On 05/02/2016 03:12 PM, Nikola M wrote:
On 05/ 2/16 08:45 PM, Tim Mooney wrote:
In regard to: Re: [OpenIndiana-discuss] OI Hipster 2016.04 snapshot,
Nikola...:
New location is http://pkg.openindiana.org/hipster
Does IPS not support TLS?
It just strikes me as weird every time I see URLs for repos that aren't
https. That should really be the default, if not only, option these
days.
Huh, that is a good question.
Actually IPS does and even allows you to make your own publisher with
your issued keys where packages can be accessible only to those having
private keys issued. (if one want to distribute packages only to
specific users)
Regarding OI's publishers of having https:// it is in the process of
deciding what CA/issuer to use for openindiana.org.
I've been using letsencrypt.org. Certificates are free and renewals can
be totally automated. I use the bash client via a weekly cron job that
auto-renews it when it gets less than 30 days until expiration. This
way I get 3 or four tries in before it actually expires (just in case
there is a network issue). You can do it as often as you want since it
is a lightweight check. I love that it's a setup and forget system.
Gary
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
