I've taken one of our old Pentium IV servers out of the regular Apache rotation and made it into a testbed for an encrypted HTTPS interface to Wikimedia's wikis.

This should allow privileged accounts to log in and do their business on an open wireless network without entrusting their password, session keys, etc to everybody on the WLAN.

Currently it's using a self-signed certificate, but if we decide to keep this we could pick up a "real" cert for convenience/peace of mind.

To visit a page on the encrypted server, transpose the domain elements into the path like this:

http://en.wikipedia.org/wiki/SSL -> https://secure.wikimedia.org/wikipedia/en/wiki/SSL

Due to our internal configuration, some will appear under 'wikipedia' that are not Wikipedias, such as: https://secure.wikimedia.org/wikipedia/foundation/wiki/Home https://secure.wikimedia.org/wikipedia/mediawiki/wiki/MediaWiki

Please don't distribute links to this server in general usage; we may change the URL scheme, or restrict it to logins-only to make sure it doesn't get loaded down with random page views. It's just one machine, so if it does get overloaded it shouldn't affect the operation of the site in general.

Not all of the wikis will work on it; in particular the Korean, Japanese, Thai, and Malay Wikipedias which are hosted on our Korean servers are inaccessible via HTTPS at this time.

There may be various oddities and rough edges (missing logos, broken links here and there, etc). Images are still pulled from the separate, non-encrypted, file server, so you may get browser notices about mixed security, and your HTTPS URLs may appear in plaintext referer headers.

This box is also running PHP 5.1.1 and Apache 2.2.0, giving us a chance to test the latest gizmos in a low-pressure corner of our production environment.

-- brion vibber (brion @ pobox.com)