Closed
Bug 26306
Opened 25 years ago
Closed 21 years ago
https://despot.mozilla.org/ has a cert problem (despot not in cn, cert expired)
Categories
(mozilla.org Graveyard :: Server Operations, task, P3)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: dmosedale, Assigned: mitchell)
References
()
Details
http://despot.mozilla.org does work, and links to the https version, which doesn't.
Comment 2•25 years ago
|
||
Mind if i try and get https://despot.mozilla.org working?
Comment 3•25 years ago
|
||
Fine with me... haven't had time for this (like many other issues) because of firefight mode lately, sorry.
On https://csisnet5.uvsc.edu/ I get an Alert, saying "https is not a registered protocol." The server is set up properly, though.
Comment 5•24 years ago
|
||
Pete, your problem doesn't have anything to do with this problem. You need SSL enabled build (like one from M14) + PSM plugin. Client issue.
Comment 6•24 years ago
|
||
Fixed. Please verify.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
Reporter | ||
Updated•24 years ago
|
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Reporter | ||
Comment 7•24 years ago
|
||
There are still two problems: * a cert warning is generated, because "despot.mozilla.org" or a matching wildcard is not in the server cert. * the index should be a redirect to webtools/despot/despot.cgi (which is also incorrect - but in a different way - on the http server instance).
Comment 8•24 years ago
|
||
Andwer to first problem is easy: the certificate doesn't have that. The current cert expires in May so we need to put all these possible names there (cvs-mirror|webtools|bonsai|bugzilla).mozilla.org there. For second, I need to take a look at that. Weird thing here is that I don't think anything changed in the enterprise server...
Status: REOPENED → ASSIGNED
Comment 9•24 years ago
|
||
Index is now redirecting properly. I won't do anything about cert warning yet. We need to address it in few months when the cert will be renewed.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago → 24 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 10•24 years ago
|
||
The cert-warning part of this bug isn't yet fixed, and therefore should not yet be marked as resolved, since it isn't.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Summary: https://despot.mozilla.org/ doesn't work → https://despot.mozilla.org/ has a cert problem
Updated•24 years ago
|
Severity: normal → minor
Comment 11•24 years ago
|
||
Current cert (for name cvs-mirror.mozilla.org) expires 5/3/00. So I'll (or someone) should get back at this in end of April.
Comment 12•24 years ago
|
||
FYI, new CERT requested... should be ready in few days. The combination of names is below. --- Dear Enterprise Security Officer A new SSL server, IPSEC server, or Developer certificate request has been submitted to Thawte for your enterprise. Please log in and review it. The request code is USNETS361. The certificate should appear at the following URL (make sure you are administering the AOL account if you are an ESO for multiple E-PKI accounts): https://www.thawte.com/cgi/enterprise/lra/ssl/contents.exe The domain name (hostname) given for the certificate is (webtools|despot|bugzilla|tinderbox|bonsai).mozilla.org. Regards, The SWAT Team Thawte Consulting
Status: REOPENED → ASSIGNED
Comment 13•24 years ago
|
||
CERT came back quickly and is now installed on https instance on lounge. It's valid until 5/8/2001.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago → 24 years ago
Resolution: --- → FIXED
Comment 14•23 years ago
|
||
[despot] Certificate Is Expired - The certificate expires on Tue May 08, 2001. Certificate Is Expired despot.mozilla.org is a site that uses encryption to protect transmitted information. However the digital Certificate that identifies this site has expired. This may be because the certificate has actually expired, or because the date on your computer is wrong. The certificate expires on Tue May 08, 2001. Your computer's date is set to Fri May 11, 2001. If this date is incorrect, then you should reset the date on your computer. You may continue or cancel this connection. REOPEN :!
Severity: minor → critical
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment 15•23 years ago
|
||
It most probably is really expired. Steve, Could you renew it?
Assignee: rko → scbrown
Status: REOPENED → NEW
Comment 16•23 years ago
|
||
Bounced server on Friday to enable new certificate. Looks okay now.
Status: NEW → RESOLVED
Closed: 24 years ago → 23 years ago
Resolution: --- → FIXED
Comment 17•22 years ago
|
||
This Certificate is valid from Mon Apr 30, 2001 to Tue Apr 30, 2002 The current date is: Mon 05/06/2002
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment 18•22 years ago
|
||
Dawn, please open a helpdesk ticket.
Assignee: scbrown → endico
Status: REOPENED → NEW
Comment 19•21 years ago
|
||
As of today the certificate has been expired for a full year. I'm told there is some private discussion about this problem.
Assignee: endico → mitchell
Comment 20•21 years ago
|
||
https://despot.mozilla.org is now running a self-signed certificate. I don't know whether a CA-signed one will be requested or not, but that's probably sufficient for what we use it for.
Comment 21•21 years ago
|
||
Mark this as fixed?
Comment 22•21 years ago
|
||
Yeah, this'll do for now. Eventually we should get a CA-signed one that lets us use SSL on all the webtools domains, but that'll probably have to wait for Mozilla Foundation's tax status stuff to clear, and that can certainly be a new bug as part of the infrastructure plans once we get to that point.
Status: NEW → RESOLVED
Closed: 23 years ago → 21 years ago
Resolution: --- → FIXED
Comment 23•21 years ago
|
||
vrfy fixed note that https://mecha.mozilla.org gives the traditional mismatched cert warning if you ignore the untrusted path warning.
Status: RESOLVED → VERIFIED
Summary: https://despot.mozilla.org/ has a cert problem → https://despot.mozilla.org/ has a cert problem (despot not in cn, cert expired)
Updated•9 years ago
|
Product: mozilla.org → mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•