From 2afcc62cc60c55a717e91815ba1758a10cf9c209 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Wed, 2 Mar 2022 15:50:24 -0800 Subject: [PATCH] proxies: update *.id.fedoraproject.org wildcard to 2022 version The old 2020 cert expires on 2022-03-07 which is only 5 days from now. This moves it to a new 2022 cert that lasts 1 year. This will need the proxies playbook run after it's pushed. Signed-off-by: Kevin Fenzi --- playbooks/include/proxies-certificates.yml | 4 ++-- playbooks/include/proxies-websites.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/playbooks/include/proxies-certificates.yml b/playbooks/include/proxies-certificates.yml index fe521ecb44..babfbf7e7c 100644 --- a/playbooks/include/proxies-certificates.yml +++ b/playbooks/include/proxies-certificates.yml @@ -24,8 +24,8 @@ SSLCertificateChainFile: wildcard-2022.fedoraproject.org.intermediate.cert - role: httpd/certificate - certname: wildcard-2020.id.fedoraproject.org - SSLCertificateChainFile: wildcard-2020.id.fedoraproject.org.intermediate.cert + certname: wildcard-2022.id.fedoraproject.org + SSLCertificateChainFile: wildcard-2022.id.fedoraproject.org.intermediate.cert - role: httpd/certificate certname: wildcard-2020.stg.fedoraproject.org diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml index 0297d0f38b..006ee9932b 100644 --- a/playbooks/include/proxies-websites.yml +++ b/playbooks/include/proxies-websites.yml @@ -835,8 +835,8 @@ # Must not be sslonly, because example.id.fedoraproject.org must be reachable # via plain http for openid identity support sslonly: false - cert_name: wildcard-2020.id.fedoraproject.org - SSLCertificateChainFile: wildcard-2020.id.fedoraproject.org.intermediate.cert + cert_name: wildcard-2022.id.fedoraproject.org + SSLCertificateChainFile: wildcard-2022.id.fedoraproject.org.intermediate.cert tags: - id.fedoraproject.org when: env == "production"