Renew SSL certificate for firefoxusercontent.com & mozillausercontent.com

RESOLVED FIXED

Status

Cloud Services
Server: Firefox Accounts
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: jbuck, Assigned: jbuck)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Assignee)

Description

2 years ago
These certificates expire on September 8 2016, we should renew & deploy the new certificates.

mozillausercontent.com is in stage, and firefoxusercontent.com is in prod. I don't see any cloudformation scripts, so I think we'll just need to add the cert to IAM and update each CDN directly.

ckolos: Could/should we use Amazon Certificate Manager for this?
> ckolos: Could/should we use Amazon Certificate Manager for this?

Adding an ni? since I came across this issue in triage
Flags: needinfo?(ckolos)
jbuck: If it were me doing this, I would just renew the digicert certificate.
Flags: needinfo?(ckolos)
(Assignee)

Comment 3

2 years ago
The certificates have been uploaded to stage & production IAMs. Going to switch stage first, verify everything is kosher, then change prod.
Assignee: nobody → jbuckley
Status: NEW → ASSIGNED
(Assignee)

Comment 4

2 years ago
Stage is working successfully:

$ echo | openssl s_client -connect mozillausercontent.com:443 -servername mozillausercontent.com 2>/dev/null | openssl x509 -noout -dates
notBefore=Jun 16 00:00:00 2016 GMT
notAfter=Oct 13 12:00:00 2017 GMT
(Assignee)

Comment 5

2 years ago
Production is working successfully:

$ echo | openssl s_client -connect firefoxusercontent.com:443 -servername firefoxusercontent.com 2>/dev/null | openssl x509 -noout -dates
notBefore=Jun 16 00:00:00 2016 GMT
notAfter=Oct 13 12:00:00 2017 GMT
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.