Le mercredi 05 septembre 2018 à 15:26 +1000, Danil Mashonkin a écrit : > Hi, > > > There is an enquiry to clarify the situation with DigiCert vs Let's > encrypt.
Hi Danil, I did answer to you in private with the complete details and timeline regarding why this did happen, but yes, we are using LE, so no need for download.gluster.org certificates. > We have two certificates issued for download.gluster.org and looks > like > none of them in use. > > +Order # > <https://www.digicert.com/enterprise/certificate-manager.php?perpage= > 25&sortby=order>Order > Date > <https://www.digicert.com/enterprise/certificate-manager.php?perpage= > 25&sortby=date>Common > Name > <https://www.digicert.com/enterprise/certificate-manager.php?perpage= > 25&sortby=domain> > StatusValidity > <https://www.digicert.com/enterprise/certificate-manager.php?perpage= > 25&sortby=lifetime> > Product > <https://www.digicert.com/enterprise/certificate-manager.php?perpage= > 25&sortby=product> > Expires > <https://www.digicert.com/enterprise/certificate-manager.php?perpage= > 25&sortby=expires> > + 00761150 > <https://www.digicert.com/enterprise/order-details.php?order_id=00761 > 150> 15 > Sep 2015 download.gluster.org Renewed 3 Years Standard SSL 19 Sep > 2018 > + 03361764 > <https://www.digicert.com/enterprise/order-details.php?order_id=03361 > 764> 27 > Aug 2018 download.gluster.org Active 2 Years Standard SSL 16 Oct 2020 > $ echo -n|openssl s_client -showcerts -crlf -connect > download.gluster.org:443 2>/dev/null|openssl x509 -text -noout > Certificate: > Data: > Version: 3 (0x2) > Serial Number: > 03:ce:c4:05:2a:a1:1f:3e:f9:cf:36:7f:39:04:a1:7a:17:6c > Signature Algorithm: sha256WithRSAEncryption > Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3 > Validity > Not Before: Aug 3 02:46:08 2018 GMT > Not After : Nov 1 02:46:08 2018 GMT > Subject: CN=download.gluster.org > > and www.gluster.org reirect to gluster.wpengine.com > > $ dig www.gluster.org > > ;; ANSWER SECTION: > www.gluster.org. 300 IN CNAME gluster.wpengine.com. > gluster.wpengine.com. 120 IN A 35.197.52.145 > > And DigiCerts says: > > Order # > <https://www.digicert.com/enterprise/certificate-manager.php?perpage= > 25&sortby=order>Order > Date > <https://www.digicert.com/enterprise/certificate-manager.php?perpage= > 25&sortby=date>Common > Name > <https://www.digicert.com/enterprise/certificate-manager.php?perpage= > 25&sortby=domain> > StatusValidity > <https://www.digicert.com/enterprise/certificate-manager.php?perpage= > 25&sortby=lifetime> > Product > <https://www.digicert.com/enterprise/certificate-manager.php?perpage= > 25&sortby=product> > Expires > <https://www.digicert.com/enterprise/certificate-manager.php?perpage= > 25&sortby=expires> > + 00761149 > <https://www.digicert.com/enterprise/order-details.php?order_id=00761 > 149> 15 > Sep 2015 www.gluster.org Renewed 3 Years Multi-Domain SSL 19 Sep 2018 > + 03361710 > <https://www.digicert.com/enterprise/order-details.php?order_id=03361 > 710> 27 > Aug 2018 www.gluster.org Active 2 Years Multi-Domain SSL 16 Oct 2020 > So, question is do we really need to keep these DigiCert certificates > if > they are not in use? > > Thank you. > _______________________________________________ > Gluster-infra mailing list > [email protected] > https://lists.gluster.org/mailman/listinfo/gluster-infra -- Michael Scherer Sysadmin, Community Infrastructure and Platform, OSAS
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Gluster-infra mailing list [email protected] https://lists.gluster.org/mailman/listinfo/gluster-infra
