55774 – ab: optionally accept tls client certificate

Bug 55774 - ab: optionally accept tls client certificate

Summary: ab: optionally accept tls client certificate

Status:	RESOLVED FIXED

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	support (show other bugs)
Version:	2.5-HEAD
Hardware:	PC All

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-11-13 13:50 UTC by Chris West (Faux)
Modified:	2018-11-09 16:38 UTC (History)
CC List:	0 users

Attachments
First attempt patch (1.95 KB, text/plain) 2013-11-13 13:50 UTC, Chris West (Faux)	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Chris West (Faux) 2013-11-13 13:50:11 UTC

Created attachment 31042 [details]
First attempt patch

Some sites are only accessible when a TLS client certificate has been provided by the client.

ab should support passing these details through to OpenSSL, when ab is built with OpenSSL support.

The attached patch adds support for the "-E keyfile.pem" argument, which, when specified, gives OpenSSL access to that file such that it can be sent if necessary.

The "-E" naming is from curl(1), which accepts many more related arguments for convenience, but none are actually required.

Comment 1 Adrian Yanes 2013-12-12 22:10:05 UTC

I tested this with nginx/1.1.19 configure to accept only requests with certificates.

Patch worked as expected when providing the .pem file

Comment 2 Joe Orton 2018-11-09 16:38:36 UTC

This was done in r1841784