> On Mar 6, 2017, at 12:16 AM, Cory Benfield <c...@lukasa.co.uk> wrote: > > >> On 6 Mar 2017, at 07:22, Tristan Seligmann <mithra...@mithrandi.net >> <mailto:mithra...@mithrandi.net>> wrote: >> >> twistedmatrix.com <http://twistedmatrix.com/>'s current certificate is >> issued by StartCom Certification Authority; for certificates issued by this >> CA prior to 2016-09-21, the domain must be on a Chrome whitelist for it to >> be accepted. As of Chrome 58.0.3026.3 (canary/dev channel only, currently, >> but eventually this will presumably be in a release version) >> twistedmatrix.com <http://twistedmatrix.com/> is no longer[1] on the >> whitelist, which means that twistedmatrix.com <http://twistedmatrix.com/> >> will issue a certificate error. Can we switch to another CA? (Let's Encrypt, >> for example; I hear somebody wrote a Twisted library for using that) >> >> I'm sending this to the general list in case anyone else has been scratching >> their head about why they're getting cert warnings. > > This is an extremely good idea.
Yes please. This is the rare ops task that will actually be quite easy for someone to add in to Braid as a PR: https://github.com/twisted-infra/braid <https://github.com/twisted-infra/braid> If you have a look at https://github.com/twisted-infra/braid/blob/master/services/t-web/twisted-web/ports <https://github.com/twisted-infra/braid/blob/master/services/t-web/twisted-web/ports> you might be able to guess how such a thing would go... -glyph
_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
