How to fetch the latest certificates at install time? #3

Новая задача

Ghost · 2019-02-05T18:11:44Z

Ghost прокомментировал(а)

2019-02-05 18:11:44 +00:00

Hi,
Thanks for your great module!

We were wondering if there was a way to download the latest Root CAs before actually starting the application, instead of having to run it a first time and restart it. Like could we imagine having a postinstall step in package.json?

It would indeed be easier for deploying and running automatically, while being sure to have the latest CAs.

Thanks in advance for your insights!

Hi, Thanks for your great module! We were wondering if there was a way to download the latest Root CAs before actually starting the application, instead of having to run it a first time and restart it. Like could we imagine having a `postinstall` step in package.json? It would indeed be easier for deploying and running automatically, while being sure to have the latest CAs. Thanks in advance for your insights!

coolaj86 прокомментировал(а)

2019-02-05 18:33:36 +00:00

Владелец

We’ve gone back and forth on this in the past.

Two issues:

The version numbers must remain meaningful.
A failure to install latest certs should not cause module installation failure, nor log a confusing error message indicating failure.

I’m not sure if there are other concerns.

If we change it we’ll need to bump the major version number. Maybe the docs could say “use vX for manual download and vY for automatic download... or a new module ssl-root-cas-latest.

What do you think?

We’ve gone back and forth on this in the past. Two issues: * The version numbers must remain meaningful. * A failure to install latest certs should not cause module installation failure, nor log a confusing error message indicating failure. I’m not sure if there are other concerns. If we change it we’ll need to bump the major version number. Maybe the docs could say “use vX for manual download and vY for automatic download... or a new module `ssl-root-cas-latest`. What do you think?

Ghost прокомментировал(а)

2019-02-05 18:53:02 +00:00

Автор

Thanks for your quick answer! I don't like the idea of fragmenting the module and having to choose between vX or vY, so a new module ssl-root-cas-latest would be a decent option.

I agree that it should not make the installation fail, a warning both at the install and at the application startup could do the job I think.

And if this has already been discussed in the past, maybe other people have ended up with their own good manual solution? I don't want to make you having to maintain yet another module! :)

Thanks for your quick answer! I don't like the idea of fragmenting the module and having to choose between vX or vY, so a new module `ssl-root-cas-latest` would be a decent option. I agree that it should not make the installation fail, a warning both at the install and at the application startup could do the job I think. And if this has already been discussed in the past, maybe other people have ended up with their own good manual solution? I don't want to make you having to maintain yet another module! :)

Войдите, чтобы присоединиться к обсуждению.

2 участников

Уведомления

Срок выполнения

Срок выполнения не установлен.

Зависимости

Зависимостей нет.

Ссылка: coolaj86/ssl-root-cas.js#3