diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2016-02-27 00:45:50 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2016-03-02 21:38:37 +0100 |
commit | ed8cf1de7e87ff6496db46f17fb4bcfc90ccf48f (patch) | |
tree | 9bca7dd3fc058ca0470ceefe742d2ae19df94a3e | |
parent | 4a3f204a3d285a377161efb2dbeec73d329e6d1a (diff) |
Let's Encrypt
21 files changed, 463 insertions, 78 deletions
diff --git a/certs/public/fripost.org.pem b/certs/public/fripost.org.pem index 6138e4d..c1b6105 100644 --- a/certs/public/fripost.org.pem +++ b/certs/public/fripost.org.pem @@ -33,3 +33,30 @@ vBjnJRKA/90/5U6VMHUiBkor4hMwzfuUCZdgNKvVeGhDWVUr0OLOnW+b8MnmLz87 LvxR5DgqyxlKqq6CqsGzzLs6qdFqAiZjB7cF2s7e/Wi3nVDFr8Qb1TlxdlkQ15ka xbvhxUD0YHOsO+hGiwbo6gAeFrzP3uxTTzhrtHnZgOVZ -----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqDCCA5CgAwIBAgIRAJgT9HUT5XULQ+dDHpceRL0wDQYJKoZIhvcNAQELBQAw +PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD +Ew5EU1QgUm9vdCBDQSBYMzAeFw0xNTEwMTkyMjMzMzZaFw0yMDEwMTkyMjMzMzZa +MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAJzTDPBa5S5Ht3JdN4OzaGMw6tc1Jhkl4b2+NfFwki+3uEtB +BaupnjUIWOyxKsRohwuj43Xk5vOnYnG6eYFgH9eRmp/z0HhncchpDpWRz/7mmelg +PEjMfspNdxIknUcbWuu57B43ABycrHunBerOSuu9QeU2mLnL/W08lmjfIypCkAyG +dGfIf6WauFJhFBM/ZemCh8vb+g5W9oaJ84U/l4avsNwa72sNlRZ9xCugZbKZBDZ1 +gGusSvMbkEl4L6KWTyogJSkExnTA0DHNjzE4lRa6qDO4Q/GxH8Mwf6J5MRM9LTb4 +4/zyM2q5OTHFr8SNDR1kFjOq+oQpttQLwNh9w5MCAwEAAaOCAZIwggGOMBIGA1Ud +EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMH8GCCsGAQUFBwEBBHMwcTAy +BggrBgEFBQcwAYYmaHR0cDovL2lzcmcudHJ1c3RpZC5vY3NwLmlkZW50cnVzdC5j +b20wOwYIKwYBBQUHMAKGL2h0dHA6Ly9hcHBzLmlkZW50cnVzdC5jb20vcm9vdHMv +ZHN0cm9vdGNheDMucDdjMB8GA1UdIwQYMBaAFMSnsaR7LHH62+FLkHX/xBVghYkQ +MFQGA1UdIARNMEswCAYGZ4EMAQIBMD8GCysGAQQBgt8TAQEBMDAwLgYIKwYBBQUH +AgEWImh0dHA6Ly9jcHMucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcwPAYDVR0fBDUw +MzAxoC+gLYYraHR0cDovL2NybC5pZGVudHJ1c3QuY29tL0RTVFJPT1RDQVgzQ1JM +LmNybDATBgNVHR4EDDAKoQgwBoIELm1pbDAdBgNVHQ4EFgQUqEpqYwR93brm0Tm3 +pkVl7/Oo7KEwDQYJKoZIhvcNAQELBQADggEBANHIIkus7+MJiZZQsY14cCoBG1hd +v0J20/FyWo5ppnfjL78S2k4s2GLRJ7iD9ZDKErndvbNFGcsW+9kKK/TnY21hp4Dd +ITv8S9ZYQ7oaoqs7HwhEMY9sibED4aXw09xrJZTC9zK1uIfW6t5dHQjuOWv+HHoW +ZnupyxpsEUlEaFb+/SCI4KCSBdAsYxAcsHYI5xxEI4LutHp6s3OT2FuO90WfdsIk +6q78OMSdn875bNjdBYAqxUp2/LEIHfDBkLoQz0hFJmwAbYahqKaLn73PAAm1X2kj +f1w8DdnkabOLGeOVcj9LQ+s67vBykx4anTjURkbqZslUEUsn2k5xeua2zUk= +-----END CERTIFICATE----- diff --git a/certs/public/git.fripost.org.pem b/certs/public/git.fripost.org.pem index 65fd6f3..1810c03 100644 --- a/certs/public/git.fripost.org.pem +++ b/certs/public/git.fripost.org.pem @@ -33,3 +33,30 @@ lPztlpkJsZCGa5lplpi6EvS6wzFkZuWQYHaxqb9L0dN9SVu4YwshEBoKdUMIxSeM hD6Dq0ebWLYRWg2AHHnF1xtbfUqQLw1kqbdgcl3vcsoDPt5nDkStMIVcd20nR1W6 KGZ8K+jB -----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqDCCA5CgAwIBAgIRAJgT9HUT5XULQ+dDHpceRL0wDQYJKoZIhvcNAQELBQAw +PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD +Ew5EU1QgUm9vdCBDQSBYMzAeFw0xNTEwMTkyMjMzMzZaFw0yMDEwMTkyMjMzMzZa +MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAJzTDPBa5S5Ht3JdN4OzaGMw6tc1Jhkl4b2+NfFwki+3uEtB +BaupnjUIWOyxKsRohwuj43Xk5vOnYnG6eYFgH9eRmp/z0HhncchpDpWRz/7mmelg +PEjMfspNdxIknUcbWuu57B43ABycrHunBerOSuu9QeU2mLnL/W08lmjfIypCkAyG +dGfIf6WauFJhFBM/ZemCh8vb+g5W9oaJ84U/l4avsNwa72sNlRZ9xCugZbKZBDZ1 +gGusSvMbkEl4L6KWTyogJSkExnTA0DHNjzE4lRa6qDO4Q/GxH8Mwf6J5MRM9LTb4 +4/zyM2q5OTHFr8SNDR1kFjOq+oQpttQLwNh9w5MCAwEAAaOCAZIwggGOMBIGA1Ud +EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMH8GCCsGAQUFBwEBBHMwcTAy +BggrBgEFBQcwAYYmaHR0cDovL2lzcmcudHJ1c3RpZC5vY3NwLmlkZW50cnVzdC5j +b20wOwYIKwYBBQUHMAKGL2h0dHA6Ly9hcHBzLmlkZW50cnVzdC5jb20vcm9vdHMv +ZHN0cm9vdGNheDMucDdjMB8GA1UdIwQYMBaAFMSnsaR7LHH62+FLkHX/xBVghYkQ +MFQGA1UdIARNMEswCAYGZ4EMAQIBMD8GCysGAQQBgt8TAQEBMDAwLgYIKwYBBQUH +AgEWImh0dHA6Ly9jcHMucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcwPAYDVR0fBDUw +MzAxoC+gLYYraHR0cDovL2NybC5pZGVudHJ1c3QuY29tL0RTVFJPT1RDQVgzQ1JM +LmNybDATBgNVHR4EDDAKoQgwBoIELm1pbDAdBgNVHQ4EFgQUqEpqYwR93brm0Tm3 +pkVl7/Oo7KEwDQYJKoZIhvcNAQELBQADggEBANHIIkus7+MJiZZQsY14cCoBG1hd +v0J20/FyWo5ppnfjL78S2k4s2GLRJ7iD9ZDKErndvbNFGcsW+9kKK/TnY21hp4Dd +ITv8S9ZYQ7oaoqs7HwhEMY9sibED4aXw09xrJZTC9zK1uIfW6t5dHQjuOWv+HHoW +ZnupyxpsEUlEaFb+/SCI4KCSBdAsYxAcsHYI5xxEI4LutHp6s3OT2FuO90WfdsIk +6q78OMSdn875bNjdBYAqxUp2/LEIHfDBkLoQz0hFJmwAbYahqKaLn73PAAm1X2kj +f1w8DdnkabOLGeOVcj9LQ+s67vBykx4anTjURkbqZslUEUsn2k5xeua2zUk= +-----END CERTIFICATE----- diff --git a/certs/public/imap.fripost.org.pem b/certs/public/imap.fripost.org.pem index 1896b4a..603cf73 100644 --- a/certs/public/imap.fripost.org.pem +++ b/certs/public/imap.fripost.org.pem @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE----- -MIIGFzCCBP+gAwIBAgISAeKF61Exi1Bd4jXjTumceSXeMA0GCSqGSIb3DQEBCwUA +MIIGFzCCBP+gAwIBAgISAcDSL09mzRBuF3NdTVKwGu4EMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD -ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNTEyMDgxOTU5MDBaFw0x -NjAzMDcxOTU5MDBaMBsxGTAXBgNVBAMTEGltYXAuZnJpcG9zdC5vcmcwggIiMA0G +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNjAyMjYyMjAzMDBaFw0x +NjA1MjYyMjAzMDBaMBsxGTAXBgNVBAMTEGltYXAuZnJpcG9zdC5vcmcwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDZaLXYYngW1ioTzfNRtmUeFh9Kopdi 1qfcpRdPwTndRJRfWNC8eA66gDsypYAHc2TlKW86H5ktSpl4ZxmeXTPvK1Ajfe5u MkOwIHrjHCqKtXXYq4VX0bPCBNSAtT6X1/unBebEoMl/SX6R6m78lEc2020bW7vT @@ -26,10 +26,37 @@ Y3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5 IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5 IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5k IGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3 -DQEBCwUAA4IBAQAS2kt6KFeNkudjNucQcxQv9qx2skPil5Sh1YqeJF76tkVH0nno -0JofNwz97Kzn73VKYCBMiL7VsbK2mOskfl2kl+G9vlY+S5ElQM0zZQMT6XgDKJs7 -a2hVADdca4GAldu9KGjHxiERX6I2tfZ59CH3/OXpHbhT+IE8HqOLpT7Dsl9n6IKA -QlCuDIjEYSPq6f+ob7asivKNZJIUIWpzzEjudRCbEvijS6Nae4O79sS0UUpqqPws -17iXYORZJ+hvPglCZK6z9zinZaTPoAHE2UhaJN7fqPF3opvmjiSZkDFFFvA41lkt -gLrdsIE8QxR3riA2fBtMjuEdUmcc5HUNRVW/ +DQEBCwUAA4IBAQBQ6y1VDo4ALoEB7Y84SwzoiREWuoaNzDYSdg2iFZY0aUNhzfxl +kYOzbgNbD3NAMlc81qgSQxASIYa+8JEU0RW18gJnT4gEIUxIAstSTMffwONW7lod +RkQO+qGrKep8ws9as2H2xyn7fCxEjLnvIgPF9MpmlUKcXoSBi79PMmLL0KTQ+P/p +G3be0Me8nxP2chAKWR+7uCISz9Xl0rmxp91eAbo8yhgT0BCza3jWK34Of1ee6YQI +pDZnGgKcki2SOJura6VWPn/iH/zjf9nYKzhBQGW+Ocnax7jDaZWx/hfDboaf5OIg +tOziZt0yVPXDUBkSUc6UvNs9gNqIPMczOMym +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqDCCA5CgAwIBAgIRAJgT9HUT5XULQ+dDHpceRL0wDQYJKoZIhvcNAQELBQAw +PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD +Ew5EU1QgUm9vdCBDQSBYMzAeFw0xNTEwMTkyMjMzMzZaFw0yMDEwMTkyMjMzMzZa +MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAJzTDPBa5S5Ht3JdN4OzaGMw6tc1Jhkl4b2+NfFwki+3uEtB +BaupnjUIWOyxKsRohwuj43Xk5vOnYnG6eYFgH9eRmp/z0HhncchpDpWRz/7mmelg +PEjMfspNdxIknUcbWuu57B43ABycrHunBerOSuu9QeU2mLnL/W08lmjfIypCkAyG +dGfIf6WauFJhFBM/ZemCh8vb+g5W9oaJ84U/l4avsNwa72sNlRZ9xCugZbKZBDZ1 +gGusSvMbkEl4L6KWTyogJSkExnTA0DHNjzE4lRa6qDO4Q/GxH8Mwf6J5MRM9LTb4 +4/zyM2q5OTHFr8SNDR1kFjOq+oQpttQLwNh9w5MCAwEAAaOCAZIwggGOMBIGA1Ud +EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMH8GCCsGAQUFBwEBBHMwcTAy +BggrBgEFBQcwAYYmaHR0cDovL2lzcmcudHJ1c3RpZC5vY3NwLmlkZW50cnVzdC5j +b20wOwYIKwYBBQUHMAKGL2h0dHA6Ly9hcHBzLmlkZW50cnVzdC5jb20vcm9vdHMv +ZHN0cm9vdGNheDMucDdjMB8GA1UdIwQYMBaAFMSnsaR7LHH62+FLkHX/xBVghYkQ +MFQGA1UdIARNMEswCAYGZ4EMAQIBMD8GCysGAQQBgt8TAQEBMDAwLgYIKwYBBQUH +AgEWImh0dHA6Ly9jcHMucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcwPAYDVR0fBDUw +MzAxoC+gLYYraHR0cDovL2NybC5pZGVudHJ1c3QuY29tL0RTVFJPT1RDQVgzQ1JM +LmNybDATBgNVHR4EDDAKoQgwBoIELm1pbDAdBgNVHQ4EFgQUqEpqYwR93brm0Tm3 +pkVl7/Oo7KEwDQYJKoZIhvcNAQELBQADggEBANHIIkus7+MJiZZQsY14cCoBG1hd +v0J20/FyWo5ppnfjL78S2k4s2GLRJ7iD9ZDKErndvbNFGcsW+9kKK/TnY21hp4Dd +ITv8S9ZYQ7oaoqs7HwhEMY9sibED4aXw09xrJZTC9zK1uIfW6t5dHQjuOWv+HHoW +ZnupyxpsEUlEaFb+/SCI4KCSBdAsYxAcsHYI5xxEI4LutHp6s3OT2FuO90WfdsIk +6q78OMSdn875bNjdBYAqxUp2/LEIHfDBkLoQz0hFJmwAbYahqKaLn73PAAm1X2kj +f1w8DdnkabOLGeOVcj9LQ+s67vBykx4anTjURkbqZslUEUsn2k5xeua2zUk= -----END CERTIFICATE----- diff --git a/certs/public/lists.fripost.org.pem b/certs/public/lists.fripost.org.pem index 7e04b9a..3c5eca8 100644 --- a/certs/public/lists.fripost.org.pem +++ b/certs/public/lists.fripost.org.pem @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE----- -MIIGBjCCBO6gAwIBAgISAUJ3fVQbiEbMMnke9mXi7hwwMA0GCSqGSIb3DQEBCwUA +MIIGBjCCBO6gAwIBAgISAdoeEJLDqjBmbnNMHs/Rk0iNMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD -ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNTEyMDgxODEzMDBaFw0x -NjAzMDcxODEzMDBaMBwxGjAYBgNVBAMTEWxpc3RzLmZyaXBvc3Qub3JnMIICIjAN +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNjAyMjYyMjI0MDBaFw0x +NjA1MjYyMjI0MDBaMBwxGjAYBgNVBAMTEWxpc3RzLmZyaXBvc3Qub3JnMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxy2uS+XBKPzAqj72knb7BOxowvWc vtXzCWtU0QBxkcjwPIuXT5tO3/VWOTV3TZZD4rLX1W9hHk+YB7sC+a9SG8FnNnp6 L02NIfZf+PmI2FSimA+8E9aA5tmh1zYs4vyT3cre4TUceOfmqa7umsmkRA7pMNzo @@ -25,11 +25,38 @@ MCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYB BQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1 cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdp dGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNl -bmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAB2LfUsTB -hLYAAsRpsHiGvJunfsiFUA4lWWAXD4fQ2LND60uv3yK7H+EKJRCZmkgTty5tIOHe -C9Yb8oyjE6g9Irg7viPgab+Ago+ILi+TbP2VwjKO1ggmvpLmFLxA7hGG6e8MOJx2 -9TufciFTouIKUznmWGNXVPEOMvDjrZYrzngaYP9LC1jHa94hyAGBOCSeLGotzdPo -RLzvROggglmWo8gLG6qjJD5m4QSaUG90OMyd6WUftEd+6iUb/vc6/1QjHnxyozEQ -sQovX2l5LL9HKPvoQzZbvxdPt7fzufI152izY3A9UfMfgb56XoD6NP9MHt9HlX0C -aNpaKPrfsIApHg== +bmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAKOH6lEPz +s1+VZJvtH2EQlUOReTBqABaSQWozhhzZa0VnYbP6o6ZPTuPdM1QxmZxx5o514iQc +I5pmC0NXi7LlZaeebhO72MM0KUgZYhKqgdpWNYYlSEHb4HmdLMKFfNr1f11JsgUF +tluX9RKTUDrlOSVnVQGylDO1ipx/1FQcR1nWWYG6vIz0aCSaFAogIPi04o4u58Kc +o1nVroyY7APd/ac/qwR7fr/4WmN6VzPH00e6c0i9sU2Ndgy7n686BEtF1utAShqX +DXqaJUzHyL7HqV9VSZCh+UYgDm7OOKzgGMelhcj3x6FMjXSduBCp7M5iUmAUuZuO +M7IKcUm7RqayAA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqDCCA5CgAwIBAgIRAJgT9HUT5XULQ+dDHpceRL0wDQYJKoZIhvcNAQELBQAw +PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD +Ew5EU1QgUm9vdCBDQSBYMzAeFw0xNTEwMTkyMjMzMzZaFw0yMDEwMTkyMjMzMzZa +MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAJzTDPBa5S5Ht3JdN4OzaGMw6tc1Jhkl4b2+NfFwki+3uEtB +BaupnjUIWOyxKsRohwuj43Xk5vOnYnG6eYFgH9eRmp/z0HhncchpDpWRz/7mmelg +PEjMfspNdxIknUcbWuu57B43ABycrHunBerOSuu9QeU2mLnL/W08lmjfIypCkAyG +dGfIf6WauFJhFBM/ZemCh8vb+g5W9oaJ84U/l4avsNwa72sNlRZ9xCugZbKZBDZ1 +gGusSvMbkEl4L6KWTyogJSkExnTA0DHNjzE4lRa6qDO4Q/GxH8Mwf6J5MRM9LTb4 +4/zyM2q5OTHFr8SNDR1kFjOq+oQpttQLwNh9w5MCAwEAAaOCAZIwggGOMBIGA1Ud +EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMH8GCCsGAQUFBwEBBHMwcTAy +BggrBgEFBQcwAYYmaHR0cDovL2lzcmcudHJ1c3RpZC5vY3NwLmlkZW50cnVzdC5j +b20wOwYIKwYBBQUHMAKGL2h0dHA6Ly9hcHBzLmlkZW50cnVzdC5jb20vcm9vdHMv +ZHN0cm9vdGNheDMucDdjMB8GA1UdIwQYMBaAFMSnsaR7LHH62+FLkHX/xBVghYkQ +MFQGA1UdIARNMEswCAYGZ4EMAQIBMD8GCysGAQQBgt8TAQEBMDAwLgYIKwYBBQUH +AgEWImh0dHA6Ly9jcHMucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcwPAYDVR0fBDUw +MzAxoC+gLYYraHR0cDovL2NybC5pZGVudHJ1c3QuY29tL0RTVFJPT1RDQVgzQ1JM +LmNybDATBgNVHR4EDDAKoQgwBoIELm1pbDAdBgNVHQ4EFgQUqEpqYwR93brm0Tm3 +pkVl7/Oo7KEwDQYJKoZIhvcNAQELBQADggEBANHIIkus7+MJiZZQsY14cCoBG1hd +v0J20/FyWo5ppnfjL78S2k4s2GLRJ7iD9ZDKErndvbNFGcsW+9kKK/TnY21hp4Dd +ITv8S9ZYQ7oaoqs7HwhEMY9sibED4aXw09xrJZTC9zK1uIfW6t5dHQjuOWv+HHoW +ZnupyxpsEUlEaFb+/SCI4KCSBdAsYxAcsHYI5xxEI4LutHp6s3OT2FuO90WfdsIk +6q78OMSdn875bNjdBYAqxUp2/LEIHfDBkLoQz0hFJmwAbYahqKaLn73PAAm1X2kj +f1w8DdnkabOLGeOVcj9LQ+s67vBykx4anTjURkbqZslUEUsn2k5xeua2zUk= -----END CERTIFICATE----- diff --git a/certs/public/mail.fripost.org.pem b/certs/public/mail.fripost.org.pem index 8d64f50..8db6fdb 100644 --- a/certs/public/mail.fripost.org.pem +++ b/certs/public/mail.fripost.org.pem @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE----- -MIIGGTCCBQGgAwIBAgISAc9Od/F2ZI9NBTwVRRs9P5QGMA0GCSqGSIb3DQEBCwUA +MIIGGTCCBQGgAwIBAgISAfROB3ZOdrEGD0kX+6BsbL83MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD -ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNTEyMDgxOTQ2MDBaFw0x -NjAzMDcxOTQ2MDBaMBsxGTAXBgNVBAMTEG1haWwuZnJpcG9zdC5vcmcwggIiMA0G +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNjAyMjYyMjE0MDBaFw0x +NjA1MjYyMjE0MDBaMBsxGTAXBgNVBAMTEG1haWwuZnJpcG9zdC5vcmcwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAW/LL+h8Iqhv+6MhmqNCEmXBb822T C+uVIGS2wY4sWMl2A7wkldmG7huERI0ornL2R2ypnEV9Rlv8YdnBfnuDGRKNr3DE JBgVZFfel3XDlne4U/oQFpFJFi7DkCpU+tpAsadt6TmiLgW3PsQRwDiCuEpfGKmo @@ -26,10 +26,37 @@ ZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBt YXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9u bHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91 bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZI -hvcNAQELBQADggEBAH0J8G1vhKLfTPsE0CNXzKNRk8BtL9zjoAPacX4B3L35UMzU -WiiJyFueX8haqtU9SfI27fvEml9hhpTUkCkcybMOlmhtMbdRsjqLdskT6LIPMmy1 -Zaw1KzVhyKQ9n+GJKqLWjiPjL/n68SbBofG5ECRbs3xunwk1rjpaKfLQgwqYQWhl -5hPZoqvtX9FgkYSOQm3do9LbXwotP8O4IV5934Usg6Z1u7PBApVXGnC2XyLNC6d3 -M/hUhNzzSgiJcgi6jysjtSbhV2zxd3vXCyzQpwGE/O9Guk94xmPG2abQmK87rYDi -4H0Uk1JSUA9QI5N28cBCgbFbggqb4XcF9TjXTY8= +hvcNAQELBQADggEBAGp4lS+xoaHAoUVoTEqe3h6AJO0ZcYTa2WGUDlx/9Do/i2H3 +dC9yF0pZlR0F+6snyryNfUNG5/MsSoy/S+3JxFVyBFnSD7k0bJDuRSnzhImPa7bw +DqQcNcyp71mibCkvnMMpfX0/ooxi+vCYWt+67uOP15y8WZXjNOQXR9EI8rI4TpBX +tQrUKotXcHFYC6qPk0K01bKGJ5PbVB2EDWTujOkWtRU0mQJ1EjJOANpUaHN7HvMS +39F1CA1UYIqT687wB62pm2CmTOCkwCNcsqdJIqbFMYbi8nc6id1R8r33XV4bkfGf +wGZWUcmZ/5kKpLKq8Y6tx5cIo5wNleyvsLRgfrI= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqDCCA5CgAwIBAgIRAJgT9HUT5XULQ+dDHpceRL0wDQYJKoZIhvcNAQELBQAw +PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD +Ew5EU1QgUm9vdCBDQSBYMzAeFw0xNTEwMTkyMjMzMzZaFw0yMDEwMTkyMjMzMzZa +MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAJzTDPBa5S5Ht3JdN4OzaGMw6tc1Jhkl4b2+NfFwki+3uEtB +BaupnjUIWOyxKsRohwuj43Xk5vOnYnG6eYFgH9eRmp/z0HhncchpDpWRz/7mmelg +PEjMfspNdxIknUcbWuu57B43ABycrHunBerOSuu9QeU2mLnL/W08lmjfIypCkAyG +dGfIf6WauFJhFBM/ZemCh8vb+g5W9oaJ84U/l4avsNwa72sNlRZ9xCugZbKZBDZ1 +gGusSvMbkEl4L6KWTyogJSkExnTA0DHNjzE4lRa6qDO4Q/GxH8Mwf6J5MRM9LTb4 +4/zyM2q5OTHFr8SNDR1kFjOq+oQpttQLwNh9w5MCAwEAAaOCAZIwggGOMBIGA1Ud +EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMH8GCCsGAQUFBwEBBHMwcTAy +BggrBgEFBQcwAYYmaHR0cDovL2lzcmcudHJ1c3RpZC5vY3NwLmlkZW50cnVzdC5j +b20wOwYIKwYBBQUHMAKGL2h0dHA6Ly9hcHBzLmlkZW50cnVzdC5jb20vcm9vdHMv +ZHN0cm9vdGNheDMucDdjMB8GA1UdIwQYMBaAFMSnsaR7LHH62+FLkHX/xBVghYkQ +MFQGA1UdIARNMEswCAYGZ4EMAQIBMD8GCysGAQQBgt8TAQEBMDAwLgYIKwYBBQUH +AgEWImh0dHA6Ly9jcHMucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcwPAYDVR0fBDUw +MzAxoC+gLYYraHR0cDovL2NybC5pZGVudHJ1c3QuY29tL0RTVFJPT1RDQVgzQ1JM +LmNybDATBgNVHR4EDDAKoQgwBoIELm1pbDAdBgNVHQ4EFgQUqEpqYwR93brm0Tm3 +pkVl7/Oo7KEwDQYJKoZIhvcNAQELBQADggEBANHIIkus7+MJiZZQsY14cCoBG1hd +v0J20/FyWo5ppnfjL78S2k4s2GLRJ7iD9ZDKErndvbNFGcsW+9kKK/TnY21hp4Dd +ITv8S9ZYQ7oaoqs7HwhEMY9sibED4aXw09xrJZTC9zK1uIfW6t5dHQjuOWv+HHoW +ZnupyxpsEUlEaFb+/SCI4KCSBdAsYxAcsHYI5xxEI4LutHp6s3OT2FuO90WfdsIk +6q78OMSdn875bNjdBYAqxUp2/LEIHfDBkLoQz0hFJmwAbYahqKaLn73PAAm1X2kj +f1w8DdnkabOLGeOVcj9LQ+s67vBykx4anTjURkbqZslUEUsn2k5xeua2zUk= -----END CERTIFICATE----- diff --git a/certs/public/mx1.fripost.org.pem b/certs/public/mx1.fripost.org.pem index 9077133..c34c686 100644 --- a/certs/public/mx1.fripost.org.pem +++ b/certs/public/mx1.fripost.org.pem @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE----- -MIIGAjCCBOqgAwIBAgISARXQ7SpFB4qRwSLt1oUKpDElMA0GCSqGSIb3DQEBCwUA +MIIGAjCCBOqgAwIBAgISAVdxQrAs1D5deToPt/kfU4xTMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD -ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNTEyMTYwMDIzMDBaFw0x -NjAzMTUwMDIzMDBaMBoxGDAWBgNVBAMTD214MS5mcmlwb3N0Lm9yZzCCAiIwDQYJ +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNjAyMjYyMjE3MDBaFw0x +NjA1MjYyMjE3MDBaMBoxGDAWBgNVBAMTD214MS5mcmlwb3N0Lm9yZzCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAKlhAZFY51Mns5A0IyBXGwxS5tdYQaue WU/PobCkl0hwMxPB1OzSYa71etMkFiTOsgspxWQ624T7MHM3JhSdOJUpMBJKNwaz dsC4sWT7eRTNiLpmM8PypXnJqJ7kvMzLUZiqRM3vfjJ/znOAb1B+zWIiyVCFFk6j @@ -25,11 +25,38 @@ KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcC AjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24g YnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0 aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5 -cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQBz9jeaYmoqxSx4 -mf4w6HcKt14vE2tVXuBLcx4BPmK6E7dfUFWw1td9y+252n13BsspKZA2QYDLb6rN -0F/p0x0JF5AGAijdFyqsEl3N/IJC2bcpt8eyxc+B3phl7Qzl1HnzO/1Y7BNOiGca -xJ+0dPIGhkhSjzbAj1f3YJyofFcQhHx/r+tOy55O6pxlVRjXLBd1ZtCLRGVGdO2g -Ecjc+YrYlsiimoHQpizNih1PHzuY/XyHJJeeNGgRPJMYrKrCCiOp/iJUAvOxzCTF -r27HVf+ZVkFikYllNB0IJB/tNlxj4cOkAXRwLZtN2a7gELTQm9XG5APErq15JK06 -Du+Xy8Mq +cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQBgaZ0iplVJvoBr +mHfBzfZWyINItsauI3uKCBmc7pVau64yJk0KaM+1WkrgTjmUp1cRNFVTLPjlZ0oA +xNKJpyQGNNCnqQHYl2xA54uZRlBgte7HsZCiqkhiE0wpBYdr/fSNiC71BOb/1pY2 +Iv9/kWZaUeFjK9/2Z04a0qqPmfv48c8XQQV/HyTKnnNtOvCKKZvwh4oTABTaLci0 +bYZt1tHGFOE1DHN6jrO1S3RmBDYNHcLp9MVhGP/M1HRz3b1M8sw+D5u9E0rdKtDM +f54j4TL75mlMbSIWmwt6nCCkXpnW3olrn/HlWq7yN9oSXUUPkE3ftSUpqWLJCtVw +e1rSnzvb +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqDCCA5CgAwIBAgIRAJgT9HUT5XULQ+dDHpceRL0wDQYJKoZIhvcNAQELBQAw +PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD +Ew5EU1QgUm9vdCBDQSBYMzAeFw0xNTEwMTkyMjMzMzZaFw0yMDEwMTkyMjMzMzZa +MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAJzTDPBa5S5Ht3JdN4OzaGMw6tc1Jhkl4b2+NfFwki+3uEtB +BaupnjUIWOyxKsRohwuj43Xk5vOnYnG6eYFgH9eRmp/z0HhncchpDpWRz/7mmelg +PEjMfspNdxIknUcbWuu57B43ABycrHunBerOSuu9QeU2mLnL/W08lmjfIypCkAyG +dGfIf6WauFJhFBM/ZemCh8vb+g5W9oaJ84U/l4avsNwa72sNlRZ9xCugZbKZBDZ1 +gGusSvMbkEl4L6KWTyogJSkExnTA0DHNjzE4lRa6qDO4Q/GxH8Mwf6J5MRM9LTb4 +4/zyM2q5OTHFr8SNDR1kFjOq+oQpttQLwNh9w5MCAwEAAaOCAZIwggGOMBIGA1Ud +EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMH8GCCsGAQUFBwEBBHMwcTAy +BggrBgEFBQcwAYYmaHR0cDovL2lzcmcudHJ1c3RpZC5vY3NwLmlkZW50cnVzdC5j +b20wOwYIKwYBBQUHMAKGL2h0dHA6Ly9hcHBzLmlkZW50cnVzdC5jb20vcm9vdHMv +ZHN0cm9vdGNheDMucDdjMB8GA1UdIwQYMBaAFMSnsaR7LHH62+FLkHX/xBVghYkQ +MFQGA1UdIARNMEswCAYGZ4EMAQIBMD8GCysGAQQBgt8TAQEBMDAwLgYIKwYBBQUH +AgEWImh0dHA6Ly9jcHMucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcwPAYDVR0fBDUw +MzAxoC+gLYYraHR0cDovL2NybC5pZGVudHJ1c3QuY29tL0RTVFJPT1RDQVgzQ1JM +LmNybDATBgNVHR4EDDAKoQgwBoIELm1pbDAdBgNVHQ4EFgQUqEpqYwR93brm0Tm3 +pkVl7/Oo7KEwDQYJKoZIhvcNAQELBQADggEBANHIIkus7+MJiZZQsY14cCoBG1hd +v0J20/FyWo5ppnfjL78S2k4s2GLRJ7iD9ZDKErndvbNFGcsW+9kKK/TnY21hp4Dd +ITv8S9ZYQ7oaoqs7HwhEMY9sibED4aXw09xrJZTC9zK1uIfW6t5dHQjuOWv+HHoW +ZnupyxpsEUlEaFb+/SCI4KCSBdAsYxAcsHYI5xxEI4LutHp6s3OT2FuO90WfdsIk +6q78OMSdn875bNjdBYAqxUp2/LEIHfDBkLoQz0hFJmwAbYahqKaLn73PAAm1X2kj +f1w8DdnkabOLGeOVcj9LQ+s67vBykx4anTjURkbqZslUEUsn2k5xeua2zUk= -----END CERTIFICATE----- diff --git a/certs/public/mx2.fripost.org.pem b/certs/public/mx2.fripost.org.pem index c743fa5..2080ee5 100644 --- a/certs/public/mx2.fripost.org.pem +++ b/certs/public/mx2.fripost.org.pem @@ -33,3 +33,30 @@ x+90BDLE9OiNGjPe/a7uTrCi/FJ8ESCHcX+0yiDXMDP/1Kdy0XPUle+gAqJUUM1R H0XPnh3lr4k8L/jJeK8tNa3QVnVxPGV5ZDotqQrZKG47nEZgNcXPxxe6otjneZXR LQFrwFiZ -----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqDCCA5CgAwIBAgIRAJgT9HUT5XULQ+dDHpceRL0wDQYJKoZIhvcNAQELBQAw +PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD +Ew5EU1QgUm9vdCBDQSBYMzAeFw0xNTEwMTkyMjMzMzZaFw0yMDEwMTkyMjMzMzZa +MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAJzTDPBa5S5Ht3JdN4OzaGMw6tc1Jhkl4b2+NfFwki+3uEtB +BaupnjUIWOyxKsRohwuj43Xk5vOnYnG6eYFgH9eRmp/z0HhncchpDpWRz/7mmelg +PEjMfspNdxIknUcbWuu57B43ABycrHunBerOSuu9QeU2mLnL/W08lmjfIypCkAyG +dGfIf6WauFJhFBM/ZemCh8vb+g5W9oaJ84U/l4avsNwa72sNlRZ9xCugZbKZBDZ1 +gGusSvMbkEl4L6KWTyogJSkExnTA0DHNjzE4lRa6qDO4Q/GxH8Mwf6J5MRM9LTb4 +4/zyM2q5OTHFr8SNDR1kFjOq+oQpttQLwNh9w5MCAwEAAaOCAZIwggGOMBIGA1Ud +EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMH8GCCsGAQUFBwEBBHMwcTAy +BggrBgEFBQcwAYYmaHR0cDovL2lzcmcudHJ1c3RpZC5vY3NwLmlkZW50cnVzdC5j +b20wOwYIKwYBBQUHMAKGL2h0dHA6Ly9hcHBzLmlkZW50cnVzdC5jb20vcm9vdHMv +ZHN0cm9vdGNheDMucDdjMB8GA1UdIwQYMBaAFMSnsaR7LHH62+FLkHX/xBVghYkQ +MFQGA1UdIARNMEswCAYGZ4EMAQIBMD8GCysGAQQBgt8TAQEBMDAwLgYIKwYBBQUH +AgEWImh0dHA6Ly9jcHMucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcwPAYDVR0fBDUw +MzAxoC+gLYYraHR0cDovL2NybC5pZGVudHJ1c3QuY29tL0RTVFJPT1RDQVgzQ1JM +LmNybDATBgNVHR4EDDAKoQgwBoIELm1pbDAdBgNVHQ4EFgQUqEpqYwR93brm0Tm3 +pkVl7/Oo7KEwDQYJKoZIhvcNAQELBQADggEBANHIIkus7+MJiZZQsY14cCoBG1hd +v0J20/FyWo5ppnfjL78S2k4s2GLRJ7iD9ZDKErndvbNFGcsW+9kKK/TnY21hp4Dd +ITv8S9ZYQ7oaoqs7HwhEMY9sibED4aXw09xrJZTC9zK1uIfW6t5dHQjuOWv+HHoW +ZnupyxpsEUlEaFb+/SCI4KCSBdAsYxAcsHYI5xxEI4LutHp6s3OT2FuO90WfdsIk +6q78OMSdn875bNjdBYAqxUp2/LEIHfDBkLoQz0hFJmwAbYahqKaLn73PAAm1X2kj +f1w8DdnkabOLGeOVcj9LQ+s67vBykx4anTjURkbqZslUEUsn2k5xeua2zUk= +-----END CERTIFICATE----- diff --git a/certs/public/smtp.fripost.org.pem b/certs/public/smtp.fripost.org.pem index 81a1325..269f4b5 100644 --- a/certs/public/smtp.fripost.org.pem +++ b/certs/public/smtp.fripost.org.pem @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE----- -MIIGBDCCBOygAwIBAgISAT/ZlANJISFHRihAoZ7zCz9AMA0GCSqGSIb3DQEBCwUA +MIIGBDCCBOygAwIBAgISAflSQ5zfHu04ZufVd2qw+vHMMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD -ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNTEyMTYwMDU3MDBaFw0x -NjAzMTUwMDU3MDBaMBsxGTAXBgNVBAMTEHNtdHAuZnJpcG9zdC5vcmcwggIiMA0G +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNjAyMjYyMjA0MDBaFw0x +NjA1MjYyMjA0MDBaMBsxGTAXBgNVBAMTEHNtdHAuZnJpcG9zdC5vcmcwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC4wO2IiiPCn9SEc7DRhayWqme2Ef31 /lO2aFamTnUykDxmuKt8QSVbhN9LQ4dcH1n8CLc7pZvQD12bVu8B+ds50sjKlwEr rH/0NsQOOdR5zEhMdRZG8f75Nbvyz0NjMRClAXhc3aJKNJ2qcPOx66IbPbvrk+lf @@ -25,11 +25,38 @@ BggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUF BwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBv biBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRo IHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5j -cnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAEvepC7eMCHI -2yHZx3lSg8KJluZxsW0XlCL6BDupcMKxXQ2DAvhd/d+pnxKQVQ+40Y4NUZGTz1w/ -tZA9lKQn14aQ6o31UKuRSm+FB7zCeLBm3uqxevk8NOcrt1kxvdjul5xYv6t5tLpZ -Dqk0sM+Lg1/qgTj1IuEQ4rc0RUqoCr2WG0HOW0a8tqWOBDKZDja8r82AhjgT7c21 -2Iz2ItsavlgsW6Gx8OX0gRmoaS3AQ+8dcg99uhajkd5ixkJF09zuqa5Rd87sAjmN -fmqU/Ok3VUZr1DSrnBc2lt+vhCB8Sn9FcS6BDO3eGy4P8Gy6fES51Bb9MgB6bXOr -TB5QdMpaRG8= +cnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAGaoBeW0LSkH +slGZ5nfB6G7ElqQH1Mue9X8IunFmFuOyRn2ceY6/hn2dwniP+jb6oEk3i68zURW4 +jrh9eJJ6+7al9wZEr5jtnQjZCd8+clArBHRBb1y7dmxqcg4lihh27yzH4W51Fv/e +pxIx709PT0MyRSsOQ4C6qiM5F0bCL2qiOHMA/jy/LA9pbyjmuc+K+9hJKT/EZcOh +JQ+0xSy9/HHVvaFsoMgLkUn0147Glrqm8RxwyeSVOf/BFcE4KeirfQewa4pRYRD3 +8e15+JLbfJsOEIhT7LVoFFIwaAU4zAHJgl4/JTjKpFQsyuvyuTCHnMPhoc9fS/tv +Gcwciaov6NE= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqDCCA5CgAwIBAgIRAJgT9HUT5XULQ+dDHpceRL0wDQYJKoZIhvcNAQELBQAw +PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD +Ew5EU1QgUm9vdCBDQSBYMzAeFw0xNTEwMTkyMjMzMzZaFw0yMDEwMTkyMjMzMzZa +MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAJzTDPBa5S5Ht3JdN4OzaGMw6tc1Jhkl4b2+NfFwki+3uEtB +BaupnjUIWOyxKsRohwuj43Xk5vOnYnG6eYFgH9eRmp/z0HhncchpDpWRz/7mmelg +PEjMfspNdxIknUcbWuu57B43ABycrHunBerOSuu9QeU2mLnL/W08lmjfIypCkAyG +dGfIf6WauFJhFBM/ZemCh8vb+g5W9oaJ84U/l4avsNwa72sNlRZ9xCugZbKZBDZ1 +gGusSvMbkEl4L6KWTyogJSkExnTA0DHNjzE4lRa6qDO4Q/GxH8Mwf6J5MRM9LTb4 +4/zyM2q5OTHFr8SNDR1kFjOq+oQpttQLwNh9w5MCAwEAAaOCAZIwggGOMBIGA1Ud +EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMH8GCCsGAQUFBwEBBHMwcTAy +BggrBgEFBQcwAYYmaHR0cDovL2lzcmcudHJ1c3RpZC5vY3NwLmlkZW50cnVzdC5j +b20wOwYIKwYBBQUHMAKGL2h0dHA6Ly9hcHBzLmlkZW50cnVzdC5jb20vcm9vdHMv +ZHN0cm9vdGNheDMucDdjMB8GA1UdIwQYMBaAFMSnsaR7LHH62+FLkHX/xBVghYkQ +MFQGA1UdIARNMEswCAYGZ4EMAQIBMD8GCysGAQQBgt8TAQEBMDAwLgYIKwYBBQUH +AgEWImh0dHA6Ly9jcHMucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcwPAYDVR0fBDUw +MzAxoC+gLYYraHR0cDovL2NybC5pZGVudHJ1c3QuY29tL0RTVFJPT1RDQVgzQ1JM +LmNybDATBgNVHR4EDDAKoQgwBoIELm1pbDAdBgNVHQ4EFgQUqEpqYwR93brm0Tm3 +pkVl7/Oo7KEwDQYJKoZIhvcNAQELBQADggEBANHIIkus7+MJiZZQsY14cCoBG1hd +v0J20/FyWo5ppnfjL78S2k4s2GLRJ7iD9ZDKErndvbNFGcsW+9kKK/TnY21hp4Dd +ITv8S9ZYQ7oaoqs7HwhEMY9sibED4aXw09xrJZTC9zK1uIfW6t5dHQjuOWv+HHoW +ZnupyxpsEUlEaFb+/SCI4KCSBdAsYxAcsHYI5xxEI4LutHp6s3OT2FuO90WfdsIk +6q78OMSdn875bNjdBYAqxUp2/LEIHfDBkLoQz0hFJmwAbYahqKaLn73PAAm1X2kj +f1w8DdnkabOLGeOVcj9LQ+s67vBykx4anTjURkbqZslUEUsn2k5xeua2zUk= -----END CERTIFICATE----- @@ -12,30 +12,11 @@ roles: - common -- name: Base system +- name: Let's Encrypt hosts: IMAP:MX:MSA:webmail:lists:wiki:git gather_facts: False - tasks: - - name: Install dependencies for letsencrypt-tiny - apt: pkg={{ item }} - with_items: - - liblwp-protocol-https-perl - - socat - - name: Copy LetsEncrypt's ACME client - copy: src=deb/letsencrypt-tiny_0.1-1_all.deb - dest=/tmp - notify: Install LetsEncrypt's ACME client - - name: Create a user 'letsencrypt' - user: name=letsencrypt system=yes - group=nogroup - createhome=no - home=/nonexistent - shell=/usr/sbin/nologin - password=! - state=present - handlers: - - name: Install LetsEncrypt's ACME client - apt: deb=/tmp/letsencrypt-tiny_0.1-1_all.deb + roles: + - letsencrypt tags: - letsencrypt diff --git a/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf b/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf index 114388e..dc0b5bf 100644 --- a/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf +++ b/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf @@ -9,7 +9,7 @@ ssl = required # dropping root privileges, so keep the key file unreadable by anyone but # root. Included doc/mkcert.sh can be used to easily generate self-signed # certificate, just make sure to update the domains in dovecot-openssl.cnf -ssl_cert = </etc/dovecot/ssl/imap.fripost.org.chained.pem +ssl_cert = </etc/dovecot/ssl/imap.fripost.org.pem ssl_key = </etc/dovecot/ssl/imap.fripost.org.key # If key file is password protected, give the password here. Alternatively diff --git a/roles/MSA/templates/etc/postfix/main.cf.j2 b/roles/MSA/templates/etc/postfix/main.cf.j2 index caba881..24b83c6 100644 --- a/roles/MSA/templates/etc/postfix/main.cf.j2 +++ b/roles/MSA/templates/etc/postfix/main.cf.j2 @@ -75,7 +75,7 @@ smtp_tls_fingerprint_digest = sha256 {% endif %} smtpd_tls_security_level = encrypt -smtpd_tls_cert_file = /etc/postfix/ssl/smtp.fripost.org.chained.pem +smtpd_tls_cert_file = /etc/postfix/ssl/smtp.fripost.org.pem smtpd_tls_key_file = /etc/postfix/ssl/smtp.fripost.org.key smtpd_tls_dh1024_param_file = /etc/ssl/private/dhparams.pem smtpd_tls_session_cache_database= btree:$data_directory/smtpd_tls_session_cache diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2 index 0259538..a9e7ee4 100644 --- a/roles/MX/templates/etc/postfix/main.cf.j2 +++ b/roles/MX/templates/etc/postfix/main.cf.j2 @@ -93,7 +93,7 @@ smtp_tls_fingerprint_digest = sha256 smtpd_tls_security_level = may smtpd_tls_exclude_ciphers = EXPORT, LOW, MEDIUM, aNULL, eNULL, DES, RC4, MD5 -smtpd_tls_cert_file = /etc/postfix/ssl/mx.fripost.org.chained.pem +smtpd_tls_cert_file = /etc/postfix/ssl/mx.fripost.org.pem smtpd_tls_key_file = /etc/postfix/ssl/mx.fripost.org.key smtpd_tls_dh1024_param_file = /etc/ssl/private/dhparams.pem smtpd_tls_CApath = /etc/ssl/certs/ diff --git a/roles/git/files/etc/nginx/sites-available/git b/roles/git/files/etc/nginx/sites-available/git index afb5fca..a78ef3f 100644 --- a/roles/git/files/etc/nginx/sites-available/git +++ b/roles/git/files/etc/nginx/sites-available/git @@ -22,7 +22,7 @@ server { server_name git.fripost.org; include snippets/ssl.conf; - ssl_certificate /etc/nginx/ssl/git.fripost.org.chained.pem; + ssl_certificate /etc/nginx/ssl/git.fripost.org.pem; ssl_certificate_key /etc/nginx/ssl/git.fripost.org.key; access_log /var/log/nginx/git.access.log; diff --git a/roles/letsencrypt/files/etc/letsencrypt-tiny/letsencrypt.conf b/roles/letsencrypt/files/etc/letsencrypt-tiny/letsencrypt.conf new file mode 100644 index 0000000..fb19d2a --- /dev/null +++ b/roles/letsencrypt/files/etc/letsencrypt-tiny/letsencrypt.conf @@ -0,0 +1,86 @@ +# For certificate issuance (new-cert command), specify the certificate +# configuration file to use +# +#config-certs = config/letsencrypt-certs.conf + +[client] +# The value of "socket" specifies the letsencrypt-accountd(1) +# UNIX-domain socket to connect to for signature requests from the ACME +# client. letsencrypt aborts if the socket is readable or writable by +# other users, or if its parent directory is writable by other users. +# Default: "$XDG_RUNTIME_DIR/S.letsencrypt" if the XDG_RUNTIME_DIR +# environment variable is set. +# +#socket = /run/user/1000/S.letsencrypt + +# username to drop privileges to (setting both effective and real uid). +# Preserve root privileges if the value is empty (not recommended). +# Default: "nobody". +# +user = letsencrypt + +# groupname to drop privileges to (setting both effective and real gid, +# and also setting the list of supplementary gids to that single group). +# Preserve root privileges if the value is empty (not recommended). +# +group = nogroup + +# Path to the ACME client executable. +#command = /usr/lib/letsencrypt-tiny/client + +# Root URI of the ACME server. NOTE: Use the staging server for testing +# as it has relaxed ratelimit. +# +#server = https://acme-v01.api.letsencrypt.org/ +#server = https://acme-staging.api.letsencrypt.org/ + +# Timeout in seconds after which the client stops polling the ACME +# server and considers the request failed. +# +#timeout = 10 + +# Whether to verify the server certificate chain. +SSL_verify = yes + +# Specify the version of the SSL protocol used to transmit data. +SSL_version = SSLv23:!TLSv1_1:!TLSv1:!SSLv3:!SSLv2 + +# Specify the cipher list for the connection. +SSL_cipher_list = EECDH+AESGCM:!MEDIUM:!LOW:!EXP:!aNULL:!eNULL + + +[webserver] + +# Specify the local address to listen on, in the form ADDRESS[:PORT]. +# +#listen = 0.0.0.0:80 +#listen = [::]:80 + +# If a webserver is already running, specify a non-existent directory +# under which the webserver is configured to serve GET requests for +# challenge files under "/.well-known/acme-challenge/" (for each virtual +# hosts requiring authorization) as static files. +# +challenge-directory = /var/www/acme-challenge + +# username to drop privileges to (setting both effective and real uid). +# Preserve root privileges if the value is empty (not recommended). +# +user = www-data + +# groupname to drop privileges to (setting both effective and real gid, +# and also setting the list of supplementary gids to that single group). +# Preserve root privileges if the value is empty (not recommended). +# +user = www-data + +# Path to the ACME webserver executable. +#command = /usr/lib/letsencrypt-tiny/webserver + +# Whether to automatically install iptables(1) rules to open the +# ADDRESS[:PORT] specified with listen. Theses rules are automatically +# removed once letsencrypt exits. +# +#iptables = Yes + +; vim:ft=dosini diff --git a/roles/letsencrypt/handlers/main.yml b/roles/letsencrypt/handlers/main.yml new file mode 100644 index 0000000..d9eed44 --- /dev/null +++ b/roles/letsencrypt/handlers/main.yml @@ -0,0 +1,2 @@ +- name: Install LetsEncrypt's ACME client + apt: deb=/tmp/letsencrypt-tiny_0.1-1_all.deb diff --git a/roles/letsencrypt/tasks/main.yml b/roles/letsencrypt/tasks/main.yml new file mode 100644 index 0000000..c7ef7ef --- /dev/null +++ b/roles/letsencrypt/tasks/main.yml @@ -0,0 +1,37 @@ +- name: Install dependencies for letsencrypt-tiny + apt: pkg={{ item }} + with_items: + - libjson-perl + - libjson-xs-perl + - libconfig-tiny-perl + - libwww-perl + - liblwp-protocol-https-perl + - libnet-ssleay-perl + +- name: Copy LetsEncrypt's ACME client + copy: src=deb/letsencrypt-tiny_0.1-1_all.deb + dest=/tmp + notify: Install LetsEncrypt's ACME client + +- meta: flush_handlers + +- name: Create a user 'letsencrypt' + user: name=letsencrypt system=yes + group=nogroup + createhome=no + home=/nonexistent + shell=/usr/sbin/nologin + password=! + state=present + +- name: Copy letsencrypt-tiny/letsencrypt-certs.conf + copy: src=etc/letsencrypt-tiny/letsencrypt.conf + dest=/etc/letsencrypt-tiny/letsencrypt.conf + owner=root group=root + mode=0644 + +- name: Copy letsencrypt-tiny/letsencrypt-certs.conf + template: src=etc/letsencrypt-tiny/letsencrypt-certs.conf.j2 + dest=/etc/letsencrypt-tiny/letsencrypt-certs.conf + owner=root group=root + mode=0644 diff --git a/roles/letsencrypt/templates/etc/letsencrypt-tiny/letsencrypt-certs.conf.j2 b/roles/letsencrypt/templates/etc/letsencrypt-tiny/letsencrypt-certs.conf.j2 new file mode 100644 index 0000000..fef5c62 --- /dev/null +++ b/roles/letsencrypt/templates/etc/letsencrypt-tiny/letsencrypt-certs.conf.j2 @@ -0,0 +1,63 @@ +hash = sha512 +keyusage = digitalSignature, keyEncipherment + +{% if 'IMAP' in group_names %} +[imap] +certificate-key = /etc/dovecot/ssl/imap.fripost.org.key +certificate-chain = /etc/dovecot/ssl/imap.fripost.org.pem +subject = /O=Fripost/CN=imap.fripost.org +subjectAltName = DNS:imap.fripost.org,DNS:sieve.fripost.org +notify = /bin/systemctl restart dovecot +{% endif %} + +{% if 'MSA' in group_names %} +[smtp] +certificate-key = /etc/postfix/ssl/smtp.fripost.org.key +certificate-chain = /etc/postfix/ssl/smtp.fripost.org.pem +subject = /O=Fripost/CN=smtp.fripost.org +notify = /bin/systemctl restart postfix +{% endif %} + +{% if 'MX' in group_names %} +[mx] +certificate-key = /etc/postfix/ssl/mx.fripost.org.key +certificate-chain = /etc/postfix/ssl/mx.fripost.org.pem +subject = /O=Fripost/CN=mx{{ mxno }}.fripost.org +notify = /bin/systemctl restart postfix +{% endif %} + +{% if 'lists' in group_names %} +[lists] +certificate-key = /etc/nginx/ssl/lists.fripost.org.key +certificate-chain = /etc/nginx/ssl/lists.fripost.org.pem +subject = /O=Fripost/CN=lists.fripost.org +notify = /bin/systemctl restart nginx +{% endif %} + +{% if 'wiki' in group_names %} +[www] +certificate-key = /etc/nginx/ssl/www.fripost.org.key +certificate-chain = /etc/nginx/ssl/www.fripost.org.pem +subject = /O=Fripost/CN=fripost.org +subjectAltName = DNS:fripost.org,DNS:www.fripost.org,DNS:wiki.fripost.org +notify = /bin/systemctl restart nginx +{% endif %} + +{% if 'webmail' in group_names %} +[webmail] +certificate-key = /etc/nginx/ssl/mail.fripost.org.key +certificate-chain = /etc/nginx/ssl/mail.fripost.org.pem +subject = /O=Fripost/CN=mail.fripost.org +subjectAltName = DNS:mail.fripost.org,DNS:webmail.fripost.org +notify = /bin/systemctl restart nginx +{% endif %} + +{% if 'git' in group_names %} +[git] +certificate-key = /etc/nginx/ssl/git.fripost.org.key +certificate-chain = /etc/nginx/ssl/git.fripost.org.pem +subject = /O=Fripost/CN=git.fripost.org +notify = /bin/systemctl restart nginx +{% endif %} + +; vim:ft=dosini diff --git a/roles/lists/files/etc/nginx/sites-available/sympa b/roles/lists/files/etc/nginx/sites-available/sympa index 5e469fa..bcf1d22 100644 --- a/roles/lists/files/etc/nginx/sites-available/sympa +++ b/roles/lists/files/etc/nginx/sites-available/sympa @@ -25,7 +25,7 @@ server { error_log /var/log/nginx/lists.error.log info; include snippets/ssl.conf; - ssl_certificate /etc/nginx/ssl/lists.fripost.org.chained.pem; + ssl_certificate /etc/nginx/ssl/lists.fripost.org.pem; ssl_certificate_key /etc/nginx/ssl/lists.fripost.org.key; location = / { diff --git a/roles/webmail/files/etc/nginx/sites-available/roundcube b/roles/webmail/files/etc/nginx/sites-available/roundcube index df10be9..304b05d 100644 --- a/roles/webmail/files/etc/nginx/sites-available/roundcube +++ b/roles/webmail/files/etc/nginx/sites-available/roundcube @@ -27,7 +27,7 @@ server { root /var/lib/roundcube; include snippets/ssl.conf; - ssl_certificate /etc/nginx/ssl/mail.fripost.org.chained.pem; + ssl_certificate /etc/nginx/ssl/mail.fripost.org.pem; ssl_certificate_key /etc/nginx/ssl/mail.fripost.org.key; location = /favicon.ico { diff --git a/roles/wiki/files/etc/nginx/sites-available/website b/roles/wiki/files/etc/nginx/sites-available/website index 2519286..5d382ec 100644 --- a/roles/wiki/files/etc/nginx/sites-available/website +++ b/roles/wiki/files/etc/nginx/sites-available/website @@ -24,7 +24,7 @@ server { server_name www.fripost.org; include snippets/ssl.conf; - ssl_certificate /etc/nginx/ssl/www.fripost.org.chained.pem; + ssl_certificate /etc/nginx/ssl/www.fripost.org.pem; ssl_certificate_key /etc/nginx/ssl/www.fripost.org.key; access_log /var/log/nginx/www.access.log; diff --git a/roles/wiki/files/etc/nginx/sites-available/wiki b/roles/wiki/files/etc/nginx/sites-available/wiki index 2855e07..d61ff28 100644 --- a/roles/wiki/files/etc/nginx/sites-available/wiki +++ b/roles/wiki/files/etc/nginx/sites-available/wiki @@ -23,7 +23,7 @@ server { server_name wiki.fripost.org; include snippets/ssl.conf; - ssl_certificate /etc/nginx/ssl/www.fripost.org.chained.pem; + ssl_certificate /etc/nginx/ssl/www.fripost.org.pem; ssl_certificate_key /etc/nginx/ssl/www.fripost.org.key; access_log /var/log/nginx/wiki.access.log; |