pages/pages-server
1
0
Fork 0
mirror of https://codeberg.org/Codeberg/pages-server.git synced 2025-04-25 06:16:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
pages-server/server/certificates
History
Gusted 0ca3377e68
Allow to use certificate even if domain validation fails 
- Currently if the canonical domain validations fails(either for
legitimate reasons or for bug reasons like the request to Gitea/Forgejo
failing) it will use main domain certificate, which in the case for
custom domains will warrant a security error as the certificate isn't
issued to the custom domain.
- This patch handles this situation more gracefully and instead only
disallow obtaining a certificate if the domain validation fails, so in
the case that a certificate still exists it can still be used even if
the canonical domain validation fails. There's a small side effect,
legitimate users that remove domains from `.domain` will still be able
to use the removed domain(as long as the DNS records exists) as long as
the certificate currently hold by pages-server isn't expired.
- Given the increased usage in custom domains that are resulting in
errors, I think it ways more than the side effect.
2023-01-15 23:30:03 +01:00
..
acme_account.go Add pipeline (#65) 2022-03-27 21:54:06 +02:00
certificates.go Allow to use certificate even if domain validation fails 2023-01-15 23:30:03 +01:00
mock.go rm certDB helper and build in 2021-12-05 19:00:57 +01:00
mock_test.go Move gitea api calls in own "client" package (#78) 2022-06-11 23:02:06 +02:00