Warning : we may have to move to HTTPS

[Joe Hourcle]

I've been informed that NASA is taking the 'HTTPS Only' requirement from
GSA at face-value, and will be requiring all sites to stop serving HTTP
(other than for directs) by December.

(I'm not sure if we have December to finish, or if it has to be done
before December; I've been told that the slides from the meeting will be
posted once they're Section 508 compliant)

Of course, the VSO currently uses HTTP endpoints, so we're going to have
to change out every data provider running at NASA, as well as the SOAP
endpoints running here. And we'll likely be using what are effectively
self-signed certificates, as the NASA CA isn't accepted by any systems by
default.

I'm hoping that we can continue running an HTTP endpoint at NSO, so the
sunpy & java folks won't have a problem. We'll either have to move the
IDL endpoint there as well if I can't figure out how to get the IDL
builtin IDLnetURL to do what I need. (assuming it supports TLS >= v1.1,
which isn't clear in their documentation).

-Joe

-----
Joe Hourcle
Programmer/Analyst
Solar Data Analysis Center
Goddard Space Flight Center