Eevans has uploaded a new change for review. ( https://gerrit.wikimedia.org/r/383608 )
Change subject: Add key material for new deployment-prep Cassandra nodes ...................................................................... Add key material for new deployment-prep Cassandra nodes Change-Id: I35f049aa476232edc519c8a253c9b378cf27050b --- A modules/secret/secrets/cassandra/services-labs.yaml A modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-01/deployment-cassandra3-01.crt A modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-01/deployment-cassandra3-01.csr A modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-01/deployment-cassandra3-01.kst A modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-02/deployment-cassandra3-02.crt A modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-02/deployment-cassandra3-02.csr A modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-02/deployment-cassandra3-02.kst A modules/secret/secrets/cassandra/services-labs/rootCa.crt A modules/secret/secrets/cassandra/services-labs/rootCa.key A modules/secret/secrets/cassandra/services-labs/rootCa.srl A modules/secret/secrets/cassandra/services-labs/truststore 11 files changed, 147 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/labs/private refs/changes/08/383608/1 diff --git a/modules/secret/secrets/cassandra/services-labs.yaml b/modules/secret/secrets/cassandra/services-labs.yaml new file mode 100644 index 0000000..bbd5761 --- /dev/null +++ b/modules/secret/secrets/cassandra/services-labs.yaml @@ -0,0 +1,26 @@ +base_directory: /srv/private/modules/secret/secrets/cassandra/services-labs/ +authority: + cert: &ca_cert + subject: + organization: WMF + country: US + unit: services-labs + valid: 18250 + password: placeholder + +cert: &instance_cert + subject: + organization: WMF + country: US + unit: services-dev + +keystores: + - name: deployment-cassandra3-01 + cert: + <<: *instance_cert + password: placeholder + + - name: deployment-cassandra3-02 + cert: + <<: *instance_cert + password: placeholder diff --git a/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-01/deployment-cassandra3-01.crt b/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-01/deployment-cassandra3-01.crt new file mode 100644 index 0000000..b7f0638 --- /dev/null +++ b/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-01/deployment-cassandra3-01.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDFTCCAf0CCQDrYdiMT0KjQDANBgkqhkiG9w0BAQsFADBEMQ8wDQYDVQQDDAZy +b290Q2ExFjAUBgNVBAsMDXNlcnZpY2VzLWxhYnMxDDAKBgNVBAoMA1dNRjELMAkG +A1UEBhMCVVMwHhcNMTcxMDExMTYyMTQwWhcNMTgxMDExMTYyMTQwWjBVMQswCQYD +VQQGEwJVUzEMMAoGA1UEChMDV01GMRUwEwYDVQQLEwxzZXJ2aWNlcy1kZXYxITAf +BgNVBAMTGGRlcGxveW1lbnQtY2Fzc2FuZHJhMy0wMTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAKXsgVo/gp/cP1uNOGk8VRtY4Zc/dphTdlU/1DHHZHnI +gjWtwkVaj90O541tEYHG43IVcgFF5pjNC3Basr3Dx52QaLTaHNyAVD+cp6Kq3MXP +CeQwW3HcipJfQpiP+ZtXQ/mNMFGyqHfmPqkpK8uOwn5yeuX1v/oeE3QaO1byfWHo +IRrT9d+a9pX7MUIBIQeml1/psgJiVuI6VfQ+ti+xfAKOhLyCrR+BwOJD9NzjrLAW +y1dPtlcXFOqtPJoosjPaSs/e7FK8raZyTxZFU0sGC8RbrvOU7KwFvm10tnoGg5HL +ryr8yGjphjG5V2I+P2sIV3dxJ7tNNIB+Lcm0ZFeFyQsCAwEAATANBgkqhkiG9w0B +AQsFAAOCAQEAcpb+Ghpt7yj1Lka5gX2tdviQjv42k630RxDSyloovzLLJvEfX76q +WMlbEEBUmW2Efb8uJpgz7VfCKbVH1bHTeSdK9db/aUt9jVTisen1X2uwow4lyNuM +jODF/cKPjgZElhLqGWZqTLKD7LGWP46vl0D2HY68ccPBFzzvGeriTt0bPR0OIJSg +HuzLgNWfm/ykXBKDNfbdUzsvlgA628R+0ljpvaPvcVIA33Y9y/H4txpmoI3oc7bx +kblfRL5jzcVp9g8jwaL/sAGd3lNBFFRaoUg0PFNrZfhX4K3VYc46AwPRlG7g9pnB +ZeeBCm+hOpYX1AyMwwK9gph55RK9D5V3+A== +-----END CERTIFICATE----- diff --git a/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-01/deployment-cassandra3-01.csr b/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-01/deployment-cassandra3-01.csr new file mode 100644 index 0000000..d89870a --- /dev/null +++ b/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-01/deployment-cassandra3-01.csr @@ -0,0 +1,17 @@ +-----BEGIN NEW CERTIFICATE REQUEST----- +MIICyjCCAbICAQAwVTELMAkGA1UEBhMCVVMxDDAKBgNVBAoTA1dNRjEVMBMGA1UE +CxMMc2VydmljZXMtZGV2MSEwHwYDVQQDExhkZXBsb3ltZW50LWNhc3NhbmRyYTMt +MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl7IFaP4Kf3D9bjThp +PFUbWOGXP3aYU3ZVP9Qxx2R5yII1rcJFWo/dDueNbRGBxuNyFXIBReaYzQtwWrK9 +w8edkGi02hzcgFQ/nKeiqtzFzwnkMFtx3IqSX0KYj/mbV0P5jTBRsqh35j6pKSvL +jsJ+cnrl9b/6HhN0GjtW8n1h6CEa0/XfmvaV+zFCASEHppdf6bICYlbiOlX0PrYv +sXwCjoS8gq0fgcDiQ/Tc46ywFstXT7ZXFxTqrTyaKLIz2krP3uxSvK2mck8WRVNL +BgvEW67zlOysBb5tdLZ6BoORy68q/Mho6YYxuVdiPj9rCFd3cSe7TTSAfi3JtGRX +hckLAgMBAAGgMDAuBgkqhkiG9w0BCQ4xITAfMB0GA1UdDgQWBBTb1cKqr8ukaBDe +upFaYZos1v2yqTANBgkqhkiG9w0BAQsFAAOCAQEAByCKF31TfPmJu580Vqpfkq/A +nH/2+4A1K3ZTXsUrHgv3Ujruw+ACDOnkOxrcrFIqzvfV0/yAvB+zEB6f84y0uv1E +jLPiSOcdLiMghxrDzznMUb5vqyXoMxEVk6Wa5Z54/mC7CMB7gqNt3RSQb/8jMJpJ +JyMvETNquSMEMksUHvlayBo7InkDNSk2nDZpixpCtStJLYDRKCK2lzfiqSr44jAH +uxcnmKxN/5DrGMm9ou7e+MxIF3bvjtzzfK2Rd37y07VbrC7LocoSNNxx5OPd1XHK +VxwQlMKQvC8pZuQVrk7TORceQX5ueumG2mPSZ8yiUROK0AJfu3ItpfwvUbKoYw== +-----END NEW CERTIFICATE REQUEST----- diff --git a/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-01/deployment-cassandra3-01.kst b/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-01/deployment-cassandra3-01.kst new file mode 100644 index 0000000..ceed41f --- /dev/null +++ b/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-01/deployment-cassandra3-01.kst Binary files differ diff --git a/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-02/deployment-cassandra3-02.crt b/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-02/deployment-cassandra3-02.crt new file mode 100644 index 0000000..2d3f68e --- /dev/null +++ b/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-02/deployment-cassandra3-02.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDFTCCAf0CCQDrYdiMT0KjQTANBgkqhkiG9w0BAQsFADBEMQ8wDQYDVQQDDAZy +b290Q2ExFjAUBgNVBAsMDXNlcnZpY2VzLWxhYnMxDDAKBgNVBAoMA1dNRjELMAkG +A1UEBhMCVVMwHhcNMTcxMDExMTYyMTQyWhcNMTgxMDExMTYyMTQyWjBVMQswCQYD +VQQGEwJVUzEMMAoGA1UEChMDV01GMRUwEwYDVQQLEwxzZXJ2aWNlcy1kZXYxITAf +BgNVBAMTGGRlcGxveW1lbnQtY2Fzc2FuZHJhMy0wMjCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANKIQQMQsYIcLF2bACMRq2/775y1NIkK5opwron5w0L+ +KJMqmSd7J1aMNxRDfUWKIvuathKb23mGHr6lbfHIVA5Odg1NpxAbbUsjHrZMbr1Q +9PEB6b4wTa61UwvfUeGiffycPohjayJXxdVWX8Ecpyv9pdAk/vhOl10vcqCgf2eh +kMKPcR2ce5JEkR/yRB7Sk+LyoOyRvSCiG3br5eVjzp2SjU7hqbUc8l0ly2DQEBHt +Vj7k0EwxDJqqFkudXxNGel660xWguLGyuZcK1ZmvcE4uzfC/PF9zR01BnBJBvbO5 +2IlrBSXohwl7tPdKdszNOkfUuMp6cxN1HkhPFV5o3jkCAwEAATANBgkqhkiG9w0B +AQsFAAOCAQEAWNhN2ZAHCnT0qdmPt6plWMXp2MWJU6qFWKHPs+xHwxfSlJzAC9Ut +LEFzxw0zpIFOPfEjlkOZRoz36IEZzexEMrXUoMJUWzrpfIs7ZVOTP8SVIt/+eEq7 +IoxZGY+d6JQqJ4bverE3rZZZnLVjLo5kKY3Viuv/76e3DXEvjhf3+CAPJdXPBTBo +KNM1YXhvpkmcdhlOyG83LAhC80J07Q+vPEDQapWltt7UM9HBMje7tl0XUyBrxEvc +AA2yKC6yJAAlCD7VSUgiC4eLCR1xeCYg7k22AAUI5+fdccGSepo3bAtTTKsekNoI +HHp4Us0Mlf80ThI5dp5AORDeBuToShEF5Q== +-----END CERTIFICATE----- diff --git a/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-02/deployment-cassandra3-02.csr b/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-02/deployment-cassandra3-02.csr new file mode 100644 index 0000000..c89f045 --- /dev/null +++ b/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-02/deployment-cassandra3-02.csr @@ -0,0 +1,17 @@ +-----BEGIN NEW CERTIFICATE REQUEST----- +MIICyjCCAbICAQAwVTELMAkGA1UEBhMCVVMxDDAKBgNVBAoTA1dNRjEVMBMGA1UE +CxMMc2VydmljZXMtZGV2MSEwHwYDVQQDExhkZXBsb3ltZW50LWNhc3NhbmRyYTMt +MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSiEEDELGCHCxdmwAj +Eatv+++ctTSJCuaKcK6J+cNC/iiTKpkneydWjDcUQ31FiiL7mrYSm9t5hh6+pW3x +yFQOTnYNTacQG21LIx62TG69UPTxAem+ME2utVML31Hhon38nD6IY2siV8XVVl/B +HKcr/aXQJP74TpddL3KgoH9noZDCj3EdnHuSRJEf8kQe0pPi8qDskb0goht26+Xl +Y86dko1O4am1HPJdJctg0BAR7VY+5NBMMQyaqhZLnV8TRnpeutMVoLixsrmXCtWZ +r3BOLs3wvzxfc0dNQZwSQb2zudiJawUl6IcJe7T3SnbMzTpH1LjKenMTdR5ITxVe +aN45AgMBAAGgMDAuBgkqhkiG9w0BCQ4xITAfMB0GA1UdDgQWBBSRZ6iKwrwVzXsf +RxZ4EtdCNR+6azANBgkqhkiG9w0BAQsFAAOCAQEAZxMTwQKvbR8etqwrr3oEKa8H +zfH8UC/ksO8nQXtq94wHZGw6uiI7opqFNpWjLUfjrFhfMtq8bi0+z/+VAqIcYbCF +sd0Uji93sWB6YAgpWCEEmpuXtuj2igQ6hbRHOukbQq+G8dQY7Xb3H9WwE8YwGIxu +G4L973q9lAOe6C2tQI9+vqhqhfxxKjFQg+JbzDbw1/0kk1DUuW6VOJcFPPbv76/y +ph+lHRHa0SjJMQnrqgbQ1lFlsnBwsAxRcCaSywk46hXUKMCJm8akaN2FUHz7c+E2 +rkYlYOuU5UmlPdSyqM+Qu72i6PPkinEtEcTU7uQhH4Bep2Zef7/GSEZbT25oyQ== +-----END NEW CERTIFICATE REQUEST----- diff --git a/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-02/deployment-cassandra3-02.kst b/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-02/deployment-cassandra3-02.kst new file mode 100644 index 0000000..49cf674 --- /dev/null +++ b/modules/secret/secrets/cassandra/services-labs/deployment-cassandra3-02/deployment-cassandra3-02.kst Binary files differ diff --git a/modules/secret/secrets/cassandra/services-labs/rootCa.crt b/modules/secret/secrets/cassandra/services-labs/rootCa.crt new file mode 100644 index 0000000..59d6e03 --- /dev/null +++ b/modules/secret/secrets/cassandra/services-labs/rootCa.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDYDCCAkigAwIBAgIJANaA210fToOOMA0GCSqGSIb3DQEBCwUAMEQxDzANBgNV +BAMMBnJvb3RDYTEWMBQGA1UECwwNc2VydmljZXMtbGFiczEMMAoGA1UECgwDV01G +MQswCQYDVQQGEwJVUzAgFw0xNzEwMTExNjIxMzlaGA8yMDY3MDkyOTE2MjEzOVow +RDEPMA0GA1UEAwwGcm9vdENhMRYwFAYDVQQLDA1zZXJ2aWNlcy1sYWJzMQwwCgYD +VQQKDANXTUYxCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAq/od9i0Eu/4zoWtbZLSK3/3DriCwe6HOXb6h81nqvmDCKBnqwGTtmBvo +G7ze3mJJAUN4kT+1BIvTk6bwFuUKlB/SqbmGvvQB6pmKQ2jyPapY2x55JYhg2KYW +LJQFKgyObDqPTGautpZhCGn0lmwnzbWCjIdpZjPGeINCc1HRbUHJv5ZaQpPQSGzt +yRZe1btrBP/JF45yjmoy+pWlvVjyW5n4ItWKVqKgGbq3eJZtMtqJe8kpXuUngfOk +GK9enAoLKAz8eS4EQJT0CY0sngh/In9w1fubb2B9e3p3jw0iDAkBAfjHIhhk3YRl +7FT0pnm03Wubl9y9vxQn4mXCuYeKzwIDAQABo1MwUTAdBgNVHQ4EFgQUSG38R8qt +tpQASn2pgkGFnGfBcF4wHwYDVR0jBBgwFoAUSG38R8qttpQASn2pgkGFnGfBcF4w +DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEADmxi8yj+UKq9OuDb +7bTO8Pbq0KUdVR4THPRVDd9sgrsd0+FUoCn2Ladyi2CV/zlm0XHh3GOYmRVsxJi9 +2q3Its3rppLaufLr/XehamWg3bDRkvBrYO53rQRc0IfWjxHbp1teu+KejIErKEfy +mtnevZ2pV9KR+TpaRb1768dxW/bqRk0pblLaF7Hi4yMZGw8tos/w+nU3xA7KcBby +Mqu76Wcgr6tLIZuGhzHHSw+AvkkNlS7piyFVf6JS73dSwQA8oENI265yVxqRjALx +S6+RkysyCzVwjSoGUGh+1Gw+ATCOrI43qOECie/BS0KE+TUOlmJfbxnSMUckVsV5 +JIq6jA== +-----END CERTIFICATE----- diff --git a/modules/secret/secrets/cassandra/services-labs/rootCa.key b/modules/secret/secrets/cassandra/services-labs/rootCa.key new file mode 100644 index 0000000..9754f94 --- /dev/null +++ b/modules/secret/secrets/cassandra/services-labs/rootCa.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAq/od9i0Eu/4zoWtbZLSK3/3DriCwe6HOXb6h81nqvmDCKBnq +wGTtmBvoG7ze3mJJAUN4kT+1BIvTk6bwFuUKlB/SqbmGvvQB6pmKQ2jyPapY2x55 +JYhg2KYWLJQFKgyObDqPTGautpZhCGn0lmwnzbWCjIdpZjPGeINCc1HRbUHJv5Za +QpPQSGztyRZe1btrBP/JF45yjmoy+pWlvVjyW5n4ItWKVqKgGbq3eJZtMtqJe8kp +XuUngfOkGK9enAoLKAz8eS4EQJT0CY0sngh/In9w1fubb2B9e3p3jw0iDAkBAfjH +Ihhk3YRl7FT0pnm03Wubl9y9vxQn4mXCuYeKzwIDAQABAoIBAC1eUVMlMy+I8wPt +d3HMsyo+HsYr94LV/8P5S24QVX4dtnqvw583wPo0unm+zKisEwhTTVY8ETv+yzUT +gBj6GV1UO9XsjKCJbIwAL1pzMByWeNRtaJY/MRVWU1k1P1uFbnkcxbrpB8RBTZ3T +neOk6qc48BS0kFiW5g/ayMf1WKNSnbFHVz0stgFrXdkZoEA8Wt+7IJXmVBugxvfc +y9ROEka9KNYwqRTCXtYjDMqKH4nxtogV8V1nmJ0pBbJAbf3KANh/utvJm9WeDipX +wFatLu+lj0iupAyrInP8VZJCN42nyyx6389pp49QrnLiKzUdn2nKGTwYKa2UAVSx +eoUthhECgYEA4XVYX6ZHHgffr4kVCC0Fwt7sSTwVfa38jlfXHqFA834cwcIG3aBO +GVsUVzjkue4ltOor7lg2UWQTdyrIEBbJ3TGRSeJthmOqFBNReIU7001ugjIchu+r +BjbyquJr/0Uyn76kGzJlFjrFX7pLUWSDQjOKgJ7tcusJYviPwsrb9CcCgYEAw0YY +es2E5sGXEjTv8yR87d/Fo5Yh0Q8WURlxBGQhuuN6wr6LMdYwOa5ZVe8wbt+VvkHq +UxFUcFJMV/Ccgy+moqKm004OkznsKpGmWVZ6aKAYAtGRNqd+KNj1w3wy02IGiQBQ +JrKhCR3oeQfukamhNdwJx7WOeNZ5oZ4lFNC+lRkCgYBb15qFdE3aLOjxL81yhCyp +onfsqV4z0VFlhuDp6FR2HDSItYpoc+n8qD6T/WgnWZzgotf8gtC1vSe0zqeq7i2T +PqLpzyRAr47UGL6CcvvY6t0Oim1WhoFLycx20j+eQEkMC/P75D6LnKtUgKY35NMX +f7l3BcbCnn43Y/vkJREO1wKBgFAoN+hA8OsgUHkizdSLB9VFZAWwnRUKEmkb/m6F +A+uJcVz7hnvgpk8nKHjEBKeelANTX3LVzEmHHtuCY1zedJKSHdTjV8xLnIwk2ZoW +i4zjGrgdenRq8LinxsqF8v8eX/xg6oXYEY6CfmkgPmgAr7JCLqmR93fW4nrbRfFz +dqgRAoGAcaXhV/to9XOeePUNrNj7jNoYtcCOSGtzWrwZqVEZ4S8szy2GUIoCpyR8 +Psl0Q9aWXoXRJtElaSpMb9pwzkSjjzWSlcNn4/1gfB3xXld/cwahzfVNTD61mQHs +yYKqKDNRi6LD01WCwy4Ghhm1RIOYhTAHlEORD1MmLd6jM4edw1U= +-----END RSA PRIVATE KEY----- diff --git a/modules/secret/secrets/cassandra/services-labs/rootCa.srl b/modules/secret/secrets/cassandra/services-labs/rootCa.srl new file mode 100644 index 0000000..b811798 --- /dev/null +++ b/modules/secret/secrets/cassandra/services-labs/rootCa.srl @@ -0,0 +1 @@ +EB61D88C4F42A341 diff --git a/modules/secret/secrets/cassandra/services-labs/truststore b/modules/secret/secrets/cassandra/services-labs/truststore new file mode 100644 index 0000000..b37d758 --- /dev/null +++ b/modules/secret/secrets/cassandra/services-labs/truststore Binary files differ -- To view, visit https://gerrit.wikimedia.org/r/383608 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I35f049aa476232edc519c8a253c9b378cf27050b Gerrit-PatchSet: 1 Gerrit-Project: labs/private Gerrit-Branch: master Gerrit-Owner: Eevans <eev...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
