Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Chromium Snap cert trust #57256

Merged
merged 1 commit into from
Aug 10, 2024
Merged

Add support for Chromium Snap cert trust #57256

merged 1 commit into from
Aug 10, 2024

Conversation

amcasey
Copy link
Member

@amcasey amcasey commented Aug 10, 2024

I thought this already worked, but it turns out it behaves differently depending on how you launch it. When it is launched as a snap (vs from the command line), it can only access things in its own folder, so it looks in a different NSS DB for trusted certs. Fixing this is as simple as adding one more well-known location to the list.

@amcasey
Add support for Chromium Snap cert trust
c5dd998 
I thought this already worked, but it turns out it behaves differently depending on how you launch it.  When it is launched as a snap (vs from the command line), it can only access things in its own folder, so it looks in a different NSS DB for trusted certs.  Fixing this is as simple as adding one more well-known location to the list.
@dotnet-issue-labeler dotnet-issue-labeler bot added the area-commandlinetools Includes: Command line tools, dotnet-dev-certs, dotnet-user-jwts, and OpenAPI label Aug 10, 2024
@amcasey
Copy link
Member Author

amcasey commented Aug 10, 2024

/backport to release/8.0

@github-actions GitHub Actions
Copy link
Contributor

Started backporting to release/8.0: https://github.com/dotnet/aspnetcore/actions/runs/10327407839

@github-actions github-actions bot mentioned this pull request Aug 10, 2024
Merged
10 tasks
@amcasey
Copy link
Member Author

amcasey commented Aug 10, 2024

Validated locally.

@amcasey amcasey enabled auto-merge (squash) August 10, 2024 00:47
amcasey
amcasey commented Aug 10, 2024
View reviewed changes
src/Shared/CertificateGeneration/UnixCertificateManager.cs
@@ -476,6 +476,11 @@ private static string GetChromiumNssDb(string homeDirectory)
return Path.Combine(homeDirectory, ".pki", "nssdb");
}

private static string GetChromiumSnapNssDb(string homeDirectory)
{
return Path.Combine(homeDirectory, "snap", "chromium", "current", ".pki", "nssdb");
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

current is a symlink to a folder named for the version number.

@amcasey amcasey merged commit bbad091 into dotnet:main Aug 10, 2024
26 checks passed
@dotnet-policy-service dotnet-policy-service bot added this to the 9.0-rc1 milestone Aug 10, 2024
@amcasey amcasey deleted the ChromeSnap branch August 12, 2024 16:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adityamandaleeka adityamandaleeka adityamandaleeka approved these changes

Assignees
No one assigned
Labels
area-commandlinetools Includes: Command line tools, dotnet-dev-certs, dotnet-user-jwts, and OpenAPI
Projects
None yet
Milestone
9.0-rc1
Development

Successfully merging this pull request may close these issues.
2 participants
@amcasey @adityamandaleeka