Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UI for new client cert OS store options #391

Merged
merged 2 commits into from
Jan 23, 2024
Merged

UI for new client cert OS store options #391

merged 2 commits into from
Jan 23, 2024

Conversation

kenjenkins
Copy link
Contributor

@kenjenkins kenjenkins commented Jan 18, 2024
edited
Loading

Summary

pomerium-cli now has new options for searching the system trust store for a client certificate: by default it will look for a certificate matching any trusted CA names from the TLS handshake, but additionally it can filter by a single Issuer Name attribute and/or a single Subject Name attribute.

Add corresponding UI to the Desktop Client:

  • add a 'Client certificates' section heading under the 'Advanced settings' panel
  • move existing file upload / text entry UI behind a nested accordion labelled 'Set client certificate manually'
  • add a 'Search OS certificate store' toggle button (this corresponds to the --client-cert-from-store CLI option)
  • add an 'Additional OS certificate store filters' nested accordion with Issuer Name and Subject Name settings (these correspond to the --client-cert-issuer and --client-cert-subject CLI options)

Screenshot of the new section, no options selected:

Screen Shot 2024-01-18 at 4 51 05 PM

Screenshot of the new nested filters accordion, no filters entered:

Screen Shot 2024-01-18 at 4 54 43 PM

Screenshot of the new nested filters accordion, one filter entered:

Screen Shot 2024-01-18 at 4 58 16 PM

Note: lint was complaining about unused variables in a TypeScript function type annotation, so I added plugin:@typescript-eslint/recommended to the configuration—this fixed the warning but I needed to turn off a few related rules with existing errors.

Related issues

Checklist

  • reference any related issues
  • updated docs
  • updated unit tests
  • updated UPGRADING.md
  • add appropriate tag (improvement / bug / etc)
  • ready for review

@kenjenkins kenjenkins changed the title WIP - UI for new client cert options UI for new client cert OS store options Jan 19, 2024
@kenjenkins kenjenkins marked this pull request as ready for review January 19, 2024 22:35
@kenjenkins kenjenkins requested review from a team as code owners January 19, 2024 22:35
@kenjenkins kenjenkins requested review from calebdoxsey and removed request for a team January 19, 2024 22:35
@kenjenkins kenjenkins mentioned this pull request Jan 19, 2024
Closed
6 tasks
nhayfield
nhayfield approved these changes Jan 19, 2024
View reviewed changes
Copy link
Collaborator

@nhayfield nhayfield left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lgtm

src/renderer/pages/ConnectForm.tsx Show resolved Hide resolved
@kenjenkins kenjenkins merged commit 5ed6fd4 into main Jan 23, 2024
3 checks passed
@kenjenkins kenjenkins deleted the kenjenkins/client-certs-2 branch January 23, 2024 20:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nhayfield nhayfield nhayfield approved these changes

@calebdoxsey calebdoxsey calebdoxsey approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@kenjenkins @calebdoxsey @nhayfield