[hunchentoot-devel] Re: Chained SSL certificates with hunchentoot/cl+ssl

Edi Weitz edi at agharta.de
Thu Nov 8 15:02:41 UTC 2007


[Cc to tbnl-devel which seems to work again.  Please continue the
discussion there.]

On Mon, 5 Nov 2007 11:30:53 +0200, "Juhani Ränkimies" <juhani at juranki.com> wrote:

> I'm sorry for mailing you directly. I tried to join
> cl-plus-ssl-devel and tbln-devel mailing lists, but for some reason
> the confirmation emails never reached my mailbox.

There was a problem with Mailman on common-lisp.net which seems to be
fixed now.

> I wanted to use a chained certificate without Apache or anything
> else in front of hunchentoot and came up with a hack that enabled
> it.
>
> My notes on the hack can be found at
> https://www.juranki.net/ht/hunchentoot-chained-certificate.html (if
> you're using IE, you're going to get a security alert because the CA
> I'm experimenting with is not trusted by IE)
>
> I would like this capability to be added to hunchentoot/cl+ssl, but
> before doing more work I'd like to hear your comments.
>
> Do you see the solution as a valid one?
> If so, how to proceed?
> If not, what's the better way to do it?

I only looked at it briefly, but at first glance it seems to be OK.
However, for something to be accepted as a patch to Hunchentoot see
the notes here:

  http://weitz.de/patches.html

Thanks,
Edi.



More information about the Tbnl-devel mailing list