[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #30509 [Circumvention/Snowflake]: snowflake-broker certificate fetch failing after update



#30509: snowflake-broker certificate fetch failing after update
-------------------------------------+------------------------
 Reporter:  cohosh                   |          Owner:  (none)
     Type:  defect                   |         Status:  closed
 Priority:  Immediate                |      Milestone:
Component:  Circumvention/Snowflake  |        Version:
 Severity:  Normal                   |     Resolution:  fixed
 Keywords:                           |  Actual Points:
Parent ID:                           |         Points:
 Reviewer:                           |        Sponsor:
-------------------------------------+------------------------

Comment (by dcf):

 Replying to [comment:3 cohosh]:
 > I've set up snowflake.agogagave.com to route to the snowflake-broker
 machine, but it's going to take a while for the DNS update to propagate so
 that we can pass the Let's Encrypt challenge.

 I think this would not have worked as a quick fix. The broker would get a
 certificate under the new name, but the Azure domain front would still
 have been pointing to the old name. So I would have had to update the CDN
 configuration to point to the new name (takes at least a coupld of days),
 or (worst case if I was unreachable) set up a whole new domain front and
 push a new release configured to use it. The SSL cert name isn't really a
 critical dependency, but the CDN configuration is. We should migrate the
 CDN configuration somewhere where we can share admin (or I can see if it's
 possible to delegate adminship on Azure). I opened #30510.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30509#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs