Bug 1469099 - certificate for review.gluster.org expired, and Firefox does not allow adding it as exception
certificate for review.gluster.org expired, and Firefox does not allow adding...
Status: CLOSED CURRENTRELEASE
Product: GlusterFS
Classification: Community
Component: project-infrastructure (Show other bugs)
mainline
Unspecified Unspecified
urgent Severity urgent
: ---
: ---
Assigned To: bugs@gluster.org
: Security, Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-07-10 08:11 EDT by Niels de Vos
Modified: 2017-07-19 08:40 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-07-19 08:40:33 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Niels de Vos 2017-07-10 08:11:17 EDT
When accessing https://review.gluster.org , I get the following warning from Firefox:

---
Your connection is not secure

The owner of review.gluster.org has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.
---

The "more info" link shows this:

---
review.gluster.org uses an invalid security certificate.

The certificate expired on July 10, 2017 at 1:07 PM. The current time is July 10, 2017 at 2:03 PM.

Error code: SEC_ERROR_EXPIRED_CERTIFICATE
---

Not being able to access Gerrit makes it (almost) impossible to do reviews of posted changes. This is a critical service for the Gluster project.
Comment 1 M. Scherer 2017-07-10 08:49:10 EDT
ok so the whole proxy for review is breaking the renewal of the certificate.

It is fixed (I add to comment the ProxyPass and fiddle manually). However, i remember we had trouble to get this work like we wanted :/
Comment 2 Andrej Nemec 2017-07-19 08:40:33 EDT
This seem to be fixed now, with the new certificate valid until the October.

Note You need to log in before you can comment on or make changes to this bug.