Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for checking the fingerprint of self-signed SSL certs #60

Closed
wants to merge 1 commit into from
Closed

Add support for checking the fingerprint of self-signed SSL certs #60

wants to merge 1 commit into from

Conversation

sinbad
Copy link

@sinbad sinbad commented Mar 12, 2018
edited

Discussed with @novabyte on Gitter, sounds like this could be useful.

I wanted to have some checking of SSL certs even though I was using a self-signed certificate, so I've added the ability to provide a list of cert fingerprints that are considered acceptable. Example usage:

        var client = new NClient.Builder(sb.ToString())
            .Host("your.host.com")
            .Port(443)
            .SSL(true)
            .SSLAcceptAllCertificates(false)
            .SSLValidKeyFingerprints(new string[] { "9E10ACEB4DD13F0FD3E187C3CBC270605EA65031" })
            .Build();

It defaults to the previous behaviour to accept all certificates so as not to break anything, although I really think the default should be the opposite at some point to encourage better security.

Hope it's useful!

@sinbad
Add support for checking the fingerprint of self-signed SSL certs
87bf726 
Defaults to previous behaviour of allowing all SSL certs, but this can now be
turned off and only specific fingerprints accepted, so that bad actors can't
perform man-in-the-middle attacks with their own certs
@sinbad sinbad mentioned this pull request Mar 19, 2018
Merged
@MarcusRiemer
Copy link

Is there any ETA for this? Or any reason why this shouldn't be merged?

@novabyte
Copy link
Member

@MarcusRiemer Since the launch of the new client I've separated out this work into a separate commit which will be completed tomorrow. And incorporated as part of the release. 😄

@novabyte
Copy link
Member

This was added in the 2.1.0 release.

@novabyte novabyte closed this Aug 17, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@sinbad @MarcusRiemer @novabyte