What kind of documentation problem are you reporting?
Undocumented Feature
Where is the issue found?
https://rocket.rs/guide/v0.5/configuration/#mutual-tls
What's wrong?
Let's say you have two partners that you want to authenticate with mtls.
Partner A gives you a certificate chain file chain_A.pem and partner B gives chain_B.pem. Both chains are distinct : they have no certificate in common.
Rocket will work if you parameterize tls.mutual.ca_certs to a file containing the concatenation of both chains.
This type file is called a bundle.
The code found at
|
for cert in rustls_pemfile::certs(&mut self.ca_certs_reader()?) { |
seems to confirm that the file is manipulated as a bundle more than a chain.
I think the documentation should talk about bundle file more than chain file or at least explicitly say that you can combine chains in the file given to rocket.
System Checks
What kind of documentation problem are you reporting?
Undocumented Feature
Where is the issue found?
https://rocket.rs/guide/v0.5/configuration/#mutual-tls
What's wrong?
Let's say you have two partners that you want to authenticate with
mtls.Partner
Agives you a certificate chain filechain_A.pemand partnerBgiveschain_B.pem. Both chains are distinct : they have no certificate in common.Rocket will work if you parameterize
tls.mutual.ca_certsto a file containing the concatenation of both chains.This type file is called a bundle.
The code found at
Rocket/core/lib/src/mtls/config.rs
Line 171 in f9de1bf
I think the documentation should talk about bundle file more than chain file or at least explicitly say that you can combine chains in the file given to rocket.
System Checks
masteron GitHub.