Attempt to get a signed certificate for the following SAN list:
- pinkunicorn.wikimedia.org
- *.pinkunicorn.wikimedia.org
Description
Description
Details
Details
Customize query in gerrit
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | Vgutierrez | T208424 Test wildcard certificate issuance with certcentral | |||
| Resolved | BBlack | T208390 Allow Let's Encrypt issue wildcard certificates |
Event Timeline
Comment Actions
Change 470846 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] certcentral: Add pinkunicorn-wildcard certificate configuration
Comment Actions
Change 470846 merged by Vgutierrez:
[operations/puppet@production] certcentral: Add pinkunicorn-wildcard certificate configuration
Comment Actions
certcentral has been able to get the certificates in both nodes. No manual operation has been required, the change https://gerrit.wikimedia.org/r/470846 has been merged and afterwards puppet ran in both nodes triggering the certcentral restart.
certcentral1001 log can be checked here: https://phabricator.wikimedia.org/P7746
certcentral2001 log can be checked here: https://phabricator.wikimedia.org/P7745
certcentral1001 pinkunicorn-wildcard.rsa-2048
openssl x509 -text -noout -in pinkunicorn-wildcard.rsa-2048.crt
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
fa:a5:5e:db:51:3a:28:a3:41:ac:21:b4:27:85:d1:9f:1f:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN = Fake LE Intermediate X1
Validity
Not Before: Oct 31 14:50:41 2018 GMT
Not After : Jan 29 14:50:41 2019 GMT
Subject: CN = pinkunicorn.wikimedia.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e6:7f:5d:bc:44:ed:b7:d6:ee:f3:41:ad:a8:b2:
da:b3:72:71:19:39:79:11:9c:44:55:c9:6e:2c:cb:
10:df:8f:3b:e8:cd:1b:52:63:4f:49:7d:2b:49:96:
bb:8a:7a:28:41:c1:68:1d:f9:b9:f7:1f:f0:ae:ad:
c4:4d:15:07:2c:a8:58:c0:00:fd:35:10:1c:2a:32:
aa:3c:ec:45:57:dd:15:81:d3:50:db:14:10:ef:2a:
60:8f:61:d4:25:72:a1:33:b7:03:ce:44:0c:7d:87:
8a:99:c7:05:9e:a8:3e:5d:15:0e:25:97:d4:0e:3c:
b4:f7:51:0c:25:05:a0:e8:67:c7:5f:97:4d:5b:47:
60:d2:2d:26:e0:16:99:f9:f7:48:c6:06:11:f3:3b:
8c:89:d8:3a:28:04:e7:71:c4:ab:da:1f:f8:f7:e0:
ef:23:ae:96:61:36:d7:ef:15:e0:a6:c0:f3:af:94:
6a:46:e2:3f:96:69:8d:7c:63:49:8c:78:f8:21:00:
b0:3c:95:78:b1:fc:43:81:31:4e:71:0e:34:2a:a2:
a6:54:25:1d:04:ab:4a:7d:83:93:dc:7d:df:f6:23:
ea:f0:25:c2:54:8d:83:cc:e5:10:51:57:a2:f2:76:
14:d7:c1:74:18:37:cb:97:c7:20:58:97:41:ea:60:
48:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
20:08:04:9C:52:63:CD:0D:0E:B3:BA:B9:E2:84:8E:F5:C0:83:70:BA
X509v3 Authority Key Identifier:
keyid:C0:CC:03:46:B9:58:20:CC:5C:72:70:F3:E1:2E:CB:20:A6:F5:68:3A
Authority Information Access:
OCSP - URI:http://ocsp.stg-int-x1.letsencrypt.org
CA Issuers - URI:http://cert.stg-int-x1.letsencrypt.org/
X509v3 Subject Alternative Name:
DNS:*.pinkunicorn.wikimedia.org, DNS:pinkunicorn.wikimedia.org
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
User Notice:
Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 28:76:1A:18:90:27:FB:EF:3C:D0:D6:1A:01:8D:76:B0:
50:57:29:C7:A7:41:1B:CC:BD:F6:04:F4:5D:42:61:53
Timestamp : Oct 31 15:50:41.670 2018 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:91:E3:01:CB:AC:51:27:2F:A5:D9:66:
0B:56:B2:91:9C:B7:47:69:1C:C4:64:5C:05:46:59:56:
51:C9:38:BB:49:02:20:6A:1D:CC:D9:0D:66:61:73:D4:
5A:AB:FA:44:AF:59:6E:D0:6F:DD:94:77:B9:B5:1F:6E:
6B:1E:9D:41:18:7C:40
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 16:E8:69:C1:D1:95:EA:D7:C3:F8:97:1A:E3:F0:76:01:
F7:8C:E1:B6:9D:31:A8:52:18:B6:83:7F:31:A8:15:08
Timestamp : Oct 31 15:50:41.704 2018 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:6F:6A:C1:58:6B:26:81:AA:BE:4B:BC:04:
5D:46:88:3C:73:F9:84:97:22:37:41:06:0F:BC:49:34:
49:8C:47:B0:02:20:0C:78:3B:C9:E0:D8:72:BD:86:2B:
BA:BF:0C:3E:51:F0:25:0D:4F:77:7A:27:2E:77:F2:D5:
DB:B8:78:7E:C0:AE
Signature Algorithm: sha256WithRSAEncryption
d4:fc:94:e0:cf:93:35:b6:0e:71:59:d5:49:2c:85:0b:6b:5f:
96:ff:14:d4:12:d1:5e:06:e4:6e:95:f0:06:06:91:6f:ec:a4:
71:7b:c4:07:b0:08:2a:49:d8:b4:74:05:c3:a4:a1:8a:f9:a6:
47:fd:b9:5f:37:1d:ad:c2:f6:e1:c3:82:92:19:bd:c4:02:4c:
ca:c4:45:03:04:2d:18:f7:3b:75:3d:f0:63:5d:90:7f:ad:df:
7b:a3:da:a3:bf:4a:74:61:02:1b:54:49:88:cb:4a:21:2a:cf:
0d:be:6c:2b:a3:a0:00:df:bb:7e:44:9e:50:a1:83:ad:06:36:
b9:a0:a5:2e:2a:8e:81:8c:8a:24:2e:ec:47:f8:d5:92:dc:98:
27:14:66:c9:29:5d:f6:c4:9b:a9:95:c5:74:3d:6e:41:08:b5:
78:75:c5:16:ff:de:27:eb:27:63:78:70:7e:22:53:12:4f:ad:
ee:57:dc:51:4e:ac:20:fe:f7:c3:49:4a:24:3d:f3:e3:0a:e4:
e3:ce:74:9b:6c:5e:8f:14:7a:a3:c6:d6:68:82:ab:c8:53:3b:
17:96:6a:e9:ec:38:d3:10:d3:ed:b0:cb:c1:2c:00:3f:d9:58:
22:f4:c3:e2:05:aa:dc:9c:7f:5e:2f:f2:f4:58:f6:7f:69:41:
2d:63:52:c9certcentral1001 pinkunicorn-wildcard.ecprime256v1
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
fa:21:88:0d:46:24:82:51:e9:1d:89:fa:48:e8:73:e5:48:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN = Fake LE Intermediate X1
Validity
Not Before: Oct 31 14:50:00 2018 GMT
Not After : Jan 29 14:50:00 2019 GMT
Subject: CN = pinkunicorn.wikimedia.org
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:17:18:d7:80:48:e0:d0:09:75:e8:ea:2c:ab:6a:
2f:53:1b:89:38:7b:4c:3c:70:97:b9:23:61:1a:4c:
ed:b4:c8:9b:45:b6:fc:53:45:d6:f0:87:0e:3f:bd:
e4:3b:ef:9d:82:07:77:f9:d4:0d:5c:34:48:ed:d6:
7f:eb:bb:a8:f2
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
F8:D3:38:64:C0:4E:87:CF:C6:5C:21:7D:1A:1D:C1:F7:81:8D:9A:90
X509v3 Authority Key Identifier:
keyid:C0:CC:03:46:B9:58:20:CC:5C:72:70:F3:E1:2E:CB:20:A6:F5:68:3A
Authority Information Access:
OCSP - URI:http://ocsp.stg-int-x1.letsencrypt.org
CA Issuers - URI:http://cert.stg-int-x1.letsencrypt.org/
X509v3 Subject Alternative Name:
DNS:*.pinkunicorn.wikimedia.org, DNS:pinkunicorn.wikimedia.org
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
User Notice:
Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 28:76:1A:18:90:27:FB:EF:3C:D0:D6:1A:01:8D:76:B0:
50:57:29:C7:A7:41:1B:CC:BD:F6:04:F4:5D:42:61:53
Timestamp : Oct 31 15:50:00.867 2018 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:D2:57:42:36:9E:30:8C:15:3E:ED:0C:
4E:97:14:30:45:EB:9A:EC:5E:92:A7:0E:E4:A2:66:CD:
10:9D:0B:28:71:02:21:00:C6:F7:9F:8C:B6:A5:F5:07:
BC:7A:64:94:50:D7:FD:67:E3:05:FD:54:09:8C:2A:98:
0D:64:D5:15:D5:E0:B9:1D
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 16:E8:69:C1:D1:95:EA:D7:C3:F8:97:1A:E3:F0:76:01:
F7:8C:E1:B6:9D:31:A8:52:18:B6:83:7F:31:A8:15:08
Timestamp : Oct 31 15:50:01.367 2018 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:21:54:ED:52:C1:57:07:06:4A:EF:26:1A:
7D:81:14:E8:DC:F6:C5:2C:4E:65:09:D1:04:61:8E:15:
B5:4B:16:B2:02:21:00:94:96:30:F8:CA:14:C8:F2:BD:
59:FB:63:D3:CB:14:68:3C:B0:AE:C3:80:9D:95:0D:6B:
D8:28:21:26:8E:C8:36
Signature Algorithm: sha256WithRSAEncryption
03:ca:0e:d1:30:7a:ae:81:d1:6b:94:7f:ca:fa:62:56:0b:ee:
7c:be:76:7a:09:97:f4:f6:da:3d:31:75:1b:c4:e0:9e:68:85:
eb:63:0c:0c:cb:a4:87:21:51:85:52:c4:6d:5d:86:0f:fd:ed:
11:e0:08:48:ff:9f:d3:2e:0e:78:92:4e:00:ac:67:95:a7:6e:
ac:c5:7f:fb:47:ed:c8:33:af:9f:73:2b:5e:70:5b:23:80:20:
97:9b:14:0d:c0:f7:75:b9:1a:ea:2f:ef:9b:0d:1e:ee:0c:e0:
69:44:0d:47:a8:db:29:15:53:56:dd:b1:2e:a9:b5:a6:d6:ca:
02:54:02:83:4f:3b:70:e0:e5:c4:62:30:fd:94:9a:5f:c4:8d:
6b:03:8d:99:3e:cd:ed:22:03:eb:a6:6d:09:8f:08:51:fe:32:
d9:f2:59:a3:43:ac:60:19:c2:0d:10:ab:6e:36:3b:25:b6:78:
ff:d4:d5:d8:ed:b4:81:a8:26:89:8c:5e:58:f5:9b:3e:6f:1f:
ea:c9:e0:97:c5:b1:6a:66:1f:f0:8e:e6:f7:9e:91:31:70:e6:
ec:83:10:74:eb:d6:4e:86:35:ba:99:44:ba:3b:0b:39:cb:8f:
36:a6:51:25:97:4f:b3:6f:3b:0a:b9:13:93:5f:c6:b8:40:25:
00:dc:ab:7acertcentral2001 pinkunicorn-wildcard.rsa-2048
# openssl x509 -text -noout -in pinkunicorn-wildcard.rsa-2048.crt
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
fa:d4:78:38:f7:55:46:b3:d5:d5:6a:25:18:fe:50:5f:89:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN = Fake LE Intermediate X1
Validity
Not Before: Oct 31 14:49:41 2018 GMT
Not After : Jan 29 14:49:41 2019 GMT
Subject: CN = pinkunicorn.wikimedia.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:9b:0f:a4:1d:28:6a:e9:11:d9:f1:c6:31:13:46:
65:18:f3:4f:54:1f:d1:21:64:eb:a9:9e:8e:64:6b:
96:d6:aa:03:57:e8:14:2c:4b:42:35:66:d5:a3:09:
50:ed:11:9e:94:cf:90:a8:71:f3:7b:f6:10:3b:5c:
c5:1f:76:2b:94:f9:01:be:de:bf:49:5b:6b:2a:60:
98:86:a2:81:46:4c:65:6a:17:37:42:a9:85:86:65:
a9:81:bc:6b:be:55:a6:64:ab:13:17:a5:2b:83:b4:
65:9f:de:18:bc:24:12:f2:ef:5c:d2:eb:80:9f:9e:
fd:4f:b0:eb:fa:d8:15:df:89:40:c3:f1:8d:ff:e6:
1e:e9:7e:11:57:20:2d:78:91:f9:5b:eb:80:b9:34:
ac:f2:59:72:e0:5b:11:a6:57:8f:47:0e:cb:71:1b:
03:a9:4a:da:a1:7c:66:71:5d:89:c4:7e:64:5c:35:
67:d5:d4:f5:02:39:94:61:cc:12:2d:92:81:f6:50:
6b:0e:4e:97:8d:2a:7b:44:c3:37:03:3d:8d:40:7d:
0c:9d:ce:b4:8a:5d:fe:c3:8b:94:92:21:fe:ba:b0:
2c:28:6c:f0:58:3f:9f:41:89:89:89:52:d6:bf:5e:
54:e5:f2:38:58:72:13:ce:55:f8:f1:87:35:06:b2:
69:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
47:4C:5F:33:11:41:C6:CC:C2:33:40:B5:87:B7:AA:D3:A9:57:09:23
X509v3 Authority Key Identifier:
keyid:C0:CC:03:46:B9:58:20:CC:5C:72:70:F3:E1:2E:CB:20:A6:F5:68:3A
Authority Information Access:
OCSP - URI:http://ocsp.stg-int-x1.letsencrypt.org
CA Issuers - URI:http://cert.stg-int-x1.letsencrypt.org/
X509v3 Subject Alternative Name:
DNS:*.pinkunicorn.wikimedia.org, DNS:pinkunicorn.wikimedia.org
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
User Notice:
Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DD:99:34:FC:A5:E7:24:80:C9:56:68:7D:81:34:99:08:
49:B2:49:F7:B5:69:D8:C7:BC:AB:3F:5C:C1:F3:6E:64
Timestamp : Oct 31 15:49:41.953 2018 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:D7:E6:E2:DC:0E:09:E4:A5:8E:E7:03:
67:44:CD:5C:28:17:86:0B:7D:71:74:D0:6B:52:94:D6:
31:73:5A:F2:3D:02:21:00:AC:4B:10:35:D5:7B:47:97:
A1:48:3E:A4:02:53:D0:EE:2C:CC:0F:54:FF:A6:1A:49:
D4:D1:16:74:58:4D:46:E9
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 16:E8:69:C1:D1:95:EA:D7:C3:F8:97:1A:E3:F0:76:01:
F7:8C:E1:B6:9D:31:A8:52:18:B6:83:7F:31:A8:15:08
Timestamp : Oct 31 15:49:42.453 2018 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:3D:0B:18:11:51:6F:94:47:54:C0:55:2A:
1F:90:F6:49:76:55:BC:AB:E2:F5:10:CF:B5:91:08:06:
1B:A5:BF:BA:02:20:49:DF:61:BD:87:31:3F:B5:DD:4E:
D8:66:A4:15:14:80:DC:04:38:C0:1B:4B:A4:82:EE:79:
31:85:85:17:75:9A
Signature Algorithm: sha256WithRSAEncryption
69:81:92:e9:63:88:d4:ec:9d:3d:e9:cd:f2:ef:eb:94:9a:95:
22:76:9d:ab:31:2c:ad:99:b0:a0:f3:34:2f:d6:8e:67:ea:4b:
66:37:87:e1:07:6d:41:1b:6b:d4:3c:fb:81:e2:49:fe:54:7d:
69:2d:a8:52:f9:52:e8:4a:3e:bf:64:25:9d:09:64:cb:4c:df:
87:f4:89:fd:08:0e:74:89:58:fb:46:03:a2:ae:9d:7e:e3:16:
1a:8a:20:82:e5:46:74:b9:58:bc:0a:48:b1:63:64:a3:0e:ca:
7e:ec:9e:69:81:f3:46:db:89:13:08:2d:09:d9:28:fb:b2:a7:
ab:88:0e:6c:48:c3:d7:c8:a8:24:62:86:4e:cd:71:d3:35:e1:
01:2d:90:45:7a:26:9f:fe:b9:97:d5:a8:d4:1b:16:9a:93:ec:
7a:e1:9a:de:14:fb:9a:95:e9:07:4b:f6:a0:02:fa:61:b3:85:
74:5f:e0:76:f0:f9:fa:41:4d:91:62:2f:9f:08:1f:28:fe:1d:
78:78:d1:f6:05:32:4c:1f:a2:91:e4:3d:34:2e:d9:08:c2:31:
b2:74:bf:fe:5f:d2:c2:33:64:a5:38:0c:a2:cf:a0:7f:2a:28:
da:0d:3b:af:12:82:96:a1:13:5f:53:10:cc:87:4b:30:ac:c9:
eb:d6:95:dfcertcentral2001 pinkunicorn-wildcard.ec-prime256v1
# openssl x509 -text -noout -in pinkunicorn-wildcard.ec-prime256v1.crt
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
fa:5a:fe:47:02:ef:df:a6:18:99:5d:6a:2a:d1:74:6b:13:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN = Fake LE Intermediate X1
Validity
Not Before: Oct 31 14:49:47 2018 GMT
Not After : Jan 29 14:49:47 2019 GMT
Subject: CN = pinkunicorn.wikimedia.org
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:6d:48:24:a3:85:de:82:a2:f4:12:37:21:99:8e:
75:b7:3a:f1:d2:a0:25:89:6e:8f:36:33:b4:68:d9:
2c:bb:f9:4f:92:a3:6f:2c:43:c1:4c:c4:80:5f:c9:
c7:ee:08:40:c4:6d:95:db:7d:29:ff:08:89:a4:12:
f5:46:b5:74:e4
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
72:E6:D0:83:D2:13:54:FA:4E:0B:14:47:8B:59:90:59:C7:06:32:DF
X509v3 Authority Key Identifier:
keyid:C0:CC:03:46:B9:58:20:CC:5C:72:70:F3:E1:2E:CB:20:A6:F5:68:3A
Authority Information Access:
OCSP - URI:http://ocsp.stg-int-x1.letsencrypt.org
CA Issuers - URI:http://cert.stg-int-x1.letsencrypt.org/
X509v3 Subject Alternative Name:
DNS:*.pinkunicorn.wikimedia.org, DNS:pinkunicorn.wikimedia.org
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
User Notice:
Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 28:76:1A:18:90:27:FB:EF:3C:D0:D6:1A:01:8D:76:B0:
50:57:29:C7:A7:41:1B:CC:BD:F6:04:F4:5D:42:61:53
Timestamp : Oct 31 15:49:47.329 2018 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:1C:94:67:4D:95:AA:99:CA:27:B8:E5:FD:
2E:EA:4D:F8:7F:FE:5F:53:13:A6:5C:47:B1:D6:F9:A7:
F3:66:48:77:02:21:00:98:5A:FB:C6:E8:39:05:53:44:
86:33:79:17:FF:99:89:F8:21:B0:FE:75:29:84:5A:63:
5E:2B:69:B7:0C:3D:21
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 16:E8:69:C1:D1:95:EA:D7:C3:F8:97:1A:E3:F0:76:01:
F7:8C:E1:B6:9D:31:A8:52:18:B6:83:7F:31:A8:15:08
Timestamp : Oct 31 15:49:47.830 2018 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:99:F7:0C:04:AA:E8:88:DA:8A:66:3C:
C6:42:7F:E2:61:C9:61:D2:0E:40:48:C4:5C:0A:AA:AA:
C0:9F:04:90:B6:02:20:0C:62:14:2A:CD:B5:87:D6:4F:
1E:FC:E6:08:86:B2:75:ED:7E:0C:8F:05:73:74:C3:2D:
30:02:F2:97:77:E2:E3
Signature Algorithm: sha256WithRSAEncryption
26:e0:5b:f5:a7:d7:35:09:f7:4d:b0:5d:81:73:88:94:b6:a1:
8a:c0:99:98:6f:f6:bb:b9:db:bd:e6:93:ce:9e:0d:0d:dd:df:
55:79:bd:61:ee:6b:b6:69:07:ca:1d:7b:a5:0a:e0:60:83:c7:
e8:2d:a8:dc:f3:4e:8e:d1:f3:a9:30:d0:9a:82:47:41:00:c8:
54:f2:5f:6b:24:ed:99:d6:77:35:f5:3a:73:00:f8:f3:22:01:
90:a5:6e:b3:12:43:33:6d:c1:61:2d:8c:a1:c5:40:27:52:47:
3c:8d:b0:a4:2e:0f:72:46:a7:39:1b:05:10:fd:a7:5d:ca:56:
d8:76:b5:c8:20:6d:ad:93:cf:01:8e:8d:25:3b:29:21:1c:2c:
06:71:65:98:05:f8:7a:af:01:77:c3:d9:9d:0a:0a:e3:e5:de:
ba:c8:95:b4:26:9d:eb:80:e5:de:eb:d5:75:dc:27:3a:88:f1:
bc:02:6f:36:7e:37:fa:15:ed:73:61:61:ac:e9:84:8d:55:d8:
cf:f4:5c:c3:cf:d9:76:71:7d:24:51:3d:fd:d8:2d:c5:71:fe:
b9:88:38:7d:81:e8:2a:07:bb:6e:01:01:9b:41:0c:38:c3:9c:
84:e6:bc:91:ca:1b:17:f4:8b:e8:43:04:6d:bd:fb:df:56:13:
6b:9f:0d:2eComment Actions
Change 470858 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/dns@master] Revert "wikimedia.org CAA: allow wildcards for LE"
Comment Actions
Change 470861 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] Revert "certcentral: Add pinkunicorn-wildcard certificate configuration"
Comment Actions
Change 470861 merged by Vgutierrez:
[operations/puppet@production] Revert "certcentral: Add pinkunicorn-wildcard certificate configuration"
Comment Actions
Change 470858 merged by Vgutierrez:
[operations/dns@master] Revert "wikimedia.org CAA: allow wildcards for LE"