdentityType"/>
-										<xs:element name="bPKIdentity" type="tns:bPKIdentitiyType"/>
-										<xs:element name="wbPKIdentity" type="tns:wbPKIdentitiyType"/>
-									</xs:choice>
-								</xs:complexType>
-							</xs:element>
-							<xs:element name="Parameters" type="tns:ParametersType"/>
-						</xs:sequence>
-					</xs:complexType>
-				</xs:element>
-			</xs:sequence>
-		</xs:complexType>
-	</xs:element>
-	<xs:complexType name="wbPKIdentitiyType">
-		<xs:simpleContent>
-			<xs:extension base="xs:boolean">
-				<xs:attribute name="wbPK" type="xs:string" use="required"/>
-			</xs:extension>
-		</xs:simpleContent>
-	</xs:complexType>
-	<xs:complexType name="bPKIdentitiyType">
-		<xs:simpleContent>
-			<xs:extension base="xs:boolean">
-				<xs:attribute name="bPK" type="xs:string" use="required"/>
-			</xs:extension>
-		</xs:simpleContent>
-	</xs:complexType>
-	<xs:complexType name="NamedIdentityType">
-		<xs:simpleContent>
-			<xs:extension base="xs:boolean">
-				<xs:attribute name="SurName" type="xs:string" use="required"/>
-				<xs:attribute name="GivenName" type="xs:string" use="required"/>
-				<xs:attribute name="BirthDate" type="xs:string" use="optional"/>
-			</xs:extension>
-		</xs:simpleContent>
-	</xs:complexType>
-	<xs:complexType name="ParametersType">
-		<xs:attribute name="UN" type="xs:string" use="optional"/>
-		<xs:attribute name="PW" type="xs:string" use="optional"/>
-		<xs:attribute name="Param1" type="xs:string" use="optional"/>
-		<xs:attribute name="Param2" type="xs:string" use="optional"/>
-		<xs:attribute name="Param3" type="xs:string" use="optional"/>
-	</xs:complexType>
-</xs:schema>
diff --git a/id/server/doc/conf/moa-id/SLTemplates/template_handyBKU.html b/id/server/doc/conf/moa-id/SLTemplates/template_handyBKU.html
deleted file mode 100644
index 5a335f9a1..000000000
--- a/id/server/doc/conf/moa-id/SLTemplates/template_handyBKU.html
+++ /dev/null
@@ -1,38 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html lang="de">
-	<head>
-		<title></title>
-		<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-		<script language="javascript" type="text/javascript">
-			function onAnmeldeSubmit() {
-				document.CustomizedForm.submit();
-				document.CustomizedForm.Senden.disabled=true;
-			}
-		</script>
-	</head>
-	<body onLoad="onAnmeldeSubmit()">		 
-      <form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">
-			Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier:
-     		<input class="button" type="submit" value="Starte Anmeldung" name="Senden">
-			<input type="hidden" name="XMLRequest" value="<XMLRequest>">
-			<input type="hidden" name="DataURL" value="<DataURL>">
-			<input type="hidden" name="PushInfobox" value="<PushInfobox>">
-			
-			<!-- Angabe der Parameter für die Handy-BKU -->
-			<input type="hidden" name="appletWidth" value="<APPLETWIDTH>">
-			<input type="hidden" name="appletHeight" value="<APPLETHEIGHT>">
-			
-			<!-- [OPTIONAL] Aendern Sie hier die Hintergrundfarbe der Handy-BKU -->
-			<input type="hidden" name="backgroundColor" value="<COLOR>"> 
-            
-			<input type="hidden" name="redirecttarget" value="<REDIRECTTARGET>">
-		</form>
-
-		<form name="CustomizedInfoForm" action="<BKU>" method="post">
-			<input type="hidden" name="XMLRequest" value="<CertInfoXMLRequest>">
-			<input type="hidden" name="DataURL" value="<CertInfoDataURL>">
-		</form>
-		<form name="DummyForm" action="<BKU>" method="post">
-		</form>
-	</body>
-</html>
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-id/SLTemplates/template_localBKU.html b/id/server/doc/conf/moa-id/SLTemplates/template_localBKU.html
deleted file mode 100644
index 329fe6f8d..000000000
--- a/id/server/doc/conf/moa-id/SLTemplates/template_localBKU.html
+++ /dev/null
@@ -1,30 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html lang="de">
-	<head>
-		<title></title>
-		<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-		<script language="javascript" type="text/javascript">
-			function onAnmeldeSubmit() {
-				document.CustomizedForm.submit();
-				document.CustomizedForm.Senden.disabled=true;
-			}
-		</script>
-	</head>
-	<body onLoad="onAnmeldeSubmit()">	   
-		<form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">
-			Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier: 
-     		<input class="button" type="submit" value="Starte Anmeldung" name="Senden">
-			<input type="hidden" name="XMLRequest" value="<XMLRequest>">
-			<input type="hidden" name="DataURL" value="<DataURL>">
-			<input type="hidden" name="PushInfobox" value="<PushInfobox>">
-		</form>
-		
-		<form name="CustomizedInfoForm" action="<BKU>" method="post">
-			<input type="hidden" name="XMLRequest" value="<CertInfoXMLRequest>">
-			<input type="hidden" name="DataURL" value="<CertInfoDataURL>">
-		</form>
-		
-		<form name="DummyForm" action="<BKU>" method="post">
-		</form>
-	</body>
-</html>
diff --git a/id/server/doc/conf/moa-id/SLTemplates/template_onlineBKU.html b/id/server/doc/conf/moa-id/SLTemplates/template_onlineBKU.html
deleted file mode 100644
index 52abf83fb..000000000
--- a/id/server/doc/conf/moa-id/SLTemplates/template_onlineBKU.html
+++ /dev/null
@@ -1,37 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html lang="de">
-	<head>
-		<title></title>
-		<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-		<script language="javascript" type="text/javascript">
-			function onAnmeldeSubmit() {
-				document.CustomizedForm.submit();
-				document.CustomizedForm.Senden.disabled=true;
-			}
-		</script>
-	</head>
-	<body onLoad="onAnmeldeSubmit()">	 
-		<form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">
-			Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier: 
-		    <input class="button" type="hidden" value="Starte Anmeldung" name="Senden">
-			<input type="hidden" name="XMLRequest" value="<XMLRequest>">
-			<input type="hidden" name="DataURL" value="<DataURL>">
-			<input type="hidden" name="PushInfobox" value="<PushInfobox>">
-		
-			<!-- Angabe der Parameter fuer die Online-BKU -->
-			<input type="hidden" name="appletWidth" value="<APPLETWIDTH>">
-			<input type="hidden" name="appletHeight" value="<APPLETHEIGHT>">
-			
-			<!-- [OPTIONAL] Aendern Sie hier die Hintergrundfarbe der Online-BKU -->
-	      <input type="hidden" name="appletBackgroundColor" value="<COLOR>">
-	      <input type="hidden" name="redirectTarget" value="<REDIRECTTARGET>">
-		</form>
-		
-		<form name="CustomizedInfoForm" action="<BKU>" method="post">
-			<input type="hidden" name="XMLRequest" value="<CertInfoXMLRequest>">
-			<input type="hidden" name="DataURL" value="<CertInfoDataURL>">
-		</form>
-		<form name="DummyForm" action="<BKU>" method="post">
-		</form>
-	</body>
-</html>
diff --git a/id/server/doc/conf/moa-id/SampleIdentities.xml b/id/server/doc/conf/moa-id/SampleIdentities.xml
deleted file mode 100644
index abda0bf64..000000000
--- a/id/server/doc/conf/moa-id/SampleIdentities.xml
+++ /dev/null
@@ -1,34 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Beispielkonfiguration für den Einsatz der MOA-ID Proxy-Komponenten unter Einsatz eines speziellen XMLLoginParameterResolver 
-	 Damit kann unter Einsatz des XMLLoginParameterResolverPlainData (s.u.) eine Einschränkung von Benutzer für OA erfolgen. 	 -->
-<!-- Beispiel für ein Element ProxyComponent in der MOA-ID Konfigurationsdatei welches den XMLLoginParameterResolverPlainData 
-     mit der Benutzerdatei Identities.xml verwendet um sich über Basic Authentication (401) an einer Webseite anzumeldne 	     	-->
-     
-     
-<!--
-		<ProxyComponent configFileURL="oa/SampleOAConfiguration.xml" sessionTimeOut="600" 
-						loginParameterResolverImpl="at.gv.egovernment.moa.id.proxy.XMLLoginParameterResolverPlainData" 
-						loginParameterResolverConfiguration="Identities.xml">
-			<ConnectionParameter URL="http://www.digitales.oesterreich.gv.at/">
-			</ConnectionParameter>
-		</ProxyComponent>
--->
-<MOAIdentities xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814 MOAIdentities.xsd">
-	<!-- Eintrag aller Benutzer mit Berechtigung -->
-	<!-- Die Daten müssen in der Schreibweise wie in der Personenbindung (= Schreibweise des ZMRs) eingegeben werden -->
-
-	<!-- Benutzerin Kunz -->
-	<Mapping>
-		<Identity>
-			<NamedIdentity SurName="Kunz" GivenName="Karin Stella" BirthDate="1900-01-01">1</NamedIdentity>
-		</Identity>
-		<Parameters UN="KunzKS" PW="geheim"/>
-	</Mapping>
-	<!-- Benutzer Mustermann -->
-	<Mapping>
-		<Identity>
-			<NamedIdentity SurName="Mustermann-Fall" GivenName="Max Moriz" BirthDate="1900-01-01">1</NamedIdentity>
-		</Identity>
-		<Parameters UN="MustMM" PW="höchst?Geheim"/>
-	</Mapping>
-</MOAIdentities>
diff --git a/id/server/doc/conf/moa-id/certs/ca-certs/A-Trust-nQual-03.cer b/id/server/doc/conf/moa-id/certs/ca-certs/A-Trust-nQual-03.cer
deleted file mode 100644
index 33e776369..000000000
Binary files a/id/server/doc/conf/moa-id/certs/ca-certs/A-Trust-nQual-03.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/ca-certs/a-sign-SSL-03.cer b/id/server/doc/conf/moa-id/certs/ca-certs/a-sign-SSL-03.cer
deleted file mode 100644
index a699436ca..000000000
Binary files a/id/server/doc/conf/moa-id/certs/ca-certs/a-sign-SSL-03.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/ca-certs/gateway.stammzahlenregister.gv.at.cer b/id/server/doc/conf/moa-id/certs/ca-certs/gateway.stammzahlenregister.gv.at.cer
deleted file mode 100644
index ff90e35f5..000000000
Binary files a/id/server/doc/conf/moa-id/certs/ca-certs/gateway.stammzahlenregister.gv.at.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/ca-certs/szrgw.egiz.gv.at.crt b/id/server/doc/conf/moa-id/certs/ca-certs/szrgw.egiz.gv.at.crt
deleted file mode 100644
index 0780bc44f..000000000
--- a/id/server/doc/conf/moa-id/certs/ca-certs/szrgw.egiz.gv.at.crt
+++ /dev/null
@@ -1,33 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFsDCCBJigAwIBAgIHASBxw0JY9jANBgkqhkiG9w0BAQUFADCBrDEcMBoGA1UE
-AxMTRXVyb1BLSSBJQUlLIFNTTCBDQTEmMCQGA1UEChMdR3JheiBVbml2ZXJzaXR5
-IG9mIFRlY2hub2xvZ3kxSDBGBgNVBAsTP0luc3RpdHV0ZSBmb3IgQXBwbGllZCBJ
-bmZvcm1hdGlvbiBQcm9jZXNzaW5nIGFuZCBDb21tdW5pY2F0aW9uczENMAsGA1UE
-BxMER3JhejELMAkGA1UEBhMCQVQwHhcNMTMxMjAzMTYzODUyWhcNMTUxMjAzMTYz
-ODUyWjCBqTELMAkGA1UEBhMCQVQxDTALBgNVBAcTBEdyYXoxJjAkBgNVBAoTHUdy
-YXogVW5pdmVyc2l0eSBvZiBUZWNobm9sb2d5MUgwRgYDVQQLEz9JbnN0aXR1dGUg
-Zm9yIEFwcGxpZWQgSW5mb3JtYXRpb24gUHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNh
-dGlvbnMxGTAXBgNVBAMTEHN6cmd3LmVnaXouZ3YuYXQwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQDPDRBxrsDziPzz+GAcdJ2m6kOkJcr4REzMzP9dULRv
-R6EbVvvwQgPpAEcuqH+101ZwcIHNSCSQF30HnkJVF9hQ+4jIKjvUQ96hkZUC8OyI
-9WfJfPjCtMea9Mk4YsI2DVc6xoiuNKSeZt6ER0b3YDRFX6x4QqQpgt3uIMKjHxBf
-ESB9ehKLEPnQTgIzblvVrPWRAjVd+nZq40ZW1Im9Kq2pRk1gt5xiGh0q5qCV17Yj
-mzTcO4tcgW7iFJ8Tj1Cdog7AOBkhGXGtndfhH/EwGo08PZ1PEYwA5wTVHEhq/Nom
-zBKhDBRdDBhWOuxMeX8zSffuBYf9Oa9RGZBPErUi9HgHAgMBAAGjggHWMIIB0jAO
-BgNVHQ8BAf8EBAMCBLAwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/
-BAIwADBQBgNVHSAESTBHMEUGDCsGAQQBlRIBAgMBATA1MDMGCCsGAQUFBwIBFido
-dHRwOi8vZXVyb3BraS5pYWlrLmF0L2NhL2lhaWsvY3BzLzEuMy8wHQYDVR0OBBYE
-FFi1nfsT7YEJ9PKNzMHBtXbl574ZMEgGA1UdHwRBMD8wPaA7oDmGN2h0dHA6Ly9j
-YS5pYWlrLnR1Z3Jhei5hdC9jYXBzby9jcmxzL0V1cm9QS0lJQUlLX1NTTC5jcmww
-gZoGCCsGAQUFBwEBBIGNMIGKMEIGCCsGAQUFBzABhjZodHRwOi8vY2EuaWFpay50
-dWdyYXouYXQvY2Fwc28vT0NTUD9jYT1FdXJvUEtJSUFJS19TU0wwRAYIKwYBBQUH
-MAKGOGh0dHA6Ly9jYS5pYWlrLnR1Z3Jhei5hdC9jYXBzby9jZXJ0cy9FdXJvUEtJ
-SUFJS19TU0wuY2VyMCEGA1UdEQQaMBiBFnRob21hcy5sZW56QGVnaXouZ3YuYXQw
-HwYDVR0jBBgwFoAUFZk0u+CXsy4oNl3WeM9osRQzuEkwDQYJKoZIhvcNAQEFBQAD
-ggEBAItlnRWi7nFbd9oahK06YNgkI6c3zPfWp3anaYOxZt+AakjI7IoV2YprNVWJ
-2RZ2KA7rM3xNO1i1/H6TcWpjIJy+zsejvyXjQbC9e+wy3hD7iqtCt4oWqzIg61NE
-u1j1u/r9/yozDEkOYv7XY+X5xNBCZ1YfbOwKltLdCWhk6MSK9xDUoeub0DyD3OIS
-4VBVfftsVaJA9vY9e62aSpysEU6VoJpoXVLv1pGeCMajF9d7umCs+daguugbUNMM
-FIfAll/9kcEG7FmpLaWA1qRpfTb8XZ6j/J0YrWAzyyCmLiQJRmhDDipi7PqAJBz6
-9aau5Lhfs4OYoKxgiw7WxOJldFo=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201 b/id/server/doc/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201
deleted file mode 100644
index 592c96230..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710 b/id/server/doc/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710
deleted file mode 100644
index a7948e488..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/032F2123890A879585CE96674CA4C37B55986729/E1201A308CC10323C27D9084B048996E44B8F710 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08 b/id/server/doc/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08
deleted file mode 100644
index 73434134e..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/04462EF01783744F9F4CDE3705FD86D488697C9F/D44EED7580C7792242D73E267A89C7DB25E4BD08 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7 b/id/server/doc/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7
deleted file mode 100644
index 8c434777e..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/083E1A0528C48475951A6610360D813E2713DCC7/7E691392F741B7E4B4AA9A76D75851BDE18BE5A7 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726 b/id/server/doc/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726
deleted file mode 100644
index 3af27c013..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/0889EBEC55D9E34E782E6D3C250840EB932EEA2F/9CD9ADF04626E7E8C9A1C8DACE3B0B8A2979C726 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9 b/id/server/doc/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9
deleted file mode 100644
index cac44093a..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630 b/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630
deleted file mode 100644
index 29d93550e..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/0F843FB1E0C626540BE638B79A2987E2611CE630 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F b/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F
deleted file mode 100644
index 2a88295a7..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/69F21C82DC9A7A940ACEC414593E59C9E61E522F and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35 b/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35
deleted file mode 100644
index 84a1690d2..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/0AF04E7099C9829BD1F8437362BA0036E0705C4D/FC72939DC06EDDF8C51549ECF00AC92BF2B39F35 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D b/id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D
deleted file mode 100644
index 3250c6adc..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/341F53B3B17518213B1856BFAB3CEFBE948AFC0D and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB b/id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB
deleted file mode 100644
index 3848a2b82..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/0BF5B0C4B029051D91A83EE9CCD0266A52D867A6/3A24040C01D5C9A4980575BFF99A25E534A056CB and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A b/id/server/doc/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A
deleted file mode 100644
index 04c6ea363..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/0FE419AB943E7E5C6A7190CC6BBE8E3F914C658A/FB356CEF4406D1F135E3FC59026B338D3F518F9A and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330 b/id/server/doc/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330
deleted file mode 100644
index 32893db7f..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214 b/id/server/doc/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214
deleted file mode 100644
index fd23a38d6..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/10F17BDACD8DEAA1E8F23FBEAE7B3EC3D9773D1D/E7340D1FB627D8917A9C0D23F21515C441BF1214 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D b/id/server/doc/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D
deleted file mode 100644
index 1a3106742..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/125E4AC6B38C1E0BF34BF7D927CBB947E35141E8/2CA36B76BC6CCDC29296111A4EFCAFC0553BBC7D and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958 b/id/server/doc/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958
deleted file mode 100644
index a5e651f86..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/15A052B0DC4E0333656264E2FEEBE45B1BE449BF/386C1663C6390BC288DC171522439210AF361958 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2 b/id/server/doc/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2
deleted file mode 100644
index 28cb48bb0..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/1607988A938D3D339F40AFB567384BC5B7540935/9FDCFE5A082FD69BF5D9E73C25FBE9EA1AC0ACF2 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6 b/id/server/doc/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6
deleted file mode 100644
index bdfcb7ab1..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/1A283D1183DB82A548427B4F19E99E7A8EA728D7/49969819654C230ECDF779ABB9629A211FCC43D6 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7 b/id/server/doc/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7
deleted file mode 100644
index eaac3518b..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/1BF3C1D2767F5C333AD5531531FEE3A712935B73/D0AF386E182F00983637F97C0A5F4708F9F641A7 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C b/id/server/doc/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C
deleted file mode 100644
index 4dd2c49bf..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/20DD04B052D2D364E5FF851A3FD314F0FD91253E/6814C7316CEA7191C9CB3BE58199B4A957210D9C and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E b/id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E
deleted file mode 100644
index 39e377edf..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/5F06F65C714047E3B282AEC427C35AB703E49D8E and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208 b/id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208
deleted file mode 100644
index 0a1fcff85..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/20EF2EC4E04DF4D51A8F10DFE4249C0024C7A28C/D45360060761812D33DE294EAC1573F6DE12A208 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732 b/id/server/doc/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732
deleted file mode 100644
index 13abede5c..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/22973CFC20EA68162A0B2E837D45FB8266ACDBCF/C529469053D9F95810A8F7F2DB9A6596A7655732 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 b/id/server/doc/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2
deleted file mode 100644
index 33e776369..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941 b/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941
deleted file mode 100644
index d2e7db667..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/1C43C0BA36CC8DE659180B2FAC9A6F54430D5941 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5 b/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5
deleted file mode 100644
index f2f1c6562..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/AC36A78C66FEC87CC0FD2C32B49214C65676E0C5 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0 b/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0
deleted file mode 100644
index 476a3efb2..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/C92238A7178A6C61F8BACA22D6CF7E50772BA9F0 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233 b/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233
deleted file mode 100644
index 5c88b668a..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/23A16796B3D718035F1E0DB209A42938767631DA/DFAE695342AC81A521025904406884399822B233 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F b/id/server/doc/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F
deleted file mode 100644
index 4d1852203..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/2962CDAADFA0BF8EE53B80870C53E551A43EA72A/12B06E039F1A36D8238AFC508009E1ADF88BF66F and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38 b/id/server/doc/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38
deleted file mode 100644
index 69a8e4872..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/2C976220B378E08DF5E68CBC54C05CE41224FD29/0CC37CC35E18F9909E43E4E9894D0CDF06EE9A38 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D b/id/server/doc/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D
deleted file mode 100644
index 807fa786c..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/2F5DA022AAFF668F34C35A80049D690F3CFE3040/D62327E6B19B7968A8BE6588DEAB0BC0DB684D8D and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03 b/id/server/doc/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03
deleted file mode 100644
index 376d0753f..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317 b/id/server/doc/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317
deleted file mode 100644
index 73553b996..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27 b/id/server/doc/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27
deleted file mode 100644
index 5171276f4..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517 b/id/server/doc/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517
deleted file mode 100644
index f8a8957ac..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/337F895A0435AA7E2629C5282B5A0DBBE19EE1C7/75F792DE2CF544007F470F1B924961C2BD2EF517 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82 b/id/server/doc/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82
deleted file mode 100644
index 167c36411..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/349CA7B279F4EF3C085B1E8D08AA5DE3EC586188/08BBE8E906397158FA4BF4058BBBDB5EA11BAE82 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E b/id/server/doc/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E
deleted file mode 100644
index ed5ba194c..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/3868959083AA986194E58E73798BCD724D785A0E/66AB66128A44574873E54E6584E450C4EB3B9A1E and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA b/id/server/doc/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA
deleted file mode 100644
index 836ba3767..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/3A095C38EB5D5824FE61BE43F9CDF6515DC94805/65698A39E03FF00FD552D4AD99FB290C2B9D4BEA and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299 b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299
deleted file mode 100644
index 8d33015f9..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/04CF0318BA0B54DD76E1DE143445210BDD32E299 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F
deleted file mode 100644
index 69de75609..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/0F5A0342F5CD448799C3C6D178607E3F2B5BCB8F and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE
deleted file mode 100644
index efa28178e..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733 b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733
deleted file mode 100644
index 289fc2198..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/9E0512DD61DA5949D1D8631C3F19D75F496C3733 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6 b/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6
deleted file mode 100644
index b7d4b08a6..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/3B2F8C424AA88CA305C519FDEFCF29DDB7E96AE2/E6E6FC88719177C9B7421825757C5E47BCAC85F6 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E b/id/server/doc/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E
deleted file mode 100644
index b2beddaa5..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/3B76D7A5CE7EC6022D7990CFEA534C908717DF54/C0C699EFE6E837CB5E4CFC3A61077617A22C1A9E and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B b/id/server/doc/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B
deleted file mode 100644
index 414123ece..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/3C025917C3C938FEB856E5440D28E4A568C311DC/A2F138CD16AD04BC3F145E3780BFA169BFDA263B and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9 b/id/server/doc/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9
deleted file mode 100644
index 54893c9d6..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/3C627C9D89A5BFB5E4E385982DF33B7E7F6E8D2D/C5AC86EC5B771BEBDF8B6E040F109A1186E229B9 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C b/id/server/doc/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C
deleted file mode 100644
index 8588ce58a..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/3C7CE93947421CB66603DC7DBAB0F04C4788382F/23E594945195F2414803B4D564D2A3A3F5D88B8C and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A b/id/server/doc/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A
deleted file mode 100644
index 141b05ef4..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/405D86C9D39B1061885678ED90780A0F04A76327/6F61A0C50B4E6ED821F032A4DF3DA7DDDFD2FE6A and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4 b/id/server/doc/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4
deleted file mode 100644
index 6e17b9db5..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/4224231A54F64581FBA2AB6ED82ADE467F144BDC/65EF37033859C2F709A64086D3A5BD1B8F1A85A4 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3 b/id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3
deleted file mode 100644
index 33e1ee94b..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/07298E24461954E4696D2ED9FFB7D52B57F325B3 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15 b/id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15
deleted file mode 100644
index 694e6828b..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/427765A998398EE1B138ABDBA20313DC4A3738A0/B630DB0DB940BCE72B2E09868B4CA0A92BBC1D15 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26 b/id/server/doc/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26
deleted file mode 100644
index 55707d69f..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/45E2F3F807C6EAB9EDC1B3250F7558CA12A063DE/3A77E9B577661D99F9BBA5A352B29C7FF58A3D26 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E b/id/server/doc/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E
deleted file mode 100644
index 3be7b6a06..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA b/id/server/doc/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA
deleted file mode 100644
index 4e18de8d7..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/487F4DEE9E63DADEB4CAAB07E0E166ACC9F584B6/9891BBEA9FDA665EEEC31C403A00A5CA5628D0FA and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE b/id/server/doc/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE
deleted file mode 100644
index c4d97cda3..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/4C7CAA9FE9C08078541DA31B76FF0951E73480FF/C23FC1895966021249B35412C0C8C56D107732DE and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4 b/id/server/doc/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4
deleted file mode 100644
index 9b2ee0fc6..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/52B42552A440A54C21A39D46D7F176AF28BEB5AA/51AC8CFF36818AA25498A293DF48EBCFFFF6D0B4 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5 b/id/server/doc/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5
deleted file mode 100644
index b2a1e145f..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/53CF955B19387A437659158BC050B7BC4B238132/F5F2456D79490C268569970E900C68FD1C7DC8E5 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F b/id/server/doc/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F
deleted file mode 100644
index 5dd9558d0..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/550E9627E9094A2D1BB6385821334D02122BCF26/B7BCA7BC3C41FD0DC835175486FAB3FB4626EC0F and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526 b/id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526
deleted file mode 100644
index da38ce028..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/620127A8E5886A4805403977C3EF7D5EAF881526 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830 b/id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830
deleted file mode 100644
index 7e9fd5b0b..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/562428A359B1CC3A820ABCC9C8F625CBB6A6A510/FCD9E881BCCCB9352EEF337C8D4EAAD65C4EC830 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9 b/id/server/doc/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9
deleted file mode 100644
index 640918641..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/5650A465FD3B5EF83639E11F324A2A0EA98AF935/4B5B0C2A0BF944CD467A6140F8C782E2BE9D15F9 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B b/id/server/doc/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B
deleted file mode 100644
index b15880c29..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/58090A698038FEDAD56B4B976F23C29950D1D5A5/6BDA1FF41EEBC5DA66912F3C69B60C2A41C6E25B and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1 b/id/server/doc/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1
deleted file mode 100644
index 6da18c620..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/59484253C7D4C5BEAB7D2BABFAC13DDD1CA53FCC/341EA32E448659125A67DD04177FD17468FCFCB1 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20 b/id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20
deleted file mode 100644
index 8b501d747..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/069519EC949AC6B91D4C33A3F3665441F0220D20 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D b/id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D
deleted file mode 100644
index b4b128903..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/5E043AA9A832C33C7065B7633F4C007E0394BA19/2F5EBA5055E9F7444852ADCEEB769E5DE157A03D and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD b/id/server/doc/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD
deleted file mode 100644
index c19647ad8..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/60EF765436B4F314F2285BE2D89A511073AC0D58/334710B9169BCD20687A6302EEB16AEB97F288CD and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9 b/id/server/doc/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9
deleted file mode 100644
index 39f88d881..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/6144BFC0CBE85C63DEFB6F208D80385B89F68046/D031945D982820B92FADBC7F71F6D1D9DFFDA2C9 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C b/id/server/doc/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C
deleted file mode 100644
index 277b6083a..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A b/id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A
deleted file mode 100644
index ad13d7b28..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B b/id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B
deleted file mode 100644
index d361d919f..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0 b/id/server/doc/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0
deleted file mode 100644
index 89cfe44fd..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/6F86F897C45679B45F03C67D44B6447EFF43B758/53CB69CF933C2D28FB9DF91F2852A99EC3352EA0 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C b/id/server/doc/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C
deleted file mode 100644
index cc8b505ec..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/728C819D737EE42627F96F839C33BB6E68E85F68/00845B74CA13FE0A9056E6C0B5126FECF73B0D8C and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E b/id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E
deleted file mode 100644
index c9da41583..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/474BC41135FB88BF58B5A8D976A1D5583378D85E and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01 b/id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01
deleted file mode 100644
index 28fbdf42f..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/738B34854780955AE8FAF12349F2C9C52105A52C/6B618820CE6A5EC0B5E63A9170335E5EA9F3BA01 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878 b/id/server/doc/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878
deleted file mode 100644
index 424f849a1..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/76011AE57123CC4E476C094C48C461DC37A0DEDD/FDC348410699803DE7D8276813BC2232EA99A878 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C b/id/server/doc/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C
deleted file mode 100644
index 4989f3e73..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/7A9DC855647136050A8D75D6571AC64739F36C6C/BF648929E7DAABD8D97B3202F48D6C4A19C78F6C and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 b/id/server/doc/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22
deleted file mode 100644
index a699436ca..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B b/id/server/doc/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B
deleted file mode 100644
index 06b40aa67..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/88D9F0C0EBB72C58516EC96AEED397FA86B40E39/6DCD5118D1542E6C205C580775C5420B7509506B and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB b/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB
deleted file mode 100644
index 6f97837a2..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/3B8484BF1370941BF03F206B5C4958DA4E1559BB and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980 b/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980
deleted file mode 100644
index d7799119f..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/6DD653FB8FE2614249924274043E834664EBE980 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B b/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B
deleted file mode 100644
index 508f7f076..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/C0EF3E7A54B4C501295F77974B1995E36B25C92B and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B b/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B
deleted file mode 100644
index c0feb0d0e..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/8B23D64DBA1572885563DF070BE9C22A39A3BD26/D29172D3F501A2D7A47F702633044F519A3A5F0B and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE b/id/server/doc/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE
deleted file mode 100644
index a0e3fdda1..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/8FDB1CB752D82C88C89F9E9DA7AD2F54C6FA6F3B/842B3870A64001CDD90978D0E554DAF94D9ABDFE and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6 b/id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6
deleted file mode 100644
index 36a442b89..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E b/id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E
deleted file mode 100644
index 54f809962..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400 b/id/server/doc/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400
deleted file mode 100644
index 6c0216239..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/91C4DD783D6D38F0325FE74930BF61F656364EA9/53A6B611F8CEE0315BCCE5D59898931ED390E400 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22 b/id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22
deleted file mode 100644
index 7c6adedf5..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/A149EE01A250491C07D5A279D3B58A646288DA22 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169 b/id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169
deleted file mode 100644
index 70f5b7c91..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/92E5C38466AECA677325C25C3C3011C97D24CCF6/AD8ECBB67B9DC59406F92A296A38192297A4F169 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913 b/id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913
deleted file mode 100644
index f3cf5e676..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/45B43346251FDF9E95DCB7F36928785D46D63913 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC b/id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC
deleted file mode 100644
index fc5bd433b..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/96107213A757FFB88DECEE469373162636D7146C/E33619C88426E4FE956041E6751ADDEC9C10F0BC and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F b/id/server/doc/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F
deleted file mode 100644
index 3beb4529a..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/975729FFAF7EB667BCF68E9B886EA876E44F46D0/35202B14F69409EAA51CD8AB547AC0CD5E993F3F and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA b/id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA
deleted file mode 100644
index 8ddc7d79b..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/41E3FCC9470F8634DBCB5CEA7FB688E04E7575BA and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799 b/id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799
deleted file mode 100644
index c9fd41f7f..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/9C5C7CD895AABBFF23E79907A97FB2D68423CA8E/79B21E2743A879AFF5403ECEA09EAC2084EF4799 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6 b/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6
deleted file mode 100644
index 781d1e4f2..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/3F4E01DF7547CDD38DCCFCCD76170C299ECEB9F6 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B b/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B
deleted file mode 100644
index 8286cabbc..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/9D4CB7E3DBF24AE596972D59C375DD6384BB5E8B and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B b/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B
deleted file mode 100644
index a0148f63b..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/9D3E6FACCD6AF894CDD2B91D1B9E3C2E310EAB93/A562C4B99E2847251CB4A1F05DA1FF43E7296F0B and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C b/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C
deleted file mode 100644
index 61d346a8f..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9039DBD29DB8AD0F8E2015F05FCD40582CCCBE8C and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926 b/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926
deleted file mode 100644
index 9ae7ffa0c..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/9F0E0FBB25F66FF88C8E033EFF358923C84A2926 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623 b/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623
deleted file mode 100644
index a68ae2db7..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/9F5A9B8D0F919C96B9472442BFBBDD34232A627D/C87D1855227D995C332C4C9072A2E2053F2CC623 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B b/id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B
deleted file mode 100644
index f1d7b6a28..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/42AD1897A4643D2AA634D980F16349E6694F3B1B and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD b/id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD
deleted file mode 100644
index c1b90c0f4..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A07E912CAA2AB620034B05353E7D4B91807880ED/FE7891B6ED7B178F528A28B21478299F865889BD and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B b/id/server/doc/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B
deleted file mode 100644
index e27a87038..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A15B5DBE14A19CF859F48E2DA2A29A4C3DB4D680/3AC12E21FFF9ACAB2BCFF52BBD885FB7AAC9A02B and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE b/id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE
deleted file mode 100644
index cc35ba691..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/8784ED81F5A22779EB0B081945FD151992557FBE and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B b/id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B
deleted file mode 100644
index 783dd271a..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A24C49B7F1B637E7F72C12CAB35910EC8EF1C6CF/88583DB03975127CB488CA7DDE303A1646CEA97B and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8 b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8
deleted file mode 100644
index 41dc7c553..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/0C30A6F2950EFEFBAB5964DA9E0EED7C9DB115D8 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F
deleted file mode 100644
index b596d82e3..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/20CAECDCA766243AAD6FA1327618FC81BA65DC0F and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D
deleted file mode 100644
index 4adc3b7ec..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/96D5D179016A5A6546973BA63733617EE1F1540D and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687 b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687
deleted file mode 100644
index 1e4f22777..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/CF236CF66379EA506F967D21F0E25E87529D9687 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76 b/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76
deleted file mode 100644
index fe561ad6a..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A4B140FBD4D5EA2AC3A570299945D8FCBBAD2231/FDD40A10FB9BE9DEB5B8AE76CC0184930EF8BB76 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889 b/id/server/doc/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889
deleted file mode 100644
index 3754de603..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A7437C35301BDB5349F320B62231615028F397F8/266FCA0265A576548425BDAE15448665EE8BB889 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A b/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A
deleted file mode 100644
index 3c7775b6e..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A b/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A
deleted file mode 100644
index b6f39e354..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515 b/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515
deleted file mode 100644
index f9fef65fc..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92 b/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92
deleted file mode 100644
index f9f27442b..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419 b/id/server/doc/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419
deleted file mode 100644
index 10a1f7141..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/AAB27F0E98B28AF253454415F6490CB5F43A4B49/A9D28607928FA8615E2615CC9D71B535C5D0D419 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374 b/id/server/doc/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374
deleted file mode 100644
index 61a7ccb15..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914 b/id/server/doc/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914
deleted file mode 100644
index 911640d0e..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB b/id/server/doc/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB
deleted file mode 100644
index a95605e5a..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/B1A1ACC805C656EF257C5115509B977964591D7E/8944AF64790FA467C02424CB22523A068C3B72DB and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85 b/id/server/doc/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85
deleted file mode 100644
index a365a465b..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/B293710691F553804016FCEC3428ABA1CB11ADF7/36B41A8B411985ED1032DBD85A154207164A9B85 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305 b/id/server/doc/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305
deleted file mode 100644
index ea3512e3d..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/B310CEED301C503EDB15720F94D5D7E76BF423DA/AA94FD422AEB8F5B6E8508314CE0DC68BCD53305 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331 b/id/server/doc/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331
deleted file mode 100644
index 46dd968f0..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/B3EB7B59ECFF1E25E16C64BB24993D1B20DCFC28/07A6DEED70213CCF598F278789680DA4C04A0331 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200 b/id/server/doc/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200
deleted file mode 100644
index 05a8b86f9..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/B749506C821467F7D6F4E8943D07DDED771A7B47/A5A00B223EF24AED92D03F652CFE367CA9D1B200 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7 b/id/server/doc/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7
deleted file mode 100644
index 815f53d95..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/B9041947DCD9B7E2B82D72D6A0FF1FBC4B213DC0/BD78039E45BA4E4B13ADECC58124520ACE83B6A7 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2 b/id/server/doc/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2
deleted file mode 100644
index 63ba5cce5..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/BAA9ADD095E87E0B490B6DD933AA2F450C6B9492/7A430B6E3592BEEDFAA0DD5DD6262C27EB8D26D2 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D b/id/server/doc/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D
deleted file mode 100644
index 0bab77032..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/BE47A5DA41A35F740D98305DA8FF4096B71492BE/D1474E7D99512D05B98DD37B3FE86496A03D088D and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100 b/id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100
deleted file mode 100644
index 882753986..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/9766A5ED03482991DA91BB763ECDCD9417394100 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A b/id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A
deleted file mode 100644
index f28aa4b8e..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/BE77EF0A6C18C4B70D3B516426B559A2C1969460/BB97947C31BBF3364A2909F9876DBD3B87B5B62A and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44 b/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44
deleted file mode 100644
index 08d7b28e2..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/60B7181FD8BCA00B84961BF31DB08C50376CCF44 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE b/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE
deleted file mode 100644
index e47d2b8ba..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/74801529B4E8E5764FFC4D8E6577E1F84E8101CE and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA b/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA
deleted file mode 100644
index 5168e1af0..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/7B7B60B748C82B34EE71A3CEA729C477083F0BDA and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D b/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D
deleted file mode 100644
index c5bcc42e2..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/BEBA5B735BCC34BDB0D778DAA1E669AEF999FCAB/EBB80BE34C78814AE659BBA3A2394E4D9857123D and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04 b/id/server/doc/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04
deleted file mode 100644
index 0a8de4bb9..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/BED4C70D83B5042F4254459064FDEACD43DD1EDF/7BE0C8E441786C69A3CB35BDBEF235F8B5310E04 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA b/id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA
deleted file mode 100644
index ab9e0cd7d..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8 b/id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8
deleted file mode 100644
index 01965769d..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE b/id/server/doc/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE
deleted file mode 100644
index 6428b8256..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/C15FFFE6EFAD484909C9EFC6CD5C20435E326685/DDBAE68B1FF60FFBB2854C78727B76C95EC83BBE and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA b/id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA
deleted file mode 100644
index bc5ed1e62..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/844FDEEE3C847F4BD5153E822803C1A2C1B6E7BA and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B b/id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B
deleted file mode 100644
index cb519b7eb..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/C20C15B6163E675959D273D502F0D80718326C55/B38C775A18C1195D01658D75FBDA3258B6DF018B and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240 b/id/server/doc/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240
deleted file mode 100644
index f11bd6247..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/C2A7CAE9E68EB7945828D193CB22CDD246BC7F95/6955D95F6B0799F7D96F4FC28E6E6C64758C1240 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C b/id/server/doc/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C
deleted file mode 100644
index 348257122..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/C52E4A04A22D98C70E19F1969AD71C838E4371B3/F96FE4F59166EFA9000B21A16EF22CF14468890C and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E b/id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E
deleted file mode 100644
index b9fe1280c..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/7D0C7B977ACEA63D51EE34B00BC3C1DBF318B92E and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03 b/id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03
deleted file mode 100644
index ea1585a6e..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/C6673943153C8BE9F977A89A00ED84B432074576/A79681CBDD69EC741214136F128923A574E26F03 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED b/id/server/doc/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED
deleted file mode 100644
index a3f8a7409..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/C7E1D3604D2A960201D70F29B8A80EDA11475EEB/C18ECC8FD712ACAFBEAEDC1FA13F5AB19930E3ED and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA b/id/server/doc/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA
deleted file mode 100644
index 3c1f2f8a2..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/C976280EC7FECF169577E31D8CA0BB00967904B1/7666A8BD2C2513DE489C06D08D566F177ECE84AA and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3 b/id/server/doc/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3
deleted file mode 100644
index 5026d395f..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/CABD2EA6CA438084840DCCAE875F341E2D3A2C43/02A0E6456442E35198532ACFFB6FEE3B606D9FA3 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29 b/id/server/doc/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29
deleted file mode 100644
index afe6fdf09..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A b/id/server/doc/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A
deleted file mode 100644
index f6df0f4fd..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/CD2D87A57D1568A515128BE9DA8B3CAE7AC007A4/C6658C25AFB8A9D738F2BC591775D167549FFD3A and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F b/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F
deleted file mode 100644
index c34d0f380..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/8AB0A3519AFA7F3C04074522678BAA1CB3DC734F and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3 b/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3
deleted file mode 100644
index d894e92ca..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/DF47B3040E7632614464BD2EC4ECD1B8030F53E3 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D b/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D
deleted file mode 100644
index 380486f65..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/CE91CC7CF2DDDEE6623A1A91B3298DCAD2375F2B/E117479B4A41D7F3223FCAE50560B0D57B22217D and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1 b/id/server/doc/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1
deleted file mode 100644
index 22d64fb5f..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/D4D40BD33958CD9169A7AB6304AA2BBAD22DC595/07976A2A16EC182670161B46886B05E1FEAC16B1 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C b/id/server/doc/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C
deleted file mode 100644
index 42a64da07..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/D708C897515970D33EF7CD0C2474449D3AB6AA83/52ED0FAFBD38A868C678174D7EB03D266ADB221C and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3 b/id/server/doc/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3
deleted file mode 100644
index 010c5d5b6..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/DD29E76659D18371B78E61E7DF4D4B8FEDCAF8E7/8BA5C0847597612C7E16970EAE55EF58D32E9CF3 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA
deleted file mode 100644
index d53dce92b..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/18585FC53A283488E4BA84867980E9B1F2B28ADA and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE
deleted file mode 100644
index 5375c57c3..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/27337257493B86B9BFF78D569F938D692A430EAE and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344 b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344
deleted file mode 100644
index 7085c5ac9..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/4832F0A28C3724A92F6CB3314F747D0E74FC7344 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683 b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683
deleted file mode 100644
index 97dc187db..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/6352302A5072DBFB769D4FF4C70C86432C4C1683 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65 b/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65
deleted file mode 100644
index ad5d7dea1..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/DF5F53FDADAFC93F4789141B5A7627EB9F3BD29F/EE886B907E31667D622677F665F25C54AF9A7F65 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6 b/id/server/doc/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6
deleted file mode 100644
index ebfbce9a0..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18 b/id/server/doc/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18
deleted file mode 100644
index 6225c0ca7..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/E6A4C843059A6043B4DC967F9EF892B695990777/B4B77C83465979E3679E3A33F972F48EE3730A18 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C b/id/server/doc/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C
deleted file mode 100644
index a3aa0000d..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/EA7E6D37E678C1BCA5060F97DAF09F559DFD04B7/3AAD23B00CA10E54E6368DF7952E3F4B5108B65C and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267 b/id/server/doc/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267
deleted file mode 100644
index 332aa817a..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/EEE6351C5C6EBD8644AB88E7648D44FA07C72A80/14E59C02A6877B0EBD2C4203886BA25959C1D267 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703 b/id/server/doc/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703
deleted file mode 100644
index 069640ffc..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/F1B84756A1EAB09C171B2783DD163B42A9BD0BBB/ED5608CE67EA5CB79AC024CEA7445F9BCBE48703 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE b/id/server/doc/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE
deleted file mode 100644
index c3fc91352..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/F3DA7C495789E656FA27E611CCAFA05F232ADEA0/F3AE9FEA4DECEE5330770A2520BD86909929E7BE and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC b/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC
deleted file mode 100644
index 87d8b52d4..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/16D8270DE51B034E77B7CDAF1DEE623916243DDC and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239 b/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239
deleted file mode 100644
index 91acd396a..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/3D3F25C5CD9F932037D91B7D102EDB58EC7C8239 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A b/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A
deleted file mode 100644
index b5f5fa6ca..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/40B51EEF4E709FBD47935DDD83A1F640D0CC378A and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537 b/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537
deleted file mode 100644
index abeb964dd..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/F4834A83B4ED558A1E349821898B6DE4353516F1/D4E1786D8B8B57B22C81D0F0FCE18EA818DA0537 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25 b/id/server/doc/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25
deleted file mode 100644
index 83aeb1fce..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/F48B57F89BACD8687EBB12223A5B8E5EF3774583/CAF84A42305615AC2C582F6412BDA3E36DAC3D25 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696 b/id/server/doc/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696
deleted file mode 100644
index 5631441a9..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/F613568C1D7A1300B32609998288211959DBDFB0/D7EDAF7381F7FC93B4C28FA372190D7A59CFA696 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C b/id/server/doc/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C
deleted file mode 100644
index 585047fa2..000000000
Binary files a/id/server/doc/conf/moa-id/certs/certstore/F7D331850EC13D22284909E0FC3493A65FFA7F30/EC988340526163D5B7AC80481B2AC76828EDDC6C and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/htmlTemplates/loginFormFull.html b/id/server/doc/conf/moa-id/htmlTemplates/loginFormFull.html
deleted file mode 100644
index ef070b8eb..000000000
--- a/id/server/doc/conf/moa-id/htmlTemplates/loginFormFull.html
+++ /dev/null
@@ -1,846 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
-
-   <!-- MOA-ID 2.x BKUSelection Layout CSS -->               
-    <style type="text/css">
-			@media screen and (min-width: 650px) {
-			
-				body {
-					margin:0;
-					padding:0;
-					color : #000;
-					background-color : #fff;
-			  	text-align: center;
-			  	background-color: #6B7B8B;
-				}
-				
-        #localBKU p {
-          font-size: 0.7em;
-        } 
-        
-        #localBKU input{
-          font-size: 0.7em;
-          /*border-radius: 5px;*/
-        }
-        
-         #bkuselectionarea input[type=button] {
-          font-size: 0.85em;
-          /*border-radius: 7px;*/
-          margin-bottom: 25px;
-          min-width: 80px;
-         }
-        
-        #mandateLogin {
-          font-size: 0.85em;
-        }
-        
-        #bku_header h2 {
-          font-size: 0.8em;
-        } 
-        
-        
-			  #page {
-			    display: block;
-			    border: 2px solid rgb(0,0,0);
-			    width: 650px;
-			    height: 460px;
-			    margin: 0 auto;
-			    margin-top: 5%;
-			    position: relative;
-			    border-radius: 25px;
-			    background: rgb(255,255,255);
-			  }
-			  
-			  #page1 {
-			    text-align: center;
-			  }
-			  
-			  #main {
-			    /*	clear:both; */
-				  position:relative;
-			    margin: 0 auto;
-			    width: 250px;
-			    text-align: center;
-			  }
-			  
-			  .OA_header {
-			/*	  background-color: white;*/
-			    font-size: 20pt;
-			    margin-bottom: 25px;
-			    margin-top: 25px;
-			  }
-			
-			  #leftcontent {
-			    /*float:left; */
-				  width:250px;
-				  margin-bottom: 25px;
-			    text-align: left;
-			    border: 1px solid rgb(0,0,0);
-			  }
-			  			  
-			  #selectArea {
-				 font-size: 15px;
-				 padding-bottom: 65px;
-			  }
-			
-			  #leftcontent {
-				 width: 300px;
-				 margin-top: 30px;
-			  }
-			
-        #bku_header {
-          height: 5%;
-          padding-bottom: 3px;
-          padding-top: 3px;
-        }
-      
-        #bkulogin {
-				  overflow:hidden;	
-          min-width: 190px;
-          min-height: 180px;
-          /*height: 260px;*/	
-			  }
-      
-        h2#tabheader{
-				  font-size: 1.1em; 
-          padding-left: 2%;
-          padding-right: 2%;
-          position: relative;
-			  }
-      	
-        #stork h2 {
-          font-size: 1.0em;
-          margin-bottom: 2%;
-        }
-        		  
-			  .setAssertionButton_full {
-			  	background: #efefef;
-				  cursor: pointer;
-				  margin-top: 15px;
-			    width: 100px;
-			    height: 30px
-			  }
-			
-			  #leftbutton  {
-				 width: 30%; 
-				 float:left; 
-				 margin-left: 40px;
-			  }
-			
-			  #rightbutton {
-				 width: 30%; 
-				 float:right; 
-				 margin-right: 45px; 
-				 text-align: right;
-			  }
-        
-        button {
-          height: 25px;
-          width: 75px;
-          margin-bottom: 10px;
-        }
-        
-       #validation {
-        position: absolute;
-        bottom: 0px;
-        margin-left: 270px;
-        padding-bottom: 10px;
-      }
-			
-			}
-
-      @media screen and (max-width: 205px) {
-        #localBKU p {
-          font-size: 0.6em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.6em;
-          min-width: 60px;
-         /* max-width: 65px; */
-          min-height: 1.0em;
-         /* border-radius: 5px; */
-        }
-        
-        #bkuselectionarea input[type=button] {
-          font-size: 0.7em;
-          min-width: 55px;
-          /*min-height: 1.1em;
-          border-radius: 5px;*/
-          margin-bottom: 2%
-        }
-        
-        #mandateLogin {
-          font-size: 0.65em;
-        }
-        
-        #bku_header h2 {
-          font-size: 0.8em;
-          margin-top: -0.4em;
-          padding-top: 0.4em;
-        }
-        
-        #bkulogin {
-        min-height: 150px;
-        } 
-      }
-
-      @media screen and (max-width: 249px) and (min-width: 206px) {
-        #localBKU p {
-          font-size: 0.7em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.7em;
-          min-width: 70px;
-       /*    max-width: 75px;    */
-          min-height: 0.95em;
-        /*  border-radius: 6px;    */
-        }
-        
-        #bkuselectionarea input[type=button] {
-          font-size: 0.75em;
-          min-width: 60px;
-      /*    min-height: 0.95em;
-          border-radius: 6px;    */
-          margin-bottom: 5%
-        }
-        
-        #mandateLogin {
-          font-size: 0.75em;
-        }
-        
-        #bku_header h2 {
-          font-size: 0.9em;
-          margin-top: -0.45em;
-          padding-top: 0.45em;
-        }
-        
-        #bkulogin {
-          min-height: 180px;
-        }  
-      }
-
-      @media screen and (max-width: 299px) and (min-width: 250px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.8em;
-          min-width: 70px;
-       /*    max-width: 75px;      */
-      /*    border-radius: 6px;  */
-        }
-        
-        #bkuselectionarea input[type=button] {
-          font-size: 0.85em;
-     /*     min-height: 1.05em;
-          border-radius: 7px;        */
-          margin-bottom: 10%;
-        }
-        
-        #mandateLogin {
-          font-size: 1em;
-        }
-        
-        #bku_header h2 {
-          font-size: 1.0em;
-          margin-top: -0.50em;
-          padding-top: 0.50em;
-        } 
-      }
-
-      @media screen and (max-width: 399px) and (min-width: 300px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.8em;
-          min-width: 70px;
-      /*     max-width: 75px;     */
-      /*    border-radius: 6px;       */
-        }
-        
-        #bkuselectionarea input[type=button] {
-          font-size: 0.9em;
-   /*       min-height: 1.2em;
-          border-radius: 8px;          */
-          margin-bottom: 10%;
-          max-width: 80px;
-        }
-        
-        #mandateLogin {
-          font-size: 1em;
-        }
-        
-        #bku_header h2 {
-          font-size: 1.1em;
-          margin-top: -0.55em;
-          padding-top: 0.55em;
-        } 
-      }
-      
-      @media screen and (max-width: 649px) and (min-width: 400px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.8em;
-          min-width: 70px;
-      /*     max-width: 80px;       */
-     /*     border-radius: 6px;          */
-        }
-        
-        #bkuselectionarea input[type=button] {
-          font-size: 1.0em;
-     /*      min-height: 1.3em;
-         border-radius: 10px;         */
-          margin-bottom: 10%;
-          max-width: 85px;
-        }
-        
-        #mandateLogin {
-          font-size: 1.2em;
-        }
-        
-        #bku_header h2 {
-          font-size: 1.3em;
-          margin-top: -0.65em;
-          padding-top: 0.65em;
-        } 
-      }
-
-
-			
-			@media screen and (max-width: 649px) {
-				
-        body {
-					margin:0;
-					padding:0;
-					color : #000;
-			  	text-align: center;
-          font-size: 100%;
-			  	background-color: #MAIN_BACKGOUNDCOLOR#;
-				}
-        				
-			  #page {
-			     visibility: hidden;
-			     margin-top: 0%;
-			  }
-			  
-			  #page1 {
-			    visibility: hidden;
-			  }
-			  
-			  #main {
-			    visibility: hidden;
-			  }
-        
-        #validation {
-          visibility: hidden;
-          display: none;
-        }
-			  
-			  .OA_header {
-			    margin-bottom: 0px;
-			    margin-top: 0px;
-			    font-size: 0pt;
-			    visibility: hidden;
-			  }
-			
-			  #leftcontent {
-			    visibility: visible;
-			    margin-bottom: 0px;
-			    text-align: left;
-			    border:none;
-          vertical-align: middle;
-          min-height: 173px;
-          min-width: 204px;
-          
-			  }
-			  
-        #bku_header {
-          height: 10%;
-          min-height: 1.2em;
-          margin-top: 1%;
-        }
-        
-        h2#tabheader{
-          padding-left: 2%;
-          padding-right: 2%;
-          position: relative;
-          top: 50%;
-			  }
-        
-        #stork h2 {
-          font-size: 0.9em;
-          margin-bottom: 2%;
-        }
-        
-       	#bkulogin {	
-          min-width: 190px;
-          min-height: 155px;	
-			 }
-        
-			 .setAssertionButton_full {
-			     	background: #efefef;
-				    cursor: pointer;
-				    margin-top: 15px;
-			      width: 70px;
-			      height: 25px;
-			 }
-       
-        input[type=button] {
-/*          height: 11%;  */
-          width: 70%;
-        }
-			}
-			      
-			* {
-				margin: 0;
-				padding: 0;
-        font-family: #FONTTYPE#;
-			}
-							      			
-			#selectArea {
-				padding-top: 10px;
-				padding-bottom: 55px;
-				padding-left: 10px;
-			}
-			
-			.setAssertionButton {
-				background: #efefef;
-				cursor: pointer;
-				margin-top: 15px;
-			  width: 70px;
-			  height: 25px;
-			}
-			
-			#leftbutton  {
-				width: 35%; 
-				float:left; 
-				margin-left: 15px;
-			}
-			
-			#rightbutton {
-				width: 35%; 
-				float:right; 
-				margin-right: 25px; 
-				text-align: right;
-			}
-			
-			#stork {
-			    /*margin-bottom: 10px;*/
-			   /* margin-top: 5px; */
-			}
-      			
-      #mandateLogin {
-        padding-bottom: 4%;
-        padding-top: 4%;
-        height: 10%;
-        position: relative;
-        text-align: center;
-			}
-      
-      .verticalcenter {
-        vertical-align: middle;
-      }
-      
-      #mandateLogin div {
-        clear: both;
-        margin-top: -1%;
-        position: relative;
-        top: 50%;
-      }
-      
-      #bkuselectionarea {
-          position: relative;
-          display: block;
-      }
-      
-      #localBKU {
-        padding-left: 5%;
-        padding-right: 2%;
-        padding-bottom: 4%;
-        /*padding-top: 4%;*/
-        position: relative;
-        clear: both;        
-			}
-          			
-			#bkukarte {
-				float:left;
-				text-align:center;
-				width:40%;
-        min-height: 70px;
-        padding-left: 5%;
-        padding-top: 2%;
-			}
-			
-			#bkuhandy {
-				float:right;
-				text-align:center;
-				width:40%;
-        min-height: 90px;
-        padding-right: 5%;
-        padding-top: 2%;
-			}
-			
-      .bkuimage {
-        width: 90%;
-        height: auto;
-      }
-      
-			#mandate{
-				text-align:center;
-				padding : 5px 5px 5px 5px;
-			}
-      
-/*		input[type=button], .sendButton {
-				background: #BUTTON_BACKGROUNDCOLOR#;
-        color: #BUTTON_COLOR#;
-/*				border:1px solid #000;  */
-/*				cursor: pointer;
-/*        box-shadow: 3px 3px 3px #222222;  */
-/*			}
-			
-/*      button:hover, button:focus, button:active, 
-      .sendButton:hover , .sendButton:focus, .sendButton:active,
-      #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active {
-				background: #BUTTON_BACKGROUNDCOLOR_FOCUS#;
-        color: #BUTTON_COLOR#;
-/*				border:1px solid #000;                */
-/*				cursor: pointer;
-/*        box-shadow: -1px -1px 3px #222222;  */
-/*			}
-      
-*/      
-			input {
-				/*border:1px solid #000;*/
-				cursor: pointer;
-			}
-      
-      #localBKU input {
-/*        color: #BUTTON_COLOR#;  */
-        border: 0px;
-        display: inline-block;
-        
-      }
-			
-      #localBKU input:hover, #localBKU input:focus, #localBKU input:active {
-        text-decoration: underline;
-      }
-      
-			#installJava, #BrowserNOK {
-				clear:both;
-				font-size:0.8em;
-				padding:4px;
-			}
-						
-			.selectText{
-			
-			}
-			
-			.selectTextHeader{
-			
-			}
-			
-			.sendButton {
-        width: 30%;
-        margin-bottom: 1%;	
-			}
-			
-			#leftcontent a {
-				text-decoration:none; 
-				color: #000;
-			/*	display:block;*/
-				padding:4px;	
-			}
-			
-			#leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active {
-				text-decoration:underline;
-				color: #000;	
-			}
-						
-			.infobutton {
-				background-color: #005a00;
-				color: white;
-				font-family: serif;
-				text-decoration: none;
-				padding-top: 2px;
-				padding-right: 4px;
-				padding-bottom: 2px;
-				padding-left: 4px;
-				font-weight: bold;
-			}
-			
-			.hell {
-				background-color : #MAIN_BACKGOUNDCOLOR#;
-        color: #MAIN_COLOR#;	
-			}
-			
-			.dunkel {
-				background-color: #HEADER_BACKGROUNDCOLOR#;
-        color: #HEADER_COLOR#;
-			}
-			      
-			.main_header {
-			   color: black;
-			    font-size: 32pt;
-			    position: absolute;
-			    right: 10%;
-			    top: 40px;
-				
-			}
-      			                        
-    </style>       
-<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions-->
-<script type="text/javascript">
-		function isIE() {
-			return (/MSIE (\d+\.\d+);/.test(navigator.userAgent));
-		}
-		function isFullscreen() {
-			try {
-				return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height));
-			} catch (e) {
-				return false;
-			}
-		}
-		function isActivexEnabled() {
-			var supported = null;
-			try {
-				supported = !!new ActiveXObject("htmlfile");
-			} catch (e) {
-				supported = false;
-			}
-			return supported;
-		}
-		function isMetro() {
-			if (!isIE())
-				return false;
-			return !isActivexEnabled() && isFullscreen();
-		}
-		window.onload=function() {
-			document.getElementById("localBKU").style.display="block";
-			return;
-		}
-    function bkuLocalClicked() {
-       setMandateSelection();
-    }
-    
-		function bkuOnlineClicked() {
-			if (isMetro())
-				document.getElementById("metroDetected").style.display="block";
-			document.getElementById("localBKU").style.display="block";
-/* 			if (checkMandateSSO())
-				return; */
-			
-			setMandateSelection();
-/* 			setSSOSelection(); */
-						
-			var iFrameURL = "#AUTH_URL#" + "?";
-			iFrameURL += "bkuURI=" + "#ONLINE#";
-			iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
-/* 			iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
-			iFrameURL += "&MODUL=" + "#MODUL#";
-			iFrameURL += "&ACTION=" + "#ACTION#";
-			iFrameURL += "&MOASessionID=" + "#SESSIONID#";
-			generateIFrame(iFrameURL);
-		}
-		function bkuHandyClicked() {
-			document.getElementById("localBKU").style.display="none";
-/* 			if (checkMandateSSO())
-				return; */
-			
-			setMandateSelection();
-/* 			setSSOSelection(); */
-			
-			var iFrameURL = "#AUTH_URL#" + "?";
-			iFrameURL += "bkuURI=" + "#HANDY#";
-			iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
-/* 			iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
-			iFrameURL += "&MODUL=" + "#MODUL#";
-			iFrameURL += "&ACTION=" + "#ACTION#";
-			iFrameURL += "&MOASessionID=" + "#SESSIONID#";
-			generateIFrame(iFrameURL);
-		}
-		function storkClicked() {
-			document.getElementById("localBKU").style.display="none"; 
-/* 			if (checkMandateSSO())
-				return; */
-			
-			setMandateSelection();
-/* 			setSSOSelection(); */
-			
-			var ccc = "AT";
-			var countrySelection = document.getElementById("cccSelection");
-			if (countrySelection !=  null) {
-				ccc = document.getElementById("cccSelection").value;
-			}
-			var iFrameURL = "#AUTH_URL#" + "?";
-			iFrameURL += "bkuURI=" + "#ONLINE#";
-			iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
-			iFrameURL += "&CCC=" + ccc;
-/* 			iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
-			iFrameURL += "&MODUL=" + "#MODUL#";
-			iFrameURL += "&ACTION=" + "#ACTION#";
-			iFrameURL += "&MOASessionID=" + "#SESSIONID#";
-			generateIFrame(iFrameURL);
-		}
-		function generateIFrame(iFrameURL) {
-			var el = document.getElementById("bkulogin");
-      var width = el.clientWidth;
-      var heigth = el.clientHeight - 20;
-			var parent = el.parentNode;
-            
-      iFrameURL += "&heigth=" + heigth;
-      iFrameURL += "&width=" + width;
-      
-			var iframe = document.createElement("iframe");
-			iframe.setAttribute("src", iFrameURL);
-			iframe.setAttribute("width", el.clientWidth - 1);
-			iframe.setAttribute("height", el.clientHeight - 1);
-			iframe.setAttribute("frameborder", "0");
-			iframe.setAttribute("scrolling", "no");
-			iframe.setAttribute("title", "Login");
-			parent.replaceChild(iframe, el);
-		}
-		function setMandateSelection() {
-			document.getElementById("moaidform").action = "#AUTH_URL#";
-			document.getElementById("useMandate").value = "false";
-			var checkbox = document.getElementById("mandateCheckBox");
-			if (checkbox !=  null) {
-				if (document.getElementById("mandateCheckBox").checked) {
-					document.getElementById("useMandate").value = "true";
-				}
-			}
-		}
-		function onChangeChecks() {
-      if (top.innerWidth < 650) {
-         document.getElementById("moaidform").setAttribute("target","_parent");
-      } else {
-         document.getElementById("moaidform").removeAttribute("target");
-      }
-      
-    }
-/* 		function setSSOSelection() {
-			document.getElementById("useSSO").value = "false";
-			var checkbox = document.getElementById("SSOCheckBox");
-			if (checkbox !=  null) {
-				if (document.getElementById("SSOCheckBox").checked) {
-					document.getElementById("useSSO").value = "true";
-				}
-			}
-		} */
-		
-/* 		function checkMandateSSO() {
-			var sso = document.getElementById("SSOCheckBox");
-			var mandate = document.getElementById("mandateCheckBox");
-			
-			
-			if (sso.checked && mandate.checked) {
-				alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!")
-				mandate.checked = false;
-				sso.checked = false;
-				return true;
-			} else {
-				return false;
-			}
-		} */
-	</script>
-<title>Anmeldung mittels Bürgerkarte oder Handy-Signatur</title>
-</head>
-<body onload="onChangeChecks();" onresize="onChangeChecks();">
-	<div id="page">
-		<div id="page1" class="case selected-case" role="main">
-			<h2 class="OA_header" role="heading">Anmeldung an: #OAName#</h2>
-			<div id="main">
-				<div id="leftcontent" class="hell" role="application">
-					<div id="bku_header" class="dunkel">
-						<h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2>
-					</div>
-					<div id="bkulogin" class="hell" role="form">
-						<div id="mandateLogin" style="">
-							<div>
-								<input tabindex="1" type="checkbox" name="Mandate"
-									id="mandateCheckBox" class="verticalcenter" role="checkbox"
-									onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'#MANDATECHECKED#>
-								<label for="mandateCheckBox" class="verticalcenter">in
-									Vertretung anmelden</label>
-								<!--a      href="info_mandates.html" 
-                        target="_blank"
-                        class="infobutton verticalcenter" 
-                        tabindex="5">i</a-->
-							</div>
-						</div>
-						<div id="bkuselectionarea">
-							<div id="bkukarte">
-								<img class="bkuimage" src="#CONTEXTPATH#/img/online-bku.png"
-									alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button"
-									onClick="bkuOnlineClicked();" tabindex="2" role="button"
-									value="Karte" />
-							</div>
-							<div id="bkuhandy">
-								<img class="bkuimage" src="#CONTEXTPATH#/img/mobile-bku.png"
-									alt="HandyBKU" /> <input name="bkuButtonHandy" type="button"
-									onClick="bkuHandyClicked();" tabindex="3" role="button"
-									value="HANDY" />
-							</div>
-						</div>
-						<div id="localBKU">
-							<form method="get" id="moaidform" action="#AUTH_URL#"
-								class="verticalcenter" target="_parent">
-								<input type="hidden" name="bkuURI" value="#LOCAL#"> <input
-									type="hidden" name="useMandate" id="useMandate"> <input
-									type="hidden" name="SSO" id="useSSO"> <input
-									type="hidden" name="CCC" id="ccc"> <input type="hidden"
-									name="MODUL" value="#MODUL#"> <input type="hidden"
-									name="ACTION" value="#ACTION#"> <input type="hidden"
-									name="MOASessionID" value="#SESSIONID#"> 
-                  <input type="submit" value=">lokale Bürgerkartenumgebung" tabindex="4"
-									role="button" class="hell"
-                  onclick="setMandateSelection();"
-                  >
-								<!--p>
-                    <small>Alternativ können Sie eine lokal installierte BKU verwenden.</small>								                                  
-                  </p-->								                                  
-                </form>								                                                          
-              </div>
-              
-              <div id="stork" align="center" style="#STORKVISIBLE#">
-                <h2 id="tabheader" class="dunkel">Home Country Selection</h2>
-                <p>
-                  <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" >
-                    #PEPSLIST#
-                  </select>
-                  <button name="bkuButton" type="button" onClick="storkClicked();">Proceed</button>
-                  <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a>
-                </p>
-              </div>
-
-						<div id="metroDetected" style="display: none">
-							<p>Anscheinend verwenden Sie Internet Explorer im
-								Metro-Modus. Wählen Sie bitte "Auf dem Desktop anzeigen" aus den
-								Optionen um die Karten-Anmeldung starten zu können.</p>
-						</div>
-					</div>
-				</div>
-			</div>
-		</div>
-		<div id="validation">
-			<a href="http://validator.w3.org/check?uri="> <img
-				style="border: 0; width: 88px; height: 31px"
-				src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" />
-			</a> <a href="http://jigsaw.w3.org/css-validator/"> <img
-				style="border: 0; width: 88px; height: 31px"
-				src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
-				alt="CSS ist valide!" />
-			</a>
-		</div>
-	</div>
-</body>
-</html>
diff --git a/id/server/doc/conf/moa-id/htmlTemplates/sendAssertionFormFull.html b/id/server/doc/conf/moa-id/htmlTemplates/sendAssertionFormFull.html
deleted file mode 100644
index b80d654cc..000000000
--- a/id/server/doc/conf/moa-id/htmlTemplates/sendAssertionFormFull.html
+++ /dev/null
@@ -1,617 +0,0 @@
-<!DOCTYPE html> 
-<html>
-<head>
-	<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
-    <!-- MOA-ID 2.x BKUSelection Layout CSS -->               
-    <style type="text/css">
-			@media screen and (min-width: 650px) {
-			
-				body {
-					margin:0;
-					padding:0;
-					color : #000;
-					background-color : #fff;
-			  	text-align: center;
-			  	background-color: #6B7B8B;
-				}
-				
-        #localBKU p {
-          font-size: 0.7em;
-        } 
-        
-        #localBKU input{
-          font-size: 0.7em;
-          border-radius: 5px;
-        }
-        
-         #bkuselectionarea button {
-          font-size: 0.85em;
-          border-radius: 7px;
-          margin-bottom: 25px;
-         }
-        
-        #mandateLogin {
-          font-size: 0.85em;
-        }
-        
-        #bku_header h2 {
-          font-size: 0.8em;
-        } 
-        
-        
-			  #page {
-			    display: block;
-			    border: 2px solid rgb(0,0,0);
-			    width: 650px;
-			    height: 440px;
-			    margin: 0 auto;
-			    margin-top: 5%;
-			    position: relative;
-			    border-radius: 25px;
-			    background: rgb(255,255,255);
-			  }
-			  
-			  #page1 {
-			    text-align: center;
-			  }
-			  
-			  #main {
-			    /*	clear:both; */
-				  position:relative;
-			    margin: 0 auto;
-			    width: 250px;
-			    text-align: center;
-			  }
-			  
-			  .OA_header {
-			/*	  background-color: white;*/
-			    font-size: 20pt;
-			    margin-bottom: 25px;
-			    margin-top: 25px;
-			  }
-			
-			  #leftcontent {
-        	width: 300px;
-				  margin-top: 30px;
-          padding-bottom: 15px;
-				  margin-bottom: 25px;
-			    text-align: left;
-			    border: 1px solid rgb(0,0,0);
-			  }
-			  			  
-			  #selectArea {
-				 font-size: 15px;
-				 padding-bottom: 65px;
-			  }
-			 
-        #selectArea h3 {
-          margin-bottom: 25px;
-        }
-      
-        #bku_header {
-          height: 5%;
-          padding-bottom: 3px;
-          padding-top: 3px;
-        }
-      
-        #bkulogin {
-				  overflow:hidden;	
-          min-width: 190px;
-          min-height: 180px;
-          /*height: 260px;*/	
-			  }
-      
-        h2#tabheader{
-				  font-size: 1.1em; 
-          padding-left: 2%;
-          padding-right: 2%;
-          position: relative;
-			  }
-      			  
-			  .setAssertionButton_full {
-				  margin-top: 15px;
-			    width: 100px;
-			    height: 30px;
-          font-size: 1.3em;
-          min-height: 1.3em;
-/*          border-radius: 10px;*/
-			  }
-			
-			  #leftbutton  {
-				 width: 30%; 
-				 float:left; 
-				 margin-left: 40px;
-			  }
-			
-			  #rightbutton {
-				 width: 30%; 
-				 float:right; 
-				 margin-right: 45px; 
-				 text-align: right;
-			  }
-        
-        button {
-          height: 25px;
-          width: 90px;
-          margin-bottom: 10px;
-        }
-        
-       #validation {
-        position: absolute;
-        bottom: 0px;
-        margin-left: 270px;
-        padding-bottom: 10px;
-      }
-			
-			}
-
-      @media screen and (max-width: 205px) {
-        #localBKU p {
-          font-size: 0.6em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.7em;
-          min-width: 70px;
-          min-height: 1.2em;
-          border-radius: 5px;
-        }
-        
-        #bkuselectionarea button, .setAssertionButton_full {
-          font-size: 0.8em;
-          min-width: 65px;
-          min-height: 1.3em;
-  /*        border-radius: 5px;         */
-          margin-bottom: 2%
-        }
-        
-        #mandateLogin {
-          font-size: 0.65em;
-        }
-        
-        #bku_header h2, #selectArea h3 {
-          font-size: 0.8em;
-          margin-top: -0.4em;
-        } 
-      }
-
-      @media screen and (max-width: 249px) and (min-width: 206px) {
-        #localBKU p {
-          font-size: 0.7em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.85em;
-          min-width: 80px;
-          min-height: 0.95em;
-          border-radius: 6px;
-        }
-        
-        #bkuselectionarea button, .setAssertionButton_full {
-          font-size: 0.85em;
-          min-width: 70px;
-          min-height: 0.95em;
-  /*        border-radius: 6px;        */
-          margin-bottom: 2%
-        }
-        
-        #mandateLogin {
-          font-size: 0.75em;
-        }
-        
-        #bku_header h2, #selectArea h3 {
-          font-size: 0.9em;
-          margin-top: -0.45em;
-        } 
-      }
-
-      @media screen and (max-width: 299px) and (min-width: 250px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.9em;
-          min-width: 100px;
-          border-radius: 6px;
-        }
-        
-        #bkuselectionarea button, .setAssertionButton_full {
-          font-size: 1.0em;
-          min-height: 1.05em;
- /*         border-radius: 7px;          */
-          margin-bottom: 5%;
-        }
-        
-        #mandateLogin {
-          font-size: 1em;
-        }
-        
-        #bku_header h2, #selectArea h3 {
-          font-size: 1.0em;
-          margin-top: -0.50em;
-        } 
-      }
-
-      @media screen and (max-width: 399px) and (min-width: 300px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.9em;
-          min-width: 100px;
-          border-radius: 6px;
-        }
-        
-        #bkuselectionarea button, .setAssertionButton_full {
-          font-size: 1.1em;
-          min-height: 1.2em;
-  /*        border-radius: 8px;     */
-          margin-bottom: 5%;
-        }
-        
-        #mandateLogin {
-          font-size: 1em;
-        }
-        
-        #bku_header h2, #selectArea h3 {
-          font-size: 1.1em;
-          margin-top: -0.55em;
-        } 
-      }
-      
-      @media screen and (max-width: 649px) and (min-width: 400px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.9em;
-          min-width: 100px;
-          border-radius: 6px;
-        }
-        
-        #bkuselectionarea button, .setAssertionButton_full {
-          font-size: 1.3em;
-          min-height: 1.3em;
-/*          border-radius: 10px;  */
-          margin-bottom: 5%;
-        }
-        
-        #mandateLogin {
-          font-size: 1.2em;
-        }
-        
-        #bku_header h2, #selectArea h3 {
-          font-size: 1.3em;
-          margin-top: -0.65em;
-        } 
-      }
-
-
-			
-			@media screen and (max-width: 649px) {
-				
-        body {
-					margin:0;
-					padding:0;
-					color : #000;
-			  	text-align: center;
-          font-size: 100%;
-			  	background-color: #MAIN_BACKGOUNDCOLOR#;
-				}
-        				
-			  #page {
-			     visibility: hidden;
-			     margin-top: 0%;
-			  }
-			  
-			  #page1 {
-			    visibility: hidden;
-			  }
-			  
-			  #main {
-			    visibility: hidden;
-			  }
-        
-        #validation {
-          visibility: hidden;
-          display: none;
-        }
-			  
-			  .OA_header {
-			    margin-bottom: 0px;
-			    margin-top: 0px;
-			    font-size: 0pt;
-			    visibility: hidden;
-			  }
-			
-			  #leftcontent {
-			    visibility: visible;
-			    margin-bottom: 0px;
-			    text-align: left;
-			    border:none;
-          min-width: 190px;
-/*          min-height: 190px;  */
-          vertical-align: middle;
-          
-			  }
-			  
-        #bku_header {
-          height: 10%;
-          min-height: 1.2em;
-          margin-top: 1%;
-        }
-        
-        h2#tabheader{
-          padding-left: 2%;
-          padding-right: 2%;
-          padding-top: 1%;
-          position: relative;
-          top: 50%;
-			  }
-        
-       	#bkulogin {	
-          min-width: 190px;
-          min-height: 150px;	
-			 }
-        
-			 .setAssertionButton_full {
-				    margin-top: 15px;
-			      width: 70%;
-			      height: 11%;
-            min-width: 60px;
-            min-height: 25px;
-			 }
-       
-       #selectArea h3 {
-          margin-top: 2%;
-       }
-       
-        button {
-          height: 11%;
-          width: 70%;
-        }
-			}
-			      
-			* {
-				margin: 0;
-				padding: 0;
-/*				border: 0;  */
-        font-family: #FONTTYPE#;
-			}
-							      			
-			#selectArea {
-				padding-top: 10px;
-				padding-bottom: 55px;
-				padding-left: 10px;
-			}
-			
-			.setAssertionButton {
-				background: #efefef;
-				cursor: pointer;
-				margin-top: 15px;
-			  width: 70px;
-			  height: 25px;
-			}
-			
-			#leftbutton  {
-				width: 35%; 
-				float:left; 
-				margin-left: 15px;
-			}
-			
-			#rightbutton {
-				width: 35%; 
-				float:right; 
-				margin-right: 25px; 
-				text-align: right;
-			}
-			
-			#stork {
-			    margin-bottom: 10px;
-			    margin-top: 5px;
-			}
-			
-      #mandateLogin {
-        padding-bottom: 2%;
-        padding-top: 2%;
-        height: 10%;
-        position: relative;
-        text-align: center;
-			}
-      
-      .verticalcenter {
-        vertical-align: middle;
-      }
-      
-      #mandateLogin > div {
-        clear: both;
-        margin-top: -1%;
-        position: relative;
-        top: 50%;
-      }
-      
-      #bkuselectionarea {
-          position: relative;
-          display: block;
-      }
-      
-      #localBKU {
-        padding-left: 5%;
-        padding-right: 2%;
-        padding-bottom: 2%;
-        position: relative;
-        clear: both;        
-			}
-          			
-			#bkukarte {
-				float:left;
-				text-align:center;
-				width:40%;
-        min-height: 70px;
-        padding-left: 5%;
-        padding-top: 2%;
-			}
-			
-			#bkuhandy {
-				float:right;
-				text-align:center;
-				width:40%;
-        min-height: 90px;
-        padding-right: 5%;
-        padding-top: 2%;
-			}
-			
-      .bkuimage {
-        width: 90%;
-        height: auto;
-      }
-      
-			#mandate{
-				text-align:center;
-				padding : 5px 5px 5px 5px;
-			}
-			
-			button, .sendButton {
-/*				background: #BUTTON_BACKGROUNDCOLOR#;
-        color: #BUTTON_COLOR#;  */
-        cursor: pointer;
-        
-/*				border:1px solid #000;
-        box-shadow: 3px 3px 3px #222222; */
-			}
-			
-      button:hover, button:focus, button:active, 
-      .sendButton:hover , .sendButton:focus, .sendButton:active,
-      #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active {
-/*				background: #BUTTON_BACKGROUNDCOLOR_FOCUS#;
-        color: #BUTTON_COLOR#;  */        
-        cursor: pointer;
-        
-/*				border:1px solid #000;
-        box-shadow: -1px -1px 3px #222222;  */
-			}
-      			
-			#installJava, #BrowserNOK {
-				clear:both;
-				font-size:0.8em;
-				padding:4px;
-			}
-						
-			.selectText{
-			
-			}
-			
-			.selectTextHeader{
-			
-			}
-						
-			#leftcontent a {
-				text-decoration:none; 
-				color: #000;
-			/*	display:block;*/
-				padding:4px;	
-			}
-			
-			#leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active {
-				text-decoration:underline;
-				color: #000;	
-			}
-						
-			.infobutton {
-				background-color: #005a00;
-				color: white;
-				font-family: serif;
-				text-decoration: none;
-				padding-top: 2px;
-				padding-right: 4px;
-				padding-bottom: 2px;
-				padding-left: 4px;
-				font-weight: bold;
-			}
-			
-			.hell {
-				background-color : #MAIN_BACKGOUNDCOLOR#;
-        color: #MAIN_COLOR#;	
-			}
-			
-			.dunkel {
-				background-color: #HEADER_BACKGROUNDCOLOR#;
-        color: #HEADER_COLOR#;
-			}
-			      
-			.main_header {
-			   color: black;
-			    font-size: 32pt;
-			    position: absolute;
-			    right: 10%;
-			    top: 40px;
-				
-			}
-      			                        
-    </style>
-    
-    
-    <title>Anmeldung an Online-Applikation</title>   
-</head>
-
-
-<body>
-		<div id="page">
-
-			<div id="page1" class="case selected-case" role="main">
-
-<!-- 					<h2 class="OA_header">Anmeldung an: #OAName#</h2> -->
-
-					<div id="main">
-					<div id="leftcontent" class="hell">
-            <div id="bku_header" class="dunkel">
-						  <h2 id="tabheader" class="dunkel" role="heading">
-							 Anmeldeinformationen:							  
-						  </h2>
-            </div>
-					
-						<div id="selectArea" class="hell" role="application">
-							<h3>Anmeldung an: #OAName#</h3>
-					
-<!-- 						<div class="hell"> -->
-							<div id="leftbutton">
-									<form method="post" id="moaidform_yes" action="#URL#">
-										<input type="hidden" name="value" value="true">
-										<input type="hidden" name="mod" value="#MODUL#">
-								    <input type="hidden" name="action" value="#ACTION#">
-                    <input type="hidden" name="identifier" value="#ID#">
-										<input type="submit" value="Ja" class="setAssertionButton_full sendButton" role="button">
-									</form>
-							</div>
-							<div id="rightbutton">
-										<form method="post" id="moaidform_no" action="#URL#">
-										<input type="hidden" name="value" value="false">
-										<input type="hidden" name="mod" value="#MODUL#">
-								    <input type="hidden" name="action" value="#ACTION#">
-                    <input type="hidden" name="identifier" value="#ID#">
-										<input type="submit" value="Nein" class="setAssertionButton_full sendButton" role="button">
-									</form>
-							</div>
-						
-						</div>												
-					</div>
-				</div>
-		</div>
-    <div id="validation">
-        <a href="http://validator.w3.org/check?uri=">
-          <img   style="border:0;width:88px;height:31px"
-                 src="#CONTEXTPATH#/img/valid-html5-blue.png"
-                 alt="HTML5 ist valide!" />
-        </a>
-        <a href="http://jigsaw.w3.org/css-validator/">
-          <img   style="border:0;width:88px;height:31px"
-                 src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
-                 alt="CSS ist valide!" />
-        </a>
-    </div>
-	</div>
-</body>
-</html>
diff --git a/id/server/doc/conf/moa-id/htmlTemplates/slo_template.html b/id/server/doc/conf/moa-id/htmlTemplates/slo_template.html
deleted file mode 100644
index 88279ee96..000000000
--- a/id/server/doc/conf/moa-id/htmlTemplates/slo_template.html
+++ /dev/null
@@ -1,451 +0,0 @@
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
-<head>
-  <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
-  
-   <!-- MOA-ID 2.x BKUSelection Layout CSS -->               
-    <style type="text/css">
-			@media screen and (min-width: 650px) {
-			
-				body {
-					margin:0;
-					padding:0;
-					color : #000;
-					background-color : #fff;
-			  	text-align: center;
-			  	background-color: #6B7B8B;
-				}
-  
-			  #page {
-			    display: block;
-			    border: 2px solid rgb(0,0,0);
-			    width: 650px;
-			    height: 460px;
-			    margin: 0 auto;
-			    margin-top: 5%;
-			    position: relative;
-			    border-radius: 25px;
-			    background: rgb(255,255,255);
-			  }
-			  
-			  #page1 {
-			    text-align: center;
-			  }
-			  
-			  #main {
-			    /*	clear:both; */
-				  position:relative;
-			    margin: 0 auto;
-			    width: 250px;
-			    text-align: center;
-			  }
-			  
-			  .OA_header {
-			/*	  background-color: white;*/
-			    font-size: 20pt;
-			    margin-bottom: 25px;
-			    margin-top: 25px;
-			  }
-			
-			  #leftcontent {
-			    /*float:left; */
-				  width:250px;
-				  margin-bottom: 25px;
-			    text-align: left;
-			    /*border: 1px solid rgb(0,0,0);*/
-			  }
-			
-			  #leftcontent {
-				 width: 300px;
-				 margin-top: 30px;
-			  }
-      
-        h2#tabheader{
-				  font-size: 1.1em; 
-          padding-left: 2%;
-          padding-right: 2%;
-          position: relative;
-			  }
-        		  
-			  .setAssertionButton_full {
-			  	background: #efefef;
-				  cursor: pointer;
-				  margin-top: 15px;
-			    width: 100px;
-			    height: 30px
-			  }
-			
-			  #leftbutton  {
-				 width: 30%; 
-				 float:left; 
-				 margin-left: 40px;
-			  }
-			
-			  #rightbutton {
-				 width: 30%; 
-				 float:right; 
-				 margin-right: 45px; 
-				 text-align: right;
-			  }
-        
-        button {
-          height: 25px;
-          width: 75px;
-          margin-bottom: 10px;
-        }
-        
-       #validation {
-        position: absolute;
-        bottom: 0px;
-        margin-left: 270px;
-        padding-bottom: 10px;
-      }
-			
-			}
-
-      @media screen and (max-width: 205px) {
-        #localBKU p {
-          font-size: 0.6em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.6em;
-          min-width: 60px;
-         /* max-width: 65px; */
-          min-height: 1.0em;
-         /* border-radius: 5px; */
-        }
-        
-      }
-
-      @media screen and (max-width: 249px) and (min-width: 206px) {
-        #localBKU p {
-          font-size: 0.7em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.7em;
-          min-width: 70px;
-       /*    max-width: 75px;    */
-          min-height: 0.95em;
-        /*  border-radius: 6px;    */
-        }
-         
-      }
-
-      @media screen and (max-width: 299px) and (min-width: 250px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.8em;
-          min-width: 70px;
-       /*    max-width: 75px;      */
-      /*    border-radius: 6px;  */
-        }
-
-      }
-
-      @media screen and (max-width: 399px) and (min-width: 300px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.8em;
-          min-width: 70px;
-      /*     max-width: 75px;     */
-      /*    border-radius: 6px;       */
-        }
-
-      }
-      
-      @media screen and (max-width: 649px) and (min-width: 400px) {
-        #localBKU p {
-          font-size: 0.9em;
-        } 
-        
-        #localBKU input {
-          font-size: 0.8em;
-          min-width: 70px;
-      /*     max-width: 80px;       */
-     /*     border-radius: 6px;          */
-        }
-
-      }
-
-
-			
-			@media screen and (max-width: 649px) {
-				
-        body {
-					margin:0;
-					padding:0;
-					color : #000;
-			  	text-align: center;
-          font-size: 100%;
-			  	background-color: #MAIN_BACKGOUNDCOLOR#;
-				}
-        				
-			  #page {
-			     visibility: hidden;
-			     margin-top: 0%;
-			  }
-			  
-			  #page1 {
-			    visibility: hidden;
-			  }
-			  
-			  #main {
-			    visibility: hidden;
-			  }
-        
-        #validation {
-          visibility: hidden;
-          display: none;
-        }
-			  
-			  .OA_header {
-			    margin-bottom: 0px;
-			    margin-top: 0px;
-			    font-size: 0pt;
-			    visibility: hidden;
-			  }
-			
-			  #leftcontent {
-			    visibility: visible;
-			    margin-bottom: 0px;
-			    text-align: left;
-			    border:none;
-          vertical-align: middle;
-          min-height: 173px;
-          min-width: 204px;
-          
-			  }
-        
-        input[type=button] {
-/*          height: 11%;  */
-          width: 70%;
-        }
-			}
-			      
-			* {
-				margin: 0;
-				padding: 0;
-        font-family: #FONTTYPE#;
-			}
-							      			
-			#selectArea {
-				padding-top: 10px;
-				padding-bottom: 55px;
-				padding-left: 10px;
-			}
-			
-			.setAssertionButton {
-				background: #efefef;
-				cursor: pointer;
-				margin-top: 15px;
-			  width: 70px;
-			  height: 25px;
-			}
-			
-			#leftbutton  {
-				width: 35%; 
-				float:left; 
-				margin-left: 15px;
-			}
-			
-			#rightbutton {
-				width: 35%; 
-				float:right; 
-				margin-right: 25px; 
-				text-align: right;
-			}
-
-/*		input[type=button], .sendButton {
-				background: #BUTTON_BACKGROUNDCOLOR#;
-        color: #BUTTON_COLOR#;
-/*				border:1px solid #000;  */
-/*				cursor: pointer;
-/*        box-shadow: 3px 3px 3px #222222;  */
-/*			}
-			
-/*      button:hover, button:focus, button:active, 
-      .sendButton:hover , .sendButton:focus, .sendButton:active,
-      #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active {
-				background: #BUTTON_BACKGROUNDCOLOR_FOCUS#;
-        color: #BUTTON_COLOR#;
-/*				border:1px solid #000;                */
-/*				cursor: pointer;
-/*        box-shadow: -1px -1px 3px #222222;  */
-/*			}
-      
-*/      
-			input {
-				/*border:1px solid #000;*/
-				cursor: pointer;
-			}
-      
-      #localBKU input {
-/*        color: #BUTTON_COLOR#;  */
-        border: 0px;
-        display: inline-block;
-        
-      }
-			
-      #localBKU input:hover, #localBKU input:focus, #localBKU input:active {
-        text-decoration: underline;
-      }
-      
-			#installJava, #BrowserNOK {
-				clear:both;
-				font-size:0.8em;
-				padding:4px;
-			}
-						
-			.selectText{
-			
-			}
-			
-			.selectTextHeader{
-			
-			}
-			
-			.sendButton {
-        width: 30%;
-        margin-bottom: 1%;	
-			}
-			
-			#leftcontent a {
-				text-decoration:none; 
-				color: #000;
-			/*	display:block;*/
-				padding:4px;	
-			}
-			
-			#leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active {
-				text-decoration:underline;
-				color: #000;	
-			}
-						
-			.infobutton {
-				background-color: #005a00;
-				color: white;
-				font-family: serif;
-				text-decoration: none;
-				padding-top: 2px;
-				padding-right: 4px;
-				padding-bottom: 2px;
-				padding-left: 4px;
-				font-weight: bold;
-			}
-			
-			.hell {
-				background-color : #MAIN_BACKGOUNDCOLOR#;
-        color: #MAIN_COLOR#;	
-			}
-			
-			.dunkel {
-				background-color: #HEADER_BACKGROUNDCOLOR#;
-        color: #HEADER_COLOR#;
-			}
-			      
-			.main_header {
-			   color: black;
-			    font-size: 32pt;
-			    position: absolute;
-			    right: 10%;
-			    top: 40px;
-				
-			}
-      
-     	#alert {
-		    margin: 100px 250px;
-		    font-family: Verdana, Arial, Helvetica, sans-serif;
-		    font-size: 14px;
-		    font-weight: normal;
-		    color: red;
-	    }
-	
-	    .reqframe {
-		    /*display: none;*/
-        visibility: hidden;
-		  
-	    }
-      			                        
-    </style> 
-
-	#if($timeoutURL)
-		<script type="text/javascript">
-			function sloTimeOut() {
-				window.location.href="$timeoutURL";
-			
-			}	
-	
-		</script>
-	#end
-
-  <title>Single LogOut Vorgang ... </title>
-</head>
-
-#if($timeoutURL)
-	<body onload='setTimeout(sloTimeOut(), $timeout);'>
-#else
-	<body>
-#end
-  <noscript>
-		<p>
-			<strong>Note:</strong> Since your browser does not support
-			JavaScript, you must press the Continue button once to proceed.
-		</p>
-	</noscript>
-
-  <div id="page">
-		<div id="page1" class="case selected-case" role="main">
-			<h2 class="OA_header" role="heading">MOA-ID Single LogOut Information</h2>
-			<div id="main">
-				<div id="leftcontent" class="hell" role="application">
-          
-          #if($errorMsg)
-	         <div class="alert">
-		        <p>$errorMsg</p> 
-	         </div>	
-	        #end
-
-	        #if($successMsg)
-	         <div>
-		        <p>$successMsg</p> 
-	         </div>	
-	        #end
-
-	        #if($redirectURLs)
-		        <div>
-			       <p>
-				        Sie werden von allen Online-Applikationen abgemeldet. <br>
-				        Dieser Vorgang kann einige Zeit in Anspruch nehmen.
-			       </p>
-		       </div>
-	       #end
-          
-				</div>
-			</div>
-		</div>
-		<div id="validation">
-			<a href="http://validator.w3.org/check?uri="> <img
-				style="border: 0; width: 88px; height: 31px"
-				src="$contextpath/img/valid-html5-blue.png" alt="HTML5 ist valide!" />
-			</a> <a href="http://jigsaw.w3.org/css-validator/"> <img
-				style="border: 0; width: 88px; height: 31px"
-				src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
-				alt="CSS ist valide!" />
-			</a>
-		</div>
-	</div>
-
-
-  #foreach( $el in $redirectURLs )
-	   <iframe src=$el class="reqframe"></iframe>
-  #end
-  
-</body>
-</html>
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-id/keys/assertion.crt b/id/server/doc/conf/moa-id/keys/assertion.crt
deleted file mode 100644
index aa4e23cb1..000000000
--- a/id/server/doc/conf/moa-id/keys/assertion.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEDDCCAvSgAwIBAgIJAI6ivoxdit5XMA0GCSqGSIb3DQEBBQUAMGExCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMTEUFzc2VydGlvbiBTaWduaW5nMB4XDTE0
-MDIwNDEwNDEzOVoXDTI0MDIwMjEwNDEzOVowYTELMAkGA1UEBhMCQVQxEzARBgNV
-BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
-ZDEaMBgGA1UEAxMRQXNzZXJ0aW9uIFNpZ25pbmcwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQD5tysT9qt3zoIf6GZJP0qCO0wuAD9lS0v6IzF6lKmY2sts
-2OHjC2KX2CQWruLmA2bdxeVSX21JrcCJrLh3qzpEkBGrcaqJz2AeJ6jRamYgWa/y
-+4AADlPHJntdX3w+H/z6quCgvuylGcOhEo5Eoaef0U1cn3AR5Cu1yAtSMhnhrBU8
-upiHfpRvGx+UA55zQpctlhB8vw2i+6zvFI2MGV5cmJ56dF7IlDa+Yp6udlUhUAEn
-SKVLSiEifvnYD3F5F/yHg08zxvjU0Q2Yx/dp+gYK7obZvDtsmPRd24oo+CThhdf9
-8PHtfHew4cwUXyUiMzDYC0i4m8a4FsViryPBnjL9AgMBAAGjgcYwgcMwHQYDVR0O
-BBYEFCx2GmAN2fE3EdGbt/9tQZZFKGR6MIGTBgNVHSMEgYswgYiAFCx2GmAN2fE3
-EdGbt/9tQZZFKGR6oWWkYzBhMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29tZS1T
-dGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRowGAYDVQQD
-ExFBc3NlcnRpb24gU2lnbmluZ4IJAI6ivoxdit5XMAwGA1UdEwQFMAMBAf8wDQYJ
-KoZIhvcNAQEFBQADggEBAPIKVBFv+lGInuACtVTVfkhHp9OJWQxDaf6vxYjvqmDl
-DZ6XMQgglNRTrF1iXxWGWU+JQQWITAWFeGJ83KhFcP7jycsW3cUmwoQDmI34Zv/b
-crS0/NFug/n8hITUCBfZwpyrBXUnJrIqtPdfPXYJNN4D/XHZBJ8NeaQWg8SApJ60
-LuUIAZcFSyTiOC0qI9VlBmSpqp5rJwLnvoadNECubwuHlws0e0lTtRBNOuq0mId3
-0isb3ct7x4628JIWTH1GjuFa05YG1d6Tt0mkyfNXK2I9OYx44b9UrJIpfIDdE6E5
-ljapkxheZJuBZWjH01dgo5/Fl3OLczcWQKdSHdHREfo=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id/keys/encryption.crt b/id/server/doc/conf/moa-id/keys/encryption.crt
deleted file mode 100644
index c9d94f9b6..000000000
--- a/id/server/doc/conf/moa-id/keys/encryption.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIJAMC/5DRgVin3MA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxEzARBgNVBAMTCkVuY3J5cHRpb24wHhcNMTQwMjA0MTA0
-MjA2WhcNMjQwMjAyMTA0MjA2WjBaMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29t
-ZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYD
-VQQDEwpFbmNyeXB0aW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-qgKWs3IW4giGsbAUm/wRH+lcggVpOPkNqqtNA48Qfwkq/lSWdeHp0+xXOwR1Oull
-TpmfbqJouUoHf6jCt1EXqlQR2oQ1oYYjLncVMhZ9ajXVFJEBl6tw9Em4aCzkkTdL
-HfWoh21iDnYOXTgP23/59xpuvy85O39hKnysXIcniqeb1uHthMiN25R8g4bPOQNb
-OfoMXpXdVbHxM77ZDSbk88BMRsq8SnlPdelaf8HsZomtnLKXvSDLivTZloxtHjBa
-aJNS/H1zr3HI+lq4S4VH+8ilj53OeWHjstGCFiTRtZy2hZvG2PegNIL7shMN/h4i
-h+OCn/ImAW9Kf599wve5iQIDAQABo4G/MIG8MB0GA1UdDgQWBBQzMzOrGfjN+Tnz
-zbFTyLPgHS4FkjCBjAYDVR0jBIGEMIGBgBQzMzOrGfjN+TnzzbFTyLPgHS4FkqFe
-pFwwWjELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoT
-GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDETMBEGA1UEAxMKRW5jcnlwdGlvboIJ
-AMC/5DRgVin3MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAADZoknf
-lcG0O9sL8CALO6UmPy1+ZlOXndoqqNu3uvzj7hvjT5RPY4hTyfrkUn5EqlHwLSCf
-C7rOxcGvRHT3/REwOef8H3MGdSV81esa5EbrRfGWjLOXoQFrIOhz5bxqoU0B7Obh
-3IUA2yCGz4SlXjMdMWN670ETglnthdY4z2Ot8n4E2YNXlRSubowat7ylkqjKvyaB
-Iz/RVgDxblkOK+bqPSKaNWvadItnMyh7Y8C3LD3tQpwYViJ0QOJ9BMujULma7Tb8
-lVIhmx3y2cU8nCqG0VPSTE6AMnuONuQjJTGFsRdDREFrALtjUpsUOXU6+19ywYSi
-LYiLYskPglktuck=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id/keys/metadata.crt b/id/server/doc/conf/moa-id/keys/metadata.crt
deleted file mode 100644
index bd9640b37..000000000
--- a/id/server/doc/conf/moa-id/keys/metadata.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
-BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
-MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
-CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
-MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
-ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
-tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
-O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
-zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
-ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
-BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
-ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
-dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
-TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
-+uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
-p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
-oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
-tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
-Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id/keys/moa_idp[password].p12 b/id/server/doc/conf/moa-id/keys/moa_idp[password].p12
deleted file mode 100644
index 25f585be5..000000000
Binary files a/id/server/doc/conf/moa-id/keys/moa_idp[password].p12 and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/keys/storkDemoKeys.jks b/id/server/doc/conf/moa-id/keys/storkDemoKeys.jks
deleted file mode 100644
index 8196ab319..000000000
Binary files a/id/server/doc/conf/moa-id/keys/storkDemoKeys.jks and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/log4j.properties b/id/server/doc/conf/moa-id/log4j.properties
deleted file mode 100644
index c7dece5c5..000000000
--- a/id/server/doc/conf/moa-id/log4j.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-# commons-logging setup
-org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory
-
-# define log4j root loggers
-log4j.rootLogger=info, stdout
-log4j.logger.at.gv.egovernment.moa=info
-log4j.logger.at.gv.egovernment.moa.spss=info
-log4j.logger.iaik.server=info
-log4j.logger.at.gv.egovernment.moa.id=info,R
-log4j.logger.at.gv.egovernment.moa.id.proxy=info
-log4j.logger.eu.stork=info
-log4j.logger.org.hibernate=warn
-
-# configure the stdout appender
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-#log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c |  %10t | %m%n
-log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20.20c | %10t | %m%n
-
-# configure the rolling file appender (R)
-log4j.appender.R=org.apache.log4j.RollingFileAppender
-log4j.appender.R.File=${catalina.base}/logs/moa-id.log
-log4j.appender.R.MaxFileSize=10000KB
-log4j.appender.R.MaxBackupIndex=1
-log4j.appender.R.layout=org.apache.log4j.PatternLayout
-log4j.appender.R.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n
-
diff --git a/id/server/doc/conf/moa-id/moa-id.properties b/id/server/doc/conf/moa-id/moa-id.properties
deleted file mode 100644
index 4290b1985..000000000
--- a/id/server/doc/conf/moa-id/moa-id.properties
+++ /dev/null
@@ -1,127 +0,0 @@
-********
-*
-*$PATH_TO_CONFIG$ muss durch den eigentlichen Pfad ersetzt werden!
-*
-******
-
-
-##General MOA-ID 2.0 Configuration
-
-#MOA-ID 2.0 XML configuration files (necessary, if inmemory database is used)
-#configuration.xml=$PATH_TO_CONFIG$/conf/moa-id/MOAIDConfiguration-2.0.xml
-
-##For Testing
-configuration.validation.certificate.QC.ignore=false
-protocols.pvp2.assertion.encryption.active=false
-
-##General MOA-ID 2.0 operations
-#MOA-ID 2.0 session information encryption key (PassPhrase)
-configuration.moasession.key=SessionEncryptionKey
-configuration.moaconfig.key=ConfigurationEncryptionKey
-
-#MOA-ID 2.0 Monitoring Servlet
-configuration.monitoring.active=false
-configuration.monitoring.message.success=All Tests passed!
-configuration.monitoring.test.identitylink.url=$PATH_TO_CONFIG$/conf/moa-id/monitoring/monitoring_idl.xml
-
-#MOA-ID 2.0 Advanced Logging
-configuration.advancedlogging.active=false
-
-##Webservice Client Configuration
-#MOA-SP webservice
-#service.moasp.acceptedServerCertificates=
-#service.moasp.clientKeyStore=
-#service.moasp.clientKeyStorePassword=
-
-#Online mandates webservice (MIS)
-service.onlinemandates.acceptedServerCertificates=
-service.onlinemandates.clientKeyStore=keys/....
-service.onlinemandates.clientKeyStorePassword=
-
-#Foreign Identities (SZRGW)
-service.foreignidentities.acceptedServerCertificates=
-service.foreignidentities.clientKeyStore=keys/....
-service.foreignidentities.clientKeyStorePassword=
-
-
-##Protocol configuration##
-#PVP2
-protocols.pvp2.idp.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12
-protocols.pvp2.idp.ks.kspassword=password
-protocols.pvp2.idp.ks.metadata.alias=pvp_metadata
-protocols.pvp2.idp.ks.metadata.keypassword=password
-protocols.pvp2.idp.ks.assertion.sign.alias=pvp_assertion
-protocols.pvp2.idp.ks.assertion.sign.keypassword=password
-protocols.pvp2.idp.ks.assertion.encryption.alias=pvp_assertion
-protocols.pvp2.idp.ks.assertion.encryption.keypassword=password
-
-#OpenID connect (OAuth)
-protocols.oauth20.jwt.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12
-protocols.oauth20.jwt.ks.password=password
-protocols.oauth20.jwt.ks.key.name=oauth
-protocols.oauth20.jwt.ks.key.password=password
-
-##Database configuration##
-#Hibnerate configuration for MOA-ID 2.0 session store 
-moasession.hibernate.dialect=org.hibernate.dialect.MySQLDialect
-moasession.hibernate.connection.url=jdbc:mysql://localhost/moa-id-session?charSet=utf-8
-moasession.hibernate.connection.charSet=utf-8
-moasession.hibernate.connection.driver_class=com.mysql.jdbc.Driver
-moasession.hibernate.connection.username=
-moasession.hibernate.connection.password=
-
-moasession.hibernate.hbm2ddl.auto=update
-moasession.hibernate.current_session_context_class=thread
-moasession.hibernate.transaction.flush_before_completion=true
-moasession.hibernate.transaction.auto_close_session=true
-moasession.hibernate.show_sql=false
-moasession.hibernate.format_sql=true
-moasession.hibernate.c3p0.acquire_increment=3
-moasession.hibernate.c3p0.idle_test_period=60
-moasession.hibernate.c3p0.timeout=60
-moasession.hibernate.c3p0.max_size=20
-moasession.hibernate.c3p0.max_statements=0
-moasession.hibernate.c3p0.min_size=3
-
-#Hibnerate configuration for MOA-ID 2.0 configuration
-configuration.hibernate.dialect=org.hibernate.dialect.MySQLDialect
-configuration.hibernate.connection.url=jdbc:mysql://localhost/moa-id-config?charSet=utf-8&autoReconnect=true
-configuration.hibernate.connection.charSet=utf-8
-configuration.hibernate.connection.driver_class=com.mysql.jdbc.Driver
-configuration.hibernate.connection.username=
-configuration.hibernate.connection.password=
-
-configuration.hibernate.hbm2ddl.auto=update
-configuration.hibernate.current_session_context_class=thread
-configuration.hibernate.transaction.auto_close_session=true
-configuration.hibernate.show_sql=false
-configuration.hibernate.format_sql=true
-configuration.hibernate.connection.provider_class=org.hibernate.service.jdbc.connections.internal.C3P0ConnectionProvider
-configuration.hibernate.c3p0.acquire_increment=3
-configuration.hibernate.c3p0.idle_test_period=60
-configuration.hibernate.c3p0.timeout=300
-configuration.hibernate.c3p0.max_size=20
-configuration.hibernate.c3p0.max_statements=0
-configuration.hibernate.c3p0.min_size=3
-
-#
-#Hibnerate configuration for MOA-ID 2.0 advanced statistic logging
-advancedlogging.hibernate.dialect=org.hibernate.dialect.MySQLDialect
-advancedlogging.hibernate.connection.url=jdbc:mysql://localhost/moa-id-statistic?charSet=utf-8&autoReconnect=true
-advancedlogging.hibernate.connection.charSet=utf-8
-advancedlogging.hibernate.connection.driver_class=com.mysql.jdbc.Driver
-advancedlogging.hibernate.connection.username=
-advancedlogging.hibernate.connection.password=
-
-advancedlogging.hibernate.hbm2ddl.auto=update
-advancedlogging.hibernate.current_session_context_class=thread
-advancedlogging.hibernate.transaction.auto_close_session=true
-advancedlogging.hibernate.show_sql=false
-advancedlogging.hibernate.format_sql=true
-advancedlogging.hibernate.connection.provider_class=org.hibernate.service.jdbc.connections.internal.C3P0ConnectionProvider
-advancedlogging.hibernate.c3p0.acquire_increment=3
-advancedlogging.hibernate.c3p0.idle_test_period=60
-advancedlogging.hibernate.c3p0.timeout=300
-advancedlogging.hibernate.c3p0.max_size=20
-advancedlogging.hibernate.c3p0.max_statements=0
-advancedlogging.hibernate.c3p0.min_size=3
diff --git a/id/server/doc/conf/moa-id/monitoring/MOA-ID-Auth_Monitoring.crt b/id/server/doc/conf/moa-id/monitoring/MOA-ID-Auth_Monitoring.crt
deleted file mode 100644
index 7c3252dcb..000000000
--- a/id/server/doc/conf/moa-id/monitoring/MOA-ID-Auth_Monitoring.crt
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIC8TCCAdkCBFM0RyYwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UEBhMCQVQxDTAL
-BgNVBAoMBEVHSVoxHzAdBgNVBAMMFk1PQS1JRC1BdXRoX01vbml0b3JpbmcwHhcN
-MTQwMzI3MTU0MzM0WhcNMTYwOTEyMTU0MzM0WjA9MQswCQYDVQQGEwJBVDENMAsG
-A1UECgwERUdJWjEfMB0GA1UEAwwWTU9BLUlELUF1dGhfTW9uaXRvcmluZzCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJSQBR+b3KmRUklO9lmQzVtWCY4Y
-/mI3FR5Jma5hjosmKaFfLrExwpXMZIpDFljULtF1+pOaln66rlqRBOvzkhJvY5xD
-31GEG1XRi6rWxLGObmTuG2ZeSh3KpPOReUyrkrQ2UFQEo5Ytc/C/Ad3vQJdw3hPa
-Koi0Uszgyf3a1RD8b2EewqYXxPHMortSzbpg9cZ7BYg2+iAF2WbgAmUx0Kp7GvfN
-QnPMWZtu0E/pBEn5QKc6UZm1F0KR/Vq/ymDdEPlX+4261Ak26lyJJcn0BRRgrkK5
-bced+/SvxzXNae03ePSx4q9g4VLZw+j28lIpk1ngH8V8EAjzQDOBzvQQ6jsCAwEA
-ATANBgkqhkiG9w0BAQUFAAOCAQEAPis2r4hI6ld6KDnHs+f8wC3Vr/atFqeryqlj
-COIoX6HoxSczvGY7uimek43ezD+PDUntohrlukZO6YfqKrlgKBWg1kiBxK0ISZkS
-QgIraHexuT6eZ4558I43eGEiATzEkb+h60aO4YI7IyVbS5T9Rwb8fv9LzUgDtTtZ
-ALtVVr9c3ZG+O7bYEFNA0jkHU3n8gzLNsR5TVB8S693VDv8OMn8oef0EXRCuTW9V
-GUQyNpAO/gtlSW43NOc/ZL4lPdl0qzYtil5mKUTvuMvec37lhlpbzywSHq8boGBA
-RDjfEDR8ObgjGU7ik9nBkNMgeB6rEOAYZmiCZVMMUxPuIF9Nzw==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id/monitoring/monitoring_idl.xml b/id/server/doc/conf/moa-id/monitoring/monitoring_idl.xml
deleted file mode 100644
index 6a0602c04..000000000
--- a/id/server/doc/conf/moa-id/monitoring/monitoring_idl.xml
+++ /dev/null
@@ -1,87 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID13456264458587874" IssueInstant="2012-08-22T11:07:25+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-	<saml:AttributeStatement>
-		<saml:Subject>
-			<saml:SubjectConfirmation>
-				<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
-				<saml:SubjectConfirmationData>
-					<pr:Person si:type="pr:PhysicalPersonType">
-						<pr:Identification>
-							<pr:Value>wJO/bvDJjUysG0yARn7I6w==</pr:Value>
-							<pr:Type>urn:publicid:gv.at:baseid</pr:Type>
-						</pr:Identification>
-						<pr:Name>
-							<pr:GivenName>XXXRúùd</pr:GivenName>
-							<pr:FamilyName primary="undefined">XXXVàn Nisteĺrooy</pr:FamilyName>
-						</pr:Name>
-						<pr:DateOfBirth>1969-02-13</pr:DateOfBirth>
-					</pr:Person>
-				</saml:SubjectConfirmationData>
-			</saml:SubjectConfirmation>
-		</saml:Subject>
-		<saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
-			<saml:AttributeValue>
-				<ecdsa:ECDSAKeyValue>
-					<ecdsa:DomainParameters>
-						<ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.7"/>
-					</ecdsa:DomainParameters>
-					<ecdsa:PublicKey>
-						<ecdsa:X Value="22280299907126338788314199678167217078072953115254374209747379168424021905237" si:type="ecdsa:PrimeFieldElemType"/>
-						<ecdsa:Y Value="40387096985250872237992703378062984723606079359080588656963239072881568409170" si:type="ecdsa:PrimeFieldElemType"/>
-					</ecdsa:PublicKey>
-				</ecdsa:ECDSAKeyValue>
-			</saml:AttributeValue>
-		</saml:Attribute>
-		<saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
-			<saml:AttributeValue>
-				<dsig:RSAKeyValue>
-					<dsig:Modulus>4Y4FL09VhczsfYQgFPuycP8quJNZBAAu1R1rFXNodI2711B6BTMjAGQn6xuFWfd3/nyFav/MLTr/
-t2VazvANS4TRFxJAcWyIx7xbxCdzZr6gJ+FCmq4g5JPrQvt50v3JX+wKSYft1gHBOWlDn90Ia4Gm
-P8MVuze21T+VVKM6ZklmS6d5PT1er/uYQFydGErmJ17xlSQG6Fi5xuftopBDyJxG1tL1KIebpLFg
-gaM2EyuB1HxH8/+Mfqa4UgeqIH65</dsig:Modulus>
-					<dsig:Exponent>AQAB</dsig:Exponent>
-				</dsig:RSAKeyValue>
-			</saml:AttributeValue>
-		</saml:Attribute>
-	</saml:AttributeStatement>
-	<dsig:Signature>
-		<dsig:SignedInfo>
-			<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
-			<dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
-			<dsig:Reference URI="">
-				<dsig:Transforms>
-					<dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-				</dsig:Transforms>
-				<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-				<dsig:DigestValue>s/7GYPVfkHIvy5RcB5QRnXVSWwo=</dsig:DigestValue>
-			</dsig:Reference>
-		</dsig:SignedInfo>
-		<dsig:SignatureValue>LSsx2zO/XyJ9RCEcChmQ2+251PtaFz07sBw1DBw0Eui4mjRRMSaKXxD0GoQDRzvQQNYusLNqpGiixscBIb4XcR8ipSjZVPnH2E19o/O2fz2uFDWnlCHEhhG8OMNT2XzS6lZtMSSzVcAJINLBlz6DKG63+NhClb+1lUHoLa5CpwYDW/guVKLng8PNElBY5mw3GOSL8PskFsYK+bnRUAvvgGigm3XLtlZ4QQWDsGBNgJxW0boAm5vei+YVHVxrkL2YDkdvGUmD+RjzwZx8fxlfN4ajR00Q5mNc0xQtaL/g+vKdL6EeegZAKPZ/jrEpN0RZfuxPaAmt4t0Jav51mTKa4w==</dsig:SignatureValue>
-		<dsig:KeyInfo>
-			<dsig:KeyValue>
-				<dsig:RSAKeyValue>
-					<dsig:Modulus>lJAFH5vcqZFSSU72WZDNW1YJjhj+YjcVHkmZrmGOiyYpoV8usTHClcxkikMWWNQu0XX6k5qWfrquWpEE6/OSEm9jnEPfUYQbVdGLqtbEsY5uZO4bZl5KHcqk85F5TKuStDZQVASjli1z8L8B3e9Al3DeE9oqiLRSzODJ/drVEPxvYR7CphfE8cyiu1LNumD1xnsFiDb6IAXZZuACZTHQqnsa981Cc8xZm27QT+kESflApzpRmbUXQpH9Wr/KYN0Q+Vf7jbrUCTbqXIklyfQFFGCuQrltx5379K/HNc1p7Td49LHir2DhUtnD6PbyUimTWeAfxXwQCPNAM4HO9BDqOw==</dsig:Modulus>
-					<dsig:Exponent>AAEAAQ==</dsig:Exponent>
-				</dsig:RSAKeyValue>
-			</dsig:KeyValue>
-			<dsig:X509Data>
-				<dsig:X509Certificate>MIIC8TCCAdkCBFM0RyYwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UEBhMCQVQxDTAL
-BgNVBAoMBEVHSVoxHzAdBgNVBAMMFk1PQS1JRC1BdXRoX01vbml0b3JpbmcwHhcN
-MTQwMzI3MTU0MzM0WhcNMTYwOTEyMTU0MzM0WjA9MQswCQYDVQQGEwJBVDENMAsG
-A1UECgwERUdJWjEfMB0GA1UEAwwWTU9BLUlELUF1dGhfTW9uaXRvcmluZzCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJSQBR+b3KmRUklO9lmQzVtWCY4Y
-/mI3FR5Jma5hjosmKaFfLrExwpXMZIpDFljULtF1+pOaln66rlqRBOvzkhJvY5xD
-31GEG1XRi6rWxLGObmTuG2ZeSh3KpPOReUyrkrQ2UFQEo5Ytc/C/Ad3vQJdw3hPa
-Koi0Uszgyf3a1RD8b2EewqYXxPHMortSzbpg9cZ7BYg2+iAF2WbgAmUx0Kp7GvfN
-QnPMWZtu0E/pBEn5QKc6UZm1F0KR/Vq/ymDdEPlX+4261Ak26lyJJcn0BRRgrkK5
-bced+/SvxzXNae03ePSx4q9g4VLZw+j28lIpk1ngH8V8EAjzQDOBzvQQ6jsCAwEA
-ATANBgkqhkiG9w0BAQUFAAOCAQEAPis2r4hI6ld6KDnHs+f8wC3Vr/atFqeryqlj
-COIoX6HoxSczvGY7uimek43ezD+PDUntohrlukZO6YfqKrlgKBWg1kiBxK0ISZkS
-QgIraHexuT6eZ4558I43eGEiATzEkb+h60aO4YI7IyVbS5T9Rwb8fv9LzUgDtTtZ
-ALtVVr9c3ZG+O7bYEFNA0jkHU3n8gzLNsR5TVB8S693VDv8OMn8oef0EXRCuTW9V
-GUQyNpAO/gtlSW43NOc/ZL4lPdl0qzYtil5mKUTvuMvec37lhlpbzywSHq8boGBA
-RDjfEDR8ObgjGU7ik9nBkNMgeB6rEOAYZmiCZVMMUxPuIF9Nzw==</dsig:X509Certificate>
-			</dsig:X509Data>
-		</dsig:KeyInfo>
-	</dsig:Signature>
-</saml:Assertion>
diff --git a/id/server/doc/conf/moa-id/oa/BasicOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/BasicOAConfiguration.xml
deleted file mode 100644
index fc99cea79..000000000
--- a/id/server/doc/conf/moa-id/oa/BasicOAConfiguration.xml
+++ /dev/null
@@ -1,9 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Demokonfiguration fuer eine Online Applikation (OA) welche 401 Basic Authentication zur Uebergabe der Parameter verwendet -->
-<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-	<LoginType>stateless</LoginType>
-	<BasicAuth>
-		<UserID>MOAFamilyName</UserID>
-		<Password>MOAGivenName</Password>
-	</BasicAuth>
-</Configuration>
diff --git a/id/server/doc/conf/moa-id/oa/HeaderOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/HeaderOAConfiguration.xml
deleted file mode 100644
index 4d34c3646..000000000
--- a/id/server/doc/conf/moa-id/oa/HeaderOAConfiguration.xml
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Demokonfiguration fuer eine Online Applikation (OA) welche Header Authentication zur Uebergabe der Parameter verwendet -->
-<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-	<LoginType>stateless</LoginType>
-	<HeaderAuth>
-		<!-- zusaetzlicher Header GivenName -->
-		<Header Name="X-MOAParameterGivenName" Value="MOAGivenName"></Header>
-		<Header Name="X-MOAParameterFamilyName" Value="MOAFamilyName"></Header>
-	</HeaderAuth>
-</Configuration>
diff --git a/id/server/doc/conf/moa-id/oa/ParamOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/ParamOAConfiguration.xml
deleted file mode 100644
index 979faca95..000000000
--- a/id/server/doc/conf/moa-id/oa/ParamOAConfiguration.xml
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Demokonfiguration fuer eine Online Applikation (OA) welche Parameter Authentication verwendet -->
-<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-	<LoginType>stateless</LoginType>
-	<ParamAuth>
-		<!-- URL Parameter GivenName und FamilyName -->
-		<Parameter Name="GivenName" Value="MOAGivenName"></Parameter>
-		<Parameter Name="FamilyName" Value="MOAFamilyName"></Parameter>
-	</ParamAuth>
-</Configuration>
diff --git a/id/server/doc/conf/moa-id/oa/SampleOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/SampleOAConfiguration.xml
deleted file mode 100644
index edbfe7aa5..000000000
--- a/id/server/doc/conf/moa-id/oa/SampleOAConfiguration.xml
+++ /dev/null
@@ -1,9 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Demokonfiguration fuer Online Applikation (OA) welche 401 Basic Authentication zur Uebergabe der Parameter verwendet -->
-<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-	<LoginType>stateless</LoginType>
-	<BasicAuth>
-		<UserID>MOAFamilyName</UserID>
-		<Password>MOAGivenName</Password>
-	</BasicAuth>
-</Configuration>
diff --git a/id/server/doc/conf/moa-id/oa/SamplewbPKOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/SamplewbPKOAConfiguration.xml
deleted file mode 100644
index 2cff3bd67..000000000
--- a/id/server/doc/conf/moa-id/oa/SamplewbPKOAConfiguration.xml
+++ /dev/null
@@ -1,9 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Demokonfiguration fuer eine Online Applikation (OA) welche 401 Basic Authentication zur Uebergabe der Parameter verwendet -->
-<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-	<LoginType>stateless</LoginType>
-	<BasicAuth>
-		<UserID>MOAWBPK</UserID>
-		<Password>MOAGivenName</Password>
-	</BasicAuth>
-</Configuration>
diff --git a/id/server/doc/conf/moa-id/stork/SamlEngine.xml b/id/server/doc/conf/moa-id/stork/SamlEngine.xml
deleted file mode 100644
index eca38ec8c..000000000
--- a/id/server/doc/conf/moa-id/stork/SamlEngine.xml
+++ /dev/null
@@ -1,70 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<instances>
-
-
-	<!-- Configuration name-->
-	<instance name="outgoing">
-		<!-- Configurations parameters StorkSamlEngine  -->
-		<configuration name="SamlEngineConf">			
-			<parameter name="fileConfiguration" value="StorkSamlEngine_outgoing.xml" />
-		</configuration>
-
-		<!-- Settings module signature-->
-		<configuration name="SignatureConf">
-			<!-- Specific signature module -->
-			<parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
-			<!-- Settings specific module -->
-			<parameter name="fileConfiguration" value="SignModule_outgoing.xml" />
-		</configuration>
-	</instance>
-
-        <instance name="incoming">
-                <!-- Configurations parameters StorkSamlEngine  -->
-                <configuration name="SamlEngineConf">
-                        <parameter name="fileConfiguration" value="StorkSamlEngine_incoming.xml" />
-                </configuration>
-
-                <!-- Settings module signature-->
-                <configuration name="SignatureConf">
-                        <!-- Specific signature module -->
-                        <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
-                        <!-- Settings specific module -->
-                        <parameter name="fileConfiguration" value="SignModule_incoming.xml" />
-                </configuration>
-        </instance>
-
-
-        <instance name="incoming_attr">
-                <!-- Configurations parameters StorkSamlEngine  -->
-                <configuration name="SamlEngineConf">
-                        <parameter name="fileConfiguration" value="StorkSamlEngine_incoming_attr.xml" />
-                </configuration>
-
-                <!-- Settings module signature-->
-                <configuration name="SignatureConf">
-                        <!-- Specific signature module -->
-                        <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
-                        <!-- Settings specific module -->
-                        <parameter name="fileConfiguration" value="SignModule_incoming_attr.xml" />
-                </configuration>
-        </instance>
-
-
-        <instance name="VIDP">
-                <!-- Configurations parameters StorkSamlEngine  -->
-                <configuration name="SamlEngineConf">
-                        <parameter name="fileConfiguration" value="StorkSamlEngine_VIDP.xml" />
-                </configuration>
-
-                <!-- Settings module signature-->
-                <configuration name="SignatureConf">
-                        <!-- Specific signature module -->
-                        <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
-                        <!-- Settings specific module -->
-                        <parameter name="fileConfiguration" value="SignModule_VIDP.xml" />
-                </configuration>
-        </instance>
-
-
-	
-</instances>
diff --git a/id/server/doc/conf/moa-id/stork/SignModule_incoming.xml b/id/server/doc/conf/moa-id/stork/SignModule_incoming.xml
deleted file mode 100644
index 68b15e667..000000000
--- a/id/server/doc/conf/moa-id/stork/SignModule_incoming.xml
+++ /dev/null
@@ -1,12 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
-
-<properties>
-	<comment>SWModule sign with JKS.</comment>
-	<entry key="keystorePath">/home/stork/repos/moa-idspss/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks</entry>
-	<entry key="keyStorePassword">local-demo</entry>
-	<entry key="keyPassword">local-demo</entry>
-	<entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>	
-	<entry key="serialNumber">4BA89DB2</entry>		
-	<entry key="keystoreType">JKS</entry>
-</properties>
diff --git a/id/server/doc/conf/moa-id/stork/SignModule_incoming_attr.xml b/id/server/doc/conf/moa-id/stork/SignModule_incoming_attr.xml
deleted file mode 100644
index 68b15e667..000000000
--- a/id/server/doc/conf/moa-id/stork/SignModule_incoming_attr.xml
+++ /dev/null
@@ -1,12 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
-
-<properties>
-	<comment>SWModule sign with JKS.</comment>
-	<entry key="keystorePath">/home/stork/repos/moa-idspss/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks</entry>
-	<entry key="keyStorePassword">local-demo</entry>
-	<entry key="keyPassword">local-demo</entry>
-	<entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>	
-	<entry key="serialNumber">4BA89DB2</entry>		
-	<entry key="keystoreType">JKS</entry>
-</properties>
diff --git a/id/server/doc/conf/moa-id/stork/SignModule_outgoing.xml b/id/server/doc/conf/moa-id/stork/SignModule_outgoing.xml
deleted file mode 100644
index 7139c5a41..000000000
--- a/id/server/doc/conf/moa-id/stork/SignModule_outgoing.xml
+++ /dev/null
@@ -1,12 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
-
-<properties>
-	<comment>SWModule sign with JKS.</comment>
-	<entry key="keystorePath">projects/stork2/code/moa-idspss/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks</entry>
-	<entry key="keyStorePassword">local-demo</entry>
-	<entry key="keyPassword">local-demo</entry>
-	<entry key="issuer">CN=local-demo-cert, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
-	<entry key="serialNumber">4BA89DB2</entry> 
-	<entry key="keystoreType">JKS</entry>
-</properties>
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
deleted file mode 100644
index ef5dc23d2..000000000
--- a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
+++ /dev/null
@@ -1,120 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
-
-<properties>
-	<comment>SAML constants for AuthnRequests and Responses.</comment>
-
-	<!--
-		Types of consent obtained from the user for this authentication and
-		data transfer.
-		Allow values: 'unspecified'.
-	-->
-	<entry key="consentAuthnRequest">unspecified</entry>
-	
-	<!--
-	Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
-	-->
-	<entry key="consentAuthnResponse">obtained</entry>
-
-	<!--URI representing the classification of the identifier
-		Allow values: 'entity'.
-	-->
-	<entry key="formatEntity">entity</entry>
-
-	<!--Only HTTP-POST binding is only supported for inter PEPS-->
-	<!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
-	<entry key="protocolBinding">HTTP-POST</entry>	
-	
-	<!--URI representing the classification of the identifier
-		Allow values: 'entity'.
-		<entry key="eIDSectorShare">true</entry>
-		<entry key="eIDCrossSectorShare">true</entry>
-		<entry key="eIDCrossBorderShare">true</entry>
-	-->
-	
-	
-	<!-- A friendly name for the attribute that can be displayed to a user -->
-	<entry key="friendlyName">false</entry>
-	
-	<!-- A friendly name for the attribute that can be displayed to a user -->
-	<entry key="isRequired">true</entry>
-	
-        <!--PEPS in the Service Provider's country-->
-        <entry key="requester">https://testvidp.buergerkarte.at/moa-id-auth/stork2/SendPEPSAuthnRequest</entry>
-
-        <!--PEPS in the citizen's origin country-->
-        <entry key="responder">https://testvidp.buergerkarte.at/moa-id-auth/stork2/SendPEPSAuthnRequest</entry>
-
-	<!--Subject cannot be confirmed on or after this seconds time (positive number)-->
-	<entry key="timeNotOnOrAfter">600</entry>
-	
-	<!--Validation IP of the response-->
-	<entry key="ipAddrValidation">false</entry>
-
-        <!--One time use-->
-        <entry key="oneTimeUse">true</entry>	
-	
-	<!--Subject Attribute Definitions-->
-	<entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
-	<entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
-	<entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
-	<entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
-	<entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
-	<entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
-	<entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
-	<entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
-	<entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
-	<entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
-	<entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
-	<entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
-	<entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
-	<entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
-	<entry key="age">http://www.stork.gov.eu/1.0/age</entry>
-	<entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
-
-	<entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
-	<entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
-
-	<entry key="title">http://www.stork.gov.eu/1.0/title</entry>
-	<entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
-
-	<entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
-	<entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
-	
-	<entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
-	<entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
-        <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
-
-
-        <entry key="diplomaSupplement">http://www.stork.gov.eu/1.0/diplomaSupplement</entry>
-        <entry key="currentStudiesSupplement">http://www.stork.gov.eu/1.0/currentStudiesSupplement</entry>
-        <entry key="isStudent">http://www.stork.gov.eu/1.0/isStudent</entry>
-        <entry key="isAcademicStaff">http://www.stork.gov.eu/1.0/isAcademicStaff</entry>
-        <entry key="isTeacherOf">http://www.stork.gov.eu/1.0/isTeacherOf</entry>
-        <entry key="isCourseCoordinator">http://www.stork.gov.eu/1.0/isCourseCoordinator</entry>
-        <entry key="isAdminStaff">http://www.stork.gov.eu/1.0/isAdminStaff</entry>
-        <entry key="habilitation">http://www.stork.gov.eu/1.0/habilitation</entry>
-        <entry key="Title">http://www.stork.gov.eu/1.0/Title</entry>
-        <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
-        <entry key="hasAccountInBank">http://www.stork.gov.eu/1.0/hasAccountInBank</entry>
-        <entry key="isHealthCareProfessional">http://www.stork.gov.eu/1.0/isHealthCareProfessional</entry>
-
-        <entry key="eLPIdentifier">http://www.stork.gov.eu/1.0/eLPIdentifier</entry>
-        <entry key="legalName">http://www.stork.gov.eu/1.0/legalName</entry>
-        <entry key="alternativeName">http://www.stork.gov.eu/1.0/alternativeName</entry>
-        <entry key="type">http://www.stork.gov.eu/1.0/type</entry>
-        <entry key="translatableType">http://www.stork.gov.eu/1.0/translatableType</entry>
-        <entry key="status">http://www.stork.gov.eu/1.0/status</entry>
-        <entry key="activity">http://www.stork.gov.eu/1.0/activity</entry>
-        <entry key="registeredAddress">http://www.stork.gov.eu/1.0/registeredAddress</entry>
-        <entry key="registeredCanonicalAddress">http://www.stork.gov.eu/1.0/registeredCanonicalAddress</entry>
-        <entry key="contactInformation">http://www.stork.gov.eu/1.0/contactInformation</entry>
-        <entry key="LPFiscalNumber">http://www.stork.gov.eu/1.0/LPFiscalNumber</entry>
-        <entry key="mandate">http://www.stork.gov.eu/1.0/mandate</entry>
-	<entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry>
-
-        <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
-        <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
-        <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
-
-</properties>
diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming.xml
deleted file mode 100644
index 83e69ac23..000000000
--- a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming.xml
+++ /dev/null
@@ -1,94 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
-
-<properties>
-	<comment>SAML constants for AuthnRequests and Responses.</comment>
-
-	<!--
-		Types of consent obtained from the user for this authentication and
-		data transfer.
-		Allow values: 'unspecified'.
-	-->
-	<entry key="consentAuthnRequest">unspecified</entry>
-	
-	<!--
-	Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
-	-->
-	<entry key="consentAuthnResponse">obtained</entry>
-
-	<!--URI representing the classification of the identifier
-		Allow values: 'entity'.
-	-->
-	<entry key="formatEntity">entity</entry>
-
-	<!--Only HTTP-POST binding is only supported for inter PEPS-->
-	<!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
-	<entry key="protocolBinding">HTTP-POST</entry>
-	
-	
-	
-	
-	<!--URI representing the classification of the identifier
-		Allow values: 'entity'.
-		<entry key="eIDSectorShare">true</entry>
-		<entry key="eIDCrossSectorShare">true</entry>
-		<entry key="eIDCrossBorderShare">true</entry>
-	-->
-	
-	
-	
-	<!-- A friendly name for the attribute that can be displayed to a user -->
-	<entry key="friendlyName">false</entry>
-	
-	<!-- A friendly name for the attribute that can be displayed to a user -->
-	<entry key="isRequired">true</entry>
-	
-	<!--PEPS in the Service Provider's country-->
-	<entry key="requester">http://S-PEPS.gov.xx</entry>
-
-	<!--PEPS in the citizen's origin country-->
-	<entry key="responder">http://C-PEPS.gov.xx</entry>
-
-	<!--Subject cannot be confirmed on or after this seconds time (positive number)-->
-	<entry key="timeNotOnOrAfter">300</entry>
-	
-	<!--Validation IP of the response-->
-	<entry key="ipAddrValidation">false</entry>
-	
-	
-	<!--Subject Attribute Definitions-->
-	<entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
-	<entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
-	<entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
-	<entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
-	<entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
-	<entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
-	<entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
-	<entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
-	<entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
-	<entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
-	<entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
-	<entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
-	<entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
-	<entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
-	<entry key="age">http://www.stork.gov.eu/1.0/age</entry>
-	<entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
-  <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
-
-	<entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
-	<entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
-
-	<entry key="title">http://www.stork.gov.eu/1.0/title</entry>
-	<entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
-
-	<entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
-	<entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
-	
-	<entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
-	<entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
-	<entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
-	<entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
-	<entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
-	<entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
-	
-</properties>
diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml
deleted file mode 100644
index 83e69ac23..000000000
--- a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml
+++ /dev/null
@@ -1,94 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
-
-<properties>
-	<comment>SAML constants for AuthnRequests and Responses.</comment>
-
-	<!--
-		Types of consent obtained from the user for this authentication and
-		data transfer.
-		Allow values: 'unspecified'.
-	-->
-	<entry key="consentAuthnRequest">unspecified</entry>
-	
-	<!--
-	Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
-	-->
-	<entry key="consentAuthnResponse">obtained</entry>
-
-	<!--URI representing the classification of the identifier
-		Allow values: 'entity'.
-	-->
-	<entry key="formatEntity">entity</entry>
-
-	<!--Only HTTP-POST binding is only supported for inter PEPS-->
-	<!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
-	<entry key="protocolBinding">HTTP-POST</entry>
-	
-	
-	
-	
-	<!--URI representing the classification of the identifier
-		Allow values: 'entity'.
-		<entry key="eIDSectorShare">true</entry>
-		<entry key="eIDCrossSectorShare">true</entry>
-		<entry key="eIDCrossBorderShare">true</entry>
-	-->
-	
-	
-	
-	<!-- A friendly name for the attribute that can be displayed to a user -->
-	<entry key="friendlyName">false</entry>
-	
-	<!-- A friendly name for the attribute that can be displayed to a user -->
-	<entry key="isRequired">true</entry>
-	
-	<!--PEPS in the Service Provider's country-->
-	<entry key="requester">http://S-PEPS.gov.xx</entry>
-
-	<!--PEPS in the citizen's origin country-->
-	<entry key="responder">http://C-PEPS.gov.xx</entry>
-
-	<!--Subject cannot be confirmed on or after this seconds time (positive number)-->
-	<entry key="timeNotOnOrAfter">300</entry>
-	
-	<!--Validation IP of the response-->
-	<entry key="ipAddrValidation">false</entry>
-	
-	
-	<!--Subject Attribute Definitions-->
-	<entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
-	<entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
-	<entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
-	<entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
-	<entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
-	<entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
-	<entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
-	<entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
-	<entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
-	<entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
-	<entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
-	<entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
-	<entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
-	<entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
-	<entry key="age">http://www.stork.gov.eu/1.0/age</entry>
-	<entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
-  <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
-
-	<entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
-	<entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
-
-	<entry key="title">http://www.stork.gov.eu/1.0/title</entry>
-	<entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
-
-	<entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
-	<entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
-	
-	<entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
-	<entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
-	<entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
-	<entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
-	<entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
-	<entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
-	
-</properties>
diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_outgoing.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_outgoing.xml
deleted file mode 100644
index b095b9e7e..000000000
--- a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_outgoing.xml
+++ /dev/null
@@ -1,94 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
-
-<properties>
-	<comment>SAML constants for AuthnRequests and Responses.</comment>
-
-	<!--
-		Types of consent obtained from the user for this authentication and
-		data transfer.
-		Allow values: 'unspecified'.
-	-->
-	<entry key="consentAuthnRequest">unspecified</entry>
-	
-	<!--
-	Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
-	-->
-	<entry key="consentAuthnResponse">obtained</entry>
-
-	<!--URI representing the classification of the identifier
-		Allow values: 'entity'.
-	-->
-	<entry key="formatEntity">entity</entry>
-
-	<!--Only HTTP-POST binding is only supported for inter PEPS-->
-	<!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
-	<entry key="protocolBinding">HTTP-POST</entry>
-	
-	
-	
-	
-	<!--URI representing the classification of the identifier
-		Allow values: 'entity'.
-		<entry key="eIDSectorShare">true</entry>
-		<entry key="eIDCrossSectorShare">true</entry>
-		<entry key="eIDCrossBorderShare">true</entry>
-	-->
-	
-	
-	
-	<!-- A friendly name for the attribute that can be displayed to a user -->
-	<entry key="friendlyName">false</entry>
-	
-	<!-- A friendly name for the attribute that can be displayed to a user -->
-	<entry key="isRequired">true</entry>
-	
-	<!--PEPS in the Service Provider's country-->
-	<entry key="requester">http://S-PEPS.gov.xx</entry>
-
-	<!--PEPS in the citizen's origin country-->
-	<entry key="responder">http://C-PEPS.gov.xx</entry>
-
-	<!--Subject cannot be confirmed on or after this seconds time (positive number)-->
-	<entry key="timeNotOnOrAfter">300</entry>
-	
-	<!--Validation IP of the response-->
-	<entry key="ipAddrValidation">false</entry>
-	
-	
-	<!--Subject Attribute Definitions-->
-	<entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
-	<entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
-	<entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
-	<entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
-	<entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
-	<entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
-	<entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
-	<entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
-	<entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
-	<entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
-	<entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
-	<entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
-	<entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
-	<entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
-	<entry key="age">http://www.stork.gov.eu/1.0/age</entry>
-	<entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
-  <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
-
-	<entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
-	<entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
-
-	<entry key="title">http://www.stork.gov.eu/1.0/title</entry>
-	<entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
-
-	<entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
-	<entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
-	
-	<entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
-	<entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
-	<entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
-	<entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
-	<entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
-	<entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
-	
-</properties>
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-id/stork/storkDemoKeysPT.jks b/id/server/doc/conf/moa-id/stork/storkDemoKeysPT.jks
deleted file mode 100644
index f9baad202..000000000
Binary files a/id/server/doc/conf/moa-id/stork/storkDemoKeysPT.jks and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/stork/storkDemoKeys_minividp_old.jks b/id/server/doc/conf/moa-id/stork/storkDemoKeys_minividp_old.jks
deleted file mode 100644
index efaeac86c..000000000
Binary files a/id/server/doc/conf/moa-id/stork/storkDemoKeys_minividp_old.jks and /dev/null differ
diff --git a/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE.xml b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE.xml
deleted file mode 100644
index 1165d8b32..000000000
--- a/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE.xml
+++ /dev/null
@@ -1,161 +0,0 @@
-<sl10:TransformsInfo>
-	<dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-		<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
-			<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
-				<xsl:output method="xml" xml:space="default"/>
-				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
-					<html>
-						<head>
-							<title>Signatur der Anmeldedaten</title>
-							<style type="text/css" media="screen">
-              					.normalstyle { font-size: medium; } 
-              					.italicstyle { font-size: medium; font-style: italic; }
-								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
-								.h4style{ font-size: large; }                                                                                      
-              				</style>
-						</head>
-						<body>
-							<h4 class="h4style">Anmeldedaten:</h4>
-							<p class="titlestyle">Daten zur Person</p>
-							<table class="parameters">
-								<xsl:if test="normalize-space(//@Issuer)">
-									<tr>
-										<td class="italicstyle">Name:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//@Issuer"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
-									<tr>
-										<td class="italicstyle">Geburtsdatum:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
-											<xsl:text>.</xsl:text>
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
-											<xsl:text>.</xsl:text>
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
-									<tr>
-										<td class="italicstyle">Rolle:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
-									<tr>
-										<td class="italicstyle">Vollmacht:</td>
-										<td class="normalstyle">
-											<xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text>
-										</td>
-									</tr>
-								</xsl:if>
-							</table>
-							<p class="titlestyle">Daten zur Anwendung</p>
-							<table class="parameters">
-								<tr>
-									<td class="italicstyle">Name:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
-									</td>
-								</tr>
-								<tr>
-									<td class="italicstyle">Staat:</td>
-									<td class="normalstyle">Österreich</td>
-								</tr>
-							</table>
-							<p class="titlestyle">Technische Parameter</p>
-							<table class="parameters">
-								<tr>
-									<td class="italicstyle">URL:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
-									</td>
-								</tr>
-								<xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
-									<tr>
-										<td class="italicstyle">Bereich:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
-									<tr>
-										<td class="italicstyle">
-											Vollmachten-Referenz:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
-									<tr>
-										<td class="italicstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
-									<tr>
-										<td class="italicstyle">Identifikator:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
-											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
-									<tr>
-										<td class="italicstyle">OID:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='HPI']">
-									<tr>
-										<td class="italicstyle">HPI:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<tr>
-									<td class="italicstyle">Datum:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="substring(//@IssueInstant,9,2)"/>
-										<xsl:text>.</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,6,2)"/>
-										<xsl:text>.</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,1,4)"/>
-									</td>
-								</tr>
-								<tr>
-									<td class="italicstyle">Uhrzeit:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="substring(//@IssueInstant,12,2)"/>
-										<xsl:text>:</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,15,2)"/>
-										<xsl:text>:</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
-									</td>
-								</tr>
-							</table>
-						</body>
-					</html>
-				</xsl:template>
-			</xsl:stylesheet>
-		</dsig:Transform>
-		<dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
-	</dsig:Transforms>
-	<sl10:FinalDataMetaInfo>
-		<sl10:MimeType>application/xhtml+xml</sl10:MimeType>
-	</sl10:FinalDataMetaInfo>
-</sl10:TransformsInfo>
diff --git a/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml
deleted file mode 100644
index e225ca6e0..000000000
--- a/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<sl10:TransformsInfo><dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml"><xsl:output method="xml" xml:space="default"/><xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"><html><head><title>Signatur der Anmeldedaten</title><style type="text/css" media="screen">
-              					.normalstyle { font-size: medium; } 
-              					.italicstyle { font-size: medium; font-style: italic; }
-								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
-								.h4style{ font-size: large; }                                                                                      
-              </style></head><body><h4 class="h4style">Anmeldedaten:</h4><xsl:if test="string(//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue)"><p class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue"/></p></xsl:if><p class="titlestyle">Daten zur Person</p><table class="parameters"><xsl:if test="normalize-space(//@Issuer)"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//@Issuer"/></td></tr></xsl:if><xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)"><tr><td class="italicstyle">Geburtsdatum:</td><td class="normalstyle"><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">Rolle:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">Vollmacht:</td><td class="normalstyle"><xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text></td></tr></xsl:if></table><p class="titlestyle">Daten zur Anwendung</p><table class="parameters"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/></td></tr><tr><td class="italicstyle">Staat:</td><td class="normalstyle">Österreich</td></tr></table><p class="titlestyle">Technische Parameter</p><table class="parameters"><tr><td class="italicstyle">URL:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr><xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']"><tr><td class="italicstyle">Bereich:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">
-											Vollmachten-Referenz:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"><tr><td class="italicstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']"><tr><td class="italicstyle">Identifikator:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">OID:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='HPI']"><tr><td class="italicstyle">HPI:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='UniqueTokken']"><tr><td class="italicstyle">SessionTokken:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='UniqueTokken']/saml:AttributeValue"/></td></tr></xsl:if><tr><td class="italicstyle">Datum:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,1,4)"/></td></tr><tr><td class="italicstyle">Uhrzeit:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,12,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,15,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,18,2)"/></td></tr></table></body></html></xsl:template></xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><sl10:FinalDataMetaInfo><sl10:MimeType>application/xhtml+xml</sl10:MimeType></sl10:FinalDataMetaInfo></sl10:TransformsInfo>
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_EN.xml b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_EN.xml
deleted file mode 100644
index e220b8f82..000000000
--- a/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_EN.xml
+++ /dev/null
@@ -1,161 +0,0 @@
-<sl10:TransformsInfo>
-	<dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-		<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
-			<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
-				<xsl:output method="xml" xml:space="default"/>
-				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
-					<html>
-						<head>
-							<title>Signing the authentication data</title>
-							<style type="text/css" media="screen">
-              					.normalstyle { font-size: medium; } 
-              					.italicstyle { font-size: medium; font-style: italic; }
-								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
-								.h4style{ font-size: large; }                                                                                      
-              				</style>
-						</head>
-						<body>
-							<h4 class="h4style">Authentication Data:</h4>
-							<p class="titlestyle">Personal Data</p>
-							<table class="parameters">
-								<xsl:if test="normalize-space(//@Issuer)">
-									<tr>
-										<td class="italicstyle">Name:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//@Issuer"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
-									<tr>
-										<td class="italicstyle">Date of Birth:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
-											<xsl:text>.</xsl:text>
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
-											<xsl:text>.</xsl:text>
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
-									<tr>
-										<td class="italicstyle">Role:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
-									<tr>
-										<td class="italicstyle">Mandate:</td>
-										<td class="normalstyle">
-											<xsl:text>I log in as representative. In the next step a list of available mandates is shown. Here I select one mandate.</xsl:text>
-										</td>
-									</tr>
-								</xsl:if>
-							</table>
-							<p class="titlestyle">Application Data</p>
-							<table class="parameters">
-								<tr>
-									<td class="italicstyle">Name:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
-									</td>
-								</tr>
-								<tr>
-									<td class="italicstyle">Country:</td>
-									<td class="normalstyle">Austria</td>
-								</tr>
-							</table>
-							<p class="titlestyle">Technical Parameters</p>
-							<table class="parameters">
-								<tr>
-									<td class="italicstyle">URL:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
-									</td>
-								</tr>
-								<xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
-									<tr>
-										<td class="italicstyle">Sector:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
-									<tr>
-										<td class="italicstyle">
-											Mandate Reference:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
-									<tr>
-										<td class="italicstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
-									<tr>
-										<td class="italicstyle">Identifier:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
-											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
-									<tr>
-										<td class="italicstyle">OID:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='HPI']">
-									<tr>
-										<td class="italicstyle">HPI:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<tr>
-									<td class="italicstyle">Date:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="substring(//@IssueInstant,9,2)"/>
-										<xsl:text>.</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,6,2)"/>
-										<xsl:text>.</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,1,4)"/>
-									</td>
-								</tr>
-								<tr>
-									<td class="italicstyle">Time:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="substring(//@IssueInstant,12,2)"/>
-										<xsl:text>:</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,15,2)"/>
-										<xsl:text>:</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
-									</td>
-								</tr>
-							</table>
-						</body>
-					</html>
-				</xsl:template>
-			</xsl:stylesheet>
-		</dsig:Transform>
-		<dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
-	</dsig:Transforms>
-	<sl10:FinalDataMetaInfo>
-		<sl10:MimeType>application/xhtml+xml</sl10:MimeType>
-	</sl10:FinalDataMetaInfo>
-</sl10:TransformsInfo>
diff --git a/id/server/doc/conf/moa-spss/SampleMOASPSSConfiguration.xml b/id/server/doc/conf/moa-spss/SampleMOASPSSConfiguration.xml
deleted file mode 100644
index 14acd54f2..000000000
--- a/id/server/doc/conf/moa-spss/SampleMOASPSSConfiguration.xml
+++ /dev/null
@@ -1,83 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--MOA SPSS 1.3 Configuration File created by MOA SPSS Configuration Mapper-->
-<cfg:MOAConfiguration xmlns:cfg="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-	<cfg:SignatureVerification>
-		<cfg:CertificateValidation>
-			<cfg:PathConstruction>
-				<cfg:AutoAddCertificates>true</cfg:AutoAddCertificates>
-				<cfg:UseAuthorityInformationAccess>true</cfg:UseAuthorityInformationAccess>
-				<cfg:CertificateStore>
-					<cfg:DirectoryStore>
-						<cfg:Location>certstore</cfg:Location>
-					</cfg:DirectoryStore>
-				</cfg:CertificateStore>
-			</cfg:PathConstruction>
-			<cfg:PathValidation>
-				<cfg:ChainingMode>
-					<cfg:DefaultMode>pkix</cfg:DefaultMode>
-					<cfg:TrustAnchor>
-						<cfg:Identification>
-							<dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
-							<dsig:X509SerialNumber>536</dsig:X509SerialNumber>
-						</cfg:Identification>
-						<cfg:Mode>chaining</cfg:Mode>
-					</cfg:TrustAnchor>
-				</cfg:ChainingMode>
-				<cfg:TrustProfile>
-					<cfg:Id>MOAIDBuergerkartePersonenbindung</cfg:Id>
-					<cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten</cfg:TrustAnchorsLocation>
-				</cfg:TrustProfile>
-				<cfg:TrustProfile>
-					<cfg:Id>MOAIDBuergerkarteAuthentisierungsDaten</cfg:Id>
-					<cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten</cfg:TrustAnchorsLocation>
-				</cfg:TrustProfile>
-				<cfg:TrustProfile>
-					<cfg:Id>MOAIDBuergerkartePersonenbindungMitTestkarten</cfg:Id>
-					<cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten</cfg:TrustAnchorsLocation>
-				</cfg:TrustProfile>
-				<cfg:TrustProfile>
-					<cfg:Id>MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten</cfg:Id>
-					<cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten</cfg:TrustAnchorsLocation>
-				</cfg:TrustProfile>
-				<cfg:TrustProfile>
-					<cfg:Id>C-PEPS-Test</cfg:Id>
-					<cfg:TrustAnchorsLocation>trustProfiles/C-PEPS-Test</cfg:TrustAnchorsLocation>
-				</cfg:TrustProfile>
-				<cfg:TrustProfile>
-					<cfg:Id>C-PEPS</cfg:Id>
-					<cfg:TrustAnchorsLocation>trustProfiles/C-PEPS</cfg:TrustAnchorsLocation>
-				</cfg:TrustProfile>
-			</cfg:PathValidation>
-			<cfg:RevocationChecking>
-				<cfg:EnableChecking>true</cfg:EnableChecking>
-				<cfg:MaxRevocationAge>0</cfg:MaxRevocationAge>
-				<cfg:ServiceOrder>
-					<cfg:Service>CRL</cfg:Service>
-					<cfg:Service>OCSP</cfg:Service>
-				</cfg:ServiceOrder>
-				<cfg:Archiving>
-					<cfg:EnableArchiving>false</cfg:EnableArchiving>
-					<cfg:ArchiveDuration>365</cfg:ArchiveDuration>
-					<cfg:Archive>
-						<cfg:DatabaseArchive>
-							<cfg:JDBCURL>jdbc:url</cfg:JDBCURL>
-							<cfg:JDBCDriverClassName>fully.qualified.classname</cfg:JDBCDriverClassName>
-						</cfg:DatabaseArchive>
-					</cfg:Archive>
-				</cfg:Archiving>
-			</cfg:RevocationChecking>
-		</cfg:CertificateValidation>
-				<cfg:VerifyTransformsInfoProfile>
-			<cfg:Id>MOAIDTransformAuthBlockTable_DE_2.0</cfg:Id>
-			<cfg:Location>profiles/MOAIDTransformAuthBlockTable_DE_2.0.xml</cfg:Location>
-		</cfg:VerifyTransformsInfoProfile>
-		<cfg:VerifyTransformsInfoProfile>
-			<cfg:Id>MOAIDTransformAuthBlockTable_DE</cfg:Id>
-			<cfg:Location>profiles/MOAIDTransformAuthBlockTable_DE.xml</cfg:Location>
-		</cfg:VerifyTransformsInfoProfile>
-		<cfg:VerifyTransformsInfoProfile>
-			<cfg:Id>MOAIDTransformAuthBlockTable_EN</cfg:Id>
-			<cfg:Location>profiles/MOAIDTransformAuthBlockTable_EN.xml</cfg:Location>
-		</cfg:VerifyTransformsInfoProfile>
-	</cfg:SignatureVerification>
-</cfg:MOAConfiguration>
diff --git a/id/server/doc/conf/moa-spss/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201 b/id/server/doc/conf/moa-spss/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201
deleted file mode 100644
index 592c96230..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9 b/id/server/doc/conf/moa-spss/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9
deleted file mode 100644
index cac44093a..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330 b/id/server/doc/conf/moa-spss/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330
deleted file mode 100644
index 32893db7f..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 b/id/server/doc/conf/moa-spss/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2
deleted file mode 100644
index 33e776369..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03 b/id/server/doc/conf/moa-spss/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03
deleted file mode 100644
index 376d0753f..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317 b/id/server/doc/conf/moa-spss/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317
deleted file mode 100644
index 73553b996..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27 b/id/server/doc/conf/moa-spss/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27
deleted file mode 100644
index 5171276f4..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E b/id/server/doc/conf/moa-spss/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E
deleted file mode 100644
index 3be7b6a06..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C b/id/server/doc/conf/moa-spss/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C
deleted file mode 100644
index 277b6083a..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A b/id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A
deleted file mode 100644
index ad13d7b28..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B b/id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B
deleted file mode 100644
index d361d919f..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 b/id/server/doc/conf/moa-spss/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22
deleted file mode 100644
index a699436ca..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6 b/id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6
deleted file mode 100644
index 36a442b89..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E b/id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E
deleted file mode 100644
index 54f809962..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A b/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A
deleted file mode 100644
index 3c7775b6e..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A b/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A
deleted file mode 100644
index b6f39e354..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515 b/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515
deleted file mode 100644
index f9fef65fc..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92 b/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92
deleted file mode 100644
index f9f27442b..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374 b/id/server/doc/conf/moa-spss/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374
deleted file mode 100644
index 61a7ccb15..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914 b/id/server/doc/conf/moa-spss/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914
deleted file mode 100644
index 911640d0e..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA b/id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA
deleted file mode 100644
index ab9e0cd7d..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8 b/id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8
deleted file mode 100644
index 01965769d..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29 b/id/server/doc/conf/moa-spss/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29
deleted file mode 100644
index afe6fdf09..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6 b/id/server/doc/conf/moa-spss/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6
deleted file mode 100644
index ebfbce9a0..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
deleted file mode 100644
index eb051dc4d..000000000
--- a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
-VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
-IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
-bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
-GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
-LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
-AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
-cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
-ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
-SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
-YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
-fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
-lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
-x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
-rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
-X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
-lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
-6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
-kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
-qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
-TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
-46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
-KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
-C016YgTrrQ==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
deleted file mode 100644
index be29fb6ac..000000000
--- a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
-YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
-Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
-dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
-a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
-VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
-q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
-ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
-ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
-833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
-5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
-CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
-CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
-MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
-kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
-BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
-pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
-9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
-2dMmiMQ7gGhWX9X6gWLd
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
deleted file mode 100644
index e1100c7fc..000000000
--- a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
-YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
-Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
-dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
-a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
-VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
-JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
-hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
-L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
-+XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
-U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
-o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
-CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
-jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
-+7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
-BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
-drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
-rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
-VxCuPLXx/4sCfANQtvuY
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
deleted file mode 100644
index b9a0e5a61..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
deleted file mode 100644
index e90f5f2a6..000000000
--- a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
-MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
-FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
-MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
-BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
-jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
-2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
-tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
-8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
-1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
-AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
-A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
-sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
-C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
-/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
-PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
-NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
-xw==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
deleted file mode 100644
index 2284687bb..000000000
--- a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
-dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
-OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
-dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
-ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
-EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
-lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
-znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
-2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
-k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
-2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
-VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
-AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
-hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
-cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
-FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
-tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
-FJ6N46sU7LjJLqSKYEB8usoIiw==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
deleted file mode 100644
index 33e776369..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
deleted file mode 100644
index 04627da98..000000000
--- a/id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEdzCCA1+gAwIBAgIDFLT9MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
-dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwNDIw
-NVoXDTI0MDcyMzA4NDIwNVowgYcxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
-dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
-ZXJrZWhyIEdtYkgxFjAUBgNVBAsMDWEtc2lnbi1TU0wtMDMxFjAUBgNVBAMMDWEt
-c2lnbi1TU0wtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjPM6
-PqgdPBPV4Efudpytt2Y4GZJfjeRdZo5SCuULDvvL+23xxBWnR3scFvfE1ekHN/YK
-k+2/qhU2B2ntoSNJSyDchNM8YPc9Lx67zZyhQTZgbBzh3IZAVb/hwuRRRV68JCBj
-r3r6v7IbwjH5XcVISdB4szx0z93aAQyKW9QkV+tD5a1vWFETvdHsZeVmDzfqcdsG
-AznPJw+9HrImCsswCWYUgPcFRkPNjj2r2NoyckVN781aWmNTAqJPf/Ckj9l9pUIt
-Vjhy8XNJW4iVDBkkykBXcGSkIau0ypJrRjsD1jKqUTIRZ/y2HlyltmwWi8OuyBLd
-LaHDbjc0b6JmqoivAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
-CgQIQD6h02K0A90wEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEG
-MIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQv
-b3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJl
-dm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1
-dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAbHQvTl94ommGFln3s6wmd/tr6r5R
-3FR3A7O/uiGEAqm/7B84KGkTmKHhChGMiCiMcBSGtMx1IaO+t7gimLtRL57wgeIf
-k6nsgcbBioh0nO12XDagdtj75Dr7buEFyQvFdfydi5cAwScLW+YYxtwDni9/debd
-ypFKeCRxdCX12n0oFQDPJf8YvE4CaDitBJCQrZdJBDpB6muF8mpNq8CIuyTPIBZX
-RPKJNfIraKq/Xi7tuLkvWVGVsSqJeTvP++05Tvv/44+XBpCp3sUrjsb0G0Mj90PG
-SnAapsrgzDzLO/LQ8vrB9H2oRM4iYfUxu/dKSOBVXa3WQzsLBL0/9zZ30g==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer
deleted file mode 100644
index a699436ca..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt b/id/server/doc/conf/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt
deleted file mode 100644
index ebfbce9a0..000000000
Binary files a/id/server/doc/conf/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE.xml b/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE.xml
deleted file mode 100644
index afeccd25f..000000000
--- a/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE.xml
+++ /dev/null
@@ -1,159 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">
-	<dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-		<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
-			<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
-				<xsl:output method="xml" xml:space="default"/>
-				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
-					<html>
-						<head>
-							<title>Signatur der Anmeldedaten</title>
-							<style type="text/css" media="screen">
-              					.normalstyle { font-size: medium; } 
-              					.italicstyle { font-size: medium; font-style: italic; }
-								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
-								.h4style{ font-size: large; }                                                                                      
-              				</style>
-						</head>
-						<body>
-							<h4 class="h4style">Anmeldedaten:</h4>
-							<p class="titlestyle">Daten zur Person</p>
-							<table class="parameters">
-								<xsl:if test="normalize-space(//@Issuer)">
-									<tr>
-										<td class="italicstyle">Name:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//@Issuer"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
-									<tr>
-										<td class="italicstyle">Geburtsdatum:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
-											<xsl:text>.</xsl:text>
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
-											<xsl:text>.</xsl:text>
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
-									<tr>
-										<td class="italicstyle">Rolle:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
-									<tr>
-										<td class="italicstyle">Vollmacht:</td>
-										<td class="normalstyle">
-											<xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text>
-										</td>
-									</tr>
-								</xsl:if>
-							</table>
-							<p class="titlestyle">Daten zur Anwendung</p>
-							<table class="parameters">
-								<tr>
-									<td class="italicstyle">Name:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
-									</td>
-								</tr>
-								<tr>
-									<td class="italicstyle">Staat:</td>
-									<td class="normalstyle">Österreich</td>
-								</tr>
-							</table>
-							<p class="titlestyle">Technische Parameter</p>
-							<table class="parameters">
-								<tr>
-									<td class="italicstyle">URL:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
-									</td>
-								</tr>
-								<xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
-									<tr>
-										<td class="italicstyle">Bereich:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
-									<tr>
-										<td class="italicstyle">
-											Vollmachten-Referenz:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
-									<tr>
-										<td class="italicstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
-									<tr>
-										<td class="italicstyle">Identifikator:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
-											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
-									<tr>
-										<td class="italicstyle">OID:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='HPI']">
-									<tr>
-										<td class="italicstyle">HPI:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<tr>
-									<td class="italicstyle">Datum:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="substring(//@IssueInstant,9,2)"/>
-										<xsl:text>.</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,6,2)"/>
-										<xsl:text>.</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,1,4)"/>
-									</td>
-								</tr>
-								<tr>
-									<td class="italicstyle">Uhrzeit:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="substring(//@IssueInstant,12,2)"/>
-										<xsl:text>:</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,15,2)"/>
-										<xsl:text>:</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
-									</td>
-								</tr>
-							</table>
-						</body>
-					</html>
-				</xsl:template>
-			</xsl:stylesheet>
-		</dsig:Transform>
-		<dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
-	</dsig:Transforms>
-</VerifyTransformsInfoProfile>
diff --git a/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE_2.0.xml b/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE_2.0.xml
deleted file mode 100644
index dc472efcb..000000000
--- a/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE_2.0.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?><VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#"><dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml"><xsl:output method="xml" xml:space="default"/><xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"><html><head><title>Signatur der Anmeldedaten</title><style type="text/css" media="screen">
-              					.normalstyle { font-size: medium; } 
-              					.italicstyle { font-size: medium; font-style: italic; }
-								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
-								.h4style{ font-size: large; }                                                                                      
-              </style></head><body><h4 class="h4style">Anmeldedaten:</h4><xsl:if test="string(//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue)"><p class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue"/></p></xsl:if><p class="titlestyle">Daten zur Person</p><table class="parameters"><xsl:if test="normalize-space(//@Issuer)"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//@Issuer"/></td></tr></xsl:if><xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)"><tr><td class="italicstyle">Geburtsdatum:</td><td class="normalstyle"><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">Rolle:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">Vollmacht:</td><td class="normalstyle"><xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text></td></tr></xsl:if></table><p class="titlestyle">Daten zur Anwendung</p><table class="parameters"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/></td></tr><tr><td class="italicstyle">Staat:</td><td class="normalstyle">Österreich</td></tr></table><p class="titlestyle">Technische Parameter</p><table class="parameters"><tr><td class="italicstyle">URL:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr><xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']"><tr><td class="italicstyle">Bereich:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">
-											Vollmachten-Referenz:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"><tr><td class="italicstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']"><tr><td class="italicstyle">Identifikator:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">OID:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='HPI']"><tr><td class="italicstyle">HPI:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='UniqueTokken']"><tr><td class="italicstyle">SessionTokken:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='UniqueTokken']/saml:AttributeValue"/></td></tr></xsl:if><tr><td class="italicstyle">Datum:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,1,4)"/></td></tr><tr><td class="italicstyle">Uhrzeit:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,12,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,15,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,18,2)"/></td></tr></table></body></html></xsl:template></xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms></VerifyTransformsInfoProfile>
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml b/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml
deleted file mode 100644
index 1665254fd..000000000
--- a/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml
+++ /dev/null
@@ -1,159 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">
-	<dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-		<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
-			<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
-				<xsl:output method="xml" xml:space="default"/>
-				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
-					<html>
-						<head>
-							<title>Signing the authentication data</title>
-							<style type="text/css" media="screen">
-              					.normalstyle { font-size: medium; } 
-              					.italicstyle { font-size: medium; font-style: italic; }
-								.titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } 
-								.h4style{ font-size: large; }                                                                                      
-              				</style>
-						</head>
-						<body>
-							<h4 class="h4style">Authentication Data:</h4>
-							<p class="titlestyle">Personal Data</p>
-							<table class="parameters">
-								<xsl:if test="normalize-space(//@Issuer)">
-									<tr>
-										<td class="italicstyle">Name:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//@Issuer"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
-									<tr>
-										<td class="italicstyle">Date of Birth:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
-											<xsl:text>.</xsl:text>
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
-											<xsl:text>.</xsl:text>
-											<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
-									<tr>
-										<td class="italicstyle">Role:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
-									<tr>
-										<td class="italicstyle">Mandate:</td>
-										<td class="normalstyle">
-											<xsl:text>I log in as representative. In the next step a list of available mandates is shown. Here I select one mandate.</xsl:text>
-										</td>
-									</tr>
-								</xsl:if>
-							</table>
-							<p class="titlestyle">Application Data</p>
-							<table class="parameters">
-								<tr>
-									<td class="italicstyle">Name:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
-									</td>
-								</tr>
-								<tr>
-									<td class="italicstyle">Country:</td>
-									<td class="normalstyle">Austria</td>
-								</tr>
-							</table>
-							<p class="titlestyle">Technical Parameters</p>
-							<table class="parameters">
-								<tr>
-									<td class="italicstyle">URL:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
-									</td>
-								</tr>
-								<xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
-									<tr>
-										<td class="italicstyle">Sector:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
-									<tr>
-										<td class="italicstyle">
-											Mandate Reference:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
-									<tr>
-										<td class="italicstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
-									<tr>
-										<td class="italicstyle">Identifier:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
-											<xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
-									<tr>
-										<td class="italicstyle">OID:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<xsl:if test="//saml:Attribute[@AttributeName='HPI']">
-									<tr>
-										<td class="italicstyle">HPI:</td>
-										<td class="normalstyle">
-											<xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
-										</td>
-									</tr>
-								</xsl:if>
-								<tr>
-									<td class="italicstyle">Date:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="substring(//@IssueInstant,9,2)"/>
-										<xsl:text>.</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,6,2)"/>
-										<xsl:text>.</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,1,4)"/>
-									</td>
-								</tr>
-								<tr>
-									<td class="italicstyle">Time:</td>
-									<td class="normalstyle">
-										<xsl:value-of select="substring(//@IssueInstant,12,2)"/>
-										<xsl:text>:</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,15,2)"/>
-										<xsl:text>:</xsl:text>
-										<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
-									</td>
-								</tr>
-							</table>
-						</body>
-					</html>
-				</xsl:template>
-			</xsl:stylesheet>
-		</dsig:Transform>
-		<dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
-	</dsig:Transforms>
-</VerifyTransformsInfoProfile>
diff --git a/id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1.der b/id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1.der
deleted file mode 100644
index 1851527de..000000000
Binary files a/id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1.der and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1[pwd=kunde1].p12 b/id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1[pwd=kunde1].p12
deleted file mode 100644
index 314cbc862..000000000
Binary files a/id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1[pwd=kunde1].p12 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/customer1/trustedServers[pwd=servers].keystore b/id/server/doc/conf/moa-spss/sslKeys/customer1/trustedServers[pwd=servers].keystore
deleted file mode 100644
index bd9765a4c..000000000
Binary files a/id/server/doc/conf/moa-spss/sslKeys/customer1/trustedServers[pwd=servers].keystore and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2.der b/id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2.der
deleted file mode 100644
index f50aa4d68..000000000
Binary files a/id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2.der and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2[pwd=kunde2].p12 b/id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2[pwd=kunde2].p12
deleted file mode 100644
index e5820fdf2..000000000
Binary files a/id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2[pwd=kunde2].p12 and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/customer2/trustedServers[pwd=servers].keystore b/id/server/doc/conf/moa-spss/sslKeys/customer2/trustedServers[pwd=servers].keystore
deleted file mode 100644
index bd9765a4c..000000000
Binary files a/id/server/doc/conf/moa-spss/sslKeys/customer2/trustedServers[pwd=servers].keystore and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/server/moa-ssl-server.der b/id/server/doc/conf/moa-spss/sslKeys/server/moa-ssl-server.der
deleted file mode 100644
index e0f78a82c..000000000
Binary files a/id/server/doc/conf/moa-spss/sslKeys/server/moa-ssl-server.der and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/tomcat/tomcat[pwd=server].keystore b/id/server/doc/conf/moa-spss/sslKeys/tomcat/tomcat[pwd=server].keystore
deleted file mode 100644
index da42549d4..000000000
Binary files a/id/server/doc/conf/moa-spss/sslKeys/tomcat/tomcat[pwd=server].keystore and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/tomcat/trustedClients[pwd=clients].keystore b/id/server/doc/conf/moa-spss/sslKeys/tomcat/trustedClients[pwd=clients].keystore
deleted file mode 100644
index bdc296cf4..000000000
Binary files a/id/server/doc/conf/moa-spss/sslKeys/tomcat/trustedClients[pwd=clients].keystore and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/ES_C-PEPS_Test.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/ES_C-PEPS_Test.cer
deleted file mode 100644
index af1f5f4a3..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/ES_C-PEPS_Test.cer
+++ /dev/null
@@ -1,16 +0,0 @@
-MIIDWDCCAkCgAwIBAAIETgGmXDANBgkqhkiG9w0BAQUFADBuMSYwJAYJKoZIhvcNAQkBFhdqYWxj
-YWxkZW1vcmFub0BpbmRyYS5lczELMAkGA1UEBhMCRVMxEDAOBgNVBAgMB0VzcGHDsWExDzANBgNV
-BAoTBm1wdC5lczEUMBIGA1UEAxMLODguODQuOTQuMjQwHhcNMTEwNjIyMDgyMjUyWhcNMTQwMzE4
-MDgyMjUyWjBuMSYwJAYJKoZIhvcNAQkBFhdqYWxjYWxkZW1vcmFub0BpbmRyYS5lczELMAkGA1UE
-BhMCRVMxEDAOBgNVBAgMB0VzcGHDsWExDzANBgNVBAoTBm1wdC5lczEUMBIGA1UEAxMLODguODQu
-OTQuMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSNeKJi+dOYTy4s/7aL1AXRBj0
-BlPRgHUYknGMU/Aog09AqKz5WZ95926NpufBHVZ5XVKW42Fxfrpk2fnSaAORrk6affYgdfm8HXcd
-dCD9i4yQkLADKpe3Gi29YeBUNC+j+E+iJaxP2whuXsLCpkYcmfbvx6yQkiPa3VFtw7omfEgGe1LQ
-9+ZvNh36Z895rUP/vgoOKi6AjXed4OgOmtyKx9k7AwnG2w040pt1I6LErlbmxoxtk0/11ecaEjzU
-RhxKdCXTuV9jSH7hsnbM9qehLnZSoZqdTYJgxVGyzqpo3SUta13oTn/8ugpRAneoC86m+AA0xmNn
-XZRY4pPgqLjxAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBABwRU7MLJcbm51fPQHtT+mypYslA4xFy
-zve7SyC2zCowFVZhnIwW19Cd0izGjfKPZZYS28N5EHmIQgxSNgJZi6693HINr0K5NPZd/jWRK46I
-uLK7je/K3oDUHnQXJ9xDkgRSDPZj/Wf0ZN+CDEAadhKopF5aJi8QyoYIsPxzn0p8SSgy5UsuKko6
-ov12x3B9O9mwM9HprO8FqzXbKdTaBgrZWVYOHPlD+cl9xSdrcZH347iwI6xEMtkASpXmxN9xLueE
-jI4eTuH148+Pzyr4iNIvfRQLY9iNJSmjoTJm0oKdGzKN0orSw/Ni53vpInziuR2FjYtQ4Zpf2why
-Ht0CXp0=
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/IT_C-PEPS_Test.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/IT_C-PEPS_Test.cer
deleted file mode 100644
index e754cad52..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/IT_C-PEPS_Test.cer
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDcjCCAlqgAwIBAgIES8cgYjANBgkqhkiG9w0BAQUFADB7MSswKQYJKoZIhvcN
-AQkBFhx3ZWJtYXN0ZXJAc3R1ZGVudGkucG9saXRvLml0MQswCQYDVQQGEwJJVDEO
-MAwGA1UECgwFU1RPUksxDTALBgNVBAsMBFBFUFMxIDAeBgNVBAMMF2l0LXBlcHMt
-c3RvcmsucG9saXRvLml0MB4XDTEwMDQxNTE0MTkxNFoXDTM1MDQwOTE0MTkxNFow
-ezErMCkGCSqGSIb3DQEJARYcd2VibWFzdGVyQHN0dWRlbnRpLnBvbGl0by5pdDEL
-MAkGA1UEBhMCSVQxDjAMBgNVBAoMBVNUT1JLMQ0wCwYDVQQLDARQRVBTMSAwHgYD
-VQQDDBdpdC1wZXBzLXN0b3JrLnBvbGl0by5pdDCCASIwDQYJKoZIhvcNAQEBBQAD
-ggEPADCCAQoCggEBAMtNR5qqszWjwl8TlGpYUPrglCCrEZQSQYnekPcSLhumMxCv
-z0+pksnf/ArfSDisvzVNYSbpuEBr4o/LM3WahBMGJVJZJjXstNjePNETvfBbfEU+
-+v27AabeZRK8KGizfry1q1tPuXRp/g+AfftZ/SBYe5CkdCUylnBItU22aEAHhGNT
-OkFebwWUxgWjy1mIjljnoish2y9UrWadvW+2rdkNT6m1WyG1aHy2K9rXldi82PGE
-WgCNNS+baj/2gVVAMo+iqZn8E/2n9Q0kSbJ60GTXWivWqdQbX3oJnS8t30Iha7Au
-zHmOvFbsi8LVA6Z4UfItgHrLxzO+U+x9ZSvA6TsCAwEAATANBgkqhkiG9w0BAQUF
-AAOCAQEAUPDg0VD4CG46bwYEbJ1H+5oDJibQ264JDq+E4z5YY2HLMf640ujKCz+o
-/33GIDyVrqjq8Zk1l0CSyLEW/49r87g4LunMVilty63aYRnj3+wWPNTbSTwfWXgu
-WcD00QnVoWparUnh75CfKUBm7lzn+q2WZPU18KpbXLw5E9rsRHnmaINqa9c5Fm6W
-VcP0qvrDizkEJ04gW3hadSKUEmHLNt1hnX1pnq7LJblb4AwLrpXNDfVZr8RdwRg7
-M5tBvGeKVRpniGILiND0UXkrKgkuWJkMzBiShg8YULtAaOC2D6lIkXAZnute6xaJ
-QNVdXrjW5oFUTw/YnHcg+bdCRlTCaA==
------END CERTIFICATE-----
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/PT_C-PEPS_Test.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/PT_C-PEPS_Test.cer
deleted file mode 100644
index e05727d0a..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/PT_C-PEPS_Test.cer
+++ /dev/null
@@ -1,32 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFjTCCBHWgAwIBAgIEQm3h+zANBgkqhkiG9w0BAQUFADA+MQswCQYDVQQGEwJw
-dDEVMBMGA1UEChMMTVVMVElDRVJULUNBMRgwFgYDVQQDEw9NVUxUSUNFUlQtQ0Eg
-MDIwHhcNMTEwNzIxMTU0NjMxWhcNMTIwODE3MTU0MTE3WjCBwTELMAkGA1UEBhMC
-UFQxFTATBgNVBAoTDE1VTFRJQ0VSVC1DQTEWMBQGA1UECxMNQ0VSVElQT1IgLSBS
-QTESMBAGA1UECxMJQ29ycG9yYXRlMTMwMQYDVQQLEypBZ2VuY2lhIHBhcmEgYSBN
-b2Rlcm5pemFjYW8gQWRtaW5pc3RyYXRpdmExGDAWBgNVBAsTD1dlYiBBcHBsaWNh
-dGlvbjEgMB4GA1UEAxMXUEVQUyBQb3J0dWd1ZXMgZGUgVGVzdGUwgZ8wDQYJKoZI
-hvcNAQEBBQADgY0AMIGJAoGBALo91gnq+SQj8yPx8ssFEKuPvAfagO8f+EagEs+u
-XJhLx41GpFZesMuolxf86n3TdxJHcLSXI224HqZu3BtXExUiD1LCAvtGCjzOr6Rg
-oySwhIQrgMEsKRRpkQN0jQHIMze11EXqVAJ2+MDX9V4cABuIEd9LOOl0PcQmc7m8
-jcKXAgMBAAGjggKRMIICjTALBgNVHQ8EBAMCA/gwOAYIKwYBBQUHAQEELDAqMCgG
-CCsGAQUFBzABhhxodHRwOi8vb2NzcC5tdWx0aWNlcnQuY29tL2NhMIHgBgNVHSAE
-gdgwgdUwTQYJKwYBBAGwPAoCMEAwPgYIKwYBBQUHAgEWMmh0dHA6Ly93d3cubXVs
-dGljZXJ0LmNvbS9jcHMvbXVsdGljZXJ0LWNhLWNwcy5odG1sMIGDBgsrBgEEAbA8
-CgKIBjB0MHIGCCsGAQUFBwICMGYeZABoAHQAdABwADoALwAvAHcAdwB3AC4AbQB1
-AGwAdABpAGMAZQByAHQALgBjAG8AbQAvAGMAcAAvAG0AdQBsAHQAaQBjAGUAcgB0
-AC0AYwBhAC0AMQAwADMAMAAuAGgAdABtAGwwEQYJYIZIAYb4QgEBBAQDAgSwMIIB
-AQYDVR0fBIH5MIH2MIGaoIGXoIGUhi9odHRwOi8vd3d3Lm11bHRpY2VydC5jb20v
-Y2EvbXVsdGljZXJ0LWNhLTAyLmNybIZhbGRhcDovL2xkYXAubXVsdGljZXJ0LmNv
-bS9jbj1NVUxUSUNFUlQtQ0ElMjAwMixvPU1VTFRJQ0VSVC1DQSxjPVBUP2NlcnRp
-ZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZTBXoFWgU6RRME8xCzAJBgNVBAYTAnB0
-MRUwEwYDVQQKEwxNVUxUSUNFUlQtQ0ExGDAWBgNVBAMTD01VTFRJQ0VSVC1DQSAw
-MjEPMA0GA1UEAxMGQ1JMMjI4MB8GA1UdIwQYMBaAFB3DuYilGL5gpyymY8pmKvwM
-J8G9MB0GA1UdDgQWBBRH/+uES4Jsr1UV5WeSoN3v1vUaPDAJBgNVHRMEAjAAMA0G
-CSqGSIb3DQEBBQUAA4IBAQAOFAxM2U6HyZgWl5h6UB1MUUL4j9VTQQOs6nw4hm22
-QK3SF+DPL6oXS1j+RKDHYNlpAfQ5r5ObcaxhEkaXOUZJ4q/3z1qScMVaZ1fjU0FB
-hRyAUE2qfiHp/0Ql4V2IrQqcBZ+mEQD5DFwNgx/UDr22lO0idjHnmxRed83/Mrm0
-03v+2eAujlsE9NfayP8oo9HkYNh5KvFjveCpUNv4IW18xEJLNDFd3dUEeb9UO+Bv
-eEkrxmo6k/k7usuRUfGrXBaFuxcL71l3lFD4k66CB3m7atcbohmbiAYhfHnLegpR
-EVKVolR6O3ljt3ou+Y79oI4U7bhn0U256R9hoobnX9Un
------END CERTIFICATE-----
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/SI_C-PEPS_Test.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/SI_C-PEPS_Test.cer
deleted file mode 100644
index a131767fb..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/SI_C-PEPS_Test.cer
+++ /dev/null
@@ -1,31 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFbDCCBFSgAwIBAgIEQLK59zANBgkqhkiG9w0BAQUFADA+MQswCQYDVQQGEwJz
-aTEbMBkGA1UEChMSc3RhdGUtaW5zdGl0dXRpb25zMRIwEAYDVQQLEwlzaXRlc3Qt
-Y2EwHhcNMTAwMzMwMTMwOTIzWhcNMTUwMzMwMTMzOTIzWjCBhjELMAkGA1UEBhMC
-c2kxGzAZBgNVBAoTEnN0YXRlLWluc3RpdHV0aW9uczESMBAGA1UECxMJU0lURVNU
-LUNBMRkwFwYDVQQLExBjZXJ0aWZpY2F0ZXMtd2ViMSswEwYDVQQDEwxURVNUIFBF
-UFMgU0kwFAYDVQQFEw0zMDAzMjAxMDAwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEA4h6L9Pv1TK7fz5K6Uur0Rli6EKzZwTtv9xXhSt2xlI4wFWzz
-FiCy5/O/Q5GPRa10YoMc8s7WmMdM5yI/bU0BF2t5SYtEH7MwbGaFZFKJt17OtbpZ
-AaCSoh6fm1yO0HtVVkG9UdH4mswS3wHp/d1C91lQNba2enVc2p9Nd4gYop/zbroE
-toFeDyHxTl0mYN/cUHQFT4H24hzAfWXh2FOBfNSnvNl2HnPJOT6HnrUBsdyzkSzL
-N0Eis2R1G5+mQkzAwW6UOroojvMclEJK3z1oekj2OWj1FhalTNmA5D9dkDymTRn4
-o3BW2S7ovmWPmxYUW9s26bkPhz/CbCQwIF9yPQIDAQABo4ICJzCCAiMwDgYDVR0P
-AQH/BAQDAgWgMCsGA1UdEAQkMCKADzIwMTAwMzMwMTMwOTIzWoEPMjAxNTAzMzAx
-MzM5MjNaMEsGA1UdIAREMEIwNgYLKwYBBAGvWQIBAQIwJzAlBggrBgEFBQcCARYZ
-aHR0cDovL3d3dy5jYS5nb3Yuc2kvY3BzLzAIBgYEAIswAQIwGAYIKwYBBQUHAQME
-DDAKMAgGBgQAjkYBATAeBgNVHREEFzAVgRN0ZXN0LnNpLXBlcHNAZ292LnNpMIH2
-BgNVHR8Ege4wgeswVaBToFGkTzBNMQswCQYDVQQGEwJzaTEbMBkGA1UEChMSc3Rh
-dGUtaW5zdGl0dXRpb25zMRIwEAYDVQQLEwlzaXRlc3QtY2ExDTALBgNVBAMTBENS
-TDMwgZGggY6ggYuGWGxkYXA6Ly94NTAwLmdvdi5zaS9vdT1zaXRlc3QtY2Esbz1z
-dGF0ZS1pbnN0aXR1dGlvbnMsYz1zaT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0
-P2Jhc2WGL2h0dHA6Ly93d3cuc2lnZW4tY2Euc2kvY3JsL3NpdGVzdC9zaXRlc3Qt
-Y2EuY3JsMB8GA1UdIwQYMBaAFFRJB0aHzx2JncqucqeooKBptyHnMB0GA1UdDgQW
-BBQySemeDi10DbeTYj1tkGZ5Zo4mwjAJBgNVHRMEAjAAMBkGCSqGSIb2fQdBAAQM
-MAobBFY3LjEDAgOoMA0GCSqGSIb3DQEBBQUAA4IBAQASQ4l1Vd+MRDLFo2A6qYYW
-LVqTvtPLIk7v7Bswmq2SFAL2XmPoL5xbQFeDW+LiWhQBmrlgWyI7gbi/1/rs1E00
-Z4Skn8l97tuIyuxvCKTFhJDx9pzgUQGowoCYo9IzcMNQpxx6lkepreCDuc+e0fAb
-vTNGEpvQ7DkgrwJdcsUAElQ4OJ0ifELoah1DH8wpU31zr7D3YsizZgpu5TEIGP54
-AOhbFeZEmZlTU6gwNw4iTf6nVQkGaxsJt6gGGsyL8RUuvwpVRR3WmplCtjXryGCe
-4B/agAe3EKUh15IaPvWqdixSjySxjBI1bN8IEFHYPZmuwh7Y1FQuOYQGjuSLsJy9
------END CERTIFICATE-----
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/ES_C-PEPS.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/ES_C-PEPS.cer
deleted file mode 100644
index d79ad8385..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/ES_C-PEPS.cer
+++ /dev/null
@@ -1,43 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIHrDCCBpSgAwIBAgIIZFwvd8biuV0wDQYJKoZIhvcNAQEFBQAwUjERMA8GA1UE
-AxMIQUNDVi1DQTIxDzANBgNVBAsTBlBLSUdWQTEfMB0GA1UEChMWR2VuZXJhbGl0
-YXQgVmFsZW5jaWFuYTELMAkGA1UEBhMCRVMwHhcNMTAwNTI3MTYxNTA2WhcNMTMw
-NTI2MTYyNTA2WjCBgTEaMBgGA1UEAwwRUGxhdGFmb3JtYSBAZmlybWExEjAQBgNV
-BAUTCVMyODExMDAxQzEbMBkGA1UECwwSc2VsbG8gZWxlY3Ryw7NuaWNvMSUwIwYD
-VQQKExxNaW5pc3RlcmlvIGRlIGxhIFByZXNpZGVuY2lhMQswCQYDVQQGEwJFUzCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM3IaIrzYOjbUYmS2nK7/GpD
-R6N3sVbBNxF5s/bCCQ44tL5MIz7I889GCMD8vrCd//5pAezPO8vZLpdh78QUZrCl
-k+E79ENYjVmjP4g0KlqlI0b5AOVc+dcE27/V6D6pCYDkVdn7puFDgzzSqksTNdL5
-uZZMM1L7Dkq0DfCjumYrfulp5i5PrYqrOh7wkXB1G+FGP0plN8at0tm5Q8EPXT7n
-/ogV9glWXG+vLkfIe2SKkdyU/08fecQH3f/jhrc5Bm0+uFvHP9DcS8usWpZojJWW
-iQb96B5bdPXqUsKnZVDj+b7HRkx3UjvvEipMV3Kr5E+E0sg1K4jLgj5+atyoRcEC
-AwEAAaOCBFQwggRQMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgTwMB0GA1Ud
-JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAdBgNVHQ4EFgQUhAkD/z9ux2qjm4l+
-FheI6+F3CfwwHwYDVR0jBBgwFoAUs3jtBaV5QTrC9MBSKP9jQz+/44EwggEyBgNV
-HREEggEpMIIBJYEWc29wb3J0ZS5hZmlybWE1QG1wci5lc6SCAQkwggEFMSEwHwYJ
-YIVUAQMFAgIBDBJzZWxsbyBlbGVjdHLDs25pY28xKzApBglghVQBAwUCAgITHE1p
-bmlzdGVyaW8gZGUgbGEgUHJlc2lkZW5jaWExGDAWBglghVQBAwUCAgMTCVMyODEx
-MDAxQzEPMA0GCWCFVAEDBQICBBMAMUQwQgYJYIVUAQMFAgIFDDVQbGF0YWZvcm1h
-IGRlIHZhbGlkYWNpw7NuIHkgZmlybWEgZWxlY3Ryw7NuaWNhIEBmaXJtYTEPMA0G
-CWCFVAEDBQICBhMAMQ8wDQYJYIVUAQMFAgIHEwAxDzANBglghVQBAwUCAggTADEP
-MA0GCWCFVAEDBQICCRMAMIIB8AYDVR0gBIIB5zCCAeMwggHfBgsrBgEEAb9VAxEC
-ADCCAc4wggGYBggrBgEFBQcCAjCCAYoeggGGAEMAZQByAHQAaQBmAGkAYwBhAGQA
-bwAgAHIAZQBjAG8AbgBvAGMAaQBkAG8AIABwAGEAcgBhACAAcwBlAGwAbABvACAA
-ZABlACAA8wByAGcAYQBuAG8AIABlAG4AIABzAG8AcABvAHIAdABlACAAcwBvAGYA
-dAB3AGEAcgBlACAAZQB4AHAAZQBkAGkAZABvACAAcABvAHIAIABsAGEAIABBAHUA
-dABvAHIAaQB0AGEAdAAgAGQAZQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzACAA
-ZABlACAAbABhACAAQwBvAG0AdQBuAGkAdABhAHQAIABWAGEAbABlAG4AYwBpAGEA
-bgBhACAAKABQAGwALgAgAE0AYQBuAGkAcwBlAHMAIAAxAC4AIABDAEkARgAgAFMA
-NAA2ADEAMQAwADAAMQBBACkALgAgAEMAUABTACAAeQAgAEMAUAAgAGUAbgAgAGgA
-dAB0AHAAOgAvAC8AdwB3AHcALgBhAGMAYwB2AC4AZQBzMDAGCCsGAQUFBwIBFiRo
-dHRwOi8vd3d3LmFjY3YuZXMvbGVnaXNsYWNpb25fYy5odG0wOQYDVR0fBDIwMDAu
-oCygKoYoaHR0cDovL3d3dy5hY2N2LmVzL2dlc3RjZXJ0L2FjY3YtY2EyLmNybDAv
-BggrBgEFBQcBAQQjMCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9vY3NwLmFjY3YuZXMw
-OwYIKwYBBQUHAQMELzAtMBQGCCsGAQUFBwsCMAgGBgQAjkYBATAIBgYEAI5GAQEw
-CwYGBACORgEDAgEPMA0GCSqGSIb3DQEBBQUAA4IBAQCknVr82ZpMROTkrk/OwC7e
-fccNqbmKEwM4peAUG4tLWnYaDh2hav/3Y7auXkd2CW9XID6C/6E8EqG6wGNwplyq
-LyfrkYmbppJN2/LDr+ZHFoul030o/KzbVRrzZ5zAS5vUnOG42TzpP3sgtMV5V2vg
-V3ZygZbm55+2JDH1RBlCZuJzOPSwLk2rfGcMecHduUN8AxuLN52VKs1LMdmuPhe0
-ZvcVabvmmqzBJGRC8VJ0fwJKB/c6b4rl5WZTYUnQ7+SIoI/+RxJCITnO2SrxRh0Z
-rXLaE62aJ6W/Jnu+lfqIVoQSyauSlybpbL1iS/o0IFFbQvnY6RoCAOqsg3ee+4Om
------END CERTIFICATE-----
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/IT_C-PEPS.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/IT_C-PEPS.cer
deleted file mode 100644
index e754cad52..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/IT_C-PEPS.cer
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDcjCCAlqgAwIBAgIES8cgYjANBgkqhkiG9w0BAQUFADB7MSswKQYJKoZIhvcN
-AQkBFhx3ZWJtYXN0ZXJAc3R1ZGVudGkucG9saXRvLml0MQswCQYDVQQGEwJJVDEO
-MAwGA1UECgwFU1RPUksxDTALBgNVBAsMBFBFUFMxIDAeBgNVBAMMF2l0LXBlcHMt
-c3RvcmsucG9saXRvLml0MB4XDTEwMDQxNTE0MTkxNFoXDTM1MDQwOTE0MTkxNFow
-ezErMCkGCSqGSIb3DQEJARYcd2VibWFzdGVyQHN0dWRlbnRpLnBvbGl0by5pdDEL
-MAkGA1UEBhMCSVQxDjAMBgNVBAoMBVNUT1JLMQ0wCwYDVQQLDARQRVBTMSAwHgYD
-VQQDDBdpdC1wZXBzLXN0b3JrLnBvbGl0by5pdDCCASIwDQYJKoZIhvcNAQEBBQAD
-ggEPADCCAQoCggEBAMtNR5qqszWjwl8TlGpYUPrglCCrEZQSQYnekPcSLhumMxCv
-z0+pksnf/ArfSDisvzVNYSbpuEBr4o/LM3WahBMGJVJZJjXstNjePNETvfBbfEU+
-+v27AabeZRK8KGizfry1q1tPuXRp/g+AfftZ/SBYe5CkdCUylnBItU22aEAHhGNT
-OkFebwWUxgWjy1mIjljnoish2y9UrWadvW+2rdkNT6m1WyG1aHy2K9rXldi82PGE
-WgCNNS+baj/2gVVAMo+iqZn8E/2n9Q0kSbJ60GTXWivWqdQbX3oJnS8t30Iha7Au
-zHmOvFbsi8LVA6Z4UfItgHrLxzO+U+x9ZSvA6TsCAwEAATANBgkqhkiG9w0BAQUF
-AAOCAQEAUPDg0VD4CG46bwYEbJ1H+5oDJibQ264JDq+E4z5YY2HLMf640ujKCz+o
-/33GIDyVrqjq8Zk1l0CSyLEW/49r87g4LunMVilty63aYRnj3+wWPNTbSTwfWXgu
-WcD00QnVoWparUnh75CfKUBm7lzn+q2WZPU18KpbXLw5E9rsRHnmaINqa9c5Fm6W
-VcP0qvrDizkEJ04gW3hadSKUEmHLNt1hnX1pnq7LJblb4AwLrpXNDfVZr8RdwRg7
-M5tBvGeKVRpniGILiND0UXkrKgkuWJkMzBiShg8YULtAaOC2D6lIkXAZnute6xaJ
-QNVdXrjW5oFUTw/YnHcg+bdCRlTCaA==
------END CERTIFICATE-----
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/PT_C-PEPS.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/PT_C-PEPS.cer
deleted file mode 100644
index 950aaab0d..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/PT_C-PEPS.cer
+++ /dev/null
@@ -1,33 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFojCCBIqgAwIBAgIEQmx+HTANBgkqhkiG9w0BAQUFADA+MQswCQYDVQQGEwJw
-dDEVMBMGA1UEChMMTVVMVElDRVJULUNBMRgwFgYDVQQDEw9NVUxUSUNFUlQtQ0Eg
-MDIwHhcNMTAwNTE3MTAyMjMyWhcNMTMwNTE3MTAyMzM4WjCB1jELMAkGA1UEBhMC
-UFQxFTATBgNVBAoTDE1VTFRJQ0VSVC1DQTEWMBQGA1UECxMNQ0VSVElQT1IgLSBS
-QTESMBAGA1UECxMJQ29ycG9yYXRlMT4wPAYDVQQLEzVBTUEgLSBBZ2VuY2lhIHBh
-cmEgYSBNb2Rlcm5pemFjYW8gQWRtaW5pc3RyYXRpdmEgSS5QLjEYMBYGA1UECxMP
-V2ViIEFwcGxpY2F0aW9uMSowKAYDVQQDEyFzYW1sLmV1LWlkLmNhcnRhb2RlY2lk
-YWRhby5nb3YucHQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMe2B9O1xCJp
-CmT2/AuypD1q9kbwge1Y0VjY5FOkhYPfki/XuuFpEdUa7KrurbcoDuuAmgjIxCIn
-v8vYAK5axY8hlPg9fp+vtRlmo1it5Y9IGY2mMvtN6OwoBzJOqKJypNexyAgIIR/u
-PqhVZjQAwGkTe1JrcDswKOKGbv21M1+pAgMBAAGjggKRMIICjTALBgNVHQ8EBAMC
-A/gwOAYIKwYBBQUHAQEELDAqMCgGCCsGAQUFBzABgRxodHRwOi8vb2NzcC5tdWx0
-aWNlcnQuY29tL2NhMIHgBgNVHSAEgdgwgdUwTQYJKwYBBAGwPAoCMEAwPgYIKwYB
-BQUHAgEWMmh0dHA6Ly93d3cubXVsdGljZXJ0LmNvbS9jcHMvbXVsdGljZXJ0LWNh
-LWNwcy5odG1sMIGDBgsrBgEEAbA8CgKIBjB0MHIGCCsGAQUFBwICMGYeZABoAHQA
-dABwADoALwAvAHcAdwB3AC4AbQB1AGwAdABpAGMAZQByAHQALgBjAG8AbQAvAGMA
-cAAvAG0AdQBsAHQAaQBjAGUAcgB0AC0AYwBhAC0AMQAwADMAMAAuAGgAdABtAGww
-EQYJYIZIAYb4QgEBBAQDAgSwMIIBAQYDVR0fBIH5MIH2MIGaoIGXoIGUhi9odHRw
-Oi8vd3d3Lm11bHRpY2VydC5jb20vY2EvbXVsdGljZXJ0LWNhLTAyLmNybIZhbGRh
-cDovL2xkYXAubXVsdGljZXJ0LmNvbS9jbj1NVUxUSUNFUlQtQ0ElMjAwMixvPU1V
-TFRJQ0VSVC1DQSxjPVBUP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZTBX
-oFWgU6RRME8xCzAJBgNVBAYTAnB0MRUwEwYDVQQKEwxNVUxUSUNFUlQtQ0ExGDAW
-BgNVBAMTD01VTFRJQ0VSVC1DQSAwMjEPMA0GA1UEAxMGQ1JMMTczMB8GA1UdIwQY
-MBaAFB3DuYilGL5gpyymY8pmKvwMJ8G9MB0GA1UdDgQWBBT+DvK0cR8Qa3uUWWYV
-rUfVGZeUTDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQBiXYB/Nst7hDnV
-RS9D6VjifN1F+JaxtwSLZBoxkij2mi/1kXRugKjkpo6e8Kwb24Wv7G+/ZAFjm3zN
-WK9v0ziR192l+4lWke8wRVwHW4Ecsp3nOwOxCiCYkX4uVPDZQT5+cPeNYJbOwYyd
-4jbHTPrPT7T2CmtgdqOIu2Dc+1aHyg9ZnhCGgwEwDbvq+grUr9RcHqmWqfdR3Eou
-TvLugaM54N4Bur8rolFatHzETbKjvXfWzpHoTTFEekyHgQXWdnmVny8JajBFUmE5
-TkONB+V+Jj/R2YPfF++9tRKwc4ifNeduWzSD6ohx+OFimdx2gKHIdkkAMfK09z1M
-vz83eaDr
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/SI_C-PEPS.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/SI_C-PEPS.cer
deleted file mode 100644
index 2051a22c2..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/SI_C-PEPS.cer
+++ /dev/null
@@ -1,31 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFXDCCBESgAwIBAgIEOl3pnzANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJz
-aTEbMBkGA1UEChMSc3RhdGUtaW5zdGl0dXRpb25zMREwDwYDVQQLEwhzaWdvdi1j
-YTAeFw0xMDA2MTAxMDUwMTVaFw0xNTA2MTAxMTIwMTVaMIGEMQswCQYDVQQGEwJz
-aTEbMBkGA1UEChMSc3RhdGUtaW5zdGl0dXRpb25zMRkwFwYDVQQLExB3ZWItY2Vy
-dGlmaWNhdGVzMRMwEQYDVQQLEwpHb3Zlcm5tZW50MSgwEAYDVQQDEwlQRVBTIFNB
-TUwwFAYDVQQFEw0xMjM1ODU3NTE4MDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAw9gh7flrQC1UUc0Dw1jFXQ5sDVwSjjO/QqUsvIysAGELNJTxs3/j
-vFOsokBOWlZEbocZXDqeLJtzO4zmpblc7c9okyZIi0sj+dEqKiMF7XbFfjo1NZ2c
-xJdQ4ENR1jLkiHSb5Z345dQ7VY6wju0ezMMA5O9cIywGWcSyH9h007tezhTWJeL5
-aN2gMvFs3tGx7Uv9JH9geIOopWlcQANSDkvAnCf/iu1YhbUmx+jYtcxlywtJ8Tri
-ON3GlFLr4ew4O8SrVxeQQ28yKKDEP/Y3399KWdQDwK/CeFy6flW3kYTiGDPnUH5T
-u9yEATomwnujhPHJZN6d46JFiTWFsll4aQIDAQABo4ICGjCCAhYwDgYDVR0PAQH/
-BAQDAgWgMCsGA1UdEAQkMCKADzIwMTAwNjEwMTA1MDE1WoEPMjAxNTA2MTAxMTIw
-MTVaMEoGA1UdIARDMEEwNQYKKwYBBAGvWQEBBTAnMCUGCCsGAQUFBwIBFhlodHRw
-Oi8vd3d3LmNhLmdvdi5zaS9jcHMvMAgGBgQAizABAjAYBggrBgEFBQcBAwQMMAow
-CAYGBACORgEBMBcGA1UdEQQQMA6BDHN0b3JrQGdvdi5zaTCB8QYDVR0fBIHpMIHm
-MFWgU6BRpE8wTTELMAkGA1UEBhMCc2kxGzAZBgNVBAoTEnN0YXRlLWluc3RpdHV0
-aW9uczERMA8GA1UECxMIc2lnb3YtY2ExDjAMBgNVBAMTBUNSTDI3MIGMoIGJoIGG
-hldsZGFwOi8veDUwMC5nb3Yuc2kvb3U9c2lnb3YtY2Esbz1zdGF0ZS1pbnN0aXR1
-dGlvbnMsYz1zaT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2WGK2h0dHA6
-Ly93d3cuc2lnb3YtY2EuZ292LnNpL2NybC9zaWdvdi1jYS5jcmwwHwYDVR0jBBgw
-FoAUHvjUU2uzgwbpBAZXAvmlv8ZYPHIwHQYDVR0OBBYEFDY0NJgPdteoK8mw3FG7
-lde6PRboMAkGA1UdEwQCMAAwGQYJKoZIhvZ9B0EABAwwChsEVjcuMQMCA6gwDQYJ
-KoZIhvcNAQEFBQADggEBAInmtHMCOob3469jLaA/WvRXFUv0QelW4cS9Zr1QrZzW
-Wp1YUiwkWfILHkDJgvbo6qn8iUDyKSNPhgXFVKfWbBlbuUds9F2FCJ41g5n2jXZc
-Lz0IOpae4a9LHmNLdT0UKEGbUJ5a4wRaZEWLVfwrkN2GJPeWeeigbunYKtdVlceP
-4DZg8T1c/vpi8lrbTxSLUAzn0ie8FRod6k19y49QG5sudvwjeQgp309dUze0ULun
-YYTFkkc5d2uzqEa2WYcxHYz4+hKPHejbGGKC1OZz+zH7ZGGr0mtLYjSvXv+5VKTj
-85/a/sdD+vzNneKEGbLk7iupk0On5BIkJdWqnz/IeDk=
------END CERTIFICATE-----
\ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
deleted file mode 100644
index eb051dc4d..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
-VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
-IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
-bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
-GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
-LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
-AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
-cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
-ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
-SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
-YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
-fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
-lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
-x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
-rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
-X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
-lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
-6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
-kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
-qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
-TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
-46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
-KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
-C016YgTrrQ==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer
deleted file mode 100644
index d361d919f..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer
deleted file mode 100644
index ad13d7b28..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer
deleted file mode 100644
index f9f27442b..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer
deleted file mode 100644
index b6f39e354..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer
deleted file mode 100644
index f9fef65fc..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer
deleted file mode 100644
index 3c7775b6e..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
deleted file mode 100644
index be29fb6ac..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
-YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
-Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
-dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
-a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
-VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
-q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
-ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
-ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
-833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
-5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
-CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
-CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
-MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
-kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
-BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
-pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
-9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
-2dMmiMQ7gGhWX9X6gWLd
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer
deleted file mode 100644
index 36a442b89..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer
deleted file mode 100644
index 54f809962..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
deleted file mode 100644
index e1100c7fc..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
-YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
-Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
-dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
-a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
-VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
-JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
-hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
-L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
-+XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
-U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
-o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
-CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
-jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
-+7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
-BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
-drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
-rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
-VxCuPLXx/4sCfANQtvuY
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer
deleted file mode 100644
index ab9e0cd7d..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer
deleted file mode 100644
index 01965769d..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
deleted file mode 100644
index b9a0e5a61..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
deleted file mode 100644
index e90f5f2a6..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
-MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
-FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
-MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
-BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
-jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
-2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
-tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
-8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
-1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
-AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
-A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
-sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
-C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
-/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
-PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
-NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
-xw==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
deleted file mode 100644
index 2284687bb..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
-dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
-OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
-dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
-ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
-EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
-lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
-znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
-2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
-k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
-2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
-VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
-AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
-hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
-cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
-FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
-tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
-FJ6N46sU7LjJLqSKYEB8usoIiw==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
deleted file mode 100644
index 33e776369..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der
deleted file mode 100644
index 3be7b6a06..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/EGIZ_Test_CA_-_User.20070829-20140101.SerNo00.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/EGIZ_Test_CA_-_User.20070829-20140101.SerNo00.cer
deleted file mode 100644
index 73553b996..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/EGIZ_Test_CA_-_User.20070829-20140101.SerNo00.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Premium-Test-Sig-02.20041227-20141201.SerNo00b5ac.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Premium-Test-Sig-02.20041227-20141201.SerNo00b5ac.cer
deleted file mode 100644
index 911640d0e..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Premium-Test-Sig-02.20041227-20141201.SerNo00b5ac.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-Qual-01a.20041117-20141117.SerNo00da88.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-Qual-01a.20041117-20141117.SerNo00da88.cer
deleted file mode 100644
index cac44093a..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-Qual-01a.20041117-20141117.SerNo00da88.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-nQual-01a.20041117-20080630.SerNo00da8b.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-nQual-01a.20041117-20080630.SerNo00da8b.cer
deleted file mode 100644
index 32893db7f..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-nQual-01a.20041117-20080630.SerNo00da8b.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
deleted file mode 100644
index eb051dc4d..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
-VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
-IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
-bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
-GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
-LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
-AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
-cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
-ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
-SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
-YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
-fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
-lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
-x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
-rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
-X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
-lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
-6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
-kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
-qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
-TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
-46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
-KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
-C016YgTrrQ==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer
deleted file mode 100644
index d361d919f..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer
deleted file mode 100644
index ad13d7b28..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer
deleted file mode 100644
index f9f27442b..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer
deleted file mode 100644
index b6f39e354..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer
deleted file mode 100644
index f9fef65fc..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer
deleted file mode 100644
index 3c7775b6e..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
deleted file mode 100644
index be29fb6ac..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
-YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
-Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
-dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
-a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
-VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
-q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
-ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
-ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
-833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
-5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
-CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
-CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
-MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
-kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
-BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
-pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
-9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
-2dMmiMQ7gGhWX9X6gWLd
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer
deleted file mode 100644
index 36a442b89..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer
deleted file mode 100644
index 54f809962..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
deleted file mode 100644
index e1100c7fc..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
-YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
-Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
-dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
-a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
-VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
-JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
-hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
-L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
-+XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
-U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
-o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
-CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
-jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
-+7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
-BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
-drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
-rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
-VxCuPLXx/4sCfANQtvuY
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer
deleted file mode 100644
index ab9e0cd7d..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer
deleted file mode 100644
index 01965769d..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
deleted file mode 100644
index b9a0e5a61..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
deleted file mode 100644
index e90f5f2a6..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
-MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
-FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
-MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
-BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
-jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
-2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
-tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
-8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
-1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
-AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
-A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
-sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
-C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
-/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
-PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
-NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
-xw==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
deleted file mode 100644
index 2284687bb..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
-dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
-OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
-dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
-ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
-EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
-lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
-znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
-2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
-k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
-2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
-VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
-AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
-hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
-cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
-FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
-tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
-FJ6N46sU7LjJLqSKYEB8usoIiw==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
deleted file mode 100644
index 33e776369..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der
deleted file mode 100644
index 3be7b6a06..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer
deleted file mode 100644
index afe6fdf09..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
deleted file mode 100644
index 2284687bb..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
-dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
-OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
-dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
-ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
-EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
-lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
-znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
-2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
-k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
-2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
-VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
-AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
-hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
-cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
-FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
-tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
-FJ6N46sU7LjJLqSKYEB8usoIiw==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
deleted file mode 100644
index 33e776369..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/EGIZ_Test_CA_-_Signaturdienst.20070829-20140101.SerNo02.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/EGIZ_Test_CA_-_Signaturdienst.20070829-20140101.SerNo02.cer
deleted file mode 100644
index 277b6083a..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/EGIZ_Test_CA_-_Signaturdienst.20070829-20140101.SerNo02.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer
deleted file mode 100644
index 376d0753f..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer
deleted file mode 100644
index 592c96230..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-02.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-02.cer
deleted file mode 100644
index 61a7ccb15..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-02.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer
deleted file mode 100644
index 5171276f4..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer
deleted file mode 100644
index afe6fdf09..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
deleted file mode 100644
index 2284687bb..000000000
--- a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
-dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
-OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
-dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
-ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
-EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
-lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
-znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
-2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
-k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
-2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
-VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
-AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
-hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
-cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
-FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
-tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
-FJ6N46sU7LjJLqSKYEB8usoIiw==
------END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
deleted file mode 100644
index 33e776369..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer
deleted file mode 100644
index 376d0753f..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer
deleted file mode 100644
index 592c96230..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-02.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-02.cer
deleted file mode 100644
index 61a7ccb15..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-02.cer and /dev/null differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer
deleted file mode 100644
index 5171276f4..000000000
Binary files a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer and /dev/null differ
-- 
cgit v1.2.3


From 8c69606529427f9b3684d67ff2c7b309a0c586b4 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 11 Sep 2014 12:10:14 +0200
Subject: remove AttributQuery URL available check

---
 .../data/oa/OAMOAIDPInterfederationConfig.java     |  8 ++++----
 .../id/auth/builder/AuthenticationDataBuilder.java | 22 +++++++++++-----------
 2 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java
index 5db9029bd..9431cc1fd 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAMOAIDPInterfederationConfig.java
@@ -117,10 +117,10 @@ public class OAMOAIDPInterfederationConfig implements IOnlineApplicationData {
 			}			
 		}
 		
-		if (inboundSSO && MiscUtil.isEmpty(queryURL)) {
-			log.info("Inbound Single Sign-On requires AttributQueryURL configuration.");
-			errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.empty", request));
-		}
+//		if (inboundSSO && MiscUtil.isEmpty(queryURL)) {
+//			log.info("Inbound Single Sign-On requires AttributQueryURL configuration.");
+//			errors.add(LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.empty", request));
+//		}
 		
 		return errors;
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index ed2cd3ecb..a8a7d0c51 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -256,21 +256,18 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 				
 			}
 
-			//collect attributes by using BackChannel communication
-			String endpoint = idp.getIDPAttributQueryServiceURL();			
-			if (MiscUtil.isEmpty(endpoint)) {
-				Logger.error("No AttributeQueryURL for interfederationIDP " + oaParam.getPublicURLPrefix());
-				throw new ConfigurationException("No AttributeQueryURL for interfederationIDP " + oaParam.getPublicURLPrefix(), null);
-			}
-
-			
-			//TODO: check if response include attributes and map this attributes to requested attributes
-			//TODO: insert code to parse Attributes from AuthnRespones for USP --> Zustelldienst
 			Response intfResp = (Response) req.getInterfederationResponse().getResponse();
 			AssertionAttributeExtractor extractor = 
 					new AssertionAttributeExtractor(intfResp);			
 						
-			if (!extractor.containsAllRequiredAttributes()) {			
+			if (!extractor.containsAllRequiredAttributes()) {				
+				//collect attributes by using BackChannel communication
+				String endpoint = idp.getIDPAttributQueryServiceURL();			
+				if (MiscUtil.isEmpty(endpoint)) {
+					Logger.error("No AttributeQueryURL for interfederationIDP " + oaParam.getPublicURLPrefix());
+					throw new ConfigurationException("No AttributeQueryURL for interfederationIDP " + oaParam.getPublicURLPrefix(), null);
+				}
+				
 				//build attributQuery request
 				AttributeQuery query = 
 						AttributQueryBuilder.buildAttributQueryRequest(interfIDP.getUserNameID(), endpoint, attributs);
@@ -308,6 +305,9 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
 				//create assertion attribute extractor from AttributeQuery response
 				extractor = new AssertionAttributeExtractor(intfResp);
 				
+			} else {
+				Logger.info("Interfedation response include all attributes with are required. Skip AttributQuery request step. ");
+				
 			}
 			//parse response information to authData
 			buildAuthDataFormInterfederationResponse(authdata, session, extractor, oaParam);			
-- 
cgit v1.2.3


From b5c798d95ade4142ba7e50edd928502187f8c2e5 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 11 Sep 2014 12:12:03 +0200
Subject: update handbook  - bPK-Encryption  - interfederation

---
 id/server/doc/handbook/config/config.html          | 36 ++++++++++++++++++++--
 .../handbook/interfederation/interfederation.html  |  8 +++--
 2 files changed, 39 insertions(+), 5 deletions(-)

diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html
index e21aaf421..2d2709bcc 100644
--- a/id/server/doc/handbook/config/config.html
+++ b/id/server/doc/handbook/config/config.html
@@ -129,6 +129,7 @@
             <li><a href="#konfigurationsparameter_oa_additional">Zus&auml;tzliche allgemeine Einstellungen</a>
 <ol>
               <li><a href="#konfigurationsparameter_oa_additional_formular">Login-Fenster Konfiguration</a></li>
+              <li><a href="#konfigurationsparameter_oa_additional_encbpk">Fremd-bPK Konfiguration</a></li>
               </ol>
             </li>
           </ol>
@@ -1049,6 +1050,7 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-auth/MonitoringServlet</pre>
 <h3><a name="konfigurationsparameter_allgemein_sl-templates" id="konfigurationsparameter_allgemein_bku2"></a>3.1.3 Security-Layer Request Templates</h3>
 <p>Security-Layer (SL) Templates dienen der Kommunikation mit der gew&auml;hlten B&uuml;rgerkartenumgebung. Die hier hinterlegen SL-Templates werden f&uuml;r die Kommunikation mit der jeweiligen BKU verwendet. N&auml;here Details zum Aufbau dieser SL-Templates finden Sie im <a href="#import_template_sltemplate">Kapitel 4.3</a>. </p>
 <p>Die Lage der Templates wird in Form einer URL beschrieben, wobei sowohl lokale Referenzen als der Bezug &uuml;ber http(s) m&ouml;glich sind. Relative Pfadangaben werden dabei relativ zum Verzeichnis, in dem sich die MOA-ID-Auth Basiskonfigurationsdatei befindet, interpretiert. Bei Templates die &uuml;ber das Protokoll https referenziert werden, muss vor dem Start des Tomcat ein Truststore angegeben werden, das die notwendigen vertrauensw&uuml;rdigen Zertifikate enth&auml;lt.</p>
+<p><strong>Hinweis:</strong> Diese hier definierten Templates dienen als zus&auml;tzliche WhiteList f&uuml;r Templates welche im &bdquo;StartAuthentication&ldquo; Request mit dem Parameter &bdquo;template&ldquo; &uuml;bergeben werden. Sollte im &bdquo;StartAuthentication&ldquo; Request der Parameter &bdquo;template&ldquo; fehlen, es wurde jedoch eine &bdquo;bkuURL&ldquo; &uuml;bergeben, dann wird f&uuml;r den Authentifizierungsvorgang ein bei der <a href="#konfigurationsparameter_oa_bku">Online Applikation konfiguriertes Tempalte</a> oder als Backup das erste Template in dieser Liste verwendet. Detailinformationen zum <a href="./../protocol/protocol.html#allgemeines_legacy">Legacy Request</a> finden Sie im Kapitel Protokolle.</p>
 <table width="1247" border="1">
   <tr>
     <th width="89" scope="col">Name</th>
@@ -1058,7 +1060,7 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-auth/MonitoringServlet</pre>
   <tr>
     <td>Online BKU</td>
     <td><p>SLTemplates/template_onlineBKU.html</p></td>
-    <td>SL Template zur Kommunikation mit der Online-BKU</td>
+    <td><p>SL Template zur Kommunikation mit der Online-BKU.</p></td>
   </tr>
   <tr>
     <td>Handy BKU</td>
@@ -2062,8 +2064,38 @@ Alle in diesem Abschnitt angegebenen Parameter sind Optional und werden bei Beda
 </table>
 <p>&nbsp;</p>
 <p><strong>Hinweis:</strong> Bei Verwendung einer online-applikationsspezifischen Bürgerkartenauswahl stehen alle Parameter die die Bürgerkartenauswahl betreffen nicht zur Verfügung.</p>
-<p><strong>Hinweis:</strong> Bei Verwendung eines online-applikationsspezifischen Security-Layer-Request Templates stehen alle Parameter die das SL-Template betreffen nicht zur Verfügung.</p>  
+<p><strong>Hinweis:</strong> Bei Verwendung eines online-applikationsspezifischen Security-Layer-Request Templates stehen alle Parameter die das SL-Template betreffen nicht zur Verfügung.</p>
+<h4><a name="konfigurationsparameter_oa_additional_encbpk" id="uebersicht_zentraledatei_aktualisierung31"></a>3.2.8.2 Fremd-bPK Konfiguration</h4>
+<p>Dieser Konfigurationsparameter erm&ouml;glicht die Konfiguration eines Key Stores, welcher im Falle einer<a href="../interfederation/interfederation.html"> Anmeldung mittels Single Sign-On Interfederation</a> zur Entschl&uuml;sselung einer verschl&uuml;sselten Fremd-bPK verwendet werden soll. Hierf&uuml;r sind folgende Konfigurationsparameter notwenig.</p>
+<table width="1247" border="1">
+  <tr>
+    <th width="272" scope="col">Name</th>
+    <th width="147" scope="col">Beispielwert</th>
+    <th width="806" scope="col">Beschreibung</th>
+  </tr>
+  <tr>
+    <td>KeyStore hochladen</td>
+    <td>&nbsp;</td>
+    <td>Dateiname des Java Keystore oder PKCS12 Keystore welcher den privaten Schl&uuml;ssel zur Entschl&uuml;sselung von Fremd-bPKs beinhaltet.</td>
+  </tr>
+  <tr>
+    <td><span id="wwlbl_loadOA_BPKEncDecr_keyStorePassword">KeyStore Password</span></td>
+    <td>password</td>
+    <td>Passwort zum Keystore</td>
+  </tr>
+  <tr>
+    <td><span id="wwlbl_loadOA_BPKEncDecr_keyAlias">Schl&uuml;sselname</span></td>
+    <td>pvp_metadata</td>
+    <td>Name des Schl&uuml;ssels der zum Entschl&uuml;sseln der Fremd-bPK verwendet werden soll</td>
+  </tr>
+  <tr>
+    <td><span id="wwlbl_loadOA_BPKEncDecr_keyPassword">Schl&uuml;sselpassword</span></td>
+    <td>password</td>
+    <td>Passwort des Schl&uuml;ssels der zum Entschl&uuml;sseln der Fremd-bPK verwendet werden soll</td>
+  </tr>
+</table>
 <p>&nbsp;</p>
+<p><strong>Hinweis:</strong> Diese Konfiguration ist jedoch nur n&ouml;tig wenn die f&uuml;r das Modul MOA-ID-Auth Interfederation verwendet und von weiteren Identity Providern in der Federation Fremd-bPKs &uuml;bermittelt werden welche bereits im Modul MOA-ID-Auth entschl&uuml;sselt werden sollen (z.B. bei Verwendung von SAML 1 als Authentifizierungsprotokoll). Bei Verwendung von PVP 2.1 und OpenID Connect kann die Fremd-bPK auch direkt an die Online Applikation weitergeben werden wodurch eine Entschl&uuml;sselung auf Seiten des Modules MOA-ID-Auth nicht zwingend notwendig ist.</p>
 <h2><a name="import_export" id="uebersicht_zentraledatei_aktualisierung4"></a>3.3 Import / Export</h2>
 <p>Über diese Funktionalität besteht die Möglichkeit eine bestehende MOA-ID 1.5.1
 Konfiguration in MOA-ID 2.0 zu importieren. Zusätzlich besteht die Möglichkeit eine MOA-ID-Auth 2.0
diff --git a/id/server/doc/handbook/interfederation/interfederation.html b/id/server/doc/handbook/interfederation/interfederation.html
index d30c93008..bd97061ab 100644
--- a/id/server/doc/handbook/interfederation/interfederation.html
+++ b/id/server/doc/handbook/interfederation/interfederation.html
@@ -73,7 +73,8 @@
   <li>MOA-ID 1 validiert den Authentifizierungsrequest und generiert eine Assertion f&uuml;r MOA-ID 2 welche Session-Token f&uuml;r die Benutzerin oder den Benutzer enth&auml;lt. In diesem Schritt werden jedoch noch keine personenbezogenen Daten ausgetauscht.</li>
   <li>Die Assertion wird an MOA-ID 2 zur&uuml;ckgesendet.</li>
   <li>MOA-ID 2 validiert die Assertion und extrahiert das Session-Token. <br>
-  <strong>Hinweis:</strong> Sollte die Validierung der Assertion fehlschlagen oder keine aktive SSO Session bei MOA-ID 1 existieren wird eine lokale Authentifizierung der Benutzerin oder des Benutzers mittels B&uuml;rgerkarte oder Handy-Signatur durchgef&uuml;hrt.</li>
+  <strong>Hinweis:</strong> Sollte die Validierung der Assertion fehlschlagen oder keine aktive SSO Session bei MOA-ID 1 existieren wird eine lokale Authentifizierung der Benutzerin oder des Benutzers mittels B&uuml;rgerkarte oder Handy-Signatur durchgef&uuml;hrt.<br>
+  <strong>Hinweis:</strong> Sollte die Assertion bereits alle notwenigen Anmeldeinformationen beinhalten wird Schritt 13 und 14 &uuml;bersprungen. </li>
   <li>MOA-ID 2 generiert einen Attribut Request mit den von Online Applikation 2 angeforderten Attributen und sendet diesen &uuml;ber SOAP Binding an MOA-ID 1.</li>
   <li>MOA-ID 1 generiert eine Assertion mit den angeforderten Attributen f&uuml;r Online Applikation 2 und sendet diese an MOA-ID 2.</li>
   <li>MOA-ID 2 generiert   eine Assertion f&uuml;r Online Applikation 2</li>
@@ -154,8 +155,9 @@
   <tr>
     <td><span id="wwlbl_loadIDP_moaIDP_queryURL">AttributQuery Service URL</span></td>
     <td>https://demo.egiz.gv.at/moa-id-auth/pvp2/attributequery</td>
-    <td align="center">&nbsp;</td>
-    <td><p>URL auf das Attribute-Query Service des konfigurierten IDP. &Uuml;ber dieses WebService werden die Authentifizierungsdaten vom IDP abgeholt.</p></td>
+    <td align="center">X</td>
+    <td><p>URL auf das Attribute-Query Service des konfigurierten IDP. &Uuml;ber dieses WebService werden die Authentifizierungsdaten vom IDP abgeholt.</p>
+    <p><strong>Hinweis:</strong> Wenn kein Service konfiguriert ist m&uuml;ssen alle f&uuml;r den Anmeldevorgang ben&ouml;tigten Informationen bereits in der Assertion im Schritt 11 (siehe <a href="#sequenzediagramm">Sequenzdiagramm</a>) &uuml;bermittelt werden.</p></td>
   </tr>
 </table>
 <p>&nbsp;</p>
-- 
cgit v1.2.3


From 5e64f6a3958ac7b570757f02465598e8132f08f8 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 12 Sep 2014 11:21:10 +0200
Subject: change logger class

---
 .../moa/id/auth/AuthenticationServer.java          | 27 +++-------------------
 .../StartAuthentificationParameterParser.java      |  6 ++---
 .../pvp2x/builder/attributes/EIDAuthBlock.java     |  5 ++--
 .../builder/attributes/EIDSignerCertificate.java   |  4 ++--
 4 files changed, 9 insertions(+), 33 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index d06298efa..a33c4fdf4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -2,8 +2,6 @@
 package at.gv.egovernment.moa.id.auth;
 
 import iaik.asn1.ObjectID;
-import iaik.pki.PKIRuntimeException;
-import iaik.util.logging.Log;
 import iaik.x509.X509Certificate;
 import iaik.x509.X509ExtensionInitException;
 
@@ -20,14 +18,12 @@ import java.util.ArrayList;
 //import java.security.cert.CertificateFactory;
 import java.util.Calendar;
 import java.util.Date;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Vector;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.transform.TransformerException;
 
@@ -44,13 +40,11 @@ import org.opensaml.xml.util.XMLHelper;
 import org.w3c.dom.DOMException;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
-import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 import org.xml.sax.SAXException;
 
 import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder;
 import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
-import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder;
 import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
 import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
 import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder;
@@ -61,7 +55,6 @@ import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
 import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
 import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult;
 import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.BKUException;
@@ -73,19 +66,14 @@ import at.gv.egovernment.moa.id.auth.exception.ValidateException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
 import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
 import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
 import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
 import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet;
 import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet;
 import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
 import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator;
-import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
 import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
 import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
-//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse;
-//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient;
-//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
 import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
 import at.gv.egovernment.moa.id.client.SZRGWClient;
 import at.gv.egovernment.moa.id.client.SZRGWClientException;
@@ -98,14 +86,11 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.config.stork.CPEPS;
 import at.gv.egovernment.moa.id.config.stork.STORKConfig;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl;
-import at.gv.egovernment.moa.id.util.HTTPUtils;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.id.util.VelocityProvider;
 import at.gv.egovernment.moa.id.util.XMLUtil;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
@@ -117,7 +102,6 @@ import at.gv.egovernment.moa.util.DateTimeUtils;
 import at.gv.egovernment.moa.util.FileUtils;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.StringUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
 import at.gv.util.xsd.mis.MandateIdentifiers;
 import at.gv.util.xsd.mis.Target;
 import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest;
@@ -141,11 +125,6 @@ import eu.stork.peps.auth.commons.STORKAuthnRequest;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
 
-//import java.security.cert.CertificateFactory;
-//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse;
-//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient;
-//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException;
-
 /**
  * API for MOA ID Authentication Service.<br> {@link AuthenticationSession} is
  * stored in a session store and retrieved by giving the session ID.
@@ -255,13 +234,13 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		String domainIdentifier = AuthConfigurationProvider.getInstance().getSSOTagetIdentifier().trim();
 		if (MiscUtil.isEmpty(domainIdentifier) && session.isSsoRequested()) {
 			//do not use SSO if no Target is set
-			Log.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!");
+			Logger.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!");
 			session.setSsoRequested(false);
 
 		}
 
 		if (session.isSsoRequested()) {
-			Log.info("SSO Login requested");
+			Logger.info("SSO Login requested");
 			//load identityLink with SSO Target
 			boolean isbuisness = false;
 
@@ -279,7 +258,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 					isbuisness, domainIdentifier);
 
 		} else {
-			Log.info("Non-SSO Login requested");
+			Logger.info("Non-SSO Login requested");
 			//build ReadInfobox request
 			infoboxReadRequest = new InfoboxReadRequestBuilder().build(
 					oaParam.getBusinessService(), oaParam
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index c912b4620..1bc3702e4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -22,8 +22,6 @@
  ******************************************************************************/
 package at.gv.egovernment.moa.id.auth.parser;
 
-import iaik.util.logging.Log;
-
 import java.io.UnsupportedEncodingException;
 import java.util.List;
 
@@ -239,13 +237,13 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{
 	    		templateURL = FileUtils.makeAbsoluteURL(
 	    				oaParam.getTemplateURL().get(0).getURL(),
 	    				AuthConfigurationProvider.getInstance().getRootConfigFileDir());
-	    		Log.info("No SL-Template in request, load SL-Template from OA configuration (URL: " + templateURL + ")");
+	    		Logger.info("No SL-Template in request, load SL-Template from OA configuration (URL: " + templateURL + ")");
 
 	    	} else if ( (defaulTemplateURLList.size() > 0) && MiscUtil.isNotEmpty(defaulTemplateURLList.get(0))) {
 	    		templateURL = FileUtils.makeAbsoluteURL(
 	    				defaulTemplateURLList.get(0),
 	    				AuthConfigurationProvider.getInstance().getRootConfigFileDir());
-	    		Log.info("No SL-Template in request, load SL-Template from general configuration (URL: " + templateURL + ")");	
+	    		Logger.info("No SL-Template in request, load SL-Template from general configuration (URL: " + templateURL + ")");	
 	    			    		
 	    	} else {
 	    		Logger.error("NO SL-Tempalte found in OA config");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java
index 4f3aff469..61840ea21 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java
@@ -22,14 +22,13 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes;
 
-import iaik.util.logging.Log;
-
 import java.io.IOException;
 
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
+import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.MiscUtil;
 
@@ -51,7 +50,7 @@ public class EIDAuthBlock implements IPVPAttributeBuilder {
 			
 		}
 		catch (IOException e) {
-			Log.info("Encode AuthBlock BASE64 failed.");
+			Logger.info("Encode AuthBlock BASE64 failed.");
 		}
 		throw new UnavailableAttributeException(EID_AUTH_BLOCK_NAME);
 		
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSignerCertificate.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSignerCertificate.java
index df1bc1860..8a603f53a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSignerCertificate.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSignerCertificate.java
@@ -22,7 +22,6 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes;
 
-import iaik.util.logging.Log;
 
 import java.io.IOException;
 
@@ -30,6 +29,7 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
+import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 
 public class EIDSignerCertificate implements IPVPAttributeBuilder {
@@ -49,7 +49,7 @@ public class EIDSignerCertificate implements IPVPAttributeBuilder {
 			}
 			
 		}catch (IOException e) {
-			Log.info("Signer certificate BASE64 encoding error");
+			Logger.info("Signer certificate BASE64 encoding error");
 		}
 		
 		throw new UnavailableAttributeException(EID_SIGNER_CERTIFICATE_NAME);
-- 
cgit v1.2.3


From 42c33cec8e79c293965acdf3032e3d393e37a776 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 12 Sep 2014 12:20:23 +0200
Subject: Update eMail address verification

---
 .../java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java  | 2 --
 .../moa/id/configuration/struts/action/UserManagementAction.java        | 2 +-
 id/ConfigWebTool/src/main/resources/applicationResources_en.properties  | 2 +-
 3 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
index caed3e469..3c1c2f141 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java
@@ -22,8 +22,6 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.configuration.helper;
 
-import java.io.File;
-import java.io.FileInputStream;
 import java.io.InputStream;
 import java.io.StringWriter;
 import java.io.UnsupportedEncodingException;
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
index 5799c88b2..8e0f0b7f8 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
@@ -449,7 +449,7 @@ public class UserManagementAction extends BasicAction {
 			
 		}
 		
-		String message = new String();
+		String message = LanguageHelper.getErrorString("error.mail.send", request);
 		
 		if (authUser != null) {
 			UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
index 22b063099..07c8d708d 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
@@ -344,7 +344,7 @@ webpages.openadminrequests.users.header=User accounts
 webpages.openadminrequests.oas.header=Online-Applications
 
 
-validation.newuser.mailaddress=Validation of eMail address could not be completed.
+validation.newuser.mailaddress=Validation of eMail address completed.
 
 validation.edituser.familyname.empty=The surname is blank.
 validation.edituser.familyname.valid=The surname contains forbidden characters. The following characters are not allowed\: {0}
-- 
cgit v1.2.3


From 6f5319b465eb857e13ee562ccfd9a94f1e681501 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 12 Sep 2014 12:27:49 +0200
Subject: update dependency version   > org.apache.struts:struts2-core 2.3.16.3
   > org.apache.struts:struts2-json-plugin 2.3.16.3   > joda-time:joda-time
 2.4   > org.slf4j:jcl-over-slf4j 1.7.7   > org.slf4j:jul-to-slf4j 1.7.7   >
 org.slf4j:slf4j-api 1.7.7   > org.slf4j:slf4j-log4j12 1.7.7   >
 mysql:mysql-connector-java 5.1.32   > org.hibernate:hibernate-core
 4.3.6.Final   > org.hibernate:hibernate-entitymanager 4.3.6.Final   >
 org.hibernate:hibernate-c3p0 4.3.6.Final   >
 com.google.http-client:google-http-client-jackson2 1.19.0   >
 com.google.oauth-client:google-oauth-client-jetty 1.19.0   >
 org.apache.commons:commons-lang3 3.3.2   > commons-codec:commons-codec 1.9  
 > commons-logging:commons-logging 1.2   > xerces:xercesImpl 2.11.0   >
 postgresql:postgresql 9.3-1102-jdbc41   > junit:junit 3.8.2

---
 common/pom.xml                           | 15 ++++++++++-----
 id/ConfigWebTool/pom.xml                 |  4 ++--
 id/server/auth/pom.xml                   |  2 +-
 id/server/idserverlib/pom.xml            | 12 ++++++------
 id/server/moa-id-commons/pom.xml         | 10 +++++-----
 id/server/stork2-commons/pom.xml         |  3 +--
 id/server/stork2-saml-engine/pom.xml     |  8 ++++----
 pom.xml                                  | 21 ++++++++++-----------
 spss/handbook/clients/api/pom.xml        |  2 +-
 spss/handbook/clients/webservice/pom.xml |  2 +-
 spss/server/serverlib/pom.xml            |  2 +-
 11 files changed, 42 insertions(+), 39 deletions(-)

diff --git a/common/pom.xml b/common/pom.xml
index b2f7f652c..70d0dc13c 100644
--- a/common/pom.xml
+++ b/common/pom.xml
@@ -67,12 +67,12 @@
         <dependency>
             <groupId>joda-time</groupId>
             <artifactId>joda-time</artifactId>
-            <version>2.3</version>
+            <version>2.4</version>
         </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
-            <version>1.7.6</version>
+            <version>1.7.7</version>
         </dependency>
 <!--         <dependency>
             <groupId>org.slf4j</groupId>
@@ -82,7 +82,12 @@
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>jcl-over-slf4j</artifactId>
-            <version>1.7.6</version>
+            <version>1.7.7</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>1.7.7</version>
         </dependency>
 <!--         <dependency>
             <groupId>org.slf4j</groupId>
@@ -92,12 +97,12 @@
         <dependency>
 					<groupId>org.slf4j</groupId>
 					<artifactId>slf4j-log4j12</artifactId>
-					<version>1.7.6</version>
+					<version>1.7.7</version>
 				</dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>jul-to-slf4j</artifactId>
-            <version>1.7.6</version>
+            <version>1.7.7</version>
         </dependency>
     </dependencies>
 
diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml
index 9b3ef3862..8c3622a4e 100644
--- a/id/ConfigWebTool/pom.xml
+++ b/id/ConfigWebTool/pom.xml
@@ -118,12 +118,12 @@
         <dependency>
             <groupId>org.apache.struts</groupId>
             <artifactId>struts2-core</artifactId>
-            <version>2.3.16.1</version>
+            <version>2.3.16.3</version>
         </dependency>
         <dependency>
             <groupId>org.apache.struts</groupId>
             <artifactId>struts2-json-plugin</artifactId>
-            <version>2.3.16.1</version>
+            <version>2.3.16.3</version>
         </dependency>
 
         <dependency>
diff --git a/id/server/auth/pom.xml b/id/server/auth/pom.xml
index 20c45b096..b43a0e736 100644
--- a/id/server/auth/pom.xml
+++ b/id/server/auth/pom.xml
@@ -98,7 +98,7 @@
 		<dependency>
     		<groupId>org.tuckey</groupId>
     		<artifactId>urlrewritefilter</artifactId>
-    		<version>4.0.3</version>
+    		<version>4.0.4</version>
 		</dependency>
 		<dependency>
 			<groupId>MOA.spss.server</groupId>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index c1ea05e4b..a8ffd10bc 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -142,11 +142,11 @@
         </dependency>
 
 
-        <dependency>
+<!--         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
-            <version>1.7.6</version>
-        </dependency>
+            <version>1.7.7</version>
+        </dependency> -->
 <!--         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-simple</artifactId>
@@ -267,20 +267,20 @@
 		<dependency>
 			<groupId>commons-codec</groupId>
 			<artifactId>commons-codec</artifactId>
-			<version>1.8</version>
+			<version>1.9</version>
 		</dependency>
 
 		<!-- Google OAuth Client -->
 		<dependency>
 			<groupId>com.google.http-client</groupId>
 			<artifactId>google-http-client-jackson2</artifactId>
-			<version>1.18.0-rc</version>
+			<version>1.19.0</version>
 			<scope>test</scope>
 		</dependency>
 		<dependency>
 			<groupId>com.google.oauth-client</groupId>
 			<artifactId>google-oauth-client-jetty</artifactId>
-			<version>1.18.0-rc</version>
+			<version>1.19.0</version>
 			<scope>test</scope>
 		</dependency>
 
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 0a3351edb..e6d708eca 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -46,23 +46,23 @@
         <dependency>
             <groupId>org.hibernate</groupId>
             <artifactId>hibernate-core</artifactId>
-            <version>4.3.4.Final</version>
+            <version>4.3.6.Final</version>
         </dependency>
         <dependency>
             <groupId>org.hibernate</groupId>
             <artifactId>hibernate-c3p0</artifactId>
-            <version>4.3.4.Final</version>
+            <version>4.3.6.Final</version>
         </dependency>
         <dependency>
             <groupId>org.hibernate</groupId>
             <artifactId>hibernate-entitymanager</artifactId>
-            <version>4.3.4.Final</version>
+            <version>4.3.6.Final</version>
         </dependency>
 
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
-            <version>3.3.1</version>
+            <version>3.3.2</version>
         </dependency>
         <dependency>
 					<groupId>commons-httpclient</groupId>
@@ -118,7 +118,7 @@
         <dependency>
             <groupId>mysql</groupId>
             <artifactId>mysql-connector-java</artifactId>
-            <version>5.1.29</version>
+            <version>5.1.32</version>
         </dependency>
     </dependencies>
 
diff --git a/id/server/stork2-commons/pom.xml b/id/server/stork2-commons/pom.xml
index c6d15b51b..d0fd5a1ad 100644
--- a/id/server/stork2-commons/pom.xml
+++ b/id/server/stork2-commons/pom.xml
@@ -13,7 +13,7 @@
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<stork.version>1.4.0</stork.version>
-		<opensaml.version>2.6.0</opensaml.version>
+		<opensaml.version>2.6.2</opensaml.version>
 	</properties>
 	<version>${stork.version}</version>
   <description>
@@ -57,7 +57,6 @@
 		<dependency>
 			<groupId>org.opensaml</groupId>
 			<artifactId>opensaml</artifactId>
-			<version>${opensaml.version}</version>
 			<exclusions>
 				<exclusion>
 				    <groupId>org.slf4j</groupId>
diff --git a/id/server/stork2-saml-engine/pom.xml b/id/server/stork2-saml-engine/pom.xml
index ed5dfa973..89ddab22a 100644
--- a/id/server/stork2-saml-engine/pom.xml
+++ b/id/server/stork2-saml-engine/pom.xml
@@ -17,7 +17,7 @@
 		<samlspec.version>0.5.2</samlspec.version>
 		<samlspecacept.version>0.5.1</samlspecacept.version>
 		<commons.version>1.4.0</commons.version>
-		<opensaml.version>2.6.1</opensaml.version>
+		<opensaml.version>2.6.2</opensaml.version>
 		<timestamp>${maven.build.timestamp}</timestamp>
 		<repositoryPath>${basedir}/../../../repository</repositoryPath>
 	</properties>
@@ -88,7 +88,7 @@
 		<dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>slf4j-api</artifactId>
-			<version>1.7.6</version>
+			<version>1.7.7</version>
 		</dependency>
 <!-- 		<dependency>
 			<groupId>org.slf4j</groupId>
@@ -98,7 +98,7 @@
 		<dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>jcl-over-slf4j</artifactId>
-			<version>1.7.6</version>
+			<version>1.7.7</version>
 		</dependency>
 <!-- 		<dependency>
 			<groupId>org.slf4j</groupId>
@@ -108,7 +108,7 @@
 		<dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>jul-to-slf4j</artifactId>
-			<version>1.7.6</version>
+			<version>1.7.7</version>
 		</dependency>
 
 		<dependency>
diff --git a/pom.xml b/pom.xml
index 02a25375d..4010333eb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -12,10 +12,10 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         
         <moa-commons-version>2.0.0</moa-commons-version>
-				<moa-id-version>2.1.1-Snapshot</moa-id-version>
+				<moa-id-version>2.1.1</moa-id-version>
 				<moa-id-proxy-version>2.0.0</moa-id-proxy-version>
         <moa-spss-version>2.0.2</moa-spss-version>
-				<configtool-version>1.1.1-Snapshot</configtool-version>
+				<configtool-version>1.1.2</configtool-version>
 				<demo-oa-version>2.0.2</demo-oa-version>
     </properties>
 
@@ -196,12 +196,11 @@
                 <version>1.2.17</version>
                 <scope>compile</scope>
             </dependency>
-            <dependency>
-                <groupId>postgresql</groupId>
-                <artifactId>postgresql</artifactId>
-                <version>7.2</version>
-                <scope>runtime</scope>
-            </dependency>
+						<dependency>
+							<groupId>org.postgresql</groupId>
+							<artifactId>postgresql</artifactId>
+							<version>9.3-1102-jdbc41</version>
+						</dependency>
 
             <dependency>
                 <groupId>javax.mail</groupId>
@@ -277,13 +276,13 @@
             <dependency>
                 <groupId>junit</groupId>
                 <artifactId>junit</artifactId>
-                <version>3.8.1</version>
+                <version>3.8.2</version>
                 <scope>test</scope>
             </dependency>
             <dependency>
                 <groupId>commons-logging</groupId>
                 <artifactId>commons-logging</artifactId>
-                <version>1.1.3</version>
+                <version>1.2</version>
                 <scope>compile</scope>
             </dependency>
             
@@ -446,7 +445,7 @@
             <dependency>
                 <groupId>xerces</groupId>
                 <artifactId>xercesImpl</artifactId>
-                <version>2.9.0</version>
+                <version>2.11.0</version>
                 <scope>compile</scope>	
             </dependency>
             <!-- The xmlParserAPIs.jar of the official xalan distribution
diff --git a/spss/handbook/clients/api/pom.xml b/spss/handbook/clients/api/pom.xml
index 13d988a57..581c29e56 100644
--- a/spss/handbook/clients/api/pom.xml
+++ b/spss/handbook/clients/api/pom.xml
@@ -58,7 +58,7 @@
 			<artifactId>log4j</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>postgresql</groupId>
+			<groupId>org.postgresql</groupId>
 			<artifactId>postgresql</artifactId>
 		</dependency>
 		<dependency>
diff --git a/spss/handbook/clients/webservice/pom.xml b/spss/handbook/clients/webservice/pom.xml
index 0a48df11c..50850b592 100644
--- a/spss/handbook/clients/webservice/pom.xml
+++ b/spss/handbook/clients/webservice/pom.xml
@@ -58,7 +58,7 @@
 			<artifactId>log4j</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>postgresql</groupId>
+			<groupId>org.postgresql</groupId>
 			<artifactId>postgresql</artifactId>
 		</dependency>
 		<dependency>		
diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml
index cc96d411a..3cf8d0bd7 100644
--- a/spss/server/serverlib/pom.xml
+++ b/spss/server/serverlib/pom.xml
@@ -58,7 +58,7 @@
 			<artifactId>log4j</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>postgresql</groupId>
+			<groupId>org.postgresql</groupId>
 			<artifactId>postgresql</artifactId>
 		</dependency>
 		<dependency>
-- 
cgit v1.2.3


From 0198de78115aea2cf9586c1dbc3e73bf08759465 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 12 Sep 2014 12:28:03 +0200
Subject: remove unused code

---
 .../java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java   | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 848bf94af..80afd9f82 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -72,10 +72,9 @@ public class MOAIDAuthInitializer {
         CommandMap.setDefaultCommandMap(mc);
         
         // create some properties and get the default Session
-        Properties props = new Properties();
-        props.put("mail.smtp.host", "localhost");
-        
-        Session session = Session.getDefaultInstance(props, null);
+//        Properties props = new Properties();
+//        props.put("mail.smtp.host", "localhost");        
+//        Session session = Session.getDefaultInstance(props, null);
 
         // Restricts TLS cipher suites
 //        System.setProperty(
-- 
cgit v1.2.3


From fc13d71526168a7397b36207de521c274ae670b9 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 12 Sep 2014 12:32:01 +0200
Subject: history and readme update

---
 id/history.txt      | 33 ++++++++++++++++++++++++++++-----
 id/readme_2.1.1.txt | 42 +++++++++++++++++++++++++++++++++++++++---
 2 files changed, 67 insertions(+), 8 deletions(-)

diff --git a/id/history.txt b/id/history.txt
index a3146066b..8f0eaa8d8 100644
--- a/id/history.txt
+++ b/id/history.txt
@@ -8,9 +8,31 @@ Version MOA-ID Release 2.1.1: 
 - Änderungen
   - Anpassung VIDP Code für STORK
   - Anpassung des Codes für IDP Interfederation
+  - Neue A-Trust Zertifikate
   - Kleinere Bug-Fixes
-
-
+  - Libraries aktualisiert:
+    > org.apache.struts:struts2-core 2.3.16.3
+    > org.apache.struts:struts2-json-plugin 2.3.16.3
+    > joda-time:joda-time 2.4
+    > org.slf4j:jcl-over-slf4j 1.7.7
+    > org.slf4j:jul-to-slf4j 1.7.7
+    > org.slf4j:slf4j-api 1.7.7
+    > org.slf4j:slf4j-log4j12 1.7.7
+    > mysql:mysql-connector-java 5.1.32
+    > org.hibernate:hibernate-core 4.3.6.Final
+    > org.hibernate:hibernate-entitymanager 4.3.6.Final
+    > org.hibernate:hibernate-c3p0 4.3.6.Final
+    > com.google.http-client:google-http-client-jackson2 1.19.0
+    > com.google.oauth-client:google-oauth-client-jetty 1.19.0
+    > org.apache.commons:commons-lang3 3.3.2
+    > commons-codec:commons-codec 1.9
+    > commons-logging:commons-logging 1.2
+    > xerces:xercesImpl 2.11.0
+    > postgresql:postgresql 9.3-1102-jdbc41
+    > junit:junit 3.8.2
+
+
+-------------------------------------------------------------------------------
 Version MOA-ID Release 2.1.0: Änderungen seit Version MOA-ID 2.0.1
 - Änderungen
   - Anpassung VIDP Code für STORK
@@ -24,6 +46,7 @@ Version MOA-ID Release 2.1.0: 
   - Definition neuer Fehlercodes   
 
 
+-------------------------------------------------------------------------------
 Version MOA-ID Release 2.0.1: Änderungen seit Version MOA-ID 2.0.0
 - Änderungen:
   - Anpassungen VIDP Code für STORK
@@ -35,6 +58,7 @@ Version MOA-ID Release 2.0.1: 
   - MOA-ID-Konfigurationstool mit Sprachauswahl 
 
 
+-------------------------------------------------------------------------------
 Version MOA-ID Release 2.0.0: Änderungen seit Version MOA-ID 2.0-RC1
 - Änderungen:
   - Speicherung von applikationsspezifischen Vollmachtsprofilen angepasst
@@ -48,8 +72,7 @@ Version MOA-ID Release 2.0.0: 
   - Verwendung als STORK2 VIDP 
 
 
-=====
-
+-------------------------------------------------------------------------------
 Version MOA-ID Pre-Release 2.0-RC1: Änderungen seit Version MOA-ID 1.5.1
 - Neuerungen:
   - Unterstützung der Authentifizierungsprotokolle PVP 2.1 und OpenID Connect
@@ -69,8 +92,8 @@ Version MOA-ID Pre-Release 2.0-RC1: 
 
 - Fixed Bug http://mail-archives.apache.org/mod_mbox/www-announce/201402.mbox/%3C52F373FC.9030907@apache.org%3E
 
-=====
 
+-------------------------------------------------------------------------------
 Version MOA-ID 1.5.1: Änderungen seit Version MOA-ID 1.5.0:
 - Fixed Bug #556 (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=556&group_id=6&atid=105) 
 - Fixed Bug #557 (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=557&group_id=6&atid=105)
diff --git a/id/readme_2.1.1.txt b/id/readme_2.1.1.txt
index 44f591bed..4d9c2960f 100644
--- a/id/readme_2.1.1.txt
+++ b/id/readme_2.1.1.txt
@@ -17,7 +17,7 @@ gleichen Verzeichnis):
   - Anpassung VIDP Code für STORK
   - Anpassung des Codes für IDP Interfederation
   - Kleinere Bug-Fixes
-    
+  - Update von Libraries  
 -------------------------------------------------------------------------------
 B. Durchführung eines Updates
 -------------------------------------------------------------------------------
@@ -58,9 +58,45 @@ B.1 Durchf
    Konfigurationsdatei CATALINA_HOME\conf\moa-id\moa-id.properties     
      a.) configuration.moaconfig.key=.....   (Passwort zum Ver- und 
          Entschlüsseln von Konfigurationsparametern in der Datenbank)
+         
+8. Update des Cert-Stores.
+   Kopieren Sie den Inhalt des Verzeichnisses
+   MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis
+   CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie 
+   vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann 
+   bejahen sie das.
+
+9. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen 
+   wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile 
+   beibehalten wollen, dann gehen Sie vor, wie in Punkt b).
+
+   a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen:
+
+    1)  Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles.
+    2)  Kopieren Sie das Verzeichnis 
+        MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis 
+        CATALINA_HOME\conf\moa-spss.
+
+   b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie 
+      folgt vor, um die Profile auf den aktuellen Stand zu bringen:
+
+    1)  Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den 
+        entsprechenden Profilen im Verzeichnis 
+        MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren 
+        Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt 
+        der einzelnen Profile aus der Distribution 
+        (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden 
+        Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) 
+        kopieren und dabei die vorhandenen gleichnamigen Zertifikate 
+        überschreiben), also z.B: Kopieren des Inhalts von 
+        MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\
+        MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach 
+        CATALINA_HOME\conf\moa-spss\trustProfiles\
+        MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. 
         
-8 . Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im
-   Logging von MOA ID beim Einlesen der Konfiguration.
+10. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im
+    Logging von MOA ID beim Einlesen der Konfiguration.
+
 
 ...............................................................................
 B.2 Durchführung eines Updates von Version 2.0.1 auf Version 2.1.0 
-- 
cgit v1.2.3


From 3073df72f0f31e4fcf9c2320ff74fadc7902c45d Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 12 Sep 2014 12:58:09 +0200
Subject: update version mainpage and handbook

---
 id/server/auth/src/main/webapp/index.html | 2 +-
 id/server/doc/handbook/index.html         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/id/server/auth/src/main/webapp/index.html b/id/server/auth/src/main/webapp/index.html
index 4d4529730..968f211bc 100644
--- a/id/server/auth/src/main/webapp/index.html
+++ b/id/server/auth/src/main/webapp/index.html
@@ -14,7 +14,7 @@
     </tr>
   </table>
   <hr/> 
-  <p class="title">MOA-ID 2.1.0</p> 
+  <p class="title">MOA-ID 2.1.1</p> 
 <hr/>
   <h1>Inhalt</h1>
   <ol>
diff --git a/id/server/doc/handbook/index.html b/id/server/doc/handbook/index.html
index acab7517a..892a82484 100644
--- a/id/server/doc/handbook/index.html
+++ b/id/server/doc/handbook/index.html
@@ -15,7 +15,7 @@
   </table>
   <hr/> 
   <p class="title">MOA-ID (Identifikation) </p> 
-  <p class="subtitle">&Uuml;bersicht zur Dokumentation der Version 2.1.0 </p> 
+  <p class="subtitle">&Uuml;bersicht zur Dokumentation der Version 2.1.1 </p> 
   <hr/>
   <dl>
     <dt><a href="./intro/intro.html">Einf&uuml;hrung</a></dt>
-- 
cgit v1.2.3


From 7fcb9d499a8346b74f9114fc0c790e2545be58dd Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 15 Sep 2014 11:21:42 +0200
Subject: update lib egovutils to 1.0.7

---
 id/ConfigWebTool/pom.xml                           |   2 +-
 .../at/gv/util/egovutils/1.0.2/egovutils-1.0.2.jar | Bin 1015550 -> 0 bytes
 .../at/gv/util/egovutils/1.0.2/egovutils-1.0.2.pom |  80 ---------------------
 .../at/gv/util/egovutils/1.0.4/egovutils-1.0.4.jar | Bin 2616649 -> 0 bytes
 .../at/gv/util/egovutils/1.0.4/egovutils-1.0.4.pom |  80 ---------------------
 5 files changed, 1 insertion(+), 161 deletions(-)
 delete mode 100644 repository/at/gv/util/egovutils/1.0.2/egovutils-1.0.2.jar
 delete mode 100644 repository/at/gv/util/egovutils/1.0.2/egovutils-1.0.2.pom
 delete mode 100644 repository/at/gv/util/egovutils/1.0.4/egovutils-1.0.4.jar
 delete mode 100644 repository/at/gv/util/egovutils/1.0.4/egovutils-1.0.4.pom

diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml
index 8c3622a4e..e30cad73b 100644
--- a/id/ConfigWebTool/pom.xml
+++ b/id/ConfigWebTool/pom.xml
@@ -83,7 +83,7 @@
         <dependency>
             <groupId>at.gv.util</groupId>
             <artifactId>egovutils</artifactId>
-            <version>1.0.4</version>
+            <version>1.0.7</version>
             <exclusions>
                 <exclusion>
                     <groupId>com.sun</groupId>
diff --git a/repository/at/gv/util/egovutils/1.0.2/egovutils-1.0.2.jar b/repository/at/gv/util/egovutils/1.0.2/egovutils-1.0.2.jar
deleted file mode 100644
index 821e525a4..000000000
Binary files a/repository/at/gv/util/egovutils/1.0.2/egovutils-1.0.2.jar and /dev/null differ
diff --git a/repository/at/gv/util/egovutils/1.0.2/egovutils-1.0.2.pom b/repository/at/gv/util/egovutils/1.0.2/egovutils-1.0.2.pom
deleted file mode 100644
index e97b459c6..000000000
--- a/repository/at/gv/util/egovutils/1.0.2/egovutils-1.0.2.pom
+++ /dev/null
@@ -1,80 +0,0 @@
-<?xml version="1.0"?>
-<project
-	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
-	xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-	<modelVersion>4.0.0</modelVersion>
-	<groupId>at.gv.util</groupId>
-	<artifactId>egovutils</artifactId>
-	<version>1.0.2</version>
-	<name>zuseutil</name>
-	<url>http://maven.apache.org</url>
-	<properties>
-		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-	</properties>
-	<dependencies>
-		<dependency>
-			<groupId>xerces</groupId>
-			<artifactId>xercesImpl</artifactId>
-			<version>2.11.0</version>
-		</dependency>
-		<dependency>
-			<groupId>xalan</groupId>
-			<artifactId>xalan</artifactId>
-			<version>2.7.1</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun</groupId>
-			<artifactId>webservices-tools</artifactId>
-			<version>2.0.1</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun</groupId>
-			<artifactId>webservices-rt</artifactId>
-			<version>2.0.1</version>
-		</dependency>
-		<dependency>
-			<groupId>commons-validator</groupId>
-			<artifactId>commons-validator</artifactId>
-			<version>1.3.1</version>
-		</dependency>
-		<dependency>
-			<groupId>bouncycastle</groupId>
-			<artifactId>bcprov-jdk16</artifactId>
-			<version>140</version>
-		</dependency>
-		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-api</artifactId>
-			<version>1.6.1</version>
-		</dependency>
-		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-log4j12</artifactId>
-			<version>1.6.1</version>
-		</dependency>
-		<dependency>
-			<groupId>javax.servlet</groupId>
-			<artifactId>servlet-api</artifactId>
-			<version>2.5</version>
-			<scope>provided</scope>
-		</dependency>
-		<dependency>
-			<groupId>commons-codec</groupId>
-			<artifactId>commons-codec</artifactId>
-			<version>1.4</version>
-		</dependency>
-		<dependency>
-			<groupId>commons-lang</groupId>
-			<artifactId>commons-lang</artifactId>
-			<version>2.5</version>
-			<type>jar</type>
-			<scope>compile</scope>
-		</dependency>
-		<dependency>
-			<groupId>commons-httpclient</groupId>
-			<artifactId>commons-httpclient</artifactId>
-			<version>3.1</version>
-		</dependency>
-	</dependencies>
-	
-</project>
diff --git a/repository/at/gv/util/egovutils/1.0.4/egovutils-1.0.4.jar b/repository/at/gv/util/egovutils/1.0.4/egovutils-1.0.4.jar
deleted file mode 100644
index 1fb2b7c22..000000000
Binary files a/repository/at/gv/util/egovutils/1.0.4/egovutils-1.0.4.jar and /dev/null differ
diff --git a/repository/at/gv/util/egovutils/1.0.4/egovutils-1.0.4.pom b/repository/at/gv/util/egovutils/1.0.4/egovutils-1.0.4.pom
deleted file mode 100644
index 4a46fcee4..000000000
--- a/repository/at/gv/util/egovutils/1.0.4/egovutils-1.0.4.pom
+++ /dev/null
@@ -1,80 +0,0 @@
-<?xml version="1.0"?>
-<project
-	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
-	xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-	<modelVersion>4.0.0</modelVersion>
-	<groupId>at.gv.util</groupId>
-	<artifactId>egovutils</artifactId>
-	<version>1.0.4</version>
-	<name>zuseutil</name>
-	<url>http://maven.apache.org</url>
-	<properties>
-		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-	</properties>
-	<dependencies>
-		<dependency>
-			<groupId>xerces</groupId>
-			<artifactId>xercesImpl</artifactId>
-			<version>2.11.0</version>
-		</dependency>
-		<dependency>
-			<groupId>xalan</groupId>
-			<artifactId>xalan</artifactId>
-			<version>2.7.1</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun</groupId>
-			<artifactId>webservices-tools</artifactId>
-			<version>2.0.1</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun</groupId>
-			<artifactId>webservices-rt</artifactId>
-			<version>2.0.1</version>
-		</dependency>
-		<dependency>
-			<groupId>commons-validator</groupId>
-			<artifactId>commons-validator</artifactId>
-			<version>1.3.1</version>
-		</dependency>
-		<dependency>
-			<groupId>bouncycastle</groupId>
-			<artifactId>bcprov-jdk16</artifactId>
-			<version>140</version>
-		</dependency>
-		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-api</artifactId>
-			<version>1.6.1</version>
-		</dependency>
-		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-log4j12</artifactId>
-			<version>1.6.1</version>
-		</dependency>
-		<dependency>
-			<groupId>javax.servlet</groupId>
-			<artifactId>servlet-api</artifactId>
-			<version>2.5</version>
-			<scope>provided</scope>
-		</dependency>
-		<dependency>
-			<groupId>commons-codec</groupId>
-			<artifactId>commons-codec</artifactId>
-			<version>1.4</version>
-		</dependency>
-		<dependency>
-			<groupId>commons-lang</groupId>
-			<artifactId>commons-lang</artifactId>
-			<version>2.5</version>
-			<type>jar</type>
-			<scope>compile</scope>
-		</dependency>
-		<dependency>
-			<groupId>commons-httpclient</groupId>
-			<artifactId>commons-httpclient</artifactId>
-			<version>3.1</version>
-		</dependency>
-	</dependencies>
-	
-</project>
-- 
cgit v1.2.3


From a57ac85d0cbdfca74bc3d477ff092f196c51e124 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 15 Sep 2014 11:31:34 +0200
Subject: update repositority

---
 .../at/gv/util/egovutils/1.0.7/egovutils-1.0.7.jar | Bin 0 -> 3123386 bytes
 .../at/gv/util/egovutils/1.0.7/egovutils-1.0.7.pom |  85 +++++++++++++++++++++
 2 files changed, 85 insertions(+)
 create mode 100644 repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.jar
 create mode 100644 repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.pom

diff --git a/repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.jar b/repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.jar
new file mode 100644
index 000000000..1ed9e413f
Binary files /dev/null and b/repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.jar differ
diff --git a/repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.pom b/repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.pom
new file mode 100644
index 000000000..ffad37237
--- /dev/null
+++ b/repository/at/gv/util/egovutils/1.0.7/egovutils-1.0.7.pom
@@ -0,0 +1,85 @@
+<?xml version="1.0"?>
+<project
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
+	xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+	<modelVersion>4.0.0</modelVersion>
+	<groupId>at.gv.util</groupId>
+	<artifactId>egovutils</artifactId>
+	<version>1.0.7</version>
+	<name>zuseutil</name>
+	<url>http://maven.apache.org</url>
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+	</properties>
+	<dependencies>
+		<dependency>
+			<groupId>xerces</groupId>
+			<artifactId>xercesImpl</artifactId>
+			<version>2.11.0</version>
+		</dependency>
+		<dependency>
+			<groupId>xalan</groupId>
+			<artifactId>xalan</artifactId>
+			<version>2.7.1</version>
+		</dependency>
+		<dependency>
+			<groupId>com.sun</groupId>
+			<artifactId>webservices-tools</artifactId>
+			<version>2.0.1</version>
+		</dependency>
+		<dependency>
+			<groupId>com.sun</groupId>
+			<artifactId>webservices-rt</artifactId>
+			<version>2.0.1</version>
+		</dependency>
+		<dependency>
+			<groupId>commons-validator</groupId>
+			<artifactId>commons-validator</artifactId>
+			<version>1.4.0</version>
+		</dependency>
+		<dependency>
+			<groupId>commons-beanutils</groupId>
+			<artifactId>commons-beanutils</artifactId>
+			<version>1.9.2</version>
+		</dependency>		
+		<dependency>
+			<groupId>bouncycastle</groupId>
+			<artifactId>bcprov-jdk16</artifactId>
+			<version>140</version>
+		</dependency>
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>slf4j-api</artifactId>
+			<version>1.7.7</version>
+		</dependency>
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>slf4j-log4j12</artifactId>
+			<version>1.7.7</version>
+		</dependency>
+		<dependency>
+			<groupId>javax.servlet</groupId>
+			<artifactId>servlet-api</artifactId>
+			<version>2.5</version>
+			<scope>provided</scope>
+		</dependency>
+		<dependency>
+			<groupId>commons-codec</groupId>
+			<artifactId>commons-codec</artifactId>
+			<version>1.9</version>
+		</dependency>
+		<dependency>
+			<groupId>commons-lang</groupId>
+			<artifactId>commons-lang</artifactId>
+			<version>2.6</version>
+			<type>jar</type>
+			<scope>compile</scope>
+		</dependency>
+		<dependency>
+			<groupId>commons-httpclient</groupId>
+			<artifactId>commons-httpclient</artifactId>
+			<version>3.1</version>
+		</dependency>
+	</dependencies>
+	
+</project>
-- 
cgit v1.2.3


From a6f9a1f7f5340cd0c0617ae690c9445ffef20e97 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 15 Sep 2014 11:34:50 +0200
Subject: update MOA-SPSS certstore and trustprofiles

---
 ...0240701.SerNo144ddd(SecureSignatureKeypair).cer |  26 +++++++++++++++++++++
 ...0240701.SerNo144de4(SecureSignatureKeypair).cer |  23 ++++++++++++++++++
 ...0240701.SerNo144df5(SecureSignatureKeypair).cer |  23 ++++++++++++++++++
 ...-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer | Bin 0 -> 1485 bytes
 ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer |  21 +++++++++++++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer |  23 ++++++++++++++++++
 ...a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer |  26 +++++++++++++++++++++
 ...-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer | Bin 0 -> 1485 bytes
 ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer |  21 +++++++++++++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer |  23 ++++++++++++++++++
 ...-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer | Bin 0 -> 1485 bytes
 ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer |  21 +++++++++++++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer |  23 ++++++++++++++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer |  23 ++++++++++++++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer |  23 ++++++++++++++++++
 ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer |  23 ++++++++++++++++++
 ...0240701.SerNo144ddd(SecureSignatureKeypair).cer |  26 +++++++++++++++++++++
 ...0240701.SerNo144de4(SecureSignatureKeypair).cer |  23 ++++++++++++++++++
 ...0240701.SerNo144df5(SecureSignatureKeypair).cer |  23 ++++++++++++++++++
 ...0240701.SerNo144ddd(SecureSignatureKeypair).cer |  26 +++++++++++++++++++++
 ...0240701.SerNo144de4(SecureSignatureKeypair).cer |  23 ++++++++++++++++++
 ...0240701.SerNo144df5(SecureSignatureKeypair).cer |  23 ++++++++++++++++++
 22 files changed, 443 insertions(+)
 create mode 100644 spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
 create mode 100644 spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
 create mode 100644 spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
 create mode 100644 spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
 create mode 100644 spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
 create mode 100644 spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 spss/handbook/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/identityLink+Test/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/identityLink/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/officialSignature/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
 create mode 100644 spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer

diff --git a/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..eb051dc4d
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
+VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
+IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
+bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
+GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
+LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
+AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
+cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
+ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
+SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
+YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
+fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
+lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
+x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
+rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
+X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
+lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
+6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
+kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
+qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
+TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
+46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
+KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
+C016YgTrrQ==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..be29fb6ac
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
+Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
+q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
+ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
+ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
+833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
+5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
+CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
+MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
+kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
+BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
+pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
+9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
+2dMmiMQ7gGhWX9X6gWLd
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..e1100c7fc
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
+Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
+JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
+hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
+L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
++XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
+U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
+o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
+jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
++7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
+BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
+drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
+rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
+VxCuPLXx/4sCfANQtvuY
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
new file mode 100644
index 000000000..b9a0e5a61
Binary files /dev/null and b/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer differ
diff --git a/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
new file mode 100644
index 000000000..e90f5f2a6
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
+MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
+FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
+MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
+BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
+jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
+2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
+tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
+8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
+1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
+AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
+A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
+sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
+C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
+/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
+PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
+NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
+xw==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer b/spss/handbook/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
new file mode 100644
index 000000000..04627da98
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEdzCCA1+gAwIBAgIDFLT9MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwNDIw
+NVoXDTI0MDcyMzA4NDIwNVowgYcxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxFjAUBgNVBAsMDWEtc2lnbi1TU0wtMDMxFjAUBgNVBAMMDWEt
+c2lnbi1TU0wtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjPM6
+PqgdPBPV4Efudpytt2Y4GZJfjeRdZo5SCuULDvvL+23xxBWnR3scFvfE1ekHN/YK
+k+2/qhU2B2ntoSNJSyDchNM8YPc9Lx67zZyhQTZgbBzh3IZAVb/hwuRRRV68JCBj
+r3r6v7IbwjH5XcVISdB4szx0z93aAQyKW9QkV+tD5a1vWFETvdHsZeVmDzfqcdsG
+AznPJw+9HrImCsswCWYUgPcFRkPNjj2r2NoyckVN781aWmNTAqJPf/Ckj9l9pUIt
+Vjhy8XNJW4iVDBkkykBXcGSkIau0ypJrRjsD1jKqUTIRZ/y2HlyltmwWi8OuyBLd
+LaHDbjc0b6JmqoivAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQD6h02K0A90wEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEG
+MIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQv
+b3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJl
+dm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1
+dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAbHQvTl94ommGFln3s6wmd/tr6r5R
+3FR3A7O/uiGEAqm/7B84KGkTmKHhChGMiCiMcBSGtMx1IaO+t7gimLtRL57wgeIf
+k6nsgcbBioh0nO12XDagdtj75Dr7buEFyQvFdfydi5cAwScLW+YYxtwDni9/debd
+ypFKeCRxdCX12n0oFQDPJf8YvE4CaDitBJCQrZdJBDpB6muF8mpNq8CIuyTPIBZX
+RPKJNfIraKq/Xi7tuLkvWVGVsSqJeTvP++05Tvv/44+XBpCp3sUrjsb0G0Mj90PG
+SnAapsrgzDzLO/LQ8vrB9H2oRM4iYfUxu/dKSOBVXa3WQzsLBL0/9zZ30g==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
new file mode 100644
index 000000000..b9a0e5a61
Binary files /dev/null and b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer differ
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
new file mode 100644
index 000000000..e90f5f2a6
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
+MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
+FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
+MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
+BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
+jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
+2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
+tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
+8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
+1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
+AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
+A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
+sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
+C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
+/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
+PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
+NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
+xw==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature+Test/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
new file mode 100644
index 000000000..b9a0e5a61
Binary files /dev/null and b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer differ
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
new file mode 100644
index 000000000..e90f5f2a6
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
+MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
+FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
+MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
+BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
+jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
+2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
+tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
+8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
+1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
+AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
+A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
+sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
+C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
+/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
+PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
+NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
+xw==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/certifiedSignature/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/identityLink+Test/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/spss/handbook/conf/moa-spss/trustProfiles/identityLink+Test/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/identityLink+Test/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/identityLink/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/spss/handbook/conf/moa-spss/trustProfiles/identityLink/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/identityLink/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/officialSignature/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/spss/handbook/conf/moa-spss/trustProfiles/officialSignature/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 000000000..2284687bb
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/officialSignature/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..eb051dc4d
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
+VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
+IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
+bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
+GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
+LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
+AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
+cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
+ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
+SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
+YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
+fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
+lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
+x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
+rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
+X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
+lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
+6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
+kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
+qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
+TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
+46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
+KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
+C016YgTrrQ==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..be29fb6ac
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
+Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
+q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
+ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
+ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
+833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
+5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
+CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
+MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
+kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
+BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
+pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
+9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
+2dMmiMQ7gGhWX9X6gWLd
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..e1100c7fc
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature+Test/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
+Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
+JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
+hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
+L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
++XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
+U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
+o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
+jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
++7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
+BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
+drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
+rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
+VxCuPLXx/4sCfANQtvuY
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..eb051dc4d
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
+VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
+IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
+bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
+GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
+LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
+AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
+cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
+ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
+SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
+YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
+fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
+lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
+x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
+rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
+X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
+lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
+6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
+kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
+qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
+TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
+46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
+KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
+C016YgTrrQ==
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..be29fb6ac
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
+Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
+q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
+ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
+ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
+833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
+5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
+CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
+MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
+kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
+BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
+pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
+9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
+2dMmiMQ7gGhWX9X6gWLd
+-----END CERTIFICATE-----
diff --git a/spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..e1100c7fc
--- /dev/null
+++ b/spss/handbook/conf/moa-spss/trustProfiles/secureSignature/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
+Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
+JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
+hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
+L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
++XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
+U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
+o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
+jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
++7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
+BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
+drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
+rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
+VxCuPLXx/4sCfANQtvuY
+-----END CERTIFICATE-----
-- 
cgit v1.2.3


From 714a8cb32dd5585829dfc1926e56971425a2a692 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 15 Sep 2014 11:43:16 +0200
Subject: update MOA-SPSS handbook and release information

---
 spss/handbook/handbook/index.html |  2 +-
 spss/server/history.txt           |  1 +
 spss/server/readme.update.txt     | 44 +++++++--------------------------------
 3 files changed, 9 insertions(+), 38 deletions(-)

diff --git a/spss/handbook/handbook/index.html b/spss/handbook/handbook/index.html
index f84920d0a..1bb2cf743 100644
--- a/spss/handbook/handbook/index.html
+++ b/spss/handbook/handbook/index.html
@@ -15,7 +15,7 @@
   </table>
   <hr/> 
   <p class="title">MOA: Serversignatur (SS) und Signaturpr&uuml;fung (SP) </p> 
-  <p class="subtitle">&Uuml;bersicht zur Dokumentation der Version 2.0.0</p> 
+  <p class="subtitle">&Uuml;bersicht zur Dokumentation der Version 2.0.x</p> 
   <hr/>
   <dl>
     <dt><a href="./intro/intro.html">Einf&uuml;hrung</a></dt>
diff --git a/spss/server/history.txt b/spss/server/history.txt
index 5be2029b4..01a38524e 100644
--- a/spss/server/history.txt
+++ b/spss/server/history.txt
@@ -3,6 +3,7 @@
 ##############
 - Libraries aktuallisert
   - iaik-tsl Version 1.1 (Implementiert ETSI TS119612 V1.2.1)
+- Update der Standard Trustprofile
 
 ##############
 2.0.1
diff --git a/spss/server/readme.update.txt b/spss/server/readme.update.txt
index 299cbb7b9..144abc5bc 100644
--- a/spss/server/readme.update.txt
+++ b/spss/server/readme.update.txt
@@ -1,41 +1,9 @@
 -------------------------------------------------------------------------------
   Update einer bestehenden MOA-SPSS-Installation auf Version 2.0.2
 -------------------------------------------------------------------------------
-Der Updateprozess auf die MOA-SPSS Version 2.0.2 unterscheidet sich, 
-je nach dem welche welche MOA-SPSS Version aktuell verwendet wird.
-
---------------------------
-Update von Version 2.0.1
---------------------------
-1.)	Erstellen Sie eine Sicherungskopie des kompletten Tomcat-Verzeichnisses
-	Ihrer MOA-SPSS-Installation.
-	
-2.)	Entpacken Sie die Datei "moa-spss-2.0.2.zip" in das Verzeichnis MOA_SPSS_INST.
-
-3.) Loeschen Sie das Verzeichnis CATALINA_HOME\webapps\moa-spss.
-
-4.) Ersetzen Sie die Datei CATALINA_HOME\webapps\moa-spss.war durch die Datei 
-	MOA_SPSS_INST\moa-spss.war.
-		
-5.) Loeschen Sie das Verzeichnis CATALINA_HOME\work.
-
---------------------------
-Update von einer Version < 2.0.1
---------------------------
-1.) Führen Sie ein Update laut der Beschreibung 
-    "Update einer bestehenden MOA-SPSS-Installation auf Version 2.0.1" durch.
-
-2.) Führen Sie das Update auf die Version 2.0.2 laut 
-    "Update von Version 2.0.1" durch.
-
-
-
--------------------------------------------------------------------------------
-  Update einer bestehenden MOA-SPSS-Installation auf Version 2.0.1
--------------------------------------------------------------------------------
 Es gibt zwei Moeglichkeiten (im Folgenden als "Update Variante A" und 
 "Update Variante B" bezeichnet), das Update von MOA-SPSS auf Version
-2.0.1 durchzufuehren. Update Variante A geht dabei den Weg ueber eine 
+2.0.2 durchzufuehren. Update Variante A geht dabei den Weg ueber eine 
 vorangestellte Neuinstallation, waehrend Variante B direkt eine  
 bestehende Installation aktualisiert.
 
@@ -46,7 +14,7 @@ JAVA_HOME bezeichnet das Wurzelverzeichnis der JDK-Installation
 CATALINA_HOME bezeichnet das Wurzelverzeichnis der Tomcat-Installation
 
 MOA_SPSS_INST bezeichnet das Verzeichnis, in das Sie die Datei
-moa-spss-2.0.1.zip entpackt haben.
+moa-spss-2.0.2.zip entpackt haben.
 
 --------------------------
 Update Variante A 
@@ -83,7 +51,7 @@ Update Variante B
 1.)	Erstellen Sie eine Sicherungskopie des kompletten Tomcat-Verzeichnisses
 	Ihrer MOA-SPSS-Installation.
 	
-2.)	Entpacken Sie die Datei "moa-spss-2.0.1.zip" in das Verzeichnis MOA_SPSS_INST.
+2.)	Entpacken Sie die Datei "moa-spss-2.0.2.zip" in das Verzeichnis MOA_SPSS_INST.
 
 3.)	Erstellen Sie eine Sicherungskopie aller "iaik*.jar"-Dateien im Verzeichnis
 	JAVA_HOME\jre\lib\ext und loeschen Sie diese Dateien danach.
@@ -119,10 +87,12 @@ Update Variante B
 		um die Profile auf den aktuellen Stand zu bringen:
 	
 		1)  Loeschen Sie die Datei "C=AT,O=Hauptverband oesterr. Sozialvers.,CN=CRL-Signer.der"
-			aus jedem Trustprofil, in dem sie enthalten ist. 		
+			aus jedem Trustprofil, in dem sie enthalten ist. (Je nachdem welche Version Sie 
+      ursprünglich verwendet haben kann diese Datei auch in keinem Trustprofile vorhanden sein)
 		
 		2)	Loeschen Sie die Datei "OCSP Responder 02-20051027-20101027.der" aus jedem 
-			Trustprofil, in dem sie enthalten ist.
+			Trustprofil, in dem sie enthalten ist. (Je nachdem welche Version Sie 
+      ursprünglich verwendet haben kann diese Datei auch in keinem Trustprofile vorhanden sein)
 			
 		3)	Ergaenzen Sie ihre Trustprofile durch alle Zertifikate aus den entsprechenden Profilen
 			im Verzeichnis MOA_SPSS_INST\conf\moa-spss\trustProfiles, die nicht in Ihren
-- 
cgit v1.2.3