Closed AGWA closed 11 months ago
I wonder what the rationale for that is, given the certificate can be found by opening up $CERT_FILENAME?
Also related to the title of the bug not the content: it'd be awesome if the -script
parameter did something smart when fed something that has spaces in it -- for example, passing it to /bin/sh -c
. My use case is the same as the one I mentioned in the other bug above: being able to pass -script /bin/run-parts /etc/certspotter/hooks
. Hope this makes sense!
-script
is officially supported as of v0.15.0
I think the entire PEM-encoded certificate chain should be fed to the script over stdin. Cert Spotter should ignore broken pipes in case the script closes stdin before reading anything. Question: what if the script forks with stdin still open and never reads?