Jeff, if my understanding is correct, https requires open-mpi.org is the only (httpd) domain served on port 443 for a given IP (e.g. no shared hosting) a certificate is based on host name (e.g. www.open-mpi.org) and can contains wildcards (e.g. *.open-mpi.org) so if the first condition is met, then you should be able to reuse the certificate that was previously used at UI.
makes sense ? Cheers, Gilles On Sunday, July 31, 2016, Jeff Squyres (jsquyres) <jsquy...@cisco.com> wrote: > I knew about letsencrypt (it's sponsored by my own company, Cisco -- > huzzah!). But I (apparently foolishly) didn't think SSL was important, and > didn't want to bother with figuring out how to do all the SSL-sysadmin-ish > things. :-) > > I just poked around with letsencrypt.org; it looks actually pretty simple > (even on a hosted site where we have limited ssh access to the web server > itself -- I used https://github.com/Neilpang/acme.sh and it worked like a > champ). > > PSA: If you have an http web site, you should go look at letsencrypt.org. > > I'll look at getting www.open-mpi.org back to https shortly. > > > > > > On Jul 30, 2016, at 12:51 PM, Craig Inches <open...@xayto.net > <javascript:;>> wrote: > > > > There is a free service for certificates, two that I know of infact. > > > > https://www.startssl.com/ and https://letsencrypt.org/ > > > > Startssl is more your tradition cert request process and lets encrypt is > a project for automated free certificates but if sysadmin'ing is not your > primary thing then I would say go with Start! I use them for all my sites. > > > > Also Durga, the SSL is at a preceding step to the redirect, it is > confirmed before establishing the http connection. > > > > Cheers, Craig > > > > On Sat, Jul 30, 2016 at 12:39:23PM -0400, dpchoudh . wrote: > > > > Hi Jeff and all Disclaimer: I know next to nothing about how the web > works. Having said that, would it not be possible to redirect an https > request to a http request? I believe apache mod-rewrite can do it. Or does > this certificate check happens even before the rewrite? Regards Durga > > > > The woods are lovely, dark and deep; but I have promises to keep. And > kilometers to go before I sleep; and kilometers to go before I sleep. On > Sat, Jul 30, 2016 at 12:31 PM, Jeff Squyres (jsquyres) <[1] > jsquy...@cisco.com <javascript:;>> wrote: > > > > Meh. That's a good point. We might have to pony up the cost for > > the certificates, then. :-( > > (Indiana University provided all this stuff to us for free; now that > > the community has to pay for our own hosting, the funding has to > > come from some where). > > Please bear with us -- all this sysadmin/infrastructure stuff is > > completely unrelated to do with our real jobs (i.e., software > > development of Open MPI); we're doing all this migration work on > > nights, weekends, and sometimes while waiting for lengthy > > compiles. We didn't think of the Google-will-have-https-links > > issue. :-\ > > > On Jul 30, 2016, at 12:27 PM, Bennet Fauber <[2]ben...@umich.edu > <javascript:;>> > > wrote: > > > > > > Thanks, Jeff, > > > > > > Just to note, though, many, many links in Google searches will > > have > > > the https address. > > > > > > -- bennet > > > > > > > > > On Sat, Jul 30, 2016 at 12:21 PM, Jeff Squyres (jsquyres) > > > <[3]jsquy...@cisco.com <javascript:;>> wrote: > > >> Hmm. Sorry about this; we just moved the web site from Indiana > > University to Host Gator (per > > [4]http://www.open-mpi.org/community/lists/devel/2016/06/19139.php). > > >> > > >> I thought I had disabled https for the web site last night when I > > did the move -- I'll have to check into this. > > >> > > >> For the meantime, please just use [5]http://www.open-mpi.org/. > > >> > > >> > > >> > > >>> On Jul 30, 2016, at 11:25 AM, Bennet Fauber > > <[6]ben...@umich.edu <javascript:;>> wrote: > > >>> > > >>> I am getting a certificate error from > > [7]https://www.open-mpi.org/ > > >>> > > >>> The owner of [8]www.open-mpi.org has configured their website > > improperly. > > >>> To protect your information from being stolen, Firefox has not > > >>> connected to this website. > > >>> > > >>> and if I go to advanced and ask about the certificate, it says > > >>> > > >>> The certificate is only valid for the following names: > > >>> *.[9]hostgator.com, [10]hostgator.com > > >>> > > >>> > > >>> Is this something I have done to myself? > > >>> _______________________________________________ > > >>> users mailing list > > >>> [11]users@lists.open-mpi.org <javascript:;> > > >>> [12]https://rfd.newmexicoconsortium.org/mailman/listinfo/users > > >> > > >> > > >> -- > > >> Jeff Squyres > > >> [13]jsquy...@cisco.com <javascript:;> > > >> For corporate legal information go to: > > [14]http://www.cisco.com/web/about/doing_business/legal/cri/ > > >> > > >> _______________________________________________ > > >> users mailing list > > >> [15]users@lists.open-mpi.org <javascript:;> > > >> [16]https://rfd.newmexicoconsortium.org/mailman/listinfo/users > > > _______________________________________________ > > > users mailing list > > > [17]users@lists.open-mpi.org <javascript:;> > > > [18]https://rfd.newmexicoconsortium.org/mailman/listinfo/users > > -- > > Jeff Squyres > > [19]jsquy...@cisco.com <javascript:;> > > For corporate legal information go to: > > [20]http://www.cisco.com/web/about/doing_business/legal/cri/ > > _______________________________________________ > > users mailing list > > [21]users@lists.open-mpi.org <javascript:;> > > [22]https://rfd.newmexicoconsortium.org/mailman/listinfo/users > > > > References > > • jsquy...@cisco.com <javascript:;> > > > > • ben...@umich.edu <javascript:;> > > > > • jsquy...@cisco.com <javascript:;> > > > > • http://www.open-mpi.org/community/lists/devel/2016/06/19139.php > > > > • http://www.open-mpi.org/ > > > > • ben...@umich.edu <javascript:;> > > > > • https://www.open-mpi.org/ > > > > • http://www.open-mpi.org/ > > > > • http://hostgator.com/ > > > > • http://hostgator.com/ > > > > • users@lists.open-mpi.org <javascript:;> > > > > • > https://rfd.newmexicoconsortium.org/mailman/listinfo/users > > > > • jsquy...@cisco.com <javascript:;> > > > > • http://www.cisco.com/web/about/doing_business/legal/cri/ > > > > • users@lists.open-mpi.org <javascript:;> > > > > • > https://rfd.newmexicoconsortium.org/mailman/listinfo/users > > > > • users@lists.open-mpi.org <javascript:;> > > > > • > https://rfd.newmexicoconsortium.org/mailman/listinfo/users > > > > • jsquy...@cisco.com <javascript:;> > > > > • http://www.cisco.com/web/about/doing_business/legal/cri/ > > > > • users@lists.open-mpi.org <javascript:;> > > > > • > https://rfd.newmexicoconsortium.org/mailman/listinfo/users > > > > _______________________________________________ > > users mailing list > > users@lists.open-mpi.org <javascript:;> > > https://rfd.newmexicoconsortium.org/mailman/listinfo/users > > > > > > _______________________________________________ > > users mailing list > > users@lists.open-mpi.org <javascript:;> > > https://rfd.newmexicoconsortium.org/mailman/listinfo/users > > > -- > Jeff Squyres > jsquy...@cisco.com <javascript:;> > For corporate legal information go to: > http://www.cisco.com/web/about/doing_business/legal/cri/ > > _______________________________________________ > users mailing list > users@lists.open-mpi.org <javascript:;> > https://rfd.newmexicoconsortium.org/mailman/listinfo/users
_______________________________________________ users mailing list users@lists.open-mpi.org https://rfd.newmexicoconsortium.org/mailman/listinfo/users
