https://issues.apache.org/bugzilla/show_bug.cgi?id=56073
Bug ID: 56073
Summary: SSLCertificateChainFile should accept empty chain
Product: Apache httpd-2
Version: 2.4.7
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_ssl
Assignee: [email protected]
Reporter: [email protected]
I have a server which should have the following setup:
* The server has a default certificate with an intermediate certificate set via
SSLCertificateChainFile
* Several virtual hosts with different certificate settings, some of them
without an intermediate cert
However, it is impossible to set this correctly with current apache httpd. The
SSLCertificateChainFile global setting will affect all virtual hosts and there
is no way to set a virtual host to "no chain". When SSLCertificateChainFile is
set to an empty file, httpd will complain "file [...] does not exist or is
empty". That's a bogus error, because it's completely valid to have an empty
certificate chain.
Either SSLCertificateChainFile should accept empty files as an argument (which
could also be /dev/null) or there should be another way to set it to "empty".
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
