You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficserver.apache.org by "Scott Beardsley (JIRA)" <ji...@apache.org> on 2016/02/06 00:05:39 UTC

[jira] [Created] (TS-4180) support for serving multiple intermediate cert chains

Scott Beardsley created TS-4180:
-----------------------------------

             Summary: support for serving multiple intermediate cert chains
                 Key: TS-4180
                 URL: https://issues.apache.org/jira/browse/TS-4180
             Project: Traffic Server
          Issue Type: Improvement
          Components: SSL
            Reporter: Scott Beardsley


We would like to serve two different intermediate certificate chains for RSA certs and ECDSA certs. Today they are required to be in the same chain. It seems the best way would be to modify "ssl_ca_name" (or proxy.config.ssl.CA.cert.path) to support a comma-delimited list of intermediate files.

Bonus points if ATS validates that the intermediate chain matches the cert being served (and spits out an error if there is a mismatch)!



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)