https pypy.org has got an invalid certificate now
Hi, Who knows how to fix this? https://pypy.org/ complains that it has got an invalid certificate. Armin
Adding the PSF infra group. Alex On Fri, Jun 8, 2018, 1:03 PM Armin Rigo <armin.rigo@gmail.com> wrote:
Hi,
Who knows how to fix this? https://pypy.org/ complains that it has got an invalid certificate.
Armin _______________________________________________ pypy-dev mailing list pypy-dev@python.org https://mail.python.org/mailman/listinfo/pypy-dev
It looks like pypy.org is run on PSF infrastructure: virt-y8pzvf.psf.osuosl.org. We'd have to get a new certificate for it. I am a bit surprised that we have a wildcard certificate on one of the OSU VM. Shouldn't this only be installed on front.python.org ? Thanks. On 08.06.2018 19:07, Alex Gaynor wrote:
Adding the PSF infra group.
Alex
On Fri, Jun 8, 2018, 1:03 PM Armin Rigo <armin.rigo@gmail.com> wrote:
Hi,
Who knows how to fix this? https://pypy.org/ complains that it has got an invalid certificate.
Armin _______________________________________________ pypy-dev mailing list pypy-dev@python.org https://mail.python.org/mailman/listinfo/pypy-dev
________________________________________________ Infrastructure mailing list Infrastructure@python.org https://mail.python.org/mailman/listinfo/infrastructure Unsubscribe: https://mail.python.org/mailman/options/infrastructure/mal%40egenix.com
-- Marc-Andre Lemburg eGenix.com Professional Python Services directly from the Experts (#1, Jun 08 2018)
Python Projects, Coaching and Consulting ... http://www.egenix.com/ Python Database Interfaces ... http://products.egenix.com/ Plone/Zope Database Interfaces ... http://zope.egenix.com/
::: We implement business ideas - efficiently in both time and costs ::: eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg Registered at Amtsgericht Duesseldorf: HRB 46611 http://www.egenix.com/company/contact/ http://www.malemburg.com/
On June 8, 2018 at 1:45:58 PM, M.-A. Lemburg (mal@egenix.com) wrote: It looks like pypy.org is run on PSF infrastructure: virt-y8pzvf.psf.osuosl.org. That’s correct. We'd have to get a new certificate for it. I am a bit surprised that we have a wildcard certificate on one of the OSU VM. Shouldn't this only be installed on front.python.org ? The DNS for pypy.org is set to the load balancer at OSUOSL, the wildcard cert is hosted there. This appears to be a misconfiguration in the load balancer, though I’m not sure why. Investigating now. Thanks. On 08.06.2018 19:07, Alex Gaynor wrote:
Adding the PSF infra group.
Alex
On Fri, Jun 8, 2018, 1:03 PM Armin Rigo <armin.rigo@gmail.com> wrote:
Hi,
Who knows how to fix this? https://pypy.org/ complains that it has got an invalid certificate.
Armin _______________________________________________ pypy-dev mailing list pypy-dev@python.org https://mail.python.org/mailman/listinfo/pypy-dev
________________________________________________ Infrastructure mailing list Infrastructure@python.org https://mail.python.org/mailman/listinfo/infrastructure Unsubscribe: https://mail.python.org/mailman/options/infrastructure/mal%40egenix.com
-- Marc-Andre Lemburg eGenix.com Professional Python Services directly from the Experts (#1, Jun 08 2018)
Python Projects, Coaching and Consulting ... http://www.egenix.com/ Python Database Interfaces ... http://products.egenix.com/ Plone/Zope Database Interfaces ... http://zope.egenix.com/
::: We implement business ideas - efficiently in both time and costs ::: eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg Registered at Amtsgericht Duesseldorf: HRB 46611 http://www.egenix.com/company/contact/ http://www.malemburg.com/ ________________________________________________ Infrastructure mailing list Infrastructure@python.org https://mail.python.org/mailman/listinfo/infrastructure Unsubscribe: https://mail.python.org/mailman/options/infrastructure/ewdurbin%40gmail.com
This is resolved. The certificate provided for pypy.org was “forgotten” by the chef configuration on the load balancers in our OSUOSL infrastructure. It appears that some tidy up work I performed in removing old hosts inadvertently disrupted the delicate balance. I’ve rerun chef a couple times to ensure that the changes are stable and it seems TLS is back in action for pypy.org and www.pypy.org. -Ernest On June 8, 2018 at 1:08:11 PM, Alex Gaynor (alex.gaynor@gmail.com) wrote: Adding the PSF infra group. Alex On Fri, Jun 8, 2018, 1:03 PM Armin Rigo <armin.rigo@gmail.com> wrote:
Hi,
Who knows how to fix this? https://pypy.org/ complains that it has got an invalid certificate.
Armin _______________________________________________ pypy-dev mailing list pypy-dev@python.org https://mail.python.org/mailman/listinfo/pypy-dev
________________________________________________ Infrastructure mailing list Infrastructure@python.org https://mail.python.org/mailman/listinfo/infrastructure Unsubscribe: https://mail.python.org/mailman/options/infrastructure/ewdurbin%40gmail.com
Thanks, Ernest. On 08.06.2018 21:00, Ernest W. Durbin III wrote:
This is resolved.
The certificate provided for pypy.org was “forgotten” by the chef configuration on the load balancers in our OSUOSL infrastructure. It appears that some tidy up work I performed in removing old hosts inadvertently disrupted the delicate balance.
I’ve rerun chef a couple times to ensure that the changes are stable and it seems TLS is back in action for pypy.org and www.pypy.org.
-Ernest
On June 8, 2018 at 1:08:11 PM, Alex Gaynor (alex.gaynor@gmail.com) wrote:
Adding the PSF infra group.
Alex
On Fri, Jun 8, 2018, 1:03 PM Armin Rigo <armin.rigo@gmail.com> wrote:
Hi,
Who knows how to fix this? https://pypy.org/ complains that it has got an invalid certificate.
Armin _______________________________________________ pypy-dev mailing list pypy-dev@python.org https://mail.python.org/mailman/listinfo/pypy-dev
________________________________________________ Infrastructure mailing list Infrastructure@python.org https://mail.python.org/mailman/listinfo/infrastructure Unsubscribe: https://mail.python.org/mailman/options/infrastructure/ewdurbin%40gmail.com
________________________________________________ Infrastructure mailing list Infrastructure@python.org https://mail.python.org/mailman/listinfo/infrastructure Unsubscribe: https://mail.python.org/mailman/options/infrastructure/mal%40egenix.com
-- Marc-Andre Lemburg eGenix.com Professional Python Services directly from the Experts (#1, Jun 08 2018)
Python Projects, Coaching and Consulting ... http://www.egenix.com/ Python Database Interfaces ... http://products.egenix.com/ Plone/Zope Database Interfaces ... http://zope.egenix.com/
::: We implement business ideas - efficiently in both time and costs ::: eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg Registered at Amtsgericht Duesseldorf: HRB 46611 http://www.egenix.com/company/contact/ http://www.malemburg.com/
A very simple tool i built a couple years ago - it’ll send you an email if the cert on a given domain is less than 10 days from expiring: https://ismycertexpired.com/check?domain=Pypy.org M -- Matt Billenstein matt@vazor.com
On Jun 8, 2018, at 1:07 PM, Alex Gaynor <alex.gaynor@gmail.com> wrote:
Adding the PSF infra group.
Alex
On Fri, Jun 8, 2018, 1:03 PM Armin Rigo <armin.rigo@gmail.com> wrote: Hi,
Who knows how to fix this? https://pypy.org/ complains that it has got an invalid certificate.
Armin _______________________________________________ pypy-dev mailing list pypy-dev@python.org https://mail.python.org/mailman/listinfo/pypy-dev
pypy-dev mailing list pypy-dev@python.org https://mail.python.org/mailman/listinfo/pypy-dev
participants (6)
-
Alex Gaynor -
Armin Rigo -
Ernest W. Durbin III -
M.-A. Lemburg -
Matt Billenstein -
Matti Picus