Bram Verburg
Bram Verburg
I might fix that in the rewrite. Right now Validity encoding, which is a public API, works correctly for dates from 1950 forward. Decoding only works starting from 2000, which...
(Oops, again that annoying GH keyboard shortcut)
Why worry about the wildapricot token expiry once you've fetched the user details? You can just fetch the user information once, upon completion of the sign-in flow, then maintain a...
Did you save a copy of the chain that was returned by the server during renewal? I'd love to have a look
I've been looking through the code and I can't pinpoint any particular part where things might have broken, but I do suspect the issue wasn't Let's Encrypt returning an expired...
BTW, you said only some clients were reporting issues: a potential explanation for that would be the AIA extension. Many modern clients, in particular web browsers, will fetch intermediate CAs...
> So it looks like perhaps :ssl.clear_pem_cache doesn't clear intermediates? It clears the cache that's used to avoid reading and parsing PEM files from disk every time they are referenced,...
> There is already a test which verifies cert renewal. However it currently doesn't compare the intermediate cert. I think that this test could be adapted to reproduce the problem....
> Is this going to become a problem with Root CA file expiring at the end of the month since we can't pass hackney options down? Should not be an...
> Sorry, maybe I'm missing something. Isn't the purpose is to use `httpc` and not depend on Hackney though? So there won't be any Hackney? Right, but I interpreted the...