Keith C. Perry on 29 Aug 2015 12:20:44 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Securing Web Site for External Traffic

Where as OpenVPN certificate management is not a big deal since that is how it was designed to be used.  :)  They have scripts to create as well as revoke them.  The biggest p.i.t.a. is properly assembling the unified config that works everywhere- especially mobile.  Its just a catenation of a couple of files plus your cert but I scripted that (also trivial) and haven't looked back.

Truth be told, once you create a cert for yourself, you're not going to change it that much.


~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Keith C. Perry, MS E.E.
Owner, DAO Technologies LLC
(O) +1.215.525.4165 x2033
(M) +1.215.432.5167
www.daotechnologies.com

From: "David Coulson" <david@davidcoulson.net>
To: plug@lists.phillylinux.org
Sent: Saturday, August 29, 2015 10:20:46 AM
Subject: Re: [PLUG] Securing Web Site for External Traffic


On 8/29/15 9:42 AM, Timothy Marion wrote:
I would go with HTTPS. HTTPS is good enough for all the online stores and banks it should protect a baby monitor. I do this as a hobby and do not have the production experience that others on list list have. I was able to setup a self signed cert and https on my VPS. It was not a walk in the park but it was not rocket science. If I can do most anybody could.
Depends what you're trying to accomplish - HTTPS/TLS only secures the transport, and does not provide access control capabilities. You can certainly do certificate based authentication, but that's a bear to manage and support.



___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug