Task #3515
closed
Request all expired node and user certificates be manually updated
Added by Jeff Burke about 8 years ago.
Updated about 8 years ago.
Description
Cert mechanism on testbed is apparently still broken? (See messages to operators list in Jan '16.) Please fix or indicate plan for resolution.
- Blocks Task #3513: [NdnCon] Change user prefix to be compatible with auto prefix propagation added
- Subject changed from Fix testbed cert issuing mechanism to Request all expired node and user certificates be manually updated
- Assignee changed from Yingdi Yu to Jeff Burke
Per AlexA, things are operating correctly now, but expired certs for nodes and users need to be manually re-requested as there is no roll-over mechanism yet.
If this is correct, I'll work with John DeHart to request everyone update their certs, and we can work on transitioning the namespace for NDN-RTC as a breaking change in the next version.
Please confirm.
Site certs to be updated by John Dehart. Peter, can you incorporate updating user certs into current ndncon test instructions?
incorporate updating user certs into ndncon test instructions
Requesting user certificate right before NdnCon conference would be too late.
ndncert requires operator approval, which is not instantaneous.
Per testbed policy, operator has up to 24 hours to respond.
Instead, ndncert should automatically notify the user when his/her certificate is less than 18 days before expiration, similar to what Let's Encrypt does.
Before an automated notification system is in place, I suggest sending bulk emails to every user who has an expired certificate, after site certificates are up to date.
You may use this script to find all expired certificates (pipe its output to | column -t for a nicer view):
- Status changed from New to Closed
Also available in: Atom
PDF
Updated by 
Updated by