[
https://issues.apache.org/jira/browse/TS-346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13915536#comment-13915536
]
Wei Sun edited comment on TS-346 at 2/28/14 7:50 AM:
-----------------------------------------------------
Hi zwoop@, do you want to bring client's cert to origin OR verify origin's
cert? The second case - verify origin's cert works fine in my environment with
the following configurations:
CONFIG proxy.config.ssl.client.verify.server INT 1
CONFIG proxy.config.ssl.client.CA.cert.filename STRING ca.crt # For
self-signed cert
For commercial (trusted) cert, with the fix in TS-2563, no default ca-bundle is
required to be explicitly specified.
was (Author: sunwei):
Hi zwoop@, do you want to bring client's cert in ats to origin OR verify
origin's cert in ats? The second case - verify origin's cert in ats works fine
in my environment with the following configurations:
CONFIG proxy.config.ssl.client.verify.server INT 1
CONFIG proxy.config.ssl.client.CA.cert.filename STRING ca.crt # For
self-signed cert
For commercial (trusted) cert, with the fix in TS-2563, no default ca-bundle is
required to be explicitly specified.
> ATS does not verify server certificate
> --------------------------------------
>
> Key: TS-346
> URL: https://issues.apache.org/jira/browse/TS-346
> Project: Traffic Server
> Issue Type: Improvement
> Components: SSL
> Reporter: vijaya bhaskar mamidi
> Priority: Critical
> Labels: A
> Fix For: 5.2.0
>
>
> ATS does not verify the certificates correctly.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
