LetsEncrypt TLS Certificate on Community.OpenFoodNetwork.org Discourse

matt · November 8, 2016, 6:22pm

Hello OFN!

Can the admin of this http://community.openfoodnetwork.org/ please install a free TLS certificate from LetsEncrypt? https://letsencrypt.org

My assumption is that the majority of non-techies at OFN are not aware of the facts that

it’s dangerous to reuse passwords at different sites
that any password, reused or not are transmitted in clear text when logging into this site.

Hope this gets solved asap!
Thanks for all great work, more open source communications like this Discourse!

@sylvain @CynthiaReynolds - Do you know who’s administering this Discourse instance and can fix this?

CynthiaReynolds · November 14, 2016, 3:50pm

@matt I am not sure who the admins are, I am set as moderator. @sstead I am guessing you would know who has access to do this.
Finding the time to do it is another thing all togeher… I think everyone has a full plate these days!

pmackay · November 20, 2016, 11:19am

@matt do you know if there is any integration of Discourse and LetsEncrypt? If done it needs to be something that self-renews every 3 months right?

The Aus team set this up, @Kirsten or @maikel would know.

maikel · November 22, 2016, 10:14pm

I didn’t setup community.openfoodnetwork.org, but it would be great to add an SSL certificate. I did that for community.openfoodnetwork.org.au and it was very easy. You just add two lines to the configuration and it does all the Letsencrypt magic on its own.

@Kirsten and @RohanM: Who set this server up? Can you give me access?

Kirsten · November 22, 2016, 11:47pm

the discourse man did this but I should have access details somewhere . . will find and send to @maikel

MyriamBoure · November 23, 2016, 9:01am

Ping @gnollet it seems the Letsencrypt certifiate can renew on its own every three month! That would save us time, energy, and avoid to have cuts on our server disponibility when we forget !!! If you have difficulties to find how to do, maybe @maikel if that’s super easy (just two lines) you can document how to do? Thanks

maikel · November 23, 2016, 10:07am

There is an excellent guide on the discourse website: https://meta.discourse.org/t/setting-up-lets-encrypt/40709

I just followed that and you should see the result as a green padlock in your browser’s address bar.

matt · November 24, 2016, 12:52pm

Thank you so much for fixing this @Kirsten and @maikel! And yes @MyriamBoure it is renewing every three months.

Wonderful, now we can enjoy more security!

Btw I’d love to share this if you haven’t tried: check that your data haven’t been breached anywhere (yet known). https://haveibeenpwned.com/