https://bz.apache.org/bugzilla/show_bug.cgi?id=70003
--- Comment #4 from [email protected] --- (In reply to Joe Orton from comment #3) > My impression/experience is that deployments depending on client cert auth > overwhelmingly rely on private PKI and I can't remember ever seeing one > which depends on the public CAs. i.e. I see this is as a very niche issue. > Is this out of step with reality? Thanks for your input Joe! This is likely not a very broad issue and the proper approach is to use a private PKI for this, I agree. Personally, I have seen server certificates be used as client certificates at multiple companies before. While some were able to cope with this change fairly easily, others need more time to change their architecture. The provided configuration option should not be a permanent solution, only a way to preserve the original behaviour for a time, to ensure operational stability until a proper solution can be introduced. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
