[CentOS-mirror] Let's Encrypt certs for CentOS mirrors

Levi Pihema-Lindsay levi at 2prointl.co
Mon Jan 16 01:56:54 UTC 2017


I wouldn't make Apache force redirects to SSL (due to the way yum works, I'm pretty sure it will error without you explicitly stating https://)

-L

> On 16/01/2017, at 2:54 PM, Ryan Nix <ryan.nix at gmail.com> wrote:
> 
> Terrific, thanks! The Certbot tool automatically configured Apache to redirect all requests to 443 so I’m glad to hear yum will accept https.
> 
> 
>> On Jan 15, 2017, at 7:52 PM, Levi Pihema-Lindsay <levi at 2prointl.co> wrote:
>> 
>> Hey Ryan,
>> 
>> It's perfectly okay for you to deploy a mirror with SSL and plain HTTP, but bear in mind that mirrors will default to HTTP for simplicity (however, if you manually specify a mirror, yum will accept HTTPS)
>> 
>> -L
>> 
>>> On 16/01/2017, at 2:48 PM, Ryan Nix <ryan.nix at gmail.com> wrote:
>>> 
>>> Hi All,
>>> 
>>> Still haven’t heard back about whether it’s ok to use SSL on our mirror. If it is, it looks like ours might be once of the first to do so? Not seeing any mirrors wth https: https://www.centos.org/download/mirrors/
>>> 
>>> At any rate, if this ok to do, it would be great if all mirrors started adopting https on their public CentOS mirror. Certbot makes it incredibly easy to deploy a free Let’s Encrypt cert on your mirror, and it literally only takes about 30 seconds to run this nifty tool. https://certbot.eff.org
>>> 
>>> - Ryan
>>> 
>>> 
>>> 
>>> _______________________________________________
>>> CentOS-mirror mailing list
>>> CentOS-mirror at centos.org
>>> https://lists.centos.org/mailman/listinfo/centos-mirror
>> 
>> _______________________________________________
>> CentOS-mirror mailing list
>> CentOS-mirror at centos.org
>> https://lists.centos.org/mailman/listinfo/centos-mirror
> 
> _______________________________________________
> CentOS-mirror mailing list
> CentOS-mirror at centos.org
> https://lists.centos.org/mailman/listinfo/centos-mirror



More information about the CentOS-mirror mailing list