I’ve set up SSL certificates for use and would like to update my packages to be pulled via HTTPS rather than HTTP.
Would you please enable https on the download.gl-inet.com host?
Regards,
Micahel
I’m looking for a HTTPS interface for package downloads. I’m saying have the download.gl-inet.com support both HTTP and HTTPS requests.
I.e. I’d like to change the below packages to HTTPS. I do not see the “releases” folder available on the dl.gl-inet.com. Would you be able to create a HTTPS mirror?
src/gz glinet_core http://download.gl-inet.com/releases/kmod-3.0/ar71xx/generic
src/gz glinet_base http://download.gl-inet.com/releases/packages-3.x/ar71xx/base
src/gz glinet_gli_pub http://download.gl-inet.com/releases/packages-3.x/ar71xx/gli_pub
src/gz glinet_packages http://download.gl-inet.com/releases/packages-3.x/ar71xx/packages
src/gz glinet_luci http://download.gl-inet.com/releases/packages-3.x/ar71xx/luci
src/gz glinet_routing http://download.gl-inet.com/releases/packages-3.x/ar71xx/routing
src/gz glinet_telephony http://download.gl-inet.com/releases/packages-3.x/ar71xx/telephony
src/gz glinet_glinet http://download.gl-inet.com/releases/packages-3.x/ar71xx/glinet
You are right. Let me check what I can do.
I will swap over shortly.
Regards,
Michael
I am attempting to swap to the HTTPS but seem to be running into errors. I’ve followed the steps Use SSL in OpenWRT OPKG and Home · Entware/Entware Wiki · GitHub.
Perhaps the wget binary coming from the dl.gl-inet is not up to date for https/SSL?
root@glmifi:~# opkg update
Downloading https://dl.gl-inet.com/releases/kmod-3.0/ar71xx/generic/Packages.gz
*** Failed to download the package list from https://dl.gl-inet.com/releases/kmo d-3.0/ar71xx/generic/Packages.gz
Downloading https://dl.gl-inet.com/releases/packages-3.x/ar71xx/base/Packages.gz
*** Failed to download the package list from https://dl.gl-inet.com/releases/pac kages-3.x/ar71xx/base/Packages.gz
Downloading https://dl.gl-inet.com/releases/packages-3.x/ar71xx/gli_pub/Packages .gz
*** Failed to download the package list from https://dl.gl-inet.com/releases/pac kages-3.x/ar71xx/gli_pub/Packages.gz
Downloading https://dl.gl-inet.com/releases/packages-3.x/ar71xx/packages/Package s.gz
^C
Would someone else try swapping their repos (after installing ca-certificates and latest wget):
src/gz glinet_core https://dl.gl-inet.com/releases/kmod-3.0/ar71xx/generic
src/gz glinet_base https://dl.gl-inet.com/releases/packages-3.x/ar71xx/base
src/gz glinet_gli_pub https://dl.gl-inet.com/releases/packages-3.x/ar71xx/gli_pub
src/gz glinet_packages https://dl.gl-inet.com/releases/packages-3.x/ar71xx/packages
src/gz glinet_luci https://dl.gl-inet.com/releases/packages-3.x/ar71xx/luci
src/gz glinet_routing https://dl.gl-inet.com/releases/packages-3.x/ar71xx/routing
src/gz glinet_telephony https://dl.gl-inet.com/releases/packages-3.x/ar71xx/telephony
src/gz glinet_glinet https://dl.gl-inet.com/releases/packages-3.x/ar71xx/glinet
Please use fw.gl-inet.com instead.
src/gz glinet_core https://fw.gl-inet.com/releases/kmod-3.0/ar71xx/generic
src/gz glinet_base https://fw.gl-inet.com/releases/packages-3.x/ar71xx/base
src/gz glinet_gli_pub https://fw.gl-inet.com/releases/packages-3.x/ar71xx/gli_pub
src/gz glinet_packages https://fw.gl-inet.com/releases/packages-3.x/ar71xx/packages
src/gz glinet_luci https://fw.gl-inet.com/releases/packages-3.x/ar71xx/luci
src/gz glinet_routing https://fw.gl-inet.com/releases/packages-3.x/ar71xx/routing
src/gz glinet_telephony https://fw.gl-inet.com/releases/packages-3.x/ar71xx/telephony
src/gz glinet_glinet https://fw.gl-inet.com/releases/packages-3.x/ar71xx/glinet
2 Likes
@kyson-lok Thank you. This is working great. I appreciate the turnaround. I’d recommend you set this as the default on all new routers… Probably not best from a security perspective to have binaries transmitted via http especially since many of the routers are used to hook up to hotel and other unsecured networks where the man-in-the middle is more likely.
You’re right, we are planning to add it in firmware by default.