DO NOT REPLY [Bug 37869] - Cannot obtain client certificate with SSL / client certificate authentication using APR components

[bu...@apache.org]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=37869>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=37869





------- Additional Comments From cpierret@sparus-software.com  2007-01-17 15:09 -------
Seems like this one
http://issues.apache.org/bugzilla/show_bug.cgi?id=41382
is the same issue.

The patch given with #41382 was designed for 5.5.20 and fixes also the
bug-replication (bug copy/paste?) found a few lines down in the code. It has
been tested at Sparus Software with various scenarios (e.g.: SSL client does not
give a cert chain, gives a cert chain, etc)

If I am not mistaken, the patch given with #37869 seems incorrect as it replaces
an incorrect behaviour (only giving certification chain excluding client
certificate) with another incorrect behaviour (only giving client cert but not
the certificate chain, see servlet spec for details of what the correct behavior is)



-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org