Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[2.50.3] Lets Encrypt Root CA Change #2409

Merged
merged 5 commits into from
Nov 23, 2020
Merged

[2.50.3] Lets Encrypt Root CA Change #2409

merged 5 commits into from
Nov 23, 2020

Conversation

shubham1g5
Copy link
Contributor

@shubham1g5 shubham1g5 added this to the 2.50.3 milestone Nov 19, 2020
@ShivamPokhriyal
Copy link
Contributor

Great to see this PR.

yschimke
yschimke reviewed Nov 20, 2020
View reviewed changes
app/src/org/commcare/network/ISRGCertConfig.java
Certificate isgCertificate = cf.generateCertificate(new ByteArrayInputStream(isgCert.getBytes("UTF-8")));

HandshakeCertificates certificates = new HandshakeCertificates.Builder()
.addTrustedCertificate((X509Certificate)isgCertificate)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you need to support other platform certificates as well? Or just an LE root?

Can you confirm this already works for existing LE certificates?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you need to support other platform certificates as well?

Uh yes, It's failing for other non LE certs. so seems like we need to add addPlatformTrustedCertificates() to allow for other certificates. Appreciate the catch.

Can you confirm this already works for existing LE certificates?

Yeah this somehow works without adding the call to addPlatformTrustedCertificates(). Not sure how though!

@ctsims
Copy link
Member

ctsims commented Nov 20, 2020

@damagatchi retest this please

@shubham1g5
Copy link
Contributor Author

@ctsims the build is going to fail on this as we need to build it against 2.50 core. We will be able to see the build status over here once merged.

@shubham1g5 shubham1g5 merged commit 377802b into commcare_2.50 Nov 23, 2020
@shubham1g5 shubham1g5 deleted the isgCert branch November 23, 2020 04:51
@shubham1g5 shubham1g5 mentioned this pull request Nov 26, 2020
Merged
@gabn88 gabn88 mentioned this pull request Nov 26, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yschimke yschimke yschimke left review comments

@ShivamPokhriyal ShivamPokhriyal ShivamPokhriyal approved these changes

@ctsims ctsims Awaiting requested review from ctsims

Assignees
No one assigned
Labels
product/invisible
Projects
None yet
Milestone
2.50.3
Development

Successfully merging this pull request may close these issues.
4 participants
@shubham1g5 @ShivamPokhriyal @ctsims @yschimke