Re: [freenet-dev] 5 weeks till our SSL certificate expires
On Fri, 2017-02-24 at 18:40 +0100, Arne Babenhauserheide wrote: > Dan Roberts writes: > > The website is fully static and should be fine with s3 + cloudflare. > > Do we actually need cloudflare for the hosting? Cloudflare doesn't provide hosting. > Would it be simpler without cloudflare? (according to stackoverflow > S3 should support SSL). > S3 doesn't support SSL with custom domains, for that you need to use cloudfront... Which we will probably do if we pick S3 for hosting. The real question is whether we want: - github-pages + cloudflare (free, not SSL-all-the-way) - S3 + cloudfront (paid for but affordable) It's not just "hosting", it's also "who will take care of the DNS", "who will run the CI", ... I will have a stab at putting a PoC together this week-end. You can already see "cloudflare+github at http://javadoc.freenetproject.org/ " Florent signature.asc Description: This is a digitally signed message part ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] 5 weeks till our SSL certificate expires
Dan Roberts writes: > The website is fully static and should be fine with s3 + cloudflare. Do we actually need cloudflare for the hosting? Would it be simpler without cloudflare? (according to stackoverflow S3 should support SSL). Best wishes, Arne -- Unpolitisch sein heißt politisch sein ohne es zu merken signature.asc Description: PGP signature ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] 5 weeks till our SSL certificate expires
Not only does Cloudflair ruin Tor access. https://www.lowendtalk.com/discussion/106740/serious-security-issue-at-cloudflare-change-all-your-passwords-now [00:20] cloudflare severely fucked up [00:20] .t https://bugs.chromium.org/p/project-zero/issues/detail?id=1139 [00:20] 1139 - cloudflare: Cloudflare Reverse Proxies are Dumping Uninitialized Memory - project-zero - Monorail [00:21] choice quotes: "I didn't realize how much of the internet was sitting behind a Cloudflare CDN until this incident." [00:21] "Cloudflare pointed out their bug bounty program, but I noticed it has a top-tier reward of a t-shirt. Needless to say, this did not convey to me that they take the program seriously." [00:21] "Cloudflare did finally send me a draft. It contains an excellent postmortem, but severely downplays the risk to customers. They've left it too late to negotiate on the content of the notification." [00:22] "The examples we're finding are so bad, I cancelled some weekend plans to go into the office on Sunday to help build some tools to cleanup." Freenet: > An anonymous FMS user raised this point. > > freenet:USK@KOn1onAO97w3RNzAgcTsqSW6WAliG4EgevONnn4-qMs,k5~fkfH1PYnPABwkLAQSXUoeoX1Gh3fTXxk-pC2ujRM,AQACAAE/maybe-the-new-freenetproject.org-website/0/ > > Ian: >> Re: deployment, I think the ideal would be automatic deployment from the >> github repo on a merge to a production branch. I assume we can do that via >> an >> AWS Lambda? >> >> >> >> >> >> On Thu, Feb 23, 2017 12:40 AM, Dan Roberts ademan...@gmail.com wrote: >> The website is fully static and should be fine with s3 + cloudflare. I don't >> think it makes much sense to use github for any of this hosting, we already >> threw out all of the advantages we'd get from it back in october or november >> for >> the translation support, and switching to pelican didn't change the >> situation. >> The pending question for me is how to handle deployment, I figure I'll end up >> working with Florent to develop a lambda job, it should be pretty straight >> forward. >> Thanks,Dan >> >> On Wed, Feb 22, 2017 at 1:03 PM, Ian wrote: >> Dan, can you clarify the current plan for website hosting per Nextgens' >> questions below? >> Ian. >> >> >> >> >> >> On Wed, Feb 22, 2017 2:29 AM, Florent Daigniere nextg...@freenetproject.org >> wrote: >> We need to know what we are hosting before we can make any determination >> >> here... Last I've heard, the plan was to start with github's hosting >> >> facility and to put either cloudflare or cloudfront in front (since >> >> github doesn't do SSL). If it turns out that we have a fully static >> >> website, I suggest we do s3 + cloudfront (SSL all the way instead). I >> >> have said that I would take care of it and I will, provided the new >> >> website materialises. >> >> >> >> >> There are numerous related quirks that need ironing out; Fred pins the >> >> certificate authority FPI uses to securely fetch plugins and last-resort >> >> updates... this means that changing the CA we use will take a mandatory >> >> release (which obviously involves some planning). >> >> >> >> >> By the way, we need to plan for the mailserver / mailman too (this is >> >> also reliant on having a valid certificate as currently configured). >> >> >> >> >> Florent >> >> >> >> >> On Tue, 2017-02-21 at 14:26 -0500, Steve Dougherty wrote: >> >>> Sure, I'll discuss this with nextgens. >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> Original Message >> >>> On Feb 21, 2017, 11:42 AM, Ian wrote: >> >>> >> >>> >> >>> >> >>> Steve, are you in a position to take ownership of this task (renewing >> >>> our cert and migrating to Let's Encrypt)? >> >>> >> >>> What about using AWS, don't they do free certs now? It seems like >> >>> Florent is keen on migrating everything to AWS (except for what's on >> >>> Github), if so it might be nice to have the cert through AWS too (and >> >>> AWS has good multi-user functionality). >> >>> >> >>> Ian. >> >>> >> >>> >> >>> >> >>> >> >>> >> >&
Re: [freenet-dev] 5 weeks till our SSL certificate expires
An anonymous FMS user raised this point. freenet:USK@KOn1onAO97w3RNzAgcTsqSW6WAliG4EgevONnn4-qMs,k5~fkfH1PYnPABwkLAQSXUoeoX1Gh3fTXxk-pC2ujRM,AQACAAE/maybe-the-new-freenetproject.org-website/0/ Ian: > Re: deployment, I think the ideal would be automatic deployment from the > github repo on a merge to a production branch. I assume we can do that via an > AWS Lambda? > > > > > > On Thu, Feb 23, 2017 12:40 AM, Dan Roberts ademan...@gmail.com wrote: > The website is fully static and should be fine with s3 + cloudflare. I don't > think it makes much sense to use github for any of this hosting, we already > threw out all of the advantages we'd get from it back in october or november > for > the translation support, and switching to pelican didn't change the situation. > The pending question for me is how to handle deployment, I figure I'll end up > working with Florent to develop a lambda job, it should be pretty straight > forward. > Thanks,Dan > > On Wed, Feb 22, 2017 at 1:03 PM, Ian wrote: > Dan, can you clarify the current plan for website hosting per Nextgens' > questions below? > Ian. > > > > > > On Wed, Feb 22, 2017 2:29 AM, Florent Daigniere nextg...@freenetproject.org > wrote: > We need to know what we are hosting before we can make any determination > > here... Last I've heard, the plan was to start with github's hosting > > facility and to put either cloudflare or cloudfront in front (since > > github doesn't do SSL). If it turns out that we have a fully static > > website, I suggest we do s3 + cloudfront (SSL all the way instead). I > > have said that I would take care of it and I will, provided the new > > website materialises. > > > > > There are numerous related quirks that need ironing out; Fred pins the > > certificate authority FPI uses to securely fetch plugins and last-resort > > updates... this means that changing the CA we use will take a mandatory > > release (which obviously involves some planning). > > > > > By the way, we need to plan for the mailserver / mailman too (this is > > also reliant on having a valid certificate as currently configured). > > > > > Florent > > > > > On Tue, 2017-02-21 at 14:26 -0500, Steve Dougherty wrote: > >> Sure, I'll discuss this with nextgens. > >> > >> > >> > >> > >> > >> > >> Original Message > >> On Feb 21, 2017, 11:42 AM, Ian wrote: > >> > >> > >> > >> Steve, are you in a position to take ownership of this task (renewing > >> our cert and migrating to Let's Encrypt)? > >> > >> What about using AWS, don't they do free certs now? It seems like > >> Florent is keen on migrating everything to AWS (except for what's on > >> Github), if so it might be nice to have the cert through AWS too (and > >> AWS has good multi-user functionality). > >> > >> Ian. > >> > >> > >> > >> > >> > >> > >> > >> > >> On Tue, Feb 21, 2017 9:31 AM, Steve doughertyst...@asksteved.com > >> wrote: > >> > >> Original Message > >> > >> > >> > >> > >> Subject: Re: [freenet-dev] 5 weeks till our SSL certificate expires > >> > >> Local Time: February 21, 2017 8:07 AM > >> > >> UTC Time: February 21, 2017 1:07 PM > >> > >> From: i...@locut.us > >> > >> To: Discussion of development issues , > >> Florent Daignière > >> > >> > >> > >> > >> Did we migrate over to AWS for SSL? I'm not at all familiar with how > >> this is > >> > >> set up - who is? Florent? > >> > >> > >> > >> > >> We bought an SSL cert from Alpha SSL and use it with Apache on osprey. > >> My inclination would be to move to Let's Encrypt. > >> > >> ___ > >> > >> Devl mailing list > >> > >> Devl@freenetproject.org > >> > >> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > >> ___ > >> Devl mailing list > >> Devl@freenetproject.org > >> https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > ___ > Devl mailing list > Devl@freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] 5 weeks till our SSL certificate expires
I'll work the details out; either that or using the CI tool to do it for us (deploy the artefacts from the CI build to s3) Florent On Thu, 2017-02-23 at 15:17 +, Ian wrote: > Re: deployment, I think the ideal would be automatic deployment from > the github repo on a merge to a production branch. I assume we can do > that via an AWS Lambda? > > > On Thu, Feb 23, 2017 12:40 AM, Dan Roberts ademan...@gmail.com wrote: > > The website is fully static and should be fine with s3 + cloudflare. > > I don't think it makes much sense to use github for any of this > > hosting, we already threw out all of the advantages we'd get from it > > back in october or november for the translation support, and > > switching to pelican didn't change the situation. The pending > > question for me is how to handle deployment, I figure I'll end up > > working with Florent to develop a lambda job, it should be pretty > > straight forward. > > > > Thanks, > > Dan > > > > On Wed, Feb 22, 2017 at 1:03 PM, Ian wrote: > > Dan, can you clarify the current plan for website hosting per > > Nextgens' questions below? > > > > Ian. > > > > > > > > On Wed, Feb 22, 2017 2:29 AM, Florent Daigniere nextgens@freenetproj > > ect.org wrote: > > We need to know what we are hosting before we can make any > > determination > > here... Last I've heard, the plan was to start with github's hosting > > facility and to put either cloudflare or cloudfront in front (since > > github doesn't do SSL). If it turns out that we have a fully static > > website, I suggest we do s3 + cloudfront (SSL all the way instead). > > I > > have said that I would take care of it and I will, provided the new > > website materialises. > > > > There are numerous related quirks that need ironing out; Fred pins > > the > > certificate authority FPI uses to securely fetch plugins and last- > > resort > > updates... this means that changing the CA we use will take a > > mandatory > > release (which obviously involves some planning). > > > > By the way, we need to plan for the mailserver / mailman too (this > > is > > also reliant on having a valid certificate as currently configured). > > > > Florent > > > > On Tue, 2017-02-21 at 14:26 -0500, Steve Dougherty wrote: > > > Sure, I'll discuss this with nextgens. > > > > > > > > > > > > > > > > > > > > > Original Message > > > On Feb 21, 2017, 11:42 AM, Ian wrote: > > > > > > > > > > > > Steve, are you in a position to take ownership of this task > > (renewing > > > our cert and migrating to Let's Encrypt)? > > > > > > What about using AWS, don't they do free certs now? It seems like > > > Florent is keen on migrating everything to AWS (except for what's > > on > > > Github), if so it might be nice to have the cert through AWS too > > (and > > > AWS has good multi-user functionality). > > > > > > Ian. > > > > > > > > > > > > > > > > > > > > > > > > > > > On Tue, Feb 21, 2017 9:31 AM, Steve Dougherty st...@asksteved.com > > > wrote: > > > > > > Original Message > > > > > > > > > > > > > > > Subject: Re: [freenet-dev] 5 weeks till our SSL certificate > > expires > > > > > > Local Time: February 21, 2017 8:07 AM > > > > > > UTC Time: February 21, 2017 1:07 PM > > > > > > From: i...@locut.us > > > > > > To: Discussion of development issues , > > > Florent Daignière > > > > > > > > > > > > > > > Did we migrate over to AWS for SSL? I'm not at all familiar with > > how > > > this is > > > > > > set up - who is? Florent? > > > > > > > > > > > > > > > We bought an SSL cert from Alpha SSL and use it with Apache on > > osprey. > > > My inclination would be to move to Let's Encrypt. > > > > > > ___ > > > > > > Devl mailing list > > > > > > Devl@freenetproject.org > > > > > > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > ___ > > > Devl mailing list > > > Devl@freenetproject.org > > > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > > signature.asc Description: This is a digitally signed message part ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] 5 weeks till our SSL certificate expires
Re: deployment, I think the ideal would be automatic deployment from the github repo on a merge to a production branch. I assume we can do that via an AWS Lambda? On Thu, Feb 23, 2017 12:40 AM, Dan Roberts ademan...@gmail.com wrote: The website is fully static and should be fine with s3 + cloudflare. I don't think it makes much sense to use github for any of this hosting, we already threw out all of the advantages we'd get from it back in october or november for the translation support, and switching to pelican didn't change the situation. The pending question for me is how to handle deployment, I figure I'll end up working with Florent to develop a lambda job, it should be pretty straight forward. Thanks,Dan On Wed, Feb 22, 2017 at 1:03 PM, Ian wrote: Dan, can you clarify the current plan for website hosting per Nextgens' questions below? Ian. On Wed, Feb 22, 2017 2:29 AM, Florent Daigniere nextg...@freenetproject.org wrote: We need to know what we are hosting before we can make any determination here... Last I've heard, the plan was to start with github's hosting facility and to put either cloudflare or cloudfront in front (since github doesn't do SSL). If it turns out that we have a fully static website, I suggest we do s3 + cloudfront (SSL all the way instead). I have said that I would take care of it and I will, provided the new website materialises. There are numerous related quirks that need ironing out; Fred pins the certificate authority FPI uses to securely fetch plugins and last-resort updates... this means that changing the CA we use will take a mandatory release (which obviously involves some planning). By the way, we need to plan for the mailserver / mailman too (this is also reliant on having a valid certificate as currently configured). Florent On Tue, 2017-02-21 at 14:26 -0500, Steve Dougherty wrote: > Sure, I'll discuss this with nextgens. > > > > > > > Original Message > On Feb 21, 2017, 11:42 AM, Ian wrote: > > > > Steve, are you in a position to take ownership of this task (renewing > our cert and migrating to Let's Encrypt)? > > What about using AWS, don't they do free certs now? It seems like > Florent is keen on migrating everything to AWS (except for what's on > Github), if so it might be nice to have the cert through AWS too (and > AWS has good multi-user functionality). > > Ian. > > > > > > > > > On Tue, Feb 21, 2017 9:31 AM, Steve doughertyst...@asksteved.com > wrote: > > Original Message > > > > > Subject: Re: [freenet-dev] 5 weeks till our SSL certificate expires > > Local Time: February 21, 2017 8:07 AM > > UTC Time: February 21, 2017 1:07 PM > > From: i...@locut.us > > To: Discussion of development issues , > Florent Daignière > > > > > Did we migrate over to AWS for SSL? I'm not at all familiar with how > this is > > set up - who is? Florent? > > > > > We bought an SSL cert from Alpha SSL and use it with Apache on osprey. > My inclination would be to move to Let's Encrypt. > > ___ > > Devl mailing list > > Devl@freenetproject.org > > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > ___ > Devl mailing list > Devl@freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] 5 weeks till our SSL certificate expires
The website is fully static and should be fine with s3 + cloudflare. I don't think it makes much sense to use github for any of this hosting, we already threw out all of the advantages we'd get from it back in october or november for the translation support, and switching to pelican didn't change the situation. The pending question for me is how to handle deployment, I figure I'll end up working with Florent to develop a lambda job, it should be pretty straight forward. Thanks, Dan On Wed, Feb 22, 2017 at 1:03 PM, Ian wrote: > Dan, can you clarify the current plan for website hosting per Nextgens' > questions below? > > Ian. > > > > On Wed, Feb 22, 2017 2:29 AM, Florent Daigniere > nextg...@freenetproject.org wrote: > >> We need to know what we are hosting before we can make any determination >> >> here... Last I've heard, the plan was to start with github's hosting >> >> facility and to put either cloudflare or cloudfront in front (since >> >> github doesn't do SSL). If it turns out that we have a fully static >> >> website, I suggest we do s3 + cloudfront (SSL all the way instead). I >> >> have said that I would take care of it and I will, provided the new >> >> website materialises. >> >> >> There are numerous related quirks that need ironing out; Fred pins the >> >> certificate authority FPI uses to securely fetch plugins and last-resort >> >> updates... this means that changing the CA we use will take a mandatory >> >> release (which obviously involves some planning). >> >> >> By the way, we need to plan for the mailserver / mailman too (this is >> >> also reliant on having a valid certificate as currently configured). >> >> >> Florent >> >> >> On Tue, 2017-02-21 at 14:26 -0500, Steve Dougherty wrote: >> >> > Sure, I'll discuss this with nextgens. >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > Original Message >> >> > On Feb 21, 2017, 11:42 AM, Ian wrote: >> >> > >> >> > >> >> > >> >> > Steve, are you in a position to take ownership of this task (renewing >> >> > our cert and migrating to Let's Encrypt)? >> >> > >> >> > What about using AWS, don't they do free certs now? It seems like >> >> > Florent is keen on migrating everything to AWS (except for what's on >> >> > Github), if so it might be nice to have the cert through AWS too (and >> >> > AWS has good multi-user functionality). >> >> > >> >> > Ian. >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > On Tue, Feb 21, 2017 9:31 AM, Steve Dougherty st...@asksteved.com >> >> > wrote: >> >> > >> >> > Original Message >> >> > >> >> > >> >> > >> >> > >> >> > Subject: Re: [freenet-dev] 5 weeks till our SSL certificate expires >> >> > >> >> > Local Time: February 21, 2017 8:07 AM >> >> > >> >> > UTC Time: February 21, 2017 1:07 PM >> >> > >> >> > From: i...@locut.us >> >> > >> >> > To: Discussion of development issues , >> >> > Florent Daignière >> >> > >> >> > >> >> > >> >> > >> >> > Did we migrate over to AWS for SSL? I'm not at all familiar with how >> >> > this is >> >> > >> >> > set up - who is? Florent? >> >> > >> >> > >> >> > >> >> > >> >> > We bought an SSL cert from Alpha SSL and use it with Apache on osprey. >> >> > My inclination would be to move to Let's Encrypt. >> >> > >> >> > ___ >> >> > >> >> > Devl mailing list >> >> > >> >> > Devl@freenetproject.org >> >> > >> >> > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl >> >> > ___ >> >> > Devl mailing list >> >> > Devl@freenetproject.org >> >> > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl >> > ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] 5 weeks till our SSL certificate expires
Dan, can you clarify the current plan for website hosting per Nextgens' questions below? Ian. On Wed, Feb 22, 2017 2:29 AM, Florent Daigniere nextg...@freenetproject.org wrote: We need to know what we are hosting before we can make any determination here... Last I've heard, the plan was to start with github's hosting facility and to put either cloudflare or cloudfront in front (since github doesn't do SSL). If it turns out that we have a fully static website, I suggest we do s3 + cloudfront (SSL all the way instead). I have said that I would take care of it and I will, provided the new website materialises. There are numerous related quirks that need ironing out; Fred pins the certificate authority FPI uses to securely fetch plugins and last-resort updates... this means that changing the CA we use will take a mandatory release (which obviously involves some planning). By the way, we need to plan for the mailserver / mailman too (this is also reliant on having a valid certificate as currently configured). Florent On Tue, 2017-02-21 at 14:26 -0500, Steve Dougherty wrote: > Sure, I'll discuss this with nextgens. > > > > > > > Original Message > On Feb 21, 2017, 11:42 AM, Ian wrote: > > > > Steve, are you in a position to take ownership of this task (renewing > our cert and migrating to Let's Encrypt)? > > What about using AWS, don't they do free certs now? It seems like > Florent is keen on migrating everything to AWS (except for what's on > Github), if so it might be nice to have the cert through AWS too (and > AWS has good multi-user functionality). > > Ian. > > > > > > > > > On Tue, Feb 21, 2017 9:31 AM, Steve Dougherty st...@asksteved.com > wrote: > > Original Message > > > > > Subject: Re: [freenet-dev] 5 weeks till our SSL certificate expires > > Local Time: February 21, 2017 8:07 AM > > UTC Time: February 21, 2017 1:07 PM > > From: i...@locut.us > > To: Discussion of development issues , > Florent Daignière > > > > > Did we migrate over to AWS for SSL? I'm not at all familiar with how > this is > > set up - who is? Florent? > > > > > We bought an SSL cert from Alpha SSL and use it with Apache on osprey. > My inclination would be to move to Let's Encrypt. > > ___ > > Devl mailing list > > Devl@freenetproject.org > > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > ___ > Devl mailing list > Devl@freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] 5 weeks till our SSL certificate expires
We need to know what we are hosting before we can make any determination here... Last I've heard, the plan was to start with github's hosting facility and to put either cloudflare or cloudfront in front (since github doesn't do SSL). If it turns out that we have a fully static website, I suggest we do s3 + cloudfront (SSL all the way instead). I have said that I would take care of it and I will, provided the new website materialises. There are numerous related quirks that need ironing out; Fred pins the certificate authority FPI uses to securely fetch plugins and last-resort updates... this means that changing the CA we use will take a mandatory release (which obviously involves some planning). By the way, we need to plan for the mailserver / mailman too (this is also reliant on having a valid certificate as currently configured). Florent On Tue, 2017-02-21 at 14:26 -0500, Steve Dougherty wrote: > Sure, I'll discuss this with nextgens. > > > > > > > Original Message > On Feb 21, 2017, 11:42 AM, Ian wrote: > > > > Steve, are you in a position to take ownership of this task (renewing > our cert and migrating to Let's Encrypt)? > > What about using AWS, don't they do free certs now? It seems like > Florent is keen on migrating everything to AWS (except for what's on > Github), if so it might be nice to have the cert through AWS too (and > AWS has good multi-user functionality). > > Ian. > > > > > > > > > On Tue, Feb 21, 2017 9:31 AM, Steve Dougherty st...@asksteved.com > wrote: > > Original Message > > > > > Subject: Re: [freenet-dev] 5 weeks till our SSL certificate expires > > Local Time: February 21, 2017 8:07 AM > > UTC Time: February 21, 2017 1:07 PM > > From: i...@locut.us > > To: Discussion of development issues , > Florent Daignière > > > > > Did we migrate over to AWS for SSL? I'm not at all familiar with how > this is > > set up - who is? Florent? > > > > > We bought an SSL cert from Alpha SSL and use it with Apache on osprey. > My inclination would be to move to Let's Encrypt. > > ___ > > Devl mailing list > > Devl@freenetproject.org > > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > ___ > Devl mailing list > Devl@freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl signature.asc Description: This is a digitally signed message part ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] 5 weeks till our SSL certificate expires
Sure, I'll discuss this with nextgens. Original Message On Feb 21, 2017, 11:42 AM, Ian wrote: Steve, are you in a position to take ownership of this task (renewing our cert and migrating to Let's Encrypt)? What about using AWS, don't they do free certs now? It seems like Florent is keen on migrating everything to AWS (except for what's on Github), if so it might be nice to have the cert through AWS too (and AWS has good multi-user functionality). Ian. On Tue, Feb 21, 2017 9:31 AM, Steve Dougherty st...@asksteved.com wrote: Original Message ---- Subject: Re: [freenet-dev] 5 weeks till our SSL certificate expires Local Time: February 21, 2017 8:07 AM UTC Time: February 21, 2017 1:07 PM From: i...@locut.us To: Discussion of development issues , Florent Daignière Did we migrate over to AWS for SSL? I'm not at all familiar with how this is set up - who is? Florent? We bought an SSL cert from Alpha SSL and use it with Apache on osprey. My inclination would be to move to Let's Encrypt. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] 5 weeks till our SSL certificate expires
Steve, are you in a position to take ownership of this task (renewing our cert and migrating to Let's Encrypt)? What about using AWS, don't they do free certs now? It seems like Florent is keen on migrating everything to AWS (except for what's on Github), if so it might be nice to have the cert through AWS too (and AWS has good multi-user functionality). Ian. On Tue, Feb 21, 2017 9:31 AM, Steve Dougherty st...@asksteved.com wrote: Original Message Subject: Re: [freenet-dev] 5 weeks till our SSL certificate expires Local Time: February 21, 2017 8:07 AM UTC Time: February 21, 2017 1:07 PM From: i...@locut.us To: Discussion of development issues , Florent Daignière Did we migrate over to AWS for SSL? I'm not at all familiar with how this is set up - who is? Florent? We bought an SSL cert from Alpha SSL and use it with Apache on osprey. My inclination would be to move to Let's Encrypt. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] 5 weeks till our SSL certificate expires
Original Message Subject: Re: [freenet-dev] 5 weeks till our SSL certificate expires Local Time: February 21, 2017 8:07 AM UTC Time: February 21, 2017 1:07 PM From: i...@locut.us To: Discussion of development issues , Florent Daignière Did we migrate over to AWS for SSL? I'm not at all familiar with how this is set up - who is? Florent? We bought an SSL cert from Alpha SSL and use it with Apache on osprey. My inclination would be to move to Let's Encrypt. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
Re: [freenet-dev] 5 weeks till our SSL certificate expires
Did we migrate over to AWS for SSL? I'm not at all familiar with how this is set up - who is? Florent? On Tue, Feb 21, 2017 2:08 AM, Arne Babenhauserheide arne_...@web.de wrote: Hi, Our SSL certificate expires Wed 05 Apr 2017 22:47:32 CET GMT. … /me makes a dramatic pause … That’s a deadline. Almost literally. From what I see, we need to address that for: - the wiki (see my offer) - the bugtracker - the site (thanks to the work on that to Dave) - loading plugins over clearnet - … what’s missing? Best wishes, Arne PS: Deepest gratitude to Florent for his persistency to bring this up again and again. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
[freenet-dev] 5 weeks till our SSL certificate expires
Hi, Our SSL certificate expires Wed 05 Apr 2017 22:47:32 CET GMT. … /me makes a dramatic pause … That’s a deadline. Almost literally. From what I see, we need to address that for: - the wiki (see my offer) - the bugtracker - the site (thanks to the work on that to Dave) - loading plugins over clearnet - … what’s missing? Best wishes, Arne PS: Deepest gratitude to Florent for his persistency to bring this up again and again. ___ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl