I would like to revive an old discussion: Having TLS for all Hoa’s domains.
I propose to choose https://letsencrypt.org.
Do you think this is possible? We must be careful because we have 2 domains for the website: hoa-project.net and static.hoa-project.net. We should force HTTPS with specific headers. We must be careful with caches & co.
Yes the support of lets encrypt is enough mature for me to be used. I’ve setup a certificate in 5min five minutes last week. The support of wildcard are still not ready but for out need I guess we can do one per subdomain.
You should know drop http for full https on website can have bad effect on natural SEO, links considered different, the ranking may be reset.
Yes the redirection is not a problem but search engine will consider https as new links and ranking will down on http link and https link will begin as new ranking. We could specify alternate and canonical links in meta but all of that is not clear even for Google support them self. I had this issues with e-commerce catalog but here maybe impact should less important.
Ok certs for three domains has been build together, DH 2048 bytes too, and i’ve also prepare nginx config, but it can’t work right now due to outdate version of nginx 1.2 not support stapling… I’ll finish tonight.
I’ve also open PR #100 for replace static link to https.
A bit struggle after update, only IPV6 was listen from nginx. bad configuration on all website config files.
the notation listen [::]80 is not correct and has been deprecated in new versions.
ipv4/ipv6 notation must use with two lines. listen 80; listen [::]:80;
Your PR has been merged and deployed with success on hoa-project.net. Also, I did something very similar to blog.hoa-project.net, also merged and deployed (PR #6).
Good catch for blog, I’ve forget this domain, i should include in let’s encrypt certs.
I’ve setup HTTPS on preview website but it seems be not up to date with the git repository.
Did you love SSL ? After fight with discourse header for make proxy work, I was wondering why any pages have no comments. It’s because the Jekxyl bot just created new thread. Like it’s based on full link, and https is another url…
Btw, this cannot work under preview.hoa due two domain validation.