* www.eecs / www.cs and other IRIS-hosted websites
* lists.eecs mailing list web interface
* jabber.eecs IM server
* iris.eecs IRIS website
* wiki.eecs IRIS Wiki hosting
No service should be down for more than 10 minutes.
[SSL Certificates](https://secure.wikimedia.org/wikipedia/en/wiki/SSL_certificate) are needed to secure connections to the servers. They typically expire every 1, 2, or 3 years. We are installing 3-year certificates at this time.
Advanced users may want to know that we are switching to a new Certificate Authority at this time. Please see [the Nov 4th IRIS News article](https://iris.eecs.berkeley.edu/news/4591-new-ssl-certificate-service) for information on this new CA.
UPDATE
[2010-12-17 14:22:41 | Robert McNicholas]
A problem was encountered while deploying the new SSL certificates, and this work was not completed. It has been rescheduled for Monday, December 20th, 5pm-7pm.
The first server I attempted to upgrade was our jabber server, which is a java application and stores keys differently from our Apache web servers. The private key cert was not properly recognized by java as such and the jabber server would not use the key. Time spent debugging this used up the scheduled maintenance window.
The jabber server’s old key was restored around 7pm and the service restarted around 7:15pm.
On Monday, the Apache web servers will be upgraded first, between 5-6pm. This procedure is well-documented and no problems are expected. Jabber may be down the entire hour from 6-7pm while the problem is debugged further.
UPDATE
[2010-12-20 19:35:57 | Robert McNicholas]
SSL certificates were updated on all services as planned. Web servers were down for no more than a few seconds between 5pm and 6pm.
Jabber takes a long time to shut down and restart, so it was down for a few minutes between 7:23 and 7:25pm. Those using jabber.eecs.berkeley.edu may need to “Accept” this new certificate.
Resolved as of 2010-12-20 19:31:00