Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(April 2022) Update VPN CRL #2885

Closed
6 tasks done
dduportal opened this issue Apr 14, 2022 · 1 comment
Closed
6 tasks done

(April 2022) Update VPN CRL #2885

dduportal opened this issue Apr 14, 2022 · 1 comment
Assignees
@lemeurherve @smerle33
Labels
openvpn vpn
Milestone
infra-team-sync-2...

Comments

@dduportal
Copy link
Contributor

dduportal commented Apr 14, 2022
edited by smerle33
Loading

The Jenkins Infra calendar reminds us that the VPN CRL expires the 5th of May 2022 (ref. #2669 (comment)).

Todo list for the team member who will take this action:

  • Read https://github.com/jenkins-infra/docker-openvpn#howto-review-certificate-revocation-list and check that you have all the pre-requisites
  • Open a PR to jenkins-infra/docker-openvpn that updates the CRL
  • Once the PR is merged, ensures that there is a new version of the container automatically built and released
  • Run manually the GitHub workflow for updatecli in jenkins-infra/jenkins-infra to open a PR for deploying the new Docker image to production
  • Once deployed, connect to the VPN VM and ensure that the new CRL is present and updated
  • Create a new team calendar event to the date of the next expiration, with alerts 3 weeks before and 2 weeks before
@dduportal dduportal added this to the infra-team-sync-next milestone Apr 14, 2022
smerle33 pushed a commit to smerle33/docker-openvpn that referenced this issue Apr 25, 2022
@smerleCB
Renew revocation list certificate
0c110ff 
ref: jenkins-infra/helpdesk#2885

Signed-off-by: smerle33 <smerle@cloudbees.com>
@smerle33 smerle33 mentioned this issue Apr 25, 2022
Merged
@smerle33
Copy link
Contributor

to get next update date :

openssl crl -in ./cert/pki/crl.pem -noout -text
Certificate Revocation List (CRL):
        Version 2 (0x1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: /CN=vpn.jenkins.io
        Last Update: Apr 25 14:44:13 2022 GMT
        Next Update: Oct 22 14:44:13 2022 GMT

@github-actions github-actions bot mentioned this issue Oct 6, 2022
Closed
6 tasks
@github-actions github-actions bot mentioned this issue Mar 21, 2023
Closed
6 tasks
@github-actions github-actions bot mentioned this issue Sep 8, 2023
Closed
6 tasks
@github-actions github-actions bot mentioned this issue Mar 10, 2024
Closed
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lemeurherve lemeurherve

@smerle33 smerle33

Labels
openvpn vpn
Projects
None yet
Milestone
infra-team-sync-2022-04-26
Development

No branches or pull requests
3 participants
@dduportal @lemeurherve @smerle33