This task will track the updating of the already renewed/purcahsed *.wmflabs.org certificate/key.
The new certificate will be staged on gerrit via a patchset linked here.
The new private key is already merged live on the private puppet repo with the name new.star.wmflabs.org.key. When it is time to push the new certificate live, the contents of new.star.wmflabs.org.key should be moved into star.wmflabs.org.key and the new.wmflabs.org.key removed.
As this requires coordination with the cloud services team, this task was generated to hand off to them.
Public certificate file location: https://gerrit.wikimedia.org/r/547680
Private keyfile location: private repo, named new.star.wmflabs.org.key.