httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 41375] New: - Using same SSL Certificate with different ServerName causes crash/coredump
Date Tue, 16 Jan 2007 00:46:36 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41375>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41375

           Summary: Using same SSL Certificate with different ServerName
                    causes crash/coredump
           Product: Apache httpd-2
           Version: 2.2.3
          Platform: PC
        OS/Version: FreeBSD
            Status: NEW
          Keywords: ErrorMessage
          Severity: minor
          Priority: P4
         Component: mod_ssl
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: asfbugzilla@drbb.net


Albeit probably not best practice, I was in the throws of testing things and
just happend to try and use the same SSLCertificateFile for two different
VirtualHost servers running on two different ports, with the same ServerName.

Both worked fine untill I changed the ServerName of one of them in the config
file, the server would then crash on start up with practically no debug
information or any pointers to a relevant cause. After a fair bit of fiddling
about I worked out that the ServerName change was the cause. I changed to using
two different certificates and the problem went away.

[Wed Dec 27 02:45:18 2006] [info] Init: Seeding PRNG with 136 bytes of entropy
[Wed Dec 27 02:45:18 2006] [info] Init: Generating temporary RSA private keys
(512/1024 bits)
[Wed Dec 27 02:45:19 2006] [info] Init: Generating temporary DH parameters
(512/1024 bits)
[Wed Dec 27 02:45:19 2006] [info] Init: Initializing (virtual) servers for SSL
[Wed Dec 27 02:45:19 2006] [info] Server: Apache/2.2.3, Interface:
mod_ssl/2.2.3, Library: OpenSSL/0.9.7c
[Wed Dec 27 02:45:19 2006] [info] mod_unique_id: using ip addr xxx.xxx.xxx.xxx
[Wed Dec 27 02:45:20 2006] [info] Init: Seeding PRNG with 136 bytes of entropy

Is all that would be written to the main error log.

With:

[Wed Dec 27 02:45:19 2006] [info] Configuring server for SSL protocol
[Wed Dec 27 02:45:19 2006] [debug] ssl_engine_init.c(405): Creating new SSL
context (protocols: SSLv2, SSLv3, TLSv1)
[Wed Dec 27 02:45:19 2006] [debug] ssl_engine_init.c(729): Configuring RSA
server certificate
[Wed Dec 27 02:45:19 2006] [warn] RSA server certificate CommonName (CN) `xxx'
does NOT match server name!?
[Wed Dec 27 02:45:19 2006] [debug] ssl_engine_init.c(768): Configuring RSA
server private key

Being written to both of the relevant VirtualHost error logs.

This may well not be a bug, but an intended feature, could possibly do with a
"don't be silly!" debug message ;)

Regards,


Brendan Boyd

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message