Closed Bug 1305199 Opened 9 years ago Closed 9 years ago

Change DNS for (www.)standu.ps

Categories

(Infrastructure & Operations :: SSL Certificates, task)

Product:
Infrastructure & Operations
Component:
SSL Certificates
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: pmac, Assigned: joeyk)

Details

(Whiteboard: [kanban:https://webops.kanbanize.com/ctrl_board/2/3463])

I've added a cert for (www.)standu.ps to the Heroku app in bug 1300770. As part of that I need to alter the DNS entries. The output from the command to add the cert included the following: === Your certificate has been added successfully. Update your application's DNS settings as follows Domain Record Type DNS Target ───────────── ─────────── ─────────────────────────── standu.ps ALIAS/ANAME standu.ps.herokudns.com www.standu.ps CNAME www.standu.ps.herokudns.com I know we don't support ALIAS records in our infra. All we need is for "https?://standu.ps" to redirect to "https://www.standu.ps". The CNAME for the www.standu.ps domain is the important bit. We should wait to do this until at least Monday, Sept 26. No point making these changes over a weekend, but I did want to get the request in so I don't forget anything. Thanks!
Whiteboard: [kanban:https://webops.kanbanize.com/ctrl_board/2/3463]
I've tested this via setting my local /etc/hosts for www.standu.ps to point to an IP from www.standu.ps.herokudns.com and going to https://www.standu.ps. Everything works fine and I see the correct cert. I have to change settings in the app to prevent the mixed-content warnings, but I'll do that after this is done. So I'm ready when you are.
Assignee: server-ops-webops → jkrejci
Added this change and confirmed it works. Also imported cert onto ZLB. Closing out bug now. www.standu.ps CNAME www.standu.ps.herokudns.com
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
We have a couple things left to fix on the top-level domain that we have as part of this request: $ curl -v https://standu.ps/ < HTTP/1.1 302 Found < X-Backend-Server: pp-web02 < Location: https://www.standu.ps/ This should be a redirect to https://standu.ps/ $ curl -v https://standu.ps/ < HTTP/1.1 302 Found < X-Backend-Server: pp-web04 < Location: https://www.standu.ps/ This is missing the Strict-Transport-Security header.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
(In reply to Richard Soderberg [:atoll] from comment #3) > We have a couple things left to fix on the top-level domain that we have as > part of this request: > > $ curl -v https://standu.ps/ Oops, first output is from http://, second is from https://
This seems to be working well. Some tweaks suggested by :atoll then we'll be done. Thanks again!
:pmac :atoll Added HSTS header line, confirmed with :ericz it's working. Closing bug now.
Status: REOPENED → RESOLVED
Closed: 9 years ago9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.