Skip to content

Fix mongoose certs#4647

Merged
kamilwaz merged 2 commits intomasterfrom
fix-certs
Feb 17, 2026
Merged

Fix mongoose certs#4647
kamilwaz merged 2 commits intomasterfrom
fix-certs

Conversation

@kamilwaz
Copy link
Copy Markdown
Contributor

@kamilwaz kamilwaz commented Feb 16, 2026
edited
Loading

The certificates used for MIM were broken by #4631. Erlang verifies that keyUses includes the required usage for the specific role (server/client), and this causes the ssl_certificate:verify_extkeyusage/2 function to fail.

The issue wasn't noticed immediately because the certificates are cached using a key generated by
tools/make-certs-cache-key.sh

Additionally, some SIP tests were failing on master due to an invalid configuration left behind by cets_disco_SUITE. This PR makes sure the configuration is restored at the end.

⚓︎ MIM-2618

@kamilwaz kamilwaz self-assigned this Feb 16, 2026
@mongoose-im
Copy link
Copy Markdown
Collaborator

mongoose-im commented Feb 16, 2026
edited
Loading

CircleCI results for d25d2bc

elasticsearch_and_cassandra_latest / elasticsearch_and_cassandra_mnesia / 4405113
Status: 🟢 Passed
Reports root/ big
OK: 683 / Failed: 0 / User-skipped: 72 / Auto-skipped: 0

small_tests_legacy / small_tests / 4405113
Reports root / small

small_tests_latest / small_tests / 4405113
Reports root / small

small_tests_latest_arm64 / small_tests / 4405113
Reports root / small

ldap_mnesia_legacy / ldap_mnesia / 4405113
Status: 🟢 Passed
Reports root/ big
OK: 2396 / Failed: 0 / User-skipped: 1423 / Auto-skipped: 0

ldap_mnesia_latest / ldap_mnesia / 4405113
Status: 🟢 Passed
Reports root/ big
OK: 2396 / Failed: 0 / User-skipped: 1423 / Auto-skipped: 0

dynamic_domains_mysql_redis_latest / mysql_redis / 4405113
Status: 🟢 Passed
Reports root/ big
OK: 5307 / Failed: 0 / User-skipped: 173 / Auto-skipped: 0

dynamic_domains_pgsql_mnesia_legacy / pgsql_mnesia / 4405113
Status: 🟢 Passed
Reports root/ big
OK: 5343 / Failed: 0 / User-skipped: 137 / Auto-skipped: 0

dynamic_domains_pgsql_mnesia_latest / pgsql_mnesia / 4405113
Status: 🟢 Passed
Reports root/ big
OK: 5343 / Failed: 0 / User-skipped: 137 / Auto-skipped: 0

internal_mnesia_latest / internal_mnesia / 4405113
Status: 🟢 Passed
Reports root/ big
OK: 2544 / Failed: 0 / User-skipped: 1275 / Auto-skipped: 0

pgsql_cets_latest / pgsql_cets / 4405113
Status: 🟢 Passed
Reports root/ big
OK: 5405 / Failed: 0 / User-skipped: 203 / Auto-skipped: 0

cockroachdb_cets_latest / cockroachdb_cets / 4405113
Status: 🟢 Passed
Reports root/ big
OK: 5405 / Failed: 0 / User-skipped: 203 / Auto-skipped: 0

pgsql_mnesia_latest / pgsql_mnesia / 4405113
Status: 🟢 Passed
Reports root/ big
OK: 5694 / Failed: 0 / User-skipped: 157 / Auto-skipped: 0

pgsql_mnesia_legacy / pgsql_mnesia / 4405113
Status: 🟢 Passed
Reports root/ big
OK: 5694 / Failed: 0 / User-skipped: 157 / Auto-skipped: 0

mysql_redis_latest / mysql_redis / 4405113
Status: 🟢 Passed
Reports root/ big
OK: 5686 / Failed: 0 / User-skipped: 165 / Auto-skipped: 0

@codecov
Copy link
Copy Markdown

codecov bot commented Feb 16, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 86.04%. Comparing base (2a88a98) to head (4405113).
⚠️ Report is 3 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #4647      +/-   ##
==========================================
- Coverage   86.07%   86.04%   -0.03%     
==========================================
  Files         569      569              
  Lines       34145    34145              
==========================================
- Hits        29390    29380      -10     
- Misses       4755     4765      +10

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

fen-pl
fen-pl reviewed Feb 16, 2026
View reviewed changes
@kamilwaz kamilwaz marked this pull request as ready for review February 16, 2026 23:55
@kamilwaz kamilwaz force-pushed the fix-certs branch 2 times, most recently from e40c36e to 19db632 Compare February 17, 2026 09:33
@kamilwaz kamilwaz requested a review from fen-pl February 17, 2026 09:40
telezynski
telezynski reviewed Feb 17, 2026
View reviewed changes
Kamil Wąż added 2 commits February 17, 2026 11:00
Fix mongoose certs
343e368 
The certificates used for MIM were broken by #4631. Erlang verifies `serverAuth` against `keyUsage`,
which causes the `ssl_certificate:verify_extkeyusage/2` function to fail.

The issue wasn't noticed immediately because the certificates are cached using a key generated by
`tools/make-certs-cache-key.sh`
Fix failing tests in jingle_SUITE
4405113 
Some SIP tests were failing due to an invalid configuration left behind by `cets_disco_SUITE`.
@kamilwaz kamilwaz merged commit 537a278 into master Feb 17, 2026
4 checks passed
@kamilwaz kamilwaz deleted the fix-certs branch February 17, 2026 11:02
@chrzaszcz chrzaszcz added this to the 6.6.0 milestone Mar 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@telezynski telezynski telezynski approved these changes

@fen-pl fen-pl Awaiting requested review from fen-pl

Assignees

@kamilwaz kamilwaz

Labels

None yet

Projects

None yet

Milestone

6.6.0

Development

Successfully merging this pull request may close these issues.

5 participants

@kamilwaz @mongoose-im @fen-pl @telezynski @chrzaszcz