By providing acme-chief support in compile_redirects() we can keep redirects.dat as the source of truth for both web server configuration and list of SNIs for issuance of TLS certificates.
|operations/puppet||production||+32 -4||redirects.dat: Provide acme-chief/TLS SNI list support in compile_redirects()|
|Resolved||• ema||T108827 Investigate TCP Fast Open for tlsproxy|
|Declined||None||T107236 Switch port 80 to nginx on primary clusters|
|Open||None||T101048 Policy decisions for new (and current) DNS domains registered to the WMF|
|Resolved||BBlack||T104681 HTTPS Plans (tracking / high-level info)|
|Resolved||Vgutierrez||T214253 en.wikipedia.com [sic] serves an invalid certificate|
|Resolved||Vgutierrez||T190244 en-wp.org certificate error|
|Resolved||Vgutierrez||T133548 Create a secure redirect service for large count of non-canonical / junk domains|
|Open||Vgutierrez||T225096 Provide acme-chief/TLS SNI list support in compile_redirects()|
The swap of Traffic for Traffic-Icebox in this ticket's set of tags was based on a bulk action for all such tickets that haven't been updated in 6 months or more. This does not imply any human judgement about the validity or importance of the task, and is simply the first step in a larger task cleanup effort. Further manual triage and/or requests for updates will happen this month for all such tickets. For more detail, have a look at the extended explanation on the main page of Traffic-Icebox . Thank you!