httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 46897] New: SSL Client Verification Errors
Date Tue, 24 Mar 2009 00:25:48 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=46897

           Summary: SSL Client Verification Errors
           Product: Apache httpd-2
           Version: 2.2.11
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ssl
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: leanmeandonothingmachine@gmail.com


Right now when you use SSLVerifyClient optional_no_ca, and the client presents
a certificate that is either not ready, expired, or revoked then the handshake
fails and the connection is cut. Most of the time it's not really clear to the
client why that happened. I'd like to make optional_no_ca a debug sort of
option where when one of those problems are encountered, rather than cutting
the connection it would continue to serve the request but the SSL_CLIENT_VERIFY
would of course be FAILED.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message