> >
> > It *isn't* "letsencrypt", it's cause it's used in the wrong way.
>
> Then we need a procedure and instructions for managing it properly.

Agree on that


> > There is a week limit. We should know and open certificates in the
> > right way ( one a week the first time, so, updates are one a week and
> > we have 4 more in case of needs ).
> >
> > Also, files.devuan.org, isn't hsts, it's a 443 closed: why no one
> > open it? i don't have access to the files machine, who fix it?
>
> It is a hsts issue because HSTS has been setup on www.devuan.org and it
> has told any browser that visits that site that any subdomain of
> devuan.org must use https.
>
> If I visit http://files.devuan.org in private browsing mode then it
> works fine.. same for packages.devuan.org

Yes, but HSTS is now the facto enforced by some browsers ( chrome first
of all ) and you can't avoid it, and on files the 443 is closed, it
needs to be open and a proper certificate issued (with letsencrypt or
any other )


> >
> >> I'm so tempted to quit devuan because it's just so hard to get the
> >> necessary stuff done (due to key people not being available and not
> >> making sure there are others that can step in if issues arise).
> >> I've spent hundreds of hours on Devuan and right now I'm so
> >> embarrased and ashamed at the state of our websites, and the state
> >> or our infrastructure that I'm considering whether to pull the plug
> >> on my involvement.
> >
> > Of course I'm the one, and you are right.
>
> Actually you are not specifically the cause of my feelings... it's more
> a point we've got to which feels like we've hit the barriers of what is
> sustainable with our current manpower. Please don't take my comment
> personally as it was not directed at you!!!

I don't, i'm not offended by what you are saying. When I say "of course
i'm the one", it's not you accuse me of anything, it's ME that
understand that actually I am the one :)


Anyway, now CI and Packages are online with a proper certificate,

I will move forward to give you access to all machines during this week,
and then i will be back to my slow work on amprolla2

Who has access to files to fix it?


--

Franco Lanza
My blog: http://www.nexlab.it
email: nextime@???
Fax/Tel: +39 0331 682151
Cell: +39 339 8125940
paypal: https://paypal.me/nexlab
Lonate Pozzolo (VA) - Italy
-----------------------------------
NO TCPA: http://www.no1984.org
you can download my public key at:
http://danex.nexlab.it/nextime.asc || Key Servers
Key ID = D6132D50
Key fingerprint = 66ED 5211 9D59 DA53 1DF7 4189 DFED F580 D613 2D50
-----------------------------------
echo 16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D212153574F444E49572045535520454D20454B414D204F54204847554F4E452059415020544F4E4E4143205345544147204C4C4942snlbxq | dc
-----------------------------------