Closed Bronislawsky closed 3 years ago
Thanks @Bronislawsky
Honestly we probably won't ever change this, as our mirrors are HTTP (not HTTPS) so the point is moot. We only include the option there --no-check-certificate
for people who customize their ss-config
options and probably don't know much about shell scripting... e.g. that wget
will fail if their download sources are behind SSL.
Here is an example of our mirrors (notice non-SSL link): http://mirrors.slickstack.io/ss-check.txt
For future reference, most SlickStack bash command functions (and their flags) are defined in ss-functions:
https://github.com/littlebizzy/slickstack/blob/master/bash/ss-functions.txt
Issue or not, I believe this could be a security issue since scripts are periodically updated, to avoid a MitM attack, I would think --no-check-certificate should be removed.