PSA: HTTPS is coming, stuff may break


(Sam) #1

Hey all,

I’m about to land https://github.com/fxbox/foxbox/pull/281. As I do this, I’ll be updating the registration server on knilxof.org. This means registration will fail to succeed if you don’t update to the latest version of foxbox and the app. If you run the registration server locally, now is a good time to update to master.

You will also need to update your version of the app once https://github.com/fxbox/app/pull/27 is merged.

Sam


(David Teller) #2

Can this wait until monday? We’re in a demo sprint.


(Sam) #3

It’s needed for the demo.


(David Teller) #4

Ignore me, then :slight_smile:


(Sam) #5

Sorry this hasn’t been smooth :cry:
Update:

  1. You’ll need to start with a fresh certs directory.
  2. You may hit letsencrypt staging server limits, if that’s the case, use --disable-tls and try again tomorrow - we don’t know what the limits really are.
  3. There is an issue with the letsencrypt dns-01 challenge on linux - we’re using curl, which is built against gnutls by default in most distros - this isn’t playing nicely with the pem.
  4. There may be OpenSSL version issues causing weirdness.

If you see something, file an issue in Github :).


(Fabrice) #6

about 3. we need to check what’s happening on the RPi.


(David Teller) #7

I’m not familiar at all with this, so my question may be very naive, but would it be better if we used Hyper’s http client (which is already in foxbox) + rust-OpenSSL to solve this challenge?