trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alan Carroll <solidwallofc...@oath.com>
Subject Re: Connection rejected for MTLS forward proxy
Date Wed, 21 Feb 2018 16:41:26 GMT
I meant more what *units* the handshake_timer is. Looking at the code, it
seems to be in seconds meaning it is unlikely that is the problem (if the
handshake took .5s with a 20s timeout).

I'd recommend having any configuration value at most once, although I don't
think it would break anything.

Looking at the code, it appears the client cert verify callback was hit
(SSLUtils.cc:1687) with a failure reported by openSSL. I'd look at debug
messages much earlier, during process start, to see if the certs are
getting loaded correctly.

Mime
View raw message