[GH-ISSUE #16] [Feature Request] More Certificate Chain Options (Low Priority) #13

New issue

Open

opened 2026-02-25 21:30:49 +03:00 by kerem · 0 comments

kerem commented 2026-02-25 21:30:49 +03:00

Owner

Copy link

Originally created by @blastagator on GitHub (Oct 30, 2020).
Original GitHub issue: https://github.com/certera-io/certera/issues/16

To start: This is already easy to achieve with sh/bash scripting, so priority is definitely low here, but wanted to kick off a discussion on the subject.

I think it would be nice to expand the api optional parameter "chain=true | false" to "chain=full | intermediate | none". Some folks don't consider including the root CA in the chain a best practice (and it shouldn't be needed). The additional option would return the certificate and intermediary, but not the root CA. Essentially the behavior would be:

full = same as "true" now, so root ca, intermediate, and end cert
intermediate = returns "true" minus the root CA, so just intermediate and end cert
none = same as "false" now, so just the end cert

Some discussion on the topic:
https://security.stackexchange.com/questions/65332/ssl-root-certificate-optional

Originally created by @blastagator on GitHub (Oct 30, 2020). Original GitHub issue: https://github.com/certera-io/certera/issues/16 To start: This is already easy to achieve with sh/bash scripting, so priority is definitely low here, but wanted to kick off a discussion on the subject. I think it would be nice to expand the api optional parameter "chain=true | false" to "chain=full | intermediate | none". Some folks don't consider including the root CA in the chain a best practice (and it shouldn't be needed). The additional option would return the certificate and intermediary, but not the root CA. Essentially the behavior would be: full = same as "true" now, so root ca, intermediate, and end cert intermediate = returns "true" minus the root CA, so just intermediate and end cert none = same as "false" now, so just the end cert Some discussion on the topic: https://security.stackexchange.com/questions/65332/ssl-root-certificate-optional

kerem added the

feature-request

label 2026-02-25 21:30:49 +03:00

kerem referenced this issue 2026-03-07 19:51:43 +03:00

[GH-ISSUE #13] Feature Request: Version Number #11

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dependabot/nuget/src/Certera.Core/MailKit-4.16.0

fix-env-vars

2.2.0-beta

2.1.5

2.1.4

2.1.3

2.1.1-beta

2.1.0-beta

2.0.2-beta

2.0.1-beta

2.0.0-beta

1.5.0

1.2.0

1.1.0-beta

1.0.0-beta

Labels

Clear labels   

bug

  

feature-request

  

feature-request

  

pull-request

Mirrored from GitHub Pull Request

No labels

bug

feature-request

feature-request

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/certera#13

No description provided.