Temp. add official root certs to work with new domain#163
Merged
Marenz merged 1 commit intofrequenz-floss:v0.x.xfrom May 13, 2025
Merged
Temp. add official root certs to work with new domain#163Marenz merged 1 commit intofrequenz-floss:v0.x.xfrom
Marenz merged 1 commit intofrequenz-floss:v0.x.xfrom
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR updates the release notes to reflect the support for the official dispatch domain, indicating the transition toward using standard system root certificates for improved TLS handling. It also removes obsolete bug fix entries from the release notes.
- Updated release notes to include the new dispatch domain.
- Removed outdated bug fixes.
We now are getting proper domains & certificates, to support this transition smoothly, we add the "normal" systems root cert explicitly to our custom root cert that we used up until now. This is required as using the root-cert option prevents the client from looking at the normal systems root certificates which we would need in this case. Once all clients are updated and the service is updated, we can remove all extra options for TLS certs. Signed-off-by: Mathias L. Baumann <mathias.baumann@frequenz.com>
Marenz
force-pushed
the
support-official-tls
branch
from
0f2d117 to
46d2194
Compare
There was a problem hiding this comment.
Pull Request Overview
This PR updates the RELEASE_NOTES to reflect the transition to using official system root certificates when connecting to the new dispatch domain.
- Updated the feature bullet to use the official dispatch domain URL.
- Removed the bug fixes section from the release notes.
Comments suppressed due to low confidence (1)
RELEASE_NOTES.md:7
- [nitpick] The removal of the bug fixes section may result in lost context for previous issues; please verify that this removal was intentional.
- * Fix that `dispatch-cli stream` would try to print an event as dispatch, causing an exception.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
We now are getting proper domains & certificates, to support
this transition smoothly, we add the "normal" systems root cert
explicitly to our custom root cert that we used up until now.
This is required as using the root-cert option prevents the client from
looking at the normal systems root certificates which we would need
in this case.
Once all clients are updated and the service is updated, we can remove
all extra options for TLS certs.
Signed-off-by: Mathias L. Baumann mathias.baumann@frequenz.com