SSL

Karsten 'quaid' Wade kwade at redhat.com
Wed Mar 27 15:55:48 UTC 2013


On 03/27/2013 03:46 PM, Alexander Rydekull wrote:
> I vote wildcard if we're just gonna use it to protect our web.

I admit to being a bit stupid here as to the differences.

My contact at Red Hat IT (who will get for us what we need) indicated
one-per-subdomain is considered more secure, but didn't have a problem
ordering a wildcard for us.

- Karsten

> On Wed, Mar 27, 2013 at 4:43 PM, Karsten 'quaid' Wade <kwade at redhat.com>wrote:
> 
>> On 03/27/2013 02:44 PM, Mike Burns wrote:
>>> On 03/27/2013 12:34 PM, Karsten 'quaid' Wade wrote:
>>>> We can get an SSL cert for each subdomain, or we can get a wildcard
>>>> cert. My understanding is that it is more secure to use
>>>> one-per-subdomain.
>>>>
>>>> Presuming we want the one-per model, what are the subdomains we need to
>>>> get a cert for?
>>>>
>>>> gerrit.ovirt.org
>>>> jenkins.ovirt.org
>>>> resources.ovirt.org
>>>> foreman.ovirt.org
>>>> smartproxy.ovirt.org
>>>> lists.ovirt.org
>>>>
>>>
>>> etherpad?
>>> what about base ovirt.org (the wiki)?
>>
>> +1 to both (www, etherpad).
>>
>> Basically, anything that has a login over HTTP.
>>
>> - Karsten
>> --
>> Karsten 'quaid' Wade, Sr. Analyst - Community Growth
>> http://TheOpenSourceWay.org  .^\  http://community.redhat.com
>> @quaid (identi.ca/twitter/IRC)  \v'  gpg: AD0E0C41
>>
>>
>> _______________________________________________
>> Infra mailing list
>> Infra at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/infra
>>
>>
> 
> 


-- 
Karsten 'quaid' Wade, Sr. Analyst - Community Growth
http://TheOpenSourceWay.org  .^\  http://community.redhat.com
@quaid (identi.ca/twitter/IRC)  \v'  gpg: AD0E0C41

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 255 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ovirt.org/pipermail/infra/attachments/20130327/3c5d8801/attachment.sig>


More information about the Infra mailing list