<https://servo-buildbot.pub.build.mozilla.org/> gives an untrusted connection error because its cert is issued for secure.pub.build.mozilla.org.
It's not available on https, and since we have so many vhosts and a finite number of IPs, we host several sites on the same IP. So the cert served by :443 isn't for this particular vhost (it's probably for secure.pub.b.m.o). httpseverywhere is pretty fundamentally broken, imho -- the assumption that it can just randomly change the protocol for a site and expect it to work is pretty bogus. But it's what we've got. Anyway, maybe WebOps has a way of dealing with this?
Assignee: relops → server-ops-webops
Component: RelOps → WebOps: Other
QA Contact: arich → nmaul
Whiteboard: [kanban:https://kanbanize.com/ctrl_board/4/197] → [kanban:https://webops.kanbanize.com/ctrl_board/2/25]
The current certificate for that VIP is: Issuer: C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA Subject: C=US, ST=CA, L=Mountain View, O=Mozilla Foundation, CN=secure.pub.build.mozilla.org X509v3 Subject Alternative Name: DNS:secure.pub.build.mozilla.org Is it worth reissuing the DigiCert certificate to include a new SAN for servo-buildbot?
I thought this bug had been closed; we no longer use this domain, so there probably isn't a need.
Thanks for the update!
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.