https support for fxos.cdn.mozilla.net

VERIFIED FIXED

Status

Cloud Services
Operations: Deployment Requests
VERIFIED FIXED
4 years ago
4 years ago

People

(Reporter: kgrandon, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

4 years ago
We are currently utilizing a CDN for Firefox OS only for a few images, but we would now like to start leveraging it for some scripts as well. In order to leverage this, we would like to add https support for this the CDN at: fxos.cdn.mozilla.net.
(Reporter)

Comment 1

4 years ago
Benson - Could you let us know which component these types of bugs for the CDN would best go into? Thanks!
Flags: needinfo?(bwong)
The place to put these is in: Mozilla Services :: Operations: Deployment Requests

We'll need to get a new SSL certificate for this. Is it ok if we support TLS SNI only? Otherwise our costs will be quite a bit more / month as we'll require a dedicated IP address.
Flags: needinfo?(bwong)
(Reporter)

Comment 3

4 years ago
(In reply to Benson Wong [:mostlygeek] from comment #2)
> The place to put these is in: Mozilla Services :: Operations: Deployment
> Requests
> 
> We'll need to get a new SSL certificate for this. Is it ok if we support TLS
> SNI only? Otherwise our costs will be quite a bit more / month as we'll
> require a dedicated IP address.

I believe this is *only* needed for FxOS devices which should support SNI afaik.
Component: Gaia → Operations: Deployment Requests
Product: Firefox OS → Mozilla Services
Seems like we have a *.cdn.mozilla.net SSL cert. We should be able to get this into AWS and get it on the CDN.

Updated

4 years ago
Depends on: 1055791
cloudfront is still updating globally but: 

bwong-09481:tiles bwong$ curl -v https://fxos.cdn.mozilla.net/addi-frozen-cake.jpg > /dev/null
* Adding handle: conn: 0x7fa8d2804400
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7fa8d2804400) send_pipe: 1, recv_pipe: 0
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* About to connect() to fxos.cdn.mozilla.net port 443 (#0)
*   Trying 54.230.143.133...
* Connected to fxos.cdn.mozilla.net (54.230.143.133) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
* Server certificate: fxos.cdn.mozilla.net
* Server certificate: DigiCert SHA2 Secure Server CA
* Server certificate: DigiCert Global Root CA
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0> GET /addi-frozen-cake.jpg HTTP/1.1
> User-Agent: curl/7.30.0
> Host: fxos.cdn.mozilla.net
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Type: image/jpeg
< Content-Length: 160075
< Connection: keep-alive
< Date: Tue, 19 Aug 2014 21:31:24 GMT
< Last-Modified: Fri, 04 Jul 2014 16:23:12 GMT
< ETag: "b01ab1f58eb4e4f43a31d5beb0d4b479"
* Server AmazonS3 is not blacklisted
< Server: AmazonS3
< Age: 17
< X-Cache: Hit from cloudfront
< Via: 1.1 17d8abe7315d00a9aa5a5ff2e9c3ee62.cloudfront.net (CloudFront)
< X-Amz-Cf-Id: ZJWJQI2q_qXSCjH-D8fEq4-jiK71ptvW2lSLHhAPXNthaSqbuUcacA==
<
{ [data not shown]
100  156k  100  156k    0     0   216k      0 --:--:-- --:--:-- --:--:--  216k
* Connection #0 to host fxos.cdn.mozilla.net left intact
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
Status: RESOLVED → VERIFIED
Kevin, should we file another bug to change the reference to the CDN to HTTPS?
Flags: needinfo?(kgrandon)
(Reporter)

Comment 7

4 years ago
(In reply to Tim Guan-tin Chien [:timdream] (MoCo-TPE) (please ni?) from comment #6)
> Kevin, should we file another bug to change the reference to the CDN to
> HTTPS?

We currently only use the cdn for static image assets. I would normally say that it probably isn't needed but if you feel strongly that it is, go ahead and file a bug and CC me.
Flags: needinfo?(kgrandon)
(In reply to Kevin Grandon :kgrandon from comment #7)
> We currently only use the cdn for static image assets. I would normally say
> that it probably isn't needed but if you feel strongly that it is, go ahead
> and file a bug and CC me.

Filed bug 1056481.
You need to log in before you can comment on or make changes to this bug.