[MacPorts] #56010: Default download links for MacPorts installer requires HTTPS
#56010: Default download links for MacPorts installer requires HTTPS
Reporter: mojca | Owner:
Type: defect | Status: new
Priority: Normal | Milestone:
Component: website | Version:
Keywords: | Port:
When users go to https://www.macports.org/install.php#installing and try
to download the dmg for installation on an older machine (say, 10.5/ppc),
the download link won't work because it requires HTTPS. At least for older
systems that's somewhat suboptimal because users don't even know that
there's an alternative download location.
I guess the problem is that our download links have once again switched
from using our distfiles server to using GitHub. Looks like that happened
in [7a1bca656b1409bb2b04b3c574bb2e5a2ef850ef/macports-www] when MacPorts
2.4.2 was released, because the files were uploaded to GitHub first, and I
added them to the distfiles server later. I would prefer to use our
distfiles CDN links for the web site anyway so let's change that back.
www.macports.org is configured to require https traffic.
distfiles.macports.org and packages.macports.org aren't, so that old
systems can connect to them.
Tested today, Safari on Leopard can connect to our web site and other
servers. Safari on Tiger presents an invalid certificate message, but it
you bypass it, it works. It didn't used to be that way; you used to need
TenFourTox on Tiger at least and maybe on Leopard, I don't remember. I
think the Let's Encrypt certificates we're using now work better on older
systems than the GlobalSign certificate we used to use.