Please make certificate password changable, this is a sequrity threat.

[OlegJakushkin]

Issue:
Stuff like X509Certificate2(data, nameof(FluffySpoon)); with constant passwords makes the system quite vulnerable.

Solution:
A. Keep nameof(FluffySpoon) as sane default, yet allow the user to set his own password
B. Make it random\GUID based so that it would change on each automatic update.

[ffMathy]

Vulnerable to what exactly? Can you elaborate?

[OlegJakushkin]

When the thing called password is constant and publicly known it is a Definition of Vulnerability, say it would be your email, bank account or iphone password, will you feel safe?) чт, 19 нояб. 2020 г. в 13:14, Mathias Lykkegaard Lorenzen < notifications@github.com>:

to what exactly? Can you elaborate? — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#164 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAWHYIIQOFRBE5NFSBYZAKTSQTVXZANCNFSM4T3D2IEA> .

-- Best regards, Oleg Jakushkin Department of Computer Modeling and Multi-Processing Systems Faculty of Applied Mathematics and Control Processes Saint-Petersburg State University

[ffMathy]

The only vulnerability would be to intercept HTTPS traffic and decrypt it, right? That's all I want to know, or if you see other attack vectors too.

That defeats the prime purpose of a certificate indeed, unless you don't really care about the privacy element of HTTPS and just want it for HTTP/2 performance or SEO/usability purposes.

Either way, I agree it should be specified clearly in the documentation, and there should be a way to get around it.

I'll probably also make it throw a warning.

Right now I don't have a lot of time though, but PRs are welcome 😊🙏

[OlegJakushkin]

Yep - main attack vector would be to intercept HTTPS traffic and decrypt it on provider or router side (free wifi access points). That is important when: you transfer money, use OpenID to login, furthermore OpenID and banking systems require you to use SSL exactly for "safe" traffic encryption.

[ffMathy]

@OlegJakushkin very good point. Unfortunately, I do not have time to fix it at the moment. PRs are very welcome!