Closed Bug 1238938 Opened 5 years ago Closed 5 years ago

hg.mozilla.org still uses SHA-1 certificate

Categories

(Infrastructure & Operations :: SSL Certificates, task)

task
Not set
normal

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 1147548

People

(Reporter: gerv, Unassigned)

Details

(Whiteboard: [kanban:https://webops.kanbanize.com/ctrl_board/2/2452] )

https://hg.mozilla.org/ uses a SHA-1 cert. I know www.mozilla.org is a special case but surely all other Mozilla sites should have upgraded to SHA-256 by now?

Gerv
Assignee: nobody → server-ops-webops
Component: MOC: Problems → WebOps: SSL and Domain Names
QA Contact: lypulong → smani
Whiteboard: [kanban:https://webops.kanbanize.com/ctrl_board/2/2452]
Surely. Except, when we upgrade that certificate to SHA-2, every hg client in the entire world will present an alarming "fingerprint changed" warning to users.

Bug 1147548 has more about this issue, but please consider reaching out to Developer Services directly to find out more about their planned deployment timelines here.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1147548
(In reply to Richard Soderberg [:atoll] from comment #1)
> Surely. Except, when we upgrade that certificate to SHA-2, every hg client
> in the entire world will present an alarming "fingerprint changed" warning
> to users.

Well, that's unfortunate. Almost as unfortunate as the fact that we worked this out 10 months ago and seem to have not done anything about it... 
 
> Bug 1147548 has more about this issue, but please consider reaching out to
> Developer Services directly to find out more about their planned deployment
> timelines here.

Why are those timelines not in the bug? Is there some secret about us doing this?

Gerv
I assume that would be a question for Dev Services...
(In reply to Gervase Markham [:gerv] from comment #2)
> Is there some secret about us doing this?

I removed the infra flag I (incorrectly) set on that bug. You'll need to direct your remaining questions to developer services. Please direct any further questions/comments regarding this issue to bug 1147548 so we're not discussing this issue in two places unnecessarily.
You need to log in before you can comment on or make changes to this bug.