Hi Florent, > download.proxmox.com packages are signed with key which public part can > be downloaded on... download.proxmox.com, without https ! Well done.
That's what public keys are made for .. make them public .. https doesn't change that .. it's used to transport secrets .. secret like the S in HTTPS If you want to use https for validation, you're on the wrong trip. You'd have to personally check the pub key person (you) to person (proxmox key admin) to be 100% sure about the correctness of the key .. If the key is not correct and you aren't already hacked by some evil minions you'll get a failure at package validation request .. or even earlier on 'apt update' The only real gain of package/pub-key distribution via https is a felt security gain. The real security gain is minimal and more theoretical. (If someone can compromise you with changed packages _and_ a wrong repo-key then you have greater problems then that ;) ) Greeting, Andreas F. > > On 30/11/2017 12:32, Dietmar Maurer wrote: >> This is why we have an enterprise repository! Please use the enterprise >> repository >> if you want SSL. >> >>> On November 30, 2017 at 12:22 PM Florent B <[email protected]> wrote: >>> >>> >>> Up ! >>> >>> >>> On 30/05/2017 15:21, Florent B wrote: >>>> Hi PVE team, >>>> >>>> Would it be possible to include "download.proxmox.com" in SSL >>>> certificate for accessing downloads with HTTPS. >>>> >>>> Current certificate is only valid for proxmox.com & enterprise.proxmox.com. >>>> >>>> Thank you. >>>> >>>> Florent >>>> >>>> _______________________________________________ >>>> pve-user mailing list >>>> [email protected] >>>> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user >>> _______________________________________________ >>> pve-user mailing list >>> [email protected] >>> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user > > > _______________________________________________ > pve-user mailing list > [email protected] > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user > _______________________________________________ pve-user mailing list [email protected] https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user
