<html><body>
<h3>Evgheni Dereveanchin created OVIRT-1934:</h3>
<pre> Summary: install wildcard Let's Encrypt certificate on PHX load balancer
Key: OVIRT-1934
URL: https://ovirt-jira.atlassian.net/browse/OVIRT-1934
Project: oVirt - virtualization made easy
Issue Type: Task
Reporter: Evgheni Dereveanchin
Assignee: infra</pre>
<p>Let's Encrypt announced that wildcard support is now live: <a href="https://community.letsencrypt.org/t/acme-v2-production-environment-wildcards/55578">https://community.letsencrypt.org/t/acme-v2-production-environment-wildcards/55578</a></p>
<p>It's a great opportunity to secure all of our traffic by putting traffic through a reverse proxy. We already have a HAProxy load balancer installed for OpenShift and can re-use it for this purpose.</p>
<p>Opening this ticket to investigate the details:</p>
<ul><li><p>client software required</p></li>
<li><p>DNS changes required</p></li>
<li><p>reliability questions (make an HA cluster with HAProxies? How do certs get renewed and shared then?)</p></li></ul>
<p>— This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100082)</p>
<img src="https://u4043402.ct.sendgrid.net/wf/open?upn=i5TMWGV99amJbNxJpSp2-2BJ33BSM3tuiUfRTk64K-2BOjHVixifWxe-2FeCnf2feBTTo04LraL7gSdAIqhTpgpf4CdF-2BQCxd5-2Fr42wd8kpk8l4YO1FAiYxuund4d9tUc3vfGNWhF0pbt6f-2BjUwsbL-2Fk72snAQ-2Bmd2LFEWvu-2BFpgHKmiFpxa-2BPbU2wNCr-2FU1rCRf1U7bVItop4OHnyhrGtor5S3d-2FGKUJX8sOIa24nwZ-2F5x2jFc-2B4lBUpR54wpBV-2BGKbsOpWfwdBXMiNuuUIFoEIrsPlKRT7Dx3RLYnI-2Ftd5-2Fm4LkUI0Myha8nQ54HZbu8oylpu4Fm-2BjHoRwTSJrzZuxACW9qn33-2BdJ-2BJzbwVwfNZjuOTIpLlw68DRsKgtKYHCFAvHlMELYRw19ZMgsJZ-2FBCkvWfJ-2FtGceh3RYvAkdbV1hU7nbXm-2FY-2F-2FLOOhUDJtEZGINJteszXCRixYDqhAg3sLswGw-3D-3D" alt="" width="1" height="1" border="0" style="height:1px !important;width:1px !important;border-width:0 !important;margin-top:0 !important;margin-bottom:0 !important;margin-right:0 !important;margin-left:0 !important;padding-top:0 !important;padding-bottom:0 !important;padding-right:0 !important;padding-left:0 !important;"/>
</body></html>