Let's Encrypt
by Volker Weber
As part of the move, vowe.net also goes https. All web traffic should be encrypted.
The plumbing is already perfect, but there were kinks in the code. Mostly in the code that I have written a long time ago. Let me know if you see things that are broken.
Comments
and http2. It was about time ;-)
At least on my side there are some http links left over for comments
form method="post" action="http://vowe.net/cgi-bin/mt-cmmnt.cgi" name="
Deine DuckDuckGo-Search läuft noch über HTTP.
Work in progress, work in progress. We do it old school and develop on the live site. :-)
Everybody has a testing environment. Some people are lucky enough enough to have a totally separate environment to run production in. :-)
@Daniel We're in a bit of a hurry here and I don't have that many spare servers anymore ;) Forms should now be secure, btw.
Thanks for understanding, Daniel.
Nice move!
We should be good now. Please comment if you see things that are broken.
Would be interested what tooling you used for the letsencrypt certificates mechanics.
A simple manual initial request using certbot and an automated refresh setup using Jenkins in the backend and a bit of nginx config magic on the frontend.
Hier steckt noch ein HTTP-Link:
Mixed Content: The page at 'https://vowe.net/contact.php' was loaded over HTTPS, but requested an insecure image 'http://vowe.net/assets/qrlink2vcard.png'. This content should also be served over HTTPS.
Danke, Enrico.
http-link auf about.php jeweils in den "by Volker Weber" links unter den Überschriften, auch wenn sie dann auf https umgeleitet werden.
Fixed, danke Markus.
ich bin mir nicht sicher, ob das vorher ging, aber www.vowe.net läuft ins Leere
@Samuel: Ich lande auf der Homepage...