DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=33084>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=33084
Summary: Optional certificate validity period check on
SSLVerifyClient
Product: Apache httpd-2.0
Version: 2.0-HEAD
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: mod_ssl
AssignedTo: bugs@httpd.apache.org
ReportedBy: nuno.ponte@multicert.com
It would be useful to have an additional level on the SSLVerifyClient directive
to let an expired client certificate (e.g., out of it's validity period) to be
able to authenticate.
This could be used for certificate renewal services, where a user that missed to
do his certificate renewal before the expiration date, could still access to the
PKI RA/CA renewal service. As an extra feature, it would also be nice to set a
maximum period to allow the access (a "tolerance").
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
|