Open velenux opened 3 years ago
Is there a chance this would fail if the current certs are out of date?
Is there a chance this would fail if the current certs are out of date?
yes. One alternative could be to download the file first, then make a basic sanity check (with openssl for example) before overwriting the original one, so you can still use https but keep the file as it is if the download fails. What do you think?
Since it is such a sensitive file, it probably makes sense to download it via https.