Let's Encrypt has many subdomains, let's whitelist them all
This commit is contained in:
parent
6386509d3b
commit
6eb71daead
|
@ -64,15 +64,7 @@
|
|||
- name: Let's Encrypt OCSP server is authorized by squid
|
||||
lineinfile:
|
||||
dest: "{{ squid3_whitelist_files.stdout_lines | first }}"
|
||||
line: "{{ item }}"
|
||||
line: "http://.*.letsencrypt.org/.*"
|
||||
state: present
|
||||
notify: reload squid3
|
||||
with-items:
|
||||
- "http://acme-staging.api.letsencrypt.org/.*"
|
||||
- "http://ocsp.int-x1.letsencrypt.org/.*"
|
||||
- "http://ocsp.int-x2.letsencrypt.org/.*"
|
||||
- "http://ocsp.int-x3.letsencrypt.org/.*"
|
||||
- "http://ocsp.int-x4.letsencrypt.org/.*"
|
||||
- "http://ocsp.root-x1.letsencrypt.org/.*"
|
||||
- "http://ocsp.staging-x1.letsencrypt.org/.*"
|
||||
when: squid3_whitelist_files.stdout != ""
|
||||
|
|
|
@ -11,13 +11,7 @@ http://.*sa-update.*
|
|||
http://pear.php.net/.*
|
||||
|
||||
# Let's Encrypt
|
||||
http://acme-staging.api.letsencrypt.org/.*
|
||||
http://ocsp.int-x1.letsencrypt.org/.*
|
||||
http://ocsp.int-x2.letsencrypt.org/.*
|
||||
http://ocsp.int-x3.letsencrypt.org/.*
|
||||
http://ocsp.int-x4.letsencrypt.org/.*
|
||||
http://ocsp.root-x1.letsencrypt.org/.*
|
||||
http://ocsp.staging-x1.letsencrypt.org/.*
|
||||
http://.*.letsencrypt.org/.*
|
||||
|
||||
### CMS / Wordpress / Drupal / ...
|
||||
# Wordpress
|
||||
|
|
Loading…
Reference in a new issue