1042924 – Enable SSLVerifyDepth on the Node to Facilitate SSL Mutual Auth

Bug 1042924 - Enable SSLVerifyDepth on the Node to Facilitate SSL Mutual Auth

Summary: Enable SSLVerifyDepth on the Node to Facilitate SSL Mutual Auth

Keywords:
Status:	CLOSED DUPLICATE of bug 1038853
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	RFE
Sub Component:
Version:	2.0.0
Hardware:	All
OS:	All
Priority:	low
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	jofernan
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1038853 1038857
Blocks:
TreeView+	depends on / blocked

Reported:	2013-12-13 16:10 UTC by Keith Robertson
Modified:	2016-07-04 01:34 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-05-13 15:50:50 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Keith Robertson 2013-12-13 16:10:48 UTC

Description of problem:
To facilitate SSL mutual authentication, gears need the ability to control the verification depth as described in [1].  Without the ability  this ability to control verification depth per-VirtualHost Apache will default to a depth of 1.  This will not work for sites that have multiple intermediate CAs in their client certificate chain.

Version-Release number of selected component (if applicable):
All

Expected results:
Gears should be able to control the verification depth for their virtual host.

Additional info:
[1] http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslverifydepth

Comment 2 Luke Meyer 2014-05-13 15:50:50 UTC

Expect that this will be rolled into any client cert verification implementation. Consolidating into one RFE.

*** This bug has been marked as a duplicate of bug 1038853 ***

Note You need to log in before you can comment on or make changes to this bug.