On October 24, 2024 6:11:58 AM GMT+09:00, "Constantine A. Murenin" <muren...@gmail.com> wrote: >On Wed, 23 Oct 2024 at 14:59, Reinoud Zandijk ><rein...@gorilla.13thmonkey.org> wrote: >> Hi, >> >> On Tue, Oct 22, 2024 at 05:23:14PM +0900, Rin Okuyama wrote: >> > We have recently updated cvsweb.NetBSD.org: >> > >> > - Preexisting URIs (found on commit logs etc.) should work as before. >> > If this is not the case, please notify us. >> > >> > - Support to HTTPS has been added. >> > >> > Previously, c.n.o was running on a very old version of cvsweb, which >> > has a vulnerability. The server is maintained by Japan NetBSD Users' >> > Group. This time, ryoon@ has kindly set up the new server context and >> > obtained the certificate. Let me thank him again for his efforts to >> > keep providing the useful service!! >> >> Thanks for the update. Only thing I notice is that it isn't automatically >> redirecting to https:// when http:// is requested. Maybe that is >> configurable? >> >> With regards, >> Reinoud > >It's not the best practice to do such redirects, because then it's not >possible to access the webpages over regular HTTP from the older >devices that don't have the latest TLS or cacert.pem, or if there are >any other issues. > >C.
Hi, No redirect from http to https is intentional. I need http access from older machines (slow and/or no newer root CA certificates) and it is an emergency exit when I have a problem with the TLS certificate renewal. Thank you. -- Ryo ONODERA // r...@tetera.org PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB FD1B F404 27FA C7D1 15F3
