Taskcluster/Update SSL Certificates: Difference between revisions

Taskcluster/Update SSL Certificates (view source)

279 bytes added , 3 May 2016

canmove, Confirmed users

1,394

edits

@@ Line 53: / Line 53: @@
 For Docker cloud, login to https://cloud.docker.com as moztc.
-Some apps are deployed as stacks, but some are deployed as services, so you'll need to hunt around.  Also, the certs are formatted differently for different apps.  It's fun.
+Some apps are deployed as stacks, but some are deployed as services, so you'll need to hunt around.  Also, the certs are formatted differently for different apps.  It's fun.  Note that if you *edit* an environment variable, newlines will be folded to whitespace, whereas if you delete an environment variable and add a new one, you can paste newlines in.
 For stacks that use an haproxy frontend, you'll find the certificate in the load balancer service.  Edit the service, and click "Next" to see the environment variables.  Near the top you will find DEFAULT_SSL_CERT or the like.  Edit that.
-Format the certificates as follows:
+For cloud-mirror (which is currently in Heroku, so this is historical information), format the certificates as follows:
 * concatenate the certificate, the key, and the DigiCert CA Certificate
@@ Line 64: / Line 64: @@
 Insert this single (one-line) string into the environment value.
-Redeploy the service.
+..continuing: Redeploy the service.
 For other stacks, like for statsum, the values are in other environment variables.  Format the new certs the same way as the old.
 To test, hit https://cloud-mirror.taskcluster.net/v1/ping and verify that you don't get a certificate error.