Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-3529

Add a config option to allow ATS to start even if some certificates are bad

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Blocker
    • Resolution: Fixed
    • None
    • 5.3.0, 6.0.0
    • SSL
    • None

    Description

      In fixing TS-3329, we changed the ATS start up behavior to fail to start if any of the entries of ssl_multicert.config fails to load. This changes the functionality of ATS in from 5.2 to 5.3.

      For many/most use cases, this is a desirable change. However, for some use cases, you want to serve and start up even if some of the entries fail to load.

      We will add a records config entry proxy.config.ssl.server.multicert.exit_on_load_fail
      It will default to 1 on 5.x. May want to change the default to 0 when we move to 6.0

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. TS-3329 ATS shouldn't start if SSL is configured and certificate can't be loaded

          • Major - Major loss of function.
          • Closed

          Activity

            People

              shinrich Susan Hinrichs
              shinrich Susan Hinrichs
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: