Closed Bug 510934 Opened 16 years ago Closed 16 years ago

Split SSL backends between anonymous and client-cert

Categories

(Mozilla Messaging Graveyard :: Server Operations, defect)

Product:
Mozilla Messaging Graveyard
Component:
Server Operations
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: gozer, Assigned: gozer)

Details

Right now, all https://*.momo.com goes thru the same SSL backend, which has client certs authentication enabled, but optionnal. That needs to be split up in 2 separate backends, so it's not optionnal, but required where it's needed. Possibly, split them in 3, anon/optionnal/required, but don't keep them the same. This bit me once I installed my client cert in thunderbird, and all of a sudden, AUS pings prompted me for my client cert.
DNS finally propagated all over, done. # Never ask for client certs $> host aus.mozillamessaging.com aus.mozillamessaging.com is an alias for production.mozillamessaging.com. # Accept client certs optionally $> host build.mozillamessaging.com build.mozillamessaging.com is an alias for ssl-opt-production.mozillamessaging.com. # Require client certs $> host buildbot-admin.mozillamessaging.com buildbot-admin.mozillamessaging.com is an alias for ssl-cert-production.mozillamessaging.com.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.