Hi, I would suggest that we would use https for hosting gerrit, currently you cannot even access it, it'd be great, I am not sure why it would be non-HTTPS. Even though SSL has it's issues, it's still better than plain connections. -- Regards, Vinzenz Feenstra | Senior Software Engineer RedHat Engineering Virtualization R & D Phone: +420 532 294 625 IRC: vfeenstr or evilissimo Better technology. Faster innovation. Powered by community collaboration. See how it works at redhat.com
On 12/27/2012 01:38 PM, Vinzenz Feenstra wrote:
Hi,
I would suggest that we would use https for hosting gerrit, currently you cannot even access it, it'd be great, I am not sure why it would be non-HTTPS. Even though SSL has it's issues, it's still better than plain connections.
just need someone to get a certificate for the host and i'll configure https
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigC548341100B8F527CE7D7562 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 12/27/2012 04:30 AM, Itamar Heim wrote:
On 12/27/2012 01:38 PM, Vinzenz Feenstra wrote:
Hi,
I would suggest that we would use https for hosting gerrit, currently you cannot even access it, it'd be great, I am not sure why it would b= e non-HTTPS. Even though SSL has it's issues, it's still better than pla= in connections.
=20 just need someone to get a certificate for the host and i'll configure https
Yeah, I decided against self-signed cert for other services to avoid the trust issues with that. But a certificate authority-sourced SSL cert ... We can most likely get a certificate through Red Hat; they've offered to me in the the past for ovirt.org. Should we? - Karsten --=20 Karsten 'quaid' Wade, Sr. Analyst - Community Growth http://TheOpenSourceWay.org .^\ http://community.redhat.com @quaid (identi.ca/twitter/IRC) \v' gpg: AD0E0C41 --------------enigC548341100B8F527CE7D7562 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iD8DBQFQ39h82ZIOBq0ODEERAh/fAJ9+xMG08puRiGKcXWUrJkOTelkn3wCePzc6 EGkZ5IWVq6/U6G2kV9WL76g= =I4q3 -----END PGP SIGNATURE----- --------------enigC548341100B8F527CE7D7562--
On 12/30/2012 08:00 AM, Karsten 'quaid' Wade wrote:
On 12/27/2012 04:30 AM, Itamar Heim wrote:
On 12/27/2012 01:38 PM, Vinzenz Feenstra wrote:
Hi,
I would suggest that we would use https for hosting gerrit, currently you cannot even access it, it'd be great, I am not sure why it would be non-HTTPS. Even though SSL has it's issues, it's still better than plain connections.
just need someone to get a certificate for the host and i'll configure https
Yeah, I decided against self-signed cert for other services to avoid the trust issues with that. But a certificate authority-sourced SSL cert ...
We can most likely get a certificate through Red Hat; they've offered to me in the the past for ovirt.org. Should we?
+1. you need one for each dns name of course.
participants (3)
-
Itamar Heim -
Karsten 'quaid' Wade -
Vinzenz Feenstra