[
https://issues.apache.org/jira/browse/TS-2210?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13884362#comment-13884362
]
James Peach commented on TS-2210:
---------------------------------
API changes require API review as per
https://cwiki.apache.org/confluence/display/TS/API+Review+Process
I took a quick look, and hope to be able to spend some more time later in the
week. I don't like that the {{ClientCertInfo}} is always populated even if
there's no plugin that needs the information. I am concerned about the
character set handling for the issuer and subjects; we have already seen users
that have certificates where these are not UTF8 or ASCII.
In some ways the API proposal from TS-1584 is cleaner; we need to find a way to
merge these tickets.
> add API to get access to the client cert in the SSL Net VC
> ----------------------------------------------------------
>
> Key: TS-2210
> URL: https://issues.apache.org/jira/browse/TS-2210
> Project: Traffic Server
> Issue Type: Improvement
> Components: SSL, TS API
> Reporter: Bryan Call
> Assignee: James Peach
> Fix For: 4.2.0
>
> Attachments: 2210.diff
>
>
> In SSLNetVConnection SSL_get_peer_certificate(ssl) is called and client_cert
> is set. There is a request from Brian France to get access to the client
> cert.
> He wants to be able to call X509_NAME_oneline(), X509_get_subject_name(), and
> X509_get_issuer_name() on the cert.
> Where the cert is set in the code:
> iocore/net/SSLNetVConnection.cc:499: client_cert =
> SSL_get_peer_certificate(ssl);
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
