httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 57600] Presence of SSLCACertificateFile/Path causes root CA of server certificate to appear in the SSL handshake's server Certificate message
Date Wed, 25 Feb 2015 19:15:17 GMT
https://bz.apache.org/bugzilla/show_bug.cgi?id=57600

--- Comment #6 from JDR <voetsjoeba+asfbugs@gmail.com> ---
(In reply to Kaspar Brand from comment #5)
> Lobbying with the OpenSSL guys for making SSL_MODE_NO_AUTO_CHAIN
> configurable via SSL_CONF (i.e. via "SSLOpenSSLConfCmd Options ...") would
> seem like the best way to escape further tweaking in mod_ssl.

Agreed, SSLOpenSSLConfCmd sounds like the ideal place for this kind of
configuration details, and certainly preferable over tweaking the existing
mod_ssl code base. I'll consider taking the case up with the OpenSSL folks,
thanks.

(In reply to Kaspar Brand from comment #1)
> This is actually a "feature" of OpenSSL

Thanks for your insight on this -- actually very helpful for me since it gives
me an additional option to consider as a potential alternative (though of
course not before gaining a full understanding of the implications). Much
appreciated.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message