TLS/Runbook

From Wikitech
< TLS

This page contains service runbooks to handle (among other things) certificate expiration alerts.


CertAlmostExpired

Every probe using TLS also exports the certificate (chain) earliest expiration date. The certificate(s) presented during the probe are about to expire. Check the linked dashboard(s) for more information. For service::catalog probes the instance label is in the form of service:port where service is the service's key in the catalog.

fooservice:443

The alert will link to this anchor for fooservice:443

swift-https:443

Process is documented at Swift/How_To#Update_internal_TLS_certificates

Retrieved from "https://wikitech.wikimedia.org/w/index.php?title=TLS/Runbook&oldid=2166993"