[
https://issues.apache.org/jira/browse/TS-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15260440#comment-15260440
]
ASF GitHub Bot commented on TS-4180:
------------------------------------
Github user shinrich commented on the pull request:
https://github.com/apache/trafficserver/pull/578#issuecomment-215141283
I added SkipTest for the TestMix test case. We need to add logic to only
run that test if openssl 1.0.2 is present. Perhaps we can hash that out in the
ATS summit. In the meantime, I'd like to go ahead and get this pushed up if
all are agreeable.
> support for serving multiple intermediate cert chains
> -----------------------------------------------------
>
> Key: TS-4180
> URL: https://issues.apache.org/jira/browse/TS-4180
> Project: Traffic Server
> Issue Type: Improvement
> Components: SSL
> Reporter: Scott Beardsley
> Assignee: Susan Hinrichs
> Labels: yahoo
> Fix For: 6.2.0
>
>
> We would like to serve two different intermediate certificate chains for RSA
> certs and ECDSA certs. Today they are required to be in the same chain. It
> seems the best way would be to modify "ssl_ca_name" (or
> proxy.config.ssl.CA.cert.path) to support a comma-delimited list of
> intermediate files.
> Bonus points if ATS validates that the intermediate chain matches the cert
> being served (and spits out an error if there is a mismatch)!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
