docs: add note about chain_path requiring a full certificate chain#471
Open
Didr wants to merge 1 commit into
Open
docs: add note about chain_path requiring a full certificate chain#471Didr wants to merge 1 commit into
Didr wants to merge 1 commit into
Conversation
|
masv3971
reviewed
Jun 10, 2026
| // File-based configuration | ||
| PrivateKeyPath string `yaml:"private_key_path" validate:"required_without=PKCS11"` // Path to PEM key file | ||
| ChainPath string `yaml:"chain_path"` // Path to certificate chain (optional) | ||
| ChainPath string `yaml:"chain_path"` // Path to certificate chain (optional), this should be a full chain including the root certificate. |
Member
There was a problem hiding this comment.
what's pretty common is to include intermidiate certs that not necessary part of the cert store. If the cert is not issued by a trused CA the root may not be part of the cert store and therefore needs to be included in the chain. What do you have in mind here?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
It is not always obvious that the root certificate should be included in the chain.