<BANLkTi=VHQW1M6Sm2jxEG0PW0Ank_D1STw@mail.gmail.com>
I have been working on getting HTTPS working for our bugs.alpinelinux.org and our new upcoming www.alpinelinux.org websites. I have created a server certificate on CaCert.org, which is a community driven certification authority. Most Linux distributions already include their root certificate so no manual action on the client side is needed. If you are on windows, you will need to import its certificate's, you can find information about it on their wiki: http://wiki.cacert.org/BrowserClients Both websites (bugs and www) reside behind Pound reverse proxy which was installed on an old Edge vserver guest. While Pound should be able to work with HTTPS, Pound 2.5 in Alpine 2.x seems to be broken. I have removed Pound now and installed a new vserver with Alpine 2.1.6 which now runs Nginx from edge repository. Not only do they support HTTPS, Nginx also does static content caching as reverse proxy. If you find issues on below website please let us know. http://bugs.alpinelinux.org http://redmine.alpinelinux.org https://bugs.alpinelinux.org https://redmine.alpinelinux.org http://nl.alpinelinux.org and http://rsync.alpinelinux.org are also located behind the reverse proxy. It runs without caching for obvious reasons. If you find any issues with it please let us know. -carlo --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---
<BANLkTimfWSXuSJNc+v4jt-0JMi3L3eeofg@mail.gmail.com>
<BANLkTi=VHQW1M6Sm2jxEG0PW0Ank_D1STw@mail.gmail.com>
(view parent)
Dear Carlo, Thank you very much for your efforts! It's greatly appreciated. My only concern is that Mozilla still does not support the root certificate of CAcert.org. But it might an idea to include the CAcert.org root certificate into our Alpine distribution. On Mon, Apr 11, 2011 at 5:47 AM, Carlo Landmeter <clandmeter@gmail.com> wrote: > I have been working on getting HTTPS working for our > bugs.alpinelinux.org and our new upcoming www.alpinelinux.org > websites. > I have created a server certificate on CaCert.org, which is a > community driven certification authority. Most Linux distributions > already include their root certificate so no manual action on the > client side is needed. > If you are on windows, you will need to import its certificate's, you > can find information about it on their wiki: > http://wiki.cacert.org/BrowserClients > Both websites (bugs and www) reside behind Pound reverse proxy which > was installed on an old Edge vserver guest. While Pound should be able > to work with HTTPS, Pound 2.5 in Alpine 2.x seems to be broken. > I have removed Pound now and installed a new vserver with Alpine 2.1.6 > which now runs Nginx from edge repository. Not only do they support > HTTPS, Nginx also does static content caching as reverse proxy. > If you find issues on below website please let us know. > > http://bugs.alpinelinux.org > http://redmine.alpinelinux.org > https://bugs.alpinelinux.org > https://redmine.alpinelinux.org > > http://nl.alpinelinux.org and http://rsync.alpinelinux.org are also > located behind the reverse proxy. It runs without caching for obvious > reasons. If you find any issues with it please let us know. > > -carlo > > > --- > Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org > Help: alpine-devel+help@lists.alpinelinux.org > --- > > --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---
<BANLkTi=HpSkux+Ys9ePdvPWqOqmP7Vc72Q@mail.gmail.com>
<BANLkTimfWSXuSJNc+v4jt-0JMi3L3eeofg@mail.gmail.com>
(view parent)
On Mon, Apr 11, 2011 at 6:20 AM, iilluzion :) <iilluzion@gmail.com> wrote: > Dear Carlo, > > Thank you very much for your efforts! It's greatly appreciated. > > My only concern is that Mozilla still does not support the root > certificate of CAcert.org. But it might an idea to include the > CAcert.org root certificate into our Alpine distribution. > Our sites are now using startcom free SSL certs. It should be automatically verified in our browsers, so no need to import a root CA. > > On Mon, Apr 11, 2011 at 5:47 AM, Carlo Landmeter <clandmeter@gmail.com> wrote: >> I have been working on getting HTTPS working for our >> bugs.alpinelinux.org and our new upcoming www.alpinelinux.org >> websites. >> I have created a server certificate on CaCert.org, which is a >> community driven certification authority. Most Linux distributions >> already include their root certificate so no manual action on the >> client side is needed. >> If you are on windows, you will need to import its certificate's, you >> can find information about it on their wiki: >> http://wiki.cacert.org/BrowserClients >> Both websites (bugs and www) reside behind Pound reverse proxy which >> was installed on an old Edge vserver guest. While Pound should be able >> to work with HTTPS, Pound 2.5 in Alpine 2.x seems to be broken. >> I have removed Pound now and installed a new vserver with Alpine 2.1.6 >> which now runs Nginx from edge repository. Not only do they support >> HTTPS, Nginx also does static content caching as reverse proxy. >> If you find issues on below website please let us know. >> >> http://bugs.alpinelinux.org >> http://redmine.alpinelinux.org >> https://bugs.alpinelinux.org >> https://redmine.alpinelinux.org >> >> http://nl.alpinelinux.org and http://rsync.alpinelinux.org are also >> located behind the reverse proxy. It runs without caching for obvious >> reasons. If you find any issues with it please let us know. >> >> -carlo >> >> >> --- >> Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org >> Help: alpine-devel+help@lists.alpinelinux.org >> --- >> >> > --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---