Mac – Make Macports use HTTPS (SSL/TLS) to fetch packages

macportsssl

By default, Macports uses HTTP to fetch packages. For example:

--->  Attempting to fetch port_cutleaves-0.1.4_0.darwin_10.noarch.tbz2 from http://lil.fr.packages.macports.org/port_cutleaves

How should a user configure Macports to use HTTPS (SSL/TLS) instead?

Best Answer

The obvious solution would be to modify the source URLs for the packages. The source URLs for a lot of packages appears to be /opt/local/var/macports/sources/rsync.macports.org/release/tarballs/ports/_resources/port1.0/fetch/mirror_sites.tcl.

Having said that, I'm not sure whether it is a good idea to modify that file.

If you do a selfupdate your modified file will be replaced.

Also not all the mirrors are set up correctly to work with HTTPS. For example, the mirror in your example above http://lil.fr.packages.macports.org/ presents an error if you try to access it at https://lil.fr.packages.macports.org/ because the host name of the certificate doesn't match.

Best Answer

Related Solutions

Setting Safari SSL/TLS Cipher Suites

MacOS – MacPorts-installed packages not working after updating to Lion

Related Question