#2195 closed infra (fixed)

RTEMS sites need trusted SSL certificate

Reported by: Gedare Bloom Owned by: Amar Takhar
Priority: highest Milestone: 4.11
Component: admin Version: 4.11
Severity: blocker Keywords: migration
Cc: Chris Johns, Joel Sherrill Blocked By:
Blocking:

Description

The current certificate presented over https for rtems.org sites requires users to validate. We need a certificate whose signature is automatically verified.

Change History (7)

comment:1 Changed on Nov 21, 2014 at 3:18:10 AM by Chris Johns

A certificate from Global Signs has been applied for via https://www.globalsign.com/ssl/ssl-open-source/ and we are waiting to hear if we are accepted.

comment:2 Changed on Dec 7, 2014 at 10:30:27 PM by Amar Takhar

Keywords: migration added

comment:3 Changed on Jan 17, 2015 at 12:00:49 AM by Chris Johns

I understand we have receive a certificate.

comment:4 Changed on Jan 20, 2015 at 11:37:25 PM by Joel Sherrill

This really needs to be resolved. It is a very visible issue that reflects badly on the project.

comment:5 Changed on Jan 30, 2015 at 2:26:59 PM by philipp

May you please change your certificate. You can also get a free certificate from StartSSL (http://www.startssl.com/?app=1) if GlobalSign? does not provide a certificate.

Is it possible to remove the redirect from http to https in the meantime? Otherwise, I cannot access the webpage https://rtems.org webpage, but https://devel.rtems.org works surprisingly.

Currently, I get an errormessage that asks me to enable SSLv3, TLS 1.0, TLS 1.1 and TLS 1.2.
In our company, SSLv3 is disabled completely because of security reasons.

comment:6 in reply to:  5 Changed on Jan 30, 2015 at 2:28:59 PM by Amar Takhar

Replying to philipp:

May you please change your certificate. You can also get a free certificate from StartSSL (http://www.startssl.com/?app=1) if GlobalSign? does not provide a certificate.

We already have a certificate from GlobalSign?. I am working on setting this up before the milestone:4.11 release.

Is it possible to remove the redirect from http to https in the meantime? Otherwise, I cannot access the

webpage https://rtems.org webpage, but https://devel.rtems.org works surprisingly.

Interesting, I will look into this today.

Currently, I get an errormessage that asks me to enable SSLv3, TLS 1.0, TLS 1.1 and TLS 1.2.
In our company, SSLv3 is disabled completely because of security reasons.

This is why, the configurations aren't synched between webservers as the website is still running the old configuration. I will fix this now. Thank you for the report!

comment:7 Changed on Mar 2, 2015 at 8:35:34 PM by Amar Takhar

Resolution: fixed
Status: newclosed

This was fixed last week. We received a free certificate from Globalsign (thanks!)

Note: See TracTickets for help on using tickets.