Task #7347
MNDeployment #6957: NRDC - Nevada Research Data Center
Resolve firewall deployment issue for NRDC
100%
Description
See epad: https://epad.dataone.org/pad/p/MNWranglers-20150914
The production certificate bundle has been created and is on project.dataone.org; we have held back notifying NRDC until they have successfully re-deployed their test instance in cn-stage. The new mnTestNRDC test node cannot update their node capabilities on cn-stage possibly due to a firewall issue when working with reverse proxy. BEW: reverse proxy might be interpreted as MITM attack and/or be causing issues with certificates. All DataONE connections use TLS, which require certificates for endpoint authentication, and that can be an issue for reverse proxy. Bruce and Mark Servilla to talk about this situation.
UPDATE - Bruce and Mark chatted. To enable NRDC to proceed (i.e. not lose time sorting out the firewall/reverse proxy question) Moinul created another test MN in stage (NRDC1) - Laura to get with Moinul to see where they are in this process (the NRDC1 test MN); see also the ticket
History
#1 Updated by Laura Moyers over 8 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
- translation missing: en.field_remaining_hours set to 0.0
Email from Eric F 2/22/16 "We have revamped our configuration and are now bypassing the reverse proxy."
NRDC has changed their implementation from a reverse proxy setup to have the MN outside the UNR firewall. All operations seem to be working as expected.
