Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Done
Priority: Major - P3
Fix Version/s: 2.7.6
Affects Version/s: 2.6.3
Component/s: Security
Labels:
- cap-ticket-needed
- pull-request

Operating System:
ALL

SSLManager::parseAndValidatePeerCertificate returns "" if no CAfile provided, so X509 subj is not extracted and you won't able to authenticate.

The "There is no x.509 client certificate matching the user." error will be thrown.

UPD: Apparently our position is that we don't want people to use X509 without specifying a CA, because we don't know if we can trust the certificate provided.

related to

DOCS-3834 Update docs to reflect that CA is mandatory for X509 auth

Closed

links to

Pull Request #857

Assignee:: Spencer Jackson

Reporter:: Alexander Komyagin (Inactive)

Participants:: Alexander Komyagin, Githook User, Spencer Jackson

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: Jul 28 2014 04:29:52 PM UTC

Updated:: Jul 11 2016 05:16:43 PM UTC

Resolved:: Aug 20 2014 02:14:27 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates