On Thursday, May 31, 2012 at 10:50 AM, Thijs Alkemade wrote:
> > On 31 mei 2012, at 17:03, Evan Kinney wrote: > > > So the current cert from StartCom has SANs for adiumx.com > > (http://adiumx.com) (listed twice), adium.im (http://adium.im), and > > adiumxtras.com (http://adiumxtras.com) and a CN of adiumx.com > > (http://adiumx.com). > > > > What ever happened to the talks forever ago about forming an LLC or some > > other sort of 501(c)(3)? StartCom offers organization-level validation for > > their certs. They also let you request a wildcard CN as well as multiple > > SANs, and they're the cheapest I've found at $59.50/year. Thijs wrote: > I think since Adium is part of IMFreedom, that counts as an 501(c)(3). > Whether this means it's cheaper to order via them at the same place Pidgin > did, I don't know, but it's probably best to have them do the validation > anyway. > > Absolutely. We're part of Instant Messaging Freedom, Inc., which is a registered 501(c)(3) not-for-profit. We could certainly get a cert under that banner. I don't know if Pidgin's cert is via them or not; is there an easy way to check, or should we just email the pidgin list and ask? > > > > Thawte offers free certs to open source projects (or, at least, they used > > to a few years ago). > > > > In related news, it looks like SSL is only actually working properly(-ish) > > on trac.adium.im (http://trac.adium.im) right now. All the other URIs > > return an "unknown protocol" error because the web server is sending back a > > 501 and saying "GET /index.html" isn't supported in response to the TLS > > handshake request. > > > > Also, it seems SSL is simply not enabled on other subdomains. > http://adium.im:443/ redirects to > http://adium.im:443/cgi-sys/defaultwebpage.cgi. > > > Would either of you like to head up getting this fixed? I'm not very familiar with server administration, so while I'm happy to take care of getting whatever cert we need, I'd as likely break the site as fix the SSL problem. -Evan
