In T120225 it was discovered that letsencrypt::cert::integrated was still in use, but its got a script that only works with ACME v1, so with LE we can no longer make new accounts with it (since November) and it'll stop being able to renew certificates in about a year. It looks like we need to make some changes to the WMCS mailservers, maybe toolforge mailservers, and toolserver_legacy.
Description
Description
Details
Details
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Resolved | Andrew | T252199 Stop using letsencrypt::cert::integrated | |||
Resolved | Krenair | T252721 cloud-vps solution for Let's Encrypt | |||
Resolved | Krenair | T252732 Create a service account to manage testlabs DNS | |||
Resolved | Andrew | T260834 Stop using letsencrypt::cert::integrated on mx-out*.cloudinfra | |||
Resolved | bd808 | T260835 Stop using letsencrypt::cert::integrated on toolserver-legacy |
Event Timeline
Comment Actions
Looks like we don't have acme-chief setup in toolsbeta or cloudinfra, or toolserver-legacy
Comment Actions
Change 655761 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[operations/puppet@production] tlsproxy::localssl: Remove support for the acme_subjects param
Comment Actions
Change 655762 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[operations/puppet@production] Remove the 'letsencrypt' module
Comment Actions
Change 655761 merged by Andrew Bogott:
[operations/puppet@production] tlsproxy::localssl: Remove support for the acme_subjects param
Comment Actions
Change 655762 merged by Andrew Bogott:
[operations/puppet@production] Remove the 'letsencrypt' module