Notices by Aeris (aeris@status.imirhil.fr)

Aeris (aeris@status.imirhil.fr)'s status on Wednesday, 07-Sep-2016 21:25:32 UTC Aeris

Donc. Vous lisez ceci : https://www.digitalgov.gov/2016/09/07/lets-encrypt-those-cnames-shall-we/
Puis https://community.letsencrypt.org/t/support-for-https-only-with-http-01-challenge/15134/22?u=aeris
Je vous laisse tirer la conclusion qui s’impose…
In conversation Wednesday, 07-Sep-2016 21:25:32 UTC from status.imirhil.fr at 32°58'59"N 49°7'59"E permalink
Attachments
1. Let’s Encrypt Those CNAMES, Shall We?
  
  from DigitalGov
  
  This is post 4 in the 5-part series, The Right Tools for the Job: Re-Hosting DigitalGov Search to a Dynamic Infrastructure Environment. This post references the previous posts frequently, so please read those before reading this one if you haven't done so already. In addition to the DNS challenges created by offering "masked" domains such as nasasearch.nasa.gov, we also had to solve the problem of how to maintain SSL certificates for the main search.usa.gov domain along with the "masked" domains of all customers that wanted HTTPS support for their own domains. As also noted in an earlier post, this all needed to be done in a multi-app-server environment with no interruption of service. peterscode/iStock/Thinkstock SAN SSL Certificates and Let's Encrypt We knew we wanted to make use of a multi-domain Subject Alternative Name (SAN) SSL certificate, but the prospect of wrangling all the permissions and documentation required for authorizing such a certificate seemed quite daunting. The
2. Support for HTTPS only with http-01 challenge?
  
  from Let's Encrypt Community Support
  
  I don't fully agree with that assessment. DNSSec makes it harder with offline keys, yes, but there's no reason your DNS server can't have an API that allows you to provision the TXT record (in fact, most DNS server software supports something like that, and the vast majority of people use DNS services such as CloudFlare, Dyn or Route 53 which definitely do have something like that). There's also no reason you'll have to grant your web server access to the DNS server API - you can run a separat...
Aeris (aeris@status.imirhil.fr)'s status on Friday, 27-May-2016 21:16:49 UTC Aeris

Anybody using konversation here ? I have trouble with compose key… Unable to use it…

In conversation Friday, 27-May-2016 21:16:49 UTC from status.imirhil.fr at 32°58'59"N 49°7'59"E permalink
Aeris (aeris@status.imirhil.fr)'s status on Friday, 13-Feb-2015 19:08:53 UTC Aeris

Y’a plus personne dans le coin sur GNU/Social ? :(

In conversation Friday, 13-Feb-2015 19:08:53 UTC from status.imirhil.fr at 32°58'59"N 49°7'59"E permalink
Aeris (aeris@status.imirhil.fr)'s status on Saturday, 03-Jan-2015 09:58:43 UTC Aeris

Something nasty in Kazakhstan ? :s https://status.imirhil.fr/url/910

In conversation Saturday, 03-Jan-2015 09:58:43 UTC from status.imirhil.fr at 32°58'59"N 49°7'59"E permalink
Aeris (aeris@status.imirhil.fr)'s status on Sunday, 13-Jul-2014 11:54:40 UTC Aeris

Ah tient, je viens de me rendre compte qu'inconsciemment, j'ai toujours dis « être *sous* Mac » mais « être *sur* GNU/Linux ».

In conversation Sunday, 13-Jul-2014 11:54:40 UTC from status.imirhil.fr at 32°58'59"N 49°7'59"E permalink

Public

Notices by Aeris (aeris@status.imirhil.fr)

Internal Server Error

User actions