starred/certidude-laurivosandi
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude.git synced 2026-04-25 16:45:51 +03:00
Code Issues 29 Projects Releases Packages Wiki Activity

[GH-ISSUE #17] Support HTTP Strict Transport Security #12

New issue
Closed
opened 2026-02-26 03:33:29 +03:00 by kerem · 1 comment
kerem commented 2026-02-26 03:33:29 +03:00
Owner
Copy link

Originally created by @laurivosandi on GitHub (Jan 20, 2017).
Original GitHub issue: https://github.com/laurivosandi/certidude/issues/17

Currently insecure flag in /etc/certidude/client.conf specifies whether CA should be contacted over HTTP or HTTPS. Instead of such static configuration we should support HSTS.

Possible implementation on the client side would perform first request over HTTP and if server redirects to HTTPS and returns with HSTS headers create a file eg /var/lib/certidude/ca.example.com/secure. If such file exists further requests would be performed over HTTPS by default.

Originally created by @laurivosandi on GitHub (Jan 20, 2017). Original GitHub issue: https://github.com/laurivosandi/certidude/issues/17 Currently `insecure` flag in `/etc/certidude/client.conf` specifies whether CA should be contacted over HTTP or HTTPS. Instead of such static configuration we should support HSTS. Possible implementation on the client side would perform first request over HTTP and if server redirects to HTTPS and returns with HSTS headers create a file eg /var/lib/certidude/ca.example.com/secure. If such file exists further requests would be performed over HTTPS by default.
kerem closed this issue 2026-02-26 03:33:29 +03:00
kerem commented 2026-02-26 03:33:29 +03:00
Author
Owner
Copy link

@laurivosandi commented on GitHub (Apr 29, 2018):

Fixed with github.com/laurivosandi/certidude@b9aaec7fa6, once CA cert is fetched the client always approaches CA over HTTPS

<!-- gh-comment-id:385248448 --> @laurivosandi commented on GitHub (Apr 29, 2018): Fixed with https://github.com/laurivosandi/certidude/commit/b9aaec7fa6b4d8443e2fb515256fd55efab07429, once CA cert is fetched the client always approaches CA over HTTPS
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
dev
No results found.
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/certidude-laurivosandi#12
No description provided.