maskit opened a new pull request, #10959: URL: https://github.com/apache/trafficserver/pull/10959
ATS uses two cert storages (one for RSA, the other for EC) because BoringSSL does not natively support dual certs, unlike OpenSSL. It works fine in terms of selecting a cert for a connection, but I found OCSP status update only uses the storage for RSA. This PR surrounds the existing code by a loop that iterates over certification types in an array to cover all certs in the both storages. Hiding whitespace changes makes the diff easy to read. Also, the change for SSLUtils is for a logging issue. It always printed a filename for either RSA or EC cert if dual certs is configured. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: github-unsubscr...@trafficserver.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
