Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-3529

Add a config option to allow ATS to start even if some certificates are bad

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 5.3.0, 6.0.0
    • Component/s: SSL
    • Labels:
      None

      Description

      In fixing TS-3329, we changed the ATS start up behavior to fail to start if any of the entries of ssl_multicert.config fails to load. This changes the functionality of ATS in from 5.2 to 5.3.

      For many/most use cases, this is a desirable change. However, for some use cases, you want to serve and start up even if some of the entries fail to load.

      We will add a records config entry proxy.config.ssl.server.multicert.exit_on_load_fail
      It will default to 1 on 5.x. May want to change the default to 0 when we move to 6.0

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                shinrich Susan Hinrichs
                Reporter:
                shinrich Susan Hinrichs

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Issue deployment