Free SSL for beta users!

April 4, 2007

Tonight we’ve enabled SSL for all our domains, and that includes your projects! This is a special gift to you beta users. You’ve given such great feedback, helped us find trivial bugs, and put up with us when you found major ones. And you’ve been spreading the word! I think that more than anything deserves a reward.

The free accounts we’ll be offering when we launch will not have SSL. In fact, getting SSL for both Trac and SVN is going to be reserved for Pro accounts. You guys are special!

For the moment it’s a self-signed certificate, but between now and launch we’ll be switching to a trusted signed certificate. For all practical purposes though, it does what you want: encryptz your dataz. You can also use secure SVN as a way to get around firewalls that prevent the DAV extensions to HTTP.

It’s not the default, so you’ll have to manually add that s to http in your URLs, but I’m sure that’s not too much to ask. Also, Subversion won’t switch to the SSL version of your repository with the switch command unless you use the --relocate flag.

Enjoy!

-Jeff

7 Responses to “Free SSL for beta users!”


  1. For some reason it seems you can’t plain svn switch https://svn.devjavu.com/repository in your work area filesystems (“svn: ‘https://svn.devjavu.com/repository’ is not the same repository as ‘http://svn.devjavu.com/'”), but checking out anew elsewhere works like a charm.

  2. Jeff Lindsay Says:

    Yeah, apparently SVN can’t see the identity between SSL and non-SSL, so you’ll have to start a new working copy. Thanks for the tip, I’ll add it to the post!

  3. Mike Lundy Says:

    Johan, try:
    svn switch -–relocate http://url https://url
    Seems to have worked for me.

  4. Brian Says:

    Thanks Jeff!

  5. brett Says:

    Thanks, it works great!


  6. Opera warns it’s not a very good (as in secure) certificate, though; quoting:

    – This site is using an outdated encryption method currently classified as insecure. It cannot sufficiently protect sensitive data. Do you wish to continue?
    – The server is using a short public encryption key, which is considered insecure.

    Crank up the key length to 1024 bits and algorithm to md5WithRSAEncryption, for instance? It’s not as bad as sending plaintext, but the present cert doesn’t pretect sensitive data very much beyond incidental snooping and kid sisters.

  7. Jeff Lindsay Says:

    Okay, we’ll crank it up.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: