Skip to content

Commit 85795f6

Browse files
pimterrypimterry
committed
Add a proper explanation for cert-not-yet-valid errors
1 parent 2b0a726 commit 85795f6

File tree

1 file changed

+9
-9
lines changed

1 file changed

+9
-9
lines changed

src/components/view/http/http-error-header.tsx

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ import {
1616
type ErrorType =
1717
| 'untrusted'
1818
| 'expired'
19+
| 'not-yet-valid'
1920
| 'wrong-host'
2021
| 'tls-error'
2122
| 'host-not-found'
@@ -38,19 +39,14 @@ export function tagsToErrorType(tags: string[]): ErrorType | undefined {
3839
tags.includes("passthrough-error:SELF_SIGNED_CERT_IN_CHAIN") ||
3940
tags.includes("passthrough-error:DEPTH_ZERO_SELF_SIGNED_CERT") ||
4041
tags.includes("passthrough-error:UNABLE_TO_VERIFY_LEAF_SIGNATURE") ||
41-
tags.includes("passthrough-error:UNABLE_TO_GET_ISSUER_CERT_LOCALLY") ||
42-
tags.includes("passthrough-error:CERT_NOT_YET_VALID")
42+
tags.includes("passthrough-error:UNABLE_TO_GET_ISSUER_CERT_LOCALLY")
4343
) {
4444
return 'untrusted';
4545
}
4646

47-
if (tags.includes("passthrough-error:CERT_HAS_EXPIRED")) {
48-
return 'expired';
49-
}
50-
51-
if (tags.includes("passthrough-error:ERR_TLS_CERT_ALTNAME_INVALID")) {
52-
return 'wrong-host';
53-
}
47+
if (tags.includes("passthrough-error:CERT_HAS_EXPIRED")) return 'expired';
48+
if (tags.includes("passthrough-error:CERT_NOT_YET_VALID")) return 'not-yet-valid';
49+
if (tags.includes("passthrough-error:ERR_TLS_CERT_ALTNAME_INVALID")) return 'wrong-host';
5450

5551
if (
5652
tags.filter(t => t.startsWith("passthrough-tls-error:")).length > 0 ||
@@ -126,6 +122,7 @@ const isClientBug = typeCheck([
126122
const wasNotForwarded = typeCheck([
127123
'untrusted',
128124
'expired',
125+
'not-yet-valid',
129126
'wrong-host',
130127
'tls-error',
131128
'host-not-found',
@@ -142,6 +139,7 @@ const wasTimeout = typeCheck([
142139
const isWhitelistable = typeCheck([
143140
'untrusted',
144141
'expired',
142+
'not-yet-valid',
145143
'wrong-host',
146144
'tls-error'
147145
]);
@@ -205,6 +203,8 @@ export const HttpErrorHeader = (p: {
205203
? 'responded with an HTTPS certificate for the wrong hostname'
206204
: p.type === 'expired'
207205
? 'has an expired HTTPS certificate'
206+
: p.type === 'not-yet-valid'
207+
? 'has an HTTPS certificate with a start date in the future'
208208
: p.type === 'untrusted'
209209
? 'has an untrusted HTTPS certificate'
210210
: p.type === 'tls-error'

0 commit comments

Comments
 (0)