Cited from https://meta.miraheze.org/wiki/Special:IncidentReports/31: Fix how we deploy additional certificates: see https://github.com/wikimedia/puppet/blob/production/modules/sslcert/manifests/init.pp#L23. Custom domain certificates must be in a separate directory, like /etc/ssl/localcerts. Deploying root certificates shouldn't be need in the first place(?), not even for ssl_ca, but if we really have to: use the ca-certificates directory and run update-ca-certificates to update /etc/ssl/certs and the ca-certificates.crt file. See https://github.com/wikimedia/puppet/blob/production/modules/sslcert/manifests/ca.pp.
Description
Description
Event Timeline
Herald added a subscriber: Reception123. · View Herald TranscriptJun 7 2020, 18:542020-06-07 18:54:43 (UTC+0)
Southparkfan moved this task from Backlog to Site Reliability Engineering on the Goal-2020-Jul-Dec board.Jul 14 2020, 20:092020-07-14 20:09:09 (UTC+0)
Herald added a subscriber: Unknown Object (User). · View Herald TranscriptNov 21 2020, 19:212020-11-21 19:21:25 (UTC+0)
John edited projects, added Infrastructure (SRE); removed Site Reliability Engineering.Jan 30 2021, 11:452021-01-30 11:45:49 (UTC+0) ·
John moved this task from Incoming to Long Term on the Infrastructure (SRE) board.Jan 30 2021, 12:172021-01-30 12:17:41 (UTC+0)