From 6d069253e13c9ad3713395a5b70de2e20a99f3e7 Mon Sep 17 00:00:00 2001
From: Julien Cristau <jcristau@debian.org>
Date: Fri, 6 Jan 2017 13:05:52 +0100
Subject: [PATCH] Switch bugs.d.o to LE

---
 modules/roles/manifests/init.pp               |   2 +-
 modules/ssl/files/chains/bugs.debian.org.crt  |   1 -
 .../files/servicecerts/bugs.debian.org.crt    | 118 ------------------
 3 files changed, 1 insertion(+), 120 deletions(-)
 delete mode 120000 modules/ssl/files/chains/bugs.debian.org.crt
 delete mode 100644 modules/ssl/files/servicecerts/bugs.debian.org.crt

diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp
index d2527978e..2e7a35767 100644
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -45,7 +45,7 @@ class roles {
 	if has_role('bugs_base') {
 		ssl::service { 'bugs.debian.org':
 			notify  => Exec['service apache2 reload'],
-			tlsaport => [],
+			key => true,
 		}
 	}
 	if has_role('bugs_master') {
diff --git a/modules/ssl/files/chains/bugs.debian.org.crt b/modules/ssl/files/chains/bugs.debian.org.crt
deleted file mode 120000
index 50d224a83..000000000
--- a/modules/ssl/files/chains/bugs.debian.org.crt
+++ /dev/null
@@ -1 +0,0 @@
-GANDI-2-CA
\ No newline at end of file
diff --git a/modules/ssl/files/servicecerts/bugs.debian.org.crt b/modules/ssl/files/servicecerts/bugs.debian.org.crt
deleted file mode 100644
index ddbf9b7cb..000000000
--- a/modules/ssl/files/servicecerts/bugs.debian.org.crt
+++ /dev/null
@@ -1,118 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number:
-            53:8f:f0:20:bb:66:b5:f5:fe:86:cc:33:4d:ef:75:2f
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=FR, ST=Paris, L=Paris, O=Gandi, CN=Gandi Standard SSL CA 2
-        Validity
-            Not Before: Dec 11 00:00:00 2015 GMT
-            Not After : Feb  3 23:59:59 2017 GMT
-        Subject: OU=Domain Control Validated, OU=Gandi Standard SSL, CN=bugs.debian.org
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (3072 bit)
-                Modulus:
-                    00:ab:cb:85:28:c6:97:5e:2e:68:5b:ee:be:4d:2b:
-                    fb:c4:c6:fc:53:94:3d:91:e5:e6:fe:68:29:9b:fb:
-                    e6:71:03:37:07:23:39:9f:96:ee:a1:15:bb:8e:da:
-                    57:6b:45:e8:14:1f:cf:ed:a6:42:62:f0:9a:96:d4:
-                    85:98:8f:fd:6a:21:9f:d4:4b:d9:67:97:b7:57:13:
-                    db:7f:e0:28:80:53:47:01:7c:56:e9:71:34:19:54:
-                    cf:7a:51:be:3a:c1:fd:b3:db:e1:b5:a4:ab:66:db:
-                    9e:bb:58:63:00:ad:bc:ac:ce:1f:c1:87:a6:ef:3d:
-                    3b:08:fd:6b:c7:bf:94:b1:02:11:27:ca:ea:f4:d9:
-                    90:47:c2:da:c7:9b:c0:72:0d:01:2c:e2:59:d6:13:
-                    d4:e3:b7:03:06:f3:2d:06:ca:7f:40:4a:56:73:68:
-                    5c:2e:3a:03:50:70:e9:99:79:de:94:1f:bb:1f:79:
-                    9c:4d:d5:bc:ab:5e:a7:c5:5a:db:76:76:b4:18:8d:
-                    ac:f8:64:b5:fa:e1:2d:9d:47:68:19:47:00:85:4e:
-                    d2:81:e5:f4:70:d4:98:e1:63:15:12:84:2a:59:ef:
-                    bf:8d:57:33:31:67:de:4b:c9:54:1e:d4:02:67:b6:
-                    2e:88:df:e4:9a:2b:b2:0e:49:ed:7e:74:60:34:b4:
-                    f9:35:a4:e4:00:76:13:b1:c7:cf:a3:a6:40:e1:f8:
-                    81:11:d0:a3:3e:05:b5:a0:77:f0:3d:0e:63:c9:8d:
-                    d6:62:a5:cb:97:65:27:a6:63:97:01:84:80:7f:c7:
-                    1b:e2:53:3e:b4:fc:0b:6a:0d:e6:83:4c:a1:79:a9:
-                    ec:d8:63:b5:dc:00:1f:c5:44:31:bc:e2:13:34:b6:
-                    3c:08:fe:17:9d:0c:aa:98:d0:eb:62:e4:14:93:4b:
-                    e8:54:59:38:e2:a6:e0:a1:c7:3d:2f:13:44:be:31:
-                    71:da:4f:b0:54:95:df:69:c4:74:5a:e8:0c:c8:31:
-                    bb:8d:52:c7:7c:e3:ba:51:7b:a7
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Authority Key Identifier: 
-                keyid:B3:90:A7:D8:C9:AF:4E:CD:61:3C:9F:7C:AD:5D:7F:41:FD:69:30:EA
-
-            X509v3 Subject Key Identifier: 
-                DF:CB:C3:B0:AF:7B:CE:34:89:32:55:AC:97:2C:0B:B2:EE:7D:20:E2
-            X509v3 Key Usage: critical
-                Digital Signature, Key Encipherment
-            X509v3 Basic Constraints: critical
-                CA:FALSE
-            X509v3 Extended Key Usage: 
-                TLS Web Server Authentication, TLS Web Client Authentication
-            X509v3 Certificate Policies: 
-                Policy: 1.3.6.1.4.1.6449.1.2.2.26
-                  CPS: https://cps.usertrust.com
-                Policy: 2.23.140.1.2.1
-
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.usertrust.com/GandiStandardSSLCA2.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://crt.usertrust.com/GandiStandardSSLCA2.crt
-                OCSP - URI:http://ocsp.usertrust.com
-
-            X509v3 Subject Alternative Name: 
-                DNS:bugs.debian.org, DNS:www.bugs.debian.org
-    Signature Algorithm: sha256WithRSAEncryption
-         09:3c:f3:06:bd:5a:23:f8:05:ed:45:53:27:90:a1:4c:0b:a9:
-         70:a9:50:2f:90:d1:de:e3:48:35:a6:ba:59:b5:cb:b3:9d:a6:
-         20:e8:a4:6b:fb:d8:68:63:d9:3b:fc:70:e2:a3:d0:98:7a:21:
-         29:87:82:e6:37:af:19:20:d6:9e:5c:0e:c6:3a:27:28:74:ee:
-         d1:1f:b1:e4:b7:26:a0:ab:bb:92:77:9d:a7:1a:98:56:e3:ef:
-         8e:f9:83:82:85:d1:12:35:a2:18:19:09:f7:2d:c9:72:30:67:
-         bf:af:71:91:55:5a:d9:6e:75:8b:d1:1d:14:ca:20:a5:a9:ea:
-         bc:fd:89:a9:f6:93:e2:57:bb:31:4c:13:27:99:14:a5:5e:6b:
-         bd:51:2e:7a:97:46:ed:1b:e1:cf:24:12:25:af:60:bb:ed:b7:
-         a5:73:eb:94:a3:c2:76:b4:59:c6:67:fe:72:e6:11:97:e3:7a:
-         12:40:f8:73:ac:a5:de:65:b8:4f:0c:dd:15:5d:74:7c:ff:97:
-         6a:25:6a:17:45:28:d4:c8:66:23:4b:11:75:be:fb:9d:96:79:
-         fc:7b:3d:63:71:7c:48:43:b9:e3:bc:55:f1:f7:bf:be:4f:3b:
-         c9:0d:2f:c7:88:13:39:f2:36:6e:98:78:43:f3:d7:ef:0c:2f:
-         90:f4:9c:08
------BEGIN CERTIFICATE-----
-MIIFfDCCBGSgAwIBAgIQU4/wILtmtfX+hswzTe91LzANBgkqhkiG9w0BAQsFADBf
-MQswCQYDVQQGEwJGUjEOMAwGA1UECBMFUGFyaXMxDjAMBgNVBAcTBVBhcmlzMQ4w
-DAYDVQQKEwVHYW5kaTEgMB4GA1UEAxMXR2FuZGkgU3RhbmRhcmQgU1NMIENBIDIw
-HhcNMTUxMjExMDAwMDAwWhcNMTcwMjAzMjM1OTU5WjBaMSEwHwYDVQQLExhEb21h
-aW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAsTEkdhbmRpIFN0YW5kYXJkIFNT
-TDEYMBYGA1UEAxMPYnVncy5kZWJpYW4ub3JnMIIBojANBgkqhkiG9w0BAQEFAAOC
-AY8AMIIBigKCAYEAq8uFKMaXXi5oW+6+TSv7xMb8U5Q9keXm/mgpm/vmcQM3ByM5
-n5buoRW7jtpXa0XoFB/P7aZCYvCaltSFmI/9aiGf1EvZZ5e3VxPbf+AogFNHAXxW
-6XE0GVTPelG+OsH9s9vhtaSrZtueu1hjAK28rM4fwYem7z07CP1rx7+UsQIRJ8rq
-9NmQR8Lax5vAcg0BLOJZ1hPU47cDBvMtBsp/QEpWc2hcLjoDUHDpmXnelB+7H3mc
-TdW8q16nxVrbdna0GI2s+GS1+uEtnUdoGUcAhU7SgeX0cNSY4WMVEoQqWe+/jVcz
-MWfeS8lUHtQCZ7YuiN/kmiuyDkntfnRgNLT5NaTkAHYTscfPo6ZA4fiBEdCjPgW1
-oHfwPQ5jyY3WYqXLl2UnpmOXAYSAf8cb4lM+tPwLag3mg0yheans2GO13AAfxUQx
-vOITNLY8CP4XnQyqmNDrYuQUk0voVFk44qbgocc9LxNEvjFx2k+wVJXfacR0WugM
-yDG7jVLHfOO6UXunAgMBAAGjggG3MIIBszAfBgNVHSMEGDAWgBSzkKfYya9OzWE8
-n3ytXX9B/Wkw6jAdBgNVHQ4EFgQU38vDsK97zjSJMlWslywLsu59IOIwDgYDVR0P
-AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
-AQUFBwMCMEsGA1UdIAREMEIwNgYLKwYBBAGyMQECAhowJzAlBggrBgEFBQcCARYZ
-aHR0cHM6Ly9jcHMudXNlcnRydXN0LmNvbTAIBgZngQwBAgEwQQYDVR0fBDowODA2
-oDSgMoYwaHR0cDovL2NybC51c2VydHJ1c3QuY29tL0dhbmRpU3RhbmRhcmRTU0xD
-QTIuY3JsMHMGCCsGAQUFBwEBBGcwZTA8BggrBgEFBQcwAoYwaHR0cDovL2NydC51
-c2VydHJ1c3QuY29tL0dhbmRpU3RhbmRhcmRTU0xDQTIuY3J0MCUGCCsGAQUFBzAB
-hhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMC8GA1UdEQQoMCaCD2J1Z3MuZGVi
-aWFuLm9yZ4ITd3d3LmJ1Z3MuZGViaWFuLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEA
-CTzzBr1aI/gF7UVTJ5ChTAupcKlQL5DR3uNINaa6WbXLs52mIOika/vYaGPZO/xw
-4qPQmHohKYeC5jevGSDWnlwOxjonKHTu0R+x5LcmoKu7knedpxqYVuPvjvmDgoXR
-EjWiGBkJ9y3JcjBnv69xkVVa2W51i9EdFMogpanqvP2JqfaT4le7MUwTJ5kUpV5r
-vVEuepdG7RvhzyQSJa9gu+23pXPrlKPCdrRZxmf+cuYRl+N6EkD4c6yl3mW4Twzd
-FV10fP+XaiVqF0Uo1MhmI0sRdb77nZZ5/Hs9Y3F8SEO547xV8fe/vk87yQ0vx4gT
-OfI2bph4Q/PX7wwvkPScCA==
------END CERTIFICATE-----
-- 
2.20.1