<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Title" content="">
<meta name="Keywords" content="">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Monaco;
panose-1:2 0 5 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.msoIns
{mso-style-type:export-only;
mso-style-name:"";
text-decoration:underline;
color:teal;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body bgcolor="white" lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">Peter, what is biopython doing re: HTTPS for biopython.org?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">chris<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-left:.5in"><b><span style="font-size:12.0pt;color:black">From:
</span></b><span style="font-size:12.0pt;color:black">Bioperl-l <bioperl-l-bounces+cjfields=illinois.edu@mailman.open-bio.org> on behalf of Shyam Saladi <saladi1@illinois.edu><br>
<b>Date: </b>Thursday, September 14, 2017 at 11:01 PM<br>
<b>To: </b>Hilmar Lapp <hlapp@drycafe.net><br>
<b>Cc: </b>Peter Cock <p.j.a.cock@googlemail.com>, Bioperl BioPerl <bioperl-l@bioperl.org>, Carnë Draug <carandraug+dev@gmail.com><br>
<b>Subject: </b>Re: [Bioperl-l] Bad SSL certificate at bioperl.org<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
</div>
<div>
<div>
<p class="MsoNormal" style="margin-left:.5in">Not sure, perhaps there was some change on Cloudflare's side recently. In case it's helpful, my "Crypto" configuration is here:
<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.dropbox.com_s_di47zjxp38yw0ar_Crypto-5FCloudflare.pdf-3Fdl-3D0&d=DwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=fbHa8Njtvh9VmSnzJxiEUTW9NWDwMMwQAzhgZDO41GQ&m=hBTIXay26WRpRjY2iI2G3bgZMAReDlHFATWxqCCfP4I&s=XCU6iHG5B05AK3samuJLEAvWSdu3fMUaOKgMT5zK6D8&e=">
https://www.dropbox.com/s/di47zjxp38yw0ar/Crypto_Cloudflare.pdf?dl=0</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in">My personal site is similarly hosted with ghpages, and I set Cloudflare up about a month ago. HTTPS redirection seems to work ok (try
<a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__shyam.saladi.org&d=DwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=fbHa8Njtvh9VmSnzJxiEUTW9NWDwMMwQAzhgZDO41GQ&m=hBTIXay26WRpRjY2iI2G3bgZMAReDlHFATWxqCCfP4I&s=PBL2QkswHGU7KLcPkFSqK6MEmjJemQV-tSAYNU8G74o&e=">
http://shyam.saladi.org</a>)<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in">Shyam<o:p></o:p></p>
<div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<div>
<p class="MsoNormal" style="margin-left:.5in">On Sep 14, 2017 5:45 PM, "Hilmar Lapp" <<a href="mailto:hlapp@drycafe.net">hlapp@drycafe.net</a>> wrote:<o:p></o:p></p>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">
<div>
<p class="MsoNormal" style="margin-left:.5in">I thought activating that option required HTTPS and a valid SSL cert on the source site too. At least that’s what it seemed to be recently when I tried that (with my own website, also currently hosted off of Github
Pages).<span style="color:#888888"> <o:p></o:p></span></p>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#888888"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="color:#888888"> -hilmar<o:p></o:p></span></p>
</div>
<div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal" style="margin-left:.5in">On Sep 14, 2017, at 8:10 PM, Shyam Saladi <<a href="mailto:saladi1@illinois.edu" target="_blank">saladi1@illinois.edu</a>> wrote:<o:p></o:p></p>
</div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<div>
<div>
<div>
<p class="MsoNormal" style="margin-left:.5in">A minor point, but I think that Cloudflare can redirect http to https:<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__support.cloudflare.com_hc_en-2Dus_articles_200170536-2DHow-2Ddo-2DI-2Dredirect-2Dall-2Dvisitors-2Dto-2DHTTPS-2DSSL-2D&d=DwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=fbHa8Njtvh9VmSnzJxiEUTW9NWDwMMwQAzhgZDO41GQ&m=hBTIXay26WRpRjY2iI2G3bgZMAReDlHFATWxqCCfP4I&s=vOUpw2lgyvh3akO35BoTUAKeI2b1KthmbEZzi2MrtWs&e=" target="_blank">https://support.cloudflare.com/hc/en-us/articles/200170536-How-do-I-redirect-all-visitors-to-HTTPS-SSL-</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<div>
<p class="MsoNormal" style="margin-left:.5in">On Thu, Sep 14, 2017 at 3:18 PM, Hilmar Lapp <<a href="mailto:hlapp@drycafe.net" target="_blank">hlapp@drycafe.net</a>> wrote:<o:p></o:p></p>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">
<p class="MsoNormal" style="margin-left:.5in">Not directly, that's correct. However, there are at least three alternatives, each with various pros and cons.<br>
<br>
1) We could front the site with Cloudflare. This would give us a free SSL cert from Cloudflare. It would not redirect http to https, and would require moving DNS for the domain to Cloudflare.<o:p></o:p></p>
</blockquote>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">
<p class="MsoNormal" style="margin-left:.5in"><br>
2) Proxy the traffic from <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__github.io&d=DwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=fbHa8Njtvh9VmSnzJxiEUTW9NWDwMMwQAzhgZDO41GQ&m=hBTIXay26WRpRjY2iI2G3bgZMAReDlHFATWxqCCfP4I&s=XwbdWlMMOVKPnUvjRC9A1kRMmcYZeKBac78JwrKzUJ4&e=" target="_blank">
Github.io</a> through our Apache server on AWS. This would allow us to redirect http to https, and we'd use a Let's Encrypt SSL cert. For Apache the LE certbot can auto-renew, I think. In essence this is us doing some of what Cloudflare would do, except for
DDOS protection, so the site would then have a single point of failure.<br>
<br>
3) Use Gitlab Pages for hosting. This would allow SSL certs for custom domains. My understanding is they also support Let's Encrypt for cert renewal, but I haven't tried that yet. Downside is that now we're hosting the repo in a different place than everything
else Bioperl. I also don't know about redirecting http to https.<br>
<br>
-hilmar<br>
<br>
Sent from away<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><br>
> On Sep 14, 2017, at 5:42 PM, Peter Cock <<a href="mailto:p.j.a.cock@googlemail.com" target="_blank">p.j.a.cock@googlemail.com</a>> wrote:<br>
><br>
> As far as I know, using your own domain with<br>
> GitHub pages and HTTPS is still not possible.<br>
><br>
> Peter<br>
><br>
>> On Thu, Sep 14, 2017 at 6:10 PM, Carnë Draug <<a href="mailto:carandraug%2Bdev@gmail.com" target="_blank">carandraug+dev@gmail.com</a>> wrote:<br>
>> Hi<br>
>><br>
>> If you access <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__bioperl.org_&d=DwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=fbHa8Njtvh9VmSnzJxiEUTW9NWDwMMwQAzhgZDO41GQ&m=hBTIXay26WRpRjY2iI2G3bgZMAReDlHFATWxqCCfP4I&s=xisPCXy-XinnalGIc3r_-ylMcK5dfyIadDcLhBByBr0&e=" target="_blank">
https://bioperl.org</a> you will get a SSL_ERROR_BAD_CERT_DOMAIN<br>
>><br>
>> The problem is that current certificate is only valid for <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__github.io_&d=DwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=fbHa8Njtvh9VmSnzJxiEUTW9NWDwMMwQAzhgZDO41GQ&m=hBTIXay26WRpRjY2iI2G3bgZMAReDlHFATWxqCCfP4I&s=KJoiZr_O4Q7gUciMpa8YP2nfQcZOZ-cTE4DOADdCW5I&e=" target="_blank">
github.io</a><br>
>> domains.<br>
>><br>
>> Carnë<br>
>><br>
>> _______________________________________________<br>
>> Bioperl-l mailing list<br>
>> <a href="mailto:Bioperl-l@mailman.open-bio.org" target="_blank">Bioperl-l@mailman.open-bio.org</a><br>
>> <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.open-2Dbio.org_mailman_listinfo_bioperl-2Dl&d=DwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=fbHa8Njtvh9VmSnzJxiEUTW9NWDwMMwQAzhgZDO41GQ&m=hBTIXay26WRpRjY2iI2G3bgZMAReDlHFATWxqCCfP4I&s=McmwuADXM7K8aPfvGAwcyFAYwjjlhXw0bY682_6cmTw&e=" target="_blank">
http://mailman.open-bio.org/mailman/listinfo/bioperl-l</a><br>
><br>
> _______________________________________________<br>
> Bioperl-l mailing list<br>
> <a href="mailto:Bioperl-l@mailman.open-bio.org" target="_blank">Bioperl-l@mailman.open-bio.org</a><br>
> <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.open-2Dbio.org_mailman_listinfo_bioperl-2Dl&d=DwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=fbHa8Njtvh9VmSnzJxiEUTW9NWDwMMwQAzhgZDO41GQ&m=hBTIXay26WRpRjY2iI2G3bgZMAReDlHFATWxqCCfP4I&s=McmwuADXM7K8aPfvGAwcyFAYwjjlhXw0bY682_6cmTw&e=" target="_blank">
http://mailman.open-bio.org/mailman/listinfo/bioperl-l</a><br>
<br>
_______________________________________________<br>
Bioperl-l mailing list<br>
<a href="mailto:Bioperl-l@mailman.open-bio.org" target="_blank">Bioperl-l@mailman.open-bio.org</a><br>
<a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.open-2Dbio.org_mailman_listinfo_bioperl-2Dl&d=DwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=fbHa8Njtvh9VmSnzJxiEUTW9NWDwMMwQAzhgZDO41GQ&m=hBTIXay26WRpRjY2iI2G3bgZMAReDlHFATWxqCCfP4I&s=McmwuADXM7K8aPfvGAwcyFAYwjjlhXw0bY682_6cmTw&e=" target="_blank">http://mailman.open-bio.org/mailman/listinfo/bioperl-l</a><o:p></o:p></p>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
</div>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
</div>
<div>
<div>
<div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:8.5pt;font-family:"Monaco",sans-serif">-- <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:8.5pt;font-family:"Monaco",sans-serif">Hilmar Lapp -:- <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__lappland.io&d=DwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=fbHa8Njtvh9VmSnzJxiEUTW9NWDwMMwQAzhgZDO41GQ&m=hBTIXay26WRpRjY2iI2G3bgZMAReDlHFATWxqCCfP4I&s=AR9kUHMIKpw0Pt1esI6_UiTJnD9RLSTQcfpoKW7x_io&e=" target="_blank">lappland.io</a><o:p></o:p></span></p>
</div>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
</div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
</div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
</div>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
</div>
</div>
</div>
</div>
</body>
</html>