Yep, there is code to prevent the signing machine getting stuck halfway
through a signing (in case one request gets stuck in the pipe, as
happens from time to time, and the operator always always misses the
errors as they scroll past along with other SSL stuff), and there is
some more code to gracefully(ish) handle renewals, and both pieces of
the signing code have apparently suffered some bit rot and will need
some stern talking to. Machines being machines, this happens. We'll
try to fix it next week; it can still sign happily but needs the old
expert eye on it.
BTW I don't mind at all the odd poke or nudge to go do a signing (with
the understanding that I can only do so if in the office and not in
meetings), humans being busy humans I know things slip through the net
too. I'd like to bring the CA online - or perhaps bring hosts to 2A
which _is_ online - and then signing can happen automagically.
Cheers - and Happy Easter
-j
On 28/03/2013 13:52, Claire Devereux wrote:
> Hi Chris,
>
> The signing machine had a wobble and Jens has been on the case today fixing it. Its fixed now and normal service is resuming. Signing is carried out at least once a day.
>
> Cheers
>
> Claire
>
> -----Original Message-----
> From: Testbed Support for GridPP member institutes [mailto:[log in to unmask]] On Behalf Of Christopher J. Walker
> Sent: 27 March 2013 19:37
> To: [log in to unmask]
> Subject: cert for se03
>
> The host certificate of our SE, se03.esc.qmul.ac.uk is due to expire on Saturday (renewal got buried under other stuff).
>
> I requested a new one yesterday morning, and it hasn't arrived yet (and I thought the CA signed these things daily).
>
> If there's a problem with the renewal can someone let me know and I'm keen to install the certificate tomorrow morning.
>
> Chris
>
--
Scanned by iCritical.
|