diff options
author | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-07-13 17:21:22 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-07-15 15:35:10 +0200 |
commit | e69c68a2c4b9b8f8d556f376c8f023f602a95eff (patch) | |
tree | d6ebd79ecabb3292139e288e5c0ab8a33c8f9ea3 /configserver/src/main/java/com/yahoo/vespa/config/server/rpc | |
parent | eed3e5deaf3fd13c353361e45420735a93d0f3d0 (diff) |
Include full certificate chain in auth context
Diffstat (limited to 'configserver/src/main/java/com/yahoo/vespa/config/server/rpc')
-rw-r--r-- | configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java index 6ca39a25d9c..288d064f150 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java @@ -173,7 +173,7 @@ public class MultiTenantRpcAuthorizer implements RpcAuthorizer { } return Optional.empty(); // client choose to communicate over insecure channel } - List<X509Certificate> certChain = authCtx.get().peerCertificate(); + List<X509Certificate> certChain = authCtx.get().peerCertificateChain(); if (certChain.isEmpty()) { throw new IllegalStateException("Client authentication is not enforced!"); // clients should be required to authenticate when TLS is enabled } |