mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-17 17:04:35 +00:00
a598b500b4
Following work from Arjen and Mathilde, it adds ssl_{c,s}_chain_der methods; it returns DER encoded certs from SSL_get_peer_cert_chain Also update existing vtc tests to add random intermediate certificates When getting the result through this header: http-response add-header x-ssl-chain-der %[ssl_c_chain_der,hex] One can parse it with any lib accepting ASN.1 DER data, such as in go: bin, err := encoding/hex.DecodeString(cert) certs_parsed, err := x509.ParseCertificates(bin) Cc: Arjen Nienhuis <arjen@zorgdoc.nl> Signed-off-by: Mathilde Gilles <m.gilles@criteo.com> Signed-off-by: William Dauchy <w.dauchy@criteo.com> |
||
---|---|---|
.. | ||
add_ssl_crt-list.vtc | ||
ca-auth.crt | ||
client1.pem | ||
client2_expired.pem | ||
client3_revoked.pem | ||
common.pem | ||
crl-auth.pem | ||
ecdsa.pem | ||
localhost.crt-list | ||
README | ||
set_ssl_cert.vtc | ||
ssl_client_auth.vtc | ||
ssl_client_samples.vtc | ||
ssl_frontend_samples.vtc | ||
ssl_server_samples.vtc | ||
wrong_ctx_storage.vtc |
File list: - common.pem: PEM file which may be used by most of the VTC files.