Re: sslinfo extension - add notbefore and notafter timestamps

Jacob Champion <jacob.champion@enterprisedb.com>

From: Jacob Champion <jacob.champion@enterprisedb.com>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Cary Huang <cary.huang@highgo.ca>, PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2024-03-20T16:32:38Z
Lists: pgsql-hackers

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Add notBefore and notAfter to SSL cert info display

  2. Set fixed dates for test certificates validity

On Wed, Mar 20, 2024 at 7:50 AM Daniel Gustafsson <daniel@yesql.se> wrote:
> We are subtracting 30 years from a calculation that we know didnt overflow, so
> I guess if the certificate notBefore (the notAfter cannot be that early since
> we wouldn't be able to connect with it) was set to early enough?  It didn't
> strike me as anything above academical unless I'm thinking wrong here.

Yeah, it's super nitpicky. The CA would have had to sign a really
broken certificate somehow, anyway...

I can't find anything else to note; patch LGTM.

Thanks,
--Jacob