LetsEncrypt TLS Certificate on Community.OpenFoodNetwork.org Discourse


#1

Hello OFN!

Can the admin of this http://community.openfoodnetwork.org/ please install a free TLS certificate from LetsEncrypt? https://letsencrypt.org

My assumption is that the majority of non-techies at OFN are not aware of the facts that

  1. it’s dangerous to reuse passwords at different sites
  2. that any password, reused or not are transmitted in clear text when logging into this site.

Hope this gets solved asap!
Thanks for all great work, more open source communications like this Discourse! :slight_smile:

@sylvain @CynthiaReynolds - Do you know who’s administering this Discourse instance and can fix this?


#2

@matt I am not sure who the admins are, I am set as moderator. @sstead I am guessing you would know who has access to do this.
Finding the time to do it is another thing all togeher… I think everyone has a full plate these days!


#3

@matt do you know if there is any integration of Discourse and LetsEncrypt? If done it needs to be something that self-renews every 3 months right?

The Aus team set this up, @Kirsten or @maikel would know.


#4

I didn’t setup community.openfoodnetwork.org, but it would be great to add an SSL certificate. I did that for community.openfoodnetwork.org.au and it was very easy. You just add two lines to the configuration and it does all the Letsencrypt magic on its own.

@Kirsten and @RohanM: Who set this server up? Can you give me access?


#5

the discourse man did this but I should have access details somewhere . . will find and send to @maikel


#6

Ping @gnollet it seems the Letsencrypt certifiate can renew on its own every three month! That would save us time, energy, and avoid to have cuts on our server disponibility when we forget :wink: !!! If you have difficulties to find how to do, maybe @maikel if that’s super easy (just two lines) you can document how to do? Thanks :slight_smile:


#7

There is an excellent guide on the discourse website: https://meta.discourse.org/t/setting-up-lets-encrypt/40709

I just followed that and you should see the result as a green padlock in your browser’s address bar.


#8

Thank you so much for fixing this @Kirsten and @maikel! And yes @MyriamBoure it is renewing every three months. :slight_smile:

Wonderful, now we can enjoy more security!

Btw I’d love to share this if you haven’t tried: check that your data haven’t been breached anywhere (yet known). https://haveibeenpwned.com/ :slight_smile: