Last modified: 2013-08-11 05:12:13 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T45404, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 43404 - Use SSL for Etherpad Lite instance
Use SSL for Etherpad Lite instance
Status: RESOLVED FIXED
Product: Wikimedia
Classification: Unclassified
Etherpad (Other open bugs)
unspecified
All All
: Normal enhancement (vote)
: ---
Assigned To: Nobody - You can work on this!
: ops
Depends on: 46539
Blocks: 34953 35637
  Show dependency treegraph
 
Reported: 2012-12-25 07:53 UTC by T. Gries
Modified: 2013-08-11 05:12 UTC (History)
6 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description T. Gries 2012-12-25 07:53:49 UTC 
Info: 

The develop branch (since 2012-11-24 https://github.com/ether/etherpad-lite/commit/fdf0b1a3844b2441852e472781a7bf41f8775b18 ) of Etherpad lite has been enabled to support (optionally, currently not by default) SSL i.e. to run EPL via https:// on native node.

The only required change:

* set up the ssl section in settings.json and let it point to a suited server.key and server.crt on your server
Comment 1 Mark Holmquist 2012-12-27 00:43:44 UTC 
This is all well and good, but since this is a labs instance, I hesitate to try deploying an SSL solution to it.

Let's see if we can't get EPL deployed to production, then we can actually do this right....especially since we'll be putting it behind a reverse proxy, I doubt we would have any trouble with SSL in any case.

Moving this to Wikimedia (I *think* there's an Etherpad component), and I'll add a few dependencies to this bug that are blocking it.
Comment 2 Ryan Lane 2012-12-27 04:48:28 UTC 
Yes, EPL should replace etherpad in production.
Comment 3 T. Gries 2012-12-28 20:01:41 UTC 
[update]

Native HTTPS support (No need for https on the reverse proxy) is now available in EPL branch master release 1.2.2 (since 2012-12-27)

See http://blog.etherpad.org/2012/12/27/etherelves-wish-you-a-merry-xmas-and-an-api-new-year-version-1-2-2-release/
Comment 4 Daniel Zahn 2013-08-09 11:30:24 UTC 
https://epl.wikimedia.org/p/test%20https
Comment 5 T. Gries 2013-08-09 12:56:51 UTC 
(In reply to comment #4)
> https://epl.wikimedia.org/p/test%20https

EPL/SSL works fine for me (Firefox 23.0 on Windows XP)
Please publish server key fingerprint (md5, sha1) somewhere on MediaWiki, thanks / Wikinaut 09.08.2013 14:56 local time (20130809125617 UTC) so that users can check.
Comment 6 T. Gries 2013-08-09 12:58:21 UTC 
(In reply to comment #5)
> (In reply to comment #4)
> > https://epl.wikimedia.org/p/test%20https
> 
> EPL/SSL works fine for me (Firefox 23.0 on Windows XP)
> Please publish server key fingerprint (md5, sha1) somewhere on MediaWiki,
> thanks / Wikinaut 09.08.2013 14:56 local time (20130809125617 UTC) so that
> users can check.

see my simply PHP scriptlet https://github.com/Wikinaut/MySimpleCertViewer for viewing cert data
Comment 7 T. Gries 2013-08-10 08:47:14 UTC 
Hi, this SSL Etherpad works, so I think, this bug can be closed. As reporter of this bug I am closing it now,
Comment 8 Andre Klapper 2013-08-11 05:12:13 UTC 
"Use SSL for the etherpad lite instance on Labs" did not get fixed.
However epl.wikimedia.org is a sufficient solution. 
Rephrasing summary.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links