Date: Fri, 11 Sep 2020 23:11:37 +0930 From: Andrew Savchenko <andrew@lists.savchenko.net> To: freebsd-pkg@freebsd.org Subject: Switching `pkg` to HTTPS by default Message-ID: <8310678484.20200911231037@savchenko.net>
next in thread | raw e-mail | index | archive | help
Hello,
I have added the following snippet under the
/usr/local/etc/pkg/repos/FreeBSD.conf:
```
FreeBSD: {
url: "pkg+https://pkg.FreeBSD.org/${ABI}/quarterly",
mirror_type: "srv",
signature_type: "fingerprints",
fingerprints: "/usr/share/keys/pkg",
enabled: yes
}
```
Note the "https" part of the address. Regardless, `pkg` continued fetching
binaries over unencrypted http. I had to change the /etc/pkg/FreeBSD.conf for
this to have any effect.
Setting `VULNXML_SITE` to HTTPS in /usr/local/etc/pkg.conf worked as expected.
Is this a valid bug to report over to freebsd-bugs@freebsd.org?
--
Regards,
A
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8310678484.20200911231037>