gnarea
commented
2 years ago We should also get rid of our hardcoded copy of frankfurt.relaycorp.cloud's certificate when we fix this:
Open sdsantos opened 2 years ago
gnarea
commented
2 years ago We should also get rid of our hardcoded copy of frankfurt.relaycorp.cloud's certificate when we fix this:
Describe the problem
Sometimes the Gateway app does not have an Identity Certificate available. For example, while the initial registration with the public gateway wasn't concluded, or a Certificate expires and we haven't been able to renew it. Right now we fall back to a self-signed certificate, but that only works to communicate with the Public Gateway, and not for the rest of the uses the Identity Certificate has.
Describe the solution you'd like
Instead of just falling back to and storing a self-signed certificate, we should just create one for registration. And all other code that requires an Identity Certificate should be able to handle not having one (usually will mean not doing anything). Maybe we could even communicate to the user that the Gateway is not able to function fully until it registers again.