From 69ba9efed864653d50df61db3d62be358e79bc35 Mon Sep 17 00:00:00 2001 From: Stephen Smoogen Date: Thu, 5 Jan 2023 12:50:34 -0500 Subject: [PATCH] Move to using new certs for fedorapeople Get new certs per instructions Put new certs in ansible_private from letsencrypt Change the cert name in configs to 2023 to show different from 2017 one. Signed-off-by: Stephen Smoogen --- playbooks/groups/people.yml | 4 ++-- roles/people/templates/people.conf | 6 +++--- roles/planet/templates/planet.conf | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/playbooks/groups/people.yml b/playbooks/groups/people.yml index b84c2411e4..c63734793e 100644 --- a/playbooks/groups/people.yml +++ b/playbooks/groups/people.yml @@ -80,8 +80,8 @@ - role: apache - role: httpd/certificate - certname: wildcard-2017.fedorapeople.org - SSLCertificateChainFile: wildcard-2017.fedorapeople.org.intermediate.cert + certname: wildcard-2023.fedorapeople.org + SSLCertificateChainFile: wildcard-2023.fedorapeople.org.intermediate.cert - people diff --git a/roles/people/templates/people.conf b/roles/people/templates/people.conf index d435529499..25111c05e5 100644 --- a/roles/people/templates/people.conf +++ b/roles/people/templates/people.conf @@ -27,9 +27,9 @@ NameVirtualHost *:80 DocumentRoot /srv/people/site SSLEngine on - SSLCertificateFile /etc/pki/tls/certs/wildcard-2017.fedorapeople.org.cert - SSLCertificateKeyFile /etc/pki/tls/private/wildcard-2017.fedorapeople.org.key - SSLCertificateChainFile /etc/pki/tls/certs/wildcard-2017.fedorapeople.org.intermediate.cert + SSLCertificateFile /etc/pki/tls/certs/wildcard-2023.fedorapeople.org.cert + SSLCertificateKeyFile /etc/pki/tls/private/wildcard-2023.fedorapeople.org.key + SSLCertificateChainFile /etc/pki/tls/certs/wildcard-2023.fedorapeople.org.intermediate.cert SSLHonorCipherOrder On SSLCipherSuite {{ ssl_ciphers }} SSLProtocol {{ ssl_protocols }} diff --git a/roles/planet/templates/planet.conf b/roles/planet/templates/planet.conf index 39833c20a5..e0df5893ca 100644 --- a/roles/planet/templates/planet.conf +++ b/roles/planet/templates/planet.conf @@ -67,7 +67,7 @@ SSLEngine on SSLCertificateFile /etc/pki/tls/certs/planet.fedoraproject.org.cert SSLCertificateKeyFile /etc/pki/tls/private/planet.fedoraproject.org.key - SSLCertificateChainFile /etc/pki/tls/certs/wildcard-2017.fedorapeople.org.intermediate.cert + SSLCertificateChainFile /etc/pki/tls/certs/wildcard-2023.fedorapeople.org.intermediate.cert SSLHonorCipherOrder On SSLProtocol {{ ssl_protocols }} SSLCipherSuite {{ ssl_ciphers }}