The free certificate authority CAcert is increasing its support. In the past few days, the Board of Directors approved the appointment of Aleš to the post of Support Engineer. He has been working in the CAcert community for many years.
In addition to important knowledge from his professional work, he has developed a lot of CAcert specifics through translation work in the Wiki. Aleš has been working in support for some time, so far in triage. We are very grateful that such a connoisseur of the subject has agreed to take on this responsible post in his spare time and wish him much success and fulfilment in his voluntary work for the CAcert community. CAcert offers interested volunteers a variety of tasks, the opportunity to gain exciting experience and stimulating career opportunities.
In the past few weeks Dirk Astrath and me upgraded some of our infrastructure systems to Debian Buster and implemented some performance improvements.
The blog system you are just visiting is one of these systems. We also upgraded the wiki system and finished the setup of the new community Webmail system.
The old staff list and community email password reset pages have been replaced with a modern system that is now available at https://selfservice.cacert.org/.
The git code hosting system at https://git.cacert.org/ has been upgraded to Debian Buster too and has been switched from gitweb to cgit for the git web frontend for much better performance. The old gitweb URLs are automatically redirected to the new cgit URLs. This change has the positive side effect that you can now use git clone directly using the https-URLs of the git repositories.
In the background we added Puppet configuration management for the above mentioned systems and replaced the aged nrpe-based monitoring with Icinga 2 agents.
We setup a new community start page at https://community.cacert.org/ that leads you to resources that we think is relevant for our community members.
This evening I activated this function on our wiki server.
Trying to login to https://wiki.cacert.org/ using an unknown email-adress will NOT create a new account: You have to create an account first using the email-adress, which is listed in your client certificate.
If the certificate-authentication fails (no matter, if you use no client certifcate, an expired one or a certificate, which does not match your email-adress) you can use the normal “classic” username/password-credentials to login.
While installing the client certificate login for CAcert wiki I updated the root-certificate there to the resigned one.
We have suffered from a connectivity problem with the CAcert infrastructure services (blog, mail, svn, wiki etc) from about 08:05 – 09:05 UTC this morning (2012-05-23).
Our system administrators were able to fix the firewall problem.