Per discussion, Stream 9 content will be delivered differently, including for a new metalink system, served through MirrorManager and not through actual system in place.

As it will be served from Fedora Infratructure side, we need to request (and so hand over) a new mirrors.centos.org TLS cert that will be deployed on the Fedora proxies in front of mirrormanager frontends

DoD:

• private key and csr created and crypted in a git pkistore repo
• Digicert signed cert retrieved and stored  in said repo
• securely transmitted to fedora infra to be applied on their infra (will probably need another ticket in another tracker)