canmove, Confirmed users
1,394
edits
Taskcluster/Update SSL Certificates: Difference between revisions
no edit summary
(Created page with "= Issuing = Generally you'll be updating an existing SAN cert to add or remove a domain. File a bug for it, and use the bug number as a nice stable identifier for the new cer...") |
No edit summary |
||
| Line 58: | Line 58: | ||
replacing the bug number as appropriate. Once that's complete, login to https://console.aws.amazon.com/cloudfront/home?region=us-east-1 and edit each distribution that is using the old key to use the new key (identified with the bug number). | replacing the bug number as appropriate. Once that's complete, login to https://console.aws.amazon.com/cloudfront/home?region=us-east-1 and edit each distribution that is using the old key to use the new key (identified with the bug number). | ||
== Docker Cloud == | |||
For Docker cloud, login to https://cloud.docker.com as moztc. | |||
For stacks that use an haproxy frontend, you'll find the certificate in the load balancer service. Edit the service, and click "Next" to see the environment variables. Near the top you will find DEFAULT_SSL_CERT or the like. Edit that. | |||
Format the certificates as follows: | |||
* concatenate the certificate, the key, and the DigiCert CA Certificate | |||
* replace newlines with "\n" | |||
Insert this single (one-line) string into the environment value. | |||
Redeploy the service. | |||
To test, hit https://cloud-mirror.taskcluster.net/v1/ping and verify that you don't get a certificate error. | |||