Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for client certificates #399

Closed
et1975 opened this issue Aug 27, 2015 · 8 comments
Closed

Support for client certificates #399

et1975 opened this issue Aug 27, 2015 · 8 comments
Assignees
@ferventcoder
Labels
5 - Released Improvement
Milestone
0.9.10

Comments

@et1975
Copy link

et1975 commented Aug 27, 2015

I don't see any way to configure choco with a client certificate for authentication with a server.
Both apt-get and yum support this, so would be nice if choco could do the same.
@ferventcoder
Copy link
Member

It sounds like something that we could do.

@ferventcoder
Copy link
Member

Perhaps you can elaborate more in how you would see the user experience of this feature.

@et1975
Copy link
Author

et1975 commented Aug 28, 2015

I'm thinking an attribute for a repo/source that specifies the PFX file:

choco source add -n=bob -s"https://somewhere/out/there/api/v2/" -cert=\users\bob\client.pfx

edit: attr name

@ferventcoder
Copy link
Member

Does the source need to support public / private key auth then as well?

@et1975
Copy link
Author

et1975 commented Aug 28, 2015

Yes, on top of HTTPS the server would be configured to require a client certificate.
I'll see about setting up a Docker container to test against, assuming I can get a self-hosted choco repo going on mono/linux.

@ferventcoder
Copy link
Member

It all depends on the server - I'm sure something like Nexus or Artifactory probably already support that, but not sure if they do with NuGet packages.

@ferventcoder
Copy link
Member

Similar to #403.

This was referenced Nov 17, 2015
Merged
Closed
@ferventcoder ferventcoder added this to the 0.9.10 milestone Jan 5, 2016
@ferventcoder ferventcoder self-assigned this Jan 5, 2016
ferventcoder pushed a commit that referenced this issue May 29, 2016
@ferventcoder
(GH-399) client certificate support
6f79d85 
Extends authentication by adding options to sources and commands
to specify client certificate and its password, as well as
implementing new IClientCertificateProvider from choco/nuget-chocolatey
to lookup those options based on the Uri requested.
These options are complimentary and can be used in addition to
username/password assuming the server implements it.
+ unit tests fix to use lowercased %ComSpec% when looking for cmd.exe
ferventcoder added a commit that referenced this issue May 29, 2016
@ferventcoder
Merge branch 'pr481' into stable
026df76 
* pr481:
  (GH-399) client certificate support
  (specs) compare with to_lower
ferventcoder added a commit that referenced this issue May 29, 2016
@ferventcoder
Merge branch 'stable'
0f46075 
* stable:
  (GH-399) client certificate support
  (specs) compare with to_lower
@ferventcoder
Copy link
Member

Fixed up and merged into stable at 026df76

@TheCakeIsNaOH TheCakeIsNaOH mentioned this issue Jul 14, 2022
Merged
46 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ferventcoder ferventcoder

Labels
5 - Released Improvement
Projects
None yet
Milestone
0.9.10
Development

No branches or pull requests
3 participants
@ferventcoder @et1975 @gep13