> [maarten.litma...@cern.ch - Fri Jun 05 06:52:54 2009]: > > Dear OpenSSL developers, > please have a look at the following bug about a bad interaction > between mod_ssl and openssl 0.9.7, 0.9.8 and possibly higher > versions when the server side supports more than 85 CAs: > > https://issues.apache.org/bugzilla/show_bug.cgi?id=46952 > > So far this has only caused problems for services whose certs > were issued by the CERN CA, a standard Microsoft CA instance. > > The mod_ssl developer who responded thinks this might be a bug > in openssl rather than mod_ssl: can you comment? > > This issue is steadily moving toward becoming a big nuisance > for CERN and the projects it participates in, e.g. EGEE. > > For completeness, our problem is documented here: > > https://savannah.cern.ch/bugs/?48458 > >
I can't see how anything could cause an issue with 85 CAs. The attached descriptions imply it might be a mod_ssl issue (not reproducible with s_server). I'd suggest trying OpenSSL 0.9.8k as well though because some code changes might have an effect in that area. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org