[Mono-bugs] [Bug 78740][Nor] Changed - Https Client Certificate doesn't work with mod_mono apache

bugzilla-daemon at bugzilla.ximian.com bugzilla-daemon at bugzilla.ximian.com
Tue Jul 4 14:07:53 EDT 2006


Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by sebastien at ximian.com.

http://bugzilla.ximian.com/show_bug.cgi?id=78740

--- shadow/78740	2006-07-04 12:17:00.000000000 -0400
+++ shadow/78740.tmp.28239	2006-07-04 14:07:53.000000000 -0400
@@ -320,6 +320,32 @@
 debating it in my head ;-)
 
 if you want to "recheck" the validity of the Certificate inside the
 application, you just have to import the CA certificate with certmgr...
 
 
+
+------- Additional Comments From sebastien at ximian.com  2006-07-04 14:07 -------
+> But this doesn't concern HttpClientCertificate (only the server
+certificate)
+
+No quite, while it's true that it doesn't concern Http(s) Client
+Certificate (logically), it does concern HttpClientCertificate (the fx
+class itself).
+
+Why ? simply because the class name is misleading (bad design IMO) and
+contains server-related properties (e.g. ServerIssuer, ServerSubject...).
+
+> if you want to "recheck" the validity of the Certificate inside the
+application,
+
+That's not the problem. People will expect
+HttpClientCertificate.IsValid to be equal to the result Mono would
+produce. So it's not about wanting a "recheck" it's about having a
+single answer to the same question (consistency).
+
+> you just have to import the CA certificate with certmgr...
+
+which makes me think it's better for IsValid to return Mono's value
+(or ANDing it's value to Apache result) than returning only Apache
+result. That way the result will always be identical inside the class
+library.


More information about the mono-bugs mailing list