SHA1 certificates still existing in our repo (as of 2015-05-29):
Intermediary SHA1 certificates (some of these will cease use when SHA1 certs are replaced, some won't, need to note which):
- - (*.planet.wikimedia.org uses this) DigiCertHighAssuranceCA-3.crt
- - RapidSSL_CA.crt - all rapidssl certs in sha256 appear to use RapidSSL_SHA256_CA_-_G3.crt. Once all sha1 rapidssl are replaced, this can be removed from the repo
Completed:
- - civicrm T104378 (reissue complete, pending service implementation)
- - frdata T104378 (reissue complete, pending service implementation)
- - fundraising T104378 (reissue complete, pending service implementation)
- - payments-listener T104378 (reissue complete, pending service implementation)
- - RapidSSL_CA_2 - all rapidssl certs in sha256 appear to use RapidSSL_SHA256_CA_-_G3.crt. Once all sha1 rapidssl are replaced, this can be removed from the repo (this was gone before robh could get to it)
- - ldap-mirror.wikimedia.org.crt T105187
- - star.planet.wikimedia.org.crt
- - ganglia.wikimedia.org.crt T100825
- - git.wikimedia.org.crt T100827
- - icinga.wikimedia.org.crt T100830
- - librenms.wikimedia.org.crt T100831
- - lists.wikimedia.org.crt T100832
- - svn.wikimedia.org.crt - expired
- - tendril.wikimedia.org.crt T100835
- - ticket.wikimedia.org.crt T91504 T104634
- - star.wmflabs.crt : T104017
- - star.wmflabs.org.crt : T104017
- - wikitech.wikimedia.org.crt T92709