> On Dec 11, 2021, at 11:08 AM, Glauco <[email protected]> wrote:
>
> Thank you, Ken
>
> I can live with that warning message, the problem is that the newcomer would
> not be positively impressed (I guess).
>
> Is there a reason why Let's encrypt cannot be used to get a cert for
> us.metamath.org ? (it looks like it's the most common result from Google).
>
> And, if I'm not mistaken, Let's encrypt allows for wildcard certs, now:
>
> https://community.letsencrypt.org/t/acme-v2-production-environment-wildcards/55578
We definitely need to fix up our HTTPS story. Really, we should serve
everything from HTTPS,
and the only plausible use for HTTP should be redirecting to HTTPS.
There are malicious actors who inject nasty content in HTTP nowadays as
man-in-the-middle attacks :-(.
However, I expect complicates due to Norman Megille's recent death. Please be
patient :-).
--- David A. Wheeler
--
You received this message because you are subscribed to the Google Groups
"Metamath" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/metamath/A68E47E5-DC90-4CAE-9F63-18DBD5FA1A4C%40dwheeler.com.
