From 2afcc62cc60c55a717e91815ba1758a10cf9c209 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Mar 03 2022 22:17:55 +0000
Subject: proxies: update *.id.fedoraproject.org wildcard to 2022 version


The old 2020 cert expires on 2022-03-07 which is only 5 days from now.
This moves it to a new 2022 cert that lasts 1 year.
This will need the proxies playbook run after it's pushed.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>

---

diff --git a/playbooks/include/proxies-certificates.yml b/playbooks/include/proxies-certificates.yml
index fe521ec..babfbf7 100644
--- a/playbooks/include/proxies-certificates.yml
+++ b/playbooks/include/proxies-certificates.yml
@@ -24,8 +24,8 @@
     SSLCertificateChainFile: wildcard-2022.fedoraproject.org.intermediate.cert
 
   - role: httpd/certificate
-    certname: wildcard-2020.id.fedoraproject.org
-    SSLCertificateChainFile: wildcard-2020.id.fedoraproject.org.intermediate.cert
+    certname: wildcard-2022.id.fedoraproject.org
+    SSLCertificateChainFile: wildcard-2022.id.fedoraproject.org.intermediate.cert
 
   - role: httpd/certificate
     certname: wildcard-2020.stg.fedoraproject.org
diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml
index 0297d0f..006ee99 100644
--- a/playbooks/include/proxies-websites.yml
+++ b/playbooks/include/proxies-websites.yml
@@ -835,8 +835,8 @@
     # Must not be sslonly, because example.id.fedoraproject.org must be reachable
     # via plain http for openid identity support
     sslonly: false
-    cert_name: wildcard-2020.id.fedoraproject.org
-    SSLCertificateChainFile: wildcard-2020.id.fedoraproject.org.intermediate.cert
+    cert_name: wildcard-2022.id.fedoraproject.org
+    SSLCertificateChainFile: wildcard-2022.id.fedoraproject.org.intermediate.cert
     tags:
     - id.fedoraproject.org
     when: env == "production"