In the past few weeks Dirk Astrath and me upgraded some of our infrastructure systems to Debian Buster and implemented some performance improvements.
The blog system you are just visiting is one of these systems. We also upgraded the wiki system and finished the setup of the new community Webmail system.
The old staff list and community email password reset pages have been replaced with a modern system that is now available at https://selfservice.cacert.org/.
The git code hosting system at https://git.cacert.org/ has been upgraded to Debian Buster too and has been switched from gitweb to cgit for the git web frontend for much better performance. The old gitweb URLs are automatically redirected to the new cgit URLs. This change has the positive side effect that you can now use git clone directly using the https-URLs of the git repositories.
In the background we added Puppet configuration management for the above mentioned systems and replaced the aged nrpe-based monitoring with Icinga 2 agents.
We setup a new community start page at https://community.cacert.org/ that leads you to resources that we think is relevant for our community members.
Within the last days I ran some tests using the certificate login for https://wiki.cacert.org/.
This evening I activated this function on our wiki server.
Trying to login to https://wiki.cacert.org/ using an unknown email-adress will NOT create a new account: You have to create an account first using the email-adress, which is listed in your client certificate.
If the certificate-authentication fails (no matter, if you use no client certifcate, an expired one or a certificate, which does not match your email-adress) you can use the normal “classic” username/password-credentials to login.
While installing the client certificate login for CAcert wiki I updated the root-certificate there to the resigned one.
Dirk Astrath (CAcert wiki admin)
We have suffered from a connectivity problem with the CAcert infrastructure services (blog, mail, svn, wiki etc) from about 08:05 – 09:05 UTC this morning (2012-05-23).
Our system administrators were able to fix the firewall problem.
All systems are avialable again.