X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@lists.alpinelinux.org Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by lists.alpinelinux.org (Postfix) with ESMTP id BFA451EBFF4 for ; Wed, 13 Apr 2011 10:30:15 +0000 (UTC) Received: by iyj12 with SMTP id 12so578637iyj.13 for ; Wed, 13 Apr 2011 03:30:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=rOjjRSnEobeBnrXzcST8t6i2SHTaryL6xbToG/frVUA=; b=hFlGaJHHpatPhDpZn2hsgFeRpqX5mt6dSgidAVcRHCvJWve6E46FgcL48hFR/Gzt53 038Xki48XtUToCRcIIfFeixT33NVD13rPL73ick8A29ve77wuzTZTvVBW41lP0yXTnS8 vTNymKMfJAxDgkWQqhxf9vJvZZtcjYIuhTEpM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=Ji+V9h5y/9ZFFmEo4HLBh2S/9PUBE2pOvCxklY1WdkIKkBW5f16K9l0Vj/ekn7XGzG lmZBCtn2BysoMErkYnbbnyMdxSkejGlP9oVT6njgDzFDzkDlD5Cm6CZ9FGs6P5vR3/85 v7aIH5guQdXjx1ZxfsEJwwrKa6F/mRIMcl3cQ= X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Received: by 10.231.66.75 with SMTP id m11mr7701205ibi.190.1302690613850; Wed, 13 Apr 2011 03:30:13 -0700 (PDT) Received: by 10.231.40.9 with HTTP; Wed, 13 Apr 2011 03:30:13 -0700 (PDT) In-Reply-To: References: Date: Wed, 13 Apr 2011 12:30:13 +0200 Message-ID: Subject: Re: [alpine-devel] HTTPS on bugs and upcoming www From: Carlo Landmeter To: "iilluzion :)" Cc: alpine-devel@lists.alpinelinux.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Mon, Apr 11, 2011 at 6:20 AM, iilluzion :) wrote: > Dear Carlo, > > Thank you very much for your efforts! It's greatly appreciated. > > My only concern is that Mozilla still does not support the root > certificate of CAcert.org. But it might an idea to include the > CAcert.org root certificate into our Alpine distribution. > Our sites are now using startcom free SSL certs. It should be automatically verified in our browsers, so no need to import a root CA. > > On Mon, Apr 11, 2011 at 5:47 AM, Carlo Landmeter w= rote: >> I have been working on getting HTTPS working for our >> bugs.alpinelinux.org and our new upcoming www.alpinelinux.org >> websites. >> I have created a server certificate on CaCert.org, which is a >> community driven certification authority. Most Linux distributions >> already include their root certificate so no manual action on the >> client side is needed. >> If you are on windows, you will need to import its certificate's, you >> can find information about it on their wiki: >> http://wiki.cacert.org/BrowserClients >> Both websites (bugs and www) reside behind Pound reverse proxy which >> was installed on an old Edge vserver guest. While Pound should be able >> to work with HTTPS, Pound 2.5 in Alpine 2.x seems to be broken. >> I have removed Pound now and installed a new vserver with Alpine 2.1.6 >> which now runs Nginx from edge repository. Not only do they support >> HTTPS, Nginx also does static content caching as reverse proxy. >> If you find issues on below website please let us know. >> >> http://bugs.alpinelinux.org >> http://redmine.alpinelinux.org >> https://bugs.alpinelinux.org >> https://redmine.alpinelinux.org >> >> http://nl.alpinelinux.org and http://rsync.alpinelinux.org are also >> located behind the reverse proxy. It runs without caching for obvious >> reasons. If you find any issues with it please let us know. >> >> -carlo >> >> >> --- >> Unsubscribe: =A0alpine-devel+unsubscribe@lists.alpinelinux.org >> Help: =A0 =A0 =A0 =A0 alpine-devel+help@lists.alpinelinux.org >> --- >> >> > --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---