Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Validation of a self-signed certificate does not require its presence in the system wide trust store any more #830

Merged
merged 4 commits into from
Aug 4, 2023

Conversation

dadrus
Copy link
Owner

@dadrus dadrus commented Aug 4, 2023

Related issue(s)

Not really, but many complains and people wondering, why it is the case

Checklist

Description

With that update, you can use self-signed certificates (highly discouraged for production), respectively the corresponding keys to e.g. sign the JWTs issued by heimdall without the need to make the self-signed certificate present in the system-wide trust store.

Before the change introduced with this PR, heimdall would log x509: certificate signed by unknown authority and refuse starting.

Sorry, something went wrong.

@codecov
Copy link

codecov bot commented Aug 4, 2023

Codecov Report

Merging #830 (66d4131) into main (303ee11) will increase coverage by 0.00%.
Report is 5 commits behind head on main.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main     #830   +/-   ##
=======================================
  Coverage   89.51%   89.52%           
=======================================
  Files         220      220           
  Lines        9427     9430    +3     
=======================================
+ Hits         8439     8442    +3     
  Misses        786      786           
  Partials      202      202           
Files Changed Coverage Δ
internal/signer/jwt_signer.go 93.57% <ø> (+0.18%) ⬆️

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@dadrus dadrus merged commit 56a2d1f into main Aug 4, 2023
@dadrus dadrus deleted the fix/self_signed_certs_validation branch August 4, 2023 09:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant