Closed Bug 969178 Opened 11 years ago Closed 11 years ago

ssl cert for snippets-stats.mozilla.org expiring

Categories

(Infrastructure & Operations :: SSL Certificates, task)

Product:
Infrastructure & Operations
Component:
SSL Certificates
Type:
task
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: cturra, Assigned: cturra)

Details

(Whiteboard: [expires Apr 8 13:45:01 2014 GMT])

currently, the page that's returned at snippets-stats.mozilla.org states: "Nothing to see here. Look here, instead." where "Look here, instead" is a link to: about:home. we should confirm if this ssl certificate is still required before reissuing.
:mkelly - just wanted to see if you knew if snippets-stats.mozilla.org was still required? should we reissue the ssl certificate here?
Flags: needinfo?(mkelly)
Yes, it is. We use it (specifically the apache logs for it) for gathering metrics about snippets.
Flags: needinfo?(mkelly)
Just saw this on Firefox nightly's console: ===== snippets-stats.mozilla.org:443 uses an invalid security certificate. The certificate expired on 08/04/2014 14:45. The current time is 10/04/2014 19:14. (Error code: sec_error_expired_certificate) =====
Severity: normal → major
son of a... i've got this. /me mumbles about hearbleed taking all of our time.
Assignee: server-ops-webops → cturra
reissued. sorry for letting this expire folks! -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgIQCxgeB7G9+xJ9xMnYGYvj+jANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTQwNDEwMDAwMDAwWhcN MTYwODE4MTIwMDAwWjB0MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNV BAcTDU1vdW50YWluIFZpZXcxGzAZBgNVBAoTEk1vemlsbGEgRm91bmRhdGlvbjEj MCEGA1UEAxMac25pcHBldHMtc3RhdHMubW96aWxsYS5vcmcwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDdL6gSr7UzGKw1LZcAwXfLt+ux8unPeNPMksFt FK7WiBkrS5gHBbgFN8dyy/clQIF8IPKuyjPYbnAmf9Zma9t50ggG1Uw0FwQk8WEa qqJmWUa8PEytlLKyydmURU6KZUZKzYqJBOCHVoz26x/YlOgJjGQ8HRfgu0K4ZEk/ My7xrYa3qDLKkEdFkEjlLFPiHVAKOlFPw0KYGHi+U/Klqm5v5cvd+2IXsPLclO+c U8To+gQAhxIK0h2ltrF5gOWvFLeBaYOg6x49/G1YRGJ4zhpRjB3x3Ax7avMo++Gx ulYGFgpEhor3CVyVnpKAE3Kb1YkW8EJQlcXAErnfHO2YOKApAgMBAAGjggHXMIIB 0zAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUnhoe ac5JChG0pDOJaFjpa18wlyowJQYDVR0RBB4wHIIac25pcHBldHMtc3RhdHMubW96 aWxsYS5vcmcwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5j b20vc3NjYS1zaGEyLWcxLmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQu Y29tL3NzY2Etc2hhMi1nMS5jcmwwQgYDVR0gBDswOTA3BglghkgBhv1sAQEwKjAo BggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB8BggrBgEF BQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBG BggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0 U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEB CwUAA4IBAQA+syuw1CXaGhMGWY3zoh5ts2fYhvlspN1dG40nOH8DXaRz3BI4NMAW 1nZSN7oeG3NKsmV2CV1zVe587pbUJ4vQwlsWHyHalpk9ouaNKlXkw/goeFqTh+RZ U1rjVdBhVZCvCpmqwyb9qljqzcVW0aizgIuO3OCYs0oguOSUV3quiHkxva/m9Jpg 8oB6Pi2gJIHEiFMNVQ9IZRry9WG41r4C/MVdVM5WYHMXw9/4mtmKnI8oRnqVpyuN FqaqwVluQRvwwIBZ+NvIAb0+u1FvvV6+PS+2z2n0kbOzsYaZnVOkyS6F4jo8LEXv Ou/GMgwr9RxMAoeKaKlnHxRGeVFYBWmQ -----END CERTIFICATE----- $ curl -v https://snippets-stats.mozilla.org * About to connect() to snippets-stats.mozilla.org port 443 (#0) * Trying 63.245.217.175... * connected * Connected to snippets-stats.mozilla.org (63.245.217.175) port 443 (#0) * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server key exchange (12): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using DHE-RSA-AES128-SHA * Server certificate: * subject: C=US; ST=CA; L=Mountain View; O=Mozilla Foundation; CN=snippets-stats.mozilla.org * start date: 2014-04-10 00:00:00 GMT * expire date: 2016-08-18 12:00:00 GMT * subjectAltName: snippets-stats.mozilla.org matched * issuer: C=US; O=DigiCert Inc; CN=DigiCert SHA2 Secure Server CA * SSL certificate verify ok. > GET / HTTP/1.1 > User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8y zlib/1.2.5 > Host: snippets-stats.mozilla.org > Accept: */* > < HTTP/1.1 200 OK < Server: Apache < X-Backend-Server: snippets7.webapp.phx1.mozilla.com < Content-Type: text/html; charset=UTF-8 < Date: Thu, 10 Apr 2014 17:42:52 GMT < Access-Control-Allow-Origin: null < Accept-Ranges: bytes < Last-Modified: Wed, 24 Jul 2013 00:25:51 GMT < Content-Length: 260 < Connection: Keep-Alive < X-Cache-Info: cached < <!DOCTYPE html> <html> <head> <title>Snippets Impressions Service</title> </head> <body> <h1>Snippets Impressions Metrics Service</h1> <p>Nothing to see here. <a href="about:home">Look here, instead.</a> </body> </html> * Connection #0 to host snippets-stats.mozilla.org left intact * Closing connection #0 * SSLv3, TLS alert, Client hello (1):
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.