redirect looses ssl #4753
Comments
Author: TomH This is deliberate - as SSL is (relatively) expensive we only offer it for the login process on the wiki and everything else is directed back to normal http. |
Author: skyper Replying to [comment:1 TomH]:
That is not true. https is working for wiki and trac but many do not know. (comment:5:ticket:3914) Only the redirect does not work for the wiki. I already wrote 18 month ago, that there are methods to use proxies / caching on a machine using http and loopbacks and then only encrypt connections to other machine. An example would be http://linksunten.indymedia.org. I could get more info about the setup if needed. |
Author: TomH Thank you, but lessons in sucking eggs are not required. We are in fact already running a proxy in front of the wiki to help with the load. Yes, you are right that trac is now globally enabled, because it gets a lot less use. The wiki machine is fairly well loaded however, and the wiki gets a lot of use, hence why https is discouraged there. It may be possible to access it in that way but the intention is that only login traffic is passed over https which is why logins direct to https and then back to http afterwards. Certainly accessing osm.org over https is not something we would recommend as we have no certificate for that name. |
Author: skyper Replying to [comment:3 TomH]:
Ok, I can live with typing the complete name and just was irritated by the "broken" redirection. |
Author: skyper It got even worse. Right now I am send to plain http on many redirects like https://wiki.openstreetmap.org. This is definitely a bug. |
Author: openstreetmap[at]firefishy.com SSL now fully enabled. Lets see how the hardware handles. |
Reporter: skyper
[Submitted to the original trac issue database at 8.43pm, Monday, 21st January 2013]
The redirect from https://wiki.osm.org/ is leading to http and not https.
Please, keep the protocol. Thanks
The text was updated successfully, but these errors were encountered: