kaikramer / keystore-explorer

KeyStore Explorer is a free GUI replacement for the Java command-line utilities keytool and jarsigner.

https://keystore-explorer.org/

GNU General Public License v3.0

1.7k stars 275 forks source link

Allow Http Redirect for downloads crl and crt #460

Closed jgrateron closed 11 months ago

jgrateron commented 1 year ago

The error appears when an http link is redirected to https.

459

kaikramer commented 1 year ago

The error appears when an http link is redirected to https.

HTTPS for OCSP is a bad idea, because then you have to also check the revocation status of the TLS cert for the HTTPS URL, probably with OCSP again and if that is also under a HTTPS URL then again... OCSP responses are signed by the responder, no TLS necessary there, it only makes things worse.

But anyway, a redirect to a different URL should be possible in any case.

kaikramer commented 11 months ago

Closing issues in preparation for release 5.5.3