Closed WoH closed 8 years ago
I suppose we can use a certificate from Let's encrypt.
Yeah, I'll do that on production, via let's encrypt or startssl, but rather the first one
status?
My understanding of this was that @sacdallago is going to take care of it? Is this still correct?
Yes. We have the domain name, I just have to buy the server, get the certificates and migrate docker cloud. My agenda says this should be done until Wednesday
How do you want to read the certificate inside the Docker container? Mounting a volume into the container and then use an environment variable to specify the location?
docker run catchemall -v ~/secret:/secret -e HTTPS_CERTIFICATE=/secret/cert.pem
Nah: I'll just connect to the VM, install letsencrypt
, get the certificate, reverse-proxy via nginx. It's what I'm doing with http://cell.dallago.us which really is http://cellmap-devel.bb5a8828.svc.dockerapp.io:2090 (adding the certificate layer via nginx is a joke).
So for requests to the API we have the client sending an https request to your nginx server which proxies the request to the CatchEmAll docker container running a node server which proxies the request to the PokeData container? :D
...
No but seriously... Sounds fine to me. Less to do on our side :)
@sacdallago is this me or should https://cell.dallago.us/ then actually work instead of showing ERR_SSL_PROTOCOL_ERROR
? :D
@AlexanderLill I never shared a link containing HTTPS ;) for that website, https would just slow requests down. No need for the extra security.
Ah, then I misunderstood that :D My bad :)
On Oct 11, 2016 03:26, "Christian Dallago" notifications@github.com wrote:
@AlexanderLill https://github.com/AlexanderLill I never shared a link containing HTTPS ;) for that website, https would just slow requests down. No need for the extra security.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/PokemonGoers/Catch-em-all/issues/77#issuecomment-252787680, or mute the thread https://github.com/notifications/unsubscribe-auth/AKkaOVcvsa-mMyM483HWPiZBfv-T1Zkkks5qyuW1gaJpZM4KDQhi .
A secure context such as HTTPS will be required to access use the Geolocation API for our Project.