[Mono-bugs] [Bug 78740][Nor] Changed - Https Client Certificate doesn't work with mod_mono apache

bugzilla-daemon at bugzilla.ximian.com bugzilla-daemon at bugzilla.ximian.com
Tue Jul 4 11:02:46 EDT 2006


Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by sebastien at ximian.com.

http://bugzilla.ximian.com/show_bug.cgi?id=78740

--- shadow/78740	2006-07-04 10:32:41.000000000 -0400
+++ shadow/78740.tmp.25875	2006-07-04 11:02:46.000000000 -0400
@@ -276,6 +276,22 @@
 I'll post another patch tomorrow!
 
 ------- Additional Comments From informatique.internet at fiducial.fr  2006-07-04 10:32 -------
 Created an attachment (id=17241)
 Here's my last patch, it verify the validity of the client certificate with apache... It fit perfectly to our need. Does someone could check it and commit?
 
+
+------- Additional Comments From sebastien at ximian.com  2006-07-04 11:02 -------
+Thanks for the patch Hubert!. It's much better but it's still incomplete.
+
+* In order to get HttpClientCertificate to work (completely) you still
+need to feed a few more variables (see XSPApplicationHost);
+* The coding style doesn't match Mono guidelines;
+* I'm not sure the validity check is complete enough (but I'm still
+debating it in my head ;-)
+
+On one side, reporting Apache result for the client certificate is
+good. However if the certificate is used inside the application (using
+the FX) things may fail because it could be judged invalid. While
+there's no perfect solution (for two implementations to coexist
+simultaneously) I wonder how Apache/Java (e.g. Tomcat) handle such
+situation...


More information about the mono-bugs mailing list