<div dir="ltr">Hey,<div><br></div><div style>Ok, the (non EV yet) SSL cert has been installed and configured on <a href="https://git.blender.org">https://git.blender.org</a> which, although isn't forcing https (yet?) when browsing using gitweb, can be used to securely clone from using:</div>
<div style><br></div><div style> git clone <a href="https://git.blender.org/blender.git">https://git.blender.org/blender.git</a></div><div style> cd blender</div><div> git submodule update --init --recursive</div><div>
git submodule foreach git checkout master</div><div> git submodule foreach git pull --rebase origin master</div><div style><br></div><div style>There is a command to change the origin to be HTTPS instead of HTTP that doesn't require a new clone, but since I don't know this off the top of my head, here is what a fresh .git/config file looks like after doing all of the submodule checkouts and everything:</div>
<div style><br></div><div style><div>[core]</div><div><span class="" style="white-space:pre"> </span>repositoryformatversion = 0</div><div><span class="" style="white-space:pre"> </span>filemode = true</div><div><span class="" style="white-space:pre"> </span>bare = false</div>
<div><span class="" style="white-space:pre"> </span>logallrefupdates = true</div><div>[remote "origin"]</div><div><span class="" style="white-space:pre"> </span>fetch = +refs/heads/*:refs/remotes/origin/*</div><div>
<span class="" style="white-space:pre"> </span>url = <a href="https://git.blender.org/blender.git">https://git.blender.org/blender.git</a></div><div>[branch "master"]</div><div><span class="" style="white-space:pre"> </span>remote = origin</div>
<div><span class="" style="white-space:pre"> </span>merge = refs/heads/master</div><div>[submodule "release/datafiles/locale"]</div><div><span class="" style="white-space:pre"> </span>url = <a href="https://git.blender.org/blender-translations.git">https://git.blender.org/blender-translations.git</a></div>
<div>[submodule "release/scripts/addons"]</div><div><span class="" style="white-space:pre"> </span>url = <a href="https://git.blender.org/blender-addons.git">https://git.blender.org/blender-addons.git</a></div><div>
[submodule "release/scripts/addons_contrib"]</div><div><span class="" style="white-space:pre"> </span>url = <a href="https://git.blender.org/blender-addons-contrib.git">https://git.blender.org/blender-addons-contrib.git</a></div>
<div>[submodule "scons"]</div><div><span class="" style="white-space:pre"> </span>url = <a href="https://git.blender.org/scons.git">https://git.blender.org/scons.git</a></div><div><br></div><div><br></div><div style>
Note that devs with commit access are probably pushing via ssh+git, which is already cryptographically secure, in which case you can probably figure out what to change on your own if you use alternate push/pull paths, etc..</div>
<div style><br></div><div style>As for the docboard, you may want to update any of the wiki instructions to recommend HTTPS over HTTP, but I leave this for you to figure out.</div><div style><br></div><div style><br></div>
<div style>Dan</div></div><div style><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Dec 26, 2013 at 10:56 AM, Dan McGrath <span dir="ltr"><<a href="mailto:danmcgrath.ca@gmail.com" target="_blank">danmcgrath.ca@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Ok, the new EV SSL cert is active now on <a href="http://developer.blender.org" target="_blank">developer.blender.org</a> and should always show up as a big green bar with the foundation's name in it followed by the ISO country code. If it doesn't, someone is wrong! ;)</div>
<div class="HOEnZb"><div class="h5">
<div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Dec 24, 2013 at 10:49 AM, Dan McGrath <span dir="ltr"><<a href="mailto:danmcgrath.ca@gmail.com" target="_blank">danmcgrath.ca@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Seasons greetings!<div><br></div><div>Just a heads up that RoosenSanta grabbed us a shiny new SSL certificate from Comodo today for Developer (and Git, which isn't setup yet). I enabled forced SSL in Phabricator now which seems to work fine (thx to Sergey for doing the httpd setup).</div>
<div><br></div><div>Just a heads up though that we got a free EV (extended validation) cert, but got a temporary cert (unless we choose to ignore EV) until all the paper work (ugh, Fax!) is filled out and submitted, so you can probably expect the cert to change in the coming days once more.</div>
<div><br></div><div>Note to the devs that the .arcconfig file probably needs updating to HTTPS, although I would expect it to redirect, but not sure how test this.</div><div><br></div><div>Finally, users may or may not want to change their password on Phabricator after the move to SSL. Also, merry Christmas and HNY! :D</div>
<span><font color="#888888">
<div><br></div><div><br></div><div><br></div><div>Dan</div></font></span></div>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>