staging: new wildcard cert

Signed-off-by: Kevin Fenzi <kevin@scrye.com>

inventory/group_vars/staging

@@ -50,9 +50,9 @@ ocp_wildcard_int_file: wildcard-2024.apps.ocp.stg.fedoraproject.org.intermediate
 ocp_wildcard_key_file: wildcard-2024.apps.ocp.stg.fedoraproject.org.key
 # RIP, FAS
 primary_auth_source: ipa
-SSLCertificateChainFile: wildcard-2024.stg.fedoraproject.org.intermediate.cert
-wildcard_cert_file: wildcard-2024.stg.fedoraproject.org.cert
+SSLCertificateChainFile: wildcard-2025.stg.fedoraproject.org.intermediate.cert
+wildcard_cert_file: wildcard-2025.stg.fedoraproject.org.cert
 # This is the wildcard certname for our stg proxies.
-wildcard_cert_name: wildcard-2024.stg.fedoraproject.org
-wildcard_int_file: wildcard-2024.stg.fedoraproject.org.intermediate.cert
-wildcard_key_file: wildcard-2024.stg.fedoraproject.org.key
+wildcard_cert_name: wildcard-2025.stg.fedoraproject.org
+wildcard_int_file: wildcard-2025.stg.fedoraproject.org.intermediate.cert
+wildcard_key_file: wildcard-2025.stg.fedoraproject.org.key

playbooks/include/proxies-certificates.yml

@@ -31,13 +31,13 @@
     - id.fedoraproject.org
 
   - role: httpd/certificate
-    certname: wildcard-2024.stg.fedoraproject.org
-    SSLCertificateChainFile: wildcard-2024.stg.fedoraproject.org.intermediate.cert
+    certname: wildcard-2025.stg.fedoraproject.org
+    SSLCertificateChainFile: wildcard-2025.stg.fedoraproject.org.intermediate.cert
     when: env == "staging"
 
   - role: httpd/certificate
-    certname: wildcard-2024.stg.fedoraproject.org
-    SSLCertificateChainFile: wildcard-2024.stg.fedoraproject.org.intermediate.cert
+    certname: wildcard-2025.stg.fedoraproject.org
+    SSLCertificateChainFile: wildcard-2025.stg.fedoraproject.org.intermediate.cert
     when: env == "staging"
 
   - role: httpd/certificate

playbooks/include/proxies-websites.yml

@@ -772,7 +772,7 @@
     site_name: taskotron.stg.fedoraproject.org
     server_aliases: [taskotron.stg.fedoraproject.org]
     # Set this explicitly to stg here.. as per the original puppet config.
-    SSLCertificateChainFile: wildcard-2024.stg.fedoraproject.org.intermediate.cert
+    SSLCertificateChainFile: wildcard-2025.stg.fedoraproject.org.intermediate.cert
     sslonly: true
     cert_name: "{{wildcard_cert_name}}"
     when: env == "staging"
@@ -781,7 +781,7 @@
     site_name: resultsdb.stg.fedoraproject.org
     server_aliases: [resultsdb.stg.fedoraproject.org]
     # Set this explicitly to stg here.. as per the original puppet config.
-    SSLCertificateChainFile: wildcard-2024.stg.fedoraproject.org.intermediate.cert
+    SSLCertificateChainFile: wildcard-2025.stg.fedoraproject.org.intermediate.cert
     sslonly: true
     cert_name: "{{wildcard_cert_name}}"
     when: env == "staging"
@@ -846,7 +846,7 @@
     # via plain http for openid identity support
     sslonly: false
     cert_name: "{{wildcard_cert_name}}"
-    SSLCertificateChainFile: wildcard-2024.stg.fedoraproject.org.intermediate.cert
+    SSLCertificateChainFile: wildcard-2025.stg.fedoraproject.org.intermediate.cert
     tags:
     - id.fedoraproject.org
     when: env == "staging"