From: Andreas Gerstenberg <gerstenberg@pixelpark.com>
Date: Mon, 12 Feb 2018 11:36:48 +0000 (+0100)
Subject: spk-blog update web-client certs
X-Git-Tag: v0.1.0~1662
X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=cf228cf0548a9534fc9f8ee2ac1e9cd8bcf21efb;p=pixelpark%2Fhiera.git

spk-blog update web-client certs
---

diff --git a/customer/spk-blog/insideforum-spk-de.pixelpark.net.yaml b/customer/spk-blog/insideforum-spk-de.pixelpark.net.yaml
index ac73ae69..280fea27 100644
--- a/customer/spk-blog/insideforum-spk-de.pixelpark.net.yaml
+++ b/customer/spk-blog/insideforum-spk-de.pixelpark.net.yaml
@@ -51,18 +51,19 @@ infra::profile::wordpress::projects:
     ssl_cert: '/etc/pki/tls/certs/sparkasseblog.de-cert.pem'
     ssl_key: '/etc/pki/tls/private/sparkasseblog.de-key.pem'
     ssl_chain: '/etc/pki/tls/certs/sparkasseblog.de-cert.pem'
-#    ssl_verify_client: optional
-#    ssl_crl: '/etc/pki/tls/certs/d-trust_ca_2-1_2015.crl'
-#    ssl_ca: '/etc/pki/tls/certs/spk-root-ca.pem'
+    ssl_verify_client: optional
+    ssl_crl: '/etc/pki/tls/certs/d-trust_ca_2-1_2015.crl'
+    ssl_ca: '/etc/pki/tls/certs/D-TRUST_CA_2-1_2015.pem'
 
     directories:
     setenvif:
       - "HTTPS on HTTPS=on"
 
-#infra::profile::cron::cronjobs:
-#  fetchcrl:
-#    user: root
-#    command: 'wget ... && systemctl reload httpd'
-#    minute: 0
-#    hour: 5
-#    description: um 05:00 Uhr wird die Revocationlist geholt. somit muss der Webserver reloaded werden
\ No newline at end of file
+infra::profile::cron::cronjobs:
+  fetchcrl:
+    ensure: 'present'
+    user: root
+    command: 'wget -q --output-document=/etc/pki/tls/certs/d-trust_ca_2-1_2015.crl http://crl.d-trust.net/crl/d-trust_ca_2-1_2015.crl && systemctl reload httpd'
+    minute: 0
+    hour: 5
+    description: um 05:00 Uhr wird die Revocationlist geholt. somit muss der Webserver reloaded werden
\ No newline at end of file