Closed jakemorr closed 10 months ago
Check status of Entrust/CertBot at the beginning of October so there's some lead time before cert expires.
For temporary certificate renewals: https://apps.nrs.gov.bc.ca/int/confluence/display/DEVGUILD/Generating+a+CSR?
Sent an email to Infrastructure.MiddleTier@gov.bc.ca regarding next steps.
According to the Confluence page, it seems like we can use the steps under “Host on Openshift” to start the renewal process and generate the cert manually. However, we also noticed on another page that domains using “.nrs.gov.bc.ca” are handled automatically by the NRIDS Infrastructure MiddleTier team, so it might not require too much work on our end.
Jake to get TCA Account Code and expense authority
NRIDS accepted the request, and forwarded their request through My Service Center (REQ0441920). CC'd Sustainment Team's email for notification.
Successfully updated WALLY's certs and keys to use Entrust. The certificate is good until Oct. 30th, 2024. There are steps to creating a certificate in the Sustainment Team's Dev Chat Files called "Entrust Cert Creation.docx"
Describe the task Entrust Certificate expired August 30, 2023. Certbot was down so we implemented a Let's Encrypt Cert for 90 days while we wait to see if Certbot will be fixed. if Certbot is fixed we will need to renew an entrust cert then we proceed, if certbot is not up we will have to decide what our path forward is at that point.
Purpose This is required so that the end user doesn't experience a "your connection is not private" warning message (even though they can still click through and use the application).
Acceptance Criteria
Additional Context