httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 24031] - Passphrase protected private key in SSLProxyMachineCertificateFile causes SEGV
Date Fri, 14 Nov 2003 07:29:41 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24031>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24031

Passphrase protected private key in SSLProxyMachineCertificateFile causes SEGV





------- Additional Comments From kris.verbeeck@advalvas.be  2003-11-14 07:29 -------
Yes I think the solution should be to ask for the passphrase at Apache startup
(in the a similar way as it is done for the mod_ssl server keys).  As for the
second part of your question, Apache (the SSL proxy code) tries to use the
certificate to do client authentiation, but when it gets to the phase where it
should use the (decrypted) private key the SEGV occurs because there is no
decrypted version of that private key.  I traced trough the code and the actual
X509 object that is being used, does contain the correct client certificate and
encrypted private key.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message