Hi Ralf, > That's what I did. I replaced a PKGBUILD's > http://search.cpan.org/CPAN/authors/id/Y/YE/YEWENBIN/Goo-Canvas-0.06.tar.gz > by > https://cpan.metacpan.org/authors/id/Y/YE/YEWENBIN/Goo-Canvas-0.06.tar.gz > so I removed the search and migrated from http to https. > > However, using the search URL with https does still return a 403. > > $ curl --user-agent archlinux -L > > "https://search.cpan.org/CPAN/authors/id/Y/YE/YEWENBIN/Goo-Canvas-0.06.tar.gz"; > > --output 1_Goo-Canvas-0.06.tar.gz That URL isn't either of the two you initially give. :-) > curl: (60) SSL certificate problem: self signed certificate ... > $ curl --user-agent archlinux --insecure -L > > "https://search.cpan.org/CPAN/authors/id/Y/YE/YEWENBIN/Goo-Canvas-0.06.tar.gz"; > > --output 2_Goo-Canvas-0.06.tar.gz ... > $ strings 2_Goo-Canvas-0.06.tar.gz | head -5 > <html> > <head><title>403 Forbidden</title></head> Try precisely this: curl -sSvg -L \ https://search.cpan.org/CPAN/authors/id/Y/YE/YEWENBIN/Goo-Canvas-0.06.tar.gz \ >foo.tar.gz This will give more detail on each connection and how the certificates fare. I get a valid tar file. $ b2sum -l32 foo.tar.gz 3a2a9dd1 foo.tar.gz $ tar tf foo.tar.gz | wc -l 47 -- Cheers, Ralph.
