Hi,
Should we ask for renew the community certs to avoid possible problems?
Maybe we need to send a quick email to all community sysadmins with recommendations about what to do about this problem.
/cc @willyaranda
Hi,
Should we ask for renew the community certs to avoid possible problems?
Maybe we need to send a quick email to all community sysadmins with recommendations about what to do about this problem.
/cc @willyaranda
Hi Nukeador,
I’m going to email all our community managers.
Community IT is aware of the issue now, and we’re working on it. Webops have been working around the clock regenerating certs.
Please email me if you need the certificates regenerating for any sites
Thanks for asking about this, you woke me up to the situation
There’s more which needs to be explained, but this is a public communication channel, and I’d rather keep it out of here until everything is resolved.
Can anyone fill me in with what this Heartbleed thing is?
I just had the cert for this domain rekeyed, and installed the new one on ELB.
Thanks for the info! All up to date now.
So is there anything we should do on the community sites?
We need to ping all communities using SSL certificates and give them info on how to generate a new key and request to re-key them.
Tad should be making a list of communities using SSL so we can do this.
We should also send out an email to the mcs list
Hi,
once you send new SSL certs to the communities, please remind that they need to change their passwords that might have been exposed to the internet (wordpress mainly I think).
Cheers,
Guillermo
What uses are communities using SSL for currently on their sites? Currently not even all Mozilla infrastructure and dashboards have SSL.
IT encourages communities to use SSL to protect their logins and content.
I think (and hope) mozilla doesn’t have any website with login forms using basic http.
@tanner please, help us move https://bugzilla.mozilla.org/show_bug.cgi?id=993987 we need to re-key our certificate. We secured everything on day 0, but with a possibly compromised certificate we can’t ask people to change their passwords.