Comments (16)
Unfortunately, I'm not sure if AppImage will work as this requires a root certificate to be installed for TLS functionality. I need to do more investigating but might go with flatpak.
from origamismtp.
Flatpak will work too for easy install and use on all Linux distros.
from origamismtp.
Providing an AppImage would have, among others, these advantages:
- Applications packaged as an AppImage can run on many distributions (including Ubuntu, Fedora, openSUSE, CentOS, elementaryOS, Linux Mint, and others)
- One app = one file = super simple for users: just download one AppImage file, make it executable, and run
- No unpacking or installation necessary
- No root needed
- No system libraries changed
- Works out of the box, no installation of runtimes needed
- Optional desktop integration with
appimaged
- Optional binary delta updates, e.g., for continuous builds (only download the binary diff) using AppImageUpdate
- Can optionally GPG2-sign your AppImages (inside the file)
- Works on Live ISOs
- Can use the same AppImages when dual-booting multiple distributions
- Can be listed in the AppImageHub central directory of available AppImages
- Can double as a self-extracting compressed archive with the
--appimage-extract
parameter - No repositories needed. Suitable/optimized for air-gapped (offline) machines
Here is an overview of projects that are already distributing upstream-provided, official AppImages.
If you have questions, AppImage developers are on #AppImage on irc.freenode.net.
Unfortunately, I'm not sure if AppImage will work as this requires a root certificate to be installed for TLS functionality.
Why do you think this has something to do with AppImage? You just need to get your software to load that certificate. AppImage is just a self-mounting filesystem that executes whatever you put inside it.
from origamismtp.
@probonopd The reason I'm concerned about that is more for the client than the application itself. The application runs fine as a jar file containing certificates. The debian installer installs a root certificate so that clients trust the server (this app). While I don't know of any Linux examples the libraries used for C# to access SMTP securely will throw an exception if can't find the certificate.
from origamismtp.
Ah, I see. Probably one would have to write a small script to install the certificate in the system, and run that script as root?
from origamismtp.
That's one way to do it but adds extra steps. With the debian installer all I have to do is make sure /etc/ssl/certs of the archive contains the certificate and it will move it to the same place on the file system.
from origamismtp.
Are you sure that all distributions are loading the certs from the same location? I wouldn't be so sure...
"/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.
"/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL
"/etc/ssl/ca-bundle.pem", // OpenSUSE
"/etc/pki/tls/cacert.pem", // OpenELEC
"/etc/ssl/certs", // SLES10/SLES11, https://golang.org/issue/12139
"/usr/share/ca-certs/.prebuilt-store/" // Clear Linux OS; https://github.com/knapsu/plex-media-player-appimage/issues/17#issuecomment-437710032
"/system/etc/security/cacerts" // Android
Reference:
https://gitlab.com/probono/platformissues#certificates
from origamismtp.
I never said that all distributions load them from the same location. I said that the Debian installer adds them. I do want to make a rpm package but since the build is automated on a Ubuntu server I'm not sure how to do that.
from origamismtp.
I feel like AppImage and Flatpak will cripple the features that make this project stand out from the alternatives. Therefore they will not be created at this time.
from origamismtp.
I feel like AppImage and Flatpak will cripple the features
I guarantee you that AppImage won't cripple anything because it's just a way of transporting your software - you stay in full control. Think of it like a zip file, but one that doesn't have to be extracted.
from origamismtp.
The whole reason Origami SMTP was created was to have a fake SMTP server with TLS that could be validated by the client. If the Origami Root CA cannot be installed I consider the feature crippled.
from origamismtp.
Can Origami SMTP made to load the Origami Root CA from a path relative to itself? That would be the best option because that way, the Origami Root CA would not have to be copied into the system but could stay in the AppImage and be loaded from there.
from origamismtp.
It already loads it from its jar file. The issue is when clients connect. Some clients will attempt to verify against the operating system's root certificates.
from origamismtp.
Ah, then a helper tool or bash script is needed that is run as root and copies the certificates into the appropriate system location(s).
"/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.
"/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL
"/etc/ssl/ca-bundle.pem", // OpenSUSE
"/etc/pki/tls/cacert.pem", // OpenELEC
"/etc/ssl/certs", // SLES10/SLES11, https://golang.org/issue/12139
"/usr/share/ca-certs/.prebuilt-store/" // Clear Linux OS; https://github.com/knapsu/plex-media-player-appimage/issues/17#issuecomment-437710032
"/system/etc/security/cacerts" // Android
from origamismtp.
@probonopd do you know how to add the certificates to the appimage? or make the appimage recognise them?
from origamismtp.
What component is using the certificates? If it is using gnutls, then this patched version the PPA: https://launchpad.net/~djcj/+archive/ubuntu/gnutls-patched may do the trick - it is patched to search in all the known certification locations where the different distributions put them.
from origamismtp.
Related Issues (12)
- Publish on Maven repository [$10] HOT 12
- Setup Instructions For Linux Users HOT 2
- Using removed Java code HOT 1
- GUIDE : Setup on Manjaro Linux (or Arch) HOT 2
- Some mailers may require a Revocation List HOT 3
- Create accounts with username and password. HOT 10
- [HELP] TLS startup failed (connect(): error:0407008A HOT 2
- Opening the GUI and app HOT 1
- Email Details Not Appearing HOT 1
- Question: Does this require Java to run? HOT 1
- Comparison of other fake mailservers is not up to date HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from origamismtp.