https://issues.apache.org/bugzilla/show_bug.cgi?id=44940
Summary: Httpd randomly breaks when verifying client certificates
Product: Apache httpd-2
Version: 2.0.54
Platform: PC
OS/Version: Linux
Status: NEW
Severity: major
Priority: P2
Component: mod_ssl
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
Httpd is configured to accept client certificates, which have been signed by my
internal certificate chain:
SSLCACertificateFile /etc/pki/internal_certificates/caCertificateList.pem
SSLVerifyClient optional
SSLVerifyDepth 3
caCertificateList contains the chain of certificates for the client
certificates, with a self-signed root certificate.
This setup works fine in the general case; there is no problem verifying
certificates. This suggests that it is not a problem with configuration. The
problem occurs after the server has been in use for a few days, having served
some tens of thousands of requests - certificate verification suddenly starts
failing with:
Certificate Verification: Error (2): unable to get issuer certificate
This begins happening for all client certificates, including those that were
previously accepted. Nothing further useful is logged, even with SSL debug. I
cannot find a trigger for it; it doesn't seem to be after a particular time
form startup or anything like that.
Reloading httpd fixes the problem, for another few days.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
