#2195 closed infra (fixed)

RTEMS sites need trusted SSL certificate

Reported by: Gedare Bloom Owned by: Amar Takhar
Priority: highest Milestone: 4.11
Component: admin Version: 4.11
Severity: blocker Keywords: migration
Cc: Chris Johns, Joel Sherrill Blocked By:
Blocking:

Description

The current certificate presented over https for rtems.org sites requires users to validate. We need a certificate whose signature is automatically verified.

Change History (7)

comment:1 Changed on 11/21/14 at 03:18:10 by Chris Johns

A certificate from Global Signs has been applied for via https://www.globalsign.com/ssl/ssl-open-source/ and we are waiting to hear if we are accepted.

comment:2 Changed on 12/07/14 at 22:30:27 by Amar Takhar

Keywords: migration added

comment:3 Changed on 01/17/15 at 00:00:49 by Chris Johns

I understand we have receive a certificate.

comment:4 Changed on 01/20/15 at 23:37:25 by Joel Sherrill

This really needs to be resolved. It is a very visible issue that reflects badly on the project.

comment:5 Changed on 01/30/15 at 14:26:59 by philipp

May you please change your certificate. You can also get a free certificate from StartSSL (http://www.startssl.com/?app=1) if GlobalSign? does not provide a certificate.

Is it possible to remove the redirect from http to https in the meantime? Otherwise, I cannot access the webpage https://rtems.org webpage, but https://devel.rtems.org works surprisingly.

Currently, I get an errormessage that asks me to enable SSLv3, TLS 1.0, TLS 1.1 and TLS 1.2.
In our company, SSLv3 is disabled completely because of security reasons.

comment:6 in reply to:  5 Changed on 01/30/15 at 14:28:59 by Amar Takhar

Replying to philipp:

May you please change your certificate. You can also get a free certificate from StartSSL (http://www.startssl.com/?app=1) if GlobalSign? does not provide a certificate.

We already have a certificate from GlobalSign?. I am working on setting this up before the milestone:4.11 release.

Is it possible to remove the redirect from http to https in the meantime? Otherwise, I cannot access the

webpage https://rtems.org webpage, but https://devel.rtems.org works surprisingly.

Interesting, I will look into this today.

Currently, I get an errormessage that asks me to enable SSLv3, TLS 1.0, TLS 1.1 and TLS 1.2.
In our company, SSLv3 is disabled completely because of security reasons.

This is why, the configurations aren't synched between webservers as the website is still running the old configuration. I will fix this now. Thank you for the report!

comment:7 Changed on 03/02/15 at 20:35:34 by Amar Takhar

Resolution: fixed
Status: newclosed

This was fixed last week. We received a free certificate from Globalsign (thanks!)

Note: See TracTickets for help on using tickets.