[Bug 5912] New: Pin the server's host key, not the certificate in .hgrc
mercurial-bugs at mercurial-scm.org
mercurial-bugs at mercurial-scm.org
Fri Jun 8 09:03:41 UTC 2018
https://bz.mercurial-scm.org/show_bug.cgi?id=5912
Bug ID: 5912
Summary: Pin the server's host key, not the certificate in
.hgrc
Product: Mercurial
Version: 4.6
Hardware: PC
OS: Mac OS
Status: UNCONFIRMED
Severity: feature
Priority: wish
Component: Mercurial
Assignee: bugzilla at mercurial-scm.org
Reporter: roker at pep-project.org
CC: mercurial-devel at mercurial-scm.org
We use LetsEncrypt certificates for our mercurial servers.
These certificates have (by intention) a quite short livetime, so they change
every 2 months or the like. Unfortunately mercurial is unable to validate these
certificates via the TLS trust chain (as every webbrowser does) so we have to
"pin" the certificate's fingerprints in the [hostsecurity] section of our .hgrc
and have to change them quite often on all of our clients.
That is annoying. :-(
As far as I understand TLS certificates, they are used to provide a trust chain
from a few well-known and trustworthy "root certificates" (that are fix or
seldom changing and known to the client) to the server's TLS key, so clients
don't have to trust (and pin that trust) to every single TLS server.
But it seems that mercurial can't do that. Am I right?
Or as alternative: Why can't mercurial just pin the server's TLS key (or its
fingerprint) directly without any "certificate voodoo" in between?
Greetings,
Lars R.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Mercurial-devel
mailing list