[GitHub] [apisix] whioue commented on issue #6418: bug: apisix failed to verify the validity of the server certificate

[GitBox <gi...@apache.org>]

whioue commented on issue #6418:
URL: https://github.com/apache/apisix/issues/6418#issuecomment-1047723879


   > @whioue “服务端配置不合法的证书和密钥时”具体是什么意思，你有试过通过curl访问你的后端吗？
   
   启动后置服务时加载ca证书和服务端证书、服务端密钥，但是服务端证书和私钥并不是此ca证书所签发的，正常来说apisix作为客户端来访问此服务时，双向认证时服务端会将此证书和密钥发送给apisix，而apisix并未校验出此证书和密钥不合法而是直接获取到了响应。当使用curl进行访问此服务时提示证书验证失败，不能正常访问获取请求。


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org