[Bug 64722] New: SSLPassPhraseDialog builtin doesn't prompt for passphrase

Tue, 08 Sep 2020 08:27:11 -0700 

https://bz.apache.org/bugzilla/show_bug.cgi?id=64722

            Bug ID: 64722
           Summary: SSLPassPhraseDialog builtin doesn't prompt for
                    passphrase
           Product: Apache httpd-2
           Version: 2.4.34
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ssl
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ---

builtin program for SSLPassPhraseDialog doesn't prompt for password on apache
start / restart via systemd, and apache fails to boot. Changing certificate
path and generating new ones doesn't make any difference.
When I switch to httpd-ssl-pass-dialog from mod_ssl package it prompts for
passphrase and restarts just fine.

Distro:
Red Hat Enterprise Linux Server release 7.8 (Maipo)

=====
Apache:
Server version: Apache/2.4.34 (Red Hat)
Server built:   Mar 17 2020 09:34:59
Server's Module Magic Number: 20120211:79
Server loaded:  APR 1.4.8, APR-UTIL 1.5.2
Compiled using: APR 1.4.8, APR-UTIL 1.5.2
Architecture:   64-bit
Server MPM:     prefork
  threaded:     no
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/opt/rh/httpd24/root/etc/httpd"
 -D SUEXEC_BIN="/opt/rh/httpd24/root/usr/sbin/suexec"
 -D DEFAULT_PIDLOG="run/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

=====
Certificates generated with:
openssl genrsa -des3 -out server.key 2048
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

=====
SSL configuration:
SSLEngine on
SSLCertificateFile "/root/tmp/server.crt"
SSLCertificateKeyFile "/root/tmp/server.key"
SSLProtocol all -TLSv1.1 -TLSv1 -SSLv2 -SSLv3
SSLCipherSuite HIGH:!aNULL:!MD5:!3DES
SSLHonorCipherOrder on

=====
Error log:
attached

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to