You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2014/02/25 18:12:19 UTC
[jira] [Commented] (TS-2563) Set the SSL default verify paths when
ssl.client.verify.server=1
[ https://issues.apache.org/jira/browse/TS-2563?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13911730#comment-13911730 ]
ASF subversion and git services commented on TS-2563:
-----------------------------------------------------
Commit a64033ad5d5e80489c89f0d1d478dedc8c9109c2 in trafficserver's branch refs/heads/master from [~sunwei]
[ https://git-wip-us.apache.org/repos/asf?p=trafficserver.git;h=a64033a ]
TS-2563: always set the SSL default verify paths
When working at reverse proxy mode with the following remap rule:
map https://xxx1.com https://xxx2.com
ssl.client.verify.server=1
If xxx2.com is providing trusted certificate and
'ssl.client.CA.cert.filename' is NULL, ats should be able to verify
the certificate in terms of the default provided CAs.
> Set the SSL default verify paths when ssl.client.verify.server=1
> ----------------------------------------------------------------
>
> Key: TS-2563
> URL: https://issues.apache.org/jira/browse/TS-2563
> Project: Traffic Server
> Issue Type: Bug
> Components: SSL
> Reporter: Wei Sun
> Assignee: James Peach
> Fix For: 5.0.0
>
> Attachments: TS-2563.diff
>
>
> When working at reverse proxy mode with the following remap rule:
> map https://xxx1.com https://xxx2.com
> ssl.client.verify.server=1
> If xxx2.com is providing trusted certificate and 'ssl.client.CA.cert.filename' is NULL, ats should be able to verify the certificate in terms of the default provided CAs.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)