Change of certificates on the API libraries

The API client has Lookup certificates and their chain embedded into the library. We would need to update these and release a new version of the libraries before updating Lookup Web Server and LDAP SSL certificates.

Putting it as a placeholder and priority0 Highest as the certificate is expiry on the 1st of December and we need to give people warning in advance about the change.

Tasks:

• Update Python Library uis/devops/django/ucamlookup#16 (closed)
• Update PHP Library #5 (closed)
• Comms about updated libraries and change of certificate deadlines (briefing note) #8 (closed)
• Update https://www.lookup.cam.ac.uk/doc/ws-doc/ https://gitlab.developers.cam.ac.uk/uis/devops/iam/ibis/ibis/-/merge_requests/30 - needs deployment
• Remove unused certs !6 (merged)
• Update all apps that use these libraries
  • IAR: https://gitlab.developers.cam.ac.uk/uis/devops/iar/webapp/-/issues/36
  • Card API: https://gitlab.developers.cam.ac.uk/uis/devops/iam/card-database/card-api/-/issues/135
  • API Gateway login and consent app: uis/devops/api/login-and-consent-webapp#8 (closed)
  • tokens.uis: https://gitlab.developers.cam.ac.uk/uis/devops/network-access/network-access/-/issues/6
  • covid: https://gitlab.developers.cam.ac.uk/uis/devops/covid-pool/webapp/-/merge_requests/36
  • gsuite: https://gitlab.developers.cam.ac.uk/uis/devops/gsuite/preferences-webapp/-/merge_requests/14 deploy is https://gitlab.developers.cam.ac.uk/uis/devops/gsuite/deploy/-/merge_requests/11
  • lecture capture: uis/devops/lecture-capture/preferences-webapp!12 (merged)
  • shib metadata: https://gitlab.developers.cam.ac.uk/uis/devops/raven/shibboleth-metadata/-/merge_requests/32
  • research dashboard: https://gitlab.developers.cam.ac.uk/uis/devops/research-dashboard/webapp/-/merge_requests/244
  • tls certs: https://gitlab.developers.cam.ac.uk/uis/devops/tls-certificates/tlscerts/-/merge_requests/49
  • self service gateway: https://gitlab.developers.cam.ac.uk/uis/devops/ssgw/webapp/-/merge_requests/272
  • smi - consumes ucamlookup through automationcommon, will need a rebuild and deploy once automationcommon updated: uis/devops/django/automationcommon!19 (merged) - build pipeline running: https://gitlab.developers.cam.ac.uk/uis/devops/uga/smi/-/pipelines/134061
  • boilerplate: uis/devops/webapp-boilerplate!58 (merged)
• Smoke test one of the dev-group apps against Lookup test to ensure that they will accept the new certificate
  • @wgd23 has done this against the SMS running locally - as well as swapping the deployed passwords-test over to using Lookup test. All fine.