-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initial cert validation test #2582
base: main
Are you sure you want to change the base?
Conversation
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
…mputer/console into tls-cert-soft-validation
Do we have a good way of getting the domain? I vaguely remember some discussion around with the IdP setup. |
This looks awesome, thanks for picking it up. I think initial rack install will certainly benefit from it. |
Do we need some copy to caveat incase that is not correct. I remember some talk about a proxy perhaps throwing it off? |
Fixes #2580 and related to #2578
Idea from @augustuswm to soft validate the cert. Unfortunately I think we need a library to parse the cert but I lazy imported it to avoid adding to the main bundle since most users will not see this.
Principally the risk here is what I dont know about certs:
parseCertificate()
doesn't catchBut feels, like the image soft validation, that it could be a good quality of life improvement for something that is potentially very painful when not done correctly. We might want to label the
CN
andSAN
on the messages list of found names.