Hi all, In May 2015, the Utilities PMC began incubating a handful of .NET developer tools created and maintained by engineers at HPE. These projects have been maintained by HPE over the last 16

Dear Guillaume, Thanks for your efforts in this direction. As I already stated before, it is really a pain that you are not able to follow stories or comment when not being a member in a

Hi, The mirroring of foundation projects is around 60% complete. See [5] for more detailed coverage. This should enable community members to watch the most active foundation backlogs. I received no

The CF CLI team just cut 6.22.1. Ignore 6.22.0. Binaries and link to release notes are available at: https://github.com/cloudfoundry/cli#downloads Improved help pages The cf help page now lists

As you may have heard, Canonical released a regression USN ( http://www.ubuntu.com/usn/usn-3087-2/) to cover an issue introduced in the fix released yesterday

Hello All, If you get questions about the recent SSL CVE today - it is a high and the BOSH team will be acting on it as soon as we have an Ubuntu update from Canonical. I will reply with new stemcell

I have test noaa's sample to collect metrics from doppler firehose. When i set "DOPPLER_ADDR" to "wss://doppler.bosh-lite.com:443", it worked well. I just wondering if it is possible to connect

Ha, just for fun we detailed how you could, technically, request a letsencrypt cert via a CF app :-) [1] I would agree that a user would like the ability to auto-renew certs, if they are currently

Yes, it's the protocol[1] proposed by ISRG letsencrypt[2] (under the linux foundation umbrella) that allows automated generation and PKI signing of TLS certificates. For the record, there's a go

Our current policy to our users is SNI by default, i.e. unless they explicitly require non-SNI TLS termination they get SNI termination. We went with this because browser support seems good[1] and

Thank you all for your responses. A follow up question: for the gorouter to host certs for multiple domains, it seems only natural that it would do this via SNI. Is client support for SNI ubiquitous

carlo.ferraris(a)rakuten.com> wrote: Wasn't familiar with ACME until I just googled it. Do you mean some mechanism for automated generation of certs?

Hello Stephen, I am using Windows 10 and I have opened a issue in Github.

It sounds like we are in a similar situation to Carlo, i.e. - We have an external pair of LBs - These are used for SSL termination - We upload SSL certificates to the LBs for various

+1 to user provided certs for private domains. Today, we use multiple vips with diff certs or our main vip with a cert that has multiple SANs. Our goal is for cf operators to really be out of the way

This is ridiculously cool - nice work Persils!

While we're talking about TLS, but this is only partially related, it would be awesome if we were to implement (or some hooks were provided to be able to complete) either the http or tls ACME

We don't have the requirement to use an external secure store, but for that custom terminator component we were thinking to use an external secure store (Vault or something along those lines) to make

Carlo, Mike, others, Do you store certs in the LB config itself, or federate/offload TLS termination to some secure store? I'm thinking about storing user-provided certs in the Routing API and

Persistence! Shannon Coen Product Manager, Cloud Foundry Pivotal, Inc.