Page MenuHomePhabricator

Support "ssl.chain" in Aphlict configuration
ClosedPublic

Authored by epriestley on Apr 14 2016, 12:51 PM.
Tags
None
Referenced Files
F17868719: D15709.diff
Mon, Jul 28, 8:58 AM
Unknown Object (File)
Jun 5 2025, 5:32 PM
Unknown Object (File)
May 27 2025, 11:02 AM
Unknown Object (File)
May 26 2025, 10:41 PM
Unknown Object (File)
May 25 2025, 2:43 PM
Unknown Object (File)
May 25 2025, 2:21 PM
Unknown Object (File)
May 24 2025, 12:33 PM
Unknown Object (File)
Apr 24 2025, 6:38 AM
Subscribers
None

Details

Summary

Fixes T10806. Although browsers don't seem to care about this, it's more correct to support it, and the new test console uses normal cURL and does care.

Test Plan
  • Hit the error case for providing a chain but no key/cert.
  • Used openssl s_client -connect localhost:22280 to connect to local Aphlict servers.
  • With SSL but no chain, saw openssl fail to verify the remote.
  • With SSL and a chain, saw openssl verify the identify of the remote.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable