[Bug 65594] New: Incorrect certificate chain sent to client

bugzilla Thu, 23 Sep 2021 01:39:24 -0700

https://bz.apache.org/bugzilla/show_bug.cgi?id=65594


            Bug ID: 65594
           Summary: Incorrect certificate chain sent to client
           Product: Apache httpd-2
           Version: 2.4.37
          Hardware: All
                OS: All
            Status: NEW
          Severity: major
          Priority: P2
         Component: mod_ssl
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ---

When using SSLCertificateChainFile with certificates belonging to different
chains, httpd sends all certificates to the client instead of only the chain.
Although most browsers accept it, some clients refuse this (like Facebook and
Linkedin preview clients).
Only certificates belonging to the current chain should be sent.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[Bug 65594] New: Incorrect certificate chain sent to client

Reply via email to