[Mono-bugs] [Bug 80557][Wis] Changed - Client Certificate Chains not supported
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Fri Jan 19 10:50:11 EST 2007
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by bugzilla at woy.nl.
http://bugzilla.ximian.com/show_bug.cgi?id=80557
--- shadow/80557 2007-01-19 09:59:36.000000000 -0500
+++ shadow/80557.tmp.25628 2007-01-19 10:50:11.000000000 -0500
@@ -43,6 +43,19 @@
We had interoperability issues when sending the whole client
certificate chain. IIRC it was with Windows, but I'm not totally sure
this morning.
I'll try to duplicate (and document) the problem next time I have to
test the SSL/TLS code.
+
+------- Additional Comments From bugzilla at woy.nl 2007-01-19 10:50 -------
+The patch I made doesn't send the complete chain that is stored in the
+Certificate Store. It only sends the chain suplied to the constructor
+of the SslClientStream. So if only one certificate is suplied here the
+result is the same as before. I can't see any other reason for
+suplying more then one certificate here?
+
+Also the server patch works the same if only one Certificate is sent.
+If more Certificates are sent I suppose you want them to be read.
+Otherwise there is no way of verifying the ClientCertificate sent
+because It is possible that not the complete chain is in the
+certificate store.
More information about the mono-bugs
mailing list