[packman] https:// packman mirrors can't be used with Squid proxy
jimc
jimc at jfcarter.net
Mon Mar 1 21:05:40 CET 2021
I have a small net of 10 hosts, and I update them from
http://ftp.gwdg.de/pub/linux/misc/packman/suse/openSUSE_Tumbleweed/
(also packman.inode.at) through a Squid proxy, squid-4.14 .
This used to work, but starting about 2012-02-27 I get responses
of 403 Forbidden. It looks like the mirror webserver rewrites
the URL from http://hostname/ to https://hostname/, the client
(Zypper) follows the 302 Found response, and Squid replies 403
Forbidden. It's supposed to be possible to configure Squid to
act as a "man in the middle", generating a fake server
certificate certified by a fake Certificate Authority that the
client is supposed to trust. But a sysadmin whose paranoia is
sufficient for the job wouldn't touch the fake cert concept with
a 3 meter pole!
Could Packman (specifically its mirrors) please return to
serving requests to http://packman.../ directly rather than
rewriting to https? Thank you.
--
James F. Carter Email: jimc at jfcarter.net
Web: http://www.math.ucla.edu/~jimc (q.v. for PGP key)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.links2linux.de/pipermail/packman/attachments/20210301/3cc14fe1/attachment.sig>
More information about the Packman
mailing list