cfssl
cfssl copied to clipboard
cloudflare
Flag to not fail the revocation status when multiple CRL distribution points having same CRL.
Problem:There are cases when there is same CRL hosted at multiple locations for high availability. Some if the URLs(CRL Distribution points) may not be reachable. In this case, it is not required for the certificate to pass every CRL(as the CRL is same in every hosted location). Solution: Verify at least 1 hosted location and not fail if host is not reachable. If any of the URL is reachable and verified as not revoked then we should not reject the certificate.
Codecov Report
Merging #1180 (b1646d8) into master (c6f04ed) will decrease coverage by
0.02%. The diff coverage is57.14%.
@@ Coverage Diff @@
## master #1180 +/- ##
==========================================
- Coverage 54.66% 54.64% -0.03%
==========================================
Files 77 77
Lines 6653 6663 +10
==========================================
+ Hits 3637 3641 +4
- Misses 2559 2562 +3
- Partials 457 460 +3
| Impacted Files | Coverage Δ | |
|---|---|---|
| revoke/revoke.go | 60.78% <57.14%> (-0.18%) |
:arrow_down: |
| csr/csr.go | 78.44% <0.00%> (-0.73%) |
:arrow_down: |
| api/client/client.go | 54.03% <0.00%> (-0.34%) |
:arrow_down: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing dataPowered by Codecov. Last update c6f04ed...b1646d8. Read the comment docs.
