search

MatrixAI / Polykey

Polykey Core Library
https://polykey.com
GNU General Public License v3.0
29 stars 4 forks source link

Garbage collect expired certificates in the cert chain #789

Open tegefaulkes opened 4 weeks ago

tegefaulkes commented 4 weeks ago

Specification

Since certificates will expire after some time and self renew automatically. We need some logic in place to remove and old certificates that are expired. If a certificate is not relevant any more then there is no need to keep the certificate or provided it during the TLS verification.

To this end we need a background task that will periodically check for expired certificates and just remove them. The CertManager in the keys domain is the likely place to implement this.

Additional context

Related: ENG-390 #787

Tasks

  1. TBD
  2. ...
  3. ...
linear[bot] commented 4 weeks ago

ENG-393 Garbage collect expired certificates in the cert chain

CMCDragonkai commented 4 weeks ago

Isn't this already a function?

CMCDragonkai commented 4 weeks ago

I'm pretty sure gc functionality is in the system for certificates.