Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[stable12] Handle SSL certificate verifications for others than Let's Encrypt #8184

Merged
merged 1 commit into from
Feb 8, 2018
Merged

[stable12] Handle SSL certificate verifications for others than Let's Encrypt #8184

merged 1 commit into from
Feb 8, 2018

Conversation

robert-scheck
Copy link
Contributor

@robert-scheck robert-scheck commented Feb 5, 2018
edited by nickvergessen
Loading

Backport of #8182

Do no longer (wrongly) rewrite URLs like

for automated SSL certificate verifications. All (common commercial) certificate authorities (CA) except Let's Encrypt (via ACME) seem to use "pki-validation" rather "acme-challenge" for their domain control validation (DCV).

Signed-off-by: Robert Scheck robert@fedoraproject.org

@robert-scheck
Handle SSL certificate verifications for others than Let's Encrypt
38c12ca 
Do no longer (wrongly) rewrite URLs like

  * http://example.net/.well-known/pki-validation/file.txt (Comodo)
  * http://example.net/.well-known/pki-validation/fileauth.txt (DigiCert, Thawte, GeoTrust)
  * http://example.net/.well-known/pki-validation/gsdv.txt (GlobalSign)
  * http://example.net/.well-known/pki-validation/starfield.htm (Starfield, GoDaddy)
  * http://example.net/.well-known/pki-validation/swisssign-check.txt (SwissSign)

for automated SSL certificate verifications. All (common commercial)
certificate authorities (CA) except Let's Encrypt (via ACME) seem to
use "pki-validation" rather "acme-challenge" for their domain control
validation (DCV).

Signed-off-by: Robert Scheck <robert@fedoraproject.org>
@robert-scheck robert-scheck changed the title Handle SSL certificate verifications for others than Let's Encrypt [stable12] Handle SSL certificate verifications for others than Let's Encrypt Feb 5, 2018
@codecov
Copy link

codecov bot commented Feb 5, 2018
edited
Loading

Codecov Report

Merging #8184 into stable12 will increase coverage by <.01%.
The diff coverage is 0%.

@@              Coverage Diff               @@
##             stable12    #8184      +/-   ##
==============================================
+ Coverage       53.83%   53.84%   +<.01%     
  Complexity      22761    22761              
==============================================
  Files            1385     1385              
  Lines           87150    87150              
  Branches         1331     1331              
==============================================
+ Hits            46920    46925       +5     
+ Misses          40230    40225       -5
Impacted Files Coverage Δ Complexity Δ
lib/private/Setup.php 12.39% <0%> (ø) 50 <0> (ø) ⬇️
core/js/js.js 61.83% <0%> (+0.55%) 0% <0%> (ø) ⬇️

@robert-scheck robert-scheck mentioned this pull request Feb 6, 2018
Merged
@nickvergessen nickvergessen added this to the Nextcloud 12.0.6 milestone Feb 6, 2018
@nickvergessen nickvergessen added bug 3. to review Waiting for reviews labels Feb 6, 2018
@rullzer rullzer requested a review from nickvergessen February 8, 2018 09:15
@MorrisJobke MorrisJobke merged commit e328ced into nextcloud:stable12 Feb 8, 2018
@MorrisJobke MorrisJobke mentioned this pull request Mar 9, 2018
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nickvergessen nickvergessen nickvergessen approved these changes

@MorrisJobke MorrisJobke MorrisJobke approved these changes

Assignees
No one assigned
Labels
3. to review Waiting for reviews bug
Projects
None yet
Milestone
Nextcloud 12.0.6
Development

Successfully merging this pull request may close these issues.
3 participants
@robert-scheck @nickvergessen @MorrisJobke