[Lazarus] https website for Lazarus

Anthony Walter sysrpl at gmail.com
Tue Mar 14 11:38:20 CET 2017


I just thought I'd share my experience with http://www.getlazarus.org

I added https to it a few months ago using let's encrypt. The experience
was pretty easy.

The only hiccup I had/still have is that I serve images/video using S3 with
a subdomain CNAME to improve performance. I had to use a separate
certificate from Amazon for that content else I wouldn't get the green
badge to the left the URL in every browser. Amazon's tool to get a
certificate for S3/Cloudfront buckets is straight forward enough.

You can find non secure items on a page like in the scenario I described
above using any browsers developers tools console window. It will warn
about your security errors at the top of the console.

Finally, switch to using // in your html and css when specifying website
links/resources. This causes the client to use the same protocol for those
items which was used to request the main page. That is say image: url(//
images.mysite.org/banner.jpg) vs url(https://images.mysite.org/banner.jpg).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lazarus-ide.org/pipermail/lazarus/attachments/20170314/e834c78e/attachment-0001.html>


More information about the Lazarus mailing list