Add your own private certificate authority
01 November 2020
Also, the GUI had a big update this week. But first the private CA thing. One client has numerous test systems facing the internet on which they use certificates issued by a private Certificate Authority. If you can add the CA manually to the browsers used for testing, that works fine of course. The thing is, since that CA is not known to monitoring services like ShadowTrackr, it will affect your grade. This client had quite the list of trust issues in their certificate report. Since this was intended behaviour, they asked for the option to ignore these.
If you have a similar issue, you can now add your own trusted certificate issuers under
Settings->General. Any certificate from this issuer will be treated and scored as if the issuer was part of the trust list, and it will be graded without looking at the trust issue. The name of the certificate issuers you manually add to your ShadowTrackr trust list will appear in green everywhere (instead of blue), so it’s easy to recognise later on.
The rest of this update was all about getting the user interface more consistent. The weekly pdf had some major improvements, and we made the same changes under the reports sections. This makes it much easier to find the problems from your report in the online version and lookup more context.
Since the problems are now appearing under reports, the problem section in the menu has become redundant and is removed. The format of all online reports has also changed and all reports now use the same layout. This makes the UI much more consistent and easier to understand.