Categories
Migration Security

Let’s Encrypt

We just moved from StartSSL to Let’s Encrypt certificates for all public Jabber domains including the certificate for this website. You can find the new certificate fingerprints on the Server Specifications page.

Categories
Maintenance Problems Security

More new certs

We updated our old expired certificates a while ago. And now I just updated the website. You can find the new fingerprints here.

Also we had some problems with certificates, especially on this website. Sometimes the webserver delivered the old and expired certificate. This was because some old tasks of Apache were still in the memory. Problem solved three days ago.

Categories
Maintenance Security

New certs for jabber.hot-chilli.net, hot-chilli.net and im.hot-chilli.net

A short time before the old certificates expire we setup some new ones:

jabber.hot-chilli.net
Fingerprint: b1:38:25:b4:8d:4b:de:b0:83:18:88:21:95:3b:82:41:00:0f:24:8d

hot-chilli.net and im.hot-chilli.net (and also for this website):
Fingerprint: f3:74:6e:f0:bc:f6:7a:7e:15:d1:0b:83:6f:02:06:be:29:38:d5:f7

Categories
Maintenance

Certificate valid again

We updated the certificate yesterday. Now it is valid again until January 2014.

Categories
Problems

Certificate expired

Our jabber server certificate is currently expired.

Unfortunately this expiration date was not correctly set in our schedule and hits us now in a time where Roi is in his well-deserved vacation.

He will update the certificate next week once he is back.

Sorry for all the inconvenience.

 

Categories
Downtimes Features Maintenance

Proper certificates for secondary domains

To avoid login errors or messages and also to avoid certain problems with server-to-server connections we installed proper certificates for the secondary domains today.

We had to restart the Jabber services several times, sorry. The ejabberd config file isn’t commented very good, also Google didn’t tell us the correct settings in the first place. But everything works fine now.

PS: For old SSL connections to port 5223 there are no dynamic certificates. This just isn’t possible because of how SSL works.