[CentOS-mirror] Let's Encrypt certs for CentOS mirrors
Valeri Galtsev
galtsev at kicp.uchicago.edu
Mon Jan 16 02:14:27 UTC 2017
On Sun, January 15, 2017 7:54 pm, Ryan Nix wrote:
> Terrific, thanks! The Certbot tool automatically configured Apache to
> redirect all requests to 443 so I’m glad to hear yum will accept https.
>
Could you elaborate on how certbot reconfigures apache to redirect http to
https on CentOS? How did you set certbot up, and which apache config
file(s) were changes as result to make that redirect happen in your case?
I do use certbot on FreeBSD with apache (in jails), and certbot
installation doesn't change anything in my case that can result in
redirect. Whenever I need redirect I do it manually in one of apache's
config files.
Valeri
>
>> On Jan 15, 2017, at 7:52 PM, Levi Pihema-Lindsay <levi at 2prointl.co>
>> wrote:
>>
>> Hey Ryan,
>>
>> It's perfectly okay for you to deploy a mirror with SSL and plain HTTP,
>> but bear in mind that mirrors will default to HTTP for simplicity
>> (however, if you manually specify a mirror, yum will accept HTTPS)
>>
>> -L
>>
>>> On 16/01/2017, at 2:48 PM, Ryan Nix <ryan.nix at gmail.com> wrote:
>>>
>>> Hi All,
>>>
>>> Still haven’t heard back about whether it’s ok to use SSL on our
>>> mirror. If it is, it looks like ours might be once of the first to do
>>> so? Not seeing any mirrors wth https:
>>> https://www.centos.org/download/mirrors/
>>>
>>> At any rate, if this ok to do, it would be great if all mirrors started
>>> adopting https on their public CentOS mirror. Certbot makes it
>>> incredibly easy to deploy a free Let’s Encrypt cert on your mirror,
>>> and it literally only takes about 30 seconds to run this nifty tool.
>>> https://certbot.eff.org
>>>
>>> - Ryan
>>>
>>>
>>>
>>> _______________________________________________
>>> CentOS-mirror mailing list
>>> CentOS-mirror at centos.org
>>> https://lists.centos.org/mailman/listinfo/centos-mirror
>>
>> _______________________________________________
>> CentOS-mirror mailing list
>> CentOS-mirror at centos.org
>> https://lists.centos.org/mailman/listinfo/centos-mirror
>
> _______________________________________________
> CentOS-mirror mailing list
> CentOS-mirror at centos.org
> https://lists.centos.org/mailman/listinfo/centos-mirror
>
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
More information about the CentOS-mirror
mailing list