httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dr Stephen Henson <shen...@opensslfoundation.com>
Subject Re: [PATCH 55593] Add "SSLServerInfoFile" directive
Date Tue, 01 Oct 2013 12:19:19 GMT
On 01/10/2013 11:15, Dr Stephen Henson wrote:
> 
> To handle ServerInfo properly in mod_ssl
> IMHO you would need a new directive as there's no support for per-certificate
> SSL_CONF commands: it wasn't intended to be used like that in its current form.
> 

Though thinking about this some more there *could* be a way to handle
per-certificate options for SSL_CONF. At the moment we have some flags setting
the context of the commands: currently server or client. We could have an
additional one to mean the command is a per-certificate command instead of
per-SSL or per-SSL_CTX.

That would need more work on the mod_ssl side to add the equivalent commands for
each certificate and call them at the appropriate time.

Though for just one per-certificate option it would be easier to just have a new
directive.

Steve.
-- 
Dr Stephen Henson. OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
+1 877-673-6775
shenson@opensslfoundation.com

Mime
View raw message