Forum and site maintenance

Started by Jeremy Collake, March 30, 2015, 07:57:35 PM

Previous topic - Next topic

Jeremy Collake

There may be sporadic service disruptions as the servers are reconfigured to be more scalable to handle larger loads.
Software Engineer. Bitsum LLC.

parkd1

You should check this out.  I am running Fire Fox Nightly build 40.0a1 64bit.

Jeremy Collake

We had a temporary misconfig with our renewed SSL cert.

Chrome and IE accepted it fine. No warnings of any kind. All valid. Locked. So, I didn't think to check Firefox.

Apparently Firefox has become more strict given recent SSL vulnerabilities. This is all very interesting to me, as I would not expect 1 of 3 major browsers to fail, while the others succeed with flying colors.

ANYWAY, it should be fixed now. Please verify. This was the last thing I needed (downtime or lost traffic), but I had to renew the SSL cert. Naturally, after verifying with everything BUT Firefox, I went to sleep. Murphy's Law.
Software Engineer. Bitsum LLC.

parkd1


edkiefer

ok, this might sound like dumb question, but i to got the above message, I ok'ed "i know the risk" and it added a extempt somewhere .

now if I want to put back what do I do ?
I looked at security certs and under server there is one bitsum listed under trustwave and is up to date, under authorities there is a bisum which is expired (2013) under bitsum tech , I assume delete this or is it somewhere else ?
Bitsum QA Engineer

Jeremy Collake

No action necessary, I dont think. It probably did not install any new root CA, or add any permanent exemption, it just let you on through to bitsum.com.
Software Engineer. Bitsum LLC.

parkd1

Did that too and then deleted what your talking about and seems to be fine.

Jeremy Collake

Yea, it's definitely good, but if there was a permanent exemption added - well, first, it'd still show the site as insecure at the top - but please tell Ed where he can find said setting if you get time. I'm no Firefox user, so don't know off-hand.
Software Engineer. Bitsum LLC.

edkiefer

ok, well I will delete the old one as it says expired .

I don't get the warning any more, just one time .

Edit: Ok ,deleted old cert and seem fine.
restarted Palemoon (FF based ) , all good .
Bitsum QA Engineer

parkd1

I did not not check to see if it was an old one. I just added when ask the deleted it. Ok go to options the click on advanced on the left of the screen. Then there will be tabs on the top of the screen and click on certificates. Then you will see a tabs called view certificates. That will pull up a window and you I looked at security certs and under server there is one bitsum listed under trustwave and is up to date, under authorities there is a bisum which is expired (2013) under bitsum tech , I assume delete this or is it somewhere else. That is where I found it too. Think we had the same one maybe. I deleted it like you did and it is working fine.

edkiefer

Yes, I am not sure that was cause , but can't hurt to remove old one that expired .
Bitsum QA Engineer

Jeremy Collake

Thank god this didn't persist for too long. Man, yearly SSL certs, and all other certs, are being monopolized these days. Symantec has bought out up most all of the root cert signers, which means they'll then increase prices even higher than they are now. We pay a lot for our code signing, in addition to SSL.
Software Engineer. Bitsum LLC.

edkiefer

I don't think it was very long time , I always have this site up if I am running anything , so i noticed it .
Bitsum QA Engineer

Jeremy Collake

It was certainly less than 12 hours.
Software Engineer. Bitsum LLC.