ITS Service Status Report

Scheduled Maintenance

Identity and Access Management Application Services, Weblogin

Start Time: 08/12/2017 11:10 pm

On August 12, 2017, the Cosign back-end service will switch from a certificate signed by UMWebCA to an InCommon certificate that uses the AddTrust Certificate Authority.

End-users do not need to change anything, and this will not affect their experience.

Webmasters should update U-M websites that use Cosign to accept InCommon certificates in addition to the UMWebCA certificate. In some cases, the Cosign setup may already trust InCommon certificates. See Adding Trust for InCommon Certificates to an Existing Cosign Installation for details:
http://documentation.its.umich.edu/node/604

Issue Symptoms: None

Technical Details

Service Type: Production

Server Name: weblogin.umich.edu

Comments:
12:00a: Some DPSS services are failing to authentiate after the certificate switch. This is considered critical enough for a rollback.

12:10a: We have rolled back to the UM Web CA certificate.

Groups Notified:

Report Additional Impacts