On Fri, Aug 14, 2015 at 2:51 AM Vladimir Prus
On 12-Aug-15 12:38 AM, Niall Douglas wrote:
On 11 Aug 2015 at 1:36, Klaim - Joël Lamotte wrote:
I noticed today that the https of boost.org is expired, and should have a new certificate: https://www.ssllabs.com/ssltest/analyze.html?d=boost.org
My understanding is that the process to renew the certificate was started few months ago but got nowhere. Not totally sure why though. The last status report from the steering committee is available there: http://permalink.gmane.org/gmane.comp.lib.boost.steering/126
We have a new SSL cert, and have had for some months.
The problem is installing it. We no longer have root access to the server in question and I understand the person who had root access isn't responding to email.
It's unfortunate that the Steering Committee had not taken a decisive action here - either reaching other people at OSL - or deciding that we've lost webserver access completely, and need to start over.
As I said in my previous email, there was an exchange between our admin and boost. The certificate was delivered to us, but it was incomplete, missing the key. We asked for the key, but the email thread broke off, and we never got the necessary files. If someone has all the necessary files, we can get the key installed today. If nobody has the files and we should get the certificate ourselves, we are open to that.
We would move to new servers, but need root access to copy off all the existing data. So we keep pinging emails, and hope one day the person in question replies.
How about starting a new server, configuring nginx to proxy to the current server by IP address, and changing DNS to point to the new server? SSL will be handled by the new server.
I suggest that if someone actually has all the necessary files, we can install them directly on the server.
This is why we need a dedicated employed person to do this stuff,to
keep migration plans and plan upkeep so getting orphaned from access never occurs in the first place, and even if it did there is a live offsite backup configured using docker/drbd etc we can replicate from. The steering committee can only authorise that spending if there is consensus from boost-dev that someone should be employed to do this stuff, until that happens this situation will keep recurring into the future with no end in sight.
Lots of open-source project manage to have a website without employing anybody. I think the problem is really access, not employment.
Again, we have a full time sys admin that can do whatever is necessary.
- Volodya
_______________________________________________ Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost