nicopace
commented
7 years ago @p4u can we set this up? I can do it if I get access to it ;)
Closed PabloCastellano closed 6 years ago
nicopace
commented
7 years ago @p4u can we set this up? I can do it if I get access to it ;)
ilario
commented
7 years ago Right now downloads.libremesh.org has a let's Encrypt certificate. But it's expired... @p4u ?
gmarcos87
commented
7 years ago @ilario https://downloads.libremesh.org is not working
ilario
commented
7 years ago @gmarcos87 yep, it doesn't work neither on builds.libremesh.org nor on repo.libremesh.org nor on libremesh.org But I don't have any access to the servers, I think @p4u is the one for this.
ilario
commented
7 years ago Current situation of HTTPS support in our subdomains:
aparcar
commented
7 years ago What is the blocking thing here? https://krackattacks.com is just another reason to push this
ghost
commented
6 years ago I think nearly all of us is able to solve this. Please, let's do it
nicopace
commented
6 years ago Don't have access to this server. I guess @altergui or @nicoechaniz or @p4u can do it
aparcar
commented
6 years ago @PabloCastellano https://downloads.libremesh.org should work now
ilario
commented
6 years ago Thanks @aparcar and @p4u! Closing. The only couple of small things missing, are: redirect all traffic from HTTP to HTTPS on enlist in HTTPS Everywhere lists: https://www.eff.org/https-everywhere/faq#how-do-i-add-my-own-site-to-https-everywhere
That subdomain contains firmware images and without https it's easy to distribute trojanized images in certain cases. You can use Let's Encrypt which for ease and free-of-charge.
Have a look at https://certbot.eff.org/ for the setup.