ron added on 2010-03-08 05:16:39:
It is also an issue for those of us hosting on shared servers where we don't have a fixed IP. However, that is an SSL issue -- how to get around the problem of IP-specific SSL certificates?

A typical problem scenario would be a small business or project, which hasn't the funds to buy a "wildcard" SSL cert, but wants to prevent snoopers from reading the project data as it moves on the wire.

anonymous claiming to be fossil.nrb@9ox.net added on 2012-11-13 11:39:25 UTC:
Note that setting https-login on via web front end can cause a lockout when a repository is hosted and https access is not supported, e.g.:

http://fossilrepos.sourceforge.net/cgi-bin/demo.cgi/setup_settings

I got out of this by downloading the login page source, editing the line to use http e.g.:

form.action = "http://fossilrepos.sourceforge.net/cgi-bin/demo.cgi/login";

I suggest https setting is only available to turn on via the command line, and not by the web interface.

Rational: setting via the web offers no guaranteed way back, setting on the command line ensures the originator of the change can update it the same way.