I see we have HSTS enabled for some reason for ovirt.org: strict-transport-security max-age=31536000; includeSubDomains; preload This is the most severe option and ask browser to use https for everything at overt.org including the subdomains. Moreovers it also ask to include into the Chrome preload built in white list too. Anybody have info how enabled it and why? We definitely have subdomains without https still. Anton. On 9 May 2018 at 09:07:28, Sandro Bonazzola (sbonazzo@redhat.com) wrote:

2018-05-08 21:04 GMT+02:00 Gianluca Cecchi :

...

On Tue, May 8, 2018 at 6:10 PM, Sandro Bonazzola wrote:

...

2018-05-08 11:45 GMT+02:00 Sandro Bonazzola :

...

oVirt Orb image has been updated with oVirt 4.2.3 content[1] oVirt Orb is a project that allows anyone to easily take an oVirt for a ride, test and play with it.

See oVirt Orb documentation for using it[2]

[1] http://resources.ovirt.org/pub/ovirt-4.2/ovirt-orb/ [2] https://ovirt.org/documentation/ovirt-orb/

Please use http instead of https when trying to access http://resources.ovirt.org/pub/ovirt-4.2/ovirt-orb/ https is knwon to be not working, a ticket has been already opened for tracking the issue.

it seems there is in place an automatic redirect to https, so the http link doesn't work at the moment, at least for me.

It happened to me as well with google chrome. Not sure what happened, but a workaround that helped me is: - open chrome://net-internals/#hsts - go to "Delete domain security policies" section - enter "ovirt.org" and hit "Delete"

...

Gianluca

--

SANDRO BONAZZOLA

ASSOCIATE MANAGER, SOFTWARE ENGINEERING, EMEA ENG VIRTUALIZATION R&D

Red Hat EMEA

sbonazzo@redhat.com

_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org