Fixed
Details
Assignee
Ole Petter OrhagenOle Petter OrhagenReporter
Kristian AmlieKristian AmlieLabels
Story Points
13Priority
(None)Days in progress
0Fix versions
Backlog
yes
Details
Details
Assignee
Ole Petter Orhagen
Ole Petter Orhagen
Reporter
Kristian Amlie
Kristian Amlie
Labels
Story Points
13
Priority
(None)Days in progress
0
Fix versions
Backlog
yes
Zendesk Support
Zendesk Support
Zendesk Support
Checklist
Checklist
Checklist
Created August 8, 2023 at 9:51 AM
Updated June 25, 2024 at 11:55 AM
Resolved November 1, 2023 at 2:08 PM
Acceptance criteria:
Implement support for alternative OpenSSL engines.
There are potentially two different engines.
One is specified in the `HttpsClient` section of the config, and is used for client certificates.
The other is specified in `Security`, and is used for signing the auth request.
If it’s difficult to have two engines, then it’s fine to give an error if they are not identical.
Same for the key, they can be different, but it’s fine to produce error if they are not identical.
It’s required that this code pass the tests with “mtls” in their name in the integration tests.
It’s heavily recommended to use the Golang implementation as inspiration, since this is so hard to test. Some good starting points are the
EngineByIdandEngineLoadPrivateKeyfunctions, and their corresponding implementations in our openssl Golang library fork.