Hi, On 3 July 2016 at 23:51, <[email protected]> wrote: > Of course I can use Tor. But why you can't make my life easier by just always > using the certificate for cdimage.debian.org that you ALREADY have?
Accessing "cdimage.debian.org/" and "cdimage.debian.org/any-subfolder/" are different things. See: $ curl -o /dev/null -v cdimage.debian.org/ (...) > GET / HTTP/1.1 > User-Agent: curl/7.38.0 > Host: cdimage.debian.org > Accept: */* > < HTTP/1.1 301 Moved Permanently < Date: Mon, 04 Jul 2016 14:36:05 GMT * Server Apache/2.4.20 (Unix) is not blacklisted < Server: Apache/2.4.20 (Unix) < Location: http://www.debian.org/CD/ (...) Trying to access "/" you are redirected "www.debian.org", which does have HTTPS enabled. If you try to access "cdimage.debian.org" using HTTPS, you'll see that currently this is not possible: $ curl -o /dev/null https://cdimage.debian.org (...) curl: (7) Failed to connect to cdimage.debian.org port 443: Connection refused This way we can't say that "cdimage.debian.org" isn't offering a certificate that it already has, because this doesn't looks to be the case. Regards, Tiago. -- Tiago "Myhro" Ilieve Blog: https://blog.myhro.info/ GitHub: https://github.com/myhro LinkedIn: https://br.linkedin.com/in/myhro Montes Claros - MG, Brasil
