Summary: | mod_jk does not pass SSL client certificate chain to AJP connector | ||
---|---|---|---|
Product: | Tomcat Connectors | Reporter: | Patrik Schnellmann <schnellmann> |
Component: | Common | Assignee: | Tomcat Developers Mailing List <dev> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | bzasf |
Priority: | P2 | Keywords: | PatchAvailable |
Version: | unspecified | ||
Target Milestone: | --- | ||
Hardware: | All | ||
OS: | other | ||
Bug Depends on: | |||
Bug Blocks: | 39637 | ||
Attachments: |
Patch for jakarta-tomcat-connectors-1.2.15
Patch for jakarta-tomcat-connectors-1.2.15 Patch for tomcat-connectors-1.2.20 |
Description
Patrik Schnellmann
2006-05-23 07:26:33 UTC
Created attachment 18332 [details]
Patch for jakarta-tomcat-connectors-1.2.15
Created attachment 18458 [details]
Patch for jakarta-tomcat-connectors-1.2.15
Optional forwarding of SSL client certificate chain can be enabled using the
Directive "JkOptions ForwardSSLCertChain".
The problem is that the patch can cause AJP packet size overflow. It will be applied when we resolve the AJP 8k header and 0x9999 single header value limitation. Created attachment 19447 [details]
Patch for tomcat-connectors-1.2.20
Since version 1.2.19, the header package size limit of 8k is not an issue anymore. Therefore this patch has become a topic a again (together with the patch for bug #39637). Commited, thanks. |