Suggest use https when downloading auth tokens from goolag.store

Suggest use https when downloading auth tokens from goolag.store, just now http is used. Also when using https suggest adding option for a cert check/pin to verify server.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information