hours, totalhours changed

chris — Mon, 05 Oct 2015 10:48:11 GMT
hours changed from 0.0 to 0.4
totalhours changed from 0.0 to 0.4
paul — Mon, 05 Oct 2015 17:25:05 GMT
Sounds good :)
On Mon, Oct 5, 2015 at 11:48 AM, Transition Technology Trac <
trac@tech.transitionnetwork.org> wrote:
> #875: Free HTTPS certificates from Let's Encrypt
> -------------------------------------+-------------------------------------
>                  Reporter:  chris    |                Owner:  chris
>                      Type:           |               Status:  new
>   maintenance                        |            Milestone:  Maintenance
>                  Priority:  major    |             Keywords:
>                 Component:  Live     |  Add Hours to Ticket:  0.4
>   server                             |          Total Hours:  0
> Estimated Number of Hours:  0        |
>                 Billable?:  1        |
> -------------------------------------+-------------------------------------
>  From mid November 2015 [https://www.letsencrypt.org/ Let's Encrypt]
> should
>  be live, providing free SSL/TLS certificates. Currently the TN pays for a
>  Gandi wild card cert, costing £130.50 a year, in addition most the
>  WordPress sites on ParrotServer don't have certs due to the cost, see
>  ticket:540.
>
>  The [https://github.com/letsencrypt/letsencrypt Let's Encrypt code] is
>  designed to be set up to run automatically -- certs are only valid for 90
>  days and the automatic renewal process runs when the cert is 60 days old.
>
>  We should consider if we want to use [https://www.letsencrypt.org/ Let's
>  Encrypt] and what things would need to be put in place to use it, the wild
>  card cert is due to expire on 22/01/16.
>
>  1. PuffinServer -- are we still going to be running PuffinServer in
>  January 2016? Is there any chance that we might be able to consider the
>  suggestions in ticket:754#comment:61? I'm not sure if I want to spend time
>  trying to get Let's Encrypt working with [ticket:872 a old version of
>  BOA], up to date versions of BOA might
>  [https://github.com/omega8cc/boa/issues/500 support it out of the box].
>  2. PenguinServer -- this site hosts a lot of sites, see
>  [https://penguin.transitionnetwork.org/ the listing], automating Let's
>  Encrypt would probably be a hour or two of work, it might makes sense to
>  upgrade it to Debian Jessie at the same time.
>  3. ParrotServer -- I suggest we rebuild this server from scratch, this
>  would enable it to have the latest version of the
>  [https://docs.webarch.net/wiki/Webarch_Secure_Hosting Webarch Secure
>  Hosting scripts] and this include support for fail2ban for WordPress and
>  phpMyAdmin, thus solving ticket:871 and includes automatic provisioning of
>  Let's Encrypt certs for sites.
>
>  What do people think?
>
> --
> Ticket URL: <https://tech.transitionnetwork.org/trac/ticket/875>
> Transition Technology <https://tech.transitionnetwork.org/trac>
> Support and issues tracking for the Transition Network Web Project.
>
--
Paul Booker
Drupal Support for Websites and Linux Servers
Website: http://www.paulbooker.co.uk
Tel: +44 01922 861636
Transition Technology: Ticket #875: Free HTTPS certificates from Let's Encrypt

hours, totalhours changed
