[Qa-debsources] upcoming SSL cert expiry and letsencrypt
Matthieu Caneill
matt at brokenwa.re
Wed Nov 25 21:59:22 UTC 2015
On Wed, Nov 25, 2015 at 09:11:30PM +0100, Orestis Ioannou wrote:
> > Question for us is: do we want to renew via GlobalSign or, given the
> > timing, just go for Let's Encrypt? I'm inclined to prefer Let's Encrypt,
> > because I like the project a lot.
> >
> > The only caveat is that it's easier to keep on doing something we've
> > been doing up to now (in this case: something I have been doing) than to
> > switch to something new. Which brings me to the next question: is anyone
> > interested in volunteering into obtaining a Let's Encrypt certificate
> > for sources.debian.net, once that become possible? I'll be *very* happy
> > to pass that responsibility on to someone else, as long as it's someone
> > who is already a Debsources contributor. I can then work with that
> > person to install the certificate on the current Debsources server.
>
>
> I am really interested in lets encrypt and i am interested in doing this
> for Debsources, BUT, I have never installed SSL certificates and never
> really saw configs etc so there would be some learning curve for me. If
> you can bear me then i am happy to take the responsibility..
> (Evidently, if anyone has more experience and wants to go for it then go
> for it)
Hi everyone,
I'm also interested in Let's Encrypt, but didn't play with the beta,
so aside from the talk in Debconf I don't really know anything (and
certainly not more than you Orestis).
However I can back you up with the certificate installation
instructions for Apache, if needed. But as we already use SSL, it
should be a matter of replacing the key files.
Zack: do you know for how long the Let's Encrypt certificates will be
valid? 1 year?
Cheers,
--
Matthieu
More information about the Qa-debsources
mailing list