[ 
https://issues.apache.org/jira/browse/KUDU-2220?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16261326#comment-16261326
 ] 

Sailesh Mukil commented on KUDU-2220:
-------------------------------------

Commit in:
https://github.com/apache/kudu/commit/3e59fd7b14b4a2ba2846621df04093cce9024688

> GetEndOfChainX509 does not return end-user cert
> -----------------------------------------------
>
>                 Key: KUDU-2220
>                 URL: https://issues.apache.org/jira/browse/KUDU-2220
>             Project: Kudu
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 1.5.0
>            Reporter: Sailesh Mukil
>            Assignee: Sailesh Mukil
>             Fix For: 1.6.0
>
>
> KUDU-2091 introduced a function GetEndOfChainX509() which was supposed to 
> return the "end-user" certificate. However, the end-user certificate is not 
> at the end of the chain, but rather at the beginning of the chain as 
> specificed by the RFC:
> https://tools.ietf.org/html/rfc5246#section-7.4.2
> {quote}This is a sequence (chain) of certificates.  The sender's certificate 
> MUST come first in the list.  Each following certificate MUST directly 
> certify the one preceding it.{quote}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to