DaemonForums  

Go Back   DaemonForums > DaemonForums.org > Forum Announcements

Forum Announcements Announcements regarding DaemonForums.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 3 Days Ago
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,896
Default HTTPS enabled

It has taken a while, but I finally found a solution for enabling HTTPS for Daemonforums
I configured an OpenBSD relayd to do the HTTPS with a SSL certificate from https://SSLs.com

The same relayd forwards the decrypted https requests to the original daemonforums site through an encrypted connection. It also receives the http answers through this encrypted connection, wraps them with SSL into HTTPS and sends it to the client.

There are some issues that have to be ironed out. But those are mainly in the administration side.

Also the current relayd will be retired about the 20th of August. I have to migrate it to another VPS. So please be prepared to encounter some availability issues around that date. I will make an announcement which specific date and time.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 3 Days Ago
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,896
Default

From https://ssllabs.com/ we get an A+ rating for their SSL Server Test.

Firefox on my Lenovo tablet still complains the connection is insecure, but that is probably because of the minor reverse DNS issue:
Code:
$ dig +short daemonforums.org
136.144.199.186

$ dig +short -x 136.144.199.186
siralas.nl.
The reverse DNS should return daemonforums.org but it does not yet .....
Attached Images
File Type: png Firefox-insecure.png (143.9 KB, 2 views)
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump

Last edited by J65nko; 3 Days Ago at 01:09 AM.
Reply With Quote
  #3   (View Single Post)  
Old 1 Day Ago
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,896
Default

I just found and fixed the issue why Firefox complains "the connection is not secure" although it served over https.

The issue is called 'mixed content'. This happens when a web page is served over https but then loads for example images over http. See https://web.dev/what-is-mixed-conten...ource=devtools

If you look at the bottom of the page, you see a link to Marshall Kirk McKusick web site concerning the BSD daemon image copyright. The link was "http://www.mckusick.com"
Changing that to "https://" solved it. There were a couple more but those were easily solved in the forum options administration panel.

So now Firefox also finds daemonforums.org secure .....
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenBSD The vmm(4) hypervisor has been enabled jggimi News 6 15th December 2016 01:23 PM
OpenBSD ART enabled in OpenBSD current e1-531g News 0 26th March 2016 01:38 PM
OpenBSD tmpfs Enabled in -current J65nko News 0 17th December 2013 02:38 PM
Trouble with ftp with pf enabled kasse FreeBSD General 8 24th August 2008 11:25 PM
Problem using pkg with pf enabled aleunix FreeBSD Security 2 25th July 2008 11:43 PM


All times are GMT. The time now is 05:19 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick