Page MenuHomePhabricator

Support "ssl.chain" in Aphlict configuration
ClosedPublic

Authored by epriestley on Apr 14 2016, 12:51 PM.
Tags
None
Referenced Files
F11031402: D15709.id.diff
Sat, Aug 13, 11:55 PM
Unknown Object (File)
Tue, Aug 9, 5:30 AM
Unknown Object (File)
Mon, Aug 8, 3:08 PM
Unknown Object (File)
Sat, Jul 30, 12:31 PM
Unknown Object (File)
Jun 27 2022, 5:31 AM
Unknown Object (File)
Jun 19 2022, 4:34 AM
Unknown Object (File)
Jun 18 2022, 7:51 AM
Unknown Object (File)
Jun 18 2022, 1:18 AM
Subscribers
None

Details

Summary

Fixes T10806. Although browsers don't seem to care about this, it's more correct to support it, and the new test console uses normal cURL and does care.

Test Plan
  • Hit the error case for providing a chain but no key/cert.
  • Used openssl s_client -connect localhost:22280 to connect to local Aphlict servers.
  • With SSL but no chain, saw openssl fail to verify the remote.
  • With SSL and a chain, saw openssl verify the identify of the remote.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable