Balrog/Meetings/CloudOps - May 31, 2017: Difference between revisions
Jump to navigation
Jump to search
(Created page with "= Attendees = bhearsum, relud, miles = Notes = * Certificate expirations coming up: ** aus5.mozilla.org backup (Thawte) - August 10, 2017 *** Can we still get certs from Thaw...") |
(→Notes) |
||
| Line 6: | Line 6: | ||
** aus5.mozilla.org backup (Thawte) - August 10, 2017 | ** aus5.mozilla.org backup (Thawte) - August 10, 2017 | ||
*** Can we still get certs from Thawte's intermediary that has "CN=thawte SSL CA - G2,O=thawte, Inc.,C=US"? | *** Can we still get certs from Thawte's intermediary that has "CN=thawte SSL CA - G2,O=thawte, Inc.,C=US"? | ||
*** File bug for this. | |||
** aus3.mozilla.org primary (Thawte) - September 8, 2017 | ** aus3.mozilla.org primary (Thawte) - September 8, 2017 | ||
*** We cannot renew this cert in a way that's compatible with client cert pinning, nothing to do here. | *** We cannot renew this cert in a way that's compatible with client cert pinning, nothing to do here. | ||
| Line 13: | Line 14: | ||
** Still finalizing name, currently thinking aus-api.mozilla.org. | ** Still finalizing name, currently thinking aus-api.mozilla.org. | ||
** Want proper (non-Mozilla CA) SSL. | ** Want proper (non-Mozilla CA) SSL. | ||
** File bug for this | |||
* Heads up about new accounts (should be no-op for CloudOps) | * Heads up about new accounts (should be no-op for CloudOps) | ||
** Are admin request logs published somewhere? Would be helpful to verify old accounts are unused before disabling them. | ** Are admin request logs published somewhere? Would be helpful to verify old accounts are unused before disabling them. | ||
** Ping relud for admin logs after accounts have been switched over. | |||
Latest revision as of 18:42, 31 May 2017
Attendees
bhearsum, relud, miles
Notes
- Certificate expirations coming up:
- aus5.mozilla.org backup (Thawte) - August 10, 2017
- Can we still get certs from Thawte's intermediary that has "CN=thawte SSL CA - G2,O=thawte, Inc.,C=US"?
- File bug for this.
- aus3.mozilla.org primary (Thawte) - September 8, 2017
- We cannot renew this cert in a way that's compatible with client cert pinning, nothing to do here.
- aus4.mozilla.org backup (Thawte) - September 24, 2017
- Also unrenewable due to cert pinning.
- aus5.mozilla.org backup (Thawte) - August 10, 2017
- Domain for public API
- Still finalizing name, currently thinking aus-api.mozilla.org.
- Want proper (non-Mozilla CA) SSL.
- File bug for this
- Heads up about new accounts (should be no-op for CloudOps)
- Are admin request logs published somewhere? Would be helpful to verify old accounts are unused before disabling them.
- Ping relud for admin logs after accounts have been switched over.