OpenBSD site SSL

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenBSD site SSL

John Darrah
Hi. Would it be possible to get SSL on the OpenBSD website(s)?
It would be just a couple lines to change in nginx.conf/httpd.conf.
SSL certificates are free from Startcom and cheap from other vendors.
It would be really nice to have, even if it's not the default. I feel naked
viewing the site over plain http. Thanks.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD site SSL

Stuart Henderson-6
On 2013/10/11 22:42, John Darrah wrote:
> Hi. Would it be possible to get SSL on the OpenBSD website(s)?
> It would be just a couple lines to change in nginx.conf/httpd.conf.
> SSL certificates are free from Startcom and cheap from other vendors.
> It would be really nice to have, even if it's not the default.

If doing this at all, running it from a private CA would imho make a lot
more sense than agreeing to the contractual requirements of a commercial CA.

> I feel naked viewing the site over plain http. Thanks.

really?

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD site SSL

Marc Espie-2
On 2013/10/11 22:42, John Darrah wrote:
> Hi. Would it be possible to get SSL on the OpenBSD website(s)?
> It would be just a couple lines to change in nginx.conf/httpd.conf.
> SSL certificates are free from Startcom and cheap from other vendors.
> It would be really nice to have, even if it's not the default.

> I feel naked viewing the site over plain http. Thanks.

We can see you naked. Bwahahahahah !

Come on, seriously ?

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD site SSL

Craig Skinner-3
In reply to this post by John Darrah
On 2013-10-11 Fri 22:42 PM |, John Darrah wrote:
> Hi. Would it be possible to get SSL on the OpenBSD website(s)?

Please don't.

That would slow it down & eliminate cachability - increasing network
load & costs.

There's no personal data & no point.

Anyway, THIS email is being sent in clear text from Scotland to Canada.
It will also be archived and published on several public websites.

Regards,
--
Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD site SSL

Sunny
In reply to this post by Stuart Henderson-6
On 12/10/2013 19:54, Stuart Henderson wrote:
> On 2013/10/11 22:42, John Darrah wrote:
>> Hi. Would it be possible to get SSL on the OpenBSD website(s)?
>> It would be just a couple lines to change in nginx.conf/httpd.conf.
>> SSL certificates are free from Startcom and cheap from other vendors.
>> It would be really nice to have, even if it's not the default.
> If doing this at all, running it from a private CA would imho make a lot
> more sense than agreeing to the contractual requirements of a commercial CA.
>
And how would you go about distributing private CA cert securely?

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD site SSL

Stuart Henderson-6
On 2013/10/22 10:46, Sunny wrote:

> On 12/10/2013 19:54, Stuart Henderson wrote:
> >On 2013/10/11 22:42, John Darrah wrote:
> >>Hi. Would it be possible to get SSL on the OpenBSD website(s)?
> >>It would be just a couple lines to change in nginx.conf/httpd.conf.
> >>SSL certificates are free from Startcom and cheap from other vendors.
> >>It would be really nice to have, even if it's not the default.
> >If doing this at all, running it from a private CA would imho make a lot
> >more sense than agreeing to the contractual requirements of a commercial CA.
> >
> And how would you go about distributing private CA cert securely?
>

in /etc/ssl/cert.pem. if you don't trust that, then neither can you trust
the ssl libraries, browsers, etc.