HTTP: SSL client certificate verification and route access
from Nicholas Sterling:
There is an outstanding ticket in the Spray issue database for adding two-way SSL (certificate-based mutual authentication):
https://github.com/spray/spray/issues/138
Here's some additional background info:
https://groups.google.com/forum/#!msg/spray-user/1zwACzT5Vrs/rH-pJmh28FEJ
It would make our lives easier if this were available; could I ask what the status is? I know you have lots of other work on your plates with the acquisition...
Specifically I think we need
We want our servers to be able to interact securely (including subject identity) without the use of explicit credentials.
There is an outstanding ticket in the Spray issue database for adding two-way SSL (certificate-based mutual authentication):
https://github.com/spray/spray/issues/138
Here's some additional background info:
https://groups.google.com/forum/#!msg/spray-user/1zwACzT5Vrs/rH-pJmh28FEJ
It would make our lives easier if this were available; could I ask what the status is? I know you have lots of other work on your plates with the acquisition...
Specifically I think we need
- SSL renegotiation after having established SSL but setting the two-way SSL switch
- access to the "client" certificate to acquire the contained ID
We want our servers to be able to interact securely (including subject identity) without the use of explicit credentials.
Leave a comment