client cert black list #346

yiwiz-sai · 2021-01-29T22:58:43Z

Hi,
I know hitch added client certificate authentication in 1.6, it is a very cool function, thanks first.
I want to know if it supports client cert black list function, or is there a way to let hitch know a client cert is revoked ?

Thanks

gquintard · 2021-01-29T23:12:10Z

This is probably going to be a dumb proposition, but why not just reload hitch without that specific certificate?

yiwiz-sai · 2021-01-30T04:31:39Z

This is probably going to be a dumb proposition, but why not just reload hitch without that specific certificate?

for example, I create a server certificate to sign 100 client cert for my employee, and then one employee leaves, I want to revoke his client cert or add it into black list, do you know my mean?
that's why nginx has a ssl_crl options
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_crl

yiwiz-sai · 2021-01-30T04:33:57Z

what I am talking is client authentication

daghf · 2021-02-05T10:57:58Z

Hi @pianoboysai

Absolutely. This is a feature we would like to see added.

I can't give you a time frame right now, but we will come back to this at a later point.

daghf self-assigned this Feb 1, 2021

daghf added the enhancement label Feb 5, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

client cert black list #346

client cert black list #346

yiwiz-sai commented Jan 29, 2021

gquintard commented Jan 29, 2021

yiwiz-sai commented Jan 30, 2021

yiwiz-sai commented Jan 30, 2021

daghf commented Feb 5, 2021

client cert black list #346

client cert black list #346

Comments

yiwiz-sai commented Jan 29, 2021

gquintard commented Jan 29, 2021

yiwiz-sai commented Jan 30, 2021

yiwiz-sai commented Jan 30, 2021

daghf commented Feb 5, 2021