summaryrefslogtreecommitdiff
path: root/caddyconfig/httpcaddyfile/addresses.go
diff options
context:
space:
mode:
authorKarol Będkowski <KarolBedkowski@users.noreply.github.com>2020-05-06 16:07:13 +0000
committerGitHub <noreply@github.com>2020-05-06 10:07:13 -0600
commitb814c0af9c2c20a92f86e4db9836fd6b127dcf5b (patch)
treea35dd0edf9d14c610f21dc96cfef63ec04cd176c /caddyconfig/httpcaddyfile/addresses.go
parent9e5d9e2530109c72a406979fabe9ac5352171423 (diff)
tls/client auth: verify first certificates in client request (#3344)
When client certificate is enabled Caddy check only last certificate from request. When this cert is not in list of trusted leaf certificates, connection is rejected. According to RFC TLS1.x the sender's certificate must come first in the list. Each following certificate must directly certify the one preceding it. This patch fix this problem - first certificate is checked instead of last.
Diffstat (limited to 'caddyconfig/httpcaddyfile/addresses.go')
0 files changed, 0 insertions, 0 deletions