apt-https certificates working
Oh wait, but don't look at the code (yet), OK? It's just working, but the
code is a wild mix of of code pieces out of OSS jungle. If anybody wants
to have a try to see how things are working:
http://sourcepole.ch/sources/software/apt_https/
You need to add something like this to your /etc/apt/apt.conf:
Acquire::https {
// Peer-Verify-Level "0"; // no verification
// Peer-Verify-Level "1"; // verify peer certificate if present - default
// Peer-Verify-Level "2"; // verify peer certificate
// Peer-Verify-Level "3"; // verify peer with locally installed
// Debug-Level "0"; // emergency
// Debug-Level "1"; // alert
// Debug-Level "2"; // critical
// Debug-Level "3"; // error
// Debug-Level "4"; // warning - default
// Debug-Level "5"; // notice
// Debug-Level "6"; // info
// Debug-Level "7"; // debug
// Pem "/etc/ssl/certs/apt.pem" // - default
// CertDir "/etc/ssl/certs/" // - default
// CertFile "/etc/ssl/certs/some_deb_server.pem"
}
and adapt it apropriately. And of course you need to have a https
server with a debian-style package repository on it [1]. Check the config
file above - yes all that functionality does work ;-) [2]. Now I'm going
to clean up the code. Comments as allways wellcome.
*t
Btw. the code is based on apt 0.5.5
[1] http://sourcepole.ch/sources/software/debian.xml
-> https://sourcepole.ch/sources/software/debian/
[2] open source (..ripping) rules!!
-----------------------------------------------------------------------
Tomas Pospisek
sourcepole - Linux & Open Source Solutions
http://sourcepole.com
Elestastrasse 18, 7310 Bad Ragaz, Switzerland
Tel:+41 (81) 330 77 13, Fax:+41 (81) 330 77 12
------------------------------------------------------------------------
--
To UNSUBSCRIBE, email to deity-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: