Aleksandr Konstantinov (01820be5) at 14 Mar 06:20
Merge branch 'fix_infoptovider_for_default_ca_location' into 'next'
... and 26 more commits
If using default CA certificates location do not look for server's certificate issuer and do not generate health error if missing.
Aleksandr Konstantinov (e6009217) at 13 Mar 00:11
Fix inforpovider accept missing CA certtificate of the server if sy...
... and 459 more commits
Fixes for Data Staging Delivery and for UserConfig class to properly propagate CA certificates policy through X509_CERT_POLICY environment variable.
Code is changed to use loop instead of recursion. Should prevent a-rex from crashing when stack is exhausted.
Aleksandr Konstantinov (21301dee) at 12 Mar 23:30
Fix default CA location policy propagation for Data Staging.
... and 459 more commits
Aleksandr Konstantinov (9c905efd) at 12 Mar 23:28
Do not use recursion file locksing.
... and 459 more commits
Aleksandr Konstantinov (6f8300e8) at 05 Mar 17:53
And also missing here.
Aleksandr Konstantinov (9577f84d) at 05 Mar 17:17
Somehow git lost this file.
Empirically identified OpenSSL error which happens in unclear circumstances which better be hidden from logs.
Aleksandr Konstantinov (0d263040) at 04 Mar 18:57
Hide one more error during SSL shutdown.
... and 459 more commits
If nothing is specified old behavior is preserved - token is used if available.
Aleksandr Konstantinov (e49e8de8) at 04 Mar 16:59
Oops. Missing files.
arc* utils now have options --no-authentication --x509-authentication and --token-authentication to force corresponding authentication type while establishing HTTP(S) connection.
Aleksandr Konstantinov (cdc7f323) at 03 Mar 20:30
Make it possible to specify authentication type for arc* CLI utils.
... and 459 more commits
On CentOS 7.9 this code will not compile because it has openssl version 1.0.2k, less than 1.1.1.
So far these changes work for me - tested on Ubuntu. Will try it on CentOS later. I'm not sure how to check if system policies affect anything. Any ideas?
Aleksandr Konstantinov (01f554ef) at 25 Feb 19:26
Merge branch 'system_ssl_for_tokens' into 'next'
... and 1 more commit
I'm currently still working on more changes. As this branch brings in disruptive changes maybe it would be possible to test it without merging to next?