Page MenuHomePhabricator
Create Task
Maniphest T7616

Arcanist to be able to access site requiring client side SSL certificate
Closed, WontfixPublic
Actions

Description

Currently arcanist and libphutil handle server side SSL certificates, but unable to access site requiring client side SSL certificate. Curl has an option to specify the user's certificate (see CURLOPT_SSLCERT), we just need to pass it down from the configuration.

Revisions and Commits

rPHU libphutil
Needs RevisionD12106 T7616: Arcanist to be able to access site requiring client side SSL certificate
rARC Arcanist
Needs RevisionD12107 T7616: Arcanist to be able to access site requiring client side SSL certificate

Related Objects

Event Timeline

vgabor created this task.Mar 18 2015, 12:40 AM
vgabor raised the priority of this task from to Needs Triage.
vgabor updated the task description. (Show Details)
vgabor added projects: libphutil, Arcanist.
vgabor added a subscriber: vgabor.
vgabor mentioned this in D12106: T7616: Arcanist to be able to access site requiring client side SSL certificate.Mar 18 2015, 12:47 AM
vgabor mentioned this in D12107: T7616: Arcanist to be able to access site requiring client side SSL certificate.Mar 18 2015, 12:54 AM
vgabor added revisions: D12107: T7616: Arcanist to be able to access site requiring client side SSL certificate, D12106: T7616: Arcanist to be able to access site requiring client side SSL certificate.Mar 18 2015, 12:55 AM
epriestley added a subscriber: epriestley.Apr 6 2015, 1:29 PM

We haven't seen other interest in this and don't plan to pursue it in the near term. I believe deployment of client SSL certificates is exceptionally rare in the wild. Running Conduit over SSH (T550) might solve some of the same problems but has far broader acceptance.

epriestley triaged this task as Wishlist priority.Apr 6 2015, 1:29 PM
newint33h added a subscriber: newint33h.May 14 2015, 11:44 PM

I had added code to implement this feature to arcanist and libphutil and is working. How can I contribute to have this feature added to code base?

epriestley added a comment.Jul 21 2016, 11:58 AM

After the introduction of PhutilHTTPEngineExtension (T10227) we have a more viable pathway to bring support for this upstream, but I'd still like to see more interest in it before thinking about upstream support. It looks like only 1-2 installs would use it, today (not sure if both of you represent the same install or not).

epriestley moved this task from Backlog to Far Future on the Arcanist board.Jul 21 2016, 11:58 AM
epriestley merged a task: T11634: Client SSL Certificate Support in libphutil/arcanist.Sep 13 2016, 7:45 PM
epriestley added a subscriber: dgrote.
tiguchi added a subscriber: tiguchi.Jan 27 2020, 9:31 PM
Herald added a subscriber: amckinley. · View Herald TranscriptJan 27 2020, 9:31 PM
tiguchi awarded a token.Jan 27 2020, 9:31 PM
epriestley closed this task as Wontfix.Apr 13 2020, 11:49 AM
epriestley claimed this task.

We currently have no interest in this from customers, so I don't plan to pursue it. If customer interest arises, there's a plausible pathway forward.

Phabricator · Built by Phacility