How to fetch the latest certificates at install time? #3

New Issue

Open

opened 2019-02-05 18:11:44 +00:00 by Ghost · 2 comments

Ghost commented 2019-02-05 18:11:44 +00:00

Copy Link

Hi,
Thanks for your great module!

We were wondering if there was a way to download the latest Root CAs before actually starting the application, instead of having to run it a first time and restart it. Like could we imagine having a postinstall step in package.json?

It would indeed be easier for deploying and running automatically, while being sure to have the latest CAs.

Thanks in advance for your insights!

Hi, Thanks for your great module! We were wondering if there was a way to download the latest Root CAs before actually starting the application, instead of having to run it a first time and restart it. Like could we imagine having a `postinstall` step in package.json? It would indeed be easier for deploying and running automatically, while being sure to have the latest CAs. Thanks in advance for your insights!

coolaj86 commented 2019-02-05 18:33:36 +00:00

Owner

Copy Link

We’ve gone back and forth on this in the past.

Two issues:

• The version numbers must remain meaningful.

• A failure to install latest certs should not cause module installation failure, nor log a confusing error message indicating failure.

I’m not sure if there are other concerns.

If we change it we’ll need to bump the major version number. Maybe the docs could say “use vX for manual download and vY for automatic download... or a new module ssl-root-cas-latest.

What do you think?

We’ve gone back and forth on this in the past. Two issues: * The version numbers must remain meaningful. * A failure to install latest certs should not cause module installation failure, nor log a confusing error message indicating failure. I’m not sure if there are other concerns. If we change it we’ll need to bump the major version number. Maybe the docs could say “use vX for manual download and vY for automatic download... or a new module `ssl-root-cas-latest`. What do you think?

Ghost commented 2019-02-05 18:53:02 +00:00

Author

Copy Link

Thanks for your quick answer! I don't like the idea of fragmenting the module and having to choose between vX or vY, so a new module ssl-root-cas-latest would be a decent option.

I agree that it should not make the installation fail, a warning both at the install and at the application startup could do the job I think.

And if this has already been discussed in the past, maybe other people have ended up with their own good manual solution? I don't want to make you having to maintain yet another module! :)

Thanks for your quick answer! I don't like the idea of fragmenting the module and having to choose between vX or vY, so a new module `ssl-root-cas-latest` would be a decent option. I agree that it should not make the installation fail, a warning both at the install and at the application startup could do the job I think. And if this has already been discussed in the past, maybe other people have ended up with their own good manual solution? I don't want to make you having to maintain yet another module! :)

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

v1.3.1

v1.3.0

v1.2.5

v1.2.4

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.11

v1.1.10

v1.1.9-beta

v1.1.8

v1.1.7

v1.1.6

v1.1.5

v1.1.4

v1.1.2

v1.1.1

v1.0.6

v1.1.0

v1.0.5

v1.0.4

v1.0.3

v1.0.2

Labels

Clear labels

No items

No Label

Milestone

Clear milestone

No items

No Milestone

Assignees

Clear assignees

No Assignees

2 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coolaj86/ssl-root-cas.js#3

No description provided.