On Fri, 31 Jul 2015 11:05:15 +1200
Mike Forbes mi...@nzrs.net.nz wrote:
If we were to serve this using the HKPS cert I imagine it would throw
a certificate warning for most people who haven't imported the
hkps.pool.sks-keyservers.net CA.
If you want to use hkps.pool.sks-keyservers.net with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 31.07.2015 at 01:05, Mike Forbes wrote:
So now begins the task of trying to make HKPS and SSL and SKS all work
together.
Currently we're serving up our main pgp pages with our own SSL cert
(https://pgp.net.nz)
If we were to serve this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Here's the nginx config I use for my server. This setup tries
to be the most secure with HTTPS and HSTS with cert pinning.
Also, the cipher list is 100% forward secrecy and uses a strong
4096 dhparam.
Unfortunately, the only downside is that if you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
We've managed to get an HKPS cert from Kristian (thanks!)
So now begins the task of trying to make HKPS and SSL and SKS all work
together.
Currently we're serving up our main pgp pages with our own SSL cert
(https://pgp.net.nz)
If we were to
Hi, Mike,
My question is, how have other people managed to get HKPS working
together with their own SSL certs?
I'm doing this with the Apache web server for
https://keyserver.zap.org.au/, which is part of the SSL pool. Here
are the appropriate config file sections; hope this helps:
# For
Here is my nginx configuration that I use for my server. Obviously some
of it would need to be customized and it is setup to support my 3 SKS
nodes.
upstream sks_servers {
least_conn;
server 127.0.0.1:11371;
server xx.xx.xx.228:11371;
server xx.xx.xx.229:11371;
}