[Mono-bugs] [Bug 78740][Nor] Changed - Https Client Certificate doesn't work with mod_mono apache
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Tue Jul 4 11:02:46 EDT 2006
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by sebastien at ximian.com.
http://bugzilla.ximian.com/show_bug.cgi?id=78740
--- shadow/78740 2006-07-04 10:32:41.000000000 -0400
+++ shadow/78740.tmp.25875 2006-07-04 11:02:46.000000000 -0400
@@ -276,6 +276,22 @@
I'll post another patch tomorrow!
------- Additional Comments From informatique.internet at fiducial.fr 2006-07-04 10:32 -------
Created an attachment (id=17241)
Here's my last patch, it verify the validity of the client certificate with apache... It fit perfectly to our need. Does someone could check it and commit?
+
+------- Additional Comments From sebastien at ximian.com 2006-07-04 11:02 -------
+Thanks for the patch Hubert!. It's much better but it's still incomplete.
+
+* In order to get HttpClientCertificate to work (completely) you still
+need to feed a few more variables (see XSPApplicationHost);
+* The coding style doesn't match Mono guidelines;
+* I'm not sure the validity check is complete enough (but I'm still
+debating it in my head ;-)
+
+On one side, reporting Apache result for the client certificate is
+good. However if the certificate is used inside the application (using
+the FX) things may fail because it could be judged invalid. While
+there's no perfect solution (for two implementations to coexist
+simultaneously) I wonder how Apache/Java (e.g. Tomcat) handle such
+situation...
More information about the mono-bugs
mailing list