We have SSL certs for https://downloads and https://emu. The update scripts use these if sha1test.jar doesn't exist or is too out of date i.e. if the install is a relatively old one and hasn't been updated with the script in a while. We only have 2 IP addresses at the moment, and SSL domains need a dedicated IP address (unless you have a wildcard cert, which we can't afford). Do we want to ask for another 2 IP addresses for https://downloads and https://emu ? IMHO https://downloads might conceivably be useful, but https://emu would be likely purely for purposes of compatibility with old update scripts.
Extra IP addresses cost a very small amount, and we know how to set them up, so I guess that would be the easiest solution? The old update.cmd from the java installer uses: http://downloads.freenetproject.org/alpha/installer/sha1test.jar (This is not a problem) The old update.sh from the java installer uses: https://emu.freenetproject.org/sha1test.jar (This IS a problem) The old update.cmd from the windows installer uses: https://downloads.freenetproject.org/alpha/installer/sha1test.jar (This is also a problem) All of these have been updated to http[s]://checksums.freenetproject.org/latest/sha1test.jar How important is it to support old update.sh / update.cmd ? And is it worth having https://downloads.freenetproject.org/ for its own sake? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 835 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20100203/ae63b21e/attachment.pgp>
