Login | Register For Free | Help	Search this list this category for: (Advanced)

Mailing List Archive: Apache: Bugs [Bug 47329] SSLCADNRequest* & SSLCACertificate* silently do not work with 'Trusted' certificates   Index | Next | Previous | View Flat

bugzilla at apache Jun 24, 2009, 8:29 AM Views: 453 Permalink [Bug 47329] SSLCADNRequest* & SSLCACertificate* silently do not work with 'Trusted' certificates https://issues.apache.org/bugzilla/show_bug.cgi?id=47329 tlhackque[at]yahoo.com changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|SSLCADNRequest* & |SSLCADNRequest* & |SSLCACertificate* |SSLCACertificate* silently |defficiency |do not work with 'Trusted' | |certificates --- Comment #2 from tlhackque[at]yahoo.com 2009-06-24 08:29:35 PST --- The more I think about this, the more convinced I become that an error message (or a fix) is required. The user is supplying a valid certificate that httpd is not able to process. Httpd doesn't behave as expected. I lived without the correct information being sent to by clients' browsers for several years (yes, years) until I was finally able to get traces showing that the valid CA messages weren't being sent. It was particularly confusing as an administrator, as when using SSLCACertificate*, the certificate was used correctly by httpd for one purpose, but not for another. And of course, it only really impacts clients with more than one certificate to send... While the documentation should be improved, I don't think that's sufficient. Arguably this can be pushed upstream to OpenSSL, as HTTPD seems to just pass the filename along. Or HTTPD can validate the certificate itself. But someone, somewhere in the chain needs to detect this error, and httpd needs to ultimately report it. Silently ignoring a valid certificate isn't acceptable. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscribe[at]httpd.apache.org For additional commands, e-mail: bugs-help[at]httpd.apache.org

Subject User Time [Bug 47329] SSLCADNRequest* & SSLCACertificate* silently do not work with 'Trusted' certificates bugzilla at apache Jun 24, 2009, 8:29 AM     [Bug 47329] SSLCADNRequest* & SSLCACertificate* silently do not work with 'Trusted' certificates bugzilla at apache Jun 25, 2009, 1:54 AM     [Bug 47329] SSLCADNRequest* & SSLCACertificate* silently do not work with 'Trusted' certificates bugzilla at apache Jun 25, 2009, 5:34 AM     [Bug 47329] SSLCADNRequest* & SSLCACertificate* silently do not work with 'Trusted' certificates bugzilla at apache Jun 25, 2009, 5:39 AM     [Bug 47329] SSLCADNRequest* & SSLCACertificate* silently do not work with 'Trusted' certificates bugzilla at apache Jun 25, 2009, 1:59 PM     [Bug 47329] SSLCADNRequest* & SSLCACertificate* silently do not work with 'Trusted' certificates bugzilla at apache Jun 27, 2009, 2:12 AM

Index | Next | Previous | View Flat   Apache     Announce     Users     Dev     Bugs     CVS     Docs

Interested in having your list archived? Contact lists@gossamer-threads.com
 

Web Applications & Managed Hosting Powered by Gossamer Threads Inc.