On Sat, Mar 17, 2018 at 12:02:40PM -0700, Kevin Fenzi wrote:
Greetings.
Our current crl.pem for fedmsg (cert revocation list) expires on monday.
I'd like to regenerate it with a expire time out 6 months and push it out to all hosts that use fedmsg, hopefully asap.
So, this is:
- Generate new crl.pem for fedmsg in ansible-private.
- Run proxy playbooks with -t fedmsg/proxy to copy the new crl.pem to
https://fedoraproject.org/fedmsg/crl.pem
- fedmsg using services should download it and use it.
+1 for me Note that may impact services running newer fedmsg where it is defined as a path and not an url.
Pierre