-
-
Notifications
You must be signed in to change notification settings - Fork 15.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SelfSignedCertificate configurable valid dates #4257
Conversation
@normanmaurer @ganskef - FYI. |
@@ -59,9 +60,11 @@ | |||
private static final InternalLogger logger = InternalLoggerFactory.getInstance(SelfSignedCertificate.class); | |||
|
|||
/** Current time minus 1 year, just in case software clock goes back due to time synchronization */ | |||
static final Date NOT_BEFORE = new Date(System.currentTimeMillis() - 86400000L * 365); | |||
static final Date NOT_BEFORE = new Date(SystemPropertyUtil.getLong( | |||
"io.netty.SelfSignedCertificate.notBefore", System.currentTimeMillis() - 86400000L * 365)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Self -> self?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
How about renaming |
320d8e8
to
e5a105a
Compare
Motivation: Users may want to control the valid dates for SelfSignedCertificate. Modifications: - Allow NOT_BEFORE and NOT_AFTER to be controlled via java system properties. Result: Fixes netty#3978
e5a105a
to
a7321ab
Compare
@trustin - Good idea. Done. |
* @param notBefore Certificate is not valid before this time | ||
* @param notAfter Certificate is not valid after this time | ||
*/ | ||
public SelfSignedCertificate(Date notBefore, Date notAfter) throws CertificateException { | ||
this("example.com"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems like notBefore
and notAfter
are unused?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yip. Will fix.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pushed a new set of commits. See #4257 (comment)
Motivation: PR #4257 introduced paramters and didn't use them. Modifications: - Use the new paramters Result: No warnings and correct behavior
Motivation: PR #4257 introduced paramters and didn't use them. Modifications: - Use the new paramters Result: No warnings and correct behavior
Motivation: PR #4257 introduced paramters and didn't use them. Modifications: - Use the new paramters Result: No warnings and correct behavior
@trustin Any thoughts on this test failure? I've seen it a few times now. |
@Scottmitch Some DNS servers were returning NoError for non-existent domains. I removed them from the public DNS server list. Will keep my eyes on the failure.. |
@trustin @Scottmitch I think it makes sense to use a "stub" DnsServer for our tests. I will work on this and so make it more robust. |
@normanmaurer +1. It would be nice to have isolation in our unit tests that automatically run. It would be nice for dev to switch to the "real" DNS servers too though. |
Motivation: PR netty#4257 introduced paramters and didn't use them. Modifications: - Use the new paramters Result: No warnings and correct behavior
Motivation:
Users may want to control the valid dates for SelfSignedCertificate.
Modifications:
Result:
Fixes #3978