hg.mozilla.org's x509 server certificate (AKA an "SSL certificate") will be rotated around 2018-10-31T17:00 UTC (10:00 PDT). That's less than 24 hours from now. Bug 1495464 tracks.
You may have the certificate's fingerprint pinned in your hgrc files. Automated jobs may pin the fingerprint as well. *If you have the fingerprint pinned, you will need to take action otherwise Mercurial will refuse the connect to hg.mozilla.org once the certificate is swapped.* The easiest way to ensure your pinned fingerprint is up-to-date is to run `mach vcs-setup` from a Mercurial checkout (it can be from an old revision). If running Mercurial 3.9+ (which you should be in order to have security fixes), both the old and new fingerprints will be pinned and the transition will "just work." Otherwise you'll need to run `mach vcs-setup` or take further action after the new certificate is installed. If a new fingerprint is installed, run `mach vcs-setup` again after the transition to remove the old fingerprint. Fingerprints and details of the new certificate (including hgrc config snippets you can copy) are located at https://bugzilla.mozilla.org/show_bug.cgi?id=1495464#c6 <https://bugzilla.mozilla.org/show_bug.cgi?id=1147548#c12>. From a certificate level, this transition is pretty boring: just a standard certificate renewal from the same CA. The IRC channel for this operational change will be #vcs. Fallout in Firefox CI should be discussed in #ci. Please track any bugs related to this change against bug 1495464. _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
