Webtatic EL5 and EL6 going HTTPS on 18th July

Webtatic likes to ensure all packages are installed securely, it uses gpg signature verification to ensure there is no tampering of the packages. Last October, Webtatic EL7 was released with HTTPS being the default method of install.

Though Webtatic EL5 and EL6 have supported HTTPS since then, it hasn’t been the default method of install, instead being HTTP. This was due to my concerns that it might have issues on old installs of RHEL/CentOS that didn’t have base package security updates to support the TLS ciphers used.

Recently I’ve decided to ensure all packages are installed by default over https, as the latest RHEL/CentOS 5.11 and 6.6 support this method. Any release before that will instead have to manually change the *.repo mirrorlist configuration to http if their openssl packages don’t support it, though I’d strongly recommend updating to the latest minor release of RHEL/CentOS instead.

This switch will happen on 18th July. Before then, you can install the latest webtatic-release package in the testing repository to see this now via:

yum update webtatic*-release --enablerepo=webtatic-testing

Published by

Andy Thompson

Senior Technical Consultant on enterprise web projects, with interests in open-source development, a little bit of finance, and poker.

Leave a Reply

Your email address will not be published. Required fields are marked *