Subject: Re: [boost] boost.org https certificate expired 4 month ago
From: Michael Caisse (mcaisse-lists_at_[hidden])
Date: 2015-08-14 10:40:16
On 08/14/2015 07:11 AM, Marcin Zalewski wrote:
> On Fri, Aug 14, 2015 at 2:51 AM Vladimir Prus <vladimir.prus_at_[hidden]>
>> On 12-Aug-15 12:38 AM, Niall Douglas wrote:
>>> On 11 Aug 2015 at 1:36, Klaim - JoÃ«l Lamotte wrote:
>>>>> I noticed today that the https of boost.org is expired, and should
>> have a
>>>>> new certificate:
>>>> My understanding is that the process to renew the certificate was
>>>> few months ago but
>>>> got nowhere. Not totally sure why though.
>>>> The last status report from the steering committee is available there:
>>> We have a new SSL cert, and have had for some months.
>>> The problem is installing it. We no longer have root access to the
>>> server in question and I understand the person who had root access
>>> isn't responding to email.
>> It's unfortunate that the Steering Committee had not taken a decisive
>> action here - either reaching other people at OSL - or deciding
>> that we've lost webserver access completely, and need to start over.
> As I said in my previous email, there was an exchange between our admin and
> boost. The certificate was delivered to us, but it was incomplete, missing
> the key. We asked for the key, but the email thread broke off, and we never
> got the necessary files. If someone has all the necessary files, we can get
> the key installed today. If nobody has the files and we should get the
> certificate ourselves, we are open to that.
I've been one of the 3rd parties with no control, access, or keys that
has been trying to nudge all of the in-the-know parties to get something
done (via personal emails). We finally got to the point where the admin
was responding but then the keys that were purchased were not SHA-2.
We left off with the group that can purchase the SHA-2 wildcard cert
needed the admin to provide the CSR to do so.
This is all mind numbingly frustrating. I appreciate the sentiment of
finding new hosting and we (Ciere) have already done that for some Boost
assets. It also requires a level access to the old system that we don't
have. We are actively working on a transition.
Meanwhile ... I'll start emailing again (o;
-- Michael Caisse ciere consulting ciere.com
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk