Re: Why there is no encryption if I download files from cdimage.debian.org ?
Oops, stupid me. =) I didn't mention that I'm redirected to debian.org/CD when I type cdimage.debian.org
But anyway, why do you have a certificate for debian.org, but don't for cdimage.debian.org ?
04.07.2016, 17:03, "Tiago Ilieve" <tiago.myhro@gmail.com>:
> Hi,
>
> On 3 July 2016 at 23:51, <german398@ya.ru> wrote:
>> Of course I can use Tor. But why you can't make my life easier by just always using the certificate for cdimage.debian.org that you ALREADY have?
>
> Accessing "cdimage.debian.org/" and
> "cdimage.debian.org/any-subfolder/" are different things. See:
>
> $ curl -o /dev/null -v cdimage.debian.org/
> (...)
>> GET / HTTP/1.1
>> User-Agent: curl/7.38.0
>> Host: cdimage.debian.org
>> Accept: */*
>
> < HTTP/1.1 301 Moved Permanently
> < Date: Mon, 04 Jul 2016 14:36:05 GMT
> * Server Apache/2.4.20 (Unix) is not blacklisted
> < Server: Apache/2.4.20 (Unix)
> < Location: http://www.debian.org/CD/
> (...)
>
> Trying to access "/" you are redirected "www.debian.org", which does
> have HTTPS enabled. If you try to access "cdimage.debian.org" using
> HTTPS, you'll see that currently this is not possible:
>
> $ curl -o /dev/null https://cdimage.debian.org
> (...)
> curl: (7) Failed to connect to cdimage.debian.org port 443: Connection refused
>
> This way we can't say that "cdimage.debian.org" isn't offering a
> certificate that it already has, because this doesn't looks to be the
> case.
>
> Regards,
> Tiago.
>
> --
> Tiago "Myhro" Ilieve
> Blog: https://blog.myhro.info/
> GitHub: https://github.com/myhro
> LinkedIn: https://br.linkedin.com/in/myhro
> Montes Claros - MG, Brasil
Reply to: