From 12204de39f057ca4d404f1ccca2ab03f05b38f63 Mon Sep 17 00:00:00 2001
From: Julien Cristau <jcristau@debian.org>
Date: Wed, 20 Apr 2016 16:20:03 +0200
Subject: [PATCH] Switch gobby.debian.org ssl cert to letsencrypt

---
 modules/roles/manifests/init.pp               |   2 +-
 modules/ssl/files/chains/gobby.debian.org.crt |   1 -
 .../files/servicecerts/gobby.debian.org.crt   | 107 ------------------
 3 files changed, 1 insertion(+), 109 deletions(-)
 delete mode 120000 modules/ssl/files/chains/gobby.debian.org.crt
 delete mode 100644 modules/ssl/files/servicecerts/gobby.debian.org.crt

diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp
index d41a56062..1327cb68e 100644
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -265,7 +265,7 @@ class roles {
 	if has_role('gobby_debian_org') {
 		ssl::service { 'gobby.debian.org':
 			notify => Service['apache2'],
-			tlsaport => [],
+			key => true,
 		}
 	}
 
diff --git a/modules/ssl/files/chains/gobby.debian.org.crt b/modules/ssl/files/chains/gobby.debian.org.crt
deleted file mode 120000
index 50d224a83..000000000
--- a/modules/ssl/files/chains/gobby.debian.org.crt
+++ /dev/null
@@ -1 +0,0 @@
-GANDI-2-CA
\ No newline at end of file
diff --git a/modules/ssl/files/servicecerts/gobby.debian.org.crt b/modules/ssl/files/servicecerts/gobby.debian.org.crt
deleted file mode 100644
index ef744a575..000000000
--- a/modules/ssl/files/servicecerts/gobby.debian.org.crt
+++ /dev/null
@@ -1,107 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            f7:9a:28:28:a2:c6:93:0a:8e:7d:12:c8:8f:dc:4a:64
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=FR, ST=Paris, L=Paris, O=Gandi, CN=Gandi Standard SSL CA 2
-        Validity
-            Not Before: Apr 30 00:00:00 2015 GMT
-            Not After : Apr 30 23:59:59 2016 GMT
-        Subject: OU=Domain Control Validated, OU=Gandi Standard SSL, CN=gobby.debian.org
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:c5:53:06:1a:e4:28:c0:50:81:bc:2b:83:eb:0a:
-                    c4:5f:f8:ec:99:60:3d:29:87:30:fd:bb:80:8d:a8:
-                    27:1d:05:fe:ae:84:32:c3:d5:18:a4:4b:35:94:a0:
-                    48:3c:47:00:46:3c:3a:84:56:fc:29:54:07:94:72:
-                    ca:23:55:1c:d6:1b:54:ef:d1:37:44:fc:57:80:45:
-                    13:b7:f9:f5:5c:82:cf:0a:cc:7c:a9:2e:69:12:3b:
-                    b4:87:0d:65:88:10:a1:a4:25:5a:22:88:2f:bd:e6:
-                    68:2a:52:7d:4f:8d:98:44:70:f4:74:ef:09:73:a8:
-                    19:1f:6e:bb:e1:a5:cd:22:c9:41:19:26:81:b6:84:
-                    9c:ac:9b:25:52:d1:18:fb:6c:12:ba:f1:b0:e6:a3:
-                    92:37:90:e1:a0:0e:04:4a:8d:05:2e:97:bb:22:5c:
-                    e5:22:76:c7:07:70:6f:e8:6f:fc:7e:28:20:f3:d9:
-                    14:cf:9d:05:37:d2:e3:0b:c2:61:d1:ea:60:8d:d0:
-                    a6:01:61:ef:e0:2b:10:3a:1e:59:e1:50:b7:b3:41:
-                    21:86:69:c3:14:92:91:af:9a:14:33:1b:03:b6:fc:
-                    f5:a5:16:b9:62:e3:39:b9:e7:18:48:bd:1a:8e:bd:
-                    72:59:38:2e:e9:da:1f:0e:d9:45:96:ea:f3:a3:15:
-                    f5:59
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Authority Key Identifier: 
-                keyid:B3:90:A7:D8:C9:AF:4E:CD:61:3C:9F:7C:AD:5D:7F:41:FD:69:30:EA
-
-            X509v3 Subject Key Identifier: 
-                41:C8:02:18:10:B1:23:C5:BB:54:80:AC:9C:E5:16:9C:6F:E4:A2:67
-            X509v3 Key Usage: critical
-                Digital Signature, Key Encipherment
-            X509v3 Basic Constraints: critical
-                CA:FALSE
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication, TLS Web Client Authentication
-            X509v3 Certificate Policies: 
-                Policy: 1.3.6.1.4.1.6449.1.2.2.26
-                  CPS: https://cps.usertrust.com
-                Policy: 2.23.140.1.2.1
-
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.usertrust.com/GandiStandardSSLCA2.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://crt.usertrust.com/GandiStandardSSLCA2.crt
-                OCSP - URI:http://ocsp.usertrust.com
-
-            X509v3 Subject Alternative Name: 
-                DNS:gobby.debian.org, DNS:www.gobby.debian.org
-    Signature Algorithm: sha256WithRSAEncryption
-         6a:b4:e9:9a:fa:ab:14:02:27:ad:33:b1:1d:17:d8:45:80:86:
-         5c:50:40:84:bf:fa:82:52:d7:96:d0:ce:b2:d1:d3:86:6b:60:
-         73:25:c6:f0:6d:b8:22:c7:ca:3e:1f:7a:92:f4:61:af:a6:09:
-         61:79:23:9e:5e:f1:56:fc:55:af:52:c6:34:74:e2:ae:e3:86:
-         79:6b:ca:e2:7d:4a:f0:da:0e:2b:05:95:b1:d6:1c:38:09:f8:
-         f9:e8:2c:20:4b:06:91:d0:5a:4b:54:77:9f:1e:ea:7e:8f:f6:
-         12:6a:86:50:24:16:a0:69:bd:41:c3:b2:6c:23:59:bb:6e:2d:
-         f7:1c:be:b5:ea:e3:0b:f4:70:b1:88:c0:1c:11:69:aa:43:59:
-         a9:65:6f:b2:35:48:63:73:17:fa:30:e4:d0:25:e3:46:ec:3b:
-         cf:a0:8d:db:33:ef:b6:f2:c7:90:a1:b0:94:6a:d1:53:fc:c6:
-         98:03:9b:e8:22:64:38:53:98:e5:1c:f9:57:3b:70:91:05:63:
-         ae:70:bb:f0:c0:19:d9:d3:63:f7:f5:ee:24:15:3b:c8:8b:f0:
-         1f:2e:e7:50:f8:b4:1c:42:7a:fe:20:5e:47:e4:12:6b:2a:70:
-         07:a9:e0:5a:2c:79:97:5e:c5:d5:5d:88:43:83:70:ee:ec:d3:
-         83:31:2d:92
------BEGIN CERTIFICATE-----
-MIIFADCCA+igAwIBAgIRAPeaKCiixpMKjn0SyI/cSmQwDQYJKoZIhvcNAQELBQAw
-XzELMAkGA1UEBhMCRlIxDjAMBgNVBAgTBVBhcmlzMQ4wDAYDVQQHEwVQYXJpczEO
-MAwGA1UEChMFR2FuZGkxIDAeBgNVBAMTF0dhbmRpIFN0YW5kYXJkIFNTTCBDQSAy
-MB4XDTE1MDQzMDAwMDAwMFoXDTE2MDQzMDIzNTk1OVowWzEhMB8GA1UECxMYRG9t
-YWluIENvbnRyb2wgVmFsaWRhdGVkMRswGQYDVQQLExJHYW5kaSBTdGFuZGFyZCBT
-U0wxGTAXBgNVBAMTEGdvYmJ5LmRlYmlhbi5vcmcwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQDFUwYa5CjAUIG8K4PrCsRf+OyZYD0phzD9u4CNqCcdBf6u
-hDLD1RikSzWUoEg8RwBGPDqEVvwpVAeUcsojVRzWG1Tv0TdE/FeARRO3+fVcgs8K
-zHypLmkSO7SHDWWIEKGkJVoiiC+95mgqUn1PjZhEcPR07wlzqBkfbrvhpc0iyUEZ
-JoG2hJysmyVS0Rj7bBK68bDmo5I3kOGgDgRKjQUul7siXOUidscHcG/ob/x+KCDz
-2RTPnQU30uMLwmHR6mCN0KYBYe/gKxA6HlnhULezQSGGacMUkpGvmhQzGwO2/PWl
-Frli4zm55xhIvRqOvXJZOC7p2h8O2UWW6vOjFfVZAgMBAAGjggG5MIIBtTAfBgNV
-HSMEGDAWgBSzkKfYya9OzWE8n3ytXX9B/Wkw6jAdBgNVHQ4EFgQUQcgCGBCxI8W7
-VICsnOUWnG/komcwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
-BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEsGA1UdIAREMEIwNgYLKwYBBAGyMQEC
-AhowJzAlBggrBgEFBQcCARYZaHR0cHM6Ly9jcHMudXNlcnRydXN0LmNvbTAIBgZn
-gQwBAgEwQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL2NybC51c2VydHJ1c3QuY29t
-L0dhbmRpU3RhbmRhcmRTU0xDQTIuY3JsMHMGCCsGAQUFBwEBBGcwZTA8BggrBgEF
-BQcwAoYwaHR0cDovL2NydC51c2VydHJ1c3QuY29tL0dhbmRpU3RhbmRhcmRTU0xD
-QTIuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMDEG
-A1UdEQQqMCiCEGdvYmJ5LmRlYmlhbi5vcmeCFHd3dy5nb2JieS5kZWJpYW4ub3Jn
-MA0GCSqGSIb3DQEBCwUAA4IBAQBqtOma+qsUAietM7EdF9hFgIZcUECEv/qCUteW
-0M6y0dOGa2BzJcbwbbgix8o+H3qS9GGvpglheSOeXvFW/FWvUsY0dOKu44Z5a8ri
-fUrw2g4rBZWx1hw4Cfj56CwgSwaR0FpLVHefHup+j/YSaoZQJBagab1Bw7JsI1m7
-bi33HL616uML9HCxiMAcEWmqQ1mpZW+yNUhjcxf6MOTQJeNG7DvPoI3bM++28seQ
-obCUatFT/MaYA5voImQ4U5jlHPlXO3CRBWOucLvwwBnZ02P39e4kFTvIi/AfLudQ
-+LQcQnr+IF5H5BJrKnAHqeBaLHmXXsXVXYhDg3Du7NODMS2S
------END CERTIFICATE-----
-- 
2.20.1