Initial cert validation test #2582

benjaminleonard · 2024-11-27T11:53:31Z

Fixes #2580 and related to #2578

Idea from @augustuswm to soft validate the cert. Unfortunately I think we need a library to parse the cert but I lazy imported it to avoid adding to the main bundle since most users will not see this.

Principally the risk here is what I dont know about certs:

wildcard handling might need to be sophisticated
certs that arrange slightly different in a way that parseCertificate() doesn't catch

But feels, like the image soft validation, that it could be a good quality of life improvement for something that is potentially very painful when not done correctly. We might want to label the CN and SAN on the messages list of found names.

vercel · 2024-11-27T11:53:36Z

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Updated (UTC)
console	✅ Ready (Inspect)	Visit Preview	Nov 27, 2024 3:33pm

app/components/form/fields/TlsCertsField.tsx

…mputer/console into tls-cert-soft-validation

package.json

benjaminleonard · 2024-11-27T14:26:13Z

Added tests, improved wildcard handling and also a message in case the certificate cannot be parsed.

Message copy needs work.

benjaminleonard · 2024-11-27T14:37:03Z

Do we have a good way of getting the domain? I vaguely remember some discussion around with the IdP setup.

charliepark · 2024-11-27T14:59:33Z

Is this your card? https://github.com/oxidecomputer/console/blob/require_tls_cert/app/forms/idp/util.ts#L16-L17

augustuswm · 2024-11-27T19:35:47Z

This looks awesome, thanks for picking it up. I think initial rack install will certainly benefit from it.

benjaminleonard and others added 3 commits November 27, 2024 11:47

Initial cert validation test

a559fd8

Bot commit: format with prettier

2ee5586

Spacing tweak

ab5e67f

benjaminleonard commented Nov 27, 2024

View reviewed changes

app/components/form/fields/TlsCertsField.tsx Outdated Show resolved Hide resolved

Merge branch 'tls-cert-soft-validation' of https://github.com/oxideco…

83d130e

…mputer/console into tls-cert-soft-validation

vercel bot deployed to Preview November 27, 2024 11:56 View deployment

david-crespo reviewed Nov 27, 2024

View reviewed changes

package.json Outdated Show resolved Hide resolved

oop

4a9899d

vercel bot deployed to Preview November 27, 2024 13:55 View deployment

Wildcard and error improvements with tests

53a6a9a

vercel bot deployed to Preview November 27, 2024 14:26 View deployment

More pattern matching tweaks

21287b4

vercel bot deployed to Preview November 27, 2024 14:39 View deployment

move dynamic import to avoid suspense/lazy thing

b629cee

vercel bot deployed to Preview November 27, 2024 15:23 View deployment

Merge branch 'main' into tls-cert-soft-validation

6f9bdda

vercel bot deployed to Preview November 27, 2024 15:33 View deployment

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Initial cert validation test #2582

Initial cert validation test #2582

benjaminleonard commented Nov 27, 2024

vercel bot commented Nov 27, 2024 •

edited

Loading

benjaminleonard commented Nov 27, 2024

benjaminleonard commented Nov 27, 2024

charliepark commented Nov 27, 2024

augustuswm commented Nov 27, 2024

Initial cert validation test #2582

Are you sure you want to change the base?

Initial cert validation test #2582

Conversation

benjaminleonard commented Nov 27, 2024

vercel bot commented Nov 27, 2024 • edited Loading

benjaminleonard commented Nov 27, 2024

benjaminleonard commented Nov 27, 2024

charliepark commented Nov 27, 2024

augustuswm commented Nov 27, 2024

vercel bot commented Nov 27, 2024 •

edited

Loading