On Wed, May 9, 2018 at 12:15 PM Anton Marchukov <amarc...@redhat.com> wrote:
> Hello All. > > Please note that ovirt.org got HSTS setting enabled. The way this > change was rolled was not authorised by us. The setting contains > “includeSubDomains” parameter that ask browser to access all resources > inside *.ovirt.org using https://. > > The problem is that not all resources on *.ovirt.org are > https-enabled. And this will prevent you from being able to access > > http://resources.ovirt.org > http://jenkins.ovirt.org > > This setting is cached in your browser and then applied with no > exceptions even if you explicitly specify http:// the browser will > rewrite to https and then connection to above mentioned resources will > fail. > > The only immediate work-around for you is to clear the HSTS flag in > your browser, please find the instructions for Firefox and Chrome [1]. > Please note that you will get that setting back by visiting ovirt.org > website until we clear it from there. > > We are currently working on this setting to be soften or disabled till > all resources are https enabled that is also in progress. > > This is only related to access via the web browser. Accessing using > yum or automated scripts should work fine as they usually do not > observe and cache HSTS. > curl also fail to access jenkins.ovirt.org. Thanks for notifying, I'm failing to access jenkins since yesterday. Can we revert this change until we complete converting to https? Nir
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org