Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
cert validation fixes #52855
[WIP] Start of cert validation fixes
A few things this PR does:
referenced this pull request
Feb 26, 2019
I've done some performance testing on this using my Meraki network modules. There doesn't appear to be any regressions, at least related to the Meraki modules.
I'll test more modules, maybe tonight, but I am seeing some performance improvements when running integration tests.
Just for some statistics, on my laptop, generating the ca cert bundle often took less than 200ms. In some cases it was less than 100ms. But depending on drive speed and such, it could be more significant for others, and many repeated
Let me recap my preferred implementation in this PR in case we have to retain the existing functionality:
The lock would be there to ensure we don't have multiple modules rebuilding the ca-cert bundle at the same time. The timeout value is there just to avoid the somewhat more expensive check for updated certs.