ssl::service { 'www.debian.org':
}
+ ssl::service { 'sip-ws.debian.org':
+ }
+
concat { '/etc/ssl/debian/certs/www.debian.org-chained.crt':
}
concat::fragment { '/etc/ssl/debian/certs/www.debian.org.crt':
require => File['/etc/ssl/debian/certs/www.debian.org.crt-chain']
}
+ concat { '/etc/ssl/debian/certs/sip-ws.debian.org-chained.crt':
+ }
+ concat::fragment { '/etc/ssl/debian/certs/sip-ws.debian.org.crt':
+ target => '/etc/ssl/debian/certs/sip-ws.debian.org-chained.crt',
+ source => 'file:///etc/ssl/debian/certs/sip-ws.debian.org.crt',
+ order => 00,
+ require => File['/etc/ssl/debian/certs/sip-ws.debian.org.crt']
+ }
+ concat::fragment { '/etc/ssl/debian/certs/sip-ws.debian.org.crt-chain':
+ target => '/etc/ssl/debian/certs/sip-ws.debian.org-chained.crt',
+ source => 'file:///etc/ssl/debian/certs/sip-ws.debian.org.crt-chain',
+ order => 99,
+ require => File['/etc/ssl/debian/certs/sip-ws.debian.org.crt-chain']
+ }
+
@ferm::rule { 'dsa-sip-ws-ip4':
domain => 'ip',
description => 'SIP connections (WebSocket; for WebRTC)',
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 43:36:c3:ba:2c:f3:14:63:3a:a6:fd:4a:8e:30:5f:e9
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=FR, O=GANDI SAS, CN=Gandi Standard SSL CA
+ Validity
+ Not Before: Jan 13 00:00:00 2014 GMT
+ Not After : Jan 13 23:59:59 2015 GMT
+ Subject: OU=Domain Control Validated, OU=Gandi Standard SSL, CN=sip-ws.debian.org
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:c7:fc:3e:73:ae:e7:f0:59:c1:7d:9f:af:dc:f7:
+ 2f:e5:3f:06:4d:6f:7b:52:e4:4a:20:a6:fa:90:05:
+ 94:9b:3a:a5:48:5c:df:4f:c6:85:3c:99:3b:38:5f:
+ 2b:fc:36:83:f5:d8:03:dd:40:0e:e0:fb:a1:9b:9d:
+ f3:9e:c8:29:ac:1d:f3:65:e4:32:ad:1c:b8:28:57:
+ f4:4b:92:ec:31:82:a5:77:67:69:f8:16:03:71:59:
+ f1:80:d0:32:15:dd:9f:d0:1d:7a:49:e2:3e:6c:b4:
+ 2a:e5:a6:72:f6:45:9f:8b:7a:d5:fd:a5:a4:b5:fa:
+ f5:af:7c:98:e4:0a:e5:46:7b:d7:47:45:90:af:fd:
+ d9:2d:75:8a:82:40:27:cc:11:5e:94:24:78:b9:ac:
+ 83:df:5e:94:a3:44:24:7d:83:25:b8:96:a1:c4:02:
+ 0d:84:50:69:91:e2:9a:bd:90:df:81:db:1b:aa:e3:
+ 56:86:51:a3:94:77:c4:d6:3a:83:60:03:e8:5c:93:
+ 74:bf:74:11:14:3b:78:e4:01:b9:c1:49:c7:0b:6f:
+ bc:43:26:91:eb:31:7c:e7:34:99:4b:50:72:14:d9:
+ 6d:f9:60:35:a0:f8:bd:8b:90:82:dc:35:00:50:bc:
+ f0:bb:c7:ae:0c:6e:4f:ef:74:b2:03:e8:13:c8:4a:
+ 98:67
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Authority Key Identifier:
+ keyid:B6:A8:FF:A2:A8:2F:D0:A6:CD:4B:B1:68:F3:E7:50:10:31:A7:79:21
+
+ X509v3 Subject Key Identifier:
+ 96:FE:90:9F:68:D6:A5:49:9B:45:0B:B0:79:A0:B5:19:FD:A7:A9:39
+ X509v3 Key Usage: critical
+ Digital Signature, Key Encipherment
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication, TLS Web Client Authentication
+ X509v3 Certificate Policies:
+ Policy: 1.3.6.1.4.1.6449.1.2.2.26
+ CPS: http://www.gandi.net/contracts/fr/ssl/cps/pdf/
+ Policy: 2.23.140.1.2.1
+
+ X509v3 CRL Distribution Points:
+
+ Full Name:
+ URI:http://crl.gandi.net/GandiStandardSSLCA.crl
+
+ Authority Information Access:
+ CA Issuers - URI:http://crt.gandi.net/GandiStandardSSLCA.crt
+ OCSP - URI:http://ocsp.gandi.net
+
+ X509v3 Subject Alternative Name:
+ DNS:sip-ws.debian.org, DNS:www.sip-ws.debian.org
+ Signature Algorithm: sha1WithRSAEncryption
+ 76:21:ed:92:68:4f:7c:65:1d:24:6f:35:06:5c:1e:c9:3f:9d:
+ 78:8c:fc:f7:2a:f1:af:86:93:f6:75:ca:a2:02:a5:8d:f0:8c:
+ 00:88:6a:3c:b0:e5:99:d9:10:24:88:04:e0:af:73:a1:7d:da:
+ 1d:a4:6c:35:a3:b8:a6:66:74:9a:4c:8a:6c:87:1c:54:12:68:
+ 19:cd:f9:08:60:c8:ff:06:24:81:8b:c7:da:a9:a6:05:09:55:
+ 3d:74:88:75:df:d8:38:58:9d:47:2f:e6:67:e3:5d:41:a0:f8:
+ 88:0d:5b:95:2b:95:1f:a7:f5:46:05:7a:0b:7e:f1:7e:f0:17:
+ 9f:08:25:30:89:68:f6:0c:86:54:96:ae:c6:86:42:e2:8e:25:
+ 62:c7:34:45:74:e4:64:dd:ba:8d:3d:ea:f8:6e:d5:de:63:82:
+ 34:17:01:e0:e2:92:91:1e:fe:61:98:42:8d:11:aa:7a:64:5c:
+ f2:b6:bd:ac:8c:88:6c:be:b3:7f:1d:84:ec:45:47:d7:d8:7b:
+ 55:dc:e0:50:8b:b5:a4:ee:e1:b0:d9:df:51:4c:dc:0e:50:40:
+ c0:80:df:92:b3:a0:a6:38:99:00:a8:33:96:8c:3b:88:fd:5f:
+ 14:34:3c:c8:05:91:42:8c:42:3a:39:e0:a6:68:22:42:e9:48:
+ 75:86:bc:bb
+-----BEGIN CERTIFICATE-----
+MIIE6zCCA9OgAwIBAgIQQzbDuizzFGM6pv1KjjBf6TANBgkqhkiG9w0BAQUFADBB
+MQswCQYDVQQGEwJGUjESMBAGA1UEChMJR0FOREkgU0FTMR4wHAYDVQQDExVHYW5k
+aSBTdGFuZGFyZCBTU0wgQ0EwHhcNMTQwMTEzMDAwMDAwWhcNMTUwMTEzMjM1OTU5
+WjBcMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAsT
+EkdhbmRpIFN0YW5kYXJkIFNTTDEaMBgGA1UEAxMRc2lwLXdzLmRlYmlhbi5vcmcw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH/D5zrufwWcF9n6/c9y/l
+PwZNb3tS5EogpvqQBZSbOqVIXN9PxoU8mTs4Xyv8NoP12APdQA7g+6GbnfOeyCms
+HfNl5DKtHLgoV/RLkuwxgqV3Z2n4FgNxWfGA0DIV3Z/QHXpJ4j5stCrlpnL2RZ+L
+etX9paS1+vWvfJjkCuVGe9dHRZCv/dktdYqCQCfMEV6UJHi5rIPfXpSjRCR9gyW4
+lqHEAg2EUGmR4pq9kN+B2xuq41aGUaOUd8TWOoNgA+hck3S/dBEUO3jkAbnBSccL
+b7xDJpHrMXznNJlLUHIU2W35YDWg+L2LkILcNQBQvPC7x64Mbk/vdLID6BPISphn
+AgMBAAGjggHCMIIBvjAfBgNVHSMEGDAWgBS2qP+iqC/Qps1LsWjz51AQMad5ITAd
+BgNVHQ4EFgQUlv6Qn2jWpUmbRQuweaC1Gf2nqTkwDgYDVR0PAQH/BAQDAgWgMAwG
+A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGAGA1Ud
+IARZMFcwSwYLKwYBBAGyMQECAhowPDA6BggrBgEFBQcCARYuaHR0cDovL3d3dy5n
+YW5kaS5uZXQvY29udHJhY3RzL2ZyL3NzbC9jcHMvcGRmLzAIBgZngQwBAgEwPAYD
+VR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5nYW5kaS5uZXQvR2FuZGlTdGFuZGFy
+ZFNTTENBLmNybDBqBggrBgEFBQcBAQReMFwwNwYIKwYBBQUHMAKGK2h0dHA6Ly9j
+cnQuZ2FuZGkubmV0L0dhbmRpU3RhbmRhcmRTU0xDQS5jcnQwIQYIKwYBBQUHMAGG
+FWh0dHA6Ly9vY3NwLmdhbmRpLm5ldDAzBgNVHREELDAqghFzaXAtd3MuZGViaWFu
+Lm9yZ4IVd3d3LnNpcC13cy5kZWJpYW4ub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQB2
+Ie2SaE98ZR0kbzUGXB7JP514jPz3KvGvhpP2dcqiAqWN8IwAiGo8sOWZ2RAkiATg
+r3OhfdodpGw1o7imZnSaTIpshxxUEmgZzfkIYMj/BiSBi8faqaYFCVU9dIh139g4
+WJ1HL+Zn411BoPiIDVuVK5Ufp/VGBXoLfvF+8BefCCUwiWj2DIZUlq7GhkLijiVi
+xzRFdORk3bqNPer4btXeY4I0FwHg4pKRHv5hmEKNEap6ZFzytr2sjIhsvrN/HYTs
+RUfX2HtV3OBQi7Wk7uGw2d9RTNwOUEDAgN+Ss6CmOJkAqDOWjDuI/V8UNDzIBZFC
+jEI6OeCmaCJC6Uh1hry7
+-----END CERTIFICATE-----
projects / dsa-puppet.git / commitdiff