Closed dokaha closed 2 years ago
Nearly all services have a constructor parameter, where you can either set an instance of a Clock
, e.g. to a fixed point in time, or specify the validity that is acceptable.
You are aware that the trust list from dgc.a-sit.at does not contain trust anchors for productive HCERT data, right?
Thanks for your reply and mentioning that dgc.a-sit.at is not for productive use. For the moment i managed the expiration with a custom Clock instance. I tried changing to dgc-trust.qr.gv.at but got problems verificating greenpasses from other countries. i'm not sure if the problem is, that this trustlist only contains public keys from austria, or if i got other problems. If i need to get the lists from other countries and merge them together in my own trustlist, it would be no problem for me, but i don't know how to merge them. Are there some hints how to join trust lists from different countries and get the needed fileformat?
here ist the public information regarding the austrian trust lists: https://github.com/Federal-Ministry-of-Health-AT/green-pass-overview the list on dgc-trust.qr.gv.at contains all prod keys of europe.
thank you for the link. i think now all my problems with validation of greenpass certificates are gone. most of them were that i mixed up test- and produktive data.
Great to hear that :-)
hello,
i need to do verification of greenpass in offline environment. devices will be offline for longer period of time (maybe months). my problem is, that i'll get
ehn.techiop.hcert.kotlin.chain.VerificationException: Expiration<clock.now()
when the trustlist wasn't updated for 2 (?) days.I'm using the trustlist from a-sit.at
Is there a way to make the verification process accept older data?
thanks!