summaryrefslogtreecommitdiff
path: root/hieradata
diff options
context:
space:
mode:
authorJan Dittberner <jandd@cacert.org>2021-04-22 22:30:37 +0200
committerJan Dittberner <jandd@cacert.org>2021-04-22 22:30:37 +0200
commit2b82c58cc20e5c35907144073a18cc1b7072efff (patch)
treeacb9c1e09c1fd3dc7f35ff7da2564c44afa55d85 /hieradata
parentc583f4049a45b4e29d2d0e130ce03d7874a86a2b (diff)
downloadcacert-puppet-2b82c58cc20e5c35907144073a18cc1b7072efff.tar.gz
cacert-puppet-2b82c58cc20e5c35907144073a18cc1b7072efff.tar.xz
cacert-puppet-2b82c58cc20e5c35907144073a18cc1b7072efff.zip
Use new class3 certificate
This commit adds the new class3 certificate and configuration for - community - email - motion - ocsp checks - selfservice - web - webmail (roundcube)
Diffstat (limited to 'hieradata')
-rw-r--r--hieradata/nodes/community.yaml2
-rw-r--r--hieradata/nodes/email.yaml2
-rw-r--r--hieradata/nodes/web.yaml6
3 files changed, 5 insertions, 5 deletions
diff --git a/hieradata/nodes/community.yaml b/hieradata/nodes/community.yaml
index 45d13de..5d6acf5 100644
--- a/hieradata/nodes/community.yaml
+++ b/hieradata/nodes/community.yaml
@@ -342,5 +342,5 @@ profiles::x509cert_common::certificates:
cfglOMVHgFpYDHCNe9MhivEVuplMu2E9MCVQDuWHGRoKqKILaMN2dd+JFbFJ
rLMMxw==]
cacerts:
- - class3_X0E
+ - class3_2021
- class1_X0F
diff --git a/hieradata/nodes/email.yaml b/hieradata/nodes/email.yaml
index 6731eaa..b5e1d18 100644
--- a/hieradata/nodes/email.yaml
+++ b/hieradata/nodes/email.yaml
@@ -316,5 +316,5 @@ profiles::x509cert_common::certificates:
yCdnmm5GDIi4jej5SpmnnI2LszdUMpRjQrXKC5jFwXXArMKc6Do9PHNR0zy0
wtocG6a7vmje7zEjMuVJTq4=]
cacerts:
- - class3_X0E
+ - class3_2021
- class1_X0F
diff --git a/hieradata/nodes/web.yaml b/hieradata/nodes/web.yaml
index e870e46..36ca38d 100644
--- a/hieradata/nodes/web.yaml
+++ b/hieradata/nodes/web.yaml
@@ -644,7 +644,7 @@ profiles::web_proxy::apache_vhosts:
manage_docroot: false
ssl: true
ssl_cert: "/etc/ssl/certs/web.cacert.org.crt"
- ssl_chain: "/usr/share/ca-certificates/CAcert/class3_X0E.crt"
+ ssl_chain: "/usr/local/share/ca-certificates/cacert_class3_2021.crt"
ssl_key: "/etc/ssl/private/web.cacert.org.key"
'codedocs.cacert.org redirect-http':
servername: "codedocs.cacert.org"
@@ -670,7 +670,7 @@ profiles::web_proxy::apache_vhosts:
manage_docroot: false
ssl: true
ssl_cert: "/etc/ssl/certs/codedocs.cacert.org.crt"
- ssl_chain: "/usr/share/ca-certificates/CAcert/class3_X0E.crt"
+ ssl_chain: "/usr/local/share/ca-certificates/cacert_class3_2021.crt"
ssl_key: "/etc/ssl/private/codedocs.cacert.org.key"
proxy_pass:
-
@@ -701,7 +701,7 @@ profiles::web_proxy::apache_vhosts:
manage_docroot: false
ssl: true
ssl_cert: "/etc/ssl/certs/funding.cacert.org.crt"
- ssl_chain: "/usr/share/ca-certificates/CAcert/class3_X0E.crt"
+ ssl_chain: "/usr/local/share/ca-certificates/cacert_class3_2021.crt"
ssl_key: "/etc/ssl/private/funding.cacert.org.key"
proxy_pass:
-