[Pki-devel] Dogtag PKI Website URL
Endi Sukma Dewata
edewata at redhat.com
Wed Mar 28 03:30:25 UTC 2018
----- Original Message -----
> On Tue, Mar 27, 2018 at 09:52:22PM -0400, Endi Sukma Dewata wrote:
> > ----- Original Message -----
> > > On Tue, Mar 27, 2018 at 11:16:01AM -0400, Endi Sukma Dewata wrote:
> > > > Hi,
> > > >
> > > > The Dogtag PKI Website URL has changed as follows:
> > > >
> > > > * Old URL: http://pki.fedoraproject.org
> > > > * New URL: http://www.dogtagpki.org
> > > >
> > > > Please use the new URL whenever possible. The old URL should
> > > > automatically be redirected to the new URL, so all existing links
> > > > should continue to work.
> > > >
> > > > Unfortunately, there was a glitch during the transition yesterday
> > > > causing it to be redirected to redhat.com. If you are experiencing
> > > > this, you may need to clear the browser cache/history. Please refer
> > > > to your browser's documentation since the steps are browser-specific.
> > > >
> > > > Sorry for the inconvenience. Thanks!
> > > >
> > > Thanks for the update, Endi.
> > >
> > > Now that the domain change is done, what needs to be done to enable
> > > TLS?
> > >
> > > Thanks,
> > > Fraser
> >
> > I think Matt/Nathan is in the process of getting an SSL cert, unless
> > there's an easy way to use Let's Encrypt?
> >
>
> We should be able to use the ACME HTTP or DNS challenges to get a
> certificate from Let's Encrypt. Not sure which would be easiest to
> get going (and automate) on OpenShift. Here's a recently published
> article on the official OpenShift blog about it:
>
> https://blog.openshift.com/lets-encrypt-acme-v2-api/
>
> It's a shame OpenShift Online hasn't got automatic OOTB TLS support
> via ACME/LE yet. I have them a heads-up years ago. We are behind
> the competition.
>
> Cheers,
> Fraser
Thanks for the info. There's also an older article about that:
https://blog.openshift.com/create-https-based-encrypted-urls-using-routes/
but I haven't been able to get it working. Maybe I'll be able to
revisit this in a few weeks.
HTTP challenge should be easier since we have access to the server.
--
Endi S. Dewata
More information about the Pki-devel
mailing list