Closed
Bug 1259542
Opened 8 years ago
Closed 8 years ago
Certificate renewal for openwebdevice.org
Categories
(Infrastructure & Operations :: SSL Certificates, task)
Infrastructure & Operations
SSL Certificates
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: jgmize, Assigned: nmaul)
Details
(Whiteboard: [kanban:https://webops.kanbanize.com/ctrl_board/2/2753] )
The cert for https://openwebdevice.org expires on March 28, 2016. Please email me the renewed cert and key encrypted with the gpg key I have published at https://keybayse.io/jgmize
Reporter | ||
Comment 1•8 years ago
|
||
Typo correction: my key is published at https://keybase.io/jgmize
Reporter | ||
Comment 2•8 years ago
|
||
Per discussion with jakem in IRC I'm going to see if I can take care of this myself with ACM instead of going through digicert for the renewal.
Reporter | ||
Comment 3•8 years ago
|
||
I requested a cert through ACM; there should be an email to hostmaster@mozilla.com for verification.
Reporter | ||
Comment 5•8 years ago
|
||
Thanks :jakem. I see the cert has been issued in the ACM console, but unfortunately it looks like I won't be able to use that cert outside of the US-East region[0], and neither of our existing clusters are located there (we're currently in Oregon and Ireland). In theory I could set up something to manage the ELB certs using Let's Encrypt[1], but that will take a bit of work that I won't be able to prioritize this week. Given the timeline, I think we're going to need to go with the original plan of renewing through Digicert. :( [0] http://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html [1] https://github.com/alex/letsencrypt-aws
Reporter | ||
Comment 6•8 years ago
|
||
Got the renewed cert from :jakem and installed in the AWS ELB. Verified in firefox and from CLI: echo | openssl s_client -connect openwebdevice.org:443 2>/dev/null | openssl x509 -noout -dates notBefore=Mar 25 00:00:00 2016 GMT notAfter=Apr 5 12:00:00 2017 GMT
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•