This site is now available over HTTPS, via Let's Encrypt. Thanks to certbot, getting this up and running was easier than I thought it would be.

There were two hurdles in the getting-on-HTTPS process: first the blackhole stuff in my Apache config prevented port 443 from speaking TLS. I've removed *:443 from that VirtualHost entry for the time being, which fixed that problem. The second problem was getting the redirects from härdin.se, haerdin.se and www.haerdin.se to www.härdin.se working. This just involved copying and pasting another bunch of VirtualHost entries, since I haven't figured out how to do wildcard certs yet, or if they even help in this case.

I also went and did the same things to fmigo.net, which is now also available at https://www.fmigo.net/.

A few problems remain. For example, the RSS and Atom feeds still point to the HTTP version of the site. Ideally I'd like to provide feeds with links that use the appropriate protocol on both sites (http:// links over HTTP, https:// links over HTTPS), but that is quite a bit of work. So for now the links to the feeds and inside them are always HTTP, even if it's possible to grab them over HTTPS.

Finally, I also set up a prosody server for XMPP, which uses the same cert as haerdin.se.