#2349: *.osgeo.org SSL certificate expired (as used for geotiff.osgeo.org)
----------------------------+-------------------
Reporter: Bas Couwenberg | Owner: sac@…
Type: defect | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Keywords:
----------------------------+-------------------
Accessing https://geotiff.osgeo.org triggers browser warnings due to the
SSL certificate being expired:
{{{
$ openssl s_client -connect geotiff.osgeo.org:443
CONNECTED(00000003)
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST
Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = US, O = SSL.com, OU = www.ssl.com, CN = SSL.com DV CA
verify return:1
depth=0 OU = Domain Control Validated, OU = EssentialSSL Wildcard, CN =
*.osgeo.org
verify error:num=10:certificate has expired
notAfter=May 1 23:59:59 2019 GMT
verify return:1
depth=0 OU = Domain Control Validated, OU = EssentialSSL Wildcard, CN =
*.osgeo.org
notAfter=May 1 23:59:59 2019 GMT
verify return:1
---
Certificate chain
0 s:OU = Domain Control Validated, OU = EssentialSSL Wildcard, CN =
*.osgeo.org
i:C = US, O = SSL.com, OU = www.ssl.com, CN = SSL.com DV CA
1 s:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network,
CN = USERTrust RSA Certification Authority
i:C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN =
AddTrust External CA Root
2 s:C = US, O = SSL.com, OU = www.ssl.com, CN = SSL.com DV CA
i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network,
CN = USERTrust RSA Certification Authority
---
}}}
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2349>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2349: *.osgeo.org SSL certificate expired (as used for geotiff.osgeo.org)
----------------------------+--------------------
Reporter: Bas Couwenberg | Owner: sac@…
Type: defect | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
----------------------------+--------------------
Comment (by wildintellect):
I wonder if this got lost when we moved things off the old-web server,
which had the old wildcard cert and not the new let's encrypt.
I see the old config:
<VirtualHost 140.211.15.66:80>
ServerName geotiff.osgeo.org
RewriteEngine on
RewriteCond %{HTTP_HOST} ^geotiff\.osgeo\.org$
RewriteRule ^/(.*) http://trac.osgeo.org/geotiff/ [R,L]
</VirtualHost>
<VirtualHost 140.211.15.66:80>
ServerName libgeotiff.osgeo.org
RewriteEngine on
RewriteCond %{HTTP_HOST} ^libgeotiff\.osgeo\.org$
RewriteRule ^/(.*) http://trac.osgeo.org/geotiff/ [R,L]
</VirtualHost>
We should be able to port that over to the new webserver and continue
redirecting. The destination trac sites do appear to have working certs.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2349#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2349: *.osgeo.org SSL certificate expired (as used for geotiff.osgeo.org)
----------------------------+----------------------------------------
Reporter: Bas Couwenberg | Owner: sac@…
Type: defect | Status: new
Priority: normal | Milestone: Sysadmin Contract 2019-II
Component: Systems Admin | Resolution:
Keywords: |
----------------------------+----------------------------------------
Changes (by robe):
* milestone: => Sysadmin Contract 2019-II
Comment:
I'll repoint to new server and setup a redirect
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2349#comment:2>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2349: *.osgeo.org SSL certificate expired (as used for geotiff.osgeo.org)
----------------------------+----------------------------------------
Reporter: Bas Couwenberg | Owner: sac@…
Type: defect | Status: closed
Priority: normal | Milestone: Sysadmin Contract 2019-II
Component: Systems Admin | Resolution: fixed
Keywords: |
----------------------------+----------------------------------------
Changes (by robe):
* status: new => closed
* resolution: => fixed
Comment:
Moved to osgeo7
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2349#comment:3>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.