 |
 |
Well, I agree that gsi probably didn't do that correctly not withstanding that it claims to be able to it that via the --cafile option. Regardless, the XRootD TLS stack (and by extension HTTPS) does handle it and allows a site to manually combine the files. So, for consistency it would be good to maintain that functionality even if, in this case, it means extending the gsi code to actually do it. On Wed, 17 Mar 2021, Brian P Bockelman wrote: >> What happens when a site has manually merged all the files and specified that it has done so (e.g. specifying a file instead of a directory). Does this update accommodate that? > > No, it doesn't accommodate that. However, I don't believe that worked with the former code either. There's two options you can set in the curl library - directory or filename. The prior code unilaterally set the directory. > > Would be happy to add this feature though. > > If we think the general approach is usable, then I would also like to incorporate CRL handling before a final merge. > > Finally - note the tweaks I did in XrdCryptosslAux. Not sure if that was the right way to go about it... seems a lot of work in order to simply keep OpenSSL calls out of `XrdTpc`. > > -- > You are receiving this because you commented. > Reply to this email directly or view it on GitHub: > https://github.com/xrootd/xrootd/pull/1431#issuecomment-801620446 -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/pull/1431#issuecomment-801624131 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1