Skip to content
This repository was archived by the owner on Nov 24, 2025. It is now read-only.

TO deliveryservice/sslkeys/add verify certificate chain #7136

Merged
ocket8888 merged 6 commits into from
Nov 16, 2022
Merged

TO deliveryservice/sslkeys/add verify certificate chain #7136

ocket8888 merged 6 commits into from
Nov 16, 2022

Conversation

@shamrickus
Copy link
Member

@shamrickus shamrickus commented Oct 13, 2022

This PR fixes #7046

Which Traffic Control components are affected by this PR?

  • Traffic Ops

What is the best way to verify this PR?

Add SSL Keys to a Delivery Service where the chain certificates are not related, this should now return a 400 error instead of an unknown authority warning.

If this is a bugfix, which Traffic Control versions contained the bug?

  • master

PR submission checklist

@shamrickus shamrickus added bug something isn't working as intended Traffic Ops related to Traffic Ops SSL support for/problems with SSL features labels Oct 13, 2022
@ocket8888 ocket8888 added the low impact affects only a small portion of a CDN, and cannot itself break one label Oct 17, 2022
ericholguin
ericholguin approved these changes Nov 4, 2022
View reviewed changes
Copy link
Contributor

@ericholguin ericholguin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Fails when given an inconsistent chain.

ocket8888
ocket8888 reviewed Nov 4, 2022
View reviewed changes
@ocket8888 ocket8888 merged commit 0c29fa4 into apache:master Nov 16, 2022
@zrhoffman zrhoffman mentioned this pull request May 2, 2023
Closed
@shamrickus shamrickus deleted the to/cert-ordering branch June 9, 2023 18:02
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

2 more reviewers

@ocket8888 ocket8888 ocket8888 approved these changes

@ericholguin ericholguin ericholguin approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

bug something isn't working as intended low impact affects only a small portion of a CDN, and cannot itself break one SSL support for/problems with SSL features Traffic Ops related to Traffic Ops

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

POST /deliveryservices/sslkeys/add accepts unrelated certificates

3 participants

@shamrickus @ocket8888 @ericholguin