Add warning when downloading an expired certificate - Githubissues

sqlitebrowser / dbhub.io

A "Cloud" for SQLite databases. Collaborative development for your data. 😊

https://dbhub.io

GNU Affero General Public License v3.0

372 stars 39 forks source link

Add warning when downloading an expired certificate #121

Closed MKleusberg closed 5 years ago

MKleusberg commented 5 years ago

I just logged into my DBHub account after a longer time, clicked the "Download DB4S certificate" button and got an expired certificate from a while ago. Maybe we should add a warning here and/or change the default action to generating a new certificate.

justinclift commented 5 years ago

Yeah, I think we discussed that a while back, and figured we might as well just make it a single button that generates a new cert each time.

Should be pretty easy to implement. :smile:

MKleusberg commented 5 years ago

Actually, shouldn't we even remove the client cert altogether from the Postgres database altogether? As in, generate the client certificate, sign it using a server side certificate, then send it to the user, and forget about it. And when receiving a client cert we would check the signature.

I'm not sure how we're doing it now but to me it starts to seem strange that we're even able to resend the same certificate after such a long time :wink:

justinclift commented 5 years ago

Hmmm... with passwords, keeping a hash of the password + forgetting the original password itself is the general approach.

With our certs, once they're generated... you might be right. It could be the case we don't need to store them.

I'll need to think this through when I'm not sleepy (unlike now). And probably do some code diving + experimentation to make sure. :smile:

justinclift commented 5 years ago

Just got this done (e85f52432b18501335a58d6ded8d4d93bf27bf22). There's now only a button for generating new certificates, and we don't store them in the database any longer either as that's not needed. :smile:

In testing here it works fine. If you've got a moment to double check with yours, that'd be good too. :smile:

MKleusberg commented 5 years ago

Awesome :smile: Just double checked it and it seems to work fine.

One more thing I noticed: The old certificate is still working, even after generating a new one. I guess that's the expected behaviour but it might be worth thinking about a mechanism to revoke or disable old client certificates.

justinclift commented 5 years ago

Hmmm, has the old certificate expired?

MKleusberg commented 5 years ago

No. But I was thinking of a way to revoke a certificate before it expires in case my laptop with the certificate was stolen or something.

justinclift commented 5 years ago

Ahhh. Initial thought as to an approach:

Create a new database table for storing some details of certs (maybe their serial number?) tied to each user
Have a page which lists the serial numbers of the certificates, along with their issue and expiry date
Have a button for "Revoke certificates", maybe with a checkbox to allow selecting which one(s)
Also add code to the DB4S end point, so it checks the serial number of the presented certificate and rejects any manually revoked ones

Nothing stands out as being terrible to get done. :smile:

MKleusberg commented 5 years ago

Yes, this sounds good :+1: But it's definitely a nice to have thing for now, so feel free to close this issue if you want to :smile:

justinclift commented 5 years ago

No worries. Just created a new issue for it, so it's not lost. :smile: