Thanks James, I filed the following jiras for tracking purposes:
https://issues.apache.org/jira/browse/TS-4179 - OCSP stapling broken with
RSA+ECDSA cert serving
https://issues.apache.org/jira/browse/TS-4180 - support for serving multiple
intermediate cert chains
On Thursday, February 4, 2016 8:27 PM, James Peach <[email protected]>
wrote:
> On Feb 4, 2016, at 5:35 PM, Scott Beardsley <[email protected]> wrote:
>
> I'm trying to serve two certs (RSA and ECDSA) at once. They happen to require
> different intermediate certs. Does "ssl_ca_name" (or
> proxy.config.ssl.CA.cert.path) accept a comma-delimited list like
> "ssl_cert_name" does? It isn't clear to me from these docs[1] and it doesn't
> seem to be working for me (when I provide a comma-delimited list ATS sends no
> intermediate certs).
yeh I think that was only implemented for certificates.
> Also, I've noticed that OCSP stapling doesn't work when I have multiple certs
> configured. Known bug?
now it is :)
>
> Scott
> --
> [1]
> http://trafficserver.readthedocs.org/en/latest/admin-guide/files/ssl_multicert.config.en.html#format
>
