Obsolete:SSL Certificates/SSL
(Redirected from SSL Certificates/SSL)
An experimental SSL-encrypted interface to our Wikimedia wikis is being set up on secure.wikimedia.org. It's running on goeje at the moment, one of our old Apache boxen switched to the other network.
Configuration notes
Apache 2.2.0 is installed from /h/w/s/packages/install-apache22; this installs into /usr/local/apache22. Do *not* try to run the /usr/local/apache copy of apache on this machine!
PHP 5.1.1 is installed from /h/w/s/packages/install-apache51, plus APC for opcode caching.
These experimental installers don't add shared configuration files; so there is:
- custom Apache config and SSL cert in /usr/local/apache22/conf
- tweaked php.ini in /usr/local/php5/lib
Certificates
We are now set up with CAcert to issue SSL certificates which are a step above self-signed certs for verifiability (eg protection against MitM proxies). See CAcert for more info.
Other SSL bits
Running
- https://fundraising.wikimedia.org/
- donation lists etc
- on friedrich
- cert expires in March 2008
- https://ticket.wikimedia.org/ is this obsolete?
- OTRS *shudder*
- on ragweed