Operations grimoire/Incidents/2017-03-12-SSL

From Nasqueron Agora

📕📁📜 Old technical information :: content warning

⌛ This Nasqueron Operations Grimoire page hasn't been updated for a long time.

☣ As our infrastructure evolves quickly, there is a good chance this information is outdated or now inaccurate. Be careful and consider update it.

➡️ To assert the information is still up-to-date or not, you can check the history of the relevant role in our Operations repository.

Incident timeline

  • 2017-02-25 Certificate renewed for www.wolfplex.be
  • 2017-03-11 Old certificate expired
  • 2017-03-12 Nginx was restarted at 17:28:44, new certificate was live

Root cause

Nginx server MUST be reloaded after a certificate has been renewed.


  • Create a plugin to automate this server restart (like in D743)
  • Provide the restart operation as certbot argument and consider to cron that (T1167)