Hi, Thanks Tristan for this useful information. The patch has been +2CR and +1V. Let's see how it behave.
Fabien Le 22/10/2016 à 17:01, Tristan Cacqueray a écrit : > Hello folks, > > Since http://softwarefactory-project.io/r/5077 is merged, development > deployment (sftests.com) will use (and force) https usage. However there > is a catch, the CA and CRT are regenerated at each run, and turns out > firefox doesn't handle that properly: connecting to a redeployed > environment will failed with: SEC_ERROR_REUSED_ISSUER_AND_SERIAL :( > > To fix that you need to: > Click 'preferences', 'advanced', 'view certificates', and removes all > sftests.com certificates from 'Server' and 'Others' tabs. > You also need to restart firefox for to take effect. > > Then I've proposed the following improvement[0]: > * Don't erase the localCA during lxc init > * Enable downloading the CA using sftests.com/localCA.pem > * Support connecting to port 8080 for ssh tunnel > > I hope this will mitigate most of the annoyances... > > [0]: http://softwarefactory-project.io/r/5196 > > Yours, > -Tristan > > > > _______________________________________________ > Softwarefactory-dev mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/softwarefactory-dev >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Softwarefactory-dev mailing list [email protected] https://www.redhat.com/mailman/listinfo/softwarefactory-dev
