Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adjust WASM to use cert chain when in HA networks #343

Closed
rentallect opened this issue Aug 28, 2024 · 1 comment
Closed

Adjust WASM to use cert chain when in HA networks #343

rentallect opened this issue Aug 28, 2024 · 1 comment
Assignees
@rentallect
Labels
enhancement New feature or request
Milestone
Public Beta Launch

Comments

@rentallect
Copy link
Member

In an HA Ziti network, the ZBR must send a certificate chain to the wssER during the mTLS handshake.

We must adjust the WASM and associated JS-bridge code to use SSL_CTX_use_certificate() to load the end-entity certificate from the cert chain received from the Controller.

Then it should use SSL_CTX_add0_chain_cert() or SSL_CTX_add_extra_chain_cert() to add each intermediate certificate individually.
@rentallect rentallect added the enhancement New feature or request label Aug 28, 2024
@rentallect rentallect added this to the Public Beta Launch milestone Aug 28, 2024
@rentallect rentallect self-assigned this Aug 28, 2024
@rentallect
Copy link
Member Author

shipped in 0.69.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rentallect rentallect

Labels
enhancement New feature or request
Projects
BrowZer Roadmap
Status: Done
Milestone
Public Beta Launch
Development

No branches or pull requests
1 participant
@rentallect