Ok, I'll disable the enforced redirect. Sent from my iPad > On Jan 17, 2017, at 1:34 AM, Fabian Arrotin <arrfab at centos.org> wrote: > >> On 14/01/17 16:20, Ryan Nix wrote: >> Are we allowed to set our mirrors with ssl enabled? I think Let's Encrypt is one of the greatest technologies ever so I used their Certbot tool to enable ssl on our mirror. >> > > Hi, > > Having TLS on even mirror.centos.org was evaluated, but because we still > have CentOS 5 yum clients, we decided to wait until it disappears > (soon). Starting from 6, yum can handle https fine, even through redirect. > > At your personal mirror, you can do whatever you want, but keep in mind > that the old perl crawler script we use behind > http://mirror-status.centos.org *doesn't* support https at the moment. > So you can enable it, but not enforce it, otherwise, your mirror > wouldn't be validated and so would be removed from yum mirrorlists > (until we rewrite it completely, which is also a *very* good idea) > > Some other mirrors have TLS enabled but it's just that it's not listed > on https://www.centos.org/download/mirrors (for the reason mentioned above) > > Cheers, > > -- > Fabian Arrotin > The CentOS Project | http://www.centos.org > gpg key: 56BEC54E | twitter: @arrfab > > _______________________________________________ > CentOS-mirror mailing list > CentOS-mirror at centos.org > https://lists.centos.org/mailman/listinfo/centos-mirror