[jira] [Created] (KUDU-2220) GetEndOfChainX509 does not return end-user cert
Sailesh Mukil created KUDU-2220:
---
Summary: GetEndOfChainX509 does not return end-user cert
Key: KUDU-2220
URL: https://issues.apache.org/jira/browse/KUDU-2220
Project: Kudu
Issue Type: Bug
Components: security
Affects Versions: 1.5.0
Reporter: Sailesh Mukil
Assignee: Sailesh Mukil
KUDU-2091 introduced a function GetEndOfChainX509() which was supposed to
return the "end-user" certificate. However, the end-user certificate is not at
the end of the chain, but rather at the beginning of the chain as specificed by
the RFC:
https://tools.ietf.org/html/rfc5246#section-7.4.2
{quote}This is a sequence (chain) of certificates. The sender's certificate
MUST come first in the list. Each following certificate MUST directly certify
the one preceding it.{quote}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (KUDU-2220) GetEndOfChainX509 does not return end-user cert
[
https://issues.apache.org/jira/browse/KUDU-2220?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16258661#comment-16258661
]
Sailesh Mukil commented on KUDU-2220:
-
CC [~kwho] [~tlipcon]
> GetEndOfChainX509 does not return end-user cert
> ---
>
> Key: KUDU-2220
> URL: https://issues.apache.org/jira/browse/KUDU-2220
> Project: Kudu
> Issue Type: Bug
> Components: security
>Affects Versions: 1.5.0
>Reporter: Sailesh Mukil
>Assignee: Sailesh Mukil
>
> KUDU-2091 introduced a function GetEndOfChainX509() which was supposed to
> return the "end-user" certificate. However, the end-user certificate is not
> at the end of the chain, but rather at the beginning of the chain as
> specificed by the RFC:
> https://tools.ietf.org/html/rfc5246#section-7.4.2
> {quote}This is a sequence (chain) of certificates. The sender's certificate
> MUST come first in the list. Each following certificate MUST directly
> certify the one preceding it.{quote}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
