server and extension updates are insecurely downloaded over http

Description

It's 2017, all updates should be downloaded over SSL, downloading unsigned binaries over http is risky

as there are multiple host names being used, it might be easier to host everything
under a single domain name and using sub directories

http://cdn.lucee.org/
http://download.lucee.org/
http://beta.lucee.org/
http://extension.lucee.org/

Environment

None

Assignee

Michael Offner

Reporter

Zac Spitzer

Priority

Critical

Labels

Fix versions

Sprint

None

Affects versions

Configure