Loading...

XML

Word

Printable

Type: Feature Request
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: SaaS, 2.14.3 GA
Component/s: Gateway
Labels:
- roadmap
- support

Blocked:
False
Blocked Reason:
None
Ready:
False
3Scale PT Tested upstream:
Not Started
3scale PT Docs:
Not Started
3scale PT Product Specs:
Not Started
3scale PT Product Update Ready:
Not Started
3scale PT Released In Saas:
Not Started
3scale PT Verified Product:
Not Started
Target Release:

2.16.0 GA
Intelligence Requested:
Market:

Sprint:
RHOAM Sprint 66, RHOAM Sprint 67

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

NGINX provides a couple of different ways to validate if client certificates have been revoked.

The first is through the ssl_crl directive (Certificate Revocation List)
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_crl

The second is through the ssl_ocsp* directives (Online Certificate Status Protocol)
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ocsp

Currently there is no way to configure these in APIcast and ideally these could be configured in the TLS Client Certificate Validation policy

is blocked by

THREESCALE-11038 Extend apicast-nginx-module with new ffi function to retrieve TLS certificates from the request

Closed

Assignee:: An Tran

Reporter:: Shannon Poole

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2024/10/08 2:34 PM

Updated:: 2024/11/18 2:07 PM