Hello!

On Thu, Nov 24, 2016 at 02:15:17PM +0100, Flemming Frandsen wrote:

> Hi, I've been bitten by issue 857: https://trac.nginx.org/nginx/ticket/857
>
> I terminate TLS in nginx, but I need access to the full client certificate
> in the backend, so to that end I've been using $ssl_client_cert, but now
> I've upgraded the application to a version that is RFC 7230 compliant and
> that means blowing up when multi-line headers are seen.
>
>
> As there's no reason to have newlines in a PEM file, my fix for #857 is to
> remove all the newlines, as my PEM parser in the application already
> ignores all newlines this works perfectly for me.
>
> I think simply removing the newlines is a much better solution than url
> encoding the newlines as less code (in my case none at all) is needed to
> deal with no newlines than urldecoding.

The problem with removing newlines is that it requires custom code
to recover original PEM format.

--
Maxim Dounin
http://nginx.org/

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel