The browsers are starting to get very aggressive about warning about no SSL for websites, and OSGeo has many project websites that are managed under OSGeo's DNS.
How can OSGeo/SAC manage SSL certificate purchases and management for these websites? Is this something SAC should do and OSGeo should pay for? Should we pay for service from something like CloudFlare ($60/yr/site approx)? Something else?
This seems like a good place for automating Let's Encrypt to me.
Harrison
On Feb 21, 2017, at 1:27 PM, Howard Butler <howard@hobu.co> wrote:
The browsers are starting to get very aggressive about warning about no SSL for websites, and OSGeo has many project websites that are managed under OSGeo's DNS.
How can OSGeo/SAC manage SSL certificate purchases and management for these websites? Is this something SAC should do and OSGeo should pay for? Should we pay for service from something like CloudFlare ($60/yr/site approx)? Something else?
On Tue, Feb 21, 2017 at 01:56:35PM -0800, Harrison Grundy wrote:
This seems like a good place for automating Let's Encrypt to me.
Yes, that's the plan. We want to move all certs to let's encrypt.
There should be a ticket about that already, Harrison maybe this
could be a "welcome" task for you ?
--strk;
Harrison
> On Feb 21, 2017, at 1:27 PM, Howard Butler <howard@hobu.co> wrote:
>
> The browsers are starting to get very aggressive about warning about no SSL for websites, and OSGeo has many project websites that are managed under OSGeo's DNS.
>
> mapserver.org
> proj4.org
> gdal.org
> geotools.org
> openlayers.org
> postgis.net
> deegree.org
>
> How can OSGeo/SAC manage SSL certificate purchases and management for these websites? Is this something SAC should do and OSGeo should pay for? Should we pay for service from something like CloudFlare ($60/yr/site approx)? Something else?
>
> Howard