[CentOS-mirror] Let's Encrypt certs for CentOS mirrors
Ryan Nix
ryan.nix at gmail.com
Mon Jan 16 02:28:27 UTC 2017
Wish I could tell, but that is part of the magic. It’s literally just “certbot —apache”, go through the prompts, and voila, everything was configured. :)
> On Jan 15, 2017, at 8:14 PM, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote:
>
>
> On Sun, January 15, 2017 7:54 pm, Ryan Nix wrote:
>> Terrific, thanks! The Certbot tool automatically configured Apache to
>> redirect all requests to 443 so I’m glad to hear yum will accept https.
>>
>
> Could you elaborate on how certbot reconfigures apache to redirect http to
> https on CentOS? How did you set certbot up, and which apache config
> file(s) were changes as result to make that redirect happen in your case?
>
> I do use certbot on FreeBSD with apache (in jails), and certbot
> installation doesn't change anything in my case that can result in
> redirect. Whenever I need redirect I do it manually in one of apache's
> config files.
>
> Valeri
>
>>
>>> On Jan 15, 2017, at 7:52 PM, Levi Pihema-Lindsay <levi at 2prointl.co <mailto:levi at 2prointl.co>>
>>> wrote:
>>>
>>> Hey Ryan,
>>>
>>> It's perfectly okay for you to deploy a mirror with SSL and plain HTTP,
>>> but bear in mind that mirrors will default to HTTP for simplicity
>>> (however, if you manually specify a mirror, yum will accept HTTPS)
>>>
>>> -L
>>>
>>>> On 16/01/2017, at 2:48 PM, Ryan Nix <ryan.nix at gmail.com <mailto:ryan.nix at gmail.com>> wrote:
>>>>
>>>> Hi All,
>>>>
>>>> Still haven’t heard back about whether it’s ok to use SSL on our
>>>> mirror. If it is, it looks like ours might be once of the first to do
>>>> so? Not seeing any mirrors wth https:
>>>> https://www.centos.org/download/mirrors/ <https://www.centos.org/download/mirrors/>
>>>>
>>>> At any rate, if this ok to do, it would be great if all mirrors started
>>>> adopting https on their public CentOS mirror. Certbot makes it
>>>> incredibly easy to deploy a free Let’s Encrypt cert on your mirror,
>>>> and it literally only takes about 30 seconds to run this nifty tool.
>>>> https://certbot.eff.org
>>>>
>>>> - Ryan
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> CentOS-mirror mailing list
>>>> CentOS-mirror at centos.org
>>>> https://lists.centos.org/mailman/listinfo/centos-mirror
>>>
>>> _______________________________________________
>>> CentOS-mirror mailing list
>>> CentOS-mirror at centos.org
>>> https://lists.centos.org/mailman/listinfo/centos-mirror
>>
>> _______________________________________________
>> CentOS-mirror mailing list
>> CentOS-mirror at centos.org <mailto:CentOS-mirror at centos.org>
>> https://lists.centos.org/mailman/listinfo/centos-mirror <https://lists.centos.org/mailman/listinfo/centos-mirror>
>>
>
>
> ++++++++++++++++++++++++++++++++++++++++
> Valeri Galtsev
> Sr System Administrator
> Department of Astronomy and Astrophysics
> Kavli Institute for Cosmological Physics
> University of Chicago
> Phone: 773-702-4247
> ++++++++++++++++++++++++++++++++++++++++
> _______________________________________________
> CentOS-mirror mailing list
> CentOS-mirror at centos.org <mailto:CentOS-mirror at centos.org>
> https://lists.centos.org/mailman/listinfo/centos-mirror <https://lists.centos.org/mailman/listinfo/centos-mirror>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-mirror/attachments/20170115/d6ea8419/attachment.html>
More information about the CentOS-mirror
mailing list