Konstantin, Ok, no objections from my side. I need some times for read documentation. I hope we will finished in two weeks.
http://reviews.ignite.apache.org - will setup for ssl using too. Konstantin Boudnik-2 wrote > I have never heard about this provider, and it is great they are donating > their resources to the FOSS. I quick glance on their site has reveiled a > couple of issues: > - the page for the "Standard Agreement" returns 404 [1]. I won't be > willing to > agree to something I cannot read upfront. > - the process seems to be manual. > > The reason I like [2] is because it's backed by EFF and has a huge user > base > (over 100 millions certificates to date) [3] > > The process has been debugged already for other Apache projects, so I > don't > really see why we need to go to someone else? > > [1] > https://www.globalsign.com/en/repository/globalsign-subscriber-agreement-digital-certificates-and-services.pdf > [2] https://letsencrypt.org/ > [3] > https://www.eff.org/deeplinks/2017/06/lets-encrypt-has-issued-100-million-certificates > > Thanks, > Cos > > On Wed, Jul 19, 2017 at 09:41PM, Aleksey Chetaev wrote: >> Hi, >> >> A know GlobalSing support open source projects for >> free(https://www.globalsign.com/en/ssl/ssl-open-source/). >> We can request certificates from them, it will be more easy for me. Any >> objection? >> >> >> Denis Magda-2 wrote >> > Hi Cos, >> > >> > Alexey Chetaev, please join the conversation and share your thoughts on >> > this. >> > >> > — >> > Denis >> > >> >> On Jul 19, 2017, at 9:44 AM, Konstantin Boudnik < >> >> > cos@ >> >> > > wrote: >> >> >> >> Hey guys. >> >> >> >> I've noticed that https://ci.ignite.apache.org/ has two issues: >> >> - it has the invalid certificate >> >> - the CI server isn't responding on the https port (there's only >> ngnix) >> >> >> >> I don't about the rest of the group here, but all my browsers are >> >> enforcing >> >> HTTPS connections for the obvious reasons. I have to add an exception >> >> for the CI server to get in, which is a minor inconvenience compared >> to >> >> the >> >> security risks. I suggest we fix both issues. >> >> 1. Getting a valid certificate is easy and doesn't cost a dime >> nowadays. >> >> Here's the very details set of instructions on how we do it for >> Apache >> >> Bigtop. They are easily applicable in Ignite CI's case [1]. I'd be >> >> happy to >> >> help with this. >> >> 2. Reconfiguring the server to respond only on HTTPS port. That's >> another >> >> easy >> >> thing to do for anyone with the access to the box. I don't have >> this, >> >> so >> >> it'd be someone else. >> >> >> >> Thoughts? >> >> Cos >> >> >> >> [1] >> >> >> https://cwiki.apache.org/confluence/display/BIGTOP/Bigtop+CI+Setup+Guide#BigtopCISetupGuide-Advancedpart:SetupaSSLsecuredJenkinsmaster >> >> >> >> >> >> >> >> -- >> View this message in context: >> http://apache-ignite-developers.2346864.n4.nabble.com/SSL-certificate-for-the-CI-server-tp19830p19840.html >> Sent from the Apache Ignite Developers mailing list archive at >> Nabble.com. > > > signature.asc (237 bytes) > <http://apache-ignite-developers.2346864.n4.nabble.com/attachment/19933/0/signature.asc> -- View this message in context: http://apache-ignite-developers.2346864.n4.nabble.com/SSL-certificate-for-the-CI-server-tp19830p20066.html Sent from the Apache Ignite Developers mailing list archive at Nabble.com.
