root cert /CN=djberg96/DC=gmail/DC=com is not trusted - Githubissues

thesp0nge / dawnscanner

Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.

MIT License

737 stars 86 forks source link

root cert /CN=djberg96/DC=gmail/DC=com is not trusted #195

Closed fauno closed 8 years ago

fauno commented 8 years ago

as per the instructions, i've installed the '/CN=paolo/DC=dawnscanner/DC=org' certificate, but installing the gem throws the error on the title :)

thesp0nge commented 8 years ago

Because you get another certificate "djberg96@gmail.com" that is not trusted... add also this one

fauno commented 8 years ago

which one?

thesp0nge commented 8 years ago

The one you reported in the issue as title...

fauno commented 8 years ago

i mean where should i get it and why should i trust it? :D

thesp0nge commented 8 years ago

I'm confused. You opened an issue for an untrusted certificate I don't own.

fauno commented 8 years ago

yes! isn't that worrying? i followed the instructions on the readme: 1) add the certificate; 2) install the gem. but then the gem is signed by another entity!

i just retried the gem install and it worked, but no idea if it's because the gem isn't signed anymore :|

thesp0nge commented 8 years ago

You're missing a point. djberg96@gmail.com certificate, is used to sign one of the dawnscanner, dependencies...

Dawnscanner gem is not signed by another entity! A bit of google can clarify with this post: https://github.com/sensu-plugins/sensu-plugins-disk-checks/issues/24

fauno commented 8 years ago

:)