Closed
Bug 904150
Opened 12 years ago
Closed 12 years ago
No great way of using SSL with custom domain names + PaaS?
Categories
(Infrastructure & Operations Graveyard :: WebOps: Other, task)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: basta, Unassigned)
Details
Visiting https://x-tags.org throws a very nasty certificate error. Is there a way that we can provide certs for these domains?
|
||
Updated•12 years ago
|
Assignee: server-ops → server-ops-webops
Component: Server Operations → Server Operations: Web Operations
QA Contact: shyam → nmaul
|
|
||
Comment 1•12 years ago
|
||
Seems like this is hosted on stackato, not sure how certs are handled there.
|
|
||
Comment 2•12 years ago
|
||
:basta - this unfortunately is by design in the open developer paas. it is not intended for production use nor has the security review been complete for the production green light of the environment.
|
|
||
Comment 3•12 years ago
|
||
So, there's 2 obvious ways forward on this... and both are unfortunately out of scope with the current situation. We can't do what you'd really like, given the nature of the current system. It's a development environment (hence paas.allizom.org rather than mozilla.org).
1) Wait it out until we can migrate you to the production PaaS. That's a Q3 goal for us, and is currently blocked on a security review (and remediation). Presuming that goes well, I think the Q3 timeline is still reasonable.
2) Migrate this to a different platform. I don't know anything about x-tags.org, but if it's fairly normal and doesn't have a lot of dependencies, there's a chance it could work on our generic cluster. Failing that, perhaps some sort of standalone VM you can self-manage, until the production PaaS is available.
Another limiting factor (secondary to the above) is that we don't control DNS or domain registration for x-tags.org, so we won't be able to buy the certificate ourselves... it'd need to be transferred to us first, or the current owner (Daniel Buchner, according to WHOIS) would need to purchase it and deliver us the cert... we could probably provide the CSR to aid that.
Since both of these possibilities are beyond the original scope of this bug, I'm going to close this out. I don't think there's any action we can take here to resolve this ourselves. Very sorry for the inconvenience.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → WONTFIX
|
||
Updated•12 years ago
|
Component: Server Operations: Web Operations → WebOps: Other
Product: mozilla.org → Infrastructure & Operations
|
||
Updated•6 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•