SSL Certificate renewals needed for multiple certificates
An execution of the Gitlab Certificate Checker which runs against certs in Chef Vault and GCS has highlighted the following
Certificates in Warning
The following certificates will expire in the next 30 days
| subject | source | path | dates |
|---|---|---|---|
| subject=OU = Domain Control Validated, OU = PositiveSSL Wildcard, CN = *.design.gitlab.com | chef-vault | /tmp/certificate-report._zd0qlfn/chef-vault/design-gitlab-com/prd51 | notBefore=Feb 27 00:00:00 2019 GMT notAfter=Apr 27 23:59:59 2020 GMT |
| subject=OU = Domain Control Validated, OU = PositiveSSL, CN = license.gitlab.com | chef-vault | /tmp/certificate-report._zd0qlfn/chef-vault/license-gitlab-com/_default9 | notBefore=Mar 14 00:00:00 2019 GMT notAfter=May 12 23:59:59 2020 GMT |
| subject=OU = Domain Control Validated, OU = PositiveSSL, CN = hub.gitlab.com | chef-vault | /tmp/certificate-report._zd0qlfn/chef-vault/about-gitlab-com/_default89 | notBefore=May 2 00:00:00 2019 GMT notAfter=May 2 23:59:59 2020 GMT |
| subject=OU = Domain Control Validated, OU = PositiveSSL, CN = version.gitlab.com | chef-vault | /tmp/certificate-report._zd0qlfn/chef-vault/version-gitlab-com/_default6 | notBefore=Mar 12 00:00:00 2019 GMT notAfter=May 10 23:59:59 2020 GMT |
| subject=OU = Domain Control Validated, OU = PositiveSSL Multi-Domain, CN = gitlab.com | gcs | /tmp/certificate-report._zd0qlfn/gcs/gprd7 | notBefore=Jun 27 00:00:00 2019 GMT notAfter=May 11 23:59:59 2020 GMT |
| subject=OU = Domain Control Validated, OU = PositiveSSL, CN = version.gitlab.com | gcs | /tmp/certificate-report._zd0qlfn/gcs/gprd32 | notBefore=Mar 12 00:00:00 2019 GMT notAfter=May 10 23:59:59 2020 GMT |
| subject=OU = Domain Control Validated, OU = PositiveSSL Multi-Domain, CN = gitlab.com | gcs | /tmp/certificate-report._zd0qlfn/gcs/gprd22 | notBefore=Mar 13 00:00:00 2019 GMT notAfter=May 11 23:59:59 2020 GMT |
| subject=OU = Domain Control Validated, OU = PositiveSSL Multi-Domain, CN = pre.gitlab.com | gcs | /tmp/certificate-report._zd0qlfn/gcs-ops/dev7 | notBefore=Apr 29 00:00:00 2019 GMT notAfter=Apr 29 23:59:59 2020 GMT |
Considering the significance of some of these certs (license, design, version, and gitlab.com itself) we should make sure these certs are upgraded well in advance.
/cc @dawsmith @AnthonySandoval