Skip to content

Fix CA cert for HTTPS on all remotes#9

Open
raph-topo wants to merge 2 commits intoaircarto:pj-new-wififrom
raph-topo:fix-https-ca-cert
Open

Fix CA cert for HTTPS on all remotes#9
raph-topo wants to merge 2 commits intoaircarto:pj-new-wififrom
raph-topo:fix-https-ca-cert

Conversation

@raph-topo
Copy link
Contributor

@raph-topo raph-topo commented Nov 17, 2023

Replace DST Root CA X3 with ISRG Root X1.
See DST Root CA X3 Expiration (September 2021)

If you provide an API or have to support IoT devices, you’ll need to make sure of two things: (1) all clients of your API must trust ISRG Root X1 (not just DST Root CA X3), and (2) if clients of your API are using OpenSSL, they must use version 1.1.0 or later. "
Set ISRG Root X1 as root certificate authority on all logger endpoints.

@raph-topo raph-topo marked this pull request as draft November 17, 2023 17:30
@raph-topo raph-topo marked this pull request as ready for review November 17, 2023 17:34
@raph-topo
Copy link
Contributor Author

raph-topo commented Nov 17, 2023

See Let's Encrypt Chain of Trust

@raph-topo
Replace Certificate Authority for HTTPS to all remotes
3c8d7e4 
Replace DST Root CA X3 with ISRG Root X1.
See https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ "If you provide an API or have to support IoT devices, you’ll need to make sure of two things: (1) all clients of your API must trust ISRG Root X1 (not just DST Root CA X3), and (2) if clients of your API are using OpenSSL, they must use version 1.1.0 or later. "
@raph-topo
Comments
e2de6b6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@raph-topo