andreaskoch
commented
8 years ago Thanks for raising this issue. The --insecure flag is no longer needed to download allmark via curl.
I added the --insecure for the curl command because at the time I had a StartSSL certificate for the site allmark.io. And these certificates where not trusted by curl on Ubuntu.
Since Let's Encrypt is out I have new certificates for allmark.io and now the insecure flag is no longer required because Let's Encrypt has a more widely trusted root certificate that is also trusted by curl.
So this installation instructions for Linux should now look like this:
sudo su
curl -s https://allmark.io/bin/linux/amd64/allmark > /usr/local/bin/allmark
chmod +x /usr/local/bin/allmarkI will update the README in the next days.
The --insecure flag in the curl params for the linux installation instructions is a security concern for many developers. I believe the reason why you have added this is because you are using a let's encrypt cert for allmark.io without including the intermediate cert causing cert validation to fail as the lets encrypt CA cert will only be found in recent distros. However, the intermediate cert is cosigned by IdenTrust, which their CA cert will be available to older distros. So using your fullchain cert should resolve the issue allowing you to drop the --insecure flag.
see: https://github.com/letsencrypt/letsencrypt/issues/2026