Remove quovadis chain

account/ldap.markdown

@@ -13,7 +13,7 @@ We run a 3-way cluster of replicating LDAP servers:
 
 `ldap{1,2,3}.phys.ethz.ch`
 
-Since LDAP is a service of such central importance, a cluster of 3 redundant nodes lets us sleep better at night. 
+Since LDAP is a service of such central importance, a cluster of 3 redundant nodes lets us sleep better at night.
 
 Technical details
 -----------------
@@ -36,13 +36,6 @@ ldap(s)://ldap1.phys.ethz.ch, ldap(s)://ldap2.phys.ethz.ch, ldap(s)://ldap3.phys
 
 The TLS certificates of the LDAP servers are issued/signed by [QuoVadis Limited](https://www.quovadisglobal.ch/Repository/DownloadRootsAndCRL.aspx)
 
-- Issuing Certificate: [QuoVadis Global SSL ICA G2](https://www.quovadisglobal.com/QVRepository/DownloadRootsAndCRL/QuoVadisGlobalSSLICAG2-PEM.aspx)
-- Root CA Certificate: [QuoVadis Root CA 2](https://www.quovadisglobal.com/QVRepository/DownloadRootsAndCRL/QuoVadisRootCA2-PEM.aspx)
-
-To establish a secure connection, one of these certificates has to be configured as a trusted certificate in your software/operating-system.
-
-On a recent version of most software/operating-systems, the `QuoVadis Root CA 2` should already be in the list of trusted certificate authorities. For example on Debian this certificate is at `/etc/ssl/certs/QuoVadis_Root_CA_2.pem` and included in `/etc/ssl/certs/ca-certificates.crt`.
-
 #### Restrict Access in Apache Webserver
 
 To configure the Apache Webserver to authenticate using a D-PHYS Account, you need to modify your `.htaccess` file, `<Directory>` block or `<Location>` block in the server configuration to look like the following: