Make use of snakeoil certificates in default configuration files

etc_clearnet_proxy/nginx/nginx.conf

@@ -4,6 +4,7 @@ pid /run/nginx.pid;
 pcre_jit on;
 worker_rlimit_nofile 30000;
 worker_shutdown_timeout 1m;
+include /etc/nginx/modules-enabled/*.conf;
 
 events {
 	worker_connections 20000;
@@ -50,8 +51,8 @@ http {
 	ssl_early_data off;
 	ssl_stapling on;
 	ssl_stapling_verify on;
-	ssl_certificate /etc/acme.sh/danwin1210.de_ecc/fullchain.cer;
-	ssl_certificate_key /etc/acme.sh/danwin1210.de_ecc/danwin1210.de.key;
+	ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
+	ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
 	ssl_dhparam /etc/nginx/dh4096.pem;
 
 	##
@@ -119,8 +120,8 @@ stream {
 	ssl_ecdh_curve X448:X25519:secp521r1:secp384r1:secp256k1;
 	ssl_ciphers HIGH:!PSK:!RSA:!aNULL:!MD5:!SHA:!CAMELLIA:!AES+SHA256:!AES+SHA384;
 	ssl_session_cache shared:SSLSTREAM:10m;
-	ssl_certificate /etc/acme.sh/danwin1210.de_ecc/fullchain.cer;
-	ssl_certificate_key /etc/acme.sh/danwin1210.de_ecc/danwin1210.de.key;
+	ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem
+	ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
 	ssl_dhparam /etc/nginx/dh4096.pem;
 	#smtp
 	server {

etc_clearnet_proxy/postfix/main.cf

@@ -15,8 +15,8 @@ readme_directory = no
 compatibility_level=3.6
 
 # TLS parameters
-smtpd_tls_cert_file=/etc/acme.sh/danwin1210.de_ecc/fullchain.cer
-smtpd_tls_key_file=/etc/acme.sh/danwin1210.de_ecc/danwin1210.de.key
+smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
+smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
 smtpd_tls_ciphers = HIGH

etc_clearnet_proxy/turnserver.conf

@@ -457,7 +457,7 @@ realm=danwin1210.de
 # Use PEM file format.
 #
 #cert=/usr/local/etc/turn_server_cert.pem
-cert=/etc/acme.sh/danwin1210.de_ecc/fullchain.cer
+cert=/etc/ssl/certs/ssl-cert-snakeoil.pem
 
 # Private key file.
 # Use an absolute path or path relative to the
@@ -465,7 +465,7 @@ cert=/etc/acme.sh/danwin1210.de_ecc/fullchain.cer
 # Use PEM file format.
 #
 #pkey=/usr/local/etc/turn_server_pkey.pem
-pkey=/etc/acme.sh/danwin1210.de_ecc/danwin1210.de.key
+pkey=/etc/ssl/private/ssl-cert-snakeoil.key
 
 # Private key file password, if it is in encoded format.
 # This option has no default value.