Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
murmur/Cert: check for 'Murmur Autogenerated Certificate' prefix instead of explicit version in self-signed cert check. #3080
This commit changes our check for whether a server is using a self-signed
Previously, we would only check for 'Murmur Autogenerated Certificate v2'.
This will allow us to bump the version in the certificate, without needing
Yes, I plan to bump the self-signed certs to use SHA256 for new servers. (Whether to drop existing certificates, I don't know yet...). It's a PITA that our "certificate hash" is a hash of the whole certificate, and not just the public key. That'd have made this much easier.
Anyway, my plan is to add a new Murmur Autogenerated Certificate v3 which uses a SHA-256 hash for its signature. Is it technically necessary to bump the version? No. I believe the first version (no "vXXX" suffix) lacked the bits for it to work as a client certificate, so they couldn't be used for public server registration.
I feel like it's just nicer to bump the version when we make a change.