Change History (13)
comment:1 by , 17 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 17 years ago
| Cc: | added |
|---|
comment:3 by , 17 years ago
It would be great if the certificate could be exported from osgeo1 and applied to osgeo2 at the same time. Currently there's only a self-signed cert on osgeo2. The type of certificate that we have allows for multiple servers.
comment:4 by , 17 years ago
i can be available to set up the new ssl cert. when are thinking of getting it tyler?
shawn
comment:5 by , 17 years ago
Thanks Shawn, I can get it any time, but wanted to hold off until I knew what a good time for someone else would be. Let me know when a good time for you would be and I'll do it then.
comment:6 by , 17 years ago
| Owner: | changed from to |
|---|---|
| Status: | assigned → new |
Paid for renewal, passed updated cert file to Shawn to apply. As of today there are about 5 days left on old cert.
comment:7 by , 17 years ago
| Status: | new → assigned |
|---|
SSL Certs are updated. Please let me know if anything is not working.
Certs and key are saved at /root/DigiCert_osgeo_wildcard_certs.tbz2
shawn
comment:8 by , 17 years ago
Shawn, any chance you could load this onto osgeo2 as well? The wiki has an SSL cert loaded, but it's self-signed and doesn't look all that professional.
comment:9 by , 17 years ago
I'll look into it first chance i get, most likely sometime tomorrow.
shawn
comment:11 by , 17 years ago
Setting up the *.osgeo.org ssl cert for the wiki on osgeo is not going to be a straight forward implementation.
The gist of the problem is that a ssl connection happens before http - the default ssl certificate is used for the connection before apache deals with http - resolving vhosts. Apache can have only 1 ssl cert for name-based vhosts but, does allow for more than 1 ssl cert for ip-based vhosts.
Fortunately wiki.osgeo.org is an ip-based vhost but, the apache config on osgeo2 if fairly complex so it's gonna take me sometime to detangle it and figure out the best way to get our ssl attached to wiki.osgeo.org.
It would be much appreciated if anyone can answer; what sites (vhosts) on osgeo2 other than wiki use/need ssl?
-shawn
comment:12 by , 17 years ago
There isn't much more than the wiki running there, iirc. I wouldn't mind having the community subdomain Drupal site under SSL too, though not being actively used at the moment beyond me.
comment:13 by , 14 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
SSL Cert is currently good until 5/1/2011. Closing.
I can do the renew any time, but yes it expires soon. I need someone to be available to take to the new cert text they give me and apply it on the server. Howard, Shawn? I'm not sure who set this up initially.