Ask Your Question
0 and application use http-protocol

asked 2017-01-04 12:34:49 +0200

patrick1989 gravatar image


I noticed that does not default to an https-connection, but that the SSL certificate is installed. Is it possible to force SSL connections?

Also, I noticed that the application connects to using port 80. This could potentially allow man-in-the-middle-attacks, and install altered software when updating. Is it possible to update only over https? (and for all other connections attempted by libreoffice)


edit retag flag offensive close merge delete

1 Answer

Sort by » oldest newest most voted

answered 2017-01-04 14:16:04 +0200

Radish gravatar image

If you are using Firefox browser you can try out HTTPS Everywhere. It can be installed from here: HTTPS Everywhere Firefox Addon

I use it all the time and always connects via HTTPS (as do many other sites). Note that you can add 'exceptions' to any sites that you don't want to connect to via HTTPS, but you really only need to do that very occasionally. In several years of use I've only had to do that once. To all intents and purposes it works for me without my intervention.

edit flag offensive delete link more


Thanks for your reply. I indeed use HTTPS Everywhere, but still the LibreOffice program connects via HTTP instead of HTTPS when updating software.

patrick1989 gravatar imagepatrick1989 ( 2017-01-04 14:25:51 +0200 )edit

Okay. I just stumbled across this which seems to imply that you might be able to do what you want: SSL Enforcer. I have no experience using that but if it does what it says it looks promising.

It could be the case that not being able to connect via HTTPS while doing software updating is a limitation at the server end - updating via HTTPS may not be enabled at all at the server. I suppose the only way around to remain secure in that scenario is using a VPN.

Radish gravatar imageRadish ( 2017-01-04 14:44:04 +0200 )edit
Login/Signup to Answer

Question Tools

1 follower


Asked: 2017-01-04 12:34:49 +0200

Seen: 64 times

Last updated: Jan 04 '17