Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-2773

Rewrite SSL certificate configuration

    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: 8.0.0
    • Component/s: Configuration, SSL
    • Labels:

      Description

      Currently, SSL certificate configuration is split across records.config and ssl-multicert.config. This leads to awkward situations where you can't enable client certificate validation for a particular server certificate, and you can't add a SSL key passphrase dialog globally.

      I'd like to unify the SSL configuration by pushing all the configuration parameters down to records.config and allowing ssl-multicert.config to override those settings. This would be logically similar to how overridable configurations work for the TS API.

      I plan to retain backwards compatibility with 4.x ssl-multicert.config syntax. You would still need ssl-multicert.config to be able to configure multiple SSL certificates.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                jamespeach James Peach
              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated: