httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 56306] New: SSLCertificateKeyFile path garbled is not explicitly given in each vhost
Date Sun, 23 Mar 2014 23:09:48 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=56306

            Bug ID: 56306
           Summary: SSLCertificateKeyFile path garbled is not explicitly
                    given in each vhost
           Product: Apache httpd-2
           Version: 2.4.7
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: regression
          Priority: P2
         Component: mod_ssl
          Assignee: bugs@httpd.apache.org
          Reporter: timo@rothenpieler.org

This happens since I upgraded Apache from 2.4.7 to 2.4.9.

The error i get looks like this:

[Sun Mar 23 23:33:13.231712 2014] [mpm_event:notice] [pid 21463:tid
140220024149824] AH00493: SIGUSR1 received.  Doing graceful restart
[Sun Mar 23 23:33:13.290939 2014] [auth_digest:notice] [pid 21463:tid
140220024149824] AH01757: generating secret for digest authentication ...
[Sun Mar 23 23:33:13.292180 2014] [ssl:error] [pid 21463:tid 140220024149824]
AH02217: ssl_stapling_init_cert: Can't retrieve issuer certificate!
[Sun Mar 23 23:33:13.292187 2014] [ssl:error] [pid 21463:tid 140220024149824]
AH02567: Unable to configure certificate rtmp.btbn.de:443:0 for stapling
[Sun Mar 23 23:33:13.292811 2014] [ssl:emerg] [pid 21463:tid 140220024149824]
(2)No such file or directory: AH02574: Init: Can't open server private key file
8\xd1\x9a
[Sun Mar 23 23:33:13.292833 2014] [ssl:emerg] [pid 21463:tid 140220024149824]
AH02312: Fatal error initialising mod_ssl, exiting.
[Sun Mar 23 23:33:13.292836 2014] [ssl:emerg] [pid 21463:tid 140220024149824]
AH02564: Failed to configure encrypted (?) private key sync.btbn.de:443:1,
check 8\xd1\x9a
[Sun Mar 23 23:33:13.292839 2014] [:emerg] [pid 21463:tid 140220024149824]
AH00020: Configuration Failed, exiting
[Sun Mar 23 23:33:41.017925 2014] [ssl:error] [pid 21895:tid 140712203999040]
AH02217: ssl_stapling_init_cert: Can't retrieve issuer certificate!
[Sun Mar 23 23:33:41.017995 2014] [ssl:error] [pid 21895:tid 140712203999040]
AH02567: Unable to configure certificate rtmp.btbn.de:443:0 for stapling
[Sun Mar 23 23:33:41.019157 2014] [ssl:emerg] [pid 21895:tid 140712203999040]
(2)No such file or directory: AH02574: Init: Can't open server private key file
8\xc1\xf2\x01
[Sun Mar 23 23:33:41.019176 2014] [ssl:emerg] [pid 21895:tid 140712203999040]
AH02312: Fatal error initialising mod_ssl, exiting.
[Sun Mar 23 23:33:41.019181 2014] [ssl:emerg] [pid 21895:tid 140712203999040]
AH02564: Failed to configure encrypted (?) private key sync.btbn.de:443:1,
check 8\xc1\xf2\x01
AH00016: Configuration Failed


I am able to workaround this by putting SSLCertificateKeyFile and/or
SSLCertificateFile in each single ssl enabled vhost. It doesn't matter which
one i add(key or cert), just stating at least one of them makes the error
disappear.

I have a globaly configured wildcard cert which matches most of my vhosts, and
only override it in those where it doesn't apply, that's why most of my vhosts
didn't have an individual cert configured before.

It seems to be possible to reproduce it by just configuring a few vhosts which
use ssl without specifiying a cert/key inside of them, while having both
globaly configured. I am currently not able to test that, because i don't have
a test machine available.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message