Switched from http to https for ca-cert download

geerlingguy / packer-boxes

Jeff Geerling's Packer build configurations for Vagrant boxes.

https://app.vagrantup.com/geerlingguy

MIT License

651 stars 304 forks source link

Switched from http to https for ca-cert download #81

Open velenux opened 3 years ago

velenux commented 3 years ago

Since it is such a sensitive file, it probably makes sense to download it via https.

geerlingguy commented 3 years ago

Is there a chance this would fail if the current certs are out of date?

velenux commented 3 years ago

Is there a chance this would fail if the current certs are out of date?

yes. One alternative could be to download the file first, then make a basic sanity check (with openssl for example) before overwriting the original one, so you can still use https but keep the file as it is if the download fails. What do you think?