Hosting distfiles on HTTPS w/Let's Encrypt - how? [somehow solved]
Marcin Cieslak
saper at saper.info
Mon Jun 5 22:21:37 UTC 2017
On Mon, 5 Jun 2017, Matthew D. Fuller wrote:
> On Sun, Jun 04, 2017 at 09:48:02PM +0000 I heard the voice of
> Marcin Cieslak, and lo! it spake thus:
> >
> > My temporary solution to this problem is to pin the CA certificate
> > in the port itself:
>
> Err...
>
> > -FETCH_ENV= HTTP_AUTH=basic:*:I\ accept\ www.opensource.org/licenses/cpl:.
> > +FETCH_ARGS+= --ca-cert="${FILESDIR}/dst_root_ca_x3.crt"
>
> bsd.port.mk already sets
>
> FETCH_ENV?= SSL_NO_VERIFY_PEER=1 SSL_NO_VERIFY_HOSTNAME=1
>
> itself (on !makesum). If you don't need that FETCH_ENV at all, you
> wouldn't need the _ARGS either (and if you do need the _ENV, you'd
> probably want to pull in the default as well to match...)
That was it, thank you very much!
Marcin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3663 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20170605/48cc4856/attachment.bin>
More information about the freebsd-ports
mailing list