Christopher Bongaarts wrote:

>>> The new certificate has been installed.
>>
>> Unfortunately this affected some high-profile applications, so I have 
>> temporarily reverted to the old certificate to give them a chance to 
>> get the new root cert in place.  I expect to reinstall the new cert 
>> later today or at the latest tomorrow, when the old cert expires anyway.
> 
> We are planning to put the new certificate back in place tomorrow, 
> Saturday 11/6 at 5am.

The new certificate has been reinstalled.

>> If anyone happened to notice apps stop working (the expected failure 
>> mode would be login looping - you try to log in to an application and 
>> it immediately kicks you back to the login page), please let the 
>> appropriate support people know.
>>
>>> I wrote:
>>>> Attention web admins using CAH:
>>>>
>>>> The SSL certificate for x500.umn.edu (the validation service for CAH 
>>>> cookies) will be expiring shortly.  We will be using the new 
>>>> InCommon CA to issue the new cert, which means the certificate will 
>>>> reference a different root CA than before.

-- 
%%  Christopher A. Bongaarts   %%  [log in to unmask]          %%
%%  OIT - Identity Management  %%  http://umn.edu/~cab  %%
%%  University of Minnesota    %%  +1 (612) 625-1809    %%