--zx4FCpZtqtKETZ7O Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi everyone! Finally we have a properly signed https certificate for the ovirt sites, you should be able to see it on gerrit.ovirt.org immediately, the cert details = are: Certificate: Data: Version: 3 (0x2) Serial Number: 06:3d:c1:b8:4d:d4:02:00:d1:fa:64:c5:1f:90:f9:eb Signature Algorithm: sha256WithRSAEncryption Issuer: C=3DUS, O=3DDigiCert Inc, OU=3Dwww.digicert.com, CN=3DDigiC= ert SHA2 High Assurance Server CA Validity Not Before: Feb 23 00:00:00 2015 GMT Not After : Feb 27 12:00:00 2017 GMT Subject: C=3DUS, L=3DRaleigh, ST=3DNorth Carolina, O=3DRed Hat Inc.= , CN=3D*.ovirt.org Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:aa:d6:cb:27:71:eb:31:52:63:a3:31:16:e2:27: 3c:36:67:07:19:06:29:ed:e0:fc:86:ef:7d:1f:7d: 90:cc:e5:dc:d4:f7:8a:a9:0c:4b:75:5e:e7:78:bd: 79:ea:b2:19:ef:2b:28:19:74:ae:95:20:69:3f:bc: e8:20:f3:f7:2a:8a:3b:a2:3c:9b:bb:ec:fe:82:58: 52:08:8f:ba:99:0d:47:fa:cb:6d:a4:42:3f:87:ff: 2c:8c:8b:0e:10:67:42:ed:d8:a8:8a:5d:84:37:23: 2e:80:15:fc:be:40:a1:7b:14:f5:bc:1a:f9:dc:26: 11:2b:04:17:bd:12:6a:14:2e:2a:01:1e:0f:2c:30: 08:cf:d1:6c:87:c4:e9:51:07:0c:89:3b:9a:b3:70: db:eb:9a:2a:6d:1f:4f:a2:43:c5:c0:25:4f:77:3d: ef:7c:d1:cf:b5:65:3d:66:9d:d2:ac:1c:61:bd:c7: 3d:e7:9e:2f:f9:7f:01:2b:5e:da:0b:45:da:e0:6b: 9a:b7:34:04:20:ad:15:76:fa:3f:5c:08:f3:79:2d: f4:fd:cc:a6:4a:9f:a6:0f:78:19:65:69:89:49:cc: 6a:7c:e5:bf:26:d7:37:b9:43:3d:ef:bd:d1:b5:2c: 3c:77:35:05:9e:0d:e1:f7:fe:e7:a3:08:0b:62:60: 6c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier:=20 keyid:51:68:FF:90:AF:02:07:75:3C:CC:D9:65:64:62:A2:12:B8:59= :72:3B X509v3 Subject Key Identifier:=20 90:F7:10:C0:50:C8:0C:26:80:05:FB:3D:6D:17:8F:72:0E:40:FA:07 X509v3 Subject Alternative Name:=20 DNS:*.ovirt.org, DNS:ovirt.org X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage:=20 TLS Web Server Authentication, TLS Web Client Authentication X509v3 CRL Distribution Points:=20 Full Name: URI:http://crl3.digicert.com/sha2-ha-server-g3.crl Full Name: URI:http://crl4.digicert.com/sha2-ha-server-g3.crl X509v3 Certificate Policies:=20 Policy: 2.16.840.1.114412.1.1 CPS: https://www.digicert.com/CPS Authority Information Access:=20 OCSP - URI:http://ocsp.digicert.com CA Issuers - URI:http://cacerts.digicert.com/DigiCertSHA2Hi= ghAssuranceServerCA.crt X509v3 Basic Constraints: critical CA:FALSE Signature Algorithm: sha256WithRSAEncryption 6e:4a:c4:00:b8:58:a6:d7:40:14:96:03:4a:12:15:1b:1a:e0: 58:54:4f:9c:c9:22:68:49:0d:83:19:3d:00:49:87:5d:c3:e1: 3e:7f:b0:81:11:dd:b8:c4:57:4d:a2:b1:9f:f5:5a:be:c2:43: 9c:31:d5:a2:db:67:f9:36:4a:27:0a:4c:4a:c6:77:67:32:32: 82:7a:49:b6:8f:75:fa:d3:84:9e:0e:0e:b7:9a:c3:1c:e7:ab: 82:64:ce:06:6c:b9:ed:ff:3f:de:85:46:2a:e1:44:ab:25:c6: cb:71:6c:b8:14:e5:2d:c8:e0:b7:6f:d7:d0:b6:85:2c:82:1e: 12:52:3d:87:db:c8:cc:04:32:54:62:e5:a1:37:35:35:ae:f5: 45:2e:2d:83:b4:38:cd:0c:2e:b4:5e:11:56:f4:5b:4c:a6:6d: 2f:46:b1:49:7b:76:22:1b:2b:82:78:09:92:95:a7:35:eb:89: 19:08:e2:c2:1c:92:dc:8b:d0:24:12:2d:33:0e:ec:55:f8:87: 56:c5:a7:d2:0c:7c:bb:2b:32:f3:4e:d0:4e:73:4d:ee:9a:c8: 08:a2:7b:d1:ea:bb:84:eb:0d:44:87:17:e7:3a:0d:8a:cc:e2: b9:dc:b2:a7:9c:8d:0f:35:15:ae:73:9d:40:0b:b5:8e:46:db: d5:b9:28:0c --=20 David Caro Red Hat S.L. Continuous Integration Engineer - EMEA ENG Virtualization R&D Tel.: +420 532 294 605 Email: dcaro@redhat.com Web: www.redhat.com RHT Global #: 82-62605 --zx4FCpZtqtKETZ7O Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJU62n4AAoJEEBxx+HSYmnDaHQH/Rz7YJ/fEG7W22t5NGpIMj0H 3H67jHQFI8FtH4xvdIDADA3dxde0s+UFEGp2/JcrV/Win6be2daZGDVtp9j/kLvo 7D4rr4LqWmlbd1tu/p3agoIi/BzDq4jUztlJpNunTwuUZ28XWqF2ITiUmDaMtHTG A3/gRSWJSy1fTlJqNQCvr/nSd93Ln5YPSYxWCmwuytiz89Rj4y2XWXOnJ3NZXzoI xUB36/jEwV511vB6DjteSEEJBYmr/lBUjJbYdTgwtQgv02AzTtqB3il2qpEdiNOf FT5RPlAI4l7pOAg41f7nZ/uT19S0dd0631L7T13mRcMVJ18hl6IcfLl5iknXtB4= =U2Bu -----END PGP SIGNATURE----- --zx4FCpZtqtKETZ7O--
On Mon, Feb 23, 2015 at 06:57:12PM +0100, David Caro wrote:
Finally we have a properly signed https certificate for the ovirt sites, you should be able to see it on gerrit.ovirt.org immediately, the cert details are:
Will we also redirect from http://gerrit.ovirt.org to https://gerrit.ovirt.org? Personally I'd be in favor of it.
--924gEkU1VlJlwnwX Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 02/24, Ewoud Kohl van Wijngaarden wrote:
On Mon, Feb 23, 2015 at 06:57:12PM +0100, David Caro wrote:
Finally we have a properly signed https certificate for the ovirt sites= , you should be able to see it on gerrit.ovirt.org immediately, the cert deta= ils are: =20 Will we also redirect from http://gerrit.ovirt.org to https://gerrit.ovirt.org? Personally I'd be in favor of it.
That's the idea, right now it's already the gerrit default site (so gerrit internal urls prefer https to http). Same goes for jekins and icinga, looking into foreman, but it uses custom c= erts (puppet certs). Not sure how the wiki goes, maybe brian knows better. --=20 David Caro Red Hat S.L. Continuous Integration Engineer - EMEA ENG Virtualization R&D Tel.: +420 532 294 605 Email: dcaro@redhat.com Web: www.redhat.com RHT Global #: 82-62605 --924gEkU1VlJlwnwX Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJU7ExBAAoJEEBxx+HSYmnDx+kH/0Xov7U3mfO5bX846z3b9SGC xEDXpF2CPeHOdVpqP3pPiQbup7vJvDl9uFOarK/1i5oISRAsLrOy3Sl1jiUS3YUO gnroLXAUMeQaOOyUfRrbt5vk6IfYPnEq5/5IyTB+ydaIvKAph5zWUPrtW26UjkD8 9Gd06H1M+tA2MCam+Dkeje2Mk6qC3NIOOxJrj4tYKmgaefMTzb2VDB9vP/qIWtA4 YHFPtPJPdQvnKVS0poK+TGcoZU4iKDbs7jYaMTtXWvZv0JUCvlfP+eTtPwhRQ7FK yNvUfGOk+qmbMYrvPCnhibbf6Dx0i+q+1tLxg5mcHh/7dDSyR6dmoROFz5YPMm8= =rICy -----END PGP SIGNATURE----- --924gEkU1VlJlwnwX--
Not 100% sure on the wiki secure site. BKP ----- Original Message -----
From: "David Caro" <dcaroest@redhat.com> To: devel@ovirt.org Cc: "Brian Proffitt" <bproffit@redhat.com> Sent: Tuesday, February 24, 2015 5:02:42 AM Subject: Re: [ovirt-devel] Gerrit HTTPS Cert
On 02/24, Ewoud Kohl van Wijngaarden wrote:
On Mon, Feb 23, 2015 at 06:57:12PM +0100, David Caro wrote:
Finally we have a properly signed https certificate for the ovirt sites, you should be able to see it on gerrit.ovirt.org immediately, the cert details are:
Will we also redirect from http://gerrit.ovirt.org to https://gerrit.ovirt.org? Personally I'd be in favor of it.
That's the idea, right now it's already the gerrit default site (so gerrit internal urls prefer https to http).
Same goes for jekins and icinga, looking into foreman, but it uses custom certs (puppet certs).
Not sure how the wiki goes, maybe brian knows better.
-- David Caro
Red Hat S.L. Continuous Integration Engineer - EMEA ENG Virtualization R&D
Tel.: +420 532 294 605 Email: dcaro@redhat.com Web: www.redhat.com RHT Global #: 82-62605
-- Brian Proffitt Community Liaison oVirt Open Source and Standards, Red Hat - http://community.redhat.com Phone: +1 574 383 9BKP IRC: bkp @ OFTC
participants (3)
-
Brian Proffitt -
David Caro -
Ewoud Kohl van Wijngaarden