Page MenuHomePhabricator

Support "ssl.chain" in Aphlict configuration
ClosedPublic

Authored by epriestley on Apr 14 2016, 12:51 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Mar 28, 9:45 AM
Unknown Object (File)
Thu, Mar 28, 9:40 AM
Unknown Object (File)
Thu, Mar 28, 9:40 AM
Unknown Object (File)
Thu, Mar 28, 9:40 AM
Unknown Object (File)
Sun, Mar 10, 9:06 PM
Unknown Object (File)
Feb 20 2024, 5:58 AM
Unknown Object (File)
Feb 20 2024, 2:17 AM
Unknown Object (File)
Feb 17 2024, 7:07 AM
Subscribers
None

Details

Summary

Fixes T10806. Although browsers don't seem to care about this, it's more correct to support it, and the new test console uses normal cURL and does care.

Test Plan
  • Hit the error case for providing a chain but no key/cert.
  • Used openssl s_client -connect localhost:22280 to connect to local Aphlict servers.
  • With SSL but no chain, saw openssl fail to verify the remote.
  • With SSL and a chain, saw openssl verify the identify of the remote.

Diff Detail

Repository
rP Phabricator
Branch
aphlict9
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 11719
Build 14678: Run Core Tests
Build 14677: arc lint + arc unit