www-aem-dev2.manulife.ca

- Manulife Financial -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number e3:e7:89:6f:db:3a:24:59:78:89:60:c1:12:76:15:b0 was issued on by Sectigo Limited.

With 34 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Manulife Financial

Organization: Manulife Financial
Organization unit: Canadian Division
Organization unit: Multi-Domain SSL
Address: 500 King Street North
Postal code: N2J 4C6
State / Province: Ontario
Locality: Waterloo
Country: CA

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): e3:e7:89:6f:db:3a:24:59:78:89:60:c1:12:76:15:b0
Serial Number (int): 302936963169786694197595705141445924272
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 22:9d:f8:1a:3f:d1:71:7f:eb:45:5b:c7:41:12:9e:63:d4:be:71:37
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): 7b:11:21:dd:e7:78:c8:f8:f0:b3:2d:18:a6:39:68:8b:45:da:20:4f
Fingerprint (sha256): 06:fe:b4:9b:80:e8:dc:0b:ba:b1:6f:d1:8f:0c:51:15:fb:d1:6e:e1:7f:c1:3d:f4:a2:0a:f1:2c:13:96:49:b1

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate www-aem-dev2.manulife.ca

34

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www-aem-dev2.manulife.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www-aem-dev2.manulife.ca
author-aem-dev2.manulife.ca
www-aem-dev2.assurance-manuvie.ca
www-aem-dev2.bank.manulife.ca
www-aem-dev2.bank.manuvie.ca
www-aem-dev2.cmtcp.manulife.ca
www-aem-dev2.cmtcp.manuvie.ca
www-aem-dev2.coverme.manulife.ca
www-aem-dev2.coverme.manuvie.ca
www-aem-dev2.cpao.manulife.ca
www-aem-dev2.cpao.manuvie.ca
www-aem-dev2.developer.manulife.ca
www-aem-dev2.developer.manuvie.ca
www-aem-dev2.groupbenefits.manulife.ca
www-aem-dev2.info.manulife.ca
www-aem-dev2.info.manuvie.ca
www-aem-dev2.legacy.manulife.ca
www-aem-dev2.legacy.manuvie.ca
www-aem-dev2.manulife-group-plans.ca
www-aem-dev2.manulife-insurance.ca
www-aem-dev2.manulife-securities.manulife.ca
www-aem-dev2.manulife-securities.manuvie.ca
www-aem-dev2.manuvie.ca
www-aem-dev2.mpw.manulife.ca
www-aem-dev2.mpw.manuvie.ca
www-aem-dev2.offers.bank.manulife.ca
www-aem-dev2.offres.bank.manuvie.ca
www-aem-dev2.regimes-collectifs-manuvie.ca
www-aem-dev2.rr.manulife.ca
www-aem-dev2.rr.manuvie.ca
www-aem-dev2.travel.manulife.ca
www-aem-dev2.travel.manuvie.ca
www-aem-dev2.travelb2b.manulife.ca
www-aem-dev2.travelb2b.manuvie.ca

Other certificates including the domain name manulife.ca

(limited to 100 certificates)
manulife.com
www-aem-qa2.manulife.ca
client.manulifebank.com
manulife.com
manulife.com
content-txn-uat.manulife.ca
www-aem-dev1.manulife.ca
www-aem-dev2.manulife.ca
www-aem-qa.manulife.ca
www-aem-prod.manulife.ca
manulife.com
manulife.com
uat.manulifesecurities.manulife.ca
manulife.com
manulife.com
origin-api.manulifesecurities.manulife.ca
devintegrator.gbi.manulife.ca
manulife.com
manulife.com
manulife.com
cdn.dev.manulife.ca
www-aem-dev1.manulife.ca
manulife.com
mfti-app.np.aks.manulife.ca
preprod.mtls.api.manulife.com
preview.id.manulife.ca
jira-t1.manulife.ca
manulife.com
manulife.com
dev.portal.manulife.ca
advisor.manulife.ca
qa.manulifesecurities.manulife.ca
edge.prod-ext.api.manulife.com
www-aem-prod.manulife.ca
www-aem-dev2.manulife.ca
manulife.com
uat.statements.manulifebank.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
artifactory-test.manulife.ca
manulife.com
hf.integrator.gbi.manulife.ca
manulife.com
content-txn-dev.manulife.ca
retirement.manulife.ca
saml-advisors.preview.manulife.ca
interac-uat.manulifebank.ca
manulife.com
content-txn-prd.manulife.ca
manulife.com
manulife.com
integrator.gbi.manulife.ca
manulife.com
sf-service-medallia-dev.manulife.ca
manulife.com
manulife.com
www-aem-dev.manulife.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
nonprod.vitalityservice.manulife.ca
tripx-graphql.dev.aks.manulife.ca
manulife.com
snowbound-viewer-prd.manulife.ca
manulife.com
dev.policyservice.manulife.ca
manulife.com
www-aem-qa.manulife.ca
content-txn-dev.manulife.ca
edge.prod-ext.api.manulife.com
hf.gbi.manulife.ca
interac-uat.manulifebank.ca
manulife.com
manulife.com
www-aem-stage.manulife.ca
manulife.com
manulife.com
manulife.com
mail-ds.manulife.ca
manulife.com
dev.jmeter.aks.manulife.ca
www.insurance.manulife.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
stage.manulifesecurities.manulife.ca
www-aem-dev.manulife.ca
manulife.com
portal.manulife.ca
manulife.com
manulife.com
uat.advisor.manulife.ca

Certificate

The complete raw certificate details for www-aem-dev2.manulife.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIILuzCCCqOgAwIBAgIRAOPniW/bOiRZeIlgwRJ2FbAwDQYJKoZIhvcNAQELBQAw
gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE
AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
cnZlciBDQTAeFw0xOTA4MTkwMDAwMDBaFw0yMTA4MTgyMzU5NTlaMIHbMQswCQYD
VQQGEwJDQTEQMA4GA1UEERMHTjJKIDRDNjEQMA4GA1UECBMHT250YXJpbzERMA8G
A1UEBxMIV2F0ZXJsb28xHjAcBgNVBAkTFTUwMCBLaW5nIFN0cmVldCBOb3J0aDEb
MBkGA1UEChMSTWFudWxpZmUgRmluYW5jaWFsMRowGAYDVQQLExFDYW5hZGlhbiBE
aXZpc2lvbjEZMBcGA1UECxMQTXVsdGktRG9tYWluIFNTTDEhMB8GA1UEAxMYd3d3
LWFlbS1kZXYyLm1hbnVsaWZlLmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA83PmtnpkMbyI96QmN10H38n2kiO8F1tyP1a5xGTE0zTUyZ5E8pFcnnFt
R+a+vgPjD0TK48K6tSgh3oN1LJ2Ih21pIH5WB6p+e99DefstoyFh9b4UDklf+fW7
6t3OjRJFNov5FMTrxWkl6G+oQyKxpyDl8h52vRBnATXmTjwXd5CXyKxS6Y1apbc8
GG4cfN5THbq8/P+7BKYsEZovIl+jvadnu0KPHYL+hO37IHGhLNkI3QbMNkQ5UE/x
1vSGl3fe4BUTRvvPWj2Mvf4VCsFYqKtyYJrpZOsbHpspSDsLqn6LNYQY0+ziGWgK
6hIr18huiTSugLNdktPr4l+khI0zywIDAQABo4IHvDCCB7gwHwYDVR0jBBgwFoAU
F9nWJSdn+THCSUPZMDZEjGypT+swHQYDVR0OBBYEFCKd+Bo/0XF/60Vbx0ESnmPU
vnE3MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjBKBgNVHSAEQzBBMDUGDCsGAQQBsjEBAgEDBDAlMCMG
CCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwWgYD
VR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNB
T3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBigYIKwYB
BQUHAQEEfjB8MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LnNlY3RpZ28uY29tL1Nl
Y3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0
MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTCCBIEGA1UdEQSC
BHgwggR0ghh3d3ctYWVtLWRldjIubWFudWxpZmUuY2GCG2F1dGhvci1hZW0tZGV2
Mi5tYW51bGlmZS5jYYIhd3d3LWFlbS1kZXYyLmFzc3VyYW5jZS1tYW51dmllLmNh
gh13d3ctYWVtLWRldjIuYmFuay5tYW51bGlmZS5jYYIcd3d3LWFlbS1kZXYyLmJh
bmsubWFudXZpZS5jYYIed3d3LWFlbS1kZXYyLmNtdGNwLm1hbnVsaWZlLmNhgh13
d3ctYWVtLWRldjIuY210Y3AubWFudXZpZS5jYYIgd3d3LWFlbS1kZXYyLmNvdmVy
bWUubWFudWxpZmUuY2GCH3d3dy1hZW0tZGV2Mi5jb3Zlcm1lLm1hbnV2aWUuY2GC
HXd3dy1hZW0tZGV2Mi5jcGFvLm1hbnVsaWZlLmNhghx3d3ctYWVtLWRldjIuY3Bh
by5tYW51dmllLmNhgiJ3d3ctYWVtLWRldjIuZGV2ZWxvcGVyLm1hbnVsaWZlLmNh
giF3d3ctYWVtLWRldjIuZGV2ZWxvcGVyLm1hbnV2aWUuY2GCJnd3dy1hZW0tZGV2
Mi5ncm91cGJlbmVmaXRzLm1hbnVsaWZlLmNhgh13d3ctYWVtLWRldjIuaW5mby5t
YW51bGlmZS5jYYIcd3d3LWFlbS1kZXYyLmluZm8ubWFudXZpZS5jYYIfd3d3LWFl
bS1kZXYyLmxlZ2FjeS5tYW51bGlmZS5jYYIed3d3LWFlbS1kZXYyLmxlZ2FjeS5t
YW51dmllLmNhgiR3d3ctYWVtLWRldjIubWFudWxpZmUtZ3JvdXAtcGxhbnMuY2GC
Ind3dy1hZW0tZGV2Mi5tYW51bGlmZS1pbnN1cmFuY2UuY2GCLHd3dy1hZW0tZGV2
Mi5tYW51bGlmZS1zZWN1cml0aWVzLm1hbnVsaWZlLmNhgit3d3ctYWVtLWRldjIu
bWFudWxpZmUtc2VjdXJpdGllcy5tYW51dmllLmNhghd3d3ctYWVtLWRldjIubWFu
dXZpZS5jYYIcd3d3LWFlbS1kZXYyLm1wdy5tYW51bGlmZS5jYYIbd3d3LWFlbS1k
ZXYyLm1wdy5tYW51dmllLmNhgiR3d3ctYWVtLWRldjIub2ZmZXJzLmJhbmsubWFu
dWxpZmUuY2GCI3d3dy1hZW0tZGV2Mi5vZmZyZXMuYmFuay5tYW51dmllLmNhgip3
d3ctYWVtLWRldjIucmVnaW1lcy1jb2xsZWN0aWZzLW1hbnV2aWUuY2GCG3d3dy1h
ZW0tZGV2Mi5yci5tYW51bGlmZS5jYYIad3d3LWFlbS1kZXYyLnJyLm1hbnV2aWUu
Y2GCH3d3dy1hZW0tZGV2Mi50cmF2ZWwubWFudWxpZmUuY2GCHnd3dy1hZW0tZGV2
Mi50cmF2ZWwubWFudXZpZS5jYYIid3d3LWFlbS1kZXYyLnRyYXZlbGIyYi5tYW51
bGlmZS5jYYIhd3d3LWFlbS1kZXYyLnRyYXZlbGIyYi5tYW51dmllLmNhMIIBfQYK
KwYBBAHWeQIEAgSCAW0EggFpAWcAdQD2XJQv0XcwIhRUGAgwlFaO400TGTO/3wwv
IAvMTvFk4wAAAWysOAxlAAAEAwBGMEQCIFscjHTUgg6o+tHlhERJGcBEsTsI4Da5
xT8qhgHo1MpbAiBgIM4UPs5x6bmjcCWyU8TA5ftq9562B/rTNJarZbADwAB2AESU
ZS6w7s6vxEAH2Kj+KMDa5oK+2MsxtT/TM5a1toGoAAABbKw4DIkAAAQDAEcwRQIh
AIMZPFPDKJjdUb4lX0eLlG3Lbo5gYXWNRpmcJlZKwIbHAiBBkEtAXgpb2LyxJ7qq
NN5dwYywpINLdSTVde+6GXIc9QB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+j
qh0HE9MMAAABbKw4DFwAAAQDAEcwRQIhAK+VJCJF/JA8X//RmEcbPIhRs5vxKEbx
/XORlwqMwypwAiA1HMeSDhoR2EHAJeL2II8EkMtMyN5tsPQ/LAlxrhNmEDANBgkq
hkiG9w0BAQsFAAOCAQEALaxWSj4IXmqfhKEorX7NxBwokNHEVIwaMHKxD9r+T+hc
Xf58k1V5Ht/OF11FfglegVx/qRBwodS9j42VHqlDJF6bxPIlns03Nr4tIoqFnBlb
l+dLs/2aB5whWXreP5tE5v7UiXqxm5sxQ+LyNDEV4qISucxXJaAh+ZhAGM6ENBiM
LWazcPnU6Y17Bb43bmzx7xzioUEoWiWqZum0B4j3xzW4jUgXu6gHJofN5YY536nj
eRMpDk/NZt9LRa5AdX37cWGOL4eciBLc2afKxZIjdHBY6F8AXJeMx9seoHU2LFCf
nuKNHfNr9e7YRsnhIO6tHoP2ODO8zJyQHIVIS3nkOA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA83PmtnpkMbyI96QmN10H
38n2kiO8F1tyP1a5xGTE0zTUyZ5E8pFcnnFtR+a+vgPjD0TK48K6tSgh3oN1LJ2I
h21pIH5WB6p+e99DefstoyFh9b4UDklf+fW76t3OjRJFNov5FMTrxWkl6G+oQyKx
pyDl8h52vRBnATXmTjwXd5CXyKxS6Y1apbc8GG4cfN5THbq8/P+7BKYsEZovIl+j
vadnu0KPHYL+hO37IHGhLNkI3QbMNkQ5UE/x1vSGl3fe4BUTRvvPWj2Mvf4VCsFY
qKtyYJrpZOsbHpspSDsLqn6LNYQY0+ziGWgK6hIr18huiTSugLNdktPr4l+khI0z
ywIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 302936963169786694197595705141445924272
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-19 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-08-18 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'N2J 4C6'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Waterloo'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '500 King Street North'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Canadian Division'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Multi-Domain SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www-aem-dev2.manulife.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30733061129390848792588602440692559676107561096339047562408781174207595190678117244971891373653340258767666193194846413565036824169895512564830003369858722809727949958351796834159877053455122044406712316594302848782291908499461115998432237957223764457644648534185939757199845479615942063091445499070453635266022525771594486340886621163451329993522127873058335728441642490077651192444192960801182889301950385462620877885265453758655810564570132898330215463625567736183532320633957130230715632099992495098520994768286014640870940464566003332661603051003142925112975983429172557910739363231022603324817820118205370020811
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							229df81a3fd1717feb455bc741129e63d4be7137
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1144 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'author-aem-dev2.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.assurance-manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.bank.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.bank.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.cmtcp.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.cmtcp.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.coverme.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.coverme.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.cpao.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.cpao.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.developer.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.developer.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.groupbenefits.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.info.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.info.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.legacy.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.legacy.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.manulife-group-plans.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.manulife-insurance.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.manulife-securities.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.manulife-securities.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.mpw.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.mpw.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.offers.bank.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.offres.bank.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.regimes-collectifs-manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.rr.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.rr.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.travel.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.travel.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.travelb2b.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-dev2.travelb2b.manuvie.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e30000016cac380c65000004030046304402205b1c8c74d4820ea8fad1e584444919c044b13b08e036b9c53f2a8601e8d4ca5b02206020ce143ece71e9b9a37025b253c4c0e5fb6af79eb607fad33496ab65b003c00076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016cac380c89000004030047304502210083193c53c32898dd51be255f478b946dcb6e8e6061758d46999c26564ac086c7022041904b405e0a5bd8bcb127baaa34de5dc18cb0a4834b7524d575efba19721cf50076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016cac380c5c0000040300473045022100af95242245fc903c5fffd198471b3c8851b39bf12846f1fd7391970a8cc32a700220351cc7920e1a11d841c025e2f6208f0490cb4cc8de6db0f43f2c0971ae136610
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002dac564a3e085e6a9f84a128ad7ecdc41c2890d1c4548c1a3072b10fdafe4fe85c5dfe7c9355791edfce175d457e095e815c7fa91070a1d4bd8f8d951ea943245e9bc4f2259ecd3736be2d228a859c195b97e74bb3fd9a079c21597ade3f9b44e6fed4897ab19b9b3143e2f2343115e2a212b9cc5725a021f9984018ce8434188c2d66b370f9d4e98d7b05be376e6cf1ef1ce2a141285a25aa66e9b40788f7c735b88d4817bba8072687cde58639dfa9e37913290e4fcd66df4b45ae40757dfb71618e2f879c8812dcd9a7cac59223747058e85f005c978cc7db1ea075362c509f9ee28d1df36bf5eed846c9e120eead1e83f63833bccc9c901c85484b79e438