From: Oliver Böttcher Date: Wed, 21 Feb 2018 16:39:12 +0000 (+0100) Subject: INT-ODT - new host X-Git-Tag: v0.1.0~1557^2~3 X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=e11ec2e834f536195e3c85e79186993d41e1eb50;p=pixelpark%2Fhiera.git INT-ODT - new host --- diff --git a/customer/mbvd-odt/int-tmp-odt-daimler-com.pixelpark.net.yaml b/customer/mbvd-odt/int-tmp-odt-daimler-com.pixelpark.net.yaml index 6c661294..efd29bdc 100644 --- a/customer/mbvd-odt/int-tmp-odt-daimler-com.pixelpark.net.yaml +++ b/customer/mbvd-odt/int-tmp-odt-daimler-com.pixelpark.net.yaml @@ -22,12 +22,12 @@ infra::profile::apache::pp_vhosts: ssl: true cert_servername: 'wildcard.pixelpark.net' cert_customer: 'pixelpark' - ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' - ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' - ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + ssl_cert: '/etc/ssl/certs/wildcard.pixelpark.net-cert.pem' + ssl_key: '/etc/ssl/private/wildcard.pixelpark.net-key.pem' + ssl_chain: '/etc/ssl/certs/wildcard.pixelpark.net-cert.pem' ssl_verify_client: require - ssl_crl: '/etc/pki/tls/certs/odt-cacrl.pem' - ssl_ca: '/etc/pki/tls/certs/odt-root-ca.pem' + ssl_crl: '/etc/ssl/certs/odt-cacrl.pem' + ssl_ca: '/etc/ssl/certs/odt-root-ca.pem' rewrites_non_ssl: - https: comment: 'almost all to https' @@ -89,7 +89,7 @@ infra::profile::apache::pp_vhosts: infra::profile::cron::cronjobs: fetchcrl: user: root - command: 'scp httpd@odt-tinyca:/www/htdocs/odt-tinyca.pixelpark.net/data/phpki-store/CA/crl/cacrl.pem /etc/pki/tls/certs/odt-cacrl.pem && systemctl reload httpd' + command: 'scp httpd@odt-tinyca:/www/htdocs/odt-tinyca.pixelpark.net/data/phpki-store/CA/crl/cacrl.pem /etc/ssl/certs/odt-cacrl.pem && systemctl reload httpd' minute: 0 hour: 5 description: um 05:00 Uhr wird die Revocationlist vom User openemm geholt. somit muss der Webserver restarted werden