Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Kestrel] Certificate chains support #23623

Closed
javiercn opened this issue Jul 2, 2020 · 5 comments
Closed

[Kestrel] Certificate chains support #23623

javiercn opened this issue Jul 2, 2020 · 5 comments
Assignees
@davidfowl
Labels
affected-few This issue impacts only small number of customers area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions enhancement This issue represents an ask for new feature or an enhancement to an existing one feature-kestrel severity-minor This label is used by an internal tool
Milestone
Test failures

Comments

@javiercn
Copy link
Member

javiercn commented Jul 2, 2020

Right now Kestrel supports loading certificates from PFX files and PEM files, but it only loads one certificate.

  • That forces the certificate chains to be resolved within the SSL stream which require going to the network to resolve the chain.
  • There are new APIs on SslStream to provide the chain as well as the certificate to use that avoid having to fetch the chain from the network.
  • We want to load entire certificate chains from PFX and PEM certificate files to pass them directly to SslStream and avoid having to resolve the chain.
@davidfowl davidfowl mentioned this issue Jul 2, 2020
Closed
14 tasks
@javiercn javiercn mentioned this issue Jul 2, 2020
Merged
2 tasks
@BrennanConroy BrennanConroy added this to the Next sprint planning milestone Jul 6, 2020
@Pilchie
Copy link
Member

Pilchie commented Sep 2, 2020

Is this the same thing as #21513?

@javiercn
Copy link
Member Author

javiercn commented Sep 2, 2020

@Pilchie I think so, or it overlaps a bit. David is taking care of it.

@Pilchie
Copy link
Member

Pilchie commented Sep 2, 2020

Okay, moving to 5.0.0-rc2 then.

@Pilchie Pilchie modified the milestones: 5.0.0-rc1, 5.0.0-rc2 Sep 2, 2020
@ghost
Copy link

ghost commented Sep 25, 2020

Thanks for contacting us.
We're moving this issue to the Next sprint planning milestone for future evaluation / consideration. We will evaluate the request when we are planning the work for the next milestone. To learn more about what to expect next and how this issue will be handled you can read more about our triage process here.

@BrennanConroy BrennanConroy added affected-few This issue impacts only small number of customers enhancement This issue represents an ask for new feature or an enhancement to an existing one severity-minor This label is used by an internal tool labels Oct 26, 2020 — with ASP.NET Core Issue Ranking
@davidfowl
Copy link
Member

davidfowl commented Mar 23, 2021
edited
Loading

Closing as dupe of #21513

@ghost ghost locked as resolved and limited conversation to collaborators Apr 22, 2021
@amcasey amcasey added area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions and removed area-runtime labels Jun 2, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@davidfowl davidfowl

Labels
affected-few This issue impacts only small number of customers area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions enhancement This issue represents an ask for new feature or an enhancement to an existing one feature-kestrel severity-minor This label is used by an internal tool
Projects
None yet
Milestone
Test failures
Development

No branches or pull requests
5 participants
@davidfowl @Pilchie @javiercn @BrennanConroy @amcasey