Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for SNI and dynamic certificate #198

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

Ana06
Copy link
Member

@Ana06 Ana06 commented Dec 9, 2024

  • Dynamically generate a certificate based on client request using Server Name Indication (SNI).
  • Sign the new certificate with either a static CA certificate, or with a newly generated CA.
  • Add config options to specify a path to static CA certificate.

Override #98 I have squashed to one commit for simplicity and rebased to the last merge from that PR, the last commit before Dec 11 2023: ac33a706274d3e567080d261f7886fd472378ffa. It is still missing to rebase from that commit to the current master branch. There has been only 5 commits since them, but they include important changes. I think @tinajohnson that is more familiar with this changes can take it from here 😉

Closes #197

@tinajohnson
Copy link
Contributor

This is awesome, thank you for your Git magic, @Ana06!

- Dynamically generate a certificate based on client request using
Server Name Indication (SNI).
- Sign the new certificate with either a static CA certificate, or
with a newly generated CA.
- Add config options to specify a path to static CA certificate.

This code was written by Nhan Huynh while he was employed at
FireEye/Mandiant/Google and Google holds the copyright.

Co-authored-by: Michael Bailey <[email protected]>
Co-authored-by: Tina Johnson <[email protected]>
@Ana06
Copy link
Member Author

Ana06 commented Dec 12, 2024

Thanks for rebasing @tinajohnson! 🚀 I have squashed the two commits, so that we have a single commit with the new changes. @htnhan we needed to recreate the PR, to clarify that you wrote this code while you were employed at FireEye/Mandiant/Google and Google holds the copyright, following the advise we received from Google legal. The new commit has:

  • The original author of the code (@htnhan) as author
  • @tinajohnson and @strictlymike, that rebased the original code so that it can be merged, as co-authors
  • I am the committer.

Thanks @htnhan for implementing this feature!

@Ana06
Copy link
Member Author

Ana06 commented Dec 12, 2024

The CLA check is working and it seems @htnhan has signed the CLA :
image

The reason the previous PR was failing is because one of @htnhan commits was missing the author:
image

That means we do not need to recreate other PRs from @htnhan where the all commits have him as author. In any case, it was easier to rebase the change with less commits. 😉

Thanks @htnhan, @tinajohnson and @strictlymike for you work to get this finished! 😊

@htnhan
Copy link
Contributor

htnhan commented Dec 12, 2024

Hi @Ana06, just to confirm, do you need anything from me for this PR?

@Ana06
Copy link
Member Author

Ana06 commented Dec 13, 2024

Hi @htnhan! 😊 No, we needed to squash the commits and add a sentence to the resulting commit to clarify that Google holds the copyright of the code you wrote because the original PR had a commit without author and the CLA check failed. I hope you are ok with this. Thank for asking and for implementing this code some years ago! @strictlymike and @tinajohnson are testing it and we are aiming to merge it in the next weeks. Looking forward to finally being able to use it! 🚀

@mr-tz
Copy link

mr-tz commented Dec 14, 2024

🥳 🥳 🥳

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

HTTPs support
4 participants