Hi Let's encrypt is a little bit weird to use. Have to stop jenkins in order to get port 80 ... and it does not support amazon linux welll.
Olaf > Am 09.02.2016 um 19:07 schrieb Konstantin Boudnik <[email protected]>: > > Thanks for starting on this, Olaf. > > Andres Purtell is VP right now, but I don't think we need to deal with any of > the commercial CAs, nor get INFRA, Ross or ASF budget into this. I'd recommend > to use EFF "Let’s Encrypt" initiative [1] to get the SSL certificate for free > and > be done with it. Check [2] for more info > > [1] https://letsencrypt.org/ > [2] > https://www.eff.org/deeplinks/2015/12/lets-encrypt-project-comes-fruition-2015-review > > I will comment on the INFRA ticket > Cos > > On Tue, Feb 09, 2016 at 06:43PM, Olaf Flebbe wrote: >> Hi >> >> I asked INFRA wether it is possible to get a SSL Certificate for our CI. >> >> This is in my opinion necessary to protect the credentials of the CI against >> random hackers. (I accidentially used the CI on a open Wifi at FOSDEM, >> oops). >> >> Please see INFRA-11187 .Point is that bigtop VP (cos?, rvs?) has to talk >> with Apache President (currently Ross Gardler) about getting the cost of >> this cert budgeted. >> >> Unsure how to proceed: >> >> Other possibilities could be that we find a sponsor for that. >> >> Other possibilities which comes in my mind now is using the free Let's >> Encrypt! https://letsencrypt.org certificates . I do not know if we can use >> it. >> >> Least possibility to use a private (snakeoil) certificate, at least the >> traffic is crypted, but on the other side users get an ugly warning page. >> >> What do you think? >> >> Cheers, >> Olaf > >
signature.asc
Description: Message signed with OpenPGP using GPGMail
