[ipxe-devel] https booting

Michael Brown mcb30 at ipxe.org
Wed Jul 22 13:45:43 UTC 2020

On 22/07/2020 14:21, Michael Brown wrote:
>> After looking at https://ipxe.org/cfg/crosscert I'm not convinced this
>> is a good idea though.  This would likely put quite some load to
>> ca.ipxe.org.  Also that machine becomes a single point of failure for
>> worldwide ipxe https boot, and looking through the mailing list I've
>> seen we already had (at least) two outages this year.
> The crosscert fetches are static files (with iPXE including a query 
> string only for debugging purposes), and it should be fairly 
> straightforward for me to switch to hosting them in AWS S3 or 
> equivalent.  The ca.ipxe.org domain is not used for anything else so 
> could be pointed at a new hosting infrastructure with no disruption or 
> code changes.

I've created https://github.com/ipxe/ipxe/issues/126 to track this part 
of the development work.  Please feel free to review the issue and add 
anything you think might be relevant.



More information about the ipxe-devel mailing list