[Dev] issue notification: CLARIN Identity Provider temporarily unavailable

[Dieter Van Uytvanck]

Dear all,

the impacted services (as listed below) are available again. Sorry for
the annoyance, but this was a non-trivial problem that took a bit of
time to grasp.

A deeper analysis (thanks to Sander and Willem) revealed that the new
X.509v3 root CA-signed certificate SSL is incompatible with the LDAP
server we use (OpenDJ). As a workaround the old certificate has been
installed again on the LDAP server, which in turn required updating the
configuration of some LDAP clients. Most of that has been taken care of,
it might be that the CLARIN Identity Provider needs to be restarted in
the course of Tuesday - which could result in a downtime of a few
minutes. This will be announced beforehand.

On the longer term this issue will be addressed by the migration of our
current LDAP server to UnityIDM - in the context of CLARIN-PLUS.

best regards,
Dieter


On 16/11/15 15:33, Dieter Van Uytvanck wrote:
> The impact:
> 
> - the existing CLARIN Identity Provider accounts still work; only newly
> created accounts (after 12:30 today) cannot be used since the
> synchronisation is currently unavailable
> 
> - trac.clarin.eu is still unavailable; svn.clarin.eu works (but only in
> read-only mode)
> 
> - infra.clarin.eu was unavailable during a few minutes this afternoon
> when the server was rebooting but is available since then
> 
> - it is not possible to login to www.clarin.eu since this also depends
> on the LDAP server


-- 
Dieter Van Uytvanck
Technical Director CLARIN ERIC
www.clarin.eu | tel. +31-(0)850091363 | skype: dietervu.mpi