desktop icon indicating copy to clipboard operation
desktop copied to clipboard

Published 20 hours ago verified publisher icon mattermost

Information about certificate.json and trustedOrigins.json

Open marcotuna opened this issue 2 years ago • 1 comments

For troubleshooting, see https://www.mattermost.org/troubleshoot/.

Currently I am using Cloudflare for Teams (Warp) which intercepts all traffic. It requires installing a self signed certificate on the computer. I am using Linux and if I download the Mattermost Desktop client from the website, it loads the certificates from the operating system and everything works fine. However when attempting to run Mattermost Desktop installed from the snap package manager, Mattermost complaints about "Certificate is not trusted", for every new link that is posted on the chat.

I found out in the source code about certificate.json and trustedOrigins.json https://github.com/mattermost/desktop/blob/0476d3efb83354644f3351dcafa4e478e2b48dcd/src/main/main.ts#L205

I also found out that every time I "Trust Insecure Certificate" a new entry is added to certificate.json Example:

{
  "https://mattermostdomain.sample.com": {
    "data": "-----BEGIN CERTIFICATE-----\nMIICKjCCAbGgAwIBAgIFANwYNxowCgYIKoZIzj0EAwIwgY4xCzAJBgNVBAYTAlVT\nMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRkw\nFwYDVQQKExBDbG91ZGZsYXJlLCBJbmMuMTcwNQYDVQQLEy5HYXRld2F5IEludGVy\nbWVkaWF0ZSBFQ0MgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTIxMTAwMTA2Mzgw\nMFoXDTIxMTExOTE3MDIwNlowGTEXMBUGA1UEAwwOaW0uZ2xhcnRlay5jb20wdjAQ\nBgcqhkjOPQIBBgUrgQQAIgNiAAT8aPjp3llFKZvZlUKFXN/aKBjawIm2o2ubOG7t\nOUtxlbfOt4Iig1FgMWnhmyeocRrFQG9yHgTz74M8k5u2icwH6CMrlSjKveg6yFTS\nyki1jY7+ZKt47dFHGIWEUJ6Bol6jUzBRMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBkG\nA1UdEQQSMBCCDmltLmdsYXJ0ZWsuY29tMB8GA1UdIwQYMBaAFI3OHemd6JEnwQws\nce+EYQlGBEIUMAoGCCqGSM49BAMCA2cAMGQCMBCaK4Zg90/k/2JruhSuTQmMHEit\nPDH/qiV+8UJ7OaiqWit1tt1aoiF7v0Sh8EUcFQIwDeWlVchyL2FpOj1rHtH9ZYcy\nnurU5ZnIJlzX4F/jY6Y9EeBF10Nnx4ZiHiBhFuJ/\n-----END CERTIFICATE-----\n",
    "issuerName": "Cloudflare, Inc."
  }
}

Is there a way to create a rule that matches any domain to accept that certificate? I've attempted with a Wildcard * but didn't worked.

Thanks!

marcotuna avatar Oct 07 '21 13:10 marcotuna

@marcotuna Just to clarify, do you have a different certificate or one that expires quickly on your site? I'm not sure why we would be ignoring it if you've said it's trusted. Is there anything different about your URL?

devinbinnie avatar Dec 09 '21 22:12 devinbinnie

Closing as inactive.

devinbinnie avatar May 05 '23 15:05 devinbinnie