From: Peter Palfrader <peter@palfrader.org>
Date: Wed, 12 Oct 2016 12:23:35 +0000 (+0200)
Subject: LE cert for vote
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=09d3ec9c77da311e68366790e88b7c7640e6ddc5;p=mirror%2Fdsa-puppet.git

LE cert for vote
---

diff --git a/modules/roles/manifests/vote.pp b/modules/roles/manifests/vote.pp
index eedb470a5..dacb24f6c 100644
--- a/modules/roles/manifests/vote.pp
+++ b/modules/roles/manifests/vote.pp
@@ -1,6 +1,6 @@
 class roles::vote {
 	ssl::service { 'vote.debian.org':
 		notify  => Exec['service apache2 reload'],
-		tlsaport => 0,
+		key => true,
 	}
 }
diff --git a/modules/ssl/files/chains/vote.debian.org.crt b/modules/ssl/files/chains/vote.debian.org.crt
deleted file mode 120000
index 50d224a83..000000000
--- a/modules/ssl/files/chains/vote.debian.org.crt
+++ /dev/null
@@ -1 +0,0 @@
-GANDI-2-CA
\ No newline at end of file
diff --git a/modules/ssl/files/servicecerts/vote.debian.org.crt b/modules/ssl/files/servicecerts/vote.debian.org.crt
deleted file mode 100644
index e1d380981..000000000
--- a/modules/ssl/files/servicecerts/vote.debian.org.crt
+++ /dev/null
@@ -1,118 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            ef:ee:24:44:2d:b9:57:41:6e:b4:36:6d:86:6b:f7:cc
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=FR, ST=Paris, L=Paris, O=Gandi, CN=Gandi Standard SSL CA 2
-        Validity
-            Not Before: Dec 11 00:00:00 2015 GMT
-            Not After : Jan 22 23:59:59 2017 GMT
-        Subject: OU=Domain Control Validated, OU=Gandi Standard SSL, CN=vote.debian.org
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (3072 bit)
-                Modulus:
-                    00:c4:13:2e:18:48:aa:5b:3a:25:20:a4:12:9f:bc:
-                    3b:0b:08:c5:5d:8e:df:c5:b4:f5:b9:9e:a2:48:5a:
-                    7b:47:18:26:d9:1a:47:6c:17:ff:9a:63:f8:1c:2b:
-                    95:a7:5a:cf:e2:d7:e3:8a:a0:d8:b0:ab:d1:96:4d:
-                    d6:2c:90:fa:85:04:0f:a5:a4:39:39:12:22:a0:10:
-                    0f:bf:c0:75:5f:36:70:89:e3:c3:02:09:e8:31:3e:
-                    61:e4:08:98:61:18:d2:82:ef:10:1f:27:7d:ae:c8:
-                    77:12:fb:b3:cd:70:7d:66:d7:a6:28:4c:c6:52:a4:
-                    92:b1:de:91:5b:b0:f1:28:33:7a:6a:29:8a:02:ff:
-                    d7:01:5d:a8:e8:60:de:72:bd:51:af:03:e8:39:ae:
-                    a7:dc:17:e3:c8:a5:a4:aa:2a:6e:54:19:aa:1a:14:
-                    b6:cd:28:9d:3e:0a:a9:46:76:0e:32:ee:d7:6a:2d:
-                    31:75:33:bc:b7:c0:67:b9:83:e0:f1:d6:de:34:51:
-                    14:ba:56:6e:b9:b9:fc:ee:a7:7b:a6:cf:a9:52:0a:
-                    3f:63:96:b1:6e:42:55:56:7d:c9:7c:49:fc:09:af:
-                    84:62:0d:22:b7:e9:b4:38:a4:7e:5b:81:63:36:e2:
-                    b5:bb:86:7a:97:62:2c:fc:1c:64:9c:3e:4c:b9:9f:
-                    84:ea:99:db:ee:ed:ef:38:ef:29:1f:1c:54:c1:a1:
-                    49:90:ba:64:2a:b6:ad:aa:05:ea:fe:f6:ff:60:b4:
-                    66:fa:8a:27:4d:ba:9b:57:25:0d:a3:38:08:90:08:
-                    a4:a7:0a:87:2c:f4:6e:66:9b:ff:20:40:f9:c1:55:
-                    0d:8a:dc:69:35:d0:39:7b:14:21:dd:a8:00:6f:02:
-                    14:91:d4:36:61:d9:5b:b1:6f:8c:1e:ef:c4:bc:2b:
-                    e0:1c:d7:a7:6d:d0:2b:43:5f:d0:65:78:76:30:4a:
-                    22:f5:0d:41:fd:19:61:2f:c3:36:b3:0a:06:98:f7:
-                    89:5e:b7:c7:2f:bc:65:03:5a:c9
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Authority Key Identifier: 
-                keyid:B3:90:A7:D8:C9:AF:4E:CD:61:3C:9F:7C:AD:5D:7F:41:FD:69:30:EA
-
-            X509v3 Subject Key Identifier: 
-                E4:58:4E:FF:D0:C7:CF:B7:09:40:B0:0E:5C:AF:E4:28:6D:EB:1D:95
-            X509v3 Key Usage: critical
-                Digital Signature, Key Encipherment
-            X509v3 Basic Constraints: critical
-                CA:FALSE
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication, TLS Web Client Authentication
-            X509v3 Certificate Policies: 
-                Policy: 1.3.6.1.4.1.6449.1.2.2.26
-                  CPS: https://cps.usertrust.com
-                Policy: 2.23.140.1.2.1
-
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.usertrust.com/GandiStandardSSLCA2.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://crt.usertrust.com/GandiStandardSSLCA2.crt
-                OCSP - URI:http://ocsp.usertrust.com
-
-            X509v3 Subject Alternative Name: 
-                DNS:vote.debian.org, DNS:www.vote.debian.org
-    Signature Algorithm: sha256WithRSAEncryption
-         1c:8b:d8:db:71:28:2d:ed:24:b0:19:ec:35:3e:27:76:3d:74:
-         f6:8a:96:12:c5:d0:13:fe:ea:84:0a:fc:d0:72:f7:dc:8e:5f:
-         84:79:c8:1c:30:ad:e8:06:5e:7c:8a:cf:a2:69:cb:e5:f5:4b:
-         d1:c1:78:f6:e3:bb:4d:2e:4a:30:0e:05:2a:82:bb:47:8c:46:
-         59:95:18:f3:3f:37:4c:51:a5:f8:3c:c5:a9:c4:40:3f:9d:70:
-         56:66:64:8e:a9:dc:31:4c:10:05:e0:48:d7:ea:ea:2d:8c:12:
-         42:d4:83:32:57:ad:1a:0a:4d:da:d9:6c:aa:06:79:f6:78:0b:
-         c0:3f:06:eb:69:c7:79:c9:fc:e4:2b:1f:44:4a:7f:aa:92:15:
-         b4:e8:8e:58:c7:1d:73:a0:af:78:3a:dc:ba:6a:49:2d:5e:28:
-         7e:0a:d7:c2:a9:1b:21:cb:9a:b1:4b:cd:50:74:55:ec:0e:7d:
-         d8:05:e5:aa:d7:8c:8a:c6:07:e3:97:0e:e2:51:2e:15:bd:fd:
-         e0:ca:1a:22:24:54:ef:51:42:a1:8d:c4:21:42:77:49:a2:7b:
-         ef:cb:91:5e:e8:32:4f:40:ba:2d:ca:a3:86:f1:2b:be:a0:4f:
-         b2:1b:68:7f:c5:fd:cd:2f:53:82:1a:21:ad:8f:19:6a:0e:d9:
-         25:3c:a3:00
------BEGIN CERTIFICATE-----
-MIIFfTCCBGWgAwIBAgIRAO/uJEQtuVdBbrQ2bYZr98wwDQYJKoZIhvcNAQELBQAw
-XzELMAkGA1UEBhMCRlIxDjAMBgNVBAgTBVBhcmlzMQ4wDAYDVQQHEwVQYXJpczEO
-MAwGA1UEChMFR2FuZGkxIDAeBgNVBAMTF0dhbmRpIFN0YW5kYXJkIFNTTCBDQSAy
-MB4XDTE1MTIxMTAwMDAwMFoXDTE3MDEyMjIzNTk1OVowWjEhMB8GA1UECxMYRG9t
-YWluIENvbnRyb2wgVmFsaWRhdGVkMRswGQYDVQQLExJHYW5kaSBTdGFuZGFyZCBT
-U0wxGDAWBgNVBAMTD3ZvdGUuZGViaWFuLm9yZzCCAaIwDQYJKoZIhvcNAQEBBQAD
-ggGPADCCAYoCggGBAMQTLhhIqls6JSCkEp+8OwsIxV2O38W09bmeokhae0cYJtka
-R2wX/5pj+Bwrladaz+LX44qg2LCr0ZZN1iyQ+oUED6WkOTkSIqAQD7/AdV82cInj
-wwIJ6DE+YeQImGEY0oLvEB8nfa7IdxL7s81wfWbXpihMxlKkkrHekVuw8Sgzemop
-igL/1wFdqOhg3nK9Ua8D6Dmup9wX48ilpKoqblQZqhoUts0onT4KqUZ2DjLu12ot
-MXUzvLfAZ7mD4PHW3jRRFLpWbrm5/O6ne6bPqVIKP2OWsW5CVVZ9yXxJ/AmvhGIN
-IrfptDikfluBYzbitbuGepdiLPwcZJw+TLmfhOqZ2+7t7zjvKR8cVMGhSZC6ZCq2
-raoF6v72/2C0ZvqKJ026m1clDaM4CJAIpKcKhyz0bmab/yBA+cFVDYrcaTXQOXsU
-Id2oAG8CFJHUNmHZW7FvjB7vxLwr4BzXp23QK0Nf0GV4djBKIvUNQf0ZYS/DNrMK
-Bpj3iV63xy+8ZQNayQIDAQABo4IBtzCCAbMwHwYDVR0jBBgwFoAUs5Cn2MmvTs1h
-PJ98rV1/Qf1pMOowHQYDVR0OBBYEFORYTv/Qx8+3CUCwDlyv5Cht6x2VMA4GA1Ud
-DwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
-BgEFBQcDAjBLBgNVHSAERDBCMDYGCysGAQQBsjEBAgIaMCcwJQYIKwYBBQUHAgEW
-GWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20wCAYGZ4EMAQIBMEEGA1UdHwQ6MDgw
-NqA0oDKGMGh0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9HYW5kaVN0YW5kYXJkU1NM
-Q0EyLmNybDBzBggrBgEFBQcBAQRnMGUwPAYIKwYBBQUHMAKGMGh0dHA6Ly9jcnQu
-dXNlcnRydXN0LmNvbS9HYW5kaVN0YW5kYXJkU1NMQ0EyLmNydDAlBggrBgEFBQcw
-AYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAvBgNVHREEKDAmgg92b3RlLmRl
-Ymlhbi5vcmeCE3d3dy52b3RlLmRlYmlhbi5vcmcwDQYJKoZIhvcNAQELBQADggEB
-AByL2NtxKC3tJLAZ7DU+J3Y9dPaKlhLF0BP+6oQK/NBy99yOX4R5yBwwregGXnyK
-z6Jpy+X1S9HBePbju00uSjAOBSqCu0eMRlmVGPM/N0xRpfg8xanEQD+dcFZmZI6p
-3DFMEAXgSNfq6i2MEkLUgzJXrRoKTdrZbKoGefZ4C8A/Butpx3nJ/OQrH0RKf6qS
-FbTojljHHXOgr3g63LpqSS1eKH4K18KpGyHLmrFLzVB0VewOfdgF5arXjIrGB+OX
-DuJRLhW9/eDKGiIkVO9RQqGNxCFCd0mie+/LkV7oMk9Aui3Ko4bxK76gT7IbaH/F
-/c0vU4IaIa2PGWoO2SU8owA=
------END CERTIFICATE-----