Page MenuHomePhabricator

Stop using letsencrypt::cert::integrated
Open, MediumPublic

Description

In T120225 it was discovered that letsencrypt::cert::integrated was still in use, but its got a script that only works with ACME v1, so with LE we can no longer make new accounts with it (since November) and it'll stop being able to renew certificates in about a year. It looks like we need to make some changes to the prod mailservers, toolforge mailservers, and toolserver_legacy.

Event Timeline

Krenair created this task.May 8 2020, 1:07 PM
Restricted Application edited projects, added cloud-services-team (Kanban); removed cloud-services-team. · View Herald TranscriptMay 8 2020, 1:07 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript

actually looks like profile::mail::smarthost only gets used in labs

Krenair added a comment.EditedMay 8 2020, 1:11 PM

Looks like we don't have acme-chief setup in toolsbeta or cloudinfra, or toolserver-legacy

Andrew triaged this task as Medium priority.May 19 2020, 4:11 PM
Andrew changed the status of subtask T252721: cloud-vps solution for Let's Encrypt from Open to Stalled.May 26 2020, 5:26 PM
Paladox added a subscriber: Paladox.Jun 5 2020, 4:08 PM
Dzahn added a subscriber: Dzahn.Jun 5 2020, 4:09 PM