Closed tsaarni closed 1 year ago
tsaarni
commented
1 year ago I've added a test case, but it depends on some hardcoded test data. I did not see a script that I could adjust, so it is manually generated. I set expiration for 50 years, so that expiration of test data should not become a failure reason for this test.
kares
commented
1 year ago Great work, Thanks Tero
tsaarni
commented
1 year ago Hi @kares, I know that after last release there has not been that many changes yet, but since side-loading gems and versioning forks can get bit tricky, I thought I'd ask if you happen to have any plans for the next release (including this PR)? 🙏
This change adds support for verifying the signature CRL files that are signed using EC private key.
It allows using CRL files that are issued by CA that uses EC key pair. Previously the CRL check failed, and peer certificate was always rejected as invalid even if it was valid, since the validation of CRL file itself failed.
Fixes #275