Oops, stupid me. =) I didn't mention that I'm redirected to debian.org/CD when I type cdimage.debian.org
But anyway, why do you have a certificate for debian.org, but don't for cdimage.debian.org ? 04.07.2016, 17:03, "Tiago Ilieve" <[email protected]>: > Hi, > > On 3 July 2016 at 23:51, <[email protected]> wrote: >> Of course I can use Tor. But why you can't make my life easier by just >> always using the certificate for cdimage.debian.org that you ALREADY have? > > Accessing "cdimage.debian.org/" and > "cdimage.debian.org/any-subfolder/" are different things. See: > > $ curl -o /dev/null -v cdimage.debian.org/ > (...) >> GET / HTTP/1.1 >> User-Agent: curl/7.38.0 >> Host: cdimage.debian.org >> Accept: */* > > < HTTP/1.1 301 Moved Permanently > < Date: Mon, 04 Jul 2016 14:36:05 GMT > * Server Apache/2.4.20 (Unix) is not blacklisted > < Server: Apache/2.4.20 (Unix) > < Location: http://www.debian.org/CD/ > (...) > > Trying to access "/" you are redirected "www.debian.org", which does > have HTTPS enabled. If you try to access "cdimage.debian.org" using > HTTPS, you'll see that currently this is not possible: > > $ curl -o /dev/null https://cdimage.debian.org > (...) > curl: (7) Failed to connect to cdimage.debian.org port 443: Connection refused > > This way we can't say that "cdimage.debian.org" isn't offering a > certificate that it already has, because this doesn't looks to be the > case. > > Regards, > Tiago. > > -- > Tiago "Myhro" Ilieve > Blog: https://blog.myhro.info/ > GitHub: https://github.com/myhro > LinkedIn: https://br.linkedin.com/in/myhro > Montes Claros - MG, Brasil
