Hi all, I've quite successfully started to properly configure my web server to use quite strong https settings (getting A+ ratings on ssllabs.com's tests). However, I "burnt" the certificate for book.openlilylib.org when trying to get scripted assistance in the process (managed to overwrite the private key ...).
This "book" is a quite important project that I'll very soon re-suggest for collaboration here (currently you can access its stub at https://textbook.openlilylib.org). I'm not sure how to proceed now and would like to get some opinions. I see four options: 1) Use another subdomain (like the current "textbook" replacement). Any suggestions welcome. 2) Get a new certificate from cacert.org. Which has the upside of being "free" and the downside that it requires visitors to either install cacert's root certificate in their browser or accept the security exception. 3) Get a new (free) certificate from another CA that is supported by the major browsers. Here I'd be happy about suggestions (except cacert and startssl.com) 4) Revoke the current ("burnt") startssl.com certificate and create a new one for book.openlilylib.org. This would require someone donating $25 for the revocation fee. Any suggestions? TIA Urs -- Urs Liska www.openlilylib.org _______________________________________________ lilypond-user mailing list [email protected] https://lists.gnu.org/mailman/listinfo/lilypond-user
