As probably everyone knows the web is rapidly moving to HTTPS by default, supported by major players like Google and Mozilla. I welcome this, but I'm aware that opinions on this differ.
I see that the s9y infrastructure (webpage, board, blog etc.) is still on http only, https requests fail. Apart from the general move to https there are good reasons why software distribution should be especially taken care of in regards to security. And the board has a login, which makes it security sensitive as well.
So: Can we have HTTPS? Any help needed that I could offer?
HTTPS for s9y infrastructure? (webpage, board etc.)
Re: HTTPS for s9y infrastructure? (webpage, board etc.)
We are aware of this. Judging form this issue comment, Garvin had this in mind for the relaunch of the website (I think we also discussed this about a month later at #s9ycamp), which might coincide with relaunching board, blog and forum.hanno wrote:Can we have HTTPS? Any help needed that I could offer?
Not sure if help with this is needed, but probably appreciated.
YL
-
- Regular
- Posts: 764
- Joined: Fri Aug 12, 2005 4:36 pm
- Location: Grüt, Zürich, Switzerland
- Contact:
Re: HTTPS for s9y infrastructure? (webpage, board etc.)
https FTW!hanno wrote:I see that the s9y infrastructure (webpage, board, blog etc.) is still on http only, https requests fail. Apart from the general move to https there are good reasons why software distribution should be especially taken care of in regards to security. And the board has a login, which makes it security sensitive as well.
I second that!
Cheers
Dirk
-
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Re: HTTPS for s9y infrastructure? (webpage, board etc.)
Yeah, I really want that. However, the server is operated by Jannis, and we don't have a free SSL certificate that we could use, and don't want a self-signed one.
The letsencrypt thing has issues on the server so that it would need to be container-ized before, which is a larger task, and Jannis didn't have time yet to perform this. I'll send him this link to maybe get on with this task...
Regards,
Garvin
The letsencrypt thing has issues on the server so that it would need to be container-ized before, which is a larger task, and Jannis didn't have time yet to perform this. I'll send him this link to maybe get on with this task...
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Re: HTTPS for s9y infrastructure? (webpage, board etc.)
letsencrypt-auto or now certbot-auto will just load and install everything it needs in a python virtual environment. That has worked like a charm for me on older environments (Debian Wheezy) where letsencrypt and its dependencies were not packaged yet.garvinhicking wrote:The letsencrypt thing has issues on the server so that it would need to be container-ized before, which is a larger task, and Jannis didn't have time yet to perform this.