[Jenkins-infra] Renewing (issues|wiki).jenkins-ci.org certs
R. Tyler Croy
tyler at monkeypox.org
Tue Nov 1 17:51:21 UTC 2016
(replies inline)
On Tue, 01 Nov 2016, Kohsuke Kawaguchi wrote:
> GoDaddy just sent me a reminder that the cert for those hosts need need to
> be renewed in 2 months.
>
> Before I spend $150 to renew this, I want to make sure we will still use
> this cert. Lots of things are moving around lately, and I expect some more
> changes.
>
> Also, IUC, it's possible to switch these hosts to Let's encrypt, now that
> they are not multi-tenanted.
I believe it makes more sense to migrate these to Lets Encrypt and jenkins.io
as soon as possible.
I have this in tickets:
* https://issues.jenkins-ci.org/browse/INFRA-672
* https://issues.jenkins-ci.org/browse/INFRA-673
That said, I thought these services were using the same certificate as
jenkins-ci.org just with additional names? If that's the case, then I believe
it might be beneficial to just renew for one more year since we haven't fully
shuttered the jenkins-ci.org domain.
Another option would be to start Lets Encrypt'ing jenkins-ci.org certificates
as well, which I'm loathe to do just because I want that domain to go away
already :P
- R. Tyler Croy
------------------------------------------------------
Code: <https://github.com/rtyler>
Chatter: <https://twitter.com/agentdero>
% gpg --keyserver keys.gnupg.net --recv-key 1426C7DC3F51E16F
------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://lists.jenkins-ci.org/pipermail/jenkins-infra/attachments/20161101/9a2f8791/attachment.asc>
More information about the Jenkins-infra
mailing list