You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficserver.apache.org by "Leif Hedstrom (JIRA)" <ji...@apache.org> on 2013/07/15 16:42:48 UTC

[jira] [Created] (TS-2031) SSL can pick the wrong certificate

Leif Hedstrom created TS-2031:
---------------------------------

             Summary: SSL can pick the wrong certificate
                 Key: TS-2031
                 URL: https://issues.apache.org/jira/browse/TS-2031
             Project: Traffic Server
          Issue Type: Bug
          Components: SSL
            Reporter: Leif Hedstrom


I have a case, where two IPs have different certificate, but the second certificate is a wildcard. So, certificate 1) is more specificic (www.example) whereas the second cert is a *.example.com). My config is e.g.

{code}
dest_ip=1.2.3.4 ssl_cert_name=www.example.com.pem
dest_ip=2.3.4.5 ssl_cert_name=example.com.pem
{code}

The IP for www.example.com is 1.2.3.4, yet, it will present the wrong cert. A wild guess is that the lookup matches the second cert first, and it fails to take the IP into consideration?


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira