www.centos.org - SSL Cert Expired - CSS fubar'd

07-19-2010, 11:57 AM

Hi All,

I hadn't seen mention of it on the mailing list yet so I thought I'd
post it.

It seems the wildcard SSL cert for *.centos.org has expired. Since
the www.centos.org stuff references its CSS via the http[S] urls, the
CSS and images are now missing from http://www.centos.org/

"The certificate expired on 7/16/2010 7:23 PM."

Mike
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

07-19-2010, 01:17 PM

On Mon, Jul 19, 2010 at 6:57 AM, Mike Putnam <mike@theputnams.net> wrote:
> It seems the wildcard SSL cert for *.centos.org has expired. *Since
> the www.centos.org stuff references its CSS via the http[S] urls, the
> CSS and images are now missing from http://www.centos.org/

Hi. I went ahead and reported this under the website category in Bug
Tracker, id=4447.

gd
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

07-19-2010, 04:26 PM

On Mon, 19 Jul 2010, Mike Putnam wrote:

> I hadn't seen mention of it on the mailing list yet so I
> thought I'd post it.

We are aware of the matter and needed for the weekday to start
to get to computers holding the needed (and protected) access
credentials. As the issue was not disabling except for
certain limited forum transactions, we did not escalate it as
worth driving in on a weekend to reach the same credentials

A new PEM certificate countersign has been received and
distributed, such cross-signing by a registrar in all
reasonably recent browsers. We will swap it in during
maintenance regular, probably later today

Thanks for the reports and the bug -- There was an earlier
infrastructure team bug as well that I filed over the weekend,
but it is not globally visible, wo we were aware of the
matter. But these reports are appreciated

-- Russ herrold
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

07-24-2010, 01:42 PM

Hey

On Mon, Jul 19, 2010 at 5:26 PM, R P Herrold <herrold@centos.org> wrote:
> On Mon, 19 Jul 2010, Mike Putnam wrote:
>
>> I hadn't seen mention of it on the mailing list yet so I
>> thought I'd post it.

http://projects.centos.org/ is still out of date.

projects.centos.org uses an invalid security certificate.

The certificate expired on 07/17/2010 01:23 AM.

(Error code: sec_error_expired_certificate)

Just mentioning

Cheers Didi

--
Hoffmann Geerd-Dietger
http://contact.ribalba.de
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

07-26-2010, 03:31 PM

On Sat, 24 Jul 2010, didi wrote:

> http://projects.centos.org/ is still out of date.

>
> projects.centos.org uses an invalid security certificate.
>
> The certificate expired on 07/17/2010 01:23 AM.

It is quite unclear to me WHY a redirect into the wiki runs
out from a SSL startpoint, but ...

This is part of a move from 'wildcards' to specific FQ host
name (per function) certificates. The certificate and csr
were in hand, but we needed to get to certain machines to
submit, and then retrieve the pem countersign by the CA

I would anticipate it will get rolled in later Monday or
perhaps Tuesday, as some testing is needed

-- Russ herrold
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos