From b7b4cdf4cb5925c92b41517fa6f19c455073c868 Mon Sep 17 00:00:00 2001 From: Philipp Dallig Date: Tue, 15 Aug 2017 11:29:04 +0200 Subject: [PATCH] sirona-aem - Austausch Zertifikate --- customer/sirona-aem/production.yaml | 153 ++++++++++++++++++++-------- 1 file changed, 113 insertions(+), 40 deletions(-) diff --git a/customer/sirona-aem/production.yaml b/customer/sirona-aem/production.yaml index 621c235e..4fc4f61c 100644 --- a/customer/sirona-aem/production.yaml +++ b/customer/sirona-aem/production.yaml @@ -225,11 +225,11 @@ infra::profile::aem::publish::pp_vhosts: - www.sirona.clinic - sirona.clinic docroot: '/opt/adobe/www/cache/content/clinic_solutions' - cert_servername: 'cerec.com' + cert_servername: 'dentsplysironasupport.com' cert_customer: 'sirona' - ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' - ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' + ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' @@ -552,7 +552,11 @@ infra::profile::aem::publish::pp_vhosts: - www.ledviewplus.com - ledviewplus.com docroot: '/opt/adobe/www/cache/content/ledview' - ssl: false + cert_servername: 'dentsplysironasupport.com' + cert_customer: 'sirona' + ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' @@ -609,6 +613,11 @@ infra::profile::aem::publish::pp_vhosts: - '%%{ich-trickse}{HTTP_HOST} !^www\. [NC]' rewrite_rule: - '^(.*)$ %%{ich-trickse}{REQUEST_SCHEME}://www.%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.ledviewplus.com/%%{ich-trickse}{ENV:language}.html [R=302,L]' @@ -622,7 +631,11 @@ infra::profile::aem::publish::pp_vhosts: - www.integoambidextrous.com - integoambidextrous.com docroot: '/opt/adobe/www/cache/content/intego-turn' - ssl: false + cert_servername: 'dentsplysironasupport.com' + cert_customer: 'sirona' + ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' @@ -673,6 +686,11 @@ infra::profile::aem::publish::pp_vhosts: - '%%{ich-trickse}{HTTP_HOST} !^www\. [NC]' rewrite_rule: - '^(.*)$ %%{ich-trickse}{REQUEST_SCHEME}://www.%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.integoambidextrous.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' @@ -741,7 +759,11 @@ infra::profile::aem::publish::pp_vhosts: - www.instruments-made-in-germany.com - instruments-made-in-germany.com docroot: '/opt/adobe/www/cache/content/madeingermany' - ssl: false + cert_servername: 'dentsplysironasupport.com' + cert_customer: 'sirona' + ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' @@ -780,6 +802,11 @@ infra::profile::aem::publish::pp_vhosts: - '%%{ich-trickse}{HTTP_HOST} !^www\. [NC]' rewrite_rule: - '^(.*)$ %%{ich-trickse}{REQUEST_SCHEME}://www.%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.instruments-made-in-germany.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' @@ -810,7 +837,11 @@ infra::profile::aem::publish::pp_vhosts: serveraliases: - my.cerec.com docroot: '/opt/adobe/www/cache/content/my-cerec' - ssl: false + cert_servername: 'dentsplysironasupport.com' + cert_customer: 'sirona' + ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' @@ -839,20 +870,25 @@ infra::profile::aem::publish::pp_vhosts: options: - +Includes rewrites: + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://my.cerec.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' - comment: 'SIRONAMAIN-359 + SIRONAMAIN-1090' rewrite_rule: - - '^/Patientenmarketing$ http://my.cerec.com/de-de/patientenmarketing.html [R=301,L]' - - '^/de-de/service/tutorials.html http://my.cerec.com/de-de/tutorials.html [R=301,L]' - - '^/de-de/service/ausbildung.html http://my.cerec.com/de-de/ausbildung.html [R=301,L]' - - '^/de-de/service/patientenmarketing.html http://my.cerec.com/de-de/patientenmarketing.html [R=301,L]' - - '^/de-de/service/cerec-newsletter.html http://my.cerec.com/de-de/cerec-newsletter.html [R=301,L]' - - '^/de-de/service/hotlines.html http://my.cerec.com/de-de/hotlines.html [R=301,L]' - - '^/de-de/service/abrechnung.html http://my.cerec.com/de-de/abrechnung.html [R=301,L]' - - '^/de-de/service/cerec-club.html http://my.cerec.com/de-de/cerec-club.html [R=301,L]' - - '^/de-de/service.html http://my.cerec.com/de-de.html [R=301,L]' + - '^/Patientenmarketing$ %%{ich-trickse}{REQUEST_SCHEME}://my.cerec.com/de-de/patientenmarketing.html [R=301,L]' + - '^/de-de/service/tutorials.html %%{ich-trickse}{REQUEST_SCHEME}://my.cerec.com/de-de/tutorials.html [R=301,L]' + - '^/de-de/service/ausbildung.html %%{ich-trickse}{REQUEST_SCHEME}://my.cerec.com/de-de/ausbildung.html [R=301,L]' + - '^/de-de/service/patientenmarketing.html %%{ich-trickse}{REQUEST_SCHEME}://my.cerec.com/de-de/patientenmarketing.html [R=301,L]' + - '^/de-de/service/cerec-newsletter.html %%{ich-trickse}{REQUEST_SCHEME}://my.cerec.com/de-de/cerec-newsletter.html [R=301,L]' + - '^/de-de/service/hotlines.html %%{ich-trickse}{REQUEST_SCHEME}://my.cerec.com/de-de/hotlines.html [R=301,L]' + - '^/de-de/service/abrechnung.html %%{ich-trickse}{REQUEST_SCHEME}://my.cerec.com/de-de/abrechnung.html [R=301,L]' + - '^/de-de/service/cerec-club.html %%{ich-trickse}{REQUEST_SCHEME}://my.cerec.com/de-de/cerec-club.html [R=301,L]' + - '^/de-de/service.html %%{ich-trickse}{REQUEST_SCHEME}://my.cerec.com/de-de.html [R=301,L]' - comment: 'SIRONAMAIN-1126 Move en-gb to en' rewrite_rule: - '^/en-gb/(.*)$ %%{ich-trickse}{REQUEST_SCHEME}://my.cerec.com/en/$1 [R=301,L]' @@ -866,7 +902,11 @@ infra::profile::aem::publish::pp_vhosts: serveraliases: - info.my-inlab.com docroot: '/opt/adobe/www/cache/content/myinlab' - ssl: false + cert_servername: 'dentsplysironasupport.com' + cert_customer: 'sirona' + ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' @@ -918,6 +958,11 @@ infra::profile::aem::publish::pp_vhosts: - { error_code: 404 , document: "/de-de/error-pages/404.html" } - { error_code: 500 , document: "/de-de/error-pages/500.html" } rewrites: + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://info.my-inlab.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' @@ -927,7 +972,11 @@ infra::profile::aem::publish::pp_vhosts: - www.profiledentalimplants.com - profiledentalimplants.com docroot: '/opt/adobe/www/cache/content/profiles' - ssl: false + cert_servername: 'dentsplysironasupport.com' + cert_customer: 'sirona' + ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' @@ -967,6 +1016,11 @@ infra::profile::aem::publish::pp_vhosts: - '%%{ich-trickse}{HTTP_HOST} !^www\. [NC]' rewrite_rule: - '^(.*)$ %%{ich-trickse}{REQUEST_SCHEME}://www.%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.profiledentalimplants.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' @@ -995,11 +1049,11 @@ infra::profile::aem::publish::pp_vhosts: serveraliases: - www.exzellenzgruender.de - exzellenzgruender.de - cert_servername: 'cerec.com' + cert_servername: 'dentsplysironasupport.com' cert_customer: 'sirona' - ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' - ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' + ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' rewrites: - comment: 'Migration to flagship site' rewrite_rule: @@ -1017,11 +1071,7 @@ infra::profile::aem::publish::pp_vhosts: serveraliases: - www.see-more-with-sirona.com - see-more-with-sirona.com - cert_servername: 'cerec.com' - cert_customer: 'sirona' - ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' - ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' + ssl: false rewrites: - comment: 'Migration to flagship site' rewrite_rule: @@ -1083,11 +1133,7 @@ infra::profile::aem::publish::pp_vhosts: serveraliases: - www.cerec.com - cerec.com - cert_servername: 'cerec.com' - cert_customer: 'sirona' - ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' - ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' + ssl: false setenvifnocase: - 'Accept-Language ^.*$ language=de-de' rewrites: @@ -1269,7 +1315,11 @@ infra::profile::aem::publish::pp_vhosts: - www.3dsummit.com - 3dsummit.com docroot: '/opt/adobe/www/cache/content/events/3d-summit' - ssl: false + cert_servername: 'dentsplysironasupport.com' + cert_customer: 'sirona' + ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' docroot_owner: apache setenvifnocase: - 'Accept-Language ^.*$ language=en-us' @@ -1296,6 +1346,11 @@ infra::profile::aem::publish::pp_vhosts: - '%%{ich-trickse}{HTTP_HOST} !^www\. [NC]' rewrite_rule: - '^(.*)$ %%{ich-trickse}{REQUEST_SCHEME}://www.%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.3dsummit.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' @@ -1305,7 +1360,11 @@ infra::profile::aem::publish::pp_vhosts: - www.digitaldiscoverysummit.com - digitaldiscoverysummit.com docroot: '/opt/adobe/www/cache/content/events/digital-discovery-summit' - ssl: false + cert_servername: 'dentsplysironasupport.com' + cert_customer: 'sirona' + ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' docroot_owner: apache setenvifnocase: - 'Accept-Language ^.*$ language=en-us' @@ -1332,6 +1391,11 @@ infra::profile::aem::publish::pp_vhosts: - '%%{ich-trickse}{HTTP_HOST} !^www\. [NC]' rewrite_rule: - '^(.*)$ %%{ich-trickse}{REQUEST_SCHEME}://www.%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.digitaldiscoverysummit.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' @@ -1398,11 +1462,11 @@ infra::profile::aem::publish::pp_vhosts: serveraliases: - www.danke-m1-hallo-zukunft.de - danke-m1-hallo-zukunft.de - cert_servername: 'cerec.com' + cert_servername: 'dentsplysironasupport.com' cert_customer: 'sirona' - ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' - ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' + ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' rewrites: - comment: 'Rewrite to Flagship-Site' rewrite_rule: @@ -1739,7 +1803,11 @@ infra::profile::aem::publish::pp_vhosts: - www.dentsplysironasupport.com - dentsplysironasupport.com docroot: '/opt/adobe/www/cache/content/dentsplysironasupport' - ssl: false + cert_servername: 'dentsplysironasupport.com' + cert_customer: 'sirona' + ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' docroot_owner: apache setenvif: - 'Origin "http(s)?://(www\.)?(sirona-cerec-test.azurewebsites.net|sirona-cerec-stage.azurewebsites.net|cerec.com|sirona-cerec-de.local:3000)$" AccessControlAllowOrigin=$0$1' @@ -1783,6 +1851,11 @@ infra::profile::aem::publish::pp_vhosts: - '%%{ich-trickse}{HTTP_HOST} !^www\. [NC]' rewrite_rule: - '^(.*)$ %%{ich-trickse}{REQUEST_SCHEME}://www.%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' + - comment: 'http to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on' + rewrite_rule: + - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://%%{ich-trickse}{HTTP_HOST}/%%{ich-trickse}{ENV:language}.html [R=301,L]' -- 2.39.5