httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yves Goergen <nospam.l...@unclassified.de>
Subject [users@httpd] Ignore SSL key/certificate errors
Date Thu, 08 Jan 2015 19:25:28 GMT
Hello,

Currently, when I configure Apache web server for SSL and provide a 
broken file for the key or certificate, the server fails to start 
completely. Since I want to allow other users of my web server to upload 
their own key/cert files for their VirtualHosts, I need to thoroughly 
verify these files to prevent a failure of the entire web server.

Unfortunately, I don't know how I can do that verification. OpenSSL's 
verify command doesn't care about private keys, but some changed 
characters in it will break it, too.

Is there an easier option to let Apache deny all SSL requests for the 
broken file's VirtualHost, and otherwise ignore the error? At least it 
should not fail completely, that's a too drastic measure that cannot be 
handled reasonably in an automatic way.

-- 
Yves Goergen
http://unclassified.software

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message