X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/643f28e4f32f013c16d04378d7d1f3dd7d8edc17..7797ba038f496cb453193df985523e0dc5c435ec:/cookbooks/ssl/recipes/default.rb

diff --git a/cookbooks/ssl/recipes/default.rb b/cookbooks/ssl/recipes/default.rb
index 6dcc02444..ccb3508be 100644
--- a/cookbooks/ssl/recipes/default.rb
+++ b/cookbooks/ssl/recipes/default.rb
@@ -8,7 +8,7 @@
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#     http://www.apache.org/licenses/LICENSE-2.0
+#     https://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
@@ -20,21 +20,15 @@
 package "openssl"
 package "ssl-cert"
 
-%w(letsencrypt dhparam).each do |certificate|
-  cookbook_file "/etc/ssl/certs/#{certificate}.pem" do
-    owner "root"
-    group "root"
-    mode 0o444
-    backup false
-  end
+cookbook_file "/etc/ssl/certs/letsencrypt.pem" do
+  owner "root"
+  group "root"
+  mode 0o444
+  backup false
 end
 
-["openstreetmap", "tile.openstreetmap", "osmfoundation", "rapidssl", "startcom"].each do |certificate|
-  file "/etc/ssl/certs/#{certificate}.pem" do
-    action :delete
-  end
-
-  file "/etc/ssl/private/#{certificate}.key" do
-    action :delete
-  end
+openssl_dhparam "/etc/ssl/certs/dhparam.pem" do
+  owner "root"
+  group "root"
+  mode 0o444
 end