Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Done
Priority: Major - P3
Fix Version/s: 2.7.6
Affects Version/s: 2.6.3
Component/s: Security
Labels:
- cap-ticket-needed
- pull-request

Operating System:
ALL
Confidence Status:
None
Work Order:
3
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

SSLManager::parseAndValidatePeerCertificate returns "" if no CAfile provided, so X509 subj is not extracted and you won't able to authenticate.

The "There is no x.509 client certificate matching the user." error will be thrown.

UPD: Apparently our position is that we don't want people to use X509 without specifying a CA, because we don't know if we can trust the certificate provided.

links to

Pull Request #857

Assignee:: Spencer Jackson
Reporter:: Alexander Komyagin (Inactive)
Participants:: Alexander Komyagin, Githook User, Spencer Jackson
Votes:: 0 Vote for this issue
Watchers:: 7 Start watching this issue

Created:: Jul 28 2014 04:29:52 PM UTC
Updated:: Jul 11 2016 05:16:43 PM UTC
Resolved:: Aug 20 2014 02:14:27 PM UTC

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates