From: Daniel Ruggeri <druggeri@apache.org>
Date: Tue, 23 Aug 2011 20:01:27 +0000 (+0000)
Subject: Add proposal for SSLProxyMachineCertificateChainFile
X-Git-Tag: 2.2.20~20
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4b0492ef513df4b3a8616d5c209f39d8e8f07f9d;p=thirdparty%2Fapache%2Fhttpd.git

Add proposal for SSLProxyMachineCertificateChainFile

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1160876 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/STATUS b/STATUS
index f5bebe7f187..3e3e7c142fb 100644
--- a/STATUS
+++ b/STATUS
@@ -181,6 +181,16 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
     2.2.x patch: http://people.apache.org/~rpluem/patches/51608.diff
     +1: rpluem
 
+  * mod_ssl: Add SSLProxyMachineCertificateChainFile directive
+    Adds a new function in ssl_util_ssl.c SSL_X509_INFO_create_chain that will
+    construct a chain of trusted certificates. When a remote server requests
+    a client certificate that is NOT the direct issuer of any available client
+    certificate, the chain for that certificate will be used to trace it to a
+    known CA and that client certificate will be used.
+    druggeri note: 2.2 documentation patch needed
+    Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1160863
+    2.2.x patch: http://people.apache.org/~druggeri/patches/httpd-2.2.19-SSLProxyMachineCertificateChainFile.patch
+
 PATCHES/ISSUES THAT ARE STALLED
 
   * core: Support wildcards in both the directory and file components of