[arch-general] bbs.archlinux.org is now switched to https only!

[Thomas Bächler]

I just performed the switch to https only on bbs! I also adjusted some
internal URLs, so all files will be properly fetched via https directly.
http is redirected automatically. Note that the navbar links on Archweb
and all other sites still point to http, but that is redirected
automatically.

There is a catch:
1) Apache configures SSL per-vhost. That means that even though we have
a wildcard certificate, the browser must support SNI for name-based
vhosts to work. All clients that are not SNI-capable will be redirected
to www instead.
2) wget doesn't like wildcard certificates. That means you need to use
--no-check-certificate with wget.
3) Our certificate is from CACert. AFAIK, this is not included in many
browsers by default. If you use Arch Linux, at least everything that
uses the OpenSSL certificate store and all Mozilla browsers are
CACert-enabled - on other operating systems, our certificate might show
up as untrusted.

Let me know if any of the above (especially 1) cause any problems.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20100716/31c5b29c/attachment.bin>