On Tue, Jun 16, 2015 at 5:56 AM, Wim Godden <[email protected]> wrote: > Someone from our area (Belgium) noted that php.net was not serving correctly > over HTTPS for them. > So my question is very simple : since no mirrors have the certificate for > *.php.net, should we : > - disable HTTPS completely (might be hard to do if the PHP mirror shares an > IP with other sites on the server) > - redirect the HTTPS version to the HTTP one (will display a warning about > the certificate before redirecting) > - provide HTTPS anyway (this causes issues in most browsers, since the > images and stylesheets are served through HTTP URLs) > > Your thoughts ?
Its problematic all around. We cannot share our private keys with approximately 100 mirrors maintainers. We are looking into ways we can provide full TLS experience, but that isn't something we can solve in the shortterm. -Hannes -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
