[OMPI users] www.open-mpi.org certificate error?

2016-07-30 Thread Bennet Fauber 
I am getting a certificate error from https://www.open-mpi.org/

The owner of www.open-mpi.org has configured their website improperly.
To protect your information from being stolen, Firefox has not
connected to this website.

and if I go to advanced and ask about the certificate, it says

The certificate is only valid for the following names:
*.hostgator.com, hostgator.com


Is this something I have done to myself?
___
users mailing list
users@lists.open-mpi.org
https://rfd.newmexicoconsortium.org/mailman/listinfo/users

Re: [OMPI users] www.open-mpi.org certificate error?

2016-07-30 Thread Jeff Squyres (jsquyres) 
Hmm.  Sorry about this; we just moved the web site from Indiana University to 
Host Gator (per 
http://www.open-mpi.org/community/lists/devel/2016/06/19139.php).

I thought I had disabled https for the web site last night when I did the move 
-- I'll have to check into this.

For the meantime, please just use http://www.open-mpi.org/.



> On Jul 30, 2016, at 11:25 AM, Bennet Fauber  wrote:
> 
> I am getting a certificate error from https://www.open-mpi.org/
> 
> The owner of www.open-mpi.org has configured their website improperly.
> To protect your information from being stolen, Firefox has not
> connected to this website.
> 
> and if I go to advanced and ask about the certificate, it says
> 
> The certificate is only valid for the following names:
> *.hostgator.com, hostgator.com
> 
> 
> Is this something I have done to myself?
> ___
> users mailing list
> users@lists.open-mpi.org
> https://rfd.newmexicoconsortium.org/mailman/listinfo/users


-- 
Jeff Squyres
jsquy...@cisco.com
For corporate legal information go to: 
http://www.cisco.com/web/about/doing_business/legal/cri/

___
users mailing list
users@lists.open-mpi.org
https://rfd.newmexicoconsortium.org/mailman/listinfo/users

Re: [OMPI users] www.open-mpi.org certificate error?

2016-07-30 Thread Bennet Fauber 
Thanks, Jeff,

Just to note, though, many, many links in Google searches will have
the https address.

-- bennet


On Sat, Jul 30, 2016 at 12:21 PM, Jeff Squyres (jsquyres)
 wrote:
> Hmm.  Sorry about this; we just moved the web site from Indiana University to 
> Host Gator (per 
> http://www.open-mpi.org/community/lists/devel/2016/06/19139.php).
>
> I thought I had disabled https for the web site last night when I did the 
> move -- I'll have to check into this.
>
> For the meantime, please just use http://www.open-mpi.org/.
>
>
>
>> On Jul 30, 2016, at 11:25 AM, Bennet Fauber  wrote:
>>
>> I am getting a certificate error from https://www.open-mpi.org/
>>
>> The owner of www.open-mpi.org has configured their website improperly.
>> To protect your information from being stolen, Firefox has not
>> connected to this website.
>>
>> and if I go to advanced and ask about the certificate, it says
>>
>> The certificate is only valid for the following names:
>> *.hostgator.com, hostgator.com
>>
>>
>> Is this something I have done to myself?
>> ___
>> users mailing list
>> users@lists.open-mpi.org
>> https://rfd.newmexicoconsortium.org/mailman/listinfo/users
>
>
> --
> Jeff Squyres
> jsquy...@cisco.com
> For corporate legal information go to: 
> http://www.cisco.com/web/about/doing_business/legal/cri/
>
> ___
> users mailing list
> users@lists.open-mpi.org
> https://rfd.newmexicoconsortium.org/mailman/listinfo/users
___
users mailing list
users@lists.open-mpi.org
https://rfd.newmexicoconsortium.org/mailman/listinfo/users

Re: [OMPI users] www.open-mpi.org certificate error?

2016-07-30 Thread Jeff Squyres (jsquyres) 
Meh.  That's a good point.  We might have to pony up the cost for the 
certificates, then.  :-(

(Indiana University provided all this stuff to us for free; now that the 
community has to pay for our own hosting, the funding has to come from some 
where).

Please bear with us -- all this sysadmin/infrastructure stuff is completely 
unrelated to do with our real jobs (i.e., software development of Open MPI); 
we're doing all this migration work on nights, weekends, and sometimes while 
waiting for lengthy compiles.  We didn't think of the 
Google-will-have-https-links issue.  :-\



> On Jul 30, 2016, at 12:27 PM, Bennet Fauber  wrote:
> 
> Thanks, Jeff,
> 
> Just to note, though, many, many links in Google searches will have
> the https address.
> 
> -- bennet
> 
> 
> On Sat, Jul 30, 2016 at 12:21 PM, Jeff Squyres (jsquyres)
>  wrote:
>> Hmm.  Sorry about this; we just moved the web site from Indiana University 
>> to Host Gator (per 
>> http://www.open-mpi.org/community/lists/devel/2016/06/19139.php).
>> 
>> I thought I had disabled https for the web site last night when I did the 
>> move -- I'll have to check into this.
>> 
>> For the meantime, please just use http://www.open-mpi.org/.
>> 
>> 
>> 
>>> On Jul 30, 2016, at 11:25 AM, Bennet Fauber  wrote:
>>> 
>>> I am getting a certificate error from https://www.open-mpi.org/
>>> 
>>> The owner of www.open-mpi.org has configured their website improperly.
>>> To protect your information from being stolen, Firefox has not
>>> connected to this website.
>>> 
>>> and if I go to advanced and ask about the certificate, it says
>>> 
>>> The certificate is only valid for the following names:
>>> *.hostgator.com, hostgator.com
>>> 
>>> 
>>> Is this something I have done to myself?
>>> ___
>>> users mailing list
>>> users@lists.open-mpi.org
>>> https://rfd.newmexicoconsortium.org/mailman/listinfo/users
>> 
>> 
>> --
>> Jeff Squyres
>> jsquy...@cisco.com
>> For corporate legal information go to: 
>> http://www.cisco.com/web/about/doing_business/legal/cri/
>> 
>> ___
>> users mailing list
>> users@lists.open-mpi.org
>> https://rfd.newmexicoconsortium.org/mailman/listinfo/users
> ___
> users mailing list
> users@lists.open-mpi.org
> https://rfd.newmexicoconsortium.org/mailman/listinfo/users


-- 
Jeff Squyres
jsquy...@cisco.com
For corporate legal information go to: 
http://www.cisco.com/web/about/doing_business/legal/cri/

___
users mailing list
users@lists.open-mpi.org
https://rfd.newmexicoconsortium.org/mailman/listinfo/users

Re: [OMPI users] www.open-mpi.org certificate error?

2016-07-30 Thread Bennet Fauber 
I'm not complaining, just reporting.  I'm sure I'm not alone in
appreciating the volunteer time you put into this.

-- bennet



On Sat, Jul 30, 2016 at 12:31 PM, Jeff Squyres (jsquyres)
 wrote:
> Meh.  That's a good point.  We might have to pony up the cost for the 
> certificates, then.  :-(
>
> (Indiana University provided all this stuff to us for free; now that the 
> community has to pay for our own hosting, the funding has to come from some 
> where).
>
> Please bear with us -- all this sysadmin/infrastructure stuff is completely 
> unrelated to do with our real jobs (i.e., software development of Open MPI); 
> we're doing all this migration work on nights, weekends, and sometimes while 
> waiting for lengthy compiles.  We didn't think of the 
> Google-will-have-https-links issue.  :-\
>
>
>
>> On Jul 30, 2016, at 12:27 PM, Bennet Fauber  wrote:
>>
>> Thanks, Jeff,
>>
>> Just to note, though, many, many links in Google searches will have
>> the https address.
>>
>> -- bennet
>>
>>
>> On Sat, Jul 30, 2016 at 12:21 PM, Jeff Squyres (jsquyres)
>>  wrote:
>>> Hmm.  Sorry about this; we just moved the web site from Indiana University 
>>> to Host Gator (per 
>>> http://www.open-mpi.org/community/lists/devel/2016/06/19139.php).
>>>
>>> I thought I had disabled https for the web site last night when I did the 
>>> move -- I'll have to check into this.
>>>
>>> For the meantime, please just use http://www.open-mpi.org/.
>>>
>>>
>>>
 On Jul 30, 2016, at 11:25 AM, Bennet Fauber  wrote:

 I am getting a certificate error from https://www.open-mpi.org/

 The owner of www.open-mpi.org has configured their website improperly.
 To protect your information from being stolen, Firefox has not
 connected to this website.

 and if I go to advanced and ask about the certificate, it says

 The certificate is only valid for the following names:
 *.hostgator.com, hostgator.com


 Is this something I have done to myself?
 ___
 users mailing list
 users@lists.open-mpi.org
 https://rfd.newmexicoconsortium.org/mailman/listinfo/users
>>>
>>>
>>> --
>>> Jeff Squyres
>>> jsquy...@cisco.com
>>> For corporate legal information go to: 
>>> http://www.cisco.com/web/about/doing_business/legal/cri/
>>>
>>> ___
>>> users mailing list
>>> users@lists.open-mpi.org
>>> https://rfd.newmexicoconsortium.org/mailman/listinfo/users
>> ___
>> users mailing list
>> users@lists.open-mpi.org
>> https://rfd.newmexicoconsortium.org/mailman/listinfo/users
>
>
> --
> Jeff Squyres
> jsquy...@cisco.com
> For corporate legal information go to: 
> http://www.cisco.com/web/about/doing_business/legal/cri/
>
> ___
> users mailing list
> users@lists.open-mpi.org
> https://rfd.newmexicoconsortium.org/mailman/listinfo/users
___
users mailing list
users@lists.open-mpi.org
https://rfd.newmexicoconsortium.org/mailman/listinfo/users

Re: [OMPI users] www.open-mpi.org certificate error?

2016-07-30 Thread dpchoudh . 
Hi Jeff and all

Disclaimer: I know next to nothing about how the web works.

Having said that, would it not be possible to redirect an https request to
a http request? I believe apache mod-rewrite can do it. Or does this
certificate check happens even before the rewrite?

Regards
Durga

The woods are lovely, dark and deep; but I have promises to keep.
And kilometers to go before I sleep; and kilometers to go before I sleep.

On Sat, Jul 30, 2016 at 12:31 PM, Jeff Squyres (jsquyres) <
jsquy...@cisco.com> wrote:

> Meh.  That's a good point.  We might have to pony up the cost for the
> certificates, then.  :-(
>
> (Indiana University provided all this stuff to us for free; now that the
> community has to pay for our own hosting, the funding has to come from some
> where).
>
> Please bear with us -- all this sysadmin/infrastructure stuff is
> completely unrelated to do with our real jobs (i.e., software development
> of Open MPI); we're doing all this migration work on nights, weekends, and
> sometimes while waiting for lengthy compiles.  We didn't think of the
> Google-will-have-https-links issue.  :-\
>
>
>
> > On Jul 30, 2016, at 12:27 PM, Bennet Fauber  wrote:
> >
> > Thanks, Jeff,
> >
> > Just to note, though, many, many links in Google searches will have
> > the https address.
> >
> > -- bennet
> >
> >
> > On Sat, Jul 30, 2016 at 12:21 PM, Jeff Squyres (jsquyres)
> >  wrote:
> >> Hmm.  Sorry about this; we just moved the web site from Indiana
> University to Host Gator (per
> http://www.open-mpi.org/community/lists/devel/2016/06/19139.php).
> >>
> >> I thought I had disabled https for the web site last night when I did
> the move -- I'll have to check into this.
> >>
> >> For the meantime, please just use http://www.open-mpi.org/.
> >>
> >>
> >>
> >>> On Jul 30, 2016, at 11:25 AM, Bennet Fauber  wrote:
> >>>
> >>> I am getting a certificate error from https://www.open-mpi.org/
> >>>
> >>> The owner of www.open-mpi.org has configured their website improperly.
> >>> To protect your information from being stolen, Firefox has not
> >>> connected to this website.
> >>>
> >>> and if I go to advanced and ask about the certificate, it says
> >>>
> >>> The certificate is only valid for the following names:
> >>> *.hostgator.com, hostgator.com
> >>>
> >>>
> >>> Is this something I have done to myself?
> >>> ___
> >>> users mailing list
> >>> users@lists.open-mpi.org
> >>> https://rfd.newmexicoconsortium.org/mailman/listinfo/users
> >>
> >>
> >> --
> >> Jeff Squyres
> >> jsquy...@cisco.com
> >> For corporate legal information go to:
> http://www.cisco.com/web/about/doing_business/legal/cri/
> >>
> >> ___
> >> users mailing list
> >> users@lists.open-mpi.org
> >> https://rfd.newmexicoconsortium.org/mailman/listinfo/users
> > ___
> > users mailing list
> > users@lists.open-mpi.org
> > https://rfd.newmexicoconsortium.org/mailman/listinfo/users
>
>
> --
> Jeff Squyres
> jsquy...@cisco.com
> For corporate legal information go to:
> http://www.cisco.com/web/about/doing_business/legal/cri/
>
> ___
> users mailing list
> users@lists.open-mpi.org
> https://rfd.newmexicoconsortium.org/mailman/listinfo/users
>
___
users mailing list
users@lists.open-mpi.org
https://rfd.newmexicoconsortium.org/mailman/listinfo/users

Re: [OMPI users] www.open-mpi.org certificate error?

2016-07-30 Thread Jeff Squyres (jsquyres) 
On Jul 30, 2016, at 12:39 PM, dpchoudh .  wrote:
> 
> Having said that, would it not be possible to redirect an https request to a 
> http request? I believe apache mod-rewrite can do it. Or does this 
> certificate check happens even before the rewrite?

Yes, the certificate check happens before the redirect.

-- 
Jeff Squyres
jsquy...@cisco.com
For corporate legal information go to: 
http://www.cisco.com/web/about/doing_business/legal/cri/

___
users mailing list
users@lists.open-mpi.org
https://rfd.newmexicoconsortium.org/mailman/listinfo/users

Re: [OMPI users] www.open-mpi.org certificate error?

2016-07-30 Thread Craig Inches 
There is a free service for certificates, two that I know of infact.

https://u3279517.ct.sendgrid.net/wf/click?upn=qX-2F9hdlOtBJqkkUbCt-2B3drquswfMPnDtwkFfaEmEcy91V4H3axTGMk3RKCvbgwjt_oEMJ28Tbv3NCKzw6SHcfLg-2BQFUslP-2Fedy1rAcMv9Llok3vdXkr7HW9otZKm8xVrePhxTKn4s9weY2luiShT-2BiqkjMUdddPt-2FaTtmLzS-2F3pqNl-2FN5lS2LNatOrfhUTuQYz0-2FMyg0ELme-2BPHnhtYVRR4fZXVEuFC8PXBgJwqHyyYg4lEmfRw7HJ5HZHh8bzRrngRgtBLhS68vwKlJ6gTWQ-2FrNotEzzroHxuQpyecJp7AM-3D
and
https://u3279517.ct.sendgrid.net/wf/click?upn=qX-2F9hdlOtBJqkkUbCt-2B3dnmtpOSSoxdNeuMgytxNtO8-3D_oEMJ28Tbv3NCKzw6SHcfLg-2BQFUslP-2Fedy1rAcMv9Llok3vdXkr7HW9otZKm8xVrePhxTKn4s9weY2luiShT-2BirrtQC-2B-2B1eOcceas37agggpNZpSs22ltrf4b8tCVpRm1oJRV8emIBl-2BANQgsvQ49XJhH8A0vPTlxoFUOymZJ2hAFoOMCws-2FKFQ35D9yQtoy7JEejU7dBek2DWHtGmRCcbLontYoXZvzjUanZerJQpKs-3D

Startssl is more your tradition cert request process and lets encrypt
is a project for automated free certificates but if sysadmin'ing is
not your primary thing then I would say go with Start! I use them for
all my sites.

Also Durga, the SSL is at a preceding step to the redirect, it is
confirmed before establishing the http connection.

Cheers,
Craig

On Sat, Jul 30, 2016 at 12:39:23PM -0400, dpchoudh . wrote:

>Hi Jeff and all
>Disclaimer: I know next to nothing about how the web works.
>Having said that, would it not be possible to redirect an https request
>to a http request? I believe apache mod-rewrite can do it. Or does this
>certificate check happens even before the rewrite?
>Regards
>Durga
> 
>The woods are lovely, dark and deep; but I have promises to keep.
>And kilometers to go before I sleep; and kilometers to go before I
>sleep.
>On Sat, Jul 30, 2016 at 12:31 PM, Jeff Squyres (jsquyres)
><[1]jsquy...@cisco.com> wrote:
> 
>  Meh.  That's a good point.  We might have to pony up the cost for
>  the certificates, then.  :-(
>  (Indiana University provided all this stuff to us for free; now that
>  the community has to pay for our own hosting, the funding has to
>  come from some where).
>  Please bear with us -- all this sysadmin/infrastructure stuff is
>  completely unrelated to do with our real jobs (i.e., software
>  development of Open MPI); we're doing all this migration work on
>  nights, weekends, and sometimes while waiting for lengthy
>  compiles.  We didn't think of the Google-will-have-https-links
>  issue.  :-\
>  > On Jul 30, 2016, at 12:27 PM, Bennet Fauber <[2]ben...@umich.edu>
>  wrote:
>  >
>  > Thanks, Jeff,
>  >
>  > Just to note, though, many, many links in Google searches will
>  have
>  > the https address.
>  >
>  > -- bennet
>  >
>  >
>  > On Sat, Jul 30, 2016 at 12:21 PM, Jeff Squyres (jsquyres)
>  > <[3]jsquy...@cisco.com> wrote:
>  >> Hmm.  Sorry about this; we just moved the web site from Indiana
>  University to Host Gator (per
>  
> [4]https://u3279517.ct.sendgrid.net/wf/click?upn=tOJPRnL-2BUwUX5-2FJn3mRQMyAs-2Bi3CUhiA7j24T0SwSQr8I1KnXMhw7cy8Qhct-2BCI74GrP1Iz15z4OrE5n1fBOAkAqBfKsr5coDnwGdtWEEyg-3D_oEMJ28Tbv3NCKzw6SHcfLg-2BQFUslP-2Fedy1rAcMv9Llok3vdXkr7HW9otZKm8xVrePhxTKn4s9weY2luiShT-2Bir3vMaySKjVm13lYQ6fDSvag6JCVIwY8XZ1U2S1pUuzS5DuCqvtbgcl6YiE3fdwhvpRAKMGOh3wS3rzwxJWTZWt99biSDmQozF3madUYa3-2F8KRqmEvGuPnaiK69OmimYURkCueK3Mre99PNRWz4PasM-3D
>  >>
>  >> I thought I had disabled https for the web site last night when I
>  did the move -- I'll have to check into this.
>  >>
>  >> For the meantime, please just use 
> [5]https://u3279517.ct.sendgrid.net/wf/click?upn=tOJPRnL-2BUwUX5-2FJn3mRQMyAs-2Bi3CUhiA7j24T0SwSQqFFG9Rs5sFH832JMUWHEXS_oEMJ28Tbv3NCKzw6SHcfLg-2BQFUslP-2Fedy1rAcMv9Llok3vdXkr7HW9otZKm8xVrePhxTKn4s9weY2luiShT-2BiuED68D7mQ7tJI5nvFGVo8N3CLUXvwyif7-2BIWISUbS5tcn4ROBFIceN0jk-2Bd-2FvxMfRryJsRL76ZS5SJl9zKMksD-2F6dsdtwn-2B-2Fd8OG8JaX22U3sPXTBkYrCf-2F1OMEk0-2FmBoA1B6imWVrsvVsBSuQuqzk-3D
>  >>
>  >>
>  >>
>  >>> On Jul 30, 2016, at 11:25 AM, Bennet Fauber
>  <[6]ben...@umich.edu> wrote:
>  >>>
>  >>> I am getting a certificate error from
>  
> [7]https://u3279517.ct.sendgrid.net/wf/click?upn=qX-2F9hdlOtBJqkkUbCt-2B3drtFF-2F3V-2BMmRlYJe8ncAQWYhcbeV6U2b-2B595KVM6xIJa_oEMJ28Tbv3NCKzw6SHcfLg-2BQFUslP-2Fedy1rAcMv9Llok3vdXkr7HW9otZKm8xVrePhxTKn4s9weY2luiShT-2BiuKEuhpHsVeM-2F4LDesqjJRZZIc6hS-2FrJy-2F2oHbXO7XO1s2hLecT-2BOVedEYlQBjpwJcg9Bu4oGsIyP3-2FgIH9F9K9k7sCLFhkpapW-2Ff5e-2B7gT8k5198H1p82AU7GLgga0Lgeyv8ltAjQoc-2BbWnAKgM7HM-3D
>  >>>
>  >>> The owner of [8]www.open-mpi.org has configured their website
>  improperly.
>  >>> To protect your information from being stolen, Firefox has not
>  >>> connected to this website.
>  >>>
>  >>> and if I go to advanced and ask about the certificate, it says
>  >>>
>  >>> The certificate is only valid for the following names:
>  >>> *.[9]hostgator.com, [10]hostgator.com
>  >>>
>  >>>
>  >>> Is

Re: [OMPI users] www.open-mpi.org certificate error?

2016-07-30 Thread Jeff Squyres (jsquyres) 
I knew about letsencrypt (it's sponsored by my own company, Cisco -- huzzah!).  
But I (apparently foolishly) didn't think SSL was important, and didn't want to 
bother with figuring out how to do all the SSL-sysadmin-ish things.  :-)

I just poked around with letsencrypt.org; it looks actually pretty simple (even 
on a hosted site where we have limited ssh access to the web server itself -- I 
used https://github.com/Neilpang/acme.sh and it worked like a champ).

PSA: If you have an http web site, you should go look at letsencrypt.org.

I'll look at getting www.open-mpi.org back to https shortly.




> On Jul 30, 2016, at 12:51 PM, Craig Inches  wrote:
> 
> There is a free service for certificates, two that I know of infact.
> 
> https://www.startssl.com/ and https://letsencrypt.org/
> 
> Startssl is more your tradition cert request process and lets encrypt is a 
> project for automated free certificates but if sysadmin'ing is not your 
> primary thing then I would say go with Start! I use them for all my sites.
> 
> Also Durga, the SSL is at a preceding step to the redirect, it is confirmed 
> before establishing the http connection.
> 
> Cheers, Craig
> 
> On Sat, Jul 30, 2016 at 12:39:23PM -0400, dpchoudh . wrote:
> 
> Hi Jeff and all Disclaimer: I know next to nothing about how the web works. 
> Having said that, would it not be possible to redirect an https request to a 
> http request? I believe apache mod-rewrite can do it. Or does this 
> certificate check happens even before the rewrite? Regards Durga
> 
> The woods are lovely, dark and deep; but I have promises to keep. And 
> kilometers to go before I sleep; and kilometers to go before I sleep. On Sat, 
> Jul 30, 2016 at 12:31 PM, Jeff Squyres (jsquyres) <[1]jsquy...@cisco.com> 
> wrote:
> 
> Meh.  That's a good point.  We might have to pony up the cost for
> the certificates, then.  :-(
> (Indiana University provided all this stuff to us for free; now that
> the community has to pay for our own hosting, the funding has to
> come from some where).
> Please bear with us -- all this sysadmin/infrastructure stuff is
> completely unrelated to do with our real jobs (i.e., software
> development of Open MPI); we're doing all this migration work on
> nights, weekends, and sometimes while waiting for lengthy
> compiles.  We didn't think of the Google-will-have-https-links
> issue.  :-\
> > On Jul 30, 2016, at 12:27 PM, Bennet Fauber <[2]ben...@umich.edu>
> wrote:
> >
> > Thanks, Jeff,
> >
> > Just to note, though, many, many links in Google searches will
> have
> > the https address.
> >
> > -- bennet
> >
> >
> > On Sat, Jul 30, 2016 at 12:21 PM, Jeff Squyres (jsquyres)
> > <[3]jsquy...@cisco.com> wrote:
> >> Hmm.  Sorry about this; we just moved the web site from Indiana
> University to Host Gator (per
> [4]http://www.open-mpi.org/community/lists/devel/2016/06/19139.php).
> >>
> >> I thought I had disabled https for the web site last night when I
> did the move -- I'll have to check into this.
> >>
> >> For the meantime, please just use [5]http://www.open-mpi.org/.
> >>
> >>
> >>
> >>> On Jul 30, 2016, at 11:25 AM, Bennet Fauber
> <[6]ben...@umich.edu> wrote:
> >>>
> >>> I am getting a certificate error from
> [7]https://www.open-mpi.org/
> >>>
> >>> The owner of [8]www.open-mpi.org has configured their website
> improperly.
> >>> To protect your information from being stolen, Firefox has not
> >>> connected to this website.
> >>>
> >>> and if I go to advanced and ask about the certificate, it says
> >>>
> >>> The certificate is only valid for the following names:
> >>> *.[9]hostgator.com, [10]hostgator.com
> >>>
> >>>
> >>> Is this something I have done to myself?
> >>> ___
> >>> users mailing list
> >>> [11]users@lists.open-mpi.org
> >>> [12]https://rfd.newmexicoconsortium.org/mailman/listinfo/users
> >>
> >>
> >> --
> >> Jeff Squyres
> >> [13]jsquy...@cisco.com
> >> For corporate legal information go to:
> [14]http://www.cisco.com/web/about/doing_business/legal/cri/
> >>
> >> ___
> >> users mailing list
> >> [15]users@lists.open-mpi.org
> >> [16]https://rfd.newmexicoconsortium.org/mailman/listinfo/users
> > ___
> > users mailing list
> > [17]users@lists.open-mpi.org
> > [18]https://rfd.newmexicoconsortium.org/mailman/listinfo/users
> --
> Jeff Squyres
> [19]jsquy...@cisco.com
> For corporate legal information go to:
> [20]http://www.cisco.com/web/about/doing_business/legal/cri/
> ___
> users mailing list
> [21]users@lists.open-mpi.org
> [22]https://rfd.newmexicoconsortium.org/mailman/listinfo/users
> 
> References
>   • jsquy...@cisco.com
> 
>   • ben...@umich.edu
> 
>   • jsquy...@cisco.com
> 
>   • http://www.open-mpi.org/community/lists/devel/2016/06/19139.php
> 
>   • http://www.open-mpi.org/
> 
>   • ben...@umich.edu
> 
>   • https://www

Re: [OMPI users] www.open-mpi.org certificate error?

2016-07-30 Thread Gilles Gouaillardet 
Jeff,

if my understanding is correct, https requires open-mpi.org is the only
(httpd) domain served on port 443 for a given IP (e.g. no shared hosting)
a certificate is based on host name (e.g. www.open-mpi.org)  and can
contains wildcards (e.g. *.open-mpi.org)
so if the first condition is met, then you should be able to reuse the
certificate that was previously used at UI.

makes sense ?

Cheers,

Gilles

On Sunday, July 31, 2016, Jeff Squyres (jsquyres) 
wrote:

> I knew about letsencrypt (it's sponsored by my own company, Cisco --
> huzzah!).  But I (apparently foolishly) didn't think SSL was important, and
> didn't want to bother with figuring out how to do all the SSL-sysadmin-ish
> things.  :-)
>
> I just poked around with letsencrypt.org; it looks actually pretty simple
> (even on a hosted site where we have limited ssh access to the web server
> itself -- I used https://github.com/Neilpang/acme.sh and it worked like a
> champ).
>
> PSA: If you have an http web site, you should go look at letsencrypt.org.
>
> I'll look at getting www.open-mpi.org back to https shortly.
>
>
>
>
> > On Jul 30, 2016, at 12:51 PM, Craig Inches  > wrote:
> >
> > There is a free service for certificates, two that I know of infact.
> >
> > https://www.startssl.com/ and https://letsencrypt.org/
> >
> > Startssl is more your tradition cert request process and lets encrypt is
> a project for automated free certificates but if sysadmin'ing is not your
> primary thing then I would say go with Start! I use them for all my sites.
> >
> > Also Durga, the SSL is at a preceding step to the redirect, it is
> confirmed before establishing the http connection.
> >
> > Cheers, Craig
> >
> > On Sat, Jul 30, 2016 at 12:39:23PM -0400, dpchoudh . wrote:
> >
> > Hi Jeff and all Disclaimer: I know next to nothing about how the web
> works. Having said that, would it not be possible to redirect an https
> request to a http request? I believe apache mod-rewrite can do it. Or does
> this certificate check happens even before the rewrite? Regards Durga
> >
> > The woods are lovely, dark and deep; but I have promises to keep. And
> kilometers to go before I sleep; and kilometers to go before I sleep. On
> Sat, Jul 30, 2016 at 12:31 PM, Jeff Squyres (jsquyres) <[1]
> jsquy...@cisco.com > wrote:
> >
> > Meh.  That's a good point.  We might have to pony up the cost for
> > the certificates, then.  :-(
> > (Indiana University provided all this stuff to us for free; now that
> > the community has to pay for our own hosting, the funding has to
> > come from some where).
> > Please bear with us -- all this sysadmin/infrastructure stuff is
> > completely unrelated to do with our real jobs (i.e., software
> > development of Open MPI); we're doing all this migration work on
> > nights, weekends, and sometimes while waiting for lengthy
> > compiles.  We didn't think of the Google-will-have-https-links
> > issue.  :-\
> > > On Jul 30, 2016, at 12:27 PM, Bennet Fauber <[2]ben...@umich.edu
> >
> > wrote:
> > >
> > > Thanks, Jeff,
> > >
> > > Just to note, though, many, many links in Google searches will
> > have
> > > the https address.
> > >
> > > -- bennet
> > >
> > >
> > > On Sat, Jul 30, 2016 at 12:21 PM, Jeff Squyres (jsquyres)
> > > <[3]jsquy...@cisco.com > wrote:
> > >> Hmm.  Sorry about this; we just moved the web site from Indiana
> > University to Host Gator (per
> > [4]http://www.open-mpi.org/community/lists/devel/2016/06/19139.php).
> > >>
> > >> I thought I had disabled https for the web site last night when I
> > did the move -- I'll have to check into this.
> > >>
> > >> For the meantime, please just use [5]http://www.open-mpi.org/.
> > >>
> > >>
> > >>
> > >>> On Jul 30, 2016, at 11:25 AM, Bennet Fauber
> > <[6]ben...@umich.edu > wrote:
> > >>>
> > >>> I am getting a certificate error from
> > [7]https://www.open-mpi.org/
> > >>>
> > >>> The owner of [8]www.open-mpi.org has configured their website
> > improperly.
> > >>> To protect your information from being stolen, Firefox has not
> > >>> connected to this website.
> > >>>
> > >>> and if I go to advanced and ask about the certificate, it says
> > >>>
> > >>> The certificate is only valid for the following names:
> > >>> *.[9]hostgator.com, [10]hostgator.com
> > >>>
> > >>>
> > >>> Is this something I have done to myself?
> > >>> ___
> > >>> users mailing list
> > >>> [11]users@lists.open-mpi.org 
> > >>> [12]https://rfd.newmexicoconsortium.org/mailman/listinfo/users
> > >>
> > >>
> > >> --
> > >> Jeff Squyres
> > >> [13]jsquy...@cisco.com 
> > >> For corporate legal information go to:
> > [14]http://www.cisco.com/web/about/doing_business/legal/cri/
> > >>
> > >> ___
> > >> users mailing list
> > >> [15]users@lists.open-mpi.org 
> > >> [16]https://rfd.newmexicoconsortium.org/mailman/listinfo/users
> > > ___
> > > users mailing list
> > > [17]users@lists.ope

Re: [OMPI users] www.open-mpi.org certificate error?

2016-07-30 Thread Bennet Fauber 
Is the web server's private key, used to generate the CSR, also
needed?  If so, perhaps IU cannot share that.



On Sat, Jul 30, 2016 at 11:09 PM, Gilles Gouaillardet
 wrote:
> Jeff,
>
> if my understanding is correct, https requires open-mpi.org is the only
> (httpd) domain served on port 443 for a given IP (e.g. no shared hosting)
> a certificate is based on host name (e.g. www.open-mpi.org)  and can
> contains wildcards (e.g. *.open-mpi.org)
> so if the first condition is met, then you should be able to reuse the
> certificate that was previously used at UI.
>
> makes sense ?
>
> Cheers,
>
> Gilles
>
> On Sunday, July 31, 2016, Jeff Squyres (jsquyres) 
> wrote:
>>
>> I knew about letsencrypt (it's sponsored by my own company, Cisco --
>> huzzah!).  But I (apparently foolishly) didn't think SSL was important, and
>> didn't want to bother with figuring out how to do all the SSL-sysadmin-ish
>> things.  :-)
>>
>> I just poked around with letsencrypt.org; it looks actually pretty simple
>> (even on a hosted site where we have limited ssh access to the web server
>> itself -- I used https://github.com/Neilpang/acme.sh and it worked like a
>> champ).
>>
>> PSA: If you have an http web site, you should go look at letsencrypt.org.
>>
>> I'll look at getting www.open-mpi.org back to https shortly.
>>
>>
>>
>>
>> > On Jul 30, 2016, at 12:51 PM, Craig Inches  wrote:
>> >
>> > There is a free service for certificates, two that I know of infact.
>> >
>> > https://www.startssl.com/ and https://letsencrypt.org/
>> >
>> > Startssl is more your tradition cert request process and lets encrypt is
>> > a project for automated free certificates but if sysadmin'ing is not your
>> > primary thing then I would say go with Start! I use them for all my sites.
>> >
>> > Also Durga, the SSL is at a preceding step to the redirect, it is
>> > confirmed before establishing the http connection.
>> >
>> > Cheers, Craig
>> >
>> > On Sat, Jul 30, 2016 at 12:39:23PM -0400, dpchoudh . wrote:
>> >
>> > Hi Jeff and all Disclaimer: I know next to nothing about how the web
>> > works. Having said that, would it not be possible to redirect an https
>> > request to a http request? I believe apache mod-rewrite can do it. Or does
>> > this certificate check happens even before the rewrite? Regards Durga
>> >
>> > The woods are lovely, dark and deep; but I have promises to keep. And
>> > kilometers to go before I sleep; and kilometers to go before I sleep. On
>> > Sat, Jul 30, 2016 at 12:31 PM, Jeff Squyres (jsquyres)
>> > <[1]jsquy...@cisco.com> wrote:
>> >
>> > Meh.  That's a good point.  We might have to pony up the cost for
>> > the certificates, then.  :-(
>> > (Indiana University provided all this stuff to us for free; now that
>> > the community has to pay for our own hosting, the funding has to
>> > come from some where).
>> > Please bear with us -- all this sysadmin/infrastructure stuff is
>> > completely unrelated to do with our real jobs (i.e., software
>> > development of Open MPI); we're doing all this migration work on
>> > nights, weekends, and sometimes while waiting for lengthy
>> > compiles.  We didn't think of the Google-will-have-https-links
>> > issue.  :-\
>> > > On Jul 30, 2016, at 12:27 PM, Bennet Fauber <[2]ben...@umich.edu>
>> > wrote:
>> > >
>> > > Thanks, Jeff,
>> > >
>> > > Just to note, though, many, many links in Google searches will
>> > have
>> > > the https address.
>> > >
>> > > -- bennet
>> > >
>> > >
>> > > On Sat, Jul 30, 2016 at 12:21 PM, Jeff Squyres (jsquyres)
>> > > <[3]jsquy...@cisco.com> wrote:
>> > >> Hmm.  Sorry about this; we just moved the web site from Indiana
>> > University to Host Gator (per
>> > [4]http://www.open-mpi.org/community/lists/devel/2016/06/19139.php).
>> > >>
>> > >> I thought I had disabled https for the web site last night when I
>> > did the move -- I'll have to check into this.
>> > >>
>> > >> For the meantime, please just use [5]http://www.open-mpi.org/.
>> > >>
>> > >>
>> > >>
>> > >>> On Jul 30, 2016, at 11:25 AM, Bennet Fauber
>> > <[6]ben...@umich.edu> wrote:
>> > >>>
>> > >>> I am getting a certificate error from
>> > [7]https://www.open-mpi.org/
>> > >>>
>> > >>> The owner of [8]www.open-mpi.org has configured their website
>> > improperly.
>> > >>> To protect your information from being stolen, Firefox has not
>> > >>> connected to this website.
>> > >>>
>> > >>> and if I go to advanced and ask about the certificate, it says
>> > >>>
>> > >>> The certificate is only valid for the following names:
>> > >>> *.[9]hostgator.com, [10]hostgator.com
>> > >>>
>> > >>>
>> > >>> Is this something I have done to myself?
>> > >>> ___
>> > >>> users mailing list
>> > >>> [11]users@lists.open-mpi.org
>> > >>> [12]https://rfd.newmexicoconsortium.org/mailman/listinfo/users
>> > >>
>> > >>
>> > >> --
>> > >> Jeff Squyres
>> > >> [13]jsquy...@cisco.com
>> > >> For corporate legal information go to:
>> > [14]http://www.cisco.com/web/about/doi