Install SSL certificate on data.doe.fm
Issue #514
on hold
We should not rollout further without securing the site??
Comments (4)
-
-
Yep, unfortunately they are using port 443 for Exchange WebMail @ https://data.doe.fm/owa/auth/logon.aspx?
-
reporter
- changed status to on hold
To my mind, we need to find a solution to this...
-
Couple of options.
- We request for another public IP from ISP.
- We setup a proxy server handling all 80/443 requests and sending to their respective servers
- Use different ports (good as short term but to be eventually sorted properly)
- Log in to comment
Sure. They have a cert though I don't know if they pay for the wildcard one. There is also the possibility to use https://letsencrypt.org/ which I have used for https://training.pacific-emis.org/ but needs proper HTTPS access publicly. Since I'm not the one that setup the original FedEMIS (Andrew did) and the firewall (I think also Andrew did) I'm not sure the 443 port will bbe available publicity without disturbing the way existing services work (e.g. webmail). Please discuss this with Weison/David and I will also send email to Andrew.