[Cyberduck-trac] [Cyberduck] #6603: Better handling for expired certificates

Cyberduck trac at trac.cyberduck.ch
Tue Mar 27 11:41:32 CEST 2012

#6603: Better handling for expired certificates
    Reporter:  stipers      |      Owner:
        Type:  enhancement  |     Status:  new
    Priority:  low          |  Milestone:
   Component:  core         |    Version:  4.2.1
    Severity:  normal       |   Keywords:  certificate expiry trust
Architecture:               |   Platform:
 * Create a WebDAV server using SSL with self-signed certificate.
 * Connect to the server using Cyberduck.
 * Cyberduck will complain about the self-signed certificate.  Say it is
 OK, and tick the box to store this exception.

 This is all good.  Problems can arise though if you come back some time
 later and your self-signed certificate has expired.

 When trying to connect now, with the expired certificate, Cyberduck will
 pop-up a message saying "This certificate is not valid."  So first feature
 request arising is:  It would be more helpful if, when the certificate is
 expired, it said, "This certificate has expired."

 Also at this point you will get the option to connect anyway, and
 Cyberduck gives you a tick box to "Always trust."  This is unhelpful in
 this context, because there is no 'always trust' effective option here -
 you can tick 'always trust' as much as you like and it will make no
 difference - Cyberduck will not let you always trust an expired
 certificate.  (I wonder if this is what may be behind what some of the
 respondents were experiencing with issues #87 and #2938 - it had me going
 for a while.)

 So second feature request arising is:  In those cases where it is not
 possible to store an exception for that certificate (e.g. where the
 certificate has expired, as above), it would be best if the "Always trust"
 option was not offered (not there, or disabled).

 Thank you!

Ticket URL: <http://trac.cyberduck.ch/ticket/6603>
Cyberduck <http://cyberduck.ch>
Open source FTP, SFTP, WebDAV, Cloud Files, Google Docs & Amazon S3 Browser for Mac & Windows.

More information about the Cyberduck-trac mailing list