projects / mirror / dsa-puppet.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 777f942) | patch
Update configuration for SSL ca-debian cert store
authorPaul Wise <pabs@debian.org>
Sat, 25 Mar 2017 06:52:02 +0000 (14:52 +0800)
committerPaul Wise <pabs@debian.org>
Sat, 25 Mar 2017 06:52:02 +0000 (14:52 +0800)
commitf35f47969e10aeeaf6a48ad2a0f4dbde1f2f9de3
tree447634c5a14dee3b02e311bd3bcffa904feda1actree | snapshot
parent777f94224446a5a2a141298d19f91c3fa69f652ecommit | diff
Update configuration for SSL ca-debian cert store

Remove AddTrust as it isn't used any more.

Switch from the DST root CA to ISRG on jessie and newer
for Let's Encrypt since it has less intermediate CAs.
The ISRG root isn't available in wheezy ca-certificates.

Document why each CA cert is being used with comments.
modules/ssl/files/ca-certificates-debian-wheezy.conf [new file with mode: 0644] blob
modules/ssl/files/ca-certificates-debian.conf diff | blob | history
modules/ssl/manifests/init.pp diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.