cfssl
cfssl copied to clipboard
cloudflare
CFSSL: Cloudflare's PKI and TLS toolkit
Hey, it seems for me that they "auth_key" is not working when supplied in the default profile. When running `cfssl serve` it throws a warning for the /sign endpoint. Note:...
Hi CFSSL Team, First of all CFSSL is a lovely piece of software. Thank you so much for building and open sourcing it. To start an API server and let...
CFSSL [is using](https://github.com/cloudflare/cfssl/blob/e95f50ec0ee3de982a6353393adfc167942ef62e/certdb/mysql/migrations/001_CreateCertificates.sql#L10) `timestamp` for storing timestamps in MySQL/MariaDB. [Currently it is not compatible](https://mariadb.com/kb/en/timestamp/) with dates over 2038. Consider migration timestamp columns to safer type, i.e. `datetime` holding UTC times...
Didn't find any [config param](https://github.com/cloudflare/cfssl/blob/master/cli/config.go) nor hard-coded values to limit CFSSL's API request header and body sizes. Consider configurable (better probably) or hard-coded limits for both elements (to prevent clients...
when CFSSL is serving and you give a `kill -HUP` the process dies. It's much nicer to take that signal as reloading config files, certificates & whatnot without actually dying.
**Description** Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. These are in the process of being removed from Mozilla's trust store. e-Tugra's root certificates are being removed...
This mod adds access to `ClientProvidesSerialNumbers` cert profile field from JSON profile config with `client_provides_serial_numbers` option. When enabled, cert serial must be provided by API client in request. This mod...
Asking for help I used cfssl to generate an nginx certificate as follows: ```sh tee ca-csr.json
Hi. I only get Version 1.2.0 when using `go install github.com/cloudflare/cfssl/cmd/...@latest` My System: go: Version 1.20.6 linux/arm64 Raspberry Pi OS: Debian GNU/Linux 11 (bullseye) uname -m results in: aarch64 However,...
