On Wed, 27 Apr 2022, Henrik K wrote:
There's really no reason these days for not using https. Only three mirrors work with it right now: sa-update.razx.cloud sa-update.pccc.com sa-update.mailfud.org Could maybe others prepare for it? sa-update seems to happily use https:// mirrors starting from 3.4.0, so there shouldn't be any reason not to update these. Btw I just updated DNS to https too: mirrors.updates.spamassassin.org. "https://spamassassin.apache.org/updates/MIRRORED.BY"; Apparently spamassassin.apache.org has had https-redirect for a long time, which broke the old checkSAupdateMirrors.sh script too.
Unfortunately my server fossies.org currently uses a commercial certificate only usable for the names "fossies.org" and "www.fossies.org" but not for "sa-update.fossies.org" and some first general tests some months ago using Let's Encrypt were not yet successful.
Since I don't know when I have time for a new attempt (probably summer/autumn after a big hardware migration) and the https request seems understandable you may remove the server "sa-update.fossies.org"
if meaningful (relatively easy to get over, since it only has a weight of 1). Regards Jens -- FOSSIES - The Fresh Open Source Software archive mainly for Internet, Engineering and Science https://fossies.org/
