Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

proxies: update *.id.fedoraproject.org wildcard to 2022 version

Browse source 
The old 2020 cert expires on 2022-03-07 which is only 5 days from now.
This moves it to a new 2022 cert that lasts 1 year.
This will need the proxies playbook run after it's pushed.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2022-03-02 15:50:24 -08:00 committed by kevin
parent bcd9ac55e0
commit 2afcc62cc6
2 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
playbooks/include/proxies-certificates.yml
View file

@ -24,8 +24,8 @@
SSLCertificateChainFile: wildcard-2022.fedoraproject.org.intermediate.cert
- role: httpd/certificate
certname: wildcard-2020.id.fedoraproject.org
SSLCertificateChainFile: wildcard-2020.id.fedoraproject.org.intermediate.cert
certname: wildcard-2022.id.fedoraproject.org
SSLCertificateChainFile: wildcard-2022.id.fedoraproject.org.intermediate.cert
- role: httpd/certificate
certname: wildcard-2020.stg.fedoraproject.org

4
playbooks/include/proxies-websites.yml
View file

@ -835,8 +835,8 @@
# Must not be sslonly, because example.id.fedoraproject.org must be reachable
# via plain http for openid identity support
sslonly: false
cert_name: wildcard-2020.id.fedoraproject.org
SSLCertificateChainFile: wildcard-2020.id.fedoraproject.org.intermediate.cert
cert_name: wildcard-2022.id.fedoraproject.org
SSLCertificateChainFile: wildcard-2022.id.fedoraproject.org.intermediate.cert
tags:
- id.fedoraproject.org
when: env == "production"