Allow HTTPS to access the hackergarten website

Question

Allow HTTPS to access the hackergarten website

McPringle opened this issue 8 years ago · 17 comments

McPringle commented 8 years ago

sclassen commented 6 years ago

+1

Answer 1 · 2016-10-25T16:01:57.000Z

You just need to accept that certificate ;-)

No, seriously, I did a little google on this:

Unfortunately, what I understood, SSL is not fully supported for custom domains.
Also, as we do not have any login, SSL would be nice, but does not look crucial to me ;-)

Answer 2 · 2018-05-02T17:59:52.000Z

This might bring some movement to this issue: https://blog.github.com/2018-05-01-github-pages-custom-domains-https/

Answer 3 · 2018-05-04T06:24:50.000Z

That could be a topic for the May Hackergarten in Basel…

Answer 4 · 2018-06-21T18:49:56.000Z

According to

we need to add an CAA DNS record entry: https://letsencrypt.org/docs/caa/

I'll see that I talk to the right people about that.

Answer 5 · 2018-11-01T20:46:00.000Z

Who has access to the DNS record of hackergarten.net? We should work on this soon, some actual browsers warn the user that hackergarten.net is not safe to visit…

Answer 6 · 2018-11-06T10:05:42.000Z

Working on it, reached out to the Hackergarten initiator @HamletDRC :)

Answer 7 · 2018-11-07T16:27:26.000Z

I can edit the DNS entry. Which of these do I need to modify?

        <option value="">-- Select below --</option>
        <option value="NSV">Private Nameserver</option>
        <option value="NSA">NS Record</option>
        <option value="MX">MX Record</option>
        <option value="CNAME">CNAME Alias</option>
        <option value="A">A Record</option>
        <option value="TXT">TXT/SPF Record</option>
        <option value="DKIM">DKIM Record</option>
        <option value="DMARC">DMARC Record</option>

Answer 8 · 2018-11-07T16:28:20.000Z

There is also an option to enable "Let's Encrypt Free SSL".

Answer 9 · 2018-11-07T16:28:27.000Z

(this is hosted at Dotster)

Answer 10 · 2018-11-07T16:32:29.000Z

OK, I changed the nameservers to point at the Dotster name servers and then enabled the Free SSL.
The nameservers had been dns1.canoo.ch and dns2.canoo.ch

I suspect that the website might be broken once the DNS records update 👍

Answer 11 · 2018-11-08T06:58:01.000Z

@HamletDRC thanks a lot for looking into this :)

I think according to https://help.github.com/articles/setting-up-an-apex-domain/ you need to setup a "A Record" to those IP adresses:

    185.199.108.153
    185.199.109.153
    185.199.110.153
    185.199.111.153

HTTPS via the hoster will not work, but it can be provided from github, then: https://help.github.com/articles/securing-your-github-pages-site-with-https/

Answer 12 · 2018-11-08T07:07:18.000Z

I changed the nameservers to point back to Canoo to bring the website back. Please note that because of the way name servers work, it may take up to 24 hours for your changes to take effect.
After the http domain is back then I'll update these A records.

Answer 13 · 2018-11-08T07:14:06.000Z

@HamletDRC using you providers DNS is the way to go, as the A record would be created and served from there. Migrating away from Canoo's DNS is what we should do (see my email ;-) ).

Answer 14 · 2019-07-19T07:50:32.000Z

At Hackergarten Basel July 2019 we actually had the chance to sit together and work on this. Should be solved as soon as DNS updates are through :)

Answer 15 · 2019-07-19T08:08:07.000Z

Works like a charm! Cool stuff!

Answer 16 · 2019-07-22T08:31:22.000Z

Finally solved, yay :D 💃