<div dir="ltr">Thanks Toni for your valuable input regarding the implementation of secure channels with custom PKI.<div><br></div><div>This issue has been raised during the meeting and the conclusion would be that the implementation with LE is just optional so company can achieve their own certificates in case they require.</div><div><br></div><div>Cheers,</div><div>Francesco</div></div><br><div class="gmail_quote"><div dir="ltr">Il giorno lun 30 lug 2018 alle ore 12:48 Toni Schönbuchner <<a href="mailto:toni.schoenbuchner@csgis.de">toni.schoenbuchner@csgis.de</a>> ha scritto:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word;line-break:after-white-space">Dear Alessio,<div><br></div><div><blockquote type="cite"><div>Am 30.07.2018 um 10:25 schrieb <a href="mailto:geonode-devel-request@lists.osgeo.org" target="_blank">geonode-devel-request@lists.osgeo.org</a>:</div><br class="m_2397136624616375655Apple-interchange-newline"><div><span style="font-family:Menlo-Regular;font-size:11px;float:none;display:inline!important">3. GeoNode Security; with the valuable contribution of Oliver Dalang, we</span><br style="font-family:Menlo-Regular;font-size:11px"><span style="font-family:Menlo-Regular;font-size:11px;float:none;display:inline!important">would like to enforce the GeoNode security during the deployments and</span><br style="font-family:Menlo-Regular;font-size:11px"><span style="font-family:Menlo-Regular;font-size:11px;float:none;display:inline!important">installation processes by allowing users to:</span><br style="font-family:Menlo-Regular;font-size:11px"><span style="font-family:Menlo-Regular;font-size:11px;float:none;display:inline!important">- Being able to enable HTTPS w/ Let's Encrypt certs</span></div></blockquote><br></div><div><div><span style="font-family:Menlo-Regular;font-size:11px">+1 (It was on my wishlist the moment I saw Oliver´s Docker Setup.)</span></div></div><div><span style="font-family:Menlo-Regular;font-size:11px;float:none;display:inline!important"><br></span></div><div><span style="font-family:Menlo-Regular;font-size:11px;float:none;display:inline!important">However companies exist who do not rely on Let´s Encrypt – but </span><span style="font-family:Menlo-Regular;font-size:11px">others authorities like digicert, comodo, etc. </span></div><div><font face="Menlo-Regular"><span style="font-size:11px">I would suggest to extend the docs in how to add a HTTPS certs in general to a </span></font><span style="font-size:11px;font-family:Menlo-Regular">docker setup. </span></div><div><span style="font-size:11px;font-family:Menlo-Regular">This would give users the choice of using certs from LE or others. </span></div><div><font face="Menlo-Regular"><span style="font-size:11px"><br></span></font></div><div><font face="Menlo-Regular"><span style="font-size:11px">Best regards and thanks a lot for your work,</span></font></div><div><font face="Menlo-Regular"><span style="font-size:11px"><br></span></font></div><div><font face="Menlo-Regular"><span style="font-size:11px">Toni</span></font></div><div><div><br class="m_2397136624616375655webkit-block-placeholder"></div><div><br class="m_2397136624616375655webkit-block-placeholder"></div><div><br class="m_2397136624616375655webkit-block-placeholder"></div><div>
<div style="color:rgb(0,0,0);letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;word-wrap:break-word"><div style="color:rgb(0,0,0);letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;word-wrap:break-word"><div style="color:rgb(0,0,0);letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;word-wrap:break-word"><div style="color:rgb(0,0,0);letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;word-wrap:break-word"><div><div style="word-wrap:break-word"><div><div>-----------------------------------------------</div><div>CSGIS</div><div><br></div><div>-----------------------------------------------</div><div><div>Kolonnadenstraße 1</div><div>04109 Leipzig</div></div><div>-----------------------------------------------</div><div>Mobil<span class="m_2397136624616375655Apple-tab-span" style="white-space:pre-wrap"> </span>+49/ (0) 176 6680 3198</div><div>Tel <span class="m_2397136624616375655Apple-tab-span" style="white-space:pre-wrap"> </span>+49/ (0) 341 24 04 738</div><div>Fax <span class="m_2397136624616375655Apple-tab-span" style="white-space:pre-wrap"> </span>+49/ (0) 341 24 04 73</div><div>Web<span class="m_2397136624616375655Apple-tab-span" style="white-space:pre-wrap"> </span><a href="http://csgis.de" target="_blank">http://csgis.de</a></div><div>-----------------------------------------------</div><div><br></div><div>Hinweis gemäß § 33 BDSG</div><div>Daten der Verfahrensbeteiligten werden gespeichert. Dieses Dokument ist ausschließlich für den </div><div>Adressaten bestimmt. Der Inhalt der E-Mail ist vertraulich. Falls Sie diese E-Mail versehentlich </div><div>erhalten haben, rufen Sie uns unter obiger Rufnummer umgehend an und löschen Sie diese Nachricht </div><div>von Ihrem Computer. Jegliche Art von Reproduktionen, Verbreitung, Vervielfältigung, Veränderung, </div><div>Verteilung und/oder Veröffentlichung dieser E-Mail ist verboten.</div></div></div></div></div></div></div></div>
</div>
<div><br></div><br></div></div>_______________________________________________<br>
geonode-devel mailing list<br>
<a href="mailto:geonode-devel@lists.osgeo.org" target="_blank">geonode-devel@lists.osgeo.org</a><br>
<a href="https://lists.osgeo.org/mailman/listinfo/geonode-devel" rel="noreferrer" target="_blank">https://lists.osgeo.org/mailman/listinfo/geonode-devel</a><br>
</blockquote></div>