[
https://issues.apache.org/jira/browse/TS-3329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14293800#comment-14293800
]
James Peach commented on TS-3329:
---------------------------------
I disagree with this. I think that we certainly should be tolerant of SSL
failures. SSL loading failures will log an error; perhaps they should throw an
alert as well.
> ATS shouldn't start if SSL is configured and certificate can't be loaded
> ------------------------------------------------------------------------
>
> Key: TS-3329
> URL: https://issues.apache.org/jira/browse/TS-3329
> Project: Traffic Server
> Issue Type: Improvement
> Components: SSL
> Reporter: kang li
> Assignee: kang li
> Attachments: patch.diff
>
>
> requirement by [~dcarlin]:
> {quote}
> It seems ATS will start up even if the certificate file isn't present.
> ATS settings in records.config:
> CONFIG proxy.config.ssl.server.cert_chain.filename STRING digicert.pem
> CONFIG proxy.config.ssl.server.cert.path STRING conf/yts/ssl
> ATS settings in ssl_multicert.config:
> dest_ip=* ssl_cert_name=ycpi_ssl_cert.pem
> What happened was that this volume /home/y/conf/yts/ssl wasn't mounted - so
> the
> SSL cert and chain cert were inaccessible. ATS started anyways just
> returning
> errors on 443. Healthchecks were served on port 80 via HTTP, so it appeared
> to that the site was OK.
> {quote}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
