Include full certificate chain in auth context

author: Bjørn Christian Seime <bjorncs@yahooinc.com> 2022-07-13 17:21:22 +0200
committer: Bjørn Christian Seime <bjorncs@yahooinc.com> 2022-07-15 15:35:10 +0200
commit: e69c68a2c4b9b8f8d556f376c8f023f602a95eff (patch)
tree: d6ebd79ecabb3292139e288e5c0ab8a33c8f9ea3 /configserver/src/main/java/com/yahoo/vespa/config/server/rpc
parent: eed3e5deaf3fd13c353361e45420735a93d0f3d0 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java
index 6ca39a25d9c..288d064f150 100644
--- a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java
+++ b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java
@@ -173,7 +173,7 @@ public class MultiTenantRpcAuthorizer implements RpcAuthorizer {
             }
             return Optional.empty(); // client choose to communicate over insecure channel
         }
-        List<X509Certificate> certChain = authCtx.get().peerCertificate();
+        List<X509Certificate> certChain = authCtx.get().peerCertificateChain();
         if (certChain.isEmpty()) {
             throw new IllegalStateException("Client authentication is not enforced!"); // clients should be required to authenticate when TLS is enabled
         }
author	Bjørn Christian Seime <bjorncs@yahooinc.com>	2022-07-13 17:21:22 +0200
committer	Bjørn Christian Seime <bjorncs@yahooinc.com>	2022-07-15 15:35:10 +0200
commit	e69c68a2c4b9b8f8d556f376c8f023f602a95eff (patch)
tree	d6ebd79ecabb3292139e288e5c0ab8a33c8f9ea3 /configserver/src/main/java/com/yahoo/vespa/config/server/rpc
parent	eed3e5deaf3fd13c353361e45420735a93d0f3d0 (diff)