Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-3319

Adapt to Openssl 1.0.2 Certificate Callback

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 5.3.0
    • SSL
    • None

    Description

      With TS-3006, we provided a patch for openssl 1.0.1 to enable the SNI callback to pause.

      With openssl 1.0.2 the client certificate callback is extended to work for server certificate selection. You can return values to pause the SSL processing after the client hello here as well.

      The details are at
      https://www.openssl.org/docs/ssl/SSL_CTX_set_cert_cb.html

      ATS should be extended to use the certificate callback mechanism if openssl 1.0.2 is available.

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. TS-3006 Augment SNI callback processing

          • Major - Major loss of function.
          • Closed

          Activity

            People

              shinrich Susan Hinrichs
              shinrich Susan Hinrichs
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: