include roles::weblog_destination
}
+ if $::hostname in [vento] {
+ ssl::service { 'vote.debian.org':
+ notify => Service['apache2'],
+ }
+ }
+
if $::hostname in [soler] {
ssl::service { 'security-tracker.debian.org':
notify => Service['apache2'],
--- /dev/null
+GANDI-CA
\ No newline at end of file
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ d7:5c:9e:6e:05:e9:48:a1:00:40:91:68:e9:33:a3:3c
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=FR, O=GANDI SAS, CN=Gandi Standard SSL CA
+ Validity
+ Not Before: Jan 1 00:00:00 2014 GMT
+ Not After : Jan 1 23:59:59 2015 GMT
+ Subject: OU=Domain Control Validated, OU=Gandi Standard SSL, CN=vote.debian.org
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:af:e0:4a:88:35:12:63:4a:8a:0a:15:d9:34:b2:
+ af:d1:04:cb:9f:00:e2:98:2e:90:42:84:9f:f1:57:
+ ea:38:bd:7f:9b:f3:f5:a5:3a:68:88:13:38:62:51:
+ a7:54:91:54:ec:ac:d9:2d:01:c6:f1:5c:4a:bb:95:
+ 37:fb:84:1a:39:f7:87:5b:19:d6:14:f2:1b:b9:6b:
+ 39:f7:c3:ec:79:8f:5a:a8:62:41:af:cd:bc:74:16:
+ e1:59:f8:26:15:78:71:51:be:8c:4a:64:a8:13:7f:
+ 48:e3:69:bb:74:c6:e4:e8:76:bd:ac:8e:4d:15:52:
+ a1:2e:fd:81:a8:b5:e4:15:8b:21:ea:ad:63:c2:b3:
+ 6c:83:4d:2e:da:9c:f4:87:99:2c:70:cd:2e:ab:de:
+ 53:5d:ae:c2:c7:1c:ef:85:ce:50:6a:a6:e0:70:22:
+ 49:19:1c:29:c8:4f:5a:e9:39:32:74:05:56:ed:4b:
+ d9:2c:8a:31:c8:d4:f5:0e:fc:cd:e3:b2:a7:3d:32:
+ 75:05:b9:98:73:85:47:c4:c0:99:6c:70:f5:ea:c1:
+ 88:25:2d:83:91:c8:e3:0b:dc:b3:c1:47:79:bd:42:
+ 25:ba:fb:4e:28:50:88:35:f2:70:e1:df:d3:71:4a:
+ 5c:31:43:92:9c:00:3a:02:c4:b5:bb:04:c1:64:0d:
+ 43:73
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Authority Key Identifier:
+ keyid:B6:A8:FF:A2:A8:2F:D0:A6:CD:4B:B1:68:F3:E7:50:10:31:A7:79:21
+
+ X509v3 Subject Key Identifier:
+ C8:13:0A:73:FC:98:6B:57:00:1E:E6:D3:80:48:07:24:D0:A4:FC:C8
+ X509v3 Key Usage: critical
+ Digital Signature, Key Encipherment
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication, TLS Web Client Authentication
+ X509v3 Certificate Policies:
+ Policy: 1.3.6.1.4.1.6449.1.2.2.26
+ CPS: http://www.gandi.net/contracts/fr/ssl/cps/pdf/
+ Policy: 2.23.140.1.2.1
+
+ X509v3 CRL Distribution Points:
+
+ Full Name:
+ URI:http://crl.gandi.net/GandiStandardSSLCA.crl
+
+ Authority Information Access:
+ CA Issuers - URI:http://crt.gandi.net/GandiStandardSSLCA.crt
+ OCSP - URI:http://ocsp.gandi.net
+
+ X509v3 Subject Alternative Name:
+ DNS:vote.debian.org, DNS:www.vote.debian.org
+ Signature Algorithm: sha1WithRSAEncryption
+ a9:1b:37:32:18:db:69:df:4e:91:b9:95:8f:ca:22:fc:3c:b3:
+ c3:68:60:bb:e6:62:d9:88:b7:0e:4c:3a:c9:c2:b5:46:5b:82:
+ fa:63:e2:29:da:6b:2c:4f:da:62:44:44:f5:2c:8b:83:70:8f:
+ ca:0b:37:38:3f:d4:70:bd:d5:da:e8:f0:7b:82:8e:12:c3:6c:
+ b7:3c:72:a7:75:e6:d0:13:65:72:27:9a:cf:9d:a9:e1:9f:d2:
+ 90:be:7c:29:7a:21:6f:94:24:26:48:93:ac:65:18:fd:d2:04:
+ ff:b4:19:c8:01:b4:42:e4:4b:b4:58:8b:78:ed:70:76:2d:f3:
+ 79:53:4f:c4:19:11:c6:52:b4:db:a7:2e:26:3d:8e:b8:e0:b7:
+ b5:2a:20:be:d6:7c:af:92:05:e3:a7:38:83:cd:1a:35:1b:5e:
+ 3b:9a:63:fb:fb:3f:7a:b6:08:d0:9f:95:aa:aa:0f:20:5c:bf:
+ 03:e0:c2:bc:93:d4:8c:56:2c:24:69:0f:2e:07:7b:1c:9b:c7:
+ aa:f6:b1:01:61:d4:9b:a1:61:76:6b:e5:4d:0d:d7:ce:45:a8:
+ 8e:0f:f4:3d:3d:d4:0c:41:ea:33:53:e2:d1:55:89:cd:a8:1a:
+ 98:25:17:56:15:25:39:bc:d2:ce:51:4d:93:67:2a:e4:f3:20:
+ 0e:3f:ab:3a
+-----BEGIN CERTIFICATE-----
+MIIE5jCCA86gAwIBAgIRANdcnm4F6UihAECRaOkzozwwDQYJKoZIhvcNAQEFBQAw
+QTELMAkGA1UEBhMCRlIxEjAQBgNVBAoTCUdBTkRJIFNBUzEeMBwGA1UEAxMVR2Fu
+ZGkgU3RhbmRhcmQgU1NMIENBMB4XDTE0MDEwMTAwMDAwMFoXDTE1MDEwMTIzNTk1
+OVowWjEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRswGQYDVQQL
+ExJHYW5kaSBTdGFuZGFyZCBTU0wxGDAWBgNVBAMTD3ZvdGUuZGViaWFuLm9yZzCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK/gSog1EmNKigoV2TSyr9EE
+y58A4pgukEKEn/FX6ji9f5vz9aU6aIgTOGJRp1SRVOys2S0BxvFcSruVN/uEGjn3
+h1sZ1hTyG7lrOffD7HmPWqhiQa/NvHQW4Vn4JhV4cVG+jEpkqBN/SONpu3TG5Oh2
+vayOTRVSoS79gai15BWLIeqtY8KzbINNLtqc9IeZLHDNLqveU12uwscc74XOUGqm
+4HAiSRkcKchPWuk5MnQFVu1L2SyKMcjU9Q78zeOypz0ydQW5mHOFR8TAmWxw9erB
+iCUtg5HI4wvcs8FHeb1CJbr7TihQiDXycOHf03FKXDFDkpwAOgLEtbsEwWQNQ3MC
+AwEAAaOCAb4wggG6MB8GA1UdIwQYMBaAFLao/6KoL9CmzUuxaPPnUBAxp3khMB0G
+A1UdDgQWBBTIEwpz/JhrVwAe5tOASAck0KT8yDAOBgNVHQ8BAf8EBAMCBaAwDAYD
+VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwYAYDVR0g
+BFkwVzBLBgsrBgEEAbIxAQICGjA8MDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3Lmdh
+bmRpLm5ldC9jb250cmFjdHMvZnIvc3NsL2Nwcy9wZGYvMAgGBmeBDAECATA8BgNV
+HR8ENTAzMDGgL6AthitodHRwOi8vY3JsLmdhbmRpLm5ldC9HYW5kaVN0YW5kYXJk
+U1NMQ0EuY3JsMGoGCCsGAQUFBwEBBF4wXDA3BggrBgEFBQcwAoYraHR0cDovL2Ny
+dC5nYW5kaS5uZXQvR2FuZGlTdGFuZGFyZFNTTENBLmNydDAhBggrBgEFBQcwAYYV
+aHR0cDovL29jc3AuZ2FuZGkubmV0MC8GA1UdEQQoMCaCD3ZvdGUuZGViaWFuLm9y
+Z4ITd3d3LnZvdGUuZGViaWFuLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEAqRs3Mhjb
+ad9OkbmVj8oi/Dyzw2hgu+Zi2Yi3Dkw6ycK1RluC+mPiKdprLE/aYkRE9SyLg3CP
+ygs3OD/UcL3V2ujwe4KOEsNstzxyp3Xm0BNlcieaz52p4Z/SkL58KXohb5QkJkiT
+rGUY/dIE/7QZyAG0QuRLtFiLeO1wdi3zeVNPxBkRxlK026cuJj2OuOC3tSogvtZ8
+r5IF46c4g80aNRteO5pj+/s/erYI0J+VqqoPIFy/A+DCvJPUjFYsJGkPLgd7HJvH
+qvaxAWHUm6FhdmvlTQ3XzkWojg/0PT3UDEHqM1Pi0VWJzagamCUXVhUlObzSzlFN
+k2cq5PMgDj+rOg==
+-----END CERTIFICATE-----
--- /dev/null
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ c6:43:4a:cb:04:70:a7:58:91:0f:e1:7d:98:ab:2c:7f
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=FR, O=GANDI SAS, CN=Gandi Standard SSL CA
+ Validity
+ Not Before: Dec 31 00:00:00 2013 GMT
+ Not After : Dec 31 23:59:59 2014 GMT
+ Subject: OU=Domain Control Validated, OU=Gandi Standard SSL, CN=debian.org
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:be:bc:45:e8:c1:23:ff:76:f2:f1:3b:bb:dd:13:
+ 0e:f8:eb:da:80:2f:5d:3e:48:0a:db:f4:65:22:dc:
+ 8c:bd:9a:a4:68:4d:60:4e:a1:fc:fc:f7:0a:27:3b:
+ 5d:93:5c:a9:4c:13:50:96:b7:af:4c:dd:05:a4:b0:
+ 35:52:ff:94:fb:61:ab:ca:b5:6a:2b:a3:c1:a8:22:
+ 9b:27:45:80:8a:88:6f:36:71:da:d5:4e:f8:b6:ec:
+ 41:a1:b5:77:31:3d:dc:d7:52:f9:51:05:fc:e2:01:
+ ab:b6:30:6b:f1:68:3c:f3:56:e5:0c:1a:ce:5c:20:
+ ac:0d:8f:cb:92:07:da:4c:a3:ce:d7:2d:4a:31:89:
+ a2:6e:a1:0d:28:38:49:30:42:37:68:78:38:2e:a2:
+ be:f8:ff:9c:78:12:63:a3:9a:94:53:53:4e:23:cf:
+ 04:12:9f:68:ee:75:3f:bb:9f:8a:38:17:11:75:9c:
+ d8:d9:aa:18:01:61:17:d8:b7:c5:40:10:02:34:33:
+ 57:bf:f6:d4:40:d1:33:d7:21:1f:3d:a0:0d:40:f3:
+ ba:59:41:de:73:3c:69:e3:42:9f:d6:87:c3:c5:97:
+ 9f:10:bb:0a:b1:3d:9f:ac:55:df:9f:1b:20:8c:85:
+ 19:88:75:89:49:bc:bf:cf:c8:05:44:da:d3:04:8d:
+ 92:91
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Authority Key Identifier:
+ keyid:B6:A8:FF:A2:A8:2F:D0:A6:CD:4B:B1:68:F3:E7:50:10:31:A7:79:21
+
+ X509v3 Subject Key Identifier:
+ FA:B2:E3:4C:6C:7C:9C:17:2A:97:36:4B:A9:56:37:03:24:7C:90:89
+ X509v3 Key Usage: critical
+ Digital Signature, Key Encipherment
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication, TLS Web Client Authentication
+ X509v3 Certificate Policies:
+ Policy: 1.3.6.1.4.1.6449.1.2.2.26
+ CPS: http://www.gandi.net/contracts/fr/ssl/cps/pdf/
+ Policy: 2.23.140.1.2.1
+
+ X509v3 CRL Distribution Points:
+
+ Full Name:
+ URI:http://crl.gandi.net/GandiStandardSSLCA.crl
+
+ Authority Information Access:
+ CA Issuers - URI:http://crt.gandi.net/GandiStandardSSLCA.crt
+ OCSP - URI:http://ocsp.gandi.net
+
+ X509v3 Subject Alternative Name:
+ DNS:debian.org, DNS:www.debian.org
+ Signature Algorithm: sha1WithRSAEncryption
+ 0c:f3:54:f5:3a:4a:6c:71:df:ae:93:02:81:a8:e2:95:a9:de:
+ 66:8c:f3:55:22:94:4b:41:4c:88:0d:3e:e2:74:2f:e7:23:8e:
+ 81:03:ef:f7:0a:29:dc:fc:69:fb:ec:df:23:cd:0d:f7:4e:84:
+ e0:0a:ae:ae:d5:23:82:ad:5d:40:04:39:62:fc:13:53:d9:ad:
+ ac:d4:36:54:f1:9a:8b:96:c4:62:d5:6a:6e:16:23:97:d8:2c:
+ 18:f1:7d:ac:19:82:d5:81:25:59:52:be:53:3b:60:4d:9d:4b:
+ 24:ab:3d:c9:bb:91:bd:9a:70:53:3a:95:97:30:c8:60:dd:f9:
+ 60:3f:24:b2:f0:ad:10:69:14:37:76:73:c3:89:ba:a5:43:62:
+ 56:1a:ee:e9:3c:aa:38:29:f1:73:0c:d4:18:91:54:f7:05:b4:
+ 6f:4f:f3:2c:10:78:65:72:52:97:46:51:3a:60:b9:ba:e4:b0:
+ dd:37:cb:35:10:0e:f5:a9:30:73:fb:3c:46:88:5b:53:d2:4b:
+ 23:8f:41:99:3b:79:fc:b8:cd:40:61:14:32:3e:cb:60:6e:be:
+ 5b:f5:89:5d:ff:f7:2a:79:0a:29:fb:a5:3b:d1:64:a2:77:cb:
+ 02:92:b9:ee:fc:9e:fa:23:ca:2e:4d:eb:03:04:3f:45:5e:fc:
+ 5d:cc:42:7c
+-----BEGIN CERTIFICATE-----
+MIIE1zCCA7+gAwIBAgIRAMZDSssEcKdYkQ/hfZirLH8wDQYJKoZIhvcNAQEFBQAw
+QTELMAkGA1UEBhMCRlIxEjAQBgNVBAoTCUdBTkRJIFNBUzEeMBwGA1UEAxMVR2Fu
+ZGkgU3RhbmRhcmQgU1NMIENBMB4XDTEzMTIzMTAwMDAwMFoXDTE0MTIzMTIzNTk1
+OVowVTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRswGQYDVQQL
+ExJHYW5kaSBTdGFuZGFyZCBTU0wxEzARBgNVBAMTCmRlYmlhbi5vcmcwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+vEXowSP/dvLxO7vdEw7469qAL10+
+SArb9GUi3Iy9mqRoTWBOofz89wonO12TXKlME1CWt69M3QWksDVS/5T7YavKtWor
+o8GoIpsnRYCKiG82cdrVTvi27EGhtXcxPdzXUvlRBfziAau2MGvxaDzzVuUMGs5c
+IKwNj8uSB9pMo87XLUoxiaJuoQ0oOEkwQjdoeDguor74/5x4EmOjmpRTU04jzwQS
+n2judT+7n4o4FxF1nNjZqhgBYRfYt8VAEAI0M1e/9tRA0TPXIR89oA1A87pZQd5z
+PGnjQp/Wh8PFl58QuwqxPZ+sVd+fGyCMhRmIdYlJvL/PyAVE2tMEjZKRAgMBAAGj
+ggG0MIIBsDAfBgNVHSMEGDAWgBS2qP+iqC/Qps1LsWjz51AQMad5ITAdBgNVHQ4E
+FgQU+rLjTGx8nBcqlzZLqVY3AyR8kIkwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGAGA1UdIARZMFcw
+SwYLKwYBBAGyMQECAhowPDA6BggrBgEFBQcCARYuaHR0cDovL3d3dy5nYW5kaS5u
+ZXQvY29udHJhY3RzL2ZyL3NzbC9jcHMvcGRmLzAIBgZngQwBAgEwPAYDVR0fBDUw
+MzAxoC+gLYYraHR0cDovL2NybC5nYW5kaS5uZXQvR2FuZGlTdGFuZGFyZFNTTENB
+LmNybDBqBggrBgEFBQcBAQReMFwwNwYIKwYBBQUHMAKGK2h0dHA6Ly9jcnQuZ2Fu
+ZGkubmV0L0dhbmRpU3RhbmRhcmRTU0xDQS5jcnQwIQYIKwYBBQUHMAGGFWh0dHA6
+Ly9vY3NwLmdhbmRpLm5ldDAlBgNVHREEHjAcggpkZWJpYW4ub3Jngg53d3cuZGVi
+aWFuLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEADPNU9TpKbHHfrpMCgajilaneZozz
+VSKUS0FMiA0+4nQv5yOOgQPv9wop3Pxp++zfI80N906E4AqurtUjgq1dQAQ5YvwT
+U9mtrNQ2VPGai5bEYtVqbhYjl9gsGPF9rBmC1YElWVK+UztgTZ1LJKs9ybuRvZpw
+UzqVlzDIYN35YD8ksvCtEGkUN3Zzw4m6pUNiVhru6TyqOCnxcwzUGJFU9wW0b0/z
+LBB4ZXJSl0ZROmC5uuSw3TfLNRAO9akwc/s8RohbU9JLI49BmTt5/LjNQGEUMj7L
+YG6+W/WJXf/3KnkKKfulO9FkonfLApK57vye+iPKLk3rAwQ/RV78XcxCfA==
+-----END CERTIFICATE-----
projects / dsa-puppet.git / commitdiff