fix: check common names

go.mod

@@ -1,6 +1,6 @@
 module gitea.urkob.com/urko/emailsender
 
-go 1.21.1
+go 1.22.3
 
 require (
 	github.com/joho/godotenv v1.5.1

pkg/email/email.go

@@ -52,7 +52,7 @@ func NewInsecure(config MailServiceConfig) *EmailService {
 	}
 }
 
-var validCommonNames = []string{"ISRG Root X1", "R3", "DST Root CA X3"}
+var validCommonNames = []string{"ISRG Root X1", "R3", "E5", "DST Root CA X3"}
 
 func NewSecure(config MailServiceConfig) *EmailService {
 	return &EmailService{
@@ -98,11 +98,7 @@ func NewSecure(config MailServiceConfig) *EmailService {
 					if !slices.Contains(validCommonNames, cert.Issuer.CommonName) {
 						return fmt.Errorf("certificate is not issued by a trusted CA")
 					}
-					// log.Println("cert.ExtKeyUsage", cert.ExtKeyUsage)
-					// if cert.KeyUsage&x509.KeyUsageDigitalSignature == 0 || len(cert.ExtKeyUsage) == 0 || !slices.Contains(cert.ExtKeyUsage, x509.ExtKeyUsageServerAuth) {
-					// 	log.Printf("%+v", cert)
-					// 	return fmt.Errorf("certificate cannot be used for server authentication")
-					// }
+
 					if cert.PublicKeyAlgorithm != x509.RSA {
 						return fmt.Errorf("unsupported public key algorithm")
 					}