[
https://issues.apache.org/jira/browse/TS-4180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15269791#comment-15269791
]
ASF subversion and git services commented on TS-4180:
-----------------------------------------------------
Commit dfd3c078ab3bd6cf110a026a55e833ffa332ff00 in trafficserver's branch
refs/heads/master from shinrich
[ https://git-wip-us.apache.org/repos/asf?p=trafficserver.git;h=dfd3c07 ]
TS-4180: Support for multiple intermediate cert chains if openssl 1.0.2 is
present. This closes #578.
> support for serving multiple intermediate cert chains
> -----------------------------------------------------
>
> Key: TS-4180
> URL: https://issues.apache.org/jira/browse/TS-4180
> Project: Traffic Server
> Issue Type: Improvement
> Components: SSL
> Reporter: Scott Beardsley
> Assignee: Susan Hinrichs
> Labels: yahoo
> Fix For: 6.2.0
>
>
> We would like to serve two different intermediate certificate chains for RSA
> certs and ECDSA certs. Today they are required to be in the same chain. It
> seems the best way would be to modify "ssl_ca_name" (or
> proxy.config.ssl.CA.cert.path) to support a comma-delimited list of
> intermediate files.
> Bonus points if ATS validates that the intermediate chain matches the cert
> being served (and spits out an error if there is a mismatch)!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
