Custom Query (196 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:

Results (163 - 165 of 196)

45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65
Ticket Owner Reporter Resolution Summary
#48 presbrey andersk fixed SNI, giving certificates on *.scripts.mit.edu for FF 2 and IE 7
Description

Currently lockername.scripts.mit.edu gives a certificate error. We have a valid certificate for *.scripts.mit.edu but it is currently not used. The problem is that (modulo recent extensions) the HTTPS protocol doesn’t support sending the virtual host name before the server must decide which certificate to present.

There have been two proposed solutions. One is to use the SNI extension. This requires upgrading OpenSSL to at least 0.9.8f, patching mod_ssl, and using relatively recent browsers (old browsers will fall back to the current behavior).

The other is to move *.scripts.mit.edu to a separate IP from scripts.mit.edu, so that the server knows which certificate to present based on the IP. This is less general (we can’t extend this to work with arbitrary vhosts), but we could probably implement it now.

#55 quentin price fixed certificates on *.scripts.mit.edu as a separate IP address
Description

(Split out from #48.)

Currently lockername.scripts.mit.edu gives a certificate error on IE 6 and Safari. The problem is that (modulo the recent SNI extension) the HTTPS protocol doesn’t support sending the virtual host name before the server must decide which certificate to present. In #48, Joe installed SNI, which FF 2 and IE 7 understand.

To accomplish the highly desirable #17, we need to support these other browsers; many scripts users will not consider it acceptable that their viewers on IE 6 and Safari get certificate errors. To do this, we can move scripts.mit.edu to a separate IP from *.scripts.mit.edu, so that the server knows which certificate to present based on the IP.

#62 andersk fixed Unbreak phpMyAdmin
Description

The phpMyAdmin installation(s) in the sql locker are old and somewhat screwed up. geofft was going to fix this but he went to sleep, so I’m recording the necessary steps here as a reminder.

  • svn co https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/tags/STABLE/phpMyAdmin
  • Copy config.sample.inc.php to config.inc.php.
    • Set $cfg['blowfish_secret'] to a secure random value.
    • Set $cfg['Servers'][$i]['host'] = 'sql.mit.edu'
    • Set $cfg['Servers'][$i]['extension'] = 'mysqli'
    • Set $cfg['ForceSSL'] = TRUE
  • Copy /etc/php.ini to php.ini.
    • Add the mcrypt and mysqli extensions.

The patches and .htaccess redirect are then unnecessary, and future upgrades will be as simple as svn up. (Example: <https://andersk.scripts.mit.edu/phpMyAdmin/>.)

45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65
Note: See TracQuery for help on using queries.