I'm for enabling HTTPS, and have actually thought it's something we ought to have... So I took a look at letsencrypt tonight. It seems doable, but I'm a little concerned it'll take more work than its worth. Roughly: - Ensure dependencies are met (this is probably not so bad) - Install the Letsencrypt (LE) client - Make LE work and get a certificate Involves setting up a private key, and I think submitting some e-mail address to letsencrypt. Not sure what address that should be - is there e.g. an ad...@lyx.org? - Make some cron job or similar renew the certificate every 90 days - Adjust links on wiki and web pages to support working over HTTPS (maybe links have HTTP hardcoded for instance)
Note: The LE client needs root access, e.g. to stop/start apache, and to do other stuff in order to prove to the LE servers that we (i.e. the server) really are the one controlling www.lyx.org and wiki.lyx.org. The cron job then also needs root/sudo in order to update the client. Regards, Christian On 2 December 2015 at 06:27, LyX Ticket Tracker <t...@lyx.org> wrote: > #9873: lyx.org does not support https > -----------------------+-------------------- > Reporter: uwestoehr | Owner: chr > Type: defect | Status: new > Priority: normal | Milestone: > Component: website | Version: 2.1.4 > Severity: normal | Resolution: > Keywords: | > -----------------------+-------------------- > > Comment (by skostysh): > > Seems that now might be a good time to look into it: > > https://letsencrypt.org/2015/11/12/public-beta-timing.html?v=2 > > -- > Ticket URL: <http://www.lyx.org/trac/ticket/9873#comment:7> > The LyX Project <http://www.lyx.org/> > LyX -- The Document Processor > -- Christian Ridderström, +46-70 687 39 44
