I'll be performing some essential server maintenance beginning approximately 8pm tonight.
During this time Heartland will be unavailable, the server will probably be up and down a few times, and you may notice a few quirks and oddities with the site.
This should only take an hour or so, but keep an eye on our Twitter account if you want up-to-date status info:
https://twitter.com/heartlandforum
Thanks for your patience
Heartland downtime - Monday 10th April @ 8pm UK time
Righto boss.
Just off out panic buying to stock up for the "blackout"
Just off out panic buying to stock up for the "blackout"
- Quiff Boy
- Herr Administrator
- Posts: 16795
- Joined: 25 Jan 2002, 00:00
- Location: Lurking and fixing
- Contact:
For those of a more technical nature, or for anyone that's just plain old nosey, the SSL cert that allows the forum to run under https is due for renewal.
The existing SSL cert was purchased from namecheap and needs renewing. However, their renewal process is not automatic, so rather than renew and go through the whole faff of manually installing and configuring the new cert in apache I'm going to trash that one and install a new self-signed SSL cert using the rather groovy let's encrypt tool.
I'm hoping it will run as thus:
- install let's encrypt on the server
- create a new let's encrypt SSL cert
- update apache configs to point to the new cert
- sit back with a beer and watch it all work seamlessly
But things never pan out that way do they? I am not even 100% what will happen if I generate a new cert on the server role apache is pointing at an old one, or how seamlessly the config update will take
We'll see.
I've installed and created SSL certs using let's encrypt on my other servers and it's taken 2 minutes from start to end, but those sites weren't already running on SSL. Part of the complication I anticipate here is removing one config and adding another - I fear let's encrypt's tool may complain about the existing one until that's rolled out.
The main benefits of let's encrypt certs are that a) they're free and b) they can be renewed automatically. Renewing and manually installing a namecheap ssl is a PITA, so I figure trying to switch this over now is worth the pain...
See you on the other side.
The existing SSL cert was purchased from namecheap and needs renewing. However, their renewal process is not automatic, so rather than renew and go through the whole faff of manually installing and configuring the new cert in apache I'm going to trash that one and install a new self-signed SSL cert using the rather groovy let's encrypt tool.
I'm hoping it will run as thus:
- install let's encrypt on the server
- create a new let's encrypt SSL cert
- update apache configs to point to the new cert
- sit back with a beer and watch it all work seamlessly
But things never pan out that way do they? I am not even 100% what will happen if I generate a new cert on the server role apache is pointing at an old one, or how seamlessly the config update will take
We'll see.
I've installed and created SSL certs using let's encrypt on my other servers and it's taken 2 minutes from start to end, but those sites weren't already running on SSL. Part of the complication I anticipate here is removing one config and adding another - I fear let's encrypt's tool may complain about the existing one until that's rolled out.
The main benefits of let's encrypt certs are that a) they're free and b) they can be renewed automatically. Renewing and manually installing a namecheap ssl is a PITA, so I figure trying to switch this over now is worth the pain...
See you on the other side.
What’s the difference between a buffalo and a bison?
- Quiff Boy
- Herr Administrator
- Posts: 16795
- Joined: 25 Jan 2002, 00:00
- Location: Lurking and fixing
- Contact:
Again, for those of a more technical nature, or for anyone that's just plain old nosey, here's the details of Heartland's SSL Cert:
https://www.ssllabs.com/ssltest/analyze ... land.co.uk
https://www.ssllabs.com/ssltest/analyze ... land.co.uk
What’s the difference between a buffalo and a bison?