Topics

HTTPS on jmri.org

Matthew Harris
 

I've just enabled HTTPS on the main jmri.org site.

It should now be possible to access via https://www.jmri.org and https://jmri.org

For the time being, HTTP access is still active and I've not yet added global redirects from HTTP to HTTPS.

There are some mixed-content issues to nail down to make the site completely secure, however.

If you find any issues, please note them in https://github.com/JMRI/website/issues/324

Thanks.

Best regards,

Matt H

Matthew Harris
 

As an update, I've now enabled redirects from HTTP to HTTPS.

At the same time, I've made https://www.jmri.org to be the canonical root.

These changes should be transparent as the server is configured to answer all combinations:

http://jmri.org/
http://www.jmri.org/
https://jmri.org/
https://www.jmri.org/

and will redirect accordingly requests to the canonical form.

There are still some mixed content issues to resolve, but that needs another crawl of the site to be performed which I will do.

Best regards,

Matt H