Enable HTTPS

[rurseekatze]

Enable HTTPS for:

• Static website and mailing list archive served by Apache
• [x] lists.openrailwaymap.org
• [x] www.openrailwaymap.org
• [x] blog.openrailwaymap.org
• [x] tiles.openrailwaymap.org
• [x] api.openrailwaymap.org

Delivering tiles and API responses via HTTPS avoid mixed content problems when using in HTTPS pages.

[grischard]

To add maybe a bit of extra motivation, the CFL wifi in Luxembourg injects ads into OpenRailwayMap.

Is there anything I can do to help?

[rurseekatze]

We finally enabled HTTPS for website, API, tileserver and mailing list.

There are issues for adding HTTPS support directly to API and tileserver:

• https://github.com/rurseekatze/OpenRailwayMap/issues/564
• https://github.com/rurseekatze/node-tileserver/issues/131

On openrailwaymap.org both services are running behind an Apache proxy, so it is sufficient to enable HTTPS in Apache.