ignite-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Konstantin Boudnik <...@apache.org>
Subject Re: SSL certificate for the CI server
Date Wed, 26 Jul 2017 18:16:52 GMT
Good point! Thanks! Please let me know if you need any assistance from me
--
  With regards,
Konstantin (Cos) Boudnik
2CAC 8312 4870 D885 8616  6115 220F 6980 1F27 E622

Disclaimer: Opinions expressed in this email are those of the author,
and do not necessarily represent the views of any company the author
might be affiliated with at the moment of writing.


On Wed, Jul 26, 2017 at 2:29 AM, Aleksey Chetaev <alex.chetaev@gmail.com> wrote:
> Konstantin,
> Ok, no objections from my side. I need some times for read documentation. I
> hope we will finished in two weeks.
>
> http://reviews.ignite.apache.org - will setup for ssl using too.
>
>
>
> Konstantin Boudnik-2 wrote
>> I have never heard about this provider, and it is great they are donating
>> their resources to the FOSS. I quick glance on their site has reveiled a
>> couple of issues:
>> - the page for the "Standard Agreement" returns 404 [1]. I won't be
>> willing to
>>   agree to something I cannot read upfront.
>> - the process seems to be manual.
>>
>> The reason I like [2] is because it's backed by EFF and has a huge user
>> base
>> (over 100 millions certificates to date) [3]
>>
>> The process has been debugged already for other Apache projects, so I
>> don't
>> really see why we need to go to someone else?
>>
>> [1]
>> https://www.globalsign.com/en/repository/globalsign-subscriber-agreement-digital-certificates-and-services.pdf
>> [2] https://letsencrypt.org/
>> [3]
>> https://www.eff.org/deeplinks/2017/06/lets-encrypt-has-issued-100-million-certificates
>>
>> Thanks,
>>   Cos
>>
>> On Wed, Jul 19, 2017 at 09:41PM, Aleksey Chetaev wrote:
>>> Hi,
>>>
>>> A know GlobalSing support open source projects for
>>> free(https://www.globalsign.com/en/ssl/ssl-open-source/).
>>> We can request certificates from them, it will be more easy for me. Any
>>> objection?
>>>
>>>
>>> Denis Magda-2 wrote
>>> > Hi Cos,
>>> >
>>> > Alexey Chetaev, please join the conversation and share your thoughts on
>>> > this.
>>> >
>>> > —
>>> > Denis
>>> >
>>> >> On Jul 19, 2017, at 9:44 AM, Konstantin Boudnik &lt;
>>>
>>> > cos@
>>>
>>> > &gt; wrote:
>>> >>
>>> >> Hey guys.
>>> >>
>>> >> I've noticed that https://ci.ignite.apache.org/ has two issues:
>>> >> - it has the invalid certificate
>>> >> - the CI server isn't responding on the https port (there's only
>>> ngnix)
>>> >>
>>> >> I don't about the rest of the group here, but all my browsers are
>>> >> enforcing
>>> >> HTTPS connections for the obvious reasons. I have to add an exception
>>> >> for the CI server to get in, which is a minor inconvenience compared
>>> to
>>> >> the
>>> >> security risks. I suggest we fix both issues.
>>> >> 1. Getting a valid certificate is easy and doesn't cost a dime
>>> nowadays.
>>> >>   Here's the very details set of instructions on how we do it for
>>> Apache
>>> >>   Bigtop. They are easily applicable in Ignite CI's case [1]. I'd be
>>> >> happy to
>>> >>   help with this.
>>> >> 2. Reconfiguring the server to respond only on HTTPS port. That's
>>> another
>>> >> easy
>>> >>   thing to do for anyone with the access to the box. I don't have
>>> this,
>>> >> so
>>> >>   it'd be someone else.
>>> >>
>>> >> Thoughts?
>>> >>  Cos
>>> >>
>>> >> [1]
>>> >>
>>> https://cwiki.apache.org/confluence/display/BIGTOP/Bigtop+CI+Setup+Guide#BigtopCISetupGuide-Advancedpart:SetupaSSLsecuredJenkinsmaster
>>> >>
>>>
>>>
>>>
>>>
>>>
>>> --
>>> View this message in context:
>>> http://apache-ignite-developers.2346864.n4.nabble.com/SSL-certificate-for-the-CI-server-tp19830p19840.html
>>> Sent from the Apache Ignite Developers mailing list archive at
>>> Nabble.com.
>>
>>
>> signature.asc (237 bytes)
>> &lt;http://apache-ignite-developers.2346864.n4.nabble.com/attachment/19933/0/signature.asc&gt;
>
>
>
>
>
> --
> View this message in context: http://apache-ignite-developers.2346864.n4.nabble.com/SSL-certificate-for-the-CI-server-tp19830p20066.html
> Sent from the Apache Ignite Developers mailing list archive at Nabble.com.

Mime
View raw message