hg.mozilla.org's x509 server certificate (AKA an "SSL certificate") expires next week.
A new certificate has already been issued and it is scheduled to be swapped in around 2016-09-26T17:00Z (Monday September 26 10:00 PDT). The transition may be delayed to avoid downtime in automation, which hasn't fully prepared for the change yet. The only major change to the certificate is it is using SHA-256 for signatures. This is known to not work with ancient software (such as Windows XP SP2). We don't anticipate any major problems with this, however. If you pin the host fingerprint in your Mercurial config file, you'll need to install a new fingerprint or Mercurial will refuse to connect once the certificate is swapped. The fingerprint of the new certificate and Mercurial config snippets for configuring it are available at https://bugzilla.mozilla.org/show_bug.cgi?id=1147548#c12. It's worth noting that Mercurial 3.8+ supports pinning multiple fingerprints per host. So, if you install the new fingerprint today, you don't need to take action when the server certificate is swapped next week. If you notice any problems after the cert change, please make noise in #vcs on IRC. _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
