tdf.io needs a certificate
log in yourls without secure connection... :-(
#1 Updated by Florian Effenberger about 2 years ago
The (mid-term) plan was to go with StartSSL wildcard certificate for the
main sites and try Let's Encrypt for other VMs. Sounds like an ideal
test case for the latter one - Dennis, would you like to give Let's
Encrypt a try on this?
I know it's only valid for 90 days, but would make a good test case.
#2 Updated by Guilhem Moulin 11 months ago
- Status changed from New to Closed
- Assignee set to Guilhem Moulin
Oops wasn't aware of this ticket. https://tdf.io is available since mid January, and distributing to https://tdf.io/$shortlink should be preferred over their http:// counterpart. They both 301-redirect to the location set in the YOURLS database. OTOH http://tdf.io/admin 301-redirects to its https:// counterpart in order to protect logins.
Moreover since about 2-3 weeks YOURLS uses SAML 2.0 for authentication: unauthenticated users are redirected to the central auth portal, and then back to https://tdf.io/admin after authentication.