[ https://issues.apache.org/jira/browse/TS-2210?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13896336#comment-13896336 ]
kang li commented on TS-2210: ----------------------------- Hi James, The new API was more concise. I have also done a small test, the new style API worked well. But for SSL_CTX we need SSL to get the verify result and client certificate, and SSLNetVConnection store SSL as the domain. So I think return SSL would be more convenient: {code} void *TSHttpSsnSSLConnectionGet(TSHttpSsn); // Returns SSL * {code} If SSL_CTX was needed, we could use SSL_get_SSL_CTX to get related SSL_CTX. If the newer API was suitable, I would send the API review request. > add API to get access to the client cert in the SSL Net VC > ---------------------------------------------------------- > > Key: TS-2210 > URL: https://issues.apache.org/jira/browse/TS-2210 > Project: Traffic Server > Issue Type: Improvement > Components: SSL, TS API > Reporter: Bryan Call > Assignee: James Peach > Fix For: 5.0.0 > > Attachments: 2210.diff > > > In SSLNetVConnection SSL_get_peer_certificate(ssl) is called and client_cert > is set. There is a request from Brian France to get access to the client > cert. > He wants to be able to call X509_NAME_oneline(), X509_get_subject_name(), and > X509_get_issuer_name() on the cert. > Where the cert is set in the code: > iocore/net/SSLNetVConnection.cc:499: client_cert = > SSL_get_peer_certificate(ssl); -- This message was sent by Atlassian JIRA (v6.1.5#6160)