Cedric Staub
Cedric Staub
We might have a trust store with roots that we trust for connecting to admin/ui endpoints, but not for regular API endpoints. Need a way to distinguish between these, e.g....
It would be nice if the `dump` command would also understand PEM-formatted certificate revocation lists (CRLs).
It would be nice if the `dump` command would also understand PEM-formatted certificate signing requests (CSRs) instead of just certificates.
If verification fails, retries using intermediate retrieved via AIA fetching and updates error message to make it clearer what the misconfiguration is. Used to print: ![Screen Shot 2019-04-04 at 15...
Go can't process BER input, only DER. Would be nice to have a preprocessing step that canonicalizes any BER into DER.
Right now sudo_pair does not show who approved/is watching the session, would be nice to have that in there.
The `jose-util` CLI can already decode/dump JWE/JWS for debugging, maybe we should add some JWT debugging commands. Could be useful.
Some flags can contain both a host:port address as well as a URL starting with http(s)://. For example, the status flag can contain a host:port to serve status on HTTPS...
Set default close timeout to 1s, closer to old behavior. (Old behavior was equivalent to 0s)
[Don't merge] Add debug output to figure out the Windows/OpenSSL issue --- Removes `python3-distutils` from the list of build dependencies installed in `Dockerfile-test`.