[LON-CAPA-admin] Re: LON-CAPA-admin digest, Vol 1 #786 - 2 msgs

Douglas Chorpita d.chorpita at rz.uni-frankfurt.de
Fri Feb 13 08:59:08 EST 2009


Hi,

Here in Frankfurt, we are using a single wildcard certificate for 
various URLs with https-protocol. It works fine.

wildcard: https://*.server.uni-frankfurt.de

Our single lon-capa server is:

https://lon-capa-base1.server.uni-frankfurt.de, and the currently 
eqivalent alias: https://lon-capa.server.uni-frankfurt.de

We have several other URLs using the same wildcard certificate.

For example:

https://webct.server.uni-frankfurt.de
https://webmail.server.uni-frankfurt.de
https://bscw.server.uni-frankfurt.de
https://nps.server.uni-frankfurt.de

Douglas Chorpita

d.chorpita at rz.uni-frankfurt.de
E-Learning Center am HRZ
Goethe-Universität Frankfurt am Main



lon-capa-admin-request at mail.lon-capa.org escreveu:
> Send LON-CAPA-admin mailing list submissions to
> 	lon-capa-admin at mail.lon-capa.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin
> or, via email, send a message with subject or body 'help' to
> 	lon-capa-admin-request at mail.lon-capa.org
>
> You can reach the person managing the list at
> 	lon-capa-admin-admin at mail.lon-capa.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of LON-CAPA-admin digest..."
>
>
> Today's Topics:
>
>    1. https for loncapa (H.K. Ng)
>    2. Re: https for loncapa (Gerd Kortemeyer)
>
> --__--__--
>
> Message: 1
> Date: Wed, 11 Feb 2009 14:27:18 -0500
> To: lon-capa-admin at mail.lon-capa.org
> From: "H.K. Ng" <hkng at fsu.edu>
> Subject: [LON-CAPA-admin] https for loncapa
> Reply-To: lon-capa-admin at mail.lon-capa.org
>
> Hi,
>
> I am planning on implementing secure transactions for all the fsu 
> loncapa servers using a wildcard server certificate 
> (*.loncapa.fsu.edu) but unfortunately the servers have canonical name 
> loncapax.fsu.edu where x is a number except for the balancer 
> (loncapa.fsu.edu). So for the certificate to work, I need to rename 
> the server to something like s1.loncapa.fsu.edu (alias) for 
> loncapa1.fsu.edu (canonical name) etc. Is anyone using wildcard 
> server certificate for your loncapa servers using an alias name? 
> After some fiddling around I managed to get one server to work but 
> has not check the affect if the balancer transfers the session to 
> that server. Also, a few months ago, I noticed a number of cvs 
> commits checking if https is on but I did not see an mention of this 
> in version 2.8.0. Any idea when https will become available?
>
> Thanks,
> -hk
>
>
> --__--__--
>
> Message: 2
> Cc: "lon-capa-admin at mail.lon-capa.org" <lon-capa-admin at mail.lon-capa.org>
> From: Gerd Kortemeyer <korte at lite.msu.edu>
> To: "lon-capa-admin at mail.lon-capa.org" <lon-capa-admin at mail.lon-capa.org>
> Subject: Re: [LON-CAPA-admin] https for loncapa
> Date: Wed, 11 Feb 2009 15:15:28 -0500
> Reply-To: lon-capa-admin at mail.lon-capa.org
>
> Hi Hon-Kie,
>
> My experience with the certificate companies has consistently been  
> unpleasant.
>
> One possibility would be to just https the load balancing machine,  
> since that is the only box where the students type in passwords.
>
> Another possibility would of course be to use self-signed certificates  
> and tell the students to ignore the warning.
>
> - Gerd.
>
> Please excuse brevity, sent from iPod.
>
>
> On Feb 11, 2009, at 2:27 PM, "H.K. Ng" <hkng at fsu.edu> wrote:
>
>   
>> Hi,
>>
>> I am planning on implementing secure transactions for all the fsu  
>> loncapa servers using a wildcard server certificate  
>> (*.loncapa.fsu.edu) but unfortunately the servers have canonical  
>> name loncapax.fsu.edu where x is a number except for the balancer  
>> (loncapa.fsu.edu). So for the certificate to work, I need to rename  
>> the server to something like s1.loncapa.fsu.edu (alias) for  
>> loncapa1.fsu.edu (canonical name) etc. Is anyone using wildcard  
>> server certificate for your loncapa servers using an alias name?  
>> After some fiddling around I managed to get one server to work but  
>> has not check the affect if the balancer transfers the session to  
>> that server. Also, a few months ago, I noticed a number of cvs  
>> commits checking if https is on but I did not see an mention of this  
>> in version 2.8.0. Any idea when https will become available?
>>
>> Thanks,
>> -hk
>>
>> _______________________________________________
>> LON-CAPA-admin mailing list
>> LON-CAPA-admin at mail.lon-capa.org
>> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin
>>     
>
>
> --__--__--
>
> _______________________________________________
> LON-CAPA-admin mailing list
> LON-CAPA-admin at mail.lon-capa.org
> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin
>
>
> End of LON-CAPA-admin Digest
>   




More information about the LON-CAPA-admin mailing list