Skip Menu |

This queue is for tickets about the Perl-Dist-Strawberry CPAN distribution.

Report information
The Basics
Id: 124085
Status: resolved
Priority: 0/
Queue: Perl-Dist-Strawberry

Owner: Nobody in particular
Requestors: michele.cicciotti [...]

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

Subject: No/broken HTTPS support for
Date: Mon, 15 Jan 2018 14:10:57 +0100
To: bug-Perl-Dist-Strawberry [...]
From: Michele Cicciotti <michele.cicciotti [...]>
Download (untitled) / with headers
text/plain 701b, including (especially) the downloads, is only available over plaintext HTTP. Considering that the downloads have neither internal (Authenticode) nor external (GPG) signatures, at least the download channel should be protected against tampering. Right now, does respond to HTTPS, but it's clearly not configured, as it uses what appears to be the hosting provider's default certificate Should you add HTTPS support (which is free and easy to set up, thanks to services like Let's Encrypt <>), make sure to test your configuration using Qualys's SSL Server Test <>, because it's tricky to get right

This service is sponsored and maintained by Best Practical Solutions and runs on infrastructure.

Please report any issues with to