Sailesh Mukil has posted comments on this change. ( http://gerrit.cloudera.org:8080/9934 )
Change subject: KUDU-2401: External TLS certificate with Intermediate CA in server cert file fails ...................................................................... Patch Set 2: (1 comment) http://gerrit.cloudera.org:8080/#/c/9934/1/src/kudu/security/tls_context.cc File src/kudu/security/tls_context.cc: http://gerrit.cloudera.org:8080/#/c/9934/1/src/kudu/security/tls_context.cc@197 PS1, Line 197: cert.GetRawData()), "could not init X509_STORE_CTX"); > The quoted man page mentions that the stack is considered untrusted, so pre According to the above tutorial, self-signed certificates cannot be validated using these calls, i.e. a certificate will not get validated against itself: "It’s worth noting that self-signed certificates will always fail OpenSSL’s validation" -- To view, visit http://gerrit.cloudera.org:8080/9934 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: If4af35e97ec6f91c1d9ed902128bd7f4e260f0f4 Gerrit-Change-Number: 9934 Gerrit-PatchSet: 2 Gerrit-Owner: Sailesh Mukil <sail...@cloudera.com> Gerrit-Reviewer: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Dan Burkert <danburk...@apache.org> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Lars Volker <l...@cloudera.com> Gerrit-Reviewer: Sailesh Mukil <sail...@cloudera.com> Gerrit-Comment-Date: Thu, 05 Apr 2018 22:03:14 +0000 Gerrit-HasComments: Yes
