Attempt to get a signed certificate for the following SAN list:
- pinkunicorn.wikimedia.org
- *.pinkunicorn.wikimedia.org
Attempt to get a signed certificate for the following SAN list:
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Resolved | Vgutierrez | T208424 Test wildcard certificate issuance with certcentral | |||
Resolved | BBlack | T208390 Allow Let's Encrypt issue wildcard certificates |
Change 470846 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] certcentral: Add pinkunicorn-wildcard certificate configuration
Change 470846 merged by Vgutierrez:
[operations/puppet@production] certcentral: Add pinkunicorn-wildcard certificate configuration
certcentral has been able to get the certificates in both nodes. No manual operation has been required, the change https://gerrit.wikimedia.org/r/470846 has been merged and afterwards puppet ran in both nodes triggering the certcentral restart.
certcentral1001 log can be checked here: https://phabricator.wikimedia.org/P7746
certcentral2001 log can be checked here: https://phabricator.wikimedia.org/P7745
openssl x509 -text -noout -in pinkunicorn-wildcard.rsa-2048.crt Certificate: Data: Version: 3 (0x2) Serial Number: fa:a5:5e:db:51:3a:28:a3:41:ac:21:b4:27:85:d1:9f:1f:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN = Fake LE Intermediate X1 Validity Not Before: Oct 31 14:50:41 2018 GMT Not After : Jan 29 14:50:41 2019 GMT Subject: CN = pinkunicorn.wikimedia.org Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:e6:7f:5d:bc:44:ed:b7:d6:ee:f3:41:ad:a8:b2: da:b3:72:71:19:39:79:11:9c:44:55:c9:6e:2c:cb: 10:df:8f:3b:e8:cd:1b:52:63:4f:49:7d:2b:49:96: bb:8a:7a:28:41:c1:68:1d:f9:b9:f7:1f:f0:ae:ad: c4:4d:15:07:2c:a8:58:c0:00:fd:35:10:1c:2a:32: aa:3c:ec:45:57:dd:15:81:d3:50:db:14:10:ef:2a: 60:8f:61:d4:25:72:a1:33:b7:03:ce:44:0c:7d:87: 8a:99:c7:05:9e:a8:3e:5d:15:0e:25:97:d4:0e:3c: b4:f7:51:0c:25:05:a0:e8:67:c7:5f:97:4d:5b:47: 60:d2:2d:26:e0:16:99:f9:f7:48:c6:06:11:f3:3b: 8c:89:d8:3a:28:04:e7:71:c4:ab:da:1f:f8:f7:e0: ef:23:ae:96:61:36:d7:ef:15:e0:a6:c0:f3:af:94: 6a:46:e2:3f:96:69:8d:7c:63:49:8c:78:f8:21:00: b0:3c:95:78:b1:fc:43:81:31:4e:71:0e:34:2a:a2: a6:54:25:1d:04:ab:4a:7d:83:93:dc:7d:df:f6:23: ea:f0:25:c2:54:8d:83:cc:e5:10:51:57:a2:f2:76: 14:d7:c1:74:18:37:cb:97:c7:20:58:97:41:ea:60: 48:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 20:08:04:9C:52:63:CD:0D:0E:B3:BA:B9:E2:84:8E:F5:C0:83:70:BA X509v3 Authority Key Identifier: keyid:C0:CC:03:46:B9:58:20:CC:5C:72:70:F3:E1:2E:CB:20:A6:F5:68:3A Authority Information Access: OCSP - URI:http://ocsp.stg-int-x1.letsencrypt.org CA Issuers - URI:http://cert.stg-int-x1.letsencrypt.org/ X509v3 Subject Alternative Name: DNS:*.pinkunicorn.wikimedia.org, DNS:pinkunicorn.wikimedia.org X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 Policy: 1.3.6.1.4.1.44947.1.1.1 CPS: http://cps.letsencrypt.org User Notice: Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/ CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 28:76:1A:18:90:27:FB:EF:3C:D0:D6:1A:01:8D:76:B0: 50:57:29:C7:A7:41:1B:CC:BD:F6:04:F4:5D:42:61:53 Timestamp : Oct 31 15:50:41.670 2018 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:91:E3:01:CB:AC:51:27:2F:A5:D9:66: 0B:56:B2:91:9C:B7:47:69:1C:C4:64:5C:05:46:59:56: 51:C9:38:BB:49:02:20:6A:1D:CC:D9:0D:66:61:73:D4: 5A:AB:FA:44:AF:59:6E:D0:6F:DD:94:77:B9:B5:1F:6E: 6B:1E:9D:41:18:7C:40 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 16:E8:69:C1:D1:95:EA:D7:C3:F8:97:1A:E3:F0:76:01: F7:8C:E1:B6:9D:31:A8:52:18:B6:83:7F:31:A8:15:08 Timestamp : Oct 31 15:50:41.704 2018 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:6F:6A:C1:58:6B:26:81:AA:BE:4B:BC:04: 5D:46:88:3C:73:F9:84:97:22:37:41:06:0F:BC:49:34: 49:8C:47:B0:02:20:0C:78:3B:C9:E0:D8:72:BD:86:2B: BA:BF:0C:3E:51:F0:25:0D:4F:77:7A:27:2E:77:F2:D5: DB:B8:78:7E:C0:AE Signature Algorithm: sha256WithRSAEncryption d4:fc:94:e0:cf:93:35:b6:0e:71:59:d5:49:2c:85:0b:6b:5f: 96:ff:14:d4:12:d1:5e:06:e4:6e:95:f0:06:06:91:6f:ec:a4: 71:7b:c4:07:b0:08:2a:49:d8:b4:74:05:c3:a4:a1:8a:f9:a6: 47:fd:b9:5f:37:1d:ad:c2:f6:e1:c3:82:92:19:bd:c4:02:4c: ca:c4:45:03:04:2d:18:f7:3b:75:3d:f0:63:5d:90:7f:ad:df: 7b:a3:da:a3:bf:4a:74:61:02:1b:54:49:88:cb:4a:21:2a:cf: 0d:be:6c:2b:a3:a0:00:df:bb:7e:44:9e:50:a1:83:ad:06:36: b9:a0:a5:2e:2a:8e:81:8c:8a:24:2e:ec:47:f8:d5:92:dc:98: 27:14:66:c9:29:5d:f6:c4:9b:a9:95:c5:74:3d:6e:41:08:b5: 78:75:c5:16:ff:de:27:eb:27:63:78:70:7e:22:53:12:4f:ad: ee:57:dc:51:4e:ac:20:fe:f7:c3:49:4a:24:3d:f3:e3:0a:e4: e3:ce:74:9b:6c:5e:8f:14:7a:a3:c6:d6:68:82:ab:c8:53:3b: 17:96:6a:e9:ec:38:d3:10:d3:ed:b0:cb:c1:2c:00:3f:d9:58: 22:f4:c3:e2:05:aa:dc:9c:7f:5e:2f:f2:f4:58:f6:7f:69:41: 2d:63:52:c9
Certificate: Data: Version: 3 (0x2) Serial Number: fa:21:88:0d:46:24:82:51:e9:1d:89:fa:48:e8:73:e5:48:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN = Fake LE Intermediate X1 Validity Not Before: Oct 31 14:50:00 2018 GMT Not After : Jan 29 14:50:00 2019 GMT Subject: CN = pinkunicorn.wikimedia.org Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:17:18:d7:80:48:e0:d0:09:75:e8:ea:2c:ab:6a: 2f:53:1b:89:38:7b:4c:3c:70:97:b9:23:61:1a:4c: ed:b4:c8:9b:45:b6:fc:53:45:d6:f0:87:0e:3f:bd: e4:3b:ef:9d:82:07:77:f9:d4:0d:5c:34:48:ed:d6: 7f:eb:bb:a8:f2 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: F8:D3:38:64:C0:4E:87:CF:C6:5C:21:7D:1A:1D:C1:F7:81:8D:9A:90 X509v3 Authority Key Identifier: keyid:C0:CC:03:46:B9:58:20:CC:5C:72:70:F3:E1:2E:CB:20:A6:F5:68:3A Authority Information Access: OCSP - URI:http://ocsp.stg-int-x1.letsencrypt.org CA Issuers - URI:http://cert.stg-int-x1.letsencrypt.org/ X509v3 Subject Alternative Name: DNS:*.pinkunicorn.wikimedia.org, DNS:pinkunicorn.wikimedia.org X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 Policy: 1.3.6.1.4.1.44947.1.1.1 CPS: http://cps.letsencrypt.org User Notice: Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/ CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 28:76:1A:18:90:27:FB:EF:3C:D0:D6:1A:01:8D:76:B0: 50:57:29:C7:A7:41:1B:CC:BD:F6:04:F4:5D:42:61:53 Timestamp : Oct 31 15:50:00.867 2018 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:D2:57:42:36:9E:30:8C:15:3E:ED:0C: 4E:97:14:30:45:EB:9A:EC:5E:92:A7:0E:E4:A2:66:CD: 10:9D:0B:28:71:02:21:00:C6:F7:9F:8C:B6:A5:F5:07: BC:7A:64:94:50:D7:FD:67:E3:05:FD:54:09:8C:2A:98: 0D:64:D5:15:D5:E0:B9:1D Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 16:E8:69:C1:D1:95:EA:D7:C3:F8:97:1A:E3:F0:76:01: F7:8C:E1:B6:9D:31:A8:52:18:B6:83:7F:31:A8:15:08 Timestamp : Oct 31 15:50:01.367 2018 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:21:54:ED:52:C1:57:07:06:4A:EF:26:1A: 7D:81:14:E8:DC:F6:C5:2C:4E:65:09:D1:04:61:8E:15: B5:4B:16:B2:02:21:00:94:96:30:F8:CA:14:C8:F2:BD: 59:FB:63:D3:CB:14:68:3C:B0:AE:C3:80:9D:95:0D:6B: D8:28:21:26:8E:C8:36 Signature Algorithm: sha256WithRSAEncryption 03:ca:0e:d1:30:7a:ae:81:d1:6b:94:7f:ca:fa:62:56:0b:ee: 7c:be:76:7a:09:97:f4:f6:da:3d:31:75:1b:c4:e0:9e:68:85: eb:63:0c:0c:cb:a4:87:21:51:85:52:c4:6d:5d:86:0f:fd:ed: 11:e0:08:48:ff:9f:d3:2e:0e:78:92:4e:00:ac:67:95:a7:6e: ac:c5:7f:fb:47:ed:c8:33:af:9f:73:2b:5e:70:5b:23:80:20: 97:9b:14:0d:c0:f7:75:b9:1a:ea:2f:ef:9b:0d:1e:ee:0c:e0: 69:44:0d:47:a8:db:29:15:53:56:dd:b1:2e:a9:b5:a6:d6:ca: 02:54:02:83:4f:3b:70:e0:e5:c4:62:30:fd:94:9a:5f:c4:8d: 6b:03:8d:99:3e:cd:ed:22:03:eb:a6:6d:09:8f:08:51:fe:32: d9:f2:59:a3:43:ac:60:19:c2:0d:10:ab:6e:36:3b:25:b6:78: ff:d4:d5:d8:ed:b4:81:a8:26:89:8c:5e:58:f5:9b:3e:6f:1f: ea:c9:e0:97:c5:b1:6a:66:1f:f0:8e:e6:f7:9e:91:31:70:e6: ec:83:10:74:eb:d6:4e:86:35:ba:99:44:ba:3b:0b:39:cb:8f: 36:a6:51:25:97:4f:b3:6f:3b:0a:b9:13:93:5f:c6:b8:40:25: 00:dc:ab:7a
# openssl x509 -text -noout -in pinkunicorn-wildcard.rsa-2048.crt Certificate: Data: Version: 3 (0x2) Serial Number: fa:d4:78:38:f7:55:46:b3:d5:d5:6a:25:18:fe:50:5f:89:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN = Fake LE Intermediate X1 Validity Not Before: Oct 31 14:49:41 2018 GMT Not After : Jan 29 14:49:41 2019 GMT Subject: CN = pinkunicorn.wikimedia.org Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:9b:0f:a4:1d:28:6a:e9:11:d9:f1:c6:31:13:46: 65:18:f3:4f:54:1f:d1:21:64:eb:a9:9e:8e:64:6b: 96:d6:aa:03:57:e8:14:2c:4b:42:35:66:d5:a3:09: 50:ed:11:9e:94:cf:90:a8:71:f3:7b:f6:10:3b:5c: c5:1f:76:2b:94:f9:01:be:de:bf:49:5b:6b:2a:60: 98:86:a2:81:46:4c:65:6a:17:37:42:a9:85:86:65: a9:81:bc:6b:be:55:a6:64:ab:13:17:a5:2b:83:b4: 65:9f:de:18:bc:24:12:f2:ef:5c:d2:eb:80:9f:9e: fd:4f:b0:eb:fa:d8:15:df:89:40:c3:f1:8d:ff:e6: 1e:e9:7e:11:57:20:2d:78:91:f9:5b:eb:80:b9:34: ac:f2:59:72:e0:5b:11:a6:57:8f:47:0e:cb:71:1b: 03:a9:4a:da:a1:7c:66:71:5d:89:c4:7e:64:5c:35: 67:d5:d4:f5:02:39:94:61:cc:12:2d:92:81:f6:50: 6b:0e:4e:97:8d:2a:7b:44:c3:37:03:3d:8d:40:7d: 0c:9d:ce:b4:8a:5d:fe:c3:8b:94:92:21:fe:ba:b0: 2c:28:6c:f0:58:3f:9f:41:89:89:89:52:d6:bf:5e: 54:e5:f2:38:58:72:13:ce:55:f8:f1:87:35:06:b2: 69:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 47:4C:5F:33:11:41:C6:CC:C2:33:40:B5:87:B7:AA:D3:A9:57:09:23 X509v3 Authority Key Identifier: keyid:C0:CC:03:46:B9:58:20:CC:5C:72:70:F3:E1:2E:CB:20:A6:F5:68:3A Authority Information Access: OCSP - URI:http://ocsp.stg-int-x1.letsencrypt.org CA Issuers - URI:http://cert.stg-int-x1.letsencrypt.org/ X509v3 Subject Alternative Name: DNS:*.pinkunicorn.wikimedia.org, DNS:pinkunicorn.wikimedia.org X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 Policy: 1.3.6.1.4.1.44947.1.1.1 CPS: http://cps.letsencrypt.org User Notice: Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/ CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DD:99:34:FC:A5:E7:24:80:C9:56:68:7D:81:34:99:08: 49:B2:49:F7:B5:69:D8:C7:BC:AB:3F:5C:C1:F3:6E:64 Timestamp : Oct 31 15:49:41.953 2018 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:D7:E6:E2:DC:0E:09:E4:A5:8E:E7:03: 67:44:CD:5C:28:17:86:0B:7D:71:74:D0:6B:52:94:D6: 31:73:5A:F2:3D:02:21:00:AC:4B:10:35:D5:7B:47:97: A1:48:3E:A4:02:53:D0:EE:2C:CC:0F:54:FF:A6:1A:49: D4:D1:16:74:58:4D:46:E9 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 16:E8:69:C1:D1:95:EA:D7:C3:F8:97:1A:E3:F0:76:01: F7:8C:E1:B6:9D:31:A8:52:18:B6:83:7F:31:A8:15:08 Timestamp : Oct 31 15:49:42.453 2018 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:3D:0B:18:11:51:6F:94:47:54:C0:55:2A: 1F:90:F6:49:76:55:BC:AB:E2:F5:10:CF:B5:91:08:06: 1B:A5:BF:BA:02:20:49:DF:61:BD:87:31:3F:B5:DD:4E: D8:66:A4:15:14:80:DC:04:38:C0:1B:4B:A4:82:EE:79: 31:85:85:17:75:9A Signature Algorithm: sha256WithRSAEncryption 69:81:92:e9:63:88:d4:ec:9d:3d:e9:cd:f2:ef:eb:94:9a:95: 22:76:9d:ab:31:2c:ad:99:b0:a0:f3:34:2f:d6:8e:67:ea:4b: 66:37:87:e1:07:6d:41:1b:6b:d4:3c:fb:81:e2:49:fe:54:7d: 69:2d:a8:52:f9:52:e8:4a:3e:bf:64:25:9d:09:64:cb:4c:df: 87:f4:89:fd:08:0e:74:89:58:fb:46:03:a2:ae:9d:7e:e3:16: 1a:8a:20:82:e5:46:74:b9:58:bc:0a:48:b1:63:64:a3:0e:ca: 7e:ec:9e:69:81:f3:46:db:89:13:08:2d:09:d9:28:fb:b2:a7: ab:88:0e:6c:48:c3:d7:c8:a8:24:62:86:4e:cd:71:d3:35:e1: 01:2d:90:45:7a:26:9f:fe:b9:97:d5:a8:d4:1b:16:9a:93:ec: 7a:e1:9a:de:14:fb:9a:95:e9:07:4b:f6:a0:02:fa:61:b3:85: 74:5f:e0:76:f0:f9:fa:41:4d:91:62:2f:9f:08:1f:28:fe:1d: 78:78:d1:f6:05:32:4c:1f:a2:91:e4:3d:34:2e:d9:08:c2:31: b2:74:bf:fe:5f:d2:c2:33:64:a5:38:0c:a2:cf:a0:7f:2a:28: da:0d:3b:af:12:82:96:a1:13:5f:53:10:cc:87:4b:30:ac:c9: eb:d6:95:df
# openssl x509 -text -noout -in pinkunicorn-wildcard.ec-prime256v1.crt Certificate: Data: Version: 3 (0x2) Serial Number: fa:5a:fe:47:02:ef:df:a6:18:99:5d:6a:2a:d1:74:6b:13:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN = Fake LE Intermediate X1 Validity Not Before: Oct 31 14:49:47 2018 GMT Not After : Jan 29 14:49:47 2019 GMT Subject: CN = pinkunicorn.wikimedia.org Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:6d:48:24:a3:85:de:82:a2:f4:12:37:21:99:8e: 75:b7:3a:f1:d2:a0:25:89:6e:8f:36:33:b4:68:d9: 2c:bb:f9:4f:92:a3:6f:2c:43:c1:4c:c4:80:5f:c9: c7:ee:08:40:c4:6d:95:db:7d:29:ff:08:89:a4:12: f5:46:b5:74:e4 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 72:E6:D0:83:D2:13:54:FA:4E:0B:14:47:8B:59:90:59:C7:06:32:DF X509v3 Authority Key Identifier: keyid:C0:CC:03:46:B9:58:20:CC:5C:72:70:F3:E1:2E:CB:20:A6:F5:68:3A Authority Information Access: OCSP - URI:http://ocsp.stg-int-x1.letsencrypt.org CA Issuers - URI:http://cert.stg-int-x1.letsencrypt.org/ X509v3 Subject Alternative Name: DNS:*.pinkunicorn.wikimedia.org, DNS:pinkunicorn.wikimedia.org X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 Policy: 1.3.6.1.4.1.44947.1.1.1 CPS: http://cps.letsencrypt.org User Notice: Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/ CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 28:76:1A:18:90:27:FB:EF:3C:D0:D6:1A:01:8D:76:B0: 50:57:29:C7:A7:41:1B:CC:BD:F6:04:F4:5D:42:61:53 Timestamp : Oct 31 15:49:47.329 2018 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:1C:94:67:4D:95:AA:99:CA:27:B8:E5:FD: 2E:EA:4D:F8:7F:FE:5F:53:13:A6:5C:47:B1:D6:F9:A7: F3:66:48:77:02:21:00:98:5A:FB:C6:E8:39:05:53:44: 86:33:79:17:FF:99:89:F8:21:B0:FE:75:29:84:5A:63: 5E:2B:69:B7:0C:3D:21 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 16:E8:69:C1:D1:95:EA:D7:C3:F8:97:1A:E3:F0:76:01: F7:8C:E1:B6:9D:31:A8:52:18:B6:83:7F:31:A8:15:08 Timestamp : Oct 31 15:49:47.830 2018 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:99:F7:0C:04:AA:E8:88:DA:8A:66:3C: C6:42:7F:E2:61:C9:61:D2:0E:40:48:C4:5C:0A:AA:AA: C0:9F:04:90:B6:02:20:0C:62:14:2A:CD:B5:87:D6:4F: 1E:FC:E6:08:86:B2:75:ED:7E:0C:8F:05:73:74:C3:2D: 30:02:F2:97:77:E2:E3 Signature Algorithm: sha256WithRSAEncryption 26:e0:5b:f5:a7:d7:35:09:f7:4d:b0:5d:81:73:88:94:b6:a1: 8a:c0:99:98:6f:f6:bb:b9:db:bd:e6:93:ce:9e:0d:0d:dd:df: 55:79:bd:61:ee:6b:b6:69:07:ca:1d:7b:a5:0a:e0:60:83:c7: e8:2d:a8:dc:f3:4e:8e:d1:f3:a9:30:d0:9a:82:47:41:00:c8: 54:f2:5f:6b:24:ed:99:d6:77:35:f5:3a:73:00:f8:f3:22:01: 90:a5:6e:b3:12:43:33:6d:c1:61:2d:8c:a1:c5:40:27:52:47: 3c:8d:b0:a4:2e:0f:72:46:a7:39:1b:05:10:fd:a7:5d:ca:56: d8:76:b5:c8:20:6d:ad:93:cf:01:8e:8d:25:3b:29:21:1c:2c: 06:71:65:98:05:f8:7a:af:01:77:c3:d9:9d:0a:0a:e3:e5:de: ba:c8:95:b4:26:9d:eb:80:e5:de:eb:d5:75:dc:27:3a:88:f1: bc:02:6f:36:7e:37:fa:15:ed:73:61:61:ac:e9:84:8d:55:d8: cf:f4:5c:c3:cf:d9:76:71:7d:24:51:3d:fd:d8:2d:c5:71:fe: b9:88:38:7d:81:e8:2a:07:bb:6e:01:01:9b:41:0c:38:c3:9c: 84:e6:bc:91:ca:1b:17:f4:8b:e8:43:04:6d:bd:fb:df:56:13: 6b:9f:0d:2e
Change 470858 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/dns@master] Revert "wikimedia.org CAA: allow wildcards for LE"
Change 470861 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] Revert "certcentral: Add pinkunicorn-wildcard certificate configuration"
Change 470861 merged by Vgutierrez:
[operations/puppet@production] Revert "certcentral: Add pinkunicorn-wildcard certificate configuration"
Change 470858 merged by Vgutierrez:
[operations/dns@master] Revert "wikimedia.org CAA: allow wildcards for LE"