https://bz.apache.org/bugzilla/show_bug.cgi?id=65169
--- Comment #7 from Joe Orton <[email protected]> --- (In reply to Michael Osipov from comment #6) > (In reply to Joe Orton from comment #5) > > Adding SSL_{SERVER,CLIENT}_B64CERT variables (or whatever the name) is > > trivial, I would not want to add a config option for this definitely. > > One thing needs to be considered since +ExportCertData would provide both it > would consume the double amount of memory even if the admin needs only one > format. What us your opinion on it? I don't know what the usually recommended configuration is here but it shouldn't use ExportCertData exactly because it's so expensive. Better to use one of the configs using e.g. mod_headers which just extracts the variables which are required. If really required, we could add a +ExportBase64CertData or similar which just does the base64url(der), that is not as painful as adding a new config options at least. BTW, does Tomcat really want/need the CLIENT_CERT_CHAIN_n as well here? Proof of concept here - https://github.com/apache/httpd/pull/177 -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
