Page MenuHomePhabricator
Create Task
Maniphest T229096

Provide the three cert types (chain-only, cert only and chained) as soon as we get the certificate issued
Closed, ResolvedPublic
Actions

Description

Right now on issuing time acme-chief only saves the chained cert type and generates the other two when the certificate is moved from new to live. This behaviour triggers OCSP stapling issuing when staging_time is set to >3600 seconds

Details

SubjectRepoBranchLines +/-
debian: Add release 0.20 to changelogoperations/software/acme-chiefdebian+6 -0
Release 0.20operations/software/acme-chiefdebian+2 -2
acme_chief: Save the certificate using the 3 save modes on issuance timeoperations/software/acme-chiefdebian+30 -9
Release 0.20operations/software/acme-chiefmaster+2 -2
acme_chief: Save the certificate using the 3 save modes on issuance timeoperations/software/acme-chiefmaster+30 -9
Customize query in gerrit

Related Objects
Search...

Event Timeline

Vgutierrez created this task.Jul 26 2019, 10:39 AM
herron triaged this task as Medium priority.Jul 26 2019, 4:26 PM
ema moved this task from Backlog to TLS on the Traffic board.Jul 30 2019, 10:38 AM
gerritbot added a comment.Aug 1 2019, 6:11 AM

Change 526840 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@master] acme_chief: Save the certificate using the 3 save modes on issuance time

https://gerrit.wikimedia.org/r/526840

gerritbot added a project: Patch-For-Review.Aug 1 2019, 6:11 AM
gerritbot added a comment.Aug 2 2019, 4:11 AM

Change 526840 merged by Vgutierrez:
[operations/software/acme-chief@master] acme_chief: Save the certificate using the 3 save modes on issuance time

https://gerrit.wikimedia.org/r/526840

gerritbot added a comment.Aug 2 2019, 4:19 AM

Change 527364 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@master] Release 0.20

https://gerrit.wikimedia.org/r/527364

gerritbot added a comment.Aug 2 2019, 4:30 AM

Change 527364 merged by Vgutierrez:
[operations/software/acme-chief@master] Release 0.20

https://gerrit.wikimedia.org/r/527364

gerritbot added a comment.Aug 2 2019, 4:38 AM

Change 527373 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@debian] acme_chief: Save the certificate using the 3 save modes on issuance time

https://gerrit.wikimedia.org/r/527373

gerritbot added a comment.Aug 2 2019, 4:38 AM

Change 527374 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@debian] Release 0.20

https://gerrit.wikimedia.org/r/527374

gerritbot added a comment.Aug 2 2019, 4:38 AM

Change 527375 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@debian] debian: Add release 0.20 to changelog

https://gerrit.wikimedia.org/r/527375

gerritbot added a comment.Aug 2 2019, 4:47 AM

Change 527373 merged by jenkins-bot:
[operations/software/acme-chief@debian] acme_chief: Save the certificate using the 3 save modes on issuance time

https://gerrit.wikimedia.org/r/527373

gerritbot added a comment.Aug 2 2019, 4:47 AM

Change 527374 merged by jenkins-bot:
[operations/software/acme-chief@debian] Release 0.20

https://gerrit.wikimedia.org/r/527374

gerritbot added a comment.Aug 2 2019, 4:51 AM

Change 527375 merged by jenkins-bot:
[operations/software/acme-chief@debian] debian: Add release 0.20 to changelog

https://gerrit.wikimedia.org/r/527375

Maintenance_bot removed a project: Patch-For-Review.Aug 2 2019, 5:10 AM
Stashbot added a comment.Aug 2 2019, 5:21 AM

Mentioned in SAL (#wikimedia-operations) [2019-08-02T05:21:07Z] <vgutierrez> uploaded acme-chief 0.20 to apt.wikimedia.org (buster) - T229096

Stashbot added a comment.Aug 2 2019, 6:46 AM

Mentioned in SAL (#wikimedia-operations) [2019-08-02T06:46:52Z] <vgutierrez> upgrading acme-chief to version 0.20 in acme-chief test instances - T229096

Krenair subscribed.Aug 18 2019, 12:02 PM

Can we close this now?

Vgutierrez closed this task as Resolved.Aug 19 2019, 6:04 AM
Vgutierrez claimed this task.

Yeah, thanks for the reminder! :)

Stashbot added a comment.Aug 19 2019, 6:37 AM

Mentioned in SAL (#wikimedia-operations) [2019-08-19T06:37:17Z] <vgutierrez> upgrading acme-chief to version 0.20 on production servers - T229096

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits