#2172 sfcb does not provide list of acceptable CAs to client

Security
pending-fixed
sfcb (1090)
5
2011-06-01
2011-03-30
No

The SFCB server is not sending a list of CAs when requesting a certificate from the client. The TLSv1.0 protocol expects this list to be filled in.

In server mode, when requesting a client certificate, the server must send the list of CAs of which it will accept client certificates. This list is
not influenced by the contents of CAfile or CApath and must explicitly be set using the SSL_CTX_set_client_CA_list(3) family of functions.

Discussion

  • Narasimha Sharoff

    Patch load certificate list

     
  • Narasimha Sharoff

    • assigned_to: buccella --> nsharoff
    • status: open --> pending-fixed
     
  • Narasimha Sharoff

    committed to HEAD

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks