cbor.io is accessible via HTTPS but the cert isn't right (github.io issue)

cbor / cbor.github.io

cbor.io web site

74 stars 33 forks source link

cbor.io is accessible via HTTPS but the cert isn't right (github.io issue) #29

Closed durka closed 5 years ago

durka commented 7 years ago

Chrome throws up a security warning because the SSL certificate for cbor.io is registered to a.ssl.fastly.net.

shoeper commented 7 years ago

cbor.io is a Github Page. Not sure if it is possible to either upload a propriate certificate or disable SSL for the page.

cabo commented 7 years ago

Right. I could cloudflare the page, but then I'm not sure what the point of HTTPS access to the information here is in the first place.

durka commented 7 years ago

Yeah, I'll send a PR to the linking page instead.

On Tue, Apr 4, 2017 at 3:43 PM, cabo notifications@github.com wrote:

Right. I could cloudflare the page, but then I'm not sure what the point of HTTPS access to the information here is in the first place.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/cbor/cbor.github.io/issues/29#issuecomment-291610430, or mute the thread https://github.com/notifications/unsubscribe-auth/AAC3n0s5RuOVQ_vewwJRND5_utzpC4Fgks5rsp1HgaJpZM4MySen .

lgarron commented 5 years ago

GitHub Pages now supports HTTPS directly: https://blog.github.com/2018-05-01-github-pages-custom-domains-https/

Would it be possible to turn this on now? :-D

lgarron commented 5 years ago

Ahoy! It seems that cbor.io doesn't have an automatically provisioned certificate because it's pointing at old Pages IPs:

> dig -t A cbor.io
...
cbor.io.    300 IN  A 192.30.252.154
cbor.io.    300 IN  A 192.30.252.153

Could you either replace this with a CNAME entry of cbor.github.io, or update the set of A records to the four IP addresses listed at https://help.github.com/articles/setting-up-an-apex-domain/#configuring-a-records-with-your-dns-provider ? That should fix it!

lgarron commented 5 years ago

@cabo: Any chance you'd be able to change the DNS records as above?

cabo commented 5 years ago

Will look at it this weekend. I'd love to know why people think this is a good use of my time.

KOLANICH commented 5 years ago

Try disabling and then enabling TLS in GH-pages settings first. For some projects it had helped.

JeremyRand commented 5 years ago

Any news on this?

cabo commented 5 years ago

I have changed the DNS records as advised by github, but I'm now traveling, so may not be able to execute further steps until later.

lgarron commented 5 years ago

FWIW, HTTPS is working now!

I would recommend the "Force HTTPS" setting and then call it a day for now. :-D

cabo commented 5 years ago

Works for me, too. Thanks for nudging me. Closing ticket now.