You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello! I'm wondering if it would be possible to configure smimesign to error out (or at least display a warning) if the certificate you are using to sign commits has expired. I am trying to implement a system for git signing with shorter-lived developer certificates (30 days) and it would be really helpful if a warning or error message would let developers know that their certificate has expired and they should request a new one.
Currently smimesign will go ahead and sign commits with expired certificates with no output, but then verification fails:
$ git log --show-signature
commit 923459dd4798833eb56f0f376fcd6d0b3fc86e04 (HEAD -> master)
failed to verify signature: x509: certificate has expired or is not yet valid: current time 2021-10-01T13:56:16-05:00 is after 2021-10-01T18:54:21Z
I know we're limited in what git passes to smimesign so i'd be fine to use a wrapper script or command, but would need a command line flag to indicate it should exit with error if the signing certificate is expired.
Let me know your thoughts and I'd be happy to open a PR!
The text was updated successfully, but these errors were encountered:
Hello! I'm wondering if it would be possible to configure smimesign to error out (or at least display a warning) if the certificate you are using to sign commits has expired. I am trying to implement a system for git signing with shorter-lived developer certificates (30 days) and it would be really helpful if a warning or error message would let developers know that their certificate has expired and they should request a new one.
Currently smimesign will go ahead and sign commits with expired certificates with no output, but then verification fails:
I know we're limited in what git passes to smimesign so i'd be fine to use a wrapper script or command, but would need a command line flag to indicate it should exit with error if the signing certificate is expired.
Let me know your thoughts and I'd be happy to open a PR!
The text was updated successfully, but these errors were encountered: