-
Feature Request
-
Resolution: Unresolved
-
Major
-
SaaS, 2.14.3 GA
-
False
-
None
-
False
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
-
-
RHOAM Sprint 66, RHOAM Sprint 67, RHOAM Sprint 68, RHOAM Sprint 69, RHOAM Sprint 70, RHOAM Sprint 71
NGINX provides a couple of different ways to validate if client certificates have been revoked.
The first is through the ssl_crl directive (Certificate Revocation List)
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_crl
The second is through the ssl_ocsp* directives (Online Certificate Status Protocol)
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ocsp
Currently there is no way to configure these in APIcast and ideally these could be configured in the TLS Client Certificate Validation policy
- is blocked by
-
THREESCALE-11038 Extend apicast-nginx-module with new ffi function to retrieve TLS certificates from the request
-
- Closed
-
- is documented by
-
-
- To Test (QE)
-
- mentioned on
