uses self-signed certificates?

Matthew Miller mattdm at
Wed Oct 1 12:41:57 UTC 2014

On Wed, Oct 01, 2014 at 03:02:34PM +0300, Gilboa Davara wrote:
> When trying to download my package source files from
> I'm getting self-signed SSL certificates (see details below).
> While it's most likely a minor infrastructure issue, I'd suggest exercising
> caution when downloading sources from
> I've also sent an email to admin at

Take a look at

The certificate in use is issued by Fedora's CA and the server cert can be
obtained via https with a publicly-signed cert at

As I understand it, this is directly verified by some of our infrastructure
which uses, and although the ticket above outlines a
migration plan, it hasn't become a priority.

Matthew Miller
<mattdm at>
Fedora Project Leader

More information about the devel mailing list