Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

release: consume auto-rotated SSL certificate #797

Merged
merged 1 commit into from
Jul 21, 2022
Merged

release: consume auto-rotated SSL certificate #797

merged 1 commit into from
Jul 21, 2022

Conversation

ldennington
Copy link
Contributor

Update release workflows to consume new autorotated SSL certificate. There
are two main parts:

  1. Add the "SendX5c" : "true" key value pair to the contents of our ESRP
    Auth Json file. This allows us to use the new auto-rotating certificate
    without having to upload/manage it from our App Registration.i

  2. Remove the AZURE_AAD_ID_SSL secret/environment variable. The new
    certificate was generated with our main AZURE_AAD_ID app registration, so
    this extra ID is no longer needed.

You can find my successful test run with these changes here.

@ldennington
release: consume auto-rotated SSL certificate
f3aa617 
Update release workflows to consume new autorotated SSL certificate. There
are two main parts:

1. Add the "SendX5c" : "true" key value pair to the contents of our ESRP
Auth Json file. This allows us to use the new auto-rotating certificate
without having to upload/manage it from our App Registration.i

2. Remove the AZURE_AAD_ID_SSL secret/environment variable. The new
certificate was generated with our main AZURE_AAD_ID app registration, so
this extra ID is no longer needed.
mjcheetham
mjcheetham approved these changes Jul 21, 2022
View reviewed changes
Copy link
Collaborator

@mjcheetham mjcheetham left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚀

I assume this also requires that we update the secret variable values in this repo to point to the new cert? Or is the cert downloaded from KV going to have the same identifier for each auto-renewal?

@ldennington ldennington merged commit 2d79a03 into git-ecosystem:main Jul 21, 2022
@ldennington ldennington mentioned this pull request Nov 3, 2022
Merged
@ldennington ldennington deleted the ssl-cert-updates branch July 12, 2023 18:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mjcheetham mjcheetham mjcheetham approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ldennington @mjcheetham