github fabriziosalmi/certmate v2.0.1

6 hours ago

Bug Fixes

  • Logout button not visible (#73): Fixed auth check in navigation bar — the JavaScript was reading d.username but the /api/auth/me endpoint returns {user: {username: ...}}. The button now correctly appears for authenticated users.
  • Private CA rejected for internal networks (#72): Removed SSRF IP validation that incorrectly blocked private CA deployments (e.g., step-ca on step-ca.internal.local). Private CAs legitimately resolve to internal network addresses.

Security Hardening

  • Added allow_redirects=False to the private CA connectivity test to prevent redirect-based SSRF.

Full Changelog: v2.0.0...v2.0.1

Don't miss a new certmate release

NewReleases is sending notifications on new releases.