3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-30 15:00:51 +02:00
Code Issues Projects Releases Packages Wiki Activity
Pomerium is an identity and context-aware access proxy.
3514 commits 176 branches 133 tags 111 MiB
Find a file
Kenneth Jenkins b9443f552e config: generate fallback cert only as last resort 
Currently Pomerium will generate a self-signed wildcard certificate for
use as a fallback certificate.

As far as I can tell, if any other certificate is configured the
self-signed wildcard will never be presented, except in the case that a
TLS connection is made without the SNI (server name indication)
extension. Given that all modern browsers support SNI, in practice I
think this self-signed certificate will never be presented to end users.

However, this self-signed certificate will show up in network scans, and
may be reported as a problem in certain vulnerability scanning tools.

Let's avoid generating this self-signed certificate if Pomerium has any
other certificate configured. This should prevent false positive reports
from vulnerability scans.
2024-08-29 14:10:03 -07:00
.github core/ci: codeql (#5239) 2024-08-23 20:28:15 -06:00
.vscode use tlsClientConfig instead of custom dialer (#3830) 2022-12-27 09:55:36 -07:00
authenticate core/logs: remove warnings (#5235) 2024-08-27 09:38:50 -06:00
authorize core/ci: fix test (#5245) 2024-08-27 10:50:24 -06:00
changelogs changelog for v0.25 (#4896) 2024-01-09 16:30:24 -05:00
cmd/pomerium Add new configurable bootstrap writers (#2405) (#5114) 2024-05-31 12:26:17 -04:00
config config: generate fallback cert only as last resort 2024-08-29 14:10:03 -07:00
databroker core/config: add databroker_storage_connection_string_file (#5242) 2024-08-27 09:42:14 -06:00
examples core/config: remove debug option, always use json logs (#4857) 2023-12-15 11:29:05 -07:00
integration core/authorize: use uuid for jti, current time for iat and exp (#5147) 2024-06-25 11:31:00 -06:00
internal core/logs: remove warnings (#5235) 2024-08-27 09:38:50 -06:00
k8s/zero zero/k8s: deployment manifests (#4763) 2024-01-08 12:08:14 -05:00
ospkg move directory providers (#3633) 2022-11-03 11:33:56 -06:00
pkg core/logs: remove warnings (#5235) 2024-08-27 09:38:50 -06:00
proxy core/logs: remove warnings (#5235) 2024-08-27 09:38:50 -06:00
scripts core/proto: update protoc dependencies (#5218) 2024-08-15 11:12:05 -06:00
ui chore(deps): bump micromatch from 4.0.5 to 4.0.8 in /ui (#5240) 2024-08-26 07:56:02 -06:00
.codecov.yml
.dockerignore
.fossa.yml
.gitattributes
.gitignore core/ui: improve frontend build size (#5109) 2024-05-09 07:10:00 -06:00
.golangci.yml Temporarily disable gci linter (#5217) 2024-08-14 16:30:08 -04:00
.pre-commit-config.yaml
.tool-versions Update to Go 1.23 (#5216) 2024-08-14 14:12:01 -04:00
3RD-PARTY
DEBUG.MD
Dockerfile Update to Go 1.23 (#5216) 2024-08-14 14:12:01 -04:00
Dockerfile.debug Update to Go 1.23 (#5216) 2024-08-14 14:12:01 -04:00
go.mod Replace usages of x/exp/maps + bump golang.org/x/exp (#5221) 2024-08-15 17:49:24 -04:00
go.sum Replace usages of x/exp/maps + bump golang.org/x/exp (#5221) 2024-08-15 17:49:24 -04:00
LICENSE
Makefile ci: allow to override VERSION in Makefile via env (#5230) 2024-08-20 16:22:25 -04:00
pomerium.go
README.md Update README.md (#5163) 2024-08-29 10:05:33 -06:00
RELEASING.md
SECURITY.md Fix SECURITY.md treated as symlink (#5211) 2024-08-07 17:20:18 -04:00

README.md

pomerium logo

Go Report Card GoDoc LICENSE Docker Pulls

Pomerium builds secure, clientless connections to internal web apps and services without a corporate VPN.

Pomerium is:

Its not a VPN alternative its the trusted, foolproof way to protect your business. Give Pomerium a try today!

Docs

For comprehensive docs, and tutorials see our documentation.

Contributing

See Contributing for information on how you can contribute to Pomerium.