Closed informartin closed 3 years ago
sschulz-t
commented
3 years ago I was wondering if this is completely safe. What if the user happens to have two certificates with a different serial number? Would this count as the same certificate or not?
informartin
commented
3 years ago I'm not sure how we could catch such a case. Right now, this could happen as well, as simple string comparison is performed on the certificate.
Furthermore, this is kind of intended if I remember correctly, as users can sign using different roles in the UI, can't they?
sschulz-t
commented
3 years ago ok i think you are right.
I sucessfully tested the pr locally (go test) and also in the dev setup. From my side this can be merged.
sschulz-t
commented
3 years ago I just ran "go test", all tests are passed. everything looks good to me.
Solves issue #40.
Using serial numbers is more robust, as we do not rely on the initial string encoding.