]> git.ipfire.org Git - thirdparty/apache/httpd.git/commit
projects / thirdparty / apache / httpd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2d1ec08) | patch
Treat non-leaf certificates present in SSLProxyMachineCertificateFile
authorJoe Orton <jorton@apache.org>
Thu, 17 Dec 2020 12:44:41 +0000 (12:44 +0000)
committerJoe Orton <jorton@apache.org>
Thu, 17 Dec 2020 12:44:41 +0000 (12:44 +0000)
commit4c13b969cc13c84919cd01aa3315699b77fbdd65
tree73811d423f22a2a3b5e1d93623a8abdcf8881e37tree
parent2d1ec08961e34cfd4d2e5fe20382bce8dd1aea12commit | diff
Treat non-leaf certificates present in SSLProxyMachineCertificateFile
the same was as non-leaf certs are in SSLCertificateFile - use them to
build the trusted cert chain for the end-entity (client) cert.

* modules/ssl/ssl_engine_init.c (ssl_init_proxy_certs):
  For any non-leaf certificate present in the configured, trust as
  if used in SSLProxyMachineCertificateChainFile.

Github: closes #151

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1884552 13f79535-47bb-0310-9956-ffa450edef68
changes-entries/ssl-proxy-chain-certs.txt [new file with mode: 0644] blob
docs/log-message-tags/next-number diff | blob | blame | history
docs/manual/mod/mod_ssl.xml diff | blob | blame | history
modules/ssl/ssl_engine_init.c diff | blob | blame | history
Mirror of https://github.com/apache/httpd.git