[Gluster-infra] certificates for www.gluster.org and download.gluster.org

Danil Mashonkin dmashonk at redhat.com
Wed Sep 5 05:26:00 UTC 2018


Hi,


There is an enquiry to clarify the situation with DigiCert vs Let's encrypt.

We have two certificates issued for download.gluster.org and looks like
none of them in use.

+Order #
<https://www.digicert.com/enterprise/certificate-manager.php?perpage=25&sortby=order>Order
Date
<https://www.digicert.com/enterprise/certificate-manager.php?perpage=25&sortby=date>Common
Name
<https://www.digicert.com/enterprise/certificate-manager.php?perpage=25&sortby=domain>
StatusValidity
<https://www.digicert.com/enterprise/certificate-manager.php?perpage=25&sortby=lifetime>
Product
<https://www.digicert.com/enterprise/certificate-manager.php?perpage=25&sortby=product>
Expires
<https://www.digicert.com/enterprise/certificate-manager.php?perpage=25&sortby=expires>
+ 00761150
<https://www.digicert.com/enterprise/order-details.php?order_id=00761150> 15
Sep 2015 download.gluster.org Renewed 3 Years Standard SSL 19 Sep 2018
+ 03361764
<https://www.digicert.com/enterprise/order-details.php?order_id=03361764> 27
Aug 2018 download.gluster.org Active 2 Years Standard SSL 16 Oct 2020
$ echo -n|openssl s_client -showcerts -crlf -connect
download.gluster.org:443 2>/dev/null|openssl x509 -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:ce:c4:05:2a:a1:1f:3e:f9:cf:36:7f:39:04:a1:7a:17:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
        Validity
            Not Before: Aug  3 02:46:08 2018 GMT
            Not After : Nov  1 02:46:08 2018 GMT
        Subject: CN=download.gluster.org

and www.gluster.org reirect to gluster.wpengine.com

$ dig www.gluster.org

;; ANSWER SECTION:
www.gluster.org. 300 IN CNAME gluster.wpengine.com.
gluster.wpengine.com. 120 IN A 35.197.52.145

And DigiCerts says:

Order #
<https://www.digicert.com/enterprise/certificate-manager.php?perpage=25&sortby=order>Order
Date
<https://www.digicert.com/enterprise/certificate-manager.php?perpage=25&sortby=date>Common
Name
<https://www.digicert.com/enterprise/certificate-manager.php?perpage=25&sortby=domain>
StatusValidity
<https://www.digicert.com/enterprise/certificate-manager.php?perpage=25&sortby=lifetime>
Product
<https://www.digicert.com/enterprise/certificate-manager.php?perpage=25&sortby=product>
Expires
<https://www.digicert.com/enterprise/certificate-manager.php?perpage=25&sortby=expires>
+ 00761149
<https://www.digicert.com/enterprise/order-details.php?order_id=00761149> 15
Sep 2015 www.gluster.org Renewed 3 Years Multi-Domain SSL 19 Sep 2018
+ 03361710
<https://www.digicert.com/enterprise/order-details.php?order_id=03361710> 27
Aug 2018 www.gluster.org Active 2 Years Multi-Domain SSL 16 Oct 2020
So, question is do we really need to keep these DigiCert certificates if
they are not in use?

Thank you.
-- 

Daniel MAshonkin

System Administrator

Red Hat Brisbane
<https://www.redhat.com>

193 North Quay
<https://maps.google.com/?q=193+North+Quay+Brisbane&entry=gmail&source=g>

Brisbane, OLD 4000


danielmash at redhat.com    T: 61735148105 <61735147164>
<https://red.ht/sig>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.gluster.org/pipermail/gluster-infra/attachments/20180905/da126614/attachment-0001.html>


More information about the Gluster-infra mailing list