[WIP] Update Ursulas certificate#2700
Conversation
| self.log.warn(f"Replaced SSL certificate for host: {host}") | ||
| except: | ||
| self.log.warn(f"Failed to replace SSL certificate for host: {host}") | ||
| pass |
There was a problem hiding this comment.
What exceptions are you anticipating here? Do you think it will be okay to suppress all of them?
There was a problem hiding this comment.
Just to clarify, this PR is not in its intended state, and the exceptions should be handled on a case-to-case basis. I'm probably going to take a different approach in solving this issue and this PR will be heavily rewritten.
|
This PR is on my mind today - I think adopting the principal of "always replace" the TLS certificate is the most simple and elegant way to ensure that the cert always matches the latest remote node's runtime, regardless of state changes, restarts, rederivation of keys, etc. |
@KPrasch , @piotr-roslaniec any thoughts on #2674 (comment)? It isn't an "always replace" solution but a "check and replace" solution. |
|
An attempt to sum up our discussion:
I think these two combined cover all relevant cases. On a different note, should "1)" be enabled by default? Or should the node just fail on startup? In case someone uses a regular certificate (not self-signed). |
If we do that, would we basically have to provide some tool for users to generate their own cert? Feels like it, since the situation would need to be resolved somehow.
Possible but seems highly unlikely to me since I think (?) they would have to muck with the files |
Type of PR:
Required reviews:
What this does:
Issues fixed/closed:
Why it's needed:
Notes for reviewers: