Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verifying Postmark TLS configuration changes against temporary URL "api-ssl-temp.postmarkapp.com" #92

Closed
jvopalensky opened this issue Feb 22, 2021 · 4 comments
Closed

Verifying Postmark TLS configuration changes against temporary URL "api-ssl-temp.postmarkapp.com" #92

jvopalensky opened this issue Feb 22, 2021 · 4 comments

Comments

@jvopalensky
Copy link

The Feb. 16, 2021 announcement (https://postmarkapp.com/updates/upcoming-tls-configuration-changes-for-api-users-action-may-be-required) states that on April 13, 2021 Postmark API endpoint security will be updated as follows:

  1. TLSv1 access will not be allowed.
  2. All RC4 and low-strength ciphers will not be allowed.
  3. HSTS headers will be included.

I like to be sure that by then using this NuGet package our code will still work. But I am not clear how I can do that without creating a private NuGet package that modifies the hard-coded default Base URL parameter value (apiBaseUri) from "api.postmarkapp.com" to "api-ssl-temp.postmarkapp.com".

Note: I created a forked version at https://github.com/firmwater/postmark-dotnet that replaces this apiBaseUri. But I rather use an official WildBit postmark-dotnet NuGet package that allows anyone to change the apiBaseUri value on startup. Is there some environment variable that can be used to control this base API URI value?

I see in your test cases there is BASE_URL config variable. But I cam not clear how I can initialize it in our application running n our cloud server. As stated in #78 by atheken:

If you'd like to run the tests locally, these are the necessary env vars, which can also be stored as keys in a file called testing_keys.json in a parent directory of the repo:

https://github.com/wildbit/postmark-dotnet/blob/master/src/Postmark.Tests/ClientBaseFixture.cs#L19-L29

If a readme on how to configure these would be useful, that's something we can add.
@gary-lg
Copy link

gary-lg commented Feb 23, 2021

Hi @jvopalensky,

You can specify a different base URL when instantiating an instance of the PostmarkClient or PostmarkAdminClient by passing the optional baseApiUrl parameter to the constructor.

For example:

var pmClient = new PostmarkClient(pmServerToken, "https://api-ssl-temp.postmarkapp.com");

Because you can set the base URL at the point of construction you are free to load the URL from a config file, environment variable or anywhere else. The postmark library by itself does not read any config or environment values. The environment values in the test fixtures exist so we can share the test suite without exposing the tokens we use for our own verification.

If you need anything else please feel free to comment on this thread.

@jvopalensky
Copy link
Author

No need for this. I now see there is way to override the default API URL in PostmarkClient() constructor.

@jvopalensky
Copy link
Author

Thanks Gary. I also found this more or less at the same time you posted your comment.

@jhaldi
Copy link

jhaldi commented Feb 24, 2021

Thank you for this - big help!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jvopalensky @jhaldi @gary-lg