Closed alexokeefe closed 5 years ago
Thanks for this @alexokeefe. Facebook evidently now requires use of the HTTPS protocol for the user of its auth layer. We can set that up, but it will require some testing and implementation time + maintenance.
@pleonard212 This may be a good opportunity for us to work with internal IT to get them to provision and manage SSL certs. Should I spend some time digging in on this?
Sure, I think that makes sense, as HTTPS will only become more important. Should we temporarily disable the Facebook login button?
Certs requested from internal Yale form so central IT can manage them just now. I'll update when they arrive...
This is all set now via nginx config. Note that the global sign docs outline two different values for the list of pem files in the combined cert. The proper combined order is:
cert emailed from global sign intermediate (organizational) cert r1 root (organizational) cert
assuming one is using organizational certs.
Just tried to login using Facebook to try and be different users when transcribing - Facebook gave error. See attached.