From: Damien R. <dr...@ma...> - 2014-05-22 23:17:29
|
Hi guys, Following http://www.mantisbt.org/bugs/view.php?id=17363, I have now setup SSL on the server. For now I have it setup with two distinct configs, to give us time to test and see if there are any issues with the site's various components (tracker, forums, wiki, blog, etc). Please go to https://mantisbt.org and navigate through the site and use it as you normally would - let me know if you see anything not working as it should. In a few days if we see no issues, I'll setup automated redirection of http requests to https. Damien |
From: Roland B. <ro...@at...> - 2014-05-24 09:52:34
|
The Wiki link at https://www.mantisbt.org/bugs points to sub domain https://wiki.mantisbt.org You will get a browser warning that the certificate is not valid for it. The link used in documentation page works http://www.mantisbt.org/documentation.php https://www.mantisbt.org/wiki > Damien Regad <dr...@ma...> hat am 23. Mai 2014 um 01:17 geschrieben: > > > Hi guys, > > Following http://www.mantisbt.org/bugs/view.php?id=17363, I have now > setup SSL on the server. > > For now I have it setup with two distinct configs, to give us time to > test and see if there are any issues with the site's various components > (tracker, forums, wiki, blog, etc). > > Please go to https://mantisbt.org and navigate through the site and use > it as you normally would - let me know if you see anything not working > as it should. > > In a few days if we see no issues, I'll setup automated redirection of > http requests to https. > > Damien > > > > > ------------------------------------------------------------------------------ > "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE > Instantly run your Selenium tests across 300+ browser/OS combos. > Get unparalleled scalability from the best Selenium testing platform available > Simple to use. Nothing to install. Get started now for free." > http://p.sf.net/sfu/SauceLabs > _______________________________________________ > mantisbt-dev mailing list > man...@li... > https://lists.sourceforge.net/lists/listinfo/mantisbt-dev |
From: Damien R. <dr...@ma...> - 2014-05-25 09:07:17
|
Thanks for testing and feedback Roland, On 24.05.2014 11:52, Roland Becker wrote: > The Wiki link at https://www.mantisbt.org/bugs points to sub domain > https://wiki.mantisbt.org > You will get a browser warning that the certificate is not valid for it. The problem is due to the use of legacy subdomains like XXX.mantisbt.org (where XXX is blog, bugs, manual, forums, wiki, etc). These are configured in Apache with rewrite rules, redirecting to the canonical URL (i.e. mantisbt.org/XXX). The the certificate check occurs before the rewrite takes place, so unless I'm mistaken the error is be unavoidable given the way the certificate Victor provided was created. For now, I fixed the wiki link in the tracker by changing the URL in config_inc.php, but any other use of a subdomain URL (like from other, existing links or users' bookmarks) will still trigger the warning. For a more global fix, I think we'd need to get another certificate, with either 1. a "wildcard" (i.e. "*.mantisbt.org") but I think that feature is not available for StartCom's free certificates 2. define all existing subdomains in the certificate as DNS names (Subject Alt Name) Not sure it's worth the effort and/or cost. --- This email is free from viruses and malware because avast! Antivirus protection is active. http://www.avast.com |
From: P R. <pa...@ma...> - 2014-05-25 09:37:24
|
Er ,wont those links go to http://wiki.* or whatever? -----Original Message----- From: Damien Regad [mailto:dr...@ma...] Sent: 25 May 2014 10:07 To: Man...@li... Subject: Re: [mantisbt-dev] SSL on mantisbt.org Thanks for testing and feedback Roland, On 24.05.2014 11:52, Roland Becker wrote: > The Wiki link at https://www.mantisbt.org/bugs points to sub domain > https://wiki.mantisbt.org You will get a browser warning that the > certificate is not valid for it. The problem is due to the use of legacy subdomains like XXX.mantisbt.org (where XXX is blog, bugs, manual, forums, wiki, etc). These are configured in Apache with rewrite rules, redirecting to the canonical URL (i.e. mantisbt.org/XXX). The the certificate check occurs before the rewrite takes place, so unless I'm mistaken the error is be unavoidable given the way the certificate Victor provided was created. For now, I fixed the wiki link in the tracker by changing the URL in config_inc.php, but any other use of a subdomain URL (like from other, existing links or users' bookmarks) will still trigger the warning. For a more global fix, I think we'd need to get another certificate, with either 1. a "wildcard" (i.e. "*.mantisbt.org") but I think that feature is not available for StartCom's free certificates 2. define all existing subdomains in the certificate as DNS names (Subject Alt Name) Not sure it's worth the effort and/or cost. --- This email is free from viruses and malware because avast! Antivirus protection is active. http://www.avast.com ---------------------------------------------------------------------------- -- "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs _______________________________________________ mantisbt-dev mailing list man...@li... https://lists.sourceforge.net/lists/listinfo/mantisbt-dev |
From: Damien R. <dr...@ma...> - 2014-05-26 08:35:42
|
On 25.05.2014 11:37, P Richards wrote: > Er ,wont those links go to http://wiki.* or whatever? Those links, which links ? --- This email is free from viruses and malware because avast! Antivirus protection is active. http://www.avast.com |