<br><br><div class="gmail_quote"><div dir="ltr">On Sat, Jan 2, 2016, 10:07 PM Bernie Innocenti <<a href="mailto:bernie@codewiz.org">bernie@codewiz.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 01/02/2016 11:52 AM, Samuel Cantero wrote:<br>
> Cool! I haven't heard about it before! I'll do it.<br>
<br>
Sunjammer might be too old to run this stuff. Can we start with<br>
<a href="http://www.sugarlabs.org" rel="noreferrer" target="_blank">www.sugarlabs.org</a>?<br></blockquote></div><div><br></div><div>WWW is on freedom now.</div><div><br></div><div>It installs via a python virtual environment thing, so maybe that's OK for sunjammer?</div><div><br></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
Or maybe make a container to obtain specific certificates for all our<br>
subdomains? Not sure if we should have one wildcard certificate<br>
installed everywhere or several specific ones for each site...<br></blockquote></div><div><br></div><div>Let's encrypt doesn't support wildcards, and probably will now due to challenges of automatically verifying ownership.</div><div><br></div><div>That's annoying as the wildcard currently simplify creating new ssl sites to simply including the slo shared config.  Maybe we can make a script that automates setting up nginx with a new subdomain?</div><div><br></div><div>Thanks,</div><div>Sam</div><div><br></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
<br>
> On Saturday, 2 January 2016, Bernie Innocenti <<a href="mailto:bernie@codewiz.org" target="_blank">bernie@codewiz.org</a>> wrote:<br>
><br>
>> Should we start migrating SL to the <a href="http://letsencrypt.org" rel="noreferrer" target="_blank">letsencrypt.org</a> free certificates?<br>
>><br>
>> Besides the small $$ savings, I like how it lets us part ways from the<br>
>> traditional certificate authorities and their inflexible policies.<br>
>><br>
>> Here are some setup instructions:<br>
>><br>
>><br>
>><br>
>> <a href="https://vincent.composieux.fr/article/install-configure-and-automatically-renew-let-s-encrypt-ssl-certificate" rel="noreferrer" target="_blank">https://vincent.composieux.fr/article/install-configure-and-automatically-renew-let-s-encrypt-ssl-certificate</a><br>
>><br>
>> Who wants to give it a try?<br>
>><br>
>> --<br>
>>  _ // Bernie Innocenti<br>
>>  \X/  <a href="http://codewiz.org" rel="noreferrer" target="_blank">http://codewiz.org</a><br>
>> _______________________________________________<br>
>> Systems mailing list<br>
>> <a href="mailto:Systems@lists.sugarlabs.org" target="_blank">Systems@lists.sugarlabs.org</a> <javascript:;><br>
>> <a href="http://lists.sugarlabs.org/listinfo/systems" rel="noreferrer" target="_blank">http://lists.sugarlabs.org/listinfo/systems</a><br>
>><br>
><br>
><br>
><br>
> _______________________________________________<br>
> Systems mailing list<br>
> <a href="mailto:Systems@lists.sugarlabs.org" target="_blank">Systems@lists.sugarlabs.org</a><br>
> <a href="http://lists.sugarlabs.org/listinfo/systems" rel="noreferrer" target="_blank">http://lists.sugarlabs.org/listinfo/systems</a><br>
><br>
<br>
<br>
--<br>
 _ // Bernie Innocenti<br>
 \X/  <a href="http://codewiz.org" rel="noreferrer" target="_blank">http://codewiz.org</a><br>
_______________________________________________<br>
Systems mailing list<br>
<a href="mailto:Systems@lists.sugarlabs.org" target="_blank">Systems@lists.sugarlabs.org</a><br>
<a href="http://lists.sugarlabs.org/listinfo/systems" rel="noreferrer" target="_blank">http://lists.sugarlabs.org/listinfo/systems</a><br>
</blockquote></div>