ca3s is a CA system with a flexible RA part based on BPM aiming to automate as much as possible. Therefore providing ACME and SCEP interfaces in addition to the usual web form. Aggregating certificate sets from different sources and using CMP-connected CAs or ADCS instances for certificate creation. The ca3s core server is based on spring boot 2.x and jHipster
European Union Public License 1.2
8
stars
3
forks
source link
serve uploaded artifacts from a specific subdomain and align the CSP accordingly #517
To prevent using externally provided artifacts as scripts (accidentially or intentionally by an attacker) provide a CSP that limits script sources to the root domain. Serve externally provided content (e.g. CSRs, certificates) from a specific subdomain.
Align the URLs in the affected links in webpages and email templates.
To prevent using externally provided artifacts as scripts (accidentially or intentionally by an attacker) provide a CSP that limits script sources to the root domain. Serve externally provided content (e.g. CSRs, certificates) from a specific subdomain.
Align the URLs in the affected links in webpages and email templates.
Add a SAN to the application's certificate