DO NOT REPLY [Bug 31856] - Private key in PKCS8 format causes crash with SSLProxyMachineCertificateFile

23 Oct 2004 19:32:33 -0000 

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=31856>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=31856

Private key in PKCS8 format causes crash with SSLProxyMachineCertificateFile

[EMAIL PROTECTED] changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Private key encoded by Java |Private key in PKCS8 format
                   |causes crash with           |causes crash with
                   |SSLProxyMachineCertificateFi|SSLProxyMachineCertificateFi
                   |le                          |le



------- Additional Comments From [EMAIL PROTECTED]  2004-10-23 19:34 -------
1) LogLevel debug shows the following just before the child process is 
restarted:

[Sat Oct 23 14:24:06 2004] [debug] ssl_engine_kernel.c(1764): OpenSSL: Loop:
SSLv3 read server certificate A
[Sat Oct 23 14:24:06 2004] [debug] ssl_engine_kernel.c(1764): OpenSSL: Loop:
SSLv3 read server key exchange A
[Sat Oct 23 14:24:06 2004] [debug] ssl_engine_kernel.c(1764): OpenSSL: Loop:
SSLv3 read server certificate request A
[Sat Oct 23 14:24:06 2004] [debug] ssl_engine_kernel.c(1764): OpenSSL: Loop:
SSLv3 read server done A
[Sat Oct 23 14:24:06 2004] [debug] ssl_engine_kernel.c(1530): Proxy client
certificate callback: (web.server.name:443) entered
[Sat Oct 23 14:24:06 2004] [debug] ssl_engine_kernel.c(1503): Proxy client
certificate callback: (web.server.name:443) found acceptable cert, sending
/C=US/ST=State/L=City/O=Organization/OU=Unit/CN=common-name

After that, the log outputs startup (init) information, beginning with:

[Sat Oct 23 14:24:10 2004] [info] Loading certificate & private key of SSL-aware
server
[Sat Oct 23 14:24:10 2004] [debug] ssl_engine_pphrase.c(468): unencrypted RSA
private key - pass phrase not required
[Sat Oct 23 14:24:11 2004] [info] Configuring server for SSL protocol

2) Bug 24030 was marked as resolved on May 25, 2004.  Surely that code has been
included in Apache-2.0.52 by now?  Also, I'm using a pre-built binary, so I am
not set up to build my own distribution of Apache (see Comment #1).

3) As mentioned in Comment #1, I'm using a pre-built binary of Apache-2.0.52 and
OpenSSL-0.9.7d.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to