Please do not reply to this email- if you want to comment on the bug, go to the URL shown below and enter your comments there.
Changed by [EMAIL PROTECTED] http://bugzilla.ximian.com/show_bug.cgi?id=78740 --- shadow/78740 2006-07-04 11:02:46.000000000 -0400 +++ shadow/78740.tmp.26729 2006-07-04 12:17:00.000000000 -0400 @@ -292,6 +292,34 @@ On one side, reporting Apache result for the client certificate is good. However if the certificate is used inside the application (using the FX) things may fail because it could be judged invalid. While there's no perfect solution (for two implementations to coexist simultaneously) I wonder how Apache/Java (e.g. Tomcat) handle such situation... + +------- Additional Comments From [EMAIL PROTECTED] 2006-07-04 12:16 ------- +>>* In order to get HttpClientCertificate to work (completely) you still +need to feed a few more variables (see XSPApplicationHost); + +From XSPApplicationHost : + +mwr.AddServerVariable ("CERT_KEYSIZE", ssl.KeySize.ToString +(CultureInfo.InvariantCulture)); +mwr.AddServerVariable ("CERT_SECRETKEYSIZE", +ssl.SecretKeySize.ToString (CultureInfo.InvariantCulture)); +// +// +mwr.AddServerVariable ("CERT_SERVER_ISSUER", server.GetIssuerName ()); +mwr.AddServerVariable ("CERT_SERVER_SUBJECT", server.GetName ()); + +But this doesn't concern HttpClientCertificate (only the server +certificate) +If you want i fill these field i must parse the SSL_SERVER_CERT +environment variable too! (it's easy...) + +>>* I'm not sure the validity check is complete enough (but I'm still +debating it in my head ;-) + +if you want to "recheck" the validity of the Certificate inside the +application, you just have to import the CA certificate with certmgr... + + _______________________________________________ mono-bugs maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-bugs
