Task #2039
closedtdf.io needs a certificate
0%
Description
log in yourls without secure connection... :-(
Updated by Florian Effenberger over 7 years ago
The (mid-term) plan was to go with StartSSL wildcard certificate for the
main sites and try Let's Encrypt for other VMs. Sounds like an ideal
test case for the latter one - Dennis, would you like to give Let's
Encrypt a try on this?
I know it's only valid for 90 days, but would make a good test case.
Updated by Guilhem Moulin over 6 years ago
- Status changed from New to Closed
- Assignee set to Guilhem Moulin
Oops wasn't aware of this ticket. https://tdf.io is available since mid January, and distributing to https://tdf.io/$shortlink should be preferred over their http:// counterpart. They both 301-redirect to the location set in the YOURLS database. OTOH http://tdf.io/admin 301-redirects to its https:// counterpart in order to protect logins.
Moreover since about 2-3 weeks YOURLS uses SAML 2.0 for authentication: unauthenticated users are redirected to the central auth portal, and then back to https://tdf.io/admin after authentication.