From 3b2633bc99bebf6d295b9f15c8a7f153f77aa8e2 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem.moulin@fripost.org>
Date: Tue, 12 Jul 2016 15:47:10 +0200
Subject: gencerts: base64-encode the SHA256 digests.

Also, include the backup pins in the .asc.  And list the website's and
webmail SANs.
---
 website/certs.asc  | 56 +++++++++++++++++++++++++++++++-----------------------
 website/certs.mdwn | 38 ++++++++++++++++++------------------
 2 files changed, 51 insertions(+), 43 deletions(-)

diff --git a/website/certs.asc b/website/certs.asc
index dfd71fd..763cdf7 100644
--- a/website/certs.asc
+++ b/website/certs.asc
@@ -19,7 +19,7 @@ The SPKI of our X.509 certificates are also available in PEM format at:
     https://git.fripost.org/fripost-ansible/tree/certs/public ,
 
 Git repository from which this fingerprint list was generated, at commit ID
-02772c9 from Sun, 10 Jul 2016 01:16:00 +0200.
+ef43052 from Tue, 12 Jul 2016 03:10:33 +0200.
 
 
  * IMAP server
@@ -27,51 +27,59 @@ Git repository from which this fingerprint list was generated, at commit ID
     X.509: https://crt.sh/?spkisha256=60db1731fcf1f860de7e84c1a2c48cb9cded004750b21fbf67616b13e8ad7de5&iCAID=16418&exclude=expired
     SPKI:
       SHA1   79:EE:C2:1B:9B:5A:67:D8:1F:DF:D2:F5:2A:A3:68:EB:02:FF:5A:F2
-      SHA256 60:DB:17:31:FC:F1:F8:60:DE:7E:84:C1:A2:C4:8C:B9:CD:ED:00:47:50:B2:1F:BF:67:61:6B:13:E8:AD:7D:E5
+      SHA256 YNsXMfzx+GDefoTBosSMuc3tAEdQsh+/Z2FrE+itfeU=
 
  * SMTP servers
     smtp.fripost.org:587 (Mail Submission Agent, STARTTLS)
     X.509: https://crt.sh/?spkisha256=a2726ec6514d6670aaf49008c17a3f28f92ee981e530d10e19d6847ceaa3c905&iCAID=16418&exclude=expired
     SPKI:
       SHA1   A7:DB:17:4B:55:94:7B:8F:BB:90:5F:BC:48:CC:99:FD:29:73:C7:D8
-      SHA256 A2:72:6E:C6:51:4D:66:70:AA:F4:90:08:C1:7A:3F:28:F9:2E:E9:81:E5:30:D1:0E:19:D6:84:7C:EA:A3:C9:05
+      SHA256 onJuxlFNZnCq9JAIwXo/KPku6YHlMNEOGdaEfOqjyQU=
 
     mx1.fripost.org:25 (1st Mail eXchange, STARTTLS)
     X.509: https://crt.sh/?spkisha256=63c2a1dce0bc20a6cde16eae1cec71cf42270d1e460f039dc2fdea1e274870ba&iCAID=16418&exclude=expired
     SPKI:
       SHA1   DF:D7:33:FB:96:EC:39:58:4E:31:05:35:E0:DF:EA:59:27:90:D4:0D
-      SHA256 63:C2:A1:DC:E0:BC:20:A6:CD:E1:6E:AE:1C:EC:71:CF:42:27:0D:1E:46:0F:03:9D:C2:FD:EA:1E:27:48:70:BA
+      SHA256 Y8Kh3OC8IKbN4W6uHOxxz0InDR5GDwOdwv3qHidIcLo=
 
     mx2.fripost.org:25 (2nd Mail eXchange, STARTTLS)
     X.509: https://crt.sh/?spkisha256=9307b7878124e4e79f9871ee88cb9d4a82ea9e7c27065a21a81d902567a8d27a&iCAID=16418&exclude=expired
     SPKI:
       SHA1   A0:85:B9:51:9F:F1:71:3C:F6:61:C1:6A:7E:DC:F4:91:8A:64:32:11
-      SHA256 93:07:B7:87:81:24:E4:E7:9F:98:71:EE:88:CB:9D:4A:82:EA:9E:7C:27:06:5A:21:A8:1D:90:25:67:A8:D2:7A
+      SHA256 kwe3h4Ek5OefmHHuiMudSoLqnnwnBlohqB2QJWeo0no=
 
  * Web servers
-    fripost.org:443 (website), wiki.fripost.org:443 (wiki)
+    fripost.org:443, www.fripost.org:443 (website), wiki.fripost.org:443 (wiki)
     X.509: https://crt.sh/?spkisha256=7d0fa06aeef68b039feab997bd8eff41e981fa46218b13c263f03f108af76adb&iCAID=16418&exclude=expired
     SPKI:
       SHA1   B8:CB:E1:30:7E:BA:03:C3:DB:BE:BF:65:FD:80:68:F8:D3:E0:1C:7D
-      SHA256 7D:0F:A0:6A:EE:F6:8B:03:9F:EA:B9:97:BD:8E:FF:41:E9:81:FA:46:21:8B:13:C2:63:F0:3F:10:8A:F7:6A:DB
+      SHA256 fQ+gau72iwOf6rmXvY7/QemB+kYhixPCY/A/EIr3ats=
+    Backup SPKI:
+      SHA256 MYhOgCyUOp8NRGxa1LZc57g0wREA3kV8C+4SsrDajt8=
 
-    mail.fripost.org:443 (webmail)
+    mail.fripost.org:443, webmail.fripost.org:443 (webmail)
     X.509: https://crt.sh/?spkisha256=4877e788c11aa71798a39613ff68cffa7f96b2d35a62084332165469d2e53c39&iCAID=16418&exclude=expired
     SPKI:
       SHA1   4F:E7:42:40:98:35:51:CF:93:65:EF:F2:D1:7C:3C:46:60:64:2C:30
-      SHA256 48:77:E7:88:C1:1A:A7:17:98:A3:96:13:FF:68:CF:FA:7F:96:B2:D3:5A:62:08:43:32:16:54:69:D2:E5:3C:39
+      SHA256 SHfniMEapxeYo5YT/2jP+n+WstNaYghDMhZUadLlPDk=
+    Backup SPKI:
+      SHA256 /Tt92H3ZkfEW1/AOCoGVm1TxZl7u4c+tIBnuvAc7d5w=
 
     lists.fripost.org:443 (list manager)
     X.509: https://crt.sh/?spkisha256=38bc7584e12a9c2752ffb660cd3cc097c220fc2c29cf9318f49f458ac860ebfd&iCAID=16418&exclude=expired
     SPKI:
       SHA1   E9:45:89:19:95:44:B1:C7:61:C1:75:4B:A1:3F:8C:38:D4:10:A5:33
-      SHA256 38:BC:75:84:E1:2A:9C:27:52:FF:B6:60:CD:3C:C0:97:C2:20:FC:2C:29:CF:93:18:F4:9F:45:8A:C8:60:EB:FD
+      SHA256 OLx1hOEqnCdS/7ZgzTzAl8Ig/Cwpz5MY9J9Fishg6/0=
+    Backup SPKI:
+      SHA256 v/Ow0Ou2m08HO10wxci1IVrMC/pbihnoDNxvUwKBsMY=
 
     git.fripost.org:443 (git server and its web interface)
     X.509: https://crt.sh/?spkisha256=1cea225e00bbb68973677d5beb95336c02a1a42080ec8d2235d3bb344b8bd255&iCAID=16418&exclude=expired
     SPKI:
       SHA1   02:D7:7C:F0:16:F4:55:0D:C3:6B:A1:C4:B6:95:1B:65:26:64:C8:28
-      SHA256 1C:EA:22:5E:00:BB:B6:89:73:67:7D:5B:EB:95:33:6C:02:A1:A4:20:80:EC:8D:22:35:D3:BB:34:4B:8B:D2:55
+      SHA256 HOoiXgC7tolzZ31b65UzbAKhpCCA7I0iNdO7NEuL0lU=
+    Backup SPKI:
+      SHA256 7F+6dSG3D3X3SSLXmb4GWWqUViztamLmmCBlYCi4a10=
 
  * SSH server
     gitolite@git.fripost.org:22
@@ -81,17 +89,17 @@ Git repository from which this fingerprint list was generated, at commit ID
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
-iQIcBAEBCgAGBQJXgrx2AAoJENOaSZw8IaVSbywQAJ07MY6dRwHMQThysXr1rzsG
-dJkCvviOE5Y5GGy1ra+t9RB6WO6dHath6o814zdt4fiaKkQP1FepJd1/VSoWnbtf
-hvA+qtN78tsXMUH0CZoZCFQ6HH2AeFcFRLPrrZK/ihhUyYMHhhfOB7Upe5Z+Ad8M
-FQ60KgPyRFQXKX/29HhcPgh1JNVRCz2Ytk64SjlujLB44LKxMO7LBhOtBMrbwb3J
-08xQTRXdKVfCIJFT+vVdS4U+olm+ISekjDYT9QBsCqSJUBOmP8BTK67q9JKDA2Ul
-wnEZDBhcfEoeK8HubCW7nAFICKnzpIVg9vNxHgUy06ggxrqtscs65COkxJm2i/3C
-Exyb+E434SlOwZx1Jl31IGsUxcPMccPNSArf3Zo/Rx7a1sgdPAUTsnXFUC1cm7VD
-ClhTXbUkUuBg6V7LoeL0cX/Igzi7ftb/iDrUgDAH8K7TdOFPGAuy0IQW0TYzJgBJ
-lvJdqIflc8bvsCaF+66+rAW3ksBuD0S5XAXdWsB7a96MWVkjgtP8N5OS0WQH77iV
-BB78pD2CsOsgPkEWoH2SxNrPWP7QxRGNJ0WBvA+y8VQLIUJo+1yGKvWocxpIz/+S
-BBdChXUm20KW6QDz3ZsoeJajoWrPS8s47B4gf7JroqLSfcXiBwKNrLIGLb6tXxRN
-LLG0Ojgb7j9nCAuvWbPj
-=4nW8
+iQIcBAEBCgAGBQJXhPSnAAoJENOaSZw8IaVSnr0QAMkP/8GxHpHfiUUIwtDHTh2g
+HD55/S3v34FpKIlCRWBsb4KAbCbg8XLCpcSffeIHNIcydvwcyQVojpk91259pLXC
+HrAWaJGl1XZYTOCnRcECmU8L4ftQDTkhStAlBYtDLJ7mM2ooM5KAcOQ2WuZJ3OSs
+/ytrDuXqzneBGJqqdFOtLPDsrBN1Yfq23Fasq438ooCUA81pdLAZAa7qRu/IK643
+B+WyH2xz18/m5RJPjKufOTCpvX1NAYshxJtqPabTTcxBkRuY6szIrfy/XnYmteQB
+lLYh1St+ELUde+wIEtNjJ6ozyPyCSzkUkBrX+VAoKUiH9DLbKzIdO6UEQLc/6+7l
+oY6OaJMn0lKgyedLMbly0mJ+iCIK1r47ME2L12Zj69Qy5yKR7Zm0M9ClgSApEKNB
+zLoByzWM/0OOYl+/v55Wo0tviMhGZDz9BDVR3mYsdx8xDvH8xYHSra/+FQp/zciR
+X5cC932xRubH0tWO+nAVLQqBifJp4HZ6sHl3yyRiaMDQhZDYifE4J6NXw+uEAVD4
++rGk8JATQm1zIICKmmjChUmrCGKwVstbfEYfGaSRPj8D94OChKse274UEqktjBy+
+ABu/vObJiONIbo36UtfFYPvOuUsJIMA8Bk+4BrKQh6wTq2+Q1B0muL6VKJf1txzk
+7hTJIuyG7FIq1wTpgI+v
+=BR1Y
 -----END PGP SIGNATURE-----
diff --git a/website/certs.mdwn b/website/certs.mdwn
index aa728b3..94e33d4 100644
--- a/website/certs.mdwn
+++ b/website/certs.mdwn
@@ -16,59 +16,59 @@ You can view all issued Let's Encrypt certificates at
 The SPKI of our X.509 certificates are also available in PEM format
 under our [Git repository](https://git.fripost.org/fripost-ansible/tree/certs/public),
 from which this fingerprint list was [generated](https://git.fripost.org/fripost-ansible/tree/certs/gencerts.sh), at
-[Commit ID 02772c9 from Sun, 10 Jul 2016 01:16:00 +0200](https://git.fripost.org/fripost-ansible/tree/certs/public?id=02772c92ce74490ce60792b0543d60ce71f28e42).
+[Commit ID ef43052 from Tue, 12 Jul 2016 03:10:33 +0200](https://git.fripost.org/fripost-ansible/tree/certs/public?id=ef430522256013665205cdda05636846cc622251).
 
 
  * IMAP server
 
     [`imap.fripost.org:993` (IMAP over SSL), `sieve.fripost.org:4190` (ManageSieve, `STARTTLS`)](https://crt.sh/?spkisha256=60db1731fcf1f860de7e84c1a2c48cb9cded004750b21fbf67616b13e8ad7de5&iCAID=16418&exclude=expired)
 
-        SHA1   79:EE:C2:1B:9B:5A:67:D8:1F:DF:D2:F5:2A:A3:68:EB:02:FF:5A:F2
-        SHA256 60:DB:17:31:FC:F1:F8:60:DE:7E:84:C1:A2:C4:8C:B9:CD:ED:00:47:50:B2:1F:BF:67:61:6B:13:E8:AD:7D:E5
+        SHA1   ee7CG5taZ9gf39L1KqNo6wL/WvI=
+        SHA256 YNsXMfzx+GDefoTBosSMuc3tAEdQsh+/Z2FrE+itfeU=
 
  * SMTP servers
 
     [`smtp.fripost.org:587` (Mail Submission Agent, `STARTTLS`)](https://crt.sh/?spkisha256=a2726ec6514d6670aaf49008c17a3f28f92ee981e530d10e19d6847ceaa3c905&iCAID=16418&exclude=expired)
 
-        SHA1   A7:DB:17:4B:55:94:7B:8F:BB:90:5F:BC:48:CC:99:FD:29:73:C7:D8
-        SHA256 A2:72:6E:C6:51:4D:66:70:AA:F4:90:08:C1:7A:3F:28:F9:2E:E9:81:E5:30:D1:0E:19:D6:84:7C:EA:A3:C9:05
+        SHA1   p9sXS1WUe4+7kF+8SMyZ/Slzx9g=
+        SHA256 onJuxlFNZnCq9JAIwXo/KPku6YHlMNEOGdaEfOqjyQU=
 
 
     [`mx1.fripost.org:25` (1st Mail eXchange, `STARTTLS`)](https://crt.sh/?spkisha256=63c2a1dce0bc20a6cde16eae1cec71cf42270d1e460f039dc2fdea1e274870ba&iCAID=16418&exclude=expired)
 
-        SHA1   DF:D7:33:FB:96:EC:39:58:4E:31:05:35:E0:DF:EA:59:27:90:D4:0D
-        SHA256 63:C2:A1:DC:E0:BC:20:A6:CD:E1:6E:AE:1C:EC:71:CF:42:27:0D:1E:46:0F:03:9D:C2:FD:EA:1E:27:48:70:BA
+        SHA1   39cz+5bsOVhOMQU14N/qWSeQ1A0=
+        SHA256 Y8Kh3OC8IKbN4W6uHOxxz0InDR5GDwOdwv3qHidIcLo=
 
 
     [`mx2.fripost.org:25` (2nd Mail eXchange, `STARTTLS`)](https://crt.sh/?spkisha256=9307b7878124e4e79f9871ee88cb9d4a82ea9e7c27065a21a81d902567a8d27a&iCAID=16418&exclude=expired)
 
-        SHA1   A0:85:B9:51:9F:F1:71:3C:F6:61:C1:6A:7E:DC:F4:91:8A:64:32:11
-        SHA256 93:07:B7:87:81:24:E4:E7:9F:98:71:EE:88:CB:9D:4A:82:EA:9E:7C:27:06:5A:21:A8:1D:90:25:67:A8:D2:7A
+        SHA1   oIW5UZ/xcTz2YcFqftz0kYpkMhE=
+        SHA256 kwe3h4Ek5OefmHHuiMudSoLqnnwnBlohqB2QJWeo0no=
 
  * Web servers
 
-    [`fripost.org:443` (website), `wiki.fripost.org:443` (wiki)](https://crt.sh/?spkisha256=7d0fa06aeef68b039feab997bd8eff41e981fa46218b13c263f03f108af76adb&iCAID=16418&exclude=expired)
+    [`fripost.org:443`, `www.fripost.org:443` (website), `wiki.fripost.org:443` (wiki)](https://crt.sh/?spkisha256=7d0fa06aeef68b039feab997bd8eff41e981fa46218b13c263f03f108af76adb&iCAID=16418&exclude=expired)
 
-        SHA1   B8:CB:E1:30:7E:BA:03:C3:DB:BE:BF:65:FD:80:68:F8:D3:E0:1C:7D
-        SHA256 7D:0F:A0:6A:EE:F6:8B:03:9F:EA:B9:97:BD:8E:FF:41:E9:81:FA:46:21:8B:13:C2:63:F0:3F:10:8A:F7:6A:DB
+        SHA1   uMvhMH66A8Pbvr9l/YBo+NPgHH0=
+        SHA256 fQ+gau72iwOf6rmXvY7/QemB+kYhixPCY/A/EIr3ats=
 
 
-    [`mail.fripost.org:443` (webmail)](https://crt.sh/?spkisha256=4877e788c11aa71798a39613ff68cffa7f96b2d35a62084332165469d2e53c39&iCAID=16418&exclude=expired)
+    [`mail.fripost.org:443`, `webmail.fripost.org:443` (webmail)](https://crt.sh/?spkisha256=4877e788c11aa71798a39613ff68cffa7f96b2d35a62084332165469d2e53c39&iCAID=16418&exclude=expired)
 
-        SHA1   4F:E7:42:40:98:35:51:CF:93:65:EF:F2:D1:7C:3C:46:60:64:2C:30
-        SHA256 48:77:E7:88:C1:1A:A7:17:98:A3:96:13:FF:68:CF:FA:7F:96:B2:D3:5A:62:08:43:32:16:54:69:D2:E5:3C:39
+        SHA1   T+dCQJg1Uc+TZe/y0Xw8RmBkLDA=
+        SHA256 SHfniMEapxeYo5YT/2jP+n+WstNaYghDMhZUadLlPDk=
 
 
     [`lists.fripost.org:443` (list manager)](https://crt.sh/?spkisha256=38bc7584e12a9c2752ffb660cd3cc097c220fc2c29cf9318f49f458ac860ebfd&iCAID=16418&exclude=expired)
 
-        SHA1   E9:45:89:19:95:44:B1:C7:61:C1:75:4B:A1:3F:8C:38:D4:10:A5:33
-        SHA256 38:BC:75:84:E1:2A:9C:27:52:FF:B6:60:CD:3C:C0:97:C2:20:FC:2C:29:CF:93:18:F4:9F:45:8A:C8:60:EB:FD
+        SHA1   6UWJGZVEscdhwXVLoT+MONQQpTM=
+        SHA256 OLx1hOEqnCdS/7ZgzTzAl8Ig/Cwpz5MY9J9Fishg6/0=
 
 
     [`git.fripost.org:443` (git server and its web interface)](https://crt.sh/?spkisha256=1cea225e00bbb68973677d5beb95336c02a1a42080ec8d2235d3bb344b8bd255&iCAID=16418&exclude=expired)
 
-        SHA1   02:D7:7C:F0:16:F4:55:0D:C3:6B:A1:C4:B6:95:1B:65:26:64:C8:28
-        SHA256 1C:EA:22:5E:00:BB:B6:89:73:67:7D:5B:EB:95:33:6C:02:A1:A4:20:80:EC:8D:22:35:D3:BB:34:4B:8B:D2:55
+        SHA1   Atd88Bb0VQ3Da6HEtpUbZSZkyCg=
+        SHA256 HOoiXgC7tolzZ31b65UzbAKhpCCA7I0iNdO7NEuL0lU=
 
  * SSH server
 
-- 
cgit v1.2.3