WolfMUD: Journal for Friday, 14th October, 2016


  Up to Main Index                           Up to Journal for October, 2016

                    JOURNAL FOR FRIDAY 14TH OCTOBER, 2016
______________________________________________________________________________

SUBJECT: Safe & sound
   DATE: Fri 14 Oct 23:41:41 BST 2016

As you may have heard the certificate authority GlobalSign accidentally caused
their online certificate status protocol server to report that all downstream
SSL certificates signed by one of their certificates had been revoked. Oops.

I found out about it at work when I started getting complaints from users with
issues accessing sites we host - Google Chrome or Internet Explorer complained
about the revocation with 'scary' error messages.

As a result I've been looking at Let's Encrypt again. From their website[1]:


  Let’s Encrypt is a free, automated, and open certificate authority (CA), run
  for the public’s benefit.


I couldn't really go messing about with a client's website doing experiments
could I? So I needed a site where it didn't matter if it flatlined now and
again as I played with configuration settings. Now where could I find such a
site? ;)

As a result www.wolfmud.org and the git repository at code.wolfmud.org are now
running under SSL. I've tested using Google Chrome on Linux, Android and
Windows 10. I've also tested in IE11, Edge and Firefox on Windows 10. All seem
to be working fine. I've also used Qualys' SSL Labs SSL checker[2] on the
domain - it gets an 'A' rating :)

However, if anyone does have any issues *please* email me some with details
and I'll look into it! diddymus@wolfmud.org

One tip that may help others: If you are using the Let's Encrypt staging
server for testing the browsers will complain about the issuer being unknown.
This is usually attributed on the various forums as a problem with either the
chain.pem or fullchain.pem files being needed and configured. It isn't.
Neither of the files work with the staging server. After wasting hours
fiddling with the files and configuration settings I switched to the live
server and got a live certificate, everything then worked beautify.

Admittedly I'm not using the official client or configuring things in the
'normal' way. *sigh*

In other news...

Over the last week I've been fixing a few general bugs in WolfMUD. I'm also
trying to clean up the frontend code again - actually overhauling might be a
better description. Currently trying to separate the different parts of the
frontend from each other. Hopefully this will lead to a solution for the
problem of having to go through the registration process again if the account
ID chosen is already used. It should also allow me to drop the ugly stash
field in the frontend struct.

Only 16 days left till Halloween... /\oo/\

--
Diddymus

  [1] Let's Encrypt: https://letsencrypt.org

  [2] Qualys' SSL Labs SSL checker: https://www.ssllabs.com/ssltest/


  Up to Main Index                           Up to Journal for October, 2016