[SOLVED] add https support for pve-no-subscription repo

Discussion in 'Proxmox VE: Installation and configuration' started by mewsf, Apr 25, 2019.

  1. mewsf

    mewsf New Member

    Joined:
    Nov 3, 2017
    Messages:
    1
    Likes Received:
    0
    Currently the pve-no-subscription repository uses http://download.proxmox.com which has no https support, if I try to force use https, it will tell me the site's certificate is invalid. So why can't we add support for it? Although apt can check the packages' signature, it's still a good option to provide https access.
     
  2. dietmar

    dietmar Proxmox Staff Member
    Staff Member

    Joined:
    Apr 28, 2005
    Messages:
    16,447
    Likes Received:
    304
    This is a feature, only available for customers on the enterprise repository.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. alexskysilk

    alexskysilk Active Member

    Joined:
    Oct 16, 2015
    Messages:
    556
    Likes Received:
    58
    @dietmar while I dont begrudge you your business model, security isnt a feature. Consider the cost to your business if that domain was hijacked and poisoned, and how many of your paying customers started as freeloaders ;)
     
  4. tom

    tom Proxmox Staff Member
    Staff Member

    Joined:
    Aug 29, 2006
    Messages:
    13,462
    Likes Received:
    395
    Debian and Proxmox VE packages are secure and signed, also if you got them via http.

    If you still think https is needed, go for the enterprise repo.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice