You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be nice if Tempo supported client-side HTTPS certificates.
Description
Client side certificate offer an extra layer of protection in addition to password authentication and could prevent malicious actors for exploiting vulnerabilities in internet-facing subsonic servers.
Android allows for both custom CA certificate and client certificates to be added to the system trust store, however they seem to be ignored by Tempo and the connection fails.
Use Case
Currently anyone that hosts a subsonic server behind HTTPS client authentication is prevented from using Tempo. The proposed feature would allow these users to enjoy Tempo as well.
Summary
It would be nice if Tempo supported client-side HTTPS certificates.
Description
Client side certificate offer an extra layer of protection in addition to password authentication and could prevent malicious actors for exploiting vulnerabilities in internet-facing subsonic servers.
Android allows for both custom CA certificate and client certificates to be added to the system trust store, however they seem to be ignored by Tempo and the connection fails.
Use Case
Currently anyone that hosts a subsonic server behind HTTPS client authentication is prevented from using Tempo. The proposed feature would allow these users to enjoy Tempo as well.
Additional context
See also daneren2005/Subsonic#931 for a similar issue related to another Subsonic client.
The text was updated successfully, but these errors were encountered: