zrhoffman commented on issue #7035: URL: https://github.com/apache/trafficcontrol/issues/7035#issuecomment-1584952452
Hmm I'm not seeing that TO changes the cert order. If the cert chain is in the wrong order, I get ``` verifying certificate: certificate (x509v3) validation error: server certificate missing 'serverAuth' extended key usage ``` Instead, the *verifying certificate: certificate (x509v3) validation error: server certificate missing 'serverAuth' extended key usage* warning seems to be coming from the fact that the TO host's root certificates are used for verification, rather than the user-provided root certificate. So, eliminating that warning does not seem related to the order of the certificate chain. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@trafficcontrol.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
