Hosting distfiles on HTTPS w/Let's Encrypt - how? [somehow solved]
Matthew D. Fuller
fullermd at over-yonder.net
Mon Jun 5 21:54:05 UTC 2017
On Sun, Jun 04, 2017 at 09:48:02PM +0000 I heard the voice of
Marcin Cieslak, and lo! it spake thus:
>
> My temporary solution to this problem is to pin the CA certificate
> in the port itself:
Err...
> -FETCH_ENV= HTTP_AUTH=basic:*:I\ accept\ www.opensource.org/licenses/cpl:.
> +FETCH_ARGS+= --ca-cert="${FILESDIR}/dst_root_ca_x3.crt"
bsd.port.mk already sets
FETCH_ENV?= SSL_NO_VERIFY_PEER=1 SSL_NO_VERIFY_HOSTNAME=1
itself (on !makesum). If you don't need that FETCH_ENV at all, you
wouldn't need the _ARGS either (and if you do need the _ENV, you'd
probably want to pull in the default as well to match...)
--
Matthew Fuller (MF4839) | fullermd at over-yonder.net
Systems/Network Administrator | http://www.over-yonder.net/~fullermd/
On the Internet, nobody can hear you scream.
More information about the freebsd-ports
mailing list