[Bug 62609] New: ERR_SSL_PROTOCOL_ERROR with SSLVerifyClient in 2.4.34 when using custom CA

bugzilla Wed, 08 Aug 2018 14:16:38 -0700

https://bz.apache.org/bugzilla/show_bug.cgi?id=62609


            Bug ID: 62609
           Summary: ERR_SSL_PROTOCOL_ERROR with SSLVerifyClient in 2.4.34
                    when using custom CA
           Product: Apache httpd-2
           Version: 2.4.34
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: critical
          Priority: P2
         Component: mod_ssl
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ---

Created attachment 36079
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36079&action=edit
apache config

Version 2.4.33 works fine, reverting fixes the issue for now.

We use our own "CA" with client certificate's in order to identify clients.

When using "SSLVerifyClient" with any setting other than none results in all
browsers being unable to contact the server. ("The FetchEvent for
"https://kiosk.fyn.nl/"; resulted in a network error response: the promise was
rejected." and ERR_SSL_PROTOCOL_ERROR).

No access or error log is written at any given point when using 2.4.34 for this
vhost, but it doe's write the following to the first available vhost with the
same portnumber and the same IPv[4|6] protocol: "AH02039: Certificate
Verification: Error (50): application verification failure"

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[Bug 62609] New: ERR_SSL_PROTOCOL_ERROR with SSLVerifyClient in 2.4.34 when using custom CA

Reply via email to