Project

General

Profile

Actions

Bug #35359

closed

Make the Http Proxy store a CA certifcate

Added by Partha Aji over 2 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Proxy gateway
Target version:
-
Fixed in Releases:
Found in Releases:

Description

When talking over an https proxy, 2 certificates have to be addressed
  1. CA Cert of the Proxy
  2. CA Cert of the destination URL (assuming its https).

Currently to HTTP Proxies require both these certificates to be in systems default trust store to connect to EC2/Other compute providers.

A better approach would be to store the CA Cert of the https proxy in the database instead of the trust store. When talking to EC2 we can narrow down the certificates in the chain to the one from proxy + certificates in the system trust store.

Actions

Also available in: Atom PDF