SSL at GNOME

Certificates are managed differently based on their issuer:

  1. Gandi - certificates.git on puppetmaster01

  2. Let's Encrypt - /srv/letsencrypt on puppetmaster01

Cloning the certificates.git should happen on the target machine itself:

ssh puppetmaster01-back
git clone /git/certificates.git

The list of the domains we cover via SSL will follow.

Gandi

  1. irc.gnome.org

Let's Encrypt

Look into puppetmaster01.gnome.org:/srv/letsencrypt/configurations for all the subdomains that are covered.

Infrastructure/SSL (last edited 2021-09-02 09:38:03 by AndreaVeri)