[ https://issues.apache.org/jira/browse/KUDU-2220?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16258661#comment-16258661 ]
Sailesh Mukil commented on KUDU-2220: ------------------------------------- CC [~kwho] [~tlipcon] > GetEndOfChainX509 does not return end-user cert > ----------------------------------------------- > > Key: KUDU-2220 > URL: https://issues.apache.org/jira/browse/KUDU-2220 > Project: Kudu > Issue Type: Bug > Components: security > Affects Versions: 1.5.0 > Reporter: Sailesh Mukil > Assignee: Sailesh Mukil > > KUDU-2091 introduced a function GetEndOfChainX509() which was supposed to > return the "end-user" certificate. However, the end-user certificate is not > at the end of the chain, but rather at the beginning of the chain as > specificed by the RFC: > https://tools.ietf.org/html/rfc5246#section-7.4.2 > {quote}This is a sequence (chain) of certificates. The sender's certificate > MUST come first in the list. Each following certificate MUST directly > certify the one preceding it.{quote} -- This message was sent by Atlassian JIRA (v6.4.14#64029)