-
Notifications
You must be signed in to change notification settings - Fork 342
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Traffic Router default certificate configuration for port 443 #7089
Labels
improvement
The functionality exists but it could be improved in some way.
Comments
mkrug1981
added
the
improvement
The functionality exists but it could be improved in some way.
label
Sep 27, 2022
What I have tried already is to try and set a certificate via keyStore file with CN=default.invalid which the java code looks for
|
4 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This Improvement request (usability, performance, tech debt, etc.) affects these Traffic Control components:
Current behavior:
Currently it seems not possible to configure the default TLS certificate or use a custom one.
trafficcontrol/traffic_router/connector/src/main/java/org/apache/traffic_control/traffic_router/secure/CertificateRegistry.java
Lines 81 to 129 in 070df30
It always uses as Example SHA1WithRSA as sigalg. Would be nice to use SHA256WithRSA instead.
Further more it looks like it is unclear how to provide a Default certificate via TO, Following code
trafficcontrol/traffic_router/connector/src/main/java/org/apache/traffic_control/traffic_router/secure/CertificateRegistry.java
Lines 238 to 253 in 070df30
New behavior:
Please make the default certificate configurable or at least allow to set values like sigalg via a configuration file.
Besides it would be nice if a custom default certificate could be used rather than the build in methodology from TR
The text was updated successfully, but these errors were encountered: