From 3318a652cb21ddaa5b80ace134e3227c376eeed1 Mon Sep 17 00:00:00 2001 From: Julien Cristau Date: Sun, 9 Oct 2016 18:14:27 +0200 Subject: [PATCH] Move udd.d.o cert to letsencrypt --- modules/roles/manifests/udd.pp | 2 +- modules/ssl/files/chains/udd.debian.org.crt | 1 - .../ssl/files/servicecerts/udd.debian.org.crt | 118 ------------------ 3 files changed, 1 insertion(+), 120 deletions(-) delete mode 120000 modules/ssl/files/chains/udd.debian.org.crt delete mode 100644 modules/ssl/files/servicecerts/udd.debian.org.crt diff --git a/modules/roles/manifests/udd.pp b/modules/roles/manifests/udd.pp index ea81cdf56..9a92c8214 100644 --- a/modules/roles/manifests/udd.pp +++ b/modules/roles/manifests/udd.pp @@ -1,6 +1,6 @@ class roles::udd { ssl::service { 'udd.debian.org': notify => Exec['service apache2 reload'], - tlsaport => 0, + key => true, } } diff --git a/modules/ssl/files/chains/udd.debian.org.crt b/modules/ssl/files/chains/udd.debian.org.crt deleted file mode 120000 index 50d224a83..000000000 --- a/modules/ssl/files/chains/udd.debian.org.crt +++ /dev/null @@ -1 +0,0 @@ -GANDI-2-CA \ No newline at end of file diff --git a/modules/ssl/files/servicecerts/udd.debian.org.crt b/modules/ssl/files/servicecerts/udd.debian.org.crt deleted file mode 100644 index 080423761..000000000 --- a/modules/ssl/files/servicecerts/udd.debian.org.crt +++ /dev/null @@ -1,118 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 84:f2:3e:03:38:b9:50:f5:73:81:19:be:0c:32:40:e5 - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=FR, ST=Paris, L=Paris, O=Gandi, CN=Gandi Standard SSL CA 2 - Validity - Not Before: Dec 11 00:00:00 2015 GMT - Not After : Dec 30 23:59:59 2016 GMT - Subject: OU=Domain Control Validated, OU=Gandi Standard SSL, CN=udd.debian.org - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (3072 bit) - Modulus: - 00:c1:eb:19:ed:92:6f:75:c5:03:29:c5:44:91:6c: - a8:89:34:02:54:1a:70:ce:ea:3d:db:ee:dd:aa:4f: - 04:03:e7:eb:46:54:92:92:a6:70:03:1d:48:9b:c1: - 0d:b6:77:d3:98:4e:c9:51:e5:6d:a3:9e:62:71:50: - 53:65:70:ea:7b:84:3f:97:2e:37:74:f5:fe:78:0d: - 1d:3a:27:b0:7a:32:ba:23:95:d4:07:31:2d:5e:5c: - 4c:3f:12:29:bf:f3:22:72:e7:d0:8d:8b:dc:ec:6c: - bc:cf:ca:c9:d3:5a:9b:07:6f:d7:9b:cb:66:33:e8: - fd:de:62:92:f2:f7:54:7c:49:0c:b3:4b:f5:da:e3: - 28:7d:38:48:34:80:b9:52:b8:24:03:a4:cb:ee:17: - d8:88:43:55:7c:e3:9c:34:e1:eb:a5:07:85:b4:d3: - 91:75:1f:6c:ea:c2:07:f0:4e:3d:8b:af:8d:4b:f8: - 72:ca:6f:34:e5:0e:c4:d7:0b:e0:86:da:cc:1b:4f: - d7:f6:7b:59:2f:be:84:53:cd:04:15:a5:1f:ab:45: - ac:fd:90:21:9a:26:f4:4b:d2:ac:c4:69:d8:5a:f4: - 2c:74:31:ad:70:44:2a:b0:d8:57:20:17:0b:70:e4: - ca:a5:c9:5a:bb:d5:6c:2f:8e:8c:cf:b0:37:57:17: - 8d:e6:0f:c4:94:45:6c:1a:b4:1a:34:7d:4e:35:de: - 16:d7:22:5d:49:f5:49:78:3b:fa:cc:04:f9:d9:c5: - dd:b5:8a:a0:d1:ec:e4:d3:0d:5b:8f:57:65:a2:31: - 4f:6f:8c:98:cc:59:eb:25:74:d8:19:e0:43:10:f3: - 80:0c:8e:74:0f:3f:31:24:17:c9:91:ff:59:1b:9a: - 57:4e:9b:87:92:8b:91:68:a2:a5:a2:95:63:7f:2d: - d7:66:4c:9d:f7:74:6d:00:3b:a4:3c:d3:71:c9:30: - b7:f5:84:ee:0f:1c:22:1a:bf:92:b5:31:ab:09:dc: - b2:f6:25:2d:bc:46:67:1c:d8:33 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Authority Key Identifier: - keyid:B3:90:A7:D8:C9:AF:4E:CD:61:3C:9F:7C:AD:5D:7F:41:FD:69:30:EA - - X509v3 Subject Key Identifier: - C9:00:B8:C3:DE:B0:10:B5:9B:9E:7C:EF:32:20:81:65:89:50:15:10 - X509v3 Key Usage: critical - Digital Signature, Key Encipherment - X509v3 Basic Constraints: critical - CA:FALSE - X509v3 Extended Key Usage: - TLS Web Server Authentication, TLS Web Client Authentication - X509v3 Certificate Policies: - Policy: 1.3.6.1.4.1.6449.1.2.2.26 - CPS: https://cps.usertrust.com - Policy: 2.23.140.1.2.1 - - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.usertrust.com/GandiStandardSSLCA2.crl - - Authority Information Access: - CA Issuers - URI:http://crt.usertrust.com/GandiStandardSSLCA2.crt - OCSP - URI:http://ocsp.usertrust.com - - X509v3 Subject Alternative Name: - DNS:udd.debian.org, DNS:www.udd.debian.org - Signature Algorithm: sha256WithRSAEncryption - 84:b0:8d:6f:28:91:d2:30:78:62:aa:30:2c:28:2e:76:ea:d5: - 1d:8c:03:fa:00:b4:5f:31:44:d5:b2:21:14:bc:31:17:35:6c: - 1f:9d:99:d8:1c:56:3b:7d:72:e4:35:7d:c3:31:3e:ea:cf:c6: - eb:b6:5c:82:f4:09:aa:ce:c8:af:22:08:27:0c:17:b7:3e:25: - b7:de:0c:a8:a1:73:9f:6b:fe:ca:67:f5:4a:99:48:c1:10:a6: - df:74:d5:31:f5:34:40:93:d1:77:a1:c7:de:35:26:b9:44:f9: - 67:f2:1b:96:c5:3e:d6:0e:b5:6b:09:b0:25:f4:b6:a7:80:eb: - ef:6e:7b:a2:3b:92:f4:98:d7:7e:b3:91:87:69:62:b2:cd:65: - f6:6d:61:a4:f4:01:52:a5:0f:88:e8:04:3b:dc:61:0f:21:fc: - f9:ac:a0:19:7a:4a:18:88:84:3f:14:b9:74:ea:ab:be:a2:50: - 53:75:03:69:af:25:78:ee:ad:77:9d:54:88:22:1f:22:98:2c: - 87:8b:50:56:3e:e1:a7:86:99:a1:e4:b0:3c:a7:a6:19:27:69: - e8:62:76:e0:a0:e6:56:a9:a4:89:55:7f:df:3c:36:95:38:05: - cf:31:50:a8:59:64:a6:15:bc:6b:be:c6:69:c4:c1:6c:f2:d2: - 49:be:c6:ea ------BEGIN CERTIFICATE----- -MIIFejCCBGKgAwIBAgIRAITyPgM4uVD1c4EZvgwyQOUwDQYJKoZIhvcNAQELBQAw -XzELMAkGA1UEBhMCRlIxDjAMBgNVBAgTBVBhcmlzMQ4wDAYDVQQHEwVQYXJpczEO -MAwGA1UEChMFR2FuZGkxIDAeBgNVBAMTF0dhbmRpIFN0YW5kYXJkIFNTTCBDQSAy -MB4XDTE1MTIxMTAwMDAwMFoXDTE2MTIzMDIzNTk1OVowWTEhMB8GA1UECxMYRG9t -YWluIENvbnRyb2wgVmFsaWRhdGVkMRswGQYDVQQLExJHYW5kaSBTdGFuZGFyZCBT -U0wxFzAVBgNVBAMTDnVkZC5kZWJpYW4ub3JnMIIBojANBgkqhkiG9w0BAQEFAAOC -AY8AMIIBigKCAYEAwesZ7ZJvdcUDKcVEkWyoiTQCVBpwzuo92+7dqk8EA+frRlSS -kqZwAx1Im8ENtnfTmE7JUeVto55icVBTZXDqe4Q/ly43dPX+eA0dOiewejK6I5XU -BzEtXlxMPxIpv/MicufQjYvc7Gy8z8rJ01qbB2/Xm8tmM+j93mKS8vdUfEkMs0v1 -2uMofThINIC5UrgkA6TL7hfYiENVfOOcNOHrpQeFtNORdR9s6sIH8E49i6+NS/hy -ym805Q7E1wvghtrMG0/X9ntZL76EU80EFaUfq0Ws/ZAhmib0S9KsxGnYWvQsdDGt -cEQqsNhXIBcLcOTKpclau9VsL46Mz7A3VxeN5g/ElEVsGrQaNH1ONd4W1yJdSfVJ -eDv6zAT52cXdtYqg0ezk0w1bj1dlojFPb4yYzFnrJXTYGeBDEPOADI50Dz8xJBfJ -kf9ZG5pXTpuHkouRaKKlopVjfy3XZkyd93RtADukPNNxyTC39YTuDxwiGr+StTGr -Cdyy9iUtvEZnHNgzAgMBAAGjggG1MIIBsTAfBgNVHSMEGDAWgBSzkKfYya9OzWE8 -n3ytXX9B/Wkw6jAdBgNVHQ4EFgQUyQC4w96wELWbnnzvMiCBZYlQFRAwDgYDVR0P -AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG -AQUFBwMCMEsGA1UdIAREMEIwNgYLKwYBBAGyMQECAhowJzAlBggrBgEFBQcCARYZ -aHR0cHM6Ly9jcHMudXNlcnRydXN0LmNvbTAIBgZngQwBAgEwQQYDVR0fBDowODA2 -oDSgMoYwaHR0cDovL2NybC51c2VydHJ1c3QuY29tL0dhbmRpU3RhbmRhcmRTU0xD -QTIuY3JsMHMGCCsGAQUFBwEBBGcwZTA8BggrBgEFBQcwAoYwaHR0cDovL2NydC51 -c2VydHJ1c3QuY29tL0dhbmRpU3RhbmRhcmRTU0xDQTIuY3J0MCUGCCsGAQUFBzAB -hhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMC0GA1UdEQQmMCSCDnVkZC5kZWJp -YW4ub3JnghJ3d3cudWRkLmRlYmlhbi5vcmcwDQYJKoZIhvcNAQELBQADggEBAISw -jW8okdIweGKqMCwoLnbq1R2MA/oAtF8xRNWyIRS8MRc1bB+dmdgcVjt9cuQ1fcMx -PurPxuu2XIL0CarOyK8iCCcMF7c+JbfeDKihc59r/spn9UqZSMEQpt901TH1NECT -0Xehx941JrlE+WfyG5bFPtYOtWsJsCX0tqeA6+9ue6I7kvSY136zkYdpYrLNZfZt -YaT0AVKlD4joBDvcYQ8h/PmsoBl6ShiIhD8UuXTqq76iUFN1A2mvJXjurXedVIgi -HyKYLIeLUFY+4aeGmaHksDynphknaehiduCg5lappIlVf988NpU4Bc8xUKhZZKYV -vGu+xmnEwWzy0km+xuo= ------END CERTIFICATE----- -- 2.20.1