This repository has been archived by the owner on Feb 7, 2020. It is now read-only.
Support client intermediate chains #13
Labels
enhancement
New feature or request
Comments
vjanelle
added a commit
to vjanelle/go-security
that referenced
this issue
Nov 12, 2018
Our mTLS infrastructure provides the intermediate cert chain from the client, the server won't necessarily know their full chain. The client provides the intermediate chain in this case, and the server should validate this back to the root. * Validate client behaviour with client provided intermediate certificate chains * Add test certs * Add infrastructure for regenerating test certs
ripienaar
added a commit
that referenced
this issue
Nov 12, 2018
(#13) Add intermediate client certificate support
vjanelle
added a commit
to vjanelle/go-security
that referenced
this issue
Dec 17, 2018
Same as choria-legacy#13, but covers the case of where the server has the intermediate chain and the client only provides a single certificate.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
If your client sends a list of intermediate certificates, go-security filesec won't understand what to do with them.
This is common in our mTLS use case.
The text was updated successfully, but these errors were encountered: