httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 53156] New: CRL validation fails if CRL is missing
Date Fri, 27 Apr 2012 13:53:08 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=53156

          Priority: P2
            Bug ID: 53156
          Assignee: bugs@httpd.apache.org
           Summary: CRL validation fails if CRL is missing
          Severity: enhancement
    Classification: Unclassified
                OS: All
          Reporter: me@davidsansome.com
          Hardware: All
            Status: NEW
           Version: 2.5-HEAD
         Component: mod_ssl
           Product: Apache httpd-2

Created attachment 28688
  --> https://issues.apache.org/bugzilla/attachment.cgi?id=28688&action=edit
Add a SSLCARevocationAllowMissing option

In Apache 2.3.15 the CRL validation behaviour was changed to fail with an
"unable to get certificate CRL" error if a client tried to connect with a
certificate that was signed by a CA that did not have a CRL configured.

I've attached a patch that adds a SSLCARevocationAllowMissing option to restore
the old behaviour.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Mime
View raw message