Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Better trust chain output #132

Open
4 tasks
mcpherrinm opened this issue Mar 15, 2017 · 2 comments
Open
4 tasks

Better trust chain output #132

mcpherrinm opened this issue Mar 15, 2017 · 2 comments
Labels
enhancement Hacktoberfest

Comments

@mcpherrinm
Copy link
Contributor

Today, we dump all built trust chains.

That could be improved in a few ways:

  • Don't print all of them out unless in --verbose
  • Warn about un-needed intermediates (but be careful; they may be needed with other trust stores)
  • Warn about un-needed roots served in trust chains
  • some support for pinning leafs / intermediates
@matthyx
Copy link

matthyx commented Jul 19, 2022

I would even fail the validation if an intermediate is missing from the presented chain.
Today it validates if the intermediate is present in the CA bundle (which is wrong).

@seanhamlin
Copy link

I would also love to see the chain validated. Currently I am dealing with a site that certigo outputs entirely green, yet SSLLabs informs me off chain issues.

Image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Hacktoberfest
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mcpherrinm @mbyczkowski @seanhamlin @matthyx