Page MenuHomePhabricator talks HTTP but not HTTPS
Closed, ResolvedPublic


Apache is not even configured on port 443. I doubt we want to get an extra SSL cert for a simple redirect domain, but I'm not sure what the rules are for putting the * cert on more boxes

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

That redirect only exists because it used to be an "It works!" Apache site in the past and i thought it was ugly so redirected it to that meta page a long time ago. So it's really just a courtesy thing to get people to docs who try in their browser.

No, we don't want to put the cert on more boxes. Instead we could ask why there is an Apache on this in the first place and remove it entirely

Change 280342 had a related patch set uploaded (by Dzahn): - remove Apache

@Krenair what do you think about removing the Apache from that entirely, also HTTP?

Sounds fine. I think it'd be nice if we can find a way to serve the redirect from misc-web-lb, but that's probably not feasible.

Having an HTTP response on the hostname is quite important for discoverability. However I think it's fine to leave out for this particular service for now given it's already well-established and in the process of soon being deprecated.

We still need to figure out a solution for this kind of problem for other services, however.

The only way I can think of to get out of having to put a certificate on the box would be to forward traffic on ports 80 and 443 to misc-web-lb, but then varnish wouldn't get the end user IP etc.

Change 280342 merged by Dzahn: - remove Apache

done. removed Apache and config from argon. removed puppet role, class, template...

Dzahn removed a project: Patch-For-Review.