Use HTTPS #14
Comments
|
Also #27 was a kind've nasty issue. @jbowes Might be worth looking into https://www.globalsign.com/ssl/ssl-open-source/ for Buckler, even if people are expected to eventually transition to Shields.io. |
|
+1 What about startssl? |
|
Well, maybe it doesn't make much difference any more. badges/shields#111 |
|
Not really. GitHub isn't the only place README.md content appears. NPM shows it and (I think) PyPI often shows it, too. |
|
Both shields.io and b.repl.ca are available under https, but in both cases the certificate does not match the hostname. An alternative found by @ralphbean is to use https://buckler-bowes.rhcloud.com/v1/.... instead of http://b.repl.ca/v1/.... which then provides the shield behind https and provides a certificate matching the hostname. |
Ah, that is true of the base https://shields.io domain, but https://img.shields.io actually has a valid cert (and that's the sub domain you need for requesting images). Check output of |
|
Ah ok @ralphbean looks like I went too fast, thanks for the info! :) |
GitHub caches pages, so status images should be served over HTTPS as a work-around.
The text was updated successfully, but these errors were encountered: