Uploaded image for project: 'Data Management'
  1. Data Management
  2. DM-11441

update rabbit*.lsst.codes TLS cert for 2017

    Details

      Attachments

        Issue Links

          Activity

          Hide
          jhoblitt Joshua Hoblitt added a comment -

          It would be nice if a TLS check could be added to nagios. Per https://www.rabbitmq.com/troubleshooting-ssl.html, s_client should be able to test tls. Could you confirm that TLS is enabled on port 5672 instead of the default 5671, the later port does not seem to be world accessible (I can't connect to it at all) as 5672 is.

          Show
          jhoblitt Joshua Hoblitt added a comment - It would be nice if a TLS check could be added to nagios. Per https://www.rabbitmq.com/troubleshooting-ssl.html , s_client should be able to test tls. Could you confirm that TLS is enabled on port 5672 instead of the default 5671 , the later port does not seem to be world accessible (I can't connect to it at all) as 5672 is.
          Hide
          jmatt J Matt Peterson [X] (Inactive) added a comment -

          Yeah I can implement this. IPs are whitelisted through the SDN and terraform now. But I can remove that requirement.

          Show
          jmatt J Matt Peterson [X] (Inactive) added a comment - Yeah I can implement this. IPs are whitelisted through the SDN and terraform now. But I can remove that requirement.
          Hide
          swinbank John Swinbank added a comment -

          Frossie Economou — what's the plan for this epic? I assume that J Matt has other things on his mind these days; are we simply dropping this work?

          Show
          swinbank John Swinbank added a comment - Frossie Economou — what's the plan for this epic? I assume that J Matt has other things on his mind these days; are we simply dropping this work?
          Hide
          jhoblitt Joshua Hoblitt added a comment -

          I suspect this ticket was completed but the service is also no longer relevant and should be closed regardless.  I can't speak as to what should be done with the parent epic.

          Show
          jhoblitt Joshua Hoblitt added a comment - I suspect this ticket was completed but the service is also no longer relevant and should be closed regardless.  I can't speak as to what should be done with the parent epic.
          Hide
          swinbank John Swinbank added a comment -

          Frossie Economou — please do something with this!

          Show
          swinbank John Swinbank added a comment - Frossie Economou — please do something with this!

            People

            • Assignee:
              jmatt J Matt Peterson [X] (Inactive)
              Reporter:
              jhoblitt Joshua Hoblitt
              Reviewers:
              Adam Thornton
              Watchers:
              Adam Thornton, J Matt Peterson [X] (Inactive), John Swinbank, Joshua Hoblitt
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Summary Panel