[moin-user] MoinMoin issue

M. Scott Reynolds mscottreynolds at gmail.com
Sat Sep 1 15:34:50 EDT 2018 

p.s.  A self-signed cert should be just fine instead of using a cert from
letsencrypt for private home use.

On Sat, Sep 1, 2018 at 1:24 PM M. Scott Reynolds <mscottreynolds at gmail.com>
wrote:

> Yea, I think you need a publicly accessible site for letsencrypt to work
> as their server makes calls to yours to verify you own the site.
>
> This is how my ssl.conf file is configured:
>
> Listen 443 https
> SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
> SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
> SSLSessionCacheTimeout  300
> SSLRandomSeed startup file:/dev/urandom  256
> SSLRandomSeed connect builtin
> SSLCryptoDevice builtin
>
> <VirtualHost _default_:443>
> ErrorLog logs/ssl_error_log
> TransferLog logs/ssl_access_log
> LogLevel warn
> SSLEngine on
> SSLProtocol all -SSLv3
> SSLProxyProtocol all -SSLv3
> SSLHonorCipherOrder on
> SSLCertificateFile /etc/pki/tls/certs/localhost.crt
> SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
> <FilesMatch "\.(cgi|shtml|phtml|php)$">
>     SSLOptions +StdEnvVars
> </FilesMatch>
> <Directory "/var/www/cgi-bin">
>     SSLOptions +StdEnvVars
> </Directory>
> BrowserMatch "MSIE [2-5]" \
>          nokeepalive ssl-unclean-shutdown \
>          downgrade-1.0 force-response-1.0
>
> CustomLog logs/ssl_request_log \
>           "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
> </VirtualHost>
>
> It lives in the /etc/httpd/conf.d/ directory.    The host is Amazon Linux
> (Amazon Web Services) which is a derivative of CentOS 6.
>
> Scott R.
>
>
> On Sat, Sep 1, 2018 at 1:11 PM Mehma Sarja <mehmasarja at gmail.com> wrote:
>
>> Thanks Scott,
>>
>> If you can, please share the config files. My application is a home
>> server. I keep all my account info there. It's like a password manager and
>> tracks my automobile maintenance and a dozen other things. I don't access
>> it outside of my LAN.
>>
>> I read up on lets encrypt and it seems like they require a domain name.
>> Do we need a domain name or can we use "home" or a 193.168.xx.xx up address?
>>
>> I think we can do a self-signed CA for home use. This is not required
>> because your browser is going to complain and let you through.
>>
>> Yudhvir
>> ---
>> On Sat, Sep 1, 2018, 12:00 PM M. Scott Reynolds <mscottreynolds at gmail.com>
>> wrote:
>>
>>> I have MoinMoin running under apache2 with https.  I use
>>> https://letsencrypt.org/ for my certificates.  It also has scripts for
>>> configuring apache for you.
>>>
>>> Scott R.
>>>
>>> On Sat, Sep 1, 2018 at 10:24 AM Mehma Sarja <mehmasarja at gmail.com>
>>> wrote:
>>>
>>>> Made some progress yesterday. Got https working on lighttpd. So moin
>>>> works by itself using its built in web server. I've also managed to get it
>>>> working behind apache2. Apache as https is complicated.
>>>>
>>>> Next up is getting moin working with https. BTW, I'm documenting my
>>>> steps and will share once it's setup. Ya know funny how every wiki engine
>>>> out there says they are mature and popular and been around for years.
>>>> However no one gets past a simple http and many of them can't even get you
>>>> to http when it comes to documentation.
>>>>
>>>> Yudhvir
>>>>
>>>>
>>>>
>>>> On Fri, Aug 31, 2018, 8:32 AM D'Arcy Cain <darcy at vybenetworks.com>
>>>> wrote:
>>>>
>>>>> On 2018-08-31 11:07 AM, Mehma Sarja wrote:
>>>>> > Samit,
>>>>> >
>>>>> > It's just the two if us on this list it seems.
>>>>>
>>>>> Make that three.
>>>>>
>>>>> > Can you share your setup and config files to get ssl working?
>>>>>
>>>>> Ditto.  I am trying to get it working on NetBSD and there doesn't seem
>>>>> to be any HowTos for that and I also can't find low end documentation
>>>>> that simply describes whatever files and directories are needed and a
>>>>> man page for the configs.
>>>>>
>>>>> --
>>>>> D'Arcy J.M. Cain
>>>>> Vybe Networks Inc.
>>>>> http://www.VybeNetworks.com/
>>>>> IM:darcy at Vex.Net VoIP: sip:darcy at VybeNetworks.com
>>>>> _______________________________________________
>>>>> moin-user mailing list
>>>>> moin-user at python.org
>>>>> https://mail.python.org/mailman/listinfo/moin-user
>>>>>
>>>> _______________________________________________
>>>> moin-user mailing list
>>>> moin-user at python.org
>>>> https://mail.python.org/mailman/listinfo/moin-user
>>>>
>>> _______________________________________________
>> moin-user mailing list
>> moin-user at python.org
>> https://mail.python.org/mailman/listinfo/moin-user
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/moin-user/attachments/20180901/0195e193/attachment-0001.html>

More information about the moin-user mailing list