Uploaded image for project: 'Infrastructure'
  1. Infrastructure
  2. INFRA-133

Certificate for pkg.jenkins-ci.org not valid

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Guillaume Boucherie on jenkinsci-users:

      It seems that the https certificate for https://pkg.jenkins-ci.org site is no longer valid.
      Could check that ?

        Attachments

          Issue Links

            Activity

            Hide
            rtyler R. Tyler Croy added a comment -

            Yikes, this looks like it's actually Jenkins-on-Jenkins (aka ci.jenkins-ci.org which is somehow serving off of pkg.jenkins-ci.org.

            WAT.

            Show
            rtyler R. Tyler Croy added a comment - Yikes, this looks like it's actually Jenkins-on-Jenkins (aka ci.jenkins-ci.org which is somehow serving off of pkg.jenkins-ci.org . WAT.
            Hide
            rtyler R. Tyler Croy added a comment -

            The vhost file on the machine looks legitimate to me:

            <VirtualHost *:8888>
            	ServerName pkg.jenkins-ci.org
            
            	DocumentRoot /var/www/pkg.jenkins-ci.org
            	<Directory />
            		Options FollowSymLinks
            		AllowOverride None
            	</Directory>
            	<Directory /var/www/pkg.jenkins-ci.org>
            		Options Indexes FollowSymLinks MultiViews
            		AllowOverride All
            		Order allow,deny
            		allow from all
            	</Directory>
            
            	ErrorLog /var/log/apache2/error.log
            
            	# for debugging mod_rewrite
            	#RewriteLog	/tmp/rewrite.log
            	#RewriteLogLevel	9
            
            	# Possible values include: debug, info, notice, warn, error, crit,
            	# alert, emerg.
            	LogLevel warn
            
            	CustomLog "|/usr/sbin/rotatelogs /var/log/apache2/pkg.jenkins-ci.org/access.log.%Y%m%d%H%M%S 604800" reverseproxy_combined
            </VirtualHost>
            

            I've made sure that Puppet is running properly and that Apache isn't throwing errors. Still uncertain as to why the wrong virtual host would be served

            Show
            rtyler R. Tyler Croy added a comment - The vhost file on the machine looks legitimate to me: <VirtualHost *:8888> ServerName pkg.jenkins-ci.org DocumentRoot / var /www/pkg.jenkins-ci.org <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory / var /www/pkg.jenkins-ci.org> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> ErrorLog / var /log/apache2/error.log # for debugging mod_rewrite #RewriteLog /tmp/rewrite.log #RewriteLogLevel 9 # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog "|/usr/sbin/rotatelogs / var /log/apache2/pkg.jenkins-ci.org/access.log.%Y%m%d%H%M%S 604800" reverseproxy_combined </VirtualHost> I've made sure that Puppet is running properly and that Apache isn't throwing errors. Still uncertain as to why the wrong virtual host would be served
            Hide
            rtyler R. Tyler Croy added a comment -

            Alright, I've identified two issues here. One is that the vhost on port 443 was incorrect. That now goes directly to pkg.jenkins-ci.org instead of falling back to the precedence of ci.jenkins-ci.org.

            The certificate is still invalid because we're not using a wildcard certificate and we don't have a pkg.jenkins-ci.org specific cert.

            I'll fix that later at a much lower priority

            Show
            rtyler R. Tyler Croy added a comment - Alright, I've identified two issues here. One is that the vhost on port 443 was incorrect. That now goes directly to pkg.jenkins-ci.org instead of falling back to the precedence of ci.jenkins-ci.org . The certificate is still invalid because we're not using a wildcard certificate and we don't have a pkg.jenkins-ci.org specific cert. I'll fix that later at a much lower priority
            Hide
            rtyler R. Tyler Croy added a comment -

            We have a valid certificate for https://pkg.jenkins.io and future references should there

            Show
            rtyler R. Tyler Croy added a comment - We have a valid certificate for https://pkg.jenkins.io and future references should there

              People

              Assignee:
              rtyler R. Tyler Croy
              Reporter:
              danielbeck Daniel Beck
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: