[Koha] Concerns regarding Let's Encrypt and Koha

Indranil Das Gupta indradg at gmail.com
Sat Sep 23 07:30:21 NZST 2017 

Hi Christopher,

On Sat, Sep 23, 2017 at 12:49 AM, Christopher Davis
<cgdavis at uintah.utah.gov> wrote:
>
> Indranil,
>
> Thank you for your message regarding Let's Encrypt. I know that DV means "Domain Verification", but what does EV mean? I also have no Idea what SNI means.

EV stands for extended validation, it is more involved and expensive
and required verification and validation of the legal entity *owning*
the said domain, over and above the DV part you referred to. The key
difference between DV and EV certs is that DV certs do not assure that
any particular legal entity is connected to the certificate, even if
the domain name may imply a particular legal entity controls the
domain, whereas EV does that.

You can think of SNI being somewhat similar to HTTP's name-based
virtual hosting, but for https. It basically allows a server to
present multiple certs on the same IP and port for multiple websites.
More here - https://en.wikipedia.org/wiki/Server_Name_Indication

hth
Indranil

>
> Bashfully your,
>
>
> Christopher Davis
> Systems & E-Services Librarian
> Uintah County Library
> cgdavis at uintah.utah.gov
> (435) 789-0091 ext.261
> uintahlibrary.org
> basinlibraries.org
> facebook.com/uintahcountylibrary
> instagram.com/uintahcountylibrary
>
>
> On Fri, Sep 22, 2017 at 1:05 PM, Indranil Das Gupta <indradg at gmail.com> wrote:
>>
>> Hi,
>>
>> Unless you need EV which LE obviously doesn't do and SNI is good
>> enough for you, LE should be OK.
>>
>> FWIW I've been using LE certs on all my servers for about a year,
>> without any issues.
>>
>> hth
>> -indranil
>> --
>> Indranil Das Gupta
>> L2C2 Technologies
>>
>> Phone : +91-98300-20971
>> WWW  : http://www.l2c2.co.in
>> Blog    : http://blog.l2c2.co.in
>> IRC     : indradg on irc://irc.freenode.net
>> Twitter : indradg
>>
>>
>> On Sat, Sep 23, 2017 at 12:27 AM, Christopher Davis
>> <cgdavis at uintah.utah.gov> wrote:
>> > Greetings Colleagues,
>> >
>> > I would like to encrypt the domain of my library's OPAC and staff interface
>> > using Let's Encrypt. Are there any issues with Let's Encrypt and Koha which
>> > I should know about?
>> >
>> > Thank you,
>> >
>> > Christopher Davis
>> > Systems & E-Services Librarian
>> > Uintah County Library
>> > cgdavis at uintah.utah.gov
>> > (435) 789-0091 <14357890091> ext.261
>> > uintahlibrary.org
>> > basinlibraries.org
>> > facebook.com/uintahcountylibrary
>> > instagram.com/uintahcountylibrary
>> > _______________________________________________
>> > Koha mailing list  http://koha-community.org
>> > Koha at lists.katipo.co.nz
>> > https://lists.katipo.co.nz/mailman/listinfo/koha
>
>

More information about the Koha mailing list