https://issues.apache.org/bugzilla/show_bug.cgi?id=54357
--- Comment #12 from Kaspar Brand <[email protected]> --- (In reply to Alex Bligh from comment #11) > if I build some sort of associative array, what would be the best key into it? In a well-behaving X.509 PKI, a certificate is uniquely identified by the issuer name and serial number (RFC 5280, section 4.1.2.2). In the real world, this might not always be the case, so a hash over the certificate's DER encoding is more reliable (it is also what the stapling code in mod_ssl currently uses as a key for its cache). You can get at the certificate in the callback via SSL_get_certificate(), and then use X509_digest() to derive that key. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
