10 Replies to “https, here”

  1. No redirect by default? Then Strict Transport Security would also make sense. :)

    Also it looks like the comment form doesn’t use HTTPS yet. At least I get a warning about this.

  2. I turned https on by-default just now, now that I know I didn’t scramble something. Tell me if you get any non-https errors/warnings at this point.

  3. Looks fine now. Thanks for https, the more stuff encrypted on the web, the better :)

  4. Please make it ‘default’ in the sense that update links and use a redirect. Thanks for providing TLS!

  5. Sorry for dumb question, but why i need TLS for read this blog? Where is profit (if i’m not criminal)?

  6. Igor – you don’t need TLS to read it – but it’s not a bad idea to have encryption available rather than not available.

    Zoey4ever – I wasn’t aware of that. I’ll redo the certificate dance again soon. (ugh)

    Edward – what do you mean?

  7. Hmm.

    There’s some oddness going on with your SSL cert. OpenSSL on FreeBSD 10.0-RELEASE is getting upset. It’s the only site I’m seeing this issue with.

    I noticed because my RSS reader stopped being able to poll your feed: In python:

    [code]
    >>> import urllib2
    >>> rss = urllib2.urlopen(‘https://www.dragonflydigest.com/feed/’)
    Traceback (most recent call last):
    File “”, line 1, in
    File “/usr/local/lib/python2.7/urllib2.py”, line 127, in urlopen
    return _opener.open(url, data, timeout)
    File “/usr/local/lib/python2.7/urllib2.py”, line 404, in open
    response = self._open(req, data)
    File “/usr/local/lib/python2.7/urllib2.py”, line 422, in _open
    ‘_open’, req)
    File “/usr/local/lib/python2.7/urllib2.py”, line 382, in _call_chain
    result = func(*args)
    File “/usr/local/lib/python2.7/urllib2.py”, line 1222, in https_open
    return self.do_open(httplib.HTTPSConnection, req)
    File “/usr/local/lib/python2.7/urllib2.py”, line 1184, in do_open
    raise URLError(err)
    urllib2.URLError:
    [/code]

    And the openssl client barfs, too:

    [code]
    $ openssl s_client -connect http://www.dragonflydigest.com:443
    CONNECTED(00000003)
    34379126440:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_lib.c:177:

    no peer certificate available

    No client certificate CA names sent

    SSL handshake has read 0 bytes and written 309 bytes

    New, (NONE), Cipher is (NONE)
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE

    [/code]

    Hope this is something easy for you to fix.

    sjh

Comments are closed.