Commit 6947000f authored by intrigeri's avatar intrigeri

Specify what we accept, rather than an incomplete list of what we reject (refs: #12385).

Also, drop the bits about Let's Encrypt: it's already mentioned below, and it's
an implementation details that doesn't really belong to the big picture IMO.
parent 37c6e78b
......@@ -95,11 +95,8 @@ Alongside our mirror pool redirecting to mirrors using their own domain, we main
a DNS Round Robin pool for the `` host. This pool serves as a
fallback, we add only a few fast and reliable mirrors to it.
We only accept mirrors that provide a non self-signed SSL certificate for the exact
domain used. We don't accept self-signed certificates because we want
to spare our users the hassle of having to manually verify the
authenticity of the server certificate. Instead, we recommend using
Let'sEncrypt or commercial SSL certificates.
We only accept mirrors that provide a SSL certificate deemed valid by
Firefox for the exact hostname used.
Pick a hostname for your mirror
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment