Security audit flags expired certificate - installed by install script? #3799

New Issue

Closed

opened 2026-02-05 07:30:31 +03:00 by OVERLORD · 4 comments

OVERLORD commented 2026-02-05 07:30:31 +03:00

Owner

Copy Link

Originally created by @RZR7332 on GitHub (May 11, 2023).

Attempted Debugging

• I have read the debugging page

Searched GitHub Issues

• I have searched GitHub for the issue.

Describe the Scenario

While scanning my system with Lynis, it flags a certificate as expired - specifically, /var/www/bookstack/vendor/league/oauth1-client/tests/test_rsa_publickey.pem. I am assuming this is installed as part of the installation script - what is it used for, and is it safe to remove?

I realise this is not a major issue, but for compliance reasons expired certificates should be removed, or at least be replaced by valid certificates.

Exact BookStack Version

23.05.1

Log Content

2023-05-11 12:52:28 Result: certificate /var/www/bookstack/vendor/league/oauth1-client/tests/test_rsa_publickey.pem has been expired

PHP Version

PHP 8.1.2-1ubuntu2.11

Hosting Environment

Ubuntu Server 22.04 LTS, virtual machine, official install script.

Originally created by @RZR7332 on GitHub (May 11, 2023). ### Attempted Debugging - [X] I have read the debugging page ### Searched GitHub Issues - [X] I have searched GitHub for the issue. ### Describe the Scenario While scanning my system with Lynis, it flags a certificate as expired - specifically, /var/www/bookstack/vendor/league/oauth1-client/tests/test_rsa_publickey.pem. I am assuming this is installed as part of the installation script - what is it used for, and is it safe to remove? I realise this is not a major issue, but for compliance reasons expired certificates should be removed, or at least be replaced by valid certificates. ### Exact BookStack Version 23.05.1 ### Log Content 2023-05-11 12:52:28 Result: certificate /var/www/bookstack/vendor/league/oauth1-client/tests/test_rsa_publickey.pem has been expired ### PHP Version PHP 8.1.2-1ubuntu2.11 ### Hosting Environment Ubuntu Server 22.04 LTS, virtual machine, official install script.

OVERLORD added the 🐕 Support label 2026-02-05 07:30:31 +03:00

OVERLORD closed this issue 2026-02-05 07:30:32 +03:00

OVERLORD commented 2026-02-05 07:30:37 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (May 11, 2023):

@RZR7332 That file is within the testing data of a sub-dependency. It's not something that would actually be used during runtime.

@ssddanbrown commented on GitHub (May 11, 2023): @RZR7332 That file is within the testing data of a sub-dependency. It's not something that would actually be used during runtime.

OVERLORD commented 2026-02-05 07:30:40 +03:00

Author

Owner

Copy Link

@RZR7332 commented on GitHub (May 11, 2023):

Thanks Dan. Is it safe to remove or is it required for functionality?

@RZR7332 commented on GitHub (May 11, 2023): Thanks Dan. Is it safe to remove or is it required for functionality?

OVERLORD commented 2026-02-05 07:30:46 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (May 11, 2023):

@RZR7332 I'm sure it's safe to remove. Will likely re-appear every time you update though.

@ssddanbrown commented on GitHub (May 11, 2023): @RZR7332 I'm sure it's safe to remove. Will likely re-appear every time you update though.

OVERLORD commented 2026-02-05 07:30:48 +03:00

Author

Owner

Copy Link

@RZR7332 commented on GitHub (May 11, 2023):

Thanks @ssddanbrown - good enough for me. Appreciate the quick response and support, much appreciated.

@RZR7332 commented on GitHub (May 11, 2023): Thanks @ssddanbrown - good enough for me. Appreciate the quick response and support, much appreciated.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

further_theme_development

l10n_development

release

llm_only

vectors

v25-11

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

pull-request

Mirrored from GitHub Pull Request

No Label 🐕 Support

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#3799