cPanel trying to update over http?

Why is Cpanel trying to update rpm over http. Surely this is a big security risk with the potential for fake updates to be inserted in the update chain Example from today's update log: [2018-03-20 03:32:18 +0000] [/usr/local/cpanel/scripts/rpmup] http://85.13.201.2/cpanelsync/repos/CentOS/6/EA4/repodata/repomd.xml: [Errno 12] Timeout on http://85.13.201.2/cpanelsync/repos/CentOS/6/EA4/repodata/repomd.xml: (28, 'Operation too slow. Less than 1 bytes/sec transfered the last 30 seconds') [2018-03-20 03:32:18 +0000] [/usr/local/cpanel/scripts/rpmup] Trying other mirror. [2018-03-20 03:32:18 +0000] [/usr/local/cpanel/scripts/rpmup] http://85.13.201.2/cpanelsync/repos/CentOS/6/cPAddons/x86_64/repodata/repomd.xml: [Errno 14] PYCURL ERROR 56 - "Failure when receiving data from the peer" [2018-03-20 03:32:18 +0000] [/usr/local/cpanel/scripts/rpmup] Trying other mirror. [2018-03-20 03:32:18 +0000] [/usr/local/cpanel/scripts/rpmup] No Packages marked for Update
and from previous update files Fetching CPAN mirrors...Fetching http://httpupdate.cpanel.net/pub/CPAN/MIRRORED.BY http://httpupdate.cpanel.net/pub/CPAN/MIRRORING.FROM (connected:1).......(request attempt 1/12)...@185.69.232.245......receiving......request success......Done Three usable fallback mirrors located Fetching http://mirror.reismil.ch/CPAN/index.html (connected:1).......(request attempt 1/12)...Resolving mirror.reismil.ch...(resolve attempt 1/65)...@37.252.190.140......receiving......request success......Done
How do we force Cpanel /WHM to only update via HTTPS not insecure http