http://despot.mozilla.org does work, and links to the https version, which doesn't.
Haven't had time to this yet, sorry.
Mind if i try and get https://despot.mozilla.org working?
Fine with me... haven't had time for this (like many other issues) because of firefight mode lately, sorry.
On https://csisnet5.uvsc.edu/ I get an Alert, saying "https is not a registered protocol." The server is set up properly, though.
Pete, your problem doesn't have anything to do with this problem. You need SSL enabled build (like one from M14) + PSM plugin. Client issue.
Fixed. Please verify.
There are still two problems: * a cert warning is generated, because "despot.mozilla.org" or a matching wildcard is not in the server cert. * the index should be a redirect to webtools/despot/despot.cgi (which is also incorrect - but in a different way - on the http server instance).
Andwer to first problem is easy: the certificate doesn't have that. The current cert expires in May so we need to put all these possible names there (cvs-mirror|webtools|bonsai|bugzilla).mozilla.org there. For second, I need to take a look at that. Weird thing here is that I don't think anything changed in the enterprise server...
Index is now redirecting properly. I won't do anything about cert warning yet. We need to address it in few months when the cert will be renewed.
The cert-warning part of this bug isn't yet fixed, and therefore should not yet be marked as resolved, since it isn't.
Current cert (for name cvs-mirror.mozilla.org) expires 5/3/00. So I'll (or someone) should get back at this in end of April.
FYI, new CERT requested... should be ready in few days. The combination of names is below. --- Dear Enterprise Security Officer A new SSL server, IPSEC server, or Developer certificate request has been submitted to Thawte for your enterprise. Please log in and review it. The request code is USNETS361. The certificate should appear at the following URL (make sure you are administering the AOL account if you are an ESO for multiple E-PKI accounts): https://www.thawte.com/cgi/enterprise/lra/ssl/contents.exe The domain name (hostname) given for the certificate is (webtools|despot|bugzilla|tinderbox|bonsai).mozilla.org. Regards, The SWAT Team Thawte Consulting
CERT came back quickly and is now installed on https instance on lounge. It's valid until 5/8/2001.
[despot] Certificate Is Expired - The certificate expires on Tue May 08, 2001. Certificate Is Expired despot.mozilla.org is a site that uses encryption to protect transmitted information. However the digital Certificate that identifies this site has expired. This may be because the certificate has actually expired, or because the date on your computer is wrong. The certificate expires on Tue May 08, 2001. Your computer's date is set to Fri May 11, 2001. If this date is incorrect, then you should reset the date on your computer. You may continue or cancel this connection. REOPEN :!
It most probably is really expired. Steve, Could you renew it?
Bounced server on Friday to enable new certificate. Looks okay now.
This Certificate is valid from Mon Apr 30, 2001 to Tue Apr 30, 2002 The current date is: Mon 05/06/2002
Dawn, please open a helpdesk ticket.
As of today the certificate has been expired for a full year. I'm told there is some private discussion about this problem.
https://despot.mozilla.org is now running a self-signed certificate. I don't know whether a CA-signed one will be requested or not, but that's probably sufficient for what we use it for.
Mark this as fixed?
Yeah, this'll do for now. Eventually we should get a CA-signed one that lets us use SSL on all the webtools domains, but that'll probably have to wait for Mozilla Foundation's tax status stuff to clear, and that can certainly be a new bug as part of the infrastructure plans once we get to that point.
vrfy fixed note that https://mecha.mozilla.org gives the traditional mismatched cert warning if you ignore the untrusted path warning.