Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update VA IAM Prod SAML Public Certificate November 16 2023 #16038

Closed
3 tasks
olivereri opened this issue Nov 7, 2023 · 3 comments
Closed
3 tasks

Update VA IAM Prod SAML Public Certificate November 16 2023 #16038

olivereri opened this issue Nov 7, 2023 · 3 comments
Assignees
@olivereri @edmund-dunn
Labels
CMS Team CMS Product team that manages both editor exp and devops DevOps CMS team practice area

Comments

@olivereri
Copy link
Contributor

olivereri commented Nov 7, 2023
edited
Loading

User Story or Problem Statement

As a DevOps engineer I need to update the Public Certificate stored on CMS Prod Servers that secures logon.iam.va.gov, because doing this will keep CMS Prod PIV logon working correctly.

Description or Additional Context

VA IAM Prod environment's certificate that protects logon.iam.va.gov is expiring soon. They are replacing their certificate with their newer one. This requires us to also put a copy of the public certificate on the CMS server as it is used to validate signatures from authentication responses.

Steps for Implementation

  • Find SSOi partner e-mail
  • Download public certificate
  • Join Nov 16th 6pm PT, call bridge with IAM team to trouble shoot any issues.
  • Replace certificate on server and restart httpd
  • Add new Base64 encoded certificate in configuration code to apply it during deployments.

Technical References

CMS SSO SAML IAM LOGIN HOW-TO

Acceptance Criteria

  • Eric / Edmund attended 11/16 6pm PT meeting with IAM team
  • Running config server has been updated to validate PIV login is successful
  • Received text version of certificate to enter into the infrastructure code
@olivereri olivereri added CMS Team CMS Product team that manages both editor exp and devops DevOps CMS team practice area Needs refining Issue status labels Nov 7, 2023
@olivereri olivereri mentioned this issue Nov 7, 2023
Closed
63 tasks
@olivereri
Copy link
Contributor Author

Hey team! Please add your planning poker estimate with Zenhub @edmund-dunn @teeshe @ariperez @ndouglas

@BerniXiongA6
Copy link

Added to Sprint 97 draft plan. We can also use part of Sprint Planning if we need to finalize estimate for this ticket then. Thanks @olivereri cc: @ndouglas @EWashb

@BerniXiongA6 BerniXiongA6 removed the Needs refining Issue status label Nov 9, 2023
@olivereri
Copy link
Contributor Author

Completed successfully, no issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@olivereri olivereri

@edmund-dunn edmund-dunn

Labels
CMS Team CMS Product team that manages both editor exp and devops DevOps CMS team practice area
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@olivereri @BerniXiongA6 @edmund-dunn