OCaml Forge

Forum: expiration-of-ssl-certificate-and-upcoming-forge.ocaml.org

Posted by: Sylvain Le Gall
Date: 2013-09-13 20:20
Summary:Expiration of SSL certificate and upcoming forge.ocaml.org
Project:Site Admin

Hi everyone,

The wildcard SSL I bought a couple of years ago for *.ocamlcore.org is about to expire. I have decided to not buy a new commercial certificate. I am still considering my options, but I will probably go back to a free SSL cert from CACert. This is not widely supported but other upcoming changes don't push me to invest a lot in the ocamlcore.org domain name.

I will publish more details about the SSL migration to CACert, but if you have problem with by the end of September, check that you trust CACert.

The other big news is that OCaml Labs and RackSpace have provided me with a new host for the forge. This is a very good news because the current host starts to be unreliable.

I will take advantage of this migration to initiate another migration: changing the name of the forge to forge.ocaml.org ! This is a strong signal that the OCaml community is uniting and I am all for it.

Your forge master
Sylvain Le Gall

Latest News

Deprecating the Forge in 2017

Sylvain Le Gall - 2016-12-30 23:55 -

Forge migration to a new host, done

Sylvain Le Gall - 2016-10-14 06:42 -

Forge migration to a new host, now

Sylvain Le Gall - 2016-10-13 21:27 -

Forge migration to a new host, delayed

Sylvain Le Gall - 2016-10-09 23:27 -

Forge migration to a new host during the weekend

Sylvain Le Gall - 2016-10-08 08:53 -

Discussion Forums: expiration-of-ssl-certificate-and-upcoming-forge.ocaml.org

Monitor Forum | Start New Thread Start New Thread
RE: StartSSL [ reply ]
By: Sylvain Le Gall on 2013-09-14 10:58
Why not !

What is the extent of their support (Mobile ?, Debian ? Windows ?).

The problem with SSL providers is that there are many of them and that most of their various offer are hard to understand. I suppose that the free offer of StartSSL is somehow limited.

What kind of limitation ?

StartSSL [ reply ]
By: Gabriel Kerneis on 2013-09-14 06:26
Why not use a free SSL cert from StartSSL? http://www.startssl.com/

The pain is that you must renew them every year, but at least they are installed by default in major browsers and Linux distributions, contrary to CACert (and they have been sibject to review for this - remember that the reason why CACert is not in Firefox, for instance, is because their internal procedures have been deemed not secure enough).