Skip to content

Log if a server certificate lacks the subjectAlternativeName extensions #47678

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 20, 2023
Merged

Log if a server certificate lacks the subjectAlternativeName extensions #47678

merged 2 commits into from
Apr 20, 2023

Conversation

amcasey
Copy link
Member

@amcasey amcasey commented Apr 13, 2023

Log if a server certificate lacks the subjectAlternativeName extensions

  • You've read the Contributor Guide and Code of Conduct.
  • You've included unit or integration tests for your change, where applicable.
  • You've included inline docs for your change, where applicable.
  • There's an open issue for the PR that you are making. If you'd like to propose a new feature or change, please open an issue to discuss the change or find an existing issue.

Description

CommonName was deprecated in favor of subjectAlternativeName so there's a good chance of getting a browser security warning if it's missing.

@ghost ghost added the area-runtime label Apr 13, 2023
@amcasey
Copy link
Member Author

amcasey commented Apr 13, 2023

Suggested by @JamesNK at the Tuesday meeting.

amcasey
amcasey commented Apr 13, 2023
View reviewed changes
Copy link
Member Author

@amcasey amcasey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some notes on the parts I don't like. Suggestions?

@amcasey
Log if a server certificate lacks the subjectAlternativeName extensions
cef5180 
CommonName was deprecated in favor of subjectAlternativeName so there's a good chance of getting a browser security warning if it's missing.
@amcasey
Copy link
Member Author

amcasey commented Apr 18, 2023

Force push is a manual rebase (mostly on top of #47454). Conveniently, appropriate loggers and logger factories were more accessible in the latest main.

JamesNK
JamesNK reviewed Apr 18, 2023
View reviewed changes
@amcasey
Copy link
Member Author

amcasey commented Apr 20, 2023

@BrennanConroy Any remaining concerns?

@amcasey amcasey merged commit 0c42c03 into dotnet:main Apr 20, 2023
@amcasey amcasey deleted the NoSan branch April 20, 2023 23:11
@ghost ghost added this to the 8.0-preview4 milestone Apr 20, 2023
@amcasey amcasey added area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions and removed area-runtime labels Jun 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JamesNK JamesNK JamesNK approved these changes

@vcsjones vcsjones vcsjones left review comments

@blowdart blowdart blowdart left review comments

@BrennanConroy BrennanConroy BrennanConroy approved these changes

@Tratcher Tratcher Awaiting requested review from Tratcher

@halter73 halter73 Awaiting requested review from halter73 halter73 is a code owner

@mgravell mgravell Awaiting requested review from mgravell mgravell is a code owner

Assignees
No one assigned
Labels
area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions
Projects
None yet
Milestone
8.0-preview4
Development

Successfully merging this pull request may close these issues.
5 participants
@amcasey @JamesNK @vcsjones @blowdart @BrennanConroy