[almighty] deploying SSL certs
Karanbir Singh
kbsingh at redhat.com
Sat Sep 10 01:00:03 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
On 09/09/16 10:51, Konrad Kleine wrote:
> Hi Karanbir,
>
> that sounds like a plan. I'm totally for having something before
> doing the real thing, if you know what I mean.
>
> Potentially we may run into issues and it would be nice if we can
> eliminate them before doing the real thing.
https://demo.almighty.io/ is now using a self hosted CA's generated
SSL - so its not going to verify for the browser; will need accepting
the first time you hit it.
https://demo.api.almighty.io/ is now also online. Using a similar cert.
Since the UI is hardwired to use http://demo.api.almighty.io/ the
https port on api gets no traffic. Further compounding the problem is
that most browsers will block secure/insecure mix. So visiting
https://demo.almighty.io/ presently returns no content till that
'secure/insecure' content protection is turned off.
all http:// traffic is still working as it was before. once we have
these issues turned off, we can move to redirecting that to https as a
default.
regards,
- --
Karanbir Singh, Project Lead, The CentOS Project, London, UK
Red Hat Ext. 8274455 | DID: 0044 207 009 4455
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQEcBAEBAgAGBQJX01sTAAoJEI3Oi2Mx7xbtqiwH/3PqwJreqlyr0E8GG6bVzB16
KEg/LHd76sd1PZ2Jkb6FbKsdX9++4/Wf3jiop+CthGVo3SXHN8vRSfIoFReOqgX/
zAcI6Z7tIVzinew4PVTCrvoShTX+/KzlIid55NLP2HdB4WUsM92v7VVHu4Ikjvfd
rDY4kwAjeADuo170SyhU0kr9fwJR0F/r2BMP1DB57n0z1UKEWdpdDkv/Ir6W0pKc
1KEN9couaKRdeLvNp65XApugz/kDCP2wtw1uP3gjV6hbeBNqe54arrL6Nkf6JScc
2ClvLId9ELoIxSdBTbwAya1cloDOHoiDER9P91NcJ/1JGfCJ6dSzpw0LhE9Yu04=
=Gape
-----END PGP SIGNATURE-----
More information about the almighty-public
mailing list