On Sun, Jan 22, 2017 at 04:19:43PM +0100, Stefan Weil wrote: > On 03/02/15 23:12, Stefan Hajnoczi wrote: > > On Sat, Feb 28, 2015 at 04:29:44PM +0100, Stefan Weil wrote: > > > * It does not support secure access (https), so each login is insecure. > > > Can we get a free server certificate? > > > > This is on my todo list. I'm travelling right now but will work on it > > over the coming weeks. > > > > There are some gotchas: > > > > 1. qemu.org vs qemu-project.org. Unless we get a SNI certificate, the > > certificate will only be valid for one or the other. Users will get > > an untrusted certificate message if they go to the other domain name. > > > > 2. We use subdomains, so a wildcard certificate is necessary. That's > > not always offered for free so I need to compare the certificate > > vendors. > > > > Stefan > > > Although this discussion thread is rather old, its subject > still applies. > > In the meantime there are free certificates available. > We could add https support with a certificate from > https://letsencrypt.org/. As long as there is only a > small number of host names (*), I'd simply add them all > to the primary certificate. In addition, SNI certificates > for the different names can be installed.
Good idea, Jeff and I have discussed Let's Encrypt and have experience setting it up. > I can help with the installation if that is needed. > > Stefan > > (*) > > qemu.org > qemu.osuosl.org > qemu-project.org > wiki.qemu.org > wiki.qemu-project.org > www.qemu.org > www.qemu-project.org > > Are there more host names used? git.qemu.org git.qemu-project.org
signature.asc
Description: PGP signature
