bugzilla at apache
Jun 25, 2009, 8:27 AM
Post #1 of 1
(184 views)
Permalink
|
|
[Bug 47427] New: browser doesn't get Error 403 if user's auth failed
|
|
https://issues.apache.org/bugzilla/show_bug.cgi?id=47427
Summary: browser doesn't get Error 403 if user's auth failed
Product: Apache httpd-2
Version: 2.2.11
Platform: PC
OS/Version: Linux
Status: NEW
Severity: major
Priority: P2
Component: mod_ssl
AssignedTo: bugs[at]httpd.apache.org
ReportedBy: mike.pechkin[at]gmail.com
non-detailed description:
1. you setuped the SSL host. Everything is *OK* if you have user's cert.
<VirtualHost 10.0.0.86:8443>
ServerAdmin kuku[at]parks.lv
ServerName mihailp1.parks.lv
DocumentRoot "/mihailp1/www-secure"
SSLEngine on
SSLCertificateKeyFile "/root/mihailp1-ca/mihailp1.key"
SSLCertificateFile "/root/mihailp1-ca/mihailp1.crt"
SSLCACertificateFile "/root/mihailp1-ca/mihailp1-ca.crt"
SSLVerifyClient require
SSLVerifyDepth 3
SSLOptions +OptRenegotiate
ErrorLog "logs/secure-error_log"
CustomLog "logs/secure-access_log" common
</VirtualHost>
2. open the browser and *don't* install user's cert
3. try to open the site by any major browsers, you will get error
4. as you can see in the log (and the code) ssl module returns error 403, but
browser *doesn't* get it at all
5. if you try repeat the same scenarion in nginx, you would get simple error
page, because nginx can handle (and finalize) requests without user's cert.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe[at]httpd.apache.org
For additional commands, e-mail: bugs-help[at]httpd.apache.org
|
