Free SSL for beta users!

April 4, 2007

Tonight we’ve enabled SSL for all our domains, and that includes your projects! This is a special gift to you beta users. You’ve given such great feedback, helped us find trivial bugs, and put up with us when you found major ones. And you’ve been spreading the word! I think that more than anything deserves a reward.

The free accounts we’ll be offering when we launch will not have SSL. In fact, getting SSL for both Trac and SVN is going to be reserved for Pro accounts. You guys are special!

For the moment it’s a self-signed certificate, but between now and launch we’ll be switching to a trusted signed certificate. For all practical purposes though, it does what you want: encryptz your dataz. You can also use secure SVN as a way to get around firewalls that prevent the DAV extensions to HTTP.

It’s not the default, so you’ll have to manually add that s to http in your URLs, but I’m sure that’s not too much to ask. Also, Subversion won’t switch to the SSL version of your repository with the switch command unless you use the --relocate flag.

Enjoy!

-Jeff

This entry was posted on April 4, 2007 at 7:31 am and is filed under Announcements, Community, Features.

7 Responses to “Free SSL for beta users!”

  1. Johan Sundström Says:

    April 5, 2007 at 3:12 pm

    For some reason it seems you can’t plain svn switch https://svn.devjavu.com/repository in your work area filesystems (“svn: ‘https://svn.devjavu.com/repository’ is not the same repository as ‘http://svn.devjavu.com/'”), but checking out anew elsewhere works like a charm.

    Reply
  2. Jeff Lindsay Says:

    April 5, 2007 at 9:15 pm

    Yeah, apparently SVN can’t see the identity between SSL and non-SSL, so you’ll have to start a new working copy. Thanks for the tip, I’ll add it to the post!

    Reply
  3. Mike Lundy Says:

    April 11, 2007 at 5:14 am

    Johan, try:
    svn switch -–relocate http://url https://url
    Seems to have worked for me.

    Reply
  4. Brian Says:

    April 13, 2007 at 12:29 pm

    Thanks Jeff!

    Reply
  5. brett Says:

    April 14, 2007 at 5:18 pm

    Thanks, it works great!

    Reply
  6. Johan Sundström Says:

    April 21, 2007 at 10:07 pm

    Opera warns it’s not a very good (as in secure) certificate, though; quoting:

    – This site is using an outdated encryption method currently classified as insecure. It cannot sufficiently protect sensitive data. Do you wish to continue?
    – The server is using a short public encryption key, which is considered insecure.

    Crank up the key length to 1024 bits and algorithm to md5WithRSAEncryption, for instance? It’s not as bad as sending plaintext, but the present cert doesn’t pretect sensitive data very much beyond incidental snooping and kid sisters.

    Reply
  7. Jeff Lindsay Says:

    April 21, 2007 at 11:21 pm

    Okay, we’ll crank it up.

    Reply

Leave a comment