Bug 10951 - SSL certificate for bugs.maemo.org expired
: SSL certificate for bugs.maemo.org expired
Status: RESOLVED FIXED
Product: maemo.org Website
Bugzilla
: unspecified
: All All
: High major with 3 votes (vote)
: ---
Assigned To: Andre Klapper
: Ferenc Szekely
: http://bugs.maemo.org/
:
:
:
  Show dependency tree
 
Reported: 2010-07-17 12:51 UTC by Chris Samuel
Modified: 2010-07-27 12:44 UTC (History)
7 users (show)

See Also:


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description Chris Samuel (reporter) 2010-07-17 12:51:40 UTC
SOFTWARE VERSION:
Any browser.

EXACT STEPS LEADING TO PROBLEM: 
(Explain in detail what you do (e.g. tap on OK) and what you see (e.g. message
Connection Failed appears))
1. Go to https://bugs.maemo.org/ (or even just http as you'll get redirected)
2. Browser will warn you that the SSL certificate expired on 17th July 2010.
3. There is no step no. 3.

EXPECTED OUTCOME:

See bugs.maemo.org

ACTUAL OUTCOME:

Warned that certificate has expired.

REPRODUCIBILITY:
(always, less than 1/10, 5/10, 9/10)

Always

EXTRA SOFTWARE INSTALLED:

N/A

OTHER COMMENTS:

Firefox 3.6 complains with:

bugs.maemo.org uses an invalid security certificate.

The certificate expired on 17/07/10 09:59.

(Error code: sec_error_expired_certificate)


User-Agent:       Mozilla/5.0 (compatible; Konqueror/4.4; Linux; X11; en_AU)
KHTML/4.4.92 (like Gecko) Kubuntu
Comment 1 Andrew Flegg maemo.org 2010-07-18 00:20:36 UTC
Confirmed. Cert expires today for bugs.maemo.org.
Comment 2 John Veness 2010-07-18 13:27:26 UTC
Hopefully this will be fixed quicker than the 7 months it took to fix the
similar problem with stage.maemo.org (Bug 5551).

I am disappointed with these certificate expiries - someone should be on top of
this issue. Certificate expiries are bad enough, but I just hope noone forgets
to renew the maemo.org domain as that would be even worse.
Comment 3 timeless 2010-07-21 22:02:16 UTC
hey, at least i didn't have to file this bug today! (i was about to, searched
and was pleasantly surprised to see someone else already had.)
Comment 4 Neil MacLeod maemo.org 2010-07-23 18:23:54 UTC
Firefox actually prevents access to bugs.maemo.org now - the user has to
register an exception in order to continue, which is frankly appalling and an
inexperienced user may not proceed thinking the site has been hacked or some
such.

I used to maintain a secure web site for a major investment bank (one of many
they had) and Verisign would notify the certificate admin by automated email
several weeks prior to each certificate renewal date in order to avoid this
kind of outage. We used a distribution list for the certificate admin email
address to allow for vacations etc.

Obtaining a new certificate then took less than 24 hours, and the new
certificates were valid from about 6 weeks prior to the expiry date of the old
certificates allowing plenty of time for the updated certificates to be
applied.

Given that most certificate providers follow similar practice there really is
little excuse for these repeated occurrences of expired certificates.
Comment 5 Rodrigo Linfati 2010-07-25 13:38:22 UTC
/mode spam on

if the porblem is the money...Free ssl certificates for 1 years
https://www.startssl.com/

/mode spam off
Comment 6 Uwe Kaminski 2010-07-25 22:46:59 UTC
maemo.org is a Nokia sponsored website and I assume "sponsored" means at least
everything regarding the infrastructure. Like certificates.

Please let me know if I'm wrong.
Comment 7 Andre Klapper maemo.org 2010-07-25 22:58:05 UTC
There's nothing that the *maemo.org team* currently can do here.
Nokia is aware of this problem since Monday, 19th. They are working on it and I
ping from time to time as fixing should not take that long but obviously does
(don't ask me why)...
Comment 8 Lucas Maneos 2010-07-26 11:10:09 UTC
FYI, the certificates on lists.maemo.org and wiki.maemo.org are also expired (I
assume the same people are responsible for updating all .maemo.org
certificates).
Comment 9 Uwe Kaminski 2010-07-27 12:33:41 UTC
For https://wiki.maemo.org and https://bugs.maemo.org it's fixed now.

For https://lists.maemo.org it isn't yet.
Comment 10 Andre Klapper maemo.org 2010-07-27 12:44:08 UTC
Nokia (and also Niels) are aware that lists.* is still needed.
As this report is about bugs.maemo.org, closing as FIXED.