[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

https (SSL / TLS) by default broke apt-cacher-ng apt package caching during build


#1

(https://github.com/Whonix/Whonix/commit/867a481710077f6bf4e14a5d8c87471e81db85df)

E: Failed to fetch https://deb.debian.org/debian-security/dists/stretch/updates/main/binary-amd64/Packages Received HTTP code 403 from proxy after CONNECT

To be expected:

https://www.unix-ag.uni-kl.de/~bloch/acng/html/howtos.html#ssluse

Perhaps the "tell-me-what-you-need method" mentioned there would help.

This makes also enabling https (SSL / TLS) in anon-apt-soures-list (/etc/apt/sources.list.d/debian.list) difficult. "tell-me-what-you-need method" is hard to add in /etc/apt/sources.list.d/debian.list but it is being used during build of Whonix.

(https://github.com/Whonix/anon-apt-sources-list/commit/9f08431be63b4977931fe2db57b067e660828997)


#2

maybe if you fill that as a bug to debian , might consider to look/change something which will help the build.


#3

Not a Debian bug. Known and documented limitation. An (apt package)
caching proxy can’t cache end-to-end encrypted SSL’ed connections by
design. Not easy without hacks.