If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Split SSL backends between anonymous and client-cert

RESOLVED FIXED

Status

Mozilla Messaging
Server Operations
RESOLVED FIXED
8 years ago
8 years ago

People

(Reporter: gozer, Assigned: gozer)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Assignee)

Description

8 years ago
Right now, all https://*.momo.com goes thru the same SSL backend, which has client certs authentication enabled, but optionnal.

That needs to be split up in 2 separate backends, so it's not optionnal, but required where it's needed.

Possibly, split them in 3, anon/optionnal/required, but don't keep them the same.

This bit me once I installed my client cert in thunderbird, and all of a sudden, AUS pings prompted me for my client cert.
(Assignee)

Comment 1

8 years ago
DNS finally propagated all over, done.

# Never ask for client certs
$> host aus.mozillamessaging.com
aus.mozillamessaging.com is an alias for production.mozillamessaging.com.

# Accept client certs optionally
$> host build.mozillamessaging.com
build.mozillamessaging.com is an alias for ssl-opt-production.mozillamessaging.com.

# Require client certs
$> host buildbot-admin.mozillamessaging.com
buildbot-admin.mozillamessaging.com is an alias for ssl-cert-production.mozillamessaging.com.
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.