From 37f92e5126015c40384ba24ec649c8331524c1d9 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Wed, 12 Oct 2016 14:41:01 +0200
Subject: [PATCH] LE cert for nagios

---
 modules/roles/manifests/init.pp               |   2 +-
 .../ssl/files/chains/nagios.debian.org.crt    |   1 -
 .../files/servicecerts/nagios.debian.org.crt  | 118 ------------------
 3 files changed, 1 insertion(+), 120 deletions(-)
 delete mode 120000 modules/ssl/files/chains/nagios.debian.org.crt
 delete mode 100644 modules/ssl/files/servicecerts/nagios.debian.org.crt

diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp
index badf9a4f2..23295e5a4 100644
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -20,7 +20,7 @@ class roles {
 	#	include nagios::server
 		ssl::service { 'nagios.debian.org':
 			notify  => Exec['service apache2 reload'],
-			tlsaport => 0,
+			key => true,
 		}
 	}
 
diff --git a/modules/ssl/files/chains/nagios.debian.org.crt b/modules/ssl/files/chains/nagios.debian.org.crt
deleted file mode 120000
index 50d224a83..000000000
--- a/modules/ssl/files/chains/nagios.debian.org.crt
+++ /dev/null
@@ -1 +0,0 @@
-GANDI-2-CA
\ No newline at end of file
diff --git a/modules/ssl/files/servicecerts/nagios.debian.org.crt b/modules/ssl/files/servicecerts/nagios.debian.org.crt
deleted file mode 100644
index 3d69d054f..000000000
--- a/modules/ssl/files/servicecerts/nagios.debian.org.crt
+++ /dev/null
@@ -1,118 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            26:e9:e8:00:fe:79:f6:6b:94:c9:02:ae:a1:5a:68:94
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=FR, ST=Paris, L=Paris, O=Gandi, CN=Gandi Standard SSL CA 2
-        Validity
-            Not Before: Dec 11 00:00:00 2015 GMT
-            Not After : Jan 22 23:59:59 2017 GMT
-        Subject: OU=Domain Control Validated, OU=Gandi Standard SSL, CN=nagios.debian.org
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (3072 bit)
-                Modulus:
-                    00:f6:87:c1:2b:63:cf:7f:a2:2e:5e:2e:6e:61:c5:
-                    93:a4:ac:b3:49:82:be:78:f7:8a:bf:3f:58:fd:c6:
-                    7d:65:58:9b:b5:53:90:57:f1:3d:40:27:b5:ad:0a:
-                    6e:ec:b0:96:7e:cd:ce:8e:86:f0:19:62:15:60:df:
-                    d4:68:38:f6:92:25:43:36:1d:f5:9d:4b:20:04:52:
-                    0b:3a:1e:d3:ef:29:fc:97:d6:e8:5d:98:62:0c:4a:
-                    8d:74:d9:33:4c:6f:0c:43:95:ed:bb:90:88:ea:e1:
-                    99:76:8f:a1:00:41:62:01:78:60:a5:69:65:4b:a9:
-                    e3:a1:c8:b7:fc:c5:6c:c5:a7:f5:31:df:62:aa:ab:
-                    52:eb:17:ad:d1:38:66:54:fd:ee:56:6e:0e:7e:bb:
-                    5e:5b:94:78:e1:dc:70:fa:6e:3b:cc:92:f2:fd:4e:
-                    2d:08:4a:d8:9f:5b:3c:58:54:a6:ac:fb:ef:52:8a:
-                    e5:3d:9a:72:28:2d:9e:92:df:29:f0:be:79:b4:d2:
-                    89:7c:73:2d:33:57:74:66:0d:35:df:93:1a:7e:f2:
-                    59:ad:8b:81:b4:fb:5e:a1:f2:b8:8c:1b:86:99:00:
-                    3a:e0:43:7c:41:11:18:ff:34:40:f1:14:c0:cf:31:
-                    8b:5a:6b:5f:44:9e:8b:9a:d1:cf:50:1c:18:61:b2:
-                    cd:1f:5e:a2:f5:83:44:7d:4c:2a:b4:1d:cb:4c:28:
-                    37:f2:c1:d0:3a:12:67:85:58:0f:d8:70:0c:e5:99:
-                    07:81:75:4a:8c:24:17:93:a0:6b:08:eb:26:7c:5c:
-                    41:a3:50:91:b5:79:53:63:c3:3f:b9:6f:d1:36:45:
-                    b6:8a:e9:2a:ea:5f:d7:2f:37:0f:2d:dd:bd:1f:b0:
-                    e6:5e:c9:0c:b2:57:fe:42:f8:c2:17:6c:12:a4:ec:
-                    b5:e2:60:db:ca:c7:82:e7:3c:38:1d:d3:e0:e2:0f:
-                    b0:dc:1f:4b:73:e7:1c:88:b7:fe:9b:f0:14:f6:34:
-                    10:18:50:8c:54:5f:f6:04:6f:19
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Authority Key Identifier: 
-                keyid:B3:90:A7:D8:C9:AF:4E:CD:61:3C:9F:7C:AD:5D:7F:41:FD:69:30:EA
-
-            X509v3 Subject Key Identifier: 
-                E7:37:33:C0:4E:90:E6:DB:38:C3:85:47:49:5A:66:75:07:87:07:E0
-            X509v3 Key Usage: critical
-                Digital Signature, Key Encipherment
-            X509v3 Basic Constraints: critical
-                CA:FALSE
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication, TLS Web Client Authentication
-            X509v3 Certificate Policies: 
-                Policy: 1.3.6.1.4.1.6449.1.2.2.26
-                  CPS: https://cps.usertrust.com
-                Policy: 2.23.140.1.2.1
-
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.usertrust.com/GandiStandardSSLCA2.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://crt.usertrust.com/GandiStandardSSLCA2.crt
-                OCSP - URI:http://ocsp.usertrust.com
-
-            X509v3 Subject Alternative Name: 
-                DNS:nagios.debian.org, DNS:www.nagios.debian.org
-    Signature Algorithm: sha256WithRSAEncryption
-         4e:dc:66:9c:e5:87:5e:62:42:6a:3a:c8:45:c6:b3:e2:da:a3:
-         ed:52:a2:85:f4:ef:06:22:3b:ee:9c:a8:90:6d:e7:a7:9d:51:
-         75:37:61:54:f8:fb:f2:a6:cf:7a:bf:54:ea:1f:9d:70:4b:b3:
-         e8:1b:c9:26:bc:d7:a3:74:84:ce:69:e6:96:b4:b3:eb:56:6a:
-         5b:22:a4:f2:aa:62:36:03:0e:8c:d1:be:4f:38:36:d8:ea:d2:
-         4f:26:bf:02:c1:fa:2c:15:49:f9:09:98:c2:fc:6f:10:0a:4d:
-         b0:4c:bb:07:87:76:b9:41:b9:67:b1:38:41:4f:f9:53:34:fb:
-         39:37:86:be:b5:88:52:67:bf:03:e3:4a:0d:8b:65:fa:d9:7e:
-         44:d1:6f:39:2e:47:5e:17:e5:ea:be:0d:bd:ae:cb:ee:9d:a9:
-         65:62:9d:eb:e9:69:0b:2e:b2:9d:a7:07:13:88:32:e6:ce:7a:
-         d5:c4:d6:6b:5f:e6:17:cc:6d:5d:43:3c:cb:b0:4d:05:1a:a9:
-         9b:77:dd:d6:ad:4c:ed:41:8e:56:a7:48:ef:b9:ce:6a:05:c8:
-         2d:50:57:d8:4c:1d:3a:7a:c2:ad:62:df:3f:af:3e:52:50:2a:
-         74:69:d0:c4:04:a3:7e:b7:0f:ad:9d:13:1e:b8:e7:15:b6:b9:
-         da:0c:79:d9
------BEGIN CERTIFICATE-----
-MIIFgjCCBGqgAwIBAgIQJunoAP559muUyQKuoVpolDANBgkqhkiG9w0BAQsFADBf
-MQswCQYDVQQGEwJGUjEOMAwGA1UECBMFUGFyaXMxDjAMBgNVBAcTBVBhcmlzMQ4w
-DAYDVQQKEwVHYW5kaTEgMB4GA1UEAxMXR2FuZGkgU3RhbmRhcmQgU1NMIENBIDIw
-HhcNMTUxMjExMDAwMDAwWhcNMTcwMTIyMjM1OTU5WjBcMSEwHwYDVQQLExhEb21h
-aW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAsTEkdhbmRpIFN0YW5kYXJkIFNT
-TDEaMBgGA1UEAxMRbmFnaW9zLmRlYmlhbi5vcmcwggGiMA0GCSqGSIb3DQEBAQUA
-A4IBjwAwggGKAoIBgQD2h8ErY89/oi5eLm5hxZOkrLNJgr5494q/P1j9xn1lWJu1
-U5BX8T1AJ7WtCm7ssJZ+zc6OhvAZYhVg39RoOPaSJUM2HfWdSyAEUgs6HtPvKfyX
-1uhdmGIMSo102TNMbwxDle27kIjq4Zl2j6EAQWIBeGClaWVLqeOhyLf8xWzFp/Ux
-32Kqq1LrF63ROGZU/e5Wbg5+u15blHjh3HD6bjvMkvL9Ti0IStifWzxYVKas++9S
-iuU9mnIoLZ6S3ynwvnm00ol8cy0zV3RmDTXfkxp+8lmti4G0+16h8riMG4aZADrg
-Q3xBERj/NEDxFMDPMYtaa19Enoua0c9QHBhhss0fXqL1g0R9TCq0HctMKDfywdA6
-EmeFWA/YcAzlmQeBdUqMJBeToGsI6yZ8XEGjUJG1eVNjwz+5b9E2RbaK6SrqX9cv
-Nw8t3b0fsOZeyQyyV/5C+MIXbBKk7LXiYNvKx4LnPDgd0+DiD7DcH0tz5xyIt/6b
-8BT2NBAYUIxUX/YEbxkCAwEAAaOCAbswggG3MB8GA1UdIwQYMBaAFLOQp9jJr07N
-YTyffK1df0H9aTDqMB0GA1UdDgQWBBTnNzPATpDm2zjDhUdJWmZ1B4cH4DAOBgNV
-HQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
-KwYBBQUHAwIwSwYDVR0gBEQwQjA2BgsrBgEEAbIxAQICGjAnMCUGCCsGAQUFBwIB
-FhlodHRwczovL2Nwcy51c2VydHJ1c3QuY29tMAgGBmeBDAECATBBBgNVHR8EOjA4
-MDagNKAyhjBodHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vR2FuZGlTdGFuZGFyZFNT
-TENBMi5jcmwwcwYIKwYBBQUHAQEEZzBlMDwGCCsGAQUFBzAChjBodHRwOi8vY3J0
-LnVzZXJ0cnVzdC5jb20vR2FuZGlTdGFuZGFyZFNTTENBMi5jcnQwJQYIKwYBBQUH
-MAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wMwYDVR0RBCwwKoIRbmFnaW9z
-LmRlYmlhbi5vcmeCFXd3dy5uYWdpb3MuZGViaWFuLm9yZzANBgkqhkiG9w0BAQsF
-AAOCAQEATtxmnOWHXmJCajrIRcaz4tqj7VKihfTvBiI77pyokG3np51RdTdhVPj7
-8qbPer9U6h+dcEuz6BvJJrzXo3SEzmnmlrSz61ZqWyKk8qpiNgMOjNG+Tzg22OrS
-Tya/AsH6LBVJ+QmYwvxvEApNsEy7B4d2uUG5Z7E4QU/5UzT7OTeGvrWIUme/A+NK
-DYtl+tl+RNFvOS5HXhfl6r4Nva7L7p2pZWKd6+lpCy6ynacHE4gy5s561cTWa1/m
-F8xtXUM8y7BNBRqpm3fd1q1M7UGOVqdI77nOagXILVBX2EwdOnrCrWLfP68+UlAq
-dGnQxASjfrcPrZ0THrjnFba52gx52Q==
------END CERTIFICATE-----
-- 
2.20.1